summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-04-16 11:18:38 +1000
committerDamien Miller <djm@mindrot.org>2000-04-16 11:18:38 +1000
commit4af51306d9a51459a5bef922df1037f876ae51fe (patch)
tree09ecfc215fce82345a3259f8a0f384b9a67906f0
parent5d1705ecf9bd3216dc99a84242bcdf2e7297d307 (diff)
- OpenBSD CVS updates.
[ssh.1 ssh.c] - ssh -2 [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] [session.c sshconnect.c] - check payload for (illegal) extra data [ALL] - whitespace cleanup
-rw-r--r--ChangeLog12
-rw-r--r--auth-krb4.c10
-rw-r--r--auth-passwd.c4
-rw-r--r--auth-rh-rsa.c14
-rw-r--r--auth-rhosts.c18
-rw-r--r--auth-rsa.c16
-rw-r--r--auth-skey.c18
-rw-r--r--auth.c62
-rw-r--r--authfd.c24
-rw-r--r--authfd.h22
-rw-r--r--authfile.c14
-rw-r--r--bufaux.c12
-rw-r--r--bufaux.h12
-rw-r--r--buffer.c34
-rw-r--r--canohost.c20
-rw-r--r--channels.c94
-rw-r--r--channels.h6
-rw-r--r--cipher.c34
-rw-r--r--cipher.h24
-rw-r--r--clientloop.c59
-rw-r--r--compat.c6
-rw-r--r--compress.c22
-rw-r--r--compress.h14
-rw-r--r--crc32.h14
-rw-r--r--dispatch.c78
-rw-r--r--dsa.c10
-rw-r--r--getput.h16
-rw-r--r--hostfile.c14
-rw-r--r--hostfile.h2
-rw-r--r--includes.h12
-rw-r--r--kex.c12
-rw-r--r--log-client.c14
-rw-r--r--log-server.c16
-rw-r--r--login.c20
-rw-r--r--match.c16
-rw-r--r--mpaux.c14
-rw-r--r--mpaux.h14
-rw-r--r--nchan.c6
-rw-r--r--packet.c32
-rw-r--r--packet.h29
-rw-r--r--pty.c22
-rw-r--r--pty.h14
-rw-r--r--radix.c12
-rw-r--r--readconf.c26
-rw-r--r--readconf.h22
-rw-r--r--readpass.c4
-rw-r--r--rsa.c30
-rw-r--r--rsa.h14
-rw-r--r--scp.c20
-rw-r--r--servconf.c24
-rw-r--r--servconf.h14
-rw-r--r--serverloop.c46
-rw-r--r--session.c25
-rw-r--r--ssh-agent.c10
-rw-r--r--ssh-keygen.c4
-rw-r--r--ssh.18
-rw-r--r--ssh.c42
-rw-r--r--ssh.h30
-rw-r--r--ssh2.h20
-rw-r--r--sshconnect.c56
-rw-r--r--sshd.c54
-rw-r--r--ttymodes.c10
-rw-r--r--ttymodes.h12
-rw-r--r--uidswap.c8
-rw-r--r--uidswap.h10
-rw-r--r--xmalloc.c4
-rw-r--r--xmalloc.h14
67 files changed, 779 insertions, 646 deletions
diff --git a/ChangeLog b/ChangeLog
index 643a97f0..f23250ed 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,17 @@
+20000415
+ - OpenBSD CVS updates.
+ [ssh.1 ssh.c]
+ - ssh -2
+ [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
+ [session.c sshconnect.c]
+ - check payload for (illegal) extra data
+ [ALL]
+ whitespace cleanup
+
20000413
- INSTALL doc updates
- Merged OpenBSD updates to include paths.
-
+
20000412
- OpenBSD CVS updates:
- [channels.c]
diff --git a/auth-krb4.c b/auth-krb4.c
index 7e30646f..a2684271 100644
--- a/auth-krb4.c
+++ b/auth-krb4.c
@@ -19,7 +19,7 @@ extern ServerOptions options;
* return 1 on success, 0 on failure, -1 if krb4 is not available
*/
-int
+int
auth_krb4_password(struct passwd * pw, const char *password)
{
AUTH_DAT adata;
@@ -135,7 +135,7 @@ krb4_cleanup_proc(void *ignore)
}
}
-int
+int
krb4_init(uid_t uid)
{
static int cleanup_registered = 0;
@@ -179,7 +179,7 @@ krb4_init(uid_t uid)
return 0;
}
-int
+int
auth_krb4(const char *server_user, KTEXT auth, char **client)
{
AUTH_DAT adat = {0};
@@ -252,7 +252,7 @@ auth_krb4(const char *server_user, KTEXT auth, char **client)
#endif /* KRB4 */
#ifdef AFS
-int
+int
auth_kerberos_tgt(struct passwd *pw, const char *string)
{
CREDENTIALS creds;
@@ -307,7 +307,7 @@ auth_kerberos_tgt_failure:
return 0;
}
-int
+int
auth_afs_token(struct passwd *pw, const char *token_string)
{
CREDENTIALS creds;
diff --git a/auth-passwd.c b/auth-passwd.c
index 278212aa..d2c2ea87 100644
--- a/auth-passwd.c
+++ b/auth-passwd.c
@@ -11,7 +11,7 @@
#ifndef USE_PAM
-RCSID("$Id: auth-passwd.c,v 1.16 2000/01/22 23:32:03 damien Exp $");
+RCSID("$Id: auth-passwd.c,v 1.17 2000/04/16 01:18:39 damien Exp $");
#include "packet.h"
#include "ssh.h"
@@ -33,7 +33,7 @@ RCSID("$Id: auth-passwd.c,v 1.16 2000/01/22 23:32:03 damien Exp $");
* Tries to authenticate the user using password. Returns true if
* authentication succeeds.
*/
-int
+int
auth_password(struct passwd * pw, const char *password)
{
extern ServerOptions options;
diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c
index d3d90246..150132fb 100644
--- a/auth-rh-rsa.c
+++ b/auth-rh-rsa.c
@@ -1,21 +1,21 @@
/*
- *
+ *
* auth-rh-rsa.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sun May 7 03:08:06 1995 ylo
- *
+ *
* Rhosts or /etc/hosts.equiv authentication combined with RSA host
* authentication.
*
*/
#include "includes.h"
-RCSID("$Id: auth-rh-rsa.c,v 1.9 2000/04/13 02:26:35 damien Exp $");
+RCSID("$Id: auth-rh-rsa.c,v 1.10 2000/04/16 01:18:39 damien Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
@@ -42,7 +42,7 @@ RCSID("$Id: auth-rh-rsa.c,v 1.9 2000/04/13 02:26:35 damien Exp $");
* its host key. Returns true if authentication succeeds.
*/
-int
+int
auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key)
{
extern ServerOptions options;
diff --git a/auth-rhosts.c b/auth-rhosts.c
index 318bcfef..6a5c13e4 100644
--- a/auth-rhosts.c
+++ b/auth-rhosts.c
@@ -1,22 +1,22 @@
/*
- *
+ *
* auth-rhosts.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 17 05:12:18 1995 ylo
- *
+ *
* Rhosts authentication. This file contains code to check whether to admit
* the login based on rhosts authentication. This file also processes
* /etc/hosts.equiv.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: auth-rhosts.c,v 1.7 1999/12/27 12:54:55 damien Exp $");
+RCSID("$Id: auth-rhosts.c,v 1.8 2000/04/16 01:18:39 damien Exp $");
#include "packet.h"
#include "ssh.h"
@@ -30,7 +30,7 @@ RCSID("$Id: auth-rhosts.c,v 1.7 1999/12/27 12:54:55 damien Exp $");
* based on the file, and returns zero otherwise.
*/
-int
+int
check_rhosts_file(const char *filename, const char *hostname,
const char *ipaddr, const char *client_user,
const char *server_user)
@@ -146,7 +146,7 @@ check_rhosts_file(const char *filename, const char *hostname,
* /etc/hosts.equiv will be considered (.rhosts and .shosts are ignored).
*/
-int
+int
auth_rhosts(struct passwd *pw, const char *client_user)
{
extern ServerOptions options;
diff --git a/auth-rsa.c b/auth-rsa.c
index fff52494..e9d61f69 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -1,22 +1,22 @@
/*
- *
+ *
* auth-rsa.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Mon Mar 27 01:46:52 1995 ylo
- *
+ *
* RSA-based authentication. This code determines whether to admit a login
* based on RSA authentication. This file also contains functions to check
* validity of the host key.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: auth-rsa.c,v 1.15 2000/04/13 02:26:35 damien Exp $");
+RCSID("$Id: auth-rsa.c,v 1.16 2000/04/16 01:18:39 damien Exp $");
#include "rsa.h"
#include "packet.h"
@@ -244,7 +244,7 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
debug("%.100s, line %lu: bad key syntax",
SSH_USER_PERMITTED_KEYS, linenum);
packet_send_debug("%.100s, line %lu: bad key syntax",
- SSH_USER_PERMITTED_KEYS, linenum);
+ SSH_USER_PERMITTED_KEYS, linenum);
continue;
}
/* cp now points to the comment part. */
diff --git a/auth-skey.c b/auth-skey.c
index f403a196..056efeb9 100644
--- a/auth-skey.c
+++ b/auth-skey.c
@@ -1,7 +1,7 @@
#include "includes.h"
#ifdef SKEY
-RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $");
+RCSID("$Id: auth-skey.c,v 1.6 2000/04/14 10:30:29 markus Exp $");
#include "ssh.h"
#include "packet.h"
@@ -15,12 +15,12 @@ RCSID("$Id: auth-skey.c,v 1.5 1999/12/06 19:04:57 deraadt Exp $");
/* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
-/*
+/*
* try skey authentication,
- * return 1 on success, 0 on failure, -1 if skey is not available
+ * return 1 on success, 0 on failure, -1 if skey is not available
*/
-int
+int
auth_skey_password(struct passwd * pw, const char *password)
{
if (strncasecmp(password, "s/key", 5) == 0) {
@@ -53,18 +53,18 @@ auth_skey_password(struct passwd * pw, const char *password)
*/
static u_int32_t
hash_collapse(s)
- u_char *s;
+ u_char *s;
{
- int len, target;
+ int len, target;
u_int32_t i;
if ((strlen(s) % sizeof(u_int32_t)) == 0)
- target = strlen(s); /* Multiple of 4 */
+ target = strlen(s); /* Multiple of 4 */
else
target = strlen(s) - (strlen(s) % sizeof(u_int32_t));
-
+
for (i = 0, len = 0; len < target; len += 4)
- i ^= ROUND(s + len);
+ i ^= ROUND(s + len);
return i;
}
diff --git a/auth.c b/auth.c
index e94a86e9..4c6f32b0 100644
--- a/auth.c
+++ b/auth.c
@@ -5,7 +5,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.4 2000/04/14 10:30:29 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -36,9 +36,9 @@ extern char *forced_command;
* DenyUsers or user's primary group is listed in DenyGroups, false will
* be returned. If AllowUsers isn't empty and user isn't listed there, or
* if AllowGroups isn't empty and user isn't listed there, false will be
- * returned.
+ * returned.
* If the user's shell is not executable, false will be returned.
- * Otherwise true is returned.
+ * Otherwise true is returned.
*/
static int
allowed_user(struct passwd * pw)
@@ -201,10 +201,10 @@ do_fake_authloop1(char *user)
packet_write_wait();
continue;
} else if (type == SSH_CMSG_AUTH_PASSWORD &&
- options.password_authentication &&
- (password = packet_get_string(&dlen)) != NULL &&
- dlen == 5 &&
- strncasecmp(password, "s/key", 5) == 0 ) {
+ options.password_authentication &&
+ (password = packet_get_string(&dlen)) != NULL &&
+ dlen == 5 &&
+ strncasecmp(password, "s/key", 5) == 0 ) {
packet_send_debug(skeyinfo);
}
if (password != NULL)
@@ -457,20 +457,20 @@ do_authloop(struct passwd * pw)
break;
}
- /*
- * Check if the user is logging in as root and root logins
- * are disallowed.
- * Note that root login is allowed for forced commands.
- */
- if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
- if (forced_command) {
- log("Root login accepted for forced command.");
- } else {
- authenticated = 0;
- log("ROOT LOGIN REFUSED FROM %.200s",
- get_canonical_hostname());
- }
- }
+ /*
+ * Check if the user is logging in as root and root logins
+ * are disallowed.
+ * Note that root login is allowed for forced commands.
+ */
+ if (authenticated && pw->pw_uid == 0 && !options.permit_root_login) {
+ if (forced_command) {
+ log("Root login accepted for forced command.");
+ } else {
+ authenticated = 0;
+ log("ROOT LOGIN REFUSED FROM %.200s",
+ get_canonical_hostname());
+ }
+ }
/* Raise logging level */
if (authenticated ||
@@ -685,6 +685,7 @@ input_service_request(int type, int plen)
unsigned int len;
int accept = 0;
char *service = packet_get_string(&len);
+ packet_done();
if (strcmp(service, "ssh-userauth") == 0) {
if (!userauth_success) {
@@ -727,6 +728,7 @@ input_userauth_request(int type, int plen)
pw = auth_set_user(user, service);
if (pw && strcmp(service, "ssh-connection")==0) {
if (strcmp(method, "none") == 0 && try == 1) {
+ packet_done();
#ifdef USE_PAM
/* Do PAM auth with password */
authenticated = auth_pam_password(pw, "");
@@ -740,6 +742,7 @@ input_userauth_request(int type, int plen)
if (c)
debug("password change not supported");
password = packet_get_string(&len);
+ packet_done();
#ifdef USE_PAM
/* Do PAM auth with password */
authenticated = auth_pam_password(pw, password);
@@ -751,11 +754,19 @@ input_userauth_request(int type, int plen)
xfree(password);
} else if (strcmp(method, "publickey") == 0) {
/* XXX TODO */
- char *pkalg;
- char *pkblob;
- c = packet_get_char();
+ char *pkalg, *pkblob, *sig;
+ int have_sig = packet_get_char();
pkalg = packet_get_string(&len);
pkblob = packet_get_string(&len);
+ if (have_sig) {
+ sig = packet_get_string(&len);
+ /* test for correct signature */
+ packet_done();
+ xfree(sig);
+ } else {
+ packet_done();
+ /* test whether pkalg/pkblob are acceptable */
+ }
xfree(pkalg);
xfree(pkblob);
}
@@ -764,7 +775,6 @@ input_userauth_request(int type, int plen)
if (authenticated) {
/* turn off userauth */
dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error);
- /* success! */
packet_start(SSH2_MSG_USERAUTH_SUCCESS);
packet_send();
packet_write_wait();
@@ -782,7 +792,7 @@ input_userauth_request(int type, int plen)
xfree(user);
xfree(method);
}
-void
+void
do_authentication2()
{
dispatch_init(&protocol_error);
diff --git a/authfd.c b/authfd.c
index 80af9529..d920b1f6 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* authfd.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Mar 29 01:30:28 1995 ylo
- *
+ *
* Functions for connecting the local authentication agent.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: authfd.c,v 1.11 2000/04/13 02:26:35 damien Exp $");
+RCSID("$Id: authfd.c,v 1.12 2000/04/16 01:18:40 damien Exp $");
#include "ssh.h"
#include "rsa.h"
@@ -69,7 +69,7 @@ ssh_get_authentication_socket()
* ssh_get_authentication_socket().
*/
-void
+void
ssh_close_authentication_socket(int sock)
{
if (getenv(SSH_AUTHSOCKET_ENV_NAME))
@@ -113,7 +113,7 @@ ssh_get_authentication_connection()
* memory.
*/
-void
+void
ssh_close_authentication_connection(AuthenticationConnection *ac)
{
buffer_free(&ac->packet);
@@ -343,7 +343,7 @@ error_cleanup:
* be used by normal applications.
*/
-int
+int
ssh_add_identity(AuthenticationConnection *auth,
RSA * key, const char *comment)
{
@@ -431,7 +431,7 @@ error_cleanup:
* meant to be used by normal applications.
*/
-int
+int
ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
{
Buffer buffer;
@@ -514,7 +514,7 @@ error_cleanup:
* by normal applications.
*/
-int
+int
ssh_remove_all_identities(AuthenticationConnection *auth)
{
Buffer buffer;
diff --git a/authfd.h b/authfd.h
index 01cfd93a..420f592b 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* authfd.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Mar 29 01:17:41 1995 ylo
- *
+ *
* Functions to interface with the SSH_AUTHENTICATION_FD socket.
- *
+ *
*/
-/* RCSID("$Id: authfd.h,v 1.4 1999/11/25 00:54:58 damien Exp $"); */
+/* RCSID("$Id: authfd.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
#ifndef AUTHFD_H
#define AUTHFD_H
@@ -67,7 +67,7 @@ void ssh_close_authentication_connection(AuthenticationConnection * ac);
* integers before the call, and free the comment after a successful call
* (before calling ssh_get_next_identity).
*/
-int
+int
ssh_get_first_identity(AuthenticationConnection * connection,
BIGNUM * e, BIGNUM * n, char **comment);
@@ -77,13 +77,13 @@ ssh_get_first_identity(AuthenticationConnection * connection,
* function. This returns 0 if there are no more identities. The caller
* must free comment after a successful return.
*/
-int
+int
ssh_get_next_identity(AuthenticationConnection * connection,
BIGNUM * e, BIGNUM * n, char **comment);
/* Requests the agent to decrypt the given challenge. Returns true if
the agent claims it was able to decrypt it. */
-int
+int
ssh_decrypt_challenge(AuthenticationConnection * auth,
BIGNUM * e, BIGNUM * n, BIGNUM * challenge,
unsigned char session_id[16],
@@ -95,7 +95,7 @@ ssh_decrypt_challenge(AuthenticationConnection * auth,
* be used by normal applications. This returns true if the identity was
* successfully added.
*/
-int
+int
ssh_add_identity(AuthenticationConnection * connection, RSA * key,
const char *comment);
diff --git a/authfile.c b/authfile.c
index 6113ddd8..d7912d0d 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,21 +1,21 @@
/*
- *
+ *
* authfile.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Mon Mar 27 03:52:05 1995 ylo
- *
+ *
* This file contains functions for reading and writing identity files, and
* for reading the passphrase from the user.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: authfile.c,v 1.9 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: authfile.c,v 1.10 2000/04/16 01:18:40 damien Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
diff --git a/bufaux.c b/bufaux.c
index 7ebc2aa6..b4d52270 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -1,14 +1,14 @@
/*
- *
+ *
* bufaux.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Mar 29 02:24:47 1995 ylo
- *
+ *
* Auxiliary functions for storing and retrieving various data types to/from
* Buffers.
*
@@ -17,7 +17,7 @@
*/
#include "includes.h"
-RCSID("$Id: bufaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: bufaux.c,v 1.11 2000/04/16 01:18:40 damien Exp $");
#include "ssh.h"
diff --git a/bufaux.h b/bufaux.h
index b22e98bd..80bad6ea 100644
--- a/bufaux.h
+++ b/bufaux.h
@@ -1,17 +1,17 @@
/*
- *
+ *
* bufaux.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Mar 29 02:18:23 1995 ylo
- *
+ *
*/
-/* RCSID("$Id: bufaux.h,v 1.4 2000/04/01 01:09:23 damien Exp $"); */
+/* RCSID("$Id: bufaux.h,v 1.5 2000/04/16 01:18:40 damien Exp $"); */
#ifndef BUFAUX_H
#define BUFAUX_H
diff --git a/buffer.c b/buffer.c
index 48ae96a4..83a63e6f 100644
--- a/buffer.c
+++ b/buffer.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* buffer.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sat Mar 18 04:15:33 1995 ylo
- *
+ *
* Functions for manipulating fifo buffers (that can grow if needed).
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: buffer.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: buffer.c,v 1.5 2000/04/16 01:18:40 damien Exp $");
#include "xmalloc.h"
#include "buffer.h"
@@ -22,7 +22,7 @@ RCSID("$Id: buffer.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
/* Initializes the buffer structure. */
-void
+void
buffer_init(Buffer *buffer)
{
buffer->alloc = 4096;
@@ -33,7 +33,7 @@ buffer_init(Buffer *buffer)
/* Frees any memory used for the buffer. */
-void
+void
buffer_free(Buffer *buffer)
{
memset(buffer->buf, 0, buffer->alloc);
@@ -45,7 +45,7 @@ buffer_free(Buffer *buffer)
* zero the memory.
*/
-void
+void
buffer_clear(Buffer *buffer)
{
buffer->offset = 0;
@@ -54,7 +54,7 @@ buffer_clear(Buffer *buffer)
/* Appends data to the buffer, expanding it if necessary. */
-void
+void
buffer_append(Buffer *buffer, const char *data, unsigned int len)
{
char *cp;
@@ -68,7 +68,7 @@ buffer_append(Buffer *buffer, const char *data, unsigned int len)
* to the allocated region.
*/
-void
+void
buffer_append_space(Buffer *buffer, char **datap, unsigned int len)
{
/* If the buffer is empty, start using it from the beginning. */
@@ -102,7 +102,7 @@ restart:
/* Returns the number of bytes of data in the buffer. */
-unsigned int
+unsigned int
buffer_len(Buffer *buffer)
{
return buffer->end - buffer->offset;
@@ -110,7 +110,7 @@ buffer_len(Buffer *buffer)
/* Gets data from the beginning of the buffer. */
-void
+void
buffer_get(Buffer *buffer, char *buf, unsigned int len)
{
if (len > buffer->end - buffer->offset)
@@ -121,7 +121,7 @@ buffer_get(Buffer *buffer, char *buf, unsigned int len)
/* Consumes the given number of bytes from the beginning of the buffer. */
-void
+void
buffer_consume(Buffer *buffer, unsigned int bytes)
{
if (bytes > buffer->end - buffer->offset)
@@ -131,7 +131,7 @@ buffer_consume(Buffer *buffer, unsigned int bytes)
/* Consumes the given number of bytes from the end of the buffer. */
-void
+void
buffer_consume_end(Buffer *buffer, unsigned int bytes)
{
if (bytes > buffer->end - buffer->offset)
@@ -149,7 +149,7 @@ buffer_ptr(Buffer *buffer)
/* Dumps the contents of the buffer to stderr. */
-void
+void
buffer_dump(Buffer *buffer)
{
int i;
diff --git a/canohost.c b/canohost.c
index a11d6639..1b579092 100644
--- a/canohost.c
+++ b/canohost.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* canohost.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sun Jul 2 17:52:22 1995 ylo
- *
+ *
* Functions for returning the canonical host name of the remote site.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: canohost.c,v 1.8 2000/03/11 09:45:41 damien Exp $");
+RCSID("$Id: canohost.c,v 1.9 2000/04/16 01:18:40 damien Exp $");
#include "packet.h"
#include "xmalloc.h"
@@ -265,7 +265,7 @@ get_sock_port(int sock, int local)
/* Returns remote/local port number for the current connection. */
-int
+int
get_port(int local)
{
/*
@@ -279,13 +279,13 @@ get_port(int local)
return get_sock_port(packet_get_connection_in(), local);
}
-int
+int
get_peer_port(int sock)
{
return get_sock_port(sock, 0);
}
-int
+int
get_remote_port()
{
return get_port(0);
diff --git a/channels.c b/channels.c
index 957b4a42..5f3b0d11 100644
--- a/channels.c
+++ b/channels.c
@@ -1,23 +1,23 @@
/*
- *
+ *
* channels.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 24 16:35:24 1995 ylo
- *
+ *
* This file contains functions for generic socket connection forwarding.
* There is also code for initiating connection forwarding for X11 connections,
* arbitrary tcp/ip connections, and the authentication agent connection.
- *
+ *
* SSH2 support added by Markus Friedl.
*/
#include "includes.h"
-RCSID("$Id: channels.c,v 1.24 2000/04/12 10:17:38 damien Exp $");
+RCSID("$Id: channels.c,v 1.25 2000/04/16 01:18:41 damien Exp $");
#include "ssh.h"
#include "packet.h"
@@ -109,7 +109,7 @@ static int have_hostname_in_open = 0;
/* Sets specific protocol options. */
-void
+void
channel_set_options(int hostname_in_open)
{
have_hostname_in_open = hostname_in_open;
@@ -121,7 +121,7 @@ channel_set_options(int hostname_in_open)
* and the server has no way to know but to trust the client anyway.
*/
-void
+void
channel_permit_all_opens()
{
all_opens_permitted = 1;
@@ -150,7 +150,7 @@ channel_lookup(int id)
* remote_name to be freed.
*/
-int
+int
channel_new(char *ctype, int type, int rfd, int wfd, int efd,
int window, int maxpack, int extended_usage, char *remote_name)
{
@@ -226,7 +226,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
debug("channel %d: new [%s]", found, remote_name);
return found;
}
-int
+int
channel_allocate(int type, int sock, char *remote_name)
{
return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name);
@@ -234,7 +234,7 @@ channel_allocate(int type, int sock, char *remote_name)
/* Free the channel and close its socket. */
-void
+void
channel_free(int id)
{
Channel *c = channel_lookup(id);
@@ -361,7 +361,7 @@ channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset)
{
if (buffer_len(&c->output) == 0)
channel_free(c->self);
- else
+ else
FD_SET(c->sock, writeset);
}
@@ -540,8 +540,10 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset)
packet_put_int(newch);
packet_put_int(c->local_window_max);
packet_put_int(c->local_maxpacket);
+ /* target host and port */
packet_put_string(c->path, strlen(c->path));
packet_put_int(c->host_port);
+ /* originator host and port */
packet_put_cstring(remote_hostname);
packet_put_int(remote_port);
packet_send();
@@ -782,7 +784,7 @@ channel_handler_init(void)
channel_handler_init_15();
}
-void
+void
channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
{
static int did_init = 0;
@@ -804,13 +806,13 @@ channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset)
}
}
-void
+void
channel_prepare_select(fd_set * readset, fd_set * writeset)
{
channel_handler(channel_pre, readset, writeset);
}
-void
+void
channel_after_select(fd_set * readset, fd_set * writeset)
{
channel_handler(channel_post, readset, writeset);
@@ -818,7 +820,7 @@ channel_after_select(fd_set * readset, fd_set * writeset)
/* If there is data to send to the connection, send some of it now. */
-void
+void
channel_output_poll()
{
int len, i;
@@ -909,7 +911,7 @@ channel_output_poll()
* still there.
*/
-void
+void
channel_input_data(int type, int plen)
{
int id;
@@ -934,6 +936,7 @@ channel_input_data(int type, int plen)
/* Get the data. */
data = packet_get_string(&data_len);
+ packet_done();
if (compat20){
if (data_len > c->local_maxpacket) {
@@ -953,7 +956,7 @@ channel_input_data(int type, int plen)
buffer_append(&c->output, data, data_len);
xfree(data);
}
-void
+void
channel_input_extended_data(int type, int plen)
{
int id;
@@ -980,6 +983,7 @@ channel_input_extended_data(int type, int plen)
return;
}
data = packet_get_string(&data_len);
+ packet_done();
if (data_len > c->local_window) {
log("channel %d: rcvd too much extended_data %d, win %d",
c->self, data_len, c->local_window);
@@ -998,7 +1002,7 @@ channel_input_extended_data(int type, int plen)
* more channel is overfull.
*/
-int
+int
channel_not_very_much_buffered_data()
{
unsigned int i;
@@ -1022,7 +1026,7 @@ channel_not_very_much_buffered_data()
return 1;
}
-void
+void
channel_input_ieof(int type, int plen)
{
int id;
@@ -1037,7 +1041,7 @@ channel_input_ieof(int type, int plen)
chan_rcvd_ieof(c);
}
-void
+void
channel_input_close(int type, int plen)
{
int id;
@@ -1076,7 +1080,7 @@ channel_input_close(int type, int plen)
}
/* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */
-void
+void
channel_input_oclose(int type, int plen)
{
int id = packet_get_int();
@@ -1087,12 +1091,13 @@ channel_input_oclose(int type, int plen)
chan_rcvd_oclose(c);
}
-void
+void
channel_input_close_confirmation(int type, int plen)
{
int id = packet_get_int();
Channel *c = channel_lookup(id);
+ packet_done();
if (c == NULL)
packet_disconnect("Received close confirmation for "
"out-of-range channel %d.", id);
@@ -1102,7 +1107,7 @@ channel_input_close_confirmation(int type, int plen)
channel_free(c->self);
}
-void
+void
channel_input_open_confirmation(int type, int plen)
{
int id, remote_id;
@@ -1125,6 +1130,7 @@ channel_input_open_confirmation(int type, int plen)
if (compat20) {
c->remote_window = packet_get_int();
c->remote_maxpacket = packet_get_int();
+ packet_done();
if (c->cb_fn != NULL && c->cb_event == type) {
debug("callback start");
c->cb_fn(c->self, c->cb_arg);
@@ -1135,7 +1141,7 @@ channel_input_open_confirmation(int type, int plen)
}
}
-void
+void
channel_input_open_failure(int type, int plen)
{
int id;
@@ -1153,8 +1159,11 @@ channel_input_open_failure(int type, int plen)
if (compat20) {
int reason = packet_get_int();
char *msg = packet_get_string(NULL);
+ char *lang = packet_get_string(NULL);
log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
+ packet_done();
xfree(msg);
+ xfree(lang);
}
/* Free the channel. This will also close the socket. */
channel_free(id);
@@ -1185,7 +1194,7 @@ debug("cb_fn %p cb_event %d", c->cb_fn , c->cb_event);
}
}
-void
+void
channel_input_window_adjust(int type, int plen)
{
Channel *c;
@@ -1204,6 +1213,7 @@ channel_input_window_adjust(int type, int plen)
return;
}
adjust = packet_get_int();
+ packet_done();
debug("channel %d: rcvd adjust %d", id, adjust);
c->remote_window += adjust;
}
@@ -1213,7 +1223,7 @@ channel_input_window_adjust(int type, int plen)
* might have.
*/
-void
+void
channel_stop_listening()
{
int i;
@@ -1240,7 +1250,7 @@ channel_stop_listening()
* descriptors after a fork.
*/
-void
+void
channel_close_all()
{
int i;
@@ -1252,7 +1262,7 @@ channel_close_all()
/* Returns the maximum file descriptor number used by the channels. */
-int
+int
channel_max_fd()
{
return channel_max_fd_value;
@@ -1260,7 +1270,7 @@ channel_max_fd()
/* Returns true if any channel is still open. */
-int
+int
channel_still_open()
{
unsigned int i;
@@ -1347,7 +1357,7 @@ channel_open_message()
* channel to host:port from remote side.
*/
-void
+void
channel_request_local_forwarding(u_short port, const char *host,
u_short host_port, int gateway_ports)
{
@@ -1435,7 +1445,7 @@ channel_request_local_forwarding(u_short port, const char *host,
* the secure channel to host:port from local side.
*/
-void
+void
channel_request_remote_forwarding(u_short listen_port, const char *host_to_connect,
u_short port_to_connect)
{
@@ -1478,7 +1488,7 @@ channel_request_remote_forwarding(u_short listen_port, const char *host_to_conne
* message if there was an error). This never returns if there was an error.
*/
-void
+void
channel_input_port_forward_request(int is_root)
{
u_short port, host_port;
@@ -1562,7 +1572,7 @@ channel_connect_to(const char *host, u_short host_port)
* or CHANNEL_OPEN_FAILURE.
*/
-void
+void
channel_input_port_open(int type, int plen)
{
u_short host_port;
@@ -1807,7 +1817,7 @@ connect_local_xsocket(unsigned int dnr)
* with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
*/
-void
+void
x11_input_open(int type, int plen)
{
int remote_channel, display_number, sock = 0, newch;
@@ -1911,7 +1921,7 @@ x11_input_open(int type, int plen)
}
freeaddrinfo(aitop);
if (!ai) {
- error("connect %.100s port %d: %.100s", buf, 6000 + display_number,
+ error("connect %.100s port %d: %.100s", buf, 6000 + display_number,
strerror(errno));
goto fail;
}
@@ -1945,7 +1955,7 @@ fail:
* data, and enables authentication spoofing.
*/
-void
+void
x11_request_forwarding_with_spoofing(const char *proto, const char *data)
{
unsigned int data_len = (unsigned int) strlen(data) / 2;
@@ -2003,7 +2013,7 @@ x11_request_forwarding_with_spoofing(const char *proto, const char *data)
/* Sends a message to the server to request authentication fd forwarding. */
-void
+void
auth_request_forwarding()
{
packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING);
@@ -2025,7 +2035,7 @@ auth_get_socket_name()
/* removes the agent forwarding socket */
-void
+void
cleanup_socket(void)
{
remove(channel_forwarded_auth_socket_name);
@@ -2037,7 +2047,7 @@ cleanup_socket(void)
* This starts forwarding authentication requests.
*/
-void
+void
auth_input_request_forwarding(struct passwd * pw)
{
int sock, newch;
@@ -2095,7 +2105,7 @@ auth_input_request_forwarding(struct passwd * pw)
/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
-void
+void
auth_input_open_request(int type, int plen)
{
int remch, sock, newch;
diff --git a/channels.h b/channels.h
index 33af09d9..cab79644 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
-/* RCSID("$Id: channels.h,v 1.6 2000/04/04 04:39:01 damien Exp $"); */
+/* RCSID("$Id: channels.h,v 1.7 2000/04/16 01:18:41 damien Exp $"); */
#ifndef CHANNELS_H
#define CHANNELS_H
@@ -149,7 +149,7 @@ char *channel_open_message(void);
* channel to host:port from remote side. This never returns if there was an
* error.
*/
-void
+void
channel_request_local_forwarding(u_short port, const char *host,
u_short remote_port, int gateway_ports);
@@ -159,7 +159,7 @@ channel_request_local_forwarding(u_short port, const char *host,
* there was an error. This registers that open requests for that port are
* permitted.
*/
-void
+void
channel_request_remote_forwarding(u_short port, const char *host,
u_short remote_port);
diff --git a/cipher.c b/cipher.c
index 1bd8f7c8..edc50dcf 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,18 +1,18 @@
/*
- *
+ *
* cipher.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Apr 19 17:41:39 1995 ylo
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: cipher.c,v 1.18 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: cipher.c,v 1.19 2000/04/16 01:18:41 damien Exp $");
#include "ssh.h"
#include "cipher.h"
@@ -138,7 +138,7 @@ static char *cipher_names[] =
* supported cipher.
*/
-unsigned int
+unsigned int
cipher_mask1()
{
unsigned int mask = 0;
@@ -146,7 +146,7 @@ cipher_mask1()
mask |= 1 << SSH_CIPHER_BLOWFISH;
return mask;
}
-unsigned int
+unsigned int
cipher_mask2()
{
unsigned int mask = 0;
@@ -156,7 +156,7 @@ cipher_mask2()
mask |= 1 << SSH_CIPHER_CAST128_CBC;
return mask;
}
-unsigned int
+unsigned int
cipher_mask()
{
return cipher_mask1() | cipher_mask2();
@@ -218,7 +218,7 @@ cipher_number(const char *name)
* passphrase and using the resulting 16 bytes as the key.
*/
-void
+void
cipher_set_key_string(CipherContext *context, int cipher, const char *passphrase)
{
MD5_CTX md;
@@ -236,7 +236,7 @@ cipher_set_key_string(CipherContext *context, int cipher, const char *passphrase
/* Selects the cipher to use and sets the key. */
-void
+void
cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
int keylen)
{
@@ -297,9 +297,9 @@ cipher_set_key(CipherContext *context, int cipher, const unsigned char *key,
memset(padded, 0, sizeof(padded));
}
-void
+void
cipher_set_key_iv(CipherContext * context, int cipher,
- const unsigned char *key, int keylen,
+ const unsigned char *key, int keylen,
const unsigned char *iv, int ivlen)
{
/* Set cipher type. */
@@ -357,7 +357,7 @@ cipher_set_key_iv(CipherContext * context, int cipher,
/* Encrypts data using the cipher. */
-void
+void
cipher_encrypt(CipherContext *context, unsigned char *dest,
const unsigned char *src, unsigned int len)
{
@@ -379,14 +379,14 @@ cipher_encrypt(CipherContext *context, unsigned char *dest,
case SSH_CIPHER_BLOWFISH:
swap_bytes(src, dest, len);
BF_cbc_encrypt(dest, dest, len,
- &context->u.bf.key, context->u.bf.iv,
+ &context->u.bf.key, context->u.bf.iv,
BF_ENCRYPT);
swap_bytes(dest, dest, len);
break;
case SSH_CIPHER_BLOWFISH_CBC:
BF_cbc_encrypt((void *)src, dest, len,
- &context->u.bf.key, context->u.bf.iv,
+ &context->u.bf.key, context->u.bf.iv,
BF_ENCRYPT);
break;
@@ -412,7 +412,7 @@ cipher_encrypt(CipherContext *context, unsigned char *dest,
/* Decrypts data using the cipher. */
-void
+void
cipher_decrypt(CipherContext *context, unsigned char *dest,
const unsigned char *src, unsigned int len)
{
diff --git a/cipher.h b/cipher.h
index 1112bffd..383e3444 100644
--- a/cipher.h
+++ b/cipher.h
@@ -1,17 +1,17 @@
/*
- *
+ *
* cipher.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Apr 19 16:50:42 1995 ylo
- *
+ *
*/
-/* RCSID("$Id: cipher.h,v 1.10 2000/04/13 02:26:36 damien Exp $"); */
+/* RCSID("$Id: cipher.h,v 1.11 2000/04/16 01:18:41 damien Exp $"); */
#ifndef CIPHER_H
#define CIPHER_H
@@ -95,29 +95,29 @@ int ciphers_valid(const char *names);
* Selects the cipher to use and sets the key. If for_encryption is true,
* the key is setup for encryption; otherwise it is setup for decryption.
*/
-void
+void
cipher_set_key(CipherContext * context, int cipher,
const unsigned char *key, int keylen);
-void
+void
cipher_set_key_iv(CipherContext * context, int cipher,
- const unsigned char *key, int keylen,
+ const unsigned char *key, int keylen,
const unsigned char *iv, int ivlen);
/*
* Sets key for the cipher by computing the MD5 checksum of the passphrase,
* and using the resulting 16 bytes as the key.
*/
-void
+void
cipher_set_key_string(CipherContext * context, int cipher,
const char *passphrase);
/* Encrypts data using the cipher. */
-void
+void
cipher_encrypt(CipherContext * context, unsigned char *dest,
const unsigned char *src, unsigned int len);
/* Decrypts data using the cipher. */
-void
+void
cipher_decrypt(CipherContext * context, unsigned char *dest,
const unsigned char *src, unsigned int len);
diff --git a/clientloop.c b/clientloop.c
index 91a20066..cc25ca55 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,22 +1,22 @@
/*
- *
+ *
* clientloop.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
- *
+ *
+ *
* Created: Sat Sep 23 12:23:57 1995 ylo
- *
+ *
* The main loop for the interactive session (client side).
- *
+ *
* SSH2 support added by Markus Friedl.
*/
#include "includes.h"
-RCSID("$Id: clientloop.c,v 1.10 2000/04/12 10:17:39 damien Exp $");
+RCSID("$Id: clientloop.c,v 1.11 2000/04/16 01:18:41 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -83,7 +83,7 @@ int session_ident = -1;
/* Returns the user\'s terminal to normal mode if it had been put in raw mode. */
-void
+void
leave_raw_mode()
{
if (!in_raw_mode)
@@ -97,7 +97,7 @@ leave_raw_mode()
/* Puts the user\'s terminal in raw mode. */
-void
+void
enter_raw_mode()
{
struct termios tio;
@@ -123,7 +123,7 @@ enter_raw_mode()
/* Restores stdin to blocking mode. */
-void
+void
leave_non_blocking()
{
if (in_non_blocking_mode) {
@@ -135,7 +135,7 @@ leave_non_blocking()
/* Puts stdin terminal in non-blocking mode. */
-void
+void
enter_non_blocking()
{
in_non_blocking_mode = 1;
@@ -148,7 +148,7 @@ enter_non_blocking()
* flag indicating that the window has changed.
*/
-void
+void
window_change_handler(int sig)
{
received_window_change_signal = 1;
@@ -160,7 +160,7 @@ window_change_handler(int sig)
* signals must be trapped to restore terminal modes.
*/
-void
+void
signal_handler(int sig)
{
if (in_raw_mode)
@@ -177,7 +177,7 @@ signal_handler(int sig)
* available resolution.
*/
-double
+double
get_current_time()
{
struct timeval tv;
@@ -191,7 +191,7 @@ get_current_time()
* not appear to wake up when redirecting from /dev/null.
*/
-void
+void
client_check_initial_eof_on_stdin()
{
int len;
@@ -245,7 +245,7 @@ client_check_initial_eof_on_stdin()
* connection.
*/
-void
+void
client_make_packets_from_stdin_data()
{
unsigned int len;
@@ -276,7 +276,7 @@ client_make_packets_from_stdin_data()
* appropriate.
*/
-void
+void
client_check_window_change()
{
struct winsize ws;
@@ -313,7 +313,7 @@ client_check_window_change()
* one of the file descriptors).
*/
-void
+void
client_wait_until_can_do_something(fd_set * readset, fd_set * writeset)
{
/*debug("client_wait_until_can_do_something"); */
@@ -380,7 +380,7 @@ client_wait_until_can_do_something(fd_set * readset, fd_set * writeset)
}
}
-void
+void
client_suspend_self()
{
struct winsize oldws, newws;
@@ -425,7 +425,7 @@ client_suspend_self()
enter_raw_mode();
}
-void
+void
client_process_net_input(fd_set * readset)
{
int len;
@@ -468,7 +468,7 @@ client_process_net_input(fd_set * readset)
}
}
-void
+void
client_process_input(fd_set * readset)
{
int len, pid;
@@ -657,7 +657,7 @@ Supported escape sequences:\r\n\
}
}
-void
+void
client_process_output(fd_set * writeset)
{
int len;
@@ -717,7 +717,7 @@ client_process_output(fd_set * writeset)
* preparatory phase.
*/
-void
+void
client_process_buffered_input_packets()
{
dispatch_run(DISPATCH_NONBLOCK, &quit_pending);
@@ -730,7 +730,7 @@ client_process_buffered_input_packets()
* character for terminating or suspending the session.
*/
-int
+int
client_loop(int have_pty, int escape_char_arg)
{
extern Options options;
@@ -953,7 +953,7 @@ client_input_exit_status(int type, int plen)
quit_pending = 1;
}
-void
+void
client_init_dispatch_20()
{
dispatch_init(&dispatch_protocol_error);
@@ -966,7 +966,7 @@ client_init_dispatch_20()
dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &channel_input_channel_request);
dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
}
-void
+void
client_init_dispatch_13()
{
dispatch_init(NULL);
@@ -983,14 +983,14 @@ client_init_dispatch_13()
dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
dispatch_set(SSH_SMSG_X11_OPEN, &x11_input_open);
}
-void
+void
client_init_dispatch_15()
{
client_init_dispatch_13();
dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, & channel_input_oclose);
}
-void
+void
client_init_dispatch()
{
if (compat20)
@@ -1027,6 +1027,7 @@ client_input_channel_req(int id, void *arg)
} else if (strcmp(rtype, "exit-status") == 0) {
success = 1;
exit_status = packet_get_int();
+ packet_done();
}
if (reply) {
packet_start(success ?
diff --git a/compat.c b/compat.c
index d56e3e81..4673e3fb 100644
--- a/compat.c
+++ b/compat.c
@@ -28,7 +28,7 @@
*/
#include "includes.h"
-RCSID("$Id: compat.c,v 1.7 2000/04/12 10:17:39 damien Exp $");
+RCSID("$Id: compat.c,v 1.8 2000/04/16 01:18:42 damien Exp $");
#include "ssh.h"
#include "packet.h"
@@ -39,14 +39,14 @@ int compat13 = 0;
int compat20 = 0;
int datafellows = 0;
-void
+void
enable_compat20(void)
{
verbose("Enabling compatibility mode for protocol 2.0");
compat20 = 1;
packet_set_ssh2_format();
}
-void
+void
enable_compat13(void)
{
verbose("Enabling compatibility mode for protocol 1.3");
diff --git a/compress.c b/compress.c
index ee5cdccb..610aaf7e 100644
--- a/compress.c
+++ b/compress.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* compress.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Oct 25 22:12:46 1995 ylo
- *
+ *
* Interface to packet compression for ssh.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: compress.c,v 1.5 2000/04/01 01:09:24 damien Exp $");
+RCSID("$Id: compress.c,v 1.6 2000/04/16 01:18:42 damien Exp $");
#include "ssh.h"
#include "buffer.h"
@@ -28,7 +28,7 @@ static z_stream outgoing_stream;
* (as in gzip).
*/
-void
+void
buffer_compress_init(int level)
{
debug("Enabling compression at level %d.", level);
@@ -40,7 +40,7 @@ buffer_compress_init(int level)
/* Frees any data structures allocated for compression. */
-void
+void
buffer_compress_uninit()
{
debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f",
@@ -64,7 +64,7 @@ buffer_compress_uninit()
* receiver. This appends the compressed data to the output buffer.
*/
-void
+void
buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
{
char buf[4096];
@@ -108,7 +108,7 @@ buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
* with that. This appends the uncompressed data to the output buffer.
*/
-void
+void
buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer)
{
char buf[4096];
diff --git a/compress.h b/compress.h
index 41279a0b..f1318332 100644
--- a/compress.h
+++ b/compress.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* compress.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Oct 25 22:12:46 1995 ylo
- *
+ *
* Interface to packet compression for ssh.
- *
+ *
*/
-/* RCSID("$Id: compress.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: compress.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
#ifndef COMPRESS_H
#define COMPRESS_H
diff --git a/crc32.h b/crc32.h
index d20a8ab1..15ac2999 100644
--- a/crc32.h
+++ b/crc32.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* crc32.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1992 Tatu Ylonen, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Tue Feb 11 14:37:27 1992 ylo
- *
+ *
* Functions for computing 32-bit CRC.
- *
+ *
*/
-/* RCSID("$Id: crc32.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: crc32.h,v 1.4 2000/04/16 01:18:42 damien Exp $"); */
#ifndef CRC32_H
#define CRC32_H
diff --git a/dispatch.c b/dispatch.c
new file mode 100644
index 00000000..50f11f3c
--- /dev/null
+++ b/dispatch.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Markus Friedl.
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include "includes.h"
+RCSID("$Id: dispatch.c,v 1.3 2000/04/16 01:18:42 damien Exp $");
+#include "ssh.h"
+#include "dispatch.h"
+#include "packet.h"
+
+#define DISPATCH_MIN 0
+#define DISPATCH_MAX 255
+
+dispatch_fn *dispatch[DISPATCH_MAX];
+
+void
+dispatch_protocol_error(int type, int plen)
+{
+ error("Hm, dispatch protocol error: type %d plen %d", type, plen);
+}
+void
+dispatch_init(dispatch_fn *dflt)
+{
+ int i;
+ for (i = 0; i < DISPATCH_MAX; i++)
+ dispatch[i] = dflt;
+}
+void
+dispatch_set(int type, dispatch_fn *fn)
+{
+ dispatch[type] = fn;
+}
+void
+dispatch_run(int mode, int *done)
+{
+ for (;;) {
+ int plen;
+ int type;
+
+ if (mode == DISPATCH_BLOCK) {
+ type = packet_read(&plen);
+ } else {
+ type = packet_read_poll(&plen);
+ if (type == SSH_MSG_NONE)
+ return;
+ }
+ if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL)
+ (*dispatch[type])(type, plen);
+ else
+ packet_disconnect("protocol error: rcvd type %d", type);
+ if (done != NULL && *done)
+ return;
+ }
+}
diff --git a/dsa.c b/dsa.c
index 93543567..778d43d5 100644
--- a/dsa.c
+++ b/dsa.c
@@ -28,7 +28,7 @@
*/
#include "includes.h"
-RCSID("$Id: dsa.c,v 1.3 2000/04/12 09:39:10 markus Exp $");
+RCSID("$Id: dsa.c,v 1.4 2000/04/14 10:30:31 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -108,7 +108,7 @@ dsa_load_private(char *filename)
in = BIO_new(BIO_s_file());
if (in == NULL)
fatal("BIO_new failed");
- if (BIO_read_filename(in, filename) <= 0)
+ if (BIO_read_filename(in, filename) <= 0)
fatal("BIO_read failed %s: %s", filename, strerror(errno));
fprintf(stderr, "read DSA private key\n");
dsa = PEM_read_bio_DSAPrivateKey(in,NULL,NULL,NULL);
@@ -182,9 +182,9 @@ dsa_sign(
sig = DSA_do_sign(digest, evp_md->md_size, key->dsa);
- rlen = BN_num_bytes(sig->r);
- slen = BN_num_bytes(sig->s);
- if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
+ rlen = BN_num_bytes(sig->r);
+ slen = BN_num_bytes(sig->s);
+ if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
error("bad sig size %d %d", rlen, slen);
DSA_SIG_free(sig);
return -1;
diff --git a/getput.h b/getput.h
index 9ab5a22c..22235f5d 100644
--- a/getput.h
+++ b/getput.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* getput.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Wed Jun 28 22:36:30 1995 ylo
- *
+ *
* Macros for storing and retrieving data in msb first and lsb first order.
- *
+ *
*/
-/* RCSID("$Id: getput.h,v 1.2 1999/11/24 13:26:22 damien Exp $"); */
+/* RCSID("$Id: getput.h,v 1.3 2000/04/16 01:18:42 damien Exp $"); */
#ifndef GETPUT_H
#define GETPUT_H
@@ -21,7 +21,7 @@
/*------------ macros for storing/extracting msb first words -------------*/
#define GET_32BIT(cp) (((unsigned long)(unsigned char)(cp)[0] << 24) | \
- ((unsigned long)(unsigned char)(cp)[1] << 16) | \
+ ((unsigned long)(unsigned char)(cp)[1] << 16) | \
((unsigned long)(unsigned char)(cp)[2] << 8) | \
((unsigned long)(unsigned char)(cp)[3]))
diff --git a/hostfile.c b/hostfile.c
index c594c29a..b027075a 100644
--- a/hostfile.c
+++ b/hostfile.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* hostfile.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Thu Jun 29 07:10:56 1995 ylo
- *
+ *
* Functions for manipulating the known hosts files.
- *
+ *
*/
#include "includes.h"
-RCSID("$OpenBSD: hostfile.c,v 1.15 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: hostfile.c,v 1.16 2000/04/14 10:30:31 markus Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
diff --git a/hostfile.h b/hostfile.h
index 64fe185d..c9bdd7f2 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -10,7 +10,7 @@
typedef enum {
HOST_OK, HOST_NEW, HOST_CHANGED
} HostStatus;
-HostStatus
+HostStatus
check_host_in_hostfile(const char *filename, const char *host, Key *key, Key *found);
/*
diff --git a/includes.h b/includes.h
index 746e76e5..51226676 100644
--- a/includes.h
+++ b/includes.h
@@ -1,16 +1,16 @@
/*
- *
+ *
* includes.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Thu Mar 23 16:29:37 1995 ylo
- *
+ *
* This file includes most of the needed system headers.
- *
+ *
*/
#ifndef INCLUDES_H
diff --git a/kex.c b/kex.c
index c747b6c4..4b526693 100644
--- a/kex.c
+++ b/kex.c
@@ -28,7 +28,7 @@
*/
#include "includes.h"
-RCSID("$Id: kex.c,v 1.4 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: kex.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
#include "ssh.h"
#include "ssh2.h"
@@ -149,12 +149,12 @@ void
dump_digest(unsigned char *digest, int len)
{
int i;
- for (i = 0; i< len; i++){
- fprintf(stderr, "%02x", digest[i]);
+ for (i = 0; i< len; i++){
+ fprintf(stderr, "%02x", digest[i]);
if(i%2!=0)
fprintf(stderr, " ");
}
- fprintf(stderr, "\n");
+ fprintf(stderr, "\n");
}
unsigned char *
@@ -201,7 +201,7 @@ kex_hash(
buffer_free(&b);
#ifdef DEBUG_KEX
- dump_digest(digest, evp_md->md_size);
+ dump_digest(digest, evp_md->md_size);
#endif
return digest;
}
@@ -345,7 +345,7 @@ choose_kex(Kex *k, char *client, char *server)
k->name = get_match(client, server);
if (k->name == NULL)
fatal("no kex alg");
- if (strcmp(k->name, KEX_DH1) != 0)
+ if (strcmp(k->name, KEX_DH1) != 0)
fatal("bad kex alg %s", k->name);
}
void
diff --git a/log-client.c b/log-client.c
index 11ac45d7..e86a2e33 100644
--- a/log-client.c
+++ b/log-client.c
@@ -1,21 +1,21 @@
/*
- *
+ *
* log-client.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Mon Mar 20 21:13:40 1995 ylo
- *
+ *
* Client-side versions of debug(), log(), etc. These print to stderr.
* This is a stripped down version of log-server.c.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: log-client.c,v 1.5 2000/03/09 10:27:50 damien Exp $");
+RCSID("$Id: log-client.c,v 1.6 2000/04/16 01:18:43 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
diff --git a/log-server.c b/log-server.c
index 476e49f8..9070b653 100644
--- a/log-server.c
+++ b/log-server.c
@@ -1,21 +1,21 @@
/*
- *
+ *
* log-server.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Mon Mar 20 21:19:30 1995 ylo
- *
+ *
* Server-side versions of debug(), log(), etc. These normally send the output
* to the system log.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: log-server.c,v 1.8 2000/04/01 01:09:24 damien Exp $");
+RCSID("$Id: log-server.c,v 1.9 2000/04/16 01:18:43 damien Exp $");
#include <syslog.h>
#include "packet.h"
@@ -38,7 +38,7 @@ static int log_facility = LOG_AUTH;
* level logging level
*/
-void
+void
log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
{
switch (level) {
diff --git a/login.c b/login.c
index da11b245..b4a8bafc 100644
--- a/login.c
+++ b/login.c
@@ -1,24 +1,24 @@
/*
- *
+ *
* login.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 24 14:51:08 1995 ylo
- *
+ *
* This file performs some of the things login(1) normally does. We cannot
* easily use something like login -p -h host -f user, because there are
* several different logins around, and it is hard to determined what kind of
* login the current system has. Also, we want to be able to execute commands
* on a tty.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: login.c,v 1.22 2000/02/02 08:17:41 damien Exp $");
+RCSID("$Id: login.c,v 1.23 2000/04/16 01:18:43 damien Exp $");
#if defined(HAVE_UTMPX_H) && defined(USE_UTMPX)
# include <utmpx.h>
@@ -49,7 +49,7 @@ RCSID("$Id: login.c,v 1.22 2000/02/02 08:17:41 damien Exp $");
* is found). The name of the host used last time is returned in buf.
*/
-unsigned long
+unsigned long
get_last_login_time(uid_t uid, const char *logname,
char *buf, unsigned int bufsize)
{
@@ -135,7 +135,7 @@ get_last_login_time(uid_t uid, const char *logname,
* were more standardized.
*/
-void
+void
record_login(int pid, const char *ttyname, const char *user, uid_t uid,
const char *host, struct sockaddr * addr)
{
@@ -273,7 +273,7 @@ record_login(int pid, const char *ttyname, const char *user, uid_t uid,
/* Records that the user has logged out. */
-void
+void
record_logout(int pid, const char *ttyname)
{
#ifdef HAVE_LIBUTIL_LOGIN
diff --git a/match.c b/match.c
index b72efca7..ef949859 100644
--- a/match.c
+++ b/match.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* match.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Thu Jun 22 01:17:50 1995 ylo
- *
+ *
* Simple pattern matching, with '*' and '?' as wildcards.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: match.c,v 1.4 2000/03/26 03:04:53 damien Exp $");
+RCSID("$Id: match.c,v 1.5 2000/04/16 01:18:43 damien Exp $");
#include "ssh.h"
@@ -23,7 +23,7 @@ RCSID("$Id: match.c,v 1.4 2000/03/26 03:04:53 damien Exp $");
* and * as wildcards), and zero if it does not match.
*/
-int
+int
match_pattern(const char *s, const char *pattern)
{
for (;;) {
diff --git a/mpaux.c b/mpaux.c
index 8ce89dcc..4deefe68 100644
--- a/mpaux.c
+++ b/mpaux.c
@@ -1,21 +1,21 @@
/*
- *
+ *
* mpaux.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sun Jul 16 04:29:30 1995 ylo
- *
+ *
* This file contains various auxiliary functions related to multiple
* precision integers.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: mpaux.c,v 1.10 2000/04/13 02:26:36 damien Exp $");
+RCSID("$Id: mpaux.c,v 1.11 2000/04/16 01:18:43 damien Exp $");
#include "getput.h"
#include "xmalloc.h"
diff --git a/mpaux.h b/mpaux.h
index 105bc314..d3e24cfd 100644
--- a/mpaux.h
+++ b/mpaux.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* mpaux.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sun Jul 16 04:29:30 1995 ylo
- *
+ *
* This file contains various auxiliary functions related to multiple
* precision integers.
*/
-/* RCSID("$Id: mpaux.h,v 1.4 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: mpaux.h,v 1.5 2000/04/16 01:18:43 damien Exp $"); */
#ifndef MPAUX_H
#define MPAUX_H
@@ -23,7 +23,7 @@
* session id is computed by concatenating the linearized, msb first
* representations of host_key_n, session_key_n, and the cookie.
*/
-void
+void
compute_session_id(unsigned char session_id[16],
unsigned char cookie[8],
BIGNUM * host_key_n,
diff --git a/nchan.c b/nchan.c
index 3795d8ad..f2dace0e 100644
--- a/nchan.c
+++ b/nchan.c
@@ -28,7 +28,7 @@
*/
#include "includes.h"
-RCSID("$Id: nchan.c,v 1.7 2000/04/04 04:39:02 damien Exp $");
+RCSID("$Id: nchan.c,v 1.8 2000/04/16 01:18:43 damien Exp $");
#include "ssh.h"
@@ -389,11 +389,11 @@ chan_delete_if_full_closed2(Channel *c)
if (!(c->flags & CHAN_CLOSE_SENT)) {
chan_send_close2(c);
}
- if ((c->flags & CHAN_CLOSE_SENT) &&
+ if ((c->flags & CHAN_CLOSE_SENT) &&
(c->flags & CHAN_CLOSE_RCVD)) {
debug("channel %d: full closed2", c->self);
channel_free(c->self);
- }
+ }
}
}
diff --git a/packet.c b/packet.c
index b0dfe4aa..cb8fa15b 100644
--- a/packet.c
+++ b/packet.c
@@ -1,14 +1,14 @@
/*
- *
+ *
* packet.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sat Mar 18 02:40:40 1995 ylo
- *
+ *
* This file contains code implementing the packet protocol and communication
* with the other side. This same code is used both on client and server side.
*
@@ -17,7 +17,7 @@
*/
#include "includes.h"
-RCSID("$Id: packet.c,v 1.17 2000/04/13 02:26:37 damien Exp $");
+RCSID("$Id: packet.c,v 1.18 2000/04/16 01:18:43 damien Exp $");
#ifdef HAVE_OPENSSL
# include <openssl/bn.h>
@@ -529,7 +529,7 @@ packet_send2()
unsigned int packet_length = 0;
unsigned int i, padlen, len;
u_int32_t rand = 0;
- static unsigned int seqnr = 0;
+ static unsigned int seqnr = 0;
int type;
Enc *enc = NULL;
Mac *mac = NULL;
@@ -611,9 +611,9 @@ packet_send2()
fprintf(stderr, "encrypted: ");
buffer_dump(&output);
#endif
- /* increment sequence number for outgoing packets */
- if (++seqnr == 0)
- log("outgoing seqnr wraps around");
+ /* increment sequence number for outgoing packets */
+ if (++seqnr == 0)
+ log("outgoing seqnr wraps around");
buffer_clear(&outgoing_packet);
if (type == SSH2_MSG_NEWKEYS) {
@@ -877,7 +877,7 @@ packet_read_poll2(int *payload_len_ptr)
* compute MAC over seqnr and packet,
* increment sequence number for incoming packet
*/
- if (mac && mac->enabled) {
+ if (mac && mac->enabled) {
macbuf = hmac( mac->md, seqnr,
(unsigned char *) buffer_ptr(&incoming_packet),
buffer_len(&incoming_packet),
@@ -888,8 +888,8 @@ packet_read_poll2(int *payload_len_ptr)
DBG(debug("HMAC #%d ok", seqnr));
buffer_consume(&input, mac->mac_len);
}
- if (++seqnr == 0)
- log("incoming seqnr wraps around");
+ if (++seqnr == 0)
+ log("incoming seqnr wraps around");
/* get padlen */
cp = buffer_ptr(&incoming_packet) + 4;
@@ -1063,6 +1063,12 @@ packet_get_raw(int *length_ptr)
return buffer_ptr(&incoming_packet);
}
+int
+packet_remaining(void)
+{
+ return buffer_len(&incoming_packet);
+}
+
/*
* Returns a string from the packet data. The string is allocated using
* xmalloc; it is the responsibility of the calling program to free it when
diff --git a/packet.h b/packet.h
index 565a9bd3..93495bbf 100644
--- a/packet.h
+++ b/packet.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* packet.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sat Mar 18 02:02:14 1995 ylo
- *
+ *
* Interface for the packet protocol functions.
- *
+ *
*/
-/* RCSID("$Id: packet.h,v 1.13 2000/04/13 02:26:37 damien Exp $"); */
+/* RCSID("$Id: packet.h,v 1.14 2000/04/16 01:18:44 damien Exp $"); */
#ifndef PACKET_H
#define PACKET_H
@@ -52,7 +52,7 @@ void packet_close(void);
* key is used for both sending and reception. However, both directions are
* encrypted independently of each other. Cipher types are defined in ssh.h.
*/
-void
+void
packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
int cipher_type);
@@ -201,6 +201,16 @@ do { \
} \
} while (0)
+#define packet_done() \
+do { \
+ int _len = packet_remaining(); \
+ if (_len > 0) { \
+ log("Packet integrity error (%d bytes remaining) at %s:%d", \
+ _len ,__FILE__, __LINE__); \
+ packet_disconnect("Packet integrity error."); \
+ } \
+} while (0)
+
/* remote host is connected via a socket/ipv4 */
int packet_connection_is_on_socket(void);
int packet_connection_is_ipv4(void);
@@ -208,4 +218,7 @@ int packet_connection_is_ipv4(void);
/* enable SSH2 packet format */
void packet_set_ssh2_format(void);
+/* returns remaining payload bytes */
+int packet_remaining(void);
+
#endif /* PACKET_H */
diff --git a/pty.c b/pty.c
index c34f1f5d..c6af6f47 100644
--- a/pty.c
+++ b/pty.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* pty.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 17 04:37:25 1995 ylo
- *
+ *
* Allocating a pseudo-terminal, and making it the controlling tty.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: pty.c,v 1.17 2000/03/17 12:58:59 damien Exp $");
+RCSID("$Id: pty.c,v 1.18 2000/04/16 01:18:44 damien Exp $");
#ifdef HAVE_UTIL_H
# include <util.h>
@@ -46,7 +46,7 @@ RCSID("$Id: pty.c,v 1.17 2000/03/17 12:58:59 damien Exp $");
* returned (the buffer must be able to hold at least 64 characters).
*/
-int
+int
pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
{
#if defined(HAVE_OPENPTY) || defined(BSD4_4)
@@ -186,7 +186,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */
-void
+void
pty_release(const char *ttyname)
{
if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0)
@@ -197,7 +197,7 @@ pty_release(const char *ttyname)
/* Makes the tty the processes controlling tty and sets it to sane modes. */
-void
+void
pty_make_controlling_tty(int *ttyfd, const char *ttyname)
{
int fd;
@@ -250,7 +250,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname)
/* Changes the window size associated with the pty. */
-void
+void
pty_change_window_size(int ptyfd, int row, int col,
int xpixel, int ypixel)
{
diff --git a/pty.h b/pty.h
index af6c279d..a9bdeaee 100644
--- a/pty.h
+++ b/pty.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* pty.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 17 05:03:28 1995 ylo
- *
+ *
* Functions for allocating a pseudo-terminal and making it the controlling
* tty.
*/
-/* RCSID("$Id: pty.h,v 1.7 2000/04/01 01:09:25 damien Exp $"); */
+/* RCSID("$Id: pty.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
#ifndef PTY_H
#define PTY_H
@@ -39,7 +39,7 @@ void pty_release(const char *ttyname);
void pty_make_controlling_tty(int *ttyfd, const char *ttyname);
/* Changes the window size associated with the pty. */
-void
+void
pty_change_window_size(int ptyfd, int row, int col,
int xpixel, int ypixel);
diff --git a/radix.c b/radix.c
index ea7f5ba2..84e390fd 100644
--- a/radix.c
+++ b/radix.c
@@ -1,10 +1,10 @@
/*
* radix.c
- *
+ *
* base-64 encoding pinched from lynx2-7-2, who pinched it from rpem.
* Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991
* and placed in the public domain.
- *
+ *
* Dug Song <dugsong@UMICH.EDU>
*/
@@ -23,7 +23,7 @@ char six2pr[64] = {
unsigned char pr2six[256];
-int
+int
uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded)
{
/* ENC is the basic 1 character encoding function to make a char printing */
@@ -49,7 +49,7 @@ uuencode(unsigned char *bufin, unsigned int nbytes, char *bufcoded)
return (outptr - bufcoded);
}
-int
+int
uudecode(const char *bufcoded, unsigned char *bufplain, int outbufsize)
{
/* single character decode */
@@ -162,7 +162,7 @@ typedef unsigned short my_u_short;
}
-int
+int
creds_to_radix(CREDENTIALS *creds, unsigned char *buf)
{
char *p, *s;
@@ -216,7 +216,7 @@ creds_to_radix(CREDENTIALS *creds, unsigned char *buf)
return (uuencode((unsigned char *)temp, len, (char *)buf));
}
-int
+int
radix_to_creds(const char *buf, CREDENTIALS *creds)
{
diff --git a/readconf.c b/readconf.c
index 1ba70c36..3b75290f 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,20 +1,20 @@
/*
- *
+ *
* readconf.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sat Apr 22 00:03:10 1995 ylo
- *
+ *
* Functions for reading the configuration files.
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: readconf.c,v 1.10 2000/04/12 10:17:40 damien Exp $");
+RCSID("$Id: readconf.c,v 1.11 2000/04/16 01:18:44 damien Exp $");
#include "ssh.h"
#include "cipher.h"
@@ -167,7 +167,7 @@ static struct {
* error.
*/
-void
+void
add_local_forward(Options *options, u_short port, const char *host,
u_short host_port)
{
@@ -188,7 +188,7 @@ add_local_forward(Options *options, u_short port, const char *host,
* an error.
*/
-void
+void
add_remote_forward(Options *options, u_short port, const char *host,
u_short host_port)
{
@@ -207,7 +207,7 @@ add_remote_forward(Options *options, u_short port, const char *host,
* returns if the token is not known.
*/
-static OpCodes
+static OpCodes
parse_token(const char *cp, const char *filename, int linenum)
{
unsigned int i;
@@ -567,7 +567,7 @@ parse_int:
* there is an error. If the file does not exist, this returns immediately.
*/
-void
+void
read_config_file(const char *filename, const char *host, Options *options)
{
FILE *f;
@@ -607,7 +607,7 @@ read_config_file(const char *filename, const char *host, Options *options)
* system config file. Last, fill_default_options is called.
*/
-void
+void
initialize_options(Options * options)
{
memset(options, 'X', sizeof(*options));
@@ -658,7 +658,7 @@ initialize_options(Options * options)
* options for which no value has been specified with their default values.
*/
-void
+void
fill_default_options(Options * options)
{
if (options->forward_agent == -1)
diff --git a/readconf.h b/readconf.h
index 86f342d3..0582a8f2 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* readconf.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sat Apr 22 00:25:29 1995 ylo
- *
+ *
* Functions for reading the configuration file.
- *
+ *
*/
-/* RCSID("$Id: readconf.h,v 1.7 2000/04/12 10:17:40 damien Exp $"); */
+/* RCSID("$Id: readconf.h,v 1.8 2000/04/16 01:18:44 damien Exp $"); */
#ifndef READCONF_H
#define READCONF_H
@@ -106,7 +106,7 @@ void fill_default_options(Options * options);
* only sets those values that have not already been set. Returns 0 for legal
* options
*/
-int
+int
process_config_line(Options * options, const char *host,
char *line, const char *filename, int linenum,
int *activep);
@@ -116,7 +116,7 @@ process_config_line(Options * options, const char *host,
* should already be initialized before this call. This never returns if
* there is an error. If the file does not exist, this returns immediately.
*/
-void
+void
read_config_file(const char *filename, const char *host,
Options * options);
@@ -124,7 +124,7 @@ read_config_file(const char *filename, const char *host,
* Adds a local TCP/IP port forward to options. Never returns if there is an
* error.
*/
-void
+void
add_local_forward(Options * options, u_short port, const char *host,
u_short host_port);
@@ -132,7 +132,7 @@ add_local_forward(Options * options, u_short port, const char *host,
* Adds a remote TCP/IP port forward to options. Never returns if there is
* an error.
*/
-void
+void
add_remote_forward(Options * options, u_short port, const char *host,
u_short host_port);
diff --git a/readpass.c b/readpass.c
index edeb2386..e3402b48 100644
--- a/readpass.c
+++ b/readpass.c
@@ -32,7 +32,7 @@
*/
#include "includes.h"
-RCSID("$Id: readpass.c,v 1.5 2000/01/22 08:47:21 damien Exp $");
+RCSID("$Id: readpass.c,v 1.6 2000/04/16 01:18:44 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -58,7 +58,7 @@ read_passphrase(const char *prompt, int from_stdin)
sigset_t oset, nset;
struct sigaction sa, osa;
int input, output, echo = 0;
-
+
if (from_stdin) {
input = STDIN_FILENO;
output = STDERR_FILENO;
diff --git a/rsa.c b/rsa.c
index 0385a102..1e8c434f 100644
--- a/rsa.c
+++ b/rsa.c
@@ -1,41 +1,41 @@
/*
- *
+ *
* rsa.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 3 22:07:06 1995 ylo
- *
+ *
* Description of the RSA algorithm can be found e.g. from the following sources:
- *
+ *
* Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994.
- *
+ *
* Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to
* Computer Security. Prentice-Hall, 1989.
- *
+ *
* Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill,
* 1994.
- *
+ *
* R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications
* System and Method. US Patent 4,405,829, 1983.
- *
+ *
* Hans Riesel: Prime Numbers and Computer Methods for Factorization.
* Birkhauser, 1994.
- *
+ *
* The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995.
- *
+ *
* RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as included
* below:
- *
+ *
* [gone - had to be deleted - what a pity]
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: rsa.c,v 1.13 2000/04/04 04:57:08 damien Exp $");
+RCSID("$Id: rsa.c,v 1.14 2000/04/16 01:18:45 damien Exp $");
#include "rsa.h"
#include "ssh.h"
diff --git a/rsa.h b/rsa.h
index bc6c7f10..e819c5f2 100644
--- a/rsa.h
+++ b/rsa.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* rsa.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 3 22:01:06 1995 ylo
- *
+ *
* RSA key generation, encryption and decryption.
- *
+ *
*/
-/* RCSID("$Id: rsa.h,v 1.7 2000/04/13 02:26:37 damien Exp $"); */
+/* RCSID("$Id: rsa.h,v 1.8 2000/04/16 01:18:45 damien Exp $"); */
#ifndef RSA_H
#define RSA_H
diff --git a/scp.c b/scp.c
index 9f101524..2bd3ed2b 100644
--- a/scp.c
+++ b/scp.c
@@ -1,13 +1,13 @@
/*
- *
+ *
* scp - secure remote copy. This is basically patched BSD rcp which uses ssh
* to do the data transfer (instead of using rcmd).
- *
+ *
* NOTE: This version should NOT be suid root. (This uses ssh to do the transfer
* and ssh has the necessary privileges.)
- *
+ *
* 1995 Timo Rinne <tri@iki.fi>, Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
*/
/*
@@ -45,7 +45,7 @@
*/
#include "includes.h"
-RCSID("$Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $");
+RCSID("$Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -109,7 +109,7 @@ char *port = NULL;
* assigns the input and output file descriptors on success.
*/
-int
+int
do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
{
int pin[2], pout[2], reserved[2];
@@ -194,7 +194,7 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
return 0;
}
-void
+void
fatal(const char *fmt,...)
{
va_list ap;
@@ -257,10 +257,10 @@ main(argc, argv)
switch (ch) {
/* User-visible flags. */
case '4':
- IPv4 = 1;
+ IPv4 = 1;
break;
case '6':
- IPv6 = 1;
+ IPv6 = 1;
break;
case 'p':
pflag = 1;
@@ -1008,7 +1008,7 @@ run_err(const char *fmt,...)
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $Id: scp.c,v 1.18 2000/03/17 12:40:16 damien Exp $
+ * $Id: scp.c,v 1.19 2000/04/16 01:18:45 damien Exp $
*/
char *
diff --git a/servconf.c b/servconf.c
index 918fb8ed..fe72d275 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,18 +1,18 @@
/*
- *
+ *
* servconf.c
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Mon Aug 21 15:48:58 1995 ylo
- *
+ *
*/
#include "includes.h"
-RCSID("$Id: servconf.c,v 1.11 2000/04/12 10:17:40 damien Exp $");
+RCSID("$Id: servconf.c,v 1.12 2000/04/16 01:18:45 damien Exp $");
#include "ssh.h"
#include "servconf.h"
@@ -24,7 +24,7 @@ void add_listen_addr(ServerOptions *options, char *addr);
/* Initializes the server options to their default values. */
-void
+void
initialize_server_options(ServerOptions *options)
{
memset(options, 0, sizeof(*options));
@@ -73,7 +73,7 @@ initialize_server_options(ServerOptions *options)
options->protocol = SSH_PROTO_UNKNOWN;
}
-void
+void
fill_default_server_options(ServerOptions *options)
{
if (options->num_ports == 0)
@@ -226,7 +226,7 @@ static struct {
* returns if the token is not known.
*/
-static ServerOpCodes
+static ServerOpCodes
parse_token(const char *cp, const char *filename,
int linenum)
{
@@ -244,7 +244,7 @@ parse_token(const char *cp, const char *filename,
/*
* add listen address
*/
-void
+void
add_listen_addr(ServerOptions *options, char *addr)
{
extern int IPv4or6;
@@ -274,7 +274,7 @@ add_listen_addr(ServerOptions *options, char *addr)
/* Reads the server configuration file. */
-void
+void
read_server_config(ServerOptions *options, const char *filename)
{
FILE *f;
@@ -310,7 +310,7 @@ read_server_config(ServerOptions *options, const char *filename)
"ListenAdress.\n", filename, linenum);
if (options->num_ports >= MAX_PORTS)
fatal("%s line %d: too many ports.\n",
- filename, linenum);
+ filename, linenum);
cp = strtok(NULL, WHITESPACE);
if (!cp)
fatal("%s line %d: missing port number.\n",
diff --git a/servconf.h b/servconf.h
index 2a368624..b8e8163d 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* servconf.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Mon Aug 21 15:35:03 1995 ylo
- *
+ *
* Definitions for server configuration data and for the functions reading it.
- *
+ *
*/
-/* RCSID("$Id: servconf.h,v 1.8 2000/04/12 10:17:40 damien Exp $"); */
+/* RCSID("$Id: servconf.h,v 1.9 2000/04/16 01:18:45 damien Exp $"); */
#ifndef SERVCONF_H
#define SERVCONF_H
diff --git a/serverloop.c b/serverloop.c
index 0ea57faa..a7abbe40 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -59,7 +59,7 @@ static volatile int child_wait_status; /* Status from wait(). */
void server_init_dispatch(void);
-void
+void
sigchld_handler(int sig)
{
int save_errno = errno;
@@ -78,7 +78,7 @@ sigchld_handler(int sig)
signal(SIGCHLD, sigchld_handler);
errno = save_errno;
}
-void
+void
sigchld_handler2(int sig)
{
int save_errno = errno;
@@ -92,7 +92,7 @@ sigchld_handler2(int sig)
* Make packets from buffered stderr data, and buffer it for sending
* to the client.
*/
-void
+void
make_packets_from_stderr_data()
{
int len;
@@ -121,7 +121,7 @@ make_packets_from_stderr_data()
* Make packets from buffered stdout data, and buffer it for sending to the
* client.
*/
-void
+void
make_packets_from_stdout_data()
{
int len;
@@ -152,7 +152,7 @@ make_packets_from_stdout_data()
* have data or can accept data. Optionally, a maximum time can be specified
* for the duration of the wait (0 = infinite).
*/
-void
+void
wait_until_can_do_something(fd_set * readset, fd_set * writeset,
unsigned int max_time_milliseconds)
{
@@ -246,7 +246,7 @@ retry_select:
* Processes input from the client and the program. Input data is stored
* in buffers and processed later.
*/
-void
+void
process_input(fd_set * readset)
{
int len;
@@ -299,7 +299,7 @@ process_input(fd_set * readset)
/*
* Sends data from internal buffers to client program stdin.
*/
-void
+void
process_output(fd_set * writeset)
{
int len;
@@ -334,7 +334,7 @@ process_output(fd_set * writeset)
* Wait until all buffered output has been sent to the client.
* This is used when the program terminates.
*/
-void
+void
drain_output()
{
/* Send any buffered stdout data to the client. */
@@ -359,7 +359,7 @@ drain_output()
packet_write_wait();
}
-void
+void
process_buffered_input_packets()
{
dispatch_run(DISPATCH_NONBLOCK, NULL);
@@ -372,7 +372,7 @@ process_buffered_input_packets()
* stdin (of the child program), and reads from stdout and stderr (of the
* child program).
*/
-void
+void
server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg)
{
int wait_status, wait_pid; /* Status and pid returned by wait(). */
@@ -604,7 +604,7 @@ server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg)
/* NOTREACHED */
}
-void
+void
server_loop2(void)
{
fd_set readset, writeset;
@@ -697,16 +697,17 @@ int
input_direct_tcpip(void)
{
int sock;
- char *host, *originator;
- int host_port, originator_port;
+ char *target, *originator;
+ int target_port, originator_port;
- host = packet_get_string(NULL);
- host_port = packet_get_int();
+ target = packet_get_string(NULL);
+ target_port = packet_get_int();
originator = packet_get_string(NULL);
originator_port = packet_get_int();
+ packet_done();
/* XXX check permission */
- sock = channel_connect_to(host, host_port);
- xfree(host);
+ sock = channel_connect_to(target, target_port);
+ xfree(target);
xfree(originator);
if (sock < 0)
return -1;
@@ -714,7 +715,7 @@ input_direct_tcpip(void)
sock, sock, -1, 4*1024, 32*1024, 0, xstrdup("direct-tcpip"));
}
-void
+void
server_input_channel_open(int type, int plen)
{
Channel *c = NULL;
@@ -735,6 +736,7 @@ server_input_channel_open(int type, int plen)
if (strcmp(ctype, "session") == 0) {
debug("open session");
+ packet_done();
/*
* A server session has no fd to read or write
* until a CHANNEL_REQUEST for a shell is made,
@@ -783,7 +785,7 @@ server_input_channel_open(int type, int plen)
xfree(ctype);
}
-void
+void
server_init_dispatch_20()
{
debug("server_init_dispatch_20");
@@ -798,7 +800,7 @@ server_init_dispatch_20()
dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &channel_input_channel_request);
dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust);
}
-void
+void
server_init_dispatch_13()
{
debug("server_init_dispatch_13");
@@ -813,7 +815,7 @@ server_init_dispatch_13()
dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure);
dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open);
}
-void
+void
server_init_dispatch_15()
{
server_init_dispatch_13();
@@ -821,7 +823,7 @@ server_init_dispatch_15()
dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof);
dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, &channel_input_oclose);
}
-void
+void
server_init_dispatch()
{
if (compat20)
diff --git a/session.c b/session.c
index 835a4694..8d8ff223 100644
--- a/session.c
+++ b/session.c
@@ -8,7 +8,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.2 2000/04/06 08:55:22 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.4 2000/04/14 10:30:33 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -113,7 +113,7 @@ xauthfile_cleanup_proc(void *ignore)
* Function to perform cleanup if we get aborted abnormally (e.g., due to a
* dropped connection).
*/
-void
+void
pty_cleanup_proc(void *session)
{
Session *s=session;
@@ -136,7 +136,7 @@ pty_cleanup_proc(void *session)
* terminals are allocated, X11, TCP/IP, and authentication agent forwardings
* are requested, etc.
*/
-void
+void
do_authenticated(struct passwd * pw)
{
Session *s;
@@ -366,7 +366,7 @@ do_authenticated(struct passwd * pw)
* will call do_child from the child, and server_loop from the parent after
* setting up file descriptors and such.
*/
-void
+void
do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
{
int pid;
@@ -487,7 +487,7 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw)
* setting up file descriptors, controlling tty, updating wtmp, utmp,
* lastlog, and other such operations.
*/
-void
+void
do_exec_pty(Session *s, const char *command, struct passwd * pw)
{
FILE *f;
@@ -660,7 +660,7 @@ do_exec_pty(Session *s, const char *command, struct passwd * pw)
* Sets the value of the given variable in the environment. If the variable
* already exists, its value is overriden.
*/
-void
+void
child_set_env(char ***envp, unsigned int *envsizep, const char *name,
const char *value)
{
@@ -701,7 +701,7 @@ child_set_env(char ***envp, unsigned int *envsizep, const char *name,
* Otherwise, it must consist of empty lines, comments (line starts with '#')
* and assignments of the form name=value. No other forms are allowed.
*/
-void
+void
read_environment_file(char ***env, unsigned int *envsize,
const char *filename)
{
@@ -770,7 +770,7 @@ void do_pam_environment(char ***env, int *envsize)
* environment, closing extra file descriptors, setting the user and group
* ids, and executing the command or shell.
*/
-void
+void
do_child(const char *command, struct passwd * pw, const char *term,
const char *display, const char *auth_proto,
const char *auth_data, const char *ttyname)
@@ -1202,6 +1202,7 @@ session_window_change_req(Session *s)
s->row = packet_get_int();
s->xpixel = packet_get_int();
s->ypixel = packet_get_int();
+ packet_done();
pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
return 1;
}
@@ -1210,14 +1211,17 @@ int
session_pty_req(Session *s)
{
unsigned int len;
+ char *term_modes; /* encoded terminal modes */
if (s->ttyfd != -1)
- return -1;
+ return 0;
s->term = packet_get_string(&len);
s->col = packet_get_int();
s->row = packet_get_int();
s->xpixel = packet_get_int();
s->ypixel = packet_get_int();
+ term_modes = packet_get_string(&len);
+ packet_done();
if (strcmp(s->term, "") == 0) {
xfree(s->term);
@@ -1230,7 +1234,8 @@ session_pty_req(Session *s)
s->ptyfd = -1;
s->ttyfd = -1;
error("session_pty_req: session %d alloc failed", s->self);
- return -1;
+ xfree(term_modes);
+ return 0;
}
debug("session_pty_req: session %d alloc %s", s->self, s->tty);
/*
diff --git a/ssh-agent.c b/ssh-agent.c
index ecb44a22..66439461 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -9,7 +9,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.27 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.28 2000/04/14 10:30:33 markus Exp $");
#include "ssh.h"
#include "rsa.h"
@@ -412,7 +412,7 @@ prepare_select(fd_set *readset, fd_set *writeset)
}
}
-void
+void
after_select(fd_set *readset, fd_set *writeset)
{
unsigned int i;
@@ -646,8 +646,8 @@ main(int ac, char **av)
}
signal(SIGINT, SIG_IGN);
signal(SIGPIPE, SIG_IGN);
- signal(SIGHUP, cleanup_exit);
- signal(SIGTERM, cleanup_exit);
+ signal(SIGHUP, cleanup_exit);
+ signal(SIGTERM, cleanup_exit);
while (1) {
FD_ZERO(&readset);
FD_ZERO(&writeset);
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 81070d2e..f2484a4b 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -7,7 +7,7 @@
*/
#include "includes.h"
-RCSID("$Id: ssh-keygen.c,v 1.12 2000/03/17 12:40:17 damien Exp $");
+RCSID("$Id: ssh-keygen.c,v 1.13 2000/04/16 01:18:46 damien Exp $");
#include "rsa.h"
#include "ssh.h"
@@ -508,7 +508,7 @@ passphrase_again:
if (identity_comment) {
strlcpy(comment, identity_comment, sizeof(comment));
} else {
- /* Create default commend field for the passphrase. */
+ /* Create default commend field for the passphrase. */
if (gethostname(hostname, sizeof(hostname)) < 0) {
perror("gethostname");
exit(1);
diff --git a/ssh.1 b/ssh.1
index 548339e6..1d1a76cf 100644
--- a/ssh.1
+++ b/ssh.1
@@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
-.\" $Id: ssh.1,v 1.21 2000/04/13 02:26:37 damien Exp $
+.\" $Id: ssh.1,v 1.22 2000/04/16 01:18:46 damien Exp $
.\"
.Dd September 25, 1999
.Dt SSH 1
@@ -24,7 +24,7 @@
.Op Ar command
.Pp
.Nm ssh
-.Op Fl afgknqtvxCPX46
+.Op Fl afgknqtvxCPX246
.Op Fl c Ar blowfish | 3des
.Op Fl e Ar escape_char
.Op Fl i Ar identity_file
@@ -455,6 +455,10 @@ from the local machine.
Port forwardings can also be specified in the configuration file.
Privileged ports can be forwarded only when
logging in as root on the remote machine.
+.It Fl 2
+Forces
+.Nm
+to use protocol version 2 only.
.It Fl 4
Forces
.Nm
diff --git a/ssh.c b/ssh.c
index f2369424..456570fc 100644
--- a/ssh.c
+++ b/ssh.c
@@ -11,7 +11,7 @@
*/
#include "includes.h"
-RCSID("$Id: ssh.c,v 1.25 2000/04/12 10:17:40 damien Exp $");
+RCSID("$Id: ssh.c,v 1.26 2000/04/16 01:18:46 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -138,6 +138,7 @@ usage()
fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n");
fprintf(stderr, " -4 Use IPv4 only.\n");
fprintf(stderr, " -6 Use IPv6 only.\n");
+ fprintf(stderr, " -2 Force protocol version 2.\n");
fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
exit(1);
}
@@ -251,8 +252,8 @@ main(int ac, char **av)
if (host)
break;
if ((cp = strchr(av[optind], '@'))) {
- if(cp == av[optind])
- usage();
+ if(cp == av[optind])
+ usage();
options.user = av[optind];
*cp = '\0';
host = ++cp;
@@ -276,39 +277,34 @@ main(int ac, char **av)
optarg = NULL;
}
switch (opt) {
+ case '2':
+ options.protocol = SSH_PROTO_2;
+ break;
case '4':
IPv4or6 = AF_INET;
break;
-
case '6':
IPv4or6 = AF_INET6;
break;
-
case 'n':
stdin_null_flag = 1;
break;
-
case 'f':
fork_after_authentication_flag = 1;
stdin_null_flag = 1;
break;
-
case 'x':
options.forward_x11 = 0;
break;
-
case 'X':
options.forward_x11 = 1;
break;
-
case 'g':
options.gateway_ports = 1;
break;
-
case 'P':
options.use_privileged_port = 0;
break;
-
case 'a':
options.forward_agent = 0;
break;
@@ -330,11 +326,9 @@ main(int ac, char **av)
options.identity_files[options.num_identity_files++] =
xstrdup(optarg);
break;
-
case 't':
tty_flag = 1;
break;
-
case 'v':
case 'V':
fprintf(stderr, "SSH Version %s, protocol versions %d.%d/%d.%d.\n",
@@ -347,11 +341,9 @@ main(int ac, char **av)
debug_flag = 1;
options.log_level = SYSLOG_LEVEL_DEBUG;
break;
-
case 'q':
options.log_level = SYSLOG_LEVEL_QUIET;
break;
-
case 'e':
if (optarg[0] == '^' && optarg[2] == 0 &&
(unsigned char) optarg[1] >= 64 && (unsigned char) optarg[1] < 128)
@@ -365,7 +357,6 @@ main(int ac, char **av)
exit(1);
}
break;
-
case 'c':
options.cipher = cipher_number(optarg);
if (options.cipher == -1) {
@@ -373,15 +364,12 @@ main(int ac, char **av)
exit(1);
}
break;
-
case 'p':
options.port = atoi(optarg);
break;
-
case 'l':
options.user = optarg;
break;
-
case 'R':
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
&fwd_host_port) != 3 &&
@@ -393,7 +381,6 @@ main(int ac, char **av)
}
add_remote_forward(&options, fwd_port, buf, fwd_host_port);
break;
-
case 'L':
if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf,
&fwd_host_port) != 3 &&
@@ -405,27 +392,22 @@ main(int ac, char **av)
}
add_local_forward(&options, fwd_port, buf, fwd_host_port);
break;
-
case 'C':
options.compression = 1;
break;
-
case 'N':
no_shell_flag = 1;
no_tty_flag = 1;
break;
-
case 'T':
no_tty_flag = 1;
break;
-
case 'o':
dummy = 1;
if (process_config_line(&options, host ? host : "", optarg,
"command-line", 0, &dummy) != 0)
exit(1);
break;
-
default:
usage();
}
@@ -634,7 +616,7 @@ main(int ac, char **av)
/* Expand ~ in known host file names. */
options.system_hostfile = tilde_expand_filename(options.system_hostfile,
- original_real_uid);
+ original_real_uid);
options.user_hostfile = tilde_expand_filename(options.user_hostfile,
original_real_uid);
@@ -803,7 +785,7 @@ ssh_session(void)
options.local_forwards[i].host,
options.local_forwards[i].host_port);
channel_request_local_forwarding(options.local_forwards[i].port,
- options.local_forwards[i].host,
+ options.local_forwards[i].host,
options.local_forwards[i].host_port,
options.gateway_ports);
}
@@ -816,11 +798,11 @@ ssh_session(void)
options.remote_forwards[i].host_port);
channel_request_remote_forwarding(options.remote_forwards[i].port,
options.remote_forwards[i].host,
- options.remote_forwards[i].host_port);
+ options.remote_forwards[i].host_port);
}
/* If requested, let ssh continue in the background. */
- if (fork_after_authentication_flag)
+ if (fork_after_authentication_flag)
if (daemon(1, 1) < 0)
fatal("daemon() failed: %.200s", strerror(errno));
@@ -859,7 +841,7 @@ init_local_fwd(void)
options.local_forwards[i].host,
options.local_forwards[i].host_port);
channel_request_local_forwarding(options.local_forwards[i].port,
- options.local_forwards[i].host,
+ options.local_forwards[i].host,
options.local_forwards[i].host_port,
options.gateway_ports);
}
diff --git a/ssh.h b/ssh.h
index ea2dc032..57fcf57b 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,19 +1,19 @@
/*
- *
+ *
* ssh.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Fri Mar 17 17:09:37 1995 ylo
- *
+ *
* Generic header file for ssh.
- *
+ *
*/
-/* RCSID("$Id: ssh.h,v 1.31 2000/04/12 10:17:41 damien Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.32 2000/04/16 01:18:47 damien Exp $"); */
#ifndef SSH_H
#define SSH_H
@@ -279,7 +279,7 @@
* information is not available. This must be called before record_login.
* The host from which the user logged in is stored in buf.
*/
-unsigned long
+unsigned long
get_last_login_time(uid_t uid, const char *logname,
char *buf, unsigned int bufsize);
@@ -287,7 +287,7 @@ get_last_login_time(uid_t uid, const char *logname,
* Records that the user has logged in. This does many things normally done
* by login(1).
*/
-void
+void
record_login(int pid, const char *ttyname, const char *user, uid_t uid,
const char *host, struct sockaddr *addr);
@@ -308,7 +308,7 @@ void record_logout(int pid, const char *ttyname);
* and zero on failure. If the connection is successful, this calls
* packet_set_connection for the connection.
*/
-int
+int
ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
u_short port, int connection_attempts,
int anonymous, uid_t original_real_uid,
@@ -323,7 +323,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
* references from the packet module).
*/
-void
+void
ssh_login(int host_key_valid, RSA * host_key, const char *host,
struct sockaddr * hostaddr, uid_t original_real_uid);
@@ -340,7 +340,7 @@ int auth_rhosts(struct passwd * pw, const char *client_user);
* Tries to authenticate the user using the .rhosts file and the host using
* its host key. Returns true if authentication succeeds.
*/
-int
+int
auth_rhosts_rsa(struct passwd * pw, const char *client_user, RSA* client_host_key);
/*
@@ -409,7 +409,7 @@ char *read_passphrase(const char *prompt, int from_stdin);
* precede the key to provide identification of the key without needing a
* passphrase.
*/
-int
+int
save_private_key(const char *filename, const char *passphrase,
RSA * private_key, const char *comment);
@@ -419,7 +419,7 @@ save_private_key(const char *filename, const char *passphrase,
* comment of the key is returned in comment_return if it is non-NULL; the
* caller must free the value with xfree.
*/
-int
+int
load_public_key(const char *filename, RSA * pub,
char **comment_return);
@@ -430,7 +430,7 @@ load_public_key(const char *filename, RSA * pub,
* comment_return if it is non-NULL; the caller must free the value with
* xfree.
*/
-int
+int
load_private_key(const char *filename, const char *passphrase,
RSA * private_key, char **comment_return);
diff --git a/ssh2.h b/ssh2.h
index cc659f84..cf684bac 100644
--- a/ssh2.h
+++ b/ssh2.h
@@ -1,31 +1,31 @@
/*
- * draft-ietf-secsh-architecture-04.txt
+ * draft-ietf-secsh-architecture-04.txt
*
* Transport layer protocol:
- *
+ *
* 1-19 Transport layer generic (e.g. disconnect, ignore, debug,
* etc)
* 20-29 Algorithm negotiation
* 30-49 Key exchange method specific (numbers can be reused for
* different authentication methods)
- *
+ *
* User authentication protocol:
- *
+ *
* 50-59 User authentication generic
* 60-79 User authentication method specific (numbers can be reused
* for different authentication methods)
- *
+ *
* Connection protocol:
- *
+ *
* 80-89 Connection protocol generic
* 90-127 Channel related messages
- *
+ *
* Reserved for client protocols:
- *
+ *
* 128-191 Reserved
- *
+ *
* Local extensions:
- *
+ *
* 192-255 Local extensions
*/
diff --git a/sshconnect.c b/sshconnect.c
index 675de610..bca0bf43 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.66 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.68 2000/04/14 10:30:33 markus Exp $");
#ifdef HAVE_OPENSSL
#include <openssl/bn.h>
@@ -250,7 +250,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
debug("Trying again...");
/* Loop through addresses for this host, and try each one in
- sequence until the connection succeeds. */
+ sequence until the connection succeeds. */
for (ai = aitop; ai; ai = ai->ai_next) {
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
continue;
@@ -264,7 +264,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
host, ntop, strport);
/* Create a socket for connecting. */
- sock = ssh_create_socket(original_real_uid,
+ sock = ssh_create_socket(original_real_uid,
!anonymous && geteuid() == 0 && port < IPPORT_RESERVED,
ai->ai_family);
if (sock < 0)
@@ -1059,7 +1059,7 @@ ssh_exchange_identification()
break;
}
/* FALLTHROUGH */
- default:
+ default:
mismatch = 1;
break;
}
@@ -1363,13 +1363,13 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
debug("Sending KEX init.");
if (options.ciphers != NULL) {
- myproposal[PROPOSAL_ENC_ALGS_CTOS] =
+ myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
} else if (
options.cipher == SSH_CIPHER_ARCFOUR ||
- options.cipher == SSH_CIPHER_3DES_CBC ||
- options.cipher == SSH_CIPHER_CAST128_CBC ||
- options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
+ options.cipher == SSH_CIPHER_3DES_CBC ||
+ options.cipher == SSH_CIPHER_CAST128_CBC ||
+ options.cipher == SSH_CIPHER_BLOWFISH_CBC) {
myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = cipher_name(options.cipher);
}
@@ -1411,6 +1411,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
debug("first kex follow == %d", i);
i = packet_get_int();
debug("reserved == %d", i);
+ packet_done();
debug("done read kexinit");
kex = kex_choose_conf(cprop, sprop, 0);
@@ -1434,7 +1435,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
fprintf(stderr, "\npub= ");
bignum_print(dh->pub_key);
fprintf(stderr, "\n");
- DHparams_print_fp(stderr, dh);
+ DHparams_print_fp(stderr, dh);
#endif
debug("Wait SSH2_MSG_KEXDH_REPLY.");
@@ -1466,6 +1467,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
/* signed H */
signature = packet_get_string(&slen);
+ packet_done();
if (!dh_pub_is_valid(dh, dh_server_pub))
packet_disconnect("bad server public DH value");
@@ -1475,14 +1477,14 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
kout = DH_compute_key(kbuf, dh_server_pub, dh);
#ifdef DEBUG_KEXDH
debug("shared secret: len %d/%d", klen, kout);
- fprintf(stderr, "shared secret == ");
- for (i = 0; i< kout; i++)
- fprintf(stderr, "%02x", (kbuf[i])&0xff);
- fprintf(stderr, "\n");
+ fprintf(stderr, "shared secret == ");
+ for (i = 0; i< kout; i++)
+ fprintf(stderr, "%02x", (kbuf[i])&0xff);
+ fprintf(stderr, "\n");
#endif
- shared_secret = BN_new();
+ shared_secret = BN_new();
- BN_bin2bn(kbuf, kout, shared_secret);
+ BN_bin2bn(kbuf, kout, shared_secret);
memset(kbuf, 0, klen);
xfree(kbuf);
@@ -1502,10 +1504,10 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
xfree(client_kexinit);
xfree(server_kexinit);
#ifdef DEBUG_KEXDH
- fprintf(stderr, "hash == ");
- for (i = 0; i< 20; i++)
- fprintf(stderr, "%02x", (hash[i])&0xff);
- fprintf(stderr, "\n");
+ fprintf(stderr, "hash == ");
+ for (i = 0; i< 20; i++)
+ fprintf(stderr, "%02x", (hash[i])&0xff);
+ fprintf(stderr, "\n");
#endif
dsa_verify(server_host_key, (unsigned char *)signature, slen, hash, 20);
key_free(server_host_key);
@@ -1518,6 +1520,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
debug("Wait SSH2_MSG_NEWKEYS.");
packet_read_expect(&payload_len, SSH2_MSG_NEWKEYS);
+ packet_done();
debug("GOT SSH2_MSG_NEWKEYS.");
debug("send SSH2_MSG_NEWKEYS.");
@@ -1551,7 +1554,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
char *server_user, *local_user;
char *auths;
char *password;
- char *service = "ssh-connection"; // service name
+ char *service = "ssh-connection"; /* service name */
debug("send SSH2_MSG_SERVICE_REQUEST");
packet_start(SSH2_MSG_SERVICE_REQUEST);
@@ -1563,8 +1566,15 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
if (type != SSH2_MSG_SERVICE_ACCEPT) {
fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type);
}
- /* payload empty for ssh-2.0.13 ?? */
- /* reply = packet_get_string(&payload_len); */
+ if (packet_remaining() > 0) {
+ char *reply = packet_get_string(&plen);
+ debug("service_accept: %s", reply);
+ xfree(reply);
+ } else {
+ /* payload empty for ssh-2.0.13 ?? */
+ log("buggy server: service_accept w/o service");
+ }
+ packet_done();
debug("got SSH2_MSG_SERVICE_ACCEPT");
/*XX COMMONCODE: */
@@ -1593,6 +1603,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
auths = packet_get_string(&dlen);
debug("authentications that can continue: %s", auths);
partial = packet_get_char();
+ packet_done();
if (partial)
debug("partial success");
if (strstr(auths, "password") == NULL)
@@ -1613,6 +1624,7 @@ ssh_userauth2(int host_key_valid, RSA *own_host_key,
packet_send();
packet_write_wait();
}
+ packet_done();
debug("ssh-userauth2 successfull");
}
diff --git a/sshd.c b/sshd.c
index cd5760ec..cc6bee96 100644
--- a/sshd.c
+++ b/sshd.c
@@ -14,7 +14,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.104 2000/04/12 09:39:10 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.105 2000/04/14 10:30:33 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
@@ -67,7 +67,7 @@ ServerOptions options;
/* Name of the server configuration file. */
char *config_file_name = SERVER_CONFIG_FILE;
-/*
+/*
* Flag indicating whether IPv4 or IPv6. This can be set on the command line.
* Default value is AF_UNSPEC means both IPv4 and IPv6.
*/
@@ -162,7 +162,7 @@ close_listen_socks(void)
* the effect is to reread the configuration file (and to regenerate
* the server key).
*/
-void
+void
sighup_handler(int sig)
{
received_sighup = 1;
@@ -173,7 +173,7 @@ sighup_handler(int sig)
* Called from the main program after receiving SIGHUP.
* Restarts the server.
*/
-void
+void
sighup_restart()
{
log("Received SIGHUP; restarting.");
@@ -188,7 +188,7 @@ sighup_restart()
* These close the listen socket; not closing it seems to cause "Address
* already in use" problems on some machines, which is inconvenient.
*/
-void
+void
sigterm_handler(int sig)
{
log("Received signal %d; terminating.", sig);
@@ -200,7 +200,7 @@ sigterm_handler(int sig)
* SIGCHLD handler. This is called whenever a child dies. This will then
* reap any zombies left by exited c.
*/
-void
+void
main_sigchld_handler(int sig)
{
int save_errno = errno;
@@ -216,7 +216,7 @@ main_sigchld_handler(int sig)
/*
* Signal handler for the alarm after the login grace period has expired.
*/
-void
+void
grace_alarm_handler(int sig)
{
/* Close the connection. */
@@ -233,7 +233,7 @@ grace_alarm_handler(int sig)
* Thus there should be no concurrency control/asynchronous execution
* problems.
*/
-void
+void
key_regeneration_alarm(int sig)
{
int save_errno = errno;
@@ -266,15 +266,15 @@ key_regeneration_alarm(int sig)
char *
chop(char *s)
{
- char *t = s;
- while (*t) {
- if(*t == '\n' || *t == '\r') {
- *t = '\0';
- return s;
- }
- t++;
- }
- return s;
+ char *t = s;
+ while (*t) {
+ if(*t == '\n' || *t == '\r') {
+ *t = '\0';
+ return s;
+ }
+ t++;
+ }
+ return s;
}
@@ -337,7 +337,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
*/
if (sscanf(client_version_string, "SSH-%d.%d-%[^\n]\n",
&remote_major, &remote_minor, remote_version) != 3) {
- s = "Protocol mismatch.\n";
+ s = "Protocol mismatch.\n";
(void) atomicio(write, sock_out, s, strlen(s));
close(sock_in);
close(sock_out);
@@ -377,7 +377,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
break;
}
/* FALLTHROUGH */
- default:
+ default:
mismatch = 1;
break;
}
@@ -719,8 +719,8 @@ main(int ac, char **av)
for (i = 0; i < num_listen_socks; i++)
if (listen_socks[i] > maxfd)
maxfd = listen_socks[i];
- fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
- fdset = (fd_set *)xmalloc(fdsetsz);
+ fdsetsz = howmany(maxfd, NFDBITS) * sizeof(fd_mask);
+ fdset = (fd_set *)xmalloc(fdsetsz);
/*
* Stay listening for connections until the system crashes or
@@ -1018,7 +1018,7 @@ do_ssh1_kex()
/* Get cipher type and check whether we accept this. */
cipher_type = packet_get_char();
- if (!(cipher_mask() & (1 << cipher_type)))
+ if (!(cipher_mask() & (1 << cipher_type)))
packet_disconnect("Warning: client selects unsupported cipher.");
/* Get check bytes from the packet. These must match those we
@@ -1145,7 +1145,7 @@ do_ssh2_kex()
/* KEXINIT */
if (options.ciphers != NULL) {
- myproposal[PROPOSAL_ENC_ALGS_CTOS] =
+ myproposal[PROPOSAL_ENC_ALGS_CTOS] =
myproposal[PROPOSAL_ENC_ALGS_STOC] = options.ciphers;
}
@@ -1258,10 +1258,10 @@ do_ssh2_kex()
xfree(client_kexinit);
xfree(server_kexinit);
#ifdef DEBUG_KEXDH
- fprintf(stderr, "hash == ");
- for (i = 0; i< 20; i++)
- fprintf(stderr, "%02x", (hash[i])&0xff);
- fprintf(stderr, "\n");
+ fprintf(stderr, "hash == ");
+ for (i = 0; i< 20; i++)
+ fprintf(stderr, "%02x", (hash[i])&0xff);
+ fprintf(stderr, "\n");
#endif
/* sign H */
dsa_sign(server_host_key, &signature, &slen, hash, 20);
diff --git a/ttymodes.c b/ttymodes.c
index fffc6d5b..647c6603 100644
--- a/ttymodes.c
+++ b/ttymodes.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$Id: ttymodes.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
+RCSID("$Id: ttymodes.c,v 1.4 2000/04/16 01:18:49 damien Exp $");
#include "packet.h"
#include "ssh.h"
@@ -23,7 +23,7 @@ RCSID("$Id: ttymodes.c,v 1.3 1999/11/25 00:54:59 damien Exp $");
* Converts POSIX speed_t to a baud rate. The values of the
* constants for speed_t are not themselves portable.
*/
-static int
+static int
speed_to_baud(speed_t speed)
{
switch (speed) {
@@ -112,7 +112,7 @@ speed_to_baud(speed_t speed)
/*
* Converts a numeric baud rate to a POSIX speed_t.
*/
-static speed_t
+static speed_t
baud_to_speed(int baud)
{
switch (baud) {
@@ -203,7 +203,7 @@ baud_to_speed(int baud)
* in a portable manner, and appends the modes to a packet
* being constructed.
*/
-void
+void
tty_make_modes(int fd)
{
struct termios tio;
@@ -247,7 +247,7 @@ tty_make_modes(int fd)
* Decodes terminal modes for the terminal referenced by fd in a portable
* manner from a packet being read.
*/
-void
+void
tty_parse_modes(int fd, int *n_bytes_ptr)
{
struct termios tio;
diff --git a/ttymodes.h b/ttymodes.h
index 79726aa4..41aad79d 100644
--- a/ttymodes.h
+++ b/ttymodes.h
@@ -1,18 +1,18 @@
/*
- *
+ *
* ttymodes.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* SGTTY stuff contributed by Janne Snabb <snabb@niksula.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Tue Mar 21 15:42:09 1995 ylo
- *
+ *
*/
-/* RCSID("$Id: ttymodes.h,v 1.3 1999/11/25 00:54:59 damien Exp $"); */
+/* RCSID("$Id: ttymodes.h,v 1.4 2000/04/16 01:18:49 damien Exp $"); */
/* The tty mode description is a stream of bytes. The stream consists of
* opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0).
diff --git a/uidswap.c b/uidswap.c
index ca9e28eb..e57be3a3 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -7,7 +7,7 @@
*/
#include "includes.h"
-RCSID("$Id: uidswap.c,v 1.4 2000/01/20 13:18:16 damien Exp $");
+RCSID("$Id: uidswap.c,v 1.5 2000/04/16 01:18:49 damien Exp $");
#include "ssh.h"
#include "uidswap.h"
@@ -35,7 +35,7 @@ static uid_t saved_euid = 0;
* Temporarily changes to the given uid. If the effective user
* id is not root, this does nothing. This call cannot be nested.
*/
-void
+void
temporarily_use_uid(uid_t uid)
{
#ifdef SAVED_IDS_WORK_WITH_SETEUID
@@ -59,7 +59,7 @@ temporarily_use_uid(uid_t uid)
/*
* Restores to the original uid.
*/
-void
+void
restore_uid()
{
#ifdef SAVED_IDS_WORK_WITH_SETEUID
@@ -80,7 +80,7 @@ restore_uid()
* Permanently sets all uids to the given uid. This cannot be
* called while temporarily_use_uid is effective.
*/
-void
+void
permanently_set_uid(uid_t uid)
{
if (setuid(uid) < 0)
diff --git a/uidswap.h b/uidswap.h
index 4755710d..c08a3700 100644
--- a/uidswap.h
+++ b/uidswap.h
@@ -1,15 +1,15 @@
/*
- *
+ *
* uidswap.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Sat Sep 9 01:43:15 1995 ylo
* Last modified: Sat Sep 9 02:34:04 1995 ylo
- *
+ *
*/
#ifndef UIDSWAP_H
diff --git a/xmalloc.c b/xmalloc.c
index 0f1c4305..fb29a62e 100644
--- a/xmalloc.c
+++ b/xmalloc.c
@@ -8,7 +8,7 @@
*/
#include "includes.h"
-RCSID("$Id: xmalloc.c,v 1.2 1999/11/24 13:26:23 damien Exp $");
+RCSID("$Id: xmalloc.c,v 1.3 2000/04/16 01:18:49 damien Exp $");
#include "ssh.h"
@@ -34,7 +34,7 @@ xrealloc(void *ptr, size_t new_size)
return new_ptr;
}
-void
+void
xfree(void *ptr)
{
if (ptr == NULL)
diff --git a/xmalloc.h b/xmalloc.h
index 94280b11..a5603522 100644
--- a/xmalloc.h
+++ b/xmalloc.h
@@ -1,20 +1,20 @@
/*
- *
+ *
* xmalloc.h
- *
+ *
* Author: Tatu Ylonen <ylo@cs.hut.fi>
- *
+ *
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
- *
+ *
* Created: Mon Mar 20 22:09:17 1995 ylo
- *
+ *
* Versions of malloc and friends that check their results, and never return
* failure (they call fatal if they encounter an error).
- *
+ *
*/
-/* RCSID("$Id: xmalloc.h,v 1.2 1999/11/24 13:26:23 damien Exp $"); */
+/* RCSID("$Id: xmalloc.h,v 1.3 2000/04/16 01:18:49 damien Exp $"); */
#ifndef XMALLOC_H
#define XMALLOC_H