diff options
-rw-r--r-- | ChangeLog | 28 | ||||
-rw-r--r-- | auth-krb4.c | 4 | ||||
-rw-r--r-- | auth-options.c | 4 | ||||
-rw-r--r-- | auth-options.h | 4 | ||||
-rw-r--r-- | auth-rh-rsa.c | 6 | ||||
-rw-r--r-- | auth-rhosts.c | 4 | ||||
-rw-r--r-- | auth-rsa.c | 12 | ||||
-rw-r--r-- | auth1.c | 12 | ||||
-rw-r--r-- | auth2-skey.c | 4 | ||||
-rw-r--r-- | auth2.c | 14 | ||||
-rw-r--r-- | authfd.c | 30 | ||||
-rw-r--r-- | authfd.h | 16 | ||||
-rw-r--r-- | authfile.c | 14 | ||||
-rw-r--r-- | bufaux.c | 28 | ||||
-rw-r--r-- | bufaux.h | 10 | ||||
-rw-r--r-- | buffer.c | 16 | ||||
-rw-r--r-- | buffer.h | 20 | ||||
-rw-r--r-- | canohost.c | 4 | ||||
-rw-r--r-- | channels.c | 32 | ||||
-rw-r--r-- | cipher.c | 14 | ||||
-rw-r--r-- | cipher.h | 4 | ||||
-rw-r--r-- | clientloop.c | 22 | ||||
-rw-r--r-- | compress.c | 10 | ||||
-rw-r--r-- | crc32.c | 14 | ||||
-rw-r--r-- | crc32.h | 4 | ||||
-rw-r--r-- | deattack.c | 16 | ||||
-rw-r--r-- | deattack.h | 2 | ||||
-rw-r--r-- | getput.h | 26 | ||||
-rw-r--r-- | hmac.c | 14 | ||||
-rw-r--r-- | hmac.h | 8 | ||||
-rw-r--r-- | hostfile.c | 16 | ||||
-rw-r--r-- | hostfile.h | 4 | ||||
-rw-r--r-- | kex.c | 26 | ||||
-rw-r--r-- | kex.h | 16 | ||||
-rw-r--r-- | key.c | 30 | ||||
-rw-r--r-- | key.h | 12 | ||||
-rw-r--r-- | log.c | 6 | ||||
-rw-r--r-- | login.c | 6 | ||||
-rw-r--r-- | match.c | 6 | ||||
-rw-r--r-- | match.h | 2 | ||||
-rw-r--r-- | mpaux.c | 14 | ||||
-rw-r--r-- | mpaux.h | 6 | ||||
-rw-r--r-- | packet.c | 80 | ||||
-rw-r--r-- | packet.h | 22 | ||||
-rw-r--r-- | pty.c | 2 | ||||
-rw-r--r-- | radix.c | 20 | ||||
-rw-r--r-- | readconf.c | 10 | ||||
-rw-r--r-- | rsa.c | 6 | ||||
-rw-r--r-- | scp.c | 18 | ||||
-rw-r--r-- | servconf.c | 4 | ||||
-rw-r--r-- | servconf.h | 16 | ||||
-rw-r--r-- | serverloop.c | 18 | ||||
-rw-r--r-- | session.c | 22 | ||||
-rw-r--r-- | sftp-server.c | 10 | ||||
-rw-r--r-- | ssh-agent.c | 40 | ||||
-rw-r--r-- | ssh-dss.c | 30 | ||||
-rw-r--r-- | ssh-dss.h | 8 | ||||
-rw-r--r-- | ssh-keygen.c | 10 | ||||
-rw-r--r-- | ssh-keyscan.c | 6 | ||||
-rw-r--r-- | ssh-rsa.c | 20 | ||||
-rw-r--r-- | ssh-rsa.h | 8 | ||||
-rw-r--r-- | ssh.c | 8 | ||||
-rw-r--r-- | ssh.h | 10 | ||||
-rw-r--r-- | sshconnect.c | 50 | ||||
-rw-r--r-- | sshconnect1.c | 32 | ||||
-rw-r--r-- | sshconnect2.c | 46 | ||||
-rw-r--r-- | sshd.c | 50 | ||||
-rw-r--r-- | tildexpand.c | 4 | ||||
-rw-r--r-- | uidswap.c | 4 | ||||
-rw-r--r-- | uidswap.h | 2 | ||||
-rw-r--r-- | uuencode.c | 12 | ||||
-rw-r--r-- | uuencode.h | 6 |
72 files changed, 586 insertions, 528 deletions
@@ -1,3 +1,31 @@ +20001222 + - Updated RCSID for pty.c + - (bal) OpenBSD CVS Updates: + - markus@cvs.openbsd.org 2000/12/21 15:10:16 + [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c] + print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@ + - markus@cvs.openbsd.org 2000/12/20 19:26:56 + [authfile.c] + allow ssh -i userkey for root + - markus@cvs.openbsd.org 2000/12/20 19:37:21 + [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h] + fix prototypes; from stevesk@pobox.com + - markus@cvs.openbsd.org 2000/12/20 19:32:08 + [sshd.c] + init pointer to NULL; report from Jan.Ivan@cern.ch + - markus@cvs.openbsd.org 2000/12/19 23:17:54 + [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c + auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c + bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c + crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h + key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c + packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h + serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h + ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c + uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c] + replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char + unsigned' with u_char. + 20001221 - (stevesk) OpenBSD CVS updates: - markus@cvs.openbsd.org 2000/12/19 15:43:45 diff --git a/auth-krb4.c b/auth-krb4.c index 21a9625e..80e8f429 100644 --- a/auth-krb4.c +++ b/auth-krb4.c @@ -28,7 +28,7 @@ #include "ssh.h" #include "servconf.h" -RCSID("$OpenBSD: auth-krb4.c,v 1.19 2000/10/03 18:03:02 markus Exp $"); +RCSID("$OpenBSD: auth-krb4.c,v 1.20 2000/12/19 23:17:54 markus Exp $"); #ifdef KRB4 char *ticket = NULL; @@ -46,7 +46,7 @@ auth_krb4_password(struct passwd * pw, const char *password) AUTH_DAT adata; KTEXT_ST tkt; struct hostent *hp; - unsigned long faddr; + u_long faddr; char localhost[MAXHOSTNAMELEN]; char phost[INST_SZ]; char realm[REALM_SZ]; diff --git a/auth-options.c b/auth-options.c index 181bf732..c598f70d 100644 --- a/auth-options.c +++ b/auth-options.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-options.c,v 1.6 2000/11/15 22:31:36 markus Exp $"); +RCSID("$OpenBSD: auth-options.c,v 1.7 2000/12/19 23:17:54 markus Exp $"); #include "ssh.h" #include "packet.h" @@ -54,7 +54,7 @@ auth_clear_options(void) /* return 1 if access is granted, 0 if not. side effect: sets key option flags */ int -auth_parse_options(struct passwd *pw, char *options, unsigned long linenum) +auth_parse_options(struct passwd *pw, char *options, u_long linenum) { const char *cp; if (!options) diff --git a/auth-options.h b/auth-options.h index 00fae223..76d420d2 100644 --- a/auth-options.h +++ b/auth-options.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* $OpenBSD: auth-options.h,v 1.5 2000/10/16 09:38:44 djm Exp $ */ +/* $OpenBSD: auth-options.h,v 1.6 2000/12/19 23:17:55 markus Exp $ */ #ifndef AUTH_OPTIONS_H #define AUTH_OPTIONS_H @@ -24,7 +24,7 @@ extern char *forced_command; extern struct envstring *custom_environment; /* return 1 if access is granted, 0 if not. side effect: sets key option flags */ -int auth_parse_options(struct passwd *pw, char *options, unsigned long linenum); +int auth_parse_options(struct passwd *pw, char *options, u_long linenum); /* reset options flags */ void auth_clear_options(void); diff --git a/auth-rh-rsa.c b/auth-rh-rsa.c index a9f17ef8..48c075e6 100644 --- a/auth-rh-rsa.c +++ b/auth-rh-rsa.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rh-rsa.c,v 1.18 2000/11/12 19:50:37 markus Exp $"); +RCSID("$OpenBSD: auth-rh-rsa.c,v 1.19 2000/12/21 15:10:16 markus Exp $"); #include "packet.h" #include "ssh.h" @@ -60,7 +60,7 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key /* Check if we know the host and its host key. */ host_status = check_host_in_hostfile(SSH_SYSTEM_HOSTFILE, canonical_hostname, - client_key, found); + client_key, found, NULL); /* Check user host file unless ignored. */ if (host_status != HOST_OK && !options.ignore_user_known_hosts) { @@ -80,7 +80,7 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key /* XXX race between stat and the following open() */ temporarily_use_uid(pw->pw_uid); host_status = check_host_in_hostfile(user_hostfile, canonical_hostname, - client_key, found); + client_key, found, NULL); restore_uid(); } xfree(user_hostfile); diff --git a/auth-rhosts.c b/auth-rhosts.c index 8314e23a..fb7dabe7 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rhosts.c,v 1.16 2000/10/03 18:03:03 markus Exp $"); +RCSID("$OpenBSD: auth-rhosts.c,v 1.17 2000/12/19 23:17:55 markus Exp $"); #include "packet.h" #include "ssh.h" @@ -152,7 +152,7 @@ auth_rhosts(struct passwd *pw, const char *client_user) const char *hostname, *ipaddr; struct stat st; static const char *rhosts_files[] = {".shosts", ".rhosts", NULL}; - unsigned int rhosts_file_index; + u_int rhosts_file_index; /* no user given */ if (pw == NULL) @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.33 2000/11/14 23:42:40 markus Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.34 2000/12/19 23:17:55 markus Exp $"); #include "rsa.h" #include "packet.h" @@ -37,7 +37,7 @@ extern ServerOptions options; * Session identifier that is used to bind key exchange and authentication * responses to a particular session. */ -extern unsigned char session_id[16]; +extern u_char session_id[16]; /* * The .ssh/authorized_keys file contains public keys, one per line, in the @@ -60,9 +60,9 @@ auth_rsa_challenge_dialog(RSA *pk) { BIGNUM *challenge, *encrypted_challenge; BN_CTX *ctx; - unsigned char buf[32], mdbuf[16], response[16]; + u_char buf[32], mdbuf[16], response[16]; MD5_CTX md; - unsigned int i; + u_int i; int plen, len; encrypted_challenge = BN_new(); @@ -122,9 +122,9 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n) { char line[8192], file[1024]; int authenticated; - unsigned int bits; + u_int bits; FILE *f; - unsigned long linenum = 0; + u_long linenum = 0; struct stat st; RSA *pk; @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.7 2000/11/10 01:04:40 markus Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.8 2000/12/19 23:17:55 markus Exp $"); #ifdef HAVE_OSF_SIA # include <sia.h> @@ -81,14 +81,14 @@ do_authloop(struct passwd * pw, char *luser) { int authenticated = 0; int attempt = 0; - unsigned int bits; + u_int bits; RSA *client_host_key; BIGNUM *n; char *client_user, *password; char user[1024]; - unsigned int dlen; + u_int dlen; int plen, nlen, elen; - unsigned int ulen; + u_int ulen; int type = 0; void (*authlog) (const char *fmt,...) = verbose; @@ -149,7 +149,7 @@ do_authloop(struct passwd * pw, char *luser) /* Try Kerberos v4 authentication. */ KTEXT_ST auth; char *tkt_user = NULL; - char *kdata = packet_get_string((unsigned int *) &auth.length); + char *kdata = packet_get_string((u_int *) &auth.length); packet_integrity_check(plen, 4 + auth.length, type); if (auth.length < MAX_KTXT_LEN) @@ -394,7 +394,7 @@ do_authentication() { struct passwd *pw, pwcopy; int plen; - unsigned int ulen; + u_int ulen; char *user; /* Get the name of the user that we wish to log in as. */ diff --git a/auth2-skey.c b/auth2-skey.c index e29205d4..dbf24f67 100644 --- a/auth2-skey.c +++ b/auth2-skey.c @@ -1,5 +1,5 @@ #include "includes.h" -RCSID("$OpenBSD: auth2-skey.c,v 1.1 2000/10/11 20:14:38 markus Exp $"); +RCSID("$OpenBSD: auth2-skey.c,v 1.2 2000/12/19 23:17:55 markus Exp $"); #ifdef SKEY #include "ssh.h" @@ -62,7 +62,7 @@ input_userauth_info_response(int type, int plen, void *ctxt) { Authctxt *authctxt = ctxt; int authenticated = 0; - unsigned int nresp, rlen; + u_int nresp, rlen; char *resp, *method; if (authctxt == NULL) @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.22 2000/12/03 11:15:02 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.23 2000/12/19 23:17:55 markus Exp $"); #ifdef HAVE_OSF_SIA # include <sia.h> @@ -57,7 +57,7 @@ RCSID("$OpenBSD: auth2.c,v 1.22 2000/12/03 11:15:02 markus Exp $"); /* import */ extern ServerOptions options; -extern unsigned char *session_id2; +extern u_char *session_id2; extern int session_id2_len; #ifdef WITH_AIXAUTHENTICATE @@ -151,7 +151,7 @@ void input_service_request(int type, int plen, void *ctxt) { Authctxt *authctxt = ctxt; - unsigned int len; + u_int len; int accept = 0; char *service = packet_get_string(&len); packet_done(); @@ -363,7 +363,7 @@ userauth_passwd(Authctxt *authctxt) char *password; int authenticated = 0; int change; - unsigned int len; + u_int len; change = packet_get_char(); if (change) log("password change not supported"); @@ -425,7 +425,7 @@ userauth_pubkey(Authctxt *authctxt) Buffer b; Key *key; char *pkalg, *pkblob, *sig; - unsigned int alen, blen, slen; + u_int alen, blen, slen; int have_sig, pktype; int authenticated = 0; @@ -539,7 +539,7 @@ char * authmethods_get(void) { Authmethod *method = NULL; - unsigned int size = 0; + u_int size = 0; char *list; for (method = authmethods; method->name != NULL; method++) { @@ -588,7 +588,7 @@ user_key_allowed(struct passwd *pw, Key *key) char line[8192], file[1024]; int found_key = 0; FILE *f; - unsigned long linenum = 0; + u_long linenum = 0; struct stat st; Key *found; @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.30 2000/11/12 19:50:37 markus Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.32 2000/12/20 19:37:21 markus Exp $"); #include "ssh.h" #include "rsa.h" @@ -62,7 +62,7 @@ int decode_reply(int type); /* Returns the number of the authentication fd, or -1 if there is none. */ int -ssh_get_authentication_socket() +ssh_get_authentication_socket(void) { const char *authsocket; int sock, len; @@ -171,7 +171,7 @@ ssh_close_authentication_socket(int sock) */ AuthenticationConnection * -ssh_get_authentication_connection() +ssh_get_authentication_connection(void) { AuthenticationConnection *auth; int sock; @@ -272,9 +272,9 @@ ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int versi Key * ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version) { - unsigned int bits; - unsigned char *blob; - unsigned int blen; + u_int bits; + u_char *blob; + u_int blen; Key *key = NULL; /* Return failure if no more entries. */ @@ -322,9 +322,9 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio int ssh_decrypt_challenge(AuthenticationConnection *auth, Key* key, BIGNUM *challenge, - unsigned char session_id[16], - unsigned int response_type, - unsigned char response[16]) + u_char session_id[16], + u_int response_type, + u_char response[16]) { Buffer buffer; int success = 0; @@ -373,13 +373,13 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, int ssh_agent_sign(AuthenticationConnection *auth, Key *key, - unsigned char **sigp, int *lenp, - unsigned char *data, int datalen) + u_char **sigp, int *lenp, + u_char *data, int datalen) { extern int datafellows; Buffer msg; - unsigned char *blob; - unsigned int blen; + u_char *blob; + u_int blen; int type, flags = 0; int ret = -1; @@ -502,8 +502,8 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) { Buffer msg; int type; - unsigned char *blob; - unsigned int blen; + u_char *blob; + u_int blen; buffer_init(&msg); @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: authfd.h,v 1.14 2000/11/12 19:50:37 markus Exp $"); */ +/* RCSID("$OpenBSD: authfd.h,v 1.16 2000/12/20 19:37:21 markus Exp $"); */ #ifndef AUTHFD_H #define AUTHFD_H @@ -51,7 +51,7 @@ typedef struct { } AuthenticationConnection; /* Returns the number of the authentication fd, or -1 if there is none. */ -int ssh_get_authentication_socket(); +int ssh_get_authentication_socket(void); /* * This should be called for any descriptor returned by @@ -66,7 +66,7 @@ void ssh_close_authentication_socket(int authfd); * connection could not be opened. The connection should be closed by the * caller by calling ssh_close_authentication_connection(). */ -AuthenticationConnection *ssh_get_authentication_connection(); +AuthenticationConnection *ssh_get_authentication_connection(void); /* * Closes the connection to the authentication agent and frees any associated @@ -101,16 +101,16 @@ Key *ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int v int ssh_decrypt_challenge(AuthenticationConnection *auth, Key *key, BIGNUM * challenge, - unsigned char session_id[16], - unsigned int response_type, - unsigned char response[16]); + u_char session_id[16], + u_int response_type, + u_char response[16]); /* Requests the agent to sign data using key */ int ssh_agent_sign(AuthenticationConnection *auth, Key *key, - unsigned char **sigp, int *lenp, - unsigned char *data, int datalen); + u_char **sigp, int *lenp, + u_char *data, int datalen); /* * Adds an identity to the authentication server. This call is not meant to @@ -131,8 +131,8 @@ save_private_key_rsa1(const char *filename, const char *passphrase, buffer_append_space(&encrypted, &cp, buffer_len(&buffer)); cipher_set_key_string(&ciphercontext, cipher, passphrase); - cipher_encrypt(&ciphercontext, (unsigned char *) cp, - (unsigned char *) buffer_ptr(&buffer), buffer_len(&buffer)); + cipher_encrypt(&ciphercontext, (u_char *) cp, + (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); memset(&ciphercontext, 0, sizeof(ciphercontext)); /* Destroy temporary data. */ @@ -258,7 +258,7 @@ load_public_key_rsa(const char *filename, RSA * pub, char **comment_return) * Make sure it begins with the id string. Consume the id string * from the buffer. */ - for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) + for (i = 0; i < (u_int) strlen(AUTHFILE_ID_STRING) + 1; i++) if (buffer_get_char(&buffer) != (u_char) AUTHFILE_ID_STRING[i]) { debug3("Bad RSA1 key file %.200s.", filename); buffer_free(&buffer); @@ -348,7 +348,7 @@ load_private_key_rsa1(int fd, const char *filename, * Make sure it begins with the id string. Consume the id string * from the buffer. */ - for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++) + for (i = 0; i < (u_int) strlen(AUTHFILE_ID_STRING) + 1; i++) if (buffer_get_char(&buffer) != (u_char) AUTHFILE_ID_STRING[i]) { debug3("Bad RSA1 key file %.200s.", filename); buffer_free(&buffer); @@ -383,8 +383,8 @@ load_private_key_rsa1(int fd, const char *filename, /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ cipher_set_key_string(&ciphercontext, cipher, passphrase); - cipher_decrypt(&ciphercontext, (unsigned char *) cp, - (unsigned char *) buffer_ptr(&buffer), buffer_len(&buffer)); + cipher_decrypt(&ciphercontext, (u_char *) cp, + (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); memset(&ciphercontext, 0, sizeof(ciphercontext)); buffer_free(&buffer); @@ -508,7 +508,7 @@ load_private_key(const char *filename, const char *passphrase, Key *key, if (check_ntsec(filename)) #endif if (fstat(fd, &st) < 0 || - (st.st_uid != 0 && st.st_uid != getuid()) || + (st.st_uid != 0 && getuid() != 0 && st.st_uid != getuid()) || (st.st_mode & 077) != 0) { close(fd); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); |