d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vendor import of OpenSSH 5.4p1

Browse Source
This commit is contained in:
Dag-Erling Smørgrav 2010-03-08 11:19:52 +00:00
parent e5e752b5a7
commit 6d4f2dd11a
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/vendor-crypto/openssh/dist/; revision=204861
160 changed files with 17240 additions and 8705 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

979
ChangeLog
View File

@ -1,3 +1,982 @@
20100307
- (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/03/07 22:16:01
[ssh-keygen.c]
make internal strptime string match strftime format;
suggested by vinschen AT redhat.com and markus@
- djm@cvs.openbsd.org 2010/03/08 00:28:55
[ssh-keygen.1]
document permit-agent-forwarding certificate constraint; patch from
stevesk@
- djm@cvs.openbsd.org 2010/03/07 22:01:32
[version.h]
openssh-5.4
- (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
crank version numbers
- (djm) Release OpenSSH-5.4p1
20100307
- (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that
it gets the passwd struct from the LAM that knows about the user which is
not necessarily the default. Patch from Alexandre Letourneau.
- (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and
do not set real uid, since that's needed for the chroot, and will be set
by permanently_set_uid.
- (dtucker) [session.c] Also initialize creds to NULL for handing to
setpcred.
- (dtucker) OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2010/03/07 11:57:13
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
Hold authentication debug messages until after successful authentication.
Fixes an info leak of environment variables specified in authorized_keys,
reported by Jacob Appelbaum. ok djm@
20100305
- OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2010/03/04 12:51:25
[ssh.1 sshd_config.5]
tweak previous;
- djm@cvs.openbsd.org 2010/03/04 20:35:08
[ssh-keygen.1 ssh-keygen.c]
Add a -L flag to print the contents of a certificate; ok markus@
- jmc@cvs.openbsd.org 2010/03/04 22:52:40
[ssh-keygen.1]
fix Bk/Ek;
- djm@cvs.openbsd.org 2010/03/04 23:17:25
[sshd_config.5]
missing word; spotted by jmc@
- djm@cvs.openbsd.org 2010/03/04 23:19:29
[ssh.1 sshd.8]
move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
format section and rework it a bit; requested by jmc@
- djm@cvs.openbsd.org 2010/03/04 23:27:25
[auth-options.c ssh-keygen.c]
"force-command" is not spelled "forced-command"; spotted by
imorgan AT nas.nasa.gov
- djm@cvs.openbsd.org 2010/03/05 02:58:11
[auth.c]
make the warning for a revoked key louder and more noticable
- jmc@cvs.openbsd.org 2010/03/05 06:50:35
[ssh.1 sshd.8]
tweak previous;
- jmc@cvs.openbsd.org 2010/03/05 08:31:20
[ssh.1]
document certificate authentication; help/ok djm
- djm@cvs.openbsd.org 2010/03/05 10:28:21
[ssh-add.1 ssh.1 ssh_config.5]
mention loading of certificate files from [private]-cert.pub when
they are present; feedback and ok jmc@
- (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older
compilers. OK djm@
- (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure
on some platforms
- (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@
20100304
- (djm) [ssh-keygen.c] Use correct local variable, instead of
maybe-undefined global "optarg"
- (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq
on XFree86-devel with neutral /usr/include/X11/Xlib.h;
imorgan AT nas.nasa.gov in bz#1731
- (djm) [.cvsignore] Ignore ssh-pkcs11-helper
- (djm) [regress/Makefile] Cleanup sshd_proxy_orig
- OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/03/03 01:44:36
[auth-options.c key.c]
reject strings with embedded ASCII nul chars in certificate key IDs,
principal names and constraints
- djm@cvs.openbsd.org 2010/03/03 22:49:50
[sshd.8]
the authorized_keys option for CA keys is "cert-authority", not
"from=cert-authority". spotted by imorgan AT nas.nasa.gov
- djm@cvs.openbsd.org 2010/03/03 22:50:40
[PROTOCOL.certkeys]
s/similar same/similar/; from imorgan AT nas.nasa.gov
- djm@cvs.openbsd.org 2010/03/04 01:44:57
[key.c]
use buffer_get_string_ptr_ret() where we are checking the return
value explicitly instead of the fatal()-causing buffer_get_string_ptr()
- djm@cvs.openbsd.org 2010/03/04 10:36:03
[auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
[authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
[ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
are trusted to authenticate users (in addition than doing it per-user
in authorized_keys).
Add a RevokedKeys option to sshd_config and a @revoked marker to
known_hosts to allow keys to me revoked and banned for user or host
authentication.
feedback and ok markus@
- djm@cvs.openbsd.org 2010/03/03 00:47:23
[regress/cert-hostkey.sh regress/cert-userkey.sh]
add an extra test to ensure that authentication with the wrong
certificate fails as it should (and it does)
- djm@cvs.openbsd.org 2010/03/04 10:38:23
[regress/cert-hostkey.sh regress/cert-userkey.sh]
additional regression tests for revoked keys and TrustedUserCAKeys
20100303
- (djm) [PROTOCOL.certkeys] Add RCS Ident
- OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2010/02/26 22:09:28
[ssh-keygen.1 ssh.1 sshd.8]
tweak previous;
- otto@cvs.openbsd.org 2010/03/01 11:07:06
[ssh-add.c]
zap what seems to be a left-over debug message; ok markus@
- djm@cvs.openbsd.org 2010/03/02 23:20:57
[ssh-keygen.c]
POSIX strptime is stricter than OpenBSD's so do a little dance to
appease it.
- (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too
20100302
- (tim) [config.guess config.sub] Bug 1722: Update to latest versions from
http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22
respectively).
20100301
- (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace
"echo -n" with "echon" for portability.
- (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM
adjust log at verbose only, since according to cjwatson in bug #1470
some virtualization platforms don't allow writes.
20100228
- (djm) [auth.c] On Cygwin, refuse usernames that have differences in
case from that matched in the system password database. On this
platform, passwords are stored case-insensitively, but sshd requires
exact case matching for Match blocks in sshd_config(5). Based on
a patch from vinschen AT redhat.com.
- (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions
to make older compilers (gcc 2.95) happy.
20100227
- (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded
- (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment
variables copied into sshd child processes. From vinschen AT redhat.com
20100226
- OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/02/26 20:29:54
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
[auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
[hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
[myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
[sshconnect2.c sshd.8 sshd.c sshd_config.5]
Add support for certificate key types for users and hosts.
OpenSSH certificate key types are not X.509 certificates, but a much
simpler format that encodes a public key, identity information and
some validity constraints and signs it with a CA key. CA keys are
regular SSH keys. This certificate style avoids the attack surface
of X.509 certificates and is very easy to deploy.
Certified host keys allow automatic acceptance of new host keys
when a CA certificate is marked as trusted in ~/.ssh/known_hosts.
see VERIFYING HOST KEYS in ssh(1) for details.
Certified user keys allow authentication of users when the signing
CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
FILE FORMAT" in sshd(8) for details.
Certificates are minted using ssh-keygen(1), documentation is in
the "CERTIFICATES" section of that manpage.
Documentation on the format of certificates is in the file
PROTOCOL.certkeys
feedback and ok markus@
- djm@cvs.openbsd.org 2010/02/26 20:33:21
[Makefile regress/cert-hostkey.sh regress/cert-userkey.sh]
regression tests for certified keys
20100224
- (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
[ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable
- (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/02/11 20:37:47
[pathnames.h]
correct comment
- dtucker@cvs.openbsd.org 2009/11/09 04:20:04
[regress/Makefile]
add regression test for ssh-keygen pubkey conversions
- dtucker@cvs.openbsd.org 2010/01/11 02:53:44
[regress/forwarding.sh]
regress test for stdio forwarding
- djm@cvs.openbsd.org 2010/02/09 04:57:36
[regress/addrmatch.sh]
clean up droppings
- djm@cvs.openbsd.org 2010/02/09 06:29:02
[regress/Makefile]
turn on all the malloc(3) checking options when running regression
tests. this has caught a few bugs for me in the past; ok dtucker@
- djm@cvs.openbsd.org 2010/02/24 06:21:56
[regress/test-exec.sh]
wait for sshd to fully stop in cleanup() function; avoids races in tests
that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@
- markus@cvs.openbsd.org 2010/02/08 10:52:47
[regress/agent-pkcs11.sh]
test for PKCS#11 support (currently disabled)
- (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
[contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage
20100212
- (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/02/02 22:49:34
[bufaux.c]
make buffer_get_string_ret() really non-fatal in all cases (it was
using buffer_get_int(), which could fatal() on buffer empty);
ok markus dtucker
- markus@cvs.openbsd.org 2010/02/08 10:50:20
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
[ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
replace our obsolete smartcard code with PKCS#11.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
provider (shared library) while ssh-agent(1) delegates PKCS#11 to
a forked a ssh-pkcs11-helper process.
PKCS#11 is currently a compile time option.
feedback and ok djm@; inspired by patches from Alon Bar-Lev
- jmc@cvs.openbsd.org 2010/02/08 22:03:05
[ssh-add.1 ssh-keygen.1 ssh.1 ssh.c]
tweak previous; ok markus
- djm@cvs.openbsd.org 2010/02/09 00:50:36
[ssh-agent.c]
fallout from PKCS#11: unbreak -D
- djm@cvs.openbsd.org 2010/02/09 00:50:59
[ssh-keygen.c]
fix -Wall
- djm@cvs.openbsd.org 2010/02/09 03:56:28
[buffer.c buffer.h]
constify the arguments to buffer_len, buffer_ptr and buffer_dump
- djm@cvs.openbsd.org 2010/02/09 06:18:46
[auth.c]
unbreak ChrootDirectory+internal-sftp by skipping check for executable
shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
- markus@cvs.openbsd.org 2010/02/10 23:20:38
[ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
pkcs#11 is no longer optional; improve wording; ok jmc@
- jmc@cvs.openbsd.org 2010/02/11 13:23:29
[ssh.1]
libarary -> library;
- (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c]
[scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java]
Remove obsolete smartcard support
- (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
Make it compile on OSX
- (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
Use ssh_get_progname to fill __progname
- (djm) [configure.ac] Enable PKCS#11 support only when we find a working
dlopen()
20100210
- (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
getseuserbyname; patch from calebcase AT gmail.com via
cjwatson AT debian.org
20100202
- (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/01/30 21:08:33
[sshd.8]
debug output goes to stderr, not "the system log"; ok markus dtucker
- djm@cvs.openbsd.org 2010/01/30 21:12:08
[channels.c]
fake local addr:port when stdio fowarding as some servers (Tectia at
least) validate that they are well-formed;
reported by imorgan AT nas.nasa.gov
ok dtucker
20100130
- (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/01/28 00:21:18
[clientloop.c]
downgrade an error() to a debug() - this particular case can be hit in
normal operation for certain sequences of mux slave vs session closure
and is harmless
- djm@cvs.openbsd.org 2010/01/29 00:20:41
[sshd.c]
set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com
ok dtucker@
- djm@cvs.openbsd.org 2010/01/29 20:16:17
[mux.c]
kill correct channel (was killing already-dead mux channel, not
its session channel)
- djm@cvs.openbsd.org 2010/01/30 02:54:53
[mux.c]
don't mark channel as read failed if it is already closing; suppresses
harmless error messages when connecting to SSH.COM Tectia server
report by imorgan AT nas.nasa.gov
20100129
- (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()
after registering the hardware engines, which causes the openssl.cnf file to
be processed. See OpenSSL's man page for OPENSSL_config(3) for details.
Patch from Solomon Peachy, ok djm@.
20100128
- (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/01/26 02:15:20
[mux.c]
-Wuninitialized and remove a // comment; from portable
(Id sync only)
- djm@cvs.openbsd.org 2010/01/27 13:26:17
[mux.c]
fix bug introduced in mux rewrite:
In a mux master, when a socket to a mux slave closes before its server
session (as may occur when the slave has been signalled), gracefully
close the server session rather than deleting its channel immediately.
A server may have more messages on that channel to send (e.g. an exit
message) that will fatal() the client if they are sent to a channel that
has been prematurely deleted.
spotted by imorgan AT nas.nasa.gov
- djm@cvs.openbsd.org 2010/01/27 19:21:39
[sftp.c]
add missing "p" flag to getopt optstring;
bz#1704 from imorgan AT nas.nasa.gov
20100126
- (djm) OpenBSD CVS Sync
- tedu@cvs.openbsd.org 2010/01/17 21:49:09
[ssh-agent.1]
Correct and clarify ssh-add's password asking behavior.
Improved text dtucker and ok jmc
- dtucker@cvs.openbsd.org 2010/01/18 01:50:27
[roaming_client.c]
s/long long unsigned/unsigned long long/, from tim via portable
(Id sync only, change already in portable)
- djm@cvs.openbsd.org 2010/01/26 01:28:35
[channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
rewrite ssh(1) multiplexing code to a more sensible protocol.
The new multiplexing code uses channels for the listener and
accepted control sockets to make the mux master non-blocking, so
no stalls when processing messages from a slave.
avoid use of fatal() in mux master protocol parsing so an errant slave
process cannot take down a running master.
implement requesting of port-forwards over multiplexed sessions. Any
port forwards requested by the slave are added to those the master has
established.
add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
document master/slave mux protocol so that other tools can use it to
control a running ssh(1). Note: there are no guarantees that this
protocol won't be incompatibly changed (though it is versioned).
feedback Salvador Fandino, dtucker@
channel changes ok markus@
20100122
- (tim) [configure.ac] Due to constraints in Windows Sockets in terms of
socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size
in Cygwin to 65535. Patch from Corinna Vinschen.
20100117
- (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too.
- (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions
snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf().
20100116
- (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h
so we correctly detect whether or not we have a native user_from_uid.
- (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid
and group_from_gid.
- (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by
Tim.
- (dtucker) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2010/01/15 09:24:23
[sftp-common.c]
unused
- (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused
variable warnings.
- (dtucker) [openbsd-compat/openbsd-compat.h] Typo.
- (tim) [regress/portnum.sh] Shell portability fix.
- (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native
getaddrinfo() is too old and limited for addr_pton() in addrmatch.c.
- (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable so we
use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/
to keep USL compilers happy.
20100115
- (dtucker) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2010/01/13 12:48:34
[sftp.1 sftp.c]
sftp.1: put ls -h in the right place
sftp.c: as above, plus add -p to get/put, and shorten their arg names
to keep the help usage nicely aligned
ok djm
- djm@cvs.openbsd.org 2010/01/13 23:47:26
[auth.c]
when using ChrootDirectory, make sure we test for the existence of the
user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
ok dtucker
- dtucker@cvs.openbsd.org 2010/01/14 23:41:49
[sftp-common.c]
use user_from{uid,gid} to lookup up ids since it keeps a small cache.
ok djm
- guenther@cvs.openbsd.org 2010/01/15 00:05:22
[sftp.c]
Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
inherited SIGTERM as ignored it will still be able to kill the ssh it
starts.
ok dtucker@
- (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no
changes yet but there will be some to come).
- (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability
for pwcache. Also, added caching of negative hits.
20100114
- (djm) [platform.h] Add missing prototype for
platform_krb5_get_principal_name
20100113
- (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs.
- (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18:
missing restore of SIGTTOU and some whitespace.
- (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.
- (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.
Fixes bz #1590, where sometimes you could not interrupt a connection while
ssh was prompting for a passphrase or password.
- (dtucker) OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2010/01/13 00:19:04
[sshconnect.c auth.c]
Fix a couple of typos/mispellings in comments
- dtucker@cvs.openbsd.org 2010/01/13 01:10:56
[key.c]
Ignore and log any Protocol 1 keys where the claimed size is not equal to
the actual size. Noted by Derek Martin, ok djm@
- dtucker@cvs.openbsd.org 2010/01/13 01:20:20
[canohost.c ssh-keysign.c sshconnect2.c]
Make HostBased authentication work with a ProxyCommand. bz #1569, patch
from imorgan at nas nasa gov, ok djm@
- djm@cvs.openbsd.org 2010/01/13 01:40:16
[sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h]
support '-h' (human-readable units) for sftp's ls command, just like
ls(1); ok dtucker@
- djm@cvs.openbsd.org 2010/01/13 03:48:13
[servconf.c servconf.h sshd.c]
avoid run-time failures when specifying hostkeys via a relative
path by prepending the cwd in these cases; bz#1290; ok dtucker@
- djm@cvs.openbsd.org 2010/01/13 04:10:50
[sftp.c]
don't append a space after inserting a completion of a directory (i.e.
a path ending in '/') for a slightly better user experience; ok dtucker@
- (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef.
- (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG.
feedback and ok dtucker@
20100112
- (dtucker) OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2010/01/11 01:39:46
[ssh_config channels.c ssh.1 channels.h ssh.c]
Add a 'netcat mode' (ssh -W). This connects stdio on the client to a
single port forward on the server. This allows, for example, using ssh as
a ProxyCommand to route connections via intermediate servers.
bz #1618, man page help from jmc@, ok markus@
- dtucker@cvs.openbsd.org 2010/01/11 04:46:45
[authfile.c sshconnect2.c]
Do not prompt for a passphrase if we fail to open a keyfile, and log the
reason the open failed to debug.
bz #1693, found by tj AT castaglia org, ok djm@
- djm@cvs.openbsd.org 2010/01/11 10:51:07
[ssh-keygen.c]
when converting keys, truncate key comments at 72 chars as per RFC4716;
bz#1630 reported by tj AT castaglia.org; ok markus@
- dtucker@cvs.openbsd.org 2010/01/12 00:16:47
[authfile.c]
Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.
Patch from joachim joachimschipper nl.
- djm@cvs.openbsd.org 2010/01/12 00:58:25
[monitor_fdpass.c]
avoid spinning when fd passing on nonblocking sockets by calling poll()
in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@
- djm@cvs.openbsd.org 2010/01/12 00:59:29
[roaming_common.c]
delete with extreme prejudice a debug() that fired with every keypress;
ok dtucker deraadt
- dtucker@cvs.openbsd.org 2010/01/12 01:31:05
[session.c]
Do not allow logins if /etc/nologin exists but is not readable by the user
logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
- djm@cvs.openbsd.org 2010/01/12 01:36:08
[buffer.h bufaux.c]
add a buffer_get_string_ptr_ret() that does the same as
buffer_get_string_ptr() but does not fatal() on error; ok dtucker@
- dtucker@cvs.openbsd.org 2010/01/12 08:33:17
[session.c]
Add explicit stat so we reliably detect nologin with bad perms.
ok djm markus
20100110
- (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
Remove hacks add for RoutingDomain in preparation for its removal.
- (dtucker) OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2010/01/09 23:04:13
[channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
Remove RoutingDomain from ssh since it's now not needed. It can be
replaced with "route exec" or "nc -V" as a proxycommand. "route exec"
also ensures that trafic such as DNS lookups stays withing the specified
routingdomain. For example (from reyk):
# route -T 2 exec /usr/sbin/sshd
or inherited from the parent process
$ route -T 2 exec sh
$ ssh 10.1.2.3
ok deraadt@ markus@ stevesk@ reyk@
- dtucker@cvs.openbsd.org 2010/01/10 03:51:17
[servconf.c]
Add ChrootDirectory to sshd.c test-mode output
- dtucker@cvs.openbsd.org 2010/01/10 07:15:56
[auth.c]
Output a debug if we can't open an existing keyfile. bz#1694, ok djm@
20100109
- (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
have it.
- (dtucker) [defines.h] define PRIu64 for platforms that don't have it.
- (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef.
- (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name
when using utmpx. Patch from Ed Schouten.
- (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/01/09 00:20:26
[sftp-server.c sftp-server.8]
add a 'read-only' mode to sftp-server(8) that disables open in write mode
and all other fs-modifying protocol methods. bz#430 ok dtucker@
- djm@cvs.openbsd.org 2010/01/09 00:57:10
[PROTOCOL]
tweak language
- jmc@cvs.openbsd.org 2010/01/09 03:36:00
[sftp-server.8]
bad place to forget a comma...
- djm@cvs.openbsd.org 2010/01/09 05:04:24
[mux.c sshpty.h clientloop.c sshtty.c]
quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
usually don't actually have a tty to read/set; bz#1686 ok dtucker@
- dtucker@cvs.openbsd.org 2010/01/09 05:17:00
[roaming_client.c]
Remove a PRIu64 format string that snuck in with roaming. ok djm@
- dtucker@cvs.openbsd.org 2010/01/09 11:13:02
[sftp.c]
Prevent sftp from derefing a null pointer when given a "-" without a
command. Also, allow whitespace to follow a "-". bz#1691, path from
Colin Watson via Debian. ok djm@ deraadt@
- dtucker@cvs.openbsd.org 2010/01/09 11:17:56
[sshd.c]
Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs
itself. Prevents two HUPs in quick succession from resulting in sshd
dying. bz#1692, patch from Colin Watson via Ubuntu.
- (dtucker) [defines.h] Remove now-undeeded PRIu64 define.
20100108
- (dtucker) OpenBSD CVS Sync
- andreas@cvs.openbsd.org 2009/10/24 11:11:58
[roaming.h]
Declarations needed for upcoming changes.
ok markus@
- andreas@cvs.openbsd.org 2009/10/24 11:13:54
[sshconnect2.c kex.h kex.c]
Let the client detect if the server supports roaming by looking
for the resume@appgate.com kex algorithm.
ok markus@
- andreas@cvs.openbsd.org 2009/10/24 11:15:29
[clientloop.c]
client_loop() must detect if the session has been suspended and resumed,
and take appropriate action in that case.
From Martin Forssen, maf at appgate dot com
- andreas@cvs.openbsd.org 2009/10/24 11:19:17
[ssh2.h]
Define the KEX messages used when resuming a suspended connection.
ok markus@
- andreas@cvs.openbsd.org 2009/10/24 11:22:37
[roaming_common.c]
Do the actual suspend/resume in the client. This won't be useful until
the server side supports roaming.
Most code from Martin Forssen, maf at appgate dot com. Some changes by
me and markus@
ok markus@
- andreas@cvs.openbsd.org 2009/10/24 11:23:42
[ssh.c]
Request roaming to be enabled if UseRoaming is true and the server
supports it.
ok markus@
- reyk@cvs.openbsd.org 2009/10/28 16:38:18
[ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c
channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1
sftp.1 sshd_config.5 readconf.c ssh.c misc.c]
Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.
ok markus@
- jmc@cvs.openbsd.org 2009/10/28 21:45:08
[sshd_config.5 sftp.1]
tweak previous;
- djm@cvs.openbsd.org 2009/11/10 02:56:22
[ssh_config.5]
explain the constraints on LocalCommand some more so people don't
try to abuse it.
- djm@cvs.openbsd.org 2009/11/10 02:58:56
[sshd_config.5]
clarify that StrictModes does not apply to ChrootDirectory. Permissions
and ownership are always checked when chrooting. bz#1532
- dtucker@cvs.openbsd.org 2009/11/10 04:30:45
[sshconnect2.c channels.c sshconnect.c]
Set close-on-exec on various descriptors so they don't get leaked to
child processes. bz #1643, patch from jchadima at redhat, ok deraadt.
- markus@cvs.openbsd.org 2009/11/11 21:37:03
[channels.c channels.h]
fix race condition in x11/agent channel allocation: don't read after
the end of the select read/write fdset and make sure a reused FD
is not touched before the pre-handlers are called.
with and ok djm@
- djm@cvs.openbsd.org 2009/11/17 05:31:44
[clientloop.c]
fix incorrect exit status when multiplexing and channel ID 0 is recycled
bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
- djm@cvs.openbsd.org 2009/11/19 23:39:50
[session.c]
bz#1606: error when an attempt is made to connect to a server
with ForceCommand=internal-sftp with a shell session (i.e. not a
subsystem session). Avoids stuck client when attempting to ssh to such a
service. ok dtucker@
- dtucker@cvs.openbsd.org 2009/11/20 00:15:41
[session.c]
Warn but do not fail if stat()ing the subsystem binary fails. This helps
with chrootdirectory+forcecommand=sftp-server and restricted shells.
bz #1599, ok djm.
- djm@cvs.openbsd.org 2009/11/20 00:54:01
[sftp.c]
bz#1588 change "Connecting to host..." message to "Connected to host."
and delay it until after the sftp protocol connection has been established.
Avoids confusing sequence of messages when the underlying ssh connection
experiences problems. ok dtucker@
- dtucker@cvs.openbsd.org 2009/11/20 00:59:36
[sshconnect2.c]
Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@
- djm@cvs.openbsd.org 2009/11/20 03:24:07
[misc.c]
correct off-by-one in percent_expand(): we would fatal() when trying
to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
work. Note that nothing in OpenSSH actually uses close to this limit at
present. bz#1607 from Jan.Pechanec AT Sun.COM
- halex@cvs.openbsd.org 2009/11/22 13:18:00
[sftp.c]
make passing of zero-length arguments to ssh safe by
passing "-<switch>" "<value>" rather than "-<switch><value>"
ok dtucker@, guenther@, djm@
- dtucker@cvs.openbsd.org 2009/12/06 23:41:15
[sshconnect2.c]
zap unused variable and strlen; from Steve McClellan, ok djm
- djm@cvs.openbsd.org 2009/12/06 23:53:45
[roaming_common.c]
use socklen_t for getsockopt optlen parameter; reported by
Steve.McClellan AT radisys.com, ok dtucker@
- dtucker@cvs.openbsd.org 2009/12/06 23:53:54
[sftp.c]
fix potential divide-by-zero in sftp's "df" output when talking to a server
that reports zero files on the filesystem (Unix filesystems always have at
least the root inode). From Steve McClellan at radisys, ok djm@
- markus@cvs.openbsd.org 2009/12/11 18:16:33
[key.c]
switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537
for the RSA public exponent; discussed with provos; ok djm@
- guenther@cvs.openbsd.org 2009/12/20 07:28:36
[ssh.c sftp.c scp.c]
When passing user-controlled options with arguments to other programs,
pass the option and option argument as separate argv entries and
not smashed into one (e.g., as -l foo and not -lfoo). Also, always
pass a "--" argument to stop option parsing, so that a positional
argument that starts with a '-' isn't treated as an option. This
fixes some error cases as well as the handling of hostnames and
filenames that start with a '-'.
Based on a diff by halex@
ok halex@ djm@ deraadt@
- djm@cvs.openbsd.org 2009/12/20 23:20:40
[PROTOCOL]
fix an incorrect magic number and typo in PROTOCOL; bz#1688
report and fix from ueno AT unixuser.org
- stevesk@cvs.openbsd.org 2009/12/25 19:40:21
[readconf.c servconf.c misc.h ssh-keyscan.c misc.c]
validate routing domain is in range 0-RT_TABLEID_MAX.
'Looks right' deraadt@
- stevesk@cvs.openbsd.org 2009/12/29 16:38:41
[sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1]
Rename RDomain config option to RoutingDomain to be more clear and
consistent with other options.
NOTE: if you currently use RDomain in the ssh client or server config,
or ssh/sshd -o, you must update to use RoutingDomain.
ok markus@ djm@
- jmc@cvs.openbsd.org 2009/12/29 18:03:32
[sshd_config.5 ssh_config.5]
sort previous;
- dtucker@cvs.openbsd.org 2010/01/04 01:45:30
[sshconnect2.c]
Don't escape backslashes in the SSH2 banner. bz#1533, patch from
Michal Gorny via Gentoo.
- djm@cvs.openbsd.org 2010/01/04 02:03:57
[sftp.c]
Implement tab-completion of commands, local and remote filenames for sftp.
Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009
Google Summer of Code) and polished to a fine sheen by myself again.
It should deal more-or-less correctly with the ikky corner-cases presented
by quoted filenames, but the UI could still be slightly improved.
In particular, it is quite slow for remote completion on large directories.
bz#200; ok markus@
- djm@cvs.openbsd.org 2010/01/04 02:25:15
[sftp-server.c]
bz#1566 don't unnecessarily dup() in and out fds for sftp-server;
ok markus@
- dtucker@cvs.openbsd.org 2010/01/08 21:50:49
[sftp.c]
Fix two warnings: possibly used unitialized and use a nul byte instead of
NULL pointer. ok djm@
- (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new
files for roaming and add to Makefile.
- (dtucker) [Makefile.in] .c files do not belong in the OBJ lines.
- (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms that
don't have libedit.
- (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] Make
RoutingDomain an unsupported option on platforms that don't have it.
- (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remote
too.
- (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket to
be created.
- (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN more
to eliminate an unused variable warning.
- (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types.
20091226
- (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1
Gzip all man pages. Patch from Corinna Vinschen.
20091221
- (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]
Bug #1583: Use system's kerberos principal name on AIX if it's available.
Based on a patch from and tested by Miguel Sanders
20091208
- (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,
based on a patch from Vaclav Ovsik and Colin Watson. ok djm.
20091207
- (dtucker) Bug #1160: use pkg-config for opensc config if it's available.
Tested by Martin Paljak.
- (dtucker) Bug #1677: add conditionals around the source for ssh-askpass.
20091121
- (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it.
Bug 1628. OK dtucker@
20091120
- (djm) [ssh-rand-helper.c] Print error and usage() when passed command-
line arguments as none are supported. Exit when passed unrecognised
commandline flags. bz#1568 from gson AT araneus.fi
20091118
- (djm) [channels.c misc.c misc.h sshd.c] add missing setsockopt() to
set IPV6_V6ONLY for local forwarding with GatwayPorts=yes. Unify
setting IPV6_V6ONLY behind a new function misc.c:sock_set_v6only()
bz#1648, report and fix from jan.kratochvil AT redhat.com
- (djm) [contrib/gnome-ssh-askpass2.c] Make askpass dialog desktop-modal.
bz#1645, patch from jchadima AT redhat.com
20091107
- (dtucker) [authfile.c] Fall back to 3DES for the encryption of private
keys when built with OpenSSL versions that don't do AES.
20091105
- (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with
older versions of OpenSSL.
20091024
- (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2009/10/11 23:03:15
[hostfile.c]
mention the host name that we are looking for in check_host_in_hostfile()
- sobrado@cvs.openbsd.org 2009/10/17 12:10:39
[sftp-server.c]
sort flags.
- sobrado@cvs.openbsd.org 2009/10/22 12:35:53
[ssh.1 ssh-agent.1 ssh-add.1]
use the UNIX-related macros (.At and .Ux) where appropriate.
ok jmc@
- sobrado@cvs.openbsd.org 2009/10/22 15:02:12
[ssh-agent.1 ssh-add.1 ssh.1]
write UNIX-domain in a more consistent way; while here, replace a
few remaining ".Tn UNIX" macros with ".Ux" ones.
pointed out by ratchov@, thanks!
ok jmc@
- djm@cvs.openbsd.org 2009/10/22 22:26:13
[authfile.c]
switch from 3DES to AES-128 for encryption of passphrase-protected
SSH protocol 2 private keys; ok several
- djm@cvs.openbsd.org 2009/10/23 01:57:11
[sshconnect2.c]
disallow a hostile server from checking jpake auth by sending an
out-of-sequence success message. (doesn't affect code enabled by default)
- dtucker@cvs.openbsd.org 2009/10/24 00:48:34
[ssh-keygen.1]
ssh-keygen now uses AES-128 for private keys
- (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro.
- (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux
is enabled set the security context to "sftpd_t" before running the
internal sftp server Based on a patch from jchadima at redhat.
20091011
- (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
lstat.
- (dtucker) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2009/10/08 14:03:41
[sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5]
disable protocol 1 by default (after a transition period of about 10 years)
ok deraadt
- jmc@cvs.openbsd.org 2009/10/08 20:42:12
[sshd_config.5 ssh_config.5 sshd.8 ssh.1]
some tweaks now that protocol 1 is not offered by default; ok markus
- dtucker@cvs.openbsd.org 2009/10/11 10:41:26
[sftp-client.c]
d_type isn't portable so use lstat to get dirent modes. Suggested by and
"looks sane" deraadt@
- markus@cvs.openbsd.org 2009/10/08 18:04:27
[regress/test-exec.sh]
re-enable protocol v1 for the tests.
20091007
- (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2009/08/12 00:13:00
[sftp.c sftp.1]
support most of scp(1)'s commandline arguments in sftp(1), as a first
step towards making sftp(1) a drop-in replacement for scp(1).
One conflicting option (-P) has not been changed, pending further
discussion.
Patch from carlosvsilvapt@gmail.com as part of his work in the
Google Summer of Code
- jmc@cvs.openbsd.org 2009/08/12 06:31:42
[sftp.1]
sort options;
- djm@cvs.openbsd.org 2009/08/13 01:11:19
[sftp.1 sftp.c]
Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
add "-P port" to match scp(1). Fortunately, the -P option is only really
used by our regression scripts.
part of larger patch from carlosvsilvapt@gmail.com for his Google Summer
of Code work; ok deraadt markus
- jmc@cvs.openbsd.org 2009/08/13 13:39:54
[sftp.1 sftp.c]
sync synopsis and usage();
- djm@cvs.openbsd.org 2009/08/14 18:17:49
[sftp-client.c]
make the "get_handle: ..." error messages vaguely useful by allowing
callers to specify their own error message strings.
- fgsch@cvs.openbsd.org 2009/08/15 18:56:34
[auth.h]
remove unused define. markus@ ok.
(Id sync only, Portable still uses this.)
- dtucker@cvs.openbsd.org 2009/08/16 23:29:26
[sshd_config.5]
Add PubkeyAuthentication to the list allowed in a Match block (bz #1577)
- djm@cvs.openbsd.org 2009/08/18 18:36:21
[sftp-client.h sftp.1 sftp-client.c sftp.c]
recursive transfer support for get/put and on the commandline
work mostly by carlosvsilvapt@gmail.com for the Google Summer of Code
with some tweaks by me; "go for it" deraadt@
- djm@cvs.openbsd.org 2009/08/18 21:15:59
[sftp.1]
fix "get" command usage, spotted by jmc@
- jmc@cvs.openbsd.org 2009/08/19 04:56:03
[sftp.1]
ether -> either;
- dtucker@cvs.openbsd.org 2009/08/20 23:54:28
[mux.c]
subsystem_flag is defined in ssh.c so it's extern; ok djm
- djm@cvs.openbsd.org 2009/08/27 17:28:52
[sftp-server.c]
allow setting an explicit umask on the commandline to override whatever
default the user has. bz#1229; ok dtucker@ deraadt@ markus@
- djm@cvs.openbsd.org 2009/08/27 17:33:49
[ssh-keygen.c]
force use of correct hash function for random-art signature display
as it was inheriting the wrong one when bubblebabble signatures were
activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
ok markus@
- djm@cvs.openbsd.org 2009/08/27 17:43:00
[sftp-server.8]
allow setting an explicit umask on the commandline to override whatever
default the user has. bz#1229; ok dtucker@ deraadt@ markus@
- djm@cvs.openbsd.org 2009/08/27 17:44:52
[authfd.c ssh-add.c authfd.h]
Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
when the agent refuses the constrained add request. This was a useful
migration measure back in 2002 when constraints were new, but just
adds risk now.
bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
- djm@cvs.openbsd.org 2009/08/31 20:56:02
[sftp-server.c]
check correct variable for error message, spotted by martynas@
- djm@cvs.openbsd.org 2009/08/31 21:01:29
[sftp-server.8]
document -e and -h; prodded by jmc@
- djm@cvs.openbsd.org 2009/09/01 14:43:17
[ssh-agent.c]
fix a race condition in ssh-agent that could result in a wedged or
spinning agent: don't read off the end of the allocated fd_sets, and
don't issue blocking read/write on agent sockets - just fall back to
select() on retriable read/write errors. bz#1633 reported and tested
by "noodle10000 AT googlemail.com"; ok dtucker@ markus@
- grunk@cvs.openbsd.org 2009/10/01 11:37:33
[dh.c]
fix a cast
ok djm@ markus@
- djm@cvs.openbsd.org 2009/10/06 04:46:40
[session.c]
bz#1596: fflush(NULL) before exec() to ensure that everying (motd
in particular) has made it out before the streams go away.
- djm@cvs.openbsd.org 2008/12/07 22:17:48
[regress/addrmatch.sh]
match string "passwordauthentication" only at start of line, not anywhere
in sshd -T output
- dtucker@cvs.openbsd.org 2009/05/05 07:51:36
[regress/multiplex.sh]
Always specify ssh_config for multiplex tests: prevents breakage caused
by options in ~/.ssh/config. From Dan Peterson.
- djm@cvs.openbsd.org 2009/08/13 00:57:17
[regress/Makefile]
regression test for port number parsing. written as part of the a2port
change that went into 5.2 but I forgot to commit it at the time...
- djm@cvs.openbsd.org 2009/08/13 01:11:55
[regress/sftp-batch.sh regress/sftp-badcmds.sh regress/sftp.sh
regress/sftp-cmds.sh regres/sftp-glob.sh]
date: 2009/08/13 01:11:19; author: djm; state: Exp; lines: +10 -7
Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
add "-P port" to match scp(1). Fortunately, the -P option is only really
used by our regression scripts.
part of larger patch from carlosvsilvapt@gmail.com for his Google Summer
of Code work; ok deraadt markus
- djm@cvs.openbsd.org 2009/08/20 18:43:07
[regress/ssh-com-sftp.sh]
fix one sftp -D ... => sftp -P ... conversion that I missed; from Carlos
Silva for Google Summer of Code
- dtucker@cvs.openbsd.org 2009/10/06 23:51:49
[regress/ssh2putty.sh]
Add OpenBSD tag to make syncs easier
- (dtucker) [regress/portnum.sh] Import new test.
- (dtucker) [configure.ac sftp-client.c] DTOTIF is in fs/ffs/dir.h on at
least dragonflybsd.
- (dtucker) d_type is not mandated by POSIX, so add fallback code using
stat(), needed on at least cygwin.
20091002
- (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps.
spotted by des AT des.no
20090926
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
[contrib/suse/openssh.spec] Update for release

6
INSTALL
View File

@ -208,10 +208,6 @@ are installed.
--with-4in6 Check for IPv4 in IPv6 mapped addresses and convert them to
real (AF_INET) IPv4 addresses. Works around some quirks on Linux.
--with-opensc=DIR
--with-sectok=DIR allows for OpenSC or sectok smartcard libraries to
be used with OpenSSH. See 'README.smartcard' for more details.
If you need to pass special options to the compiler or linker, you
can specify these as environment variables before running ./configure.
For example:
@ -266,4 +262,4 @@ Please refer to the "reporting bugs" section of the webpage at
http://www.openssh.com/
$Id: INSTALL,v 1.84 2007/08/17 12:52:05 dtucker Exp $
$Id: INSTALL,v 1.85 2010/02/11 22:34:22 djm Exp $

41
Makefile.in
View File

@ -1,4 +1,4 @@
# $Id: Makefile.in,v 1.300 2009/08/28 00:47:38 djm Exp $
# $Id: Makefile.in,v 1.306 2010/02/24 07:18:51 djm Exp $
# uncomment if you run a non bourne compatable shell. Ie. csh
#SHELL = @SH@
@ -25,6 +25,7 @@ SSH_PROGRAM=@bindir@/ssh
ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
SFTP_SERVER=$(libexecdir)/sftp-server
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
RAND_HELPER=$(libexecdir)/ssh-rand-helper
PRIVSEP_PATH=@PRIVSEP_PATH@
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
@ -35,6 +36,7 @@ PATHS= -DSSHDIR=\"$(sysconfdir)\" \
-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
-D_PATH_SSH_KEY_SIGN=\"$(SSH_KEYSIGN)\" \
-D_PATH_SSH_PKCS11_HELPER=\"$(SSH_PKCS11_HELPER)\" \
-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
-D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \
-DSSH_RAND_HELPER=\"$(RAND_HELPER)\"
@ -60,7 +62,7 @@ EXEEXT=@EXEEXT@
INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
@ -70,12 +72,13 @@ LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \
atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \
kexgex.o kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
entropy.o scard-opensc.o gss-genr.o umac.o jpake.o schnorr.o
kexgex.o kexdhc.o kexgexc.o msg.o progressmeter.o dns.o \
entropy.o gss-genr.o umac.o jpake.o schnorr.o \
ssh-pkcs11.o
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
sshconnect.o sshconnect1.o sshconnect2.o mux.o \
roaming_common.o
roaming_common.o roaming_client.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
sshpty.o sshlogin.o servconf.o serverloop.o \
@ -88,10 +91,10 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
auth2-gss.o gss-serv.o gss-serv-krb5.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
audit.o audit-bsm.o platform.o sftp-server.o sftp-common.o \
roaming_common.o
roaming_common.o roaming_serv.o
MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out
MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
MANTYPE = @MANTYPE@
CONFIGFILES=sshd_config.out ssh_config.out moduli.out
@ -147,15 +150,18 @@ scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o
$(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
$(LD) -o $@ ssh-agent.o ssh-pkcs11-client.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
$(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o
ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o readconf.o
$(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
$(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
$(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
@ -209,7 +215,6 @@ distclean: regressclean
rm -f survey.sh openbsd-compat/regress/Makefile *~
rm -rf autom4te.cache
(cd openbsd-compat && $(MAKE) distclean)
(cd scard && $(MAKE) distclean)
if test -d pkg ; then \
rm -fr pkg ; \
fi
@ -232,7 +237,6 @@ catman-do:
distprep: catman-do
$(AUTORECONF)
-rm -rf autom4te.cache
(cd scard && $(MAKE) -f Makefile.in distprep)
install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
install-nokeys: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf
@ -241,10 +245,7 @@ install-nosysconf: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) insta
check-config:
-$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config
scard-install:
(cd scard && env DESTDIR=$(DESTDIR) $(MAKE) DESTDIR=$(DESTDIR) install)
install-files: scard-install
install-files:
$(srcdir)/mkinstalldirs $(DESTDIR)$(bindir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir)
$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
@ -265,6 +266,7 @@ install-files: scard-install
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
fi
$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper $(DESTDIR)$(SSH_PKCS11_HELPER)
$(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp
$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER)
$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
@ -283,6 +285,7 @@ install-files: scard-install
$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
$(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
-rm -f $(DESTDIR)$(bindir)/slogin
ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
@ -368,6 +371,7 @@ uninstall:
-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
-rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
-rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
-rm -f $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
-rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT)
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
@ -380,6 +384,7 @@ uninstall:
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
tests interop-tests: $(TARGETS)
@ -393,6 +398,7 @@ tests interop-tests: $(TARGETS)
TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \
TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add"; \
TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen"; \
TEST_SSH_SSHPKCS11HELPER="$${BUILDDIR}/ssh-pkcs11-helper"; \
TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \
TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \
TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \
@ -413,6 +419,7 @@ tests interop-tests: $(TARGETS)
TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \
TEST_SSH_SSHADD="$${TEST_SSH_SSHADD}" \
TEST_SSH_SSHKEYGEN="$${TEST_SSH_SSHKEYGEN}" \
TEST_SSH_SSHPKCS11HELPER="$${TEST_SSH_SSHPKCS11HELPER}" \
TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \
TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \
TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \

37
PROTOCOL
View File

@ -6,8 +6,8 @@ filexfer protocol described in:
http://www.openssh.com/txt/draft-ietf-secsh-filexfer-02.txt
Features from newer versions of the draft are not supported, unless
explicitly implemented as extensions described below.
Newer versions of the draft will not be supported, though some features
are individually implemented as extensions described below.
The protocol used by OpenSSH's ssh-agent is described in the file
PROTOCOL.agent
@ -31,7 +31,14 @@ The method is documented in:
http://www.openssh.com/txt/draft-miller-secsh-compression-delayed-00.txt
3. connection: Channel write close extension "eow@openssh.com"
3. transport: New public key algorithms "ssh-rsa-cert-v00@openssh.com" and
"ssh-dsa-cert-v00@openssh.com"
OpenSSH introduces two new public key algorithms to support certificate
authentication for users and hostkeys. These methods are documented in
the file PROTOCOL.certkeys
4. connection: Channel write close extension "eow@openssh.com"
The SSH connection protocol (rfc4254) provides the SSH_MSG_CHANNEL_EOF
message to allow an endpoint to signal its peer that it will send no
@ -70,7 +77,7 @@ message is only sent to OpenSSH peers (identified by banner).
Other SSH implementations may be whitelisted to receive this message
upon request.
4. connection: disallow additional sessions extension
5. connection: disallow additional sessions extension
"no-more-sessions@openssh.com"
Most SSH connections will only ever request a single session, but a
@ -98,7 +105,7 @@ of this message, the no-more-sessions request is only sent to OpenSSH
servers (identified by banner). Other SSH implementations may be
whitelisted to receive this message upon request.
5. connection: Tunnel forward extension "tun@openssh.com"
6. connection: Tunnel forward extension "tun@openssh.com"
OpenSSH supports layer 2 and layer 3 tunnelling via the "tun@openssh.com"
channel type. This channel type supports forwarding of network packets
@ -121,10 +128,10 @@ layer 2 frames or layer 3 packets. It may take one of the following values:
SSH_TUNMODE_ETHERNET 2 /* layer 2 frames */
The "tunnel unit number" specifies the remote interface number, or may
be zero to allow the server to automatically chose an interface. A server
that is not willing to open a client-specified unit should refuse the
request with a SSH_MSG_CHANNEL_OPEN_FAILURE error. On successful open,
the server should reply with SSH_MSG_CHANNEL_OPEN_SUCCESS.
be 0x7fffffff to allow the server to automatically chose an interface. A
server that is not willing to open a client-specified unit should refuse
the request with a SSH_MSG_CHANNEL_OPEN_FAILURE error. On successful
open, the server should reply with SSH_MSG_CHANNEL_OPEN_SUCCESS.
Once established the client and server may exchange packet or frames
over the tunnel channel by encapsulating them in SSH protocol strings
@ -151,7 +158,7 @@ It may be one of:
The "packet data" field consists of the IPv4/IPv6 datagram itself
without any link layer header.
The contents of the "data" field for layer 3 packets is:
The contents of the "data" field for layer 2 packets is:
uint32 packet length
byte[packet length] frame
@ -159,7 +166,7 @@ The contents of the "data" field for layer 3 packets is:
The "frame" field contains an IEEE 802.3 Ethernet frame, including
header.
6. sftp: Reversal of arguments to SSH_FXP_SYMLINK
7. sftp: Reversal of arguments to SSH_FXP_SYMLINK
When OpenSSH's sftp-server was implemented, the order of the arguments
to the SSH_FXP_SYMLINK method was inadvertently reversed. Unfortunately,
@ -172,7 +179,7 @@ SSH_FXP_SYMLINK as follows:
string targetpath
string linkpath
7. sftp: Server extension announcement in SSH_FXP_VERSION
8. sftp: Server extension announcement in SSH_FXP_VERSION
OpenSSH's sftp-server lists the extensions it supports using the
standard extension announcement mechanism in the SSH_FXP_VERSION server
@ -193,7 +200,7 @@ ever changed in an incompatible way. The server MAY advertise the same
extension with multiple versions (though this is unlikely). Clients MUST
check the version number before attempting to use the extension.
8. sftp: Extension request "posix-rename@openssh.com"
9. sftp: Extension request "posix-rename@openssh.com"
This operation provides a rename operation with POSIX semantics, which
are different to those provided by the standard SSH_FXP_RENAME in
@ -210,7 +217,7 @@ rename(oldpath, newpath) and will respond with a SSH_FXP_STATUS message.
This extension is advertised in the SSH_FXP_VERSION hello with version
"1".
9. sftp: Extension requests "statvfs@openssh.com" and
10. sftp: Extension requests "statvfs@openssh.com" and
"fstatvfs@openssh.com"
These requests correspond to the statvfs and fstatvfs POSIX system
@ -251,4 +258,4 @@ The values of the f_flag bitmask are as follows:
Both the "statvfs@openssh.com" and "fstatvfs@openssh.com" extensions are
advertised in the SSH_FXP_VERSION hello with version "2".
$OpenBSD: PROTOCOL,v 1.12 2009/02/14 06:35:49 djm Exp $
$OpenBSD: PROTOCOL,v 1.15 2010/02/26 20:29:54 djm Exp $

24
PROTOCOL.agent
View File

@ -173,6 +173,15 @@ be added using the following request
string key_comment
constraint[] key_constraints
DSA certificates may be added with:
byte SSH2_AGENTC_ADD_IDENTITY or
SSH2_AGENTC_ADD_ID_CONSTRAINED
string "ssh-dss-cert-v00@openssh.com"
string certificate
mpint dsa_private_key
string key_comment
constraint[] key_constraints
RSA keys may be added with this request:
byte SSH2_AGENTC_ADD_IDENTITY or
@ -187,6 +196,19 @@ RSA keys may be added with this request:
string key_comment
constraint[] key_constraints
RSA certificates may be added with this request:
byte SSH2_AGENTC_ADD_IDENTITY or
SSH2_AGENTC_ADD_ID_CONSTRAINED
string "ssh-rsa-cert-v00@openssh.com"
string certificate
mpint rsa_d
mpint rsa_iqmp
mpint rsa_p
mpint rsa_q
string key_comment
constraint[] key_constraints
Note that the 'rsa_p' and 'rsa_q' parameters are sent in the reverse
order to the protocol 1 add keys message. As with the corresponding
protocol 1 "add key" request, the private key is overspecified to avoid
@ -513,4 +535,4 @@ Locking and unlocking affects both protocol 1 and protocol 2 keys.
SSH_AGENT_CONSTRAIN_LIFETIME 1
SSH_AGENT_CONSTRAIN_CONFIRM 2
$OpenBSD: PROTOCOL.agent,v 1.4 2008/07/01 23:12:47 stevesk Exp $
$OpenBSD: PROTOCOL.agent,v 1.5 2010/02/26 20:29:54 djm Exp $

193
PROTOCOL.certkeys Normal file
View File

@ -0,0 +1,193 @@
This document describes a simple public-key certificate authentication
system for use by SSH.
Background
----------
The SSH protocol currently supports a simple public key authentication
mechanism. Unlike other public key implementations, SSH eschews the
use of X.509 certificates and uses raw keys. This approach has some
benefits relating to simplicity of configuration and minimisation
of attack surface, but it does not support the important use-cases
of centrally managed, passwordless authentication and centrally
certified host keys.
These protocol extensions build on the simple public key authentication
system already in SSH to allow certificate-based authentication.
The certificates used are not traditional X.509 certificates, with
numerous options and complex encoding rules, but something rather
more minimal: a key, some identity information and usage constraints
that have been signed with some other trusted key.
A sshd server may be configured to allow authentication via certified
keys, by extending the existing ~/.ssh/authorized_keys mechanism
to allow specification of certification authority keys in addition
to raw user keys. The ssh client will support automatic verification
of acceptance of certified host keys, by adding a similar ability
to specify CA keys in ~/.ssh/known_hosts.
Certified keys are represented using two new key types:
ssh-rsa-cert-v00@openssh.com and ssh-dss-cert-v00@openssh.com that
include certification information along with the public key that is used
to sign challenges. ssh-keygen performs the CA signing operation.
Protocol extensions
-------------------
The SSH wire protocol includes several extensibility mechanisms.
These modifications shall take advantage of namespaced public key
algorithm names to add support for certificate authentication without
breaking the protocol - implementations that do not support the
extensions will simply ignore them.
Authentication using the new key formats described below proceeds
using the existing SSH "publickey" authentication method described
in RFC4252 section 7.
New public key formats
----------------------
The ssh-rsa-cert-v00@openssh.com and ssh-dss-cert-v00@openssh.com key
types take a similar high-level format (note: data types and
encoding are as per RFC4251 section 5). The serialised wire encoding of
these certificates is also used for storing them on disk.
#define SSH_CERT_TYPE_USER 1
#define SSH_CERT_TYPE_HOST 2
RSA certificate
string "ssh-rsa-cert-v00@openssh.com"
mpint e
mpint n
uint32 type
string key id
string valid principals
uint64 valid after
uint64 valid before
string constraints
string nonce
string reserved
string signature key
string signature
DSA certificate
string "ssh-dss-cert-v00@openssh.com"
mpint p
mpint q
mpint g
mpint y
uint32 type
string key id
string valid principals
uint64 valid after
uint64 valid before
string constraints
string nonce
string reserved
string signature key
string signature
e and n are the RSA exponent and public modulus respectively.
p, q, g, y are the DSA parameters as described in FIPS-186-2.
type specifies whether this certificate is for identification of a user
or a host using a SSH_CERT_TYPE_... value.
key id is a free-form text field that is filled in by the CA at the time
of signing; the intention is that the contents of this field are used to
identify the identity principal in log messages.
"valid principals" is a string containing zero or more principals as
strings packed inside it. These principals list the names for which this
certificate is valid; hostnames for SSH_CERT_TYPE_HOST certificates and
usernames for SSH_CERT_TYPE_USER certificates. As a special case, a
zero-length "valid principals" field means the certificate is valid for
any principal of the specified type. XXX DNS wildcards?
"valid after" and "valid before" specify a validity period for the
certificate. Each represents a time in seconds since 1970-01-01
00:00:00. A certificate is considered valid if:
valid after <= current time < valid before
constraints is a set of zero or more key constraints encoded as below.
The nonce field is a CA-provided random bitstring of arbitrary length
(but typically 16 or 32 bytes) included to make attacks that depend on
inducing collisions in the signature hash infeasible.
The reserved field is current unused and is ignored in this version of
the protocol.
signature key contains the CA key used to sign the certificate.
The valid key types for CA keys are ssh-rsa and ssh-dss. "Chained"
certificates, where the signature key type is a certificate type itself
are NOT supported. Note that it is possible for a RSA certificate key to
be signed by a DSS CA key and vice-versa.
signature is computed over all preceding fields from the initial string
up to, and including the signature key. Signatures are computed and
encoded according to the rules defined for the CA's public key algorithm
(RFC4253 section 6.6 for ssh-rsa and ssh-dss).
Constraints
-----------
The constraints section of the certificate specifies zero or more
constraints on the certificates validity. The format of this field
is a sequence of zero or more tuples:
string name
string data
The name field identifies the constraint and the data field encodes
constraint-specific information (see below). All constraints are
"critical", if an implementation does not recognise a constraint
then the validating party should refuse to accept the certificate.
The supported constraints and the contents and structure of their
data fields are:
Name Format Description
-----------------------------------------------------------------------------
force-command string Specifies a command that is executed
(replacing any the user specified on the
ssh command-line) whenever this key is
used for authentication.
permit-X11-forwarding empty Flag indicating that X11 forwarding
should be permitted. X11 forwarding will
be refused if this constraint is absent.
permit-agent-forwarding empty Flag indicating that agent forwarding
should be allowed. Agent forwarding
must not be permitted unless this
constraint is present.
permit-port-forwarding empty Flag indicating that port-forwarding
should be allowed. If this constraint is
not present then no port forwarding will
be allowed.
permit-pty empty Flag indicating that PTY allocation
should be permitted. In the absence of
this constraint PTY allocation will be
disabled.
permit-user-rc empty Flag indicating that execution of
~/.ssh/rc should be permitted. Execution
of this script will not be permitted if
this constraint is not present.
source-address string Comma-separated list of source addresses
from which this certificate is accepted
for authentication. Addresses are
specified in CIDR format (nn.nn.nn.nn/nn
or hhhh::hhhh/nn).
If this constraint is not present then
certificates may be presented from any
source address.
$OpenBSD: PROTOCOL.certkeys,v 1.3 2010/03/03 22:50:40 djm Exp $

196
PROTOCOL.mux Normal file
View File

@ -0,0 +1,196 @@
This document describes the multiplexing protocol used by ssh(1)'s
ControlMaster connection-sharing.
Most messages from the client to the server contain a "request id" field.
This field is returned in replies as "client request id" to facilitate
matching of responses to requests.
1. Connection setup
When a multiplexing connection is made to a ssh(1) operating as a
ControlMaster from a ssh(1) in multiplex slave mode, the first
action of each is to exchange hello messages:
uint32 MUX_MSG_HELLO
uint32 protocol version
string extension name [optional]
string extension value [optional]
...
The current version of the mux protocol is 4. A slave should refuse
to connect to a master that speaks an unsupported protocol version.
Following the version identifier are zero or more extensions
represented as a name/value pair. No extensions are currently
defined.
2. Opening sessions
To open a new multiplexed session, a client may send the following
request:
uint32 MUX_C_MSG_NEW_SESSION
uint32 request id
string reserved
bool want tty flag
bool want X11 forwarding flag
bool want agent flag
bool subsystem flag
uint32 escape char
string terminal type
string command
string environment string 0 [optional]
...
To disable the use of an escape character, "escape char" may be set
to 0xffffffff. "terminal type" is generally set to the value of
$TERM. zero or more environment strings may follow the command.
The client then sends its standard input, output and error file
descriptors (in that order) using Unix domain socket control messages.
The contents of "reserved" are currently ignored.
If successful, the server will reply with MUX_S_SESSION_OPENED
uint32 MUX_S_SESSION_OPENED
uint32 client request id
uint32 session id
Otherwise it will reply with an error: MUX_S_PERMISSION_DENIED or
MUX_S_FAILURE.
Once the server has received the fds, it will respond with MUX_S_OK
indicating that the session is up. The client now waits for the
session to end. When it does, the server will send an exit status
message:
uint32 MUX_S_EXIT_MESSAGE
uint32 session id
uint32 exit value
The client should exit with this value to mimic the behaviour of a
non-multiplexed ssh(1) connection. Two additional cases that the
client must cope with are it receiving a signal itself and the
server disconnecting without sending an exit message.
3. Health checks
The client may request a health check/PID report from a server:
uint32 MUX_C_ALIVE_CHECK
uint32 request id
The server replies with:
uint32 MUX_S_ALIVE
uint32 client request id
uint32 server pid
4. Remotely terminating a master
A client may request that a master terminate immediately:
uint32 MUX_C_TERMINATE
uint32 request id
The server will reply with one of MUX_S_OK or MUX_S_PERMISSION_DENIED.
5. Requesting establishment of port forwards
A client may request the master to establish a port forward:
uint32 MUX_C_OPEN_FORWARD
uint32 request id
uint32 forwarding type
string listen host
string listen port
string connect host
string connect port
forwarding type may be MUX_FWD_LOCAL, MUX_FWD_REMOTE, MUX_FWD_DYNAMIC.
A server may reply with a MUX_S_OK, a MUX_S_PERMISSION_DENIED or a
MUX_S_FAILURE.
5. Requesting closure of port forwards
A client may request the master to establish a port forward:
uint32 MUX_C_OPEN_FORWARD
uint32 request id
uint32 forwarding type
string listen host
string listen port
string connect host
string connect port
forwarding type may be MUX_FWD_LOCAL, MUX_FWD_REMOTE, MUX_FWD_DYNAMIC.
A server may reply with a MUX_S_OK, a MUX_S_PERMISSION_DENIED or a
MUX_S_FAILURE.
6. Requesting stdio forwarding
A client may request the master to establish a stdio forwarding:
uint32 MUX_C_NEW_STDIO_FWD
uint32 request id
string reserved
string connect host
string connect port
The client then sends its standard input and output file descriptors
(in that order) using Unix domain socket control messages.
The contents of "reserved" are currently ignored.
A server may reply with a MUX_S_SESSION_OPEED, a MUX_S_PERMISSION_DENIED
or a MUX_S_FAILURE.
7. Status messages
The MUX_S_OK message is empty:
uint32 MUX_S_OK
uint32 client request id
The MUX_S_PERMISSION_DENIED and MUX_S_FAILURE include a reason:
uint32 MUX_S_PERMISSION_DENIED
uint32 client request id
string reason
uint32 MUX_S_FAILURE
uint32 client request id
string reason
7. Protocol numbers
#define MUX_MSG_HELLO 0x00000001
#define MUX_C_NEW_SESSION 0x10000002
#define MUX_C_ALIVE_CHECK 0x10000004
#define MUX_C_TERMINATE 0x10000005
#define MUX_C_OPEN_FORWARD 0x10000006
#define MUX_C_CLOSE_FORWARD 0x10000007
#define MUX_S_OK 0x80000001
#define MUX_S_PERMISSION_DENIED 0x80000002
#define MUX_S_FAILURE 0x80000003
#define MUX_S_EXIT_MESSAGE 0x80000004
#define MUX_S_ALIVE 0x80000005
#define MUX_S_SESSION_OPENED 0x80000006
#define MUX_FWD_LOCAL 1
#define MUX_FWD_REMOTE 2
#define MUX_FWD_DYNAMIC 3
XXX TODO
XXX extended status (e.g. report open channels / forwards)
XXX graceful close (delete listening socket, but keep existing sessions active)
XXX lock (maybe)
XXX watch in/out traffic (pre/post crypto)
XXX inject packet (what about replies)
XXX server->client error/warning notifications
XXX port0 rfwd (need custom response message)
XXX send signals via mux
$OpenBSD: PROTOCOL.mux,v 1.1 2010/01/26 01:28:35 djm Exp $

4
README
View File

@ -1,4 +1,4 @@
See http://www.openssh.com/txt/release-5.3 for the release notes.
See http://www.openssh.com/txt/release-5.4 for the release notes.
- A Japanese translation of this document and of the OpenSSH FAQ is
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
@ -62,4 +62,4 @@ References -
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
[7] http://www.openssh.com/faq.html
$Id: README,v 1.70.4.1 2009/09/26 04:11:47 djm Exp $
$Id: README,v 1.72 2010/03/07 22:41:02 djm Exp $

78
addrmatch.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: addrmatch.c,v 1.4 2008/12/10 03:55:20 stevesk Exp $ */
/* $OpenBSD: addrmatch.c,v 1.5 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@ -126,6 +126,8 @@ addr_netmask(int af, u_int l, struct xaddr *n)
switch (af) {
case AF_INET:
n->af = AF_INET;
if (l == 0)
return 0;
n->v4.s_addr = htonl((0xffffffff << (32 - l)) & 0xffffffff);
return 0;
case AF_INET6:
@ -422,3 +424,77 @@ addr_match_list(const char *addr, const char *_list)
return ret;
}
/*
* Match "addr" against list CIDR list "_list". Lexical wildcards and
* negation are not supported. If "addr" == NULL, will verify structure
* of "_list".
*
* Returns 1 on match found (never returned when addr == NULL).
* Returns 0 on if no match found, or no errors found when addr == NULL.
* Returns -1 on error
*/
int
addr_match_cidr_list(const char *addr, const char *_list)
{
char *list, *cp, *o;
struct xaddr try_addr, match_addr;
u_int masklen;
int ret = 0, r;
if (addr != NULL && addr_pton(addr, &try_addr) != 0) {
debug2("%s: couldn't parse address %.100s", __func__, addr);
return 0;
}
if ((o = list = strdup(_list)) == NULL)
return -1;
while ((cp = strsep(&list, ",")) != NULL) {
if (*cp == '\0') {
error("%s: empty entry in list \"%.100s\"",
__func__, o);
ret = -1;
break;
}
/*
* NB. This function is called in pre-auth with untrusted data,
* so be extra paranoid about junk reaching getaddrino (via
* addr_pton_cidr).
*/
/* Stop junk from reaching getaddrinfo. +3 is for masklen */
if (strlen(cp) > INET6_ADDRSTRLEN + 3) {
error("%s: list entry \"%.100s\" too long",
__func__, cp);
ret = -1;
break;
}
#define VALID_CIDR_CHARS "0123456789abcdefABCDEF.:/"
if (strspn(cp, VALID_CIDR_CHARS) != strlen(cp)) {
error("%s: list entry \"%.100s\" contains invalid "
"characters", __func__, cp);
ret = -1;
}
/* Prefer CIDR address matching */
r = addr_pton_cidr(cp, &match_addr, &masklen);
if (r == -1) {
error("Invalid network entry \"%.100s\"", cp);
ret = -1;
break;
} else if (r == -2) {
error("Inconsistent mask length for "
"network \"%.100s\"", cp);
ret = -1;
break;
} else if (r == 0 && addr != NULL) {
if (addr_netmatch(&try_addr, &match_addr,
masklen) == 0)
ret = 1;
continue;
}
}
xfree(o);
return ret;
}

13
auth-krb5.c
View File

@ -78,6 +78,11 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
krb5_error_code problem;
krb5_ccache ccache = NULL;
int len;
char *client, *platform_client;
/* get platform-specific kerberos client principal name (if it exists) */
platform_client = platform_krb5_get_principal_name(authctxt->pw->pw_name);
client = platform_client ? platform_client : authctxt->pw->pw_name;
temporarily_use_uid(authctxt->pw);
@ -85,7 +90,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
if (problem)
goto out;
problem = krb5_parse_name(authctxt->krb5_ctx, authctxt->pw->pw_name,
problem = krb5_parse_name(authctxt->krb5_ctx, client,
&authctxt->krb5_user);
if (problem)
goto out;
@ -141,8 +146,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
if (problem)
goto out;
if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user,
authctxt->pw->pw_name)) {
if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, client)) {
problem = -1;
goto out;
}
@ -176,6 +180,9 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
out:
restore_uid();
if (platform_client != NULL)
xfree(platform_client);
if (problem) {
if (ccache)

169
auth-options.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth-options.c,v 1.44 2009/01/22 10:09:16 djm Exp $ */
/* $OpenBSD: auth-options.c,v 1.48 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -44,6 +44,7 @@ int no_agent_forwarding_flag = 0;
int no_x11_forwarding_flag = 0;
int no_pty_flag = 0;
int no_user_rc = 0;
int key_is_cert_authority = 0;
/* "command=" option. */
char *forced_command = NULL;
@ -64,6 +65,7 @@ auth_clear_options(void)
no_pty_flag = 0;
no_x11_forwarding_flag = 0;
no_user_rc = 0;
key_is_cert_authority = 0;
while (custom_environment) {
struct envstring *ce = custom_environment;
custom_environment = ce->next;
@ -76,7 +78,6 @@ auth_clear_options(void)
}
forced_tun_device = -1;
channel_clear_permitted_opens();
auth_debug_reset();
}
/*
@ -96,6 +97,12 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
return 1;
while (*opts && *opts != ' ' && *opts != '\t') {
cp = "cert-authority";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
key_is_cert_authority = 1;
opts += strlen(cp);
goto next_option;
}
cp = "no-port-forwarding";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
auth_debug_add("Port forwarding disabled.");
@ -356,9 +363,6 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
/* Process the next option. */
}
if (!use_privsep)
auth_debug_send();
/* grant access */
return 1;
@ -368,9 +372,158 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
auth_debug_add("Bad options in %.100s file, line %lu: %.50s",
file, linenum, opts);
if (!use_privsep)
auth_debug_send();
/* deny access */
return 0;
}
/*
* Set options from certificate constraints. These supersede user key options
* so this must be called after auth_parse_options().
*/
int
auth_cert_constraints(Buffer *c_orig, struct passwd *pw)
{
u_char *name = NULL, *data_blob = NULL;
u_int nlen, dlen, clen;
Buffer c, data;
int ret = -1;
int cert_no_port_forwarding_flag = 1;
int cert_no_agent_forwarding_flag = 1;
int cert_no_x11_forwarding_flag = 1;
int cert_no_pty_flag = 1;
int cert_no_user_rc = 1;
char *cert_forced_command = NULL;
int cert_source_address_done = 0;
buffer_init(&data);
/* Make copy to avoid altering original */
buffer_init(&c);
buffer_append(&c, buffer_ptr(c_orig), buffer_len(c_orig));
while (buffer_len(&c) > 0) {
if ((name = buffer_get_string_ret(&c, &nlen)) == NULL ||
(data_blob = buffer_get_string_ret(&c, &dlen)) == NULL) {
error("Certificate constraints corrupt");
goto out;
}
buffer_append(&data, data_blob, dlen);
debug3("found certificate constraint \"%.100s\" len %u",
name, dlen);
if (strlen(name) != nlen) {
error("Certificate constraint name contains \\0");
goto out;
}
if (strcmp(name, "permit-X11-forwarding") == 0)
cert_no_x11_forwarding_flag = 0;
else if (strcmp(name, "permit-agent-forwarding") == 0)
cert_no_agent_forwarding_flag = 0;
else if (strcmp(name, "permit-port-forwarding") == 0)
cert_no_port_forwarding_flag = 0;
else if (strcmp(name, "permit-pty") == 0)
cert_no_pty_flag = 0;
else if (strcmp(name, "permit-user-rc") == 0)
cert_no_user_rc = 0;
else if (strcmp(name, "force-command") == 0) {
char *command = buffer_get_string_ret(&data, &clen);
if (command == NULL) {
error("Certificate constraint \"%s\" corrupt",
name);
goto out;
}
if (strlen(command) != clen) {
error("force-command constrain contains \\0");
goto out;
}
if (cert_forced_command != NULL) {
error("Certificate has multiple "
"force-command constraints");
xfree(command);
goto out;
}
cert_forced_command = command;
} else if (strcmp(name, "source-address") == 0) {
char *allowed = buffer_get_string_ret(&data, &clen);
const char *remote_ip = get_remote_ipaddr();
if (allowed == NULL) {
error("Certificate constraint \"%s\" corrupt",
name);
goto out;
}
if (strlen(allowed) != clen) {
error("source-address constrain contains \\0");
goto out;
}
if (cert_source_address_done++) {
error("Certificate has multiple "
"source-address constraints");
xfree(allowed);
goto out;
}
switch (addr_match_cidr_list(remote_ip, allowed)) {
case 1:
/* accepted */
xfree(allowed);
break;
case 0:
/* no match */
logit("Authentication tried for %.100s with "
"valid certificate but not from a "
"permitted host (ip=%.200s).",
pw->pw_name, remote_ip);
auth_debug_add("Your address '%.200s' is not "
"permitted to use this certificate for "
"login.", remote_ip);
xfree(allowed);
goto out;
case -1:
error("Certificate source-address contents "
"invalid");
xfree(allowed);
goto out;
}
} else {
error("Certificate constraint \"%s\" is not supported",
name);
goto out;
}
if (buffer_len(&data) != 0) {
error("Certificate constraint \"%s\" corrupt "
"(extra data)", name);
goto out;
}
buffer_clear(&data);
xfree(name);
xfree(data_blob);
name = data_blob = NULL;
}
/* successfully parsed all constraints */
ret = 0;
no_port_forwarding_flag |= cert_no_port_forwarding_flag;
no_agent_forwarding_flag |= cert_no_agent_forwarding_flag;
no_x11_forwarding_flag |= cert_no_x11_forwarding_flag;
no_pty_flag |= cert_no_pty_flag;
no_user_rc |= cert_no_user_rc;
/* CA-specified forced command supersedes key option */
if (cert_forced_command != NULL) {
if (forced_command != NULL)
xfree(forced_command);
forced_command = cert_forced_command;
}
out:
if (name != NULL)
xfree(name);
if (data_blob != NULL)
xfree(data_blob);
buffer_free(&data);
buffer_free(&c);
return ret;
}

4
auth-options.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth-options.h,v 1.17 2008/03/26 21:28:14 djm Exp $ */
/* $OpenBSD: auth-options.h,v 1.18 2010/02/26 20:29:54 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -30,8 +30,10 @@ extern int no_user_rc;
extern char *forced_command;
extern struct envstring *custom_environment;
extern int forced_tun_device;
extern int key_is_cert_authority;
int auth_parse_options(struct passwd *, char *, char *, u_long);
void auth_clear_options(void);
int auth_cert_constraints(Buffer *, struct passwd *);
#endif

5
auth-rh-rsa.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth-rh-rsa.c,v 1.42 2006/08/03 03:34:41 deraadt Exp $ */
/* $OpenBSD: auth-rh-rsa.c,v 1.43 2010/03/04 10:36:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -44,6 +44,9 @@ auth_rhosts_rsa_key_allowed(struct passwd *pw, char *cuser, char *chost,
{
HostStatus host_status;
if (auth_key_is_revoked(client_host_key))
return 0;
/* Check if we would accept it using rhosts authentication. */
if (!auth_rhosts(pw, cuser))
return 0;

10
auth-rhosts.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth-rhosts.c,v 1.43 2008/06/13 14:18:51 dtucker Exp $ */
/* $OpenBSD: auth-rhosts.c,v 1.44 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -317,11 +317,5 @@ int
auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname,
const char *ipaddr)
{
int ret;
auth_debug_reset();
ret = auth_rhosts2_raw(pw, client_user, hostname, ipaddr);
if (!use_privsep)
auth_debug_send();
return ret;
return auth_rhosts2_raw(pw, client_user, hostname, ipaddr);
}

5
auth-rsa.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth-rsa.c,v 1.73 2008/07/02 12:03:51 dtucker Exp $ */
/* $OpenBSD: auth-rsa.c,v 1.74 2010/03/04 10:36:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -94,6 +94,9 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
MD5_CTX md;
int len;
if (auth_key_is_revoked(key))
return 0;
/* don't allow short keys */
if (BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) {
error("auth_rsa_verify_response: RSA modulus too small: %d < minimum %d bits",

96
auth.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth.c,v 1.80 2008/11/04 07:58:09 djm Exp $ */
/* $OpenBSD: auth.c,v 1.86 2010/03/05 02:58:11 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -69,6 +69,7 @@
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "authfile.h"
#include "monitor_wrap.h"
/* import */
@ -95,7 +96,6 @@ allowed_user(struct passwd * pw)
{
struct stat st;
const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
char *shell;
u_int i;
#ifdef USE_SHADOW
struct spwd *spw = NULL;
@ -153,22 +153,28 @@ allowed_user(struct passwd * pw)
}
/*
* Get the shell from the password data. An empty shell field is
* legal, and means /bin/sh.
* Deny if shell does not exist or is not executable unless we
* are chrooting.
*/
shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
if (options.chroot_directory == NULL ||
strcasecmp(options.chroot_directory, "none") == 0) {
char *shell = xstrdup((pw->pw_shell[0] == '\0') ?
_PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */
/* deny if shell does not exists or is not executable */
if (stat(shell, &st) != 0) {
logit("User %.100s not allowed because shell %.100s does not exist",
pw->pw_name, shell);
return 0;
}
if (S_ISREG(st.st_mode) == 0 ||
(st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
logit("User %.100s not allowed because shell %.100s is not executable",
pw->pw_name, shell);
return 0;
if (stat(shell, &st) != 0) {
logit("User %.100s not allowed because shell %.100s "
"does not exist", pw->pw_name, shell);
xfree(shell);
return 0;
}
if (S_ISREG(st.st_mode) == 0 ||
(st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
logit("User %.100s not allowed because shell %.100s "
"is not executable", pw->pw_name, shell);
xfree(shell);
return 0;
}
xfree(shell);
}
if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
@ -455,7 +461,7 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
return -1;
}
/* If are passed the homedir then we can stop */
/* If are past the homedir then we can stop */
if (comparehome && strcmp(homedir, buf) == 0) {
debug3("secure_filename: terminating check at '%s'",
buf);
@ -483,8 +489,12 @@ auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes)
* Open the file containing the authorized keys
* Fail quietly if file does not exist
*/
if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1)
if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {
if (errno != ENOENT)
debug("Could not open keyfile '%s': %s", file,
strerror(errno));
return NULL;
}
if (fstat(fd, &st) < 0) {
close(fd);
@ -525,7 +535,28 @@ getpwnamallow(const char *user)
parse_server_match_config(&options, user,
get_canonical_hostname(options.use_dns), get_remote_ipaddr());
#if defined(_AIX) && defined(HAVE_SETAUTHDB)
aix_setauthdb(user);
#endif
pw = getpwnam(user);
#if defined(_AIX) && defined(HAVE_SETAUTHDB)
aix_restoreauthdb();
#endif
#ifdef HAVE_CYGWIN
/*
* Windows usernames are case-insensitive. To avoid later problems
* when trying to match the username, the user is only allowed to
* login if the username is given in the same case as stored in the
* user database.
*/
if (pw != NULL && strcmp(user, pw->pw_name) != 0) {
logit("Login name %.100s does not match stored username %.100s",
user, pw->pw_name);
pw = NULL;
}
#endif
if (pw == NULL) {
logit("Invalid user %.100s from %.100s",
user, get_remote_ipaddr());
@ -560,6 +591,35 @@ getpwnamallow(const char *user)
return (NULL);
}
/* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */
int
auth_key_is_revoked(Key *key)
{
char *key_fp;
if (options.revoked_keys_file == NULL)
return 0;
switch (key_in_file(key, options.revoked_keys_file, 0)) {
case 0:
/* key not revoked */
return 0;
case -1:
/* Error opening revoked_keys_file: refuse all keys */
error("Revoked keys file is unreadable: refusing public key "
"authentication");
return 1;
case 1:
/* Key revoked */
key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
error("WARNING: authentication attempt with a revoked "
"%s key %s ", key_type(key), key_fp);
xfree(key_fp);
return 1;
}
fatal("key_in_file returned junk");
}
void
auth_debug_add(const char *fmt,...)
{

6
auth.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth.h,v 1.62 2008/11/04 08:22:12 djm Exp $ */
/* $OpenBSD: auth.h,v 1.65 2010/03/04 10:36:03 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -171,6 +171,7 @@ char *authorized_keys_file(struct passwd *);
char *authorized_keys_file2(struct passwd *);
FILE *auth_openkeyfile(const char *, struct passwd *, int);
int auth_key_is_revoked(Key *);
HostStatus
check_key_in_hostfiles(struct passwd *, Key *, const char *,
@ -178,7 +179,8 @@ check_key_in_hostfiles(struct passwd *, Key *, const char *,
/* hostkey handling */
Key *get_hostkey_by_index(int);
Key *get_hostkey_by_type(int);
Key *get_hostkey_public_by_type(int);
Key *get_hostkey_private_by_type(int);
int get_hostkey_index(Key *);
int ssh1_session_key(BIGNUM *);

5
auth2-hostbased.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-hostbased.c,v 1.12 2008/07/17 08:51:07 djm Exp $ */
/* $OpenBSD: auth2-hostbased.c,v 1.13 2010/03/04 10:36:03 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -145,6 +145,9 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
HostStatus host_status;
int len;
if (auth_key_is_revoked(key))
return 0;
resolvedname = get_canonical_hostname(options.use_dns);
ipaddr = get_remote_ipaddr();

88
auth2-pubkey.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: auth2-pubkey.c,v 1.19 2008/07/03 21:46:58 otto Exp $ */
/* $OpenBSD: auth2-pubkey.c,v 1.21 2010/03/04 10:36:03 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -32,6 +32,8 @@
#include <pwd.h>
#include <stdio.h>
#include <stdarg.h>
#include <string.h>
#include <time.h>
#include <unistd.h>
#include "xmalloc.h"
@ -54,6 +56,7 @@
#endif
#include "monitor_wrap.h"
#include "misc.h"
#include "authfile.h"
/* import */
extern ServerOptions options;
@ -178,6 +181,7 @@ static int
user_key_allowed2(struct passwd *pw, Key *key, char *file)
{
char line[SSH_MAX_PUBKEY_BYTES];
const char *reason;
int found_key = 0;
FILE *f;
u_long linenum = 0;
@ -196,11 +200,13 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
}
found_key = 0;
found = key_new(key->type);
found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
char *cp, *key_options = NULL;
auth_clear_options();
/* Skip leading whitespace, empty and comment lines. */
for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
;
@ -227,8 +233,32 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
continue;
}
}
if (key_equal(found, key) &&
auth_parse_options(pw, key_options, file, linenum) == 1) {
if (auth_parse_options(pw, key_options, file, linenum) != 1)
continue;
if (key->type == KEY_RSA_CERT || key->type == KEY_DSA_CERT) {
if (!key_is_cert_authority)
continue;
if (!key_equal(found, key->cert->signature_key))
continue;
debug("matching CA found: file %s, line %lu",
file, linenum);
fp = key_fingerprint(found, SSH_FP_MD5,
SSH_FP_HEX);
verbose("Found matching %s CA: %s",
key_type(found), fp);
xfree(fp);
if (key_cert_check_authority(key, 0, 0, pw->pw_name,
&reason) != 0) {
error("%s", reason);
auth_debug_add("%s", reason);
continue;
}
if (auth_cert_constraints(&key->cert->constraints,
pw) != 0)
continue;
found_key = 1;
break;
} else if (!key_is_cert_authority && key_equal(found, key)) {
found_key = 1;
debug("matching key found: file %s, line %lu",
file, linenum);
@ -247,6 +277,47 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
return found_key;
}
/* Authenticate a certificate key against TrustedUserCAKeys */
static int
user_cert_trusted_ca(struct passwd *pw, Key *key)
{
char *key_fp, *ca_fp;
const char *reason;
int ret = 0;
if (!key_is_cert(key) || options.trusted_user_ca_keys == NULL)
return 0;
key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
ca_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
if (key_in_file(key->cert->signature_key,
options.trusted_user_ca_keys, 1) != 1) {
debug2("%s: CA %s %s is not listed in %s", __func__,
key_type(key->cert->signature_key), ca_fp,
options.trusted_user_ca_keys);
goto out;
}
if (key_cert_check_authority(key, 0, 1, pw->pw_name, &reason) != 0) {
error("%s", reason);
auth_debug_add("%s", reason);
goto out;
}
if (auth_cert_constraints(&key->cert->constraints, pw) != 0)
goto out;
verbose("%s certificate %s allowed by trusted %s key %s",
key_type(key), key_fp, key_type(key->cert->signature_key), ca_fp);
ret = 1;
out:
if (key_fp != NULL)
xfree(key_fp);
if (ca_fp != NULL)
xfree(ca_fp);
return ret;
}
/* check whether given key is in .ssh/authorized_keys* */
int
user_key_allowed(struct passwd *pw, Key *key)
@ -254,6 +325,15 @@ user_key_allowed(struct passwd *pw, Key *key)
int success;
char *file;
if (auth_key_is_revoked(key))
return 0;
if (key_is_cert(key) && auth_key_is_revoked(key->cert->signature_key))
return 0;
success = user_cert_trusted_ca(pw, key);
if (success)
return success;
file = authorized_keys_file(pw);
success = user_key_allowed2(pw, key, file);
xfree(file);

30
authfd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfd.c,v 1.80 2006/08/03 03:34:41 deraadt Exp $ */
/* $OpenBSD: authfd.c,v 1.82 2010/02/26 20:29:54 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -483,6 +483,16 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
buffer_put_bignum2(b, key->rsa->p);
buffer_put_bignum2(b, key->rsa->q);
break;
case KEY_RSA_CERT:
if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
fatal("%s: no cert/certblob", __func__);
buffer_put_string(b, buffer_ptr(&key->cert->certblob),
buffer_len(&key->cert->certblob));
buffer_put_bignum2(b, key->rsa->d);
buffer_put_bignum2(b, key->rsa->iqmp);
buffer_put_bignum2(b, key->rsa->p);
buffer_put_bignum2(b, key->rsa->q);
break;
case KEY_DSA:
buffer_put_bignum2(b, key->dsa->p);
buffer_put_bignum2(b, key->dsa->q);
@ -490,6 +500,13 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
buffer_put_bignum2(b, key->dsa->pub_key);
buffer_put_bignum2(b, key->dsa->priv_key);
break;
case KEY_DSA_CERT:
if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
fatal("%s: no cert/certblob", __func__);
buffer_put_string(b, buffer_ptr(&key->cert->certblob),
buffer_len(&key->cert->certblob));
buffer_put_bignum2(b, key->dsa->priv_key);
break;
}
buffer_put_cstring(b, comment);
}
@ -517,7 +534,9 @@ ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
ssh_encode_identity_rsa1(&msg, key->rsa, comment);
break;
case KEY_RSA:
case KEY_RSA_CERT:
case KEY_DSA:
case KEY_DSA_CERT:
type = constrained ?
SSH2_AGENTC_ADD_ID_CONSTRAINED :
SSH2_AGENTC_ADD_IDENTITY;
@ -545,12 +564,6 @@ ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
return decode_reply(type);
}
int
ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment)
{
return ssh_add_identity_constrained(auth, key, comment, 0, 0);
}
/*
* Removes an identity from the authentication server. This call is not
* meant to be used by normal applications.
@ -571,7 +584,8 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key)
buffer_put_int(&msg, BN_num_bits(key->rsa->n));
buffer_put_bignum(&msg, key->rsa->e);
buffer_put_bignum(&msg, key->rsa->n);
} else if (key->type == KEY_DSA || key->type == KEY_RSA) {
} else if (key_type_plain(key->type) == KEY_DSA ||
key_type_plain(key->type) == KEY_RSA) {
key_to_blob(key, &blob, &blen);
buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY);
buffer_put_string(&msg, blob, blen);

3
authfd.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfd.h,v 1.36 2006/08/03 03:34:41 deraadt Exp $ */
/* $OpenBSD: authfd.h,v 1.37 2009/08/27 17:44:52 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -75,7 +75,6 @@ void ssh_close_authentication_connection(AuthenticationConnection *);
int ssh_get_num_identities(AuthenticationConnection *, int);
Key *ssh_get_first_identity(AuthenticationConnection *, char **, int);
Key *ssh_get_next_identity(AuthenticationConnection *, char **, int);
int ssh_add_identity(AuthenticationConnection *, Key *, const char *);
int ssh_add_identity_constrained(AuthenticationConnection *, Key *,
const char *, u_int, u_int);
int ssh_remove_identity(AuthenticationConnection *, Key *);

83
authfile.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfile.c,v 1.76 2006/08/03 03:34:41 deraadt Exp $ */
/* $OpenBSD: authfile.c,v 1.80 2010/03/04 10:36:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -47,6 +47,9 @@
#include <openssl/evp.h>
#include <openssl/pem.h>
/* compatibility with old or broken OpenSSL versions */
#include "openbsd-compat/openssl-compat.h"
#include <errno.h>
#include <fcntl.h>
#include <stdarg.h>
@ -184,7 +187,11 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
int success = 0;
int len = strlen(_passphrase);
u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL;
#if (OPENSSL_VERSION_NUMBER < 0x00907000L)
const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL;
#else
const EVP_CIPHER *cipher = (len > 0) ? EVP_aes_128_cbc() : NULL;
#endif
if (len > 0 && len <= 4) {
error("passphrase too short: have %d bytes, need > 4", len);
@ -552,8 +559,13 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
int fd;
fd = open(filename, O_RDONLY);
if (fd < 0)
if (fd < 0) {
debug("could not open key file '%s': %s", filename,
strerror(errno));
if (perm_ok != NULL)
*perm_ok = 0;
return NULL;
}
if (!key_perm_ok(fd, filename)) {
if (perm_ok != NULL)
*perm_ok = 0;
@ -588,8 +600,11 @@ key_load_private(const char *filename, const char *passphrase,
int fd;
fd = open(filename, O_RDONLY);
if (fd < 0)
if (fd < 0) {
debug("could not open key file '%s': %s", filename,
strerror(errno));
return NULL;
}
if (!key_perm_ok(fd, filename)) {
error("bad permissions: ignore key: %s", filename);
close(fd);
@ -677,3 +692,65 @@ key_load_public(const char *filename, char **commentp)
key_free(pub);
return NULL;
}
/*
* Returns 1 if the specified "key" is listed in the file "filename",
* 0 if the key is not listed or -1 on error.
* If strict_type is set then the key type must match exactly,
* otherwise a comparison that ignores certficiate data is performed.
*/
int
key_in_file(Key *key, const char *filename, int strict_type)
{
FILE *f;
char line[SSH_MAX_PUBKEY_BYTES];
char *cp;
u_long linenum = 0;
int ret = 0;
Key *pub;
int (*key_compare)(const Key *, const Key *) = strict_type ?
key_equal : key_equal_public;
if ((f = fopen(filename, "r")) == NULL) {
if (errno == ENOENT) {
debug("%s: keyfile \"%s\" missing", __func__, filename);
return 0;
} else {
error("%s: could not open keyfile \"%s\": %s", __func__,
filename, strerror(errno));
return -1;
}
}
while (read_keyfile_line(f, filename, line, sizeof(line),
&linenum) != -1) {
cp = line;
/* Skip leading whitespace. */
for (; *cp && (*cp == ' ' || *cp == '\t'); cp++)
;
/* Skip comments and empty lines */
switch (*cp) {
case '#':
case '\n':
case '\0':
continue;
}
pub = key_new(KEY_UNSPEC);
if (key_read(pub, &cp) != 1) {
key_free(pub);
continue;
}
if (key_compare(key, pub)) {
ret = 1;
key_free(pub);
break;
}
key_free(pub);
}
fclose(f);
return ret;
}

3
authfile.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfile.h,v 1.13 2006/04/25 08:02:27 dtucker Exp $ */
/* $OpenBSD: authfile.h,v 1.14 2010/03/04 10:36:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -22,5 +22,6 @@ Key *key_load_private(const char *, const char *, char **);
Key *key_load_private_type(int, const char *, const char *, char **, int *);
Key *key_load_private_pem(int, int, const char *, char **);
int key_perm_ok(int, const char *);
int key_in_file(Key *, const char *, int);
#endif

28
bufaux.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: bufaux.c,v 1.46 2008/06/10 23:21:34 dtucker Exp $ */
/* $OpenBSD: bufaux.c,v 1.48 2010/02/02 22:49:34 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -166,7 +166,10 @@ buffer_get_string_ret(Buffer *buffer, u_int *length_ptr)
u_int len;
/* Get the length. */
len = buffer_get_int(buffer);
if (buffer_get_int_ret(&len, buffer) != 0) {
error("buffer_get_string_ret: cannot extract length");
return (NULL);
}
if (len > 256 * 1024) {
error("buffer_get_string_ret: bad string length %u", len);
return (NULL);
@ -198,14 +201,17 @@ buffer_get_string(Buffer *buffer, u_int *length_ptr)
}
void *
buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
buffer_get_string_ptr_ret(Buffer *buffer, u_int *length_ptr)
{
void *ptr;
u_int len;
len = buffer_get_int(buffer);
if (len > 256 * 1024)
fatal("buffer_get_string_ptr: bad string length %u", len);
if (buffer_get_int_ret(&len, buffer) != 0)
return NULL;
if (len > 256 * 1024) {
error("buffer_get_string_ptr: bad string length %u", len);
return NULL;
}
ptr = buffer_ptr(buffer);
buffer_consume(buffer, len);
if (length_ptr)
@ -213,6 +219,16 @@ buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
return (ptr);
}
void *
buffer_get_string_ptr(Buffer *buffer, u_int *length_ptr)
{
void *ret;
if ((ret = buffer_get_string_ptr_ret(buffer, length_ptr)) == NULL)
fatal("buffer_get_string_ptr: buffer error");
return (ret);
}
/*
* Stores and arbitrary binary string in the buffer.
*/

8
buffer.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: buffer.c,v 1.31 2006/08/03 03:34:41 deraadt Exp $ */
/* $OpenBSD: buffer.c,v 1.32 2010/02/09 03:56:28 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -160,7 +160,7 @@ buffer_check_alloc(Buffer *buffer, u_int len)
/* Returns the number of bytes of data in the buffer. */
u_int
buffer_len(Buffer *buffer)
buffer_len(const Buffer *buffer)
{
return buffer->end - buffer->offset;
}
@ -228,7 +228,7 @@ buffer_consume_end(Buffer *buffer, u_int bytes)
/* Returns a pointer to the first used byte in the buffer. */
void *
buffer_ptr(Buffer *buffer)
buffer_ptr(const Buffer *buffer)
{
return buffer->buf + buffer->offset;
}
@ -236,7 +236,7 @@ buffer_ptr(Buffer *buffer)
/* Dumps the contents of the buffer to stderr. */
void
buffer_dump(Buffer *buffer)
buffer_dump(const Buffer *buffer)
{
u_int i;
u_char *ucp = buffer->buf;

9
buffer.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: buffer.h,v 1.17 2008/05/08 06:59:01 markus Exp $ */
/* $OpenBSD: buffer.h,v 1.19 2010/02/09 03:56:28 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -27,8 +27,8 @@ void buffer_init(Buffer *);
void buffer_clear(Buffer *);
void buffer_free(Buffer *);
u_int buffer_len(Buffer *);
void *buffer_ptr(Buffer *);
u_int buffer_len(const Buffer *);
void *buffer_ptr(const Buffer *);
void buffer_append(Buffer *, const void *, u_int);
void *buffer_append_space(Buffer *, u_int);
@ -40,7 +40,7 @@ void buffer_get(Buffer *, void *, u_int);
void buffer_consume(Buffer *, u_int);
void buffer_consume_end(Buffer *, u_int);
void buffer_dump(Buffer *);
void buffer_dump(const Buffer *);
int buffer_get_ret(Buffer *, void *, u_int);
int buffer_consume_ret(Buffer *, u_int);
@ -81,6 +81,7 @@ int buffer_get_short_ret(u_short *, Buffer *);
int buffer_get_int_ret(u_int *, Buffer *);
int buffer_get_int64_ret(u_int64_t *, Buffer *);
void *buffer_get_string_ret(Buffer *, u_int *);
void *buffer_get_string_ptr_ret(Buffer *, u_int *);
int buffer_get_char_ret(char *, Buffer *);
#endif /* BUFFER_H */

20
canohost.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: canohost.c,v 1.65 2009/05/27 06:31:25 andreas Exp $ */
/* $OpenBSD: canohost.c,v 1.66 2010/01/13 01:20:20 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -27,6 +27,7 @@
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include <unistd.h>
#include "xmalloc.h"
#include "packet.h"
@ -301,9 +302,22 @@ get_local_ipaddr(int sock)
}
char *
get_local_name(int sock)
get_local_name(int fd)
{
return get_socket_address(sock, 0, NI_NAMEREQD);
char *host, myname[NI_MAXHOST];
/* Assume we were passed a socket */
if ((host = get_socket_address(fd, 0, NI_NAMEREQD)) != NULL)
return host;
/* Handle the case where we were passed a pipe */
if (gethostname(myname, sizeof(myname)) == -1) {
verbose("get_local_name: gethostname: %s", strerror(errno));
} else {
host = xstrdup(myname);
}
return host;
}
void

279
channels.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: channels.c,v 1.296 2009/05/25 06:48:00 andreas Exp $ */
/* $OpenBSD: channels.c,v 1.303 2010/01/30 21:12:08 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -53,6 +53,7 @@
#include <arpa/inet.h>
#include <errno.h>
#include <fcntl.h>
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
@ -228,12 +229,16 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd,
channel_max_fd = MAX(channel_max_fd, wfd);
channel_max_fd = MAX(channel_max_fd, efd);
/* XXX set close-on-exec -markus */
if (rfd != -1)
fcntl(rfd, F_SETFD, FD_CLOEXEC);
if (wfd != -1 && wfd != rfd)
fcntl(wfd, F_SETFD, FD_CLOEXEC);
if (efd != -1 && efd != rfd && efd != wfd)
fcntl(efd, F_SETFD, FD_CLOEXEC);
c->rfd = rfd;
c->wfd = wfd;
c->sock = (rfd == wfd) ? rfd : -1;
c->ctl_fd = -1; /* XXX: set elsewhere */
c->efd = efd;
c->extended_usage = extusage;
@ -322,6 +327,10 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
c->output_filter = NULL;
c->filter_ctx = NULL;
c->filter_cleanup = NULL;
c->ctl_chan = -1;
c->mux_rcb = NULL;
c->mux_ctx = NULL;
c->delayed = 1; /* prevent call to channel_post handler */
TAILQ_INIT(&c->status_confirms);
debug("channel %d: new [%s]", found, remote_name);
return c;
@ -363,11 +372,10 @@ channel_close_fd(int *fdp)
static void
channel_close_fds(Channel *c)
{
debug3("channel %d: close_fds r %d w %d e %d c %d",
c->self, c->rfd, c->wfd, c->efd, c->ctl_fd);
debug3("channel %d: close_fds r %d w %d e %d",
c->self, c->rfd, c->wfd, c->efd);
channel_close_fd(&c->sock);
channel_close_fd(&c->ctl_fd);
channel_close_fd(&c->rfd);
channel_close_fd(&c->wfd);
channel_close_fd(&c->efd);
@ -393,8 +401,6 @@ channel_free(Channel *c)
if (c->sock != -1)
shutdown(c->sock, SHUT_RDWR);
if (c->ctl_fd != -1)
shutdown(c->ctl_fd, SHUT_RDWR);
channel_close_fds(c);
buffer_free(&c->input);
buffer_free(&c->output);
@ -516,6 +522,7 @@ channel_still_open(void)
case SSH_CHANNEL_X11_LISTENER:
case SSH_CHANNEL_PORT_LISTENER:
case SSH_CHANNEL_RPORT_LISTENER:
case SSH_CHANNEL_MUX_LISTENER:
case SSH_CHANNEL_CLOSED:
case SSH_CHANNEL_AUTH_SOCKET:
case SSH_CHANNEL_DYNAMIC:
@ -529,6 +536,7 @@ channel_still_open(void)
case SSH_CHANNEL_OPENING:
case SSH_CHANNEL_OPEN:
case SSH_CHANNEL_X11_OPEN:
case SSH_CHANNEL_MUX_CLIENT:
return 1;
case SSH_CHANNEL_INPUT_DRAINING:
case SSH_CHANNEL_OUTPUT_DRAINING:
@ -560,6 +568,8 @@ channel_find_open(void)
case SSH_CHANNEL_X11_LISTENER:
case SSH_CHANNEL_PORT_LISTENER:
case SSH_CHANNEL_RPORT_LISTENER:
case SSH_CHANNEL_MUX_LISTENER:
case SSH_CHANNEL_MUX_CLIENT:
case SSH_CHANNEL_OPENING:
case SSH_CHANNEL_CONNECTING:
case SSH_CHANNEL_ZOMBIE:
@ -610,6 +620,8 @@ channel_open_message(void)
case SSH_CHANNEL_CLOSED:
case SSH_CHANNEL_AUTH_SOCKET:
case SSH_CHANNEL_ZOMBIE:
case SSH_CHANNEL_MUX_CLIENT:
case SSH_CHANNEL_MUX_LISTENER:
continue;
case SSH_CHANNEL_LARVAL:
case SSH_CHANNEL_OPENING:
@ -620,12 +632,12 @@ channel_open_message(void)
case SSH_CHANNEL_INPUT_DRAINING:
case SSH_CHANNEL_OUTPUT_DRAINING:
snprintf(buf, sizeof buf,
" #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d cfd %d)\r\n",
" #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d cc %d)\r\n",
c->self, c->remote_name,
c->type, c->remote_id,
c->istate, buffer_len(&c->input),
c->ostate, buffer_len(&c->output),
c->rfd, c->wfd, c->ctl_fd);
c->rfd, c->wfd, c->ctl_chan);
buffer_append(&buffer, buf, strlen(buf));
continue;
default:
@ -832,9 +844,6 @@ channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset)
FD_SET(c->efd, readset);
}
/* XXX: What about efd? races? */
if (compat20 && c->ctl_fd != -1 &&
c->istate == CHAN_INPUT_OPEN && c->ostate == CHAN_OUTPUT_OPEN)
FD_SET(c->ctl_fd, readset);
}
/* ARGSUSED */
@ -979,6 +988,28 @@ channel_pre_x11_open(Channel *c, fd_set *readset, fd_set *writeset)
}
}
static void
channel_pre_mux_client(Channel *c, fd_set *readset, fd_set *writeset)
{
if (c->istate == CHAN_INPUT_OPEN &&
buffer_check_alloc(&c->input, CHAN_RBUF))
FD_SET(c->rfd, readset);
if (c->istate == CHAN_INPUT_WAIT_DRAIN) {
/* clear buffer immediately (discard any partial packet) */
buffer_clear(&c->input);
chan_ibuf_empty(c);
/* Start output drain. XXX just kill chan? */
chan_rcvd_oclose(c);
}
if (c->ostate == CHAN_OUTPUT_OPEN ||
c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
if (buffer_len(&c->output) > 0)
FD_SET(c->wfd, writeset);
else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN)
chan_obuf_empty(c);
}
}
/* try to decode a socks4 header */
/* ARGSUSED */
static int
@ -1210,6 +1241,30 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
return 1;
}
Channel *
channel_connect_stdio_fwd(const char *host_to_connect, u_short port_to_connect,
int in, int out)
{
Channel *c;
debug("channel_connect_stdio_fwd %s:%d", host_to_connect,
port_to_connect);
c = channel_new("stdio-forward", SSH_CHANNEL_OPENING, in, out,
-1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT,
0, "stdio-forward", /*nonblock*/0);
c->path = xstrdup(host_to_connect);
c->host_port = port_to_connect;
c->listening_port = 0;
c->force_drain = 1;
channel_register_fds(c, in, out, -1, 0, 1, 0);
port_open_helper(c, "direct-tcpip");
return c;
}
/* dynamic port forwarding */
static void
channel_pre_dynamic(Channel *c, fd_set *readset, fd_set *writeset)
@ -1219,7 +1274,6 @@ channel_pre_dynamic(Channel *c, fd_set *readset, fd_set *writeset)
int ret;
have = buffer_len(&c->input);
c->delayed = 0;
debug2("channel %d: pre_dynamic: have %d", c->self, have);
/* buffer_dump(&c->input); */
/* check if the fixed size part of the packet is in buffer. */
@ -1322,6 +1376,13 @@ port_open_helper(Channel *c, char *rtype)
char *remote_ipaddr = get_peer_ipaddr(c->sock);
int remote_port = get_peer_port(c->sock);
if (remote_port == -1) {
/* Fake addr/port to appease peers that validate it (Tectia) */
xfree(remote_ipaddr);
remote_ipaddr = xstrdup("127.0.0.1");
remote_port = 65535;
}
direct = (strcmp(rtype, "direct-tcpip") == 0);
snprintf(buf, sizeof buf,
@ -1423,16 +1484,8 @@ channel_post_port_listener(Channel *c, fd_set *readset, fd_set *writeset)
if (c->path != NULL)
nc->path = xstrdup(c->path);
if (nextstate == SSH_CHANNEL_DYNAMIC) {
/*
* do not call the channel_post handler until
* this flag has been reset by a pre-handler.
* otherwise the FD_ISSET calls might overflow
*/
nc->delayed = 1;
} else {
if (nextstate != SSH_CHANNEL_DYNAMIC)
port_open_helper(nc, rtype);
}
}
}
@ -1722,36 +1775,6 @@ channel_handle_efd(Channel *c, fd_set *readset, fd_set *writeset)
return 1;
}
/* ARGSUSED */
static int
channel_handle_ctl(Channel *c, fd_set *readset, fd_set *writeset)
{
char buf[16];
int len;
/* Monitor control fd to detect if the slave client exits */
if (c->ctl_fd != -1 && FD_ISSET(c->ctl_fd, readset)) {
len = read(c->ctl_fd, buf, sizeof(buf));
if (len < 0 &&
(errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK))
return 1;
if (len <= 0) {
debug2("channel %d: ctl read<=0", c->self);
if (c->type != SSH_CHANNEL_OPEN) {
debug2("channel %d: not open", c->self);
chan_mark_dead(c);
return -1;
} else {
chan_read_failed(c);
chan_write_failed(c);
}
return -1;
} else
fatal("%s: unexpected data on ctl fd", __func__);
}
return 1;
}
static int
channel_check_window(Channel *c)
{
@ -1777,17 +1800,136 @@ channel_check_window(Channel *c)
static void
channel_post_open(Channel *c, fd_set *readset, fd_set *writeset)
{
if (c->delayed)
return;
channel_handle_rfd(c, readset, writeset);
channel_handle_wfd(c, readset, writeset);
if (!compat20)
return;
channel_handle_efd(c, readset, writeset);
channel_handle_ctl(c, readset, writeset);
channel_check_window(c);
}
static u_int
read_mux(Channel *c, u_int need)
{
char buf[CHAN_RBUF];
int len;
u_int rlen;
if (buffer_len(&c->input) < need) {
rlen = need - buffer_len(&c->input);
len = read(c->rfd, buf, MIN(rlen, CHAN_RBUF));
if (len <= 0) {
if (errno != EINTR && errno != EAGAIN) {
debug2("channel %d: ctl read<=0 rfd %d len %d",
c->self, c->rfd, len);
chan_read_failed(c);
return 0;
}
} else
buffer_append(&c->input, buf, len);
}
return buffer_len(&c->input);
}
static void
channel_post_mux_client(Channel *c, fd_set *readset, fd_set *writeset)
{
u_int need;
ssize_t len;
if (!compat20)
fatal("%s: entered with !compat20", __func__);
if (c->rfd != -1 && FD_ISSET(c->rfd, readset) &&
(c->istate == CHAN_INPUT_OPEN ||
c->istate == CHAN_INPUT_WAIT_DRAIN)) {
/*
* Don't not read past the precise end of packets to
* avoid disrupting fd passing.
*/
if (read_mux(c, 4) < 4) /* read header */
return;
need = get_u32(buffer_ptr(&c->input));
#define CHANNEL_MUX_MAX_PACKET (256 * 1024)
if (need > CHANNEL_MUX_MAX_PACKET) {
debug2("channel %d: packet too big %u > %u",
c->self, CHANNEL_MUX_MAX_PACKET, need);
chan_rcvd_oclose(c);
return;
}
if (read_mux(c, need + 4) < need + 4) /* read body */
return;
if (c->mux_rcb(c) != 0) {
debug("channel %d: mux_rcb failed", c->self);
chan_mark_dead(c);
return;
}
}
if (c->wfd != -1 && FD_ISSET(c->wfd, writeset) &&
buffer_len(&c->output) > 0) {
len = write(c->wfd, buffer_ptr(&c->output),
buffer_len(&c->output));
if (len < 0 && (errno == EINTR || errno == EAGAIN))
return;
if (len <= 0) {
chan_mark_dead(c);
return;
}
buffer_consume(&c->output, len);
}
}
static void
channel_post_mux_listener(Channel *c, fd_set *readset, fd_set *writeset)
{
Channel *nc;
struct sockaddr_storage addr;
socklen_t addrlen;
int newsock;
uid_t euid;
gid_t egid;
if (!FD_ISSET(c->sock, readset))
return;
debug("multiplexing control connection");
/*
* Accept connection on control socket
*/
memset(&addr, 0, sizeof(addr));
addrlen = sizeof(addr);
if ((newsock = accept(c->sock, (struct sockaddr*)&addr,
&addrlen)) == -1) {
error("%s accept: %s", __func__, strerror(errno));
return;
}
if (getpeereid(newsock, &euid, &egid) < 0) {
error("%s getpeereid failed: %s", __func__,
strerror(errno));
close(newsock);
return;
}
if ((euid != 0) && (getuid() != euid)) {
error("multiplex uid mismatch: peer euid %u != uid %u",
(u_int)euid, (u_int)getuid());
close(newsock);
return;
}
nc = channel_new("multiplex client", SSH_CHANNEL_MUX_CLIENT,
newsock, newsock, -1, c->local_window_max,
c->local_maxpacket, 0, "mux-control", 1);
nc->mux_rcb = c->mux_rcb;
debug3("%s: new mux channel %d fd %d", __func__,
nc->self, nc->sock);
/* establish state */
nc->mux_rcb(nc);
/* mux state transitions must not elicit protocol messages */
nc->flags |= CHAN_LOCAL;
}
/* ARGSUSED */
static void
channel_post_output_drain_13(Channel *c, fd_set *readset, fd_set *writeset)
@ -1816,6 +1958,8 @@ channel_handler_init_20(void)
channel_pre[SSH_CHANNEL_AUTH_SOCKET] = &channel_pre_listener;
channel_pre[SSH_CHANNEL_CONNECTING] = &channel_pre_connecting;
channel_pre[SSH_CHANNEL_DYNAMIC] = &channel_pre_dynamic;
channel_pre[SSH_CHANNEL_MUX_LISTENER] = &channel_pre_listener;
channel_pre[SSH_CHANNEL_MUX_CLIENT] = &channel_pre_mux_client;
channel_post[SSH_CHANNEL_OPEN] = &channel_post_open;
channel_post[SSH_CHANNEL_PORT_LISTENER] = &channel_post_port_listener;
@ -1824,6 +1968,8 @@ channel_handler_init_20(void)
channel_post[SSH_CHANNEL_AUTH_SOCKET] = &channel_post_auth_listener;
channel_post[SSH_CHANNEL_CONNECTING] = &channel_post_connecting;
channel_post[SSH_CHANNEL_DYNAMIC] = &channel_post_open;
channel_post[SSH_CHANNEL_MUX_LISTENER] = &channel_post_mux_listener;
channel_post[SSH_CHANNEL_MUX_CLIENT] = &channel_post_mux_client;
}
static void
@ -1910,17 +2056,23 @@ static void
channel_handler(chan_fn *ftab[], fd_set *readset, fd_set *writeset)
{
static int did_init = 0;
u_int i;
u_int i, oalloc;
Channel *c;
if (!did_init) {
channel_handler_init();
did_init = 1;
}
for (i = 0; i < channels_alloc; i++) {
for (i = 0, oalloc = channels_alloc; i < oalloc; i++) {
c = channels[i];
if (c == NULL)
continue;
if (c->delayed) {
if (ftab == channel_pre)
c->delayed = 0;
else
continue;
}
if (ftab[c->type] != NULL)
(*ftab[c->type])(c, readset, writeset);
channel_garbage_collect(c);
@ -2577,6 +2729,8 @@ channel_setup_fwd_listener(int type, const char *listen_addr,
}
channel_set_reuseaddr(sock);
if (ai->ai_family == AF_INET6)
sock_set_v6only(sock);
debug("Local forwarding listening on %s port %s.",
ntop, strport);
@ -3108,13 +3262,8 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
continue;
}
}
#ifdef IPV6_V6ONLY
if (ai->ai_family == AF_INET6) {
int on = 1;
if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) < 0)
error("setsockopt IPV6_V6ONLY: %.100s", strerror(errno));
}
#endif
if (ai->ai_family == AF_INET6)
sock_set_v6only(sock);
if (x11_use_localhost)
channel_set_reuseaddr(sock);
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {

23
channels.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: channels.h,v 1.98 2009/02/12 03:00:56 djm Exp $ */
/* $OpenBSD: channels.h,v 1.103 2010/01/26 01:28:35 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -53,7 +53,9 @@
#define SSH_CHANNEL_CONNECTING 12
#define SSH_CHANNEL_DYNAMIC 13
#define SSH_CHANNEL_ZOMBIE 14 /* Almost dead. */
#define SSH_CHANNEL_MAX_TYPE 15
#define SSH_CHANNEL_MUX_LISTENER 15 /* Listener for mux conn. */
#define SSH_CHANNEL_MUX_CLIENT 16 /* Conn. to mux slave */
#define SSH_CHANNEL_MAX_TYPE 17
struct Channel;
typedef struct Channel Channel;
@ -81,6 +83,9 @@ struct channel_connect {
struct addrinfo *ai, *aitop;
};
/* Callbacks for mux channels back into client-specific code */
typedef int mux_callback_fn(struct Channel *);
struct Channel {
int type; /* channel type/state */
int self; /* my own channel identifier */
@ -92,12 +97,16 @@ struct Channel {
int wfd; /* write fd */
int efd; /* extended fd */
int sock; /* sock fd */
int ctl_fd; /* control fd (client sharing) */
int ctl_chan; /* control channel (multiplexed connections) */
int isatty; /* rfd is a tty */
int wfd_isatty; /* wfd is a tty */
int client_tty; /* (client) TTY has been requested */
int force_drain; /* force close on iEOF */
int delayed; /* fdset hack */
int delayed; /* post-select handlers for newly created
* channels are delayed until the first call
* to a matching pre-select handler.
* this way post-select handlers are not
* accidenly called if a FD gets reused */
Buffer input; /* data read from socket, to be sent over
* encrypted connection */
Buffer output; /* data received over encrypted connection for
@ -138,6 +147,10 @@ struct Channel {
/* non-blocking connect */
struct channel_connect connect_ctx;
/* multiplexing protocol hook, called for each packet received */
mux_callback_fn *mux_rcb;
void *mux_ctx;
};
#define CHAN_EXTENDED_IGNORE 0
@ -168,6 +181,7 @@ struct Channel {
#define CHAN_CLOSE_RCVD 0x02
#define CHAN_EOF_SENT 0x04
#define CHAN_EOF_RCVD 0x08
#define CHAN_LOCAL 0x10
#define CHAN_RBUF 16*1024
@ -239,6 +253,7 @@ void channel_clear_adm_permitted_opens(void);
void channel_print_adm_permitted_opens(void);
int channel_input_port_forward_request(int, int);
Channel *channel_connect_to(const char *, u_short, char *, char *);
Channel *channel_connect_stdio_fwd(const char*, u_short, int, int);
Channel *channel_connect_by_listen_address(u_short, char *, char *);
int channel_request_remote_forwarding(const char *, u_short,
const char *, u_short);

75
clientloop.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: clientloop.c,v 1.213 2009/07/05 19:28:33 stevesk Exp $ */
/* $OpenBSD: clientloop.c,v 1.218 2010/01/28 00:21:18 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -121,7 +121,7 @@ extern int stdin_null_flag;
extern int no_shell_flag;
/* Control socket */
extern int muxserver_sock;
extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */
/*
* Name of the host we are connecting to. This is the name given on the
@ -130,6 +130,9 @@ extern int muxserver_sock;
*/
extern char *host;
/* Force TTY allocation */
extern int force_tty_flag;
/*
* Flag to indicate that we have received a window change signal which has
* not yet been processed. This will cause a message indicating the new
@ -143,7 +146,7 @@ static volatile sig_atomic_t received_signal = 0;
static int in_non_blocking_mode = 0;
/* Common data for the client loop code. */
static volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */
volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */
static int escape_char1; /* Escape character. (proto1 only) */
static int escape_pending1; /* Last character was an escape (proto1 only) */
static int last_was_cr; /* Last character was a newline. */
@ -161,6 +164,8 @@ static int session_closed = 0; /* In SSH2: login session closed. */
static void client_init_dispatch(void);
int session_ident = -1;
int session_resumed = 0;
/* Track escape per proto2 channel */
struct escape_filter_ctx {
int escape_pending;
@ -559,9 +564,6 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
if (packet_have_data_to_write())
FD_SET(connection_out, *writesetp);
if (muxserver_sock != -1)
FD_SET(muxserver_sock, *readsetp);
/*
* Wait for something to happen. This will suspend the process until
* some selected descriptor can be read, written, or has some other
@ -608,7 +610,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
atomicio(vwrite, fileno(stderr), buffer_ptr(berr),
buffer_len(berr));
leave_raw_mode();
leave_raw_mode(force_tty_flag);
/*
* Free (and clear) the buffer to reduce the amount of data that gets
@ -629,7 +631,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
buffer_init(bout);
buffer_init(berr);
enter_raw_mode();
enter_raw_mode(force_tty_flag);
}
static void
@ -690,7 +692,7 @@ client_status_confirm(int type, Channel *c, void *ctx)
/* XXX supress on mux _client_ quietmode */
tochan = options.log_level >= SYSLOG_LEVEL_ERROR &&
c->ctl_fd != -1 && c->extended_usage == CHAN_EXTENDED_WRITE;
c->ctl_chan != -1 && c->extended_usage == CHAN_EXTENDED_WRITE;
if (type == SSH2_MSG_CHANNEL_SUCCESS) {
debug2("%s request accepted on channel %d",
@ -772,7 +774,7 @@ process_cmdline(void)
bzero(&fwd, sizeof(fwd));
fwd.listen_host = fwd.connect_host = NULL;
leave_raw_mode();
leave_raw_mode(force_tty_flag);
handler = signal(SIGINT, SIG_IGN);
cmd = s = read_passphrase("\r\nssh> ", RP_ECHO);
if (s == NULL)
@ -834,6 +836,7 @@ process_cmdline(void)
while (isspace(*++s))
;
/* XXX update list of forwards in options */
if (delete) {
cancel_port = 0;
cancel_host = hpdelim(&s); /* may be NULL */
@ -875,7 +878,7 @@ process_cmdline(void)
out:
signal(SIGINT, handler);
enter_raw_mode();
enter_raw_mode(force_tty_flag);
if (cmd)
xfree(cmd);
if (fwd.listen_host != NULL)
@ -931,7 +934,7 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
escape_char);
buffer_append(berr, string, strlen(string));
if (c && c->ctl_fd != -1) {
if (c && c->ctl_chan != -1) {
chan_read_failed(c);
chan_write_failed(c);
return 0;
@ -941,7 +944,7 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
case 'Z' - 64:
/* XXX support this for mux clients */
if (c && c->ctl_fd != -1) {
if (c && c->ctl_chan != -1) {
noescape:
snprintf(string, sizeof string,
"%c%c escape not available to "
@ -986,7 +989,7 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
continue;
case '&':
if (c && c->ctl_fd != -1)
if (c && c->ctl_chan != -1)
goto noescape;
/*
* Detach the program (continue to serve
@ -994,7 +997,7 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
* more new connections).
*/
/* Restore tty modes. */
leave_raw_mode();
leave_raw_mode(force_tty_flag);
/* Stop listening for new connections. */
channel_stop_listening();
@ -1037,7 +1040,7 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
continue;
case '?':
if (c && c->ctl_fd != -1) {
if (c && c->ctl_chan != -1) {
snprintf(string, sizeof string,
"%c?\r\n\
Supported escape sequences:\r\n\
@ -1086,7 +1089,7 @@ Supported escape sequences:\r\n\
continue;
case 'C':
if (c && c->ctl_fd != -1)
if (c && c->ctl_chan != -1)
goto noescape;
process_cmdline();
continue;
@ -1289,7 +1292,7 @@ client_channel_closed(int id, void *arg)
{
channel_cancel_cleanup(id);
session_closed = 1;
leave_raw_mode();
leave_raw_mode(force_tty_flag);
}
/*
@ -1322,8 +1325,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
connection_in = packet_get_connection_in();
connection_out = packet_get_connection_out();
max_fd = MAX(connection_in, connection_out);
if (muxserver_sock != -1)
max_fd = MAX(max_fd, muxserver_sock);
if (!compat20) {
/* enable nonblocking unless tty */
@ -1362,7 +1363,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
signal(SIGWINCH, window_change_handler);
if (have_pty)
enter_raw_mode();
enter_raw_mode(force_tty_flag);
if (compat20) {
session_ident = ssh2_chan_id;
@ -1441,12 +1442,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
/* Buffer input from the connection. */
client_process_net_input(readset);
/* Accept control connections. */
if (muxserver_sock != -1 &&FD_ISSET(muxserver_sock, readset)) {
if (muxserver_accept_control())
quit_pending = 1;
}
if (quit_pending)
break;
@ -1460,6 +1455,14 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
client_process_output(writeset);
}
if (session_resumed) {
connection_in = packet_get_connection_in();
connection_out = packet_get_connection_out();
max_fd = MAX(max_fd, connection_out);
max_fd = MAX(max_fd, connection_in);
session_resumed = 0;
}
/*
* Send as much buffered packet data as possible to the
* sender.
@ -1488,7 +1491,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
channel_free_all();
if (have_pty)
leave_raw_mode();
leave_raw_mode(force_tty_flag);
/* restore blocking io */
if (!isatty(fileno(stdin)))
@ -1846,15 +1849,17 @@ client_input_channel_req(int type, u_int32_t seq, void *ctxt)
chan_rcvd_eow(c);
} else if (strcmp(rtype, "exit-status") == 0) {
exitval = packet_get_int();
if (id == session_ident) {
if (c->ctl_chan != -1) {
mux_exit_message(c, exitval);
success = 1;
} else if (id == session_ident) {
/* Record exit value of local session */
success = 1;
exit_status = exitval;
} else if (c->ctl_fd == -1) {
error("client_input_channel_req: unexpected channel %d",
session_ident);
} else {
atomicio(vwrite, c->ctl_fd, &exitval, sizeof(exitval));
success = 1;
/* Probably for a mux channel that has already closed */
debug("%s: no sink for exit-status on channel %d",
__func__, id);
}
packet_check_eom();
}
@ -2050,7 +2055,7 @@ client_init_dispatch(void)
void
cleanup_exit(int i)
{
leave_raw_mode();
leave_raw_mode(force_tty_flag);
leave_non_blocking();
if (options.control_path != NULL && muxserver_sock != -1)
unlink(options.control_path);

12
clientloop.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: clientloop.h,v 1.22 2008/06/12 15:19:17 djm Exp $ */
/* $OpenBSD: clientloop.h,v 1.23 2010/01/26 01:28:35 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -56,18 +56,14 @@ typedef void global_confirm_cb(int, u_int32_t seq, void *);
void client_register_global_confirm(global_confirm_cb *, void *);
/* Multiplexing protocol version */
#define SSHMUX_VER 2
#define SSHMUX_VER 4
/* Multiplexing control protocol flags */
#define SSHMUX_COMMAND_OPEN 1 /* Open new connection */
#define SSHMUX_COMMAND_ALIVE_CHECK 2 /* Check master is alive */
#define SSHMUX_COMMAND_TERMINATE 3 /* Ask master to exit */
#define SSHMUX_FLAG_TTY (1) /* Request tty on open */
#define SSHMUX_FLAG_SUBSYS (1<<1) /* Subsystem request on open */
#define SSHMUX_FLAG_X11_FWD (1<<2) /* Request X11 forwarding */
#define SSHMUX_FLAG_AGENT_FWD (1<<3) /* Request agent forwarding */
#define SSHMUX_COMMAND_STDIO_FWD 4 /* Open stdio fwd (ssh -W) */
void muxserver_listen(void);
int muxserver_accept_control(void);
void muxclient(const char *);
void mux_exit_message(Channel *, int);

238
config.guess vendored
View File

@ -1,10 +1,10 @@
#! /bin/sh
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
# Free Software Foundation, Inc.
timestamp='2008-04-14'
timestamp='2009-12-30'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@ -27,16 +27,16 @@ timestamp='2008-04-14'
# the same distribution terms that you use for the rest of that program.
# Originally written by Per Bothner <per@bothner.com>.
# Please send patches to <config-patches@gnu.org>. Submit a context
# diff and a properly formatted ChangeLog entry.
# Originally written by Per Bothner. Please send patches (context
# diff format) to <config-patches@gnu.org> and include a ChangeLog
# entry.
#
# This script attempts to guess a canonical system name similar to
# config.sub. If it succeeds, it prints the system name on stdout, and
# exits with 0. Otherwise, it exits with 1.
#
# The plan is that this can be called by configure scripts if you
# don't specify an explicit build system type.
# You can get the latest version of this script from:
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
me=`echo "$0" | sed -e 's,.*/,,'`
@ -56,8 +56,9 @@ version="\
GNU config.guess ($timestamp)
Originally written by Per Bothner.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -170,7 +171,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
arm*|i386|m68k|ns32k|sh3*|sparc|vax)
eval $set_cc_for_build
if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
| grep __ELF__ >/dev/null
| grep -q __ELF__
then
# Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
# Return netbsd for either. FIX?
@ -324,14 +325,33 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
case `/usr/bin/uname -p` in
sparc) echo sparc-icl-nx7; exit ;;
esac ;;
s390x:SunOS:*:*)
echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
sun4H:SunOS:5.*:*)
echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*)
echo i386-pc-auroraux${UNAME_RELEASE}
exit ;;
i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
eval $set_cc_for_build
SUN_ARCH="i386"
# If there is a compiler, see if it is configured for 64-bit objects.
# Note that the Sun cc does not turn __LP64__ into 1 like gcc does.
# This test works for both compilers.
if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \
(CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
grep IS_64BIT_ARCH >/dev/null
then
SUN_ARCH="x86_64"
fi
fi
echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
exit ;;
sun4*:SunOS:6*:*)
# According to config.sub, this is the proper way to canonicalize
@ -640,7 +660,7 @@ EOF
# => hppa64-hp-hpux11.23
if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
grep __LP64__ >/dev/null
grep -q __LP64__
then
HP_ARCH="hppa2.0w"
else
@ -791,12 +811,12 @@ EOF
i*:PW*:*)
echo ${UNAME_MACHINE}-pc-pw32
exit ;;
*:Interix*:[3456]*)
*:Interix*:*)
case ${UNAME_MACHINE} in
x86)
echo i586-pc-interix${UNAME_RELEASE}
exit ;;
EM64T | authenticamd)
authenticamd | genuineintel | EM64T)
echo x86_64-unknown-interix${UNAME_RELEASE}
exit ;;
IA64)
@ -806,6 +826,9 @@ EOF
[345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
echo i${UNAME_MACHINE}-pc-mks
exit ;;
8664:Windows_NT:*)
echo x86_64-pc-mks
exit ;;
i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
# How do we know it's Interix rather than the generic POSIX subsystem?
# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
@ -835,6 +858,20 @@ EOF
i*86:Minix:*:*)
echo ${UNAME_MACHINE}-pc-minix
exit ;;
alpha:Linux:*:*)
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
EV5) UNAME_MACHINE=alphaev5 ;;
EV56) UNAME_MACHINE=alphaev56 ;;
PCA56) UNAME_MACHINE=alphapca56 ;;
PCA57) UNAME_MACHINE=alphapca56 ;;
EV6) UNAME_MACHINE=alphaev6 ;;
EV67) UNAME_MACHINE=alphaev67 ;;
EV68*) UNAME_MACHINE=alphaev68 ;;
esac
objdump --private-headers /bin/sh | grep -q ld.so.1
if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
exit ;;
arm*:Linux:*:*)
eval $set_cc_for_build
if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
@ -857,6 +894,17 @@ EOF
frv:Linux:*:*)
echo frv-unknown-linux-gnu
exit ;;
i*86:Linux:*:*)
LIBC=gnu
eval $set_cc_for_build
sed 's/^ //' << EOF >$dummy.c
#ifdef __dietlibc__
LIBC=dietlibc
#endif
EOF
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'`
echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
exit ;;
ia64:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
@ -866,74 +914,33 @@ EOF
m68*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
mips:Linux:*:*)
mips:Linux:*:* | mips64:Linux:*:*)
eval $set_cc_for_build
sed 's/^ //' << EOF >$dummy.c
#undef CPU
#undef mips
#undef mipsel
#undef ${UNAME_MACHINE}
#undef ${UNAME_MACHINE}el
#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
CPU=mipsel
CPU=${UNAME_MACHINE}el
#else
#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
CPU=mips
CPU=${UNAME_MACHINE}
#else
CPU=
#endif
#endif
EOF
eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
/^CPU/{
s: ::g
p
}'`"
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
;;
mips64:Linux:*:*)
eval $set_cc_for_build
sed 's/^ //' << EOF >$dummy.c
#undef CPU
#undef mips64
#undef mips64el
#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
CPU=mips64el
#else
#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
CPU=mips64
#else
CPU=
#endif
#endif
EOF
eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
/^CPU/{
s: ::g
p
}'`"
eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'`
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
;;
or32:Linux:*:*)
echo or32-unknown-linux-gnu
exit ;;
ppc:Linux:*:*)
echo powerpc-unknown-linux-gnu
padre:Linux:*:*)
echo sparc-unknown-linux-gnu
exit ;;
ppc64:Linux:*:*)
echo powerpc64-unknown-linux-gnu
exit ;;
alpha:Linux:*:*)
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
EV5) UNAME_MACHINE=alphaev5 ;;
EV56) UNAME_MACHINE=alphaev56 ;;
PCA56) UNAME_MACHINE=alphapca56 ;;
PCA57) UNAME_MACHINE=alphapca56 ;;
EV6) UNAME_MACHINE=alphaev6 ;;
EV67) UNAME_MACHINE=alphaev67 ;;
EV68*) UNAME_MACHINE=alphaev68 ;;
esac
objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
parisc64:Linux:*:* | hppa64:Linux:*:*)
echo hppa64-unknown-linux-gnu
exit ;;
parisc:Linux:*:* | hppa:Linux:*:*)
# Look for CPU level
@ -943,8 +950,11 @@ EOF
*) echo hppa-unknown-linux-gnu ;;
esac
exit ;;
parisc64:Linux:*:* | hppa64:Linux:*:*)
echo hppa64-unknown-linux-gnu
ppc64:Linux:*:*)
echo powerpc64-unknown-linux-gnu
exit ;;
ppc:Linux:*:*)
echo powerpc-unknown-linux-gnu
exit ;;
s390:Linux:*:* | s390x:Linux:*:*)
echo ${UNAME_MACHINE}-ibm-linux
@ -967,66 +977,6 @@ EOF
xtensa*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
i*86:Linux:*:*)
# The BFD linker knows what the default object file format is, so
# first see if it will tell us. cd to the root directory to prevent
# problems with other programs or directories called `ld' in the path.
# Set LC_ALL=C to ensure ld outputs messages in English.
ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
| sed -ne '/supported targets:/!d
s/[ ][ ]*/ /g
s/.*supported targets: *//
s/ .*//
p'`
case "$ld_supported_targets" in
elf32-i386)
TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
;;
a.out-i386-linux)
echo "${UNAME_MACHINE}-pc-linux-gnuaout"
exit ;;
"")
# Either a pre-BFD a.out linker (linux-gnuoldld) or
# one that does not give us useful --help.
echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
exit ;;
esac
# Determine whether the default compiler is a.out or elf
eval $set_cc_for_build
sed 's/^ //' << EOF >$dummy.c
#include <features.h>
#ifdef __ELF__
# ifdef __GLIBC__
# if __GLIBC__ >= 2
LIBC=gnu
# else
LIBC=gnulibc1
# endif
# else
LIBC=gnulibc1
# endif
#else
#if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
LIBC=gnu
#else
LIBC=gnuaout
#endif
#endif
#ifdef __dietlibc__
LIBC=dietlibc
#endif
EOF
eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
/^LIBC/{
s: ::g
p
}'`"
test x"${LIBC}" != x && {
echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
exit
}
test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; }
;;
i*86:DYNIX/ptx:4*:*)
# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
# earlier versions are messed up and put the nodename in both
@ -1055,7 +1005,7 @@ EOF
i*86:syllable:*:*)
echo ${UNAME_MACHINE}-pc-syllable
exit ;;
i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*)
echo i386-unknown-lynxos${UNAME_RELEASE}
exit ;;
i*86:*DOS:*:*)
@ -1099,8 +1049,11 @@ EOF
pc:*:*:*)
# Left here for compatibility:
# uname -m prints for DJGPP always 'pc', but it prints nothing about
# the processor, so we play safe by assuming i386.
echo i386-pc-msdosdjgpp
# the processor, so we play safe by assuming i586.
# Note: whatever this is, it MUST be the same as what config.sub
# prints for the "djgpp" host, or else GDB configury will decide that
# this is a cross-build.
echo i586-pc-msdosdjgpp
exit ;;
Intel:Mach:3*:*)
echo i386-pc-mach3
@ -1138,6 +1091,16 @@ EOF
3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
&& { echo i486-ncr-sysv4; exit; } ;;
NCR*:*:4.2:* | MPRAS*:*:4.2:*)
OS_REL='.3'
test -r /etc/.relid \
&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
&& { echo i486-ncr-sysv4.3${OS_REL}; exit; }
/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
&& { echo i586-ncr-sysv4.3${OS_REL}; exit; }
/bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \
&& { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
echo m68k-unknown-lynxos${UNAME_RELEASE}
exit ;;
@ -1150,7 +1113,7 @@ EOF
rs6000:LynxOS:2.*:*)
echo rs6000-unknown-lynxos${UNAME_RELEASE}
exit ;;
PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*)
echo powerpc-unknown-lynxos${UNAME_RELEASE}
exit ;;
SM[BE]S:UNIX_SV:*:*)
@ -1243,6 +1206,16 @@ EOF
*:Darwin:*:*)
UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
case $UNAME_PROCESSOR in
i386)
eval $set_cc_for_build
if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then
if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \
(CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \
grep IS_64BIT_ARCH >/dev/null
then
UNAME_PROCESSOR="x86_64"
fi
fi ;;
unknown) UNAME_PROCESSOR=powerpc ;;
esac
echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
@ -1324,6 +1297,9 @@ EOF
i*86:rdos:*:*)
echo ${UNAME_MACHINE}-pc-rdos
exit ;;
i*86:AROS:*:*)
echo ${UNAME_MACHINE}-pc-aros
exit ;;
esac
#echo '(No uname command or uname output not recognized.)' 1>&2

50
config.h.in
View File

@ -1,8 +1,5 @@
/* config.h.in. Generated from configure.ac by autoheader. */
/* Define if building universal (internal helper macro) */
#undef AC_APPLE_UNIVERSAL_BUILD
/* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address
*/
#undef AIX_GETNAMEINFO_HACK
@ -125,6 +122,9 @@
/* Define if you don't want to use wtmpx */
#undef DISABLE_WTMPX
/* Enable for PKCS#11 support */
#undef ENABLE_PKCS11
/* Builtin PRNG command timeout */
#undef ENTROPY_TIMEOUT_MSEC
@ -464,6 +464,9 @@
/* Define to 1 if you have the <glob.h> header file. */
#undef HAVE_GLOB_H
/* Define to 1 if you have the `group_from_gid' function. */
#undef HAVE_GROUP_FROM_GID
/* Define to 1 if you have the <gssapi_generic.h> header file. */
#undef HAVE_GSSAPI_GENERIC_H
@ -554,9 +557,6 @@
/* Define to 1 if you have the `pam' library (-lpam). */
#undef HAVE_LIBPAM
/* Define to 1 if you have the `sectok' library (-lsectok). */
#undef HAVE_LIBSECTOK
/* Define to 1 if you have the `socket' library (-lsocket). */
#undef HAVE_LIBSOCKET
@ -738,9 +738,6 @@
/* define if you have sa_family_t data type */
#undef HAVE_SA_FAMILY_T
/* Define to 1 if you have the <sectok.h> header file. */
#undef HAVE_SECTOK_H
/* Define if you have SecureWare-based protected password database */
#undef HAVE_SECUREWARE
@ -765,6 +762,9 @@
/* Define to 1 if you have the `seteuid' function. */
#undef HAVE_SETEUID
/* Define to 1 if you have the `setgroupent' function. */
#undef HAVE_SETGROUPENT
/* Define to 1 if you have the `setgroups' function. */
#undef HAVE_SETGROUPS
@ -774,6 +774,9 @@
/* Define to 1 if you have the `setluid' function. */
#undef HAVE_SETLUID
/* Define to 1 if you have the `setpassent' function. */
#undef HAVE_SETPASSENT
/* Define to 1 if you have the `setpcred' function. */
#undef HAVE_SETPCRED
@ -1077,6 +1080,9 @@
/* Define to 1 if you have the <usersec.h> header file. */
#undef HAVE_USERSEC_H
/* Define to 1 if you have the `user_from_uid' function. */
#undef HAVE_USER_FROM_UID
/* Define to 1 if you have the <util.h> header file. */
#undef HAVE_UTIL_H
@ -1186,6 +1192,9 @@
EOPNOTSUPP. */
#undef LINK_OPNOTSUPP_ERRNO
/* Adjust Linux out-of-memory killer */
#undef LINUX_OOM_ADJUST
/* max value of long long calculated by configure */
#undef LLONG_MAX
@ -1305,9 +1314,6 @@
/* Define if your skeychallenge() function takes 4 arguments (NetBSD) */
#undef SKEYCHALLENGE_4ARG
/* Define if you want smartcard support */
#undef SMARTCARD
/* Define as const if snprintf() can declare const char *fmt */
#undef SNPRINTF_CONST
@ -1375,9 +1381,6 @@
/* Use libedit for sftp */
#undef USE_LIBEDIT
/* Define if you want smartcard support using OpenSC */
#undef USE_OPENSC
/* Enable OpenSSL engine support */
#undef USE_OPENSSL_ENGINE
@ -1387,9 +1390,6 @@
/* Use PIPES instead of a socketpair() */
#undef USE_PIPES
/* Define if you want smartcard support using sectok */
#undef USE_SECTOK
/* Define if you have Solaris process contracts */
#undef USE_SOLARIS_PROCESS_CONTRACTS
@ -1415,17 +1415,9 @@
/* Define if you want SELinux support. */
#undef WITH_SELINUX
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */
#if defined AC_APPLE_UNIVERSAL_BUILD
# if defined __BIG_ENDIAN__
# define WORDS_BIGENDIAN 1
# endif
#else
# ifndef WORDS_BIGENDIAN
# undef WORDS_BIGENDIAN
# endif
#endif
/* Define to 1 if your processor stores words with the most significant byte
first (like Motorola and SPARC, unlike Intel and VAX). */
#undef WORDS_BIGENDIAN
/* Define if xauth is found in your path */
#undef XAUTH_PATH

81
config.sub vendored
View File

@ -1,10 +1,10 @@
#! /bin/sh
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
# Free Software Foundation, Inc.
timestamp='2008-06-16'
timestamp='2010-01-22'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@ -32,13 +32,16 @@ timestamp='2008-06-16'
# Please send patches to <config-patches@gnu.org>. Submit a context
# diff and a properly formatted ChangeLog entry.
# diff and a properly formatted GNU ChangeLog entry.
#
# Configuration subroutine to validate and canonicalize a configuration type.
# Supply the specified configuration type as an argument.
# If it is invalid, we print an error message on stderr and exit with code 1.
# Otherwise, we print the canonical config type on stdout and succeed.
# You can get the latest version of this script from:
# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
# This file is supposed to be the same for all GNU packages
# and recognize all the CPU types, system types and aliases
# that are meaningful with *any* GNU software.
@ -72,8 +75,9 @@ Report bugs and patches to <config-patches@gnu.org>."
version="\
GNU config.sub ($timestamp)
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@ -122,6 +126,7 @@ maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
case $maybe_os in
nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
kopensolaris*-gnu* | \
storm-chaos* | os2-emx* | rtmk-nova*)
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
@ -148,10 +153,13 @@ case $os in
-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
-apple | -axis | -knuth | -cray)
-apple | -axis | -knuth | -cray | -microblaze)
os=
basic_machine=$1
;;
-bluegene*)
os=-cnk
;;
-sim | -cisco | -oki | -wec | -winbond)
os=
basic_machine=$1
@ -249,6 +257,7 @@ case $basic_machine in
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
| lm32 \
| m32c | m32r | m32rle | m68000 | m68k | m88k \
| maxq | mb | microblaze | mcore | mep | metag \
| mips | mipsbe | mipseb | mipsel | mipsle \
@ -270,6 +279,7 @@ case $basic_machine in
| mipsisa64sr71k | mipsisa64sr71kel \
| mipstx39 | mipstx39el \
| mn10200 | mn10300 \
| moxie \
| mt \
| msp430 \
| nios | nios2 \
@ -278,20 +288,22 @@ case $basic_machine in
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
| pyramid \
| rx \
| score \
| sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
| spu | strongarm \
| tahoe | thumb | tic4x | tic80 | tron \
| ubicom32 \
| v850 | v850e \
| we32k \
| x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
| z8k)
| z8k | z80)
basic_machine=$basic_machine-unknown
;;
m6811 | m68hc11 | m6812 | m68hc12)
m6811 | m68hc11 | m6812 | m68hc12 | picochip)
# Motorola 68HC11/12.
basic_machine=$basic_machine-unknown
os=-none
@ -331,9 +343,10 @@ case $basic_machine in
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* | iq2000-* \
| lm32-* \
| m32c-* | m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
| m88110-* | m88k-* | maxq-* | mcore-* | metag-* \
| m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \
| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
| mips16-* \
| mips64-* | mips64el-* \
@ -361,21 +374,23 @@ case $basic_machine in
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
| pyramid-* \
| romp-* | rs6000-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| romp-* | rs6000-* | rx-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
| sparclite-* \
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
| tahoe-* | thumb-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* | tile-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
| tile-* | tilegx-* \
| tron-* \
| ubicom32-* \
| v850-* | v850e-* | vax-* \
| we32k-* \
| x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
| xstormy16-* | xtensa*-* \
| ymp-* \
| z8k-*)
| z8k-* | z80-*)
;;
# Recognize the basic CPU types without company name, with glob match.
xtensa*)
@ -443,6 +458,10 @@ case $basic_machine in
basic_machine=m68k-apollo
os=-bsd
;;
aros)
basic_machine=i386-pc
os=-aros
;;
aux)
basic_machine=m68k-apple
os=-aux
@ -459,6 +478,10 @@ case $basic_machine in
basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
os=-linux
;;
bluegene*)
basic_machine=powerpc-ibm
os=-cnk
;;
c90)
basic_machine=c90-cray
os=-unicos
@ -711,6 +734,9 @@ case $basic_machine in
basic_machine=ns32k-utek
os=-sysv
;;
microblaze)
basic_machine=microblaze-xilinx
;;
mingw32)
basic_machine=i386-pc
os=-mingw32
@ -1061,6 +1087,11 @@ case $basic_machine in
basic_machine=tic6x-unknown
os=-coff
;;
# This must be matched before tile*.
tilegx*)
basic_machine=tilegx-unknown
os=-linux-gnu
;;
tile*)
basic_machine=tile-unknown
os=-linux-gnu
@ -1140,6 +1171,10 @@ case $basic_machine in
basic_machine=z8k-unknown
os=-sim
;;
z80-*-coff)
basic_machine=z80-unknown
os=-sim
;;
none)
basic_machine=none-none
os=-none
@ -1178,7 +1213,7 @@ case $basic_machine in
we32k)
basic_machine=we32k-att
;;
sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele)
basic_machine=sh-unknown
;;
sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
@ -1228,6 +1263,9 @@ case $os in
# First match some system type aliases
# that might get confused with valid system types.
# -solaris* is a basic system type, with this one exception.
-auroraux)
os=-auroraux
;;
-solaris1 | -solaris1.*)
os=`echo $os | sed -e 's|solaris1|sunos4|'`
;;
@ -1248,10 +1286,11 @@ case $os in
# Each alternative MUST END IN A *, to match a version number.
# -sysv* is not here because it comes later, after sysvr4.
-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
| -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
| -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\
| -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \
| -sym* | -kopensolaris* \
| -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
| -aos* \
| -aos* | -aros* \
| -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
| -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
| -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
@ -1270,7 +1309,7 @@ case $os in
| -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
| -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
| -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
| -skyos* | -haiku* | -rdos* | -toppers* | -drops*)
| -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*)
# Remember, each alternative MUST END IN *, to match a version number.
;;
-qnx*)
@ -1403,6 +1442,8 @@ case $os in
-dicos*)
os=-dicos
;;
-nacl*)
;;
-none)
;;
*)
@ -1600,7 +1641,7 @@ case $basic_machine in
-sunos*)
vendor=sun
;;
-aix*)
-cnk*|-aix*)
vendor=ibm
;;
-beos*)

11753
configure vendored
View File

File diff suppressed because it is too large Load Diff

92
configure.ac
View File

@ -1,4 +1,4 @@
# $Id: configure.ac,v 1.427 2009/09/11 04:56:08 dtucker Exp $
# $Id: configure.ac,v 1.444 2010/03/05 04:04:35 djm Exp $
#
# Copyright (c) 1999-2004 Damien Miller
#
@ -15,7 +15,7 @@
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
AC_REVISION($Revision: 1.427 $)
AC_REVISION($Revision: 1.444 $)
AC_CONFIG_SRCDIR([ssh.c])
AC_CONFIG_HEADER(config.h)
@ -108,7 +108,7 @@ if test "$GCC" = "yes" || test "$GCC" = "egcs"; then
;;
2.*) no_attrib_nonnull=1 ;;
3.*) CFLAGS="$CFLAGS -Wsign-compare -Wformat-security" ;;
4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security" ;;
4.*) CFLAGS="$CFLAGS -Wsign-compare -Wno-pointer-sign -Wformat-security -fno-strict-aliasing" ;;
*) ;;
esac
@ -446,7 +446,7 @@ int main(void) { exit(0); }
AC_DEFINE(DISABLE_FD_PASSING, 1,
[Define if your platform needs to skip post auth
file descriptor passing])
AC_DEFINE(SSH_IOBUFSZ, 65536, [Windows is sensitive to read buffer size])
AC_DEFINE(SSH_IOBUFSZ, 65535, [Windows is sensitive to read buffer size])
;;
*-*-dgux*)
AC_DEFINE(IP_TOS_IS_BROKEN, 1,
@ -589,6 +589,7 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
if it doesn't return EOPNOTSUPP.])
AC_DEFINE(_PATH_BTMP, "/var/log/btmp", [log for bad login attempts])
AC_DEFINE(USE_BTMP)
AC_DEFINE(LINUX_OOM_ADJUST, 1, [Adjust Linux out-of-memory killer])
inet6_default_4in6=yes
case `uname -r` in
1.*|2.0.*)
@ -743,9 +744,11 @@ mips-sony-bsd|mips-sony-newsos4)
;;
# UnixWare 7.x, OpenUNIX 8
*-*-sysv5*)
CPPFLAGS="$CPPFLAGS -Dvsnprintf=_xvsnprintf -Dsnprintf=_xsnprintf"
AC_DEFINE(UNIXWARE_LONG_PASSWORDS, 1, [Support passwords > 8 chars])
AC_DEFINE(USE_PIPES)
AC_DEFINE(SETEUID_BREAKS_SETUID)
AC_DEFINE(BROKEN_GETADDRINFO)
AC_DEFINE(BROKEN_SETREUID)
AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE(PASSWD_NEEDS_USERNAME)
@ -784,6 +787,7 @@ mips-sony-bsd|mips-sony-newsos4)
AC_DEFINE(DISABLE_SHADOW)
AC_DEFINE(DISABLE_FD_PASSING)
AC_DEFINE(SETEUID_BREAKS_SETUID)
AC_DEFINE(BROKEN_GETADDRINFO)
AC_DEFINE(BROKEN_SETREUID)
AC_DEFINE(BROKEN_SETREGID)
AC_DEFINE(WITH_ABBREV_NO_TTY)
@ -1350,6 +1354,7 @@ AC_CHECK_FUNCS( \
getrlimit \
getttyent \
glob \
group_from_gid \
inet_aton \
inet_ntoa \
inet_ntop \
@ -1376,8 +1381,10 @@ AC_CHECK_FUNCS( \
setegid \
setenv \
seteuid \
setgroupent \
setgroups \
setlogin \
setpassent\
setpcred \
setproctitle \
setregid \
@ -1406,12 +1413,18 @@ AC_CHECK_FUNCS( \
truncate \
unsetenv \
updwtmpx \
user_from_uid \
vasprintf \
vhangup \
vsnprintf \
waitpid \
)
# PKCS#11 support requires dlopen() and co
AC_SEARCH_LIBS(dlopen, dl,
AC_DEFINE([ENABLE_PKCS11], [], [Enable for PKCS#11 support])
)
# IRIX has a const char return value for gai_strerror()
AC_CHECK_FUNCS(gai_strerror,[
AC_DEFINE(HAVE_GAI_STRERROR)
@ -3255,66 +3268,6 @@ if test "x$ac_cv_libc_defines_sys_nerr" = "xyes" ; then
AC_DEFINE(HAVE_SYS_NERR, 1, [Define if your system defines sys_nerr])
fi
SCARD_MSG="no"
# Check whether user wants sectok support
AC_ARG_WITH(sectok,
[ --with-sectok Enable smartcard support using libsectok],
[
if test "x$withval" != "xno" ; then
if test "x$withval" != "xyes" ; then
CPPFLAGS="$CPPFLAGS -I${withval}"
LDFLAGS="$LDFLAGS -L${withval}"
if test ! -z "$need_dash_r" ; then
LDFLAGS="$LDFLAGS -R${withval}"
fi
if test ! -z "$blibpath" ; then
blibpath="$blibpath:${withval}"
fi
fi
AC_CHECK_HEADERS(sectok.h)
if test "$ac_cv_header_sectok_h" != yes; then
AC_MSG_ERROR(Can't find sectok.h)
fi
AC_CHECK_LIB(sectok, sectok_open)
if test "$ac_cv_lib_sectok_sectok_open" != yes; then
AC_MSG_ERROR(Can't find libsectok)
fi
AC_DEFINE(SMARTCARD, 1,
[Define if you want smartcard support])
AC_DEFINE(USE_SECTOK, 1,
[Define if you want smartcard support
using sectok])
SCARD_MSG="yes, using sectok"
fi
]
)
# Check whether user wants OpenSC support
OPENSC_CONFIG="no"
AC_ARG_WITH(opensc,
[ --with-opensc[[=PFX]] Enable smartcard support using OpenSC (optionally in PATH)],
[
if test "x$withval" != "xno" ; then
if test "x$withval" != "xyes" ; then
OPENSC_CONFIG=$withval/bin/opensc-config
else
AC_PATH_PROG(OPENSC_CONFIG, opensc-config, no)
fi
if test "$OPENSC_CONFIG" != "no"; then
LIBOPENSC_CFLAGS=`$OPENSC_CONFIG --cflags`
LIBOPENSC_LIBS=`$OPENSC_CONFIG --libs`
CPPFLAGS="$CPPFLAGS $LIBOPENSC_CFLAGS"
LIBS="$LIBS $LIBOPENSC_LIBS"
AC_DEFINE(SMARTCARD)
AC_DEFINE(USE_OPENSC, 1,
[Define if you want smartcard support
using OpenSC])
SCARD_MSG="yes, using OpenSC"
fi
fi
]
)
# Check libraries needed by DNS fingerprint support
AC_SEARCH_LIBS(getrrsetbyname, resolv,
[AC_DEFINE(HAVE_GETRRSETBYNAME, 1,
@ -3398,9 +3351,12 @@ AC_ARG_WITH(selinux,
AC_DEFINE(WITH_SELINUX,1,[Define if you want SELinux support.])
SELINUX_MSG="yes"
AC_CHECK_HEADER([selinux/selinux.h], ,
AC_MSG_ERROR(SELinux support requires selinux.h header))
AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
AC_MSG_ERROR(SELinux support requires libselinux library))
AC_MSG_ERROR(SELinux support requires selinux.h header))
AC_CHECK_LIB(selinux, setexeccon,
[ LIBSELINUX="-lselinux"
LIBS="$LIBS -lselinux"
],
AC_MSG_ERROR(SELinux support requires libselinux library))
SSHDLIBS="$SSHDLIBS $LIBSELINUX"
AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
LIBS="$save_LIBS"
@ -4182,7 +4138,7 @@ fi
AC_EXEEXT
AC_CONFIG_FILES([Makefile buildpkg.sh opensshd.init openssh.xml \
openbsd-compat/Makefile openbsd-compat/regress/Makefile \
scard/Makefile ssh_prng_cmds survey.sh])
ssh_prng_cmds survey.sh])
AC_OUTPUT
# Print summary of options

8
contrib/caldera/openssh.spec
View File

@ -17,11 +17,11 @@
#old cvs stuff. please update before use. may be deprecated.
%define use_stable 1
%if %{use_stable}
%define version 5.3p1
%define version 5.4p1
%define cvs %{nil}
%define release 1
%else
%define version 5.3p1
%define version 5.4p1
%define cvs cvs20050315
%define release 0r1
%endif
@ -319,6 +319,7 @@ fi
%{_bindir}/ssh-keyscan
%dir %{_libexecdir}
%attr(4711,root,root) %{_libexecdir}/ssh-keysign
%{_libexecdir}/ssh-pkcs11-helper
%{_sbindir}/ssh-host-keygen
%dir %{_defaultdocdir}/%{name}-%{version}
%{_defaultdocdir}/%{name}-%{version}/CREDITS
@ -330,6 +331,7 @@ fi
%{_defaultdocdir}/%{name}-%{version}/faq.html
%{_mandir}/man1/*
%{_mandir}/man8/ssh-keysign.8.gz
%{_mandir}/man8/ssh-pkcs11-helper.8.gz
%{_mandir}/man5/ssh_config.5.gz
%Files server
@ -358,4 +360,4 @@ fi
* Mon Jan 01 1998 ...
Template Version: 1.31
$Id: openssh.spec,v 1.66.4.1 2009/09/26 04:09:35 djm Exp $
$Id: openssh.spec,v 1.69 2010/03/07 22:41:03 djm Exp $

15
contrib/cygwin/Makefile
View File

@ -1,8 +1,10 @@
srcdir=../..
copyidsrcdir=..
prefix=/usr
exec_prefix=$(prefix)
bindir=$(prefix)/bin
datadir=$(prefix)/share
mandir=$(datadir)/man
docdir=$(datadir)/doc
sshdocdir=$(docdir)/openssh
cygdocdir=$(docdir)/Cygwin
@ -59,5 +61,16 @@ install-scripts: ssh-host-config ssh-user-config
$(INSTALL) -m 755 ssh-host-config $(DESTDIR)$(bindir)/ssh-host-config
$(INSTALL) -m 755 ssh-user-config $(DESTDIR)$(bindir)/ssh-user-config
cygwin-postinstall: move-config-files remove-empty-dir install-inetd-config install-doc install-scripts
install-copy-id: $(copyidsrcdir)/ssh-copy-id $(copyidsrcdir)/ssh-copy-id.1
$(INSTALL) -m 755 $(copyidsrcdir)/ssh-copy-id $(DESTDIR)$(bindir)/ssh-copy-id
$(INSTALL) -m 644 $(copyidsrcdir)/ssh-copy-id.1 $(DESTDIR)$(mandir)/man1/ssh-copy-id.1
gzip-man-pages:
rm $(DESTDIR)$(mandir)/man1/slogin.1
gzip $(DESTDIR)$(mandir)/man1/*.1
gzip $(DESTDIR)$(mandir)/man5/*.5
gzip $(DESTDIR)$(mandir)/man8/*.8
cd $(DESTDIR)$(mandir)/man1 && ln -s ssh.1.gz slogin.1.gz
cygwin-postinstall: move-config-files remove-empty-dir install-inetd-config install-doc install-scripts install-copy-id gzip-man-pages
@echo "Cygwin specific configuration finished."

2
contrib/gnome-ssh-askpass2.c
View File

@ -120,6 +120,8 @@ passphrase_dialog(char *message)
g_signal_connect(G_OBJECT(entry), "activate",
G_CALLBACK(ok_dialog), dialog);
gtk_window_set_keep_above(GTK_WINDOW(dialog), TRUE);
/* Grab focus */
gtk_widget_show_now(dialog);
if (grab_pointer) {

8
contrib/redhat/openssh.spec
View File

@ -1,4 +1,4 @@
%define ver 5.3p1
%define ver 5.4p1
%define rel 1
# OpenSSH privilege separation requires a user & group ID
@ -74,7 +74,9 @@ Release: %{rel}
%endif
URL: http://www.openssh.com/portable.html
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
%if ! %{skip_x11_askpass}
Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
%endif
License: BSD
Group: Applications/Internet
BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
@ -92,7 +94,7 @@ BuildPreReq: glibc-devel, pam
BuildPreReq: /usr/include/security/pam_appl.h
%endif
%if ! %{no_x11_askpass}
BuildPreReq: XFree86-devel
BuildPreReq: /usr/include/X11/Xlib.h
%endif
%if ! %{no_gnome_askpass}
BuildPreReq: pkgconfig
@ -343,7 +345,9 @@ fi
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
%attr(0755,root,root) %dir %{_libexecdir}/openssh
%attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-pkcs11-helper
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
%attr(0644,root,root) %{_mandir}/man8/ssh-pkcs11-helper.8*
%endif
%if %{scard}
%attr(0755,root,root) %dir %{_datadir}/openssh

2
contrib/suse/openssh.spec
View File

@ -220,6 +220,7 @@ fi
%attr(0755,root,root) %dir %{_libdir}/ssh
%attr(0755,root,root) %{_libdir}/ssh/sftp-server
%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
%attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper
%attr(0644,root,root) %doc %{_mandir}/man1/scp.1*
%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1*
%attr(-,root,root) %doc %{_mandir}/man1/slogin.1*
@ -233,6 +234,7 @@ fi
%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5*
%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8*
%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8*
%attr(0644,root,root) %doc %{_mandir}/man8/ssh-pkcs11-helper.8*
%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8*
%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh

10
defines.h
View File

@ -25,7 +25,7 @@
#ifndef _DEFINES_H
#define _DEFINES_H
/* $Id: defines.h,v 1.156 2009/08/28 01:21:07 dtucker Exp $ */
/* $Id: defines.h,v 1.159 2010/01/13 23:44:34 tim Exp $ */
/* Constants */
@ -753,4 +753,12 @@ struct winsize {
# define SSH_IOBUFSZ 8192
#endif
#ifndef _NSIG
# ifdef NSIG
# define _NSIG NSIG
# else
# define _NSIG 128
# endif
#endif
#endif /* _DEFINES_H */

4
dh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dh.c,v 1.47 2008/06/26 09:19:39 djm Exp $ */
/* $OpenBSD: dh.c,v 1.48 2009/10/01 11:37:33 grunk Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
*
@ -83,7 +83,7 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
goto fail;
strsize = strsep(&cp, " "); /* size */
if (cp == NULL || *strsize == '\0' ||
(dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 ||
(dhg->size = (int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 ||
errstr)
goto fail;
/* The whole group is one bit larger */

8
dns.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dns.c,v 1.25 2008/06/12 00:03:49 dtucker Exp $ */
/* $OpenBSD: dns.c,v 1.26 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@ -75,7 +75,7 @@ dns_result_totext(unsigned int res)
*/
static int
dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
u_char **digest, u_int *digest_len, const Key *key)
u_char **digest, u_int *digest_len, Key *key)
{
int success = 0;
@ -172,7 +172,7 @@ is_numeric_hostname(const char *hostname)
*/
int
verify_host_key_dns(const char *hostname, struct sockaddr *address,
const Key *hostkey, int *flags)
Key *hostkey, int *flags)
{
u_int counter;
int result;
@ -271,7 +271,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
* Export the fingerprint of a key as a DNS resource record
*/
int
export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic)
export_dns_rr(const char *hostname, Key *key, FILE *f, int generic)
{
u_int8_t rdata_pubkey_algorithm = 0;
u_int8_t rdata_digest_type = SSHFP_HASH_SHA1;

6
dns.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dns.h,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */
/* $OpenBSD: dns.h,v 1.11 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@ -46,7 +46,7 @@ enum sshfp_hashes {
#define DNS_VERIFY_MATCH 0x00000002
#define DNS_VERIFY_SECURE 0x00000004
int verify_host_key_dns(const char *, struct sockaddr *, const Key *, int *);
int export_dns_rr(const char *, const Key *, FILE *, int);
int verify_host_key_dns(const char *, struct sockaddr *, Key *, int *);
int export_dns_rr(const char *, Key *, FILE *, int);
#endif /* DNS_H */

101
hostfile.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: hostfile.c,v 1.45 2006/08/03 03:34:42 deraadt Exp $ */
/* $OpenBSD: hostfile.c,v 1.48 2010/03/04 10:36:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -183,6 +183,41 @@ hostfile_check_key(int bits, const Key *key, const char *host, const char *filen
return 1;
}
static enum { MRK_ERROR, MRK_NONE, MRK_REVOKE, MRK_CA }
check_markers(char **cpp)
{
char marker[32], *sp, *cp = *cpp;
int ret = MRK_NONE;
while (*cp == '@') {
/* Only one marker is allowed */
if (ret != MRK_NONE)
return MRK_ERROR;
/* Markers are terminated by whitespace */
if ((sp = strchr(cp, ' ')) == NULL &&
(sp = strchr(cp, '\t')) == NULL)
return MRK_ERROR;
/* Extract marker for comparison */
if (sp <= cp + 1 || sp >= cp + sizeof(marker))
return MRK_ERROR;
memcpy(marker, cp, sp - cp);
marker[sp - cp] = '\0';
if (strcmp(marker, CA_MARKER) == 0)
ret = MRK_CA;
else if (strcmp(marker, REVOKE_MARKER) == 0)
ret = MRK_REVOKE;
else
return MRK_ERROR;
/* Skip past marker and any whitespace that follows it */
cp = sp;
for (; *cp == ' ' || *cp == '\t'; cp++)
;
}
*cpp = cp;
return ret;
}
/*
* Checks whether the given host (which must be in all lowercase) is already
* in the list of our known hosts. Returns HOST_OK if the host is known and
@ -195,16 +230,20 @@ hostfile_check_key(int bits, const Key *key, const char *host, const char *filen
static HostStatus
check_host_in_hostfile_by_key_or_type(const char *filename,
const char *host, const Key *key, int keytype, Key *found, int *numret)
const char *host, const Key *key, int keytype, Key *found,
int want_revocation, int *numret)
{
FILE *f;
char line[8192];
int linenum = 0;
int want, have, linenum = 0, want_cert = key_is_cert(key);
u_int kbits;
char *cp, *cp2, *hashed_host;
HostStatus end_return;
debug3("check_host_in_hostfile: filename %s", filename);
debug3("check_host_in_hostfile: host %s filename %s", host, filename);
if (want_revocation && (key == NULL || keytype != 0 || found != NULL))
fatal("%s: invalid arguments", __func__);
/* Open the file containing the list of known hosts. */
f = fopen(filename, "r");
@ -229,6 +268,20 @@ check_host_in_hostfile_by_key_or_type(const char *filename,
if (!*cp || *cp == '#' || *cp == '\n')
continue;
if (want_revocation)
want = MRK_REVOKE;
else if (want_cert)
want = MRK_CA;
else
want = MRK_NONE;
if ((have = check_markers(&cp)) == MRK_ERROR) {
verbose("%s: invalid marker at %s:%d",
__func__, filename, linenum);
continue;
} else if (want != have)
continue;
/* Find the end of the host name portion. */
for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++)
;
@ -250,6 +303,9 @@ check_host_in_hostfile_by_key_or_type(const char *filename,
/* Got a match. Skip host name. */
cp = cp2;
if (want_revocation)
found = key_new(KEY_UNSPEC);
/*
* Extract the key from the line. This will skip any leading
* whitespace. Ignore badly formatted lines.
@ -272,9 +328,33 @@ check_host_in_hostfile_by_key_or_type(const char *filename,
if (!hostfile_check_key(kbits, found, host, filename, linenum))
continue;
if (want_revocation) {
if (key_is_cert(key) &&
key_equal_public(key->cert->signature_key, found)) {
verbose("check_host_in_hostfile: revoked CA "
"line %d", linenum);
key_free(found);
return HOST_REVOKED;
}
if (key_equal_public(key, found)) {
verbose("check_host_in_hostfile: revoked key "
"line %d", linenum);
key_free(found);
return HOST_REVOKED;
}
key_free(found);
continue;
}
/* Check if the current key is the same as the given key. */
if (key_equal(key, found)) {
/* Ok, they match. */
if (want_cert && key_equal(key->cert->signature_key, found)) {
/* Found CA cert for key */
debug3("check_host_in_hostfile: CA match line %d",
linenum);
fclose(f);
return HOST_OK;
} else if (!want_cert && key_equal(key, found)) {
/* Found identical key */
debug3("check_host_in_hostfile: match line %d", linenum);
fclose(f);
return HOST_OK;
@ -302,8 +382,11 @@ check_host_in_hostfile(const char *filename, const char *host, const Key *key,
{
if (key == NULL)
fatal("no key to look up");
return (check_host_in_hostfile_by_key_or_type(filename, host, key, 0,
found, numret));
if (check_host_in_hostfile_by_key_or_type(filename, host,
key, 0, NULL, 1, NULL) == HOST_REVOKED)
return HOST_REVOKED;
return check_host_in_hostfile_by_key_or_type(filename, host, key, 0,
found, 0, numret);
}
int
@ -311,7 +394,7 @@ lookup_key_in_hostfile_by_type(const char *filename, const char *host,
int keytype, Key *found, int *numret)
{
return (check_host_in_hostfile_by_key_or_type(filename, host, NULL,
keytype, found, numret) == HOST_FOUND);
keytype, found, 0, numret) == HOST_FOUND);
}
/*

7
hostfile.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: hostfile.h,v 1.16 2006/03/25 22:22:43 djm Exp $ */
/* $OpenBSD: hostfile.h,v 1.18 2010/03/04 10:36:03 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -15,7 +15,7 @@
#define HOSTFILE_H
typedef enum {
HOST_OK, HOST_NEW, HOST_CHANGED, HOST_FOUND
HOST_OK, HOST_NEW, HOST_CHANGED, HOST_REVOKED, HOST_FOUND
} HostStatus;
int hostfile_read_key(char **, u_int *, Key *);
@ -28,6 +28,9 @@ int lookup_key_in_hostfile_by_type(const char *, const char *,
#define HASH_MAGIC "|1|"
#define HASH_DELIM '|'
#define CA_MARKER "@cert-authority"
#define REVOKE_MARKER "@revoked"
char *host_hash(const char *, const char *, u_int);
#endif

13
kex.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kex.c,v 1.81 2009/05/27 06:34:36 andreas Exp $ */
/* $OpenBSD: kex.c,v 1.82 2009/10/24 11:13:54 andreas Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@ -48,6 +48,7 @@
#include "match.h"
#include "dispatch.h"
#include "monitor.h"
#include "roaming.h"
#if OPENSSL_VERSION_NUMBER >= 0x00907000L
# if defined(HAVE_EVP_SHA256)
@ -386,6 +387,16 @@ kex_choose_conf(Kex *kex)
sprop=peer;
}
/* Check whether server offers roaming */
if (!kex->server) {
char *roaming;
roaming = match_list(KEX_RESUME, peer[PROPOSAL_KEX_ALGS], NULL);
if (roaming) {
kex->roaming = 1;
xfree(roaming);
}
}
/* Algorithm Negotiation */
for (mode = 0; mode < MODE_MAX; mode++) {
newkeys = xcalloc(1, sizeof(*newkeys));

7
kex.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kex.h,v 1.47 2009/05/27 06:34:36 andreas Exp $ */
/* $OpenBSD: kex.h,v 1.49 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -36,6 +36,7 @@
#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
#define KEX_RESUME "resume@appgate.com"
#define COMP_NONE 0
#define COMP_ZLIB 1
@ -116,6 +117,7 @@ struct Kex {
char *name;
int hostkey_type;
int kex_type;
int roaming;
Buffer my;
Buffer peer;
sig_atomic_t done;
@ -124,7 +126,8 @@ struct Kex {
char *client_version_string;
char *server_version_string;
int (*verify_host_key)(Key *);
Key *(*load_host_key)(int);
Key *(*load_host_public_key)(int);
Key *(*load_host_private_key)(int);
int (*host_key_index)(Key *);
void (*kex[KEX_MAX])(Kex *);
};

19
kexdhs.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kexdhs.c,v 1.10 2009/06/21 07:37:15 dtucker Exp $ */
/* $OpenBSD: kexdhs.c,v 1.11 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -50,7 +50,7 @@ kexdh_server(Kex *kex)
{
BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;
DH *dh;
Key *server_host_key;
Key *server_host_public, *server_host_private;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
u_int sbloblen, klen, hashlen, slen;
int kout;
@ -71,11 +71,16 @@ kexdh_server(Kex *kex)
debug("expecting SSH2_MSG_KEXDH_INIT");
packet_read_expect(SSH2_MSG_KEXDH_INIT);
if (kex->load_host_key == NULL)
if (kex->load_host_public_key == NULL ||
kex->load_host_private_key == NULL)
fatal("Cannot load hostkey");
server_host_key = kex->load_host_key(kex->hostkey_type);
if (server_host_key == NULL)
server_host_public = kex->load_host_public_key(kex->hostkey_type);
if (server_host_public == NULL)
fatal("Unsupported hostkey type %d", kex->hostkey_type);
server_host_private = kex->load_host_private_key(kex->hostkey_type);
if (server_host_private == NULL)
fatal("Missing private key for hostkey type %d",
kex->hostkey_type);
/* key, cert */
if ((dh_client_pub = BN_new()) == NULL)
@ -113,7 +118,7 @@ kexdh_server(Kex *kex)
memset(kbuf, 0, klen);
xfree(kbuf);
key_to_blob(server_host_key, &server_host_key_blob, &sbloblen);
key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);
/* calc H */
kex_dh_hash(
@ -137,7 +142,7 @@ kexdh_server(Kex *kex)
}
/* sign H */
if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash,
if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash,
hashlen)) < 0)
fatal("kexdh_server: key_sign failed");

20
kexgexs.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kexgexs.c,v 1.12 2009/06/21 07:37:15 dtucker Exp $ */
/* $OpenBSD: kexgexs.c,v 1.13 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@ -52,18 +52,24 @@ void
kexgex_server(Kex *kex)
{
BIGNUM *shared_secret = NULL, *dh_client_pub = NULL;
Key *server_host_key;
Key *server_host_public, *server_host_private;
DH *dh;
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
u_int sbloblen, klen, slen, hashlen;
int omin = -1, min = -1, omax = -1, max = -1, onbits = -1, nbits = -1;
int type, kout;
if (kex->load_host_key == NULL)
if (kex->load_host_public_key == NULL ||
kex->load_host_private_key == NULL)
fatal("Cannot load hostkey");
server_host_key = kex->load_host_key(kex->hostkey_type);
if (server_host_key == NULL)
server_host_public = kex->load_host_public_key(kex->hostkey_type);
if (server_host_public == NULL)
fatal("Unsupported hostkey type %d", kex->hostkey_type);
server_host_private = kex->load_host_private_key(kex->hostkey_type);
if (server_host_private == NULL)
fatal("Missing private key for hostkey type %d",
kex->hostkey_type);
type = packet_read();
switch (type) {
@ -149,7 +155,7 @@ kexgex_server(Kex *kex)
memset(kbuf, 0, klen);
xfree(kbuf);
key_to_blob(server_host_key, &server_host_key_blob, &sbloblen);
key_to_blob(server_host_public, &server_host_key_blob, &sbloblen);
if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD)
omin = min = omax = max = -1;
@ -179,7 +185,7 @@ kexgex_server(Kex *kex)
}
/* sign H */
if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash,
if (PRIVSEP(key_sign(server_host_private, &signature, &slen, hash,
hashlen)) < 0)
fatal("kexgex_server: key_sign failed");

615
key.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: key.c,v 1.80 2008/10/10 05:00:12 stevesk Exp $ */
/* $OpenBSD: key.c,v 1.85 2010/03/04 01:44:57 djm Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -52,6 +52,21 @@
#include "uuencode.h"
#include "buffer.h"
#include "log.h"
#include "ssh2.h"
static struct KeyCert *
cert_new(void)
{
struct KeyCert *cert;
cert = xcalloc(1, sizeof(*cert));
buffer_init(&cert->certblob);
buffer_init(&cert->constraints);
cert->key_id = NULL;
cert->principals = NULL;
cert->signature_key = NULL;
return cert;
}
Key *
key_new(int type)
@ -63,9 +78,11 @@ key_new(int type)
k->type = type;
k->dsa = NULL;
k->rsa = NULL;
k->cert = NULL;
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT:
if ((rsa = RSA_new()) == NULL)
fatal("key_new: RSA_new failed");
if ((rsa->n = BN_new()) == NULL)
@ -75,6 +92,7 @@ key_new(int type)
k->rsa = rsa;
break;
case KEY_DSA:
case KEY_DSA_CERT:
if ((dsa = DSA_new()) == NULL)
fatal("key_new: DSA_new failed");
if ((dsa->p = BN_new()) == NULL)
@ -93,16 +111,20 @@ key_new(int type)
fatal("key_new: bad key type %d", k->type);
break;
}
if (key_is_cert(k))
k->cert = cert_new();
return k;
}
Key *
key_new_private(int type)
void
key_add_private(Key *k)
{
Key *k = key_new(type);
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT:
if ((k->rsa->d = BN_new()) == NULL)
fatal("key_new_private: BN_new failed");
if ((k->rsa->iqmp = BN_new()) == NULL)
@ -117,6 +139,7 @@ key_new_private(int type)
fatal("key_new_private: BN_new failed");
break;
case KEY_DSA:
case KEY_DSA_CERT:
if ((k->dsa->priv_key = BN_new()) == NULL)
fatal("key_new_private: BN_new failed");
break;
@ -125,9 +148,34 @@ key_new_private(int type)
default:
break;
}
}
Key *
key_new_private(int type)
{
Key *k = key_new(type);
key_add_private(k);
return k;
}
static void
cert_free(struct KeyCert *cert)
{
u_int i;
buffer_free(&cert->certblob);
buffer_free(&cert->constraints);
if (cert->key_id != NULL)
xfree(cert->key_id);
for (i = 0; i < cert->nprincipals; i++)
xfree(cert->principals[i]);
if (cert->principals != NULL)
xfree(cert->principals);
if (cert->signature_key != NULL)
key_free(cert->signature_key);
}
void
key_free(Key *k)
{
@ -136,11 +184,13 @@ key_free(Key *k)
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT:
if (k->rsa != NULL)
RSA_free(k->rsa);
k->rsa = NULL;
break;
case KEY_DSA:
case KEY_DSA_CERT:
if (k->dsa != NULL)
DSA_free(k->dsa);
k->dsa = NULL;
@ -151,20 +201,49 @@ key_free(Key *k)
fatal("key_free: bad key type %d", k->type);
break;
}
if (key_is_cert(k)) {
if (k->cert != NULL)
cert_free(k->cert);
k->cert = NULL;
}
xfree(k);
}
int
key_equal(const Key *a, const Key *b)
static int
cert_compare(struct KeyCert *a, struct KeyCert *b)
{
if (a == NULL || b == NULL || a->type != b->type)
if (a == NULL && b == NULL)
return 1;
if (a == NULL || b == NULL)
return 0;
if (buffer_len(&a->certblob) != buffer_len(&b->certblob))
return 0;
if (memcmp(buffer_ptr(&a->certblob), buffer_ptr(&b->certblob),
buffer_len(&a->certblob)) != 0)
return 0;
return 1;
}
/*
* Compare public portions of key only, allowing comparisons between
* certificates and plain keys too.
*/
int
key_equal_public(const Key *a, const Key *b)
{
if (a == NULL || b == NULL ||
key_type_plain(a->type) != key_type_plain(b->type))
return 0;
switch (a->type) {
case KEY_RSA1:
case KEY_RSA_CERT:
case KEY_RSA:
return a->rsa != NULL && b->rsa != NULL &&
BN_cmp(a->rsa->e, b->rsa->e) == 0 &&
BN_cmp(a->rsa->n, b->rsa->n) == 0;
case KEY_DSA_CERT:
case KEY_DSA:
return a->dsa != NULL && b->dsa != NULL &&
BN_cmp(a->dsa->p, b->dsa->p) == 0 &&
@ -177,16 +256,27 @@ key_equal(const Key *a, const Key *b)
/* NOTREACHED */
}
int
key_equal(const Key *a, const Key *b)
{
if (a == NULL || b == NULL || a->type != b->type)
return 0;
if (key_is_cert(a)) {
if (!cert_compare(a->cert, b->cert))
return 0;
}
return key_equal_public(a, b);
}
u_char*
key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
u_int *dgst_raw_length)
key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
{
const EVP_MD *md = NULL;
EVP_MD_CTX ctx;
u_char *blob = NULL;
u_char *retval = NULL;
u_int len = 0;
int nlen, elen;
int nlen, elen, otype;
*dgst_raw_length = 0;
@ -214,6 +304,14 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
case KEY_RSA:
key_to_blob(k, &blob, &len);
break;
case KEY_DSA_CERT:
case KEY_RSA_CERT:
/* We want a fingerprint of the _key_ not of the cert */
otype = k->type;
k->type = key_type_plain(k->type);
key_to_blob(k, &blob, &len);
k->type = otype;
break;
case KEY_UNSPEC:
return retval;
default:
@ -408,7 +506,7 @@ key_fingerprint_randomart(u_char *dgst_raw, u_int dgst_raw_len, const Key *k)
}
char *
key_fingerprint(const Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep)
{
char *retval = NULL;
u_char *dgst_raw;
@ -522,11 +620,19 @@ key_read(Key *ret, char **cpp)
return -1;
if (!read_bignum(cpp, ret->rsa->n))
return -1;
/* validate the claimed number of bits */
if ((u_int)BN_num_bits(ret->rsa->n) != bits) {
verbose("key_read: claimed key size %d does not match "
"actual %d", bits, BN_num_bits(ret->rsa->n));
return -1;
}
success = 1;
break;
case KEY_UNSPEC:
case KEY_RSA:
case KEY_DSA:
case KEY_DSA_CERT:
case KEY_RSA_CERT:
space = strchr(cp, ' ');
if (space == NULL) {
debug3("key_read: missing whitespace");
@ -571,25 +677,36 @@ key_read(Key *ret, char **cpp)
return -1;
}
/*XXXX*/
if (ret->type == KEY_RSA) {
if (key_is_cert(ret)) {
if (!key_is_cert(k)) {
error("key_read: loaded key is not a cert");
key_free(k);
return -1;
}
if (ret->cert != NULL)
cert_free(ret->cert);
ret->cert = k->cert;
k->cert = NULL;
}
if (key_type_plain(ret->type) == KEY_RSA) {
if (ret->rsa != NULL)
RSA_free(ret->rsa);
ret->rsa = k->rsa;
k->rsa = NULL;
success = 1;
#ifdef DEBUG_PK
RSA_print_fp(stderr, ret->rsa, 8);
#endif
} else {
}
if (key_type_plain(ret->type) == KEY_DSA) {
if (ret->dsa != NULL)
DSA_free(ret->dsa);
ret->dsa = k->dsa;
k->dsa = NULL;
success = 1;
#ifdef DEBUG_PK
DSA_print_fp(stderr, ret->dsa, 8);
#endif
}
success = 1;
/*XXXX*/
key_free(k);
if (success != 1)
@ -616,28 +733,53 @@ key_write(const Key *key, FILE *f)
u_char *blob;
char *uu;
if (key->type == KEY_RSA1 && key->rsa != NULL) {
if (key_is_cert(key)) {
if (key->cert == NULL) {
error("%s: no cert data", __func__);
return 0;
}
if (buffer_len(&key->cert->certblob) == 0) {
error("%s: no signed certificate blob", __func__);
return 0;
}
}
switch (key->type) {
case KEY_RSA1:
if (key->rsa == NULL)
return 0;
/* size of modulus 'n' */
bits = BN_num_bits(key->rsa->n);
fprintf(f, "%u", bits);
if (write_bignum(f, key->rsa->e) &&
write_bignum(f, key->rsa->n)) {
success = 1;
} else {
error("key_write: failed for RSA key");
}
} else if ((key->type == KEY_DSA && key->dsa != NULL) ||
(key->type == KEY_RSA && key->rsa != NULL)) {
key_to_blob(key, &blob, &len);
uu = xmalloc(2*len);
n = uuencode(blob, len, uu, 2*len);
if (n > 0) {
fprintf(f, "%s %s", key_ssh_name(key), uu);
success = 1;
}
xfree(blob);
xfree(uu);
write_bignum(f, key->rsa->n))
return 1;
error("key_write: failed for RSA key");
return 0;
case KEY_DSA:
case KEY_DSA_CERT:
if (key->dsa == NULL)
return 0;
break;
case KEY_RSA:
case KEY_RSA_CERT:
if (key->rsa == NULL)
return 0;
break;
default:
return 0;
}
key_to_blob(key, &blob, &len);
uu = xmalloc(2*len);
n = uuencode(blob, len, uu, 2*len);
if (n > 0) {
fprintf(f, "%s %s", key_ssh_name(key), uu);
success = 1;
}
xfree(blob);
xfree(uu);
return success;
}
@ -651,6 +793,10 @@ key_type(const Key *k)
return "RSA";
case KEY_DSA:
return "DSA";
case KEY_RSA_CERT:
return "RSA-CERT";
case KEY_DSA_CERT:
return "DSA-CERT";
}
return "unknown";
}
@ -663,6 +809,10 @@ key_ssh_name(const Key *k)
return "ssh-rsa";
case KEY_DSA:
return "ssh-dss";
case KEY_RSA_CERT:
return "ssh-rsa-cert-v00@openssh.com";
case KEY_DSA_CERT:
return "ssh-dss-cert-v00@openssh.com";
}
return "ssh-unknown";
}
@ -673,8 +823,10 @@ key_size(const Key *k)
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
case KEY_RSA_CERT:
return BN_num_bits(k->rsa->n);
case KEY_DSA:
case KEY_DSA_CERT:
return BN_num_bits(k->dsa->p);
}
return 0;
@ -685,7 +837,7 @@ rsa_generate_private_key(u_int bits)
{
RSA *private;
private = RSA_generate_key(bits, 35, NULL, NULL);
private = RSA_generate_key(bits, RSA_F4, NULL, NULL);
if (private == NULL)
fatal("rsa_generate_private_key: key generation failed.");
return private;
@ -717,6 +869,9 @@ key_generate(int type, u_int bits)
case KEY_RSA1:
k->rsa = rsa_generate_private_key(bits);
break;
case KEY_RSA_CERT:
case KEY_DSA_CERT:
fatal("key_generate: cert keys cannot be generated directly");
default:
fatal("key_generate: unknown type %d", type);
}
@ -724,12 +879,55 @@ key_generate(int type, u_int bits)
return k;
}
void
key_cert_copy(const Key *from_key, struct Key *to_key)
{
u_int i;
const struct KeyCert *from;
struct KeyCert *to;
if (to_key->cert != NULL) {
cert_free(to_key->cert);
to_key->cert = NULL;
}
if ((from = from_key->cert) == NULL)
return;
to = to_key->cert = cert_new();
buffer_append(&to->certblob, buffer_ptr(&from->certblob),
buffer_len(&from->certblob));
buffer_append(&to->constraints, buffer_ptr(&from->constraints),
buffer_len(&from->constraints));
to->type = from->type;
to->key_id = from->key_id == NULL ? NULL : xstrdup(from->key_id);
to->valid_after = from->valid_after;
to->valid_before = from->valid_before;
to->signature_key = from->signature_key == NULL ?
NULL : key_from_private(from->signature_key);
to->nprincipals = from->nprincipals;
if (to->nprincipals > CERT_MAX_PRINCIPALS)
fatal("%s: nprincipals (%u) > CERT_MAX_PRINCIPALS (%u)",
__func__, to->nprincipals, CERT_MAX_PRINCIPALS);
if (to->nprincipals > 0) {
to->principals = xcalloc(from->nprincipals,
sizeof(*to->principals));
for (i = 0; i < to->nprincipals; i++)
to->principals[i] = xstrdup(from->principals[i]);
}
}
Key *
key_from_private(const Key *k)
{
Key *n = NULL;
switch (k->type) {
case KEY_DSA:
case KEY_DSA_CERT:
n = key_new(k->type);
if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
(BN_copy(n->dsa->q, k->dsa->q) == NULL) ||
@ -739,6 +937,7 @@ key_from_private(const Key *k)
break;
case KEY_RSA:
case KEY_RSA1:
case KEY_RSA_CERT:
n = key_new(k->type);
if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
(BN_copy(n->rsa->e, k->rsa->e) == NULL))
@ -748,6 +947,8 @@ key_from_private(const Key *k)
fatal("key_from_private: unknown type %d", k->type);
break;
}
if (key_is_cert(k))
key_cert_copy(k, n);
return n;
}
@ -764,6 +965,10 @@ key_type_from_name(char *name)
return KEY_RSA;
} else if (strcmp(name, "ssh-dss") == 0) {
return KEY_DSA;
} else if (strcmp(name, "ssh-rsa-cert-v00@openssh.com") == 0) {
return KEY_RSA_CERT;
} else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) {
return KEY_DSA_CERT;
}
debug2("key_type_from_name: unknown key type '%s'", name);
return KEY_UNSPEC;
@ -791,6 +996,127 @@ key_names_valid2(const char *names)
return 1;
}
static int
cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen)
{
u_char *principals, *constraints, *sig_key, *sig;
u_int signed_len, plen, clen, sklen, slen, kidlen;
Buffer tmp;
char *principal;
int ret = -1;
buffer_init(&tmp);
/* Copy the entire key blob for verification and later serialisation */
buffer_append(&key->cert->certblob, blob, blen);
principals = constraints = sig_key = sig = NULL;
if (buffer_get_int_ret(&key->cert->type, b) != 0 ||
(key->cert->key_id = buffer_get_string_ret(b, &kidlen)) == NULL ||
(principals = buffer_get_string_ret(b, &plen)) == NULL ||
buffer_get_int64_ret(&key->cert->valid_after, b) != 0 ||
buffer_get_int64_ret(&key->cert->valid_before, b) != 0 ||
(constraints = buffer_get_string_ret(b, &clen)) == NULL ||
/* skip nonce */ buffer_get_string_ptr_ret(b, NULL) == NULL ||
/* skip reserved */ buffer_get_string_ptr_ret(b, NULL) == NULL ||
(sig_key = buffer_get_string_ret(b, &sklen)) == NULL) {
error("%s: parse error", __func__);
goto out;
}
if (kidlen != strlen(key->cert->key_id)) {
error("%s: key ID contains \\0 character", __func__);
goto out;
}
/* Signature is left in the buffer so we can calculate this length */
signed_len = buffer_len(&key->cert->certblob) - buffer_len(b);
if ((sig = buffer_get_string_ret(b, &slen)) == NULL) {
error("%s: parse error", __func__);
goto out;
}
if (key->cert->type != SSH2_CERT_TYPE_USER &&
key->cert->type != SSH2_CERT_TYPE_HOST) {
error("Unknown certificate type %u", key->cert->type);
goto out;
}
buffer_append(&tmp, principals, plen);
while (buffer_len(&tmp) > 0) {
if (key->cert->nprincipals >= CERT_MAX_PRINCIPALS) {
error("%s: Too many principals", __func__);
goto out;
}
if ((principal = buffer_get_string_ret(&tmp, &plen)) == NULL) {
error("%s: Principals data invalid", __func__);
goto out;
}
if (strlen(principal) != plen) {
error("%s: Principal contains \\0 character",
__func__);
goto out;
}
key->cert->principals = xrealloc(key->cert->principals,
key->cert->nprincipals + 1, sizeof(*key->cert->principals));
key->cert->principals[key->cert->nprincipals++] = principal;
}
buffer_clear(&tmp);
buffer_append(&key->cert->constraints, constraints, clen);
buffer_append(&tmp, constraints, clen);
/* validate structure */
while (buffer_len(&tmp) != 0) {
if (buffer_get_string_ptr_ret(&tmp, NULL) == NULL ||
buffer_get_string_ptr_ret(&tmp, NULL) == NULL) {
error("%s: Constraints data invalid", __func__);
goto out;
}
}
buffer_clear(&tmp);
if ((key->cert->signature_key = key_from_blob(sig_key,
sklen)) == NULL) {
error("%s: Signature key invalid", __func__);
goto out;
}
if (key->cert->signature_key->type != KEY_RSA &&
key->cert->signature_key->type != KEY_DSA) {
error("%s: Invalid signature key type %s (%d)", __func__,
key_type(key->cert->signature_key),
key->cert->signature_key->type);
goto out;
}
switch (key_verify(key->cert->signature_key, sig, slen,
buffer_ptr(&key->cert->certblob), signed_len)) {
case 1:
ret = 0;
break; /* Good signature */
case 0:
error("%s: Invalid signature on certificate", __func__);
goto out;
case -1:
error("%s: Certificate signature verification failed",
__func__);
goto out;
}
out:
buffer_free(&tmp);
if (principals != NULL)
xfree(principals);
if (constraints != NULL)
xfree(constraints);
if (sig_key != NULL)
xfree(sig_key);
if (sig != NULL)
xfree(sig);
return ret;
}
Key *
key_from_blob(const u_char *blob, u_int blen)
{
@ -813,10 +1139,12 @@ key_from_blob(const u_char *blob, u_int blen)
switch (type) {
case KEY_RSA:
case KEY_RSA_CERT:
key = key_new(type);
if (buffer_get_bignum2_ret(&b, key->rsa->e) == -1 ||
buffer_get_bignum2_ret(&b, key->rsa->n) == -1) {
error("key_from_blob: can't read rsa key");
badkey:
key_free(key);
key = NULL;
goto out;
@ -826,15 +1154,14 @@ key_from_blob(const u_char *blob, u_int blen)
#endif
break;
case KEY_DSA:
case KEY_DSA_CERT:
key = key_new(type);
if (buffer_get_bignum2_ret(&b, key->dsa->p) == -1 ||
buffer_get_bignum2_ret(&b, key->dsa->q) == -1 ||
buffer_get_bignum2_ret(&b, key->dsa->g) == -1 ||
buffer_get_bignum2_ret(&b, key->dsa->pub_key) == -1) {
error("key_from_blob: can't read dsa key");
key_free(key);
key = NULL;
goto out;
goto badkey;
}
#ifdef DEBUG_PK
DSA_print_fp(stderr, key->dsa, 8);
@ -847,6 +1174,10 @@ key_from_blob(const u_char *blob, u_int blen)
error("key_from_blob: cannot handle type %s", ktype);
goto out;
}
if (key_is_cert(key) && cert_parse(&b, key, blob, blen) == -1) {
error("key_from_blob: can't parse cert data");
goto badkey;
}
rlen = buffer_len(&b);
if (key != NULL && rlen != 0)
error("key_from_blob: remaining bytes in key blob %d", rlen);
@ -869,6 +1200,12 @@ key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
}
buffer_init(&b);
switch (key->type) {
case KEY_DSA_CERT:
case KEY_RSA_CERT:
/* Use the existing blob */
buffer_append(&b, buffer_ptr(&key->cert->certblob),
buffer_len(&key->cert->certblob));
break;
case KEY_DSA:
buffer_put_cstring(&b, key_ssh_name(key));
buffer_put_bignum2(&b, key->dsa->p);
@ -905,8 +1242,10 @@ key_sign(
const u_char *data, u_int datalen)
{
switch (key->type) {
case KEY_DSA_CERT:
case KEY_DSA:
return ssh_dss_sign(key, sigp, lenp, data, datalen);
case KEY_RSA_CERT:
case KEY_RSA:
return ssh_rsa_sign(key, sigp, lenp, data, datalen);
default:
@ -929,8 +1268,10 @@ key_verify(
return -1;
switch (key->type) {
case KEY_DSA_CERT:
case KEY_DSA:
return ssh_dss_verify(key, signature, signaturelen, data, datalen);
case KEY_RSA_CERT:
case KEY_RSA:
return ssh_rsa_verify(key, signature, signaturelen, data, datalen);
default:
@ -952,6 +1293,9 @@ key_demote(const Key *k)
pk->rsa = NULL;
switch (k->type) {
case KEY_RSA_CERT:
key_cert_copy(k, pk);
/* FALLTHROUGH */
case KEY_RSA1:
case KEY_RSA:
if ((pk->rsa = RSA_new()) == NULL)
@ -961,6 +1305,9 @@ key_demote(const Key *k)
if ((pk->rsa->n = BN_dup(k->rsa->n)) == NULL)
fatal("key_demote: BN_dup failed");
break;
case KEY_DSA_CERT:
key_cert_copy(k, pk);
/* FALLTHROUGH */
case KEY_DSA:
if ((pk->dsa = DSA_new()) == NULL)
fatal("key_demote: DSA_new failed");
@ -980,3 +1327,199 @@ key_demote(const Key *k)
return (pk);
}
int
key_is_cert(const Key *k)
{
return k != NULL &&
(k->type == KEY_RSA_CERT || k->type == KEY_DSA_CERT);
}
/* Return the cert-less equivalent to a certified key type */
int
key_type_plain(int type)
{
switch (type) {
case KEY_RSA_CERT:
return KEY_RSA;
case KEY_DSA_CERT:
return KEY_DSA;
default:
return type;
}
}
/* Convert a KEY_RSA or KEY_DSA to their _CERT equivalent */
int
key_to_certified(Key *k)
{
switch (k->type) {
case KEY_RSA:
k->cert = cert_new();
k->type = KEY_RSA_CERT;
return 0;
case KEY_DSA:
k->cert = cert_new();
k->type = KEY_DSA_CERT;
return 0;
default:
error("%s: key has incorrect type %s", __func__, key_type(k));
return -1;
}
}
/* Convert a KEY_RSA_CERT or KEY_DSA_CERT to their raw key equivalent */
int
key_drop_cert(Key *k)
{
switch (k->type) {
case KEY_RSA_CERT:
cert_free(k->cert);
k->type = KEY_RSA;
return 0;
case KEY_DSA_CERT:
cert_free(k->cert);
k->type = KEY_DSA;
return 0;
default:
error("%s: key has incorrect type %s", __func__, key_type(k));
return -1;
}
}
/* Sign a KEY_RSA_CERT or KEY_DSA_CERT, (re-)generating the signed certblob */
int
key_certify(Key *k, Key *ca)
{
Buffer principals;
u_char *ca_blob, *sig_blob, nonce[32];
u_int i, ca_len, sig_len;
if (k->cert == NULL) {
error("%s: key lacks cert info", __func__);
return -1;
}
if (!key_is_cert(k)) {
error("%s: certificate has unknown type %d", __func__,
k->cert->type);
return -1;
}
if (ca->type != KEY_RSA && ca->type != KEY_DSA) {
error("%s: CA key has unsupported type %s", __func__,
key_type(ca));
return -1;
}
key_to_blob(ca, &ca_blob, &ca_len);
buffer_clear(&k->cert->certblob);
buffer_put_cstring(&k->cert->certblob, key_ssh_name(k));
switch (k->type) {
case KEY_DSA_CERT:
buffer_put_bignum2(&k->cert->certblob, k->dsa->p);
buffer_put_bignum2(&k->cert->certblob, k->dsa->q);
buffer_put_bignum2(&k->cert->certblob, k->dsa->g);
buffer_put_bignum2(&k->cert->certblob, k->dsa->pub_key);
break;
case KEY_RSA_CERT:
buffer_put_bignum2(&k->cert->certblob, k->rsa->e);
buffer_put_bignum2(&k->cert->certblob, k->rsa->n);
break;
default:
error("%s: key has incorrect type %s", __func__, key_type(k));
buffer_clear(&k->cert->certblob);
xfree(ca_blob);
return -1;
}
buffer_put_int(&k->cert->certblob, k->cert->type);
buffer_put_cstring(&k->cert->certblob, k->cert->key_id);
buffer_init(&principals);
for (i = 0; i < k->cert->nprincipals; i++)
buffer_put_cstring(&principals, k->cert->principals[i]);
buffer_put_string(&k->cert->certblob, buffer_ptr(&principals),
buffer_len(&principals));
buffer_free(&principals);
buffer_put_int64(&k->cert->certblob, k->cert->valid_after);
buffer_put_int64(&k->cert->certblob, k->cert->valid_before);
buffer_put_string(&k->cert->certblob,
buffer_ptr(&k->cert->constraints),
buffer_len(&k->cert->constraints));
arc4random_buf(&nonce, sizeof(nonce));
buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */
buffer_put_string(&k->cert->certblob, ca_blob, ca_len);
xfree(ca_blob);
/* Sign the whole mess */
if (key_sign(ca, &sig_blob, &sig_len, buffer_ptr(&k->cert->certblob),
buffer_len(&k->cert->certblob)) != 0) {
error("%s: signature operation failed", __func__);
buffer_clear(&k->cert->certblob);
return -1;
}
/* Append signature and we are done */
buffer_put_string(&k->cert->certblob, sig_blob, sig_len);
xfree(sig_blob);
return 0;
}
int
key_cert_check_authority(const Key *k, int want_host, int require_principal,
const char *name, const char **reason)
{
u_int i, principal_matches;
time_t now = time(NULL);
if (want_host) {
if (k->cert->type != SSH2_CERT_TYPE_HOST) {
*reason = "Certificate invalid: not a host certificate";
return -1;
}
} else {
if (k->cert->type != SSH2_CERT_TYPE_USER) {
*reason = "Certificate invalid: not a user certificate";
return -1;
}
}
if (now < 0) {
error("%s: system clock lies before epoch", __func__);
*reason = "Certificate invalid: not yet valid";
return -1;
}
if ((u_int64_t)now < k->cert->valid_after) {
*reason = "Certificate invalid: not yet valid";
return -1;
}
if ((u_int64_t)now >= k->cert->valid_before) {
*reason = "Certificate invalid: expired";
return -1;
}
if (k->cert->nprincipals == 0) {
if (require_principal) {
*reason = "Certificate lacks principal list";
return -1;
}
} else {
principal_matches = 0;
for (i = 0; i < k->cert->nprincipals; i++) {
if (strcmp(name, k->cert->principals[i]) == 0) {
principal_matches = 1;
break;
}
}
if (!principal_matches) {
*reason = "Certificate invalid: name is not a listed "
"principal";
return -1;
}
}
return 0;
}

32
key.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: key.h,v 1.27 2008/06/11 21:01:35 grunk Exp $ */
/* $OpenBSD: key.h,v 1.28 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -26,6 +26,7 @@
#ifndef KEY_H
#define KEY_H
#include "buffer.h"
#include <openssl/rsa.h>
#include <openssl/dsa.h>
@ -34,6 +35,8 @@ enum types {
KEY_RSA1,
KEY_RSA,
KEY_DSA,
KEY_RSA_CERT,
KEY_DSA_CERT,
KEY_UNSPEC
};
enum fp_type {
@ -49,20 +52,35 @@ enum fp_rep {
/* key is stored in external hardware */
#define KEY_FLAG_EXT 0x0001
#define CERT_MAX_PRINCIPALS 256
struct KeyCert {
Buffer certblob; /* Kept around for use on wire */
u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
char *key_id;
u_int nprincipals;
char **principals;
u_int64_t valid_after, valid_before;
Buffer constraints;
Key *signature_key;
};
struct Key {
int type;
int flags;
RSA *rsa;
DSA *dsa;
struct KeyCert *cert;
};
Key *key_new(int);
void key_add_private(Key *);
Key *key_new_private(int);
void key_free(Key *);
Key *key_demote(const Key *);
int key_equal_public(const Key *, const Key *);
int key_equal(const Key *, const Key *);
char *key_fingerprint(const Key *, enum fp_type, enum fp_rep);
u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *);
char *key_fingerprint(Key *, enum fp_type, enum fp_rep);
u_char *key_fingerprint_raw(Key *, enum fp_type, u_int *);
const char *key_type(const Key *);
int key_write(const Key *, FILE *);
int key_read(Key *, char **);
@ -71,6 +89,14 @@ u_int key_size(const Key *);
Key *key_generate(int, u_int);
Key *key_from_private(const Key *);
int key_type_from_name(char *);
int key_is_cert(const Key *);
int key_type_plain(int);
int key_to_certified(Key *);
int key_drop_cert(Key *);
int key_certify(Key *, Key *);
void key_cert_copy(const Key *, struct Key *);
int key_cert_check_authority(const Key *, int, int, const char *,
const char **);
Key *key_from_blob(const u_char *, u_int);
int key_to_blob(const Key *, u_char **, u_int *);

8
loginrec.c
View File

@ -758,8 +758,8 @@ construct_utmpx(struct logininfo *li, struct utmpx *utx)
utx->ut_pid = li->pid;
/* strncpy(): Don't necessarily want null termination */
strncpy(utx->ut_name, li->username,
MIN_SIZEOF(utx->ut_name, li->username));
strncpy(utx->ut_user, li->username,
MIN_SIZEOF(utx->ut_user, li->username));
if (li->type == LTYPE_LOGOUT)
return;
@ -1316,8 +1316,8 @@ wtmpx_write_entry(struct logininfo *li)
static int
wtmpx_islogin(struct logininfo *li, struct utmpx *utx)
{
if (strncmp(li->username, utx->ut_name,
MIN_SIZEOF(li->username, utx->ut_name)) == 0 ) {
if (strncmp(li->username, utx->ut_user,
MIN_SIZEOF(li->username, utx->ut_user)) == 0 ) {
# ifdef HAVE_TYPE_IN_UTMPX
if (utx->ut_type == USER_PROCESS)
return (1);

4
match.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: match.h,v 1.14 2008/06/10 03:57:27 djm Exp $ */
/* $OpenBSD: match.h,v 1.15 2010/02/26 20:29:54 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -23,5 +23,5 @@ char *match_list(const char *, const char *, u_int *);
/* addrmatch.c */
int addr_match_list(const char *, const char *);
int addr_match_cidr_list(const char *, const char *);
#endif

5
mdoc2man.awk
View File

@ -1,6 +1,6 @@
#!/usr/bin/awk
#
# $Id: mdoc2man.awk,v 1.8 2007/06/05 10:01:16 dtucker Exp $
# $Id: mdoc2man.awk,v 1.9 2009/10/24 00:52:42 dtucker Exp $
#
# Version history:
# v4+ Adapted for OpenSSH Portable (see cvs Id and history)
@ -149,6 +149,9 @@ function add(str) {
} else if(match(words[w],"^Dt$")) {
id=wtail()
next
} else if(match(words[w],"^Ux$")) {
add("UNIX")
skip=1
} else if(match(words[w],"^Ox$")) {
add("OpenBSD")
skip=1

29
misc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: misc.c,v 1.71 2009/02/21 19:32:04 tobias Exp $ */
/* $OpenBSD: misc.c,v 1.75 2010/01/09 23:04:13 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@ -560,11 +560,11 @@ char *
percent_expand(const char *string, ...)
{
#define EXPAND_MAX_KEYS 16
u_int num_keys, i, j;
struct {
const char *key;
const char *repl;
} keys[EXPAND_MAX_KEYS];
u_int num_keys, i, j;
char buf[4096];
va_list ap;
@ -576,13 +576,12 @@ percent_expand(const char *string, ...)
break;
keys[num_keys].repl = va_arg(ap, char *);
if (keys[num_keys].repl == NULL)
fatal("percent_expand: NULL replacement");
fatal("%s: NULL replacement", __func__);
}
if (num_keys == EXPAND_MAX_KEYS && va_arg(ap, char *) != NULL)
fatal("%s: too many keys", __func__);
va_end(ap);
if (num_keys >= EXPAND_MAX_KEYS)
fatal("percent_expand: too many keys");
/* Expand string */
*buf = '\0';
for (i = 0; *string != '\0'; string++) {
@ -590,23 +589,24 @@ percent_expand(const char *string, ...)
append:
buf[i++] = *string;
if (i >= sizeof(buf))
fatal("percent_expand: string too long");
fatal("%s: string too long", __func__);
buf[i] = '\0';
continue;
}
string++;
/* %% case */
if (*string == '%')
goto append;
for (j = 0; j < num_keys; j++) {
if (strchr(keys[j].key, *string) != NULL) {
i = strlcat(buf, keys[j].repl, sizeof(buf));
if (i >= sizeof(buf))
fatal("percent_expand: string too long");
fatal("%s: string too long", __func__);
break;
}
}
if (j >= num_keys)
fatal("percent_expand: unknown key %%%c", *string);
fatal("%s: unknown key %%%c", __func__, *string);
}
return (xstrdup(buf));
#undef EXPAND_MAX_KEYS
@ -849,3 +849,14 @@ ms_to_timeval(struct timeval *tv, int ms)
tv->tv_usec = (ms % 1000) * 1000;
}
void
sock_set_v6only(int s)
{
#ifdef IPV6_V6ONLY
int on = 1;
debug3("%s: set socket %d IPV6_V6ONLY", __func__, s);
if (setsockopt(s, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) == -1)
error("setsockopt IPV6_V6ONLY: %s", strerror(errno));
#endif
}

3
misc.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: misc.h,v 1.38 2008/06/12 20:38:28 dtucker Exp $ */
/* $OpenBSD: misc.h,v 1.41 2010/01/09 23:04:13 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -35,6 +35,7 @@ char *tohex(const void *, size_t);
void sanitise_stdfd(void);
void ms_subtract_diff(struct timeval *, int *);
void ms_to_timeval(struct timeval *, int);
void sock_set_v6only(int);
struct passwd *pwcopy(struct passwd *);
const char *ssh_gai_strerror(int);

20
monitor.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor.c,v 1.104 2009/06/12 20:43:22 andreas Exp $ */
/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -997,17 +997,6 @@ mm_answer_pam_free_ctx(int sock, Buffer *m)
}
#endif
static void
mm_append_debug(Buffer *m)
{
if (auth_debug_init && buffer_len(&auth_debug)) {
debug3("%s: Appending debug messages for child", __func__);
buffer_append(m, buffer_ptr(&auth_debug),
buffer_len(&auth_debug));
buffer_clear(&auth_debug);
}
}
int
mm_answer_keyallowed(int sock, Buffer *m)
{
@ -1090,8 +1079,6 @@ mm_answer_keyallowed(int sock, Buffer *m)
buffer_put_int(m, allowed);
buffer_put_int(m, forced_command != NULL);
mm_append_debug(m);
mm_request_send(sock, MONITOR_ANS_KEYALLOWED, m);
if (type == MM_RSAHOSTKEY)
@ -1475,8 +1462,6 @@ mm_answer_rsa_keyallowed(int sock, Buffer *m)
if (key != NULL)
key_free(key);
mm_append_debug(m);
mm_request_send(sock, MONITOR_ANS_RSAKEYALLOWED, m);
monitor_permit(mon_dispatch, MONITOR_REQ_RSACHALLENGE, allowed);
@ -1721,7 +1706,8 @@ mm_get_kex(Buffer *m)
kex->flags = buffer_get_int(m);
kex->client_version_string = buffer_get_string(m, NULL);
kex->server_version_string = buffer_get_string(m, NULL);
kex->load_host_key=&get_hostkey_by_type;
kex->load_host_public_key=&get_hostkey_public_by_type;
kex->load_host_private_key=&get_hostkey_private_by_type;
kex->host_key_index=&get_hostkey_index;
return (kex);

23
monitor_fdpass.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_fdpass.c,v 1.18 2008/11/30 11:59:26 dtucker Exp $ */
/* $OpenBSD: monitor_fdpass.c,v 1.19 2010/01/12 00:58:25 djm Exp $ */
/*
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
@ -34,6 +34,9 @@
#endif
#include <errno.h>
#ifdef HAVE_POLL_H
#include <poll.h>
#endif
#include <string.h>
#include <stdarg.h>
@ -55,6 +58,7 @@ mm_send_fd(int sock, int fd)
struct iovec vec;
char ch = '\0';
ssize_t n;
struct pollfd pfd;
memset(&msg, 0, sizeof(msg));
#ifdef HAVE_ACCRIGHTS_IN_MSGHDR
@ -75,9 +79,13 @@ mm_send_fd(int sock, int fd)
msg.msg_iov = &vec;
msg.msg_iovlen = 1;
while ((n = sendmsg(sock, &msg, 0)) == -1 && (errno == EAGAIN ||
errno == EINTR))
pfd.fd = sock;
pfd.events = POLLOUT;
while ((n = sendmsg(sock, &msg, 0)) == -1 &&
(errno == EAGAIN || errno == EINTR)) {
debug3("%s: sendmsg(%d): %s", __func__, fd, strerror(errno));
(void)poll(&pfd, 1, -1);
}
if (n == -1) {
error("%s: sendmsg(%d): %s", __func__, fd,
strerror(errno));
@ -112,6 +120,7 @@ mm_receive_fd(int sock)
ssize_t n;
char ch;
int fd;
struct pollfd pfd;
memset(&msg, 0, sizeof(msg));
vec.iov_base = &ch;
@ -126,9 +135,13 @@ mm_receive_fd(int sock)
msg.msg_controllen = sizeof(cmsgbuf.buf);
#endif
while ((n = recvmsg(sock, &msg, 0)) == -1 && (errno == EAGAIN ||
errno == EINTR))
pfd.fd = sock;
pfd.events = POLLIN;
while ((n = recvmsg(sock, &msg, 0)) == -1 &&
(errno == EAGAIN || errno == EINTR)) {
debug3("%s: recvmsg: %s", __func__, strerror(errno));
(void)poll(&pfd, 1, -1);
}
if (n == -1) {
error("%s: recvmsg: %s", __func__, strerror(errno));
return -1;

19
monitor_wrap.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: monitor_wrap.c,v 1.68 2009/06/22 05:39:28 dtucker Exp $ */
/* $OpenBSD: monitor_wrap.c,v 1.69 2010/03/07 11:57:13 dtucker Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -347,19 +347,6 @@ mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user,
return (ret);
}
static void
mm_send_debug(Buffer *m)
{
char *msg;
while (buffer_len(m)) {
msg = buffer_get_string(m, NULL);
debug3("%s: Sending debug: %s", __func__, msg);
packet_send_debug("%s", msg);
xfree(msg);
}
}
int
mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
{
@ -393,9 +380,6 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
have_forced = buffer_get_int(&m);
forced_command = have_forced ? xstrdup("true") : NULL;
/* Send potential debug messages */
mm_send_debug(&m);
buffer_free(&m);
return (allowed);
@ -1085,7 +1069,6 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
*rkey = key;
xfree(blob);
}
mm_send_debug(&m);
buffer_free(&m);
return (allowed);

1923
mux.c
View File

File diff suppressed because it is too large Load Diff

6
myproposal.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: myproposal.h,v 1.23 2009/01/23 07:58:11 djm Exp $ */
/* $OpenBSD: myproposal.h,v 1.24 2010/02/26 20:29:54 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -40,7 +40,9 @@
"diffie-hellman-group1-sha1"
#endif
#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"
#define KEX_DEFAULT_PK_ALG "ssh-rsa-cert-v00@openssh.com," \
"ssh-dss-cert-v00@openssh.com," \
"ssh-rsa,ssh-dss"
#define KEX_DEFAULT_ENCRYPT \
"aes128-ctr,aes192-ctr,aes256-ctr," \

21
nchan.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: nchan.c,v 1.62 2008/11/07 18:50:18 stevesk Exp $ */
/* $OpenBSD: nchan.c,v 1.63 2010/01/26 01:28:35 djm Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
@ -161,7 +161,7 @@ chan_ibuf_empty(Channel *c)
switch (c->istate) {
case CHAN_INPUT_WAIT_DRAIN:
if (compat20) {
if (!(c->flags & CHAN_CLOSE_SENT))
if (!(c->flags & (CHAN_CLOSE_SENT|CHAN_LOCAL)))
chan_send_eof2(c);
chan_set_istate(c, CHAN_INPUT_CLOSED);
} else {
@ -278,9 +278,12 @@ static void
chan_rcvd_close2(Channel *c)
{
debug2("channel %d: rcvd close", c->self);
if (c->flags & CHAN_CLOSE_RCVD)
error("channel %d: protocol error: close rcvd twice", c->self);
c->flags |= CHAN_CLOSE_RCVD;
if (!(c->flags & CHAN_LOCAL)) {
if (c->flags & CHAN_CLOSE_RCVD)
error("channel %d: protocol error: close rcvd twice",
c->self);
c->flags |= CHAN_CLOSE_RCVD;
}
if (c->type == SSH_CHANNEL_LARVAL) {
/* tear down larval channels immediately */
chan_set_ostate(c, CHAN_OUTPUT_CLOSED);
@ -302,11 +305,13 @@ chan_rcvd_close2(Channel *c)
chan_set_istate(c, CHAN_INPUT_CLOSED);
break;
case CHAN_INPUT_WAIT_DRAIN:
chan_send_eof2(c);
if (!(c->flags & CHAN_LOCAL))
chan_send_eof2(c);
chan_set_istate(c, CHAN_INPUT_CLOSED);
break;
}
}
void
chan_rcvd_eow(Channel *c)
{
@ -454,6 +459,10 @@ chan_is_dead(Channel *c, int do_send)
c->self, c->efd, buffer_len(&c->extended));
return 0;
}
if (c->flags & CHAN_LOCAL) {
debug2("channel %d: is dead (local)", c->self);
return 1;
}
if (!(c->flags & CHAN_CLOSE_SENT)) {
if (do_send) {
chan_send_close2(c);

4
openbsd-compat/Makefile.in
View File

@ -1,4 +1,4 @@
# $Id: Makefile.in,v 1.43 2008/06/08 17:32:29 dtucker Exp $
# $Id: Makefile.in,v 1.44 2010/01/15 01:38:30 dtucker Exp $
sysconfdir=@sysconfdir@
piddir=@piddir@
@ -16,7 +16,7 @@ RANLIB=@RANLIB@
INSTALL=@INSTALL@
LDFLAGS=-L. @LDFLAGS@
OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o

9
openbsd-compat/bsd-cygwin_util.c
View File

@ -85,23 +85,14 @@ static struct wenv {
size_t namelen;
} wenv_arr[] = {
{ NL("ALLUSERSPROFILE=") },
{ NL("COMMONPROGRAMFILES=") },
{ NL("COMPUTERNAME=") },
{ NL("COMSPEC=") },
{ NL("CYGWIN=") },
{ NL("NUMBER_OF_PROCESSORS=") },
{ NL("OS=") },
{ NL("PATH=") },
{ NL("PATHEXT=") },
{ NL("PROCESSOR_ARCHITECTURE=") },
{ NL("PROCESSOR_IDENTIFIER=") },
{ NL("PROCESSOR_LEVEL=") },
{ NL("PROCESSOR_REVISION=") },
{ NL("PROGRAMFILES=") },
{ NL("SYSTEMDRIVE=") },
{ NL("SYSTEMROOT=") },
{ NL("TMP=") },
{ NL("TEMP=") },
{ NL("WINDIR=") }
};

10
openbsd-compat/openbsd-compat.h
View File

@ -1,4 +1,4 @@
/* $Id: openbsd-compat.h,v 1.46 2008/06/08 17:32:29 dtucker Exp $ */
/* $Id: openbsd-compat.h,v 1.49 2010/01/16 12:58:37 dtucker Exp $ */
/*
* Copyright (c) 1999-2003 Damien Miller. All rights reserved.
@ -200,6 +200,14 @@ int vasprintf(char **, const char *, va_list);
int vsnprintf(char *, size_t, const char *, va_list);
#endif
#ifndef HAVE_USER_FROM_UID
char *user_from_uid(uid_t, int);
#endif
#ifndef HAVE_GROUP_FROM_GID
char *group_from_gid(gid_t, int);
#endif
void *xmmap(size_t size);
char *xcrypt(const char *password, const char *salt);
char *shadow_pw(struct passwd *pw);

3
openbsd-compat/openssl-compat.c
View File

@ -1,4 +1,4 @@
/* $Id: openssl-compat.c,v 1.8 2009/03/07 11:22:35 dtucker Exp $ */
/* $Id: openssl-compat.c,v 1.9 2010/01/28 23:54:11 dtucker Exp $ */
/*
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@ -67,5 +67,6 @@ ssh_SSLeay_add_all_algorithms(void)
/* Enable use of crypto hardware */
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
OPENSSL_config(NULL);
}
#endif

25
openbsd-compat/port-aix.c
View File

@ -374,6 +374,31 @@ aix_restoreauthdb(void)
# endif /* WITH_AIXAUTHENTICATE */
# ifdef USE_AIX_KRB_NAME
/*
* aix_krb5_get_principal_name: returns the user's kerberos client principal name if
* configured, otherwise NULL. Caller must free returned string.
*/
char *
aix_krb5_get_principal_name(char *pw_name)
{
char *authname = NULL, *authdomain = NULL, *principal = NULL;
setuserdb(S_READ);
if (getuserattr(pw_name, S_AUTHDOMAIN, &authdomain, SEC_CHAR) != 0)
debug("AIX getuserattr S_AUTHDOMAIN: %s", strerror(errno));
if (getuserattr(pw_name, S_AUTHNAME, &authname, SEC_CHAR) != 0)
debug("AIX getuserattr S_AUTHNAME: %s", strerror(errno));
if (authdomain != NULL)
xasprintf(&principal, "%s@%s", authname ? authname : pw_name, authdomain);
else if (authname != NULL)
principal = xstrdup(authname);
enduserdb();
return principal;
}
# endif /* USE_AIX_KRB_NAME */
# if defined(AIX_GETNAMEINFO_HACK) && !defined(BROKEN_ADDRINFO)
# undef getnameinfo
/*

6
openbsd-compat/port-aix.h
View File

@ -1,4 +1,4 @@
/* $Id: port-aix.h,v 1.31 2009/08/20 06:20:50 dtucker Exp $ */
/* $Id: port-aix.h,v 1.32 2009/12/20 23:49:22 dtucker Exp $ */
/*
*
@ -95,6 +95,10 @@ int sys_auth_record_login(const char *, const char *, const char *, Buffer *);
# define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG
char *sys_auth_get_lastlogin_msg(const char *, uid_t);
# define CUSTOM_FAILED_LOGIN 1
# if defined(S_AUTHDOMAIN) && defined (S_AUTHNAME)
# define USE_AIX_KRB_NAME
char *aix_krb5_get_principal_name(char *);
# endif
#endif
void aix_setauthdb(const char *);

98
openbsd-compat/port-linux.c
View File

@ -1,4 +1,4 @@
/* $Id: port-linux.c,v 1.5 2008/03/26 20:27:21 dtucker Exp $ */
/* $Id: port-linux.c,v 1.8 2010/03/01 04:52:50 dtucker Exp $ */
/*
* Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
@ -23,14 +23,17 @@
#include "includes.h"
#if defined(WITH_SELINUX) || defined(LINUX_OOM_ADJUST)
#include <errno.h>
#include <stdarg.h>
#include <string.h>
#include <stdio.h>
#ifdef WITH_SELINUX
#include "log.h"
#include "xmalloc.h"
#include "port-linux.h"
#ifdef WITH_SELINUX
#include <selinux/selinux.h>
#include <selinux/flask.h>
#include <selinux/get_context_list.h>
@ -168,4 +171,95 @@ ssh_selinux_setup_pty(char *pwname, const char *tty)
freecon(user_ctx);
debug3("%s: done", __func__);
}
void
ssh_selinux_change_context(const char *newname)
{
int len, newlen;
char *oldctx, *newctx, *cx;
if (!ssh_selinux_enabled())
return;
if (getcon((security_context_t *)&oldctx) < 0) {
logit("%s: getcon failed with %s", __func__, strerror (errno));
return;
}
if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) ==
NULL) {
logit ("%s: unparseable context %s", __func__, oldctx);
return;
}
newlen = strlen(oldctx) + strlen(newname) + 1;
newctx = xmalloc(newlen);
len = cx - oldctx + 1;
memcpy(newctx, oldctx, len);
strlcpy(newctx + len, newname, newlen - len);
if ((cx = index(cx + 1, ':')))
strlcat(newctx, cx, newlen);
debug3("%s: setting context from '%s' to '%s'", __func__, oldctx,
newctx);
if (setcon(newctx) < 0)
logit("%s: setcon failed with %s", __func__, strerror (errno));
xfree(oldctx);
xfree(newctx);
}
#endif /* WITH_SELINUX */
#ifdef LINUX_OOM_ADJUST
#define OOM_ADJ_PATH "/proc/self/oom_adj"
/*
* The magic "don't kill me", as documented in eg:
* http://lxr.linux.no/#linux+v2.6.32/Documentation/filesystems/proc.txt
*/
#define OOM_ADJ_NOKILL -17
static int oom_adj_save = INT_MIN;
/*
* Tell the kernel's out-of-memory killer to avoid sshd.
* Returns the previous oom_adj value or zero.
*/
void
oom_adjust_setup(void)
{
FILE *fp;
debug3("%s", __func__);
if ((fp = fopen(OOM_ADJ_PATH, "r+")) != NULL) {
if (fscanf(fp, "%d", &oom_adj_save) != 1)
verbose("error reading %s: %s", OOM_ADJ_PATH, strerror(errno));
else {
rewind(fp);
if (fprintf(fp, "%d\n", OOM_ADJ_NOKILL) <= 0)
verbose("error writing %s: %s",
OOM_ADJ_PATH, strerror(errno));
else
verbose("Set %s from %d to %d",
OOM_ADJ_PATH, oom_adj_save, OOM_ADJ_NOKILL);
}
fclose(fp);
}
}
/* Restore the saved OOM adjustment */
void
oom_adjust_restore(void)
{
FILE *fp;
debug3("%s", __func__);
if (oom_adj_save == INT_MIN || (fp = fopen(OOM_ADJ_PATH, "w")) == NULL)
return;
if (fprintf(fp, "%d\n", oom_adj_save) <= 0)
verbose("error writing %s: %s", OOM_ADJ_PATH, strerror(errno));
else
verbose("Set %s to %d", OOM_ADJ_PATH, oom_adj_save);
fclose(fp);
return;
}
#endif /* LINUX_OOM_ADJUST */
#endif /* WITH_SELINUX || LINUX_OOM_ADJUST */

8
openbsd-compat/port-linux.h
View File

@ -1,4 +1,4 @@
/* $Id: port-linux.h,v 1.2 2008/03/26 20:27:21 dtucker Exp $ */
/* $Id: port-linux.h,v 1.4 2009/12/08 02:39:48 dtucker Exp $ */
/*
* Copyright (c) 2006 Damien Miller <djm@openbsd.org>
@ -23,6 +23,12 @@
int ssh_selinux_enabled(void);
void ssh_selinux_setup_pty(char *, const char *);
void ssh_selinux_setup_exec_context(char *);
void ssh_selinux_change_context(const char *);
#endif
#ifdef LINUX_OOM_ADJUST
void oom_adjust_restore(void);
void oom_adjust_setup(void);
#endif
#endif /* ! _PORT_LINUX_H */

114
openbsd-compat/pwcache.c Normal file
View File

@ -0,0 +1,114 @@
/* $OpenBSD: pwcache.c,v 1.9 2005/08/08 08:05:34 espie Exp $ */
/*
* Copyright (c) 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* OPENBSD ORIGINAL: lib/libc/gen/pwcache.c */
#include "includes.h"
#include <sys/types.h>
#include <grp.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define NCACHE 64 /* power of 2 */
#define MASK (NCACHE - 1) /* bits to store with */
#ifndef HAVE_USER_FROM_UID
char *
user_from_uid(uid_t uid, int nouser)
{
static struct ncache {
uid_t uid;
char *name;
} c_uid[NCACHE];
static int pwopen;
static char nbuf[15]; /* 32 bits == 10 digits */
struct passwd *pw;
struct ncache *cp;
cp = c_uid + (uid & MASK);
if (cp->uid != uid || cp->name == NULL) {
if (pwopen == 0) {
#ifdef HAVE_SETPASSENT
setpassent(1);
#endif
pwopen = 1;
}
if ((pw = getpwuid(uid)) == NULL) {
if (nouser)
return (NULL);
(void)snprintf(nbuf, sizeof(nbuf), "%u", uid);
}
cp->uid = uid;
if (cp->name != NULL)
free(cp->name);
cp->name = strdup(pw ? pw->pw_name : nbuf);
}
return (cp->name);
}
#endif
#ifndef HAVE_GROUP_FROM_GID
char *
group_from_gid(gid_t gid, int nogroup)
{
static struct ncache {
gid_t gid;
char *name;
} c_gid[NCACHE];
static int gropen;
static char nbuf[15]; /* 32 bits == 10 digits */
struct group *gr;
struct ncache *cp;
cp = c_gid + (gid & MASK);
if (cp->gid != gid || cp->name == NULL) {
if (gropen == 0) {
#ifdef HAVE_SETGROUPENT
setgroupent(1);
#endif
gropen = 1;
}
if ((gr = getgrgid(gid)) == NULL) {
if (nogroup)
return (NULL);
(void)snprintf(nbuf, sizeof(nbuf), "%u", gid);
}
cp->gid = gid;
if (cp->name != NULL)
free(cp->name);
cp->name = strdup(gr ? gr->gr_name : nbuf);
}
return (cp->name);
}
#endif

78
openbsd-compat/readpassphrase.c
View File

@ -1,7 +1,7 @@
/* $OpenBSD: readpassphrase.c,v 1.18 2005/08/08 08:05:34 espie Exp $ */
/* $OpenBSD: readpassphrase.c,v 1.22 2010/01/13 10:20:54 dtucker Exp $ */
/*
* Copyright (c) 2000-2002 Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2000-2002, 2007 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@ -46,7 +46,7 @@
# define _POSIX_VDISABLE VDISABLE
#endif
static volatile sig_atomic_t signo;
static volatile sig_atomic_t signo[_NSIG];
static void handler(int);
@ -54,7 +54,7 @@ char *
readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
{
ssize_t nr;
int input, output, save_errno;
int input, output, save_errno, i, need_restart;
char ch, *p, *end;
struct termios term, oterm;
struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
@ -67,7 +67,11 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
}
restart:
signo = 0;
for (i = 0; i < _NSIG; i++)
signo[i] = 0;
nr = -1;
save_errno = 0;
need_restart = 0;
/*
* Read and write to /dev/tty if available. If not, read from
* stdin and write to stderr unless a tty is required.
@ -117,26 +121,30 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
oterm.c_lflag |= ECHO;
}
if (!(flags & RPP_STDIN))
(void)write(output, prompt, strlen(prompt));
end = buf + bufsiz - 1;
for (p = buf; (nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r';) {
if (p < end) {
if ((flags & RPP_SEVENBIT))
ch &= 0x7f;
if (isalpha(ch)) {
if ((flags & RPP_FORCELOWER))
ch = tolower(ch);
if ((flags & RPP_FORCEUPPER))
ch = toupper(ch);
/* No I/O if we are already backgrounded. */
if (signo[SIGTTOU] != 1 && signo[SIGTTIN] != 1) {
if (!(flags & RPP_STDIN))
(void)write(output, prompt, strlen(prompt));
end = buf + bufsiz - 1;
p = buf;
while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') {
if (p < end) {
if ((flags & RPP_SEVENBIT))
ch &= 0x7f;
if (isalpha(ch)) {
if ((flags & RPP_FORCELOWER))
ch = (char)tolower(ch);
if ((flags & RPP_FORCEUPPER))
ch = (char)toupper(ch);
}
*p++ = ch;
}
*p++ = ch;
}
*p = '\0';
save_errno = errno;
if (!(term.c_lflag & ECHO))
(void)write(output, "\n", 1);
}
*p = '\0';
save_errno = errno;
if (!(term.c_lflag & ECHO))
(void)write(output, "\n", 1);
/* Restore old terminal settings and signals. */
if (memcmp(&term, &oterm, sizeof(term)) != 0) {
@ -152,6 +160,7 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
(void)sigaction(SIGTERM, &saveterm, NULL);
(void)sigaction(SIGTSTP, &savetstp, NULL);
(void)sigaction(SIGTTIN, &savettin, NULL);
(void)sigaction(SIGTTOU, &savettou, NULL);
if (input != STDIN_FILENO)
(void)close(input);
@ -159,20 +168,25 @@ readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
* If we were interrupted by a signal, resend it to ourselves
* now that we have restored the signal handlers.
*/
if (signo) {
kill(getpid(), signo);
switch (signo) {
case SIGTSTP:
case SIGTTIN:
case SIGTTOU:
goto restart;
for (i = 0; i < _NSIG; i++) {
if (signo[i]) {
kill(getpid(), i);
switch (i) {
case SIGTSTP:
case SIGTTIN:
case SIGTTOU:
need_restart = 1;
}
}
}
if (need_restart)
goto restart;
errno = save_errno;
if (save_errno)
errno = save_errno;
return(nr == -1 ? NULL : buf);
}
#if 0
char *
getpass(const char *prompt)
@ -186,6 +200,6 @@ getpass(const char *prompt)
static void handler(int s)
{
signo = s;
signo[s] = 1;
}
#endif /* HAVE_READPASSPHRASE */

2
opensshd.init.in
View File

@ -14,6 +14,8 @@ piddir=@piddir@
SSHD=$prefix/sbin/sshd
PIDFILE=$piddir/sshd.pid
PidFile=`grep "^PidFile" ${sysconfdir}/sshd_config | tr "=" " " | awk '{print $2}'`
[ X$PidFile = X ] || PIDFILE=$PidFile
SSH_KEYGEN=$prefix/bin/ssh-keygen
HOST_KEY_RSA1=$sysconfdir/ssh_host_key
HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key

7
pathnames.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: pathnames.h,v 1.17 2008/12/29 02:23:26 stevesk Exp $ */
/* $OpenBSD: pathnames.h,v 1.19 2010/02/11 20:37:47 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -125,6 +125,11 @@
#define _PATH_SSH_KEY_SIGN "/usr/libexec/ssh-keysign"
#endif
/* Location of ssh-pkcs11-helper to support keys in tokens */
#ifndef _PATH_SSH_PKCS11_HELPER
#define _PATH_SSH_PKCS11_HELPER "/usr/libexec/ssh-pkcs11-helper"
#endif
/* xauth for X11 forwarding */
#ifndef _PATH_XAUTH
#define _PATH_XAUTH "/usr/X11R6/bin/xauth"

1357
pkcs11.h Normal file
View File

File diff suppressed because it is too large Load Diff

24
platform.c
View File

@ -1,4 +1,4 @@
/* $Id: platform.c,v 1.1 2006/08/30 17:24:41 djm Exp $ */
/* $Id: platform.c,v 1.3 2009/12/20 23:49:22 dtucker Exp $ */
/*
* Copyright (c) 2006 Darren Tucker. All rights reserved.
@ -21,6 +21,15 @@
#include "openbsd-compat/openbsd-compat.h"
void
platform_pre_listen(void)
{
#ifdef LINUX_OOM_ADJUST
/* Adjust out-of-memory killer so listening process is not killed */
oom_adjust_setup();
#endif
}
void
platform_pre_fork(void)
{
@ -43,4 +52,17 @@ platform_post_fork_child(void)
#ifdef USE_SOLARIS_PROCESS_CONTRACTS
solaris_contract_post_fork_child();
#endif
#ifdef LINUX_OOM_ADJUST
oom_adjust_restore();
#endif
}
char *
platform_krb5_get_principal_name(const char *pw_name)
{
#ifdef USE_AIX_KRB_NAME
return aix_krb5_get_principal_name(pw_name);
#else
return NULL;
#endif
}

7
platform.h
View File

@ -1,4 +1,4 @@
/* $Id: platform.h,v 1.1 2006/08/30 17:24:41 djm Exp $ */
/* $Id: platform.h,v 1.4 2010/01/14 01:44:16 djm Exp $ */
/*
* Copyright (c) 2006 Darren Tucker. All rights reserved.
@ -18,6 +18,11 @@
#include <sys/types.h>
void platform_pre_listen(void);
void platform_pre_fork(void);
void platform_post_fork_parent(pid_t child_pid);
void platform_post_fork_child(void);
char *platform_get_krb5_client(const char *);
char *platform_krb5_get_principal_name(const char *);

18
readconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.177 2009/06/27 09:35:06 andreas Exp $ */
/* $OpenBSD: readconf.c,v 1.183 2010/02/08 10:50:20 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -123,7 +123,7 @@ typedef enum {
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
oHostKeyAlgorithms, oBindAddress, oPKCS11Provider,
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
oAddressFamily, oGssAuthentication, oGssDelegateCreds,
@ -205,10 +205,12 @@ static struct {
{ "preferredauthentications", oPreferredAuthentications },
{ "hostkeyalgorithms", oHostKeyAlgorithms },
{ "bindaddress", oBindAddress },
#ifdef SMARTCARD
{ "smartcarddevice", oSmartcardDevice },
#ifdef ENABLE_PKCS11
{ "smartcarddevice", oPKCS11Provider },
{ "pkcs11provider", oPKCS11Provider },
#else
{ "smartcarddevice", oUnsupported },
{ "pkcs11provider", oUnsupported },
#endif
{ "clearallforwardings", oClearAllForwardings },
{ "enablesshkeysign", oEnableSSHKeysign },
@ -609,8 +611,8 @@ process_config_line(Options *options, const char *host,
charptr = &options->bind_address;
goto parse_string;
case oSmartcardDevice:
charptr = &options->smartcard_device;
case oPKCS11Provider:
charptr = &options->pkcs11_provider;
goto parse_string;
case oProxyCommand:
@ -1051,7 +1053,7 @@ initialize_options(Options * options)
options->log_level = SYSLOG_LEVEL_NOT_SET;
options->preferred_authentications = NULL;
options->bind_address = NULL;
options->smartcard_device = NULL;
options->pkcs11_provider = NULL;
options->enable_ssh_keysign = - 1;
options->no_host_authentication_for_localhost = - 1;
options->identities_only = - 1;
@ -1142,7 +1144,7 @@ fill_default_options(Options * options)
/* options->macs, default set in myproposals.h */
/* options->hostkeyalgorithms, default set in myproposals.h */
if (options->protocol == SSH_PROTO_UNKNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2;
options->protocol = SSH_PROTO_2;
if (options->num_identity_files == 0) {
if (options->protocol & SSH_PROTO_1) {
len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;

4
readconf.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.h,v 1.79 2009/06/27 09:35:06 andreas Exp $ */
/* $OpenBSD: readconf.h,v 1.82 2010/02/08 10:50:20 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -84,7 +84,7 @@ typedef struct {
char *user_hostfile2;
char *preferred_authentications;
char *bind_address; /* local socket address for connection to sshd */
char *smartcard_device; /* Smartcard reader device */
char *pkcs11_provider; /* PKCS#11 provider */
int verify_host_key_dns; /* Verify host key using DNS */
int num_identity_files; /* Number of files for RSA/DSA identities. */

18
regress/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.48 2008/06/28 13:57:25 djm Exp $
# $OpenBSD: Makefile,v 1.52 2010/02/26 20:33:21 djm Exp $
REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec
tests: $(REGRESS_TARGETS)
@ -34,6 +34,7 @@ LTESTS= connect \
agent-ptrace \
keyscan \
keygen-change \
keygen-convert \
key-options \
scp \
sftp \
@ -50,7 +51,10 @@ LTESTS= connect \
cfgmatch \
addrmatch \
localcommand \
forcecommand
forcecommand \
portnum \
cert-hostkey \
cert-userkey
INTEROP_TESTS= putty-transfer putty-ciphers putty-kex conch-ciphers
#INTEROP_TESTS+=ssh-com ssh-com-client ssh-com-keygen ssh-com-sftp
@ -64,7 +68,11 @@ CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
ls.copy banner.in banner.out empty.in \
scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \
sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \
putty.rsa2
known_hosts-cert host_ca_key* cert_host_key* \
putty.rsa2 sshd_proxy_orig
# Enable all malloc(3) randomisations and checks
TEST_ENV= "MALLOC_OPTIONS=AFGJPRX"
t1:
ssh-keygen -if ${.CURDIR}/rsa_ssh2.prv | diff - ${.CURDIR}/rsa_openssh.prv
@ -104,13 +112,13 @@ t-exec: ${LTESTS:=.sh}
@if [ "x$?" = "x" ]; then exit 0; fi; \
for TEST in ""$?; do \
echo "run test $${TEST}" ... 1>&2; \
(env SUDO=${SUDO} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
(env SUDO=${SUDO} TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
done
t-exec-interop: ${INTEROP_TESTS:=.sh}
@if [ "x$?" = "x" ]; then exit 0; fi; \
for TEST in ""$?; do \
echo "run test $${TEST}" ... 1>&2; \
(env SUDO=${SUDO} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
(env SUDO=${SUDO} TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
done

11
regress/addrmatch.sh
View File

@ -1,9 +1,9 @@
# $OpenBSD: addrmatch.sh,v 1.1 2008/06/10 05:23:32 dtucker Exp $
# $OpenBSD: addrmatch.sh,v 1.3 2010/02/09 04:57:36 djm Exp $
# Placed in the Public Domain.
tid="address match"
mv $OBJ/sshd_proxy $OBJ/sshd_proxy_orig
mv $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
run_trial()
{
@ -12,13 +12,13 @@ run_trial()
verbose "test $descr for $user $addr $host"
result=`${SSHD} -f $OBJ/sshd_proxy -T \
-C user=${user},addr=${addr},host=${host} | \
awk '/passwordauthentication/ {print $2}'`
awk '/^passwordauthentication/ {print $2}'`
if [ "$result" != "$expected" ]; then
fail "failed for $user $addr $host: expected $expected, got $result"
fi
}
cp $OBJ/sshd_proxy_orig $OBJ/sshd_proxy
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
cat >>$OBJ/sshd_proxy <<EOD
PasswordAuthentication no
Match Address 192.168.0.0/16,!192.168.30.0/24,10.0.0.0/8,host.example.com
@ -40,3 +40,6 @@ run_trial user ::3 somehost no "deny IP6 negated"
run_trial user ::4 somehost no "deny, IP6 no match"
run_trial user 2000::1 somehost yes "permit, IP6 network"
run_trial user 2001::1 somehost no "deny, IP6 network"
cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy
rm $OBJ/sshd_proxy_bak

69
regress/agent-pkcs11.sh Executable file
View File

@ -0,0 +1,69 @@
# $OpenBSD: agent-pkcs11.sh,v 1.1 2010/02/08 10:52:47 markus Exp $
# Placed in the Public Domain.
tid="pkcs11 agent test"
TEST_SSH_PIN=""
TEST_SSH_PKCS11=/usr/local/lib/soft-pkcs11.so.0.0
# setup environment for soft-pkcs11 token
SOFTPKCS11RC=$OBJ/pkcs11.info
export SOFTPKCS11RC
# prevent ssh-agent from calling ssh-askpass
SSH_ASKPASS=/usr/bin/true
export SSH_ASKPASS
unset DISPLAY
# start command w/o tty, so ssh-add accepts pin from stdin
notty() {
perl -e 'use POSIX; POSIX::setsid();
if (fork) { wait; exit($? >> 8); } else { exec(@ARGV) }' "$@"
}
trace "start agent"
eval `${SSHAGENT} -s` > /dev/null
r=$?
if [ $r -ne 0 ]; then
fail "could not start ssh-agent: exit code $r"
else
trace "generating key/cert"
rm -f $OBJ/pkcs11.key $OBJ/pkcs11.crt
openssl genrsa -out $OBJ/pkcs11.key 2048 > /dev/null 2>&1
chmod 600 $OBJ/pkcs11.key
openssl req -key $OBJ/pkcs11.key -new -x509 \
-out $OBJ/pkcs11.crt -text -subj '/CN=pkcs11 test' > /dev/null
printf "a\ta\t$OBJ/pkcs11.crt\t$OBJ/pkcs11.key" > $SOFTPKCS11RC
# add to authorized keys
${SSHKEYGEN} -y -f $OBJ/pkcs11.key > $OBJ/authorized_keys_$USER
trace "add pkcs11 key to agent"
echo ${TEST_SSH_PIN} | notty ${SSHADD} -s ${TEST_SSH_PKCS11} > /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then
fail "ssh-add -s failed: exit code $r"
fi
trace "pkcs11 list via agent"
${SSHADD} -l > /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then
fail "ssh-add -l failed: exit code $r"
fi
trace "pkcs11 connect via agent"
${SSH} -2 -F $OBJ/ssh_proxy somehost exit 5
r=$?
if [ $r -ne 5 ]; then
fail "ssh connect failed (exit code $r)"
fi
trace "remove pkcs11 keys"
echo ${TEST_SSH_PIN} | notty ${SSHADD} -e ${TEST_SSH_PKCS11} > /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then
fail "ssh-add -e failed: exit code $r"
fi
trace "kill agent"
${SSHAGENT} -k > /dev/null
fi

211
regress/cert-hostkey.sh Executable file
View File

@ -0,0 +1,211 @@
# $OpenBSD: cert-hostkey.sh,v 1.3 2010/03/04 10:38:23 djm Exp $
# Placed in the Public Domain.
tid="certified host keys"
rm -f $OBJ/known_hosts-cert $OBJ/host_ca_key* $OBJ/cert_host_key*
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
HOSTS='localhost-with-alias,127.0.0.1,::1'
# Create a CA key and add it to known hosts
${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/host_ca_key ||\
fail "ssh-keygen of host_ca_key failed"
(
echon '@cert-authority '
echon "$HOSTS "
cat $OBJ/host_ca_key.pub
) > $OBJ/known_hosts-cert
# Generate and sign host keys
for ktype in rsa dsa ; do
verbose "$tid: sign host ${ktype} cert"
# Generate and sign a host key
${SSHKEYGEN} -q -N '' -t ${ktype} \
-f $OBJ/cert_host_key_${ktype} || \
fail "ssh-keygen of cert_host_key_${ktype} failed"
${SSHKEYGEN} -h -q -s $OBJ/host_ca_key \
-I "regress host key for $USER" \
-n $HOSTS $OBJ/cert_host_key_${ktype} ||
fail "couldn't sign cert_host_key_${ktype}"
done
# Basic connect tests
for privsep in yes no ; do
for ktype in rsa dsa ; do
verbose "$tid: host ${ktype} cert connect privsep $privsep"
(
cat $OBJ/sshd_proxy_bak
echo HostKey $OBJ/cert_host_key_${ktype}
echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
echo UsePrivilegeSeparation $privsep
) > $OBJ/sshd_proxy
${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-F $OBJ/ssh_proxy somehost true
if [ $? -ne 0 ]; then
fail "ssh cert connect failed"
fi
done
done
# Revoked certificates with key present
(
echon '@cert-authority '
echon "$HOSTS "
cat $OBJ/host_ca_key.pub
echon '@revoked '
echon "* "
cat $OBJ/cert_host_key_rsa.pub
echon '@revoked '
echon "* "
cat $OBJ/cert_host_key_dsa.pub
) > $OBJ/known_hosts-cert
for privsep in yes no ; do
for ktype in rsa dsa ; do
verbose "$tid: host ${ktype} revoked cert privsep $privsep"
(
cat $OBJ/sshd_proxy_bak
echo HostKey $OBJ/cert_host_key_${ktype}
echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
echo UsePrivilegeSeparation $privsep
) > $OBJ/sshd_proxy
${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
if [ $? -eq 0 ]; then
fail "ssh cert connect succeeded unexpectedly"
fi
done
done
# Revoked CA
(
echon '@cert-authority '
echon "$HOSTS "
cat $OBJ/host_ca_key.pub
echon '@revoked '
echon "* "
cat $OBJ/host_ca_key.pub
) > $OBJ/known_hosts-cert
for ktype in rsa dsa ; do
verbose "$tid: host ${ktype} revoked cert"
(
cat $OBJ/sshd_proxy_bak
echo HostKey $OBJ/cert_host_key_${ktype}
echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
) > $OBJ/sshd_proxy
${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
if [ $? -eq 0 ]; then
fail "ssh cert connect succeeded unexpectedly"
fi
done
# Create a CA key and add it to known hosts
(
echon '@cert-authority '
echon "$HOSTS "
cat $OBJ/host_ca_key.pub
) > $OBJ/known_hosts-cert
test_one() {
ident=$1
result=$2
sign_opts=$3
verbose "$tid: test host cert connect $ident expect $result"
${SSHKEYGEN} -q -s $OBJ/host_ca_key -I "regress host key for $USER" \
$sign_opts \
$OBJ/cert_host_key_rsa ||
fail "couldn't sign cert_host_key_rsa"
(
cat $OBJ/sshd_proxy_bak
echo HostKey $OBJ/cert_host_key_rsa
echo HostCertificate $OBJ/cert_host_key_rsa-cert.pub
) > $OBJ/sshd_proxy
${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
rc=$?
if [ "x$result" = "xsuccess" ] ; then
if [ $rc -ne 0 ]; then
fail "ssh cert connect $ident failed unexpectedly"
fi
else
if [ $rc -eq 0 ]; then
fail "ssh cert connect $ident succeeded unexpectedly"
fi
fi
}
test_one "user-certificate" failure "-n $HOSTS"
test_one "empty principals" success "-h"
test_one "wrong principals" failure "-h -n foo"
test_one "cert not yet valid" failure "-h -V20200101:20300101"
test_one "cert expired" failure "-h -V19800101:19900101"
test_one "cert valid interval" success "-h -V-1w:+2w"
test_one "cert has constraints" failure "-h -Oforce-command=false"
# Check downgrade of cert to raw key when no CA found
rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key*
for ktype in rsa dsa ; do
verbose "$tid: host ${ktype} cert downgrade to raw key"
# Generate and sign a host key
${SSHKEYGEN} -q -N '' -t ${ktype} \
-f $OBJ/cert_host_key_${ktype} || \
fail "ssh-keygen of cert_host_key_${ktype} failed"
${SSHKEYGEN} -h -q -s $OBJ/host_ca_key -I "regress host key for $USER" \
-n $HOSTS $OBJ/cert_host_key_${ktype} ||
fail "couldn't sign cert_host_key_${ktype}"
(
echon "$HOSTS "
cat $OBJ/cert_host_key_${ktype}.pub
) > $OBJ/known_hosts-cert
(
cat $OBJ/sshd_proxy_bak
echo HostKey $OBJ/cert_host_key_${ktype}
echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
) > $OBJ/sshd_proxy
${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-F $OBJ/ssh_proxy somehost true
if [ $? -ne 0 ]; then
fail "ssh cert connect failed"
fi
done
# Wrong certificate
(
echon '@cert-authority '
echon "$HOSTS "
cat $OBJ/host_ca_key.pub
) > $OBJ/known_hosts-cert
for ktype in rsa dsa ; do
# Self-sign key
${SSHKEYGEN} -h -q -s $OBJ/cert_host_key_${ktype} \
-I "regress host key for $USER" \
-n $HOSTS $OBJ/cert_host_key_${ktype} ||
fail "couldn't sign cert_host_key_${ktype}"
verbose "$tid: host ${ktype} connect wrong cert"
(
cat $OBJ/sshd_proxy_bak
echo HostKey $OBJ/cert_host_key_${ktype}
echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
) > $OBJ/sshd_proxy
${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
-oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
-F $OBJ/ssh_proxy -q somehost true >/dev/null 2>&1
if [ $? -eq 0 ]; then
fail "ssh cert connect $ident succeeded unexpectedly"
fi
done
rm -f $OBJ/known_hosts-cert $OBJ/host_ca_key* $OBJ/cert_host_key*

176
regress/cert-userkey.sh Executable file
View File

@ -0,0 +1,176 @@
# $OpenBSD: cert-userkey.sh,v 1.3 2010/03/04 10:38:23 djm Exp $
# Placed in the Public Domain.
tid="certified user keys"
rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
# Create a CA key
${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_ca_key ||\
fail "ssh-keygen of user_ca_key failed"
# Generate and sign user keys
for ktype in rsa dsa ; do
verbose "$tid: sign user ${ktype} cert"
${SSHKEYGEN} -q -N '' -t ${ktype} \
-f $OBJ/cert_user_key_${ktype} || \
fail "ssh-keygen of cert_user_key_${ktype} failed"
${SSHKEYGEN} -q -s $OBJ/user_ca_key -I \
"regress user key for $USER" \
-n $USER $OBJ/cert_user_key_${ktype} ||
fail "couldn't sign cert_user_key_${ktype}"
done
basic_tests() {
auth=$1
if test "x$auth" = "xauthorized_keys" ; then
# Add CA to authorized_keys
(
echon 'cert-authority '
cat $OBJ/user_ca_key.pub
) > $OBJ/authorized_keys_$USER
else
echo > $OBJ/authorized_keys_$USER
extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub"
fi
for ktype in rsa dsa ; do
for privsep in yes no ; do
_prefix="${ktype} privsep $privsep $auth"
# Simple connect
verbose "$tid: ${_prefix} connect"
(
cat $OBJ/sshd_proxy_bak
echo "UsePrivilegeSeparation $privsep"
echo "$extra_sshd"
) > $OBJ/sshd_proxy
${SSH} -2i $OBJ/cert_user_key_${ktype} \
-F $OBJ/ssh_proxy somehost true
if [ $? -ne 0 ]; then
fail "ssh cert connect failed"
fi
# Revoked keys
verbose "$tid: ${_prefix} revoked key"
(
cat $OBJ/sshd_proxy_bak
echo "UsePrivilegeSeparation $privsep"
echo "RevokedKeys $OBJ/cert_user_key_${ktype}.pub"
echo "$extra_sshd"
) > $OBJ/sshd_proxy
${SSH} -2i $OBJ/cert_user_key_${ktype} \
-F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
if [ $? -eq 0 ]; then
fail "ssh cert connect succeeded unexpecedly"
fi
done
# Revoked CA
verbose "$tid: ${ktype} $auth revoked CA key"
(
cat $OBJ/sshd_proxy_bak
echo "RevokedKeys $OBJ/user_ca_key.pub"
echo "$extra_sshd"
) > $OBJ/sshd_proxy
${SSH} -2i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \
somehost true >/dev/null 2>&1
if [ $? -eq 0 ]; then
fail "ssh cert connect succeeded unexpecedly"
fi
done
verbose "$tid: $auth CA does not authenticate"
(
cat $OBJ/sshd_proxy_bak
echo "$extra_sshd"
) > $OBJ/sshd_proxy
verbose "$tid: ensure CA key does not authenticate user"
${SSH} -2i $OBJ/user_ca_key \
-F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
if [ $? -eq 0 ]; then
fail "ssh cert connect with CA key succeeded unexpectedly"
fi
}
basic_tests authorized_keys
basic_tests TrustedUserCAKeys
test_one() {
ident=$1
result=$2
sign_opts=$3
auth_choice=$4
if test "x$auth_choice" = "x" ; then
auth_choice="authorized_keys TrustedUserCAKeys"
fi
for auth in $auth_choice ; do
cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
if test "x$auth" = "xauthorized_keys" ; then
# Add CA to authorized_keys
(
echon 'cert-authority '
cat $OBJ/user_ca_key.pub
) > $OBJ/authorized_keys_$USER
else
echo > $OBJ/authorized_keys_$USER
echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" >> \
$OBJ/sshd_proxy
fi
verbose "$tid: $ident auth $auth expect $result"
${SSHKEYGEN} -q -s $OBJ/user_ca_key \
-I "regress user key for $USER" \
$sign_opts \
$OBJ/cert_user_key_rsa ||
fail "couldn't sign cert_user_key_rsa"
${SSH} -2i $OBJ/cert_user_key_rsa -F $OBJ/ssh_proxy \
somehost true >/dev/null 2>&1
rc=$?
if [ "x$result" = "xsuccess" ] ; then
if [ $rc -ne 0 ]; then
fail "$ident failed unexpectedly"
fi
else
if [ $rc -eq 0 ]; then
fail "$ident succeeded unexpectedly"
fi
fi
done
}
test_one "correct principal" success "-n ${USER}"
test_one "host-certificate" failure "-n ${USER} -h"
test_one "wrong principals" failure "-n foo"
test_one "cert not yet valid" failure "-n ${USER} -V20200101:20300101"
test_one "cert expired" failure "-n ${USER} -V19800101:19900101"
test_one "cert valid interval" success "-n ${USER} -V-1w:+2w"
test_one "wrong source-address" failure "-n ${USER} -Osource-address=10.0.0.0/8"
test_one "force-command" failure "-n ${USER} -Oforce-command=false"
# Behaviour is different here: TrustedUserCAKeys doesn't allow empty principals
test_one "empty principals" success "" authorized_keys
test_one "empty principals" failure "" TrustedUserCAKeys
# Wrong certificate
for ktype in rsa dsa ; do
# Self-sign
${SSHKEYGEN} -q -s $OBJ/cert_user_key_${ktype} -I \
"regress user key for $USER" \
-n $USER $OBJ/cert_user_key_${ktype} ||
fail "couldn't sign cert_user_key_${ktype}"
verbose "$tid: user ${ktype} connect wrong cert"
${SSH} -2i $OBJ/cert_user_key_${ktype} -F $OBJ/ssh_proxy \
somehost true >/dev/null 2>&1
if [ $? -eq 0 ]; then
fail "ssh cert connect $ident succeeded unexpectedly"
fi
done
rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*

4
regress/cfgmatch.sh
View File

@ -57,9 +57,9 @@ for p in 1 2; do
done
# Retry previous with key option, should also be denied.
echo -n 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
echon 'permitopen="127.0.0.1:'$PORT'" ' >$OBJ/authorized_keys_$USER
cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
echo -n 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
echon 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
for p in 1 2; do
rm -f $pidfile

4
regress/cipher-speed.sh
View File

@ -19,7 +19,7 @@ ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
for c in $ciphers; do for m in $macs; do
trace "proto 2 cipher $c mac $m"
for x in $tries; do
echo -n "$c/$m:\t"
echon "$c/$m:\t"
( ${SSH} -o 'compression no' \
-F $OBJ/ssh_proxy -2 -m $m -c $c somehost \
exec sh -c \'"dd of=/dev/null obs=32k"\' \
@ -35,7 +35,7 @@ ciphers="3des blowfish"
for c in $ciphers; do
trace "proto 1 cipher $c"
for x in $tries; do
echo -n "$c:\t"
echon "$c:\t"
( ${SSH} -o 'compression no' \
-F $OBJ/ssh_proxy -1 -c $c somehost \
exec sh -c \'"dd of=/dev/null obs=32k"\' \

12
regress/forwarding.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: forwarding.sh,v 1.6 2006/07/11 18:51:21 markus Exp $
# $OpenBSD: forwarding.sh,v 1.7 2010/01/11 02:53:44 dtucker Exp $
# Placed in the Public Domain.
tid="local and remote forwarding"
@ -93,3 +93,13 @@ for p in 1 2; do
fi
sleep 10
done
for p in 2; do
trace "stdio forwarding proto $p"
cmd="${SSH} -$p -F $OBJ/ssh_config"
$cmd -o "ProxyCommand $cmd -q -W localhost:$PORT somehost" \
somehost true
if [ $? != 0 ]; then
fail "stdio forwarding proto $p"
fi
done

33
regress/keygen-convert.sh Executable file
View File

@ -0,0 +1,33 @@
# $OpenBSD: keygen-convert.sh,v 1.1 2009/11/09 04:20:04 dtucker Exp $
# Placed in the Public Domain.
tid="convert keys"
for t in rsa dsa; do
# generate user key for agent
trace "generating $t key"
rm -f $OBJ/$t-key
${SSHKEYGEN} -q -N "" -t $t -f $OBJ/$t-key
trace "export $t private to rfc4716 public"
${SSHKEYGEN} -q -e -f $OBJ/$t-key >$OBJ/$t-key-rfc || \
fail "export $t private to rfc4716 public"
trace "export $t public to rfc4716 public"
${SSHKEYGEN} -q -e -f $OBJ/$t-key.pub >$OBJ/$t-key-rfc.pub || \
fail "$t public to rfc4716 public"
cmp $OBJ/$t-key-rfc $OBJ/$t-key-rfc.pub || \
fail "$t rfc4716 exports differ between public and private"
trace "import $t rfc4716 public"
${SSHKEYGEN} -q -i -f $OBJ/$t-key-rfc >$OBJ/$t-rfc-imported || \
fail "$t import rfc4716 public"
cut -f1,2 -d " " $OBJ/$t-key.pub >$OBJ/$t-key-nocomment.pub
cmp $OBJ/$t-key-nocomment.pub $OBJ/$t-rfc-imported || \
fail "$t imported differs from original"
rm -f $OBJ/$t-key $OBJ/$t-key.pub $OBJ/$t-key-rfc $OBJ/$t-key-rfc.pub \
$OBJ/$t-rfc-imported $OBJ/$t-key-nocomment.pub
done

20
regress/multiplex.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: multiplex.sh,v 1.11 2005/04/25 09:54:09 dtucker Exp $
# $OpenBSD: multiplex.sh,v 1.12 2009/05/05 07:51:36 dtucker Exp $
# Placed in the Public Domain.
CTL=/tmp/openssh.regress.ctl-sock.$$
@ -26,7 +26,7 @@ sleep 5
verbose "test $tid: envpass"
trace "env passing over multiplexed connection"
_XXX_TEST=blah ${SSH} -oSendEnv="_XXX_TEST" -S$CTL otherhost sh << 'EOF'
_XXX_TEST=blah ${SSH} -F $OBJ/ssh_config -oSendEnv="_XXX_TEST" -S$CTL otherhost sh << 'EOF'
test X"$_XXX_TEST" = X"blah"
EOF
if [ $? -ne 0 ]; then
@ -36,26 +36,26 @@ fi
verbose "test $tid: transfer"
rm -f ${COPY}
trace "ssh transfer over multiplexed connection and check result"
${SSH} -S$CTL otherhost cat ${DATA} > ${COPY}
${SSH} -F $OBJ/ssh_config -S$CTL otherhost cat ${DATA} > ${COPY}
test -f ${COPY} || fail "ssh -Sctl: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "ssh -Sctl: corrupted copy of ${DATA}"
rm -f ${COPY}
trace "ssh transfer over multiplexed connection and check result"
${SSH} -S $CTL otherhost cat ${DATA} > ${COPY}
${SSH} -F $OBJ/ssh_config -S $CTL otherhost cat ${DATA} > ${COPY}
test -f ${COPY} || fail "ssh -S ctl: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "ssh -S ctl: corrupted copy of ${DATA}"
rm -f ${COPY}
trace "sftp transfer over multiplexed connection and check result"
echo "get ${DATA} ${COPY}" | \
${SFTP} -S ${SSH} -oControlPath=$CTL otherhost >$LOG 2>&1
${SFTP} -S ${SSH} -F $OBJ/ssh_config -oControlPath=$CTL otherhost >$LOG 2>&1
test -f ${COPY} || fail "sftp: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "sftp: corrupted copy of ${DATA}"
rm -f ${COPY}
trace "scp transfer over multiplexed connection and check result"
${SCP} -S ${SSH} -oControlPath=$CTL otherhost:${DATA} ${COPY} >$LOG 2>&1
${SCP} -S ${SSH} -F $OBJ/ssh_config -oControlPath=$CTL otherhost:${DATA} ${COPY} >$LOG 2>&1
test -f ${COPY} || fail "scp: failed copy ${DATA}"
cmp ${DATA} ${COPY} || fail "scp: corrupted copy of ${DATA}"
@ -64,7 +64,7 @@ rm -f ${COPY}
for s in 0 1 4 5 44; do
trace "exit status $s over multiplexed connection"
verbose "test $tid: status $s"
${SSH} -S $CTL otherhost exit $s
${SSH} -F $OBJ/ssh_config -S $CTL otherhost exit $s
r=$?
if [ $r -ne $s ]; then
fail "exit code mismatch for protocol $p: $r != $s"
@ -72,7 +72,7 @@ for s in 0 1 4 5 44; do
# same with early close of stdout/err
trace "exit status $s with early close over multiplexed connection"
${SSH} -S $CTL -n otherhost \
${SSH} -F $OBJ/ssh_config -S $CTL -n otherhost \
exec sh -c \'"sleep 2; exec > /dev/null 2>&1; sleep 3; exit $s"\'
r=$?
if [ $r -ne $s ]; then
@ -81,10 +81,10 @@ for s in 0 1 4 5 44; do
done
trace "test check command"
${SSH} -S $CTL -Ocheck otherhost || fail "check command failed"
${SSH} -F $OBJ/ssh_config -S $CTL -Ocheck otherhost || fail "check command failed"
trace "test exit command"
${SSH} -S $CTL -Oexit otherhost || fail "send exit command failed"
${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost || fail "send exit command failed"
# Wait for master to exit
sleep 2

34
regress/portnum.sh Executable file
View File

@ -0,0 +1,34 @@
# $OpenBSD: portnum.sh,v 1.1 2009/08/13 00:57:17 djm Exp $
# Placed in the Public Domain.
tid="port number parsing"
badport() {
port=$1
verbose "$tid: invalid port $port"
if ${SSH} -F $OBJ/ssh_proxy -p $port somehost true 2>/dev/null ; then
fail "$tid accepted invalid port $port"
fi
}
goodport() {
port=$1
verbose "$tid: valid port $port"
if ${SSH} -F $OBJ/ssh_proxy -p $port somehost true 2>/dev/null ; then
:
else
fail "$tid rejected valid port $port"
fi
}
badport 0
badport 65536
badport 131073
badport 2000blah
badport blah2000
goodport 1
goodport 22
goodport 2222
goodport 22222
goodport 65535

16
regress/sftp-badcmds.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: sftp-badcmds.sh,v 1.3 2008/03/24 21:46:54 djm Exp $
# $OpenBSD: sftp-badcmds.sh,v 1.4 2009/08/13 01:11:55 djm Exp $
# Placed in the Public Domain.
tid="sftp invalid commands"
@ -13,13 +13,13 @@ rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd
rm -f ${COPY}
verbose "$tid: get nonexistent"
echo "get $NONEXIST $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "get $NONEXIST $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get nonexistent failed"
test -f ${COPY} && fail "existing copy after get nonexistent"
rm -f ${COPY}.dd/*
verbose "$tid: glob get to nonexistent directory"
echo "get /bin/l* $NONEXIST" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "get /bin/l* $NONEXIST" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get nonexistent failed"
for x in $GLOBFILES; do
test -f ${COPY}.dd/$x && fail "existing copy after get nonexistent"
@ -27,13 +27,13 @@ done
rm -f ${COPY}
verbose "$tid: put nonexistent"
echo "put $NONEXIST $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "put $NONEXIST $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put nonexistent failed"
test -f ${COPY} && fail "existing copy after put nonexistent"
rm -f ${COPY}.dd/*
verbose "$tid: glob put to nonexistent directory"
echo "put /bin/l* ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "put /bin/l* ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put nonexistent failed"
for x in $GLOBFILES; do
test -f ${COPY}.dd/$x && fail "existing copy after nonexistent"
@ -41,7 +41,7 @@ done
rm -f ${COPY}
verbose "$tid: rename nonexistent"
echo "rename $NONEXIST ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "rename $NONEXIST ${COPY}.1" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename nonexist failed"
test -f ${COPY}.1 && fail "file exists after rename nonexistent"
@ -49,7 +49,7 @@ rm -rf ${COPY} ${COPY}.dd
cp $DATA $COPY
mkdir ${COPY}.dd
verbose "$tid: rename target exists (directory)"
echo "rename $COPY ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "rename $COPY ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename target exists (directory) failed"
test -f ${COPY} || fail "oldname missing after rename target exists (directory)"
test -d ${COPY}.dd || fail "newname missing after rename target exists (directory)"
@ -59,7 +59,7 @@ rm -f ${COPY}.dd/*
rm -rf ${COPY}
cp ${DATA2} ${COPY}
verbose "$tid: glob put files to local file"
echo "put /bin/l* $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1
echo "put /bin/l* $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1
cmp ${DATA2} ${COPY} || fail "put successed when it should have failed"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd

10
regress/sftp-batch.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: sftp-batch.sh,v 1.3 2004/01/13 09:49:06 djm Exp $
# $OpenBSD: sftp-batch.sh,v 1.4 2009/08/13 01:11:55 djm Exp $
# Placed in the Public Domain.
tid="sftp batchfile"
@ -37,19 +37,19 @@ cat << EOF > ${BATCH}.fail.2
EOF
verbose "$tid: good commands"
${SFTP} -b ${BATCH}.pass.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
${SFTP} -b ${BATCH}.pass.1 -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "good commands failed"
verbose "$tid: bad commands"
${SFTP} -b ${BATCH}.fail.1 -P ${SFTPSERVER} >/dev/null 2>&1 \
${SFTP} -b ${BATCH}.fail.1 -D ${SFTPSERVER} >/dev/null 2>&1 \
&& fail "bad commands succeeded"
verbose "$tid: comments and blanks"
${SFTP} -b ${BATCH}.pass.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
${SFTP} -b ${BATCH}.pass.2 -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "comments & blanks failed"
verbose "$tid: junk command"
${SFTP} -b ${BATCH}.fail.2 -P ${SFTPSERVER} >/dev/null 2>&1 \
${SFTP} -b ${BATCH}.fail.2 -D ${SFTPSERVER} >/dev/null 2>&1 \
&& fail "junk command succeeded"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.*

73
regress/sftp-cmds.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: sftp-cmds.sh,v 1.9 2007/12/12 05:04:03 djm Exp $
# $OpenBSD: sftp-cmds.sh,v 1.10 2009/08/13 01:11:55 djm Exp $
# Placed in the Public Domain.
# XXX - TODO:
@ -40,56 +40,56 @@ SPACECOPY_ARG="${COPY}\ this\ has\ spaces.txt"
# File with glob metacharacters
GLOBMETACOPY="${COPY} [metachar].txt"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2 ${BATCH}.*
mkdir ${COPY}.dd
verbose "$tid: lls"
(echo "lcd ${OBJ}" ; echo "lls") | ${SFTP} -P ${SFTPSERVER} 2>&1 | \
(echo "lcd ${OBJ}" ; echo "lls") | ${SFTP} -D ${SFTPSERVER} 2>&1 | \
grep copy.dd >/dev/null 2>&1 || fail "lls failed"
verbose "$tid: lls w/path"
echo "lls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} 2>&1 | \
echo "lls ${OBJ}" | ${SFTP} -D ${SFTPSERVER} 2>&1 | \
grep copy.dd >/dev/null 2>&1 || fail "lls w/path failed"
verbose "$tid: ls"
echo "ls ${OBJ}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "ls ${OBJ}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "ls failed"
# XXX always successful
verbose "$tid: shell"
echo "!echo hi there" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "!echo hi there" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "shell failed"
# XXX always successful
verbose "$tid: pwd"
echo "pwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "pwd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "pwd failed"
# XXX always successful
verbose "$tid: lpwd"
echo "lpwd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "lpwd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lpwd failed"
# XXX always successful
verbose "$tid: quit"
echo "quit" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "quit" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "quit failed"
# XXX always successful
verbose "$tid: help"
echo "help" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "help" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "help failed"
# XXX always successful
rm -f ${COPY}
verbose "$tid: get"
echo "get $DATA $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "get $DATA $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY} || fail "corrupted copy after get"
rm -f ${COPY}
verbose "$tid: get quoted"
echo "get \"$DATA\" $COPY" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "get \"$DATA\" $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY} || fail "corrupted copy after get"
@ -97,8 +97,8 @@ if [ "$os" != "cygwin" ]; then
rm -f ${QUOTECOPY}
cp $DATA ${QUOTECOPY}
verbose "$tid: get filename with quotes"
echo "get \"$QUOTECOPY_ARG\" ${COPY}" | \
${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \ || fail "get failed"
echo "get \"$QUOTECOPY_ARG\" ${COPY}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp ${COPY} ${QUOTECOPY} || fail "corrupted copy after get with quotes"
rm -f ${QUOTECOPY} ${COPY}
fi
@ -106,7 +106,7 @@ fi
rm -f "$SPACECOPY" ${COPY}
cp $DATA "$SPACECOPY"
verbose "$tid: get filename with spaces"
echo "get ${SPACECOPY_ARG} ${COPY}" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "get ${SPACECOPY_ARG} ${COPY}" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp ${COPY} "$SPACECOPY" || fail "corrupted copy after get with spaces"
@ -114,19 +114,19 @@ rm -f "$GLOBMETACOPY" ${COPY}
cp $DATA "$GLOBMETACOPY"
verbose "$tid: get filename with glob metacharacters"
echo "get \"${GLOBMETACOPY}\" ${COPY}" | \
${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "get failed"
${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "get failed"
cmp ${COPY} "$GLOBMETACOPY" || \
fail "corrupted copy after get with glob metacharacters"
rm -f ${COPY}.dd/*
verbose "$tid: get to directory"
echo "get $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "get $DATA ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get"
rm -f ${COPY}.dd/*
verbose "$tid: glob get to directory"
echo "get /bin/l* ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "get /bin/l* ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get"
@ -134,13 +134,13 @@ done
rm -f ${COPY}.dd/*
verbose "$tid: get to local dir"
(echo "lcd ${COPY}.dd"; echo "get $DATA" ) | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
(echo "lcd ${COPY}.dd"; echo "get $DATA" ) | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after get"
rm -f ${COPY}.dd/*
verbose "$tid: glob get to local dir"
(echo "lcd ${COPY}.dd"; echo "get /bin/l*") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
(echo "lcd ${COPY}.dd"; echo "get /bin/l*") | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "get failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after get"
@ -149,32 +149,32 @@ done
rm -f ${COPY}
verbose "$tid: put"
echo "put $DATA $COPY" | \
${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
cmp $DATA ${COPY} || fail "corrupted copy after put"
if [ "$os" != "cygwin" ]; then
rm -f ${QUOTECOPY}
verbose "$tid: put filename with quotes"
echo "put $DATA \"$QUOTECOPY_ARG\"" | \
${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
cmp $DATA ${QUOTECOPY} || fail "corrupted copy after put with quotes"
fi
rm -f "$SPACECOPY"
verbose "$tid: put filename with spaces"
echo "put $DATA ${SPACECOPY_ARG}" | \
${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "put failed"
cmp $DATA "$SPACECOPY" || fail "corrupted copy after put with spaces"
rm -f ${COPY}.dd/*
verbose "$tid: put to directory"
echo "put $DATA ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "put $DATA ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put"
rm -f ${COPY}.dd/*
verbose "$tid: glob put to directory"
echo "put /bin/l? ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "put /bin/l? ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put"
@ -182,60 +182,61 @@ done
rm -f ${COPY}.dd/*
verbose "$tid: put to local dir"
(echo "cd ${COPY}.dd"; echo "put $DATA") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
(echo "cd ${COPY}.dd"; echo "put $DATA") | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
cmp $DATA ${COPY}.dd/`basename $DATA` || fail "corrupted copy after put"
rm -f ${COPY}.dd/*
verbose "$tid: glob put to local dir"
(echo "cd ${COPY}.dd"; echo "put /bin/l?") | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
(echo "cd ${COPY}.dd"; echo "put /bin/l?") | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "put failed"
for x in $GLOBFILES; do
cmp /bin/$x ${COPY}.dd/$x || fail "corrupted copy after put"
done
verbose "$tid: rename"
echo "rename $COPY ${COPY}.1" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "rename $COPY ${COPY}.1" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rename failed"
test -f ${COPY}.1 || fail "missing file after rename"
cmp $DATA ${COPY}.1 >/dev/null 2>&1 || fail "corrupted copy after rename"
verbose "$tid: rename directory"
echo "rename ${COPY}.dd ${COPY}.dd2" | \
${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || \
${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || \
fail "rename directory failed"
test -d ${COPY}.dd && fail "oldname exists after rename directory"
test -d ${COPY}.dd2 || fail "missing newname after rename directory"
verbose "$tid: ln"
echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed"
echo "ln ${COPY}.1 ${COPY}.2" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 || fail "ln failed"
test -h ${COPY}.2 || fail "missing file after ln"
verbose "$tid: mkdir"
echo "mkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "mkdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "mkdir failed"
test -d ${COPY}.dd || fail "missing directory after mkdir"
# XXX do more here
verbose "$tid: chdir"
echo "chdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "chdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "chdir failed"
verbose "$tid: rmdir"
echo "rmdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "rmdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "rmdir failed"
test -d ${COPY}.1 && fail "present directory after rmdir"
verbose "$tid: lmkdir"
echo "lmkdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "lmkdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lmkdir failed"
test -d ${COPY}.dd || fail "missing directory after lmkdir"
# XXX do more here
verbose "$tid: lchdir"
echo "lchdir ${COPY}.dd" | ${SFTP} -P ${SFTPSERVER} >/dev/null 2>&1 \
echo "lchdir ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \
|| fail "lchdir failed"
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2
rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${COPY}.dd2 ${BATCH}.*
rm -rf ${QUOTECOPY} "$SPACECOPY" "$GLOBMETACOPY"

4
regress/sftp-glob.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: sftp-glob.sh,v 1.3 2007/10/26 05:30:01 djm Exp $
# $OpenBSD: sftp-glob.sh,v 1.4 2009/08/13 01:11:55 djm Exp $
# Placed in the Public Domain.
tid="sftp glob"
@ -10,7 +10,7 @@ sftp_ls() {
unexpected=$4
verbose "$tid: $errtag"
printf "ls -l %s" "${target}" | \
${SFTP} -b - -P ${SFTPSERVER} 2>/dev/null | \
${SFTP} -b - -D ${SFTPSERVER} 2>/dev/null | \
grep -v "^sftp>" > ${RESULTS}
if [ $? -ne 0 ]; then
fail "$errtag failed"

6
regress/sftp.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: sftp.sh,v 1.2 2002/03/27 22:39:52 markus Exp $
# $OpenBSD: sftp.sh,v 1.3 2009/08/13 01:11:55 djm Exp $
# Placed in the Public Domain.
tid="basic sftp put/get"
@ -19,8 +19,8 @@ REQUESTS="1 2 10"
for B in ${BUFFERSIZE}; do
for R in ${REQUESTS}; do
verbose "test $tid: buffer_size $B num_requests $R"
rm -f ${COPY}.1 ${COPY}.2
${SFTP} -P ${SFTPSERVER} -B $B -R $R -b $SFTPCMDFILE \
rm -f ${COPY}.1 ${COPY}.2
${SFTP} -D ${SFTPSERVER} -B $B -R $R -b $SFTPCMDFILE \
> /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then

4
regress/ssh-com-sftp.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: ssh-com-sftp.sh,v 1.5 2004/02/24 17:06:52 markus Exp $
# $OpenBSD: ssh-com-sftp.sh,v 1.6 2009/08/20 18:43:07 djm Exp $
# Placed in the Public Domain.
tid="basic sftp put/get with ssh.com server"
@ -51,7 +51,7 @@ for v in ${VERSIONS}; do
for R in ${REQUESTS}; do
verbose "test $tid: buffer_size $B num_requests $R"
rm -f ${COPY}.1 ${COPY}.2
${SFTP} -P ${server} -B $B -R $R -b $SFTPCMDFILE \
${SFTP} -D ${server} -B $B -R $R -b $SFTPCMDFILE \
> /dev/null 2>&1
r=$?
if [ $r -ne 0 ]; then

1
regress/ssh2putty.sh
View File

@ -1,4 +1,5 @@
#!/bin/sh
# $OpenBSD: ssh2putty.sh,v 1.2 2009/10/06 23:51:49 dtucker Exp $
if test "x$1" = "x" -o "x$2" = "x" -o "x$3" = "x" ; then
echo "Usage: ssh2putty hostname port ssh-private-key"

14
regress/test-exec.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: test-exec.sh,v 1.35 2008/06/28 13:57:25 djm Exp $
# $OpenBSD: test-exec.sh,v 1.37 2010/02/24 06:21:56 djm Exp $
# Placed in the Public Domain.
#SUDO=sudo
@ -172,9 +172,17 @@ cleanup ()
echo no sshd running
else
if [ $pid -lt 2 ]; then
echo bad pid for ssd: $pid
echo bad pid for ssh: $pid
else
$SUDO kill $pid
trace "wait for sshd to exit"
i=0;
while [ -f $PIDFILE -a $i -lt 5 ]; do
i=`expr $i + 1`
sleep $i
done
test -f $PIDFILE && \
fatal "sshd didn't exit port $PORT pid $pid"
fi
fi
fi
@ -222,6 +230,7 @@ trap fatal 3 2
cat << EOF > $OBJ/sshd_config
StrictModes no
Port $PORT
Protocol 2,1
AddressFamily inet
ListenAddress 127.0.0.1
#ListenAddress ::1
@ -247,6 +256,7 @@ echo 'StrictModes no' >> $OBJ/sshd_proxy
# create client config
cat << EOF > $OBJ/ssh_config
Host *
Protocol 2,1
Hostname 127.0.0.1
HostKeyAlias localhost-with-alias
Port $PORT

Some files were not shown because too many files have changed in this diff Show More