Resolve conflicts
This commit is contained in:
Kris Kennaway
parent
7513668808
commit
c322fe352d
@ -7,7 +7,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: auth.c,v 1.6 2000/04/26 21:28:31 markus Exp $");
|
||||
RCSID("$OpenBSD: auth.c,v 1.7 2000/05/17 21:37:24 deraadt Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "rsa.h"
|
||||
@ -47,14 +47,21 @@ allowed_user(struct passwd * pw)
|
||||
{
|
||||
struct stat st;
|
||||
struct group *grp;
|
||||
char *shell;
|
||||
int i;
|
||||
|
||||
/* Shouldn't be called if pw is NULL, but better safe than sorry... */
|
||||
if (!pw)
|
||||
return 0;
|
||||
|
||||
/*
|
||||
* Get the shell from the password data. An empty shell field is
|
||||
* legal, and means /bin/sh.
|
||||
*/
|
||||
shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
|
||||
|
||||
/* deny if shell does not exists or is not executable */
|
||||
if (stat(pw->pw_shell, &st) != 0)
|
||||
if (stat(shell, &st) != 0)
|
||||
return 0;
|
||||
if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP))))
|
||||
return 0;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$Id: cipher.c,v 1.26 2000/04/14 10:30:30 markus Exp $");
|
||||
RCSID("$Id: cipher.c,v 1.27 2000/05/22 18:42:00 markus Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "cipher.h"
|
||||
@ -179,7 +179,7 @@ ciphers_valid(const char *names)
|
||||
char *p;
|
||||
int i;
|
||||
|
||||
if (strcmp(names, "") == 0)
|
||||
if (names == NULL || strcmp(names, "") == 0)
|
||||
return 0;
|
||||
ciphers = xstrdup(names);
|
||||
for ((p = strtok(ciphers, CIPHER_SEP)); p; (p = strtok(NULL, CIPHER_SEP))) {
|
||||
@ -202,6 +202,8 @@ int
|
||||
cipher_number(const char *name)
|
||||
{
|
||||
int i;
|
||||
if (name == NULL)
|
||||
return -1;
|
||||
for (i = 0; i < sizeof(cipher_names) / sizeof(cipher_names[0]); i++)
|
||||
if (strcmp(cipher_names[i], name) == 0 &&
|
||||
(cipher_mask() & (1 << i)))
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$Id: servconf.c,v 1.40 2000/05/08 17:12:15 markus Exp $");
|
||||
RCSID("$Id: servconf.c,v 1.41 2000/05/22 18:42:01 markus Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "servconf.h"
|
||||
@ -622,6 +622,8 @@ read_server_config(ServerOptions *options, const char *filename)
|
||||
|
||||
case sCiphers:
|
||||
cp = strtok(NULL, WHITESPACE);
|
||||
if (!cp)
|
||||
fatal("%s line %d: Missing argument.", filename, linenum);
|
||||
if (!ciphers_valid(cp))
|
||||
fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
|
||||
filename, linenum, cp ? cp : "<NONE>");
|
||||
@ -632,6 +634,8 @@ read_server_config(ServerOptions *options, const char *filename)
|
||||
case sProtocol:
|
||||
intptr = &options->protocol;
|
||||
cp = strtok(NULL, WHITESPACE);
|
||||
if (!cp)
|
||||
fatal("%s line %d: Missing argument.", filename, linenum);
|
||||
value = proto_spec(cp);
|
||||
if (value == SSH_PROTO_UNKNOWN)
|
||||
fatal("%s line %d: Bad protocol spec '%s'.",
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: sshconnect.c,v 1.72 2000/05/04 09:50:22 markus Exp $");
|
||||
RCSID("$OpenBSD: sshconnect.c,v 1.74 2000/05/17 16:57:02 markus Exp $");
|
||||
|
||||
#include <openssl/bn.h>
|
||||
#include <openssl/dsa.h>
|
||||
@ -253,7 +253,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
|
||||
temporarily_use_uid(original_real_uid);
|
||||
if (connect(sock, ai->ai_addr, ai->ai_addrlen) >= 0) {
|
||||
/* Successful connection. */
|
||||
memcpy(hostaddr, ai->ai_addr, sizeof(*hostaddr));
|
||||
memcpy(hostaddr, ai->ai_addr, ai->ai_addrlen);
|
||||
restore_uid();
|
||||
break;
|
||||
} else {
|
||||
@ -299,21 +299,6 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
|
||||
return 1;
|
||||
}
|
||||
|
||||
char *
|
||||
chop(char *s)
|
||||
{
|
||||
char *t = s;
|
||||
while (*t) {
|
||||
if(*t == '\n' || *t == '\r') {
|
||||
*t = '\0';
|
||||
return s;
|
||||
}
|
||||
t++;
|
||||
}
|
||||
return s;
|
||||
|
||||
}
|
||||
|
||||
/*
|
||||
* Waits for the server identification string, and sends our own
|
||||
* identification string.
|
||||
|
||||
@ -16,7 +16,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: sshd.c,v 1.115 2000/05/03 10:21:49 markus Exp $");
|
||||
RCSID("$OpenBSD: sshd.c,v 1.118 2000/05/25 20:45:20 markus Exp $");
|
||||
|
||||
#include "xmalloc.h"
|
||||
#include "rsa.h"
|
||||
@ -292,21 +292,6 @@ key_regeneration_alarm(int sig)
|
||||
errno = save_errno;
|
||||
}
|
||||
|
||||
char *
|
||||
chop(char *s)
|
||||
{
|
||||
char *t = s;
|
||||
while (*t) {
|
||||
if(*t == '\n' || *t == '\r') {
|
||||
*t = '\0';
|
||||
return s;
|
||||
}
|
||||
t++;
|
||||
}
|
||||
return s;
|
||||
|
||||
}
|
||||
|
||||
void
|
||||
sshd_exchange_identification(int sock_in, int sock_out)
|
||||
{
|
||||
@ -434,9 +419,12 @@ void
|
||||
destroy_sensitive_data(void)
|
||||
{
|
||||
/* Destroy the private and public keys. They will no longer be needed. */
|
||||
RSA_free(public_key);
|
||||
RSA_free(sensitive_data.private_key);
|
||||
RSA_free(sensitive_data.host_key);
|
||||
if (public_key)
|
||||
RSA_free(public_key);
|
||||
if (sensitive_data.private_key)
|
||||
RSA_free(sensitive_data.private_key);
|
||||
if (sensitive_data.host_key)
|
||||
RSA_free(sensitive_data.host_key);
|
||||
if (sensitive_data.dsa_host_key != NULL)
|
||||
key_free(sensitive_data.dsa_host_key);
|
||||
}
|
||||
@ -1239,7 +1227,6 @@ do_ssh2_kex()
|
||||
int payload_len, dlen;
|
||||
int slen;
|
||||
unsigned int klen, kout;
|
||||
char *ptr;
|
||||
unsigned char *signature = NULL;
|
||||
unsigned char *server_host_key_blob = NULL;
|
||||
unsigned int sbloblen;
|
||||
@ -1251,7 +1238,6 @@ do_ssh2_kex()
|
||||
unsigned char *hash;
|
||||
Kex *kex;
|
||||
char *cprop[PROPOSAL_MAX];
|
||||
char *sprop[PROPOSAL_MAX];
|
||||
|
||||
/* KEXINIT */
|
||||
|
||||
@ -1259,46 +1245,15 @@ do_ssh2_kex()
|
||||
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
|
||||
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
|
||||
}
|
||||
|
||||
debug("Sending KEX init.");
|
||||
|
||||
for (i = 0; i < PROPOSAL_MAX; i++)
|
||||
sprop[i] = xstrdup(myproposal[i]);
|
||||
server_kexinit = kex_init(sprop);
|
||||
packet_start(SSH2_MSG_KEXINIT);
|
||||
packet_put_raw(buffer_ptr(server_kexinit), buffer_len(server_kexinit));
|
||||
packet_send();
|
||||
packet_write_wait();
|
||||
|
||||
debug("done");
|
||||
|
||||
packet_read_expect(&payload_len, SSH2_MSG_KEXINIT);
|
||||
|
||||
/*
|
||||
* save raw KEXINIT payload in buffer. this is used during
|
||||
* computation of the session_id and the session keys.
|
||||
*/
|
||||
server_kexinit = kex_init(myproposal);
|
||||
client_kexinit = xmalloc(sizeof(*client_kexinit));
|
||||
buffer_init(client_kexinit);
|
||||
ptr = packet_get_raw(&payload_len);
|
||||
buffer_append(client_kexinit, ptr, payload_len);
|
||||
|
||||
/* skip cookie */
|
||||
for (i = 0; i < 16; i++)
|
||||
(void) packet_get_char();
|
||||
/* save kex init proposal strings */
|
||||
for (i = 0; i < PROPOSAL_MAX; i++) {
|
||||
cprop[i] = packet_get_string(NULL);
|
||||
debug("got kexinit string: %s", cprop[i]);
|
||||
}
|
||||
|
||||
i = (int) packet_get_char();
|
||||
debug("first kex follow == %d", i);
|
||||
i = packet_get_int();
|
||||
debug("reserved == %d", i);
|
||||
|
||||
debug("done read kexinit");
|
||||
kex = kex_choose_conf(cprop, sprop, 1);
|
||||
/* algorithm negotiation */
|
||||
kex_exchange_kexinit(server_kexinit, client_kexinit, cprop);
|
||||
kex = kex_choose_conf(cprop, myproposal, 1);
|
||||
for (i = 0; i < PROPOSAL_MAX; i++)
|
||||
xfree(cprop[i]);
|
||||
|
||||
/* KEXDH */
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user