[Midnightbsd-cvs] src: crypto/openssh: Fix some of the merge conflicts.
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sun Apr 6 00:50:42 EDT 2008
Log Message:
-----------
Fix some of the merge conflicts.
Modified Files:
--------------
src/crypto/openssh:
ChangeLog (r1.3 -> r1.4)
Makefile.in (r1.3 -> r1.4)
README (r1.3 -> r1.4)
README.platform (r1.3 -> r1.4)
auth-options.c (r1.3 -> r1.4)
auth-options.h (r1.3 -> r1.4)
auth-pam.c (r1.4 -> r1.5)
auth-passwd.c (r1.4 -> r1.5)
auth.c (r1.4 -> r1.5)
auth.h (r1.4 -> r1.5)
auth1.c (r1.4 -> r1.5)
auth2-chall.c (r1.4 -> r1.5)
auth2-gss.c (r1.3 -> r1.4)
auth2.c (r1.4 -> r1.5)
buildpkg.sh.in (r1.4 -> r1.5)
canohost.c (r1.3 -> r1.4)
channels.c (r1.4 -> r1.5)
channels.h (r1.3 -> r1.4)
cipher-ctr.c (r1.3 -> r1.4)
clientloop.c (r1.4 -> r1.5)
configure.ac (r1.4 -> r1.5)
defines.h (r1.3 -> r1.4)
entropy.c (r1.4 -> r1.5)
gss-genr.c (r1.3 -> r1.4)
gss-serv.c (r1.3 -> r1.4)
includes.h (r1.4 -> r1.5)
kex.c (r1.4 -> r1.5)
kex.h (r1.3 -> r1.4)
loginrec.c (r1.4 -> r1.5)
misc.c (r1.4 -> r1.5)
misc.h (r1.3 -> r1.4)
monitor.c (r1.4 -> r1.5)
monitor_wrap.c (r1.4 -> r1.5)
myproposal.h (r1.4 -> r1.5)
packet.c (r1.4 -> r1.5)
readconf.c (r1.4 -> r1.5)
readconf.h (r1.3 -> r1.4)
scp.1 (r1.3 -> r1.4)
scp.c (r1.4 -> r1.5)
servconf.c (r1.4 -> r1.5)
servconf.h (r1.4 -> r1.5)
serverloop.c (r1.4 -> r1.5)
session.c (r1.4 -> r1.5)
sftp-client.c (r1.4 -> r1.5)
sftp-server.c (r1.4 -> r1.5)
sftp.1 (r1.2 -> r1.3)
sftp.c (r1.4 -> r1.5)
ssh-add.c (r1.3 -> r1.4)
ssh-agent.1 (r1.3 -> r1.4)
ssh-agent.c (r1.4 -> r1.5)
ssh-keygen.1 (r1.3 -> r1.4)
ssh-keygen.c (r1.4 -> r1.5)
ssh-keyscan.1 (r1.3 -> r1.4)
ssh-keyscan.c (r1.4 -> r1.5)
ssh.1 (r1.3 -> r1.4)
ssh.c (r1.4 -> r1.5)
ssh_config (r1.5 -> r1.6)
ssh_config.5 (r1.3 -> r1.4)
sshconnect.c (r1.4 -> r1.5)
sshconnect.h (r1.3 -> r1.4)
sshconnect2.c (r1.3 -> r1.4)
sshd.8 (r1.3 -> r1.4)
sshd.c (r1.6 -> r1.7)
sshd_config (r1.6 -> r1.7)
sshd_config.5 (r1.3 -> r1.4)
src/crypto/openssh/openbsd-compat:
Makefile.in (r1.3 -> r1.4)
base64.c (r1.2 -> r1.3)
bindresvport.c (r1.3 -> r1.4)
bsd-asprintf.c (r1.2 -> r1.3)
bsd-misc.c (r1.3 -> r1.4)
fake-rfc2553.h (r1.4 -> r1.5)
getrrsetbyname.c (r1.4 -> r1.5)
glob.c (r1.3 -> r1.4)
glob.h (r1.3 -> r1.4)
openbsd-compat.h (r1.3 -> r1.4)
openssl-compat.h (r1.3 -> r1.4)
port-uw.c (r1.3 -> r1.4)
sys-queue.h (r1.2 -> r1.3)
sys-tree.h (r1.2 -> r1.3)
src/crypto/openssh/regress:
agent-getpeereid.sh (r1.3 -> r1.4)
test-exec.sh (r1.2 -> r1.3)
try-ciphers.sh (r1.2 -> r1.3)
-------------- next part --------------
Index: sshconnect2.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sshconnect2.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/sshconnect2.c -L crypto/openssh/sshconnect2.c -u -r1.3 -r1.4
--- crypto/openssh/sshconnect2.c
+++ crypto/openssh/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.162 2006/08/30 00:06:51 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -31,6 +31,7 @@
#include <sys/stat.h>
#include <errno.h>
+#include <netdb.h>
#include <pwd.h>
#include <signal.h>
#include <stdarg.h>
@@ -129,7 +130,7 @@
options.hostkeyalgorithms;
if (options.rekey_limit)
- packet_set_rekey_limit(options.rekey_limit);
+ packet_set_rekey_limit((u_int32_t)options.rekey_limit);
/* start key exchange */
kex = kex_setup(myproposal);
@@ -1307,7 +1308,7 @@
Sensitive *sensitive = authctxt->sensitive;
Buffer b;
u_char *signature, *blob;
- char *chost, *pkalg, *p;
+ char *chost, *pkalg, *p, myname[NI_MAXHOST];
const char *service;
u_int blen, slen;
int ok, i, len, found = 0;
@@ -1331,7 +1332,16 @@
return 0;
}
/* figure out a name for the client host */
- p = get_local_name(packet_get_connection_in());
+ p = NULL;
+ if (packet_connection_is_on_socket())
+ p = get_local_name(packet_get_connection_in());
+ if (p == NULL) {
+ if (gethostname(myname, sizeof(myname)) == -1) {
+ verbose("userauth_hostbased: gethostname: %s",
+ strerror(errno));
+ } else
+ p = xstrdup(myname);
+ }
if (p == NULL) {
error("userauth_hostbased: cannot get local ipaddr/name");
key_free(private);
Index: ssh.1
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh.1,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/ssh.1 -L crypto/openssh/ssh.1 -u -r1.3 -r1.4
--- crypto/openssh/ssh.1
+++ crypto/openssh/ssh.1
@@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.266 2006/12/11 21:25:46 markus Exp $
-.Dd September 25, 1999
+.\" $OpenBSD: ssh.1,v 1.273 2008/02/11 07:58:28 jmc Exp $
+.Dd $Mdocdate: March 26 2008 $
.Dt SSH 1
.Os
.Sh NAME
@@ -43,7 +43,7 @@
.Nd OpenSSH SSH client (remote login program)
.Sh SYNOPSIS
.Nm ssh
-.Op Fl 1246AaCfgkMNnqsTtVvXxY
+.Op Fl 1246AaCfgKkMNnqsTtVvXxY
.Op Fl b Ar bind_address
.Op Fl c Ar cipher_spec
.Oo Fl D\ \&
@@ -315,6 +315,9 @@
.Fl i
options (and multiple identities specified in
configuration files).
+.It Fl K
+Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI
+credentials to the server.
.It Fl k
Disables forwarding (delegation) of GSSAPI credentials to the server.
.It Fl L Xo
@@ -503,7 +506,7 @@
per-host basis in the configuration file.
.It Fl q
Quiet mode.
-Causes all warning and diagnostic messages to be suppressed.
+Causes most warning and diagnostic messages to be suppressed.
.It Fl R Xo
.Sm off
.Oo Ar bind_address : Oc
@@ -674,7 +677,7 @@
but protocol 2 is preferred since
it provides additional mechanisms for confidentiality
(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour)
-and integrity (hmac-md5, hmac-sha1, hmac-ripemd160).
+and integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160).
Protocol 1 lacks a strong mechanism for ensuring the
integrity of the connection.
.Pp
@@ -1242,6 +1245,13 @@
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
+.It ~/.ssh/
+This directory is the default location for all user-specific configuration
+and authentication information.
+There is no general requirement to keep the entire contents of this directory
+secret, but the recommended permissions are read/write/execute for the user,
+and not accessible by others.
+.Pp
.It ~/.ssh/authorized_keys
Lists the public keys (RSA/DSA) that can be used for logging in as this user.
The format of this file is described in the
Index: sshd.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sshd.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -L crypto/openssh/sshd.c -L crypto/openssh/sshd.c -u -r1.6 -r1.7
--- crypto/openssh/sshd.c
+++ crypto/openssh/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.349 2007/02/21 11:00:05 dtucker Exp $ */
+/* $OpenBSD: sshd.c,v 1.355 2008/02/14 13:10:31 mbalmer Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -75,6 +75,8 @@
#include <openssl/bn.h>
#include <openssl/md5.h>
#include <openssl/rand.h>
+#include "openbsd-compat/openssl-compat.h"
+
#ifdef HAVE_SECUREWARE
#include <sys/security.h>
#include <prot.h>
@@ -120,8 +122,8 @@
#ifdef LIBWRAP
#include <tcpd.h>
#include <syslog.h>
-int allow_severity = LOG_INFO;
-int deny_severity = LOG_WARNING;
+int allow_severity;
+int deny_severity;
#endif /* LIBWRAP */
#ifndef O_NOCTTY
@@ -583,11 +585,12 @@
{
u_int32_t rnd[256];
gid_t gidset[1];
- int i;
+ u_int i;
/* Enable challenge-response authentication for privilege separation */
privsep_challenge_enable();
+ arc4random_stir();
for (i = 0; i < 256; i++)
rnd[i] = arc4random();
RAND_seed(rnd, sizeof(rnd));
@@ -662,6 +665,9 @@
static void
privsep_postauth(Authctxt *authctxt)
{
+ u_int32_t rnd[256];
+ u_int i;
+
#ifdef DISABLE_FD_PASSING
if (1) {
#else
@@ -693,6 +699,11 @@
/* Demote the private keys to public keys. */
demote_sensitive_data();
+ arc4random_stir();
+ for (i = 0; i < 256; i++)
+ rnd[i] = arc4random();
+ RAND_seed(rnd, sizeof(rnd));
+
/* Drop privileges */
do_setusercontext(authctxt->pw);
@@ -953,8 +964,7 @@
ntop, sizeof(ntop), strport, sizeof(strport),
NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
error("getnameinfo failed: %.100s",
- (ret != EAI_SYSTEM) ? gai_strerror(ret) :
- strerror(errno));
+ ssh_gai_strerror(ret));
continue;
}
/* Create socket for listening. */
@@ -977,6 +987,16 @@
&on, sizeof(on)) == -1)
error("setsockopt SO_REUSEADDR: %s", strerror(errno));
+#ifdef IPV6_V6ONLY
+ /* Only communicate in IPv6 over AF_INET6 sockets. */
+ if (ai->ai_family == AF_INET6) {
+ if (setsockopt(listen_sock, IPPROTO_IPV6, IPV6_V6ONLY,
+ &on, sizeof(on)) == -1)
+ error("setsockopt IPV6_V6ONLY: %s",
+ strerror(errno));
+ }
+#endif
+
debug("Bind to port %s on %s.", strport, ntop);
/* Bind the socket to the desired port. */
@@ -1367,7 +1387,7 @@
}
if (rexeced_flag || inetd_flag)
rexec_flag = 0;
- if (rexec_flag && (av[0] == NULL || *av[0] != '/'))
+ if (!test_flag && (rexec_flag && (av[0] == NULL || *av[0] != '/')))
fatal("sshd re-exec requires execution with an absolute path");
if (rexeced_flag)
closefrom(REEXEC_MIN_FREE_FD);
@@ -1421,6 +1441,10 @@
/* Fill in default values for those options not explicitly set. */
fill_default_server_options(&options);
+ /* challenge-response is implemented via keyboard interactive */
+ if (options.challenge_response_authentication)
+ options.kbd_interactive_authentication = 1;
+
/* set default channel AF */
channel_set_af(options.address_family);
@@ -1596,10 +1620,6 @@
/* Get a connection, either from inetd or a listening TCP socket */
if (inetd_flag) {
server_accept_inetd(&sock_in, &sock_out);
-
- if ((options.protocol & SSH_PROTO_1) &&
- sensitive_data.server_key == NULL)
- generate_ephemeral_server_key();
} else {
server_listen();
@@ -1736,6 +1756,8 @@
audit_connection_from(remote_ip, remote_port);
#endif
#ifdef LIBWRAP
+ allow_severity = options.log_facility|LOG_INFO;
+ deny_severity = options.log_facility|LOG_WARNING;
/* Check whether logins are denied from this host. */
if (packet_connection_is_on_socket()) {
struct request_info req;
@@ -1769,6 +1791,10 @@
sshd_exchange_identification(sock_in, sock_out);
+ /* In inetd mode, generate ephemeral key only for proto 1 connections */
+ if (!compat20 && inetd_flag && sensitive_data.server_key == NULL)
+ generate_ephemeral_server_key();
+
packet_set_nonblocking();
/* allocate authentication context */
@@ -1821,6 +1847,20 @@
audit_event(SSH_AUTH_SUCCESS);
#endif
+#ifdef GSSAPI
+ if (options.gss_authentication) {
+ temporarily_use_uid(authctxt->pw);
+ ssh_gssapi_storecreds();
+ restore_uid();
+ }
+#endif
+#ifdef USE_PAM
+ if (options.use_pam) {
+ do_pam_setcred(1);
+ do_pam_session();
+ }
+#endif
+
/*
* In privilege separation, we fork another child and prepare
* file descriptor passing.
Index: auth1.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth1.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/auth1.c -L crypto/openssh/auth1.c -u -r1.4 -r1.5
--- crypto/openssh/auth1.c
+++ crypto/openssh/auth1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth1.c,v 1.70 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth1.c,v 1.71 2007/09/21 08:15:29 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
Index: auth.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/auth.h -L crypto/openssh/auth.h -u -r1.4 -r1.5
--- crypto/openssh/auth.h
+++ crypto/openssh/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.58 2006/08/18 09:15:20 markus Exp $ */
+/* $OpenBSD: auth.h,v 1.60 2007/09/21 08:15:29 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
Index: ssh-keyscan.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh-keyscan.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/ssh-keyscan.c -L crypto/openssh/ssh-keyscan.c -u -r1.4 -r1.5
--- crypto/openssh/ssh-keyscan.c
+++ crypto/openssh/ssh-keyscan.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.74 2006/10/06 02:29:19 djm Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.75 2007/12/27 14:22:08 dtucker Exp $ */
/*
* Copyright 1995, 1996 by David Mazieres <dm at lcs.mit.edu>.
*
@@ -410,7 +410,7 @@
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
- fatal("getaddrinfo %s: %s", host, gai_strerror(gaierr));
+ fatal("getaddrinfo %s: %s", host, ssh_gai_strerror(gaierr));
for (ai = aitop; ai; ai = ai->ai_next) {
s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (s < 0) {
Index: ssh.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/ssh.c -L crypto/openssh/ssh.c -u -r1.4 -r1.5
--- crypto/openssh/ssh.c
+++ crypto/openssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.295 2007/01/03 03:01:40 stevesk Exp $ */
+/* $OpenBSD: ssh.c,v 1.309 2008/01/19 20:51:26 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -72,6 +72,7 @@
#include <openssl/evp.h>
#include <openssl/err.h>
+#include "openbsd-compat/openssl-compat.h"
#include "xmalloc.h"
#include "ssh.h"
@@ -185,7 +186,7 @@
usage(void)
{
fprintf(stderr,
-"usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n"
+"usage: ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n"
" [-D [bind_address:]port] [-e escape_char] [-F configfile]\n"
" [-i identity_file] [-L [bind_address:]port:host:hostport]\n"
" [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
@@ -210,7 +211,7 @@
char *p, *cp, *line, buf[256];
struct stat st;
struct passwd *pw;
- int dummy;
+ int dummy, timeout_ms;
extern int optind, optreset;
extern char *optarg;
struct servent *sp;
@@ -272,7 +273,7 @@
again:
while ((opt = getopt(ac, av,
- "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TVw:XY")) != -1) {
+ "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:KL:MNO:PR:S:TVw:XY")) != -1) {
switch (opt) {
case '1':
options.protocol = SSH_PROTO_1;
@@ -326,6 +327,10 @@
case 'k':
options.gss_deleg_creds = 0;
break;
+ case 'K':
+ options.gss_authentication = 1;
+ options.gss_deleg_creds = 1;
+ break;
case 'i':
if (stat(optarg, &st) < 0) {
fprintf(stderr, "Warning: Identity file %s "
@@ -654,11 +659,15 @@
}
if (options.proxy_command != NULL &&
- strcmp(options.proxy_command, "none") == 0)
+ strcmp(options.proxy_command, "none") == 0) {
+ xfree(options.proxy_command);
options.proxy_command = NULL;
+ }
if (options.control_path != NULL &&
- strcmp(options.control_path, "none") == 0)
+ strcmp(options.control_path, "none") == 0) {
+ xfree(options.control_path);
options.control_path = NULL;
+ }
if (options.control_path != NULL) {
char thishost[NI_MAXHOST];
@@ -668,6 +677,7 @@
snprintf(buf, sizeof(buf), "%d", options.port);
cp = tilde_expand_filename(options.control_path,
original_real_uid);
+ xfree(options.control_path);
options.control_path = percent_expand(cp, "p", buf, "h", host,
"r", options.user, "l", thishost, (char *)NULL);
xfree(cp);
@@ -677,9 +687,12 @@
if (options.control_path != NULL)
control_client(options.control_path);
+ timeout_ms = options.connection_timeout * 1000;
+
/* Open a connection to the remote host. */
if (ssh_connect(host, &hostaddr, options.port,
- options.address_family, options.connection_attempts,
+ options.address_family, options.connection_attempts, &timeout_ms,
+ options.tcp_keep_alive,
#ifdef HAVE_CYGWIN
options.use_privileged_port,
#else
@@ -688,6 +701,9 @@
options.proxy_command) != 0)
exit(255);
+ if (timeout_ms > 0)
+ debug3("timeout: %d ms remain after connect", timeout_ms);
+
/*
* If we successfully made the connection, load the host private key
* in case we will need it later for combined rsa-rhosts
@@ -763,7 +779,8 @@
signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */
/* Log into the remote system. This never returns if the login fails. */
- ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, pw);
+ ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr,
+ pw, timeout_ms);
/* We no longer need the private host keys. Clear them now. */
if (sensitive_data.nkeys != 0) {
@@ -853,6 +870,17 @@
"forwarding.");
}
}
+
+ /* Initiate tunnel forwarding. */
+ if (options.tun_open != SSH_TUNMODE_NO) {
+ if (client_request_tun_fwd(options.tun_open,
+ options.tun_local, options.tun_remote) == -1) {
+ if (options.exit_on_forward_failure)
+ fatal("Could not request tunnel forwarding.");
+ else
+ error("Could not request tunnel forwarding.");
+ }
+ }
}
static void
@@ -975,6 +1003,11 @@
/* Initiate port forwardings. */
ssh_init_forwarding();
+ /* Execute a local command */
+ if (options.local_command != NULL &&
+ options.permit_local_command)
+ ssh_local_cmd(options.local_command);
+
/* If requested, let ssh continue in the background. */
if (fork_after_authentication_flag)
if (daemon(1, 1) < 0)
@@ -1115,33 +1148,6 @@
packet_send();
}
- if (options.tun_open != SSH_TUNMODE_NO) {
- Channel *c;
- int fd;
-
- debug("Requesting tun.");
- if ((fd = tun_open(options.tun_local,
- options.tun_open)) >= 0) {
- c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,
- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
- 0, "tun", 1);
- c->datagram = 1;
-#if defined(SSH_TUN_FILTER)
- if (options.tun_open == SSH_TUNMODE_POINTOPOINT)
- channel_register_filter(c->self, sys_tun_infilter,
- sys_tun_outfilter);
-#endif
- packet_start(SSH2_MSG_CHANNEL_OPEN);
- packet_put_cstring("tun at openssh.com");
- packet_put_int(c->self);
- packet_put_int(c->local_window_max);
- packet_put_int(c->local_maxpacket);
- packet_put_int(options.tun_open);
- packet_put_int(options.tun_remote);
- packet_send();
- }
- }
-
client_session2_setup(id, tty_flag, subsystem_flag, getenv("TERM"),
NULL, fileno(stdin), &command, environ, &ssh_subsystem_reply);
@@ -1201,7 +1207,6 @@
/* XXX should be pre-session */
ssh_init_forwarding();
- ssh_control_listener();
if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN))
id = ssh_session2_open();
@@ -1211,6 +1216,9 @@
options.permit_local_command)
ssh_local_cmd(options.local_command);
+ /* Start listening for multiplex clients */
+ ssh_control_listener();
+
/* If requested, let ssh continue in the background. */
if (fork_after_authentication_flag)
if (daemon(1, 1) < 0)
@@ -1224,6 +1232,7 @@
load_public_identity_files(void)
{
char *filename, *cp, thishost[NI_MAXHOST];
+ char *pwdir = NULL, *pwname = NULL;
int i = 0;
Key *public;
struct passwd *pw;
@@ -1252,14 +1261,16 @@
#endif /* SMARTCARD */
if ((pw = getpwuid(original_real_uid)) == NULL)
fatal("load_public_identity_files: getpwuid failed");
+ pwname = xstrdup(pw->pw_name);
+ pwdir = xstrdup(pw->pw_dir);
if (gethostname(thishost, sizeof(thishost)) == -1)
fatal("load_public_identity_files: gethostname: %s",
strerror(errno));
for (; i < options.num_identity_files; i++) {
cp = tilde_expand_filename(options.identity_files[i],
original_real_uid);
- filename = percent_expand(cp, "d", pw->pw_dir,
- "u", pw->pw_name, "l", thishost, "h", host,
+ filename = percent_expand(cp, "d", pwdir,
+ "u", pwname, "l", thishost, "h", host,
"r", options.user, (char *)NULL);
xfree(cp);
public = key_load_public(filename, NULL);
@@ -1269,6 +1280,10 @@
options.identity_files[i] = filename;
options.identity_keys[i] = public;
}
+ bzero(pwname, strlen(pwname));
+ xfree(pwname);
+ bzero(pwdir, strlen(pwdir));
+ xfree(pwdir);
}
static void
@@ -1280,8 +1295,12 @@
static void
control_client_sigrelay(int signo)
{
+ int save_errno = errno;
+
if (control_server_pid > 1)
kill(control_server_pid, signo);
+
+ errno = save_errno;
}
static int
@@ -1307,7 +1326,7 @@
control_client(const char *path)
{
struct sockaddr_un addr;
- int i, r, fd, sock, exitval, num_env, addr_len;
+ int i, r, fd, sock, exitval[2], num_env, addr_len;
Buffer m;
char *term;
extern char **environ;
@@ -1375,6 +1394,8 @@
if (options.forward_agent)
flags |= SSHMUX_FLAG_AGENT_FWD;
+ signal(SIGPIPE, SIG_IGN);
+
buffer_init(&m);
/* Send our command to server */
@@ -1436,9 +1457,10 @@
if (ssh_msg_send(sock, SSHMUX_VER, &m) == -1)
fatal("%s: msg_send", __func__);
- mm_send_fd(sock, STDIN_FILENO);
- mm_send_fd(sock, STDOUT_FILENO);
- mm_send_fd(sock, STDERR_FILENO);
+ if (mm_send_fd(sock, STDIN_FILENO) == -1 ||
+ mm_send_fd(sock, STDOUT_FILENO) == -1 ||
+ mm_send_fd(sock, STDERR_FILENO) == -1)
+ fatal("%s: send fds failed", __func__);
/* Wait for reply, so master has a chance to gather ttymodes */
buffer_clear(&m);
@@ -1456,29 +1478,44 @@
if (tty_flag)
enter_raw_mode();
- /* Stick around until the controlee closes the client_fd */
- exitval = 0;
- for (;!control_client_terminate;) {
- r = read(sock, &exitval, sizeof(exitval));
+ /*
+ * Stick around until the controlee closes the client_fd.
+ * Before it does, it is expected to write this process' exit
+ * value (one int). This process must read the value and wait for
+ * the closure of the client_fd; if this one closes early, the
+ * multiplex master will terminate early too (possibly losing data).
+ */
+ exitval[0] = 0;
+ for (i = 0; !control_client_terminate && i < (int)sizeof(exitval);) {
+ r = read(sock, (char *)exitval + i, sizeof(exitval) - i);
if (r == 0) {
debug2("Received EOF from master");
break;
}
- if (r > 0)
- debug2("Received exit status from master %d", exitval);
- if (r == -1 && errno != EINTR)
+ if (r == -1) {
+ if (errno == EINTR)
+ continue;
fatal("%s: read %s", __func__, strerror(errno));
+ }
+ i += r;
}
- if (control_client_terminate)
- debug2("Exiting on signal %d", control_client_terminate);
-
close(sock);
-
leave_raw_mode();
+ if (i > (int)sizeof(int))
+ fatal("%s: master returned too much data (%d > %lu)",
+ __func__, i, sizeof(int));
+ if (control_client_terminate) {
+ debug2("Exiting on signal %d", control_client_terminate);
+ exitval[0] = 255;
+ } else if (i < (int)sizeof(int)) {
+ debug2("Control master terminated unexpectedly");
+ exitval[0] = 255;
+ } else
+ debug2("Received exit status from master %d", exitval[0]);
if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET)
- fprintf(stderr, "Connection to master closed.\r\n");
+ fprintf(stderr, "Shared connection to %s closed.\r\n", host);
- exit(exitval);
+ exit(exitval[0]);
}
Index: readconf.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/readconf.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/readconf.h -L crypto/openssh/readconf.h -u -r1.3 -r1.4
--- crypto/openssh/readconf.h
+++ crypto/openssh/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.71 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: readconf.h,v 1.72 2008/01/19 23:09:49 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -100,7 +100,7 @@
int clear_forwardings;
int enable_ssh_keysign;
- int rekey_limit;
+ int64_t rekey_limit;
int no_host_authentication_for_localhost;
int identities_only;
int server_alive_interval;
Index: ssh-keygen.1
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh-keygen.1,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/ssh-keygen.1 -L crypto/openssh/ssh-keygen.1 -u -r1.3 -r1.4
--- crypto/openssh/ssh-keygen.1
+++ crypto/openssh/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keygen.1,v 1.74 2007/01/12 20:20:41 jmc Exp $
+.\" $OpenBSD: ssh-keygen.1,v 1.75 2007/05/31 19:20:16 jmc Exp $
.\"
.\" -*- nroff -*-
.\"
@@ -37,7 +37,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd September 25, 1999
+.Dd $Mdocdate: June 5 2007 $
.Dt SSH-KEYGEN 1
.Os
.Sh NAME
Index: auth.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/auth.c -L crypto/openssh/auth.c -u -r1.4 -r1.5
--- crypto/openssh/auth.c
+++ crypto/openssh/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.75 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth.c,v 1.78 2007/09/21 08:15:29 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -115,11 +115,11 @@
/* grab passwd field for locked account check */
#ifdef USE_SHADOW
if (spw != NULL)
-#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
+#ifdef USE_LIBIAF
passwd = get_iaf_password(pw);
#else
passwd = spw->sp_pwdp;
-#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
+#endif /* USE_LIBIAF */
#else
passwd = pw->pw_passwd;
#endif
@@ -141,9 +141,9 @@
if (strstr(passwd, LOCKED_PASSWD_SUBSTR))
locked = 1;
#endif
-#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
+#ifdef USE_LIBIAF
free(passwd);
-#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
+#endif /* USE_LIBIAF */
if (locked) {
logit("User %.100s not allowed because account is locked",
pw->pw_name);
Index: ssh-agent.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh-agent.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/ssh-agent.c -L crypto/openssh/ssh-agent.c -u -r1.4 -r1.5
--- crypto/openssh/ssh-agent.c
+++ crypto/openssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.154 2007/02/28 00:55:30 dtucker Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.157 2007/09/25 23:48:57 canacar Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -51,6 +51,7 @@
#include <openssl/evp.h>
#include <openssl/md5.h>
+#include "openbsd-compat/openssl-compat.h"
#include <errno.h>
#include <fcntl.h>
@@ -120,6 +121,7 @@
/* pid of shell == parent of agent */
pid_t parent_pid = -1;
+u_int parent_alive_interval = 0;
/* pathname and directory for AUTH_SOCKET */
char socket_name[MAXPATHLEN];
@@ -421,10 +423,11 @@
buffer_put_char(&e->output, SSH_AGENT_SUCCESS);
}
-static void
+/* removes expired keys and returns number of seconds until the next expiry */
+static u_int
reaper(void)
{
- u_int now = time(NULL);
+ u_int deadline = 0, now = time(NULL);
Identity *id, *nxt;
int version;
Idtab *tab;
@@ -433,20 +436,29 @@
tab = idtab_lookup(version);
for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) {
nxt = TAILQ_NEXT(id, next);
- if (id->death != 0 && now >= id->death) {
+ if (id->death == 0)
+ continue;
+ if (now >= id->death) {
debug("expiring key '%s'", id->comment);
TAILQ_REMOVE(&tab->idlist, id, next);
free_identity(id);
tab->nentries--;
- }
+ } else
+ deadline = (deadline == 0) ? id->death :
+ MIN(deadline, id->death);
}
}
+ if (deadline == 0 || deadline <= now)
+ return 0;
+ else
+ return (deadline - now);
}
static void
process_add_identity(SocketEntry *e, int version)
{
Idtab *tab = idtab_lookup(version);
+ Identity *id;
int type, success = 0, death = 0, confirm = 0;
char *type_name, *comment;
Key *k = NULL;
@@ -529,19 +541,19 @@
}
if (lifetime && !death)
death = time(NULL) + lifetime;
- if (lookup_identity(k, version) == NULL) {
- Identity *id = xmalloc(sizeof(Identity));
+ if ((id = lookup_identity(k, version)) == NULL) {
+ id = xmalloc(sizeof(Identity));
id->key = k;
- id->comment = comment;
- id->death = death;
- id->confirm = confirm;
TAILQ_INSERT_TAIL(&tab->idlist, id, next);
/* Increment the number of identities. */
tab->nentries++;
} else {
key_free(k);
- xfree(comment);
+ xfree(id->comment);
}
+ id->comment = comment;
+ id->death = death;
+ id->confirm = confirm;
send:
buffer_put_int(&e->output, 1);
buffer_put_char(&e->output,
@@ -826,10 +838,12 @@
}
static int
-prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp)
+prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp,
+ struct timeval **tvpp)
{
- u_int i, sz;
+ u_int i, sz, deadline;
int n = 0;
+ static struct timeval tv;
for (i = 0; i < sockets_alloc; i++) {
switch (sockets[i].type) {
@@ -873,6 +887,17 @@
break;
}
}
+ deadline = reaper();
+ if (parent_alive_interval != 0)
+ deadline = (deadline == 0) ? parent_alive_interval :
+ MIN(deadline, parent_alive_interval);
+ if (deadline == 0) {
+ *tvpp = NULL;
+ } else {
+ tv.tv_sec = deadline;
+ tv.tv_usec = 0;
+ *tvpp = &tv;
+ }
return (1);
}
@@ -980,25 +1005,20 @@
_exit(2);
}
-/*ARGSUSED*/
static void
-check_parent_exists(int sig)
+check_parent_exists(void)
{
- int save_errno = errno;
-
if (parent_pid != -1 && kill(parent_pid, 0) < 0) {
/* printf("Parent has died - Authentication agent exiting.\n"); */
- cleanup_handler(sig); /* safe */
+ cleanup_socket();
+ _exit(2);
}
- mysignal(SIGALRM, check_parent_exists);
- alarm(10);
- errno = save_errno;
}
static void
usage(void)
{
- fprintf(stderr, "Usage: %s [options] [command [args ...]]\n",
+ fprintf(stderr, "usage: %s [options] [command [arg ...]]\n",
__progname);
fprintf(stderr, "Options:\n");
fprintf(stderr, " -c Generate C-shell commands on stdout.\n");
@@ -1027,7 +1047,7 @@
extern char *optarg;
pid_t pid;
char pidstrbuf[1 + 3 * sizeof pid];
- struct timeval tv;
+ struct timeval *tvp = NULL;
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
@@ -1228,10 +1248,8 @@
skip:
new_socket(AUTH_SOCKET, sock);
- if (ac > 0) {
- mysignal(SIGALRM, check_parent_exists);
- alarm(10);
- }
+ if (ac > 0)
+ parent_alive_interval = 10;
idtab_init();
if (!d_flag)
signal(SIGINT, SIG_IGN);
@@ -1241,12 +1259,12 @@
nalloc = 0;
while (1) {
- tv.tv_sec = 10;
- tv.tv_usec = 0;
- prepare_select(&readsetp, &writesetp, &max_fd, &nalloc);
- result = select(max_fd + 1, readsetp, writesetp, NULL, &tv);
+ prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp);
+ result = select(max_fd + 1, readsetp, writesetp, NULL, tvp);
saved_errno = errno;
- reaper(); /* remove expired keys */
+ if (parent_alive_interval != 0)
+ check_parent_exists();
+ (void) reaper(); /* remove expired keys */
if (result < 0) {
if (saved_errno == EINTR)
continue;
Index: servconf.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/servconf.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/servconf.c -L crypto/openssh/servconf.c -u -r1.4 -r1.5
--- crypto/openssh/servconf.c
+++ crypto/openssh/servconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.c,v 1.170 2007/03/01 10:28:02 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.177 2008/02/10 10:54:28 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -122,6 +122,7 @@
options->permit_tun = -1;
options->num_permitted_opens = -1;
options->adm_forced_command = NULL;
+ options->chroot_directory = NULL;
}
void
@@ -291,7 +292,7 @@
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
- sMatch, sPermitOpen, sForceCommand,
+ sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
sUsePrivilegeSeparation,
sDeprecated, sUnsupported
} ServerOpCodes;
@@ -321,7 +322,7 @@
{ "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
{ "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
{ "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL },
- { "permitrootlogin", sPermitRootLogin, SSHCFG_GLOBAL },
+ { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
{ "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
{ "loglevel", sLogLevel, SSHCFG_GLOBAL },
{ "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
@@ -403,6 +404,7 @@
{ "match", sMatch, SSHCFG_ALL },
{ "permitopen", sPermitOpen, SSHCFG_ALL },
{ "forcecommand", sForceCommand, SSHCFG_ALL },
+ { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
{ NULL, sBadOption, 0 }
};
@@ -458,7 +460,7 @@
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
fatal("bad addr or host: %s (%s)",
addr ? addr : "<NULL>",
- gai_strerror(gaierr));
+ ssh_gai_strerror(gaierr));
for (ai = aitop; ai->ai_next; ai = ai->ai_next)
;
ai->ai_next = options->listen_addrs;
@@ -592,7 +594,6 @@
debug("connection from %.100s matched 'Host "
"%.100s' at line %d", host, arg, line);
} else if (strcasecmp(attrib, "address") == 0) {
- debug("address '%s' arg '%s'", address, arg);
if (!address) {
result = 0;
continue;
@@ -622,6 +623,8 @@
{
char *cp, **charptr, *arg, *p;
int cmdline = 0, *intptr, value, n;
+ SyslogFacility *log_facility_ptr;
+ LogLevel *log_level_ptr;
ServerOpCodes opcode;
u_short port;
u_int i, flags = 0;
@@ -805,7 +808,7 @@
fatal("%s line %d: Bad yes/"
"without-password/forced-commands-only/no "
"argument: %s", filename, linenum, arg);
- if (*intptr == -1)
+ if (*activep && *intptr == -1)
*intptr = value;
break;
@@ -977,25 +980,25 @@
goto parse_flag;
case sLogFacility:
- intptr = (int *) &options->log_facility;
+ log_facility_ptr = &options->log_facility;
arg = strdelim(&cp);
value = log_facility_number(arg);
if (value == SYSLOG_FACILITY_NOT_SET)
fatal("%.200s line %d: unsupported log facility '%s'",
filename, linenum, arg ? arg : "<NONE>");
- if (*intptr == -1)
- *intptr = (SyslogFacility) value;
+ if (*log_facility_ptr == -1)
+ *log_facility_ptr = (SyslogFacility) value;
break;
case sLogLevel:
- intptr = (int *) &options->log_level;
+ log_level_ptr = &options->log_level;
arg = strdelim(&cp);
value = log_level_number(arg);
if (value == SYSLOG_LEVEL_NOT_SET)
fatal("%.200s line %d: unsupported log level '%s'",
filename, linenum, arg ? arg : "<NONE>");
- if (*intptr == -1)
- *intptr = (LogLevel) value;
+ if (*log_level_ptr == -1)
+ *log_level_ptr = (LogLevel) value;
break;
case sAllowTcpForwarding:
@@ -1146,6 +1149,7 @@
case sBanner:
charptr = &options->banner;
goto parse_filename;
+
/*
* These options can contain %X options expanded at
* connect time, so that you can specify paths like:
@@ -1254,6 +1258,17 @@
options->adm_forced_command = xstrdup(cp + len);
return 0;
+ case sChrootDirectory:
+ charptr = &options->chroot_directory;
+
+ arg = strdelim(&cp);
+ if (!arg || *arg == '\0')
+ fatal("%s line %d: missing file name.",
+ filename, linenum);
+ if (*activep && *charptr == NULL)
+ *charptr = xstrdup(arg);
+ break;
+
case sDeprecated:
logit("%s line %d: Deprecated option %s",
filename, linenum, arg);
@@ -1350,6 +1365,7 @@
M_CP_INTOPT(kerberos_authentication);
M_CP_INTOPT(hostbased_authentication);
M_CP_INTOPT(kbd_interactive_authentication);
+ M_CP_INTOPT(permit_root_login);
M_CP_INTOPT(allow_tcp_forwarding);
M_CP_INTOPT(gateway_ports);
@@ -1361,6 +1377,7 @@
if (preauth)
return;
M_CP_STROPT(adm_forced_command);
+ M_CP_STROPT(chroot_directory);
}
#undef M_CP_INTOPT
@@ -1387,8 +1404,4 @@
if (bad_options > 0)
fatal("%s: terminating, %d bad configuration options",
filename, bad_options);
-
- /* challenge-response is implemented via keyboard interactive */
- if (options->challenge_response_authentication == 1)
- options->kbd_interactive_authentication = 1;
}
Index: myproposal.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/myproposal.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/myproposal.h -L crypto/openssh/myproposal.h -u -r1.4 -r1.5
--- crypto/openssh/myproposal.h
+++ crypto/openssh/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.21 2006/03/25 22:22:43 djm Exp $ */
+/* $OpenBSD: myproposal.h,v 1.22 2007/06/07 19:37:34 pvalchev Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -47,7 +47,7 @@
"aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se," \
"aes128-ctr,aes192-ctr,aes256-ctr"
#define KEX_DEFAULT_MAC \
- "hmac-md5,hmac-sha1,hmac-ripemd160," \
+ "hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160," \
"hmac-ripemd160 at openssh.com," \
"hmac-sha1-96,hmac-md5-96"
#define KEX_DEFAULT_COMP "none,zlib at openssh.com,zlib"
Index: README.platform
===================================================================
RCS file: /home/cvs/src/crypto/openssh/README.platform,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/README.platform -L crypto/openssh/README.platform -u -r1.3 -r1.4
--- crypto/openssh/README.platform
+++ crypto/openssh/README.platform
@@ -23,6 +23,20 @@
IPv6 known to work: 5.1ML7 5.2ML2 5.2ML5
IPv6 known broken: 4.3.3ML11 5.1ML4
+If you wish to use dynamic libraries that aren't in the normal system
+locations (eg IBM's OpenSSL and zlib packages) then you will need to
+define the environment variable blibpath before running configure, eg
+
+blibpath=/lib:/usr/lib:/opt/freeware/lib ./configure \
+ --with-ssl-dir=/opt/freeware --with-zlib=/opt/freeware
+
+If sshd is built with the WITH_AIXAUTHENTICATE option (which is enabled
+by default) then sshd checks that users are permitted via the
+loginrestrictions() function, in particular that the user has the
+"rlogin" attribute set. This check is not done for the root account,
+instead the PermitRootLogin setting in sshd_config is used.
+
+
Cygwin
------
To build on Cygwin, OpenSSH requires the following packages:
@@ -67,4 +81,4 @@
return the output from pam_nologin to the client.
-$Id: README.platform,v 1.7 2006/06/23 11:05:13 dtucker Exp $
+$Id: README.platform,v 1.9 2007/08/09 04:31:53 dtucker Exp $
Index: sftp.1
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sftp.1,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssh/sftp.1 -L crypto/openssh/sftp.1 -u -r1.2 -r1.3
--- crypto/openssh/sftp.1
+++ crypto/openssh/sftp.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: sftp.1,v 1.63 2006/01/20 00:14:55 dtucker Exp $
+.\" $OpenBSD: sftp.1,v 1.64 2007/05/31 19:20:16 jmc Exp $
.\"
.\" Copyright (c) 2001 Damien Miller. All rights reserved.
.\"
@@ -22,7 +22,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd February 4, 2001
+.Dd $Mdocdate: June 5 2007 $
.Dt SFTP 1
.Os
.Sh NAME
Index: entropy.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/entropy.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/entropy.c -L crypto/openssh/entropy.c -u -r1.4 -r1.5
--- crypto/openssh/entropy.c
+++ crypto/openssh/entropy.c
@@ -35,8 +35,9 @@
# include <fcntl.h>
#endif
#include <stdarg.h>
-#include <unistd.h>
+#include <string.h>
#include <signal.h>
+#include <unistd.h>
#include <openssl/rand.h>
#include <openssl/crypto.h>
Index: loginrec.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/loginrec.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/loginrec.c -L crypto/openssh/loginrec.c -u -r1.4 -r1.5
--- crypto/openssh/loginrec.c
+++ crypto/openssh/loginrec.c
@@ -161,6 +161,7 @@
#include <pwd.h>
#include <stdarg.h>
#include <string.h>
+#include <time.h>
#include <unistd.h>
#include "xmalloc.h"
Index: misc.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/misc.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/misc.h -L crypto/openssh/misc.h -u -r1.3 -r1.4
--- crypto/openssh/misc.h
+++ crypto/openssh/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.36 2006/08/18 10:27:16 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.37 2007/12/27 14:22:08 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -35,6 +35,7 @@
void sanitise_stdfd(void);
struct passwd *pwcopy(struct passwd *);
+const char *ssh_gai_strerror(int);
typedef struct arglist arglist;
struct arglist {
Index: channels.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/channels.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/channels.h -L crypto/openssh/channels.h -u -r1.3 -r1.4
--- crypto/openssh/channels.h
+++ crypto/openssh/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.88 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: channels.h,v 1.89 2007/06/11 09:14:00 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -122,9 +122,9 @@
/* default window/packet sizes for tcp/x11-fwd-channel */
#define CHAN_SES_PACKET_DEFAULT (32*1024)
-#define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT)
+#define CHAN_SES_WINDOW_DEFAULT (64*CHAN_SES_PACKET_DEFAULT)
#define CHAN_TCP_PACKET_DEFAULT (32*1024)
-#define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT)
+#define CHAN_TCP_WINDOW_DEFAULT (64*CHAN_TCP_PACKET_DEFAULT)
#define CHAN_X11_PACKET_DEFAULT (16*1024)
#define CHAN_X11_WINDOW_DEFAULT (4*CHAN_X11_PACKET_DEFAULT)
Index: sshd_config.5
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sshd_config.5,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/sshd_config.5 -L crypto/openssh/sshd_config.5 -u -r1.3 -r1.4
--- crypto/openssh/sshd_config.5
+++ crypto/openssh/sshd_config.5
@@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.74 2007/03/01 16:19:33 jmc Exp $
-.Dd September 25, 1999
+.\" $OpenBSD: sshd_config.5,v 1.84 2008/03/25 11:58:02 djm Exp $
+.Dd $Mdocdate: March 27 2008 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
@@ -159,10 +159,11 @@
The default is
.Dq .ssh/authorized_keys .
.It Cm Banner
-In some jurisdictions, sending a warning message before authentication
-may be relevant for getting legal protection.
The contents of the specified file are sent to the remote user before
authentication is allowed.
+If the argument is
+.Dq none
+then no banner is displayed.
This option is only available for protocol version 2.
By default, no banner is displayed.
.It Cm ChallengeResponseAuthentication
@@ -172,6 +173,45 @@
are supported.
The default is
.Dq yes .
+.It Cm ChrootDirectory
+Specifies a path to
+.Xr chroot 2
+to after authentication.
+This path, and all its components, must be root-owned directories that are
+not writable by any other user or group.
+.Pp
+The path may contain the following tokens that are expanded at runtime once
+the connecting user has been authenticated: %% is replaced by a literal '%',
+%h is replaced by the home directory of the user being authenticated, and
+%u is replaced by the username of that user.
+.Pp
+The
+.Cm ChrootDirectory
+must contain the necessary files and directories to support the
+users' session.
+For an interactive session this requires at least a shell, typically
+.Xr sh 1 ,
+and basic
+.Pa /dev
+nodes such as
+.Xr null 4 ,
+.Xr zero 4 ,
+.Xr stdin 4 ,
+.Xr stdout 4 ,
+.Xr stderr 4 ,
+.Xr arandom 4
+and
+.Xr tty 4
+devices.
+For file transfer sessions using
+.Dq sftp ,
+no additional configuration of the environment is necessary if the
+in-process sftp server is used (see
+.Cm Subsystem
+for details).
+.Pp
+The default is not to
+.Xr chroot 2 .
.It Cm Ciphers
Specifies the ciphers allowed for protocol version 2.
Multiple ciphers must be comma-separated.
@@ -284,7 +324,9 @@
.It Cm ForceCommand
Forces the execution of the command specified by
.Cm ForceCommand ,
-ignoring any command supplied by the client.
+ignoring any command supplied by the client and
+.Pa ~/.ssh/rc
+if present.
The command is invoked by using the user's login shell with the -c option.
This applies to shell, command, or subsystem execution.
It is most useful inside a
@@ -293,6 +335,11 @@
The command originally supplied by the client is available in the
.Ev SSH_ORIGINAL_COMMAND
environment variable.
+Specifying a command of
+.Dq internal-sftp
+will force the use of an in-process sftp server that requires no support
+files when used with
+.Cm ChrootDirectory .
.It Cm GatewayPorts
Specifies whether remote hosts are allowed to connect to ports
forwarded for the client.
@@ -489,7 +536,10 @@
for data integrity protection.
Multiple algorithms must be comma-separated.
The default is:
-.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
+.Bd -literal -offset indent
+hmac-md5,hmac-sha1,umac-64 at openssh.com,
+hmac-ripemd160,hmac-sha1-96,hmac-md5-96
+.Ed
.It Cm Match
Introduces a conditional block.
If all of the criteria on the
@@ -520,6 +570,7 @@
.Cm KerberosAuthentication ,
.Cm PasswordAuthentication ,
.Cm PermitOpen ,
+.Cm PermitRootLogin ,
.Cm RhostsRSAAuthentication ,
.Cm RSAAuthentication ,
.Cm X11DisplayOffset ,
@@ -735,11 +786,22 @@
Configures an external subsystem (e.g. file transfer daemon).
Arguments should be a subsystem name and a command (with optional arguments)
to execute upon subsystem request.
+.Pp
The command
.Xr sftp-server 8
implements the
.Dq sftp
file transfer subsystem.
+.Pp
+Alternately the name
+.Dq internal-sftp
+implements an in-process
+.Dq sftp
+server.
+This may simplify configurations using
+.Cm ChrootDirectory
+to force a different filesystem root on clients.
+.Pp
By default no subsystems are defined.
Note that this option applies to protocol version 2 only.
.It Cm SyslogFacility
Index: cipher-ctr.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/cipher-ctr.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/cipher-ctr.c -L crypto/openssh/cipher-ctr.c -u -r1.3 -r1.4
--- crypto/openssh/cipher-ctr.c
+++ crypto/openssh/cipher-ctr.c
@@ -29,13 +29,7 @@
/* compatibility with old or broken OpenSSL versions */
#include "openbsd-compat/openssl-compat.h"
-#ifdef USE_BUILTIN_RIJNDAEL
-#include "rijndael.h"
-#define AES_KEY rijndael_ctx
-#define AES_BLOCK_SIZE 16
-#define AES_encrypt(a, b, c) rijndael_encrypt(c, a, b)
-#define AES_set_encrypt_key(a, b, c) rijndael_set_key(c, (char *)a, b, 1)
-#else
+#ifndef USE_BUILTIN_RIJNDAEL
#include <openssl/aes.h>
#endif
Index: serverloop.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/serverloop.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/serverloop.c -L crypto/openssh/serverloop.c -u -r1.4 -r1.5
--- crypto/openssh/serverloop.c
+++ crypto/openssh/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.145 2006/10/11 12:38:03 markus Exp $ */
+/* $OpenBSD: serverloop.c,v 1.148 2008/02/22 20:44:02 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -104,7 +104,6 @@
static int connection_out; /* Connection to client (output). */
static int connection_closed = 0; /* Connection to client closed. */
static u_int buffer_high; /* "Soft" max buffer size. */
-static int client_alive_timeouts = 0;
/*
* This SIGCHLD kludge is used to detect when the child exits. The server
@@ -248,7 +247,7 @@
int channel_id;
/* timeout, check to see how many we have had */
- if (++client_alive_timeouts > options.client_alive_count_max) {
+ if (++keep_alive_timeouts > options.client_alive_count_max) {
logit("Timeout, client not responding.");
cleanup_exit(255);
}
@@ -887,7 +886,7 @@
* even if this was generated by something other than
* the bogus CHANNEL_REQUEST we send for keepalives.
*/
- client_alive_timeouts = 0;
+ keep_alive_timeouts = 0;
}
static void
Index: ssh_config.5
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh_config.5,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/ssh_config.5 -L crypto/openssh/ssh_config.5 -u -r1.3 -r1.4
--- crypto/openssh/ssh_config.5
+++ crypto/openssh/ssh_config.5
@@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.98 2007/01/10 13:23:22 jmc Exp $
-.Dd September 25, 1999
+.\" $OpenBSD: ssh_config.5,v 1.105 2007/10/29 07:48:19 jmc Exp $
+.Dd $Mdocdate: December 2 2007 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
@@ -387,7 +387,7 @@
Specifies whether
.Xr ssh 1
should terminate the connection if it cannot set up all requested
-dynamic, local, and remote port forwardings.
+dynamic, tunnel, local, and remote port forwardings.
The argument must be
.Dq yes
or
@@ -576,6 +576,14 @@
It is possible to have
multiple identity files specified in configuration files; all these
identities will be tried in sequence.
+.It Cm KbdInteractiveAuthentication
+Specifies whether to use keyboard-interactive authentication.
+The argument to this keyword must be
+.Dq yes
+or
+.Dq no .
+The default is
+.Dq yes .
.It Cm KbdInteractiveDevices
Specifies the list of methods to use in keyboard-interactive authentication.
Multiple method names must be comma-separated.
@@ -591,7 +599,7 @@
Specifies a command to execute on the local machine after successfully
connecting to the server.
The command string extends to the end of the line, and is executed with
-.Pa /bin/sh .
+the user's shell.
This directive is ignored unless
.Cm PermitLocalCommand
has been enabled.
@@ -641,7 +649,10 @@
for data integrity protection.
Multiple algorithms must be comma-separated.
The default is:
-.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
+.Bd -literal -offset indent
+hmac-md5,hmac-sha1,umac-64 at openssh.com,
+hmac-ripemd160,hmac-sha1-96,hmac-md5-96
+.Ed
.It Cm NoHostAuthenticationForLocalhost
This option can be used if the home directory is shared across machines.
In this case localhost will refer to a different machine on each of
@@ -712,7 +723,7 @@
Specifies the command to use to connect to the server.
The command
string extends to the end of the line, and is executed with
-.Pa /bin/sh .
+the user's shell.
In the command string,
.Ql %h
will be substituted by the host name to
Index: ssh-agent.1
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh-agent.1,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/ssh-agent.1 -L crypto/openssh/ssh-agent.1 -u -r1.3 -r1.4
--- crypto/openssh/ssh-agent.1
+++ crypto/openssh/ssh-agent.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-agent.1,v 1.44 2006/07/18 08:03:09 jmc Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.46 2007/09/09 11:38:01 sobrado Exp $
.\"
.\" Author: Tatu Ylonen <ylo at cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd September 25, 1999
+.Dd $Mdocdate: September 17 2007 $
.Dt SSH-AGENT 1
.Os
.Sh NAME
@@ -42,11 +42,11 @@
.Nd authentication agent
.Sh SYNOPSIS
.Nm ssh-agent
-.Op Fl a Ar bind_address
.Op Fl c Li | Fl s
-.Op Fl t Ar life
.Op Fl d
-.Op Ar command Op Ar args ...
+.Op Fl a Ar bind_address
+.Op Fl t Ar life
+.Op Ar command Op Ar arg ...
.Nm ssh-agent
.Op Fl c Li | Fl s
.Fl k
@@ -77,16 +77,21 @@
This is the default if
.Ev SHELL
looks like it's a csh style of shell.
+.It Fl d
+Debug mode.
+When this option is specified
+.Nm
+will not fork.
+.It Fl k
+Kill the current agent (given by the
+.Ev SSH_AGENT_PID
+environment variable).
.It Fl s
Generate Bourne shell commands on
.Dv stdout .
This is the default if
.Ev SHELL
does not look like it's a csh style of shell.
-.It Fl k
-Kill the current agent (given by the
-.Ev SSH_AGENT_PID
-environment variable).
.It Fl t Ar life
Set a default value for the maximum lifetime of identities added to the agent.
The lifetime may be specified in seconds or in a time format specified in
@@ -95,11 +100,6 @@
.Xr ssh-add 1
overrides this value.
Without this option the default maximum lifetime is forever.
-.It Fl d
-Debug mode.
-When this option is specified
-.Nm
-will not fork.
.El
.Pp
If a commandline is given, this is executed as a subprocess of the agent.
Index: auth-options.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth-options.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/auth-options.c -L crypto/openssh/auth-options.c -u -r1.3 -r1.4
--- crypto/openssh/auth-options.c
+++ crypto/openssh/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.40 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-options.c,v 1.41 2008/03/26 21:28:14 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -42,6 +42,7 @@
int no_agent_forwarding_flag = 0;
int no_x11_forwarding_flag = 0;
int no_pty_flag = 0;
+int no_user_rc = 0;
/* "command=" option. */
char *forced_command = NULL;
@@ -61,6 +62,7 @@
no_port_forwarding_flag = 0;
no_pty_flag = 0;
no_x11_forwarding_flag = 0;
+ no_user_rc = 0;
while (custom_environment) {
struct envstring *ce = custom_environment;
custom_environment = ce->next;
@@ -121,6 +123,13 @@
opts += strlen(cp);
goto next_option;
}
+ cp = "no-user-rc";
+ if (strncasecmp(opts, cp, strlen(cp)) == 0) {
+ auth_debug_add("User rc file execution disabled.");
+ no_user_rc = 1;
+ opts += strlen(cp);
+ goto next_option;
+ }
cp = "command=\"";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
opts += strlen(cp);
Index: channels.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/channels.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/channels.c -L crypto/openssh/channels.c -u -r1.4 -r1.5
--- crypto/openssh/channels.c
+++ crypto/openssh/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.268 2007/01/03 03:01:40 stevesk Exp $ */
+/* $OpenBSD: channels.c,v 1.272 2008/01/19 23:02:40 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1446,14 +1446,13 @@
channel_handle_rfd(Channel *c, fd_set *readset, fd_set *writeset)
{
char buf[CHAN_RBUF];
- int len;
+ int len, force;
- if (c->rfd != -1 &&
- (c->detach_close || FD_ISSET(c->rfd, readset))) {
+ force = c->isatty && c->detach_close && c->istate != CHAN_INPUT_CLOSED;
+ if (c->rfd != -1 && (force || FD_ISSET(c->rfd, readset))) {
errno = 0;
len = read(c->rfd, buf, sizeof(buf));
- if (len < 0 && (errno == EINTR ||
- (errno == EAGAIN && !(c->isatty && c->detach_close))))
+ if (len < 0 && (errno == EINTR || (errno == EAGAIN && !force)))
return 1;
#ifndef PTY_ZEROREAD
if (len <= 0) {
@@ -1658,7 +1657,9 @@
{
if (c->type == SSH_CHANNEL_OPEN &&
!(c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD)) &&
- c->local_window < c->local_window_max/2 &&
+ ((c->local_window_max - c->local_window >
+ c->local_maxpacket*3) ||
+ c->local_window < c->local_window_max/2) &&
c->local_consumed > 0) {
packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST);
packet_put_int(c->remote_id);
@@ -2384,7 +2385,7 @@
wildcard = 1;
} else if (gateway_ports || is_client) {
if (((datafellows & SSH_OLD_FORWARD_ADDR) &&
- strcmp(listen_addr, "0.0.0.0") == 0) ||
+ strcmp(listen_addr, "0.0.0.0") == 0 && is_client == 0) ||
*listen_addr == '\0' || strcmp(listen_addr, "*") == 0 ||
(!is_client && gateway_ports == 1))
wildcard = 1;
@@ -2408,10 +2409,11 @@
if (addr == NULL) {
/* This really shouldn't happen */
packet_disconnect("getaddrinfo: fatal error: %s",
- gai_strerror(r));
+ ssh_gai_strerror(r));
} else {
error("channel_setup_fwd_listener: "
- "getaddrinfo(%.64s): %s", addr, gai_strerror(r));
+ "getaddrinfo(%.64s): %s", addr,
+ ssh_gai_strerror(r));
}
return 0;
}
@@ -2731,7 +2733,7 @@
snprintf(strport, sizeof strport, "%d", port);
if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) {
error("connect_to %.100s: unknown host (%s)", host,
- gai_strerror(gaierr));
+ ssh_gai_strerror(gaierr));
return -1;
}
for (ai = aitop; ai; ai = ai->ai_next) {
@@ -2873,7 +2875,7 @@
hints.ai_socktype = SOCK_STREAM;
snprintf(strport, sizeof strport, "%d", port);
if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) {
- error("getaddrinfo: %.100s", gai_strerror(gaierr));
+ error("getaddrinfo: %.100s", ssh_gai_strerror(gaierr));
return -1;
}
for (ai = aitop; ai; ai = ai->ai_next) {
@@ -3046,7 +3048,8 @@
hints.ai_socktype = SOCK_STREAM;
snprintf(strport, sizeof strport, "%u", 6000 + display_number);
if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) {
- error("%.100s: unknown host. (%s)", buf, gai_strerror(gaierr));
+ error("%.100s: unknown host. (%s)", buf,
+ ssh_gai_strerror(gaierr));
return -1;
}
for (ai = aitop; ai; ai = ai->ai_next) {
Index: readconf.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/readconf.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/readconf.c -L crypto/openssh/readconf.c -u -r1.4 -r1.5
--- crypto/openssh/readconf.c
+++ crypto/openssh/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.161 2007/01/21 01:45:35 stevesk Exp $ */
+/* $OpenBSD: readconf.c,v 1.165 2008/01/19 23:09:49 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -326,6 +326,7 @@
{
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256];
int opcode, *intptr, value, value2, scale;
+ LogLevel *log_level_ptr;
long long orig, val64;
size_t len;
Forward fwd;
@@ -498,7 +499,6 @@
goto parse_int;
case oRekeyLimit:
- intptr = &options->rekey_limit;
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing argument.", filename, linenum);
@@ -526,14 +526,14 @@
}
val64 *= scale;
/* detect integer wrap and too-large limits */
- if ((val64 / scale) != orig || val64 > INT_MAX)
+ if ((val64 / scale) != orig || val64 > UINT_MAX)
fatal("%.200s line %d: RekeyLimit too large",
filename, linenum);
if (val64 < 16)
fatal("%.200s line %d: RekeyLimit too small",
filename, linenum);
- if (*activep && *intptr == -1)
- *intptr = (int)val64;
+ if (*activep && options->rekey_limit == -1)
+ options->rekey_limit = (u_int32_t)val64;
break;
case oIdentityFile:
@@ -692,14 +692,14 @@
break;
case oLogLevel:
- intptr = (int *) &options->log_level;
+ log_level_ptr = &options->log_level;
arg = strdelim(&s);
value = log_level_number(arg);
if (value == SYSLOG_LEVEL_NOT_SET)
fatal("%.200s line %d: unsupported log level '%s'",
filename, linenum, arg ? arg : "<NONE>");
- if (*activep && (LogLevel) *intptr == SYSLOG_LEVEL_NOT_SET)
- *intptr = (LogLevel) value;
+ if (*activep && *log_level_ptr == SYSLOG_LEVEL_NOT_SET)
+ *log_level_ptr = (LogLevel) value;
break;
case oLocalForward:
@@ -1224,7 +1224,7 @@
cp = p = xstrdup(fwdspec);
/* skip leading spaces */
- while (*cp && isspace(*cp))
+ while (isspace(*cp))
cp++;
for (i = 0; i < 4; ++i)
@@ -1255,7 +1255,7 @@
xfree(p);
- if (fwd->listen_port == 0 && fwd->connect_port == 0)
+ if (fwd->listen_port == 0 || fwd->connect_port == 0)
goto fail_free;
if (fwd->connect_host != NULL &&
Index: defines.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/defines.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/defines.h -L crypto/openssh/defines.h -u -r1.3 -r1.4
--- crypto/openssh/defines.h
+++ crypto/openssh/defines.h
@@ -25,7 +25,7 @@
#ifndef _DEFINES_H
#define _DEFINES_H
-/* $Id: defines.h,v 1.138 2006/09/21 13:13:30 dtucker Exp $ */
+/* $Id: defines.h,v 1.146 2008/02/28 08:22:04 dtucker Exp $ */
/* Constants */
@@ -68,7 +68,7 @@
# endif
#endif
-#ifndef MAXSYMLINKS
+#if defined(HAVE_DECL_MAXSYMLINKS) && HAVE_DECL_MAXSYMLINKS == 0
# define MAXSYMLINKS 5
#endif
@@ -321,12 +321,6 @@
#ifndef _PATH_BSHELL
# define _PATH_BSHELL "/bin/sh"
#endif
-#ifndef _PATH_CSHELL
-# define _PATH_CSHELL "/bin/csh"
-#endif
-#ifndef _PATH_SHELLS
-# define _PATH_SHELLS "/etc/shells"
-#endif
#ifdef USER_PATH
# ifdef _PATH_STDPATH
@@ -449,6 +443,10 @@
# define __bounded__(x, y, z)
#endif
+#if !defined(HAVE_ATTRIBUTE__NONNULL__) && !defined(__nonnull__)
+# define __nonnull__(x)
+#endif
+
/* *-*-nto-qnx doesn't define this macro in the system headers */
#ifdef MISSING_HOWMANY
# define howmany(x,y) (((x)+((y)-1))/(y))
@@ -487,7 +485,7 @@
(struct cmsghdr *)NULL)
#endif /* CMSG_FIRSTHDR */
-#ifndef offsetof
+#if defined(HAVE_DECL_OFFSETOF) && HAVE_DECL_OFFSETOF == 0
# define offsetof(type, member) ((size_t) &((type *)0)->member)
#endif
@@ -542,6 +540,10 @@
# undef HAVE_UPDWTMPX
#endif
+#if defined(BROKEN_SHADOW_EXPIRE) && defined(HAS_SHADOW_EXPIRE)
+# undef HAS_SHADOW_EXPIRE
+#endif
+
#if defined(HAVE_OPENLOG_R) && defined(SYSLOG_DATA_INIT) && \
defined(SYSLOG_R_SAFE_IN_SIGHAND)
# define DO_LOG_SAFE_IN_SIGHAND
@@ -565,11 +567,6 @@
# define CUSTOM_SSH_AUDIT_EVENTS
#endif
-/* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */
-#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f)
-# define OPENSSL_free(x) Free(x)
-#endif
-
#if !defined(HAVE___func__) && defined(HAVE___FUNCTION__)
# define __func__ __FUNCTION__
#elif !defined(HAVE___func__)
@@ -696,9 +693,12 @@
# define CUSTOM_SYS_AUTH_PASSWD 1
#endif
-#ifdef HAVE_LIBIAF
+#if defined(HAVE_LIBIAF) && defined(HAVE_SET_ID)
# define CUSTOM_SYS_AUTH_PASSWD 1
#endif
+#if defined(HAVE_LIBIAF) && defined(HAVE_SET_ID) && !defined(BROKEN_LIBIAF)
+# define USE_LIBIAF
+#endif
/* HP-UX 11.11 */
#ifdef BTMP_FILE
Index: README
===================================================================
RCS file: /home/cvs/src/crypto/openssh/README,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/README -L crypto/openssh/README -u -r1.3 -r1.4
--- crypto/openssh/README
+++ crypto/openssh/README
@@ -1,4 +1,4 @@
-See http://www.openssh.com/txt/release-4.6 for the release notes.
+See http://www.openssh.com/txt/release-4.9 for the release notes.
- A Japanese translation of this document and of the OpenSSH FAQ is
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
@@ -62,4 +62,4 @@
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
[7] http://www.openssh.com/faq.html
-$Id: README,v 1.64.4.1 2007/03/06 10:27:56 djm Exp $
+$Id: README,v 1.67 2008/03/27 06:43:34 djm Exp $
Index: monitor_wrap.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/monitor_wrap.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/monitor_wrap.c -L crypto/openssh/monitor_wrap.c -u -r1.4 -r1.5
--- crypto/openssh/monitor_wrap.c
+++ crypto/openssh/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.55 2007/02/19 10:45:58 dtucker Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.60 2007/10/29 04:08:08 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos at citi.umich.edu>
* Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -222,8 +222,8 @@
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PWNAM, &m);
if (buffer_get_char(&m) == 0) {
- buffer_free(&m);
- return (NULL);
+ pw = NULL;
+ goto out;
}
pw = buffer_get_string(&m, &len);
if (len != sizeof(struct passwd))
@@ -237,6 +237,7 @@
pw->pw_dir = buffer_get_string(&m, NULL);
pw->pw_shell = buffer_get_string(&m, NULL);
+out:
/* copy options block as a Match directive may have changed some */
newopts = buffer_get_string(&m, &len);
if (len != sizeof(*newopts))
@@ -476,8 +477,8 @@
/* Mac structure */
mac->name = buffer_get_string(&b, NULL);
- if (mac->name == NULL || mac_init(mac, mac->name) == -1)
- fatal("%s: can not init mac %s", __func__, mac->name);
+ if (mac->name == NULL || mac_setup(mac, mac->name) == -1)
+ fatal("%s: can not setup mac %s", __func__, mac->name);
mac->enabled = buffer_get_int(&b);
mac->key = buffer_get_string(&b, &len);
if (len > mac->key_len)
@@ -688,8 +689,9 @@
buffer_append(&loginmsg, msg, strlen(msg));
xfree(msg);
- *ptyfd = mm_receive_fd(pmonitor->m_recvfd);
- *ttyfd = mm_receive_fd(pmonitor->m_recvfd);
+ if ((*ptyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1 ||
+ (*ttyfd = mm_receive_fd(pmonitor->m_recvfd)) == -1)
+ fatal("%s: receive fds failed", __func__);
/* Success */
return (1);
Index: sftp.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sftp.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/sftp.c -L crypto/openssh/sftp.c -u -r1.4 -r1.5
--- crypto/openssh/sftp.c
+++ crypto/openssh/sftp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.96 2007/01/03 04:09:15 stevesk Exp $ */
+/* $OpenBSD: sftp.c,v 1.99 2008/01/20 00:38:30 djm Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm at openbsd.org>
*
@@ -26,6 +26,7 @@
#include <sys/socket.h>
#include <sys/wait.h>
+#include <ctype.h>
#include <errno.h>
#ifdef HAVE_PATHS_H
@@ -346,144 +347,78 @@
}
static int
-parse_getput_flags(const char **cpp, int *pflag)
+parse_getput_flags(const char *cmd, char **argv, int argc, int *pflag)
{
- const char *cp = *cpp;
+ extern int optind, optreset, opterr;
+ int ch;
- /* Check for flags */
- if (cp[0] == '-' && cp[1] && strchr(WHITESPACE, cp[2])) {
- switch (cp[1]) {
+ optind = optreset = 1;
+ opterr = 0;
+
+ *pflag = 0;
+ while ((ch = getopt(argc, argv, "Pp")) != -1) {
+ switch (ch) {
case 'p':
case 'P':
*pflag = 1;
break;
default:
- error("Invalid flag -%c", cp[1]);
- return(-1);
+ error("%s: Invalid flag -%c", cmd, ch);
+ return -1;
}
- cp += 2;
- *cpp = cp + strspn(cp, WHITESPACE);
}
- return(0);
+ return optind;
}
static int
-parse_ls_flags(const char **cpp, int *lflag)
+parse_ls_flags(char **argv, int argc, int *lflag)
{
- const char *cp = *cpp;
+ extern int optind, optreset, opterr;
+ int ch;
- /* Defaults */
- *lflag = LS_NAME_SORT;
+ optind = optreset = 1;
+ opterr = 0;
- /* Check for flags */
- if (cp++[0] == '-') {
- for (; strchr(WHITESPACE, *cp) == NULL; cp++) {
- switch (*cp) {
- case 'l':
- *lflag &= ~VIEW_FLAGS;
- *lflag |= LS_LONG_VIEW;
- break;
- case '1':
- *lflag &= ~VIEW_FLAGS;
- *lflag |= LS_SHORT_VIEW;
- break;
- case 'n':
- *lflag &= ~VIEW_FLAGS;
- *lflag |= LS_NUMERIC_VIEW|LS_LONG_VIEW;
- break;
- case 'S':
- *lflag &= ~SORT_FLAGS;
- *lflag |= LS_SIZE_SORT;
- break;
- case 't':
- *lflag &= ~SORT_FLAGS;
- *lflag |= LS_TIME_SORT;
- break;
- case 'r':
- *lflag |= LS_REVERSE_SORT;
- break;
- case 'f':
- *lflag &= ~SORT_FLAGS;
- break;
- case 'a':
- *lflag |= LS_SHOW_ALL;
- break;
- default:
- error("Invalid flag -%c", *cp);
- return(-1);
- }
- }
- *cpp = cp + strspn(cp, WHITESPACE);
- }
-
- return(0);
-}
-
-static int
-get_pathname(const char **cpp, char **path)
-{
- const char *cp = *cpp, *end;
- char quot;
- u_int i, j;
-
- cp += strspn(cp, WHITESPACE);
- if (!*cp) {
- *cpp = cp;
- *path = NULL;
- return (0);
- }
-
- *path = xmalloc(strlen(cp) + 1);
-
- /* Check for quoted filenames */
- if (*cp == '\"' || *cp == '\'') {
- quot = *cp++;
-
- /* Search for terminating quote, unescape some chars */
- for (i = j = 0; i <= strlen(cp); i++) {
- if (cp[i] == quot) { /* Found quote */
- i++;
- (*path)[j] = '\0';
- break;
- }
- if (cp[i] == '\0') { /* End of string */
- error("Unterminated quote");
- goto fail;
- }
- if (cp[i] == '\\') { /* Escaped characters */
- i++;
- if (cp[i] != '\'' && cp[i] != '\"' &&
- cp[i] != '\\') {
- error("Bad escaped character '\\%c'",
- cp[i]);
- goto fail;
- }
- }
- (*path)[j++] = cp[i];
- }
-
- if (j == 0) {
- error("Empty quotes");
- goto fail;
+ *lflag = LS_NAME_SORT;
+ while ((ch = getopt(argc, argv, "1Saflnrt")) != -1) {
+ switch (ch) {
+ case '1':
+ *lflag &= ~VIEW_FLAGS;
+ *lflag |= LS_SHORT_VIEW;
+ break;
+ case 'S':
+ *lflag &= ~SORT_FLAGS;
+ *lflag |= LS_SIZE_SORT;
+ break;
+ case 'a':
+ *lflag |= LS_SHOW_ALL;
+ break;
+ case 'f':
+ *lflag &= ~SORT_FLAGS;
+ break;
+ case 'l':
+ *lflag &= ~VIEW_FLAGS;
+ *lflag |= LS_LONG_VIEW;
+ break;
+ case 'n':
+ *lflag &= ~VIEW_FLAGS;
+ *lflag |= LS_NUMERIC_VIEW|LS_LONG_VIEW;
+ break;
+ case 'r':
+ *lflag |= LS_REVERSE_SORT;
+ break;
+ case 't':
+ *lflag &= ~SORT_FLAGS;
+ *lflag |= LS_TIME_SORT;
+ break;
+ default:
+ error("ls: Invalid flag -%c", ch);
+ return -1;
}
- *cpp = cp + i + strspn(cp + i, WHITESPACE);
- } else {
- /* Read to end of filename */
- end = strpbrk(cp, WHITESPACE);
- if (end == NULL)
- end = strchr(cp, '\0');
- *cpp = end + strspn(end, WHITESPACE);
-
- memcpy(*path, cp, end - cp);
- (*path)[end - cp] = '\0';
}
- return (0);
- fail:
- xfree(*path);
- *path = NULL;
- return (-1);
+ return optind;
}
static int
@@ -499,17 +434,6 @@
}
static int
-is_reg(char *path)
-{
- struct stat sb;
-
- if (stat(path, &sb) == -1)
- fatal("stat %s: %s", path, strerror(errno));
-
- return(S_ISREG(sb.st_mode));
-}
-
-static int
remote_is_dir(struct sftp_conn *conn, char *path)
{
Attrib *a;
@@ -597,6 +521,7 @@
glob_t g;
int err = 0;
int i;
+ struct stat sb;
if (dst) {
tmp_dst = xstrdup(dst);
@@ -605,7 +530,7 @@
memset(&g, 0, sizeof(g));
debug3("Looking up %s", src);
- if (glob(src, 0, NULL, &g)) {
+ if (glob(src, GLOB_NOCHECK, NULL, &g)) {
error("File \"%s\" not found.", src);
err = -1;
goto out;
@@ -620,7 +545,13 @@
}
for (i = 0; g.gl_pathv[i] && !interrupted; i++) {
- if (!is_reg(g.gl_pathv[i])) {
+ if (stat(g.gl_pathv[i], &sb) == -1) {
+ err = -1;
+ error("stat %s: %s", g.gl_pathv[i], strerror(errno));
+ continue;
+ }
+
+ if (!S_ISREG(sb.st_mode)) {
error("skipping non-regular file %s",
g.gl_pathv[i]);
continue;
@@ -866,15 +797,189 @@
return (0);
}
+/*
+ * Undo escaping of glob sequences in place. Used to undo extra escaping
+ * applied in makeargv() when the string is destined for a function that
+ * does not glob it.
+ */
+static void
+undo_glob_escape(char *s)
+{
+ size_t i, j;
+
+ for (i = j = 0;;) {
+ if (s[i] == '\0') {
+ s[j] = '\0';
+ return;
+ }
+ if (s[i] != '\\') {
+ s[j++] = s[i++];
+ continue;
+ }
+ /* s[i] == '\\' */
+ ++i;
+ switch (s[i]) {
+ case '?':
+ case '[':
+ case '*':
+ case '\\':
+ s[j++] = s[i++];
+ break;
+ case '\0':
+ s[j++] = '\\';
+ s[j] = '\0';
+ return;
+ default:
+ s[j++] = '\\';
+ s[j++] = s[i++];
+ break;
+ }
+ }
+}
+
+/*
+ * Split a string into an argument vector using sh(1)-style quoting,
+ * comment and escaping rules, but with some tweaks to handle glob(3)
+ * wildcards.
+ * Returns NULL on error or a NULL-terminated array of arguments.
+ */
+#define MAXARGS 128
+#define MAXARGLEN 8192
+static char **
+makeargv(const char *arg, int *argcp)
+{
+ int argc, quot;
+ size_t i, j;
+ static char argvs[MAXARGLEN];
+ static char *argv[MAXARGS + 1];
+ enum { MA_START, MA_SQUOTE, MA_DQUOTE, MA_UNQUOTED } state, q;
+
+ *argcp = argc = 0;
+ if (strlen(arg) > sizeof(argvs) - 1) {
+ args_too_longs:
+ error("string too long");
+ return NULL;
+ }
+ state = MA_START;
+ i = j = 0;
+ for (;;) {
+ if (isspace(arg[i])) {
+ if (state == MA_UNQUOTED) {
+ /* Terminate current argument */
+ argvs[j++] = '\0';
+ argc++;
+ state = MA_START;
+ } else if (state != MA_START)
+ argvs[j++] = arg[i];
+ } else if (arg[i] == '"' || arg[i] == '\'') {
+ q = arg[i] == '"' ? MA_DQUOTE : MA_SQUOTE;
+ if (state == MA_START) {
+ argv[argc] = argvs + j;
+ state = q;
+ } else if (state == MA_UNQUOTED)
+ state = q;
+ else if (state == q)
+ state = MA_UNQUOTED;
+ else
+ argvs[j++] = arg[i];
+ } else if (arg[i] == '\\') {
+ if (state == MA_SQUOTE || state == MA_DQUOTE) {
+ quot = state == MA_SQUOTE ? '\'' : '"';
+ /* Unescape quote we are in */
+ /* XXX support \n and friends? */
+ if (arg[i + 1] == quot) {
+ i++;
+ argvs[j++] = arg[i];
+ } else if (arg[i + 1] == '?' ||
+ arg[i + 1] == '[' || arg[i + 1] == '*') {
+ /*
+ * Special case for sftp: append
+ * double-escaped glob sequence -
+ * glob will undo one level of
+ * escaping. NB. string can grow here.
+ */
+ if (j >= sizeof(argvs) - 5)
+ goto args_too_longs;
+ argvs[j++] = '\\';
+ argvs[j++] = arg[i++];
+ argvs[j++] = '\\';
+ argvs[j++] = arg[i];
+ } else {
+ argvs[j++] = arg[i++];
+ argvs[j++] = arg[i];
+ }
+ } else {
+ if (state == MA_START) {
+ argv[argc] = argvs + j;
+ state = MA_UNQUOTED;
+ }
+ if (arg[i + 1] == '?' || arg[i + 1] == '[' ||
+ arg[i + 1] == '*' || arg[i + 1] == '\\') {
+ /*
+ * Special case for sftp: append
+ * escaped glob sequence -
+ * glob will undo one level of
+ * escaping.
+ */
+ argvs[j++] = arg[i++];
+ argvs[j++] = arg[i];
+ } else {
+ /* Unescape everything */
+ /* XXX support \n and friends? */
+ i++;
+ argvs[j++] = arg[i];
+ }
+ }
+ } else if (arg[i] == '#') {
+ if (state == MA_SQUOTE || state == MA_DQUOTE)
+ argvs[j++] = arg[i];
+ else
+ goto string_done;
+ } else if (arg[i] == '\0') {
+ if (state == MA_SQUOTE || state == MA_DQUOTE) {
+ error("Unterminated quoted argument");
+ return NULL;
+ }
+ string_done:
+ if (state == MA_UNQUOTED) {
+ argvs[j++] = '\0';
+ argc++;
+ }
+ break;
+ } else {
+ if (state == MA_START) {
+ argv[argc] = argvs + j;
+ state = MA_UNQUOTED;
+ }
+ if ((state == MA_SQUOTE || state == MA_DQUOTE) &&
+ (arg[i] == '?' || arg[i] == '[' || arg[i] == '*')) {
+ /*
+ * Special case for sftp: escape quoted
+ * glob(3) wildcards. NB. string can grow
+ * here.
+ */
+ if (j >= sizeof(argvs) - 3)
+ goto args_too_longs;
+ argvs[j++] = '\\';
+ argvs[j++] = arg[i];
+ } else
+ argvs[j++] = arg[i];
+ }
+ i++;
+ }
+ *argcp = argc;
+ return argv;
+}
+
static int
parse_args(const char **cpp, int *pflag, int *lflag, int *iflag,
unsigned long *n_arg, char **path1, char **path2)
{
const char *cmd, *cp = *cpp;
- char *cp2;
+ char *cp2, **argv;
int base = 0;
long l;
- int i, cmdnum;
+ int i, cmdnum, optidx, argc;
/* Skip leading whitespace */
cp = cp + strspn(cp, WHITESPACE);
@@ -890,17 +995,13 @@
cp++;
}
- /* Figure out which command we have */
- for (i = 0; cmds[i].c; i++) {
- int cmdlen = strlen(cmds[i].c);
+ if ((argv = makeargv(cp, &argc)) == NULL)
+ return -1;
- /* Check for command followed by whitespace */
- if (!strncasecmp(cp, cmds[i].c, cmdlen) &&
- strchr(WHITESPACE, cp[cmdlen])) {
- cp += cmdlen;
- cp = cp + strspn(cp, WHITESPACE);
+ /* Figure out which command we have */
+ for (i = 0; cmds[i].c != NULL; i++) {
+ if (strcasecmp(cmds[i].c, argv[0]) == 0)
break;
- }
}
cmdnum = cmds[i].n;
cmd = cmds[i].c;
@@ -911,40 +1012,44 @@
cmdnum = I_SHELL;
} else if (cmdnum == -1) {
error("Invalid command.");
- return (-1);
+ return -1;
}
/* Get arguments and parse flags */
*lflag = *pflag = *n_arg = 0;
*path1 = *path2 = NULL;
+ optidx = 1;
switch (cmdnum) {
case I_GET:
case I_PUT:
- if (parse_getput_flags(&cp, pflag))
- return(-1);
+ if ((optidx = parse_getput_flags(cmd, argv, argc, pflag)) == -1)
+ return -1;
/* Get first pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
+ if (argc - optidx < 1) {
error("You must specify at least one path after a "
"%s command.", cmd);
- return(-1);
+ return -1;
+ }
+ *path1 = xstrdup(argv[optidx]);
+ /* Get second pathname (optional) */
+ if (argc - optidx > 1) {
+ *path2 = xstrdup(argv[optidx + 1]);
+ /* Destination is not globbed */
+ undo_glob_escape(*path2);
}
- /* Try to get second pathname (optional) */
- if (get_pathname(&cp, path2))
- return(-1);
break;
case I_RENAME:
case I_SYMLINK:
- if (get_pathname(&cp, path1))
- return(-1);
- if (get_pathname(&cp, path2))
- return(-1);
- if (!*path1 || !*path2) {
+ if (argc - optidx < 2) {
error("You must specify two paths after a %s "
"command.", cmd);
- return(-1);
+ return -1;
}
+ *path1 = xstrdup(argv[optidx]);
+ *path2 = xstrdup(argv[optidx + 1]);
+ /* Paths are not globbed */
+ undo_glob_escape(*path1);
+ undo_glob_escape(*path2);
break;
case I_RM:
case I_MKDIR:
@@ -953,59 +1058,57 @@
case I_LCHDIR:
case I_LMKDIR:
/* Get pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
+ if (argc - optidx < 1) {
error("You must specify a path after a %s command.",
cmd);
- return(-1);
+ return -1;
}
+ *path1 = xstrdup(argv[optidx]);
+ /* Only "rm" globs */
+ if (cmdnum != I_RM)
+ undo_glob_escape(*path1);
break;
case I_LS:
- if (parse_ls_flags(&cp, lflag))
+ if ((optidx = parse_ls_flags(argv, argc, lflag)) == -1)
return(-1);
/* Path is optional */
- if (get_pathname(&cp, path1))
- return(-1);
+ if (argc - optidx > 0)
+ *path1 = xstrdup(argv[optidx]);
break;
case I_LLS:
+ /* Skip ls command and following whitespace */
+ cp = cp + strlen(cmd) + strspn(cp, WHITESPACE);
case I_SHELL:
/* Uses the rest of the line */
break;
case I_LUMASK:
- base = 8;
case I_CHMOD:
base = 8;
case I_CHOWN:
case I_CHGRP:
/* Get numeric arg (mandatory) */
+ if (argc - optidx < 1)
+ goto need_num_arg;
errno = 0;
- l = strtol(cp, &cp2, base);
- if (cp2 == cp || ((l == LONG_MIN || l == LONG_MAX) &&
- errno == ERANGE) || l < 0) {
+ l = strtol(argv[optidx], &cp2, base);
+ if (cp2 == argv[optidx] || *cp2 != '\0' ||
+ ((l == LONG_MIN || l == LONG_MAX) && errno == ERANGE) ||
+ l < 0) {
+ need_num_arg:
error("You must supply a numeric argument "
"to the %s command.", cmd);
- return(-1);
+ return -1;
}
- cp = cp2;
*n_arg = l;
- if (cmdnum == I_LUMASK && strchr(WHITESPACE, *cp))
+ if (cmdnum == I_LUMASK)
break;
- if (cmdnum == I_LUMASK || !strchr(WHITESPACE, *cp)) {
- error("You must supply a numeric argument "
- "to the %s command.", cmd);
- return(-1);
- }
- cp += strspn(cp, WHITESPACE);
-
/* Get pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
+ if (argc - optidx < 2) {
error("You must specify a path after a %s command.",
cmd);
- return(-1);
+ return -1;
}
+ *path1 = xstrdup(argv[optidx + 1]);
break;
case I_QUIT:
case I_PWD:
Index: auth2-chall.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth2-chall.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/auth2-chall.c -L crypto/openssh/auth2-chall.c -u -r1.4 -r1.5
--- crypto/openssh/auth2-chall.c
+++ crypto/openssh/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.32 2007/01/03 03:01:40 stevesk Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.33 2007/09/21 08:15:29 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2001 Per Allansson. All rights reserved.
Index: configure.ac
===================================================================
RCS file: /home/cvs/src/crypto/openssh/configure.ac,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/configure.ac -L crypto/openssh/configure.ac -u -r1.4 -r1.5
--- crypto/openssh/configure.ac
+++ crypto/openssh/configure.ac
@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.372 2007/03/05 00:51:27 djm Exp $
+# $Id: configure.ac,v 1.397 2008/03/27 01:33:07 djm Exp $
#
# Copyright (c) 1999-2004 Damien Miller
#
@@ -15,7 +15,7 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT(OpenSSH, Portable, openssh-unix-dev at mindrot.org)
-AC_REVISION($Revision: 1.372 $)
+AC_REVISION($Revision: 1.397 $)
AC_CONFIG_SRCDIR([ssh.c])
AC_CONFIG_HEADER(config.h)
@@ -90,18 +90,66 @@
AC_CHECK_DECL(LLONG_MAX, have_llong_max=1, , [#include <limits.h>])
+use_stack_protector=1
+AC_ARG_WITH(stackprotect,
+ [ --without-stackprotect Don't use compiler's stack protection], [
+ if test "x$withval" = "xno"; then
+ use_stack_protector=0
+ fi ])
+
if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
CFLAGS="$CFLAGS -Wall -Wpointer-arith -Wuninitialized"
GCC_VER=`$CC -v 2>&1 | $AWK '/gcc version /{print $3}'`
case $GCC_VER in
- 1.*) ;;
- 2.8* | 2.9*) CFLAGS="$CFLAGS -Wsign-compare" ;;
- 2.*) ;;
+ 1.*) no_attrib_nonnull=1 ;;
+ 2.8* | 2.9*)
+ CFLAGS="$CFLAGS -Wsign-compare"
+ no_attrib_nonnull=1
+ ;;
+ 2.*) no_attrib_nonnull=1 ;;
3.*) CFLAGS="$CFLAGS -Wsign-compare" ;;
4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign" ;;
*) ;;
esac
+ # -fstack-protector-all doesn't always work for some GCC versions
+ # and/or platforms, so we test if we can. If it's not supported
+ # on a give platform gcc will emit a warning so we use -Werror.
+ if test "x$use_stack_protector" = "x1"; then
+ for t in -fstack-protector-all -fstack-protector; do
+ AC_MSG_CHECKING(if $CC supports $t)
+ saved_CFLAGS="$CFLAGS"
+ saved_LDFLAGS="$LDFLAGS"
+ CFLAGS="$CFLAGS $t -Werror"
+ LDFLAGS="$LDFLAGS $t -Werror"
+ AC_LINK_IFELSE(
+ [AC_LANG_SOURCE([
+#include <stdlib.h>
+int main(void){return 0;}
+ ])],
+ [ AC_MSG_RESULT(yes)
+ CFLAGS="$saved_CFLAGS $t"
+ LDFLAGS="$saved_LDFLAGS $t"
+ AC_MSG_CHECKING(if $t works)
+ AC_RUN_IFELSE(
+ [AC_LANG_SOURCE([
+#include <stdlib.h>
+int main(void){exit(0);}
+ ])],
+ [ AC_MSG_RESULT(yes)
+ break ],
+ [ AC_MSG_RESULT(no) ],
+ [ AC_MSG_WARN([cross compiling: cannot test])
+ break ]
+ )
+ ],
+ [ AC_MSG_RESULT(no) ]
+ )
+ CFLAGS="$saved_CFLAGS"
+ LDFLAGS="$saved_LDFLAGS"
+ done
+ fi
+
if test -z "$have_llong_max"; then
# retry LLONG_MAX with -std=gnu99, needed on some Linuxes
unset ac_cv_have_decl_LLONG_MAX
@@ -115,6 +163,10 @@
fi
fi
+if test "x$no_attrib_nonnull" != "x1" ; then
+ AC_DEFINE(HAVE_ATTRIBUTE__NONNULL__, 1, [Have attribute nonnull])
+fi
+
AC_ARG_WITH(rpath,
[ --without-rpath Disable auto-added -R linker paths],
[
@@ -198,6 +250,7 @@
netgroup.h \
pam/pam_appl.h \
paths.h \
+ poll.h \
pty.h \
readpassphrase.h \
rpc/types.h \
@@ -215,6 +268,7 @@
sys/dir.h \
sys/mman.h \
sys/ndir.h \
+ sys/poll.h \
sys/prctl.h \
sys/pstat.h \
sys/select.h \
@@ -229,6 +283,7 @@
time.h \
tmpdir.h \
ttyent.h \
+ ucred.h \
unistd.h \
usersec.h \
util.h \
@@ -334,7 +389,7 @@
[],
[#include <usersec.h>]
)
- AC_CHECK_FUNCS(setauthdb)
+ AC_CHECK_FUNCS(getgrset setauthdb)
AC_CHECK_DECL(F_CLOSEM,
AC_DEFINE(HAVE_FCNTL_CLOSEM, 1, [Use F_CLOSEM fcntl for closefrom]),
[],
@@ -396,6 +451,7 @@
AC_DEFINE(SETEUID_BREAKS_SETUID)
AC_DEFINE(BROKEN_SETREUID)
AC_DEFINE(BROKEN_SETREGID)
+ AC_DEFINE(BROKEN_GLOB, 1, [OS X glob does not do what we expect])
AC_DEFINE_UNQUOTED(BIND_8_COMPAT, 1,
[Define if your resolver libs need this for getrrsetbyname])
AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
@@ -403,6 +459,11 @@
[Use tunnel device compatibility to OpenBSD])
AC_DEFINE(SSH_TUN_PREPEND_AF, 1,
[Prepend the address family to IP tunnel traffic])
+ m4_pattern_allow(AU_IPv)
+ AC_CHECK_DECL(AU_IPv4, [],
+ AC_DEFINE(AU_IPv4, 0, [System only supports IPv4 audit records])
+ [#include <bsm/audit.h>]
+ )
;;
*-*-dragonfly*)
SSHDLIBS="$SSHDLIBS -lcrypt"
@@ -540,6 +601,7 @@
AC_DEFINE(SSH_TUN_FREEBSD, 1, [Open tunnel devices the FreeBSD way])
AC_CHECK_HEADER([net/if_tap.h], ,
AC_DEFINE(SSH_TUN_NO_L2, 1, [No layer 2 tunnel support]))
+ AC_DEFINE(BROKEN_GLOB, 1, [FreeBSD glob does not do what we need])
;;
*-*-bsdi*)
AC_DEFINE(SETEUID_BREAKS_SETUID)
@@ -776,7 +838,13 @@
AC_DEFINE(MISSING_FD_MASK, 1, [Define on *nto-qnx systems])
AC_DEFINE(DISABLE_LASTLOG)
AC_DEFINE(SSHD_ACQUIRES_CTTY)
+ AC_DEFINE(BROKEN_SHADOW_EXPIRE, 1, [QNX shadow support is broken])
enable_etc_default_login=no # has incompatible /etc/default/login
+ case "$host" in
+ *-*-nto-qnx6*)
+ AC_DEFINE(DISABLE_FD_PASSING)
+ ;;
+ esac
;;
*-*-ultrix*)
@@ -1109,8 +1177,7 @@
CPPFLAGS="-I${withval} ${CPPFLAGS}"
fi
fi
- LIBWRAP="-lwrap"
- LIBS="$LIBWRAP $LIBS"
+ LIBS="-lwrap $LIBS"
AC_MSG_CHECKING(for libwrap)
AC_TRY_LINK(
[
@@ -1126,7 +1193,7 @@
AC_DEFINE(LIBWRAP, 1,
[Define if you want
TCP Wrappers support])
- AC_SUBST(LIBWRAP)
+ SSHDLIBS="$SSHDLIBS -lwrap"
TCPW_MSG="yes"
],
[
@@ -1201,7 +1268,7 @@
AC_CHECK_FUNCS(getaudit, [],
[AC_MSG_ERROR(BSM enabled and required function not found)])
# These are optional
- AC_CHECK_FUNCS(getaudit_addr)
+ AC_CHECK_FUNCS(getaudit_addr aug_get_machine)
AC_DEFINE(USE_BSM_AUDIT, 1, [Use BSM audit module])
;;
debug)
@@ -1241,6 +1308,7 @@
getnameinfo \
getopt \
getpeereid \
+ getpeerucred \
_getpty \
getrlimit \
getttyent \
@@ -1259,6 +1327,7 @@
ogetaddrinfo \
openlog_r \
openpty \
+ poll \
prctl \
pstat \
readpassphrase \
@@ -1292,6 +1361,7 @@
strtonum \
strtoll \
strtoul \
+ swap32 \
sysconf \
tcgetpgrp \
truncate \
@@ -1364,6 +1434,14 @@
#include <unistd.h>
])
+AC_CHECK_DECLS(MAXSYMLINKS, , , [
+#include <sys/param.h>
+ ])
+
+AC_CHECK_DECLS(offsetof, , , [
+#include <stddef.h>
+ ])
+
AC_CHECK_FUNCS(setresuid, [
dnl Some platorms have setresuid that isn't implemented, test for this
AC_MSG_CHECKING(if setresuid seems to work)
@@ -1489,7 +1567,7 @@
# Check for missing getpeereid (or equiv) support
NO_PEERCHECK=""
-if test "x$ac_cv_func_getpeereid" != "xyes" ; then
+if test "x$ac_cv_func_getpeereid" != "xyes" -a "x$ac_cv_func_getpeerucred" != "xyes"; then
AC_MSG_CHECKING([whether system supports SO_PEERCRED getsockopt])
AC_TRY_COMPILE(
[#include <sys/types.h>
@@ -1977,7 +2055,15 @@
# Search for SHA256 support in libc and/or OpenSSL
AC_CHECK_FUNCS(SHA256_Update EVP_sha256)
-AC_CHECK_LIB(iaf, ia_openinfo)
+saved_LIBS="$LIBS"
+AC_CHECK_LIB(iaf, ia_openinfo, [
+ LIBS="$LIBS -liaf"
+ AC_CHECK_FUNCS(set_id, [SSHDLIBS="$SSHDLIBS -liaf"
+ AC_DEFINE(HAVE_LIBIAF, 1,
+ [Define if system has libiaf that supports set_id])
+ ])
+])
+LIBS="$saved_LIBS"
### Configure cryptographic random number support
@@ -2027,7 +2113,7 @@
PAM_MSG="yes"
- LIBPAM="-lpam"
+ SSHDLIBS="$SSHDLIBS -lpam"
AC_DEFINE(USE_PAM, 1,
[Define if you want to enable PAM support])
@@ -2037,11 +2123,10 @@
# libdl already in LIBS
;;
*)
- LIBPAM="$LIBPAM -ldl"
+ SSHDLIBS="$SSHDLIBS -ldl"
;;
esac
fi
- AC_SUBST(LIBPAM)
fi
]
)
@@ -3150,25 +3235,43 @@
[#include <arpa/nameser.h>])
])
+AC_MSG_CHECKING(if struct __res_state _res is an extern)
+AC_LINK_IFELSE([
+#include <stdio.h>
+#if HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#include <netinet/in.h>
+#include <arpa/nameser.h>
+#include <resolv.h>
+extern struct __res_state _res;
+int main() { return 0; }
+ ],
+ [AC_MSG_RESULT(yes)
+ AC_DEFINE(HAVE__RES_EXTERN, 1,
+ [Define if you have struct __res_state _res as an extern])
+ ],
+ [ AC_MSG_RESULT(no) ]
+)
+
# Check whether user wants SELinux support
SELINUX_MSG="no"
LIBSELINUX=""
AC_ARG_WITH(selinux,
- [ --with-selinux Enable SELinux support],
+ [ --with-selinux Enable SELinux support],
[ if test "x$withval" != "xno" ; then
+ save_LIBS="$LIBS"
AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
SELINUX_MSG="yes"
AC_CHECK_HEADER([selinux/selinux.h], ,
AC_MSG_ERROR(SELinux support requires selinux.h header))
AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
AC_MSG_ERROR(SELinux support requires libselinux library))
- save_LIBS="$LIBS"
- LIBS="$LIBS $LIBSELINUX"
+ SSHDLIBS="$SSHDLIBS $LIBSELINUX"
AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
LIBS="$save_LIBS"
fi ]
)
-AC_SUBST(LIBSELINUX)
# Check whether user wants Kerberos 5 support
KRB5_MSG="no"
@@ -4004,7 +4107,10 @@
echo " Compiler flags: ${CFLAGS}"
echo "Preprocessor flags: ${CPPFLAGS}"
echo " Linker flags: ${LDFLAGS}"
-echo " Libraries: ${LIBWRAP} ${LIBPAM} ${LIBS}"
+echo " Libraries: ${LIBS}"
+if test ! -z "${SSHDLIBS}"; then
+echo " +for sshd: ${SSHDLIBS}"
+fi
echo ""
@@ -4030,12 +4136,12 @@
fi
if test ! -z "$NO_PEERCHECK" ; then
- echo "WARNING: the operating system that you are using does not "
- echo "appear to support either the getpeereid() API nor the "
- echo "SO_PEERCRED getsockopt() option. These facilities are used to "
- echo "enforce security checks to prevent unauthorised connections to "
- echo "ssh-agent. Their absence increases the risk that a malicious "
- echo "user can connect to your agent. "
+ echo "WARNING: the operating system that you are using does not"
+ echo "appear to support getpeereid(), getpeerucred() or the"
+ echo "SO_PEERCRED getsockopt() option. These facilities are used to"
+ echo "enforce security checks to prevent unauthorised connections to"
+ echo "ssh-agent. Their absence increases the risk that a malicious"
+ echo "user can connect to your agent."
echo ""
fi
Index: sftp-client.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sftp-client.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/sftp-client.c -L crypto/openssh/sftp-client.c -u -r1.4 -r1.5
--- crypto/openssh/sftp-client.c
+++ crypto/openssh/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.76 2007/01/22 11:32:50 djm Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.81 2008/03/23 12:54:01 djm Exp $ */
/*
* Copyright (c) 2001-2004 Damien Miller <djm at openbsd.org>
*
@@ -65,6 +65,8 @@
u_int num_requests;
u_int version;
u_int msg_id;
+#define SFTP_EXT_POSIX_RENAME 1
+ u_int exts;
};
static void
@@ -239,7 +241,7 @@
struct sftp_conn *
do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests)
{
- u_int type;
+ u_int type, exts = 0;
int version;
Buffer msg;
struct sftp_conn *ret;
@@ -270,6 +272,8 @@
char *value = buffer_get_string(&msg, NULL);
debug2("Init extension: \"%s\"", name);
+ if (strcmp(name, "posix-rename at openssh.com") == 0)
+ exts |= SFTP_EXT_POSIX_RENAME;
xfree(name);
xfree(value);
}
@@ -283,6 +287,7 @@
ret->num_requests = num_requests;
ret->version = version;
ret->msg_id = 1;
+ ret->exts = exts;
/* Some filexfer v.0 servers don't support large packets */
if (version == 0)
@@ -534,6 +539,7 @@
return(get_decode_stat(conn->fd_in, id, quiet));
}
+#ifdef notyet
Attrib *
do_fstat(struct sftp_conn *conn, char *handle, u_int handle_len, int quiet)
{
@@ -545,6 +551,7 @@
return(get_decode_stat(conn->fd_in, id, quiet));
}
+#endif
int
do_setstat(struct sftp_conn *conn, char *path, Attrib *a)
@@ -637,13 +644,20 @@
/* Send rename request */
id = conn->msg_id++;
- buffer_put_char(&msg, SSH2_FXP_RENAME);
- buffer_put_int(&msg, id);
+ if ((conn->exts & SFTP_EXT_POSIX_RENAME)) {
+ buffer_put_char(&msg, SSH2_FXP_EXTENDED);
+ buffer_put_int(&msg, id);
+ buffer_put_cstring(&msg, "posix-rename at openssh.com");
+ } else {
+ buffer_put_char(&msg, SSH2_FXP_RENAME);
+ buffer_put_int(&msg, id);
+ }
buffer_put_cstring(&msg, oldpath);
buffer_put_cstring(&msg, newpath);
send_msg(conn->fd_out, &msg);
- debug3("Sent message SSH2_FXP_RENAME \"%s\" -> \"%s\"", oldpath,
- newpath);
+ debug3("Sent message %s \"%s\" -> \"%s\"",
+ (conn->exts & SFTP_EXT_POSIX_RENAME) ? "posix-rename at openssh.com" :
+ "SSH2_FXP_RENAME", oldpath, newpath);
buffer_free(&msg);
status = get_status(conn->fd_in, id);
@@ -686,6 +700,7 @@
return(status);
}
+#ifdef notyet
char *
do_readlink(struct sftp_conn *conn, char *path)
{
@@ -732,6 +747,7 @@
return(filename);
}
+#endif
static void
send_read_request(int fd_out, u_int id, u_int64_t offset, u_int len,
@@ -819,6 +835,7 @@
if (local_fd == -1) {
error("Couldn't open local file \"%s\" for writing: %s",
local_path, strerror(errno));
+ do_close(conn, handle, handle_len);
buffer_free(&msg);
xfree(handle);
return(-1);
@@ -992,9 +1009,10 @@
do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
int pflag)
{
- int local_fd, status;
+ int local_fd;
+ int status = SSH2_FX_OK;
u_int handle_len, id, type;
- u_int64_t offset;
+ off_t offset;
char *handle, *data;
Buffer msg;
struct stat sb;
@@ -1004,7 +1022,7 @@
struct outstanding_ack {
u_int id;
u_int len;
- u_int64_t offset;
+ off_t offset;
TAILQ_ENTRY(outstanding_ack) tq;
};
TAILQ_HEAD(ackhead, outstanding_ack) acks;
@@ -1054,7 +1072,7 @@
if (handle == NULL) {
close(local_fd);
buffer_free(&msg);
- return(-1);
+ return -1;
}
startid = ackid = id + 1;
@@ -1074,7 +1092,7 @@
* Simulate an EOF on interrupt, allowing ACKs from the
* server to drain.
*/
- if (interrupted)
+ if (interrupted || status != SSH2_FX_OK)
len = 0;
else do
len = read(local_fd, data, conn->transfer_buflen);
@@ -1130,46 +1148,40 @@
if (ack == NULL)
fatal("Can't find request for ID %u", r_id);
TAILQ_REMOVE(&acks, ack, tq);
-
- if (status != SSH2_FX_OK) {
- error("Couldn't write to remote file \"%s\": %s",
- remote_path, fx2txt(status));
- if (showprogress)
- stop_progress_meter();
- do_close(conn, handle, handle_len);
- close(local_fd);
- xfree(data);
- xfree(ack);
- status = -1;
- goto done;
- }
- debug3("In write loop, ack for %u %u bytes at %llu",
- ack->id, ack->len, (unsigned long long)ack->offset);
+ debug3("In write loop, ack for %u %u bytes at %lld",
+ ack->id, ack->len, (long long)ack->offset);
++ackid;
xfree(ack);
}
offset += len;
+ if (offset < 0)
+ fatal("%s: offset < 0", __func__);
}
+ buffer_free(&msg);
+
if (showprogress)
stop_progress_meter();
xfree(data);
+ if (status != SSH2_FX_OK) {
+ error("Couldn't write to remote file \"%s\": %s",
+ remote_path, fx2txt(status));
+ status = -1;
+ }
+
if (close(local_fd) == -1) {
error("Couldn't close local file \"%s\": %s", local_path,
strerror(errno));
- do_close(conn, handle, handle_len);
status = -1;
- goto done;
}
/* Override umask and utimes if asked */
if (pflag)
do_fsetstat(conn, handle, handle_len, &a);
- status = do_close(conn, handle, handle_len);
-
-done:
+ if (do_close(conn, handle, handle_len) != SSH2_FX_OK)
+ status = -1;
xfree(handle);
- buffer_free(&msg);
- return(status);
+
+ return status;
}
Index: sshconnect.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sshconnect.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/sshconnect.h -L crypto/openssh/sshconnect.h -u -r1.3 -r1.4
--- crypto/openssh/sshconnect.h
+++ crypto/openssh/sshconnect.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.h,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.24 2007/09/04 11:15:56 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -33,10 +33,10 @@
int
ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int,
- int, const char *);
+ int *, int, int, const char *);
void
-ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *);
+ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *, int);
int verify_host_key(char *, struct sockaddr *, Key *);
Index: servconf.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/servconf.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/servconf.h -L crypto/openssh/servconf.h -u -r1.4 -r1.5
--- crypto/openssh/servconf.h
+++ crypto/openssh/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.80 2007/02/19 10:45:58 dtucker Exp $ */
+/* $OpenBSD: servconf.h,v 1.82 2008/02/13 22:38:17 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -36,6 +36,9 @@
#define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */
+/* Magic name for internal sftp-server */
+#define INTERNAL_SFTP_NAME "internal-sftp"
+
typedef struct {
u_int num_ports;
u_int ports_from_cmdline;
@@ -141,6 +144,8 @@
int permit_tun;
int num_permitted_opens;
+
+ char *chroot_directory;
} ServerOptions;
void initialize_server_options(ServerOptions *);
Index: sshconnect.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sshconnect.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/sshconnect.c -L crypto/openssh/sshconnect.c -u -r1.4 -r1.5
--- crypto/openssh/sshconnect.c
+++ crypto/openssh/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.200 2006/10/10 10:12:45 markus Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.203 2007/12/27 14:22:08 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -77,6 +77,23 @@
static int show_other_keys(const char *, Key *);
static void warn_changed_key(Key *);
+static void
+ms_subtract_diff(struct timeval *start, int *ms)
+{
+ struct timeval diff, finish;
+
+ gettimeofday(&finish, NULL);
+ timersub(&finish, start, &diff);
+ *ms -= (diff.tv_sec * 1000) + (diff.tv_usec / 1000);
+}
+
+static void
+ms_to_timeval(struct timeval *tv, int ms)
+{
+ tv->tv_sec = ms / 1000;
+ tv->tv_usec = (ms % 1000) * 1000;
+}
+
/*
* Connect to the given ssh server using a proxy command.
*/
@@ -86,7 +103,10 @@
char *command_string, *tmp;
int pin[2], pout[2];
pid_t pid;
- char strport[NI_MAXSERV];
+ char *shell, strport[NI_MAXSERV];
+
+ if ((shell = getenv("SHELL")) == NULL)
+ shell = _PATH_BSHELL;
/* Convert the port number into a string. */
snprintf(strport, sizeof strport, "%hu", port);
@@ -132,7 +152,7 @@
/* Stderr is left as it is so that error messages get
printed on the user's terminal. */
- argv[0] = _PATH_BSHELL;
+ argv[0] = shell;
argv[1] = "-c";
argv[2] = command_string;
argv[3] = NULL;
@@ -204,7 +224,7 @@
gaierr = getaddrinfo(options.bind_address, "0", &hints, &res);
if (gaierr) {
error("getaddrinfo: %s: %s", options.bind_address,
- gai_strerror(gaierr));
+ ssh_gai_strerror(gaierr));
close(sock);
return -1;
}
@@ -220,30 +240,36 @@
static int
timeout_connect(int sockfd, const struct sockaddr *serv_addr,
- socklen_t addrlen, int timeout)
+ socklen_t addrlen, int *timeoutp)
{
fd_set *fdset;
- struct timeval tv;
+ struct timeval tv, t_start;
socklen_t optlen;
int optval, rc, result = -1;
- if (timeout <= 0)
- return (connect(sockfd, serv_addr, addrlen));
+ gettimeofday(&t_start, NULL);
+
+ if (*timeoutp <= 0) {
+ result = connect(sockfd, serv_addr, addrlen);
+ goto done;
+ }
set_nonblock(sockfd);
rc = connect(sockfd, serv_addr, addrlen);
if (rc == 0) {
unset_nonblock(sockfd);
- return (0);
+ result = 0;
+ goto done;
+ }
+ if (errno != EINPROGRESS) {
+ result = -1;
+ goto done;
}
- if (errno != EINPROGRESS)
- return (-1);
fdset = (fd_set *)xcalloc(howmany(sockfd + 1, NFDBITS),
sizeof(fd_mask));
FD_SET(sockfd, fdset);
- tv.tv_sec = timeout;
- tv.tv_usec = 0;
+ ms_to_timeval(&tv, *timeoutp);
for (;;) {
rc = select(sockfd + 1, NULL, fdset, NULL, &tv);
@@ -282,6 +308,16 @@
}
xfree(fdset);
+
+ done:
+ if (result == 0 && *timeoutp > 0) {
+ ms_subtract_diff(&t_start, timeoutp);
+ if (*timeoutp <= 0) {
+ errno = ETIMEDOUT;
+ result = -1;
+ }
+ }
+
return (result);
}
@@ -298,8 +334,8 @@
*/
int
ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
- u_short port, int family, int connection_attempts,
- int needpriv, const char *proxy_command)
+ u_short port, int family, int connection_attempts, int *timeout_ms,
+ int want_keepalive, int needpriv, const char *proxy_command)
{
int gaierr;
int on = 1;
@@ -320,8 +356,8 @@
hints.ai_socktype = SOCK_STREAM;
snprintf(strport, sizeof strport, "%u", port);
if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0)
- fatal("%s: %.100s: %s", __progname, host,
- gai_strerror(gaierr));
+ fatal("%s: Could not resolve hostname %.100s: %s", __progname,
+ host, ssh_gai_strerror(gaierr));
for (attempt = 0; attempt < connection_attempts; attempt++) {
if (attempt > 0) {
@@ -352,7 +388,7 @@
continue;
if (timeout_connect(sock, ai->ai_addr, ai->ai_addrlen,
- options.connection_timeout) >= 0) {
+ timeout_ms) >= 0) {
/* Successful connection. */
memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
break;
@@ -379,7 +415,7 @@
debug("Connection established.");
/* Set SO_KEEPALIVE if requested. */
- if (options.tcp_keep_alive &&
+ if (want_keepalive &&
setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *)&on,
sizeof(on)) < 0)
error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
@@ -395,7 +431,7 @@
* identification string.
*/
static void
-ssh_exchange_identification(void)
+ssh_exchange_identification(int timeout_ms)
{
char buf[256], remote_version[256]; /* must be same size! */
int remote_major, remote_minor, mismatch;
@@ -403,16 +439,44 @@
int connection_out = packet_get_connection_out();
int minor1 = PROTOCOL_MINOR_1;
u_int i, n;
+ size_t len;
+ int fdsetsz, remaining, rc;
+ struct timeval t_start, t_remaining;
+ fd_set *fdset;
+
+ fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask);
+ fdset = xcalloc(1, fdsetsz);
/* Read other side's version identification. */
+ remaining = timeout_ms;
for (n = 0;;) {
for (i = 0; i < sizeof(buf) - 1; i++) {
- size_t len = atomicio(read, connection_in, &buf[i], 1);
+ if (timeout_ms > 0) {
+ gettimeofday(&t_start, NULL);
+ ms_to_timeval(&t_remaining, remaining);
+ FD_SET(connection_in, fdset);
+ rc = select(connection_in + 1, fdset, NULL,
+ fdset, &t_remaining);
+ ms_subtract_diff(&t_start, &remaining);
+ if (rc == 0 || remaining <= 0)
+ fatal("Connection timed out during "
+ "banner exchange");
+ if (rc == -1) {
+ if (errno == EINTR)
+ continue;
+ fatal("ssh_exchange_identification: "
+ "select: %s", strerror(errno));
+ }
+ }
+
+ len = atomicio(read, connection_in, &buf[i], 1);
if (len != 1 && errno == EPIPE)
- fatal("ssh_exchange_identification: Connection closed by remote host");
+ fatal("ssh_exchange_identification: "
+ "Connection closed by remote host");
else if (len != 1)
- fatal("ssh_exchange_identification: read: %.100s", strerror(errno));
+ fatal("ssh_exchange_identification: "
+ "read: %.100s", strerror(errno));
if (buf[i] == '\r') {
buf[i] = '\n';
buf[i + 1] = 0;
@@ -423,7 +487,8 @@
break;
}
if (++n > 65536)
- fatal("ssh_exchange_identification: No banner received");
+ fatal("ssh_exchange_identification: "
+ "No banner received");
}
buf[sizeof(buf) - 1] = 0;
if (strncmp(buf, "SSH-", 4) == 0)
@@ -431,6 +496,7 @@
debug("ssh_exchange_identification: %s", buf);
}
server_version_string = xstrdup(buf);
+ xfree(fdset);
/*
* Check that the versions match. In future this might accept
@@ -943,7 +1009,7 @@
*/
void
ssh_login(Sensitive *sensitive, const char *orighost,
- struct sockaddr *hostaddr, struct passwd *pw)
+ struct sockaddr *hostaddr, struct passwd *pw, int timeout_ms)
{
char *host, *cp;
char *server_user, *local_user;
@@ -958,7 +1024,7 @@
*cp = (char)tolower(*cp);
/* Exchange protocol version identification strings with the server. */
- ssh_exchange_identification();
+ ssh_exchange_identification(timeout_ms);
/* Put the connection into non-blocking mode. */
packet_set_nonblocking();
Index: kex.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/kex.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/kex.c -L crypto/openssh/kex.c -u -r1.4 -r1.5
--- crypto/openssh/kex.c
+++ crypto/openssh/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.77 2007/01/21 01:41:54 stevesk Exp $ */
+/* $OpenBSD: kex.c,v 1.79 2007/06/05 06:52:37 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@@ -87,7 +87,7 @@
kex_buf2prop(Buffer *raw, int *first_kex_follows)
{
Buffer b;
- int i;
+ u_int i;
char **proposal;
proposal = xcalloc(PROPOSAL_MAX, sizeof(char *));
@@ -108,7 +108,7 @@
*first_kex_follows = i;
debug2("kex_parse_kexinit: first_kex_follows %d ", i);
i = buffer_get_int(&b);
- debug2("kex_parse_kexinit: reserved %d ", i);
+ debug2("kex_parse_kexinit: reserved %u ", i);
buffer_free(&b);
return proposal;
}
@@ -123,6 +123,7 @@
xfree(proposal);
}
+/* ARGSUSED */
static void
kex_protocol_error(int type, u_int32_t seq, void *ctxt)
{
@@ -194,6 +195,7 @@
kex->flags |= KEX_INIT_SENT;
}
+/* ARGSUSED */
void
kex_input_kexinit(int type, u_int32_t seq, void *ctxt)
{
@@ -258,7 +260,8 @@
{
char *name = match_list(client, server, NULL);
if (name == NULL)
- fatal("no matching cipher found: client %s server %s", client, server);
+ fatal("no matching cipher found: client %s server %s",
+ client, server);
if ((enc->cipher = cipher_by_name(name)) == NULL)
fatal("matching cipher is not supported: %s", name);
enc->name = name;
@@ -274,8 +277,9 @@
{
char *name = match_list(client, server, NULL);
if (name == NULL)
- fatal("no matching mac found: client %s server %s", client, server);
- if (mac_init(mac, name) < 0)
+ fatal("no matching mac found: client %s server %s",
+ client, server);
+ if (mac_setup(mac, name) < 0)
fatal("unsupported mac %s", name);
/* truncate the key */
if (datafellows & SSH_BUG_HMAC)
@@ -308,7 +312,7 @@
{
k->name = match_list(client, server, NULL);
if (k->name == NULL)
- fatal("no kex alg");
+ fatal("Unable to negotiate a key exchange method");
if (strcmp(k->name, KEX_DH1) == 0) {
k->kex_type = KEX_DH_GRP1_SHA1;
k->evp_md = EVP_sha1();
@@ -388,7 +392,8 @@
for (mode = 0; mode < MODE_MAX; mode++) {
newkeys = xcalloc(1, sizeof(*newkeys));
kex->newkeys[mode] = newkeys;
- ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN);
+ ctos = (!kex->server && mode == MODE_OUT) ||
+ (kex->server && mode == MODE_IN);
nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC;
nmac = ctos ? PROPOSAL_MAC_ALGS_CTOS : PROPOSAL_MAC_ALGS_STOC;
ncomp = ctos ? PROPOSAL_COMP_ALGS_CTOS : PROPOSAL_COMP_ALGS_STOC;
Index: sshd_config
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sshd_config,v
retrieving revision 1.6
retrieving revision 1.7
diff -L crypto/openssh/sshd_config -L crypto/openssh/sshd_config -u -r1.6 -r1.7
--- crypto/openssh/sshd_config
+++ crypto/openssh/sshd_config
@@ -1,5 +1,5 @@
-# $OpenBSD: sshd_config,v 1.74 2006/07/19 13:07:10 dtucker Exp $
-# $MidnightBSD$
+# $MidnightBSD$
+# $OpenBSD: sshd_config,v 1.77 2008/02/08 23:24:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
@@ -12,11 +12,15 @@
# default value.
#Port 22
-#Protocol 2,1
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
+# Disable legacy (protocol version 1) support in the server for new
+# installations. In future the default will change to require explicit
+# activation of protocol 1
+Protocol 2
+
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
@@ -99,9 +103,10 @@
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
+#ChrootDirectory none
# no default banner path
-#Banner /some/path
+#Banner none
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
Index: session.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/session.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/session.c -L crypto/openssh/session.c -u -r1.4 -r1.5
--- crypto/openssh/session.c
+++ crypto/openssh/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.221 2007/01/21 01:41:54 stevesk Exp $ */
+/* $OpenBSD: session.c,v 1.233 2008/03/26 21:28:14 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -84,9 +84,11 @@
#include "sshlogin.h"
#include "serverloop.h"
#include "canohost.h"
+#include "misc.h"
#include "session.h"
#include "kex.h"
#include "monitor_wrap.h"
+#include "sftp.h"
#if defined(KRB5) && defined(USE_AFS)
#include <kafs.h>
@@ -129,9 +131,13 @@
const char *original_command = NULL;
/* data */
-#define MAX_SESSIONS 10
+#define MAX_SESSIONS 20
Session sessions[MAX_SESSIONS];
+#define SUBSYSTEM_NONE 0
+#define SUBSYSTEM_EXT 1
+#define SUBSYSTEM_INT_SFTP 2
+
#ifdef HAVE_LOGIN_CAP
login_cap_t *lc;
#endif
@@ -422,11 +428,6 @@
session_proctitle(s);
-#if defined(USE_PAM)
- if (options.use_pam && !use_privsep)
- do_pam_setcred(1);
-#endif /* USE_PAM */
-
/* Fork the child. */
if ((pid = fork()) == 0) {
is_child = 1;
@@ -557,14 +558,6 @@
ptyfd = s->ptyfd;
ttyfd = s->ttyfd;
-#if defined(USE_PAM)
- if (options.use_pam) {
- do_pam_set_tty(s->tty);
- if (!use_privsep)
- do_pam_setcred(1);
- }
-#endif
-
/* Fork the child. */
if ((pid = fork()) == 0) {
is_child = 1;
@@ -683,10 +676,18 @@
if (options.adm_forced_command) {
original_command = command;
command = options.adm_forced_command;
+ if (strcmp(INTERNAL_SFTP_NAME, command) == 0)
+ s->is_subsystem = SUBSYSTEM_INT_SFTP;
+ else if (s->is_subsystem)
+ s->is_subsystem = SUBSYSTEM_EXT;
debug("Forced command (config) '%.900s'", command);
} else if (forced_command) {
original_command = command;
command = forced_command;
+ if (strcmp(INTERNAL_SFTP_NAME, command) == 0)
+ s->is_subsystem = SUBSYSTEM_INT_SFTP;
+ else if (s->is_subsystem)
+ s->is_subsystem = SUBSYSTEM_EXT;
debug("Forced command (key option) '%.900s'", command);
}
@@ -701,7 +702,6 @@
PRIVSEP(audit_run_command(shell));
}
#endif
-
if (s->ttyfd != -1)
do_exec_pty(s, command);
else
@@ -897,8 +897,9 @@
;
if (!*cp || *cp == '#' || *cp == '\n')
continue;
- if (strchr(cp, '\n'))
- *strchr(cp, '\n') = '\0';
+
+ cp[strcspn(cp, "\n")] = '\0';
+
value = strchr(cp, '=');
if (value == NULL) {
fprintf(stderr, "Bad line %u in %.100s\n", lineno,
@@ -1201,8 +1202,9 @@
do_xauth =
s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL;
- /* ignore _PATH_SSH_USER_RC for subsystems */
- if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) {
+ /* ignore _PATH_SSH_USER_RC for subsystems and admin forced commands */
+ if (!s->is_subsystem && options.adm_forced_command == NULL &&
+ !no_user_rc && (stat(_PATH_SSH_USER_RC, &st) >= 0)) {
snprintf(cmd, sizeof cmd, "%s -c '%s %s'",
shell, _PATH_BSHELL, _PATH_SSH_USER_RC);
if (debug_flag)
@@ -1283,10 +1285,72 @@
}
}
+/*
+ * Chroot into a directory after checking it for safety: all path components
+ * must be root-owned directories with strict permissions.
+ */
+static void
+safely_chroot(const char *path, uid_t uid)
+{
+ const char *cp;
+ char component[MAXPATHLEN];
+ struct stat st;
+
+ if (*path != '/')
+ fatal("chroot path does not begin at root");
+ if (strlen(path) >= sizeof(component))
+ fatal("chroot path too long");
+
+ /*
+ * Descend the path, checking that each component is a
+ * root-owned directory with strict permissions.
+ */
+ for (cp = path; cp != NULL;) {
+ if ((cp = strchr(cp, '/')) == NULL)
+ strlcpy(component, path, sizeof(component));
+ else {
+ cp++;
+ memcpy(component, path, cp - path);
+ component[cp - path] = '\0';
+ }
+
+ debug3("%s: checking '%s'", __func__, component);
+
+ if (stat(component, &st) != 0)
+ fatal("%s: stat(\"%s\"): %s", __func__,
+ component, strerror(errno));
+ if (st.st_uid != 0 || (st.st_mode & 022) != 0)
+ fatal("bad ownership or modes for chroot "
+ "directory %s\"%s\"",
+ cp == NULL ? "" : "component ", component);
+ if (!S_ISDIR(st.st_mode))
+ fatal("chroot path %s\"%s\" is not a directory",
+ cp == NULL ? "" : "component ", component);
+
+ }
+
+ if (chdir(path) == -1)
+ fatal("Unable to chdir to chroot path \"%s\": "
+ "%s", path, strerror(errno));
+ if (chroot(path) == -1)
+ fatal("chroot(\"%s\"): %s", path, strerror(errno));
+ if (chdir("/") == -1)
+ fatal("%s: chdir(/) after chroot: %s",
+ __func__, strerror(errno));
+ verbose("Changed root directory to \"%s\"", path);
+}
+
/* Set login name, uid, gid, and groups. */
void
do_setusercontext(struct passwd *pw)
{
+ char *chroot_path, *tmp;
+
+#ifdef WITH_SELINUX
+ /* Cache selinux status for later use */
+ (void)ssh_selinux_enabled();
+#endif
+
#ifndef HAVE_CYGWIN
if (getuid() == 0 || geteuid() == 0)
#endif /* HAVE_CYGWIN */
@@ -1300,21 +1364,13 @@
# ifdef __bsdi__
setpgid(0, 0);
# endif
-#ifdef GSSAPI
- if (options.gss_authentication) {
- temporarily_use_uid(pw);
- ssh_gssapi_storecreds();
- restore_uid();
- }
-#endif
# ifdef USE_PAM
if (options.use_pam) {
- do_pam_session();
- do_pam_setcred(0);
+ do_pam_setcred(use_privsep);
}
# endif /* USE_PAM */
if (setusercontext(lc, pw, pw->pw_uid,
- (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
+ (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) {
perror("unable to set user context");
exit(1);
}
@@ -1337,13 +1393,6 @@
exit(1);
}
endgrent();
-#ifdef GSSAPI
- if (options.gss_authentication) {
- temporarily_use_uid(pw);
- ssh_gssapi_storecreds();
- restore_uid();
- }
-#endif
# ifdef USE_PAM
/*
* PAM credentials may take the form of supplementary groups.
@@ -1351,21 +1400,39 @@
* Reestablish them here.
*/
if (options.use_pam) {
- do_pam_session();
- do_pam_setcred(0);
+ do_pam_setcred(use_privsep);
}
# endif /* USE_PAM */
# if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)
irix_setusercontext(pw);
-# endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
+# endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
# ifdef _AIX
aix_usrinfo(pw);
# endif /* _AIX */
-#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
+# ifdef USE_LIBIAF
if (set_id(pw->pw_name) != 0) {
exit(1);
}
-#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
+# endif /* USE_LIBIAF */
+#endif
+
+ if (options.chroot_directory != NULL &&
+ strcasecmp(options.chroot_directory, "none") != 0) {
+ tmp = tilde_expand_filename(options.chroot_directory,
+ pw->pw_uid);
+ chroot_path = percent_expand(tmp, "h", pw->pw_dir,
+ "u", pw->pw_name, (char *)NULL);
+ safely_chroot(chroot_path, pw->pw_uid);
+ free(tmp);
+ free(chroot_path);
+ }
+
+#ifdef HAVE_LOGIN_CAP
+ if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) {
+ perror("unable to set user context (setuser)");
+ exit(1);
+ }
+#else
/* Permanently switch to the desired uid. */
permanently_set_uid(pw);
#endif
@@ -1464,12 +1531,13 @@
* environment, closing extra file descriptors, setting the user and group
* ids, and executing the command or shell.
*/
+#define ARGV_MAX 10
void
do_child(Session *s, const char *command)
{
extern char **environ;
char **env;
- char *argv[10];
+ char *argv[ARGV_MAX];
const char *shell, *shell0, *hostname = NULL;
struct passwd *pw = s->pw;
@@ -1595,12 +1663,30 @@
#endif
}
+ closefrom(STDERR_FILENO + 1);
+
if (!options.use_login)
do_rc_files(s, shell);
/* restore SIGPIPE for child */
signal(SIGPIPE, SIG_DFL);
+ if (s->is_subsystem == SUBSYSTEM_INT_SFTP) {
+ extern int optind, optreset;
+ int i;
+ char *p, *args;
+
+ setproctitle("%s at internal-sftp-server", s->pw->pw_name);
+ args = strdup(command ? command : "sftp-server");
+ for (i = 0, (p = strtok(args, " ")); p; (p = strtok(NULL, " ")))
+ if (i < ARGV_MAX - 1)
+ argv[i++] = p;
+ argv[i] = NULL;
+ optind = optreset = 1;
+ __progname = argv[0];
+ exit(sftp_server_main(i, argv, s->pw));
+ }
+
if (options.use_login) {
launch_login(pw, hostname);
/* NEVERREACHED */
@@ -1873,13 +1959,16 @@
if (strcmp(subsys, options.subsystem_name[i]) == 0) {
prog = options.subsystem_command[i];
cmd = options.subsystem_args[i];
- if (stat(prog, &st) < 0) {
+ if (!strcmp(INTERNAL_SFTP_NAME, prog)) {
+ s->is_subsystem = SUBSYSTEM_INT_SFTP;
+ } else if (stat(prog, &st) < 0) {
error("subsystem: cannot stat %s: %s", prog,
strerror(errno));
break;
+ } else {
+ s->is_subsystem = SUBSYSTEM_EXT;
}
debug("subsystem: exec() %s", cmd);
- s->is_subsystem = 1;
do_exec(s, cmd);
success = 1;
break;
@@ -2203,7 +2292,7 @@
channel_request_start(s->chanid, "exit-signal", 0);
packet_put_cstring(sig2name(WTERMSIG(status)));
#ifdef WCOREDUMP
- packet_put_char(WCOREDUMP(status));
+ packet_put_char(WCOREDUMP(status)? 1 : 0);
#else /* WCOREDUMP */
packet_put_char(0);
#endif /* WCOREDUMP */
@@ -2478,8 +2567,19 @@
return;
called = 1;
- if (authctxt == NULL || !authctxt->authenticated)
+ if (authctxt == NULL)
+ return;
+
+#ifdef USE_PAM
+ if (options.use_pam) {
+ sshpam_cleanup();
+ sshpam_thread_cleanup();
+ }
+#endif
+
+ if (!authctxt->authenticated)
return;
+
#ifdef KRB5
if (options.kerberos_ticket_cleanup &&
authctxt->krb5_ctx)
@@ -2491,13 +2591,6 @@
ssh_gssapi_cleanup_creds();
#endif
-#ifdef USE_PAM
- if (options.use_pam) {
- sshpam_cleanup();
- sshpam_thread_cleanup();
- }
-#endif
-
/* remove agent socket */
auth_sock_cleanup_proc(authctxt->pw);
Index: auth-passwd.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth-passwd.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/auth-passwd.c -L crypto/openssh/auth-passwd.c -u -r1.4 -r1.5
--- crypto/openssh/auth-passwd.c
+++ crypto/openssh/auth-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-passwd.c,v 1.40 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-passwd.c,v 1.43 2007/09/21 08:15:29 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
Index: scp.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/scp.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/scp.c -L crypto/openssh/scp.c -u -r1.4 -r1.5
--- crypto/openssh/scp.c
+++ crypto/openssh/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.156 2007/01/22 13:06:21 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.162 2008/01/01 09:06:39 dtucker Exp $ */
/*
* scp - secure remote copy. This is basically patched BSD rcp which
* uses ssh to do the data transfer (instead of using rcmd).
@@ -78,6 +78,13 @@
#ifdef HAVE_SYS_STAT_H
# include <sys/stat.h>
#endif
+#ifdef HAVE_POLL_H
+#include <poll.h>
+#else
+# ifdef HAVE_SYS_POLL_H
+# include <sys/poll.h>
+# endif
+#endif
#ifdef HAVE_SYS_TIME_H
# include <sys/time.h>
#endif
@@ -96,6 +103,9 @@
#include <string.h>
#include <time.h>
#include <unistd.h>
+#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H)
+#include <vis.h>
+#endif
#include "xmalloc.h"
#include "atomicio.h"
@@ -106,6 +116,8 @@
extern char *__progname;
+#define COPY_BUFLEN 16384
+
int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout);
void bwlimit(int);
@@ -279,6 +291,7 @@
void source(int, char *[]);
void tolocal(int, char *[]);
void toremote(char *, int, char *[]);
+size_t scpio(ssize_t (*)(int, void *, size_t), int, void *, size_t, off_t *);
void usage(void);
int
@@ -438,6 +451,43 @@
exit(errs != 0);
}
+/*
+ * atomicio-like wrapper that also applies bandwidth limits and updates
+ * the progressmeter counter.
+ */
+size_t
+scpio(ssize_t (*f)(int, void *, size_t), int fd, void *_p, size_t l, off_t *c)
+{
+ u_char *p = (u_char *)_p;
+ size_t offset;
+ ssize_t r;
+ struct pollfd pfd;
+
+ pfd.fd = fd;
+ pfd.events = f == read ? POLLIN : POLLOUT;
+ for (offset = 0; offset < l;) {
+ r = f(fd, p + offset, l - offset);
+ if (r == 0) {
+ errno = EPIPE;
+ return offset;
+ }
+ if (r < 0) {
+ if (errno == EINTR)
+ continue;
+ if (errno == EAGAIN) {
+ (void)poll(&pfd, 1, -1); /* Ignore errors */
+ continue;
+ }
+ return offset;
+ }
+ offset += (size_t)r;
+ *c += (off_t)r;
+ if (limit_rate)
+ bwlimit(r);
+ }
+ return offset;
+}
+
void
toremote(char *targ, int argc, char **argv)
{
@@ -580,9 +630,8 @@
static BUF buffer;
BUF *bp;
off_t i, amt, statbytes;
- size_t result;
int fd = -1, haderr, indx;
- char *last, *name, buf[2048];
+ char *last, *name, buf[2048], encname[MAXPATHLEN];
int len;
for (indx = 0; indx < argc; ++indx) {
@@ -591,17 +640,17 @@
len = strlen(name);
while (len > 1 && name[len-1] == '/')
name[--len] = '\0';
+ if ((fd = open(name, O_RDONLY|O_NONBLOCK, 0)) < 0)
+ goto syserr;
if (strchr(name, '\n') != NULL) {
- run_err("%s: skipping, filename contains a newline",
- name);
- goto next;
+ strnvis(encname, name, sizeof(encname), VIS_NL);
+ name = encname;
}
- if ((fd = open(name, O_RDONLY, 0)) < 0)
- goto syserr;
if (fstat(fd, &stb) < 0) {
syserr: run_err("%s: %s", name, strerror(errno));
goto next;
}
+ unset_nonblock(fd);
switch (stb.st_mode & S_IFMT) {
case S_IFREG:
break;
@@ -626,8 +675,14 @@
* versions expecting microseconds.
*/
(void) snprintf(buf, sizeof buf, "T%lu 0 %lu 0\n",
- (u_long) stb.st_mtime,
- (u_long) stb.st_atime);
+ (u_long) (stb.st_mtime < 0 ? 0 : stb.st_mtime),
+ (u_long) (stb.st_atime < 0 ? 0 : stb.st_atime));
+ if (verbose_mode) {
+ fprintf(stderr, "File mtime %ld atime %ld\n",
+ (long)stb.st_mtime, (long)stb.st_atime);
+ fprintf(stderr, "Sending file timestamps: %s",
+ buf);
+ }
(void) atomicio(vwrite, remout, buf, strlen(buf));
if (response() < 0)
goto next;
@@ -642,7 +697,7 @@
(void) atomicio(vwrite, remout, buf, strlen(buf));
if (response() < 0)
goto next;
- if ((bp = allocbuf(&buffer, fd, 2048)) == NULL) {
+ if ((bp = allocbuf(&buffer, fd, COPY_BUFLEN)) == NULL) {
next: if (fd != -1) {
(void) close(fd);
fd = -1;
@@ -651,27 +706,25 @@
}
if (showprogress)
start_progress_meter(curfile, stb.st_size, &statbytes);
- /* Keep writing after an error so that we stay sync'd up. */
+ set_nonblock(remout);
for (haderr = i = 0; i < stb.st_size; i += bp->cnt) {
amt = bp->cnt;
if (i + amt > stb.st_size)
amt = stb.st_size - i;
if (!haderr) {
- result = atomicio(read, fd, bp->buf, amt);
- if (result != amt)
+ if (atomicio(read, fd, bp->buf, amt) != amt)
haderr = errno;
}
- if (haderr)
- (void) atomicio(vwrite, remout, bp->buf, amt);
- else {
- result = atomicio(vwrite, remout, bp->buf, amt);
- if (result != amt)
- haderr = errno;
- statbytes += result;
+ /* Keep writing after error to retain sync */
+ if (haderr) {
+ (void)atomicio(vwrite, remout, bp->buf, amt);
+ continue;
}
- if (limit_rate)
- bwlimit(amt);
+ if (scpio(vwrite, remout, bp->buf, amt,
+ &statbytes) != amt)
+ haderr = errno;
}
+ unset_nonblock(remout);
if (showprogress)
stop_progress_meter();
@@ -777,10 +830,10 @@
thresh /= 2;
if (thresh < 2048)
thresh = 2048;
- } else if (bwend.tv_usec < 100) {
+ } else if (bwend.tv_usec < 10000) {
thresh *= 2;
- if (thresh > 32768)
- thresh = 32768;
+ if (thresh > COPY_BUFLEN * 4)
+ thresh = COPY_BUFLEN * 4;
}
TIMEVAL_TO_TIMESPEC(&bwend, &ts);
@@ -971,7 +1024,7 @@
continue;
}
(void) atomicio(vwrite, remout, "", 1);
- if ((bp = allocbuf(&buffer, ofd, 4096)) == NULL) {
+ if ((bp = allocbuf(&buffer, ofd, COPY_BUFLEN)) == NULL) {
(void) close(ofd);
continue;
}
@@ -981,26 +1034,24 @@
statbytes = 0;
if (showprogress)
start_progress_meter(curfile, size, &statbytes);
- for (count = i = 0; i < size; i += 4096) {
- amt = 4096;
+ set_nonblock(remin);
+ for (count = i = 0; i < size; i += bp->cnt) {
+ amt = bp->cnt;
if (i + amt > size)
amt = size - i;
count += amt;
do {
- j = atomicio(read, remin, cp, amt);
+ j = scpio(read, remin, cp, amt, &statbytes);
if (j == 0) {
- run_err("%s", j ? strerror(errno) :
+ run_err("%s", j != EPIPE ?
+ strerror(errno) :
"dropped connection");
exit(1);
}
amt -= j;
cp += j;
- statbytes += j;
} while (amt > 0);
- if (limit_rate)
- bwlimit(4096);
-
if (count == bp->cnt) {
/* Keep reading so we stay sync'd up. */
if (wrerr == NO) {
@@ -1014,6 +1065,7 @@
cp = bp->buf;
}
}
+ unset_nonblock(remin);
if (showprogress)
stop_progress_meter();
if (count != 0 && wrerr == NO &&
@@ -1021,7 +1073,8 @@
wrerr = YES;
wrerrno = errno;
}
- if (wrerr == NO && ftruncate(ofd, size) != 0) {
+ if (wrerr == NO && (!exists || S_ISREG(stb.st_mode)) &&
+ ftruncate(ofd, size) != 0) {
run_err("%s: truncate: %s", np, strerror(errno));
wrerr = DISPLAYED;
}
@@ -1116,7 +1169,7 @@
(void) fprintf(stderr,
"usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n"
" [-l limit] [-o ssh_option] [-P port] [-S program]\n"
- " [[user@]host1:]file1 [...] [[user@]host2:]file2\n");
+ " [[user@]host1:]file1 ... [[user@]host2:]file2\n");
exit(1);
}
Index: kex.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/kex.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/kex.h -L crypto/openssh/kex.h -u -r1.3 -r1.4
--- crypto/openssh/kex.h
+++ crypto/openssh/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.44 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kex.h,v 1.46 2007/06/07 19:37:34 pvalchev Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -28,6 +28,7 @@
#include <signal.h>
#include <openssl/evp.h>
+#include <openssl/hmac.h>
#define KEX_DH1 "diffie-hellman-group1-sha1"
#define KEX_DH14 "diffie-hellman-group14-sha1"
@@ -86,10 +87,13 @@
struct Mac {
char *name;
int enabled;
- const EVP_MD *md;
u_int mac_len;
u_char *key;
u_int key_len;
+ int type;
+ const EVP_MD *evp_md;
+ HMAC_CTX evp_ctx;
+ struct umac_ctx *umac_ctx;
};
struct Comp {
int type;
Index: misc.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/misc.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/misc.c -L crypto/openssh/misc.c -u -r1.4 -r1.5
--- crypto/openssh/misc.c
+++ crypto/openssh/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.65 2006/11/23 01:35:11 ray Exp $ */
+/* $OpenBSD: misc.c,v 1.67 2008/01/01 08:47:04 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -42,6 +42,7 @@
#include <errno.h>
#include <fcntl.h>
+#include <netdb.h>
#ifdef HAVE_PATHS_H
# include <paths.h>
#include <pwd.h>
@@ -120,6 +121,14 @@
return (0);
}
+const char *
+ssh_gai_strerror(int gaierr)
+{
+ if (gaierr == EAI_SYSTEM)
+ return strerror(errno);
+ return gai_strerror(gaierr);
+}
+
/* disable nagle on socket */
void
set_nodelay(int fd)
Index: ChangeLog
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ChangeLog,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/ChangeLog -L crypto/openssh/ChangeLog -u -r1.3 -r1.4
--- crypto/openssh/ChangeLog
+++ crypto/openssh/ChangeLog
@@ -1,3 +1,1012 @@
+20080327
+ - (dtucker) Cache selinux status earlier so we know if it's enabled after a
+ chroot. Allows ChrootDirectory to work with selinux support compiled in
+ but not enabled. Using it with selinux enabled will require some selinux
+ support inside the chroot. "looks sane" djm@
+ - (djm) Fix RCS ident in sftp-server-main.c
+ - (djm) OpenBSD CVS sync:
+ - jmc at cvs.openbsd.org 2008/02/11 07:58:28
+ [ssh.1 sshd.8 sshd_config.5]
+ bump Mdocdate for pages committed in "febuary", necessary because
+ of a typo in rcs.c;
+ - deraadt at cvs.openbsd.org 2008/03/13 01:49:53
+ [monitor_fdpass.c]
+ Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to
+ an extensive discussion with otto, kettenis, millert, and hshoexer
+ - deraadt at cvs.openbsd.org 2008/03/15 16:19:02
+ [monitor_fdpass.c]
+ Repair the simple cases for msg_controllen where it should just be
+ CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
+ of alignment; ok kettenis hshoexer
+ - djm at cvs.openbsd.org 2008/03/23 12:54:01
+ [sftp-client.c]
+ prefer POSIX-style file renaming over filexfer rename behaviour if the
+ server supports the posix-rename at openssh.com extension.
+ Note that the old (filexfer) behaviour would refuse to clobber an
+ existing file. Users who depended on this should adjust their sftp(1)
+ usage.
+ ok deraadt@ markus@
+ - deraadt at cvs.openbsd.org 2008/03/24 16:11:07
+ [monitor_fdpass.c]
+ msg_controllen has to be CMSG_SPACE so that the kernel can account for
+ each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This
+ works now that kernel fd passing has been fixed to accept a bit of
+ sloppiness because of this ABI repair.
+ lots of discussion with kettenis
+ - djm at cvs.openbsd.org 2008/03/25 11:58:02
+ [session.c sshd_config.5]
+ ignore ~/.ssh/rc if a sshd_config ForceCommand is specified;
+ from dtucker@ ok deraadt@ djm@
+ - djm at cvs.openbsd.org 2008/03/25 23:01:41
+ [session.c]
+ last patch had backwards test; spotted by termim AT gmail.com
+ - djm at cvs.openbsd.org 2008/03/26 21:28:14
+ [auth-options.c auth-options.h session.c sshd.8]
+ add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc
+ - djm at cvs.openbsd.org 2008/03/27 00:16:49
+ [version.h]
+ openssh-4.9
+ - djm at cvs.openbsd.org 2008/03/24 21:46:54
+ [regress/sftp-badcmds.sh]
+ disable no-replace rename test now that we prefer a POSIX rename; spotted
+ by dkrause@
+ - (djm) [configure.ac] fix alignment of --without-stackprotect description
+ - (djm) [configure.ac] --with-selinux too
+ - (djm) [regress/Makefile] cleanup PuTTY interop test droppings
+ - (djm) [README] Update link to release notes
+ - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+ [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
+ - (djm) Release 4.9p1
+
+20080315
+ - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
+ empty; report and patch from Peter Stuge
+ - (djm) [regress/test-exec.sh] Silence noise from detection of putty
+ commands; report from Peter Stuge
+ - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing
+ crashes when used with ChrootDirectory
+
+20080314
+ - (tim) [regress/sftp-cmds.sh] s/cd/lcd/ in lls test. Reported by
+ vinschen at redhat.com. Add () to put echo commands in subshell for lls test
+ I mistakenly left out of last commit.
+ - (tim) [regress/localcommand.sh] Shell portability fix. Reported by imorgan at
+ nas.nasa.gov
+
+20080313
+ - (djm) [Makefile.in regress/Makefile] Fix interop-tests target (note to
+ self: make changes to Makefile.in next time, not the generated Makefile).
+ - (djm) [Makefile.in regress/test-exec.sh] Find installed plink(1) and
+ puttygen(1) by $PATH
+ - (tim) [scp.c] Use poll.h if available, fall back to sys/poll.h if not. Patch
+ by vinschen at redhat.com.
+ - (tim) [regress/sftp-cmds.sh regress/ssh2putty.sh] Shell portability fixes
+ from vinschen at redhat.com and imorgan at nas.nasa.gov
+
+20080312
+ - (djm) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2007/10/29 06:57:13
+ [regress/Makefile regress/localcommand.sh]
+ Add simple regress test for LocalCommand; ok djm@
+ - jmc at cvs.openbsd.org 2007/11/25 15:35:09
+ [regress/agent-getpeereid.sh regress/agent.sh]
+ more existant -> existent, from Martynas Venckus;
+ pfctl changes: ok henning
+ ssh changes: ok deraadt
+ - djm at cvs.openbsd.org 2007/12/12 05:04:03
+ [regress/sftp-cmds.sh]
+ unbreak lls command and add a regress test that would have caught the
+ breakage; spotted by mouring@
+ NB. sftp code change already committed.
+ - djm at cvs.openbsd.org 2007/12/21 04:13:53
+ [regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh]
+ [regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh]
+ basic (crypto, kex and transfer) interop regression tests against putty
+ To run these, install putty and run "make interop-tests" from the build
+ directory - the tests aren't run by default yet.
+
+20080311
+ - (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move
+ pam_open_session and pam_close_session into the privsep monitor, which
+ will ensure that pam_session_close is called as root. Patch from Tomas
+ Mraz.
+
+20080309
+ - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't
+ always work for all platforms and versions, so test what we can and
+ add a configure flag to turn it of if needed. ok djm@
+ - (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups
+ implementation. It's not needed to fix bug #1081 and breaks the build
+ on some AIX configurations.
+ - (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's
+ equivalent of LLONG_MAX for the compat regression tests, which makes them
+ run on AIX and HP-UX. Patch from David Leonard.
+ - (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch
+ platforms where gcc understands the option but it's not supported (and
+ thus generates a warning).
+
+20080307
+ - (djm) OpenBSD CVS Sync
+ - jmc at cvs.openbsd.org 2008/02/11 07:58:28
+ [ssh.1 sshd.8 sshd_config.5]
+ bump Mdocdate for pages committed in "febuary", necessary because
+ of a typo in rcs.c;
+ - djm at cvs.openbsd.org 2008/02/13 22:38:17
+ [servconf.h session.c sshd.c]
+ rekey arc4random and OpenSSL RNG in postauth child
+ closefrom fds > 2 before shell/command execution
+ ok markus@
+ - mbalmer at cvs.openbsd.org 2008/02/14 13:10:31
+ [sshd.c]
+ When started in configuration test mode (-t) do not check that sshd is
+ being started with an absolute path.
+ ok djm
+ - markus at cvs.openbsd.org 2008/02/20 15:25:26
+ [session.c]
+ correct boolean encoding for coredump; der Mouse via dugsong
+ - djm at cvs.openbsd.org 2008/02/22 05:58:56
+ [session.c]
+ closefrom() call was too early, delay it until just before we execute
+ the user's rc files (if any).
+ - dtucker at cvs.openbsd.org 2008/02/22 20:44:02
+ [clientloop.c packet.c packet.h serverloop.c]
+ Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
+ keepalive timer (bz #1307). ok markus@
+ - djm at cvs.openbsd.org 2008/02/27 20:21:15
+ [sftp-server.c]
+ add an extension method "posix-rename at openssh.com" to perform POSIX atomic
+ rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
+ ok dtucker@ markus@
+ - deraadt at cvs.openbsd.org 2008/03/02 18:19:35
+ [monitor_fdpass.c]
+ use a union to ensure alignment of the cmsg (pay attention: various other
+ parts of the tree need this treatment too); ok djm
+ - deraadt at cvs.openbsd.org 2008/03/04 21:15:42
+ [version.h]
+ crank version; from djm
+ - (tim) [regress/sftp-glob.sh] Shell portability fix.
+
+20080302
+ - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect
+ either, so use our own.
+
+20080229
+ - (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in
+ configure (and there's not much point, as openssh won't work without it)
+ so HAVE_SELECT is not defined and the poll(2) compat code doesn't get
+ built in. Remove HAVE_SELECT so we can build on platforms without poll.
+ - (dtucker) [scp.c] Include sys/poll.h inside HAVE_SYS_POLL_H.
+ - (djm) [contrib/gnome-ssh-askpass2.h] Keep askpass windown on top. From
+ Debian patch via bernd AT openbsd.org
+
+20080228
+ - (dtucker) [configure.ac] Add -fstack-protector to LDFLAGS too, fixes
+ linking problems on AIX with gcc 4.1.x.
+ - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
+ openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
+ header to after OpenSSL headers, since some versions of OpenSSL have
+ SSLeay_add_all_algorithms as a macro already.
+ - (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL
+ compat glue into openssl-compat.h.
+ - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081: Implement
+ getgrouplist via getgrset on AIX, rather than iterating over getgrent.
+ This allows, eg, Match and AllowGroups directives to work with NIS and
+ LDAP groups.
+ - (dtucker) [sshd.c] Bug #1042: make log messages for tcpwrappers use the
+ same SyslogFacility as the rest of sshd. Patch from William Knox,
+ ok djm at .
+
+20080225
+ - (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack
+ since it now conflicts with the helper function in misc.c. From
+ vinschen AT redhat.com.
+ - (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a local implementation
+ of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD).
+ Help and testing from csjp at FreeBSD org, vgiffin at apple com. ok djm@
+ - (dtucker) [includes.h openbsd-compat/openssl-compat.c] Bug #1437: reshuffle
+ headers so ./configure --with-ssl-engine actually works. Patch from
+ Ian Lister.
+
+20080224
+ - (tim) [contrib/cygwin/ssh-host-config]
+ Grammar changes on SYSCONFDIR LOCALSTATEDIR messages.
+ Check more thoroughly that it's possible to create the /var/empty directory.
+ Patch by vinschen AT redhat.com
+
+20080210
+ - OpenBSD CVS Sync
+ - chl at cvs.openbsd.org 2008/01/11 07:22:28
+ [sftp-client.c sftp-client.h]
+ disable unused functions
+ initially from tobias@, but disabled them by placing them in
+ "#ifdef notyet" which was asked by djm@
+ ok djm@ tobias@
+ - djm at cvs.openbsd.org 2008/01/19 19:13:28
+ [ssh.1]
+ satisfy the pedants: -q does not suppress all diagnostic messages (e.g.
+ some commandline parsing warnings go unconditionally to stdout).
+ - djm at cvs.openbsd.org 2008/01/19 20:48:53
+ [clientloop.c]
+ fd leak on session multiplexing error path. Report and patch from
+ gregory_shively AT fanniemae.com
+ - djm at cvs.openbsd.org 2008/01/19 20:51:26
+ [ssh.c]
+ ignore SIGPIPE in multiplex client mode - we can receive this if the
+ server runs out of fds on us midway. Report and patch from
+ gregory_shively AT fanniemae.com
+ - djm at cvs.openbsd.org 2008/01/19 22:04:57
+ [sftp-client.c]
+ fix remote handle leak in do_download() local file open error path;
+ report and fix from sworley AT chkno.net
+ - djm at cvs.openbsd.org 2008/01/19 22:22:58
+ [ssh-keygen.c]
+ when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
+ hash just the specified hostname and not the entire hostspec from the
+ keyfile. It may be of the form "hostname,ipaddr", which would lead to
+ a hash that never matches. report and fix from jp AT devnull.cz
+ - djm at cvs.openbsd.org 2008/01/19 22:37:19
+ [ssh-keygen.c]
+ unbreak line numbering (broken in revision 1.164), fix error message
+ - djm at cvs.openbsd.org 2008/01/19 23:02:40
+ [channels.c]
+ When we added support for specified bind addresses for port forwards, we
+ added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of
+ this for -L port forwards that causes the client to listen on both v4
+ and v6 addresses when connected to a server with this quirk, despite
+ having set 0.0.0.0 as a bind_address.
+ report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
+ - djm at cvs.openbsd.org 2008/01/19 23:09:49
+ [readconf.c readconf.h sshconnect2.c]
+ promote rekeylimit to a int64 so it can hold the maximum useful limit
+ of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
+ - djm at cvs.openbsd.org 2008/01/20 00:38:30
+ [sftp.c]
+ When uploading, correctly handle the case of an unquoted filename with
+ glob metacharacters that match a file exactly but not as a glob, e.g. a
+ file called "[abcd]". report and test cases from duncan2nd AT gmx.de
+ - djm at cvs.openbsd.org 2008/01/21 17:24:30
+ [sftp-server.c]
+ Remove the fixed 100 handle limit in sftp-server and allocate as many
+ as we have available file descriptors. Patch from miklos AT szeredi.hu;
+ ok dtucker@ markus@
+ - djm at cvs.openbsd.org 2008/01/21 19:20:17
+ [sftp-client.c]
+ when a remote write error occurs during an upload, ensure that ACKs for
+ all issued requests are properly drained. patch from t8m AT centrum.cz
+ - dtucker at cvs.openbsd.org 2008/01/23 01:56:54
+ [clientloop.c packet.c serverloop.c]
+ Revert the change for bz #1307 as it causes connection aborts if an IGNORE
+ packet arrives while we're waiting in packet_read_expect (and possibly
+ elsewhere).
+ - jmc at cvs.openbsd.org 2008/01/31 20:06:50
+ [scp.1]
+ explain how to handle local file names containing colons;
+ requested by Tamas TEVESZ
+ ok dtucker
+ - markus at cvs.openbsd.org 2008/02/04 21:53:00
+ [session.c sftp-server.c sftp.h]
+ link sftp-server into sshd; feedback and ok djm@
+ - mcbride at cvs.openbsd.org 2008/02/09 12:15:43
+ [ssh.1 sshd.8]
+ Document the correct permissions for the ~/.ssh/ directory.
+ ok jmc
+ - djm at cvs.openbsd.org 2008/02/10 09:55:37
+ [sshd_config.5]
+ mantion that "internal-sftp" is useful with ForceCommand too
+ - djm at cvs.openbsd.org 2008/02/10 10:54:29
+ [servconf.c session.c]
+ delay ~ expansion for ChrootDirectory so it expands to the logged-in user's
+ home, rather than the user who starts sshd (probably root)
+
+20080119
+ - (djm) Silence noice from expr in ssh-copy-id; patch from
+ mikel AT mikelward.com
+ - (djm) Only listen for IPv6 connections on AF_INET6 sockets; patch from
+ tsr2600 AT gmail.com
+
+20080102
+ - (dtucker) [configure.ac] Fix message for -fstack-protector-all test.
+
+20080101
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2007/12/31 10:41:31
+ [readconf.c servconf.c]
+ Prevent strict-aliasing warnings on newer gcc versions. bz #1355, patch
+ from Dmitry V. Levin, ok djm@
+ - dtucker at cvs.openbsd.org 2007/12/31 15:27:04
+ [sshd.c]
+ When in inetd mode, have sshd generate a Protocol 1 ephemeral server
+ key only for connections where the client chooses Protocol 1 as opposed
+ to when it's enabled in the server's config. Speeds up Protocol 2
+ connections to inetd-mode servers that also allow Protocol 1. bz #440,
+ based on a patch from bruno at wolff.to, ok markus@
+ - dtucker at cvs.openbsd.org 2008/01/01 08:47:04
+ [misc.c]
+ spaces -> tabs from my previous commit
+ - dtucker at cvs.openbsd.org 2008/01/01 09:06:39
+ [scp.c]
+ If scp -p encounters a pre-epoch timestamp, use the epoch which is
+ as close as we can get given that it's used unsigned. Add a little
+ debugging while there. bz #828, ok djm@
+ - dtucker at cvs.openbsd.org 2008/01/01 09:27:33
+ [sshd_config.5 servconf.c]
+ Allow PermitRootLogin in a Match block. Allows for, eg, permitting root
+ only from the local network. ok markus@, man page bit ok jmc@
+ - dtucker at cvs.openbsd.org 2008/01/01 08:51:20
+ [moduli]
+ Updated moduli file; ok djm@
+
+20071231
+ - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of
+ builtin glob implementation on Mac OS X. Based on a patch from
+ vgiffin at apple.
+
+20071229
+ - (dtucker) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2007/12/12 05:04:03
+ [sftp.c]
+ unbreak lls command and add a regress test that would have caught the
+ breakage; spotted by mouring@
+ - dtucker at cvs.openbsd.org 2007/12/27 14:22:08
+ [servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c
+ sshd.c]
+ Add a small helper function to consistently handle the EAI_SYSTEM error
+ code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417.
+ ok markus@ stevesk@
+ - dtucker at cvs.openbsd.org 2007/12/28 15:32:24
+ [clientloop.c serverloop.c packet.c]
+ Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
+ ServerAlive and ClientAlive timers. Prevents dropping a connection
+ when these are enabled but the peer does not support our keepalives.
+ bz #1307, ok djm at .
+ - dtucker at cvs.openbsd.org 2007/12/28 22:34:47
+ [clientloop.c]
+ Use the correct packet maximum sizes for remote port and agent forwarding.
+ Prevents the server from killing the connection if too much data is queued
+ and an excessively large packet gets sent. bz #1360, ok djm at .
+
+20071202
+ - (dtucker) [configure.ac] Enable -fstack-protector-all on systems where
+ gcc supports it. ok djm@
+ - (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and remove
+ leftover debug code.
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2007/10/29 00:52:45
+ [auth2-gss.c]
+ Allow build without -DGSSAPI; ok deraadt@
+ (Id sync only, Portable already has the ifdefs)
+ - dtucker at cvs.openbsd.org 2007/10/29 01:55:04
+ [ssh.c]
+ Plug tiny mem leaks in ControlPath and ProxyCommand option processing;
+ ok djm@
+ - dtucker at cvs.openbsd.org 2007/10/29 04:08:08
+ [monitor_wrap.c monitor.c]
+ Send config block back to slave for invalid users too so options
+ set by a Match block (eg Banner) behave the same for non-existent
+ users. Found by and ok djm@
+ - dtucker at cvs.openbsd.org 2007/10/29 06:51:59
+ [ssh_config.5]
+ ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@
+ - dtucker at cvs.openbsd.org 2007/10/29 06:54:50
+ [ssh.c]
+ Make LocalCommand work for Protocol 1 too; ok djm@
+ - jmc at cvs.openbsd.org 2007/10/29 07:48:19
+ [ssh_config.5]
+ clean up after previous macro removal;
+ - djm at cvs.openbsd.org 2007/11/03 00:36:14
+ [clientloop.c]
+ fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;
+ ok dtucker@
+ - deraadt at cvs.openbsd.org 2007/11/03 01:24:06
+ [ssh.c]
+ bz #1377: getpwuid results were being clobbered by another getpw* call
+ inside tilde_expand_filename(); save the data we need carefully
+ ok djm
+ - dtucker at cvs.openbsd.org 2007/11/03 02:00:32
+ [ssh.c]
+ Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@
+ - deraadt at cvs.openbsd.org 2007/11/03 02:03:49
+ [ssh.c]
+ avoid errno trashing in signal handler; ok dtucker
+
+20071030
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2007/10/29 23:49:41
+ [openbsd-compat/sys-tree.h]
+ remove extra backslash at the end of RB_PROTOTYPE, report from
+ Jan.Pechanec AT Sun.COM; ok deraadt@
+
+20071026
+ - (djm) OpenBSD CVS Sync
+ - stevesk at cvs.openbsd.org 2007/09/11 23:49:09
+ [sshpty.c]
+ remove #if defined block not needed; ok markus@ dtucker@
+ (NB. RCD ID sync only for portable)
+ - djm at cvs.openbsd.org 2007/09/21 03:05:23
+ [ssh_config.5]
+ document KbdInteractiveAuthentication in ssh_config.5;
+ patch from dkg AT fifthhorseman.net
+ - djm at cvs.openbsd.org 2007/09/21 08:15:29
+ [auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c]
+ [monitor.c monitor_wrap.c]
+ unifdef -DBSD_AUTH
+ unifdef -USKEY
+ These options have been in use for some years;
+ ok markus@ "no objection" millert@
+ (NB. RCD ID sync only for portable)
+ - canacar at cvs.openbsd.org 2007/09/25 23:48:57
+ [ssh-agent.c]
+ When adding a key that already exists, update the properties
+ (time, confirm, comment) instead of discarding them. ok djm@ markus@
+ - ray at cvs.openbsd.org 2007/09/27 00:15:57
+ [dh.c]
+ Don't return -1 on error in dh_pub_is_valid(), since it evaluates
+ to true.
+ Also fix a typo.
+ Initial diff from Matthew Dempsky, input from djm.
+ OK djm, markus.
+ - dtucker at cvs.openbsd.org 2007/09/29 00:25:51
+ [auth2.c]
+ Remove unused prototype. ok djm@
+ - chl at cvs.openbsd.org 2007/10/02 17:49:58
+ [ssh-keygen.c]
+ handles zero-sized strings that fgets can return
+ properly removes trailing newline
+ removes an unused variable
+ correctly counts line number
+ "looks ok" ray@ markus@
+ - markus at cvs.openbsd.org 2007/10/22 19:10:24
+ [readconf.c]
+ make sure that both the local and remote port are correct when
+ parsing -L; Jan Pechanec (bz #1378)
+ - djm at cvs.openbsd.org 2007/10/24 03:30:02
+ [sftp.c]
+ rework argument splitting and parsing to cope correctly with common
+ shell escapes and make handling of escaped characters consistent
+ with sh(1) and between sftp commands (especially between ones that
+ glob their arguments and ones that don't).
+ parse command flags using getopt(3) rather than hand-rolled parsers.
+ ok dtucker@
+ - djm at cvs.openbsd.org 2007/10/24 03:44:02
+ [scp.c]
+ factor out network read/write into an atomicio()-like function, and
+ use it to handle short reads, apply bandwidth limits and update
+ counters. make network IO non-blocking, so a small trickle of
+ reads/writes has a chance of updating the progress meter; bz #799
+ ok dtucker@
+ - djm at cvs.openbsd.org 2006/08/29 09:44:00
+ [regress/sftp-cmds.sh]
+ clean up our mess
+ - markus at cvs.openbsd.org 2006/11/06 09:27:43
+ [regress/cfgmatch.sh]
+ fix quoting for non-(c)sh login shells.
+ - dtucker at cvs.openbsd.org 2006/12/13 08:36:36
+ [regress/cfgmatch.sh]
+ Additional test for multiple PermitOpen entries. ok djm@
+ - pvalchev at cvs.openbsd.org 2007/06/07 19:41:46
+ [regress/cipher-speed.sh regress/try-ciphers.sh]
+ test umac-64 at openssh.com
+ ok djm@
+ - djm at cvs.openbsd.org 2007/10/24 03:32:35
+ [regress/sftp-cmds.sh regress/sftp-glob.sh regress/test-exec.sh]
+ comprehensive tests for sftp escaping its interaction with globbing;
+ ok dtucker@
+ - djm at cvs.openbsd.org 2007/10/26 05:30:01
+ [regress/sftp-glob.sh regress/test-exec.sh]
+ remove "echo -E" crap that I added in last commit and use printf(1) for
+ cases where we strictly require echo not to reprocess escape characters.
+ - deraadt at cvs.openbsd.org 2005/11/28 17:50:12
+ [openbsd-compat/glob.c]
+ unused arg in internal static API
+ - jakob at cvs.openbsd.org 2007/10/11 18:36:41
+ [openbsd-compat/getrrsetbyname.c openbsd-compat/getrrsetbyname.h]
+ use RRSIG instead of SIG for DNSSEC. ok djm@
+ - otto at cvs.openbsd.org 2006/10/21 09:55:03
+ [openbsd-compat/base64.c]
+ remove calls to abort(3) that can't happen anyway; from
+ <bret dot lambert at gmail.com>; ok millert@ deraadt@
+ - frantzen at cvs.openbsd.org 2004/04/24 18:11:46
+ [openbsd-compat/sys-tree.h]
+ sync to Niels Provos' version. avoid unused variable warning in
+ RB_NEXT()
+ - tdeval at cvs.openbsd.org 2004/11/24 18:10:42
+ [openbsd-compat/sys-tree.h]
+ typo
+ - grange at cvs.openbsd.org 2004/05/04 16:59:32
+ [openbsd-compat/sys-queue.h]
+ Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.
+ This matches our SLIST behaviour and NetBSD's SIMPLEQ as well.
+ ok millert krw deraadt
+ - deraadt at cvs.openbsd.org 2005/02/25 13:29:30
+ [openbsd-compat/sys-queue.h]
+ minor white spacing
+ - otto at cvs.openbsd.org 2005/10/17 20:19:42
+ [openbsd-compat/sys-queue.h]
+ Performing certain operations on queue.h data structurs produced
+ funny results. An example is calling LIST_REMOVE on the same
+ element twice. This will not fail, but result in a data structure
+ referencing who knows what. Prevent these accidents by NULLing some
+ fields on remove and replace. This way, either a panic or segfault
+ will be produced on the faulty operation.
+ - otto at cvs.openbsd.org 2005/10/24 20:25:14
+ [openbsd-compat/sys-queue.h]
+ Partly backout. NOLIST, used in LISTs is probably interfering.
+ requested by deraadt@
+ - otto at cvs.openbsd.org 2005/10/25 06:37:47
+ [openbsd-compat/sys-queue.h]
+ Some uvm problem is being exposed with the more strict macros.
+ Revert until we've found out what's causing the panics.
+ - otto at cvs.openbsd.org 2005/11/25 08:06:25
+ [openbsd-compat/sys-queue.h]
+ Introduce debugging aid for queue macros. Disabled by default; but
+ developers are encouraged to run with this enabled.
+ ok krw@ fgsch@ deraadt@
+ - otto at cvs.openbsd.org 2007/04/30 18:42:34
+ [openbsd-compat/sys-queue.h]
+ Enable QUEUE_MACRO_DEBUG on DIAGNOSTIC kernels.
+ Input and okays from krw@, millert@, otto@, deraadt@, miod at .
+ - millert at cvs.openbsd.org 2004/10/07 16:56:11
+ GLOB_NOESCAPE is POSIX so move it out of the #ifndef _POSIX_SOURCE
+ block.
+ (NB. mostly an RCS ID sync, as portable strips out the conditionals)
+ - (djm) [regress/sftp-cmds.sh]
+ Use more restrictive glob to pick up test files from /bin - some platforms
+ ship broken symlinks there which could spoil the test.
+ - (djm) [openbsd-compat/bindresvport.c]
+ Sync RCS ID after irrelevant (for portable OpenSSH) header shuffling
+
+20070927
+ - (dtucker) [configure.ac atomicio.c] Fall back to including <sys/poll.h> if
+ we don't have <poll.h> (eq QNX). From bacon at cs nyu edu.
+ - (dtucker) [configure.ac defines.h] Shadow expiry does not work on QNX6
+ so disable it for that platform. From bacon at cs nyu edu.
+
+20070921
+ - (djm) [atomicio.c] Fix spin avoidance for platforms that define
+ EWOULDBLOCK; patch from ben AT psc.edu
+
+20070917
+ - (djm) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2007/08/23 02:49:43
+ [auth-passwd.c auth.c session.c]
+ unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@
+ NB. RCS ID sync only for portable
+ - djm at cvs.openbsd.org 2007/08/23 02:55:51
+ [auth-passwd.c auth.c session.c]
+ missed include bits from last commit
+ NB. RCS ID sync only for portable
+ - djm at cvs.openbsd.org 2007/08/23 03:06:10
+ [auth.h]
+ login_cap.h doesn't belong here
+ NB. RCS ID sync only for portable
+ - djm at cvs.openbsd.org 2007/08/23 03:22:16
+ [auth2-none.c sshd_config sshd_config.5]
+ Support "Banner=none" to disable displaying of the pre-login banner;
+ ok dtucker@ deraadt@
+ - djm at cvs.openbsd.org 2007/08/23 03:23:26
+ [sshconnect.c]
+ Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally
+ - djm at cvs.openbsd.org 2007/09/04 03:21:03
+ [clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
+ [monitor_wrap.c ssh.c]
+ make file descriptor passing code return an error rather than call fatal()
+ when it encounters problems, and use this to make session multiplexing
+ masters survive slaves failing to pass all stdio FDs; ok markus@
+ - djm at cvs.openbsd.org 2007/09/04 11:15:56
+ [ssh.c sshconnect.c sshconnect.h]
+ make ssh(1)'s ConnectTimeout option apply to both the TCP connection and
+ SSH banner exchange (previously it just covered the TCP connection).
+ This allows callers of ssh(1) to better detect and deal with stuck servers
+ that accept a TCP connection but don't progress the protocol, and also
+ makes ConnectTimeout useful for connections via a ProxyCommand;
+ feedback and "looks ok" markus@
+ - sobrado at cvs.openbsd.org 2007/09/09 11:38:01
+ [ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
+ sort synopsis and options in ssh-agent(1); usage is lowercase
+ ok jmc@
+ - stevesk at cvs.openbsd.org 2007/09/11 04:36:29
+ [sshpty.c]
+ sort #include
+ NB. RCS ID sync only
+ - gilles at cvs.openbsd.org 2007/09/11 15:47:17
+ [session.c ssh-keygen.c sshlogin.c]
+ use strcspn to properly overwrite '\n' in fgets returned buffer
+ ok pyr@, ray@, millert@, moritz@, chl@
+ - stevesk at cvs.openbsd.org 2007/09/11 23:49:09
+ [sshpty.c]
+ remove #if defined block not needed; ok markus@ dtucker@
+ NB. RCS ID sync only
+ - stevesk at cvs.openbsd.org 2007/09/12 19:39:19
+ [umac.c]
+ use xmalloc() and xfree(); ok markus@ pvalchev@
+ - djm at cvs.openbsd.org 2007/09/13 04:39:04
+ [sftp-server.c]
+ fix incorrect test when setting syslog facility; from Jan Pechanec
+ - djm at cvs.openbsd.org 2007/09/16 00:55:52
+ [sftp-client.c]
+ use off_t instead of u_int64_t for file offsets, matching what the
+ progressmeter code expects; bz #842
+ - (tim) [defines.h] Fix regression in long password support on OpenServer 6.
+ Problem report and additional testing rac AT tenzing.org.
+
+20070914
+ - (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path.
+ Patch from Jan.Pechanec at sun com.
+
+20070910
+ - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1358: Always
+ return 0 on successful test. From David.Leonard at quest com.
+ - (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because we
+ did a AC_CHECK_FUNCS within the AC_CHECK_LIB test.
+
+20070817
+ - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked
+ accounts and that's what the code looks for, so make man page and code
+ agree. Pointed out by Roumen Petrov.
+ - (dtucker) [INSTALL] Group the parts describing random options and PAM
+ implementations together which is hopefully more coherent.
+ - (dtucker) [INSTALL] the pid file is sshd.pid not ssh.pid.
+ - (dtucker) [INSTALL] Give PAM its own heading.
+ - (dtucker) [INSTALL] Link to tcpwrappers.
+
+20070816
+ - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated
+ connections too. Based on a patch from Sandro Wefel, with & ok djm@
+
+20070815
+ - (dtucker) OpenBSD CVS Sync
+ - markus at cvs.openbsd.org 2007/08/15 08:14:46
+ [clientloop.c]
+ do NOT fall back to the trused x11 cookie if generation of an untrusted
+ cookie fails; from Jan Pechanec, via security-alert at sun.com;
+ ok dtucker
+ - markus at cvs.openbsd.org 2007/08/15 08:16:49
+ [version.h]
+ openssh 4.7
+ - stevesk at cvs.openbsd.org 2007/08/15 12:13:41
+ [ssh_config.5]
+ tun device forwarding now honours ExitOnForwardFailure; ok markus@
+ - (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler.
+ ok djm@
+ - (dtucker) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec
+ contrib/suse/openssh.spec] Crank version.
+
+20070813
+ - (dtucker) [session.c] Bug #1339: ensure that pam_setcred() is always
+ called with PAM_ESTABLISH_CRED at least once, which resolves a problem
+ with pam_dhkeys. Patch from David Leonard, ok djm@
+
+20070810
+ - (dtucker) [auth-pam.c] Use sigdie here too. ok djm@
+ - (dtucker) [configure.ac] Bug #1343: Set DISABLE_FD_PASSING for QNX6. From
+ Matt Kraai, ok djm@
+
+20070809
+ - (dtucker) [openbsd-compat/port-aix.c] Comment typo.
+ - (dtucker) [README.platform] Document the interaction between PermitRootLogin
+ and the AIX native login restrictions.
+ - (dtucker) [defines.h] Remove _PATH_{CSHELL,SHELLS} which aren't
+ used anywhere and are a potential source of warnings.
+
+20070808
+ - (djm) OpenBSD CVS Sync
+ - ray at cvs.openbsd.org 2007/07/12 05:48:05
+ [key.c]
+ Delint: remove some unreachable statements, from Bret Lambert.
+ OK markus@ and dtucker at .
+ - sobrado at cvs.openbsd.org 2007/08/06 19:16:06
+ [scp.1 scp.c]
+ the ellipsis is not an optional argument; while here, sync the usage
+ and synopsis of commands
+ lots of good ideas by jmc@
+ ok jmc@
+ - djm at cvs.openbsd.org 2007/08/07 07:32:53
+ [clientloop.c clientloop.h ssh.c]
+ bz#1232: ensure that any specified LocalCommand is executed after the
+ tunnel device is opened. Also, make failures to open a tunnel device
+ fatal when ExitOnForwardFailure is active.
+ Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt
+
+20070724
+ - (tim) [openssh.xml.in] make FMRI match what package scripts use.
+ - (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call.
+ Report/patch by David.Leonard AT quest.com (and Bernhard Simon)
+ - (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5)
+ - (tim) [buildpkg.sh.in] s|$FAKE_ROOT/${sysconfdir}|$FAKE_ROOT${sysconfdir}|
+
+20070628
+ - (djm) bz#1325: Fix SELinux in permissive mode where it would
+ incorrectly fatal() on errors. patch from cjwatson AT debian.org;
+ ok dtucker
+
+20070625
+ - (dtucker) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2007/06/13 00:21:27
+ [scp.c]
+ don't ftruncate() non-regular files; bz#1236 reported by wood AT
+ xmission.com; ok dtucker@
+ - djm at cvs.openbsd.org 2007/06/14 21:43:25
+ [ssh.c]
+ handle EINTR when waiting for mux exit status properly
+ - djm at cvs.openbsd.org 2007/06/14 22:48:05
+ [ssh.c]
+ when waiting for the multiplex exit status, read until the master end
+ writes an entire int of data *and* closes the client_fd; fixes mux
+ regression spotted by dtucker, ok dtucker@
+ - djm at cvs.openbsd.org 2007/06/19 02:04:43
+ [atomicio.c]
+ if the fd passed to atomicio/atomiciov() is non blocking, then poll() to
+ avoid a spin if it is not yet ready for reading/writing; ok dtucker@
+ - dtucker at cvs.openbsd.org 2007/06/25 08:20:03
+ [channels.c]
+ Correct test for window updates every three packets; prevents sending
+ window updates for every single packet. ok markus@
+ - dtucker at cvs.openbsd.org 2007/06/25 12:02:27
+ [atomicio.c]
+ Include <poll.h> like the man page says rather than <sys/poll.h>. ok djm@
+ - (dtucker) [atomicio.c] Test for EWOULDBLOCK in atomiciov to match
+ atomicio.
+ - (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.in
+ openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h]
+ Add an implementation of poll() built on top of select(2). Code from
+ OpenNTPD with changes suggested by djm. ok djm@
+
+20070614
+ - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the
+ USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
+ shared with umac.c. Allows building with OpenSSL 0.9.5 again including
+ umac support. With tim@ djm@, ok djm.
+ - (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAEL
+ sections. Fixes builds with early OpenSSL 0.9.6 versions.
+ - (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definition
+ of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the
+ subsequent <0.9.7 test.
+
+20070612
+ - (dtucker) OpenBSD CVS Sync
+ - markus at cvs.openbsd.org 2007/06/11 09:14:00
+ [channels.h]
+ increase default channel windows; ok djm
+ - djm at cvs.openbsd.org 2007/06/12 07:41:00
+ [ssh-add.1]
+ better document ssh-add's -d option (delete identies from agent), bz#1224
+ new text based on some provided by andrewmc-debian AT celt.dias.ie;
+ ok dtucker@
+ - djm at cvs.openbsd.org 2007/06/12 08:20:00
+ [ssh-gss.h gss-serv.c gss-genr.c]
+ relocate server-only GSSAPI code from libssh to server; bz #1225
+ patch from simon AT sxw.org.uk; ok markus@ dtucker@
+ - djm at cvs.openbsd.org 2007/06/12 08:24:20
+ [scp.c]
+ make scp try to skip FIFOs rather than blocking when nothing is listening.
+ depends on the platform supporting sane O_NONBLOCK semantics for open
+ on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
+ bz #856; report by cjwatson AT debian.org; ok markus@
+ - djm at cvs.openbsd.org 2007/06/12 11:11:08
+ [ssh.c]
+ fix slave exit value when a control master goes away without passing the
+ full exit status by ensuring that the slave reads a full int. bz#1261
+ reported by frekko AT gmail.com; ok markus@ dtucker@
+ - djm at cvs.openbsd.org 2007/06/12 11:15:17
+ [ssh.c ssh.1]
+ Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
+ GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
+ and is useful for hosts with /home on Kerberised NFS; bz #1312
+ patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@
+ - djm at cvs.openbsd.org 2007/06/12 11:45:27
+ [ssh.c]
+ improved exit message from multiplex slave sessions; bz #1262
+ reported by alexandre.nunes AT gmail.com; ok dtucker@
+ - dtucker at cvs.openbsd.org 2007/06/12 11:56:15
+ [gss-genr.c]
+ Pass GSS OID to gss_display_status to provide better information in
+ error messages. Patch from Simon Wilkinson via bz 1220. ok djm@
+ - jmc at cvs.openbsd.org 2007/06/12 13:41:03
+ [ssh-add.1]
+ identies -> identities;
+ - jmc at cvs.openbsd.org 2007/06/12 13:43:55
+ [ssh.1]
+ add -K to SYNOPSIS;
+ - dtucker at cvs.openbsd.org 2007/06/12 13:54:28
+ [scp.c]
+ Encode filename with strnvis if the name contains a newline (which can't
+ be represented in the scp protocol), from bz #891. ok markus@
+
+20070611
+ - (djm) Bugzilla #1306: silence spurious error messages from hang-on-exit
+ fix; tested by dtucker@ and jochen.kirn AT gmail.com
+ - pvalchev at cvs.openbsd.org 2007/06/07 19:37:34
+ [kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
+ [ssh_config.5 sshd.8 sshd_config.5]
+ Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
+ must specify umac-64 at openssh.com). Provides about 20% end-to-end speedup
+ compared to hmac-md5. Represents a different approach to message
+ authentication to that of HMAC that may be beneficial if HMAC based on
+ one of its underlying hash algorithms is found to be vulnerable to a
+ new attack. http://www.ietf.org/rfc/rfc4418.txt
+ in conjunction with and OK djm@
+ - pvalchev at cvs.openbsd.org 2007/06/08 04:40:40
+ [ssh_config]
+ Add a "MACs" line after "Ciphers" with the default MAC algorithms,
+ to ease people who want to tweak both (eg. for performance reasons).
+ ok deraadt@ djm@ dtucker@
+ - jmc at cvs.openbsd.org 2007/06/08 07:43:46
+ [ssh_config.5]
+ put the MAC list into a display, like we do for ciphers,
+ since groff has trouble handling wide lines;
+ - jmc at cvs.openbsd.org 2007/06/08 07:48:09
+ [sshd_config.5]
+ oops, here too: put the MAC list into a display, like we do for
+ ciphers, since groff has trouble with wide lines;
+ - markus at cvs.openbsd.org 2007/06/11 08:04:44
+ [channels.c]
+ send 'window adjust' messages every tree packets and do not wait
+ until 50% of the window is consumed. ok djm dtucker
+ - (djm) [configure.ac umac.c] If platform doesn't provide swap32(3), then
+ fallback to provided bit-swizzing functions
+ - (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"
+ argument to nanosleep may be NULL. Currently this never happens in OpenSSH,
+ but check anyway in case this changes or the code gets used elsewhere.
+ - (dtucker) [includes.h] Bug #1243: HAVE_PATHS -> HAVE_PATHS_H. Should
+ prevent warnings about redefinitions of various things in paths.h.
+ Spotted by cartmanltd at hotmail.com.
+
+20070605
+ - (dtucker) OpenBSD CVS Sync
+ - djm at cvs.openbsd.org 2007/05/22 10:18:52
+ [sshd.c]
+ zap double include; from p_nowaczyk AT o2.pl
+ (not required in -portable, Id sync only)
+ - djm at cvs.openbsd.org 2007/05/30 05:58:13
+ [kex.c]
+ tidy: KNF, ARGSUSED and u_int
+ - jmc at cvs.openbsd.org 2007/05/31 19:20:16
+ [scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
+ ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
+ convert to new .Dd format;
+ (We will need to teach mdoc2man.awk to understand this too.)
+ - djm at cvs.openbsd.org 2007/05/31 23:34:29
+ [packet.c]
+ gc unreachable code; spotted by Tavis Ormandy
+ - djm at cvs.openbsd.org 2007/06/02 09:04:58
+ [bufbn.c]
+ memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca
+ - djm at cvs.openbsd.org 2007/06/05 06:52:37
+ [kex.c monitor_wrap.c packet.c mac.h kex.h mac.c]
+ Preserve MAC ctx between packets, saving 2xhash calls per-packet.
+ Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5
+ patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm
+ committing at his request)
+ - (dtucker) [mdoc2man.awk] Teach it to deal with $Mdocdate tags that
+ OpenBSD's cvs now adds.
+ - (dtucker) [mdoc2man.awk] Remove trailing "$" from Mdocdate regex so
+ mindrot's cvs doesn't expand it on us.
+ - (dtucker) [mdoc2man.awk] Add support for %R references, used for RFCs.
+
+20070520
+ - (dtucker) OpenBSD CVS Sync
+ - stevesk at cvs.openbsd.org 2007/04/14 22:01:58
+ [auth2.c]
+ remove unused macro; from Dmitry V. Levin <ldv at altlinux.org>
+ - stevesk at cvs.openbsd.org 2007/04/18 01:12:43
+ [sftp-server.c]
+ cast "%llu" format spec to (unsigned long long); do not assume a
+ u_int64_t arg is the same as 'unsigned long long'.
+ from Dmitry V. Levin <ldv at altlinux.org>
+ ok markus@ 'Yes, that looks correct' millert@
+ - dtucker at cvs.openbsd.org 2007/04/23 10:15:39
+ [servconf.c]
+ Remove debug() left over from development. ok deraadt@
+ - djm at cvs.openbsd.org 2007/05/17 07:50:31
+ [log.c]
+ save and restore errno when logging; ok deraadt@
+ - djm at cvs.openbsd.org 2007/05/17 07:55:29
+ [sftp-server.c]
+ bz#1286 stop reading and processing commands when input or output buffer
+ is nearly full, otherwise sftp-server would happily try to grow the
+ input/output buffers past the maximum supported by the buffer API and
+ promptly fatal()
+ based on patch from Thue Janus Kristensen; feedback & ok dtucker@
+ - djm at cvs.openbsd.org 2007/05/17 20:48:13
+ [sshconnect2.c]
+ fall back to gethostname() when the outgoing connection is not
+ on a socket, such as is the case when ProxyCommand is used.
+ Gives hostbased auth an opportunity to work; bz#616, report
+ and feedback stuart AT kaloram.com; ok markus@
+ - djm at cvs.openbsd.org 2007/05/17 20:52:13
+ [monitor.c]
+ pass received SIGINT from monitor to postauth child so it can clean
+ up properly. bz#1196, patch from senthilkumar_sen AT hotpop.com;
+ ok markus@
+ - jolan at cvs.openbsd.org 2007/05/17 23:53:41
+ [sshconnect2.c]
+ djm owes me a vb and a tism cd for breaking ssh compilation
+ - (dtucker) [auth-pam.c] malloc+memset -> calloc. Patch from
+ ldv at altlinux.org.
+ - (dtucker) [auth-pam.c] Return empty string if fgets fails in
+ sshpam_tty_conv. Patch from ldv at altlinux.org.
+
+20070509
+ - (tim) [configure.ac] Bug #1287: Add missing test for ucred.h.
+
+20070429
+ - (dtucker) [openbsd-compat/bsd-misc.c] Include unistd.h and sys/types.h
+ for select(2) prototype.
+ - (dtucker) [auth-shadow.c loginrec.c] Include time.h for time(2) prototype.
+ - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1299: Use the
+ platform's _res if it has one. Should fix problem of DNSSEC record lookups
+ on NetBSD as reported by Curt Sampson.
+ - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.
+ - (dtucker) [configure.ac defines.h] Have configure check for MAXSYMLINKS
+ so we don't get redefinition warnings.
+ - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype.
+ - (dtucker) [configure.ac defines.h] Prevent warnings about __attribute__
+ __nonnull__ for versions of GCC that don't support it.
+ - (dtucker) [configure.ac defines.h] Have configure check for offsetof
+ to prevent redefinition warnings.
+
+20070406
+ - (dtucker) [INSTALL] Update the systems that have PAM as standard. Link
+ to OpenPAM too.
+ - (dtucker) [INSTALL] prngd lives at sourceforge these days.
+
+20070326
+ - (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c
+ openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines
+ to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@
+
+20070325
+ - (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX,
+ LIBWRAP and LIBPAM variables in Makefile with the general-purpose
+ SSHDLIBS. "I like" djm@
+
+20070321
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker at cvs.openbsd.org 2007/03/09 05:20:06
+ [servconf.c sshd.c]
+ Move C/R -> kbdint special case to after the defaults have been
+ loaded, which makes ChallengeResponse default to yes again. This
+ was broken by the Match changes and not fixed properly subsequently.
+ Found by okan at demirmen.com, ok djm@ "please do it" deraadt@
+ - djm at cvs.openbsd.org 2007/03/19 01:01:29
+ [sshd_config]
+ Disable the legacy SSH protocol 1 for new installations via
+ a configuration override. In the future, we will change the
+ server's default itself so users who need the legacy protocol
+ will need to turn it on explicitly
+ - dtucker at cvs.openbsd.org 2007/03/19 12:16:42
+ [ssh-agent.c]
+ Remove the signal handler that checks if the agent's parent process
+ has gone away, instead check when the select loop returns. Record when
+ the next key will expire when scanning for expired keys. Set the select
+ timeout to whichever of these two things happens next. With djm@, with &
+ ok deraadt@ markus@
+ - tedu at cvs.openbsd.org 2007/03/20 03:56:12
+ [readconf.c clientloop.c]
+ remove some bogus *p tests from charles longeau
+ ok deraadt millert
+ - jmc at cvs.openbsd.org 2007/03/20 15:57:15
+ [sshd.8]
+ - let synopsis and description agree for -f
+ - sort FILES
+ - +.Xr ssh-keyscan 1 ,
+ from Igor Sobrado
+ - (dtucker) [configure.ac openbsd-compat/bsd-getpeereid.c] Bug #1287: Use
+ getpeerucred to implement getpeereid (currently only Solaris 10 and up).
+ Patch by Jan.Pechanec at Sun.
+ - (dtucker) [regress/agent-getpeereid.sh] Do peereid test if we have
+ HAVE_GETPEERUCRED too. Also from Jan Pechanec.
+
+20070313
+ - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include
+ string.h to prevent warnings, from vapier at gentoo.org.
+ - (dtucker) [LICENCE] Add Daniel Walsh as a copyright holder for the
+ selinux bits in -portable.
+ - (dtucker) [cipher-3des1.c cipher-bf1.c] The OpenSSL 0.9.8e problem in
+ bug #1291 also affects Protocol 1 3des. While at it, use compat-openssl.h
+ in cipher-bf1.c. Patch from Juan Gallego.
+ - (dtucker) [README.platform] Info about blibpath on AIX.
+
20070306
- (djm) OpenBSD CVS Sync
- jmc at cvs.openbsd.org 2007/03/01 16:19:33
@@ -2816,4 +3825,4 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.4635.2.1 2007/03/06 10:27:55 djm Exp $
+$Id: ChangeLog,v 1.4896.2.1 2008/03/27 06:53:20 djm Exp $
Index: auth-options.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth-options.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/auth-options.h -L crypto/openssh/auth-options.h -u -r1.3 -r1.4
--- crypto/openssh/auth-options.h
+++ crypto/openssh/auth-options.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.h,v 1.16 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-options.h,v 1.17 2008/03/26 21:28:14 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -26,6 +26,7 @@
extern int no_agent_forwarding_flag;
extern int no_x11_forwarding_flag;
extern int no_pty_flag;
+extern int no_user_rc;
extern char *forced_command;
extern struct envstring *custom_environment;
extern int forced_tun_device;
Index: monitor.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/monitor.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/monitor.c -L crypto/openssh/monitor.c -u -r1.4 -r1.5
--- crypto/openssh/monitor.c
+++ crypto/openssh/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.90 2007/02/19 10:45:58 dtucker Exp $ */
+/* $OpenBSD: monitor.c,v 1.94 2007/10/29 04:08:08 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos at citi.umich.edu>
* Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -409,6 +409,7 @@
monitor_set_child_handler(pmonitor->m_pid);
signal(SIGHUP, &monitor_child_handler);
signal(SIGTERM, &monitor_child_handler);
+ signal(SIGINT, &monitor_child_handler);
if (compat20) {
mon_dispatch = mon_dispatch_postauth20;
@@ -642,11 +643,11 @@
#endif
buffer_put_cstring(m, pwent->pw_dir);
buffer_put_cstring(m, pwent->pw_shell);
+
+ out:
buffer_put_string(m, &options, sizeof(options));
if (options.banner != NULL)
buffer_put_cstring(m, options.banner);
-
- out:
debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
mm_request_send(sock, MONITOR_ANS_PWNAM, m);
@@ -1313,8 +1314,9 @@
mm_request_send(sock, MONITOR_ANS_PTY, m);
- mm_send_fd(sock, s->ptyfd);
- mm_send_fd(sock, s->ttyfd);
+ if (mm_send_fd(sock, s->ptyfd) == -1 ||
+ mm_send_fd(sock, s->ttyfd) == -1)
+ fatal("%s: send fds failed", __func__);
/* make sure nothing uses fd 0 */
if ((fd0 = open(_PATH_DEVNULL, O_RDONLY)) < 0)
@@ -1545,6 +1547,11 @@
/* The child is terminating */
session_destroy_all(&mm_session_close);
+#ifdef USE_PAM
+ if (options.use_pam)
+ sshpam_cleanup();
+#endif
+
while (waitpid(pmonitor->m_pid, &status, 0) == -1)
if (errno != EINTR)
exit(1);
Index: ssh-add.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh-add.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/ssh-add.c -L crypto/openssh/ssh-add.c -u -r1.3 -r1.4
--- crypto/openssh/ssh-add.c
+++ crypto/openssh/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.89 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.90 2007/09/09 11:38:01 sobrado Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -42,6 +42,7 @@
#include <sys/param.h>
#include <openssl/evp.h>
+#include "openbsd-compat/openssl-compat.h"
#include <fcntl.h>
#include <pwd.h>
@@ -309,7 +310,7 @@
static void
usage(void)
{
- fprintf(stderr, "Usage: %s [options] [file ...]\n", __progname);
+ fprintf(stderr, "usage: %s [options] [file ...]\n", __progname);
fprintf(stderr, "Options:\n");
fprintf(stderr, " -l List fingerprints of all identities.\n");
fprintf(stderr, " -L List public key parameters of all identities.\n");
Index: sftp-server.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sftp-server.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/sftp-server.c -L crypto/openssh/sftp-server.c -u -r1.4 -r1.5
--- crypto/openssh/sftp-server.c
+++ crypto/openssh/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.71 2007/01/03 07:22:36 stevesk Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.78 2008/02/27 20:21:15 djm Exp $ */
/*
* Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
*
@@ -169,6 +169,7 @@
int fd;
char *name;
u_int64_t bytes_read, bytes_write;
+ int next_unused;
};
enum {
@@ -177,40 +178,46 @@
HANDLE_FILE
};
-Handle handles[100];
-
-static void
-handle_init(void)
-{
- u_int i;
-
- for (i = 0; i < sizeof(handles)/sizeof(Handle); i++)
- handles[i].use = HANDLE_UNUSED;
+Handle *handles = NULL;
+u_int num_handles = 0;
+int first_unused_handle = -1;
+
+static void handle_unused(int i)
+{
+ handles[i].use = HANDLE_UNUSED;
+ handles[i].next_unused = first_unused_handle;
+ first_unused_handle = i;
}
static int
handle_new(int use, const char *name, int fd, DIR *dirp)
{
- u_int i;
+ int i;
- for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) {
- if (handles[i].use == HANDLE_UNUSED) {
- handles[i].use = use;
- handles[i].dirp = dirp;
- handles[i].fd = fd;
- handles[i].name = xstrdup(name);
- handles[i].bytes_read = handles[i].bytes_write = 0;
- return i;
- }
- }
- return -1;
+ if (first_unused_handle == -1) {
+ if (num_handles + 1 <= num_handles)
+ return -1;
+ num_handles++;
+ handles = xrealloc(handles, num_handles, sizeof(Handle));
+ handle_unused(num_handles - 1);
+ }
+
+ i = first_unused_handle;
+ first_unused_handle = handles[i].next_unused;
+
+ handles[i].use = use;
+ handles[i].dirp = dirp;
+ handles[i].fd = fd;
+ handles[i].name = xstrdup(name);
+ handles[i].bytes_read = handles[i].bytes_write = 0;
+
+ return i;
}
static int
handle_is_ok(int i, int type)
{
- return i >= 0 && (u_int)i < sizeof(handles)/sizeof(Handle) &&
- handles[i].use == type;
+ return i >= 0 && (u_int)i < num_handles && handles[i].use == type;
}
static int
@@ -300,12 +307,12 @@
if (handle_is_ok(handle, HANDLE_FILE)) {
ret = close(handles[handle].fd);
- handles[handle].use = HANDLE_UNUSED;
xfree(handles[handle].name);
+ handle_unused(handle);
} else if (handle_is_ok(handle, HANDLE_DIR)) {
ret = closedir(handles[handle].dirp);
- handles[handle].use = HANDLE_UNUSED;
xfree(handles[handle].name);
+ handle_unused(handle);
} else {
errno = ENOENT;
}
@@ -319,7 +326,8 @@
logit("%s%sclose \"%s\" bytes read %llu written %llu",
emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
handle_to_name(handle),
- handle_bytes_read(handle), handle_bytes_write(handle));
+ (unsigned long long)handle_bytes_read(handle),
+ (unsigned long long)handle_bytes_write(handle));
} else {
logit("%s%sclosedir \"%s\"",
emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
@@ -332,7 +340,7 @@
{
u_int i;
- for (i = 0; i < sizeof(handles)/sizeof(Handle); i++)
+ for (i = 0; i < num_handles; i++)
if (handles[i].use != HANDLE_UNUSED)
handle_log_close(i, "forced");
}
@@ -479,6 +487,9 @@
buffer_init(&msg);
buffer_put_char(&msg, SSH2_FXP_VERSION);
buffer_put_int(&msg, SSH2_FILEXFER_VERSION);
+ /* POSIX rename extension */
+ buffer_put_cstring(&msg, "posix-rename at openssh.com");
+ buffer_put_cstring(&msg, "1"); /* version */
send_msg(&msg);
buffer_free(&msg);
}
@@ -702,7 +713,8 @@
a = get_attrib();
debug("request %u: setstat name \"%s\"", id, name);
if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
- logit("set \"%s\" size %llu", name, a->size);
+ logit("set \"%s\" size %llu",
+ name, (unsigned long long)a->size);
ret = truncate(name, a->size);
if (ret == -1)
status = errno_to_portable(errno);
@@ -754,7 +766,8 @@
char *name = handle_to_name(handle);
if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
- logit("set \"%s\" size %llu", name, a->size);
+ logit("set \"%s\" size %llu",
+ name, (unsigned long long)a->size);
ret = ftruncate(fd, a->size);
if (ret == -1)
status = errno_to_portable(errno);
@@ -1070,6 +1083,23 @@
}
static void
+process_extended_posix_rename(u_int32_t id)
+{
+ char *oldpath, *newpath;
+
+ oldpath = get_string(NULL);
+ newpath = get_string(NULL);
+ debug3("request %u: posix-rename", id);
+ logit("posix-rename old \"%s\" new \"%s\"", oldpath, newpath);
+ if (rename(oldpath, newpath) == -1)
+ send_status(id, errno_to_portable(errno));
+ else
+ send_status(id, SSH2_FX_OK);
+ xfree(oldpath);
+ xfree(newpath);
+}
+
+static void
process_extended(void)
{
u_int32_t id;
@@ -1077,7 +1107,10 @@
id = get_int();
request = get_string(NULL);
- send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */
+ if (strcmp(request, "posix-rename at openssh.com") == 0)
+ process_extended_posix_rename(id);
+ else
+ send_status(id, SSH2_FX_OP_UNSUPPORTED); /* MUST */
xfree(request);
}
@@ -1100,7 +1133,7 @@
if (msg_len > SFTP_MAX_MSG_LENGTH) {
error("bad message from %s local user %s",
client_addr, pw->pw_name);
- cleanup_exit(11);
+ sftp_server_cleanup_exit(11);
}
if (buf_len < msg_len + 4)
return;
@@ -1173,18 +1206,22 @@
break;
}
/* discard the remaining bytes from the current packet */
- if (buf_len < buffer_len(&iqueue))
- fatal("iqueue grew unexpectedly");
+ if (buf_len < buffer_len(&iqueue)) {
+ error("iqueue grew unexpectedly");
+ sftp_server_cleanup_exit(255);
+ }
consumed = buf_len - buffer_len(&iqueue);
- if (msg_len < consumed)
- fatal("msg_len %d < consumed %d", msg_len, consumed);
+ if (msg_len < consumed) {
+ error("msg_len %d < consumed %d", msg_len, consumed);
+ sftp_server_cleanup_exit(255);
+ }
if (msg_len > consumed)
buffer_consume(&iqueue, msg_len - consumed);
}
/* Cleanup handler that logs active handles upon normal exit */
void
-cleanup_exit(int i)
+sftp_server_cleanup_exit(int i)
{
if (pw != NULL && client_addr != NULL) {
handle_log_exit();
@@ -1195,7 +1232,7 @@
}
static void
-usage(void)
+sftp_server_usage(void)
{
extern char *__progname;
@@ -1205,20 +1242,17 @@
}
int
-main(int argc, char **argv)
+sftp_server_main(int argc, char **argv, struct passwd *user_pw)
{
fd_set *rset, *wset;
int in, out, max, ch, skipargs = 0, log_stderr = 0;
ssize_t len, olen, set_size;
SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
- char *cp;
+ char *cp, buf[4*4096];
extern char *optarg;
extern char *__progname;
- /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
- sanitise_stdfd();
-
__progname = ssh_get_progname(argv[0]);
log_init(__progname, log_level, log_facility, log_stderr);
@@ -1241,12 +1275,12 @@
break;
case 'f':
log_facility = log_facility_number(optarg);
- if (log_level == SYSLOG_FACILITY_NOT_SET)
+ if (log_facility == SYSLOG_FACILITY_NOT_SET)
error("Invalid log facility \"%s\"", optarg);
break;
case 'h':
default:
- usage();
+ sftp_server_usage();
}
}
@@ -1254,22 +1288,20 @@
if ((cp = getenv("SSH_CONNECTION")) != NULL) {
client_addr = xstrdup(cp);
- if ((cp = strchr(client_addr, ' ')) == NULL)
- fatal("Malformed SSH_CONNECTION variable: \"%s\"",
+ if ((cp = strchr(client_addr, ' ')) == NULL) {
+ error("Malformed SSH_CONNECTION variable: \"%s\"",
getenv("SSH_CONNECTION"));
+ sftp_server_cleanup_exit(255);
+ }
*cp = '\0';
} else
client_addr = xstrdup("UNKNOWN");
- if ((pw = getpwuid(getuid())) == NULL)
- fatal("No user found for uid %lu", (u_long)getuid());
- pw = pwcopy(pw);
+ pw = pwcopy(user_pw);
logit("session opened for local user %s from [%s]",
pw->pw_name, client_addr);
- handle_init();
-
in = dup(STDIN_FILENO);
out = dup(STDOUT_FILENO);
@@ -1295,7 +1327,15 @@
memset(rset, 0, set_size);
memset(wset, 0, set_size);
- FD_SET(in, rset);
+ /*
+ * Ensure that we can read a full buffer and handle
+ * the worst-case length packet it can generate,
+ * otherwise apply backpressure by stopping reads.
+ */
+ if (buffer_check_alloc(&iqueue, sizeof(buf)) &&
+ buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
+ FD_SET(in, rset);
+
olen = buffer_len(&oqueue);
if (olen > 0)
FD_SET(out, wset);
@@ -1304,19 +1344,18 @@
if (errno == EINTR)
continue;
error("select: %s", strerror(errno));
- cleanup_exit(2);
+ sftp_server_cleanup_exit(2);
}
/* copy stdin to iqueue */
if (FD_ISSET(in, rset)) {
- char buf[4*4096];
len = read(in, buf, sizeof buf);
if (len == 0) {
debug("read eof");
- cleanup_exit(0);
+ sftp_server_cleanup_exit(0);
} else if (len < 0) {
error("read: %s", strerror(errno));
- cleanup_exit(1);
+ sftp_server_cleanup_exit(1);
} else {
buffer_append(&iqueue, buf, len);
}
@@ -1326,12 +1365,18 @@
len = write(out, buffer_ptr(&oqueue), olen);
if (len < 0) {
error("write: %s", strerror(errno));
- cleanup_exit(1);
+ sftp_server_cleanup_exit(1);
} else {
buffer_consume(&oqueue, len);
}
}
- /* process requests from client */
- process();
+
+ /*
+ * Process requests from client if we can fit the results
+ * into the output buffer, otherwise stop processing input
+ * and let the output queue drain.
+ */
+ if (buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
+ process();
}
}
Index: Makefile.in
===================================================================
RCS file: /home/cvs/src/crypto/openssh/Makefile.in,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/Makefile.in -L crypto/openssh/Makefile.in -u -r1.3 -r1.4
--- crypto/openssh/Makefile.in
+++ crypto/openssh/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.283 2006/10/23 21:44:47 tim Exp $
+# $Id: Makefile.in,v 1.289 2008/03/13 01:41:31 djm Exp $
# uncomment if you run a non bourne compatable shell. Ie. csh
#SHELL = @SH@
@@ -44,11 +44,8 @@
CFLAGS=@CFLAGS@
CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@
LIBS=@LIBS@
-LIBSELINUX=@LIBSELINUX@
SSHDLIBS=@SSHDLIBS@
LIBEDIT=@LIBEDIT@
-LIBPAM=@LIBPAM@
-LIBWRAP=@LIBWRAP@
AR=@AR@
AWK=@AWK@
RANLIB=@RANLIB@
@@ -74,7 +71,7 @@
atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \
kexgex.o kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
- entropy.o scard-opensc.o gss-genr.o
+ entropy.o scard-opensc.o gss-genr.o umac.o
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
sshconnect.o sshconnect1.o sshconnect2.o
@@ -89,7 +86,7 @@
auth-krb5.o \
auth2-gss.o gss-serv.o gss-serv-krb5.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
- audit.o audit-bsm.o platform.o
+ audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o
MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out
MANPAGES_IN = scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
@@ -139,7 +136,7 @@
$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
- $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(SSHDLIBS) $(LIBS)
+ $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS)
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
@@ -159,8 +156,8 @@
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
-sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o
- $(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
+ $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
@@ -381,7 +378,7 @@
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
-tests: $(TARGETS)
+tests interop-tests: $(TARGETS)
BUILDDIR=`pwd`; \
[ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \
[ -f `pwd`/regress/Makefile ] || \
@@ -395,6 +392,8 @@
TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \
TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \
TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \
+ TEST_SSH_PLINK="plink"; \
+ TEST_SSH_PUTTYGEN="puttygen"; \
cd $(srcdir)/regress || exit $$?; \
$(MAKE) \
.OBJDIR="$${BUILDDIR}/regress" \
@@ -411,6 +410,8 @@
TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \
TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \
TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \
+ TEST_SSH_PLINK="$${TEST_SSH_PLINK}" \
+ TEST_SSH_PUTTYGEN="$${TEST_SSH_PUTTYGEN}" \
EXEEXT="$(EXEEXT)" \
$@
Index: ssh_config
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh_config,v
retrieving revision 1.5
retrieving revision 1.6
diff -L crypto/openssh/ssh_config -L crypto/openssh/ssh_config -u -r1.5 -r1.6
--- crypto/openssh/ssh_config
+++ crypto/openssh/ssh_config
@@ -1,5 +1,5 @@
-# $OpenBSD: ssh_config,v 1.22 2006/05/29 12:56:33 dtucker Exp $
# $MidnightBSD$
+# $OpenBSD: ssh_config,v 1.23 2007/06/08 04:40:40 pvalchev Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
@@ -39,8 +39,9 @@
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
+# MACs hmac-md5,hmac-sha1,umac-64 at openssh.com,hmac-ripemd160
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
-# VersionAddendum MidnightBSD-20070313
+# VersionAddendum MidnightBSD-20080406
Index: includes.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/includes.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/includes.h -L crypto/openssh/includes.h -u -r1.4 -r1.5
--- crypto/openssh/includes.h
+++ crypto/openssh/includes.h
@@ -49,7 +49,7 @@
#ifdef HAVE_NEXT
# include <libc.h>
#endif
-#ifdef HAVE_PATHS
+#ifdef HAVE_PATHS_H
# include <paths.h>
#endif
Index: canohost.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/canohost.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/canohost.c -L crypto/openssh/canohost.c -u -r1.3 -r1.4
--- crypto/openssh/canohost.c
+++ crypto/openssh/canohost.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: canohost.c,v 1.61 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: canohost.c,v 1.62 2007/12/27 14:22:08 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -32,6 +32,7 @@
#include "packet.h"
#include "log.h"
#include "canohost.h"
+#include "misc.h"
static void check_ip_options(int, char *);
@@ -271,7 +272,7 @@
if ((r = getnameinfo((struct sockaddr *)&addr, addrlen, ntop,
sizeof(ntop), NULL, 0, flags)) != 0) {
error("get_socket_address: getnameinfo %d failed: %s", flags,
- r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
+ ssh_gai_strerror(r));
return NULL;
}
return xstrdup(ntop);
@@ -372,7 +373,7 @@
if ((r = getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0,
strport, sizeof(strport), NI_NUMERICSERV)) != 0)
fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed: %s",
- r == EAI_SYSTEM ? strerror(errno) : gai_strerror(r));
+ ssh_gai_strerror(r));
return atoi(strport);
}
Index: ssh-keygen.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh-keygen.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/ssh-keygen.c -L crypto/openssh/ssh-keygen.c -u -r1.4 -r1.5
--- crypto/openssh/ssh-keygen.c
+++ crypto/openssh/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.160 2007/01/21 01:41:54 stevesk Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.165 2008/01/19 22:37:19 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -21,6 +21,7 @@
#include <openssl/evp.h>
#include <openssl/pem.h>
+#include "openbsd-compat/openssl-compat.h"
#include <errno.h>
#include <fcntl.h>
@@ -141,8 +142,7 @@
fprintf(stderr, "%s (%s): ", prompt, identity_file);
if (fgets(buf, sizeof(buf), stdin) == NULL)
exit(1);
- if (strchr(buf, '\n'))
- *strchr(buf, '\n') = 0;
+ buf[strcspn(buf, "\n")] = '\0';
if (strcmp(buf, "") != 0)
strlcpy(identity_file, buf, sizeof(identity_file));
have_identity = 1;
@@ -505,7 +505,7 @@
FILE *f;
Key *public;
char *comment = NULL, *cp, *ep, line[16*1024], *fp;
- int i, skip = 0, num = 1, invalid = 1;
+ int i, skip = 0, num = 0, invalid = 1;
enum fp_rep rep;
enum fp_type fptype;
struct stat st;
@@ -536,9 +536,9 @@
f = fopen(identity_file, "r");
if (f != NULL) {
while (fgets(line, sizeof(line), f)) {
- i = strlen(line) - 1;
- if (line[i] != '\n') {
- error("line %d too long: %.40s...", num, line);
+ if ((cp = strchr(line, '\n')) == NULL) {
+ error("line %d too long: %.40s...",
+ num + 1, line);
skip = 1;
continue;
}
@@ -547,7 +547,7 @@
skip = 0;
continue;
}
- line[i] = '\0';
+ *cp = '\0';
/* Skip leading whitespace, empty and comment lines. */
for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
@@ -598,7 +598,7 @@
}
static void
-print_host(FILE *f, char *name, Key *public, int hash)
+print_host(FILE *f, const char *name, Key *public, int hash)
{
if (hash && (name = host_hash(name, NULL, 0)) == NULL)
fatal("hash_host failed");
@@ -615,7 +615,7 @@
Key *public;
char *cp, *cp2, *kp, *kp2;
char line[16*1024], tmp[MAXPATHLEN], old[MAXPATHLEN];
- int c, i, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0;
+ int c, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0;
if (!have_identity) {
cp = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE, pw->pw_uid);
@@ -650,19 +650,18 @@
}
while (fgets(line, sizeof(line), in)) {
- num++;
- i = strlen(line) - 1;
- if (line[i] != '\n') {
- error("line %d too long: %.40s...", num, line);
+ if ((cp = strchr(line, '\n')) == NULL) {
+ error("line %d too long: %.40s...", num + 1, line);
skip = 1;
invalid = 1;
continue;
}
+ num++;
if (skip) {
skip = 0;
continue;
}
- line[i] = '\0';
+ *cp = '\0';
/* Skip leading whitespace, empty and comment lines. */
for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
@@ -726,7 +725,8 @@
printf("# Host %s found: "
"line %d type %s\n", name,
num, key_type(public));
- print_host(out, cp, public, hash_hosts);
+ print_host(out, name, public,
+ hash_hosts);
}
if (delete_host && !c)
print_host(out, cp, public, 0);
@@ -750,7 +750,7 @@
fclose(in);
if (invalid) {
- fprintf(stderr, "%s is not a valid known_host file.\n",
+ fprintf(stderr, "%s is not a valid known_hosts file.\n",
identity_file);
if (inplace) {
fprintf(stderr, "Not replacing existing known_hosts "
@@ -962,8 +962,7 @@
key_free(private);
exit(1);
}
- if (strchr(new_comment, '\n'))
- *strchr(new_comment, '\n') = 0;
+ new_comment[strcspn(new_comment, "\n")] = '\0';
}
/* Save the file using the new passphrase. */
@@ -1006,7 +1005,7 @@
static void
usage(void)
{
- fprintf(stderr, "Usage: %s [options]\n", __progname);
+ fprintf(stderr, "usage: %s [options]\n", __progname);
fprintf(stderr, "Options:\n");
fprintf(stderr, " -a trials Number of trials for screening DH-GEX moduli.\n");
fprintf(stderr, " -B Show bubblebabble digest of key file.\n");
Index: ssh-keyscan.1
===================================================================
RCS file: /home/cvs/src/crypto/openssh/ssh-keyscan.1,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/ssh-keyscan.1 -L crypto/openssh/ssh-keyscan.1 -u -r1.3 -r1.4
--- crypto/openssh/ssh-keyscan.1
+++ crypto/openssh/ssh-keyscan.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keyscan.1,v 1.22 2006/09/25 04:55:38 ray Exp $
+.\" $OpenBSD: ssh-keyscan.1,v 1.23 2007/05/31 19:20:16 jmc Exp $
.\"
.\" Copyright 1995, 1996 by David Mazieres <dm at lcs.mit.edu>.
.\"
@@ -6,7 +6,7 @@
.\" permitted provided that due credit is given to the author and the
.\" OpenBSD project by leaving this copyright notice intact.
.\"
-.Dd January 1, 1996
+.Dd $Mdocdate: June 5 2007 $
.Dt SSH-KEYSCAN 1
.Os
.Sh NAME
Index: gss-serv.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/gss-serv.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/gss-serv.c -L crypto/openssh/gss-serv.c -u -r1.3 -r1.4
--- crypto/openssh/gss-serv.c
+++ crypto/openssh/gss-serv.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-serv.c,v 1.20 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: gss-serv.c,v 1.21 2007/06/12 08:20:00 djm Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@@ -29,6 +29,7 @@
#ifdef GSSAPI
#include <sys/types.h>
+#include <sys/param.h>
#include <stdarg.h>
#include <string.h>
@@ -64,6 +65,53 @@
&gssapi_null_mech,
};
+
+/*
+ * Acquire credentials for a server running on the current host.
+ * Requires that the context structure contains a valid OID
+ */
+
+/* Returns a GSSAPI error code */
+/* Privileged (called from ssh_gssapi_server_ctx) */
+static OM_uint32
+ssh_gssapi_acquire_cred(Gssctxt *ctx)
+{
+ OM_uint32 status;
+ char lname[MAXHOSTNAMELEN];
+ gss_OID_set oidset;
+
+ gss_create_empty_oid_set(&status, &oidset);
+ gss_add_oid_set_member(&status, ctx->oid, &oidset);
+
+ if (gethostname(lname, MAXHOSTNAMELEN)) {
+ gss_release_oid_set(&status, &oidset);
+ return (-1);
+ }
+
+ if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
+ gss_release_oid_set(&status, &oidset);
+ return (ctx->major);
+ }
+
+ if ((ctx->major = gss_acquire_cred(&ctx->minor,
+ ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
+ ssh_gssapi_error(ctx);
+
+ gss_release_oid_set(&status, &oidset);
+ return (ctx->major);
+}
+
+/* Privileged */
+OM_uint32
+ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
+{
+ if (*ctx)
+ ssh_gssapi_delete_ctx(ctx);
+ ssh_gssapi_build_ctx(ctx);
+ ssh_gssapi_set_oid(*ctx, oid);
+ return (ssh_gssapi_acquire_cred(*ctx));
+}
+
/* Unprivileged */
void
ssh_gssapi_supported_oids(gss_OID_set *oidset)
Index: gss-genr.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/gss-genr.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/gss-genr.c -L crypto/openssh/gss-genr.c -u -r1.3 -r1.4
--- crypto/openssh/gss-genr.c
+++ crypto/openssh/gss-genr.c
@@ -1,7 +1,7 @@
-/* $OpenBSD: gss-genr.c,v 1.17 2006/08/29 12:02:30 dtucker Exp $ */
+/* $OpenBSD: gss-genr.c,v 1.19 2007/06/12 11:56:15 dtucker Exp $ */
/*
- * Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
+ * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -107,7 +107,7 @@
/* The GSSAPI error */
do {
gss_display_status(&lmin, ctxt->major,
- GSS_C_GSS_CODE, GSS_C_NULL_OID, &ctx, &msg);
+ GSS_C_GSS_CODE, ctxt->oid, &ctx, &msg);
buffer_append(&b, msg.value, msg.length);
buffer_put_char(&b, '\n');
@@ -118,7 +118,7 @@
/* The mechanism specific error */
do {
gss_display_status(&lmin, ctxt->minor,
- GSS_C_MECH_CODE, GSS_C_NULL_OID, &ctx, &msg);
+ GSS_C_MECH_CODE, ctxt->oid, &ctx, &msg);
buffer_append(&b, msg.value, msg.length);
buffer_put_char(&b, '\n');
@@ -226,39 +226,6 @@
return (ctx->major);
}
-/* Acquire credentials for a server running on the current host.
- * Requires that the context structure contains a valid OID
- */
-
-/* Returns a GSSAPI error code */
-OM_uint32
-ssh_gssapi_acquire_cred(Gssctxt *ctx)
-{
- OM_uint32 status;
- char lname[MAXHOSTNAMELEN];
- gss_OID_set oidset;
-
- gss_create_empty_oid_set(&status, &oidset);
- gss_add_oid_set_member(&status, ctx->oid, &oidset);
-
- if (gethostname(lname, MAXHOSTNAMELEN)) {
- gss_release_oid_set(&status, &oidset);
- return (-1);
- }
-
- if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
- gss_release_oid_set(&status, &oidset);
- return (ctx->major);
- }
-
- if ((ctx->major = gss_acquire_cred(&ctx->minor,
- ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
- ssh_gssapi_error(ctx);
-
- gss_release_oid_set(&status, &oidset);
- return (ctx->major);
-}
-
OM_uint32
ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash)
{
@@ -281,16 +248,6 @@
buffer_put_cstring(b, context);
}
-OM_uint32
-ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
-{
- if (*ctx)
- ssh_gssapi_delete_ctx(ctx);
- ssh_gssapi_build_ctx(ctx);
- ssh_gssapi_set_oid(*ctx, oid);
- return (ssh_gssapi_acquire_cred(*ctx));
-}
-
int
ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
{
Index: scp.1
===================================================================
RCS file: /home/cvs/src/crypto/openssh/scp.1,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/scp.1 -L crypto/openssh/scp.1 -u -r1.3 -r1.4
--- crypto/openssh/scp.1
+++ crypto/openssh/scp.1
@@ -9,9 +9,9 @@
.\"
.\" Created: Sun May 7 00:14:37 1995 ylo
.\"
-.\" $OpenBSD: scp.1,v 1.40 2006/07/18 07:56:28 jmc Exp $
+.\" $OpenBSD: scp.1,v 1.44 2008/01/31 20:06:50 jmc Exp $
.\"
-.Dd September 25, 1999
+.Dd $Mdocdate: February 10 2008 $
.Dt SCP 1
.Os
.Sh NAME
@@ -34,7 +34,7 @@
.Ar host1 No :
.Oc Ns Ar file1
.Sm on
-.Op Ar ...
+.Ar ...
.Sm off
.Oo
.Op Ar user No @
@@ -56,9 +56,15 @@
will ask for passwords or passphrases if they are needed for
authentication.
.Pp
-Any file name may contain a host and user specification to indicate
+File names may contain a user and host specification to indicate
that the file is to be copied to/from that host.
-Copies between two remote hosts are permitted.
+Local file names can be made explicit using absolute or relative pathnames
+to avoid
+.Nm
+treating file names containing
+.Sq :\&
+as host specifiers.
+Copies between two remote hosts are also permitted.
.Pp
The options are as follows:
.Bl -tag -width Ds
@@ -178,7 +184,9 @@
Preserves modification times, access times, and modes from the
original file.
.It Fl q
-Disables the progress meter.
+Quiet mode: disables the progress meter as well as warning and diagnostic
+messages from
+.Xr ssh 1 .
.It Fl r
Recursively copy entire directories.
.It Fl S Ar program
Index: auth2-gss.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth2-gss.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/auth2-gss.c -L crypto/openssh/auth2-gss.c -u -r1.3 -r1.4
--- crypto/openssh/auth2-gss.c
+++ crypto/openssh/auth2-gss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-gss.c,v 1.15 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth2-gss.c,v 1.16 2007/10/29 00:52:45 dtucker Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
Index: auth2.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth2.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/auth2.c -L crypto/openssh/auth2.c -u -r1.4 -r1.5
--- crypto/openssh/auth2.c
+++ crypto/openssh/auth2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2.c,v 1.114 2007/03/01 10:28:02 dtucker Exp $ */
+/* $OpenBSD: auth2.c,v 1.116 2007/09/29 00:25:51 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -87,7 +87,6 @@
/* helper */
static Authmethod *authmethod_lookup(const char *);
static char *authmethods_get(void);
-int user_key_allowed(struct passwd *, Key *);
/*
* loop until authctxt->success == TRUE
@@ -281,8 +280,6 @@
}
}
-#define DELIM ","
-
static char *
authmethods_get(void)
{
Index: sshd.8
===================================================================
RCS file: /home/cvs/src/crypto/openssh/sshd.8,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/sshd.8 -L crypto/openssh/sshd.8 -u -r1.3 -r1.4
--- crypto/openssh/sshd.8
+++ crypto/openssh/sshd.8
@@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.234 2006/08/21 08:15:57 dtucker Exp $
-.Dd September 25, 1999
+.\" $OpenBSD: sshd.8,v 1.240 2008/03/26 21:28:14 djm Exp $
+.Dd $Mdocdate: March 27 2008 $
.Dt SSHD 8
.Os
.Sh NAME
@@ -58,8 +58,11 @@
.Nm
(OpenSSH Daemon) is the daemon program for
.Xr ssh 1 .
-Together these programs replace rlogin and rsh, and
-provide secure encrypted communications between two untrusted hosts
+Together these programs replace
+.Xr rlogin 1
+and
+.Xr rsh 1 ,
+and provide secure encrypted communications between two untrusted hosts
over an insecure network.
.Pp
.Nm
@@ -117,7 +120,7 @@
When this option is specified,
.Nm
will send the output to the standard error instead of the system log.
-.It Fl f Ar configuration_file
+.It Fl f Ar config_file
Specifies the name of the configuration file.
The default is
.Pa /etc/ssh/sshd_config .
@@ -273,7 +276,7 @@
to use from those offered by the server.
Additionally, session integrity is provided
through a cryptographic message authentication code
-(hmac-sha1 or hmac-md5).
+(hmac-md5, hmac-sha1, umac-64 or hmac-ripemd160).
.Pp
Finally, the server and the client enter an authentication dialog.
The client tries to authenticate itself using
@@ -299,8 +302,9 @@
a leading
.Ql \&*LOCKED\&*
on FreeBSD and a leading
-.Ql \&!!
-on Linux). If there is a requirement to disable password authentication
+.Ql \&!
+on most Linuxes).
+If there is a requirement to disable password authentication
for the account while allowing still public-key, then the passwd field
should be set to something other than these values (eg
.Ql NP
@@ -527,6 +531,9 @@
option.
.It Cm no-pty
Prevents tty allocation (a request to allocate a pty will fail).
+.It Cm no-user-rc
+Disables execution of
+.Pa ~/.ssh/rc .
.It Cm no-X11-forwarding
Forbids X11 forwarding when this key is used for authentication.
Any X11 forward requests by the client will return an error.
@@ -678,6 +685,13 @@
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
+.It ~/.ssh/
+This directory is the default location for all user-specific configuration
+and authentication information.
+There is no general requirement to keep the entire contents of this directory
+secret, but the recommended permissions are read/write/execute for the user,
+and not accessible by others.
+.Pp
.It ~/.ssh/authorized_keys
Lists the public keys (RSA/DSA) that can be used for logging in as this user.
The format of this file is described above.
@@ -758,15 +772,6 @@
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
-.It /etc/ssh/ssh_known_hosts
-Systemwide list of known host keys.
-This file should be prepared by the
-system administrator to contain the public host keys of all machines in the
-organization.
-The format of this file is described above.
-This file should be writable only by root/the owner and
-should be world-readable.
-.Pp
.It /etc/ssh/ssh_host_key
.It /etc/ssh/ssh_host_dsa_key
.It /etc/ssh/ssh_host_rsa_key
@@ -790,6 +795,15 @@
These files are created using
.Xr ssh-keygen 1 .
.Pp
+.It /etc/ssh/ssh_known_hosts
+Systemwide list of known host keys.
+This file should be prepared by the
+system administrator to contain the public host keys of all machines in the
+organization.
+The format of this file is described above.
+This file should be writable only by root/the owner and
+should be world-readable.
+.Pp
.It /etc/ssh/sshd_config
Contains configuration data for
.Nm sshd .
@@ -826,6 +840,7 @@
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,
.Xr ssh-keygen 1 ,
+.Xr ssh-keyscan 1 ,
.Xr chroot 2 ,
.Xr hosts_access 5 ,
.Xr login.conf 5 ,
Index: buildpkg.sh.in
===================================================================
RCS file: /home/cvs/src/crypto/openssh/buildpkg.sh.in,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/buildpkg.sh.in -L crypto/openssh/buildpkg.sh.in -u -r1.4 -r1.5
--- crypto/openssh/buildpkg.sh.in
+++ crypto/openssh/buildpkg.sh.in
@@ -49,6 +49,8 @@
OPENSSHD=opensshd.init
OPENSSH_MANIFEST=openssh.xml
OPENSSH_FMRI=svc:/site/${SYSVINIT_NAME}:default
+SMF_METHOD_DIR=/lib/svc/method/site
+SMF_MANIFEST_DIR=/var/svc/manifest/site
PATH_GROUPADD_PROG=@PATH_GROUPADD_PROG@
PATH_USERADD_PROG=@PATH_USERADD_PROG@
@@ -196,15 +198,17 @@
# For Solaris' SMF, /lib/svc/method/site is the preferred place
# for start/stop scripts that aren't supplied with the OS, and
# similarly /var/svc/manifest/site for manifests.
- mkdir -p $FAKE_ROOT${TEST_DIR}/lib/svc/method/site
- mkdir -p $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site
+ mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}
+ mkdir -p $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}
- cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
- chmod 744 $FAKE_ROOT${TEST_DIR}/lib/svc/method/site/${SYSVINIT_NAME}
+ cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME}
+ chmod 744 $FAKE_ROOT${TEST_DIR}${SMF_METHOD_DIR}/${SYSVINIT_NAME}
- cat ${OPENSSH_MANIFEST} | sed "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \
- > $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml
- chmod 644 $FAKE_ROOT${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml
+ cat ${OPENSSH_MANIFEST} | \
+ sed -e "s|__SYSVINIT_NAME__|${SYSVINIT_NAME}|" \
+ -e "s|__SMF_METHOD_DIR__|${SMF_METHOD_DIR}|" \
+ > $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
+ chmod 644 $FAKE_ROOT${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
else
mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
@@ -214,19 +218,19 @@
[ "${PERMIT_ROOT_LOGIN}" = no ] && \
perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
+ $FAKE_ROOT${sysconfdir}/sshd_config
[ "${X11_FORWARDING}" = yes ] && \
perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
+ $FAKE_ROOT${sysconfdir}/sshd_config
# fix PrintMotd
perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
+ $FAKE_ROOT${sysconfdir}/sshd_config
# We don't want to overwrite config files on multiple installs
-mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
-mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
-[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
-mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
+mv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default
+mv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default
+[ -f $FAKE_ROOT${sysconfdir}/ssh_prng_cmds ] && \
+mv $FAKE_ROOT${sysconfdir}/ssh_prng_cmds $FAKE_ROOT${sysconfdir}/ssh_prng_cmds.default
# local tweeks here
[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
@@ -336,7 +340,7 @@
svccfg delete -f $OPENSSH_FMRI
fi
# NOTE, The manifest disables sshd by default.
- svccfg import ${TEST_DIR}/var/svc/manifest/site/${SYSVINIT_NAME}.xml
+ svccfg import ${TEST_DIR}${SMF_MANIFEST_DIR}/${SYSVINIT_NAME}.xml
else
if [ "\${USE_SYM_LINKS}" = yes ]
then
Index: clientloop.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/clientloop.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/clientloop.c -L crypto/openssh/clientloop.c -u -r1.4 -r1.5
--- crypto/openssh/clientloop.c
+++ crypto/openssh/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.178 2007/02/20 10:25:14 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.188 2008/02/22 20:44:02 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -157,7 +157,6 @@
static int connection_out; /* Connection to server (output). */
static int need_rekeying; /* Set to non-zero if rekeying is requested. */
static int session_closed = 0; /* In SSH2: login session closed. */
-static int server_alive_timeouts = 0;
static void client_init_dispatch(void);
int session_ident = -1;
@@ -290,19 +289,29 @@
generated = 1;
}
}
- snprintf(cmd, sizeof(cmd),
- "%s %s%s list %s 2>" _PATH_DEVNULL,
- xauth_path,
- generated ? "-f " : "" ,
- generated ? xauthfile : "",
- display);
- debug2("x11_get_proto: %s", cmd);
- f = popen(cmd, "r");
- if (f && fgets(line, sizeof(line), f) &&
- sscanf(line, "%*s %511s %511s", proto, data) == 2)
- got_data = 1;
- if (f)
- pclose(f);
+
+ /*
+ * When in untrusted mode, we read the cookie only if it was
+ * successfully generated as an untrusted one in the step
+ * above.
+ */
+ if (trusted || generated) {
+ snprintf(cmd, sizeof(cmd),
+ "%s %s%s list %s 2>" _PATH_DEVNULL,
+ xauth_path,
+ generated ? "-f " : "" ,
+ generated ? xauthfile : "",
+ display);
+ debug2("x11_get_proto: %s", cmd);
+ f = popen(cmd, "r");
+ if (f && fgets(line, sizeof(line), f) &&
+ sscanf(line, "%*s %511s %511s", proto, data) == 2)
+ got_data = 1;
+ if (f)
+ pclose(f);
+ } else
+ error("Warning: untrusted X11 forwarding setup failed: "
+ "xauth key data not generated");
}
if (do_unlink) {
@@ -457,14 +466,14 @@
static void
client_global_request_reply(int type, u_int32_t seq, void *ctxt)
{
- server_alive_timeouts = 0;
+ keep_alive_timeouts = 0;
client_global_request_reply_fwd(type, seq, ctxt);
}
static void
server_alive_check(void)
{
- if (++server_alive_timeouts > options.server_alive_count_max) {
+ if (++keep_alive_timeouts > options.server_alive_count_max) {
logit("Timeout, server not responding.");
cleanup_exit(255);
}
@@ -712,7 +721,7 @@
struct sockaddr_storage addr;
struct confirm_ctx *cctx;
char *cmd;
- u_int i, len, env_len, command, flags;
+ u_int i, j, len, env_len, command, flags;
uid_t euid;
gid_t egid;
@@ -860,9 +869,23 @@
xfree(cmd);
/* Gather fds from client */
- new_fd[0] = mm_receive_fd(client_fd);
- new_fd[1] = mm_receive_fd(client_fd);
- new_fd[2] = mm_receive_fd(client_fd);
+ for(i = 0; i < 3; i++) {
+ if ((new_fd[i] = mm_receive_fd(client_fd)) == -1) {
+ error("%s: failed to receive fd %d from slave",
+ __func__, i);
+ for (j = 0; j < i; j++)
+ close(new_fd[j]);
+ for (j = 0; j < env_len; j++)
+ xfree(cctx->env[j]);
+ if (env_len > 0)
+ xfree(cctx->env);
+ xfree(cctx->term);
+ buffer_free(&cctx->cmd);
+ close(client_fd);
+ xfree(cctx);
+ return;
+ }
+ }
debug2("%s: got fds stdin %d, stdout %d, stderr %d", __func__,
new_fd[0], new_fd[1], new_fd[2]);
@@ -930,12 +953,15 @@
u_short cancel_port;
Forward fwd;
+ bzero(&fwd, sizeof(fwd));
+ fwd.listen_host = fwd.connect_host = NULL;
+
leave_raw_mode();
handler = signal(SIGINT, SIG_IGN);
cmd = s = read_passphrase("\r\nssh> ", RP_ECHO);
if (s == NULL)
goto out;
- while (*s && isspace(*s))
+ while (isspace(*s))
s++;
if (*s == '-')
s++; /* Skip cmdline '-', if any */
@@ -982,9 +1008,8 @@
goto out;
}
- s++;
- while (*s && isspace(*s))
- s++;
+ while (isspace(*++s))
+ ;
if (delete) {
cancel_port = 0;
@@ -1030,6 +1055,10 @@
enter_raw_mode();
if (cmd)
xfree(cmd);
+ if (fwd.listen_host != NULL)
+ xfree(fwd.listen_host);
+ if (fwd.connect_host != NULL)
+ xfree(fwd.connect_host);
}
/* process the characters one by one */
@@ -1710,7 +1739,7 @@
}
c = channel_new("forwarded-tcpip",
SSH_CHANNEL_CONNECTING, sock, sock, -1,
- CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
+ CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
originator_address, 1);
xfree(originator_address);
xfree(listen_address);
@@ -1768,12 +1797,56 @@
return NULL;
c = channel_new("authentication agent connection",
SSH_CHANNEL_OPEN, sock, sock, -1,
- CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0,
+ CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0,
"authentication agent connection", 1);
c->force_drain = 1;
return c;
}
+int
+client_request_tun_fwd(int tun_mode, int local_tun, int remote_tun)
+{
+ Channel *c;
+ int fd;
+
+ if (tun_mode == SSH_TUNMODE_NO)
+ return 0;
+
+ if (!compat20) {
+ error("Tunnel forwarding is not support for protocol 1");
+ return -1;
+ }
+
+ debug("Requesting tun unit %d in mode %d", local_tun, tun_mode);
+
+ /* Open local tunnel device */
+ if ((fd = tun_open(local_tun, tun_mode)) == -1) {
+ error("Tunnel device open failed.");
+ return -1;
+ }
+
+ c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1,
+ CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1);
+ c->datagram = 1;
+
+#if defined(SSH_TUN_FILTER)
+ if (options.tun_open == SSH_TUNMODE_POINTOPOINT)
+ channel_register_filter(c->self, sys_tun_infilter,
+ sys_tun_outfilter);
+#endif
+
+ packet_start(SSH2_MSG_CHANNEL_OPEN);
+ packet_put_cstring("tun at openssh.com");
+ packet_put_int(c->self);
+ packet_put_int(c->local_window_max);
+ packet_put_int(c->local_maxpacket);
+ packet_put_int(tun_mode);
+ packet_put_int(remote_tun);
+ packet_send();
+
+ return 0;
+}
+
/* XXXX move to generic input handler */
static void
client_input_channel_open(int type, u_int32_t seq, void *ctxt)
Index: auth-pam.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/auth-pam.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/auth-pam.c -L crypto/openssh/auth-pam.c -u -r1.4 -r1.5
--- crypto/openssh/auth-pam.c
+++ crypto/openssh/auth-pam.c
@@ -161,9 +161,9 @@
WTERMSIG(sshpam_thread_status) == SIGTERM)
return; /* terminated by pthread_cancel */
if (!WIFEXITED(sshpam_thread_status))
- fatal("PAM: authentication thread exited unexpectedly");
+ sigdie("PAM: authentication thread exited unexpectedly");
if (WEXITSTATUS(sshpam_thread_status) != 0)
- fatal("PAM: authentication thread exited uncleanly");
+ sigdie("PAM: authentication thread exited uncleanly");
}
/* ARGSUSED */
@@ -598,15 +598,17 @@
void
sshpam_cleanup(void)
{
- debug("PAM: cleanup");
- if (sshpam_handle == NULL)
+ if (sshpam_handle == NULL || (use_privsep && !mm_is_monitor()))
return;
+ debug("PAM: cleanup");
pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv);
if (sshpam_cred_established) {
+ debug("PAM: deleting credentials");
pam_setcred(sshpam_handle, PAM_DELETE_CRED);
sshpam_cred_established = 0;
}
if (sshpam_session_open) {
+ debug("PAM: closing session");
pam_close_session(sshpam_handle, PAM_SILENT);
sshpam_session_open = 0;
}
@@ -686,8 +688,7 @@
return (NULL);
}
- ctxt = xmalloc(sizeof *ctxt);
- memset(ctxt, 0, sizeof(*ctxt));
+ ctxt = xcalloc(1, sizeof *ctxt);
/* Start the authentication thread */
if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) {
@@ -985,7 +986,8 @@
break;
case PAM_PROMPT_ECHO_ON:
fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg));
- fgets(input, sizeof input, stdin);
+ if (fgets(input, sizeof input, stdin) == NULL)
+ input[0] = '\0';
if ((reply[i].resp = strdup(input)) == NULL)
goto fail;
reply[i].resp_retcode = PAM_SUCCESS;
@@ -1130,9 +1132,8 @@
if (n <= 0 || n > PAM_MAX_NUM_MSG)
return (PAM_CONV_ERR);
- if ((reply = malloc(n * sizeof(*reply))) == NULL)
+ if ((reply = calloc(n, sizeof(*reply))) == NULL)
return (PAM_CONV_ERR);
- memset(reply, 0, n * sizeof(*reply));
for (i = 0; i < n; ++i) {
switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
Index: packet.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/packet.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/packet.c -L crypto/openssh/packet.c -u -r1.4 -r1.5
--- crypto/openssh/packet.c
+++ crypto/openssh/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.145 2006/09/19 21:14:08 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.151 2008/02/22 20:44:02 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -136,6 +136,8 @@
/* Set to true if we are authenticated. */
static int after_authentication = 0;
+int keep_alive_timeouts = 0;
+
/* Session key information for Encryption and MAC */
Newkeys *newkeys[MODE_MAX];
static struct packet_state {
@@ -629,7 +631,7 @@
enc = &newkeys[mode]->enc;
mac = &newkeys[mode]->mac;
comp = &newkeys[mode]->comp;
- memset(mac->key, 0, mac->key_len);
+ mac_clear(mac);
xfree(enc->name);
xfree(enc->iv);
xfree(enc->key);
@@ -644,14 +646,15 @@
enc = &newkeys[mode]->enc;
mac = &newkeys[mode]->mac;
comp = &newkeys[mode]->comp;
- if (mac->md != NULL)
+ if (mac_init(mac) == 0)
mac->enabled = 1;
DBG(debug("cipher_init_context: %d", mode));
cipher_init(cc, enc->cipher, enc->key, enc->key_len,
enc->iv, enc->block_size, crypt_type);
/* Deleting the keys does not gain extra security */
/* memset(enc->iv, 0, enc->block_size);
- memset(enc->key, 0, enc->key_len); */
+ memset(enc->key, 0, enc->key_len);
+ memset(mac->key, 0, mac->key_len); */
if ((comp->type == COMP_ZLIB ||
(comp->type == COMP_DELAYED && after_authentication)) &&
comp->enabled == 0) {
@@ -1191,10 +1194,12 @@
for (;;) {
if (compat20) {
type = packet_read_poll2(seqnr_p);
+ keep_alive_timeouts = 0;
if (type)
DBG(debug("received packet type %d", type));
switch (type) {
case SSH2_MSG_IGNORE:
+ debug3("Received SSH2_MSG_IGNORE");
break;
case SSH2_MSG_DEBUG:
packet_get_char();
@@ -1235,7 +1240,6 @@
logit("Received disconnect from %s: %.400s",
get_remote_ipaddr(), msg);
cleanup_exit(255);
- xfree(msg);
break;
default:
if (type)
Index: bindresvport.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/bindresvport.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/bindresvport.c -L crypto/openssh/openbsd-compat/bindresvport.c -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/bindresvport.c
+++ crypto/openssh/openbsd-compat/bindresvport.c
@@ -1,6 +1,6 @@
/* This file has be substantially modified from the original OpenBSD source */
-/* $OpenBSD: bindresvport.c,v 1.16 2005/04/01 07:44:03 otto Exp $ */
+/* $OpenBSD: bindresvport.c,v 1.17 2005/12/21 01:40:22 millert Exp $ */
/*
* Copyright 1996, Jason Downs. All rights reserved.
Index: openbsd-compat.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/openbsd-compat.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/openbsd-compat.h -L crypto/openssh/openbsd-compat/openbsd-compat.h -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/openbsd-compat.h
+++ crypto/openssh/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openbsd-compat.h,v 1.42 2006/09/03 12:44:50 dtucker Exp $ */
+/* $Id: openbsd-compat.h,v 1.43 2007/06/25 12:15:13 dtucker Exp $ */
/*
* Copyright (c) 1999-2003 Damien Miller. All rights reserved.
@@ -140,6 +140,7 @@
/* Home grown routines */
#include "bsd-misc.h"
#include "bsd-waitpid.h"
+#include "bsd-poll.h"
#ifndef HAVE_GETPEEREID
int getpeereid(int , uid_t *, gid_t *);
Index: bsd-asprintf.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/bsd-asprintf.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssh/openbsd-compat/bsd-asprintf.c -L crypto/openssh/openbsd-compat/bsd-asprintf.c -u -r1.2 -r1.3
--- crypto/openssh/openbsd-compat/bsd-asprintf.c
+++ crypto/openssh/openbsd-compat/bsd-asprintf.c
@@ -55,6 +55,7 @@
if (ret >= 0 && ret < INIT_SZ) { /* succeeded with initial alloc */
*str = string;
} else if (ret == INT_MAX || ret < 0) { /* Bad length */
+ free(string);
goto fail;
} else { /* bigger than initial, realloc allowing for nul */
len = (size_t)ret + 1;
Index: base64.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/base64.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssh/openbsd-compat/base64.c -L crypto/openssh/openbsd-compat/base64.c -u -r1.2 -r1.3
--- crypto/openssh/openbsd-compat/base64.c
+++ crypto/openssh/openbsd-compat/base64.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: base64.c,v 1.4 2002/01/02 23:00:10 deraadt Exp $ */
+/* $OpenBSD: base64.c,v 1.5 2006/10/21 09:55:03 otto Exp $ */
/*
* Copyright (c) 1996 by Internet Software Consortium.
@@ -62,9 +62,6 @@
#include "base64.h"
-/* XXX abort illegal in library */
-#define Assert(Cond) if (!(Cond)) abort()
-
static const char Base64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const char Pad64 = '=';
@@ -151,10 +148,6 @@
output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
output[3] = input[2] & 0x3f;
- Assert(output[0] < 64);
- Assert(output[1] < 64);
- Assert(output[2] < 64);
- Assert(output[3] < 64);
if (datalength + 4 > targsize)
return (-1);
@@ -174,9 +167,6 @@
output[0] = input[0] >> 2;
output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
- Assert(output[0] < 64);
- Assert(output[1] < 64);
- Assert(output[2] < 64);
if (datalength + 4 > targsize)
return (-1);
Index: Makefile.in
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/Makefile.in,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/Makefile.in -L crypto/openssh/openbsd-compat/Makefile.in -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/Makefile.in
+++ crypto/openssh/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.40 2006/08/30 17:24:41 djm Exp $
+# $Id: Makefile.in,v 1.41 2007/06/25 12:15:13 dtucker Exp $
sysconfdir=@sysconfdir@
piddir=@piddir@
@@ -18,7 +18,7 @@
OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
-COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
+COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
PORTS=port-aix.o port-irix.o port-linux.o port-solaris.o port-tun.o port-uw.o
Index: sys-queue.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/sys-queue.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssh/openbsd-compat/sys-queue.h -L crypto/openssh/openbsd-compat/sys-queue.h -u -r1.2 -r1.3
--- crypto/openssh/openbsd-compat/sys-queue.h
+++ crypto/openssh/openbsd-compat/sys-queue.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: queue.h,v 1.25 2004/04/08 16:08:21 henning Exp $ */
+/* $OpenBSD: queue.h,v 1.32 2007/04/30 18:42:34 pedro Exp $ */
/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */
/*
@@ -167,6 +167,12 @@
* For details on the use of these macros, see the queue(3) manual page.
*/
+#if defined(QUEUE_MACRO_DEBUG) || (defined(_KERNEL) && defined(DIAGNOSTIC))
+#define _Q_INVALIDATE(a) (a) = ((void *)-1)
+#else
+#define _Q_INVALIDATE(a)
+#endif
+
/*
* Singly-linked List definitions.
*/
@@ -229,13 +235,14 @@
#define SLIST_REMOVE(head, elm, type, field) do { \
if ((head)->slh_first == (elm)) { \
SLIST_REMOVE_HEAD((head), field); \
- } \
- else { \
+ } else { \
struct type *curelm = (head)->slh_first; \
- while( curelm->field.sle_next != (elm) ) \
+ \
+ while (curelm->field.sle_next != (elm)) \
curelm = curelm->field.sle_next; \
curelm->field.sle_next = \
curelm->field.sle_next->field.sle_next; \
+ _Q_INVALIDATE((elm)->field.sle_next); \
} \
} while (0)
@@ -303,6 +310,8 @@
(elm)->field.le_next->field.le_prev = \
(elm)->field.le_prev; \
*(elm)->field.le_prev = (elm)->field.le_next; \
+ _Q_INVALIDATE((elm)->field.le_prev); \
+ _Q_INVALIDATE((elm)->field.le_next); \
} while (0)
#define LIST_REPLACE(elm, elm2, field) do { \
@@ -311,6 +320,8 @@
&(elm2)->field.le_next; \
(elm2)->field.le_prev = (elm)->field.le_prev; \
*(elm2)->field.le_prev = (elm2); \
+ _Q_INVALIDATE((elm)->field.le_prev); \
+ _Q_INVALIDATE((elm)->field.le_next); \
} while (0)
/*
@@ -369,8 +380,8 @@
(listelm)->field.sqe_next = (elm); \
} while (0)
-#define SIMPLEQ_REMOVE_HEAD(head, elm, field) do { \
- if (((head)->sqh_first = (elm)->field.sqe_next) == NULL) \
+#define SIMPLEQ_REMOVE_HEAD(head, field) do { \
+ if (((head)->sqh_first = (head)->sqh_first->field.sqe_next) == NULL) \
(head)->sqh_last = &(head)->sqh_first; \
} while (0)
@@ -465,6 +476,8 @@
else \
(head)->tqh_last = (elm)->field.tqe_prev; \
*(elm)->field.tqe_prev = (elm)->field.tqe_next; \
+ _Q_INVALIDATE((elm)->field.tqe_prev); \
+ _Q_INVALIDATE((elm)->field.tqe_next); \
} while (0)
#define TAILQ_REPLACE(head, elm, elm2, field) do { \
@@ -475,6 +488,8 @@
(head)->tqh_last = &(elm2)->field.tqe_next; \
(elm2)->field.tqe_prev = (elm)->field.tqe_prev; \
*(elm2)->field.tqe_prev = (elm2); \
+ _Q_INVALIDATE((elm)->field.tqe_prev); \
+ _Q_INVALIDATE((elm)->field.tqe_next); \
} while (0)
/*
@@ -575,6 +590,8 @@
else \
(elm)->field.cqe_prev->field.cqe_next = \
(elm)->field.cqe_next; \
+ _Q_INVALIDATE((elm)->field.cqe_prev); \
+ _Q_INVALIDATE((elm)->field.cqe_next); \
} while (0)
#define CIRCLEQ_REPLACE(head, elm, elm2, field) do { \
@@ -588,6 +605,8 @@
(head).cqh_first = (elm2); \
else \
(elm2)->field.cqe_prev->field.cqe_next = (elm2); \
+ _Q_INVALIDATE((elm)->field.cqe_prev); \
+ _Q_INVALIDATE((elm)->field.cqe_next); \
} while (0)
#endif /* !_FAKE_QUEUE_H_ */
Index: port-uw.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/port-uw.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/port-uw.c -L crypto/openssh/openbsd-compat/port-uw.c -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/port-uw.c
+++ crypto/openssh/openbsd-compat/port-uw.c
@@ -79,7 +79,7 @@
#endif /* UNIXWARE_LONG_PASSWORDS */
result = (strcmp(xcrypt(password, salt), pw_password) == 0);
-#if !defined(BROKEN_LIBIAF)
+#ifdef USE_LIBIAF
if (authctxt->valid)
free(pw_password);
#endif
@@ -127,7 +127,7 @@
functions that call shadow_pw() will need to free
*/
-#if !defined(BROKEN_LIBIAF)
+#ifdef USE_LIBIAF
char *
get_iaf_password(struct passwd *pw)
{
@@ -144,6 +144,6 @@
else
fatal("ia_openinfo: Unable to open the shadow passwd file");
}
-#endif /* !BROKEN_LIBIAF */
+#endif /* USE_LIBIAF */
#endif /* HAVE_LIBIAF */
Index: getrrsetbyname.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/getrrsetbyname.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/openbsd-compat/getrrsetbyname.c -L crypto/openssh/openbsd-compat/getrrsetbyname.c -u -r1.4 -r1.5
--- crypto/openssh/openbsd-compat/getrrsetbyname.c
+++ crypto/openssh/openbsd-compat/getrrsetbyname.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: getrrsetbyname.c,v 1.10 2005/03/30 02:58:28 tedu Exp $ */
+/* $OpenBSD: getrrsetbyname.c,v 1.11 2007/10/11 18:36:41 jakob Exp $ */
/*
* Copyright (c) 2001 Jakob Schlyter. All rights reserved.
@@ -67,13 +67,9 @@
#endif
#define _THREAD_PRIVATE(a,b,c) (c)
-/* to avoid conflicts where a platform already has _res */
-#ifdef _res
-# undef _res
-#endif
-#define _res _compat_res
-
+#ifndef HAVE__RES_EXTERN
struct __res_state _res;
+#endif
/* Necessary functions and macros */
@@ -292,7 +288,7 @@
rrset->rri_nrdatas = count_dns_rr(response->answer, rrset->rri_rdclass,
rrset->rri_rdtype);
rrset->rri_nsigs = count_dns_rr(response->answer, rrset->rri_rdclass,
- T_SIG);
+ T_RRSIG);
/* allocate memory for answers */
rrset->rri_rdatas = calloc(rrset->rri_nrdatas,
@@ -322,7 +318,7 @@
rdata = &rrset->rri_rdatas[index_ans++];
if (rr->class == rrset->rri_rdclass &&
- rr->type == T_SIG)
+ rr->type == T_RRSIG)
rdata = &rrset->rri_sigs[index_sig++];
if (rdata) {
Index: bsd-misc.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/bsd-misc.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/bsd-misc.c -L crypto/openssh/openbsd-compat/bsd-misc.c -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/bsd-misc.c
+++ crypto/openssh/openbsd-compat/bsd-misc.c
@@ -17,6 +17,7 @@
#include "includes.h"
+#include <sys/types.h>
#ifdef HAVE_SYS_SELECT_H
# include <sys/select.h>
#endif
@@ -27,6 +28,7 @@
#include <string.h>
#include <signal.h>
#include <stdlib.h>
+#include <unistd.h>
#include "xmalloc.h"
@@ -156,7 +158,8 @@
tremain.tv_sec = 0;
tremain.tv_usec = 0;
}
- TIMEVAL_TO_TIMESPEC(&tremain, rem)
+ if (rem != NULL)
+ TIMEVAL_TO_TIMESPEC(&tremain, rem)
return(rc);
}
Index: sys-tree.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/sys-tree.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssh/openbsd-compat/sys-tree.h -L crypto/openssh/openbsd-compat/sys-tree.h -u -r1.2 -r1.3
--- crypto/openssh/openbsd-compat/sys-tree.h
+++ crypto/openssh/openbsd-compat/sys-tree.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tree.h,v 1.7 2002/10/17 21:51:54 art Exp $ */
+/* $OpenBSD: tree.h,v 1.10 2007/10/29 23:49:41 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos at citi.umich.edu>
* All rights reserved.
@@ -289,7 +289,7 @@
(x) != NULL; \
(x) = SPLAY_NEXT(name, head, x))
-/* Macros that define a red-back tree */
+/* Macros that define a red-black tree */
#define RB_HEAD(name, type) \
struct name { \
struct type *rbh_root; /* root of the tree */ \
@@ -381,9 +381,9 @@
struct type *name##_RB_REMOVE(struct name *, struct type *); \
struct type *name##_RB_INSERT(struct name *, struct type *); \
struct type *name##_RB_FIND(struct name *, struct type *); \
-struct type *name##_RB_NEXT(struct name *, struct type *); \
-struct type *name##_RB_MINMAX(struct name *, int); \
- \
+struct type *name##_RB_NEXT(struct type *); \
+struct type *name##_RB_MINMAX(struct name *, int);
+
/* Main rb operation.
* Moves node close to the key of elm to top
@@ -626,7 +626,7 @@
} \
\
struct type * \
-name##_RB_NEXT(struct name *head, struct type *elm) \
+name##_RB_NEXT(struct type *elm) \
{ \
if (RB_RIGHT(elm, field)) { \
elm = RB_RIGHT(elm, field); \
@@ -667,13 +667,13 @@
#define RB_INSERT(name, x, y) name##_RB_INSERT(x, y)
#define RB_REMOVE(name, x, y) name##_RB_REMOVE(x, y)
#define RB_FIND(name, x, y) name##_RB_FIND(x, y)
-#define RB_NEXT(name, x, y) name##_RB_NEXT(x, y)
+#define RB_NEXT(name, x, y) name##_RB_NEXT(y)
#define RB_MIN(name, x) name##_RB_MINMAX(x, RB_NEGINF)
#define RB_MAX(name, x) name##_RB_MINMAX(x, RB_INF)
#define RB_FOREACH(x, name, head) \
for ((x) = RB_MIN(name, head); \
(x) != NULL; \
- (x) = name##_RB_NEXT(head, x))
+ (x) = name##_RB_NEXT(x))
#endif /* _SYS_TREE_H_ */
Index: fake-rfc2553.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/fake-rfc2553.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -L crypto/openssh/openbsd-compat/fake-rfc2553.h -L crypto/openssh/openbsd-compat/fake-rfc2553.h -u -r1.4 -r1.5
--- crypto/openssh/openbsd-compat/fake-rfc2553.h
+++ crypto/openssh/openbsd-compat/fake-rfc2553.h
@@ -1,4 +1,4 @@
-/* $Id: fake-rfc2553.h,v 1.13 2006/07/24 03:51:52 djm Exp $ */
+/* $Id: fake-rfc2553.h,v 1.14 2008/02/25 09:21:20 dtucker Exp $ */
/*
* Copyright (C) 2000-2003 Damien Miller. All rights reserved.
@@ -152,7 +152,7 @@
#endif /* !HAVE_GETADDRINFO */
#if !defined(HAVE_GAI_STRERROR) && !defined(HAVE_CONST_GAI_STRERROR_PROTO)
-#define gai_strerror(a) (ssh_gai_strerror(a))
+#define gai_strerror(a) (_ssh_compat_gai_strerror(a))
char *gai_strerror(int);
#endif /* !HAVE_GAI_STRERROR */
Index: glob.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/glob.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/glob.h -L crypto/openssh/openbsd-compat/glob.h -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/glob.h
+++ crypto/openssh/openbsd-compat/glob.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: glob.h,v 1.9 2004/10/07 16:56:11 millert Exp $ */
+/* $OpenBSD: glob.h,v 1.10 2005/12/13 00:35:22 millert Exp $ */
/* $NetBSD: glob.h,v 1.5 1994/10/26 00:55:56 cgd Exp $ */
/*
@@ -39,7 +39,8 @@
#if !defined(HAVE_GLOB_H) || !defined(GLOB_HAS_ALTDIRFUNC) || \
!defined(GLOB_HAS_GL_MATCHC) || \
- !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0
+ !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 || \
+ defined(BROKEN_GLOB)
#ifndef _GLOB_H_
#define _GLOB_H_
@@ -66,7 +67,6 @@
int (*gl_stat)(const char *, struct stat *);
} glob_t;
-/* Flags */
#define GLOB_APPEND 0x0001 /* Append to output from previous call. */
#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */
#define GLOB_ERR 0x0004 /* Return on error. */
@@ -75,6 +75,13 @@
#define GLOB_NOSORT 0x0020 /* Don't sort. */
#define GLOB_NOESCAPE 0x1000 /* Disable backslash escaping. */
+/* Error values returned by glob(3) */
+#define GLOB_NOSPACE (-1) /* Malloc call failed. */
+#define GLOB_ABORTED (-2) /* Unignored error. */
+#define GLOB_NOMATCH (-3) /* No match and GLOB_NOCHECK not set. */
+#define GLOB_NOSYS (-4) /* Function not supported. */
+#define GLOB_ABEND GLOB_ABORTED
+
#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */
#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */
#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */
@@ -83,13 +90,6 @@
#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */
#define GLOB_LIMIT 0x2000 /* Limit pattern match output to ARG_MAX */
-/* Error values returned by glob(3) */
-#define GLOB_NOSPACE (-1) /* Malloc call failed. */
-#define GLOB_ABORTED (-2) /* Unignored error. */
-#define GLOB_NOMATCH (-3) /* No match and GLOB_NOCHECK not set. */
-#define GLOB_NOSYS (-4) /* Function not supported. */
-#define GLOB_ABEND GLOB_ABORTED
-
int glob(const char *, int, int (*)(const char *, int), glob_t *);
void globfree(glob_t *);
Index: glob.c
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/glob.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/glob.c -L crypto/openssh/openbsd-compat/glob.c -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/glob.c
+++ crypto/openssh/openbsd-compat/glob.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: glob.c,v 1.25 2005/08/08 08:05:34 espie Exp $ */
+/* $OpenBSD: glob.c,v 1.26 2005/11/28 17:50:12 deraadt Exp $ */
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
@@ -48,7 +48,8 @@
#if !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) || \
!defined(GLOB_HAS_GL_MATCHC) || \
- !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0
+ !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 || \
+ defined(BROKEN_GLOB)
static long
get_arg_max(void)
@@ -149,7 +150,7 @@
static int glob1(Char *, Char *, glob_t *, size_t *);
static int glob2(Char *, Char *, Char *, Char *, Char *, Char *,
glob_t *, size_t *);
-static int glob3(Char *, Char *, Char *, Char *, Char *, Char *,
+static int glob3(Char *, Char *, Char *, Char *, Char *,
Char *, Char *, glob_t *, size_t *);
static int globextend(const Char *, glob_t *, size_t *);
static const Char *
@@ -571,16 +572,16 @@
} else
/* Need expansion, recurse. */
return(glob3(pathbuf, pathbuf_last, pathend,
- pathend_last, pattern, pattern_last,
- p, pattern_last, pglob, limitp));
+ pathend_last, pattern, p, pattern_last,
+ pglob, limitp));
}
/* NOTREACHED */
}
static int
glob3(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
- Char *pattern, Char *pattern_last, Char *restpattern,
- Char *restpattern_last, glob_t *pglob, size_t *limitp)
+ Char *pattern, Char *restpattern, Char *restpattern_last, glob_t *pglob,
+ size_t *limitp)
{
struct dirent *dp;
DIR *dirp;
Index: openssl-compat.h
===================================================================
RCS file: /home/cvs/src/crypto/openssh/openbsd-compat/openssl-compat.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/openbsd-compat/openssl-compat.h -L crypto/openssh/openbsd-compat/openssl-compat.h -u -r1.3 -r1.4
--- crypto/openssh/openbsd-compat/openssl-compat.h
+++ crypto/openssh/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
-/* $Id: openssl-compat.h,v 1.7 2007/03/05 07:25:20 dtucker Exp $ */
+/* $Id: openssl-compat.h,v 1.12 2008/02/28 08:22:04 dtucker Exp $ */
/*
* Copyright (c) 2005 Darren Tucker <dtucker at zip.com.au>
@@ -19,6 +19,11 @@
#include "includes.h"
#include <openssl/evp.h>
+/* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */
+#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f)
+# define OPENSSL_free(x) Free(x)
+#endif
+
#if OPENSSL_VERSION_NUMBER < 0x00906000L
# define SSH_OLD_EVP
# define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
@@ -29,6 +34,11 @@
#endif
#ifdef USE_BUILTIN_RIJNDAEL
+# include "rijndael.h"
+# define AES_KEY rijndael_ctx
+# define AES_BLOCK_SIZE 16
+# define AES_encrypt(a, b, c) rijndael_encrypt(c, a, b)
+# define AES_set_encrypt_key(a, b, c) rijndael_set_key(c, (char *)a, b, 1)
# define EVP_aes_128_cbc evp_rijndael
# define EVP_aes_192_cbc evp_rijndael
# define EVP_aes_256_cbc evp_rijndael
@@ -74,8 +84,8 @@
# ifdef SSLeay_add_all_algorithms
# undef SSLeay_add_all_algorithms
# endif
-# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms()
-#endif
+# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms()
+# endif
int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
unsigned char *, int);
Index: agent-getpeereid.sh
===================================================================
RCS file: /home/cvs/src/crypto/openssh/regress/agent-getpeereid.sh,v
retrieving revision 1.3
retrieving revision 1.4
diff -L crypto/openssh/regress/agent-getpeereid.sh -L crypto/openssh/regress/agent-getpeereid.sh -u -r1.3 -r1.4
--- crypto/openssh/regress/agent-getpeereid.sh
+++ crypto/openssh/regress/agent-getpeereid.sh
@@ -1,13 +1,15 @@
-# $OpenBSD: agent-getpeereid.sh,v 1.3 2006/07/06 12:01:53 grunk Exp $
+# $OpenBSD: agent-getpeereid.sh,v 1.4 2007/11/25 15:35:09 jmc Exp $
# Placed in the Public Domain.
tid="disallow agent attach from other uid"
UNPRIV=nobody
ASOCK=${OBJ}/agent
-SSH_AUTH_SOCK=/nonexistant
+SSH_AUTH_SOCK=/nonexistent
-if grep "#undef.*HAVE_GETPEEREID" ${BUILDDIR}/config.h >/dev/null 2>&1
+if grep "#undef.*HAVE_GETPEEREID" ${BUILDDIR}/config.h >/dev/null 2>&1 && \
+ grep "#undef.*HAVE_GETPEERUCRED" ${BUILDDIR}/config.h >/dev/null && \
+ grep "#undef.*HAVE_SO_PEERCRED" ${BUILDDIR}/config.h >/dev/null
then
echo "skipped (not supported on this platform)"
exit 0
Index: try-ciphers.sh
===================================================================
RCS file: /home/cvs/src/crypto/openssh/regress/try-ciphers.sh,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssh/regress/try-ciphers.sh -L crypto/openssh/regress/try-ciphers.sh -u -r1.2 -r1.3
--- crypto/openssh/regress/try-ciphers.sh
+++ crypto/openssh/regress/try-ciphers.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: try-ciphers.sh,v 1.10 2005/05/24 04:10:54 djm Exp $
+# $OpenBSD: try-ciphers.sh,v 1.11 2007/06/07 19:41:46 pvalchev Exp $
# Placed in the Public Domain.
tid="try ciphers"
@@ -7,7 +7,7 @@
arcfour128 arcfour256 arcfour
aes192-cbc aes256-cbc rijndael-cbc at lysator.liu.se
aes128-ctr aes192-ctr aes256-ctr"
-macs="hmac-sha1 hmac-md5 hmac-sha1-96 hmac-md5-96"
+macs="hmac-sha1 hmac-md5 umac-64 at openssh.com hmac-sha1-96 hmac-md5-96"
for c in $ciphers; do
for m in $macs; do
Index: test-exec.sh
===================================================================
RCS file: /home/cvs/src/crypto/openssh/regress/test-exec.sh,v
retrieving revision 1.2
retrieving revision 1.3
diff -L crypto/openssh/regress/test-exec.sh -L crypto/openssh/regress/test-exec.sh -u -r1.2 -r1.3
--- crypto/openssh/regress/test-exec.sh
+++ crypto/openssh/regress/test-exec.sh
@@ -1,4 +1,4 @@
-# $OpenBSD: test-exec.sh,v 1.28 2005/05/20 23:14:15 djm Exp $
+# $OpenBSD: test-exec.sh,v 1.31 2007/12/21 04:13:53 djm Exp $
# Placed in the Public Domain.
#SUDO=sudo
@@ -69,6 +69,10 @@
SFTPSERVER=/usr/libexec/openssh/sftp-server
SCP=scp
+# Interop testing
+PLINK=/usr/local/bin/plink
+PUTTYGEN=/usr/local/bin/puttygen
+
if [ "x$TEST_SSH_SSH" != "x" ]; then
SSH="${TEST_SSH_SSH}"
fi
@@ -96,6 +100,20 @@
if [ "x$TEST_SSH_SCP" != "x" ]; then
SCP="${TEST_SSH_SCP}"
fi
+if [ "x$TEST_SSH_PLINK" != "x" ]; then
+ # Find real binary, if it exists
+ case "${TEST_SSH_PLINK}" in
+ /*) PLINK="${TEST_SSH_PLINK}" ;;
+ *) PLINK=`which ${TEST_SSH_PLINK} 2>/dev/null` ;;
+ esac
+fi
+if [ "x$TEST_SSH_PUTTYGEN" != "x" ]; then
+ # Find real binary, if it exists
+ case "${TEST_SSH_PUTTYGEN}" in
+ /*) PUTTYGEN="${TEST_SSH_PUTTYGEN}" ;;
+ *) PUTTYGEN=`which ${TEST_SSH_PUTTYGEN} 2>/dev/null` ;;
+ esac
+fi
# Path to sshd must be absolute for rexec
case "$SSHD" in
@@ -269,6 +287,34 @@
done
chmod 644 $OBJ/authorized_keys_$USER
+# If PuTTY is present, prepare keys and configuration
+REGRESS_INTEROP_PUTTY=no
+if test -x "$PUTTYGEN" -a -x "$PLINK" ; then
+ mkdir -p ${OBJ}/.putty
+
+ # Add a PuTTY key to authorized_keys
+ rm -f ${OBJ}/putty.rsa2
+ puttygen -t rsa -o ${OBJ}/putty.rsa2 < /dev/null > /dev/null
+ puttygen -O public-openssh ${OBJ}/putty.rsa2 \
+ >> $OBJ/authorized_keys_$USER
+
+ # Convert rsa2 host key to PuTTY format
+ ${SRC}/ssh2putty.sh 127.0.0.1 $PORT $OBJ/rsa > \
+ ${OBJ}/.putty/sshhostkeys
+ ${SRC}/ssh2putty.sh 127.0.0.1 22 $OBJ/rsa >> \
+ ${OBJ}/.putty/sshhostkeys
+
+ # Setup proxied session
+ mkdir -p ${OBJ}/.putty/sessions
+ rm -f ${OBJ}/.putty/sessions/localhost_proxy
+ echo "Hostname=127.0.0.1" >> ${OBJ}/.putty/sessions/localhost_proxy
+ echo "PortNumber=$PORT" >> ${OBJ}/.putty/sessions/localhost_proxy
+ echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
+ echo "ProxyTelnetCommand=sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
+
+ REGRESS_INTEROP_PUTTY=yes
+fi
+
# create a proxy version of the client config
(
cat $OBJ/ssh_config
@@ -281,8 +327,8 @@
start_sshd ()
{
# start sshd
- $SUDO ${SSHD} -f $OBJ/sshd_config -t || fatal "sshd_config broken"
- $SUDO ${SSHD} -f $OBJ/sshd_config -e >>$TEST_SSH_LOGFILE 2>&1
+ $SUDO ${SSHD} -f $OBJ/sshd_config "$@" -t || fatal "sshd_config broken"
+ $SUDO ${SSHD} -f $OBJ/sshd_config -e "$@" >>$TEST_SSH_LOGFILE 2>&1
trace "wait for sshd"
i=0;
More information about the Midnightbsd-cvs
mailing list