d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vendor import of OpenSSH-portable 3.5p1.

Browse Source
This commit is contained in:
Dag-Erling Smørgrav 2002-10-29 09:43:00 +00:00
parent ee21a45f81
commit 4b17dab0ba
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor-crypto/openssh/dist/; revision=106121
133 changed files with 4910 additions and 2116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/openssh/CREDITS
View File

@ -76,6 +76,7 @@ Phill Camp <P.S.S.Camp@ukc.ac.uk> - login code fix
Rip Loomis <loomisg@cist.saic.com> - Solaris package support, fixes
SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> - Multiple bugfixes
Simon Wilkinson <sxw@dcs.ed.ac.uk> - PAM fixes, Compat with MIT KrbV
Solar Designer <solar@openwall.com> - many patches and technical assistance
Svante Signell <svante.signell@telia.com> - Bugfixes
Thomas Neumann <tom@smart.ruhr.de> - Shadow passwords
Tim Rice <tim@multitalents.net> - Portability & SCO fixes
@ -90,5 +91,5 @@ Apologies to anyone I have missed.
Damien Miller <djm@mindrot.org>
$Id: CREDITS,v 1.66 2002/04/13 01:04:40 djm Exp $
$Id: CREDITS,v 1.67 2002/07/28 20:31:19 stevesk Exp $

1608
crypto/openssh/ChangeLog
View File

File diff suppressed because it is too large Load Diff

8
crypto/openssh/INSTALL
View File

@ -10,11 +10,7 @@ OpenSSL 0.9.6 or greater:
http://www.openssl.org/
(OpenSSL 0.9.5a is partially supported, but some ciphers (SSH protocol 1
Blowfish included) do not work correctly.)
RPMs of OpenSSL are available at http://violet.ibs.com.au/openssh/files/support.
For Red Hat Linux 6.2, they have been released as errata. RHL7 includes
these.
Blowfish) do not work correctly.)
OpenSSH can utilise Pluggable Authentication Modules (PAM) if your system
supports it. PAM is standard on Redhat and Debian Linux, Solaris and
@ -221,4 +217,4 @@ Please refer to the "reporting bugs" section of the webpage at
http://www.openssh.com/
$Id: INSTALL,v 1.54 2002/06/24 16:26:49 stevesk Exp $
$Id: INSTALL,v 1.55 2002/07/25 04:36:25 djm Exp $

28
crypto/openssh/Makefile.in
View File

@ -1,4 +1,4 @@
# $Id: Makefile.in,v 1.217 2002/06/25 23:45:42 tim Exp $
# $Id: Makefile.in,v 1.222 2002/07/14 17:02:21 tim Exp $
# uncomment if you run a non bourne compatable shell. Ie. csh
#SHELL = @SH@
@ -129,7 +129,7 @@ ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
$(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o
$(LD) -o $@ ssh-keysign.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
$(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
@ -198,12 +198,11 @@ distprep: catman-do
$(AUTORECONF)
(cd scard && $(MAKE) -f Makefile.in distprep)
install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key check-user
install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files host-key check-config
install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files
check-user:
id $(SSH_PRIVSEP_USER) || \
echo "WARNING: Privilege separation user \"$(SSH_PRIVSEP_USER)\" does not exist"
check-config:
-$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config
scard-install:
(cd scard && $(MAKE) DESTDIR=$(DESTDIR) install)
@ -217,8 +216,7 @@ install-files: scard-install
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
$(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH)
chmod 0700 $(DESTDIR)$(PRIVSEP_PATH)
(umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH))
$(INSTALL) -m 0755 -s ssh $(DESTDIR)$(bindir)/ssh
$(INSTALL) -m 0755 -s scp $(DESTDIR)$(bindir)/scp
$(INSTALL) -m 0755 -s ssh-add $(DESTDIR)$(bindir)/ssh-add
@ -248,23 +246,23 @@ install-files: scard-install
@NO_SFTP@$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(bindir)/slogin
ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
$(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \
fi
if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
@if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
$(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \
else \
echo "$(DESTDIR)$(sysconfdir)/ssh_config already exists, install will not overwrite"; \
fi
if [ ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \
@if [ ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \
$(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(sysconfdir)/sshd_config; \
else \
echo "$(DESTDIR)$(sysconfdir)/sshd_config already exists, install will not overwrite"; \
fi
if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \
@if [ -f ssh_prng_cmds -a ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \
$(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \
if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds ] ; then \
$(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \
@ -272,7 +270,7 @@ install-files: scard-install
echo "$(DESTDIR)$(sysconfdir)/ssh_prng_cmds already exists, install will not overwrite"; \
fi ; \
fi
if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \
@if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \
if [ -f $(DESTDIR)$(sysconfdir)/primes ]; then \
echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \
mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \
@ -284,7 +282,7 @@ install-files: scard-install
fi
host-key: ssh-keygen$(EXEEXT)
if [ -z "$(DESTDIR)" ] ; then \
@if [ -z "$(DESTDIR)" ] ; then \
if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \
echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \
else \

38
crypto/openssh/TODO
View File

@ -18,7 +18,7 @@ Programming:
- Handle changing passwords for the non-PAM expired password case
- Improve PAM support (a pam_lastlog module will cause sshd to exit)
and maybe support alternate forms of authenications like OPIE via
and maybe support alternate forms of authentications like OPIE via
pam?
- Rework PAM ChallengeResponseAuthentication
@ -42,8 +42,38 @@ Programming:
solutions break scp or leaves processes hanging around after the ssh
connection has ended. It seems to be linked to two things. One
select() under Linux is not as nice as others, and two the children
of the shell are not killed on exiting the shell. Redhat have an excellent
description of this in their RPM package.
of the shell are not killed on exiting the shell.
A short run-down of what happens:
- The shell starts up, and starts its own session. As a side-effect, it
gets its own process group.
- The child forks off sleep, and because it's in the background, puts it
into its own process group. The sleep command inherits a copy of the
shell's descriptor for the tty as its stdout.
- The shell exits, but doesn't SIGHUP all of its child PIDs like it probably
should(?)
- The sshd server attempts to read from the master side of the pty, and
while there are still process with the pty open, no EOF is produced.
- The sleep command exits, closes its descriptor, sshd detects the EOF, and
the connection gets closed.
Ways we've tried fixing this in sshd, and why they didn't work out:
- SIGHUP the sshd's process group.
- The shell is in its own process group.
- Track process group IDs of all children before we reap them (via an extra
field in Session structures which holds the pgid for each child pid), and
SIGHUP the pgid when we reap.
- Background commands are in yet another process group.
- Close the connection when the child dies.
- Background commands may need to write data to the connection. Also
prematurely truncates output from some commands (scp server, the
famous "dd if=/dev/zero bs=1000 count=100" case).
Known workarounds:
- bash: shopt huponexit on
- tcsh: none
- zsh: setopt HUP (usually the default setting)
(taken from email from Jason Stone to openssh-unix-dev, 5 May 2001)
- pdksh: ?
This appears to affect NetKit rsh under Linux as well: it behaves the same
with 'sleep 20 & exit'.
- Build an automated test suite
@ -103,4 +133,4 @@ PrivSep Issues:
- Cygwin
+ Privsep for Pre-auth only (no fd passing)
$Id: TODO,v 1.50 2002/06/25 17:12:27 mouring Exp $
$Id: TODO,v 1.51 2002/09/05 06:32:03 djm Exp $

15
crypto/openssh/acconfig.h
View File

@ -1,4 +1,4 @@
/* $Id: acconfig.h,v 1.141 2002/06/25 22:35:16 tim Exp $ */
/* $Id: acconfig.h,v 1.145 2002/09/26 00:38:48 tim Exp $ */
#ifndef _CONFIG_H
#define _CONFIG_H
@ -150,6 +150,9 @@
/* Define if you don't want to use lastlog */
#undef DISABLE_LASTLOG
/* Define if you don't want to use lastlog in session.c */
#undef NO_SSH_LASTLOG
/* Define if you don't want to use utmp */
#undef DISABLE_UTMP
@ -310,6 +313,9 @@
/* Define if X11 doesn't support AF_UNIX sockets on that system */
#undef NO_X11_UNIX_SOCKETS
/* Define if the concept of ports only accessible to superusers isn't known */
#undef NO_IPPORT_RESERVED_CONCEPT
/* Needed for SCO and NeXT */
#undef BROKEN_SAVED_UIDS
@ -355,11 +361,8 @@
/* Path that unprivileged child will chroot() to in privep mode */
#undef PRIVSEP_PATH
/* Define if you have the `mmap' function that supports MAP_ANON|SHARED */
#undef HAVE_MMAP_ANON_SHARED
/* Define if sendmsg()/recvmsg() has problems passing file descriptors */
#undef BROKEN_FD_PASSING
/* Define if your platform needs to skip post auth file descriptor passing */
#undef DISABLE_FD_PASSING
@BOTTOM@

4
crypto/openssh/auth-bsdauth.c
View File

@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-bsdauth.c,v 1.4 2002/06/19 00:27:55 deraadt Exp $");
RCSID("$OpenBSD: auth-bsdauth.c,v 1.5 2002/06/30 21:59:45 deraadt Exp $");
#ifdef BSD_AUTH
#include "xmalloc.h"
@ -69,7 +69,7 @@ bsdauth_query(void *ctx, char **name, char **infotxt,
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char*));
*prompts = xmalloc(*numprompts * sizeof(char *));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;
(*prompts)[0] = xstrdup(challenge);

18
crypto/openssh/auth-krb4.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-krb4.c,v 1.27 2002/06/11 05:46:20 mpech Exp $");
RCSID("$OpenBSD: auth-krb4.c,v 1.28 2002/09/26 11:38:43 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -210,10 +210,9 @@ krb4_cleanup_proc(void *context)
}
int
auth_krb4(Authctxt *authctxt, KTEXT auth, char **client)
auth_krb4(Authctxt *authctxt, KTEXT auth, char **client, KTEXT reply)
{
AUTH_DAT adat = {0};
KTEXT_ST reply;
Key_schedule schedule;
struct sockaddr_in local, foreign;
char instance[INST_SZ];
@ -263,21 +262,16 @@ auth_krb4(Authctxt *authctxt, KTEXT auth, char **client)
/* If we can't successfully encrypt the checksum, we send back an
empty message, admitting our failure. */
if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1,
if ((r = krb_mk_priv((u_char *) & cksum, reply->dat, sizeof(cksum) + 1,
schedule, &adat.session, &local, &foreign)) < 0) {
debug("Kerberos v4 mk_priv: (%d) %s", r, krb_err_txt[r]);
reply.dat[0] = 0;
reply.length = 0;
reply->dat[0] = 0;
reply->length = 0;
} else
reply.length = r;
reply->length = r;
/* Clear session key. */
memset(&adat.session, 0, sizeof(&adat.session));
packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
packet_put_string((char *) reply.dat, reply.length);
packet_send();
packet_write_wait();
return (1);
}
#endif /* KRB4 */

20
crypto/openssh/auth-krb5.c
View File

@ -28,7 +28,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-krb5.c,v 1.8 2002/03/19 10:49:35 markus Exp $");
RCSID("$OpenBSD: auth-krb5.c,v 1.9 2002/09/09 06:48:06 itojun Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -73,18 +73,17 @@ krb5_init(void *context)
* from the ticket
*/
int
auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *reply)
{
krb5_error_code problem;
krb5_principal server;
krb5_data reply;
krb5_ticket *ticket;
int fd, ret;
ret = 0;
server = NULL;
ticket = NULL;
reply.length = 0;
reply->length = 0;
problem = krb5_init(authctxt);
if (problem)
@ -131,7 +130,7 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
/* if client wants mutual auth */
problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx,
&reply);
reply);
if (problem)
goto err;
@ -144,19 +143,16 @@ auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client)
krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user,
client);
packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
packet_put_string((char *) reply.data, reply.length);
packet_send();
packet_write_wait();
ret = 1;
err:
if (server)
krb5_free_principal(authctxt->krb5_ctx, server);
if (ticket)
krb5_free_ticket(authctxt->krb5_ctx, ticket);
if (reply.length)
xfree(reply.data);
if (!ret && reply->length) {
xfree(reply->data);
memset(reply, 0, sizeof(*reply));
}
if (problem) {
if (authctxt->krb5_ctx != NULL)

7
crypto/openssh/auth-options.c
View File

@ -10,9 +10,8 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth-options.c,v 1.24 2002/05/13 20:44:58 markus Exp $");
RCSID("$OpenBSD: auth-options.c,v 1.26 2002/07/30 17:03:55 markus Exp $");
#include "packet.h"
#include "xmalloc.h"
#include "match.h"
#include "log.h"
@ -20,7 +19,6 @@ RCSID("$OpenBSD: auth-options.c,v 1.24 2002/05/13 20:44:58 markus Exp $");
#include "channels.h"
#include "auth-options.h"
#include "servconf.h"
#include "bufaux.h"
#include "misc.h"
#include "monitor_wrap.h"
#include "auth.h"
@ -135,7 +133,8 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
goto next_option;
}
cp = "environment=\"";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
if (options.permit_user_env &&
strncasecmp(opts, cp, strlen(cp)) == 0) {
char *s;
struct envstring *new_envstring;

3
crypto/openssh/auth-options.h
View File

@ -1,10 +1,9 @@
/* $OpenBSD: auth-options.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */
/* $OpenBSD: auth-options.h,v 1.12 2002/07/21 18:34:43 stevesk Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
* Functions to interface with the SSH_AUTHENTICATION_FD socket.
*
* As far as I am concerned, the code I have written for this software
* can be used freely for any purpose. Any derived versions of this

63
crypto/openssh/auth-pam.c
View File

@ -25,10 +25,10 @@
#include "includes.h"
#ifdef USE_PAM
#include "ssh.h"
#include "xmalloc.h"
#include "log.h"
#include "auth.h"
#include "auth-options.h"
#include "auth-pam.h"
#include "servconf.h"
#include "canohost.h"
@ -36,17 +36,21 @@
extern char *__progname;
RCSID("$Id: auth-pam.c,v 1.46 2002/05/08 02:27:56 djm Exp $");
extern int use_privsep;
RCSID("$Id: auth-pam.c,v 1.54 2002/07/28 20:24:08 stevesk Exp $");
#define NEW_AUTHTOK_MSG \
"Warning: Your password has expired, please change it now"
"Warning: Your password has expired, please change it now."
#define NEW_AUTHTOK_MSG_PRIVSEP \
"Your password has expired, the session cannot proceed."
static int do_pam_conversation(int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr);
/* module-local variables */
static struct pam_conv conv = {
do_pam_conversation,
(int (*)())do_pam_conversation,
NULL
};
static char *__pam_msg = NULL;
@ -55,7 +59,7 @@ static const char *__pampasswd = NULL;
/* states for do_pam_conversation() */
enum { INITIAL_LOGIN, OTHER } pamstate = INITIAL_LOGIN;
/* remember whether pam_acct_mgmt() returned PAM_NEWAUTHTOK_REQD */
/* remember whether pam_acct_mgmt() returned PAM_NEW_AUTHTOK_REQD */
static int password_change_required = 0;
/* remember whether the last pam_authenticate() succeeded or not */
static int was_authenticated = 0;
@ -100,9 +104,7 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg,
char buf[1024];
/* PAM will free this later */
reply = malloc(num_msg * sizeof(*reply));
if (reply == NULL)
return PAM_CONV_ERR;
reply = xmalloc(num_msg * sizeof(*reply));
for (count = 0; count < num_msg; count++) {
if (pamstate == INITIAL_LOGIN) {
@ -112,11 +114,11 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg,
*/
switch(PAM_MSG_MEMBER(msg, count, msg_style)) {
case PAM_PROMPT_ECHO_ON:
free(reply);
xfree(reply);
return PAM_CONV_ERR;
case PAM_PROMPT_ECHO_OFF:
if (__pampasswd == NULL) {
free(reply);
xfree(reply);
return PAM_CONV_ERR;
}
reply[count].resp = xstrdup(__pampasswd);
@ -124,7 +126,7 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg,
break;
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
if ((*msg)[count].msg != NULL) {
if (PAM_MSG_MEMBER(msg, count, msg) != NULL) {
message_cat(&__pam_msg,
PAM_MSG_MEMBER(msg, count, msg));
}
@ -132,7 +134,7 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg,
reply[count].resp_retcode = PAM_SUCCESS;
break;
default:
free(reply);
xfree(reply);
return PAM_CONV_ERR;
}
} else {
@ -154,14 +156,14 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg,
break;
case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
if ((*msg)[count].msg != NULL)
if (PAM_MSG_MEMBER(msg, count, msg) != NULL)
fprintf(stderr, "%s\n",
PAM_MSG_MEMBER(msg, count, msg));
reply[count].resp = xstrdup("");
reply[count].resp_retcode = PAM_SUCCESS;
break;
default:
free(reply);
xfree(reply);
return PAM_CONV_ERR;
}
}
@ -256,9 +258,14 @@ int do_pam_account(char *username, char *remote_user)
break;
#if 0
case PAM_NEW_AUTHTOK_REQD:
message_cat(&__pam_msg, NEW_AUTHTOK_MSG);
message_cat(&__pam_msg, use_privsep ?
NEW_AUTHTOK_MSG_PRIVSEP : NEW_AUTHTOK_MSG);
/* flag that password change is necessary */
password_change_required = 1;
/* disallow other functionality for now */
no_port_forwarding_flag |= 2;
no_agent_forwarding_flag |= 2;
no_x11_forwarding_flag |= 2;
break;
#endif
default:
@ -328,7 +335,7 @@ int is_pam_password_change_required(void)
* Have user change authentication token if pam_acct_mgmt() indicated
* it was expired. This needs to be called after an interactive
* session is established and the user's pty is connected to
* stdin/stout/stderr.
* stdin/stdout/stderr.
*/
void do_pam_chauthtok(void)
{
@ -337,11 +344,23 @@ void do_pam_chauthtok(void)
do_pam_set_conv(&conv);
if (password_change_required) {
if (use_privsep)
fatal("Password changing is currently unsupported"
" with privilege separation");
pamstate = OTHER;
pam_retval = pam_chauthtok(__pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
if (pam_retval != PAM_SUCCESS)
fatal("PAM pam_chauthtok failed[%d]: %.200s",
pam_retval, PAM_STRERROR(__pamh, pam_retval));
#if 0
/* XXX: This would need to be done in the parent process,
* but there's currently no way to pass such request. */
no_port_forwarding_flag &= ~2;
no_agent_forwarding_flag &= ~2;
no_x11_forwarding_flag &= ~2;
if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
channel_permit_all_opens();
#endif
}
}
@ -392,7 +411,7 @@ void start_pam(const char *user)
fatal_add_cleanup(&do_pam_cleanup_proc, NULL);
}
/* Return list of PAM enviornment strings */
/* Return list of PAM environment strings */
char **fetch_pam_environment(void)
{
#ifdef HAVE_PAM_GETENVLIST
@ -402,6 +421,16 @@ char **fetch_pam_environment(void)
#endif /* HAVE_PAM_GETENVLIST */
}
void free_pam_environment(char **env)
{
int i;
if (env != NULL) {
for (i = 0; env[i] != NULL; i++)
xfree(env[i]);
}
}
/* Print any messages that have been generated during authentication */
/* or account checking to stderr */
void print_pam_messages(void)

31
crypto/openssh/auth-pam.h
View File

@ -1,14 +1,41 @@
/* $Id: auth-pam.h,v 1.12 2002/04/04 19:02:28 stevesk Exp $ */
/* $Id: auth-pam.h,v 1.16 2002/07/23 00:44:07 stevesk Exp $ */
/*
* Copyright (c) 2000 Damien Miller. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
#ifdef USE_PAM
#include <pwd.h> /* For struct passwd */
#if !defined(SSHD_PAM_SERVICE)
# define SSHD_PAM_SERVICE __progname
#endif
void start_pam(const char *user);
void finish_pam(void);
int auth_pam_password(Authctxt *authctxt, const char *password);
char **fetch_pam_environment(void);
void free_pam_environment(char **env);
int do_pam_authenticate(int flags);
int do_pam_account(char *username, char *remote_user);
void do_pam_session(char *username, const char *ttyname);

16
crypto/openssh/auth-passwd.c
View File

@ -81,6 +81,9 @@ RCSID("$OpenBSD: auth-passwd.c,v 1.27 2002/05/24 16:45:16 stevesk Exp $");
#endif /* !USE_PAM && !HAVE_OSF_SIA */
extern ServerOptions options;
#ifdef WITH_AIXAUTHENTICATE
extern char *aixloginmsg;
#endif
/*
* Tries to authenticate the user using password. Returns true if
@ -113,7 +116,7 @@ auth_password(Authctxt *authctxt, const char *password)
#endif
#ifdef WITH_AIXAUTHENTICATE
char *authmsg;
char *loginmsg;
int authsuccess;
int reenter = 1;
#endif
@ -145,7 +148,16 @@ auth_password(Authctxt *authctxt, const char *password)
}
#endif
#ifdef WITH_AIXAUTHENTICATE
return (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0);
authsuccess = (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0);
if (authsuccess)
/* We don't have a pty yet, so just label the line as "ssh" */
if (loginsuccess(authctxt->user,
get_canonical_hostname(options.verify_reverse_mapping),
"ssh", &aixloginmsg) < 0)
aixloginmsg = NULL;
return(authsuccess);
#endif
#ifdef KRB4
if (options.kerberos_authentication == 1) {

4
crypto/openssh/auth-skey.c
View File

@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-skey.c,v 1.19 2002/06/19 00:27:55 deraadt Exp $");
RCSID("$OpenBSD: auth-skey.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $");
#ifdef SKEY
@ -53,7 +53,7 @@ skey_query(void *ctx, char **name, char **infotxt,
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char*));
*prompts = xmalloc(*numprompts * sizeof(char *));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;

19
crypto/openssh/auth.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth.c,v 1.43 2002/05/17 14:27:55 millert Exp $");
RCSID("$OpenBSD: auth.c,v 1.45 2002/09/20 18:41:29 stevesk Exp $");
#ifdef HAVE_LOGIN_H
#include <login.h>
@ -256,6 +256,14 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
get_remote_ipaddr(),
get_remote_port(),
info);
#ifdef WITH_AIXAUTHENTICATE
if (authenticated == 0 && strcmp(method, "password") == 0)
loginfailed(authctxt->user,
get_canonical_hostname(options.verify_reverse_mapping),
"ssh");
#endif /* WITH_AIXAUTHENTICATE */
}
/*
@ -392,7 +400,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
/*
* Check a given file for security. This is defined as all components
* of the path to the file must either be owned by either the owner of
* of the path to the file must be owned by either the owner of
* of the file or root and no directories must be group or world writable.
*
* XXX Should any specific check be done for sym links ?
@ -476,7 +484,12 @@ getpwnamallow(const char *user)
struct passwd *pw;
pw = getpwnam(user);
if (pw == NULL || !allowed_user(pw))
if (pw == NULL) {
log("Illegal user %.100s from %.100s",
user, get_remote_ipaddr());
return (NULL);
}
if (!allowed_user(pw))
return (NULL);
#ifdef HAVE_LOGIN_CAP
if ((lc = login_getclass(pw->pw_class)) == NULL) {

6
crypto/openssh/auth.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth.h,v 1.39 2002/05/31 11:35:15 markus Exp $ */
/* $OpenBSD: auth.h,v 1.41 2002/09/26 11:38:43 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -113,7 +113,7 @@ int user_key_allowed(struct passwd *, Key *);
#ifdef KRB4
#include <krb.h>
int auth_krb4(Authctxt *, KTEXT, char **);
int auth_krb4(Authctxt *, KTEXT, char **, KTEXT);
int auth_krb4_password(Authctxt *, const char *);
void krb4_cleanup_proc(void *);
@ -126,7 +126,7 @@ int auth_afs_token(Authctxt *, const char *);
#endif /* KRB4 */
#ifdef KRB5
int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client);
int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *);
int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt);
int auth_krb5_password(Authctxt *authctxt, const char *password);
void krb5_cleanup_proc(void *authctxt);

49
crypto/openssh/auth1.c
View File

@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth1.c,v 1.41 2002/06/19 00:27:55 deraadt Exp $");
RCSID("$OpenBSD: auth1.c,v 1.44 2002/09/26 11:38:43 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@ -118,30 +118,49 @@ do_authloop(Authctxt *authctxt)
if (kdata[0] == 4) { /* KRB_PROT_VERSION */
#ifdef KRB4
KTEXT_ST tkt;
KTEXT_ST tkt, reply;
tkt.length = dlen;
if (tkt.length < MAX_KTXT_LEN)
memcpy(tkt.dat, kdata, tkt.length);
if (auth_krb4(authctxt, &tkt, &client_user)) {
if (PRIVSEP(auth_krb4(authctxt, &tkt,
&client_user, &reply))) {
authenticated = 1;
snprintf(info, sizeof(info),
" tktuser %.100s",
client_user);
packet_start(
SSH_SMSG_AUTH_KERBEROS_RESPONSE);
packet_put_string((char *)
reply.dat, reply.length);
packet_send();
packet_write_wait();
}
#endif /* KRB4 */
} else {
#ifdef KRB5
krb5_data tkt;
krb5_data tkt, reply;
tkt.length = dlen;
tkt.data = kdata;
if (auth_krb5(authctxt, &tkt, &client_user)) {
if (PRIVSEP(auth_krb5(authctxt, &tkt,
&client_user, &reply))) {
authenticated = 1;
snprintf(info, sizeof(info),
" tktuser %.100s",
client_user);
/* Send response to client */
packet_start(
SSH_SMSG_AUTH_KERBEROS_RESPONSE);
packet_put_string((char *)
reply.data, reply.length);
packet_send();
packet_write_wait();
if (reply.length)
xfree(reply.data);
}
#endif /* KRB5 */
}
@ -292,6 +311,15 @@ do_authloop(Authctxt *authctxt)
fatal("INTERNAL ERROR: authenticated invalid user %s",
authctxt->user);
#ifdef _UNICOS
if (type == SSH_CMSG_AUTH_PASSWORD && !authenticated)
cray_login_failure(authctxt->user, IA_UDBERR);
if (authenticated && cray_access_denied(authctxt->user)) {
authenticated = 0;
fatal("Access denied for user %s.",authctxt->user);
}
#endif /* _UNICOS */
#ifdef HAVE_CYGWIN
if (authenticated &&
!check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, pw)) {
@ -301,7 +329,8 @@ do_authloop(Authctxt *authctxt)
}
#else
/* Special handling for root */
if (authenticated && authctxt->pw->pw_uid == 0 &&
if (!use_privsep &&
authenticated && authctxt->pw->pw_uid == 0 &&
!auth_root_allowed(get_authname(type)))
authenticated = 0;
#endif
@ -323,12 +352,6 @@ do_authloop(Authctxt *authctxt)
return;
if (authctxt->failures++ > AUTH_FAIL_MAX) {
#ifdef WITH_AIXAUTHENTICATE
/* XXX: privsep */
loginfailed(authctxt->user,
get_canonical_hostname(options.verify_reverse_mapping),
"ssh");
#endif /* WITH_AIXAUTHENTICATE */
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
}

4
crypto/openssh/auth2-chall.c
View File

@ -23,7 +23,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-chall.c,v 1.19 2002/06/26 13:55:37 markus Exp $");
RCSID("$OpenBSD: auth2-chall.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $");
#include "ssh2.h"
#include "auth.h"
@ -263,7 +263,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
if (nresp > 100)
fatal("input_userauth_info_response: too many replies");
if (nresp > 0) {
response = xmalloc(nresp * sizeof(char*));
response = xmalloc(nresp * sizeof(char *));
for (i = 0; i < nresp; i++)
response[i] = packet_get_string(NULL);
}

4
crypto/openssh/auth2-none.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-none.c,v 1.3 2002/06/19 00:27:55 deraadt Exp $");
RCSID("$OpenBSD: auth2-none.c,v 1.4 2002/06/27 10:35:47 deraadt Exp $");
#include "auth.h"
#include "xmalloc.h"
@ -61,7 +61,7 @@ auth2_read_banner(void)
close(fd);
if (n != len) {
free(banner);
xfree(banner);
return (NULL);
}
banner[n] = '\0';

11
crypto/openssh/auth2-pam.c
View File

@ -1,5 +1,5 @@
#include "includes.h"
RCSID("$Id: auth2-pam.c,v 1.13 2002/06/26 13:58:00 djm Exp $");
RCSID("$Id: auth2-pam.c,v 1.14 2002/06/28 16:48:12 mouring Exp $");
#ifdef USE_PAM
#include <security/pam_appl.h>
@ -116,11 +116,11 @@ do_pam_conversation_kbd_int(int num_msg, const struct pam_message **msg,
while(context_pam2.finished == 0) {
done = 1;
dispatch_run(DISPATCH_BLOCK, &done, appdata_ptr);
if(context_pam2.finished == 0)
if (context_pam2.finished == 0)
debug("extra packet during conversation");
}
if(context_pam2.num_received == context_pam2.num_expected) {
if (context_pam2.num_received == context_pam2.num_expected) {
*resp = context_pam2.responses;
return PAM_SUCCESS;
} else
@ -143,8 +143,8 @@ input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt)
if (nresp != context_pam2.num_expected)
fatal("%s: Received incorrect number of responses "
"(expected %u, received %u)", __func__, nresp,
context_pam2.num_expected);
"(expected %d, received %u)", __func__,
context_pam2.num_expected, nresp);
if (nresp > 100)
fatal("%s: too many replies", __func__);
@ -163,5 +163,4 @@ input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt)
packet_check_eom();
}
#endif

28
crypto/openssh/auth2.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.93 2002/05/31 11:35:15 markus Exp $");
RCSID("$OpenBSD: auth2.c,v 1.95 2002/08/22 21:33:58 markus Exp $");
#include "ssh2.h"
#include "xmalloc.h"
@ -102,7 +102,7 @@ input_service_request(int type, u_int32_t seq, void *ctxt)
{
Authctxt *authctxt = ctxt;
u_int len;
int accept = 0;
int acceptit = 0;
char *service = packet_get_string(&len);
packet_check_eom();
@ -111,14 +111,14 @@ input_service_request(int type, u_int32_t seq, void *ctxt)
if (strcmp(service, "ssh-userauth") == 0) {
if (!authctxt->success) {
accept = 1;
acceptit = 1;
/* now we can handle user-auth requests */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &input_userauth_request);
}
}
/* XXX all other service requests are denied */
if (accept) {
if (acceptit) {
packet_start(SSH2_MSG_SERVICE_ACCEPT);
packet_put_cstring(service);
packet_send();
@ -205,7 +205,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
authctxt->user);
/* Special handling for root */
if (authenticated && authctxt->pw->pw_uid == 0 &&
if (!use_privsep &&
authenticated && authctxt->pw->pw_uid == 0 &&
!auth_root_allowed(method))
authenticated = 0;
@ -215,6 +216,13 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
authenticated = 0;
#endif /* USE_PAM */
#ifdef _UNICOS
if (authenticated && cray_access_denied(authctxt->user)) {
authenticated = 0;
fatal("Access denied for user %s.",authctxt->user);
}
#endif /* _UNICOS */
/* Log before sending the reply */
auth_log(authctxt, authenticated, method, " ssh2");
@ -232,14 +240,12 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
authctxt->success = 1;
} else {
if (authctxt->failures++ > AUTH_FAIL_MAX) {
#ifdef WITH_AIXAUTHENTICATE
/* XXX: privsep */
loginfailed(authctxt->user,
get_canonical_hostname(options.verify_reverse_mapping),
"ssh");
#endif /* WITH_AIXAUTHENTICATE */
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
}
#ifdef _UNICOS
if (strcmp(method, "password") == 0)
cray_login_failure(authctxt->user, IA_UDBERR);
#endif /* _UNICOS */
methods = authmethods_get();
packet_start(SSH2_MSG_USERAUTH_FAILURE);
packet_put_cstring(methods);

20
crypto/openssh/authfd.c
View File

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: authfd.c,v 1.56 2002/06/25 16:22:42 markus Exp $");
RCSID("$OpenBSD: authfd.c,v 1.57 2002/09/11 18:27:26 stevesk Exp $");
#include <openssl/evp.h>
@ -53,6 +53,8 @@ RCSID("$OpenBSD: authfd.c,v 1.56 2002/06/25 16:22:42 markus Exp $");
#include "log.h"
#include "atomicio.h"
static int agent_present = 0;
/* helper */
int decode_reply(int type);
@ -61,6 +63,21 @@ int decode_reply(int type);
((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \
(x == SSH2_AGENT_FAILURE))
int
ssh_agent_present(void)
{
int authfd;
if (agent_present)
return 1;
if ((authfd = ssh_get_authentication_socket()) == -1)
return 0;
else {
ssh_close_authentication_socket(authfd);
return 1;
}
}
/* Returns the number of the authentication fd, or -1 if there is none. */
int
@ -90,6 +107,7 @@ ssh_get_authentication_socket(void)
close(sock);
return -1;
}
agent_present = 1;
return sock;
}

3
crypto/openssh/authfd.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfd.h,v 1.30 2002/06/19 00:27:55 deraadt Exp $ */
/* $OpenBSD: authfd.h,v 1.31 2002/09/11 18:27:25 stevesk Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -66,6 +66,7 @@ typedef struct {
int howmany;
} AuthenticationConnection;
int ssh_agent_present(void);
int ssh_get_authentication_socket(void);
void ssh_close_authentication_socket(int);

26
crypto/openssh/canohost.c
View File

@ -12,7 +12,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: canohost.c,v 1.32 2002/06/11 08:11:45 itojun Exp $");
RCSID("$OpenBSD: canohost.c,v 1.34 2002/09/23 20:46:27 stevesk Exp $");
#include "packet.h"
#include "xmalloc.h"
@ -77,7 +77,9 @@ get_remote_hostname(int socket, int verify_reverse_mapping)
if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name),
NULL, 0, NI_NAMEREQD) != 0) {
/* Host name not found. Use ip address. */
#if 0
log("Could not reverse map address %.100s.", ntop);
#endif
return xstrdup(ntop);
}
@ -216,18 +218,12 @@ get_socket_address(int socket, int remote, int flags)
if (remote) {
if (getpeername(socket, (struct sockaddr *)&addr, &addrlen)
< 0) {
debug("get_socket_ipaddr: getpeername failed: %.100s",
strerror(errno));
< 0)
return NULL;
}
} else {
if (getsockname(socket, (struct sockaddr *)&addr, &addrlen)
< 0) {
debug("get_socket_ipaddr: getsockname failed: %.100s",
strerror(errno));
< 0)
return NULL;
}
}
/* Get the address in ascii. */
if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop),
@ -241,13 +237,21 @@ get_socket_address(int socket, int remote, int flags)
char *
get_peer_ipaddr(int socket)
{
return get_socket_address(socket, 1, NI_NUMERICHOST);
char *p;
if ((p = get_socket_address(socket, 1, NI_NUMERICHOST)) != NULL)
return p;
return xstrdup("UNKNOWN");
}
char *
get_local_ipaddr(int socket)
{
return get_socket_address(socket, 0, NI_NUMERICHOST);
char *p;
if ((p = get_socket_address(socket, 0, NI_NUMERICHOST)) != NULL)
return p;
return xstrdup("UNKNOWN");
}
char *

34
crypto/openssh/channels.c
View File

@ -39,7 +39,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: channels.c,v 1.179 2002/06/26 08:55:02 markus Exp $");
RCSID("$OpenBSD: channels.c,v 1.183 2002/09/17 07:47:02 itojun Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -186,6 +186,7 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd,
} else {
c->isatty = 0;
}
c->wfd_isatty = isatty(c->wfd);
/* enable nonblocking mode */
if (nonblock) {
@ -572,6 +573,7 @@ void
channel_send_open(int id)
{
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_send_open: %d: bad id", id);
return;
@ -589,6 +591,7 @@ void
channel_request_start(int local_id, char *service, int wantconfirm)
{
Channel *c = channel_lookup(local_id);
if (c == NULL) {
log("channel_request_start: %d: unknown channel id", local_id);
return;
@ -603,6 +606,7 @@ void
channel_register_confirm(int id, channel_callback_fn *fn)
{
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_register_comfirm: %d: bad id", id);
return;
@ -613,6 +617,7 @@ void
channel_register_cleanup(int id, channel_callback_fn *fn)
{
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_register_cleanup: %d: bad id", id);
return;
@ -623,6 +628,7 @@ void
channel_cancel_cleanup(int id)
{
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_cancel_cleanup: %d: bad id", id);
return;
@ -633,6 +639,7 @@ void
channel_register_filter(int id, channel_filter_fn *fn)
{
Channel *c = channel_lookup(id);
if (c == NULL) {
log("channel_register_filter: %d: bad id", id);
return;
@ -645,6 +652,7 @@ channel_set_fds(int id, int rfd, int wfd, int efd,
int extusage, int nonblock, u_int window_max)
{
Channel *c = channel_lookup(id);
if (c == NULL || c->type != SSH_CHANNEL_LARVAL)
fatal("channel_activate for non-larval channel %d.", id);
channel_register_fds(c, rfd, wfd, efd, extusage, nonblock);
@ -815,6 +823,7 @@ static void
channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset)
{
int ret = x11_open_helper(&c->output);
if (ret == 1) {
/* Start normal processing for the channel. */
c->type = SSH_CHANNEL_OPEN;
@ -866,7 +875,7 @@ channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset)
static int
channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
{
u_char *p, *host;
char *p, *host;
int len, have, i, found;
char username[256];
struct {
@ -1278,6 +1287,11 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
buffer_len(&c->output) > 0) {
data = buffer_ptr(&c->output);
dlen = buffer_len(&c->output);
#ifdef _AIX
/* XXX: Later AIX versions can't push as much data to tty */
if (compat20 && c->wfd_isatty && dlen > 8*1024)
dlen = 8*1024;
#endif
len = write(c->wfd, data, dlen);
if (len < 0 && (errno == EINTR || errno == EAGAIN))
return 1;
@ -1395,6 +1409,7 @@ static void
channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset)
{
int len;
/* Send buffered output data to the socket. */
if (FD_ISSET(c->sock, writeset) && buffer_len(&c->output) > 0) {
len = write(c->sock, buffer_ptr(&c->output),
@ -1472,6 +1487,7 @@ static void
channel_handler_init(void)
{
int i;
for (i = 0; i < SSH_CHANNEL_MAX_TYPE; i++) {
channel_pre[i] = NULL;
channel_post[i] = NULL;
@ -2006,7 +2022,6 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por
struct addrinfo hints, *ai, *aitop;
const char *host;
char ntop[NI_MAXHOST], strport[NI_MAXSERV];
struct linger linger;
success = 0;
host = (type == SSH_CHANNEL_RPORT_LISTENER) ?
@ -2049,13 +2064,13 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por
continue;
}
/*
* Set socket options. We would like the socket to disappear
* as soon as it has been closed for whatever reason.
* Set socket options.
* Allow local port reuse in TIME_WAIT.
*/
setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
linger.l_onoff = 1;
linger.l_linger = 5;
setsockopt(sock, SOL_SOCKET, SO_LINGER, &linger, sizeof(linger));
if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on,
sizeof(on)) == -1)
error("setsockopt SO_REUSEADDR: %s", strerror(errno));
debug("Local forwarding listening on %s port %s.", ntop, strport);
/* Bind the socket to the address. */
@ -2605,6 +2620,7 @@ void
deny_input_open(int type, u_int32_t seq, void *ctxt)
{
int rchan = packet_get_int();
switch (type) {
case SSH_SMSG_AGENT_OPEN:
error("Warning: ssh server tried agent forwarding.");

1
crypto/openssh/channels.h
View File

@ -77,6 +77,7 @@ struct Channel {
int efd; /* extended fd */
int sock; /* sock fd */
int isatty; /* rfd is a tty */
int wfd_isatty; /* wfd is a tty */
int force_drain; /* force close on iEOF */
int delayed; /* fdset hack */
Buffer input; /* data read from socket, to be sent over

19
crypto/openssh/cipher.c
View File

@ -35,7 +35,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: cipher.c,v 1.60 2002/06/23 03:26:52 deraadt Exp $");
RCSID("$OpenBSD: cipher.c,v 1.61 2002/07/12 15:50:17 markus Exp $");
#include "xmalloc.h"
#include "log.h"
@ -437,6 +437,18 @@ swap_bytes(const u_char *src, u_char *dst, int n)
}
}
#ifdef SSH_OLD_EVP
static void bf_ssh1_init (EVP_CIPHER_CTX * ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
if (iv != NULL)
memcpy (&(ctx->oiv[0]), iv, 8);
memcpy (&(ctx->iv[0]), &(ctx->oiv[0]), 8);
if (key != NULL)
BF_set_key (&(ctx->c.bf_ks), EVP_CIPHER_CTX_key_length (ctx),
key);
}
#endif
static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, const u_char *, u_int) = NULL;
static int
@ -458,6 +470,9 @@ evp_ssh1_bf(void)
memcpy(&ssh1_bf, EVP_bf_cbc(), sizeof(EVP_CIPHER));
orig_bf = ssh1_bf.do_cipher;
ssh1_bf.nid = NID_undef;
#ifdef SSH_OLD_EVP
ssh1_bf.init = bf_ssh1_init;
#endif
ssh1_bf.do_cipher = bf_ssh1_cipher;
ssh1_bf.key_len = 32;
return (&ssh1_bf);
@ -567,7 +582,7 @@ evp_rijndael(void)
rijndal_cbc.do_cipher = ssh_rijndael_cbc;
#ifndef SSH_OLD_EVP
rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH |
EVP_CIPH_ALWAYS_CALL_INIT;
EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_IV;
#endif
return (&rijndal_cbc);
}

28
crypto/openssh/clientloop.c
View File

@ -59,7 +59,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: clientloop.c,v 1.102 2002/06/24 14:33:27 markus Exp $");
RCSID("$OpenBSD: clientloop.c,v 1.104 2002/08/22 19:38:42 stevesk Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -635,16 +635,18 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len)
snprintf(string, sizeof string,
"%c?\r\n\
Supported escape sequences:\r\n\
~. - terminate connection\r\n\
~C - open a command line\r\n\
~R - Request rekey (SSH protocol 2 only)\r\n\
~^Z - suspend ssh\r\n\
~# - list forwarded connections\r\n\
~& - background ssh (when waiting for connections to terminate)\r\n\
~? - this message\r\n\
~~ - send the escape character by typing it twice\r\n\
%c. - terminate connection\r\n\
%cC - open a command line\r\n\
%cR - Request rekey (SSH protocol 2 only)\r\n\
%c^Z - suspend ssh\r\n\
%c# - list forwarded connections\r\n\
%c& - background ssh (when waiting for connections to terminate)\r\n\
%c? - this message\r\n\
%c%c - send the escape character by typing it twice\r\n\
(Note that escapes are only recognized immediately after newline.)\r\n",
escape_char);
escape_char, escape_char, escape_char, escape_char,
escape_char, escape_char, escape_char, escape_char,
escape_char, escape_char);
buffer_append(berr, string, strlen(string));
continue;
@ -1114,7 +1116,7 @@ client_input_exit_status(int type, u_int32_t seq, void *ctxt)
static Channel *
client_request_forwarded_tcpip(const char *request_type, int rchan)
{
Channel* c = NULL;
Channel *c = NULL;
char *listen_address, *originator_address;
int listen_port, originator_port;
int sock;
@ -1144,7 +1146,7 @@ client_request_forwarded_tcpip(const char *request_type, int rchan)
return c;
}
static Channel*
static Channel *
client_request_x11(const char *request_type, int rchan)
{
Channel *c = NULL;
@ -1180,7 +1182,7 @@ client_request_x11(const char *request_type, int rchan)
return c;
}
static Channel*
static Channel *
client_request_agent(const char *request_type, int rchan)
{
Channel *c = NULL;

8
crypto/openssh/compat.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: compat.c,v 1.63 2002/04/10 08:21:47 markus Exp $");
RCSID("$OpenBSD: compat.c,v 1.65 2002/09/27 10:42:09 mickey Exp $");
#include "buffer.h"
#include "packet.h"
@ -39,13 +39,13 @@ int datafellows = 0;
void
enable_compat20(void)
{
verbose("Enabling compatibility mode for protocol 2.0");
debug("Enabling compatibility mode for protocol 2.0");
compat20 = 1;
}
void
enable_compat13(void)
{
verbose("Enabling compatibility mode for protocol 1.3");
debug("Enabling compatibility mode for protocol 1.3");
compat13 = 1;
}
/* datafellows bug compatibility */
@ -146,6 +146,8 @@ compat_datafellows(const char *version)
"OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD },
{ "*SSH_Version_Mapper*",
SSH_BUG_SCANNER },
{ "Probe-*",
SSH_BUG_PROBE },
{ NULL, 0 }
};

3
crypto/openssh/compat.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: compat.h,v 1.32 2002/04/10 08:21:47 markus Exp $ */
/* $OpenBSD: compat.h,v 1.33 2002/09/27 10:42:09 mickey Exp $ */
/*
* Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
@ -54,6 +54,7 @@
#define SSH_BUG_DUMMYCHAN 0x00100000
#define SSH_BUG_EXTEOF 0x00200000
#define SSH_BUG_K5USER 0x00400000
#define SSH_BUG_PROBE 0x00800000
void enable_compat13(void);
void enable_compat20(void);

141
crypto/openssh/config.guess vendored
View File

@ -3,7 +3,7 @@
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002 Free Software Foundation, Inc.
timestamp='2002-01-30'
timestamp='2002-07-23'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@ -88,30 +88,40 @@ if test $# != 0; then
exit 1
fi
trap 'exit 1' 1 2 15
dummy=dummy-$$
trap 'rm -f $dummy.c $dummy.o $dummy.rel $dummy; exit 1' 1 2 15
# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
# compiler to aid in system detection is discouraged as it requires
# temporary files to be created and, as you can see below, it is a
# headache to deal with in a portable fashion.
# CC_FOR_BUILD -- compiler used by this script.
# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
# use `HOST_CC' if defined, but it is deprecated.
set_cc_for_build='case $CC_FOR_BUILD,$HOST_CC,$CC in
,,) echo "int dummy(){}" > $dummy.c ;
for c in cc gcc c89 ; do
($c $dummy.c -c -o $dummy.o) >/dev/null 2>&1 ;
if test $? = 0 ; then
# This shell variable is my proudest work .. or something. --bje
set_cc_for_build='tmpdir=${TMPDIR-/tmp}/config-guess-$$ ;
(old=`umask` && umask 077 && mkdir $tmpdir && umask $old && unset old)
|| (echo "$me: cannot create $tmpdir" >&2 && exit 1) ;
dummy=$tmpdir/dummy ;
files="$dummy.c $dummy.o $dummy.rel $dummy" ;
trap '"'"'rm -f $files; rmdir $tmpdir; exit 1'"'"' 1 2 15 ;
case $CC_FOR_BUILD,$HOST_CC,$CC in
,,) echo "int x;" > $dummy.c ;
for c in cc gcc c89 c99 ; do
if ($c $dummy.c -c -o $dummy.o) >/dev/null 2>&1 ; then
CC_FOR_BUILD="$c"; break ;
fi ;
done ;
rm -f $dummy.c $dummy.o $dummy.rel ;
rm -f $files ;
if test x"$CC_FOR_BUILD" = x ; then
CC_FOR_BUILD=no_compiler_found ;
fi
;;
,,*) CC_FOR_BUILD=$CC ;;
,*,*) CC_FOR_BUILD=$HOST_CC ;;
esac'
esac ;
unset files'
# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
# (ghazi@noc.rutgers.edu 1994-08-24)
@ -138,9 +148,11 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
#
# Note: NetBSD doesn't particularly care about the vendor
# portion of the name. We always set it to "unknown".
UNAME_MACHINE_ARCH=`(uname -p) 2>/dev/null` || \
UNAME_MACHINE_ARCH=unknown
sysctl="sysctl -n hw.machine_arch"
UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \
/usr/sbin/$sysctl 2>/dev/null || echo unknown)`
case "${UNAME_MACHINE_ARCH}" in
armeb) machine=armeb-unknown ;;
arm*) machine=arm-unknown ;;
sh3el) machine=shl-unknown ;;
sh3eb) machine=sh-unknown ;;
@ -219,6 +231,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
# A Tn.n version is a released field test version.
# A Xn.n version is an unreleased experimental baselevel.
# 1.2 uses "1.2" for uname -r.
eval $set_cc_for_build
cat <<EOF >$dummy.s
.data
\$Lformat:
@ -244,10 +257,9 @@ main:
jsr \$26,exit
.end main
EOF
eval $set_cc_for_build
$CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null
if test "$?" = 0 ; then
case `./$dummy` in
case `$dummy` in
0-0)
UNAME_MACHINE="alpha"
;;
@ -269,9 +281,12 @@ EOF
2-1307)
UNAME_MACHINE="alphaev68"
;;
3-1307)
UNAME_MACHINE="alphaev7"
;;
esac
fi
rm -f $dummy.s $dummy
rm -f $dummy.s $dummy && rmdir $tmpdir
echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
exit 0 ;;
Alpha\ *:Windows_NT*:*)
@ -312,6 +327,10 @@ EOF
NILE*:*:*:dcosx)
echo pyramid-pyramid-svr4
exit 0 ;;
DRS?6000:UNIX_SV:4.2*:7*)
case `/usr/bin/uname -p` in
sparc) echo sparc-icl-nx7 && exit 0 ;;
esac ;;
sun4H:SunOS:5.*:*)
echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit 0 ;;
@ -340,7 +359,7 @@ EOF
echo m68k-sun-sunos${UNAME_RELEASE}
exit 0 ;;
sun*:*:4.2BSD:*)
UNAME_RELEASE=`(head -1 /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
case "`/bin/arch`" in
sun3)
@ -419,14 +438,17 @@ EOF
}
EOF
$CC_FOR_BUILD $dummy.c -o $dummy \
&& ./$dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
&& rm -f $dummy.c $dummy && exit 0
rm -f $dummy.c $dummy
&& $dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
&& rm -f $dummy.c $dummy && rmdir $tmpdir && exit 0
rm -f $dummy.c $dummy && rmdir $tmpdir
echo mips-mips-riscos${UNAME_RELEASE}
exit 0 ;;
Motorola:PowerMAX_OS:*:*)
echo powerpc-motorola-powermax
exit 0 ;;
Night_Hawk:*:*:PowerMAX_OS)
echo powerpc-harris-powermax
exit 0 ;;
Night_Hawk:Power_UNIX:*:*)
echo powerpc-harris-powerunix
exit 0 ;;
@ -499,8 +521,8 @@ EOF
exit(0);
}
EOF
$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0
rm -f $dummy.c $dummy
$CC_FOR_BUILD $dummy.c -o $dummy && $dummy && rm -f $dummy.c $dummy && rmdir $tmpdir && exit 0
rm -f $dummy.c $dummy && rmdir $tmpdir
echo rs6000-ibm-aix3.2.5
elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
echo rs6000-ibm-aix3.2.4
@ -509,7 +531,7 @@ EOF
fi
exit 0 ;;
*:AIX:*:[45])
IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | head -1 | awk '{ print $1 }'`
IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
IBM_ARCH=rs6000
else
@ -598,9 +620,9 @@ EOF
exit (0);
}
EOF
(CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null) && HP_ARCH=`./$dummy`
(CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null) && HP_ARCH=`$dummy`
if test -z "$HP_ARCH"; then HP_ARCH=hppa; fi
rm -f $dummy.c $dummy
rm -f $dummy.c $dummy && rmdir $tmpdir
fi ;;
esac
echo ${HP_ARCH}-hp-hpux${HPUX_REV}
@ -636,8 +658,8 @@ EOF
exit (0);
}
EOF
$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm -f $dummy.c $dummy && exit 0
rm -f $dummy.c $dummy
$CC_FOR_BUILD $dummy.c -o $dummy && $dummy && rm -f $dummy.c $dummy && rmdir $tmpdir && exit 0
rm -f $dummy.c $dummy && rmdir $tmpdir
echo unknown-hitachi-hiuxwe2
exit 0 ;;
9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
@ -683,9 +705,6 @@ EOF
C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
echo c4-convex-bsd
exit 0 ;;
CRAY*X-MP:*:*:*)
echo xmp-cray-unicos
exit 0 ;;
CRAY*Y-MP:*:*:*)
echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
exit 0 ;;
@ -707,9 +726,6 @@ EOF
CRAY*SV1:*:*:*)
echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
exit 0 ;;
CRAY-2:*:*:*)
echo cray2-cray-unicos
exit 0 ;;
F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
@ -726,7 +742,19 @@ EOF
echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
exit 0 ;;
*:FreeBSD:*:*)
echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
# Determine whether the default compiler uses glibc.
eval $set_cc_for_build
sed 's/^ //' << EOF >$dummy.c
#include <features.h>
#if __GLIBC__ >= 2
LIBC=gnu
#else
LIBC=
#endif
EOF
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
rm -f $dummy.c && rmdir $tmpdir
echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`${LIBC:+-$LIBC}
exit 0 ;;
i*:CYGWIN*:*)
echo ${UNAME_MACHINE}-pc-cygwin
@ -765,7 +793,7 @@ EOF
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit 0 ;;
ia64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit 0 ;;
m68*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
@ -776,18 +804,18 @@ EOF
#undef CPU
#undef mips
#undef mipsel
#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
CPU=mipsel
#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
CPU=mipsel
#else
#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
CPU=mips
#else
CPU=
#endif
#endif
#endif
EOF
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=`
rm -f $dummy.c
rm -f $dummy.c && rmdir $tmpdir
test x"${CPU}" != x && echo "${CPU}-pc-linux-gnu" && exit 0
;;
ppc:Linux:*:*)
@ -837,9 +865,8 @@ EOF
# The BFD linker knows what the default object file format is, so
# first see if it will tell us. cd to the root directory to prevent
# problems with other programs or directories called `ld' in the path.
# Export LANG=C to prevent ld from outputting information in other
# languages.
ld_supported_targets=`LANG=C; export LANG; cd /; ld --help 2>&1 \
# Set LC_ALL=C to ensure ld outputs messages in English.
ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
| sed -ne '/supported targets:/!d
s/[ ][ ]*/ /g
s/.*supported targets: *//
@ -851,7 +878,7 @@ EOF
;;
a.out-i386-linux)
echo "${UNAME_MACHINE}-pc-linux-gnuaout"
exit 0 ;;
exit 0 ;;
coff-i386)
echo "${UNAME_MACHINE}-pc-linux-gnucoff"
exit 0 ;;
@ -884,7 +911,7 @@ EOF
#endif
EOF
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=`
rm -f $dummy.c
rm -f $dummy.c && rmdir $tmpdir
test x"${LIBC}" != x && echo "${UNAME_MACHINE}-pc-linux-${LIBC}" && exit 0
test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0
;;
@ -923,13 +950,13 @@ EOF
UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
elif /bin/uname -X 2>/dev/null >/dev/null ; then
UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')`
(/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486
(/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \
UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
(/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
(/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
&& UNAME_MACHINE=i586
(/bin/uname -X|egrep '^Machine.*Pent ?II' >/dev/null) \
(/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
&& UNAME_MACHINE=i686
(/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \
(/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
&& UNAME_MACHINE=i686
echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
else
@ -964,7 +991,7 @@ EOF
exit 0 ;;
M68*:*:R3V[567]*:*)
test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0)
3[34]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0)
OS_REL=''
test -r /etc/.relid \
&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
@ -1065,12 +1092,12 @@ EOF
echo `uname -p`-apple-darwin${UNAME_RELEASE}
exit 0 ;;
*:procnto*:*:* | *:QNX:[0123456789]*:*)
if test "${UNAME_MACHINE}" = "x86pc"; then
UNAME_PROCESSOR=`uname -p`
if test "$UNAME_PROCESSOR" = "x86"; then
UNAME_PROCESSOR=i386
UNAME_MACHINE=pc
echo i386-${UNAME_MACHINE}-nto-qnx
else
echo `uname -p`-${UNAME_MACHINE}-nto-qnx
fi
echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE}
exit 0 ;;
*:QNX:*:4*)
echo i386-pc-qnx
@ -1247,8 +1274,8 @@ main ()
}
EOF
$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm -f $dummy.c $dummy && exit 0
rm -f $dummy.c $dummy
$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && $dummy && rm -f $dummy.c $dummy && rmdir $tmpdir && exit 0
rm -f $dummy.c $dummy && rmdir $tmpdir
# Apollos put the system type in the environment.

272
crypto/openssh/config.sub vendored
View File

@ -1,9 +1,9 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001
# Free Software Foundation, Inc.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002 Free Software Foundation, Inc.
timestamp='2001-04-20'
timestamp='2002-07-03'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@ -29,7 +29,8 @@ timestamp='2001-04-20'
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# Please send patches to <config-patches@gnu.org>.
# Please send patches to <config-patches@gnu.org>. Submit a context
# diff and a properly formatted ChangeLog entry.
#
# Configuration subroutine to validate and canonicalize a configuration type.
# Supply the specified configuration type as an argument.
@ -117,7 +118,7 @@ esac
# Here we must recognize all the valid KERNEL-OS combinations.
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
nto-qnx* | linux-gnu* | storm-chaos* | os2-emx*)
nto-qnx* | linux-gnu* | freebsd*-gnu* | storm-chaos* | os2-emx* | windows32-* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
@ -157,6 +158,14 @@ case $os in
os=-vxworks
basic_machine=$1
;;
-chorusos*)
os=-chorusos
basic_machine=$1
;;
-chorusrdb)
os=-chorusrdb
basic_machine=$1
;;
-hiux*)
os=-hiuxwe2
;;
@ -215,26 +224,44 @@ esac
case $basic_machine in
# Recognize the basic CPU types without company name.
# Some are omitted here because they have special meanings below.
tahoe | i860 | ia64 | m32r | m68k | m68000 | m88k | ns32k | arc \
| arm | arme[lb] | arm[bl]e | armv[2345] | armv[345][lb] | strongarm | xscale \
| pyramid | mn10200 | mn10300 | tron | a29k \
| 580 | i960 | h8300 \
| x86 | ppcbe | mipsbe | mipsle | shbe | shle \
| hppa | hppa1.0 | hppa1.1 | hppa2.0 | hppa2.0w | hppa2.0n \
| hppa64 \
| alpha | alphaev[4-8] | alphaev56 | alphapca5[67] \
| alphaev6[78] \
| we32k | ns16k | clipper | i370 | sh | sh[34] \
| powerpc | powerpcle \
| 1750a | dsp16xx | pdp10 | pdp11 \
| mips16 | mips64 | mipsel | mips64el \
| mips64orion | mips64orionel | mipstx39 | mipstx39el \
| mips64vr4300 | mips64vr4300el | mips64vr4100 | mips64vr4100el \
| mips64vr5000 | miprs64vr5000el | mcore | s390 | s390x \
| sparc | sparclet | sparclite | sparc64 | sparcv9 | sparcv9b \
| v850 | c4x \
| thumb | d10v | d30v | fr30 | avr | openrisc | tic80 \
| pj | pjl | h8500)
1750a | 580 \
| a29k \
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \
| c4x | clipper \
| d10v | d30v | dlx | dsp16xx \
| fr30 | frv \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k \
| m32r | m68000 | m68k | m88k | mcore \
| mips | mipsbe | mipseb | mipsel | mipsle \
| mips16 \
| mips64 | mips64el \
| mips64orion | mips64orionel \
| mips64vr4100 | mips64vr4100el \
| mips64vr4300 | mips64vr4300el \
| mips64vr5000 | mips64vr5000el \
| mipsisa32 | mipsisa32el \
| mipsisa64 | mipsisa64el \
| mipsisa64sb1 | mipsisa64sb1el \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
| ns16k | ns32k \
| openrisc | or32 \
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
| sh | sh[1234] | sh3e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv9 | sparcv9b \
| strongarm \
| tahoe | thumb | tic80 | tron \
| v850 | v850e \
| we32k \
| x86 | xscale | xstormy16 | xtensa \
| z8k)
basic_machine=$basic_machine-unknown
;;
m6811 | m68hc11 | m6812 | m68hc12)
@ -242,7 +269,7 @@ case $basic_machine in
basic_machine=$basic_machine-unknown
os=-none
;;
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | z8k | v70 | w65)
m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
;;
# We use `pc' rather than `unknown'
@ -257,31 +284,54 @@ case $basic_machine in
exit 1
;;
# Recognize the basic CPU types with company name.
# FIXME: clean up the formatting here.
vax-* | tahoe-* | i*86-* | i860-* | ia64-* | m32r-* | m68k-* | m68000-* \
| m88k-* | sparc-* | ns32k-* | fx80-* | arc-* | c[123]* \
| arm-* | armbe-* | armle-* | armv*-* | strongarm-* | xscale-* \
| mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* \
| power-* | none-* | 580-* | cray2-* | h8300-* | h8500-* | i960-* \
| xmp-* | ymp-* \
| x86-* | ppcbe-* | mipsbe-* | mipsle-* | shbe-* | shle-* \
| hppa-* | hppa1.0-* | hppa1.1-* | hppa2.0-* | hppa2.0w-* \
| hppa2.0n-* | hppa64-* \
| alpha-* | alphaev[4-8]-* | alphaev56-* | alphapca5[67]-* \
| alphaev6[78]-* \
| we32k-* | cydra-* | ns16k-* | pn-* | np1-* | xps100-* \
| clipper-* | orion-* \
| sparclite-* | pdp10-* | pdp11-* | sh-* | powerpc-* | powerpcle-* \
| sparc64-* | sparcv9-* | sparcv9b-* | sparc86x-* \
| mips16-* | mips64-* | mipsel-* \
| mips64el-* | mips64orion-* | mips64orionel-* \
| mips64vr4100-* | mips64vr4100el-* | mips64vr4300-* | mips64vr4300el-* \
| mipstx39-* | mipstx39el-* | mcore-* \
| f30[01]-* | f700-* | s390-* | s390x-* | sv1-* | t3e-* \
| [cjt]90-* \
| m88110-* | m680[01234]0-* | m683?2-* | m68360-* | z8k-* | d10v-* \
| thumb-* | v850-* | d30v-* | tic30-* | tic80-* | c30-* | fr30-* \
| bs2000-* | tic54x-* | c54x-* | x86_64-* | pj-* | pjl-*)
580-* \
| a29k-* \
| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
| avr-* \
| bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c54x-* \
| clipper-* | cydra-* \
| d10v-* | d30v-* | dlx-* \
| elxsi-* \
| f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \
| h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* \
| m32r-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | mcore-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
| mips16-* \
| mips64-* | mips64el-* \
| mips64orion-* | mips64orionel-* \
| mips64vr4100-* | mips64vr4100el-* \
| mips64vr4300-* | mips64vr4300el-* \
| mips64vr5000-* | mips64vr5000el-* \
| mipsisa32-* | mipsisa32el-* \
| mipsisa64-* | mipsisa64el-* \
| mipsisa64sb1-* | mipsisa64sb1el-* \
| mipstx39 | mipstx39el \
| none-* | np1-* | ns16k-* | ns32k-* \
| orion-* \
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
| romp-* | rs6000-* \
| sh-* | sh[1234]-* | sh3e-* | sh[34]eb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \
| sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* | tic30-* | tic54x-* | tic80-* | tron-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
| x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \
| xtensa-* \
| ymp-* \
| z8k-*)
;;
# Recognize the various machine names and aliases which stand
# for a CPU type and a company and sometimes even an OS.
@ -344,6 +394,10 @@ case $basic_machine in
basic_machine=ns32k-sequent
os=-dynix
;;
c90)
basic_machine=c90-cray
os=-unicos
;;
convex-c1)
basic_machine=c1-convex
os=-bsd
@ -364,16 +418,8 @@ case $basic_machine in
basic_machine=c38-convex
os=-bsd
;;
cray | ymp)
basic_machine=ymp-cray
os=-unicos
;;
cray2)
basic_machine=cray2-cray
os=-unicos
;;
[cjt]90)
basic_machine=${basic_machine}-cray
cray | j90)
basic_machine=j90-cray
os=-unicos
;;
crds | unos)
@ -388,6 +434,14 @@ case $basic_machine in
decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
basic_machine=mips-dec
;;
decsystem10* | dec10*)
basic_machine=pdp10-dec
os=-tops10
;;
decsystem20* | dec20*)
basic_machine=pdp10-dec
os=-tops20
;;
delta | 3300 | motorola-3300 | motorola-delta \
| 3300-motorola | delta-motorola)
basic_machine=m68k-motorola
@ -568,14 +622,6 @@ case $basic_machine in
basic_machine=m68k-atari
os=-mint
;;
mipsel*-linux*)
basic_machine=mipsel-unknown
os=-linux-gnu
;;
mips*-linux*)
basic_machine=mips-unknown
os=-linux-gnu
;;
mips3*-*)
basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
;;
@ -590,6 +636,10 @@ case $basic_machine in
basic_machine=m68k-rom68k
os=-coff
;;
morphos)
basic_machine=powerpc-unknown
os=-morphos
;;
msdos)
basic_machine=i386-pc
os=-msdos
@ -669,6 +719,10 @@ case $basic_machine in
basic_machine=hppa1.1-oki
os=-proelf
;;
or32 | or32-*)
basic_machine=or32-unknown
os=-coff
;;
OSE68000 | ose68000)
basic_machine=m68000-ericsson
os=-ose
@ -694,7 +748,7 @@ case $basic_machine in
pc532 | pc532-*)
basic_machine=ns32k-pc532
;;
pentium | p5 | k5 | k6 | nexgen)
pentium | p5 | k5 | k6 | nexgen | viac3)
basic_machine=i586-pc
;;
pentiumpro | p6 | 6x86 | athlon)
@ -703,7 +757,7 @@ case $basic_machine in
pentiumii | pentium2)
basic_machine=i686-pc
;;
pentium-* | p5-* | k5-* | k6-* | nexgen-*)
pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
pentiumpro-* | p6-* | 6x86-* | athlon-*)
@ -727,6 +781,16 @@ case $basic_machine in
ppcle-* | powerpclittle-*)
basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppc64) basic_machine=powerpc64-unknown
;;
ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ppc64le | powerpc64little | ppc64-le | powerpc64-little)
basic_machine=powerpc64le-unknown
;;
ppc64le-* | powerpc64little-*)
basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
;;
ps2)
basic_machine=i386-ibm
;;
@ -744,6 +808,12 @@ case $basic_machine in
rtpc | rtpc-*)
basic_machine=romp-ibm
;;
s390 | s390-*)
basic_machine=s390-ibm
;;
s390x | s390x-*)
basic_machine=s390x-ibm
;;
sa29200)
basic_machine=a29k-amd
os=-udi
@ -755,7 +825,7 @@ case $basic_machine in
basic_machine=sh-hitachi
os=-hms
;;
sparclite-wrs)
sparclite-wrs | simso-wrs)
basic_machine=sparclite-wrs
os=-vxworks
;;
@ -813,7 +883,7 @@ case $basic_machine in
sun386 | sun386i | roadrunner)
basic_machine=i386-sun
;;
sv1)
sv1)
basic_machine=sv1-cray
os=-unicos
;;
@ -821,8 +891,16 @@ case $basic_machine in
basic_machine=i386-sequent
os=-dynix
;;
t3d)
basic_machine=alpha-cray
os=-unicos
;;
t3e)
basic_machine=t3e-cray
basic_machine=alphaev5-cray
os=-unicos
;;
t90)
basic_machine=t90-cray
os=-unicos
;;
tic54x | c54x*)
@ -835,6 +913,10 @@ case $basic_machine in
tx39el)
basic_machine=mipstx39el-unknown
;;
toad1)
basic_machine=pdp10-xkl
os=-tops20
;;
tower | tower-32)
basic_machine=m68k-ncr
;;
@ -881,13 +963,17 @@ case $basic_machine in
basic_machine=hppa1.1-winbond
os=-proelf
;;
xmp)
basic_machine=xmp-cray
os=-unicos
windows32)
basic_machine=i386-pc
os=-windows32-msvcrt
;;
xps | xps100)
basic_machine=xps100-honeywell
;;
ymp)
basic_machine=ymp-cray
os=-unicos
;;
z8k-*-coff)
basic_machine=z8k-unknown
os=-sim
@ -908,13 +994,6 @@ case $basic_machine in
op60c)
basic_machine=hppa1.1-oki
;;
mips)
if [ x$os = x-linux-gnu ]; then
basic_machine=mips-unknown
else
basic_machine=mips-mips
fi
;;
romp)
basic_machine=romp-ibm
;;
@ -934,9 +1013,12 @@ case $basic_machine in
we32k)
basic_machine=we32k-att
;;
sh3 | sh4)
sh3 | sh4 | sh3eb | sh4eb | sh[1234]le | sh3ele)
basic_machine=sh-unknown
;;
sh64)
basic_machine=sh64-unknown
;;
sparc | sparcv9 | sparcv9b)
basic_machine=sparc-sun
;;
@ -1018,11 +1100,14 @@ case $os in
| -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* \
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \
| -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* | -os2*)
| -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* | -powermax*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@ -1074,12 +1159,18 @@ case $os in
-acis*)
os=-aos
;;
-atheos*)
os=-atheos
;;
-386bsd)
os=-bsd
;;
-ctix* | -uts*)
os=-sysv
;;
-nova*)
os=-rtmk-nova
;;
-ns2 )
os=-nextstep2
;;
@ -1154,6 +1245,7 @@ case $basic_machine in
arm*-semi)
os=-aout
;;
# This must come before the *-dec entry.
pdp10-*)
os=-tops20
;;
@ -1184,6 +1276,9 @@ case $basic_machine in
mips*-*)
os=-elf
;;
or32-*)
os=-coff
;;
*-tti) # must be before sparc entry or we get the wrong os.
os=-sysv3
;;
@ -1331,7 +1426,7 @@ case $basic_machine in
-ptx*)
vendor=sequent
;;
-vxsim* | -vxworks*)
-vxsim* | -vxworks* | -windiss*)
vendor=wrs
;;
-aux*)
@ -1346,6 +1441,9 @@ case $basic_machine in
-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
vendor=atari
;;
-vos*)
vendor=stratus
;;
esac
basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
;;

216
crypto/openssh/configure.ac
View File

@ -1,4 +1,4 @@
# $Id: configure.ac,v 1.72 2002/06/25 22:35:16 tim Exp $
# $Id: configure.ac,v 1.89 2002/09/26 00:38:47 tim Exp $
AC_INIT
AC_CONFIG_SRCDIR([ssh.c])
@ -17,7 +17,6 @@ AC_PATH_PROGS(PERL, perl5 perl)
AC_SUBST(PERL)
AC_PATH_PROG(ENT, ent)
AC_SUBST(ENT)
AC_PATH_PROGS(FILEPRIV, filepriv, true, /sbin:/usr/sbin)
AC_PATH_PROG(TEST_MINUS_S_SH, bash)
AC_PATH_PROG(TEST_MINUS_S_SH, ksh)
AC_PATH_PROG(TEST_MINUS_S_SH, sh)
@ -71,7 +70,12 @@ case "$host" in
)
LDFLAGS="$saved_LDFLAGS"
fi
AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)])
AC_CHECK_FUNC(authenticate, [AC_DEFINE(WITH_AIXAUTHENTICATE)],
[AC_CHECK_LIB(s,authenticate,
[ AC_DEFINE(WITH_AIXAUTHENTICATE)
LIBS="$LIBS -ls"
])
])
AC_DEFINE(BROKEN_GETADDRINFO)
AC_DEFINE(BROKEN_REALPATH)
dnl AIX handles lastlog as part of its login message
@ -86,14 +90,24 @@ case "$host" in
AC_DEFINE(IPV4_DEFAULT)
AC_DEFINE(IP_TOS_IS_BROKEN)
AC_DEFINE(NO_X11_UNIX_SOCKETS)
AC_DEFINE(BROKEN_FD_PASSING)
AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT)
AC_DEFINE(DISABLE_FD_PASSING)
AC_DEFINE(SETGROUPS_NOOP)
;;
*-*-dgux*)
AC_DEFINE(IP_TOS_IS_BROKEN)
;;
*-*-darwin*)
AC_DEFINE(BROKEN_GETADDRINFO)
AC_MSG_CHECKING(if we have working getaddrinfo)
AC_TRY_RUN([#include <mach-o/dyld.h>
main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
exit(0);
else
exit(1);
}], [AC_MSG_RESULT(working)],
[AC_MSG_RESULT(buggy)
AC_DEFINE(BROKEN_GETADDRINFO)],
[AC_MSG_RESULT(assume it is working)])
;;
*-*-hpux10.26)
if test -z "$GCC"; then
@ -108,7 +122,8 @@ case "$host" in
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lxnet -lsec -lsecpw"
LIBS="$LIBS -lsec -lsecpw"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
disable_ptmx_check=yes
;;
*-*-hpux10*)
@ -123,7 +138,8 @@ case "$host" in
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lxnet -lsec"
LIBS="$LIBS -lsec"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
;;
*-*-hpux11*)
CPPFLAGS="$CPPFLAGS -D_HPUX_SOURCE -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
@ -135,7 +151,8 @@ case "$host" in
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_UTMP)
AC_DEFINE(SPT_TYPE,SPT_PSTAT)
LIBS="$LIBS -lxnet -lsec"
LIBS="$LIBS -lsec"
AC_CHECK_LIB(xnet, t_error, ,AC_MSG_ERROR([*** -lxnet needed on HP-UX - check config.log ***]))
;;
*-*-irix5*)
CPPFLAGS="$CPPFLAGS -I/usr/local/include"
@ -167,6 +184,7 @@ mips-sony-bsd|mips-sony-newsos4)
SONY=1
;;
*-*-netbsd*)
check_for_libcrypt_before=1
need_dash_r=1
;;
*-*-freebsd*)
@ -267,17 +285,28 @@ mips-sony-bsd|mips-sony-newsos4)
AC_DEFINE(USE_PIPES)
AC_DEFINE(HAVE_SECUREWARE)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(BROKEN_FD_PASSING)
AC_DEFINE(DISABLE_FD_PASSING)
AC_CHECK_FUNCS(getluid setluid)
MANTYPE=man
;;
*-*-unicosmk*)
no_libsocket=1
no_libnsl=1
AC_DEFINE(USE_PIPES)
AC_DEFINE(DISABLE_FD_PASSING)
LDFLAGS="$LDFLAGS"
LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
MANTYPE=cat
;;
*-*-unicos*)
no_libsocket=1
no_libnsl=1
AC_DEFINE(USE_PIPES)
AC_DEFINE(BROKEN_FD_PASSING)
LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal,-L/usr/local/lib"
LIBS="$LIBS -lgen -lrsc"
AC_DEFINE(DISABLE_FD_PASSING)
AC_DEFINE(NO_SSH_LASTLOG)
LDFLAGS="$LDFLAGS -Wl,-Dmsglevel=334:fatal"
LIBS="$LIBS -lgen -lrsc -lshare -luex -lacm"
MANTYPE=cat
;;
*-dec-osf*)
AC_MSG_CHECKING(for Digital Unix SIA)
@ -348,14 +377,14 @@ AC_ARG_WITH(libs,
# Checks for header files.
AC_CHECK_HEADERS(bstring.h crypt.h endian.h floatingpoint.h \
getopt.h glob.h lastlog.h limits.h login.h \
getopt.h glob.h ia.h lastlog.h limits.h login.h \
login_cap.h maillock.h netdb.h netgroup.h \
netinet/in_systm.h paths.h pty.h readpassphrase.h \
rpc/types.h security/pam_appl.h shadow.h stddef.h stdint.h \
strings.h sys/bitypes.h sys/bsdtty.h sys/cdefs.h \
sys/mman.h sys/select.h sys/stat.h \
sys/stropts.h sys/sysmacros.h sys/time.h \
sys/un.h time.h ttyent.h usersec.h \
sys/un.h time.h tmpdir.h ttyent.h usersec.h \
util.h utime.h utmp.h utmpx.h)
# Checks for libraries.
@ -419,7 +448,8 @@ AC_CHECK_FUNC(strcasecmp,
[], [ AC_CHECK_LIB(resolv, strcasecmp, LIBS="$LIBS -lresolv") ]
)
AC_CHECK_FUNC(utimes,
[], [ AC_CHECK_LIB(c89, utimes, LIBS="$LIBS -lc89") ]
[], [ AC_CHECK_LIB(c89, utimes, [AC_DEFINE(HAVE_UTIMES)
LIBS="$LIBS -lc89"]) ]
)
dnl Checks for libutil functions
@ -468,7 +498,7 @@ AC_TRY_RUN(
[
#include <sys/types.h>
#include <dirent.h>
int main(void){struct dirent d;return(sizeof(d.d_name)<=sizeof(char));}
int main(void){struct dirent d;exit(sizeof(d.d_name)<=sizeof(char));}
],
[AC_MSG_RESULT(yes)],
[
@ -499,7 +529,7 @@ AC_ARG_WITH(skey,
[
#include <stdio.h>
#include <skey.h>
int main() { char *ff = skey_keyinfo(""); ff=""; return 0; }
int main() { char *ff = skey_keyinfo(""); ff=""; exit(0); }
],
[AC_MSG_RESULT(yes)],
[
@ -567,7 +597,7 @@ AC_ARG_WITH(tcp-wrappers,
dnl Checks for library functions.
AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
clock fchmod fchown freeaddrinfo futimes gai_strerror \
getaddrinfo getcwd getgrouplist getnameinfo getopt \
getaddrinfo getcwd getgrouplist getnameinfo getopt getpeereid\
getrlimit getrusage getttyent glob inet_aton inet_ntoa \
inet_ntop innetgr login_getcapbool md5_crypt memmove \
mkdtemp mmap ngetaddrinfo openpty ogetaddrinfo readpassphrase \
@ -577,30 +607,6 @@ AC_CHECK_FUNCS(arc4random b64_ntop bcopy bindresvport_sa \
socketpair strerror strlcat strlcpy strmode strsep sysconf tcgetpgrp \
truncate utimes vhangup vsnprintf waitpid __b64_ntop _getpty)
if test $ac_cv_func_mmap = yes ; then
AC_MSG_CHECKING([for mmap anon shared])
AC_TRY_RUN(
[
#include <stdio.h>
#include <sys/mman.h>
#if !defined(MAP_ANON) && defined(MAP_ANONYMOUS)
#define MAP_ANON MAP_ANONYMOUS
#endif
main() { char *p;
p = (char *) mmap(NULL, 10, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED, -1, 0);
if (p == (char *)-1)
exit(1);
exit(0);
}
],
[
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_MMAP_ANON_SHARED)
],
[ AC_MSG_RESULT(no) ]
)
fi
dnl IRIX and Solaris 2.5.1 have dirname() in libgen
AC_CHECK_FUNCS(dirname, [AC_CHECK_HEADERS(libgen.h)] ,[
AC_CHECK_LIB(gen, dirname,[
@ -663,7 +669,7 @@ if test "x$ac_cv_func_snprintf" = "xyes" ; then
AC_TRY_RUN(
[
#include <stdio.h>
int main(void){char b[5];snprintf(b,5,"123456789");return(b[4]!='\0');}
int main(void){char b[5];snprintf(b,5,"123456789");exit(b[4]!='\0');}
],
[AC_MSG_RESULT(yes)],
[
@ -723,6 +729,12 @@ if test "x$PAM_MSG" = "xyes" ; then
)
fi
# Some systems want crypt() from libcrypt, *not* the version in OpenSSL,
# because the system crypt() is more featureful.
if test "x$check_for_libcrypt_before" = "x1"; then
AC_CHECK_LIB(crypt, crypt)
fi
# Search for OpenSSL
saved_CPPFLAGS="$CPPFLAGS"
saved_LDFLAGS="$LDFLAGS"
@ -769,6 +781,70 @@ AC_TRY_LINK_FUNC(RAND_add, AC_DEFINE(HAVE_OPENSSL),
]
)
# Determine OpenSSL header version
AC_MSG_CHECKING([OpenSSL header version])
AC_TRY_RUN(
[
#include <stdio.h>
#include <string.h>
#include <openssl/opensslv.h>
#define DATA "conftest.sslincver"
int main(void) {
FILE *fd;
int rc;
fd = fopen(DATA,"w");
if(fd == NULL)
exit(1);
if ((rc = fprintf(fd ,"%x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
exit(1);
exit(0);
}
],
[
ssl_header_ver=`cat conftest.sslincver`
AC_MSG_RESULT($ssl_header_ver)
],
[
AC_MSG_RESULT(not found)
AC_MSG_ERROR(OpenSSL version header not found.)
]
)
# Determine OpenSSL library version
AC_MSG_CHECKING([OpenSSL library version])
AC_TRY_RUN(
[
#include <stdio.h>
#include <string.h>
#include <openssl/opensslv.h>
#include <openssl/crypto.h>
#define DATA "conftest.ssllibver"
int main(void) {
FILE *fd;
int rc;
fd = fopen(DATA,"w");
if(fd == NULL)
exit(1);
if ((rc = fprintf(fd ,"%x (%s)\n", SSLeay(), SSLeay_version(SSLEAY_VERSION))) <0)
exit(1);
exit(0);
}
],
[
ssl_library_ver=`cat conftest.ssllibver`
AC_MSG_RESULT($ssl_library_ver)
],
[
AC_MSG_RESULT(not found)
AC_MSG_ERROR(OpenSSL library not found.)
]
)
# Sanity check OpenSSL headers
AC_MSG_CHECKING([whether OpenSSL's headers match the library])
@ -776,7 +852,7 @@ AC_TRY_RUN(
[
#include <string.h>
#include <openssl/opensslv.h>
int main(void) { return(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
int main(void) { exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); }
],
[
AC_MSG_RESULT(yes)
@ -802,7 +878,7 @@ AC_TRY_RUN(
[
#include <string.h>
#include <openssl/rand.h>
int main(void) { return(RAND_status() == 1 ? 0 : 1); }
int main(void) { exit(RAND_status() == 1 ? 0 : 1); }
],
[
OPENSSL_SEEDS_ITSELF=yes
@ -1056,7 +1132,16 @@ fi
AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
AC_TRY_COMPILE(
[ #include <sys/types.h> ],
[
#include <sys/types.h>
#ifdef HAVE_STDINT_H
# include <stdint.h>
#endif
#include <sys/socket.h>
#ifdef HAVE_SYS_BITYPES_H
# include <sys/bitypes.h>
#endif
],
[ int64_t a; a = 1;],
[ ac_cv_have_int64_t="yes" ],
[ ac_cv_have_int64_t="no" ]
@ -1064,33 +1149,6 @@ AC_CACHE_CHECK([for int64_t type], ac_cv_have_int64_t, [
])
if test "x$ac_cv_have_int64_t" = "xyes" ; then
AC_DEFINE(HAVE_INT64_T)
have_int64_t=1
fi
if test -z "$have_int64_t" ; then
AC_MSG_CHECKING([for int64_t type in sys/socket.h])
AC_TRY_COMPILE(
[ #include <sys/socket.h> ],
[ int64_t a; a = 1],
[
AC_DEFINE(HAVE_INT64_T)
AC_MSG_RESULT(yes)
],
[ AC_MSG_RESULT(no) ]
)
fi
if test -z "$have_int64_t" ; then
AC_MSG_CHECKING([for int64_t type in sys/bitypes.h])
AC_TRY_COMPILE(
[ #include <sys/bitypes.h> ],
[ int64_t a; a = 1],
[
AC_DEFINE(HAVE_INT64_T)
AC_MSG_RESULT(yes)
],
[ AC_MSG_RESULT(no) ]
)
fi
AC_CACHE_CHECK([for u_intXX_t types], ac_cv_have_u_intxx_t, [
@ -1819,7 +1877,7 @@ LIBS="$LIBS $KLIBS $K5LIBS"
PRIVSEP_PATH=/var/empty
AC_ARG_WITH(privsep-path,
[ --with-privsep-path=xxx Path for privilege separation chroot ],
[ --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)],
[
if test "x$withval" != "$no" ; then
PRIVSEP_PATH=$withval
@ -1836,7 +1894,12 @@ AC_ARG_WITH(xauth,
fi
],
[
AC_PATH_PROG(xauth_path, xauth,,$PATH:/usr/X/bin:/usr/bin/X11:/usr/X11R6/bin:/usr/openwin/bin)
TestPath="$PATH"
TestPath="${TestPath}${PATH_SEPARATOR}/usr/X/bin"
TestPath="${TestPath}${PATH_SEPARATOR}/usr/bin/X11"
TestPath="${TestPath}${PATH_SEPARATOR}/usr/X11R6/bin"
TestPath="${TestPath}${PATH_SEPARATOR}/usr/openwin/bin"
AC_PATH_PROG(xauth_path, xauth, , $TestPath)
if (test ! -z "$xauth_path" && test -x "/usr/openwin/bin/xauth") ; then
xauth_path="/usr/openwin/bin/xauth"
fi
@ -1890,7 +1953,8 @@ AC_ARG_WITH(mantype,
]
)
if test -z "$MANTYPE"; then
AC_PATH_PROGS(NROFF, nroff awf, /bin/false, /usr/bin:/usr/ucb)
TestPath="/usr/bin${PATH_SEPARATOR}/usr/ucb"
AC_PATH_PROGS(NROFF, nroff awf, /bin/false, $TestPath)
if ${NROFF} -mdoc ${srcdir}/ssh.1 >/dev/null 2>&1; then
MANTYPE=doc
elif ${NROFF} -man ${srcdir}/ssh.1 >/dev/null 2>&1; then

20
crypto/openssh/defines.h
View File

@ -1,7 +1,7 @@
#ifndef _DEFINES_H
#define _DEFINES_H
/* $Id: defines.h,v 1.92 2002/06/24 16:26:49 stevesk Exp $ */
/* $Id: defines.h,v 1.96 2002/09/26 00:38:48 tim Exp $ */
/* Constants */
@ -102,7 +102,7 @@ SCO Open Server 3 has INADDR_LOOPBACK defined in rpc/rpc.h but
including rpc/rpc.h breaks Solaris 6
*/
#ifndef INADDR_LOOPBACK
#define INADDR_LOOPBACK ((ulong)0x7f000001)
#define INADDR_LOOPBACK ((u_long)0x7f000001)
#endif
/* Types */
@ -124,7 +124,7 @@ typedef char int8_t;
# if (SIZEOF_SHORT_INT == 2)
typedef short int int16_t;
# else
# ifdef _CRAY
# ifdef _UNICOS
# if (SIZEOF_SHORT_INT == 4)
typedef short int16_t;
# else
@ -132,16 +132,16 @@ typedef long int16_t;
# endif
# else
# error "16 bit int type not found."
# endif /* _CRAY */
# endif /* _UNICOS */
# endif
# if (SIZEOF_INT == 4)
typedef int int32_t;
# else
# ifdef _CRAY
# ifdef _UNICOS
typedef long int32_t;
# else
# error "32 bit int type not found."
# endif /* _CRAY */
# endif /* _UNICOS */
# endif
#endif
@ -161,7 +161,7 @@ typedef unsigned char u_int8_t;
# if (SIZEOF_SHORT_INT == 2)
typedef unsigned short int u_int16_t;
# else
# ifdef _CRAY
# ifdef _UNICOS
# if (SIZEOF_SHORT_INT == 4)
typedef unsigned short u_int16_t;
# else
@ -174,7 +174,7 @@ typedef unsigned long u_int16_t;
# if (SIZEOF_INT == 4)
typedef unsigned int u_int32_t;
# else
# ifdef _CRAY
# ifdef _UNICOS
typedef unsigned long u_int32_t;
# else
# error "32 bit int type not found."
@ -216,6 +216,10 @@ typedef unsigned char u_char;
# define HAVE_U_CHAR
#endif /* HAVE_U_CHAR */
#ifndef SIZE_T_MAX
#define SIZE_T_MAX ULONG_MAX
#endif /* SIZE_T_MAX */
#ifndef HAVE_SIZE_T
typedef unsigned int size_t;
# define HAVE_SIZE_T

4
crypto/openssh/dh.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: dh.c,v 1.21 2002/03/06 00:23:27 markus Exp $");
RCSID("$OpenBSD: dh.c,v 1.22 2002/06/27 08:49:44 markus Exp $");
#include "xmalloc.h"
@ -50,7 +50,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
/* Ignore leading whitespace */
if (*arg == '\0')
arg = strdelim(&cp);
if (!*arg || *arg == '#')
if (!arg || !*arg || *arg == '#')
return 0;
/* time */

44
crypto/openssh/hostfile.c
View File

@ -36,7 +36,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: hostfile.c,v 1.29 2001/12/18 10:04:21 jakob Exp $");
RCSID("$OpenBSD: hostfile.c,v 1.30 2002/07/24 16:11:18 markus Exp $");
#include "packet.h"
#include "match.h"
@ -91,11 +91,14 @@ hostfile_check_key(int bits, Key *key, const char *host, const char *filename, i
* in the list of our known hosts. Returns HOST_OK if the host is known and
* has the specified key, HOST_NEW if the host is not known, and HOST_CHANGED
* if the host is known but used to have a different host key.
*
* If no 'key' has been specified and a key of type 'keytype' is known
* for the specified host, then HOST_FOUND is returned.
*/
HostStatus
check_host_in_hostfile(const char *filename, const char *host, Key *key,
Key *found, int *numret)
static HostStatus
check_host_in_hostfile_by_key_or_type(const char *filename,
const char *host, Key *key, int keytype, Key *found, int *numret)
{
FILE *f;
char line[8192];
@ -105,8 +108,7 @@ check_host_in_hostfile(const char *filename, const char *host, Key *key,
HostStatus end_return;
debug3("check_host_in_hostfile: filename %s", filename);
if (key == NULL)
fatal("no key to look up");
/* Open the file containing the list of known hosts. */
f = fopen(filename, "r");
if (!f)
@ -147,12 +149,20 @@ check_host_in_hostfile(const char *filename, const char *host, Key *key,
*/
if (!hostfile_read_key(&cp, &kbits, found))
continue;
if (!hostfile_check_key(kbits, found, host, filename, linenum))
continue;
if (numret != NULL)
*numret = linenum;
if (key == NULL) {
/* we found a key of the requested type */
if (found->type == keytype)
return HOST_FOUND;
continue;
}
if (!hostfile_check_key(kbits, found, host, filename, linenum))
continue;
/* Check if the current key is the same as the given key. */
if (key_equal(key, found)) {
/* Ok, they match. */
@ -177,6 +187,24 @@ check_host_in_hostfile(const char *filename, const char *host, Key *key,
return end_return;
}
HostStatus
check_host_in_hostfile(const char *filename, const char *host, Key *key,
Key *found, int *numret)
{
if (key == NULL)
fatal("no key to look up");
return (check_host_in_hostfile_by_key_or_type(filename, host, key, 0,
found, numret));
}
int
lookup_key_in_hostfile_by_type(const char *filename, const char *host,
int keytype, Key *found, int *numret)
{
return (check_host_in_hostfile_by_key_or_type(filename, host, NULL,
keytype, found, numret) == HOST_FOUND);
}
/*
* Appends an entry to the host file. Returns false if the entry could not
* be appended.

6
crypto/openssh/hostfile.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: hostfile.h,v 1.10 2001/12/18 10:04:21 jakob Exp $ */
/* $OpenBSD: hostfile.h,v 1.12 2002/09/08 20:24:08 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -15,12 +15,14 @@
#define HOSTFILE_H
typedef enum {
HOST_OK, HOST_NEW, HOST_CHANGED
HOST_OK, HOST_NEW, HOST_CHANGED, HOST_FOUND
} HostStatus;
int hostfile_read_key(char **, u_int *, Key *);
HostStatus
check_host_in_hostfile(const char *, const char *, Key *, Key *, int *);
int add_host_to_hostfile(const char *, const char *, Key *);
int
lookup_key_in_hostfile_by_type(const char *, const char *, int , Key *, int *);
#endif

11
crypto/openssh/includes.h
View File

@ -115,6 +115,9 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
#ifdef HAVE_SYS_UN_H
# include <sys/un.h> /* For sockaddr_un */
#endif
#ifdef HAVE_STDINT_H
# include <stdint.h>
#endif
#ifdef HAVE_SYS_BITYPES_H
# include <sys/bitypes.h> /* For u_intXX_t */
#endif
@ -146,6 +149,14 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
# include <readpassphrase.h>
#endif
#ifdef HAVE_IA_H
# include <ia.h>
#endif
#ifdef HAVE_TMPDIR_H
# include <tmpdir.h>
#endif
#include <openssl/opensslv.h> /* For OPENSSL_VERSION_NUMBER */
#include "defines.h"

4
crypto/openssh/kex.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kex.h,v 1.31 2002/05/16 22:02:50 markus Exp $ */
/* $OpenBSD: kex.h,v 1.32 2002/09/09 14:54:14 markus Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -96,7 +96,7 @@ struct Newkeys {
};
struct Kex {
u_char *session_id;
int session_id_len;
u_int session_id_len;
Newkeys *newkeys[MODE_MAX];
int we_need;
int server;

30
crypto/openssh/key.c
View File

@ -32,7 +32,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: key.c,v 1.45 2002/06/23 03:26:19 deraadt Exp $");
RCSID("$OpenBSD: key.c,v 1.49 2002/09/09 14:54:14 markus Exp $");
#include <openssl/evp.h>
@ -171,7 +171,7 @@ key_equal(Key *a, Key *b)
return 0;
}
static u_char*
static u_char *
key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
{
const EVP_MD *md = NULL;
@ -227,8 +227,8 @@ key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
return retval;
}
static char*
key_fingerprint_hex(u_char* dgst_raw, u_int dgst_raw_len)
static char *
key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len)
{
char *retval;
int i;
@ -244,8 +244,8 @@ key_fingerprint_hex(u_char* dgst_raw, u_int dgst_raw_len)
return retval;
}
static char*
key_fingerprint_bubblebabble(u_char* dgst_raw, u_int dgst_raw_len)
static char *
key_fingerprint_bubblebabble(u_char *dgst_raw, u_int dgst_raw_len)
{
char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' };
char consonants[] = { 'b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm',
@ -291,7 +291,7 @@ key_fingerprint_bubblebabble(u_char* dgst_raw, u_int dgst_raw_len)
return retval;
}
char*
char *
key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
{
char *retval = NULL;
@ -494,7 +494,8 @@ key_write(Key *key, FILE *f)
{
int n, success = 0;
u_int len, bits = 0;
u_char *blob, *uu;
u_char *blob;
char *uu;
if (key->type == KEY_RSA1 && key->rsa != NULL) {
/* size of modulus 'n' */
@ -729,7 +730,6 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
{
Buffer b;
int len;
u_char *buf;
if (key == NULL) {
error("key_to_blob: key == NULL");
@ -755,14 +755,14 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp)
return 0;
}
len = buffer_len(&b);
buf = xmalloc(len);
memcpy(buf, buffer_ptr(&b), len);
memset(buffer_ptr(&b), 0, len);
buffer_free(&b);
if (lenp != NULL)
*lenp = len;
if (blobp != NULL)
*blobp = buf;
if (blobp != NULL) {
*blobp = xmalloc(len);
memcpy(*blobp, buffer_ptr(&b), len);
}
memset(buffer_ptr(&b), 0, len);
buffer_free(&b);
return len;
}

22
crypto/openssh/log.c
View File

@ -34,7 +34,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: log.c,v 1.22 2002/02/22 12:20:34 markus Exp $");
RCSID("$OpenBSD: log.c,v 1.24 2002/07/19 15:43:33 markus Exp $");
#include "log.h"
#include "xmalloc.h"
@ -92,6 +92,7 @@ SyslogFacility
log_facility_number(char *name)
{
int i;
if (name != NULL)
for (i = 0; log_facilities[i].name; i++)
if (strcasecmp(log_facilities[i].name, name) == 0)
@ -103,6 +104,7 @@ LogLevel
log_level_number(char *name)
{
int i;
if (name != NULL)
for (i = 0; log_levels[i].name; i++)
if (strcasecmp(log_levels[i].name, name) == 0)
@ -116,6 +118,7 @@ void
error(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_ERROR, fmt, args);
va_end(args);
@ -127,6 +130,7 @@ void
log(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_INFO, fmt, args);
va_end(args);
@ -138,6 +142,7 @@ void
verbose(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_VERBOSE, fmt, args);
va_end(args);
@ -149,6 +154,7 @@ void
debug(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_DEBUG1, fmt, args);
va_end(args);
@ -158,6 +164,7 @@ void
debug2(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_DEBUG2, fmt, args);
va_end(args);
@ -167,6 +174,7 @@ void
debug3(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_DEBUG3, fmt, args);
va_end(args);
@ -215,6 +223,18 @@ fatal_remove_cleanup(void (*proc) (void *context), void *context)
(u_long) proc, (u_long) context);
}
/* Remove all cleanups, to be called after fork() */
void
fatal_remove_all_cleanups(void)
{
struct fatal_cleanup *cu, *next_cu;
for (cu = fatal_cleanups; cu; cu = next_cu) {
next_cu = cu->next;
xfree(cu);
}
}
/* Cleanup and exit */
void
fatal_cleanup(void)

3
crypto/openssh/log.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: log.h,v 1.7 2002/05/19 20:54:52 deraadt Exp $ */
/* $OpenBSD: log.h,v 1.8 2002/07/19 15:43:33 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -64,6 +64,7 @@ void debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
void fatal_cleanup(void);
void fatal_add_cleanup(void (*) (void *), void *);
void fatal_remove_cleanup(void (*) (void *), void *);
void fatal_remove_all_cleanups(void);
void do_log(LogLevel, const char *, va_list);

9
crypto/openssh/loginrec.c
View File

@ -163,7 +163,7 @@
#include "log.h"
#include "atomicio.h"
RCSID("$Id: loginrec.c,v 1.40 2002/04/23 13:09:19 djm Exp $");
RCSID("$Id: loginrec.c,v 1.44 2002/09/26 00:38:49 tim Exp $");
#ifdef HAVE_UTIL_H
# include <util.h>
@ -622,13 +622,13 @@ construct_utmp(struct logininfo *li,
switch (li->type) {
case LTYPE_LOGIN:
ut->ut_type = USER_PROCESS;
#ifdef _CRAY
#ifdef _UNICOS
cray_set_tmpdir(ut);
#endif
break;
case LTYPE_LOGOUT:
ut->ut_type = DEAD_PROCESS;
#ifdef _CRAY
#ifdef _UNICOS
cray_retain_utmp(ut, li->pid);
#endif
break;
@ -1249,7 +1249,7 @@ wtmpx_get_entry(struct logininfo *li)
}
if (fstat(fd, &st) != 0) {
log("wtmpx_get_entry: couldn't stat %s: %s",
WTMP_FILE, strerror(errno));
WTMPX_FILE, strerror(errno));
close(fd);
return 0;
}
@ -1271,6 +1271,7 @@ wtmpx_get_entry(struct logininfo *li)
/* Logouts are recorded as a blank username on a particular line.
* So, we just need to find the username in struct utmpx */
if ( wtmpx_islogin(li, &utx) ) {
found = 1;
# ifdef HAVE_TV_IN_UTMPX
li->tv_sec = utx.ut_tv.tv_sec;
# else

130
crypto/openssh/monitor.c
View File

@ -25,7 +25,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: monitor.c,v 1.18 2002/06/26 13:20:57 deraadt Exp $");
RCSID("$OpenBSD: monitor.c,v 1.29 2002/09/26 11:38:43 markus Exp $");
#include <openssl/dh.h>
@ -120,6 +120,13 @@ int mm_answer_sessid(int, Buffer *);
int mm_answer_pam_start(int, Buffer *);
#endif
#ifdef KRB4
int mm_answer_krb4(int, Buffer *);
#endif
#ifdef KRB5
int mm_answer_krb5(int, Buffer *);
#endif
static Authctxt *authctxt;
static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */
@ -127,8 +134,8 @@ static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */
static u_char *key_blob = NULL;
static u_int key_bloblen = 0;
static int key_blobtype = MM_NOKEY;
static u_char *hostbased_cuser = NULL;
static u_char *hostbased_chost = NULL;
static char *hostbased_cuser = NULL;
static char *hostbased_chost = NULL;
static char *auth_method = "unknown";
static int session_id2_len = 0;
static u_char *session_id2 = NULL;
@ -198,6 +205,12 @@ struct mon_table mon_dispatch_proto15[] = {
#endif
#ifdef USE_PAM
{MONITOR_REQ_PAM_START, MON_ONCE, mm_answer_pam_start},
#endif
#ifdef KRB4
{MONITOR_REQ_KRB4, MON_ONCE|MON_AUTH, mm_answer_krb4},
#endif
#ifdef KRB5
{MONITOR_REQ_KRB5, MON_ONCE|MON_AUTH, mm_answer_krb5},
#endif
{0, 0, NULL}
};
@ -455,7 +468,7 @@ mm_answer_sign(int socket, Buffer *m)
p = buffer_get_string(m, &datlen);
if (datlen != 20)
fatal("%s: data length incorrect: %d", __func__, datlen);
fatal("%s: data length incorrect: %u", __func__, datlen);
/* save session id, it will be passed on the first call */
if (session_id2_len == 0) {
@ -469,7 +482,7 @@ mm_answer_sign(int socket, Buffer *m)
if (key_sign(key, &signature, &siglen, p, datlen) < 0)
fatal("%s: key_sign failed", __func__);
debug3("%s: signature %p(%d)", __func__, signature, siglen);
debug3("%s: signature %p(%u)", __func__, signature, siglen);
buffer_clear(m);
buffer_put_string(m, signature, siglen);
@ -559,7 +572,7 @@ int mm_answer_auth2_read_banner(int socket, Buffer *m)
mm_request_send(socket, MONITOR_ANS_AUTH2_READ_BANNER, m);
if (banner != NULL)
free(banner);
xfree(banner);
return (0);
}
@ -587,7 +600,8 @@ mm_answer_authpassword(int socket, Buffer *m)
{
static int call_count;
char *passwd;
int authenticated, plen;
int authenticated;
u_int plen;
passwd = buffer_get_string(m, &plen);
/* Only authenticate if the context is valid */
@ -750,7 +764,8 @@ int
mm_answer_keyallowed(int socket, Buffer *m)
{
Key *key;
u_char *cuser, *chost, *blob;
char *cuser, *chost;
u_char *blob;
u_int bloblen;
enum mm_keytype type = 0;
int allowed = 0;
@ -826,7 +841,7 @@ static int
monitor_valid_userblob(u_char *data, u_int datalen)
{
Buffer b;
u_char *p;
char *p;
u_int len;
int fail = 0;
@ -879,11 +894,11 @@ monitor_valid_userblob(u_char *data, u_int datalen)
}
static int
monitor_valid_hostbasedblob(u_char *data, u_int datalen, u_char *cuser,
u_char *chost)
monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
char *chost)
{
Buffer b;
u_char *p;
char *p;
u_int len;
int fail = 0;
@ -1001,8 +1016,8 @@ mm_record_login(Session *s, struct passwd *pw)
* the address be 0.0.0.0.
*/
memset(&from, 0, sizeof(from));
fromlen = sizeof(from);
if (packet_connection_is_on_socket()) {
fromlen = sizeof(from);
if (getpeername(packet_get_connection_in(),
(struct sockaddr *) & from, &fromlen) < 0) {
debug("getpeername: %.100s", strerror(errno));
@ -1012,7 +1027,7 @@ mm_record_login(Session *s, struct passwd *pw)
/* Record that there was a login on that tty from the remote host. */
record_login(s->pid, s->tty, pw->pw_name, pw->pw_uid,
get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping),
(struct sockaddr *)&from);
(struct sockaddr *)&from, fromlen);
}
static void
@ -1276,6 +1291,89 @@ mm_answer_rsa_response(int socket, Buffer *m)
return (success);
}
#ifdef KRB4
int
mm_answer_krb4(int socket, Buffer *m)
{
KTEXT_ST auth, reply;
char *client, *p;
int success;
u_int alen;
reply.length = auth.length = 0;
p = buffer_get_string(m, &alen);
if (alen >= MAX_KTXT_LEN)
fatal("%s: auth too large", __func__);
memcpy(auth.dat, p, alen);
auth.length = alen;
memset(p, 0, alen);
xfree(p);
success = options.kerberos_authentication &&
authctxt->valid &&
auth_krb4(authctxt, &auth, &client, &reply);
memset(auth.dat, 0, alen);
buffer_clear(m);
buffer_put_int(m, success);
if (success) {
buffer_put_cstring(m, client);
buffer_put_string(m, reply.dat, reply.length);
if (client)
xfree(client);
if (reply.length)
memset(reply.dat, 0, reply.length);
}
debug3("%s: sending result %d", __func__, success);
mm_request_send(socket, MONITOR_ANS_KRB4, m);
auth_method = "kerberos";
/* Causes monitor loop to terminate if authenticated */
return (success);
}
#endif
#ifdef KRB5
int
mm_answer_krb5(int socket, Buffer *m)
{
krb5_data tkt, reply;
char *client_user;
u_int len;
int success;
/* use temporary var to avoid size issues on 64bit arch */
tkt.data = buffer_get_string(m, &len);
tkt.length = len;
success = options.kerberos_authentication &&
authctxt->valid &&
auth_krb5(authctxt, &tkt, &client_user, &reply);
if (tkt.length)
xfree(tkt.data);
buffer_clear(m);
buffer_put_int(m, success);
if (success) {
buffer_put_cstring(m, client_user);
buffer_put_string(m, reply.data, reply.length);
if (client_user)
xfree(client_user);
if (reply.length)
xfree(reply.data);
}
mm_request_send(socket, MONITOR_ANS_KRB5, m);
return success;
}
#endif
int
mm_answer_term(int socket, Buffer *req)
{
@ -1453,10 +1551,10 @@ mm_get_keystate(struct monitor *pmonitor)
void *
mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
{
int len = size * ncount;
size_t len = size * ncount;
void *address;
if (len <= 0)
if (len == 0 || ncount > SIZE_T_MAX / size)
fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size);
address = mm_malloc(mm, len);

4
crypto/openssh/monitor.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.h,v 1.6 2002/06/11 05:46:20 mpech Exp $ */
/* $OpenBSD: monitor.h,v 1.8 2002/09/26 11:38:43 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@ -49,6 +49,8 @@ enum monitor_reqtype {
MONITOR_REQ_RSAKEYALLOWED, MONITOR_ANS_RSAKEYALLOWED,
MONITOR_REQ_RSACHALLENGE, MONITOR_ANS_RSACHALLENGE,
MONITOR_REQ_RSARESPONSE, MONITOR_ANS_RSARESPONSE,
MONITOR_REQ_KRB4, MONITOR_ANS_KRB4,
MONITOR_REQ_KRB5, MONITOR_ANS_KRB5,
MONITOR_REQ_PAM_START,
MONITOR_REQ_TERM
};

15
crypto/openssh/monitor_fdpass.c
View File

@ -24,7 +24,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: monitor_fdpass.c,v 1.3 2002/06/04 23:05:49 markus Exp $");
RCSID("$OpenBSD: monitor_fdpass.c,v 1.4 2002/06/26 14:50:04 deraadt Exp $");
#include <sys/uio.h>
@ -38,7 +38,7 @@ mm_send_fd(int socket, int fd)
struct msghdr msg;
struct iovec vec;
char ch = '\0';
int n;
ssize_t n;
#ifndef HAVE_ACCRIGHTS_IN_MSGHDR
char tmp[CMSG_SPACE(sizeof(int))];
struct cmsghdr *cmsg;
@ -67,8 +67,8 @@ mm_send_fd(int socket, int fd)
fatal("%s: sendmsg(%d): %s", __func__, fd,
strerror(errno));
if (n != 1)
fatal("%s: sendmsg: expected sent 1 got %d",
__func__, n);
fatal("%s: sendmsg: expected sent 1 got %ld",
__func__, (long)n);
#else
fatal("%s: UsePrivilegeSeparation=yes not supported",
__func__);
@ -81,8 +81,9 @@ mm_receive_fd(int socket)
#if defined(HAVE_RECVMSG) && (defined(HAVE_ACCRIGHTS_IN_MSGHDR) || defined(HAVE_CONTROL_IN_MSGHDR))
struct msghdr msg;
struct iovec vec;
ssize_t n;
char ch;
int fd, n;
int fd;
#ifndef HAVE_ACCRIGHTS_IN_MSGHDR
char tmp[CMSG_SPACE(sizeof(int))];
struct cmsghdr *cmsg;
@ -104,8 +105,8 @@ mm_receive_fd(int socket)
if ((n = recvmsg(socket, &msg, 0)) == -1)
fatal("%s: recvmsg: %s", __func__, strerror(errno));
if (n != 1)
fatal("%s: recvmsg: expected received 1 got %d",
__func__, n);
fatal("%s: recvmsg: expected received 1 got %ld",
__func__, (long)n);
#ifdef HAVE_ACCRIGHTS_IN_MSGHDR
if (msg.msg_accrightslen != sizeof(fd))

26
crypto/openssh/monitor_mm.c
View File

@ -24,12 +24,13 @@
*/
#include "includes.h"
RCSID("$OpenBSD: monitor_mm.c,v 1.6 2002/06/04 23:05:49 markus Exp $");
RCSID("$OpenBSD: monitor_mm.c,v 1.8 2002/08/02 14:43:15 millert Exp $");
#ifdef HAVE_SYS_MMAN_H
#include <sys/mman.h>
#endif
#include "openbsd-compat/xmmap.h"
#include "ssh.h"
#include "xmalloc.h"
#include "log.h"
@ -38,7 +39,14 @@ RCSID("$OpenBSD: monitor_mm.c,v 1.6 2002/06/04 23:05:49 markus Exp $");
static int
mm_compare(struct mm_share *a, struct mm_share *b)
{
return ((char *)a->address - (char *)b->address);
long diff = (char *)a->address - (char *)b->address;
if (diff == 0)
return (0);
else if (diff < 0)
return (-1);
else
return (1);
}
RB_GENERATE(mmtree, mm_share, next, mm_compare)
@ -84,15 +92,9 @@ mm_create(struct mm_master *mmalloc, size_t size)
*/
mm->mmalloc = mmalloc;
#ifdef HAVE_MMAP_ANON_SHARED
address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
-1, 0);
address = xmmap(size);
if (address == MAP_FAILED)
fatal("mmap(%lu): %s", (u_long)size, strerror(errno));
#else
fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
__func__);
#endif
mm->address = address;
mm->size = size;
@ -130,7 +132,7 @@ mm_destroy(struct mm_master *mm)
mm_freelist(mm->mmalloc, &mm->rb_free);
mm_freelist(mm->mmalloc, &mm->rb_allocated);
#ifdef HAVE_MMAP_ANON_SHARED
#ifdef HAVE_MMAP
if (munmap(mm->address, mm->size) == -1)
fatal("munmap(%p, %lu): %s", mm->address, (u_long)mm->size,
strerror(errno));
@ -165,8 +167,10 @@ mm_malloc(struct mm_master *mm, size_t size)
if (size == 0)
fatal("mm_malloc: try to allocate 0 space");
if (size > SIZE_T_MAX - MM_MINSIZE + 1)
fatal("mm_malloc: size too big");
size = ((size + MM_MINSIZE - 1) / MM_MINSIZE) * MM_MINSIZE;
size = ((size + (MM_MINSIZE - 1)) / MM_MINSIZE) * MM_MINSIZE;
RB_FOREACH(mms, mmtree, &mm->rb_free) {
if (mms->size >= size)

2
crypto/openssh/monitor_mm.h
View File

@ -27,7 +27,7 @@
#ifndef _MM_H_
#define _MM_H_
#include "openbsd-compat/tree.h"
#include "openbsd-compat/sys-tree.h"
struct mm_share {
RB_ENTRY(mm_share) next;

102
crypto/openssh/monitor_wrap.c
View File

@ -25,7 +25,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: monitor_wrap.c,v 1.11 2002/06/19 18:01:00 markus Exp $");
RCSID("$OpenBSD: monitor_wrap.c,v 1.19 2002/09/26 11:38:43 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dh.h>
@ -62,8 +62,8 @@ extern Buffer input, output;
void
mm_request_send(int socket, enum monitor_reqtype type, Buffer *m)
{
u_char buf[5];
u_int mlen = buffer_len(m);
u_char buf[5];
debug3("%s entering: type %d", __func__, type);
@ -79,8 +79,8 @@ void
mm_request_receive(int socket, Buffer *m)
{
u_char buf[4];
ssize_t res;
u_int msg_len;
ssize_t res;
debug3("%s entering", __func__);
@ -207,7 +207,7 @@ mm_getpwnamallow(const char *login)
return (pw);
}
char* mm_auth2_read_banner(void)
char *mm_auth2_read_banner(void)
{
Buffer m;
char *banner;
@ -411,7 +411,7 @@ mm_newkeys_from_blob(u_char *blob, int blen)
enc->key = buffer_get_string(&b, &enc->key_len);
enc->iv = buffer_get_string(&b, &len);
if (len != enc->block_size)
fatal("%s: bad ivlen: expected %d != %d", __func__,
fatal("%s: bad ivlen: expected %u != %u", __func__,
enc->block_size, len);
if (enc->name == NULL || cipher_by_name(enc->name) != enc->cipher)
@ -425,7 +425,7 @@ mm_newkeys_from_blob(u_char *blob, int blen)
mac->enabled = buffer_get_int(&b);
mac->key = buffer_get_string(&b, &len);
if (len > mac->key_len)
fatal("%s: bad mac key length: %d > %d", __func__, len,
fatal("%s: bad mac key length: %u > %d", __func__, len,
mac->key_len);
mac->key_len = len;
@ -436,7 +436,7 @@ mm_newkeys_from_blob(u_char *blob, int blen)
len = buffer_len(&b);
if (len != 0)
error("newkeys_from_blob: remaining bytes in blob %d", len);
error("newkeys_from_blob: remaining bytes in blob %u", len);
buffer_free(&b);
return (newkey);
}
@ -446,7 +446,6 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
{
Buffer b;
int len;
u_char *buf;
Enc *enc;
Mac *mac;
Comp *comp;
@ -484,14 +483,14 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
buffer_put_cstring(&b, comp->name);
len = buffer_len(&b);
buf = xmalloc(len);
memcpy(buf, buffer_ptr(&b), len);
memset(buffer_ptr(&b), 0, len);
buffer_free(&b);
if (lenp != NULL)
*lenp = len;
if (blobp != NULL)
*blobp = buf;
if (blobp != NULL) {
*blobp = xmalloc(len);
memcpy(*blobp, buffer_ptr(&b), len);
}
memset(buffer_ptr(&b), 0, len);
buffer_free(&b);
return len;
}
@ -600,7 +599,7 @@ int
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
{
Buffer m;
u_char *p;
char *p;
int success = 0;
buffer_init(&m);
@ -705,7 +704,7 @@ mm_chall_setup(char **name, char **infotxt, u_int *numprompts,
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char*));
*prompts = xmalloc(*numprompts * sizeof(char *));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;
}
@ -937,3 +936,74 @@ mm_auth_rsa_verify_response(Key *key, BIGNUM *p, u_char response[16])
return (success);
}
#ifdef KRB4
int
mm_auth_krb4(Authctxt *authctxt, void *_auth, char **client, void *_reply)
{
KTEXT auth, reply;
Buffer m;
u_int rlen;
int success = 0;
char *p;
debug3("%s entering", __func__);
auth = _auth;
reply = _reply;
buffer_init(&m);
buffer_put_string(&m, auth->dat, auth->length);
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB4, &m);
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB4, &m);
success = buffer_get_int(&m);
if (success) {
*client = buffer_get_string(&m, NULL);
p = buffer_get_string(&m, &rlen);
if (rlen >= MAX_KTXT_LEN)
fatal("%s: reply from monitor too large", __func__);
reply->length = rlen;
memcpy(reply->dat, p, rlen);
memset(p, 0, rlen);
xfree(p);
}
buffer_free(&m);
return (success);
}
#endif
#ifdef KRB5
int
mm_auth_krb5(void *ctx, void *argp, char **userp, void *resp)
{
krb5_data *tkt, *reply;
Buffer m;
int success;
debug3("%s entering", __func__);
tkt = (krb5_data *) argp;
reply = (krb5_data *) resp;
buffer_init(&m);
buffer_put_string(&m, tkt->data, tkt->length);
mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_KRB5, &m);
mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_KRB5, &m);
success = buffer_get_int(&m);
if (success) {
u_int len;
*userp = buffer_get_string(&m, NULL);
reply->data = buffer_get_string(&m, &len);
reply->length = len;
} else {
memset(reply, 0, sizeof(*reply));
*userp = NULL;
}
buffer_free(&m);
return (success);
}
#endif

14
crypto/openssh/monitor_wrap.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.h,v 1.5 2002/05/12 23:53:45 djm Exp $ */
/* $OpenBSD: monitor_wrap.h,v 1.8 2002/09/26 11:38:43 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@ -44,7 +44,7 @@ DH *mm_choose_dh(int, int, int);
int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int);
void mm_inform_authserv(char *, char *);
struct passwd *mm_getpwnamallow(const char *);
char* mm_auth2_read_banner(void);
char *mm_auth2_read_banner(void);
int mm_auth_password(struct Authctxt *, char *);
int mm_key_allowed(enum mm_keytype, char *, char *, Key *);
int mm_user_key_allowed(struct passwd *, Key *);
@ -83,6 +83,16 @@ int mm_bsdauth_respond(void *, u_int, char **);
int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **);
int mm_skey_respond(void *, u_int, char **);
/* auth_krb */
#ifdef KRB4
int mm_auth_krb4(struct Authctxt *, void *, char **, void *);
#endif
#ifdef KRB5
/* auth and reply are really krb5_data objects, but we don't want to
* include all of the krb5 headers here */
int mm_auth_krb5(void *authctxt, void *auth, char **client, void *reply);
#endif
/* zlib allocation hooks */
void *mm_zalloc(struct mm_master *, u_int, u_int);

20
crypto/openssh/msg.c
View File

@ -22,7 +22,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: msg.c,v 1.3 2002/06/24 15:49:22 itojun Exp $");
RCSID("$OpenBSD: msg.c,v 1.4 2002/07/01 16:15:25 deraadt Exp $");
#include "buffer.h"
#include "getput.h"
@ -31,43 +31,43 @@ RCSID("$OpenBSD: msg.c,v 1.3 2002/06/24 15:49:22 itojun Exp $");
#include "msg.h"
void
msg_send(int fd, u_char type, Buffer *m)
ssh_msg_send(int fd, u_char type, Buffer *m)
{
u_char buf[5];
u_int mlen = buffer_len(m);
debug3("msg_send: type %u", (unsigned int)type & 0xff);
debug3("ssh_msg_send: type %u", (unsigned int)type & 0xff);
PUT_32BIT(buf, mlen + 1);
buf[4] = type; /* 1st byte of payload is mesg-type */
if (atomicio(write, fd, buf, sizeof(buf)) != sizeof(buf))
fatal("msg_send: write");
fatal("ssh_msg_send: write");
if (atomicio(write, fd, buffer_ptr(m), mlen) != mlen)
fatal("msg_send: write");
fatal("ssh_msg_send: write");
}
int
msg_recv(int fd, Buffer *m)
ssh_msg_recv(int fd, Buffer *m)
{
u_char buf[4];
ssize_t res;
u_int msg_len;
debug3("msg_recv entering");
debug3("ssh_msg_recv entering");
res = atomicio(read, fd, buf, sizeof(buf));
if (res != sizeof(buf)) {
if (res == 0)
return -1;
fatal("msg_recv: read: header %ld", (long)res);
fatal("ssh_msg_recv: read: header %ld", (long)res);
}
msg_len = GET_32BIT(buf);
if (msg_len > 256 * 1024)
fatal("msg_recv: read: bad msg_len %d", msg_len);
fatal("ssh_msg_recv: read: bad msg_len %u", msg_len);
buffer_clear(m);
buffer_append_space(m, msg_len);
res = atomicio(read, fd, buffer_ptr(m), msg_len);
if (res != msg_len)
fatal("msg_recv: read: %ld != msg_len", (long)res);
fatal("ssh_msg_recv: read: %ld != msg_len", (long)res);
return 0;
}

4
crypto/openssh/msg.h
View File

@ -25,7 +25,7 @@
#ifndef SSH_MSG_H
#define SSH_MSG_H
void msg_send(int, u_char, Buffer *);
int msg_recv(int, Buffer *);
void ssh_msg_send(int, u_char, Buffer *);
int ssh_msg_recv(int, Buffer *);
#endif

4
crypto/openssh/openbsd-compat/Makefile.in
View File

@ -1,4 +1,4 @@
# $Id: Makefile.in,v 1.21 2002/02/19 20:27:57 mouring Exp $
# $Id: Makefile.in,v 1.23 2002/09/12 00:33:02 djm Exp $
sysconfdir=@sysconfdir@
piddir=@piddir@
@ -18,7 +18,7 @@ LDFLAGS=-L. @LDFLAGS@
OPENBSD=base64.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o
COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o
COMPAT=bsd-arc4random.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-snprintf.o bsd-waitpid.o fake-getaddrinfo.o fake-getnameinfo.o xmmap.o
PORTS=port-irix.o port-aix.o

5
crypto/openssh/openbsd-compat/base64.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: base64.c,v 1.3 1997/11/08 20:46:55 deraadt Exp $ */
/* $OpenBSD: base64.c,v 1.4 2002/01/02 23:00:10 deraadt Exp $ */
/*
* Copyright (c) 1996 by Internet Software Consortium.
@ -42,7 +42,7 @@
* IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
*/
#include "config.h"
#include "includes.h"
#if !defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP)
@ -60,6 +60,7 @@
#include "base64.h"
/* XXX abort illegal in library */
#define Assert(Cond) if (!(Cond)) abort()
static const char Base64[] =

2
crypto/openssh/openbsd-compat/bindresvport.c
View File

@ -29,7 +29,7 @@
* Mountain View, California 94043
*/
#include "config.h"
#include "includes.h"
#ifndef HAVE_BINDRESVPORT_SA

611
crypto/openssh/openbsd-compat/bsd-cray.c
View File

@ -1,5 +1,5 @@
/*
* $Id: bsd-cray.c,v 1.6 2002/05/15 16:39:51 mouring Exp $
* $Id: bsd-cray.c,v 1.8 2002/09/26 00:38:51 tim Exp $
*
* bsd-cray.c
*
@ -34,8 +34,8 @@
* on UNICOS systems.
*
*/
#ifdef _UNICOS
#ifdef _CRAY
#include <udb.h>
#include <tmpdir.h>
#include <unistd.h>
@ -45,19 +45,33 @@
#include <signal.h>
#include <sys/priv.h>
#include <sys/secparm.h>
#include <sys/tfm.h>
#include <sys/usrv.h>
#include <sys/sysv.h>
#include <sys/sectab.h>
#include <sys/secstat.h>
#include <sys/stat.h>
#include <sys/session.h>
#include <stdlib.h>
#include <pwd.h>
#include <fcntl.h>
#include <errno.h>
#include <ia.h>
#include <urm.h>
#include "ssh.h"
#include "log.h"
#include "servconf.h"
#include "bsd-cray.h"
#define MAXACID 80
extern ServerOptions options;
char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */
struct sysv sysv; /* system security structure */
struct usrv usrv; /* user security structure */
/*
* Functions.
*/
@ -65,68 +79,538 @@ void cray_retain_utmp(struct utmp *, int);
void cray_delete_tmpdir(char *, int, uid_t);
void cray_init_job(struct passwd *);
void cray_set_tmpdir(struct utmp *);
void cray_login_failure(char *, int);
int cray_setup(uid_t, char *, const char *);
int cray_access_denied(char *);
void
cray_login_failure(char *username, int errcode)
{
struct udb *ueptr; /* UDB pointer for username */
ia_failure_t fsent; /* ia_failure structure */
ia_failure_ret_t fret; /* ia_failure return stuff */
struct jtab jtab; /* job table structure */
int jid = 0; /* job id */
if ((jid = getjtab(&jtab)) < 0) {
debug("cray_login_failure(): getjtab error");
}
getsysudb();
if ((ueptr = getudbnam(username)) == UDB_NULL) {
debug("cray_login_failure(): getudbname() returned NULL");
}
endudb();
fsent.revision = 0;
fsent.uname = username;
fsent.host = (char *)get_canonical_hostname(options.verify_reverse_mapping);
fsent.ttyn = "sshd";
fsent.caller = IA_SSHD;
fsent.flags = IA_INTERACTIVE;
fsent.ueptr = ueptr;
fsent.jid = jid;
fsent.errcode = errcode;
fsent.pwdp = NULL;
fsent.exitcode = 0; /* dont exit in ia_failure() */
fret.revision = 0;
fret.normal = 0;
/*
* Call ia_failure because of an login failure.
*/
ia_failure(&fsent,&fret);
}
/*
* Orignal written by:
* Wayne Schroeder
* San Diego Supercomputer Center
* schroeder@sdsc.edu
*/
void
cray_setup(uid_t uid, char *username)
* Cray access denied
*/
int
cray_access_denied(char *username)
{
struct udb *p;
struct udb *ueptr; /* UDB pointer for username */
int errcode; /* IA errorcode */
errcode = 0;
getsysudb();
if ((ueptr = getudbnam(username)) == UDB_NULL) {
debug("cray_login_failure(): getudbname() returned NULL");
}
endudb();
if (ueptr && ueptr->ue_disabled)
errcode = IA_DISABLED;
if (errcode)
cray_login_failure(username, errcode);
return (errcode);
}
int
cray_setup (uid_t uid, char *username, const char *command)
{
extern struct udb *getudb();
extern char *setlimits();
int i, j;
int accts[MAXVIDS];
int naccts;
int err;
char *sr;
int pid;
struct jtab jbuf;
int jid;
if ((jid = getjtab(&jbuf)) < 0)
fatal("getjtab: no jid");
int err; /* error return */
time_t system_time; /* current system clock */
time_t expiration_time; /* password expiration time */
int maxattempts; /* maximum no. of failed login attempts */
int SecureSys; /* unicos security flag */
int minslevel = 0; /* system minimum security level */
int i, j;
int valid_acct = -1; /* flag for reading valid acct */
char acct_name[MAXACID] = { "" }; /* used to read acct name */
struct jtab jtab; /* Job table struct */
struct udb ue; /* udb entry for logging-in user */
struct udb *up; /* pointer to UDB entry */
struct secstat secinfo; /* file security attributes */
struct servprov init_info; /* used for sesscntl() call */
int jid; /* job ID */
int pid; /* process ID */
char *sr; /* status return from setlimits() */
char *ttyn = NULL; /* ttyname or command name*/
char hostname[MAXHOSTNAMELEN];
passwd_t pwdacm,
pwddialup,
pwdudb,
pwdwal,
pwddce; /* passwd stuff for ia_user */
ia_user_ret_t uret; /* stuff returned from ia_user */
ia_user_t usent; /* ia_user main structure */
int ia_rcode; /* ia_user return code */
ia_failure_t fsent; /* ia_failure structure */
ia_failure_ret_t fret; /* ia_failure return stuff */
ia_success_t ssent; /* ia_success structure */
ia_success_ret_t sret; /* ia_success return stuff */
int ia_mlsrcode; /* ia_mlsuser return code */
int secstatrc; /* [f]secstat return code */
err = setudb(); /* open and rewind the Cray User DataBase */
if (err != 0)
fatal("UDB open failure");
naccts = 0;
p = getudbnam(username);
if (p == NULL)
fatal("No UDB entry for %.100s", username);
if (uid != p->ue_uid)
fatal("UDB entry %.100s uid(%d) does not match uid %d",
username, (int) p->ue_uid, (int) uid);
for (j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) {
accts[naccts] = p->ue_acids[j];
naccts++;
if (SecureSys = (int)sysconf(_SC_CRAY_SECURE_SYS)) {
getsysv(&sysv, sizeof(struct sysv));
minslevel = sysv.sy_minlvl;
if (getusrv(&usrv) < 0) {
debug("getusrv() failed, errno = %d",errno);
exit(1);
}
}
endudb(); /* close the udb */
hostname[0] = '\0';
strncpy(hostname,
(char *)get_canonical_hostname(options.verify_reverse_mapping),
MAXHOSTNAMELEN);
/*
* Fetch user's UDB entry.
*/
getsysudb();
if ((up = getudbnam(username)) == UDB_NULL) {
debug("cannot fetch user's UDB entry");
exit(1);
}
if (naccts != 0) {
/* Perhaps someday we'll prompt users who have multiple accounts
to let them pick one (like CRI's login does), but for now just set
the account to the first entry. */
if (acctid(0, accts[0]) < 0)
fatal("System call acctid failed, accts[0]=%d", accts[0]);
/*
* Prevent any possible fudging so perform a data
* safety check and compare the supplied uid against
* the udb's uid.
*/
if (up->ue_uid != uid) {
debug("IA uid missmatch");
exit(1);
}
endudb();
if ((jid = getjtab (&jtab)) < 0) {
debug("getjtab");
return -1;
}
/* Now set limits, including CPU time for the (interactive) job and process,
and set up permissions (for chown etc), etc. This is via an internal CRI
routine, setlimits, used by CRI's login. */
pid = getpid();
ttyn = ttyname(0);
if (SecureSys) {
if (ttyn) {
secstatrc = secstat(ttyn, &secinfo);
} else {
secstatrc = fsecstat(1, &secinfo);
}
if (secstatrc == 0) {
debug("[f]secstat() successful");
} else {
debug("[f]secstat() error, rc = %d", secstatrc);
exit(1);
}
}
if ((ttyn == NULL) && ((char *)command != NULL))
ttyn = (char *)command;
/*
* Initialize all structures to call ia_user
*/
usent.revision = 0;
usent.uname = username;
usent.host = hostname;
usent.ttyn = ttyn;
usent.caller = IA_SSHD;
usent.pswdlist = &pwdacm;
usent.ueptr = &ue;
usent.flags = IA_INTERACTIVE | IA_FFLAG;
pwdacm.atype = IA_SECURID;
pwdacm.pwdp = NULL;
pwdacm.next = &pwdudb;
pwdudb.atype = IA_UDB;
pwdudb.pwdp = NULL;
pwdudb.next = &pwddce;
pwddce.atype = IA_DCE;
pwddce.pwdp = NULL;
pwddce.next = &pwddialup;
pwddialup.atype = IA_DIALUP;
pwddialup.pwdp = NULL;
/* pwddialup.next = &pwdwal; */
pwddialup.next = NULL;
pwdwal.atype = IA_WAL;
pwdwal.pwdp = NULL;
pwdwal.next = NULL;
uret.revision = 0;
uret.pswd = NULL;
uret.normal = 0;
ia_rcode = ia_user(&usent, &uret);
switch (ia_rcode) {
/*
* These are acceptable return codes from ia_user()
*/
case IA_UDBWEEK: /* Password Expires in 1 week */
expiration_time = ue.ue_pwage.time + ue.ue_pwage.maxage;
printf ("WARNING - your current password will expire %s\n",
ctime((const time_t *)&expiration_time));
break;
case IA_UDBEXPIRED:
if (ttyname(0) != NULL) {
/* Force a password change */
printf("Your password has expired; Choose a new one.\n");
execl("/bin/passwd", "passwd", username, 0);
exit(9);
}
break;
case IA_NORMAL: /* Normal Return Code */
break;
case IA_BACKDOOR:
strcpy(ue.ue_name, "root");
strcpy(ue.ue_passwd, "");
strcpy(ue.ue_dir, "/");
strcpy(ue.ue_shell, "/bin/sh");
strcpy(ue.ue_age, "");
strcpy(ue.ue_comment, "");
strcpy(ue.ue_loghost, "");
strcpy(ue.ue_logline, "");
ue.ue_uid=-1;
ue.ue_nice[UDBRC_INTER]=0;
for (i=0;i<MAXVIDS;i++)
ue.ue_gids[i]=0;
ue.ue_logfails=0;
ue.ue_minlvl=minslevel;
ue.ue_maxlvl=minslevel;
ue.ue_deflvl=minslevel;
ue.ue_defcomps=0;
ue.ue_comparts=0;
ue.ue_permits=0;
ue.ue_trap=0;
ue.ue_disabled=0;
ue.ue_logtime=0;
break;
case IA_CONSOLE: /* Superuser not from Console */
case IA_TRUSTED: /* Trusted user */
if (options.permit_root_login > PERMIT_NO)
break; /* Accept root login */
default:
/*
* These are failed return codes from ia_user()
*/
switch (ia_rcode)
{
case IA_BADAUTH:
printf ("Bad authorization, access denied.\n");
break;
case IA_DIALUPERR:
break;
case IA_DISABLED:
printf ("Your login has been disabled. Contact the system ");
printf ("administrator for assistance.\n");
break;
case IA_GETSYSV:
printf ("getsysv() failed - errno = %d\n", errno);
break;
case IA_LOCALHOST:
break;
case IA_MAXLOGS:
printf ("Maximum number of failed login attempts exceeded.\n");
printf ("Access denied.\n");
break;
case IA_NOPASS:
break;
case IA_PUBLIC:
break;
case IA_SECURIDERR:
break;
case IA_CONSOLE:
break;
case IA_TRUSTED:
break;
case IA_UDBERR:
break;
case IA_UDBPWDNULL:
/*
* NULL password not allowed on MLS systems
*/
if (SecureSys) {
printf("NULL Password not allowed on MLS systems.\n");
}
break;
case IA_UNKNOWN:
break;
case IA_UNKNOWNYP:
break;
case IA_WALERR:
break;
default:
/* nothing special */
;
} /* 2. switch (ia_rcode) */
/*
* Authentication failed.
*/
printf("sshd: Login incorrect, (0%o)\n",
ia_rcode-IA_ERRORCODE);
/*
* Initialize structure for ia_failure
* which will exit.
*/
fsent.revision = 0;
fsent.uname = username;
fsent.host = hostname;
fsent.ttyn = ttyn;
fsent.caller = IA_SSHD;
fsent.flags = IA_INTERACTIVE;
fsent.ueptr = &ue;
fsent.jid = jid;
fsent.errcode = ia_rcode;
fsent.pwdp = uret.pswd;
fsent.exitcode = 1;
fret.revision = 0;
fret.normal = 0;
/*
* Call ia_failure because of an IA failure.
* There is no return because ia_failure exits.
*/
ia_failure(&fsent,&fret);
exit(1);
} /* 1. switch (ia_rcode) */
ia_mlsrcode = IA_NORMAL;
if (SecureSys) {
debug("calling ia_mlsuser()");
ia_mlsrcode = ia_mlsuser (&ue, &secinfo, &usrv, NULL, 0);
}
if (ia_mlsrcode != IA_NORMAL) {
printf("sshd: Login incorrect, (0%o)\n",
ia_mlsrcode-IA_ERRORCODE);
/*
* Initialize structure for ia_failure
* which will exit.
*/
fsent.revision = 0;
fsent.uname = username;
fsent.host = hostname;
fsent.ttyn = ttyn;
fsent.caller = IA_SSHD;
fsent.flags = IA_INTERACTIVE;
fsent.ueptr = &ue;
fsent.jid = jid;
fsent.errcode = ia_mlsrcode;
fsent.pwdp = uret.pswd;
fsent.exitcode = 1;
fret.revision = 0;
fret.normal = 0;
/*
* Call ia_failure because of an IA failure.
* There is no return because ia_failure exits.
*/
ia_failure(&fsent,&fret);
exit(1);
}
/* Provide login status information */
if (options.print_lastlog && ue.ue_logtime != 0) {
printf("Last successful login was : %.*s ",
19, (char *)ctime(&ue.ue_logtime));
if (*ue.ue_loghost != '\0')
printf("from %.*s\n", sizeof(ue.ue_loghost), ue.ue_loghost);
else printf("on %.*s\n", sizeof(ue.ue_logline), ue.ue_logline);
if ( SecureSys && (ue.ue_logfails != 0))
printf(" followed by %d failed attempts\n", ue.ue_logfails);
}
/*
* Call ia_success to process successful I/A.
*/
ssent.revision = 0;
ssent.uname = username;
ssent.host = hostname;
ssent.ttyn = ttyn;
ssent.caller = IA_SSHD;
ssent.flags = IA_INTERACTIVE;
ssent.ueptr = &ue;
ssent.jid = jid;
ssent.errcode = ia_rcode;
ssent.us = NULL;
ssent.time = 1; /* Set ue_logtime */
sret.revision = 0;
sret.normal = 0;
ia_success(&ssent,&sret);
/*
* Query for account, iff > 1 valid acid & askacid permbit
*/
if (((ue.ue_permbits & PERMBITS_ACCTID) ||
(ue.ue_acids[0] >= 0) && (ue.ue_acids[1] >= 0)) &&
ue.ue_permbits & PERMBITS_ASKACID) {
if (ttyname(0) != NULL) {
debug("cray_setup: ttyname true case, %.100s", ttyname);
while (valid_acct == -1) {
printf("Account (? for available accounts)"
" [%s]: ", acid2nam(ue.ue_acids[0]));
gets(acct_name);
switch (acct_name[0]) {
case EOF:
exit(0);
break;
case '\0':
valid_acct = ue.ue_acids[0];
strcpy(acct_name, acid2nam(valid_acct));
break;
case '?':
/* Print the list 3 wide */
for (i = 0, j = 0; i < MAXVIDS; i++) {
if (ue.ue_acids[i] == -1) {
printf("\n");
break;
}
if (++j == 4) {
j = 1;
printf("\n");
}
printf(" %s",
acid2nam(ue.ue_acids[i]));
}
if (ue.ue_permbits & PERMBITS_ACCTID)
printf("\"acctid\" permbit also allows"
" you to select any valid "
"account name.\n");
printf("\n");
break;
default:
if ((valid_acct = nam2acid(acct_name)) == -1) printf("Account id not found for"
" account name \"%s\"\n\n",
acct_name);
break;
}
/*
* If an account was given, search the user's
* acids array to verify they can use this account.
*/
if ((valid_acct != -1) &&
!(ue.ue_permbits & PERMBITS_ACCTID)) {
for (i = 0; i < MAXVIDS; i++) {
if (ue.ue_acids[i] == -1)
break;
if (valid_acct == ue.ue_acids[i])
break;
}
if (i == MAXVIDS ||
ue.ue_acids[i] == -1) {
fprintf(stderr, "Cannot set"
" account name to "
"\"%s\", permission "
"denied\n\n", acct_name);
valid_acct = -1;
}
}
}
} else {
/*
* The client isn't connected to a terminal and can't
* respond to an acid prompt. Use default acid.
*/
debug("cray_setup: ttyname false case, %.100s", ttyname);
valid_acct = ue.ue_acids[0];
}
} else {
/*
* The user doesn't have the askacid permbit set or
* only has one valid account to use.
*/
valid_acct = ue.ue_acids[0];
}
if (acctid(0, valid_acct) < 0) {
printf ("Bad account id: %d\n", valid_acct);
exit(1);
}
/* set up shares and quotas */
/* Now set shares, quotas, limits, including CPU time for the (interactive)
* job and process, and set up permissions (for chown etc), etc.
*/
if (setshares(ue.ue_uid, valid_acct, printf, 0, 0)) {
printf("Unable to give %d shares to <%s>(%d/%d)\n", ue.ue_shares, ue.ue_name, ue.ue_uid, valid_acct);
exit(1);
}
sr = setlimits(username, C_PROC, pid, UDBRC_INTER);
if (sr != NULL)
fatal("%.200s", sr);
if (sr != NULL) {
debug("%.200s", sr);
exit(1);
}
sr = setlimits(username, C_JOB, jid, UDBRC_INTER);
if (sr != NULL)
fatal("%.200s", sr);
if (sr != NULL) {
debug("%.200s", sr);
exit(1);
}
/*
* Place the service provider information into
* the session table (Unicos) or job table (Unicos/mk).
* There exist double defines for the job/session table in
* unicos/mk (jtab.h) so no need for a compile time switch.
*/
bzero((char *)&init_info, sizeof(struct servprov));
init_info.s_sessinit.si_id = URM_SPT_LOGIN;
init_info.s_sessinit.si_pid = getpid();
init_info.s_sessinit.si_sid = jid;
init_info.s_routing.seqno = 0;
init_info.s_routing.iadrs = 0;
sesscntl(0, S_SETSERVPO, (int)&init_info);
/*
* Set user and controlling tty security attributes.
*/
if (SecureSys) {
if (setusrv(&usrv) == -1) {
debug("setusrv() failed, errno = %d",errno);
exit(1);
}
}
return(0);
}
/*
@ -143,7 +627,6 @@ drop_cray_privs()
int result;
extern int priv_set_proc();
extern priv_proc_t* priv_init_proc();
struct usrv usrv;
/*
* If ether of theses two flags are not set
@ -154,9 +637,23 @@ drop_cray_privs()
if (!sysconf(_SC_CRAY_POSIX_PRIV))
fatal("Not POSIX_PRIV.");
debug("Dropping privileges.");
debug("Setting MLS labels.");;
if (sysconf(_SC_CRAY_SECURE_MAC)) {
usrv.sv_minlvl = SYSLOW;
usrv.sv_actlvl = SYSHIGH;
usrv.sv_maxlvl = SYSHIGH;
} else {
usrv.sv_minlvl = sysv.sy_minlvl;
usrv.sv_actlvl = sysv.sy_minlvl;
usrv.sv_maxlvl = sysv.sy_maxlvl;
}
usrv.sv_actcmp = 0;
usrv.sv_valcmp = sysv.sy_valcmp;
usrv.sv_intcat = TFM_SYSTEM;
usrv.sv_valcat |= (TFM_SYSTEM | TFM_SYSFILE);
memset(&usrv, 0, sizeof(usrv));
if (setusrv(&usrv) < 0)
fatal("%s(%d): setusrv(): %s", __FILE__, __LINE__,
strerror(errno));
@ -189,7 +686,6 @@ cray_retain_utmp(struct utmp *ut, int pid)
while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) {
if (pid == utmp.ut_pid) {
ut->ut_jid = utmp.ut_jid;
/* XXX: MIN_SIZEOF here? can this go in loginrec? */
strncpy(ut->ut_tpath, utmp.ut_tpath, sizeof(utmp.ut_tpath));
strncpy(ut->ut_host, utmp.ut_host, sizeof(utmp.ut_host));
strncpy(ut->ut_name, utmp.ut_name, sizeof(utmp.ut_name));
@ -198,7 +694,8 @@ cray_retain_utmp(struct utmp *ut, int pid)
}
close(fd);
}
/* XXX: error message? */
else
fatal("Unable to open utmp file");
}
/*
@ -245,7 +742,7 @@ cray_job_termination_handler(int sig)
char *login = NULL;
struct jtab jtab;
debug("Received SIG JOB.");
debug("received signal %d",sig);
if ((jid = waitjob(&jtab)) == -1 ||
(login = uid2nam(jtab.j_uid)) == NULL)

17
crypto/openssh/openbsd-compat/bsd-cray.h
View File

@ -1,5 +1,5 @@
/*
* $Id: bsd-cray.h,v 1.3 2002/05/15 16:39:52 mouring Exp $
* $Id: bsd-cray.h,v 1.5 2002/09/26 00:38:51 tim Exp $
*
* bsd-cray.h
*
@ -37,11 +37,18 @@
#ifndef _BSD_CRAY_H
#define _BSD_CRAY_H
#ifdef _CRAY
void cray_init_job(struct passwd *); /* init cray job */
void cray_job_termination_handler(int); /* process end of job signal */
void cray_setup(uid_t, char *); /* set cray limits */
#ifdef _UNICOS
void cray_init_job(struct passwd *); /* init cray job */
void cray_job_termination_handler(int); /* process end of job signal */
void cray_login_failure(char *username, int errcode);
int cray_access_denied(char *username);
extern char cray_tmpdir[]; /* cray tmpdir */
#ifndef IA_SSHD
#define IA_SSHD IA_LOGIN
#endif
#ifndef MAXHOSTNAMELEN
#define MAXHOSTNAMELEN 64
#endif
#endif
#endif /* _BSD_CRAY_H */

56
crypto/openssh/openbsd-compat/bsd-getpeereid.c Normal file
View File

@ -0,0 +1,56 @@
/*
* Copyright (c) 2002 Damien Miller. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$Id: bsd-getpeereid.c,v 1.1 2002/09/12 00:33:02 djm Exp $");
#if !defined(HAVE_GETPEEREID)
#if defined(SO_PEERCRED)
int
getpeereid(int s, uid_t *euid, gid_t *gid)
{
struct ucred cred;
size_t len = sizeof(cred);
if (getsockopt(s, SOL_SOCKET, SO_PEERCRED, &cred, &len) < 0)
return (-1);
*euid = cred.uid;
*gid = cred.gid;
return (0);
}
#else
int
getpeereid(int s, uid_t *euid, gid_t *gid)
{
*euid = geteuid();
*gid = getgid();
return (0);
}
#endif /* defined(SO_PEERCRED) */
#endif /* !defined(HAVE_GETPEEREID) */

14
crypto/openssh/openbsd-compat/bsd-getpeereid.h Normal file
View File

@ -0,0 +1,14 @@
/* $Id: bsd-getpeereid.h,v 1.1 2002/09/12 00:33:02 djm Exp $ */
#ifndef _BSD_GETPEEREID_H
#define _BSD_GETPEEREID_H
#include "config.h"
#include <sys/types.h> /* For uid_t, gid_t */
#ifndef HAVE_GETPEEREID
int getpeereid(int , uid_t *, gid_t *);
#endif /* HAVE_GETPEEREID */
#endif /* _BSD_GETPEEREID_H */

6
crypto/openssh/openbsd-compat/bsd-misc.c
View File

@ -24,7 +24,7 @@
#include "includes.h"
RCSID("$Id: bsd-misc.c,v 1.8 2002/06/13 21:34:58 mouring Exp $");
RCSID("$Id: bsd-misc.c,v 1.10 2002/07/08 21:09:41 mouring Exp $");
char *get_progname(char *argv0)
{
@ -93,8 +93,8 @@ int utimes(char *filename, struct timeval *tvp)
{
struct utimbuf ub;
ub.actime = tvp->tv_sec;
ub.modtime = tvp->tv_usec;
ub.actime = tvp[0].tv_sec;
ub.modtime = tvp[1].tv_sec;
return(utime(filename, &ub));
}

8
crypto/openssh/openbsd-compat/dirname.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dirname.c,v 1.6 2001/06/28 04:27:19 pjanzen Exp $ */
/* $OpenBSD: dirname.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $ */
/*
* Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
@ -31,7 +31,7 @@
#ifndef HAVE_DIRNAME
#if defined(LIBC_SCCS) && !defined(lint)
static char rcsid[] = "$OpenBSD: dirname.c,v 1.6 2001/06/28 04:27:19 pjanzen Exp $";
static char rcsid[] = "$OpenBSD: dirname.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $";
#endif /* LIBC_SCCS and not lint */
#include <errno.h>
@ -47,7 +47,7 @@ dirname(path)
/* Empty or NULL string gets treated as "." */
if (path == NULL || *path == '\0') {
(void)strcpy(bname, ".");
(void)strlcpy(bname, ".", sizeof bname);
return(bname);
}
@ -62,7 +62,7 @@ dirname(path)
/* Either the dir is "/" or there are no slashes */
if (endp == path) {
(void)strcpy(bname, *endp == '/' ? "/" : ".");
(void)strlcpy(bname, *endp == '/' ? "/" : ".", sizeof bname);
return(bname);
} else {
do {

2
crypto/openssh/openbsd-compat/getcwd.c
View File

@ -24,7 +24,7 @@
* SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#if !defined(HAVE_GETCWD)

2
crypto/openssh/openbsd-compat/getopt.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET)
#if defined(LIBC_SCCS) && !defined(lint)

45
crypto/openssh/openbsd-compat/glob.c
View File

@ -56,7 +56,7 @@ get_arg_max(void)
#if 0
static char sccsid[] = "@(#)glob.c 8.3 (Berkeley) 10/13/93";
#else
static char rcsid[] = "$OpenBSD: glob.c,v 1.16 2001/04/05 18:36:12 deraadt Exp $";
static char rcsid[] = "$OpenBSD: glob.c,v 1.20 2002/06/14 21:34:58 todd Exp $";
#endif
#endif /* LIBC_SCCS and not lint */
@ -97,6 +97,7 @@ static char rcsid[] = "$OpenBSD: glob.c,v 1.16 2001/04/05 18:36:12 deraadt Exp $
#define RBRACKET ']'
#define SEP '/'
#define STAR '*'
#undef TILDE /* Some platforms may already define it */
#define TILDE '~'
#define UNDERSCORE '_'
#define LBRACE '{'
@ -136,32 +137,32 @@ typedef char Char;
#define ismeta(c) (((c)&M_QUOTE) != 0)
static int compare __P((const void *, const void *));
static int g_Ctoc __P((const Char *, char *, u_int));
static int g_lstat __P((Char *, struct stat *, glob_t *));
static DIR *g_opendir __P((Char *, glob_t *));
static Char *g_strchr __P((Char *, int));
static int g_stat __P((Char *, struct stat *, glob_t *));
static int glob0 __P((const Char *, glob_t *));
static int glob1 __P((Char *, Char *, glob_t *, size_t *));
static int glob2 __P((Char *, Char *, Char *, Char *, Char *, Char *,
glob_t *, size_t *));
static int glob3 __P((Char *, Char *, Char *, Char *, Char *, Char *,
Char *, Char *, glob_t *, size_t *));
static int globextend __P((const Char *, glob_t *, size_t *));
static int compare(const void *, const void *);
static int g_Ctoc(const Char *, char *, u_int);
static int g_lstat(Char *, struct stat *, glob_t *);
static DIR *g_opendir(Char *, glob_t *);
static Char *g_strchr(Char *, int);
static int g_stat(Char *, struct stat *, glob_t *);
static int glob0(const Char *, glob_t *);
static int glob1(Char *, Char *, glob_t *, size_t *);
static int glob2(Char *, Char *, Char *, Char *, Char *, Char *,
glob_t *, size_t *);
static int glob3(Char *, Char *, Char *, Char *, Char *, Char *,
Char *, Char *, glob_t *, size_t *);
static int globextend(const Char *, glob_t *, size_t *);
static const Char *
globtilde __P((const Char *, Char *, size_t, glob_t *));
static int globexp1 __P((const Char *, glob_t *));
static int globexp2 __P((const Char *, const Char *, glob_t *, int *));
static int match __P((Char *, Char *, Char *));
globtilde(const Char *, Char *, size_t, glob_t *);
static int globexp1(const Char *, glob_t *);
static int globexp2(const Char *, const Char *, glob_t *, int *);
static int match(Char *, Char *, Char *);
#ifdef DEBUG
static void qprintf __P((const char *, Char *));
static void qprintf(const char *, Char *);
#endif
int
glob(pattern, flags, errfunc, pglob)
const char *pattern;
int flags, (*errfunc) __P((const char *, int));
int flags, (*errfunc)(const char *, int);
glob_t *pglob;
{
const u_char *patnext;
@ -676,7 +677,7 @@ glob3(pathbuf, pathbuf_last, pathend, pathend_last, pattern, pattern_last,
/*
* Extend the gl_pathv member of a glob_t structure to accomodate a new item,
* Extend the gl_pathv member of a glob_t structure to accommodate a new item,
* add the new item, and update gl_pathc.
*
* This assumes the BSD realloc, which only copies the block when its size
@ -821,7 +822,7 @@ g_opendir(str, pglob)
char buf[MAXPATHLEN];
if (!*str)
strcpy(buf, ".");
strlcpy(buf, ".", sizeof buf);
else {
if (g_Ctoc(str, buf, sizeof(buf)))
return(NULL);

18
crypto/openssh/openbsd-compat/glob.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: glob.h,v 1.5 2001/03/18 17:18:58 deraadt Exp $ */
/* $OpenBSD: glob.h,v 1.7 2002/02/17 19:42:21 millert Exp $ */
/* $NetBSD: glob.h,v 1.5 1994/10/26 00:55:56 cgd Exp $ */
/*
@ -53,18 +53,18 @@ typedef struct {
int gl_flags; /* Copy of flags parameter to glob. */
char **gl_pathv; /* List of paths matching pattern. */
/* Copy of errfunc parameter to glob. */
int (*gl_errfunc) __P((const char *, int));
int (*gl_errfunc)(const char *, int);
/*
* Alternate filesystem access methods for glob; replacement
* versions of closedir(3), readdir(3), opendir(3), stat(2)
* and lstat(2).
*/
void (*gl_closedir) __P((void *));
struct dirent *(*gl_readdir) __P((void *));
void *(*gl_opendir) __P((const char *));
int (*gl_lstat) __P((const char *, struct stat *));
int (*gl_stat) __P((const char *, struct stat *));
void (*gl_closedir)(void *);
struct dirent *(*gl_readdir)(void *);
void *(*gl_opendir)(const char *);
int (*gl_lstat)(const char *, struct stat *);
int (*gl_stat)(const char *, struct stat *);
} glob_t;
/* Flags */
@ -91,8 +91,8 @@ typedef struct {
#define GLOB_NOSYS (-4) /* Function not supported. */
#define GLOB_ABEND GLOB_ABORTED
int glob __P((const char *, int, int (*)(const char *, int), glob_t *));
void globfree __P((glob_t *));
int glob(const char *, int, int (*)(const char *, int), glob_t *);
void globfree(glob_t *);
#endif /* !_GLOB_H_ */

6
crypto/openssh/openbsd-compat/inet_ntoa.c
View File

@ -31,12 +31,12 @@
* SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#if defined(BROKEN_INET_NTOA) || !defined(HAVE_INET_NTOA)
#if defined(LIBC_SCCS) && !defined(lint)
static char rcsid[] = "$OpenBSD: inet_ntoa.c,v 1.2 1996/08/19 08:29:16 tholo Exp $";
static char rcsid[] = "$OpenBSD: inet_ntoa.c,v 1.3 2002/06/27 10:14:01 itojun Exp $";
#endif /* LIBC_SCCS and not lint */
/*
@ -57,7 +57,7 @@ char *inet_ntoa(struct in_addr in)
p = (char *)&in;
#define UC(b) (((int)b)&0xff)
(void)snprintf(b, sizeof(b),
"%d.%d.%d.%d", UC(p[0]), UC(p[1]), UC(p[2]), UC(p[3]));
"%u.%u.%u.%u", UC(p[0]), UC(p[1]), UC(p[2]), UC(p[3]));
return (b);
}

51
crypto/openssh/openbsd-compat/inet_ntop.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: inet_ntop.c,v 1.1 1997/03/13 19:07:32 downsj Exp $ */
/* $OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Exp $ */
/* Copyright (c) 1996 by Internet Software Consortium.
*
@ -16,7 +16,7 @@
* SOFTWARE.
*/
#include "config.h"
#include "includes.h"
#ifndef HAVE_INET_NTOP
@ -24,7 +24,7 @@
#if 0
static char rcsid[] = "$From: inet_ntop.c,v 8.7 1996/08/05 08:41:18 vixie Exp $";
#else
static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.1 1997/03/13 19:07:32 downsj Exp $";
static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Exp $";
#endif
#endif /* LIBC_SCCS and not lint */
@ -54,8 +54,8 @@ static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.1 1997/03/13 19:07:32 downsj Ex
* sizeof(int) < 4. sizeof(int) > 4 is fine; all the world's not a VAX.
*/
static const char *inet_ntop4 __P((const u_char *src, char *dst, size_t size));
static const char *inet_ntop6 __P((const u_char *src, char *dst, size_t size));
static const char *inet_ntop4(const u_char *src, char *dst, size_t size);
static const char *inet_ntop6(const u_char *src, char *dst, size_t size);
/* char *
* inet_ntop(af, src, dst, size)
@ -103,13 +103,14 @@ inet_ntop4(src, dst, size)
{
static const char fmt[] = "%u.%u.%u.%u";
char tmp[sizeof "255.255.255.255"];
int l;
if (snprintf(tmp, sizeof(tmp), fmt, src[0], src[1], src[2],
src[3]) > size) {
l = snprintf(tmp, size, fmt, src[0], src[1], src[2], src[3]);
if (l <= 0 || l >= size) {
errno = ENOSPC;
return (NULL);
}
strcpy(dst, tmp);
strlcpy(dst, tmp, size);
return (dst);
}
@ -132,10 +133,12 @@ inet_ntop6(src, dst, size)
* Keep this in mind if you think this function should have been coded
* to use pointer overlays. All the world's not a VAX.
*/
char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"], *tp;
char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"];
char *tp, *ep;
struct { int base, len; } best, cur;
u_int words[IN6ADDRSZ / INT16SZ];
int i;
int advance;
/*
* Preprocess:
@ -172,31 +175,45 @@ inet_ntop6(src, dst, size)
* Format the result.
*/
tp = tmp;
for (i = 0; i < (IN6ADDRSZ / INT16SZ); i++) {
ep = tmp + sizeof(tmp);
for (i = 0; i < (IN6ADDRSZ / INT16SZ) && tp < ep; i++) {
/* Are we inside the best run of 0x00's? */
if (best.base != -1 && i >= best.base &&
i < (best.base + best.len)) {
if (i == best.base)
if (i == best.base) {
if (tp + 1 >= ep)
return (NULL);
*tp++ = ':';
}
continue;
}
/* Are we following an initial run of 0x00s or any real hex? */
if (i != 0)
if (i != 0) {
if (tp + 1 >= ep)
return (NULL);
*tp++ = ':';
}
/* Is this address an encapsulated IPv4? */
if (i == 6 && best.base == 0 &&
(best.len == 6 || (best.len == 5 && words[5] == 0xffff))) {
if (!inet_ntop4(src+12, tp, sizeof tmp - (tp - tmp)))
if (!inet_ntop4(src+12, tp, (size_t)(ep - tp)))
return (NULL);
tp += strlen(tp);
break;
}
snprintf(tp, sizeof(tmp - (tp - tmp)), "%x", words[i]);
tp += strlen(tp);
advance = snprintf(tp, ep - tp, "%x", words[i]);
if (advance <= 0 || advance >= ep - tp)
return (NULL);
tp += advance;
}
/* Was it a trailing run of 0x00's? */
if (best.base != -1 && (best.base + best.len) == (IN6ADDRSZ / INT16SZ))
if (best.base != -1 && (best.base + best.len) == (IN6ADDRSZ / INT16SZ)) {
if (tp + 1 >= ep)
return (NULL);
*tp++ = ':';
}
if (tp + 1 >= ep)
return (NULL);
*tp++ = '\0';
/*
@ -206,7 +223,7 @@ inet_ntop6(src, dst, size)
errno = ENOSPC;
return (NULL);
}
strcpy(dst, tmp);
strlcpy(dst, tmp, size);
return (dst);
}

6
crypto/openssh/openbsd-compat/mktemp.c
View File

@ -39,7 +39,7 @@
#ifndef HAVE_MKDTEMP
#if defined(LIBC_SCCS) && !defined(lint)
static char rcsid[] = "$OpenBSD: mktemp.c,v 1.14 2002/01/02 20:18:32 deraadt Exp $";
static char rcsid[] = "$OpenBSD: mktemp.c,v 1.16 2002/05/27 18:20:45 millert Exp $";
#endif /* LIBC_SCCS and not lint */
#ifdef HAVE_CYGWIN
@ -102,11 +102,11 @@ _gettemp(path, doopen, domkdir, slen)
return (0);
}
pid = getpid();
while (*trv == 'X' && pid != 0) {
while (trv >= path && *trv == 'X' && pid != 0) {
*trv-- = (pid % 10) + '0';
pid /= 10;
}
while (*trv == 'X') {
while (trv >= path && *trv == 'X') {
char c;
pid = (arc4random() & 0xffff) % (26+26);

3
crypto/openssh/openbsd-compat/openbsd-compat.h
View File

@ -1,4 +1,4 @@
/* $Id: openbsd-compat.h,v 1.16 2002/02/19 20:27:57 mouring Exp $ */
/* $Id: openbsd-compat.h,v 1.17 2002/09/12 00:33:02 djm Exp $ */
#ifndef _OPENBSD_H
#define _OPENBSD_H
@ -29,6 +29,7 @@
/* Home grown routines */
#include "bsd-arc4random.h"
#include "bsd-getpeereid.h"
#include "bsd-misc.h"
#include "bsd-snprintf.h"
#include "bsd-waitpid.h"

45
crypto/openssh/openbsd-compat/port-aix.c
View File

@ -1,3 +1,28 @@
/*
*
* Copyright (c) 2001 Gert Doering. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include "includes.h"
#ifdef _AIX
@ -6,21 +31,21 @@
#include <../xmalloc.h>
/*
* AIX has a "usrinfo" area where logname and
* other stuff is stored - a few applications
* actually use this and die if it's not set
* AIX has a "usrinfo" area where logname and other stuff is stored -
* a few applications actually use this and die if it's not set
*
* NOTE: TTY= should be set, but since no one uses it and it's hard to
* acquire due to privsep code. We will just drop support.
*/
void
aix_usrinfo(struct passwd *pw, char *tty, int ttyfd)
aix_usrinfo(struct passwd *pw)
{
u_int i;
char *cp=NULL;
char *cp;
if (ttyfd == -1)
tty[0] = '\0';
cp = xmalloc(22 + strlen(tty) + 2 * strlen(pw->pw_name));
i = sprintf(cp, "LOGNAME=%s%cNAME=%s%cTTY=%s%c%c", pw->pw_name, 0,
pw->pw_name, 0, tty, 0, 0);
cp = xmalloc(16 + 2 * strlen(pw->pw_name));
i = sprintf(cp, "LOGNAME=%s%cNAME=%s%c", pw->pw_name, 0,
pw->pw_name, 0);
if (usrinfo(SETUINFO, cp, i) == -1)
fatal("Couldn't set usrinfo: %s", strerror(errno));
debug3("AIX/UsrInfo: set len %d", i);

30
crypto/openssh/openbsd-compat/port-aix.h
View File

@ -1,5 +1,29 @@
/*
*
* Copyright (c) 2001 Gert Doering. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef _AIX
void aix_usrinfo(struct passwd *pw, char *tty, int ttyfd);
void aix_usrinfo(struct passwd *pw);
#endif /* _AIX */

35
crypto/openssh/openbsd-compat/readpassphrase.c
View File

@ -1,7 +1,7 @@
/* $OpenBSD: readpassphrase.c,v 1.12 2001/12/15 05:41:00 millert Exp $ */
/* $OpenBSD: readpassphrase.c,v 1.14 2002/06/28 01:43:58 millert Exp $ */
/*
* Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2000-2002 Todd C. Miller <Todd.Miller@courtesan.com>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@ -28,7 +28,7 @@
*/
#if defined(LIBC_SCCS) && !defined(lint)
static const char rcsid[] = "$OpenBSD: readpassphrase.c,v 1.12 2001/12/15 05:41:00 millert Exp $";
static const char rcsid[] = "$OpenBSD: readpassphrase.c,v 1.14 2002/06/28 01:43:58 millert Exp $";
#endif /* LIBC_SCCS and not lint */
#include "includes.h"
@ -60,8 +60,8 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
int input, output, save_errno;
char ch, *p, *end;
struct termios term, oterm;
struct sigaction sa, saveint, savehup, savequit, saveterm;
struct sigaction savetstp, savettin, savettou;
struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
struct sigaction savetstp, savettin, savettou, savepipe;
/* I suppose we could alloc on demand in this case (XXX). */
if (bufsiz == 0) {
@ -70,11 +70,13 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
}
restart:
signo = 0;
/*
* Read and write to /dev/tty if available. If not, read from
* stdin and write to stderr unless a tty is required.
*/
if ((input = output = open(_PATH_TTY, O_RDWR)) == -1) {
if ((flags & RPP_STDIN) ||
(input = output = open(_PATH_TTY, O_RDWR)) == -1) {
if (flags & RPP_REQUIRE_TTY) {
errno = ENOTTY;
return(NULL);
@ -86,13 +88,15 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
/*
* Catch signals that would otherwise cause the user to end
* up with echo turned off in the shell. Don't worry about
* things like SIGALRM and SIGPIPE for now.
* things like SIGXCPU and SIGVTALRM for now.
*/
sigemptyset(&sa.sa_mask);
sa.sa_flags = 0; /* don't restart system calls */
sa.sa_handler = handler;
(void)sigaction(SIGINT, &sa, &saveint);
(void)sigaction(SIGALRM, &sa, &savealrm);
(void)sigaction(SIGHUP, &sa, &savehup);
(void)sigaction(SIGINT, &sa, &saveint);
(void)sigaction(SIGPIPE, &sa, &savepipe);
(void)sigaction(SIGQUIT, &sa, &savequit);
(void)sigaction(SIGTERM, &sa, &saveterm);
(void)sigaction(SIGTSTP, &sa, &savetstp);
@ -100,7 +104,7 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
(void)sigaction(SIGTTOU, &sa, &savettou);
/* Turn off echo if possible. */
if (tcgetattr(input, &oterm) == 0) {
if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
memcpy(&term, &oterm, sizeof(term));
if (!(flags & RPP_ECHO_ON))
term.c_lflag &= ~(ECHO | ECHONL);
@ -111,10 +115,13 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
(void)tcsetattr(input, _T_FLUSH, &term);
} else {
memset(&term, 0, sizeof(term));
term.c_lflag |= ECHO;
memset(&oterm, 0, sizeof(oterm));
oterm.c_lflag |= ECHO;
}
(void)write(output, prompt, strlen(prompt));
if (!(flags & RPP_STDIN))
(void)write(output, prompt, strlen(prompt));
end = buf + bufsiz - 1;
for (p = buf; (nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r';) {
if (p < end) {
@ -137,13 +144,14 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
/* Restore old terminal settings and signals. */
if (memcmp(&term, &oterm, sizeof(term)) != 0)
(void)tcsetattr(input, _T_FLUSH, &oterm);
(void)sigaction(SIGINT, &saveint, NULL);
(void)sigaction(SIGALRM, &savealrm, NULL);
(void)sigaction(SIGHUP, &savehup, NULL);
(void)sigaction(SIGINT, &saveint, NULL);
(void)sigaction(SIGQUIT, &savequit, NULL);
(void)sigaction(SIGPIPE, &savepipe, NULL);
(void)sigaction(SIGTERM, &saveterm, NULL);
(void)sigaction(SIGTSTP, &savetstp, NULL);
(void)sigaction(SIGTTIN, &savettin, NULL);
(void)sigaction(SIGTTOU, &savettou, NULL);
if (input != STDIN_FILENO)
(void)close(input);
@ -152,12 +160,11 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
* now that we have restored the signal handlers.
*/
if (signo) {
kill(getpid(), signo);
kill(getpid(), signo);
switch (signo) {
case SIGTSTP:
case SIGTTIN:
case SIGTTOU:
signo = 0;
goto restart;
}
}

5
crypto/openssh/openbsd-compat/readpassphrase.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readpassphrase.h,v 1.1 2000/11/21 00:48:38 millert Exp $ */
/* $OpenBSD: readpassphrase.h,v 1.3 2002/06/28 12:32:22 millert Exp $ */
/*
* Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
@ -40,8 +40,9 @@
#define RPP_FORCELOWER 0x04 /* Force input to lower case. */
#define RPP_FORCEUPPER 0x08 /* Force input to upper case. */
#define RPP_SEVENBIT 0x10 /* Strip the high bit from input. */
#define RPP_STDIN 0x20 /* Read from stdin, not /dev/tty */
char *readpassphrase(const char *, char *, size_t, int);
char * readpassphrase(const char *, char *, size_t, int);
#endif /* HAVE_READPASSPHRASE */

6
crypto/openssh/openbsd-compat/realpath.c
View File

@ -32,7 +32,7 @@
#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
#if defined(LIBC_SCCS) && !defined(lint)
static char *rcsid = "$OpenBSD: realpath.c,v 1.6 2002/01/12 16:24:35 millert Exp $";
static char *rcsid = "$OpenBSD: realpath.c,v 1.7 2002/05/24 21:22:37 deraadt Exp $";
#endif /* LIBC_SCCS and not lint */
#include <sys/param.h>
@ -69,7 +69,7 @@ realpath(const char *path, char *resolved)
/* Save the starting point. */
getcwd(start,MAXPATHLEN);
if ((fd = open(".", O_RDONLY)) < 0) {
(void)strcpy(resolved, ".");
(void)strlcpy(resolved, ".", MAXPATHLEN);
return (NULL);
}
close(fd);
@ -129,7 +129,7 @@ realpath(const char *path, char *resolved)
* Save the last component name and get the full pathname of
* the current directory.
*/
(void)strcpy(wbuf, p);
(void)strlcpy(wbuf, p, sizeof wbuf);
if (getcwd(resolved, MAXPATHLEN) == 0)
goto err1;

2
crypto/openssh/openbsd-compat/rresvport.c
View File

@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#ifndef HAVE_RRESVPORT_AF

2
crypto/openssh/openbsd-compat/setenv.c
View File

@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#ifndef HAVE_SETENV
#if defined(LIBC_SCCS) && !defined(lint)

2
crypto/openssh/openbsd-compat/sigact.c
View File

@ -33,7 +33,7 @@
* and: Eric S. Raymond <esr@snark.thyrsus.com> *
****************************************************************************/
#include "config.h"
#include "includes.h"
#include <signal.h>
#include "sigact.h"

2
crypto/openssh/openbsd-compat/strlcat.c
View File

@ -27,7 +27,7 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#ifndef HAVE_STRLCAT
#if defined(LIBC_SCCS) && !defined(lint)

2
crypto/openssh/openbsd-compat/strlcpy.c
View File

@ -27,7 +27,7 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#ifndef HAVE_STRLCPY
#if defined(LIBC_SCCS) && !defined(lint)

2
crypto/openssh/openbsd-compat/strsep.c
View File

@ -33,7 +33,7 @@
* SUCH DAMAGE.
*/
#include "config.h"
#include "includes.h"
#if !defined(HAVE_STRSEP)

584
crypto/openssh/openbsd-compat/sys-queue.h Normal file
View File

@ -0,0 +1,584 @@
/* $OpenBSD: queue.h,v 1.22 2001/06/23 04:39:35 angelos Exp $ */
/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */
/*
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* @(#)queue.h 8.5 (Berkeley) 8/20/94
*/
#ifndef _FAKE_QUEUE_H_
#define _FAKE_QUEUE_H_
/*
* Ignore all <sys/queue.h> since older platforms have broken/incomplete
* <sys/queue.h> that are too hard to work around.
*/
#undef SLIST_HEAD
#undef SLIST_HEAD_INITIALIZER
#undef SLIST_ENTRY
#undef SLIST_FIRST
#undef SLIST_END
#undef SLIST_EMPTY
#undef SLIST_NEXT
#undef SLIST_FOREACH
#undef SLIST_INIT
#undef SLIST_INSERT_AFTER
#undef SLIST_INSERT_HEAD
#undef SLIST_REMOVE_HEAD
#undef SLIST_REMOVE
#undef LIST_HEAD
#undef LIST_HEAD_INITIALIZER
#undef LIST_ENTRY
#undef LIST_FIRST
#undef LIST_END
#undef LIST_EMPTY
#undef LIST_NEXT
#undef LIST_FOREACH
#undef LIST_INIT
#undef LIST_INSERT_AFTER
#undef LIST_INSERT_BEFORE
#undef LIST_INSERT_HEAD
#undef LIST_REMOVE
#undef LIST_REPLACE
#undef SIMPLEQ_HEAD
#undef SIMPLEQ_HEAD_INITIALIZER
#undef SIMPLEQ_ENTRY
#undef SIMPLEQ_FIRST
#undef SIMPLEQ_END
#undef SIMPLEQ_EMPTY
#undef SIMPLEQ_NEXT
#undef SIMPLEQ_FOREACH
#undef SIMPLEQ_INIT
#undef SIMPLEQ_INSERT_HEAD
#undef SIMPLEQ_INSERT_TAIL
#undef SIMPLEQ_INSERT_AFTER
#undef SIMPLEQ_REMOVE_HEAD
#undef TAILQ_HEAD
#undef TAILQ_HEAD_INITIALIZER
#undef TAILQ_ENTRY
#undef TAILQ_FIRST
#undef TAILQ_END
#undef TAILQ_NEXT
#undef TAILQ_LAST
#undef TAILQ_PREV
#undef TAILQ_EMPTY
#undef TAILQ_FOREACH
#undef TAILQ_FOREACH_REVERSE
#undef TAILQ_INIT
#undef TAILQ_INSERT_HEAD
#undef TAILQ_INSERT_TAIL
#undef TAILQ_INSERT_AFTER
#undef TAILQ_INSERT_BEFORE
#undef TAILQ_REMOVE
#undef TAILQ_REPLACE
#undef CIRCLEQ_HEAD
#undef CIRCLEQ_HEAD_INITIALIZER
#undef CIRCLEQ_ENTRY
#undef CIRCLEQ_FIRST
#undef CIRCLEQ_LAST
#undef CIRCLEQ_END
#undef CIRCLEQ_NEXT
#undef CIRCLEQ_PREV
#undef CIRCLEQ_EMPTY
#undef CIRCLEQ_FOREACH
#undef CIRCLEQ_FOREACH_REVERSE
#undef CIRCLEQ_INIT
#undef CIRCLEQ_INSERT_AFTER
#undef CIRCLEQ_INSERT_BEFORE
#undef CIRCLEQ_INSERT_HEAD
#undef CIRCLEQ_INSERT_TAIL
#undef CIRCLEQ_REMOVE
#undef CIRCLEQ_REPLACE
/*
* This file defines five types of data structures: singly-linked lists,
* lists, simple queues, tail queues, and circular queues.
*
*
* A singly-linked list is headed by a single forward pointer. The elements
* are singly linked for minimum space and pointer manipulation overhead at
* the expense of O(n) removal for arbitrary elements. New elements can be
* added to the list after an existing element or at the head of the list.
* Elements being removed from the head of the list should use the explicit
* macro for this purpose for optimum efficiency. A singly-linked list may
* only be traversed in the forward direction. Singly-linked lists are ideal
* for applications with large datasets and few or no removals or for
* implementing a LIFO queue.
*
* A list is headed by a single forward pointer (or an array of forward
* pointers for a hash table header). The elements are doubly linked
* so that an arbitrary element can be removed without a need to
* traverse the list. New elements can be added to the list before
* or after an existing element or at the head of the list. A list
* may only be traversed in the forward direction.
*
* A simple queue is headed by a pair of pointers, one the head of the
* list and the other to the tail of the list. The elements are singly
* linked to save space, so elements can only be removed from the
* head of the list. New elements can be added to the list before or after
* an existing element, at the head of the list, or at the end of the
* list. A simple queue may only be traversed in the forward direction.
*
* A tail queue is headed by a pair of pointers, one to the head of the
* list and the other to the tail of the list. The elements are doubly
* linked so that an arbitrary element can be removed without a need to
* traverse the list. New elements can be added to the list before or
* after an existing element, at the head of the list, or at the end of
* the list. A tail queue may be traversed in either direction.
*
* A circle queue is headed by a pair of pointers, one to the head of the
* list and the other to the tail of the list. The elements are doubly
* linked so that an arbitrary element can be removed without a need to
* traverse the list. New elements can be added to the list before or after
* an existing element, at the head of the list, or at the end of the list.
* A circle queue may be traversed in either direction, but has a more
* complex end of list detection.
*
* For details on the use of these macros, see the queue(3) manual page.
*/
/*
* Singly-linked List definitions.
*/
#define SLIST_HEAD(name, type) \
struct name { \
struct type *slh_first; /* first element */ \
}
#define SLIST_HEAD_INITIALIZER(head) \
{ NULL }
#define SLIST_ENTRY(type) \
struct { \
struct type *sle_next; /* next element */ \
}
/*
* Singly-linked List access methods.
*/
#define SLIST_FIRST(head) ((head)->slh_first)
#define SLIST_END(head) NULL
#define SLIST_EMPTY(head) (SLIST_FIRST(head) == SLIST_END(head))
#define SLIST_NEXT(elm, field) ((elm)->field.sle_next)
#define SLIST_FOREACH(var, head, field) \
for((var) = SLIST_FIRST(head); \
(var) != SLIST_END(head); \
(var) = SLIST_NEXT(var, field))
/*
* Singly-linked List functions.
*/
#define SLIST_INIT(head) { \
SLIST_FIRST(head) = SLIST_END(head); \
}
#define SLIST_INSERT_AFTER(slistelm, elm, field) do { \
(elm)->field.sle_next = (slistelm)->field.sle_next; \
(slistelm)->field.sle_next = (elm); \
} while (0)
#define SLIST_INSERT_HEAD(head, elm, field) do { \
(elm)->field.sle_next = (head)->slh_first; \
(head)->slh_first = (elm); \
} while (0)
#define SLIST_REMOVE_HEAD(head, field) do { \
(head)->slh_first = (head)->slh_first->field.sle_next; \
} while (0)
#define SLIST_REMOVE(head, elm, type, field) do { \
if ((head)->slh_first == (elm)) { \
SLIST_REMOVE_HEAD((head), field); \
} \
else { \
struct type *curelm = (head)->slh_first; \
while( curelm->field.sle_next != (elm) ) \
curelm = curelm->field.sle_next; \
curelm->field.sle_next = \
curelm->field.sle_next->field.sle_next; \
} \
} while (0)
/*
* List definitions.
*/
#define LIST_HEAD(name, type) \
struct name { \
struct type *lh_first; /* first element */ \
}
#define LIST_HEAD_INITIALIZER(head) \
{ NULL }
#define LIST_ENTRY(type) \
struct { \
struct type *le_next; /* next element */ \
struct type **le_prev; /* address of previous next element */ \
}
/*
* List access methods
*/
#define LIST_FIRST(head) ((head)->lh_first)
#define LIST_END(head) NULL
#define LIST_EMPTY(head) (LIST_FIRST(head) == LIST_END(head))
#define LIST_NEXT(elm, field) ((elm)->field.le_next)
#define LIST_FOREACH(var, head, field) \
for((var) = LIST_FIRST(head); \
(var)!= LIST_END(head); \
(var) = LIST_NEXT(var, field))
/*
* List functions.
*/
#define LIST_INIT(head) do { \
LIST_FIRST(head) = LIST_END(head); \
} while (0)
#define LIST_INSERT_AFTER(listelm, elm, field) do { \
if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \
(listelm)->field.le_next->field.le_prev = \
&(elm)->field.le_next; \
(listelm)->field.le_next = (elm); \
(elm)->field.le_prev = &(listelm)->field.le_next; \
} while (0)
#define LIST_INSERT_BEFORE(listelm, elm, field) do { \
(elm)->field.le_prev = (listelm)->field.le_prev; \
(elm)->field.le_next = (listelm); \
*(listelm)->field.le_prev = (elm); \
(listelm)->field.le_prev = &(elm)->field.le_next; \
} while (0)
#define LIST_INSERT_HEAD(head, elm, field) do { \
if (((elm)->field.le_next = (head)->lh_first) != NULL) \
(head)->lh_first->field.le_prev = &(elm)->field.le_next;\
(head)->lh_first = (elm); \
(elm)->field.le_prev = &(head)->lh_first; \
} while (0)
#define LIST_REMOVE(elm, field) do { \
if ((elm)->field.le_next != NULL) \
(elm)->field.le_next->field.le_prev = \
(elm)->field.le_prev; \
*(elm)->field.le_prev = (elm)->field.le_next; \
} while (0)
#define LIST_REPLACE(elm, elm2, field) do { \
if (((elm2)->field.le_next = (elm)->field.le_next) != NULL) \
(elm2)->field.le_next->field.le_prev = \
&(elm2)->field.le_next; \
(elm2)->field.le_prev = (elm)->field.le_prev; \
*(elm2)->field.le_prev = (elm2); \
} while (0)
/*
* Simple queue definitions.
*/
#define SIMPLEQ_HEAD(name, type) \
struct name { \
struct type *sqh_first; /* first element */ \
struct type **sqh_last; /* addr of last next element */ \
}
#define SIMPLEQ_HEAD_INITIALIZER(head) \
{ NULL, &(head).sqh_first }
#define SIMPLEQ_ENTRY(type) \
struct { \
struct type *sqe_next; /* next element */ \
}
/*
* Simple queue access methods.
*/
#define SIMPLEQ_FIRST(head) ((head)->sqh_first)
#define SIMPLEQ_END(head) NULL
#define SIMPLEQ_EMPTY(head) (SIMPLEQ_FIRST(head) == SIMPLEQ_END(head))
#define SIMPLEQ_NEXT(elm, field) ((elm)->field.sqe_next)
#define SIMPLEQ_FOREACH(var, head, field) \
for((var) = SIMPLEQ_FIRST(head); \
(var) != SIMPLEQ_END(head); \
(var) = SIMPLEQ_NEXT(var, field))
/*
* Simple queue functions.
*/
#define SIMPLEQ_INIT(head) do { \
(head)->sqh_first = NULL; \
(head)->sqh_last = &(head)->sqh_first; \
} while (0)
#define SIMPLEQ_INSERT_HEAD(head, elm, field) do { \
if (((elm)->field.sqe_next = (head)->sqh_first) == NULL) \
(head)->sqh_last = &(elm)->field.sqe_next; \
(head)->sqh_first = (elm); \
} while (0)
#define SIMPLEQ_INSERT_TAIL(head, elm, field) do { \
(elm)->field.sqe_next = NULL; \
*(head)->sqh_last = (elm); \
(head)->sqh_last = &(elm)->field.sqe_next; \
} while (0)
#define SIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do { \
if (((elm)->field.sqe_next = (listelm)->field.sqe_next) == NULL)\
(head)->sqh_last = &(elm)->field.sqe_next; \
(listelm)->field.sqe_next = (elm); \
} while (0)
#define SIMPLEQ_REMOVE_HEAD(head, elm, field) do { \
if (((head)->sqh_first = (elm)->field.sqe_next) == NULL) \
(head)->sqh_last = &(head)->sqh_first; \
} while (0)
/*
* Tail queue definitions.
*/
#define TAILQ_HEAD(name, type) \
struct name { \
struct type *tqh_first; /* first element */ \
struct type **tqh_last; /* addr of last next element */ \
}
#define TAILQ_HEAD_INITIALIZER(head) \
{ NULL, &(head).tqh_first }
#define TAILQ_ENTRY(type) \
struct { \
struct type *tqe_next; /* next element */ \
struct type **tqe_prev; /* address of previous next element */ \
}
/*
* tail queue access methods
*/
#define TAILQ_FIRST(head) ((head)->tqh_first)
#define TAILQ_END(head) NULL
#define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next)
#define TAILQ_LAST(head, headname) \
(*(((struct headname *)((head)->tqh_last))->tqh_last))
/* XXX */
#define TAILQ_PREV(elm, headname, field) \
(*(((struct headname *)((elm)->field.tqe_prev))->tqh_last))
#define TAILQ_EMPTY(head) \
(TAILQ_FIRST(head) == TAILQ_END(head))
#define TAILQ_FOREACH(var, head, field) \
for((var) = TAILQ_FIRST(head); \
(var) != TAILQ_END(head); \
(var) = TAILQ_NEXT(var, field))
#define TAILQ_FOREACH_REVERSE(var, head, field, headname) \
for((var) = TAILQ_LAST(head, headname); \
(var) != TAILQ_END(head); \
(var) = TAILQ_PREV(var, headname, field))
/*
* Tail queue functions.
*/
#define TAILQ_INIT(head) do { \
(head)->tqh_first = NULL; \
(head)->tqh_last = &(head)->tqh_first; \
} while (0)
#define TAILQ_INSERT_HEAD(head, elm, field) do { \
if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \
(head)->tqh_first->field.tqe_prev = \
&(elm)->field.tqe_next; \
else \
(head)->tqh_last = &(elm)->field.tqe_next; \
(head)->tqh_first = (elm); \
(elm)->field.tqe_prev = &(head)->tqh_first; \
} while (0)
#define TAILQ_INSERT_TAIL(head, elm, field) do { \
(elm)->field.tqe_next = NULL; \
(elm)->field.tqe_prev = (head)->tqh_last; \
*(head)->tqh_last = (elm); \
(head)->tqh_last = &(elm)->field.tqe_next; \
} while (0)
#define TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \
if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\
(elm)->field.tqe_next->field.tqe_prev = \
&(elm)->field.tqe_next; \
else \
(head)->tqh_last = &(elm)->field.tqe_next; \
(listelm)->field.tqe_next = (elm); \
(elm)->field.tqe_prev = &(listelm)->field.tqe_next; \
} while (0)
#define TAILQ_INSERT_BEFORE(listelm, elm, field) do { \
(elm)->field.tqe_prev = (listelm)->field.tqe_prev; \
(elm)->field.tqe_next = (listelm); \
*(listelm)->field.tqe_prev = (elm); \
(listelm)->field.tqe_prev = &(elm)->field.tqe_next; \
} while (0)
#define TAILQ_REMOVE(head, elm, field) do { \
if (((elm)->field.tqe_next) != NULL) \
(elm)->field.tqe_next->field.tqe_prev = \
(elm)->field.tqe_prev; \
else \
(head)->tqh_last = (elm)->field.tqe_prev; \
*(elm)->field.tqe_prev = (elm)->field.tqe_next; \
} while (0)
#define TAILQ_REPLACE(head, elm, elm2, field) do { \
if (((elm2)->field.tqe_next = (elm)->field.tqe_next) != NULL) \
(elm2)->field.tqe_next->field.tqe_prev = \
&(elm2)->field.tqe_next; \
else \
(head)->tqh_last = &(elm2)->field.tqe_next; \
(elm2)->field.tqe_prev = (elm)->field.tqe_prev; \
*(elm2)->field.tqe_prev = (elm2); \
} while (0)
/*
* Circular queue definitions.
*/
#define CIRCLEQ_HEAD(name, type) \
struct name { \
struct type *cqh_first; /* first element */ \
struct type *cqh_last; /* last element */ \
}
#define CIRCLEQ_HEAD_INITIALIZER(head) \
{ CIRCLEQ_END(&head), CIRCLEQ_END(&head) }
#define CIRCLEQ_ENTRY(type) \
struct { \
struct type *cqe_next; /* next element */ \
struct type *cqe_prev; /* previous element */ \
}
/*
* Circular queue access methods
*/
#define CIRCLEQ_FIRST(head) ((head)->cqh_first)
#define CIRCLEQ_LAST(head) ((head)->cqh_last)
#define CIRCLEQ_END(head) ((void *)(head))
#define CIRCLEQ_NEXT(elm, field) ((elm)->field.cqe_next)
#define CIRCLEQ_PREV(elm, field) ((elm)->field.cqe_prev)
#define CIRCLEQ_EMPTY(head) \
(CIRCLEQ_FIRST(head) == CIRCLEQ_END(head))
#define CIRCLEQ_FOREACH(var, head, field) \
for((var) = CIRCLEQ_FIRST(head); \
(var) != CIRCLEQ_END(head); \
(var) = CIRCLEQ_NEXT(var, field))
#define CIRCLEQ_FOREACH_REVERSE(var, head, field) \
for((var) = CIRCLEQ_LAST(head); \
(var) != CIRCLEQ_END(head); \
(var) = CIRCLEQ_PREV(var, field))
/*
* Circular queue functions.
*/
#define CIRCLEQ_INIT(head) do { \
(head)->cqh_first = CIRCLEQ_END(head); \
(head)->cqh_last = CIRCLEQ_END(head); \
} while (0)
#define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) do { \
(elm)->field.cqe_next = (listelm)->field.cqe_next; \
(elm)->field.cqe_prev = (listelm); \
if ((listelm)->field.cqe_next == CIRCLEQ_END(head)) \
(head)->cqh_last = (elm); \
else \
(listelm)->field.cqe_next->field.cqe_prev = (elm); \
(listelm)->field.cqe_next = (elm); \
} while (0)
#define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) do { \
(elm)->field.cqe_next = (listelm); \
(elm)->field.cqe_prev = (listelm)->field.cqe_prev; \
if ((listelm)->field.cqe_prev == CIRCLEQ_END(head)) \
(head)->cqh_first = (elm); \
else \
(listelm)->field.cqe_prev->field.cqe_next = (elm); \
(listelm)->field.cqe_prev = (elm); \
} while (0)
#define CIRCLEQ_INSERT_HEAD(head, elm, field) do { \
(elm)->field.cqe_next = (head)->cqh_first; \
(elm)->field.cqe_prev = CIRCLEQ_END(head); \
if ((head)->cqh_last == CIRCLEQ_END(head)) \
(head)->cqh_last = (elm); \
else \
(head)->cqh_first->field.cqe_prev = (elm); \
(head)->cqh_first = (elm); \
} while (0)
#define CIRCLEQ_INSERT_TAIL(head, elm, field) do { \
(elm)->field.cqe_next = CIRCLEQ_END(head); \
(elm)->field.cqe_prev = (head)->cqh_last; \
if ((head)->cqh_first == CIRCLEQ_END(head)) \
(head)->cqh_first = (elm); \
else \
(head)->cqh_last->field.cqe_next = (elm); \
(head)->cqh_last = (elm); \
} while (0)
#define CIRCLEQ_REMOVE(head, elm, field) do { \
if ((elm)->field.cqe_next == CIRCLEQ_END(head)) \
(head)->cqh_last = (elm)->field.cqe_prev; \
else \
(elm)->field.cqe_next->field.cqe_prev = \
(elm)->field.cqe_prev; \
if ((elm)->field.cqe_prev == CIRCLEQ_END(head)) \
(head)->cqh_first = (elm)->field.cqe_next; \
else \
(elm)->field.cqe_prev->field.cqe_next = \
(elm)->field.cqe_next; \
} while (0)
#define CIRCLEQ_REPLACE(head, elm, elm2, field) do { \
if (((elm2)->field.cqe_next = (elm)->field.cqe_next) == \
CIRCLEQ_END(head)) \
(head).cqh_last = (elm2); \
else \
(elm2)->field.cqe_next->field.cqe_prev = (elm2); \
if (((elm2)->field.cqe_prev = (elm)->field.cqe_prev) == \
CIRCLEQ_END(head)) \
(head).cqh_first = (elm2); \
else \
(elm2)->field.cqe_prev->field.cqe_next = (elm2); \
} while (0)
#endif /* !_FAKE_QUEUE_H_ */

675
crypto/openssh/openbsd-compat/sys-tree.h Normal file
View File

@ -0,0 +1,675 @@
/* $OpenBSD: tree.h,v 1.6 2002/06/11 22:09:52 provos Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _SYS_TREE_H_
#define _SYS_TREE_H_
/*
* This file defines data structures for different types of trees:
* splay trees and red-black trees.
*
* A splay tree is a self-organizing data structure. Every operation
* on the tree causes a splay to happen. The splay moves the requested
* node to the root of the tree and partly rebalances it.
*
* This has the benefit that request locality causes faster lookups as
* the requested nodes move to the top of the tree. On the other hand,
* every lookup causes memory writes.
*
* The Balance Theorem bounds the total access time for m operations
* and n inserts on an initially empty tree as O((m + n)lg n). The
* amortized cost for a sequence of m accesses to a splay tree is O(lg n);
*
* A red-black tree is a binary search tree with the node color as an
* extra attribute. It fulfills a set of conditions:
* - every search path from the root to a leaf consists of the
* same number of black nodes,
* - each red node (except for the root) has a black parent,
* - each leaf node is black.
*
* Every operation on a red-black tree is bounded as O(lg n).
* The maximum height of a red-black tree is 2lg (n+1).
*/
#define SPLAY_HEAD(name, type) \
struct name { \
struct type *sph_root; /* root of the tree */ \
}
#define SPLAY_INITIALIZER(root) \
{ NULL }
#define SPLAY_INIT(root) do { \
(root)->sph_root = NULL; \
} while (0)
#define SPLAY_ENTRY(type) \
struct { \
struct type *spe_left; /* left element */ \
struct type *spe_right; /* right element */ \
}
#define SPLAY_LEFT(elm, field) (elm)->field.spe_left
#define SPLAY_RIGHT(elm, field) (elm)->field.spe_right
#define SPLAY_ROOT(head) (head)->sph_root
#define SPLAY_EMPTY(head) (SPLAY_ROOT(head) == NULL)
/* SPLAY_ROTATE_{LEFT,RIGHT} expect that tmp hold SPLAY_{RIGHT,LEFT} */
#define SPLAY_ROTATE_RIGHT(head, tmp, field) do { \
SPLAY_LEFT((head)->sph_root, field) = SPLAY_RIGHT(tmp, field); \
SPLAY_RIGHT(tmp, field) = (head)->sph_root; \
(head)->sph_root = tmp; \
} while (0)
#define SPLAY_ROTATE_LEFT(head, tmp, field) do { \
SPLAY_RIGHT((head)->sph_root, field) = SPLAY_LEFT(tmp, field); \
SPLAY_LEFT(tmp, field) = (head)->sph_root; \
(head)->sph_root = tmp; \
} while (0)
#define SPLAY_LINKLEFT(head, tmp, field) do { \
SPLAY_LEFT(tmp, field) = (head)->sph_root; \
tmp = (head)->sph_root; \
(head)->sph_root = SPLAY_LEFT((head)->sph_root, field); \
} while (0)
#define SPLAY_LINKRIGHT(head, tmp, field) do { \
SPLAY_RIGHT(tmp, field) = (head)->sph_root; \
tmp = (head)->sph_root; \
(head)->sph_root = SPLAY_RIGHT((head)->sph_root, field); \
} while (0)
#define SPLAY_ASSEMBLE(head, node, left, right, field) do { \
SPLAY_RIGHT(left, field) = SPLAY_LEFT((head)->sph_root, field); \
SPLAY_LEFT(right, field) = SPLAY_RIGHT((head)->sph_root, field);\
SPLAY_LEFT((head)->sph_root, field) = SPLAY_RIGHT(node, field); \
SPLAY_RIGHT((head)->sph_root, field) = SPLAY_LEFT(node, field); \
} while (0)
/* Generates prototypes and inline functions */
#define SPLAY_PROTOTYPE(name, type, field, cmp) \
void name##_SPLAY(struct name *, struct type *); \
void name##_SPLAY_MINMAX(struct name *, int); \
struct type *name##_SPLAY_INSERT(struct name *, struct type *); \
struct type *name##_SPLAY_REMOVE(struct name *, struct type *); \
\
/* Finds the node with the same key as elm */ \
static __inline struct type * \
name##_SPLAY_FIND(struct name *head, struct type *elm) \
{ \
if (SPLAY_EMPTY(head)) \
return(NULL); \
name##_SPLAY(head, elm); \
if ((cmp)(elm, (head)->sph_root) == 0) \
return (head->sph_root); \
return (NULL); \
} \
\
static __inline struct type * \
name##_SPLAY_NEXT(struct name *head, struct type *elm) \
{ \
name##_SPLAY(head, elm); \
if (SPLAY_RIGHT(elm, field) != NULL) { \
elm = SPLAY_RIGHT(elm, field); \
while (SPLAY_LEFT(elm, field) != NULL) { \
elm = SPLAY_LEFT(elm, field); \
} \
} else \
elm = NULL; \
return (elm); \
} \
\
static __inline struct type * \
name##_SPLAY_MIN_MAX(struct name *head, int val) \
{ \
name##_SPLAY_MINMAX(head, val); \
return (SPLAY_ROOT(head)); \
}
/* Main splay operation.
* Moves node close to the key of elm to top
*/
#define SPLAY_GENERATE(name, type, field, cmp) \
struct type * \
name##_SPLAY_INSERT(struct name *head, struct type *elm) \
{ \
if (SPLAY_EMPTY(head)) { \
SPLAY_LEFT(elm, field) = SPLAY_RIGHT(elm, field) = NULL; \
} else { \
int __comp; \
name##_SPLAY(head, elm); \
__comp = (cmp)(elm, (head)->sph_root); \
if(__comp < 0) { \
SPLAY_LEFT(elm, field) = SPLAY_LEFT((head)->sph_root, field);\
SPLAY_RIGHT(elm, field) = (head)->sph_root; \
SPLAY_LEFT((head)->sph_root, field) = NULL; \
} else if (__comp > 0) { \
SPLAY_RIGHT(elm, field) = SPLAY_RIGHT((head)->sph_root, field);\
SPLAY_LEFT(elm, field) = (head)->sph_root; \
SPLAY_RIGHT((head)->sph_root, field) = NULL; \
} else \
return ((head)->sph_root); \
} \
(head)->sph_root = (elm); \
return (NULL); \
} \
\
struct type * \
name##_SPLAY_REMOVE(struct name *head, struct type *elm) \
{ \
struct type *__tmp; \
if (SPLAY_EMPTY(head)) \
return (NULL); \
name##_SPLAY(head, elm); \
if ((cmp)(elm, (head)->sph_root) == 0) { \
if (SPLAY_LEFT((head)->sph_root, field) == NULL) { \
(head)->sph_root = SPLAY_RIGHT((head)->sph_root, field);\
} else { \
__tmp = SPLAY_RIGHT((head)->sph_root, field); \
(head)->sph_root = SPLAY_LEFT((head)->sph_root, field);\
name##_SPLAY(head, elm); \
SPLAY_RIGHT((head)->sph_root, field) = __tmp; \
} \
return (elm); \
} \
return (NULL); \
} \
\
void \
name##_SPLAY(struct name *head, struct type *elm) \
{ \
struct type __node, *__left, *__right, *__tmp; \
int __comp; \
\
SPLAY_LEFT(&__node, field) = SPLAY_RIGHT(&__node, field) = NULL;\
__left = __right = &__node; \
\
while ((__comp = (cmp)(elm, (head)->sph_root))) { \
if (__comp < 0) { \
__tmp = SPLAY_LEFT((head)->sph_root, field); \
if (__tmp == NULL) \
break; \
if ((cmp)(elm, __tmp) < 0){ \
SPLAY_ROTATE_RIGHT(head, __tmp, field); \
if (SPLAY_LEFT((head)->sph_root, field) == NULL)\
break; \
} \
SPLAY_LINKLEFT(head, __right, field); \
} else if (__comp > 0) { \
__tmp = SPLAY_RIGHT((head)->sph_root, field); \
if (__tmp == NULL) \
break; \
if ((cmp)(elm, __tmp) > 0){ \
SPLAY_ROTATE_LEFT(head, __tmp, field); \
if (SPLAY_RIGHT((head)->sph_root, field) == NULL)\
break; \
} \
SPLAY_LINKRIGHT(head, __left, field); \
} \
} \
SPLAY_ASSEMBLE(head, &__node, __left, __right, field); \
} \
\
/* Splay with either the minimum or the maximum element \
* Used to find minimum or maximum element in tree. \
*/ \
void name##_SPLAY_MINMAX(struct name *head, int __comp) \
{ \
struct type __node, *__left, *__right, *__tmp; \
\
SPLAY_LEFT(&__node, field) = SPLAY_RIGHT(&__node, field) = NULL;\
__left = __right = &__node; \
\
while (1) { \
if (__comp < 0) { \
__tmp = SPLAY_LEFT((head)->sph_root, field); \
if (__tmp == NULL) \
break; \
if (__comp < 0){ \
SPLAY_ROTATE_RIGHT(head, __tmp, field); \
if (SPLAY_LEFT((head)->sph_root, field) == NULL)\
break; \
} \
SPLAY_LINKLEFT(head, __right, field); \
} else if (__comp > 0) { \
__tmp = SPLAY_RIGHT((head)->sph_root, field); \
if (__tmp == NULL) \
break; \
if (__comp > 0) { \
SPLAY_ROTATE_LEFT(head, __tmp, field); \
if (SPLAY_RIGHT((head)->sph_root, field) == NULL)\
break; \
} \
SPLAY_LINKRIGHT(head, __left, field); \
} \
} \
SPLAY_ASSEMBLE(head, &__node, __left, __right, field); \
}
#define SPLAY_NEGINF -1
#define SPLAY_INF 1
#define SPLAY_INSERT(name, x, y) name##_SPLAY_INSERT(x, y)
#define SPLAY_REMOVE(name, x, y) name##_SPLAY_REMOVE(x, y)
#define SPLAY_FIND(name, x, y) name##_SPLAY_FIND(x, y)
#define SPLAY_NEXT(name, x, y) name##_SPLAY_NEXT(x, y)
#define SPLAY_MIN(name, x) (SPLAY_EMPTY(x) ? NULL \
: name##_SPLAY_MIN_MAX(x, SPLAY_NEGINF))
#define SPLAY_MAX(name, x) (SPLAY_EMPTY(x) ? NULL \
: name##_SPLAY_MIN_MAX(x, SPLAY_INF))
#define SPLAY_FOREACH(x, name, head) \
for ((x) = SPLAY_MIN(name, head); \
(x) != NULL; \
(x) = SPLAY_NEXT(name, head, x))
/* Macros that define a red-back tree */
#define RB_HEAD(name, type) \
struct name { \
struct type *rbh_root; /* root of the tree */ \
}
#define RB_INITIALIZER(root) \
{ NULL }
#define RB_INIT(root) do { \
(root)->rbh_root = NULL; \
} while (0)
#define RB_BLACK 0
#define RB_RED 1
#define RB_ENTRY(type) \
struct { \
struct type *rbe_left; /* left element */ \
struct type *rbe_right; /* right element */ \
struct type *rbe_parent; /* parent element */ \
int rbe_color; /* node color */ \
}
#define RB_LEFT(elm, field) (elm)->field.rbe_left
#define RB_RIGHT(elm, field) (elm)->field.rbe_right
#define RB_PARENT(elm, field) (elm)->field.rbe_parent
#define RB_COLOR(elm, field) (elm)->field.rbe_color
#define RB_ROOT(head) (head)->rbh_root
#define RB_EMPTY(head) (RB_ROOT(head) == NULL)
#define RB_SET(elm, parent, field) do { \
RB_PARENT(elm, field) = parent; \
RB_LEFT(elm, field) = RB_RIGHT(elm, field) = NULL; \
RB_COLOR(elm, field) = RB_RED; \
} while (0)
#define RB_SET_BLACKRED(black, red, field) do { \
RB_COLOR(black, field) = RB_BLACK; \
RB_COLOR(red, field) = RB_RED; \
} while (0)
#ifndef RB_AUGMENT
#define RB_AUGMENT(x)
#endif
#define RB_ROTATE_LEFT(head, elm, tmp, field) do { \
(tmp) = RB_RIGHT(elm, field); \
if ((RB_RIGHT(elm, field) = RB_LEFT(tmp, field))) { \
RB_PARENT(RB_LEFT(tmp, field), field) = (elm); \
} \
RB_AUGMENT(elm); \
if ((RB_PARENT(tmp, field) = RB_PARENT(elm, field))) { \
if ((elm) == RB_LEFT(RB_PARENT(elm, field), field)) \
RB_LEFT(RB_PARENT(elm, field), field) = (tmp); \
else \
RB_RIGHT(RB_PARENT(elm, field), field) = (tmp); \
RB_AUGMENT(RB_PARENT(elm, field)); \
} else \
(head)->rbh_root = (tmp); \
RB_LEFT(tmp, field) = (elm); \
RB_PARENT(elm, field) = (tmp); \
RB_AUGMENT(tmp); \
} while (0)
#define RB_ROTATE_RIGHT(head, elm, tmp, field) do { \
(tmp) = RB_LEFT(elm, field); \
if ((RB_LEFT(elm, field) = RB_RIGHT(tmp, field))) { \
RB_PARENT(RB_RIGHT(tmp, field), field) = (elm); \
} \
RB_AUGMENT(elm); \
if ((RB_PARENT(tmp, field) = RB_PARENT(elm, field))) { \
if ((elm) == RB_LEFT(RB_PARENT(elm, field), field)) \
RB_LEFT(RB_PARENT(elm, field), field) = (tmp); \
else \
RB_RIGHT(RB_PARENT(elm, field), field) = (tmp); \
RB_AUGMENT(RB_PARENT(elm, field)); \
} else \
(head)->rbh_root = (tmp); \
RB_RIGHT(tmp, field) = (elm); \
RB_PARENT(elm, field) = (tmp); \
RB_AUGMENT(tmp); \
} while (0)
/* Generates prototypes and inline functions */
#define RB_PROTOTYPE(name, type, field, cmp) \
void name##_RB_INSERT_COLOR(struct name *, struct type *); \
void name##_RB_REMOVE_COLOR(struct name *, struct type *, struct type *);\
struct type *name##_RB_REMOVE(struct name *, struct type *); \
struct type *name##_RB_INSERT(struct name *, struct type *); \
struct type *name##_RB_FIND(struct name *, struct type *); \
struct type *name##_RB_NEXT(struct name *, struct type *); \
struct type *name##_RB_MINMAX(struct name *, int); \
\
/* Main rb operation.
* Moves node close to the key of elm to top
*/
#define RB_GENERATE(name, type, field, cmp) \
void \
name##_RB_INSERT_COLOR(struct name *head, struct type *elm) \
{ \
struct type *parent, *gparent, *tmp; \
while ((parent = RB_PARENT(elm, field)) && \
RB_COLOR(parent, field) == RB_RED) { \
gparent = RB_PARENT(parent, field); \
if (parent == RB_LEFT(gparent, field)) { \
tmp = RB_RIGHT(gparent, field); \
if (tmp && RB_COLOR(tmp, field) == RB_RED) { \
RB_COLOR(tmp, field) = RB_BLACK; \
RB_SET_BLACKRED(parent, gparent, field);\
elm = gparent; \
continue; \
} \
if (RB_RIGHT(parent, field) == elm) { \
RB_ROTATE_LEFT(head, parent, tmp, field);\
tmp = parent; \
parent = elm; \
elm = tmp; \
} \
RB_SET_BLACKRED(parent, gparent, field); \
RB_ROTATE_RIGHT(head, gparent, tmp, field); \
} else { \
tmp = RB_LEFT(gparent, field); \
if (tmp && RB_COLOR(tmp, field) == RB_RED) { \
RB_COLOR(tmp, field) = RB_BLACK; \
RB_SET_BLACKRED(parent, gparent, field);\
elm = gparent; \
continue; \
} \
if (RB_LEFT(parent, field) == elm) { \
RB_ROTATE_RIGHT(head, parent, tmp, field);\
tmp = parent; \
parent = elm; \
elm = tmp; \
} \
RB_SET_BLACKRED(parent, gparent, field); \
RB_ROTATE_LEFT(head, gparent, tmp, field); \
} \
} \
RB_COLOR(head->rbh_root, field) = RB_BLACK; \
} \
\
void \
name##_RB_REMOVE_COLOR(struct name *head, struct type *parent, struct type *elm) \
{ \
struct type *tmp; \
while ((elm == NULL || RB_COLOR(elm, field) == RB_BLACK) && \
elm != RB_ROOT(head)) { \
if (RB_LEFT(parent, field) == elm) { \
tmp = RB_RIGHT(parent, field); \
if (RB_COLOR(tmp, field) == RB_RED) { \
RB_SET_BLACKRED(tmp, parent, field); \
RB_ROTATE_LEFT(head, parent, tmp, field);\
tmp = RB_RIGHT(parent, field); \
} \
if ((RB_LEFT(tmp, field) == NULL || \
RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) &&\
(RB_RIGHT(tmp, field) == NULL || \
RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK)) {\
RB_COLOR(tmp, field) = RB_RED; \
elm = parent; \
parent = RB_PARENT(elm, field); \
} else { \
if (RB_RIGHT(tmp, field) == NULL || \
RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK) {\
struct type *oleft; \
if ((oleft = RB_LEFT(tmp, field)))\
RB_COLOR(oleft, field) = RB_BLACK;\
RB_COLOR(tmp, field) = RB_RED; \
RB_ROTATE_RIGHT(head, tmp, oleft, field);\
tmp = RB_RIGHT(parent, field); \
} \
RB_COLOR(tmp, field) = RB_COLOR(parent, field);\
RB_COLOR(parent, field) = RB_BLACK; \
if (RB_RIGHT(tmp, field)) \
RB_COLOR(RB_RIGHT(tmp, field), field) = RB_BLACK;\
RB_ROTATE_LEFT(head, parent, tmp, field);\
elm = RB_ROOT(head); \
break; \
} \
} else { \
tmp = RB_LEFT(parent, field); \
if (RB_COLOR(tmp, field) == RB_RED) { \
RB_SET_BLACKRED(tmp, parent, field); \
RB_ROTATE_RIGHT(head, parent, tmp, field);\
tmp = RB_LEFT(parent, field); \
} \
if ((RB_LEFT(tmp, field) == NULL || \
RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) &&\
(RB_RIGHT(tmp, field) == NULL || \
RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK)) {\
RB_COLOR(tmp, field) = RB_RED; \
elm = parent; \
parent = RB_PARENT(elm, field); \
} else { \
if (RB_LEFT(tmp, field) == NULL || \
RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) {\
struct type *oright; \
if ((oright = RB_RIGHT(tmp, field)))\
RB_COLOR(oright, field) = RB_BLACK;\
RB_COLOR(tmp, field) = RB_RED; \
RB_ROTATE_LEFT(head, tmp, oright, field);\
tmp = RB_LEFT(parent, field); \
} \
RB_COLOR(tmp, field) = RB_COLOR(parent, field);\
RB_COLOR(parent, field) = RB_BLACK; \
if (RB_LEFT(tmp, field)) \
RB_COLOR(RB_LEFT(tmp, field), field) = RB_BLACK;\
RB_ROTATE_RIGHT(head, parent, tmp, field);\
elm = RB_ROOT(head); \
break; \
} \
} \
} \
if (elm) \
RB_COLOR(elm, field) = RB_BLACK; \
} \
\
struct type * \
name##_RB_REMOVE(struct name *head, struct type *elm) \
{ \
struct type *child, *parent, *old = elm; \
int color; \
if (RB_LEFT(elm, field) == NULL) \
child = RB_RIGHT(elm, field); \
else if (RB_RIGHT(elm, field) == NULL) \
child = RB_LEFT(elm, field); \
else { \
struct type *left; \
elm = RB_RIGHT(elm, field); \
while ((left = RB_LEFT(elm, field))) \
elm = left; \
child = RB_RIGHT(elm, field); \
parent = RB_PARENT(elm, field); \
color = RB_COLOR(elm, field); \
if (child) \
RB_PARENT(child, field) = parent; \
if (parent) { \
if (RB_LEFT(parent, field) == elm) \
RB_LEFT(parent, field) = child; \
else \
RB_RIGHT(parent, field) = child; \
RB_AUGMENT(parent); \
} else \
RB_ROOT(head) = child; \
if (RB_PARENT(elm, field) == old) \
parent = elm; \
(elm)->field = (old)->field; \
if (RB_PARENT(old, field)) { \
if (RB_LEFT(RB_PARENT(old, field), field) == old)\
RB_LEFT(RB_PARENT(old, field), field) = elm;\
else \
RB_RIGHT(RB_PARENT(old, field), field) = elm;\
RB_AUGMENT(RB_PARENT(old, field)); \
} else \
RB_ROOT(head) = elm; \
RB_PARENT(RB_LEFT(old, field), field) = elm; \
if (RB_RIGHT(old, field)) \
RB_PARENT(RB_RIGHT(old, field), field) = elm; \
if (parent) { \
left = parent; \
do { \
RB_AUGMENT(left); \
} while ((left = RB_PARENT(left, field))); \
} \
goto color; \
} \
parent = RB_PARENT(elm, field); \
color = RB_COLOR(elm, field); \
if (child) \
RB_PARENT(child, field) = parent; \
if (parent) { \
if (RB_LEFT(parent, field) == elm) \
RB_LEFT(parent, field) = child; \
else \
RB_RIGHT(parent, field) = child; \
RB_AUGMENT(parent); \
} else \
RB_ROOT(head) = child; \
color: \
if (color == RB_BLACK) \
name##_RB_REMOVE_COLOR(head, parent, child); \
return (old); \
} \
\
/* Inserts a node into the RB tree */ \
struct type * \
name##_RB_INSERT(struct name *head, struct type *elm) \
{ \
struct type *tmp; \
struct type *parent = NULL; \
int comp = 0; \
tmp = RB_ROOT(head); \
while (tmp) { \
parent = tmp; \
comp = (cmp)(elm, parent); \
if (comp < 0) \
tmp = RB_LEFT(tmp, field); \
else if (comp > 0) \
tmp = RB_RIGHT(tmp, field); \
else \
return (tmp); \
} \
RB_SET(elm, parent, field); \
if (parent != NULL) { \
if (comp < 0) \
RB_LEFT(parent, field) = elm; \
else \
RB_RIGHT(parent, field) = elm; \
RB_AUGMENT(parent); \
} else \
RB_ROOT(head) = elm; \
name##_RB_INSERT_COLOR(head, elm); \
return (NULL); \
} \
\
/* Finds the node with the same key as elm */ \
struct type * \
name##_RB_FIND(struct name *head, struct type *elm) \
{ \
struct type *tmp = RB_ROOT(head); \
int comp; \
while (tmp) { \
comp = cmp(elm, tmp); \
if (comp < 0) \
tmp = RB_LEFT(tmp, field); \
else if (comp > 0) \
tmp = RB_RIGHT(tmp, field); \
else \
return (tmp); \
} \
return (NULL); \
} \
\
struct type * \
name##_RB_NEXT(struct name *head, struct type *elm) \
{ \
if (RB_RIGHT(elm, field)) { \
elm = RB_RIGHT(elm, field); \
while (RB_LEFT(elm, field)) \
elm = RB_LEFT(elm, field); \
} else { \
if (RB_PARENT(elm, field) && \
(elm == RB_LEFT(RB_PARENT(elm, field), field))) \
elm = RB_PARENT(elm, field); \
else { \
while (RB_PARENT(elm, field) && \
(elm == RB_RIGHT(RB_PARENT(elm, field), field)))\
elm = RB_PARENT(elm, field); \
elm = RB_PARENT(elm, field); \
} \
} \
return (elm); \
} \
\
struct type * \
name##_RB_MINMAX(struct name *head, int val) \
{ \
struct type *tmp = RB_ROOT(head); \
struct type *parent = NULL; \
while (tmp) { \
parent = tmp; \
if (val < 0) \
tmp = RB_LEFT(tmp, field); \
else \
tmp = RB_RIGHT(tmp, field); \
} \
return (parent); \
}
#define RB_NEGINF -1
#define RB_INF 1
#define RB_INSERT(name, x, y) name##_RB_INSERT(x, y)
#define RB_REMOVE(name, x, y) name##_RB_REMOVE(x, y)
#define RB_FIND(name, x, y) name##_RB_FIND(x, y)
#define RB_NEXT(name, x, y) name##_RB_NEXT(x, y)
#define RB_MIN(name, x) name##_RB_MINMAX(x, RB_NEGINF)
#define RB_MAX(name, x) name##_RB_MINMAX(x, RB_INF)
#define RB_FOREACH(x, name, head) \
for ((x) = RB_MIN(name, head); \
(x) != NULL; \
(x) = name##_RB_NEXT(head, x))
#endif /* _SYS_TREE_H_ */

67
crypto/openssh/openbsd-compat/xmmap.c Normal file
View File

@ -0,0 +1,67 @@
/*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
#ifdef HAVE_SYS_MMAN_H
#include <sys/mman.h>
#endif
#include "log.h"
void *xmmap(size_t size)
{
void *address;
#ifdef HAVE_MMAP
# ifdef MAP_ANON
address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_ANON|MAP_SHARED,
-1, 0);
# else
address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
open("/dev/zero", O_RDWR), 0);
# endif
#define MM_SWAP_TEMPLATE "/var/run/sshd.mm.XXXXXXXX"
if (address == MAP_FAILED) {
char tmpname[sizeof(MM_SWAP_TEMPLATE)] = MM_SWAP_TEMPLATE;
int tmpfd;
tmpfd = mkstemp(tmpname);
if (tmpfd == -1)
fatal("mkstemp(\"%s\"): %s",
MM_SWAP_TEMPLATE, strerror(errno));
unlink(tmpname);
ftruncate(tmpfd, size);
address = mmap(NULL, size, PROT_WRITE|PROT_READ, MAP_SHARED,
tmpfd, 0);
close(tmpfd);
}
return (address);
#else
fatal("%s: UsePrivilegeSeparation=yes and Compression=yes not supported",
__func__);
#endif /* HAVE_MMAP */
}

23
crypto/openssh/openbsd-compat/xmmap.h Normal file
View File

@ -0,0 +1,23 @@
/*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
void *xmmap(size_t size);

13
crypto/openssh/packet.c
View File

@ -37,7 +37,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: packet.c,v 1.96 2002/06/23 21:10:02 deraadt Exp $");
RCSID("$OpenBSD: packet.c,v 1.97 2002/07/04 08:12:15 deraadt Exp $");
#include "xmalloc.h"
#include "buffer.h"
@ -134,6 +134,7 @@ void
packet_set_connection(int fd_in, int fd_out)
{
Cipher *none = cipher_by_name("none");
if (none == NULL)
fatal("packet_set_connection: cannot load cipher 'none'");
connection_in = fd_in;
@ -402,6 +403,7 @@ packet_set_encryption_key(const u_char *key, u_int keylen,
int number)
{
Cipher *cipher = cipher_by_number(number);
if (cipher == NULL)
fatal("packet_set_encryption_key: unknown cipher number %d", number);
if (keylen < 20)
@ -443,6 +445,7 @@ void
packet_put_char(int value)
{
char ch = value;
buffer_append(&outgoing_packet, &ch, 1);
}
void
@ -994,7 +997,8 @@ packet_read_poll2(u_int32_t *seqnr_p)
buffer_clear(&incoming_packet);
buffer_append(&incoming_packet, buffer_ptr(&compression_buffer),
buffer_len(&compression_buffer));
DBG(debug("input: len after de-compress %d", buffer_len(&incoming_packet)));
DBG(debug("input: len after de-compress %d",
buffer_len(&incoming_packet)));
}
/*
* get packet type, implies consume.
@ -1102,6 +1106,7 @@ u_int
packet_get_char(void)
{
char ch;
buffer_get(&incoming_packet, &ch, 1);
return (u_char) ch;
}
@ -1135,6 +1140,7 @@ void *
packet_get_raw(int *length_ptr)
{
int bytes = buffer_len(&incoming_packet);
if (length_ptr != NULL)
*length_ptr = bytes;
return buffer_ptr(&incoming_packet);
@ -1207,6 +1213,7 @@ packet_disconnect(const char *fmt,...)
char buf[1024];
va_list args;
static int disconnecting = 0;
if (disconnecting) /* Guard against recursive invocations. */
fatal("packet_disconnect called recursively.");
disconnecting = 1;
@ -1249,6 +1256,7 @@ void
packet_write_poll(void)
{
int len = buffer_len(&output);
if (len > 0) {
len = write(connection_out, buffer_ptr(&output), len);
if (len <= 0) {
@ -1368,6 +1376,7 @@ int
packet_set_maxsize(int s)
{
static int called = 0;
if (called) {
log("packet_set_maxsize: called twice: old %d new %d",
max_packet_size, s);

9
crypto/openssh/radix.c
View File

@ -26,7 +26,7 @@
#include "includes.h"
#include "uuencode.h"
RCSID("$OpenBSD: radix.c,v 1.21 2002/06/19 00:27:55 deraadt Exp $");
RCSID("$OpenBSD: radix.c,v 1.22 2002/09/09 14:54:15 markus Exp $");
#ifdef AFS
#include <krb.h>
@ -93,9 +93,10 @@ int
radix_to_creds(const char *buf, CREDENTIALS *creds)
{
Buffer b;
char c, version, *space, *p;
u_int endTime;
int len, blen, ret;
u_char *space;
char c, version, *p;
u_int endTime, len;
int blen, ret;
ret = 0;
blen = strlen(buf);

2
crypto/openssh/readconf.c
View File

@ -199,7 +199,7 @@ add_local_forward(Options *options, u_short port, const char *host,
u_short host_port)
{
Forward *fwd;
#ifndef HAVE_CYGWIN
#ifndef NO_IPPORT_RESERVED_CONCEPT
extern uid_t original_real_uid;
if (port < IPPORT_RESERVED && original_real_uid != 0)
fatal("Privileged ports can only be forwarded by root.");

4
crypto/openssh/rijndael.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rijndael.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $ */
/* $OpenBSD: rijndael.c,v 1.14 2002/07/10 17:53:54 deraadt Exp $ */
/**
* rijndael-alg-fst.c
@ -1226,7 +1226,7 @@ rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt)
memset(ctx->dk, 0, sizeof(ctx->dk));
} else {
ctx->decrypt = 1;
memcpy(ctx->dk, ctx->ek, sizeof(ctx->ek));
memcpy(ctx->dk, ctx->ek, sizeof(ctx->dk));
rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr);
}
}

6
crypto/openssh/scard.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: scard.h,v 1.10 2002/03/25 17:34:27 markus Exp $ */
/* $OpenBSD: scard.h,v 1.11 2002/06/30 21:59:45 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@ -33,8 +33,8 @@
#define SCARD_ERROR_NOCARD -2
#define SCARD_ERROR_APPLET -3
Key **sc_get_keys(const char*, const char*);
Key **sc_get_keys(const char *, const char *);
void sc_close(void);
int sc_put_key(Key *, const char*);
int sc_put_key(Key *, const char *);
#endif

16
crypto/openssh/servconf.c
View File

@ -10,7 +10,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: servconf.c,v 1.112 2002/06/23 09:46:51 deraadt Exp $");
RCSID("$OpenBSD: servconf.c,v 1.115 2002/09/04 18:52:42 stevesk Exp $");
#if defined(KRB4)
#include <krb.h>
@ -101,6 +101,7 @@ initialize_server_options(ServerOptions *options)
options->kbd_interactive_authentication = -1;
options->challenge_response_authentication = -1;
options->permit_empty_passwd = -1;
options->permit_user_env = -1;
options->use_login = -1;
options->compression = -1;
options->allow_tcp_forwarding = -1;
@ -158,7 +159,7 @@ fill_default_server_options(ServerOptions *options)
if (options->server_key_bits == -1)
options->server_key_bits = 768;
if (options->login_grace_time == -1)
options->login_grace_time = 600;
options->login_grace_time = 120;
if (options->key_regeneration_time == -1)
options->key_regeneration_time = 3600;
if (options->permit_root_login == PERMIT_NOT_SET)
@ -223,6 +224,8 @@ fill_default_server_options(ServerOptions *options)
options->challenge_response_authentication = 1;
if (options->permit_empty_passwd == -1)
options->permit_empty_passwd = 0;
if (options->permit_user_env == -1)
options->permit_user_env = 0;
if (options->use_login == -1)
options->use_login = 0;
if (options->compression == -1)
@ -257,7 +260,7 @@ fill_default_server_options(ServerOptions *options)
if (use_privsep == -1)
use_privsep = 1;
#if !defined(HAVE_MMAP_ANON_SHARED)
#ifndef HAVE_MMAP
if (use_privsep && options->compression == 1) {
error("This platform does not support both privilege "
"separation and compression");
@ -291,7 +294,7 @@ typedef enum {
sPrintMotd, sPrintLastLog, sIgnoreRhosts,
sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
sStrictModes, sEmptyPasswd, sKeepAlives,
sUseLogin, sAllowTcpForwarding, sCompression,
sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
@ -354,6 +357,7 @@ static struct {
{ "xauthlocation", sXAuthLocation },
{ "strictmodes", sStrictModes },
{ "permitemptypasswords", sEmptyPasswd },
{ "permituserenvironment", sPermitUserEnvironment },
{ "uselogin", sUseLogin },
{ "compression", sCompression },
{ "keepalive", sKeepAlives },
@ -713,6 +717,10 @@ process_server_config_line(ServerOptions *options, char *line,
intptr = &options->permit_empty_passwd;
goto parse_flag;
case sPermitUserEnvironment:
intptr = &options->permit_user_env;
goto parse_flag;
case sUseLogin:
intptr = &options->use_login;
goto parse_flag;

3
crypto/openssh/servconf.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: servconf.h,v 1.58 2002/06/20 23:05:55 markus Exp $ */
/* $OpenBSD: servconf.h,v 1.59 2002/07/30 17:03:55 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -97,6 +97,7 @@ typedef struct {
int challenge_response_authentication;
int permit_empty_passwd; /* If false, do not permit empty
* passwords. */
int permit_user_env; /* If true, read ~/.ssh/environment */
int use_login; /* If true, login(1) is used */
int compression; /* If true, compression is allowed */
int allow_tcp_forwarding;

19
crypto/openssh/serverloop.c
View File

@ -35,13 +35,14 @@
*/
#include "includes.h"
RCSID("$OpenBSD: serverloop.c,v 1.103 2002/06/24 14:33:27 markus Exp $");
RCSID("$OpenBSD: serverloop.c,v 1.104 2002/09/19 16:03:15 stevesk Exp $");
#include "xmalloc.h"
#include "packet.h"
#include "buffer.h"
#include "log.h"
#include "servconf.h"
#include "canohost.h"
#include "sshpty.h"
#include "channels.h"
#include "compat.h"
@ -143,7 +144,9 @@ sigchld_handler(int sig)
int save_errno = errno;
debug("Received SIGCHLD.");
child_terminated = 1;
#ifndef _UNICOS
mysignal(SIGCHLD, sigchld_handler);
#endif
notify_parent();
errno = save_errno;
}
@ -347,14 +350,17 @@ process_input(fd_set * readset)
if (FD_ISSET(connection_in, readset)) {
len = read(connection_in, buf, sizeof(buf));
if (len == 0) {
verbose("Connection closed by remote host.");
verbose("Connection closed by %.100s",
get_remote_ipaddr());
connection_closed = 1;
if (compat20)
return;
fatal_cleanup();
} else if (len < 0) {
if (errno != EINTR && errno != EAGAIN) {
verbose("Read error from remote host: %.100s", strerror(errno));
verbose("Read error from remote host "
"%.100s: %.100s",
get_remote_ipaddr(), strerror(errno));
fatal_cleanup();
}
} else {
@ -972,8 +978,11 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
/* check permissions */
if (!options.allow_tcp_forwarding ||
no_port_forwarding_flag ||
(listen_port < IPPORT_RESERVED && pw->pw_uid != 0)) {
no_port_forwarding_flag
#ifndef NO_IPPORT_RESERVED_CONCEPT
|| (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
#endif
) {
success = 0;
packet_send_debug("Server has disabled port forwarding.");
} else {

116
crypto/openssh/session.c
View File

@ -33,7 +33,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: session.c,v 1.142 2002/06/26 13:49:26 deraadt Exp $");
RCSID("$OpenBSD: session.c,v 1.150 2002/09/16 19:55:33 stevesk Exp $");
#include "ssh.h"
#include "ssh1.h"
@ -210,13 +210,6 @@ do_authenticated(Authctxt *authctxt)
close(startup_pipe);
startup_pipe = -1;
}
#ifdef WITH_AIXAUTHENTICATE
/* We don't have a pty yet, so just label the line as "ssh" */
if (loginsuccess(authctxt->user,
get_canonical_hostname(options.verify_reverse_mapping),
"ssh", &aixloginmsg) < 0)
aixloginmsg = NULL;
#endif /* WITH_AIXAUTHENTICATE */
/* setup the channel layer */
if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
@ -470,6 +463,8 @@ do_exec_no_pty(Session *s, const char *command)
/* Fork the child. */
if ((pid = fork()) == 0) {
fatal_remove_all_cleanups();
/* Child. Reinitialize the log since the pid has changed. */
log_init(__progname, options.log_level, options.log_facility, log_stderr);
@ -517,10 +512,17 @@ do_exec_no_pty(Session *s, const char *command)
perror("dup2 stderr");
#endif /* USE_PIPES */
#ifdef _UNICOS
cray_init_job(s->pw); /* set up cray jid and tmpdir */
#endif
/* Do processing for the child (exec command etc). */
do_child(s, command);
/* NOTREACHED */
}
#ifdef _UNICOS
signal(WJSIGNAL, cray_job_termination_handler);
#endif /* _UNICOS */
#ifdef HAVE_CYGWIN
if (is_winnt)
cygwin_set_impersonation_token(INVALID_HANDLE_VALUE);
@ -585,6 +587,7 @@ do_exec_pty(Session *s, const char *command)
/* Fork the child. */
if ((pid = fork()) == 0) {
fatal_remove_all_cleanups();
/* Child. Reinitialize the log because the pid has changed. */
log_init(__progname, options.log_level, options.log_facility, log_stderr);
@ -607,8 +610,12 @@ do_exec_pty(Session *s, const char *command)
/* record login, etc. similar to login(1) */
#ifndef HAVE_OSF_SIA
if (!(options.use_login && command == NULL))
if (!(options.use_login && command == NULL)) {
#ifdef _UNICOS
cray_init_job(s->pw); /* set up cray jid and tmpdir */
#endif /* _UNICOS */
do_login(s, command);
}
# ifdef LOGIN_NEEDS_UTMPX
else
do_pre_login(s);
@ -619,6 +626,9 @@ do_exec_pty(Session *s, const char *command)
do_child(s, command);
/* NOTREACHED */
}
#ifdef _UNICOS
signal(WJSIGNAL, cray_job_termination_handler);
#endif /* _UNICOS */
#ifdef HAVE_CYGWIN
if (is_winnt)
cygwin_set_impersonation_token(INVALID_HANDLE_VALUE);
@ -668,8 +678,8 @@ do_pre_login(Session *s)
* the address be 0.0.0.0.
*/
memset(&from, 0, sizeof(from));
fromlen = sizeof(from);
if (packet_connection_is_on_socket()) {
fromlen = sizeof(from);
if (getpeername(packet_get_connection_in(),
(struct sockaddr *) & from, &fromlen) < 0) {
debug("getpeername: %.100s", strerror(errno));
@ -734,7 +744,7 @@ do_login(Session *s, const char *command)
record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
get_remote_name_or_ip(utmp_len,
options.verify_reverse_mapping),
(struct sockaddr *)&from);
(struct sockaddr *)&from, fromlen);
#ifdef USE_PAM
/*
@ -759,6 +769,7 @@ do_login(Session *s, const char *command)
printf("%s\n", aixloginmsg);
#endif /* WITH_AIXAUTHENTICATE */
#ifndef NO_SSH_LASTLOG
if (options.print_lastlog && s->last_login_time != 0) {
time_string = ctime(&s->last_login_time);
if (strchr(time_string, '\n'))
@ -769,6 +780,7 @@ do_login(Session *s, const char *command)
printf("Last login: %s from %s\r\n", time_string,
s->hostname);
}
#endif /* NO_SSH_LASTLOG */
do_motd();
}
@ -959,8 +971,10 @@ do_setup_env(Session *s, const char *shell)
child_set_env(&env, &envsize, "LOGNAME", pw->pw_name);
child_set_env(&env, &envsize, "HOME", pw->pw_dir);
#ifdef HAVE_LOGIN_CAP
(void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH);
child_set_env(&env, &envsize, "PATH", getenv("PATH"));
if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETPATH) < 0)
child_set_env(&env, &envsize, "PATH", _PATH_STDPATH);
else
child_set_env(&env, &envsize, "PATH", getenv("PATH"));
#else /* HAVE_LOGIN_CAP */
# ifndef HAVE_CYGWIN
/*
@ -992,13 +1006,13 @@ do_setup_env(Session *s, const char *shell)
if (!options.use_login) {
while (custom_environment) {
struct envstring *ce = custom_environment;
char *s = ce->s;
char *str = ce->s;
for (i = 0; s[i] != '=' && s[i]; i++)
for (i = 0; str[i] != '=' && str[i]; i++)
;
if (s[i] == '=') {
s[i] = 0;
child_set_env(&env, &envsize, s, s + i + 1);
if (str[i] == '=') {
str[i] = 0;
child_set_env(&env, &envsize, str, str + i + 1);
}
custom_environment = ce->next;
xfree(ce->s);
@ -1006,10 +1020,16 @@ do_setup_env(Session *s, const char *shell)
}
}
/* SSH_CLIENT deprecated */
snprintf(buf, sizeof buf, "%.50s %d %d",
get_remote_ipaddr(), get_remote_port(), get_local_port());
child_set_env(&env, &envsize, "SSH_CLIENT", buf);
snprintf(buf, sizeof buf, "%.50s %d %.50s %d",
get_remote_ipaddr(), get_remote_port(),
get_local_ipaddr(packet_get_connection_in()), get_local_port());
child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
if (s->ttyfd != -1)
child_set_env(&env, &envsize, "SSH_TTY", s->tty);
if (s->term)
@ -1020,6 +1040,11 @@ do_setup_env(Session *s, const char *shell)
child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND",
original_command);
#ifdef _UNICOS
if (cray_tmpdir[0] != '\0')
child_set_env(&env, &envsize, "TMPDIR", cray_tmpdir);
#endif /* _UNICOS */
#ifdef _AIX
{
char *cp;
@ -1042,8 +1067,17 @@ do_setup_env(Session *s, const char *shell)
s->authctxt->krb5_ticket_file);
#endif
#ifdef USE_PAM
/* Pull in any environment variables that may have been set by PAM. */
copy_environment(fetch_pam_environment(), &env, &envsize);
/*
* Pull in any environment variables that may have
* been set by PAM.
*/
{
char **p;
p = fetch_pam_environment();
copy_environment(p, &env, &envsize);
free_pam_environment(p);
}
#endif /* USE_PAM */
if (auth_sock_name != NULL)
@ -1051,9 +1085,9 @@ do_setup_env(Session *s, const char *shell)
auth_sock_name);
/* read $HOME/.ssh/environment. */
if (!options.use_login) {
if (options.permit_user_env && !options.use_login) {
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
pw->pw_dir);
strcmp(pw->pw_dir, "/") ? pw->pw_dir : "");
read_environment_file(&env, &envsize, buf);
}
if (debug_flag) {
@ -1148,6 +1182,8 @@ do_nologin(struct passwd *pw)
#endif
if (f) {
/* /etc/nologin exists. Print its contents and exit. */
log("User %.100s not allowed because %s exists",
pw->pw_name, _PATH_NOLOGIN);
while (fgets(buf, sizeof(buf), f))
fputs(buf, stderr);
fclose(f);
@ -1159,8 +1195,6 @@ do_nologin(struct passwd *pw)
void
do_setusercontext(struct passwd *pw)
{
char tty='\0';
#ifdef HAVE_CYGWIN
if (is_winnt) {
#else /* HAVE_CYGWIN */
@ -1170,9 +1204,9 @@ do_setusercontext(struct passwd *pw)
setpcred(pw->pw_name);
#endif /* HAVE_SETPCRED */
#ifdef HAVE_LOGIN_CAP
#ifdef __bsdi__
# ifdef __bsdi__
setpgid(0, 0);
#endif
# endif
if (setusercontext(lc, pw, pw->pw_uid,
(LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
perror("unable to set user context");
@ -1209,8 +1243,7 @@ do_setusercontext(struct passwd *pw)
irix_setusercontext(pw);
# endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
# ifdef _AIX
/* XXX: Disable tty setting. Enabled if required later */
aix_usrinfo(pw, &tty, -1);
aix_usrinfo(pw);
# endif /* _AIX */
/* Permanently switch to the desired uid. */
permanently_set_uid(pw);
@ -1263,6 +1296,10 @@ do_child(Session *s, const char *command)
if (options.use_login && command != NULL)
options.use_login = 0;
#ifdef _UNICOS
cray_setup(pw->pw_uid, pw->pw_name, command);
#endif /* _UNICOS */
/*
* Login(1) does this as well, and it needs uid 0 for the "-h"
* switch, so we let login(1) to this for us.
@ -1798,6 +1835,27 @@ session_pty_cleanup(void *session)
PRIVSEP(session_pty_cleanup2(session));
}
static char *
sig2name(int sig)
{
#define SSH_SIG(x) if (sig == SIG ## x) return #x
SSH_SIG(ABRT);
SSH_SIG(ALRM);
SSH_SIG(FPE);
SSH_SIG(HUP);
SSH_SIG(ILL);
SSH_SIG(INT);
SSH_SIG(KILL);
SSH_SIG(PIPE);
SSH_SIG(QUIT);
SSH_SIG(SEGV);
SSH_SIG(TERM);
SSH_SIG(USR1);
SSH_SIG(USR2);
#undef SSH_SIG
return "SIG@openssh.com";
}
static void
session_exit_message(Session *s, int status)
{
@ -1815,7 +1873,7 @@ session_exit_message(Session *s, int status)
packet_send();
} else if (WIFSIGNALED(status)) {
channel_request_start(s->chanid, "exit-signal", 0);
packet_put_int(WTERMSIG(status));
packet_put_cstring(sig2name(WTERMSIG(status)));
#ifdef WCOREDUMP
packet_put_char(WCOREDUMP(status));
#else /* WCOREDUMP */

4
crypto/openssh/session.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: session.h,v 1.18 2002/06/23 21:06:41 deraadt Exp $ */
/* $OpenBSD: session.h,v 1.19 2002/06/30 21:59:45 deraadt Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -57,7 +57,7 @@ struct Session {
void do_authenticated(Authctxt *);
int session_open(Authctxt*, int);
int session_open(Authctxt *, int);
int session_input_channel_req(Channel *, const char *);
void session_close_by_pid(pid_t, int);
void session_close_by_channel(int, void *);

12
crypto/openssh/sftp-client.c
View File

@ -28,9 +28,9 @@
/* XXX: copy between two remote sites */
#include "includes.h"
RCSID("$OpenBSD: sftp-client.c,v 1.33 2002/06/23 09:30:14 deraadt Exp $");
RCSID("$OpenBSD: sftp-client.c,v 1.35 2002/09/11 22:41:49 djm Exp $");
#include "openbsd-compat/fake-queue.h"
#include "openbsd-compat/sys-queue.h"
#include "buffer.h"
#include "bufaux.h"
@ -414,12 +414,6 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int printflag,
return(0);
}
int
do_ls(struct sftp_conn *conn, char *path)
{
return(do_lsreaddir(conn, path, 1, NULL));
}
int
do_readdir(struct sftp_conn *conn, char *path, SFTP_DIRENT ***dir)
{
@ -1095,7 +1089,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
debug3("In write loop, ack for %u %u bytes at %llu",
ack->id, ack->len, (unsigned long long)ack->offset);
++ackid;
free(ack);
xfree(ack);
}
offset += len;
}

5
crypto/openssh/sftp-client.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sftp-client.h,v 1.10 2002/06/23 09:30:14 deraadt Exp $ */
/* $OpenBSD: sftp-client.h,v 1.11 2002/09/11 22:41:50 djm Exp $ */
/*
* Copyright (c) 2001,2002 Damien Miller. All rights reserved.
@ -48,9 +48,6 @@ u_int sftp_proto_version(struct sftp_conn *);
/* Close file referred to by 'handle' */
int do_close(struct sftp_conn *, char *, u_int);
/* List contents of directory 'path' to stdout */
int do_ls(struct sftp_conn *, char *);
/* Read contents of 'path' to NULL-terminated array 'dir' */
int do_readdir(struct sftp_conn *, char *, SFTP_DIRENT ***);

64
crypto/openssh/sftp-common.c
View File

@ -24,7 +24,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sftp-common.c,v 1.6 2002/06/23 09:30:14 deraadt Exp $");
RCSID("$OpenBSD: sftp-common.c,v 1.7 2002/09/11 22:41:50 djm Exp $");
#include "buffer.h"
#include "bufaux.h"
@ -65,6 +65,26 @@ stat_to_attrib(struct stat *st, Attrib *a)
a->mtime = st->st_mtime;
}
/* Convert from filexfer attribs to struct stat */
void
attrib_to_stat(Attrib *a, struct stat *st)
{
memset(st, 0, sizeof(*st));
if (a->flags & SSH2_FILEXFER_ATTR_SIZE)
st->st_size = a->size;
if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
st->st_uid = a->uid;
st->st_gid = a->gid;
}
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)
st->st_mode = a->perm;
if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
st->st_atime = a->atime;
st->st_mtime = a->mtime;
}
}
/* Decode attributes in buffer */
Attrib *
decode_attrib(Buffer *b)
@ -149,3 +169,45 @@ fx2txt(int status)
}
/* NOTREACHED */
}
/*
* drwxr-xr-x 5 markus markus 1024 Jan 13 18:39 .ssh
*/
char *
ls_file(char *name, struct stat *st, int remote)
{
int ulen, glen, sz = 0;
struct passwd *pw;
struct group *gr;
struct tm *ltime = localtime(&st->st_mtime);
char *user, *group;
char buf[1024], mode[11+1], tbuf[12+1], ubuf[11+1], gbuf[11+1];
strmode(st->st_mode, mode);
if (!remote && (pw = getpwuid(st->st_uid)) != NULL) {
user = pw->pw_name;
} else {
snprintf(ubuf, sizeof ubuf, "%u", (u_int)st->st_uid);
user = ubuf;
}
if (!remote && (gr = getgrgid(st->st_gid)) != NULL) {
group = gr->gr_name;
} else {
snprintf(gbuf, sizeof gbuf, "%u", (u_int)st->st_gid);
group = gbuf;
}
if (ltime != NULL) {
if (time(NULL) - st->st_mtime < (365*24*60*60)/2)
sz = strftime(tbuf, sizeof tbuf, "%b %e %H:%M", ltime);
else
sz = strftime(tbuf, sizeof tbuf, "%b %e %Y", ltime);
}
if (sz == 0)
tbuf[0] = '\0';
ulen = MAX(strlen(user), 8);
glen = MAX(strlen(group), 8);
snprintf(buf, sizeof buf, "%s %3d %-*s %-*s %8llu %s %s", mode,
st->st_nlink, ulen, user, glen, group,
(u_int64_t)st->st_size, tbuf, name);
return xstrdup(buf);
}

4
crypto/openssh/sftp-common.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sftp-common.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */
/* $OpenBSD: sftp-common.h,v 1.4 2002/09/11 22:41:50 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@ -40,7 +40,9 @@ struct Attrib {
void attrib_clear(Attrib *);
void stat_to_attrib(struct stat *, Attrib *);
void attrib_to_stat(Attrib *, struct stat *);
Attrib *decode_attrib(Buffer *);
void encode_attrib(Buffer *, Attrib *);
char *ls_file(char *, struct stat *, int);
const char *fx2txt(int);

31
crypto/openssh/sftp-glob.c
View File

@ -23,7 +23,7 @@
*/
#include "includes.h"
RCSID("$OpenBSD: sftp-glob.c,v 1.10 2002/02/13 00:59:23 djm Exp $");
RCSID("$OpenBSD: sftp-glob.c,v 1.13 2002/09/11 22:41:50 djm Exp $");
#include "buffer.h"
#include "bufaux.h"
@ -51,12 +51,14 @@ fudge_opendir(const char *path)
r = xmalloc(sizeof(*r));
if (do_readdir(cur.conn, (char*)path, &r->dir))
if (do_readdir(cur.conn, (char *)path, &r->dir)) {
xfree(r);
return(NULL);
}
r->offset = 0;
return((void*)r);
return((void *)r);
}
static struct dirent *
@ -105,31 +107,12 @@ fudge_closedir(struct SFTP_OPENDIR *od)
xfree(od);
}
static void
attrib_to_stat(Attrib *a, struct stat *st)
{
memset(st, 0, sizeof(*st));
if (a->flags & SSH2_FILEXFER_ATTR_SIZE)
st->st_size = a->size;
if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) {
st->st_uid = a->uid;
st->st_gid = a->gid;
}
if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)
st->st_mode = a->perm;
if (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME) {
st->st_atime = a->atime;
st->st_mtime = a->mtime;
}
}
static int
fudge_lstat(const char *path, struct stat *st)
{
Attrib *a;
if (!(a = do_lstat(cur.conn, (char*)path, 0)))
if (!(a = do_lstat(cur.conn, (char *)path, 0)))
return(-1);
attrib_to_stat(a, st);
@ -142,7 +125,7 @@ fudge_stat(const char *path, struct stat *st)
{
Attrib *a;
if (!(a = do_stat(cur.conn, (char*)path, 0)))
if (!(a = do_stat(cur.conn, (char *)path, 0)))
return(-1);
attrib_to_stat(a, st);

Some files were not shown because too many files have changed in this diff Show More