import openssh 5.3

2009-12-27 01:07:02 +00:00 · 2009-12-27 01:07:02 +00:00 · 3fab09205c
commit 3fab09205c
parent 1b7f75f91e
4 changed files with 358 additions and 0 deletions
--- a/crypto/external/bsd/openssh/dist/roaming.h
+++ b/crypto/external/bsd/openssh/dist/roaming.h
@ -0,0 +1,39 @@
+/*	$NetBSD: roaming.h,v 1.1.1.1 2009/12/27 01:07:02 christos Exp $	*/
+/* $OpenBSD: roaming.h,v 1.4 2009/06/27 09:32:43 andreas Exp $ */
+/*
+ * Copyright (c) 2004-2009 AppGate Network Security AB
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef ROAMING_H
+#define ROAMING_H
+
+#define DEFAULT_ROAMBUF 65536
+
+extern int resume_in_progress;
+
+int	get_snd_buf_size(void);
+int	get_recv_buf_size(void);
+void	add_recv_bytes(u_int64_t);
+void	set_out_buffer_size(size_t);
+ssize_t	roaming_write(int, const void *, size_t, int *);
+ssize_t	roaming_read(int, void *, size_t, int *);
+size_t	roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t);
+u_int64_t	get_recv_bytes(void);
+u_int64_t	get_sent_bytes(void);
+void	roam_set_bytes(u_int64_t, u_int64_t);
+void	resend_bytes(int, u_int64_t *);
+int	resume_kex(void);
+
+#endif /* ROAMING */
--- a/crypto/external/bsd/openssh/dist/roaming_common.c
+++ b/crypto/external/bsd/openssh/dist/roaming_common.c
@ -0,0 +1,198 @@
+/*	$NetBSD: roaming_common.c,v 1.1.1.1 2009/12/27 01:07:02 christos Exp $	*/
+/* $OpenBSD: roaming_common.c,v 1.5 2009/06/27 09:32:43 andreas Exp $ */
+/*
+ * Copyright (c) 2004-2009 AppGate Network Security AB
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/uio.h>
+
+#include <errno.h>
+#include <inttypes.h>
+#include <stdarg.h>
+#include <string.h>
+#include <unistd.h>
+
+#include "atomicio.h"
+#include "log.h"
+#include "packet.h"
+#include "xmalloc.h"
+#include "cipher.h"
+#include "buffer.h"
+#include "roaming.h"
+
+static size_t out_buf_size = 0;
+static char *out_buf = NULL;
+static size_t out_start;
+static size_t out_last;
+
+static u_int64_t write_bytes = 0;
+static u_int64_t read_bytes = 0;
+
+int roaming_enabled = 0;
+int resume_in_progress = 0;
+
+int
+get_snd_buf_size()
+{
+	int fd = packet_get_connection_out();
+	int optval, optvallen;
+
+	optvallen = sizeof(optval);
+	if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &optval, &optvallen) != 0)
+		optval = DEFAULT_ROAMBUF;
+	return optval;
+}
+
+int
+get_recv_buf_size()
+{
+	int fd = packet_get_connection_in();
+	int optval, optvallen;
+
+	optvallen = sizeof(optval);
+	if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &optval, &optvallen) != 0)
+		optval = DEFAULT_ROAMBUF;
+	return optval;
+}
+
+void
+set_out_buffer_size(size_t size)
+{
+	/*
+	 * The buffer size can only be set once and the buffer will live
+	 * as long as the session lives.
+	 */
+	if (out_buf == NULL) {
+		out_buf_size = size;
+		out_buf = xmalloc(size);
+		out_start = 0;
+		out_last = 0;
+	}
+}
+
+u_int64_t
+get_recv_bytes(void)
+{
+	return read_bytes;
+}
+
+void
+add_recv_bytes(u_int64_t num)
+{
+	read_bytes += num;
+}
+
+u_int64_t
+get_sent_bytes(void)
+{
+	return write_bytes;
+}
+
+void
+roam_set_bytes(u_int64_t sent, u_int64_t recvd)
+{
+	read_bytes = recvd;
+	write_bytes = sent;
+}
+
+static void
+buf_append(const char *buf, size_t count)
+{
+	if (count > out_buf_size) {
+		buf += count - out_buf_size;
+		count = out_buf_size;
+	}
+	if (count < out_buf_size - out_last) {
+		memcpy(out_buf + out_last, buf, count);
+		if (out_start > out_last)
+			out_start += count;
+		out_last += count;
+	} else {
+		/* data will wrap */
+		size_t chunk = out_buf_size - out_last;
+		memcpy(out_buf + out_last, buf, chunk);
+		memcpy(out_buf, buf + chunk, count - chunk);
+		out_last = count - chunk;
+		out_start = out_last + 1;
+	}
+}
+
+ssize_t
+roaming_write(int fd, const void *buf, size_t count, int *cont)
+{
+	ssize_t ret;
+
+	ret = write(fd, buf, count);
+	if (ret > 0 && !resume_in_progress) {
+		write_bytes += ret;
+		if (out_buf_size > 0)
+			buf_append(buf, ret);
+	}
+	debug3("Wrote %ld bytes for a total of %llu", (long)ret,
+	    (unsigned long long)write_bytes);
+	return ret;
+}
+
+ssize_t
+roaming_read(int fd, void *buf, size_t count, int *cont)
+{
+	ssize_t ret = read(fd, buf, count);
+	if (ret > 0) {
+		if (!resume_in_progress) {
+			read_bytes += ret;
+		}
+	}
+	return ret;
+}
+
+size_t
+roaming_atomicio(ssize_t(*f)(int, void*, size_t), int fd, void *buf,
+    size_t count)
+{
+	size_t ret = atomicio(f, fd, buf, count);
+
+	if (f == vwrite && ret > 0 && !resume_in_progress) {
+		write_bytes += ret;
+	} else if (f == read && ret > 0 && !resume_in_progress) {
+		read_bytes += ret;
+	}
+	return ret;
+}
+
+void
+resend_bytes(int fd, u_int64_t *offset)
+{
+	size_t available, needed;
+
+	if (out_start < out_last)
+		available = out_last - out_start;
+	else
+		available = out_buf_size;
+	needed = write_bytes - *offset;
+	debug3("resend_bytes: resend %lu bytes from %llu",
+	    (unsigned long)needed, (unsigned long long)*offset);
+	if (needed > available)
+		fatal("Needed to resend more data than in the cache");
+	if (out_last < needed) {
+		int chunkend = needed - out_last;
+		atomicio(vwrite, fd, out_buf + out_buf_size - chunkend,
+		    chunkend);
+		atomicio(vwrite, fd, out_buf, out_last);
+	} else {
+		atomicio(vwrite, fd, out_buf + (out_last - needed), needed);
+	}
+}
--- a/crypto/external/bsd/openssh/dist/roaming_dummy.c
+++ b/crypto/external/bsd/openssh/dist/roaming_dummy.c
@ -0,0 +1,60 @@
+/*	$NetBSD: roaming_dummy.c,v 1.1.1.1 2009/12/27 01:07:02 christos Exp $	*/
+/* $OpenBSD: roaming_dummy.c,v 1.3 2009/06/21 09:04:03 dtucker Exp $ */
+/*
+ * Copyright (c) 2004-2009 AppGate Network Security AB
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+/*
+ * This file is included in the client programs which should not
+ * support roaming.
+ */
+
+#include <sys/types.h>
+#include <unistd.h>
+
+#include "roaming.h"
+
+int resume_in_progress = 0;
+
+u_int64_t
+get_recv_bytes(void)
+{
+	return 0;
+}
+
+ssize_t
+roaming_write(int fd, const void *buf, size_t count, int *cont)
+{
+	return write(fd, buf, count);
+}
+
+ssize_t
+roaming_read(int fd, void *buf, size_t count, int *cont)
+{
+	if (cont)
+		*cont = 0;
+	return read(fd, buf, count);
+}
+
+void
+add_recv_bytes(u_int64_t num)
+{
+}
+
+int
+resume_kex(void)
+{
+	return 1;
+}
--- a/crypto/external/bsd/openssh/dist/schnorr.h
+++ b/crypto/external/bsd/openssh/dist/schnorr.h
@ -0,0 +1,61 @@
+/*	$NetBSD: schnorr.h,v 1.1.1.1 2009/12/27 01:07:03 christos Exp $	*/
+/* $OpenBSD: schnorr.h,v 1.1 2009/03/05 07:18:19 djm Exp $ */
+/*
+ * Copyright (c) 2009 Damien Miller.  All rights reserved.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#ifndef SCHNORR_H
+#define SCHNORR_H
+
+#include <sys/types.h>
+
+#include <openssl/bn.h>
+
+struct modp_group {
+	BIGNUM *p, *q, *g;
+};
+
+BIGNUM *bn_rand_range_gt_one(const BIGNUM *high);
+int hash_buffer(const u_char *, u_int, const EVP_MD *, u_char **, u_int *);
+void debug3_bn(const BIGNUM *, const char *, ...)
+    __attribute__((__nonnull__ (2)))
+    __attribute__((format(printf, 2, 3)));
+void debug3_buf(const u_char *, u_int, const char *, ...)
+    __attribute__((__nonnull__ (3)))
+    __attribute__((format(printf, 3, 4)));
+struct modp_group *modp_group_from_g_and_safe_p(const char *, const char *);
+void modp_group_free(struct modp_group *);
+
+/* Signature and verification functions */
+int
+schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g,
+    const EVP_MD *evp_md, const BIGNUM *x, const BIGNUM *g_x,
+    const u_char *id, u_int idlen, BIGNUM **r_p, BIGNUM **e_p);
+int
+schnorr_sign_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g,
+    const BIGNUM *x, const BIGNUM *g_x, const u_char *id, u_int idlen,
+    u_char **sig, u_int *siglen);
+int
+schnorr_verify(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g,
+    const EVP_MD *evp_md, const BIGNUM *g_x, const u_char *id, u_int idlen,
+    const BIGNUM *r, const BIGNUM *e);
+int
+schnorr_verify_buf(const BIGNUM *grp_p, const BIGNUM *grp_q,
+    const BIGNUM *grp_g,
+    const BIGNUM *g_x, const u_char *id, u_int idlen,
+    const u_char *sig, u_int siglen);
+
+#endif /* JPAKE_H */
+