Vendor import of OpenSSH 4.3p1.
This commit is contained in:
parent
043840df5b
commit
021d409f5b
@ -1,3 +1,832 @@
|
||||
20060201
|
||||
- (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to
|
||||
determine the user's login name - needed for regress tests on Solaris
|
||||
10 and OpenSolaris
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2006/02/01 09:06:50
|
||||
[sshd.8]
|
||||
- merge sections on protocols 1 and 2 into a single section
|
||||
- remove configuration file section
|
||||
ok markus
|
||||
- jmc@cvs.openbsd.org 2006/02/01 09:11:41
|
||||
[sshd.8]
|
||||
small tweak;
|
||||
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
|
||||
[contrib/suse/openssh.spec] Update versions ahead of release
|
||||
- markus@cvs.openbsd.org 2006/02/01 11:27:22
|
||||
[version.h]
|
||||
openssh 4.3
|
||||
- (djm) Release OpenSSH 4.3p1
|
||||
|
||||
20060131
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2006/01/20 11:21:45
|
||||
[ssh_config.5]
|
||||
- word change, agreed w/ markus
|
||||
- consistency fixes
|
||||
- jmc@cvs.openbsd.org 2006/01/25 09:04:34
|
||||
[sshd.8]
|
||||
move the options description up the page, and a few additional tweaks
|
||||
whilst in here;
|
||||
ok markus
|
||||
- jmc@cvs.openbsd.org 2006/01/25 09:07:22
|
||||
[sshd.8]
|
||||
move subsections to full sections;
|
||||
- jmc@cvs.openbsd.org 2006/01/26 08:47:56
|
||||
[ssh.1]
|
||||
add a section on verifying host keys in dns;
|
||||
written with a lot of help from jakob;
|
||||
feedback dtucker/markus;
|
||||
ok markus
|
||||
- reyk@cvs.openbsd.org 2006/01/30 12:22:22
|
||||
[channels.c]
|
||||
mark channel as write failed or dead instead of read failed on error
|
||||
of the channel output filter.
|
||||
ok markus@
|
||||
- jmc@cvs.openbsd.org 2006/01/30 13:37:49
|
||||
[ssh.1]
|
||||
remove an incorrect sentence;
|
||||
reported by roumen petrov;
|
||||
ok djm markus
|
||||
- djm@cvs.openbsd.org 2006/01/31 10:19:02
|
||||
[misc.c misc.h scp.c sftp.c]
|
||||
fix local arbitrary command execution vulnerability on local/local and
|
||||
remote/remote copies (CVE-2006-0225, bz #1094), patch by
|
||||
t8m AT centrum.cz, polished by dtucker@ and myself; ok markus@
|
||||
- djm@cvs.openbsd.org 2006/01/31 10:35:43
|
||||
[scp.c]
|
||||
"scp a b c" shouldn't clobber "c" when it is not a directory, report and
|
||||
fix from biorn@; ok markus@
|
||||
- (djm) Sync regress tests to OpenBSD:
|
||||
- dtucker@cvs.openbsd.org 2005/03/10 10:20:39
|
||||
[regress/forwarding.sh]
|
||||
Regress test for ClearAllForwardings (bz #994); ok markus@
|
||||
- dtucker@cvs.openbsd.org 2005/04/25 09:54:09
|
||||
[regress/multiplex.sh]
|
||||
Don't call cleanup in multiplex as test-exec will cleanup anyway
|
||||
found by tim@, ok djm@
|
||||
NB. ID sync only, we already had this
|
||||
- djm@cvs.openbsd.org 2005/05/20 23:14:15
|
||||
[regress/test-exec.sh]
|
||||
force addressfamily=inet for tests, unbreaking dynamic-forward regress for
|
||||
recently committed nc SOCKS5 changes
|
||||
- djm@cvs.openbsd.org 2005/05/24 04:10:54
|
||||
[regress/try-ciphers.sh]
|
||||
oops, new arcfour modes here too
|
||||
- markus@cvs.openbsd.org 2005/06/30 11:02:37
|
||||
[regress/scp.sh]
|
||||
allow SUDO=sudo; from Alexander Bluhm
|
||||
- grunk@cvs.openbsd.org 2005/11/14 21:25:56
|
||||
[regress/agent-getpeereid.sh]
|
||||
all other scripts in this dir use $SUDO, not 'sudo', so pull this even
|
||||
ok markus@
|
||||
- dtucker@cvs.openbsd.org 2005/12/14 04:36:39
|
||||
[regress/scp-ssh-wrapper.sh]
|
||||
Fix assumption about how many args scp will pass; ok djm@
|
||||
NB. ID sync only, we already had this
|
||||
- djm@cvs.openbsd.org 2006/01/27 06:49:21
|
||||
[scp.sh]
|
||||
regress test for local to local scp copies; ok dtucker@
|
||||
- djm@cvs.openbsd.org 2006/01/31 10:23:23
|
||||
[scp.sh]
|
||||
regression test for CVE-2006-0225 written by dtucker@
|
||||
- djm@cvs.openbsd.org 2006/01/31 10:36:33
|
||||
[scp.sh]
|
||||
regress test for "scp a b c" where "c" is not a directory
|
||||
|
||||
20060129
|
||||
- (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the
|
||||
opensshd.init script interpretter if /sbin/sh does not exist. ok tim@
|
||||
|
||||
20060120
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2006/01/15 17:37:05
|
||||
[ssh.1]
|
||||
correction from deraadt
|
||||
- jmc@cvs.openbsd.org 2006/01/18 10:53:29
|
||||
[ssh.1]
|
||||
add a section on ssh-based vpn, based on reyk's README.tun;
|
||||
- dtucker@cvs.openbsd.org 2006/01/20 00:14:55
|
||||
[scp.1 ssh.1 ssh_config.5 sftp.1]
|
||||
Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot
|
||||
#1056 with feedback from jmc, djm and markus; ok jmc@ djm@
|
||||
|
||||
20060114
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2006/01/06 13:27:32
|
||||
[ssh.1]
|
||||
weed out some duplicate info in the known_hosts FILES entries;
|
||||
ok djm
|
||||
- jmc@cvs.openbsd.org 2006/01/06 13:29:10
|
||||
[ssh.1]
|
||||
final round of whacking FILES for duplicate info, and some consistency
|
||||
fixes;
|
||||
ok djm
|
||||
- jmc@cvs.openbsd.org 2006/01/12 14:44:12
|
||||
[ssh.1]
|
||||
split sections on tcp and x11 forwarding into two sections.
|
||||
add an example in the tcp section, based on sth i wrote for ssh faq;
|
||||
help + ok: djm markus dtucker
|
||||
- jmc@cvs.openbsd.org 2006/01/12 18:48:48
|
||||
[ssh.1]
|
||||
refer to `TCP' rather than `TCP/IP' in the context of connection
|
||||
forwarding;
|
||||
ok markus
|
||||
- jmc@cvs.openbsd.org 2006/01/12 22:20:00
|
||||
[sshd.8]
|
||||
refer to TCP forwarding, rather than TCP/IP forwarding;
|
||||
- jmc@cvs.openbsd.org 2006/01/12 22:26:02
|
||||
[ssh_config.5]
|
||||
refer to TCP forwarding, rather than TCP/IP forwarding;
|
||||
- jmc@cvs.openbsd.org 2006/01/12 22:34:12
|
||||
[ssh.1]
|
||||
back out a sentence - AUTHENTICATION already documents this;
|
||||
|
||||
20060109
|
||||
- (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on
|
||||
tcpip service so it's always started after IP is up. Patch from
|
||||
vinschen at redhat.com.
|
||||
|
||||
20060106
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2006/01/03 16:31:10
|
||||
[ssh.1]
|
||||
move FILES to a -compact list, and make each files an item in that list.
|
||||
this avoids nastly line wrap when we have long pathnames, and treats
|
||||
each file as a separate item;
|
||||
remove the .Pa too, since it is useless.
|
||||
- jmc@cvs.openbsd.org 2006/01/03 16:35:30
|
||||
[ssh.1]
|
||||
use a larger width for the ENVIRONMENT list;
|
||||
- jmc@cvs.openbsd.org 2006/01/03 16:52:36
|
||||
[ssh.1]
|
||||
put FILES in some sort of order: sort by pathname
|
||||
- jmc@cvs.openbsd.org 2006/01/03 16:55:18
|
||||
[ssh.1]
|
||||
tweak the description of ~/.ssh/environment
|
||||
- jmc@cvs.openbsd.org 2006/01/04 18:42:46
|
||||
[ssh.1]
|
||||
chop out some duplication in the .{r,s}hosts/{h,sh}osts.equiv FILES
|
||||
entries;
|
||||
ok markus
|
||||
- jmc@cvs.openbsd.org 2006/01/04 18:45:01
|
||||
[ssh.1]
|
||||
remove .Xr's to rsh(1) and telnet(1): they are hardly needed;
|
||||
- jmc@cvs.openbsd.org 2006/01/04 19:40:24
|
||||
[ssh.1]
|
||||
+.Xr ssh-keyscan 1 ,
|
||||
- jmc@cvs.openbsd.org 2006/01/04 19:50:09
|
||||
[ssh.1]
|
||||
-.Xr gzip 1 ,
|
||||
- djm@cvs.openbsd.org 2006/01/05 23:43:53
|
||||
[misc.c]
|
||||
check that stdio file descriptors are actually closed before clobbering
|
||||
them in sanitise_stdfd(). problems occurred when a lower numbered fd was
|
||||
closed, but higher ones weren't. spotted by, and patch tested by
|
||||
Frédéric Olivié
|
||||
|
||||
20060103
|
||||
- (djm) [channels.c] clean up harmless merge error, from reyk@
|
||||
|
||||
20060103
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2006/01/02 17:09:49
|
||||
[ssh_config.5 sshd_config.5]
|
||||
some corrections from michael knudsen;
|
||||
|
||||
20060102
|
||||
- (djm) [README.tun] Add README.tun, missed during sync of tun(4) support
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2005/12/31 10:46:17
|
||||
[ssh.1]
|
||||
merge the "LOGIN SESSION AND REMOTE EXECUTION" and "SERVER
|
||||
AUTHENTICATION" sections into "AUTHENTICATION";
|
||||
some rewording done to make the text read better, plus some
|
||||
improvements from djm;
|
||||
ok djm
|
||||
- jmc@cvs.openbsd.org 2005/12/31 13:44:04
|
||||
[ssh.1]
|
||||
clean up ENVIRONMENT a little;
|
||||
- jmc@cvs.openbsd.org 2005/12/31 13:45:19
|
||||
[ssh.1]
|
||||
.Nm does not require an argument;
|
||||
- stevesk@cvs.openbsd.org 2006/01/01 08:59:27
|
||||
[includes.h misc.c]
|
||||
move <net/if.h>; ok djm@
|
||||
- stevesk@cvs.openbsd.org 2006/01/01 10:08:48
|
||||
[misc.c]
|
||||
no trailing "\n" for debug()
|
||||
- djm@cvs.openbsd.org 2006/01/02 01:20:31
|
||||
[sftp-client.c sftp-common.h sftp-server.c]
|
||||
use a common max. packet length, no binary change
|
||||
- reyk@cvs.openbsd.org 2006/01/02 07:53:44
|
||||
[misc.c]
|
||||
clarify tun(4) opening - set the mode and bring the interface up. also
|
||||
(re)sets the tun(4) layer 2 LINK0 flag for existing tunnel interfaces.
|
||||
suggested and ok by djm@
|
||||
- jmc@cvs.openbsd.org 2006/01/02 12:31:06
|
||||
[ssh.1]
|
||||
start to cut some duplicate info from FILES;
|
||||
help/ok djm
|
||||
|
||||
20060101
|
||||
- (djm) [Makefile.in configure.ac includes.h misc.c]
|
||||
[openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
|
||||
for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
|
||||
limited to IPv4 tunnels only, and most versions don't support the
|
||||
tap(4) device at all.
|
||||
- (djm) [configure.ac] Fix linux/if_tun.h test
|
||||
- (djm) [openbsd-compat/port-tun.c] Linux needs linux/if.h too
|
||||
|
||||
20051229
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- stevesk@cvs.openbsd.org 2005/12/28 22:46:06
|
||||
[canohost.c channels.c clientloop.c]
|
||||
use 'break-in' for consistency; ok deraadt@ ok and input jmc@
|
||||
- reyk@cvs.openbsd.org 2005/12/30 15:56:37
|
||||
[channels.c channels.h clientloop.c]
|
||||
add channel output filter interface.
|
||||
ok djm@, suggested by markus@
|
||||
- jmc@cvs.openbsd.org 2005/12/30 16:59:00
|
||||
[sftp.1]
|
||||
do not suggest that interactive authentication will work
|
||||
with the -b flag;
|
||||
based on a diff from john l. scarfone;
|
||||
ok djm
|
||||
- stevesk@cvs.openbsd.org 2005/12/31 01:38:45
|
||||
[ssh.1]
|
||||
document -MM; ok djm@
|
||||
- (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
|
||||
[serverloop.c ssh.c openbsd-compat/Makefile.in]
|
||||
[openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
|
||||
compatability support for Linux, diff from reyk@
|
||||
- (djm) [configure.ac] Disable Linux tun(4) compat code if linux/tun.h does
|
||||
not exist
|
||||
- (djm) [configure.ac] oops, make that linux/if_tun.h
|
||||
|
||||
20051229
|
||||
- (tim) [buildpkg.sh.in] grep for $SSHDUID instead of $SSHDGID on /etc/passwd
|
||||
|
||||
20051224
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2005/12/20 21:59:43
|
||||
[ssh.1]
|
||||
merge the sections on protocols 1 and 2 into one section on
|
||||
authentication;
|
||||
feedback djm dtucker
|
||||
ok deraadt markus dtucker
|
||||
- jmc@cvs.openbsd.org 2005/12/20 22:02:50
|
||||
[ssh.1]
|
||||
.Ss -> .Sh: subsections have not made this page more readable
|
||||
- jmc@cvs.openbsd.org 2005/12/20 22:09:41
|
||||
[ssh.1]
|
||||
move info on ssh return values and config files up into the main
|
||||
description;
|
||||
- jmc@cvs.openbsd.org 2005/12/21 11:48:16
|
||||
[ssh.1]
|
||||
-L and -R descriptions are now above, not below, ~C description;
|
||||
- jmc@cvs.openbsd.org 2005/12/21 11:57:25
|
||||
[ssh.1]
|
||||
options now described `above', rather than `later';
|
||||
- jmc@cvs.openbsd.org 2005/12/21 12:53:31
|
||||
[ssh.1]
|
||||
-Y does X11 forwarding too;
|
||||
ok markus
|
||||
- stevesk@cvs.openbsd.org 2005/12/21 22:44:26
|
||||
[sshd.8]
|
||||
clarify precedence of -p, Port, ListenAddress; ok and help jmc@
|
||||
- jmc@cvs.openbsd.org 2005/12/22 10:31:40
|
||||
[ssh_config.5]
|
||||
put the description of "UsePrivilegedPort" in the correct place;
|
||||
- jmc@cvs.openbsd.org 2005/12/22 11:23:42
|
||||
[ssh.1]
|
||||
expand the description of -w somewhat;
|
||||
help/ok reyk
|
||||
- jmc@cvs.openbsd.org 2005/12/23 14:55:53
|
||||
[ssh.1]
|
||||
- sync the description of -e w/ synopsis
|
||||
- simplify the description of -I
|
||||
- note that -I is only available if support compiled in, and that it
|
||||
isn't by default
|
||||
feedback/ok djm@
|
||||
- jmc@cvs.openbsd.org 2005/12/23 23:46:23
|
||||
[ssh.1]
|
||||
less mark up for -c;
|
||||
- djm@cvs.openbsd.org 2005/12/24 02:27:41
|
||||
[session.c sshd.c]
|
||||
eliminate some code duplicated in privsep and non-privsep paths, and
|
||||
explicitly clear SIGALRM handler; "groovy" deraadt@
|
||||
|
||||
20051220
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- reyk@cvs.openbsd.org 2005/12/13 15:03:02
|
||||
[serverloop.c]
|
||||
if forced_tun_device is not set, it is -1 and not SSH_TUNID_ANY
|
||||
- jmc@cvs.openbsd.org 2005/12/16 18:07:08
|
||||
[ssh.1]
|
||||
move the option descriptions up the page: start of a restructure;
|
||||
ok markus deraadt
|
||||
- jmc@cvs.openbsd.org 2005/12/16 18:08:53
|
||||
[ssh.1]
|
||||
simplify a sentence;
|
||||
- jmc@cvs.openbsd.org 2005/12/16 18:12:22
|
||||
[ssh.1]
|
||||
make the description of -c a little nicer;
|
||||
- jmc@cvs.openbsd.org 2005/12/16 18:14:40
|
||||
[ssh.1]
|
||||
signpost the protocol sections;
|
||||
- stevesk@cvs.openbsd.org 2005/12/17 21:13:05
|
||||
[ssh_config.5 session.c]
|
||||
spelling: fowarding, fowarded
|
||||
- stevesk@cvs.openbsd.org 2005/12/17 21:36:42
|
||||
[ssh_config.5]
|
||||
spelling: intented -> intended
|
||||
- dtucker@cvs.openbsd.org 2005/12/20 04:41:07
|
||||
[ssh.c]
|
||||
exit(255) on error to match description in ssh(1); bz #1137; ok deraadt@
|
||||
|
||||
20051219
|
||||
- (dtucker) [cipher-aes.c cipher-ctr.c cipher.c configure.ac
|
||||
openbsd-compat/openssl-compat.h] Check for and work around broken AES
|
||||
ciphers >128bit on (some) Solaris 10 systems. ok djm@
|
||||
|
||||
20051217
|
||||
- (dtucker) [defines.h] HP-UX system headers define "YES" and "NO" which
|
||||
scp.c also uses, so undef them here.
|
||||
- (dtucker) [configure.ac openbsd-compat/bsd-snprintf.c] Bug #1133: Our
|
||||
snprintf replacement can have a conflicting declaration in HP-UX's system
|
||||
headers (const vs. no const) so we now check for and work around it. Patch
|
||||
from the dynamic duo of David Leonard and Ted Percival.
|
||||
|
||||
20051214
|
||||
- (dtucker) OpenBSD CVS Sync (regress/)
|
||||
- dtucker@cvs.openbsd.org 2005/12/30 04:36:39
|
||||
[regress/scp-ssh-wrapper.sh]
|
||||
Fix assumption about how many args scp will pass; ok djm@
|
||||
|
||||
20051213
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2005/11/30 11:18:27
|
||||
[ssh.1]
|
||||
timezone -> time zone
|
||||
- jmc@cvs.openbsd.org 2005/11/30 11:45:20
|
||||
[ssh.1]
|
||||
avoid ambiguities in describing TZ;
|
||||
ok djm@
|
||||
- reyk@cvs.openbsd.org 2005/12/06 22:38:28
|
||||
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
|
||||
[misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
|
||||
[serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
|
||||
[sshconnect.h sshd.8 sshd_config sshd_config.5]
|
||||
Add support for tun(4) forwarding over OpenSSH, based on an idea and
|
||||
initial channel code bits by markus@. This is a simple and easy way to
|
||||
use OpenSSH for ad hoc virtual private network connections, e.g.
|
||||
administrative tunnels or secure wireless access. It's based on a new
|
||||
ssh channel and works similar to the existing TCP forwarding support,
|
||||
except that it depends on the tun(4) network interface on both ends of
|
||||
the connection for layer 2 or layer 3 tunneling. This diff also adds
|
||||
support for LocalCommand in the ssh(1) client.
|
||||
ok djm@, markus@, jmc@ (manpages), tested and discussed with others
|
||||
- djm@cvs.openbsd.org 2005/12/07 03:52:22
|
||||
[clientloop.c]
|
||||
reyk forgot to compile with -Werror (missing header)
|
||||
- jmc@cvs.openbsd.org 2005/12/07 10:52:13
|
||||
[ssh.1]
|
||||
- avoid line split in SYNOPSIS
|
||||
- add args to -w
|
||||
- kill trailing whitespace
|
||||
- jmc@cvs.openbsd.org 2005/12/08 14:59:44
|
||||
[ssh.1 ssh_config.5]
|
||||
make `!command' a little clearer;
|
||||
ok reyk
|
||||
- jmc@cvs.openbsd.org 2005/12/08 15:06:29
|
||||
[ssh_config.5]
|
||||
keep options in order;
|
||||
- reyk@cvs.openbsd.org 2005/12/08 18:34:11
|
||||
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
|
||||
[serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
|
||||
two changes to the new ssh tunnel support. this breaks compatibility
|
||||
with the initial commit but is required for a portable approach.
|
||||
- make the tunnel id u_int and platform friendly, use predefined types.
|
||||
- support configuration of layer 2 (ethernet) or layer 3
|
||||
(point-to-point, default) modes. configuration is done using the
|
||||
Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
|
||||
restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
|
||||
in sshd_config(5).
|
||||
ok djm@, man page bits by jmc@
|
||||
- jmc@cvs.openbsd.org 2005/12/08 21:37:50
|
||||
[ssh_config.5]
|
||||
new sentence, new line;
|
||||
- markus@cvs.openbsd.org 2005/12/12 13:46:18
|
||||
[channels.c channels.h session.c]
|
||||
make sure protocol messages for internal channels are ignored.
|
||||
allow adjust messages for non-open channels; with and ok djm@
|
||||
- (djm) [misc.c] Disable tunnel code for non-OpenBSD (for now), enable
|
||||
again by providing a sys_tun_open() function for your platform and
|
||||
setting the CUSTOM_SYS_TUN_OPEN define. More work is required to match
|
||||
OpenBSD's tunnel protocol, which prepends the address family to the
|
||||
packet
|
||||
|
||||
20051201
|
||||
- (djm) [envpass.sh] Remove regress script that was accidentally committed
|
||||
in top level directory and not noticed for over a year :)
|
||||
|
||||
20051129
|
||||
- (tim) [ssh-keygen.c] Move DSA length test after setting default when
|
||||
bits == 0.
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- dtucker@cvs.openbsd.org 2005/11/29 02:04:55
|
||||
[ssh-keygen.c]
|
||||
Populate default key sizes before checking them; from & ok tim@
|
||||
- (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string)
|
||||
for UnixWare.
|
||||
|
||||
20051128
|
||||
- (dtucker) [regress/yes-head.sh] Work around breakage caused by some
|
||||
versions of GNU head. Based on patch from zappaman at buraphalinux.org
|
||||
- (dtucker) [includes.h] Bug #1122: __USE_GNU is a glibc internal macro, use
|
||||
_GNU_SOURCE instead. Patch from t8m at centrum.cz.
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- dtucker@cvs.openbsd.org 2005/11/28 05:16:53
|
||||
[ssh-keygen.1 ssh-keygen.c]
|
||||
Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
|
||||
increase minumum RSA key size to 768 bits and update man page to reflect
|
||||
these. Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
|
||||
ok djm@, grudging ok deraadt@.
|
||||
- dtucker@cvs.openbsd.org 2005/11/28 06:02:56
|
||||
[ssh-agent.1]
|
||||
Update agent socket path templates to reflect reality, correct xref for
|
||||
time formats. bz#1121, patch from openssh at roumenpetrov.info, ok djm@
|
||||
|
||||
20051126
|
||||
- (dtucker) [configure.ac] Bug #1126: AIX 5.2 and 5.3 (and presumably newer,
|
||||
when they're available) need the real UID set otherwise pam_chauthtok will
|
||||
set ADMCHG after changing the password, forcing the user to change it
|
||||
again immediately.
|
||||
|
||||
20051125
|
||||
- (dtucker) [configure.ac] Apply tim's fix for older systems where the
|
||||
resolver state in resolv.h is "state" not "__res_state". With slight
|
||||
modification by me to also work on old AIXes. ok djm@
|
||||
- (dtucker) [progressmeter.c scp.c sftp-server.c] Use correct casts for
|
||||
snprintf formats, fixes warnings on some 64 bit platforms. Patch from
|
||||
shaw at vranix.com, ok djm@
|
||||
|
||||
20051124
|
||||
- (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bsd-asprintf.c
|
||||
openbsd-compat/bsd-snprintf.c openbsd-compat/openbsd-compat.h] Add an
|
||||
asprintf() implementation, after syncing our {v,}snprintf() implementation
|
||||
with some extra fixes from Samba's version. With help and debugging from
|
||||
dtucker and tim; ok dtucker@
|
||||
- (dtucker) [configure.ac] Fix typos in comments and AC_SEARCH_LIB argument
|
||||
order in Reliant Unix block. Patch from johane at lysator.liu.se.
|
||||
- (dtucker) [regress/test-exec.sh] Use 1024 bit keys since we generate so
|
||||
many and use them only once. Speeds up testing on older/slower hardware.
|
||||
|
||||
20051122
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- deraadt@cvs.openbsd.org 2005/11/12 18:37:59
|
||||
[ssh-add.c]
|
||||
space
|
||||
- deraadt@cvs.openbsd.org 2005/11/12 18:38:15
|
||||
[scp.c]
|
||||
avoid close(-1), as in rcp; ok cloder
|
||||
- millert@cvs.openbsd.org 2005/11/15 11:59:54
|
||||
[includes.h]
|
||||
Include sys/queue.h explicitly instead of assuming some other header
|
||||
will pull it in. At the moment it gets pulled in by sys/select.h
|
||||
(which ssh has no business including) via event.h. OK markus@
|
||||
(ID sync only in -portable)
|
||||
- dtucker@cvs.openbsd.org 2005/11/21 09:42:10
|
||||
[auth-krb5.c]
|
||||
Perform Kerberos calls even for invalid users to prevent leaking
|
||||
information about account validity. bz #975, patch originally from
|
||||
Senthil Kumar, sanity checked by Simon Wilkinson, tested by djm@, biorn@,
|
||||
ok markus@
|
||||
- dtucker@cvs.openbsd.org 2005/11/22 03:36:03
|
||||
[hostfile.c]
|
||||
Correct format/arguments to debug call; spotted by shaw at vranix.com
|
||||
ok djm@
|
||||
- (dtucker) [loginrec.c] Add casts to prevent compiler warnings, patch
|
||||
from shaw at vranix.com.
|
||||
|
||||
20051120
|
||||
- (dtucker) [openbsd-compat/openssl-compat.h] Add comment explaining what
|
||||
is going on.
|
||||
|
||||
20051112
|
||||
- (dtucker) [openbsd-compat/getrrsetbyname.c] Restore Portable-specific
|
||||
ifdef lost during sync. Spotted by tim@.
|
||||
- (dtucker) [openbsd-compat/{realpath.c,stroll.c,rresvport.c}] $OpenBSD tag.
|
||||
- (dtucker) [configure.ac] Use "$AWK" instead of "awk" in gcc version test.
|
||||
- (dtucker) [configure.ac] Remove duplicate utimes() check. ok djm@
|
||||
- (dtucker) [regress/reconfigure.sh] Fix potential race in the reconfigure
|
||||
test: if sshd takes too long to reconfigure the subsequent connection will
|
||||
fail. Zap pidfile before HUPing sshd which will rewrite it when it's ready.
|
||||
|
||||
20051110
|
||||
- (dtucker) [openbsd-compat/setenv.c] Merge changes for __findenv from
|
||||
OpenBSD getenv.c revs 1.4 - 1.8 (ANSIfication of arguments, removal of
|
||||
"register").
|
||||
- (dtucker) [openbsd-compat/setenv.c] Make __findenv static, remove
|
||||
unnecessary prototype.
|
||||
- (dtucker) [openbsd-compat/setenv.c] Sync changes from OpenBSD setenv.c
|
||||
revs 1.7 - 1.9.
|
||||
- (dtucker) [auth-krb5.c] Fix -Wsign-compare warning in non-Heimdal path.
|
||||
Patch from djm@.
|
||||
- (dtucker) [configure.ac] Disable pointer-sign warnings on gcc 4.0+
|
||||
since they're not useful right now. Patch from djm@.
|
||||
- (dtucker) [openbsd-compat/getgrouplist.c] Sync OpenBSD revs 1.10 - 1.2 (ANSI
|
||||
prototypes, removal of "register").
|
||||
- (dtucker) [openbsd-compat/strlcat.c] Sync OpenBSD revs 1.11 - 1.12 (removal
|
||||
of "register").
|
||||
- (dtucker) [openbsd-compat/{LOTS}] Move the "OPENBSD ORIGINAL" markers to
|
||||
after the copyright notices. Having them at the top next to the CVSIDs
|
||||
guarantees a conflict for each and every sync.
|
||||
- (dtucker) [openbsd-compat/strlcpy.c] Update from OpenBSD 1.8 -> 1.10.
|
||||
- (dtucker) [openbsd-compat/sigact.h] Add "OPENBSD ORIGINAL" marker.
|
||||
- (dtucker) [openbsd-compat/strmode.c] Update from OpenBSD 1.5 -> 1.7.
|
||||
Removal of rcsid, "whiteout" inode type.
|
||||
- (dtucker) [openbsd-compat/basename.c] Update from OpenBSD 1.11 -> 1.14.
|
||||
Removal of rcsid, will no longer strlcpy parts of the string.
|
||||
- (dtucker) [openbsd-compat/strtoll.c] Update from OpenBSD 1.4 -> 1.5.
|
||||
- (dtucker) [openbsd-compat/strtoul.c] Update from OpenBSD 1.5 -> 1.7.
|
||||
- (dtucker) [openbsd-compat/readpassphrase.c] Update from OpenBSD 1.16 -> 1.18.
|
||||
- (dtucker) [openbsd-compat/readpassphrase.h] Update from OpenBSD 1.3 -> 1.5.
|
||||
- (dtucker) [openbsd-compat/glob.c] Update from OpenBSD 1.22 -> 1.25.
|
||||
- (dtucker) [openbsd-compat/glob.h] Update from OpenBSD 1.8 -> 1.9.
|
||||
- (dtucker) [openbsd-compat/getcwd.c] Update from OpenBSD 1.9 -> 1.14.
|
||||
- (dtucker) [openbsd-compat/getcwd.c] Replace lstat with fstat to match up
|
||||
with OpenBSD code since we don't support platforms without fstat any more.
|
||||
- (dtucker) [openbsd-compat/inet_aton.c] Update from OpenBSD 1.7 -> 1.9.
|
||||
- (dtucker) [openbsd-compat/inet_ntoa.c] Update from OpenBSD 1.4 -> 1.6.
|
||||
- (dtucker) [openbsd-compat/inet_ntop.c] Update from OpenBSD 1.5 -> 1.7.
|
||||
- (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.5 -> 1.6.
|
||||
- (dtucker) [openbsd-compat/strsep.c] Update from OpenBSD 1.5 -> 1.6.
|
||||
- (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.10 -> 1.13.
|
||||
- (dtucker) [openbsd-compat/mktemp.c] Update from OpenBSD 1.17 -> 1.19.
|
||||
- (dtucker) [openbsd-compat/rresvport.c] Update from OpenBSD 1.6 -> 1.8.
|
||||
- (dtucker) [openbsd-compat/bindresvport.c] Add "OPENBSD ORIGINAL" marker.
|
||||
- (dtucker) [openbsd-compat/bindresvport.c] Update from OpenBSD 1.16 -> 1.17.
|
||||
- (dtucker) [openbsd-compat/sigact.c] Update from OpenBSD 1.3 -> 1.4.
|
||||
Id and copyright sync only, there were no substantial changes we need.
|
||||
- (dtucker) [openbsd-compat/bsd-closefrom.c openbsd-compat/base64.c]
|
||||
-Wsign-compare fixes from djm.
|
||||
- (dtucker) [openbsd-compat/sigact.h] Update from OpenBSD 1.2 -> 1.3.
|
||||
Id and copyright sync only, there were no substantial changes we need.
|
||||
- (dtucker) [configure.ac] Try to get the gcc version number in a way that
|
||||
doesn't change between versions, and use a safer default.
|
||||
|
||||
20051105
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- markus@cvs.openbsd.org 2005/10/07 11:13:57
|
||||
[ssh-keygen.c]
|
||||
change DSA default back to 1024, as it's defined for 1024 bits only
|
||||
and this causes interop problems with other clients. moreover,
|
||||
in order to improve the security of DSA you need to change more
|
||||
components of DSA key generation (e.g. the internal SHA1 hash);
|
||||
ok deraadt
|
||||
- djm@cvs.openbsd.org 2005/10/10 10:23:08
|
||||
[channels.c channels.h clientloop.c serverloop.c session.c]
|
||||
fix regression I introduced in 4.2: X11 forwardings initiated after
|
||||
a session has exited (e.g. "(sleep 5; xterm) &") would not start.
|
||||
bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
|
||||
- djm@cvs.openbsd.org 2005/10/11 23:37:37
|
||||
[channels.c]
|
||||
bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
|
||||
bind() failure when a previous connection's listeners are in TIME_WAIT,
|
||||
reported by plattner AT inf.ethz.ch; ok dtucker@
|
||||
- stevesk@cvs.openbsd.org 2005/10/13 14:03:01
|
||||
[auth2-gss.c gss-genr.c gss-serv.c]
|
||||
remove unneeded #includes; ok markus@
|
||||
- stevesk@cvs.openbsd.org 2005/10/13 14:20:37
|
||||
[gss-serv.c]
|
||||
spelling in comments
|
||||
- stevesk@cvs.openbsd.org 2005/10/13 19:08:08
|
||||
[gss-serv-krb5.c gss-serv.c]
|
||||
unused declarations; ok deraadt@
|
||||
(id sync only for gss-serv-krb5.c)
|
||||
- stevesk@cvs.openbsd.org 2005/10/13 19:13:41
|
||||
[dns.c]
|
||||
unneeded #include, unused declaration, little knf; ok deraadt@
|
||||
- stevesk@cvs.openbsd.org 2005/10/13 22:24:31
|
||||
[auth2-gss.c gss-genr.c gss-serv.c monitor.c]
|
||||
KNF; ok djm@
|
||||
- stevesk@cvs.openbsd.org 2005/10/14 02:17:59
|
||||
[ssh-keygen.c ssh.c sshconnect2.c]
|
||||
no trailing "\n" for log functions; ok djm@
|
||||
- stevesk@cvs.openbsd.org 2005/10/14 02:29:37
|
||||
[channels.c clientloop.c]
|
||||
free()->xfree(); ok djm@
|
||||
- stevesk@cvs.openbsd.org 2005/10/15 15:28:12
|
||||
[sshconnect.c]
|
||||
make external definition static; ok deraadt@
|
||||
- stevesk@cvs.openbsd.org 2005/10/17 13:45:05
|
||||
[dns.c]
|
||||
fix memory leaks from 2 sources:
|
||||
1) key_fingerprint_raw()
|
||||
2) malloc in dns_read_rdata()
|
||||
ok jakob@
|
||||
- stevesk@cvs.openbsd.org 2005/10/17 14:01:28
|
||||
[dns.c]
|
||||
remove #ifdef LWRES; ok jakob@
|
||||
- stevesk@cvs.openbsd.org 2005/10/17 14:13:35
|
||||
[dns.c dns.h]
|
||||
more cleanups; ok jakob@
|
||||
- djm@cvs.openbsd.org 2005/10/30 01:23:19
|
||||
[ssh_config.5]
|
||||
mention control socket fallback behaviour, reported by
|
||||
tryponraj AT gmail.com
|
||||
- djm@cvs.openbsd.org 2005/10/30 04:01:03
|
||||
[ssh-keyscan.c]
|
||||
make ssh-keygen discard junk from server before SSH- ident, spotted by
|
||||
dave AT cirt.net; ok dtucker@
|
||||
- djm@cvs.openbsd.org 2005/10/30 04:03:24
|
||||
[ssh.c]
|
||||
fix misleading debug message; ok dtucker@
|
||||
- dtucker@cvs.openbsd.org 2005/10/30 08:29:29
|
||||
[canohost.c sshd.c]
|
||||
Check for connections with IP options earlier and drop silently. ok djm@
|
||||
- jmc@cvs.openbsd.org 2005/10/30 08:43:47
|
||||
[ssh_config.5]
|
||||
remove trailing whitespace;
|
||||
- djm@cvs.openbsd.org 2005/10/30 08:52:18
|
||||
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
|
||||
[ssh.c sshconnect.c sshconnect1.c sshd.c]
|
||||
no need to escape single quotes in comments, no binary change
|
||||
- dtucker@cvs.openbsd.org 2005/10/31 06:15:04
|
||||
[sftp.c]
|
||||
Fix sorting with "ls -1" command. From Robert Tsai, "looks right" deraadt@
|
||||
- djm@cvs.openbsd.org 2005/10/31 11:12:49
|
||||
[ssh-keygen.1 ssh-keygen.c]
|
||||
generate a protocol 2 RSA key by default
|
||||
- djm@cvs.openbsd.org 2005/10/31 11:48:29
|
||||
[serverloop.c]
|
||||
make sure we clean up wtmp, etc. file when we receive a SIGTERM,
|
||||
SIGINT or SIGQUIT when running without privilege separation (the
|
||||
normal privsep case is already OK). Patch mainly by dtucker@ and
|
||||
senthilkumar_sen AT hotpop.com; ok dtucker@
|
||||
- jmc@cvs.openbsd.org 2005/10/31 19:55:25
|
||||
[ssh-keygen.1]
|
||||
grammar;
|
||||
- dtucker@cvs.openbsd.org 2005/11/03 13:38:29
|
||||
[canohost.c]
|
||||
Cache reverse lookups with and without DNS separately; ok markus@
|
||||
- djm@cvs.openbsd.org 2005/11/04 05:15:59
|
||||
[kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c]
|
||||
remove hardcoded hash lengths in key exchange code, allowing
|
||||
implementation of KEX methods with different hashes (e.g. SHA-256);
|
||||
ok markus@ dtucker@ stevesk@
|
||||
- djm@cvs.openbsd.org 2005/11/05 05:01:15
|
||||
[bufaux.c]
|
||||
Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
|
||||
cs.stanford.edu; ok dtucker@
|
||||
- (dtucker) [README.platform] Add PAM section.
|
||||
- (djm) [openbsd-compat/getrrsetbyname.c] Sync to latest OpenBSD version,
|
||||
resolving memory leak bz#1111 reported by kremenek AT cs.stanford.edu;
|
||||
ok dtucker@
|
||||
|
||||
20051102
|
||||
- (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
|
||||
Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
|
||||
via FreeBSD.
|
||||
|
||||
20051030
|
||||
- (djm) [contrib/suse/openssh.spec contrib/suse/rc.
|
||||
sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init
|
||||
files from imorgan AT nas.nasa.gov
|
||||
- (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
|
||||
enabled, instead allow PAM to handle it. Note that on platforms using PAM,
|
||||
the pam_nologin module should be added to sshd's session stack in order to
|
||||
maintain exising behaviour. Based on patch and discussion from t8m at
|
||||
centrum.cz, ok djm@
|
||||
|
||||
20051025
|
||||
- (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
|
||||
sizeof(long long) checks, to make fixing bug #1104 easier (no changes
|
||||
yet).
|
||||
- (dtucker) [configure.ac] Bug #1104: Tru64's printf family doesn't
|
||||
understand "%lld", even though the compiler has "long long", so handle
|
||||
it as a special case. Patch tested by mcaskill.scott at epa.gov.
|
||||
- (dtucker) [contrib/cygwin/ssh-user-config] Remove duplicate yes/no
|
||||
prompt. Patch from vinschen at redhat.com.
|
||||
|
||||
20051017
|
||||
- (dtucker) [configure.ac] Bug #1097: Fix configure for cross-compiling.
|
||||
/etc/default/login report and testing from aabaker at iee.org, corrections
|
||||
from tim@.
|
||||
|
||||
20051009
|
||||
- (dtucker) [configure.ac defines.h openbsd-compat/vis.{c,h}] Sync current
|
||||
versions from OpenBSD. ok djm@
|
||||
|
||||
20051008
|
||||
- (dtucker) [configure.ac] Bug #1098: define $MAIL for HP-UX; report from
|
||||
brian.smith at agilent com.
|
||||
- (djm) [configure.ac] missing 'test' call for -with-Werror test
|
||||
|
||||
20051005
|
||||
- (dtucker) [configure.ac sshd.8] Enable locked account check (a prepended
|
||||
"*LOCKED*" string) for FreeBSD. Patch jeremie at le-hen.org and
|
||||
senthilkumar_sen at hotpop.com.
|
||||
|
||||
20051003
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- markus@cvs.openbsd.org 2005/09/07 08:53:53
|
||||
[channels.c]
|
||||
enforce chanid != NULL; ok djm
|
||||
- markus@cvs.openbsd.org 2005/09/09 19:18:05
|
||||
[clientloop.c]
|
||||
typo; from mark at mcs.vuw.ac.nz, bug #1082
|
||||
- djm@cvs.openbsd.org 2005/09/13 23:40:07
|
||||
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
|
||||
scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
|
||||
ensure that stdio fds are attached; ok deraadt@
|
||||
- djm@cvs.openbsd.org 2005/09/19 11:37:34
|
||||
[ssh_config.5 ssh.1]
|
||||
mention ability to specify bind_address for DynamicForward and -D options;
|
||||
bz#1077 spotted by Haruyama Seigo
|
||||
- djm@cvs.openbsd.org 2005/09/19 11:47:09
|
||||
[sshd.c]
|
||||
stop connection abort on rekey with delayed compression enabled when
|
||||
post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@
|
||||
- djm@cvs.openbsd.org 2005/09/19 11:48:10
|
||||
[gss-serv.c]
|
||||
typo
|
||||
- jmc@cvs.openbsd.org 2005/09/19 15:38:27
|
||||
[ssh.1]
|
||||
some more .Bk/.Ek to avoid ugly line split;
|
||||
- jmc@cvs.openbsd.org 2005/09/19 15:42:44
|
||||
[ssh.c]
|
||||
update -D usage here too;
|
||||
- djm@cvs.openbsd.org 2005/09/19 23:31:31
|
||||
[ssh.1]
|
||||
spelling nit from stevesk@
|
||||
- djm@cvs.openbsd.org 2005/09/21 23:36:54
|
||||
[sshd_config.5]
|
||||
aquire -> acquire, from stevesk@
|
||||
- djm@cvs.openbsd.org 2005/09/21 23:37:11
|
||||
[sshd.c]
|
||||
change label at markus@'s request
|
||||
- jaredy@cvs.openbsd.org 2005/09/30 20:34:26
|
||||
[ssh-keyscan.1]
|
||||
deploy .An -nosplit; ok jmc
|
||||
- dtucker@cvs.openbsd.org 2005/10/03 07:44:42
|
||||
[canohost.c]
|
||||
Relocate check_ip_options call to prevent logging of garbage for
|
||||
connections with IP options set. bz#1092 from David Leonard,
|
||||
"looks good" deraadt@
|
||||
- (dtucker) [regress/README.regress] Bug #989: Document limitation that scp
|
||||
is required in the system path for the multiplex test to work.
|
||||
|
||||
20050930
|
||||
- (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype
|
||||
for strtoll. Patch from o.flebbe at science-computing.de.
|
||||
- (dtucker) [monitor.c] Bug #1087: Send loginmsg to preauth privsep
|
||||
child during PAM account check without clearing it. This restores the
|
||||
post-login warnings such as LDAP password expiry. Patch from Tomas Mraz
|
||||
with help from several others.
|
||||
|
||||
20050929
|
||||
- (dtucker) [monitor_wrap.c] Remove duplicate definition of loginmsg
|
||||
introduced during sync.
|
||||
|
||||
20050928
|
||||
- (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency.
|
||||
- (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from
|
||||
PAM via keyboard-interactive. Patch tested by the folks at Vintela.
|
||||
|
||||
20050927
|
||||
- (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
|
||||
calls, since they can't possibly fail. ok djm@
|
||||
- (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
|
||||
process when sshd relies on ssh-random-helper. Should result in faster
|
||||
logins on systems without a real random device or prngd. ok djm@
|
||||
|
||||
20050924
|
||||
- (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
|
||||
duplicate call. ok djm@
|
||||
|
||||
20050922
|
||||
- (dtucker) [configure.ac] Use -R linker flag for libedit too; patch from
|
||||
skeleten at shillest.net.
|
||||
- (dtucker) [configure.ac] Fix help for --with-opensc; patch from skeleten at
|
||||
shillest.net.
|
||||
|
||||
20050919
|
||||
- (tim) [aclocal.m4 configure.ac] Delete acconfig.h and add templates to
|
||||
AC_DEFINE and AC_DEFINE_UNQUOTED to quiet autoconf 2.59 warning messages.
|
||||
ok dtucker@
|
||||
|
||||
20050912
|
||||
- (tim) [configure.ac] Bug 1078. Fix --without-kerberos5. Reported by
|
||||
Mike Frysinger.
|
||||
|
||||
20050908
|
||||
- (tim) [defines.h openbsd-compat/port-uw.c] Add long password support to
|
||||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||
|
||||
20050901
|
||||
- (djm) Update RPM spec file versions
|
||||
|
||||
@ -2989,4 +3818,4 @@
|
||||
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
||||
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
||||
|
||||
$Id: ChangeLog,v 1.3887 2005/09/01 09:10:48 djm Exp $
|
||||
$Id: ChangeLog,v 1.4117.2.1 2006/02/01 11:33:14 djm Exp $
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $Id: Makefile.in,v 1.273 2005/05/29 07:22:29 dtucker Exp $
|
||||
# $Id: Makefile.in,v 1.274 2006/01/01 08:47:05 djm Exp $
|
||||
|
||||
# uncomment if you run a non bourne compatable shell. Ie. csh
|
||||
#SHELL = @SH@
|
||||
@ -139,7 +139,7 @@ sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS)
|
||||
$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBS)
|
||||
|
||||
scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
|
||||
$(LD) -o $@ scp.o progressmeter.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
||||
ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
|
||||
$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
@ -1,4 +1,4 @@
|
||||
See http://www.openssh.com/txt/release-4.2 for the release notes.
|
||||
See http://www.openssh.com/txt/release-4.3 for the release notes.
|
||||
|
||||
- A Japanese translation of this document and of the OpenSSH FAQ is
|
||||
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
|
||||
@ -62,4 +62,4 @@ References -
|
||||
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
|
||||
[7] http://www.openssh.com/faq.html
|
||||
|
||||
$Id: README,v 1.60 2005/08/31 14:05:57 dtucker Exp $
|
||||
$Id: README,v 1.61 2005/12/01 11:21:04 dtucker Exp $
|
||||
|
@ -45,4 +45,14 @@ number is already in use on your system, you may change it at build time
|
||||
by configure'ing --with-cflags=-DAUE_openssh=32801 then rebuilding.
|
||||
|
||||
|
||||
$Id: README.platform,v 1.5 2005/02/20 10:01:49 dtucker Exp $
|
||||
Platforms using PAM
|
||||
-------------------
|
||||
As of OpenSSH 4.3p1, sshd will no longer check /etc/nologin itself when
|
||||
PAM is enabled. To maintain existing behaviour, pam_nologin should be
|
||||
added to sshd's session stack which will prevent users from starting shell
|
||||
sessions. Alternatively, pam_nologin can be added to either the auth or
|
||||
account stacks which will prevent authentication entirely, but will still
|
||||
return the output from pam_nologin to the client.
|
||||
|
||||
|
||||
$Id: README.platform,v 1.6 2005/11/05 05:28:35 dtucker Exp $
|
||||
|
132
crypto/openssh/README.tun
Normal file
132
crypto/openssh/README.tun
Normal file
@ -0,0 +1,132 @@
|
||||
How to use OpenSSH-based virtual private networks
|
||||
-------------------------------------------------
|
||||
|
||||
OpenSSH contains support for VPN tunneling using the tun(4) network
|
||||
tunnel pseudo-device which is available on most platforms, either for
|
||||
layer 2 or 3 traffic.
|
||||
|
||||
The following brief instructions on how to use this feature use
|
||||
a network configuration specific to the OpenBSD operating system.
|
||||
|
||||
(1) Server: Enable support for SSH tunneling
|
||||
|
||||
To enable the ssh server to accept tunnel requests from the client, you
|
||||
have to add the following option to the ssh server configuration file
|
||||
(/etc/ssh/sshd_config):
|
||||
|
||||
PermitTunnel yes
|
||||
|
||||
Restart the server or send the hangup signal (SIGHUP) to let the server
|
||||
reread it's configuration.
|
||||
|
||||
(2) Server: Restrict client access and assign the tunnel
|
||||
|
||||
The OpenSSH server simply uses the file /root/.ssh/authorized_keys to
|
||||
restrict the client to connect to a specified tunnel and to
|
||||
automatically start the related interface configuration command. These
|
||||
settings are optional but recommended:
|
||||
|
||||
tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... reyk@openbsd.org
|
||||
|
||||
(3) Client: Configure the local network tunnel interface
|
||||
|
||||
Use the hostname.if(5) interface-specific configuration file to set up
|
||||
the network tunnel configuration with OpenBSD. For example, use the
|
||||
following configuration in /etc/hostname.tun0 to set up the layer 3
|
||||
tunnel on the client:
|
||||
|
||||
inet 192.168.5.1 255.255.255.252 192.168.5.2
|
||||
|
||||
OpenBSD also supports layer 2 tunneling over the tun device by adding
|
||||
the link0 flag:
|
||||
|
||||
inet 192.168.1.78 255.255.255.0 192.168.1.255 link0
|
||||
|
||||
Layer 2 tunnels can be used in combination with an Ethernet bridge(4)
|
||||
interface, like the following example for /etc/bridgename.bridge0:
|
||||
|
||||
add tun0
|
||||
add sis0
|
||||
up
|
||||
|
||||
(4) Client: Configure the OpenSSH client
|
||||
|
||||
To establish tunnel forwarding for connections to a specified
|
||||
remote host by default, use the following ssh client configuration for
|
||||
the privileged user (in /root/.ssh/config):
|
||||
|
||||
Host sshgateway
|
||||
Tunnel yes
|
||||
TunnelDevice 0:any
|
||||
PermitLocalCommand yes
|
||||
LocalCommand sh /etc/netstart tun0
|
||||
|
||||
A more complicated configuration is possible to establish a tunnel to
|
||||
a remote host which is not directly accessible by the client.
|
||||
The following example describes a client configuration to connect to
|
||||
the remote host over two ssh hops in between. It uses the OpenSSH
|
||||
ProxyCommand in combination with the nc(1) program to forward the final
|
||||
ssh tunnel destination over multiple ssh sessions.
|
||||
|
||||
Host access.somewhere.net
|
||||
User puffy
|
||||
Host dmzgw
|
||||
User puffy
|
||||
ProxyCommand ssh access.somewhere.net nc dmzgw 22
|
||||
Host sshgateway
|
||||
Tunnel Ethernet
|
||||
TunnelDevice 0:any
|
||||
PermitLocalCommand yes
|
||||
LocalCommand sh /etc/netstart tun0
|
||||
ProxyCommand ssh dmzgw nc sshgateway 22
|
||||
|
||||
The following network plan illustrates the previous configuration in
|
||||
combination with layer 2 tunneling and Ethernet bridging.
|
||||
|
||||
+--------+ ( ) +----------------------+
|
||||
| Client |------( Internet )-----| access.somewhere.net |
|
||||
+--------+ ( ) +----------------------+
|
||||
: 192.168.1.78 |
|
||||
:............................. +-------+
|
||||
Forwarded ssh connection : | dmzgw |
|
||||
Layer 2 tunnel : +-------+
|
||||
: |
|
||||
: |
|
||||
: +------------+
|
||||
:......| sshgateway |
|
||||
| +------------+
|
||||
--- real connection Bridge -> | +----------+
|
||||
... "virtual connection" [ X ]--------| somehost |
|
||||
[X] switch +----------+
|
||||
192.168.1.25
|
||||
|
||||
(5) Client: Connect to the server and establish the tunnel
|
||||
|
||||
Finally connect to the OpenSSH server to establish the tunnel by using
|
||||
the following command:
|
||||
|
||||
ssh sshgateway
|
||||
|
||||
It is also possible to tell the client to fork into the background after
|
||||
the connection has been successfully established:
|
||||
|
||||
ssh -f sshgateway true
|
||||
|
||||
Without the ssh configuration done in step (4), it is also possible
|
||||
to use the following command lines:
|
||||
|
||||
ssh -fw 0:1 sshgateway true
|
||||
ifconfig tun0 192.168.5.1 192.168.5.2 netmask 255.255.255.252
|
||||
|
||||
Using OpenSSH tunnel forwarding is a simple way to establish secure
|
||||
and ad hoc virtual private networks. Possible fields of application
|
||||
could be wireless networks or administrative VPN tunnels.
|
||||
|
||||
Nevertheless, ssh tunneling requires some packet header overhead and
|
||||
runs on top of TCP. It is still suggested to use the IP Security
|
||||
Protocol (IPSec) for robust and permanent VPN connections and to
|
||||
interconnect corporate networks.
|
||||
|
||||
Reyk Floeter
|
||||
|
||||
$OpenBSD: README.tun,v 1.3 2005/12/08 18:34:10 reyk Exp $
|
4
crypto/openssh/aclocal.m4
vendored
4
crypto/openssh/aclocal.m4
vendored
@ -1,4 +1,4 @@
|
||||
dnl $Id: aclocal.m4,v 1.5 2001/10/22 00:53:59 tim Exp $
|
||||
dnl $Id: aclocal.m4,v 1.6 2005/09/19 16:33:39 tim Exp $
|
||||
dnl
|
||||
dnl OpenSSH-specific autoconf macros
|
||||
dnl
|
||||
@ -26,7 +26,7 @@ AC_DEFUN(OSSH_CHECK_HEADER_FOR_FIELD, [
|
||||
if test -n "`echo $ossh_varname`"; then
|
||||
AC_MSG_RESULT($ossh_result)
|
||||
if test "x$ossh_result" = "xyes"; then
|
||||
AC_DEFINE($3)
|
||||
AC_DEFINE($3, 1, [Define if you have $1 in $2])
|
||||
fi
|
||||
else
|
||||
AC_MSG_RESULT(no)
|
||||
|
@ -28,7 +28,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth-krb5.c,v 1.15 2003/11/21 11:57:02 djm Exp $");
|
||||
RCSID("$OpenBSD: auth-krb5.c,v 1.16 2005/11/21 09:42:10 dtucker Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "ssh1.h"
|
||||
@ -69,9 +69,6 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
|
||||
krb5_ccache ccache = NULL;
|
||||
int len;
|
||||
|
||||
if (!authctxt->valid)
|
||||
return (0);
|
||||
|
||||
temporarily_use_uid(authctxt->pw);
|
||||
|
||||
problem = krb5_init(authctxt);
|
||||
@ -188,7 +185,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password)
|
||||
else
|
||||
return (0);
|
||||
}
|
||||
return (1);
|
||||
return (authctxt->valid ? 1 : 0);
|
||||
}
|
||||
|
||||
void
|
||||
@ -218,7 +215,7 @@ ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) {
|
||||
|
||||
ret = snprintf(ccname, sizeof(ccname),
|
||||
"FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid());
|
||||
if (ret == -1 || ret >= sizeof(ccname))
|
||||
if (ret < 0 || (size_t)ret >= sizeof(ccname))
|
||||
return ENOMEM;
|
||||
|
||||
old_umask = umask(0177);
|
||||
|
@ -10,7 +10,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth-options.c,v 1.31 2005/03/10 22:40:38 deraadt Exp $");
|
||||
RCSID("$OpenBSD: auth-options.c,v 1.33 2005/12/08 18:34:11 reyk Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "match.h"
|
||||
@ -35,6 +35,9 @@ char *forced_command = NULL;
|
||||
/* "environment=" options. */
|
||||
struct envstring *custom_environment = NULL;
|
||||
|
||||
/* "tunnel=" option. */
|
||||
int forced_tun_device = -1;
|
||||
|
||||
extern ServerOptions options;
|
||||
|
||||
void
|
||||
@ -54,6 +57,7 @@ auth_clear_options(void)
|
||||
xfree(forced_command);
|
||||
forced_command = NULL;
|
||||
}
|
||||
forced_tun_device = -1;
|
||||
channel_clear_permitted_opens();
|
||||
auth_debug_reset();
|
||||
}
|
||||
@ -269,6 +273,41 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
|
||||
xfree(patterns);
|
||||
goto next_option;
|
||||
}
|
||||
cp = "tunnel=\"";
|
||||
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
|
||||
char *tun = NULL;
|
||||
opts += strlen(cp);
|
||||
tun = xmalloc(strlen(opts) + 1);
|
||||
i = 0;
|
||||
while (*opts) {
|
||||
if (*opts == '"')
|
||||
break;
|
||||
tun[i++] = *opts++;
|
||||
}
|
||||
if (!*opts) {
|
||||
debug("%.100s, line %lu: missing end quote",
|
||||
file, linenum);
|
||||
auth_debug_add("%.100s, line %lu: missing end quote",
|
||||
file, linenum);
|
||||
xfree(tun);
|
||||
forced_tun_device = -1;
|
||||
goto bad_option;
|
||||
}
|
||||
tun[i] = 0;
|
||||
forced_tun_device = a2tun(tun, NULL);
|
||||
xfree(tun);
|
||||
if (forced_tun_device == SSH_TUNID_ERR) {
|
||||
debug("%.100s, line %lu: invalid tun device",
|
||||
file, linenum);
|
||||
auth_debug_add("%.100s, line %lu: invalid tun device",
|
||||
file, linenum);
|
||||
forced_tun_device = -1;
|
||||
goto bad_option;
|
||||
}
|
||||
auth_debug_add("Forced tun device: %d", forced_tun_device);
|
||||
opts++;
|
||||
goto next_option;
|
||||
}
|
||||
next_option:
|
||||
/*
|
||||
* Skip the comma, and move to the next option
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth-options.h,v 1.12 2002/07/21 18:34:43 stevesk Exp $ */
|
||||
/* $OpenBSD: auth-options.h,v 1.13 2005/12/06 22:38:27 reyk Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -28,6 +28,7 @@ extern int no_x11_forwarding_flag;
|
||||
extern int no_pty_flag;
|
||||
extern char *forced_command;
|
||||
extern struct envstring *custom_environment;
|
||||
extern int forced_tun_device;
|
||||
|
||||
int auth_parse_options(struct passwd *, char *, char *, u_long);
|
||||
void auth_clear_options(void);
|
||||
|
@ -47,7 +47,7 @@
|
||||
|
||||
/* Based on $FreeBSD$ */
|
||||
#include "includes.h"
|
||||
RCSID("$Id: auth-pam.c,v 1.126 2005/07/17 07:18:50 djm Exp $");
|
||||
RCSID("$Id: auth-pam.c,v 1.128 2006/01/29 05:46:13 dtucker Exp $");
|
||||
|
||||
#ifdef USE_PAM
|
||||
#if defined(HAVE_SECURITY_PAM_APPL_H)
|
||||
@ -716,8 +716,18 @@ sshpam_query(void *ctx, char **name, char **info,
|
||||
plen++;
|
||||
xfree(msg);
|
||||
break;
|
||||
case PAM_SUCCESS:
|
||||
case PAM_AUTH_ERR:
|
||||
debug3("PAM: PAM_AUTH_ERR");
|
||||
if (**prompts != NULL && strlen(**prompts) != 0) {
|
||||
*info = **prompts;
|
||||
**prompts = NULL;
|
||||
*num = 0;
|
||||
**echo_on = 0;
|
||||
ctxt->pam_done = -1;
|
||||
return 0;
|
||||
}
|
||||
/* FALLTHROUGH */
|
||||
case PAM_SUCCESS:
|
||||
if (**prompts != NULL) {
|
||||
/* drain any accumulated messages */
|
||||
debug("PAM: %s", **prompts);
|
||||
@ -763,7 +773,7 @@ sshpam_respond(void *ctx, u_int num, char **resp)
|
||||
Buffer buffer;
|
||||
struct pam_ctxt *ctxt = ctx;
|
||||
|
||||
debug2("PAM: %s entering, %d responses", __func__, num);
|
||||
debug2("PAM: %s entering, %u responses", __func__, num);
|
||||
switch (ctxt->pam_done) {
|
||||
case 1:
|
||||
sshpam_authenticated = 1;
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth2-gss.c,v 1.10 2005/07/17 07:17:54 djm Exp $ */
|
||||
/* $OpenBSD: auth2-gss.c,v 1.12 2005/10/13 22:24:31 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
@ -34,7 +34,6 @@
|
||||
#include "log.h"
|
||||
#include "dispatch.h"
|
||||
#include "servconf.h"
|
||||
#include "compat.h"
|
||||
#include "packet.h"
|
||||
#include "monitor_wrap.h"
|
||||
|
||||
@ -49,7 +48,7 @@ static void input_gssapi_errtok(int, u_int32_t, void *);
|
||||
|
||||
/*
|
||||
* We only support those mechanisms that we know about (ie ones that we know
|
||||
* how to check local user kuserok and the like
|
||||
* how to check local user kuserok and the like)
|
||||
*/
|
||||
static int
|
||||
userauth_gssapi(Authctxt *authctxt)
|
||||
@ -105,7 +104,7 @@ userauth_gssapi(Authctxt *authctxt)
|
||||
return (0);
|
||||
}
|
||||
|
||||
authctxt->methoddata=(void *)ctxt;
|
||||
authctxt->methoddata = (void *)ctxt;
|
||||
|
||||
packet_start(SSH2_MSG_USERAUTH_GSSAPI_RESPONSE);
|
||||
|
||||
|
@ -156,21 +156,17 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
|
||||
if (authctxt->pw && strcmp(service, "ssh-connection")==0) {
|
||||
authctxt->valid = 1;
|
||||
debug2("input_userauth_request: setting up authctxt for %s", user);
|
||||
#ifdef USE_PAM
|
||||
if (options.use_pam)
|
||||
PRIVSEP(start_pam(authctxt));
|
||||
#endif
|
||||
} else {
|
||||
logit("input_userauth_request: invalid user %s", user);
|
||||
authctxt->pw = fakepw();
|
||||
#ifdef USE_PAM
|
||||
if (options.use_pam)
|
||||
PRIVSEP(start_pam(authctxt));
|
||||
#endif
|
||||
#ifdef SSH_AUDIT_EVENTS
|
||||
PRIVSEP(audit_event(SSH_INVALID_USER));
|
||||
#endif
|
||||
}
|
||||
#ifdef USE_PAM
|
||||
if (options.use_pam)
|
||||
PRIVSEP(start_pam(authctxt));
|
||||
#endif
|
||||
setproctitle("%s%s", authctxt->valid ? user : "unknown",
|
||||
use_privsep ? " [net]" : "");
|
||||
authctxt->service = xstrdup(service);
|
||||
|
@ -37,7 +37,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: bufaux.c,v 1.36 2005/06/17 02:44:32 djm Exp $");
|
||||
RCSID("$OpenBSD: bufaux.c,v 1.37 2005/11/05 05:01:15 djm Exp $");
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include "bufaux.h"
|
||||
@ -63,6 +63,7 @@ buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
|
||||
if (oi != bin_size) {
|
||||
error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
|
||||
oi, bin_size);
|
||||
xfree(buf);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
@ -187,10 +188,12 @@ buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
|
||||
|
||||
if (len > 0 && (bin[0] & 0x80)) {
|
||||
error("buffer_get_bignum2_ret: negative numbers not supported");
|
||||
xfree(bin);
|
||||
return (-1);
|
||||
}
|
||||
if (len > 8 * 1024) {
|
||||
error("buffer_get_bignum2_ret: cannot handle BN of size %d", len);
|
||||
xfree(bin);
|
||||
return (-1);
|
||||
}
|
||||
BN_bin2bn(bin, len, value);
|
||||
|
@ -353,7 +353,7 @@ else
|
||||
# Create user if required
|
||||
[ "\$DO_PASSWD" = yes ] && {
|
||||
# Use uid of 67 if possible
|
||||
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
|
||||
if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
|
||||
then
|
||||
:
|
||||
else
|
||||
|
@ -12,7 +12,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: canohost.c,v 1.44 2005/06/17 02:44:32 djm Exp $");
|
||||
RCSID("$OpenBSD: canohost.c,v 1.48 2005/12/28 22:46:06 stevesk Exp $");
|
||||
|
||||
#include "packet.h"
|
||||
#include "xmalloc.h"
|
||||
@ -43,9 +43,6 @@ get_remote_hostname(int sock, int use_dns)
|
||||
cleanup_exit(255);
|
||||
}
|
||||
|
||||
if (from.ss_family == AF_INET)
|
||||
check_ip_options(sock, ntop);
|
||||
|
||||
ipv64_normalise_mapped(&from, &fromlen);
|
||||
|
||||
if (from.ss_family == AF_INET6)
|
||||
@ -55,6 +52,9 @@ get_remote_hostname(int sock, int use_dns)
|
||||
NULL, 0, NI_NUMERICHOST) != 0)
|
||||
fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed");
|
||||
|
||||
if (from.ss_family == AF_INET)
|
||||
check_ip_options(sock, ntop);
|
||||
|
||||
if (!use_dns)
|
||||
return xstrdup(ntop);
|
||||
|
||||
@ -102,7 +102,7 @@ get_remote_hostname(int sock, int use_dns)
|
||||
hints.ai_socktype = SOCK_STREAM;
|
||||
if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
|
||||
logit("reverse mapping checking getaddrinfo for %.700s "
|
||||
"failed - POSSIBLE BREAKIN ATTEMPT!", name);
|
||||
"failed - POSSIBLE BREAK-IN ATTEMPT!", name);
|
||||
return xstrdup(ntop);
|
||||
}
|
||||
/* Look for the address from the list of addresses. */
|
||||
@ -117,7 +117,7 @@ get_remote_hostname(int sock, int use_dns)
|
||||
if (!ai) {
|
||||
/* Address not found for the host name. */
|
||||
logit("Address %.100s maps to %.600s, but this does not "
|
||||
"map back to the address - POSSIBLE BREAKIN ATTEMPT!",
|
||||
"map back to the address - POSSIBLE BREAK-IN ATTEMPT!",
|
||||
ntop, name);
|
||||
return xstrdup(ntop);
|
||||
}
|
||||
@ -158,9 +158,7 @@ check_ip_options(int sock, char *ipaddr)
|
||||
for (i = 0; i < option_size; i++)
|
||||
snprintf(text + i*3, sizeof(text) - i*3,
|
||||
" %2.2x", options[i]);
|
||||
logit("Connection from %.100s with IP options:%.800s",
|
||||
ipaddr, text);
|
||||
packet_disconnect("Connection from %.100s with IP options:%.800s",
|
||||
fatal("Connection from %.100s with IP options:%.800s",
|
||||
ipaddr, text);
|
||||
}
|
||||
#endif /* IP_OPTIONS */
|
||||
@ -200,26 +198,27 @@ ipv64_normalise_mapped(struct sockaddr_storage *addr, socklen_t *len)
|
||||
const char *
|
||||
get_canonical_hostname(int use_dns)
|
||||
{
|
||||
char *host;
|
||||
static char *canonical_host_name = NULL;
|
||||
static int use_dns_done = 0;
|
||||
static char *remote_ip = NULL;
|
||||
|
||||
/* Check if we have previously retrieved name with same option. */
|
||||
if (canonical_host_name != NULL) {
|
||||
if (use_dns_done != use_dns)
|
||||
xfree(canonical_host_name);
|
||||
else
|
||||
if (use_dns && canonical_host_name != NULL)
|
||||
return canonical_host_name;
|
||||
}
|
||||
if (!use_dns && remote_ip != NULL)
|
||||
return remote_ip;
|
||||
|
||||
/* Get the real hostname if socket; otherwise return UNKNOWN. */
|
||||
if (packet_connection_is_on_socket())
|
||||
canonical_host_name = get_remote_hostname(
|
||||
packet_get_connection_in(), use_dns);
|
||||
host = get_remote_hostname(packet_get_connection_in(), use_dns);
|
||||
else
|
||||
canonical_host_name = xstrdup("UNKNOWN");
|
||||
host = "UNKNOWN";
|
||||
|
||||
use_dns_done = use_dns;
|
||||
return canonical_host_name;
|
||||
if (use_dns)
|
||||
canonical_host_name = host;
|
||||
else
|
||||
remote_ip = host;
|
||||
return host;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -39,7 +39,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: channels.c,v 1.223 2005/07/17 07:17:54 djm Exp $");
|
||||
RCSID("$OpenBSD: channels.c,v 1.232 2006/01/30 12:22:22 reyk Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "ssh1.h"
|
||||
@ -58,8 +58,6 @@ RCSID("$OpenBSD: channels.c,v 1.223 2005/07/17 07:17:54 djm Exp $");
|
||||
|
||||
/* -- channel core */
|
||||
|
||||
#define CHAN_RBUF 16*1024
|
||||
|
||||
/*
|
||||
* Pointer to an array containing all allocated channels. The array is
|
||||
* dynamically extended as needed.
|
||||
@ -142,22 +140,50 @@ static void port_open_helper(Channel *c, char *rtype);
|
||||
/* -- channel core */
|
||||
|
||||
Channel *
|
||||
channel_lookup(int id)
|
||||
channel_by_id(int id)
|
||||
{
|
||||
Channel *c;
|
||||
|
||||
if (id < 0 || (u_int)id >= channels_alloc) {
|
||||
logit("channel_lookup: %d: bad id", id);
|
||||
logit("channel_by_id: %d: bad id", id);
|
||||
return NULL;
|
||||
}
|
||||
c = channels[id];
|
||||
if (c == NULL) {
|
||||
logit("channel_lookup: %d: bad id: channel free", id);
|
||||
logit("channel_by_id: %d: bad id: channel free", id);
|
||||
return NULL;
|
||||
}
|
||||
return c;
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns the channel if it is allowed to receive protocol messages.
|
||||
* Private channels, like listening sockets, may not receive messages.
|
||||
*/
|
||||
Channel *
|
||||
channel_lookup(int id)
|
||||
{
|
||||
Channel *c;
|
||||
|
||||
if ((c = channel_by_id(id)) == NULL)
|
||||
return (NULL);
|
||||
|
||||
switch(c->type) {
|
||||
case SSH_CHANNEL_X11_OPEN:
|
||||
case SSH_CHANNEL_LARVAL:
|
||||
case SSH_CHANNEL_CONNECTING:
|
||||
case SSH_CHANNEL_DYNAMIC:
|
||||
case SSH_CHANNEL_OPENING:
|
||||
case SSH_CHANNEL_OPEN:
|
||||
case SSH_CHANNEL_INPUT_DRAINING:
|
||||
case SSH_CHANNEL_OUTPUT_DRAINING:
|
||||
return (c);
|
||||
break;
|
||||
}
|
||||
logit("Non-public channel %d, type %d.", id, c->type);
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
* Register filedescriptors for a channel, used when allocating a channel or
|
||||
* when the channel consumer/producer is ready, e.g. shell exec'd
|
||||
@ -269,9 +295,11 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
|
||||
c->force_drain = 0;
|
||||
c->single_connection = 0;
|
||||
c->detach_user = NULL;
|
||||
c->detach_close = 0;
|
||||
c->confirm = NULL;
|
||||
c->confirm_ctx = NULL;
|
||||
c->input_filter = NULL;
|
||||
c->output_filter = NULL;
|
||||
debug("channel %d: new [%s]", found, remote_name);
|
||||
return c;
|
||||
}
|
||||
@ -628,29 +656,32 @@ channel_register_confirm(int id, channel_callback_fn *fn, void *ctx)
|
||||
c->confirm_ctx = ctx;
|
||||
}
|
||||
void
|
||||
channel_register_cleanup(int id, channel_callback_fn *fn)
|
||||
channel_register_cleanup(int id, channel_callback_fn *fn, int do_close)
|
||||
{
|
||||
Channel *c = channel_lookup(id);
|
||||
Channel *c = channel_by_id(id);
|
||||
|
||||
if (c == NULL) {
|
||||
logit("channel_register_cleanup: %d: bad id", id);
|
||||
return;
|
||||
}
|
||||
c->detach_user = fn;
|
||||
c->detach_close = do_close;
|
||||
}
|
||||
void
|
||||
channel_cancel_cleanup(int id)
|
||||
{
|
||||
Channel *c = channel_lookup(id);
|
||||
Channel *c = channel_by_id(id);
|
||||
|
||||
if (c == NULL) {
|
||||
logit("channel_cancel_cleanup: %d: bad id", id);
|
||||
return;
|
||||
}
|
||||
c->detach_user = NULL;
|
||||
c->detach_close = 0;
|
||||
}
|
||||
void
|
||||
channel_register_filter(int id, channel_filter_fn *fn)
|
||||
channel_register_filter(int id, channel_infilter_fn *ifn,
|
||||
channel_outfilter_fn *ofn)
|
||||
{
|
||||
Channel *c = channel_lookup(id);
|
||||
|
||||
@ -658,7 +689,8 @@ channel_register_filter(int id, channel_filter_fn *fn)
|
||||
logit("channel_register_filter: %d: bad id", id);
|
||||
return;
|
||||
}
|
||||
c->input_filter = fn;
|
||||
c->input_filter = ifn;
|
||||
c->output_filter = ofn;
|
||||
}
|
||||
|
||||
void
|
||||
@ -1227,6 +1259,19 @@ port_open_helper(Channel *c, char *rtype)
|
||||
xfree(remote_ipaddr);
|
||||
}
|
||||
|
||||
static void
|
||||
channel_set_reuseaddr(int fd)
|
||||
{
|
||||
int on = 1;
|
||||
|
||||
/*
|
||||
* Set socket options.
|
||||
* Allow local port reuse in TIME_WAIT.
|
||||
*/
|
||||
if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) == -1)
|
||||
error("setsockopt SO_REUSEADDR fd %d: %s", fd, strerror(errno));
|
||||
}
|
||||
|
||||
/*
|
||||
* This socket is listening for connections to a forwarded TCP/IP port.
|
||||
*/
|
||||
@ -1398,6 +1443,8 @@ channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset)
|
||||
debug2("channel %d: filter stops", c->self);
|
||||
chan_read_failed(c);
|
||||
}
|
||||
} else if (c->datagram) {
|
||||
buffer_put_string(&c->input, buf, len);
|
||||
} else {
|
||||
buffer_append(&c->input, buf, len);
|
||||
}
|
||||
@ -1408,7 +1455,7 @@ static int
|
||||
channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
|
||||
{
|
||||
struct termios tio;
|
||||
u_char *data;
|
||||
u_char *data = NULL, *buf;
|
||||
u_int dlen;
|
||||
int len;
|
||||
|
||||
@ -1416,14 +1463,45 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
|
||||
if (c->wfd != -1 &&
|
||||
FD_ISSET(c->wfd, writeset) &&
|
||||
buffer_len(&c->output) > 0) {
|
||||
data = buffer_ptr(&c->output);
|
||||
if (c->output_filter != NULL) {
|
||||
if ((buf = c->output_filter(c, &data, &dlen)) == NULL) {
|
||||
debug2("channel %d: filter stops", c->self);
|
||||
if (c->type != SSH_CHANNEL_OPEN)
|
||||
chan_mark_dead(c);
|
||||
else
|
||||
chan_write_failed(c);
|
||||
return -1;
|
||||
}
|
||||
} else if (c->datagram) {
|
||||
buf = data = buffer_get_string(&c->output, &dlen);
|
||||
} else {
|
||||
buf = data = buffer_ptr(&c->output);
|
||||
dlen = buffer_len(&c->output);
|
||||
}
|
||||
|
||||
if (c->datagram) {
|
||||
/* ignore truncated writes, datagrams might get lost */
|
||||
c->local_consumed += dlen + 4;
|
||||
len = write(c->wfd, buf, dlen);
|
||||
xfree(data);
|
||||
if (len < 0 && (errno == EINTR || errno == EAGAIN))
|
||||
return 1;
|
||||
if (len <= 0) {
|
||||
if (c->type != SSH_CHANNEL_OPEN)
|
||||
chan_mark_dead(c);
|
||||
else
|
||||
chan_write_failed(c);
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
#ifdef _AIX
|
||||
/* XXX: Later AIX versions can't push as much data to tty */
|
||||
if (compat20 && c->wfd_isatty)
|
||||
dlen = MIN(dlen, 8*1024);
|
||||
#endif
|
||||
len = write(c->wfd, data, dlen);
|
||||
|
||||
len = write(c->wfd, buf, dlen);
|
||||
if (len < 0 && (errno == EINTR || errno == EAGAIN))
|
||||
return 1;
|
||||
if (len <= 0) {
|
||||
@ -1440,14 +1518,14 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
if (compat20 && c->isatty && dlen >= 1 && data[0] != '\r') {
|
||||
if (compat20 && c->isatty && dlen >= 1 && buf[0] != '\r') {
|
||||
if (tcgetattr(c->wfd, &tio) == 0 &&
|
||||
!(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) {
|
||||
/*
|
||||
* Simulate echo to reduce the impact of
|
||||
* traffic analysis. We need to match the
|
||||
* size of a SSH2_MSG_CHANNEL_DATA message
|
||||
* (4 byte channel id + data)
|
||||
* (4 byte channel id + buf)
|
||||
*/
|
||||
packet_send_ignore(4 + len);
|
||||
packet_send();
|
||||
@ -1666,7 +1744,7 @@ channel_garbage_collect(Channel *c)
|
||||
if (c == NULL)
|
||||
return;
|
||||
if (c->detach_user != NULL) {
|
||||
if (!chan_is_dead(c, 0))
|
||||
if (!chan_is_dead(c, c->detach_close))
|
||||
return;
|
||||
debug2("channel %d: gc: notify user", c->self);
|
||||
c->detach_user(c->self, NULL);
|
||||
@ -1776,6 +1854,22 @@ channel_output_poll(void)
|
||||
if ((c->istate == CHAN_INPUT_OPEN ||
|
||||
c->istate == CHAN_INPUT_WAIT_DRAIN) &&
|
||||
(len = buffer_len(&c->input)) > 0) {
|
||||
if (c->datagram) {
|
||||
if (len > 0) {
|
||||
u_char *data;
|
||||
u_int dlen;
|
||||
|
||||
data = buffer_get_string(&c->input,
|
||||
&dlen);
|
||||
packet_start(SSH2_MSG_CHANNEL_DATA);
|
||||
packet_put_int(c->remote_id);
|
||||
packet_put_string(data, dlen);
|
||||
packet_send();
|
||||
c->remote_window -= dlen + 4;
|
||||
xfree(data);
|
||||
}
|
||||
continue;
|
||||
}
|
||||
/*
|
||||
* Send some data for the other side over the secure
|
||||
* connection.
|
||||
@ -1898,6 +1992,9 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
|
||||
c->local_window -= data_len;
|
||||
}
|
||||
packet_check_eom();
|
||||
if (c->datagram)
|
||||
buffer_put_string(&c->output, data, data_len);
|
||||
else
|
||||
buffer_append(&c->output, data, data_len);
|
||||
xfree(data);
|
||||
}
|
||||
@ -2129,9 +2226,8 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
|
||||
id = packet_get_int();
|
||||
c = channel_lookup(id);
|
||||
|
||||
if (c == NULL || c->type != SSH_CHANNEL_OPEN) {
|
||||
logit("Received window adjust for "
|
||||
"non-open channel %d.", id);
|
||||
if (c == NULL) {
|
||||
logit("Received window adjust for non-open channel %d.", id);
|
||||
return;
|
||||
}
|
||||
adjust = packet_get_int();
|
||||
@ -2188,7 +2284,7 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por
|
||||
const char *host_to_connect, u_short port_to_connect, int gateway_ports)
|
||||
{
|
||||
Channel *c;
|
||||
int sock, r, success = 0, on = 1, wildcard = 0, is_client;
|
||||
int sock, r, success = 0, wildcard = 0, is_client;
|
||||
struct addrinfo hints, *ai, *aitop;
|
||||
const char *host, *addr;
|
||||
char ntop[NI_MAXHOST], strport[NI_MAXSERV];
|
||||
@ -2275,13 +2371,8 @@ channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_por
|
||||
verbose("socket: %.100s", strerror(errno));
|
||||
continue;
|
||||
}
|
||||
/*
|
||||
* Set socket options.
|
||||
* Allow local port reuse in TIME_WAIT.
|
||||
*/
|
||||
if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on,
|
||||
sizeof(on)) == -1)
|
||||
error("setsockopt SO_REUSEADDR: %s", strerror(errno));
|
||||
|
||||
channel_set_reuseaddr(sock);
|
||||
|
||||
debug("Local forwarding listening on %s port %s.", ntop, strport);
|
||||
|
||||
@ -2453,7 +2544,7 @@ channel_request_rforward_cancel(const char *host, u_short port)
|
||||
|
||||
permitted_opens[i].listen_port = 0;
|
||||
permitted_opens[i].port_to_connect = 0;
|
||||
free(permitted_opens[i].host_to_connect);
|
||||
xfree(permitted_opens[i].host_to_connect);
|
||||
permitted_opens[i].host_to_connect = NULL;
|
||||
}
|
||||
|
||||
@ -2668,6 +2759,9 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
|
||||
char strport[NI_MAXSERV];
|
||||
int gaierr, n, num_socks = 0, socks[NUM_SOCKS];
|
||||
|
||||
if (chanids == NULL)
|
||||
return -1;
|
||||
|
||||
for (display_number = x11_display_offset;
|
||||
display_number < MAX_DISPLAYS;
|
||||
display_number++) {
|
||||
@ -2704,6 +2798,7 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
|
||||
error("setsockopt IPV6_V6ONLY: %.100s", strerror(errno));
|
||||
}
|
||||
#endif
|
||||
channel_set_reuseaddr(sock);
|
||||
if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
|
||||
debug2("bind port %d: %.100s", port, strerror(errno));
|
||||
close(sock);
|
||||
@ -2749,7 +2844,6 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
|
||||
}
|
||||
|
||||
/* Allocate a channel for each socket. */
|
||||
if (chanids != NULL)
|
||||
*chanids = xmalloc(sizeof(**chanids) * (num_socks + 1));
|
||||
for (n = 0; n < num_socks; n++) {
|
||||
sock = socks[n];
|
||||
@ -2758,10 +2852,8 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
|
||||
CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT,
|
||||
0, "X11 inet listener", 1);
|
||||
nc->single_connection = single_connection;
|
||||
if (*chanids != NULL)
|
||||
(*chanids)[n] = nc->self;
|
||||
}
|
||||
if (*chanids != NULL)
|
||||
(*chanids)[n] = -1;
|
||||
|
||||
/* Return the display number for the DISPLAY environment variable. */
|
||||
@ -2948,7 +3040,7 @@ deny_input_open(int type, u_int32_t seq, void *ctxt)
|
||||
error("deny_input_open: type %d", type);
|
||||
break;
|
||||
}
|
||||
error("Warning: this is probably a break in attempt by a malicious server.");
|
||||
error("Warning: this is probably a break-in attempt by a malicious server.");
|
||||
packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
|
||||
packet_put_int(rchan);
|
||||
packet_send();
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: channels.h,v 1.79 2005/07/17 06:49:04 djm Exp $ */
|
||||
/* $OpenBSD: channels.h,v 1.83 2005/12/30 15:56:37 reyk Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -63,7 +63,8 @@ struct Channel;
|
||||
typedef struct Channel Channel;
|
||||
|
||||
typedef void channel_callback_fn(int, void *);
|
||||
typedef int channel_filter_fn(struct Channel *, char *, int);
|
||||
typedef int channel_infilter_fn(struct Channel *, char *, int);
|
||||
typedef u_char *channel_outfilter_fn(struct Channel *, u_char **, u_int *);
|
||||
|
||||
struct Channel {
|
||||
int type; /* channel type/state */
|
||||
@ -106,11 +107,15 @@ struct Channel {
|
||||
|
||||
/* callback */
|
||||
channel_callback_fn *confirm;
|
||||
channel_callback_fn *detach_user;
|
||||
void *confirm_ctx;
|
||||
channel_callback_fn *detach_user;
|
||||
int detach_close;
|
||||
|
||||
/* filter */
|
||||
channel_filter_fn *input_filter;
|
||||
channel_infilter_fn *input_filter;
|
||||
channel_outfilter_fn *output_filter;
|
||||
|
||||
int datagram; /* keep boundaries */
|
||||
};
|
||||
|
||||
#define CHAN_EXTENDED_IGNORE 0
|
||||
@ -142,6 +147,8 @@ struct Channel {
|
||||
#define CHAN_EOF_SENT 0x04
|
||||
#define CHAN_EOF_RCVD 0x08
|
||||
|
||||
#define CHAN_RBUF 16*1024
|
||||
|
||||
/* check whether 'efd' is still in use */
|
||||
#define CHANNEL_EFD_INPUT_ACTIVE(c) \
|
||||
(compat20 && c->extended_usage == CHAN_EXTENDED_READ && \
|
||||
@ -154,6 +161,7 @@ struct Channel {
|
||||
|
||||
/* channel management */
|
||||
|
||||
Channel *channel_by_id(int);
|
||||
Channel *channel_lookup(int);
|
||||
Channel *channel_new(char *, int, int, int, int, u_int, u_int, int, char *, int);
|
||||
void channel_set_fds(int, int, int, int, int, int, u_int);
|
||||
@ -163,9 +171,9 @@ void channel_stop_listening(void);
|
||||
|
||||
void channel_send_open(int);
|
||||
void channel_request_start(int, char *, int);
|
||||
void channel_register_cleanup(int, channel_callback_fn *);
|
||||
void channel_register_cleanup(int, channel_callback_fn *, int);
|
||||
void channel_register_confirm(int, channel_callback_fn *, void *);
|
||||
void channel_register_filter(int, channel_filter_fn *);
|
||||
void channel_register_filter(int, channel_infilter_fn *, channel_outfilter_fn *);
|
||||
void channel_cancel_cleanup(int);
|
||||
int channel_close_fd(int *);
|
||||
void channel_send_window_changes(void);
|
||||
|
@ -23,7 +23,11 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
||||
|
||||
/* compatibility with old or broken OpenSSL versions */
|
||||
#include "openbsd-compat/openssl-compat.h"
|
||||
|
||||
#ifdef USE_BUILTIN_RIJNDAEL
|
||||
RCSID("$OpenBSD: cipher-aes.c,v 1.2 2003/11/26 21:44:29 djm Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
@ -31,10 +35,6 @@ RCSID("$OpenBSD: cipher-aes.c,v 1.2 2003/11/26 21:44:29 djm Exp $");
|
||||
#include "xmalloc.h"
|
||||
#include "log.h"
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00906000L
|
||||
#define SSH_OLD_EVP
|
||||
#endif
|
||||
|
||||
#define RIJNDAEL_BLOCKSIZE 16
|
||||
struct ssh_rijndael_ctx
|
||||
{
|
||||
@ -157,4 +157,4 @@ evp_rijndael(void)
|
||||
#endif
|
||||
return (&rijndal_cbc);
|
||||
}
|
||||
#endif /* OPENSSL_VERSION_NUMBER */
|
||||
#endif /* USE_BUILTIN_RIJNDAEL */
|
||||
|
@ -21,11 +21,10 @@ RCSID("$OpenBSD: cipher-ctr.c,v 1.6 2005/07/17 07:17:55 djm Exp $");
|
||||
#include "log.h"
|
||||
#include "xmalloc.h"
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00906000L
|
||||
#define SSH_OLD_EVP
|
||||
#endif
|
||||
/* compatibility with old or broken OpenSSL versions */
|
||||
#include "openbsd-compat/openssl-compat.h"
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
||||
#ifdef USE_BUILTIN_RIJNDAEL
|
||||
#include "rijndael.h"
|
||||
#define AES_KEY rijndael_ctx
|
||||
#define AES_BLOCK_SIZE 16
|
||||
|
@ -334,7 +334,7 @@ cipher_get_keyiv(CipherContext *cc, u_char *iv, u_int len)
|
||||
if ((u_int)evplen != len)
|
||||
fatal("%s: wrong iv length %d != %d", __func__,
|
||||
evplen, len);
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
||||
#ifdef USE_BUILTIN_RIJNDAEL
|
||||
if (c->evptype == evp_rijndael)
|
||||
ssh_rijndael_iv(&cc->evp, 0, iv, len);
|
||||
else
|
||||
@ -365,7 +365,7 @@ cipher_set_keyiv(CipherContext *cc, u_char *iv)
|
||||
evplen = EVP_CIPHER_CTX_iv_length(&cc->evp);
|
||||
if (evplen == 0)
|
||||
return;
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
||||
#ifdef USE_BUILTIN_RIJNDAEL
|
||||
if (c->evptype == evp_rijndael)
|
||||
ssh_rijndael_iv(&cc->evp, 1, iv, evplen);
|
||||
else
|
||||
|
@ -59,7 +59,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: clientloop.c,v 1.141 2005/07/16 01:35:24 djm Exp $");
|
||||
RCSID("$OpenBSD: clientloop.c,v 1.149 2005/12/30 15:56:37 reyk Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "ssh1.h"
|
||||
@ -77,6 +77,7 @@ RCSID("$OpenBSD: clientloop.c,v 1.141 2005/07/16 01:35:24 djm Exp $");
|
||||
#include "log.h"
|
||||
#include "readconf.h"
|
||||
#include "clientloop.h"
|
||||
#include "sshconnect.h"
|
||||
#include "authfd.h"
|
||||
#include "atomicio.h"
|
||||
#include "sshpty.h"
|
||||
@ -113,7 +114,7 @@ extern char *host;
|
||||
static volatile sig_atomic_t received_window_change_signal = 0;
|
||||
static volatile sig_atomic_t received_signal = 0;
|
||||
|
||||
/* Flag indicating whether the user\'s terminal is in non-blocking mode. */
|
||||
/* Flag indicating whether the user's terminal is in non-blocking mode. */
|
||||
static int in_non_blocking_mode = 0;
|
||||
|
||||
/* Common data for the client loop code. */
|
||||
@ -266,7 +267,7 @@ client_x11_get_proto(const char *display, const char *xauth_path,
|
||||
}
|
||||
}
|
||||
snprintf(cmd, sizeof(cmd),
|
||||
"%s %s%s list %s . 2>" _PATH_DEVNULL,
|
||||
"%s %s%s list %s 2>" _PATH_DEVNULL,
|
||||
xauth_path,
|
||||
generated ? "-f " : "" ,
|
||||
generated ? xauthfile : "",
|
||||
@ -914,6 +915,15 @@ process_cmdline(void)
|
||||
logit(" -Lport:host:hostport Request local forward");
|
||||
logit(" -Rport:host:hostport Request remote forward");
|
||||
logit(" -KRhostport Cancel remote forward");
|
||||
if (!options.permit_local_command)
|
||||
goto out;
|
||||
logit(" !args Execute local command");
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (*s == '!' && options.permit_local_command) {
|
||||
s++;
|
||||
ssh_local_cmd(s);
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -1376,10 +1386,10 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
|
||||
session_ident = ssh2_chan_id;
|
||||
if (escape_char != SSH_ESCAPECHAR_NONE)
|
||||
channel_register_filter(session_ident,
|
||||
simple_escape_filter);
|
||||
simple_escape_filter, NULL);
|
||||
if (session_ident != -1)
|
||||
channel_register_cleanup(session_ident,
|
||||
client_channel_closed);
|
||||
client_channel_closed, 0);
|
||||
} else {
|
||||
/* Check if we should immediately send eof on stdin. */
|
||||
client_check_initial_eof_on_stdin();
|
||||
@ -1678,7 +1688,7 @@ client_request_x11(const char *request_type, int rchan)
|
||||
|
||||
if (!options.forward_x11) {
|
||||
error("Warning: ssh server tried X11 forwarding.");
|
||||
error("Warning: this is probably a break in attempt by a malicious server.");
|
||||
error("Warning: this is probably a break-in attempt by a malicious server.");
|
||||
return NULL;
|
||||
}
|
||||
originator = packet_get_string(NULL);
|
||||
@ -1711,7 +1721,7 @@ client_request_agent(const char *request_type, int rchan)
|
||||
|
||||
if (!options.forward_agent) {
|
||||
error("Warning: ssh server tried agent forwarding.");
|
||||
error("Warning: this is probably a break in attempt by a malicious server.");
|
||||
error("Warning: this is probably a break-in attempt by a malicious server.");
|
||||
return NULL;
|
||||
}
|
||||
sock = ssh_get_authentication_socket();
|
||||
@ -1880,7 +1890,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
|
||||
/* Split */
|
||||
name = xstrdup(env[i]);
|
||||
if ((val = strchr(name, '=')) == NULL) {
|
||||
free(name);
|
||||
xfree(name);
|
||||
continue;
|
||||
}
|
||||
*val++ = '\0';
|
||||
@ -1894,7 +1904,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
|
||||
}
|
||||
if (!matched) {
|
||||
debug3("Ignored env %s", name);
|
||||
free(name);
|
||||
xfree(name);
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -1903,7 +1913,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
|
||||
packet_put_cstring(name);
|
||||
packet_put_cstring(val);
|
||||
packet_send();
|
||||
free(name);
|
||||
xfree(name);
|
||||
}
|
||||
}
|
||||
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -25,7 +25,7 @@
|
||||
#ifndef _DEFINES_H
|
||||
#define _DEFINES_H
|
||||
|
||||
/* $Id: defines.h,v 1.127 2005/08/31 16:59:49 tim Exp $ */
|
||||
/* $Id: defines.h,v 1.130 2005/12/17 11:04:09 dtucker Exp $ */
|
||||
|
||||
|
||||
/* Constants */
|
||||
@ -450,6 +450,10 @@ struct winsize {
|
||||
# define __sentinel__
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__bounded__)
|
||||
# define __bounded__(x, y, z)
|
||||
#endif
|
||||
|
||||
/* *-*-nto-qnx doesn't define this macro in the system headers */
|
||||
#ifdef MISSING_HOWMANY
|
||||
# define howmany(x,y) (((x)+((y)-1))/(y))
|
||||
@ -688,7 +692,7 @@ struct winsize {
|
||||
# define CUSTOM_SYS_AUTH_PASSWD 1
|
||||
#endif
|
||||
|
||||
#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
|
||||
#ifdef HAVE_LIBIAF
|
||||
# define CUSTOM_SYS_AUTH_PASSWD 1
|
||||
#endif
|
||||
|
||||
@ -711,4 +715,12 @@ struct winsize {
|
||||
# undef HAVE_MMAP
|
||||
#endif
|
||||
|
||||
/* some system headers on HP-UX define YES/NO */
|
||||
#ifdef YES
|
||||
# undef YES
|
||||
#endif
|
||||
#ifdef NO
|
||||
# undef NO
|
||||
#endif
|
||||
|
||||
#endif /* _DEFINES_H */
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $ */
|
||||
/* $OpenBSD: dns.c,v 1.16 2005/10/17 14:13:35 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
|
||||
@ -25,27 +25,16 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: dns.c,v 1.16 2005/10/17 14:13:35 stevesk Exp $");
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#ifdef LWRES
|
||||
#include <lwres/netdb.h>
|
||||
#include <dns/result.h>
|
||||
#else /* LWRES */
|
||||
#include <netdb.h>
|
||||
#endif /* LWRES */
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "key.h"
|
||||
#include "dns.h"
|
||||
#include "log.h"
|
||||
#include "uuencode.h"
|
||||
|
||||
extern char *__progname;
|
||||
RCSID("$OpenBSD: dns.c,v 1.12 2005/06/17 02:44:32 djm Exp $");
|
||||
|
||||
#ifndef LWRES
|
||||
static const char *errset_text[] = {
|
||||
"success", /* 0 ERRSET_SUCCESS */
|
||||
"out of memory", /* 1 ERRSET_NOMEMORY */
|
||||
@ -75,8 +64,6 @@ dns_result_totext(unsigned int res)
|
||||
return "unknown error";
|
||||
}
|
||||
}
|
||||
#endif /* LWRES */
|
||||
|
||||
|
||||
/*
|
||||
* Read SSHFP parameters from key buffer.
|
||||
@ -95,12 +82,14 @@ dns_read_key(u_int8_t *algorithm, u_int8_t *digest_type,
|
||||
*algorithm = SSHFP_KEY_DSA;
|
||||
break;
|
||||
default:
|
||||
*algorithm = SSHFP_KEY_RESERVED;
|
||||
*algorithm = SSHFP_KEY_RESERVED; /* 0 */
|
||||
}
|
||||
|
||||
if (*algorithm) {
|
||||
*digest_type = SSHFP_HASH_SHA1;
|
||||
*digest = key_fingerprint_raw(key, SSH_FP_SHA1, digest_len);
|
||||
if (*digest == NULL)
|
||||
fatal("dns_read_key: null from key_fingerprint_raw()");
|
||||
success = 1;
|
||||
} else {
|
||||
*digest_type = SSHFP_HASH_RESERVED;
|
||||
@ -133,7 +122,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
|
||||
*digest = (u_char *) xmalloc(*digest_len);
|
||||
memcpy(*digest, rdata + 2, *digest_len);
|
||||
} else {
|
||||
*digest = NULL;
|
||||
*digest = xstrdup("");
|
||||
}
|
||||
|
||||
success = 1;
|
||||
@ -187,7 +176,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
|
||||
|
||||
*flags = 0;
|
||||
|
||||
debug3("verify_hostkey_dns");
|
||||
debug3("verify_host_key_dns");
|
||||
if (hostkey == NULL)
|
||||
fatal("No key to look up!");
|
||||
|
||||
@ -223,7 +212,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
|
||||
if (fingerprints->rri_nrdatas)
|
||||
*flags |= DNS_VERIFY_FOUND;
|
||||
|
||||
for (counter = 0 ; counter < fingerprints->rri_nrdatas ; counter++) {
|
||||
for (counter = 0; counter < fingerprints->rri_nrdatas; counter++) {
|
||||
/*
|
||||
* Extract the key from the answer. Ignore any badly
|
||||
* formatted fingerprints.
|
||||
@ -247,8 +236,10 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
|
||||
*flags |= DNS_VERIFY_MATCH;
|
||||
}
|
||||
}
|
||||
xfree(dnskey_digest);
|
||||
}
|
||||
|
||||
xfree(hostkey_digest); /* from key_fingerprint_raw() */
|
||||
freerrset(fingerprints);
|
||||
|
||||
if (*flags & DNS_VERIFY_FOUND)
|
||||
@ -262,7 +253,6 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address,
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Export the fingerprint of a key as a DNS resource record
|
||||
*/
|
||||
@ -291,9 +281,10 @@ export_dns_rr(const char *hostname, const Key *key, FILE *f, int generic)
|
||||
for (i = 0; i < rdata_digest_len; i++)
|
||||
fprintf(f, "%02x", rdata_digest[i]);
|
||||
fprintf(f, "\n");
|
||||
xfree(rdata_digest); /* from key_fingerprint_raw() */
|
||||
success = 1;
|
||||
} else {
|
||||
error("dns_export_rr: unsupported algorithm");
|
||||
error("export_dns_rr: unsupported algorithm");
|
||||
}
|
||||
|
||||
return success;
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: dns.h,v 1.5 2003/11/12 16:39:58 jakob Exp $ */
|
||||
/* $OpenBSD: dns.h,v 1.6 2005/10/17 14:13:35 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
|
||||
@ -25,7 +25,6 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef DNS_H
|
||||
@ -49,7 +48,6 @@ enum sshfp_hashes {
|
||||
#define DNS_VERIFY_MATCH 0x00000002
|
||||
#define DNS_VERIFY_SECURE 0x00000004
|
||||
|
||||
|
||||
int verify_host_key_dns(const char *, struct sockaddr *, const Key *, int *);
|
||||
int export_dns_rr(const char *, const Key *, FILE *, int);
|
||||
|
||||
|
@ -26,6 +26,7 @@
|
||||
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/crypto.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
#include "ssh.h"
|
||||
#include "misc.h"
|
||||
@ -33,6 +34,8 @@
|
||||
#include "atomicio.h"
|
||||
#include "pathnames.h"
|
||||
#include "log.h"
|
||||
#include "buffer.h"
|
||||
#include "bufaux.h"
|
||||
|
||||
/*
|
||||
* Portable OpenSSH PRNG seeding:
|
||||
@ -45,7 +48,7 @@
|
||||
* XXX: we should tell the child how many bytes we need.
|
||||
*/
|
||||
|
||||
RCSID("$Id: entropy.c,v 1.49 2005/07/17 07:26:44 djm Exp $");
|
||||
RCSID("$Id: entropy.c,v 1.52 2005/09/27 22:26:30 dtucker Exp $");
|
||||
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
#define RANDOM_SEED_SIZE 48
|
||||
@ -145,10 +148,35 @@ init_rng(void)
|
||||
"have %lx", OPENSSL_VERSION_NUMBER, SSLeay());
|
||||
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
if ((original_uid = getuid()) == -1)
|
||||
fatal("getuid: %s", strerror(errno));
|
||||
if ((original_euid = geteuid()) == -1)
|
||||
fatal("geteuid: %s", strerror(errno));
|
||||
original_uid = getuid();
|
||||
original_euid = geteuid();
|
||||
#endif
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
void
|
||||
rexec_send_rng_seed(Buffer *m)
|
||||
{
|
||||
u_char buf[RANDOM_SEED_SIZE];
|
||||
|
||||
if (RAND_bytes(buf, sizeof(buf)) <= 0) {
|
||||
error("Couldn't obtain random bytes (error %ld)",
|
||||
ERR_get_error());
|
||||
buffer_put_string(m, "", 0);
|
||||
} else
|
||||
buffer_put_string(m, buf, sizeof(buf));
|
||||
}
|
||||
|
||||
void
|
||||
rexec_recv_rng_seed(Buffer *m)
|
||||
{
|
||||
u_char *buf;
|
||||
u_int len;
|
||||
|
||||
buf = buffer_get_string_ret(m, &len);
|
||||
if (buf != NULL) {
|
||||
debug3("rexec_recv_rng_seed: seeding rng with %u bytes", len);
|
||||
RAND_add(buf, len, len);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
@ -22,12 +22,17 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id: entropy.h,v 1.4 2001/02/09 01:55:36 djm Exp $ */
|
||||
/* $Id: entropy.h,v 1.5 2005/09/27 12:46:32 dtucker Exp $ */
|
||||
|
||||
#ifndef _RANDOMS_H
|
||||
#define _RANDOMS_H
|
||||
|
||||
#include "buffer.h"
|
||||
|
||||
void seed_rng(void);
|
||||
void init_rng(void);
|
||||
|
||||
void rexec_send_rng_seed(Buffer *);
|
||||
void rexec_recv_rng_seed(Buffer *);
|
||||
|
||||
#endif /* _RANDOMS_H */
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: gss-genr.c,v 1.4 2005/07/17 07:17:55 djm Exp $ */
|
||||
/* $OpenBSD: gss-genr.c,v 1.6 2005/10/13 22:24:31 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
@ -30,9 +30,7 @@
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "bufaux.h"
|
||||
#include "compat.h"
|
||||
#include "log.h"
|
||||
#include "monitor_wrap.h"
|
||||
#include "ssh2.h"
|
||||
|
||||
#include "ssh-gss.h"
|
||||
@ -270,7 +268,8 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service,
|
||||
}
|
||||
|
||||
OM_uint32
|
||||
ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) {
|
||||
ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
|
||||
{
|
||||
if (*ctx)
|
||||
ssh_gssapi_delete_ctx(ctx);
|
||||
ssh_gssapi_build_ctx(ctx);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: gss-serv-krb5.c,v 1.3 2004/07/21 10:36:23 djm Exp $ */
|
||||
/* $OpenBSD: gss-serv-krb5.c,v 1.4 2005/10/13 19:08:08 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: gss-serv.c,v 1.8 2005/08/30 22:08:05 djm Exp $ */
|
||||
/* $OpenBSD: gss-serv.c,v 1.13 2005/10/13 22:24:31 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
@ -29,20 +29,16 @@
|
||||
#ifdef GSSAPI
|
||||
|
||||
#include "bufaux.h"
|
||||
#include "compat.h"
|
||||
#include "auth.h"
|
||||
#include "log.h"
|
||||
#include "channels.h"
|
||||
#include "session.h"
|
||||
#include "servconf.h"
|
||||
#include "monitor_wrap.h"
|
||||
#include "xmalloc.h"
|
||||
#include "getput.h"
|
||||
|
||||
#include "ssh-gss.h"
|
||||
|
||||
extern ServerOptions options;
|
||||
|
||||
static ssh_gssapi_client gssapi_client =
|
||||
{ GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER,
|
||||
GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL}};
|
||||
@ -61,7 +57,7 @@ ssh_gssapi_mech* supported_mechs[]= {
|
||||
&gssapi_null_mech,
|
||||
};
|
||||
|
||||
/* Unpriviledged */
|
||||
/* Unprivileged */
|
||||
void
|
||||
ssh_gssapi_supported_oids(gss_OID_set *oidset)
|
||||
{
|
||||
@ -90,7 +86,7 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset)
|
||||
* oid
|
||||
* credentials (from ssh_gssapi_acquire_cred)
|
||||
*/
|
||||
/* Priviledged */
|
||||
/* Privileged */
|
||||
OM_uint32
|
||||
ssh_gssapi_accept_ctx(Gssctxt *ctx, gss_buffer_desc *recv_tok,
|
||||
gss_buffer_desc *send_tok, OM_uint32 *flags)
|
||||
@ -138,14 +134,14 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
|
||||
OM_uint32 offset;
|
||||
OM_uint32 oidl;
|
||||
|
||||
tok=ename->value;
|
||||
tok = ename->value;
|
||||
|
||||
/*
|
||||
* Check that ename is long enough for all of the fixed length
|
||||
* header, and that the initial ID bytes are correct
|
||||
*/
|
||||
|
||||
if (ename->length<6 || memcmp(tok,"\x04\x01", 2)!=0)
|
||||
if (ename->length < 6 || memcmp(tok, "\x04\x01", 2) != 0)
|
||||
return GSS_S_FAILURE;
|
||||
|
||||
/*
|
||||
@ -164,7 +160,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
|
||||
*/
|
||||
if (tok[4] != 0x06 || tok[5] != oidl ||
|
||||
ename->length < oidl+6 ||
|
||||
!ssh_gssapi_check_oid(ctx,tok+6,oidl))
|
||||
!ssh_gssapi_check_oid(ctx, tok+6, oidl))
|
||||
return GSS_S_FAILURE;
|
||||
|
||||
offset = oidl+6;
|
||||
@ -179,7 +175,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
|
||||
return GSS_S_FAILURE;
|
||||
|
||||
name->value = xmalloc(name->length+1);
|
||||
memcpy(name->value,tok+offset,name->length);
|
||||
memcpy(name->value, tok+offset,name->length);
|
||||
((char *)name->value)[name->length] = 0;
|
||||
|
||||
return GSS_S_COMPLETE;
|
||||
@ -188,7 +184,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
|
||||
/* Extract the client details from a given context. This can only reliably
|
||||
* be called once for a context */
|
||||
|
||||
/* Priviledged (called from accept_secure_ctx) */
|
||||
/* Privileged (called from accept_secure_ctx) */
|
||||
OM_uint32
|
||||
ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client)
|
||||
{
|
||||
@ -263,7 +259,6 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
|
||||
|
||||
if (gssapi_client.store.envvar != NULL &&
|
||||
gssapi_client.store.envval != NULL) {
|
||||
|
||||
debug("Setting %s to %s", gssapi_client.store.envvar,
|
||||
gssapi_client.store.envval);
|
||||
child_set_env(envp, envsizep, gssapi_client.store.envvar,
|
||||
@ -271,7 +266,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep)
|
||||
}
|
||||
}
|
||||
|
||||
/* Priviledged */
|
||||
/* Privileged */
|
||||
int
|
||||
ssh_gssapi_userok(char *user)
|
||||
{
|
||||
@ -298,7 +293,7 @@ ssh_gssapi_userok(char *user)
|
||||
return (0);
|
||||
}
|
||||
|
||||
/* Priviledged */
|
||||
/* Privileged */
|
||||
OM_uint32
|
||||
ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic)
|
||||
{
|
||||
|
@ -36,7 +36,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: hostfile.c,v 1.35 2005/07/27 10:39:03 dtucker Exp $");
|
||||
RCSID("$OpenBSD: hostfile.c,v 1.36 2005/11/22 03:36:03 dtucker Exp $");
|
||||
|
||||
#include <resolv.h>
|
||||
#include <openssl/hmac.h>
|
||||
@ -88,8 +88,8 @@ extract_salt(const char *s, u_int l, char *salt, size_t salt_len)
|
||||
return (-1);
|
||||
}
|
||||
if (ret != SHA_DIGEST_LENGTH) {
|
||||
debug2("extract_salt: expected salt len %u, got %u",
|
||||
salt_len, ret);
|
||||
debug2("extract_salt: expected salt len %d, got %d",
|
||||
SHA_DIGEST_LENGTH, ret);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: includes.h,v 1.19 2005/05/19 02:42:26 djm Exp $ */
|
||||
/* $OpenBSD: includes.h,v 1.22 2006/01/01 08:59:27 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -21,6 +21,8 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "\100(#)" msg }
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#define _GNU_SOURCE /* activate extra prototypes for glibc */
|
||||
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <ctype.h>
|
||||
@ -67,7 +69,6 @@ static /**/const char *const rcsid[] = { (const char *)rcsid, "\100(#)" msg }
|
||||
#ifdef HAVE_NEXT
|
||||
# include <libc.h>
|
||||
#endif
|
||||
#define __USE_GNU /* before unistd.h, activate extra prototypes for glibc */
|
||||
#include <unistd.h> /* For STDIN_FILENO, etc */
|
||||
#include <termios.h> /* Struct winsize */
|
||||
|
||||
|
@ -23,7 +23,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kex.c,v 1.64 2005/07/25 11:59:39 markus Exp $");
|
||||
RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
|
||||
|
||||
#include <openssl/crypto.h>
|
||||
|
||||
@ -294,13 +294,17 @@ choose_kex(Kex *k, char *client, char *server)
|
||||
fatal("no kex alg");
|
||||
if (strcmp(k->name, KEX_DH1) == 0) {
|
||||
k->kex_type = KEX_DH_GRP1_SHA1;
|
||||
k->evp_md = EVP_sha1();
|
||||
} else if (strcmp(k->name, KEX_DH14) == 0) {
|
||||
k->kex_type = KEX_DH_GRP14_SHA1;
|
||||
} else if (strcmp(k->name, KEX_DHGEX) == 0) {
|
||||
k->evp_md = EVP_sha1();
|
||||
} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
|
||||
k->kex_type = KEX_DH_GEX_SHA1;
|
||||
k->evp_md = EVP_sha1();
|
||||
} else
|
||||
fatal("bad kex alg %s", k->name);
|
||||
}
|
||||
|
||||
static void
|
||||
choose_hostkeyalg(Kex *k, char *client, char *server)
|
||||
{
|
||||
@ -404,28 +408,28 @@ kex_choose_conf(Kex *kex)
|
||||
}
|
||||
|
||||
static u_char *
|
||||
derive_key(Kex *kex, int id, u_int need, u_char *hash, BIGNUM *shared_secret)
|
||||
derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen,
|
||||
BIGNUM *shared_secret)
|
||||
{
|
||||
Buffer b;
|
||||
const EVP_MD *evp_md = EVP_sha1();
|
||||
EVP_MD_CTX md;
|
||||
char c = id;
|
||||
u_int have;
|
||||
int mdsz = EVP_MD_size(evp_md);
|
||||
int mdsz;
|
||||
u_char *digest;
|
||||
|
||||
if (mdsz < 0)
|
||||
fatal("derive_key: mdsz < 0");
|
||||
if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0)
|
||||
fatal("bad kex md size %d", mdsz);
|
||||
digest = xmalloc(roundup(need, mdsz));
|
||||
|
||||
buffer_init(&b);
|
||||
buffer_put_bignum2(&b, shared_secret);
|
||||
|
||||
/* K1 = HASH(K || H || "A" || session_id) */
|
||||
EVP_DigestInit(&md, evp_md);
|
||||
EVP_DigestInit(&md, kex->evp_md);
|
||||
if (!(datafellows & SSH_BUG_DERIVEKEY))
|
||||
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
|
||||
EVP_DigestUpdate(&md, hash, mdsz);
|
||||
EVP_DigestUpdate(&md, hash, hashlen);
|
||||
EVP_DigestUpdate(&md, &c, 1);
|
||||
EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len);
|
||||
EVP_DigestFinal(&md, digest, NULL);
|
||||
@ -436,10 +440,10 @@ derive_key(Kex *kex, int id, u_int need, u_char *hash, BIGNUM *shared_secret)
|
||||
* Key = K1 || K2 || ... || Kn
|
||||
*/
|
||||
for (have = mdsz; need > have; have += mdsz) {
|
||||
EVP_DigestInit(&md, evp_md);
|
||||
EVP_DigestInit(&md, kex->evp_md);
|
||||
if (!(datafellows & SSH_BUG_DERIVEKEY))
|
||||
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
|
||||
EVP_DigestUpdate(&md, hash, mdsz);
|
||||
EVP_DigestUpdate(&md, hash, hashlen);
|
||||
EVP_DigestUpdate(&md, digest, have);
|
||||
EVP_DigestFinal(&md, digest + have, NULL);
|
||||
}
|
||||
@ -455,13 +459,15 @@ Newkeys *current_keys[MODE_MAX];
|
||||
|
||||
#define NKEYS 6
|
||||
void
|
||||
kex_derive_keys(Kex *kex, u_char *hash, BIGNUM *shared_secret)
|
||||
kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret)
|
||||
{
|
||||
u_char *keys[NKEYS];
|
||||
u_int i, mode, ctos;
|
||||
|
||||
for (i = 0; i < NKEYS; i++)
|
||||
keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, shared_secret);
|
||||
for (i = 0; i < NKEYS; i++) {
|
||||
keys[i] = derive_key(kex, 'A'+i, kex->we_need, hash, hashlen,
|
||||
shared_secret);
|
||||
}
|
||||
|
||||
debug2("kex_derive_keys");
|
||||
for (mode = 0; mode < MODE_MAX; mode++) {
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: kex.h,v 1.37 2005/07/25 11:59:39 markus Exp $ */
|
||||
/* $OpenBSD: kex.h,v 1.38 2005/11/04 05:15:59 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
|
||||
@ -33,7 +33,7 @@
|
||||
|
||||
#define KEX_DH1 "diffie-hellman-group1-sha1"
|
||||
#define KEX_DH14 "diffie-hellman-group14-sha1"
|
||||
#define KEX_DHGEX "diffie-hellman-group-exchange-sha1"
|
||||
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
|
||||
|
||||
#define COMP_NONE 0
|
||||
#define COMP_ZLIB 1
|
||||
@ -114,6 +114,7 @@ struct Kex {
|
||||
Buffer peer;
|
||||
int done;
|
||||
int flags;
|
||||
const EVP_MD *evp_md;
|
||||
char *client_version_string;
|
||||
char *server_version_string;
|
||||
int (*verify_host_key)(Key *);
|
||||
@ -127,7 +128,7 @@ void kex_finish(Kex *);
|
||||
|
||||
void kex_send_kexinit(Kex *);
|
||||
void kex_input_kexinit(int, u_int32_t, void *);
|
||||
void kex_derive_keys(Kex *, u_char *, BIGNUM *);
|
||||
void kex_derive_keys(Kex *, u_char *, u_int, BIGNUM *);
|
||||
|
||||
Newkeys *kex_get_newkeys(int);
|
||||
|
||||
@ -136,12 +137,13 @@ void kexdh_server(Kex *);
|
||||
void kexgex_client(Kex *);
|
||||
void kexgex_server(Kex *);
|
||||
|
||||
u_char *
|
||||
void
|
||||
kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,
|
||||
BIGNUM *, BIGNUM *, BIGNUM *);
|
||||
u_char *
|
||||
kexgex_hash(char *, char *, char *, int, char *, int, u_char *, int,
|
||||
int, int, int, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *);
|
||||
BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);
|
||||
void
|
||||
kexgex_hash(const EVP_MD *, char *, char *, char *, int, char *,
|
||||
int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *,
|
||||
BIGNUM *, BIGNUM *, u_char **, u_int *);
|
||||
|
||||
void
|
||||
derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);
|
||||
|
@ -23,7 +23,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kexdh.c,v 1.19 2003/02/16 17:09:57 markus Exp $");
|
||||
RCSID("$OpenBSD: kexdh.c,v 1.20 2005/11/04 05:15:59 djm Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
@ -32,7 +32,7 @@ RCSID("$OpenBSD: kexdh.c,v 1.19 2003/02/16 17:09:57 markus Exp $");
|
||||
#include "ssh2.h"
|
||||
#include "kex.h"
|
||||
|
||||
u_char *
|
||||
void
|
||||
kex_dh_hash(
|
||||
char *client_version_string,
|
||||
char *server_version_string,
|
||||
@ -41,7 +41,8 @@ kex_dh_hash(
|
||||
u_char *serverhostkeyblob, int sbloblen,
|
||||
BIGNUM *client_dh_pub,
|
||||
BIGNUM *server_dh_pub,
|
||||
BIGNUM *shared_secret)
|
||||
BIGNUM *shared_secret,
|
||||
u_char **hash, u_int *hashlen)
|
||||
{
|
||||
Buffer b;
|
||||
static u_char digest[EVP_MAX_MD_SIZE];
|
||||
@ -77,5 +78,6 @@ kex_dh_hash(
|
||||
#ifdef DEBUG_KEX
|
||||
dump_digest("hash", digest, EVP_MD_size(evp_md));
|
||||
#endif
|
||||
return digest;
|
||||
*hash = digest;
|
||||
*hashlen = EVP_MD_size(evp_md);
|
||||
}
|
||||
|
@ -23,7 +23,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kexdhc.c,v 1.2 2004/06/13 12:53:24 djm Exp $");
|
||||
RCSID("$OpenBSD: kexdhc.c,v 1.3 2005/11/04 05:15:59 djm Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "key.h"
|
||||
@ -41,7 +41,7 @@ kexdh_client(Kex *kex)
|
||||
Key *server_host_key;
|
||||
u_char *server_host_key_blob = NULL, *signature = NULL;
|
||||
u_char *kbuf, *hash;
|
||||
u_int klen, kout, slen, sbloblen;
|
||||
u_int klen, kout, slen, sbloblen, hashlen;
|
||||
|
||||
/* generate and send 'e', client DH public key */
|
||||
switch (kex->kex_type) {
|
||||
@ -114,7 +114,7 @@ kexdh_client(Kex *kex)
|
||||
xfree(kbuf);
|
||||
|
||||
/* calc and verify H */
|
||||
hash = kex_dh_hash(
|
||||
kex_dh_hash(
|
||||
kex->client_version_string,
|
||||
kex->server_version_string,
|
||||
buffer_ptr(&kex->my), buffer_len(&kex->my),
|
||||
@ -122,25 +122,26 @@ kexdh_client(Kex *kex)
|
||||
server_host_key_blob, sbloblen,
|
||||
dh->pub_key,
|
||||
dh_server_pub,
|
||||
shared_secret
|
||||
shared_secret,
|
||||
&hash, &hashlen
|
||||
);
|
||||
xfree(server_host_key_blob);
|
||||
BN_clear_free(dh_server_pub);
|
||||
DH_free(dh);
|
||||
|
||||
if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
|
||||
if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
|
||||
fatal("key_verify failed for server_host_key");
|
||||
key_free(server_host_key);
|
||||
xfree(signature);
|
||||
|
||||
/* save session id */
|
||||
if (kex->session_id == NULL) {
|
||||
kex->session_id_len = 20;
|
||||
kex->session_id_len = hashlen;
|
||||
kex->session_id = xmalloc(kex->session_id_len);
|
||||
memcpy(kex->session_id, hash, kex->session_id_len);
|
||||
}
|
||||
|
||||
kex_derive_keys(kex, hash, shared_secret);
|
||||
kex_derive_keys(kex, hash, hashlen, shared_secret);
|
||||
BN_clear_free(shared_secret);
|
||||
kex_finish(kex);
|
||||
}
|
||||
|
@ -23,7 +23,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kexdhs.c,v 1.2 2004/06/13 12:53:24 djm Exp $");
|
||||
RCSID("$OpenBSD: kexdhs.c,v 1.3 2005/11/04 05:15:59 djm Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "key.h"
|
||||
@ -41,7 +41,7 @@ kexdh_server(Kex *kex)
|
||||
DH *dh;
|
||||
Key *server_host_key;
|
||||
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
||||
u_int sbloblen, klen, kout;
|
||||
u_int sbloblen, klen, kout, hashlen;
|
||||
u_int slen;
|
||||
|
||||
/* generate server DH public key */
|
||||
@ -103,7 +103,7 @@ kexdh_server(Kex *kex)
|
||||
key_to_blob(server_host_key, &server_host_key_blob, &sbloblen);
|
||||
|
||||
/* calc H */
|
||||
hash = kex_dh_hash(
|
||||
kex_dh_hash(
|
||||
kex->client_version_string,
|
||||
kex->server_version_string,
|
||||
buffer_ptr(&kex->peer), buffer_len(&kex->peer),
|
||||
@ -111,21 +111,20 @@ kexdh_server(Kex *kex)
|
||||
server_host_key_blob, sbloblen,
|
||||
dh_client_pub,
|
||||
dh->pub_key,
|
||||
shared_secret
|
||||
shared_secret,
|
||||
&hash, &hashlen
|
||||
);
|
||||
BN_clear_free(dh_client_pub);
|
||||
|
||||
/* save session id := H */
|
||||
/* XXX hashlen depends on KEX */
|
||||
if (kex->session_id == NULL) {
|
||||
kex->session_id_len = 20;
|
||||
kex->session_id_len = hashlen;
|
||||
kex->session_id = xmalloc(kex->session_id_len);
|
||||
memcpy(kex->session_id, hash, kex->session_id_len);
|
||||
}
|
||||
|
||||
/* sign H */
|
||||
/* XXX hashlen depends on KEX */
|
||||
PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20));
|
||||
PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen));
|
||||
|
||||
/* destroy_sensitive_data(); */
|
||||
|
||||
@ -141,7 +140,7 @@ kexdh_server(Kex *kex)
|
||||
/* have keys, free DH */
|
||||
DH_free(dh);
|
||||
|
||||
kex_derive_keys(kex, hash, shared_secret);
|
||||
kex_derive_keys(kex, hash, hashlen, shared_secret);
|
||||
BN_clear_free(shared_secret);
|
||||
kex_finish(kex);
|
||||
}
|
||||
|
@ -24,7 +24,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kexgex.c,v 1.23 2003/02/16 17:09:57 markus Exp $");
|
||||
RCSID("$OpenBSD: kexgex.c,v 1.24 2005/11/04 05:15:59 djm Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
@ -33,8 +33,9 @@ RCSID("$OpenBSD: kexgex.c,v 1.23 2003/02/16 17:09:57 markus Exp $");
|
||||
#include "kex.h"
|
||||
#include "ssh2.h"
|
||||
|
||||
u_char *
|
||||
void
|
||||
kexgex_hash(
|
||||
const EVP_MD *evp_md,
|
||||
char *client_version_string,
|
||||
char *server_version_string,
|
||||
char *ckexinit, int ckexinitlen,
|
||||
@ -43,11 +44,11 @@ kexgex_hash(
|
||||
int min, int wantbits, int max, BIGNUM *prime, BIGNUM *gen,
|
||||
BIGNUM *client_dh_pub,
|
||||
BIGNUM *server_dh_pub,
|
||||
BIGNUM *shared_secret)
|
||||
BIGNUM *shared_secret,
|
||||
u_char **hash, u_int *hashlen)
|
||||
{
|
||||
Buffer b;
|
||||
static u_char digest[EVP_MAX_MD_SIZE];
|
||||
const EVP_MD *evp_md = EVP_sha1();
|
||||
EVP_MD_CTX md;
|
||||
|
||||
buffer_init(&b);
|
||||
@ -79,14 +80,15 @@ kexgex_hash(
|
||||
#ifdef DEBUG_KEXDH
|
||||
buffer_dump(&b);
|
||||
#endif
|
||||
|
||||
EVP_DigestInit(&md, evp_md);
|
||||
EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b));
|
||||
EVP_DigestFinal(&md, digest, NULL);
|
||||
|
||||
buffer_free(&b);
|
||||
|
||||
*hash = digest;
|
||||
*hashlen = EVP_MD_size(evp_md);
|
||||
#ifdef DEBUG_KEXDH
|
||||
dump_digest("hash", digest, EVP_MD_size(evp_md));
|
||||
dump_digest("hash", digest, *hashlen);
|
||||
#endif
|
||||
return digest;
|
||||
}
|
||||
|
@ -24,7 +24,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kexgexc.c,v 1.2 2003/12/08 11:00:47 markus Exp $");
|
||||
RCSID("$OpenBSD: kexgexc.c,v 1.3 2005/11/04 05:15:59 djm Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "key.h"
|
||||
@ -42,7 +42,7 @@ kexgex_client(Kex *kex)
|
||||
BIGNUM *p = NULL, *g = NULL;
|
||||
Key *server_host_key;
|
||||
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
||||
u_int klen, kout, slen, sbloblen;
|
||||
u_int klen, kout, slen, sbloblen, hashlen;
|
||||
int min, max, nbits;
|
||||
DH *dh;
|
||||
|
||||
@ -155,7 +155,8 @@ kexgex_client(Kex *kex)
|
||||
min = max = -1;
|
||||
|
||||
/* calc and verify H */
|
||||
hash = kexgex_hash(
|
||||
kexgex_hash(
|
||||
kex->evp_md,
|
||||
kex->client_version_string,
|
||||
kex->server_version_string,
|
||||
buffer_ptr(&kex->my), buffer_len(&kex->my),
|
||||
@ -165,25 +166,27 @@ kexgex_client(Kex *kex)
|
||||
dh->p, dh->g,
|
||||
dh->pub_key,
|
||||
dh_server_pub,
|
||||
shared_secret
|
||||
shared_secret,
|
||||
&hash, &hashlen
|
||||
);
|
||||
|
||||
/* have keys, free DH */
|
||||
DH_free(dh);
|
||||
xfree(server_host_key_blob);
|
||||
BN_clear_free(dh_server_pub);
|
||||
|
||||
if (key_verify(server_host_key, signature, slen, hash, 20) != 1)
|
||||
if (key_verify(server_host_key, signature, slen, hash, hashlen) != 1)
|
||||
fatal("key_verify failed for server_host_key");
|
||||
key_free(server_host_key);
|
||||
xfree(signature);
|
||||
|
||||
/* save session id */
|
||||
if (kex->session_id == NULL) {
|
||||
kex->session_id_len = 20;
|
||||
kex->session_id_len = hashlen;
|
||||
kex->session_id = xmalloc(kex->session_id_len);
|
||||
memcpy(kex->session_id, hash, kex->session_id_len);
|
||||
}
|
||||
kex_derive_keys(kex, hash, shared_secret);
|
||||
kex_derive_keys(kex, hash, hashlen, shared_secret);
|
||||
BN_clear_free(shared_secret);
|
||||
|
||||
kex_finish(kex);
|
||||
|
@ -24,7 +24,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: kexgexs.c,v 1.1 2003/02/16 17:09:57 markus Exp $");
|
||||
RCSID("$OpenBSD: kexgexs.c,v 1.2 2005/11/04 05:15:59 djm Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "key.h"
|
||||
@ -43,7 +43,7 @@ kexgex_server(Kex *kex)
|
||||
Key *server_host_key;
|
||||
DH *dh;
|
||||
u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL;
|
||||
u_int sbloblen, klen, kout, slen;
|
||||
u_int sbloblen, klen, kout, slen, hashlen;
|
||||
int min = -1, max = -1, nbits = -1, type;
|
||||
|
||||
if (kex->load_host_key == NULL)
|
||||
@ -137,8 +137,9 @@ kexgex_server(Kex *kex)
|
||||
if (type == SSH2_MSG_KEX_DH_GEX_REQUEST_OLD)
|
||||
min = max = -1;
|
||||
|
||||
/* calc H */ /* XXX depends on 'kex' */
|
||||
hash = kexgex_hash(
|
||||
/* calc H */
|
||||
kexgex_hash(
|
||||
kex->evp_md,
|
||||
kex->client_version_string,
|
||||
kex->server_version_string,
|
||||
buffer_ptr(&kex->peer), buffer_len(&kex->peer),
|
||||
@ -148,21 +149,20 @@ kexgex_server(Kex *kex)
|
||||
dh->p, dh->g,
|
||||
dh_client_pub,
|
||||
dh->pub_key,
|
||||
shared_secret
|
||||
shared_secret,
|
||||
&hash, &hashlen
|
||||
);
|
||||
BN_clear_free(dh_client_pub);
|
||||
|
||||
/* save session id := H */
|
||||
/* XXX hashlen depends on KEX */
|
||||
if (kex->session_id == NULL) {
|
||||
kex->session_id_len = 20;
|
||||
kex->session_id_len = hashlen;
|
||||
kex->session_id = xmalloc(kex->session_id_len);
|
||||
memcpy(kex->session_id, hash, kex->session_id_len);
|
||||
}
|
||||
|
||||
/* sign H */
|
||||
/* XXX hashlen depends on KEX */
|
||||
PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, 20));
|
||||
PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen));
|
||||
|
||||
/* destroy_sensitive_data(); */
|
||||
|
||||
@ -179,7 +179,7 @@ kexgex_server(Kex *kex)
|
||||
/* have keys, free DH */
|
||||
DH_free(dh);
|
||||
|
||||
kex_derive_keys(kex, hash, shared_secret);
|
||||
kex_derive_keys(kex, hash, hashlen, shared_secret);
|
||||
BN_clear_free(shared_secret);
|
||||
|
||||
kex_finish(kex);
|
||||
|
@ -165,7 +165,7 @@
|
||||
# include <libutil.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id: loginrec.c,v 1.70 2005/07/17 07:26:44 djm Exp $");
|
||||
RCSID("$Id: loginrec.c,v 1.71 2005/11/22 08:55:13 dtucker Exp $");
|
||||
|
||||
/**
|
||||
** prototypes for helper functions in this file
|
||||
@ -1589,7 +1589,7 @@ lastlog_get_entry(struct logininfo *li)
|
||||
return (0);
|
||||
default:
|
||||
error("%s: Error reading from %s: Expecting %d, got %d",
|
||||
__func__, LASTLOG_FILE, sizeof(last), ret);
|
||||
__func__, LASTLOG_FILE, (int)sizeof(last), ret);
|
||||
return (0);
|
||||
}
|
||||
|
||||
@ -1613,7 +1613,7 @@ record_failed_login(const char *username, const char *hostname,
|
||||
int fd;
|
||||
struct utmp ut;
|
||||
struct sockaddr_storage from;
|
||||
size_t fromlen = sizeof(from);
|
||||
socklen_t fromlen = sizeof(from);
|
||||
struct sockaddr_in *a4;
|
||||
struct sockaddr_in6 *a6;
|
||||
time_t t;
|
||||
|
@ -24,7 +24,11 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: misc.c,v 1.34 2005/07/08 09:26:18 dtucker Exp $");
|
||||
RCSID("$OpenBSD: misc.c,v 1.42 2006/01/31 10:19:02 djm Exp $");
|
||||
|
||||
#ifdef SSH_TUN_OPENBSD
|
||||
#include <net/if.h>
|
||||
#endif
|
||||
|
||||
#include "misc.h"
|
||||
#include "log.h"
|
||||
@ -194,6 +198,37 @@ a2port(const char *s)
|
||||
return port;
|
||||
}
|
||||
|
||||
int
|
||||
a2tun(const char *s, int *remote)
|
||||
{
|
||||
const char *errstr = NULL;
|
||||
char *sp, *ep;
|
||||
int tun;
|
||||
|
||||
if (remote != NULL) {
|
||||
*remote = SSH_TUNID_ANY;
|
||||
sp = xstrdup(s);
|
||||
if ((ep = strchr(sp, ':')) == NULL) {
|
||||
xfree(sp);
|
||||
return (a2tun(s, NULL));
|
||||
}
|
||||
ep[0] = '\0'; ep++;
|
||||
*remote = a2tun(ep, NULL);
|
||||
tun = a2tun(sp, NULL);
|
||||
xfree(sp);
|
||||
return (*remote == SSH_TUNID_ERR ? *remote : tun);
|
||||
}
|
||||
|
||||
if (strcasecmp(s, "any") == 0)
|
||||
return (SSH_TUNID_ANY);
|
||||
|
||||
tun = strtonum(s, 0, SSH_TUNID_MAX, &errstr);
|
||||
if (errstr != NULL)
|
||||
return (SSH_TUNID_ERR);
|
||||
|
||||
return (tun);
|
||||
}
|
||||
|
||||
#define SECONDS 1
|
||||
#define MINUTES (SECONDS * 60)
|
||||
#define HOURS (MINUTES * 60)
|
||||
@ -356,12 +391,15 @@ void
|
||||
addargs(arglist *args, char *fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
char buf[1024];
|
||||
char *cp;
|
||||
u_int nalloc;
|
||||
int r;
|
||||
|
||||
va_start(ap, fmt);
|
||||
vsnprintf(buf, sizeof(buf), fmt, ap);
|
||||
r = vasprintf(&cp, fmt, ap);
|
||||
va_end(ap);
|
||||
if (r == -1)
|
||||
fatal("addargs: argument too long");
|
||||
|
||||
nalloc = args->nalloc;
|
||||
if (args->list == NULL) {
|
||||
@ -372,10 +410,44 @@ addargs(arglist *args, char *fmt, ...)
|
||||
|
||||
args->list = xrealloc(args->list, nalloc * sizeof(char *));
|
||||
args->nalloc = nalloc;
|
||||
args->list[args->num++] = xstrdup(buf);
|
||||
args->list[args->num++] = cp;
|
||||
args->list[args->num] = NULL;
|
||||
}
|
||||
|
||||
void
|
||||
replacearg(arglist *args, u_int which, char *fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
char *cp;
|
||||
int r;
|
||||
|
||||
va_start(ap, fmt);
|
||||
r = vasprintf(&cp, fmt, ap);
|
||||
va_end(ap);
|
||||
if (r == -1)
|
||||
fatal("replacearg: argument too long");
|
||||
|
||||
if (which >= args->num)
|
||||
fatal("replacearg: tried to replace invalid arg %d >= %d",
|
||||
which, args->num);
|
||||
xfree(args->list[which]);
|
||||
args->list[which] = cp;
|
||||
}
|
||||
|
||||
void
|
||||
freeargs(arglist *args)
|
||||
{
|
||||
u_int i;
|
||||
|
||||
if (args->list != NULL) {
|
||||
for (i = 0; i < args->num; i++)
|
||||
xfree(args->list[i]);
|
||||
xfree(args->list);
|
||||
args->nalloc = args->num = 0;
|
||||
args->list = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Expands tildes in the file name. Returns data allocated by xmalloc.
|
||||
* Warning: this calls getpw*.
|
||||
@ -507,6 +579,99 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz,
|
||||
return -1;
|
||||
}
|
||||
|
||||
int
|
||||
tun_open(int tun, int mode)
|
||||
{
|
||||
#if defined(CUSTOM_SYS_TUN_OPEN)
|
||||
return (sys_tun_open(tun, mode));
|
||||
#elif defined(SSH_TUN_OPENBSD)
|
||||
struct ifreq ifr;
|
||||
char name[100];
|
||||
int fd = -1, sock;
|
||||
|
||||
/* Open the tunnel device */
|
||||
if (tun <= SSH_TUNID_MAX) {
|
||||
snprintf(name, sizeof(name), "/dev/tun%d", tun);
|
||||
fd = open(name, O_RDWR);
|
||||
} else if (tun == SSH_TUNID_ANY) {
|
||||
for (tun = 100; tun >= 0; tun--) {
|
||||
snprintf(name, sizeof(name), "/dev/tun%d", tun);
|
||||
if ((fd = open(name, O_RDWR)) >= 0)
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
debug("%s: invalid tunnel %u", __func__, tun);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
if (fd < 0) {
|
||||
debug("%s: %s open failed: %s", __func__, name, strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
|
||||
debug("%s: %s mode %d fd %d", __func__, name, mode, fd);
|
||||
|
||||
/* Set the tunnel device operation mode */
|
||||
snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
|
||||
if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
|
||||
goto failed;
|
||||
|
||||
if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
|
||||
goto failed;
|
||||
|
||||
/* Set interface mode */
|
||||
ifr.ifr_flags &= ~IFF_UP;
|
||||
if (mode == SSH_TUNMODE_ETHERNET)
|
||||
ifr.ifr_flags |= IFF_LINK0;
|
||||
else
|
||||
ifr.ifr_flags &= ~IFF_LINK0;
|
||||
if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
|
||||
goto failed;
|
||||
|
||||
/* Bring interface up */
|
||||
ifr.ifr_flags |= IFF_UP;
|
||||
if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
|
||||
goto failed;
|
||||
|
||||
close(sock);
|
||||
return (fd);
|
||||
|
||||
failed:
|
||||
if (fd >= 0)
|
||||
close(fd);
|
||||
if (sock >= 0)
|
||||
close(sock);
|
||||
debug("%s: failed to set %s mode %d: %s", __func__, name,
|
||||
mode, strerror(errno));
|
||||
return (-1);
|
||||
#else
|
||||
error("Tunnel interfaces are not supported on this platform");
|
||||
return (-1);
|
||||
#endif
|
||||
}
|
||||
|
||||
void
|
||||
sanitise_stdfd(void)
|
||||
{
|
||||
int nullfd, dupfd;
|
||||
|
||||
if ((nullfd = dupfd = open(_PATH_DEVNULL, O_RDWR)) == -1) {
|
||||
fprintf(stderr, "Couldn't open /dev/null: %s", strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
while (++dupfd <= 2) {
|
||||
/* Only clobber closed fds */
|
||||
if (fcntl(dupfd, F_GETFL, 0) >= 0)
|
||||
continue;
|
||||
if (dup2(nullfd, dupfd) == -1) {
|
||||
fprintf(stderr, "dup2: %s", strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
if (nullfd > 2)
|
||||
close(nullfd);
|
||||
}
|
||||
|
||||
char *
|
||||
tohex(const u_char *d, u_int l)
|
||||
{
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: misc.h,v 1.25 2005/07/14 04:00:43 dtucker Exp $ */
|
||||
/* $OpenBSD: misc.h,v 1.29 2006/01/31 10:19:02 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -20,6 +20,7 @@ int set_nonblock(int);
|
||||
int unset_nonblock(int);
|
||||
void set_nodelay(int);
|
||||
int a2port(const char *);
|
||||
int a2tun(const char *, int *);
|
||||
char *hpdelim(char **);
|
||||
char *cleanhostname(char *);
|
||||
char *colon(char *);
|
||||
@ -27,6 +28,7 @@ long convtime(const char *);
|
||||
char *tilde_expand_filename(const char *, uid_t);
|
||||
char *percent_expand(const char *, ...) __attribute__((__sentinel__));
|
||||
char *tohex(const u_char *, u_int);
|
||||
void sanitise_stdfd(void);
|
||||
|
||||
struct passwd *pwcopy(struct passwd *);
|
||||
|
||||
@ -36,7 +38,11 @@ struct arglist {
|
||||
u_int num;
|
||||
u_int nalloc;
|
||||
};
|
||||
void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3)));
|
||||
void addargs(arglist *, char *, ...)
|
||||
__attribute__((format(printf, 2, 3)));
|
||||
void replacearg(arglist *, u_int, char *, ...)
|
||||
__attribute__((format(printf, 3, 4)));
|
||||
void freeargs(arglist *);
|
||||
|
||||
/* readpass.c */
|
||||
|
||||
@ -48,3 +54,16 @@ void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3)));
|
||||
char *read_passphrase(const char *, int);
|
||||
int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
|
||||
|
||||
int tun_open(int, int);
|
||||
|
||||
/* Common definitions for ssh tunnel device forwarding */
|
||||
#define SSH_TUNMODE_NO 0x00
|
||||
#define SSH_TUNMODE_POINTOPOINT 0x01
|
||||
#define SSH_TUNMODE_ETHERNET 0x02
|
||||
#define SSH_TUNMODE_DEFAULT SSH_TUNMODE_POINTOPOINT
|
||||
#define SSH_TUNMODE_YES (SSH_TUNMODE_POINTOPOINT|SSH_TUNMODE_ETHERNET)
|
||||
|
||||
#define SSH_TUNID_ANY 0x7fffffff
|
||||
#define SSH_TUNID_ERR (SSH_TUNID_ANY - 1)
|
||||
#define SSH_TUNID_MAX (SSH_TUNID_ANY - 2)
|
||||
|
@ -25,7 +25,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: monitor.c,v 1.63 2005/03/10 22:01:05 deraadt Exp $");
|
||||
RCSID("$OpenBSD: monitor.c,v 1.64 2005/10/13 22:24:31 stevesk Exp $");
|
||||
|
||||
#include <openssl/dh.h>
|
||||
|
||||
@ -834,9 +834,7 @@ mm_answer_pam_account(int sock, Buffer *m)
|
||||
ret = do_pam_account();
|
||||
|
||||
buffer_put_int(m, ret);
|
||||
buffer_append(&loginmsg, "\0", 1);
|
||||
buffer_put_cstring(m, buffer_ptr(&loginmsg));
|
||||
buffer_clear(&loginmsg);
|
||||
buffer_put_string(m, buffer_ptr(&loginmsg), buffer_len(&loginmsg));
|
||||
|
||||
mm_request_send(sock, MONITOR_ANS_PAM_ACCOUNT, m);
|
||||
|
||||
@ -1831,7 +1829,7 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m)
|
||||
buffer_clear(m);
|
||||
buffer_put_int(m, major);
|
||||
|
||||
mm_request_send(sock,MONITOR_ANS_GSSSETUP, m);
|
||||
mm_request_send(sock, MONITOR_ANS_GSSSETUP, m);
|
||||
|
||||
/* Now we have a context, enable the step */
|
||||
monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 1);
|
||||
@ -1844,7 +1842,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
|
||||
{
|
||||
gss_buffer_desc in;
|
||||
gss_buffer_desc out = GSS_C_EMPTY_BUFFER;
|
||||
OM_uint32 major,minor;
|
||||
OM_uint32 major, minor;
|
||||
OM_uint32 flags = 0; /* GSI needs this */
|
||||
u_int len;
|
||||
|
||||
@ -1861,7 +1859,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m)
|
||||
|
||||
gss_release_buffer(&minor, &out);
|
||||
|
||||
if (major==GSS_S_COMPLETE) {
|
||||
if (major == GSS_S_COMPLETE) {
|
||||
monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0);
|
||||
monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1);
|
||||
monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1);
|
||||
@ -1910,7 +1908,7 @@ mm_answer_gss_userok(int sock, Buffer *m)
|
||||
debug3("%s: sending result %d", __func__, authenticated);
|
||||
mm_request_send(sock, MONITOR_ANS_GSSUSEROK, m);
|
||||
|
||||
auth_method="gssapi-with-mic";
|
||||
auth_method = "gssapi-with-mic";
|
||||
|
||||
/* Monitor loop will terminate if authenticated */
|
||||
return (authenticated);
|
||||
|
@ -72,7 +72,6 @@ extern struct monitor *pmonitor;
|
||||
extern Buffer input, output;
|
||||
extern Buffer loginmsg;
|
||||
extern ServerOptions options;
|
||||
extern Buffer loginmsg;
|
||||
|
||||
int
|
||||
mm_is_monitor(void)
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $Id: Makefile.in,v 1.35 2005/08/26 20:15:20 tim Exp $
|
||||
# $Id: Makefile.in,v 1.37 2005/12/31 05:33:37 djm Exp $
|
||||
|
||||
sysconfdir=@sysconfdir@
|
||||
piddir=@piddir@
|
||||
@ -18,9 +18,9 @@ LDFLAGS=-L. @LDFLAGS@
|
||||
|
||||
OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
|
||||
|
||||
COMPAT=bsd-arc4random.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
|
||||
COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
|
||||
|
||||
PORTS=port-irix.o port-aix.o port-uw.o
|
||||
PORTS=port-irix.o port-aix.o port-uw.o port-tun.o
|
||||
|
||||
.c.o:
|
||||
$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
|
||||
|
@ -1,5 +1,3 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/base64.c */
|
||||
|
||||
/* $OpenBSD: base64.c,v 1.4 2002/01/02 23:00:10 deraadt Exp $ */
|
||||
|
||||
/*
|
||||
@ -44,6 +42,8 @@
|
||||
* IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/base64.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if (!defined(HAVE_B64_NTOP) && !defined(HAVE___B64_NTOP)) || (!defined(HAVE_B64_PTON) && !defined(HAVE___B64_PTON))
|
||||
@ -139,7 +139,7 @@ b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize)
|
||||
size_t datalength = 0;
|
||||
u_char input[3];
|
||||
u_char output[4];
|
||||
int i;
|
||||
u_int i;
|
||||
|
||||
while (2 < srclength) {
|
||||
input[0] = *src++;
|
||||
@ -206,7 +206,8 @@ b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize)
|
||||
int
|
||||
b64_pton(char const *src, u_char *target, size_t targsize)
|
||||
{
|
||||
int tarindex, state, ch;
|
||||
u_int tarindex, state;
|
||||
int ch;
|
||||
char *pos;
|
||||
|
||||
state = 0;
|
||||
|
@ -1,9 +1,7 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/basename.c */
|
||||
|
||||
/* $OpenBSD: basename.c,v 1.11 2003/06/17 21:56:23 millert Exp $ */
|
||||
/* $OpenBSD: basename.c,v 1.14 2005/08/08 08:05:33 espie Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
* Copyright (c) 1997, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
@ -18,34 +16,35 @@
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/basename.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_BASENAME
|
||||
|
||||
#ifndef lint
|
||||
static char rcsid[] = "$OpenBSD: basename.c,v 1.11 2003/06/17 21:56:23 millert Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
char *
|
||||
basename(const char *path)
|
||||
{
|
||||
static char bname[MAXPATHLEN];
|
||||
register const char *endp, *startp;
|
||||
size_t len;
|
||||
const char *endp, *startp;
|
||||
|
||||
/* Empty or NULL string gets treated as "." */
|
||||
if (path == NULL || *path == '\0') {
|
||||
(void)strlcpy(bname, ".", sizeof bname);
|
||||
return(bname);
|
||||
bname[0] = '.';
|
||||
bname[1] = '\0';
|
||||
return (bname);
|
||||
}
|
||||
|
||||
/* Strip trailing slashes */
|
||||
/* Strip any trailing slashes */
|
||||
endp = path + strlen(path) - 1;
|
||||
while (endp > path && *endp == '/')
|
||||
endp--;
|
||||
|
||||
/* All slashes become "/" */
|
||||
/* All slashes becomes "/" */
|
||||
if (endp == path && *endp == '/') {
|
||||
(void)strlcpy(bname, "/", sizeof bname);
|
||||
return(bname);
|
||||
bname[0] = '/';
|
||||
bname[1] = '\0';
|
||||
return (bname);
|
||||
}
|
||||
|
||||
/* Find the start of the base */
|
||||
@ -53,12 +52,14 @@ basename(const char *path)
|
||||
while (startp > path && *(startp - 1) != '/')
|
||||
startp--;
|
||||
|
||||
if (endp - startp + 2 > sizeof(bname)) {
|
||||
len = endp - startp + 1;
|
||||
if (len >= sizeof(bname)) {
|
||||
errno = ENAMETOOLONG;
|
||||
return(NULL);
|
||||
return (NULL);
|
||||
}
|
||||
strlcpy(bname, startp, endp - startp + 2);
|
||||
return(bname);
|
||||
memcpy(bname, startp, len);
|
||||
bname[len] = '\0';
|
||||
return (bname);
|
||||
}
|
||||
|
||||
#endif /* !defined(HAVE_BASENAME) */
|
||||
|
@ -1,6 +1,6 @@
|
||||
/* This file has be substantially modified from the original OpenBSD source */
|
||||
|
||||
/* $OpenBSD: bindresvport.c,v 1.15 2003/05/20 22:42:35 deraadt Exp $ */
|
||||
/* $OpenBSD: bindresvport.c,v 1.16 2005/04/01 07:44:03 otto Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright 1996, Jason Downs. All rights reserved.
|
||||
@ -28,6 +28,8 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/rpc/bindresvport.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef HAVE_BINDRESVPORT_SA
|
||||
@ -42,9 +44,7 @@
|
||||
* Bind a socket to a privileged IP port
|
||||
*/
|
||||
int
|
||||
bindresvport_sa(sd, sa)
|
||||
int sd;
|
||||
struct sockaddr *sa;
|
||||
bindresvport_sa(int sd, struct sockaddr *sa)
|
||||
{
|
||||
int error, af;
|
||||
struct sockaddr_storage myaddr;
|
||||
|
95
crypto/openssh/openbsd-compat/bsd-asprintf.c
Normal file
95
crypto/openssh/openbsd-compat/bsd-asprintf.c
Normal file
@ -0,0 +1,95 @@
|
||||
/*
|
||||
* Copyright (c) 2004 Darren Tucker.
|
||||
*
|
||||
* Based originally on asprintf.c from OpenBSD:
|
||||
* Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef HAVE_VASPRINTF
|
||||
|
||||
#ifndef VA_COPY
|
||||
# ifdef HAVE_VA_COPY
|
||||
# define VA_COPY(dest, src) va_copy(dest, src)
|
||||
# else
|
||||
# ifdef HAVE___VA_COPY
|
||||
# define VA_COPY(dest, src) __va_copy(dest, src)
|
||||
# else
|
||||
# define VA_COPY(dest, src) (dest) = (src)
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#define INIT_SZ 128
|
||||
|
||||
int vasprintf(char **str, const char *fmt, va_list ap)
|
||||
{
|
||||
int ret = -1;
|
||||
va_list ap2;
|
||||
char *string, *newstr;
|
||||
size_t len;
|
||||
|
||||
VA_COPY(ap2, ap);
|
||||
if ((string = malloc(INIT_SZ)) == NULL)
|
||||
goto fail;
|
||||
|
||||
ret = vsnprintf(string, INIT_SZ, fmt, ap2);
|
||||
if (ret >= 0 && ret < INIT_SZ) { /* succeeded with initial alloc */
|
||||
*str = string;
|
||||
} else if (ret == INT_MAX) { /* shouldn't happen */
|
||||
goto fail;
|
||||
} else { /* bigger than initial, realloc allowing for nul */
|
||||
len = (size_t)ret + 1;
|
||||
if ((newstr = realloc(string, len)) == NULL) {
|
||||
free(string);
|
||||
goto fail;
|
||||
} else {
|
||||
va_end(ap2);
|
||||
VA_COPY(ap2, ap);
|
||||
ret = vsnprintf(newstr, len, fmt, ap2);
|
||||
if (ret >= 0 && (size_t)ret < len) {
|
||||
*str = newstr;
|
||||
} else { /* failed with realloc'ed string, give up */
|
||||
free(newstr);
|
||||
goto fail;
|
||||
}
|
||||
}
|
||||
}
|
||||
va_end(ap2);
|
||||
return (ret);
|
||||
|
||||
fail:
|
||||
*str = NULL;
|
||||
errno = ENOMEM;
|
||||
va_end(ap2);
|
||||
return (-1);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_ASPRINTF
|
||||
int asprintf(char **str, const char *fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
int ret;
|
||||
|
||||
*str = NULL;
|
||||
va_start(ap, fmt);
|
||||
ret = vasprintf(str, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
return ret;
|
||||
}
|
||||
#endif
|
@ -46,7 +46,7 @@
|
||||
# define OPEN_MAX 256
|
||||
#endif
|
||||
|
||||
RCSID("$Id: bsd-closefrom.c,v 1.1 2004/08/15 08:41:00 djm Exp $");
|
||||
RCSID("$Id: bsd-closefrom.c,v 1.2 2005/11/10 08:29:13 dtucker Exp $");
|
||||
|
||||
#ifndef lint
|
||||
static const char sudorcsid[] = "$Sudo: closefrom.c,v 1.6 2004/06/01 20:51:56 millert Exp $";
|
||||
@ -67,7 +67,7 @@ closefrom(int lowfd)
|
||||
|
||||
/* Check for a /proc/$$/fd directory. */
|
||||
len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid());
|
||||
if (len != -1 && len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {
|
||||
if (len >= 0 && (u_int)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) {
|
||||
while ((dent = readdir(dirp)) != NULL) {
|
||||
fd = strtol(dent->d_name, &endp, 10);
|
||||
if (dent->d_name != endp && *endp == '\0' &&
|
||||
|
@ -18,7 +18,7 @@
|
||||
#include "includes.h"
|
||||
#include "xmalloc.h"
|
||||
|
||||
RCSID("$Id: bsd-misc.c,v 1.27 2005/05/27 11:13:41 dtucker Exp $");
|
||||
RCSID("$Id: bsd-misc.c,v 1.28 2005/11/01 22:07:31 dtucker Exp $");
|
||||
|
||||
#ifndef HAVE___PROGNAME
|
||||
char *__progname;
|
||||
@ -223,10 +223,7 @@ strdup(const char *str)
|
||||
len = strlen(str) + 1;
|
||||
cp = malloc(len);
|
||||
if (cp != NULL)
|
||||
if (strlcpy(cp, str, len) != len) {
|
||||
free(cp);
|
||||
return(memcpy(cp, str, len));
|
||||
return NULL;
|
||||
}
|
||||
return cp;
|
||||
}
|
||||
#endif
|
||||
|
@ -45,45 +45,82 @@
|
||||
* missing. Some systems only have snprintf() but not vsnprintf(), so
|
||||
* the code is now broken down under HAVE_SNPRINTF and HAVE_VSNPRINTF.
|
||||
*
|
||||
* Ben Lindstrom <mouring@eviladmin.org> 09/27/00 for OpenSSH
|
||||
* Welcome to the world of %lld and %qd support. With other
|
||||
* long long support. This is needed for sftp-server to work
|
||||
* right.
|
||||
* Andrew Tridgell (tridge@samba.org) Oct 1998
|
||||
* fixed handling of %.0f
|
||||
* added test for HAVE_LONG_DOUBLE
|
||||
*
|
||||
* Ben Lindstrom <mouring@eviladmin.org> 02/12/01 for OpenSSH
|
||||
* Removed all hint of VARARGS stuff and banished it to the void,
|
||||
* and did a bit of KNF style work to make things a bit more
|
||||
* acceptable. Consider stealing from mutt or enlightenment.
|
||||
* tridge@samba.org, idra@samba.org, April 2001
|
||||
* got rid of fcvt code (twas buggy and made testing harder)
|
||||
* added C99 semantics
|
||||
*
|
||||
* date: 2002/12/19 19:56:31; author: herb; state: Exp; lines: +2 -0
|
||||
* actually print args for %g and %e
|
||||
*
|
||||
* date: 2002/06/03 13:37:52; author: jmcd; state: Exp; lines: +8 -0
|
||||
* Since includes.h isn't included here, VA_COPY has to be defined here. I don't
|
||||
* see any include file that is guaranteed to be here, so I'm defining it
|
||||
* locally. Fixes AIX and Solaris builds.
|
||||
*
|
||||
* date: 2002/06/03 03:07:24; author: tridge; state: Exp; lines: +5 -13
|
||||
* put the ifdef for HAVE_VA_COPY in one place rather than in lots of
|
||||
* functions
|
||||
*
|
||||
* date: 2002/05/17 14:51:22; author: jmcd; state: Exp; lines: +21 -4
|
||||
* Fix usage of va_list passed as an arg. Use __va_copy before using it
|
||||
* when it exists.
|
||||
*
|
||||
* date: 2002/04/16 22:38:04; author: idra; state: Exp; lines: +20 -14
|
||||
* Fix incorrect zpadlen handling in fmtfp.
|
||||
* Thanks to Ollie Oldham <ollie.oldham@metro-optix.com> for spotting it.
|
||||
* few mods to make it easier to compile the tests.
|
||||
* addedd the "Ollie" test to the floating point ones.
|
||||
*
|
||||
* Martin Pool (mbp@samba.org) April 2003
|
||||
* Remove NO_CONFIG_H so that the test case can be built within a source
|
||||
* tree with less trouble.
|
||||
* Remove unnecessary SAFE_FREE() definition.
|
||||
*
|
||||
* Martin Pool (mbp@samba.org) May 2003
|
||||
* Put in a prototype for dummy_snprintf() to quiet compiler warnings.
|
||||
*
|
||||
* Move #endif to make sure VA_COPY, LDOUBLE, etc are defined even
|
||||
* if the C library has some snprintf functions already.
|
||||
**************************************************************/
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
RCSID("$Id: bsd-snprintf.c,v 1.9 2004/09/23 11:35:09 dtucker Exp $");
|
||||
RCSID("$Id: bsd-snprintf.c,v 1.11 2005/12/17 11:32:04 dtucker Exp $");
|
||||
|
||||
#if defined(BROKEN_SNPRINTF) /* For those with broken snprintf() */
|
||||
# undef HAVE_SNPRINTF
|
||||
# undef HAVE_VSNPRINTF
|
||||
#endif
|
||||
|
||||
#ifndef VA_COPY
|
||||
# ifdef HAVE_VA_COPY
|
||||
# define VA_COPY(dest, src) va_copy(dest, src)
|
||||
# else
|
||||
# ifdef HAVE___VA_COPY
|
||||
# define VA_COPY(dest, src) __va_copy(dest, src)
|
||||
# else
|
||||
# define VA_COPY(dest, src) (dest) = (src)
|
||||
# endif
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF)
|
||||
|
||||
static void
|
||||
dopr(char *buffer, size_t maxlen, const char *format, va_list args);
|
||||
#ifdef HAVE_LONG_DOUBLE
|
||||
# define LDOUBLE long double
|
||||
#else
|
||||
# define LDOUBLE double
|
||||
#endif
|
||||
|
||||
static void
|
||||
fmtstr(char *buffer, size_t *currlen, size_t maxlen, char *value, int flags,
|
||||
int min, int max);
|
||||
|
||||
static void
|
||||
fmtint(char *buffer, size_t *currlen, size_t maxlen, long value, int base,
|
||||
int min, int max, int flags);
|
||||
|
||||
static void
|
||||
fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue,
|
||||
int min, int max, int flags);
|
||||
|
||||
static void
|
||||
dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c);
|
||||
#ifdef HAVE_LONG_LONG
|
||||
# define LLONG long long
|
||||
#else
|
||||
# define LLONG long
|
||||
#endif
|
||||
|
||||
/*
|
||||
* dopr(): poor man's version of doprintf
|
||||
@ -112,25 +149,46 @@ dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c);
|
||||
#define DP_C_SHORT 1
|
||||
#define DP_C_LONG 2
|
||||
#define DP_C_LDOUBLE 3
|
||||
#define DP_C_LONG_LONG 4
|
||||
#define DP_C_LLONG 4
|
||||
|
||||
#define char_to_int(p) (p - '0')
|
||||
#define abs_val(p) (p < 0 ? -p : p)
|
||||
#define char_to_int(p) ((p)- '0')
|
||||
#ifndef MAX
|
||||
# define MAX(p,q) (((p) >= (q)) ? (p) : (q))
|
||||
#endif
|
||||
|
||||
static size_t dopr(char *buffer, size_t maxlen, const char *format,
|
||||
va_list args_in);
|
||||
static void fmtstr(char *buffer, size_t *currlen, size_t maxlen,
|
||||
char *value, int flags, int min, int max);
|
||||
static void fmtint(char *buffer, size_t *currlen, size_t maxlen,
|
||||
long value, int base, int min, int max, int flags);
|
||||
static void fmtfp(char *buffer, size_t *currlen, size_t maxlen,
|
||||
LDOUBLE fvalue, int min, int max, int flags);
|
||||
static void dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c);
|
||||
|
||||
static void
|
||||
dopr(char *buffer, size_t maxlen, const char *format, va_list args)
|
||||
static size_t dopr(char *buffer, size_t maxlen, const char *format, va_list args_in)
|
||||
{
|
||||
char *strvalue, ch;
|
||||
long value;
|
||||
long double fvalue;
|
||||
int min = 0, max = -1, state = DP_S_DEFAULT, flags = 0, cflags = 0;
|
||||
size_t currlen = 0;
|
||||
char ch;
|
||||
LLONG value;
|
||||
LDOUBLE fvalue;
|
||||
char *strvalue;
|
||||
int min;
|
||||
int max;
|
||||
int state;
|
||||
int flags;
|
||||
int cflags;
|
||||
size_t currlen;
|
||||
va_list args;
|
||||
|
||||
VA_COPY(args, args_in);
|
||||
|
||||
state = DP_S_DEFAULT;
|
||||
currlen = flags = cflags = min = 0;
|
||||
max = -1;
|
||||
ch = *format++;
|
||||
|
||||
while (state != DP_S_DONE) {
|
||||
if ((ch == '\0') || (currlen >= maxlen))
|
||||
if (ch == '\0')
|
||||
state = DP_S_DONE;
|
||||
|
||||
switch(state) {
|
||||
@ -138,7 +196,7 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args)
|
||||
if (ch == '%')
|
||||
state = DP_S_FLAGS;
|
||||
else
|
||||
dopr_outch(buffer, &currlen, maxlen, ch);
|
||||
dopr_outch (buffer, &currlen, maxlen, ch);
|
||||
ch = *format++;
|
||||
break;
|
||||
case DP_S_FLAGS:
|
||||
@ -170,34 +228,37 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args)
|
||||
break;
|
||||
case DP_S_MIN:
|
||||
if (isdigit((unsigned char)ch)) {
|
||||
min = 10 * min + char_to_int (ch);
|
||||
min = 10*min + char_to_int (ch);
|
||||
ch = *format++;
|
||||
} else if (ch == '*') {
|
||||
min = va_arg (args, int);
|
||||
ch = *format++;
|
||||
state = DP_S_DOT;
|
||||
} else
|
||||
} else {
|
||||
state = DP_S_DOT;
|
||||
}
|
||||
break;
|
||||
case DP_S_DOT:
|
||||
if (ch == '.') {
|
||||
state = DP_S_MAX;
|
||||
ch = *format++;
|
||||
} else
|
||||
} else {
|
||||
state = DP_S_MOD;
|
||||
}
|
||||
break;
|
||||
case DP_S_MAX:
|
||||
if (isdigit((unsigned char)ch)) {
|
||||
if (max < 0)
|
||||
max = 0;
|
||||
max = 10 * max + char_to_int(ch);
|
||||
max = 10*max + char_to_int (ch);
|
||||
ch = *format++;
|
||||
} else if (ch == '*') {
|
||||
max = va_arg (args, int);
|
||||
ch = *format++;
|
||||
state = DP_S_MOD;
|
||||
} else
|
||||
} else {
|
||||
state = DP_S_MOD;
|
||||
}
|
||||
break;
|
||||
case DP_S_MOD:
|
||||
switch (ch) {
|
||||
@ -208,15 +269,11 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args)
|
||||
case 'l':
|
||||
cflags = DP_C_LONG;
|
||||
ch = *format++;
|
||||
if (ch == 'l') {
|
||||
cflags = DP_C_LONG_LONG;
|
||||
if (ch == 'l') { /* It's a long long */
|
||||
cflags = DP_C_LLONG;
|
||||
ch = *format++;
|
||||
}
|
||||
break;
|
||||
case 'q':
|
||||
cflags = DP_C_LONG_LONG;
|
||||
ch = *format++;
|
||||
break;
|
||||
case 'L':
|
||||
cflags = DP_C_LDOUBLE;
|
||||
ch = *format++;
|
||||
@ -231,37 +288,37 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args)
|
||||
case 'd':
|
||||
case 'i':
|
||||
if (cflags == DP_C_SHORT)
|
||||
value = va_arg(args, int);
|
||||
value = va_arg (args, int);
|
||||
else if (cflags == DP_C_LONG)
|
||||
value = va_arg(args, long int);
|
||||
else if (cflags == DP_C_LONG_LONG)
|
||||
value = va_arg (args, long long);
|
||||
value = va_arg (args, long int);
|
||||
else if (cflags == DP_C_LLONG)
|
||||
value = va_arg (args, LLONG);
|
||||
else
|
||||
value = va_arg (args, int);
|
||||
fmtint(buffer, &currlen, maxlen, value, 10, min, max, flags);
|
||||
fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags);
|
||||
break;
|
||||
case 'o':
|
||||
flags |= DP_F_UNSIGNED;
|
||||
if (cflags == DP_C_SHORT)
|
||||
value = va_arg(args, unsigned int);
|
||||
value = va_arg (args, unsigned int);
|
||||
else if (cflags == DP_C_LONG)
|
||||
value = va_arg(args, unsigned long int);
|
||||
else if (cflags == DP_C_LONG_LONG)
|
||||
value = va_arg(args, unsigned long long);
|
||||
value = (long)va_arg (args, unsigned long int);
|
||||
else if (cflags == DP_C_LLONG)
|
||||
value = (long)va_arg (args, unsigned LLONG);
|
||||
else
|
||||
value = va_arg(args, unsigned int);
|
||||
fmtint(buffer, &currlen, maxlen, value, 8, min, max, flags);
|
||||
value = (long)va_arg (args, unsigned int);
|
||||
fmtint (buffer, &currlen, maxlen, value, 8, min, max, flags);
|
||||
break;
|
||||
case 'u':
|
||||
flags |= DP_F_UNSIGNED;
|
||||
if (cflags == DP_C_SHORT)
|
||||
value = va_arg(args, unsigned int);
|
||||
value = va_arg (args, unsigned int);
|
||||
else if (cflags == DP_C_LONG)
|
||||
value = va_arg(args, unsigned long int);
|
||||
else if (cflags == DP_C_LONG_LONG)
|
||||
value = va_arg(args, unsigned long long);
|
||||
value = (long)va_arg (args, unsigned long int);
|
||||
else if (cflags == DP_C_LLONG)
|
||||
value = (LLONG)va_arg (args, unsigned LLONG);
|
||||
else
|
||||
value = va_arg(args, unsigned int);
|
||||
value = (long)va_arg (args, unsigned int);
|
||||
fmtint (buffer, &currlen, maxlen, value, 10, min, max, flags);
|
||||
break;
|
||||
case 'X':
|
||||
@ -269,78 +326,85 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args)
|
||||
case 'x':
|
||||
flags |= DP_F_UNSIGNED;
|
||||
if (cflags == DP_C_SHORT)
|
||||
value = va_arg(args, unsigned int);
|
||||
value = va_arg (args, unsigned int);
|
||||
else if (cflags == DP_C_LONG)
|
||||
value = va_arg(args, unsigned long int);
|
||||
else if (cflags == DP_C_LONG_LONG)
|
||||
value = va_arg(args, unsigned long long);
|
||||
value = (long)va_arg (args, unsigned long int);
|
||||
else if (cflags == DP_C_LLONG)
|
||||
value = (LLONG)va_arg (args, unsigned LLONG);
|
||||
else
|
||||
value = va_arg(args, unsigned int);
|
||||
fmtint(buffer, &currlen, maxlen, value, 16, min, max, flags);
|
||||
value = (long)va_arg (args, unsigned int);
|
||||
fmtint (buffer, &currlen, maxlen, value, 16, min, max, flags);
|
||||
break;
|
||||
case 'f':
|
||||
if (cflags == DP_C_LDOUBLE)
|
||||
fvalue = va_arg(args, long double);
|
||||
fvalue = va_arg (args, LDOUBLE);
|
||||
else
|
||||
fvalue = va_arg(args, double);
|
||||
fvalue = va_arg (args, double);
|
||||
/* um, floating point? */
|
||||
fmtfp(buffer, &currlen, maxlen, fvalue, min, max, flags);
|
||||
fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags);
|
||||
break;
|
||||
case 'E':
|
||||
flags |= DP_F_UP;
|
||||
case 'e':
|
||||
if (cflags == DP_C_LDOUBLE)
|
||||
fvalue = va_arg(args, long double);
|
||||
fvalue = va_arg (args, LDOUBLE);
|
||||
else
|
||||
fvalue = va_arg(args, double);
|
||||
fvalue = va_arg (args, double);
|
||||
fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags);
|
||||
break;
|
||||
case 'G':
|
||||
flags |= DP_F_UP;
|
||||
case 'g':
|
||||
if (cflags == DP_C_LDOUBLE)
|
||||
fvalue = va_arg(args, long double);
|
||||
fvalue = va_arg (args, LDOUBLE);
|
||||
else
|
||||
fvalue = va_arg(args, double);
|
||||
fvalue = va_arg (args, double);
|
||||
fmtfp (buffer, &currlen, maxlen, fvalue, min, max, flags);
|
||||
break;
|
||||
case 'c':
|
||||
dopr_outch(buffer, &currlen, maxlen, va_arg(args, int));
|
||||
dopr_outch (buffer, &currlen, maxlen, va_arg (args, int));
|
||||
break;
|
||||
case 's':
|
||||
strvalue = va_arg(args, char *);
|
||||
if (max < 0)
|
||||
max = maxlen; /* ie, no max */
|
||||
fmtstr(buffer, &currlen, maxlen, strvalue, flags, min, max);
|
||||
strvalue = va_arg (args, char *);
|
||||
if (!strvalue) strvalue = "(NULL)";
|
||||
if (max == -1) {
|
||||
max = strlen(strvalue);
|
||||
}
|
||||
if (min > 0 && max >= 0 && min > max) max = min;
|
||||
fmtstr (buffer, &currlen, maxlen, strvalue, flags, min, max);
|
||||
break;
|
||||
case 'p':
|
||||
strvalue = va_arg(args, void *);
|
||||
fmtint(buffer, &currlen, maxlen, (long) strvalue, 16, min, max, flags);
|
||||
strvalue = va_arg (args, void *);
|
||||
fmtint (buffer, &currlen, maxlen, (long) strvalue, 16, min, max, flags);
|
||||
break;
|
||||
case 'n':
|
||||
if (cflags == DP_C_SHORT) {
|
||||
short int *num;
|
||||
num = va_arg(args, short int *);
|
||||
num = va_arg (args, short int *);
|
||||
*num = currlen;
|
||||
} else if (cflags == DP_C_LONG) {
|
||||
long int *num;
|
||||
num = va_arg(args, long int *);
|
||||
*num = currlen;
|
||||
} else if (cflags == DP_C_LONG_LONG) {
|
||||
long long *num;
|
||||
num = va_arg(args, long long *);
|
||||
*num = currlen;
|
||||
num = va_arg (args, long int *);
|
||||
*num = (long int)currlen;
|
||||
} else if (cflags == DP_C_LLONG) {
|
||||
LLONG *num;
|
||||
num = va_arg (args, LLONG *);
|
||||
*num = (LLONG)currlen;
|
||||
} else {
|
||||
int *num;
|
||||
num = va_arg(args, int *);
|
||||
num = va_arg (args, int *);
|
||||
*num = currlen;
|
||||
}
|
||||
break;
|
||||
case '%':
|
||||
dopr_outch(buffer, &currlen, maxlen, ch);
|
||||
dopr_outch (buffer, &currlen, maxlen, ch);
|
||||
break;
|
||||
case 'w': /* not supported yet, treat as next char */
|
||||
case 'w':
|
||||
/* not supported yet, treat as next char */
|
||||
ch = *format++;
|
||||
break;
|
||||
default: /* Unknown, skip */
|
||||
default:
|
||||
/* Unknown, skip */
|
||||
break;
|
||||
}
|
||||
ch = *format++;
|
||||
@ -350,24 +414,33 @@ dopr(char *buffer, size_t maxlen, const char *format, va_list args)
|
||||
break;
|
||||
case DP_S_DONE:
|
||||
break;
|
||||
default: /* hmm? */
|
||||
default:
|
||||
/* hmm? */
|
||||
break; /* some picky compilers need this */
|
||||
}
|
||||
}
|
||||
if (maxlen != 0) {
|
||||
if (currlen < maxlen - 1)
|
||||
buffer[currlen] = '\0';
|
||||
else
|
||||
else if (maxlen > 0)
|
||||
buffer[maxlen - 1] = '\0';
|
||||
}
|
||||
|
||||
return currlen;
|
||||
}
|
||||
|
||||
static void
|
||||
fmtstr(char *buffer, size_t *currlen, size_t maxlen,
|
||||
static void fmtstr(char *buffer, size_t *currlen, size_t maxlen,
|
||||
char *value, int flags, int min, int max)
|
||||
{
|
||||
int cnt = 0, padlen, strln; /* amount to pad */
|
||||
int padlen, strln; /* amount to pad */
|
||||
int cnt = 0;
|
||||
|
||||
if (value == 0)
|
||||
#ifdef DEBUG_SNPRINTF
|
||||
printf("fmtstr min=%d max=%d s=[%s]\n", min, max, value);
|
||||
#endif
|
||||
if (value == 0) {
|
||||
value = "<NULL>";
|
||||
}
|
||||
|
||||
for (strln = 0; strln < max && value[strln]; ++strln); /* strlen */
|
||||
padlen = min - strln;
|
||||
@ -377,16 +450,16 @@ fmtstr(char *buffer, size_t *currlen, size_t maxlen,
|
||||
padlen = -padlen; /* Left Justify */
|
||||
|
||||
while ((padlen > 0) && (cnt < max)) {
|
||||
dopr_outch(buffer, currlen, maxlen, ' ');
|
||||
dopr_outch (buffer, currlen, maxlen, ' ');
|
||||
--padlen;
|
||||
++cnt;
|
||||
}
|
||||
while (*value && (cnt < max)) {
|
||||
dopr_outch(buffer, currlen, maxlen, *value++);
|
||||
dopr_outch (buffer, currlen, maxlen, *value++);
|
||||
++cnt;
|
||||
}
|
||||
while ((padlen < 0) && (cnt < max)) {
|
||||
dopr_outch(buffer, currlen, maxlen, ' ');
|
||||
dopr_outch (buffer, currlen, maxlen, ' ');
|
||||
++padlen;
|
||||
++cnt;
|
||||
}
|
||||
@ -394,49 +467,49 @@ fmtstr(char *buffer, size_t *currlen, size_t maxlen,
|
||||
|
||||
/* Have to handle DP_F_NUM (ie 0x and 0 alternates) */
|
||||
|
||||
static void
|
||||
fmtint(char *buffer, size_t *currlen, size_t maxlen,
|
||||
static void fmtint(char *buffer, size_t *currlen, size_t maxlen,
|
||||
long value, int base, int min, int max, int flags)
|
||||
{
|
||||
int signvalue = 0;
|
||||
unsigned long uvalue;
|
||||
char convert[20];
|
||||
int signvalue = 0, place = 0, caps = 0;
|
||||
int place = 0;
|
||||
int spadlen = 0; /* amount to space pad */
|
||||
int zpadlen = 0; /* amount to zero pad */
|
||||
int caps = 0;
|
||||
|
||||
if (max < 0)
|
||||
max = 0;
|
||||
|
||||
uvalue = value;
|
||||
|
||||
if (!(flags & DP_F_UNSIGNED)) {
|
||||
if (value < 0) {
|
||||
if(!(flags & DP_F_UNSIGNED)) {
|
||||
if( value < 0 ) {
|
||||
signvalue = '-';
|
||||
uvalue = -value;
|
||||
} else if (flags & DP_F_PLUS) /* Do a sign (+/i) */
|
||||
} else {
|
||||
if (flags & DP_F_PLUS) /* Do a sign (+/i) */
|
||||
signvalue = '+';
|
||||
else if (flags & DP_F_SPACE)
|
||||
signvalue = ' ';
|
||||
}
|
||||
}
|
||||
|
||||
if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */
|
||||
|
||||
if (flags & DP_F_UP)
|
||||
caps = 1; /* Should characters be upper case? */
|
||||
do {
|
||||
convert[place++] =
|
||||
(caps ? "0123456789ABCDEF" : "0123456789abcdef")
|
||||
[uvalue % (unsigned)base];
|
||||
(caps? "0123456789ABCDEF":"0123456789abcdef")
|
||||
[uvalue % (unsigned)base ];
|
||||
uvalue = (uvalue / (unsigned)base );
|
||||
} while (uvalue && (place < 20));
|
||||
if (place == 20)
|
||||
place--;
|
||||
} while(uvalue && (place < 20));
|
||||
if (place == 20) place--;
|
||||
convert[place] = 0;
|
||||
|
||||
zpadlen = max - place;
|
||||
spadlen = min - MAX (max, place) - (signvalue ? 1 : 0);
|
||||
if (zpadlen < 0)
|
||||
zpadlen = 0;
|
||||
if (spadlen < 0)
|
||||
spadlen = 0;
|
||||
if (zpadlen < 0) zpadlen = 0;
|
||||
if (spadlen < 0) spadlen = 0;
|
||||
if (flags & DP_F_ZERO) {
|
||||
zpadlen = MAX(zpadlen, spadlen);
|
||||
spadlen = 0;
|
||||
@ -444,27 +517,32 @@ fmtint(char *buffer, size_t *currlen, size_t maxlen,
|
||||
if (flags & DP_F_MINUS)
|
||||
spadlen = -spadlen; /* Left Justifty */
|
||||
|
||||
#ifdef DEBUG_SNPRINTF
|
||||
printf("zpad: %d, spad: %d, min: %d, max: %d, place: %d\n",
|
||||
zpadlen, spadlen, min, max, place);
|
||||
#endif
|
||||
|
||||
/* Spaces */
|
||||
while (spadlen > 0) {
|
||||
dopr_outch(buffer, currlen, maxlen, ' ');
|
||||
dopr_outch (buffer, currlen, maxlen, ' ');
|
||||
--spadlen;
|
||||
}
|
||||
|
||||
/* Sign */
|
||||
if (signvalue)
|
||||
dopr_outch(buffer, currlen, maxlen, signvalue);
|
||||
dopr_outch (buffer, currlen, maxlen, signvalue);
|
||||
|
||||
/* Zeros */
|
||||
if (zpadlen > 0) {
|
||||
while (zpadlen > 0) {
|
||||
dopr_outch(buffer, currlen, maxlen, '0');
|
||||
dopr_outch (buffer, currlen, maxlen, '0');
|
||||
--zpadlen;
|
||||
}
|
||||
}
|
||||
|
||||
/* Digits */
|
||||
while (place > 0)
|
||||
dopr_outch(buffer, currlen, maxlen, convert[--place]);
|
||||
dopr_outch (buffer, currlen, maxlen, convert[--place]);
|
||||
|
||||
/* Left Justified spaces */
|
||||
while (spadlen < 0) {
|
||||
@ -473,10 +551,19 @@ fmtint(char *buffer, size_t *currlen, size_t maxlen,
|
||||
}
|
||||
}
|
||||
|
||||
static long double
|
||||
pow10(int exp)
|
||||
static LDOUBLE abs_val(LDOUBLE value)
|
||||
{
|
||||
long double result = 1;
|
||||
LDOUBLE result = value;
|
||||
|
||||
if (value < 0)
|
||||
result = -value;
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
static LDOUBLE POW10(int exp)
|
||||
{
|
||||
LDOUBLE result = 1;
|
||||
|
||||
while (exp) {
|
||||
result *= 10;
|
||||
@ -486,28 +573,69 @@ pow10(int exp)
|
||||
return result;
|
||||
}
|
||||
|
||||
static long
|
||||
round(long double value)
|
||||
static LLONG ROUND(LDOUBLE value)
|
||||
{
|
||||
long intpart = value;
|
||||
LLONG intpart;
|
||||
|
||||
value -= intpart;
|
||||
if (value >= 0.5)
|
||||
intpart++;
|
||||
intpart = (LLONG)value;
|
||||
value = value - intpart;
|
||||
if (value >= 0.5) intpart++;
|
||||
|
||||
return intpart;
|
||||
}
|
||||
|
||||
static void
|
||||
fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue,
|
||||
int min, int max, int flags)
|
||||
/* a replacement for modf that doesn't need the math library. Should
|
||||
be portable, but slow */
|
||||
static double my_modf(double x0, double *iptr)
|
||||
{
|
||||
char iconvert[20], fconvert[20];
|
||||
int signvalue = 0, iplace = 0, fplace = 0;
|
||||
int i;
|
||||
long l;
|
||||
double x = x0;
|
||||
double f = 1.0;
|
||||
|
||||
for (i=0;i<100;i++) {
|
||||
l = (long)x;
|
||||
if (l <= (x+1) && l >= (x-1)) break;
|
||||
x *= 0.1;
|
||||
f *= 10.0;
|
||||
}
|
||||
|
||||
if (i == 100) {
|
||||
/* yikes! the number is beyond what we can handle. What do we do? */
|
||||
(*iptr) = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (i != 0) {
|
||||
double i2;
|
||||
double ret;
|
||||
|
||||
ret = my_modf(x0-l*f, &i2);
|
||||
(*iptr) = l*f + i2;
|
||||
return ret;
|
||||
}
|
||||
|
||||
(*iptr) = l;
|
||||
return x - (*iptr);
|
||||
}
|
||||
|
||||
|
||||
static void fmtfp (char *buffer, size_t *currlen, size_t maxlen,
|
||||
LDOUBLE fvalue, int min, int max, int flags)
|
||||
{
|
||||
int signvalue = 0;
|
||||
double ufvalue;
|
||||
char iconvert[311];
|
||||
char fconvert[311];
|
||||
int iplace = 0;
|
||||
int fplace = 0;
|
||||
int padlen = 0; /* amount to pad */
|
||||
int zpadlen = 0, caps = 0;
|
||||
long intpart, fracpart;
|
||||
long double ufvalue;
|
||||
int zpadlen = 0;
|
||||
int caps = 0;
|
||||
int idx;
|
||||
double intpart;
|
||||
double fracpart;
|
||||
double temp;
|
||||
|
||||
/*
|
||||
* AIX manpage says the default is 0, but Solaris says the default
|
||||
@ -516,61 +644,81 @@ fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue,
|
||||
if (max < 0)
|
||||
max = 6;
|
||||
|
||||
ufvalue = abs_val(fvalue);
|
||||
ufvalue = abs_val (fvalue);
|
||||
|
||||
if (fvalue < 0)
|
||||
if (fvalue < 0) {
|
||||
signvalue = '-';
|
||||
else if (flags & DP_F_PLUS) /* Do a sign (+/i) */
|
||||
} else {
|
||||
if (flags & DP_F_PLUS) { /* Do a sign (+/i) */
|
||||
signvalue = '+';
|
||||
else if (flags & DP_F_SPACE)
|
||||
} else {
|
||||
if (flags & DP_F_SPACE)
|
||||
signvalue = ' ';
|
||||
}
|
||||
}
|
||||
|
||||
intpart = ufvalue;
|
||||
#if 0
|
||||
if (flags & DP_F_UP) caps = 1; /* Should characters be upper case? */
|
||||
#endif
|
||||
|
||||
#if 0
|
||||
if (max == 0) ufvalue += 0.5; /* if max = 0 we must round */
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Sorry, we only support 9 digits past the decimal because of our
|
||||
* Sorry, we only support 16 digits past the decimal because of our
|
||||
* conversion method
|
||||
*/
|
||||
if (max > 9)
|
||||
max = 9;
|
||||
if (max > 16)
|
||||
max = 16;
|
||||
|
||||
/* We "cheat" by converting the fractional part to integer by
|
||||
* multiplying by a factor of 10
|
||||
*/
|
||||
fracpart = round((pow10 (max)) * (ufvalue - intpart));
|
||||
|
||||
if (fracpart >= pow10 (max)) {
|
||||
temp = ufvalue;
|
||||
my_modf(temp, &intpart);
|
||||
|
||||
fracpart = ROUND((POW10(max)) * (ufvalue - intpart));
|
||||
|
||||
if (fracpart >= POW10(max)) {
|
||||
intpart++;
|
||||
fracpart -= pow10 (max);
|
||||
fracpart -= POW10(max);
|
||||
}
|
||||
|
||||
/* Convert integer part */
|
||||
do {
|
||||
temp = intpart*0.1;
|
||||
my_modf(temp, &intpart);
|
||||
idx = (int) ((temp -intpart +0.05)* 10.0);
|
||||
/* idx = (int) (((double)(temp*0.1) -intpart +0.05) *10.0); */
|
||||
/* printf ("%llf, %f, %x\n", temp, intpart, idx); */
|
||||
iconvert[iplace++] =
|
||||
(caps ? "0123456789ABCDEF" : "0123456789abcdef")
|
||||
[intpart % 10];
|
||||
intpart = (intpart / 10);
|
||||
} while(intpart && (iplace < 20));
|
||||
if (iplace == 20)
|
||||
iplace--;
|
||||
(caps? "0123456789ABCDEF":"0123456789abcdef")[idx];
|
||||
} while (intpart && (iplace < 311));
|
||||
if (iplace == 311) iplace--;
|
||||
iconvert[iplace] = 0;
|
||||
|
||||
/* Convert fractional part */
|
||||
if (fracpart)
|
||||
{
|
||||
do {
|
||||
temp = fracpart*0.1;
|
||||
my_modf(temp, &fracpart);
|
||||
idx = (int) ((temp -fracpart +0.05)* 10.0);
|
||||
/* idx = (int) ((((temp/10) -fracpart) +0.05) *10); */
|
||||
/* printf ("%lf, %lf, %ld\n", temp, fracpart, idx ); */
|
||||
fconvert[fplace++] =
|
||||
(caps ? "0123456789ABCDEF" : "0123456789abcdef")
|
||||
[fracpart % 10];
|
||||
fracpart = (fracpart / 10);
|
||||
} while(fracpart && (fplace < 20));
|
||||
if (fplace == 20)
|
||||
fplace--;
|
||||
(caps? "0123456789ABCDEF":"0123456789abcdef")[idx];
|
||||
} while(fracpart && (fplace < 311));
|
||||
if (fplace == 311) fplace--;
|
||||
}
|
||||
fconvert[fplace] = 0;
|
||||
|
||||
/* -1 for decimal point, another -1 if we are printing a sign */
|
||||
padlen = min - iplace - max - 1 - ((signvalue) ? 1 : 0);
|
||||
zpadlen = max - fplace;
|
||||
if (zpadlen < 0)
|
||||
zpadlen = 0;
|
||||
if (zpadlen < 0) zpadlen = 0;
|
||||
if (padlen < 0)
|
||||
padlen = 0;
|
||||
if (flags & DP_F_MINUS)
|
||||
@ -578,75 +726,77 @@ fmtfp(char *buffer, size_t *currlen, size_t maxlen, long double fvalue,
|
||||
|
||||
if ((flags & DP_F_ZERO) && (padlen > 0)) {
|
||||
if (signvalue) {
|
||||
dopr_outch(buffer, currlen, maxlen, signvalue);
|
||||
dopr_outch (buffer, currlen, maxlen, signvalue);
|
||||
--padlen;
|
||||
signvalue = 0;
|
||||
}
|
||||
while (padlen > 0) {
|
||||
dopr_outch(buffer, currlen, maxlen, '0');
|
||||
dopr_outch (buffer, currlen, maxlen, '0');
|
||||
--padlen;
|
||||
}
|
||||
}
|
||||
while (padlen > 0) {
|
||||
dopr_outch(buffer, currlen, maxlen, ' ');
|
||||
dopr_outch (buffer, currlen, maxlen, ' ');
|
||||
--padlen;
|
||||
}
|
||||
if (signvalue)
|
||||
dopr_outch(buffer, currlen, maxlen, signvalue);
|
||||
dopr_outch (buffer, currlen, maxlen, signvalue);
|
||||
|
||||
while (iplace > 0)
|
||||
dopr_outch(buffer, currlen, maxlen, iconvert[--iplace]);
|
||||
dopr_outch (buffer, currlen, maxlen, iconvert[--iplace]);
|
||||
|
||||
#ifdef DEBUG_SNPRINTF
|
||||
printf("fmtfp: fplace=%d zpadlen=%d\n", fplace, zpadlen);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Decimal point. This should probably use locale to find the
|
||||
* correct char to print out.
|
||||
* Decimal point. This should probably use locale to find the correct
|
||||
* char to print out.
|
||||
*/
|
||||
dopr_outch(buffer, currlen, maxlen, '.');
|
||||
|
||||
while (fplace > 0)
|
||||
dopr_outch(buffer, currlen, maxlen, fconvert[--fplace]);
|
||||
if (max > 0) {
|
||||
dopr_outch (buffer, currlen, maxlen, '.');
|
||||
|
||||
while (zpadlen > 0) {
|
||||
dopr_outch(buffer, currlen, maxlen, '0');
|
||||
dopr_outch (buffer, currlen, maxlen, '0');
|
||||
--zpadlen;
|
||||
}
|
||||
|
||||
while (fplace > 0)
|
||||
dopr_outch (buffer, currlen, maxlen, fconvert[--fplace]);
|
||||
}
|
||||
|
||||
while (padlen < 0) {
|
||||
dopr_outch(buffer, currlen, maxlen, ' ');
|
||||
dopr_outch (buffer, currlen, maxlen, ' ');
|
||||
++padlen;
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c)
|
||||
static void dopr_outch(char *buffer, size_t *currlen, size_t maxlen, char c)
|
||||
{
|
||||
if (*currlen < maxlen)
|
||||
buffer[(*currlen)++] = c;
|
||||
if (*currlen < maxlen) {
|
||||
buffer[(*currlen)] = c;
|
||||
}
|
||||
(*currlen)++;
|
||||
}
|
||||
#endif /* !defined(HAVE_SNPRINTF) || !defined(HAVE_VSNPRINTF) */
|
||||
|
||||
#ifndef HAVE_VSNPRINTF
|
||||
int
|
||||
vsnprintf(char *str, size_t count, const char *fmt, va_list args)
|
||||
#if !defined(HAVE_VSNPRINTF)
|
||||
int vsnprintf (char *str, size_t count, const char *fmt, va_list args)
|
||||
{
|
||||
str[0] = 0;
|
||||
dopr(str, count, fmt, args);
|
||||
|
||||
return(strlen(str));
|
||||
return dopr(str, count, fmt, args);
|
||||
}
|
||||
#endif /* !HAVE_VSNPRINTF */
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_SNPRINTF
|
||||
int
|
||||
snprintf(char *str,size_t count,const char *fmt,...)
|
||||
#if !defined(HAVE_SNPRINTF)
|
||||
int snprintf(char *str, size_t count, SNPRINTF_CONST char *fmt, ...)
|
||||
{
|
||||
size_t ret;
|
||||
va_list ap;
|
||||
|
||||
va_start(ap, fmt);
|
||||
(void) vsnprintf(str, count, fmt, ap);
|
||||
ret = vsnprintf(str, count, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
return(strlen(str));
|
||||
return ret;
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* !HAVE_SNPRINTF */
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/daemon.c */
|
||||
|
||||
/* $OpenBSD: daemon.c,v 1.6 2005/08/08 08:05:33 espie Exp $ */
|
||||
/*-
|
||||
* Copyright (c) 1990, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -29,14 +28,12 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/daemon.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef HAVE_DAEMON
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char rcsid[] = "$OpenBSD: daemon.c,v 1.5 2003/07/15 17:32:41 deraadt Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
int
|
||||
daemon(int nochdir, int noclose)
|
||||
{
|
||||
|
@ -1,9 +1,7 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/dirname.c */
|
||||
|
||||
/* $OpenBSD: dirname.c,v 1.10 2003/06/17 21:56:23 millert Exp $ */
|
||||
/* $OpenBSD: dirname.c,v 1.13 2005/08/08 08:05:33 espie Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
* Copyright (c) 1997, 2004 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
@ -18,13 +16,11 @@
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/dirname.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_DIRNAME
|
||||
|
||||
#ifndef lint
|
||||
static char rcsid[] = "$OpenBSD: dirname.c,v 1.10 2003/06/17 21:56:23 millert Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
#include <errno.h>
|
||||
#include <string.h>
|
||||
#include <sys/param.h>
|
||||
@ -32,16 +28,18 @@ static char rcsid[] = "$OpenBSD: dirname.c,v 1.10 2003/06/17 21:56:23 millert Ex
|
||||
char *
|
||||
dirname(const char *path)
|
||||
{
|
||||
static char bname[MAXPATHLEN];
|
||||
register const char *endp;
|
||||
static char dname[MAXPATHLEN];
|
||||
size_t len;
|
||||
const char *endp;
|
||||
|
||||
/* Empty or NULL string gets treated as "." */
|
||||
if (path == NULL || *path == '\0') {
|
||||
(void)strlcpy(bname, ".", sizeof bname);
|
||||
return(bname);
|
||||
dname[0] = '.';
|
||||
dname[1] = '\0';
|
||||
return (dname);
|
||||
}
|
||||
|
||||
/* Strip trailing slashes */
|
||||
/* Strip any trailing slashes */
|
||||
endp = path + strlen(path) - 1;
|
||||
while (endp > path && *endp == '/')
|
||||
endp--;
|
||||
@ -52,19 +50,23 @@ dirname(const char *path)
|
||||
|
||||
/* Either the dir is "/" or there are no slashes */
|
||||
if (endp == path) {
|
||||
(void)strlcpy(bname, *endp == '/' ? "/" : ".", sizeof bname);
|
||||
return(bname);
|
||||
dname[0] = *endp == '/' ? '/' : '.';
|
||||
dname[1] = '\0';
|
||||
return (dname);
|
||||
} else {
|
||||
/* Move forward past the separating slashes */
|
||||
do {
|
||||
endp--;
|
||||
} while (endp > path && *endp == '/');
|
||||
}
|
||||
|
||||
if (endp - path + 2 > sizeof(bname)) {
|
||||
len = endp - path + 1;
|
||||
if (len >= sizeof(dname)) {
|
||||
errno = ENAMETOOLONG;
|
||||
return(NULL);
|
||||
return (NULL);
|
||||
}
|
||||
strlcpy(bname, path, endp - path + 2);
|
||||
return(bname);
|
||||
memcpy(dname, path, len);
|
||||
dname[len] = '\0';
|
||||
return (dname);
|
||||
}
|
||||
#endif
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/getcwd.c */
|
||||
|
||||
/* $OpenBSD: getcwd.c,v 1.14 2005/08/08 08:05:34 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1989, 1991, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -29,14 +28,12 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/getcwd.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if !defined(HAVE_GETCWD)
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char rcsid[] = "$OpenBSD: getcwd.c,v 1.9 2003/06/11 21:03:10 deraadt Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/stat.h>
|
||||
#include <errno.h>
|
||||
@ -54,12 +51,12 @@ static char rcsid[] = "$OpenBSD: getcwd.c,v 1.9 2003/06/11 21:03:10 deraadt Exp
|
||||
char *
|
||||
getcwd(char *pt, size_t size)
|
||||
{
|
||||
register struct dirent *dp;
|
||||
register DIR *dir = NULL;
|
||||
register dev_t dev;
|
||||
register ino_t ino;
|
||||
register int first;
|
||||
register char *bpt, *bup;
|
||||
struct dirent *dp;
|
||||
DIR *dir = NULL;
|
||||
dev_t dev;
|
||||
ino_t ino;
|
||||
int first;
|
||||
char *bpt, *bup;
|
||||
struct stat s;
|
||||
dev_t root_dev;
|
||||
ino_t root_ino;
|
||||
@ -80,7 +77,7 @@ getcwd(char *pt, size_t size)
|
||||
}
|
||||
ept = pt + size;
|
||||
} else {
|
||||
if ((pt = malloc(ptsize = 1024 - 4)) == NULL)
|
||||
if ((pt = malloc(ptsize = MAXPATHLEN)) == NULL)
|
||||
return (NULL);
|
||||
ept = pt + ptsize;
|
||||
}
|
||||
@ -88,13 +85,13 @@ getcwd(char *pt, size_t size)
|
||||
*bpt = '\0';
|
||||
|
||||
/*
|
||||
* Allocate bytes (1024 - malloc space) for the string of "../"'s.
|
||||
* Allocate bytes for the string of "../"'s.
|
||||
* Should always be enough (it's 340 levels). If it's not, allocate
|
||||
* as necessary. Special * case the first stat, it's ".", not "..".
|
||||
*/
|
||||
if ((up = malloc(upsize = 1024 - 4)) == NULL)
|
||||
if ((up = malloc(upsize = MAXPATHLEN)) == NULL)
|
||||
goto err;
|
||||
eup = up + MAXPATHLEN;
|
||||
eup = up + upsize;
|
||||
bup = up;
|
||||
up[0] = '.';
|
||||
up[1] = '\0';
|
||||
@ -139,18 +136,16 @@ getcwd(char *pt, size_t size)
|
||||
|
||||
if ((nup = realloc(up, upsize *= 2)) == NULL)
|
||||
goto err;
|
||||
bup = nup + (bup - up);
|
||||
up = nup;
|
||||
bup = up;
|
||||
eup = up + upsize;
|
||||
}
|
||||
*bup++ = '.';
|
||||
*bup++ = '.';
|
||||
*bup = '\0';
|
||||
|
||||
/* Open and stat parent directory.
|
||||
* RACE?? - replaced fstat(dirfd(dir), &s) w/ lstat(up,&s)
|
||||
*/
|
||||
if (!(dir = opendir(up)) || lstat(up,&s))
|
||||
/* Open and stat parent directory. */
|
||||
if (!(dir = opendir(up)) || fstat(dirfd(dir), &s))
|
||||
goto err;
|
||||
|
||||
/* Add trailing slash for next directory. */
|
||||
@ -175,7 +170,7 @@ getcwd(char *pt, size_t size)
|
||||
goto notfound;
|
||||
if (ISDOT(dp))
|
||||
continue;
|
||||
memmove(bup, dp->d_name, dp->d_namlen + 1);
|
||||
memcpy(bup, dp->d_name, dp->d_namlen + 1);
|
||||
|
||||
/* Save the first error for later. */
|
||||
if (lstat(up, &s)) {
|
||||
@ -193,19 +188,18 @@ getcwd(char *pt, size_t size)
|
||||
* leading slash.
|
||||
*/
|
||||
if (bpt - pt < dp->d_namlen + (first ? 1 : 2)) {
|
||||
size_t len, off;
|
||||
size_t len;
|
||||
char *npt;
|
||||
|
||||
if (!ptsize) {
|
||||
errno = ERANGE;
|
||||
goto err;
|
||||
}
|
||||
off = bpt - pt;
|
||||
len = ept - bpt;
|
||||
if ((npt = realloc(pt, ptsize *= 2)) == NULL)
|
||||
goto err;
|
||||
bpt = npt + (bpt - pt);
|
||||
pt = npt;
|
||||
bpt = pt + off;
|
||||
ept = pt + ptsize;
|
||||
memmove(ept - len, bpt, len);
|
||||
bpt = ept - len;
|
||||
@ -213,7 +207,7 @@ getcwd(char *pt, size_t size)
|
||||
if (!first)
|
||||
*--bpt = '/';
|
||||
bpt -= dp->d_namlen;
|
||||
memmove(bpt, dp->d_name, dp->d_namlen);
|
||||
memcpy(bpt, dp->d_name, dp->d_namlen);
|
||||
(void)closedir(dir);
|
||||
|
||||
/* Truncate any file name. */
|
||||
@ -230,12 +224,16 @@ getcwd(char *pt, size_t size)
|
||||
errno = save_errno ? save_errno : ENOENT;
|
||||
/* FALLTHROUGH */
|
||||
err:
|
||||
save_errno = errno;
|
||||
|
||||
if (ptsize)
|
||||
free(pt);
|
||||
if (up)
|
||||
free(up);
|
||||
if (dir)
|
||||
(void)closedir(dir);
|
||||
|
||||
errno = save_errno;
|
||||
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/getgrouplist.c */
|
||||
|
||||
/* $OpenBSD: getgrouplist.c,v 1.12 2005/08/08 08:05:34 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1991, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -29,14 +28,12 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/getgrouplist.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef HAVE_GETGROUPLIST
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char rcsid[] = "$OpenBSD: getgrouplist.c,v 1.9 2003/06/25 21:16:47 deraadt Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
/*
|
||||
* get credential
|
||||
*/
|
||||
@ -46,14 +43,10 @@ static char rcsid[] = "$OpenBSD: getgrouplist.c,v 1.9 2003/06/25 21:16:47 deraad
|
||||
#include <grp.h>
|
||||
|
||||
int
|
||||
getgrouplist(uname, agroup, groups, grpcnt)
|
||||
const char *uname;
|
||||
gid_t agroup;
|
||||
register gid_t *groups;
|
||||
int *grpcnt;
|
||||
getgrouplist(const char *uname, gid_t agroup, gid_t *groups, int *grpcnt)
|
||||
{
|
||||
register struct group *grp;
|
||||
register int i, ngroups;
|
||||
struct group *grp;
|
||||
int i, ngroups;
|
||||
int ret, maxgroups;
|
||||
int bail;
|
||||
|
||||
|
@ -1,5 +1,3 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/getopt.c */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1987, 1993, 1994
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -29,6 +27,8 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/getopt.c */
|
||||
|
||||
#include "includes.h"
|
||||
#if !defined(HAVE_GETOPT) || !defined(HAVE_GETOPT_OPTRESET)
|
||||
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/getrrsetbyname.c */
|
||||
|
||||
/* $OpenBSD: getrrsetbyname.c,v 1.7 2003/03/07 07:34:14 itojun Exp $ */
|
||||
/* $OpenBSD: getrrsetbyname.c,v 1.10 2005/03/30 02:58:28 tedu Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001 Jakob Schlyter. All rights reserved.
|
||||
@ -45,54 +43,26 @@
|
||||
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/getrrsetbyname.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef HAVE_GETRRSETBYNAME
|
||||
|
||||
#include "getrrsetbyname.h"
|
||||
|
||||
#define ANSWER_BUFFER_SIZE 1024*64
|
||||
|
||||
#if defined(HAVE_DECL_H_ERRNO) && !HAVE_DECL_H_ERRNO
|
||||
extern int h_errno;
|
||||
#endif
|
||||
|
||||
struct dns_query {
|
||||
char *name;
|
||||
u_int16_t type;
|
||||
u_int16_t class;
|
||||
struct dns_query *next;
|
||||
};
|
||||
/* We don't need multithread support here */
|
||||
#ifdef _THREAD_PRIVATE
|
||||
# undef _THREAD_PRIVATE
|
||||
#endif
|
||||
#define _THREAD_PRIVATE(a,b,c) (c)
|
||||
struct __res_state _res;
|
||||
|
||||
struct dns_rr {
|
||||
char *name;
|
||||
u_int16_t type;
|
||||
u_int16_t class;
|
||||
u_int16_t ttl;
|
||||
u_int16_t size;
|
||||
void *rdata;
|
||||
struct dns_rr *next;
|
||||
};
|
||||
|
||||
struct dns_response {
|
||||
HEADER header;
|
||||
struct dns_query *query;
|
||||
struct dns_rr *answer;
|
||||
struct dns_rr *authority;
|
||||
struct dns_rr *additional;
|
||||
};
|
||||
|
||||
static struct dns_response *parse_dns_response(const u_char *, int);
|
||||
static struct dns_query *parse_dns_qsection(const u_char *, int,
|
||||
const u_char **, int);
|
||||
static struct dns_rr *parse_dns_rrsection(const u_char *, int, const u_char **,
|
||||
int);
|
||||
|
||||
static void free_dns_query(struct dns_query *);
|
||||
static void free_dns_rr(struct dns_rr *);
|
||||
static void free_dns_response(struct dns_response *);
|
||||
|
||||
static int count_dns_rr(struct dns_rr *, u_int16_t, u_int16_t);
|
||||
/* Necessary functions and macros */
|
||||
|
||||
/*
|
||||
* Inline versions of get/put short/long. Pointer is advanced.
|
||||
@ -162,14 +132,56 @@ _getlong(msgp)
|
||||
u_int32_t _getlong(register const u_char *);
|
||||
#endif
|
||||
|
||||
/* ************** */
|
||||
|
||||
#define ANSWER_BUFFER_SIZE 1024*64
|
||||
|
||||
struct dns_query {
|
||||
char *name;
|
||||
u_int16_t type;
|
||||
u_int16_t class;
|
||||
struct dns_query *next;
|
||||
};
|
||||
|
||||
struct dns_rr {
|
||||
char *name;
|
||||
u_int16_t type;
|
||||
u_int16_t class;
|
||||
u_int16_t ttl;
|
||||
u_int16_t size;
|
||||
void *rdata;
|
||||
struct dns_rr *next;
|
||||
};
|
||||
|
||||
struct dns_response {
|
||||
HEADER header;
|
||||
struct dns_query *query;
|
||||
struct dns_rr *answer;
|
||||
struct dns_rr *authority;
|
||||
struct dns_rr *additional;
|
||||
};
|
||||
|
||||
static struct dns_response *parse_dns_response(const u_char *, int);
|
||||
static struct dns_query *parse_dns_qsection(const u_char *, int,
|
||||
const u_char **, int);
|
||||
static struct dns_rr *parse_dns_rrsection(const u_char *, int, const u_char **,
|
||||
int);
|
||||
|
||||
static void free_dns_query(struct dns_query *);
|
||||
static void free_dns_rr(struct dns_rr *);
|
||||
static void free_dns_response(struct dns_response *);
|
||||
|
||||
static int count_dns_rr(struct dns_rr *, u_int16_t, u_int16_t);
|
||||
|
||||
int
|
||||
getrrsetbyname(const char *hostname, unsigned int rdclass,
|
||||
unsigned int rdtype, unsigned int flags,
|
||||
struct rrsetinfo **res)
|
||||
{
|
||||
struct __res_state *_resp = _THREAD_PRIVATE(_res, _res, &_res);
|
||||
int result;
|
||||
struct rrsetinfo *rrset = NULL;
|
||||
struct dns_response *response;
|
||||
struct dns_response *response = NULL;
|
||||
struct dns_rr *rr;
|
||||
struct rdatainfo *rdata;
|
||||
int length;
|
||||
@ -195,19 +207,19 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
|
||||
}
|
||||
|
||||
/* initialize resolver */
|
||||
if ((_res.options & RES_INIT) == 0 && res_init() == -1) {
|
||||
if ((_resp->options & RES_INIT) == 0 && res_init() == -1) {
|
||||
result = ERRSET_FAIL;
|
||||
goto fail;
|
||||
}
|
||||
|
||||
#ifdef DEBUG
|
||||
_res.options |= RES_DEBUG;
|
||||
_resp->options |= RES_DEBUG;
|
||||
#endif /* DEBUG */
|
||||
|
||||
#ifdef RES_USE_DNSSEC
|
||||
/* turn on DNSSEC if EDNS0 is configured */
|
||||
if (_res.options & RES_USE_EDNS0)
|
||||
_res.options |= RES_USE_DNSSEC;
|
||||
if (_resp->options & RES_USE_EDNS0)
|
||||
_resp->options |= RES_USE_DNSSEC;
|
||||
#endif /* RES_USE_DNSEC */
|
||||
|
||||
/* make query */
|
||||
@ -257,13 +269,11 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
|
||||
#endif
|
||||
|
||||
/* copy name from answer section */
|
||||
length = strlen(response->answer->name);
|
||||
rrset->rri_name = malloc(length + 1);
|
||||
rrset->rri_name = strdup(response->answer->name);
|
||||
if (rrset->rri_name == NULL) {
|
||||
result = ERRSET_NOMEMORY;
|
||||
goto fail;
|
||||
}
|
||||
strlcpy(rrset->rri_name, response->answer->name, length + 1);
|
||||
|
||||
/* count answers */
|
||||
rrset->rri_nrdatas = count_dns_rr(response->answer, rrset->rri_rdclass,
|
||||
@ -281,7 +291,7 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
|
||||
|
||||
/* allocate memory for signatures */
|
||||
rrset->rri_sigs = calloc(rrset->rri_nsigs, sizeof(struct rdatainfo));
|
||||
if (rrset->rri_nsigs > 0 && rrset->rri_sigs == NULL) {
|
||||
if (rrset->rri_sigs == NULL) {
|
||||
result = ERRSET_NOMEMORY;
|
||||
goto fail;
|
||||
}
|
||||
@ -311,6 +321,7 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
|
||||
memcpy(rdata->rdi_data, rr->rdata, rr->size);
|
||||
}
|
||||
}
|
||||
free_dns_response(response);
|
||||
|
||||
*res = rrset;
|
||||
return (ERRSET_SUCCESS);
|
||||
@ -318,6 +329,8 @@ getrrsetbyname(const char *hostname, unsigned int rdclass,
|
||||
fail:
|
||||
if (rrset != NULL)
|
||||
freerrset(rrset);
|
||||
if (response != NULL)
|
||||
free_dns_response(response);
|
||||
return (result);
|
||||
}
|
||||
|
||||
@ -467,7 +480,8 @@ parse_dns_qsection(const u_char *answer, int size, const u_char **cp, int count)
|
||||
}
|
||||
|
||||
static struct dns_rr *
|
||||
parse_dns_rrsection(const u_char *answer, int size, const u_char **cp, int count)
|
||||
parse_dns_rrsection(const u_char *answer, int size, const u_char **cp,
|
||||
int count)
|
||||
{
|
||||
struct dns_rr *head, *curr, *prev;
|
||||
int i, length;
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/glob.c */
|
||||
|
||||
/* $OpenBSD: glob.c,v 1.25 2005/08/08 08:05:34 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1989, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -32,6 +31,8 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/glob.c */
|
||||
|
||||
#include "includes.h"
|
||||
#include <ctype.h>
|
||||
|
||||
@ -50,14 +51,6 @@ get_arg_max(void)
|
||||
#if !defined(HAVE_GLOB) || !defined(GLOB_HAS_ALTDIRFUNC) || \
|
||||
!defined(GLOB_HAS_GL_MATCHC)
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)glob.c 8.3 (Berkeley) 10/13/93";
|
||||
#else
|
||||
static char rcsid[] = "$OpenBSD: glob.c,v 1.22 2003/06/25 21:16:47 deraadt Exp $";
|
||||
#endif
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
/*
|
||||
* glob(3) -- a superset of the one defined in POSIX 1003.2.
|
||||
*
|
||||
@ -158,10 +151,8 @@ static void qprintf(const char *, Char *);
|
||||
#endif
|
||||
|
||||
int
|
||||
glob(pattern, flags, errfunc, pglob)
|
||||
const char *pattern;
|
||||
int flags, (*errfunc)(const char *, int);
|
||||
glob_t *pglob;
|
||||
glob(const char *pattern, int flags, int (*errfunc)(const char *, int),
|
||||
glob_t *pglob)
|
||||
{
|
||||
const u_char *patnext;
|
||||
int c;
|
||||
@ -209,9 +200,7 @@ glob(pattern, flags, errfunc, pglob)
|
||||
* characters
|
||||
*/
|
||||
static int
|
||||
globexp1(pattern, pglob)
|
||||
const Char *pattern;
|
||||
glob_t *pglob;
|
||||
globexp1(const Char *pattern, glob_t *pglob)
|
||||
{
|
||||
const Char* ptr = pattern;
|
||||
int rv;
|
||||
@ -234,10 +223,7 @@ globexp1(pattern, pglob)
|
||||
* If it fails then it tries to glob the rest of the pattern and returns.
|
||||
*/
|
||||
static int
|
||||
globexp2(ptr, pattern, pglob, rv)
|
||||
const Char *ptr, *pattern;
|
||||
glob_t *pglob;
|
||||
int *rv;
|
||||
globexp2(const Char *ptr, const Char *pattern, glob_t *pglob, int *rv)
|
||||
{
|
||||
int i;
|
||||
Char *lm, *ls;
|
||||
@ -342,11 +328,7 @@ globexp2(ptr, pattern, pglob, rv)
|
||||
* expand tilde from the passwd file.
|
||||
*/
|
||||
static const Char *
|
||||
globtilde(pattern, patbuf, patbuf_len, pglob)
|
||||
const Char *pattern;
|
||||
Char *patbuf;
|
||||
size_t patbuf_len;
|
||||
glob_t *pglob;
|
||||
globtilde(const Char *pattern, Char *patbuf, size_t patbuf_len, glob_t *pglob)
|
||||
{
|
||||
struct passwd *pwd;
|
||||
char *h;
|
||||
@ -414,9 +396,7 @@ globtilde(pattern, patbuf, patbuf_len, pglob)
|
||||
* to find no matches.
|
||||
*/
|
||||
static int
|
||||
glob0(pattern, pglob)
|
||||
const Char *pattern;
|
||||
glob_t *pglob;
|
||||
glob0(const Char *pattern, glob_t *pglob)
|
||||
{
|
||||
const Char *qpatnext;
|
||||
int c, err, oldpathc;
|
||||
@ -503,17 +483,13 @@ glob0(pattern, pglob)
|
||||
}
|
||||
|
||||
static int
|
||||
compare(p, q)
|
||||
const void *p, *q;
|
||||
compare(const void *p, const void *q)
|
||||
{
|
||||
return(strcmp(*(char **)p, *(char **)q));
|
||||
}
|
||||
|
||||
static int
|
||||
glob1(pattern, pattern_last, pglob, limitp)
|
||||
Char *pattern, *pattern_last;
|
||||
glob_t *pglob;
|
||||
size_t *limitp;
|
||||
glob1(Char *pattern, Char *pattern_last, glob_t *pglob, size_t *limitp)
|
||||
{
|
||||
Char pathbuf[MAXPATHLEN];
|
||||
|
||||
@ -531,12 +507,8 @@ glob1(pattern, pattern_last, pglob, limitp)
|
||||
* meta characters.
|
||||
*/
|
||||
static int
|
||||
glob2(pathbuf, pathbuf_last, pathend, pathend_last, pattern,
|
||||
pattern_last, pglob, limitp)
|
||||
Char *pathbuf, *pathbuf_last, *pathend, *pathend_last;
|
||||
Char *pattern, *pattern_last;
|
||||
glob_t *pglob;
|
||||
size_t *limitp;
|
||||
glob2(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
|
||||
Char *pattern, Char *pattern_last, glob_t *pglob, size_t *limitp)
|
||||
{
|
||||
struct stat sb;
|
||||
Char *p, *q;
|
||||
@ -595,14 +567,11 @@ glob2(pathbuf, pathbuf_last, pathend, pathend_last, pattern,
|
||||
}
|
||||
|
||||
static int
|
||||
glob3(pathbuf, pathbuf_last, pathend, pathend_last, pattern, pattern_last,
|
||||
restpattern, restpattern_last, pglob, limitp)
|
||||
Char *pathbuf, *pathbuf_last, *pathend, *pathend_last;
|
||||
Char *pattern, *pattern_last, *restpattern, *restpattern_last;
|
||||
glob_t *pglob;
|
||||
size_t *limitp;
|
||||
glob3(Char *pathbuf, Char *pathbuf_last, Char *pathend, Char *pathend_last,
|
||||
Char *pattern, Char *pattern_last, Char *restpattern,
|
||||
Char *restpattern_last, glob_t *pglob, size_t *limitp)
|
||||
{
|
||||
register struct dirent *dp;
|
||||
struct dirent *dp;
|
||||
DIR *dirp;
|
||||
int err;
|
||||
char buf[MAXPATHLEN];
|
||||
@ -640,8 +609,8 @@ glob3(pathbuf, pathbuf_last, pathend, pathend_last, pattern, pattern_last,
|
||||
else
|
||||
readdirfunc = (struct dirent *(*)(void *))readdir;
|
||||
while ((dp = (*readdirfunc)(dirp))) {
|
||||
register u_char *sc;
|
||||
register Char *dc;
|
||||
u_char *sc;
|
||||
Char *dc;
|
||||
|
||||
/* Initial DOT must be matched literally. */
|
||||
if (dp->d_name[0] == DOT && *pattern != DOT)
|
||||
@ -689,13 +658,10 @@ glob3(pathbuf, pathbuf_last, pathend, pathend_last, pattern, pattern_last,
|
||||
* gl_pathv points to (gl_offs + gl_pathc + 1) items.
|
||||
*/
|
||||
static int
|
||||
globextend(path, pglob, limitp)
|
||||
const Char *path;
|
||||
glob_t *pglob;
|
||||
size_t *limitp;
|
||||
globextend(const Char *path, glob_t *pglob, size_t *limitp)
|
||||
{
|
||||
register char **pathv;
|
||||
register int i;
|
||||
char **pathv;
|
||||
int i;
|
||||
u_int newsize, len;
|
||||
char *copy;
|
||||
const Char *p;
|
||||
@ -747,8 +713,7 @@ globextend(path, pglob, limitp)
|
||||
* pattern causes a recursion level.
|
||||
*/
|
||||
static int
|
||||
match(name, pat, patend)
|
||||
register Char *name, *pat, *patend;
|
||||
match(Char *name, Char *pat, Char *patend)
|
||||
{
|
||||
int ok, negate_range;
|
||||
Char c, k;
|
||||
@ -759,11 +724,10 @@ match(name, pat, patend)
|
||||
case M_ALL:
|
||||
if (pat == patend)
|
||||
return(1);
|
||||
do
|
||||
do {
|
||||
if (match(name, pat, patend))
|
||||
return(1);
|
||||
while (*name++ != EOS)
|
||||
;
|
||||
} while (*name++ != EOS);
|
||||
return(0);
|
||||
case M_ONE:
|
||||
if (*name++ == EOS)
|
||||
@ -796,11 +760,10 @@ match(name, pat, patend)
|
||||
|
||||
/* Free allocated data belonging to a glob_t structure. */
|
||||
void
|
||||
globfree(pglob)
|
||||
glob_t *pglob;
|
||||
globfree(glob_t *pglob)
|
||||
{
|
||||
register int i;
|
||||
register char **pp;
|
||||
int i;
|
||||
char **pp;
|
||||
|
||||
if (pglob->gl_pathv != NULL) {
|
||||
pp = pglob->gl_pathv + pglob->gl_offs;
|
||||
@ -813,9 +776,7 @@ globfree(pglob)
|
||||
}
|
||||
|
||||
static DIR *
|
||||
g_opendir(str, pglob)
|
||||
register Char *str;
|
||||
glob_t *pglob;
|
||||
g_opendir(Char *str, glob_t *pglob)
|
||||
{
|
||||
char buf[MAXPATHLEN];
|
||||
|
||||
@ -833,10 +794,7 @@ g_opendir(str, pglob)
|
||||
}
|
||||
|
||||
static int
|
||||
g_lstat(fn, sb, pglob)
|
||||
register Char *fn;
|
||||
struct stat *sb;
|
||||
glob_t *pglob;
|
||||
g_lstat(Char *fn, struct stat *sb, glob_t *pglob)
|
||||
{
|
||||
char buf[MAXPATHLEN];
|
||||
|
||||
@ -848,10 +806,7 @@ g_lstat(fn, sb, pglob)
|
||||
}
|
||||
|
||||
static int
|
||||
g_stat(fn, sb, pglob)
|
||||
register Char *fn;
|
||||
struct stat *sb;
|
||||
glob_t *pglob;
|
||||
g_stat(Char *fn, struct stat *sb, glob_t *pglob)
|
||||
{
|
||||
char buf[MAXPATHLEN];
|
||||
|
||||
@ -863,9 +818,7 @@ g_stat(fn, sb, pglob)
|
||||
}
|
||||
|
||||
static Char *
|
||||
g_strchr(str, ch)
|
||||
Char *str;
|
||||
int ch;
|
||||
g_strchr(Char *str, int ch)
|
||||
{
|
||||
do {
|
||||
if (*str == ch)
|
||||
@ -875,10 +828,7 @@ g_strchr(str, ch)
|
||||
}
|
||||
|
||||
static int
|
||||
g_Ctoc(str, buf, len)
|
||||
register const Char *str;
|
||||
char *buf;
|
||||
u_int len;
|
||||
g_Ctoc(const Char *str, char *buf, u_int len)
|
||||
{
|
||||
|
||||
while (len--) {
|
||||
@ -890,11 +840,9 @@ g_Ctoc(str, buf, len)
|
||||
|
||||
#ifdef DEBUG
|
||||
static void
|
||||
qprintf(str, s)
|
||||
const char *str;
|
||||
register Char *s;
|
||||
qprintf(const char *str, Char *s)
|
||||
{
|
||||
register Char *p;
|
||||
Char *p;
|
||||
|
||||
(void)printf("%s:\n", str);
|
||||
for (p = s; *p; p++)
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: include/glob.h */
|
||||
|
||||
/* $OpenBSD: glob.h,v 1.8 2003/06/02 19:34:12 millert Exp $ */
|
||||
/* $OpenBSD: glob.h,v 1.9 2004/10/07 16:56:11 millert Exp $ */
|
||||
/* $NetBSD: glob.h,v 1.5 1994/10/26 00:55:56 cgd Exp $ */
|
||||
|
||||
/*
|
||||
@ -37,6 +35,8 @@
|
||||
* @(#)glob.h 8.1 (Berkeley) 6/2/93
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: include/glob.h */
|
||||
|
||||
#if !defined(HAVE_GLOB_H) || !defined(GLOB_HAS_ALTDIRFUNC) || \
|
||||
!defined(GLOB_HAS_GL_MATCHC)
|
||||
|
||||
@ -72,6 +72,7 @@ typedef struct {
|
||||
#define GLOB_MARK 0x0008 /* Append / to matching directories. */
|
||||
#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */
|
||||
#define GLOB_NOSORT 0x0020 /* Don't sort. */
|
||||
#define GLOB_NOESCAPE 0x1000 /* Disable backslash escaping. */
|
||||
|
||||
#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */
|
||||
#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */
|
||||
@ -79,7 +80,6 @@ typedef struct {
|
||||
#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */
|
||||
#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */
|
||||
#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */
|
||||
#define GLOB_NOESCAPE 0x1000 /* Disable backslash escaping. */
|
||||
#define GLOB_LIMIT 0x2000 /* Limit pattern match output to ARG_MAX */
|
||||
|
||||
/* Error values returned by glob(3) */
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/inet_addr.c */
|
||||
|
||||
/* $OpenBSD: inet_addr.c,v 1.7 2003/06/02 20:18:35 millert Exp $ */
|
||||
/* $OpenBSD: inet_addr.c,v 1.9 2005/08/06 20:30:03 espie Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1983, 1990, 1993
|
||||
@ -51,19 +49,12 @@
|
||||
* --Copyright--
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/inet_addr.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if !defined(HAVE_INET_ATON)
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)inet_addr.c 8.1 (Berkeley) 6/17/93";
|
||||
static char rcsid[] = "$From: inet_addr.c,v 8.5 1996/08/05 08:31:35 vixie Exp $";
|
||||
#else
|
||||
static char rcsid[] = "$OpenBSD: inet_addr.c,v 1.7 2003/06/02 20:18:35 millert Exp $";
|
||||
#endif
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/param.h>
|
||||
#include <netinet/in.h>
|
||||
@ -76,8 +67,7 @@ static char rcsid[] = "$OpenBSD: inet_addr.c,v 1.7 2003/06/02 20:18:35 millert E
|
||||
* The value returned is in network order.
|
||||
*/
|
||||
in_addr_t
|
||||
inet_addr(cp)
|
||||
register const char *cp;
|
||||
inet_addr(const char *cp)
|
||||
{
|
||||
struct in_addr val;
|
||||
|
||||
@ -97,11 +87,11 @@ inet_addr(cp)
|
||||
int
|
||||
inet_aton(const char *cp, struct in_addr *addr)
|
||||
{
|
||||
register u_int32_t val;
|
||||
register int base, n;
|
||||
register char c;
|
||||
unsigned int parts[4];
|
||||
register unsigned int *pp = parts;
|
||||
u_int32_t val;
|
||||
int base, n;
|
||||
char c;
|
||||
u_int parts[4];
|
||||
u_int *pp = parts;
|
||||
|
||||
c = *cp;
|
||||
for (;;) {
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/inet_ntoa.c */
|
||||
|
||||
/* $OpenBSD: inet_ntoa.c,v 1.6 2005/08/06 20:30:03 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1983, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -29,14 +28,12 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/inet_ntoa.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if defined(BROKEN_INET_NTOA) || !defined(HAVE_INET_NTOA)
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char rcsid[] = "$OpenBSD: inet_ntoa.c,v 1.4 2003/06/02 20:18:35 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
/*
|
||||
* Convert network-format internet address
|
||||
* to base 256 d.d.d.d representation.
|
||||
@ -46,10 +43,11 @@ static char rcsid[] = "$OpenBSD: inet_ntoa.c,v 1.4 2003/06/02 20:18:35 millert E
|
||||
#include <arpa/inet.h>
|
||||
#include <stdio.h>
|
||||
|
||||
char *inet_ntoa(struct in_addr in)
|
||||
char *
|
||||
inet_ntoa(struct in_addr in)
|
||||
{
|
||||
static char b[18];
|
||||
register char *p;
|
||||
char *p;
|
||||
|
||||
p = (char *)∈
|
||||
#define UC(b) (((int)b)&0xff)
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/inet_ntop.c */
|
||||
|
||||
/* $OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Exp $ */
|
||||
/* $OpenBSD: inet_ntop.c,v 1.7 2005/08/06 20:30:03 espie Exp $ */
|
||||
|
||||
/* Copyright (c) 1996 by Internet Software Consortium.
|
||||
*
|
||||
@ -18,18 +16,12 @@
|
||||
* SOFTWARE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/inet_ntop.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef HAVE_INET_NTOP
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
#if 0
|
||||
static char rcsid[] = "$From: inet_ntop.c,v 8.7 1996/08/05 08:41:18 vixie Exp $";
|
||||
#else
|
||||
static char rcsid[] = "$OpenBSD: inet_ntop.c,v 1.5 2002/08/23 16:27:31 itojun Exp $";
|
||||
#endif
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
@ -65,11 +57,7 @@ static const char *inet_ntop6(const u_char *src, char *dst, size_t size);
|
||||
* Paul Vixie, 1996.
|
||||
*/
|
||||
const char *
|
||||
inet_ntop(af, src, dst, size)
|
||||
int af;
|
||||
const void *src;
|
||||
char *dst;
|
||||
size_t size;
|
||||
inet_ntop(int af, const void *src, char *dst, size_t size)
|
||||
{
|
||||
switch (af) {
|
||||
case AF_INET:
|
||||
@ -95,10 +83,7 @@ inet_ntop(af, src, dst, size)
|
||||
* Paul Vixie, 1996.
|
||||
*/
|
||||
static const char *
|
||||
inet_ntop4(src, dst, size)
|
||||
const u_char *src;
|
||||
char *dst;
|
||||
size_t size;
|
||||
inet_ntop4(const u_char *src, char *dst, size_t size)
|
||||
{
|
||||
static const char fmt[] = "%u.%u.%u.%u";
|
||||
char tmp[sizeof "255.255.255.255"];
|
||||
@ -120,10 +105,7 @@ inet_ntop4(src, dst, size)
|
||||
* Paul Vixie, 1996.
|
||||
*/
|
||||
static const char *
|
||||
inet_ntop6(src, dst, size)
|
||||
const u_char *src;
|
||||
char *dst;
|
||||
size_t size;
|
||||
inet_ntop6(const u_char *src, char *dst, size_t size)
|
||||
{
|
||||
/*
|
||||
* Note that int32_t and int16_t need only be "at least" large enough
|
||||
|
@ -1,8 +1,7 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdio/mktemp.c */
|
||||
|
||||
/* THIS FILE HAS BEEN MODIFIED FROM THE ORIGINAL OPENBSD SOURCE */
|
||||
/* Changes: Removed mktemp */
|
||||
|
||||
/* $OpenBSD: mktemp.c,v 1.19 2005/08/08 08:05:36 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1987, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -32,20 +31,16 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdio/mktemp.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP)
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char rcsid[] = "$OpenBSD: mktemp.c,v 1.17 2003/06/02 20:18:37 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
static int _gettemp(char *, int *, int, int);
|
||||
|
||||
int
|
||||
mkstemps(path, slen)
|
||||
char *path;
|
||||
int slen;
|
||||
mkstemps(char *path, int slen)
|
||||
{
|
||||
int fd;
|
||||
|
||||
@ -53,8 +48,7 @@ mkstemps(path, slen)
|
||||
}
|
||||
|
||||
int
|
||||
mkstemp(path)
|
||||
char *path;
|
||||
mkstemp(char *path)
|
||||
{
|
||||
int fd;
|
||||
|
||||
@ -62,8 +56,7 @@ mkstemp(path)
|
||||
}
|
||||
|
||||
char *
|
||||
mkdtemp(path)
|
||||
char *path;
|
||||
mkdtemp(char *path)
|
||||
{
|
||||
return(_gettemp(path, (int *)NULL, 1, 0) ? path : (char *)NULL);
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $Id: openbsd-compat.h,v 1.30 2005/08/26 20:15:20 tim Exp $ */
|
||||
/* $Id: openbsd-compat.h,v 1.33 2005/12/31 05:33:37 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1999-2003 Damien Miller. All rights reserved.
|
||||
@ -142,6 +142,10 @@ unsigned int arc4random(void);
|
||||
void arc4random_stir(void);
|
||||
#endif /* !HAVE_ARC4RANDOM */
|
||||
|
||||
#ifndef HAVE_ASPRINTF
|
||||
int asprintf(char **, const char *, ...);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_OPENPTY
|
||||
int openpty(int *, int *, char *, struct termios *, struct winsize *);
|
||||
#endif /* HAVE_OPENPTY */
|
||||
@ -152,10 +156,18 @@ int openpty(int *, int *, char *, struct termios *, struct winsize *);
|
||||
int snprintf(char *, size_t, const char *, ...);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_STRTOLL
|
||||
long long strtoll(const char *, char **, int);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_STRTONUM
|
||||
long long strtonum(const char *, long long, long long, const char **);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_VASPRINTF
|
||||
int vasprintf(char **, const char *, va_list);
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_VSNPRINTF
|
||||
int vsnprintf(char *, size_t, const char *, va_list);
|
||||
#endif
|
||||
@ -174,5 +186,6 @@ char *shadow_pw(struct passwd *pw);
|
||||
#include "port-irix.h"
|
||||
#include "port-aix.h"
|
||||
#include "port-uw.h"
|
||||
#include "port-tun.h"
|
||||
|
||||
#endif /* _OPENBSD_COMPAT_H */
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $Id: openssl-compat.h,v 1.1 2005/06/09 11:45:11 dtucker Exp $ */
|
||||
/* $Id: openssl-compat.h,v 1.3 2005/12/19 06:40:40 dtucker Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
|
||||
@ -24,7 +24,11 @@
|
||||
# define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
|
||||
#endif
|
||||
|
||||
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
||||
#if (OPENSSL_VERSION_NUMBER < 0x00907000L) || defined(OPENSSL_LOBOTOMISED_AES)
|
||||
# define USE_BUILTIN_RIJNDAEL
|
||||
#endif
|
||||
|
||||
#ifdef USE_BUILTIN_RIJNDAEL
|
||||
# define EVP_aes_128_cbc evp_rijndael
|
||||
# define EVP_aes_192_cbc evp_rijndael
|
||||
# define EVP_aes_256_cbc evp_rijndael
|
||||
@ -43,7 +47,12 @@ extern const EVP_CIPHER *evp_acss(void);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* insert comment here
|
||||
* We overload some of the OpenSSL crypto functions with ssh_* equivalents
|
||||
* which cater for older and/or less featureful OpenSSL version.
|
||||
*
|
||||
* In order for the compat library to call the real functions, it must
|
||||
* define SSH_DONT_OVERLOAD_OPENSSL_FUNCS before including this file and
|
||||
* implement the ssh_* equivalents.
|
||||
*/
|
||||
#ifdef SSH_OLD_EVP
|
||||
|
||||
|
252
crypto/openssh/openbsd-compat/port-tun.c
Normal file
252
crypto/openssh/openbsd-compat/port-tun.c
Normal file
@ -0,0 +1,252 @@
|
||||
/*
|
||||
* Copyright (c) 2005 Reyk Floeter <reyk@openbsd.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#include "log.h"
|
||||
#include "misc.h"
|
||||
#include "bufaux.h"
|
||||
|
||||
/*
|
||||
* This is the portable version of the SSH tunnel forwarding, it
|
||||
* uses some preprocessor definitions for various platform-specific
|
||||
* settings.
|
||||
*
|
||||
* SSH_TUN_LINUX Use the (newer) Linux tun/tap device
|
||||
* SSH_TUN_COMPAT_AF Translate the OpenBSD address family
|
||||
* SSH_TUN_PREPEND_AF Prepend/remove the address family
|
||||
*/
|
||||
|
||||
/*
|
||||
* System-specific tunnel open function
|
||||
*/
|
||||
|
||||
#if defined(SSH_TUN_LINUX)
|
||||
#include <linux/if.h>
|
||||
#include <linux/if_tun.h>
|
||||
|
||||
int
|
||||
sys_tun_open(int tun, int mode)
|
||||
{
|
||||
struct ifreq ifr;
|
||||
int fd = -1;
|
||||
const char *name = NULL;
|
||||
|
||||
if ((fd = open("/dev/net/tun", O_RDWR)) == -1) {
|
||||
debug("%s: failed to open tunnel control interface: %s",
|
||||
__func__, strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
|
||||
bzero(&ifr, sizeof(ifr));
|
||||
|
||||
if (mode == SSH_TUNMODE_ETHERNET) {
|
||||
ifr.ifr_flags = IFF_TAP;
|
||||
name = "tap%d";
|
||||
} else {
|
||||
ifr.ifr_flags = IFF_TUN;
|
||||
name = "tun%d";
|
||||
}
|
||||
ifr.ifr_flags |= IFF_NO_PI;
|
||||
|
||||
if (tun != SSH_TUNID_ANY) {
|
||||
if (tun > SSH_TUNID_MAX) {
|
||||
debug("%s: invalid tunnel id %x: %s", __func__,
|
||||
tun, strerror(errno));
|
||||
goto failed;
|
||||
}
|
||||
snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), name, tun);
|
||||
}
|
||||
|
||||
if (ioctl(fd, TUNSETIFF, &ifr) == -1) {
|
||||
debug("%s: failed to configure tunnel (mode %d): %s", __func__,
|
||||
mode, strerror(errno));
|
||||
goto failed;
|
||||
}
|
||||
|
||||
if (tun == SSH_TUNID_ANY)
|
||||
debug("%s: tunnel mode %d fd %d", __func__, mode, fd);
|
||||
else
|
||||
debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd);
|
||||
|
||||
return (fd);
|
||||
|
||||
failed:
|
||||
close(fd);
|
||||
return (-1);
|
||||
}
|
||||
#endif /* SSH_TUN_LINUX */
|
||||
|
||||
#ifdef SSH_TUN_FREEBSD
|
||||
#include <sys/socket.h>
|
||||
#include <net/if.h>
|
||||
#include <net/if_tun.h>
|
||||
|
||||
int
|
||||
sys_tun_open(int tun, int mode)
|
||||
{
|
||||
struct ifreq ifr;
|
||||
char name[100];
|
||||
int fd = -1, sock, flag;
|
||||
const char *tunbase = "tun";
|
||||
|
||||
if (mode == SSH_TUNMODE_ETHERNET) {
|
||||
#ifdef SSH_TUN_NO_L2
|
||||
debug("%s: no layer 2 tunnelling support", __func__);
|
||||
return (-1);
|
||||
#else
|
||||
tunbase = "tap";
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Open the tunnel device */
|
||||
if (tun <= SSH_TUNID_MAX) {
|
||||
snprintf(name, sizeof(name), "/dev/%s%d", tunbase, tun);
|
||||
fd = open(name, O_RDWR);
|
||||
} else if (tun == SSH_TUNID_ANY) {
|
||||
for (tun = 100; tun >= 0; tun--) {
|
||||
snprintf(name, sizeof(name), "/dev/%s%d",
|
||||
tunbase, tun);
|
||||
if ((fd = open(name, O_RDWR)) >= 0)
|
||||
break;
|
||||
}
|
||||
} else {
|
||||
debug("%s: invalid tunnel %u\n", __func__, tun);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
if (fd < 0) {
|
||||
debug("%s: %s open failed: %s", __func__, name,
|
||||
strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
|
||||
/* Turn on tunnel headers */
|
||||
flag = 1;
|
||||
#if defined(TUNSIFHEAD) && !defined(SSH_TUN_PREPEND_AF)
|
||||
if (mode != SSH_TUNMODE_ETHERNET &&
|
||||
ioctl(fd, TUNSIFHEAD, &flag) == -1) {
|
||||
debug("%s: ioctl(%d, TUNSIFHEAD, 1): %s", __func__, fd,
|
||||
strerror(errno));
|
||||
close(fd);
|
||||
}
|
||||
#endif
|
||||
|
||||
debug("%s: %s mode %d fd %d", __func__, name, mode, fd);
|
||||
|
||||
/* Set the tunnel device operation mode */
|
||||
snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s%d", tunbase, tun);
|
||||
if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
|
||||
goto failed;
|
||||
|
||||
if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
|
||||
goto failed;
|
||||
ifr.ifr_flags |= IFF_UP;
|
||||
if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
|
||||
goto failed;
|
||||
|
||||
close(sock);
|
||||
return (fd);
|
||||
|
||||
failed:
|
||||
if (fd >= 0)
|
||||
close(fd);
|
||||
if (sock >= 0)
|
||||
close(sock);
|
||||
debug("%s: failed to set %s mode %d: %s", __func__, name,
|
||||
mode, strerror(errno));
|
||||
return (-1);
|
||||
}
|
||||
#endif /* SSH_TUN_FREEBSD */
|
||||
|
||||
/*
|
||||
* System-specific channel filters
|
||||
*/
|
||||
|
||||
#if defined(SSH_TUN_FILTER)
|
||||
#define OPENBSD_AF_INET 2
|
||||
#define OPENBSD_AF_INET6 24
|
||||
|
||||
int
|
||||
sys_tun_infilter(struct Channel *c, char *buf, int len)
|
||||
{
|
||||
#if defined(SSH_TUN_PREPEND_AF)
|
||||
char rbuf[CHAN_RBUF];
|
||||
struct ip *iph;
|
||||
#endif
|
||||
u_int32_t *af;
|
||||
char *ptr = buf;
|
||||
|
||||
#if defined(SSH_TUN_PREPEND_AF)
|
||||
if (len <= 0 || len > (int)(sizeof(rbuf) - sizeof(*af)))
|
||||
return (-1);
|
||||
ptr = (char *)&rbuf[0];
|
||||
bcopy(buf, ptr + sizeof(u_int32_t), len);
|
||||
len += sizeof(u_int32_t);
|
||||
af = (u_int32_t *)ptr;
|
||||
|
||||
iph = (struct ip *)(ptr + sizeof(u_int32_t));
|
||||
switch (iph->ip_v) {
|
||||
case 6:
|
||||
*af = AF_INET6;
|
||||
break;
|
||||
case 4:
|
||||
default:
|
||||
*af = AF_INET;
|
||||
break;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if defined(SSH_TUN_COMPAT_AF)
|
||||
if (len < (int)sizeof(u_int32_t))
|
||||
return (-1);
|
||||
|
||||
af = (u_int32_t *)ptr;
|
||||
if (*af == htonl(AF_INET6))
|
||||
*af = htonl(OPENBSD_AF_INET6);
|
||||
else
|
||||
*af = htonl(OPENBSD_AF_INET);
|
||||
#endif
|
||||
|
||||
buffer_put_string(&c->input, ptr, len);
|
||||
return (0);
|
||||
}
|
||||
|
||||
u_char *
|
||||
sys_tun_outfilter(struct Channel *c, u_char **data, u_int *dlen)
|
||||
{
|
||||
u_char *buf;
|
||||
u_int32_t *af;
|
||||
|
||||
*data = buffer_get_string(&c->output, dlen);
|
||||
if (*dlen < sizeof(*af))
|
||||
return (NULL);
|
||||
buf = *data;
|
||||
|
||||
#if defined(SSH_TUN_PREPEND_AF)
|
||||
*dlen -= sizeof(u_int32_t);
|
||||
buf = *data + sizeof(u_int32_t);
|
||||
#elif defined(SSH_TUN_COMPAT_AF)
|
||||
af = ntohl(*(u_int32_t *)buf);
|
||||
if (*af == OPENBSD_AF_INET6)
|
||||
*af = htonl(AF_INET6);
|
||||
else
|
||||
*af = htonl(AF_INET);
|
||||
#endif
|
||||
|
||||
return (buf);
|
||||
}
|
||||
#endif /* SSH_TUN_FILTER */
|
33
crypto/openssh/openbsd-compat/port-tun.h
Normal file
33
crypto/openssh/openbsd-compat/port-tun.h
Normal file
@ -0,0 +1,33 @@
|
||||
/*
|
||||
* Copyright (c) 2005 Reyk Floeter <reyk@openbsd.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#ifndef _PORT_TUN_H
|
||||
#define _PORT_TUN_H
|
||||
|
||||
#include "channels.h"
|
||||
|
||||
#if defined(SSH_TUN_LINUX) || defined(SSH_TUN_FREEBSD)
|
||||
# define CUSTOM_SYS_TUN_OPEN
|
||||
int sys_tun_open(int, int);
|
||||
#endif
|
||||
|
||||
#if defined(SSH_TUN_COMPAT_AF) || defined(SSH_TUN_PREPEND_AF)
|
||||
# define SSH_TUN_FILTER
|
||||
int sys_tun_infilter(struct Channel *, char *, int);
|
||||
u_char *sys_tun_outfilter(struct Channel *, u_char **, u_int *);
|
||||
#endif
|
||||
|
||||
#endif
|
@ -25,7 +25,7 @@
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if defined(HAVE_LIBIAF) && !defined(BROKEN_LIBIAF)
|
||||
#ifdef HAVE_LIBIAF
|
||||
#ifdef HAVE_CRYPT_H
|
||||
#include <crypt.h>
|
||||
#endif
|
||||
@ -42,7 +42,6 @@ int
|
||||
sys_auth_passwd(Authctxt *authctxt, const char *password)
|
||||
{
|
||||
struct passwd *pw = authctxt->pw;
|
||||
char *encrypted_password;
|
||||
char *salt;
|
||||
int result;
|
||||
|
||||
@ -55,21 +54,24 @@ sys_auth_passwd(Authctxt *authctxt, const char *password)
|
||||
|
||||
/* Encrypt the candidate password using the proper salt. */
|
||||
salt = (pw_password[0] && pw_password[1]) ? pw_password : "xx";
|
||||
#ifdef UNIXWARE_LONG_PASSWORDS
|
||||
if (!nischeck(pw->pw_name))
|
||||
encrypted_password = bigcrypt(password, salt);
|
||||
else
|
||||
#endif /* UNIXWARE_LONG_PASSWORDS */
|
||||
encrypted_password = xcrypt(password, salt);
|
||||
|
||||
/*
|
||||
* Authentication is accepted if the encrypted passwords
|
||||
* are identical.
|
||||
*/
|
||||
result = (strcmp(encrypted_password, pw_password) == 0);
|
||||
#ifdef UNIXWARE_LONG_PASSWORDS
|
||||
if (!nischeck(pw->pw_name)) {
|
||||
result = ((strcmp(bigcrypt(password, salt), pw_password) == 0)
|
||||
|| (strcmp(osr5bigcrypt(password, salt), pw_password) == 0));
|
||||
}
|
||||
else
|
||||
#endif /* UNIXWARE_LONG_PASSWORDS */
|
||||
result = (strcmp(xcrypt(password, salt), pw_password) == 0);
|
||||
|
||||
#if !defined(BROKEN_LIBIAF)
|
||||
if (authctxt->valid)
|
||||
free(pw_password);
|
||||
#endif
|
||||
return(result);
|
||||
}
|
||||
|
||||
@ -114,6 +116,7 @@ nischeck(char *namep)
|
||||
functions that call shadow_pw() will need to free
|
||||
*/
|
||||
|
||||
#if !defined(BROKEN_LIBIAF)
|
||||
char *
|
||||
get_iaf_password(struct passwd *pw)
|
||||
{
|
||||
@ -130,5 +133,6 @@ get_iaf_password(struct passwd *pw)
|
||||
else
|
||||
fatal("ia_openinfo: Unable to open the shadow passwd file");
|
||||
}
|
||||
#endif /* HAVE_LIBIAF && !BROKEN_LIBIAF */
|
||||
#endif /* !BROKEN_LIBIAF */
|
||||
#endif /* HAVE_LIBIAF */
|
||||
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/readpassphrase.c */
|
||||
|
||||
/* $OpenBSD: readpassphrase.c,v 1.16 2003/06/17 21:56:23 millert Exp $ */
|
||||
/* $OpenBSD: readpassphrase.c,v 1.18 2005/08/08 08:05:34 espie Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000-2002 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
@ -22,9 +20,7 @@
|
||||
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
|
||||
*/
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static const char rcsid[] = "$OpenBSD: readpassphrase.c,v 1.16 2003/06/17 21:56:23 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/readpassphrase.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
|
@ -1,34 +1,27 @@
|
||||
/* OPENBSD ORIGINAL: include/readpassphrase.h */
|
||||
|
||||
/* $OpenBSD: readpassphrase.h,v 1.3 2002/06/28 12:32:22 millert Exp $ */
|
||||
/* $OpenBSD: readpassphrase.h,v 1.5 2003/06/17 21:56:23 millert Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
* All rights reserved.
|
||||
* Copyright (c) 2000, 2002 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote products
|
||||
* derived from this software without specific prior written permission.
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
||||
* INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
||||
* AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
|
||||
* THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
|
||||
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
|
||||
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
|
||||
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
||||
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*
|
||||
* Sponsored in part by the Defense Advanced Research Projects
|
||||
* Agency (DARPA) and Air Force Research Laboratory, Air Force
|
||||
* Materiel Command, USAF, under agreement number F39502-99-1-0512.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: include/readpassphrase.h */
|
||||
|
||||
#ifndef _READPASSPHRASE_H_
|
||||
#define _READPASSPHRASE_H_
|
||||
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/realpath.c */
|
||||
|
||||
/* $OpenBSD: realpath.c,v 1.13 2005/08/08 08:05:37 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2003 Constantin S. Svintsoff <kostik@iclub.nsu.ru>
|
||||
*
|
||||
@ -28,6 +27,8 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/realpath.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH)
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/rresvport.c */
|
||||
|
||||
/* $OpenBSD: rresvport.c,v 1.9 2005/11/10 10:00:17 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1995, 1996, 1998 Theo de Raadt. All rights reserved.
|
||||
* Copyright (c) 1983, 1993, 1994
|
||||
@ -30,20 +29,15 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/net/rresvport.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifndef HAVE_RRESVPORT_AF
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char *rcsid = "$OpenBSD: rresvport.c,v 1.6 2003/06/03 02:11:35 deraadt Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if 0
|
||||
int
|
||||
rresvport(alport)
|
||||
int *alport;
|
||||
rresvport(int *alport)
|
||||
{
|
||||
return rresvport_af(alport, AF_INET);
|
||||
}
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/setenv.c */
|
||||
|
||||
/* $OpenBSD: setenv.c,v 1.9 2005/08/08 08:05:37 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1987 Regents of the University of California.
|
||||
* All rights reserved.
|
||||
@ -29,36 +28,31 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/setenv.c */
|
||||
|
||||
#include "includes.h"
|
||||
#if !defined(HAVE_SETENV) || !defined(HAVE_UNSETENV)
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char *rcsid = "$OpenBSD: setenv.c,v 1.6 2003/06/02 20:18:38 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
char *__findenv(const char *name, int *offset);
|
||||
extern char **environ;
|
||||
|
||||
/* OpenSSH Portable: __findenv is from getenv.c rev 1.8, made static */
|
||||
/*
|
||||
* __findenv --
|
||||
* Returns pointer to value associated with name, if any, else NULL.
|
||||
* Sets offset to be the offset of the name/value combination in the
|
||||
* environmental array, for use by setenv(3) and unsetenv(3).
|
||||
* Explicitly removes '=' in argument name.
|
||||
*
|
||||
* This routine *should* be a static; don't use it.
|
||||
*/
|
||||
char *
|
||||
__findenv(name, offset)
|
||||
register const char *name;
|
||||
int *offset;
|
||||
static char *
|
||||
__findenv(const char *name, int *offset)
|
||||
{
|
||||
extern char **environ;
|
||||
register int len, i;
|
||||
register const char *np;
|
||||
register char **p, *cp;
|
||||
int len, i;
|
||||
const char *np;
|
||||
char **p, *cp;
|
||||
|
||||
if (name == NULL || environ == NULL)
|
||||
return (NULL);
|
||||
@ -84,14 +78,10 @@ __findenv(name, offset)
|
||||
* "value". If rewrite is set, replace any current value.
|
||||
*/
|
||||
int
|
||||
setenv(name, value, rewrite)
|
||||
register const char *name;
|
||||
register const char *value;
|
||||
int rewrite;
|
||||
setenv(const char *name, const char *value, int rewrite)
|
||||
{
|
||||
extern char **environ;
|
||||
static int alloced; /* if allocated space before */
|
||||
register char *C;
|
||||
static char **lastenv; /* last value of environ */
|
||||
char *C;
|
||||
int l_value, offset;
|
||||
|
||||
if (*value == '=') /* no `=' in value */
|
||||
@ -106,30 +96,23 @@ setenv(name, value, rewrite)
|
||||
return (0);
|
||||
}
|
||||
} else { /* create new slot */
|
||||
register int cnt;
|
||||
register char **P;
|
||||
size_t cnt;
|
||||
char **P;
|
||||
|
||||
for (P = environ, cnt = 0; *P; ++P, ++cnt);
|
||||
if (alloced) { /* just increase size */
|
||||
P = (char **)realloc((void *)environ,
|
||||
(size_t)(sizeof(char *) * (cnt + 2)));
|
||||
for (P = environ; *P != NULL; P++)
|
||||
;
|
||||
cnt = P - environ;
|
||||
P = (char **)realloc(lastenv, sizeof(char *) * (cnt + 2));
|
||||
if (!P)
|
||||
return (-1);
|
||||
environ = P;
|
||||
}
|
||||
else { /* get new space */
|
||||
alloced = 1; /* copy old entries into it */
|
||||
P = (char **)malloc((size_t)(sizeof(char *) *
|
||||
(cnt + 2)));
|
||||
if (!P)
|
||||
return (-1);
|
||||
memmove(P, environ, cnt * sizeof(char *));
|
||||
environ = P;
|
||||
}
|
||||
environ[cnt + 1] = NULL;
|
||||
if (lastenv != environ)
|
||||
memcpy(P, environ, cnt * sizeof(char *));
|
||||
lastenv = environ = P;
|
||||
offset = cnt;
|
||||
environ[cnt + 1] = NULL;
|
||||
}
|
||||
for (C = (char *)name; *C && *C != '='; ++C); /* no `=' in name */
|
||||
for (C = (char *)name; *C && *C != '='; ++C)
|
||||
; /* no `=' in name */
|
||||
if (!(environ[offset] = /* name + `=' + value */
|
||||
malloc((size_t)((int)(C - name) + l_value + 2))))
|
||||
return (-1);
|
||||
@ -147,13 +130,10 @@ setenv(name, value, rewrite)
|
||||
* Delete environmental variable "name".
|
||||
*/
|
||||
void
|
||||
unsetenv(name)
|
||||
const char *name;
|
||||
unsetenv(const char *name)
|
||||
{
|
||||
extern char **environ;
|
||||
register char **P;
|
||||
char **P;
|
||||
int offset;
|
||||
char *__findenv();
|
||||
|
||||
while (__findenv(name, &offset)) /* if set multiple times */
|
||||
for (P = &environ[offset];; ++P)
|
||||
|
@ -1,9 +1,7 @@
|
||||
/* OPENBSD ORIGINAL: lib/libcurses/base/sigaction.c */
|
||||
|
||||
/* $OpenBSD: sigaction.c,v 1.3 1999/06/27 08:14:21 millert Exp $ */
|
||||
/* $OpenBSD: sigaction.c,v 1.4 2001/01/22 18:01:48 millert Exp $ */
|
||||
|
||||
/****************************************************************************
|
||||
* Copyright (c) 1998 Free Software Foundation, Inc. *
|
||||
* Copyright (c) 1998,2000 Free Software Foundation, Inc. *
|
||||
* *
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a *
|
||||
* copy of this software and associated documentation files (the *
|
||||
@ -35,6 +33,8 @@
|
||||
* and: Eric S. Raymond <esr@snark.thyrsus.com> *
|
||||
****************************************************************************/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libcurses/base/sigaction.c */
|
||||
|
||||
#include "includes.h"
|
||||
#include <signal.h>
|
||||
#include "sigact.h"
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* $OpenBSD: SigAction.h,v 1.2 1999/06/27 08:15:19 millert Exp $ */
|
||||
/* $OpenBSD: SigAction.h,v 1.3 2001/01/22 18:01:32 millert Exp $ */
|
||||
|
||||
/****************************************************************************
|
||||
* Copyright (c) 1998 Free Software Foundation, Inc. *
|
||||
* Copyright (c) 1998,2000 Free Software Foundation, Inc. *
|
||||
* *
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a *
|
||||
* copy of this software and associated documentation files (the *
|
||||
@ -34,12 +34,14 @@
|
||||
****************************************************************************/
|
||||
|
||||
/*
|
||||
* $From: SigAction.h,v 1.5 1999/06/19 23:00:54 tom Exp $
|
||||
* $From: SigAction.h,v 1.6 2000/12/10 02:36:10 tom Exp $
|
||||
*
|
||||
* This file exists to handle non-POSIX systems which don't have <unistd.h>,
|
||||
* and usually no sigaction() nor <termios.h>
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libcurses/SigAction.h */
|
||||
|
||||
#ifndef _SIGACTION_H
|
||||
#define _SIGACTION_H
|
||||
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strlcat.c */
|
||||
|
||||
/* $OpenBSD: strlcat.c,v 1.11 2003/06/17 21:56:24 millert Exp $ */
|
||||
/* $OpenBSD: strlcat.c,v 1.13 2005/08/08 08:05:37 espie Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
@ -18,13 +16,11 @@
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strlcat.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_STRLCAT
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char *rcsid = "$OpenBSD: strlcat.c,v 1.11 2003/06/17 21:56:24 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <string.h>
|
||||
|
||||
@ -38,9 +34,9 @@ static char *rcsid = "$OpenBSD: strlcat.c,v 1.11 2003/06/17 21:56:24 millert Exp
|
||||
size_t
|
||||
strlcat(char *dst, const char *src, size_t siz)
|
||||
{
|
||||
register char *d = dst;
|
||||
register const char *s = src;
|
||||
register size_t n = siz;
|
||||
char *d = dst;
|
||||
const char *s = src;
|
||||
size_t n = siz;
|
||||
size_t dlen;
|
||||
|
||||
/* Find the end of dst and adjust bytes left but don't go past end */
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strlcpy.c */
|
||||
|
||||
/* $OpenBSD: strlcpy.c,v 1.8 2003/06/17 21:56:24 millert Exp $ */
|
||||
/* $OpenBSD: strlcpy.c,v 1.10 2005/08/08 08:05:37 espie Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
|
||||
@ -18,13 +16,11 @@
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strlcpy.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_STRLCPY
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char *rcsid = "$OpenBSD: strlcpy.c,v 1.8 2003/06/17 21:56:24 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <string.h>
|
||||
|
||||
@ -36,9 +32,9 @@ static char *rcsid = "$OpenBSD: strlcpy.c,v 1.8 2003/06/17 21:56:24 millert Exp
|
||||
size_t
|
||||
strlcpy(char *dst, const char *src, size_t siz)
|
||||
{
|
||||
register char *d = dst;
|
||||
register const char *s = src;
|
||||
register size_t n = siz;
|
||||
char *d = dst;
|
||||
const char *s = src;
|
||||
size_t n = siz;
|
||||
|
||||
/* Copy as many bytes as will fit */
|
||||
if (n != 0 && --n != 0) {
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strmode.c */
|
||||
|
||||
/* $OpenBSD: strmode.c,v 1.7 2005/08/08 08:05:37 espie Exp $ */
|
||||
/*-
|
||||
* Copyright (c) 1990 The Regents of the University of California.
|
||||
* All rights reserved.
|
||||
@ -29,13 +28,11 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strmode.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_STRMODE
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char *rcsid = "$OpenBSD: strmode.c,v 1.5 2003/06/11 21:08:16 deraadt Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <string.h>
|
||||
@ -71,11 +68,6 @@ strmode(int mode, char *p)
|
||||
case S_IFIFO: /* fifo */
|
||||
*p++ = 'p';
|
||||
break;
|
||||
#endif
|
||||
#ifdef S_IFWHT
|
||||
case S_IFWHT: /* whiteout */
|
||||
*p++ = 'w';
|
||||
break;
|
||||
#endif
|
||||
default: /* unknown */
|
||||
*p++ = '?';
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strsep.c */
|
||||
|
||||
/* $OpenBSD: strsep.c,v 1.5 2003/06/11 21:08:16 deraadt Exp $ */
|
||||
/* $OpenBSD: strsep.c,v 1.6 2005/08/08 08:05:37 espie Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1990, 1993
|
||||
@ -31,6 +29,8 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/string/strsep.c */
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#if !defined(HAVE_STRSEP)
|
||||
@ -38,14 +38,6 @@
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)strsep.c 8.1 (Berkeley) 6/4/93";
|
||||
#else
|
||||
static char *rcsid = "$OpenBSD: strsep.c,v 1.5 2003/06/11 21:08:16 deraadt Exp $";
|
||||
#endif
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
/*
|
||||
* Get next token from string *stringp, where tokens are possibly-empty
|
||||
* strings separated by characters from delim.
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/strtoll.c */
|
||||
|
||||
/* $OpenBSD: strtoll.c,v 1.6 2005/11/10 10:00:17 espie Exp $ */
|
||||
/*-
|
||||
* Copyright (c) 1992 The Regents of the University of California.
|
||||
* All rights reserved.
|
||||
@ -29,13 +28,11 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/strtoll.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_STRTOLL
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static const char rcsid[] = "$OpenBSD: strtoll.c,v 1.4 2005/03/30 18:51:49 pat Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <ctype.h>
|
||||
|
@ -1,5 +1,3 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/strtonum.c */
|
||||
|
||||
/* $OpenBSD: strtonum.c,v 1.6 2004/08/03 19:38:01 millert Exp $ */
|
||||
|
||||
/*
|
||||
@ -19,6 +17,8 @@
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/strtonum.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_STRTONUM
|
||||
#include <limits.h>
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/strtoul.c */
|
||||
|
||||
/* $OpenBSD: strtoul.c,v 1.7 2005/08/08 08:05:37 espie Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1990 Regents of the University of California.
|
||||
* All rights reserved.
|
||||
@ -29,13 +28,11 @@
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/stdlib/strtoul.c */
|
||||
|
||||
#include "includes.h"
|
||||
#ifndef HAVE_STRTOUL
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char *rcsid = "$OpenBSD: strtoul.c,v 1.5 2003/06/02 20:18:38 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <ctype.h>
|
||||
#include <errno.h>
|
||||
#include <limits.h>
|
||||
@ -48,15 +45,12 @@ static char *rcsid = "$OpenBSD: strtoul.c,v 1.5 2003/06/02 20:18:38 millert Exp
|
||||
* alphabets and digits are each contiguous.
|
||||
*/
|
||||
unsigned long
|
||||
strtoul(nptr, endptr, base)
|
||||
const char *nptr;
|
||||
char **endptr;
|
||||
register int base;
|
||||
strtoul(const char *nptr, char **endptr, int base)
|
||||
{
|
||||
register const char *s;
|
||||
register unsigned long acc, cutoff;
|
||||
register int c;
|
||||
register int neg, any, cutlim;
|
||||
const char *s;
|
||||
unsigned long acc, cutoff;
|
||||
int c;
|
||||
int neg, any, cutlim;
|
||||
|
||||
/*
|
||||
* See strtol for comments as to the logic used.
|
||||
|
@ -1,5 +1,3 @@
|
||||
/* OPENBSD ORIGINAL: sys/sys/queue.h */
|
||||
|
||||
/* $OpenBSD: queue.h,v 1.25 2004/04/08 16:08:21 henning Exp $ */
|
||||
/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */
|
||||
|
||||
@ -34,6 +32,8 @@
|
||||
* @(#)queue.h 8.5 (Berkeley) 8/20/94
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: sys/sys/queue.h */
|
||||
|
||||
#ifndef _FAKE_QUEUE_H_
|
||||
#define _FAKE_QUEUE_H_
|
||||
|
||||
|
@ -1,5 +1,3 @@
|
||||
/* OPENBSD ORIGINAL: sys/sys/tree.h */
|
||||
|
||||
/* $OpenBSD: tree.h,v 1.7 2002/10/17 21:51:54 art Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
@ -26,6 +24,8 @@
|
||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: sys/sys/tree.h */
|
||||
|
||||
#ifndef _SYS_TREE_H_
|
||||
#define _SYS_TREE_H_
|
||||
|
||||
|
@ -1,5 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/vis.c */
|
||||
|
||||
/* $OpenBSD: vis.c,v 1.19 2005/09/01 17:15:49 millert Exp $ */
|
||||
/*-
|
||||
* Copyright (c) 1989, 1993
|
||||
* The Regents of the University of California. All rights reserved.
|
||||
@ -28,21 +27,22 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: lib/libc/gen/vis.c */
|
||||
|
||||
#include "includes.h"
|
||||
#if !defined(HAVE_STRNVIS)
|
||||
|
||||
#if defined(LIBC_SCCS) && !defined(lint)
|
||||
static char rcsid[] = "$OpenBSD: vis.c,v 1.12 2003/06/02 20:18:35 millert Exp $";
|
||||
#endif /* LIBC_SCCS and not lint */
|
||||
|
||||
#include <ctype.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "vis.h"
|
||||
|
||||
#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7')
|
||||
#define isvisible(c) (((u_int)(c) <= UCHAR_MAX && isascii((u_char)(c)) && \
|
||||
isgraph((u_char)(c))) || \
|
||||
#define isvisible(c) \
|
||||
(((u_int)(c) <= UCHAR_MAX && isascii((u_char)(c)) && \
|
||||
(((c) != '*' && (c) != '?' && (c) != '[' && (c) != '#') || \
|
||||
(flag & VIS_GLOB) == 0) && isgraph((u_char)(c))) || \
|
||||
((flag & VIS_SP) == 0 && (c) == ' ') || \
|
||||
((flag & VIS_TAB) == 0 && (c) == '\t') || \
|
||||
((flag & VIS_NL) == 0 && (c) == '\n') || \
|
||||
@ -54,10 +54,7 @@ static char rcsid[] = "$OpenBSD: vis.c,v 1.12 2003/06/02 20:18:35 millert Exp $"
|
||||
* vis - visually encode characters
|
||||
*/
|
||||
char *
|
||||
vis(dst, c, flag, nextc)
|
||||
register char *dst;
|
||||
int c, nextc;
|
||||
register int flag;
|
||||
vis(char *dst, int c, int flag, int nextc)
|
||||
{
|
||||
if (isvisible(c)) {
|
||||
*dst++ = c;
|
||||
@ -111,7 +108,8 @@ vis(dst, c, flag, nextc)
|
||||
goto done;
|
||||
}
|
||||
}
|
||||
if (((c & 0177) == ' ') || (flag & VIS_OCTAL)) {
|
||||
if (((c & 0177) == ' ') || (flag & VIS_OCTAL) ||
|
||||
((flag & VIS_GLOB) && (c == '*' || c == '?' || c == '[' || c == '#'))) {
|
||||
*dst++ = '\\';
|
||||
*dst++ = ((u_char)c >> 6 & 07) + '0';
|
||||
*dst++ = ((u_char)c >> 3 & 07) + '0';
|
||||
@ -124,7 +122,7 @@ vis(dst, c, flag, nextc)
|
||||
c &= 0177;
|
||||
*dst++ = 'M';
|
||||
}
|
||||
if (iscntrl(c)) {
|
||||
if (iscntrl((u_char)c)) {
|
||||
*dst++ = '^';
|
||||
if (c == 0177)
|
||||
*dst++ = '?';
|
||||
@ -153,12 +151,9 @@ vis(dst, c, flag, nextc)
|
||||
* This is useful for encoding a block of data.
|
||||
*/
|
||||
int
|
||||
strvis(dst, src, flag)
|
||||
register char *dst;
|
||||
register const char *src;
|
||||
int flag;
|
||||
strvis(char *dst, const char *src, int flag)
|
||||
{
|
||||
register char c;
|
||||
char c;
|
||||
char *start;
|
||||
|
||||
for (start = dst; (c = *src);)
|
||||
@ -168,16 +163,11 @@ strvis(dst, src, flag)
|
||||
}
|
||||
|
||||
int
|
||||
strnvis(dst, src, siz, flag)
|
||||
char *dst;
|
||||
const char *src;
|
||||
size_t siz;
|
||||
int flag;
|
||||
strnvis(char *dst, const char *src, size_t siz, int flag)
|
||||
{
|
||||
char c;
|
||||
char *start, *end;
|
||||
char tbuf[5];
|
||||
int i;
|
||||
int c, i;
|
||||
|
||||
i = 0;
|
||||
for (start = dst, end = start + siz - 1; (c = *src) && dst < end; ) {
|
||||
@ -217,13 +207,9 @@ strnvis(dst, src, siz, flag)
|
||||
}
|
||||
|
||||
int
|
||||
strvisx(dst, src, len, flag)
|
||||
register char *dst;
|
||||
register const char *src;
|
||||
register size_t len;
|
||||
int flag;
|
||||
strvisx(char *dst, const char *src, size_t len, int flag)
|
||||
{
|
||||
register char c;
|
||||
char c;
|
||||
char *start;
|
||||
|
||||
for (start = dst; len > 1; len--) {
|
||||
|
@ -1,6 +1,4 @@
|
||||
/* OPENBSD ORIGINAL: include/vis.h */
|
||||
|
||||
/* $OpenBSD: vis.h,v 1.6 2003/06/02 19:34:12 millert Exp $ */
|
||||
/* $OpenBSD: vis.h,v 1.11 2005/08/09 19:38:31 millert Exp $ */
|
||||
/* $NetBSD: vis.h,v 1.4 1994/10/26 00:56:41 cgd Exp $ */
|
||||
|
||||
/*-
|
||||
@ -34,6 +32,8 @@
|
||||
* @(#)vis.h 5.9 (Berkeley) 4/3/91
|
||||
*/
|
||||
|
||||
/* OPENBSD ORIGINAL: include/vis.h */
|
||||
|
||||
#include "includes.h"
|
||||
#if !defined(HAVE_STRNVIS)
|
||||
|
||||
@ -63,6 +63,7 @@
|
||||
* other
|
||||
*/
|
||||
#define VIS_NOSLASH 0x40 /* inhibit printing '\' */
|
||||
#define VIS_GLOB 0x100 /* encode glob(3) magics and '#' */
|
||||
|
||||
/*
|
||||
* unvis return codes
|
||||
@ -80,10 +81,14 @@
|
||||
|
||||
char *vis(char *, int, int, int);
|
||||
int strvis(char *, const char *, int);
|
||||
int strnvis(char *, const char *, size_t, int);
|
||||
int strvisx(char *, const char *, size_t, int);
|
||||
int strnvis(char *, const char *, size_t, int)
|
||||
__attribute__ ((__bounded__(__string__,1,3)));
|
||||
int strvisx(char *, const char *, size_t, int)
|
||||
__attribute__ ((__bounded__(__string__,1,3)));
|
||||
int strunvis(char *, const char *);
|
||||
int unvis(char *, char, int *, int);
|
||||
ssize_t strnunvis(char *, const char *, size_t)
|
||||
__attribute__ ((__bounded__(__string__,1,3)));
|
||||
|
||||
#endif /* !_VIS_H_ */
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
#!/sbin/sh
|
||||
#!@STARTUP_SCRIPT_SHELL@
|
||||
# Donated code that was put under PD license.
|
||||
#
|
||||
# Stripped PRNGd out of it for the time being.
|
||||
|
@ -37,7 +37,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: packet.c,v 1.119 2005/07/28 17:36:22 markus Exp $");
|
||||
RCSID("$OpenBSD: packet.c,v 1.120 2005/10/30 08:52:17 djm Exp $");
|
||||
|
||||
#include "openbsd-compat/sys-queue.h"
|
||||
|
||||
@ -572,7 +572,7 @@ packet_send1(void)
|
||||
buffer_clear(&outgoing_packet);
|
||||
|
||||
/*
|
||||
* Note that the packet is now only buffered in output. It won\'t be
|
||||
* Note that the packet is now only buffered in output. It won't be
|
||||
* actually sent until packet_write_wait or packet_write_poll is
|
||||
* called.
|
||||
*/
|
||||
|
@ -85,8 +85,8 @@ format_rate(char *buf, int size, off_t bytes)
|
||||
bytes = (bytes + 512) / 1024;
|
||||
}
|
||||
snprintf(buf, size, "%3lld.%1lld%c%s",
|
||||
(int64_t) (bytes + 5) / 100,
|
||||
(int64_t) (bytes + 5) / 10 % 10,
|
||||
(long long) (bytes + 5) / 100,
|
||||
(long long) (bytes + 5) / 10 % 10,
|
||||
unit[i],
|
||||
i ? "B" : " ");
|
||||
}
|
||||
@ -99,7 +99,7 @@ format_size(char *buf, int size, off_t bytes)
|
||||
for (i = 0; bytes >= 10000 && unit[i] != 'T'; i++)
|
||||
bytes = (bytes + 512) / 1024;
|
||||
snprintf(buf, size, "%4lld%c%s",
|
||||
(int64_t) bytes,
|
||||
(long long) bytes,
|
||||
unit[i],
|
||||
i ? "B" : " ");
|
||||
}
|
||||
|
@ -12,7 +12,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: readconf.c,v 1.143 2005/07/30 02:03:47 djm Exp $");
|
||||
RCSID("$OpenBSD: readconf.c,v 1.145 2005/12/08 18:34:11 reyk Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "xmalloc.h"
|
||||
@ -70,6 +70,10 @@ RCSID("$OpenBSD: readconf.c,v 1.143 2005/07/30 02:03:47 djm Exp $");
|
||||
Cipher none
|
||||
PasswordAuthentication no
|
||||
|
||||
Host vpn.fake.com
|
||||
Tunnel yes
|
||||
TunnelDevice 3
|
||||
|
||||
# Defaults for various options
|
||||
Host *
|
||||
ForwardAgent no
|
||||
@ -107,6 +111,7 @@ typedef enum {
|
||||
oAddressFamily, oGssAuthentication, oGssDelegateCreds,
|
||||
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
|
||||
oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
|
||||
oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
|
||||
oDeprecated, oUnsupported
|
||||
} OpCodes;
|
||||
|
||||
@ -198,6 +203,10 @@ static struct {
|
||||
{ "controlpath", oControlPath },
|
||||
{ "controlmaster", oControlMaster },
|
||||
{ "hashknownhosts", oHashKnownHosts },
|
||||
{ "tunnel", oTunnel },
|
||||
{ "tunneldevice", oTunnelDevice },
|
||||
{ "localcommand", oLocalCommand },
|
||||
{ "permitlocalcommand", oPermitLocalCommand },
|
||||
{ NULL, oBadOption }
|
||||
};
|
||||
|
||||
@ -264,6 +273,7 @@ clear_forwardings(Options *options)
|
||||
xfree(options->remote_forwards[i].connect_host);
|
||||
}
|
||||
options->num_remote_forwards = 0;
|
||||
options->tun_open = SSH_TUNMODE_NO;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -296,7 +306,7 @@ process_config_line(Options *options, const char *host,
|
||||
int *activep)
|
||||
{
|
||||
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256];
|
||||
int opcode, *intptr, value;
|
||||
int opcode, *intptr, value, value2;
|
||||
size_t len;
|
||||
Forward fwd;
|
||||
|
||||
@ -553,9 +563,10 @@ process_config_line(Options *options, const char *host,
|
||||
goto parse_string;
|
||||
|
||||
case oProxyCommand:
|
||||
charptr = &options->proxy_command;
|
||||
parse_command:
|
||||
if (s == NULL)
|
||||
fatal("%.200s line %d: Missing argument.", filename, linenum);
|
||||
charptr = &options->proxy_command;
|
||||
len = strspn(s, WHITESPACE "=");
|
||||
if (*activep && *charptr == NULL)
|
||||
*charptr = xstrdup(s + len);
|
||||
@ -822,6 +833,49 @@ process_config_line(Options *options, const char *host,
|
||||
intptr = &options->hash_known_hosts;
|
||||
goto parse_flag;
|
||||
|
||||
case oTunnel:
|
||||
intptr = &options->tun_open;
|
||||
arg = strdelim(&s);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: Missing yes/point-to-point/"
|
||||
"ethernet/no argument.", filename, linenum);
|
||||
value = 0; /* silence compiler */
|
||||
if (strcasecmp(arg, "ethernet") == 0)
|
||||
value = SSH_TUNMODE_ETHERNET;
|
||||
else if (strcasecmp(arg, "point-to-point") == 0)
|
||||
value = SSH_TUNMODE_POINTOPOINT;
|
||||
else if (strcasecmp(arg, "yes") == 0)
|
||||
value = SSH_TUNMODE_DEFAULT;
|
||||
else if (strcasecmp(arg, "no") == 0)
|
||||
value = SSH_TUNMODE_NO;
|
||||
else
|
||||
fatal("%s line %d: Bad yes/point-to-point/ethernet/"
|
||||
"no argument: %s", filename, linenum, arg);
|
||||
if (*activep)
|
||||
*intptr = value;
|
||||
break;
|
||||
|
||||
case oTunnelDevice:
|
||||
arg = strdelim(&s);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%.200s line %d: Missing argument.", filename, linenum);
|
||||
value = a2tun(arg, &value2);
|
||||
if (value == SSH_TUNID_ERR)
|
||||
fatal("%.200s line %d: Bad tun device.", filename, linenum);
|
||||
if (*activep) {
|
||||
options->tun_local = value;
|
||||
options->tun_remote = value2;
|
||||
}
|
||||
break;
|
||||
|
||||
case oLocalCommand:
|
||||
charptr = &options->local_command;
|
||||
goto parse_command;
|
||||
|
||||
case oPermitLocalCommand:
|
||||
intptr = &options->permit_local_command;
|
||||
goto parse_flag;
|
||||
|
||||
case oDeprecated:
|
||||
debug("%s line %d: Deprecated option \"%s\"",
|
||||
filename, linenum, keyword);
|
||||
@ -966,6 +1020,11 @@ initialize_options(Options * options)
|
||||
options->control_path = NULL;
|
||||
options->control_master = -1;
|
||||
options->hash_known_hosts = -1;
|
||||
options->tun_open = -1;
|
||||
options->tun_local = -1;
|
||||
options->tun_remote = -1;
|
||||
options->local_command = NULL;
|
||||
options->permit_local_command = -1;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1090,6 +1149,15 @@ fill_default_options(Options * options)
|
||||
options->control_master = 0;
|
||||
if (options->hash_known_hosts == -1)
|
||||
options->hash_known_hosts = 0;
|
||||
if (options->tun_open == -1)
|
||||
options->tun_open = SSH_TUNMODE_NO;
|
||||
if (options->tun_local == -1)
|
||||
options->tun_local = SSH_TUNID_ANY;
|
||||
if (options->tun_remote == -1)
|
||||
options->tun_remote = SSH_TUNID_ANY;
|
||||
if (options->permit_local_command == -1)
|
||||
options->permit_local_command = 0;
|
||||
/* options->local_command should not be set by default */
|
||||
/* options->proxy_command should not be set by default */
|
||||
/* options->user will be set in the main program if appropriate */
|
||||
/* options->hostname will be set in the main program if appropriate */
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: readconf.h,v 1.67 2005/06/08 11:25:09 djm Exp $ */
|
||||
/* $OpenBSD: readconf.h,v 1.68 2005/12/06 22:38:27 reyk Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -114,6 +114,14 @@ typedef struct {
|
||||
int control_master;
|
||||
|
||||
int hash_known_hosts;
|
||||
|
||||
int tun_open; /* tun(4) */
|
||||
int tun_local; /* force tun device (optional) */
|
||||
int tun_remote; /* force tun device (optional) */
|
||||
|
||||
char *local_command;
|
||||
int permit_local_command;
|
||||
|
||||
} Options;
|
||||
|
||||
#define SSHCTL_MASTER_NO 0
|
||||
|
@ -97,8 +97,12 @@ Known Issues.
|
||||
unless ssh-rand-helper is in pre-installed (the path to
|
||||
ssh-rand-helper is hard coded).
|
||||
|
||||
- Similarly, if you do not have "scp" in your system's $PATH then the
|
||||
multiplex scp tests will fail (since the system's shell startup scripts
|
||||
will determine where the shell started by sshd will look for scp).
|
||||
|
||||
- Recent GNU coreutils deprecate "head -[n]": this will cause the yes-head
|
||||
test to fail. The old behaviour can be restored by setting (and
|
||||
exporting) _POSIX2_VERSION=199209 before running the tests.
|
||||
|
||||
$Id: README.regress,v 1.9 2004/08/17 12:31:33 dtucker Exp $
|
||||
$Id: README.regress,v 1.10 2005/10/03 10:14:18 dtucker Exp $
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: agent-getpeereid.sh,v 1.1 2002/12/09 16:05:02 markus Exp $
|
||||
# $OpenBSD: agent-getpeereid.sh,v 1.2 2005/11/14 21:25:56 grunk Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="disallow agent attach from other uid"
|
||||
@ -27,7 +27,7 @@ else
|
||||
fail "ssh-add failed with $r != 1"
|
||||
fi
|
||||
|
||||
< /dev/null sudo -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1
|
||||
< /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1
|
||||
r=$?
|
||||
if [ $r -lt 2 ]; then
|
||||
fail "ssh-add did not fail for ${UNPRIV}: $r < 2"
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: forwarding.sh,v 1.4 2002/03/15 13:08:56 markus Exp $
|
||||
# $OpenBSD: forwarding.sh,v 1.5 2005/03/10 10:20:39 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="local and remote forwarding"
|
||||
@ -32,3 +32,34 @@ for p in 1 2; do
|
||||
|
||||
sleep 10
|
||||
done
|
||||
|
||||
for p in 1 2; do
|
||||
trace "simple clear forwarding proto $p"
|
||||
${SSH} -$p -F $OBJ/ssh_config -oClearAllForwardings=yes somehost true
|
||||
|
||||
trace "clear local forward proto $p"
|
||||
${SSH} -$p -f -F $OBJ/ssh_config -L ${base}01:127.0.0.1:$PORT \
|
||||
-oClearAllForwardings=yes somehost sleep 10
|
||||
if [ $? != 0 ]; then
|
||||
fail "connection failed with cleared local forwarding"
|
||||
else
|
||||
# this one should fail
|
||||
${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
|
||||
2>${TEST_SSH_LOGFILE} && \
|
||||
fail "local forwarding not cleared"
|
||||
fi
|
||||
sleep 10
|
||||
|
||||
trace "clear remote forward proto $p"
|
||||
${SSH} -$p -f -F $OBJ/ssh_config -R ${base}01:127.0.0.1:$PORT \
|
||||
-oClearAllForwardings=yes somehost sleep 10
|
||||
if [ $? != 0 ]; then
|
||||
fail "connection failed with cleared remote forwarding"
|
||||
else
|
||||
# this one should fail
|
||||
${SSH} -$p -F $OBJ/ssh_config -p ${base}01 true \
|
||||
2>${TEST_SSH_LOGFILE} && \
|
||||
fail "remote forwarding not cleared"
|
||||
fi
|
||||
sleep 10
|
||||
done
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: multiplex.sh,v 1.10 2005/02/27 11:33:30 dtucker Exp $
|
||||
# $OpenBSD: multiplex.sh,v 1.11 2005/04/25 09:54:09 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
CTL=/tmp/openssh.regress.ctl-sock.$$
|
||||
|
@ -15,8 +15,9 @@ esac
|
||||
|
||||
start_sshd
|
||||
|
||||
$SUDO kill -HUP `cat $PIDFILE`
|
||||
sleep 1
|
||||
PID=`cat $PIDFILE`
|
||||
rm -f $PIDFILE
|
||||
$SUDO kill -HUP $PID
|
||||
|
||||
trace "wait for sshd to restart"
|
||||
i=0;
|
||||
|
@ -1,5 +1,5 @@
|
||||
#!/bin/sh
|
||||
# $OpenBSD: scp-ssh-wrapper.sh,v 1.1 2004/06/13 13:51:02 dtucker Exp $
|
||||
# $OpenBSD: scp-ssh-wrapper.sh,v 1.2 2005/12/14 04:36:39 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
printname () {
|
||||
@ -16,8 +16,11 @@ printname () {
|
||||
done
|
||||
}
|
||||
|
||||
# discard first 5 args
|
||||
shift; shift; shift; shift; shift
|
||||
# Discard all but last argument. We use arg later.
|
||||
while test "$1" != ""; do
|
||||
arg="$1"
|
||||
shift
|
||||
done
|
||||
|
||||
BAD="../../../../../../../../../../../../../${DIR}/dotpathdir"
|
||||
|
||||
@ -49,6 +52,6 @@ badserver_4)
|
||||
echo "X"
|
||||
;;
|
||||
*)
|
||||
exec $1
|
||||
exec $arg
|
||||
;;
|
||||
esac
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: scp.sh,v 1.3 2004/07/08 12:59:35 dtucker Exp $
|
||||
# $OpenBSD: scp.sh,v 1.7 2006/01/31 10:36:33 djm Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="scp"
|
||||
@ -28,6 +28,11 @@ scpclean() {
|
||||
mkdir ${DIR} ${DIR2}
|
||||
}
|
||||
|
||||
verbose "$tid: simple copy local file to local file"
|
||||
scpclean
|
||||
$SCP $scpopts ${DATA} ${COPY} || fail "copy failed"
|
||||
cmp ${DATA} ${COPY} || fail "corrupted copy"
|
||||
|
||||
verbose "$tid: simple copy local file to remote file"
|
||||
scpclean
|
||||
$SCP $scpopts ${DATA} somehost:${COPY} || fail "copy failed"
|
||||
@ -44,6 +49,12 @@ cp ${DATA} ${COPY}
|
||||
$SCP $scpopts ${COPY} somehost:${DIR} || fail "copy failed"
|
||||
cmp ${COPY} ${DIR}/copy || fail "corrupted copy"
|
||||
|
||||
verbose "$tid: simple copy local file to local dir"
|
||||
scpclean
|
||||
cp ${DATA} ${COPY}
|
||||
$SCP $scpopts ${COPY} ${DIR} || fail "copy failed"
|
||||
cmp ${COPY} ${DIR}/copy || fail "corrupted copy"
|
||||
|
||||
verbose "$tid: simple copy remote file to local dir"
|
||||
scpclean
|
||||
cp ${DATA} ${COPY}
|
||||
@ -57,6 +68,13 @@ cp ${DATA} ${DIR}/copy
|
||||
$SCP $scpopts -r ${DIR} somehost:${DIR2} || fail "copy failed"
|
||||
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
|
||||
|
||||
verbose "$tid: recursive local dir to local dir"
|
||||
scpclean
|
||||
rm -rf ${DIR2}
|
||||
cp ${DATA} ${DIR}/copy
|
||||
$SCP $scpopts -r ${DIR} ${DIR2} || fail "copy failed"
|
||||
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
|
||||
|
||||
verbose "$tid: recursive remote dir to local dir"
|
||||
scpclean
|
||||
rm -rf ${DIR2}
|
||||
@ -64,6 +82,13 @@ cp ${DATA} ${DIR}/copy
|
||||
$SCP $scpopts -r somehost:${DIR} ${DIR2} || fail "copy failed"
|
||||
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
|
||||
|
||||
verbose "$tid: shell metacharacters"
|
||||
scpclean
|
||||
(cd ${DIR} && \
|
||||
touch '`touch metachartest`' && \
|
||||
$SCP $scpopts *metachar* ${DIR2} 2>/dev/null; \
|
||||
[ ! -f metachartest ] ) || fail "shell metacharacters"
|
||||
|
||||
if [ ! -z "$SUDO" ]; then
|
||||
verbose "$tid: skipped file after scp -p with failed chown+utimes"
|
||||
scpclean
|
||||
@ -73,7 +98,7 @@ if [ ! -z "$SUDO" ]; then
|
||||
chmod 660 ${DIR2}/copy
|
||||
$SUDO chown root ${DIR2}/copy
|
||||
$SCP -p $scpopts somehost:${DIR}/\* ${DIR2} >/dev/null 2>&1
|
||||
diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
|
||||
$SUDO diff ${DIFFOPT} ${DIR} ${DIR2} || fail "corrupted copy"
|
||||
$SUDO rm ${DIR2}/copy
|
||||
fi
|
||||
|
||||
@ -91,5 +116,12 @@ for i in 0 1 2 3 4; do
|
||||
[ -d ${DIR}/dotpathdir ] && fail "allows dir creation outside of subdir"
|
||||
done
|
||||
|
||||
verbose "$tid: detect non-directory target"
|
||||
scpclean
|
||||
echo a > ${COPY}
|
||||
echo b > ${COPY2}
|
||||
$SCP $scpopts ${DATA} ${COPY} ${COPY2}
|
||||
cmp ${COPY} ${COPY2} >/dev/null && fail "corrupt target"
|
||||
|
||||
scpclean
|
||||
rm -f ${OBJ}/scp-ssh-wrapper.scp
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user