Vendor import of OpenSSH 4.5p1.

svn path=/vendor-crypto/openssh/dist/; revision=164146

crypto/openssh/Makefile.in

@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.282 2006/09/12 11:54:10 djm Exp $
+# $Id: Makefile.in,v 1.283 2006/10/23 21:44:47 tim Exp $
 
 # uncomment if you run a non bourne compatable shell. Ie. csh
 #SHELL = @SH@
@@ -11,6 +11,7 @@ bindir=@bindir@
 sbindir=@sbindir@
 libexecdir=@libexecdir@
 datadir=@datadir@
+datarootdir=@datarootdir@
 mandir=@mandir@
 mansubdir=@mansubdir@
 sysconfdir=@sysconfdir@

crypto/openssh/README

@@ -1,4 +1,4 @@
-See http://www.openssh.com/txt/release-4.4 for the release notes.
+See http://www.openssh.com/txt/release-4.5 for the release notes.
 
 - A Japanese translation of this document and of the OpenSSH FAQ is
 - available at http://www.unixuser.org/~haruyama/security/openssh/index.html
@@ -62,4 +62,4 @@ References -
 [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
 [7] http://www.openssh.com/faq.html
 
-$Id: README,v 1.63 2006/09/01 11:32:53 dtucker Exp $
+$Id: README,v 1.64 2006/11/07 12:25:45 dtucker Exp $

crypto/openssh/audit-bsm.c

@@ -1,4 +1,4 @@
-/* $Id: audit-bsm.c,v 1.4 2006/09/01 05:38:36 djm Exp $ */
+/* $Id: audit-bsm.c,v 1.5 2006/09/30 22:09:50 dtucker Exp $ */
 
 /*
  * TODO
@@ -39,6 +39,7 @@
 
 #include <sys/types.h>
 
+#include <errno.h>
 #include <stdarg.h>
 #include <unistd.h>
 

crypto/openssh/auth-rsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-rsa.c,v 1.71 2006/08/03 03:34:41 deraadt Exp $ */
+/* $OpenBSD: auth-rsa.c,v 1.72 2006/11/06 21:25:27 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -76,10 +76,12 @@ auth_rsa_generate_challenge(Key *key)
 	if ((challenge = BN_new()) == NULL)
 		fatal("auth_rsa_generate_challenge: BN_new() failed");
 	/* Generate a random challenge. */
-	BN_rand(challenge, 256, 0, 0);
+	if (BN_rand(challenge, 256, 0, 0) == 0)
+		fatal("auth_rsa_generate_challenge: BN_rand failed");
 	if ((ctx = BN_CTX_new()) == NULL)
-		fatal("auth_rsa_generate_challenge: BN_CTX_new() failed");
-	BN_mod(challenge, challenge, key->rsa->n, ctx);
+		fatal("auth_rsa_generate_challenge: BN_CTX_new failed");
+	if (BN_mod(challenge, challenge, key->rsa->n, ctx) == 0)
+		fatal("auth_rsa_generate_challenge: BN_mod failed");
 	BN_CTX_free(ctx);
 
 	return challenge;

crypto/openssh/auth.c

@@ -569,8 +569,6 @@ fakepw(void)
 	fake.pw_passwd =
 	    "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
 	fake.pw_gecos = "NOUSER";
-	fake.pw_uid = (uid_t)-1;
-	fake.pw_gid = (gid_t)-1;
 	fake.pw_uid = privsep_pw->pw_uid;
 	fake.pw_gid = privsep_pw->pw_gid;
 #ifdef HAVE_PW_CLASS_IN_PASSWD

crypto/openssh/bufbn.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: bufbn.c,v 1.3 2006/08/03 03:34:41 deraadt Exp $*/
+/* $OpenBSD: bufbn.c,v 1.4 2006/11/06 21:25:28 markus Exp $*/
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -118,7 +118,10 @@ buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value)
 		return (-1);
 	}
 	bin = buffer_ptr(buffer);
-	BN_bin2bn(bin, bytes, value);
+	if (BN_bin2bn(bin, bytes, value) == NULL) {
+		error("buffer_get_bignum_ret: BN_bin2bn failed");
+		return (-1);
+	}
 	if (buffer_consume_ret(buffer, bytes) == -1) {
 		error("buffer_get_bignum_ret: buffer_consume failed");
 		return (-1);
@@ -202,7 +205,10 @@ buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
 		xfree(bin);
 		return (-1);
 	}
-	BN_bin2bn(bin, len, value);
+	if (BN_bin2bn(bin, len, value) == NULL) {
+		error("buffer_get_bignum2_ret: BN_bin2bn failed");
+		return (-1);
+	}
 	xfree(bin);
 	return (0);
 }

crypto/openssh/buildpkg.sh.in

@@ -24,6 +24,7 @@ PKGNAME=OpenSSH
 # revisions within the same version (REV=a)
 #REV=
 SYSVINIT_NAME=opensshd
+AWK=${AWK:="nawk"}
 MAKE=${MAKE:="make"}
 SSHDUID=67	# Default privsep uid
 SSHDGID=67	# Default privsep gid
@@ -154,15 +155,22 @@ ARCH=`uname -m`
 DEF_MSG="\n"
 OS_VER=`uname -v`
 SCRIPT_SHELL=/sbin/sh
+UNAME_R=`uname -r`
 UNAME_S=`uname -s`
 case ${UNAME_S} in
 	SunOS)	UNAME_S=Solaris
+		OS_VER=${UNAME_R}
 		ARCH=`uname -p`
 		RCS_D=yes
 		DEF_MSG="(default: n)"
 		;;
-	SCO_SV)	UNAME_S=OpenServer
+	SCO_SV)	case ${UNAME_R} in
+			3.2)	UNAME_S=OpenServer5
 		OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
+				;;
+			5)	UNAME_S=OpenServer6
+				;;
+		esac
 		SCRIPT_SHELL=/bin/sh
 		RC1_D=no
 		DEF_MSG="(default: n)"
@@ -481,7 +489,7 @@ _EOF
 [ -x /usr/bin/ckyorn ]  ||  cat >> request << _EOF
 
 ckyorn() {
-# for some strange reason OpenServer has no ckyorn
+# for some strange reason OpenServer5 has no ckyorn
 # We build a striped down version here
 
 DEFAULT=n
@@ -638,7 +646,7 @@ cat >mk-proto.awk << _EOF
 _EOF
 
 find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
-	pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
+	pkgproto $PROTO_ARGS | ${AWK} -f mk-proto.awk > prototype
 
 # /usr/local is a symlink on some systems
 [ "${USR_LOCAL_IS_SYMLINK}" = yes ]  &&  {

crypto/openssh/clientloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.175 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: clientloop.c,v 1.176 2006/10/11 12:38:03 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -464,8 +464,10 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt)
 static void
 server_alive_check(void)
 {
-	if (++server_alive_timeouts > options.server_alive_count_max)
-		packet_disconnect("Timeout, server not responding.");
+	if (++server_alive_timeouts > options.server_alive_count_max) {
+		logit("Timeout, server not responding.");
+		cleanup_exit(255);
+	}
 	packet_start(SSH2_MSG_GLOBAL_REQUEST);
 	packet_put_cstring("keepalive@openssh.com");
 	packet_put_char(1);     /* boolean: want reply */

crypto/openssh/configure.ac

@@ -1,4 +1,4 @@
-# $Id: configure.ac,v 1.369 2006/10/03 16:34:35 tim Exp $
+# $Id: configure.ac,v 1.370 2006/10/06 23:07:21 dtucker Exp $
 #
 # Copyright (c) 1999-2004 Damien Miller
 #
@@ -15,7 +15,7 @@
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 
 AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
-AC_REVISION($Revision: 1.369 $)
+AC_REVISION($Revision: 1.370 $)
 AC_CONFIG_SRCDIR([ssh.c])
 
 AC_CONFIG_HEADER(config.h)
@@ -3145,7 +3145,10 @@ AC_ARG_WITH(selinux,
 		    AC_MSG_ERROR(SELinux support requires selinux.h header))
 		AC_CHECK_LIB(selinux, setexeccon, [ LIBSELINUX="-lselinux" ],
 		    AC_MSG_ERROR(SELinux support requires libselinux library))
+		save_LIBS="$LIBS"
+		LIBS="$LIBS $LIBSELINUX"
 		AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level)
+		LIBS="$save_LIBS"
 	fi ]
 )
 AC_SUBST(LIBSELINUX)

crypto/openssh/dh.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: dh.c,v 1.42 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: dh.c,v 1.43 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  *

crypto/openssh/entropy.c

@@ -36,6 +36,7 @@
 #endif
 #include <stdarg.h>
 #include <unistd.h>
+#include <signal.h>
 
 #include <openssl/rand.h>
 #include <openssl/crypto.h>

crypto/openssh/kexdhc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexdhc.c,v 1.11 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -50,7 +50,8 @@ kexdh_client(Kex *kex)
 	Key *server_host_key;
 	u_char *server_host_key_blob = NULL, *signature = NULL;
 	u_char *kbuf, *hash;
-	u_int klen, kout, slen, sbloblen, hashlen;
+	u_int klen, slen, sbloblen, hashlen;
+	int kout;
 
 	/* generate and send 'e', client DH public key */
 	switch (kex->kex_type) {
@@ -112,13 +113,15 @@ kexdh_client(Kex *kex)
 
 	klen = DH_size(dh);
 	kbuf = xmalloc(klen);
-	kout = DH_compute_key(kbuf, dh_server_pub, dh);
+	if ((kout = DH_compute_key(kbuf, dh_server_pub, dh)) < 0)
+		fatal("DH_compute_key: failed");
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexdh_client: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+		fatal("kexdh_client: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
 

crypto/openssh/kexdhs.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexdhs.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexdhs.c,v 1.9 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -52,8 +52,8 @@ kexdh_server(Kex *kex)
 	DH *dh;
 	Key *server_host_key;
 	u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
-	u_int sbloblen, klen, kout, hashlen;
-	u_int slen;
+	u_int sbloblen, klen, hashlen, slen;
+	int kout;
 
 	/* generate server DH public key */
 	switch (kex->kex_type) {
@@ -101,13 +101,15 @@ kexdh_server(Kex *kex)
 
 	klen = DH_size(dh);
 	kbuf = xmalloc(klen);
-	kout = DH_compute_key(kbuf, dh_client_pub, dh);
+	if ((kout = DH_compute_key(kbuf, dh_client_pub, dh)) < 0)
+		fatal("DH_compute_key: failed");
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexdh_server: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+		fatal("kexdh_server: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
 

crypto/openssh/kexgexc.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexgexc.c,v 1.11 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -51,7 +51,8 @@ kexgex_client(Kex *kex)
 	BIGNUM *p = NULL, *g = NULL;
 	Key *server_host_key;
 	u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
-	u_int klen, kout, slen, sbloblen, hashlen;
+	u_int klen, slen, sbloblen, hashlen;
+	int kout;
 	int min, max, nbits;
 	DH *dh;
 
@@ -150,13 +151,15 @@ kexgex_client(Kex *kex)
 
 	klen = DH_size(dh);
 	kbuf = xmalloc(klen);
-	kout = DH_compute_key(kbuf, dh_server_pub, dh);
+	if ((kout = DH_compute_key(kbuf, dh_server_pub, dh)) < 0)
+		fatal("DH_compute_key: failed");
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexgex_client: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+		fatal("kexgex_client: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
 

crypto/openssh/kexgexs.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: kexgexs.c,v 1.8 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: kexgexs.c,v 1.10 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright (c) 2000 Niels Provos.  All rights reserved.
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -55,8 +55,8 @@ kexgex_server(Kex *kex)
 	Key *server_host_key;
 	DH *dh;
 	u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
-	u_int sbloblen, klen, kout, slen, hashlen;
-	int min = -1, max = -1, nbits = -1, type;
+	u_int sbloblen, klen, slen, hashlen;
+	int min = -1, max = -1, nbits = -1, type, kout;
 
 	if (kex->load_host_key == NULL)
 		fatal("Cannot load hostkey");
@@ -134,13 +134,15 @@ kexgex_server(Kex *kex)
 
 	klen = DH_size(dh);
 	kbuf = xmalloc(klen);
-	kout = DH_compute_key(kbuf, dh_client_pub, dh);
+	if ((kout = DH_compute_key(kbuf, dh_client_pub, dh)) < 0)
+		fatal("DH_compute_key: failed");
 #ifdef DEBUG_KEXDH
 	dump_digest("shared secret", kbuf, kout);
 #endif
 	if ((shared_secret = BN_new()) == NULL)
 		fatal("kexgex_server: BN_new failed");
-	BN_bin2bn(kbuf, kout, shared_secret);
+	if (BN_bin2bn(kbuf, kout, shared_secret) == NULL)
+		fatal("kexgex_server: BN_bin2bn failed");
 	memset(kbuf, 0, klen);
 	xfree(kbuf);
 

crypto/openssh/key.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: key.c,v 1.67 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: key.c,v 1.68 2006/11/06 21:25:28 markus Exp $ */
 /*
  * read_bignum():
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -617,16 +617,18 @@ key_from_private(const Key *k)
 	switch (k->type) {
 	case KEY_DSA:
 		n = key_new(k->type);
-		BN_copy(n->dsa->p, k->dsa->p);
-		BN_copy(n->dsa->q, k->dsa->q);
-		BN_copy(n->dsa->g, k->dsa->g);
-		BN_copy(n->dsa->pub_key, k->dsa->pub_key);
+		if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
+		    (BN_copy(n->dsa->q, k->dsa->q) == NULL) ||
+		    (BN_copy(n->dsa->g, k->dsa->g) == NULL) ||
+		    (BN_copy(n->dsa->pub_key, k->dsa->pub_key) == NULL))
+			fatal("key_from_private: BN_copy failed");
 		break;
 	case KEY_RSA:
 	case KEY_RSA1:
 		n = key_new(k->type);
-		BN_copy(n->rsa->n, k->rsa->n);
-		BN_copy(n->rsa->e, k->rsa->e);
+		if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
+		    (BN_copy(n->rsa->e, k->rsa->e) == NULL))
+			fatal("key_from_private: BN_copy failed");
 		break;
 	default:
 		fatal("key_from_private: unknown type %d", k->type);

crypto/openssh/moduli.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: moduli.c,v 1.18 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: moduli.c,v 1.19 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright 1994 Phil Karn <karn@qualcomm.com>
  * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@@ -327,20 +327,26 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 
 	/* validation check: count the number of primes tried */
 	largetries = 0;
-	q = BN_new();
+	if ((q = BN_new()) == NULL)
+		fatal("BN_new failed");
 
 	/*
 	 * Generate random starting point for subprime search, or use
 	 * specified parameter.
 	 */
-	largebase = BN_new();
-	if (start == NULL)
-		BN_rand(largebase, power, 1, 1);
-	else
-		BN_copy(largebase, start);
+	if ((largebase = BN_new()) == NULL)
+		fatal("BN_new failed");
+	if (start == NULL) {
+		if (BN_rand(largebase, power, 1, 1) == 0)
+			fatal("BN_rand failed");
+	} else {
+		if (BN_copy(largebase, start) == NULL)
+			fatal("BN_copy: failed");
+	}
 
 	/* ensure odd */
-	BN_set_bit(largebase, 0);
+	if (BN_set_bit(largebase, 0) == 0)
+		fatal("BN_set_bit: failed");
 
 	time(&time_start);
 
@@ -424,8 +430,10 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
 			continue; /* Definitely composite, skip */
 
 		debug2("test q = largebase+%u", 2 * j);
-		BN_set_word(q, 2 * j);
-		BN_add(q, q, largebase);
+		if (BN_set_word(q, 2 * j) == 0)
+			fatal("BN_set_word failed");
+		if (BN_add(q, q, largebase) == 0)
+			fatal("BN_add failed");
 		if (qfileout(out, QTYPE_SOPHIE_GERMAIN, QTEST_SIEVE,
 		    largetries, (power - 1) /* MSB */, (0), q) == -1) {
 			ret = -1;
@@ -470,9 +478,12 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
 
 	time(&time_start);
 
-	p = BN_new();
-	q = BN_new();
-	ctx = BN_CTX_new();
+	if ((p = BN_new()) == NULL)
+		fatal("BN_new failed");
+	if ((q = BN_new()) == NULL)
+		fatal("BN_new failed");
+	if ((ctx = BN_CTX_new()) == NULL)
+		fatal("BN_CTX_new failed");
 
 	debug2("%.24s Final %u Miller-Rabin trials (%x generator)",
 	    ctime(&time_start), trials, generator_wanted);
@@ -520,10 +531,13 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
 		case QTYPE_SOPHIE_GERMAIN:
 			debug2("%10u: (%u) Sophie-Germain", count_in, in_type);
 			a = q;
-			BN_hex2bn(&a, cp);
+			if (BN_hex2bn(&a, cp) == 0)
+				fatal("BN_hex2bn failed");
 			/* p = 2*q + 1 */
-			BN_lshift(p, q, 1);
-			BN_add_word(p, 1);
+			if (BN_lshift(p, q, 1) == 0)
+				fatal("BN_lshift failed");
+			if (BN_add_word(p, 1) == 0)
+				fatal("BN_add_word failed");
 			in_size += 1;
 			generator_known = 0;
 			break;
@@ -534,9 +548,11 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted)
 		case QTYPE_UNKNOWN:
 			debug2("%10u: (%u)", count_in, in_type);
 			a = p;
-			BN_hex2bn(&a, cp);
+			if (BN_hex2bn(&a, cp) == 0)
+				fatal("BN_hex2bn failed");
 			/* q = (p-1) / 2 */
-			BN_rshift(q, p, 1);
+			if (BN_rshift(q, p, 1) == 0)
+				fatal("BN_rshift failed");
 			break;
 		default:
 			debug2("Unknown prime type");

crypto/openssh/monitor.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.88 2006/08/12 20:46:46 miod Exp $ */
+/* $OpenBSD: monitor.c,v 1.89 2006/11/07 10:31:31 markus Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -350,7 +350,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
 	/* The first few requests do not require asynchronous access */
 	while (!authenticated) {
 		auth_method = "unknown";
-		authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
+		authenticated = (monitor_read(pmonitor, mon_dispatch, &ent) == 1);
 		if (authenticated) {
 			if (!(ent->flags & MON_AUTHDECIDE))
 				fatal("%s: unexpected authentication from %d",
@@ -1217,7 +1217,7 @@ mm_answer_keyverify(int sock, Buffer *m)
 
 	verified = key_verify(key, signature, signaturelen, data, datalen);
 	debug3("%s: key %p signature %s",
-	    __func__, key, verified ? "verified" : "unverified");
+	    __func__, key, (verified == 1) ? "verified" : "unverified");
 
 	key_free(key);
 	xfree(blob);
@@ -1232,7 +1232,7 @@ mm_answer_keyverify(int sock, Buffer *m)
 	buffer_put_int(m, verified);
 	mm_request_send(sock, MONITOR_ANS_KEYVERIFY, m);
 
-	return (verified);
+	return (verified == 1);
 }
 
 static void

crypto/openssh/monitor_fdpass.c

@@ -29,6 +29,9 @@
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <sys/uio.h>
+#ifdef HAVE_SYS_UN_H
+#include <sys/un.h>
+#endif
 
 #include <errno.h>
 #include <string.h>

crypto/openssh/openbsd-compat/port-solaris.c

@@ -1,4 +1,4 @@
-/* $Id: port-solaris.c,v 1.2 2006/09/01 05:38:41 djm Exp $ */
+/* $Id: port-solaris.c,v 1.3 2006/10/31 23:28:49 dtucker Exp $ */
 
 /*
  * Copyright (c) 2006 Chad Mynhier.
@@ -86,18 +86,27 @@ solaris_contract_pre_fork(void)
 	debug2("%s: setting up process contract template on fd %d",
 	    __func__, tmpl_fd);
 
-	/* We have to set certain attributes before activating the template */
-	if (ct_pr_tmpl_set_fatal(tmpl_fd,
-	    CT_PR_EV_HWERR|CT_PR_EV_SIGNAL|CT_PR_EV_CORE) != 0) {
+	/* First we set the template parameters and event sets. */
+	if (ct_pr_tmpl_set_param(tmpl_fd, CT_PR_PGRPONLY) != 0) {
+		error("%s: Error setting process contract parameter set "
+		    "(pgrponly): %s", __func__, strerror(errno));
+		goto fail;
+	}
+	if (ct_pr_tmpl_set_fatal(tmpl_fd, CT_PR_EV_HWERR) != 0) {
 		error("%s: Error setting process contract template "
 		    "fatal events: %s", __func__, strerror(errno));
 		goto fail;
 	}
-	if (ct_tmpl_set_critical(tmpl_fd, CT_PR_EV_HWERR) != 0) {
+	if (ct_tmpl_set_critical(tmpl_fd, 0) != 0) {
 		error("%s: Error setting process contract template "
 		    "critical events: %s", __func__, strerror(errno));
 		goto fail;
 	}
+	if (ct_tmpl_set_informative(tmpl_fd, CT_PR_EV_HWERR) != 0) {
+		error("%s: Error setting process contract template "
+		    "informative events: %s", __func__, strerror(errno));
+		goto fail;
+	}
 
 	/* Now make this the active template for this process. */
 	if (ct_tmpl_activate(tmpl_fd) != 0) {

crypto/openssh/rsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.c,v 1.28 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: rsa.c,v 1.29 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -91,7 +91,8 @@ rsa_public_encrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 	    RSA_PKCS1_PADDING)) <= 0)
 		fatal("rsa_public_encrypt() failed");
 
-	BN_bin2bn(outbuf, len, out);
+	if (BN_bin2bn(outbuf, len, out) == NULL)
+		fatal("rsa_public_encrypt: BN_bin2bn failed");
 
 	memset(outbuf, 0, olen);
 	memset(inbuf, 0, ilen);
@@ -116,7 +117,8 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key)
 	    RSA_PKCS1_PADDING)) <= 0) {
 		error("rsa_private_decrypt() failed");
 	} else {
-		BN_bin2bn(outbuf, len, out);
+		if (BN_bin2bn(outbuf, len, out) == NULL)
+			fatal("rsa_private_decrypt: BN_bin2bn failed");
 	}
 	memset(outbuf, 0, olen);
 	memset(inbuf, 0, ilen);
@@ -137,11 +139,11 @@ rsa_generate_additional_parameters(RSA *rsa)
 	if ((ctx = BN_CTX_new()) == NULL)
 		fatal("rsa_generate_additional_parameters: BN_CTX_new failed");
 
-	BN_sub(aux, rsa->q, BN_value_one());
-	BN_mod(rsa->dmq1, rsa->d, aux, ctx);
-
-	BN_sub(aux, rsa->p, BN_value_one());
-	BN_mod(rsa->dmp1, rsa->d, aux, ctx);
+	if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) ||
+	    (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) ||
+	    (BN_sub(aux, rsa->p, BN_value_one()) == 0) ||
+	    (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0))
+		fatal("rsa_generate_additional_parameters: BN_sub/mod failed");
 
 	BN_clear_free(aux);
 	BN_CTX_free(ctx);

crypto/openssh/scard.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: scard.c,v 1.35 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: scard.c,v 1.36 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -391,15 +391,17 @@ sc_get_keys(const char *id, const char *pin)
 	keys = xcalloc((nkeys+1), sizeof(Key *));
 
 	n = key_new(KEY_RSA1);
-	BN_copy(n->rsa->n, k->rsa->n);
-	BN_copy(n->rsa->e, k->rsa->e);
+	if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
+	    (BN_copy(n->rsa->e, k->rsa->e) == NULL))
+		fatal("sc_get_keys: BN_copy failed");
 	RSA_set_method(n->rsa, sc_get_rsa());
 	n->flags |= KEY_FLAG_EXT;
 	keys[0] = n;
 
 	n = key_new(KEY_RSA);
-	BN_copy(n->rsa->n, k->rsa->n);
-	BN_copy(n->rsa->e, k->rsa->e);
+	if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
+	    (BN_copy(n->rsa->e, k->rsa->e) == NULL))
+		fatal("sc_get_keys: BN_copy failed");
 	RSA_set_method(n->rsa, sc_get_rsa());
 	n->flags |= KEY_FLAG_EXT;
 	keys[1] = n;

crypto/openssh/scard/Makefile.in

@@ -1,7 +1,8 @@
-# $Id: Makefile.in,v 1.4 2002/04/26 01:25:41 djm Exp $
+# $Id: Makefile.in,v 1.5 2006/10/23 21:44:47 tim Exp $
 
 prefix=@prefix@
 datadir=@datadir@
+datarootdir=@datarootdir@
 srcdir=@srcdir@
 top_srcdir=@top_srcdir@
 

crypto/openssh/serverloop.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.144 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: serverloop.c,v 1.145 2006/10/11 12:38:03 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -248,8 +248,10 @@ client_alive_check(void)
 	int channel_id;
 
 	/* timeout, check to see how many we have had */
-	if (++client_alive_timeouts > options.client_alive_count_max)
-		packet_disconnect("Timeout, your session not responding.");
+	if (++client_alive_timeouts > options.client_alive_count_max) {
+		logit("Timeout, client not responding.");
+		cleanup_exit(255);
+	}
 
 	/*
 	 * send a bogus global/channel request with "wantreply",

crypto/openssh/session.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.219 2006/08/29 10:40:19 djm Exp $ */
+/* $OpenBSD: session.c,v 1.220 2006/10/09 23:36:11 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved

crypto/openssh/sftp-client.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.74 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.75 2006/10/22 02:25:50 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -1134,6 +1134,8 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
 			if (status != SSH2_FX_OK) {
 				error("Couldn't write to remote file \"%s\": %s",
 				    remote_path, fx2txt(status));
+				if (showprogress)
+					stop_progress_meter();
 				do_close(conn, handle, handle_len);
 				close(local_fd);
 				xfree(data);

crypto/openssh/sftp.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp.c,v 1.92 2006/09/19 05:52:23 otto Exp $ */
+/* $OpenBSD: sftp.c,v 1.93 2006/09/30 17:48:22 ray Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -977,6 +977,7 @@ parse_args(const char **cpp, int *pflag, int *lflag, int *iflag,
 	case I_CHOWN:
 	case I_CHGRP:
 		/* Get numeric arg (mandatory) */
+		errno = 0;
 		l = strtol(cp, &cp2, base);
 		if (cp2 == cp || ((l == LONG_MIN || l == LONG_MAX) &&
 		    errno == ERANGE) || l < 0) {

crypto/openssh/ssh-agent.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.152 2006/08/04 20:46:05 stevesk Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.153 2006/10/06 02:29:19 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland

crypto/openssh/ssh-dss.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-dss.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.24 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -161,8 +161,9 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
 		fatal("ssh_dss_verify: BN_new failed");
 	if ((sig->s = BN_new()) == NULL)
 		fatal("ssh_dss_verify: BN_new failed");
-	BN_bin2bn(sigblob, INTBLOB_LEN, sig->r);
-	BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s);
+	if ((BN_bin2bn(sigblob, INTBLOB_LEN, sig->r) == NULL) ||
+	    (BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s) == NULL))
+		fatal("ssh_dss_verify: BN_bin2bn failed");
 
 	/* clean up */
 	memset(sigblob, 0, len);

crypto/openssh/ssh-keygen.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.154 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.155 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -222,7 +222,8 @@ buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
 	if (buffer_len(b) < bytes)
 		fatal("buffer_get_bignum_bits: input buffer too small: "
 		    "need %d have %d", bytes, buffer_len(b));
-	BN_bin2bn(buffer_ptr(b), bytes, value);
+	if (BN_bin2bn(buffer_ptr(b), bytes, value) == NULL)
+		fatal("buffer_get_bignum_bits: BN_bin2bn failed");
 	buffer_consume(b, bytes);
 }
 

crypto/openssh/ssh-keyscan.1

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keyscan.1,v 1.21 2005/09/30 20:34:26 jaredy Exp $
+.\"	$OpenBSD: ssh-keyscan.1,v 1.22 2006/09/25 04:55:38 ray Exp $
 .\"
 .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
 .\"
@@ -102,7 +102,7 @@ Causes
 to print debugging messages about its progress.
 .El
 .Sh SECURITY
-If a ssh_known_hosts file is constructed using
+If an ssh_known_hosts file is constructed using
 .Nm
 without verifying the keys, users will be vulnerable to
 .Em man in the middle

crypto/openssh/ssh-keyscan.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keyscan.c,v 1.73 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh-keyscan.c,v 1.74 2006/10/06 02:29:19 djm Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
  *

crypto/openssh/ssh.1

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.263 2006/07/11 18:50:48 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.265 2006/10/28 18:08:10 otto Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -1077,12 +1077,22 @@ controls whether the server supports this,
 and at what level (layer 2 or 3 traffic).
 .Pp
 The following example would connect client network 10.0.50.0/24
-with remote network 10.0.99.0/24, provided that the SSH server
-running on the gateway to the remote network,
-at 192.168.1.15, allows it:
+with remote network 10.0.99.0/24 using a point-to-point connection
+from 10.1.1.1 to 10.1.1.2,
+provided that the SSH server running on the gateway to the remote network,
+at 192.168.1.15, allows it.
+.Pp
+On the client:
 .Bd -literal -offset indent
 # ssh -f -w 0:1 192.168.1.15 true
-# ifconfig tun0 10.0.50.1 10.0.99.1 netmask 255.255.255.252
+# ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252
+# route add 10.0.99.0/24 10.1.1.2
+.Ed
+.Pp
+On the server:
+.Bd -literal -offset indent
+# ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.252
+# route add 10.0.50.0/24 10.1.1.1
 .Ed
 .Pp
 Client access may be more finely tuned via the
@@ -1105,7 +1115,7 @@ tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
 tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john
 .Ed
 .Pp
-Since a SSH-based setup entails a fair amount of overhead,
+Since an SSH-based setup entails a fair amount of overhead,
 it may be more suited to temporary setups,
 such as for wireless VPNs.
 More permanent VPNs are better provided by tools such as

crypto/openssh/ssh.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.293 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: ssh.c,v 1.294 2006/10/06 02:29:19 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland

crypto/openssh/sshconnect.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.199 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.200 2006/10/10 10:12:45 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -324,9 +324,11 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
 		    gai_strerror(gaierr));
 
 	for (attempt = 0; attempt < connection_attempts; attempt++) {
-		if (attempt > 0)
+		if (attempt > 0) {
+			/* Sleep a moment before retrying. */
+			sleep(1);
 			debug("Trying again...");
-
+		}
 		/*
 		 * Loop through addresses for this host, and try each one in
 		 * sequence until the connection succeeds.
@@ -363,9 +365,6 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
 		}
 		if (sock != -1)
 			break;	/* Successful connection. */
-
-		/* Sleep a moment before retrying. */
-		sleep(1);
 	}
 
 	freeaddrinfo(aitop);

crypto/openssh/sshconnect1.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect1.c,v 1.69 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -563,14 +563,20 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
 	 * the first 16 bytes of the session id.
 	 */
 	if ((key = BN_new()) == NULL)
-		fatal("respond_to_rsa_challenge: BN_new failed");
-	BN_set_word(key, 0);
+		fatal("ssh_kex: BN_new failed");
+	if (BN_set_word(key, 0) == 0)
+		fatal("ssh_kex: BN_set_word failed");
 	for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
-		BN_lshift(key, key, 8);
-		if (i < 16)
-			BN_add_word(key, session_key[i] ^ session_id[i]);
-		else
-			BN_add_word(key, session_key[i]);
+		if (BN_lshift(key, key, 8) == 0)
+			fatal("ssh_kex: BN_lshift failed");
+		if (i < 16) {
+			if (BN_add_word(key, session_key[i] ^ session_id[i])
+			    == 0)
+				fatal("ssh_kex: BN_add_word failed");
+		} else {
+			if (BN_add_word(key, session_key[i]) == 0)
+				fatal("ssh_kex: BN_add_word failed");
+		}
 	}
 
 	/*

crypto/openssh/sshd.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.347 2006/08/18 09:15:20 markus Exp $ */
+/* $OpenBSD: sshd.c,v 1.348 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1431,13 +1431,17 @@ main(int ac, char **av)
 
 	debug("sshd version %.100s", SSH_RELEASE);
 
-	/* Store privilege separation user for later use */
-	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL)
-		fatal("Privilege separation user %s does not exist",
-		    SSH_PRIVSEP_USER);
-	memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
-	privsep_pw->pw_passwd = "*";
-	privsep_pw = pwcopy(privsep_pw);
+	/* Store privilege separation user for later use if required. */
+	if ((privsep_pw = getpwnam(SSH_PRIVSEP_USER)) == NULL) {
+		if (use_privsep || options.kerberos_authentication)
+			fatal("Privilege separation user %s does not exist",
+			    SSH_PRIVSEP_USER);
+	} else {
+		memset(privsep_pw->pw_passwd, 0, strlen(privsep_pw->pw_passwd));
+		privsep_pw = pwcopy(privsep_pw);
+		xfree(privsep_pw->pw_passwd);
+		privsep_pw->pw_passwd = xstrdup("*");
+	}
 	endpwent();
 
 	/* load private host keys */
@@ -2009,10 +2013,10 @@ do_ssh1_kex(void)
 	 * key is in the highest bits.
 	 */
 	if (!rsafail) {
-		BN_mask_bits(session_key_int, sizeof(session_key) * 8);
+		(void) BN_mask_bits(session_key_int, sizeof(session_key) * 8);
 		len = BN_num_bytes(session_key_int);
 		if (len < 0 || (u_int)len > sizeof(session_key)) {
-			error("do_connection: bad session key len from %s: "
+			error("do_ssh1_kex: bad session key len from %s: "
 			    "session_key_int %d > sizeof(session_key) %lu",
 			    get_remote_ipaddr(), len, (u_long)sizeof(session_key));
 			rsafail++;

crypto/openssh/version.h

@@ -1,6 +1,6 @@
-/* $OpenBSD: version.h,v 1.47 2006/08/30 00:14:37 djm Exp $ */
+/* $OpenBSD: version.h,v 1.48 2006/11/07 10:31:31 markus Exp $ */
 
-#define SSH_VERSION	"OpenSSH_4.4"
+#define SSH_VERSION	"OpenSSH_4.5"
 
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE