OpenSSH 2.9 as of 2001/6/24

2001-06-23 16:36:22 +00:00 · 2001-06-23 16:36:22 +00:00 · 6cc43ed622
commit 6cc43ed622
parent 3177727ba7
13 changed files with 247 additions and 139 deletions
--- a/crypto/dist/ssh/OVERVIEW
+++ b/crypto/dist/ssh/OVERVIEW
@ -1,9 +1,15 @@
 [Note: This file has not been updated for OpenSSH versions after
 OpenSSH-1.2 and should be considered OBSOLETE.  It has been left in
 the distribution because some of its information may still be useful
 to developers.]
 This document is intended for those who wish to read the ssh source
 code.  This tries to give an overview of the structure of the code.
 Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>
 Updated 17 Nov 1995.
 Updated 19 Oct 1999 for OpenSSH-1.2
 Updated 20 May 2001 note obsolete for > OpenSSH-1.2
 The software consists of ssh (client), sshd (server), scp, sdist, and
 the auxiliary programs ssh-keygen, ssh-agent, ssh-add, and
--- a/crypto/dist/ssh/auth-bsdauth.c
+++ b/crypto/dist/ssh/auth-bsdauth.c
@ -0,0 +1,117 @@
 /*	$NetBSD: auth-bsdauth.c,v 1.1.1.1 2001/06/23 16:36:59 itojun Exp $	*/
 /*
 * Copyright (c) 2001 Markus Friedl.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
 RCSID("$OpenBSD: auth-bsdauth.c,v 1.1 2001/05/18 14:13:28 markus Exp $");
 #ifdef BSD_AUTH
 #include "xmalloc.h"
 #include "auth.h"
 #include "log.h"
 static void *
 bsdauth_init_ctx(Authctxt *authctxt)
 {
 	return authctxt;
 }
 static int
 bsdauth_query(void *ctx, char **name, char **infotxt, 
   u_int *numprompts, char ***prompts, u_int **echo_on)
 {
        Authctxt *authctxt = ctx;
        char *challenge = NULL;
        if (authctxt->as != NULL) {
                debug2("bsdauth_query: try reuse session");
                challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE);
                if (challenge == NULL) {
                        auth_close(authctxt->as);
                        authctxt->as = NULL;
                }
        }
        if (challenge == NULL) {
                debug2("bsdauth_query: new bsd auth session");
                debug3("bsdauth_query: style %s",
 		    authctxt->style ? authctxt->style : "<default>");
                authctxt->as = auth_userchallenge(authctxt->user,
 		     authctxt->style, "auth-ssh", &challenge);
                if (authctxt->as == NULL)
                        challenge = NULL;
                debug2("bsdauth_query: <%s>", challenge ? challenge : "empty");
        }
        if (challenge == NULL)
                return -1;
        *name       = xstrdup("");
        *infotxt    = xstrdup("");
        *numprompts = 1;
        *prompts = xmalloc(*numprompts * sizeof(char*));
        *echo_on = xmalloc(*numprompts * sizeof(u_int));
        (*echo_on)[0] = 0;
        (*prompts)[0] = xstrdup(challenge);
        return 0;
 }
 static int
 bsdauth_respond(void *ctx, u_int numresponses, char **responses)
 {
        Authctxt *authctxt = ctx;
        int authok;
        if (authctxt->as == 0)
                error("bsdauth_respond: no bsd auth session");
        if (numresponses != 1)
                return -1;
        authok = auth_userresponse(authctxt->as, responses[0], 0);
        authctxt->as = NULL;
        debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok);
        return (authok == 0) ? -1 : 0;
 }
 static void
 bsdauth_free_ctx(void *ctx)
 {
        Authctxt *authctxt = ctx;
        if (authctxt && authctxt->as) {
                auth_close(authctxt->as);
                authctxt->as = NULL;
        }
 }
 KbdintDevice bsdauth_device = {
 	"bsdauth",
 	bsdauth_init_ctx,
 	bsdauth_query,
 	bsdauth_respond,
 	bsdauth_free_ctx
 };
 #endif
--- a/crypto/dist/ssh/auth-options.c
+++ b/crypto/dist/ssh/auth-options.c
@ -1,4 +1,4 @@
-/*	$NetBSD: auth-options.c,v 1.1.1.6 2001/04/10 07:13:48 itojun Exp $	*/
+/*	$NetBSD: auth-options.c,v 1.1.1.7 2001/06/23 16:36:23 itojun Exp $	*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -11,7 +11,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth-options.c,v 1.16 2001/03/18 12:07:52 markus Exp $");
+RCSID("$OpenBSD: auth-options.c,v 1.18 2001/05/31 10:30:12 markus Exp $");
 #include "packet.h"
 #include "xmalloc.h"
--- a/crypto/dist/ssh/auth-rh-rsa.c
+++ b/crypto/dist/ssh/auth-rh-rsa.c
@ -1,4 +1,4 @@
-/*	$NetBSD: auth-rh-rsa.c,v 1.1.1.4 2001/04/10 07:13:48 itojun Exp $	*/
+/*	$NetBSD: auth-rh-rsa.c,v 1.1.1.5 2001/06/23 16:36:23 itojun Exp $	*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -14,7 +14,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth-rh-rsa.c,v 1.23 2001/04/06 21:00:04 markus Exp $");
+RCSID("$OpenBSD: auth-rh-rsa.c,v 1.25 2001/06/23 03:04:42 markus Exp $");
 #include "packet.h"
 #include "xmalloc.h"
@ -39,7 +39,7 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key
 	extern ServerOptions options;
 	const char *canonical_hostname;
 	HostStatus host_status;
-	Key *client_key, *found;
+	Key *client_key;
 	debug("Trying rhosts with RSA host authentication for client user %.100s", client_user);
@ -59,37 +59,12 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key
 	client_key = key_new(KEY_RSA1);
 	BN_copy(client_key->rsa->e, client_host_key->e);
 	BN_copy(client_key->rsa->n, client_host_key->n);
 	found = key_new(KEY_RSA1);
-	/* Check if we know the host and its host key. */
+	host_status = check_key_in_hostfiles(pw, client_key, canonical_hostname,
-	host_status = check_host_in_hostfile(_PATH_SSH_SYSTEM_HOSTFILE, canonical_hostname,
+	    _PATH_SSH_SYSTEM_HOSTFILE,
-	    client_key, found, NULL);
+	    options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE);
 	/* Check user host file unless ignored. */
 	if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
 		struct stat st;
 		char *user_hostfile = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE, pw->pw_uid);
 		/*
 		 * Check file permissions of _PATH_SSH_USER_HOSTFILE, auth_rsa()
 		 * did already check pw->pw_dir, but there is a race XXX
 		 */
 		if (options.strict_modes &&
 		    (stat(user_hostfile, &st) == 0) &&
 		    ((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
 		     (st.st_mode & 022) != 0)) {
 			log("Rhosts RSA authentication refused for %.100s: bad owner or modes for %.200s",
 			    pw->pw_name, user_hostfile);
 		} else {
 			/* XXX race between stat and the following open() */
 			temporarily_use_uid(pw);
 			host_status = check_host_in_hostfile(user_hostfile, canonical_hostname,
 			    client_key, found, NULL);
 			restore_uid();
 		}
 		xfree(user_hostfile);
 	}
 	key_free(client_key);
 	key_free(found);
 	if (host_status != HOST_OK) {
 		debug("Rhosts with RSA host authentication denied: unknown or invalid host key");
--- a/crypto/dist/ssh/auth-rsa.c
+++ b/crypto/dist/ssh/auth-rsa.c
@ -1,4 +1,4 @@
-/*	$NetBSD: auth-rsa.c,v 1.1.1.5 2001/04/10 07:13:49 itojun Exp $	*/
+/*	$NetBSD: auth-rsa.c,v 1.1.1.6 2001/06/23 16:36:24 itojun Exp $	*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -15,7 +15,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.40 2001/04/06 21:00:07 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.42 2001/06/22 21:55:48 markus Exp $");
 #include <openssl/rsa.h>
 #include <openssl/md5.h>
@ -123,7 +123,7 @@ auth_rsa_challenge_dialog(RSA *pk)
 int
 auth_rsa(struct passwd *pw, BIGNUM *client_n)
 {
-	char line[8192], file[MAXPATHLEN];
+	char line[8192], *file;
 	int authenticated;
 	u_int bits;
 	FILE *f;
@ -139,13 +139,14 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
 	temporarily_use_uid(pw);
 	/* The authorized keys. */
-	snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir,
+	file = authorized_keys_file(pw);
-		 _PATH_SSH_USER_PERMITTED_KEYS);
+	debug("trying public RSA key file %s", file);
 	/* Fail quietly if file does not exist */
 	if (stat(file, &st) < 0) {
 		/* Restore the privileged uid. */
 		restore_uid();
 		xfree(file);
 		return 0;
 	}
 	/* Open the file containing the authorized keys. */
@ -155,43 +156,17 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
 		restore_uid();
 		packet_send_debug("Could not open %.900s for reading.", file);
 		packet_send_debug("If your home is on an NFS volume, it may need to be world-readable.");
 		xfree(file);
 		return 0;
 	}
-	if (options.strict_modes) {
+	if (options.strict_modes &&
-		int fail = 0;
+	    secure_filename(f, file, pw->pw_uid, line, sizeof(line)) != 0) {
-		char buf[1024];
+		xfree(file);
-		/* Check open file in order to avoid open/stat races */
+		fclose(f);
-		if (fstat(fileno(f), &st) < 0 ||
+		log("Authentication refused: %s", line);
-		    (st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
+		packet_send_debug("Authentication refused: %s", line);
-		    (st.st_mode & 022) != 0) {
+		restore_uid();
-			snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: "
+		return 0;
 				 "bad ownership or modes for '%s'.", pw->pw_name, file);
 			fail = 1;
 		} else {
 			/* Check path to _PATH_SSH_USER_PERMITTED_KEYS */
 			int i;
 			static const char *check[] = {
 				"", _PATH_SSH_USER_DIR, NULL
 			};
 			for (i = 0; check[i]; i++) {
 				snprintf(line, sizeof line, "%.500s/%.100s", pw->pw_dir, check[i]);
 				if (stat(line, &st) < 0 ||
 				    (st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
 				    (st.st_mode & 022) != 0) {
 					snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: "
 						 "bad ownership or modes for '%s'.", pw->pw_name, line);
 					fail = 1;
 					break;
 				}
 			}
 		}
 		if (fail) {
 			fclose(f);
 			log("%s", buf);
 			packet_send_debug("%s", buf);
 			restore_uid();
 			return 0;
 		}
 	}
 	/* Flag indicating whether authentication has succeeded. */
 	authenticated = 0;
@ -237,9 +212,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
 		/* Parse the key from the line. */
 		if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) {
-			debug("%.100s, line %lu: bad key syntax",
+			debug("%.100s, line %lu: non ssh1 key syntax",
 			    file, linenum);
 			packet_send_debug("%.100s, line %lu: bad key syntax",
 			    file, linenum);
 			continue;
 		}
@ -286,6 +259,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
 	restore_uid();
 	/* Close the file. */
 	xfree(file);
 	fclose(f);
 	RSA_free(pk);
--- a/crypto/dist/ssh/cipher.h
+++ b/crypto/dist/ssh/cipher.h
@ -1,4 +1,4 @@
-/*	$NetBSD: cipher.h,v 1.1.1.4 2001/04/10 07:13:53 itojun Exp $	*/
+/*	$NetBSD: cipher.h,v 1.1.1.5 2001/06/23 16:36:31 itojun Exp $	*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -33,7 +33,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
-/* RCSID("$OpenBSD: cipher.h,v 1.25 2000/12/19 23:17:56 markus Exp $"); */
+/* RCSID("$OpenBSD: cipher.h,v 1.26 2001/05/28 22:51:11 markus Exp $"); */
 #ifndef CIPHER_H
 #define CIPHER_H
@ -72,8 +72,9 @@ struct CipherContext {
 		struct {
 			des_key_schedule key1;
 			des_key_schedule key2;
 			des_cblock iv2;
 			des_key_schedule key3;
 			des_cblock iv1;
 			des_cblock iv2;
 			des_cblock iv3;
 		}       des3;
 		struct {
--- a/crypto/dist/ssh/dispatch.c
+++ b/crypto/dist/ssh/dispatch.c
@ -1,4 +1,4 @@
-/*	$NetBSD: dispatch.c,v 1.1.1.4 2001/04/10 07:13:55 itojun Exp $	*/
+/*	$NetBSD: dispatch.c,v 1.1.1.5 2001/06/23 16:36:32 itojun Exp $	*/
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@ -23,7 +23,7 @@
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #include "includes.h"
-RCSID("$OpenBSD: dispatch.c,v 1.10 2001/02/18 18:33:53 markus Exp $");
+RCSID("$OpenBSD: dispatch.c,v 1.11 2001/06/10 11:29:20 markus Exp $");
 #include "ssh1.h"
 #include "ssh2.h"
@ -40,9 +40,7 @@ dispatch_fn *dispatch[DISPATCH_MAX];
 void
 dispatch_protocol_error(int type, int plen, void *ctxt)
 {
-	error("Hm, dispatch protocol error: type %d plen %d", type, plen);
+	fatal("dispatch_protocol_error: type %d plen %d", type, plen);
 	if (compat20 && type == SSH2_MSG_KEXINIT)
 		fatal("dispatch_protocol_error: rekeying is not supported");
 }
 void
 dispatch_init(dispatch_fn *dflt)
--- a/crypto/dist/ssh/kex.h
+++ b/crypto/dist/ssh/kex.h
@ -1,5 +1,5 @@
-/*	$NetBSD: kex.h,v 1.1.1.6 2001/04/10 07:13:55 itojun Exp $	*/
+/*	$NetBSD: kex.h,v 1.1.1.7 2001/06/23 16:36:33 itojun Exp $	*/
-/*	$OpenBSD: kex.h,v 1.22 2001/04/04 20:25:37 markus Exp $	*/
+/*	$OpenBSD: kex.h,v 1.23 2001/06/23 02:34:28 markus Exp $	*/
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -108,7 +108,7 @@ struct Kex {
 	int	flags;
 	char	*client_version_string;
 	char	*server_version_string;
-	int	(*check_host_key)(Key *hostkey);
+	int	(*verify_host_key)(Key *hostkey);
 	Key	*(*load_host_key)(int type);
 };
--- a/crypto/dist/ssh/nchan.c
+++ b/crypto/dist/ssh/nchan.c
@ -1,4 +1,4 @@
-/*	$NetBSD: nchan.c,v 1.1.1.6 2001/05/15 15:02:30 itojun Exp $	*/
+/*	$NetBSD: nchan.c,v 1.1.1.7 2001/06/23 16:36:35 itojun Exp $	*/
 /*
 * Copyright (c) 1999 Markus Friedl.  All rights reserved.
 *
@ -24,17 +24,42 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: nchan.c,v 1.24 2001/05/04 23:47:34 markus Exp $");
+RCSID("$OpenBSD: nchan.c,v 1.29 2001/06/23 15:12:19 itojun Exp $");
 #include "ssh1.h"
 #include "ssh2.h"
 #include "buffer.h"
 #include "packet.h"
 #include "channels.h"
 #include "nchan.h"
 #include "compat.h"
 #include "log.h"
 /*
 * SSH Protocol 1.5 aka New Channel Protocol
 * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored.
 * Written by Markus Friedl in October 1999
 *
 * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the
 * tear down of channels:
 *
 * 1.3:	strict request-ack-protocol:
 * 	CLOSE	->
 * 		<-  CLOSE_CONFIRM
 *
 * 1.5:	uses variations of:
 * 	IEOF	->
 * 		<-  OCLOSE
 * 		<-  IEOF
 * 	OCLOSE	->
 * 	i.e. both sides have to close the channel
 *
 * 2.0: the EOF messages are optional
 *
 * See the debugging output from 'ssh -v' and 'sshd -d' of
 * ssh-1.2.27 as an example.
 *
 */
 /* functions manipulating channel states */
 /*
 * EVENTS update channel input/output states execute ACTIONS
@ -50,14 +75,14 @@ chan_event_fn *chan_obuf_empty			= NULL;
 /*
 * ACTIONS: should never update the channel states
 */
-static void	chan_send_ieof1(Channel *c);
+static void	chan_send_ieof1(Channel *);
-static void	chan_send_oclose1(Channel *c);
+static void	chan_send_oclose1(Channel *);
-static void	chan_send_close2(Channel *c);
+static void	chan_send_close2(Channel *);
-static void	chan_send_eof2(Channel *c);
+static void	chan_send_eof2(Channel *);
 /* helper */
-static void	chan_shutdown_write(Channel *c);
+static void	chan_shutdown_write(Channel *);
-static void	chan_shutdown_read(Channel *c);
+static void	chan_shutdown_read(Channel *);
 /*
 * SSH1 specific implementation of event functions
@ -85,7 +110,7 @@ chan_rcvd_oclose1(Channel *c)
 		c->istate = CHAN_INPUT_CLOSED;
 		break;
 	default:
-		error("channel %d: protocol error: chan_rcvd_oclose for istate %d",
+		error("channel %d: protocol error: rcvd_oclose for istate %d",
 		    c->self, c->istate);
 		return;
 	}
@ -99,13 +124,15 @@ chan_read_failed_12(Channel *c)
 		debug("channel %d: input open -> drain", c->self);
 		chan_shutdown_read(c);
 		c->istate = CHAN_INPUT_WAIT_DRAIN;
 #if 0
 		if (buffer_len(&c->input) == 0) {
 			debug("channel %d: input: no drain shortcut", c->self);
 			chan_ibuf_empty(c);
 		}
 #endif
 		break;
 	default:
-		error("channel %d: internal error: we do not read, but chan_read_failed for istate %d",
+		error("channel %d: chan_read_failed for istate %d",
 		    c->self, c->istate);
 		break;
 	}
@ -115,7 +142,7 @@ chan_ibuf_empty1(Channel *c)
 {
 	debug("channel %d: ibuf empty", c->self);
 	if (buffer_len(&c->input)) {
-		error("channel %d: internal error: chan_ibuf_empty for non empty buffer",
+		error("channel %d: chan_ibuf_empty for non empty buffer",
 		    c->self);
 		return;
 	}
@ -126,7 +153,7 @@ chan_ibuf_empty1(Channel *c)
 		c->istate = CHAN_INPUT_WAIT_OCLOSE;
 		break;
 	default:
-		error("channel %d: internal error: chan_ibuf_empty for istate %d",
+		error("channel %d: chan_ibuf_empty for istate %d",
 		    c->self, c->istate);
 		break;
 	}
@ -138,19 +165,23 @@ chan_rcvd_ieof1(Channel *c)
 	if (c->type != SSH_CHANNEL_OPEN) {
 		debug("channel %d: non-open", c->self);
 		if (c->istate == CHAN_INPUT_OPEN) {
-			debug("channel %d: non-open: input open -> wait_oclose", c->self);
+			debug("channel %d: non-open: input open -> wait_oclose",
 			    c->self);
 			chan_shutdown_read(c);
 			chan_send_ieof1(c);
 			c->istate = CHAN_INPUT_WAIT_OCLOSE;
 		} else {
-			error("channel %d: istate %d != open", c->self, c->istate);
+			error("channel %d: non-open: istate %d != open",
 			    c->self, c->istate);
 		}
 		if (c->ostate == CHAN_OUTPUT_OPEN) {
-			debug("channel %d: non-open: output open -> closed", c->self);
+			debug("channel %d: non-open: output open -> closed",
 			    c->self);
 			chan_send_oclose1(c);
 			c->ostate = CHAN_OUTPUT_CLOSED;
 		} else {
-			error("channel %d: ostate %d != open", c->self, c->ostate);
+			error("channel %d: non-open: ostate %d != open",
 			    c->self, c->ostate);
 		}
 		return;
 	}
@ -164,7 +195,7 @@ chan_rcvd_ieof1(Channel *c)
 		c->ostate = CHAN_OUTPUT_CLOSED;
 		break;
 	default:
-		error("channel %d: protocol error: chan_rcvd_ieof for ostate %d",
+		error("channel %d: protocol error: rcvd_ieof for ostate %d",
 		    c->self, c->ostate);
 		break;
 	}
@ -185,7 +216,7 @@ chan_write_failed1(Channel *c)
 		c->ostate = CHAN_OUTPUT_CLOSED;
 		break;
 	default:
-		error("channel %d: internal error: chan_write_failed for ostate %d",
+		error("channel %d: chan_write_failed for ostate %d",
 		    c->self, c->ostate);
 		break;
 	}
@ -195,7 +226,7 @@ chan_obuf_empty1(Channel *c)
 {
 	debug("channel %d: obuf empty", c->self);
 	if (buffer_len(&c->output)) {
-		error("channel %d: internal error: chan_obuf_empty for non empty buffer",
+		error("channel %d: chan_obuf_empty for non empty buffer",
 		    c->self);
 		return;
 	}
@ -206,7 +237,7 @@ chan_obuf_empty1(Channel *c)
 		c->ostate = CHAN_OUTPUT_CLOSED;
 		break;
 	default:
-		error("channel %d: internal error: chan_obuf_empty for ostate %d",
+		error("channel %d: internal error: obuf_empty for ostate %d",
 		    c->self, c->ostate);
 		break;
 	}
@ -223,7 +254,7 @@ chan_send_ieof1(Channel *c)
 		packet_send();
 		break;
 	default:
-		error("channel %d: internal error: cannot send ieof for istate %d",
+		error("channel %d: cannot send ieof for istate %d",
 		    c->self, c->istate);
 		break;
 	}
@ -242,7 +273,7 @@ chan_send_oclose1(Channel *c)
 		packet_send();
 		break;
 	default:
-		error("channel %d: internal error: cannot send oclose for ostate %d",
+		error("channel %d: cannot send oclose for ostate %d",
 		     c->self, c->ostate);
 		break;
 	}
@ -266,7 +297,10 @@ chan_rcvd_oclose2(Channel *c)
 	}
 	switch (c->ostate) {
 	case CHAN_OUTPUT_OPEN:
-		/* wait until a data from the channel is consumed if a CLOSE is received */
+		/*
 		 * wait until a data from the channel is consumed if a CLOSE
 		 * is received
 		 */
 		debug("channel %d: output open -> drain", c->self);
 		c->ostate = CHAN_OUTPUT_WAIT_DRAIN;
 		break;
@ -288,7 +322,7 @@ chan_ibuf_empty2(Channel *c)
 {
 	debug("channel %d: ibuf empty", c->self);
 	if (buffer_len(&c->input)) {
-		error("channel %d: internal error: chan_ibuf_empty for non empty buffer",
+		error("channel %d: chan_ibuf_empty for non empty buffer",
 		     c->self);
 		return;
 	}
@ -300,7 +334,7 @@ chan_ibuf_empty2(Channel *c)
 		c->istate = CHAN_INPUT_CLOSED;
 		break;
 	default:
-		error("channel %d: internal error: chan_ibuf_empty for istate %d",
+		error("channel %d: chan_ibuf_empty for istate %d",
 		     c->self, c->istate);
 		break;
 	}
@ -330,7 +364,7 @@ chan_write_failed2(Channel *c)
 		c->ostate = CHAN_OUTPUT_CLOSED;
 		break;
 	default:
-		error("channel %d: internal error: chan_write_failed for ostate %d",
+		error("channel %d: chan_write_failed for ostate %d",
 		    c->self, c->ostate);
 		break;
 	}
@ -340,7 +374,7 @@ chan_obuf_empty2(Channel *c)
 {
 	debug("channel %d: obuf empty", c->self);
 	if (buffer_len(&c->output)) {
-		error("internal error: chan_obuf_empty %d for non empty buffer",
+		error("channel %d: chan_obuf_empty for non empty buffer",
 		    c->self);
 		return;
 	}
@ -351,7 +385,7 @@ chan_obuf_empty2(Channel *c)
 		c->ostate = CHAN_OUTPUT_CLOSED;
 		break;
 	default:
-		error("channel %d: internal error: chan_obuf_empty for ostate %d",
+		error("channel %d: chan_obuf_empty for ostate %d",
 		    c->self, c->ostate);
 		break;
 	}
@ -367,7 +401,7 @@ chan_send_eof2(Channel *c)
 		packet_send();
 		break;
 	default:
-		error("channel %d: internal error: cannot send eof for istate %d",
+		error("channel %d: cannot send eof for istate %d",
 		    c->self, c->istate);
 		break;
 	}
@ -378,10 +412,10 @@ chan_send_close2(Channel *c)
 	debug("channel %d: send close", c->self);
 	if (c->ostate != CHAN_OUTPUT_CLOSED ||
 	    c->istate != CHAN_INPUT_CLOSED) {
-		error("channel %d: internal error: cannot send close for istate/ostate %d/%d",
+		error("channel %d: cannot send close for istate/ostate %d/%d",
 		    c->self, c->istate, c->ostate);
 	} else if (c->flags & CHAN_CLOSE_SENT) {
-		error("channel %d: internal error: already sent close", c->self);
+		error("channel %d: already sent close", c->self);
 	} else {
 		packet_start(SSH2_MSG_CHANNEL_CLOSE);
 		packet_put_int(c->remote_id);
@ -395,14 +429,16 @@ chan_send_close2(Channel *c)
 void
 chan_mark_dead(Channel *c)
 {
-	c->flags |= CHAN_DEAD;
+	c->type = SSH_CHANNEL_ZOMBIE;
 }
 int
 chan_is_dead(Channel *c)
 {
-	if (c->flags & CHAN_DEAD)
+	if (c->type == SSH_CHANNEL_ZOMBIE) {
 		debug("channel %d: zombie", c->self);
 		return 1;
 	}
 	if (c->istate != CHAN_INPUT_CLOSED || c->ostate != CHAN_OUTPUT_CLOSED)
 		return 0;
 	if (!compat20) {
@ -479,11 +515,13 @@ chan_shutdown_write(Channel *c)
 	debug("channel %d: close_write", c->self);
 	if (c->sock != -1) {
 		if (shutdown(c->sock, SHUT_WR) < 0)
-			debug("channel %d: chan_shutdown_write: shutdown() failed for fd%d: %.100s",
+			debug("channel %d: chan_shutdown_write: "
 			    "shutdown() failed for fd%d: %.100s",
 			    c->self, c->sock, strerror(errno));
 	} else {
 		if (close(c->wfd) < 0)
-			log("channel %d: chan_shutdown_write: close() failed for fd%d: %.100s",
+			log("channel %d: chan_shutdown_write: "
 			    "close() failed for fd%d: %.100s",
 			    c->self, c->wfd, strerror(errno));
 		c->wfd = -1;
 	}
@ -496,11 +534,14 @@ chan_shutdown_read(Channel *c)
 	debug("channel %d: close_read", c->self);
 	if (c->sock != -1) {
 		if (shutdown(c->sock, SHUT_RD) < 0)
-			error("channel %d: chan_shutdown_read: shutdown() failed for fd%d [i%d o%d]: %.100s",
+			error("channel %d: chan_shutdown_read: "
-			    c->self, c->sock, c->istate, c->ostate, strerror(errno));
+			    "shutdown() failed for fd%d [i%d o%d]: %.100s",
 			    c->self, c->sock, c->istate, c->ostate,
 			    strerror(errno));
 	} else {
 		if (close(c->rfd) < 0)
-			log("channel %d: chan_shutdown_read: close() failed for fd%d: %.100s",
+			log("channel %d: chan_shutdown_read: "
 			    "close() failed for fd%d: %.100s",
 			    c->self, c->rfd, strerror(errno));
 		c->rfd = -1;
 	}
--- a/crypto/dist/ssh/nchan.ms
+++ b/crypto/dist/ssh/nchan.ms
@ -1,3 +1,4 @@
 .\"	$NetBSD: nchan.ms,v 1.1.1.3 2001/06/23 16:36:35 itojun Exp $
 .\"	$OpenBSD: nchan.ms,v 1.7 2001/01/29 01:58:17 niklas Exp $
 .\"
 .\" 
--- a/crypto/dist/ssh/packet.h
+++ b/crypto/dist/ssh/packet.h
@ -1,4 +1,4 @@
-/*	$NetBSD: packet.h,v 1.1.1.6 2001/05/15 15:02:30 itojun Exp $	*/
+/*	$NetBSD: packet.h,v 1.1.1.7 2001/06/23 16:36:35 itojun Exp $	*/
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -12,7 +12,7 @@
 * called by a name other than "ssh" or "Secure Shell".
 */
-/* RCSID("$OpenBSD: packet.h,v 1.22 2001/04/14 16:33:20 stevesk Exp $"); */
+/* RCSID("$OpenBSD: packet.h,v 1.23 2001/05/28 23:58:35 markus Exp $"); */
 #ifndef PACKET_H
 #define PACKET_H
@ -72,7 +72,7 @@ void    packet_set_interactive(int interactive);
 int     packet_is_interactive(void);
 /* Starts constructing a packet to send. */
-void    packet_start(int type);
+void    packet_start(u_char type);
 /* Appends a character to the packet data. */
 void    packet_put_char(int ch);
@ -209,9 +209,6 @@ do { \
 int	packet_connection_is_on_socket(void);
 int	packet_connection_is_ipv4(void);
 /* enable SSH2 packet format */
 void	packet_set_ssh2_format(void);
 /* returns remaining payload bytes */
 int	packet_remaining(void);
--- a/crypto/dist/ssh/sftp-server.8
+++ b/crypto/dist/ssh/sftp-server.8
@ -1,5 +1,5 @@
-.\"	$NetBSD: sftp-server.8,v 1.1.1.6 2001/05/15 15:02:34 itojun Exp $
+.\"	$NetBSD: sftp-server.8,v 1.1.1.7 2001/06/23 16:36:44 itojun Exp $
-.\" $OpenBSD: sftp-server.8,v 1.6 2001/04/22 13:32:26 markus Exp $
+.\" $OpenBSD: sftp-server.8,v 1.8 2001/06/23 05:57:08 deraadt Exp $
 .\"
 .\" Copyright (c) 2000 Markus Friedl.  All rights reserved.
 .\"
--- a/crypto/dist/ssh/sshconnect.h
+++ b/crypto/dist/ssh/sshconnect.h
@ -1,5 +1,5 @@
-/*	$NetBSD: sshconnect.h,v 1.1.1.5 2001/05/15 15:02:38 itojun Exp $	*/
+/*	$NetBSD: sshconnect.h,v 1.1.1.6 2001/06/23 16:36:52 itojun Exp $	*/
-/*	$OpenBSD: sshconnect.h,v 1.9 2001/04/12 19:15:25 markus Exp $	*/
+/*	$OpenBSD: sshconnect.h,v 1.10 2001/06/23 02:34:32 markus Exp $	*/
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@ -37,9 +37,7 @@ void
 ssh_login(Key **keys, int nkeys, const char *orighost,
    struct sockaddr *hostaddr, struct passwd *pw);
-void
+int	verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key);
 check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
    const char *user_hostfile, const char *system_hostfile);
 void	ssh_kex(char *host, struct sockaddr *hostaddr);
 void	ssh_kex2(char *host, struct sockaddr *hostaddr);