Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

from www.openssh.org

This commit is contained in:
christos 2006-09-28 21:14:57 +00:00
parent c1690ac516
commit 24bd244ffa
166 changed files with 4751 additions and 2546 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/dist/ssh/OVERVIEW vendored
View File

@ -162,8 +162,7 @@ these programs.
- There are several other files in the distribution that contain
various auxiliary routines:
ssh.h the main header file for ssh (various definitions)
getput.h byte-order independent storage of integers
includes.h includes most system headers. Lots of #ifdefs.
tildexpand.c expand tilde in file names
uidswap.c uid-swapping
xmalloc.c "safe" malloc routines
$OpenBSD: OVERVIEW,v 1.11 2006/08/03 03:34:41 deraadt Exp $

2
crypto/dist/ssh/README vendored
View File

@ -23,3 +23,5 @@ features and created OpenSSH. Markus Friedl contributed the support
for SSH protocol versions 1.5 and 2.0.
See http://www.openssh.com/ for more information.
$OpenBSD: README,v 1.7 2006/04/01 05:37:46 djm Exp $

71
crypto/dist/ssh/atomicio.c vendored
View File

@ -1,5 +1,7 @@
/* $NetBSD: atomicio.c,v 1.1.1.8 2006/02/04 22:22:31 christos Exp $ */
/* $NetBSD: atomicio.c,v 1.1.1.9 2006/09/28 21:14:57 christos Exp $ */
/* $OpenBSD: atomicio.c,v 1.23 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2006 Damien Miller. All rights reserved.
* Copyright (c) 2005 Anil Madhavapeddy. All rights reserved.
* Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
* All rights reserved.
@ -25,8 +27,11 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: atomicio.c,v 1.13 2005/05/24 17:32:43 avsm Exp $");
#include <sys/param.h>
#include <sys/uio.h>
#include <errno.h>
#include <string.h>
#include "atomicio.h"
@ -34,11 +39,7 @@ RCSID("$OpenBSD: atomicio.c,v 1.13 2005/05/24 17:32:43 avsm Exp $");
* ensure all of data on socket comes through. f==read || f==vwrite
*/
size_t
atomicio(f, fd, _s, n)
ssize_t (*f) (int, void *, size_t);
int fd;
void *_s;
size_t n;
atomicio(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n)
{
char *s = _s;
size_t pos = 0;
@ -55,8 +56,60 @@ atomicio(f, fd, _s, n)
errno = EPIPE;
return pos;
default:
pos += (u_int)res;
pos += (size_t)res;
}
}
return (pos);
}
/*
* ensure all of data on socket comes through. f==readv || f==writev
*/
size_t
atomiciov(ssize_t (*f) (int, const struct iovec *, int), int fd,
const struct iovec *_iov, int iovcnt)
{
size_t pos = 0, rem;
ssize_t res;
struct iovec iov_array[IOV_MAX], *iov = iov_array;
if (iovcnt > IOV_MAX) {
errno = EINVAL;
return 0;
}
/* Make a copy of the iov array because we may modify it below */
memcpy(iov, _iov, iovcnt * sizeof(*_iov));
for (; iovcnt > 0 && iov[0].iov_len > 0;) {
res = (f) (fd, iov, iovcnt);
switch (res) {
case -1:
if (errno == EINTR || errno == EAGAIN)
continue;
return 0;
case 0:
errno = EPIPE;
return pos;
default:
rem = (size_t)res;
pos += rem;
/* skip completed iov entries */
while (iovcnt > 0 && rem >= iov[0].iov_len) {
rem -= iov[0].iov_len;
iov++;
iovcnt--;
}
/* This shouldn't happen... */
if (rem > 0 && (iovcnt <= 0 || rem > iov[0].iov_len)) {
errno = EFAULT;
return 0;
}
if (iovcnt == 0)
break;
/* update pointer in partially complete iov */
iov[0].iov_base = ((char *)iov[0].iov_base) + rem;
iov[0].iov_len -= rem;
}
}
return pos;
}

16
crypto/dist/ssh/atomicio.h vendored
View File

@ -1,7 +1,8 @@
/* $NetBSD: atomicio.h,v 1.1.1.6 2006/02/04 22:22:31 christos Exp $ */
/* $OpenBSD: atomicio.h,v 1.6 2005/05/24 17:32:43 avsm Exp $ */
/* $NetBSD: atomicio.h,v 1.1.1.7 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: atomicio.h,v 1.10 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2006 Damien Miller. All rights reserved.
* Copyright (c) 1995,1999 Theo de Raadt. All rights reserved.
* All rights reserved.
*
@ -26,9 +27,20 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _ATOMICIO_H
#define _ATOMICIO_H
/*
* Ensure all of data on socket comes through. f==read || f==vwrite
*/
size_t atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t);
#define vwrite (ssize_t (*)(int, void *, size_t))write
/*
* ensure all of data on socket comes through. f==readv || f==writev
*/
size_t atomiciov(ssize_t (*)(int, const struct iovec *, int),
int, const struct iovec *, int);
#endif /* _ATOMICIO_H */

18
crypto/dist/ssh/auth-bsdauth.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-bsdauth.c,v 1.1.1.6 2005/04/23 16:27:56 christos Exp $ */
/* $NetBSD: auth-bsdauth.c,v 1.1.1.7 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-bsdauth.c,v 1.10 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -22,13 +23,19 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-bsdauth.c,v 1.6 2005/01/19 13:11:47 dtucker Exp $");
#include <sys/types.h>
#ifdef BSD_AUTH
#include "xmalloc.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "log.h"
#include "buffer.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
static void *
@ -70,9 +77,8 @@ bsdauth_query(void *ctx, char **name, char **infotxt,
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char *));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;
*prompts = xcalloc(*numprompts, sizeof(char *));
*echo_on = xcalloc(*numprompts, sizeof(u_int));
(*prompts)[0] = xstrdup(challenge);
return 0;

10
crypto/dist/ssh/auth-chall.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-chall.c,v 1.1.1.5 2005/02/13 00:52:44 christos Exp $ */
/* $NetBSD: auth-chall.c,v 1.1.1.6 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-chall.c,v 1.12 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -23,12 +24,13 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-chall.c,v 1.9 2003/11/03 09:03:37 djm Exp $");
#include <sys/types.h>
#include "xmalloc.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "log.h"
#include "xmalloc.h"
/* limited protocol v1 interface to kbd-interactive authentication */

13
crypto/dist/ssh/auth-krb5.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-krb5.c,v 1.1.1.8 2006/02/04 22:22:31 christos Exp $ */
/* $NetBSD: auth-krb5.c,v 1.1.1.9 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Kerberos v5 authentication and ticket-passing routines.
*
@ -28,16 +29,20 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-krb5.c,v 1.16 2005/11/21 09:42:10 dtucker Exp $");
#include <sys/types.h>
#include <pwd.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
#include "packet.h"
#include "xmalloc.h"
#include "log.h"
#include "buffer.h"
#include "servconf.h"
#include "uidswap.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#ifdef KRB5

30
crypto/dist/ssh/auth-options.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-options.c,v 1.1.1.15 2006/02/04 22:22:32 christos Exp $ */
/* $NetBSD: auth-options.c,v 1.1.1.16 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-options.c,v 1.40 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -10,19 +11,30 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: auth-options.c,v 1.33 2005/12/08 18:34:11 reyk Exp $");
#include <sys/types.h>
#include <netdb.h>
#include <pwd.h>
#include <string.h>
#include <stdio.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "match.h"
#include "log.h"
#include "canohost.h"
#include "buffer.h"
#include "channels.h"
#include "auth-options.h"
#include "servconf.h"
#include "misc.h"
#include "monitor_wrap.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
/* Flags set authorized_keys flags */
int no_port_forwarding_flag = 0;
@ -132,7 +144,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
forced_command = NULL;
goto bad_option;
}
forced_command[i] = 0;
forced_command[i] = '\0';
auth_debug_add("Forced command: %.900s", forced_command);
opts++;
goto next_option;
@ -164,7 +176,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
xfree(s);
goto bad_option;
}
s[i] = 0;
s[i] = '\0';
auth_debug_add("Adding to environment: %.900s", s);
debug("Adding to environment: %.900s", s);
opts++;
@ -201,7 +213,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
xfree(patterns);
goto bad_option;
}
patterns[i] = 0;
patterns[i] = '\0';
opts++;
if (match_host_and_ip(remote_host, remote_ip,
patterns) != 1) {
@ -246,7 +258,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
xfree(patterns);
goto bad_option;
}
patterns[i] = 0;
patterns[i] = '\0';
opts++;
p = patterns;
host = hpdelim(&p);
@ -294,7 +306,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
forced_tun_device = -1;
goto bad_option;
}
tun[i] = 0;
tun[i] = '\0';
forced_tun_device = a2tun(tun, NULL);
xfree(tun);
if (forced_tun_device == SSH_TUNID_ERR) {

4
crypto/dist/ssh/auth-options.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: auth-options.h,v 1.1.1.8 2006/02/04 22:22:32 christos Exp $ */
/* $OpenBSD: auth-options.h,v 1.13 2005/12/06 22:38:27 reyk Exp $ */
/* $NetBSD: auth-options.h,v 1.1.1.9 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-options.h,v 1.16 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>

13
crypto/dist/ssh/auth-passwd.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-passwd.c,v 1.1.1.12 2006/02/04 22:22:32 christos Exp $ */
/* $NetBSD: auth-passwd.c,v 1.1.1.13 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-passwd.c,v 1.40 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -36,13 +37,19 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-passwd.c,v 1.34 2005/07/19 15:32:26 otto Exp $");
#include <sys/types.h>
#include <pwd.h>
#include <stdio.h>
#include <string.h>
#include <stdarg.h>
#include "packet.h"
#include "buffer.h"
#include "log.h"
#include "servconf.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "auth-options.h"

14
crypto/dist/ssh/auth-rh-rsa.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-rh-rsa.c,v 1.1.1.10 2006/02/04 22:22:32 christos Exp $ */
/* $NetBSD: auth-rh-rsa.c,v 1.1.1.11 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-rh-rsa.c,v 1.42 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -13,19 +14,24 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rh-rsa.c,v 1.38 2005/07/17 07:17:54 djm Exp $");
#include <sys/types.h>
#include <pwd.h>
#include <stdarg.h>
#include "packet.h"
#include "uidswap.h"
#include "log.h"
#include "buffer.h"
#include "servconf.h"
#include "key.h"
#include "hostfile.h"
#include "pathnames.h"
#include "auth.h"
#include "canohost.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
/* import */

16
crypto/dist/ssh/auth-rhosts.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-rhosts.c,v 1.1.1.11 2006/02/04 22:22:32 christos Exp $ */
/* $NetBSD: auth-rhosts.c,v 1.1.1.12 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-rhosts.c,v 1.41 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -14,15 +15,24 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rhosts.c,v 1.33 2005/07/17 07:17:54 djm Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <netgroup.h>
#include <pwd.h>
#include <stdio.h>
#include <string.h>
#include <stdarg.h>
#include "packet.h"
#include "buffer.h"
#include "uidswap.h"
#include "pathnames.h"
#include "log.h"
#include "servconf.h"
#include "canohost.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
/* import */

22
crypto/dist/ssh/auth-rsa.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-rsa.c,v 1.1.1.14 2006/02/04 22:22:32 christos Exp $ */
/* $NetBSD: auth-rsa.c,v 1.1.1.15 2006/09/28 21:14:58 christos Exp $ */
/* $OpenBSD: auth-rsa.c,v 1.71 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -14,24 +15,33 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: auth-rsa.c,v 1.63 2005/06/17 02:44:32 djm Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <openssl/rsa.h>
#include <openssl/md5.h>
#include <pwd.h>
#include <stdio.h>
#include <string.h>
#include "xmalloc.h"
#include "rsa.h"
#include "packet.h"
#include "xmalloc.h"
#include "ssh1.h"
#include "uidswap.h"
#include "match.h"
#include "buffer.h"
#include "auth-options.h"
#include "pathnames.h"
#include "log.h"
#include "servconf.h"
#include "auth.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
#include "ssh.h"
#include "misc.h"
@ -138,7 +148,7 @@ auth_rsa_challenge_dialog(Key *key)
/* Wait for a response. */
packet_read_expect(SSH_CMSG_AUTH_RSA_RESPONSE);
for (i = 0; i < 16; i++)
response[i] = packet_get_char();
response[i] = (u_char)packet_get_char();
packet_check_eom();
success = PRIVSEP(auth_rsa_verify_response(key, challenge, response));

26
crypto/dist/ssh/auth-skey.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth-skey.c,v 1.1.1.7 2002/10/01 13:40:02 itojun Exp $ */
/* $NetBSD: auth-skey.c,v 1.1.1.8 2006/09/28 21:14:59 christos Exp $ */
/* $OpenBSD: auth-skey.c,v 1.26 2006/08/05 08:28:24 dtucker Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -22,14 +23,19 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth-skey.c,v 1.20 2002/06/30 21:59:45 deraadt Exp $");
#ifdef SKEY
#include <sys/types.h>
#include <pwd.h>
#include <stdio.h>
#include <skey.h>
#include "xmalloc.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "monitor_wrap.h"
@ -44,8 +50,7 @@ skey_query(void *ctx, char **name, char **infotxt,
u_int* numprompts, char ***prompts, u_int **echo_on)
{
Authctxt *authctxt = ctx;
char challenge[1024], *p;
int len;
char challenge[1024];
struct skey skey;
if (skeychallenge(&skey, authctxt->user, challenge) == -1)
@ -54,15 +59,10 @@ skey_query(void *ctx, char **name, char **infotxt,
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char *));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
(*echo_on)[0] = 0;
*prompts = xcalloc(*numprompts, sizeof(char *));
*echo_on = xcalloc(*numprompts, sizeof(u_int));
len = strlen(challenge) + strlen(SKEY_PROMPT) + 1;
p = xmalloc(len);
strlcpy(p, challenge, len);
strlcat(p, SKEY_PROMPT, len);
(*prompts)[0] = p;
xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
return 0;
}

44
crypto/dist/ssh/auth.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth.c,v 1.1.1.18 2006/02/04 22:22:33 christos Exp $ */
/* $NetBSD: auth.c,v 1.1.1.19 2006/09/28 21:14:59 christos Exp $ */
/* $OpenBSD: auth.c,v 1.75 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -23,28 +24,40 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth.c,v 1.60 2005/06/17 02:44:32 djm Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
#include <errno.h>
#include <libgen.h>
#include <paths.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
#include "xmalloc.h"
#include "match.h"
#include "groupaccess.h"
#include "log.h"
#include "buffer.h"
#include "servconf.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "auth-options.h"
#include "canohost.h"
#include "buffer.h"
#include "bufaux.h"
#include "uidswap.h"
#include "misc.h"
#include "bufaux.h"
#include "packet.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
/* import */
extern ServerOptions options;
extern int use_privsep;
/* Debugging messages */
Buffer auth_debug;
@ -163,6 +176,9 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info)
void (*authlog) (const char *fmt,...) = verbose;
char *authmsg;
if (use_privsep && !mm_is_monitor() && !authctxt->postponed)
return;
/* Raise logging level */
if (authenticated == 1 ||
!authctxt->valid ||
@ -194,7 +210,6 @@ auth_root_allowed(char *method)
switch (options.permit_root_login) {
case PERMIT_YES:
return 1;
break;
case PERMIT_NO_PASSWD:
if (strcmp(method, "password") != 0)
return 1;
@ -221,7 +236,8 @@ auth_root_allowed(char *method)
static char *
expand_authorized_keys(const char *filename, struct passwd *pw)
{
char *file, *ret;
char *file, ret[MAXPATHLEN];
int i;
file = percent_expand(filename, "h", pw->pw_dir,
"u", pw->pw_name, (char *)NULL);
@ -233,14 +249,11 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
if (*file == '/')
return (file);
ret = xmalloc(MAXPATHLEN);
if (strlcpy(ret, pw->pw_dir, MAXPATHLEN) >= MAXPATHLEN ||
strlcat(ret, "/", MAXPATHLEN) >= MAXPATHLEN ||
strlcat(ret, file, MAXPATHLEN) >= MAXPATHLEN)
i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file);
if (i < 0 || (size_t)i >= sizeof(ret))
fatal("expand_authorized_keys: path too long");
xfree(file);
return (ret);
return (xstrdup(ret));
}
char *
@ -377,6 +390,9 @@ getpwnamallow(const char *user)
#endif
struct passwd *pw;
parse_server_match_config(&options, user,
get_canonical_hostname(options.use_dns), get_remote_ipaddr());
pw = getpwnam(user);
if (pw == NULL) {
logit("Invalid user %.100s from %.100s",

11
crypto/dist/ssh/auth.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: auth.h,v 1.1.1.16 2006/02/04 22:22:33 christos Exp $ */
/* $OpenBSD: auth.h,v 1.51 2005/06/06 11:20:36 djm Exp $ */
/* $NetBSD: auth.h,v 1.1.1.17 2006/09/28 21:14:59 christos Exp $ */
/* $OpenBSD: auth.h,v 1.58 2006/08/18 09:15:20 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -29,8 +29,8 @@
#ifndef AUTH_H
#define AUTH_H
#include "key.h"
#include "hostfile.h"
#include <signal.h>
#include <openssl/rsa.h>
#ifdef HAVE_LOGIN_CAP
@ -48,7 +48,8 @@ typedef struct Authmethod Authmethod;
typedef struct KbdintDevice KbdintDevice;
struct Authctxt {
int success;
sig_atomic_t success;
int authenticated; /* authenticated and alarms cancelled */
int postponed; /* authentication needs another step */
int valid; /* user exists and is allowed to login */
int attempt;

23
crypto/dist/ssh/auth1.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth1.c,v 1.1.1.17 2006/02/04 22:22:33 christos Exp $ */
/* $NetBSD: auth1.c,v 1.1.1.18 2006/09/28 21:14:59 christos Exp $ */
/* $OpenBSD: auth1.c,v 1.70 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@ -10,8 +11,12 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: auth1.c,v 1.62 2005/07/16 01:35:24 djm Exp $");
#include <sys/types.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <pwd.h>
#include "xmalloc.h"
#include "rsa.h"
@ -21,10 +26,15 @@ RCSID("$OpenBSD: auth1.c,v 1.62 2005/07/16 01:35:24 djm Exp $");
#include "log.h"
#include "servconf.h"
#include "compat.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "channels.h"
#include "session.h"
#include "uidswap.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
/* import */
@ -74,7 +84,7 @@ static const struct AuthMethod1
{
int i;
for(i = 0; auth1_methods[i].name != NULL; i++)
for (i = 0; auth1_methods[i].name != NULL; i++)
if (auth1_methods[i].type == type)
return (&(auth1_methods[i]));
@ -93,6 +103,7 @@ get_authname(int type)
return (buf);
}
/*ARGSUSED*/
static int
auth1_process_password(Authctxt *authctxt, char *info, size_t infolen)
{
@ -117,6 +128,7 @@ auth1_process_password(Authctxt *authctxt, char *info, size_t infolen)
return (authenticated);
}
/*ARGSUSED*/
static int
auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen)
{
@ -134,6 +146,7 @@ auth1_process_rsa(Authctxt *authctxt, char *info, size_t infolen)
return (authenticated);
}
/*ARGSUSED*/
static int
auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen)
{
@ -174,6 +187,7 @@ auth1_process_rhosts_rsa(Authctxt *authctxt, char *info, size_t infolen)
return (authenticated);
}
/*ARGSUSED*/
static int
auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
{
@ -192,6 +206,7 @@ auth1_process_tis_challenge(Authctxt *authctxt, char *info, size_t infolen)
return (-1);
}
/*ARGSUSED*/
static int
auth1_process_tis_response(Authctxt *authctxt, char *info, size_t infolen)
{

19
crypto/dist/ssh/auth2-chall.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth2-chall.c,v 1.1.1.13 2006/02/04 22:22:33 christos Exp $ */
/* $NetBSD: auth2-chall.c,v 1.1.1.14 2006/09/28 21:15:00 christos Exp $ */
/* $OpenBSD: auth2-chall.c,v 1.31 2006/08/05 08:28:24 dtucker Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2001 Per Allansson. All rights reserved.
@ -23,14 +24,19 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-chall.c,v 1.24 2005/07/17 07:17:54 djm Exp $");
#include <sys/types.h>
#include <stdio.h>
#include <string.h>
#include "xmalloc.h"
#include "ssh2.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "buffer.h"
#include "packet.h"
#include "xmalloc.h"
#include "dispatch.h"
#include "log.h"
@ -262,7 +268,7 @@ input_userauth_info_response(int type, u_int32_t seq, void *ctxt)
if (nresp > 100)
fatal("input_userauth_info_response: too many replies");
if (nresp > 0) {
response = xmalloc(nresp * sizeof(char *));
response = xcalloc(nresp, sizeof(char *));
for (i = 0; i < nresp; i++)
response[i] = packet_get_string(NULL);
}
@ -316,9 +322,10 @@ privsep_challenge_enable(void)
{
#ifdef BSD_AUTH
extern KbdintDevice mm_bsdauth_device;
#endif
#else
#ifdef SKEY
extern KbdintDevice mm_skey_device;
#endif
#endif
/* As long as SSHv1 has devices[0] hard coded this is fine */
#ifdef BSD_AUTH

20
crypto/dist/ssh/auth2-gss.c vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: auth2-gss.c,v 1.1.1.2 2006/02/04 22:22:33 christos Exp $ */
/* $OpenBSD: auth2-gss.c,v 1.12 2005/10/13 22:24:31 stevesk Exp $ */
/* $NetBSD: auth2-gss.c,v 1.1.1.3 2006/09/28 21:15:00 christos Exp $ */
/* $OpenBSD: auth2-gss.c,v 1.15 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@ -25,20 +25,20 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
#ifdef GSSAPI
#include <sys/types.h>
#include "xmalloc.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "ssh2.h"
#include "xmalloc.h"
#include "log.h"
#include "dispatch.h"
#include "buffer.h"
#include "servconf.h"
#include "packet.h"
#include "monitor_wrap.h"
#include "ssh-gss.h"
#include "monitor_wrap.h"
extern ServerOptions options;
@ -101,6 +101,8 @@ userauth_gssapi(Authctxt *authctxt)
}
if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) {
if (ctxt != NULL)
ssh_gssapi_delete_ctx(&ctxt);
xfree(doid);
return (0);
}
@ -290,5 +292,3 @@ Authmethod method_gssapi = {
userauth_gssapi,
&options.gss_authentication
};
#endif /* GSSAPI */

20
crypto/dist/ssh/auth2-hostbased.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth2-hostbased.c,v 1.1.1.2 2005/02/13 00:52:52 christos Exp $ */
/* $NetBSD: auth2-hostbased.c,v 1.1.1.3 2006/09/28 21:15:00 christos Exp $ */
/* $OpenBSD: auth2-hostbased.c,v 1.11 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -23,20 +24,27 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-hostbased.c,v 1.6 2004/01/19 21:25:15 markus Exp $");
#include "ssh2.h"
#include <sys/types.h>
#include <pwd.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "ssh2.h"
#include "packet.h"
#include "buffer.h"
#include "log.h"
#include "servconf.h"
#include "compat.h"
#include "bufaux.h"
#include "auth.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "canohost.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
#include "pathnames.h"

11
crypto/dist/ssh/auth2-kbdint.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth2-kbdint.c,v 1.1.1.1 2002/06/24 05:26:12 itojun Exp $ */
/* $NetBSD: auth2-kbdint.c,v 1.1.1.2 2006/09/28 21:15:00 christos Exp $ */
/* $OpenBSD: auth2-kbdint.c,v 1.5 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -23,14 +24,16 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-kbdint.c,v 1.2 2002/05/31 11:35:15 markus Exp $");
#include <sys/types.h>
#include "xmalloc.h"
#include "packet.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "log.h"
#include "buffer.h"
#include "servconf.h"
#include "xmalloc.h"
/* import */
extern ServerOptions options;

19
crypto/dist/ssh/auth2-none.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth2-none.c,v 1.1.1.3 2005/02/13 00:52:52 christos Exp $ */
/* $NetBSD: auth2-none.c,v 1.1.1.4 2006/09/28 21:15:00 christos Exp $ */
/* $OpenBSD: auth2-none.c,v 1.13 2006/08/05 07:52:52 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -23,17 +24,27 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-none.c,v 1.7 2004/05/11 19:01:43 deraadt Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/uio.h>
#include <fcntl.h>
#include <unistd.h>
#include "auth.h"
#include "xmalloc.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "packet.h"
#include "log.h"
#include "buffer.h"
#include "servconf.h"
#include "atomicio.h"
#include "compat.h"
#include "ssh2.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
/* import */

15
crypto/dist/ssh/auth2-passwd.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth2-passwd.c,v 1.1.1.2 2005/02/13 00:52:52 christos Exp $ */
/* $NetBSD: auth2-passwd.c,v 1.1.1.3 2006/09/28 21:15:00 christos Exp $ */
/* $OpenBSD: auth2-passwd.c,v 1.9 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -23,13 +24,21 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-passwd.c,v 1.5 2003/12/31 00:24:50 dtucker Exp $");
#include <sys/types.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "packet.h"
#include "log.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "buffer.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
#include "servconf.h"

21
crypto/dist/ssh/auth2-pubkey.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth2-pubkey.c,v 1.1.1.3 2005/04/23 16:28:00 christos Exp $ */
/* $NetBSD: auth2-pubkey.c,v 1.1.1.4 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: auth2-pubkey.c,v 1.15 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -23,24 +24,32 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2-pubkey.c,v 1.9 2004/12/11 01:48:56 dtucker Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <pwd.h>
#include <stdio.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "ssh.h"
#include "ssh2.h"
#include "xmalloc.h"
#include "packet.h"
#include "buffer.h"
#include "log.h"
#include "servconf.h"
#include "compat.h"
#include "bufaux.h"
#include "auth.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "pathnames.h"
#include "uidswap.h"
#include "auth-options.h"
#include "canohost.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
#include "misc.h"

21
crypto/dist/ssh/auth2.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: auth2.c,v 1.1.1.20 2005/02/13 00:52:48 christos Exp $ */
/* $NetBSD: auth2.c,v 1.1.1.21 2006/09/28 21:14:57 christos Exp $ */
/* $OpenBSD: auth2.c,v 1.113 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -23,23 +24,29 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: auth2.c,v 1.107 2004/07/28 09:40:29 markus Exp $");
#include "ssh2.h"
#include <sys/types.h>
#include <pwd.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "ssh2.h"
#include "packet.h"
#include "log.h"
#include "buffer.h"
#include "servconf.h"
#include "compat.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "dispatch.h"
#include "pathnames.h"
#include "monitor_wrap.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
/* import */
extern ServerOptions options;
@ -95,6 +102,7 @@ do_authentication2(Authctxt *authctxt)
dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
}
/*ARGSUSED*/
static void
input_service_request(int type, u_int32_t seq, void *ctxt)
{
@ -128,6 +136,7 @@ input_service_request(int type, u_int32_t seq, void *ctxt)
xfree(service);
}
/*ARGSUSED*/
static void
input_userauth_request(int type, u_int32_t seq, void *ctxt)
{

31
crypto/dist/ssh/authfd.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: authfd.c,v 1.1.1.16 2006/02/04 22:22:35 christos Exp $ */
/* $NetBSD: authfd.c,v 1.1.1.17 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: authfd.c,v 1.80 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -35,17 +36,24 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: authfd.c,v 1.66 2005/06/17 02:44:32 djm Exp $");
#include <sys/types.h>
#include <sys/un.h>
#include <sys/socket.h>
#include <openssl/evp.h>
#include <openssl/crypto.h>
#include <fcntl.h>
#include <stdlib.h>
#include <signal.h>
#include <string.h>
#include <unistd.h>
#include "xmalloc.h"
#include "ssh.h"
#include "rsa.h"
#include "buffer.h"
#include "bufaux.h"
#include "xmalloc.h"
#include "getput.h"
#include "key.h"
#include "authfd.h"
#include "cipher.h"
@ -53,6 +61,7 @@ RCSID("$OpenBSD: authfd.c,v 1.66 2005/06/17 02:44:32 djm Exp $");
#include "compat.h"
#include "log.h"
#include "atomicio.h"
#include "misc.h"
static int agent_present = 0;
@ -104,7 +113,7 @@ ssh_get_authentication_socket(void)
close(sock);
return -1;
}
if (connect(sock, (struct sockaddr *) &sunaddr, sizeof sunaddr) < 0) {
if (connect(sock, (struct sockaddr *)&sunaddr, sizeof sunaddr) < 0) {
close(sock);
return -1;
}
@ -120,7 +129,7 @@ ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply
/* Get the length of the message, and format it in the buffer. */
len = buffer_len(request);
PUT_32BIT(buf, len);
put_u32(buf, len);
/* Send the length and then the packet to the agent. */
if (atomicio(vwrite, auth->fd, buf, 4) != 4 ||
@ -139,7 +148,7 @@ ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply
}
/* Extract the length, and check it for sanity. */
len = GET_32BIT(buf);
len = get_u32(buf);
if (len > 256 * 1024)
fatal("Authentication response too long: %u", len);
@ -336,7 +345,6 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio
break;
default:
return NULL;
break;
}
/* Decrement the number of remaining entries. */
auth->howmany--;
@ -395,7 +403,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth,
* fatal error if the packet is corrupt.
*/
for (i = 0; i < 16; i++)
response[i] = buffer_get_char(&buffer);
response[i] = (u_char)buffer_get_char(&buffer);
}
buffer_free(&buffer);
return success;
@ -518,7 +526,6 @@ ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
default:
buffer_free(&msg);
return 0;
break;
}
if (constrained) {
if (life != 0) {

6
crypto/dist/ssh/authfd.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: authfd.h,v 1.1.1.11 2005/02/13 00:52:53 christos Exp $ */
/* $OpenBSD: authfd.h,v 1.34 2003/11/21 11:57:03 djm Exp $ */
/* $NetBSD: authfd.h,v 1.1.1.12 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: authfd.h,v 1.36 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -17,8 +17,6 @@
#ifndef AUTHFD_H
#define AUTHFD_H
#include "buffer.h"
/* Messages for the authentication agent connection. */
#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2

34
crypto/dist/ssh/authfile.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: authfile.c,v 1.1.1.18 2006/02/04 22:22:36 christos Exp $ */
/* $NetBSD: authfile.c,v 1.1.1.19 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: authfile.c,v 1.76 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -36,17 +37,26 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: authfile.c,v 1.61 2005/06/17 02:44:32 djm Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
#include <sys/uio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include "cipher.h"
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "xmalloc.h"
#include "cipher.h"
#include "buffer.h"
#include "bufaux.h"
#include "key.h"
#include "ssh.h"
#include "log.h"
@ -185,7 +195,7 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase,
return 0;
}
fp = fdopen(fd, "w");
if (fp == NULL ) {
if (fp == NULL) {
error("fdopen %s failed: %s.", filename, strerror(errno));
close(fd);
return 0;
@ -212,12 +222,10 @@ key_save_private(Key *key, const char *filename, const char *passphrase,
case KEY_RSA1:
return key_save_private_rsa1(key, filename, passphrase,
comment);
break;
case KEY_DSA:
case KEY_RSA:
return key_save_private_pem(key, filename, passphrase,
comment);
break;
default:
break;
}
@ -508,7 +516,7 @@ key_load_private_pem(int fd, int type, const char *passphrase,
return prv;
}
static int
int
key_perm_ok(int fd, const char *filename)
{
struct stat st;
@ -535,7 +543,7 @@ key_perm_ok(int fd, const char *filename)
Key *
key_load_private_type(int type, const char *filename, const char *passphrase,
char **commentp)
char **commentp, int *perm_ok)
{
int fd;
@ -543,22 +551,24 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
if (fd < 0)
return NULL;
if (!key_perm_ok(fd, filename)) {
if (perm_ok != NULL)
*perm_ok = 0;
error("bad permissions: ignore key: %s", filename);
close(fd);
return NULL;
}
if (perm_ok != NULL)
*perm_ok = 1;
switch (type) {
case KEY_RSA1:
return key_load_private_rsa1(fd, filename, passphrase,
commentp);
/* closes fd */
break;
case KEY_DSA:
case KEY_RSA:
case KEY_UNSPEC:
return key_load_private_pem(fd, type, passphrase, commentp);
/* closes fd */
break;
default:
close(fd);
break;

7
crypto/dist/ssh/authfile.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: authfile.h,v 1.1.1.7 2002/06/24 05:25:43 itojun Exp $ */
/* $OpenBSD: authfile.h,v 1.10 2002/05/23 19:24:30 markus Exp $ */
/* $NetBSD: authfile.h,v 1.1.1.8 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: authfile.h,v 1.13 2006/04/25 08:02:27 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -20,7 +20,8 @@ int key_save_private(Key *, const char *, const char *, const char *);
Key *key_load_public(const char *, char **);
Key *key_load_public_type(int, const char *, char **);
Key *key_load_private(const char *, const char *, char **);
Key *key_load_private_type(int, const char *, const char *, char **);
Key *key_load_private_type(int, const char *, const char *, char **, int *);
Key *key_load_private_pem(int, int, const char *, char **);
int key_perm_ok(int, const char *);
#endif

189
crypto/dist/ssh/bufaux.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: bufaux.c,v 1.1.1.13 2006/02/04 22:22:36 christos Exp $ */
/* $NetBSD: bufaux.c,v 1.1.1.14 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: bufaux.c,v 1.44 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -37,177 +38,17 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: bufaux.c,v 1.37 2005/11/05 05:01:15 djm Exp $");
#include <sys/types.h>
#include <openssl/bn.h>
#include "bufaux.h"
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "getput.h"
#include "buffer.h"
#include "log.h"
/*
* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
* by (bits+7)/8 bytes of binary data, msb first.
*/
int
buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
{
int bits = BN_num_bits(value);
int bin_size = (bits + 7) / 8;
u_char *buf = xmalloc(bin_size);
int oi;
char msg[2];
/* Get the value of in binary */
oi = BN_bn2bin(value, buf);
if (oi != bin_size) {
error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
oi, bin_size);
xfree(buf);
return (-1);
}
/* Store the number of bits in the buffer in two bytes, msb first. */
PUT_16BIT(msg, bits);
buffer_append(buffer, msg, 2);
/* Store the binary data. */
buffer_append(buffer, (char *)buf, oi);
memset(buf, 0, bin_size);
xfree(buf);
return (0);
}
void
buffer_put_bignum(Buffer *buffer, const BIGNUM *value)
{
if (buffer_put_bignum_ret(buffer, value) == -1)
fatal("buffer_put_bignum: buffer error");
}
/*
* Retrieves an BIGNUM from the buffer.
*/
int
buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value)
{
u_int bits, bytes;
u_char buf[2], *bin;
/* Get the number for bits. */
if (buffer_get_ret(buffer, (char *) buf, 2) == -1) {
error("buffer_get_bignum_ret: invalid length");
return (-1);
}
bits = GET_16BIT(buf);
/* Compute the number of binary bytes that follow. */
bytes = (bits + 7) / 8;
if (bytes > 8 * 1024) {
error("buffer_get_bignum_ret: cannot handle BN of size %d", bytes);
return (-1);
}
if (buffer_len(buffer) < bytes) {
error("buffer_get_bignum_ret: input buffer too small");
return (-1);
}
bin = buffer_ptr(buffer);
BN_bin2bn(bin, bytes, value);
if (buffer_consume_ret(buffer, bytes) == -1) {
error("buffer_get_bignum_ret: buffer_consume failed");
return (-1);
}
return (0);
}
void
buffer_get_bignum(Buffer *buffer, BIGNUM *value)
{
if (buffer_get_bignum_ret(buffer, value) == -1)
fatal("buffer_get_bignum: buffer error");
}
/*
* Stores an BIGNUM in the buffer in SSH2 format.
*/
int
buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
{
u_int bytes;
u_char *buf;
int oi;
u_int hasnohigh = 0;
if (BN_is_zero(value)) {
buffer_put_int(buffer, 0);
return 0;
}
if (value->neg) {
error("buffer_put_bignum2_ret: negative numbers not supported");
return (-1);
}
bytes = BN_num_bytes(value) + 1; /* extra padding byte */
if (bytes < 2) {
error("buffer_put_bignum2_ret: BN too small");
return (-1);
}
buf = xmalloc(bytes);
buf[0] = 0x00;
/* Get the value of in binary */
oi = BN_bn2bin(value, buf+1);
if (oi < 0 || (u_int)oi != bytes - 1) {
error("buffer_put_bignum2_ret: BN_bn2bin() failed: "
"oi %d != bin_size %d", oi, bytes);
xfree(buf);
return (-1);
}
hasnohigh = (buf[1] & 0x80) ? 0 : 1;
buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
memset(buf, 0, bytes);
xfree(buf);
return (0);
}
void
buffer_put_bignum2(Buffer *buffer, const BIGNUM *value)
{
if (buffer_put_bignum2_ret(buffer, value) == -1)
fatal("buffer_put_bignum2: buffer error");
}
int
buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
{
u_int len;
u_char *bin;
if ((bin = buffer_get_string_ret(buffer, &len)) == NULL) {
error("buffer_get_bignum2_ret: invalid bignum");
return (-1);
}
if (len > 0 && (bin[0] & 0x80)) {
error("buffer_get_bignum2_ret: negative numbers not supported");
xfree(bin);
return (-1);
}
if (len > 8 * 1024) {
error("buffer_get_bignum2_ret: cannot handle BN of size %d", len);
xfree(bin);
return (-1);
}
BN_bin2bn(bin, len, value);
xfree(bin);
return (0);
}
void
buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
{
if (buffer_get_bignum2_ret(buffer, value) == -1)
fatal("buffer_get_bignum2: buffer error");
}
#include "misc.h"
/*
* Returns integers from the buffer (msb first).
@ -220,7 +61,7 @@ buffer_get_short_ret(u_short *ret, Buffer *buffer)
if (buffer_get_ret(buffer, (char *) buf, 2) == -1)
return (-1);
*ret = GET_16BIT(buf);
*ret = get_u16(buf);
return (0);
}
@ -242,7 +83,7 @@ buffer_get_int_ret(u_int *ret, Buffer *buffer)
if (buffer_get_ret(buffer, (char *) buf, 4) == -1)
return (-1);
*ret = GET_32BIT(buf);
*ret = get_u32(buf);
return (0);
}
@ -264,7 +105,7 @@ buffer_get_int64_ret(u_int64_t *ret, Buffer *buffer)
if (buffer_get_ret(buffer, (char *) buf, 8) == -1)
return (-1);
*ret = GET_64BIT(buf);
*ret = get_u64(buf);
return (0);
}
@ -287,7 +128,7 @@ buffer_put_short(Buffer *buffer, u_short value)
{
char buf[2];
PUT_16BIT(buf, value);
put_u16(buf, value);
buffer_append(buffer, buf, 2);
}
@ -296,7 +137,7 @@ buffer_put_int(Buffer *buffer, u_int value)
{
char buf[4];
PUT_32BIT(buf, value);
put_u32(buf, value);
buffer_append(buffer, buf, 4);
}
@ -305,7 +146,7 @@ buffer_put_int64(Buffer *buffer, u_int64_t value)
{
char buf[8];
PUT_64BIT(buf, value);
put_u64(buf, value);
buffer_append(buffer, buf, 8);
}

214
crypto/dist/ssh/bufbn.c vendored Normal file
View File

@ -0,0 +1,214 @@
/* $NetBSD: bufbn.c,v 1.1.1.1 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: bufbn.c,v 1.3 2006/08/03 03:34:41 deraadt Exp $*/
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
* Auxiliary functions for storing and retrieving various data types to/from
* Buffers.
*
* As far as I am concerned, the code I have written for this software
* can be used freely for any purpose. Any derived versions of this
* software must be clearly marked as such, and if the derived work is
* incompatible with the protocol description in the RFC file, it must be
* called by a name other than "ssh" or "Secure Shell".
*
*
* SSH2 packet format added by Markus Friedl
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/types.h>
#include <openssl/bn.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "buffer.h"
#include "log.h"
#include "misc.h"
/*
* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
* by (bits+7)/8 bytes of binary data, msb first.
*/
int
buffer_put_bignum_ret(Buffer *buffer, const BIGNUM *value)
{
int bits = BN_num_bits(value);
int bin_size = (bits + 7) / 8;
u_char *buf = xmalloc(bin_size);
int oi;
char msg[2];
/* Get the value of in binary */
oi = BN_bn2bin(value, buf);
if (oi != bin_size) {
error("buffer_put_bignum_ret: BN_bn2bin() failed: oi %d != bin_size %d",
oi, bin_size);
xfree(buf);
return (-1);
}
/* Store the number of bits in the buffer in two bytes, msb first. */
put_u16(msg, bits);
buffer_append(buffer, msg, 2);
/* Store the binary data. */
buffer_append(buffer, buf, oi);
memset(buf, 0, bin_size);
xfree(buf);
return (0);
}
void
buffer_put_bignum(Buffer *buffer, const BIGNUM *value)
{
if (buffer_put_bignum_ret(buffer, value) == -1)
fatal("buffer_put_bignum: buffer error");
}
/*
* Retrieves an BIGNUM from the buffer.
*/
int
buffer_get_bignum_ret(Buffer *buffer, BIGNUM *value)
{
u_int bits, bytes;
u_char buf[2], *bin;
/* Get the number for bits. */
if (buffer_get_ret(buffer, (char *) buf, 2) == -1) {
error("buffer_get_bignum_ret: invalid length");
return (-1);
}
bits = get_u16(buf);
/* Compute the number of binary bytes that follow. */
bytes = (bits + 7) / 8;
if (bytes > 8 * 1024) {
error("buffer_get_bignum_ret: cannot handle BN of size %d", bytes);
return (-1);
}
if (buffer_len(buffer) < bytes) {
error("buffer_get_bignum_ret: input buffer too small");
return (-1);
}
bin = buffer_ptr(buffer);
BN_bin2bn(bin, bytes, value);
if (buffer_consume_ret(buffer, bytes) == -1) {
error("buffer_get_bignum_ret: buffer_consume failed");
return (-1);
}
return (0);
}
void
buffer_get_bignum(Buffer *buffer, BIGNUM *value)
{
if (buffer_get_bignum_ret(buffer, value) == -1)
fatal("buffer_get_bignum: buffer error");
}
/*
* Stores an BIGNUM in the buffer in SSH2 format.
*/
int
buffer_put_bignum2_ret(Buffer *buffer, const BIGNUM *value)
{
u_int bytes;
u_char *buf;
int oi;
u_int hasnohigh = 0;
if (BN_is_zero(value)) {
buffer_put_int(buffer, 0);
return 0;
}
if (value->neg) {
error("buffer_put_bignum2_ret: negative numbers not supported");
return (-1);
}
bytes = BN_num_bytes(value) + 1; /* extra padding byte */
if (bytes < 2) {
error("buffer_put_bignum2_ret: BN too small");
return (-1);
}
buf = xmalloc(bytes);
buf[0] = 0x00;
/* Get the value of in binary */
oi = BN_bn2bin(value, buf+1);
if (oi < 0 || (u_int)oi != bytes - 1) {
error("buffer_put_bignum2_ret: BN_bn2bin() failed: "
"oi %d != bin_size %d", oi, bytes);
xfree(buf);
return (-1);
}
hasnohigh = (buf[1] & 0x80) ? 0 : 1;
buffer_put_string(buffer, buf+hasnohigh, bytes-hasnohigh);
memset(buf, 0, bytes);
xfree(buf);
return (0);
}
void
buffer_put_bignum2(Buffer *buffer, const BIGNUM *value)
{
if (buffer_put_bignum2_ret(buffer, value) == -1)
fatal("buffer_put_bignum2: buffer error");
}
int
buffer_get_bignum2_ret(Buffer *buffer, BIGNUM *value)
{
u_int len;
u_char *bin;
if ((bin = buffer_get_string_ret(buffer, &len)) == NULL) {
error("buffer_get_bignum2_ret: invalid bignum");
return (-1);
}
if (len > 0 && (bin[0] & 0x80)) {
error("buffer_get_bignum2_ret: negative numbers not supported");
xfree(bin);
return (-1);
}
if (len > 8 * 1024) {
error("buffer_get_bignum2_ret: cannot handle BN of size %d", len);
xfree(bin);
return (-1);
}
BN_bin2bn(bin, len, value);
xfree(bin);
return (0);
}
void
buffer_get_bignum2(Buffer *buffer, BIGNUM *value)
{
if (buffer_get_bignum2_ret(buffer, value) == -1)
fatal("buffer_get_bignum2: buffer error");
}

73
crypto/dist/ssh/buffer.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: buffer.c,v 1.1.1.10 2006/02/04 22:22:36 christos Exp $ */
/* $NetBSD: buffer.c,v 1.1.1.11 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: buffer.c,v 1.31 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -12,13 +13,20 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: buffer.c,v 1.23 2005/03/14 11:46:56 markus Exp $");
#include <sys/param.h>
#include <stdio.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "buffer.h"
#include "log.h"
#define BUFFER_MAX_CHUNK 0x100000
#define BUFFER_MAX_LEN 0xa00000
#define BUFFER_ALLOCSZ 0x008000
/* Initializes the buffer structure. */
void
@ -67,6 +75,23 @@ buffer_append(Buffer *buffer, const void *data, u_int len)
memcpy(p, data, len);
}
static int
buffer_compact(Buffer *buffer)
{
/*
* If the buffer is quite empty, but all data is at the end, move the
* data to the beginning.
*/
if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) {
memmove(buffer->buf, buffer->buf + buffer->offset,
buffer->end - buffer->offset);
buffer->end -= buffer->offset;
buffer->offset = 0;
return (1);
}
return (0);
}
/*
* Appends space to the buffer, expanding the buffer if necessary. This does
* not actually copy the data into the buffer, but instead returns a pointer
@ -94,29 +119,43 @@ restart:
buffer->end += len;
return p;
}
/*
* If the buffer is quite empty, but all data is at the end, move the
* data to the beginning and retry.
*/
if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) {
memmove(buffer->buf, buffer->buf + buffer->offset,
buffer->end - buffer->offset);
buffer->end -= buffer->offset;
buffer->offset = 0;
goto restart;
}
/* Increase the size of the buffer and retry. */
newlen = buffer->alloc + len + 32768;
/* Compact data back to the start of the buffer if necessary */
if (buffer_compact(buffer))
goto restart;
/* Increase the size of the buffer and retry. */
newlen = roundup(buffer->alloc + len, BUFFER_ALLOCSZ);
if (newlen > BUFFER_MAX_LEN)
fatal("buffer_append_space: alloc %u not supported",
newlen);
buffer->buf = xrealloc(buffer->buf, newlen);
buffer->buf = xrealloc(buffer->buf, 1, newlen);
buffer->alloc = newlen;
goto restart;
/* NOTREACHED */
}
/*
* Check whether an allocation of 'len' will fit in the buffer
* This must follow the same math as buffer_append_space
*/
int
buffer_check_alloc(Buffer *buffer, u_int len)
{
if (buffer->offset == buffer->end) {
buffer->offset = 0;
buffer->end = 0;
}
restart:
if (buffer->end + len < buffer->alloc)
return (1);
if (buffer_compact(buffer))
goto restart;
if (roundup(buffer->alloc + len, BUFFER_ALLOCSZ) <= BUFFER_MAX_LEN)
return (1);
return (0);
}
/* Returns the number of bytes of data in the buffer. */
u_int

45
crypto/dist/ssh/buffer.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: buffer.h,v 1.1.1.8 2006/02/04 22:22:36 christos Exp $ */
/* $OpenBSD: buffer.h,v 1.13 2005/03/14 11:46:56 markus Exp $ */
/* $NetBSD: buffer.h,v 1.1.1.9 2006/09/28 21:15:01 christos Exp $ */
/* $OpenBSD: buffer.h,v 1.16 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -24,9 +24,6 @@ typedef struct {
u_int end; /* Offset of last byte containing data. */
} Buffer;
#define BUFFER_MAX_CHUNK 0x100000
#define BUFFER_MAX_LEN 0xa00000
void buffer_init(Buffer *);
void buffer_clear(Buffer *);
void buffer_free(Buffer *);
@ -37,6 +34,8 @@ void *buffer_ptr(Buffer *);
void buffer_append(Buffer *, const void *, u_int);
void *buffer_append_space(Buffer *, u_int);
int buffer_check_alloc(Buffer *, u_int);
void buffer_get(Buffer *, void *, u_int);
void buffer_consume(Buffer *, u_int);
@ -48,4 +47,40 @@ int buffer_get_ret(Buffer *, void *, u_int);
int buffer_consume_ret(Buffer *, u_int);
int buffer_consume_end_ret(Buffer *, u_int);
#include <openssl/bn.h>
void buffer_put_bignum(Buffer *, const BIGNUM *);
void buffer_put_bignum2(Buffer *, const BIGNUM *);
void buffer_get_bignum(Buffer *, BIGNUM *);
void buffer_get_bignum2(Buffer *, BIGNUM *);
u_short buffer_get_short(Buffer *);
void buffer_put_short(Buffer *, u_short);
u_int buffer_get_int(Buffer *);
void buffer_put_int(Buffer *, u_int);
u_int64_t buffer_get_int64(Buffer *);
void buffer_put_int64(Buffer *, u_int64_t);
int buffer_get_char(Buffer *);
void buffer_put_char(Buffer *, int);
void *buffer_get_string(Buffer *, u_int *);
void buffer_put_string(Buffer *, const void *, u_int);
void buffer_put_cstring(Buffer *, const char *);
#define buffer_skip_string(b) \
do { u_int l = buffer_get_int(b); buffer_consume(b, l); } while (0)
int buffer_put_bignum_ret(Buffer *, const BIGNUM *);
int buffer_get_bignum_ret(Buffer *, BIGNUM *);
int buffer_put_bignum2_ret(Buffer *, const BIGNUM *);
int buffer_get_bignum2_ret(Buffer *, BIGNUM *);
int buffer_get_short_ret(u_short *, Buffer *);
int buffer_get_int_ret(u_int *, Buffer *);
int buffer_get_int64_ret(u_int64_t *, Buffer *);
void *buffer_get_string_ret(Buffer *, u_int *);
int buffer_get_char_ret(char *, Buffer *);
#endif /* BUFFER_H */

23
crypto/dist/ssh/canohost.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: canohost.c,v 1.1.1.15 2006/02/04 22:22:36 christos Exp $ */
/* $NetBSD: canohost.c,v 1.1.1.16 2006/09/28 21:15:02 christos Exp $ */
/* $OpenBSD: canohost.c,v 1.61 2006/08/03 03:34:41 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -12,11 +13,21 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: canohost.c,v 1.48 2005/12/28 22:46:06 stevesk Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <ctype.h>
#include <errno.h>
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include "packet.h"
#include "xmalloc.h"
#include "packet.h"
#include "log.h"
#include "canohost.h"
@ -83,7 +94,7 @@ get_remote_hostname(int sock, int use_dns)
*/
for (i = 0; name[i]; i++)
if (isupper(name[i]))
name[i] = tolower(name[i]);
name[i] = (char)tolower(name[i]);
/*
* Map it back to an IP address and check that the given
* address actually is an address of this host. This is
@ -98,7 +109,7 @@ get_remote_hostname(int sock, int use_dns)
hints.ai_socktype = SOCK_STREAM;
if (getaddrinfo(name, NULL, &hints, &aitop) != 0) {
logit("reverse mapping checking getaddrinfo for %.700s "
"failed - POSSIBLE BREAK-IN ATTEMPT!", name);
"[%s] failed - POSSIBLE BREAK-IN ATTEMPT!", name, ntop);
return xstrdup(ntop);
}
/* Look for the address from the list of addresses. */

4
crypto/dist/ssh/canohost.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: canohost.h,v 1.1.1.4 2001/09/27 02:00:39 itojun Exp $ */
/* $OpenBSD: canohost.h,v 1.8 2001/06/26 17:27:23 markus Exp $ */
/* $NetBSD: canohost.h,v 1.1.1.5 2006/09/28 21:15:02 christos Exp $ */
/* $OpenBSD: canohost.h,v 1.9 2006/03/25 22:22:42 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>

270
crypto/dist/ssh/channels.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: channels.c,v 1.1.1.22 2006/02/04 22:22:38 christos Exp $ */
/* $NetBSD: channels.c,v 1.1.1.23 2006/09/28 21:15:04 christos Exp $ */
/* $OpenBSD: channels.c,v 1.266 2006/08/29 10:40:18 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -39,23 +40,38 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: channels.c,v 1.232 2006/01/30 12:22:22 reyk Exp $");
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/un.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <errno.h>
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <termios.h>
#include <unistd.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
#include "ssh2.h"
#include "packet.h"
#include "xmalloc.h"
#include "log.h"
#include "misc.h"
#include "buffer.h"
#include "channels.h"
#include "compat.h"
#include "canohost.h"
#include "key.h"
#include "authfd.h"
#include "pathnames.h"
#include "bufaux.h"
/* -- channel core */
@ -92,11 +108,18 @@ typedef struct {
u_short listen_port; /* Remote side should listen port number. */
} ForwardPermission;
/* List of all permitted host/port pairs to connect. */
/* List of all permitted host/port pairs to connect by the user. */
static ForwardPermission permitted_opens[SSH_MAX_FORWARDS_PER_DIRECTION];
/* Number of permitted host/port pairs in the array. */
/* List of all permitted host/port pairs to connect by the admin. */
static ForwardPermission permitted_adm_opens[SSH_MAX_FORWARDS_PER_DIRECTION];
/* Number of permitted host/port pairs in the array permitted by the user. */
static int num_permitted_opens = 0;
/* Number of permitted host/port pair in the array permitted by the admin. */
static int num_adm_permitted_opens = 0;
/*
* If this is true, all opens are permitted. This is the case on the server
* on which we have to trust the client anyway, and the user could do
@ -124,7 +147,7 @@ static u_int x11_saved_data_len = 0;
* Fake X11 authentication data. This is what the server will be sending us;
* we should replace any occurrences of this by the real data.
*/
static char *x11_fake_data = NULL;
static u_char *x11_fake_data = NULL;
static u_int x11_fake_data_len;
@ -169,7 +192,7 @@ channel_lookup(int id)
if ((c = channel_by_id(id)) == NULL)
return (NULL);
switch(c->type) {
switch (c->type) {
case SSH_CHANNEL_X11_OPEN:
case SSH_CHANNEL_LARVAL:
case SSH_CHANNEL_CONNECTING:
@ -179,7 +202,6 @@ channel_lookup(int id)
case SSH_CHANNEL_INPUT_DRAINING:
case SSH_CHANNEL_OUTPUT_DRAINING:
return (c);
break;
}
logit("Non-public channel %d, type %d.", id, c->type);
return (NULL);
@ -189,7 +211,6 @@ channel_lookup(int id)
* Register filedescriptors for a channel, used when allocating a channel or
* when the channel consumer/producer is ready, e.g. shell exec'd
*/
static void
channel_register_fds(Channel *c, int rfd, int wfd, int efd,
int extusage, int nonblock)
@ -235,7 +256,6 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd,
* Allocate a new channel object and set its type and socket. This will cause
* remote_name to be freed.
*/
Channel *
channel_new(char *ctype, int type, int rfd, int wfd, int efd,
u_int window, u_int maxpack, int extusage, char *remote_name, int nonblock)
@ -247,7 +267,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
/* Do initial allocation if this is the first call. */
if (channels_alloc == 0) {
channels_alloc = 10;
channels = xmalloc(channels_alloc * sizeof(Channel *));
channels = xcalloc(channels_alloc, sizeof(Channel *));
for (i = 0; i < channels_alloc; i++)
channels[i] = NULL;
}
@ -264,16 +284,15 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
if (channels_alloc > 10000)
fatal("channel_new: internal error: channels_alloc %d "
"too big.", channels_alloc);
channels = xrealloc(channels,
(channels_alloc + 10) * sizeof(Channel *));
channels = xrealloc(channels, channels_alloc + 10,
sizeof(Channel *));
channels_alloc += 10;
debug2("channel: expanding %d", channels_alloc);
for (i = found; i < channels_alloc; i++)
channels[i] = NULL;
}
/* Initialize and return new channel. */
c = channels[found] = xmalloc(sizeof(Channel));
memset(c, 0, sizeof(Channel));
c = channels[found] = xcalloc(1, sizeof(Channel));
buffer_init(&c->input);
buffer_init(&c->output);
buffer_init(&c->extended);
@ -337,7 +356,6 @@ channel_close_fd(int *fdp)
}
/* Close all channel fd/socket. */
static void
channel_close_fds(Channel *c)
{
@ -352,7 +370,6 @@ channel_close_fds(Channel *c)
}
/* Free the channel and close its fd/socket. */
void
channel_free(Channel *c)
{
@ -399,7 +416,6 @@ channel_free_all(void)
* Closes the sockets/fds of all channels. This is used to close extra file
* descriptors after a fork.
*/
void
channel_close_all(void)
{
@ -413,7 +429,6 @@ channel_close_all(void)
/*
* Stop listening to channels.
*/
void
channel_stop_listening(void)
{
@ -440,7 +455,6 @@ channel_stop_listening(void)
* Returns true if no channel has too much buffered data, and false if one or
* more channel is overfull.
*/
int
channel_not_very_much_buffered_data(void)
{
@ -470,7 +484,6 @@ channel_not_very_much_buffered_data(void)
}
/* Returns true if any channel is still open. */
int
channel_still_open(void)
{
@ -513,7 +526,6 @@ channel_still_open(void)
}
/* Returns the id of an open channel suitable for keepaliving */
int
channel_find_open(void)
{
@ -558,7 +570,6 @@ channel_find_open(void)
* suitable for sending to the client. The message contains crlf pairs for
* newlines.
*/
char *
channel_open_message(void)
{
@ -643,6 +654,7 @@ channel_request_start(int id, char *service, int wantconfirm)
packet_put_cstring(service);
packet_put_char(wantconfirm);
}
void
channel_register_confirm(int id, channel_callback_fn *fn, void *ctx)
{
@ -655,6 +667,7 @@ channel_register_confirm(int id, channel_callback_fn *fn, void *ctx)
c->confirm = fn;
c->confirm_ctx = ctx;
}
void
channel_register_cleanup(int id, channel_callback_fn *fn, int do_close)
{
@ -667,6 +680,7 @@ channel_register_cleanup(int id, channel_callback_fn *fn, int do_close)
c->detach_user = fn;
c->detach_close = do_close;
}
void
channel_cancel_cleanup(int id)
{
@ -679,6 +693,7 @@ channel_cancel_cleanup(int id)
c->detach_user = NULL;
c->detach_close = 0;
}
void
channel_register_filter(int id, channel_infilter_fn *ifn,
channel_outfilter_fn *ofn)
@ -718,25 +733,27 @@ channel_set_fds(int id, int rfd, int wfd, int efd,
* 'channel_post*': perform any appropriate operations for channels which
* have events pending.
*/
typedef void chan_fn(Channel *c, fd_set * readset, fd_set * writeset);
typedef void chan_fn(Channel *c, fd_set *readset, fd_set *writeset);
chan_fn *channel_pre[SSH_CHANNEL_MAX_TYPE];
chan_fn *channel_post[SSH_CHANNEL_MAX_TYPE];
/* ARGSUSED */
static void
channel_pre_listener(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_listener(Channel *c, fd_set *readset, fd_set *writeset)
{
FD_SET(c->sock, readset);
}
/* ARGSUSED */
static void
channel_pre_connecting(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_connecting(Channel *c, fd_set *readset, fd_set *writeset)
{
debug3("channel %d: waiting for connection", c->self);
FD_SET(c->sock, writeset);
}
static void
channel_pre_open_13(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_open_13(Channel *c, fd_set *readset, fd_set *writeset)
{
if (buffer_len(&c->input) < packet_get_maxsize())
FD_SET(c->sock, readset);
@ -745,16 +762,14 @@ channel_pre_open_13(Channel *c, fd_set * readset, fd_set * writeset)
}
static void
channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset)
{
u_int limit = compat20 ? c->remote_window : packet_get_maxsize();
/* check buffer limits */
limit = MIN(limit, (BUFFER_MAX_LEN - BUFFER_MAX_CHUNK - CHAN_RBUF));
if (c->istate == CHAN_INPUT_OPEN &&
limit > 0 &&
buffer_len(&c->input) < limit)
buffer_len(&c->input) < limit &&
buffer_check_alloc(&c->input, CHAN_RBUF))
FD_SET(c->rfd, readset);
if (c->ostate == CHAN_OUTPUT_OPEN ||
c->ostate == CHAN_OUTPUT_WAIT_DRAIN) {
@ -784,8 +799,9 @@ channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset)
FD_SET(c->ctl_fd, readset);
}
/* ARGSUSED */
static void
channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_input_draining(Channel *c, fd_set *readset, fd_set *writeset)
{
if (buffer_len(&c->input) == 0) {
packet_start(SSH_MSG_CHANNEL_CLOSE);
@ -796,8 +812,9 @@ channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset)
}
}
/* ARGSUSED */
static void
channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_output_draining(Channel *c, fd_set *readset, fd_set *writeset)
{
if (buffer_len(&c->output) == 0)
chan_mark_dead(c);
@ -873,7 +890,7 @@ x11_open_helper(Buffer *b)
}
static void
channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_x11_open_13(Channel *c, fd_set *readset, fd_set *writeset)
{
int ret = x11_open_helper(&c->output);
@ -899,7 +916,7 @@ channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset)
}
static void
channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_x11_open(Channel *c, fd_set *readset, fd_set *writeset)
{
int ret = x11_open_helper(&c->output);
@ -925,8 +942,9 @@ channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset)
}
/* try to decode a socks4 header */
/* ARGSUSED */
static int
channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
channel_decode_socks4(Channel *c, fd_set *readset, fd_set *writeset)
{
char *p, *host;
u_int len, have, i, found;
@ -990,7 +1008,7 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
s4_rsp.command = 90; /* cd: req granted */
s4_rsp.dest_port = 0; /* ignored */
s4_rsp.dest_addr.s_addr = INADDR_ANY; /* ignored */
buffer_append(&c->output, (char *)&s4_rsp, sizeof(s4_rsp));
buffer_append(&c->output, &s4_rsp, sizeof(s4_rsp));
return 1;
}
@ -1003,8 +1021,9 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset)
#define SSH_SOCKS5_CONNECT 0x01
#define SSH_SOCKS5_SUCCESS 0x00
/* ARGSUSED */
static int
channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
{
struct {
u_int8_t version;
@ -1014,7 +1033,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
} s5_req, s5_rsp;
u_int16_t dest_port;
u_char *p, dest_addr[255+1];
u_int have, i, found, nmethods, addrlen, af;
u_int have, need, i, found, nmethods, addrlen, af;
debug2("channel %d: decode socks5", c->self);
p = buffer_ptr(&c->input);
@ -1030,7 +1049,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
return 0;
/* look for method: "NO AUTHENTICATION REQUIRED" */
for (found = 0, i = 2 ; i < nmethods + 2; i++) {
if (p[i] == SSH_SOCKS5_NOAUTH ) {
if (p[i] == SSH_SOCKS5_NOAUTH) {
found = 1;
break;
}
@ -1051,7 +1070,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
debug2("channel %d: socks5 post auth", c->self);
if (have < sizeof(s5_req)+1)
return 0; /* need more */
memcpy((char *)&s5_req, p, sizeof(s5_req));
memcpy(&s5_req, p, sizeof(s5_req));
if (s5_req.version != 0x05 ||
s5_req.command != SSH_SOCKS5_CONNECT ||
s5_req.reserved != 0x00) {
@ -1075,7 +1094,10 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
debug2("channel %d: bad socks5 atyp %d", c->self, s5_req.atyp);
return -1;
}
if (have < 4 + addrlen + 2)
need = sizeof(s5_req) + addrlen + 2;
if (s5_req.atyp == SSH_SOCKS5_DOMAIN)
need++;
if (have < need)
return 0;
buffer_consume(&c->input, sizeof(s5_req));
if (s5_req.atyp == SSH_SOCKS5_DOMAIN)
@ -1099,15 +1121,15 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset)
((struct in_addr *)&dest_addr)->s_addr = INADDR_ANY;
dest_port = 0; /* ignored */
buffer_append(&c->output, (char *)&s5_rsp, sizeof(s5_rsp));
buffer_append(&c->output, (char *)&dest_addr, sizeof(struct in_addr));
buffer_append(&c->output, (char *)&dest_port, sizeof(dest_port));
buffer_append(&c->output, &s5_rsp, sizeof(s5_rsp));
buffer_append(&c->output, &dest_addr, sizeof(struct in_addr));
buffer_append(&c->output, &dest_port, sizeof(dest_port));
return 1;
}
/* dynamic port forwarding */
static void
channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset)
channel_pre_dynamic(Channel *c, fd_set *readset, fd_set *writeset)
{
u_char *p;
u_int have;
@ -1150,8 +1172,9 @@ channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset)
}
/* This is our fake X11 server socket. */
/* ARGSUSED */
static void
channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
channel_post_x11_listener(Channel *c, fd_set *readset, fd_set *writeset)
{
Channel *nc;
struct sockaddr addr;
@ -1275,8 +1298,9 @@ channel_set_reuseaddr(int fd)
/*
* This socket is listening for connections to a forwarded TCP/IP port.
*/
/* ARGSUSED */
static void
channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
channel_post_port_listener(Channel *c, fd_set *readset, fd_set *writeset)
{
Channel *nc;
struct sockaddr addr;
@ -1332,8 +1356,9 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
* This is the authentication agent socket listening for connections from
* clients.
*/
/* ARGSUSED */
static void
channel_post_auth_listener(Channel *c, fd_set * readset, fd_set * writeset)
channel_post_auth_listener(Channel *c, fd_set *readset, fd_set *writeset)
{
Channel *nc;
int newsock;
@ -1365,8 +1390,9 @@ channel_post_auth_listener(Channel *c, fd_set * readset, fd_set * writeset)
}
}
/* ARGSUSED */
static void
channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset)
channel_post_connecting(Channel *c, fd_set *readset, fd_set *writeset)
{
int err = 0;
socklen_t sz = sizeof(err);
@ -1411,8 +1437,9 @@ channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset)
}
}
/* ARGSUSED */
static int
channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset)
channel_handle_rfd(Channel *c, fd_set *readset, fd_set *writeset)
{
char buf[CHAN_RBUF];
int len;
@ -1451,8 +1478,10 @@ channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset)
}
return 1;
}
/* ARGSUSED */
static int
channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset)
{
struct termios tio;
u_char *data = NULL, *buf;
@ -1533,8 +1562,9 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset)
}
return 1;
}
static int
channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset)
channel_handle_efd(Channel *c, fd_set *readset, fd_set *writeset)
{
char buf[CHAN_RBUF];
int len;
@ -1576,8 +1606,10 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset)
}
return 1;
}
/* ARGSUSED */
static int
channel_handle_ctl(Channel *c, fd_set * readset, fd_set * writeset)
channel_handle_ctl(Channel *c, fd_set *readset, fd_set *writeset)
{
char buf[16];
int len;
@ -1603,6 +1635,7 @@ channel_handle_ctl(Channel *c, fd_set * readset, fd_set * writeset)
}
return 1;
}
static int
channel_check_window(Channel *c)
{
@ -1624,7 +1657,7 @@ channel_check_window(Channel *c)
}
static void
channel_post_open(Channel *c, fd_set * readset, fd_set * writeset)
channel_post_open(Channel *c, fd_set *readset, fd_set *writeset)
{
if (c->delayed)
return;
@ -1637,8 +1670,9 @@ channel_post_open(Channel *c, fd_set * readset, fd_set * writeset)
channel_check_window(c);
}
/* ARGSUSED */
static void
channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset)
channel_post_output_drain_13(Channel *c, fd_set *readset, fd_set *writeset)
{
int len;
@ -1755,7 +1789,7 @@ channel_garbage_collect(Channel *c)
}
static void
channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
channel_handler(chan_fn *ftab[], fd_set *readset, fd_set *writeset)
{
static int did_init = 0;
u_int i;
@ -1783,15 +1817,20 @@ void
channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
u_int *nallocp, int rekeying)
{
u_int n, sz;
u_int n, sz, nfdset;
n = MAX(*maxfdp, channel_max_fd);
sz = howmany(n+1, NFDBITS) * sizeof(fd_mask);
nfdset = howmany(n+1, NFDBITS);
/* Explicitly test here, because xrealloc isn't always called */
if (nfdset && SIZE_T_MAX / nfdset < sizeof(fd_mask))
fatal("channel_prepare_select: max_fd (%d) is too large", n);
sz = nfdset * sizeof(fd_mask);
/* perhaps check sz < nalloc/2 and shrink? */
if (*readsetp == NULL || sz > *nallocp) {
*readsetp = xrealloc(*readsetp, sz);
*writesetp = xrealloc(*writesetp, sz);
*readsetp = xrealloc(*readsetp, nfdset, sizeof(fd_mask));
*writesetp = xrealloc(*writesetp, nfdset, sizeof(fd_mask));
*nallocp = sz;
}
*maxfdp = n;
@ -1807,14 +1846,13 @@ channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
* events pending.
*/
void
channel_after_select(fd_set * readset, fd_set * writeset)
channel_after_select(fd_set *readset, fd_set *writeset)
{
channel_handler(channel_post, readset, writeset);
}
/* If there is data to send to the connection, enqueue some of it now. */
void
channel_output_poll(void)
{
@ -1935,6 +1973,7 @@ channel_output_poll(void)
/* -- protocol input */
/* ARGSUSED */
void
channel_input_data(int type, u_int32_t seq, void *ctxt)
{
@ -1994,6 +2033,7 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
xfree(data);
}
/* ARGSUSED */
void
channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
{
@ -2040,6 +2080,7 @@ channel_input_extended_data(int type, u_int32_t seq, void *ctxt)
xfree(data);
}
/* ARGSUSED */
void
channel_input_ieof(int type, u_int32_t seq, void *ctxt)
{
@ -2063,6 +2104,7 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt)
}
/* ARGSUSED */
void
channel_input_close(int type, u_int32_t seq, void *ctxt)
{
@ -2101,6 +2143,7 @@ channel_input_close(int type, u_int32_t seq, void *ctxt)
}
/* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
/* ARGSUSED */
void
channel_input_oclose(int type, u_int32_t seq, void *ctxt)
{
@ -2113,6 +2156,7 @@ channel_input_oclose(int type, u_int32_t seq, void *ctxt)
chan_rcvd_oclose(c);
}
/* ARGSUSED */
void
channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt)
{
@ -2129,6 +2173,7 @@ channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt)
channel_free(c);
}
/* ARGSUSED */
void
channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt)
{
@ -2176,6 +2221,7 @@ reason2txt(int reason)
return "unknown reason";
}
/* ARGSUSED */
void
channel_input_open_failure(int type, u_int32_t seq, void *ctxt)
{
@ -2207,6 +2253,7 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt)
channel_free(c);
}
/* ARGSUSED */
void
channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
{
@ -2231,6 +2278,7 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt)
c->remote_window += adjust;
}
/* ARGSUSED */
void
channel_input_port_open(int type, u_int32_t seq, void *ctxt)
{
@ -2445,7 +2493,7 @@ channel_setup_remote_fwd_listener(const char *listen_address,
* the secure channel to host:port from local side.
*/
void
int
channel_request_remote_forwarding(const char *listen_host, u_short listen_port,
const char *host_to_connect, u_short port_to_connect)
{
@ -2489,7 +2537,6 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port,
success = 1;
break;
case SSH_SMSG_FAILURE:
logit("Warning: Server denied remote port forwarding.");
break;
default:
/* Unknown packet */
@ -2503,6 +2550,7 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port,
permitted_opens[num_permitted_opens].listen_port = listen_port;
num_permitted_opens++;
}
return (success ? 0 : -1);
}
/*
@ -2542,13 +2590,13 @@ channel_request_rforward_cancel(const char *host, u_short port)
/*
* This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
* listening for the port, and sends back a success reply (or disconnect
* message if there was an error). This never returns if there was an error.
* message if there was an error).
*/
void
int
channel_input_port_forward_request(int is_root, int gateway_ports)
{
u_short port, host_port;
int success = 0;
char *hostname;
/* Get arguments from the packet. */
@ -2568,11 +2616,13 @@ channel_input_port_forward_request(int is_root, int gateway_ports)
packet_disconnect("Dynamic forwarding denied.");
/* Initiate forwarding */
channel_setup_local_fwd_listener(NULL, port, hostname,
success = channel_setup_local_fwd_listener(NULL, port, hostname,
host_port, gateway_ports);
/* Free the argument string. */
xfree(hostname);
return (success ? 0 : -1);
}
/*
@ -2591,7 +2641,7 @@ void
channel_add_permitted_opens(char *host, int port)
{
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
fatal("channel_request_remote_forwarding: too many forwards");
fatal("channel_add_permitted_opens: too many forwards");
debug("allow port forwarding to host %s port %d", host, port);
permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host);
@ -2601,6 +2651,19 @@ channel_add_permitted_opens(char *host, int port)
all_opens_permitted = 0;
}
int
channel_add_adm_permitted_opens(char *host, int port)
{
if (num_adm_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
fatal("channel_add_adm_permitted_opens: too many forwards");
debug("config allows port forwarding to host %s port %d", host, port);
permitted_adm_opens[num_adm_permitted_opens].host_to_connect
= xstrdup(host);
permitted_adm_opens[num_adm_permitted_opens].port_to_connect = port;
return ++num_adm_permitted_opens;
}
void
channel_clear_permitted_opens(void)
{
@ -2610,9 +2673,18 @@ channel_clear_permitted_opens(void)
if (permitted_opens[i].host_to_connect != NULL)
xfree(permitted_opens[i].host_to_connect);
num_permitted_opens = 0;
}
void
channel_clear_adm_permitted_opens(void)
{
int i;
for (i = 0; i < num_adm_permitted_opens; i++)
if (permitted_adm_opens[i].host_to_connect != NULL)
xfree(permitted_adm_opens[i].host_to_connect);
num_adm_permitted_opens = 0;
}
/* return socket to remote host, port */
static int
@ -2690,7 +2762,7 @@ channel_connect_by_listen_address(u_short listen_port)
int
channel_connect_to(const char *host, u_short port)
{
int i, permit;
int i, permit, permit_adm = 1;
permit = all_opens_permitted;
if (!permit) {
@ -2699,9 +2771,19 @@ channel_connect_to(const char *host, u_short port)
permitted_opens[i].port_to_connect == port &&
strcmp(permitted_opens[i].host_to_connect, host) == 0)
permit = 1;
}
if (!permit) {
if (num_adm_permitted_opens > 0) {
permit_adm = 0;
for (i = 0; i < num_adm_permitted_opens; i++)
if (permitted_adm_opens[i].host_to_connect != NULL &&
permitted_adm_opens[i].port_to_connect == port &&
strcmp(permitted_adm_opens[i].host_to_connect, host)
== 0)
permit_adm = 1;
}
if (!permit || !permit_adm) {
logit("Received request to connect to host %.100s port %d, "
"but the request was denied.", host, port);
return -1;
@ -2722,10 +2804,10 @@ channel_send_window_changes(void)
if (ioctl(channels[i]->rfd, TIOCGWINSZ, &ws) < 0)
continue;
channel_request_start(i, "window-change", 0);
packet_put_int(ws.ws_col);
packet_put_int(ws.ws_row);
packet_put_int(ws.ws_xpixel);
packet_put_int(ws.ws_ypixel);
packet_put_int((u_int)ws.ws_col);
packet_put_int((u_int)ws.ws_row);
packet_put_int((u_int)ws.ws_xpixel);
packet_put_int((u_int)ws.ws_ypixel);
packet_send();
}
}
@ -2811,7 +2893,7 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
}
/* Allocate a channel for each socket. */
*chanids = xmalloc(sizeof(**chanids) * (num_socks + 1));
*chanids = xcalloc(num_socks + 1, sizeof(**chanids));
for (n = 0; n < num_socks; n++) {
sock = socks[n];
nc = channel_new("x11 listener",
@ -2840,7 +2922,7 @@ connect_local_xsocket(u_int dnr)
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
snprintf(addr.sun_path, sizeof addr.sun_path, _PATH_UNIX_X, dnr);
if (connect(sock, (struct sockaddr *) & addr, sizeof(addr)) == 0)
if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) == 0)
return sock;
close(sock);
error("connect %.100s: %.100s", addr.sun_path, strerror(errno));
@ -2850,12 +2932,12 @@ connect_local_xsocket(u_int dnr)
int
x11_connect_display(void)
{
int display_number, sock = 0;
u_int display_number;
const char *display;
char buf[1024], *cp;
struct addrinfo hints, *ai, *aitop;
char strport[NI_MAXSERV];
int gaierr;
int gaierr, sock = 0;
/* Try to open a socket for the local X server. */
display = getenv("DISPLAY");
@ -2875,7 +2957,7 @@ x11_connect_display(void)
if (strncmp(display, "unix:", 5) == 0 ||
display[0] == ':') {
/* Connect to the unix domain socket. */
if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) {
if (sscanf(strrchr(display, ':') + 1, "%u", &display_number) != 1) {
error("Could not parse display number from DISPLAY: %.100s",
display);
return -1;
@ -2900,7 +2982,7 @@ x11_connect_display(void)
}
*cp = 0;
/* buf now contains the host name. But first we parse the display number. */
if (sscanf(cp + 1, "%d", &display_number) != 1) {
if (sscanf(cp + 1, "%u", &display_number) != 1) {
error("Could not parse display number from DISPLAY: %.100s",
display);
return -1;
@ -2910,7 +2992,7 @@ x11_connect_display(void)
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
snprintf(strport, sizeof strport, "%d", 6000 + display_number);
snprintf(strport, sizeof strport, "%u", 6000 + display_number);
if ((gaierr = getaddrinfo(buf, strport, &hints, &aitop)) != 0) {
error("%.100s: unknown host. (%s)", buf, gai_strerror(gaierr));
return -1;
@ -2924,7 +3006,7 @@ x11_connect_display(void)
}
/* Connect it to the display. */
if (connect(sock, ai->ai_addr, ai->ai_addrlen) < 0) {
debug2("connect %.100s port %d: %.100s", buf,
debug2("connect %.100s port %u: %.100s", buf,
6000 + display_number, strerror(errno));
close(sock);
continue;
@ -2934,7 +3016,7 @@ x11_connect_display(void)
}
freeaddrinfo(aitop);
if (!ai) {
error("connect %.100s port %d: %.100s", buf, 6000 + display_number,
error("connect %.100s port %u: %.100s", buf, 6000 + display_number,
strerror(errno));
return -1;
}
@ -2948,6 +3030,7 @@ x11_connect_display(void)
* with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
*/
/* ARGSUSED */
void
x11_input_open(int type, u_int32_t seq, void *ctxt)
{
@ -2991,6 +3074,7 @@ x11_input_open(int type, u_int32_t seq, void *ctxt)
}
/* dummy protocol handler that denies SSH-1 requests (agent/x11) */
/* ARGSUSED */
void
deny_input_open(int type, u_int32_t seq, void *ctxt)
{
@ -3037,13 +3121,11 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
return;
}
cp = disp;
if (disp)
cp = strchr(disp, ':');
cp = strchr(disp, ':');
if (cp)
cp = strchr(cp, '.');
if (cp)
screen_number = atoi(cp + 1);
screen_number = (u_int)strtonum(cp + 1, 0, 400, NULL);
else
screen_number = 0;

12
crypto/dist/ssh/channels.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: channels.h,v 1.1.1.19 2006/02/04 22:22:38 christos Exp $ */
/* $OpenBSD: channels.h,v 1.83 2005/12/30 15:56:37 reyk Exp $ */
/* $NetBSD: channels.h,v 1.1.1.20 2006/09/28 21:15:05 christos Exp $ */
/* $OpenBSD: channels.h,v 1.88 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -39,8 +39,6 @@
#ifndef CHANNEL_H
#define CHANNEL_H
#include "buffer.h"
/* Definitions for channel types. */
#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */
#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */
@ -207,11 +205,13 @@ int channel_find_open(void);
void channel_set_af(int af);
void channel_permit_all_opens(void);
void channel_add_permitted_opens(char *, int);
int channel_add_adm_permitted_opens(char *, int);
void channel_clear_permitted_opens(void);
void channel_input_port_forward_request(int, int);
void channel_clear_adm_permitted_opens(void);
int channel_input_port_forward_request(int, int);
int channel_connect_to(const char *, u_short);
int channel_connect_by_listen_address(u_short);
void channel_request_remote_forwarding(const char *, u_short,
int channel_request_remote_forwarding(const char *, u_short,
const char *, u_short);
int channel_setup_local_fwd_listener(const char *, u_short,
const char *, u_short, int);

9
crypto/dist/ssh/cipher-3des1.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: cipher-3des1.c,v 1.1.1.1 2005/02/13 00:52:56 christos Exp $ */
/* $NetBSD: cipher-3des1.c,v 1.1.1.2 2006/09/28 21:15:05 christos Exp $ */
/* $OpenBSD: cipher-3des1.c,v 1.6 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2003 Markus Friedl. All rights reserved.
*
@ -23,10 +24,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: cipher-3des1.c,v 1.2 2003/12/22 20:29:55 markus Exp $");
#include <sys/types.h>
#include <openssl/evp.h>
#include <string.h>
#include "xmalloc.h"
#include "log.h"

9
crypto/dist/ssh/cipher-bf1.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: cipher-bf1.c,v 1.1.1.1 2005/02/13 00:52:56 christos Exp $ */
/* $NetBSD: cipher-bf1.c,v 1.1.1.2 2006/09/28 21:15:05 christos Exp $ */
/* $OpenBSD: cipher-bf1.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2003 Markus Friedl. All rights reserved.
*
@ -23,10 +24,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: cipher-bf1.c,v 1.1 2003/05/15 03:08:29 markus Exp $");
#include <sys/types.h>
#include <openssl/evp.h>
#include <string.h>
#include "xmalloc.h"
#include "log.h"
/*

11
crypto/dist/ssh/cipher-ctr.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: cipher-ctr.c,v 1.1.1.3 2006/02/04 22:22:38 christos Exp $ */
/* $NetBSD: cipher-ctr.c,v 1.1.1.4 2006/09/28 21:15:05 christos Exp $ */
/* $OpenBSD: cipher-ctr.c,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2003 Markus Friedl <markus@openbsd.org>
*
@ -14,14 +15,16 @@
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include "includes.h"
RCSID("$OpenBSD: cipher-ctr.c,v 1.6 2005/07/17 07:17:55 djm Exp $");
#include <sys/types.h>
#include <string.h>
#include <openssl/evp.h>
#include <openssl/aes.h>
#include "log.h"
#include "xmalloc.h"
#include "log.h"
const EVP_CIPHER *evp_aes_128_ctr(void);
void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, int, u_char *, u_int);

13
crypto/dist/ssh/cipher.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: cipher.c,v 1.1.1.14 2006/02/04 22:22:39 christos Exp $ */
/* $NetBSD: cipher.c,v 1.1.1.15 2006/09/28 21:15:05 christos Exp $ */
/* $OpenBSD: cipher.c,v 1.81 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -35,15 +36,17 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: cipher.c,v 1.77 2005/07/16 01:35:24 djm Exp $");
#include <sys/types.h>
#include <openssl/md5.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "log.h"
#include "cipher.h"
#include <openssl/md5.h>
extern const EVP_CIPHER *evp_ssh1_bf(void);
extern const EVP_CIPHER *evp_ssh1_3des(void);
extern void ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int);

4
crypto/dist/ssh/cipher.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: cipher.h,v 1.1.1.9 2005/02/13 00:52:57 christos Exp $ */
/* $OpenBSD: cipher.h,v 1.35 2004/07/28 09:40:29 markus Exp $ */
/* $NetBSD: cipher.h,v 1.1.1.10 2006/09/28 21:15:05 christos Exp $ */
/* $OpenBSD: cipher.h,v 1.36 2006/03/25 22:22:42 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>

10
crypto/dist/ssh/cleanup.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: cleanup.c,v 1.1.1.1 2005/02/13 00:52:57 christos Exp $ */
/* $NetBSD: cleanup.c,v 1.1.1.2 2006/09/28 21:15:05 christos Exp $ */
/* $OpenBSD: cleanup.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2003 Markus Friedl <markus@openbsd.org>
*
@ -14,8 +15,11 @@
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include "includes.h"
RCSID("$OpenBSD: cleanup.c,v 1.1 2003/09/23 20:17:11 markus Exp $");
#include <sys/types.h>
#include <unistd.h>
#include <stdarg.h>
#include "log.h"

83
crypto/dist/ssh/clientloop.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: clientloop.c,v 1.1.1.22 2006/02/04 22:22:42 christos Exp $ */
/* $NetBSD: clientloop.c,v 1.1.1.23 2006/09/28 21:15:06 christos Exp $ */
/* $OpenBSD: clientloop.c,v 1.175 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -59,21 +60,36 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: clientloop.c,v 1.149 2005/12/30 15:56:37 reyk Exp $");
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/param.h>
#include <ctype.h>
#include <errno.h>
#include <paths.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <termios.h>
#include <pwd.h>
#include <unistd.h>
#include "xmalloc.h"
#include "ssh.h"
#include "ssh1.h"
#include "ssh2.h"
#include "xmalloc.h"
#include "packet.h"
#include "buffer.h"
#include "compat.h"
#include "channels.h"
#include "dispatch.h"
#include "buffer.h"
#include "bufaux.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "readconf.h"
@ -119,7 +135,7 @@ static volatile sig_atomic_t received_signal = 0;
static int in_non_blocking_mode = 0;
/* Common data for the client loop code. */
static int quit_pending; /* Set to non-zero to quit the client loop. */
static volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */
static int escape_char; /* Escape character. */
static int escape_pending; /* Last character was the escape character */
static int last_was_cr; /* Last character was a newline. */
@ -179,7 +195,7 @@ enter_non_blocking(void)
* Signal handler for the window change signal (SIGWINCH). This just sets a
* flag indicating that the window has changed.
*/
/*ARGSUSED */
static void
window_change_handler(int sig)
{
@ -191,7 +207,7 @@ window_change_handler(int sig)
* Signal handler for signals that cause the program to terminate. These
* signals must be trapped to restore terminal modes.
*/
/*ARGSUSED */
static void
signal_handler(int sig)
{
@ -423,10 +439,10 @@ client_check_window_change(void)
if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)
return;
packet_start(SSH_CMSG_WINDOW_SIZE);
packet_put_int(ws.ws_row);
packet_put_int(ws.ws_col);
packet_put_int(ws.ws_xpixel);
packet_put_int(ws.ws_ypixel);
packet_put_int((u_int)ws.ws_row);
packet_put_int((u_int)ws.ws_col);
packet_put_int((u_int)ws.ws_xpixel);
packet_put_int((u_int)ws.ws_ypixel);
packet_send();
}
}
@ -570,7 +586,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
}
static void
client_process_net_input(fd_set * readset)
client_process_net_input(fd_set *readset)
{
int len;
char buf[8192];
@ -678,7 +694,7 @@ client_extra_session2_setup(int id, void *arg)
}
static void
client_process_control(fd_set * readset)
client_process_control(fd_set *readset)
{
Buffer m;
Channel *c;
@ -809,8 +825,7 @@ client_process_control(fd_set * readset)
return;
}
cctx = xmalloc(sizeof(*cctx));
memset(cctx, 0, sizeof(*cctx));
cctx = xcalloc(1, sizeof(*cctx));
cctx->want_tty = (flags & SSHMUX_FLAG_TTY) != 0;
cctx->want_subsys = (flags & SSHMUX_FLAG_SUBSYS) != 0;
cctx->want_x_fwd = (flags & SSHMUX_FLAG_X11_FWD) != 0;
@ -825,7 +840,7 @@ client_process_control(fd_set * readset)
env_len = MIN(env_len, 4096);
debug3("%s: receiving %d env vars", __func__, env_len);
if (env_len != 0) {
cctx->env = xmalloc(sizeof(*cctx->env) * (env_len + 1));
cctx->env = xcalloc(env_len + 1, sizeof(*cctx->env));
for (i = 0; i < env_len; i++)
cctx->env[i] = buffer_get_string(&m, &len);
cctx->env[i] = NULL;
@ -833,6 +848,7 @@ client_process_control(fd_set * readset)
debug2("%s: accepted tty %d, subsys %d, cmd %s", __func__,
cctx->want_tty, cctx->want_subsys, cmd);
xfree(cmd);
/* Gather fds from client */
new_fd[0] = mm_receive_fd(client_fd);
@ -913,12 +929,16 @@ process_cmdline(void)
if (*s == 'h' || *s == 'H' || *s == '?') {
logit("Commands:");
logit(" -Lport:host:hostport Request local forward");
logit(" -Rport:host:hostport Request remote forward");
logit(" -KRhostport Cancel remote forward");
logit(" -L[bind_address:]port:host:hostport "
"Request local forward");
logit(" -R[bind_address:]port:host:hostport "
"Request remote forward");
logit(" -KR[bind_address:]port "
"Cancel remote forward");
if (!options.permit_local_command)
goto out;
logit(" !args Execute local command");
logit(" !args "
"Execute local command");
goto out;
}
@ -979,9 +999,12 @@ process_cmdline(void)
goto out;
}
} else {
channel_request_remote_forwarding(fwd.listen_host,
if (channel_request_remote_forwarding(fwd.listen_host,
fwd.listen_port, fwd.connect_host,
fwd.connect_port);
fwd.connect_port) < 0) {
logit("Port forwarding failed.");
goto out;
}
}
logit("Forwarding port.");
@ -1173,7 +1196,7 @@ Supported escape sequences:\r\n\
}
static void
client_process_input(fd_set * readset)
client_process_input(fd_set *readset)
{
int len;
char buf[8192];
@ -1226,7 +1249,7 @@ client_process_input(fd_set * readset)
}
static void
client_process_output(fd_set * writeset)
client_process_output(fd_set *writeset)
{
int len;
char buf[100];
@ -1870,10 +1893,10 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
channel_request_start(id, "pty-req", 0);
packet_put_cstring(term != NULL ? term : "");
packet_put_int(ws.ws_col);
packet_put_int(ws.ws_row);
packet_put_int(ws.ws_xpixel);
packet_put_int(ws.ws_ypixel);
packet_put_int((u_int)ws.ws_col);
packet_put_int((u_int)ws.ws_row);
packet_put_int((u_int)ws.ws_xpixel);
packet_put_int((u_int)ws.ws_ypixel);
tio = get_saved_tio();
tty_make_modes(-1, tiop != NULL ? tiop : &tio);
packet_send();

6
crypto/dist/ssh/clientloop.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: clientloop.h,v 1.1.1.7 2006/02/04 22:22:42 christos Exp $ */
/* $OpenBSD: clientloop.h,v 1.14 2005/07/04 00:58:43 djm Exp $ */
/* $NetBSD: clientloop.h,v 1.1.1.8 2006/09/28 21:15:06 christos Exp $ */
/* $OpenBSD: clientloop.h,v 1.16 2006/03/25 22:22:42 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -36,6 +36,8 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <termios.h>
/* Client side main loop for the interactive session. */
int client_loop(int, int, int);
void client_x11_get_proto(const char *, const char *, u_int,

12
crypto/dist/ssh/compat.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: compat.c,v 1.1.1.15 2005/04/23 16:28:05 christos Exp $ */
/* $NetBSD: compat.c,v 1.1.1.16 2006/09/28 21:15:06 christos Exp $ */
/* $OpenBSD: compat.c,v 1.76 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
@ -23,12 +24,15 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: compat.c,v 1.71 2005/03/01 10:09:52 djm Exp $");
#include <sys/types.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "buffer.h"
#include "packet.h"
#include "xmalloc.h"
#include "compat.h"
#include "log.h"
#include "match.h"

4
crypto/dist/ssh/compat.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: compat.h,v 1.1.1.14 2005/04/23 16:28:05 christos Exp $ */
/* $OpenBSD: compat.h,v 1.39 2005/03/01 10:09:52 djm Exp $ */
/* $NetBSD: compat.h,v 1.1.1.15 2006/09/28 21:15:06 christos Exp $ */
/* $OpenBSD: compat.h,v 1.40 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.

10
crypto/dist/ssh/compress.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: compress.c,v 1.1.1.9 2005/02/13 00:52:58 christos Exp $ */
/* $NetBSD: compress.c,v 1.1.1.10 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: compress.c,v 1.25 2006/08/06 01:13:32 stevesk Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -12,12 +13,13 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#include "includes.h"
RCSID("$OpenBSD: compress.c,v 1.21 2004/01/13 19:45:15 markus Exp $");
#include <sys/types.h>
#include <stdarg.h>
#include <zlib.h>
#include "log.h"
#include "buffer.h"
#include "zlib.h"
#include "compress.h"
z_stream incoming_stream;

4
crypto/dist/ssh/compress.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: compress.h,v 1.1.1.6 2002/03/08 01:20:43 itojun Exp $ */
/* $OpenBSD: compress.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */
/* $NetBSD: compress.h,v 1.1.1.7 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: compress.h,v 1.12 2006/03/25 22:22:43 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>

6
crypto/dist/ssh/crc32.c vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: crc32.c,v 1.1.1.5 2003/04/03 05:57:20 itojun Exp $ */
/* $OpenBSD: crc32.c,v 1.9 2003/02/12 21:39:50 markus Exp $ */
/* $NetBSD: crc32.c,v 1.1.1.6 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: crc32.c,v 1.11 2006/04/22 18:29:33 stevesk Exp $ */
/*
* Copyright (c) 2003 Markus Friedl. All rights reserved.
@ -101,7 +101,7 @@ ssh_crc32(const u_char *buf, u_int32_t size)
u_int32_t i, crc;
crc = 0;
for (i = 0; i < size; i++)
for (i = 0; i < size; i++)
crc = crc32tab[(crc ^ buf[i]) & 0xff] ^ (crc >> 8);
return crc;
}

4
crypto/dist/ssh/crc32.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: crc32.h,v 1.1.1.8 2003/04/03 05:57:20 itojun Exp $ */
/* $OpenBSD: crc32.h,v 1.14 2003/02/12 21:39:50 markus Exp $ */
/* $NetBSD: crc32.h,v 1.1.1.9 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: crc32.h,v 1.15 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright (c) 2003 Markus Friedl. All rights reserved.

78
crypto/dist/ssh/deattack.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: deattack.c,v 1.1.1.10 2005/02/13 00:52:58 christos Exp $ */
/* $NetBSD: deattack.c,v 1.1.1.11 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: deattack.c,v 1.30 2006/09/16 19:53:37 djm Exp $ */
/*
* Cryptographic attack detector for ssh - source code
*
@ -18,15 +19,35 @@
* <http://www.core-sdi.com>
*/
#include "includes.h"
RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $");
#include <sys/types.h>
#include <string.h>
#include <stdio.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "deattack.h"
#include "log.h"
#include "crc32.h"
#include "getput.h"
#include "xmalloc.h"
#include "deattack.h"
#include "misc.h"
/*
* CRC attack detection has a worst-case behaviour that is O(N^3) over
* the number of identical blocks in a packet. This behaviour can be
* exploited to create a limited denial of service attack.
*
* However, because we are dealing with encrypted data, identical
* blocks should only occur every 2^35 maximally-sized packets or so.
* Consequently, we can detect this DoS by looking for identical blocks
* in a packet.
*
* The parameter below determines how many identical blocks we will
* accept in a single packet, trading off between attack detection and
* likelihood of terminating a legitimate connection. A value of 32
* corresponds to an average of 2^40 messages before an attack is
* misdetected
*/
#define MAX_IDENTICAL 32
/* SSH Constants */
#define SSH_MAXBLOCKS (32 * 1024)
@ -44,7 +65,7 @@ RCSID("$OpenBSD: deattack.c,v 1.19 2003/09/18 08:49:45 markus Exp $");
/* Hash function (Input keys are cipher results) */
#define HASH(x) GET_32BIT(x)
#define HASH(x) get_u32(x)
#define CMP(a, b) (memcmp(a, b, SSH_BLOCKSIZE))
@ -52,22 +73,17 @@ static void
crc_update(u_int32_t *a, u_int32_t b)
{
b ^= *a;
*a = ssh_crc32((u_char *) &b, sizeof(b));
*a = ssh_crc32((u_char *)&b, sizeof(b));
}
/* detect if a block is used in a particular pattern */
static int
check_crc(u_char *S, u_char *buf, u_int32_t len,
u_char *IV)
check_crc(u_char *S, u_char *buf, u_int32_t len)
{
u_int32_t crc;
u_char *c;
crc = 0;
if (IV && !CMP(S, IV)) {
crc_update(&crc, 1);
crc_update(&crc, 0);
}
for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
if (!CMP(S, c)) {
crc_update(&crc, 1);
@ -83,12 +99,12 @@ check_crc(u_char *S, u_char *buf, u_int32_t len,
/* Detect a crc32 compensation attack on a packet */
int
detect_attack(u_char *buf, u_int32_t len, u_char *IV)
detect_attack(u_char *buf, u_int32_t len)
{
static u_int16_t *h = (u_int16_t *) NULL;
static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
u_int32_t i, j;
u_int32_t l;
u_int32_t l, same;
u_char *c;
u_char *d;
@ -101,26 +117,20 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV)
if (h == NULL) {
debug("Installing crc compensation attack detector.");
h = (u_int16_t *) xmalloc(l * HASH_ENTRYSIZE);
h = (u_int16_t *) xcalloc(l, HASH_ENTRYSIZE);
n = l;
} else {
if (l > n) {
h = (u_int16_t *) xrealloc(h, l * HASH_ENTRYSIZE);
h = (u_int16_t *)xrealloc(h, l, HASH_ENTRYSIZE);
n = l;
}
}
if (len <= HASH_MINBLOCKS) {
for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
if (IV && (!CMP(c, IV))) {
if ((check_crc(c, buf, len, IV)))
return (DEATTACK_DETECTED);
else
break;
}
for (d = buf; d < c; d += SSH_BLOCKSIZE) {
if (!CMP(c, d)) {
if ((check_crc(c, buf, len, IV)))
if ((check_crc(c, buf, len)))
return (DEATTACK_DETECTED);
else
break;
@ -131,21 +141,13 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV)
}
memset(h, HASH_UNUSEDCHAR, n * HASH_ENTRYSIZE);
if (IV)
h[HASH(IV) & (n - 1)] = HASH_IV;
for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
for (c = buf, same = j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) {
for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
i = (i + 1) & (n - 1)) {
if (h[i] == HASH_IV) {
if (!CMP(c, IV)) {
if (check_crc(c, buf, len, IV))
return (DEATTACK_DETECTED);
else
break;
}
} else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
if (check_crc(c, buf, len, IV))
if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) {
if (++same > MAX_IDENTICAL)
return (DEATTACK_DOS_DETECTED);
if (check_crc(c, buf, len))
return (DEATTACK_DETECTED);
else
break;

7
crypto/dist/ssh/deattack.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: deattack.h,v 1.1.1.5 2001/09/27 02:00:42 itojun Exp $ */
/* $OpenBSD: deattack.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */
/* $NetBSD: deattack.h,v 1.1.1.6 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: deattack.h,v 1.10 2006/09/16 19:53:37 djm Exp $ */
/*
* Cryptographic attack detector for ssh - Header file
@ -26,6 +26,7 @@
/* Return codes */
#define DEATTACK_OK 0
#define DEATTACK_DETECTED 1
#define DEATTACK_DOS_DETECTED 2
int detect_attack(u_char *, u_int32_t, u_char[8]);
int detect_attack(u_char *, u_int32_t);
#endif

42
crypto/dist/ssh/dh.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: dh.c,v 1.1.1.10 2005/02/13 00:52:58 christos Exp $ */
/* $NetBSD: dh.c,v 1.1.1.11 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: dh.c,v 1.42 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
*
@ -23,18 +24,15 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: dh.c,v 1.31 2004/08/04 10:37:52 djm Exp $");
#include "xmalloc.h"
#include <sys/param.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#include <openssl/evp.h>
#include "buffer.h"
#include "cipher.h"
#include "kex.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "dh.h"
#include "pathnames.h"
#include "log.h"
@ -45,9 +43,11 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
{
char *cp, *arg;
char *strsize, *gen, *prime;
const char *errstr = NULL;
cp = line;
arg = strdelim(&cp);
if ((arg = strdelim(&cp)) == NULL)
return 0;
/* Ignore leading whitespace */
if (*arg == '\0')
arg = strdelim(&cp);
@ -68,7 +68,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg)
goto fail;
strsize = strsep(&cp, " "); /* size */
if (cp == NULL || *strsize == '\0' ||
(dhg->size = atoi(strsize)) == 0)
(dhg->size = (u_int)strtonum(strsize, 0, 64*1024, &errstr)) == 0 ||
errstr)
goto fail;
/* The whole group is one bit larger */
dhg->size++;
@ -179,19 +180,36 @@ dh_pub_is_valid(DH *dh, BIGNUM *dh_pub)
int i;
int n = BN_num_bits(dh_pub);
int bits_set = 0;
BIGNUM *tmp;
if (dh_pub->neg) {
logit("invalid public DH value: negativ");
return 0;
}
if (BN_cmp(dh_pub, BN_value_one()) != 1) { /* pub_exp <= 1 */
logit("invalid public DH value: <= 1");
return 0;
}
if ((tmp = BN_new()) == NULL)
return (-1);
if (!BN_sub(tmp, dh->p, BN_value_one()) ||
BN_cmp(dh_pub, tmp) != -1) { /* pub_exp > p-2 */
BN_clear_free(tmp);
logit("invalid public DH value: >= p-1");
return 0;
}
BN_clear_free(tmp);
for (i = 0; i <= n; i++)
if (BN_is_bit_set(dh_pub, i))
bits_set++;
debug2("bits set: %d/%d", bits_set, BN_num_bits(dh->p));
/* if g==2 and bits_set==1 then computing log_g(dh_pub) is trivial */
if (bits_set > 1 && (BN_cmp(dh_pub, dh->p) == -1))
if (bits_set > 1)
return 1;
logit("invalid public DH value (%d/%d)", bits_set, BN_num_bits(dh->p));
return 0;
}

4
crypto/dist/ssh/dh.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: dh.h,v 1.1.1.5 2005/02/13 00:52:59 christos Exp $ */
/* $OpenBSD: dh.h,v 1.8 2004/06/13 12:53:24 djm Exp $ */
/* $NetBSD: dh.h,v 1.1.1.6 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: dh.h,v 1.9 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.

12
crypto/dist/ssh/dispatch.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: dispatch.c,v 1.1.1.7 2005/02/13 00:52:59 christos Exp $ */
/* $NetBSD: dispatch.c,v 1.1.1.8 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: dispatch.c,v 1.21 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@ -22,8 +23,11 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: dispatch.c,v 1.16 2003/04/08 20:21:28 itojun Exp $");
#include <sys/types.h>
#include <signal.h>
#include <stdarg.h>
#include "ssh1.h"
#include "ssh2.h"
@ -77,7 +81,7 @@ dispatch_set(int type, dispatch_fn *fn)
dispatch[type] = fn;
}
void
dispatch_run(int mode, int *done, void *ctxt)
dispatch_run(int mode, volatile sig_atomic_t *done, void *ctxt)
{
for (;;) {
int type;

6
crypto/dist/ssh/dispatch.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: dispatch.h,v 1.1.1.5 2002/03/08 01:20:44 itojun Exp $ */
/* $OpenBSD: dispatch.h,v 1.9 2002/01/11 13:39:36 markus Exp $ */
/* $NetBSD: dispatch.h,v 1.1.1.6 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: dispatch.h,v 1.11 2006/04/20 09:27:09 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -34,6 +34,6 @@ typedef void dispatch_fn(int, u_int32_t, void *);
void dispatch_init(dispatch_fn *);
void dispatch_set(int, dispatch_fn *);
void dispatch_range(u_int, u_int, dispatch_fn *);
void dispatch_run(int, int *, void *);
void dispatch_run(int, volatile sig_atomic_t *, void *);
void dispatch_protocol_error(int, u_int32_t, void *);
void dispatch_protocol_ignore(int, u_int32_t, void *);

12
crypto/dist/ssh/dns.c vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: dns.c,v 1.1.1.2 2006/02/04 22:22:44 christos Exp $ */
/* $OpenBSD: dns.c,v 1.16 2005/10/17 14:13:35 stevesk Exp $ */
/* $NetBSD: dns.c,v 1.1.1.3 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: dns.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@ -26,10 +26,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: dns.c,v 1.16 2005/10/17 14:13:35 stevesk Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <stdio.h>
#include <string.h>
#include "xmalloc.h"
#include "key.h"
@ -123,7 +125,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type,
*digest = (u_char *) xmalloc(*digest_len);
memcpy(*digest, rdata + 2, *digest_len);
} else {
*digest = xstrdup("");
*digest = (u_char *)xstrdup("");
}
success = 1;

6
crypto/dist/ssh/dns.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: dns.h,v 1.1.1.2 2006/02/04 22:22:44 christos Exp $ */
/* $OpenBSD: dns.h,v 1.6 2005/10/17 14:13:35 stevesk Exp $ */
/* $NetBSD: dns.h,v 1.1.1.3 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: dns.h,v 1.10 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2003 Wesley Griffin. All rights reserved.
@ -26,8 +26,6 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
#ifndef DNS_H
#define DNS_H

9
crypto/dist/ssh/fatal.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: fatal.c,v 1.1.1.2 2005/02/13 00:52:59 christos Exp $ */
/* $NetBSD: fatal.c,v 1.1.1.3 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: fatal.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2002 Markus Friedl. All rights reserved.
*
@ -23,8 +24,9 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: fatal.c,v 1.2 2003/09/23 20:17:11 markus Exp $");
#include <sys/types.h>
#include <stdarg.h>
#include "log.h"
@ -34,6 +36,7 @@ void
fatal(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_FATAL, fmt, args);
va_end(args);

13
crypto/dist/ssh/groupaccess.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: groupaccess.c,v 1.1.1.5 2005/02/13 00:52:59 christos Exp $ */
/* $NetBSD: groupaccess.c,v 1.1.1.6 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: groupaccess.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001 Kevin Steves. All rights reserved.
*
@ -23,11 +24,15 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: groupaccess.c,v 1.6 2003/04/08 20:21:28 itojun Exp $");
#include <sys/types.h>
#include <sys/param.h>
#include <grp.h>
#include <unistd.h>
#include <stdarg.h>
#include "groupaccess.h"
#include "xmalloc.h"
#include "groupaccess.h"
#include "match.h"
#include "log.h"

6
crypto/dist/ssh/groupaccess.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: groupaccess.h,v 1.1.1.3 2001/09/27 02:00:43 itojun Exp $ */
/* $OpenBSD: groupaccess.h,v 1.4 2001/06/26 17:27:23 markus Exp $ */
/* $NetBSD: groupaccess.h,v 1.1.1.4 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: groupaccess.h,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001 Kevin Steves. All rights reserved.
@ -28,8 +28,6 @@
#ifndef GROUPACCESS_H
#define GROUPACCESS_H
#include <grp.h>
int ga_init(const char *, gid_t);
int ga_match(char * const *, int);
void ga_free(void);

70
crypto/dist/ssh/gss-genr.c vendored
View File

@ -1,8 +1,8 @@
/* $NetBSD: gss-genr.c,v 1.1.1.2 2006/02/04 22:22:44 christos Exp $ */
/* $OpenBSD: gss-genr.c,v 1.6 2005/10/13 22:24:31 stevesk Exp $ */
/* $NetBSD: gss-genr.c,v 1.1.1.3 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: gss-genr.c,v 1.17 2006/08/29 12:02:30 dtucker Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
* Copyright (c) 2001-2006 Simon Wilkinson. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -25,12 +25,15 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
#ifdef GSSAPI
#include <sys/param.h>
#include <string.h>
#include <stdarg.h>
#include "xmalloc.h"
#include "bufaux.h"
#include "buffer.h"
#include "log.h"
#include "ssh2.h"
@ -73,7 +76,11 @@ ssh_gssapi_set_oid(Gssctxt *ctx, gss_OID oid)
void
ssh_gssapi_error(Gssctxt *ctxt)
{
debug("%s", ssh_gssapi_last_error(ctxt, NULL, NULL));
char *s;
s = ssh_gssapi_last_error(ctxt, NULL, NULL);
debug("%s", s);
xfree(s);
}
char *
@ -132,9 +139,7 @@ ssh_gssapi_last_error(Gssctxt *ctxt, OM_uint32 *major_status,
void
ssh_gssapi_build_ctx(Gssctxt **ctx)
{
*ctx = xmalloc(sizeof (Gssctxt));
(*ctx)->major = 0;
(*ctx)->minor = 0;
*ctx = xcalloc(1, sizeof (Gssctxt));
(*ctx)->context = GSS_C_NO_CONTEXT;
(*ctx)->name = GSS_C_NO_NAME;
(*ctx)->oid = GSS_C_NO_OID;
@ -204,10 +209,11 @@ OM_uint32
ssh_gssapi_import_name(Gssctxt *ctx, const char *host)
{
gss_buffer_desc gssbuf;
char *val;
gssbuf.length = sizeof("host@") + strlen(host);
gssbuf.value = xmalloc(gssbuf.length);
snprintf(gssbuf.value, gssbuf.length, "host@%s", host);
xasprintf(&val, "host@%s", host);
gssbuf.value = val;
gssbuf.length = strlen(gssbuf.value);
if ((ctx->major = gss_import_name(&ctx->minor,
&gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &ctx->name)))
@ -232,11 +238,15 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx)
gss_create_empty_oid_set(&status, &oidset);
gss_add_oid_set_member(&status, ctx->oid, &oidset);
if (gethostname(lname, MAXHOSTNAMELEN))
if (gethostname(lname, MAXHOSTNAMELEN)) {
gss_release_oid_set(&status, &oidset);
return (-1);
}
if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname)))
if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) {
gss_release_oid_set(&status, &oidset);
return (ctx->major);
}
if ((ctx->major = gss_acquire_cred(&ctx->minor,
ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL)))
@ -278,4 +288,34 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid)
return (ssh_gssapi_acquire_cred(*ctx));
}
int
ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host)
{
gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
OM_uint32 major, minor;
gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"};
/* RFC 4462 says we MUST NOT do SPNEGO */
if (oid->length == spnego_oid.length &&
(memcmp(oid->elements, spnego_oid.elements, oid->length) == 0))
return 0; /* false */
ssh_gssapi_build_ctx(ctx);
ssh_gssapi_set_oid(*ctx, oid);
major = ssh_gssapi_import_name(*ctx, host);
if (!GSS_ERROR(major)) {
major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token,
NULL);
gss_release_buffer(&minor, &token);
if ((*ctx)->context != GSS_C_NO_CONTEXT)
gss_delete_sec_context(&minor, &(*ctx)->context,
GSS_C_NO_BUFFER);
}
if (GSS_ERROR(major))
ssh_gssapi_delete_ctx(ctx);
return (!GSS_ERROR(major));
}
#endif /* GSSAPI */

18
crypto/dist/ssh/gss-serv-krb5.c vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: gss-serv-krb5.c,v 1.1.1.2 2006/02/04 22:22:44 christos Exp $ */
/* $OpenBSD: gss-serv-krb5.c,v 1.4 2005/10/13 19:08:08 stevesk Exp $ */
/* $NetBSD: gss-serv-krb5.c,v 1.1.1.3 2006/09/28 21:15:07 christos Exp $ */
/* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@ -25,16 +25,18 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
#ifdef GSSAPI
#ifdef KRB5
#include "auth.h"
#include "xmalloc.h"
#include "log.h"
#include "servconf.h"
#include <sys/types.h>
#include "xmalloc.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "log.h"
#include "buffer.h"
#include "ssh-gss.h"
#include <krb5.h>

28
crypto/dist/ssh/gss-serv.c vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: gss-serv.c,v 1.1.1.2 2006/02/04 22:22:44 christos Exp $ */
/* $OpenBSD: gss-serv.c,v 1.13 2005/10/13 22:24:31 stevesk Exp $ */
/* $NetBSD: gss-serv.c,v 1.1.1.3 2006/09/28 21:15:08 christos Exp $ */
/* $OpenBSD: gss-serv.c,v 1.20 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
@ -25,18 +25,21 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
#include <sys/types.h>
#ifdef GSSAPI
#include "bufaux.h"
#include <string.h>
#include "xmalloc.h"
#include "buffer.h"
#include "key.h"
#include "hostfile.h"
#include "auth.h"
#include "log.h"
#include "channels.h"
#include "session.h"
#include "servconf.h"
#include "xmalloc.h"
#include "getput.h"
#include "misc.h"
#include "ssh-gss.h"
@ -79,6 +82,8 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset)
&supported_mechs[i]->oid, oidset);
i++;
}
gss_release_oid_set(&min_status, &supported);
}
@ -152,7 +157,7 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
* second without.
*/
oidl = GET_16BIT(tok+2); /* length including next two bytes */
oidl = get_u16(tok+2); /* length including next two bytes */
oidl = oidl-2; /* turn it into the _real_ length of the variable OID */
/*
@ -169,14 +174,14 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
if (ename->length < offset+4)
return GSS_S_FAILURE;
name->length = GET_32BIT(tok+offset);
name->length = get_u32(tok+offset);
offset += 4;
if (ename->length < offset+name->length)
return GSS_S_FAILURE;
name->value = xmalloc(name->length+1);
memcpy(name->value, tok+offset,name->length);
memcpy(name->value, tok+offset, name->length);
((char *)name->value)[name->length] = 0;
return GSS_S_COMPLETE;
@ -235,7 +240,8 @@ ssh_gssapi_cleanup_creds(void)
{
if (gssapi_client.store.filename != NULL) {
/* Unlink probably isn't sufficient */
debug("removing gssapi cred file\"%s\"", gssapi_client.store.filename);
debug("removing gssapi cred file\"%s\"",
gssapi_client.store.filename);
unlink(gssapi_client.store.filename);
}
}

21
crypto/dist/ssh/hostfile.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: hostfile.c,v 1.1.1.12 2006/02/04 22:22:45 christos Exp $ */
/* $NetBSD: hostfile.c,v 1.1.1.13 2006/09/28 21:15:08 christos Exp $ */
/* $OpenBSD: hostfile.c,v 1.45 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -36,19 +37,23 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: hostfile.c,v 1.36 2005/11/22 03:36:03 dtucker Exp $");
#include <sys/types.h>
#include <netinet/in.h>
#include <resolv.h>
#include <openssl/hmac.h>
#include <openssl/sha.h>
#include "packet.h"
#include <resolv.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "xmalloc.h"
#include "match.h"
#include "key.h"
#include "hostfile.h"
#include "log.h"
#include "xmalloc.h"
static int
extract_salt(const char *s, u_int l, char *salt, size_t salt_len)
@ -255,8 +260,10 @@ check_host_in_hostfile_by_key_or_type(const char *filename,
if (key == NULL) {
/* we found a key of the requested type */
if (found->type == keytype)
if (found->type == keytype) {
fclose(f);
return HOST_FOUND;
}
continue;
}

4
crypto/dist/ssh/hostfile.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: hostfile.h,v 1.1.1.11 2005/04/23 16:28:07 christos Exp $ */
/* $OpenBSD: hostfile.h,v 1.15 2005/03/01 10:40:26 djm Exp $ */
/* $NetBSD: hostfile.h,v 1.1.1.12 2006/09/28 21:15:08 christos Exp $ */
/* $OpenBSD: hostfile.h,v 1.16 2006/03/25 22:22:43 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>

37
crypto/dist/ssh/kex.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: kex.c,v 1.1.1.17 2006/02/04 22:22:44 christos Exp $ */
/* $NetBSD: kex.c,v 1.1.1.18 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kex.c,v 1.76 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@ -23,20 +24,23 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
#include <sys/param.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/crypto.h>
#include "ssh2.h"
#include "xmalloc.h"
#include "ssh2.h"
#include "buffer.h"
#include "bufaux.h"
#include "packet.h"
#include "compat.h"
#include "cipher.h"
#include "kex.h"
#include "key.h"
#include "kex.h"
#include "log.h"
#include "mac.h"
#include "match.h"
@ -45,6 +49,8 @@ RCSID("$OpenBSD: kex.c,v 1.65 2005/11/04 05:15:59 djm Exp $");
#define KEX_COOKIE_LEN 16
extern const EVP_MD *evp_ssh_sha256(void);
/* prototype */
static void kex_kexinit_finish(Kex *);
static void kex_choose_conf(Kex *);
@ -76,7 +82,7 @@ kex_buf2prop(Buffer *raw, int *first_kex_follows)
int i;
char **proposal;
proposal = xmalloc(PROPOSAL_MAX * sizeof(char *));
proposal = xcalloc(PROPOSAL_MAX, sizeof(char *));
buffer_init(&b);
buffer_append(&b, buffer_ptr(raw), buffer_len(raw));
@ -211,8 +217,7 @@ kex_setup(char *proposal[PROPOSAL_MAX])
{
Kex *kex;
kex = xmalloc(sizeof(*kex));
memset(kex, 0, sizeof(*kex));
kex = xcalloc(1, sizeof(*kex));
buffer_init(&kex->peer);
buffer_init(&kex->my);
kex_prop2buf(&kex->my, proposal);
@ -255,6 +260,7 @@ choose_enc(Enc *enc, char *client, char *server)
enc->key_len = cipher_keylen(enc->cipher);
enc->block_size = cipher_blocksize(enc->cipher);
}
static void
choose_mac(Mac *mac, char *client, char *server)
{
@ -270,6 +276,7 @@ choose_mac(Mac *mac, char *client, char *server)
mac->key = NULL;
mac->enabled = 0;
}
static void
choose_comp(Comp *comp, char *client, char *server)
{
@ -287,6 +294,7 @@ choose_comp(Comp *comp, char *client, char *server)
}
comp->name = name;
}
static void
choose_kex(Kex *k, char *client, char *server)
{
@ -302,6 +310,9 @@ choose_kex(Kex *k, char *client, char *server)
} else if (strcmp(k->name, KEX_DHGEX_SHA1) == 0) {
k->kex_type = KEX_DH_GEX_SHA1;
k->evp_md = EVP_sha1();
} else if (strcmp(k->name, KEX_DHGEX_SHA256) == 0) {
k->kex_type = KEX_DH_GEX_SHA256;
k->evp_md = evp_ssh_sha256();
} else
fatal("bad kex alg %s", k->name);
}
@ -365,8 +376,7 @@ kex_choose_conf(Kex *kex)
/* Algorithm Negotiation */
for (mode = 0; mode < MODE_MAX; mode++) {
newkeys = xmalloc(sizeof(*newkeys));
memset(newkeys, 0, sizeof(*newkeys));
newkeys = xcalloc(1, sizeof(*newkeys));
kex->newkeys[mode] = newkeys;
ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN);
nenc = ctos ? PROPOSAL_ENC_ALGS_CTOS : PROPOSAL_ENC_ALGS_STOC;
@ -421,7 +431,7 @@ derive_key(Kex *kex, int id, u_int need, u_char *hash, u_int hashlen,
if ((mdsz = EVP_MD_size(kex->evp_md)) <= 0)
fatal("bad kex md size %d", mdsz);
digest = xmalloc(roundup(need, mdsz));
digest = xmalloc(roundup(need, mdsz));
buffer_init(&b);
buffer_put_bignum2(&b, shared_secret);
@ -474,7 +484,8 @@ kex_derive_keys(Kex *kex, u_char *hash, u_int hashlen, BIGNUM *shared_secret)
for (mode = 0; mode < MODE_MAX; mode++) {
current_keys[mode] = kex->newkeys[mode];
kex->newkeys[mode] = NULL;
ctos = (!kex->server && mode == MODE_OUT) || (kex->server && mode == MODE_IN);
ctos = (!kex->server && mode == MODE_OUT) ||
(kex->server && mode == MODE_IN);
current_keys[mode]->enc.iv = keys[ctos ? 0 : 1];
current_keys[mode]->enc.key = keys[ctos ? 2 : 3];
current_keys[mode]->mac.key = keys[ctos ? 4 : 5];

13
crypto/dist/ssh/kex.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: kex.h,v 1.1.1.15 2006/02/04 22:22:45 christos Exp $ */
/* $OpenBSD: kex.h,v 1.38 2005/11/04 05:15:59 djm Exp $ */
/* $NetBSD: kex.h,v 1.1.1.16 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kex.h,v 1.44 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@ -28,13 +28,11 @@
#define KEX_H
#include <openssl/evp.h>
#include "buffer.h"
#include "cipher.h"
#include "key.h"
#define KEX_DH1 "diffie-hellman-group1-sha1"
#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
#define COMP_NONE 0
#define COMP_ZLIB 1
@ -64,6 +62,7 @@ enum kex_exchange {
KEX_DH_GRP1_SHA1,
KEX_DH_GRP14_SHA1,
KEX_DH_GEX_SHA1,
KEX_DH_GEX_SHA256,
KEX_MAX
};
@ -113,7 +112,7 @@ struct Kex {
int kex_type;
Buffer my;
Buffer peer;
int done;
sig_atomic_t done;
int flags;
const EVP_MD *evp_md;
char *client_version_string;
@ -143,7 +142,7 @@ kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int,
BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *);
void
kexgex_hash(const EVP_MD *, char *, char *, char *, int, char *,
int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *,
int, u_char *, int, int, int, int, BIGNUM *, BIGNUM *, BIGNUM *,
BIGNUM *, BIGNUM *, u_char **, u_int *);
void

11
crypto/dist/ssh/kexdh.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: kexdh.c,v 1.1.1.7 2006/02/04 22:22:45 christos Exp $ */
/* $NetBSD: kexdh.c,v 1.1.1.8 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kexdh.c,v 1.23 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -23,14 +24,16 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: kexdh.c,v 1.20 2005/11/04 05:15:59 djm Exp $");
#include <sys/types.h>
#include <signal.h>
#include <openssl/evp.h>
#include "buffer.h"
#include "bufaux.h"
#include "ssh2.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
void

14
crypto/dist/ssh/kexdhc.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: kexdhc.c,v 1.1.1.3 2006/02/04 22:22:45 christos Exp $ */
/* $NetBSD: kexdhc.c,v 1.1.1.4 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kexdhc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -23,11 +24,16 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: kexdhc.c,v 1.3 2005/11/04 05:15:59 djm Exp $");
#include <sys/types.h>
#include <stdio.h>
#include <string.h>
#include <signal.h>
#include "xmalloc.h"
#include "buffer.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
@ -83,7 +89,7 @@ kexdh_client(Kex *kex)
if (kex->verify_host_key(server_host_key) == -1)
fatal("server_host_key verification failed");
/* DH paramter f, server public DH key */
/* DH parameter f, server public DH key */
if ((dh_server_pub = BN_new()) == NULL)
fatal("dh_server_pub == NULL");
packet_get_bignum2(dh_server_pub);

14
crypto/dist/ssh/kexdhs.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: kexdhs.c,v 1.1.1.3 2006/02/04 22:22:45 christos Exp $ */
/* $NetBSD: kexdhs.c,v 1.1.1.4 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kexdhs.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -23,16 +24,23 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: kexdhs.c,v 1.3 2005/11/04 05:15:59 djm Exp $");
#include <sys/types.h>
#include <string.h>
#include <signal.h>
#include "xmalloc.h"
#include "buffer.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
#include "dh.h"
#include "ssh2.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
void

10
crypto/dist/ssh/kexgex.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: kexgex.c,v 1.1.1.8 2006/02/04 22:22:45 christos Exp $ */
/* $NetBSD: kexgex.c,v 1.1.1.9 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kexgex.c,v 1.27 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@ -24,13 +25,14 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: kexgex.c,v 1.24 2005/11/04 05:15:59 djm Exp $");
#include <sys/types.h>
#include <openssl/evp.h>
#include <signal.h>
#include "buffer.h"
#include "bufaux.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
#include "ssh2.h"

14
crypto/dist/ssh/kexgexc.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: kexgexc.c,v 1.1.1.3 2006/02/04 22:22:45 christos Exp $ */
/* $NetBSD: kexgexc.c,v 1.1.1.4 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kexgexc.c,v 1.9 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@ -24,11 +25,16 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: kexgexc.c,v 1.3 2005/11/04 05:15:59 djm Exp $");
#include <sys/types.h>
#include <stdio.h>
#include <string.h>
#include <signal.h>
#include "xmalloc.h"
#include "buffer.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
@ -121,7 +127,7 @@ kexgex_client(Kex *kex)
if (kex->verify_host_key(server_host_key) == -1)
fatal("server_host_key verification failed");
/* DH paramter f, server public DH key */
/* DH parameter f, server public DH key */
if ((dh_server_pub = BN_new()) == NULL)
fatal("dh_server_pub == NULL");
packet_get_bignum2(dh_server_pub);

15
crypto/dist/ssh/kexgexs.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: kexgexs.c,v 1.1.1.2 2006/02/04 22:22:45 christos Exp $ */
/* $NetBSD: kexgexs.c,v 1.1.1.3 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: kexgexs.c,v 1.8 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000 Niels Provos. All rights reserved.
* Copyright (c) 2001 Markus Friedl. All rights reserved.
@ -24,17 +25,25 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: kexgexs.c,v 1.2 2005/11/04 05:15:59 djm Exp $");
#include <sys/param.h>
#include <stdio.h>
#include <string.h>
#include <signal.h>
#include "xmalloc.h"
#include "buffer.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
#include "log.h"
#include "packet.h"
#include "dh.h"
#include "ssh2.h"
#include "compat.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
void

41
crypto/dist/ssh/key.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: key.c,v 1.1.1.19 2006/02/04 22:22:46 christos Exp $ */
/* $NetBSD: key.c,v 1.1.1.20 2006/09/28 21:15:09 christos Exp $ */
/* $OpenBSD: key.c,v 1.67 2006/08/03 03:34:42 deraadt Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -32,17 +33,19 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: key.c,v 1.58 2005/06/17 02:44:32 djm Exp $");
#include <sys/types.h>
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
#include "xmalloc.h"
#include "key.h"
#include "rsa.h"
#include "uuencode.h"
#include "buffer.h"
#include "bufaux.h"
#include "log.h"
Key *
@ -51,9 +54,8 @@ key_new(int type)
Key *k;
RSA *rsa;
DSA *dsa;
k = xmalloc(sizeof(*k));
k = xcalloc(1, sizeof(*k));
k->type = type;
k->flags = 0;
k->dsa = NULL;
k->rsa = NULL;
switch (k->type) {
@ -124,6 +126,8 @@ key_new_private(int type)
void
key_free(Key *k)
{
if (k == NULL)
fatal("key_free: key is NULL");
switch (k->type) {
case KEY_RSA1:
case KEY_RSA:
@ -156,14 +160,12 @@ key_equal(const Key *a, const Key *b)
return a->rsa != NULL && b->rsa != NULL &&
BN_cmp(a->rsa->e, b->rsa->e) == 0 &&
BN_cmp(a->rsa->n, b->rsa->n) == 0;
break;
case KEY_DSA:
return a->dsa != NULL && b->dsa != NULL &&
BN_cmp(a->dsa->p, b->dsa->p) == 0 &&
BN_cmp(a->dsa->q, b->dsa->q) == 0 &&
BN_cmp(a->dsa->g, b->dsa->g) == 0 &&
BN_cmp(a->dsa->pub_key, b->dsa->pub_key) == 0;
break;
default:
fatal("key_equal: bad key type %d", a->type);
break;
@ -210,7 +212,6 @@ key_fingerprint_raw(const Key *k, enum fp_type dgst_type,
break;
case KEY_UNSPEC:
return retval;
break;
default:
fatal("key_fingerprint_raw: bad key type %d", k->type);
break;
@ -234,8 +235,7 @@ key_fingerprint_hex(u_char *dgst_raw, u_int dgst_raw_len)
char *retval;
u_int i;
retval = xmalloc(dgst_raw_len * 3 + 1);
retval[0] = '\0';
retval = xcalloc(1, dgst_raw_len * 3 + 1);
for (i = 0; i < dgst_raw_len; i++) {
char hex[4];
snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]);
@ -257,7 +257,7 @@ key_fingerprint_bubblebabble(u_char *dgst_raw, u_int dgst_raw_len)
char *retval;
rounds = (dgst_raw_len / 2) + 1;
retval = xmalloc(sizeof(char) * (rounds*6));
retval = xcalloc((rounds * 6), sizeof(char));
retval[j++] = 'x';
for (i = 0; i < rounds; i++) {
u_int idx0, idx1, idx2, idx3, idx4;
@ -531,13 +531,10 @@ key_type(const Key *k)
switch (k->type) {
case KEY_RSA1:
return "RSA1";
break;
case KEY_RSA:
return "RSA";
break;
case KEY_DSA:
return "DSA";
break;
}
return "unknown";
}
@ -548,10 +545,8 @@ key_ssh_name(const Key *k)
switch (k->type) {
case KEY_RSA:
return "ssh-rsa";
break;
case KEY_DSA:
return "ssh-dss";
break;
}
return "ssh-unknown";
}
@ -563,10 +558,8 @@ key_size(const Key *k)
case KEY_RSA1:
case KEY_RSA:
return BN_num_bits(k->rsa->n);
break;
case KEY_DSA:
return BN_num_bits(k->dsa->p);
break;
}
return 0;
}
@ -575,6 +568,7 @@ static RSA *
rsa_generate_private_key(u_int bits)
{
RSA *private;
private = RSA_generate_key(bits, 35, NULL, NULL);
if (private == NULL)
fatal("rsa_generate_private_key: key generation failed.");
@ -585,6 +579,7 @@ static DSA*
dsa_generate_private_key(u_int bits)
{
DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
if (private == NULL)
fatal("dsa_generate_private_key: DSA_generate_parameters failed");
if (!DSA_generate_key(private))
@ -794,14 +789,11 @@ key_sign(
switch (key->type) {
case KEY_DSA:
return ssh_dss_sign(key, sigp, lenp, data, datalen);
break;
case KEY_RSA:
return ssh_rsa_sign(key, sigp, lenp, data, datalen);
break;
default:
error("key_sign: invalid key type %d", key->type);
return -1;
break;
}
}
@ -821,14 +813,11 @@ key_verify(
switch (key->type) {
case KEY_DSA:
return ssh_dss_verify(key, signature, signaturelen, data, datalen);
break;
case KEY_RSA:
return ssh_rsa_verify(key, signature, signaturelen, data, datalen);
break;
default:
error("key_verify: invalid key type %d", key->type);
return -1;
break;
}
}
@ -838,7 +827,7 @@ key_demote(const Key *k)
{
Key *pk;
pk = xmalloc(sizeof(*pk));
pk = xcalloc(1, sizeof(*pk));
pk->type = k->type;
pk->flags = k->flags;
pk->dsa = NULL;

4
crypto/dist/ssh/key.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: key.h,v 1.1.1.11 2005/02/13 00:53:01 christos Exp $ */
/* $OpenBSD: key.h,v 1.23 2003/11/10 16:23:41 jakob Exp $ */
/* $NetBSD: key.h,v 1.1.1.12 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: key.h,v 1.26 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.

29
crypto/dist/ssh/log.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: log.c,v 1.1.1.10 2005/02/13 00:53:01 christos Exp $ */
/* $NetBSD: log.c,v 1.1.1.11 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: log.c,v 1.39 2006/08/18 09:13:25 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -34,15 +35,19 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: log.c,v 1.29 2003/09/23 20:17:11 markus Exp $");
#include "log.h"
#include "xmalloc.h"
#include <sys/types.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <syslog.h>
#include <unistd.h>
#include <vis.h>
#include "xmalloc.h"
#include "log.h"
static LogLevel log_level = SYSLOG_LEVEL_INFO;
static int log_on_stderr = 1;
static int log_facility = LOG_AUTH;
@ -123,6 +128,18 @@ error(const char *fmt,...)
va_end(args);
}
void
sigdie(const char *fmt,...)
{
va_list args;
va_start(args, fmt);
do_log(SYSLOG_LEVEL_FATAL, fmt, args);
va_end(args);
_exit(1);
}
/* Log this message (information that usually should go to the log). */
void

5
crypto/dist/ssh/log.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: log.h,v 1.1.1.7 2005/02/13 00:53:01 christos Exp $ */
/* $OpenBSD: log.h,v 1.11 2004/06/21 22:02:58 djm Exp $ */
/* $NetBSD: log.h,v 1.1.1.8 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: log.h,v 1.15 2006/08/18 09:13:25 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -51,6 +51,7 @@ LogLevel log_level_number(char *);
void fatal(const char *, ...) __dead __attribute__((format(printf, 1, 2)));
void error(const char *, ...) __attribute__((format(printf, 1, 2)));
void sigdie(const char *, ...) __attribute__((format(printf, 1, 2)));
void logit(const char *, ...) __attribute__((format(printf, 1, 2)));
void verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
void debug(const char *, ...) __attribute__((format(printf, 1, 2)));

15
crypto/dist/ssh/mac.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: mac.c,v 1.1.1.6 2006/02/04 22:22:46 christos Exp $ */
/* $NetBSD: mac.c,v 1.1.1.7 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: mac.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@ -23,17 +24,21 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: mac.c,v 1.7 2005/06/17 02:44:32 djm Exp $");
#include <sys/types.h>
#include <openssl/hmac.h>
#include <string.h>
#include <signal.h>
#include "xmalloc.h"
#include "getput.h"
#include "log.h"
#include "cipher.h"
#include "buffer.h"
#include "key.h"
#include "kex.h"
#include "mac.h"
#include "misc.h"
struct {
char *name;
@ -84,7 +89,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen)
if (mac->mac_len > sizeof(m))
fatal("mac_compute: mac too long");
HMAC_Init(&c, mac->key, mac->key_len, mac->md);
PUT_32BIT(b, seqno);
put_u32(b, seqno);
HMAC_Update(&c, b, sizeof(b));
HMAC_Update(&c, data, datalen);
HMAC_Final(&c, m, NULL);

4
crypto/dist/ssh/mac.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: mac.h,v 1.1.1.3 2001/09/27 02:00:44 itojun Exp $ */
/* $OpenBSD: mac.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */
/* $NetBSD: mac.h,v 1.1.1.4 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: mac.h,v 1.4 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*

13
crypto/dist/ssh/match.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: match.c,v 1.1.1.9 2006/02/04 22:22:47 christos Exp $ */
/* $NetBSD: match.c,v 1.1.1.10 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: match.c,v 1.26 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -35,11 +36,13 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: match.c,v 1.20 2005/06/17 02:44:32 djm Exp $");
#include <sys/types.h>
#include <ctype.h>
#include <string.h>
#include "match.h"
#include "xmalloc.h"
#include "match.h"
/*
* Returns true if the given string matches the pattern (which may contain ?
@ -137,7 +140,7 @@ match_pattern_list(const char *string, const char *pattern, u_int len,
i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
subi++, i++)
sub[subi] = dolower && isupper(pattern[i]) ?
tolower(pattern[i]) : pattern[i];
(char)tolower(pattern[i]) : pattern[i];
/* If subpattern too long, return failure (no match). */
if (subi >= sizeof(sub) - 1)
return 0;

4
crypto/dist/ssh/match.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: match.h,v 1.1.1.8 2002/03/08 01:20:47 itojun Exp $ */
/* $OpenBSD: match.h,v 1.12 2002/03/01 13:12:10 markus Exp $ */
/* $NetBSD: match.h,v 1.1.1.9 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: match.h,v 1.13 2006/03/25 22:22:43 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>

74
crypto/dist/ssh/md-sha256.c vendored Normal file
View File

@ -0,0 +1,74 @@
/* $NetBSD: md-sha256.c,v 1.1.1.1 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: md-sha256.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2005 Damien Miller <djm@openbsd.org>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
/* EVP wrapper for SHA256 */
#include <sys/types.h>
#include <openssl/evp.h>
#include <sha2.h>
#include <string.h>
const EVP_MD *evp_ssh_sha256(void);
static int
ssh_sha256_init(EVP_MD_CTX *ctxt)
{
SHA256_Init(ctxt->md_data);
return (1);
}
static int
ssh_sha256_update(EVP_MD_CTX *ctxt, const void *data, unsigned long len)
{
SHA256_Update(ctxt->md_data, data, len);
return (1);
}
static int
ssh_sha256_final(EVP_MD_CTX *ctxt, unsigned char *digest)
{
SHA256_Final(digest, ctxt->md_data);
return (1);
}
static int
ssh_sha256_cleanup(EVP_MD_CTX *ctxt)
{
memset(ctxt->md_data, 0, sizeof(SHA256_CTX));
return (1);
}
const EVP_MD *
evp_ssh_sha256(void)
{
static EVP_MD ssh_sha256;
memset(&ssh_sha256, 0, sizeof(ssh_sha256));
ssh_sha256.type = NID_undef;
ssh_sha256.md_size = SHA256_DIGEST_LENGTH;
ssh_sha256.init = ssh_sha256_init;
ssh_sha256.update = ssh_sha256_update;
ssh_sha256.final = ssh_sha256_final;
ssh_sha256.cleanup = ssh_sha256_cleanup;
ssh_sha256.block_size = SHA256_BLOCK_LENGTH;
ssh_sha256.ctx_size = sizeof(SHA256_CTX);
return (&ssh_sha256);
}

156
crypto/dist/ssh/misc.c vendored
View File

@ -1,7 +1,8 @@
/* $NetBSD: misc.c,v 1.1.1.12 2006/02/04 22:22:47 christos Exp $ */
/* $NetBSD: misc.c,v 1.1.1.13 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: misc.c,v 1.64 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005 Damien Miller. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@ -24,14 +25,29 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: misc.c,v 1.42 2006/01/31 10:19:02 djm Exp $");
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/param.h>
#include <net/if.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <errno.h>
#include <fcntl.h>
#include <paths.h>
#include <pwd.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include "xmalloc.h"
#include "misc.h"
#include "log.h"
#include "xmalloc.h"
#include "ssh.h"
/* remove newline at end of string */
char *
@ -122,6 +138,7 @@ set_nodelay(int fd)
/* Characters considered whitespace in strsep calls. */
#define WHITESPACE " \t\r\n"
#define QUOTE "\""
/* return next token in configuration line */
char *
@ -135,15 +152,27 @@ strdelim(char **s)
old = *s;
*s = strpbrk(*s, WHITESPACE "=");
*s = strpbrk(*s, WHITESPACE QUOTE "=");
if (*s == NULL)
return (old);
if (*s[0] == '\"') {
memmove(*s, *s + 1, strlen(*s)); /* move nul too */
/* Find matching quote */
if ((*s = strpbrk(*s, QUOTE)) == NULL) {
return (NULL); /* no matching quote */
} else {
*s[0] = '\0';
return (old);
}
}
/* Allow only one '=' to be skipped */
if (*s[0] == '=')
wspace = 1;
*s[0] = '\0';
/* Skip any extra whitespace after first token */
*s += strspn(*s + 1, WHITESPACE) + 1;
if (*s[0] == '=' && !wspace)
*s += strspn(*s + 1, WHITESPACE) + 1;
@ -154,9 +183,8 @@ strdelim(char **s)
struct passwd *
pwcopy(struct passwd *pw)
{
struct passwd *copy = xmalloc(sizeof(*copy));
struct passwd *copy = xcalloc(1, sizeof(*copy));
memset(copy, 0, sizeof(*copy));
copy->pw_name = xstrdup(pw->pw_name);
copy->pw_passwd = xstrdup(pw->pw_passwd);
copy->pw_gecos = xstrdup(pw->pw_gecos);
@ -273,6 +301,7 @@ convtime(const char *s)
switch (*endp++) {
case '\0':
endp--;
break;
case 's':
case 'S':
break;
@ -304,6 +333,23 @@ convtime(const char *s)
return total;
}
/*
* Returns a standardized host+port identifier string.
* Caller must free returned string.
*/
char *
put_host_port(const char *host, u_short port)
{
char *hoststr;
if (port == 0 || port == SSH_DEFAULT_PORT)
return(xstrdup(host));
if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0)
fatal("put_host_port: asprintf: %s", strerror(errno));
debug3("put_host_port: %s", hoststr);
return hoststr;
}
/*
* Search for next delimiter between hostnames/addresses and ports.
* Argument may be modified (for termination).
@ -401,7 +447,7 @@ addargs(arglist *args, char *fmt, ...)
} else if (args->num+2 >= nalloc)
nalloc *= 2;
args->list = xrealloc(args->list, nalloc * sizeof(char *));
args->list = xrealloc(args->list, nalloc, sizeof(char *));
args->nalloc = nalloc;
args->list[args->num++] = cp;
args->list[args->num] = NULL;
@ -659,18 +705,100 @@ sanitise_stdfd(void)
}
char *
tohex(const u_char *d, u_int l)
tohex(const void *vp, size_t l)
{
const u_char *p = (const u_char *)vp;
char b[3], *r;
u_int i, hl;
size_t i, hl;
if (l > 65536)
return xstrdup("tohex: length > 65536");
hl = l * 2 + 1;
r = xmalloc(hl);
*r = '\0';
r = xcalloc(1, hl);
for (i = 0; i < l; i++) {
snprintf(b, sizeof(b), "%02x", d[i]);
snprintf(b, sizeof(b), "%02x", p[i]);
strlcat(r, b, hl);
}
return (r);
}
u_int64_t
get_u64(const void *vp)
{
const u_char *p = (const u_char *)vp;
u_int64_t v;
v = (u_int64_t)p[0] << 56;
v |= (u_int64_t)p[1] << 48;
v |= (u_int64_t)p[2] << 40;
v |= (u_int64_t)p[3] << 32;
v |= (u_int64_t)p[4] << 24;
v |= (u_int64_t)p[5] << 16;
v |= (u_int64_t)p[6] << 8;
v |= (u_int64_t)p[7];
return (v);
}
u_int32_t
get_u32(const void *vp)
{
const u_char *p = (const u_char *)vp;
u_int32_t v;
v = (u_int32_t)p[0] << 24;
v |= (u_int32_t)p[1] << 16;
v |= (u_int32_t)p[2] << 8;
v |= (u_int32_t)p[3];
return (v);
}
u_int16_t
get_u16(const void *vp)
{
const u_char *p = (const u_char *)vp;
u_int16_t v;
v = (u_int16_t)p[0] << 8;
v |= (u_int16_t)p[1];
return (v);
}
void
put_u64(void *vp, u_int64_t v)
{
u_char *p = (u_char *)vp;
p[0] = (u_char)(v >> 56) & 0xff;
p[1] = (u_char)(v >> 48) & 0xff;
p[2] = (u_char)(v >> 40) & 0xff;
p[3] = (u_char)(v >> 32) & 0xff;
p[4] = (u_char)(v >> 24) & 0xff;
p[5] = (u_char)(v >> 16) & 0xff;
p[6] = (u_char)(v >> 8) & 0xff;
p[7] = (u_char)v & 0xff;
}
void
put_u32(void *vp, u_int32_t v)
{
u_char *p = (u_char *)vp;
p[0] = (u_char)(v >> 24) & 0xff;
p[1] = (u_char)(v >> 16) & 0xff;
p[2] = (u_char)(v >> 8) & 0xff;
p[3] = (u_char)v & 0xff;
}
void
put_u16(void *vp, u_int16_t v)
{
u_char *p = (u_char *)vp;
p[0] = (u_char)(v >> 8) & 0xff;
p[1] = (u_char)v & 0xff;
}

49
crypto/dist/ssh/misc.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: misc.h,v 1.1.1.11 2006/02/04 22:22:47 christos Exp $ */
/* $OpenBSD: misc.h,v 1.29 2006/01/31 10:19:02 djm Exp $ */
/* $NetBSD: misc.h,v 1.1.1.12 2006/09/28 21:15:10 christos Exp $ */
/* $OpenBSD: misc.h,v 1.36 2006/08/18 10:27:16 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -13,6 +13,9 @@
* called by a name other than "ssh" or "Secure Shell".
*/
#ifndef _MISC_H
#define _MISC_H
/* misc.c */
char *chop(char *);
@ -22,13 +25,14 @@ int unset_nonblock(int);
void set_nodelay(int);
int a2port(const char *);
int a2tun(const char *, int *);
char *put_host_port(const char *, u_short);
char *hpdelim(char **);
char *cleanhostname(char *);
char *colon(char *);
long convtime(const char *);
char *tilde_expand_filename(const char *, uid_t);
char *percent_expand(const char *, ...) __attribute__((__sentinel__));
char *tohex(const u_char *, u_int);
char *tohex(const void *, size_t);
void sanitise_stdfd(void);
struct passwd *pwcopy(struct passwd *);
@ -45,17 +49,6 @@ void replacearg(arglist *, u_int, char *, ...)
__attribute__((format(printf, 3, 4)));
void freeargs(arglist *);
/* readpass.c */
#define RP_ECHO 0x0001
#define RP_ALLOW_STDIN 0x0002
#define RP_ALLOW_EOF 0x0004
#define RP_USE_ASKPASS 0x0008
char *read_passphrase(const char *, int);
int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
int tun_open(int, int);
/* Common definitions for ssh tunnel device forwarding */
@ -68,3 +61,31 @@ int tun_open(int, int);
#define SSH_TUNID_ANY 0x7fffffff
#define SSH_TUNID_ERR (SSH_TUNID_ANY - 1)
#define SSH_TUNID_MAX (SSH_TUNID_ANY - 2)
/* Functions to extract or store big-endian words of various sizes */
u_int64_t get_u64(const void *)
__attribute__((__bounded__( __minbytes__, 1, 8)));
u_int32_t get_u32(const void *)
__attribute__((__bounded__( __minbytes__, 1, 4)));
u_int16_t get_u16(const void *)
__attribute__((__bounded__( __minbytes__, 1, 2)));
void put_u64(void *, u_int64_t)
__attribute__((__bounded__( __minbytes__, 1, 8)));
void put_u32(void *, u_int32_t)
__attribute__((__bounded__( __minbytes__, 1, 4)));
void put_u16(void *, u_int16_t)
__attribute__((__bounded__( __minbytes__, 1, 2)));
/* readpass.c */
#define RP_ECHO 0x0001
#define RP_ALLOW_STDIN 0x0002
#define RP_ALLOW_EOF 0x0004
#define RP_USE_ASKPASS 0x0008
char *read_passphrase(const char *, int);
int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
#endif /* _MISC_H */

32
crypto/dist/ssh/moduli.c vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: moduli.c,v 1.1.1.3 2006/02/04 22:22:48 christos Exp $ */
/* $OpenBSD: moduli.c,v 1.12 2005/07/17 07:17:55 djm Exp $ */
/* $NetBSD: moduli.c,v 1.1.1.4 2006/09/28 21:15:11 christos Exp $ */
/* $OpenBSD: moduli.c,v 1.18 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright 1994 Phil Karn <karn@qualcomm.com>
* Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com>
@ -38,12 +38,19 @@
* Second step: test primes' safety (processor intensive)
*/
#include "includes.h"
#include "xmalloc.h"
#include "log.h"
#include <sys/types.h>
#include <openssl/bn.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include <time.h>
#include "xmalloc.h"
#include "log.h"
/*
* File output defines
*/
@ -302,21 +309,10 @@ gen_candidates(FILE *out, u_int32_t memory, u_int32_t power, BIGNUM *start)
largewords = (largememory << SHIFT_MEGAWORD);
}
TinySieve = calloc(tinywords, sizeof(u_int32_t));
if (TinySieve == NULL) {
error("Insufficient memory for tiny sieve: need %u bytes",
tinywords << SHIFT_BYTE);
exit(1);
}
TinySieve = xcalloc(tinywords, sizeof(u_int32_t));
tinybits = tinywords << SHIFT_WORD;
SmallSieve = calloc(smallwords, sizeof(u_int32_t));
if (SmallSieve == NULL) {
error("Insufficient memory for small sieve: need %u bytes",
smallwords << SHIFT_BYTE);
xfree(TinySieve);
exit(1);
}
SmallSieve = xcalloc(smallwords, sizeof(u_int32_t));
smallbits = smallwords << SHIFT_WORD;
/*

75
crypto/dist/ssh/monitor.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: monitor.c,v 1.1.1.9 2006/02/04 22:22:54 christos Exp $ */
/* $NetBSD: monitor.c,v 1.1.1.10 2006/09/28 21:15:12 christos Exp $ */
/* $OpenBSD: monitor.c,v 1.88 2006/08/12 20:46:46 miod Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -25,20 +26,36 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: monitor.c,v 1.64 2005/10/13 22:24:31 stevesk Exp $");
#include <sys/types.h>
#include <sys/wait.h>
#include <sys/socket.h>
#include <sys/tree.h>
#include <sys/param.h>
#include <openssl/dh.h>
#include <errno.h>
#include <fcntl.h>
#include <paths.h>
#include <pwd.h>
#include <signal.h>
#include <stdlib.h>
#include <string.h>
#ifdef SKEY
#include <skey.h>
#endif
#include "xmalloc.h"
#include "ssh.h"
#include "key.h"
#include "buffer.h"
#include "hostfile.h"
#include "auth.h"
#include "cipher.h"
#include "kex.h"
#include "dh.h"
#include "zlib.h"
#include <zlib.h>
#include "packet.h"
#include "auth-options.h"
#include "sshpty.h"
@ -50,17 +67,16 @@ RCSID("$OpenBSD: monitor.c,v 1.64 2005/10/13 22:24:31 stevesk Exp $");
#include "servconf.h"
#include "monitor.h"
#include "monitor_mm.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
#include "monitor_fdpass.h"
#include "xmalloc.h"
#include "misc.h"
#include "buffer.h"
#include "bufaux.h"
#include "compat.h"
#include "ssh2.h"
#ifdef GSSAPI
#include "ssh-gss.h"
static Gssctxt *gsscontext = NULL;
#endif
@ -152,6 +168,7 @@ struct mon_table {
#define MON_ISAUTH 0x0004 /* Required for Authentication */
#define MON_AUTHDECIDE 0x0008 /* Decides Authentication */
#define MON_ONCE 0x0010 /* Disable after calling */
#define MON_ALOG 0x0020 /* Log auth attempt without authenticating */
#define MON_AUTH (MON_ISAUTH|MON_AUTHDECIDE)
@ -166,7 +183,7 @@ struct mon_table mon_dispatch_proto20[] = {
{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
#ifdef BSD_AUTH
{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond},
{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond},
#endif
#ifdef SKEY
{MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
@ -197,13 +214,13 @@ struct mon_table mon_dispatch_proto15[] = {
{MONITOR_REQ_SESSKEY, MON_ONCE, mm_answer_sesskey},
{MONITOR_REQ_SESSID, MON_ONCE, mm_answer_sessid},
{MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword},
{MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH, mm_answer_rsa_keyallowed},
{MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed},
{MONITOR_REQ_RSAKEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_rsa_keyallowed},
{MONITOR_REQ_KEYALLOWED, MON_ISAUTH|MON_ALOG, mm_answer_keyallowed},
{MONITOR_REQ_RSACHALLENGE, MON_ONCE, mm_answer_rsa_challenge},
{MONITOR_REQ_RSARESPONSE, MON_ONCE|MON_AUTHDECIDE, mm_answer_rsa_response},
#ifdef BSD_AUTH
{MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery},
{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH,mm_answer_bsdauthrespond},
{MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond},
#endif
#ifdef SKEY
{MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery},
@ -275,6 +292,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
/* The first few requests do not require asynchronous access */
while (!authenticated) {
auth_method = "unknown";
authenticated = monitor_read(pmonitor, mon_dispatch, &ent);
if (authenticated) {
if (!(ent->flags & MON_AUTHDECIDE))
@ -285,7 +303,7 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
authenticated = 0;
}
if (ent->flags & MON_AUTHDECIDE) {
if (ent->flags & (MON_AUTHDECIDE|MON_ALOG)) {
auth_log(authctxt, authenticated, auth_method,
compat20 ? " ssh2" : "");
if (!authenticated)
@ -295,6 +313,8 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
if (!authctxt->valid)
fatal("%s: authenticated invalid user", __func__);
if (strcmp(auth_method, "unknown") == 0)
fatal("%s: authentication method name unknown", __func__);
debug("%s: %s has been authenticated by privileged process",
__func__, authctxt->user);
@ -474,7 +494,11 @@ mm_answer_sign(int sock, Buffer *m)
keyid = buffer_get_int(m);
p = buffer_get_string(m, &datlen);
if (datlen != 20)
/*
* Supported KEX types will only return SHA1 (20 byte) or
* SHA256 (32 byte) hashes
*/
if (datlen != 20 && datlen != 32)
fatal("%s: data length incorrect: %u", __func__, datlen);
/* save session id, it will be passed on the first call */
@ -777,17 +801,20 @@ mm_answer_keyallowed(int sock, Buffer *m)
case MM_USERKEY:
allowed = options.pubkey_authentication &&
user_key_allowed(authctxt->pw, key);
auth_method = "publickey";
break;
case MM_HOSTKEY:
allowed = options.hostbased_authentication &&
hostbased_key_allowed(authctxt->pw,
cuser, chost, key);
auth_method = "hostbased";
break;
case MM_RSAHOSTKEY:
key->type = KEY_RSA1; /* XXX */
allowed = options.rhosts_rsa_authentication &&
auth_rhosts_rsa_key_allowed(authctxt->pw,
cuser, chost, key);
auth_method = "rsa";
break;
default:
fatal("%s: unknown key type %d", __func__, type);
@ -807,6 +834,12 @@ mm_answer_keyallowed(int sock, Buffer *m)
key_blobtype = type;
hostbased_cuser = cuser;
hostbased_chost = chost;
} else {
/* Log failed attempt */
auth_log(authctxt, 0, auth_method, compat20 ? " ssh2" : "");
xfree(blob);
xfree(cuser);
xfree(chost);
}
debug3("%s: key %p is %s",
@ -1008,7 +1041,7 @@ mm_record_login(Session *s, struct passwd *pw)
fromlen = sizeof(from);
if (packet_connection_is_on_socket()) {
if (getpeername(packet_get_connection_in(),
(struct sockaddr *) & from, &fromlen) < 0) {
(struct sockaddr *)&from, &fromlen) < 0) {
debug("getpeername: %.100s", strerror(errno));
cleanup_exit(255);
}
@ -1024,7 +1057,7 @@ mm_session_close(Session *s)
{
debug3("%s: session %d pid %ld", __func__, s->self, (long)s->pid);
if (s->ttyfd != -1) {
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ptyfd);
session_pty_cleanup2(s);
}
s->used = 0;
@ -1084,7 +1117,7 @@ mm_answer_pty(int sock, Buffer *m)
/* no need to dup() because nobody closes ptyfd */
s->ptymaster = s->ptyfd;
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd);
debug3("%s: tty %s ptyfd %d", __func__, s->tty, s->ttyfd);
return (0);
@ -1171,6 +1204,7 @@ mm_answer_rsa_keyallowed(int sock, Buffer *m)
debug3("%s entering", __func__);
auth_method = "rsa";
if (options.rsa_authentication && authctxt->valid) {
if ((client_n = BN_new()) == NULL)
fatal("%s: BN_new", __func__);
@ -1365,8 +1399,7 @@ mm_get_kex(Buffer *m)
void *blob;
u_int bloblen;
kex = xmalloc(sizeof(*kex));
memset(kex, 0, sizeof(*kex));
kex = xcalloc(1, sizeof(*kex));
kex->session_id = buffer_get_string(m, &kex->session_id_len);
if ((session_id2 == NULL) ||
(kex->session_id_len != session_id2_len) ||
@ -1376,6 +1409,7 @@ mm_get_kex(Buffer *m)
kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
kex->kex[KEX_DH_GRP14_SHA1] = kexdh_server;
kex->kex[KEX_DH_GEX_SHA1] = kexgex_server;
kex->kex[KEX_DH_GEX_SHA256] = kexgex_server;
kex->server = 1;
kex->hostkey_type = buffer_get_int(m);
kex->kex_type = buffer_get_int(m);
@ -1530,9 +1564,8 @@ monitor_init(void)
struct monitor *mon;
int pair[2];
mon = xmalloc(sizeof(*mon));
mon = xcalloc(1, sizeof(*mon));
mon->m_pid = 0;
monitor_socketpair(pair);
mon->m_recvfd = pair[0];

4
crypto/dist/ssh/monitor.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: monitor.h,v 1.1.1.5 2005/02/13 00:53:03 christos Exp $ */
/* $OpenBSD: monitor.h,v 1.13 2003/11/17 11:06:07 markus Exp $ */
/* $NetBSD: monitor.h,v 1.1.1.6 2006/09/28 21:15:12 christos Exp $ */
/* $OpenBSD: monitor.h,v 1.14 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>

12
crypto/dist/ssh/monitor_fdpass.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: monitor_fdpass.c,v 1.1.1.4 2005/02/13 00:53:04 christos Exp $ */
/* $NetBSD: monitor_fdpass.c,v 1.1.1.5 2006/09/28 21:15:12 christos Exp $ */
/* $OpenBSD: monitor_fdpass.c,v 1.12 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright 2001 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
@ -24,11 +25,14 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: monitor_fdpass.c,v 1.6 2004/08/13 02:51:48 djm Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/uio.h>
#include <errno.h>
#include <string.h>
#include <stdarg.h>
#include "log.h"
#include "monitor_fdpass.h"

4
crypto/dist/ssh/monitor_fdpass.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: monitor_fdpass.h,v 1.1.1.1 2002/04/22 07:38:02 itojun Exp $ */
/* $OpenBSD: monitor_fdpass.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */
/* $NetBSD: monitor_fdpass.h,v 1.1.1.2 2006/09/28 21:15:12 christos Exp $ */
/* $OpenBSD: monitor_fdpass.h,v 1.3 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>

15
crypto/dist/ssh/monitor_mm.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: monitor_mm.c,v 1.1.1.4 2005/02/13 00:53:04 christos Exp $ */
/* $NetBSD: monitor_mm.c,v 1.1.1.5 2006/09/28 21:15:12 christos Exp $ */
/* $OpenBSD: monitor_mm.c,v 1.15 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* All rights reserved.
@ -24,13 +25,17 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: monitor_mm.c,v 1.9 2004/05/11 19:01:43 deraadt Exp $");
#include <sys/types.h>
#include <sys/mman.h>
#include <sys/tree.h>
#include <sys/param.h>
#include <errno.h>
#include <string.h>
#include <stdarg.h>
#include "ssh.h"
#include "xmalloc.h"
#include "ssh.h"
#include "log.h"
#include "monitor_mm.h"

5
crypto/dist/ssh/monitor_mm.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: monitor_mm.h,v 1.1.1.1 2002/04/22 07:38:03 itojun Exp $ */
/* $OpenBSD: monitor_mm.h,v 1.2 2002/03/26 03:24:01 stevesk Exp $ */
/* $NetBSD: monitor_mm.h,v 1.1.1.2 2006/09/28 21:15:12 christos Exp $ */
/* $OpenBSD: monitor_mm.h,v 1.4 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@ -28,7 +28,6 @@
#ifndef _MM_H_
#define _MM_H_
#include <sys/tree.h>
struct mm_share {
RB_ENTRY(mm_share) next;

59
crypto/dist/ssh/monitor_wrap.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: monitor_wrap.c,v 1.1.1.7 2006/02/04 22:22:55 christos Exp $ */
/* $NetBSD: monitor_wrap.c,v 1.1.1.8 2006/09/28 21:15:13 christos Exp $ */
/* $OpenBSD: monitor_wrap.c,v 1.54 2006/08/12 20:46:46 miod Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@ -25,37 +26,44 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: monitor_wrap.c,v 1.40 2005/05/24 17:32:43 avsm Exp $");
#include <sys/types.h>
#include <sys/uio.h>
#include <openssl/bn.h>
#include <openssl/dh.h>
#include <errno.h>
#include <pwd.h>
#include <signal.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include "xmalloc.h"
#include "ssh.h"
#include "dh.h"
#include "buffer.h"
#include "key.h"
#include "cipher.h"
#include "kex.h"
#include "hostfile.h"
#include "auth.h"
#include "auth-options.h"
#include "buffer.h"
#include "bufaux.h"
#include "packet.h"
#include "mac.h"
#include "log.h"
#include "zlib.h"
#include <zlib.h>
#include "monitor.h"
#include "monitor_wrap.h"
#include "xmalloc.h"
#include "atomicio.h"
#include "monitor_fdpass.h"
#include "getput.h"
#include "auth.h"
#include "channels.h"
#include "session.h"
#ifdef GSSAPI
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
#include "atomicio.h"
#include "monitor_fdpass.h"
#include "misc.h"
#include "channels.h"
#include "session.h"
/* Imports */
extern int compat20;
@ -84,7 +92,7 @@ mm_request_send(int sock, enum monitor_reqtype type, Buffer *m)
debug3("%s entering: type %d", __func__, type);
PUT_32BIT(buf, mlen + 1);
put_u32(buf, mlen + 1);
buf[4] = (u_char) type; /* 1st byte of payload is mesg-type */
if (atomicio(vwrite, sock, buf, sizeof(buf)) != sizeof(buf))
fatal("%s: write: %s", __func__, strerror(errno));
@ -105,7 +113,7 @@ mm_request_receive(int sock, Buffer *m)
cleanup_exit(255);
fatal("%s: read: %s", __func__, strerror(errno));
}
msg_len = GET_32BIT(buf);
msg_len = get_u32(buf);
if (msg_len > 256 * 1024)
fatal("%s: read: bad msg_len %d", __func__, msg_len);
buffer_clear(m);
@ -628,7 +636,7 @@ mm_send_keystate(struct monitor *monitor)
}
int
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
mm_pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
{
Buffer m;
char *p, *msg;
@ -722,8 +730,8 @@ mm_chall_setup(char **name, char **infotxt, u_int *numprompts,
*name = xstrdup("");
*infotxt = xstrdup("");
*numprompts = 1;
*prompts = xmalloc(*numprompts * sizeof(char *));
*echo_on = xmalloc(*numprompts * sizeof(u_int));
*prompts = xcalloc(*numprompts, sizeof(char *));
*echo_on = xcalloc(*numprompts, sizeof(u_int));
(*echo_on)[0] = 0;
}
@ -790,9 +798,8 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
u_int *numprompts, char ***prompts, u_int **echo_on)
{
Buffer m;
int len;
u_int success;
char *p, *challenge;
char *challenge;
debug3("%s: entering", __func__);
@ -816,11 +823,7 @@ mm_skey_query(void *ctx, char **name, char **infotxt,
mm_chall_setup(name, infotxt, numprompts, prompts, echo_on);
len = strlen(challenge) + strlen(SKEY_PROMPT) + 1;
p = xmalloc(len);
strlcpy(p, challenge, len);
strlcat(p, SKEY_PROMPT, len);
(*prompts)[0] = p;
xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT);
xfree(challenge);
return (0);

12
crypto/dist/ssh/monitor_wrap.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: monitor_wrap.h,v 1.1.1.4 2005/02/13 00:53:04 christos Exp $ */
/* $OpenBSD: monitor_wrap.h,v 1.14 2004/06/21 17:36:31 avsm Exp $ */
/* $NetBSD: monitor_wrap.h,v 1.1.1.5 2006/09/28 21:15:13 christos Exp $ */
/* $OpenBSD: monitor_wrap.h,v 1.20 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@ -28,8 +28,6 @@
#ifndef _MM_WRAP_H_
#define _MM_WRAP_H_
#include "key.h"
#include "buffer.h"
extern int use_privsep;
#define PRIVSEP(x) (use_privsep ? mm_##x : x)
@ -38,7 +36,6 @@ enum mm_keytype {MM_NOKEY, MM_HOSTKEY, MM_USERKEY, MM_RSAHOSTKEY, MM_RSAUSERKEY}
struct monitor;
struct mm_master;
struct passwd;
struct Authctxt;
int mm_is_monitor(void);
@ -58,7 +55,6 @@ int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *);
BIGNUM *mm_auth_rsa_generate_challenge(Key *);
#ifdef GSSAPI
#include "ssh-gss.h"
OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
@ -68,7 +64,7 @@ OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
struct Session;
void mm_terminate(void);
int mm_pty_allocate(int *, int *, char *, int);
int mm_pty_allocate(int *, int *, char *, size_t);
void mm_session_pty_cleanup2(struct Session *);
/* SSHv1 interfaces */
@ -97,4 +93,4 @@ void *mm_zalloc(struct mm_master *, u_int, u_int);
void mm_zfree(struct mm_master *, void *);
void mm_init_compression(struct mm_master *);
#endif /* _MM_H_ */
#endif /* _MM_WRAP_H_ */

20
crypto/dist/ssh/msg.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: msg.c,v 1.1.1.6 2006/02/04 22:22:55 christos Exp $ */
/* $NetBSD: msg.c,v 1.1.1.7 2006/09/28 21:15:13 christos Exp $ */
/* $OpenBSD: msg.c,v 1.15 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 2002 Markus Friedl. All rights reserved.
*
@ -22,14 +23,21 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: msg.c,v 1.8 2005/05/24 17:32:43 avsm Exp $");
#include <sys/types.h>
#include <sys/uio.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <stdarg.h>
#include "buffer.h"
#include "getput.h"
#include "log.h"
#include "atomicio.h"
#include "msg.h"
#include "misc.h"
int
ssh_msg_send(int fd, u_char type, Buffer *m)
@ -39,7 +47,7 @@ ssh_msg_send(int fd, u_char type, Buffer *m)
debug3("ssh_msg_send: type %u", (unsigned int)type & 0xff);
PUT_32BIT(buf, mlen + 1);
put_u32(buf, mlen + 1);
buf[4] = type; /* 1st byte of payload is mesg-type */
if (atomicio(vwrite, fd, buf, sizeof(buf)) != sizeof(buf)) {
error("ssh_msg_send: write");
@ -65,7 +73,7 @@ ssh_msg_recv(int fd, Buffer *m)
error("ssh_msg_recv: read: header");
return (-1);
}
msg_len = GET_32BIT(buf);
msg_len = get_u32(buf);
if (msg_len > 256 * 1024) {
error("ssh_msg_recv: read: bad msg_len %u", msg_len);
return (-1);

4
crypto/dist/ssh/msg.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: msg.h,v 1.1.1.3 2005/02/13 00:53:04 christos Exp $ */
/* $OpenBSD: msg.h,v 1.3 2003/11/17 09:45:39 djm Exp $ */
/* $NetBSD: msg.h,v 1.1.1.4 2006/09/28 21:15:13 christos Exp $ */
/* $OpenBSD: msg.h,v 1.4 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright (c) 2002 Markus Friedl. All rights reserved.
*

8
crypto/dist/ssh/myproposal.h vendored
View File

@ -1,5 +1,5 @@
/* $NetBSD: myproposal.h,v 1.1.1.10 2006/02/04 22:22:55 christos Exp $ */
/* $OpenBSD: myproposal.h,v 1.18 2005/07/25 11:59:39 markus Exp $ */
/* $NetBSD: myproposal.h,v 1.1.1.11 2006/09/28 21:15:13 christos Exp $ */
/* $OpenBSD: myproposal.h,v 1.21 2006/03/25 22:22:43 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -24,7 +24,9 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#define KEX_DEFAULT_KEX "diffie-hellman-group-exchange-sha1," \
#define KEX_DEFAULT_KEX \
"diffie-hellman-group-exchange-sha256," \
"diffie-hellman-group-exchange-sha1," \
"diffie-hellman-group14-sha1," \
"diffie-hellman-group1-sha1"
#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss"

11
crypto/dist/ssh/nchan.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: nchan.c,v 1.1.1.13 2005/02/13 00:53:04 christos Exp $ */
/* $NetBSD: nchan.c,v 1.1.1.14 2006/09/28 21:15:13 christos Exp $ */
/* $OpenBSD: nchan.c,v 1.57 2006/08/03 03:34:42 deraadt Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
@ -23,8 +24,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: nchan.c,v 1.51 2004/07/11 17:48:47 deraadt Exp $");
#include <sys/types.h>
#include <sys/socket.h>
#include <errno.h>
#include <string.h>
#include <stdarg.h>
#include "ssh1.h"
#include "ssh2.h"

76
crypto/dist/ssh/packet.c vendored
View File

@ -1,4 +1,5 @@
/* $NetBSD: packet.c,v 1.1.1.19 2006/02/04 22:22:56 christos Exp $ */
/* $NetBSD: packet.c,v 1.1.1.20 2006/09/28 21:15:14 christos Exp $ */
/* $OpenBSD: packet.c,v 1.144 2006/09/16 19:53:37 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -37,27 +38,36 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
RCSID("$OpenBSD: packet.c,v 1.120 2005/10/30 08:52:17 djm Exp $");
#include <sys/types.h>
#include <sys/queue.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/param.h>
#include <netinet/in_systm.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <signal.h>
#include "xmalloc.h"
#include "buffer.h"
#include "packet.h"
#include "bufaux.h"
#include "crc32.h"
#include "getput.h"
#include "compress.h"
#include "deattack.h"
#include "channels.h"
#include "compat.h"
#include "ssh1.h"
#include "ssh2.h"
#include "cipher.h"
#include "key.h"
#include "kex.h"
#include "mac.h"
#include "log.h"
@ -259,6 +269,7 @@ packet_get_keyiv_len(int mode)
return (cipher_get_keyiv_len(cc));
}
void
packet_set_iv(int mode, u_char *dat)
{
@ -271,6 +282,7 @@ packet_set_iv(int mode, u_char *dat)
cipher_set_keyiv(cc, dat);
}
int
packet_get_ssh1_cipher(void)
{
@ -467,31 +479,37 @@ packet_put_char(int value)
buffer_append(&outgoing_packet, &ch, 1);
}
void
packet_put_int(u_int value)
{
buffer_put_int(&outgoing_packet, value);
}
void
packet_put_string(const void *buf, u_int len)
{
buffer_put_string(&outgoing_packet, buf, len);
}
void
packet_put_cstring(const char *str)
{
buffer_put_cstring(&outgoing_packet, str);
}
void
packet_put_raw(const void *buf, u_int len)
{
buffer_append(&outgoing_packet, buf, len);
}
void
packet_put_bignum(BIGNUM * value)
{
buffer_put_bignum(&outgoing_packet, value);
}
void
packet_put_bignum2(BIGNUM * value)
{
@ -545,7 +563,7 @@ packet_send1(void)
/* Add check bytes. */
checksum = ssh_crc32(buffer_ptr(&outgoing_packet),
buffer_len(&outgoing_packet));
PUT_32BIT(buf, checksum);
put_u32(buf, checksum);
buffer_append(&outgoing_packet, buf, 4);
#ifdef PACKET_DEBUG
@ -554,7 +572,7 @@ packet_send1(void)
#endif
/* Append to output. */
PUT_32BIT(buf, len);
put_u32(buf, len);
buffer_append(&output, buf, 4);
cp = buffer_append_space(&output, buffer_len(&outgoing_packet));
cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet),
@ -650,7 +668,7 @@ set_newkeys(int mode)
/*
* Delayed compression for SSH2 is enabled after authentication:
* This happans on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent,
* This happens on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent,
* and on the client side after a SSH2_MSG_USERAUTH_SUCCESS is received.
*/
static void
@ -757,7 +775,7 @@ packet_send2_wrapped(void)
/* packet_length includes payload, padding and padding length field */
packet_length = buffer_len(&outgoing_packet) - 4;
cp = buffer_ptr(&outgoing_packet);
PUT_32BIT(cp, packet_length);
put_u32(cp, packet_length);
cp[4] = padlen;
DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen));
@ -774,7 +792,7 @@ packet_send2_wrapped(void)
buffer_len(&outgoing_packet));
/* append unencrypted MAC */
if (mac && mac->enabled)
buffer_append(&output, (char *)macbuf, mac->mac_len);
buffer_append(&output, macbuf, mac->mac_len);
#ifdef PACKET_DEBUG
fprintf(stderr, "encrypted: ");
buffer_dump(&output);
@ -864,7 +882,7 @@ packet_read_seqnr(u_int32_t *seqnr_p)
char buf[8192];
DBG(debug("packet_read()"));
setp = (fd_set *)xmalloc(howmany(connection_in+1, NFDBITS) *
setp = (fd_set *)xcalloc(howmany(connection_in+1, NFDBITS),
sizeof(fd_mask));
/* Since we are blocking, ensure that all written packets have been sent. */
@ -955,7 +973,7 @@ packet_read_poll1(void)
return SSH_MSG_NONE;
/* Get length of incoming packet. */
cp = buffer_ptr(&input);
len = GET_32BIT(cp);
len = get_u32(cp);
if (len < 1 + 2 + 2 || len > 256 * 1024)
packet_disconnect("Bad packet length %u.", len);
padded_len = (len + 8) & ~7;
@ -974,9 +992,16 @@ packet_read_poll1(void)
* (C)1998 CORE-SDI, Buenos Aires Argentina
* Ariel Futoransky(futo@core-sdi.com)
*/
if (!receive_context.plaintext &&
detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED)
packet_disconnect("crc32 compensation attack: network attack detected");
if (!receive_context.plaintext) {
switch (detect_attack(buffer_ptr(&input), padded_len)) {
case DEATTACK_DETECTED:
packet_disconnect("crc32 compensation attack: "
"network attack detected");
case DEATTACK_DOS_DETECTED:
packet_disconnect("deattack denial of "
"service detected");
}
}
/* Decrypt data to incoming_packet. */
buffer_clear(&incoming_packet);
@ -1003,7 +1028,7 @@ packet_read_poll1(void)
len, buffer_len(&incoming_packet));
cp = (u_char *)buffer_ptr(&incoming_packet) + len - 4;
stored_checksum = GET_32BIT(cp);
stored_checksum = get_u32(cp);
if (checksum != stored_checksum)
packet_disconnect("Corrupted check bytes on input.");
buffer_consume_end(&incoming_packet, 4);
@ -1052,7 +1077,7 @@ packet_read_poll2(u_int32_t *seqnr_p)
cipher_crypt(&receive_context, cp, buffer_ptr(&input),
block_size);
cp = buffer_ptr(&incoming_packet);
packet_length = GET_32BIT(cp);
packet_length = get_u32(cp);
if (packet_length < 1 + 4 || packet_length > 256 * 1024) {
#ifdef PACKET_DEBUG
buffer_dump(&incoming_packet);
@ -1183,7 +1208,6 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
break;
default:
return type;
break;
}
} else {
type = packet_read_poll1();
@ -1206,7 +1230,6 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p)
if (type)
DBG(debug("received packet type %d", type));
return type;
break;
}
}
}
@ -1408,7 +1431,7 @@ packet_write_wait(void)
{
fd_set *setp;
setp = (fd_set *)xmalloc(howmany(connection_out + 1, NFDBITS) *
setp = (fd_set *)xcalloc(howmany(connection_out + 1, NFDBITS),
sizeof(fd_mask));
packet_write_poll();
while (packet_have_data_to_write()) {
@ -1473,8 +1496,7 @@ packet_set_interactive(int interactive)
/* Only set socket options if using a socket. */
if (!packet_connection_is_on_socket())
return;
if (interactive)
set_nodelay(connection_in);
set_nodelay(connection_in);
packet_set_tos(interactive);
}
@ -1535,7 +1557,7 @@ packet_send_ignore(int nbytes)
for (i = 0; i < nbytes; i++) {
if (i % 4 == 0)
rnd = arc4random();
packet_put_char(rnd & 0xff);
packet_put_char((u_char)rnd & 0xff);
rnd >>= 8;
}
}

Some files were not shown because too many files have changed in this diff Show More