diff options
165 files changed, 12549 insertions, 8807 deletions
diff --git a/crypto/openssh/LICENCE b/crypto/openssh/LICENCE index f60f50205a13..1c98a1d621b7 100644 --- a/crypto/openssh/LICENCE +++ b/crypto/openssh/LICENCE @@ -26,7 +26,7 @@ OpenSSH contains no GPL code. [However, none of that term is relevant at this point in time. All of these restrictively licenced software components which he talks about - have been removed from OpenSSH, ie. + have been removed from OpenSSH, i.e., - RSA is no longer included, found in the OpenSSL library - IDEA is no longer included, its use is deprecated @@ -85,8 +85,7 @@ OpenSSH contains no GPL code. 3) The 32-bit CRC compensation attack detector in deattack.c was - contributed by CORE SDI S.A. under a BSD-style license. See - http://www.core-sdi.com/english/ssh/ for details. + contributed by CORE SDI S.A. under a BSD-style license. * Cryptographic attack detector for ssh - source code * @@ -104,8 +103,83 @@ OpenSSH contains no GPL code. * * Ariel Futoransky <futo@core-sdi.com> * <http://www.core-sdi.com> - + 4) + ssh-keygen was contributed by David Mazieres under a BSD-style + license. + + * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. + * + * Modification and redistribution in source and binary forms is + * permitted provided that due credit is given to the author and the + * OpenBSD project by leaving this copyright notice intact. + +5) + The Rijndael implementation by Vincent Rijmen, Antoon Bosselaers + and Paulo Barreto is in the public domain and distributed + with the following license: + + * @version 3.0 (December 2000) + * + * Optimised ANSI C code for the Rijndael cipher (now AES) + * + * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> + * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> + * @author Paulo Barreto <paulo.barreto@terra.com.br> + * + * This code is hereby placed in the public domain. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +6) + One component of the ssh source code is under a 4-clause BSD license, + held by the University of California, since we pulled these parts from + original Berkeley code. The Regents of the University of California + have declared that term 3 is no longer enforceable on their source code, + but we retain that license as is. + + * Copyright (c) 1983, 1990, 1992, 1993, 1995 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + +7) Remaining components of the software are provided under a standard 2-term BSD licence with the following names as copyright holders: @@ -114,6 +188,8 @@ OpenSSH contains no GPL code. Niels Provos Dug Song Aaron Campbell + Damien Miller + Kevin Steves * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions diff --git a/crypto/openssh/Makefile b/crypto/openssh/Makefile index eea6f1415790..f1f871e82927 100644 --- a/crypto/openssh/Makefile +++ b/crypto/openssh/Makefile @@ -1,14 +1,14 @@ -# $OpenBSD: Makefile,v 1.8 2001/02/04 11:11:53 djm Exp $ +# $OpenBSD: Makefile,v 1.10 2002/02/09 17:37:34 deraadt Exp $ .include <bsd.own.mk> SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server \ - ssh-keyscan sftp + ssh-keyscan sftp scard distribution: install -C -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \ - ${DESTDIR}/etc/ssh_config + ${DESTDIR}/etc/ssh/ssh_config install -C -o root -g wheel -m 0644 ${.CURDIR}/sshd_config \ - ${DESTDIR}/etc/sshd_config + ${DESTDIR}/etc/ssh/sshd_config .include <bsd.subdir.mk> diff --git a/crypto/openssh/Makefile.inc b/crypto/openssh/Makefile.inc index 89fdf4394dd1..c68f59a74e94 100644 --- a/crypto/openssh/Makefile.inc +++ b/crypto/openssh/Makefile.inc @@ -1,8 +1,19 @@ -# $OpenBSD: Makefile.inc,v 1.13 2001/01/29 01:58:14 niklas Exp $ +# $OpenBSD: Makefile.inc,v 1.23 2002/03/06 00:23:27 markus Exp $ CFLAGS+= -I${.CURDIR}/.. -CFLAGS+= -Wall +CDIAGFLAGS= -Wall +#CDIAGFLAGS+= -Werror +CDIAGFLAGS+= -Wpointer-arith +CDIAGFLAGS+= -Wno-uninitialized +#CDIAGFLAGS+= -Wstrict-prototypes +CDIAGFLAGS+= -Wmissing-prototypes +CDIAGFLAGS+= -Wunused + +#DEBUG=-g + +#CFLAGS+= -DSMARTCARD +#LDADD+= -lsectok .include <bsd.obj.mk> diff --git a/crypto/openssh/OVERVIEW b/crypto/openssh/OVERVIEW index 7f34ac45bdf9..ff03ecab21b5 100644 --- a/crypto/openssh/OVERVIEW +++ b/crypto/openssh/OVERVIEW @@ -1,9 +1,15 @@ +[Note: This file has not been updated for OpenSSH versions after +OpenSSH-1.2 and should be considered OBSOLETE. It has been left in +the distribution because some of its information may still be useful +to developers.] + This document is intended for those who wish to read the ssh source code. This tries to give an overview of the structure of the code. Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi> Updated 17 Nov 1995. Updated 19 Oct 1999 for OpenSSH-1.2 +Updated 20 May 2001 note obsolete for > OpenSSH-1.2 The software consists of ssh (client), sshd (server), scp, sdist, and the auxiliary programs ssh-keygen, ssh-agent, ssh-add, and diff --git a/crypto/openssh/README b/crypto/openssh/README index 4e75d62495e2..c13098b318ef 100644 --- a/crypto/openssh/README +++ b/crypto/openssh/README @@ -14,7 +14,7 @@ To extract and install this release on your OpenBSD system use: # make depend # make # make install - # cp ssh_config sshd_config /etc + # cp ssh_config sshd_config /etc/ssh OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels diff --git a/crypto/openssh/README.smartcard b/crypto/openssh/README.smartcard new file mode 100644 index 000000000000..499dc8ed6207 --- /dev/null +++ b/crypto/openssh/README.smartcard @@ -0,0 +1,69 @@ +How to use smartcards with OpenSSH? + +OpenSSH contains experimental support for authentication using +Cyberflex smartcards and TODOS card readers. To enable this you +need to: + +(1) install sectok + + $ cd /usr/src/lib/libsectok + $ make obj depend all install includes + $ cd /usr/src/usr.bin/sectok + $ make obj depend all install + +(2) enable SMARTCARD support in OpenSSH: + + $ vi /usr/src/usr.bin/ssh/Makefile.inc + and uncomment + CFLAGS+= -DSMARTCARD + LDADD+= -lsectok + +(3) load the Java Cardlet to the Cyberflex card: + + $ sectok + sectok> login -d + sectok> jload /usr/libdata/ssh/Ssh.bin + sectok> quit + +(4) load a RSA key to the card: + + please don't use your production RSA keys, since + with the current version of sectok/ssh-keygen + the private key file is still readable + + $ ssh-keygen -f /path/to/rsakey -U 1 + (where 1 is the reader number, you can also try 0) + + In spite of the name, this does not generate a key. + It just loads an already existing key on to the card. + +(5) optional: + + Change the card password so that only you can + read the private key: + + $ sectok + sectok> login -d + sectok> setpass + sectok> quit + + This prevents reading the key but not use of the + key by the card applet. + + Do not forget the passphrase. There is no way to + recover if you do. + + IMPORTANT WARNING: If you attempt to login with the + wrong passphrase three times in a row, you will + destroy your card. + +(6) tell the ssh client to use the card reader: + + $ ssh -I 1 otherhost + +(7) or tell the agent (don't forget to restart) to use the smartcard: + + $ ssh-add -s 1 + +-markus, +Tue Jul 17 23:54:51 CEST 2001 diff --git a/crypto/openssh/atomicio.c b/crypto/openssh/atomicio.c index 8e17b581c68e..fd7d50818986 100644 --- a/crypto/openssh/atomicio.c +++ b/crypto/openssh/atomicio.c @@ -24,9 +24,8 @@ */ #include "includes.h" -RCSID("$OpenBSD: atomicio.c,v 1.9 2001/03/02 18:54:30 deraadt Exp $"); +RCSID("$OpenBSD: atomicio.c,v 1.10 2001/05/08 22:48:07 markus Exp $"); -#include "xmalloc.h" #include "atomicio.h" /* diff --git a/crypto/openssh/atomicio.h b/crypto/openssh/atomicio.h index d878687d63d0..e569d38c603f 100644 --- a/crypto/openssh/atomicio.h +++ b/crypto/openssh/atomicio.h @@ -1,4 +1,4 @@ -/* $OpenBSD: atomicio.h,v 1.3 2001/03/02 18:54:30 deraadt Exp $ */ +/* $OpenBSD: atomicio.h,v 1.4 2001/06/26 06:32:46 itojun Exp $ */ /* * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. @@ -28,4 +28,4 @@ /* * Ensure all of data on socket comes through. f==read || f==write */ -ssize_t atomicio(ssize_t (*f)(), int fd, void *s, size_t n); +ssize_t atomicio(ssize_t (*)(), int, void *, size_t); diff --git a/crypto/openssh/auth-bsdauth.c b/crypto/openssh/auth-bsdauth.c new file mode 100644 index 000000000000..b70d48f20e02 --- /dev/null +++ b/crypto/openssh/auth-bsdauth.c @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2001 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#include "includes.h" +RCSID("$OpenBSD: auth-bsdauth.c,v 1.2 2001/12/19 07:18:56 deraadt Exp $"); + +#ifdef BSD_AUTH +#include "xmalloc.h" +#include "auth.h" +#include "log.h" + +static void * +bsdauth_init_ctx(Authctxt *authctxt) +{ + return authctxt; +} + +static int +bsdauth_query(void *ctx, char **name, char **infotxt, + u_int *numprompts, char ***prompts, u_int **echo_on) +{ + Authctxt *authctxt = ctx; + char *challenge = NULL; + + if (authctxt->as != NULL) { + debug2("bsdauth_query: try reuse session"); + challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); + if (challenge == NULL) { + auth_close(authctxt->as); + authctxt->as = NULL; + } + } + + if (challenge == NULL) { + debug2("bsdauth_query: new bsd auth session"); + debug3("bsdauth_query: style %s", + authctxt->style ? authctxt->style : "<default>"); + authctxt->as = auth_userchallenge(authctxt->user, + authctxt->style, "auth-ssh", &challenge); + if (authctxt->as == NULL) + challenge = NULL; + debug2("bsdauth_query: <%s>", challenge ? challenge : "empty"); + } + + if (challenge == NULL) + return -1; + + *name = xstrdup(""); + *infotxt = xstrdup(""); + *numprompts = 1; + *prompts = xmalloc(*numprompts * sizeof(char*)); + *echo_on = xmalloc(*numprompts * sizeof(u_int)); + (*echo_on)[0] = 0; + (*prompts)[0] = xstrdup(challenge); + + return 0; +} + +static int +bsdauth_respond(void *ctx, u_int numresponses, char **responses) +{ + Authctxt *authctxt = ctx; + int authok; + + if (authctxt->as == 0) + error("bsdauth_respond: no bsd auth session"); + + if (numresponses != 1) + return -1; + + authok = auth_userresponse(authctxt->as, responses[0], 0); + authctxt->as = NULL; + debug3("bsdauth_respond: <%s> = <%d>", responses[0], authok); + + return (authok == 0) ? -1 : 0; +} + +static void +bsdauth_free_ctx(void *ctx) +{ + Authctxt *authctxt = ctx; + + if (authctxt && authctxt->as) { + auth_close(authctxt->as); + authctxt->as = NULL; + } +} + +KbdintDevice bsdauth_device = { + "bsdauth", + bsdauth_init_ctx, + bsdauth_query, + bsdauth_respond, + bsdauth_free_ctx +}; +#endif diff --git a/crypto/openssh/auth-chall.c b/crypto/openssh/auth-chall.c index f3502f4eee36..45e0c34522b1 100644 --- a/crypto/openssh/auth-chall.c +++ b/crypto/openssh/auth-chall.c @@ -23,82 +23,60 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-chall.c,v 1.7 2001/04/05 10:42:47 markus Exp $"); +RCSID("$OpenBSD: auth-chall.c,v 1.8 2001/05/18 14:13:28 markus Exp $"); #include "auth.h" #include "log.h" +#include "xmalloc.h" -#ifdef BSD_AUTH -char * -get_challenge(Authctxt *authctxt, char *devs) -{ - char *challenge; +/* limited protocol v1 interface to kbd-interactive authentication */ - if (authctxt->as != NULL) { - debug2("try reuse session"); - challenge = auth_getitem(authctxt->as, AUTHV_CHALLENGE); - if (challenge != NULL) { - debug2("reuse bsd auth session"); - return challenge; - } - auth_close(authctxt->as); - authctxt->as = NULL; - } - debug2("new bsd auth session"); - if (devs == NULL || strlen(devs) == 0) - devs = authctxt->style; - debug3("bsd auth: devs %s", devs ? devs : "<default>"); - authctxt->as = auth_userchallenge(authctxt->user, devs, "auth-ssh", - &challenge); - if (authctxt->as == NULL) - return NULL; - debug2("get_challenge: <%s>", challenge ? challenge : "EMPTY"); - return challenge; -} -int -verify_response(Authctxt *authctxt, char *response) -{ - int authok; - - if (authctxt->as == 0) - error("verify_response: no bsd auth session"); - authok = auth_userresponse(authctxt->as, response, 0); - authctxt->as = NULL; - debug("verify_response: <%s> = <%d>", response, authok); - return authok != 0; -} -#else -#ifdef SKEY -#include <skey.h> +extern KbdintDevice *devices[]; +static KbdintDevice *device; char * -get_challenge(Authctxt *authctxt, char *devs) +get_challenge(Authctxt *authctxt) { - static char challenge[1024]; - struct skey skey; - if (skeychallenge(&skey, authctxt->user, challenge) == -1) + char *challenge, *name, *info, **prompts; + u_int i, numprompts; + u_int *echo_on; + + device = devices[0]; /* we always use the 1st device for protocol 1 */ + if (device == NULL) return NULL; - strlcat(challenge, "\nS/Key Password: ", sizeof challenge); - return challenge; -} -int -verify_response(Authctxt *authctxt, char *response) -{ - return (authctxt->valid && - skey_haskey(authctxt->pw->pw_name) == 0 && - skey_passcheck(authctxt->pw->pw_name, response) != -1); -} -#else -/* not available */ -char * -get_challenge(Authctxt *authctxt, char *devs) -{ - return NULL; + if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL) + return NULL; + if (device->query(authctxt->kbdintctxt, &name, &info, + &numprompts, &prompts, &echo_on)) { + device->free_ctx(authctxt->kbdintctxt); + authctxt->kbdintctxt = NULL; + return NULL; + } + if (numprompts < 1) + fatal("get_challenge: numprompts < 1"); + challenge = xstrdup(prompts[0]); + for (i = 0; i < numprompts; i++) + xfree(prompts[i]); + xfree(prompts); + xfree(name); + xfree(echo_on); + xfree(info); + + return (challenge); } int -verify_response(Authctxt *authctxt, char *response) +verify_response(Authctxt *authctxt, const char *response) { - return 0; + char *resp[1]; + int res; + + if (device == NULL) + return 0; + if (authctxt->kbdintctxt == NULL) + return 0; + resp[0] = (char *)response; + res = device->respond(authctxt->kbdintctxt, 1, resp); + device->free_ctx(authctxt->kbdintctxt); + authctxt->kbdintctxt = NULL; + return res ? 0 : 1; } -#endif -#endif diff --git a/crypto/openssh/auth-krb4.c b/crypto/openssh/auth-krb4.c index 8bb6e3d6f363..f7a144f9d6e7 100644 --- a/crypto/openssh/auth-krb4.c +++ b/crypto/openssh/auth-krb4.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-krb4.c,v 1.23 2001/01/22 08:15:00 markus Exp $"); +RCSID("$OpenBSD: auth-krb4.c,v 1.25 2001/12/19 07:18:56 deraadt Exp $"); #include "ssh.h" #include "ssh1.h" @@ -31,6 +31,7 @@ RCSID("$OpenBSD: auth-krb4.c,v 1.23 2001/01/22 08:15:00 markus Exp $"); #include "xmalloc.h" #include "log.h" #include "servconf.h" +#include "uidswap.h" #include "auth.h" #ifdef AFS @@ -38,48 +39,92 @@ RCSID("$OpenBSD: auth-krb4.c,v 1.23 2001/01/22 08:15:00 markus Exp $"); #endif #ifdef KRB4 -char *ticket = NULL; - extern ServerOptions options; +static int +krb4_init(void *context) +{ + static int cleanup_registered = 0; + Authctxt *authctxt = (Authctxt *)context; + const char *tkt_root = TKT_ROOT; + struct stat st; + int fd; + + if (!authctxt->krb4_ticket_file) { + /* Set unique ticket string manually since we're still root. */ + authctxt->krb4_ticket_file = xmalloc(MAXPATHLEN); +#ifdef AFS + if (lstat("/ticket", &st) != -1) + tkt_root = "/ticket/"; +#endif /* AFS */ + snprintf(authctxt->krb4_ticket_file, MAXPATHLEN, "%s%u_%d", + tkt_root, authctxt->pw->pw_uid, getpid()); + krb_set_tkt_string(authctxt->krb4_ticket_file); + } + /* Register ticket cleanup in case of fatal error. */ + if (!cleanup_registered) { + fatal_add_cleanup(krb4_cleanup_proc, authctxt); + cleanup_registered = 1; + } + /* Try to create our ticket file. */ + if ((fd = mkstemp(authctxt->krb4_ticket_file)) != -1) { + close(fd); + return (1); + } + /* Ticket file exists - make sure user owns it (just passed ticket). */ + if (lstat(authctxt->krb4_ticket_file, &st) != -1) { + if (st.st_mode == (S_IFREG | S_IRUSR | S_IWUSR) && + st.st_uid == authctxt->pw->pw_uid) + return (1); + } + /* Failure - cancel cleanup function, leaving ticket for inspection. */ + log("WARNING: bad ticket file %s", authctxt->krb4_ticket_file); + + fatal_remove_cleanup(krb4_cleanup_proc, authctxt); + cleanup_registered = 0; + + xfree(authctxt->krb4_ticket_file); + authctxt->krb4_ticket_file = NULL; + + return (0); +} + /* * try krb4 authentication, * return 1 on success, 0 on failure, -1 if krb4 is not available */ - int -auth_krb4_password(struct passwd * pw, const char *password) +auth_krb4_password(Authctxt *authctxt, const char *password) { AUTH_DAT adata; KTEXT_ST tkt; struct hostent *hp; - u_long faddr; - char localhost[MAXHOSTNAMELEN]; - char phost[INST_SZ]; - char realm[REALM_SZ]; + struct passwd *pw; + char localhost[MAXHOSTNAMELEN], phost[INST_SZ], realm[REALM_SZ]; + u_int32_t faddr; int r; + if ((pw = authctxt->pw) == NULL) + return (0); + /* * Try Kerberos password authentication only for non-root * users and only if Kerberos is installed. */ if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) { - /* Set up our ticket file. */ - if (!krb4_init(pw->pw_uid)) { + if (!krb4_init(authctxt)) { log("Couldn't initialize Kerberos ticket file for %s!", pw->pw_name); - goto kerberos_auth_failure; + goto failure; } /* Try to get TGT using our password. */ - r = krb_get_pw_in_tkt((char *) pw->pw_name, "", - realm, "krbtgt", realm, - DEFAULT_TKT_LIFE, (char *) password); + r = krb_get_pw_in_tkt((char *) pw->pw_name, "", realm, + "krbtgt", realm, DEFAULT_TKT_LIFE, (char *)password); if (r != INTK_OK) { - packet_send_debug("Kerberos V4 password " - "authentication for %s failed: %s", - pw->pw_name, krb_err_txt[r]); - goto kerberos_auth_failure; + debug("Kerberos v4 password authentication for %s " + "failed: %s", pw->pw_name, krb_err_txt[r]); + goto failure; } /* Successful authentication. */ chown(tkt_string(), pw->pw_uid, pw->pw_gid); @@ -89,17 +134,17 @@ auth_krb4_password(struct passwd * pw, const char *password) * "rcmd" ticket to ensure that we are not talking * to a bogus Kerberos server. */ - (void) gethostname(localhost, sizeof(localhost)); - (void) strlcpy(phost, (char *) krb_get_phost(localhost), - INST_SZ); + gethostname(localhost, sizeof(localhost)); + strlcpy(phost, (char *)krb_get_phost(localhost), + sizeof(phost)); r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); if (r == KSUCCESS) { - if (!(hp = gethostbyname(localhost))) { + if ((hp = gethostbyname(localhost)) == NULL) { log("Couldn't get local host address!"); - goto kerberos_auth_failure; + goto failure; } - memmove((void *) &faddr, (void *) hp->h_addr, + memmove((void *)&faddr, (void *)hp->h_addr, sizeof(faddr)); /* Verify our "rcmd" ticket. */ @@ -110,116 +155,71 @@ auth_krb4_password(struct passwd * pw, const char *password) * Probably didn't have a srvtab on * localhost. Disallow login. */ - log("Kerberos V4 TGT for %s unverifiable, " + log("Kerberos v4 TGT for %s unverifiable, " "no srvtab installed? krb_rd_req: %s", pw->pw_name, krb_err_txt[r]); - goto kerberos_auth_failure; + goto failure; } else if (r != KSUCCESS) { - log("Kerberos V4 %s ticket unverifiable: %s", + log("Kerberos v4 %s ticket unverifiable: %s", KRB4_SERVICE_NAME, krb_err_txt[r]); - goto kerberos_auth_failure; + goto failure; } } else if (r == KDC_PR_UNKNOWN) { /* * Disallow login if no rcmd service exists, and * log the error. */ - log("Kerberos V4 TGT for %s unverifiable: %s; %s.%s " + log("Kerberos v4 TGT for %s unverifiable: %s; %s.%s " "not registered, or srvtab is wrong?", pw->pw_name, - krb_err_txt[r], KRB4_SERVICE_NAME, phost); - goto kerberos_auth_failure; + krb_err_txt[r], KRB4_SERVICE_NAME, phost); + goto failure; } else { /* * TGT is bad, forget it. Possibly spoofed! */ - packet_send_debug("WARNING: Kerberos V4 TGT " - "possibly spoofed for %s: %s", - pw->pw_name, krb_err_txt[r]); - goto kerberos_auth_failure; + debug("WARNING: Kerberos v4 TGT possibly spoofed " + "for %s: %s", pw->pw_name, krb_err_txt[r]); + goto failure; } - /* Authentication succeeded. */ - return 1; + return (1); + } else + /* Logging in as root or no local Kerberos realm. */ + debug("Unable to authenticate to Kerberos."); -kerberos_auth_failure: - krb4_cleanup_proc(NULL); + failure: + krb4_cleanup_proc(authctxt); + + if (!options.kerberos_or_local_passwd) + return (0); - if (!options.kerberos_or_local_passwd) - return 0; - } else { - /* Logging in as root or no local Kerberos realm. */ - packet_send_debug("Unable to authenticate to Kerberos."); - } /* Fall back to ordinary passwd authentication. */ - return -1; + return (-1); } void -krb4_cleanup_proc(void *ignore) +krb4_cleanup_proc(void *context) { + Authctxt *authctxt = (Authctxt *)context; debug("krb4_cleanup_proc called"); - if (ticket) { + if (authctxt->krb4_ticket_file) { (void) dest_tkt(); - xfree(ticket); - ticket = NULL; - } -} - -int -krb4_init(uid_t uid) -{ - static int cleanup_registered = 0; - const char *tkt_root = TKT_ROOT; - struct stat st; - int fd; - - if (!ticket) { - /* Set unique ticket string manually since we're still root. */ - ticket = xmalloc(MAXPATHLEN); -#ifdef AFS - if (lstat("/ticket", &st) != -1) - tkt_root = "/ticket/"; -#endif /* AFS */ - snprintf(ticket, MAXPATHLEN, "%s%u_%d", tkt_root, uid, getpid()); - (void) krb_set_tkt_string(ticket); - } - /* Register ticket cleanup in case of fatal error. */ - if (!cleanup_registered) { - fatal_add_cleanup(krb4_cleanup_proc, NULL); - cleanup_registered = 1; - } - /* Try to create our ticket file. */ - if ((fd = mkstemp(ticket)) != -1) { - close(fd); - return 1; + xfree(authctxt->krb4_ticket_file); + authctxt->krb4_ticket_file = NULL; } - /* Ticket file exists - make sure user owns it (just passed ticket). */ - if (lstat(ticket, &st) != -1) { - if (st.st_mode == (S_IFREG | S_IRUSR | S_IWUSR) && - st.st_uid == uid) - return 1; - } - /* Failure - cancel cleanup function, leaving bad ticket for inspection. */ - log("WARNING: bad ticket file %s", ticket); - fatal_remove_cleanup(krb4_cleanup_proc, NULL); - cleanup_registered = 0; - xfree(ticket); - ticket = NULL; - - return 0; } int -auth_krb4(const char *server_user, KTEXT auth, char **client) +auth_krb4(Authctxt *authctxt, KTEXT auth, char **client) { AUTH_DAT adat = {0}; KTEXT_ST reply; + Key_schedule schedule; + struct sockaddr_in local, foreign; char instance[INST_SZ]; - int r, s; socklen_t slen; u_int cksum; - Key_schedule schedule; - struct sockaddr_in local, foreign; + int r, s; s = packet_get_connection_in(); @@ -237,9 +237,10 @@ auth_krb4(const char *server_user, KTEXT auth, char **client) instance[1] = 0; /* Get the encrypted request, challenge, and session key. */ - if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, 0, &adat, ""))) { - packet_send_debug("Kerberos V4 krb_rd_req: %.100s", krb_err_txt[r]); - return 0; + if ((r = krb_rd_req(auth, KRB4_SERVICE_NAME, instance, + 0, &adat, ""))) { + debug("Kerberos v4 krb_rd_req: %.100s", krb_err_txt[r]); + return (0); } des_key_sched((des_cblock *) adat.session, schedule); @@ -248,12 +249,11 @@ auth_krb4(const char *server_user, KTEXT auth, char **client) *adat.pinst ? "." : "", adat.pinst, adat.prealm); /* Check ~/.klogin authorization now. */ - if (kuserok(&adat, (char *) server_user) != KSUCCESS) { - packet_send_debug("Kerberos V4 .klogin authorization failed!"); - log("Kerberos V4 .klogin authorization failed for %s to account %s", - *client, server_user); + if (kuserok(&adat, authctxt->user) != KSUCCESS) { + log("Kerberos v4 .klogin authorization failed for %s to " + "account %s", *client, authctxt->user); xfree(*client); - return 0; + return (0); } /* Increment the checksum, and return it encrypted with the session key. */ @@ -264,7 +264,7 @@ auth_krb4(const char *server_user, KTEXT auth, char **client) empty message, admitting our failure. */ if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1, schedule, &adat.session, &local, &foreign)) < 0) { - packet_send_debug("Kerberos V4 mk_priv: (%d) %s", r, krb_err_txt[r]); + debug("Kerberos v4 mk_priv: (%d) %s", r, krb_err_txt[r]); reply.dat[0] = 0; reply.length = 0; } else @@ -277,89 +277,79 @@ auth_krb4(const char *server_user, KTEXT auth, char **client) packet_put_string((char *) reply.dat, reply.length); packet_send(); packet_write_wait(); - return 1; + return (1); } #endif /* KRB4 */ #ifdef AFS int -auth_kerberos_tgt(struct passwd *pw, const char *string) +auth_krb4_tgt(Authctxt *authctxt, const char *string) { CREDENTIALS creds; + struct passwd *pw; + + if ((pw = authctxt->pw) == NULL) + goto failure; + + temporarily_use_uid(pw); - if (pw == NULL) - goto auth_kerberos_tgt_failure; if (!radix_to_creds(string, &creds)) { - log("Protocol error decoding Kerberos V4 tgt"); - packet_send_debug("Protocol error decoding Kerberos V4 tgt"); - goto auth_kerberos_tgt_failure; + log("Protocol error decoding Kerberos v4 TGT"); + goto failure; } if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ strlcpy(creds.service, "krbtgt", sizeof creds.service); if (strcmp(creds.service, "krbtgt")) { - log("Kerberos V4 tgt (%s%s%s@%s) rejected for %s", creds.pname, - creds.pinst[0] ? "." : "", creds.pinst, creds.realm, - pw->pw_name); - packet_send_debug("Kerberos V4 tgt (%s%s%s@%s) rejected for %s", + log("Kerberos v4 TGT (%s%s%s@%s) rejected for %s", creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm, pw->pw_name); - goto auth_kerberos_tgt_failure; + goto failure; } - if (!krb4_init(pw->pw_uid)) - goto auth_kerberos_tgt_failure; + if (!krb4_init(authctxt)) + goto failure; if (in_tkt(creds.pname, creds.pinst) != KSUCCESS) - goto auth_kerberos_tgt_failure; + goto failure; if (save_credentials(creds.service, creds.instance, creds.realm, - creds.session, creds.lifetime, creds.kvno, - &creds.ticket_st, creds.issue_date) != KSUCCESS) { - packet_send_debug("Kerberos V4 tgt refused: couldn't save credentials"); - goto auth_kerberos_tgt_failure; + creds.session, creds.lifetime, creds.kvno, &creds.ticket_st, + creds.issue_date) != KSUCCESS) { + debug("Kerberos v4 TGT refused: couldn't save credentials"); + goto failure; } /* Successful authentication, passed all checks. */ chown(tkt_string(), pw->pw_uid, pw->pw_gid); - packet_send_debug("Kerberos V4 tgt accepted (%s.%s@%s, %s%s%s@%s)", - creds.service, creds.instance, creds.realm, creds.pname, - creds.pinst[0] ? "." : "", creds.pinst, creds.realm); + debug("Kerberos v4 TGT accepted (%s%s%s@%s)", + creds.pname, creds.pinst[0] ? "." : "", creds.pinst, creds.realm); memset(&creds, 0, sizeof(creds)); - packet_start(SSH_SMSG_SUCCESS); - packet_send(); - packet_write_wait(); - return 1; -auth_kerberos_tgt_failure: - krb4_cleanup_proc(NULL); + restore_uid(); + + return (1); + + failure: + krb4_cleanup_proc(authctxt); memset(&creds, 0, sizeof(creds)); - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - return 0; + restore_uid(); + + return (0); } int -auth_afs_token(struct passwd *pw, const char *token_string) +auth_afs_token(Authctxt *authctxt, const char *token_string) { CREDENTIALS creds; + struct passwd *pw; uid_t uid; - if (pw == NULL) { - /* XXX fake protocol error */ - packet_send_debug("Protocol error decoding AFS token"); - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - return 0; - } + if ((pw = authctxt->pw) == NULL) + return (0); + if (!radix_to_creds(token_string, &creds)) { log("Protocol error decoding AFS token"); - packet_send_debug("Protocol error decoding AFS token"); - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - return 0; + return (0); } if (strncmp(creds.service, "", 1) == 0) /* backward compatibility */ strlcpy(creds.service, "afs", sizeof creds.service); @@ -370,22 +360,14 @@ auth_afs_token(struct passwd *pw, const char *token_string) uid = pw->pw_uid; if (kafs_settoken(creds.realm, uid, &creds)) { - log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, - pw->pw_name); - packet_send_debug("AFS token (%s@%s) rejected for %s", creds.pname, - creds.realm, pw->pw_name); + log("AFS token (%s@%s) rejected for %s", + creds.pname, creds.realm, pw->pw_name); memset(&creds, 0, sizeof(creds)); - packet_start(SSH_SMSG_FAILURE); - packet_send(); - packet_write_wait(); - return 0; + return (0); } - packet_send_debug("AFS token accepted (%s@%s, %s@%s)", creds.service, - creds.realm, creds.pname, creds.realm); + debug("AFS token accepted (%s@%s)", creds.pname, creds.realm); memset(&creds, 0, sizeof(creds)); - packet_start(SSH_SMSG_SUCCESS); - packet_send(); - packet_write_wait(); - return 1; + + return (1); } #endif /* AFS */ diff --git a/crypto/openssh/auth-krb5.c b/crypto/openssh/auth-krb5.c new file mode 100644 index 000000000000..0f645676d9de --- /dev/null +++ b/crypto/openssh/auth-krb5.c @@ -0,0 +1,273 @@ +/* + * Kerberos v5 authentication and ticket-passing routines. + * + * $FreeBSD$ + */ + +#include "includes.h" +RCSID("$OpenBSD: auth-krb5.c,v 1.6 2002/03/04 17:27:39 stevesk Exp $"); + +#include "ssh.h" +#include "ssh1.h" +#include "packet.h" +#include "xmalloc.h" +#include "log.h" +#include "servconf.h" +#include "uidswap.h" +#include "auth.h" + +#ifdef KRB5 +#include <krb5.h> + +extern ServerOptions options; + +static int +krb5_init(void *context) +{ + Authctxt *authctxt = (Authctxt *)context; + krb5_error_code problem; + static int cleanup_registered = 0; + + if (authctxt->krb5_ctx == NULL) { + problem = krb5_init_context(&authctxt->krb5_ctx); + if (problem) + return (problem); + krb5_init_ets(authctxt->krb5_ctx); + } + if (!cleanup_registered) { + fatal_add_cleanup(krb5_cleanup_proc, authctxt); + cleanup_registered = 1; + } + return (0); +} + +/* + * Try krb5 authentication. server_user is passed for logging purposes + * only, in auth is received ticket, in client is returned principal + * from the ticket + */ +int +auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client) +{ + krb5_error_code problem; + krb5_principal server; + krb5_data reply; + krb5_ticket *ticket; + int fd, ret; + + ret = 0; + server = NULL; + ticket = NULL; + reply.length = 0; + + problem = krb5_init(authctxt); + if (problem) + goto err; + + problem = krb5_auth_con_init(authctxt->krb5_ctx, + &authctxt->krb5_auth_ctx); + if (problem) + goto err; + + fd = packet_get_connection_in(); + problem = krb5_auth_con_setaddrs_from_fd(authctxt->krb5_ctx, + authctxt->krb5_auth_ctx, &fd); + if (problem) + goto err; + + problem = krb5_sname_to_principal(authctxt->krb5_ctx, NULL, NULL , + KRB5_NT_SRV_HST, &server); + if (problem) + goto err; + + problem = krb5_rd_req(authctxt->krb5_ctx, &authctxt->krb5_auth_ctx, + auth, server, NULL, NULL, &ticket); + if (problem) + goto err; + + problem = krb5_copy_principal(authctxt->krb5_ctx, ticket->client, + &authctxt->krb5_user); + if (problem) + goto err; + + /* if client wants mutual auth */ + problem = krb5_mk_rep(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, + &reply); + if (problem) + goto err; + + /* Check .k5login authorization now. */ + if (!krb5_kuserok(authctxt->krb5_ctx, authctxt->krb5_user, + authctxt->pw->pw_name)) + goto err; + + if (client) + krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user, + client); + + packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE); + packet_put_string((char *) reply.data, reply.length); + packet_send(); + packet_write_wait(); + + ret = 1; + err: + if (server) + krb5_free_principal(authctxt->krb5_ctx, server); + if (ticket) + krb5_free_ticket(authctxt->krb5_ctx, ticket); + if (reply.length) + xfree(reply.data); + + if (problem) { + if (authctxt->krb5_ctx != NULL) + debug("Kerberos v5 authentication failed: %s", + krb5_get_err_text(authctxt->krb5_ctx, problem)); + else + debug("Kerberos v5 authentication failed: %d", + problem); + } + + return (ret); +} + +int +auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt) +{ + krb5_error_code problem; + krb5_ccache ccache = NULL; + char *pname; + + if (authctxt->pw == NULL || authctxt->krb5_user == NULL) + return (0); + + temporarily_use_uid(authctxt->pw); + + problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache); + if (problem) + goto fail; + + problem = krb5_cc_initialize(authctxt->krb5_ctx, ccache, + authctxt->krb5_user); + if (problem) + goto fail; + + problem = krb5_rd_cred2(authctxt->krb5_ctx, authctxt->krb5_auth_ctx, + ccache, tgt); + if (problem) + goto fail; + + authctxt->krb5_fwd_ccache = ccache; + ccache = NULL; + + authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); + + problem = krb5_unparse_name(authctxt->krb5_ctx, authctxt->krb5_user, + &pname); + if (problem) + goto fail; + + debug("Kerberos v5 TGT accepted (%s)", pname); + + restore_uid(); + + return (1); + + fail: + if (problem) + debug("Kerberos v5 TGT passing failed: %s", + krb5_get_err_text(authctxt->krb5_ctx, problem)); + if (ccache) + krb5_cc_destroy(authctxt->krb5_ctx, ccache); + + restore_uid(); + + return (0); +} + +int +auth_krb5_password(Authctxt *authctxt, const char *password) +{ + krb5_error_code problem; + + if (authctxt->pw == NULL) + return (0); + + temporarily_use_uid(authctxt->pw); + + problem = krb5_init(authctxt); + if (problem) + goto out; + + problem = krb5_parse_name(authctxt->krb5_ctx, authctxt->pw->pw_name, + &authctxt->krb5_user); + if (problem) + goto out; + + problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, + &authctxt->krb5_fwd_ccache); + if (problem) + goto out; + + problem = krb5_cc_initialize(authctxt->krb5_ctx, + authctxt->krb5_fwd_ccache, authctxt->krb5_user); + if (problem) + goto out; + + restore_uid(); + problem = krb5_verify_user(authctxt->krb5_ctx, authctxt->krb5_user, + authctxt->krb5_fwd_ccache, password, 1, NULL); + temporarily_use_uid(authctxt->pw); + + if (problem) + goto out; + + authctxt->krb5_ticket_file = (char *)krb5_cc_get_name(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); + + out: + restore_uid(); + + if (problem) { + if (authctxt->krb5_ctx != NULL) + debug("Kerberos password authentication failed: %s", + krb5_get_err_text(authctxt->krb5_ctx, problem)); + else + debug("Kerberos password authentication failed: %d", + problem); + + krb5_cleanup_proc(authctxt); + + if (options.kerberos_or_local_passwd) + return (-1); + else + return (0); + } + return (1); +} + +void +krb5_cleanup_proc(void *context) +{ + Authctxt *authctxt = (Authctxt *)context; + + debug("krb5_cleanup_proc called"); + if (authctxt->krb5_fwd_ccache) { + krb5_cc_destroy(authctxt->krb5_ctx, authctxt->krb5_fwd_ccache); + authctxt->krb5_fwd_ccache = NULL; + } + if (authctxt->krb5_user) { + krb5_free_principal(authctxt->krb5_ctx, authctxt->krb5_user); + authctxt->krb5_user = NULL; + } + if (authctxt->krb5_auth_ctx) { + krb5_auth_con_free(authctxt->krb5_ctx, + authctxt->krb5_auth_ctx); + authctxt->krb5_auth_ctx = NULL; + } + if (authctxt->krb5_ctx) { + krb5_free_context(authctxt->krb5_ctx); + authctxt->krb5_ctx = NULL; + } +} + +#endif /* KRB5 */ diff --git a/crypto/openssh/auth-options.c b/crypto/openssh/auth-options.c index 443f5414ad1e..8df6a6dfcabb 100644 --- a/crypto/openssh/auth-options.c +++ b/crypto/openssh/auth-options.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-options.c,v 1.16 2001/03/18 12:07:52 markus Exp $"); +RCSID("$OpenBSD: auth-options.c,v 1.21 2002/01/29 14:32:03 markus Exp $"); #include "packet.h" #include "xmalloc.h" @@ -20,6 +20,7 @@ RCSID("$OpenBSD: auth-options.c,v 1.16 2001/03/18 12:07:52 markus Exp $"); #include "channels.h" #include "auth-options.h" #include "servconf.h" +#include "misc.h" /* Flags set authorized_keys flags */ int no_port_forwarding_flag = 0; @@ -167,10 +168,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) } cp = "from=\""; if (strncasecmp(opts, cp, strlen(cp)) == 0) { - int mname, mip; const char *remote_ip = get_remote_ipaddr(); const char *remote_host = get_canonical_hostname( - options.reverse_mapping_check); + options.verify_reverse_mapping); char *patterns = xmalloc(strlen(opts) + 1); opts += strlen(cp); @@ -195,18 +195,9 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) } patterns[i] = 0; opts++; - /* - * Deny access if we get a negative - * match for the hostname or the ip - * or if we get not match at all - */ - mname = match_hostname(remote_host, patterns, - strlen(patterns)); - mip = match_hostname(remote_ip, patterns, - strlen(patterns)); - xfree(patterns); - if (mname == -1 || mip == -1 || - (mname != 1 && mip != 1)) { + if (match_host_and_ip(remote_host, remote_ip, + patterns) != 1) { + xfree(patterns); log("Authentication tried for %.100s with " "correct key but not from a permitted " "host (host=%.200s, ip=%.200s).", @@ -217,13 +208,14 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) /* deny access */ return 0; } + xfree(patterns); /* Host name matches. */ goto next_option; } cp = "permitopen=\""; if (strncasecmp(opts, cp, strlen(cp)) == 0) { + char host[256], sport[6]; u_short port; - char *c, *ep; char *patterns = xmalloc(strlen(opts) + 1); opts += strlen(cp); @@ -248,28 +240,25 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) } patterns[i] = 0; opts++; - c = strchr(patterns, ':'); - if (c == NULL) { - debug("%.100s, line %lu: permitopen: missing colon <%.100s>", - file, linenum, patterns); - packet_send_debug("%.100s, line %lu: missing colon", - file, linenum); + if (sscanf(patterns, "%255[^:]:%5[0-9]", host, sport) != 2 && + sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) { + debug("%.100s, line %lu: Bad permitopen specification " + "<%.100s>", file, linenum, patterns); + packet_send_debug("%.100s, line %lu: " + "Bad permitopen specification", file, linenum); xfree(patterns); goto bad_option; } - *c = 0; - c++; - port = strtol(c, &ep, 0); - if (c == ep) { - debug("%.100s, line %lu: permitopen: missing port <%.100s>", - file, linenum, patterns); - packet_send_debug("%.100s, line %lu: missing port", - file, linenum); + if ((port = a2port(sport)) == 0) { + debug("%.100s, line %lu: Bad permitopen port <%.100s>", + file, linenum, sport); + packet_send_debug("%.100s, line %lu: " + "Bad permitopen port", file, linenum); xfree(patterns); goto bad_option; } if (options.allow_tcp_forwarding) - channel_add_permitted_opens(patterns, port); + channel_add_permitted_opens(host, port); xfree(patterns); goto next_option; } diff --git a/crypto/openssh/auth-options.h b/crypto/openssh/auth-options.h index 8ee269491038..aa6270fd62ef 100644 --- a/crypto/openssh/auth-options.h +++ b/crypto/openssh/auth-options.h @@ -1,3 +1,5 @@ +/* $OpenBSD: auth-options.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,8 +13,6 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* $OpenBSD: auth-options.h,v 1.8 2001/01/21 19:05:42 markus Exp $ */ - #ifndef AUTH_OPTIONS_H #define AUTH_OPTIONS_H @@ -30,15 +30,7 @@ extern int no_pty_flag; extern char *forced_command; extern struct envstring *custom_environment; -/* - * return 1 if access is granted, 0 if not. - * side effect: sets key option flags - */ -int -auth_parse_options(struct passwd *pw, char *options, char *file, - u_long linenum); - -/* reset options flags */ +int auth_parse_options(struct passwd *, char *, char *, u_long); void auth_clear_options(void); #endif diff --git a/crypto/openssh/auth-passwd.c b/crypto/openssh/auth-passwd.c index d97e7d928b31..915991f435f1 100644 --- a/crypto/openssh/auth-passwd.c +++ b/crypto/openssh/auth-passwd.c @@ -36,10 +36,9 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-passwd.c,v 1.22 2001/03/20 18:57:04 markus Exp $"); +RCSID("$OpenBSD: auth-passwd.c,v 1.24 2002/03/04 12:43:06 markus Exp $"); #include "packet.h" -#include "xmalloc.h" #include "log.h" #include "servconf.h" #include "auth.h" @@ -64,23 +63,29 @@ auth_password(Authctxt *authctxt, const char *password) return 0; if (*password == '\0' && options.permit_empty_passwd == 0) return 0; -#ifdef BSD_AUTH - if (auth_userokay(pw->pw_name, authctxt->style, "auth-ssh", - (char *)password) == 0) - return 0; - else - return 1; +#ifdef KRB5 + if (options.kerberos_authentication == 1) { + int ret = auth_krb5_password(authctxt, password); + if (ret == 1 || ret == 0) + return ret; + /* Fall back to ordinary passwd authentication. */ + } #endif - #ifdef KRB4 if (options.kerberos_authentication == 1) { - int ret = auth_krb4_password(pw, password); + int ret = auth_krb4_password(authctxt, password); if (ret == 1 || ret == 0) return ret; /* Fall back to ordinary passwd authentication. */ } #endif - +#ifdef BSD_AUTH + if (auth_userokay(pw->pw_name, authctxt->style, "auth-ssh", + (char *)password) == 0) + return 0; + else + return 1; +#endif /* Check for users with no password. */ if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) return 1; diff --git a/crypto/openssh/auth-rh-rsa.c b/crypto/openssh/auth-rh-rsa.c index 506a5a239815..d1b7ae996d50 100644 --- a/crypto/openssh/auth-rh-rsa.c +++ b/crypto/openssh/auth-rh-rsa.c @@ -13,10 +13,9 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rh-rsa.c,v 1.23 2001/04/06 21:00:04 markus Exp $"); +RCSID("$OpenBSD: auth-rh-rsa.c,v 1.29 2002/03/04 12:43:06 markus Exp $"); #include "packet.h" -#include "xmalloc.h" #include "uidswap.h" #include "log.h" #include "servconf.h" @@ -24,7 +23,6 @@ RCSID("$OpenBSD: auth-rh-rsa.c,v 1.23 2001/04/06 21:00:04 markus Exp $"); #include "hostfile.h" #include "pathnames.h" #include "auth.h" -#include "tildexpand.h" #include "canohost.h" /* @@ -33,16 +31,15 @@ RCSID("$OpenBSD: auth-rh-rsa.c,v 1.23 2001/04/06 21:00:04 markus Exp $"); */ int -auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key) +auth_rhosts_rsa(struct passwd *pw, const char *client_user, Key *client_host_key) { extern ServerOptions options; const char *canonical_hostname; HostStatus host_status; - Key *client_key, *found; debug("Trying rhosts with RSA host authentication for client user %.100s", client_user); - if (pw == NULL || client_host_key == NULL) + if (pw == NULL || client_host_key == NULL || client_host_key->rsa == NULL) return 0; /* Check if we would accept it using rhosts authentication. */ @@ -50,45 +47,13 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key return 0; canonical_hostname = get_canonical_hostname( - options.reverse_mapping_check); + options.verify_reverse_mapping); debug("Rhosts RSA authentication: canonical host %.900s", canonical_hostname); - /* wrap the RSA key into a 'generic' key */ - client_key = key_new(KEY_RSA1); - BN_copy(client_key->rsa->e, client_host_key->e); - BN_copy(client_key->rsa->n, client_host_key->n); - found = key_new(KEY_RSA1); - - /* Check if we know the host and its host key. */ - host_status = check_host_in_hostfile(_PATH_SSH_SYSTEM_HOSTFILE, canonical_hostname, - client_key, found, NULL); - - /* Check user host file unless ignored. */ - if (host_status != HOST_OK && !options.ignore_user_known_hosts) { - struct stat st; - char *user_hostfile = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE, pw->pw_uid); - /* - * Check file permissions of _PATH_SSH_USER_HOSTFILE, auth_rsa() - * did already check pw->pw_dir, but there is a race XXX - */ - if (options.strict_modes && - (stat(user_hostfile, &st) == 0) && - ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { - log("Rhosts RSA authentication refused for %.100s: bad owner or modes for %.200s", - pw->pw_name, user_hostfile); - } else { - /* XXX race between stat and the following open() */ - temporarily_use_uid(pw); - host_status = check_host_in_hostfile(user_hostfile, canonical_hostname, - client_key, found, NULL); - restore_uid(); - } - xfree(user_hostfile); - } - key_free(client_key); - key_free(found); + host_status = check_key_in_hostfiles(pw, client_host_key, + canonical_hostname, _PATH_SSH_SYSTEM_HOSTFILE, + options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE); if (host_status != HOST_OK) { debug("Rhosts with RSA host authentication denied: unknown or invalid host key"); @@ -98,7 +63,7 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, RSA *client_host_key /* A matching host key was found and is known. */ /* Perform the challenge-response dialog with the client for the host key. */ - if (!auth_rsa_challenge_dialog(client_host_key)) { + if (!auth_rsa_challenge_dialog(client_host_key->rsa)) { log("Client on %.800s failed to respond correctly to host authentication.", canonical_hostname); return 0; diff --git a/crypto/openssh/auth-rhosts.c b/crypto/openssh/auth-rhosts.c index 324a0f925902..bd15261f7059 100644 --- a/crypto/openssh/auth-rhosts.c +++ b/crypto/openssh/auth-rhosts.c @@ -14,10 +14,9 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rhosts.c,v 1.23 2001/04/12 19:15:24 markus Exp $"); +RCSID("$OpenBSD: auth-rhosts.c,v 1.27 2002/03/04 12:43:06 markus Exp $"); #include "packet.h" -#include "xmalloc.h" #include "uidswap.h" #include "pathnames.h" #include "log.h" @@ -34,7 +33,7 @@ extern ServerOptions options; * based on the file, and returns zero otherwise. */ -int +static int check_rhosts_file(const char *filename, const char *hostname, const char *ipaddr, const char *client_user, const char *server_user) @@ -156,7 +155,7 @@ auth_rhosts(struct passwd *pw, const char *client_user) const char *hostname, *ipaddr; int ret; - hostname = get_canonical_hostname(options.reverse_mapping_check); + hostname = get_canonical_hostname(options.verify_reverse_mapping); ipaddr = get_remote_ipaddr(); ret = auth_rhosts2(pw, client_user, hostname, ipaddr); return ret; @@ -186,7 +185,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, * servers. */ for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; - rhosts_file_index++) { + rhosts_file_index++) { /* Check users .rhosts or .shosts. */ snprintf(buf, sizeof buf, "%.500s/%.100s", pw->pw_dir, rhosts_files[rhosts_file_index]); @@ -204,16 +203,16 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, /* If not logging in as superuser, try /etc/hosts.equiv and shosts.equiv. */ if (pw->pw_uid != 0) { - if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, client_user, - pw->pw_name)) { + if (check_rhosts_file(_PATH_RHOSTS_EQUIV, hostname, ipaddr, + client_user, pw->pw_name)) { packet_send_debug("Accepted for %.100s [%.100s] by /etc/hosts.equiv.", - hostname, ipaddr); + hostname, ipaddr); return 1; } - if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, client_user, - pw->pw_name)) { + if (check_rhosts_file(_PATH_SSH_HOSTS_EQUIV, hostname, ipaddr, + client_user, pw->pw_name)) { packet_send_debug("Accepted for %.100s [%.100s] by %.100s.", - hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); + hostname, ipaddr, _PATH_SSH_HOSTS_EQUIV); return 1; } } @@ -230,7 +229,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, } if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { + (st.st_mode & 022) != 0)) { log("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", pw->pw_name); packet_send_debug("Rhosts authentication refused for %.100s: bad ownership or modes for home directory.", @@ -242,7 +241,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, /* Check all .rhosts files (currently .shosts and .rhosts). */ for (rhosts_file_index = 0; rhosts_files[rhosts_file_index]; - rhosts_file_index++) { + rhosts_file_index++) { /* Check users .rhosts or .shosts. */ snprintf(buf, sizeof buf, "%.500s/%.100s", pw->pw_dir, rhosts_files[rhosts_file_index]); @@ -257,7 +256,7 @@ auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, */ if (options.strict_modes && ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { + (st.st_mode & 022) != 0)) { log("Rhosts authentication refused for %.100s: bad modes for %.200s", pw->pw_name, buf); packet_send_debug("Bad file modes for %.200s", buf); diff --git a/crypto/openssh/auth-rsa.c b/crypto/openssh/auth-rsa.c index 59bee18bd3f9..f7ae03cfdaf1 100644 --- a/crypto/openssh/auth-rsa.c +++ b/crypto/openssh/auth-rsa.c @@ -14,7 +14,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-rsa.c,v 1.40 2001/04/06 21:00:07 markus Exp $"); +RCSID("$OpenBSD: auth-rsa.c,v 1.50 2001/12/28 14:50:54 markus Exp $"); #include <openssl/rsa.h> #include <openssl/md5.h> @@ -31,6 +31,7 @@ RCSID("$OpenBSD: auth-rsa.c,v 1.40 2001/04/06 21:00:07 markus Exp $"); #include "log.h" #include "servconf.h" #include "auth.h" +#include "hostfile.h" /* import */ extern ServerOptions options; @@ -65,14 +66,17 @@ auth_rsa_challenge_dialog(RSA *pk) u_char buf[32], mdbuf[16], response[16]; MD5_CTX md; u_int i; - int plen, len; + int len; - encrypted_challenge = BN_new(); - challenge = BN_new(); + if ((encrypted_challenge = BN_new()) == NULL) + fatal("auth_rsa_challenge_dialog: BN_new() failed"); + if ((challenge = BN_new()) == NULL) + fatal("auth_rsa_challenge_dialog: BN_new() failed"); /* Generate a random challenge. */ BN_rand(challenge, 256, 0, 0); - ctx = BN_CTX_new(); + if ((ctx = BN_CTX_new()) == NULL) + fatal("auth_rsa_challenge_dialog: BN_CTX_new() failed"); BN_mod(challenge, challenge, pk->n, ctx); BN_CTX_free(ctx); @@ -87,10 +91,10 @@ auth_rsa_challenge_dialog(RSA *pk) packet_write_wait(); /* Wait for a response. */ - packet_read_expect(&plen, SSH_CMSG_AUTH_RSA_RESPONSE); - packet_integrity_check(plen, 16, SSH_CMSG_AUTH_RSA_RESPONSE); + packet_read_expect(SSH_CMSG_AUTH_RSA_RESPONSE); for (i = 0; i < 16; i++) response[i] = packet_get_char(); + packet_check_eom(); /* The response is MD5 of decrypted challenge plus session id. */ len = BN_num_bytes(challenge); @@ -122,13 +126,14 @@ auth_rsa_challenge_dialog(RSA *pk) int auth_rsa(struct passwd *pw, BIGNUM *client_n) { - char line[8192], file[MAXPATHLEN]; + char line[8192], *file; int authenticated; u_int bits; FILE *f; u_long linenum = 0; struct stat st; - RSA *pk; + Key *key; + char *fp; /* no user given */ if (pw == NULL) @@ -138,13 +143,14 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n) temporarily_use_uid(pw); /* The authorized keys. */ - snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir, - _PATH_SSH_USER_PERMITTED_KEYS); + file = authorized_keys_file(pw); + debug("trying public RSA key file %s", file); /* Fail quietly if file does not exist */ if (stat(file, &st) < 0) { /* Restore the privileged uid. */ restore_uid(); + xfree(file); return 0; } /* Open the file containing the authorized keys. */ @@ -154,50 +160,22 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n) restore_uid(); packet_send_debug("Could not open %.900s for reading.", file); packet_send_debug("If your home is on an NFS volume, it may need to be world-readable."); + xfree(file); return 0; } - if (options.strict_modes) { - int fail = 0; - char buf[1024]; - /* Check open file in order to avoid open/stat races */ - if (fstat(fileno(f), &st) < 0 || - (st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0) { - snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: " - "bad ownership or modes for '%s'.", pw->pw_name, file); - fail = 1; - } else { - /* Check path to _PATH_SSH_USER_PERMITTED_KEYS */ - int i; - static const char *check[] = { - "", _PATH_SSH_USER_DIR, NULL - }; - for (i = 0; check[i]; i++) { - snprintf(line, sizeof line, "%.500s/%.100s", pw->pw_dir, check[i]); - if (stat(line, &st) < 0 || - (st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0) { - snprintf(buf, sizeof buf, "RSA authentication refused for %.100s: " - "bad ownership or modes for '%s'.", pw->pw_name, line); - fail = 1; - break; - } - } - } - if (fail) { - fclose(f); - log("%s", buf); - packet_send_debug("%s", buf); - restore_uid(); - return 0; - } + if (options.strict_modes && + secure_filename(f, file, pw, line, sizeof(line)) != 0) { + xfree(file); + fclose(f); + log("Authentication refused: %s", line); + packet_send_debug("Authentication refused: %s", line); + restore_uid(); + return 0; } /* Flag indicating whether authentication has succeeded. */ authenticated = 0; - pk = RSA_new(); - pk->e = BN_new(); - pk->n = BN_new(); + key = key_new(KEY_RSA1); /* * Go though the accepted keys, looking for the current key. If @@ -235,24 +213,22 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n) options = NULL; /* Parse the key from the line. */ - if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) { - debug("%.100s, line %lu: bad key syntax", - file, linenum); - packet_send_debug("%.100s, line %lu: bad key syntax", + if (hostfile_read_key(&cp, &bits, key) == 0) { + debug("%.100s, line %lu: non ssh1 key syntax", file, linenum); continue; } /* cp now points to the comment part. */ /* Check if the we have found the desired key (identified by its modulus). */ - if (BN_cmp(pk->n, client_n) != 0) + if (BN_cmp(key->rsa->n, client_n) != 0) continue; /* check the real bits */ - if (bits != BN_num_bits(pk->n)) - log("Warning: %s, line %ld: keysize mismatch: " + if (bits != BN_num_bits(key->rsa->n)) + log("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.", - file, linenum, BN_num_bits(pk->n), bits); + file, linenum, BN_num_bits(key->rsa->n), bits); /* We have found the desired key. */ /* @@ -263,11 +239,15 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n) continue; /* Perform the challenge-response dialog for this key. */ - if (!auth_rsa_challenge_dialog(pk)) { + if (!auth_rsa_challenge_dialog(key->rsa)) { /* Wrong response. */ verbose("Wrong response to RSA authentication challenge."); packet_send_debug("Wrong response to RSA authentication challenge."); - continue; + /* + * Break out of the loop. Otherwise we might send + * another challenge and break the protocol. + */ + break; } /* * Correct response. The client has been successfully @@ -278,6 +258,12 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n) * otherwise continue searching. */ authenticated = 1; + + fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); + verbose("Found matching %s key: %s", + key_type(key), fp); + xfree(fp); + break; } @@ -285,9 +271,10 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n) restore_uid(); /* Close the file. */ + xfree(file); fclose(f); - RSA_free(pk); + key_free(key); if (authenticated) packet_send_debug("RSA authentication accepted."); diff --git a/crypto/openssh/auth-skey.c b/crypto/openssh/auth-skey.c index 95ff6e4656be..df19f75072d1 100644 --- a/crypto/openssh/auth-skey.c +++ b/crypto/openssh/auth-skey.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999,2000 Markus Friedl. All rights reserved. + * Copyright (c) 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -21,185 +21,76 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - #include "includes.h" -RCSID("$OpenBSD: auth-skey.c,v 1.9 2000/10/19 16:41:13 deraadt Exp $"); +RCSID("$OpenBSD: auth-skey.c,v 1.16 2002/01/12 13:10:29 markus Exp $"); -#include "ssh.h" -#include "packet.h" -#include <sha1.h> +#ifdef SKEY -/* - * try skey authentication, - * return 1 on success, 0 on failure, -1 if skey is not available - */ +#include <skey.h> -int -auth_skey_password(struct passwd * pw, const char *password) +#include "xmalloc.h" +#include "auth.h" + +static void * +skey_init_ctx(Authctxt *authctxt) { - if (strncasecmp(password, "s/key", 5) == 0) { - char *skeyinfo = skey_keyinfo(pw->pw_name); - if (skeyinfo == NULL) { - debug("generating fake skeyinfo for %.100s.", - pw->pw_name); - skeyinfo = skey_fake_keyinfo(pw->pw_name); - } - if (skeyinfo != NULL) - packet_send_debug("%s", skeyinfo); - /* Try again. */ - return 0; - } else if (skey_haskey(pw->pw_name) == 0 && - skey_passcheck(pw->pw_name, (char *) password) != -1) { - /* Authentication succeeded. */ - return 1; - } - /* Fall back to ordinary passwd authentication. */ - return -1; + return authctxt; } -/* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */ - -#define ROUND(x) (((x)[0] << 24) + (((x)[1]) << 16) + (((x)[2]) << 8) + \ - ((x)[3])) +#define PROMPT "\nS/Key Password: " -/* - * hash_collapse() - */ -static u_int32_t -hash_collapse(s) - u_char *s; +static int +skey_query(void *ctx, char **name, char **infotxt, + u_int* numprompts, char ***prompts, u_int **echo_on) { - int len, target; - u_int32_t i; - - if ((strlen(s) % sizeof(u_int32_t)) == 0) - target = strlen(s); /* Multiple of 4 */ - else - target = strlen(s) - (strlen(s) % sizeof(u_int32_t)); - - for (i = 0, len = 0; len < target; len += 4) - i ^= ROUND(s + len); - - return i; + Authctxt *authctxt = ctx; + char challenge[1024], *p; + int len; + struct skey skey; + + if (skeychallenge(&skey, authctxt->user, challenge) == -1) + return -1; + + *name = xstrdup(""); + *infotxt = xstrdup(""); + *numprompts = 1; + *prompts = xmalloc(*numprompts * sizeof(char*)); + *echo_on = xmalloc(*numprompts * sizeof(u_int)); + (*echo_on)[0] = 0; + + len = strlen(challenge) + strlen(PROMPT) + 1; + p = xmalloc(len); + strlcpy(p, challenge, len); + strlcat(p, PROMPT, len); + (*prompts)[0] = p; + + return 0; } -char * -skey_fake_keyinfo(char *username) +static int +skey_respond(void *ctx, u_int numresponses, char **responses) { - int i; - u_int ptr; - u_char hseed[SKEY_MAX_SEED_LEN], flg = 1, *up; - char pbuf[SKEY_MAX_PW_LEN+1]; - static char skeyprompt[SKEY_MAX_CHALLENGE+1]; - char *secret = NULL; - size_t secretlen = 0; - SHA1_CTX ctx; - char *p, *u; - - /* - * Base first 4 chars of seed on hostname. - * Add some filler for short hostnames if necessary. - */ - if (gethostname(pbuf, sizeof(pbuf)) == -1) - *(p = pbuf) = '.'; - else - for (p = pbuf; *p && isalnum(*p); p++) - if (isalpha(*p) && isupper(*p)) - *p = tolower(*p); - if (*p && pbuf - p < 4) - (void)strncpy(p, "asjd", 4 - (pbuf - p)); - pbuf[4] = '\0'; - - /* Hash the username if possible */ - if ((up = SHA1Data(username, strlen(username), NULL)) != NULL) { - struct stat sb; - time_t t; - int fd; + Authctxt *authctxt = ctx; - /* Collapse the hash */ - ptr = hash_collapse(up); - memset(up, 0, strlen(up)); - - /* See if the random file's there, else use ctime */ - if ((fd = open(_SKEY_RAND_FILE_PATH_, O_RDONLY)) != -1 - && fstat(fd, &sb) == 0 && - sb.st_size > (off_t)SKEY_MAX_SEED_LEN && - lseek(fd, ptr % (sb.st_size - SKEY_MAX_SEED_LEN), - SEEK_SET) != -1 && read(fd, hseed, - SKEY_MAX_SEED_LEN) == SKEY_MAX_SEED_LEN) { - close(fd); - fd = -1; - secret = hseed; - secretlen = SKEY_MAX_SEED_LEN; - flg = 0; - } else if (!stat(_PATH_MEM, &sb) || !stat("/", &sb)) { - t = sb.st_ctime; - secret = ctime(&t); - secretlen = strlen(secret); - flg = 0; - } - if (fd != -1) - close(fd); - } - - /* Put that in your pipe and smoke it */ - if (flg == 0) { - /* Hash secret value with username */ - SHA1Init(&ctx); - SHA1Update(&ctx, secret, secretlen); - SHA1Update(&ctx, username, strlen(username)); - SHA1End(&ctx, up); - - /* Zero out */ - memset(secret, 0, secretlen); - - /* Now hash the hash */ - SHA1Init(&ctx); - SHA1Update(&ctx, up, strlen(up)); - SHA1End(&ctx, up); - - ptr = hash_collapse(up + 4); - - for (i = 4; i < 9; i++) { - pbuf[i] = (ptr % 10) + '0'; - ptr /= 10; - } - pbuf[i] = '\0'; - - /* Sequence number */ - ptr = ((up[2] + up[3]) % 99) + 1; - - memset(up, 0, 20); /* SHA1 specific */ - free(up); - - (void)snprintf(skeyprompt, sizeof skeyprompt, - "otp-%.*s %d %.*s", - SKEY_MAX_HASHNAME_LEN, - skey_get_algorithm(), - ptr, SKEY_MAX_SEED_LEN, - pbuf); - } else { - /* Base last 8 chars of seed on username */ - u = username; - i = 8; - p = &pbuf[4]; - do { - if (*u == 0) { - /* Pad remainder with zeros */ - while (--i >= 0) - *p++ = '0'; - break; - } - - *p++ = (*u++ % 10) + '0'; - } while (--i != 0); - pbuf[12] = '\0'; + if (authctxt->valid && + numresponses == 1 && + skey_haskey(authctxt->pw->pw_name) == 0 && + skey_passcheck(authctxt->pw->pw_name, responses[0]) != -1) + return 0; + return -1; +} - (void)snprintf(skeyprompt, sizeof skeyprompt, - "otp-%.*s %d %.*s", - SKEY_MAX_HASHNAME_LEN, - skey_get_algorithm(), - 99, SKEY_MAX_SEED_LEN, pbuf); - } - return skeyprompt; +static void +skey_free_ctx(void *ctx) +{ + /* we don't have a special context */ } + +KbdintDevice skey_device = { + "skey", + skey_init_ctx, + skey_query, + skey_respond, + skey_free_ctx +}; +#endif /* SKEY */ diff --git a/crypto/openssh/auth.c b/crypto/openssh/auth.c index 75cd5ca1088a..6e29d662e781 100644 --- a/crypto/openssh/auth.c +++ b/crypto/openssh/auth.c @@ -23,7 +23,9 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.21 2001/03/19 17:07:23 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.35 2002/03/01 13:12:10 markus Exp $"); + +#include <libgen.h> #include "xmalloc.h" #include "match.h" @@ -33,6 +35,10 @@ RCSID("$OpenBSD: auth.c,v 1.21 2001/03/19 17:07:23 markus Exp $"); #include "auth.h" #include "auth-options.h" #include "canohost.h" +#include "buffer.h" +#include "bufaux.h" +#include "uidswap.h" +#include "tildexpand.h" /* import */ extern ServerOptions options; @@ -50,6 +56,7 @@ int allowed_user(struct passwd * pw) { struct stat st; + const char *hostname = NULL, *ipaddr = NULL; char *shell; int i; @@ -64,36 +71,60 @@ allowed_user(struct passwd * pw) shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; /* deny if shell does not exists or is not executable */ - if (stat(shell, &st) != 0) + if (stat(shell, &st) != 0) { + log("User %.100s not allowed because shell %.100s does not exist", + pw->pw_name, shell); return 0; - if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) + } + if (!((st.st_mode & S_IFREG) && (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)))) { + log("User %.100s not allowed because shell %.100s is not executable", + pw->pw_name, shell); return 0; + } + + if (options.num_deny_users > 0 || options.num_allow_users > 0) { + hostname = get_canonical_hostname(options.verify_reverse_mapping); + ipaddr = get_remote_ipaddr(); + } /* Return false if user is listed in DenyUsers */ if (options.num_deny_users > 0) { for (i = 0; i < options.num_deny_users; i++) - if (match_pattern(pw->pw_name, options.deny_users[i])) + if (match_user(pw->pw_name, hostname, ipaddr, + options.deny_users[i])) { + log("User %.100s not allowed because listed in DenyUsers", + pw->pw_name); return 0; + } } /* Return false if AllowUsers isn't empty and user isn't listed there */ if (options.num_allow_users > 0) { for (i = 0; i < options.num_allow_users; i++) - if (match_pattern(pw->pw_name, options.allow_users[i])) + if (match_user(pw->pw_name, hostname, ipaddr, + options.allow_users[i])) break; /* i < options.num_allow_users iff we break for loop */ - if (i >= options.num_allow_users) + if (i >= options.num_allow_users) { + log("User %.100s not allowed because not listed in AllowUsers", + pw->pw_name); return 0; + } } if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { /* Get the user's group access list (primary and supplementary) */ - if (ga_init(pw->pw_name, pw->pw_gid) == 0) + if (ga_init(pw->pw_name, pw->pw_gid) == 0) { + log("User %.100s not allowed because not in any group", + pw->pw_name); return 0; + } /* Return false if one of user's groups is listed in DenyGroups */ if (options.num_deny_groups > 0) if (ga_match(options.deny_groups, options.num_deny_groups)) { ga_free(); + log("User %.100s not allowed because a group is listed in DenyGroups", + pw->pw_name); return 0; } /* @@ -104,6 +135,8 @@ allowed_user(struct passwd * pw) if (!ga_match(options.allow_groups, options.num_allow_groups)) { ga_free(); + log("User %.100s not allowed because none of user's groups are listed in AllowGroups", + pw->pw_name); return 0; } ga_free(); @@ -142,7 +175,7 @@ auth_log(Authctxt *authctxt, int authenticated, char *method, char *info) authmsg, method, authctxt->valid ? "" : "illegal user ", - authctxt->valid && authctxt->pw->pw_uid == 0 ? "ROOT" : authctxt->user, + authctxt->user, get_remote_ipaddr(), get_remote_port(), info); @@ -172,3 +205,184 @@ auth_root_allowed(char *method) log("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr()); return 0; } + + +/* + * Given a template and a passwd structure, build a filename + * by substituting % tokenised options. Currently, %% becomes '%', + * %h becomes the home directory and %u the username. + * + * This returns a buffer allocated by xmalloc. + */ +char * +expand_filename(const char *filename, struct passwd *pw) +{ + Buffer buffer; + char *file; + const char *cp; + + /* + * Build the filename string in the buffer by making the appropriate + * substitutions to the given file name. + */ + buffer_init(&buffer); + for (cp = filename; *cp; cp++) { + if (cp[0] == '%' && cp[1] == '%') { + buffer_append(&buffer, "%", 1); + cp++; + continue; + } + if (cp[0] == '%' && cp[1] == 'h') { + buffer_append(&buffer, pw->pw_dir, strlen(pw->pw_dir)); + cp++; + continue; + } + if (cp[0] == '%' && cp[1] == 'u') { + buffer_append(&buffer, pw->pw_name, + strlen(pw->pw_name)); + cp++; + continue; + } + buffer_append(&buffer, cp, 1); + } + buffer_append(&buffer, "\0", 1); + + /* + * Ensure that filename starts anchored. If not, be backward + * compatible and prepend the '%h/' + */ + file = xmalloc(MAXPATHLEN); + cp = buffer_ptr(&buffer); + if (*cp != '/') + snprintf(file, MAXPATHLEN, "%s/%s", pw->pw_dir, cp); + else + strlcpy(file, cp, MAXPATHLEN); + + buffer_free(&buffer); + return file; +} + +char * +authorized_keys_file(struct passwd *pw) +{ + return expand_filename(options.authorized_keys_file, pw); +} + +char * +authorized_keys_file2(struct passwd *pw) +{ + return expand_filename(options.authorized_keys_file2, pw); +} + +/* return ok if key exists in sysfile or userfile */ +HostStatus +check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, + const char *sysfile, const char *userfile) +{ + Key *found; + char *user_hostfile; + struct stat st; + HostStatus host_status; + + /* Check if we know the host and its host key. */ + found = key_new(key->type); + host_status = check_host_in_hostfile(sysfile, host, key, found, NULL); + + if (host_status != HOST_OK && userfile != NULL) { + user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); + if (options.strict_modes && + (stat(user_hostfile, &st) == 0) && + ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || + (st.st_mode & 022) != 0)) { + log("Authentication refused for %.100s: " + "bad owner or modes for %.200s", + pw->pw_name, user_hostfile); + } else { + temporarily_use_uid(pw); + host_status = check_host_in_hostfile(user_hostfile, + host, key, found, NULL); + restore_uid(); + } + xfree(user_hostfile); + } + key_free(found); + + debug2("check_key_in_hostfiles: key %s for %s", host_status == HOST_OK ? + "ok" : "not found", host); + return host_status; +} + + +/* + * Check a given file for security. This is defined as all components + * of the path to the file must either be owned by either the owner of + * of the file or root and no directories must be group or world writable. + * + * XXX Should any specific check be done for sym links ? + * + * Takes an open file descriptor, the file name, a uid and and + * error buffer plus max size as arguments. + * + * Returns 0 on success and -1 on failure + */ +int +secure_filename(FILE *f, const char *file, struct passwd *pw, + char *err, size_t errlen) +{ + uid_t uid = pw->pw_uid; + char buf[MAXPATHLEN], homedir[MAXPATHLEN]; + char *cp; + struct stat st; + + if (realpath(file, buf) == NULL) { + snprintf(err, errlen, "realpath %s failed: %s", file, + strerror(errno)); + return -1; + } + if (realpath(pw->pw_dir, homedir) == NULL) { + snprintf(err, errlen, "realpath %s failed: %s", pw->pw_dir, + strerror(errno)); + return -1; + } + + /* check the open file to avoid races */ + if (fstat(fileno(f), &st) < 0 || + (st.st_uid != 0 && st.st_uid != uid) || + (st.st_mode & 022) != 0) { + snprintf(err, errlen, "bad ownership or modes for file %s", + buf); + return -1; + } + + /* for each component of the canonical path, walking upwards */ + for (;;) { + if ((cp = dirname(buf)) == NULL) { + snprintf(err, errlen, "dirname() failed"); + return -1; + } + strlcpy(buf, cp, sizeof(buf)); + + debug3("secure_filename: checking '%s'", buf); + if (stat(buf, &st) < 0 || + (st.st_uid != 0 && st.st_uid != uid) || + (st.st_mode & 022) != 0) { + snprintf(err, errlen, + "bad ownership or modes for directory %s", buf); + return -1; + } + + /* If are passed the homedir then we can stop */ + if (strcmp(homedir, buf) == 0) { + debug3("secure_filename: terminating check at '%s'", + buf); + break; + } + /* + * dirname should always complete with a "/" path, + * but we can be paranoid and check for "." too + */ + if ((strcmp("/", buf) == 0) || (strcmp(".", buf) == 0)) + break; + } + return 0; +} diff --git a/crypto/openssh/auth.h b/crypto/openssh/auth.h index 500b73a3f0f5..56ef2de0357a 100644 --- a/crypto/openssh/auth.h +++ b/crypto/openssh/auth.h @@ -1,3 +1,5 @@ +/* $OpenBSD: auth.h,v 1.29 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -21,11 +23,13 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $OpenBSD: auth.h,v 1.15 2001/04/12 19:15:24 markus Exp $ */ + #ifndef AUTH_H #define AUTH_H +#include "key.h" +#include "hostfile.h" #include <openssl/rsa.h> #ifdef HAVE_LOGIN_CAP @@ -34,107 +38,115 @@ #ifdef BSD_AUTH #include <bsd_auth.h> #endif +#ifdef KRB5 +#include <krb5.h> +#endif typedef struct Authctxt Authctxt; +typedef struct KbdintDevice KbdintDevice; + struct Authctxt { - int success; - int postponed; - int valid; - int attempt; - int failures; - char *user; - char *service; - struct passwd *pw; - char *style; + int success; + int postponed; + int valid; + int attempt; + int failures; + char *user; + char *service; + struct passwd *pw; + char *style; + void *kbdintctxt; #ifdef BSD_AUTH - auth_session_t *as; + auth_session_t *as; +#endif +#ifdef KRB4 + char *krb4_ticket_file; +#endif +#ifdef KRB5 + krb5_context krb5_ctx; + krb5_auth_context krb5_auth_ctx; + krb5_ccache krb5_fwd_ccache; + krb5_principal krb5_user; + char *krb5_ticket_file; #endif }; /* - * Tries to authenticate the user using the .rhosts file. Returns true if - * authentication succeeds. If ignore_rhosts is non-zero, this will not - * consider .rhosts and .shosts (/etc/hosts.equiv will still be used). + * Keyboard interactive device: + * init_ctx returns: non NULL upon success + * query returns: 0 - success, otherwise failure + * respond returns: 0 - success, 1 - need further interaction, + * otherwise - failure */ -int auth_rhosts(struct passwd * pw, const char *client_user); - -/* extended interface similar to auth_rhosts() */ -int -auth_rhosts2(struct passwd *pw, const char *client_user, const char *hostname, - const char *ipaddr); +struct KbdintDevice +{ + const char *name; + void* (*init_ctx)(Authctxt*); + int (*query)(void *ctx, char **name, char **infotxt, + u_int *numprompts, char ***prompts, u_int **echo_on); + int (*respond)(void *ctx, u_int numresp, char **responses); + void (*free_ctx)(void *ctx); +}; -/* - * Tries to authenticate the user using the .rhosts file and the host using - * its host key. Returns true if authentication succeeds. - */ +int auth_rhosts(struct passwd *, const char *); int -auth_rhosts_rsa(struct passwd * pw, const char *client_user, RSA* client_host_key); +auth_rhosts2(struct passwd *, const char *, const char *, const char *); -/* - * Tries to authenticate the user using password. Returns true if - * authentication succeeds. - */ -int auth_password(Authctxt *authctxt, const char *password); - -/* - * Performs the RSA authentication dialog with the client. This returns 0 if - * the client could not be authenticated, and 1 if authentication was - * successful. This may exit if there is a serious protocol violation. - */ -int auth_rsa(struct passwd * pw, BIGNUM * client_n); - -/* - * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer - * over the key. Skips any whitespace at the beginning and at end. - */ -int auth_rsa_read_key(char **cpp, u_int *bitsp, BIGNUM * e, BIGNUM * n); - -/* - * Performs the RSA authentication challenge-response dialog with the client, - * and returns true (non-zero) if the client gave the correct answer to our - * challenge; returns zero if the client gives a wrong answer. - */ -int auth_rsa_challenge_dialog(RSA *pk); +int auth_rhosts_rsa(struct passwd *, const char *, Key *); +int auth_password(Authctxt *, const char *); +int auth_rsa(struct passwd *, BIGNUM *); +int auth_rsa_challenge_dialog(RSA *); #ifdef KRB4 #include <krb.h> -/* - * Performs Kerberos v4 mutual authentication with the client. This returns 0 - * if the client could not be authenticated, and 1 if authentication was - * successful. This may exit if there is a serious protocol violation. - */ -int auth_krb4(const char *server_user, KTEXT auth, char **client); -int krb4_init(uid_t uid); -void krb4_cleanup_proc(void *ignore); -int auth_krb4_password(struct passwd * pw, const char *password); +int auth_krb4(Authctxt *, KTEXT, char **); +int auth_krb4_password(Authctxt *, const char *); +void krb4_cleanup_proc(void *); #ifdef AFS #include <kafs.h> +int auth_krb4_tgt(Authctxt *, const char *); +int auth_afs_token(Authctxt *, const char *); +#endif /* AFS */ -/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */ -int auth_kerberos_tgt(struct passwd * pw, const char *string); -int auth_afs_token(struct passwd * pw, const char *token_string); -#endif /* AFS */ +#endif /* KRB4 */ -#endif /* KRB4 */ +#ifdef KRB5 +int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client); +int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt); +int auth_krb5_password(Authctxt *authctxt, const char *password); +void krb5_cleanup_proc(void *authctxt); +#endif /* KRB5 */ void do_authentication(void); void do_authentication2(void); Authctxt *authctxt_new(void); -void auth_log(Authctxt *authctxt, int authenticated, char *method, char *info); -void userauth_finish(Authctxt *authctxt, int authenticated, char *method); -int auth_root_allowed(char *method); +void auth_log(Authctxt *, int, char *, char *); +void userauth_finish(Authctxt *, int, char *); +int auth_root_allowed(char *); -int auth2_challenge(Authctxt *authctxt, char *devs); +int auth2_challenge(Authctxt *, char *); +void auth2_challenge_stop(Authctxt *); -int allowed_user(struct passwd * pw); +int allowed_user(struct passwd *); -char *get_challenge(Authctxt *authctxt, char *devs); -int verify_response(Authctxt *authctxt, char *response); +char *get_challenge(Authctxt *); +int verify_response(Authctxt *, const char *); struct passwd * auth_get_user(void); +char *expand_filename(const char *, struct passwd *); +char *authorized_keys_file(struct passwd *); +char *authorized_keys_file2(struct passwd *); + +int +secure_filename(FILE *, const char *, struct passwd *, char *, size_t); + +HostStatus +check_key_in_hostfiles(struct passwd *, Key *, const char *, + const char *, const char *); + #define AUTH_FAIL_MAX 6 #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" diff --git a/crypto/openssh/auth1.c b/crypto/openssh/auth1.c index 00abdb2297a1..7460b6f57164 100644 --- a/crypto/openssh/auth1.c +++ b/crypto/openssh/auth1.c @@ -10,7 +10,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth1.c,v 1.22 2001/03/23 12:02:49 markus Exp $"); +RCSID("$OpenBSD: auth1.c,v 1.35 2002/02/03 17:53:25 markus Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -22,8 +22,10 @@ RCSID("$OpenBSD: auth1.c,v 1.22 2001/03/23 12:02:49 markus Exp $"); #include "servconf.h" #include "compat.h" #include "auth.h" +#include "channels.h" #include "session.h" #include "misc.h" +#include "uidswap.h" /* import */ extern ServerOptions options; @@ -31,7 +33,7 @@ extern ServerOptions options; /* * convert ssh auth msg type into description */ -char * +static char * get_authname(int type) { static char buf[1024]; @@ -47,7 +49,7 @@ get_authname(int type) case SSH_CMSG_AUTH_TIS: case SSH_CMSG_AUTH_TIS_RESPONSE: return "challenge-response"; -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) case SSH_CMSG_AUTH_KERBEROS: return "kerberos"; #endif @@ -60,27 +62,26 @@ get_authname(int type) * read packets, try to authenticate the user and * return only if authentication is successful */ -void +static void do_authloop(Authctxt *authctxt) { int authenticated = 0; u_int bits; - RSA *client_host_key; + Key *client_host_key; BIGNUM *n; char *client_user, *password; char info[1024]; u_int dlen; - int plen, nlen, elen; u_int ulen; int type = 0; struct passwd *pw = authctxt->pw; debug("Attempting authentication for %s%.100s.", - authctxt->valid ? "" : "illegal user ", authctxt->user); + authctxt->valid ? "" : "illegal user ", authctxt->user); /* If the user has no password, accept authentication immediately. */ if (options.password_authentication && -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) (!options.kerberos_authentication || options.kerberos_or_local_passwd) && #endif auth_password(authctxt, "")) { @@ -100,65 +101,66 @@ do_authloop(Authctxt *authctxt) info[0] = '\0'; /* Get a packet from the client. */ - type = packet_read(&plen); + type = packet_read(); /* Process the packet. */ switch (type) { -#ifdef AFS - case SSH_CMSG_HAVE_KERBEROS_TGT: - if (!options.kerberos_tgt_passing) { - verbose("Kerberos tgt passing disabled."); - break; - } else { - /* Accept Kerberos tgt. */ - char *tgt = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); - if (!auth_kerberos_tgt(pw, tgt)) - verbose("Kerberos tgt REFUSED for %.100s", authctxt->user); - xfree(tgt); - } - continue; - case SSH_CMSG_HAVE_AFS_TOKEN: - if (!options.afs_token_passing || !k_hasafs()) { - verbose("AFS token passing disabled."); - break; - } else { - /* Accept AFS token. */ - char *token_string = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); - if (!auth_afs_token(pw, token_string)) - verbose("AFS token REFUSED for %.100s", authctxt->user); - xfree(token_string); - } - continue; -#endif /* AFS */ -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) case SSH_CMSG_AUTH_KERBEROS: if (!options.kerberos_authentication) { verbose("Kerberos authentication disabled."); - break; } else { - /* Try Kerberos v4 authentication. */ - KTEXT_ST auth; - char *tkt_user = NULL; - char *kdata = packet_get_string((u_int *) &auth.length); - packet_integrity_check(plen, 4 + auth.length, type); - - if (authctxt->valid) { - if (auth.length < MAX_KTXT_LEN) - memcpy(auth.dat, kdata, auth.length); - authenticated = auth_krb4(pw->pw_name, &auth, &tkt_user); - if (authenticated) { - snprintf(info, sizeof info, - " tktuser %.100s", tkt_user); - xfree(tkt_user); + char *kdata = packet_get_string(&dlen); + packet_check_eom(); + + if (kdata[0] == 4) { /* KRB_PROT_VERSION */ +#ifdef KRB4 + KTEXT_ST tkt; + + tkt.length = dlen; + if (tkt.length < MAX_KTXT_LEN) + memcpy(tkt.dat, kdata, tkt.length); + + if (auth_krb4(authctxt, &tkt, &client_user)) { + authenticated = 1; + snprintf(info, sizeof(info), + " tktuser %.100s", + client_user); + xfree(client_user); } +#endif /* KRB4 */ + } else { +#ifdef KRB5 + krb5_data tkt; + tkt.length = dlen; + tkt.data = kdata; + + if (auth_krb5(authctxt, &tkt, &client_user)) { + authenticated = 1; + snprintf(info, sizeof(info), + " tktuser %.100s", + client_user); + xfree(client_user); + } +#endif /* KRB5 */ } xfree(kdata); } break; -#endif /* KRB4 */ +#endif /* KRB4 || KRB5 */ + +#if defined(AFS) || defined(KRB5) + /* XXX - punt on backward compatibility here. */ + case SSH_CMSG_HAVE_KERBEROS_TGT: + packet_send_debug("Kerberos TGT passing disabled before authentication."); + break; +#ifdef AFS + case SSH_CMSG_HAVE_AFS_TOKEN: + packet_send_debug("AFS token passing disabled before authentication."); + break; +#endif /* AFS */ +#endif /* AFS || KRB5 */ case SSH_CMSG_AUTH_RHOSTS: if (!options.rhosts_authentication) { @@ -172,7 +174,7 @@ do_authloop(Authctxt *authctxt) * IP-spoofing on a local network.) */ client_user = packet_get_string(&ulen); - packet_integrity_check(plen, 4 + ulen, type); + packet_check_eom(); /* Try to authenticate using /etc/hosts.equiv and .rhosts. */ authenticated = auth_rhosts(pw, client_user); @@ -194,24 +196,20 @@ do_authloop(Authctxt *authctxt) client_user = packet_get_string(&ulen); /* Get the client host key. */ - client_host_key = RSA_new(); - if (client_host_key == NULL) - fatal("RSA_new failed"); - client_host_key->e = BN_new(); - client_host_key->n = BN_new(); - if (client_host_key->e == NULL || client_host_key->n == NULL) - fatal("BN_new failed"); + client_host_key = key_new(KEY_RSA1); bits = packet_get_int(); - packet_get_bignum(client_host_key->e, &elen); - packet_get_bignum(client_host_key->n, &nlen); + packet_get_bignum(client_host_key->rsa->e); + packet_get_bignum(client_host_key->rsa->n); - if (bits != BN_num_bits(client_host_key->n)) + if (bits != BN_num_bits(client_host_key->rsa->n)) verbose("Warning: keysize mismatch for client_host_key: " - "actual %d, announced %d", BN_num_bits(client_host_key->n), bits); - packet_integrity_check(plen, (4 + ulen) + 4 + elen + nlen, type); + "actual %d, announced %d", + BN_num_bits(client_host_key->rsa->n), bits); + packet_check_eom(); - authenticated = auth_rhosts_rsa(pw, client_user, client_host_key); - RSA_free(client_host_key); + authenticated = auth_rhosts_rsa(pw, client_user, + client_host_key); + key_free(client_host_key); snprintf(info, sizeof info, " ruser %.100s", client_user); xfree(client_user); @@ -223,9 +221,10 @@ do_authloop(Authctxt *authctxt) break; } /* RSA authentication requested. */ - n = BN_new(); - packet_get_bignum(n, &nlen); - packet_integrity_check(plen, nlen, type); + if ((n = BN_new()) == NULL) + fatal("do_authloop: BN_new failed"); + packet_get_bignum(n); + packet_check_eom(); authenticated = auth_rsa(pw, n); BN_clear_free(n); break; @@ -241,7 +240,7 @@ do_authloop(Authctxt *authctxt) * not visible to an outside observer. */ password = packet_get_string(&dlen); - packet_integrity_check(plen, 4 + dlen, type); + packet_check_eom(); /* Try authentication with the password. */ authenticated = auth_password(authctxt, password); @@ -252,12 +251,13 @@ do_authloop(Authctxt *authctxt) case SSH_CMSG_AUTH_TIS: debug("rcvd SSH_CMSG_AUTH_TIS"); - if (options.challenge_reponse_authentication == 1) { - char *challenge = get_challenge(authctxt, authctxt->style); + if (options.challenge_response_authentication == 1) { + char *challenge = get_challenge(authctxt); if (challenge != NULL) { debug("sending challenge '%s'", challenge); packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE); packet_put_cstring(challenge); + xfree(challenge); packet_send(); packet_write_wait(); continue; @@ -266,10 +266,10 @@ do_authloop(Authctxt *authctxt) break; case SSH_CMSG_AUTH_TIS_RESPONSE: debug("rcvd SSH_CMSG_AUTH_TIS_RESPONSE"); - if (options.challenge_reponse_authentication == 1) { + if (options.challenge_response_authentication == 1) { char *response = packet_get_string(&dlen); debug("got response '%s'", response); - packet_integrity_check(plen, 4 + dlen, type); + packet_check_eom(); authenticated = verify_response(authctxt, response); memset(response, 'r', dlen); xfree(response); @@ -319,23 +319,26 @@ do_authloop(Authctxt *authctxt) * been exchanged and encryption is enabled. */ void -do_authentication() +do_authentication(void) { Authctxt *authctxt; struct passwd *pw; - int plen; u_int ulen; - char *user, *style = NULL; + char *p, *user, *style = NULL; /* Get the name of the user that we wish to log in as. */ - packet_read_expect(&plen, SSH_CMSG_USER); + packet_read_expect(SSH_CMSG_USER); /* Get the user name. */ user = packet_get_string(&ulen); - packet_integrity_check(plen, (4 + ulen), SSH_CMSG_USER); + packet_check_eom(); if ((style = strchr(user, ':')) != NULL) - *style++ = 0; + *style++ = '\0'; + + /* XXX - SSH.com Kerberos v5 braindeath. */ + if ((p = strchr(user, '@')) != NULL) + *p = '\0'; authctxt = authctxt_new(); authctxt->user = user; diff --git a/crypto/openssh/auth2-chall.c b/crypto/openssh/auth2-chall.c index 5af60e42fa0f..9f1d932756b3 100644 --- a/crypto/openssh/auth2-chall.c +++ b/crypto/openssh/auth2-chall.c @@ -1,5 +1,6 @@ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. + * Copyright (c) 2001 Per Allansson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -22,91 +23,290 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: auth2-chall.c,v 1.4 2001/03/28 22:43:31 markus Exp $"); +RCSID("$OpenBSD: auth2-chall.c,v 1.16 2002/01/13 17:57:37 markus Exp $"); #include "ssh2.h" #include "auth.h" +#include "buffer.h" #include "packet.h" #include "xmalloc.h" #include "dispatch.h" +#include "auth.h" #include "log.h" -void send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo); -void input_userauth_info_response(int type, int plen, void *ctxt); +static int auth2_challenge_start(Authctxt *); +static int send_userauth_info_request(Authctxt *); +static void input_userauth_info_response(int, u_int32_t, void *); + +#ifdef BSD_AUTH +extern KbdintDevice bsdauth_device; +#else +#ifdef SKEY +extern KbdintDevice skey_device; +#endif +#endif + +KbdintDevice *devices[] = { +#ifdef BSD_AUTH + &bsdauth_device, +#else +#ifdef SKEY + &skey_device, +#endif +#endif + NULL +}; + +typedef struct KbdintAuthctxt KbdintAuthctxt; +struct KbdintAuthctxt +{ + char *devices; + void *ctxt; + KbdintDevice *device; +}; + +static KbdintAuthctxt * +kbdint_alloc(const char *devs) +{ + KbdintAuthctxt *kbdintctxt; + Buffer b; + int i; + + kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); + if (strcmp(devs, "") == 0) { + buffer_init(&b); + for (i = 0; devices[i]; i++) { + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + buffer_append(&b, devices[i]->name, + strlen(devices[i]->name)); + } + buffer_append(&b, "\0", 1); + kbdintctxt->devices = xstrdup(buffer_ptr(&b)); + buffer_free(&b); + } else { + kbdintctxt->devices = xstrdup(devs); + } + debug("kbdint_alloc: devices '%s'", kbdintctxt->devices); + kbdintctxt->ctxt = NULL; + kbdintctxt->device = NULL; + + return kbdintctxt; +} +static void +kbdint_reset_device(KbdintAuthctxt *kbdintctxt) +{ + if (kbdintctxt->ctxt) { + kbdintctxt->device->free_ctx(kbdintctxt->ctxt); + kbdintctxt->ctxt = NULL; + } + kbdintctxt->device = NULL; +} +static void +kbdint_free(KbdintAuthctxt *kbdintctxt) +{ + if (kbdintctxt->device) + kbdint_reset_device(kbdintctxt); + if (kbdintctxt->devices) { + xfree(kbdintctxt->devices); + kbdintctxt->devices = NULL; + } + xfree(kbdintctxt); +} +/* get next device */ +static int +kbdint_next_device(KbdintAuthctxt *kbdintctxt) +{ + size_t len; + char *t; + int i; + + if (kbdintctxt->device) + kbdint_reset_device(kbdintctxt); + do { + len = kbdintctxt->devices ? + strcspn(kbdintctxt->devices, ",") : 0; + + if (len == 0) + break; + for (i = 0; devices[i]; i++) + if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + kbdintctxt->device = devices[i]; + t = kbdintctxt->devices; + kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; + xfree(t); + debug2("kbdint_next_device: devices %s", kbdintctxt->devices ? + kbdintctxt->devices : "<empty>"); + } while (kbdintctxt->devices && !kbdintctxt->device); + + return kbdintctxt->device ? 1 : 0; +} /* - * try challenge-reponse, return -1 (= postponed) if we have to + * try challenge-response, set authctxt->postponed if we have to * wait for the response. */ int auth2_challenge(Authctxt *authctxt, char *devs) { - char *challenge; + debug("auth2_challenge: user=%s devs=%s", + authctxt->user ? authctxt->user : "<nouser>", + devs ? devs : "<no devs>"); + + if (authctxt->user == NULL || !devs) + return 0; + if (authctxt->kbdintctxt == NULL) + authctxt->kbdintctxt = kbdint_alloc(devs); + return auth2_challenge_start(authctxt); +} + +/* unregister kbd-int callbacks and context */ +void +auth2_challenge_stop(Authctxt *authctxt) +{ + /* unregister callback */ + dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); + if (authctxt->kbdintctxt != NULL) { + kbdint_free(authctxt->kbdintctxt); + authctxt->kbdintctxt = NULL; + } +} + +/* side effect: sets authctxt->postponed if a reply was sent*/ +static int +auth2_challenge_start(Authctxt *authctxt) +{ + KbdintAuthctxt *kbdintctxt = authctxt->kbdintctxt; + + debug2("auth2_challenge_start: devices %s", + kbdintctxt->devices ? kbdintctxt->devices : "<empty>"); - if (!authctxt->valid || authctxt->user == NULL) + if (kbdint_next_device(kbdintctxt) == 0) { + auth2_challenge_stop(authctxt); return 0; - if ((challenge = get_challenge(authctxt, devs)) == NULL) + } + debug("auth2_challenge_start: trying authentication method '%s'", + kbdintctxt->device->name); + + if ((kbdintctxt->ctxt = kbdintctxt->device->init_ctx(authctxt)) == NULL) { + auth2_challenge_stop(authctxt); return 0; - send_userauth_into_request(authctxt, challenge, 0); + } + if (send_userauth_info_request(authctxt) == 0) { + auth2_challenge_stop(authctxt); + return 0; + } dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &input_userauth_info_response); + authctxt->postponed = 1; return 0; } -void -send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo) +static int +send_userauth_info_request(Authctxt *authctxt) { - int nprompts = 1; + KbdintAuthctxt *kbdintctxt; + char *name, *instr, **prompts; + int i; + u_int numprompts, *echo_on; + + kbdintctxt = authctxt->kbdintctxt; + if (kbdintctxt->device->query(kbdintctxt->ctxt, + &name, &instr, &numprompts, &prompts, &echo_on)) + return 0; packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST); - /* name, instruction and language are unused */ - packet_put_cstring(""); - packet_put_cstring(""); - packet_put_cstring(""); - packet_put_int(nprompts); - packet_put_cstring(challenge); - packet_put_char(echo); + packet_put_cstring(name); + packet_put_cstring(instr); + packet_put_cstring(""); /* language not used */ + packet_put_int(numprompts); + for (i = 0; i < numprompts; i++) { + packet_put_cstring(prompts[i]); + packet_put_char(echo_on[i]); + } packet_send(); packet_write_wait(); + + for (i = 0; i < numprompts; i++) + xfree(prompts[i]); + xfree(prompts); + xfree(echo_on); + xfree(name); + xfree(instr); + return 1; } -void -input_userauth_info_response(int type, int plen, void *ctxt) +static void +input_userauth_info_response(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; - int authenticated = 0; - u_int nresp, rlen; - char *response, *method = "challenge-reponse"; + KbdintAuthctxt *kbdintctxt; + int i, authenticated = 0, res, len; + u_int nresp; + char **response = NULL, *method; if (authctxt == NULL) fatal("input_userauth_info_response: no authctxt"); + kbdintctxt = authctxt->kbdintctxt; + if (kbdintctxt == NULL || kbdintctxt->ctxt == NULL) + fatal("input_userauth_info_response: no kbdintctxt"); + if (kbdintctxt->device == NULL) + fatal("input_userauth_info_response: no device"); authctxt->postponed = 0; /* reset */ nresp = packet_get_int(); - if (nresp == 1) { - response = packet_get_string(&rlen); - packet_done(); - if (strlen(response) == 0) { - /* - * if we received an empty response, resend challenge - * with echo enabled - */ - char *challenge = get_challenge(authctxt, NULL); - if (challenge != NULL) { - send_userauth_into_request(authctxt, - challenge, 1); - authctxt->postponed = 1; - } - } else if (authctxt->valid) { - authenticated = verify_response(authctxt, response); - memset(response, 'r', rlen); - } + if (nresp > 0) { + response = xmalloc(nresp * sizeof(char*)); + for (i = 0; i < nresp; i++) + response[i] = packet_get_string(NULL); + } + packet_check_eom(); + + if (authctxt->valid) { + res = kbdintctxt->device->respond(kbdintctxt->ctxt, + nresp, response); + } else { + res = -1; + } + + for (i = 0; i < nresp; i++) { + memset(response[i], 'r', strlen(response[i])); + xfree(response[i]); + } + if (response) xfree(response); + + switch (res) { + case 0: + /* Success! */ + authenticated = 1; + break; + case 1: + /* Authentication needs further interaction */ + if (send_userauth_info_request(authctxt) == 1) + authctxt->postponed = 1; + break; + default: + /* Failure! */ + break; } - /* unregister callback */ - if (!authctxt->postponed) - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL); + len = strlen("keyboard-interactive") + 2 + + strlen(kbdintctxt->device->name); + method = xmalloc(len); + snprintf(method, len, "keyboard-interactive/%s", + kbdintctxt->device->name); + + if (!authctxt->postponed) { + if (authenticated) { + auth2_challenge_stop(authctxt); + } else { + /* start next device */ + /* may set authctxt->postponed */ + auth2_challenge_start(authctxt); + } + } userauth_finish(authctxt, authenticated, method); + xfree(method); } diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index f2ee9a2dbc1e..21f46a3fcf61 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth2.c,v 1.56 2001/04/19 00:05:11 markus Exp $"); +RCSID("$OpenBSD: auth2.c,v 1.85 2002/02/24 19:14:59 markus Exp $"); #include <openssl/evp.h> @@ -50,7 +50,7 @@ RCSID("$OpenBSD: auth2.c,v 1.56 2001/04/19 00:05:11 markus Exp $"); #include "misc.h" #include "hostfile.h" #include "canohost.h" -#include "tildexpand.h" +#include "match.h" /* import */ extern ServerOptions options; @@ -69,26 +69,22 @@ struct Authmethod { /* protocol */ -void input_service_request(int type, int plen, void *ctxt); -void input_userauth_request(int type, int plen, void *ctxt); -void protocol_error(int type, int plen, void *ctxt); +static void input_service_request(int, u_int32_t, void *); +static void input_userauth_request(int, u_int32_t, void *); /* helper */ -Authmethod *authmethod_lookup(const char *name); -char *authmethods_get(void); -int user_key_allowed(struct passwd *pw, Key *key); -int -hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, - Key *key); +static Authmethod *authmethod_lookup(const char *); +static char *authmethods_get(void); +static int user_key_allowed(struct passwd *, Key *); +static int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); /* auth */ -void userauth_banner(void); -void userauth_reply(Authctxt *authctxt, int authenticated); -int userauth_none(Authctxt *authctxt); -int userauth_passwd(Authctxt *authctxt); -int userauth_pubkey(Authctxt *authctxt); -int userauth_hostbased(Authctxt *authctxt); -int userauth_kbdint(Authctxt *authctxt); +static void userauth_banner(void); +static int userauth_none(Authctxt *); +static int userauth_passwd(Authctxt *); +static int userauth_pubkey(Authctxt *); +static int userauth_hostbased(Authctxt *); +static int userauth_kbdint(Authctxt *); Authmethod authmethods[] = { {"none", @@ -114,40 +110,30 @@ Authmethod authmethods[] = { */ void -do_authentication2() +do_authentication2(void) { Authctxt *authctxt = authctxt_new(); x_authctxt = authctxt; /*XXX*/ - /* challenge-reponse is implemented via keyboard interactive */ - if (options.challenge_reponse_authentication) + /* challenge-response is implemented via keyboard interactive */ + if (options.challenge_response_authentication) options.kbd_interactive_authentication = 1; - dispatch_init(&protocol_error); + dispatch_init(&dispatch_protocol_error); dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request); dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt); do_authenticated(authctxt); } -void -protocol_error(int type, int plen, void *ctxt) -{ - log("auth: protocol error: type %d plen %d", type, plen); - packet_start(SSH2_MSG_UNIMPLEMENTED); - packet_put_int(0); - packet_send(); - packet_write_wait(); -} - -void -input_service_request(int type, int plen, void *ctxt) +static void +input_service_request(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; u_int len; int accept = 0; char *service = packet_get_string(&len); - packet_done(); + packet_check_eom(); if (authctxt == NULL) fatal("input_service_request: no authctxt"); @@ -173,8 +159,8 @@ input_service_request(int type, int plen, void *ctxt) xfree(service); } -void -input_userauth_request(int type, int plen, void *ctxt) +static void +input_userauth_request(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; Authmethod *m = NULL; @@ -207,24 +193,16 @@ input_userauth_request(int type, int plen, void *ctxt) setproctitle("%s", pw ? user : "unknown"); authctxt->user = xstrdup(user); authctxt->service = xstrdup(service); - authctxt->style = style ? xstrdup(style) : NULL; /* currently unused */ - } else if (authctxt->valid) { - if (strcmp(user, authctxt->user) != 0 || - strcmp(service, authctxt->service) != 0) { - log("input_userauth_request: mismatch: (%s,%s)!=(%s,%s)", - user, service, authctxt->user, authctxt->service); - authctxt->valid = 0; - } + authctxt->style = style ? xstrdup(style) : NULL; + } else if (strcmp(user, authctxt->user) != 0 || + strcmp(service, authctxt->service) != 0) { + packet_disconnect("Change of username or service not allowed: " + "(%s,%s) -> (%s,%s)", + authctxt->user, authctxt->service, user, service); } /* reset state */ - dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &protocol_error); + auth2_challenge_stop(authctxt); authctxt->postponed = 0; -#ifdef BSD_AUTH - if (authctxt->as) { - auth_close(authctxt->as); - authctxt->as = NULL; - } -#endif /* try to authenticate user */ m = authmethod_lookup(method); @@ -242,6 +220,8 @@ input_userauth_request(int type, int plen, void *ctxt) void userauth_finish(Authctxt *authctxt, int authenticated, char *method) { + char *methods; + if (!authctxt->valid && authenticated) fatal("INTERNAL ERROR: authenticated invalid user %s", authctxt->user); @@ -254,11 +234,32 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method) /* Log before sending the reply */ auth_log(authctxt, authenticated, method, " ssh2"); - if (!authctxt->postponed) - userauth_reply(authctxt, authenticated); + if (authctxt->postponed) + return; + + /* XXX todo: check if multiple auth methods are needed */ + if (authenticated == 1) { + /* turn off userauth */ + dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &dispatch_protocol_ignore); + packet_start(SSH2_MSG_USERAUTH_SUCCESS); + packet_send(); + packet_write_wait(); + /* now we can break out */ + authctxt->success = 1; + } else { + if (authctxt->failures++ > AUTH_FAIL_MAX) + packet_disconnect(AUTH_FAIL_MSG, authctxt->user); + methods = authmethods_get(); + packet_start(SSH2_MSG_USERAUTH_FAILURE); + packet_put_cstring(methods); + packet_put_char(0); /* XXX partial success, unused */ + packet_send(); + packet_write_wait(); + xfree(methods); + } } -void +static void userauth_banner(void) { struct stat st; @@ -289,46 +290,19 @@ done: return; } -void -userauth_reply(Authctxt *authctxt, int authenticated) -{ - char *methods; - - /* XXX todo: check if multiple auth methods are needed */ - if (authenticated == 1) { - /* turn off userauth */ - dispatch_set(SSH2_MSG_USERAUTH_REQUEST, &protocol_error); - packet_start(SSH2_MSG_USERAUTH_SUCCESS); - packet_send(); - packet_write_wait(); - /* now we can break out */ - authctxt->success = 1; - } else { - if (authctxt->failures++ > AUTH_FAIL_MAX) - packet_disconnect(AUTH_FAIL_MSG, authctxt->user); - methods = authmethods_get(); - packet_start(SSH2_MSG_USERAUTH_FAILURE); - packet_put_cstring(methods); - packet_put_char(0); /* XXX partial success, unused */ - packet_send(); - packet_write_wait(); - xfree(methods); - } -} - -int +static int userauth_none(Authctxt *authctxt) { /* disable method "none", only allowed one time */ Authmethod *m = authmethod_lookup("none"); if (m != NULL) m->enabled = NULL; - packet_done(); + packet_check_eom(); userauth_banner(); return authctxt->valid ? auth_password(authctxt, "") : 0; } -int +static int userauth_passwd(Authctxt *authctxt) { char *password; @@ -339,7 +313,7 @@ userauth_passwd(Authctxt *authctxt) if (change) log("password change not supported"); password = packet_get_string(&len); - packet_done(); + packet_check_eom(); if (authctxt->valid && auth_password(authctxt, password) == 1) authenticated = 1; @@ -348,33 +322,33 @@ userauth_passwd(Authctxt *authctxt) return authenticated; } -int +static int userauth_kbdint(Authctxt *authctxt) { int authenticated = 0; - char *lang = NULL; - char *devs = NULL; + char *lang, *devs; lang = packet_get_string(NULL); devs = packet_get_string(NULL); - packet_done(); + packet_check_eom(); - debug("keyboard-interactive language %s devs %s", lang, devs); + debug("keyboard-interactive devs %s", devs); - if (options.challenge_reponse_authentication) + if (options.challenge_response_authentication) authenticated = auth2_challenge(authctxt, devs); - xfree(lang); xfree(devs); + xfree(lang); return authenticated; } -int +static int userauth_pubkey(Authctxt *authctxt) { Buffer b; - Key *key; - char *pkalg, *pkblob, *sig; + Key *key = NULL; + char *pkalg; + u_char *pkblob, *sig; u_int alen, blen, slen; int have_sig, pktype; int authenticated = 0; @@ -400,83 +374,92 @@ userauth_pubkey(Authctxt *authctxt) pktype = key_type_from_name(pkalg); if (pktype == KEY_UNSPEC) { /* this is perfectly legal */ - log("userauth_pubkey: unsupported public key algorithm: %s", pkalg); - xfree(pkalg); - xfree(pkblob); - return 0; + log("userauth_pubkey: unsupported public key algorithm: %s", + pkalg); + goto done; } key = key_from_blob(pkblob, blen); - if (key != NULL) { - if (have_sig) { - sig = packet_get_string(&slen); - packet_done(); - buffer_init(&b); - if (datafellows & SSH_OLD_SESSIONID) { - buffer_append(&b, session_id2, session_id2_len); - } else { - buffer_put_string(&b, session_id2, session_id2_len); - } - /* reconstruct packet */ - buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); - buffer_put_cstring(&b, authctxt->user); - buffer_put_cstring(&b, - datafellows & SSH_BUG_PKSERVICE ? - "ssh-userauth" : - authctxt->service); - if (datafellows & SSH_BUG_PKAUTH) { - buffer_put_char(&b, have_sig); - } else { - buffer_put_cstring(&b, "publickey"); - buffer_put_char(&b, have_sig); - buffer_put_cstring(&b, pkalg); - } - buffer_put_string(&b, pkblob, blen); + if (key == NULL) { + error("userauth_pubkey: cannot decode key: %s", pkalg); + goto done; + } + if (key->type != pktype) { + error("userauth_pubkey: type mismatch for decoded key " + "(received %d, expected %d)", key->type, pktype); + goto done; + } + if (have_sig) { + sig = packet_get_string(&slen); + packet_check_eom(); + buffer_init(&b); + if (datafellows & SSH_OLD_SESSIONID) { + buffer_append(&b, session_id2, session_id2_len); + } else { + buffer_put_string(&b, session_id2, session_id2_len); + } + /* reconstruct packet */ + buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); + buffer_put_cstring(&b, authctxt->user); + buffer_put_cstring(&b, + datafellows & SSH_BUG_PKSERVICE ? + "ssh-userauth" : + authctxt->service); + if (datafellows & SSH_BUG_PKAUTH) { + buffer_put_char(&b, have_sig); + } else { + buffer_put_cstring(&b, "publickey"); + buffer_put_char(&b, have_sig); + buffer_put_cstring(&b, pkalg); + } + buffer_put_string(&b, pkblob, blen); #ifdef DEBUG_PK - buffer_dump(&b); + buffer_dump(&b); #endif - /* test for correct signature */ - if (user_key_allowed(authctxt->pw, key) && - key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) - authenticated = 1; - buffer_clear(&b); - xfree(sig); - } else { - debug("test whether pkalg/pkblob are acceptable"); - packet_done(); - - /* XXX fake reply and always send PK_OK ? */ - /* - * XXX this allows testing whether a user is allowed - * to login: if you happen to have a valid pubkey this - * message is sent. the message is NEVER sent at all - * if a user is not allowed to login. is this an - * issue? -markus - */ - if (user_key_allowed(authctxt->pw, key)) { - packet_start(SSH2_MSG_USERAUTH_PK_OK); - packet_put_string(pkalg, alen); - packet_put_string(pkblob, blen); - packet_send(); - packet_write_wait(); - authctxt->postponed = 1; - } + /* test for correct signature */ + if (user_key_allowed(authctxt->pw, key) && + key_verify(key, sig, slen, buffer_ptr(&b), buffer_len(&b)) == 1) + authenticated = 1; + buffer_clear(&b); + xfree(sig); + } else { + debug("test whether pkalg/pkblob are acceptable"); + packet_check_eom(); + + /* XXX fake reply and always send PK_OK ? */ + /* + * XXX this allows testing whether a user is allowed + * to login: if you happen to have a valid pubkey this + * message is sent. the message is NEVER sent at all + * if a user is not allowed to login. is this an + * issue? -markus + */ + if (user_key_allowed(authctxt->pw, key)) { + packet_start(SSH2_MSG_USERAUTH_PK_OK); + packet_put_string(pkalg, alen); + packet_put_string(pkblob, blen); + packet_send(); + packet_write_wait(); + authctxt->postponed = 1; } - if (authenticated != 1) - auth_clear_options(); - key_free(key); } + if (authenticated != 1) + auth_clear_options(); +done: debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); + if (key != NULL) + key_free(key); xfree(pkalg); xfree(pkblob); return authenticated; } -int +static int userauth_hostbased(Authctxt *authctxt) { Buffer b; - Key *key; - char *pkalg, *pkblob, *sig, *cuser, *chost, *service; + Key *key = NULL; + char *pkalg, *cuser, *chost, *service; + u_char *pkblob, *sig; u_int alen, blen, slen; int pktype; int authenticated = 0; @@ -509,7 +492,12 @@ userauth_hostbased(Authctxt *authctxt) } key = key_from_blob(pkblob, blen); if (key == NULL) { - debug("userauth_hostbased: cannot decode key: %s", pkalg); + error("userauth_hostbased: cannot decode key: %s", pkalg); + goto done; + } + if (key->type != pktype) { + error("userauth_hostbased: type mismatch for decoded key " + "(received %d, expected %d)", key->type, pktype); goto done; } service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : @@ -534,10 +522,10 @@ userauth_hostbased(Authctxt *authctxt) authenticated = 1; buffer_clear(&b); - key_free(key); - done: debug2("userauth_hostbased: authenticated %d", authenticated); + if (key != NULL) + key_free(key); xfree(pkalg); xfree(pkblob); xfree(cuser); @@ -556,39 +544,30 @@ auth_get_user(void) #define DELIM "," -char * +static char * authmethods_get(void) { Authmethod *method = NULL; - u_int size = 0; + Buffer b; char *list; + buffer_init(&b); for (method = authmethods; method->name != NULL; method++) { if (strcmp(method->name, "none") == 0) continue; if (method->enabled != NULL && *(method->enabled) != 0) { - if (size != 0) - size += strlen(DELIM); - size += strlen(method->name); - } - } - size++; /* trailing '\0' */ - list = xmalloc(size); - list[0] = '\0'; - - for (method = authmethods; method->name != NULL; method++) { - if (strcmp(method->name, "none") == 0) - continue; - if (method->enabled != NULL && *(method->enabled) != 0) { - if (list[0] != '\0') - strlcat(list, DELIM, size); - strlcat(list, method->name, size); + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + buffer_append(&b, method->name, strlen(method->name)); } } + buffer_append(&b, "\0", 1); + list = xstrdup(buffer_ptr(&b)); + buffer_free(&b); return list; } -Authmethod * +static Authmethod * authmethod_lookup(const char *name) { Authmethod *method = NULL; @@ -603,15 +582,16 @@ authmethod_lookup(const char *name) } /* return 1 if user allows given key */ -int -user_key_allowed(struct passwd *pw, Key *key) +static int +user_key_allowed2(struct passwd *pw, Key *key, char *file) { - char line[8192], file[MAXPATHLEN]; + char line[8192]; int found_key = 0; FILE *f; u_long linenum = 0; struct stat st; Key *found; + char *fp; if (pw == NULL) return 0; @@ -619,9 +599,7 @@ user_key_allowed(struct passwd *pw, Key *key) /* Temporarily use the user's uid. */ temporarily_use_uid(pw); - /* The authorized keys. */ - snprintf(file, sizeof file, "%.500s/%.100s", pw->pw_dir, - _PATH_SSH_USER_PERMITTED_KEYS2); + debug("trying public key file %s", file); /* Fail quietly if file does not exist */ if (stat(file, &st) < 0) { @@ -636,46 +614,14 @@ user_key_allowed(struct passwd *pw, Key *key) restore_uid(); return 0; } - if (options.strict_modes) { - int fail = 0; - char buf[1024]; - /* Check open file in order to avoid open/stat races */ - if (fstat(fileno(f), &st) < 0 || - (st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0) { - snprintf(buf, sizeof buf, - "%s authentication refused for %.100s: " - "bad ownership or modes for '%s'.", - key_type(key), pw->pw_name, file); - fail = 1; - } else { - /* Check path to _PATH_SSH_USER_PERMITTED_KEYS */ - int i; - static const char *check[] = { - "", _PATH_SSH_USER_DIR, NULL - }; - for (i = 0; check[i]; i++) { - snprintf(line, sizeof line, "%.500s/%.100s", - pw->pw_dir, check[i]); - if (stat(line, &st) < 0 || - (st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0) { - snprintf(buf, sizeof buf, - "%s authentication refused for %.100s: " - "bad ownership or modes for '%s'.", - key_type(key), pw->pw_name, line); - fail = 1; - break; - } - } - } - if (fail) { - fclose(f); - log("%s", buf); - restore_uid(); - return 0; - } + if (options.strict_modes && + secure_filename(f, file, pw, line, sizeof(line)) != 0) { + fclose(f); + log("Authentication refused: %s", line); + restore_uid(); + return 0; } + found_key = 0; found = key_new(key->type); @@ -688,7 +634,7 @@ user_key_allowed(struct passwd *pw, Key *key) if (!*cp || *cp == '\n' || *cp == '#') continue; - if (key_read(found, &cp) == -1) { + if (key_read(found, &cp) != 1) { /* no key? check if there are options for this key */ int quoted = 0; debug2("user_key_allowed: check options: '%s'", cp); @@ -702,7 +648,7 @@ user_key_allowed(struct passwd *pw, Key *key) /* Skip remaining whitespace. */ for (; *cp == ' ' || *cp == '\t'; cp++) ; - if (key_read(found, &cp) == -1) { + if (key_read(found, &cp) != 1) { debug2("user_key_allowed: advance: '%s'", cp); /* still no key? advance to next line*/ continue; @@ -711,8 +657,12 @@ user_key_allowed(struct passwd *pw, Key *key) if (key_equal(found, key) && auth_parse_options(pw, options, file, linenum) == 1) { found_key = 1; - debug("matching key found: file %s, line %ld", + debug("matching key found: file %s, line %lu", file, linenum); + fp = key_fingerprint(found, SSH_FP_MD5, SSH_FP_HEX); + verbose("Found matching %s key: %s", + key_type(found), fp); + xfree(fp); break; } } @@ -724,18 +674,36 @@ user_key_allowed(struct passwd *pw, Key *key) return found_key; } +/* check whether given key is in .ssh/authorized_keys* */ +static int +user_key_allowed(struct passwd *pw, Key *key) +{ + int success; + char *file; + + file = authorized_keys_file(pw); + success = user_key_allowed2(pw, key, file); + xfree(file); + if (success) + return success; + + /* try suffix "2" for backward compat, too */ + file = authorized_keys_file2(pw); + success = user_key_allowed2(pw, key, file); + xfree(file); + return success; +} + /* return 1 if given hostkey is allowed */ -int +static int hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, Key *key) { - Key *found; const char *resolvedname, *ipaddr, *lookup; - struct stat st; - char *user_hostfile; - int host_status, len; + HostStatus host_status; + int len; - resolvedname = get_canonical_hostname(options.reverse_mapping_check); + resolvedname = get_canonical_hostname(options.verify_reverse_mapping); ipaddr = get_remote_ipaddr(); debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s", @@ -760,32 +728,16 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, } debug2("userauth_hostbased: access allowed by auth_rhosts2"); - /* XXX this is copied from auth-rh-rsa.c and should be shared */ - found = key_new(key->type); - host_status = check_host_in_hostfile(_PATH_SSH_SYSTEM_HOSTFILE2, lookup, - key, found, NULL); - - if (host_status != HOST_OK && !options.ignore_user_known_hosts) { - user_hostfile = tilde_expand_filename(_PATH_SSH_USER_HOSTFILE2, - pw->pw_uid); - if (options.strict_modes && - (stat(user_hostfile, &st) == 0) && - ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { - log("Hostbased authentication refused for %.100s: " - "bad owner or modes for %.200s", - pw->pw_name, user_hostfile); - } else { - temporarily_use_uid(pw); - host_status = check_host_in_hostfile(user_hostfile, - lookup, key, found, NULL); - restore_uid(); - } - xfree(user_hostfile); - } - key_free(found); + host_status = check_key_in_hostfiles(pw, key, lookup, + _PATH_SSH_SYSTEM_HOSTFILE, + options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE); + + /* backward compat if no key has been found. */ + if (host_status == HOST_NEW) + host_status = check_key_in_hostfiles(pw, key, lookup, + _PATH_SSH_SYSTEM_HOSTFILE2, + options.ignore_user_known_hosts ? NULL : + _PATH_SSH_USER_HOSTFILE2); - debug2("userauth_hostbased: key %s for %s", host_status == HOST_OK ? - "ok" : "not found", lookup); return (host_status == HOST_OK); } diff --git a/crypto/openssh/authfd.c b/crypto/openssh/authfd.c index 87f3ccfeef2e..fa764358facc 100644 --- a/crypto/openssh/authfd.c +++ b/crypto/openssh/authfd.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.39 2001/04/05 10:42:48 markus Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.48 2002/02/24 19:14:59 markus Exp $"); #include <openssl/evp.h> @@ -58,7 +58,8 @@ int decode_reply(int type); /* macro to check for "agent failure" message */ #define agent_failed(x) \ - ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE)) + ((x == SSH_AGENT_FAILURE) || (x == SSH_COM_AGENT2_FAILURE) || \ + (x == SSH2_AGENT_FAILURE)) /* Returns the number of the authentication fd, or -1 if there is none. */ @@ -66,7 +67,7 @@ int ssh_get_authentication_socket(void) { const char *authsocket; - int sock, len; + int sock; struct sockaddr_un sunaddr; authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); @@ -75,8 +76,6 @@ ssh_get_authentication_socket(void) sunaddr.sun_family = AF_UNIX; strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); - len = SUN_LEN(&sunaddr)+1; - sunaddr.sun_len = len; sock = socket(AF_UNIX, SOCK_STREAM, 0); if (sock < 0) @@ -87,14 +86,14 @@ ssh_get_authentication_socket(void) close(sock); return -1; } - if (connect(sock, (struct sockaddr *) & sunaddr, len) < 0) { + if (connect(sock, (struct sockaddr *) &sunaddr, sizeof sunaddr) < 0) { close(sock); return -1; } return sock; } -int +static int ssh_request_reply(AuthenticationConnection *auth, Buffer *request, Buffer *reply) { int l, len; @@ -218,7 +217,7 @@ ssh_get_num_identities(AuthenticationConnection *auth, int version) int type, code1 = 0, code2 = 0; Buffer request; - switch(version){ + switch (version) { case 1: code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES; code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER; @@ -287,7 +286,7 @@ ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int versio * Get the next entry from the packet. These will abort with a fatal * error if the packet is too short or contains corrupt data. */ - switch(version){ + switch (version) { case 1: key = key_new(KEY_RSA1); bits = buffer_get_int(&auth->identities); @@ -345,7 +344,7 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, buffer_put_bignum(&buffer, key->rsa->e); buffer_put_bignum(&buffer, key->rsa->n); buffer_put_bignum(&buffer, challenge); - buffer_append(&buffer, (char *) session_id, 16); + buffer_append(&buffer, session_id, 16); buffer_put_int(&buffer, response_type); if (ssh_request_reply(auth, &buffer, &buffer) == 0) { @@ -375,8 +374,8 @@ ssh_decrypt_challenge(AuthenticationConnection *auth, int ssh_agent_sign(AuthenticationConnection *auth, Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen) + u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) { extern int datafellows; Buffer msg; @@ -417,7 +416,7 @@ ssh_agent_sign(AuthenticationConnection *auth, /* Encode key for a message to the agent. */ -void +static void ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) { buffer_clear(b); @@ -430,16 +429,16 @@ ssh_encode_identity_rsa1(Buffer *b, RSA *key, const char *comment) buffer_put_bignum(b, key->iqmp); /* ssh key->u */ buffer_put_bignum(b, key->q); /* ssh key->p, SSL key->q */ buffer_put_bignum(b, key->p); /* ssh key->q, SSL key->p */ - buffer_put_string(b, comment, strlen(comment)); + buffer_put_cstring(b, comment); } -void +static void ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment) { buffer_clear(b); buffer_put_char(b, SSH2_AGENTC_ADD_IDENTITY); buffer_put_cstring(b, key_ssh_name(key)); - switch(key->type){ + switch (key->type) { case KEY_RSA: buffer_put_bignum2(b, key->rsa->n); buffer_put_bignum2(b, key->rsa->e); @@ -532,6 +531,25 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) return decode_reply(type); } +int +ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id) +{ + Buffer msg; + int type; + + buffer_init(&msg); + buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : + SSH_AGENTC_REMOVE_SMARTCARD_KEY); + buffer_put_cstring(&msg, reader_id); + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); + return 0; + } + type = buffer_get_char(&msg); + buffer_free(&msg); + return decode_reply(type); +} + /* * Removes all identities from the agent. This call is not meant to be used * by normal applications. @@ -564,6 +582,7 @@ decode_reply(int type) switch (type) { case SSH_AGENT_FAILURE: case SSH_COM_AGENT2_FAILURE: + case SSH2_AGENT_FAILURE: log("SSH_AGENT_FAILURE"); return 0; case SSH_AGENT_SUCCESS: diff --git a/crypto/openssh/authfd.h b/crypto/openssh/authfd.h index 29d1847b5ee1..0f2ca7a2ecff 100644 --- a/crypto/openssh/authfd.h +++ b/crypto/openssh/authfd.h @@ -1,3 +1,5 @@ +/* $OpenBSD: authfd.h,v 1.23 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,8 +13,6 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: authfd.h,v 1.16 2000/12/20 19:37:21 markus Exp $"); */ - #ifndef AUTHFD_H #define AUTHFD_H @@ -38,101 +38,43 @@ #define SSH2_AGENTC_REMOVE_IDENTITY 18 #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 +/* smartcard */ +#define SSH_AGENTC_ADD_SMARTCARD_KEY 20 +#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 + +/* extended failure messages */ +#define SSH2_AGENT_FAILURE 30 + /* additional error code for ssh.com's ssh-agent2 */ -#define SSH_COM_AGENT2_FAILURE 102 +#define SSH_COM_AGENT2_FAILURE 102 #define SSH_AGENT_OLD_SIGNATURE 0x01 - typedef struct { int fd; Buffer identities; int howmany; } AuthenticationConnection; -/* Returns the number of the authentication fd, or -1 if there is none. */ -int ssh_get_authentication_socket(void); +int ssh_get_authentication_socket(void); +void ssh_close_authentication_socket(int); -/* - * This should be called for any descriptor returned by - * ssh_get_authentication_socket(). Depending on the way the descriptor was - * obtained, this may close the descriptor. - */ -void ssh_close_authentication_socket(int authfd); - -/* - * Opens and connects a private socket for communication with the - * authentication agent. Returns NULL if an error occurred and the - * connection could not be opened. The connection should be closed by the - * caller by calling ssh_close_authentication_connection(). - */ AuthenticationConnection *ssh_get_authentication_connection(void); +void ssh_close_authentication_connection(AuthenticationConnection *); +int ssh_get_num_identities(AuthenticationConnection *, int); +Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); +Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); +int ssh_add_identity(AuthenticationConnection *, Key *, const char *); +int ssh_remove_identity(AuthenticationConnection *, Key *); +int ssh_remove_all_identities(AuthenticationConnection *, int); +int ssh_update_card(AuthenticationConnection *, int, const char *); -/* - * Closes the connection to the authentication agent and frees any associated - * memory. - */ -void ssh_close_authentication_connection(AuthenticationConnection *auth); - -/* - * Returns the number authentication identity held by the agent. - */ -int ssh_get_num_identities(AuthenticationConnection *auth, int version); - -/* - * Returns the first authentication identity held by the agent or NULL if - * no identies are available. Caller must free comment and key. - * Note that you cannot mix calls with different versions. - */ -Key *ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int version); - -/* - * Returns the next authentication identity for the agent. Other functions - * can be called between this and ssh_get_first_identity or two calls of this - * function. This returns NULL if there are no more identities. The caller - * must free key and comment after a successful return. - */ -Key *ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version); - -/* - * Requests the agent to decrypt the given challenge. Returns true if the - * agent claims it was able to decrypt it. - */ int -ssh_decrypt_challenge(AuthenticationConnection *auth, - Key *key, BIGNUM * challenge, - u_char session_id[16], - u_int response_type, - u_char response[16]); +ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], + u_int, u_char[16]); -/* Requests the agent to sign data using key */ int -ssh_agent_sign(AuthenticationConnection *auth, - Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen); - -/* - * Adds an identity to the authentication server. This call is not meant to - * be used by normal applications. This returns true if the identity was - * successfully added. - */ -int -ssh_add_identity(AuthenticationConnection *auth, Key *key, - const char *comment); - -/* - * Removes the identity from the authentication server. This call is not - * meant to be used by normal applications. This returns true if the - * identity was successfully added. - */ -int ssh_remove_identity(AuthenticationConnection *auth, Key *key); - -/* - * Removes all identities from the authentication agent. This call is not - * meant to be used by normal applications. This returns true if the - * operation was successful. - */ -int ssh_remove_all_identities(AuthenticationConnection *auth, int version); +ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *, + u_int); #endif /* AUTHFD_H */ diff --git a/crypto/openssh/authfile.c b/crypto/openssh/authfile.c index 46a5bb92c2d3..337da595ddaf 100644 --- a/crypto/openssh/authfile.c +++ b/crypto/openssh/authfile.c @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfile.c,v 1.32 2001/04/18 23:44:51 markus Exp $"); +RCSID("$OpenBSD: authfile.c,v 1.48 2002/02/28 15:46:33 markus Exp $"); #include <openssl/err.h> #include <openssl/evp.h> @@ -50,6 +50,7 @@ RCSID("$OpenBSD: authfile.c,v 1.32 2001/04/18 23:44:51 markus Exp $"); #include "ssh.h" #include "log.h" #include "authfile.h" +#include "rsa.h" /* Version identification string for SSH v1 identity files. */ static const char authfile_id_string[] = @@ -62,13 +63,13 @@ static const char authfile_id_string[] = * passphrase. */ -int +static int key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, const char *comment) { Buffer buffer, encrypted; - char buf[100], *cp; - int fd, i; + u_char buf[100], *cp; + int fd, i, cipher_num; CipherContext ciphercontext; Cipher *cipher; u_int32_t rand; @@ -77,11 +78,9 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting * to another cipher; otherwise use SSH_AUTHFILE_CIPHER. */ - if (strcmp(passphrase, "") == 0) - cipher = cipher_by_number(SSH_CIPHER_NONE); - else - cipher = cipher_by_number(SSH_AUTHFILE_CIPHER); - if (cipher == NULL) + cipher_num = (strcmp(passphrase, "") == 0) ? + SSH_CIPHER_NONE : SSH_AUTHFILE_CIPHER; + if ((cipher = cipher_by_number(cipher_num)) == NULL) fatal("save_private_key_rsa: bad cipher"); /* This buffer is used to built the secret part of the private key. */ @@ -118,21 +117,23 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, buffer_put_char(&encrypted, 0); /* Store cipher type. */ - buffer_put_char(&encrypted, cipher->number); + buffer_put_char(&encrypted, cipher_num); buffer_put_int(&encrypted, 0); /* For future extension */ /* Store public key. This will be in plain text. */ buffer_put_int(&encrypted, BN_num_bits(key->rsa->n)); buffer_put_bignum(&encrypted, key->rsa->n); buffer_put_bignum(&encrypted, key->rsa->e); - buffer_put_string(&encrypted, comment, strlen(comment)); + buffer_put_cstring(&encrypted, comment); /* Allocate space for the private part of the key in the buffer. */ - buffer_append_space(&encrypted, &cp, buffer_len(&buffer)); + cp = buffer_append_space(&encrypted, buffer_len(&buffer)); - cipher_set_key_string(&ciphercontext, cipher, passphrase); - cipher_encrypt(&ciphercontext, (u_char *) cp, - (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); + cipher_set_key_string(&ciphercontext, cipher, passphrase, + CIPHER_ENCRYPT); + cipher_crypt(&ciphercontext, cp, + buffer_ptr(&buffer), buffer_len(&buffer)); + cipher_cleanup(&ciphercontext); memset(&ciphercontext, 0, sizeof(ciphercontext)); /* Destroy temporary data. */ @@ -147,7 +148,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, if (write(fd, buffer_ptr(&encrypted), buffer_len(&encrypted)) != buffer_len(&encrypted)) { error("write to key file %s failed: %s", filename, - strerror(errno)); + strerror(errno)); buffer_free(&encrypted); close(fd); unlink(filename); @@ -159,7 +160,7 @@ key_save_private_rsa1(Key *key, const char *filename, const char *passphrase, } /* save SSH v2 key in OpenSSL PEM format */ -int +static int key_save_private_pem(Key *key, const char *filename, const char *_passphrase, const char *comment) { @@ -167,8 +168,8 @@ key_save_private_pem(Key *key, const char *filename, const char *_passphrase, int fd; int success = 0; int len = strlen(_passphrase); - char *passphrase = (len > 0) ? (char *)_passphrase : NULL; - EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; + u_char *passphrase = (len > 0) ? (u_char *)_passphrase : NULL; + const EVP_CIPHER *cipher = (len > 0) ? EVP_des_ede3_cbc() : NULL; if (len > 0 && len <= 4) { error("passphrase too short: have %d bytes, need > 4", len); @@ -226,7 +227,7 @@ key_save_private(Key *key, const char *filename, const char *passphrase, * otherwise. */ -Key * +static Key * key_load_public_rsa1(int fd, const char *filename, char **commentp) { Buffer buffer; @@ -239,7 +240,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) lseek(fd, (off_t) 0, SEEK_SET); buffer_init(&buffer); - buffer_append_space(&buffer, &cp, len); + cp = buffer_append_space(&buffer, len); if (read(fd, cp, (size_t) len) != (size_t) len) { debug("Read from key file %.200s failed: %.100s", filename, @@ -250,7 +251,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { - debug3("No RSA1 key file %.200s.", filename); + debug3("Not a RSA1 key file %.200s.", filename); buffer_free(&buffer); return NULL; } @@ -260,7 +261,7 @@ key_load_public_rsa1(int fd, const char *filename, char **commentp) */ for (i = 0; i < sizeof(authfile_id_string); i++) if (buffer_get_char(&buffer) != authfile_id_string[i]) { - debug3("No RSA1 key file %.200s.", filename); + debug3("Not a RSA1 key file %.200s.", filename); buffer_free(&buffer); return NULL; } @@ -306,25 +307,23 @@ key_load_public_type(int type, const char *filename, char **commentp) * Assumes we are called under uid of the owner of the file. */ -Key * +static Key * key_load_private_rsa1(int fd, const char *filename, const char *passphrase, char **commentp) { int i, check1, check2, cipher_type; off_t len; Buffer buffer, decrypted; - char *cp; + u_char *cp; CipherContext ciphercontext; Cipher *cipher; - BN_CTX *ctx; - BIGNUM *aux; Key *prv = NULL; len = lseek(fd, (off_t) 0, SEEK_END); lseek(fd, (off_t) 0, SEEK_SET); buffer_init(&buffer); - buffer_append_space(&buffer, &cp, len); + cp = buffer_append_space(&buffer, len); if (read(fd, cp, (size_t) len) != (size_t) len) { debug("Read from key file %.200s failed: %.100s", filename, @@ -336,7 +335,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, /* Check that it is at least big enough to contain the ID string. */ if (len < sizeof(authfile_id_string)) { - debug3("No RSA1 key file %.200s.", filename); + debug3("Not a RSA1 key file %.200s.", filename); buffer_free(&buffer); close(fd); return NULL; @@ -347,7 +346,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, */ for (i = 0; i < sizeof(authfile_id_string); i++) if (buffer_get_char(&buffer) != authfile_id_string[i]) { - debug3("No RSA1 key file %.200s.", filename); + debug3("Not a RSA1 key file %.200s.", filename); buffer_free(&buffer); close(fd); return NULL; @@ -378,12 +377,14 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, } /* Initialize space for decrypted data. */ buffer_init(&decrypted); - buffer_append_space(&decrypted, &cp, buffer_len(&buffer)); + cp = buffer_append_space(&decrypted, buffer_len(&buffer)); /* Rest of the buffer is encrypted. Decrypt it using the passphrase. */ - cipher_set_key_string(&ciphercontext, cipher, passphrase); - cipher_decrypt(&ciphercontext, (u_char *) cp, - (u_char *) buffer_ptr(&buffer), buffer_len(&buffer)); + cipher_set_key_string(&ciphercontext, cipher, passphrase, + CIPHER_DECRYPT); + cipher_crypt(&ciphercontext, cp, + buffer_ptr(&buffer), buffer_len(&buffer)); + cipher_cleanup(&ciphercontext); memset(&ciphercontext, 0, sizeof(ciphercontext)); buffer_free(&buffer); @@ -406,17 +407,7 @@ key_load_private_rsa1(int fd, const char *filename, const char *passphrase, buffer_get_bignum(&decrypted, prv->rsa->p); /* q */ /* calculate p-1 and q-1 */ - ctx = BN_CTX_new(); - aux = BN_new(); - - BN_sub(aux, prv->rsa->q, BN_value_one()); - BN_mod(prv->rsa->dmq1, prv->rsa->d, aux, ctx); - - BN_sub(aux, prv->rsa->p, BN_value_one()); - BN_mod(prv->rsa->dmp1, prv->rsa->d, aux, ctx); - - BN_clear_free(aux); - BN_CTX_free(ctx); + rsa_generate_additional_parameters(prv->rsa); buffer_free(&decrypted); close(fd); @@ -430,7 +421,7 @@ fail: return NULL; } -Key * +static Key * key_load_private_pem(int fd, int type, const char *passphrase, char **commentp) { @@ -450,7 +441,7 @@ key_load_private_pem(int fd, int type, const char *passphrase, debug("PEM_read_PrivateKey failed"); (void)ERR_get_error(); } else if (pk->type == EVP_PKEY_RSA && - (type == KEY_UNSPEC||type==KEY_RSA)) { + (type == KEY_UNSPEC||type==KEY_RSA)) { prv = key_new(KEY_UNSPEC); prv->rsa = EVP_PKEY_get1_RSA(pk); prv->type = KEY_RSA; @@ -459,7 +450,7 @@ key_load_private_pem(int fd, int type, const char *passphrase, RSA_print_fp(stderr, prv->rsa, 8); #endif } else if (pk->type == EVP_PKEY_DSA && - (type == KEY_UNSPEC||type==KEY_DSA)) { + (type == KEY_UNSPEC||type==KEY_DSA)) { prv = key_new(KEY_UNSPEC); prv->dsa = EVP_PKEY_get1_DSA(pk); prv->type = KEY_DSA; @@ -481,20 +472,23 @@ key_load_private_pem(int fd, int type, const char *passphrase, return prv; } -int +static int key_perm_ok(int fd, const char *filename) { struct stat st; - /* check owner and modes */ - if (fstat(fd, &st) < 0 || - (st.st_uid != 0 && getuid() != 0 && st.st_uid != getuid()) || - (st.st_mode & 077) != 0) { - close(fd); + if (fstat(fd, &st) < 0) + return 0; + /* + * if a key owned by the user is accessed, then we check the + * permissions of the file. if the key owned by a different user, + * then we don't care. + */ + if ((st.st_uid == getuid()) && (st.st_mode & 077) != 0) { error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); error("@ WARNING: UNPROTECTED PRIVATE KEY FILE! @"); error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"); - error("Bad ownership or mode(0%3.3o) for '%s'.", + error("Permissions 0%3.3o for '%s' are too open.", st.st_mode & 0777, filename); error("It is recommended that your private key files are NOT accessible by others."); error("This private key will be ignored."); @@ -540,7 +534,7 @@ Key * key_load_private(const char *filename, const char *passphrase, char **commentp) { - Key *pub; + Key *pub, *prv; int fd; fd = open(filename, O_RDONLY); @@ -555,16 +549,20 @@ key_load_private(const char *filename, const char *passphrase, lseek(fd, (off_t) 0, SEEK_SET); /* rewind */ if (pub == NULL) { /* closes fd */ - return key_load_private_pem(fd, KEY_UNSPEC, passphrase, NULL); + prv = key_load_private_pem(fd, KEY_UNSPEC, passphrase, NULL); + /* use the filename as a comment for PEM */ + if (commentp && prv) + *commentp = xstrdup(filename); } else { /* it's a SSH v1 key if the public key part is readable */ key_free(pub); /* closes fd */ - return key_load_private_rsa1(fd, filename, passphrase, NULL); + prv = key_load_private_rsa1(fd, filename, passphrase, NULL); } + return prv; } -int +static int key_try_load_public(Key *k, const char *filename, char **commentp) { FILE *f; @@ -576,7 +574,7 @@ key_try_load_public(Key *k, const char *filename, char **commentp) while (fgets(line, sizeof(line), f)) { line[sizeof(line)-1] = '\0'; cp = line; - switch(*cp){ + switch (*cp) { case '#': case '\n': case '\0': diff --git a/crypto/openssh/authfile.h b/crypto/openssh/authfile.h index da90cd91364b..c614ca12ce89 100644 --- a/crypto/openssh/authfile.h +++ b/crypto/openssh/authfile.h @@ -1,3 +1,5 @@ +/* $OpenBSD: authfile.h,v 1.9 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -10,27 +12,13 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* $OpenBSD: authfile.h,v 1.6 2001/03/26 08:07:08 markus Exp $ */ - #ifndef AUTHFILE_H #define AUTHFILE_H -int -key_save_private(Key *key, const char *filename, const char *passphrase, - const char *comment); - -Key * -key_load_public(const char *filename, char **commentp); - -Key * -key_load_public_type(int type, const char *filename, char **commentp); - -Key * -key_load_private(const char *filename, const char *passphrase, - char **commentp); - -Key * -key_load_private_type(int type, const char *filename, const char *passphrase, - char **commentp); +int key_save_private(Key *, const char *, const char *, const char *); +Key *key_load_public(const char *, char **); +Key *key_load_public_type(int, const char *, char **); +Key *key_load_private(const char *, const char *, char **); +Key *key_load_private_type(int, const char *, const char *, char **); #endif diff --git a/crypto/openssh/bufaux.c b/crypto/openssh/bufaux.c index 8970ba13721c..0c92ed9d648b 100644 --- a/crypto/openssh/bufaux.c +++ b/crypto/openssh/bufaux.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: bufaux.c,v 1.17 2001/01/21 19:05:45 markus Exp $"); +RCSID("$OpenBSD: bufaux.c,v 1.22 2002/01/18 18:14:17 stevesk Exp $"); #include <openssl/bn.h> #include "bufaux.h" @@ -62,7 +62,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value) oi = BN_bn2bin(value, buf); if (oi != bin_size) fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", - oi, bin_size); + oi, bin_size); /* Store the number of bits in the buffer in two bytes, msb first. */ PUT_16BIT(msg, bits); @@ -77,7 +77,7 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value) /* * Retrieves an BIGNUM from the buffer. */ -int +void buffer_get_bignum(Buffer *buffer, BIGNUM *value) { int bits, bytes; @@ -90,11 +90,9 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value) bytes = (bits + 7) / 8; if (buffer_len(buffer) < bytes) fatal("buffer_get_bignum: input buffer too small"); - bin = (u_char *) buffer_ptr(buffer); + bin = buffer_ptr(buffer); BN_bin2bn(bin, bytes, value); buffer_consume(buffer, bytes); - - return 2 + bytes; } /* @@ -112,16 +110,16 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value) oi = BN_bn2bin(value, buf+1); if (oi != bytes-1) fatal("buffer_put_bignum: BN_bn2bin() failed: oi %d != bin_size %d", - oi, bytes); + oi, bytes); hasnohigh = (buf[1] & 0x80) ? 0 : 1; if (value->neg) { /**XXX should be two's-complement */ int i, carry; u_char *uc = buf; log("negativ!"); - for(i = bytes-1, carry = 1; i>=0; i--) { + for (i = bytes-1, carry = 1; i>=0; i--) { uc[i] ^= 0xff; - if(carry) + if (carry) carry = !++uc[i]; } } @@ -130,15 +128,14 @@ buffer_put_bignum2(Buffer *buffer, BIGNUM *value) xfree(buf); } -int +void buffer_get_bignum2(Buffer *buffer, BIGNUM *value) { /**XXX should be two's-complement */ int len; - u_char *bin = (u_char *)buffer_get_string(buffer, (u_int *)&len); + u_char *bin = buffer_get_string(buffer, (u_int *)&len); BN_bin2bn(bin, len, value); xfree(bin); - return len; } /* @@ -187,11 +184,11 @@ buffer_put_int64(Buffer *buffer, u_int64_t value) * will be stored there. A null character will be automatically appended * to the returned string, and is not counted in length. */ -char * +void * buffer_get_string(Buffer *buffer, u_int *length_ptr) { u_int len; - char *value; + u_char *value; /* Get the length. */ len = buffer_get_int(buffer); if (len > 256 * 1024) diff --git a/crypto/openssh/bufaux.h b/crypto/openssh/bufaux.h index 8902ec2a8a0a..fda41caaa5f0 100644 --- a/crypto/openssh/bufaux.h +++ b/crypto/openssh/bufaux.h @@ -1,3 +1,5 @@ +/* $OpenBSD: bufaux.h,v 1.16 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -10,51 +12,28 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: bufaux.h,v 1.11 2001/01/21 19:05:45 markus Exp $"); */ - #ifndef BUFAUX_H #define BUFAUX_H #include "buffer.h" #include <openssl/bn.h> -/* - * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed - * by (bits+7)/8 bytes of binary data, msb first. - */ -void buffer_put_bignum(Buffer * buffer, BIGNUM * value); -void buffer_put_bignum2(Buffer * buffer, BIGNUM * value); - -/* Retrieves an BIGNUM from the buffer. */ -int buffer_get_bignum(Buffer * buffer, BIGNUM * value); -int buffer_get_bignum2(Buffer *buffer, BIGNUM * value); +void buffer_put_bignum(Buffer *, BIGNUM *); +void buffer_put_bignum2(Buffer *, BIGNUM *); +void buffer_get_bignum(Buffer *, BIGNUM *); +void buffer_get_bignum2(Buffer *, BIGNUM *); -/* Returns an integer from the buffer (4 bytes, msb first). */ -u_int buffer_get_int(Buffer * buffer); -u_int64_t buffer_get_int64(Buffer *buffer); +u_int buffer_get_int(Buffer *); +void buffer_put_int(Buffer *, u_int); -/* Stores an integer in the buffer in 4 bytes, msb first. */ -void buffer_put_int(Buffer * buffer, u_int value); -void buffer_put_int64(Buffer *buffer, u_int64_t value); +u_int64_t buffer_get_int64(Buffer *); +void buffer_put_int64(Buffer *, u_int64_t); -/* Returns a character from the buffer (0 - 255). */ -int buffer_get_char(Buffer * buffer); - -/* Stores a character in the buffer. */ -void buffer_put_char(Buffer * buffer, int value); - -/* - * Returns an arbitrary binary string from the buffer. The string cannot be - * longer than 256k. The returned value points to memory allocated with - * xmalloc; it is the responsibility of the calling function to free the - * data. If length_ptr is non-NULL, the length of the returned data will be - * stored there. A null character will be automatically appended to the - * returned string, and is not counted in length. - */ -char *buffer_get_string(Buffer * buffer, u_int *length_ptr); +int buffer_get_char(Buffer *); +void buffer_put_char(Buffer *, int); -/* Stores and arbitrary binary string in the buffer. */ -void buffer_put_string(Buffer * buffer, const void *buf, u_int len); -void buffer_put_cstring(Buffer *buffer, const char *s); +void *buffer_get_string(Buffer *, u_int *); +void buffer_put_string(Buffer *, const void *, u_int); +void buffer_put_cstring(Buffer *, const char *); #endif /* BUFAUX_H */ diff --git a/crypto/openssh/buffer.c b/crypto/openssh/buffer.c index 044caafb5d73..40572e5ac30e 100644 --- a/crypto/openssh/buffer.c +++ b/crypto/openssh/buffer.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: buffer.c,v 1.13 2001/04/12 19:15:24 markus Exp $"); +RCSID("$OpenBSD: buffer.c,v 1.15 2002/01/18 18:14:17 stevesk Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -53,11 +53,11 @@ buffer_clear(Buffer *buffer) /* Appends data to the buffer, expanding it if necessary. */ void -buffer_append(Buffer *buffer, const char *data, u_int len) +buffer_append(Buffer *buffer, const void *data, u_int len) { - char *cp; - buffer_append_space(buffer, &cp, len); - memcpy(cp, data, len); + void *p; + p = buffer_append_space(buffer, len); + memcpy(p, data, len); } /* @@ -66,9 +66,11 @@ buffer_append(Buffer *buffer, const char *data, u_int len) * to the allocated region. */ -void -buffer_append_space(Buffer *buffer, char **datap, u_int len) +void * +buffer_append_space(Buffer *buffer, u_int len) { + void *p; + /* If the buffer is empty, start using it from the beginning. */ if (buffer->offset == buffer->end) { buffer->offset = 0; @@ -77,9 +79,9 @@ buffer_append_space(Buffer *buffer, char **datap, u_int len) restart: /* If there is enough space to store all data, store it now. */ if (buffer->end + len < buffer->alloc) { - *datap = buffer->buf + buffer->end; + p = buffer->buf + buffer->end; buffer->end += len; - return; + return p; } /* * If the buffer is quite empty, but all data is at the end, move the @@ -96,6 +98,7 @@ restart: buffer->alloc += len + 32768; buffer->buf = xrealloc(buffer->buf, buffer->alloc); goto restart; + /* NOTREACHED */ } /* Returns the number of bytes of data in the buffer. */ @@ -109,7 +112,7 @@ buffer_len(Buffer *buffer) /* Gets data from the beginning of the buffer. */ void -buffer_get(Buffer *buffer, char *buf, u_int len) +buffer_get(Buffer *buffer, void *buf, u_int len) { if (len > buffer->end - buffer->offset) fatal("buffer_get: trying to get more bytes %d than in buffer %d", @@ -140,7 +143,7 @@ buffer_consume_end(Buffer *buffer, u_int bytes) /* Returns a pointer to the first used byte in the buffer. */ -char * +void * buffer_ptr(Buffer *buffer) { return buffer->buf + buffer->offset; @@ -152,7 +155,7 @@ void buffer_dump(Buffer *buffer) { int i; - u_char *ucp = (u_char *) buffer->buf; + u_char *ucp = buffer->buf; for (i = buffer->offset; i < buffer->end; i++) { fprintf(stderr, "%02x", ucp[i]); diff --git a/crypto/openssh/buffer.h b/crypto/openssh/buffer.h index f3c509dfadb8..5e4c41244230 100644 --- a/crypto/openssh/buffer.h +++ b/crypto/openssh/buffer.h @@ -1,3 +1,5 @@ +/* $OpenBSD: buffer.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,56 +13,31 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: buffer.h,v 1.7 2000/12/19 23:17:55 markus Exp $"); */ - #ifndef BUFFER_H #define BUFFER_H typedef struct { - char *buf; /* Buffer for data. */ - u_int alloc; /* Number of bytes allocated for data. */ - u_int offset; /* Offset of first byte containing data. */ - u_int end; /* Offset of last byte containing data. */ + u_char *buf; /* Buffer for data. */ + u_int alloc; /* Number of bytes allocated for data. */ + u_int offset; /* Offset of first byte containing data. */ + u_int end; /* Offset of last byte containing data. */ } Buffer; -/* Initializes the buffer structure. */ -void buffer_init(Buffer * buffer); - -/* Frees any memory used for the buffer. */ -void buffer_free(Buffer * buffer); - -/* Clears any data from the buffer, making it empty. This does not actually - zero the memory. */ -void buffer_clear(Buffer * buffer); - -/* Appends data to the buffer, expanding it if necessary. */ -void buffer_append(Buffer * buffer, const char *data, u_int len); -/* - * Appends space to the buffer, expanding the buffer if necessary. This does - * not actually copy the data into the buffer, but instead returns a pointer - * to the allocated region. - */ -void buffer_append_space(Buffer * buffer, char **datap, u_int len); - -/* Returns the number of bytes of data in the buffer. */ -u_int buffer_len(Buffer * buffer); +void buffer_init(Buffer *); +void buffer_clear(Buffer *); +void buffer_free(Buffer *); -/* Gets data from the beginning of the buffer. */ -void buffer_get(Buffer * buffer, char *buf, u_int len); +u_int buffer_len(Buffer *); +void *buffer_ptr(Buffer *); -/* Consumes the given number of bytes from the beginning of the buffer. */ -void buffer_consume(Buffer * buffer, u_int bytes); +void buffer_append(Buffer *, const void *, u_int); +void *buffer_append_space(Buffer *, u_int); -/* Consumes the given number of bytes from the end of the buffer. */ -void buffer_consume_end(Buffer * buffer, u_int bytes); +void buffer_get(Buffer *, void *, u_int); -/* Returns a pointer to the first used byte in the buffer. */ -char *buffer_ptr(Buffer * buffer); +void buffer_consume(Buffer *, u_int); +void buffer_consume_end(Buffer *, u_int); -/* - * Dumps the contents of the buffer to stderr in hex. This intended for - * debugging purposes only. - */ -void buffer_dump(Buffer * buffer); +void buffer_dump(Buffer *); #endif /* BUFFER_H */ diff --git a/crypto/openssh/canohost.c b/crypto/openssh/canohost.c index f13e29657b67..65342e935d22 100644 --- a/crypto/openssh/canohost.c +++ b/crypto/openssh/canohost.c @@ -12,22 +12,22 @@ */ #include "includes.h" -RCSID("$OpenBSD: canohost.c,v 1.26 2001/04/18 14:15:00 markus Exp $"); +RCSID("$OpenBSD: canohost.c,v 1.31 2002/02/27 21:23:13 stevesk Exp $"); #include "packet.h" #include "xmalloc.h" #include "log.h" #include "canohost.h" -void check_ip_options(int socket, char *ipaddr); +static void check_ip_options(int, char *); /* * Return the canonical name of the host at the other end of the socket. The * caller should free the returned string with xfree. */ -char * -get_remote_hostname(int socket, int reverse_mapping_check) +static char * +get_remote_hostname(int socket, int verify_reverse_mapping) { struct sockaddr_storage from; int i; @@ -46,13 +46,13 @@ get_remote_hostname(int socket, int reverse_mapping_check) check_ip_options(socket, ntop); if (getnameinfo((struct sockaddr *)&from, fromlen, ntop, sizeof(ntop), - NULL, 0, NI_NUMERICHOST) != 0) + NULL, 0, NI_NUMERICHOST) != 0) fatal("get_remote_hostname: getnameinfo NI_NUMERICHOST failed"); debug3("Trying to reverse map address %.100s.", ntop); /* Map the IP address to a host name. */ if (getnameinfo((struct sockaddr *)&from, fromlen, name, sizeof(name), - NULL, 0, NI_NAMEREQD) != 0) { + NULL, 0, NI_NAMEREQD) != 0) { /* Host name not found. Use ip address. */ log("Could not reverse map address %.100s.", ntop); return xstrdup(ntop); @@ -68,7 +68,7 @@ get_remote_hostname(int socket, int reverse_mapping_check) if (isupper(name[i])) name[i] = tolower(name[i]); - if (!reverse_mapping_check) + if (!verify_reverse_mapping) return xstrdup(name); /* * Map it back to an IP address and check that the given @@ -118,7 +118,7 @@ get_remote_hostname(int socket, int reverse_mapping_check) * exit here if we detect any IP options. */ /* IPv4 only */ -void +static void check_ip_options(int socket, char *ipaddr) { u_char options[200]; @@ -132,7 +132,7 @@ check_ip_options(int socket, char *ipaddr) else ipproto = IPPROTO_IP; option_size = sizeof(options); - if (getsockopt(socket, ipproto, IP_OPTIONS, (void *)options, + if (getsockopt(socket, ipproto, IP_OPTIONS, options, &option_size) >= 0 && option_size != 0) { text[0] = '\0'; for (i = 0; i < option_size; i++) @@ -152,14 +152,14 @@ check_ip_options(int socket, char *ipaddr) */ const char * -get_canonical_hostname(int reverse_mapping_check) +get_canonical_hostname(int verify_reverse_mapping) { static char *canonical_host_name = NULL; - static int reverse_mapping_checked = 0; + static int verify_reverse_mapping_done = 0; /* Check if we have previously retrieved name with same option. */ if (canonical_host_name != NULL) { - if (reverse_mapping_checked != reverse_mapping_check) + if (verify_reverse_mapping_done != verify_reverse_mapping) xfree(canonical_host_name); else return canonical_host_name; @@ -168,11 +168,11 @@ get_canonical_hostname(int reverse_mapping_check) /* Get the real hostname if socket; otherwise return UNKNOWN. */ if (packet_connection_is_on_socket()) canonical_host_name = get_remote_hostname( - packet_get_connection_in(), reverse_mapping_check); + packet_get_connection_in(), verify_reverse_mapping); else canonical_host_name = xstrdup("UNKNOWN"); - reverse_mapping_checked = reverse_mapping_check; + verify_reverse_mapping_done = verify_reverse_mapping; return canonical_host_name; } @@ -180,7 +180,7 @@ get_canonical_hostname(int reverse_mapping_check) * Returns the remote IP-address of socket as a string. The returned * string must be freed. */ -char * +static char * get_socket_address(int socket, int remote, int flags) { struct sockaddr_storage addr; @@ -208,7 +208,7 @@ get_socket_address(int socket, int remote, int flags) } /* Get the address in ascii. */ if (getnameinfo((struct sockaddr *)&addr, addrlen, ntop, sizeof(ntop), - NULL, 0, flags) != 0) { + NULL, 0, flags) != 0) { error("get_socket_ipaddr: getnameinfo %d failed", flags); return NULL; } @@ -239,7 +239,7 @@ get_local_name(int socket) */ const char * -get_remote_ipaddr() +get_remote_ipaddr(void) { static char *canonical_host_ip = NULL; @@ -259,11 +259,11 @@ get_remote_ipaddr() } const char * -get_remote_name_or_ip(u_int utmp_len, int reverse_mapping_check) +get_remote_name_or_ip(u_int utmp_len, int verify_reverse_mapping) { static const char *remote = ""; if (utmp_len > 0) - remote = get_canonical_hostname(reverse_mapping_check); + remote = get_canonical_hostname(verify_reverse_mapping); if (utmp_len == 0 || strlen(remote) > utmp_len) remote = get_remote_ipaddr(); return remote; @@ -271,7 +271,7 @@ get_remote_name_or_ip(u_int utmp_len, int reverse_mapping_check) /* Returns the local/remote port for the socket. */ -int +static int get_sock_port(int sock, int local) { struct sockaddr_storage from; @@ -294,14 +294,14 @@ get_sock_port(int sock, int local) } /* Return port number. */ if (getnameinfo((struct sockaddr *)&from, fromlen, NULL, 0, - strport, sizeof(strport), NI_NUMERICSERV) != 0) + strport, sizeof(strport), NI_NUMERICSERV) != 0) fatal("get_sock_port: getnameinfo NI_NUMERICSERV failed"); return atoi(strport); } /* Returns remote/local port number for the current connection. */ -int +static int get_port(int local) { /* @@ -322,13 +322,13 @@ get_peer_port(int sock) } int -get_remote_port() +get_remote_port(void) { return get_port(0); } int -get_local_port() +get_local_port(void) { return get_port(1); } diff --git a/crypto/openssh/canohost.h b/crypto/openssh/canohost.h index 36fb345a1223..4347b488a145 100644 --- a/crypto/openssh/canohost.h +++ b/crypto/openssh/canohost.h @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.h,v 1.6 2001/04/12 19:15:24 markus Exp $ */ +/* $OpenBSD: canohost.h,v 1.8 2001/06/26 17:27:23 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -12,27 +12,14 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* - * Return the canonical name of the host in the other side of the current - * connection (as returned by packet_get_connection). The host name is - * cached, so it is efficient to call this several times. - */ -const char *get_canonical_hostname(int reverse_mapping_check); - -/* - * Returns the IP-address of the remote host as a string. The returned - * string is cached and must not be freed. - */ -const char *get_remote_ipaddr(void); - -const char *get_remote_name_or_ip(u_int utmp_len, int reverse_mapping_check); +const char *get_canonical_hostname(int); +const char *get_remote_ipaddr(void); +const char *get_remote_name_or_ip(u_int, int); -/* Returns the ipaddr/port number of the peer of the socket. */ -char * get_peer_ipaddr(int socket); -int get_peer_port(int sock); -char * get_local_ipaddr(int socket); -char * get_local_name(int socket); +char *get_peer_ipaddr(int); +int get_peer_port(int); +char *get_local_ipaddr(int); +char *get_local_name(int); -/* Returns the port number of the remote/local host. */ -int get_remote_port(void); -int get_local_port(void); +int get_remote_port(void); +int get_local_port(void); diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index 08780b0ebd9e..841a8990e0dc 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -12,9 +12,8 @@ * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". * - * * SSH2 support added by Markus Friedl. - * Copyright (c) 1999,2000 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * Copyright (c) 1999 Dug Song. All rights reserved. * Copyright (c) 1999 Theo de Raadt. All rights reserved. * @@ -40,70 +39,46 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.109 2001/04/17 12:55:03 markus Exp $"); - -#include <openssl/rsa.h> -#include <openssl/dsa.h> +RCSID("$OpenBSD: channels.c,v 1.171 2002/03/04 19:37:58 markus Exp $"); #include "ssh.h" #include "ssh1.h" #include "ssh2.h" #include "packet.h" #include "xmalloc.h" -#include "buffer.h" -#include "bufaux.h" #include "uidswap.h" #include "log.h" #include "misc.h" #include "channels.h" -#include "nchan.h" #include "compat.h" #include "canohost.h" #include "key.h" #include "authfd.h" +#include "pathnames.h" -/* Maximum number of fake X11 displays to try. */ -#define MAX_DISPLAYS 1000 -/* Max len of agent socket */ -#define MAX_SOCKET_NAME 100 +/* -- channel core */ /* * Pointer to an array containing all allocated channels. The array is * dynamically extended as needed. */ -static Channel *channels = NULL; +static Channel **channels = NULL; /* * Size of the channel array. All slots of the array must always be - * initialized (at least the type field); unused slots are marked with type - * SSH_CHANNEL_FREE. + * initialized (at least the type field); unused slots set to NULL */ static int channels_alloc = 0; /* * Maximum file descriptor value used in any of the channels. This is - * updated in channel_allocate. + * updated in channel_new. */ static int channel_max_fd = 0; -/* Name and directory of socket for authentication agent forwarding. */ -static char *channel_forwarded_auth_socket_name = NULL; -static char *channel_forwarded_auth_socket_dir = NULL; - -/* Saved X11 authentication protocol name. */ -char *x11_saved_proto = NULL; - -/* Saved X11 authentication data. This is the real data. */ -char *x11_saved_data = NULL; -u_int x11_saved_data_len = 0; -/* - * Fake X11 authentication data. This is what the server will be sending us; - * we should replace any occurrences of this by the real data. - */ -char *x11_fake_data = NULL; -u_int x11_fake_data_len; +/* -- tcp forwarding */ /* * Data structure for storing which hosts are permitted for forward requests. @@ -119,6 +94,7 @@ typedef struct { /* List of all permitted host/port pairs to connect. */ static ForwardPermission permitted_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; + /* Number of permitted host/port pairs in the array. */ static int num_permitted_opens = 0; /* @@ -128,34 +104,54 @@ static int num_permitted_opens = 0; */ static int all_opens_permitted = 0; -/* This is set to true if both sides support SSH_PROTOFLAG_HOST_IN_FWD_OPEN. */ -static int have_hostname_in_open = 0; -/* AF_UNSPEC or AF_INET or AF_INET6 */ -extern int IPv4or6; +/* -- X11 forwarding */ -void port_open_helper(Channel *c, char *rtype); +/* Maximum number of fake X11 displays to try. */ +#define MAX_DISPLAYS 1000 -/* Sets specific protocol options. */ +/* Saved X11 authentication protocol name. */ +static char *x11_saved_proto = NULL; -void -channel_set_options(int hostname_in_open) -{ - have_hostname_in_open = hostname_in_open; -} +/* Saved X11 authentication data. This is the real data. */ +static char *x11_saved_data = NULL; +static u_int x11_saved_data_len = 0; + +/* + * Fake X11 authentication data. This is what the server will be sending us; + * we should replace any occurrences of this by the real data. + */ +static char *x11_fake_data = NULL; +static u_int x11_fake_data_len; -/* lookup channel by id */ + +/* -- agent forwarding */ + +#define NUM_SOCKS 10 + +/* Name and directory of socket for authentication agent forwarding. */ +static char *auth_sock_name = NULL; +static char *auth_sock_dir = NULL; + +/* AF_UNSPEC or AF_INET or AF_INET6 */ +static int IPv4or6 = AF_UNSPEC; + +/* helper */ +static void port_open_helper(Channel *c, char *rtype); + +/* -- channel core */ Channel * channel_lookup(int id) { Channel *c; - if (id < 0 || id > channels_alloc) { + + if (id < 0 || id >= channels_alloc) { log("channel_lookup: %d: bad id", id); return NULL; } - c = &channels[id]; - if (c->type == SSH_CHANNEL_FREE) { + c = channels[id]; + if (c == NULL) { log("channel_lookup: %d: bad id: channel free", id); return NULL; } @@ -167,7 +163,7 @@ channel_lookup(int id) * when the channel consumer/producer is ready, e.g. shell exec'd */ -void +static void channel_register_fds(Channel *c, int rfd, int wfd, int efd, int extusage, int nonblock) { @@ -212,7 +208,7 @@ channel_register_fds(Channel *c, int rfd, int wfd, int efd, * remote_name to be freed. */ -int +Channel * channel_new(char *ctype, int type, int rfd, int wfd, int efd, int window, int maxpack, int extusage, char *remote_name, int nonblock) { @@ -221,20 +217,15 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, /* Do initial allocation if this is the first call. */ if (channels_alloc == 0) { - chan_init(); channels_alloc = 10; - channels = xmalloc(channels_alloc * sizeof(Channel)); + channels = xmalloc(channels_alloc * sizeof(Channel *)); for (i = 0; i < channels_alloc; i++) - channels[i].type = SSH_CHANNEL_FREE; - /* - * Kludge: arrange a call to channel_stop_listening if we - * terminate with fatal(). - */ - fatal_add_cleanup((void (*) (void *)) channel_stop_listening, NULL); + channels[i] = NULL; + fatal_add_cleanup((void (*) (void *)) channel_free_all, NULL); } /* Try to find a free slot where to put the new channel. */ for (found = -1, i = 0; i < channels_alloc; i++) - if (channels[i].type == SSH_CHANNEL_FREE) { + if (channels[i] == NULL) { /* Found a free slot. */ found = i; break; @@ -244,16 +235,19 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, found = channels_alloc; channels_alloc += 10; debug2("channel: expanding %d", channels_alloc); - channels = xrealloc(channels, channels_alloc * sizeof(Channel)); + channels = xrealloc(channels, channels_alloc * sizeof(Channel *)); for (i = found; i < channels_alloc; i++) - channels[i].type = SSH_CHANNEL_FREE; + channels[i] = NULL; } - /* Initialize and return new channel number. */ - c = &channels[found]; + /* Initialize and return new channel. */ + c = channels[found] = xmalloc(sizeof(Channel)); + memset(c, 0, sizeof(Channel)); buffer_init(&c->input); buffer_init(&c->output); buffer_init(&c->extended); - chan_init_iostates(c); + c->ostate = CHAN_OUTPUT_OPEN; + c->istate = CHAN_INPUT_OPEN; + c->flags = 0; channel_register_fds(c, rfd, wfd, efd, extusage, nonblock); c->self = found; c->type = type; @@ -266,73 +260,402 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd, c->remote_name = remote_name; c->remote_window = 0; c->remote_maxpacket = 0; - c->cb_fn = NULL; - c->cb_arg = NULL; - c->cb_event = 0; - c->dettach_user = NULL; + c->force_drain = 0; + c->single_connection = 0; + c->detach_user = NULL; + c->confirm = NULL; c->input_filter = NULL; debug("channel %d: new [%s]", found, remote_name); - return found; + return c; } -/* old interface XXX */ -int -channel_allocate(int type, int sock, char *remote_name) + +static int +channel_find_maxfd(void) { - return channel_new("", type, sock, sock, -1, 0, 0, 0, remote_name, 1); + int i, max = 0; + Channel *c; + + for (i = 0; i < channels_alloc; i++) { + c = channels[i]; + if (c != NULL) { + max = MAX(max, c->rfd); + max = MAX(max, c->wfd); + max = MAX(max, c->efd); + } + } + return max; } +int +channel_close_fd(int *fdp) +{ + int ret = 0, fd = *fdp; + + if (fd != -1) { + ret = close(fd); + *fdp = -1; + if (fd == channel_max_fd) + channel_max_fd = channel_find_maxfd(); + } + return ret; +} /* Close all channel fd/socket. */ -void +static void channel_close_fds(Channel *c) { - if (c->sock != -1) { - close(c->sock); - c->sock = -1; - } - if (c->rfd != -1) { - close(c->rfd); - c->rfd = -1; - } - if (c->wfd != -1) { - close(c->wfd); - c->wfd = -1; - } - if (c->efd != -1) { - close(c->efd); - c->efd = -1; - } + debug3("channel_close_fds: channel %d: r %d w %d e %d", + c->self, c->rfd, c->wfd, c->efd); + + channel_close_fd(&c->sock); + channel_close_fd(&c->rfd); + channel_close_fd(&c->wfd); + channel_close_fd(&c->efd); } /* Free the channel and close its fd/socket. */ void -channel_free(int id) +channel_free(Channel *c) { - Channel *c = channel_lookup(id); - char *s = channel_open_message(); + char *s; + int i, n; - if (c == NULL) - packet_disconnect("channel free: bad local channel %d", id); - debug("channel_free: channel %d: status: %s", id, s); + for (n = 0, i = 0; i < channels_alloc; i++) + if (channels[i]) + n++; + debug("channel_free: channel %d: %s, nchannels %d", c->self, + c->remote_name ? c->remote_name : "???", n); + + s = channel_open_message(); + debug3("channel_free: status: %s", s); xfree(s); - if (c->dettach_user != NULL) { - debug("channel_free: channel %d: dettaching channel user", id); - c->dettach_user(c->self, NULL); - } if (c->sock != -1) shutdown(c->sock, SHUT_RDWR); channel_close_fds(c); buffer_free(&c->input); buffer_free(&c->output); buffer_free(&c->extended); - c->type = SSH_CHANNEL_FREE; if (c->remote_name) { xfree(c->remote_name); c->remote_name = NULL; } + channels[c->self] = NULL; + xfree(c); +} + +void +channel_free_all(void) +{ + int i; + + for (i = 0; i < channels_alloc; i++) + if (channels[i] != NULL) + channel_free(channels[i]); +} + +/* + * Closes the sockets/fds of all channels. This is used to close extra file + * descriptors after a fork. + */ + +void +channel_close_all(void) +{ + int i; + + for (i = 0; i < channels_alloc; i++) + if (channels[i] != NULL) + channel_close_fds(channels[i]); +} + +/* + * Stop listening to channels. + */ + +void +channel_stop_listening(void) +{ + int i; + Channel *c; + + for (i = 0; i < channels_alloc; i++) { + c = channels[i]; + if (c != NULL) { + switch (c->type) { + case SSH_CHANNEL_AUTH_SOCKET: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_RPORT_LISTENER: + case SSH_CHANNEL_X11_LISTENER: + channel_close_fd(&c->sock); + channel_free(c); + break; + } + } + } +} + +/* + * Returns true if no channel has too much buffered data, and false if one or + * more channel is overfull. + */ + +int +channel_not_very_much_buffered_data(void) +{ + u_int i; + Channel *c; + + for (i = 0; i < channels_alloc; i++) { + c = channels[i]; + if (c != NULL && c->type == SSH_CHANNEL_OPEN) { +#if 0 + if (!compat20 && + buffer_len(&c->input) > packet_get_maxsize()) { + debug("channel %d: big input buffer %d", + c->self, buffer_len(&c->input)); + return 0; + } +#endif + if (buffer_len(&c->output) > packet_get_maxsize()) { + debug("channel %d: big output buffer %d > %d", + c->self, buffer_len(&c->output), + packet_get_maxsize()); + return 0; + } + } + } + return 1; +} + +/* Returns true if any channel is still open. */ + +int +channel_still_open(void) +{ + int i; + Channel *c; + + for (i = 0; i < channels_alloc; i++) { + c = channels[i]; + if (c == NULL) + continue; + switch (c->type) { + case SSH_CHANNEL_X11_LISTENER: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_RPORT_LISTENER: + case SSH_CHANNEL_CLOSED: + case SSH_CHANNEL_AUTH_SOCKET: + case SSH_CHANNEL_DYNAMIC: + case SSH_CHANNEL_CONNECTING: + case SSH_CHANNEL_ZOMBIE: + continue; + case SSH_CHANNEL_LARVAL: + if (!compat20) + fatal("cannot happen: SSH_CHANNEL_LARVAL"); + continue; + case SSH_CHANNEL_OPENING: + case SSH_CHANNEL_OPEN: + case SSH_CHANNEL_X11_OPEN: + return 1; + case SSH_CHANNEL_INPUT_DRAINING: + case SSH_CHANNEL_OUTPUT_DRAINING: + if (!compat13) + fatal("cannot happen: OUT_DRAIN"); + return 1; + default: + fatal("channel_still_open: bad channel type %d", c->type); + /* NOTREACHED */ + } + } + return 0; +} + +/* Returns the id of an open channel suitable for keepaliving */ + +int +channel_find_open(void) +{ + int i; + Channel *c; + + for (i = 0; i < channels_alloc; i++) { + c = channels[i]; + if (c == NULL) + continue; + switch (c->type) { + case SSH_CHANNEL_CLOSED: + case SSH_CHANNEL_DYNAMIC: + case SSH_CHANNEL_X11_LISTENER: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_RPORT_LISTENER: + case SSH_CHANNEL_OPENING: + case SSH_CHANNEL_CONNECTING: + case SSH_CHANNEL_ZOMBIE: + continue; + case SSH_CHANNEL_LARVAL: + case SSH_CHANNEL_AUTH_SOCKET: + case SSH_CHANNEL_OPEN: + case SSH_CHANNEL_X11_OPEN: + return i; + case SSH_CHANNEL_INPUT_DRAINING: + case SSH_CHANNEL_OUTPUT_DRAINING: + if (!compat13) + fatal("cannot happen: OUT_DRAIN"); + return i; + default: + fatal("channel_find_open: bad channel type %d", c->type); + /* NOTREACHED */ + } + } + return -1; +} + + +/* + * Returns a message describing the currently open forwarded connections, + * suitable for sending to the client. The message contains crlf pairs for + * newlines. + */ + +char * +channel_open_message(void) +{ + Buffer buffer; + Channel *c; + char buf[1024], *cp; + int i; + + buffer_init(&buffer); + snprintf(buf, sizeof buf, "The following connections are open:\r\n"); + buffer_append(&buffer, buf, strlen(buf)); + for (i = 0; i < channels_alloc; i++) { + c = channels[i]; + if (c == NULL) + continue; + switch (c->type) { + case SSH_CHANNEL_X11_LISTENER: + case SSH_CHANNEL_PORT_LISTENER: + case SSH_CHANNEL_RPORT_LISTENER: + case SSH_CHANNEL_CLOSED: + case SSH_CHANNEL_AUTH_SOCKET: + case SSH_CHANNEL_ZOMBIE: + continue; + case SSH_CHANNEL_LARVAL: + case SSH_CHANNEL_OPENING: + case SSH_CHANNEL_CONNECTING: + case SSH_CHANNEL_DYNAMIC: + case SSH_CHANNEL_OPEN: + case SSH_CHANNEL_X11_OPEN: + case SSH_CHANNEL_INPUT_DRAINING: + case SSH_CHANNEL_OUTPUT_DRAINING: + snprintf(buf, sizeof buf, " #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d)\r\n", + c->self, c->remote_name, + c->type, c->remote_id, + c->istate, buffer_len(&c->input), + c->ostate, buffer_len(&c->output), + c->rfd, c->wfd); + buffer_append(&buffer, buf, strlen(buf)); + continue; + default: + fatal("channel_open_message: bad channel type %d", c->type); + /* NOTREACHED */ + } + } + buffer_append(&buffer, "\0", 1); + cp = xstrdup(buffer_ptr(&buffer)); + buffer_free(&buffer); + return cp; +} + +void +channel_send_open(int id) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_send_open: %d: bad id", id); + return; + } + debug("send channel open %d", id); + packet_start(SSH2_MSG_CHANNEL_OPEN); + packet_put_cstring(c->ctype); + packet_put_int(c->self); + packet_put_int(c->local_window); + packet_put_int(c->local_maxpacket); + packet_send(); +} + +void +channel_request_start(int local_id, char *service, int wantconfirm) +{ + Channel *c = channel_lookup(local_id); + if (c == NULL) { + log("channel_request_start: %d: unknown channel id", local_id); + return; + } + debug("channel request %d: %s", local_id, service) ; + packet_start(SSH2_MSG_CHANNEL_REQUEST); + packet_put_int(c->remote_id); + packet_put_cstring(service); + packet_put_char(wantconfirm); +} +void +channel_register_confirm(int id, channel_callback_fn *fn) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_register_comfirm: %d: bad id", id); + return; + } + c->confirm = fn; +} +void +channel_register_cleanup(int id, channel_callback_fn *fn) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_register_cleanup: %d: bad id", id); + return; + } + c->detach_user = fn; +} +void +channel_cancel_cleanup(int id) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_cancel_cleanup: %d: bad id", id); + return; + } + c->detach_user = NULL; +} +void +channel_register_filter(int id, channel_filter_fn *fn) +{ + Channel *c = channel_lookup(id); + if (c == NULL) { + log("channel_register_filter: %d: bad id", id); + return; + } + c->input_filter = fn; +} + +void +channel_set_fds(int id, int rfd, int wfd, int efd, + int extusage, int nonblock, u_int window_max) +{ + Channel *c = channel_lookup(id); + if (c == NULL || c->type != SSH_CHANNEL_LARVAL) + fatal("channel_activate for non-larval channel %d.", id); + channel_register_fds(c, rfd, wfd, efd, extusage, nonblock); + c->type = SSH_CHANNEL_OPEN; + c->local_window = c->local_window_max = window_max; + packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); + packet_put_int(c->remote_id); + packet_put_int(c->local_window); + packet_send(); } /* @@ -347,20 +670,20 @@ typedef void chan_fn(Channel *c, fd_set * readset, fd_set * writeset); chan_fn *channel_pre[SSH_CHANNEL_MAX_TYPE]; chan_fn *channel_post[SSH_CHANNEL_MAX_TYPE]; -void +static void channel_pre_listener(Channel *c, fd_set * readset, fd_set * writeset) { FD_SET(c->sock, readset); } -void +static void channel_pre_connecting(Channel *c, fd_set * readset, fd_set * writeset) { debug3("channel %d: waiting for connection", c->self); FD_SET(c->sock, writeset); } -void +static void channel_pre_open_13(Channel *c, fd_set * readset, fd_set * writeset) { if (buffer_len(&c->input) < packet_get_maxsize()) @@ -369,29 +692,14 @@ channel_pre_open_13(Channel *c, fd_set * readset, fd_set * writeset) FD_SET(c->sock, writeset); } -void -channel_pre_open_15(Channel *c, fd_set * readset, fd_set * writeset) +static void +channel_pre_open(Channel *c, fd_set * readset, fd_set * writeset) { - /* test whether sockets are 'alive' for read/write */ - if (c->istate == CHAN_INPUT_OPEN) - if (buffer_len(&c->input) < packet_get_maxsize()) - FD_SET(c->sock, readset); - if (c->ostate == CHAN_OUTPUT_OPEN || - c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { - if (buffer_len(&c->output) > 0) { - FD_SET(c->sock, writeset); - } else if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { - chan_obuf_empty(c); - } - } -} + u_int limit = compat20 ? c->remote_window : packet_get_maxsize(); -void -channel_pre_open_20(Channel *c, fd_set * readset, fd_set * writeset) -{ if (c->istate == CHAN_INPUT_OPEN && - c->remote_window > 0 && - buffer_len(&c->input) < c->remote_window) + limit > 0 && + buffer_len(&c->input) < limit) FD_SET(c->rfd, readset); if (c->ostate == CHAN_OUTPUT_OPEN || c->ostate == CHAN_OUTPUT_WAIT_DRAIN) { @@ -402,7 +710,7 @@ channel_pre_open_20(Channel *c, fd_set * readset, fd_set * writeset) } } /** XXX check close conditions, too */ - if (c->efd != -1) { + if (compat20 && c->efd != -1) { if (c->extended_usage == CHAN_EXTENDED_WRITE && buffer_len(&c->extended) > 0) FD_SET(c->efd, writeset); @@ -412,7 +720,7 @@ channel_pre_open_20(Channel *c, fd_set * readset, fd_set * writeset) } } -void +static void channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset) { if (buffer_len(&c->input) == 0) { @@ -424,11 +732,11 @@ channel_pre_input_draining(Channel *c, fd_set * readset, fd_set * writeset) } } -void +static void channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset) { if (buffer_len(&c->output) == 0) - channel_free(c->self); + chan_mark_dead(c); else FD_SET(c->sock, writeset); } @@ -440,19 +748,20 @@ channel_pre_output_draining(Channel *c, fd_set * readset, fd_set * writeset) * data in that packet is then substituted by the real data if it matches the * fake data, and the channel is put into normal mode. * XXX All this happens at the client side. + * Returns: 0 = need more data, -1 = wrong cookie, 1 = ok */ -int -x11_open_helper(Channel *c) +static int +x11_open_helper(Buffer *b) { u_char *ucp; u_int proto_len, data_len; /* Check if the fixed size part of the packet is in buffer. */ - if (buffer_len(&c->output) < 12) + if (buffer_len(b) < 12) return 0; /* Parse the lengths of variable-length fields. */ - ucp = (u_char *) buffer_ptr(&c->output); + ucp = buffer_ptr(b); if (ucp[0] == 0x42) { /* Byte order MSB first. */ proto_len = 256 * ucp[6] + ucp[7]; data_len = 256 * ucp[8] + ucp[9]; @@ -461,12 +770,12 @@ x11_open_helper(Channel *c) data_len = ucp[8] + 256 * ucp[9]; } else { debug("Initial X11 packet contains bad byte order byte: 0x%x", - ucp[0]); + ucp[0]); return -1; } /* Check if the whole packet is in buffer. */ - if (buffer_len(&c->output) < + if (buffer_len(b) < 12 + ((proto_len + 3) & ~3) + ((data_len + 3) & ~3)) return 0; @@ -499,10 +808,10 @@ x11_open_helper(Channel *c) return 1; } -void +static void channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset) { - int ret = x11_open_helper(c); + int ret = x11_open_helper(&c->output); if (ret == 1) { /* Start normal processing for the channel. */ c->type = SSH_CHANNEL_OPEN; @@ -515,7 +824,7 @@ channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset) log("X11 connection rejected because of wrong authentication."); buffer_clear(&c->input); buffer_clear(&c->output); - close(c->sock); + channel_close_fd(&c->sock); c->sock = -1; c->type = SSH_CHANNEL_CLOSED; packet_start(SSH_MSG_CHANNEL_CLOSE); @@ -524,31 +833,39 @@ channel_pre_x11_open_13(Channel *c, fd_set * readset, fd_set * writeset) } } -void +static void channel_pre_x11_open(Channel *c, fd_set * readset, fd_set * writeset) { - int ret = x11_open_helper(c); + int ret = x11_open_helper(&c->output); + + /* c->force_drain = 1; */ + if (ret == 1) { c->type = SSH_CHANNEL_OPEN; - if (compat20) - channel_pre_open_20(c, readset, writeset); - else - channel_pre_open_15(c, readset, writeset); + channel_pre_open(c, readset, writeset); } else if (ret == -1) { + log("X11 connection rejected because of wrong authentication."); debug("X11 rejected %d i%d/o%d", c->self, c->istate, c->ostate); - chan_read_failed(c); /** force close? */ - chan_write_failed(c); + chan_read_failed(c); + buffer_clear(&c->input); + chan_ibuf_empty(c); + buffer_clear(&c->output); + /* for proto v1, the peer will send an IEOF */ + if (compat20) + chan_write_failed(c); + else + c->type = SSH_CHANNEL_OPEN; debug("X11 closed %d i%d/o%d", c->self, c->istate, c->ostate); } } /* try to decode a socks4 header */ -int +static int channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) { u_char *p, *host; int len, have, i, found; - char username[256]; + char username[256]; struct { u_int8_t version; u_int8_t command; @@ -595,7 +912,7 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) host = inet_ntoa(s4_req.dest_addr); strlcpy(c->path, host, sizeof(c->path)); c->host_port = ntohs(s4_req.dest_port); - + debug("channel %d: dynamic request: socks4 host %s port %u command %u", c->self, host, c->host_port, s4_req.command); @@ -613,14 +930,14 @@ channel_decode_socks4(Channel *c, fd_set * readset, fd_set * writeset) } /* dynamic port forwarding */ -void +static void channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) { u_char *p; int have, ret; have = buffer_len(&c->input); - + c->delayed = 0; debug2("channel %d: pre_dynamic: have %d", c->self, have); /* buffer_dump(&c->input); */ /* check if the fixed size part of the packet is in buffer. */ @@ -640,7 +957,7 @@ channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) break; } if (ret < 0) { - channel_free(c->self); + chan_mark_dead(c); } else if (ret == 0) { debug2("channel %d: pre_dynamic: need more", c->self); /* need more */ @@ -653,11 +970,12 @@ channel_pre_dynamic(Channel *c, fd_set * readset, fd_set * writeset) } /* This is our fake X11 server socket. */ -void +static void channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) { + Channel *nc; struct sockaddr addr; - int newsock, newch; + int newsock; socklen_t addrlen; char buf[16384], *remote_ipaddr; int remote_port; @@ -666,25 +984,31 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) debug("X11 connection requested."); addrlen = sizeof(addr); newsock = accept(c->sock, &addr, &addrlen); + if (c->single_connection) { + debug("single_connection: closing X11 listener."); + channel_close_fd(&c->sock); + chan_mark_dead(c); + } if (newsock < 0) { error("accept: %.100s", strerror(errno)); return; } + set_nodelay(newsock); remote_ipaddr = get_peer_ipaddr(newsock); remote_port = get_peer_port(newsock); snprintf(buf, sizeof buf, "X11 connection from %.200s port %d", remote_ipaddr, remote_port); - newch = channel_new("x11", + nc = channel_new("accepted x11 socket", SSH_CHANNEL_OPENING, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, 0, xstrdup(buf), 1); if (compat20) { packet_start(SSH2_MSG_CHANNEL_OPEN); packet_put_cstring("x11"); - packet_put_int(newch); - packet_put_int(c->local_window_max); - packet_put_int(c->local_maxpacket); + packet_put_int(nc->self); + packet_put_int(nc->local_window_max); + packet_put_int(nc->local_maxpacket); /* originator ipaddr and port */ packet_put_cstring(remote_ipaddr); if (datafellows & SSH_BUG_X11FWD) { @@ -695,16 +1019,17 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset) packet_send(); } else { packet_start(SSH_SMSG_X11_OPEN); - packet_put_int(newch); - if (have_hostname_in_open) - packet_put_string(buf, strlen(buf)); + packet_put_int(nc->self); + if (packet_get_protocol_flags() & + SSH_PROTOFLAG_HOST_IN_FWD_OPEN) + packet_put_cstring(buf); packet_send(); } xfree(remote_ipaddr); } } -void +static void port_open_helper(Channel *c, char *rtype) { int direct; @@ -747,7 +1072,8 @@ port_open_helper(Channel *c, char *rtype) packet_put_int(c->self); packet_put_cstring(c->path); packet_put_int(c->host_port); - if (have_hostname_in_open) + if (packet_get_protocol_flags() & + SSH_PROTOFLAG_HOST_IN_FWD_OPEN) packet_put_cstring(c->remote_name); packet_send(); } @@ -757,12 +1083,12 @@ port_open_helper(Channel *c, char *rtype) /* * This socket is listening for connections to a forwarded TCP/IP port. */ -void +static void channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset) { Channel *nc; struct sockaddr addr; - int newsock, newch, nextstate; + int newsock, nextstate; socklen_t addrlen; char *rtype; @@ -771,10 +1097,18 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset) "to %.100s port %d requested.", c->listening_port, c->path, c->host_port); - rtype = (c->type == SSH_CHANNEL_RPORT_LISTENER) ? - "forwarded-tcpip" : "direct-tcpip"; - nextstate = (c->host_port == 0) ? SSH_CHANNEL_DYNAMIC : - SSH_CHANNEL_OPENING; + if (c->type == SSH_CHANNEL_RPORT_LISTENER) { + nextstate = SSH_CHANNEL_OPENING; + rtype = "forwarded-tcpip"; + } else { + if (c->host_port == 0) { + nextstate = SSH_CHANNEL_DYNAMIC; + rtype = "dynamic-tcpip"; + } else { + nextstate = SSH_CHANNEL_OPENING; + rtype = "direct-tcpip"; + } + } addrlen = sizeof(addr); newsock = accept(c->sock, &addr, &addrlen); @@ -782,22 +1116,25 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset) error("accept: %.100s", strerror(errno)); return; } - newch = channel_new(rtype, + set_nodelay(newsock); + nc = channel_new(rtype, nextstate, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, 0, xstrdup(rtype), 1); - - nc = channel_lookup(newch); - if (nc == NULL) { - error("xxx: no new channel:"); - return; - } nc->listening_port = c->listening_port; nc->host_port = c->host_port; strlcpy(nc->path, c->path, sizeof(nc->path)); - if (nextstate != SSH_CHANNEL_DYNAMIC) + if (nextstate == SSH_CHANNEL_DYNAMIC) { + /* + * do not call the channel_post handler until + * this flag has been reset by a pre-handler. + * otherwise the FD_ISSET calls might overflow + */ + nc->delayed = 1; + } else { port_open_helper(nc, rtype); + } } } @@ -805,11 +1142,13 @@ channel_post_port_listener(Channel *c, fd_set * readset, fd_set * writeset) * This is the authentication agent socket listening for connections from * clients. */ -void +static void channel_post_auth_listener(Channel *c, fd_set * readset, fd_set * writeset) { + Channel *nc; + char *name; + int newsock; struct sockaddr addr; - int newsock, newch; socklen_t addrlen; if (FD_ISSET(c->sock, readset)) { @@ -819,47 +1158,72 @@ channel_post_auth_listener(Channel *c, fd_set * readset, fd_set * writeset) error("accept from auth socket: %.100s", strerror(errno)); return; } - newch = channel_new("accepted auth socket", + name = xstrdup("accepted auth socket"); + nc = channel_new("accepted auth socket", SSH_CHANNEL_OPENING, newsock, newsock, -1, c->local_window_max, c->local_maxpacket, - 0, xstrdup("accepted auth socket"), 1); + 0, name, 1); if (compat20) { packet_start(SSH2_MSG_CHANNEL_OPEN); packet_put_cstring("auth-agent@openssh.com"); - packet_put_int(newch); + packet_put_int(nc->self); packet_put_int(c->local_window_max); packet_put_int(c->local_maxpacket); } else { packet_start(SSH_SMSG_AGENT_OPEN); - packet_put_int(newch); + packet_put_int(nc->self); } packet_send(); } } -void +static void channel_post_connecting(Channel *c, fd_set * readset, fd_set * writeset) { + int err = 0; + socklen_t sz = sizeof(err); + if (FD_ISSET(c->sock, writeset)) { - int err = 0; - int sz = sizeof(err); - c->type = SSH_CHANNEL_OPEN; - if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, (char *)&err, &sz) < 0) { - debug("getsockopt SO_ERROR failed"); + if (getsockopt(c->sock, SOL_SOCKET, SO_ERROR, &err, &sz) < 0) { + err = errno; + error("getsockopt SO_ERROR failed"); + } + if (err == 0) { + debug("channel %d: connected", c->self); + c->type = SSH_CHANNEL_OPEN; + if (compat20) { + packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(c->remote_id); + packet_put_int(c->self); + packet_put_int(c->local_window); + packet_put_int(c->local_maxpacket); + } else { + packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(c->remote_id); + packet_put_int(c->self); + } } else { - if (err == 0) { - debug("channel %d: connected)", c->self); + debug("channel %d: not connected: %s", + c->self, strerror(err)); + if (compat20) { + packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(c->remote_id); + packet_put_int(SSH2_OPEN_CONNECT_FAILED); + if (!(datafellows & SSH_BUG_OPENFAILURE)) { + packet_put_cstring(strerror(err)); + packet_put_cstring(""); + } } else { - debug("channel %d: not connected: %s", - c->self, strerror(err)); - chan_read_failed(c); - chan_write_failed(c); + packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(c->remote_id); } + chan_mark_dead(c); } + packet_send(); } } -int +static int channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset) { char buf[16*1024]; @@ -875,18 +1239,18 @@ channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset) c->self, c->rfd, len); if (c->type != SSH_CHANNEL_OPEN) { debug("channel %d: not open", c->self); - channel_free(c->self); + chan_mark_dead(c); return -1; } else if (compat13) { - buffer_consume(&c->output, buffer_len(&c->output)); + buffer_clear(&c->output); c->type = SSH_CHANNEL_INPUT_DRAINING; - debug("channel %d: status set to input draining.", c->self); + debug("channel %d: input draining.", c->self); } else { chan_read_failed(c); } return -1; } - if(c->input_filter != NULL) { + if (c->input_filter != NULL) { if (c->input_filter(c, buf, len) == -1) { debug("channel %d: filter stops", c->self); chan_read_failed(c); @@ -897,35 +1261,38 @@ channel_handle_rfd(Channel *c, fd_set * readset, fd_set * writeset) } return 1; } -int +static int channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) { struct termios tio; + u_char *data; + u_int dlen; int len; /* Send buffered output data to the socket. */ if (c->wfd != -1 && FD_ISSET(c->wfd, writeset) && buffer_len(&c->output) > 0) { - len = write(c->wfd, buffer_ptr(&c->output), - buffer_len(&c->output)); + data = buffer_ptr(&c->output); + dlen = buffer_len(&c->output); + len = write(c->wfd, data, dlen); if (len < 0 && (errno == EINTR || errno == EAGAIN)) return 1; if (len <= 0) { if (c->type != SSH_CHANNEL_OPEN) { debug("channel %d: not open", c->self); - channel_free(c->self); + chan_mark_dead(c); return -1; } else if (compat13) { - buffer_consume(&c->output, buffer_len(&c->output)); - debug("channel %d: status set to input draining.", c->self); + buffer_clear(&c->output); + debug("channel %d: input draining.", c->self); c->type = SSH_CHANNEL_INPUT_DRAINING; } else { chan_write_failed(c); } return -1; } - if (compat20 && c->isatty) { + if (compat20 && c->isatty && dlen >= 1 && data[0] != '\r') { if (tcgetattr(c->wfd, &tio) == 0 && !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { /* @@ -945,7 +1312,7 @@ channel_handle_wfd(Channel *c, fd_set * readset, fd_set * writeset) } return 1; } -int +static int channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) { char buf[16*1024]; @@ -965,8 +1332,7 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) if (len <= 0) { debug2("channel %d: closing write-efd %d", c->self, c->efd); - close(c->efd); - c->efd = -1; + channel_close_fd(&c->efd); } else { buffer_consume(&c->extended, len); c->local_consumed += len; @@ -975,14 +1341,13 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) FD_ISSET(c->efd, readset)) { len = read(c->efd, buf, sizeof(buf)); debug2("channel %d: read %d from efd %d", - c->self, len, c->efd); + c->self, len, c->efd); if (len < 0 && (errno == EINTR || errno == EAGAIN)) return 1; if (len <= 0) { debug2("channel %d: closing read-efd %d", c->self, c->efd); - close(c->efd); - c->efd = -1; + channel_close_fd(&c->efd); } else { buffer_append(&c->extended, buf, len); } @@ -990,7 +1355,7 @@ channel_handle_efd(Channel *c, fd_set * readset, fd_set * writeset) } return 1; } -int +static int channel_check_window(Channel *c) { if (c->type == SSH_CHANNEL_OPEN && @@ -1010,24 +1375,20 @@ channel_check_window(Channel *c) return 1; } -void -channel_post_open_1(Channel *c, fd_set * readset, fd_set * writeset) -{ - channel_handle_rfd(c, readset, writeset); - channel_handle_wfd(c, readset, writeset); -} - -void -channel_post_open_2(Channel *c, fd_set * readset, fd_set * writeset) +static void +channel_post_open(Channel *c, fd_set * readset, fd_set * writeset) { + if (c->delayed) + return; channel_handle_rfd(c, readset, writeset); channel_handle_wfd(c, readset, writeset); + if (!compat20) + return; channel_handle_efd(c, readset, writeset); - channel_check_window(c); } -void +static void channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset) { int len; @@ -1036,16 +1397,16 @@ channel_post_output_drain_13(Channel *c, fd_set * readset, fd_set * writeset) len = write(c->sock, buffer_ptr(&c->output), buffer_len(&c->output)); if (len <= 0) - buffer_consume(&c->output, buffer_len(&c->output)); + buffer_clear(&c->output); else buffer_consume(&c->output, len); } } -void +static void channel_handler_init_20(void) { - channel_pre[SSH_CHANNEL_OPEN] = &channel_pre_open_20; + channel_pre[SSH_CHANNEL_OPEN] = &channel_pre_open; channel_pre[SSH_CHANNEL_X11_OPEN] = &channel_pre_x11_open; channel_pre[SSH_CHANNEL_PORT_LISTENER] = &channel_pre_listener; channel_pre[SSH_CHANNEL_RPORT_LISTENER] = &channel_pre_listener; @@ -1054,16 +1415,16 @@ channel_handler_init_20(void) channel_pre[SSH_CHANNEL_CONNECTING] = &channel_pre_connecting; channel_pre[SSH_CHANNEL_DYNAMIC] = &channel_pre_dynamic; - channel_post[SSH_CHANNEL_OPEN] = &channel_post_open_2; + channel_post[SSH_CHANNEL_OPEN] = &channel_post_open; channel_post[SSH_CHANNEL_PORT_LISTENER] = &channel_post_port_listener; channel_post[SSH_CHANNEL_RPORT_LISTENER] = &channel_post_port_listener; channel_post[SSH_CHANNEL_X11_LISTENER] = &channel_post_x11_listener; channel_post[SSH_CHANNEL_AUTH_SOCKET] = &channel_post_auth_listener; channel_post[SSH_CHANNEL_CONNECTING] = &channel_post_connecting; - channel_post[SSH_CHANNEL_DYNAMIC] = &channel_post_open_2; + channel_post[SSH_CHANNEL_DYNAMIC] = &channel_post_open; } -void +static void channel_handler_init_13(void) { channel_pre[SSH_CHANNEL_OPEN] = &channel_pre_open_13; @@ -1076,19 +1437,19 @@ channel_handler_init_13(void) channel_pre[SSH_CHANNEL_CONNECTING] = &channel_pre_connecting; channel_pre[SSH_CHANNEL_DYNAMIC] = &channel_pre_dynamic; - channel_post[SSH_CHANNEL_OPEN] = &channel_post_open_1; + channel_post[SSH_CHANNEL_OPEN] = &channel_post_open; channel_post[SSH_CHANNEL_X11_LISTENER] = &channel_post_x11_listener; channel_post[SSH_CHANNEL_PORT_LISTENER] = &channel_post_port_listener; channel_post[SSH_CHANNEL_AUTH_SOCKET] = &channel_post_auth_listener; channel_post[SSH_CHANNEL_OUTPUT_DRAINING] = &channel_post_output_drain_13; channel_post[SSH_CHANNEL_CONNECTING] = &channel_post_connecting; - channel_post[SSH_CHANNEL_DYNAMIC] = &channel_post_open_1; + channel_post[SSH_CHANNEL_DYNAMIC] = &channel_post_open; } -void +static void channel_handler_init_15(void) { - channel_pre[SSH_CHANNEL_OPEN] = &channel_pre_open_15; + channel_pre[SSH_CHANNEL_OPEN] = &channel_pre_open; channel_pre[SSH_CHANNEL_X11_OPEN] = &channel_pre_x11_open; channel_pre[SSH_CHANNEL_X11_LISTENER] = &channel_pre_listener; channel_pre[SSH_CHANNEL_PORT_LISTENER] = &channel_pre_listener; @@ -1099,16 +1460,16 @@ channel_handler_init_15(void) channel_post[SSH_CHANNEL_X11_LISTENER] = &channel_post_x11_listener; channel_post[SSH_CHANNEL_PORT_LISTENER] = &channel_post_port_listener; channel_post[SSH_CHANNEL_AUTH_SOCKET] = &channel_post_auth_listener; - channel_post[SSH_CHANNEL_OPEN] = &channel_post_open_1; + channel_post[SSH_CHANNEL_OPEN] = &channel_post_open; channel_post[SSH_CHANNEL_CONNECTING] = &channel_post_connecting; - channel_post[SSH_CHANNEL_DYNAMIC] = &channel_post_open_1; + channel_post[SSH_CHANNEL_DYNAMIC] = &channel_post_open; } -void +static void channel_handler_init(void) { int i; - for(i = 0; i < SSH_CHANNEL_MAX_TYPE; i++) { + for (i = 0; i < SSH_CHANNEL_MAX_TYPE; i++) { channel_pre[i] = NULL; channel_post[i] = NULL; } @@ -1120,7 +1481,29 @@ channel_handler_init(void) channel_handler_init_15(); } -void +/* gc dead channels */ +static void +channel_garbage_collect(Channel *c) +{ + if (c == NULL) + return; + if (c->detach_user != NULL) { + if (!chan_is_dead(c, 0)) + return; + debug("channel %d: gc: notify user", c->self); + c->detach_user(c->self, NULL); + /* if we still have a callback */ + if (c->detach_user != NULL) + return; + debug("channel %d: gc: user detached", c->self); + } + if (!chan_is_dead(c, 1)) + return; + debug("channel %d: garbage collecting", c->self); + channel_free(c); +} + +static void channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset) { static int did_init = 0; @@ -1132,36 +1515,22 @@ channel_handler(chan_fn *ftab[], fd_set * readset, fd_set * writeset) did_init = 1; } for (i = 0; i < channels_alloc; i++) { - c = &channels[i]; - if (c->type == SSH_CHANNEL_FREE) - continue; - if (ftab[c->type] == NULL) + c = channels[i]; + if (c == NULL) continue; - (*ftab[c->type])(c, readset, writeset); - if (chan_is_dead(c)) { - /* - * we have to remove the fd's from the select mask - * before the channels are free'd and the fd's are - * closed - */ - if (c->wfd != -1) - FD_CLR(c->wfd, writeset); - if (c->rfd != -1) - FD_CLR(c->rfd, readset); - if (c->efd != -1) { - if (c->extended_usage == CHAN_EXTENDED_READ) - FD_CLR(c->efd, readset); - if (c->extended_usage == CHAN_EXTENDED_WRITE) - FD_CLR(c->efd, writeset); - } - channel_free(c->self); - } + if (ftab[c->type] != NULL) + (*ftab[c->type])(c, readset, writeset); + channel_garbage_collect(c); } } +/* + * Allocate/update select bitmasks and add any bits relevant to channels in + * select bitmasks. + */ void channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, - int rekeying) + int *nallocp, int rekeying) { int n; u_int sz; @@ -1169,15 +1538,13 @@ channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, n = MAX(*maxfdp, channel_max_fd); sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); - if (*readsetp == NULL || n > *maxfdp) { - if (*readsetp) - xfree(*readsetp); - if (*writesetp) - xfree(*writesetp); - *readsetp = xmalloc(sz); - *writesetp = xmalloc(sz); - *maxfdp = n; + /* perhaps check sz < nalloc/2 and shrink? */ + if (*readsetp == NULL || sz > *nallocp) { + *readsetp = xrealloc(*readsetp, sz); + *writesetp = xrealloc(*writesetp, sz); + *nallocp = sz; } + *maxfdp = n; memset(*readsetp, 0, sz); memset(*writesetp, 0, sz); @@ -1185,24 +1552,34 @@ channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, channel_handler(channel_pre, *readsetp, *writesetp); } +/* + * After select, perform any appropriate operations for channels which have + * events pending. + */ void channel_after_select(fd_set * readset, fd_set * writeset) { channel_handler(channel_post, readset, writeset); } + /* If there is data to send to the connection, enqueue some of it now. */ void -channel_output_poll() +channel_output_poll(void) { int len, i; Channel *c; for (i = 0; i < channels_alloc; i++) { - c = &channels[i]; + c = channels[i]; + if (c == NULL) + continue; - /* We are only interested in channels that can have buffered incoming data. */ + /* + * We are only interested in channels that can have buffered + * incoming data. + */ if (compat13) { if (c->type != SSH_CHANNEL_OPEN && c->type != SSH_CHANNEL_INPUT_DRAINING) @@ -1214,7 +1591,7 @@ channel_output_poll() if (compat20 && (c->flags & (CHAN_CLOSE_SENT|CHAN_CLOSE_RCVD))) { /* XXX is this true? */ - debug2("channel %d: no data after CLOSE", c->self); + debug3("channel %d: will not send data after close", c->self); continue; } @@ -1222,7 +1599,10 @@ channel_output_poll() if ((c->istate == CHAN_INPUT_OPEN || c->istate == CHAN_INPUT_WAIT_DRAIN) && (len = buffer_len(&c->input)) > 0) { - /* Send some data for the other side over the secure connection. */ + /* + * Send some data for the other side over the secure + * connection. + */ if (compat20) { if (len > c->remote_window) len = c->remote_window; @@ -1280,14 +1660,11 @@ channel_output_poll() } } -/* - * This is called when a packet of type CHANNEL_DATA has just been received. - * The message type has already been consumed, but channel number and data is - * still there. - */ + +/* -- protocol input */ void -channel_input_data(int type, int plen, void *ctxt) +channel_input_data(int type, u_int32_t seq, void *ctxt) { int id; char *data; @@ -1311,9 +1688,8 @@ channel_input_data(int type, int plen, void *ctxt) /* Get the data. */ data = packet_get_string(&data_len); - packet_done(); - if (compat20){ + if (compat20) { if (data_len > c->local_maxpacket) { log("channel %d: rcvd big packet %d, maxpack %d", c->self, data_len, c->local_maxpacket); @@ -1325,14 +1701,14 @@ channel_input_data(int type, int plen, void *ctxt) return; } c->local_window -= data_len; - }else{ - packet_integrity_check(plen, 4 + 4 + data_len, type); } + packet_check_eom(); buffer_append(&c->output, data, data_len); xfree(data); } + void -channel_input_extended_data(int type, int plen, void *ctxt) +channel_input_extended_data(int type, u_int32_t seq, void *ctxt) { int id; int tcode; @@ -1358,7 +1734,7 @@ channel_input_extended_data(int type, int plen, void *ctxt) return; } data = packet_get_string(&data_len); - packet_done(); + packet_check_eom(); if (data_len > c->local_window) { log("channel %d: rcvd too much extended_data %d, win %d", c->self, data_len, c->local_window); @@ -1371,60 +1747,37 @@ channel_input_extended_data(int type, int plen, void *ctxt) xfree(data); } - -/* - * Returns true if no channel has too much buffered data, and false if one or - * more channel is overfull. - */ - -int -channel_not_very_much_buffered_data() -{ - u_int i; - Channel *c; - - for (i = 0; i < channels_alloc; i++) { - c = &channels[i]; - if (c->type == SSH_CHANNEL_OPEN) { - if (!compat20 && buffer_len(&c->input) > packet_get_maxsize()) { - debug("channel %d: big input buffer %d", - c->self, buffer_len(&c->input)); - return 0; - } - if (buffer_len(&c->output) > packet_get_maxsize()) { - debug("channel %d: big output buffer %d", - c->self, buffer_len(&c->output)); - return 0; - } - } - } - return 1; -} - void -channel_input_ieof(int type, int plen, void *ctxt) +channel_input_ieof(int type, u_int32_t seq, void *ctxt) { int id; Channel *c; - packet_integrity_check(plen, 4, type); - id = packet_get_int(); + packet_check_eom(); c = channel_lookup(id); if (c == NULL) packet_disconnect("Received ieof for nonexistent channel %d.", id); chan_rcvd_ieof(c); + + /* XXX force input close */ + if (c->force_drain && c->istate == CHAN_INPUT_OPEN) { + debug("channel %d: FORCE input drain", c->self); + c->istate = CHAN_INPUT_WAIT_DRAIN; + if (buffer_len(&c->input) == 0) + chan_ibuf_empty(c); + } + } void -channel_input_close(int type, int plen, void *ctxt) +channel_input_close(int type, u_int32_t seq, void *ctxt) { int id; Channel *c; - packet_integrity_check(plen, 4, type); - id = packet_get_int(); + packet_check_eom(); c = channel_lookup(id); if (c == NULL) packet_disconnect("Received close for nonexistent channel %d.", id); @@ -1449,48 +1802,46 @@ channel_input_close(int type, int plen, void *ctxt) * Not a closed channel - mark it as draining, which will * cause it to be freed later. */ - buffer_consume(&c->input, buffer_len(&c->input)); + buffer_clear(&c->input); c->type = SSH_CHANNEL_OUTPUT_DRAINING; } } /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ void -channel_input_oclose(int type, int plen, void *ctxt) +channel_input_oclose(int type, u_int32_t seq, void *ctxt) { int id = packet_get_int(); Channel *c = channel_lookup(id); - packet_integrity_check(plen, 4, type); + + packet_check_eom(); if (c == NULL) packet_disconnect("Received oclose for nonexistent channel %d.", id); chan_rcvd_oclose(c); } void -channel_input_close_confirmation(int type, int plen, void *ctxt) +channel_input_close_confirmation(int type, u_int32_t seq, void *ctxt) { int id = packet_get_int(); Channel *c = channel_lookup(id); - packet_done(); + packet_check_eom(); if (c == NULL) packet_disconnect("Received close confirmation for " "out-of-range channel %d.", id); if (c->type != SSH_CHANNEL_CLOSED) packet_disconnect("Received close confirmation for " "non-closed channel %d (type %d).", id, c->type); - channel_free(c->self); + channel_free(c); } void -channel_input_open_confirmation(int type, int plen, void *ctxt) +channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt) { int id, remote_id; Channel *c; - if (!compat20) - packet_integrity_check(plen, 4 + 4, type); - id = packet_get_int(); c = channel_lookup(id); @@ -1505,27 +1856,40 @@ channel_input_open_confirmation(int type, int plen, void *ctxt) if (compat20) { c->remote_window = packet_get_int(); c->remote_maxpacket = packet_get_int(); - packet_done(); - if (c->cb_fn != NULL && c->cb_event == type) { + if (c->confirm) { debug2("callback start"); - c->cb_fn(c->self, c->cb_arg); + c->confirm(c->self, NULL); debug2("callback done"); } debug("channel %d: open confirm rwindow %d rmax %d", c->self, c->remote_window, c->remote_maxpacket); } + packet_check_eom(); +} + +static char * +reason2txt(int reason) +{ + switch (reason) { + case SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED: + return "administratively prohibited"; + case SSH2_OPEN_CONNECT_FAILED: + return "connect failed"; + case SSH2_OPEN_UNKNOWN_CHANNEL_TYPE: + return "unknown channel type"; + case SSH2_OPEN_RESOURCE_SHORTAGE: + return "resource shortage"; + } + return "unknown reason"; } void -channel_input_open_failure(int type, int plen, void *ctxt) +channel_input_open_failure(int type, u_int32_t seq, void *ctxt) { int id, reason; char *msg = NULL, *lang = NULL; Channel *c; - if (!compat20) - packet_integrity_check(plen, 4, type); - id = packet_get_int(); c = channel_lookup(id); @@ -1534,49 +1898,24 @@ channel_input_open_failure(int type, int plen, void *ctxt) "non-opening channel %d.", id); if (compat20) { reason = packet_get_int(); - if (packet_remaining() > 0) { + if (!(datafellows & SSH_BUG_OPENFAILURE)) { msg = packet_get_string(NULL); lang = packet_get_string(NULL); } - packet_done(); - log("channel_open_failure: %d: reason %d %s", id, - reason, msg ? msg : "<no additional info>"); + log("channel %d: open failed: %s%s%s", id, + reason2txt(reason), msg ? ": ": "", msg ? msg : ""); if (msg != NULL) xfree(msg); if (lang != NULL) xfree(lang); } + packet_check_eom(); /* Free the channel. This will also close the socket. */ - channel_free(id); + channel_free(c); } void -channel_input_channel_request(int type, int plen, void *ctxt) -{ - int id; - Channel *c; - - id = packet_get_int(); - c = channel_lookup(id); - - if (c == NULL || - (c->type != SSH_CHANNEL_OPEN && c->type != SSH_CHANNEL_LARVAL)) - packet_disconnect("Received request for " - "non-open channel %d.", id); - if (c->cb_fn != NULL && c->cb_event == type) { - debug2("callback start"); - c->cb_fn(c->self, c->cb_arg); - debug2("callback done"); - } else { - char *service = packet_get_string(NULL); - debug("channel %d: rcvd request for %s", c->self, service); - debug("cb_fn %p cb_event %d", c->cb_fn , c->cb_event); - xfree(service); - } -} - -void -channel_input_window_adjust(int type, int plen, void *ctxt) +channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) { Channel *c; int id, adjust; @@ -1594,224 +1933,77 @@ channel_input_window_adjust(int type, int plen, void *ctxt) return; } adjust = packet_get_int(); - packet_done(); + packet_check_eom(); debug2("channel %d: rcvd adjust %d", id, adjust); c->remote_window += adjust; } -/* - * Stops listening for channels, and removes any unix domain sockets that we - * might have. - */ - -void -channel_stop_listening() -{ - int i; - for (i = 0; i < channels_alloc; i++) { - switch (channels[i].type) { - case SSH_CHANNEL_AUTH_SOCKET: - close(channels[i].sock); - unlink(channels[i].path); - channel_free(i); - break; - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_RPORT_LISTENER: - case SSH_CHANNEL_X11_LISTENER: - close(channels[i].sock); - channel_free(i); - break; - default: - break; - } - } -} - -/* - * Closes the sockets/fds of all channels. This is used to close extra file - * descriptors after a fork. - */ - void -channel_close_all() +channel_input_port_open(int type, u_int32_t seq, void *ctxt) { - int i; - for (i = 0; i < channels_alloc; i++) - if (channels[i].type != SSH_CHANNEL_FREE) - channel_close_fds(&channels[i]); -} - -/* Returns true if any channel is still open. */ - -int -channel_still_open() -{ - u_int i; - for (i = 0; i < channels_alloc; i++) - switch (channels[i].type) { - case SSH_CHANNEL_FREE: - case SSH_CHANNEL_X11_LISTENER: - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_RPORT_LISTENER: - case SSH_CHANNEL_CLOSED: - case SSH_CHANNEL_AUTH_SOCKET: - case SSH_CHANNEL_DYNAMIC: - case SSH_CHANNEL_CONNECTING: /* XXX ??? */ - continue; - case SSH_CHANNEL_LARVAL: - if (!compat20) - fatal("cannot happen: SSH_CHANNEL_LARVAL"); - continue; - case SSH_CHANNEL_OPENING: - case SSH_CHANNEL_OPEN: - case SSH_CHANNEL_X11_OPEN: - return 1; - case SSH_CHANNEL_INPUT_DRAINING: - case SSH_CHANNEL_OUTPUT_DRAINING: - if (!compat13) - fatal("cannot happen: OUT_DRAIN"); - return 1; - default: - fatal("channel_still_open: bad channel type %d", channels[i].type); - /* NOTREACHED */ - } - return 0; -} + Channel *c = NULL; + u_short host_port; + char *host, *originator_string; + int remote_id, sock = -1; -/* Returns the id of an open channel suitable for keepaliving */ + remote_id = packet_get_int(); + host = packet_get_string(NULL); + host_port = packet_get_int(); -int -channel_find_open() -{ - u_int i; - for (i = 0; i < channels_alloc; i++) - switch (channels[i].type) { - case SSH_CHANNEL_CLOSED: - case SSH_CHANNEL_DYNAMIC: - case SSH_CHANNEL_FREE: - case SSH_CHANNEL_X11_LISTENER: - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_RPORT_LISTENER: - case SSH_CHANNEL_OPENING: - continue; - case SSH_CHANNEL_LARVAL: - case SSH_CHANNEL_AUTH_SOCKET: - case SSH_CHANNEL_CONNECTING: /* XXX ??? */ - case SSH_CHANNEL_OPEN: - case SSH_CHANNEL_X11_OPEN: - return i; - case SSH_CHANNEL_INPUT_DRAINING: - case SSH_CHANNEL_OUTPUT_DRAINING: - if (!compat13) - fatal("cannot happen: OUT_DRAIN"); - return i; - default: - fatal("channel_find_open: bad channel type %d", channels[i].type); - /* NOTREACHED */ - } - return -1; + if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) { + originator_string = packet_get_string(NULL); + } else { + originator_string = xstrdup("unknown (remote did not supply name)"); + } + packet_check_eom(); + sock = channel_connect_to(host, host_port); + if (sock != -1) { + c = channel_new("connected socket", + SSH_CHANNEL_CONNECTING, sock, sock, -1, 0, 0, 0, + originator_string, 1); + c->remote_id = remote_id; + } + if (c == NULL) { + packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(remote_id); + packet_send(); + } + xfree(host); } -/* - * Returns a message describing the currently open forwarded connections, - * suitable for sending to the client. The message contains crlf pairs for - * newlines. - */ - -char * -channel_open_message() -{ - Buffer buffer; - int i; - char buf[512], *cp; +/* -- tcp forwarding */ - buffer_init(&buffer); - snprintf(buf, sizeof buf, "The following connections are open:\r\n"); - buffer_append(&buffer, buf, strlen(buf)); - for (i = 0; i < channels_alloc; i++) { - Channel *c = &channels[i]; - switch (c->type) { - case SSH_CHANNEL_FREE: - case SSH_CHANNEL_X11_LISTENER: - case SSH_CHANNEL_PORT_LISTENER: - case SSH_CHANNEL_RPORT_LISTENER: - case SSH_CHANNEL_CLOSED: - case SSH_CHANNEL_AUTH_SOCKET: - continue; - case SSH_CHANNEL_LARVAL: - case SSH_CHANNEL_OPENING: - case SSH_CHANNEL_CONNECTING: - case SSH_CHANNEL_DYNAMIC: - case SSH_CHANNEL_OPEN: - case SSH_CHANNEL_X11_OPEN: - case SSH_CHANNEL_INPUT_DRAINING: - case SSH_CHANNEL_OUTPUT_DRAINING: - snprintf(buf, sizeof buf, " #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d)\r\n", - c->self, c->remote_name, - c->type, c->remote_id, - c->istate, buffer_len(&c->input), - c->ostate, buffer_len(&c->output), - c->rfd, c->wfd); - buffer_append(&buffer, buf, strlen(buf)); - continue; - default: - fatal("channel_open_message: bad channel type %d", c->type); - /* NOTREACHED */ - } - } - buffer_append(&buffer, "\0", 1); - cp = xstrdup(buffer_ptr(&buffer)); - buffer_free(&buffer); - return cp; -} - -/* - * Initiate forwarding of connections to local port "port" through the secure - * channel to host:port from remote side. - */ -int -channel_request_local_forwarding(u_short listen_port, const char *host_to_connect, - u_short port_to_connect, int gateway_ports) +void +channel_set_af(int af) { - return channel_request_forwarding( - NULL, listen_port, - host_to_connect, port_to_connect, - gateway_ports, /*remote_fwd*/ 0); + IPv4or6 = af; } -/* - * If 'remote_fwd' is true we have a '-R style' listener for protocol 2 - * (SSH_CHANNEL_RPORT_LISTENER). - */ -int -channel_request_forwarding( - const char *listen_address, u_short listen_port, - const char *host_to_connect, u_short port_to_connect, - int gateway_ports, int remote_fwd) +static int +channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_port, + const char *host_to_connect, u_short port_to_connect, int gateway_ports) { - int success, ch, sock, on = 1, ctype; + Channel *c; + int success, sock, on = 1; struct addrinfo hints, *ai, *aitop; - char ntop[NI_MAXHOST], strport[NI_MAXSERV]; const char *host; + char ntop[NI_MAXHOST], strport[NI_MAXSERV]; struct linger linger; success = 0; + host = (type == SSH_CHANNEL_RPORT_LISTENER) ? + listen_addr : host_to_connect; - if (remote_fwd) { - host = listen_address; - ctype = SSH_CHANNEL_RPORT_LISTENER; - } else { - host = host_to_connect; - ctype =SSH_CHANNEL_PORT_LISTENER; + if (host == NULL) { + error("No forward host name."); + return success; } - - if (strlen(host) > sizeof(channels[0].path) - 1) { + if (strlen(host) > SSH_CHANNEL_PATH_LEN - 1) { error("Forward host name too long."); return success; } - /* XXX listen_address is currently ignored */ /* * getaddrinfo returns a loopback address if the hostname is * set to NULL and hints.ai_flags is not AI_PASSIVE @@ -1829,7 +2021,7 @@ channel_request_forwarding( continue; if (getnameinfo(ai->ai_addr, ai->ai_addrlen, ntop, sizeof(ntop), strport, sizeof(strport), NI_NUMERICHOST|NI_NUMERICSERV) != 0) { - error("channel_request_forwarding: getnameinfo failed"); + error("channel_setup_fwd_listener: getnameinfo failed"); continue; } /* Create a port to listen for the host. */ @@ -1843,10 +2035,10 @@ channel_request_forwarding( * Set socket options. We would like the socket to disappear * as soon as it has been closed for whatever reason. */ - setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)); linger.l_onoff = 1; linger.l_linger = 5; - setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *)&linger, sizeof(linger)); + setsockopt(sock, SOL_SOCKET, SO_LINGER, &linger, sizeof(linger)); debug("Local forwarding listening on %s port %s.", ntop, strport); /* Bind the socket to the address. */ @@ -1863,21 +2055,39 @@ channel_request_forwarding( continue; } /* Allocate a channel number for the socket. */ - ch = channel_new("port listener", ctype, sock, sock, -1, + c = channel_new("port listener", type, sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, xstrdup("port listener"), 1); - strlcpy(channels[ch].path, host, sizeof(channels[ch].path)); - channels[ch].host_port = port_to_connect; - channels[ch].listening_port = listen_port; + strlcpy(c->path, host, sizeof(c->path)); + c->host_port = port_to_connect; + c->listening_port = listen_port; success = 1; } if (success == 0) - error("channel_request_forwarding: cannot listen to port: %d", + error("channel_setup_fwd_listener: cannot listen to port: %d", listen_port); freeaddrinfo(aitop); return success; } +/* protocol local port fwd, used by ssh (and sshd in v1) */ +int +channel_setup_local_fwd_listener(u_short listen_port, + const char *host_to_connect, u_short port_to_connect, int gateway_ports) +{ + return channel_setup_fwd_listener(SSH_CHANNEL_PORT_LISTENER, + NULL, listen_port, host_to_connect, port_to_connect, gateway_ports); +} + +/* protocol v2 remote port fwd, used by sshd */ +int +channel_setup_remote_fwd_listener(const char *listen_address, + u_short listen_port, int gateway_ports) +{ + return channel_setup_fwd_listener(SSH_CHANNEL_RPORT_LISTENER, + listen_address, listen_port, NULL, 0, gateway_ports); +} + /* * Initiate forwarding of connections to port "port" on remote host through * the secure channel to host:port from local side. @@ -1887,7 +2097,7 @@ void channel_request_remote_forwarding(u_short listen_port, const char *host_to_connect, u_short port_to_connect) { - int payload_len, type, success = 0; + int type, success = 0; /* Record locally that connection to this host/port is permitted. */ if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION) @@ -1914,7 +2124,7 @@ channel_request_remote_forwarding(u_short listen_port, packet_write_wait(); /* Wait for response from the remote side. */ - type = packet_read(&payload_len); + type = packet_read(); switch (type) { case SSH_SMSG_SUCCESS: success = 1; @@ -1961,7 +2171,7 @@ channel_input_port_forward_request(int is_root, int gateway_ports) packet_disconnect("Requested forwarding of port %d but user is not root.", port); /* Initiate forwarding */ - channel_request_local_forwarding(port, hostname, host_port, gateway_ports); + channel_setup_local_fwd_listener(port, hostname, host_port, gateway_ports); /* Free the argument string. */ xfree(hostname); @@ -1973,7 +2183,7 @@ channel_input_port_forward_request(int is_root, int gateway_ports) * anyway, and the server has no way to know but to trust the client anyway. */ void -channel_permit_all_opens() +channel_permit_all_opens(void) { if (num_permitted_opens == 0) all_opens_permitted = 1; @@ -2006,7 +2216,7 @@ channel_clear_permitted_opens(void) /* return socket to remote host, port */ -int +static int connect_to(const char *host, u_short port) { struct addrinfo hints, *ai, *aitop; @@ -2054,11 +2264,12 @@ connect_to(const char *host, u_short port) return -1; } /* success */ + set_nodelay(sock); return sock; } int -channel_connect_by_listen_adress(u_short listen_port) +channel_connect_by_listen_address(u_short listen_port) { int i; @@ -2094,79 +2305,36 @@ channel_connect_to(const char *host, u_short port) return connect_to(host, port); } -/* - * This is called after receiving PORT_OPEN message. This attempts to - * connect to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION - * or CHANNEL_OPEN_FAILURE. - */ - -void -channel_input_port_open(int type, int plen, void *ctxt) -{ - u_short host_port; - char *host, *originator_string; - int remote_channel, sock = -1, newch; - - remote_channel = packet_get_int(); - host = packet_get_string(NULL); - host_port = packet_get_int(); - - if (have_hostname_in_open) { - originator_string = packet_get_string(NULL); - } else { - originator_string = xstrdup("unknown (remote did not supply name)"); - } - packet_done(); - sock = channel_connect_to(host, host_port); - if (sock != -1) { - newch = channel_allocate(SSH_CHANNEL_CONNECTING, - sock, originator_string); - channels[newch].remote_id = remote_channel; - - /*XXX delay answer? */ - packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(remote_channel); - packet_put_int(newch); - packet_send(); - } else { - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remote_channel); - packet_send(); - } - xfree(host); -} +/* -- X11 forwarding */ /* * Creates an internet domain socket for listening for X11 connections. - * Returns a suitable value for the DISPLAY variable, or NULL if an error - * occurs. + * Returns a suitable display number for the DISPLAY variable, or -1 if + * an error occurs. */ - -#define NUM_SOCKS 10 - -char * -x11_create_display_inet(int screen_number, int x11_display_offset) +int +x11_create_display_inet(int x11_display_offset, int x11_use_localhost, + int single_connection) { + Channel *nc = NULL; int display_number, sock; u_short port; struct addrinfo hints, *ai, *aitop; char strport[NI_MAXSERV]; int gaierr, n, num_socks = 0, socks[NUM_SOCKS]; - char display[512]; - char hostname[MAXHOSTNAMELEN]; for (display_number = x11_display_offset; - display_number < MAX_DISPLAYS; - display_number++) { + display_number < MAX_DISPLAYS; + display_number++) { port = 6000 + display_number; memset(&hints, 0, sizeof(hints)); hints.ai_family = IPv4or6; - hints.ai_flags = AI_PASSIVE; /* XXX loopback only ? */ + hints.ai_flags = x11_use_localhost ? 0: AI_PASSIVE; hints.ai_socktype = SOCK_STREAM; snprintf(strport, sizeof strport, "%d", port); if ((gaierr = getaddrinfo(NULL, strport, &hints, &aitop)) != 0) { error("getaddrinfo: %.100s", gai_strerror(gaierr)); - return NULL; + return -1; } for (ai = aitop; ai; ai = ai->ai_next) { if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) @@ -2174,14 +2342,12 @@ x11_create_display_inet(int screen_number, int x11_display_offset) sock = socket(ai->ai_family, SOCK_STREAM, 0); if (sock < 0) { error("socket: %.100s", strerror(errno)); - return NULL; + return -1; } if (bind(sock, ai->ai_addr, ai->ai_addrlen) < 0) { debug("bind port %d: %.100s", port, strerror(errno)); - shutdown(sock, SHUT_RDWR); close(sock); for (n = 0; n < num_socks; n++) { - shutdown(socks[n], SHUT_RDWR); close(socks[n]); } num_socks = 0; @@ -2197,67 +2363,47 @@ x11_create_display_inet(int screen_number, int x11_display_offset) } if (display_number >= MAX_DISPLAYS) { error("Failed to allocate internet-domain X11 display socket."); - return NULL; + return -1; } /* Start listening for connections on the socket. */ for (n = 0; n < num_socks; n++) { sock = socks[n]; if (listen(sock, 5) < 0) { error("listen: %.100s", strerror(errno)); - shutdown(sock, SHUT_RDWR); close(sock); - return NULL; + return -1; } } - /* Set up a suitable value for the DISPLAY variable. */ - if (gethostname(hostname, sizeof(hostname)) < 0) - fatal("gethostname: %.100s", strerror(errno)); - snprintf(display, sizeof display, "%.400s:%d.%d", hostname, - display_number, screen_number); - /* Allocate a channel for each socket. */ for (n = 0; n < num_socks; n++) { sock = socks[n]; - (void) channel_new("x11 listener", + nc = channel_new("x11 listener", SSH_CHANNEL_X11_LISTENER, sock, sock, -1, CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, xstrdup("X11 inet listener"), 1); + nc->single_connection = single_connection; } - /* Return a suitable value for the DISPLAY environment variable. */ - return xstrdup(display); + /* Return the display number for the DISPLAY environment variable. */ + return display_number; } -#ifndef X_UNIX_PATH -#define X_UNIX_PATH "/tmp/.X11-unix/X" -#endif - -static -int +static int connect_local_xsocket(u_int dnr) { - static const char *const x_sockets[] = { - X_UNIX_PATH "%u", - "/var/X/.X11-unix/X" "%u", - "/usr/spool/sockets/X11/" "%u", - NULL - }; int sock; struct sockaddr_un addr; - const char *const * path; - for (path = x_sockets; *path; ++path) { - sock = socket(AF_UNIX, SOCK_STREAM, 0); - if (sock < 0) - error("socket: %.100s", strerror(errno)); - memset(&addr, 0, sizeof(addr)); - addr.sun_family = AF_UNIX; - snprintf(addr.sun_path, sizeof addr.sun_path, *path, dnr); - if (connect(sock, (struct sockaddr *) & addr, sizeof(addr)) == 0) - return sock; - close(sock); - } + sock = socket(AF_UNIX, SOCK_STREAM, 0); + if (sock < 0) + error("socket: %.100s", strerror(errno)); + memset(&addr, 0, sizeof(addr)); + addr.sun_family = AF_UNIX; + snprintf(addr.sun_path, sizeof addr.sun_path, _PATH_UNIX_X, dnr); + if (connect(sock, (struct sockaddr *) & addr, sizeof(addr)) == 0) + return sock; + close(sock); error("connect %.100s: %.100s", addr.sun_path, strerror(errno)); return -1; } @@ -2292,7 +2438,7 @@ x11_connect_display(void) /* Connect to the unix domain socket. */ if (sscanf(strrchr(display, ':') + 1, "%d", &display_number) != 1) { error("Could not parse display number from DISPLAY: %.100s", - display); + display); return -1; } /* Create a socket. */ @@ -2307,8 +2453,7 @@ x11_connect_display(void) * Connect to an inet socket. The DISPLAY value is supposedly * hostname:d[.s], where hostname may also be numeric IP address. */ - strncpy(buf, display, sizeof(buf)); - buf[sizeof(buf) - 1] = 0; + strlcpy(buf, display, sizeof(buf)); cp = strchr(buf, ':'); if (!cp) { error("Could not find ':' in DISPLAY: %.100s", display); @@ -2318,7 +2463,7 @@ x11_connect_display(void) /* buf now contains the host name. But first we parse the display number. */ if (sscanf(cp + 1, "%d", &display_number) != 1) { error("Could not parse display number from DISPLAY: %.100s", - display); + display); return -1; } @@ -2354,6 +2499,7 @@ x11_connect_display(void) strerror(errno)); return -1; } + set_nodelay(sock); return sock; } @@ -2364,56 +2510,52 @@ x11_connect_display(void) */ void -x11_input_open(int type, int plen, void *ctxt) +x11_input_open(int type, u_int32_t seq, void *ctxt) { - int remote_channel, sock = 0, newch; + Channel *c = NULL; + int remote_id, sock = 0; char *remote_host; - u_int remote_len; - /* Get remote channel number. */ - remote_channel = packet_get_int(); + debug("Received X11 open request."); - /* Get remote originator name. */ - if (have_hostname_in_open) { - remote_host = packet_get_string(&remote_len); - remote_len += 4; + remote_id = packet_get_int(); + + if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) { + remote_host = packet_get_string(NULL); } else { remote_host = xstrdup("unknown (remote did not supply name)"); - remote_len = 0; } - - debug("Received X11 open request."); - packet_integrity_check(plen, 4 + remote_len, SSH_SMSG_X11_OPEN); + packet_check_eom(); /* Obtain a connection to the real X display. */ sock = x11_connect_display(); - if (sock == -1) { + if (sock != -1) { + /* Allocate a channel for this connection. */ + c = channel_new("connected x11 socket", + SSH_CHANNEL_X11_OPEN, sock, sock, -1, 0, 0, 0, + remote_host, 1); + c->remote_id = remote_id; + c->force_drain = 1; + } + if (c == NULL) { /* Send refusal to the remote host. */ packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remote_channel); - packet_send(); + packet_put_int(remote_id); } else { - /* Allocate a channel for this connection. */ - newch = channel_allocate( - (x11_saved_proto == NULL) ? - SSH_CHANNEL_OPEN : SSH_CHANNEL_X11_OPEN, - sock, remote_host); - channels[newch].remote_id = remote_channel; - /* Send a confirmation to the remote host. */ packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(remote_channel); - packet_put_int(newch); - packet_send(); + packet_put_int(remote_id); + packet_put_int(c->self); } + packet_send(); } /* dummy protocol handler that denies SSH-1 requests (agent/x11) */ void -deny_input_open(int type, int plen, void *ctxt) +deny_input_open(int type, u_int32_t seq, void *ctxt) { int rchan = packet_get_int(); - switch(type){ + switch (type) { case SSH_SMSG_AGENT_OPEN: error("Warning: ssh server tried agent forwarding."); break; @@ -2421,7 +2563,7 @@ deny_input_open(int type, int plen, void *ctxt) error("Warning: ssh server tried X11 forwarding."); break; default: - error("deny_input_open: type %d plen %d", type, plen); + error("deny_input_open: type %d", type); break; } error("Warning: this is probably a break in attempt by a malicious server."); @@ -2433,8 +2575,8 @@ deny_input_open(int type, int plen, void *ctxt) /* * Requests forwarding of X11 connections, generates fake authentication * data, and enables authentication spoofing. + * This should be called in the client only. */ - void x11_request_forwarding_with_spoofing(int client_session_id, const char *proto, const char *data) @@ -2499,10 +2641,13 @@ x11_request_forwarding_with_spoofing(int client_session_id, xfree(new_data); } + +/* -- agent forwarding */ + /* Sends a message to the server to request authentication fd forwarding. */ void -auth_request_forwarding() +auth_request_forwarding(void) { packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING); packet_send(); @@ -2516,18 +2661,25 @@ auth_request_forwarding() */ char * -auth_get_socket_name() +auth_get_socket_name(void) { - return channel_forwarded_auth_socket_name; + return auth_sock_name; } /* removes the agent forwarding socket */ void -cleanup_socket(void) +auth_sock_cleanup_proc(void *_pw) { - unlink(channel_forwarded_auth_socket_name); - rmdir(channel_forwarded_auth_socket_dir); + struct passwd *pw = _pw; + + if (auth_sock_name) { + temporarily_use_uid(pw); + unlink(auth_sock_name); + rmdir(auth_sock_dir); + auth_sock_name = NULL; + restore_uid(); + } } /* @@ -2538,39 +2690,40 @@ cleanup_socket(void) int auth_input_request_forwarding(struct passwd * pw) { - int sock, newch; + Channel *nc; + int sock; struct sockaddr_un sunaddr; - if (auth_get_socket_name() != NULL) - fatal("Protocol error: authentication forwarding requested twice."); + if (auth_get_socket_name() != NULL) { + error("authentication forwarding requested twice."); + return 0; + } /* Temporarily drop privileged uid for mkdir/bind. */ temporarily_use_uid(pw); /* Allocate a buffer for the socket name, and format the name. */ - channel_forwarded_auth_socket_name = xmalloc(MAX_SOCKET_NAME); - channel_forwarded_auth_socket_dir = xmalloc(MAX_SOCKET_NAME); - strlcpy(channel_forwarded_auth_socket_dir, "/tmp/ssh-XXXXXXXX", MAX_SOCKET_NAME); + auth_sock_name = xmalloc(MAXPATHLEN); + auth_sock_dir = xmalloc(MAXPATHLEN); + strlcpy(auth_sock_dir, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); /* Create private directory for socket */ - if (mkdtemp(channel_forwarded_auth_socket_dir) == NULL) { - packet_send_debug("Agent forwarding disabled: mkdtemp() failed: %.100s", - strerror(errno)); + if (mkdtemp(auth_sock_dir) == NULL) { + packet_send_debug("Agent forwarding disabled: " + "mkdtemp() failed: %.100s", strerror(errno)); restore_uid(); - xfree(channel_forwarded_auth_socket_name); - xfree(channel_forwarded_auth_socket_dir); - channel_forwarded_auth_socket_name = NULL; - channel_forwarded_auth_socket_dir = NULL; + xfree(auth_sock_name); + xfree(auth_sock_dir); + auth_sock_name = NULL; + auth_sock_dir = NULL; return 0; } - snprintf(channel_forwarded_auth_socket_name, MAX_SOCKET_NAME, "%s/agent.%d", - channel_forwarded_auth_socket_dir, (int) getpid()); + snprintf(auth_sock_name, MAXPATHLEN, "%s/agent.%d", + auth_sock_dir, (int) getpid()); + + /* delete agent socket on fatal() */ + fatal_add_cleanup(auth_sock_cleanup_proc, pw); - if (atexit(cleanup_socket) < 0) { - int saved = errno; - cleanup_socket(); - packet_disconnect("socket: %.100s", strerror(saved)); - } /* Create the socket. */ sock = socket(AF_UNIX, SOCK_STREAM, 0); if (sock < 0) @@ -2579,8 +2732,7 @@ auth_input_request_forwarding(struct passwd * pw) /* Bind it to the name. */ memset(&sunaddr, 0, sizeof(sunaddr)); sunaddr.sun_family = AF_UNIX; - strncpy(sunaddr.sun_path, channel_forwarded_auth_socket_name, - sizeof(sunaddr.sun_path)); + strlcpy(sunaddr.sun_path, auth_sock_name, sizeof(sunaddr.sun_path)); if (bind(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) packet_disconnect("bind: %.100s", strerror(errno)); @@ -2593,28 +2745,26 @@ auth_input_request_forwarding(struct passwd * pw) packet_disconnect("listen: %.100s", strerror(errno)); /* Allocate a channel for the authentication agent socket. */ - newch = channel_new("auth socket", + nc = channel_new("auth socket", SSH_CHANNEL_AUTH_SOCKET, sock, sock, -1, CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, xstrdup("auth socket"), 1); - - strlcpy(channels[newch].path, channel_forwarded_auth_socket_name, - sizeof(channels[newch].path)); + strlcpy(nc->path, auth_sock_name, sizeof(nc->path)); return 1; } /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ void -auth_input_open_request(int type, int plen, void *ctxt) +auth_input_open_request(int type, u_int32_t seq, void *ctxt) { - int remch, sock, newch; - char *dummyname; - - packet_integrity_check(plen, 4, type); + Channel *c = NULL; + int remote_id, sock; + char *name; /* Read the remote channel number from the message. */ - remch = packet_get_int(); + remote_id = packet_get_int(); + packet_check_eom(); /* * Get a connection to the local authentication agent (this may again @@ -2628,129 +2778,22 @@ auth_input_open_request(int type, int plen, void *ctxt) * because authentication forwarding is only enabled if we have an * agent. */ - if (sock < 0) { - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remch); - packet_send(); - return; + if (sock >= 0) { + name = xstrdup("authentication agent connection"); + c = channel_new("", SSH_CHANNEL_OPEN, sock, sock, + -1, 0, 0, 0, name, 1); + c->remote_id = remote_id; + c->force_drain = 1; } - debug("Forwarding authentication connection."); - - /* - * Dummy host name. This will be freed when the channel is freed; it - * will still be valid in the packet_put_string below since the - * channel cannot yet be freed at that point. - */ - dummyname = xstrdup("authentication agent connection"); - - newch = channel_allocate(SSH_CHANNEL_OPEN, sock, dummyname); - channels[newch].remote_id = remch; - - /* Send a confirmation to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(remch); - packet_put_int(newch); - packet_send(); -} - -void -channel_start_open(int id) -{ - Channel *c = channel_lookup(id); if (c == NULL) { - log("channel_open: %d: bad id", id); - return; - } - debug("send channel open %d", id); - packet_start(SSH2_MSG_CHANNEL_OPEN); - packet_put_cstring(c->ctype); - packet_put_int(c->self); - packet_put_int(c->local_window); - packet_put_int(c->local_maxpacket); -} -void -channel_open(int id) -{ - /* XXX REMOVE ME */ - channel_start_open(id); - packet_send(); -} -void -channel_request(int id, char *service, int wantconfirm) -{ - channel_request_start(id, service, wantconfirm); - packet_send(); - debug("channel request %d: %s", id, service) ; -} -void -channel_request_start(int id, char *service, int wantconfirm) -{ - Channel *c = channel_lookup(id); - if (c == NULL) { - log("channel_request: %d: bad id", id); - return; - } - packet_start(SSH2_MSG_CHANNEL_REQUEST); - packet_put_int(c->remote_id); - packet_put_cstring(service); - packet_put_char(wantconfirm); -} -void -channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg) -{ - Channel *c = channel_lookup(id); - if (c == NULL) { - log("channel_register_callback: %d: bad id", id); - return; - } - c->cb_event = mtype; - c->cb_fn = fn; - c->cb_arg = arg; -} -void -channel_register_cleanup(int id, channel_callback_fn *fn) -{ - Channel *c = channel_lookup(id); - if (c == NULL) { - log("channel_register_cleanup: %d: bad id", id); - return; - } - c->dettach_user = fn; -} -void -channel_cancel_cleanup(int id) -{ - Channel *c = channel_lookup(id); - if (c == NULL) { - log("channel_cancel_cleanup: %d: bad id", id); - return; - } - c->dettach_user = NULL; -} -void -channel_register_filter(int id, channel_filter_fn *fn) -{ - Channel *c = channel_lookup(id); - if (c == NULL) { - log("channel_register_filter: %d: bad id", id); - return; + packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); + packet_put_int(remote_id); + } else { + /* Send a confirmation to the remote host. */ + debug("Forwarding authentication connection."); + packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(remote_id); + packet_put_int(c->self); } - c->input_filter = fn; -} - -void -channel_set_fds(int id, int rfd, int wfd, int efd, - int extusage, int nonblock) -{ - Channel *c = channel_lookup(id); - if (c == NULL || c->type != SSH_CHANNEL_LARVAL) - fatal("channel_activate for non-larval channel %d.", id); - channel_register_fds(c, rfd, wfd, efd, extusage, nonblock); - c->type = SSH_CHANNEL_OPEN; - /* XXX window size? */ - c->local_window = c->local_window_max = c->local_maxpacket * 2; - packet_start(SSH2_MSG_CHANNEL_WINDOW_ADJUST); - packet_put_int(c->remote_id); - packet_put_int(c->local_window); packet_send(); } diff --git a/crypto/openssh/channels.h b/crypto/openssh/channels.h index bf70a8f215b6..707d9a925820 100644 --- a/crypto/openssh/channels.h +++ b/crypto/openssh/channels.h @@ -1,3 +1,5 @@ +/* $OpenBSD: channels.h,v 1.65 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -10,7 +12,7 @@ * called by a name other than "ssh" or "Secure Shell". */ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -32,15 +34,13 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: channels.h,v 1.31 2001/04/13 22:46:53 beck Exp $"); */ -#ifndef CHANNELS_H -#define CHANNELS_H +#ifndef CHANNEL_H +#define CHANNEL_H #include "buffer.h" /* Definitions for channel types. */ -#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */ #define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */ #define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ #define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ @@ -54,38 +54,38 @@ #define SSH_CHANNEL_RPORT_LISTENER 11 /* Listening to a R-style port */ #define SSH_CHANNEL_CONNECTING 12 #define SSH_CHANNEL_DYNAMIC 13 -#define SSH_CHANNEL_MAX_TYPE 14 +#define SSH_CHANNEL_ZOMBIE 14 /* Almost dead. */ +#define SSH_CHANNEL_MAX_TYPE 15 + +#define SSH_CHANNEL_PATH_LEN 256 -/* - * Data structure for channel data. This is iniailized in channel_allocate - * and cleared in channel_free. - */ struct Channel; typedef struct Channel Channel; -typedef void channel_callback_fn(int id, void *arg); -typedef int channel_filter_fn(struct Channel *c, char *buf, int len); +typedef void channel_callback_fn(int, void *); +typedef int channel_filter_fn(struct Channel *, char *, int); struct Channel { int type; /* channel type/state */ int self; /* my own channel identifier */ int remote_id; /* channel identifier for remote peer */ - /* peer can be reached over encrypted connection, via packet-sent */ - int istate; /* input from channel (state of receive half) */ - int ostate; /* output to channel (state of transmit half) */ + u_int istate; /* input from channel (state of receive half) */ + u_int ostate; /* output to channel (state of transmit half) */ int flags; /* close sent/rcvd */ int rfd; /* read fd */ int wfd; /* write fd */ int efd; /* extended fd */ int sock; /* sock fd */ int isatty; /* rfd is a tty */ + int force_drain; /* force close on iEOF */ + int delayed; /* fdset hack */ Buffer input; /* data read from socket, to be sent over * encrypted connection */ Buffer output; /* data received over encrypted connection for * send on socket */ Buffer extended; - char path[200]; /* path for unix domain sockets, or host name - * for forwards */ + char path[SSH_CHANNEL_PATH_LEN]; + /* path for unix domain sockets, or host name for forwards */ int listening_port; /* port being listened for forwards */ int host_port; /* remote port to connect for forwards */ char *remote_name; /* remote hostname */ @@ -97,14 +97,13 @@ struct Channel { int local_consumed; int local_maxpacket; int extended_usage; + int single_connection; char *ctype; /* type */ /* callback */ - channel_callback_fn *cb_fn; - void *cb_arg; - int cb_event; - channel_callback_fn *dettach_user; + channel_callback_fn *confirm; + channel_callback_fn *detach_user; /* filter */ channel_filter_fn *input_filter; @@ -115,198 +114,111 @@ struct Channel { #define CHAN_EXTENDED_WRITE 2 /* default window/packet sizes for tcp/x11-fwd-channel */ -#define CHAN_SES_WINDOW_DEFAULT (32*1024) -#define CHAN_SES_PACKET_DEFAULT (CHAN_SES_WINDOW_DEFAULT/2) -#define CHAN_TCP_WINDOW_DEFAULT (32*1024) -#define CHAN_TCP_PACKET_DEFAULT (CHAN_TCP_WINDOW_DEFAULT/2) -#define CHAN_X11_WINDOW_DEFAULT (4*1024) -#define CHAN_X11_PACKET_DEFAULT (CHAN_X11_WINDOW_DEFAULT/2) - - -void channel_open(int id); -void channel_request(int id, char *service, int wantconfirm); -void channel_request_start(int id, char *service, int wantconfirm); -void channel_register_callback(int id, int mtype, channel_callback_fn *fn, void *arg); -void channel_register_cleanup(int id, channel_callback_fn *fn); -void channel_register_filter(int id, channel_filter_fn *fn); -void channel_cancel_cleanup(int id); -Channel *channel_lookup(int id); - -int -channel_new(char *ctype, int type, int rfd, int wfd, int efd, - int window, int maxpack, int extended_usage, char *remote_name, - int nonblock); -void -channel_set_fds(int id, int rfd, int wfd, int efd, - int extusage, int nonblock); - -void deny_input_open(int type, int plen, void *ctxt); - -void channel_input_channel_request(int type, int plen, void *ctxt); -void channel_input_close(int type, int plen, void *ctxt); -void channel_input_close_confirmation(int type, int plen, void *ctxt); -void channel_input_data(int type, int plen, void *ctxt); -void channel_input_extended_data(int type, int plen, void *ctxt); -void channel_input_ieof(int type, int plen, void *ctxt); -void channel_input_oclose(int type, int plen, void *ctxt); -void channel_input_open_confirmation(int type, int plen, void *ctxt); -void channel_input_open_failure(int type, int plen, void *ctxt); -void channel_input_port_open(int type, int plen, void *ctxt); -void channel_input_window_adjust(int type, int plen, void *ctxt); - -/* Sets specific protocol options. */ -void channel_set_options(int hostname_in_open); - -/* - * Allocate a new channel object and set its type and socket. Remote_name - * must have been allocated with xmalloc; this will free it when the channel - * is freed. - */ -int channel_allocate(int type, int sock, char *remote_name); - -/* Free the channel and close its socket. */ -void channel_free(int channel); - -/* - * Allocate/update select bitmasks and add any bits relevant to channels in - * select bitmasks. - */ -void -channel_prepare_select(fd_set **readsetp, fd_set **writesetp, int *maxfdp, - int rekeying); - -/* - * After select, perform any appropriate operations for channels which have - * events pending. - */ -void channel_after_select(fd_set * readset, fd_set * writeset); - -/* If there is data to send to the connection, send some of it now. */ -void channel_output_poll(void); - -/* Returns true if no channel has too much buffered data. */ -int channel_not_very_much_buffered_data(void); - -/* This closes any sockets that are listening for connections; this removes - any unix domain sockets. */ -void channel_stop_listening(void); - -/* - * Closes the sockets of all channels. This is used to close extra file - * descriptors after a fork. - */ -void channel_close_all(void); - -/* Returns true if there is still an open channel over the connection. */ -int channel_still_open(void); - -/* - * Returns a string containing a list of all open channels. The list is - * suitable for displaying to the user. It uses crlf instead of newlines. - * The caller should free the string with xfree. - */ -char *channel_open_message(void); - -/* - * Initiate forwarding of connections to local port "port" through the secure - * channel to host:port from remote side. - */ -int -channel_request_local_forwarding(u_short listen_port, - const char *host_to_connect, u_short port_to_connect, int gateway_ports); -int -channel_request_forwarding(const char *listen_address, u_short listen_port, - const char *host_to_connect, u_short port_to_connect, int gateway_ports, - int remote_fwd); - -/* - * Initiate forwarding of connections to port "port" on remote host through - * the secure channel to host:port from local side. This never returns if - * there was an error. This registers that open requests for that port are - * permitted. - */ -void -channel_request_remote_forwarding(u_short port, const char *host, - u_short remote_port); - -/* - * Permits opening to any host/port if permitted_opens[] is empty. This is - * usually called by the server, because the user could connect to any port - * anyway, and the server has no way to know but to trust the client anyway. - */ -void channel_permit_all_opens(void); - -/* Add host/port to list of allowed targets for port forwarding */ -void channel_add_permitted_opens(char *host, int port); - -/* Flush list */ -void channel_clear_permitted_opens(void); - -/* - * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates - * listening for the port, and sends back a success reply (or disconnect - * message if there was an error). This never returns if there was an error. - */ -void channel_input_port_forward_request(int is_root, int gateway_ports); - -/* - * Creates a port for X11 connections, and starts listening for it. Returns - * the display name, or NULL if an error was encountered. - */ -char *x11_create_display(int screen); - -/* - * Creates an internet domain socket for listening for X11 connections. - * Returns a suitable value for the DISPLAY variable, or NULL if an error - * occurs. - */ -char *x11_create_display_inet(int screen, int x11_display_offset); - -/* - * This is called when SSH_SMSG_X11_OPEN is received. The packet contains - * the remote channel number. We should do whatever we want, and respond - * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. - */ -void x11_input_open(int type, int plen, void *ctxt); - -/* - * Requests forwarding of X11 connections. This should be called on the - * client only. - */ -void x11_request_forwarding(void); - -/* - * Requests forwarding for X11 connections, with authentication spoofing. - * This should be called in the client only. - */ -void -x11_request_forwarding_with_spoofing(int client_session_id, - const char *proto, const char *data); - -/* Sends a message to the server to request authentication fd forwarding. */ -void auth_request_forwarding(void); - -/* - * Returns the name of the forwarded authentication socket. Returns NULL if - * there is no forwarded authentication socket. The returned value points to - * a static buffer. - */ -char *auth_get_socket_name(void); - -/* - * This is called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. - * This starts forwarding authentication requests. - */ -int auth_input_request_forwarding(struct passwd * pw); - -/* This is called to process an SSH_SMSG_AGENT_OPEN message. */ -void auth_input_open_request(int type, int plen, void *ctxt); - -/* XXX */ -int channel_connect_to(const char *host, u_short host_port); -int channel_connect_by_listen_adress(u_short listen_port); -int x11_connect_display(void); - -int channel_find_open(void); +#define CHAN_SES_PACKET_DEFAULT (32*1024) +#define CHAN_SES_WINDOW_DEFAULT (4*CHAN_SES_PACKET_DEFAULT) +#define CHAN_TCP_PACKET_DEFAULT (32*1024) +#define CHAN_TCP_WINDOW_DEFAULT (4*CHAN_TCP_PACKET_DEFAULT) +#define CHAN_X11_PACKET_DEFAULT (16*1024) +#define CHAN_X11_WINDOW_DEFAULT (4*CHAN_X11_PACKET_DEFAULT) + +/* possible input states */ +#define CHAN_INPUT_OPEN 0 +#define CHAN_INPUT_WAIT_DRAIN 1 +#define CHAN_INPUT_WAIT_OCLOSE 2 +#define CHAN_INPUT_CLOSED 3 + +/* possible output states */ +#define CHAN_OUTPUT_OPEN 0 +#define CHAN_OUTPUT_WAIT_DRAIN 1 +#define CHAN_OUTPUT_WAIT_IEOF 2 +#define CHAN_OUTPUT_CLOSED 3 + +#define CHAN_CLOSE_SENT 0x01 +#define CHAN_CLOSE_RCVD 0x02 + +/* channel management */ + +Channel *channel_lookup(int); +Channel *channel_new(char *, int, int, int, int, int, int, int, char *, int); +void channel_set_fds(int, int, int, int, int, int, u_int); +void channel_free(Channel *); +void channel_free_all(void); +void channel_stop_listening(void); + +void channel_send_open(int); +void channel_request_start(int, char *, int); +void channel_register_cleanup(int, channel_callback_fn *); +void channel_register_confirm(int, channel_callback_fn *); +void channel_register_filter(int, channel_filter_fn *); +void channel_cancel_cleanup(int); +int channel_close_fd(int *); + +/* protocol handler */ + +void channel_input_close(int, u_int32_t, void *); +void channel_input_close_confirmation(int, u_int32_t, void *); +void channel_input_data(int, u_int32_t, void *); +void channel_input_extended_data(int, u_int32_t, void *); +void channel_input_ieof(int, u_int32_t, void *); +void channel_input_oclose(int, u_int32_t, void *); +void channel_input_open_confirmation(int, u_int32_t, void *); +void channel_input_open_failure(int, u_int32_t, void *); +void channel_input_port_open(int, u_int32_t, void *); +void channel_input_window_adjust(int, u_int32_t, void *); + +/* file descriptor handling (read/write) */ + +void channel_prepare_select(fd_set **, fd_set **, int *, int*, int); +void channel_after_select(fd_set *, fd_set *); +void channel_output_poll(void); + +int channel_not_very_much_buffered_data(void); +void channel_close_all(void); +int channel_still_open(void); +char *channel_open_message(void); +int channel_find_open(void); + +/* tcp forwarding */ +void channel_set_af(int af); +void channel_permit_all_opens(void); +void channel_add_permitted_opens(char *, int); +void channel_clear_permitted_opens(void); +void channel_input_port_forward_request(int, int); +int channel_connect_to(const char *, u_short); +int channel_connect_by_listen_address(u_short); +void channel_request_remote_forwarding(u_short, const char *, u_short); +int channel_setup_local_fwd_listener(u_short, const char *, u_short, int); +int channel_setup_remote_fwd_listener(const char *, u_short, int); + +/* x11 forwarding */ + +int x11_connect_display(void); +int x11_create_display_inet(int, int, int); +void x11_input_open(int, u_int32_t, void *); +void x11_request_forwarding_with_spoofing(int, const char *, const char *); +void deny_input_open(int, u_int32_t, void *); + +/* agent forwarding */ + +void auth_request_forwarding(void); +char *auth_get_socket_name(void); +void auth_sock_cleanup_proc(void *); +int auth_input_request_forwarding(struct passwd *); +void auth_input_open_request(int, u_int32_t, void *); + +/* channel close */ + +int chan_is_dead(Channel *, int); +void chan_mark_dead(Channel *); + +/* channel events */ + +void chan_rcvd_oclose(Channel *); +void chan_read_failed(Channel *); +void chan_ibuf_empty(Channel *); + +void chan_rcvd_ieof(Channel *); +void chan_write_failed(Channel *); +void chan_obuf_empty(Channel *); #endif diff --git a/crypto/openssh/cipher.c b/crypto/openssh/cipher.c index 5350703efbf8..ce3f6f3ce208 100644 --- a/crypto/openssh/cipher.c +++ b/crypto/openssh/cipher.c @@ -11,7 +11,7 @@ * * * Copyright (c) 1999 Niels Provos. All rights reserved. - * Copyright (c) 1999,2000 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -35,396 +35,60 @@ */ #include "includes.h" -RCSID("$OpenBSD: cipher.c,v 1.43 2001/02/04 15:32:23 stevesk Exp $"); +RCSID("$OpenBSD: cipher.c,v 1.52 2002/02/18 13:05:32 markus Exp $"); #include "xmalloc.h" #include "log.h" #include "cipher.h" #include <openssl/md5.h> +#include "rijndael.h" + +static EVP_CIPHER *evp_ssh1_3des(void); +static EVP_CIPHER *evp_ssh1_bf(void); +static EVP_CIPHER *evp_rijndael(void); + +struct Cipher { + char *name; + int number; /* for ssh1 only */ + u_int block_size; + u_int key_len; + EVP_CIPHER *(*evptype)(void); +} ciphers[] = { + { "none", SSH_CIPHER_NONE, 8, 0, EVP_enc_null }, + { "des", SSH_CIPHER_DES, 8, 8, EVP_des_cbc }, + { "3des", SSH_CIPHER_3DES, 8, 16, evp_ssh1_3des }, + { "blowfish", SSH_CIPHER_BLOWFISH, 8, 32, evp_ssh1_bf }, + + { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, EVP_des_ede3_cbc }, + { "blowfish-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_bf_cbc }, + { "cast128-cbc", SSH_CIPHER_SSH2, 8, 16, EVP_cast5_cbc }, + { "arcfour", SSH_CIPHER_SSH2, 8, 16, EVP_rc4 }, + { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, evp_rijndael }, + { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, evp_rijndael }, + { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, evp_rijndael }, + + { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } +}; +/*--*/ -/* no encryption */ -void -none_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ -} -void -none_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) -{ -} -void -none_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - memcpy(dest, src, len); -} - -/* DES */ -void -des_ssh1_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ - static int dowarn = 1; - if (dowarn) { - error("Warning: use of DES is strongly discouraged " - "due to cryptographic weaknesses"); - dowarn = 0; - } - des_set_key((void *)key, cc->u.des.key); -} -void -des_ssh1_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) -{ - memset(cc->u.des.iv, 0, sizeof(cc->u.des.iv)); -} -void -des_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - des_ncbc_encrypt(src, dest, len, cc->u.des.key, &cc->u.des.iv, - DES_ENCRYPT); -} -void -des_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - des_ncbc_encrypt(src, dest, len, cc->u.des.key, &cc->u.des.iv, - DES_DECRYPT); -} - -/* 3DES */ -void -des3_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ - des_set_key((void *) key, cc->u.des3.key1); - des_set_key((void *) (key+8), cc->u.des3.key2); - des_set_key((void *) (key+16), cc->u.des3.key3); -} -void -des3_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) -{ - memset(cc->u.des3.iv2, 0, sizeof(cc->u.des3.iv2)); - memset(cc->u.des3.iv3, 0, sizeof(cc->u.des3.iv3)); - if (iv == NULL) - return; - memcpy(cc->u.des3.iv3, (char *)iv, 8); -} -void -des3_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - des_ede3_cbc_encrypt(src, dest, len, - cc->u.des3.key1, cc->u.des3.key2, cc->u.des3.key3, - &cc->u.des3.iv3, DES_ENCRYPT); -} -void -des3_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - des_ede3_cbc_encrypt(src, dest, len, - cc->u.des3.key1, cc->u.des3.key2, cc->u.des3.key3, - &cc->u.des3.iv3, DES_DECRYPT); -} - -/* - * This is used by SSH1: - * - * What kind of triple DES are these 2 routines? - * - * Why is there a redundant initialization vector? - * - * If only iv3 was used, then, this would till effect have been - * outer-cbc. However, there is also a private iv1 == iv2 which - * perhaps makes differential analysis easier. On the other hand, the - * private iv1 probably makes the CRC-32 attack ineffective. This is a - * result of that there is no longer any known iv1 to use when - * choosing the X block. - */ -void -des3_ssh1_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ - des_set_key((void *) key, cc->u.des3.key1); - des_set_key((void *) (key+8), cc->u.des3.key2); - if (keylen <= 16) - des_set_key((void *) key, cc->u.des3.key3); - else - des_set_key((void *) (key+16), cc->u.des3.key3); -} -void -des3_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) -{ - des_cblock iv1; - des_cblock *iv2 = &cc->u.des3.iv2; - des_cblock *iv3 = &cc->u.des3.iv3; - - memcpy(&iv1, iv2, 8); - - des_ncbc_encrypt(src, dest, len, cc->u.des3.key1, &iv1, DES_ENCRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_DECRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key3, iv3, DES_ENCRYPT); -} -void -des3_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) -{ - des_cblock iv1; - des_cblock *iv2 = &cc->u.des3.iv2; - des_cblock *iv3 = &cc->u.des3.iv3; - - memcpy(&iv1, iv2, 8); - - des_ncbc_encrypt(src, dest, len, cc->u.des3.key3, iv3, DES_DECRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key2, iv2, DES_ENCRYPT); - des_ncbc_encrypt(dest, dest, len, cc->u.des3.key1, &iv1, DES_DECRYPT); -} - -/* Blowfish */ -void -blowfish_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ - BF_set_key(&cc->u.bf.key, keylen, (u_char *)key); -} -void -blowfish_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) -{ - if (iv == NULL) - memset(cc->u.bf.iv, 0, 8); - else - memcpy(cc->u.bf.iv, (char *)iv, 8); -} -void -blowfish_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) -{ - BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv, - BF_ENCRYPT); -} -void -blowfish_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) -{ - BF_cbc_encrypt((void *)src, dest, len, &cc->u.bf.key, cc->u.bf.iv, - BF_DECRYPT); -} - -/* - * SSH1 uses a variation on Blowfish, all bytes must be swapped before - * and after encryption/decryption. Thus the swap_bytes stuff (yuk). - */ -static void -swap_bytes(const u_char *src, u_char *dst, int n) -{ - char c[4]; - - /* Process 4 bytes every lap. */ - for (n = n / 4; n > 0; n--) { - c[3] = *src++; - c[2] = *src++; - c[1] = *src++; - c[0] = *src++; - - *dst++ = c[0]; - *dst++ = c[1]; - *dst++ = c[2]; - *dst++ = c[3]; - } -} - -void -blowfish_ssh1_encrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) -{ - swap_bytes(src, dest, len); - BF_cbc_encrypt((void *)dest, dest, len, &cc->u.bf.key, cc->u.bf.iv, - BF_ENCRYPT); - swap_bytes(dest, dest, len); -} -void -blowfish_ssh1_decrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) -{ - swap_bytes(src, dest, len); - BF_cbc_encrypt((void *)dest, dest, len, &cc->u.bf.key, cc->u.bf.iv, - BF_DECRYPT); - swap_bytes(dest, dest, len); -} - -/* alleged rc4 */ -void -arcfour_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ - RC4_set_key(&cc->u.rc4, keylen, (u_char *)key); -} -void -arcfour_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - RC4(&cc->u.rc4, len, (u_char *)src, dest); -} - -/* CAST */ -void -cast_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ - CAST_set_key(&cc->u.cast.key, keylen, (u_char *) key); -} -void -cast_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) -{ - if (iv == NULL) - fatal("no IV for %s.", cc->cipher->name); - memcpy(cc->u.cast.iv, (char *)iv, 8); -} -void -cast_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - CAST_cbc_encrypt(src, dest, len, &cc->u.cast.key, cc->u.cast.iv, - CAST_ENCRYPT); -} -void -cast_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) -{ - CAST_cbc_encrypt(src, dest, len, &cc->u.cast.key, cc->u.cast.iv, - CAST_DECRYPT); -} - -/* RIJNDAEL */ - -#define RIJNDAEL_BLOCKSIZE 16 -void -rijndael_setkey(CipherContext *cc, const u_char *key, u_int keylen) -{ - rijndael_set_key(&cc->u.rijndael.enc, (u4byte *)key, 8*keylen, 1); - rijndael_set_key(&cc->u.rijndael.dec, (u4byte *)key, 8*keylen, 0); -} -void -rijndael_setiv(CipherContext *cc, const u_char *iv, u_int ivlen) -{ - if (iv == NULL) - fatal("no IV for %s.", cc->cipher->name); - memcpy((u_char *)cc->u.rijndael.iv, iv, RIJNDAEL_BLOCKSIZE); -} -void -rijndael_cbc_encrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) +u_int +cipher_blocksize(Cipher *c) { - rijndael_ctx *ctx = &cc->u.rijndael.enc; - u4byte *iv = cc->u.rijndael.iv; - u4byte in[4]; - u4byte *cprev, *cnow, *plain; - int i, blocks = len / RIJNDAEL_BLOCKSIZE; - if (len == 0) - return; - if (len % RIJNDAEL_BLOCKSIZE) - fatal("rijndael_cbc_encrypt: bad len %d", len); - cnow = (u4byte*) dest; - plain = (u4byte*) src; - cprev = iv; - for(i = 0; i < blocks; i++, plain+=4, cnow+=4) { - in[0] = plain[0] ^ cprev[0]; - in[1] = plain[1] ^ cprev[1]; - in[2] = plain[2] ^ cprev[2]; - in[3] = plain[3] ^ cprev[3]; - rijndael_encrypt(ctx, in, cnow); - cprev = cnow; - } - memcpy(iv, cprev, RIJNDAEL_BLOCKSIZE); + return (c->block_size); } - -void -rijndael_cbc_decrypt(CipherContext *cc, u_char *dest, const u_char *src, - u_int len) +u_int +cipher_keylen(Cipher *c) { - rijndael_ctx *ctx = &cc->u.rijndael.dec; - u4byte *iv = cc->u.rijndael.iv; - u4byte ivsaved[4]; - u4byte *cnow = (u4byte*) (src+len-RIJNDAEL_BLOCKSIZE); - u4byte *plain = (u4byte*) (dest+len-RIJNDAEL_BLOCKSIZE); - u4byte *ivp; - int i, blocks = len / RIJNDAEL_BLOCKSIZE; - if (len == 0) - return; - if (len % RIJNDAEL_BLOCKSIZE) - fatal("rijndael_cbc_decrypt: bad len %d", len); - memcpy(ivsaved, cnow, RIJNDAEL_BLOCKSIZE); - for(i = blocks; i > 0; i--, cnow-=4, plain-=4) { - rijndael_decrypt(ctx, cnow, plain); - ivp = (i == 1) ? iv : cnow-4; - plain[0] ^= ivp[0]; - plain[1] ^= ivp[1]; - plain[2] ^= ivp[2]; - plain[3] ^= ivp[3]; - } - memcpy(iv, ivsaved, RIJNDAEL_BLOCKSIZE); + return (c->key_len); } -Cipher ciphers[] = { - { "none", - SSH_CIPHER_NONE, 8, 0, - none_setkey, none_setiv, - none_crypt, none_crypt }, - { "des", - SSH_CIPHER_DES, 8, 8, - des_ssh1_setkey, des_ssh1_setiv, - des_ssh1_encrypt, des_ssh1_decrypt }, - { "3des", - SSH_CIPHER_3DES, 8, 16, - des3_ssh1_setkey, des3_setiv, - des3_ssh1_encrypt, des3_ssh1_decrypt }, - { "blowfish", - SSH_CIPHER_BLOWFISH, 8, 16, - blowfish_setkey, blowfish_setiv, - blowfish_ssh1_encrypt, blowfish_ssh1_decrypt }, - - { "3des-cbc", - SSH_CIPHER_SSH2, 8, 24, - des3_setkey, des3_setiv, - des3_cbc_encrypt, des3_cbc_decrypt }, - { "blowfish-cbc", - SSH_CIPHER_SSH2, 8, 16, - blowfish_setkey, blowfish_setiv, - blowfish_cbc_encrypt, blowfish_cbc_decrypt }, - { "cast128-cbc", - SSH_CIPHER_SSH2, 8, 16, - cast_setkey, cast_setiv, - cast_cbc_encrypt, cast_cbc_decrypt }, - { "arcfour", - SSH_CIPHER_SSH2, 8, 16, - arcfour_setkey, none_setiv, - arcfour_crypt, arcfour_crypt }, - { "aes128-cbc", - SSH_CIPHER_SSH2, 16, 16, - rijndael_setkey, rijndael_setiv, - rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { "aes192-cbc", - SSH_CIPHER_SSH2, 16, 24, - rijndael_setkey, rijndael_setiv, - rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { "aes256-cbc", - SSH_CIPHER_SSH2, 16, 32, - rijndael_setkey, rijndael_setiv, - rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { "rijndael128-cbc", - SSH_CIPHER_SSH2, 16, 16, - rijndael_setkey, rijndael_setiv, - rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { "rijndael192-cbc", - SSH_CIPHER_SSH2, 16, 24, - rijndael_setkey, rijndael_setiv, - rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { "rijndael256-cbc", - SSH_CIPHER_SSH2, 16, 32, - rijndael_setkey, rijndael_setiv, - rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { "rijndael-cbc@lysator.liu.se", - SSH_CIPHER_SSH2, 16, 32, - rijndael_setkey, rijndael_setiv, - rijndael_cbc_encrypt, rijndael_cbc_decrypt }, - { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL, NULL, NULL, NULL } -}; - -/*--*/ - u_int cipher_mask_ssh1(int client) { u_int mask = 0; - mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ + mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ mask |= 1 << SSH_CIPHER_BLOWFISH; if (client) { mask |= 1 << SSH_CIPHER_DES; @@ -464,7 +128,7 @@ ciphers_valid(const char *names) return 0; ciphers = cp = xstrdup(names); for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; - (p = strsep(&cp, CIPHER_SEP))) { + (p = strsep(&cp, CIPHER_SEP))) { c = cipher_by_name(p); if (c == NULL || c->number != SSH_CIPHER_SSH2) { debug("bad cipher %s [%s]", p, names); @@ -503,8 +167,24 @@ cipher_name(int id) void cipher_init(CipherContext *cc, Cipher *cipher, - const u_char *key, u_int keylen, const u_char *iv, u_int ivlen) + const u_char *key, u_int keylen, const u_char *iv, u_int ivlen, + int encrypt) { + static int dowarn = 1; + const EVP_CIPHER *type; + int klen; + + if (cipher->number == SSH_CIPHER_DES) { + if (dowarn) { + error("Warning: use of DES is strongly discouraged " + "due to cryptographic weaknesses"); + dowarn = 0; + } + if (keylen > 8) + keylen = 8; + } + cc->plaintext = (cipher->number == SSH_CIPHER_NONE); + if (keylen < cipher->key_len) fatal("cipher_init: key length %d is insufficient for %s.", keylen, cipher->name); @@ -512,24 +192,40 @@ cipher_init(CipherContext *cc, Cipher *cipher, fatal("cipher_init: iv length %d is insufficient for %s.", ivlen, cipher->name); cc->cipher = cipher; - cipher->setkey(cc, key, keylen); - cipher->setiv(cc, iv, ivlen); + + type = (*cipher->evptype)(); + + EVP_CIPHER_CTX_init(&cc->evp); + if (EVP_CipherInit(&cc->evp, type, NULL, (u_char *)iv, + (encrypt == CIPHER_ENCRYPT)) == 0) + fatal("cipher_init: EVP_CipherInit failed for %s", + cipher->name); + klen = EVP_CIPHER_CTX_key_length(&cc->evp); + if (klen > 0 && keylen != klen) { + debug("cipher_init: set keylen (%d -> %d)", klen, keylen); + if (EVP_CIPHER_CTX_set_key_length(&cc->evp, keylen) == 0) + fatal("cipher_init: set keylen failed (%d -> %d)", + klen, keylen); + } + if (EVP_CipherInit(&cc->evp, NULL, (u_char *)key, NULL, -1) == 0) + fatal("cipher_init: EVP_CipherInit: set key failed for %s", + cipher->name); } void -cipher_encrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) +cipher_crypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) { if (len % cc->cipher->block_size) fatal("cipher_encrypt: bad plaintext length %d", len); - cc->cipher->encrypt(cc, dest, src, len); + if (EVP_Cipher(&cc->evp, dest, (u_char *)src, len) == 0) + fatal("evp_crypt: EVP_Cipher failed"); } void -cipher_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) +cipher_cleanup(CipherContext *cc) { - if (len % cc->cipher->block_size) - fatal("cipher_decrypt: bad ciphertext length %d", len); - cc->cipher->decrypt(cc, dest, src, len); + if (EVP_CIPHER_CTX_cleanup(&cc->evp) == 0) + error("cipher_cleanup: EVP_CIPHER_CTX_cleanup failed"); } /* @@ -539,7 +235,7 @@ cipher_decrypt(CipherContext *cc, u_char *dest, const u_char *src, u_int len) void cipher_set_key_string(CipherContext *cc, Cipher *cipher, - const char *passphrase) + const char *passphrase, int encrypt) { MD5_CTX md; u_char digest[16]; @@ -548,8 +244,257 @@ cipher_set_key_string(CipherContext *cc, Cipher *cipher, MD5_Update(&md, (const u_char *)passphrase, strlen(passphrase)); MD5_Final(digest, &md); - cipher_init(cc, cipher, digest, 16, NULL, 0); + cipher_init(cc, cipher, digest, 16, NULL, 0, encrypt); memset(digest, 0, sizeof(digest)); memset(&md, 0, sizeof(md)); } + +/* Implementations for other non-EVP ciphers */ + +/* + * This is used by SSH1: + * + * What kind of triple DES are these 2 routines? + * + * Why is there a redundant initialization vector? + * + * If only iv3 was used, then, this would till effect have been + * outer-cbc. However, there is also a private iv1 == iv2 which + * perhaps makes differential analysis easier. On the other hand, the + * private iv1 probably makes the CRC-32 attack ineffective. This is a + * result of that there is no longer any known iv1 to use when + * choosing the X block. + */ +struct ssh1_3des_ctx +{ + EVP_CIPHER_CTX k1, k2, k3; +}; +static int +ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, + int enc) +{ + struct ssh1_3des_ctx *c; + u_char *k1, *k2, *k3; + + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { + c = xmalloc(sizeof(*c)); + EVP_CIPHER_CTX_set_app_data(ctx, c); + } + if (key == NULL) + return (1); + if (enc == -1) + enc = ctx->encrypt; + k1 = k2 = k3 = (u_char *) key; + k2 += 8; + if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) { + if (enc) + k3 += 16; + else + k1 += 16; + } + EVP_CIPHER_CTX_init(&c->k1); + EVP_CIPHER_CTX_init(&c->k2); + EVP_CIPHER_CTX_init(&c->k3); + if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || + EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || + EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { + memset(c, 0, sizeof(*c)); + xfree(c); + EVP_CIPHER_CTX_set_app_data(ctx, NULL); + return (0); + } + return (1); +} +static int +ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, u_int len) +{ + struct ssh1_3des_ctx *c; + + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { + error("ssh1_3des_cbc: no context"); + return (0); + } + if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 || + EVP_Cipher(&c->k2, dest, dest, len) == 0 || + EVP_Cipher(&c->k3, dest, dest, len) == 0) + return (0); + return (1); +} +static int +ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) +{ + struct ssh1_3des_ctx *c; + + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { + memset(c, 0, sizeof(*c)); + xfree(c); + EVP_CIPHER_CTX_set_app_data(ctx, NULL); + } + return (1); +} +static EVP_CIPHER * +evp_ssh1_3des(void) +{ + static EVP_CIPHER ssh1_3des; + + memset(&ssh1_3des, 0, sizeof(EVP_CIPHER)); + ssh1_3des.nid = NID_undef; + ssh1_3des.block_size = 8; + ssh1_3des.iv_len = 0; + ssh1_3des.key_len = 16; + ssh1_3des.init = ssh1_3des_init; + ssh1_3des.cleanup = ssh1_3des_cleanup; + ssh1_3des.do_cipher = ssh1_3des_cbc; + ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH; + return (&ssh1_3des); +} + +/* + * SSH1 uses a variation on Blowfish, all bytes must be swapped before + * and after encryption/decryption. Thus the swap_bytes stuff (yuk). + */ +static void +swap_bytes(const u_char *src, u_char *dst, int n) +{ + u_char c[4]; + + /* Process 4 bytes every lap. */ + for (n = n / 4; n > 0; n--) { + c[3] = *src++; + c[2] = *src++; + c[1] = *src++; + c[0] = *src++; + + *dst++ = c[0]; + *dst++ = c[1]; + *dst++ = c[2]; + *dst++ = c[3]; + } +} +static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, const u_char *, u_int) = NULL; +static int +bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, u_int len) +{ + int ret; + + swap_bytes(in, out, len); + ret = (*orig_bf)(ctx, out, out, len); + swap_bytes(out, out, len); + return (ret); +} +static EVP_CIPHER * +evp_ssh1_bf(void) +{ + static EVP_CIPHER ssh1_bf; + + memcpy(&ssh1_bf, EVP_bf_cbc(), sizeof(EVP_CIPHER)); + orig_bf = ssh1_bf.do_cipher; + ssh1_bf.nid = NID_undef; + ssh1_bf.do_cipher = bf_ssh1_cipher; + ssh1_bf.key_len = 32; + return (&ssh1_bf); +} + +/* RIJNDAEL */ +#define RIJNDAEL_BLOCKSIZE 16 +struct ssh_rijndael_ctx +{ + rijndael_ctx r_ctx; + u_char r_iv[RIJNDAEL_BLOCKSIZE]; +}; + +static int +ssh_rijndael_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, + int enc) +{ + struct ssh_rijndael_ctx *c; + + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { + c = xmalloc(sizeof(*c)); + EVP_CIPHER_CTX_set_app_data(ctx, c); + } + if (key != NULL) { + if (enc == -1) + enc = ctx->encrypt; + rijndael_set_key(&c->r_ctx, (u_char *)key, + 8*EVP_CIPHER_CTX_key_length(ctx), enc); + } + if (iv != NULL) + memcpy(c->r_iv, iv, RIJNDAEL_BLOCKSIZE); + return (1); +} +static int +ssh_rijndael_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, + u_int len) +{ + struct ssh_rijndael_ctx *c; + u_char buf[RIJNDAEL_BLOCKSIZE]; + u_char *cprev, *cnow, *plain, *ivp; + int i, j, blocks = len / RIJNDAEL_BLOCKSIZE; + + if (len == 0) + return (1); + if (len % RIJNDAEL_BLOCKSIZE) + fatal("ssh_rijndael_cbc: bad len %d", len); + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { + error("ssh_rijndael_cbc: no context"); + return (0); + } + if (ctx->encrypt) { + cnow = dest; + plain = (u_char *)src; + cprev = c->r_iv; + for (i = 0; i < blocks; i++, plain+=RIJNDAEL_BLOCKSIZE, + cnow+=RIJNDAEL_BLOCKSIZE) { + for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++) + buf[j] = plain[j] ^ cprev[j]; + rijndael_encrypt(&c->r_ctx, buf, cnow); + cprev = cnow; + } + memcpy(c->r_iv, cprev, RIJNDAEL_BLOCKSIZE); + } else { + cnow = (u_char *) (src+len-RIJNDAEL_BLOCKSIZE); + plain = dest+len-RIJNDAEL_BLOCKSIZE; + + memcpy(buf, cnow, RIJNDAEL_BLOCKSIZE); + for (i = blocks; i > 0; i--, cnow-=RIJNDAEL_BLOCKSIZE, + plain-=RIJNDAEL_BLOCKSIZE) { + rijndael_decrypt(&c->r_ctx, cnow, plain); + ivp = (i == 1) ? c->r_iv : cnow-RIJNDAEL_BLOCKSIZE; + for (j = 0; j < RIJNDAEL_BLOCKSIZE; j++) + plain[j] ^= ivp[j]; + } + memcpy(c->r_iv, buf, RIJNDAEL_BLOCKSIZE); + } + return (1); +} +static int +ssh_rijndael_cleanup(EVP_CIPHER_CTX *ctx) +{ + struct ssh_rijndael_ctx *c; + + if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { + memset(c, 0, sizeof(*c)); + xfree(c); + EVP_CIPHER_CTX_set_app_data(ctx, NULL); + } + return (1); +} +static EVP_CIPHER * +evp_rijndael(void) +{ + static EVP_CIPHER rijndal_cbc; + + memset(&rijndal_cbc, 0, sizeof(EVP_CIPHER)); + rijndal_cbc.nid = NID_undef; + rijndal_cbc.block_size = RIJNDAEL_BLOCKSIZE; + rijndal_cbc.iv_len = RIJNDAEL_BLOCKSIZE; + rijndal_cbc.key_len = 16; + rijndal_cbc.init = ssh_rijndael_init; + rijndal_cbc.cleanup = ssh_rijndael_cleanup; + rijndal_cbc.do_cipher = ssh_rijndael_cbc; + rijndal_cbc.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH | + EVP_CIPH_ALWAYS_CALL_INIT; + return (&rijndal_cbc); +} diff --git a/crypto/openssh/cipher.h b/crypto/openssh/cipher.h index 6d929aaff2a8..b3b0303c7f60 100644 --- a/crypto/openssh/cipher.h +++ b/crypto/openssh/cipher.h @@ -1,3 +1,5 @@ +/* $OpenBSD: cipher.h,v 1.32 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -32,16 +34,10 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: cipher.h,v 1.25 2000/12/19 23:17:56 markus Exp $"); */ - #ifndef CIPHER_H #define CIPHER_H -#include <openssl/des.h> -#include <openssl/blowfish.h> -#include <openssl/rc4.h> -#include <openssl/cast.h> -#include "rijndael.h" +#include <openssl/evp.h> /* * Cipher types for SSH-1. New types can be added, but old types should not * be removed for compatibility. The maximum allowed value is 31. @@ -59,59 +55,30 @@ #define SSH_CIPHER_RESERVED 7 #define SSH_CIPHER_MAX 31 +#define CIPHER_ENCRYPT 1 +#define CIPHER_DECRYPT 0 + typedef struct Cipher Cipher; typedef struct CipherContext CipherContext; +struct Cipher; struct CipherContext { - union { - struct { - des_key_schedule key; - des_cblock iv; - } des; - struct { - des_key_schedule key1; - des_key_schedule key2; - des_cblock iv2; - des_key_schedule key3; - des_cblock iv3; - } des3; - struct { - struct bf_key_st key; - u_char iv[8]; - } bf; - struct { - CAST_KEY key; - u_char iv[8]; - } cast; - struct { - u4byte iv[4]; - rijndael_ctx enc; - rijndael_ctx dec; - } rijndael; - RC4_KEY rc4; - } u; + int plaintext; + EVP_CIPHER_CTX evp; Cipher *cipher; }; -struct Cipher { - char *name; - int number; /* for ssh1 only */ - u_int block_size; - u_int key_len; - void (*setkey)(CipherContext *, const u_char *, u_int); - void (*setiv)(CipherContext *, const u_char *, u_int); - void (*encrypt)(CipherContext *, u_char *, const u_char *, u_int); - void (*decrypt)(CipherContext *, u_char *, const u_char *, u_int); -}; - -u_int cipher_mask_ssh1(int client); -Cipher *cipher_by_name(const char *name); -Cipher *cipher_by_number(int id); -int cipher_number(const char *name); -char *cipher_name(int id); -int ciphers_valid(const char *names); -void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, const u_char *, u_int); -void cipher_encrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len); -void cipher_decrypt(CipherContext *context, u_char *dest, const u_char *src, u_int len); -void cipher_set_key_string(CipherContext *context, Cipher *cipher, const char *passphrase); +u_int cipher_mask_ssh1(int); +Cipher *cipher_by_name(const char *); +Cipher *cipher_by_number(int); +int cipher_number(const char *); +char *cipher_name(int); +int ciphers_valid(const char *); +void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, + const u_char *, u_int, int); +void cipher_crypt(CipherContext *, u_char *, const u_char *, u_int); +void cipher_cleanup(CipherContext *); +void cipher_set_key_string(CipherContext *, Cipher *, const char *, int); +u_int cipher_blocksize(Cipher *); +u_int cipher_keylen(Cipher *); #endif /* CIPHER_H */ diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index 369ffe4acf84..65a6682a68e1 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -35,7 +35,7 @@ * * * SSH2 support added by Markus Friedl. - * Copyright (c) 1999,2000 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -59,7 +59,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: clientloop.c,v 1.65 2001/04/20 07:17:51 djm Exp $"); +RCSID("$OpenBSD: clientloop.c,v 1.96 2002/02/06 14:55:15 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -101,7 +101,8 @@ extern char *host; * window size to be sent to the server a little later. This is volatile * because this is updated in a signal handler. */ -static volatile int received_window_change_signal = 0; +static volatile sig_atomic_t received_window_change_signal = 0; +static volatile sig_atomic_t received_signal = 0; /* Flag indicating whether the user\'s terminal is in non-blocking mode. */ static int in_non_blocking_mode = 0; @@ -123,7 +124,7 @@ static int connection_out; /* Connection to server (output). */ static int need_rekeying; /* Set to non-zero if rekeying is requested. */ static int session_closed = 0; /* In SSH2: login session closed. */ -void client_init_dispatch(void); +static void client_init_dispatch(void); int session_ident = -1; /*XXX*/ @@ -131,7 +132,7 @@ extern Kex *xxx_kex; /* Restores stdin to blocking mode. */ -void +static void leave_non_blocking(void) { if (in_non_blocking_mode) { @@ -143,7 +144,7 @@ leave_non_blocking(void) /* Puts stdin terminal in non-blocking mode. */ -void +static void enter_non_blocking(void) { in_non_blocking_mode = 1; @@ -156,7 +157,7 @@ enter_non_blocking(void) * flag indicating that the window has changed. */ -void +static void window_change_handler(int sig) { received_window_change_signal = 1; @@ -168,16 +169,11 @@ window_change_handler(int sig) * signals must be trapped to restore terminal modes. */ -void +static void signal_handler(int sig) { - if (in_raw_mode()) - leave_raw_mode(); - if (in_non_blocking_mode) - leave_non_blocking(); - channel_stop_listening(); - packet_close(); - fatal("Killed by signal %d.", sig); + received_signal = sig; + quit_pending = 1; } /* @@ -185,7 +181,7 @@ signal_handler(int sig) * available resolution. */ -double +static double get_current_time(void) { struct timeval tv; @@ -199,7 +195,7 @@ get_current_time(void) * not appear to wake up when redirecting from /dev/null. */ -void +static void client_check_initial_eof_on_stdin(void) { int len; @@ -251,14 +247,14 @@ client_check_initial_eof_on_stdin(void) * connection. */ -void +static void client_make_packets_from_stdin_data(void) { u_int len; /* Send buffered stdin data to the server. */ while (buffer_len(&stdin_buffer) > 0 && - packet_not_very_much_data_to_write()) { + packet_not_very_much_data_to_write()) { len = buffer_len(&stdin_buffer); /* Keep the packets at reasonable size. */ if (len > packet_get_maxsize()) @@ -283,7 +279,7 @@ client_make_packets_from_stdin_data(void) * appropriate. */ -void +static void client_check_window_change(void) { struct winsize ws; @@ -320,12 +316,12 @@ client_check_window_change(void) * one of the file descriptors). */ -void +static void client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, - int *maxfdp, int rekeying) + int *maxfdp, int *nallocp, int rekeying) { /* Add any selections by the channel mechanism. */ - channel_prepare_select(readsetp, writesetp, maxfdp, rekeying); + channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, rekeying); if (!compat20) { /* Read from the connection, unless our buffers are full. */ @@ -346,7 +342,16 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, if (buffer_len(&stderr_buffer) > 0) FD_SET(fileno(stderr), *writesetp); } else { - FD_SET(connection_in, *readsetp); + /* channel_prepare_select could have closed the last channel */ + if (session_closed && !channel_still_open() && + !packet_have_data_to_write()) { + /* clear mask since we did not call select() */ + memset(*readsetp, 0, *nallocp); + memset(*writesetp, 0, *nallocp); + return; + } else { + FD_SET(connection_in, *readsetp); + } } /* Select server connection if have data to write to the server. */ @@ -370,8 +375,8 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, * We have to return, because the mainloop checks for the flags * set by the signal handlers. */ - memset(*readsetp, 0, *maxfdp); - memset(*writesetp, 0, *maxfdp); + memset(*readsetp, 0, *nallocp); + memset(*writesetp, 0, *nallocp); if (errno == EINTR) return; @@ -382,7 +387,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, } } -void +static void client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) { struct winsize oldws, newws; @@ -412,9 +417,9 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) /* Check if the window size has changed. */ if (ioctl(fileno(stdin), TIOCGWINSZ, &newws) >= 0 && (oldws.ws_row != newws.ws_row || - oldws.ws_col != newws.ws_col || - oldws.ws_xpixel != newws.ws_xpixel || - oldws.ws_ypixel != newws.ws_ypixel)) + oldws.ws_col != newws.ws_col || + oldws.ws_xpixel != newws.ws_xpixel || + oldws.ws_ypixel != newws.ws_ypixel)) received_window_change_signal = 1; /* OK, we have been continued by the user. Reinitialize buffers. */ @@ -425,7 +430,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) enter_raw_mode(); } -void +static void client_process_net_input(fd_set * readset) { int len; @@ -466,7 +471,7 @@ client_process_net_input(fd_set * readset) } /* process the characters one by one */ -int +static int process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) { char string[1024]; @@ -517,36 +522,19 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) continue; case '&': - /* XXX does not work yet with proto 2 */ - if (compat20) - continue; /* * Detach the program (continue to serve connections, * but put in background and no more new connections). */ - if (!stdin_eof) { - /* - * Sending SSH_CMSG_EOF alone does not always appear - * to be enough. So we try to send an EOF character - * first. - */ - packet_start(SSH_CMSG_STDIN_DATA); - packet_put_string("\004", 1); - packet_send(); - /* Close stdin. */ - stdin_eof = 1; - if (buffer_len(bin) == 0) { - packet_start(SSH_CMSG_EOF); - packet_send(); - } - } /* Restore tty modes. */ leave_raw_mode(); /* Stop listening for new connections. */ channel_stop_listening(); - printf("%c& [backgrounded]\n", escape_char); + snprintf(string, sizeof string, + "%c& [backgrounded]\n", escape_char); + buffer_append(berr, string, strlen(string)); /* Fork into background. */ pid = fork(); @@ -559,14 +547,34 @@ process_escapes(Buffer *bin, Buffer *bout, Buffer *berr, char *buf, int len) exit(0); } /* The child continues serving connections. */ - continue; /*XXX ? */ + if (compat20) { + buffer_append(bin, "\004", 1); + /* fake EOF on stdin */ + return -1; + } else if (!stdin_eof) { + /* + * Sending SSH_CMSG_EOF alone does not always appear + * to be enough. So we try to send an EOF character + * first. + */ + packet_start(SSH_CMSG_STDIN_DATA); + packet_put_string("\004", 1); + packet_send(); + /* Close stdin. */ + stdin_eof = 1; + if (buffer_len(bin) == 0) { + packet_start(SSH_CMSG_EOF); + packet_send(); + } + } + continue; case '?': snprintf(string, sizeof string, "%c?\r\n\ Supported escape sequences:\r\n\ ~. - terminate connection\r\n\ -~R - Request rekey (SSH protocol 2 only)\r\n\ +~R - Request rekey (SSH protocol 2 only)\r\n\ ~^Z - suspend ssh\r\n\ ~# - list forwarded connections\r\n\ ~& - background ssh (when waiting for connections to terminate)\r\n\ @@ -616,7 +624,7 @@ Supported escape sequences:\r\n\ return bytes; } -void +static void client_process_input(fd_set * readset) { int len; @@ -651,7 +659,7 @@ client_process_input(fd_set * readset) packet_start(SSH_CMSG_EOF); packet_send(); } - } else if (escape_char == -1) { + } else if (escape_char == SSH_ESCAPECHAR_NONE) { /* * Normal successful read, and no escape character. * Just append the data to buffer. @@ -669,7 +677,7 @@ client_process_input(fd_set * readset) } } -void +static void client_process_output(fd_set * writeset) { int len; @@ -730,7 +738,7 @@ client_process_output(fd_set * writeset) * preparatory phase. */ -void +static void client_process_buffered_input_packets(void) { dispatch_run(DISPATCH_NONBLOCK, &quit_pending, compat20 ? xxx_kex : NULL); @@ -738,19 +746,20 @@ client_process_buffered_input_packets(void) /* scan buf[] for '~' before sending data to the peer */ -int +static int simple_escape_filter(Channel *c, char *buf, int len) { /* XXX we assume c->extended is writeable */ return process_escapes(&c->input, &c->output, &c->extended, buf, len); } -void +static void client_channel_closed(int id, void *arg) { if (id != session_ident) error("client_channel_closed: id %d != session_ident %d", id, session_ident); + channel_cancel_cleanup(id); session_closed = 1; if (in_raw_mode()) leave_raw_mode(); @@ -759,8 +768,8 @@ client_channel_closed(int id, void *arg) /* * Implements the interactive session with the server. This is called after * the user has been authenticated, and a command has been started on the - * remote host. If escape_char != -1, it is the character used as an escape - * character for terminating or suspending the session. + * remote host. If escape_char != SSH_ESCAPECHAR_NONE, it is the character + * used as an escape character for terminating or suspending the session. */ int @@ -768,7 +777,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) { fd_set *readset = NULL, *writeset = NULL; double start_time, total_time; - int max_fd = 0, len, rekeying = 0; + int max_fd = 0, max_fd2 = 0, len, rekeying = 0, nalloc = 0; char buf[100]; debug("Entering interactive session."); @@ -814,7 +823,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) signal(SIGINT, signal_handler); signal(SIGQUIT, signal_handler); signal(SIGTERM, signal_handler); - signal(SIGPIPE, SIG_IGN); if (have_pty) signal(SIGWINCH, window_change_handler); @@ -823,7 +831,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) if (compat20) { session_ident = ssh2_chan_id; - if (escape_char != -1) + if (escape_char != SSH_ESCAPECHAR_NONE) channel_register_filter(session_ident, simple_escape_filter); if (session_ident != -1) @@ -875,8 +883,9 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) * Wait until we have something to do (something becomes * available on one of the descriptors). */ + max_fd2 = max_fd; client_wait_until_can_do_something(&readset, &writeset, - &max_fd, rekeying); + &max_fd2, &nalloc, rekeying); if (quit_pending) break; @@ -924,8 +933,24 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) if (have_pty) signal(SIGWINCH, SIG_DFL); - /* Stop listening for connections. */ - channel_stop_listening(); + channel_free_all(); + + if (have_pty) + leave_raw_mode(); + + /* restore blocking io */ + if (!isatty(fileno(stdin))) + unset_nonblock(fileno(stdin)); + if (!isatty(fileno(stdout))) + unset_nonblock(fileno(stdout)); + if (!isatty(fileno(stderr))) + unset_nonblock(fileno(stderr)); + + if (received_signal) { + if (in_non_blocking_mode) /* XXX */ + leave_non_blocking(); + fatal("Killed by signal %d.", (int) received_signal); + } /* * In interactive mode (with pseudo tty) display a message indicating @@ -935,6 +960,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) snprintf(buf, sizeof buf, "Connection to %.64s closed.\r\n", host); buffer_append(&stderr_buffer, buf, strlen(buf)); } + /* Output any buffered data for stdout. */ while (buffer_len(&stdout_buffer) > 0) { len = write(fileno(stdout), buffer_ptr(&stdout_buffer), @@ -959,9 +985,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) stderr_bytes += len; } - if (have_pty) - leave_raw_mode(); - /* Clear and free any buffers. */ memset(buf, 0, sizeof(buf)); buffer_free(&stdin_buffer); @@ -971,11 +994,11 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /* Report bytes transferred, and transfer rates. */ total_time = get_current_time() - start_time; debug("Transferred: stdin %lu, stdout %lu, stderr %lu bytes in %.1f seconds", - stdin_bytes, stdout_bytes, stderr_bytes, total_time); + stdin_bytes, stdout_bytes, stderr_bytes, total_time); if (total_time > 0) debug("Bytes per second: stdin %.1f, stdout %.1f, stderr %.1f", - stdin_bytes / total_time, stdout_bytes / total_time, - stderr_bytes / total_time); + stdin_bytes / total_time, stdout_bytes / total_time, + stderr_bytes / total_time); /* Return the exit status of the program. */ debug("Exit status %d", exit_status); @@ -984,31 +1007,31 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /*********/ -void -client_input_stdout_data(int type, int plen, void *ctxt) +static void +client_input_stdout_data(int type, u_int32_t seq, void *ctxt) { u_int data_len; char *data = packet_get_string(&data_len); - packet_integrity_check(plen, 4 + data_len, type); + packet_check_eom(); buffer_append(&stdout_buffer, data, data_len); memset(data, 0, data_len); xfree(data); } -void -client_input_stderr_data(int type, int plen, void *ctxt) +static void +client_input_stderr_data(int type, u_int32_t seq, void *ctxt) { u_int data_len; char *data = packet_get_string(&data_len); - packet_integrity_check(plen, 4 + data_len, type); + packet_check_eom(); buffer_append(&stderr_buffer, data, data_len); memset(data, 0, data_len); xfree(data); } -void -client_input_exit_status(int type, int plen, void *ctxt) +static void +client_input_exit_status(int type, u_int32_t seq, void *ctxt) { - packet_integrity_check(plen, 4, type); exit_status = packet_get_int(); + packet_check_eom(); /* Acknowledge the exit. */ packet_start(SSH_CMSG_EXIT_CONFIRMATION); packet_send(); @@ -1021,44 +1044,46 @@ client_input_exit_status(int type, int plen, void *ctxt) quit_pending = 1; } -Channel * +static Channel * client_request_forwarded_tcpip(const char *request_type, int rchan) { Channel* c = NULL; char *listen_address, *originator_address; int listen_port, originator_port; - int sock, newch; + int sock; /* Get rest of the packet */ listen_address = packet_get_string(NULL); listen_port = packet_get_int(); originator_address = packet_get_string(NULL); originator_port = packet_get_int(); - packet_done(); + packet_check_eom(); debug("client_request_forwarded_tcpip: listen %s port %d, originator %s port %d", listen_address, listen_port, originator_address, originator_port); - sock = channel_connect_by_listen_adress(listen_port); - if (sock >= 0) { - newch = channel_new("forwarded-tcpip", - SSH_CHANNEL_CONNECTING, sock, sock, -1, - CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, - xstrdup(originator_address), 1); - c = channel_lookup(newch); + sock = channel_connect_by_listen_address(listen_port); + if (sock < 0) { + xfree(originator_address); + xfree(listen_address); + return NULL; } + c = channel_new("forwarded-tcpip", + SSH_CHANNEL_CONNECTING, sock, sock, -1, + CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, + xstrdup(originator_address), 1); xfree(originator_address); xfree(listen_address); return c; } -Channel* +static Channel* client_request_x11(const char *request_type, int rchan) { Channel *c = NULL; char *originator; int originator_port; - int sock, newch; + int sock; if (!options.forward_x11) { error("Warning: ssh server tried X11 forwarding."); @@ -1072,27 +1097,27 @@ client_request_x11(const char *request_type, int rchan) } else { originator_port = packet_get_int(); } - packet_done(); + packet_check_eom(); /* XXX check permission */ debug("client_request_x11: request from %s %d", originator, originator_port); - sock = x11_connect_display(); - if (sock >= 0) { - newch = channel_new("x11", - SSH_CHANNEL_X11_OPEN, sock, sock, -1, - CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, - xstrdup("x11"), 1); - c = channel_lookup(newch); - } xfree(originator); + sock = x11_connect_display(); + if (sock < 0) + return NULL; + c = channel_new("x11", + SSH_CHANNEL_X11_OPEN, sock, sock, -1, + CHAN_TCP_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT, 0, + xstrdup("x11"), 1); + c->force_drain = 1; return c; } -Channel* +static Channel* client_request_agent(const char *request_type, int rchan) { Channel *c = NULL; - int sock, newch; + int sock; if (!options.forward_agent) { error("Warning: ssh server tried agent forwarding."); @@ -1100,19 +1125,19 @@ client_request_agent(const char *request_type, int rchan) return NULL; } sock = ssh_get_authentication_socket(); - if (sock >= 0) { - newch = channel_new("authentication agent connection", - SSH_CHANNEL_OPEN, sock, sock, -1, - CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, - xstrdup("authentication agent connection"), 1); - c = channel_lookup(newch); - } + if (sock < 0) + return NULL; + c = channel_new("authentication agent connection", + SSH_CHANNEL_OPEN, sock, sock, -1, + CHAN_X11_WINDOW_DEFAULT, CHAN_TCP_WINDOW_DEFAULT, 0, + xstrdup("authentication agent connection"), 1); + c->force_drain = 1; return c; } /* XXXX move to generic input handler */ -void -client_input_channel_open(int type, int plen, void *ctxt) +static void +client_input_channel_open(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; char *ctype; @@ -1142,26 +1167,29 @@ client_input_channel_open(int type, int plen, void *ctxt) c->remote_id = rchan; c->remote_window = rwindow; c->remote_maxpacket = rmaxpack; - - packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(c->remote_id); - packet_put_int(c->self); - packet_put_int(c->local_window); - packet_put_int(c->local_maxpacket); - packet_send(); + if (c->type != SSH_CHANNEL_CONNECTING) { + packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(c->remote_id); + packet_put_int(c->self); + packet_put_int(c->local_window); + packet_put_int(c->local_maxpacket); + packet_send(); + } } else { debug("failure %s", ctype); packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); packet_put_int(rchan); packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED); - packet_put_cstring("bla bla"); - packet_put_cstring(""); + if (!(datafellows & SSH_BUG_OPENFAILURE)) { + packet_put_cstring("open failed"); + packet_put_cstring(""); + } packet_send(); } xfree(ctype); } -void -client_input_channel_req(int type, int plen, void *ctxt) +static void +client_input_channel_req(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; int id, reply, success = 0; @@ -1186,7 +1214,7 @@ client_input_channel_req(int type, int plen, void *ctxt) } else if (strcmp(rtype, "exit-status") == 0) { success = 1; exit_status = packet_get_int(); - packet_done(); + packet_check_eom(); } if (reply) { packet_start(success ? @@ -1196,8 +1224,26 @@ client_input_channel_req(int type, int plen, void *ctxt) } xfree(rtype); } +static void +client_input_global_request(int type, u_int32_t seq, void *ctxt) +{ + char *rtype; + int want_reply; + int success = 0; + + rtype = packet_get_string(NULL); + want_reply = packet_get_char(); + debug("client_input_global_request: rtype %s want_reply %d", rtype, want_reply); + if (want_reply) { + packet_start(success ? + SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE); + packet_send(); + packet_write_wait(); + } + xfree(rtype); +} -void +static void client_init_dispatch_20(void) { dispatch_init(&dispatch_protocol_error); @@ -1210,11 +1256,12 @@ client_init_dispatch_20(void) dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &client_input_channel_req); dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); + dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &client_input_global_request); /* rekeying */ dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); } -void +static void client_init_dispatch_13(void) { dispatch_init(NULL); @@ -1233,14 +1280,14 @@ client_init_dispatch_13(void) dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ? &x11_input_open : &deny_input_open); } -void +static void client_init_dispatch_15(void) { client_init_dispatch_13(); dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof); dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, & channel_input_oclose); } -void +static void client_init_dispatch(void) { if (compat20) diff --git a/crypto/openssh/clientloop.h b/crypto/openssh/clientloop.h index ee40d87ea908..1bc9a95236cc 100644 --- a/crypto/openssh/clientloop.h +++ b/crypto/openssh/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.4 2001/02/06 22:43:02 markus Exp $ */ +/* $OpenBSD: clientloop.h,v 1.6 2001/06/26 17:27:23 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -36,4 +36,4 @@ */ /* Client side main loop for the interactive session. */ -int client_loop(int have_pty, int escape_char, int id); +int client_loop(int, int, int); diff --git a/crypto/openssh/compat.c b/crypto/openssh/compat.c index e0f9d8549bc2..74d5ed85ed6b 100644 --- a/crypto/openssh/compat.c +++ b/crypto/openssh/compat.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999,2000 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,14 +23,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: compat.c,v 1.47 2001/04/18 23:43:25 markus Exp $"); - -#include <regex.h> +RCSID("$OpenBSD: compat.c,v 1.61 2002/03/06 00:24:39 markus Exp $"); +#include "buffer.h" #include "packet.h" #include "xmalloc.h" #include "compat.h" #include "log.h" +#include "match.h" int compat13 = 0; int compat20 = 0; @@ -52,76 +52,97 @@ enable_compat13(void) void compat_datafellows(const char *version) { - int i, ret; - char ebuf[1024]; - regex_t reg; + int i; static struct { char *pat; int bugs; } check[] = { - { "^OpenSSH[-_]2\\.[012]", - SSH_OLD_SESSIONID|SSH_BUG_BANNER| + { "OpenSSH-2.0*," + "OpenSSH-2.1*," + "OpenSSH_2.1*," + "OpenSSH_2.2*", SSH_OLD_SESSIONID|SSH_BUG_BANNER| SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, - { "^OpenSSH_2\\.3\\.0", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| + { "OpenSSH_2.3.0*", SSH_BUG_BANNER|SSH_BUG_BIGENDIANAES| SSH_OLD_DHGEX|SSH_BUG_NOREKEY}, - { "^OpenSSH_2\\.3\\.", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| + { "OpenSSH_2.3.*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| SSH_BUG_NOREKEY}, - { "^OpenSSH_2\\.5\\.[01]p1", + { "OpenSSH_2.5.0p1*," + "OpenSSH_2.5.1p1*", SSH_BUG_BIGENDIANAES|SSH_OLD_DHGEX| SSH_BUG_NOREKEY }, - { "^OpenSSH_2\\.5\\.[012]", - SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, - { "^OpenSSH_2\\.5\\.3", - SSH_BUG_NOREKEY }, - { "^OpenSSH", 0 }, - { "MindTerm", 0 }, - { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| + { "OpenSSH_2.5.0*," + "OpenSSH_2.5.1*," + "OpenSSH_2.5.2*", SSH_OLD_DHGEX|SSH_BUG_NOREKEY }, + { "OpenSSH_2.5.3*", SSH_BUG_NOREKEY }, + { "Sun_SSH_1.0*", SSH_BUG_NOREKEY }, + { "OpenSSH*", 0 }, + { "*MindTerm*", 0 }, + { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, - { "^2\\.1 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| + { "2.1 *", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_RSASIGMD5|SSH_BUG_HBSERVICE }, - { "^2\\.0\\.1[3-9]", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| + { "2.0.13*," + "2.0.14*," + "2.0.15*," + "2.0.16*," + "2.0.17*," + "2.0.18*," + "2.0.19*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| SSH_BUG_PKOK|SSH_BUG_RSASIGMD5| - SSH_BUG_HBSERVICE }, - { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| + SSH_BUG_HBSERVICE|SSH_BUG_OPENFAILURE| + SSH_BUG_DUMMYCHAN }, + { "2.0.11*," + "2.0.12*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID|SSH_BUG_DEBUG| SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| SSH_BUG_PKAUTH|SSH_BUG_PKOK| + SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| + SSH_BUG_DUMMYCHAN }, + { "2.0.*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| + SSH_OLD_SESSIONID|SSH_BUG_DEBUG| + SSH_BUG_PKSERVICE|SSH_BUG_X11FWD| + SSH_BUG_PKAUTH|SSH_BUG_PKOK| + SSH_BUG_RSASIGMD5|SSH_BUG_OPENFAILURE| + SSH_BUG_DERIVEKEY|SSH_BUG_DUMMYCHAN }, + { "2.2.0*," + "2.3.0*", SSH_BUG_HMAC|SSH_BUG_DEBUG| SSH_BUG_RSASIGMD5 }, - { "^2\\.[23]\\.0", SSH_BUG_HMAC|SSH_BUG_RSASIGMD5 }, - { "^2\\.3\\.", SSH_BUG_RSASIGMD5 }, - { "^2\\.[2-9]\\.", 0 }, - { "^2\\.4$", SSH_OLD_SESSIONID }, /* Van Dyke */ - { "^3\\.0 SecureCRT", SSH_OLD_SESSIONID }, - { "^1\\.7 SecureFX", SSH_OLD_SESSIONID }, - { "^1\\.2\\.1[89]", SSH_BUG_IGNOREMSG }, - { "^1\\.2\\.2[012]", SSH_BUG_IGNOREMSG }, - { "^1\\.3\\.2", SSH_BUG_IGNOREMSG }, /* f-secure */ - { "^SSH Compatible Server", /* Netscreen */ - SSH_BUG_PASSWORDPAD }, - { "^OSU_0", SSH_BUG_PASSWORDPAD }, - { "^OSU_1\\.[0-4]", SSH_BUG_PASSWORDPAD }, - { "^OSU_1\\.5alpha[1-3]", + { "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5 }, + { "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */ + { "2.*", SSH_BUG_DEBUG }, + { "3.0.*", SSH_BUG_DEBUG }, + { "3.0 SecureCRT*", SSH_OLD_SESSIONID }, + { "1.7 SecureFX*", SSH_OLD_SESSIONID }, + { "1.2.18*," + "1.2.19*," + "1.2.20*," + "1.2.21*," + "1.2.22*", SSH_BUG_IGNOREMSG }, + { "1.3.2*", SSH_BUG_IGNOREMSG }, /* f-secure */ + { "*SSH Compatible Server*", /* Netscreen */ SSH_BUG_PASSWORDPAD }, - { "^SSH_Version_Mapper", + { "*OSU_0*," + "OSU_1.0*," + "OSU_1.1*," + "OSU_1.2*," + "OSU_1.3*," + "OSU_1.4*," + "OSU_1.5alpha1*," + "OSU_1.5alpha2*," + "OSU_1.5alpha3*", SSH_BUG_PASSWORDPAD }, + { "*SSH_Version_Mapper*", SSH_BUG_SCANNER }, { NULL, 0 } }; + /* process table, return first match */ for (i = 0; check[i].pat; i++) { - ret = regcomp(®, check[i].pat, REG_EXTENDED|REG_NOSUB); - if (ret != 0) { - regerror(ret, ®, ebuf, sizeof(ebuf)); - ebuf[sizeof(ebuf)-1] = '\0'; - error("regerror: %s", ebuf); - continue; - } - ret = regexec(®, version, 0, NULL, 0); - regfree(®); - if (ret == 0) { + if (match_pattern_list(version, check[i].pat, + strlen(check[i].pat), 0) == 1) { debug("match: %s pat %s", version, check[i].pat); datafellows = check[i].bugs; return; @@ -141,7 +162,7 @@ proto_spec(const char *spec) return ret; q = s = xstrdup(spec); for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { - switch(atoi(p)) { + switch (atoi(p)) { case 1: if (ret == SSH_PROTO_UNKNOWN) ret |= SSH_PROTO_1_PREFERRED; @@ -162,24 +183,25 @@ proto_spec(const char *spec) char * compat_cipher_proposal(char *cipher_prop) { + Buffer b; char *orig_prop, *fix_ciphers; char *cp, *tmp; - size_t len; if (!(datafellows & SSH_BUG_BIGENDIANAES)) return(cipher_prop); - len = strlen(cipher_prop) + 1; - fix_ciphers = xmalloc(len); - *fix_ciphers = '\0'; + buffer_init(&b); tmp = orig_prop = xstrdup(cipher_prop); - while((cp = strsep(&tmp, ",")) != NULL) { - if (strncmp(cp, "aes", 3) && strncmp(cp, "rijndael", 8)) { - if (*fix_ciphers) - strlcat(fix_ciphers, ",", len); - strlcat(fix_ciphers, cp, len); + while ((cp = strsep(&tmp, ",")) != NULL) { + if (strncmp(cp, "aes", 3) != 0) { + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + buffer_append(&b, cp, strlen(cp)); } } + buffer_append(&b, "\0", 1); + fix_ciphers = xstrdup(buffer_ptr(&b)); + buffer_free(&b); xfree(orig_prop); debug2("Original cipher proposal: %s", cipher_prop); debug2("Compat cipher proposal: %s", fix_ciphers); diff --git a/crypto/openssh/compat.h b/crypto/openssh/compat.h index fc6f3344f5ae..0eeb782e861a 100644 --- a/crypto/openssh/compat.h +++ b/crypto/openssh/compat.h @@ -1,5 +1,7 @@ +/* $OpenBSD: compat.h,v 1.30 2002/03/04 17:27:39 stevesk Exp $ */ + /* - * Copyright (c) 1999 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -21,7 +23,6 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: compat.h,v 1.23 2001/04/12 19:15:24 markus Exp $"); */ #ifndef COMPAT_H #define COMPAT_H @@ -31,29 +32,33 @@ #define SSH_PROTO_1_PREFERRED 0x02 #define SSH_PROTO_2 0x04 -#define SSH_BUG_SIGBLOB 0x0001 -#define SSH_BUG_PKSERVICE 0x0002 -#define SSH_BUG_HMAC 0x0004 -#define SSH_BUG_X11FWD 0x0008 -#define SSH_OLD_SESSIONID 0x0010 -#define SSH_BUG_PKAUTH 0x0020 -#define SSH_BUG_DEBUG 0x0040 -#define SSH_BUG_BANNER 0x0080 -#define SSH_BUG_IGNOREMSG 0x0100 -#define SSH_BUG_PKOK 0x0200 -#define SSH_BUG_PASSWORDPAD 0x0400 -#define SSH_BUG_SCANNER 0x0800 -#define SSH_BUG_BIGENDIANAES 0x1000 -#define SSH_BUG_RSASIGMD5 0x2000 -#define SSH_OLD_DHGEX 0x4000 -#define SSH_BUG_NOREKEY 0x8000 -#define SSH_BUG_HBSERVICE 0x10000 +#define SSH_BUG_SIGBLOB 0x00000001 +#define SSH_BUG_PKSERVICE 0x00000002 +#define SSH_BUG_HMAC 0x00000004 +#define SSH_BUG_X11FWD 0x00000008 +#define SSH_OLD_SESSIONID 0x00000010 +#define SSH_BUG_PKAUTH 0x00000020 +#define SSH_BUG_DEBUG 0x00000040 +#define SSH_BUG_BANNER 0x00000080 +#define SSH_BUG_IGNOREMSG 0x00000100 +#define SSH_BUG_PKOK 0x00000200 +#define SSH_BUG_PASSWORDPAD 0x00000400 +#define SSH_BUG_SCANNER 0x00000800 +#define SSH_BUG_BIGENDIANAES 0x00001000 +#define SSH_BUG_RSASIGMD5 0x00002000 +#define SSH_OLD_DHGEX 0x00004000 +#define SSH_BUG_NOREKEY 0x00008000 +#define SSH_BUG_HBSERVICE 0x00010000 +#define SSH_BUG_OPENFAILURE 0x00020000 +#define SSH_BUG_DERIVEKEY 0x00040000 +#define SSH_BUG_DUMMYCHAN 0x00100000 + +void enable_compat13(void); +void enable_compat20(void); +void compat_datafellows(const char *); +int proto_spec(const char *); +char *compat_cipher_proposal(char *); -void enable_compat13(void); -void enable_compat20(void); -void compat_datafellows(const char *s); -int proto_spec(const char *spec); -char *compat_cipher_proposal(char *cipher_prop); extern int compat13; extern int compat20; extern int datafellows; diff --git a/crypto/openssh/compress.c b/crypto/openssh/compress.c index 3e41b3d82183..3badbf452da2 100644 --- a/crypto/openssh/compress.c +++ b/crypto/openssh/compress.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: compress.c,v 1.14 2001/04/05 10:39:01 markus Exp $"); +RCSID("$OpenBSD: compress.c,v 1.17 2001/12/29 21:56:01 stevesk Exp $"); #include "log.h" #include "buffer.h" @@ -33,7 +33,7 @@ void buffer_compress_init_send(int level) { if (compress_init_send_called == 1) - deflateEnd(&incoming_stream); + deflateEnd(&outgoing_stream); compress_init_send_called = 1; debug("Enabling compression at level %d.", level); if (level < 1 || level > 9) @@ -55,13 +55,13 @@ void buffer_compress_uninit(void) { debug("compress outgoing: raw data %lu, compressed %lu, factor %.2f", - outgoing_stream.total_in, outgoing_stream.total_out, - outgoing_stream.total_in == 0 ? 0.0 : - (double) outgoing_stream.total_out / outgoing_stream.total_in); + outgoing_stream.total_in, outgoing_stream.total_out, + outgoing_stream.total_in == 0 ? 0.0 : + (double) outgoing_stream.total_out / outgoing_stream.total_in); debug("compress incoming: raw data %lu, compressed %lu, factor %.2f", - incoming_stream.total_out, incoming_stream.total_in, - incoming_stream.total_out == 0 ? 0.0 : - (double) incoming_stream.total_in / incoming_stream.total_out); + incoming_stream.total_out, incoming_stream.total_in, + incoming_stream.total_out == 0 ? 0.0 : + (double) incoming_stream.total_in / incoming_stream.total_out); if (compress_init_recv_called == 1) inflateEnd(&incoming_stream); if (compress_init_send_called == 1) @@ -80,7 +80,7 @@ buffer_compress_uninit(void) void buffer_compress(Buffer * input_buffer, Buffer * output_buffer) { - char buf[4096]; + u_char buf[4096]; int status; /* This case is not handled below. */ @@ -88,13 +88,13 @@ buffer_compress(Buffer * input_buffer, Buffer * output_buffer) return; /* Input is the contents of the input buffer. */ - outgoing_stream.next_in = (u_char *) buffer_ptr(input_buffer); + outgoing_stream.next_in = buffer_ptr(input_buffer); outgoing_stream.avail_in = buffer_len(input_buffer); /* Loop compressing until deflate() returns with avail_out != 0. */ do { /* Set up fixed-size output buffer. */ - outgoing_stream.next_out = (u_char *)buf; + outgoing_stream.next_out = buf; outgoing_stream.avail_out = sizeof(buf); /* Compress as much data into the buffer as possible. */ @@ -124,15 +124,15 @@ buffer_compress(Buffer * input_buffer, Buffer * output_buffer) void buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer) { - char buf[4096]; + u_char buf[4096]; int status; - incoming_stream.next_in = (u_char *) buffer_ptr(input_buffer); + incoming_stream.next_in = buffer_ptr(input_buffer); incoming_stream.avail_in = buffer_len(input_buffer); for (;;) { /* Set up fixed-size output buffer. */ - incoming_stream.next_out = (u_char *) buf; + incoming_stream.next_out = buf; incoming_stream.avail_out = sizeof(buf); status = inflate(&incoming_stream, Z_PARTIAL_FLUSH); diff --git a/crypto/openssh/compress.h b/crypto/openssh/compress.h index f90932a6faf4..e364f4bdc582 100644 --- a/crypto/openssh/compress.h +++ b/crypto/openssh/compress.h @@ -1,3 +1,5 @@ +/* $OpenBSD: compress.h,v 1.11 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,39 +13,13 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: compress.h,v 1.8 2001/04/05 10:39:02 markus Exp $"); */ - #ifndef COMPRESS_H #define COMPRESS_H -/* - * Initializes compression; level is compression level from 1 to 9 (as in - * gzip). - */ -void buffer_compress_init_send(int level); -void buffer_compress_init_recv(void); - -/* Frees any data structures allocated by buffer_compress_init. */ -void buffer_compress_uninit(void); - -/* - * Compresses the contents of input_buffer into output_buffer. All packets - * compressed using this function will form a single compressed data stream; - * however, data will be flushed at the end of every call so that each - * output_buffer can be decompressed independently (but in the appropriate - * order since they together form a single compression stream) by the - * receiver. This appends the compressed data to the output buffer. - */ -void buffer_compress(Buffer * input_buffer, Buffer * output_buffer); - -/* - * Uncompresses the contents of input_buffer into output_buffer. All packets - * uncompressed using this function will form a single compressed data - * stream; however, data will be flushed at the end of every call so that - * each output_buffer. This must be called for the same size units that the - * buffer_compress was called, and in the same order that buffers compressed - * with that. This appends the uncompressed data to the output buffer. - */ -void buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer); +void buffer_compress_init_send(int); +void buffer_compress_init_recv(void); +void buffer_compress_uninit(void); +void buffer_compress(Buffer *, Buffer *); +void buffer_uncompress(Buffer *, Buffer *); #endif /* COMPRESS_H */ diff --git a/crypto/openssh/crc32.h b/crypto/openssh/crc32.h index c469a90fec34..cd1832ff62e2 100644 --- a/crypto/openssh/crc32.h +++ b/crypto/openssh/crc32.h @@ -1,3 +1,5 @@ +/* $OpenBSD: crc32.h,v 1.13 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1992 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,15 +13,9 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: crc32.h,v 1.10 2001/03/02 18:54:31 deraadt Exp $"); */ - #ifndef CRC32_H #define CRC32_H -/* - * This computes a 32 bit CRC of the data in the buffer, and returns the CRC. - * The polynomial used is 0xedb88320. - */ -u_int ssh_crc32(const u_char *buf, u_int len); +u_int ssh_crc32(const u_char *, u_int); #endif /* CRC32_H */ diff --git a/crypto/openssh/deattack.c b/crypto/openssh/deattack.c index 36023e0d3371..0442501e7a17 100644 --- a/crypto/openssh/deattack.c +++ b/crypto/openssh/deattack.c @@ -1,5 +1,3 @@ -/* $OpenBSD: deattack.c,v 1.13 2001/03/01 02:45:10 deraadt Exp $ */ - /* * Cryptographic attack detector for ssh - source code * @@ -20,11 +18,14 @@ */ #include "includes.h" +RCSID("$OpenBSD: deattack.c,v 1.18 2002/03/04 17:27:39 stevesk Exp $"); + #include "deattack.h" #include "log.h" #include "crc32.h" #include "getput.h" #include "xmalloc.h" +#include "deattack.h" /* SSH Constants */ #define SSH_MAXBLOCKS (32 * 1024) @@ -36,7 +37,7 @@ #define HASH_FACTOR(x) ((x)*3/2) #define HASH_UNUSEDCHAR (0xff) #define HASH_UNUSED (0xffff) -#define HASH_IV (0xfffe) +#define HASH_IV (0xfffe) #define HASH_MINBLOCKS (7*SSH_BLOCKSIZE) @@ -46,8 +47,7 @@ #define CMP(a, b) (memcmp(a, b, SSH_BLOCKSIZE)) - -void +static void crc_update(u_int32_t *a, u_int32_t b) { b ^= *a; @@ -55,7 +55,7 @@ crc_update(u_int32_t *a, u_int32_t b) } /* detect if a block is used in a particular pattern */ -int +static int check_crc(u_char *S, u_char *buf, u_int32_t len, u_char *IV) { @@ -86,9 +86,9 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) { static u_int16_t *h = (u_int16_t *) NULL; static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; - register u_int32_t i, j; + u_int32_t i, j; u_int32_t l; - register u_char *c; + u_char *c; u_char *d; if (len > (SSH_MAXBLOCKS * SSH_BLOCKSIZE) || @@ -135,7 +135,7 @@ detect_attack(u_char *buf, u_int32_t len, u_char *IV) for (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; - i = (i + 1) & (n - 1)) { + i = (i + 1) & (n - 1)) { if (h[i] == HASH_IV) { if (!CMP(c, IV)) { if (check_crc(c, buf, len, IV)) diff --git a/crypto/openssh/deattack.h b/crypto/openssh/deattack.h index 3907159b417e..ddccdea50594 100644 --- a/crypto/openssh/deattack.h +++ b/crypto/openssh/deattack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: deattack.h,v 1.5 2001/01/29 01:58:15 niklas Exp $ */ +/* $OpenBSD: deattack.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */ /* * Cryptographic attack detector for ssh - Header file @@ -26,5 +26,5 @@ #define DEATTACK_OK 0 #define DEATTACK_DETECTED 1 -int detect_attack(u_char *buf, u_int32_t len, u_char IV[8]); +int detect_attack(u_char *, u_int32_t, u_char[8]); #endif diff --git a/crypto/openssh/dh.c b/crypto/openssh/dh.c index 575522ddb5ec..33187e02824e 100644 --- a/crypto/openssh/dh.c +++ b/crypto/openssh/dh.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: dh.c,v 1.14 2001/04/15 08:43:45 markus Exp $"); +RCSID("$OpenBSD: dh.c,v 1.21 2002/03/06 00:23:27 markus Exp $"); #include "xmalloc.h" @@ -39,7 +39,7 @@ RCSID("$OpenBSD: dh.c,v 1.14 2001/04/15 08:43:45 markus Exp $"); #include "log.h" #include "misc.h" -int +static int parse_prime(int linenum, char *line, struct dhgroup *dhg) { char *cp, *arg; @@ -78,8 +78,10 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) if (cp != NULL || *prime == '\0') goto fail; - dhg->g = BN_new(); - dhg->p = BN_new(); + if ((dhg->g = BN_new()) == NULL) + fatal("parse_prime: BN_new failed"); + if ((dhg->p = BN_new()) == NULL) + fatal("parse_prime: BN_new failed"); if (BN_hex2bn(&dhg->g, gen) == 0) goto failclean; @@ -92,8 +94,8 @@ parse_prime(int linenum, char *line, struct dhgroup *dhg) return (1); failclean: - BN_free(dhg->g); - BN_free(dhg->p); + BN_clear_free(dhg->g); + BN_clear_free(dhg->p); fail: error("Bad prime description in line %d", linenum); return (0); @@ -103,14 +105,14 @@ DH * choose_dh(int min, int wantbits, int max) { FILE *f; - char line[1024]; + char line[2048]; int best, bestcount, which; int linenum; struct dhgroup dhg; - f = fopen(_PATH_DH_PRIMES, "r"); - if (!f) { - log("WARNING: %s does not exist, using old prime", _PATH_DH_PRIMES); + if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL && + (f = fopen(_PATH_DH_PRIMES, "r")) == NULL) { + log("WARNING: %s does not exist, using old modulus", _PATH_DH_MODULI); return (dh_new_group1()); } @@ -120,8 +122,8 @@ choose_dh(int min, int wantbits, int max) linenum++; if (!parse_prime(linenum, line, &dhg)) continue; - BN_free(dhg.g); - BN_free(dhg.p); + BN_clear_free(dhg.g); + BN_clear_free(dhg.p); if (dhg.size > max || dhg.size < min) continue; @@ -134,18 +136,14 @@ choose_dh(int min, int wantbits, int max) if (dhg.size == best) bestcount++; } - fclose (f); + rewind(f); if (bestcount == 0) { + fclose(f); log("WARNING: no suitable primes in %s", _PATH_DH_PRIMES); return (NULL); } - f = fopen(_PATH_DH_PRIMES, "r"); - if (!f) { - fatal("WARNING: %s disappeared, giving up", _PATH_DH_PRIMES); - } - linenum = 0; which = arc4random() % bestcount; while (fgets(line, sizeof(line), f)) { @@ -154,8 +152,8 @@ choose_dh(int min, int wantbits, int max) if ((dhg.size > max || dhg.size < min) || dhg.size != best || linenum++ != which) { - BN_free(dhg.g); - BN_free(dhg.p); + BN_clear_free(dhg.g); + BN_clear_free(dhg.p); continue; } break; @@ -205,9 +203,8 @@ dh_gen_key(DH *dh, int need) BN_num_bits(dh->p), 2*need); do { if (dh->priv_key != NULL) - BN_free(dh->priv_key); - dh->priv_key = BN_new(); - if (dh->priv_key == NULL) + BN_clear_free(dh->priv_key); + if ((dh->priv_key = BN_new()) == NULL) fatal("dh_gen_key: BN_new failed"); /* generate a 2*need bits random private exponent */ if (!BN_rand(dh->priv_key, 2*need, 0, 0)) @@ -229,9 +226,8 @@ dh_new_group_asc(const char *gen, const char *modulus) { DH *dh; - dh = DH_new(); - if (dh == NULL) - fatal("DH_new"); + if ((dh = DH_new()) == NULL) + fatal("dh_new_group_asc: DH_new"); if (BN_hex2bn(&dh->p, modulus) == 0) fatal("BN_hex2bn p"); @@ -251,9 +247,8 @@ dh_new_group(BIGNUM *gen, BIGNUM *modulus) { DH *dh; - dh = DH_new(); - if (dh == NULL) - fatal("DH_new"); + if ((dh = DH_new()) == NULL) + fatal("dh_new_group: DH_new"); dh->p = modulus; dh->g = gen; diff --git a/crypto/openssh/dh.h b/crypto/openssh/dh.h index e8b2944ce9ff..a0c97b2ff222 100644 --- a/crypto/openssh/dh.h +++ b/crypto/openssh/dh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.h,v 1.5 2001/04/03 19:53:29 markus Exp $ */ +/* $OpenBSD: dh.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. @@ -32,15 +32,15 @@ struct dhgroup { BIGNUM *p; }; -DH *choose_dh(int min, int nbits, int max); +DH *choose_dh(int, int, int); DH *dh_new_group_asc(const char *, const char *); DH *dh_new_group(BIGNUM *, BIGNUM *); DH *dh_new_group1(void); -void dh_gen_key(DH *, int); -int dh_pub_is_valid(DH *dh, BIGNUM *dh_pub); +void dh_gen_key(DH *, int); +int dh_pub_is_valid(DH *, BIGNUM *); -int dh_estimate(int bits); +int dh_estimate(int); #define DH_GRP_MIN 1024 #define DH_GRP_MAX 8192 diff --git a/crypto/openssh/dispatch.c b/crypto/openssh/dispatch.c index 7168d1c741a4..ce32bc22f21e 100644 --- a/crypto/openssh/dispatch.c +++ b/crypto/openssh/dispatch.c @@ -22,7 +22,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: dispatch.c,v 1.10 2001/02/18 18:33:53 markus Exp $"); +RCSID("$OpenBSD: dispatch.c,v 1.15 2002/01/11 13:39:36 markus Exp $"); #include "ssh1.h" #include "ssh2.h" @@ -37,20 +37,40 @@ RCSID("$OpenBSD: dispatch.c,v 1.10 2001/02/18 18:33:53 markus Exp $"); dispatch_fn *dispatch[DISPATCH_MAX]; void -dispatch_protocol_error(int type, int plen, void *ctxt) +dispatch_protocol_error(int type, u_int32_t seq, void *ctxt) { - error("Hm, dispatch protocol error: type %d plen %d", type, plen); - if (compat20 && type == SSH2_MSG_KEXINIT) - fatal("dispatch_protocol_error: rekeying is not supported"); + log("dispatch_protocol_error: type %d seq %u", type, seq); + if (!compat20) + fatal("protocol error"); + packet_start(SSH2_MSG_UNIMPLEMENTED); + packet_put_int(seq); + packet_send(); + packet_write_wait(); +} +void +dispatch_protocol_ignore(int type, u_int32_t seq, void *ctxt) +{ + log("dispatch_protocol_ignore: type %d seq %u", type, seq); } void dispatch_init(dispatch_fn *dflt) { - int i; + u_int i; for (i = 0; i < DISPATCH_MAX; i++) dispatch[i] = dflt; } void +dispatch_range(u_int from, u_int to, dispatch_fn *fn) +{ + u_int i; + + for (i = from; i <= to; i++) { + if (i >= DISPATCH_MAX) + break; + dispatch[i] = fn; + } +} +void dispatch_set(int type, dispatch_fn *fn) { dispatch[type] = fn; @@ -59,18 +79,18 @@ void dispatch_run(int mode, int *done, void *ctxt) { for (;;) { - int plen; int type; + u_int32_t seqnr; if (mode == DISPATCH_BLOCK) { - type = packet_read(&plen); + type = packet_read_seqnr(&seqnr); } else { - type = packet_read_poll(&plen); + type = packet_read_poll_seqnr(&seqnr); if (type == SSH_MSG_NONE) return; } if (type > 0 && type < DISPATCH_MAX && dispatch[type] != NULL) - (*dispatch[type])(type, plen, ctxt); + (*dispatch[type])(type, seqnr, ctxt); else packet_disconnect("protocol error: rcvd type %d", type); if (done != NULL && *done) diff --git a/crypto/openssh/dispatch.h b/crypto/openssh/dispatch.h index 0bee03b2badd..a82e2165b356 100644 --- a/crypto/openssh/dispatch.h +++ b/crypto/openssh/dispatch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.h,v 1.4 2001/01/29 01:58:15 niklas Exp $ */ +/* $OpenBSD: dispatch.h,v 1.9 2002/01/11 13:39:36 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -28,9 +28,11 @@ enum { DISPATCH_NONBLOCK }; -typedef void dispatch_fn(int type, int plen, void *ctxt); +typedef void dispatch_fn(int, u_int32_t, void *); -void dispatch_init(dispatch_fn *dflt); -void dispatch_set(int type, dispatch_fn *fn); -void dispatch_run(int mode, int *done, void *ctxt); -void dispatch_protocol_error(int type, int plen, void *ctxt); +void dispatch_init(dispatch_fn *); +void dispatch_set(int, dispatch_fn *); +void dispatch_range(u_int, u_int, dispatch_fn *); +void dispatch_run(int, int *, void *); +void dispatch_protocol_error(int, u_int32_t, void *); +void dispatch_protocol_ignore(int, u_int32_t, void *); diff --git a/crypto/openssh/fatal.c b/crypto/openssh/fatal.c new file mode 100644 index 000000000000..9e7d1600073f --- /dev/null +++ b/crypto/openssh/fatal.c @@ -0,0 +1,40 @@ +/* + * Copyright (c) 2002 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" +RCSID("$OpenBSD: fatal.c,v 1.1 2002/02/22 12:20:34 markus Exp $"); + +#include "log.h" + +/* Fatal messages. This function never returns. */ + +void +fatal(const char *fmt,...) +{ + va_list args; + va_start(args, fmt); + do_log(SYSLOG_LEVEL_FATAL, fmt, args); + va_end(args); + fatal_cleanup(); +} diff --git a/crypto/openssh/getput.h b/crypto/openssh/getput.h index 1a19d22cdb00..20cf8f20b30a 100644 --- a/crypto/openssh/getput.h +++ b/crypto/openssh/getput.h @@ -1,3 +1,5 @@ +/* $OpenBSD: getput.h,v 1.8 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,8 +13,6 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: getput.h,v 1.7 2001/01/10 22:56:22 markus Exp $"); */ - #ifndef GETPUT_H #define GETPUT_H diff --git a/crypto/openssh/groupaccess.c b/crypto/openssh/groupaccess.c index ac9e00acaf2d..66dfa68fe1f8 100644 --- a/crypto/openssh/groupaccess.c +++ b/crypto/openssh/groupaccess.c @@ -1,5 +1,3 @@ -/* $OpenBSD: groupaccess.c,v 1.3 2001/01/29 01:58:15 niklas Exp $ */ - /* * Copyright (c) 2001 Kevin Steves. All rights reserved. * @@ -25,6 +23,7 @@ */ #include "includes.h" +RCSID("$OpenBSD: groupaccess.c,v 1.5 2002/03/04 17:27:39 stevesk Exp $"); #include "groupaccess.h" #include "xmalloc.h" @@ -34,6 +33,10 @@ static int ngroups; static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */ +/* + * Initialize group access list for user with primary (base) and + * supplementary groups. Return the number of groups in the list. + */ int ga_init(const char *user, gid_t base) { @@ -53,6 +56,10 @@ ga_init(const char *user, gid_t base) return (ngroups = j); } +/* + * Return 1 if one of user's groups is contained in groups. + * Return 0 otherwise. Use match_pattern() for string comparison. + */ int ga_match(char * const *groups, int n) { @@ -65,6 +72,9 @@ ga_match(char * const *groups, int n) return 0; } +/* + * Free memory allocated for group access list. + */ void ga_free(void) { diff --git a/crypto/openssh/groupaccess.h b/crypto/openssh/groupaccess.h index b4e5e42fc634..ede4805c2c24 100644 --- a/crypto/openssh/groupaccess.h +++ b/crypto/openssh/groupaccess.h @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.h,v 1.2 2001/01/29 01:58:15 niklas Exp $ */ +/* $OpenBSD: groupaccess.h,v 1.4 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. @@ -29,21 +29,8 @@ #include <grp.h> -/* - * Initialize group access list for user with primary (base) and - * supplementary groups. Return the number of groups in the list. - */ -int ga_init(const char *user, gid_t base); - -/* - * Return 1 if one of user's groups is contained in groups. - * Return 0 otherwise. Use match_pattern() for string comparison. - */ -int ga_match(char * const *groups, int ngroups); - -/* - * Free memory allocated for group access list. - */ -void ga_free(void); +int ga_init(const char *, gid_t); +int ga_match(char * const *, int); +void ga_free(void); #endif diff --git a/crypto/openssh/hostfile.c b/crypto/openssh/hostfile.c index d532bd6adbb0..cefff8d62765 100644 --- a/crypto/openssh/hostfile.c +++ b/crypto/openssh/hostfile.c @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". * * - * Copyright (c) 1999,2000 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000 Markus Friedl. All rights reserved. * Copyright (c) 1999 Niels Provos. All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -36,7 +36,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: hostfile.c,v 1.26 2001/04/12 19:15:24 markus Exp $"); +RCSID("$OpenBSD: hostfile.c,v 1.29 2001/12/18 10:04:21 jakob Exp $"); #include "packet.h" #include "match.h" @@ -71,18 +71,7 @@ hostfile_read_key(char **cpp, u_int *bitsp, Key *ret) return 1; } -int -auth_rsa_read_key(char **cpp, u_int *bitsp, BIGNUM * e, BIGNUM * n) -{ - Key *k = key_new(KEY_RSA1); - int ret = hostfile_read_key(cpp, bitsp, k); - BN_copy(e, k->rsa->e); - BN_copy(n, k->rsa->n); - key_free(k); - return ret; -} - -int +static int hostfile_check_key(int bits, Key *key, const char *host, const char *filename, int linenum) { if (key == NULL || key->type != KEY_RSA1 || key->rsa == NULL) diff --git a/crypto/openssh/hostfile.h b/crypto/openssh/hostfile.h index 346bcd9ba54c..0244fdb53ea4 100644 --- a/crypto/openssh/hostfile.h +++ b/crypto/openssh/hostfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.7 2001/02/08 19:30:51 itojun Exp $ */ +/* $OpenBSD: hostfile.h,v 1.10 2001/12/18 10:04:21 jakob Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -14,27 +14,13 @@ #ifndef HOSTFILE_H #define HOSTFILE_H -int -auth_rsa_read_key(char **cpp, u_int *bitsp, BIGNUM * e, BIGNUM * n); - -/* - * Checks whether the given host is already in the list of our known hosts. - * Returns HOST_OK if the host is known and has the specified key, HOST_NEW - * if the host is not known, and HOST_CHANGED if the host is known but used - * to have a different host key. The host must be in all lowercase. - */ typedef enum { HOST_OK, HOST_NEW, HOST_CHANGED } HostStatus; +int hostfile_read_key(char **, u_int *, Key *); HostStatus -check_host_in_hostfile(const char *filename, const char *host, Key *key, - Key *found, int *line); - -/* - * Appends an entry to the host file. Returns false if the entry could not - * be appended. - */ -int add_host_to_hostfile(const char *filename, const char *host, Key *key); +check_host_in_hostfile(const char *, const char *, Key *, Key *, int *); +int add_host_to_hostfile(const char *, const char *, Key *); #endif diff --git a/crypto/openssh/includes.h b/crypto/openssh/includes.h index 59258c2b0d49..d9ac05fa468d 100644 --- a/crypto/openssh/includes.h +++ b/crypto/openssh/includes.h @@ -1,4 +1,4 @@ -/* $OpenBSD: includes.h,v 1.14 2001/01/29 01:58:16 niklas Exp $ */ +/* $OpenBSD: includes.h,v 1.17 2002/01/26 16:44:22 stevesk Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -57,9 +57,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } #include "version.h" -/* Define this to be the path of the xauth program. */ -#define XAUTH_PATH "/usr/X11R6/bin/xauth" - /* * Define this to use pipes instead of socketpairs for communicating with the * client program. Socketpairs do not seem to work on all systems. diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c index 69ba102e1694..bf8fd95b4a28 100644 --- a/crypto/openssh/kex.c +++ b/crypto/openssh/kex.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.33 2001/04/05 10:42:50 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.47 2002/02/28 15:46:33 markus Exp $"); #include <openssl/crypto.h> @@ -43,11 +43,12 @@ RCSID("$OpenBSD: kex.c,v 1.33 2001/04/05 10:42:50 markus Exp $"); #define KEX_COOKIE_LEN 16 -void kex_kexinit_finish(Kex *kex); -void kex_choose_conf(Kex *k); +/* prototype */ +static void kex_kexinit_finish(Kex *); +static void kex_choose_conf(Kex *); /* put algorithm proposal into buffer */ -void +static void kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) { u_int32_t rand = 0; @@ -67,7 +68,7 @@ kex_prop2buf(Buffer *b, char *proposal[PROPOSAL_MAX]) } /* parse buffer and return algorithm proposal */ -char ** +static char ** kex_buf2prop(Buffer *raw) { Buffer b; @@ -95,7 +96,7 @@ kex_buf2prop(Buffer *raw) return proposal; } -void +static void kex_prop_free(char **proposal) { int i; @@ -105,28 +106,24 @@ kex_prop_free(char **proposal) xfree(proposal); } -void -kex_protocol_error(int type, int plen, void *ctxt) +static void +kex_protocol_error(int type, u_int32_t seq, void *ctxt) { - error("Hm, kex protocol error: type %d plen %d", type, plen); + error("Hm, kex protocol error: type %d seq %u", type, seq); } -void -kex_clear_dispatch(void) +static void +kex_reset_dispatch(void) { - int i; - - /* Numbers 30-49 are used for kex packets */ - for (i = 30; i <= 49; i++) - dispatch_set(i, &kex_protocol_error); + dispatch_range(SSH2_MSG_TRANSPORT_MIN, + SSH2_MSG_TRANSPORT_MAX, &kex_protocol_error); + dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); } void kex_finish(Kex *kex) { - int plen; - - kex_clear_dispatch(); + kex_reset_dispatch(); packet_start(SSH2_MSG_NEWKEYS); packet_send(); @@ -134,7 +131,8 @@ kex_finish(Kex *kex) debug("SSH2_MSG_NEWKEYS sent"); debug("waiting for SSH2_MSG_NEWKEYS"); - packet_read_expect(&plen, SSH2_MSG_NEWKEYS); + packet_read_expect(SSH2_MSG_NEWKEYS); + packet_check_eom(); debug("SSH2_MSG_NEWKEYS received"); kex->done = 1; @@ -165,7 +163,7 @@ kex_send_kexinit(Kex *kex) } void -kex_input_kexinit(int type, int plen, void *ctxt) +kex_input_kexinit(int type, u_int32_t seq, void *ctxt) { char *ptr; int dlen; @@ -186,7 +184,7 @@ kex_input_kexinit(int type, int plen, void *ctxt) xfree(packet_get_string(NULL)); packet_get_char(); packet_get_int(); - packet_done(); + packet_check_eom(); kex_kexinit_finish(kex); } @@ -204,13 +202,12 @@ kex_setup(char *proposal[PROPOSAL_MAX]) kex->done = 0; kex_send_kexinit(kex); /* we start */ - kex_clear_dispatch(); - dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); + kex_reset_dispatch(); return kex; } -void +static void kex_kexinit_finish(Kex *kex) { if (!(kex->flags & KEX_INIT_SENT)) @@ -218,7 +215,7 @@ kex_kexinit_finish(Kex *kex) kex_choose_conf(kex); - switch(kex->kex_type) { + switch (kex->kex_type) { case DH_GRP1_SHA1: kexdh(kex); break; @@ -230,21 +227,22 @@ kex_kexinit_finish(Kex *kex) } } -void +static void choose_enc(Enc *enc, char *client, char *server) { char *name = match_list(client, server, NULL); if (name == NULL) fatal("no matching cipher found: client %s server %s", client, server); - enc->cipher = cipher_by_name(name); - if (enc->cipher == NULL) + if ((enc->cipher = cipher_by_name(name)) == NULL) fatal("matching cipher is not supported: %s", name); enc->name = name; enc->enabled = 0; enc->iv = NULL; enc->key = NULL; + enc->key_len = cipher_keylen(enc->cipher); + enc->block_size = cipher_blocksize(enc->cipher); } -void +static void choose_mac(Mac *mac, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -259,7 +257,7 @@ choose_mac(Mac *mac, char *client, char *server) mac->key = NULL; mac->enabled = 0; } -void +static void choose_comp(Comp *comp, char *client, char *server) { char *name = match_list(client, server, NULL); @@ -274,7 +272,7 @@ choose_comp(Comp *comp, char *client, char *server) } comp->name = name; } -void +static void choose_kex(Kex *k, char *client, char *server) { k->name = match_list(client, server, NULL); @@ -287,7 +285,7 @@ choose_kex(Kex *k, char *client, char *server) } else fatal("bad kex alg %s", k->name); } -void +static void choose_hostkeyalg(Kex *k, char *client, char *server) { char *hostkeyalg = match_list(client, server, NULL); @@ -299,7 +297,7 @@ choose_hostkeyalg(Kex *k, char *client, char *server) xfree(hostkeyalg); } -void +static void kex_choose_conf(Kex *kex) { Newkeys *newkeys; @@ -345,10 +343,10 @@ kex_choose_conf(Kex *kex) need = 0; for (mode = 0; mode < MODE_MAX; mode++) { newkeys = kex->newkeys[mode]; - if (need < newkeys->enc.cipher->key_len) - need = newkeys->enc.cipher->key_len; - if (need < newkeys->enc.cipher->block_size) - need = newkeys->enc.cipher->block_size; + if (need < newkeys->enc.key_len) + need = newkeys->enc.key_len; + if (need < newkeys->enc.block_size) + need = newkeys->enc.block_size; if (need < newkeys->mac.key_len) need = newkeys->mac.key_len; } @@ -359,15 +357,15 @@ kex_choose_conf(Kex *kex) kex_prop_free(peer); } -u_char * +static u_char * derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) { Buffer b; - EVP_MD *evp_md = EVP_sha1(); + const EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; char c = id; int have; - int mdsz = evp_md->md_size; + int mdsz = EVP_MD_size(evp_md); u_char *digest = xmalloc(roundup(need, mdsz)); buffer_init(&b); @@ -375,7 +373,8 @@ derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) /* K1 = HASH(K || H || "A" || session_id) */ EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); + if (!(datafellows & SSH_BUG_DERIVEKEY)) + EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); EVP_DigestUpdate(&md, hash, mdsz); EVP_DigestUpdate(&md, &c, 1); EVP_DigestUpdate(&md, kex->session_id, kex->session_id_len); @@ -388,7 +387,8 @@ derive_key(Kex *kex, int id, int need, u_char *hash, BIGNUM *shared_secret) */ for (have = mdsz; need > have; have += mdsz) { EVP_DigestInit(&md, evp_md); - EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); + if (!(datafellows & SSH_BUG_DERIVEKEY)) + EVP_DigestUpdate(&md, buffer_ptr(&b), buffer_len(&b)); EVP_DigestUpdate(&md, hash, mdsz); EVP_DigestUpdate(&md, digest, have); EVP_DigestFinal(&md, digest + have, NULL); @@ -441,7 +441,7 @@ dump_digest(char *msg, u_char *digest, int len) int i; fprintf(stderr, "%s\n", msg); - for (i = 0; i< len; i++){ + for (i = 0; i< len; i++) { fprintf(stderr, "%02x", digest[i]); if (i%32 == 31) fprintf(stderr, "\n"); diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h index 8758804c5544..755bf332aa40 100644 --- a/crypto/openssh/kex.h +++ b/crypto/openssh/kex.h @@ -1,7 +1,7 @@ -/* $OpenBSD: kex.h,v 1.22 2001/04/04 20:25:37 markus Exp $ */ +/* $OpenBSD: kex.h,v 1.29 2002/02/14 23:41:01 markus Exp $ */ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -71,6 +71,8 @@ struct Enc { char *name; Cipher *cipher; int enabled; + u_int key_len; + u_int block_size; u_char *key; u_char *iv; }; @@ -107,24 +109,24 @@ struct Kex { int flags; char *client_version_string; char *server_version_string; - int (*check_host_key)(Key *hostkey); - Key *(*load_host_key)(int type); + int (*verify_host_key)(Key *); + Key *(*load_host_key)(int); }; -Kex *kex_setup(char *proposal[PROPOSAL_MAX]); -void kex_finish(Kex *kex); +Kex *kex_setup(char *[PROPOSAL_MAX]); +void kex_finish(Kex *); -void kex_send_kexinit(Kex *kex); -void kex_input_kexinit(int type, int plen, void *ctxt); -void kex_derive_keys(Kex *k, u_char *hash, BIGNUM *shared_secret); +void kex_send_kexinit(Kex *); +void kex_input_kexinit(int, u_int32_t, void *); +void kex_derive_keys(Kex *, u_char *, BIGNUM *); -void kexdh(Kex *); -void kexgex(Kex *); +void kexdh(Kex *); +void kexgex(Kex *); -Newkeys *kex_get_newkeys(int mode); +Newkeys *kex_get_newkeys(int); #if defined(DEBUG_KEX) || defined(DEBUG_KEXDH) -void dump_digest(char *msg, u_char *digest, int len); +void dump_digest(char *, u_char *, int); #endif #endif diff --git a/crypto/openssh/kexdh.c b/crypto/openssh/kexdh.c index 7b6a22040a3e..eaf497ca7f1d 100644 --- a/crypto/openssh/kexdh.c +++ b/crypto/openssh/kexdh.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexdh.c,v 1.3 2001/04/04 09:48:34 markus Exp $"); +RCSID("$OpenBSD: kexdh.c,v 1.17 2002/02/28 15:46:33 markus Exp $"); #include <openssl/crypto.h> #include <openssl/bn.h> @@ -38,25 +38,25 @@ RCSID("$OpenBSD: kexdh.c,v 1.3 2001/04/04 09:48:34 markus Exp $"); #include "dh.h" #include "ssh2.h" -u_char * +static u_char * kex_dh_hash( char *client_version_string, char *server_version_string, char *ckexinit, int ckexinitlen, char *skexinit, int skexinitlen, - char *serverhostkeyblob, int sbloblen, + u_char *serverhostkeyblob, int sbloblen, BIGNUM *client_dh_pub, BIGNUM *server_dh_pub, BIGNUM *shared_secret) { Buffer b; static u_char digest[EVP_MAX_MD_SIZE]; - EVP_MD *evp_md = EVP_sha1(); + const EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; buffer_init(&b); - buffer_put_string(&b, client_version_string, strlen(client_version_string)); - buffer_put_string(&b, server_version_string, strlen(server_version_string)); + buffer_put_cstring(&b, client_version_string); + buffer_put_cstring(&b, server_version_string); /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ buffer_put_int(&b, ckexinitlen+1); @@ -81,23 +81,22 @@ kex_dh_hash( buffer_free(&b); #ifdef DEBUG_KEX - dump_digest("hash", digest, evp_md->md_size); + dump_digest("hash", digest, EVP_MD_size(evp_md)); #endif return digest; } /* client */ -void +static void kexdh_client(Kex *kex) { BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; DH *dh; Key *server_host_key; - char *server_host_key_blob = NULL, *signature = NULL; + u_char *server_host_key_blob = NULL, *signature = NULL; u_char *kbuf, *hash; u_int klen, kout, slen, sbloblen; - int dlen, plen; /* generate and send 'e', client DH public key */ dh = dh_new_group1(); @@ -115,23 +114,24 @@ kexdh_client(Kex *kex) #endif debug("expecting SSH2_MSG_KEXDH_REPLY"); - packet_read_expect(&plen, SSH2_MSG_KEXDH_REPLY); + packet_read_expect(SSH2_MSG_KEXDH_REPLY); /* key, cert */ server_host_key_blob = packet_get_string(&sbloblen); server_host_key = key_from_blob(server_host_key_blob, sbloblen); if (server_host_key == NULL) fatal("cannot decode server_host_key_blob"); - - if (kex->check_host_key == NULL) - fatal("cannot check server_host_key"); - kex->check_host_key(server_host_key); + if (server_host_key->type != kex->hostkey_type) + fatal("type mismatch for decoded server_host_key_blob"); + if (kex->verify_host_key == NULL) + fatal("cannot verify server_host_key"); + if (kex->verify_host_key(server_host_key) == -1) + fatal("server_host_key verification failed"); /* DH paramter f, server public DH key */ - dh_server_pub = BN_new(); - if (dh_server_pub == NULL) + if ((dh_server_pub = BN_new()) == NULL) fatal("dh_server_pub == NULL"); - packet_get_bignum2(dh_server_pub, &dlen); + packet_get_bignum2(dh_server_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_server_pub= "); @@ -142,7 +142,7 @@ kexdh_client(Kex *kex) /* signed H */ signature = packet_get_string(&slen); - packet_done(); + packet_check_eom(); if (!dh_pub_is_valid(dh, dh_server_pub)) packet_disconnect("bad server public DH value"); @@ -153,7 +153,8 @@ kexdh_client(Kex *kex) #ifdef DEBUG_KEXDH dump_digest("shared secret", kbuf, kout); #endif - shared_secret = BN_new(); + if ((shared_secret = BN_new()) == NULL) + fatal("kexdh_client: BN_new failed"); BN_bin2bn(kbuf, kout, shared_secret); memset(kbuf, 0, klen); xfree(kbuf); @@ -170,10 +171,10 @@ kexdh_client(Kex *kex) shared_secret ); xfree(server_host_key_blob); - BN_free(dh_server_pub); + BN_clear_free(dh_server_pub); DH_free(dh); - if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1) + if (key_verify(server_host_key, signature, slen, hash, 20) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); xfree(signature); @@ -192,7 +193,7 @@ kexdh_client(Kex *kex) /* server */ -void +static void kexdh_server(Kex *kex) { BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; @@ -200,14 +201,14 @@ kexdh_server(Kex *kex) Key *server_host_key; u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; u_int sbloblen, klen, kout; - int dlen, slen, plen; + u_int slen; /* generate server DH public key */ dh = dh_new_group1(); dh_gen_key(dh, kex->we_need * 8); debug("expecting SSH2_MSG_KEXDH_INIT"); - packet_read_expect(&plen, SSH2_MSG_KEXDH_INIT); + packet_read_expect(SSH2_MSG_KEXDH_INIT); if (kex->load_host_key == NULL) fatal("Cannot load hostkey"); @@ -216,10 +217,10 @@ kexdh_server(Kex *kex) fatal("Unsupported hostkey type %d", kex->hostkey_type); /* key, cert */ - dh_client_pub = BN_new(); - if (dh_client_pub == NULL) + if ((dh_client_pub = BN_new()) == NULL) fatal("dh_client_pub == NULL"); - packet_get_bignum2(dh_client_pub, &dlen); + packet_get_bignum2(dh_client_pub); + packet_check_eom(); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_client_pub= "); @@ -243,7 +244,8 @@ kexdh_server(Kex *kex) #ifdef DEBUG_KEXDH dump_digest("shared secret", kbuf, kout); #endif - shared_secret = BN_new(); + if ((shared_secret = BN_new()) == NULL) + fatal("kexdh_server: BN_new failed"); BN_bin2bn(kbuf, kout, shared_secret); memset(kbuf, 0, klen); xfree(kbuf); @@ -256,12 +258,12 @@ kexdh_server(Kex *kex) kex->server_version_string, buffer_ptr(&kex->peer), buffer_len(&kex->peer), buffer_ptr(&kex->my), buffer_len(&kex->my), - (char *)server_host_key_blob, sbloblen, + server_host_key_blob, sbloblen, dh_client_pub, dh->pub_key, shared_secret ); - BN_free(dh_client_pub); + BN_clear_free(dh_client_pub); /* save session id := H */ /* XXX hashlen depends on KEX */ @@ -279,9 +281,9 @@ kexdh_server(Kex *kex) /* send server hostkey, DH pubkey 'f' and singed H */ packet_start(SSH2_MSG_KEXDH_REPLY); - packet_put_string((char *)server_host_key_blob, sbloblen); + packet_put_string(server_host_key_blob, sbloblen); packet_put_bignum2(dh->pub_key); /* f */ - packet_put_string((char *)signature, slen); + packet_put_string(signature, slen); packet_send(); xfree(signature); diff --git a/crypto/openssh/kexgex.c b/crypto/openssh/kexgex.c index 44f2f5c950de..61896e6ed467 100644 --- a/crypto/openssh/kexgex.c +++ b/crypto/openssh/kexgex.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kexgex.c,v 1.5 2001/04/05 10:42:50 markus Exp $"); +RCSID("$OpenBSD: kexgex.c,v 1.20 2002/02/28 15:46:33 markus Exp $"); #include <openssl/bn.h> @@ -39,13 +39,13 @@ RCSID("$OpenBSD: kexgex.c,v 1.5 2001/04/05 10:42:50 markus Exp $"); #include "ssh2.h" #include "compat.h" -u_char * +static u_char * kexgex_hash( char *client_version_string, char *server_version_string, char *ckexinit, int ckexinitlen, char *skexinit, int skexinitlen, - char *serverhostkeyblob, int sbloblen, + u_char *serverhostkeyblob, int sbloblen, int min, int wantbits, int max, BIGNUM *prime, BIGNUM *gen, BIGNUM *client_dh_pub, BIGNUM *server_dh_pub, @@ -53,12 +53,12 @@ kexgex_hash( { Buffer b; static u_char digest[EVP_MAX_MD_SIZE]; - EVP_MD *evp_md = EVP_sha1(); + const EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; buffer_init(&b); - buffer_put_string(&b, client_version_string, strlen(client_version_string)); - buffer_put_string(&b, server_version_string, strlen(server_version_string)); + buffer_put_cstring(&b, client_version_string); + buffer_put_cstring(&b, server_version_string); /* kexinit messages: fake header: len+SSH2_MSG_KEXINIT */ buffer_put_int(&b, ckexinitlen+1); @@ -92,14 +92,14 @@ kexgex_hash( buffer_free(&b); #ifdef DEBUG_KEXDH - dump_digest("hash", digest, evp_md->md_size); + dump_digest("hash", digest, EVP_MD_size(evp_md)); #endif return digest; } /* client */ -void +static void kexgex_client(Kex *kex) { BIGNUM *dh_server_pub = NULL, *shared_secret = NULL; @@ -107,7 +107,7 @@ kexgex_client(Kex *kex) Key *server_host_key; u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; u_int klen, kout, slen, sbloblen; - int dlen, plen, min, max, nbits; + int min, max, nbits; DH *dh; nbits = dh_estimate(kex->we_need * 8); @@ -138,15 +138,15 @@ kexgex_client(Kex *kex) packet_send(); debug("expecting SSH2_MSG_KEX_DH_GEX_GROUP"); - packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_GROUP); + packet_read_expect(SSH2_MSG_KEX_DH_GEX_GROUP); if ((p = BN_new()) == NULL) fatal("BN_new"); - packet_get_bignum2(p, &dlen); + packet_get_bignum2(p); if ((g = BN_new()) == NULL) fatal("BN_new"); - packet_get_bignum2(g, &dlen); - packet_done(); + packet_get_bignum2(g); + packet_check_eom(); if (BN_num_bits(p) < min || BN_num_bits(p) > max) fatal("DH_GEX group out of range: %d !< %d !< %d", @@ -169,23 +169,24 @@ kexgex_client(Kex *kex) packet_send(); debug("expecting SSH2_MSG_KEX_DH_GEX_REPLY"); - packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_REPLY); + packet_read_expect(SSH2_MSG_KEX_DH_GEX_REPLY); /* key, cert */ server_host_key_blob = packet_get_string(&sbloblen); server_host_key = key_from_blob(server_host_key_blob, sbloblen); if (server_host_key == NULL) fatal("cannot decode server_host_key_blob"); - - if (kex->check_host_key == NULL) - fatal("cannot check server_host_key"); - kex->check_host_key(server_host_key); + if (server_host_key->type != kex->hostkey_type) + fatal("type mismatch for decoded server_host_key_blob"); + if (kex->verify_host_key == NULL) + fatal("cannot verify server_host_key"); + if (kex->verify_host_key(server_host_key) == -1) + fatal("server_host_key verification failed"); /* DH paramter f, server public DH key */ - dh_server_pub = BN_new(); - if (dh_server_pub == NULL) + if ((dh_server_pub = BN_new()) == NULL) fatal("dh_server_pub == NULL"); - packet_get_bignum2(dh_server_pub, &dlen); + packet_get_bignum2(dh_server_pub); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_server_pub= "); @@ -196,7 +197,7 @@ kexgex_client(Kex *kex) /* signed H */ signature = packet_get_string(&slen); - packet_done(); + packet_check_eom(); if (!dh_pub_is_valid(dh, dh_server_pub)) packet_disconnect("bad server public DH value"); @@ -207,7 +208,8 @@ kexgex_client(Kex *kex) #ifdef DEBUG_KEXDH dump_digest("shared secret", kbuf, kout); #endif - shared_secret = BN_new(); + if ((shared_secret = BN_new()) == NULL) + fatal("kexgex_client: BN_new failed"); BN_bin2bn(kbuf, kout, shared_secret); memset(kbuf, 0, klen); xfree(kbuf); @@ -231,9 +233,9 @@ kexgex_client(Kex *kex) /* have keys, free DH */ DH_free(dh); xfree(server_host_key_blob); - BN_free(dh_server_pub); + BN_clear_free(dh_server_pub); - if (key_verify(server_host_key, (u_char *)signature, slen, hash, 20) != 1) + if (key_verify(server_host_key, signature, slen, hash, 20) != 1) fatal("key_verify failed for server_host_key"); key_free(server_host_key); xfree(signature); @@ -252,15 +254,15 @@ kexgex_client(Kex *kex) /* server */ -void +static void kexgex_server(Kex *kex) { BIGNUM *shared_secret = NULL, *dh_client_pub = NULL; Key *server_host_key; DH *dh = dh; u_char *kbuf, *hash, *signature = NULL, *server_host_key_blob = NULL; - u_int sbloblen, klen, kout; - int min = -1, max = -1, nbits = -1, type, plen, dlen, slen; + u_int sbloblen, klen, kout, slen; + int min = -1, max = -1, nbits = -1, type; if (kex->load_host_key == NULL) fatal("Cannot load hostkey"); @@ -268,8 +270,8 @@ kexgex_server(Kex *kex) if (server_host_key == NULL) fatal("Unsupported hostkey type %d", kex->hostkey_type); - type = packet_read(&plen); - switch(type){ + type = packet_read(); + switch (type) { case SSH2_MSG_KEX_DH_GEX_REQUEST: debug("SSH2_MSG_KEX_DH_GEX_REQUEST received"); min = packet_get_int(); @@ -288,7 +290,7 @@ kexgex_server(Kex *kex) default: fatal("protocol error during kex, no DH_GEX_REQUEST: %d", type); } - packet_done(); + packet_check_eom(); if (max < min || nbits < min || max < nbits) fatal("DH_GEX_REQUEST, bad parameters: %d !< %d !< %d", @@ -311,13 +313,13 @@ kexgex_server(Kex *kex) dh_gen_key(dh, kex->we_need * 8); debug("expecting SSH2_MSG_KEX_DH_GEX_INIT"); - packet_read_expect(&plen, SSH2_MSG_KEX_DH_GEX_INIT); + packet_read_expect(SSH2_MSG_KEX_DH_GEX_INIT); /* key, cert */ - dh_client_pub = BN_new(); - if (dh_client_pub == NULL) + if ((dh_client_pub = BN_new()) == NULL) fatal("dh_client_pub == NULL"); - packet_get_bignum2(dh_client_pub, &dlen); + packet_get_bignum2(dh_client_pub); + packet_check_eom(); #ifdef DEBUG_KEXDH fprintf(stderr, "dh_client_pub= "); @@ -341,7 +343,8 @@ kexgex_server(Kex *kex) #ifdef DEBUG_KEXDH dump_digest("shared secret", kbuf, kout); #endif - shared_secret = BN_new(); + if ((shared_secret = BN_new()) == NULL) + fatal("kexgex_server: BN_new failed"); BN_bin2bn(kbuf, kout, shared_secret); memset(kbuf, 0, klen); xfree(kbuf); @@ -357,14 +360,14 @@ kexgex_server(Kex *kex) kex->server_version_string, buffer_ptr(&kex->peer), buffer_len(&kex->peer), buffer_ptr(&kex->my), buffer_len(&kex->my), - (char *)server_host_key_blob, sbloblen, + server_host_key_blob, sbloblen, min, nbits, max, dh->p, dh->g, dh_client_pub, dh->pub_key, shared_secret ); - BN_free(dh_client_pub); + BN_clear_free(dh_client_pub); /* save session id := H */ /* XXX hashlen depends on KEX */ @@ -383,9 +386,9 @@ kexgex_server(Kex *kex) /* send server hostkey, DH pubkey 'f' and singed H */ debug("SSH2_MSG_KEX_DH_GEX_REPLY sent"); packet_start(SSH2_MSG_KEX_DH_GEX_REPLY); - packet_put_string((char *)server_host_key_blob, sbloblen); + packet_put_string(server_host_key_blob, sbloblen); packet_put_bignum2(dh->pub_key); /* f */ - packet_put_string((char *)signature, slen); + packet_put_string(signature, slen); packet_send(); xfree(signature); xfree(server_host_key_blob); diff --git a/crypto/openssh/key.c b/crypto/openssh/key.c index 3b9f9f786214..cda91571affd 100644 --- a/crypto/openssh/key.c +++ b/crypto/openssh/key.c @@ -9,7 +9,7 @@ * called by a name other than "ssh" or "Secure Shell". * * - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: key.c,v 1.25 2001/04/17 10:53:24 markus Exp $"); +RCSID("$OpenBSD: key.c,v 1.41 2002/02/28 15:46:33 markus Exp $"); #include <openssl/evp.h> @@ -54,22 +54,31 @@ key_new(int type) DSA *dsa; k = xmalloc(sizeof(*k)); k->type = type; + k->flags = 0; k->dsa = NULL; k->rsa = NULL; switch (k->type) { case KEY_RSA1: case KEY_RSA: - rsa = RSA_new(); - rsa->n = BN_new(); - rsa->e = BN_new(); + if ((rsa = RSA_new()) == NULL) + fatal("key_new: RSA_new failed"); + if ((rsa->n = BN_new()) == NULL) + fatal("key_new: BN_new failed"); + if ((rsa->e = BN_new()) == NULL) + fatal("key_new: BN_new failed"); k->rsa = rsa; break; case KEY_DSA: - dsa = DSA_new(); - dsa->p = BN_new(); - dsa->q = BN_new(); - dsa->g = BN_new(); - dsa->pub_key = BN_new(); + if ((dsa = DSA_new()) == NULL) + fatal("key_new: DSA_new failed"); + if ((dsa->p = BN_new()) == NULL) + fatal("key_new: BN_new failed"); + if ((dsa->q = BN_new()) == NULL) + fatal("key_new: BN_new failed"); + if ((dsa->g = BN_new()) == NULL) + fatal("key_new: BN_new failed"); + if ((dsa->pub_key = BN_new()) == NULL) + fatal("key_new: BN_new failed"); k->dsa = dsa; break; case KEY_UNSPEC: @@ -87,15 +96,22 @@ key_new_private(int type) switch (k->type) { case KEY_RSA1: case KEY_RSA: - k->rsa->d = BN_new(); - k->rsa->iqmp = BN_new(); - k->rsa->q = BN_new(); - k->rsa->p = BN_new(); - k->rsa->dmq1 = BN_new(); - k->rsa->dmp1 = BN_new(); + if ((k->rsa->d = BN_new()) == NULL) + fatal("key_new_private: BN_new failed"); + if ((k->rsa->iqmp = BN_new()) == NULL) + fatal("key_new_private: BN_new failed"); + if ((k->rsa->q = BN_new()) == NULL) + fatal("key_new_private: BN_new failed"); + if ((k->rsa->p = BN_new()) == NULL) + fatal("key_new_private: BN_new failed"); + if ((k->rsa->dmq1 = BN_new()) == NULL) + fatal("key_new_private: BN_new failed"); + if ((k->rsa->dmp1 = BN_new()) == NULL) + fatal("key_new_private: BN_new failed"); break; case KEY_DSA: - k->dsa->priv_key = BN_new(); + if ((k->dsa->priv_key = BN_new()) == NULL) + fatal("key_new_private: BN_new failed"); break; case KEY_UNSPEC: break; @@ -153,14 +169,14 @@ key_equal(Key *a, Key *b) return 0; } -u_char* -key_fingerprint_raw(Key *k, enum fp_type dgst_type, size_t *dgst_raw_length) +static u_char* +key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length) { - EVP_MD *md = NULL; + const EVP_MD *md = NULL; EVP_MD_CTX ctx; u_char *blob = NULL; u_char *retval = NULL; - int len = 0; + u_int len = 0; int nlen, elen; *dgst_raw_length = 0; @@ -200,8 +216,7 @@ key_fingerprint_raw(Key *k, enum fp_type dgst_type, size_t *dgst_raw_length) retval = xmalloc(EVP_MAX_MD_SIZE); EVP_DigestInit(&ctx, md); EVP_DigestUpdate(&ctx, blob, len); - EVP_DigestFinal(&ctx, retval, NULL); - *dgst_raw_length = md->md_size; + EVP_DigestFinal(&ctx, retval, dgst_raw_length); memset(blob, 0, len); xfree(blob); } else { @@ -210,15 +225,15 @@ key_fingerprint_raw(Key *k, enum fp_type dgst_type, size_t *dgst_raw_length) return retval; } -char* -key_fingerprint_hex(u_char* dgst_raw, size_t dgst_raw_len) +static char* +key_fingerprint_hex(u_char* dgst_raw, u_int dgst_raw_len) { char *retval; int i; retval = xmalloc(dgst_raw_len * 3 + 1); retval[0] = '\0'; - for(i = 0; i < dgst_raw_len; i++) { + for (i = 0; i < dgst_raw_len; i++) { char hex[4]; snprintf(hex, sizeof(hex), "%02x:", dgst_raw[i]); strlcat(retval, hex, dgst_raw_len * 3); @@ -227,8 +242,8 @@ key_fingerprint_hex(u_char* dgst_raw, size_t dgst_raw_len) return retval; } -char* -key_fingerprint_bubblebabble(u_char* dgst_raw, size_t dgst_raw_len) +static char* +key_fingerprint_bubblebabble(u_char* dgst_raw, u_int dgst_raw_len) { char vowels[] = { 'a', 'e', 'i', 'o', 'u', 'y' }; char consonants[] = { 'b', 'c', 'd', 'f', 'g', 'h', 'k', 'l', 'm', @@ -279,12 +294,12 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) { char *retval = NULL; u_char *dgst_raw; - size_t dgst_raw_len; - + u_int dgst_raw_len; + dgst_raw = key_fingerprint_raw(k, dgst_type, &dgst_raw_len); if (!dgst_raw) fatal("key_fingerprint: null from key_fingerprint_raw()"); - switch(dgst_rep) { + switch (dgst_rep) { case SSH_FP_HEX: retval = key_fingerprint_hex(dgst_raw, dgst_raw_len); break; @@ -308,7 +323,7 @@ key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep) * last processed (and maybe modified) character. Note that this may modify * the buffer containing the number. */ -int +static int read_bignum(char **cpp, BIGNUM * value) { char *cp = *cpp; @@ -344,7 +359,7 @@ read_bignum(char **cpp, BIGNUM * value) *cpp = cp; return 1; } -int +static int write_bignum(FILE *f, BIGNUM *num) { char *buf = BN_bn2dec(num); @@ -353,11 +368,11 @@ write_bignum(FILE *f, BIGNUM *num) return 0; } fprintf(f, " %s", buf); - xfree(buf); + OPENSSL_free(buf); return 1; } -/* returns 1 ok, -1 error, 0 type mismatch */ +/* returns 1 ok, -1 error */ int key_read(Key *ret, char **cpp) { @@ -370,7 +385,7 @@ key_read(Key *ret, char **cpp) cp = *cpp; - switch(ret->type) { + switch (ret->type) { case KEY_RSA1: /* Get number of bits. */ if (*cp < '0' || *cp > '9') @@ -412,21 +427,22 @@ key_read(Key *ret, char **cpp) } else if (ret->type != type) { /* is a key, but different type */ debug3("key_read: type mismatch"); - return 0; + return -1; } len = 2*strlen(cp); blob = xmalloc(len); n = uudecode(cp, blob, len); if (n < 0) { error("key_read: uudecode %s failed", cp); + xfree(blob); return -1; } k = key_from_blob(blob, n); + xfree(blob); if (k == NULL) { error("key_read: key_from_blob %s failed", cp); return -1; } - xfree(blob); if (k->type != type) { error("key_read: type mismatch: encoding error"); key_free(k); @@ -453,9 +469,9 @@ key_read(Key *ret, char **cpp) #endif } /*XXXX*/ + key_free(k); if (success != 1) break; - key_free(k); /* advance cp: skip whitespace and data */ while (*cp == ' ' || *cp == '\t') cp++; @@ -472,8 +488,9 @@ key_read(Key *ret, char **cpp) int key_write(Key *key, FILE *f) { - int success = 0; - u_int bits = 0; + int n, success = 0; + u_int len, bits = 0; + u_char *blob, *uu; if (key->type == KEY_RSA1 && key->rsa != NULL) { /* size of modulus 'n' */ @@ -487,8 +504,6 @@ key_write(Key *key, FILE *f) } } else if ((key->type == KEY_DSA && key->dsa != NULL) || (key->type == KEY_RSA && key->rsa != NULL)) { - int len, n; - u_char *blob, *uu; key_to_blob(key, &blob, &len); uu = xmalloc(2*len); n = uuencode(blob, len, uu, 2*len); @@ -531,7 +546,8 @@ key_ssh_name(Key *k) return "ssh-unknown"; } u_int -key_size(Key *k){ +key_size(Key *k) +{ switch (k->type) { case KEY_RSA1: case KEY_RSA: @@ -544,7 +560,7 @@ key_size(Key *k){ return 0; } -RSA * +static RSA * rsa_generate_private_key(u_int bits) { RSA *private; @@ -554,7 +570,7 @@ rsa_generate_private_key(u_int bits) return private; } -DSA* +static DSA* dsa_generate_private_key(u_int bits) { DSA *private = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL); @@ -614,15 +630,15 @@ key_from_private(Key *k) int key_type_from_name(char *name) { - if (strcmp(name, "rsa1") == 0){ + if (strcmp(name, "rsa1") == 0) { return KEY_RSA1; - } else if (strcmp(name, "rsa") == 0){ + } else if (strcmp(name, "rsa") == 0) { return KEY_RSA; - } else if (strcmp(name, "dsa") == 0){ + } else if (strcmp(name, "dsa") == 0) { return KEY_DSA; - } else if (strcmp(name, "ssh-rsa") == 0){ + } else if (strcmp(name, "ssh-rsa") == 0) { return KEY_RSA; - } else if (strcmp(name, "ssh-dss") == 0){ + } else if (strcmp(name, "ssh-dss") == 0) { return KEY_DSA; } debug2("key_type_from_name: unknown key type '%s'", name); @@ -638,7 +654,7 @@ key_names_valid2(const char *names) return 0; s = cp = xstrdup(names); for ((p = strsep(&cp, ",")); p && *p != '\0'; - (p = strsep(&cp, ","))) { + (p = strsep(&cp, ","))) { switch (key_type_from_name(p)) { case KEY_RSA1: case KEY_UNSPEC: @@ -652,7 +668,7 @@ key_names_valid2(const char *names) } Key * -key_from_blob(char *blob, int blen) +key_from_blob(u_char *blob, int blen) { Buffer b; char *ktype; @@ -667,7 +683,7 @@ key_from_blob(char *blob, int blen) ktype = buffer_get_string(&b, NULL); type = key_type_from_name(ktype); - switch(type){ + switch (type) { case KEY_RSA: key = key_new(type); buffer_get_bignum2(&b, key->rsa->e); @@ -713,7 +729,7 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp) return 0; } buffer_init(&b); - switch(key->type){ + switch (key->type) { case KEY_DSA: buffer_put_cstring(&b, key_ssh_name(key)); buffer_put_bignum2(&b, key->dsa->p); @@ -727,8 +743,9 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp) buffer_put_bignum2(&b, key->rsa->n); break; default: - error("key_to_blob: illegal key type %d", key->type); - break; + error("key_to_blob: unsupported key type %d", key->type); + buffer_free(&b); + return 0; } len = buffer_len(&b); buf = xmalloc(len); @@ -745,10 +762,10 @@ key_to_blob(Key *key, u_char **blobp, u_int *lenp) int key_sign( Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen) + u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) { - switch(key->type){ + switch (key->type) { case KEY_DSA: return ssh_dss_sign(key, sigp, lenp, data, datalen); break; @@ -765,10 +782,13 @@ key_sign( int key_verify( Key *key, - u_char *signature, int signaturelen, - u_char *data, int datalen) + u_char *signature, u_int signaturelen, + u_char *data, u_int datalen) { - switch(key->type){ + if (signaturelen == 0) + return -1; + + switch (key->type) { case KEY_DSA: return ssh_dss_verify(key, signature, signaturelen, data, datalen); break; diff --git a/crypto/openssh/key.h b/crypto/openssh/key.h index cee31c30a683..a2257731aef5 100644 --- a/crypto/openssh/key.h +++ b/crypto/openssh/key.h @@ -1,7 +1,7 @@ -/* $OpenBSD: key.h,v 1.12 2001/04/17 10:53:24 markus Exp $ */ +/* $OpenBSD: key.h,v 1.18 2002/02/24 19:14:59 markus Exp $ */ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -44,41 +44,37 @@ enum fp_rep { SSH_FP_HEX, SSH_FP_BUBBLEBABBLE }; + +/* key is stored in external hardware */ +#define KEY_FLAG_EXT 0x0001 + struct Key { - int type; + int type; + int flags; RSA *rsa; DSA *dsa; }; -Key *key_new(int type); -Key *key_new_private(int type); -void key_free(Key *k); -int key_equal(Key *a, Key *b); -char *key_fingerprint(Key *k, enum fp_type dgst_type, enum fp_rep dgst_rep); -char *key_type(Key *k); -int key_write(Key *key, FILE *f); -int key_read(Key *key, char **cpp); -u_int key_size(Key *k); - -Key *key_generate(int type, u_int bits); -Key *key_from_private(Key *k); -int key_type_from_name(char *name); +Key *key_new(int); +Key *key_new_private(int); +void key_free(Key *); +int key_equal(Key *, Key *); +char *key_fingerprint(Key *, enum fp_type, enum fp_rep); +char *key_type(Key *); +int key_write(Key *, FILE *); +int key_read(Key *, char **); +u_int key_size(Key *); -Key *key_from_blob(char *blob, int blen); -int key_to_blob(Key *key, u_char **blobp, u_int *lenp); -char *key_ssh_name(Key *k); -int key_names_valid2(const char *names); +Key *key_generate(int, u_int); +Key *key_from_private(Key *); +int key_type_from_name(char *); -int -key_sign( - Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen); +Key *key_from_blob(u_char *, int); +int key_to_blob(Key *, u_char **, u_int *); +char *key_ssh_name(Key *); +int key_names_valid2(const char *); -int -key_verify( - Key *key, - u_char *signature, int signaturelen, - u_char *data, int datalen); +int key_sign(Key *, u_char **, u_int *, u_char *, u_int); +int key_verify(Key *, u_char *, u_int, u_char *, u_int); #endif diff --git a/crypto/openssh/lib/Makefile b/crypto/openssh/lib/Makefile index fbcd66f59ad7..369cf90eac99 100644 --- a/crypto/openssh/lib/Makefile +++ b/crypto/openssh/lib/Makefile @@ -1,15 +1,17 @@ -# $OpenBSD: Makefile,v 1.22 2001/04/03 19:53:30 markus Exp $ +# $OpenBSD: Makefile,v 1.31 2002/02/22 12:20:34 markus Exp $ .PATH: ${.CURDIR}/.. LIB= ssh SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \ - cipher.c compat.c compress.c crc32.c deattack.c \ + cipher.c compat.c compress.c crc32.c deattack.c fatal.c \ hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \ rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \ key.c dispatch.c kex.c mac.c uuencode.c misc.c \ - cli.c rijndael.c ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c + rijndael.c ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \ + scard.c +DEBUGLIBS= no NOPROFILE= yes NOPIC= yes @@ -26,4 +28,8 @@ SRCS+= radix.c .endif # AFS .endif # KERBEROS +.if (${KERBEROS5:L} == "yes") +CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV +.endif # KERBEROS5 + .include <bsd.lib.mk> diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c index 34b4eb961588..887045f21877 100644 --- a/crypto/openssh/log.c +++ b/crypto/openssh/log.c @@ -34,7 +34,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: log.c,v 1.17 2001/03/04 17:42:28 millert Exp $"); +RCSID("$OpenBSD: log.c,v 1.22 2002/02/22 12:20:34 markus Exp $"); #include "log.h" #include "xmalloc.h" @@ -65,7 +65,7 @@ static struct { { "LOCAL5", SYSLOG_FACILITY_LOCAL5 }, { "LOCAL6", SYSLOG_FACILITY_LOCAL6 }, { "LOCAL7", SYSLOG_FACILITY_LOCAL7 }, - { NULL, 0 } + { NULL, SYSLOG_FACILITY_NOT_SET } }; static struct { @@ -82,7 +82,7 @@ static struct { { "DEBUG1", SYSLOG_LEVEL_DEBUG1 }, { "DEBUG2", SYSLOG_LEVEL_DEBUG2 }, { "DEBUG3", SYSLOG_LEVEL_DEBUG3 }, - { NULL, 0 } + { NULL, SYSLOG_LEVEL_NOT_SET } }; SyslogFacility @@ -93,7 +93,7 @@ log_facility_number(char *name) for (i = 0; log_facilities[i].name; i++) if (strcasecmp(log_facilities[i].name, name) == 0) return log_facilities[i].val; - return (SyslogFacility) - 1; + return SYSLOG_FACILITY_NOT_SET; } LogLevel @@ -104,18 +104,7 @@ log_level_number(char *name) for (i = 0; log_levels[i].name; i++) if (strcasecmp(log_levels[i].name, name) == 0) return log_levels[i].val; - return (LogLevel) - 1; -} -/* Fatal messages. This function never returns. */ - -void -fatal(const char *fmt,...) -{ - va_list args; - va_start(args, fmt); - do_log(SYSLOG_LEVEL_FATAL, fmt, args); - va_end(args); - fatal_cleanup(); + return SYSLOG_LEVEL_NOT_SET; } /* Error messages that should be logged. */ @@ -237,7 +226,7 @@ fatal_cleanup(void) for (cu = fatal_cleanups; cu; cu = next_cu) { next_cu = cu->next; debug("Calling cleanup 0x%lx(0x%lx)", - (u_long) cu->proc, (u_long) cu->context); + (u_long) cu->proc, (u_long) cu->context); (*cu->proc) (cu->context); } exit(255); diff --git a/crypto/openssh/log.h b/crypto/openssh/log.h index ad9fa3f2ab1b..276ba05ea664 100644 --- a/crypto/openssh/log.h +++ b/crypto/openssh/log.h @@ -1,4 +1,4 @@ -/* $OpenBSD: log.h,v 1.2 2001/01/29 01:58:16 niklas Exp $ */ +/* $OpenBSD: log.h,v 1.6 2002/02/22 12:20:34 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -27,7 +27,8 @@ typedef enum { SYSLOG_FACILITY_LOCAL4, SYSLOG_FACILITY_LOCAL5, SYSLOG_FACILITY_LOCAL6, - SYSLOG_FACILITY_LOCAL7 + SYSLOG_FACILITY_LOCAL7, + SYSLOG_FACILITY_NOT_SET = -1, } SyslogFacility; typedef enum { @@ -38,38 +39,27 @@ typedef enum { SYSLOG_LEVEL_VERBOSE, SYSLOG_LEVEL_DEBUG1, SYSLOG_LEVEL_DEBUG2, - SYSLOG_LEVEL_DEBUG3 + SYSLOG_LEVEL_DEBUG3, + SYSLOG_LEVEL_NOT_SET = -1, } LogLevel; -/* Initializes logging. */ -void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr); -/* Logging implementation, depending on server or client */ -void do_log(LogLevel level, const char *fmt, va_list args); +void log_init(char *, LogLevel, SyslogFacility, int); -/* name to facility/level */ -SyslogFacility log_facility_number(char *name); -LogLevel log_level_number(char *name); +SyslogFacility log_facility_number(char *); +LogLevel log_level_number(char *); -/* Output a message to syslog or stderr */ -void fatal(const char *fmt,...) __attribute__((format(printf, 1, 2))); -void error(const char *fmt,...) __attribute__((format(printf, 1, 2))); -void log(const char *fmt,...) __attribute__((format(printf, 1, 2))); -void verbose(const char *fmt,...) __attribute__((format(printf, 1, 2))); -void debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); -void debug2(const char *fmt,...) __attribute__((format(printf, 1, 2))); -void debug3(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void fatal(const char *, ...) __attribute__((format(printf, 1, 2))); +void error(const char *, ...) __attribute__((format(printf, 1, 2))); +void log(const char *, ...) __attribute__((format(printf, 1, 2))); +void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); +void debug(const char *, ...) __attribute__((format(printf, 1, 2))); +void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); +void debug3(const char *, ...) __attribute__((format(printf, 1, 2))); -/* same as fatal() but w/o logging */ -void fatal_cleanup(void); +void fatal_cleanup(void); +void fatal_add_cleanup(void (*) (void *), void *); +void fatal_remove_cleanup(void (*) (void *), void *); -/* - * Registers a cleanup function to be called by fatal()/fatal_cleanup() - * before exiting. It is permissible to call fatal_remove_cleanup for the - * function itself from the function. - */ -void fatal_add_cleanup(void (*proc) (void *context), void *context); - -/* Removes a cleanup function to be called at fatal(). */ -void fatal_remove_cleanup(void (*proc) (void *context), void *context); +void do_log(LogLevel, const char *, va_list); #endif diff --git a/crypto/openssh/mac.c b/crypto/openssh/mac.c index e8b4267c3fc1..b250af2aa34d 100644 --- a/crypto/openssh/mac.c +++ b/crypto/openssh/mac.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: mac.c,v 1.2 2001/04/05 10:42:51 markus Exp $"); +RCSID("$OpenBSD: mac.c,v 1.4 2002/01/25 22:07:40 markus Exp $"); #include <openssl/hmac.h> @@ -56,7 +56,7 @@ mac_init(Mac *mac, char *name) if (strcmp(name, macs[i].name) == 0) { if (mac != NULL) { mac->md = (*macs[i].mdfunc)(); - mac->key_len = mac->mac_len = mac->md->md_size; + mac->key_len = mac->mac_len = EVP_MD_size(mac->md); if (macs[i].truncatebits != 0) mac->mac_len = macs[i].truncatebits/8; } @@ -99,7 +99,7 @@ mac_valid(const char *names) return (0); maclist = cp = xstrdup(names); for ((p = strsep(&cp, MAC_SEP)); p && *p != '\0'; - (p = strsep(&cp, MAC_SEP))) { + (p = strsep(&cp, MAC_SEP))) { if (mac_init(NULL, p) < 0) { debug("bad mac %s [%s]", p, names); xfree(maclist); diff --git a/crypto/openssh/mac.h b/crypto/openssh/mac.h index 6173eaa66a41..43b485dd92be 100644 --- a/crypto/openssh/mac.h +++ b/crypto/openssh/mac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.h,v 1.1 2001/02/11 12:59:24 markus Exp $ */ +/* $OpenBSD: mac.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,6 +23,6 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -int mac_valid(const char *names); -int mac_init(Mac *mac, char *name); -u_char *mac_compute(Mac *mac, u_int32_t seqno, u_char *data, int datalen); +int mac_valid(const char *); +int mac_init(Mac *, char *); +u_char *mac_compute(Mac *, u_int32_t, u_char *, int); diff --git a/crypto/openssh/match.c b/crypto/openssh/match.c index ebb562ab3fc0..3ddb62730271 100644 --- a/crypto/openssh/match.c +++ b/crypto/openssh/match.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: match.c,v 1.12 2001/03/10 17:51:04 markus Exp $"); +RCSID("$OpenBSD: match.c,v 1.19 2002/03/01 13:12:10 markus Exp $"); #include "match.h" #include "xmalloc.h" @@ -104,14 +104,15 @@ match_pattern(const char *s, const char *pattern) } /* - * Tries to match the host name (which must be in all lowercase) against the + * Tries to match the string against the * comma-separated sequence of subpatterns (each possibly preceded by ! to * indicate negation). Returns -1 if negation matches, 1 if there is * a positive match, 0 if there is no match at all. */ int -match_hostname(const char *host, const char *pattern, u_int len) +match_pattern_list(const char *string, const char *pattern, u_int len, + int dolower) { char sub[1024]; int negated; @@ -132,9 +133,10 @@ match_hostname(const char *host, const char *pattern, u_int len) * subpattern to lowercase. */ for (subi = 0; - i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; - subi++, i++) - sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i]; + i < len && subi < sizeof(sub) - 1 && pattern[i] != ','; + subi++, i++) + sub[subi] = dolower && isupper(pattern[i]) ? + tolower(pattern[i]) : pattern[i]; /* If subpattern too long, return failure (no match). */ if (subi >= sizeof(sub) - 1) return 0; @@ -146,8 +148,8 @@ match_hostname(const char *host, const char *pattern, u_int len) /* Null-terminate the subpattern. */ sub[subi] = '\0'; - /* Try to match the subpattern against the host name. */ - if (match_pattern(host, sub)) { + /* Try to match the subpattern against the string. */ + if (match_pattern(string, sub)) { if (negated) return -1; /* Negative */ else @@ -162,8 +164,69 @@ match_hostname(const char *host, const char *pattern, u_int len) return got_positive; } +/* + * Tries to match the host name (which must be in all lowercase) against the + * comma-separated sequence of subpatterns (each possibly preceded by ! to + * indicate negation). Returns -1 if negation matches, 1 if there is + * a positive match, 0 if there is no match at all. + */ +int +match_hostname(const char *host, const char *pattern, u_int len) +{ + return match_pattern_list(host, pattern, len, 1); +} -#define MAX_PROP 20 +/* + * returns 0 if we get a negative match for the hostname or the ip + * or if we get no match at all. returns 1 otherwise. + */ +int +match_host_and_ip(const char *host, const char *ipaddr, + const char *patterns) +{ + int mhost, mip; + + /* negative ipaddr match */ + if ((mip = match_hostname(ipaddr, patterns, strlen(patterns))) == -1) + return 0; + /* negative hostname match */ + if ((mhost = match_hostname(host, patterns, strlen(patterns))) == -1) + return 0; + /* no match at all */ + if (mhost == 0 && mip == 0) + return 0; + return 1; +} + +/* + * match user, user@host_or_ip, user@host_or_ip_list against pattern + */ +int +match_user(const char *user, const char *host, const char *ipaddr, + const char *pattern) +{ + char *p, *pat; + int ret; + + if ((p = strchr(pattern,'@')) == NULL) + return match_pattern(user, pattern); + + pat = xstrdup(pattern); + p = strchr(pat, '@'); + *p++ = '\0'; + + if ((ret = match_pattern(user, pat)) == 1) + ret = match_host_and_ip(host, ipaddr, p); + xfree(pat); + + return ret; +} + +/* + * Returns first item from client-list that is also supported by server-list, + * caller must xfree() returned string. + */ +#define MAX_PROP 40 #define SEP "," char * match_list(const char *client, const char *server, u_int *next) @@ -176,7 +239,7 @@ match_list(const char *client, const char *server, u_int *next) s = sp = xstrdup(server); for ((p = strsep(&sp, SEP)), i=0; p && *p != '\0'; - (p = strsep(&sp, SEP)), i++) { + (p = strsep(&sp, SEP)), i++) { if (i < MAX_PROP) sproposals[i] = p; else @@ -185,7 +248,7 @@ match_list(const char *client, const char *server, u_int *next) nproposals = i; for ((p = strsep(&cp, SEP)), i=0; p && *p != '\0'; - (p = strsep(&cp, SEP)), i++) { + (p = strsep(&cp, SEP)), i++) { for (j = 0; j < nproposals; j++) { if (strcmp(p, sproposals[j]) == 0) { ret = xstrdup(p); diff --git a/crypto/openssh/match.h b/crypto/openssh/match.h index 09c931168da9..a0764e0013f9 100644 --- a/crypto/openssh/match.h +++ b/crypto/openssh/match.h @@ -1,11 +1,9 @@ -/* $OpenBSD: match.h,v 1.7 2001/03/10 17:51:04 markus Exp $ */ +/* $OpenBSD: match.h,v 1.12 2002/03/01 13:12:10 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved - * This file contains various auxiliary functions related to multiple - * precision integers. * * As far as I am concerned, the code I have written for this software * can be used freely for any purpose. Any derived versions of this @@ -16,24 +14,11 @@ #ifndef MATCH_H #define MATCH_H -/* - * Returns true if the given string matches the pattern (which may contain ? - * and * as wildcards), and zero if it does not match. - */ -int match_pattern(const char *s, const char *pattern); - -/* - * Tries to match the host name (which must be in all lowercase) against the - * comma-separated sequence of subpatterns (each possibly preceded by ! to - * indicate negation). Returns -1 if negation matches, 1 if there is - * a positive match, 0 if there is no match at all. - */ -int match_hostname(const char *host, const char *pattern, u_int len); - -/* - * Returns first item from client-list that is also supported by server-list, - * caller must xfree() returned string. - */ -char *match_list(const char *client, const char *server, u_int *next); +int match_pattern(const char *, const char *); +int match_pattern_list(const char *, const char *, u_int, int); +int match_hostname(const char *, const char *, u_int); +int match_host_and_ip(const char *, const char *, const char *); +int match_user(const char *, const char *, const char *, const char *); +char *match_list(const char *, const char *, u_int *); #endif diff --git a/crypto/openssh/misc.c b/crypto/openssh/misc.c index b5c0fd1734c7..10f9173a2d3f 100644 --- a/crypto/openssh/misc.c +++ b/crypto/openssh/misc.c @@ -1,5 +1,3 @@ -/* $OpenBSD: misc.c,v 1.5 2001/04/12 20:09:37 stevesk Exp $ */ - /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -25,18 +23,19 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.5 2001/04/12 20:09:37 stevesk Exp $"); +RCSID("$OpenBSD: misc.c,v 1.19 2002/03/04 17:27:39 stevesk Exp $"); #include "misc.h" #include "log.h" #include "xmalloc.h" +/* remove newline at end of string */ char * chop(char *s) { char *t = s; while (*t) { - if(*t == '\n' || *t == '\r') { + if (*t == '\n' || *t == '\r') { *t = '\0'; return s; } @@ -46,30 +45,75 @@ chop(char *s) } +/* set/unset filedescriptor to non-blocking */ void set_nonblock(int fd) { int val; + val = fcntl(fd, F_GETFL, 0); if (val < 0) { error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); return; } if (val & O_NONBLOCK) { - debug("fd %d IS O_NONBLOCK", fd); + debug2("fd %d is O_NONBLOCK", fd); return; } debug("fd %d setting O_NONBLOCK", fd); val |= O_NONBLOCK; if (fcntl(fd, F_SETFL, val) == -1) - if (errno != ENODEV) - error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", - fd, strerror(errno)); + debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", + fd, strerror(errno)); +} + +void +unset_nonblock(int fd) +{ + int val; + + val = fcntl(fd, F_GETFL, 0); + if (val < 0) { + error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno)); + return; + } + if (!(val & O_NONBLOCK)) { + debug2("fd %d is not O_NONBLOCK", fd); + return; + } + debug("fd %d clearing O_NONBLOCK", fd); + val &= ~O_NONBLOCK; + if (fcntl(fd, F_SETFL, val) == -1) + debug("fcntl(%d, F_SETFL, O_NONBLOCK): %s", + fd, strerror(errno)); +} + +/* disable nagle on socket */ +void +set_nodelay(int fd) +{ + int opt; + socklen_t optlen; + + optlen = sizeof opt; + if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) { + error("getsockopt TCP_NODELAY: %.100s", strerror(errno)); + return; + } + if (opt == 1) { + debug2("fd %d is TCP_NODELAY", fd); + return; + } + opt = 1; + debug("fd %d setting TCP_NODELAY", fd); + if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1) + error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); } /* Characters considered whitespace in strsep calls. */ #define WHITESPACE " \t\r\n" +/* return next token in configuration line */ char * strdelim(char **s) { @@ -108,13 +152,21 @@ pwcopy(struct passwd *pw) copy->pw_gecos = xstrdup(pw->pw_gecos); copy->pw_uid = pw->pw_uid; copy->pw_gid = pw->pw_gid; + copy->pw_expire = pw->pw_expire; + copy->pw_change = pw->pw_change; copy->pw_class = xstrdup(pw->pw_class); copy->pw_dir = xstrdup(pw->pw_dir); copy->pw_shell = xstrdup(pw->pw_shell); return copy; } -int a2port(const char *s) +/* + * Convert ASCII string to TCP/IP port number. + * Port must be >0 and <=65535. + * Return 0 if invalid. + */ +int +a2port(const char *s) { long port; char *endp; @@ -128,3 +180,140 @@ int a2port(const char *s) return port; } + +#define SECONDS 1 +#define MINUTES (SECONDS * 60) +#define HOURS (MINUTES * 60) +#define DAYS (HOURS * 24) +#define WEEKS (DAYS * 7) + +/* + * Convert a time string into seconds; format is + * a sequence of: + * time[qualifier] + * + * Valid time qualifiers are: + * <none> seconds + * s|S seconds + * m|M minutes + * h|H hours + * d|D days + * w|W weeks + * + * Examples: + * 90m 90 minutes + * 1h30m 90 minutes + * 2d 2 days + * 1w 1 week + * + * Return -1 if time string is invalid. + */ +long +convtime(const char *s) +{ + long total, secs; + const char *p; + char *endp; + + errno = 0; + total = 0; + p = s; + + if (p == NULL || *p == '\0') + return -1; + + while (*p) { + secs = strtol(p, &endp, 10); + if (p == endp || + (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) || + secs < 0) + return -1; + + switch (*endp++) { + case '\0': + endp--; + case 's': + case 'S': + break; + case 'm': + case 'M': + secs *= MINUTES; + break; + case 'h': + case 'H': + secs *= HOURS; + break; + case 'd': + case 'D': + secs *= DAYS; + break; + case 'w': + case 'W': + secs *= WEEKS; + break; + default: + return -1; + } + total += secs; + if (total < 0) + return -1; + p = endp; + } + + return total; +} + +char * +cleanhostname(char *host) +{ + if (*host == '[' && host[strlen(host) - 1] == ']') { + host[strlen(host) - 1] = '\0'; + return (host + 1); + } else + return host; +} + +char * +colon(char *cp) +{ + int flag = 0; + + if (*cp == ':') /* Leading colon is part of file name. */ + return (0); + if (*cp == '[') + flag = 1; + + for (; *cp; ++cp) { + if (*cp == '@' && *(cp+1) == '[') + flag = 1; + if (*cp == ']' && *(cp+1) == ':' && flag) + return (cp+1); + if (*cp == ':' && !flag) + return (cp); + if (*cp == '/') + return (0); + } + return (0); +} + +/* function to assist building execv() arguments */ +void +addargs(arglist *args, char *fmt, ...) +{ + va_list ap; + char buf[1024]; + + va_start(ap, fmt); + vsnprintf(buf, sizeof(buf), fmt, ap); + va_end(ap); + + if (args->list == NULL) { + args->nalloc = 32; + args->num = 0; + } else if (args->num+2 >= args->nalloc) + args->nalloc *= 2; + + args->list = xrealloc(args->list, args->nalloc * sizeof(char *)); + args->list[args->num++] = xstrdup(buf); + args->list[args->num] = NULL; +} diff --git a/crypto/openssh/misc.h b/crypto/openssh/misc.h index 9cd4ac1b1b6b..d28b8650988e 100644 --- a/crypto/openssh/misc.h +++ b/crypto/openssh/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.4 2001/04/12 20:09:36 stevesk Exp $ */ +/* $OpenBSD: misc.h,v 1.11 2002/01/24 21:09:25 stevesk Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -11,20 +11,23 @@ * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". */ -/* remove newline at end of string */ -char *chop(char *s); -/* return next token in configuration line */ -char *strdelim(char **s); +char *chop(char *); +char *strdelim(char **); +void set_nonblock(int); +void unset_nonblock(int); +void set_nodelay(int); +int a2port(const char *); +char *cleanhostname(char *); +char *colon(char *); +long convtime(const char *); -/* set filedescriptor to non-blocking */ -void set_nonblock(int fd); +struct passwd *pwcopy(struct passwd *); -struct passwd * pwcopy(struct passwd *pw); - -/* - * Convert ASCII string to TCP/IP port number. - * Port must be >0 and <=65535. - * Return 0 if invalid. - */ -int a2port(const char *s); +typedef struct arglist arglist; +struct arglist { + char **list; + int num; + int nalloc; +}; +void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3))); diff --git a/crypto/openssh/mpaux.h b/crypto/openssh/mpaux.h index b3f15e4a5fe0..2a312f5cb212 100644 --- a/crypto/openssh/mpaux.h +++ b/crypto/openssh/mpaux.h @@ -1,3 +1,5 @@ +/* $OpenBSD: mpaux.h,v 1.12 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -12,20 +14,9 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: mpaux.h,v 1.9 2000/12/19 23:17:57 markus Exp $"); */ - #ifndef MPAUX_H #define MPAUX_H -/* - * Computes a 16-byte session id in the global variable session_id. The - * session id is computed by concatenating the linearized, msb first - * representations of host_key_n, session_key_n, and the cookie. - */ -void -compute_session_id(u_char session_id[16], - u_char cookie[8], - BIGNUM * host_key_n, - BIGNUM * session_key_n); +void compute_session_id(u_char[16], u_char[8], BIGNUM *, BIGNUM *); #endif /* MPAUX_H */ diff --git a/crypto/openssh/myproposal.h b/crypto/openssh/myproposal.h index 4a9a363709b0..1caf04a4eeb8 100644 --- a/crypto/openssh/myproposal.h +++ b/crypto/openssh/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.12 2001/03/05 15:56:16 deraadt Exp $ */ +/* $OpenBSD: myproposal.h,v 1.13 2002/01/21 22:30:12 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -27,9 +27,7 @@ #define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" #define KEX_DEFAULT_ENCRYPT \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour," \ - "aes192-cbc,aes256-cbc," \ - "rijndael128-cbc,rijndael192-cbc,rijndael256-cbc," \ - "rijndael-cbc@lysator.liu.se" + "aes192-cbc,aes256-cbc" #define KEX_DEFAULT_MAC \ "hmac-md5,hmac-sha1,hmac-ripemd160," \ "hmac-ripemd160@openssh.com," \ diff --git a/crypto/openssh/nchan.c b/crypto/openssh/nchan.c index eb9650136111..8153abbca099 100644 --- a/crypto/openssh/nchan.c +++ b/crypto/openssh/nchan.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999 Markus Friedl. All rights reserved. + * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,40 +23,79 @@ */ #include "includes.h" -RCSID("$OpenBSD: nchan.c,v 1.23 2001/02/28 08:54:55 markus Exp $"); +RCSID("$OpenBSD: nchan.c,v 1.44 2002/01/21 23:27:10 markus Exp $"); #include "ssh1.h" #include "ssh2.h" #include "buffer.h" #include "packet.h" #include "channels.h" -#include "nchan.h" #include "compat.h" #include "log.h" +/* + * SSH Protocol 1.5 aka New Channel Protocol + * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored. + * Written by Markus Friedl in October 1999 + * + * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the + * tear down of channels: + * + * 1.3: strict request-ack-protocol: + * CLOSE -> + * <- CLOSE_CONFIRM + * + * 1.5: uses variations of: + * IEOF -> + * <- OCLOSE + * <- IEOF + * OCLOSE -> + * i.e. both sides have to close the channel + * + * 2.0: the EOF messages are optional + * + * See the debugging output from 'ssh -v' and 'sshd -d' of + * ssh-1.2.27 as an example. + * + */ + /* functions manipulating channel states */ /* * EVENTS update channel input/output states execute ACTIONS */ -/* events concerning the INPUT from socket for channel (istate) */ -chan_event_fn *chan_rcvd_oclose = NULL; -chan_event_fn *chan_read_failed = NULL; -chan_event_fn *chan_ibuf_empty = NULL; -/* events concerning the OUTPUT from channel for socket (ostate) */ -chan_event_fn *chan_rcvd_ieof = NULL; -chan_event_fn *chan_write_failed = NULL; -chan_event_fn *chan_obuf_empty = NULL; /* * ACTIONS: should never update the channel states */ -static void chan_send_ieof1(Channel *c); -static void chan_send_oclose1(Channel *c); -static void chan_send_close2(Channel *c); -static void chan_send_eof2(Channel *c); +static void chan_send_ieof1(Channel *); +static void chan_send_oclose1(Channel *); +static void chan_send_close2(Channel *); +static void chan_send_eof2(Channel *); /* helper */ -static void chan_shutdown_write(Channel *c); -static void chan_shutdown_read(Channel *c); +static void chan_shutdown_write(Channel *); +static void chan_shutdown_read(Channel *); + +static char *ostates[] = { "open", "drain", "wait_ieof", "closed" }; +static char *istates[] = { "open", "drain", "wait_oclose", "closed" }; + +static void +chan_set_istate(Channel *c, u_int next) +{ + if (c->istate > CHAN_INPUT_CLOSED || next > CHAN_INPUT_CLOSED) + fatal("chan_set_istate: bad state %d -> %d", c->istate, next); + debug("channel %d: input %s -> %s", c->self, istates[c->istate], + istates[next]); + c->istate = next; +} +static void +chan_set_ostate(Channel *c, u_int next) +{ + if (c->ostate > CHAN_OUTPUT_CLOSED || next > CHAN_OUTPUT_CLOSED) + fatal("chan_set_ostate: bad state %d -> %d", c->ostate, next); + debug("channel %d: output %s -> %s", c->self, ostates[c->ostate], + ostates[next]); + c->ostate = next; +} /* * SSH1 specific implementation of event functions @@ -68,64 +107,61 @@ chan_rcvd_oclose1(Channel *c) debug("channel %d: rcvd oclose", c->self); switch (c->istate) { case CHAN_INPUT_WAIT_OCLOSE: - debug("channel %d: input wait_oclose -> closed", c->self); - c->istate = CHAN_INPUT_CLOSED; + chan_set_istate(c, CHAN_INPUT_CLOSED); break; case CHAN_INPUT_OPEN: - debug("channel %d: input open -> closed", c->self); chan_shutdown_read(c); chan_send_ieof1(c); - c->istate = CHAN_INPUT_CLOSED; + chan_set_istate(c, CHAN_INPUT_CLOSED); break; case CHAN_INPUT_WAIT_DRAIN: /* both local read_failed and remote write_failed */ - log("channel %d: input drain -> closed", c->self); chan_send_ieof1(c); - c->istate = CHAN_INPUT_CLOSED; + chan_set_istate(c, CHAN_INPUT_CLOSED); break; default: - error("channel %d: protocol error: chan_rcvd_oclose for istate %d", + error("channel %d: protocol error: rcvd_oclose for istate %d", c->self, c->istate); return; } } -static void -chan_read_failed_12(Channel *c) +void +chan_read_failed(Channel *c) { debug("channel %d: read failed", c->self); switch (c->istate) { case CHAN_INPUT_OPEN: - debug("channel %d: input open -> drain", c->self); chan_shutdown_read(c); - c->istate = CHAN_INPUT_WAIT_DRAIN; - if (buffer_len(&c->input) == 0) { - debug("channel %d: input: no drain shortcut", c->self); - chan_ibuf_empty(c); - } + chan_set_istate(c, CHAN_INPUT_WAIT_DRAIN); break; default: - error("channel %d: internal error: we do not read, but chan_read_failed for istate %d", + error("channel %d: chan_read_failed for istate %d", c->self, c->istate); break; } } -static void -chan_ibuf_empty1(Channel *c) +void +chan_ibuf_empty(Channel *c) { debug("channel %d: ibuf empty", c->self); if (buffer_len(&c->input)) { - error("channel %d: internal error: chan_ibuf_empty for non empty buffer", + error("channel %d: chan_ibuf_empty for non empty buffer", c->self); return; } switch (c->istate) { case CHAN_INPUT_WAIT_DRAIN: - debug("channel %d: input drain -> wait_oclose", c->self); - chan_send_ieof1(c); - c->istate = CHAN_INPUT_WAIT_OCLOSE; + if (compat20) { + if (!(c->flags & CHAN_CLOSE_SENT)) + chan_send_eof2(c); + chan_set_istate(c, CHAN_INPUT_CLOSED); + } else { + chan_send_ieof1(c); + chan_set_istate(c, CHAN_INPUT_WAIT_OCLOSE); + } break; default: - error("channel %d: internal error: chan_ibuf_empty for istate %d", + error("channel %d: chan_ibuf_empty for istate %d", c->self, c->istate); break; } @@ -134,36 +170,15 @@ static void chan_rcvd_ieof1(Channel *c) { debug("channel %d: rcvd ieof", c->self); - if (c->type != SSH_CHANNEL_OPEN) { - debug("channel %d: non-open", c->self); - if (c->istate == CHAN_INPUT_OPEN) { - debug("channel %d: non-open: input open -> wait_oclose", c->self); - chan_shutdown_read(c); - chan_send_ieof1(c); - c->istate = CHAN_INPUT_WAIT_OCLOSE; - } else { - error("channel %d: istate %d != open", c->self, c->istate); - } - if (c->ostate == CHAN_OUTPUT_OPEN) { - debug("channel %d: non-open: output open -> closed", c->self); - chan_send_oclose1(c); - c->ostate = CHAN_OUTPUT_CLOSED; - } else { - error("channel %d: ostate %d != open", c->self, c->ostate); - } - return; - } switch (c->ostate) { case CHAN_OUTPUT_OPEN: - debug("channel %d: output open -> drain", c->self); - c->ostate = CHAN_OUTPUT_WAIT_DRAIN; + chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN); break; case CHAN_OUTPUT_WAIT_IEOF: - debug("channel %d: output wait_ieof -> closed", c->self); - c->ostate = CHAN_OUTPUT_CLOSED; + chan_set_ostate(c, CHAN_OUTPUT_CLOSED); break; default: - error("channel %d: protocol error: chan_rcvd_ieof for ostate %d", + error("channel %d: protocol error: rcvd_ieof for ostate %d", c->self, c->ostate); break; } @@ -174,38 +189,39 @@ chan_write_failed1(Channel *c) debug("channel %d: write failed", c->self); switch (c->ostate) { case CHAN_OUTPUT_OPEN: - debug("channel %d: output open -> wait_ieof", c->self); + chan_shutdown_write(c); chan_send_oclose1(c); - c->ostate = CHAN_OUTPUT_WAIT_IEOF; + chan_set_ostate(c, CHAN_OUTPUT_WAIT_IEOF); break; case CHAN_OUTPUT_WAIT_DRAIN: - debug("channel %d: output wait_drain -> closed", c->self); + chan_shutdown_write(c); chan_send_oclose1(c); - c->ostate = CHAN_OUTPUT_CLOSED; + chan_set_ostate(c, CHAN_OUTPUT_CLOSED); break; default: - error("channel %d: internal error: chan_write_failed for ostate %d", + error("channel %d: chan_write_failed for ostate %d", c->self, c->ostate); break; } } -static void -chan_obuf_empty1(Channel *c) +void +chan_obuf_empty(Channel *c) { debug("channel %d: obuf empty", c->self); if (buffer_len(&c->output)) { - error("channel %d: internal error: chan_obuf_empty for non empty buffer", + error("channel %d: chan_obuf_empty for non empty buffer", c->self); return; } switch (c->ostate) { case CHAN_OUTPUT_WAIT_DRAIN: - debug("channel %d: output drain -> closed", c->self); - chan_send_oclose1(c); - c->ostate = CHAN_OUTPUT_CLOSED; + chan_shutdown_write(c); + if (!compat20) + chan_send_oclose1(c); + chan_set_ostate(c, CHAN_OUTPUT_CLOSED); break; default: - error("channel %d: internal error: chan_obuf_empty for ostate %d", + error("channel %d: internal error: obuf_empty for ostate %d", c->self, c->ostate); break; } @@ -222,7 +238,7 @@ chan_send_ieof1(Channel *c) packet_send(); break; default: - error("channel %d: internal error: cannot send ieof for istate %d", + error("channel %d: cannot send ieof for istate %d", c->self, c->istate); break; } @@ -234,15 +250,14 @@ chan_send_oclose1(Channel *c) switch (c->ostate) { case CHAN_OUTPUT_OPEN: case CHAN_OUTPUT_WAIT_DRAIN: - chan_shutdown_write(c); - buffer_consume(&c->output, buffer_len(&c->output)); + buffer_clear(&c->output); packet_start(SSH_MSG_CHANNEL_OUTPUT_CLOSE); packet_put_int(c->remote_id); packet_send(); break; default: - error("channel %d: internal error: cannot send oclose for ostate %d", - c->self, c->ostate); + error("channel %d: cannot send oclose for ostate %d", + c->self, c->ostate); break; } } @@ -251,7 +266,7 @@ chan_send_oclose1(Channel *c) * the same for SSH2 */ static void -chan_rcvd_oclose2(Channel *c) +chan_rcvd_close2(Channel *c) { debug("channel %d: rcvd close", c->self); if (c->flags & CHAN_CLOSE_RCVD) @@ -259,59 +274,36 @@ chan_rcvd_oclose2(Channel *c) c->flags |= CHAN_CLOSE_RCVD; if (c->type == SSH_CHANNEL_LARVAL) { /* tear down larval channels immediately */ - c->ostate = CHAN_OUTPUT_CLOSED; - c->istate = CHAN_INPUT_CLOSED; + chan_set_ostate(c, CHAN_OUTPUT_CLOSED); + chan_set_istate(c, CHAN_INPUT_CLOSED); return; } switch (c->ostate) { case CHAN_OUTPUT_OPEN: - /* wait until a data from the channel is consumed if a CLOSE is received */ - debug("channel %d: output open -> drain", c->self); - c->ostate = CHAN_OUTPUT_WAIT_DRAIN; + /* + * wait until a data from the channel is consumed if a CLOSE + * is received + */ + chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN); break; } switch (c->istate) { case CHAN_INPUT_OPEN: - debug("channel %d: input open -> closed", c->self); chan_shutdown_read(c); + chan_set_istate(c, CHAN_INPUT_CLOSED); break; case CHAN_INPUT_WAIT_DRAIN: - debug("channel %d: input drain -> closed", c->self); chan_send_eof2(c); - break; - } - c->istate = CHAN_INPUT_CLOSED; -} -static void -chan_ibuf_empty2(Channel *c) -{ - debug("channel %d: ibuf empty", c->self); - if (buffer_len(&c->input)) { - error("channel %d: internal error: chan_ibuf_empty for non empty buffer", - c->self); - return; - } - switch (c->istate) { - case CHAN_INPUT_WAIT_DRAIN: - debug("channel %d: input drain -> closed", c->self); - if (!(c->flags & CHAN_CLOSE_SENT)) - chan_send_eof2(c); - c->istate = CHAN_INPUT_CLOSED; - break; - default: - error("channel %d: internal error: chan_ibuf_empty for istate %d", - c->self, c->istate); + chan_set_istate(c, CHAN_INPUT_CLOSED); break; } } static void -chan_rcvd_ieof2(Channel *c) +chan_rcvd_eof2(Channel *c) { debug("channel %d: rcvd eof", c->self); - if (c->ostate == CHAN_OUTPUT_OPEN) { - debug("channel %d: output open -> drain", c->self); - c->ostate = CHAN_OUTPUT_WAIT_DRAIN; - } + if (c->ostate == CHAN_OUTPUT_OPEN) + chan_set_ostate(c, CHAN_OUTPUT_WAIT_DRAIN); } static void chan_write_failed2(Channel *c) @@ -319,38 +311,12 @@ chan_write_failed2(Channel *c) debug("channel %d: write failed", c->self); switch (c->ostate) { case CHAN_OUTPUT_OPEN: - debug("channel %d: output open -> closed", c->self); - chan_shutdown_write(c); /* ?? */ - c->ostate = CHAN_OUTPUT_CLOSED; - break; - case CHAN_OUTPUT_WAIT_DRAIN: - debug("channel %d: output drain -> closed", c->self); - chan_shutdown_write(c); - c->ostate = CHAN_OUTPUT_CLOSED; - break; - default: - error("channel %d: internal error: chan_write_failed for ostate %d", - c->self, c->ostate); - break; - } -} -static void -chan_obuf_empty2(Channel *c) -{ - debug("channel %d: obuf empty", c->self); - if (buffer_len(&c->output)) { - error("internal error: chan_obuf_empty %d for non empty buffer", - c->self); - return; - } - switch (c->ostate) { case CHAN_OUTPUT_WAIT_DRAIN: - debug("channel %d: output drain -> closed", c->self); chan_shutdown_write(c); - c->ostate = CHAN_OUTPUT_CLOSED; + chan_set_ostate(c, CHAN_OUTPUT_CLOSED); break; default: - error("channel %d: internal error: chan_obuf_empty for ostate %d", + error("channel %d: chan_write_failed for ostate %d", c->self, c->ostate); break; } @@ -366,7 +332,7 @@ chan_send_eof2(Channel *c) packet_send(); break; default: - error("channel %d: internal error: cannot send eof for istate %d", + error("channel %d: cannot send eof for istate %d", c->self, c->istate); break; } @@ -377,10 +343,10 @@ chan_send_close2(Channel *c) debug("channel %d: send close", c->self); if (c->ostate != CHAN_OUTPUT_CLOSED || c->istate != CHAN_INPUT_CLOSED) { - error("channel %d: internal error: cannot send close for istate/ostate %d/%d", + error("channel %d: cannot send close for istate/ostate %d/%d", c->self, c->istate, c->ostate); } else if (c->flags & CHAN_CLOSE_SENT) { - error("channel %d: internal error: already sent close", c->self); + error("channel %d: already sent close", c->self); } else { packet_start(SSH2_MSG_CHANNEL_CLOSE); packet_put_int(c->remote_id); @@ -391,9 +357,47 @@ chan_send_close2(Channel *c) /* shared */ +void +chan_rcvd_ieof(Channel *c) +{ + if (compat20) + chan_rcvd_eof2(c); + else + chan_rcvd_ieof1(c); + if (c->ostate == CHAN_OUTPUT_WAIT_DRAIN && + buffer_len(&c->output) == 0) + chan_obuf_empty(c); +} +void +chan_rcvd_oclose(Channel *c) +{ + if (compat20) + chan_rcvd_close2(c); + else + chan_rcvd_oclose1(c); +} +void +chan_write_failed(Channel *c) +{ + if (compat20) + chan_write_failed2(c); + else + chan_write_failed1(c); +} + +void +chan_mark_dead(Channel *c) +{ + c->type = SSH_CHANNEL_ZOMBIE; +} + int -chan_is_dead(Channel *c) +chan_is_dead(Channel *c, int send) { + if (c->type == SSH_CHANNEL_ZOMBIE) { + debug("channel %d: zombie", c->self); + return 1; + } if (c->istate != CHAN_INPUT_CLOSED || c->ostate != CHAN_OUTPUT_CLOSED) return 0; if (!compat20) { @@ -414,10 +418,19 @@ chan_is_dead(Channel *c) debug2("channel %d: active efd: %d len %d type %s", c->self, c->efd, buffer_len(&c->extended), c->extended_usage==CHAN_EXTENDED_READ ? - "read": "write"); + "read": "write"); } else { if (!(c->flags & CHAN_CLOSE_SENT)) { - chan_send_close2(c); + if (send) { + chan_send_close2(c); + } else { + /* channel would be dead if we sent a close */ + if (c->flags & CHAN_CLOSE_RCVD) { + debug("channel %d: almost dead", + c->self); + return 1; + } + } } if ((c->flags & CHAN_CLOSE_SENT) && (c->flags & CHAN_CLOSE_RCVD)) { @@ -428,55 +441,25 @@ chan_is_dead(Channel *c) return 0; } -void -chan_init_iostates(Channel *c) -{ - c->ostate = CHAN_OUTPUT_OPEN; - c->istate = CHAN_INPUT_OPEN; - c->flags = 0; -} - -/* init */ -void -chan_init(void) -{ - if (compat20) { - chan_rcvd_oclose = chan_rcvd_oclose2; - chan_read_failed = chan_read_failed_12; - chan_ibuf_empty = chan_ibuf_empty2; - - chan_rcvd_ieof = chan_rcvd_ieof2; - chan_write_failed = chan_write_failed2; - chan_obuf_empty = chan_obuf_empty2; - } else { - chan_rcvd_oclose = chan_rcvd_oclose1; - chan_read_failed = chan_read_failed_12; - chan_ibuf_empty = chan_ibuf_empty1; - - chan_rcvd_ieof = chan_rcvd_ieof1; - chan_write_failed = chan_write_failed1; - chan_obuf_empty = chan_obuf_empty1; - } -} - /* helper */ static void chan_shutdown_write(Channel *c) { - buffer_consume(&c->output, buffer_len(&c->output)); + buffer_clear(&c->output); if (compat20 && c->type == SSH_CHANNEL_LARVAL) return; /* shutdown failure is allowed if write failed already */ debug("channel %d: close_write", c->self); if (c->sock != -1) { if (shutdown(c->sock, SHUT_WR) < 0) - debug("channel %d: chan_shutdown_write: shutdown() failed for fd%d: %.100s", + debug("channel %d: chan_shutdown_write: " + "shutdown() failed for fd%d: %.100s", c->self, c->sock, strerror(errno)); } else { - if (close(c->wfd) < 0) - log("channel %d: chan_shutdown_write: close() failed for fd%d: %.100s", + if (channel_close_fd(&c->wfd) < 0) + log("channel %d: chan_shutdown_write: " + "close() failed for fd%d: %.100s", c->self, c->wfd, strerror(errno)); - c->wfd = -1; } } static void @@ -487,12 +470,14 @@ chan_shutdown_read(Channel *c) debug("channel %d: close_read", c->self); if (c->sock != -1) { if (shutdown(c->sock, SHUT_RD) < 0) - error("channel %d: chan_shutdown_read: shutdown() failed for fd%d [i%d o%d]: %.100s", - c->self, c->sock, c->istate, c->ostate, strerror(errno)); + error("channel %d: chan_shutdown_read: " + "shutdown() failed for fd%d [i%d o%d]: %.100s", + c->self, c->sock, c->istate, c->ostate, + strerror(errno)); } else { - if (close(c->rfd) < 0) - log("channel %d: chan_shutdown_read: close() failed for fd%d: %.100s", + if (channel_close_fd(&c->rfd) < 0) + log("channel %d: chan_shutdown_read: " + "close() failed for fd%d: %.100s", c->self, c->rfd, strerror(errno)); - c->rfd = -1; } } diff --git a/crypto/openssh/nchan2.ms b/crypto/openssh/nchan2.ms index 1b119d1353bf..1cc51fa12b37 100644 --- a/crypto/openssh/nchan2.ms +++ b/crypto/openssh/nchan2.ms @@ -1,3 +1,27 @@ +.\" $OpenBSD: nchan2.ms,v 1.2 2001/10/03 10:05:57 markus Exp $ +.\" +.\" Copyright (c) 2000 Markus Friedl. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" .TL OpenSSH Channel Close Protocol 2.0 Implementation .SH diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c index 00109eaf63d6..b3e6d8493e7a 100644 --- a/crypto/openssh/packet.c +++ b/crypto/openssh/packet.c @@ -13,7 +13,7 @@ * * * SSH2 packet format added by Markus Friedl. - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.61 2001/04/05 10:42:51 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.90 2002/02/27 21:23:13 stevesk Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -59,6 +59,7 @@ RCSID("$OpenBSD: packet.c,v 1.61 2001/04/05 10:42:51 markus Exp $"); #include "mac.h" #include "log.h" #include "canohost.h" +#include "misc.h" #ifdef PACKET_DEBUG #define DBG(x) x @@ -75,12 +76,6 @@ RCSID("$OpenBSD: packet.c,v 1.61 2001/04/05 10:42:51 markus Exp $"); static int connection_in = -1; static int connection_out = -1; -/* - * Cipher type. This value is only used to determine whether to pad the - * packets with zeroes or random data. - */ -static int cipher_type = SSH_CIPHER_NONE; - /* Protocol flags for the remote side. */ static u_int remote_protocol_flags = 0; @@ -118,19 +113,11 @@ static int initialized = 0; /* Set to true if the connection is interactive. */ static int interactive_mode = 0; -/* True if SSH2 packet format is used */ -int use_ssh2_packet_format = 0; - /* Session key information for Encryption and MAC */ Newkeys *newkeys[MODE_MAX]; -void -packet_set_ssh2_format(void) -{ - DBG(debug("use_ssh2_packet_format")); - use_ssh2_packet_format = 1; - newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; -} +/* roundup current message to extra_pad bytes */ +static u_char extra_pad = 0; /* * Sets the descriptors used for communication. Disables encryption until @@ -144,9 +131,9 @@ packet_set_connection(int fd_in, int fd_out) fatal("packet_set_connection: cannot load cipher 'none'"); connection_in = fd_in; connection_out = fd_out; - cipher_type = SSH_CIPHER_NONE; - cipher_init(&send_context, none, (u_char *) "", 0, NULL, 0); - cipher_init(&receive_context, none, (u_char *) "", 0, NULL, 0); + cipher_init(&send_context, none, "", 0, NULL, 0, CIPHER_ENCRYPT); + cipher_init(&receive_context, none, "", 0, NULL, 0, CIPHER_DECRYPT); + newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; if (!initialized) { initialized = 1; buffer_init(&input); @@ -161,7 +148,7 @@ packet_set_connection(int fd_in, int fd_out) /* Returns 1 if remote host is connected via socket, 0 if not. */ int -packet_connection_is_on_socket() +packet_connection_is_on_socket(void) { struct sockaddr_storage from, to; socklen_t fromlen, tolen; @@ -187,7 +174,7 @@ packet_connection_is_on_socket() /* returns 1 if connection is via ipv4 */ int -packet_connection_is_ipv4() +packet_connection_is_ipv4(void) { struct sockaddr_storage to; socklen_t tolen = sizeof(to); @@ -203,7 +190,7 @@ packet_connection_is_ipv4() /* Sets the connection into non-blocking mode. */ void -packet_set_nonblocking() +packet_set_nonblocking(void) { /* Set the socket into non-blocking mode. */ if (fcntl(connection_in, F_SETFL, O_NONBLOCK) < 0) @@ -218,7 +205,7 @@ packet_set_nonblocking() /* Returns the socket used for reading. */ int -packet_get_connection_in() +packet_get_connection_in(void) { return connection_in; } @@ -226,7 +213,7 @@ packet_get_connection_in() /* Returns the descriptor used for writing. */ int -packet_get_connection_out() +packet_get_connection_out(void) { return connection_out; } @@ -234,7 +221,7 @@ packet_get_connection_out() /* Closes the connection and clears and frees internal data structures. */ void -packet_close() +packet_close(void) { if (!initialized) return; @@ -254,6 +241,8 @@ packet_close() buffer_free(&compression_buffer); buffer_compress_uninit(); } + cipher_cleanup(&send_context); + cipher_cleanup(&receive_context); } /* Sets remote side protocol flags. */ @@ -262,13 +251,12 @@ void packet_set_protocol_flags(u_int protocol_flags) { remote_protocol_flags = protocol_flags; - channel_set_options((protocol_flags & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) != 0); } /* Returns the remote protocol flags set earlier by the above function. */ u_int -packet_get_protocol_flags() +packet_get_protocol_flags(void) { return remote_protocol_flags; } @@ -278,8 +266,8 @@ packet_get_protocol_flags() * Level is compression level 1 (fastest) - 9 (slow, best) as in gzip. */ -void -packet_init_compression() +static void +packet_init_compression(void) { if (compression_buffer_ready == 1) return; @@ -290,7 +278,7 @@ packet_init_compression() void packet_start_compression(int level) { - if (packet_compression && !use_ssh2_packet_format) + if (packet_compression && !compat20) fatal("Compression already enabled."); packet_compression = 1; packet_init_compression(); @@ -299,43 +287,10 @@ packet_start_compression(int level) } /* - * Encrypts the given number of bytes, copying from src to dest. bytes is - * known to be a multiple of 8. - */ - -void -packet_encrypt(CipherContext * cc, void *dest, void *src, - u_int bytes) -{ - cipher_encrypt(cc, dest, src, bytes); -} - -/* - * Decrypts the given number of bytes, copying from src to dest. bytes is - * known to be a multiple of 8. - */ - -void -packet_decrypt(CipherContext *context, void *dest, void *src, u_int bytes) -{ - /* - * Cryptographic attack detector for ssh - Modifications for packet.c - * (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com) - */ - if (!compat20 && - context->cipher->number != SSH_CIPHER_NONE && - detect_attack(src, bytes, NULL) == DEATTACK_DETECTED) - packet_disconnect("crc32 compensation attack: network attack detected"); - - cipher_decrypt(context, dest, src, bytes); -} - -/* * Causes any further packets to be encrypted using the given key. The same * key is used for both sending and reception. However, both directions are * encrypted independently of each other. */ - void packet_set_encryption_key(const u_char *key, u_int keylen, int number) @@ -345,85 +300,52 @@ packet_set_encryption_key(const u_char *key, u_int keylen, fatal("packet_set_encryption_key: unknown cipher number %d", number); if (keylen < 20) fatal("packet_set_encryption_key: keylen too small: %d", keylen); - cipher_init(&receive_context, cipher, key, keylen, NULL, 0); - cipher_init(&send_context, cipher, key, keylen, NULL, 0); -} - -/* Starts constructing a packet to send. */ - -void -packet_start1(int type) -{ - char buf[9]; - - buffer_clear(&outgoing_packet); - memset(buf, 0, 8); - buf[8] = type; - buffer_append(&outgoing_packet, buf, 9); + cipher_init(&send_context, cipher, key, keylen, NULL, 0, CIPHER_ENCRYPT); + cipher_init(&receive_context, cipher, key, keylen, NULL, 0, CIPHER_DECRYPT); } +/* Start constructing a packet to send. */ void -packet_start2(int type) +packet_start(u_char type) { - char buf[4+1+1]; - - buffer_clear(&outgoing_packet); - memset(buf, 0, sizeof buf); - /* buf[0..3] = payload_len; */ - /* buf[4] = pad_len; */ - buf[5] = type & 0xff; - buffer_append(&outgoing_packet, buf, sizeof buf); -} + u_char buf[9]; + int len; -void -packet_start(int type) -{ DBG(debug("packet_start[%d]", type)); - if (use_ssh2_packet_format) - packet_start2(type); - else - packet_start1(type); + len = compat20 ? 6 : 9; + memset(buf, 0, len - 1); + buf[len - 1] = type; + buffer_clear(&outgoing_packet); + buffer_append(&outgoing_packet, buf, len); } -/* Appends a character to the packet data. */ - +/* Append payload. */ void packet_put_char(int value) { char ch = value; buffer_append(&outgoing_packet, &ch, 1); } - -/* Appends an integer to the packet data. */ - void packet_put_int(u_int value) { buffer_put_int(&outgoing_packet, value); } - -/* Appends a string to packet data. */ - void -packet_put_string(const char *buf, u_int len) +packet_put_string(const void *buf, u_int len) { buffer_put_string(&outgoing_packet, buf, len); } void packet_put_cstring(const char *str) { - buffer_put_string(&outgoing_packet, str, strlen(str)); + buffer_put_cstring(&outgoing_packet, str); } - void -packet_put_raw(const char *buf, u_int len) +packet_put_raw(const void *buf, u_int len) { buffer_append(&outgoing_packet, buf, len); } - - -/* Appends an arbitrary precision integer to packet data. */ - void packet_put_bignum(BIGNUM * value) { @@ -440,10 +362,10 @@ packet_put_bignum2(BIGNUM * value) * encrypts the packet before sending. */ -void +static void packet_send1(void) { - char buf[8], *cp; + u_char buf[8], *cp; int i, padding, len; u_int checksum; u_int32_t rand = 0; @@ -461,14 +383,14 @@ packet_send1(void) buffer_compress(&outgoing_packet, &compression_buffer); buffer_clear(&outgoing_packet); buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_len(&compression_buffer)); } /* Compute packet length without padding (add checksum, remove padding). */ len = buffer_len(&outgoing_packet) + 4 - 8; /* Insert padding. Initialized to zero in packet_start1() */ padding = 8 - len % 8; - if (cipher_type != SSH_CIPHER_NONE) { + if (!send_context.plaintext) { cp = buffer_ptr(&outgoing_packet); for (i = 0; i < padding; i++) { if (i % 4 == 0) @@ -480,7 +402,7 @@ packet_send1(void) buffer_consume(&outgoing_packet, 8 - padding); /* Add check bytes. */ - checksum = ssh_crc32((u_char *) buffer_ptr(&outgoing_packet), + checksum = ssh_crc32(buffer_ptr(&outgoing_packet), buffer_len(&outgoing_packet)); PUT_32BIT(buf, checksum); buffer_append(&outgoing_packet, buf, 4); @@ -493,9 +415,9 @@ packet_send1(void) /* Append to output. */ PUT_32BIT(buf, len); buffer_append(&output, buf, 4); - buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); - packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); + cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); + cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet), + buffer_len(&outgoing_packet)); #ifdef PACKET_DEBUG fprintf(stderr, "encrypted: "); @@ -511,21 +433,27 @@ packet_send1(void) */ } -void +static void set_newkeys(int mode) { Enc *enc; Mac *mac; Comp *comp; CipherContext *cc; + int encrypt; debug("newkeys: mode %d", mode); - cc = (mode == MODE_OUT) ? &send_context : &receive_context; + if (mode == MODE_OUT) { + cc = &send_context; + encrypt = CIPHER_ENCRYPT; + } else { + cc = &receive_context; + encrypt = CIPHER_DECRYPT; + } if (newkeys[mode] != NULL) { debug("newkeys: rekeying"); - /* todo: free old keys, reset compression/cipher-ctxt; */ - memset(cc, 0, sizeof(*cc)); + cipher_cleanup(cc); enc = &newkeys[mode]->enc; mac = &newkeys[mode]->mac; comp = &newkeys[mode]->comp; @@ -547,10 +475,10 @@ set_newkeys(int mode) if (mac->md != NULL) mac->enabled = 1; DBG(debug("cipher_init_context: %d", mode)); - cipher_init(cc, enc->cipher, enc->key, enc->cipher->key_len, - enc->iv, enc->cipher->block_size); - memset(enc->iv, 0, enc->cipher->block_size); - memset(enc->key, 0, enc->cipher->key_len); + cipher_init(cc, enc->cipher, enc->key, enc->key_len, + enc->iv, enc->block_size, encrypt); + memset(enc->iv, 0, enc->block_size); + memset(enc->key, 0, enc->key_len); if (comp->type != 0 && comp->enabled == 0) { packet_init_compression(); if (mode == MODE_OUT) @@ -564,16 +492,15 @@ set_newkeys(int mode) /* * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) */ -void +static void packet_send2(void) { static u_int32_t seqnr = 0; - u_char *macbuf = NULL; - char *cp; + u_char type, *cp, *macbuf = NULL; + u_char padlen, pad; u_int packet_length = 0; - u_int i, padlen, len; + u_int i, len; u_int32_t rand = 0; - int type; Enc *enc = NULL; Mac *mac = NULL; Comp *comp = NULL; @@ -584,10 +511,10 @@ packet_send2(void) mac = &newkeys[MODE_OUT]->mac; comp = &newkeys[MODE_OUT]->comp; } - block_size = enc ? enc->cipher->block_size : 8; + block_size = enc ? enc->block_size : 8; cp = buffer_ptr(&outgoing_packet); - type = cp[5] & 0xff; + type = cp[5]; #ifdef PACKET_DEBUG fprintf(stderr, "plain: "); @@ -618,8 +545,17 @@ packet_send2(void) padlen = block_size - (len % block_size); if (padlen < 4) padlen += block_size; - buffer_append_space(&outgoing_packet, &cp, padlen); - if (enc && enc->cipher->number != SSH_CIPHER_NONE) { + if (extra_pad) { + /* will wrap if extra_pad+padlen > 255 */ + extra_pad = roundup(extra_pad, block_size); + pad = extra_pad - ((len + padlen) % extra_pad); + debug("packet_send2: adding %d (len %d padlen %d extra_pad %d)", + pad, len, padlen, extra_pad); + padlen += pad; + extra_pad = 0; + } + cp = buffer_append_space(&outgoing_packet, padlen); + if (enc && !send_context.plaintext) { /* random padding */ for (i = 0; i < padlen; i++) { if (i % 4 == 0) @@ -635,19 +571,19 @@ packet_send2(void) packet_length = buffer_len(&outgoing_packet) - 4; cp = buffer_ptr(&outgoing_packet); PUT_32BIT(cp, packet_length); - cp[4] = padlen & 0xff; + cp[4] = padlen; DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen)); /* compute MAC over seqnr and packet(length fields, payload, padding) */ if (mac && mac->enabled) { macbuf = mac_compute(mac, seqnr, - (u_char *) buffer_ptr(&outgoing_packet), + buffer_ptr(&outgoing_packet), buffer_len(&outgoing_packet)); DBG(debug("done calc MAC out #%d", seqnr)); } /* encrypt packet and append to output buffer. */ - buffer_append_space(&output, &cp, buffer_len(&outgoing_packet)); - packet_encrypt(&send_context, cp, buffer_ptr(&outgoing_packet), + cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); + cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet), buffer_len(&outgoing_packet)); /* append unencrypted MAC */ if (mac && mac->enabled) @@ -666,9 +602,9 @@ packet_send2(void) } void -packet_send() +packet_send(void) { - if (use_ssh2_packet_format) + if (compat20) packet_send2(); else packet_send1(); @@ -682,7 +618,7 @@ packet_send() */ int -packet_read(int *payload_len_ptr) +packet_read_seqnr(u_int32_t *seqnr_p) { int type, len; fd_set *setp; @@ -698,13 +634,13 @@ packet_read(int *payload_len_ptr) /* Stay in the loop until we have received a complete packet. */ for (;;) { /* Try to read a packet from the buffer. */ - type = packet_read_poll(payload_len_ptr); - if (!use_ssh2_packet_format && ( + type = packet_read_poll_seqnr(seqnr_p); + if (!compat20 && ( type == SSH_SMSG_SUCCESS || type == SSH_SMSG_FAILURE || type == SSH_CMSG_EOF || type == SSH_CMSG_EXIT_CONFIRMATION)) - packet_integrity_check(*payload_len_ptr, 0, type); + packet_check_eom(); /* If we got a packet, return it. */ if (type != SSH_MSG_NONE) { xfree(setp); @@ -737,17 +673,23 @@ packet_read(int *payload_len_ptr) /* NOTREACHED */ } +int +packet_read(void) +{ + return packet_read_seqnr(NULL); +} + /* * Waits until a packet has been received, verifies that its type matches * that given, and gives a fatal error and exits if there is a mismatch. */ void -packet_read_expect(int *payload_len_ptr, int expected_type) +packet_read_expect(int expected_type) { int type; - type = packet_read(payload_len_ptr); + type = packet_read(); if (type != expected_type) packet_disconnect("Protocol error: expected packet type %d, got %d", expected_type, type); @@ -760,28 +702,21 @@ packet_read_expect(int *payload_len_ptr, int expected_type) * SSH_MSG_DISCONNECT is handled specially here. Also, * SSH_MSG_IGNORE messages are skipped by this function and are never returned * to higher levels. - * - * The returned payload_len does include space consumed by: - * Packet length - * Padding - * Packet type - * Check bytes */ -int -packet_read_poll1(int *payload_len_ptr) +static int +packet_read_poll1(void) { u_int len, padded_len; - u_char *ucp; - char buf[8], *cp; + u_char *cp, type; u_int checksum, stored_checksum; /* Check if input size is less than minimum packet size. */ if (buffer_len(&input) < 4 + 8) return SSH_MSG_NONE; /* Get length of incoming packet. */ - ucp = (u_char *) buffer_ptr(&input); - len = GET_32BIT(ucp); + cp = buffer_ptr(&input); + len = GET_32BIT(cp); if (len < 1 + 2 + 2 || len > 256 * 1024) packet_disconnect("Bad packet length %d.", len); padded_len = (len + 8) & ~7; @@ -795,10 +730,20 @@ packet_read_poll1(int *payload_len_ptr) /* Consume packet length. */ buffer_consume(&input, 4); - /* Copy data to incoming_packet. */ + /* + * Cryptographic attack detector for ssh + * (C)1998 CORE-SDI, Buenos Aires Argentina + * Ariel Futoransky(futo@core-sdi.com) + */ + if (!receive_context.plaintext && + detect_attack(buffer_ptr(&input), padded_len, NULL) == DEATTACK_DETECTED) + packet_disconnect("crc32 compensation attack: network attack detected"); + + /* Decrypt data to incoming_packet. */ buffer_clear(&incoming_packet); - buffer_append_space(&incoming_packet, &cp, padded_len); - packet_decrypt(&receive_context, cp, buffer_ptr(&input), padded_len); + cp = buffer_append_space(&incoming_packet, padded_len); + cipher_crypt(&receive_context, cp, buffer_ptr(&input), padded_len); + buffer_consume(&input, padded_len); #ifdef PACKET_DEBUG @@ -807,25 +752,23 @@ packet_read_poll1(int *payload_len_ptr) #endif /* Compute packet checksum. */ - checksum = ssh_crc32((u_char *) buffer_ptr(&incoming_packet), + checksum = ssh_crc32(buffer_ptr(&incoming_packet), buffer_len(&incoming_packet) - 4); /* Skip padding. */ buffer_consume(&incoming_packet, 8 - len % 8); /* Test check bytes. */ - if (len != buffer_len(&incoming_packet)) - packet_disconnect("packet_read_poll: len %d != buffer_len %d.", + packet_disconnect("packet_read_poll1: len %d != buffer_len %d.", len, buffer_len(&incoming_packet)); - ucp = (u_char *) buffer_ptr(&incoming_packet) + len - 4; - stored_checksum = GET_32BIT(ucp); + cp = (u_char *)buffer_ptr(&incoming_packet) + len - 4; + stored_checksum = GET_32BIT(cp); if (checksum != stored_checksum) packet_disconnect("Corrupted check bytes on input."); buffer_consume_end(&incoming_packet, 4); - /* If using packet compression, decompress the packet. */ if (packet_compression) { buffer_clear(&compression_buffer); buffer_uncompress(&incoming_packet, &compression_buffer); @@ -833,26 +776,17 @@ packet_read_poll1(int *payload_len_ptr) buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), buffer_len(&compression_buffer)); } - /* Get packet type. */ - buffer_get(&incoming_packet, &buf[0], 1); - - /* Return length of payload (without type field). */ - *payload_len_ptr = buffer_len(&incoming_packet); - - /* Return type. */ - return (u_char) buf[0]; + type = buffer_get_char(&incoming_packet); + return type; } -int -packet_read_poll2(int *payload_len_ptr) +static int +packet_read_poll2(u_int32_t *seqnr_p) { static u_int32_t seqnr = 0; static u_int packet_length = 0; u_int padlen, need; - u_char buf[8], *macbuf; - u_char *ucp; - char *cp; - int type; + u_char *macbuf, *cp, type; int maclen, block_size; Enc *enc = NULL; Mac *mac = NULL; @@ -864,7 +798,7 @@ packet_read_poll2(int *payload_len_ptr) comp = &newkeys[MODE_IN]->comp; } maclen = mac && mac->enabled ? mac->mac_len : 0; - block_size = enc ? enc->cipher->block_size : 8; + block_size = enc ? enc->block_size : 8; if (packet_length == 0) { /* @@ -874,11 +808,11 @@ packet_read_poll2(int *payload_len_ptr) if (buffer_len(&input) < block_size) return SSH_MSG_NONE; buffer_clear(&incoming_packet); - buffer_append_space(&incoming_packet, &cp, block_size); - packet_decrypt(&receive_context, cp, buffer_ptr(&input), + cp = buffer_append_space(&incoming_packet, block_size); + cipher_crypt(&receive_context, cp, buffer_ptr(&input), block_size); - ucp = (u_char *) buffer_ptr(&incoming_packet); - packet_length = GET_32BIT(ucp); + cp = buffer_ptr(&incoming_packet); + packet_length = GET_32BIT(cp); if (packet_length < 1 + 4 || packet_length > 256 * 1024) { buffer_dump(&incoming_packet); packet_disconnect("Bad packet length %d.", packet_length); @@ -903,8 +837,8 @@ packet_read_poll2(int *payload_len_ptr) fprintf(stderr, "read_poll enc/full: "); buffer_dump(&input); #endif - buffer_append_space(&incoming_packet, &cp, need); - packet_decrypt(&receive_context, cp, buffer_ptr(&input), need); + cp = buffer_append_space(&incoming_packet, need); + cipher_crypt(&receive_context, cp, buffer_ptr(&input), need); buffer_consume(&input, need); /* * compute MAC over seqnr and packet, @@ -912,19 +846,21 @@ packet_read_poll2(int *payload_len_ptr) */ if (mac && mac->enabled) { macbuf = mac_compute(mac, seqnr, - (u_char *) buffer_ptr(&incoming_packet), + buffer_ptr(&incoming_packet), buffer_len(&incoming_packet)); if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) packet_disconnect("Corrupted MAC on input."); DBG(debug("MAC #%d ok", seqnr)); buffer_consume(&input, mac->mac_len); } + if (seqnr_p != NULL) + *seqnr_p = seqnr; if (++seqnr == 0) log("incoming seqnr wraps around"); /* get padlen */ - cp = buffer_ptr(&incoming_packet) + 4; - padlen = *cp & 0xff; + cp = buffer_ptr(&incoming_packet); + padlen = cp[4]; DBG(debug("input: padlen %d", padlen)); if (padlen < 4) packet_disconnect("Corrupted padlen %d on input.", padlen); @@ -946,39 +882,31 @@ packet_read_poll2(int *payload_len_ptr) * get packet type, implies consume. * return length of payload (without type field) */ - buffer_get(&incoming_packet, (char *)&buf[0], 1); - *payload_len_ptr = buffer_len(&incoming_packet); - - /* reset for next packet */ - packet_length = 0; - - /* extract packet type */ - type = (u_char)buf[0]; - + type = buffer_get_char(&incoming_packet); if (type == SSH2_MSG_NEWKEYS) set_newkeys(MODE_IN); - #ifdef PACKET_DEBUG fprintf(stderr, "read/plain[%d]:\r\n", type); buffer_dump(&incoming_packet); #endif - return (u_char)type; + /* reset for next packet */ + packet_length = 0; + return type; } int -packet_read_poll(int *payload_len_ptr) +packet_read_poll_seqnr(u_int32_t *seqnr_p) { + int reason, seqnr; + u_char type; char *msg; - for (;;) { - int type = use_ssh2_packet_format ? - packet_read_poll2(payload_len_ptr): - packet_read_poll1(payload_len_ptr); - if(compat20) { - int reason; - if (type != 0) + for (;;) { + if (compat20) { + type = packet_read_poll2(seqnr_p); + if (type) DBG(debug("received packet type %d", type)); - switch(type) { + switch (type) { case SSH2_MSG_IGNORE: break; case SSH2_MSG_DEBUG: @@ -997,12 +925,17 @@ packet_read_poll(int *payload_len_ptr) xfree(msg); fatal_cleanup(); break; + case SSH2_MSG_UNIMPLEMENTED: + seqnr = packet_get_int(); + debug("Received SSH2_MSG_UNIMPLEMENTED for %d", seqnr); + break; default: return type; break; } } else { - switch(type) { + type = packet_read_poll1(); + switch (type) { case SSH_MSG_IGNORE: break; case SSH_MSG_DEBUG: @@ -1018,7 +951,7 @@ packet_read_poll(int *payload_len_ptr) xfree(msg); break; default: - if (type != 0) + if (type) DBG(debug("received packet type %d", type)); return type; break; @@ -1027,6 +960,12 @@ packet_read_poll(int *payload_len_ptr) } } +int +packet_read_poll(void) +{ + return packet_read_poll_seqnr(NULL); +} + /* * Buffers the given amount of input characters. This is intended to be used * together with packet_read_poll. @@ -1041,7 +980,7 @@ packet_process_incoming(const char *buf, u_int len) /* Returns a character from the packet. */ u_int -packet_get_char() +packet_get_char(void) { char ch; buffer_get(&incoming_packet, &ch, 1); @@ -1051,7 +990,7 @@ packet_get_char() /* Returns an integer from the packet data. */ u_int -packet_get_int() +packet_get_int(void) { return buffer_get_int(&incoming_packet); } @@ -1062,18 +1001,18 @@ packet_get_int() */ void -packet_get_bignum(BIGNUM * value, int *length_ptr) +packet_get_bignum(BIGNUM * value) { - *length_ptr = buffer_get_bignum(&incoming_packet, value); + buffer_get_bignum(&incoming_packet, value); } void -packet_get_bignum2(BIGNUM * value, int *length_ptr) +packet_get_bignum2(BIGNUM * value) { - *length_ptr = buffer_get_bignum2(&incoming_packet, value); + buffer_get_bignum2(&incoming_packet, value); } -char * +void * packet_get_raw(int *length_ptr) { int bytes = buffer_len(&incoming_packet); @@ -1095,7 +1034,7 @@ packet_remaining(void) * integer into which the length of the string is stored. */ -char * +void * packet_get_string(u_int *length_ptr) { return buffer_get_string(&incoming_packet, length_ptr); @@ -1169,13 +1108,13 @@ packet_disconnect(const char *fmt,...) packet_put_cstring(""); } else { packet_start(SSH_MSG_DISCONNECT); - packet_put_string(buf, strlen(buf)); + packet_put_cstring(buf); } packet_send(); packet_write_wait(); /* Stop listening for connections. */ - channel_stop_listening(); + channel_close_all(); /* Close the connection. */ packet_close(); @@ -1188,7 +1127,7 @@ packet_disconnect(const char *fmt,...) /* Checks if there is any buffered output, and tries to write some of the output. */ void -packet_write_poll() +packet_write_poll(void) { int len = buffer_len(&output); if (len > 0) { @@ -1209,7 +1148,7 @@ packet_write_poll() */ void -packet_write_wait() +packet_write_wait(void) { fd_set *setp; @@ -1231,7 +1170,7 @@ packet_write_wait() /* Returns true if there is buffered data to write to the connection. */ int -packet_have_data_to_write() +packet_have_data_to_write(void) { return buffer_len(&output) != 0; } @@ -1239,7 +1178,7 @@ packet_have_data_to_write() /* Returns true if there is not too much data to write to the connection. */ int -packet_not_very_much_data_to_write() +packet_not_very_much_data_to_write(void) { if (interactive_mode) return buffer_len(&output) < 16384; @@ -1255,7 +1194,6 @@ packet_set_interactive(int interactive) static int called = 0; int lowdelay = IPTOS_LOWDELAY; int throughput = IPTOS_THROUGHPUT; - int on = 1; if (called) return; @@ -1277,19 +1215,17 @@ packet_set_interactive(int interactive) */ if (packet_connection_is_ipv4()) { if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, - (void *) &lowdelay, sizeof(lowdelay)) < 0) + &lowdelay, sizeof(lowdelay)) < 0) error("setsockopt IPTOS_LOWDELAY: %.100s", strerror(errno)); } - if (setsockopt(connection_in, IPPROTO_TCP, TCP_NODELAY, (void *) &on, - sizeof(on)) < 0) - error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); + set_nodelay(connection_in); } else if (packet_connection_is_ipv4()) { /* * Set IP options for a non-interactive connection. Use * IPTOS_THROUGHPUT. */ - if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &throughput, + if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, &throughput, sizeof(throughput)) < 0) error("setsockopt IPTOS_THROUGHPUT: %.100s", strerror(errno)); } @@ -1298,7 +1234,7 @@ packet_set_interactive(int interactive) /* Returns true if the current connection is interactive. */ int -packet_is_interactive() +packet_is_interactive(void) { return interactive_mode; } @@ -1316,11 +1252,19 @@ packet_set_maxsize(int s) log("packet_set_maxsize: bad size %d", s); return -1; } - log("packet_set_maxsize: setting to %d", s); + called = 1; + debug("packet_set_maxsize: setting to %d", s); max_packet_size = s; return s; } +/* roundup current message to pad bytes */ +void +packet_add_padding(u_char pad) +{ + extra_pad = pad; +} + /* * 9.2. Ignored Data Message * @@ -1332,41 +1276,6 @@ packet_set_maxsize(int s) * required to send them. This message can be used as an additional * protection measure against advanced traffic analysis techniques. */ -/* size of current + ignore message should be n*sumlen bytes (w/o mac) */ -void -packet_inject_ignore(int sumlen) -{ - int blocksize, padlen, have, need, nb, mini, nbytes; - Enc *enc = NULL; - - if (use_ssh2_packet_format == 0) - return; - - have = buffer_len(&outgoing_packet); - debug2("packet_inject_ignore: current %d", have); - if (newkeys[MODE_OUT] != NULL) - enc = &newkeys[MODE_OUT]->enc; - blocksize = enc ? enc->cipher->block_size : 8; - padlen = blocksize - (have % blocksize); - if (padlen < 4) - padlen += blocksize; - have += padlen; - have /= blocksize; /* # of blocks for current message */ - - nb = roundup(sumlen, blocksize) / blocksize; /* blocks for both */ - mini = roundup(5+1+4+4, blocksize) / blocksize; /* minsize ignore msg */ - need = nb - (have % nb); /* blocks for ignore */ - if (need <= mini) - need += nb; - nbytes = (need - mini) * blocksize; /* size of ignore payload */ - debug2("packet_inject_ignore: block %d have %d nb %d mini %d need %d", - blocksize, have, nb, mini, need); - - /* enqueue current message and append a ignore message */ - packet_send(); - packet_send_ignore(nbytes); -} - void packet_send_ignore(int nbytes) { @@ -1375,7 +1284,7 @@ packet_send_ignore(int nbytes) packet_start(compat20 ? SSH2_MSG_IGNORE : SSH_MSG_IGNORE); packet_put_int(nbytes); - for(i = 0; i < nbytes; i++) { + for (i = 0; i < nbytes; i++) { if (i % 4 == 0) rand = arc4random(); packet_put_char(rand & 0xff); diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h index 0f5e71049979..d6bf2aab484f 100644 --- a/crypto/openssh/packet.h +++ b/crypto/openssh/packet.h @@ -1,3 +1,5 @@ +/* $OpenBSD: packet.h,v 1.33 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,190 +13,69 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: packet.h,v 1.22 2001/04/14 16:33:20 stevesk Exp $"); */ - #ifndef PACKET_H #define PACKET_H #include <openssl/bn.h> -/* - * Sets the socket used for communication. Disables encryption until - * packet_set_encryption_key is called. It is permissible that fd_in and - * fd_out are the same descriptor; in that case it is assumed to be a socket. - */ -void packet_set_connection(int fd_in, int fd_out); - -/* Puts the connection file descriptors into non-blocking mode. */ -void packet_set_nonblocking(void); - -/* Returns the file descriptor used for input. */ -int packet_get_connection_in(void); - -/* Returns the file descriptor used for output. */ -int packet_get_connection_out(void); - -/* - * Closes the connection (both descriptors) and clears and frees internal - * data structures. - */ -void packet_close(void); - -/* - * Causes any further packets to be encrypted using the given key. The same - * key is used for both sending and reception. However, both directions are - * encrypted independently of each other. Cipher types are defined in ssh.h. - */ -void -packet_set_encryption_key(const u_char *key, u_int keylen, - int cipher_type); - -/* - * Sets remote side protocol flags for the current connection. This can be - * called at any time. - */ -void packet_set_protocol_flags(u_int flags); - -/* Returns the remote protocol flags set earlier by the above function. */ -u_int packet_get_protocol_flags(void); - -/* Enables compression in both directions starting from the next packet. */ -void packet_start_compression(int level); - -/* - * Informs that the current session is interactive. Sets IP flags for - * optimal performance in interactive use. - */ -void packet_set_interactive(int interactive); - -/* Returns true if the current connection is interactive. */ -int packet_is_interactive(void); - -/* Starts constructing a packet to send. */ -void packet_start(int type); - -/* Appends a character to the packet data. */ -void packet_put_char(int ch); - -/* Appends an integer to the packet data. */ -void packet_put_int(u_int value); - -/* Appends an arbitrary precision integer to packet data. */ -void packet_put_bignum(BIGNUM * value); -void packet_put_bignum2(BIGNUM * value); - -/* Appends a string to packet data. */ -void packet_put_string(const char *buf, u_int len); -void packet_put_cstring(const char *str); -void packet_put_raw(const char *buf, u_int len); - -/* - * Finalizes and sends the packet. If the encryption key has been set, - * encrypts the packet before sending. - */ -void packet_send(void); - -/* Waits until a packet has been received, and returns its type. */ -int packet_read(int *payload_len_ptr); - -/* - * Waits until a packet has been received, verifies that its type matches - * that given, and gives a fatal error and exits if there is a mismatch. - */ -void packet_read_expect(int *payload_len_ptr, int type); - -/* - * Checks if a full packet is available in the data received so far via - * packet_process_incoming. If so, reads the packet; otherwise returns - * SSH_MSG_NONE. This does not wait for data from the connection. - * SSH_MSG_DISCONNECT is handled specially here. Also, SSH_MSG_IGNORE - * messages are skipped by this function and are never returned to higher - * levels. - */ -int packet_read_poll(int *packet_len_ptr); - -/* - * Buffers the given amount of input characters. This is intended to be used - * together with packet_read_poll. - */ -void packet_process_incoming(const char *buf, u_int len); - -/* Returns a character (0-255) from the packet data. */ -u_int packet_get_char(void); - -/* Returns an integer from the packet data. */ -u_int packet_get_int(void); - -/* - * Returns an arbitrary precision integer from the packet data. The integer - * must have been initialized before this call. - */ -void packet_get_bignum(BIGNUM * value, int *length_ptr); -void packet_get_bignum2(BIGNUM * value, int *length_ptr); -char *packet_get_raw(int *length_ptr); - -/* - * Returns a string from the packet data. The string is allocated using - * xmalloc; it is the responsibility of the calling program to free it when - * no longer needed. The length_ptr argument may be NULL, or point to an - * integer into which the length of the string is stored. - */ -char *packet_get_string(u_int *length_ptr); - -/* - * Logs the error in syslog using LOG_INFO, constructs and sends a disconnect - * packet, closes the connection, and exits. This function never returns. - * The error message should not contain a newline. The total length of the - * message must not exceed 1024 bytes. - */ -void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); - -/* - * Sends a diagnostic message to the other side. This message can be sent at - * any time (but not while constructing another message). The message is - * printed immediately, but only if the client is being executed in verbose - * mode. These messages are primarily intended to ease debugging - * authentication problems. The total length of the message must not exceed - * 1024 bytes. This will automatically call packet_write_wait. If the - * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG, - * this will do nothing. - */ -void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); - -/* Checks if there is any buffered output, and tries to write some of the output. */ -void packet_write_poll(void); - -/* Waits until all pending output data has been written. */ -void packet_write_wait(void); +void packet_set_connection(int, int); +void packet_set_nonblocking(void); +int packet_get_connection_in(void); +int packet_get_connection_out(void); +void packet_close(void); +void packet_set_encryption_key(const u_char *, u_int, int); +void packet_set_protocol_flags(u_int); +u_int packet_get_protocol_flags(void); +void packet_start_compression(int); +void packet_set_interactive(int); +int packet_is_interactive(void); + +void packet_start(u_char); +void packet_put_char(int ch); +void packet_put_int(u_int value); +void packet_put_bignum(BIGNUM * value); +void packet_put_bignum2(BIGNUM * value); +void packet_put_string(const void *buf, u_int len); +void packet_put_cstring(const char *str); +void packet_put_raw(const void *buf, u_int len); +void packet_send(void); + +int packet_read(void); +void packet_read_expect(int type); +int packet_read_poll(void); +void packet_process_incoming(const char *buf, u_int len); +int packet_read_seqnr(u_int32_t *seqnr_p); +int packet_read_poll_seqnr(u_int32_t *seqnr_p); + +u_int packet_get_char(void); +u_int packet_get_int(void); +void packet_get_bignum(BIGNUM * value); +void packet_get_bignum2(BIGNUM * value); +void *packet_get_raw(int *length_ptr); +void *packet_get_string(u_int *length_ptr); +void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); + +void packet_write_poll(void); +void packet_write_wait(void); +int packet_have_data_to_write(void); +int packet_not_very_much_data_to_write(void); + +int packet_connection_is_on_socket(void); +int packet_connection_is_ipv4(void); +int packet_remaining(void); +void packet_send_ignore(int); +void packet_add_padding(u_char); + +void tty_make_modes(int, struct termios *); +void tty_parse_modes(int, int *); -/* Returns true if there is buffered data to write to the connection. */ -int packet_have_data_to_write(void); - -/* Returns true if there is not too much data to write to the connection. */ -int packet_not_very_much_data_to_write(void); - -/* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */ extern int max_packet_size; -int packet_set_maxsize(int s); -#define packet_get_maxsize() max_packet_size - -/* Stores tty modes from the fd or tiop into current packet. */ -void tty_make_modes(int fd, struct termios *tiop); - -/* Parses tty modes for the fd from the current packet. */ -void tty_parse_modes(int fd, int *n_bytes_ptr); +int packet_set_maxsize(int); +#define packet_get_maxsize() max_packet_size -#define packet_integrity_check(payload_len, expected_len, type) \ -do { \ - int _p = (payload_len), _e = (expected_len); \ - if (_p != _e) { \ - log("Packet integrity error (%d != %d) at %s:%d", \ - _p, _e, __FILE__, __LINE__); \ - packet_disconnect("Packet integrity error. (%d)", (type)); \ - } \ -} while (0) - -#define packet_done() \ +/* don't allow remaining bytes after the end of the message */ +#define packet_check_eom() \ do { \ int _len = packet_remaining(); \ if (_len > 0) { \ @@ -204,20 +85,4 @@ do { \ } \ } while (0) -/* remote host is connected via a socket/ipv4 */ -int packet_connection_is_on_socket(void); -int packet_connection_is_ipv4(void); - -/* enable SSH2 packet format */ -void packet_set_ssh2_format(void); - -/* returns remaining payload bytes */ -int packet_remaining(void); - -/* append an ignore message */ -void packet_send_ignore(int nbytes); - -/* add an ignore message and make sure size (current+ignore) = n*sumlen */ -void packet_inject_ignore(int sumlen); - #endif /* PACKET_H */ diff --git a/crypto/openssh/pathnames.h b/crypto/openssh/pathnames.h index 2f109b30ac4a..b45131208e44 100644 --- a/crypto/openssh/pathnames.h +++ b/crypto/openssh/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.5 2001/04/12 19:15:24 markus Exp $ */ +/* $OpenBSD: pathnames.h,v 1.11 2002/02/09 17:37:34 deraadt Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -13,24 +13,28 @@ */ #define ETCDIR "/etc" +#define SSHDIR ETCDIR "/ssh" #define _PATH_SSH_PIDDIR "/var/run" /* * System-wide file containing host keys of known hosts. This file should be * world-readable. */ -#define _PATH_SSH_SYSTEM_HOSTFILE ETCDIR "/ssh_known_hosts" -#define _PATH_SSH_SYSTEM_HOSTFILE2 ETCDIR "/ssh_known_hosts2" +#define _PATH_SSH_SYSTEM_HOSTFILE SSHDIR "/ssh_known_hosts" +/* backward compat for protocol 2 */ +#define _PATH_SSH_SYSTEM_HOSTFILE2 SSHDIR "/ssh_known_hosts2" /* * Of these, ssh_host_key must be readable only by root, whereas ssh_config * should be world-readable. */ -#define _PATH_SERVER_CONFIG_FILE ETCDIR "/sshd_config" -#define _PATH_HOST_CONFIG_FILE ETCDIR "/ssh_config" -#define _PATH_HOST_KEY_FILE ETCDIR "/ssh_host_key" -#define _PATH_HOST_DSA_KEY_FILE ETCDIR "/ssh_host_dsa_key" -#define _PATH_HOST_RSA_KEY_FILE ETCDIR "/ssh_host_rsa_key" +#define _PATH_SERVER_CONFIG_FILE SSHDIR "/sshd_config" +#define _PATH_HOST_CONFIG_FILE SSHDIR "/ssh_config" +#define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key" +#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key" +#define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key" +#define _PATH_DH_MODULI ETCDIR "/moduli" +/* Backwards compatibility */ #define _PATH_DH_PRIMES ETCDIR "/primes" #define _PATH_SSH_PROGRAM "/usr/bin/ssh" @@ -53,6 +57,7 @@ * contain anything particularly secret. */ #define _PATH_SSH_USER_HOSTFILE "~/.ssh/known_hosts" +/* backward compat for protocol 2 */ #define _PATH_SSH_USER_HOSTFILE2 "~/.ssh/known_hosts2" /* @@ -80,6 +85,8 @@ * running as root.) */ #define _PATH_SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys" + +/* backward compat for protocol v2 */ #define _PATH_SSH_USER_PERMITTED_KEYS2 ".ssh/authorized_keys2" /* @@ -89,7 +96,7 @@ * use. xauth will be run if neither of these exists. */ #define _PATH_SSH_USER_RC ".ssh/rc" -#define _PATH_SSH_SYSTEM_RC ETCDIR "/sshrc" +#define _PATH_SSH_SYSTEM_RC SSHDIR "/sshrc" /* * Ssh-only version of /etc/hosts.equiv. Additionally, the daemon may use @@ -103,6 +110,12 @@ */ #define _PATH_SSH_ASKPASS_DEFAULT "/usr/X11R6/bin/ssh-askpass" +/* xauth for X11 forwarding */ +#define _PATH_XAUTH "/usr/X11R6/bin/xauth" + +/* UNIX domain socket for X11 server; displaynum will replace %u */ +#define _PATH_UNIX_X "/tmp/.X11-unix/X%u" + /* for scp */ #define _PATH_CP "cp" diff --git a/crypto/openssh/radix.c b/crypto/openssh/radix.c index 3b149a82ba82..e60435736e56 100644 --- a/crypto/openssh/radix.c +++ b/crypto/openssh/radix.c @@ -25,11 +25,13 @@ #include "includes.h" #include "uuencode.h" -RCSID("$OpenBSD: radix.c,v 1.15 2001/01/16 23:58:09 deraadt Exp $"); +RCSID("$OpenBSD: radix.c,v 1.17 2001/11/19 19:02:16 mpech Exp $"); #ifdef AFS #include <krb.h> +#include <radix.h> + typedef u_char my_u_char; typedef u_int my_u_int32_t; typedef u_short my_u_short; @@ -37,7 +39,7 @@ typedef u_short my_u_short; /* Nasty macros from BIND-4.9.2 */ #define GETSHORT(s, cp) { \ - register my_u_char *t_cp = (my_u_char *)(cp); \ + my_u_char *t_cp = (my_u_char *)(cp); \ (s) = (((my_u_short)t_cp[0]) << 8) \ | (((my_u_short)t_cp[1])) \ ; \ @@ -45,7 +47,7 @@ typedef u_short my_u_short; } #define GETLONG(l, cp) { \ - register my_u_char *t_cp = (my_u_char *)(cp); \ + my_u_char *t_cp = (my_u_char *)(cp); \ (l) = (((my_u_int32_t)t_cp[0]) << 24) \ | (((my_u_int32_t)t_cp[1]) << 16) \ | (((my_u_int32_t)t_cp[2]) << 8) \ @@ -55,16 +57,16 @@ typedef u_short my_u_short; } #define PUTSHORT(s, cp) { \ - register my_u_short t_s = (my_u_short)(s); \ - register my_u_char *t_cp = (my_u_char *)(cp); \ + my_u_short t_s = (my_u_short)(s); \ + my_u_char *t_cp = (my_u_char *)(cp); \ *t_cp++ = t_s >> 8; \ *t_cp = t_s; \ (cp) += 2; \ } #define PUTLONG(l, cp) { \ - register my_u_int32_t t_l = (my_u_int32_t)(l); \ - register my_u_char *t_cp = (my_u_char *)(cp); \ + my_u_int32_t t_l = (my_u_int32_t)(l); \ + my_u_char *t_cp = (my_u_char *)(cp); \ *t_cp++ = t_l >> 24; \ *t_cp++ = t_l >> 16; \ *t_cp++ = t_l >> 8; \ @@ -73,9 +75,9 @@ typedef u_short my_u_short; } #define GETSTRING(s, p, p_l) { \ - register char *p_targ = (p) + p_l; \ - register char *s_c = (s); \ - register char *p_c = (p); \ + char *p_targ = (p) + p_l; \ + char *s_c = (s); \ + char *p_c = (p); \ while (*p_c && (p_c < p_targ)) { \ *s_c++ = *p_c++; \ } \ diff --git a/crypto/openssh/radix.h b/crypto/openssh/radix.h index 57592d82313e..e94e4acc6adf 100644 --- a/crypto/openssh/radix.h +++ b/crypto/openssh/radix.h @@ -1,4 +1,4 @@ -/* $OpenBSD: radix.h,v 1.2 2001/01/29 01:58:17 niklas Exp $ */ +/* $OpenBSD: radix.h,v 1.4 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 1999 Dug Song. All rights reserved. @@ -24,5 +24,5 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -int creds_to_radix(CREDENTIALS * creds, u_char *buf, size_t buflen); -int radix_to_creds(const char *buf, CREDENTIALS * creds); +int creds_to_radix(CREDENTIALS *, u_char *, size_t); +int radix_to_creds(const char *, CREDENTIALS *); diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index cbb93b7b0619..45e95d9f604e 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.76 2001/04/17 10:53:25 markus Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.95 2002/02/04 12:15:25 markus Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -96,11 +96,14 @@ typedef enum { oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication, oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh, oChallengeResponseAuthentication, oXAuthLocation, -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) oKerberosAuthentication, -#endif /* KRB4 */ +#endif +#if defined(AFS) || defined(KRB5) + oKerberosTgtPassing, +#endif #ifdef AFS - oKerberosTgtPassing, oAFSTokenPassing, + oAFSTokenPassing, #endif oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, @@ -111,7 +114,8 @@ typedef enum { oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms + oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, + oClearAllForwardings, oNoHostAuthenticationForLocalhost } OpCodes; /* Textual representations of the tokens. */ @@ -137,11 +141,13 @@ static struct { { "challengeresponseauthentication", oChallengeResponseAuthentication }, { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) { "kerberosauthentication", oKerberosAuthentication }, -#endif /* KRB4 */ -#ifdef AFS +#endif +#if defined(AFS) || defined(KRB5) { "kerberostgtpassing", oKerberosTgtPassing }, +#endif +#ifdef AFS { "afstokenpassing", oAFSTokenPassing }, #endif { "fallbacktorsh", oFallBackToRsh }, @@ -162,9 +168,9 @@ static struct { { "host", oHost }, { "escapechar", oEscapeChar }, { "globalknownhostsfile", oGlobalKnownHostsFile }, - { "userknownhostsfile", oUserKnownHostsFile }, + { "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */ { "globalknownhostsfile2", oGlobalKnownHostsFile2 }, - { "userknownhostsfile2", oUserKnownHostsFile2 }, + { "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */ { "connectionattempts", oConnectionAttempts }, { "batchmode", oBatchMode }, { "checkhostip", oCheckHostIP }, @@ -177,7 +183,11 @@ static struct { { "dynamicforward", oDynamicForward }, { "preferredauthentications", oPreferredAuthentications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, - { NULL, 0 } + { "bindaddress", oBindAddress }, + { "smartcarddevice", oSmartcardDevice }, + { "clearallforwardings", oClearAllForwardings }, + { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, + { NULL, oBadOption } }; /* @@ -213,13 +223,26 @@ add_remote_forward(Options *options, u_short port, const char *host, Forward *fwd; if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) fatal("Too many remote forwards (max %d).", - SSH_MAX_FORWARDS_PER_DIRECTION); + SSH_MAX_FORWARDS_PER_DIRECTION); fwd = &options->remote_forwards[options->num_remote_forwards++]; fwd->port = port; fwd->host = xstrdup(host); fwd->host_port = host_port; } +static void +clear_forwardings(Options *options) +{ + int i; + + for (i = 0; i < options->num_local_forwards; i++) + xfree(options->local_forwards[i].host); + options->num_local_forwards = 0; + for (i = 0; i < options->num_remote_forwards; i++) + xfree(options->remote_forwards[i].host); + options->num_remote_forwards = 0; +} + /* * Returns the number of the token pointed to by cp or oBadOption. */ @@ -251,6 +274,7 @@ process_config_line(Options *options, const char *host, char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg; int opcode, *intptr, value; u_short fwd_port, fwd_host_port; + char sfwd_host_port[6]; s = line; /* Get the keyword. (Each line is supposed to begin with a keyword). */ @@ -330,25 +354,23 @@ parse_flag: goto parse_flag; case oChallengeResponseAuthentication: - intptr = &options->challenge_reponse_authentication; + intptr = &options->challenge_response_authentication; goto parse_flag; - -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) case oKerberosAuthentication: intptr = &options->kerberos_authentication; goto parse_flag; -#endif /* KRB4 */ - -#ifdef AFS +#endif +#if defined(AFS) || defined(KRB5) case oKerberosTgtPassing: intptr = &options->kerberos_tgt_passing; goto parse_flag; - +#endif +#ifdef AFS case oAFSTokenPassing: intptr = &options->afs_token_passing; goto parse_flag; #endif - case oFallBackToRsh: intptr = &options->fallback_to_rsh; goto parse_flag; @@ -370,7 +392,7 @@ parse_flag: arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing yes/no/ask argument.", - filename, linenum); + filename, linenum); value = 0; /* To avoid compiler warning... */ if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) value = 1; @@ -392,6 +414,10 @@ parse_flag: intptr = &options->keepalives; goto parse_flag; + case oNoHostAuthenticationForLocalhost: + intptr = &options->no_host_authentication_for_localhost; + goto parse_flag; + case oNumberOfPasswordPrompts: intptr = &options->number_of_password_prompts; goto parse_int; @@ -408,7 +434,7 @@ parse_flag: intptr = &options->num_identity_files; if (*intptr >= SSH_MAX_IDENTITY_FILES) fatal("%.200s line %d: Too many identity files specified (max %d).", - filename, linenum, SSH_MAX_IDENTITY_FILES); + filename, linenum, SSH_MAX_IDENTITY_FILES); charptr = &options->identity_files[*intptr]; *charptr = xstrdup(arg); *intptr = *intptr + 1; @@ -457,6 +483,14 @@ parse_string: charptr = &options->preferred_authentications; goto parse_string; + case oBindAddress: + charptr = &options->bind_address; + goto parse_string; + + case oSmartcardDevice: + charptr = &options->smartcard_device; + goto parse_string; + case oProxyCommand: charptr = &options->proxy_command; string = xstrdup(""); @@ -500,7 +534,7 @@ parse_int: value = cipher_number(arg); if (value == -1) fatal("%.200s line %d: Bad cipher '%s'.", - filename, linenum, arg ? arg : "<NONE>"); + filename, linenum, arg ? arg : "<NONE>"); if (*activep && *intptr == -1) *intptr = value; break; @@ -511,7 +545,7 @@ parse_int: fatal("%.200s line %d: Missing argument.", filename, linenum); if (!ciphers_valid(arg)) fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.", - filename, linenum, arg ? arg : "<NONE>"); + filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->ciphers == NULL) options->ciphers = xstrdup(arg); break; @@ -522,7 +556,7 @@ parse_int: fatal("%.200s line %d: Missing argument.", filename, linenum); if (!mac_valid(arg)) fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.", - filename, linenum, arg ? arg : "<NONE>"); + filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->macs == NULL) options->macs = xstrdup(arg); break; @@ -533,7 +567,7 @@ parse_int: fatal("%.200s line %d: Missing argument.", filename, linenum); if (!key_names_valid2(arg)) fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.", - filename, linenum, arg ? arg : "<NONE>"); + filename, linenum, arg ? arg : "<NONE>"); if (*activep && options->hostkeyalgorithms == NULL) options->hostkeyalgorithms = xstrdup(arg); break; @@ -546,7 +580,7 @@ parse_int: value = proto_spec(arg); if (value == SSH_PROTO_UNKNOWN) fatal("%.200s line %d: Bad protocol spec '%s'.", - filename, linenum, arg ? arg : "<NONE>"); + filename, linenum, arg ? arg : "<NONE>"); if (*activep && *intptr == SSH_PROTO_UNKNOWN) *intptr = value; break; @@ -555,49 +589,41 @@ parse_int: intptr = (int *) &options->log_level; arg = strdelim(&s); value = log_level_number(arg); - if (value == (LogLevel) - 1) + if (value == SYSLOG_LEVEL_NOT_SET) fatal("%.200s line %d: unsupported log level '%s'", - filename, linenum, arg ? arg : "<NONE>"); - if (*activep && (LogLevel) * intptr == -1) + filename, linenum, arg ? arg : "<NONE>"); + if (*activep && (LogLevel) *intptr == SYSLOG_LEVEL_NOT_SET) *intptr = (LogLevel) value; break; - case oRemoteForward: - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - fwd_port = a2port(arg); - if (fwd_port == 0) - fatal("%.200s line %d: Badly formatted port number.", - filename, linenum); - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing second argument.", - filename, linenum); - if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2) - fatal("%.200s line %d: Badly formatted host:port.", - filename, linenum); - if (*activep) - add_remote_forward(options, fwd_port, buf, fwd_host_port); - break; - case oLocalForward: + case oRemoteForward: arg = strdelim(&s); if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - fwd_port = a2port(arg); - if (fwd_port == 0) - fatal("%.200s line %d: Badly formatted port number.", - filename, linenum); + fatal("%.200s line %d: Missing port argument.", + filename, linenum); + if ((fwd_port = a2port(arg)) == 0) + fatal("%.200s line %d: Bad listen port.", + filename, linenum); arg = strdelim(&s); if (!arg || *arg == '\0') fatal("%.200s line %d: Missing second argument.", - filename, linenum); - if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2) - fatal("%.200s line %d: Badly formatted host:port.", - filename, linenum); - if (*activep) - add_local_forward(options, fwd_port, buf, fwd_host_port); + filename, linenum); + if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 && + sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2) + fatal("%.200s line %d: Bad forwarding specification.", + filename, linenum); + if ((fwd_host_port = a2port(sfwd_host_port)) == 0) + fatal("%.200s line %d: Bad forwarding port.", + filename, linenum); + if (*activep) { + if (opcode == oLocalForward) + add_local_forward(options, fwd_port, buf, + fwd_host_port); + else if (opcode == oRemoteForward) + add_remote_forward(options, fwd_port, buf, + fwd_host_port); + } break; case oDynamicForward: @@ -609,9 +635,14 @@ parse_int: if (fwd_port == 0) fatal("%.200s line %d: Badly formatted port number.", filename, linenum); - add_local_forward(options, fwd_port, "socks4", 0); + if (*activep) + add_local_forward(options, fwd_port, "socks4", 0); break; + case oClearAllForwardings: + intptr = &options->clear_forwardings; + goto parse_flag; + case oHost: *activep = 0; while ((arg = strdelim(&s)) != NULL && *arg != '\0') @@ -634,10 +665,10 @@ parse_int: else if (strlen(arg) == 1) value = (u_char) arg[0]; else if (strcmp(arg, "none") == 0) - value = -2; + value = SSH_ESCAPECHAR_NONE; else { fatal("%.200s line %d: Bad escape character.", - filename, linenum); + filename, linenum); /* NOTREACHED */ value = 0; /* Avoid compiler warning. */ } @@ -652,7 +683,7 @@ parse_int: /* Check that there is no garbage at end of line. */ if ((arg = strdelim(&s)) != NULL && *arg != '\0') { fatal("%.200s line %d: garbage at end of line; \"%.200s\".", - filename, linenum, arg); + filename, linenum, arg); } return 0; } @@ -661,10 +692,10 @@ parse_int: /* * Reads the config file and modifies the options accordingly. Options * should already be initialized before this call. This never returns if - * there is an error. If the file does not exist, this returns immediately. + * there is an error. If the file does not exist, this returns 0. */ -void +int read_config_file(const char *filename, const char *host, Options *options) { FILE *f; @@ -675,7 +706,7 @@ read_config_file(const char *filename, const char *host, Options *options) /* Open the file. */ f = fopen(filename, "r"); if (!f) - return; + return 0; debug("Reading configuration data %.200s", filename); @@ -694,7 +725,8 @@ read_config_file(const char *filename, const char *host, Options *options) fclose(f); if (bad_options > 0) fatal("%s: terminating, %d bad configuration options", - filename, bad_options); + filename, bad_options); + return 1; } /* @@ -716,12 +748,14 @@ initialize_options(Options * options) options->rhosts_authentication = -1; options->rsa_authentication = -1; options->pubkey_authentication = -1; - options->challenge_reponse_authentication = -1; -#ifdef KRB4 + options->challenge_response_authentication = -1; +#if defined(KRB4) || defined(KRB5) options->kerberos_authentication = -1; #endif -#ifdef AFS +#if defined(AFS) || defined(KRB5) options->kerberos_tgt_passing = -1; +#endif +#ifdef AFS options->afs_token_passing = -1; #endif options->password_authentication = -1; @@ -757,8 +791,12 @@ initialize_options(Options * options) options->user_hostfile2 = NULL; options->num_local_forwards = 0; options->num_remote_forwards = 0; - options->log_level = (LogLevel) - 1; + options->clear_forwardings = -1; + options->log_level = SYSLOG_LEVEL_NOT_SET; options->preferred_authentications = NULL; + options->bind_address = NULL; + options->smartcard_device = NULL; + options->no_host_authentication_for_localhost = - 1; } /* @@ -775,10 +813,8 @@ fill_default_options(Options * options) options->forward_agent = 0; if (options->forward_x11 == -1) options->forward_x11 = 0; -#ifdef XAUTH_PATH if (options->xauth_location == NULL) - options->xauth_location = XAUTH_PATH; -#endif /* XAUTH_PATH */ + options->xauth_location = _PATH_XAUTH; if (options->gateway_ports == -1) options->gateway_ports = 0; if (options->use_privileged_port == -1) @@ -789,18 +825,20 @@ fill_default_options(Options * options) options->rsa_authentication = 1; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; - if (options->challenge_reponse_authentication == -1) - options->challenge_reponse_authentication = 0; -#ifdef KRB4 + if (options->challenge_response_authentication == -1) + options->challenge_response_authentication = 1; +#if defined(KRB4) || defined(KRB5) if (options->kerberos_authentication == -1) options->kerberos_authentication = 1; -#endif /* KRB4 */ -#ifdef AFS +#endif +#if defined(AFS) || defined(KRB5) if (options->kerberos_tgt_passing == -1) options->kerberos_tgt_passing = 1; +#endif +#ifdef AFS if (options->afs_token_passing == -1) options->afs_token_passing = 1; -#endif /* AFS */ +#endif if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) @@ -828,7 +866,7 @@ fill_default_options(Options * options) if (options->port == -1) options->port = 0; /* Filled in ssh_connect. */ if (options->connection_attempts == -1) - options->connection_attempts = 4; + options->connection_attempts = 1; if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; /* Selected in ssh_login(). */ @@ -871,8 +909,12 @@ fill_default_options(Options * options) options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2; if (options->user_hostfile2 == NULL) options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2; - if (options->log_level == (LogLevel) - 1) + if (options->log_level == SYSLOG_LEVEL_NOT_SET) options->log_level = SYSLOG_LEVEL_INFO; + if (options->clear_forwardings == 1) + clear_forwardings(options); + if (options->no_host_authentication_for_localhost == - 1) + options->no_host_authentication_for_localhost = 0; /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index 9e943f905c52..4fa9040c976b 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,3 +1,5 @@ +/* $OpenBSD: readconf.h,v 1.42 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,8 +13,6 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: readconf.h,v 1.30 2001/04/17 10:53:25 markus Exp $"); */ - #ifndef READCONF_H #define READCONF_H @@ -39,14 +39,15 @@ typedef struct { int rsa_authentication; /* Try RSA authentication. */ int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ - int challenge_reponse_authentication; + int challenge_response_authentication; /* Try S/Key or TIS, authentication. */ -#ifdef KRB4 - int kerberos_authentication; /* Try Kerberos - * authentication. */ +#if defined(KRB4) || defined(KRB5) + int kerberos_authentication; /* Try Kerberos authentication. */ +#endif +#if defined(AFS) || defined(KRB5) + int kerberos_tgt_passing; /* Try Kerberos TGT passing. */ #endif #ifdef AFS - int kerberos_tgt_passing; /* Try Kerberos tgt passing. */ int afs_token_passing; /* Try AFS token passing. */ #endif int password_authentication; /* Try password @@ -80,11 +81,13 @@ typedef struct { char *user; /* User to log in as. */ int escape_char; /* Escape character; -2 = none */ - char *system_hostfile;/* Path for /etc/ssh_known_hosts. */ + char *system_hostfile;/* Path for /etc/ssh/ssh_known_hosts. */ char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */ char *system_hostfile2; char *user_hostfile2; char *preferred_authentications; + char *bind_address; /* local socket address for connection to sshd */ + char *smartcard_device; /* Smartcard reader device */ int num_identity_files; /* Number of files for RSA/DSA identities. */ char *identity_files[SSH_MAX_IDENTITY_FILES]; @@ -97,56 +100,19 @@ typedef struct { /* Remote TCP/IP forward requests. */ int num_remote_forwards; Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; + int clear_forwardings; + int no_host_authentication_for_localhost; } Options; -/* - * Initializes options to special values that indicate that they have not yet - * been set. Read_config_file will only set options with this value. Options - * are processed in the following order: command line, user config file, - * system config file. Last, fill_default_options is called. - */ -void initialize_options(Options * options); - -/* - * Called after processing other sources of option data, this fills those - * options for which no value has been specified with their default values. - */ -void fill_default_options(Options * options); +void initialize_options(Options *); +void fill_default_options(Options *); +int read_config_file(const char *, const char *, Options *); -/* - * Processes a single option line as used in the configuration files. This - * only sets those values that have not already been set. Returns 0 for legal - * options - */ int -process_config_line(Options * options, const char *host, - char *line, const char *filename, int linenum, - int *activep); +process_config_line(Options *, const char *, char *, const char *, int, int *); -/* - * Reads the config file and modifies the options accordingly. Options - * should already be initialized before this call. This never returns if - * there is an error. If the file does not exist, this returns immediately. - */ -void -read_config_file(const char *filename, const char *host, - Options * options); - -/* - * Adds a local TCP/IP port forward to options. Never returns if there is an - * error. - */ -void -add_local_forward(Options * options, u_short port, const char *host, - u_short host_port); - -/* - * Adds a remote TCP/IP port forward to options. Never returns if there is - * an error. - */ -void -add_remote_forward(Options * options, u_short port, const char *host, - u_short host_port); +void add_local_forward(Options *, u_short, const char *, u_short); +void add_remote_forward(Options *, u_short, const char *, u_short); #endif /* READCONF_H */ diff --git a/crypto/openssh/readpass.c b/crypto/openssh/readpass.c index b5f59710a9dc..c55dd21c86c1 100644 --- a/crypto/openssh/readpass.c +++ b/crypto/openssh/readpass.c @@ -1,6 +1,5 @@ /* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. + * Copyright (c) 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -10,55 +9,51 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: readpass.c,v 1.15 2001/04/18 21:57:41 markus Exp $"); +RCSID("$OpenBSD: readpass.c,v 1.26 2002/02/13 00:39:15 markus Exp $"); + +#include <readpassphrase.h> #include "xmalloc.h" -#include "cli.h" #include "readpass.h" #include "pathnames.h" #include "log.h" -#include "atomicio.h" #include "ssh.h" -char * -ssh_askpass(char *askpass, char *msg) +static char * +ssh_askpass(char *askpass, const char *msg) { pid_t pid; size_t len; - char *nl, *pass; - int p[2], status; + char *pass; + int p[2], status, ret; char buf[1024]; if (fflush(stdout) != 0) error("ssh_askpass: fflush: %s", strerror(errno)); if (askpass == NULL) fatal("internal error: askpass undefined"); - if (pipe(p) < 0) - fatal("ssh_askpass: pipe: %s", strerror(errno)); - if ((pid = fork()) < 0) - fatal("ssh_askpass: fork: %s", strerror(errno)); + if (pipe(p) < 0) { + error("ssh_askpass: pipe: %s", strerror(errno)); + return xstrdup(""); + } + if ((pid = fork()) < 0) { + error("ssh_askpass: fork: %s", strerror(errno)); + return xstrdup(""); + } if (pid == 0) { seteuid(getuid()); setuid(getuid()); @@ -69,43 +64,48 @@ ssh_askpass(char *askpass, char *msg) fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); } close(p[1]); - len = read(p[0], buf, sizeof buf); + + len = ret = 0; + do { + ret = read(p[0], buf + len, sizeof(buf) - 1 - len); + if (ret == -1 && errno == EINTR) + continue; + if (ret <= 0) + break; + len += ret; + } while (sizeof(buf) - 1 - len > 0); + buf[len] = '\0'; + close(p[0]); while (waitpid(pid, &status, 0) < 0) if (errno != EINTR) break; - if (len <= 1) - return xstrdup(""); - nl = strchr(buf, '\n'); - if (nl) - *nl = '\0'; + + buf[strcspn(buf, "\r\n")] = '\0'; pass = xstrdup(buf); memset(buf, 0, sizeof(buf)); return pass; } - /* - * Reads a passphrase from /dev/tty with echo turned off. Returns the - * passphrase (allocated with xmalloc), being very careful to ensure that - * no other userland buffer is storing the password. - */ -/* - * Note: the funcationallity of this routing has been moved to - * cli_read_passphrase(). This routing remains to maintain - * compatibility with existing code. + * Reads a passphrase from /dev/tty with echo turned off/on. Returns the + * passphrase (allocated with xmalloc). Exits if EOF is encountered. If + * RP_ALLOW_STDIN is set, the passphrase will be read from stdin if no + * tty is available */ char * -read_passphrase(char *prompt, int from_stdin) +read_passphrase(const char *prompt, int flags) { - char *askpass = NULL; - int use_askpass = 0, ttyfd; + char *askpass = NULL, *ret, buf[1024]; + int rppflags, use_askpass = 0, ttyfd; - if (from_stdin) { + rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; + if (flags & RP_ALLOW_STDIN) { if (!isatty(STDIN_FILENO)) use_askpass = 1; } else { - ttyfd = open("/dev/tty", O_RDWR); + rppflags |= RPP_REQUIRE_TTY; + ttyfd = open(_PATH_TTY, O_RDWR); if (ttyfd >= 0) close(ttyfd); else @@ -120,5 +120,10 @@ read_passphrase(char *prompt, int from_stdin) return ssh_askpass(askpass, prompt); } - return cli_read_passphrase(prompt, from_stdin, 0); + if (readpassphrase(prompt, buf, sizeof buf, rppflags) == NULL) + return xstrdup(""); + + ret = xstrdup(buf); + memset(buf, 'x', sizeof buf); + return ret; } diff --git a/crypto/openssh/readpass.h b/crypto/openssh/readpass.h index d8da448a7a7b..229973c68add 100644 --- a/crypto/openssh/readpass.h +++ b/crypto/openssh/readpass.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.h,v 1.2 2001/01/29 01:58:17 niklas Exp $ */ +/* $OpenBSD: readpass.h,v 1.6 2001/06/26 17:27:24 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -12,9 +12,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* - * Reads a passphrase from /dev/tty with echo turned off. Returns the - * passphrase (allocated with xmalloc). Exits if EOF is encountered. If - * from_stdin is true, the passphrase will be read from stdin instead. - */ -char *read_passphrase(char *prompt, int from_stdin); +#define RP_ECHO 0x0001 +#define RP_ALLOW_STDIN 0x0002 + +char *read_passphrase(const char *, int); diff --git a/crypto/openssh/rijndael.c b/crypto/openssh/rijndael.c index 98ecb55c8117..a5d680420fe9 100644 --- a/crypto/openssh/rijndael.c +++ b/crypto/openssh/rijndael.c @@ -1,412 +1,1242 @@ -/* $OpenBSD: rijndael.c,v 1.7 2001/02/04 15:32:24 stevesk Exp $ */ +/* $OpenBSD: rijndael.c,v 1.13 2001/12/19 07:18:56 deraadt Exp $ */ + +/** + * rijndael-alg-fst.c + * + * @version 3.0 (December 2000) + * + * Optimised ANSI C code for the Rijndael cipher (now AES) + * + * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> + * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> + * @author Paulo Barreto <paulo.barreto@terra.com.br> + * + * This code is hereby placed in the public domain. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#include <stdlib.h> +#include <string.h> -/* This is an independent implementation of the encryption algorithm: */ -/* */ -/* RIJNDAEL by Joan Daemen and Vincent Rijmen */ -/* */ -/* which is a candidate algorithm in the Advanced Encryption Standard */ -/* programme of the US National Institute of Standards and Technology. */ -/* */ -/* Copyright in this implementation is held by Dr B R Gladman but I */ -/* hereby give permission for its free direct or derivative use subject */ -/* to acknowledgment of its origin and compliance with any conditions */ -/* that the originators of the algorithm place on its exploitation. */ -/* */ -/* Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999 */ - -/* Timing data for Rijndael (rijndael.c) - -Algorithm: rijndael (rijndael.c) - -128 bit key: -Key Setup: 305/1389 cycles (encrypt/decrypt) -Encrypt: 374 cycles = 68.4 mbits/sec -Decrypt: 352 cycles = 72.7 mbits/sec -Mean: 363 cycles = 70.5 mbits/sec - -192 bit key: -Key Setup: 277/1595 cycles (encrypt/decrypt) -Encrypt: 439 cycles = 58.3 mbits/sec -Decrypt: 425 cycles = 60.2 mbits/sec -Mean: 432 cycles = 59.3 mbits/sec - -256 bit key: -Key Setup: 374/1960 cycles (encrypt/decrypt) -Encrypt: 502 cycles = 51.0 mbits/sec -Decrypt: 498 cycles = 51.4 mbits/sec -Mean: 500 cycles = 51.2 mbits/sec - -*/ - -#include <sys/types.h> #include "rijndael.h" -void gen_tabs __P((void)); - -/* 3. Basic macros for speeding up generic operations */ - -/* Circular rotate of 32 bit values */ - -#define rotr(x,n) (((x) >> ((int)(n))) | ((x) << (32 - (int)(n)))) -#define rotl(x,n) (((x) << ((int)(n))) | ((x) >> (32 - (int)(n)))) - -/* Invert byte order in a 32 bit variable */ - -#define bswap(x) ((rotl(x, 8) & 0x00ff00ff) | (rotr(x, 8) & 0xff00ff00)) - -/* Extract byte from a 32 bit quantity (little endian notation) */ - -#define byte(x,n) ((u1byte)((x) >> (8 * n))) - -#if BYTE_ORDER != LITTLE_ENDIAN -#define BYTE_SWAP -#endif - -#ifdef BYTE_SWAP -#define io_swap(x) bswap(x) -#else -#define io_swap(x) (x) -#endif - -#define LARGE_TABLES - -u1byte pow_tab[256]; -u1byte log_tab[256]; -u1byte sbx_tab[256]; -u1byte isb_tab[256]; -u4byte rco_tab[ 10]; -u4byte ft_tab[4][256]; -u4byte it_tab[4][256]; - -#ifdef LARGE_TABLES - u4byte fl_tab[4][256]; - u4byte il_tab[4][256]; -#endif - -u4byte tab_gen = 0; - -#define ff_mult(a,b) (a && b ? pow_tab[(log_tab[a] + log_tab[b]) % 255] : 0) - -#define f_rn(bo, bi, n, k) \ - bo[n] = ft_tab[0][byte(bi[n],0)] ^ \ - ft_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ - ft_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ - ft_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) - -#define i_rn(bo, bi, n, k) \ - bo[n] = it_tab[0][byte(bi[n],0)] ^ \ - it_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ - it_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ - it_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) - -#ifdef LARGE_TABLES +#define FULL_UNROLL -#define ls_box(x) \ - ( fl_tab[0][byte(x, 0)] ^ \ - fl_tab[1][byte(x, 1)] ^ \ - fl_tab[2][byte(x, 2)] ^ \ - fl_tab[3][byte(x, 3)] ) +/* +Te0[x] = S [x].[02, 01, 01, 03]; +Te1[x] = S [x].[03, 02, 01, 01]; +Te2[x] = S [x].[01, 03, 02, 01]; +Te3[x] = S [x].[01, 01, 03, 02]; +Te4[x] = S [x].[01, 01, 01, 01]; -#define f_rl(bo, bi, n, k) \ - bo[n] = fl_tab[0][byte(bi[n],0)] ^ \ - fl_tab[1][byte(bi[(n + 1) & 3],1)] ^ \ - fl_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ - fl_tab[3][byte(bi[(n + 3) & 3],3)] ^ *(k + n) - -#define i_rl(bo, bi, n, k) \ - bo[n] = il_tab[0][byte(bi[n],0)] ^ \ - il_tab[1][byte(bi[(n + 3) & 3],1)] ^ \ - il_tab[2][byte(bi[(n + 2) & 3],2)] ^ \ - il_tab[3][byte(bi[(n + 1) & 3],3)] ^ *(k + n) - -#else - -#define ls_box(x) \ - ((u4byte)sbx_tab[byte(x, 0)] << 0) ^ \ - ((u4byte)sbx_tab[byte(x, 1)] << 8) ^ \ - ((u4byte)sbx_tab[byte(x, 2)] << 16) ^ \ - ((u4byte)sbx_tab[byte(x, 3)] << 24) - -#define f_rl(bo, bi, n, k) \ - bo[n] = (u4byte)sbx_tab[byte(bi[n],0)] ^ \ - rotl(((u4byte)sbx_tab[byte(bi[(n + 1) & 3],1)]), 8) ^ \ - rotl(((u4byte)sbx_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ - rotl(((u4byte)sbx_tab[byte(bi[(n + 3) & 3],3)]), 24) ^ *(k + n) - -#define i_rl(bo, bi, n, k) \ - bo[n] = (u4byte)isb_tab[byte(bi[n],0)] ^ \ - rotl(((u4byte)isb_tab[byte(bi[(n + 3) & 3],1)]), 8) ^ \ - rotl(((u4byte)isb_tab[byte(bi[(n + 2) & 3],2)]), 16) ^ \ - rotl(((u4byte)isb_tab[byte(bi[(n + 1) & 3],3)]), 24) ^ *(k + n) - -#endif - -void -gen_tabs(void) -{ - u4byte i, t; - u1byte p, q; - - /* log and power tables for GF(2**8) finite field with */ - /* 0x11b as modular polynomial - the simplest prmitive */ - /* root is 0x11, used here to generate the tables */ - - for(i = 0,p = 1; i < 256; ++i) { - pow_tab[i] = (u1byte)p; log_tab[p] = (u1byte)i; - - p = p ^ (p << 1) ^ (p & 0x80 ? 0x01b : 0); - } - - log_tab[1] = 0; p = 1; - - for(i = 0; i < 10; ++i) { - rco_tab[i] = p; +Td0[x] = Si[x].[0e, 09, 0d, 0b]; +Td1[x] = Si[x].[0b, 0e, 09, 0d]; +Td2[x] = Si[x].[0d, 0b, 0e, 09]; +Td3[x] = Si[x].[09, 0d, 0b, 0e]; +Td4[x] = Si[x].[01, 01, 01, 01]; +*/ - p = (p << 1) ^ (p & 0x80 ? 0x1b : 0); +static const u32 Te0[256] = { + 0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU, + 0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U, + 0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU, + 0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU, + 0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U, + 0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU, + 0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU, + 0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU, + 0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU, + 0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU, + 0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U, + 0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU, + 0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU, + 0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U, + 0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU, + 0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU, + 0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU, + 0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU, + 0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU, + 0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U, + 0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU, + 0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU, + 0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU, + 0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU, + 0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U, + 0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U, + 0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U, + 0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U, + 0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU, + 0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U, + 0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U, + 0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU, + 0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU, + 0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U, + 0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U, + 0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U, + 0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU, + 0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U, + 0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU, + 0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U, + 0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU, + 0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U, + 0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U, + 0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU, + 0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U, + 0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U, + 0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U, + 0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U, + 0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U, + 0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U, + 0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U, + 0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U, + 0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU, + 0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U, + 0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U, + 0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U, + 0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U, + 0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U, + 0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U, + 0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU, + 0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U, + 0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U, + 0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U, + 0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU, +}; +static const u32 Te1[256] = { + 0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU, + 0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U, + 0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU, + 0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U, + 0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU, + 0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U, + 0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU, + 0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U, + 0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U, + 0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU, + 0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U, + 0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U, + 0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U, + 0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU, + 0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U, + 0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U, + 0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU, + 0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U, + 0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U, + 0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U, + 0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU, + 0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU, + 0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U, + 0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU, + 0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU, + 0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U, + 0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU, + 0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U, + 0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU, + 0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U, + 0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U, + 0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U, + 0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU, + 0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U, + 0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU, + 0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U, + 0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU, + 0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U, + 0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U, + 0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU, + 0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU, + 0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU, + 0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U, + 0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U, + 0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU, + 0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U, + 0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU, + 0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U, + 0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU, + 0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U, + 0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU, + 0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU, + 0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U, + 0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU, + 0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U, + 0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU, + 0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U, + 0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U, + 0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U, + 0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU, + 0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU, + 0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U, + 0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU, + 0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U, +}; +static const u32 Te2[256] = { + 0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU, + 0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U, + 0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU, + 0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U, + 0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU, + 0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U, + 0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU, + 0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U, + 0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U, + 0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU, + 0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U, + 0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U, + 0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U, + 0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU, + 0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U, + 0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U, + 0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU, + 0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U, + 0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U, + 0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U, + 0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU, + 0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU, + 0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U, + 0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU, + 0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU, + 0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U, + 0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU, + 0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U, + 0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU, + 0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U, + 0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U, + 0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U, + 0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU, + 0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U, + 0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU, + 0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U, + 0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU, + 0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U, + 0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U, + 0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU, + 0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU, + 0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU, + 0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U, + 0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U, + 0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU, + 0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U, + 0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU, + 0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U, + 0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU, + 0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U, + 0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU, + 0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU, + 0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U, + 0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU, + 0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U, + 0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU, + 0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U, + 0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U, + 0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U, + 0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU, + 0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU, + 0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U, + 0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU, + 0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U, +}; +static const u32 Te3[256] = { + + 0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U, + 0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U, + 0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U, + 0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU, + 0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU, + 0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU, + 0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U, + 0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU, + 0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU, + 0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U, + 0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U, + 0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU, + 0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU, + 0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU, + 0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU, + 0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU, + 0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U, + 0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU, + 0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU, + 0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U, + 0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U, + 0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U, + 0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U, + 0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U, + 0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU, + 0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U, + 0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU, + 0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU, + 0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U, + 0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U, + 0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U, + 0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU, + 0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U, + 0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU, + 0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU, + 0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U, + 0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U, + 0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU, + 0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U, + 0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU, + 0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U, + 0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U, + 0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U, + 0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U, + 0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU, + 0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U, + 0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU, + 0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U, + 0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU, + 0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U, + 0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU, + 0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU, + 0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU, + 0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU, + 0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U, + 0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U, + 0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U, + 0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U, + 0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U, + 0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U, + 0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU, + 0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U, + 0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU, + 0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU, +}; +static const u32 Te4[256] = { + 0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU, + 0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U, + 0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU, + 0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U, + 0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU, + 0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U, + 0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU, + 0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U, + 0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U, + 0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU, + 0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U, + 0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U, + 0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U, + 0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU, + 0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U, + 0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U, + 0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU, + 0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U, + 0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U, + 0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U, + 0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU, + 0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU, + 0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U, + 0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU, + 0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU, + 0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U, + 0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU, + 0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U, + 0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU, + 0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U, + 0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U, + 0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U, + 0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU, + 0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U, + 0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU, + 0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U, + 0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU, + 0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U, + 0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U, + 0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU, + 0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU, + 0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU, + 0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U, + 0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U, + 0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU, + 0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U, + 0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU, + 0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U, + 0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU, + 0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U, + 0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU, + 0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU, + 0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U, + 0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU, + 0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U, + 0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU, + 0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U, + 0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U, + 0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U, + 0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU, + 0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU, + 0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U, + 0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU, + 0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U, +}; +static const u32 Td0[256] = { + 0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U, + 0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U, + 0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U, + 0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU, + 0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U, + 0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U, + 0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU, + 0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U, + 0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU, + 0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U, + 0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U, + 0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U, + 0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U, + 0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU, + 0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U, + 0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU, + 0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U, + 0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU, + 0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U, + 0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U, + 0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U, + 0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU, + 0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U, + 0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU, + 0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U, + 0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU, + 0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U, + 0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU, + 0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU, + 0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U, + 0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU, + 0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U, + 0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU, + 0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U, + 0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U, + 0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U, + 0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU, + 0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U, + 0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U, + 0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU, + 0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U, + 0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U, + 0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U, + 0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U, + 0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U, + 0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU, + 0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U, + 0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U, + 0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U, + 0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U, + 0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U, + 0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU, + 0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU, + 0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU, + 0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU, + 0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U, + 0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U, + 0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU, + 0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU, + 0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U, + 0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU, + 0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U, + 0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U, + 0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U, +}; +static const u32 Td1[256] = { + 0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU, + 0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U, + 0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU, + 0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U, + 0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U, + 0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U, + 0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U, + 0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U, + 0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U, + 0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU, + 0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU, + 0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU, + 0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U, + 0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU, + 0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U, + 0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U, + 0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U, + 0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU, + 0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU, + 0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U, + 0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU, + 0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U, + 0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU, + 0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU, + 0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U, + 0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U, + 0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U, + 0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU, + 0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U, + 0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU, + 0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U, + 0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U, + 0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U, + 0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU, + 0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U, + 0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U, + 0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U, + 0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U, + 0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U, + 0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U, + 0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU, + 0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU, + 0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U, + 0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU, + 0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U, + 0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU, + 0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU, + 0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U, + 0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU, + 0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U, + 0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U, + 0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U, + 0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U, + 0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U, + 0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U, + 0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U, + 0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU, + 0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U, + 0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U, + 0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU, + 0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U, + 0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U, + 0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U, + 0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U, +}; +static const u32 Td2[256] = { + 0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U, + 0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U, + 0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U, + 0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U, + 0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU, + 0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U, + 0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U, + 0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U, + 0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U, + 0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU, + 0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U, + 0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U, + 0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU, + 0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U, + 0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U, + 0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U, + 0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U, + 0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U, + 0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U, + 0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU, + + 0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U, + 0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U, + 0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U, + 0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U, + 0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U, + 0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU, + 0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU, + 0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U, + 0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU, + 0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U, + 0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU, + 0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU, + 0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU, + 0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU, + 0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U, + 0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U, + 0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U, + 0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U, + 0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U, + 0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U, + 0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U, + 0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU, + 0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU, + 0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U, + 0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U, + 0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU, + 0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU, + 0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U, + 0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U, + 0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U, + 0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U, + 0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U, + 0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U, + 0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U, + 0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU, + 0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U, + 0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U, + 0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U, + 0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U, + 0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U, + 0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U, + 0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU, + 0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U, + 0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U, +}; +static const u32 Td3[256] = { + 0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU, + 0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU, + 0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U, + 0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U, + 0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU, + 0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU, + 0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U, + 0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU, + 0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U, + 0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU, + 0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U, + 0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U, + 0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U, + 0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U, + 0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U, + 0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU, + 0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU, + 0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U, + 0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U, + 0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU, + 0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU, + 0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U, + 0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U, + 0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U, + 0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U, + 0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU, + 0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U, + 0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U, + 0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU, + 0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU, + 0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U, + 0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U, + 0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U, + 0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU, + 0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U, + 0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U, + 0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U, + 0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U, + 0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U, + 0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U, + 0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U, + 0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU, + 0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U, + 0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U, + 0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU, + 0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU, + 0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U, + 0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU, + 0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U, + 0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U, + 0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U, + 0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U, + 0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U, + 0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U, + 0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU, + 0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU, + 0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU, + 0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU, + 0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U, + 0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U, + 0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U, + 0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU, + 0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U, + 0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U, +}; +static const u32 Td4[256] = { + 0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U, + 0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U, + 0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU, + 0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU, + 0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U, + 0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U, + 0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U, + 0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU, + 0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U, + 0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU, + 0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU, + 0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU, + 0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U, + 0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U, + 0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U, + 0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U, + 0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U, + 0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U, + 0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU, + 0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U, + 0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U, + 0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU, + 0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U, + 0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U, + 0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U, + 0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU, + 0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U, + 0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U, + 0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU, + 0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U, + 0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U, + 0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU, + 0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U, + 0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU, + 0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU, + 0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U, + 0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U, + 0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U, + 0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U, + 0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU, + 0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U, + 0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U, + 0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU, + 0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU, + 0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU, + 0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U, + 0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU, + 0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U, + 0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U, + 0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U, + 0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U, + 0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU, + 0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U, + 0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU, + 0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU, + 0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU, + 0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU, + 0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U, + 0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU, + 0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U, + 0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU, + 0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U, + 0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U, + 0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU, +}; +static const u32 rcon[] = { + 0x01000000, 0x02000000, 0x04000000, 0x08000000, + 0x10000000, 0x20000000, 0x40000000, 0x80000000, + 0x1B000000, 0x36000000, /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */ +}; + +#define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] << 8) ^ ((u32)(pt)[3])) +#define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >> 8); (ct)[3] = (u8)(st); } + +/** + * Expand the cipher key into the encryption key schedule. + * + * @return the number of rounds for the given cipher key size. + */ +static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { + int i = 0; + u32 temp; + + rk[0] = GETU32(cipherKey ); + rk[1] = GETU32(cipherKey + 4); + rk[2] = GETU32(cipherKey + 8); + rk[3] = GETU32(cipherKey + 12); + if (keyBits == 128) { + for (;;) { + temp = rk[3]; + rk[4] = rk[0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[5] = rk[1] ^ rk[4]; + rk[6] = rk[2] ^ rk[5]; + rk[7] = rk[3] ^ rk[6]; + if (++i == 10) { + return 10; + } + rk += 4; + } } - - /* note that the affine byte transformation matrix in */ - /* rijndael specification is in big endian format with */ - /* bit 0 as the most significant bit. In the remainder */ - /* of the specification the bits are numbered from the */ - /* least significant end of a byte. */ - - for(i = 0; i < 256; ++i) { - p = (i ? pow_tab[255 - log_tab[i]] : 0); q = p; - q = (q >> 7) | (q << 1); p ^= q; - q = (q >> 7) | (q << 1); p ^= q; - q = (q >> 7) | (q << 1); p ^= q; - q = (q >> 7) | (q << 1); p ^= q ^ 0x63; - sbx_tab[i] = (u1byte)p; isb_tab[p] = (u1byte)i; + rk[4] = GETU32(cipherKey + 16); + rk[5] = GETU32(cipherKey + 20); + if (keyBits == 192) { + for (;;) { + temp = rk[ 5]; + rk[ 6] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[ 7] = rk[ 1] ^ rk[ 6]; + rk[ 8] = rk[ 2] ^ rk[ 7]; + rk[ 9] = rk[ 3] ^ rk[ 8]; + if (++i == 8) { + return 12; + } + rk[10] = rk[ 4] ^ rk[ 9]; + rk[11] = rk[ 5] ^ rk[10]; + rk += 6; + } } - - for(i = 0; i < 256; ++i) { - p = sbx_tab[i]; - -#ifdef LARGE_TABLES - - t = p; fl_tab[0][i] = t; - fl_tab[1][i] = rotl(t, 8); - fl_tab[2][i] = rotl(t, 16); - fl_tab[3][i] = rotl(t, 24); -#endif - t = ((u4byte)ff_mult(2, p)) | - ((u4byte)p << 8) | - ((u4byte)p << 16) | - ((u4byte)ff_mult(3, p) << 24); - - ft_tab[0][i] = t; - ft_tab[1][i] = rotl(t, 8); - ft_tab[2][i] = rotl(t, 16); - ft_tab[3][i] = rotl(t, 24); - - p = isb_tab[i]; - -#ifdef LARGE_TABLES - - t = p; il_tab[0][i] = t; - il_tab[1][i] = rotl(t, 8); - il_tab[2][i] = rotl(t, 16); - il_tab[3][i] = rotl(t, 24); -#endif - t = ((u4byte)ff_mult(14, p)) | - ((u4byte)ff_mult( 9, p) << 8) | - ((u4byte)ff_mult(13, p) << 16) | - ((u4byte)ff_mult(11, p) << 24); - - it_tab[0][i] = t; - it_tab[1][i] = rotl(t, 8); - it_tab[2][i] = rotl(t, 16); - it_tab[3][i] = rotl(t, 24); + rk[6] = GETU32(cipherKey + 24); + rk[7] = GETU32(cipherKey + 28); + if (keyBits == 256) { + for (;;) { + temp = rk[ 7]; + rk[ 8] = rk[ 0] ^ + (Te4[(temp >> 16) & 0xff] & 0xff000000) ^ + (Te4[(temp >> 8) & 0xff] & 0x00ff0000) ^ + (Te4[(temp ) & 0xff] & 0x0000ff00) ^ + (Te4[(temp >> 24) ] & 0x000000ff) ^ + rcon[i]; + rk[ 9] = rk[ 1] ^ rk[ 8]; + rk[10] = rk[ 2] ^ rk[ 9]; + rk[11] = rk[ 3] ^ rk[10]; + if (++i == 7) { + return 14; + } + temp = rk[11]; + rk[12] = rk[ 4] ^ + (Te4[(temp >> 24) ] & 0xff000000) ^ + (Te4[(temp >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(temp >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(temp ) & 0xff] & 0x000000ff); + rk[13] = rk[ 5] ^ rk[12]; + rk[14] = rk[ 6] ^ rk[13]; + rk[15] = rk[ 7] ^ rk[14]; + rk += 8; + } } - - tab_gen = 1; + return 0; } -#define star_x(x) (((x) & 0x7f7f7f7f) << 1) ^ ((((x) & 0x80808080) >> 7) * 0x1b) - -#define imix_col(y,x) \ - u = star_x(x); \ - v = star_x(u); \ - w = star_x(v); \ - t = w ^ (x); \ - (y) = u ^ v ^ w; \ - (y) ^= rotr(u ^ t, 8) ^ \ - rotr(v ^ t, 16) ^ \ - rotr(t,24) - -/* initialise the key schedule from the user supplied key */ - -#define loop4(i) \ -{ t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \ - t ^= e_key[4 * i]; e_key[4 * i + 4] = t; \ - t ^= e_key[4 * i + 1]; e_key[4 * i + 5] = t; \ - t ^= e_key[4 * i + 2]; e_key[4 * i + 6] = t; \ - t ^= e_key[4 * i + 3]; e_key[4 * i + 7] = t; \ +/** + * Expand the cipher key into the decryption key schedule. + * + * @return the number of rounds for the given cipher key size. + */ +static int +rijndaelKeySetupDec(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits, + int have_encrypt) { + int Nr, i, j; + u32 temp; + + if (have_encrypt) { + Nr = have_encrypt; + } else { + /* expand the cipher key: */ + Nr = rijndaelKeySetupEnc(rk, cipherKey, keyBits); + } + /* invert the order of the round keys: */ + for (i = 0, j = 4*Nr; i < j; i += 4, j -= 4) { + temp = rk[i ]; rk[i ] = rk[j ]; rk[j ] = temp; + temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp; + temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp; + temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp; + } + /* apply the inverse MixColumn transform to all round keys but the first and the last: */ + for (i = 1; i < Nr; i++) { + rk += 4; + rk[0] = + Td0[Te4[(rk[0] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[0] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[0] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[0] ) & 0xff] & 0xff]; + rk[1] = + Td0[Te4[(rk[1] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[1] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[1] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[1] ) & 0xff] & 0xff]; + rk[2] = + Td0[Te4[(rk[2] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[2] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[2] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[2] ) & 0xff] & 0xff]; + rk[3] = + Td0[Te4[(rk[3] >> 24) ] & 0xff] ^ + Td1[Te4[(rk[3] >> 16) & 0xff] & 0xff] ^ + Td2[Te4[(rk[3] >> 8) & 0xff] & 0xff] ^ + Td3[Te4[(rk[3] ) & 0xff] & 0xff]; + } + return Nr; } -#define loop6(i) \ -{ t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \ - t ^= e_key[6 * i]; e_key[6 * i + 6] = t; \ - t ^= e_key[6 * i + 1]; e_key[6 * i + 7] = t; \ - t ^= e_key[6 * i + 2]; e_key[6 * i + 8] = t; \ - t ^= e_key[6 * i + 3]; e_key[6 * i + 9] = t; \ - t ^= e_key[6 * i + 4]; e_key[6 * i + 10] = t; \ - t ^= e_key[6 * i + 5]; e_key[6 * i + 11] = t; \ -} +static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16], u8 ct[16]) { + u32 s0, s1, s2, s3, t0, t1, t2, t3; +#ifndef FULL_UNROLL + int r; +#endif /* ?FULL_UNROLL */ + + /* + * map byte array block to cipher state + * and add initial round key: + */ + s0 = GETU32(pt ) ^ rk[0]; + s1 = GETU32(pt + 4) ^ rk[1]; + s2 = GETU32(pt + 8) ^ rk[2]; + s3 = GETU32(pt + 12) ^ rk[3]; +#ifdef FULL_UNROLL + /* round 1: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; + /* round 2: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; + /* round 3: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; + /* round 4: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; + /* round 5: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; + /* round 6: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; + /* round 7: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; + /* round 8: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; + /* round 9: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; + if (Nr > 10) { + /* round 10: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[41]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[42]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[43]; + /* round 11: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[44]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[45]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[46]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[47]; + if (Nr > 12) { + /* round 12: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[48]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[49]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[50]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[51]; + /* round 13: */ + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[52]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[53]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[54]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[55]; + } + } + rk += Nr << 2; +#else /* !FULL_UNROLL */ + /* + * Nr - 1 full rounds: + */ + r = Nr >> 1; + for (;;) { + t0 = + Te0[(s0 >> 24) ] ^ + Te1[(s1 >> 16) & 0xff] ^ + Te2[(s2 >> 8) & 0xff] ^ + Te3[(s3 ) & 0xff] ^ + rk[4]; + t1 = + Te0[(s1 >> 24) ] ^ + Te1[(s2 >> 16) & 0xff] ^ + Te2[(s3 >> 8) & 0xff] ^ + Te3[(s0 ) & 0xff] ^ + rk[5]; + t2 = + Te0[(s2 >> 24) ] ^ + Te1[(s3 >> 16) & 0xff] ^ + Te2[(s0 >> 8) & 0xff] ^ + Te3[(s1 ) & 0xff] ^ + rk[6]; + t3 = + Te0[(s3 >> 24) ] ^ + Te1[(s0 >> 16) & 0xff] ^ + Te2[(s1 >> 8) & 0xff] ^ + Te3[(s2 ) & 0xff] ^ + rk[7]; + + rk += 8; + if (--r == 0) { + break; + } -#define loop8(i) \ -{ t = ls_box(rotr(t, 8)) ^ rco_tab[i]; \ - t ^= e_key[8 * i]; e_key[8 * i + 8] = t; \ - t ^= e_key[8 * i + 1]; e_key[8 * i + 9] = t; \ - t ^= e_key[8 * i + 2]; e_key[8 * i + 10] = t; \ - t ^= e_key[8 * i + 3]; e_key[8 * i + 11] = t; \ - t = e_key[8 * i + 4] ^ ls_box(t); \ - e_key[8 * i + 12] = t; \ - t ^= e_key[8 * i + 5]; e_key[8 * i + 13] = t; \ - t ^= e_key[8 * i + 6]; e_key[8 * i + 14] = t; \ - t ^= e_key[8 * i + 7]; e_key[8 * i + 15] = t; \ + s0 = + Te0[(t0 >> 24) ] ^ + Te1[(t1 >> 16) & 0xff] ^ + Te2[(t2 >> 8) & 0xff] ^ + Te3[(t3 ) & 0xff] ^ + rk[0]; + s1 = + Te0[(t1 >> 24) ] ^ + Te1[(t2 >> 16) & 0xff] ^ + Te2[(t3 >> 8) & 0xff] ^ + Te3[(t0 ) & 0xff] ^ + rk[1]; + s2 = + Te0[(t2 >> 24) ] ^ + Te1[(t3 >> 16) & 0xff] ^ + Te2[(t0 >> 8) & 0xff] ^ + Te3[(t1 ) & 0xff] ^ + rk[2]; + s3 = + Te0[(t3 >> 24) ] ^ + Te1[(t0 >> 16) & 0xff] ^ + Te2[(t1 >> 8) & 0xff] ^ + Te3[(t2 ) & 0xff] ^ + rk[3]; + } +#endif /* ?FULL_UNROLL */ + /* + * apply last round and + * map cipher state to byte array block: + */ + s0 = + (Te4[(t0 >> 24) ] & 0xff000000) ^ + (Te4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t3 ) & 0xff] & 0x000000ff) ^ + rk[0]; + PUTU32(ct , s0); + s1 = + (Te4[(t1 >> 24) ] & 0xff000000) ^ + (Te4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t0 ) & 0xff] & 0x000000ff) ^ + rk[1]; + PUTU32(ct + 4, s1); + s2 = + (Te4[(t2 >> 24) ] & 0xff000000) ^ + (Te4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t1 ) & 0xff] & 0x000000ff) ^ + rk[2]; + PUTU32(ct + 8, s2); + s3 = + (Te4[(t3 >> 24) ] & 0xff000000) ^ + (Te4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Te4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Te4[(t2 ) & 0xff] & 0x000000ff) ^ + rk[3]; + PUTU32(ct + 12, s3); } -rijndael_ctx * -rijndael_set_key(rijndael_ctx *ctx, const u4byte *in_key, const u4byte key_len, - int encrypt) -{ - u4byte i, t, u, v, w; - u4byte *e_key = ctx->e_key; - u4byte *d_key = ctx->d_key; - - ctx->decrypt = !encrypt; - - if(!tab_gen) - gen_tabs(); - - ctx->k_len = (key_len + 31) / 32; - - e_key[0] = io_swap(in_key[0]); e_key[1] = io_swap(in_key[1]); - e_key[2] = io_swap(in_key[2]); e_key[3] = io_swap(in_key[3]); - - switch(ctx->k_len) { - case 4: t = e_key[3]; - for(i = 0; i < 10; ++i) - loop4(i); - break; - - case 6: e_key[4] = io_swap(in_key[4]); t = e_key[5] = io_swap(in_key[5]); - for(i = 0; i < 8; ++i) - loop6(i); - break; - - case 8: e_key[4] = io_swap(in_key[4]); e_key[5] = io_swap(in_key[5]); - e_key[6] = io_swap(in_key[6]); t = e_key[7] = io_swap(in_key[7]); - for(i = 0; i < 7; ++i) - loop8(i); - break; +static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16], u8 pt[16]) { + u32 s0, s1, s2, s3, t0, t1, t2, t3; +#ifndef FULL_UNROLL + int r; +#endif /* ?FULL_UNROLL */ + + /* + * map byte array block to cipher state + * and add initial round key: + */ + s0 = GETU32(ct ) ^ rk[0]; + s1 = GETU32(ct + 4) ^ rk[1]; + s2 = GETU32(ct + 8) ^ rk[2]; + s3 = GETU32(ct + 12) ^ rk[3]; +#ifdef FULL_UNROLL + /* round 1: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[ 4]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[ 5]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[ 6]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[ 7]; + /* round 2: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[ 8]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[ 9]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[10]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[11]; + /* round 3: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[12]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[13]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[14]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[15]; + /* round 4: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[16]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[17]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[18]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[19]; + /* round 5: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[20]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[21]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[22]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[23]; + /* round 6: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[24]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[25]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[26]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[27]; + /* round 7: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[28]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[29]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[30]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[31]; + /* round 8: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[32]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[33]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[34]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[35]; + /* round 9: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[36]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[37]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[38]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[39]; + if (Nr > 10) { + /* round 10: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[40]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[41]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[42]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[43]; + /* round 11: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[44]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[45]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[46]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[47]; + if (Nr > 12) { + /* round 12: */ + s0 = Td0[t0 >> 24] ^ Td1[(t3 >> 16) & 0xff] ^ Td2[(t2 >> 8) & 0xff] ^ Td3[t1 & 0xff] ^ rk[48]; + s1 = Td0[t1 >> 24] ^ Td1[(t0 >> 16) & 0xff] ^ Td2[(t3 >> 8) & 0xff] ^ Td3[t2 & 0xff] ^ rk[49]; + s2 = Td0[t2 >> 24] ^ Td1[(t1 >> 16) & 0xff] ^ Td2[(t0 >> 8) & 0xff] ^ Td3[t3 & 0xff] ^ rk[50]; + s3 = Td0[t3 >> 24] ^ Td1[(t2 >> 16) & 0xff] ^ Td2[(t1 >> 8) & 0xff] ^ Td3[t0 & 0xff] ^ rk[51]; + /* round 13: */ + t0 = Td0[s0 >> 24] ^ Td1[(s3 >> 16) & 0xff] ^ Td2[(s2 >> 8) & 0xff] ^ Td3[s1 & 0xff] ^ rk[52]; + t1 = Td0[s1 >> 24] ^ Td1[(s0 >> 16) & 0xff] ^ Td2[(s3 >> 8) & 0xff] ^ Td3[s2 & 0xff] ^ rk[53]; + t2 = Td0[s2 >> 24] ^ Td1[(s1 >> 16) & 0xff] ^ Td2[(s0 >> 8) & 0xff] ^ Td3[s3 & 0xff] ^ rk[54]; + t3 = Td0[s3 >> 24] ^ Td1[(s2 >> 16) & 0xff] ^ Td2[(s1 >> 8) & 0xff] ^ Td3[s0 & 0xff] ^ rk[55]; } - - if (!encrypt) { - d_key[0] = e_key[0]; d_key[1] = e_key[1]; - d_key[2] = e_key[2]; d_key[3] = e_key[3]; - - for(i = 4; i < 4 * ctx->k_len + 24; ++i) { - imix_col(d_key[i], e_key[i]); - } + } + rk += Nr << 2; +#else /* !FULL_UNROLL */ + /* + * Nr - 1 full rounds: + */ + r = Nr >> 1; + for (;;) { + t0 = + Td0[(s0 >> 24) ] ^ + Td1[(s3 >> 16) & 0xff] ^ + Td2[(s2 >> 8) & 0xff] ^ + Td3[(s1 ) & 0xff] ^ + rk[4]; + t1 = + Td0[(s1 >> 24) ] ^ + Td1[(s0 >> 16) & 0xff] ^ + Td2[(s3 >> 8) & 0xff] ^ + Td3[(s2 ) & 0xff] ^ + rk[5]; + t2 = + Td0[(s2 >> 24) ] ^ + Td1[(s1 >> 16) & 0xff] ^ + Td2[(s0 >> 8) & 0xff] ^ + Td3[(s3 ) & 0xff] ^ + rk[6]; + t3 = + Td0[(s3 >> 24) ] ^ + Td1[(s2 >> 16) & 0xff] ^ + Td2[(s1 >> 8) & 0xff] ^ + Td3[(s0 ) & 0xff] ^ + rk[7]; + + rk += 8; + if (--r == 0) { + break; } - return ctx; + s0 = + Td0[(t0 >> 24) ] ^ + Td1[(t3 >> 16) & 0xff] ^ + Td2[(t2 >> 8) & 0xff] ^ + Td3[(t1 ) & 0xff] ^ + rk[0]; + s1 = + Td0[(t1 >> 24) ] ^ + Td1[(t0 >> 16) & 0xff] ^ + Td2[(t3 >> 8) & 0xff] ^ + Td3[(t2 ) & 0xff] ^ + rk[1]; + s2 = + Td0[(t2 >> 24) ] ^ + Td1[(t1 >> 16) & 0xff] ^ + Td2[(t0 >> 8) & 0xff] ^ + Td3[(t3 ) & 0xff] ^ + rk[2]; + s3 = + Td0[(t3 >> 24) ] ^ + Td1[(t2 >> 16) & 0xff] ^ + Td2[(t1 >> 8) & 0xff] ^ + Td3[(t0 ) & 0xff] ^ + rk[3]; + } +#endif /* ?FULL_UNROLL */ + /* + * apply last round and + * map cipher state to byte array block: + */ + s0 = + (Td4[(t0 >> 24) ] & 0xff000000) ^ + (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t1 ) & 0xff] & 0x000000ff) ^ + rk[0]; + PUTU32(pt , s0); + s1 = + (Td4[(t1 >> 24) ] & 0xff000000) ^ + (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t2 ) & 0xff] & 0x000000ff) ^ + rk[1]; + PUTU32(pt + 4, s1); + s2 = + (Td4[(t2 >> 24) ] & 0xff000000) ^ + (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t3 ) & 0xff] & 0x000000ff) ^ + rk[2]; + PUTU32(pt + 8, s2); + s3 = + (Td4[(t3 >> 24) ] & 0xff000000) ^ + (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t0 ) & 0xff] & 0x000000ff) ^ + rk[3]; + PUTU32(pt + 12, s3); } -/* encrypt a block of text */ - -#define f_nround(bo, bi, k) \ - f_rn(bo, bi, 0, k); \ - f_rn(bo, bi, 1, k); \ - f_rn(bo, bi, 2, k); \ - f_rn(bo, bi, 3, k); \ - k += 4 - -#define f_lround(bo, bi, k) \ - f_rl(bo, bi, 0, k); \ - f_rl(bo, bi, 1, k); \ - f_rl(bo, bi, 2, k); \ - f_rl(bo, bi, 3, k) - void -rijndael_encrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) +rijndael_set_key(rijndael_ctx *ctx, u_char *key, int bits, int encrypt) { - u4byte k_len = ctx->k_len; - u4byte *e_key = ctx->e_key; - u4byte b0[4], b1[4], *kp; - - b0[0] = io_swap(in_blk[0]) ^ e_key[0]; - b0[1] = io_swap(in_blk[1]) ^ e_key[1]; - b0[2] = io_swap(in_blk[2]) ^ e_key[2]; - b0[3] = io_swap(in_blk[3]) ^ e_key[3]; - - kp = e_key + 4; - - if(k_len > 6) { - f_nround(b1, b0, kp); f_nround(b0, b1, kp); - } - - if(k_len > 4) { - f_nround(b1, b0, kp); f_nround(b0, b1, kp); + ctx->Nr = rijndaelKeySetupEnc(ctx->ek, key, bits); + if (encrypt) { + ctx->decrypt = 0; + memset(ctx->dk, 0, sizeof(ctx->dk)); + } else { + ctx->decrypt = 1; + memcpy(ctx->dk, ctx->ek, sizeof(ctx->ek)); + rijndaelKeySetupDec(ctx->dk, key, bits, ctx->Nr); } - - f_nround(b1, b0, kp); f_nround(b0, b1, kp); - f_nround(b1, b0, kp); f_nround(b0, b1, kp); - f_nround(b1, b0, kp); f_nround(b0, b1, kp); - f_nround(b1, b0, kp); f_nround(b0, b1, kp); - f_nround(b1, b0, kp); f_lround(b0, b1, kp); - - out_blk[0] = io_swap(b0[0]); out_blk[1] = io_swap(b0[1]); - out_blk[2] = io_swap(b0[2]); out_blk[3] = io_swap(b0[3]); } -/* decrypt a block of text */ - -#define i_nround(bo, bi, k) \ - i_rn(bo, bi, 0, k); \ - i_rn(bo, bi, 1, k); \ - i_rn(bo, bi, 2, k); \ - i_rn(bo, bi, 3, k); \ - k -= 4 - -#define i_lround(bo, bi, k) \ - i_rl(bo, bi, 0, k); \ - i_rl(bo, bi, 1, k); \ - i_rl(bo, bi, 2, k); \ - i_rl(bo, bi, 3, k) - void -rijndael_decrypt(rijndael_ctx *ctx, const u4byte *in_blk, u4byte *out_blk) +rijndael_decrypt(rijndael_ctx *ctx, u_char *src, u_char *dst) { - u4byte b0[4], b1[4], *kp; - u4byte k_len = ctx->k_len; - u4byte *e_key = ctx->e_key; - u4byte *d_key = ctx->d_key; - - b0[0] = io_swap(in_blk[0]) ^ e_key[4 * k_len + 24]; - b0[1] = io_swap(in_blk[1]) ^ e_key[4 * k_len + 25]; - b0[2] = io_swap(in_blk[2]) ^ e_key[4 * k_len + 26]; - b0[3] = io_swap(in_blk[3]) ^ e_key[4 * k_len + 27]; - - kp = d_key + 4 * (k_len + 5); - - if(k_len > 6) { - i_nround(b1, b0, kp); i_nround(b0, b1, kp); - } - - if(k_len > 4) { - i_nround(b1, b0, kp); i_nround(b0, b1, kp); - } - - i_nround(b1, b0, kp); i_nround(b0, b1, kp); - i_nround(b1, b0, kp); i_nround(b0, b1, kp); - i_nround(b1, b0, kp); i_nround(b0, b1, kp); - i_nround(b1, b0, kp); i_nround(b0, b1, kp); - i_nround(b1, b0, kp); i_lround(b0, b1, kp); + rijndaelDecrypt(ctx->dk, ctx->Nr, src, dst); +} - out_blk[0] = io_swap(b0[0]); out_blk[1] = io_swap(b0[1]); - out_blk[2] = io_swap(b0[2]); out_blk[3] = io_swap(b0[3]); +void +rijndael_encrypt(rijndael_ctx *ctx, u_char *src, u_char *dst) +{ + rijndaelEncrypt(ctx->ek, ctx->Nr, src, dst); } diff --git a/crypto/openssh/rijndael.h b/crypto/openssh/rijndael.h index 66e0bbe73865..c614bb18877f 100644 --- a/crypto/openssh/rijndael.h +++ b/crypto/openssh/rijndael.h @@ -1,47 +1,51 @@ -/* $OpenBSD: rijndael.h,v 1.7 2001/03/01 03:38:33 deraadt Exp $ */ - -/* This is an independent implementation of the encryption algorithm: */ -/* */ -/* RIJNDAEL by Joan Daemen and Vincent Rijmen */ -/* */ -/* which is a candidate algorithm in the Advanced Encryption Standard */ -/* programme of the US National Institute of Standards and Technology. */ -/* */ -/* Copyright in this implementation is held by Dr B R Gladman but I */ -/* hereby give permission for its free direct or derivative use subject */ -/* to acknowledgment of its origin and compliance with any conditions */ -/* that the originators of the algorithm place on its exploitation. */ -/* */ -/* Dr Brian Gladman (gladman@seven77.demon.co.uk) 14th January 1999 */ - -#ifndef _RIJNDAEL_H_ -#define _RIJNDAEL_H_ - -/* 1. Standard types for AES cryptography source code */ - -typedef u_int8_t u1byte; /* an 8 bit unsigned character type */ -typedef u_int16_t u2byte; /* a 16 bit unsigned integer type */ -typedef u_int32_t u4byte; /* a 32 bit unsigned integer type */ - -typedef int8_t s1byte; /* an 8 bit signed character type */ -typedef int16_t s2byte; /* a 16 bit signed integer type */ -typedef int32_t s4byte; /* a 32 bit signed integer type */ - -typedef struct _rijndael_ctx { - u4byte k_len; - int decrypt; - u4byte e_key[64]; - u4byte d_key[64]; +/* $OpenBSD: rijndael.h,v 1.12 2001/12/19 07:18:56 deraadt Exp $ */ + +/** + * rijndael-alg-fst.h + * + * @version 3.0 (December 2000) + * + * Optimised ANSI C code for the Rijndael cipher (now AES) + * + * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> + * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> + * @author Paulo Barreto <paulo.barreto@terra.com.br> + * + * This code is hereby placed in the public domain. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, + * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef __RIJNDAEL_H +#define __RIJNDAEL_H + +#define MAXKC (256/32) +#define MAXKB (256/8) +#define MAXNR 14 + +typedef unsigned char u8; +typedef unsigned short u16; +typedef unsigned int u32; + +/* The structure for key information */ +typedef struct { + int decrypt; + int Nr; /* key-length-dependent number of rounds */ + u32 ek[4*(MAXNR + 1)]; /* encrypt key schedule */ + u32 dk[4*(MAXNR + 1)]; /* decrypt key schedule */ } rijndael_ctx; +void rijndael_set_key(rijndael_ctx *, u_char *, int, int); +void rijndael_decrypt(rijndael_ctx *, u_char *, u_char *); +void rijndael_encrypt(rijndael_ctx *, u_char *, u_char *); -/* 2. Standard interface for AES cryptographic routines */ - -/* These are all based on 32 bit unsigned values and will therefore */ -/* require endian conversions for big-endian architectures */ - -rijndael_ctx *rijndael_set_key __P((rijndael_ctx *, const u4byte *, u4byte, int)); -void rijndael_encrypt __P((rijndael_ctx *, const u4byte *, u4byte *)); -void rijndael_decrypt __P((rijndael_ctx *, const u4byte *, u4byte *)); - -#endif /* _RIJNDAEL_H_ */ +#endif /* __RIJNDAEL_H */ diff --git a/crypto/openssh/rsa.c b/crypto/openssh/rsa.c index f69f99606bbf..66561a4213b5 100644 --- a/crypto/openssh/rsa.c +++ b/crypto/openssh/rsa.c @@ -60,7 +60,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: rsa.c,v 1.22 2001/03/26 23:23:23 markus Exp $"); +RCSID("$OpenBSD: rsa.c,v 1.24 2001/12/27 18:22:16 markus Exp $"); #include "rsa.h" #include "log.h" @@ -120,14 +120,17 @@ rsa_private_decrypt(BIGNUM *out, BIGNUM *in, RSA *key) return len; } +/* calculate p-1 and q-1 */ void -generate_additional_parameters(RSA *rsa) +rsa_generate_additional_parameters(RSA *rsa) { BIGNUM *aux; BN_CTX *ctx; - /* Generate additional parameters */ - aux = BN_new(); - ctx = BN_CTX_new(); + + if ((aux = BN_new()) == NULL) + fatal("rsa_generate_additional_parameters: BN_new failed"); + if ((ctx = BN_CTX_new()) == NULL) + fatal("rsa_generate_additional_parameters: BN_CTX_new failed"); BN_sub(aux, rsa->q, BN_value_one()); BN_mod(rsa->dmq1, rsa->d, aux, ctx); diff --git a/crypto/openssh/rsa.h b/crypto/openssh/rsa.h index d3d2c996427c..957d865522d2 100644 --- a/crypto/openssh/rsa.h +++ b/crypto/openssh/rsa.h @@ -1,3 +1,5 @@ +/* $OpenBSD: rsa.h,v 1.15 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,17 +13,14 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: rsa.h,v 1.11 2001/03/26 23:23:24 markus Exp $"); */ - #ifndef RSA_H #define RSA_H #include <openssl/bn.h> #include <openssl/rsa.h> -void rsa_public_encrypt __P((BIGNUM * out, BIGNUM * in, RSA * prv)); -int rsa_private_decrypt __P((BIGNUM * out, BIGNUM * in, RSA * prv)); - -void generate_additional_parameters __P((RSA *rsa)); +void rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *); +int rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *); +void rsa_generate_additional_parameters(RSA *); #endif /* RSA_H */ diff --git a/crypto/openssh/scard.c b/crypto/openssh/scard.c new file mode 100644 index 000000000000..e1b1fb6c1ff7 --- /dev/null +++ b/crypto/openssh/scard.c @@ -0,0 +1,372 @@ +/* + * Copyright (c) 2001 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifdef SMARTCARD +#include "includes.h" +RCSID("$OpenBSD: scard.c,v 1.17 2001/12/27 18:22:16 markus Exp $"); + +#include <openssl/engine.h> +#include <sectok.h> + +#include "key.h" +#include "log.h" +#include "xmalloc.h" +#include "scard.h" + +#define CLA_SSH 0x05 +#define INS_DECRYPT 0x10 +#define INS_GET_KEYLENGTH 0x20 +#define INS_GET_PUBKEY 0x30 +#define INS_GET_RESPONSE 0xc0 + +#define MAX_BUF_SIZE 256 + +static int sc_fd = -1; +static char *sc_reader_id = NULL; +static int cla = 0x00; /* class */ + +/* interface to libsectok */ + +static int +sc_open(void) +{ + int sw; + + if (sc_fd >= 0) + return sc_fd; + + sc_fd = sectok_friendly_open(sc_reader_id, STONOWAIT, &sw); + if (sc_fd < 0) { + error("sectok_open failed: %s", sectok_get_sw(sw)); + return SCARD_ERROR_FAIL; + } + if (! sectok_cardpresent(sc_fd)) { + debug("smartcard in reader %s not present, skipping", + sc_reader_id); + sc_close(); + return SCARD_ERROR_NOCARD; + } + if (sectok_reset(sc_fd, 0, NULL, &sw) <= 0) { + error("sectok_reset failed: %s", sectok_get_sw(sw)); + sc_fd = -1; + return SCARD_ERROR_FAIL; + } + if ((cla = cyberflex_inq_class(sc_fd)) < 0) + cla = 0; + + debug("sc_open ok %d", sc_fd); + return sc_fd; +} + +static int +sc_enable_applet(void) +{ + static u_char aid[] = {0xfc, 0x53, 0x73, 0x68, 0x2e, 0x62, 0x69, 0x6e}; + int sw = 0; + + /* select applet id */ + sectok_apdu(sc_fd, cla, 0xa4, 0x04, 0, sizeof aid, aid, 0, NULL, &sw); + if (!sectok_swOK(sw)) { + error("sectok_apdu failed: %s", sectok_get_sw(sw)); + sc_close(); + return -1; + } + return 0; +} + +static int +sc_init(void) +{ + int status; + + status = sc_open(); + if (status == SCARD_ERROR_NOCARD) { + return SCARD_ERROR_NOCARD; + } + if (status < 0 ) { + error("sc_open failed"); + return status; + } + if (sc_enable_applet() < 0) { + error("sc_enable_applet failed"); + return SCARD_ERROR_APPLET; + } + return 0; +} + +static int +sc_read_pubkey(Key * k) +{ + u_char buf[2], *n; + char *p; + int len, sw, status = -1; + + len = sw = 0; + n = NULL; + + if (sc_fd < 0) { + status = sc_init(); + if (status < 0 ) + goto err; + } + + /* get key size */ + sectok_apdu(sc_fd, CLA_SSH, INS_GET_KEYLENGTH, 0, 0, 0, NULL, + sizeof(buf), buf, &sw); + if (!sectok_swOK(sw)) { + error("could not obtain key length: %s", sectok_get_sw(sw)); + goto err; + } + len = (buf[0] << 8) | buf[1]; + len /= 8; + debug("INS_GET_KEYLENGTH: len %d sw %s", len, sectok_get_sw(sw)); + + n = xmalloc(len); + /* get n */ + sectok_apdu(sc_fd, CLA_SSH, INS_GET_PUBKEY, 0, 0, 0, NULL, len, n, &sw); + if (!sectok_swOK(sw)) { + error("could not obtain public key: %s", sectok_get_sw(sw)); + goto err; + } + + debug("INS_GET_KEYLENGTH: sw %s", sectok_get_sw(sw)); + + if (BN_bin2bn(n, len, k->rsa->n) == NULL) { + error("c_read_pubkey: BN_bin2bn failed"); + goto err; + } + + /* currently the java applet just stores 'n' */ + if (!BN_set_word(k->rsa->e, 35)) { + error("c_read_pubkey: BN_set_word(e, 35) failed"); + goto err; + } + + status = 0; + p = key_fingerprint(k, SSH_FP_MD5, SSH_FP_HEX); + debug("fingerprint %d %s", key_size(k), p); + xfree(p); + +err: + if (n != NULL) + xfree(n); + sc_close(); + return status; +} + +/* private key operations */ + +static int +sc_private_decrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) +{ + u_char *padded = NULL; + int sw, len, olen, status = -1; + + debug("sc_private_decrypt called"); + + olen = len = sw = 0; + if (sc_fd < 0) { + status = sc_init(); + if (status < 0 ) + goto err; + } + if (padding != RSA_PKCS1_PADDING) + goto err; + + len = BN_num_bytes(rsa->n); + padded = xmalloc(len); + + sectok_apdu(sc_fd, CLA_SSH, INS_DECRYPT, 0, 0, len, from, 0, NULL, &sw); + if (!sectok_swOK(sw)) { + error("sc_private_decrypt: INS_DECRYPT failed: %s", + sectok_get_sw(sw)); + goto err; + } + sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, + len, padded, &sw); + if (!sectok_swOK(sw)) { + error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", + sectok_get_sw(sw)); + goto err; + } + olen = RSA_padding_check_PKCS1_type_2(to, len, padded + 1, len - 1, + len); +err: + if (padded) + xfree(padded); + sc_close(); + return (olen >= 0 ? olen : status); +} + +static int +sc_private_encrypt(int flen, u_char *from, u_char *to, RSA *rsa, int padding) +{ + u_char *padded = NULL; + int sw, len, status = -1; + + len = sw = 0; + if (sc_fd < 0) { + status = sc_init(); + if (status < 0 ) + goto err; + } + if (padding != RSA_PKCS1_PADDING) + goto err; + + debug("sc_private_encrypt called"); + len = BN_num_bytes(rsa->n); + padded = xmalloc(len); + + if (RSA_padding_add_PKCS1_type_1(padded, len, from, flen) <= 0) { + error("RSA_padding_add_PKCS1_type_1 failed"); + goto err; + } + sectok_apdu(sc_fd, CLA_SSH, INS_DECRYPT, 0, 0, len, padded, 0, NULL, &sw); + if (!sectok_swOK(sw)) { + error("sc_private_decrypt: INS_DECRYPT failed: %s", + sectok_get_sw(sw)); + goto err; + } + sectok_apdu(sc_fd, CLA_SSH, INS_GET_RESPONSE, 0, 0, 0, NULL, + len, to, &sw); + if (!sectok_swOK(sw)) { + error("sc_private_decrypt: INS_GET_RESPONSE failed: %s", + sectok_get_sw(sw)); + goto err; + } +err: + if (padded) + xfree(padded); + sc_close(); + return (len >= 0 ? len : status); +} + +/* called on free */ + +static int (*orig_finish)(RSA *rsa) = NULL; + +static int +sc_finish(RSA *rsa) +{ + if (orig_finish) + orig_finish(rsa); + sc_close(); + return 1; +} + + +/* engine for overloading private key operations */ + +static ENGINE *smart_engine = NULL; +static RSA_METHOD smart_rsa = +{ + "sectok", + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + 0, + NULL, +}; + +ENGINE * +sc_get_engine(void) +{ + RSA_METHOD *def; + + def = RSA_get_default_openssl_method(); + + /* overload */ + smart_rsa.rsa_priv_enc = sc_private_encrypt; + smart_rsa.rsa_priv_dec = sc_private_decrypt; + + /* save original */ + orig_finish = def->finish; + smart_rsa.finish = sc_finish; + + /* just use the OpenSSL version */ + smart_rsa.rsa_pub_enc = def->rsa_pub_enc; + smart_rsa.rsa_pub_dec = def->rsa_pub_dec; + smart_rsa.rsa_mod_exp = def->rsa_mod_exp; + smart_rsa.bn_mod_exp = def->bn_mod_exp; + smart_rsa.init = def->init; + smart_rsa.flags = def->flags; + smart_rsa.app_data = def->app_data; + smart_rsa.rsa_sign = def->rsa_sign; + smart_rsa.rsa_verify = def->rsa_verify; + + if ((smart_engine = ENGINE_new()) == NULL) + fatal("ENGINE_new failed"); + + ENGINE_set_id(smart_engine, "sectok"); + ENGINE_set_name(smart_engine, "libsectok"); + ENGINE_set_RSA(smart_engine, &smart_rsa); + ENGINE_set_DSA(smart_engine, DSA_get_default_openssl_method()); + ENGINE_set_DH(smart_engine, DH_get_default_openssl_method()); + ENGINE_set_RAND(smart_engine, RAND_SSLeay()); + ENGINE_set_BN_mod_exp(smart_engine, BN_mod_exp); + + return smart_engine; +} + +void +sc_close(void) +{ + if (sc_fd >= 0) { + sectok_close(sc_fd); + sc_fd = -1; + } +} + +Key * +sc_get_key(const char *id) +{ + Key *k; + int status; + + if (sc_reader_id != NULL) + xfree(sc_reader_id); + sc_reader_id = xstrdup(id); + + k = key_new(KEY_RSA); + if (k == NULL) { + return NULL; + } + status = sc_read_pubkey(k); + if (status == SCARD_ERROR_NOCARD) { + key_free(k); + return NULL; + } + if (status < 0 ) { + error("sc_read_pubkey failed"); + key_free(k); + return NULL; + } + return k; +} +#endif /* SMARTCARD */ diff --git a/crypto/openssh/scard.h b/crypto/openssh/scard.h new file mode 100644 index 000000000000..6ca99169b55b --- /dev/null +++ b/crypto/openssh/scard.h @@ -0,0 +1,40 @@ +/* $OpenBSD: scard.h,v 1.7 2002/03/04 17:27:39 stevesk Exp $ */ + +/* + * Copyright (c) 2001 Markus Friedl. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <openssl/engine.h> + +#ifndef SCARD_H +#define SCARD_H + +#define SCARD_ERROR_FAIL -1 +#define SCARD_ERROR_NOCARD -2 +#define SCARD_ERROR_APPLET -3 + +Key *sc_get_key(const char*); +ENGINE *sc_get_engine(void); +void sc_close(void); + +#endif diff --git a/crypto/openssh/scard/Makefile b/crypto/openssh/scard/Makefile new file mode 100644 index 000000000000..1cf7bbd2ca1e --- /dev/null +++ b/crypto/openssh/scard/Makefile @@ -0,0 +1,20 @@ +# $OpenBSD: Makefile,v 1.2 2001/06/29 07:02:09 markus Exp $ + +.PATH: ${.CURDIR}/.. + +CARDLET= Ssh.bin +DATADIR= /usr/libdata/ssh + +all: ${CARDLET} + +clean: + rm -f ${CARDLET} + +install: ${CARDLET} + install -c -m ${LIBMODE} -o ${LIBOWN} -g ${LIBGRP} \ + ${CARDLET} ${DESTDIR}${DATADIR} + +Ssh.bin: ${.CURDIR}/Ssh.bin.uu + uudecode ${.CURDIR}/$@.uu + +.include <bsd.prog.mk> diff --git a/crypto/openssh/scard/Ssh.bin.uu b/crypto/openssh/scard/Ssh.bin.uu new file mode 100644 index 000000000000..1062e21d68cc --- /dev/null +++ b/crypto/openssh/scard/Ssh.bin.uu @@ -0,0 +1,16 @@ +begin 644 Ssh.bin +M`P)!%P`501P`;``!`C@"`/Y@\`4`_J'P!0!!%T$;`?Z@\`4`01=!&@'^>/,! +M`4$701P!_G#S%P'^0],1`?Y@\!0`_G/S'0#^<]4``D$7L`4`_F'3``!!%T$9 +M`?YATP4`_G/5"P7^8=,'`OZAT`$!_J#0$@1!%T$8`0```$$7!`$&`/Y@`;@` +M`$$8\`H(`$$9\`H``$$:\@\``$$;\B$``$$<\A```/`&__(```0(`!8```9C +M""T#"<(H+00$*"T%""A;`&19``#P$/_R`P(&`0#(```38`!!70!&$UP`1@09 +M":1+``D*D`!@`"@37`!&!!E6`````*(````$____P````*$````0````*@`` +M`"````"-````,````&H37`!&`QD(2@`)"FX`8``H$UP`1@<9"@#_/2!@`$L1 +M2@`)"F<`8``H$UP`'A-<`$8($1-<`$8(7@!0"!%@`%59"C\`8`!:*PIS:&`` +M6BL37`!&`P,*`(!@`%\K`PH`@&``55D37`!&`P<H$UP`1@0#*`,%8`!565D* +M;0!@`"A9`/`"__(!`0$)``@```J0`&``*%D`\!/_\@$!`@D`#```8D$7+5\` +M/"M9````\!+_]@$!`P$`&```$UP`'EX`,D4`#Q-<`!X*`,@)$%X`-P17L`7_ +M\@$!!`(`/```$U\``!-B_J$M7P`%70`*$V+^H"U?``]=`!038OYX+0H$`%\` +<&5T`'@H$`&``(T4`"0IG`&``*!->`"U9```````` +` +end diff --git a/crypto/openssh/scard/Ssh.java b/crypto/openssh/scard/Ssh.java new file mode 100644 index 000000000000..3692b9bbb4fa --- /dev/null +++ b/crypto/openssh/scard/Ssh.java @@ -0,0 +1,143 @@ +// $Id: Ssh.java,v 1.2 2001/07/30 20:08:14 rees Exp $ +// +// Ssh.java +// SSH / smartcard integration project, smartcard side +// +// Tomoko Fukuzawa, created, Feb., 2000 +// +// Naomaru Itoi, modified, Apr., 2000 +// + +// copyright 2000 +// the regents of the university of michigan +// all rights reserved +// +// permission is granted to use, copy, create derivative works +// and redistribute this software and such derivative works +// for any purpose, so long as the name of the university of +// michigan is not used in any advertising or publicity +// pertaining to the use or distribution of this software +// without specific, written prior authorization. if the +// above copyright notice or any other identification of the +// university of michigan is included in any copy of any +// portion of this software, then the disclaimer below must +// also be included. +// +// this software is provided as is, without representation +// from the university of michigan as to its fitness for any +// purpose, and without warranty by the university of +// michigan of any kind, either express or implied, including +// without limitation the implied warranties of +// merchantability and fitness for a particular purpose. the +// regents of the university of michigan shall not be liable +// for any damages, including special, indirect, incidental, or +// consequential damages, with respect to any claim arising +// out of or in connection with the use of the software, even +// if it has been or is hereafter advised of the possibility of +// such damages. + +import javacard.framework.*; +import javacardx.framework.*; +import javacardx.crypto.*; + +public class Ssh extends javacard.framework.Applet +{ + /* constants declaration */ + // code of CLA byte in the command APDU header + static final byte Ssh_CLA =(byte)0x05; + + // codes of INS byte in the command APDU header + static final byte DECRYPT = (byte) 0x10; + static final byte GET_KEYLENGTH = (byte) 0x20; + static final byte GET_PUBKEY = (byte) 0x30; + static final byte GET_RESPONSE = (byte) 0xc0; + + /* instance variables declaration */ + static final short keysize = 1024; + + //RSA_CRT_PrivateKey rsakey; + AsymKey rsakey; + CyberflexFile file; + CyberflexOS os; + + byte buffer[]; + + static byte[] keyHdr = {(byte)0xC2, (byte)0x01, (byte)0x05}; + + private Ssh() + { + file = new CyberflexFile(); + os = new CyberflexOS(); + + rsakey = new RSA_CRT_PrivateKey (keysize); + + if ( ! rsakey.isSupportedLength (keysize) ) + ISOException.throwIt (ISO.SW_WRONG_LENGTH); + + register(); + } // end of the constructor + + public boolean select() { + if (!rsakey.isInitialized()) + rsakey.setKeyInstance ((short)0xc8, (short)0x10); + + return true; + } + + public static void install(APDU apdu) + { + new Ssh(); // create a Ssh applet instance (card) + } // end of install method + + public static void main(String args[]) { + ISOException.throwIt((short) 0x9000); + } + + public void process(APDU apdu) + { + // APDU object carries a byte array (buffer) to + // transfer incoming and outgoing APDU header + // and data bytes between card and CAD + buffer = apdu.getBuffer(); + + // verify that if the applet can accept this + // APDU message + // NI: change suggested by Wayne Dyksen, Purdue + if (buffer[ISO.OFFSET_INS] == ISO.INS_SELECT) + ISOException.throwIt(ISO.SW_NO_ERROR); + + switch (buffer[ISO.OFFSET_INS]) { + case DECRYPT: + if (buffer[ISO.OFFSET_CLA] != Ssh_CLA) + ISOException.throwIt(ISO.SW_CLA_NOT_SUPPORTED); + //decrypt (apdu); + short size = (short) (buffer[ISO.OFFSET_LC] & 0x00FF); + + if (apdu.setIncomingAndReceive() != size) + ISOException.throwIt (ISO.SW_WRONG_LENGTH); + + rsakey.cryptoUpdate (buffer, (short) ISO.OFFSET_CDATA, size, + buffer, (short) ISO.OFFSET_CDATA); + + apdu.setOutgoingAndSend ((short) ISO.OFFSET_CDATA, size); + return; + case GET_PUBKEY: + file.selectFile((short)(0x3f<<8)); // select root + file.selectFile((short)(('s'<<8)|'h')); // select public key file + os.readBinaryFile (buffer, (short)0, (short)0, (short)(keysize/8)); + apdu.setOutgoingAndSend((short)0, (short)(keysize/8)); + return; + case GET_KEYLENGTH: + buffer[0] = (byte)((keysize >> 8) & 0xff); + buffer[1] = (byte)(keysize & 0xff); + apdu.setOutgoingAndSend ((short)0, (short)2); + return; + case GET_RESPONSE: + return; + default: + ISOException.throwIt (ISO.SW_INS_NOT_SUPPORTED); + } + + } // end of process method + +} // end of class Ssh diff --git a/crypto/openssh/scp.1 b/crypto/openssh/scp.1 index 10e67aa33d1c..69125c1ff813 100644 --- a/crypto/openssh/scp.1 +++ b/crypto/openssh/scp.1 @@ -9,7 +9,7 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.14 2001/02/04 11:11:53 djm Exp $ +.\" $OpenBSD: scp.1,v 1.21 2002/01/29 23:50:37 markus Exp $ .\" .Dd September 25, 1999 .Dt SCP 1 @@ -19,12 +19,13 @@ .Nd secure copy (remote file copy program) .Sh SYNOPSIS .Nm scp -.Op Fl pqrvC46 +.Op Fl pqrvBC46 +.Op Fl F Ar ssh_config .Op Fl S Ar program .Op Fl P Ar port .Op Fl c Ar cipher .Op Fl i Ar identity_file -.Op Fl o Ar option +.Op Fl o Ar ssh_option .Sm off .Oo .Op Ar user@ @@ -92,6 +93,12 @@ Passes the flag to .Xr ssh 1 to enable compression. +.It Fl F Ar ssh_config +Specifies an alternative +per-user configuration file for +.Nm ssh . +This option is directly passed to +.Xr ssh 1 . .It Fl P Ar port Specifies the port to connect to on the remote host. Note that this option is written with a capital @@ -107,9 +114,17 @@ to use for the encrypted connection. The program must understand .Xr ssh 1 options. -.It Fl o Ar option -The given option is directly passed to -.Xr ssh 1 . +.It Fl o Ar ssh_option +Can be used to pass options to +.Nm ssh +in the format used in the +.Xr ssh 1 +configuration file. This is useful for specifying options +for which there is no separate +.Nm scp +command-line flag. For example, forcing the use of protocol +version 1 is specified using +.Ic scp -oProtocol=1 . .It Fl 4 Forces .Nm @@ -119,6 +134,9 @@ Forces .Nm to use IPv6 addresses only. .El +.Sh DIAGNOSTICS +.Nm +exits with 0 on success or >0 if an error occurred. .Sh AUTHORS Timo Rinne <tri@iki.fi> and Tatu Ylonen <ylo@cs.hut.fi> .Sh HISTORY diff --git a/crypto/openssh/scp.c b/crypto/openssh/scp.c index 81d3b55b9622..159e4bb7a604 100644 --- a/crypto/openssh/scp.c +++ b/crypto/openssh/scp.c @@ -75,16 +75,18 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.68 2001/04/22 12:34:05 markus Exp $"); +RCSID("$OpenBSD: scp.c,v 1.86 2001/12/05 03:56:39 itojun Exp $"); #include "xmalloc.h" #include "atomicio.h" #include "pathnames.h" #include "log.h" -#include "scp-common.h" +#include "misc.h" /* For progressmeter() -- number of seconds before xfer considered "stalled" */ #define STALLTIME 5 +/* alarm() interval for updating progress meter */ +#define PROGRESSTIME 1 /* Visual statistics about files as they are transferred. */ void progressmeter(int); @@ -93,8 +95,8 @@ void progressmeter(int); int getttywidth(void); int do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc); -/* setup arguments for the call to ssh */ -void addargs(char *fmt, ...) __attribute__((format(printf, 1, 2))); +/* Struct for addargs */ +arglist args; /* Time a transfer started. */ static struct timeval start; @@ -117,13 +119,6 @@ int showprogress = 1; /* This is the program to execute for the secured connection. ("ssh" or -S) */ char *ssh_program = _PATH_SSH_PROGRAM; -/* This is the list of arguments that scp passes to ssh */ -struct { - char **list; - int num; - int nalloc; -} args; - /* * This function executes the given command as the specified user on the * given host. This returns < 0 if execution fails, and >= 0 otherwise. This @@ -136,8 +131,10 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc) int pin[2], pout[2], reserved[2]; if (verbose_mode) - fprintf(stderr, "Executing: program %s host %s, user %s, command %s\n", - ssh_program, host, remuser ? remuser : "(unspecified)", cmd); + fprintf(stderr, + "Executing: program %s host %s, user %s, command %s\n", + ssh_program, host, + remuser ? remuser : "(unspecified)", cmd); /* * Reserve two descriptors so that the real pipes won't get @@ -167,9 +164,9 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout, int argc) args.list[0] = ssh_program; if (remuser != NULL) - addargs("-l%s", remuser); - addargs("%s", host); - addargs("%s", cmd); + addargs(&args, "-l%s", remuser); + addargs(&args, "%s", host); + addargs(&args, "%s", cmd); execvp(ssh_program, args.list); perror(ssh_program); @@ -222,29 +219,32 @@ main(argc, argv) extern int optind; args.list = NULL; - addargs("ssh"); /* overwritten with ssh_program */ - addargs("-x"); - addargs("-oFallBackToRsh no"); + addargs(&args, "ssh"); /* overwritten with ssh_program */ + addargs(&args, "-x"); + addargs(&args, "-oForwardAgent no"); + addargs(&args, "-oFallBackToRsh no"); + addargs(&args, "-oClearAllForwardings yes"); fflag = tflag = 0; - while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:")) != -1) + while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:F:")) != -1) switch (ch) { /* User-visible flags. */ case '4': case '6': case 'C': - addargs("-%c", ch); + addargs(&args, "-%c", ch); break; case 'o': case 'c': case 'i': - addargs("-%c%s", ch, optarg); + case 'F': + addargs(&args, "-%c%s", ch, optarg); break; case 'P': - addargs("-p%s", optarg); + addargs(&args, "-p%s", optarg); break; case 'B': - addargs("-oBatchmode yes"); + addargs(&args, "-oBatchmode yes"); break; case 'p': pflag = 1; @@ -256,6 +256,7 @@ main(argc, argv) ssh_program = xstrdup(optarg); break; case 'v': + addargs(&args, "-v"); verbose_mode = 1; break; case 'q': @@ -352,13 +353,17 @@ toremote(targ, argc, argv) for (i = 0; i < argc - 1; i++) { src = colon(argv[i]); if (src) { /* remote to remote */ + static char *ssh_options = + "-x -o'FallBackToRsh no' " + "-o'ClearAllForwardings yes'"; *src++ = 0; if (*src == 0) src = "."; host = strchr(argv[i], '@'); len = strlen(ssh_program) + strlen(argv[i]) + strlen(src) + (tuser ? strlen(tuser) : 0) + - strlen(thost) + strlen(targ) + CMDNEEDS + 32; + strlen(thost) + strlen(targ) + + strlen(ssh_options) + CMDNEEDS + 20; bp = xmalloc(len); if (host) { *host++ = 0; @@ -369,19 +374,19 @@ toremote(targ, argc, argv) else if (!okname(suser)) continue; snprintf(bp, len, - "%s%s -x -o'FallBackToRsh no' -n " + "%s%s %s -n " "-l %s %s %s %s '%s%s%s:%s'", ssh_program, verbose_mode ? " -v" : "", - suser, host, cmd, src, + ssh_options, suser, host, cmd, src, tuser ? tuser : "", tuser ? "@" : "", thost, targ); } else { host = cleanhostname(argv[i]); snprintf(bp, len, - "exec %s%s -x -o'FallBackToRsh no' -n %s " + "exec %s%s %s -n %s " "%s %s '%s%s%s:%s'", ssh_program, verbose_mode ? " -v" : "", - host, cmd, src, + ssh_options, host, cmd, src, tuser ? tuser : "", tuser ? "@" : "", thost, targ); } @@ -479,6 +484,11 @@ source(argc, argv) len = strlen(name); while (len > 1 && name[len-1] == '/') name[--len] = '\0'; + if (strchr(name, '\n') != NULL) { + run_err("%s: skipping, filename contains a newline", + name); + goto next; + } if ((fd = open(name, O_RDONLY, 0)) < 0) goto syserr; if (fstat(fd, &stb) < 0) { @@ -641,7 +651,7 @@ sink(argc, argv) #define atime tv[0] #define mtime tv[1] -#define SCREWUP(str) { why = str; goto screwup; } +#define SCREWUP(str) do { why = str; goto screwup; } while (0) setimes = targisdir = 0; mask = umask(0); @@ -784,7 +794,7 @@ sink(argc, argv) } omode = mode; mode |= S_IWRITE; - if ((ofd = open(np, O_WRONLY | O_CREAT | O_TRUNC, mode)) < 0) { + if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { bad: run_err("%s: %s", np, strerror(errno)); continue; } @@ -808,7 +818,8 @@ bad: run_err("%s: %s", np, strerror(errno)); count += amt; do { j = read(remin, cp, amt); - if (j == -1 && (errno == EINTR || errno == EAGAIN)) { + if (j == -1 && (errno == EINTR || + errno == EAGAIN)) { continue; } else if (j <= 0) { run_err("%s", j ? strerror(errno) : @@ -839,12 +850,10 @@ bad: run_err("%s: %s", np, strerror(errno)); wrerr = YES; wrerrno = j >= 0 ? EIO : errno; } -#if 0 if (ftruncate(ofd, size)) { run_err("%s: truncate: %s", np, strerror(errno)); wrerr = DISPLAYED; } -#endif if (pflag) { if (exists || omode != mode) if (fchmod(ofd, omode)) @@ -886,7 +895,7 @@ screwup: } int -response() +response(void) { char ch, *cp, resp, rbuf[2048]; @@ -919,10 +928,11 @@ response() } void -usage() +usage(void) { - (void) fprintf(stderr, "usage: scp " - "[-pqrvBC46] [-S ssh] [-P port] [-c cipher] [-i identity] f1 f2\n" + (void) fprintf(stderr, + "usage: scp [-pqrvBC46] [-F config] [-S ssh] [-P port] [-c cipher] [-i identity]\n" + " [-o option] f1 f2\n" " or: scp [options] f1 ... fn directory\n"); exit(1); } @@ -932,22 +942,24 @@ run_err(const char *fmt,...) { static FILE *fp; va_list ap; - va_start(ap, fmt); ++errs; if (fp == NULL && !(fp = fdopen(remout, "w"))) return; (void) fprintf(fp, "%c", 0x01); (void) fprintf(fp, "scp: "); + va_start(ap, fmt); (void) vfprintf(fp, fmt, ap); + va_end(ap); (void) fprintf(fp, "\n"); (void) fflush(fp); if (!iamremote) { + va_start(ap, fmt); vfprintf(stderr, fmt, ap); + va_end(ap); fprintf(stderr, "\n"); } - va_end(ap); } void @@ -974,7 +986,7 @@ okname(cp0) cp = cp0; do { - c = *cp; + c = (int)*cp; if (c & 0200) goto bad; if (!isalpha(c) && !isdigit(c) && @@ -1010,6 +1022,7 @@ allocbuf(bp, fd, blksize) bp->buf = xmalloc(size); else bp->buf = xrealloc(bp->buf, size); + memset(bp->buf, 0, size); bp->cnt = size; return (bp); } @@ -1019,32 +1032,25 @@ lostconn(signo) int signo; { if (!iamremote) - fprintf(stderr, "lost connection\n"); - exit(1); -} - - -void -alarmtimer(int wait) -{ - struct itimerval itv; - - itv.it_value.tv_sec = wait; - itv.it_value.tv_usec = 0; - itv.it_interval = itv.it_value; - setitimer(ITIMER_REAL, &itv, NULL); + write(STDERR_FILENO, "lost connection\n", 16); + if (signo) + _exit(1); + else + exit(1); } -void +static void updateprogressmeter(int ignore) { int save_errno = errno; progressmeter(0); + signal(SIGALRM, updateprogressmeter); + alarm(PROGRESSTIME); errno = save_errno; } -int +static int foregroundproc(void) { static pid_t pgrp = -1; @@ -1093,8 +1099,10 @@ progressmeter(int flag) i = barlength * ratio / 100; snprintf(buf + strlen(buf), sizeof(buf) - strlen(buf), "|%.*s%*s|", i, - "*****************************************************************************" - "*****************************************************************************", + "***************************************" + "***************************************" + "***************************************" + "***************************************", barlength - i, ""); } i = 0; @@ -1150,9 +1158,9 @@ progressmeter(int flag) if (flag == -1) { signal(SIGALRM, updateprogressmeter); - alarmtimer(1); + alarm(PROGRESSTIME); } else if (flag == 1) { - alarmtimer(0); + alarm(0); atomicio(write, fileno(stdout), "\n", 1); statbytes = 0; } @@ -1168,25 +1176,3 @@ getttywidth(void) else return (80); } - -void -addargs(char *fmt, ...) -{ - va_list ap; - char buf[1024]; - - va_start(ap, fmt); - vsnprintf(buf, sizeof(buf), fmt, ap); - va_end(ap); - - if (args.list == NULL) { - args.nalloc = 32; - args.num = 0; - args.list = xmalloc(args.nalloc * sizeof(char *)); - } else if (args.num+2 >= args.nalloc) { - args.nalloc *= 2; - args.list = xrealloc(args.list, args.nalloc * sizeof(char *)); - } - args.list[args.num++] = xstrdup(buf); - args.list[args.num] = NULL; -} diff --git a/crypto/openssh/scp/Makefile b/crypto/openssh/scp/Makefile index 454682a36b7c..c8959bbf6d2d 100644 --- a/crypto/openssh/scp/Makefile +++ b/crypto/openssh/scp/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.12 2001/04/16 02:31:48 mouring Exp $ +# $OpenBSD: Makefile,v 1.13 2001/05/03 23:09:55 mouring Exp $ .PATH: ${.CURDIR}/.. @@ -10,6 +10,6 @@ BINMODE?=555 BINDIR= /usr/bin MAN= scp.1 -SRCS= scp.c scp-common.c +SRCS= scp.c misc.c .include <bsd.prog.mk> diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index 3d0c9efa6f2d..cf2042e31006 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -10,9 +10,9 @@ */ #include "includes.h" -RCSID("$OpenBSD: servconf.c,v 1.78 2001/04/15 21:28:35 stevesk Exp $"); +RCSID("$OpenBSD: servconf.c,v 1.101 2002/02/04 12:15:25 markus Exp $"); -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) #include <krb.h> #endif #ifdef AFS @@ -31,8 +31,8 @@ RCSID("$OpenBSD: servconf.c,v 1.78 2001/04/15 21:28:35 stevesk Exp $"); #include "kex.h" #include "mac.h" -void add_listen_addr(ServerOptions *options, char *addr, u_short port); -void add_one_listen_addr(ServerOptions *options, char *addr, u_short port); +static void add_listen_addr(ServerOptions *, char *, u_short); +static void add_one_listen_addr(ServerOptions *, char *, u_short); /* AF_UNSPEC or AF_INET or AF_INET6 */ extern int IPv4or6; @@ -56,32 +56,34 @@ initialize_server_options(ServerOptions *options) options->ignore_user_known_hosts = -1; options->print_motd = -1; options->print_lastlog = -1; - options->check_mail = -1; options->x11_forwarding = -1; options->x11_display_offset = -1; + options->x11_use_localhost = -1; options->xauth_location = NULL; options->strict_modes = -1; options->keepalives = -1; - options->log_facility = (SyslogFacility) - 1; - options->log_level = (LogLevel) - 1; + options->log_facility = SYSLOG_FACILITY_NOT_SET; + options->log_level = SYSLOG_LEVEL_NOT_SET; options->rhosts_authentication = -1; options->rhosts_rsa_authentication = -1; options->hostbased_authentication = -1; options->hostbased_uses_name_from_packet_only = -1; options->rsa_authentication = -1; options->pubkey_authentication = -1; -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) options->kerberos_authentication = -1; options->kerberos_or_local_passwd = -1; options->kerberos_ticket_cleanup = -1; #endif -#ifdef AFS +#if defined(AFS) || defined(KRB5) options->kerberos_tgt_passing = -1; +#endif +#ifdef AFS options->afs_token_passing = -1; #endif options->password_authentication = -1; options->kbd_interactive_authentication = -1; - options->challenge_reponse_authentication = -1; + options->challenge_response_authentication = -1; options->permit_empty_passwd = -1; options->use_login = -1; options->allow_tcp_forwarding = -1; @@ -98,9 +100,11 @@ initialize_server_options(ServerOptions *options) options->max_startups_rate = -1; options->max_startups = -1; options->banner = NULL; - options->reverse_mapping_check = -1; + options->verify_reverse_mapping = -1; options->client_alive_interval = -1; options->client_alive_count_max = -1; + options->authorized_keys_file = NULL; + options->authorized_keys_file2 = NULL; } void @@ -111,9 +115,14 @@ fill_default_server_options(ServerOptions *options) if (options->num_host_key_files == 0) { /* fill default hostkeys for protocols */ if (options->protocol & SSH_PROTO_1) - options->host_key_files[options->num_host_key_files++] = _PATH_HOST_KEY_FILE; - if (options->protocol & SSH_PROTO_2) - options->host_key_files[options->num_host_key_files++] = _PATH_HOST_DSA_KEY_FILE; + options->host_key_files[options->num_host_key_files++] = + _PATH_HOST_KEY_FILE; + if (options->protocol & SSH_PROTO_2) { + options->host_key_files[options->num_host_key_files++] = + _PATH_HOST_RSA_KEY_FILE; + options->host_key_files[options->num_host_key_files++] = + _PATH_HOST_DSA_KEY_FILE; + } } if (options->num_ports == 0) options->ports[options->num_ports++] = SSH_DEFAULT_PORT; @@ -133,8 +142,6 @@ fill_default_server_options(ServerOptions *options) options->ignore_rhosts = 1; if (options->ignore_user_known_hosts == -1) options->ignore_user_known_hosts = 0; - if (options->check_mail == -1) - options->check_mail = 0; if (options->print_motd == -1) options->print_motd = 1; if (options->print_lastlog == -1) @@ -143,17 +150,17 @@ fill_default_server_options(ServerOptions *options) options->x11_forwarding = 0; if (options->x11_display_offset == -1) options->x11_display_offset = 10; -#ifdef XAUTH_PATH + if (options->x11_use_localhost == -1) + options->x11_use_localhost = 1; if (options->xauth_location == NULL) - options->xauth_location = XAUTH_PATH; -#endif /* XAUTH_PATH */ + options->xauth_location = _PATH_XAUTH; if (options->strict_modes == -1) options->strict_modes = 1; if (options->keepalives == -1) options->keepalives = 1; - if (options->log_facility == (SyslogFacility) (-1)) + if (options->log_facility == SYSLOG_FACILITY_NOT_SET) options->log_facility = SYSLOG_FACILITY_AUTH; - if (options->log_level == (LogLevel) (-1)) + if (options->log_level == SYSLOG_LEVEL_NOT_SET) options->log_level = SYSLOG_LEVEL_INFO; if (options->rhosts_authentication == -1) options->rhosts_authentication = 0; @@ -167,26 +174,28 @@ fill_default_server_options(ServerOptions *options) options->rsa_authentication = 1; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) if (options->kerberos_authentication == -1) options->kerberos_authentication = (access(KEYFILE, R_OK) == 0); if (options->kerberos_or_local_passwd == -1) options->kerberos_or_local_passwd = 1; if (options->kerberos_ticket_cleanup == -1) options->kerberos_ticket_cleanup = 1; -#endif /* KRB4 */ -#ifdef AFS +#endif +#if defined(AFS) || defined(KRB5) if (options->kerberos_tgt_passing == -1) options->kerberos_tgt_passing = 0; +#endif +#ifdef AFS if (options->afs_token_passing == -1) options->afs_token_passing = k_hasafs(); -#endif /* AFS */ +#endif if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) options->kbd_interactive_authentication = 0; - if (options->challenge_reponse_authentication == -1) - options->challenge_reponse_authentication = 1; + if (options->challenge_response_authentication == -1) + options->challenge_response_authentication = 1; if (options->permit_empty_passwd == -1) options->permit_empty_passwd = 0; if (options->use_login == -1) @@ -201,12 +210,21 @@ fill_default_server_options(ServerOptions *options) options->max_startups_rate = 100; /* 100% */ if (options->max_startups_begin == -1) options->max_startups_begin = options->max_startups; - if (options->reverse_mapping_check == -1) - options->reverse_mapping_check = 0; + if (options->verify_reverse_mapping == -1) + options->verify_reverse_mapping = 0; if (options->client_alive_interval == -1) - options->client_alive_interval = 0; + options->client_alive_interval = 0; if (options->client_alive_count_max == -1) options->client_alive_count_max = 3; + if (options->authorized_keys_file2 == NULL) { + /* authorized_keys_file2 falls back to authorized_keys_file */ + if (options->authorized_keys_file != NULL) + options->authorized_keys_file2 = options->authorized_keys_file; + else + options->authorized_keys_file2 = _PATH_SSH_USER_PERMITTED_KEYS2; + } + if (options->authorized_keys_file == NULL) + options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; } /* Keyword tokens. */ @@ -215,24 +233,28 @@ typedef enum { sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime, sPermitRootLogin, sLogFacility, sLogLevel, sRhostsAuthentication, sRhostsRSAAuthentication, sRSAAuthentication, -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup, #endif +#if defined(AFS) || defined(KRB5) + sKerberosTgtPassing, +#endif #ifdef AFS - sKerberosTgtPassing, sAFSTokenPassing, + sAFSTokenPassing, #endif sChallengeResponseAuthentication, sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress, sPrintMotd, sPrintLastLog, sIgnoreRhosts, - sX11Forwarding, sX11DisplayOffset, - sStrictModes, sEmptyPasswd, sKeepAlives, sCheckMail, + sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, + sStrictModes, sEmptyPasswd, sKeepAlives, sUseLogin, sAllowTcpForwarding, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups, - sBanner, sReverseMappingCheck, sHostbasedAuthentication, - sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, - sClientAliveCountMax + sBanner, sVerifyReverseMapping, sHostbasedAuthentication, + sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, + sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, + sDeprecated } ServerOpCodes; /* Textual representation of the tokens. */ @@ -257,20 +279,22 @@ static struct { { "rsaauthentication", sRSAAuthentication }, { "pubkeyauthentication", sPubkeyAuthentication }, { "dsaauthentication", sPubkeyAuthentication }, /* alias */ -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) { "kerberosauthentication", sKerberosAuthentication }, { "kerberosorlocalpasswd", sKerberosOrLocalPasswd }, { "kerberosticketcleanup", sKerberosTicketCleanup }, #endif -#ifdef AFS +#if defined(AFS) || defined(KRB5) { "kerberostgtpassing", sKerberosTgtPassing }, +#endif +#ifdef AFS { "afstokenpassing", sAFSTokenPassing }, #endif { "passwordauthentication", sPasswordAuthentication }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication }, { "challengeresponseauthentication", sChallengeResponseAuthentication }, { "skeyauthentication", sChallengeResponseAuthentication }, /* alias */ - { "checkmail", sCheckMail }, + { "checkmail", sDeprecated }, { "listenaddress", sListenAddress }, { "printmotd", sPrintMotd }, { "printlastlog", sPrintLastLog }, @@ -278,6 +302,7 @@ static struct { { "ignoreuserknownhosts", sIgnoreUserKnownHosts }, { "x11forwarding", sX11Forwarding }, { "x11displayoffset", sX11DisplayOffset }, + { "x11uselocalhost", sX11UseLocalhost }, { "xauthlocation", sXAuthLocation }, { "strictmodes", sStrictModes }, { "permitemptypasswords", sEmptyPasswd }, @@ -295,10 +320,13 @@ static struct { { "subsystem", sSubsystem }, { "maxstartups", sMaxStartups }, { "banner", sBanner }, - { "reversemappingcheck", sReverseMappingCheck }, + { "verifyreversemapping", sVerifyReverseMapping }, + { "reversemappingcheck", sVerifyReverseMapping }, { "clientaliveinterval", sClientAliveInterval }, { "clientalivecountmax", sClientAliveCountMax }, - { NULL, 0 } + { "authorizedkeysfile", sAuthorizedKeysFile }, + { "authorizedkeysfile2", sAuthorizedKeysFile2 }, + { NULL, sBadOption } }; /* @@ -320,7 +348,7 @@ parse_token(const char *cp, const char *filename, return sBadOption; } -void +static void add_listen_addr(ServerOptions *options, char *addr, u_short port) { int i; @@ -334,7 +362,7 @@ add_listen_addr(ServerOptions *options, char *addr, u_short port) add_one_listen_addr(options, addr, port); } -void +static void add_one_listen_addr(ServerOptions *options, char *addr, u_short port) { struct addrinfo hints, *ai, *aitop; @@ -356,451 +384,495 @@ add_one_listen_addr(ServerOptions *options, char *addr, u_short port) options->listen_addrs = aitop; } -/* Reads the server configuration file. */ - -void -read_server_config(ServerOptions *options, const char *filename) +int +process_server_config_line(ServerOptions *options, char *line, + const char *filename, int linenum) { - FILE *f; - char line[1024]; char *cp, **charptr, *arg, *p; - int linenum, *intptr, value; - int bad_options = 0; + int *intptr, value; ServerOpCodes opcode; - int i; + int i, n; - f = fopen(filename, "r"); - if (!f) { - perror(filename); - exit(1); - } - linenum = 0; - while (fgets(line, sizeof(line), f)) { - linenum++; - cp = line; + cp = line; + arg = strdelim(&cp); + /* Ignore leading whitespace */ + if (*arg == '\0') arg = strdelim(&cp); - /* Ignore leading whitespace */ - if (*arg == '\0') - arg = strdelim(&cp); - if (!arg || !*arg || *arg == '#') - continue; - intptr = NULL; - charptr = NULL; - opcode = parse_token(arg, filename, linenum); - switch (opcode) { - case sBadOption: - bad_options++; - continue; - case sPort: - /* ignore ports from configfile if cmdline specifies ports */ - if (options->ports_from_cmdline) - continue; - if (options->listen_addrs != NULL) - fatal("%s line %d: ports must be specified before " - "ListenAdress.\n", filename, linenum); - if (options->num_ports >= MAX_PORTS) - fatal("%s line %d: too many ports.", - filename, linenum); - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing port number.", - filename, linenum); - options->ports[options->num_ports++] = a2port(arg); - if (options->ports[options->num_ports-1] == 0) - fatal("%s line %d: Badly formatted port number.", - filename, linenum); - break; - - case sServerKeyBits: - intptr = &options->server_key_bits; + if (!arg || !*arg || *arg == '#') + return 0; + intptr = NULL; + charptr = NULL; + opcode = parse_token(arg, filename, linenum); + switch (opcode) { + case sBadOption: + return -1; + case sPort: + /* ignore ports from configfile if cmdline specifies ports */ + if (options->ports_from_cmdline) + return 0; + if (options->listen_addrs != NULL) + fatal("%s line %d: ports must be specified before " + "ListenAddress.", filename, linenum); + if (options->num_ports >= MAX_PORTS) + fatal("%s line %d: too many ports.", + filename, linenum); + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing port number.", + filename, linenum); + options->ports[options->num_ports++] = a2port(arg); + if (options->ports[options->num_ports-1] == 0) + fatal("%s line %d: Badly formatted port number.", + filename, linenum); + break; + + case sServerKeyBits: + intptr = &options->server_key_bits; parse_int: - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing integer value.", + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing integer value.", + filename, linenum); + value = atoi(arg); + if (*intptr == -1) + *intptr = value; + break; + + case sLoginGraceTime: + intptr = &options->login_grace_time; +parse_time: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing time value.", + filename, linenum); + if ((value = convtime(arg)) == -1) + fatal("%s line %d: invalid time value.", + filename, linenum); + if (*intptr == -1) + *intptr = value; + break; + + case sKeyRegenerationTime: + intptr = &options->key_regeneration_time; + goto parse_time; + + case sListenAddress: + arg = strdelim(&cp); + if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) + fatal("%s line %d: missing inet addr.", + filename, linenum); + if (*arg == '[') { + if ((p = strchr(arg, ']')) == NULL) + fatal("%s line %d: bad ipv6 inet addr usage.", filename, linenum); - value = atoi(arg); - if (*intptr == -1) - *intptr = value; + arg++; + memmove(p, p+1, strlen(p+1)+1); + } else if (((p = strchr(arg, ':')) == NULL) || + (strchr(p+1, ':') != NULL)) { + add_listen_addr(options, arg, 0); break; + } + if (*p == ':') { + u_short port; - case sLoginGraceTime: - intptr = &options->login_grace_time; - goto parse_int; - - case sKeyRegenerationTime: - intptr = &options->key_regeneration_time; - goto parse_int; - - case sListenAddress: - arg = strdelim(&cp); - if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) - fatal("%s line %d: missing inet addr.", + p++; + if (*p == '\0') + fatal("%s line %d: bad inet addr:port usage.", filename, linenum); - if (*arg == '[') { - if ((p = strchr(arg, ']')) == NULL) - fatal("%s line %d: bad ipv6 inet addr usage.", + else { + *(p-1) = '\0'; + if ((port = a2port(p)) == 0) + fatal("%s line %d: bad port number.", filename, linenum); - arg++; - memmove(p, p+1, strlen(p+1)+1); - } else if (((p = strchr(arg, ':')) == NULL) || - (strchr(p+1, ':') != NULL)) { - add_listen_addr(options, arg, 0); - break; + add_listen_addr(options, arg, port); } - if (*p == ':') { - u_short port; - - p++; - if (*p == '\0') - fatal("%s line %d: bad inet addr:port usage.", - filename, linenum); - else { - *(p-1) = '\0'; - if ((port = a2port(p)) == 0) - fatal("%s line %d: bad port number.", - filename, linenum); - add_listen_addr(options, arg, port); - } - } else if (*p == '\0') - add_listen_addr(options, arg, 0); - else - fatal("%s line %d: bad inet addr usage.", - filename, linenum); - break; - - case sHostKeyFile: - intptr = &options->num_host_key_files; - if (*intptr >= MAX_HOSTKEYS) - fatal("%s line %d: too many host keys specified (max %d).", - filename, linenum, MAX_HOSTKEYS); - charptr = &options->host_key_files[*intptr]; + } else if (*p == '\0') + add_listen_addr(options, arg, 0); + else + fatal("%s line %d: bad inet addr usage.", + filename, linenum); + break; + + case sHostKeyFile: + intptr = &options->num_host_key_files; + if (*intptr >= MAX_HOSTKEYS) + fatal("%s line %d: too many host keys specified (max %d).", + filename, linenum, MAX_HOSTKEYS); + charptr = &options->host_key_files[*intptr]; parse_filename: - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing file name.", - filename, linenum); - if (*charptr == NULL) { - *charptr = tilde_expand_filename(arg, getuid()); - /* increase optional counter */ - if (intptr != NULL) - *intptr = *intptr + 1; - } - break; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing file name.", + filename, linenum); + if (*charptr == NULL) { + *charptr = tilde_expand_filename(arg, getuid()); + /* increase optional counter */ + if (intptr != NULL) + *intptr = *intptr + 1; + } + break; - case sPidFile: - charptr = &options->pid_file; - goto parse_filename; - - case sPermitRootLogin: - intptr = &options->permit_root_login; - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing yes/" - "without-password/forced-commands-only/no " - "argument.", filename, linenum); - value = 0; /* silence compiler */ - if (strcmp(arg, "without-password") == 0) - value = PERMIT_NO_PASSWD; - else if (strcmp(arg, "forced-commands-only") == 0) - value = PERMIT_FORCED_ONLY; - else if (strcmp(arg, "yes") == 0) - value = PERMIT_YES; - else if (strcmp(arg, "no") == 0) - value = PERMIT_NO; - else - fatal("%s line %d: Bad yes/" - "without-password/forced-commands-only/no " - "argument: %s", filename, linenum, arg); - if (*intptr == -1) - *intptr = value; - break; + case sPidFile: + charptr = &options->pid_file; + goto parse_filename; - case sIgnoreRhosts: - intptr = &options->ignore_rhosts; + case sPermitRootLogin: + intptr = &options->permit_root_login; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing yes/" + "without-password/forced-commands-only/no " + "argument.", filename, linenum); + value = 0; /* silence compiler */ + if (strcmp(arg, "without-password") == 0) + value = PERMIT_NO_PASSWD; + else if (strcmp(arg, "forced-commands-only") == 0) + value = PERMIT_FORCED_ONLY; + else if (strcmp(arg, "yes") == 0) + value = PERMIT_YES; + else if (strcmp(arg, "no") == 0) + value = PERMIT_NO; + else + fatal("%s line %d: Bad yes/" + "without-password/forced-commands-only/no " + "argument: %s", filename, linenum, arg); + if (*intptr == -1) + *intptr = value; + break; + + case sIgnoreRhosts: + intptr = &options->ignore_rhosts; parse_flag: - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: missing yes/no argument.", - filename, linenum); - value = 0; /* silence compiler */ - if (strcmp(arg, "yes") == 0) - value = 1; - else if (strcmp(arg, "no") == 0) - value = 0; - else - fatal("%s line %d: Bad yes/no argument: %s", - filename, linenum, arg); - if (*intptr == -1) - *intptr = value; - break; - - case sIgnoreUserKnownHosts: - intptr = &options->ignore_user_known_hosts; - goto parse_flag; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: missing yes/no argument.", + filename, linenum); + value = 0; /* silence compiler */ + if (strcmp(arg, "yes") == 0) + value = 1; + else if (strcmp(arg, "no") == 0) + value = 0; + else + fatal("%s line %d: Bad yes/no argument: %s", + filename, linenum, arg); + if (*intptr == -1) + *intptr = value; + break; + + case sIgnoreUserKnownHosts: + intptr = &options->ignore_user_known_hosts; + goto parse_flag; + + case sRhostsAuthentication: + intptr = &options->rhosts_authentication; + goto parse_flag; + + case sRhostsRSAAuthentication: + intptr = &options->rhosts_rsa_authentication; + goto parse_flag; + + case sHostbasedAuthentication: + intptr = &options->hostbased_authentication; + goto parse_flag; + + case sHostbasedUsesNameFromPacketOnly: + intptr = &options->hostbased_uses_name_from_packet_only; + goto parse_flag; + + case sRSAAuthentication: + intptr = &options->rsa_authentication; + goto parse_flag; + + case sPubkeyAuthentication: + intptr = &options->pubkey_authentication; + goto parse_flag; +#if defined(KRB4) || defined(KRB5) + case sKerberosAuthentication: + intptr = &options->kerberos_authentication; + goto parse_flag; + + case sKerberosOrLocalPasswd: + intptr = &options->kerberos_or_local_passwd; + goto parse_flag; + + case sKerberosTicketCleanup: + intptr = &options->kerberos_ticket_cleanup; + goto parse_flag; +#endif +#if defined(AFS) || defined(KRB5) + case sKerberosTgtPassing: + intptr = &options->kerberos_tgt_passing; + goto parse_flag; +#endif +#ifdef AFS + case sAFSTokenPassing: + intptr = &options->afs_token_passing; + goto parse_flag; +#endif - case sRhostsAuthentication: - intptr = &options->rhosts_authentication; - goto parse_flag; + case sPasswordAuthentication: + intptr = &options->password_authentication; + goto parse_flag; - case sRhostsRSAAuthentication: - intptr = &options->rhosts_rsa_authentication; - goto parse_flag; + case sKbdInteractiveAuthentication: + intptr = &options->kbd_interactive_authentication; + goto parse_flag; - case sHostbasedAuthentication: - intptr = &options->hostbased_authentication; - goto parse_flag; + case sChallengeResponseAuthentication: + intptr = &options->challenge_response_authentication; + goto parse_flag; - case sHostbasedUsesNameFromPacketOnly: - intptr = &options->hostbased_uses_name_from_packet_only; - goto parse_flag; + case sPrintMotd: + intptr = &options->print_motd; + goto parse_flag; - case sRSAAuthentication: - intptr = &options->rsa_authentication; - goto parse_flag; + case sPrintLastLog: + intptr = &options->print_lastlog; + goto parse_flag; - case sPubkeyAuthentication: - intptr = &options->pubkey_authentication; - goto parse_flag; + case sX11Forwarding: + intptr = &options->x11_forwarding; + goto parse_flag; -#ifdef KRB4 - case sKerberosAuthentication: - intptr = &options->kerberos_authentication; - goto parse_flag; + case sX11DisplayOffset: + intptr = &options->x11_display_offset; + goto parse_int; - case sKerberosOrLocalPasswd: - intptr = &options->kerberos_or_local_passwd; - goto parse_flag; + case sX11UseLocalhost: + intptr = &options->x11_use_localhost; + goto parse_flag; - case sKerberosTicketCleanup: - intptr = &options->kerberos_ticket_cleanup; - goto parse_flag; -#endif + case sXAuthLocation: + charptr = &options->xauth_location; + goto parse_filename; -#ifdef AFS - case sKerberosTgtPassing: - intptr = &options->kerberos_tgt_passing; - goto parse_flag; + case sStrictModes: + intptr = &options->strict_modes; + goto parse_flag; - case sAFSTokenPassing: - intptr = &options->afs_token_passing; - goto parse_flag; -#endif + case sKeepAlives: + intptr = &options->keepalives; + goto parse_flag; - case sPasswordAuthentication: - intptr = &options->password_authentication; - goto parse_flag; - - case sKbdInteractiveAuthentication: - intptr = &options->kbd_interactive_authentication; - goto parse_flag; - - case sCheckMail: - intptr = &options->check_mail; - goto parse_flag; - - case sChallengeResponseAuthentication: - intptr = &options->challenge_reponse_authentication; - goto parse_flag; - - case sPrintMotd: - intptr = &options->print_motd; - goto parse_flag; - - case sPrintLastLog: - intptr = &options->print_lastlog; - goto parse_flag; - - case sX11Forwarding: - intptr = &options->x11_forwarding; - goto parse_flag; - - case sX11DisplayOffset: - intptr = &options->x11_display_offset; - goto parse_int; - - case sXAuthLocation: - charptr = &options->xauth_location; - goto parse_filename; - - case sStrictModes: - intptr = &options->strict_modes; - goto parse_flag; - - case sKeepAlives: - intptr = &options->keepalives; - goto parse_flag; - - case sEmptyPasswd: - intptr = &options->permit_empty_passwd; - goto parse_flag; - - case sUseLogin: - intptr = &options->use_login; - goto parse_flag; - - case sGatewayPorts: - intptr = &options->gateway_ports; - goto parse_flag; - - case sReverseMappingCheck: - intptr = &options->reverse_mapping_check; - goto parse_flag; - - case sLogFacility: - intptr = (int *) &options->log_facility; - arg = strdelim(&cp); - value = log_facility_number(arg); - if (value == (SyslogFacility) - 1) - fatal("%.200s line %d: unsupported log facility '%s'", - filename, linenum, arg ? arg : "<NONE>"); - if (*intptr == -1) - *intptr = (SyslogFacility) value; - break; + case sEmptyPasswd: + intptr = &options->permit_empty_passwd; + goto parse_flag; - case sLogLevel: - intptr = (int *) &options->log_level; - arg = strdelim(&cp); - value = log_level_number(arg); - if (value == (LogLevel) - 1) - fatal("%.200s line %d: unsupported log level '%s'", - filename, linenum, arg ? arg : "<NONE>"); - if (*intptr == -1) - *intptr = (LogLevel) value; - break; + case sUseLogin: + intptr = &options->use_login; + goto parse_flag; - case sAllowTcpForwarding: - intptr = &options->allow_tcp_forwarding; - goto parse_flag; + case sGatewayPorts: + intptr = &options->gateway_ports; + goto parse_flag; - case sAllowUsers: - while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_allow_users >= MAX_ALLOW_USERS) - fatal("%s line %d: too many allow users.", - filename, linenum); - options->allow_users[options->num_allow_users++] = xstrdup(arg); - } - break; + case sVerifyReverseMapping: + intptr = &options->verify_reverse_mapping; + goto parse_flag; - case sDenyUsers: - while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_deny_users >= MAX_DENY_USERS) - fatal( "%s line %d: too many deny users.", - filename, linenum); - options->deny_users[options->num_deny_users++] = xstrdup(arg); - } - break; + case sLogFacility: + intptr = (int *) &options->log_facility; + arg = strdelim(&cp); + value = log_facility_number(arg); + if (value == SYSLOG_FACILITY_NOT_SET) + fatal("%.200s line %d: unsupported log facility '%s'", + filename, linenum, arg ? arg : "<NONE>"); + if (*intptr == -1) + *intptr = (SyslogFacility) value; + break; + + case sLogLevel: + intptr = (int *) &options->log_level; + arg = strdelim(&cp); + value = log_level_number(arg); + if (value == SYSLOG_LEVEL_NOT_SET) + fatal("%.200s line %d: unsupported log level '%s'", + filename, linenum, arg ? arg : "<NONE>"); + if (*intptr == -1) + *intptr = (LogLevel) value; + break; + + case sAllowTcpForwarding: + intptr = &options->allow_tcp_forwarding; + goto parse_flag; + + case sAllowUsers: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_allow_users >= MAX_ALLOW_USERS) + fatal("%s line %d: too many allow users.", + filename, linenum); + options->allow_users[options->num_allow_users++] = xstrdup(arg); + } + break; - case sAllowGroups: - while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_allow_groups >= MAX_ALLOW_GROUPS) - fatal("%s line %d: too many allow groups.", - filename, linenum); - options->allow_groups[options->num_allow_groups++] = xstrdup(arg); - } - break; + case sDenyUsers: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_deny_users >= MAX_DENY_USERS) + fatal( "%s line %d: too many deny users.", + filename, linenum); + options->deny_users[options->num_deny_users++] = xstrdup(arg); + } + break; - case sDenyGroups: - while ((arg = strdelim(&cp)) && *arg != '\0') { - if (options->num_deny_groups >= MAX_DENY_GROUPS) - fatal("%s line %d: too many deny groups.", - filename, linenum); - options->deny_groups[options->num_deny_groups++] = xstrdup(arg); - } - break; + case sAllowGroups: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_allow_groups >= MAX_ALLOW_GROUPS) + fatal("%s line %d: too many allow groups.", + filename, linenum); + options->allow_groups[options->num_allow_groups++] = xstrdup(arg); + } + break; - case sCiphers: - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: Missing argument.", filename, linenum); - if (!ciphers_valid(arg)) - fatal("%s line %d: Bad SSH2 cipher spec '%s'.", - filename, linenum, arg ? arg : "<NONE>"); - if (options->ciphers == NULL) - options->ciphers = xstrdup(arg); - break; + case sDenyGroups: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_deny_groups >= MAX_DENY_GROUPS) + fatal("%s line %d: too many deny groups.", + filename, linenum); + options->deny_groups[options->num_deny_groups++] = xstrdup(arg); + } + break; - case sMacs: - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: Missing argument.", filename, linenum); - if (!mac_valid(arg)) - fatal("%s line %d: Bad SSH2 mac spec '%s'.", - filename, linenum, arg ? arg : "<NONE>"); - if (options->macs == NULL) - options->macs = xstrdup(arg); - break; + case sCiphers: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing argument.", filename, linenum); + if (!ciphers_valid(arg)) + fatal("%s line %d: Bad SSH2 cipher spec '%s'.", + filename, linenum, arg ? arg : "<NONE>"); + if (options->ciphers == NULL) + options->ciphers = xstrdup(arg); + break; + + case sMacs: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing argument.", filename, linenum); + if (!mac_valid(arg)) + fatal("%s line %d: Bad SSH2 mac spec '%s'.", + filename, linenum, arg ? arg : "<NONE>"); + if (options->macs == NULL) + options->macs = xstrdup(arg); + break; + + case sProtocol: + intptr = &options->protocol; + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing argument.", filename, linenum); + value = proto_spec(arg); + if (value == SSH_PROTO_UNKNOWN) + fatal("%s line %d: Bad protocol spec '%s'.", + filename, linenum, arg ? arg : "<NONE>"); + if (*intptr == SSH_PROTO_UNKNOWN) + *intptr = value; + break; + + case sSubsystem: + if (options->num_subsystems >= MAX_SUBSYSTEMS) { + fatal("%s line %d: too many subsystems defined.", + filename, linenum); + } + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing subsystem name.", + filename, linenum); + for (i = 0; i < options->num_subsystems; i++) + if (strcmp(arg, options->subsystem_name[i]) == 0) + fatal("%s line %d: Subsystem '%s' already defined.", + filename, linenum, arg); + options->subsystem_name[options->num_subsystems] = xstrdup(arg); + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing subsystem command.", + filename, linenum); + options->subsystem_command[options->num_subsystems] = xstrdup(arg); + options->num_subsystems++; + break; + + case sMaxStartups: + arg = strdelim(&cp); + if (!arg || *arg == '\0') + fatal("%s line %d: Missing MaxStartups spec.", + filename, linenum); + if ((n = sscanf(arg, "%d:%d:%d", + &options->max_startups_begin, + &options->max_startups_rate, + &options->max_startups)) == 3) { + if (options->max_startups_begin > + options->max_startups || + options->max_startups_rate > 100 || + options->max_startups_rate < 1) + fatal("%s line %d: Illegal MaxStartups spec.", + filename, linenum); + } else if (n != 1) + fatal("%s line %d: Illegal MaxStartups spec.", + filename, linenum); + else + options->max_startups = options->max_startups_begin; + break; + + case sBanner: + charptr = &options->banner; + goto parse_filename; + /* + * These options can contain %X options expanded at + * connect time, so that you can specify paths like: + * + * AuthorizedKeysFile /etc/ssh_keys/%u + */ + case sAuthorizedKeysFile: + case sAuthorizedKeysFile2: + charptr = (opcode == sAuthorizedKeysFile ) ? + &options->authorized_keys_file : + &options->authorized_keys_file2; + goto parse_filename; + + case sClientAliveInterval: + intptr = &options->client_alive_interval; + goto parse_time; + + case sClientAliveCountMax: + intptr = &options->client_alive_count_max; + goto parse_int; + + case sDeprecated: + log("%s line %d: Deprecated option %s", + filename, linenum, arg); + while (arg) + arg = strdelim(&cp); + break; + + default: + fatal("%s line %d: Missing handler for opcode %s (%d)", + filename, linenum, arg, opcode); + } + if ((arg = strdelim(&cp)) != NULL && *arg != '\0') + fatal("%s line %d: garbage at end of line; \"%.200s\".", + filename, linenum, arg); + return 0; +} - case sProtocol: - intptr = &options->protocol; - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: Missing argument.", filename, linenum); - value = proto_spec(arg); - if (value == SSH_PROTO_UNKNOWN) - fatal("%s line %d: Bad protocol spec '%s'.", - filename, linenum, arg ? arg : "<NONE>"); - if (*intptr == SSH_PROTO_UNKNOWN) - *intptr = value; - break; +/* Reads the server configuration file. */ - case sSubsystem: - if(options->num_subsystems >= MAX_SUBSYSTEMS) { - fatal("%s line %d: too many subsystems defined.", - filename, linenum); - } - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: Missing subsystem name.", - filename, linenum); - for (i = 0; i < options->num_subsystems; i++) - if(strcmp(arg, options->subsystem_name[i]) == 0) - fatal("%s line %d: Subsystem '%s' already defined.", - filename, linenum, arg); - options->subsystem_name[options->num_subsystems] = xstrdup(arg); - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: Missing subsystem command.", - filename, linenum); - options->subsystem_command[options->num_subsystems] = xstrdup(arg); - options->num_subsystems++; - break; +void +read_server_config(ServerOptions *options, const char *filename) +{ + FILE *f; + char line[1024]; + int linenum; + int bad_options = 0; - case sMaxStartups: - arg = strdelim(&cp); - if (!arg || *arg == '\0') - fatal("%s line %d: Missing MaxStartups spec.", - filename, linenum); - if (sscanf(arg, "%d:%d:%d", - &options->max_startups_begin, - &options->max_startups_rate, - &options->max_startups) == 3) { - if (options->max_startups_begin > - options->max_startups || - options->max_startups_rate > 100 || - options->max_startups_rate < 1) - fatal("%s line %d: Illegal MaxStartups spec.", - filename, linenum); - break; - } - intptr = &options->max_startups; - goto parse_int; - - case sBanner: - charptr = &options->banner; - goto parse_filename; - case sClientAliveInterval: - intptr = &options->client_alive_interval; - goto parse_int; - case sClientAliveCountMax: - intptr = &options->client_alive_count_max; - goto parse_int; - default: - fatal("%s line %d: Missing handler for opcode %s (%d)", - filename, linenum, arg, opcode); - } - if ((arg = strdelim(&cp)) != NULL && *arg != '\0') - fatal("%s line %d: garbage at end of line; \"%.200s\".", - filename, linenum, arg); + f = fopen(filename, "r"); + if (!f) { + perror(filename); + exit(1); + } + linenum = 0; + while (fgets(line, sizeof(line), f)) { + /* Update line number counter. */ + linenum++; + if (process_server_config_line(options, line, filename, linenum) != 0) + bad_options++; } fclose(f); if (bad_options > 0) diff --git a/crypto/openssh/servconf.h b/crypto/openssh/servconf.h index 4c02c0f5218e..3cdb4491a20e 100644 --- a/crypto/openssh/servconf.h +++ b/crypto/openssh/servconf.h @@ -1,3 +1,5 @@ +/* $OpenBSD: servconf.h,v 1.54 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -11,8 +13,6 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: servconf.h,v 1.41 2001/04/13 22:46:53 beck Exp $"); */ - #ifndef SERVCONF_H #define SERVCONF_H @@ -52,10 +52,10 @@ typedef struct { * for RhostsRsaAuth */ int print_motd; /* If true, print /etc/motd. */ int print_lastlog; /* If true, print lastlog */ - int check_mail; /* If true, check for new mail. */ int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ int x11_display_offset; /* What DISPLAY number to start * searching at */ + int x11_use_localhost; /* If true, use localhost for fake X11 server. */ char *xauth_location; /* Location of xauth program */ int strict_modes; /* If true, require string home dir modes. */ int keepalives; /* If true, set SO_KEEPALIVE. */ @@ -73,7 +73,7 @@ typedef struct { int hostbased_uses_name_from_packet_only; /* experimental */ int rsa_authentication; /* If true, permit RSA authentication. */ int pubkey_authentication; /* If true, permit ssh2 pubkey authentication. */ -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) int kerberos_authentication; /* If true, permit Kerberos * authentication. */ int kerberos_or_local_passwd; /* If true, permit kerberos @@ -84,15 +84,17 @@ typedef struct { int kerberos_ticket_cleanup; /* If true, destroy ticket * file on logout. */ #endif -#ifdef AFS - int kerberos_tgt_passing; /* If true, permit Kerberos tgt +#if defined(AFS) || defined(KRB5) + int kerberos_tgt_passing; /* If true, permit Kerberos TGT * passing. */ +#endif +#ifdef AFS int afs_token_passing; /* If true, permit AFS token passing. */ #endif int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ - int challenge_reponse_authentication; + int challenge_response_authentication; int permit_empty_passwd; /* If false, do not permit empty * passwords. */ int use_login; /* If true, login(1) is used */ @@ -114,31 +116,26 @@ typedef struct { int max_startups_rate; int max_startups; char *banner; /* SSH-2 banner message */ - int reverse_mapping_check; /* cross-check ip and dns */ + int verify_reverse_mapping; /* cross-check ip and dns */ int client_alive_interval; /* - * poke the client this often to - * see if it's still there + * poke the client this often to + * see if it's still there */ int client_alive_count_max; /* - *If the client is unresponsive - * for this many intervals, above - * diconnect the session + * If the client is unresponsive + * for this many intervals above, + * disconnect the session */ + char *authorized_keys_file; /* File containing public keys */ + char *authorized_keys_file2; + } ServerOptions; -/* - * Initializes the server options to special values that indicate that they - * have not yet been set. - */ -void initialize_server_options(ServerOptions * options); -/* - * Reads the server configuration file. This only sets the values for those - * options that have the special value indicating they have not been set. - */ -void read_server_config(ServerOptions * options, const char *filename); +void initialize_server_options(ServerOptions *); +void read_server_config(ServerOptions *, const char *); +void fill_default_server_options(ServerOptions *); +int process_server_config_line(ServerOptions *, char *, const char *, int); -/* Sets values for those values that have not yet been set. */ -void fill_default_server_options(ServerOptions * options); #endif /* SERVCONF_H */ diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c index 8bd2c000a061..5dd8a715ca95 100644 --- a/crypto/openssh/serverloop.c +++ b/crypto/openssh/serverloop.c @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". * * SSH2 support by Markus Friedl. - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: serverloop.c,v 1.61 2001/04/13 22:46:54 beck Exp $"); +RCSID("$OpenBSD: serverloop.c,v 1.98 2002/02/06 14:55:16 markus Exp $"); #include "xmalloc.h" #include "packet.h" @@ -59,6 +59,7 @@ extern ServerOptions options; /* XXX */ extern Kex *xxx_kex; +static Authctxt *xxx_authctxt; static Buffer stdin_buffer; /* Buffer for stdin data. */ static Buffer stdout_buffer; /* Buffer for stdout data. */ @@ -79,46 +80,71 @@ static int connection_in; /* Connection to client (input). */ static int connection_out; /* Connection to client (output). */ static int connection_closed = 0; /* Connection to client closed. */ static u_int buffer_high; /* "Soft" max buffer size. */ +static int client_alive_timeouts = 0; /* * This SIGCHLD kludge is used to detect when the child exits. The server * will exit after that, as soon as forwarded connections have terminated. */ -static pid_t child_pid; /* Pid of the child. */ -static volatile int child_terminated; /* The child has terminated. */ -static volatile int child_wait_status; /* Status from wait(). */ +static volatile sig_atomic_t child_terminated = 0; /* The child has terminated. */ -void server_init_dispatch(void); +/* prototypes */ +static void server_init_dispatch(void); -int client_alive_timeouts = 0; - -void -sigchld_handler(int sig) +/* + * we write to this pipe if a SIGCHLD is caught in order to avoid + * the race between select() and child_terminated + */ +static int notify_pipe[2]; +static void +notify_setup(void) { - int save_errno = errno; - pid_t wait_pid; - - debug("Received SIGCHLD."); - wait_pid = wait((int *) &child_wait_status); - if (wait_pid != -1) { - if (wait_pid != child_pid) - error("Strange, got SIGCHLD and wait returned pid %d but child is %d", - wait_pid, child_pid); - if (WIFEXITED(child_wait_status) || - WIFSIGNALED(child_wait_status)) - child_terminated = 1; + if (pipe(notify_pipe) < 0) { + error("pipe(notify_pipe) failed %s", strerror(errno)); + } else if ((fcntl(notify_pipe[0], F_SETFD, 1) == -1) || + (fcntl(notify_pipe[1], F_SETFD, 1) == -1)) { + error("fcntl(notify_pipe, F_SETFD) failed %s", strerror(errno)); + close(notify_pipe[0]); + close(notify_pipe[1]); + } else { + set_nonblock(notify_pipe[0]); + set_nonblock(notify_pipe[1]); + return; } - signal(SIGCHLD, sigchld_handler); - errno = save_errno; + notify_pipe[0] = -1; /* read end */ + notify_pipe[1] = -1; /* write end */ } -void -sigchld_handler2(int sig) +static void +notify_parent(void) +{ + if (notify_pipe[1] != -1) + write(notify_pipe[1], "", 1); +} +static void +notify_prepare(fd_set *readset) +{ + if (notify_pipe[0] != -1) + FD_SET(notify_pipe[0], readset); +} +static void +notify_done(fd_set *readset) +{ + char c; + + if (notify_pipe[0] != -1 && FD_ISSET(notify_pipe[0], readset)) + while (read(notify_pipe[0], &c, 1) != -1) + debug2("notify_done: reading"); +} + +static void +sigchld_handler(int sig) { int save_errno = errno; debug("Received SIGCHLD."); child_terminated = 1; - signal(SIGCHLD, sigchld_handler2); + signal(SIGCHLD, sigchld_handler); + notify_parent(); errno = save_errno; } @@ -126,7 +152,7 @@ sigchld_handler2(int sig) * Make packets from buffered stderr data, and buffer it for sending * to the client. */ -void +static void make_packets_from_stderr_data(void) { int len; @@ -155,7 +181,7 @@ make_packets_from_stderr_data(void) * Make packets from buffered stdout data, and buffer it for sending to the * client. */ -void +static void make_packets_from_stdout_data(void) { int len; @@ -180,44 +206,69 @@ make_packets_from_stdout_data(void) } } +static void +client_alive_check(void) +{ + static int had_channel = 0; + int id; + + id = channel_find_open(); + if (id == -1) { + if (!had_channel) + return; + packet_disconnect("No open channels after timeout!"); + } + had_channel = 1; + + /* timeout, check to see how many we have had */ + if (++client_alive_timeouts > options.client_alive_count_max) + packet_disconnect("Timeout, your session not responding."); + + /* + * send a bogus channel request with "wantreply", + * we should get back a failure + */ + channel_request_start(id, "keepalive@openssh.com", 1); + packet_send(); +} + /* * Sleep in select() until we can do something. This will initialize the * select masks. Upon return, the masks will indicate which descriptors * have data or can accept data. Optionally, a maximum time can be specified * for the duration of the wait (0 = infinite). */ -void +static void wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp, - u_int max_time_milliseconds) + int *nallocp, u_int max_time_milliseconds) { struct timeval tv, *tvp; int ret; int client_alive_scheduled = 0; /* - * if using client_alive, set the max timeout accordingly, + * if using client_alive, set the max timeout accordingly, * and indicate that this particular timeout was for client * alive by setting the client_alive_scheduled flag. * * this could be randomized somewhat to make traffic - * analysis more difficult, but we're not doing it yet. + * analysis more difficult, but we're not doing it yet. */ - if (max_time_milliseconds == 0 && options.client_alive_interval) { - client_alive_scheduled = 1; + if (compat20 && + max_time_milliseconds == 0 && options.client_alive_interval) { + client_alive_scheduled = 1; max_time_milliseconds = options.client_alive_interval * 1000; - } else - client_alive_scheduled = 0; - - /* When select fails we restart from here. */ -retry_select: + } /* Allocate and update select() masks for channel descriptors. */ - channel_prepare_select(readsetp, writesetp, maxfdp, 0); + channel_prepare_select(readsetp, writesetp, maxfdp, nallocp, 0); if (compat20) { +#if 0 /* wrong: bad condition XXX */ if (channel_not_very_much_buffered_data()) - FD_SET(connection_in, *readsetp); +#endif + FD_SET(connection_in, *readsetp); } else { /* * Read packets from the client unless we have too much @@ -243,6 +294,7 @@ retry_select: if (fdin != -1 && buffer_len(&stdin_buffer) > 0) FD_SET(fdin, *writesetp); } + notify_prepare(*readsetp); /* * If we have buffered packet data going to the client, mark that @@ -267,48 +319,28 @@ retry_select: tvp = &tv; } if (tvp!=NULL) - debug3("tvp!=NULL kid %d mili %d", child_terminated, max_time_milliseconds); + debug3("tvp!=NULL kid %d mili %d", (int) child_terminated, + max_time_milliseconds); /* Wait for something to happen, or the timeout to expire. */ ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); if (ret == -1) { + memset(*readsetp, 0, *nallocp); + memset(*writesetp, 0, *nallocp); if (errno != EINTR) error("select: %.100s", strerror(errno)); - else - goto retry_select; - } - if (ret == 0 && client_alive_scheduled) { - /* timeout, check to see how many we have had */ - client_alive_timeouts++; + } else if (ret == 0 && client_alive_scheduled) + client_alive_check(); - if (client_alive_timeouts > options.client_alive_count_max ) { - packet_disconnect( - "Timeout, your session not responding."); - } else { - /* - * send a bogus channel request with "wantreply" - * we should get back a failure - */ - int id; - - id = channel_find_open(); - if (id != -1) { - channel_request_start(id, - "keepalive@openssh.com", 1); - packet_send(); - } else - packet_disconnect( - "No open channels after timeout!"); - } - } + notify_done(*readsetp); } /* * Processes input from the client and the program. Input data is stored * in buffers and processed later. */ -void +static void process_input(fd_set * readset) { int len; @@ -364,31 +396,31 @@ process_input(fd_set * readset) /* * Sends data from internal buffers to client program stdin. */ -void +static void process_output(fd_set * writeset) { struct termios tio; + u_char *data; + u_int dlen; int len; /* Write buffered data to program stdin. */ if (!compat20 && fdin != -1 && FD_ISSET(fdin, writeset)) { - len = write(fdin, buffer_ptr(&stdin_buffer), - buffer_len(&stdin_buffer)); + data = buffer_ptr(&stdin_buffer); + dlen = buffer_len(&stdin_buffer); + len = write(fdin, data, dlen); if (len < 0 && (errno == EINTR || errno == EAGAIN)) { /* do nothing */ } else if (len <= 0) { -#ifdef USE_PIPES - close(fdin); -#else if (fdin != fdout) close(fdin); else shutdown(fdin, SHUT_WR); /* We will no longer send. */ -#endif fdin = -1; } else { /* Successful write. */ - if (fdin_is_tty && tcgetattr(fdin, &tio) == 0 && + if (fdin_is_tty && dlen >= 1 && data[0] != '\r' && + tcgetattr(fdin, &tio) == 0 && !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { /* * Simulate echo to reduce the impact of @@ -412,7 +444,7 @@ process_output(fd_set * writeset) * Wait until all buffered output has been sent to the client. * This is used when the program terminates. */ -void +static void drain_output(void) { /* Send any buffered stdout data to the client. */ @@ -437,7 +469,7 @@ drain_output(void) packet_write_wait(); } -void +static void process_buffered_input_packets(void) { dispatch_run(DISPATCH_NONBLOCK, NULL, compat20 ? xxx_kex : NULL); @@ -454,7 +486,7 @@ void server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) { fd_set *readset = NULL, *writeset = NULL; - int max_fd; + int max_fd = 0, nalloc = 0; int wait_status; /* Status returned by wait(). */ pid_t wait_pid; /* pid returned by wait(). */ int waiting_termination = 0; /* Have displayed waiting close message. */ @@ -466,7 +498,6 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) debug("Entering interactive session."); /* Initialize the SIGCHLD kludge. */ - child_pid = pid; child_terminated = 0; signal(SIGCHLD, sigchld_handler); @@ -488,6 +519,8 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) connection_in = packet_get_connection_in(); connection_out = packet_get_connection_out(); + notify_setup(); + previous_stdout_buffer_bytes = 0; /* Set approximate I/O buffer size. */ @@ -496,12 +529,14 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) else buffer_high = 64 * 1024; +#if 0 /* Initialize max_fd to the maximum of the known file descriptors. */ - max_fd = MAX(fdin, fdout); + max_fd = MAX(connection_in, connection_out); + max_fd = MAX(max_fd, fdin); + max_fd = MAX(max_fd, fdout); if (fderr != -1) max_fd = MAX(max_fd, fderr); - max_fd = MAX(max_fd, connection_in); - max_fd = MAX(max_fd, connection_out); +#endif /* Initialize Initialize buffers. */ buffer_init(&stdin_buffer); @@ -530,14 +565,10 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) * input data, cause a real eof by closing fdin. */ if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) { -#ifdef USE_PIPES - close(fdin); -#else if (fdin != fdout) close(fdin); else shutdown(fdin, SHUT_WR); /* We will no longer send. */ -#endif fdin = -1; } /* Make packets from buffered stderr data to send to the client. */ @@ -587,9 +618,15 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) xfree(cp); } } + max_fd = MAX(connection_in, connection_out); + max_fd = MAX(max_fd, fdin); + max_fd = MAX(max_fd, fdout); + max_fd = MAX(max_fd, fderr); + max_fd = MAX(max_fd, notify_pipe[0]); + /* Sleep in select() until we can do something. */ wait_until_can_do_something(&readset, &writeset, &max_fd, - max_time_milliseconds); + &nalloc, max_time_milliseconds); /* Process any channel events. */ channel_after_select(readset, writeset); @@ -611,7 +648,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) drain_output(); debug("End of interactive session; stdin %ld, stdout (read %ld, sent %ld), stderr %ld bytes.", - stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes); + stdin_bytes, fdout_bytes, stdout_bytes, stderr_bytes); /* Free and clear the buffers. */ buffer_free(&stdin_buffer); @@ -631,31 +668,18 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) close(fdin); fdin = -1; - /* Stop listening for channels; this removes unix domain sockets. */ - channel_stop_listening(); - - /* Wait for the child to exit. Get its exit status. */ - wait_pid = wait(&wait_status); - if (wait_pid == -1) { - /* - * It is possible that the wait was handled by SIGCHLD - * handler. This may result in either: this call - * returning with EINTR, or: this call returning ECHILD. - */ - if (child_terminated) - wait_status = child_wait_status; - else - packet_disconnect("wait: %.100s", strerror(errno)); - } else { - /* Check if it matches the process we forked. */ - if (wait_pid != pid) - error("Strange, wait returned pid %d, expected %d", - wait_pid, pid); - } + channel_free_all(); /* We no longer want our SIGCHLD handler to be called. */ signal(SIGCHLD, SIG_DFL); + wait_pid = waitpid(-1, &wait_status, 0); + if (wait_pid == -1) + packet_disconnect("wait: %.100s", strerror(errno)); + else if (wait_pid != pid) + error("Strange, wait returned pid %d, expected %d", + wait_pid, pid); + /* Check if it exited normally. */ if (WIFEXITED(wait_status)) { /* Yes, normal exit. Get exit status and send it to the client. */ @@ -673,8 +697,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) * the exit status. */ do { - int plen; - type = packet_read(&plen); + type = packet_read(); } while (type != SSH_CMSG_EXIT_CONFIRMATION); @@ -691,21 +714,44 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) /* NOTREACHED */ } +static void +collect_children(void) +{ + pid_t pid; + sigset_t oset, nset; + int status; + + /* block SIGCHLD while we check for dead children */ + sigemptyset(&nset); + sigaddset(&nset, SIGCHLD); + sigprocmask(SIG_BLOCK, &nset, &oset); + if (child_terminated) { + while ((pid = waitpid(-1, &status, WNOHANG)) > 0) + session_close_by_pid(pid, status); + child_terminated = 0; + } + sigprocmask(SIG_SETMASK, &oset, NULL); +} + void -server_loop2(void) +server_loop2(Authctxt *authctxt) { fd_set *readset = NULL, *writeset = NULL; - int rekeying = 0, max_fd, status; - pid_t pid; + int rekeying = 0, max_fd, nalloc = 0; debug("Entering interactive session for SSH2."); - signal(SIGCHLD, sigchld_handler2); + signal(SIGCHLD, sigchld_handler); child_terminated = 0; connection_in = packet_get_connection_in(); connection_out = packet_get_connection_out(); + notify_setup(); + max_fd = MAX(connection_in, connection_out); + max_fd = MAX(max_fd, notify_pipe[0]); + + xxx_authctxt = authctxt; server_init_dispatch(); @@ -717,12 +763,9 @@ server_loop2(void) if (!rekeying && packet_not_very_much_data_to_write()) channel_output_poll(); wait_until_can_do_something(&readset, &writeset, &max_fd, - rekeying); - if (child_terminated) { - while ((pid = waitpid(-1, &status, WNOHANG)) > 0) - session_close_by_pid(pid, status); - child_terminated = 0; - } + &nalloc, 0); + + collect_children(); if (!rekeying) channel_after_select(readset, writeset); process_input(readset); @@ -730,32 +773,35 @@ server_loop2(void) break; process_output(writeset); } + collect_children(); + if (readset) xfree(readset); if (writeset) xfree(writeset); - signal(SIGCHLD, SIG_DFL); - while ((pid = waitpid(-1, &status, WNOHANG)) > 0) - session_close_by_pid(pid, status); - channel_stop_listening(); + /* free all channels, no more reads and writes */ + channel_free_all(); + + /* free remaining sessions, e.g. remove wtmp entries */ + session_destroy_all(); } -void -server_input_channel_failure(int type, int plen, void *ctxt) +static void +server_input_channel_failure(int type, u_int32_t seq, void *ctxt) { debug("Got CHANNEL_FAILURE for keepalive"); - /* - * reset timeout, since we got a sane answer from the client. + /* + * reset timeout, since we got a sane answer from the client. * even if this was generated by something other than * the bogus CHANNEL_REQUEST we send for keepalives. */ - client_alive_timeouts = 0; + client_alive_timeouts = 0; } -void -server_input_stdin_data(int type, int plen, void *ctxt) +static void +server_input_stdin_data(int type, u_int32_t seq, void *ctxt) { char *data; u_int data_len; @@ -765,14 +811,14 @@ server_input_stdin_data(int type, int plen, void *ctxt) if (fdin == -1) return; data = packet_get_string(&data_len); - packet_integrity_check(plen, (4 + data_len), type); + packet_check_eom(); buffer_append(&stdin_buffer, data, data_len); memset(data, 0, data_len); xfree(data); } -void -server_input_eof(int type, int plen, void *ctxt) +static void +server_input_eof(int type, u_int32_t seq, void *ctxt) { /* * Eof from the client. The stdin descriptor to the @@ -780,12 +826,12 @@ server_input_eof(int type, int plen, void *ctxt) * drained. */ debug("EOF received for stdin."); - packet_integrity_check(plen, 0, type); + packet_check_eom(); stdin_eof = 1; } -void -server_input_window_size(int type, int plen, void *ctxt) +static void +server_input_window_size(int type, u_int32_t seq, void *ctxt) { int row = packet_get_int(); int col = packet_get_int(); @@ -793,15 +839,16 @@ server_input_window_size(int type, int plen, void *ctxt) int ypixel = packet_get_int(); debug("Window change received."); - packet_integrity_check(plen, 4 * 4, type); + packet_check_eom(); if (fdin != -1) pty_change_window_size(fdin, row, col, xpixel, ypixel); } -Channel * +static Channel * server_request_direct_tcpip(char *ctype) { - int sock, newch; + Channel *c; + int sock; char *target, *originator; int target_port, originator_port; @@ -809,7 +856,7 @@ server_request_direct_tcpip(char *ctype) target_port = packet_get_int(); originator = packet_get_string(NULL); originator_port = packet_get_int(); - packet_done(); + packet_check_eom(); debug("server_request_direct_tcpip: originator %s port %d, target %s port %d", originator, originator_port, target, target_port); @@ -820,42 +867,39 @@ server_request_direct_tcpip(char *ctype) xfree(originator); if (sock < 0) return NULL; - newch = channel_new(ctype, SSH_CHANNEL_CONNECTING, + c = channel_new(ctype, SSH_CHANNEL_CONNECTING, sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, xstrdup("direct-tcpip"), 1); - return (newch >= 0) ? channel_lookup(newch) : NULL; + return c; } -Channel * +static Channel * server_request_session(char *ctype) { - int newch; + Channel *c; debug("input_session_request"); - packet_done(); + packet_check_eom(); /* * A server session has no fd to read or write until a * CHANNEL_REQUEST for a shell is made, so we set the type to * SSH_CHANNEL_LARVAL. Additionally, a callback for handling all * CHANNEL_REQUEST messages is registered. */ - newch = channel_new(ctype, SSH_CHANNEL_LARVAL, - -1, -1, -1, 0, CHAN_SES_PACKET_DEFAULT, + c = channel_new(ctype, SSH_CHANNEL_LARVAL, + -1, -1, -1, /*window size*/0, CHAN_SES_PACKET_DEFAULT, 0, xstrdup("server-session"), 1); - if (session_open(newch) == 1) { - channel_register_callback(newch, SSH2_MSG_CHANNEL_REQUEST, - session_input_channel_req, (void *)0); - channel_register_cleanup(newch, session_close_by_channel); - return channel_lookup(newch); - } else { - debug("session open failed, free channel %d", newch); - channel_free(newch); + if (session_open(xxx_authctxt, c->self) != 1) { + debug("session open failed, free channel %d", c->self); + channel_free(c); + return NULL; } - return NULL; + channel_register_cleanup(c->self, session_close_by_channel); + return c; } -void -server_input_channel_open(int type, int plen, void *ctxt) +static void +server_input_channel_open(int type, u_int32_t seq, void *ctxt) { Channel *c = NULL; char *ctype; @@ -882,27 +926,30 @@ server_input_channel_open(int type, int plen, void *ctxt) c->remote_id = rchan; c->remote_window = rwindow; c->remote_maxpacket = rmaxpack; - - packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(c->remote_id); - packet_put_int(c->self); - packet_put_int(c->local_window); - packet_put_int(c->local_maxpacket); - packet_send(); + if (c->type != SSH_CHANNEL_CONNECTING) { + packet_start(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); + packet_put_int(c->remote_id); + packet_put_int(c->self); + packet_put_int(c->local_window); + packet_put_int(c->local_maxpacket); + packet_send(); + } } else { debug("server_input_channel_open: failure %s", ctype); packet_start(SSH2_MSG_CHANNEL_OPEN_FAILURE); packet_put_int(rchan); packet_put_int(SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED); - packet_put_cstring("bla bla"); - packet_put_cstring(""); + if (!(datafellows & SSH_BUG_OPENFAILURE)) { + packet_put_cstring("open failed"); + packet_put_cstring(""); + } packet_send(); } xfree(ctype); } -void -server_input_global_request(int type, int plen, void *ctxt) +static void +server_input_global_request(int type, u_int32_t seq, void *ctxt) { char *rtype; int want_reply; @@ -934,11 +981,8 @@ server_input_global_request(int type, int plen, void *ctxt) packet_send_debug("Server has disabled port forwarding."); } else { /* Start listening on the port */ - success = channel_request_forwarding( - listen_address, listen_port, - /*unspec host_to_connect*/ "<unspec host>", - /*unspec port_to_connect*/ 0, - options.gateway_ports, /*remote*/ 1); + success = channel_setup_remote_fwd_listener( + listen_address, listen_port, options.gateway_ports); } xfree(listen_address); } @@ -950,8 +994,35 @@ server_input_global_request(int type, int plen, void *ctxt) } xfree(rtype); } +static void +server_input_channel_req(int type, u_int32_t seq, void *ctxt) +{ + Channel *c; + int id, reply, success = 0; + char *rtype; -void + id = packet_get_int(); + rtype = packet_get_string(NULL); + reply = packet_get_char(); + + debug("server_input_channel_req: channel %d request %s reply %d", + id, rtype, reply); + + if ((c = channel_lookup(id)) == NULL) + packet_disconnect("server_input_channel_req: " + "unknown channel %d", id); + if (c->type == SSH_CHANNEL_LARVAL || c->type == SSH_CHANNEL_OPEN) + success = session_input_channel_req(c, rtype); + if (reply) { + packet_start(success ? + SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE); + packet_put_int(c->remote_id); + packet_send(); + } + xfree(rtype); +} + +static void server_init_dispatch_20(void) { debug("server_init_dispatch_20"); @@ -963,7 +1034,7 @@ server_init_dispatch_20(void) dispatch_set(SSH2_MSG_CHANNEL_OPEN, &server_input_channel_open); dispatch_set(SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, &channel_input_open_confirmation); dispatch_set(SSH2_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); - dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &channel_input_channel_request); + dispatch_set(SSH2_MSG_CHANNEL_REQUEST, &server_input_channel_req); dispatch_set(SSH2_MSG_CHANNEL_WINDOW_ADJUST, &channel_input_window_adjust); dispatch_set(SSH2_MSG_GLOBAL_REQUEST, &server_input_global_request); /* client_alive */ @@ -971,7 +1042,7 @@ server_init_dispatch_20(void) /* rekeying */ dispatch_set(SSH2_MSG_KEXINIT, &kex_input_kexinit); } -void +static void server_init_dispatch_13(void) { debug("server_init_dispatch_13"); @@ -986,7 +1057,7 @@ server_init_dispatch_13(void) dispatch_set(SSH_MSG_CHANNEL_OPEN_FAILURE, &channel_input_open_failure); dispatch_set(SSH_MSG_PORT_OPEN, &channel_input_port_open); } -void +static void server_init_dispatch_15(void) { server_init_dispatch_13(); @@ -994,7 +1065,7 @@ server_init_dispatch_15(void) dispatch_set(SSH_MSG_CHANNEL_CLOSE, &channel_input_ieof); dispatch_set(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION, &channel_input_oclose); } -void +static void server_init_dispatch(void) { if (compat20) @@ -1004,4 +1075,3 @@ server_init_dispatch(void) else server_init_dispatch_15(); } - diff --git a/crypto/openssh/serverloop.h b/crypto/openssh/serverloop.h index 652c1d9f8e5f..f419198d1ce7 100644 --- a/crypto/openssh/serverloop.h +++ b/crypto/openssh/serverloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.h,v 1.2 2001/01/29 01:58:17 niklas Exp $ */ +/* $OpenBSD: serverloop.h,v 1.5 2001/06/27 02:12:53 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -18,5 +18,10 @@ * (of the child program), and reads from stdout and stderr (of the child * program). */ -void server_loop(pid_t pid, int fdin, int fdout, int fderr); -void server_loop2(void); +#ifndef SERVERLOOP_H +#define SERVERLOOP_H + +void server_loop(pid_t, int, int, int); +void server_loop2(Authctxt *); + +#endif diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index ee513067f217..7a127583e87b 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -9,7 +9,7 @@ * called by a name other than "ssh" or "Secure Shell". * * SSH2 support by Markus Friedl. - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.74 2001/04/17 19:34:25 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.128 2002/02/16 00:51:44 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -46,7 +46,6 @@ RCSID("$OpenBSD: session.c,v 1.74 2001/04/17 19:34:25 markus Exp $"); #include "uidswap.h" #include "compat.h" #include "channels.h" -#include "nchan.h" #include "bufaux.h" #include "auth.h" #include "auth-options.h" @@ -65,7 +64,8 @@ typedef struct Session Session; struct Session { int used; int self; - struct passwd *pw; + struct passwd *pw; + Authctxt *authctxt; pid_t pid; /* tty */ char *term; @@ -73,8 +73,10 @@ struct Session { int row, col, xpixel, ypixel; char tty[TTYSZ]; /* X11 */ + int display_number; char *display; int screen; + char *auth_display; char *auth_proto; char *auth_data; int single_connection; @@ -86,18 +88,23 @@ struct Session { /* func */ Session *session_new(void); -void session_set_fds(Session *s, int fdin, int fdout, int fderr); -void session_pty_cleanup(Session *s); -void session_proctitle(Session *s); -void do_exec_pty(Session *s, const char *command); -void do_exec_no_pty(Session *s, const char *command); -void do_login(Session *s, const char *command); -void do_child(Session *s, const char *command); +void session_set_fds(Session *, int, int, int); +static void session_pty_cleanup(void *); +void session_proctitle(Session *); +int session_setup_x11fwd(Session *); +void do_exec_pty(Session *, const char *); +void do_exec_no_pty(Session *, const char *); +void do_exec(Session *, const char *); +void do_login(Session *, const char *); +void do_child(Session *, const char *); void do_motd(void); -int check_quietlogin(Session *s, const char *command); +int check_quietlogin(Session *, const char *); -void do_authenticated1(Authctxt *authctxt); -void do_authenticated2(Authctxt *authctxt); +static void do_authenticated1(Authctxt *); +static void do_authenticated2(Authctxt *); + +static void session_close(Session *); +static int session_pty_req(Session *); /* import */ extern ServerOptions options; @@ -108,11 +115,8 @@ extern u_int utmp_len; extern int startup_pipe; extern void destroy_sensitive_data(void); -/* Local Xauthority file. */ -static char *xauthfile; - /* original command from peer. */ -char *original_command = NULL; +const char *original_command = NULL; /* data */ #define MAX_SESSIONS 10 @@ -154,48 +158,18 @@ do_authenticated(Authctxt *authctxt) do_authenticated2(authctxt); else do_authenticated1(authctxt); -} - -/* - * Remove local Xauthority file. - */ -void -xauthfile_cleanup_proc(void *ignore) -{ - debug("xauthfile_cleanup_proc called"); - - if (xauthfile != NULL) { - char *p; - unlink(xauthfile); - p = strrchr(xauthfile, '/'); - if (p != NULL) { - *p = '\0'; - rmdir(xauthfile); - } - xfree(xauthfile); - xauthfile = NULL; - } -} -/* - * Function to perform cleanup if we get aborted abnormally (e.g., due to a - * dropped connection). - */ -void -pty_cleanup_proc(void *session) -{ - Session *s=session; - if (s == NULL) - fatal("pty_cleanup_proc: no session"); - debug("pty_cleanup_proc: %s", s->tty); - - if (s->pid != 0) { - /* Record that the user has logged out. */ - record_logout(s->pid, s->tty); - } - - /* Release the pseudo-tty. */ - pty_release(s->tty); + /* remove agent socket */ + if (auth_get_socket_name()) + auth_sock_cleanup_proc(authctxt->pw); +#ifdef KRB4 + if (options.kerberos_ticket_cleanup) + krb4_cleanup_proc(authctxt); +#endif +#ifdef KRB5 + if (options.kerberos_ticket_cleanup) + krb5_cleanup_proc(authctxt); +#endif } /* @@ -204,16 +178,17 @@ pty_cleanup_proc(void *session) * terminals are allocated, X11, TCP/IP, and authentication agent forwardings * are requested, etc. */ -void +static void do_authenticated1(Authctxt *authctxt) { Session *s; char *command; - int success, type, fd, n_bytes, plen, screen_flag, have_pty = 0; + int success, type, screen_flag; int compression_level = 0, enable_compression_after_reply = 0; u_int proto_len, data_len, dlen; s = session_new(); + s->authctxt = authctxt; s->pw = authctxt->pw; /* @@ -224,16 +199,16 @@ do_authenticated1(Authctxt *authctxt) success = 0; /* Get a packet from the client. */ - type = packet_read(&plen); + type = packet_read(); /* Process the packet. */ switch (type) { case SSH_CMSG_REQUEST_COMPRESSION: - packet_integrity_check(plen, 4, type); compression_level = packet_get_int(); + packet_check_eom(); if (compression_level < 1 || compression_level > 9) { packet_send_debug("Received illegal compression level %d.", - compression_level); + compression_level); break; } /* Enable compression after we have responded with SUCCESS. */ @@ -242,70 +217,10 @@ do_authenticated1(Authctxt *authctxt) break; case SSH_CMSG_REQUEST_PTY: - if (no_pty_flag) { - debug("Allocating a pty not permitted for this authentication."); - break; - } - if (have_pty) - packet_disconnect("Protocol error: you already have a pty."); - - debug("Allocating pty."); - - /* Allocate a pty and open it. */ - if (!pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, - sizeof(s->tty))) { - error("Failed to allocate pty."); - break; - } - fatal_add_cleanup(pty_cleanup_proc, (void *)s); - pty_setowner(s->pw, s->tty); - - /* Get TERM from the packet. Note that the value may be of arbitrary length. */ - s->term = packet_get_string(&dlen); - packet_integrity_check(dlen, strlen(s->term), type); - /* packet_integrity_check(plen, 4 + dlen + 4*4 + n_bytes, type); */ - /* Remaining bytes */ - n_bytes = plen - (4 + dlen + 4 * 4); - - if (strcmp(s->term, "") == 0) { - xfree(s->term); - s->term = NULL; - } - /* Get window size from the packet. */ - s->row = packet_get_int(); - s->col = packet_get_int(); - s->xpixel = packet_get_int(); - s->ypixel = packet_get_int(); - pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); - - /* Get tty modes from the packet. */ - tty_parse_modes(s->ttyfd, &n_bytes); - packet_integrity_check(plen, 4 + dlen + 4 * 4 + n_bytes, type); - - session_proctitle(s); - - /* Indicate that we now have a pty. */ - success = 1; - have_pty = 1; + success = session_pty_req(s); break; case SSH_CMSG_X11_REQUEST_FORWARDING: - if (!options.x11_forwarding) { - packet_send_debug("X11 forwarding disabled in server configuration file."); - break; - } - if (!options.xauth_location) { - packet_send_debug("No xauth program; cannot forward with spoofing."); - break; - } - if (no_x11_forwarding_flag) { - packet_send_debug("X11 forwarding not permitted for this authentication."); - break; - } - debug("Received request for X11 forwarding with auth spoofing."); - if (s->display != NULL) - packet_disconnect("Protocol error: X11 display already set."); - s->auth_proto = packet_get_string(&proto_len); s->auth_data = packet_get_string(&data_len); @@ -317,39 +232,18 @@ do_authenticated1(Authctxt *authctxt) if (!screen_flag) debug2("Buggy client: " "X11 screen flag missing"); - packet_integrity_check(plen, - 4 + proto_len + 4 + data_len + 4, type); s->screen = packet_get_int(); } else { - packet_integrity_check(plen, - 4 + proto_len + 4 + data_len, type); s->screen = 0; } - s->display = x11_create_display_inet(s->screen, options.x11_display_offset); - - if (s->display == NULL) - break; - - /* Setup to always have a local .Xauthority. */ - xauthfile = xmalloc(MAXPATHLEN); - strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); - temporarily_use_uid(s->pw); - if (mkdtemp(xauthfile) == NULL) { - restore_uid(); - error("private X11 dir: mkdtemp %s failed: %s", - xauthfile, strerror(errno)); - xfree(xauthfile); - xauthfile = NULL; - /* XXXX remove listening channels */ - break; + packet_check_eom(); + success = session_setup_x11fwd(s); + if (!success) { + xfree(s->auth_proto); + xfree(s->auth_data); + s->auth_proto = NULL; + s->auth_data = NULL; } - strlcat(xauthfile, "/cookies", MAXPATHLEN); - fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600); - if (fd >= 0) - close(fd); - restore_uid(); - fatal_add_cleanup(xauthfile_cleanup_proc, NULL); - success = 1; break; case SSH_CMSG_AGENT_REQUEST_FORWARDING: @@ -380,31 +274,70 @@ do_authenticated1(Authctxt *authctxt) success = 1; break; +#if defined(AFS) || defined(KRB5) + case SSH_CMSG_HAVE_KERBEROS_TGT: + if (!options.kerberos_tgt_passing) { + verbose("Kerberos TGT passing disabled."); + } else { + char *kdata = packet_get_string(&dlen); + packet_check_eom(); + + /* XXX - 0x41, see creds_to_radix version */ + if (kdata[0] != 0x41) { +#ifdef KRB5 + krb5_data tgt; + tgt.data = kdata; + tgt.length = dlen; + + if (auth_krb5_tgt(s->authctxt, &tgt)) + success = 1; + else + verbose("Kerberos v5 TGT refused for %.100s", s->authctxt->user); +#endif /* KRB5 */ + } else { +#ifdef AFS + if (auth_krb4_tgt(s->authctxt, kdata)) + success = 1; + else + verbose("Kerberos v4 TGT refused for %.100s", s->authctxt->user); +#endif /* AFS */ + } + xfree(kdata); + } + break; +#endif /* AFS || KRB5 */ + +#ifdef AFS + case SSH_CMSG_HAVE_AFS_TOKEN: + if (!options.afs_token_passing || !k_hasafs()) { + verbose("AFS token passing disabled."); + } else { + /* Accept AFS token. */ + char *token = packet_get_string(&dlen); + packet_check_eom(); + + if (auth_afs_token(s->authctxt, token)) + success = 1; + else + verbose("AFS token refused for %.100s", + s->authctxt->user); + xfree(token); + } + break; +#endif /* AFS */ + case SSH_CMSG_EXEC_SHELL: case SSH_CMSG_EXEC_CMD: if (type == SSH_CMSG_EXEC_CMD) { command = packet_get_string(&dlen); debug("Exec command '%.500s'", command); - packet_integrity_check(plen, 4 + dlen, type); + do_exec(s, command); + xfree(command); } else { - command = NULL; - packet_integrity_check(plen, 0, type); - } - if (forced_command != NULL) { - original_command = command; - command = forced_command; - debug("Forced command '%.500s'", forced_command); + do_exec(s, NULL); } - if (have_pty) - do_exec_pty(s, command); - else - do_exec_no_pty(s, command); - - if (command != NULL) - xfree(command); - /* Cleanup user's local Xauthority file. */ - if (xauthfile) - xauthfile_cleanup_proc(NULL); + packet_check_eom(); + session_close(s); return; default: @@ -563,26 +496,22 @@ do_exec_pty(Session *s, const char *command) /* Fork the child. */ if ((pid = fork()) == 0) { + /* Child. Reinitialize the log because the pid has changed. */ log_init(__progname, options.log_level, options.log_facility, log_stderr); - /* Close the master side of the pseudo tty. */ close(ptyfd); /* Make the pseudo tty our controlling tty. */ pty_make_controlling_tty(&ttyfd, s->tty); - /* Redirect stdin from the pseudo tty. */ - if (dup2(ttyfd, fileno(stdin)) < 0) - error("dup2 stdin failed: %.100s", strerror(errno)); - - /* Redirect stdout to the pseudo tty. */ - if (dup2(ttyfd, fileno(stdout)) < 0) - error("dup2 stdin failed: %.100s", strerror(errno)); - - /* Redirect stderr to the pseudo tty. */ - if (dup2(ttyfd, fileno(stderr)) < 0) - error("dup2 stdin failed: %.100s", strerror(errno)); + /* Redirect stdin/stdout/stderr from the pseudo tty. */ + if (dup2(ttyfd, 0) < 0) + error("dup2 stdin: %s", strerror(errno)); + if (dup2(ttyfd, 1) < 0) + error("dup2 stdout: %s", strerror(errno)); + if (dup2(ttyfd, 2) < 0) + error("dup2 stderr: %s", strerror(errno)); /* Close the extra descriptor for the pseudo tty. */ close(ttyfd); @@ -624,10 +553,31 @@ do_exec_pty(Session *s, const char *command) } else { server_loop(pid, ptyfd, fdout, -1); /* server_loop _has_ closed ptyfd and fdout. */ - session_pty_cleanup(s); } } +/* + * This is called to fork and execute a command. If another command is + * to be forced, execute that instead. + */ +void +do_exec(Session *s, const char *command) +{ + if (forced_command) { + original_command = command; + command = forced_command; + debug("Forced command '%.900s'", command); + } + + if (s->ttyfd != -1) + do_exec_pty(s, command); + else + do_exec_no_pty(s, command); + + original_command = NULL; +} + + /* administrative, login(1)-like work */ void do_login(Session *s, const char *command) @@ -648,7 +598,7 @@ do_login(Session *s, const char *command) if (packet_connection_is_on_socket()) { fromlen = sizeof(from); if (getpeername(packet_get_connection_in(), - (struct sockaddr *) & from, &fromlen) < 0) { + (struct sockaddr *) & from, &fromlen) < 0) { debug("getpeername: %.100s", strerror(errno)); fatal_cleanup(); } @@ -663,7 +613,7 @@ do_login(Session *s, const char *command) /* Record that there was a login on that tty from the remote host. */ record_login(pid, s->tty, pw->pw_name, pw->pw_uid, - get_remote_name_or_ip(utmp_len, options.reverse_mapping_check), + get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping), (struct sockaddr *)&from); if (check_quietlogin(s, command)) @@ -714,7 +664,7 @@ int check_quietlogin(Session *s, const char *command) { char buf[256]; - struct passwd * pw = s->pw; + struct passwd *pw = s->pw; struct stat st; /* Return 1 if .hushlogin exists or a command given. */ @@ -735,9 +685,9 @@ check_quietlogin(Session *s, const char *command) * Sets the value of the given variable in the environment. If the variable * already exists, its value is overriden. */ -void +static void child_set_env(char ***envp, u_int *envsizep, const char *name, - const char *value) + const char *value) { u_int i, namelen; char **env; @@ -776,9 +726,9 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, * Otherwise, it must consist of empty lines, comments (line starts with '#') * and assignments of the form name=value. No other forms are allowed. */ -void +static void read_environment_file(char ***env, u_int *envsize, - const char *filename) + const char *filename) { FILE *f; char buf[4096]; @@ -811,102 +761,13 @@ read_environment_file(char ***env, u_int *envsize, fclose(f); } -/* - * Performs common processing for the child, such as setting up the - * environment, closing extra file descriptors, setting the user and group - * ids, and executing the command or shell. - */ -void -do_child(Session *s, const char *command) +static char ** +do_setup_env(Session *s, const char *shell) { - const char *shell, *hostname = NULL, *cp = NULL; - struct passwd * pw = s->pw; char buf[256]; - char cmd[1024]; - FILE *f = NULL; - u_int envsize, i; + u_int i, envsize; char **env; - extern char **environ; - struct stat st; - char *argv[10]; - int do_xauth = s->auth_proto != NULL && s->auth_data != NULL; - - /* remove hostkey from the child's memory */ - destroy_sensitive_data(); - - /* login(1) is only called if we execute the login shell */ - if (options.use_login && command != NULL) - options.use_login = 0; - - if (!options.use_login) { -#ifdef HAVE_LOGIN_CAP - if (!login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid) - f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN, - _PATH_NOLOGIN), "r"); -#else - if (pw->pw_uid) - f = fopen(_PATH_NOLOGIN, "r"); -#endif - if (f) { - /* /etc/nologin exists. Print its contents and exit. */ - while (fgets(buf, sizeof(buf), f)) - fputs(buf, stderr); - fclose(f); - exit(254); - } - } - /* Set login name, uid, gid, and groups. */ - /* Login(1) does this as well, and it needs uid 0 for the "-h" - switch, so we let login(1) to this for us. */ - if (!options.use_login) { - if (getuid() == 0 || geteuid() == 0) { -#ifdef HAVE_LOGIN_CAP - if (setusercontext(lc, pw, pw->pw_uid, - (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { - perror("unable to set user context"); - exit(1); - } -#else - if (setlogin(pw->pw_name) < 0) - error("setlogin failed: %s", strerror(errno)); - if (setgid(pw->pw_gid) < 0) { - perror("setgid"); - exit(1); - } - /* Initialize the group list. */ - if (initgroups(pw->pw_name, pw->pw_gid) < 0) { - perror("initgroups"); - exit(1); - } - endgrent(); - - /* Permanently switch to the desired uid. */ - permanently_set_uid(pw); -#endif - } - if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) - fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); - } - /* - * Get the shell from the password data. An empty shell field is - * legal, and means /bin/sh. - */ - shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; -#ifdef HAVE_LOGIN_CAP - shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); -#endif - -#ifdef AFS - /* Try to get AFS tokens for the local cell. */ - if (k_hasafs()) { - char cell[64]; - - if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - - krb_afslog(0, 0); - } -#endif /* AFS */ + struct passwd *pw = s->pw; /* Initialize the environment. */ envsize = 100; @@ -936,22 +797,25 @@ do_child(Session *s, const char *command) child_set_env(&env, &envsize, "TZ", getenv("TZ")); /* Set custom environment options from RSA authentication. */ - while (custom_environment) { - struct envstring *ce = custom_environment; - char *s = ce->s; - int i; - for (i = 0; s[i] != '=' && s[i]; i++); - if (s[i] == '=') { - s[i] = 0; - child_set_env(&env, &envsize, s, s + i + 1); + if (!options.use_login) { + while (custom_environment) { + struct envstring *ce = custom_environment; + char *s = ce->s; + + for (i = 0; s[i] != '=' && s[i]; i++) + ; + if (s[i] == '=') { + s[i] = 0; + child_set_env(&env, &envsize, s, s + i + 1); + } + custom_environment = ce->next; + xfree(ce->s); + xfree(ce); } - custom_environment = ce->next; - xfree(ce->s); - xfree(ce); } snprintf(buf, sizeof buf, "%.50s %d %d", - get_remote_ipaddr(), get_remote_port(), get_local_port()); + get_remote_ipaddr(), get_remote_port(), get_local_port()); child_set_env(&env, &envsize, "SSH_CLIENT", buf); if (s->ttyfd != -1) @@ -963,21 +827,19 @@ do_child(Session *s, const char *command) if (original_command) child_set_env(&env, &envsize, "SSH_ORIGINAL_COMMAND", original_command); - #ifdef KRB4 - { - extern char *ticket; - - if (ticket) - child_set_env(&env, &envsize, "KRBTKFILE", ticket); - } -#endif /* KRB4 */ - - if (xauthfile) - child_set_env(&env, &envsize, "XAUTHORITY", xauthfile); + if (s->authctxt->krb4_ticket_file) + child_set_env(&env, &envsize, "KRBTKFILE", + s->authctxt->krb4_ticket_file); +#endif +#ifdef KRB5 + if (s->authctxt->krb5_ticket_file) + child_set_env(&env, &envsize, "KRB5CCNAME", + s->authctxt->krb5_ticket_file); +#endif if (auth_get_socket_name() != NULL) child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME, - auth_get_socket_name()); + auth_get_socket_name()); /* read $HOME/.ssh/environment. */ if (!options.use_login) { @@ -991,10 +853,178 @@ do_child(Session *s, const char *command) for (i = 0; env[i]; i++) fprintf(stderr, " %.200s\n", env[i]); } + return env; +} + +/* + * Run $HOME/.ssh/rc, /etc/ssh/sshrc, or xauth (whichever is found + * first in this order). + */ +static void +do_rc_files(Session *s, const char *shell) +{ + FILE *f = NULL; + char cmd[1024]; + int do_xauth; + struct stat st; + + do_xauth = + s->display != NULL && s->auth_proto != NULL && s->auth_data != NULL; + + /* ignore _PATH_SSH_USER_RC for subsystems */ + if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { + snprintf(cmd, sizeof cmd, "%s -c '%s %s'", + shell, _PATH_BSHELL, _PATH_SSH_USER_RC); + if (debug_flag) + fprintf(stderr, "Running %s\n", cmd); + f = popen(cmd, "w"); + if (f) { + if (do_xauth) + fprintf(f, "%s %s\n", s->auth_proto, + s->auth_data); + pclose(f); + } else + fprintf(stderr, "Could not run %s\n", + _PATH_SSH_USER_RC); + } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) { + if (debug_flag) + fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, + _PATH_SSH_SYSTEM_RC); + f = popen(_PATH_BSHELL " " _PATH_SSH_SYSTEM_RC, "w"); + if (f) { + if (do_xauth) + fprintf(f, "%s %s\n", s->auth_proto, + s->auth_data); + pclose(f); + } else + fprintf(stderr, "Could not run %s\n", + _PATH_SSH_SYSTEM_RC); + } else if (do_xauth && options.xauth_location != NULL) { + /* Add authority data to .Xauthority if appropriate. */ + if (debug_flag) { + fprintf(stderr, + "Running %.100s add " + "%.100s %.100s %.100s\n", + options.xauth_location, s->auth_display, + s->auth_proto, s->auth_data); + } + snprintf(cmd, sizeof cmd, "%s -q -", + options.xauth_location); + f = popen(cmd, "w"); + if (f) { + fprintf(f, "add %s %s %s\n", + s->auth_display, s->auth_proto, + s->auth_data); + pclose(f); + } else { + fprintf(stderr, "Could not run %s\n", + cmd); + } + } +} + +static void +do_nologin(struct passwd *pw) +{ + FILE *f = NULL; + char buf[1024]; + +#ifdef HAVE_LOGIN_CAP + if (!login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid) + f = fopen(login_getcapstr(lc, "nologin", _PATH_NOLOGIN, + _PATH_NOLOGIN), "r"); +#else + if (pw->pw_uid) + f = fopen(_PATH_NOLOGIN, "r"); +#endif + if (f) { + /* /etc/nologin exists. Print its contents and exit. */ + while (fgets(buf, sizeof(buf), f)) + fputs(buf, stderr); + fclose(f); + exit(254); + } +} + +/* Set login name, uid, gid, and groups. */ +static void +do_setusercontext(struct passwd *pw) +{ + if (getuid() == 0 || geteuid() == 0) { +#ifdef HAVE_LOGIN_CAP + if (setusercontext(lc, pw, pw->pw_uid, + (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) { + perror("unable to set user context"); + exit(1); + } +#else + if (setlogin(pw->pw_name) < 0) + error("setlogin failed: %s", strerror(errno)); + if (setgid(pw->pw_gid) < 0) { + perror("setgid"); + exit(1); + } + /* Initialize the group list. */ + if (initgroups(pw->pw_name, pw->pw_gid) < 0) { + perror("initgroups"); + exit(1); + } + endgrent(); + + /* Permanently switch to the desired uid. */ + permanently_set_uid(pw); +#endif + } + if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) + fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); +} + +/* + * Performs common processing for the child, such as setting up the + * environment, closing extra file descriptors, setting the user and group + * ids, and executing the command or shell. + */ +void +do_child(Session *s, const char *command) +{ + extern char **environ; + char **env; + char *argv[10]; + const char *shell, *shell0, *hostname = NULL; + struct passwd *pw = s->pw; + u_int i; + + /* remove hostkey from the child's memory */ + destroy_sensitive_data(); + + /* login(1) is only called if we execute the login shell */ + if (options.use_login && command != NULL) + options.use_login = 0; + + /* + * Login(1) does this as well, and it needs uid 0 for the "-h" + * switch, so we let login(1) to this for us. + */ + if (!options.use_login) { + do_nologin(pw); + do_setusercontext(pw); + } + + /* + * Get the shell from the password data. An empty shell field is + * legal, and means /bin/sh. + */ + shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell; +#ifdef HAVE_LOGIN_CAP + shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); +#endif + + env = do_setup_env(s, shell); + /* we have to stash the hostname before we close our socket. */ if (options.use_login) hostname = get_remote_name_or_ip(utmp_len, - options.reverse_mapping_check); + options.verify_reverse_mapping); /* * Close the connection descriptors; note that this is the child, and * the server will still have the socket open, and it is important @@ -1030,159 +1060,90 @@ do_child(Session *s, const char *command) for (i = 3; i < 64; i++) close(i); + /* + * Must take new environment into use so that .ssh/rc, + * /etc/ssh/sshrc and xauth are run in the proper environment. + */ + environ = env; + +#ifdef AFS + /* Try to get AFS tokens for the local cell. */ + if (k_hasafs()) { + char cell[64]; + + if (k_afs_cell_of_file(pw->pw_dir, cell, sizeof(cell)) == 0) + krb_afslog(cell, 0); + + krb_afslog(0, 0); + } +#endif /* AFS */ + /* Change current directory to the user\'s home directory. */ if (chdir(pw->pw_dir) < 0) { fprintf(stderr, "Could not chdir to home directory %s: %s\n", - pw->pw_dir, strerror(errno)); + pw->pw_dir, strerror(errno)); #ifdef HAVE_LOGIN_CAP if (login_getcapbool(lc, "requirehome", 0)) exit(1); #endif } - /* - * Must take new environment into use so that .ssh/rc, /etc/sshrc and - * xauth are run in the proper environment. - */ - environ = env; - - /* - * Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first - * in this order). - */ - if (!options.use_login) { - /* ignore _PATH_SSH_USER_RC for subsystems */ - if (!s->is_subsystem && (stat(_PATH_SSH_USER_RC, &st) >= 0)) { - if (debug_flag) - fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, - _PATH_SSH_USER_RC); - f = popen(_PATH_BSHELL " " _PATH_SSH_USER_RC, "w"); - if (f) { - if (do_xauth) - fprintf(f, "%s %s\n", s->auth_proto, - s->auth_data); - pclose(f); - } else - fprintf(stderr, "Could not run %s\n", - _PATH_SSH_USER_RC); - } else if (stat(_PATH_SSH_SYSTEM_RC, &st) >= 0) { - if (debug_flag) - fprintf(stderr, "Running %s %s\n", _PATH_BSHELL, - _PATH_SSH_SYSTEM_RC); - f = popen(_PATH_BSHELL " " _PATH_SSH_SYSTEM_RC, "w"); - if (f) { - if (do_xauth) - fprintf(f, "%s %s\n", s->auth_proto, - s->auth_data); - pclose(f); - } else - fprintf(stderr, "Could not run %s\n", - _PATH_SSH_SYSTEM_RC); - } else if (do_xauth && options.xauth_location != NULL) { - /* Add authority data to .Xauthority if appropriate. */ - char *screen = strchr(s->display, ':'); - - if (debug_flag) { - fprintf(stderr, - "Running %.100s add " - "%.100s %.100s %.100s\n", - options.xauth_location, s->display, - s->auth_proto, s->auth_data); - if (screen != NULL) - fprintf(stderr, - "Adding %.*s/unix%s %s %s\n", - (int)(screen - s->display), - s->display, screen, - s->auth_proto, s->auth_data); - } - snprintf(cmd, sizeof cmd, "%s -q -", - options.xauth_location); - f = popen(cmd, "w"); - if (f) { - fprintf(f, "add %s %s %s\n", s->display, - s->auth_proto, s->auth_data); - if (screen != NULL) - fprintf(f, "add %.*s/unix%s %s %s\n", - (int)(screen - s->display), - s->display, screen, - s->auth_proto, - s->auth_data); - pclose(f); - } else { - fprintf(stderr, "Could not run %s\n", - cmd); - } - } - /* Get the last component of the shell name. */ - cp = strrchr(shell, '/'); - if (cp) - cp++; - else - cp = shell; - } + if (!options.use_login) + do_rc_files(s, shell); /* restore SIGPIPE for child */ signal(SIGPIPE, SIG_DFL); + if (options.use_login) { + /* Launch login(1). */ + + execl("/usr/bin/login", "login", "-h", hostname, + "-p", "-f", "--", pw->pw_name, (char *)NULL); + + /* Login couldn't be executed, die. */ + + perror("login"); + exit(1); + } + + /* Get the last component of the shell name. */ + if ((shell0 = strrchr(shell, '/')) != NULL) + shell0++; + else + shell0 = shell; + /* * If we have no command, execute the shell. In this case, the shell * name to be passed in argv[0] is preceded by '-' to indicate that * this is a login shell. */ if (!command) { - if (!options.use_login) { - char buf[256]; - - /* - * Check for mail if we have a tty and it was enabled - * in server options. - */ - if (s->ttyfd != -1 && options.check_mail) { - char *mailbox; - struct stat mailstat; - - mailbox = getenv("MAIL"); - if (mailbox != NULL) { - if (stat(mailbox, &mailstat) != 0 || - mailstat.st_size == 0) - printf("No mail.\n"); - else if (mailstat.st_mtime < mailstat.st_atime) - printf("You have mail.\n"); - else - printf("You have new mail.\n"); - } - } - /* Start the shell. Set initial character to '-'. */ - buf[0] = '-'; - strncpy(buf + 1, cp, sizeof(buf) - 1); - buf[sizeof(buf) - 1] = 0; + char argv0[256]; - /* Execute the shell. */ - argv[0] = buf; - argv[1] = NULL; - execve(shell, argv, env); + /* Start the shell. Set initial character to '-'. */ + argv0[0] = '-'; - /* Executing the shell failed. */ + if (strlcpy(argv0 + 1, shell0, sizeof(argv0) - 1) + >= sizeof(argv0) - 1) { + errno = EINVAL; perror(shell); exit(1); + } - } else { - /* Launch login(1). */ - - execl("/usr/bin/login", "login", "-h", hostname, - "-p", "-f", "--", pw->pw_name, NULL); - - /* Login couldn't be executed, die. */ + /* Execute the shell. */ + argv[0] = argv0; + argv[1] = NULL; + execve(shell, argv, env); - perror("login"); - exit(1); - } + /* Executing the shell failed. */ + perror(shell); + exit(1); } /* * Execute the command using the user's shell. This uses the -c * option to execute the command. */ - argv[0] = (char *) cp; + argv[0] = (char *) shell0; argv[1] = "-c"; argv[2] = (char *) command; argv[3] = NULL; @@ -1198,13 +1159,12 @@ session_new(void) static int did_init = 0; if (!did_init) { debug("session_new: init"); - for(i = 0; i < MAX_SESSIONS; i++) { + for (i = 0; i < MAX_SESSIONS; i++) { sessions[i].used = 0; - sessions[i].self = i; } did_init = 1; } - for(i = 0; i < MAX_SESSIONS; i++) { + for (i = 0; i < MAX_SESSIONS; i++) { Session *s = &sessions[i]; if (! s->used) { memset(s, 0, sizeof(*s)); @@ -1212,6 +1172,7 @@ session_new(void) s->ptyfd = -1; s->ttyfd = -1; s->used = 1; + s->self = i; debug("session_new: session %d", i); return s; } @@ -1219,11 +1180,11 @@ session_new(void) return NULL; } -void +static void session_dump(void) { int i; - for(i = 0; i < MAX_SESSIONS; i++) { + for (i = 0; i < MAX_SESSIONS; i++) { Session *s = &sessions[i]; debug("dump: used %d session %d %p channel %d pid %d", s->used, @@ -1235,7 +1196,7 @@ session_dump(void) } int -session_open(int chanid) +session_open(Authctxt *authctxt, int chanid) { Session *s = session_new(); debug("session_open: channel %d", chanid); @@ -1243,7 +1204,8 @@ session_open(int chanid) error("no more sessions"); return 0; } - s->pw = auth_get_user(); + s->authctxt = authctxt; + s->pw = authctxt->pw; if (s->pw == NULL) fatal("no user for session %d", s->self); debug("session_open: session %d: link with channel %d", s->self, chanid); @@ -1251,11 +1213,11 @@ session_open(int chanid) return 1; } -Session * +static Session * session_by_channel(int id) { int i; - for(i = 0; i < MAX_SESSIONS; i++) { + for (i = 0; i < MAX_SESSIONS; i++) { Session *s = &sessions[i]; if (s->used && s->chanid == id) { debug("session_by_channel: session %d channel %d", i, id); @@ -1267,12 +1229,12 @@ session_by_channel(int id) return NULL; } -Session * +static Session * session_by_pid(pid_t pid) { int i; debug("session_by_pid: pid %d", pid); - for(i = 0; i < MAX_SESSIONS; i++) { + for (i = 0; i < MAX_SESSIONS; i++) { Session *s = &sessions[i]; if (s->used && s->pid == pid) return s; @@ -1282,31 +1244,42 @@ session_by_pid(pid_t pid) return NULL; } -int +static int session_window_change_req(Session *s) { s->col = packet_get_int(); s->row = packet_get_int(); s->xpixel = packet_get_int(); s->ypixel = packet_get_int(); - packet_done(); + packet_check_eom(); pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); return 1; } -int +static int session_pty_req(Session *s) { u_int len; int n_bytes; - if (no_pty_flag) + if (no_pty_flag) { + debug("Allocating a pty not permitted for this authentication."); return 0; - if (s->ttyfd != -1) + } + if (s->ttyfd != -1) { + packet_disconnect("Protocol error: you already have a pty."); return 0; + } + s->term = packet_get_string(&len); - s->col = packet_get_int(); - s->row = packet_get_int(); + + if (compat20) { + s->col = packet_get_int(); + s->row = packet_get_int(); + } else { + s->row = packet_get_int(); + s->col = packet_get_int(); + } s->xpixel = packet_get_int(); s->ypixel = packet_get_int(); @@ -1314,9 +1287,12 @@ session_pty_req(Session *s) xfree(s->term); s->term = NULL; } + /* Allocate a pty and open it. */ + debug("Allocating pty."); if (!pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty))) { - xfree(s->term); + if (s->term) + xfree(s->term); s->term = NULL; s->ptyfd = -1; s->ttyfd = -1; @@ -1324,145 +1300,108 @@ session_pty_req(Session *s) return 0; } debug("session_pty_req: session %d alloc %s", s->self, s->tty); + + /* for SSH1 the tty modes length is not given */ + if (!compat20) + n_bytes = packet_remaining(); + tty_parse_modes(s->ttyfd, &n_bytes); + /* * Add a cleanup function to clear the utmp entry and record logout * time in case we call fatal() (e.g., the connection gets closed). */ - fatal_add_cleanup(pty_cleanup_proc, (void *)s); + fatal_add_cleanup(session_pty_cleanup, (void *)s); pty_setowner(s->pw, s->tty); - /* Get window size from the packet. */ - pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); - /* Get tty modes from the packet. */ - tty_parse_modes(s->ttyfd, &n_bytes); - packet_done(); + /* Set window size from the packet. */ + pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); + packet_check_eom(); session_proctitle(s); - return 1; } -int +static int session_subsystem_req(Session *s) { + struct stat st; u_int len; int success = 0; - char *subsys = packet_get_string(&len); + char *cmd, *subsys = packet_get_string(&len); int i; - packet_done(); - log("subsystem request for %s", subsys); + packet_check_eom(); + log("subsystem request for %.100s", subsys); for (i = 0; i < options.num_subsystems; i++) { - if(strcmp(subsys, options.subsystem_name[i]) == 0) { - debug("subsystem: exec() %s", options.subsystem_command[i]); + if (strcmp(subsys, options.subsystem_name[i]) == 0) { + cmd = options.subsystem_command[i]; + if (stat(cmd, &st) < 0) { + error("subsystem: cannot stat %s: %s", cmd, + strerror(errno)); + break; + } + debug("subsystem: exec() %s", cmd); s->is_subsystem = 1; - do_exec_no_pty(s, options.subsystem_command[i]); + do_exec(s, cmd); success = 1; + break; } } if (!success) - log("subsystem request for %s failed, subsystem not found", subsys); + log("subsystem request for %.100s failed, subsystem not found", + subsys); xfree(subsys); return success; } -int +static int session_x11_req(Session *s) { - int fd; - if (no_x11_forwarding_flag) { - debug("X11 forwarding disabled in user configuration file."); - return 0; - } - if (!options.x11_forwarding) { - debug("X11 forwarding disabled in server configuration file."); - return 0; - } - if (xauthfile != NULL) { - debug("X11 fwd already started."); - return 0; - } - - debug("Received request for X11 forwarding with auth spoofing."); - if (s->display != NULL) - packet_disconnect("Protocol error: X11 display already set."); + int success; s->single_connection = packet_get_char(); s->auth_proto = packet_get_string(NULL); s->auth_data = packet_get_string(NULL); s->screen = packet_get_int(); - packet_done(); + packet_check_eom(); - s->display = x11_create_display_inet(s->screen, options.x11_display_offset); - if (s->display == NULL) { - xfree(s->auth_proto); - xfree(s->auth_data); - return 0; - } - xauthfile = xmalloc(MAXPATHLEN); - strlcpy(xauthfile, "/tmp/ssh-XXXXXXXX", MAXPATHLEN); - temporarily_use_uid(s->pw); - if (mkdtemp(xauthfile) == NULL) { - restore_uid(); - error("private X11 dir: mkdtemp %s failed: %s", - xauthfile, strerror(errno)); - xfree(xauthfile); - xauthfile = NULL; + success = session_setup_x11fwd(s); + if (!success) { xfree(s->auth_proto); xfree(s->auth_data); - /* XXXX remove listening channels */ - return 0; + s->auth_proto = NULL; + s->auth_data = NULL; } - strlcat(xauthfile, "/cookies", MAXPATHLEN); - fd = open(xauthfile, O_RDWR|O_CREAT|O_EXCL, 0600); - if (fd >= 0) - close(fd); - restore_uid(); - fatal_add_cleanup(xauthfile_cleanup_proc, s); - return 1; + return success; } -int +static int session_shell_req(Session *s) { - /* if forced_command == NULL, the shell is execed */ - char *shell = forced_command; - packet_done(); - if (s->ttyfd == -1) - do_exec_no_pty(s, shell); - else - do_exec_pty(s, shell); + packet_check_eom(); + do_exec(s, NULL); return 1; } -int +static int session_exec_req(Session *s) { u_int len; char *command = packet_get_string(&len); - packet_done(); - if (forced_command) { - original_command = command; - command = forced_command; - debug("Forced command '%.500s'", forced_command); - } - if (s->ttyfd == -1) - do_exec_no_pty(s, command); - else - do_exec_pty(s, command); - if (forced_command == NULL) - xfree(command); + packet_check_eom(); + do_exec(s, command); + xfree(command); return 1; } -int +static int session_auth_agent_req(Session *s) { static int called = 0; - packet_done(); + packet_check_eom(); if (no_agent_forwarding_flag) { debug("session_auth_agent_req: no_agent_forwarding_flag"); return 0; @@ -1475,28 +1414,18 @@ session_auth_agent_req(Session *s) } } -void -session_input_channel_req(int id, void *arg) +int +session_input_channel_req(Channel *c, const char *rtype) { - u_int len; - int reply; int success = 0; - char *rtype; Session *s; - Channel *c; - - rtype = packet_get_string(&len); - reply = packet_get_char(); - s = session_by_channel(id); - if (s == NULL) - fatal("session_input_channel_req: channel %d: no session", id); - c = channel_lookup(id); - if (c == NULL) - fatal("session_input_channel_req: channel %d: bad channel", id); - - debug("session_input_channel_req: session %d channel %d request %s reply %d", - s->self, id, rtype, reply); + if ((s = session_by_channel(c->self)) == NULL) { + log("session_input_channel_req: no session %d req %.100s", + c->self, rtype); + return 0; + } + debug("session_input_channel_req: session %d req %s", s->self, rtype); /* * a session is in LARVAL state until a shell, a command @@ -1520,14 +1449,7 @@ session_input_channel_req(int id, void *arg) if (strcmp(rtype, "window-change") == 0) { success = session_window_change_req(s); } - - if (reply) { - packet_start(success ? - SSH2_MSG_CHANNEL_SUCCESS : SSH2_MSG_CHANNEL_FAILURE); - packet_put_int(c->remote_id); - packet_send(); - } - xfree(rtype); + return success; } void @@ -1544,22 +1466,31 @@ session_set_fds(Session *s, int fdin, int fdout, int fderr) channel_set_fds(s->chanid, fdout, fdin, fderr, fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, - 1); + 1, + CHAN_SES_WINDOW_DEFAULT); } -void -session_pty_cleanup(Session *s) +/* + * Function to perform pty cleanup. Also called if we get aborted abnormally + * (e.g., due to a dropped connection). + */ +static void +session_pty_cleanup(void *session) { - if (s == NULL || s->ttyfd == -1) + Session *s = session; + + if (s == NULL) { + error("session_pty_cleanup: no session"); + return; + } + if (s->ttyfd == -1) return; debug("session_pty_cleanup: session %d release %s", s->self, s->tty); - /* Cancel the cleanup function. */ - fatal_remove_cleanup(pty_cleanup_proc, (void *)s); - /* Record that the user has logged out. */ - record_logout(s->pid, s->tty); + if (s->pid != 0) + record_logout(s->pid, s->tty); /* Release the pseudo-tty. */ pty_release(s->tty); @@ -1571,29 +1502,28 @@ session_pty_cleanup(Session *s) */ if (close(s->ptymaster) < 0) error("close(s->ptymaster): %s", strerror(errno)); + + /* unlink pty from session */ + s->ttyfd = -1; } -void +static void session_exit_message(Session *s, int status) { Channel *c; - if (s == NULL) - fatal("session_close: no session"); - c = channel_lookup(s->chanid); - if (c == NULL) - fatal("session_close: session %d: no channel %d", + + if ((c = channel_lookup(s->chanid)) == NULL) + fatal("session_exit_message: session %d: no channel %d", s->self, s->chanid); debug("session_exit_message: session %d channel %d pid %d", s->self, s->chanid, s->pid); if (WIFEXITED(status)) { - channel_request_start(s->chanid, - "exit-status", 0); + channel_request_start(s->chanid, "exit-status", 0); packet_put_int(WEXITSTATUS(status)); packet_send(); } else if (WIFSIGNALED(status)) { - channel_request_start(s->chanid, - "exit-signal", 0); + channel_request_start(s->chanid, "exit-signal", 0); packet_put_int(WTERMSIG(status)); packet_put_char(WCOREDUMP(status)); packet_put_cstring(""); @@ -1618,26 +1548,25 @@ session_exit_message(Session *s, int status) s->chanid = -1; } -void -session_free(Session *s) +static void +session_close(Session *s) { - debug("session_free: session %d pid %d", s->self, s->pid); + debug("session_close: session %d pid %d", s->self, s->pid); + if (s->ttyfd != -1) { + fatal_remove_cleanup(session_pty_cleanup, (void *)s); + session_pty_cleanup(s); + } if (s->term) xfree(s->term); if (s->display) xfree(s->display); + if (s->auth_display) + xfree(s->auth_display); if (s->auth_data) xfree(s->auth_data); if (s->auth_proto) xfree(s->auth_proto); s->used = 0; -} - -void -session_close(Session *s) -{ - session_pty_cleanup(s); - session_free(s); session_proctitle(s); } @@ -1646,7 +1575,7 @@ session_close_by_pid(pid_t pid, int status) { Session *s = session_by_pid(pid); if (s == NULL) { - debug("session_close_by_pid: no session for pid %d", s->pid); + debug("session_close_by_pid: no session for pid %d", pid); return; } if (s->chanid != -1) @@ -1663,32 +1592,46 @@ session_close_by_channel(int id, void *arg) { Session *s = session_by_channel(id); if (s == NULL) { - debug("session_close_by_channel: no session for channel %d", id); + debug("session_close_by_channel: no session for id %d", id); return; } - /* disconnect channel */ + debug("session_close_by_channel: channel %d child %d", id, s->pid); + if (s->pid != 0) { + debug("session_close_by_channel: channel %d: has child", id); + /* + * delay detach of session, but release pty, since + * the fd's to the child are already closed + */ + if (s->ttyfd != -1) { + fatal_remove_cleanup(session_pty_cleanup, (void *)s); + session_pty_cleanup(s); + } + return; + } + /* detach by removing callback */ channel_cancel_cleanup(s->chanid); s->chanid = -1; + session_close(s); +} - debug("session_close_by_channel: channel %d kill %d", id, s->pid); - if (s->pid == 0) { - /* close session immediately */ - session_close(s); - } else { - /* notify child, delay session cleanup */ - if (kill(s->pid, (s->ttyfd == -1) ? SIGTERM : SIGHUP) < 0) - error("session_close_by_channel: kill %d: %s", - s->pid, strerror(errno)); +void +session_destroy_all(void) +{ + int i; + for (i = 0; i < MAX_SESSIONS; i++) { + Session *s = &sessions[i]; + if (s->used) + session_close(s); } } -char * +static char * session_tty_list(void) { static char buf[1024]; int i; buf[0] = '\0'; - for(i = 0; i < MAX_SESSIONS; i++) { + for (i = 0; i < MAX_SESSIONS; i++) { Session *s = &sessions[i]; if (s->used && s->ttyfd != -1) { if (buf[0] != '\0') @@ -1710,11 +1653,69 @@ session_proctitle(Session *s) setproctitle("%s@%s", s->pw->pw_name, session_tty_list()); } -void -do_authenticated2(Authctxt *authctxt) +int +session_setup_x11fwd(Session *s) { + struct stat st; + char display[512], auth_display[512]; + char hostname[MAXHOSTNAMELEN]; - server_loop2(); - if (xauthfile) - xauthfile_cleanup_proc(NULL); + if (no_x11_forwarding_flag) { + packet_send_debug("X11 forwarding disabled in user configuration file."); + return 0; + } + if (!options.x11_forwarding) { + debug("X11 forwarding disabled in server configuration file."); + return 0; + } + if (!options.xauth_location || + (stat(options.xauth_location, &st) == -1)) { + packet_send_debug("No xauth program; cannot forward with spoofing."); + return 0; + } + if (options.use_login) { + packet_send_debug("X11 forwarding disabled; " + "not compatible with UseLogin=yes."); + return 0; + } + if (s->display != NULL) { + debug("X11 display already set."); + return 0; + } + s->display_number = x11_create_display_inet(options.x11_display_offset, + options.x11_use_localhost, s->single_connection); + if (s->display_number == -1) { + debug("x11_create_display_inet failed."); + return 0; + } + + /* Set up a suitable value for the DISPLAY variable. */ + if (gethostname(hostname, sizeof(hostname)) < 0) + fatal("gethostname: %.100s", strerror(errno)); + /* + * auth_display must be used as the displayname when the + * authorization entry is added with xauth(1). This will be + * different than the DISPLAY string for localhost displays. + */ + if (options.x11_use_localhost) { + snprintf(display, sizeof display, "localhost:%d.%d", + s->display_number, s->screen); + snprintf(auth_display, sizeof auth_display, "unix:%d.%d", + s->display_number, s->screen); + s->display = xstrdup(display); + s->auth_display = xstrdup(auth_display); + } else { + snprintf(display, sizeof display, "%.400s:%d.%d", hostname, + s->display_number, s->screen); + s->display = xstrdup(display); + s->auth_display = xstrdup(display); + } + + return 1; +} + +static void +do_authenticated2(Authctxt *authctxt) +{ + server_loop2(authctxt); } diff --git a/crypto/openssh/session.h b/crypto/openssh/session.h index 842e9412a0d2..ec8284a5f68f 100644 --- a/crypto/openssh/session.h +++ b/crypto/openssh/session.h @@ -1,7 +1,7 @@ -/* $OpenBSD: session.h,v 1.6 2001/03/21 11:43:45 markus Exp $ */ +/* $OpenBSD: session.h,v 1.14 2002/02/03 17:53:25 markus Exp $ */ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,11 +26,12 @@ #ifndef SESSION_H #define SESSION_H -void do_authenticated(Authctxt *ac); +void do_authenticated(Authctxt *); -int session_open(int id); -void session_input_channel_req(int id, void *arg); -void session_close_by_pid(pid_t pid, int status); -void session_close_by_channel(int id, void *arg); +int session_open(Authctxt*, int); +int session_input_channel_req(Channel *, const char *); +void session_close_by_pid(pid_t, int); +void session_close_by_channel(int, void *); +void session_destroy_all(void); #endif diff --git a/crypto/openssh/sftp-client.c b/crypto/openssh/sftp-client.c index b5d2fd3b9476..10ac13d7f494 100644 --- a/crypto/openssh/sftp-client.c +++ b/crypto/openssh/sftp-client.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001 Damien Miller. All rights reserved. + * Copyright (c) 2001,2002 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -24,34 +24,38 @@ /* XXX: memleaks */ /* XXX: signed vs unsigned */ -/* XXX: redesign to allow concurrent overlapped operations */ -/* XXX: we use fatal too much, error may be more appropriate in places */ +/* XXX: remove all logging, only return status codes */ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.16 2001/04/05 10:42:52 markus Exp $"); +RCSID("$OpenBSD: sftp-client.c,v 1.24 2002/02/24 16:57:19 markus Exp $"); + +#include <sys/queue.h> -#include "ssh.h" #include "buffer.h" #include "bufaux.h" #include "getput.h" #include "xmalloc.h" #include "log.h" #include "atomicio.h" -#include "pathnames.h" #include "sftp.h" #include "sftp-common.h" #include "sftp-client.h" -/* How much data to read/write at at time during copies */ -/* XXX: what should this be? */ -#define COPY_SIZE 8192 +/* Minimum amount of data to read at at time */ +#define MIN_READ_SIZE 512 -/* Message ID */ -static u_int msg_id = 1; +struct sftp_conn { + int fd_in; + int fd_out; + u_int transfer_buflen; + u_int num_requests; + u_int version; + u_int msg_id; +}; -void +static void send_msg(int fd, Buffer *m) { int mlen = buffer_len(m); @@ -70,7 +74,7 @@ send_msg(int fd, Buffer *m) buffer_free(&oqueue); } -void +static void get_msg(int fd, Buffer *m) { u_int len, msg_len; @@ -98,7 +102,7 @@ get_msg(int fd, Buffer *m) } } -void +static void send_string_request(int fd, u_int id, u_int code, char *s, u_int len) { @@ -113,7 +117,7 @@ send_string_request(int fd, u_int id, u_int code, char *s, buffer_free(&msg); } -void +static void send_string_attrs_request(int fd, u_int id, u_int code, char *s, u_int len, Attrib *a) { @@ -129,7 +133,7 @@ send_string_attrs_request(int fd, u_int id, u_int code, char *s, buffer_free(&msg); } -u_int +static u_int get_status(int fd, int expected_id) { Buffer msg; @@ -154,7 +158,7 @@ get_status(int fd, int expected_id) return(status); } -char * +static char * get_handle(int fd, u_int expected_id, u_int *len) { Buffer msg; @@ -183,7 +187,7 @@ get_handle(int fd, u_int expected_id, u_int *len) return(handle); } -Attrib * +static Attrib * get_decode_stat(int fd, u_int expected_id, int quiet) { Buffer msg; @@ -217,11 +221,12 @@ get_decode_stat(int fd, u_int expected_id, int quiet) return(a); } -int -do_init(int fd_in, int fd_out) +struct sftp_conn * +do_init(int fd_in, int fd_out, u_int transfer_buflen, u_int num_requests) { int type, version; Buffer msg; + struct sftp_conn *ret; buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_INIT); @@ -237,7 +242,7 @@ do_init(int fd_in, int fd_out) error("Invalid packet back from SSH2_FXP_INIT (type %d)", type); buffer_free(&msg); - return(-1); + return(NULL); } version = buffer_get_int(&msg); @@ -255,25 +260,43 @@ do_init(int fd_in, int fd_out) buffer_free(&msg); - return(version); + ret = xmalloc(sizeof(*ret)); + ret->fd_in = fd_in; + ret->fd_out = fd_out; + ret->transfer_buflen = transfer_buflen; + ret->num_requests = num_requests; + ret->version = version; + ret->msg_id = 1; + + /* Some filexfer v.0 servers don't support large packets */ + if (version == 0) + ret->transfer_buflen = MAX(ret->transfer_buflen, 20480); + + return(ret); +} + +u_int +sftp_proto_version(struct sftp_conn *conn) +{ + return(conn->version); } int -do_close(int fd_in, int fd_out, char *handle, u_int handle_len) +do_close(struct sftp_conn *conn, char *handle, u_int handle_len) { u_int id, status; Buffer msg; buffer_init(&msg); - id = msg_id++; + id = conn->msg_id++; buffer_put_char(&msg, SSH2_FXP_CLOSE); buffer_put_int(&msg, id); buffer_put_string(&msg, handle, handle_len); - send_msg(fd_out, &msg); + send_msg(conn->fd_out, &msg); debug3("Sent message SSH2_FXP_CLOSE I:%d", id); - status = get_status(fd_in, id); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) error("Couldn't close file: %s", fx2txt(status)); @@ -283,25 +306,25 @@ do_close(int fd_in, int fd_out, char *handle, u_int handle_len) } -int -do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, +static int +do_lsreaddir(struct sftp_conn *conn, char *path, int printflag, SFTP_DIRENT ***dir) { Buffer msg; u_int type, id, handle_len, i, expected_id, ents = 0; char *handle; - id = msg_id++; + id = conn->msg_id++; buffer_init(&msg); buffer_put_char(&msg, SSH2_FXP_OPENDIR); buffer_put_int(&msg, id); buffer_put_cstring(&msg, path); - send_msg(fd_out, &msg); + send_msg(conn->fd_out, &msg); buffer_clear(&msg); - handle = get_handle(fd_in, id, &handle_len); + handle = get_handle(conn->fd_in, id, &handle_len); if (handle == NULL) return(-1); @@ -310,12 +333,11 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, *dir = xmalloc(sizeof(**dir)); (*dir)[0] = NULL; } - - for(;;) { + for (;;) { int count; - id = expected_id = msg_id++; + id = expected_id = conn->msg_id++; debug3("Sending SSH2_FXP_READDIR I:%d", id); @@ -323,11 +345,11 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, buffer_put_char(&msg, SSH2_FXP_READDIR); buffer_put_int(&msg, id); buffer_put_string(&msg, handle, handle_len); - send_msg(fd_out, &msg); + send_msg(conn->fd_out, &msg); buffer_clear(&msg); - get_msg(fd_in, &msg); + get_msg(conn->fd_in, &msg); type = buffer_get_char(&msg); id = buffer_get_int(&msg); @@ -347,7 +369,7 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, } else { error("Couldn't read directory: %s", fx2txt(status)); - do_close(fd_in, fd_out, handle, handle_len); + do_close(conn, handle, handle_len); return(status); } } else if (type != SSH2_FXP_NAME) @@ -358,7 +380,7 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, if (count == 0) break; debug3("Received %d SSH2_FXP_NAME responses", count); - for(i = 0; i < count; i++) { + for (i = 0; i < count; i++) { char *filename, *longname; Attrib *a; @@ -385,29 +407,29 @@ do_lsreaddir(int fd_in, int fd_out, char *path, int printflag, } buffer_free(&msg); - do_close(fd_in, fd_out, handle, handle_len); + do_close(conn, handle, handle_len); xfree(handle); return(0); } int -do_ls(int fd_in, int fd_out, char *path) +do_ls(struct sftp_conn *conn, char *path) { - return(do_lsreaddir(fd_in, fd_out, path, 1, NULL)); + return(do_lsreaddir(conn, path, 1, NULL)); } int -do_readdir(int fd_in, int fd_out, char *path, SFTP_DIRENT ***dir) +do_readdir(struct sftp_conn *conn, char *path, SFTP_DIRENT ***dir) { - return(do_lsreaddir(fd_in, fd_out, path, 0, dir)); + return(do_lsreaddir(conn, path, 0, dir)); } void free_sftp_dirents(SFTP_DIRENT **s) { int i; - - for(i = 0; s[i]; i++) { + + for (i = 0; s[i]; i++) { xfree(s[i]->filename); xfree(s[i]->longname); xfree(s[i]); @@ -416,30 +438,31 @@ void free_sftp_dirents(SFTP_DIRENT **s) } int -do_rm(int fd_in, int fd_out, char *path) +do_rm(struct sftp_conn *conn, char *path) { u_int status, id; debug2("Sending SSH2_FXP_REMOVE \"%s\"", path); - id = msg_id++; - send_string_request(fd_out, id, SSH2_FXP_REMOVE, path, strlen(path)); - status = get_status(fd_in, id); + id = conn->msg_id++; + send_string_request(conn->fd_out, id, SSH2_FXP_REMOVE, path, + strlen(path)); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) error("Couldn't delete file: %s", fx2txt(status)); return(status); } int -do_mkdir(int fd_in, int fd_out, char *path, Attrib *a) +do_mkdir(struct sftp_conn *conn, char *path, Attrib *a) { u_int status, id; - id = msg_id++; - send_string_attrs_request(fd_out, id, SSH2_FXP_MKDIR, path, + id = conn->msg_id++; + send_string_attrs_request(conn->fd_out, id, SSH2_FXP_MKDIR, path, strlen(path), a); - status = get_status(fd_in, id); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) error("Couldn't create directory: %s", fx2txt(status)); @@ -447,14 +470,15 @@ do_mkdir(int fd_in, int fd_out, char *path, Attrib *a) } int -do_rmdir(int fd_in, int fd_out, char *path) +do_rmdir(struct sftp_conn *conn, char *path) { u_int status, id; - id = msg_id++; - send_string_request(fd_out, id, SSH2_FXP_RMDIR, path, strlen(path)); + id = conn->msg_id++; + send_string_request(conn->fd_out, id, SSH2_FXP_RMDIR, path, + strlen(path)); - status = get_status(fd_in, id); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) error("Couldn't remove directory: %s", fx2txt(status)); @@ -462,45 +486,61 @@ do_rmdir(int fd_in, int fd_out, char *path) } Attrib * -do_stat(int fd_in, int fd_out, char *path, int quiet) +do_stat(struct sftp_conn *conn, char *path, int quiet) { u_int id; - id = msg_id++; - send_string_request(fd_out, id, SSH2_FXP_STAT, path, strlen(path)); - return(get_decode_stat(fd_in, id, quiet)); + id = conn->msg_id++; + + send_string_request(conn->fd_out, id, + conn->version == 0 ? SSH2_FXP_STAT_VERSION_0 : SSH2_FXP_STAT, + path, strlen(path)); + + return(get_decode_stat(conn->fd_in, id, quiet)); } Attrib * -do_lstat(int fd_in, int fd_out, char *path, int quiet) +do_lstat(struct sftp_conn *conn, char *path, int quiet) { u_int id; - id = msg_id++; - send_string_request(fd_out, id, SSH2_FXP_LSTAT, path, strlen(path)); - return(get_decode_stat(fd_in, id, quiet)); + if (conn->version == 0) { + if (quiet) + debug("Server version does not support lstat operation"); + else + error("Server version does not support lstat operation"); + return(NULL); + } + + id = conn->msg_id++; + send_string_request(conn->fd_out, id, SSH2_FXP_LSTAT, path, + strlen(path)); + + return(get_decode_stat(conn->fd_in, id, quiet)); } Attrib * -do_fstat(int fd_in, int fd_out, char *handle, u_int handle_len, int quiet) +do_fstat(struct sftp_conn *conn, char *handle, u_int handle_len, int quiet) { u_int id; - id = msg_id++; - send_string_request(fd_out, id, SSH2_FXP_FSTAT, handle, handle_len); - return(get_decode_stat(fd_in, id, quiet)); + id = conn->msg_id++; + send_string_request(conn->fd_out, id, SSH2_FXP_FSTAT, handle, + handle_len); + + return(get_decode_stat(conn->fd_in, id, quiet)); } int -do_setstat(int fd_in, int fd_out, char *path, Attrib *a) +do_setstat(struct sftp_conn *conn, char *path, Attrib *a) { u_int status, id; - id = msg_id++; - send_string_attrs_request(fd_out, id, SSH2_FXP_SETSTAT, path, + id = conn->msg_id++; + send_string_attrs_request(conn->fd_out, id, SSH2_FXP_SETSTAT, path, strlen(path), a); - status = get_status(fd_in, id); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) error("Couldn't setstat on \"%s\": %s", path, fx2txt(status)); @@ -509,16 +549,16 @@ do_setstat(int fd_in, int fd_out, char *path, Attrib *a) } int -do_fsetstat(int fd_in, int fd_out, char *handle, u_int handle_len, +do_fsetstat(struct sftp_conn *conn, char *handle, u_int handle_len, Attrib *a) { u_int status, id; - id = msg_id++; - send_string_attrs_request(fd_out, id, SSH2_FXP_FSETSTAT, handle, + id = conn->msg_id++; + send_string_attrs_request(conn->fd_out, id, SSH2_FXP_FSETSTAT, handle, handle_len, a); - status = get_status(fd_in, id); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) error("Couldn't fsetstat: %s", fx2txt(status)); @@ -526,19 +566,20 @@ do_fsetstat(int fd_in, int fd_out, char *handle, u_int handle_len, } char * -do_realpath(int fd_in, int fd_out, char *path) +do_realpath(struct sftp_conn *conn, char *path) { Buffer msg; u_int type, expected_id, count, id; char *filename, *longname; Attrib *a; - expected_id = id = msg_id++; - send_string_request(fd_out, id, SSH2_FXP_REALPATH, path, strlen(path)); + expected_id = id = conn->msg_id++; + send_string_request(conn->fd_out, id, SSH2_FXP_REALPATH, path, + strlen(path)); buffer_init(&msg); - get_msg(fd_in, &msg); + get_msg(conn->fd_in, &msg); type = buffer_get_char(&msg); id = buffer_get_int(&msg); @@ -572,7 +613,7 @@ do_realpath(int fd_in, int fd_out, char *path) } int -do_rename(int fd_in, int fd_out, char *oldpath, char *newpath) +do_rename(struct sftp_conn *conn, char *oldpath, char *newpath) { Buffer msg; u_int status, id; @@ -580,65 +621,71 @@ do_rename(int fd_in, int fd_out, char *oldpath, char *newpath) buffer_init(&msg); /* Send rename request */ - id = msg_id++; + id = conn->msg_id++; buffer_put_char(&msg, SSH2_FXP_RENAME); buffer_put_int(&msg, id); buffer_put_cstring(&msg, oldpath); buffer_put_cstring(&msg, newpath); - send_msg(fd_out, &msg); + send_msg(conn->fd_out, &msg); debug3("Sent message SSH2_FXP_RENAME \"%s\" -> \"%s\"", oldpath, newpath); buffer_free(&msg); - status = get_status(fd_in, id); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) - error("Couldn't rename file \"%s\" to \"%s\": %s", oldpath, newpath, - fx2txt(status)); + error("Couldn't rename file \"%s\" to \"%s\": %s", oldpath, + newpath, fx2txt(status)); return(status); } int -do_symlink(int fd_in, int fd_out, char *oldpath, char *newpath) +do_symlink(struct sftp_conn *conn, char *oldpath, char *newpath) { Buffer msg; u_int status, id; + if (conn->version < 3) { + error("This server does not support the symlink operation"); + return(SSH2_FX_OP_UNSUPPORTED); + } + buffer_init(&msg); /* Send rename request */ - id = msg_id++; + id = conn->msg_id++; buffer_put_char(&msg, SSH2_FXP_SYMLINK); buffer_put_int(&msg, id); buffer_put_cstring(&msg, oldpath); buffer_put_cstring(&msg, newpath); - send_msg(fd_out, &msg); + send_msg(conn->fd_out, &msg); debug3("Sent message SSH2_FXP_SYMLINK \"%s\" -> \"%s\"", oldpath, newpath); buffer_free(&msg); - status = get_status(fd_in, id); + status = get_status(conn->fd_in, id); if (status != SSH2_FX_OK) - error("Couldn't rename file \"%s\" to \"%s\": %s", oldpath, newpath, - fx2txt(status)); + error("Couldn't rename file \"%s\" to \"%s\": %s", oldpath, + newpath, fx2txt(status)); return(status); } char * -do_readlink(int fd_in, int fd_out, char *path) +do_readlink(struct sftp_conn *conn, char *path) { Buffer msg; u_int type, expected_id, count, id; char *filename, *longname; Attrib *a; - expected_id = id = msg_id++; - send_string_request(fd_out, id, SSH2_FXP_READLINK, path, strlen(path)); + expected_id = id = conn->msg_id++; + send_string_request(conn->fd_out, id, SSH2_FXP_READLINK, path, + strlen(path)); buffer_init(&msg); - get_msg(fd_in, &msg); + get_msg(conn->fd_in, &msg); type = buffer_get_char(&msg); id = buffer_get_int(&msg); @@ -671,19 +718,46 @@ do_readlink(int fd_in, int fd_out, char *path) return(filename); } +static void +send_read_request(int fd_out, u_int id, u_int64_t offset, u_int len, + char *handle, u_int handle_len) +{ + Buffer msg; + + buffer_init(&msg); + buffer_clear(&msg); + buffer_put_char(&msg, SSH2_FXP_READ); + buffer_put_int(&msg, id); + buffer_put_string(&msg, handle, handle_len); + buffer_put_int64(&msg, offset); + buffer_put_int(&msg, len); + send_msg(fd_out, &msg); + buffer_free(&msg); +} + int -do_download(int fd_in, int fd_out, char *remote_path, char *local_path, +do_download(struct sftp_conn *conn, char *remote_path, char *local_path, int pflag) { - int local_fd; - u_int expected_id, handle_len, mode, type, id; - u_int64_t offset; - char *handle; - Buffer msg; Attrib junk, *a; - int status; + Buffer msg; + char *handle; + int local_fd, status, num_req, max_req, write_error; + int read_error, write_errno; + u_int64_t offset, size; + u_int handle_len, mode, type, id, buflen; + struct request { + u_int id; + u_int len; + u_int64_t offset; + TAILQ_ENTRY(request) tq; + }; + TAILQ_HEAD(reqhead, request) requests; + struct request *req; - a = do_stat(fd_in, fd_out, remote_path, 0); + TAILQ_INIT(&requests); + + a = do_stat(conn, remote_path, 0); if (a == NULL) return(-1); @@ -699,130 +773,199 @@ do_download(int fd_in, int fd_out, char *remote_path, char *local_path, return(-1); } - local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, mode); - if (local_fd == -1) { - error("Couldn't open local file \"%s\" for writing: %s", - local_path, strerror(errno)); - return(-1); - } + if (a->flags & SSH2_FILEXFER_ATTR_SIZE) + size = a->size; + else + size = 0; + buflen = conn->transfer_buflen; buffer_init(&msg); /* Send open request */ - id = msg_id++; + id = conn->msg_id++; buffer_put_char(&msg, SSH2_FXP_OPEN); buffer_put_int(&msg, id); buffer_put_cstring(&msg, remote_path); buffer_put_int(&msg, SSH2_FXF_READ); attrib_clear(&junk); /* Send empty attributes */ encode_attrib(&msg, &junk); - send_msg(fd_out, &msg); + send_msg(conn->fd_out, &msg); debug3("Sent message SSH2_FXP_OPEN I:%d P:%s", id, remote_path); - handle = get_handle(fd_in, id, &handle_len); + handle = get_handle(conn->fd_in, id, &handle_len); if (handle == NULL) { buffer_free(&msg); - close(local_fd); + return(-1); + } + + local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, mode); + if (local_fd == -1) { + error("Couldn't open local file \"%s\" for writing: %s", + local_path, strerror(errno)); + buffer_free(&msg); + xfree(handle); return(-1); } /* Read from remote and write to local */ - offset = 0; - for(;;) { - u_int len; + write_error = read_error = write_errno = num_req = offset = 0; + max_req = 1; + while (num_req > 0 || max_req > 0) { char *data; + u_int len; - id = expected_id = msg_id++; - - buffer_clear(&msg); - buffer_put_char(&msg, SSH2_FXP_READ); - buffer_put_int(&msg, id); - buffer_put_string(&msg, handle, handle_len); - buffer_put_int64(&msg, offset); - buffer_put_int(&msg, COPY_SIZE); - send_msg(fd_out, &msg); - debug3("Sent message SSH2_FXP_READ I:%d O:%llu S:%u", - id, (unsigned long long)offset, COPY_SIZE); + /* Send some more requests */ + while (num_req < max_req) { + debug3("Request range %llu -> %llu (%d/%d)", + offset, offset + buflen - 1, num_req, max_req); + req = xmalloc(sizeof(*req)); + req->id = conn->msg_id++; + req->len = buflen; + req->offset = offset; + offset += buflen; + num_req++; + TAILQ_INSERT_TAIL(&requests, req, tq); + send_read_request(conn->fd_out, req->id, req->offset, + req->len, handle, handle_len); + } buffer_clear(&msg); - - get_msg(fd_in, &msg); + get_msg(conn->fd_in, &msg); type = buffer_get_char(&msg); id = buffer_get_int(&msg); - debug3("Received reply T:%d I:%d", type, id); - if (id != expected_id) - fatal("ID mismatch (%d != %d)", id, expected_id); - if (type == SSH2_FXP_STATUS) { + debug3("Received reply T:%d I:%d R:%d", type, id, max_req); + + /* Find the request in our queue */ + for(req = TAILQ_FIRST(&requests); + req != NULL && req->id != id; + req = TAILQ_NEXT(req, tq)) + ; + if (req == NULL) + fatal("Unexpected reply %u", id); + + switch (type) { + case SSH2_FXP_STATUS: status = buffer_get_int(&msg); + if (status != SSH2_FX_EOF) + read_error = 1; + max_req = 0; + TAILQ_REMOVE(&requests, req, tq); + xfree(req); + num_req--; + break; + case SSH2_FXP_DATA: + data = buffer_get_string(&msg, &len); + debug3("Received data %llu -> %llu", req->offset, + req->offset + len - 1); + if (len > req->len) + fatal("Received more data than asked for " + "%d > %d", len, req->len); + if ((lseek(local_fd, req->offset, SEEK_SET) == -1 || + atomicio(write, local_fd, data, len) != len) && + !write_error) { + write_errno = errno; + write_error = 1; + max_req = 0; + } + xfree(data); - if (status == SSH2_FX_EOF) - break; - else { - error("Couldn't read from remote " - "file \"%s\" : %s", remote_path, - fx2txt(status)); - do_close(fd_in, fd_out, handle, handle_len); - goto done; + if (len == req->len) { + TAILQ_REMOVE(&requests, req, tq); + xfree(req); + num_req--; + } else { + /* Resend the request for the missing data */ + debug3("Short data block, re-requesting " + "%llu -> %llu (%2d)", req->offset + len, + req->offset + req->len - 1, num_req); + req->id = conn->msg_id++; + req->len -= len; + req->offset += len; + send_read_request(conn->fd_out, req->id, + req->offset, req->len, handle, handle_len); + /* Reduce the request size */ + if (len < buflen) + buflen = MAX(MIN_READ_SIZE, len); } - } else if (type != SSH2_FXP_DATA) { + if (max_req > 0) { /* max_req = 0 iff EOF received */ + if (size > 0 && offset > size) { + /* Only one request at a time + * after the expected EOF */ + debug3("Finish at %llu (%2d)", + offset, num_req); + max_req = 1; + } + else if (max_req < conn->num_requests + 1) { + ++max_req; + } + } + break; + default: fatal("Expected SSH2_FXP_DATA(%d) packet, got %d", SSH2_FXP_DATA, type); } - - data = buffer_get_string(&msg, &len); - if (len > COPY_SIZE) - fatal("Received more data than asked for %d > %d", - len, COPY_SIZE); - - debug3("In read loop, got %d offset %llu", len, - (unsigned long long)offset); - if (atomicio(write, local_fd, data, len) != len) { - error("Couldn't write to \"%s\": %s", local_path, - strerror(errno)); - do_close(fd_in, fd_out, handle, handle_len); - status = -1; - xfree(data); - goto done; - } - - offset += len; - xfree(data); } - status = do_close(fd_in, fd_out, handle, handle_len); - /* Override umask and utimes if asked */ - if (pflag && fchmod(local_fd, mode) == -1) - error("Couldn't set mode on \"%s\": %s", local_path, - strerror(errno)); - if (pflag && (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME)) { - struct timeval tv[2]; - tv[0].tv_sec = a->atime; - tv[1].tv_sec = a->mtime; - tv[0].tv_usec = tv[1].tv_usec = 0; - if (utimes(local_path, tv) == -1) - error("Can't set times on \"%s\": %s", local_path, - strerror(errno)); + /* Sanity check */ + if (TAILQ_FIRST(&requests) != NULL) + fatal("Transfer complete, but requests still in queue"); + + if (read_error) { + error("Couldn't read from remote file \"%s\" : %s", + remote_path, fx2txt(status)); + do_close(conn, handle, handle_len); + } else if (write_error) { + error("Couldn't write to \"%s\": %s", local_path, + strerror(write_errno)); + status = -1; + do_close(conn, handle, handle_len); + } else { + status = do_close(conn, handle, handle_len); + + /* Override umask and utimes if asked */ + if (pflag && fchmod(local_fd, mode) == -1) + error("Couldn't set mode on \"%s\": %s", local_path, + strerror(errno)); + if (pflag && (a->flags & SSH2_FILEXFER_ATTR_ACMODTIME)) { + struct timeval tv[2]; + tv[0].tv_sec = a->atime; + tv[1].tv_sec = a->mtime; + tv[0].tv_usec = tv[1].tv_usec = 0; + if (utimes(local_path, tv) == -1) + error("Can't set times on \"%s\": %s", + local_path, strerror(errno)); + } } - -done: close(local_fd); buffer_free(&msg); xfree(handle); - return status; + + return(status); } int -do_upload(int fd_in, int fd_out, char *local_path, char *remote_path, +do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, int pflag) { - int local_fd; - u_int handle_len, id; + int local_fd, status; + u_int handle_len, id, type; u_int64_t offset; - char *handle; + char *handle, *data; Buffer msg; struct stat sb; Attrib a; - int status; + u_int32_t startid; + u_int32_t ackid; + struct outstanding_ack { + u_int id; + u_int len; + u_int64_t offset; + TAILQ_ENTRY(outstanding_ack) tq; + }; + TAILQ_HEAD(ackhead, outstanding_ack) acks; + struct outstanding_ack *ack; + + TAILQ_INIT(&acks); if ((local_fd = open(local_path, O_RDONLY, 0)) == -1) { error("Couldn't open local file \"%s\" for reading: %s", @@ -846,85 +989,121 @@ do_upload(int fd_in, int fd_out, char *local_path, char *remote_path, buffer_init(&msg); /* Send open request */ - id = msg_id++; + id = conn->msg_id++; buffer_put_char(&msg, SSH2_FXP_OPEN); buffer_put_int(&msg, id); buffer_put_cstring(&msg, remote_path); buffer_put_int(&msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC); encode_attrib(&msg, &a); - send_msg(fd_out, &msg); + send_msg(conn->fd_out, &msg); debug3("Sent message SSH2_FXP_OPEN I:%d P:%s", id, remote_path); buffer_clear(&msg); - handle = get_handle(fd_in, id, &handle_len); + handle = get_handle(conn->fd_in, id, &handle_len); if (handle == NULL) { close(local_fd); buffer_free(&msg); return(-1); } + startid = ackid = id + 1; + data = xmalloc(conn->transfer_buflen); + /* Read from local and write to remote */ offset = 0; - for(;;) { + for (;;) { int len; - char data[COPY_SIZE]; /* * Can't use atomicio here because it returns 0 on EOF, thus losing * the last block of the file */ do - len = read(local_fd, data, COPY_SIZE); + len = read(local_fd, data, conn->transfer_buflen); while ((len == -1) && (errno == EINTR || errno == EAGAIN)); if (len == -1) fatal("Couldn't read from \"%s\": %s", local_path, strerror(errno)); - if (len == 0) + + if (len != 0) { + ack = xmalloc(sizeof(*ack)); + ack->id = ++id; + ack->offset = offset; + ack->len = len; + TAILQ_INSERT_TAIL(&acks, ack, tq); + + buffer_clear(&msg); + buffer_put_char(&msg, SSH2_FXP_WRITE); + buffer_put_int(&msg, ack->id); + buffer_put_string(&msg, handle, handle_len); + buffer_put_int64(&msg, offset); + buffer_put_string(&msg, data, len); + send_msg(conn->fd_out, &msg); + debug3("Sent message SSH2_FXP_WRITE I:%d O:%llu S:%u", + id, (u_int64_t)offset, len); + } else if (TAILQ_FIRST(&acks) == NULL) break; - buffer_clear(&msg); - buffer_put_char(&msg, SSH2_FXP_WRITE); - buffer_put_int(&msg, ++id); - buffer_put_string(&msg, handle, handle_len); - buffer_put_int64(&msg, offset); - buffer_put_string(&msg, data, len); - send_msg(fd_out, &msg); - debug3("Sent message SSH2_FXP_WRITE I:%d O:%llu S:%u", - id, (unsigned long long)offset, len); - - status = get_status(fd_in, id); - if (status != SSH2_FX_OK) { - error("Couldn't write to remote file \"%s\": %s", - remote_path, fx2txt(status)); - do_close(fd_in, fd_out, handle, handle_len); - close(local_fd); - goto done; - } - debug3("In write loop, got %d offset %llu", len, - (unsigned long long)offset); + if (ack == NULL) + fatal("Unexpected ACK %u", id); + + if (id == startid || len == 0 || + id - ackid >= conn->num_requests) { + buffer_clear(&msg); + get_msg(conn->fd_in, &msg); + type = buffer_get_char(&msg); + id = buffer_get_int(&msg); + if (type != SSH2_FXP_STATUS) + fatal("Expected SSH2_FXP_STATUS(%d) packet, " + "got %d", SSH2_FXP_STATUS, type); + + status = buffer_get_int(&msg); + debug3("SSH2_FXP_STATUS %d", status); + + /* Find the request in our queue */ + for(ack = TAILQ_FIRST(&acks); + ack != NULL && ack->id != id; + ack = TAILQ_NEXT(ack, tq)) + ; + if (ack == NULL) + fatal("Can't find request for ID %d", id); + TAILQ_REMOVE(&acks, ack, tq); + + if (status != SSH2_FX_OK) { + error("Couldn't write to remote file \"%s\": %s", + remote_path, fx2txt(status)); + do_close(conn, handle, handle_len); + close(local_fd); + goto done; + } + debug3("In write loop, ack for %u %d bytes at %llu", + ack->id, ack->len, ack->offset); + ++ackid; + free(ack); + } offset += len; } + xfree(data); if (close(local_fd) == -1) { error("Couldn't close local file \"%s\": %s", local_path, strerror(errno)); - do_close(fd_in, fd_out, handle, handle_len); + do_close(conn, handle, handle_len); status = -1; goto done; } /* Override umask and utimes if asked */ if (pflag) - do_fsetstat(fd_in, fd_out, handle, handle_len, &a); + do_fsetstat(conn, handle, handle_len, &a); - status = do_close(fd_in, fd_out, handle, handle_len); + status = do_close(conn, handle, handle_len); done: xfree(handle); buffer_free(&msg); - return status; + return(status); } - diff --git a/crypto/openssh/sftp-client.h b/crypto/openssh/sftp-client.h index 09ffcc05cb37..ceda879b9283 100644 --- a/crypto/openssh/sftp-client.h +++ b/crypto/openssh/sftp-client.h @@ -1,7 +1,7 @@ -/* $OpenBSD: sftp-client.h,v 1.5 2001/04/05 10:42:52 markus Exp $ */ +/* $OpenBSD: sftp-client.h,v 1.9 2002/02/13 00:59:23 djm Exp $ */ /* - * Copyright (c) 2001 Damien Miller. All rights reserved. + * Copyright (c) 2001,2002 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,6 +26,9 @@ /* Client side of SSH2 filexfer protocol */ +#ifndef _SFTP_CLIENT_H +#define _SFTP_CLIENT_H + typedef struct SFTP_DIRENT SFTP_DIRENT; struct SFTP_DIRENT { @@ -38,57 +41,59 @@ struct SFTP_DIRENT { * Initialiase a SSH filexfer connection. Returns -1 on error or * protocol version on success. */ -int do_init(int fd_in, int fd_out); +struct sftp_conn * +do_init(int, int, u_int, u_int); + +u_int +sftp_proto_version(struct sftp_conn *); /* Close file referred to by 'handle' */ -int do_close(int fd_in, int fd_out, char *handle, u_int handle_len); +int do_close(struct sftp_conn *, char *, u_int); /* List contents of directory 'path' to stdout */ -int do_ls(int fd_in, int fd_out, char *path); +int do_ls(struct sftp_conn *, char *); /* Read contents of 'path' to NULL-terminated array 'dir' */ -int do_readdir(int fd_in, int fd_out, char *path, SFTP_DIRENT ***dir); +int do_readdir(struct sftp_conn *, char *, SFTP_DIRENT ***); /* Frees a NULL-terminated array of SFTP_DIRENTs (eg. from do_readdir) */ -void free_sftp_dirents(SFTP_DIRENT **s); +void free_sftp_dirents(SFTP_DIRENT **); /* Delete file 'path' */ -int do_rm(int fd_in, int fd_out, char *path); +int do_rm(struct sftp_conn *, char *); /* Create directory 'path' */ -int do_mkdir(int fd_in, int fd_out, char *path, Attrib *a); +int do_mkdir(struct sftp_conn *, char *, Attrib *); /* Remove directory 'path' */ -int do_rmdir(int fd_in, int fd_out, char *path); +int do_rmdir(struct sftp_conn *, char *); /* Get file attributes of 'path' (follows symlinks) */ -Attrib *do_stat(int fd_in, int fd_out, char *path, int quiet); +Attrib *do_stat(struct sftp_conn *, char *, int); /* Get file attributes of 'path' (does not follow symlinks) */ -Attrib *do_lstat(int fd_in, int fd_out, char *path, int quiet); +Attrib *do_lstat(struct sftp_conn *, char *, int); /* Get file attributes of open file 'handle' */ -Attrib *do_fstat(int fd_in, int fd_out, char *handle, u_int handle_len, - int quiet); +Attrib *do_fstat(struct sftp_conn *, char *, u_int, int); /* Set file attributes of 'path' */ -int do_setstat(int fd_in, int fd_out, char *path, Attrib *a); +int do_setstat(struct sftp_conn *, char *, Attrib *); /* Set file attributes of open file 'handle' */ -int do_fsetstat(int fd_in, int fd_out, char *handle, - u_int handle_len, Attrib *a); +int do_fsetstat(struct sftp_conn *, char *, u_int, Attrib *); /* Canonicalise 'path' - caller must free result */ -char *do_realpath(int fd_in, int fd_out, char *path); +char *do_realpath(struct sftp_conn *, char *); /* Rename 'oldpath' to 'newpath' */ -int do_rename(int fd_in, int fd_out, char *oldpath, char *newpath); +int do_rename(struct sftp_conn *, char *, char *); /* Rename 'oldpath' to 'newpath' */ -int do_symlink(int fd_in, int fd_out, char *oldpath, char *newpath); +int do_symlink(struct sftp_conn *, char *, char *); /* Return target of symlink 'path' - caller must free result */ -char *do_readlink(int fd_in, int fd_out, char *path); +char *do_readlink(struct sftp_conn *, char *); /* XXX: add callbacks to do_download/do_upload so we can do progress meter */ @@ -96,12 +101,12 @@ char *do_readlink(int fd_in, int fd_out, char *path); * Download 'remote_path' to 'local_path'. Preserve permissions and times * if 'pflag' is set */ -int do_download(int fd_in, int fd_out, char *remote_path, char *local_path, - int pflag); +int do_download(struct sftp_conn *, char *, char *, int); /* * Upload 'local_path' to 'remote_path'. Preserve permissions and times * if 'pflag' is set */ -int do_upload(int fd_in, int fd_out, char *local_path, char *remote_path, - int pflag); +int do_upload(struct sftp_conn *, char *, char *, int); + +#endif diff --git a/crypto/openssh/sftp-common.c b/crypto/openssh/sftp-common.c index 3310eabab577..4fb4496555ce 100644 --- a/crypto/openssh/sftp-common.c +++ b/crypto/openssh/sftp-common.c @@ -24,17 +24,17 @@ */ #include "includes.h" -RCSID("$OpenBSD: sftp-common.c,v 1.2 2001/02/06 23:50:10 markus Exp $"); +RCSID("$OpenBSD: sftp-common.c,v 1.5 2001/12/02 02:08:32 deraadt Exp $"); #include "buffer.h" #include "bufaux.h" -#include "getput.h" #include "log.h" #include "xmalloc.h" #include "sftp.h" #include "sftp-common.h" +/* Clear contents of attributes structure */ void attrib_clear(Attrib *a) { @@ -47,6 +47,7 @@ attrib_clear(Attrib *a) a->mtime = 0; } +/* Convert from struct stat to filexfer attribs */ void stat_to_attrib(struct stat *st, Attrib *a) { @@ -64,6 +65,7 @@ stat_to_attrib(struct stat *st, Attrib *a) a->mtime = st->st_mtime; } +/* Decode attributes in buffer */ Attrib * decode_attrib(Buffer *b) { @@ -98,6 +100,7 @@ decode_attrib(Buffer *b) return &a; } +/* Encode attributes to buffer */ void encode_attrib(Buffer *b, Attrib *a) { @@ -116,6 +119,7 @@ encode_attrib(Buffer *b, Attrib *a) } } +/* Convert from SSH2_FX_ status to text error message */ const char * fx2txt(int status) { @@ -140,7 +144,6 @@ fx2txt(int status) return("Operation unsupported"); default: return("Unknown status"); - }; + } /* NOTREACHED */ } - diff --git a/crypto/openssh/sftp-common.h b/crypto/openssh/sftp-common.h index 6dc1a32f8fde..4c126bf1065d 100644 --- a/crypto/openssh/sftp-common.h +++ b/crypto/openssh/sftp-common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.h,v 1.1 2001/02/04 11:11:54 djm Exp $ */ +/* $OpenBSD: sftp-common.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -38,18 +38,9 @@ struct Attrib { u_int32_t mtime; }; -/* Clear contents of attributes structure */ -void attrib_clear(Attrib *a); - -/* Convert from struct stat to filexfer attribs */ -void stat_to_attrib(struct stat *st, Attrib *a); - -/* Decode attributes in buffer */ -Attrib *decode_attrib(Buffer *b); - -/* Encode attributes to buffer */ -void encode_attrib(Buffer *b, Attrib *a); - -/* Convert from SSH2_FX_ status to text error message */ -const char *fx2txt(int status); +void attrib_clear(Attrib *); +void stat_to_attrib(struct stat *, Attrib *); +Attrib *decode_attrib(Buffer *); +void encode_attrib(Buffer *, Attrib *); +const char *fx2txt(int); diff --git a/crypto/openssh/sftp-glob.c b/crypto/openssh/sftp-glob.c index 18d81c0b0e46..1d845d3229d2 100644 --- a/crypto/openssh/sftp-glob.c +++ b/crypto/openssh/sftp-glob.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001 Damien Miller. All rights reserved. + * Copyright (c) 2001,2002 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -23,18 +23,14 @@ */ #include "includes.h" -RCSID("$OpenBSD: sftp-glob.c,v 1.5 2001/04/15 08:43:46 markus Exp $"); +RCSID("$OpenBSD: sftp-glob.c,v 1.10 2002/02/13 00:59:23 djm Exp $"); #include <glob.h> -#include "ssh.h" #include "buffer.h" #include "bufaux.h" -#include "getput.h" #include "xmalloc.h" #include "log.h" -#include "atomicio.h" -#include "pathnames.h" #include "sftp.h" #include "sftp-common.h" @@ -47,17 +43,17 @@ struct SFTP_OPENDIR { }; static struct { - int fd_in; - int fd_out; + struct sftp_conn *conn; } cur; -void *fudge_opendir(const char *path) +static void * +fudge_opendir(const char *path) { struct SFTP_OPENDIR *r; - + r = xmalloc(sizeof(*r)); - - if (do_readdir(cur.fd_in, cur.fd_out, (char*)path, &r->dir)) + + if (do_readdir(cur.conn, (char*)path, &r->dir)) return(NULL); r->offset = 0; @@ -65,10 +61,11 @@ void *fudge_opendir(const char *path) return((void*)r); } -struct dirent *fudge_readdir(struct SFTP_OPENDIR *od) +static struct dirent * +fudge_readdir(struct SFTP_OPENDIR *od) { static struct dirent ret; - + if (od->dir[od->offset] == NULL) return(NULL); @@ -79,16 +76,18 @@ struct dirent *fudge_readdir(struct SFTP_OPENDIR *od) return(&ret); } -void fudge_closedir(struct SFTP_OPENDIR *od) +static void +fudge_closedir(struct SFTP_OPENDIR *od) { free_sftp_dirents(od->dir); xfree(od); } -void attrib_to_stat(Attrib *a, struct stat *st) +static void +attrib_to_stat(Attrib *a, struct stat *st) { memset(st, 0, sizeof(*st)); - + if (a->flags & SSH2_FILEXFER_ATTR_SIZE) st->st_size = a->size; if (a->flags & SSH2_FILEXFER_ATTR_UIDGID) { @@ -103,44 +102,44 @@ void attrib_to_stat(Attrib *a, struct stat *st) } } -int fudge_lstat(const char *path, struct stat *st) +static int +fudge_lstat(const char *path, struct stat *st) { Attrib *a; - - if (!(a = do_lstat(cur.fd_in, cur.fd_out, (char*)path, 0))) + + if (!(a = do_lstat(cur.conn, (char*)path, 0))) return(-1); - + attrib_to_stat(a, st); - + return(0); } -int fudge_stat(const char *path, struct stat *st) +static int +fudge_stat(const char *path, struct stat *st) { Attrib *a; - - if (!(a = do_stat(cur.fd_in, cur.fd_out, (char*)path, 0))) + + if (!(a = do_stat(cur.conn, (char*)path, 0))) return(-1); - + attrib_to_stat(a, st); - + return(0); } int -remote_glob(int fd_in, int fd_out, const char *pattern, int flags, +remote_glob(struct sftp_conn *conn, const char *pattern, int flags, int (*errfunc)(const char *, int), glob_t *pglob) { - pglob->gl_opendir = (void*)fudge_opendir; - pglob->gl_readdir = (void*)fudge_readdir; - pglob->gl_closedir = (void*)fudge_closedir; + pglob->gl_opendir = fudge_opendir; + pglob->gl_readdir = (struct dirent *(*)(void *))fudge_readdir; + pglob->gl_closedir = (void (*)(void *))fudge_closedir; pglob->gl_lstat = fudge_lstat; pglob->gl_stat = fudge_stat; - + memset(&cur, 0, sizeof(cur)); - cur.fd_in = fd_in; - cur.fd_out = fd_out; + cur.conn = conn; - return(glob(pattern, flags | GLOB_ALTDIRFUNC, (void*)errfunc, - pglob)); + return(glob(pattern, flags | GLOB_ALTDIRFUNC, errfunc, pglob)); } diff --git a/crypto/openssh/sftp-glob.h b/crypto/openssh/sftp-glob.h index 4206af439769..488b0a80b5ba 100644 --- a/crypto/openssh/sftp-glob.h +++ b/crypto/openssh/sftp-glob.h @@ -1,7 +1,7 @@ -/* $OpenBSD: sftp-glob.h,v 1.3 2001/04/15 08:43:46 markus Exp $ */ +/* $OpenBSD: sftp-glob.h,v 1.6 2002/02/13 00:59:23 djm Exp $ */ /* - * Copyright (c) 2001 Damien Miller. All rights reserved. + * Copyright (c) 2001,2002 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,7 +26,13 @@ /* Remote sftp filename globbing */ +#ifndef _SFTP_GLOB_H +#define _SFTP_GLOB_H + +#include "sftp-client.h" + int -remote_glob(int fd_in, int fd_out, const char *pattern, int flags, - int (*errfunc)(const char *, int), glob_t *pglob); +remote_glob(struct sftp_conn *, const char *, int, + int (*)(const char *, int), glob_t *); +#endif diff --git a/crypto/openssh/sftp-int.c b/crypto/openssh/sftp-int.c index 3a71daac4cb2..d986c76f7bda 100644 --- a/crypto/openssh/sftp-int.c +++ b/crypto/openssh/sftp-int.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001 Damien Miller. All rights reserved. + * Copyright (c) 2001,2002 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,7 +26,7 @@ /* XXX: recursive operations */ #include "includes.h" -RCSID("$OpenBSD: sftp-int.c,v 1.36 2001/04/15 08:43:46 markus Exp $"); +RCSID("$OpenBSD: sftp-int.c,v 1.44 2002/02/13 00:59:23 djm Exp $"); #include <glob.h> @@ -44,8 +44,11 @@ RCSID("$OpenBSD: sftp-int.c,v 1.36 2001/04/15 08:43:46 markus Exp $"); /* File to read commands from */ extern FILE *infile; -/* Version of server we are speaking to */ -int version; +/* Size of buffer used when copying files */ +extern size_t copy_buffer_len; + +/* Number of concurrent outstanding requests */ +extern int num_requests; /* Seperators for interactive commands */ #define WHITESPACE " \t\r\n" @@ -80,6 +83,7 @@ struct CMD { }; const struct CMD cmds[] = { + { "bye", I_QUIT }, { "cd", I_CHDIR }, { "chdir", I_CHDIR }, { "chgrp", I_CHGRP }, @@ -113,7 +117,7 @@ const struct CMD cmds[] = { { NULL, -1} }; -void +static void help(void) { printf("Available commands:\n"); @@ -145,7 +149,7 @@ help(void) printf("? Synonym for help\n"); } -void +static void local_do_shell(const char *args) { int status; @@ -165,10 +169,10 @@ local_do_shell(const char *args) /* XXX: child has pipe fds to ssh subproc open - issue? */ if (args) { debug3("Executing %s -c \"%s\"", shell, args); - execl(shell, shell, "-c", args, NULL); + execl(shell, shell, "-c", args, (char *)NULL); } else { debug3("Executing %s", shell); - execl(shell, shell, NULL); + execl(shell, shell, (char *)NULL); } fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell, strerror(errno)); @@ -182,7 +186,7 @@ local_do_shell(const char *args) error("Shell exited with status %d", WEXITSTATUS(status)); } -void +static void local_do_ls(const char *args) { if (!args || !*args) @@ -198,7 +202,7 @@ local_do_ls(const char *args) } } -char * +static char * path_append(char *p1, char *p2) { char *ret; @@ -206,13 +210,14 @@ path_append(char *p1, char *p2) ret = xmalloc(len); strlcpy(ret, p1, len); - strlcat(ret, "/", len); + if (strcmp(p1, "/") != 0) + strlcat(ret, "/", len); strlcat(ret, p2, len); return(ret); } -char * +static char * make_absolute(char *p, char *pwd) { char *abs; @@ -226,7 +231,7 @@ make_absolute(char *p, char *pwd) return(p); } -int +static int infer_path(const char *p, char **ifp) { char *cp; @@ -246,7 +251,7 @@ infer_path(const char *p, char **ifp) return(0); } -int +static int parse_getput_flags(const char **cpp, int *pflag) { const char *cp = *cpp; @@ -269,7 +274,7 @@ parse_getput_flags(const char **cpp, int *pflag) return(0); } -int +static int get_pathname(const char **cpp, char **path) { const char *cp = *cpp, *end; @@ -317,7 +322,7 @@ get_pathname(const char **cpp, char **path) return (-1); } -int +static int is_dir(char *path) { struct stat sb; @@ -329,21 +334,21 @@ is_dir(char *path) return(sb.st_mode & S_IFDIR); } -int -remote_is_dir(int in, int out, char *path) +static int +remote_is_dir(struct sftp_conn *conn, char *path) { Attrib *a; /* XXX: report errors? */ - if ((a = do_stat(in, out, path, 1)) == NULL) + if ((a = do_stat(conn, path, 1)) == NULL) return(0); if (!(a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) return(0); return(a->perm & S_IFDIR); } -int -process_get(int in, int out, char *src, char *dst, char *pwd, int pflag) +static int +process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) { char *abs_src = NULL; char *abs_dst = NULL; @@ -357,7 +362,7 @@ process_get(int in, int out, char *src, char *dst, char *pwd, int pflag) memset(&g, 0, sizeof(g)); debug3("Looking up %s", abs_src); - if (remote_glob(in, out, abs_src, 0, NULL, &g)) { + if (remote_glob(conn, abs_src, 0, NULL, &g)) { error("File \"%s\" not found.", abs_src); err = -1; goto out; @@ -381,7 +386,7 @@ process_get(int in, int out, char *src, char *dst, char *pwd, int pflag) goto out; } printf("Fetching %s to %s\n", g.gl_pathv[0], abs_dst); - err = do_download(in, out, g.gl_pathv[0], abs_dst, pflag); + err = do_download(conn, g.gl_pathv[0], abs_dst, pflag); goto out; } @@ -393,7 +398,7 @@ process_get(int in, int out, char *src, char *dst, char *pwd, int pflag) goto out; } - for(i = 0; g.gl_pathv[i]; i++) { + for (i = 0; g.gl_pathv[i]; i++) { if (infer_path(g.gl_pathv[i], &tmp)) { err = -1; goto out; @@ -405,7 +410,7 @@ process_get(int in, int out, char *src, char *dst, char *pwd, int pflag) abs_dst = tmp; printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst); - if (do_download(in, out, g.gl_pathv[i], abs_dst, pflag) == -1) + if (do_download(conn, g.gl_pathv[i], abs_dst, pflag) == -1) err = -1; xfree(abs_dst); abs_dst = NULL; @@ -419,8 +424,8 @@ out: return(err); } -int -process_put(int in, int out, char *src, char *dst, char *pwd, int pflag) +static int +process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) { char *tmp_dst = NULL; char *abs_dst = NULL; @@ -446,7 +451,7 @@ process_put(int in, int out, char *src, char *dst, char *pwd, int pflag) if (g.gl_pathv[0] && g.gl_matchc == 1) { if (tmp_dst) { /* If directory specified, append filename */ - if (remote_is_dir(in, out, tmp_dst)) { + if (remote_is_dir(conn, tmp_dst)) { if (infer_path(g.gl_pathv[0], &tmp)) { err = 1; goto out; @@ -463,19 +468,19 @@ process_put(int in, int out, char *src, char *dst, char *pwd, int pflag) abs_dst = make_absolute(abs_dst, pwd); } printf("Uploading %s to %s\n", g.gl_pathv[0], abs_dst); - err = do_upload(in, out, g.gl_pathv[0], abs_dst, pflag); + err = do_upload(conn, g.gl_pathv[0], abs_dst, pflag); goto out; } /* Multiple matches, dst may be directory or unspecified */ - if (tmp_dst && !remote_is_dir(in, out, tmp_dst)) { + if (tmp_dst && !remote_is_dir(conn, tmp_dst)) { error("Multiple files match, but \"%s\" is not a directory", tmp_dst); err = -1; goto out; } - for(i = 0; g.gl_pathv[i]; i++) { + for (i = 0; g.gl_pathv[i]; i++) { if (infer_path(g.gl_pathv[i], &tmp)) { err = -1; goto out; @@ -487,7 +492,7 @@ process_put(int in, int out, char *src, char *dst, char *pwd, int pflag) abs_dst = make_absolute(tmp, pwd); printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst); - if (do_upload(in, out, g.gl_pathv[i], abs_dst, pflag) == -1) + if (do_upload(conn, g.gl_pathv[i], abs_dst, pflag) == -1) err = -1; } @@ -499,7 +504,7 @@ out: return(err); } -int +static int parse_args(const char **cpp, int *pflag, unsigned long *n_arg, char **path1, char **path2) { @@ -517,7 +522,7 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg, return(-1); /* Figure out which command we have */ - for(i = 0; cmds[i].c; i++) { + for (i = 0; cmds[i].c; i++) { int cmdlen = strlen(cmds[i].c); /* Check for command followed by whitespace */ @@ -644,8 +649,8 @@ parse_args(const char **cpp, int *pflag, unsigned long *n_arg, return(cmdnum); } -int -parse_dispatch_command(int in, int out, const char *cmd, char **pwd) +static int +parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd) { char *path1, *path2, *tmp; int pflag, cmdnum, i; @@ -665,32 +670,26 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) case -1: break; case I_GET: - err = process_get(in, out, path1, path2, *pwd, pflag); + err = process_get(conn, path1, path2, *pwd, pflag); break; case I_PUT: - err = process_put(in, out, path1, path2, *pwd, pflag); + err = process_put(conn, path1, path2, *pwd, pflag); break; case I_RENAME: path1 = make_absolute(path1, *pwd); path2 = make_absolute(path2, *pwd); - err = do_rename(in, out, path1, path2); + err = do_rename(conn, path1, path2); break; case I_SYMLINK: - if (version < 3) { - error("The server (version %d) does not support " - "this operation", version); - err = -1; - } else { - path2 = make_absolute(path2, *pwd); - err = do_symlink(in, out, path1, path2); - } + path2 = make_absolute(path2, *pwd); + err = do_symlink(conn, path1, path2); break; case I_RM: path1 = make_absolute(path1, *pwd); - remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); - for(i = 0; g.gl_pathv[i]; i++) { + remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); + for (i = 0; g.gl_pathv[i]; i++) { printf("Removing %s\n", g.gl_pathv[i]); - if (do_rm(in, out, g.gl_pathv[i]) == -1) + if (do_rm(conn, g.gl_pathv[i]) == -1) err = -1; } break; @@ -699,19 +698,19 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) attrib_clear(&a); a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; a.perm = 0777; - err = do_mkdir(in, out, path1, &a); + err = do_mkdir(conn, path1, &a); break; case I_RMDIR: path1 = make_absolute(path1, *pwd); - err = do_rmdir(in, out, path1); + err = do_rmdir(conn, path1); break; case I_CHDIR: path1 = make_absolute(path1, *pwd); - if ((tmp = do_realpath(in, out, path1)) == NULL) { + if ((tmp = do_realpath(conn, path1)) == NULL) { err = 1; break; } - if ((aa = do_stat(in, out, tmp, 0)) == NULL) { + if ((aa = do_stat(conn, tmp, 0)) == NULL) { xfree(tmp); err = 1; break; @@ -734,22 +733,22 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) break; case I_LS: if (!path1) { - do_ls(in, out, *pwd); + do_ls(conn, *pwd); break; } path1 = make_absolute(path1, *pwd); - if ((tmp = do_realpath(in, out, path1)) == NULL) + if ((tmp = do_realpath(conn, path1)) == NULL) break; xfree(path1); path1 = tmp; - if ((aa = do_stat(in, out, path1, 0)) == NULL) + if ((aa = do_stat(conn, path1, 0)) == NULL) break; if ((aa->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && !S_ISDIR(aa->perm)) { error("Can't ls: \"%s\" is not a directory", path1); break; } - do_ls(in, out, path1); + do_ls(conn, path1); break; case I_LCHDIR: if (chdir(path1) == -1) { @@ -780,17 +779,17 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) attrib_clear(&a); a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS; a.perm = n_arg; - remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); - for(i = 0; g.gl_pathv[i]; i++) { + remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); + for (i = 0; g.gl_pathv[i]; i++) { printf("Changing mode on %s\n", g.gl_pathv[i]); - do_setstat(in, out, g.gl_pathv[i], &a); + do_setstat(conn, g.gl_pathv[i], &a); } break; case I_CHOWN: path1 = make_absolute(path1, *pwd); - remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); - for(i = 0; g.gl_pathv[i]; i++) { - if (!(aa = do_stat(in, out, g.gl_pathv[i], 0))) + remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); + for (i = 0; g.gl_pathv[i]; i++) { + if (!(aa = do_stat(conn, g.gl_pathv[i], 0))) continue; if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) { error("Can't get current ownership of " @@ -800,14 +799,14 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) printf("Changing owner on %s\n", g.gl_pathv[i]); aa->flags &= SSH2_FILEXFER_ATTR_UIDGID; aa->uid = n_arg; - do_setstat(in, out, g.gl_pathv[i], aa); + do_setstat(conn, g.gl_pathv[i], aa); } break; case I_CHGRP: path1 = make_absolute(path1, *pwd); - remote_glob(in, out, path1, GLOB_NOCHECK, NULL, &g); - for(i = 0; g.gl_pathv[i]; i++) { - if (!(aa = do_stat(in, out, g.gl_pathv[i], 0))) + remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g); + for (i = 0; g.gl_pathv[i]; i++) { + if (!(aa = do_stat(conn, g.gl_pathv[i], 0))) continue; if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) { error("Can't get current ownership of " @@ -817,7 +816,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) printf("Changing group on %s\n", g.gl_pathv[i]); aa->flags &= SSH2_FILEXFER_ATTR_UIDGID; aa->gid = n_arg; - do_setstat(in, out, g.gl_pathv[i], aa); + do_setstat(conn, g.gl_pathv[i], aa); } break; case I_PWD: @@ -837,7 +836,7 @@ parse_dispatch_command(int in, int out, const char *cmd, char **pwd) help(); break; case I_VERSION: - printf("SFTP protocol version %d\n", version); + printf("SFTP protocol version %d\n", sftp_proto_version(conn)); break; default: fatal("%d is not implemented", cmdnum); @@ -863,12 +862,13 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) char *pwd; char *dir = NULL; char cmd[2048]; + struct sftp_conn *conn; - version = do_init(fd_in, fd_out); - if (version == -1) + conn = do_init(fd_in, fd_out, copy_buffer_len, num_requests); + if (conn == NULL) fatal("Couldn't initialise connection to server"); - pwd = do_realpath(fd_in, fd_out, "."); + pwd = do_realpath(conn, "."); if (pwd == NULL) fatal("Need cwd"); @@ -876,10 +876,10 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) dir = xstrdup(file1); dir = make_absolute(dir, pwd); - if (remote_is_dir(fd_in, fd_out, dir) && file2 == NULL) { + if (remote_is_dir(conn, dir) && file2 == NULL) { printf("Changing to: %s\n", dir); snprintf(cmd, sizeof cmd, "cd \"%s\"", dir); - parse_dispatch_command(fd_in, fd_out, cmd, &pwd); + parse_dispatch_command(conn, cmd, &pwd); } else { if (file2 == NULL) snprintf(cmd, sizeof cmd, "get %s", dir); @@ -887,14 +887,14 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) snprintf(cmd, sizeof cmd, "get %s %s", dir, file2); - parse_dispatch_command(fd_in, fd_out, cmd, &pwd); + parse_dispatch_command(conn, cmd, &pwd); return; } } setvbuf(stdout, NULL, _IOLBF, 0); setvbuf(infile, NULL, _IOLBF, 0); - for(;;) { + for (;;) { char *cp; printf("sftp> "); @@ -910,7 +910,7 @@ interactive_loop(int fd_in, int fd_out, char *file1, char *file2) if (cp) *cp = '\0'; - if (parse_dispatch_command(fd_in, fd_out, cmd, &pwd)) + if (parse_dispatch_command(conn, cmd, &pwd)) break; } xfree(pwd); diff --git a/crypto/openssh/sftp-int.h b/crypto/openssh/sftp-int.h index b47f862f8fed..976875812229 100644 --- a/crypto/openssh/sftp-int.h +++ b/crypto/openssh/sftp-int.h @@ -1,7 +1,7 @@ -/* $OpenBSD: sftp-int.h,v 1.2 2001/04/12 23:17:54 mouring Exp $ */ +/* $OpenBSD: sftp-int.h,v 1.5 2002/02/13 00:59:23 djm Exp $ */ /* - * Copyright (c) 2001 Damien Miller. All rights reserved. + * Copyright (c) 2001,2002 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -24,4 +24,4 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -void interactive_loop(int fd_in, int fd_out, char *file1, char *file2); +void interactive_loop(int, int, char *, char *); diff --git a/crypto/openssh/sftp-server.8 b/crypto/openssh/sftp-server.8 index afb233e78253..70c951f42ac4 100644 --- a/crypto/openssh/sftp-server.8 +++ b/crypto/openssh/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.6 2001/04/22 13:32:26 markus Exp $ +.\" $OpenBSD: sftp-server.8,v 1.8 2001/06/23 05:57:08 deraadt Exp $ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. .\" diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c index b49f8614f273..b98c5ff5e38d 100644 --- a/crypto/openssh/sftp-server.c +++ b/crypto/openssh/sftp-server.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -22,7 +22,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "includes.h" -RCSID("$OpenBSD: sftp-server.c,v 1.25 2001/04/05 10:42:53 markus Exp $"); +RCSID("$OpenBSD: sftp-server.c,v 1.33 2002/02/13 00:28:13 markus Exp $"); #include "buffer.h" #include "bufaux.h" @@ -56,7 +56,7 @@ struct Stat { Attrib attrib; }; -int +static int errno_to_portable(int unixerrno) { int ret = 0; @@ -87,7 +87,7 @@ errno_to_portable(int unixerrno) return ret; } -int +static int flags_from_portable(int pflags) { int flags = 0; @@ -109,7 +109,7 @@ flags_from_portable(int pflags) return flags; } -Attrib * +static Attrib * get_attrib(void) { return decode_attrib(&iqueue); @@ -133,21 +133,21 @@ enum { Handle handles[100]; -void +static void handle_init(void) { int i; - for(i = 0; i < sizeof(handles)/sizeof(Handle); i++) + for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) handles[i].use = HANDLE_UNUSED; } -int +static int handle_new(int use, char *name, int fd, DIR *dirp) { int i; - for(i = 0; i < sizeof(handles)/sizeof(Handle); i++) { + for (i = 0; i < sizeof(handles)/sizeof(Handle); i++) { if (handles[i].use == HANDLE_UNUSED) { handles[i].use = use; handles[i].dirp = dirp; @@ -159,14 +159,14 @@ handle_new(int use, char *name, int fd, DIR *dirp) return -1; } -int +static int handle_is_ok(int i, int type) { return i >= 0 && i < sizeof(handles)/sizeof(Handle) && handles[i].use == type; } -int +static int handle_to_string(int handle, char **stringp, int *hlenp) { if (stringp == NULL || hlenp == NULL) @@ -177,7 +177,7 @@ handle_to_string(int handle, char **stringp, int *hlenp) return 0; } -int +static int handle_from_string(char *handle, u_int hlen) { int val; @@ -191,7 +191,7 @@ handle_from_string(char *handle, u_int hlen) return -1; } -char * +static char * handle_to_name(int handle) { if (handle_is_ok(handle, HANDLE_DIR)|| @@ -200,7 +200,7 @@ handle_to_name(int handle) return NULL; } -DIR * +static DIR * handle_to_dir(int handle) { if (handle_is_ok(handle, HANDLE_DIR)) @@ -208,7 +208,7 @@ handle_to_dir(int handle) return NULL; } -int +static int handle_to_fd(int handle) { if (handle_is_ok(handle, HANDLE_FILE)) @@ -216,7 +216,7 @@ handle_to_fd(int handle) return -1; } -int +static int handle_close(int handle) { int ret = -1; @@ -233,7 +233,7 @@ handle_close(int handle) return ret; } -int +static int get_handle(void) { char *handle; @@ -249,7 +249,7 @@ get_handle(void) /* send replies */ -void +static void send_msg(Buffer *m) { int mlen = buffer_len(m); @@ -259,7 +259,7 @@ send_msg(Buffer *m) buffer_consume(m, mlen); } -void +static void send_status(u_int32_t id, u_int32_t error) { Buffer msg; @@ -289,7 +289,7 @@ send_status(u_int32_t id, u_int32_t error) send_msg(&msg); buffer_free(&msg); } -void +static void send_data_or_handle(char type, u_int32_t id, char *data, int dlen) { Buffer msg; @@ -302,14 +302,14 @@ send_data_or_handle(char type, u_int32_t id, char *data, int dlen) buffer_free(&msg); } -void +static void send_data(u_int32_t id, char *data, int dlen) { TRACE("sent data id %d len %d", id, dlen); send_data_or_handle(SSH2_FXP_DATA, id, data, dlen); } -void +static void send_handle(u_int32_t id, int handle) { char *string; @@ -321,7 +321,7 @@ send_handle(u_int32_t id, int handle) xfree(string); } -void +static void send_names(u_int32_t id, int count, Stat *stats) { Buffer msg; @@ -341,7 +341,7 @@ send_names(u_int32_t id, int count, Stat *stats) buffer_free(&msg); } -void +static void send_attrib(u_int32_t id, Attrib *a) { Buffer msg; @@ -357,7 +357,7 @@ send_attrib(u_int32_t id, Attrib *a) /* parse incoming */ -void +static void process_init(void) { Buffer msg; @@ -371,7 +371,7 @@ process_init(void) buffer_free(&msg); } -void +static void process_open(void) { u_int32_t id, pflags; @@ -403,7 +403,7 @@ process_open(void) xfree(name); } -void +static void process_close(void) { u_int32_t id; @@ -417,7 +417,7 @@ process_close(void) send_status(id, status); } -void +static void process_read(void) { char buf[64*1024]; @@ -457,7 +457,7 @@ process_read(void) send_status(id, status); } -void +static void process_write(void) { u_int32_t id; @@ -495,7 +495,7 @@ process_write(void) xfree(data); } -void +static void process_do_stat(int do_lstat) { Attrib a; @@ -520,19 +520,19 @@ process_do_stat(int do_lstat) xfree(name); } -void +static void process_stat(void) { process_do_stat(0); } -void +static void process_lstat(void) { process_do_stat(1); } -void +static void process_fstat(void) { Attrib a; @@ -558,7 +558,7 @@ process_fstat(void) send_status(id, status); } -struct timeval * +static struct timeval * attrib_to_tv(Attrib *a) { static struct timeval tv[2]; @@ -570,7 +570,7 @@ attrib_to_tv(Attrib *a) return tv; } -void +static void process_setstat(void) { Attrib *a; @@ -583,6 +583,11 @@ process_setstat(void) name = get_string(NULL); a = get_attrib(); TRACE("setstat id %d name %s", id, name); + if (a->flags & SSH2_FILEXFER_ATTR_SIZE) { + ret = truncate(name, a->size); + if (ret == -1) + status = errno_to_portable(errno); + } if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { ret = chmod(name, a->perm & 0777); if (ret == -1) @@ -602,7 +607,7 @@ process_setstat(void) xfree(name); } -void +static void process_fsetstat(void) { Attrib *a; @@ -618,6 +623,11 @@ process_fsetstat(void) if (fd < 0) { status = SSH2_FX_FAILURE; } else { + if (a->flags & SSH2_FILEXFER_ATTR_SIZE) { + ret = ftruncate(fd, a->size); + if (ret == -1) + status = errno_to_portable(errno); + } if (a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) { ret = fchmod(fd, a->perm & 0777); if (ret == -1) @@ -637,7 +647,7 @@ process_fsetstat(void) send_status(id, status); } -void +static void process_opendir(void) { DIR *dirp = NULL; @@ -669,10 +679,10 @@ process_opendir(void) /* * drwxr-xr-x 5 markus markus 1024 Jan 13 18:39 .ssh */ -char * +static char * ls_file(char *name, struct stat *st) { - int sz = 0; + int ulen, glen, sz = 0; struct passwd *pw; struct group *gr; struct tm *ltime = localtime(&st->st_mtime); @@ -700,12 +710,15 @@ ls_file(char *name, struct stat *st) } if (sz == 0) tbuf[0] = '\0'; - snprintf(buf, sizeof buf, "%s %3d %-8.8s %-8.8s %8llu %s %s", mode, - st->st_nlink, user, group, (unsigned long long)st->st_size, tbuf, name); + ulen = MAX(strlen(user), 8); + glen = MAX(strlen(group), 8); + snprintf(buf, sizeof buf, "%s %3d %-*s %-*s %8llu %s %s", mode, + st->st_nlink, ulen, user, glen, group, + (unsigned long long)st->st_size, tbuf, name); return xstrdup(buf); } -void +static void process_readdir(void) { DIR *dirp; @@ -733,8 +746,8 @@ process_readdir(void) stats = xrealloc(stats, nstats * sizeof(Stat)); } /* XXX OVERFLOW ? */ - snprintf(pathname, sizeof pathname, - "%s/%s", path, dp->d_name); + snprintf(pathname, sizeof pathname, "%s%s%s", path, + strcmp(path, "/") ? "/" : "", dp->d_name); if (lstat(pathname, &st) < 0) continue; stat_to_attrib(&st, &(stats[count].attrib)); @@ -748,7 +761,7 @@ process_readdir(void) } if (count > 0) { send_names(id, count, stats); - for(i = 0; i < count; i++) { + for (i = 0; i < count; i++) { xfree(stats[i].name); xfree(stats[i].long_name); } @@ -759,7 +772,7 @@ process_readdir(void) } } -void +static void process_remove(void) { char *name; @@ -776,7 +789,7 @@ process_remove(void) xfree(name); } -void +static void process_mkdir(void) { Attrib *a; @@ -796,7 +809,7 @@ process_mkdir(void) xfree(name); } -void +static void process_rmdir(void) { u_int32_t id; @@ -812,7 +825,7 @@ process_rmdir(void) xfree(name); } -void +static void process_realpath(void) { char resolvedname[MAXPATHLEN]; @@ -837,7 +850,7 @@ process_realpath(void) xfree(path); } -void +static void process_rename(void) { u_int32_t id; @@ -859,22 +872,23 @@ process_rename(void) xfree(newpath); } -void +static void process_readlink(void) { u_int32_t id; + int len; char link[MAXPATHLEN]; char *path; id = get_int(); path = get_string(NULL); TRACE("readlink id %d path %s", id, path); - if (readlink(path, link, sizeof(link) - 1) == -1) + if ((len = readlink(path, link, sizeof(link) - 1)) == -1) send_status(id, errno_to_portable(errno)); else { Stat s; - - link[sizeof(link) - 1] = '\0'; + + link[len] = '\0'; attrib_clear(&s.attrib); s.name = s.long_name = link; send_names(id, 1, &s); @@ -882,7 +896,7 @@ process_readlink(void) xfree(path); } -void +static void process_symlink(void) { u_int32_t id; @@ -904,7 +918,7 @@ process_symlink(void) xfree(newpath); } -void +static void process_extended(void) { u_int32_t id; @@ -918,7 +932,7 @@ process_extended(void) /* stolen from ssh-agent */ -void +static void process(void) { u_int msg_len; @@ -927,7 +941,7 @@ process(void) if (buffer_len(&iqueue) < 5) return; /* Incomplete message. */ - cp = (u_char *) buffer_ptr(&iqueue); + cp = buffer_ptr(&iqueue); msg_len = GET_32BIT(cp); if (msg_len > 256 * 1024) { error("bad message "); diff --git a/crypto/openssh/sftp.1 b/crypto/openssh/sftp.1 index b482996ed1c7..2faaff134178 100644 --- a/crypto/openssh/sftp.1 +++ b/crypto/openssh/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.17 2001/04/22 13:32:27 markus Exp $ +.\" $OpenBSD: sftp.1,v 1.33 2002/02/26 19:06:43 deraadt Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -30,14 +30,20 @@ .Nd Secure file transfer program .Sh SYNOPSIS .Nm sftp -.Op Fl vC +.Op Fl vC1 .Op Fl b Ar batchfile .Op Fl o Ar ssh_option -.Op Ar host +.Op Fl s Ar subsystem | sftp_server +.Op Fl B Ar buffer_size +.Op Fl F Ar ssh_config +.Op Fl P Ar sftp_server path +.Op Fl R Ar num_requests +.Op Fl S Ar program +.Ar host .Nm sftp .Op [\fIuser\fR@]\fIhost\fR[:\fIfile\fR [\fIfile\fR]] .Nm sftp -.Op [\fIuser\fR@]\fIhost\fR[:\fIdir\fR[\fI/\fR]] +.Op [\fIuser\fR@]\fIhost\fR[:\fIdir\fR[\fI/\fR]] .Sh DESCRIPTION .Nm is an interactive file transfer program, similar to @@ -49,12 +55,12 @@ It may also use many features of ssh, such as public key authentication and compression. .Nm connects and logs into the specified -.Ar hostname , +.Ar host , then enters an interactive command mode. .Pp -The second usage format will fetch files automaticly if a non-interactive -authentication is used, else it do so after an interactive authentication -is used. +The second usage format will retrieve files automatically if a non-interactive +authentication method is used; otherwise it will do so after +successful interactive authentication. .Pp The last usage format allows the sftp client to start in a remote directory. .Pp @@ -68,49 +74,96 @@ instead of Since it lacks user interaction it should be used in conjunction with non-interactive authentication. .Nm -will abort if any of the following -commands fail: -.Ic get , put , rename , ln , rm , mkdir , chdir , lchdir +will abort if any of the following +commands fail: +.Ic get , put , rename , ln , +.Ic rm , mkdir , chdir , lchdir and .Ic lmkdir . -.It Fl C -Enables compression (via ssh's -.Fl C -flag) .It Fl o Ar ssh_option -Specify an option to be directly passed to -.Xr ssh 1 . +Can be used to pass options to +.Nm ssh +in the format used in the +.Xr ssh 1 +configuration file. This is useful for specifying options +for which there is no separate +.Nm sftp +command-line flag. For example, to specify an alternate +port use: +.Ic sftp -oPort=24 . +.It Fl s Ar subsystem | sftp_server +Specifies the SSH2 subsystem or the path for an sftp server +on the remote host. A path is useful for using sftp over +protocol version 1, or when the remote +.Nm sshd +does not have an sftp subsystem configured. .It Fl v Raise logging level. This option is also passed to ssh. +.It Fl B Ar buffer_size +Specify the size of the buffer that +.Nm +uses when transferring files. Larger buffers require fewer round trips at +the cost of higher memory consumption. The default is 32768 bytes. +.It Fl C +Enables compression (via ssh's +.Fl C +flag). +.It Fl F Ar ssh_config +Specifies an alternative +per-user configuration file for +.Nm ssh . +This option is directly passed to +.Xr ssh 1 . +.It Fl P Ar sftp_server path +Connect directly to a local +.Nm sftp-server +(rather than via +.Nm ssh ) +This option may be useful in debugging the client and server. +.It Fl R Ar num_requests +Specify how many requests may be outstanding at any one time. Increasing +this may slightly improve file transfer speed but will increase memory +usage. The default is 16 outstanding requests. +.It Fl S Ar program +Name of the +.Ar program +to use for the encrypted connection. +The program must understand +.Xr ssh 1 +options. +.It Fl 1 +Specify the use of protocol version 1. .El .Sh INTERACTIVE COMMANDS Once in interactive mode, .Nm -understands a set of commands similar to those of +understands a set of commands similar to those of .Xr ftp 1 . Commands are case insensitive and pathnames may be enclosed in quotes if they contain spaces. .Bl -tag -width Ds +.It Ic bye +Quit sftp. .It Ic cd Ar path -Change remote directory to +Change remote directory to .Ar path . .It Ic lcd Ar path -Change local directory to +Change local directory to .Ar path . .It Ic chgrp Ar grp Ar path -Change group of file +Change group of file .Ar path to .Ar grp . .Ar grp must be a numeric GID. .It Ic chmod Ar mode Ar path -Change permissions of file +Change permissions of file .Ar path to .Ar mode . .It Ic chown Ar own Ar path -Change owner of file +Change owner of file .Ar path to .Ar own . @@ -127,15 +180,15 @@ Retrieve the .Ar remote-path and store it on the local machine. If the local -path name is not specified, it is given the same name it has on the -remote machine. If the +path name is not specified, it is given the same name it has on the +remote machine. If the .Fl P flag is specified, then the file's full permission and access time are copied too. .It Ic help Display help text. .It Ic lls Op Ar ls-options Op Ar path -Display local directory listing of either +Display local directory listing of either .Ar path or current directory if .Ar path @@ -144,7 +197,7 @@ is not specified. Create local directory specified by .Ar path . .It Ic ln Ar oldpath Ar newpath -Create a symbolic link from +Create a symbolic link from .Ar oldpath to .Ar newpath . @@ -157,7 +210,7 @@ or current directory if .Ar path is not specified. .It Ic lumask Ar umask -Set local umask to +Set local umask to .Ar umask . .It Ic mkdir Ar path Create remote directory specified by @@ -169,8 +222,8 @@ Create remote directory specified by .Xc Upload .Ar local-path -and store it on the remote machine. If the remote path name is not -specified, it is given the same name it has on the local machine. If the +and store it on the remote machine. If the remote path name is not +specified, it is given the same name it has on the local machine. If the .Fl P flag is specified, then the file's full permission and access time are copied too. @@ -190,12 +243,12 @@ Remove remote directory specified by Delete remote file specified by .Ar path . .It Ic symlink Ar oldpath Ar newpath -Create a symbolic link from +Create a symbolic link from .Ar oldpath to .Ar newpath . .It Ic ! Ar command -Execute +Execute .Ar command in local shell. .It Ic ! diff --git a/crypto/openssh/sftp.c b/crypto/openssh/sftp.c index 2c57bef0207a..0a7689c4e792 100644 --- a/crypto/openssh/sftp.c +++ b/crypto/openssh/sftp.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2001 Damien Miller. All rights reserved. + * Copyright (c) 2001,2002 Damien Miller. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -24,30 +24,27 @@ #include "includes.h" -RCSID("$OpenBSD: sftp.c,v 1.15 2001/04/16 02:31:44 mouring Exp $"); +RCSID("$OpenBSD: sftp.c,v 1.26 2002/02/12 12:32:27 djm Exp $"); -/* XXX: commandline mode */ /* XXX: short-form remote directory listings (like 'ls -C') */ #include "buffer.h" #include "xmalloc.h" #include "log.h" #include "pathnames.h" +#include "misc.h" #include "sftp.h" #include "sftp-common.h" #include "sftp-client.h" #include "sftp-int.h" -#include "scp-common.h" - -int use_ssh1 = 0; -char *ssh_program = _PATH_SSH_PROGRAM; -char *sftp_server = NULL; FILE* infile; +size_t copy_buffer_len = 32768; +size_t num_requests = 16; -void -connect_to_server(char **args, int *in, int *out, pid_t *sshpid) +static void +connect_to_server(char *path, char **args, int *in, int *out, pid_t *sshpid) { int c_in, c_out; #ifdef USE_PIPES @@ -78,8 +75,8 @@ connect_to_server(char **args, int *in, int *out, pid_t *sshpid) close(*out); close(c_in); close(c_out); - execv(ssh_program, args); - fprintf(stderr, "exec: %s: %s\n", ssh_program, strerror(errno)); + execv(path, args); + fprintf(stderr, "exec: %s: %s\n", path, strerror(errno)); exit(1); } @@ -87,93 +84,59 @@ connect_to_server(char **args, int *in, int *out, pid_t *sshpid) close(c_out); } -char ** -make_ssh_args(char *add_arg) -{ - static char **args = NULL; - static int nargs = 0; - char debug_buf[4096]; - int i; - - /* Init args array */ - if (args == NULL) { - nargs = 2; - i = 0; - args = xmalloc(sizeof(*args) * nargs); - args[i++] = "ssh"; - args[i++] = NULL; - } - - /* If asked to add args, then do so and return */ - if (add_arg) { - i = nargs++ - 1; - args = xrealloc(args, sizeof(*args) * nargs); - args[i++] = add_arg; - args[i++] = NULL; - return(NULL); - } - - /* no subsystem if the server-spec contains a '/' */ - if (sftp_server == NULL || strchr(sftp_server, '/') == NULL) - make_ssh_args("-s"); - make_ssh_args("-oForwardX11=no"); - make_ssh_args("-oForwardAgent=no"); - make_ssh_args(use_ssh1 ? "-oProtocol=1" : "-oProtocol=2"); - - /* Otherwise finish up and return the arg array */ - if (sftp_server != NULL) - make_ssh_args(sftp_server); - else - make_ssh_args("sftp"); - - /* XXX: overflow - doesn't grow debug_buf */ - debug_buf[0] = '\0'; - for(i = 0; args[i]; i++) { - if (i) - strlcat(debug_buf, " ", sizeof(debug_buf)); - - strlcat(debug_buf, args[i], sizeof(debug_buf)); - } - debug("SSH args \"%s\"", debug_buf); - - return(args); -} - -void +static void usage(void) { - fprintf(stderr, "usage: sftp [-1vC] [-b batchfile] [-osshopt=value] [user@]host[:file [file]]\n"); + extern char *__progname; + + fprintf(stderr, + "usage: %s [-vC1] [-b batchfile] [-o option] [-s subsystem|path] [-B buffer_size]\n" + " [-F config] [-P direct server path] [-S program]\n" + " [user@]host[:file [file]]\n", __progname); exit(1); } int main(int argc, char **argv) { - int in, out, ch, debug_level, compress_flag; + int in, out, ch; pid_t sshpid; - char *file1 = NULL; char *host, *userhost, *cp, *file2; - LogLevel ll; + int debug_level = 0, sshver = 2; + char *file1 = NULL, *sftp_server = NULL; + char *ssh_program = _PATH_SSH_PROGRAM, *sftp_direct = NULL; + LogLevel ll = SYSLOG_LEVEL_INFO; + arglist args; extern int optind; extern char *optarg; + args.list = NULL; + addargs(&args, "ssh"); /* overwritten with ssh_program */ + addargs(&args, "-oFallBackToRsh no"); + addargs(&args, "-oForwardX11 no"); + addargs(&args, "-oForwardAgent no"); + addargs(&args, "-oClearAllForwardings yes"); + ll = SYSLOG_LEVEL_INFO; infile = stdin; /* Read from STDIN unless changed by -b */ - debug_level = compress_flag = 0; - while ((ch = getopt(argc, argv, "1hvCo:s:S:b:")) != -1) { + while ((ch = getopt(argc, argv, "1hvCo:s:S:b:B:F:P:R:")) != -1) { switch (ch) { case 'C': - compress_flag = 1; + addargs(&args, "-C"); break; case 'v': - debug_level = MIN(3, debug_level + 1); + if (debug_level < 3) { + addargs(&args, "-v"); + ll = SYSLOG_LEVEL_DEBUG1 + debug_level; + } + debug_level++; break; + case 'F': case 'o': - make_ssh_args("-o"); - make_ssh_args(optarg); + addargs(&args, "-%c%s", ch, optarg); break; case '1': - use_ssh1 = 1; + sshver = 1; if (sftp_server == NULL) sftp_server = _PATH_SFTP_SERVER; break; @@ -191,71 +154,78 @@ main(int argc, char **argv) } else fatal("Filename already specified."); break; + case 'P': + sftp_direct = optarg; + break; + case 'B': + copy_buffer_len = strtol(optarg, &cp, 10); + if (copy_buffer_len == 0 || *cp != '\0') + fatal("Invalid buffer size \"%s\"", optarg); + break; + case 'R': + num_requests = strtol(optarg, &cp, 10); + if (num_requests == 0 || *cp != '\0') + fatal("Invalid number of requests \"%s\"", + optarg); + break; case 'h': default: usage(); } } - if (optind == argc || argc > (optind + 2)) - usage(); - - userhost = xstrdup(argv[optind]); - file2 = argv[optind+1]; + if (sftp_direct == NULL) { + if (optind == argc || argc > (optind + 2)) + usage(); - if ((cp = colon(userhost)) != NULL) { - *cp++ = '\0'; - file1 = cp; - } + userhost = xstrdup(argv[optind]); + file2 = argv[optind+1]; - if ((host = strchr(userhost, '@')) == NULL) - host = userhost; - else { - *host++ = '\0'; - if (!userhost[0]) { - fprintf(stderr, "Missing username\n"); - usage(); + if ((cp = colon(userhost)) != NULL) { + *cp++ = '\0'; + file1 = cp; } - make_ssh_args("-l"); - make_ssh_args(userhost); - } - host = cleanhostname(host); - if (!*host) { - fprintf(stderr, "Missing hostname\n"); - usage(); - } + if ((host = strchr(userhost, '@')) == NULL) + host = userhost; + else { + *host++ = '\0'; + if (!userhost[0]) { + fprintf(stderr, "Missing username\n"); + usage(); + } + addargs(&args, "-l%s",userhost); + } - /* Set up logging and debug '-d' arguments to ssh */ - ll = SYSLOG_LEVEL_INFO; - switch (debug_level) { - case 1: - ll = SYSLOG_LEVEL_DEBUG1; - make_ssh_args("-v"); - break; - case 2: - ll = SYSLOG_LEVEL_DEBUG2; - make_ssh_args("-v"); - make_ssh_args("-v"); - break; - case 3: - ll = SYSLOG_LEVEL_DEBUG3; - make_ssh_args("-v"); - make_ssh_args("-v"); - make_ssh_args("-v"); - break; - } + host = cleanhostname(host); + if (!*host) { + fprintf(stderr, "Missing hostname\n"); + usage(); + } - if (compress_flag) - make_ssh_args("-C"); + log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1); + addargs(&args, "-oProtocol %d", sshver); - log_init(argv[0], ll, SYSLOG_FACILITY_USER, 1); + /* no subsystem if the server-spec contains a '/' */ + if (sftp_server == NULL || strchr(sftp_server, '/') == NULL) + addargs(&args, "-s"); - make_ssh_args(host); + addargs(&args, "%s", host); + addargs(&args, "%s", (sftp_server != NULL ? + sftp_server : "sftp")); + args.list[0] = ssh_program; - fprintf(stderr, "Connecting to %s...\n", host); + fprintf(stderr, "Connecting to %s...\n", host); + connect_to_server(ssh_program, args.list, &in, &out, + &sshpid); + } else { + args.list = NULL; + addargs(&args, "sftp-server"); - connect_to_server(make_ssh_args(NULL), &in, &out, &sshpid); + fprintf(stderr, "Attaching to %s...\n", sftp_direct); + connect_to_server(sftp_direct, args.list, &in, &out, + &sshpid); + } interactive_loop(in, out, file1, file2); diff --git a/crypto/openssh/sftp.h b/crypto/openssh/sftp.h index 2ad95864b8e0..675c6086e952 100644 --- a/crypto/openssh/sftp.h +++ b/crypto/openssh/sftp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp.h,v 1.3 2001/03/07 10:11:23 djm Exp $ */ +/* $OpenBSD: sftp.h,v 1.4 2002/02/13 00:59:23 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -38,6 +38,7 @@ #define SSH2_FXP_READ 5 #define SSH2_FXP_WRITE 6 #define SSH2_FXP_LSTAT 7 +#define SSH2_FXP_STAT_VERSION_0 7 #define SSH2_FXP_FSTAT 8 #define SSH2_FXP_SETSTAT 9 #define SSH2_FXP_FSETSTAT 10 diff --git a/crypto/openssh/sftp/Makefile b/crypto/openssh/sftp/Makefile index 83fa8dcfeb83..3f5d866a5e9e 100644 --- a/crypto/openssh/sftp/Makefile +++ b/crypto/openssh/sftp/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.4 2001/04/16 02:31:52 mouring Exp $ +# $OpenBSD: Makefile,v 1.5 2001/05/03 23:09:57 mouring Exp $ .PATH: ${.CURDIR}/.. @@ -10,7 +10,7 @@ BINMODE?=555 BINDIR= /usr/bin MAN= sftp.1 -SRCS= sftp.c sftp-client.c sftp-int.c sftp-common.c sftp-glob.c scp-common.c +SRCS= sftp.c sftp-client.c sftp-int.c sftp-common.c sftp-glob.c misc.c .include <bsd.prog.mk> diff --git a/crypto/openssh/ssh-add.1 b/crypto/openssh/ssh-add.1 index d7725c6e3652..41d5def6ff15 100644 --- a/crypto/openssh/ssh-add.1 +++ b/crypto/openssh/ssh-add.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-add.1,v 1.24 2001/04/10 09:13:21 itojun Exp $ +.\" $OpenBSD: ssh-add.1,v 1.30 2002/02/04 20:41:16 stevesk Exp $ .\" .\" -*- nroff -*- .\" @@ -42,22 +42,29 @@ .Os .Sh NAME .Nm ssh-add -.Nd adds RSA or DSA identities for the authentication agent +.Nd adds RSA or DSA identities to the authentication agent .Sh SYNOPSIS .Nm ssh-add .Op Fl lLdD .Op Ar +.Nm ssh-add +.Fl s Ar reader +.Nm ssh-add +.Fl e Ar reader .Sh DESCRIPTION .Nm adds RSA or DSA identities to the authentication agent, .Xr ssh-agent 1 . -When run without arguments, it adds the file +When run without arguments, it adds the files +.Pa $HOME/.ssh/id_rsa , +.Pa $HOME/.ssh/id_dsa +and .Pa $HOME/.ssh/identity . Alternative file names can be given on the command line. If any file requires a passphrase, .Nm asks for the passphrase from the user. -The Passphrase it is read from the user's tty. +The passphrase is read from the user's tty. .Nm retries the last passphrase if multiple identity files are given. .Pp @@ -76,26 +83,27 @@ Lists public key parameters of all identities currently represented by the agent Instead of adding the identity, removes the identity from the agent. .It Fl D Deletes all identities from the agent. +.It Fl s Ar reader +Add key in smartcard +.Ar reader . +.It Fl e Ar reader +Remove key in smartcard +.Ar reader . .El .Sh FILES .Bl -tag -width Ds .It Pa $HOME/.ssh/identity Contains the protocol version 1 RSA authentication identity of the user. -This file should not be readable by anyone but the user. -Note that -.Nm -ignores this file if it is accessible by others. -It is possible to -specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file. -This is the default file added by -.Nm -when no other files have been specified. .It Pa $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of the user. .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. .El +.Pp +Identity files should not be readable by anyone but the user. +Note that +.Nm +ignores identity files if they are accessible by others. .Sh ENVIRONMENT .Bl -tag -width Ds .It Ev "DISPLAY" and "SSH_ASKPASS" @@ -122,6 +130,11 @@ may be necessary to redirect the input from .Pa /dev/null to make this work.) .El +.Sh DIAGNOSTICS +Exit status is 0 on success, 1 if the specified command fails, +and 2 if +.Nm +is unable to contact the authentication agent. .Sh AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. diff --git a/crypto/openssh/ssh-add.c b/crypto/openssh/ssh-add.c index 4377ab42a9fc..c7079f7fb820 100644 --- a/crypto/openssh/ssh-add.c +++ b/crypto/openssh/ssh-add.c @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". * * SSH2 implementation, - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-add.c,v 1.36 2001/04/18 21:57:42 markus Exp $"); +RCSID("$OpenBSD: ssh-add.c,v 1.50 2002/01/29 14:27:57 markus Exp $"); #include <openssl/evp.h> @@ -49,9 +49,21 @@ RCSID("$OpenBSD: ssh-add.c,v 1.36 2001/04/18 21:57:42 markus Exp $"); #include "pathnames.h" #include "readpass.h" +/* argv0 */ +extern char *__progname; + +/* Default files to add */ +static char *default_files[] = { + _PATH_SSH_CLIENT_ID_RSA, + _PATH_SSH_CLIENT_ID_DSA, + _PATH_SSH_CLIENT_IDENTITY, + NULL +}; + + /* we keep a cache of one passphrases */ static char *pass = NULL; -void +static void clear_pass(void) { if (pass) { @@ -61,53 +73,61 @@ clear_pass(void) } } -void +static int delete_file(AuthenticationConnection *ac, const char *filename) { Key *public; char *comment = NULL; + int ret = -1; public = key_load_public(filename, &comment); if (public == NULL) { printf("Bad key file %s\n", filename); - return; + return -1; } - if (ssh_remove_identity(ac, public)) + if (ssh_remove_identity(ac, public)) { fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment); - else + ret = 0; + } else fprintf(stderr, "Could not remove identity: %s\n", filename); + key_free(public); xfree(comment); + + return ret; } /* Send a request to remove all identities. */ -void +static int delete_all(AuthenticationConnection *ac) { - int success = 1; + int ret = -1; - if (!ssh_remove_all_identities(ac, 1)) - success = 0; + if (ssh_remove_all_identities(ac, 1)) + ret = 0; /* ignore error-code for ssh2 */ ssh_remove_all_identities(ac, 2); - if (success) + if (ret == 0) fprintf(stderr, "All identities removed.\n"); else fprintf(stderr, "Failed to remove all identities.\n"); + + return ret; } -void +static int add_file(AuthenticationConnection *ac, const char *filename) { struct stat st; Key *private; char *comment = NULL; char msg[1024]; + int ret = -1; if (stat(filename, &st) < 0) { perror(filename); - exit(1); + return -1; } /* At first, try empty passphrase */ private = key_load_private(filename, "", &comment); @@ -119,32 +139,49 @@ add_file(AuthenticationConnection *ac, const char *filename) if (private == NULL) { /* clear passphrase since it did not work */ clear_pass(); - printf("Need passphrase for %.200s\n", filename); - snprintf(msg, sizeof msg, "Enter passphrase for %.200s ", + snprintf(msg, sizeof msg, "Enter passphrase for %.200s: ", comment); for (;;) { - pass = read_passphrase(msg, 1); + pass = read_passphrase(msg, RP_ALLOW_STDIN); if (strcmp(pass, "") == 0) { clear_pass(); xfree(comment); - return; + return -1; } private = key_load_private(filename, pass, &comment); if (private != NULL) break; clear_pass(); - strlcpy(msg, "Bad passphrase, try again ", sizeof msg); + strlcpy(msg, "Bad passphrase, try again: ", sizeof msg); } } - if (ssh_add_identity(ac, private, comment)) + if (ssh_add_identity(ac, private, comment)) { fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); - else + ret = 0; + } else fprintf(stderr, "Could not add identity: %s\n", filename); + xfree(comment); key_free(private); + + return ret; +} + +static int +update_card(AuthenticationConnection *ac, int add, const char *id) +{ + if (ssh_update_card(ac, add, id)) { + fprintf(stderr, "Card %s: %s\n", + add ? "added" : "removed", id); + return 0; + } else { + fprintf(stderr, "Could not %s card: %s\n", + add ? "add" : "remove", id); + return -1; + } } -void +static int list_identities(AuthenticationConnection *ac, int do_fp) { Key *key; @@ -154,8 +191,8 @@ list_identities(AuthenticationConnection *ac, int do_fp) for (version = 1; version <= 2; version++) { for (key = ssh_get_first_identity(ac, &comment, version); - key != NULL; - key = ssh_get_next_identity(ac, &comment, version)) { + key != NULL; + key = ssh_get_next_identity(ac, &comment, version)) { had_identities = 1; if (do_fp) { fp = key_fingerprint(key, SSH_FP_MD5, @@ -172,19 +209,49 @@ list_identities(AuthenticationConnection *ac, int do_fp) xfree(comment); } } - if (!had_identities) + if (!had_identities) { printf("The agent has no identities.\n"); + return -1; + } + return 0; +} + +static int +do_file(AuthenticationConnection *ac, int deleting, char *file) +{ + if (deleting) { + if (delete_file(ac, file) == -1) + return -1; + } else { + if (add_file(ac, file) == -1) + return -1; + } + return 0; +} + +static void +usage(void) +{ + fprintf(stderr, "Usage: %s [options]\n", __progname); + fprintf(stderr, "Options:\n"); + fprintf(stderr, " -l List fingerprints of all identities.\n"); + fprintf(stderr, " -L List public key parameters of all identities.\n"); + fprintf(stderr, " -d Delete identity.\n"); + fprintf(stderr, " -D Delete all identities.\n"); +#ifdef SMARTCARD + fprintf(stderr, " -s reader Add key in smartcard reader.\n"); + fprintf(stderr, " -e reader Remove key in smartcard reader.\n"); +#endif } int main(int argc, char **argv) { + extern char *optarg; + extern int optind; AuthenticationConnection *ac = NULL; - struct passwd *pw; - char buf[1024]; - int no_files = 1; - int i; - int deleting = 0; + char *sc_reader_id = NULL; + int i, ch, deleting = 0, ret = 0; SSLeay_add_all_algorithms(); @@ -192,46 +259,70 @@ main(int argc, char **argv) ac = ssh_get_authentication_connection(); if (ac == NULL) { fprintf(stderr, "Could not open a connection to your authentication agent.\n"); - exit(1); + exit(2); } - for (i = 1; i < argc; i++) { - if ((strcmp(argv[i], "-l") == 0) || - (strcmp(argv[i], "-L") == 0)) { - list_identities(ac, argv[i][1] == 'l' ? 1 : 0); - /* Don't default-add/delete if -l. */ - no_files = 0; - continue; - } - if (strcmp(argv[i], "-d") == 0) { + while ((ch = getopt(argc, argv, "lLdDe:s:")) != -1) { + switch (ch) { + case 'l': + case 'L': + if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) + ret = 1; + goto done; + break; + case 'd': deleting = 1; - continue; - } - if (strcmp(argv[i], "-D") == 0) { - delete_all(ac); - no_files = 0; - continue; + break; + case 'D': + if (delete_all(ac) == -1) + ret = 1; + goto done; + break; + case 's': + sc_reader_id = optarg; + break; + case 'e': + deleting = 1; + sc_reader_id = optarg; + break; + default: + usage(); + ret = 1; + goto done; } - no_files = 0; - if (deleting) - delete_file(ac, argv[i]); - else - add_file(ac, argv[i]); } - if (no_files) { - pw = getpwuid(getuid()); - if (!pw) { + argc -= optind; + argv += optind; + if (sc_reader_id != NULL) { + if (update_card(ac, !deleting, sc_reader_id) == -1) + ret = 1; + goto done; + } + if (argc == 0) { + char buf[MAXPATHLEN]; + struct passwd *pw; + + if ((pw = getpwuid(getuid())) == NULL) { fprintf(stderr, "No user found with uid %u\n", (u_int)getuid()); - ssh_close_authentication_connection(ac); - exit(1); + ret = 1; + goto done; + } + + for(i = 0; default_files[i]; i++) { + snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, + default_files[i]); + if (do_file(ac, deleting, buf) == -1) + ret = 1; + } + } else { + for(i = 0; i < argc; i++) { + if (do_file(ac, deleting, argv[i]) == -1) + ret = 1; } - snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY); - if (deleting) - delete_file(ac, buf); - else - add_file(ac, buf); } clear_pass(); + +done: ssh_close_authentication_connection(ac); - exit(0); + return ret; } diff --git a/crypto/openssh/ssh-agent.1 b/crypto/openssh/ssh-agent.1 index 1d214698d723..9909ef59022d 100644 --- a/crypto/openssh/ssh-agent.1 +++ b/crypto/openssh/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.24 2001/04/10 09:13:21 itojun Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.31 2002/02/04 20:41:16 stevesk Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -42,11 +42,11 @@ .Nd authentication agent .Sh SYNOPSIS .Nm ssh-agent -.Ar command -.Ar args ... -.Nm ssh-agent .Op Fl c Li | Fl s +.Op Fl d +.Op Ar command Op Ar args ... .Nm ssh-agent +.Op Fl c Li | Fl s .Fl k .Sh DESCRIPTION .Nm @@ -80,6 +80,10 @@ does not look like it's a csh style of shell. Kill the current agent (given by the .Ev SSH_AGENT_PID environment variable). +.It Fl d +Debug mode. When this option is specified +.Nm +will not fork. .El .Pp If a commandline is given, this is executed as a subprocess of the agent. @@ -90,9 +94,11 @@ Keys are added using .Xr ssh-add 1 . When executed without arguments, .Xr ssh-add 1 -adds the -.Pa $HOME/.ssh/identity -file. +adds the files +.Pa $HOME/.ssh/id_rsa , +.Pa $HOME/.ssh/id_dsa +and +.Pa $HOME/.ssh/identity . If the identity has a passphrase, .Xr ssh-add 1 asks for the passphrase (using a small X11 application if running @@ -112,9 +118,9 @@ remote logins, and the user can thus use the privileges given by the identities anywhere in the network in a secure way. .Pp There are two main ways to get an agent setup: -Either you let the agent -start a new subcommand into which some environment variables are exported, or -you let the agent print the needed shell commands (either +Either the agent starts a new subcommand into which some environment +variables are exported, or the agent prints the needed shell commands +(either .Xr sh 1 or .Xr csh 1 @@ -123,6 +129,11 @@ Later .Xr ssh 1 looks at these variables and uses them to establish a connection to the agent. .Pp +The agent will never send a private key over its request channel. +Instead, operations that require a private key will be performed +by the agent, and the result will be returned to the requester. +This way, private keys are not exposed to clients using the agent. +.Pp A unix-domain socket is created .Pq Pa /tmp/ssh-XXXXXXXX/agent.<pid> , and the name of this socket is stored in the @@ -143,15 +154,6 @@ line terminates. .Bl -tag -width Ds .It Pa $HOME/.ssh/identity Contains the protocol version 1 RSA authentication identity of the user. -This file should not be readable by anyone but the user. -It is possible to -specify a passphrase when generating the key; that passphrase will be -used to encrypt the private part of this file. -This file is not used by -.Nm -but is normally added to the agent using -.Xr ssh-add 1 -at login time. .It Pa $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of the user. .It Pa $HOME/.ssh/id_rsa diff --git a/crypto/openssh/ssh-agent.c b/crypto/openssh/ssh-agent.c index 3d6016aea152..786f91c7b6f7 100644 --- a/crypto/openssh/ssh-agent.c +++ b/crypto/openssh/ssh-agent.c @@ -1,5 +1,3 @@ -/* $OpenBSD: ssh-agent.c,v 1.54 2001/04/03 13:56:11 stevesk Exp $ */ - /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -12,8 +10,7 @@ * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". * - * SSH2 implementation, - * Copyright (c) 2000 Markus Friedl. All rights reserved. + * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -37,7 +34,8 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.54 2001/04/03 13:56:11 stevesk Exp $"); +#include <sys/queue.h> +RCSID("$OpenBSD: ssh-agent.c,v 1.82 2002/03/04 17:27:39 stevesk Exp $"); #include <openssl/evp.h> #include <openssl/md5.h> @@ -47,21 +45,26 @@ RCSID("$OpenBSD: ssh-agent.c,v 1.54 2001/04/03 13:56:11 stevesk Exp $"); #include "buffer.h" #include "bufaux.h" #include "xmalloc.h" -#include "packet.h" #include "getput.h" -#include "mpaux.h" #include "key.h" #include "authfd.h" -#include "cipher.h" -#include "kex.h" #include "compat.h" #include "log.h" +#ifdef SMARTCARD +#include <openssl/engine.h> +#include "scard.h" +#endif + +typedef enum { + AUTH_UNUSED, + AUTH_SOCKET, + AUTH_CONNECTION +} sock_type; + typedef struct { int fd; - enum { - AUTH_UNUSED, AUTH_SOCKET, AUTH_CONNECTION - } type; + sock_type type; Buffer input; Buffer output; } SocketEntry; @@ -69,14 +72,15 @@ typedef struct { u_int sockets_alloc = 0; SocketEntry *sockets = NULL; -typedef struct { +typedef struct identity { + TAILQ_ENTRY(identity) next; Key *key; char *comment; } Identity; typedef struct { int nentries; - Identity *identities; + TAILQ_HEAD(idqueue, identity) idlist; } Idtab; /* private key table, one per protocol version */ @@ -93,20 +97,18 @@ char socket_dir[1024]; extern char *__progname; -int prepare_select(fd_set **, fd_set **, int *); - -void +static void idtab_init(void) { int i; - for (i = 0; i <=2; i++){ - idtable[i].identities = NULL; + for (i = 0; i <=2; i++) { + TAILQ_INIT(&idtable[i].idlist); idtable[i].nentries = 0; } } /* return private key table for requested protocol version */ -Idtab * +static Idtab * idtab_lookup(int version) { if (version < 1 || version > 2) @@ -115,35 +117,40 @@ idtab_lookup(int version) } /* return matching private key for given public key */ -Key * -lookup_private_key(Key *key, int *idx, int version) +static Identity * +lookup_identity(Key *key, int version) { - int i; + Identity *id; + Idtab *tab = idtab_lookup(version); - for (i = 0; i < tab->nentries; i++) { - if (key_equal(key, tab->identities[i].key)) { - if (idx != NULL) - *idx = i; - return tab->identities[i].key; - } + TAILQ_FOREACH(id, &tab->idlist, next) { + if (key_equal(key, id->key)) + return (id); } - return NULL; + return (NULL); +} + +static void +free_identity(Identity *id) +{ + key_free(id->key); + xfree(id->comment); + xfree(id); } /* send list of supported public keys to 'client' */ -void +static void process_request_identities(SocketEntry *e, int version) { Idtab *tab = idtab_lookup(version); Buffer msg; - int i; + Identity *id; buffer_init(&msg); buffer_put_char(&msg, (version == 1) ? SSH_AGENT_RSA_IDENTITIES_ANSWER : SSH2_AGENT_IDENTITIES_ANSWER); buffer_put_int(&msg, tab->nentries); - for (i = 0; i < tab->nentries; i++) { - Identity *id = &tab->identities[i]; + TAILQ_FOREACH(id, &tab->idlist, next) { if (id->key->type == KEY_RSA1) { buffer_put_int(&msg, BN_num_bits(id->key->rsa->n)); buffer_put_bignum(&msg, id->key->rsa->e); @@ -163,10 +170,11 @@ process_request_identities(SocketEntry *e, int version) } /* ssh1 only */ -void +static void process_authentication_challenge1(SocketEntry *e) { - Key *key, *private; + Identity *id; + Key *key; BIGNUM *challenge; int i, len; Buffer msg; @@ -176,7 +184,8 @@ process_authentication_challenge1(SocketEntry *e) buffer_init(&msg); key = key_new(KEY_RSA1); - challenge = BN_new(); + if ((challenge = BN_new()) == NULL) + fatal("process_authentication_challenge1: BN_new failed"); buffer_get_int(&e->input); /* ignored */ buffer_get_bignum(&e->input, key->rsa->e); @@ -186,13 +195,14 @@ process_authentication_challenge1(SocketEntry *e) /* Only protocol 1.1 is supported */ if (buffer_len(&e->input) == 0) goto failure; - buffer_get(&e->input, (char *) session_id, 16); + buffer_get(&e->input, session_id, 16); response_type = buffer_get_int(&e->input); if (response_type != 1) goto failure; - private = lookup_private_key(key, NULL, 1); - if (private != NULL) { + id = lookup_identity(key, 1); + if (id != NULL) { + Key *private = id->key; /* Decrypt the challenge using the private key. */ if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0) goto failure; @@ -229,11 +239,11 @@ send: } /* ssh2 only */ -void +static void process_sign_request2(SocketEntry *e) { extern int datafellows; - Key *key, *private; + Key *key; u_char *blob, *data, *signature = NULL; u_int blen, dlen, slen = 0; int flags; @@ -251,9 +261,9 @@ process_sign_request2(SocketEntry *e) key = key_from_blob(blob, blen); if (key != NULL) { - private = lookup_private_key(key, NULL, 2); - if (private != NULL) - ok = key_sign(private, &signature, &slen, data, dlen); + Identity *id = lookup_identity(key, 2); + if (id != NULL) + ok = key_sign(id->key, &signature, &slen, data, dlen); } key_free(key); buffer_init(&msg); @@ -274,16 +284,16 @@ process_sign_request2(SocketEntry *e) } /* shared */ -void +static void process_remove_identity(SocketEntry *e, int version) { - Key *key = NULL, *private; + Key *key = NULL; u_char *blob; u_int blen; u_int bits; int success = 0; - switch(version){ + switch (version) { case 1: key = key_new(KEY_RSA1); bits = buffer_get_int(&e->input); @@ -301,9 +311,8 @@ process_remove_identity(SocketEntry *e, int version) break; } if (key != NULL) { - int idx; - private = lookup_private_key(key, &idx, version); - if (private != NULL) { + Identity *id = lookup_identity(key, version); + if (id != NULL) { /* * We have this key. Free the old key. Since we * don\'t want to leave empty slots in the middle of @@ -312,19 +321,12 @@ process_remove_identity(SocketEntry *e, int version) * of the array. */ Idtab *tab = idtab_lookup(version); - key_free(tab->identities[idx].key); - xfree(tab->identities[idx].comment); if (tab->nentries < 1) fatal("process_remove_identity: " "internal error: tab->nentries %d", tab->nentries); - if (idx != tab->nentries - 1) { - int i; - for (i = idx; i < tab->nentries - 1; i++) - tab->identities[i] = tab->identities[i+1]; - } - tab->identities[tab->nentries - 1].key = NULL; - tab->identities[tab->nentries - 1].comment = NULL; + TAILQ_REMOVE(&tab->idlist, id, next); + free_identity(id); tab->nentries--; success = 1; } @@ -335,16 +337,17 @@ process_remove_identity(SocketEntry *e, int version) success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); } -void +static void process_remove_all_identities(SocketEntry *e, int version) { - u_int i; Idtab *tab = idtab_lookup(version); + Identity *id; /* Loop over all identities and clear the keys. */ - for (i = 0; i < tab->nentries; i++) { - key_free(tab->identities[i].key); - xfree(tab->identities[i].comment); + for (id = TAILQ_FIRST(&tab->idlist); id; + id = TAILQ_FIRST(&tab->idlist)) { + TAILQ_REMOVE(&tab->idlist, id, next); + free_identity(id); } /* Mark that there are no identities. */ @@ -356,7 +359,7 @@ process_remove_all_identities(SocketEntry *e, int version) return; } -void +static void process_add_identity(SocketEntry *e, int version) { Key *k = NULL; @@ -379,13 +382,13 @@ process_add_identity(SocketEntry *e, int version) buffer_get_bignum(&e->input, k->rsa->p); /* q */ /* Generate additional parameters */ - generate_additional_parameters(k->rsa); + rsa_generate_additional_parameters(k->rsa); break; case 2: type_name = buffer_get_string(&e->input, NULL); type = key_type_from_name(type_name); xfree(type_name); - switch(type) { + switch (type) { case KEY_DSA: k = key_new_private(type); buffer_get_bignum2(&e->input, k->dsa->p); @@ -404,7 +407,7 @@ process_add_identity(SocketEntry *e, int version) buffer_get_bignum2(&e->input, k->rsa->q); /* Generate additional parameters */ - generate_additional_parameters(k->rsa); + rsa_generate_additional_parameters(k->rsa); break; default: buffer_clear(&e->input); @@ -418,14 +421,11 @@ process_add_identity(SocketEntry *e, int version) goto send; } success = 1; - if (lookup_private_key(k, NULL, version) == NULL) { - if (tab->nentries == 0) - tab->identities = xmalloc(sizeof(Identity)); - else - tab->identities = xrealloc(tab->identities, - (tab->nentries + 1) * sizeof(Identity)); - tab->identities[tab->nentries].key = k; - tab->identities[tab->nentries].comment = comment; + if (lookup_identity(k, version) == NULL) { + Identity *id = xmalloc(sizeof(Identity)); + id->key = k; + id->comment = comment; + TAILQ_INSERT_TAIL(&tab->idlist, id, next); /* Increment the number of identities. */ tab->nentries++; } else { @@ -438,9 +438,104 @@ send: success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); } + +#ifdef SMARTCARD +static void +process_add_smartcard_key (SocketEntry *e) +{ + Idtab *tab; + Key *n = NULL, *k = NULL; + char *sc_reader_id = NULL; + int success = 0; + + sc_reader_id = buffer_get_string(&e->input, NULL); + k = sc_get_key(sc_reader_id); + xfree(sc_reader_id); + + if (k == NULL) { + error("sc_get_pubkey failed"); + goto send; + } + success = 1; + + tab = idtab_lookup(1); + k->type = KEY_RSA1; + if (lookup_identity(k, 1) == NULL) { + Identity *id = xmalloc(sizeof(Identity)); + n = key_new(KEY_RSA1); + BN_copy(n->rsa->n, k->rsa->n); + BN_copy(n->rsa->e, k->rsa->e); + RSA_set_method(n->rsa, sc_get_engine()); + id->key = n; + id->comment = xstrdup("rsa1 smartcard"); + TAILQ_INSERT_TAIL(&tab->idlist, id, next); + tab->nentries++; + } + k->type = KEY_RSA; + tab = idtab_lookup(2); + if (lookup_identity(k, 2) == NULL) { + Identity *id = xmalloc(sizeof(Identity)); + n = key_new(KEY_RSA); + BN_copy(n->rsa->n, k->rsa->n); + BN_copy(n->rsa->e, k->rsa->e); + RSA_set_method(n->rsa, sc_get_engine()); + id->key = n; + id->comment = xstrdup("rsa smartcard"); + TAILQ_INSERT_TAIL(&tab->idlist, id, next); + tab->nentries++; + } + key_free(k); +send: + buffer_put_int(&e->output, 1); + buffer_put_char(&e->output, + success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); +} + +static void +process_remove_smartcard_key(SocketEntry *e) +{ + Key *k = NULL; + int success = 0; + char *sc_reader_id = NULL; + + sc_reader_id = buffer_get_string(&e->input, NULL); + k = sc_get_key(sc_reader_id); + xfree(sc_reader_id); + + if (k == NULL) { + error("sc_get_pubkey failed"); + } else { + Identity *id; + k->type = KEY_RSA1; + id = lookup_identity(k, 1); + if (id != NULL) { + Idtab *tab = idtab_lookup(1); + TAILQ_REMOVE(&tab->idlist, id, next); + free_identity(id); + tab->nentries--; + success = 1; + } + k->type = KEY_RSA; + id = lookup_identity(k, 2); + if (id != NULL) { + Idtab *tab = idtab_lookup(2); + TAILQ_REMOVE(&tab->idlist, id, next); + free_identity(id); + tab->nentries--; + success = 1; + } + key_free(k); + } + + buffer_put_int(&e->output, 1); + buffer_put_char(&e->output, + success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); +} +#endif /* SMARTCARD */ + /* dispatch incoming messages */ -void +static void process_message(SocketEntry *e) { u_int msg_len; @@ -448,7 +543,7 @@ process_message(SocketEntry *e) u_char *cp; if (buffer_len(&e->input) < 5) return; /* Incomplete message. */ - cp = (u_char *) buffer_ptr(&e->input); + cp = buffer_ptr(&e->input); msg_len = GET_32BIT(cp); if (msg_len > 256 * 1024) { shutdown(e->fd, SHUT_RDWR); @@ -461,6 +556,7 @@ process_message(SocketEntry *e) buffer_consume(&e->input, 4); type = buffer_get_char(&e->input); + debug("type %d", type); switch (type) { /* ssh1 */ case SSH_AGENTC_RSA_CHALLENGE: @@ -494,6 +590,14 @@ process_message(SocketEntry *e) case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: process_remove_all_identities(e, 2); break; +#ifdef SMARTCARD + case SSH_AGENTC_ADD_SMARTCARD_KEY: + process_add_smartcard_key(e); + break; + case SSH_AGENTC_REMOVE_SMARTCARD_KEY: + process_remove_smartcard_key(e); + break; +#endif /* SMARTCARD */ default: /* Unknown message. Respond with failure. */ error("Unknown message %d", type); @@ -504,8 +608,8 @@ process_message(SocketEntry *e) } } -void -new_socket(int type, int fd) +static void +new_socket(sock_type type, int fd) { u_int i, old_alloc; if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) @@ -536,8 +640,8 @@ new_socket(int type, int fd) buffer_init(&sockets[old_alloc].output); } -int -prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl) +static int +prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, int *nallocp) { u_int i, sz; int n = 0; @@ -557,15 +661,18 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl) } sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); - if (*fdrp == NULL || n > *fdl) { + if (*fdrp == NULL || sz > *nallocp) { if (*fdrp) xfree(*fdrp); if (*fdwp) xfree(*fdwp); *fdrp = xmalloc(sz); *fdwp = xmalloc(sz); - *fdl = n; + *nallocp = sz; } + if (n < *fdl) + debug("XXX shrink: %d < %d", n, *fdl); + *fdl = n; memset(*fdrp, 0, sz); memset(*fdwp, 0, sz); @@ -584,7 +691,7 @@ prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl) return (1); } -void +static void after_select(fd_set *readset, fd_set *writeset) { u_int i; @@ -603,7 +710,8 @@ after_select(fd_set *readset, fd_set *writeset) sock = accept(sockets[i].fd, (struct sockaddr *) &sunaddr, &slen); if (sock < 0) { - perror("accept from AUTH_SOCKET"); + error("accept from AUTH_SOCKET: %s", + strerror(errno)); break; } new_socket(AUTH_CONNECTION, sock); @@ -656,22 +764,8 @@ after_select(fd_set *readset, fd_set *writeset) } } -void -check_parent_exists(int sig) -{ - int save_errno = errno; - - if (parent_pid != -1 && kill(parent_pid, 0) < 0) { - /* printf("Parent has died - Authentication agent exiting.\n"); */ - exit(1); - } - signal(SIGALRM, check_parent_exists); - alarm(10); - errno = save_errno; -} - -void -cleanup_socket(void) +static void +cleanup_socket(void *p) { if (socket_name[0]) unlink(socket_name); @@ -679,33 +773,51 @@ cleanup_socket(void) rmdir(socket_dir); } -void +static void cleanup_exit(int i) { - cleanup_socket(); + cleanup_socket(NULL); exit(i); } -void +static void cleanup_handler(int sig) { - cleanup_socket(); + cleanup_socket(NULL); _exit(2); } -void +static void +check_parent_exists(int sig) +{ + int save_errno = errno; + + if (parent_pid != -1 && kill(parent_pid, 0) < 0) { + /* printf("Parent has died - Authentication agent exiting.\n"); */ + cleanup_handler(sig); /* safe */ + } + signal(SIGALRM, check_parent_exists); + alarm(10); + errno = save_errno; +} + +static void usage(void) { - fprintf(stderr, "ssh-agent version %s\n", SSH_VERSION); - fprintf(stderr, "Usage: %s [-c | -s] [-k] [command {args...]]\n", + fprintf(stderr, "Usage: %s [options] [command [args ...]]\n", __progname); + fprintf(stderr, "Options:\n"); + fprintf(stderr, " -c Generate C-shell commands on stdout.\n"); + fprintf(stderr, " -s Generate Bourne shell commands on stdout.\n"); + fprintf(stderr, " -k Kill the current agent.\n"); + fprintf(stderr, " -d Debug mode.\n"); exit(1); } int main(int ac, char **av) { - int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch; + int sock, c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0, ch, nalloc; struct sockaddr_un sunaddr; struct rlimit rlim; pid_t pid; @@ -715,7 +827,7 @@ main(int ac, char **av) SSLeay_add_all_algorithms(); - while ((ch = getopt(ac, av, "cks")) != -1) { + while ((ch = getopt(ac, av, "cdks")) != -1) { switch (ch) { case 'c': if (s_flag) @@ -730,6 +842,11 @@ main(int ac, char **av) usage(); s_flag++; break; + case 'd': + if (d_flag) + usage(); + d_flag++; + break; default: usage(); } @@ -737,10 +854,10 @@ main(int ac, char **av) ac -= optind; av += optind; - if (ac > 0 && (c_flag || k_flag || s_flag)) + if (ac > 0 && (c_flag || k_flag || s_flag || d_flag)) usage(); - if (ac == 0 && !c_flag && !k_flag && !s_flag) { + if (ac == 0 && !c_flag && !k_flag && !s_flag && !d_flag) { shell = getenv("SHELL"); if (shell != NULL && strncmp(shell + strlen(shell) - 3, "csh", 3) == 0) c_flag = 1; @@ -804,10 +921,18 @@ main(int ac, char **av) * Fork, and have the parent execute the command, if any, or present * the socket data. The child continues as the authentication agent. */ + if (d_flag) { + log_init(__progname, SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 1); + format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; + printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, + SSH_AUTHSOCKET_ENV_NAME); + printf("echo Agent pid %d;\n", parent_pid); + goto skip; + } pid = fork(); if (pid == -1) { perror("fork"); - exit(1); + cleanup_exit(1); } if (pid != 0) { /* Parent - execute the given command. */ close(sock); @@ -830,6 +955,15 @@ main(int ac, char **av) perror(av[0]); exit(1); } + /* child */ + log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0); + + if (setsid() == -1) { + error("setsid: %s", strerror(errno)); + cleanup_exit(1); + } + + (void)chdir("/"); close(0); close(1); close(2); @@ -837,33 +971,31 @@ main(int ac, char **av) /* deny core dumps, since memory contains unencrypted private keys */ rlim.rlim_cur = rlim.rlim_max = 0; if (setrlimit(RLIMIT_CORE, &rlim) < 0) { - perror("setrlimit rlimit_core failed"); - cleanup_exit(1); - } - if (setsid() == -1) { - perror("setsid"); - cleanup_exit(1); - } - if (atexit(cleanup_socket) < 0) { - perror("atexit"); + error("setrlimit RLIMIT_CORE: %s", strerror(errno)); cleanup_exit(1); } + +skip: + fatal_add_cleanup(cleanup_socket, NULL); new_socket(AUTH_SOCKET, sock); if (ac > 0) { signal(SIGALRM, check_parent_exists); alarm(10); } idtab_init(); - signal(SIGINT, SIG_IGN); + if (!d_flag) + signal(SIGINT, SIG_IGN); signal(SIGPIPE, SIG_IGN); signal(SIGHUP, cleanup_handler); signal(SIGTERM, cleanup_handler); + nalloc = 0; + while (1) { - prepare_select(&readsetp, &writesetp, &max_fd); + prepare_select(&readsetp, &writesetp, &max_fd, &nalloc); if (select(max_fd + 1, readsetp, writesetp, NULL, NULL) < 0) { if (errno == EINTR) continue; - exit(1); + fatal("select: %s", strerror(errno)); } after_select(readsetp, writesetp); } diff --git a/crypto/openssh/ssh-agent/Makefile b/crypto/openssh/ssh-agent/Makefile index e1a2e2c6cbf8..c252dbdad65e 100644 --- a/crypto/openssh/ssh-agent/Makefile +++ b/crypto/openssh/ssh-agent/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.17 2001/03/04 00:51:25 markus Exp $ +# $OpenBSD: Makefile,v 1.21 2001/06/27 19:29:16 markus Exp $ .PATH: ${.CURDIR}/.. diff --git a/crypto/openssh/ssh-dss.c b/crypto/openssh/ssh-dss.c index adc8f983e092..02403f550afc 100644 --- a/crypto/openssh/ssh-dss.c +++ b/crypto/openssh/ssh-dss.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $"); +RCSID("$OpenBSD: ssh-dss.c,v 1.14 2002/02/28 15:46:33 markus Exp $"); #include <openssl/bn.h> #include <openssl/evp.h> @@ -42,36 +42,31 @@ RCSID("$OpenBSD: ssh-dss.c,v 1.6 2001/02/08 19:30:52 itojun Exp $"); int ssh_dss_sign( Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen) + u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) { - u_char *digest; - u_char *ret; DSA_SIG *sig; - EVP_MD *evp_md = EVP_sha1(); + const EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; - u_int rlen; - u_int slen; - u_int len, dlen; - u_char sigblob[SIGBLOB_LEN]; + u_char *ret, digest[EVP_MAX_MD_SIZE], sigblob[SIGBLOB_LEN]; + u_int rlen, slen, len, dlen; Buffer b; if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) { error("ssh_dss_sign: no DSA key"); return -1; } - dlen = evp_md->md_size; - digest = xmalloc(dlen); EVP_DigestInit(&md, evp_md); EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, NULL); + EVP_DigestFinal(&md, digest, &dlen); sig = DSA_do_sign(digest, dlen, key->dsa); + memset(digest, 'd', sizeof(digest)); + if (sig == NULL) { - fatal("ssh_dss_sign: cannot sign"); + error("ssh_dss_sign: sign failed"); + return -1; } - memset(digest, 0, dlen); - xfree(digest); rlen = BN_num_bytes(sig->r); slen = BN_num_bytes(sig->s); @@ -80,15 +75,12 @@ ssh_dss_sign( DSA_SIG_free(sig); return -1; } - debug("sig size %d %d", rlen, slen); - memset(sigblob, 0, SIGBLOB_LEN); BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen); BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen); DSA_SIG_free(sig); if (datafellows & SSH_BUG_SIGBLOB) { - debug("datafellows"); ret = xmalloc(SIGBLOB_LEN); memcpy(ret, sigblob, SIGBLOB_LEN); if (lenp != NULL) @@ -114,37 +106,22 @@ ssh_dss_sign( int ssh_dss_verify( Key *key, - u_char *signature, int signaturelen, - u_char *data, int datalen) + u_char *signature, u_int signaturelen, + u_char *data, u_int datalen) { - Buffer b; - u_char *digest; DSA_SIG *sig; - EVP_MD *evp_md = EVP_sha1(); + const EVP_MD *evp_md = EVP_sha1(); EVP_MD_CTX md; - u_char *sigblob; - char *txt; + u_char digest[EVP_MAX_MD_SIZE], *sigblob; u_int len, dlen; - int rlen; - int ret; + int rlen, ret; + Buffer b; if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) { error("ssh_dss_verify: no DSA key"); return -1; } - if (!(datafellows & SSH_BUG_SIGBLOB) && - signaturelen == SIGBLOB_LEN) { - datafellows |= ~SSH_BUG_SIGBLOB; - log("autodetect SSH_BUG_SIGBLOB"); - } else if ((datafellows & SSH_BUG_SIGBLOB) && - signaturelen != SIGBLOB_LEN) { - log("autoremove SSH_BUG_SIGBLOB"); - datafellows &= ~SSH_BUG_SIGBLOB; - } - - debug("len %d datafellows %d", signaturelen, datafellows); - /* fetch signature */ if (datafellows & SSH_BUG_SIGBLOB) { sigblob = signature; @@ -153,22 +130,24 @@ ssh_dss_verify( /* ietf-drafts */ char *ktype; buffer_init(&b); - buffer_append(&b, (char *) signature, signaturelen); + buffer_append(&b, signature, signaturelen); ktype = buffer_get_string(&b, NULL); if (strcmp("ssh-dss", ktype) != 0) { error("ssh_dss_verify: cannot handle type %s", ktype); buffer_free(&b); + xfree(ktype); return -1; } - sigblob = (u_char *)buffer_get_string(&b, &len); + xfree(ktype); + sigblob = buffer_get_string(&b, &len); rlen = buffer_len(&b); - if(rlen != 0) { - error("remaining bytes in signature %d", rlen); - buffer_free(&b); + buffer_free(&b); + if (rlen != 0) { + error("ssh_dss_verify: " + "remaining bytes in signature %d", rlen); + xfree(sigblob); return -1; } - buffer_free(&b); - xfree(ktype); } if (len != SIGBLOB_LEN) { @@ -176,9 +155,12 @@ ssh_dss_verify( } /* parse signature */ - sig = DSA_SIG_new(); - sig->r = BN_new(); - sig->s = BN_new(); + if ((sig = DSA_SIG_new()) == NULL) + fatal("ssh_dss_verify: DSA_SIG_new failed"); + if ((sig->r = BN_new()) == NULL) + fatal("ssh_dss_verify: BN_new failed"); + if ((sig->s = BN_new()) == NULL) + fatal("ssh_dss_verify: BN_new failed"); BN_bin2bn(sigblob, INTBLOB_LEN, sig->r); BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s); @@ -188,30 +170,16 @@ ssh_dss_verify( } /* sha1 the data */ - dlen = evp_md->md_size; - digest = xmalloc(dlen); EVP_DigestInit(&md, evp_md); EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, NULL); + EVP_DigestFinal(&md, digest, &dlen); ret = DSA_do_verify(digest, dlen, sig, key->dsa); + memset(digest, 'd', sizeof(digest)); - memset(digest, 0, dlen); - xfree(digest); DSA_SIG_free(sig); - switch (ret) { - case 1: - txt = "correct"; - break; - case 0: - txt = "incorrect"; - break; - case -1: - default: - txt = "error"; - break; - } - debug("ssh_dss_verify: signature %s", txt); + debug("ssh_dss_verify: signature %s", + ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error"); return ret; } diff --git a/crypto/openssh/ssh-dss.h b/crypto/openssh/ssh-dss.h index 0e6a20a59d92..94961b1e8ca7 100644 --- a/crypto/openssh/ssh-dss.h +++ b/crypto/openssh/ssh-dss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-dss.h,v 1.3 2001/01/29 01:58:18 niklas Exp $ */ +/* $OpenBSD: ssh-dss.h,v 1.6 2002/02/24 19:14:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,16 +26,7 @@ #ifndef DSA_H #define DSA_H -int -ssh_dss_sign( - Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen); - -int -ssh_dss_verify( - Key *key, - u_char *signature, int signaturelen, - u_char *data, int datalen); +int ssh_dss_sign(Key *, u_char **, u_int *, u_char *, u_int); +int ssh_dss_verify(Key *, u_char *, u_int, u_char *, u_int); #endif diff --git a/crypto/openssh/ssh-keygen.1 b/crypto/openssh/ssh-keygen.1 index 371fc5fe471b..6ad94e6eb95a 100644 --- a/crypto/openssh/ssh-keygen.1 +++ b/crypto/openssh/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.40 2001/04/23 21:57:07 markus Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.53 2002/02/16 14:53:37 stevesk Exp $ .\" .\" -*- nroff -*- .\" @@ -47,7 +47,7 @@ .Nm ssh-keygen .Op Fl q .Op Fl b Ar bits -.Op Fl t Ar type +.Fl t Ar type .Op Fl N Ar new_passphrase .Op Fl C Ar comment .Op Fl f Ar output_keyfile @@ -76,15 +76,21 @@ .Nm ssh-keygen .Fl B .Op Fl f Ar input_keyfile +.Nm ssh-keygen +.Fl D Ar reader +.Nm ssh-keygen +.Fl U Ar reader +.Op Fl f Ar input_keyfile .Sh DESCRIPTION .Nm generates, manages and converts authentication keys for .Xr ssh 1 . .Nm -defaults to generating a RSA1 key for use by SSH protocol version 1. -specifying the +can create RSA keys for use by SSH protocol version 1 and RSA or DSA +keys for use by SSH protocol version 2. The type of key to be generated +is specified with the .Fl t -option allows you to create a key for use by SSH protocol version 2. +option. .Pp Normally each user wishing to use SSH with RSA or DSA authentication runs this once to create the authentication @@ -106,17 +112,21 @@ The program also asks for a passphrase. The passphrase may be empty to indicate no passphrase (host keys must have an empty passphrase), or it may be a string of arbitrary length. -Good passphrases are 10-30 characters long and are +A passphrase is similar to a password, except it can be a phrase with a +series of words, punctuation, numbers, whitespace, or any string of +characters you want. +Good passphrases are 10-30 characters long, are not simple sentences or otherwise easily guessable (English -prose has only 1-2 bits of entropy per word, and provides very bad -passphrases). +prose has only 1-2 bits of entropy per character, and provides very bad +passphrases), and contain a mix of upper and lowercase letters, +numbers, and non-alphanumeric characters. The passphrase can be changed later by using the .Fl p option. .Pp There is no way to recover a lost passphrase. If the passphrase is -lost or forgotten, you will have to generate a new key and copy the +lost or forgotten, a new key must be generated and copied to the corresponding public key to other machines. .Pp For RSA1 keys, @@ -142,8 +152,9 @@ above that no longer improve security but make things slower. The default is 1024 bits. .It Fl c Requests changing the comment in the private and public key files. +This operation is only supported for RSA1 keys. The program will prompt for the file containing the private keys, for -passphrase if the key has one, and for the new comment. +the passphrase if the key has one, and for the new comment. .It Fl e This option will read a private or public OpenSSH key file and print the key in a @@ -151,7 +162,7 @@ print the key in a to stdout. This option allows exporting keys for use by several commercial SSH implementations. -.It Fl f +.It Fl f Ar filename Specifies the filename of the key file. .It Fl i This option will read an unencrypted private (or public) key file @@ -163,7 +174,11 @@ also reads the This option allows importing keys from several commercial SSH implementations. .It Fl l -Show fingerprint of specified private or public key file. +Show fingerprint of specified public key file. +Private RSA1 keys are also supported. +For RSA and DSA keys +.Nm +tries to find the matching public key file and prints its fingerprint. .It Fl p Requests changing the passphrase of a private key file instead of creating a new private key. @@ -188,16 +203,20 @@ for protocol version 1 and or .Dq dsa for protocol version 2. -The default is -.Dq rsa1 . .It Fl B Show the bubblebabble digest of specified private or public key file. .It Fl C Ar comment Provides the new comment. +.It Fl D Ar reader +Download the RSA public key stored in the smartcard in +.Ar reader . .It Fl N Ar new_passphrase Provides the new passphrase. .It Fl P Ar passphrase Provides the (old) passphrase. +.It Fl U Ar reader +Upload an existing RSA private key into the smartcard in +.Ar reader . .El .Sh FILES .Bl -tag -width Ds @@ -210,14 +229,14 @@ used to encrypt the private part of this file using 3DES. This file is not automatically accessed by .Nm but it is offered as the default file for the private key. -.Xr sshd 8 +.Xr ssh 1 will read this file when a login attempt is made. .It Pa $HOME/.ssh/identity.pub Contains the protocol version 1 RSA public key for authentication. The contents of this file should be added to .Pa $HOME/.ssh/authorized_keys on all machines -where you wish to log in using RSA authentication. +where the user wishes to log in using RSA authentication. There is no need to keep the contents of this file secret. .It Pa $HOME/.ssh/id_dsa Contains the protocol version 2 DSA authentication identity of the user. @@ -228,14 +247,14 @@ used to encrypt the private part of this file using 3DES. This file is not automatically accessed by .Nm but it is offered as the default file for the private key. -.Xr sshd 8 +.Xr ssh 1 will read this file when a login attempt is made. .It Pa $HOME/.ssh/id_dsa.pub Contains the protocol version 2 DSA public key for authentication. The contents of this file should be added to -.Pa $HOME/.ssh/authorized_keys2 +.Pa $HOME/.ssh/authorized_keys on all machines -where you wish to log in using public key authentication. +where the user wishes to log in using public key authentication. There is no need to keep the contents of this file secret. .It Pa $HOME/.ssh/id_rsa Contains the protocol version 2 RSA authentication identity of the user. @@ -246,14 +265,14 @@ used to encrypt the private part of this file using 3DES. This file is not automatically accessed by .Nm but it is offered as the default file for the private key. -.Xr sshd 8 +.Xr ssh 1 will read this file when a login attempt is made. .It Pa $HOME/.ssh/id_rsa.pub Contains the protocol version 2 RSA public key for authentication. The contents of this file should be added to -.Pa $HOME/.ssh/authorized_keys2 +.Pa $HOME/.ssh/authorized_keys on all machines -where you wish to log in using public key authentication. +where the user wishes to log in using public key authentication. There is no need to keep the contents of this file secret. .El .Sh AUTHORS diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index 90d5ffa40239..961fad619bdd 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.60 2001/04/23 22:14:13 markus Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.94 2002/02/25 16:33:27 markus Exp $"); #include <openssl/evp.h> #include <openssl/pem.h> @@ -28,6 +28,12 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.60 2001/04/23 22:14:13 markus Exp $"); #include "log.h" #include "readpass.h" +#ifdef SMARTCARD +#include <sectok.h> +#include <openssl/engine.h> +#include "scard.h" +#endif + /* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ int bits = 1024; @@ -67,35 +73,38 @@ int convert_to_ssh2 = 0; int convert_from_ssh2 = 0; int print_public = 0; -/* default to RSA for SSH-1 */ -char *key_type_name = "rsa1"; +char *key_type_name = NULL; /* argv0 */ extern char *__progname; char hostname[MAXHOSTNAMELEN]; -void +static void ask_filename(struct passwd *pw, const char *prompt) { char buf[1024]; char *name = NULL; - switch (key_type_from_name(key_type_name)) { - case KEY_RSA1: - name = _PATH_SSH_CLIENT_IDENTITY; - break; - case KEY_DSA: - name = _PATH_SSH_CLIENT_ID_DSA; - break; - case KEY_RSA: + if (key_type_name == NULL) name = _PATH_SSH_CLIENT_ID_RSA; - break; - default: - fprintf(stderr, "bad key type"); - exit(1); - break; - } + else + switch (key_type_from_name(key_type_name)) { + case KEY_RSA1: + name = _PATH_SSH_CLIENT_IDENTITY; + break; + case KEY_DSA: + name = _PATH_SSH_CLIENT_ID_DSA; + break; + case KEY_RSA: + name = _PATH_SSH_CLIENT_ID_RSA; + break; + default: + fprintf(stderr, "bad key type"); + exit(1); + break; + } + snprintf(identity_file, sizeof(identity_file), "%s/%s", pw->pw_dir, name); fprintf(stderr, "%s (%s): ", prompt, identity_file); fflush(stderr); @@ -108,15 +117,19 @@ ask_filename(struct passwd *pw, const char *prompt) have_identity = 1; } -Key * -try_load_pem_key(char *filename) +static Key * +load_identity(char *filename) { char *pass; Key *prv; prv = key_load_private(filename, "", NULL); if (prv == NULL) { - pass = read_passphrase("Enter passphrase: ", 1); + if (identity_passphrase) + pass = xstrdup(identity_passphrase); + else + pass = read_passphrase("Enter passphrase: ", + RP_ALLOW_STDIN); prv = key_load_private(filename, pass, NULL); memset(pass, 0, strlen(pass)); xfree(pass); @@ -129,11 +142,11 @@ try_load_pem_key(char *filename) #define SSH_COM_PRIVATE_BEGIN "---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----" #define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb -void +static void do_convert_to_ssh2(struct passwd *pw) { Key *k; - int len; + u_int len; u_char *blob; struct stat st; @@ -144,12 +157,15 @@ do_convert_to_ssh2(struct passwd *pw) exit(1); } if ((k = key_load_public(identity_file, NULL)) == NULL) { - if ((k = try_load_pem_key(identity_file)) == NULL) { + if ((k = load_identity(identity_file)) == NULL) { fprintf(stderr, "load failed\n"); exit(1); } } - key_to_blob(k, &blob, &len); + if (key_to_blob(k, &blob, &len) <= 0) { + fprintf(stderr, "key_to_blob failed\n"); + exit(1); + } fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); fprintf(stdout, "Comment: \"%d-bit %s, converted from OpenSSH by %s@%s\"\n", @@ -162,7 +178,7 @@ do_convert_to_ssh2(struct passwd *pw) exit(0); } -void +static void buffer_get_bignum_bits(Buffer *b, BIGNUM *value) { int bits = buffer_get_int(b); @@ -171,17 +187,20 @@ buffer_get_bignum_bits(Buffer *b, BIGNUM *value) if (buffer_len(b) < bytes) fatal("buffer_get_bignum_bits: input buffer too small: " "need %d have %d", bytes, buffer_len(b)); - BN_bin2bn((u_char *)buffer_ptr(b), bytes, value); + BN_bin2bn(buffer_ptr(b), bytes, value); buffer_consume(b, bytes); } -Key * -do_convert_private_ssh2_from_blob(char *blob, int blen) +static Key * +do_convert_private_ssh2_from_blob(u_char *blob, u_int blen) { Buffer b; Key *key = NULL; - int ignore, magic, rlen, ktype; char *type, *cipher; + u_char *sig, data[] = "abcde12345"; + int magic, rlen, ktype, i1, i2, i3, i4; + u_int slen; + u_long e; buffer_init(&b); buffer_append(&b, blob, blen); @@ -192,13 +211,13 @@ do_convert_private_ssh2_from_blob(char *blob, int blen) buffer_free(&b); return NULL; } - ignore = buffer_get_int(&b); + i1 = buffer_get_int(&b); type = buffer_get_string(&b, NULL); cipher = buffer_get_string(&b, NULL); - ignore = buffer_get_int(&b); - ignore = buffer_get_int(&b); - ignore = buffer_get_int(&b); - + i2 = buffer_get_int(&b); + i3 = buffer_get_int(&b); + i4 = buffer_get_int(&b); + debug("ignore (%d %d %d %d)", i1,i2,i3,i4); if (strcmp(cipher, "none") != 0) { error("unsupported cipher %s", cipher); xfree(cipher); @@ -228,7 +247,17 @@ do_convert_private_ssh2_from_blob(char *blob, int blen) buffer_get_bignum_bits(&b, key->dsa->priv_key); break; case KEY_RSA: - if (!BN_set_word(key->rsa->e, (u_long) buffer_get_char(&b))) { + e = buffer_get_char(&b); + debug("e %lx", e); + if (e < 30) { + e <<= 8; + e += buffer_get_char(&b); + debug("e %lx", e); + e <<= 8; + e += buffer_get_char(&b); + debug("e %lx", e); + } + if (!BN_set_word(key->rsa->e, e)) { buffer_free(&b); key_free(key); return NULL; @@ -238,34 +267,29 @@ do_convert_private_ssh2_from_blob(char *blob, int blen) buffer_get_bignum_bits(&b, key->rsa->iqmp); buffer_get_bignum_bits(&b, key->rsa->q); buffer_get_bignum_bits(&b, key->rsa->p); - generate_additional_parameters(key->rsa); + rsa_generate_additional_parameters(key->rsa); break; } rlen = buffer_len(&b); - if(rlen != 0) + if (rlen != 0) error("do_convert_private_ssh2_from_blob: " "remaining bytes in key blob %d", rlen); buffer_free(&b); -#ifdef DEBUG_PK - { - u_int slen; - u_char *sig, data[10] = "abcde12345"; - key_sign(key, &sig, &slen, data, sizeof data); - key_verify(key, sig, slen, data, sizeof data); - xfree(sig); - } -#endif + /* try the key */ + key_sign(key, &sig, &slen, data, sizeof(data)); + key_verify(key, sig, slen, data, sizeof(data)); + xfree(sig); return key; } -void +static void do_convert_from_ssh2(struct passwd *pw) { Key *k; int blen; char line[1024], *p; - char blob[8096]; + u_char blob[8096]; char encoded[8096]; struct stat st; int escaped = 0, private = 0, ok; @@ -294,6 +318,9 @@ do_convert_from_ssh2(struct passwd *pw) strstr(line, ": ") != NULL) { if (strstr(line, SSH_COM_PRIVATE_BEGIN) != NULL) private = 1; + if (strstr(line, " END ") != NULL) { + break; + } /* fprintf(stderr, "ignore: %s", line); */ continue; } @@ -305,7 +332,7 @@ do_convert_from_ssh2(struct passwd *pw) *p = '\0'; strlcat(encoded, line, sizeof(encoded)); } - blen = uudecode(encoded, (u_char *)blob, sizeof(blob)); + blen = uudecode(encoded, blob, sizeof(blob)); if (blen < 0) { fprintf(stderr, "uudecode failed.\n"); exit(1); @@ -327,12 +354,13 @@ do_convert_from_ssh2(struct passwd *pw) exit(1); } key_free(k); - fprintf(stdout, "\n"); + if (!private) + fprintf(stdout, "\n"); fclose(fp); exit(0); } -void +static void do_print_public(struct passwd *pw) { Key *prv; @@ -344,7 +372,7 @@ do_print_public(struct passwd *pw) perror(identity_file); exit(1); } - prv = try_load_pem_key(identity_file); + prv = load_identity(identity_file); if (prv == NULL) { fprintf(stderr, "load failed\n"); exit(1); @@ -356,13 +384,159 @@ do_print_public(struct passwd *pw) exit(0); } -void +#ifdef SMARTCARD +#define NUM_RSA_KEY_ELEMENTS 5+1 +#define COPY_RSA_KEY(x, i) \ + do { \ + len = BN_num_bytes(prv->rsa->x); \ + elements[i] = xmalloc(len); \ + debug("#bytes %d", len); \ + if (BN_bn2bin(prv->rsa->x, elements[i]) < 0) \ + goto done; \ + } while (0) + +static int +get_AUT0(char *aut0) +{ + EVP_MD *evp_md = EVP_sha1(); + EVP_MD_CTX md; + char *pass; + + pass = read_passphrase("Enter passphrase for smartcard: ", RP_ALLOW_STDIN); + if (pass == NULL) + return -1; + EVP_DigestInit(&md, evp_md); + EVP_DigestUpdate(&md, pass, strlen(pass)); + EVP_DigestFinal(&md, aut0, NULL); + memset(pass, 0, strlen(pass)); + xfree(pass); + return 0; +} + +static void +do_upload(struct passwd *pw, const char *sc_reader_id) +{ + Key *prv = NULL; + struct stat st; + u_char *elements[NUM_RSA_KEY_ELEMENTS]; + u_char key_fid[2]; + u_char DEFAUT0[] = {0xad, 0x9f, 0x61, 0xfe, 0xfa, 0x20, 0xce, 0x63}; + u_char AUT0[EVP_MAX_MD_SIZE]; + int len, status = 1, i, fd = -1, ret; + int sw = 0, cla = 0x00; + + for (i = 0; i < NUM_RSA_KEY_ELEMENTS; i++) + elements[i] = NULL; + if (!have_identity) + ask_filename(pw, "Enter file in which the key is"); + if (stat(identity_file, &st) < 0) { + perror(identity_file); + goto done; + } + prv = load_identity(identity_file); + if (prv == NULL) { + error("load failed"); + goto done; + } + COPY_RSA_KEY(q, 0); + COPY_RSA_KEY(p, 1); + COPY_RSA_KEY(iqmp, 2); + COPY_RSA_KEY(dmq1, 3); + COPY_RSA_KEY(dmp1, 4); + COPY_RSA_KEY(n, 5); + len = BN_num_bytes(prv->rsa->n); + fd = sectok_friendly_open(sc_reader_id, STONOWAIT, &sw); + if (fd < 0) { + error("sectok_open failed: %s", sectok_get_sw(sw)); + goto done; + } + if (! sectok_cardpresent(fd)) { + error("smartcard in reader %s not present", + sc_reader_id); + goto done; + } + ret = sectok_reset(fd, 0, NULL, &sw); + if (ret <= 0) { + error("sectok_reset failed: %s", sectok_get_sw(sw)); + goto done; + } + if ((cla = cyberflex_inq_class(fd)) < 0) { + error("cyberflex_inq_class failed"); + goto done; + } + memcpy(AUT0, DEFAUT0, sizeof(DEFAUT0)); + if (cyberflex_verify_AUT0(fd, cla, AUT0, sizeof(DEFAUT0)) < 0) { + if (get_AUT0(AUT0) < 0 || + cyberflex_verify_AUT0(fd, cla, AUT0, sizeof(DEFAUT0)) < 0) { + error("cyberflex_verify_AUT0 failed"); + goto done; + } + } + key_fid[0] = 0x00; + key_fid[1] = 0x12; + if (cyberflex_load_rsa_priv(fd, cla, key_fid, 5, 8*len, elements, + &sw) < 0) { + error("cyberflex_load_rsa_priv failed: %s", sectok_get_sw(sw)); + goto done; + } + if (!sectok_swOK(sw)) + goto done; + log("cyberflex_load_rsa_priv done"); + key_fid[0] = 0x73; + key_fid[1] = 0x68; + if (cyberflex_load_rsa_pub(fd, cla, key_fid, len, elements[5], + &sw) < 0) { + error("cyberflex_load_rsa_pub failed: %s", sectok_get_sw(sw)); + goto done; + } + if (!sectok_swOK(sw)) + goto done; + log("cyberflex_load_rsa_pub done"); + status = 0; + log("loading key done"); +done: + + memset(elements[0], '\0', BN_num_bytes(prv->rsa->q)); + memset(elements[1], '\0', BN_num_bytes(prv->rsa->p)); + memset(elements[2], '\0', BN_num_bytes(prv->rsa->iqmp)); + memset(elements[3], '\0', BN_num_bytes(prv->rsa->dmq1)); + memset(elements[4], '\0', BN_num_bytes(prv->rsa->dmp1)); + memset(elements[5], '\0', BN_num_bytes(prv->rsa->n)); + + if (prv) + key_free(prv); + for (i = 0; i < NUM_RSA_KEY_ELEMENTS; i++) + if (elements[i]) + xfree(elements[i]); + if (fd != -1) + sectok_close(fd); + exit(status); +} + +static void +do_download(struct passwd *pw, const char *sc_reader_id) +{ + Key *pub = NULL; + + pub = sc_get_key(sc_reader_id); + if (pub == NULL) + fatal("cannot read public key from smartcard"); + key_write(pub, stdout); + key_free(pub); + fprintf(stdout, "\n"); + exit(0); +} +#endif /* SMARTCARD */ + +static void do_fingerprint(struct passwd *pw) { FILE *f; Key *public; char *comment = NULL, *cp, *ep, line[16*1024], *fp; - int i, skip = 0, num = 1, invalid = 1, rep, fptype; + int i, skip = 0, num = 1, invalid = 1; + enum fp_rep rep; + enum fp_type fptype; struct stat st; fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5; @@ -443,7 +617,7 @@ do_fingerprint(struct passwd *pw) fclose(f); } if (invalid) { - printf("%s is not a valid key file.\n", identity_file); + printf("%s is not a public key file.\n", identity_file); exit(1); } exit(0); @@ -453,7 +627,7 @@ do_fingerprint(struct passwd *pw) * Perform changing a passphrase. The argument is the passwd structure * for the current user. */ -void +static void do_change_passphrase(struct passwd *pw) { char *comment; @@ -473,8 +647,11 @@ do_change_passphrase(struct passwd *pw) if (identity_passphrase) old_passphrase = xstrdup(identity_passphrase); else - old_passphrase = read_passphrase("Enter old passphrase: ", 1); - private = key_load_private(identity_file, old_passphrase , &comment); + old_passphrase = + read_passphrase("Enter old passphrase: ", + RP_ALLOW_STDIN); + private = key_load_private(identity_file, old_passphrase, + &comment); memset(old_passphrase, 0, strlen(old_passphrase)); xfree(old_passphrase); if (private == NULL) { @@ -490,8 +667,10 @@ do_change_passphrase(struct passwd *pw) passphrase2 = NULL; } else { passphrase1 = - read_passphrase("Enter new passphrase (empty for no passphrase): ", 1); - passphrase2 = read_passphrase("Enter same passphrase again: ", 1); + read_passphrase("Enter new passphrase (empty for no " + "passphrase): ", RP_ALLOW_STDIN); + passphrase2 = read_passphrase("Enter same passphrase again: ", + RP_ALLOW_STDIN); /* Verify that they are the same. */ if (strcmp(passphrase1, passphrase2) != 0) { @@ -529,7 +708,7 @@ do_change_passphrase(struct passwd *pw) /* * Change the comment of a private key file. */ -void +static void do_change_comment(struct passwd *pw) { char new_comment[1024], *comment, *passphrase; @@ -552,7 +731,8 @@ do_change_comment(struct passwd *pw) else if (identity_new_passphrase) passphrase = xstrdup(identity_new_passphrase); else - passphrase = read_passphrase("Enter passphrase: ", 1); + passphrase = read_passphrase("Enter passphrase: ", + RP_ALLOW_STDIN); /* Try to load using the passphrase. */ private = key_load_private(identity_file, passphrase, &comment); if (private == NULL) { @@ -568,7 +748,7 @@ do_change_comment(struct passwd *pw) fprintf(stderr, "Comments are only supported for RSA1 keys.\n"); key_free(private); exit(1); - } + } printf("Key now has comment '%s'\n", comment); if (identity_comment) { @@ -622,11 +802,30 @@ do_change_comment(struct passwd *pw) exit(0); } -void +static void usage(void) { - printf("Usage: %s [-ceilpqyB] [-t type] [-b bits] [-f file] [-C comment] " - "[-N new-pass] [-P pass]\n", __progname); + fprintf(stderr, "Usage: %s [options]\n", __progname); + fprintf(stderr, "Options:\n"); + fprintf(stderr, " -b bits Number of bits in the key to create.\n"); + fprintf(stderr, " -c Change comment in private and public key files.\n"); + fprintf(stderr, " -e Convert OpenSSH to IETF SECSH key file.\n"); + fprintf(stderr, " -f filename Filename of the key file.\n"); + fprintf(stderr, " -i Convert IETF SECSH to OpenSSH key file.\n"); + fprintf(stderr, " -l Show fingerprint of key file.\n"); + fprintf(stderr, " -p Change passphrase of private key file.\n"); + fprintf(stderr, " -q Quiet.\n"); + fprintf(stderr, " -y Read private key file and print public key.\n"); + fprintf(stderr, " -t type Specify type of key to create.\n"); + fprintf(stderr, " -B Show bubblebabble digest of key file.\n"); + fprintf(stderr, " -C comment Provide new comment.\n"); + fprintf(stderr, " -N phrase Provide new passphrase.\n"); + fprintf(stderr, " -P phrase Provide old passphrase.\n"); +#ifdef SMARTCARD + fprintf(stderr, " -D reader Download public key from smartcard.\n"); + fprintf(stderr, " -U reader Upload private key to smartcard.\n"); +#endif /* SMARTCARD */ + exit(1); } @@ -636,11 +835,12 @@ usage(void) int main(int ac, char **av) { - char dotsshdir[16 * 1024], comment[1024], *passphrase1, *passphrase2; + char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; + char *reader_id = NULL; Key *private, *public; struct passwd *pw; - int opt, type, fd; struct stat st; + int opt, type, fd, download = 0; FILE *f; extern int optind; @@ -659,7 +859,7 @@ main(int ac, char **av) exit(1); } - while ((opt = getopt(ac, av, "deiqpclBRxXyb:f:t:P:N:C:")) != -1) { + while ((opt = getopt(ac, av, "deiqpclBRxXyb:f:t:U:D:P:N:C:")) != -1) { switch (opt) { case 'b': bits = atoi(optarg); @@ -668,73 +868,62 @@ main(int ac, char **av) exit(1); } break; - case 'l': print_fingerprint = 1; break; - case 'B': print_bubblebabble = 1; break; - case 'p': change_passphrase = 1; break; - case 'c': change_comment = 1; break; - case 'f': strlcpy(identity_file, optarg, sizeof(identity_file)); have_identity = 1; break; - case 'P': identity_passphrase = optarg; break; - case 'N': identity_new_passphrase = optarg; break; - case 'C': identity_comment = optarg; break; - case 'q': quiet = 1; break; - case 'R': /* unused */ exit(0); break; - case 'e': case 'x': /* export key */ convert_to_ssh2 = 1; break; - case 'i': case 'X': /* import key */ convert_from_ssh2 = 1; break; - case 'y': print_public = 1; break; - case 'd': key_type_name = "dsa"; break; - case 't': key_type_name = optarg; break; - + case 'D': + download = 1; + case 'U': + reader_id = optarg; + break; case '?': default: usage(); @@ -760,9 +949,23 @@ main(int ac, char **av) do_convert_from_ssh2(pw); if (print_public) do_print_public(pw); + if (reader_id != NULL) { +#ifdef SMARTCARD + if (download) + do_download(pw, reader_id); + else + do_upload(pw, reader_id); +#else /* SMARTCARD */ + fatal("no support for smartcards."); +#endif /* SMARTCARD */ + } arc4random_stir(); + if (key_type_name == NULL) { + printf("You must specify a key type (-t).\n"); + usage(); + } type = key_type_from_name(key_type_name); if (type == KEY_UNSPEC) { fprintf(stderr, "unknown key type %s\n", key_type_name); @@ -808,10 +1011,15 @@ main(int ac, char **av) else { passphrase_again: passphrase1 = - read_passphrase("Enter passphrase (empty for no passphrase): ", 1); - passphrase2 = read_passphrase("Enter same passphrase again: ", 1); + read_passphrase("Enter passphrase (empty for no " + "passphrase): ", RP_ALLOW_STDIN); + passphrase2 = read_passphrase("Enter same passphrase again: ", + RP_ALLOW_STDIN); if (strcmp(passphrase1, passphrase2) != 0) { - /* The passphrases do not match. Clear them and retry. */ + /* + * The passphrases do not match. Clear them and + * retry. + */ memset(passphrase1, 0, strlen(passphrase1)); memset(passphrase2, 0, strlen(passphrase2)); xfree(passphrase1); diff --git a/crypto/openssh/ssh-keygen/Makefile b/crypto/openssh/ssh-keygen/Makefile index b7c115169c89..d175813bc0cb 100644 --- a/crypto/openssh/ssh-keygen/Makefile +++ b/crypto/openssh/ssh-keygen/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.17 2001/03/04 00:51:26 markus Exp $ +# $OpenBSD: Makefile,v 1.21 2001/06/27 19:29:16 markus Exp $ .PATH: ${.CURDIR}/.. diff --git a/crypto/openssh/ssh-keyscan.1 b/crypto/openssh/ssh-keyscan.1 index 4db8c5f15f9d..2f33ddf2068e 100644 --- a/crypto/openssh/ssh-keyscan.1 +++ b/crypto/openssh/ssh-keyscan.1 @@ -1,11 +1,10 @@ -.\" $OpenBSD: ssh-keyscan.1,v 1.5 2001/04/18 16:21:05 ian Exp $ +.\" $OpenBSD: ssh-keyscan.1,v 1.14 2002/02/13 08:33:47 mpech Exp $ .\" .\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. .\" .\" Modification and redistribution in source and binary forms is .\" permitted provided that due credit is given to the author and the -.\" OpenBSD project (for instance by leaving this copyright notice -.\" intact). +.\" OpenBSD project by leaving this copyright notice intact. .\" .Dd January 1, 1996 .Dt SSH-KEYSCAN 1 @@ -15,9 +14,13 @@ .Nd gather ssh public keys .Sh SYNOPSIS .Nm ssh-keyscan -.Op Fl t Ar timeout -.Op Ar -- | host | addrlist namelist -.Op Fl f Ar files ... +.Op Fl v46 +.Op Fl p Ar port +.Op Fl T Ar timeout +.Op Fl t Ar type +.Op Fl f Ar file +.Op Ar host | addrlist namelist +.Op Ar ... .Sh DESCRIPTION .Nm is a utility for gathering the public ssh host keys of a number of @@ -32,46 +35,76 @@ scripts. uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient. The keys from a domain of 1,000 hosts can be collected in tens of seconds, even when some of those -hosts are down or do not run ssh. You do not need login access to the -machines you are scanning, nor does the scanning process involve -any encryption. -.Sh SECURITY -If you make an ssh_known_hosts file using -.Nm -without verifying the keys, you will be vulnerable to -.I man in the middle -attacks. -On the other hand, if your security model allows such a risk, -.Nm -can help you detect tampered keyfiles or man in the middle attacks which -have begun after you created your ssh_known_hosts file. -.Sh OPTIONS +hosts are down or do not run ssh. For scanning, one does not need +login access to the machines that are being scanned, nor does the +scanning process involve any encryption. +.Pp +The options are as follows: .Bl -tag -width Ds -.It Fl t -Set the timeout for connection attempts. If +.It Fl p Ar port +Port to connect to on the remote host. +.It Fl T Ar timeout +Set the timeout for connection attempts. If .Pa timeout seconds have elapsed since a connection was initiated to a host or since the last time anything was read from that host, then the connection is closed and the host in question considered unavailable. Default is 5 seconds. -.It Fl f -Read hosts or +.It Fl t Ar type +Specifies the type of the key to fetch from the scanned hosts. +The possible values are +.Dq rsa1 +for protocol version 1 and +.Dq rsa +or +.Dq dsa +for protocol version 2. +Multiple values may be specified by separating them with commas. +The default is +.Dq rsa1 . +.It Fl f Ar filename +Read hosts or .Pa addrlist namelist pairs from this file, one per line. If .Pa - is supplied instead of a filename, .Nm -will read hosts or +will read hosts or .Pa addrlist namelist pairs from the standard input. +.It Fl v +Verbose mode. +Causes +.Nm +to print debugging messages about its progress. +.It Fl 4 +Forces +.Nm +to use IPv4 addresses only. +.It Fl 6 +Forces +.Nm +to use IPv6 addresses only. .El +.Sh SECURITY +If a ssh_known_hosts file is constructed using +.Nm +without verifying the keys, users will be vulnerable to +.I man in the middle +attacks. +On the other hand, if the security model allows such a risk, +.Nm +can help in the detection of tampered keyfiles or man in the middle +attacks which have begun after the ssh_known_hosts file was created. .Sh EXAMPLES .Pp -Print the host key for machine +Print the +.Pa rsa1 +host key for machine .Pa hostname : .Bd -literal -ssh-keyscan hostname +$ ssh-keyscan hostname .Ed .Pp Find all hosts from the file @@ -79,26 +112,43 @@ Find all hosts from the file which have new or different keys from those in the sorted file .Pa ssh_known_hosts : .Bd -literal -$ ssh-keyscan -f ssh_hosts | sort -u - ssh_known_hosts | \e\ - diff ssh_known_hosts - +$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e\ + sort -u - ssh_known_hosts | diff ssh_known_hosts - .Ed -.Pp .Sh FILES -.Pp .Pa Input format: +.Bd -literal 1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4 +.Ed .Pp -.Pa Output format: +.Pa Output format for rsa1 keys: +.Bd -literal host-or-namelist bits exponent modulus +.Ed +.Pp +.Pa Output format for rsa and dsa keys: +.Bd -literal +host-or-namelist keytype base64-encoded-key +.Ed +.Pp +Where +.Pa keytype +is either +.Dq ssh-rsa +or +.Dq ssh-dsa . .Pp -.Pa /etc/ssh_known_hosts +.Pa /etc/ssh/ssh_known_hosts .Sh BUGS It generates "Connection closed by remote host" messages on the consoles -of all the machines it scans. +of all the machines it scans if the server is older than version 2.9. This is because it opens a connection to the ssh port, reads the public key, and drops the connection as soon as it gets the key. .Sh SEE ALSO .Xr ssh 1 , .Xr sshd 8 -.Sh AUTHOR +.Sh AUTHORS David Mazieres <dm@lcs.mit.edu> +wrote the initial version, and +Wayne Davison <wayned@users.sourceforge.net> +added support for protocol version 2. diff --git a/crypto/openssh/ssh-keyscan.c b/crypto/openssh/ssh-keyscan.c index dba2d838e579..5fc53307c3e7 100644 --- a/crypto/openssh/ssh-keyscan.c +++ b/crypto/openssh/ssh-keyscan.c @@ -3,30 +3,44 @@ * * Modification and redistribution in source and binary forms is * permitted provided that due credit is given to the author and the - * OpenBSD project (for instance by leaving this copyright notice - * intact). + * OpenBSD project by leaving this copyright notice intact. */ #include "includes.h" -RCSID("$OpenBSD: ssh-keyscan.c,v 1.22 2001/03/06 06:11:18 deraadt Exp $"); +RCSID("$OpenBSD: ssh-keyscan.c,v 1.35 2002/03/04 18:30:23 stevesk Exp $"); #include <sys/queue.h> #include <errno.h> #include <openssl/bn.h> +#include <setjmp.h> #include "xmalloc.h" #include "ssh.h" #include "ssh1.h" #include "key.h" +#include "kex.h" +#include "compat.h" +#include "myproposal.h" +#include "packet.h" +#include "dispatch.h" #include "buffer.h" #include "bufaux.h" #include "log.h" #include "atomicio.h" +#include "misc.h" -static int argno = 1; /* Number of argument currently being parsed */ +/* Flag indicating whether IPv4 or IPv6. This can be set on the command line. + Default value is AF_UNSPEC means both IPv4 and IPv6. */ +int IPv4or6 = AF_UNSPEC; -int family = AF_UNSPEC; /* IPv4, IPv6 or both */ +int ssh_port = SSH_DEFAULT_PORT; + +#define KT_RSA1 1 +#define KT_DSA 2 +#define KT_RSA 4 + +int get_keytypes = KT_RSA1; /* Get only RSA1 keys by default */ #define MAXMAXFD 256 @@ -40,6 +54,9 @@ extern char *__progname; fd_set *read_wait; size_t read_wait_size; int ncon; +int nonfatal_fatal = 0; +jmp_buf kexjmp; +Key *kexjmp_key; /* * Keep a connection structure for each file descriptor. The state @@ -55,11 +72,13 @@ typedef struct Connection { int c_plen; /* Packet length field for ssh packet */ int c_len; /* Total bytes which must be read. */ int c_off; /* Length of data read so far. */ + int c_keytype; /* Only one of KT_RSA1, KT_DSA, or KT_RSA */ char *c_namebase; /* Address to free for c_name and c_namelist */ char *c_name; /* Hostname of connection for errors */ char *c_namelist; /* Pointer to other possible addresses */ char *c_output_name; /* Hostname of connection for output */ char *c_data; /* Data read from this fd */ + Kex *c_kex; /* The key-exchange struct for ssh2 */ struct timeval c_tv; /* Time at which connection gets aborted */ TAILQ_ENTRY(Connection) c_link; /* List of connections in timeout order. */ } con; @@ -83,7 +102,7 @@ typedef struct { void (*errfun) (const char *,...); } Linebuf; -Linebuf * +static Linebuf * Linebuf_alloc(const char *filename, void (*errfun) (const char *,...)) { Linebuf *lb; @@ -117,7 +136,7 @@ Linebuf_alloc(const char *filename, void (*errfun) (const char *,...)) return (lb); } -void +static void Linebuf_free(Linebuf * lb) { fclose(lb->stream); @@ -125,7 +144,8 @@ Linebuf_free(Linebuf * lb) xfree(lb); } -void +#if 0 +static void Linebuf_restart(Linebuf * lb) { clearerr(lb->stream); @@ -133,13 +153,14 @@ Linebuf_restart(Linebuf * lb) lb->lineno = 0; } -int +static int Linebuf_lineno(Linebuf * lb) { return (lb->lineno); } +#endif -char * +static char * Linebuf_getline(Linebuf * lb) { int n = 0; @@ -176,7 +197,7 @@ Linebuf_getline(Linebuf * lb) } } -int +static int fdlim_get(int hard) { struct rlimit rlfd; @@ -189,7 +210,7 @@ fdlim_get(int hard) return hard ? rlfd.rlim_max : rlfd.rlim_cur; } -int +static int fdlim_set(int lim) { struct rlimit rlfd; @@ -208,7 +229,7 @@ fdlim_set(int lim) * separators. This is the same as the 4.4BSD strsep, but different from the * one in the GNU libc. */ -char * +static char * xstrsep(char **str, const char *delim) { char *s, *e; @@ -230,7 +251,7 @@ xstrsep(char **str, const char *delim) * Get the next non-null token (like GNU strsep). Strsep() will return a * null token for two adjacent separators, so we may have to loop. */ -char * +static char * strnnsep(char **stringp, char *delim) { char *tok; @@ -241,8 +262,8 @@ strnnsep(char **stringp, char *delim) return (tok); } -void -keyprint(char *host, char *output_name, char *kd, int len) +static Key * +keygrab_ssh1(con *c) { static Key *rsa; static Buffer msg; @@ -251,12 +272,12 @@ keyprint(char *host, char *output_name, char *kd, int len) buffer_init(&msg); rsa = key_new(KEY_RSA1); } - buffer_append(&msg, kd, len); - buffer_consume(&msg, 8 - (len & 7)); /* padding */ + buffer_append(&msg, c->c_data, c->c_plen); + buffer_consume(&msg, 8 - (c->c_plen & 7)); /* padding */ if (buffer_get_char(&msg) != (int) SSH_SMSG_PUBLIC_KEY) { - error("%s: invalid packet type", host); + error("%s: invalid packet type", c->c_name); buffer_clear(&msg); - return; + return NULL; } buffer_consume(&msg, 8); /* cookie */ @@ -269,23 +290,82 @@ keyprint(char *host, char *output_name, char *kd, int len) (void) buffer_get_int(&msg); buffer_get_bignum(&msg, rsa->rsa->e); buffer_get_bignum(&msg, rsa->rsa->n); + buffer_clear(&msg); - fprintf(stdout, "%s ", output_name ? output_name : host); - key_write(rsa, stdout); + return (rsa); +} + +static int +hostjump(Key *hostkey) +{ + kexjmp_key = hostkey; + longjmp(kexjmp, 1); +} + +static int +ssh2_capable(int remote_major, int remote_minor) +{ + switch (remote_major) { + case 1: + if (remote_minor == 99) + return 1; + break; + case 2: + return 1; + default: + break; + } + return 0; +} + +static Key * +keygrab_ssh2(con *c) +{ + int j; + + packet_set_connection(c->c_fd, c->c_fd); + enable_compat20(); + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = c->c_keytype == KT_DSA? + "ssh-dss": "ssh-rsa"; + c->c_kex = kex_setup(myproposal); + c->c_kex->verify_host_key = hostjump; + + if (!(j = setjmp(kexjmp))) { + nonfatal_fatal = 1; + dispatch_run(DISPATCH_BLOCK, &c->c_kex->done, c->c_kex); + fprintf(stderr, "Impossible! dispatch_run() returned!\n"); + exit(1); + } + nonfatal_fatal = 0; + xfree(c->c_kex); + c->c_kex = NULL; + packet_close(); + + return j < 0? NULL : kexjmp_key; +} + +static void +keyprint(con *c, Key *key) +{ + if (!key) + return; + + fprintf(stdout, "%s ", c->c_output_name ? c->c_output_name : c->c_name); + key_write(key, stdout); fputs("\n", stdout); } -int +static int tcpconnect(char *host) { struct addrinfo hints, *ai, *aitop; char strport[NI_MAXSERV]; int gaierr, s = -1; - snprintf(strport, sizeof strport, "%d", SSH_DEFAULT_PORT); + snprintf(strport, sizeof strport, "%d", ssh_port); memset(&hints, 0, sizeof(hints)); - hints.ai_family = family; + hints.ai_family = IPv4or6; hints.ai_socktype = SOCK_STREAM; if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) fatal("getaddrinfo %s: %s", host, gai_strerror(gaierr)); @@ -309,8 +389,8 @@ tcpconnect(char *host) return s; } -int -conalloc(char *iname, char *oname) +static int +conalloc(char *iname, char *oname, int keytype) { int s; char *namebase, *name, *namelist; @@ -339,6 +419,7 @@ conalloc(char *iname, char *oname) fdcon[s].c_data = (char *) &fdcon[s].c_plen; fdcon[s].c_len = 4; fdcon[s].c_off = 0; + fdcon[s].c_keytype = keytype; gettimeofday(&fdcon[s].c_tv, NULL); fdcon[s].c_tv.tv_sec += timeout; TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link); @@ -347,7 +428,7 @@ conalloc(char *iname, char *oname) return (s); } -void +static void confree(int s) { if (s >= maxfd || fdcon[s].c_status == CS_UNUSED) @@ -358,12 +439,13 @@ confree(int s) if (fdcon[s].c_status == CS_KEYS) xfree(fdcon[s].c_data); fdcon[s].c_status = CS_UNUSED; + fdcon[s].c_keytype = 0; TAILQ_REMOVE(&tq, &fdcon[s], c_link); FD_CLR(s, read_wait); ncon--; } -void +static void contouch(int s) { TAILQ_REMOVE(&tq, &fdcon[s], c_link); @@ -372,58 +454,85 @@ contouch(int s) TAILQ_INSERT_TAIL(&tq, &fdcon[s], c_link); } -int +static int conrecycle(int s) { int ret; con *c = &fdcon[s]; - char *iname, *oname; - iname = xstrdup(c->c_namelist); - oname = xstrdup(c->c_output_name); + ret = conalloc(c->c_namelist, c->c_output_name, c->c_keytype); confree(s); - ret = conalloc(iname, oname); - xfree(iname); - xfree(oname); return (ret); } -void +static void congreet(int s) { - char buf[80], *cp; + char buf[256], *cp; + char remote_version[sizeof buf]; size_t bufsiz; - int n = 0; + int remote_major, remote_minor, n = 0; con *c = &fdcon[s]; bufsiz = sizeof(buf); cp = buf; - while (bufsiz-- && (n = read(s, cp, 1)) == 1 && *cp != '\n' && *cp != '\r') + while (bufsiz-- && (n = read(s, cp, 1)) == 1 && *cp != '\n') { + if (*cp == '\r') + *cp = '\n'; cp++; + } if (n < 0) { if (errno != ECONNREFUSED) error("read (%s): %s", c->c_name, strerror(errno)); conrecycle(s); return; } + if (n == 0) { + error("%s: Connection closed by remote host", c->c_name); + conrecycle(s); + return; + } if (*cp != '\n' && *cp != '\r') { error("%s: bad greeting", c->c_name); confree(s); return; } *cp = '\0'; - fprintf(stderr, "# %s %s\n", c->c_name, buf); - n = snprintf(buf, sizeof buf, "SSH-1.5-OpenSSH-keyscan\r\n"); + if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", + &remote_major, &remote_minor, remote_version) == 3) + compat_datafellows(remote_version); + else + datafellows = 0; + if (c->c_keytype != KT_RSA1) { + if (!ssh2_capable(remote_major, remote_minor)) { + debug("%s doesn't support ssh2", c->c_name); + confree(s); + return; + } + } else if (remote_major != 1) { + debug("%s doesn't support ssh1", c->c_name); + confree(s); + return; + } + fprintf(stderr, "# %s %s\n", c->c_name, chop(buf)); + n = snprintf(buf, sizeof buf, "SSH-%d.%d-OpenSSH-keyscan\r\n", + c->c_keytype == KT_RSA1? PROTOCOL_MAJOR_1 : PROTOCOL_MAJOR_2, + c->c_keytype == KT_RSA1? PROTOCOL_MINOR_1 : PROTOCOL_MINOR_2); if (atomicio(write, s, buf, n) != n) { error("write (%s): %s", c->c_name, strerror(errno)); confree(s); return; } + if (c->c_keytype != KT_RSA1) { + keyprint(c, keygrab_ssh2(c)); + confree(s); + return; + } c->c_status = CS_SIZE; contouch(s); } -void +static void conread(int s) { int n; @@ -451,7 +560,7 @@ conread(int s) c->c_status = CS_KEYS; break; case CS_KEYS: - keyprint(c->c_name, c->c_output_name, c->c_data, c->c_plen); + keyprint(c, keygrab_ssh1(c)); confree(s); return; break; @@ -463,7 +572,7 @@ conread(int s) contouch(s); } -void +static void conloop(void) { fd_set *r, *e; @@ -515,81 +624,133 @@ conloop(void) } } -char * -nexthost(int argc, char **argv) +static void +do_host(char *host) { - static Linebuf *lb; + char *name = strnnsep(&host, " \t\n"); + int j; - for (;;) { - if (!lb) { - if (argno >= argc) - return (NULL); - if (argv[argno][0] != '-') - return (argv[argno++]); - if (!strcmp(argv[argno], "--")) { - if (++argno >= argc) - return (NULL); - return (argv[argno++]); - } else if (!strncmp(argv[argno], "-f", 2)) { - char *fname; - - if (argv[argno][2]) - fname = &argv[argno++][2]; - else if (++argno >= argc) { - error("missing filename for `-f'"); - return (NULL); - } else - fname = argv[argno++]; - if (!strcmp(fname, "-")) - fname = NULL; - lb = Linebuf_alloc(fname, error); - } else - error("ignoring invalid/misplaced option `%s'", - argv[argno++]); - } else { - char *line; - - line = Linebuf_getline(lb); - if (line) - return (line); - Linebuf_free(lb); - lb = NULL; + if (name == NULL) + return; + for (j = KT_RSA1; j <= KT_RSA; j *= 2) { + if (get_keytypes & j) { + while (ncon >= MAXCON) + conloop(); + conalloc(name, *host ? host : name, j); } } } void +fatal(const char *fmt,...) +{ + va_list args; + va_start(args, fmt); + do_log(SYSLOG_LEVEL_FATAL, fmt, args); + va_end(args); + if (nonfatal_fatal) + longjmp(kexjmp, -1); + else + fatal_cleanup(); +} + +static void usage(void) { - fatal("usage: %s [-t timeout] { [--] host | -f file } ...", __progname); - return; + fprintf(stderr, "Usage: %s [options] host ...\n", + __progname); + fprintf(stderr, "Options:\n"); + fprintf(stderr, " -f file Read hosts or addresses from file.\n"); + fprintf(stderr, " -p port Connect to the specified port.\n"); + fprintf(stderr, " -t keytype Specify the host key type.\n"); + fprintf(stderr, " -T timeout Set connection timeout.\n"); + fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); + fprintf(stderr, " -4 Use IPv4 only.\n"); + fprintf(stderr, " -6 Use IPv6 only.\n"); + exit(1); } int main(int argc, char **argv) { - char *host = NULL; + int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO; + int opt, fopt_count = 0; + char *tname; + + extern int optind; + extern char *optarg; TAILQ_INIT(&tq); - if (argc <= argno) + if (argc <= 1) usage(); - if (argv[1][0] == '-' && argv[1][1] == 't') { - argno++; - if (argv[1][2]) - timeout = atoi(&argv[1][2]); - else { - if (argno >= argc) + while ((opt = getopt(argc, argv, "v46p:T:t:f:")) != -1) { + switch (opt) { + case 'p': + ssh_port = a2port(optarg); + if (ssh_port == 0) { + fprintf(stderr, "Bad port '%s'\n", optarg); + exit(1); + } + break; + case 'T': + timeout = atoi(optarg); + if (timeout <= 0) usage(); - timeout = atoi(argv[argno++]); - } - if (timeout <= 0) + break; + case 'v': + if (!debug_flag) { + debug_flag = 1; + log_level = SYSLOG_LEVEL_DEBUG1; + } + else if (log_level < SYSLOG_LEVEL_DEBUG3) + log_level++; + else + fatal("Too high debugging level."); + break; + case 'f': + if (strcmp(optarg, "-") == 0) + optarg = NULL; + argv[fopt_count++] = optarg; + break; + case 't': + get_keytypes = 0; + tname = strtok(optarg, ","); + while (tname) { + int type = key_type_from_name(tname); + switch (type) { + case KEY_RSA1: + get_keytypes |= KT_RSA1; + break; + case KEY_DSA: + get_keytypes |= KT_DSA; + break; + case KEY_RSA: + get_keytypes |= KT_RSA; + break; + case KEY_UNSPEC: + fatal("unknown key type %s", tname); + } + tname = strtok(NULL, ","); + } + break; + case '4': + IPv4or6 = AF_INET; + break; + case '6': + IPv4or6 = AF_INET6; + break; + case '?': + default: usage(); + } } - if (argc <= argno) + if (optind == argc && !fopt_count) usage(); + log_init("ssh-keyscan", log_level, SYSLOG_FACILITY_USER, 1); + maxfd = fdlim_get(1); if (maxfd < 0) fatal("%s: fdlim_get: bad value", __progname); @@ -606,18 +767,24 @@ main(int argc, char **argv) read_wait = xmalloc(read_wait_size); memset(read_wait, 0, read_wait_size); - do { - while (ncon < MAXCON) { - char *name; - - host = nexthost(argc, argv); - if (host == NULL) - break; - name = strnnsep(&host, " \t\n"); - conalloc(name, *host ? host : name); + if (fopt_count) { + Linebuf *lb; + char *line; + int j; + + for (j = 0; j < fopt_count; j++) { + lb = Linebuf_alloc(argv[j], error); + if (!lb) + continue; + while ((line = Linebuf_getline(lb)) != NULL) + do_host(line); + Linebuf_free(lb); } - conloop(); - } while (host); + } + + while (optind < argc) + do_host(argv[optind++]); + while (ncon > 0) conloop(); diff --git a/crypto/openssh/ssh-keyscan/Makefile b/crypto/openssh/ssh-keyscan/Makefile index 6748ed7cc5e1..2ea5c23934c4 100644 --- a/crypto/openssh/ssh-keyscan/Makefile +++ b/crypto/openssh/ssh-keyscan/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.3 2001/03/03 23:59:39 markus Exp $ +# $OpenBSD: Makefile,v 1.4 2001/08/05 23:18:20 markus Exp $ .PATH: ${.CURDIR}/.. @@ -14,5 +14,5 @@ SRCS= ssh-keyscan.c .include <bsd.prog.mk> -LDADD+= -lcrypto -DPADD+= ${LIBCRYPTO} +LDADD+= -lcrypto -lz +DPADD+= ${LIBCRYPTO} ${LIBZ} diff --git a/crypto/openssh/ssh-rsa.c b/crypto/openssh/ssh-rsa.c index b502ddb6e0dc..8e79d4e1d310 100644 --- a/crypto/openssh/ssh-rsa.c +++ b/crypto/openssh/ssh-rsa.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $"); +RCSID("$OpenBSD: ssh-rsa.c,v 1.16 2002/02/24 19:14:59 markus Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -40,12 +40,12 @@ RCSID("$OpenBSD: ssh-rsa.c,v 1.8 2001/03/27 10:57:00 markus Exp $"); int ssh_rsa_sign( Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen) + u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) { const EVP_MD *evp_md; EVP_MD_CTX md; - u_char *digest, *sig, *ret; + u_char digest[EVP_MAX_MD_SIZE], *sig, *ret; u_int slen, dlen, len; int ok, nid; Buffer b; @@ -54,23 +54,24 @@ ssh_rsa_sign( error("ssh_rsa_sign: no RSA key"); return -1; } + if (datafellows & SSH_BUG_SIGBLOB) { + error("ssh_rsa_sign: SSH_BUG_SIGBLOB not supported"); + return -1; + } nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { error("ssh_rsa_sign: EVP_get_digestbynid %d failed", nid); return -1; } - dlen = evp_md->md_size; - digest = xmalloc(dlen); EVP_DigestInit(&md, evp_md); EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, NULL); + EVP_DigestFinal(&md, digest, &dlen); slen = RSA_size(key->rsa); sig = xmalloc(slen); ok = RSA_sign(nid, digest, dlen, sig, &len, key->rsa); - memset(digest, 'd', dlen); - xfree(digest); + memset(digest, 'd', sizeof(digest)); if (ok != 1) { int ecode = ERR_get_error(); @@ -103,21 +104,20 @@ ssh_rsa_sign( *lenp = len; if (sigp != NULL) *sigp = ret; - debug2("ssh_rsa_sign: done"); return 0; } int ssh_rsa_verify( Key *key, - u_char *signature, int signaturelen, - u_char *data, int datalen) + u_char *signature, u_int signaturelen, + u_char *data, u_int datalen) { Buffer b; const EVP_MD *evp_md; EVP_MD_CTX md; char *ktype; - u_char *sigblob, *digest; + u_char digest[EVP_MAX_MD_SIZE], *sigblob; u_int len, dlen; int rlen, ret, nid; @@ -125,13 +125,17 @@ ssh_rsa_verify( error("ssh_rsa_verify: no RSA key"); return -1; } + if (datafellows & SSH_BUG_SIGBLOB) { + error("ssh_rsa_verify: SSH_BUG_SIGBLOB not supported"); + return -1; + } if (BN_num_bits(key->rsa->n) < 768) { error("ssh_rsa_verify: n too small: %d bits", BN_num_bits(key->rsa->n)); return -1; } buffer_init(&b); - buffer_append(&b, (char *) signature, signaturelen); + buffer_append(&b, signature, signaturelen); ktype = buffer_get_string(&b, NULL); if (strcmp("ssh-rsa", ktype) != 0) { error("ssh_rsa_verify: cannot handle type %s", ktype); @@ -140,29 +144,26 @@ ssh_rsa_verify( return -1; } xfree(ktype); - sigblob = (u_char *)buffer_get_string(&b, &len); + sigblob = buffer_get_string(&b, &len); rlen = buffer_len(&b); buffer_free(&b); - if(rlen != 0) { - xfree(sigblob); + if (rlen != 0) { error("ssh_rsa_verify: remaining bytes in signature %d", rlen); + xfree(sigblob); return -1; } nid = (datafellows & SSH_BUG_RSASIGMD5) ? NID_md5 : NID_sha1; if ((evp_md = EVP_get_digestbynid(nid)) == NULL) { - xfree(sigblob); error("ssh_rsa_verify: EVP_get_digestbynid %d failed", nid); + xfree(sigblob); return -1; } - dlen = evp_md->md_size; - digest = xmalloc(dlen); EVP_DigestInit(&md, evp_md); EVP_DigestUpdate(&md, data, datalen); - EVP_DigestFinal(&md, digest, NULL); + EVP_DigestFinal(&md, digest, &dlen); ret = RSA_verify(nid, digest, dlen, sigblob, len, key->rsa); - memset(digest, 'd', dlen); - xfree(digest); + memset(digest, 'd', sizeof(digest)); memset(sigblob, 's', len); xfree(sigblob); if (ret == 0) { diff --git a/crypto/openssh/ssh-rsa.h b/crypto/openssh/ssh-rsa.h index af2b2fe281b6..7177a3f92113 100644 --- a/crypto/openssh/ssh-rsa.h +++ b/crypto/openssh/ssh-rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.h,v 1.3 2001/01/29 01:58:18 niklas Exp $ */ +/* $OpenBSD: ssh-rsa.h,v 1.6 2002/02/24 19:14:59 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,16 +26,7 @@ #ifndef SSH_RSA_H #define SSH_RSA_H -int -ssh_rsa_sign( - Key *key, - u_char **sigp, int *lenp, - u_char *data, int datalen); - -int -ssh_rsa_verify( - Key *key, - u_char *signature, int signaturelen, - u_char *data, int datalen); +int ssh_rsa_sign(Key *, u_char **, u_int *, u_char *, u_int); +int ssh_rsa_verify(Key *, u_char *, u_int, u_char *, u_int); #endif diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index 0d26197b693a..43b75dc23edd 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.107 2001/04/22 23:58:36 markus Exp $ +.\" $OpenBSD: ssh.1,v 1.148 2002/02/18 17:55:20 markus Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -44,11 +44,12 @@ .Sh SYNOPSIS .Nm ssh .Op Fl l Ar login_name -.Op Ar hostname | user@hostname +.Ar hostname | user@hostname .Op Ar command .Pp .Nm ssh .Op Fl afgknqstvxACNPTX1246 +.Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Op Fl e Ar escape_char .Op Fl i Ar identity_file @@ -56,6 +57,7 @@ .Op Fl m Ar mac_spec .Op Fl o Ar option .Op Fl p Ar port +.Op Fl F Ar configfile .Oo Fl L Xo .Sm off .Ar port : @@ -72,7 +74,8 @@ .Sm on .Xc .Oc -.Op Ar hostname | user@hostname +.Op Fl D Ar port +.Ar hostname | user@hostname .Op Ar command .Sh DESCRIPTION .Nm @@ -123,7 +126,7 @@ or .Pa /etc/shosts.equiv , and if additionally the server can verify the client's host key (see -.Pa /etc/ssh_known_hosts +.Pa /etc/ssh/ssh_known_hosts and .Pa $HOME/.ssh/known_hosts in the @@ -204,16 +207,14 @@ the password cannot be seen by someone listening on the network. .Pp .Ss SSH protocol version 2 .Pp -When a user connects using the protocol version 2 -different authentication methods are available. +When a user connects using protocol version 2 +similar authentication methods are available. Using the default values for .Cm PreferredAuthentications , -the client will try to authenticate first using the public key method; -if this method fails password authentication is attempted, -and finally if this method fails keyboard-interactive authentication -is attempted. -If this method fails password authentication is -tried. +the client will try to authenticate first using the hostbased method; +if this method fails public key authentication is attempted, +and finally if this method fails keyboard-interactive and +password authentication are tried. .Pp The public key method is similar to RSA authentication described in the previous section and allows the RSA or DSA algorithm to be used: @@ -223,7 +224,7 @@ or .Pa $HOME/.ssh/id_rsa , to sign the session identifier and sends the result to the server. The server checks whether the matching public key is listed in -.Pa $HOME/.ssh/authorized_keys2 +.Pa $HOME/.ssh/authorized_keys and grants access if both the key is found and the signature is correct. The session identifier is derived from a shared Diffie-Hellman value and is only known to the client and the server. @@ -268,16 +269,16 @@ of .Ss Escape Characters .Pp When a pseudo terminal has been requested, ssh supports a number of functions -through the use of an escape character. +through the use of an escape character. .Pp A single tilde character can be sent as .Ic ~~ -(or by following the tilde by a character other than those described above). +or by following the tilde by a character other than those described below. The escape character must always follow a newline to be interpreted as special. The escape character can be changed in configuration files using the .Cm EscapeChar -configuration directive or on the command line by the +configuration directive or on the command line by the .Fl e option. .Pp @@ -293,7 +294,7 @@ Background ssh List forwarded connections .It Cm ~& Background ssh at logout when waiting for forwarded connection / X11 sessions -to terminate (protocol version 1 only) +to terminate .It Cm ~? Display a list of escape characters .It Cm ~R @@ -303,7 +304,16 @@ and if the peer supports it) .Pp .Ss X11 and TCP forwarding .Pp -If the user is using X11 (the +If the +.Cm ForwardX11 +variable is set to +.Dq yes +(or, see the description of the +.Fl X +and +.Fl x +options described later) +and the user is using X11 (the .Ev DISPLAY environment variable is set), the connection to the X11 display is automatically forwarded to the remote side in such a way that any X11 @@ -339,10 +349,10 @@ sent to the server machine (and no cookies are sent in the plain). .Pp If the user is using an authentication agent, the connection to the agent is automatically forwarded to the remote side unless disabled on -command line or in a configuration file. +the command line or in a configuration file. .Pp Forwarding of arbitrary TCP/IP connections over the secure channel can -be specified either on command line or in a configuration file. +be specified either on the command line or in a configuration file. One possible application of TCP/IP forwarding is a secure connection to an electronic purse; another is going through firewalls. .Pp @@ -351,17 +361,12 @@ electronic purse; another is going through firewalls. .Nm automatically maintains and checks a database containing identifications for all hosts it has ever been used with. -RSA host keys are stored in +Host keys are stored in .Pa $HOME/.ssh/known_hosts -and -host keys used in the protocol version 2 are stored in -.Pa $HOME/.ssh/known_hosts2 in the user's home directory. -Additionally, the files -.Pa /etc/ssh_known_hosts -and -.Pa /etc/ssh_known_hosts2 -are automatically checked for known hosts. +Additionally, the file +.Pa /etc/ssh/ssh_known_hosts +is automatically checked for known hosts. Any new hosts are automatically added to the user's file. If a host's identification ever changes, @@ -383,20 +388,27 @@ Disables forwarding of the authentication agent connection. .It Fl A Enables forwarding of the authentication agent connection. This can also be specified on a per-host basis in a configuration file. -.It Fl c Ar blowfish|3des +.It Fl b Ar bind_address +Specify the interface to transmit from on machines with multiple +interfaces or aliased addresses. +.It Fl c Ar blowfish|3des|des Selects the cipher to use for encrypting the session. .Ar 3des is used by default. It is believed to be secure. .Ar 3des (triple-des) is an encrypt-decrypt-encrypt triple with three different keys. -It is presumably more secure than the -.Ar des -cipher which is no longer fully supported in -.Nm ssh . .Ar blowfish is a fast block cipher, it appears very secure and is much faster than .Ar 3des . +.Ar des +is only supported in the +.Nm +client for interoperability with legacy protocol 1 implementations +that do not support the +.Ar 3des +cipher. Its use is strongly discouraged due to cryptographic +weaknesses. .It Fl c Ar cipher_spec Additionally, for protocol version 2 a comma-separated list of ciphers can be specified in order of preference. @@ -431,17 +443,27 @@ something like .It Fl g Allows remote hosts to connect to local forwarded ports. .It Fl i Ar identity_file -Selects the file from which the identity (private key) for +Selects a file from which the identity (private key) for RSA or DSA authentication is read. -Default is +The default is .Pa $HOME/.ssh/identity -in the user's home directory. +for protocol version 1, and +.Pa $HOME/.ssh/id_rsa +and +.Pa $HOME/.ssh/id_dsa +for protocol version 2. Identity files may also be specified on a per-host basis in the configuration file. It is possible to have multiple .Fl i options (and multiple identities specified in configuration files). +.It Fl I Ar smartcard_device +Specifies which smartcard device to use. The argument is +the device +.Nm +should use to communicate with a smartcard used for storing the user's +private RSA key. .It Fl k Disables forwarding of Kerberos tickets and AFS tokens. This may also be specified on a per-host basis in the configuration file. @@ -477,20 +499,19 @@ needs to ask for a password or passphrase; see also the option.) .It Fl N Do not execute a remote command. -This is useful if you just want to forward ports +This is useful for just forwarding ports (protocol version 2 only). .It Fl o Ar option -Can be used to give options in the format used in the config file. +Can be used to give options in the format used in the configuration file. This is useful for specifying options for which there is no separate command-line flag. -The option has the same format as a line in the configuration file. .It Fl p Ar port Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file. .It Fl P Use a non-privileged port for outgoing connections. -This can be used if your firewall does +This can be used if a firewall does not permit connections from privileged ports. Note that this option turns off .Cm RhostsAuthentication @@ -500,10 +521,9 @@ for older servers. .It Fl q Quiet mode. Causes all warning and diagnostic messages to be suppressed. -Only fatal errors are displayed. .It Fl s -May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use -of SSH as a secure transport for other application (eg. sftp). The +May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use +of SSH as a secure transport for other applications (eg. sftp). The subsystem is specified as the remote command. .It Fl t Force pseudo-tty allocation. @@ -547,8 +567,16 @@ Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks. The default value can be set on a host-by-host basis in the configuration files; see the -.Cm Compress +.Cm Compression option below. +.It Fl F Ar configfile +Specifies an alternative per-user configuration file. +If a configuration file is given on the command line, +the system-wide configuration file +.Pq Pa /etc/ssh/ssh_config +will be ignored. +The default for the per-user configuration file is +.Pa $HOME/.ssh/config . .It Fl L Ar port:host:hostport Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. @@ -582,6 +610,20 @@ Privileged ports can be forwarded only when logging in as root on the remote machine. IPv6 addresses can be specified with an alternative syntax: .Ar port/host/hostport +.It Fl D Ar port +Specifies a local +.Dq dynamic +application-level port forwarding. +This works by allocating a socket to listen to +.Ar port +on the local side, and whenever a connection is made to this port, the +connection is forwarded over the secure channel, and the application +protocol is then used to determine where to connect to from the +remote machine. Currently the SOCKS4 protocol is supported, and +.Nm +will act as a SOCKS4 server. +Only root can forward privileged ports. +Dynamic port forwardings can also be specified in the configuration file. .It Fl 1 Forces .Nm @@ -601,11 +643,12 @@ to use IPv6 addresses only. .El .Sh CONFIGURATION FILES .Nm -obtains configuration data from the following sources (in this order): +obtains configuration data from the following sources in +the following order: command line options, user's configuration file .Pq Pa $HOME/.ssh/config , and system-wide configuration file -.Pq Pa /etc/ssh_config . +.Pq Pa /etc/ssh/ssh_config . For each parameter, the first obtained value will be used. The configuration files contain sections bracketed by @@ -626,9 +669,21 @@ are comments. .Pp Otherwise a line is of the format .Dq keyword arguments . +Configuration options may be separated by whitespace or +optional whitespace and exactly one +.Ql = ; +the latter format is useful to avoid the need to quote whitespace +when specifying configuration options using the +.Nm ssh , +.Nm scp +and +.Nm sftp +.Fl o +option. +.Pp The possible -keywords and their meanings are as follows (note that the -configuration files are case-sensitive): +keywords and their meanings are as follows (note that +keywords are case-insensitive and arguments are case-sensitive): .Bl -tag -width Ds .It Cm Host Restricts the following declarations (up to the next @@ -659,14 +714,21 @@ This option applies to protocol version 1 only. If set to .Dq yes , passphrase/password querying will be disabled. -This option is useful in scripts and other batch jobs where you have no -user to supply the password. +This option is useful in scripts and other batch jobs where no user +is present to supply the password. The argument must be .Dq yes or .Dq no . The default is .Dq no . +.It Cm BindAddress +Specify the interface to transmit from on machines with multiple +interfaces or aliased addresses. +Note that this option does not work if +.Cm UsePrivilegedPort +is set to +.Dq yes . .It Cm CheckHostIP If this flag is set to .Dq yes , @@ -683,10 +745,19 @@ The default is Specifies the cipher to use for encrypting the session in protocol version 1. Currently, -.Dq blowfish +.Dq blowfish , +.Dq 3des , and -.Dq 3des +.Dq des are supported. +.Ar des +is only supported in the +.Nm +client for interoperability with legacy protocol 1 implementations +that do not support the +.Ar 3des +cipher. Its use is strongly discouraged due to cryptographic +weaknesses. The default is .Dq 3des . .It Cm Ciphers @@ -699,6 +770,22 @@ The default is ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc'' .Ed +.It Cm ClearAllForwardings +Specifies that all local, remote and dynamic port forwardings +specified in the configuration files or on the command line be +cleared. This option is primarily useful when used from the +.Nm +command line to clear port forwardings set in +configuration files, and is automatically set by +.Xr scp 1 +and +.Xr sftp 1 . +The argument must be +.Dq yes +or +.Dq no . +The default is +.Dq no . .It Cm Compression Specifies whether to use compression. The argument must be @@ -719,7 +806,18 @@ Specifies the number of tries (one per second) to make before falling back to rsh or exiting. The argument must be an integer. This may be useful in scripts if the connection sometimes fails. -The default is 4. +The default is 1. +.It Cm DynamicForward +Specifies that a TCP/IP port on the local machine be forwarded +over the secure channel, and the application +protocol is then used to determine where to connect to from the +remote machine. The argument must be a port number. +Currently the SOCKS4 protocol is supported, and +.Nm +will act as a SOCKS4 server. +Multiple forwardings may be specified, and +additional forwardings can be given on the command line. Only +the superuser can forward privileged ports. .It Cm EscapeChar Sets the escape character (default: .Ql ~ ) . @@ -770,6 +868,15 @@ The default is .It Cm GatewayPorts Specifies whether remote hosts are allowed to connect to local forwarded ports. +By default, +.Nm +binds local port forwardings to the loopback addresss. This +prevents other remote hosts from connecting to forwarded ports. +.Cm GatewayPorts +can be used to specify that +.Nm +should bind local port forwardings to the wildcard address, +thus allowing remote hosts to connect to forwarded ports. The argument must be .Dq yes or @@ -777,13 +884,9 @@ or The default is .Dq no . .It Cm GlobalKnownHostsFile -Specifies a file to use for the protocol version 1 global +Specifies a file to use for the global host key database instead of -.Pa /etc/ssh_known_hosts . -.It Cm GlobalKnownHostsFile2 -Specifies a file to use for the protocol version 2 global -host key database instead of -.Pa /etc/ssh_known_hosts2 . +.Pa /etc/ssh/ssh_known_hosts . .It Cm HostbasedAuthentication Specifies whether to try rhosts based authentication with public key authentication. @@ -792,21 +895,21 @@ The argument must be or .Dq no . The default is -.Dq yes . +.Dq no . This option applies to protocol version 2 only and is similar to .Cm RhostsRSAAuthentication . .It Cm HostKeyAlgorithms -Specfies the protocol version 2 host key algorithms +Specifies the protocol version 2 host key algorithms that the client wants to use in order of preference. The default for this option is: -.Dq ssh-rsa,ssh-dss +.Dq ssh-rsa,ssh-dss . .It Cm HostKeyAlias Specifies an alias that should be used instead of the real host name when looking up or saving the host key in the host key database files. This option is useful for tunneling ssh connections -or if you have multiple servers running on a single host. +or for multiple servers running on a single host. .It Cm HostName Specifies the real host name to log into. This can be used to specify nicknames or abbreviations for hosts. @@ -815,10 +918,14 @@ Numeric IP addresses are also permitted (both on the command line and in .Cm HostName specifications). .It Cm IdentityFile -Specifies the file from which the user's RSA or DSA authentication identity -is read (default +Specifies a file from which the user's RSA or DSA authentication identity +is read. The default is .Pa $HOME/.ssh/identity -in the user's home directory). +for protocol version 1, and +.Pa $HOME/.ssh/id_rsa +and +.Pa $HOME/.ssh/id_dsa +for protocol version 2. Additionally, any identities represented by the authentication agent will be used for authentication. The file name may use the tilde @@ -827,7 +934,7 @@ It is possible to have multiple identity files specified in configuration files; all these identities will be tried in sequence. .It Cm KeepAlive -Specifies whether the system should send keepalive messages to the +Specifies whether the system should send TCP keepalive messages to the other side. If they are sent, death of the connection or crash of one of the machines will be properly noticed. @@ -842,8 +949,7 @@ if the network goes down or the remote host dies. This is important in scripts, and many users want it too. .Pp To disable keepalives, the value should be set to -.Dq no -in both the server and the client configuration files. +.Dq no . .It Cm KerberosAuthentication Specifies whether Kerberos authentication will be used. The argument to this keyword must be @@ -859,9 +965,11 @@ or .Dq no . .It Cm LocalForward Specifies that a TCP/IP port on the local machine be forwarded over -the secure channel to given host:port from the remote machine. +the secure channel to the specified host and port from the remote machine. The first argument must be a port number, and the second must be -host:port. +.Ar host:port . +IPv6 addresses can be specified with an alternative syntax: +.Ar host/port . Multiple forwardings may be specified, and additional forwardings can be given on the command line. Only the superuser can forward privileged ports. @@ -869,20 +977,27 @@ Only the superuser can forward privileged ports. Gives the verbosity level that is used when logging messages from .Nm ssh . The possible values are: -QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG. -The default is INFO. +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. +The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 +and DEBUG3 each specify higher levels of verbose output. .It Cm MACs -Specifies the MAC (message authentication code) algorithms +Specifies the MAC (message authentication code) algorithms in order of preference. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. The default is -.Pp -.Bd -literal - ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com, - hmac-sha1-96,hmac-md5-96'' -.Ed +.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 . +.It Cm NoHostAuthenticationForLocalhost +This option can be used if the home directory is shared across machines. +In this case localhost will refer to a different machine on each of +the machines and the user will get many warnings about changed host keys. +However, this option disables host authentication for localhost. +The argument to this keyword must be +.Dq yes +or +.Dq no . +The default is to check the host key for localhost. .It Cm NumberOfPasswordPrompts Specifies the number of password prompts before giving up. The argument to this keyword must be an integer. @@ -899,13 +1014,13 @@ The default is Specifies the port number to connect on the remote host. Default is 22. .It Cm PreferredAuthentications -Specifies the order in which the client should try protocol 2 -authentication methods. This allows a client to prefer one method (e.g. +Specifies the order in which the client should try protocol 2 +authentication methods. This allows a client to prefer one method (e.g. .Cm keyboard-interactive ) over another method (e.g. .Cm password ) The default for this option is: -.Dq publickey, password, keyboard-interactive +.Dq hostbased,publickey,keyboard-interactive,password . .It Cm Protocol Specifies the protocol versions .Nm @@ -957,9 +1072,11 @@ The default is This option applies to protocol version 2 only. .It Cm RemoteForward Specifies that a TCP/IP port on the remote machine be forwarded over -the secure channel to given host:port from the local machine. +the secure channel to the specified host and port from the local machine. The first argument must be a port number, and the second must be -host:port. +.Ar host:port . +IPv6 addresses can be specified with an alternative syntax: +.Ar host/port . Multiple forwardings may be specified, and additional forwardings can be given on the command line. Only the superuser can forward privileged ports. @@ -972,8 +1089,8 @@ Disabling rhosts authentication may reduce authentication time on slow connections when rhosts authentication is not used. Most servers do not permit RhostsAuthentication because it -is not secure (see -.Cm RhostsRSAAuthentication ). +is not secure (see +.Cm RhostsRSAAuthentication ) . The argument to this keyword must be .Dq yes or @@ -1005,31 +1122,31 @@ The default is Note that this option applies to protocol version 1 only. .It Cm ChallengeResponseAuthentication Specifies whether to use challenge response authentication. -Currently there is only support for -.Xr skey 1 -authentication. The argument to this keyword must be .Dq yes or .Dq no . The default is -.Dq no . +.Dq yes . +.It Cm SmartcardDevice +Specifies which smartcard device to use. The argument to this keyword is +the device +.Nm +should use to communicate with a smartcard used for storing the user's +private RSA key. By default, no device is specified and smartcard support +is not activated. .It Cm StrictHostKeyChecking If this flag is set to .Dq yes , .Nm will never automatically add host keys to the .Pa $HOME/.ssh/known_hosts -and -.Pa $HOME/.ssh/known_hosts2 -files, and refuses to connect to hosts whose host key has changed. -This provides maximum protection against trojan horse attacks. -However, it can be somewhat annoying if you don't have good -.Pa /etc/ssh_known_hosts -and -.Pa /etc/ssh_known_hosts2 -files installed and frequently -connect to new hosts. +file, and refuses to connect to hosts whose host key has changed. +This provides maximum protection against trojan horse attacks, +however, can be annoying when the +.Pa /etc/ssh/ssh_known_hosts +file is poorly maintained, or connections to new hosts are +frequently made. This option forces the user to manually add all new hosts. If this flag is set to @@ -1061,26 +1178,22 @@ or .Dq no . The default is .Dq no . -Note that you need to set this option to +Note that this option must be set to .Dq yes -if you want to use +if .Cm RhostsAuthentication and .Cm RhostsRSAAuthentication -with older servers. +authentications are needed with older servers. .It Cm User Specifies the user to log in as. -This can be useful if you have a different user name on different machines. +This can be useful when a different user name is used on different machines. This saves the trouble of having to remember to give the user name on the command line. .It Cm UserKnownHostsFile -Specifies a file to use for the protocol version 1 user +Specifies a file to use for the user host key database instead of .Pa $HOME/.ssh/known_hosts . -.It Cm UserKnownHostsFile2 -Specifies a file to use for the protocol version 2 user -host key database instead of -.Pa $HOME/.ssh/known_hosts2 . .It Cm UseRsh Specifies that rlogin/rsh should be used for this host. It is possible that the host does not at all support the @@ -1133,14 +1246,37 @@ Synonym for .Ev USER ; set for compatibility with systems that use this variable. .It Ev MAIL -Set to point the user's mailbox. +Set to the path of the user's mailbox. .It Ev PATH Set to the default .Ev PATH , as specified when compiling .Nm ssh . +.It Ev SSH_ASKPASS +If +.Nm +needs a passphrase, it will read the passphrase from the current +terminal if it was run from a terminal. +If +.Nm +does not have a terminal associated with it but +.Ev DISPLAY +and +.Ev SSH_ASKPASS +are set, it will execute the program specified by +.Ev SSH_ASKPASS +and open an X11 window to read the passphrase. +This is particularly useful when calling +.Nm +from a +.Pa .Xsession +or related script. +(Note that on some machines it +may be necessary to redirect the input from +.Pa /dev/null +to make this work.) .It Ev SSH_AUTH_SOCK -indicates the path of a unix-domain socket used to communicate with the +Identifies the path of a unix-domain socket used to communicate with the agent. .It Ev SSH_CLIENT Identifies the client end of the connection. @@ -1173,13 +1309,10 @@ and adds lines of the format to the environment. .Sh FILES .Bl -tag -width Ds -.It Pa $HOME/.ssh/known_hosts, $HOME/.ssh/known_hosts2 -Records host keys for all hosts the user has logged into (that are not +.It Pa $HOME/.ssh/known_hosts +Records host keys for all hosts the user has logged into that are not in -.Pa /etc/ssh_known_hosts -for protocol version 1 or -.Pa /etc/ssh_known_hosts2 -for protocol version 2). +.Pa /etc/ssh/ssh_known_hosts . See .Xr sshd 8 . .It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa @@ -1202,15 +1335,15 @@ The contents of the file should be added to .Pa $HOME/.ssh/authorized_keys on all machines -where you wish to log in using protocol version 1 RSA authentication. +where the user wishes to log in using protocol version 1 RSA authentication. The contents of the .Pa $HOME/.ssh/id_dsa.pub and .Pa $HOME/.ssh/id_rsa.pub file should be added to -.Pa $HOME/.ssh/authorized_keys2 +.Pa $HOME/.ssh/authorized_keys on all machines -where you wish to log in using protocol version 2 DSA/RSA authentication. +where the user wishes to log in using protocol version 2 DSA/RSA authentication. These files are not sensitive and can (but need not) be readable by anyone. These files are @@ -1226,34 +1359,23 @@ This file does not usually contain any sensitive information, but the recommended permissions are read/write for the user, and not accessible by others. .It Pa $HOME/.ssh/authorized_keys -Lists the RSA keys that can be used for logging in as this user. +Lists the public keys (RSA/DSA) that can be used for logging in as this user. The format of this file is described in the .Xr sshd 8 manual page. In the simplest form the format is the same as the .pub -identity files (that is, each line contains the number of bits in -modulus, public exponent, modulus, and comment fields, separated by -spaces). -This file is not highly sensitive, but the recommended -permissions are read/write for the user, and not accessible by others. -.It Pa $HOME/.ssh/authorized_keys2 -Lists the public keys (RSA/DSA) that can be used for logging in as this user. +identity files. This file is not highly sensitive, but the recommended permissions are read/write for the user, and not accessible by others. -.It Pa /etc/ssh_known_hosts, /etc/ssh_known_hosts2 +.It Pa /etc/ssh/ssh_known_hosts Systemwide list of known host keys. -.Pa /etc/ssh_known_hosts -contains RSA and -.Pa /etc/ssh_known_hosts2 -contains RSA or DSA keys for protocol version 2. -These files should be prepared by the +This file should be prepared by the system administrator to contain the public host keys of all machines in the organization. This file should be world-readable. This file contains public keys, one per line, in the following format (fields separated -by spaces): system name, number of bits in modulus, public exponent, -modulus, and optional comment field. +by spaces): system name, public key and optional comment field. When different names are used for the same machine, all such names should be listed, separated by commas. @@ -1268,12 +1390,21 @@ to verify the client host when logging in; other names are needed because does not convert the user-supplied name to a canonical name before checking the key, because someone with access to the name servers would then be able to fool host authentication. -.It Pa /etc/ssh_config +.It Pa /etc/ssh/ssh_config Systemwide configuration file. This file provides defaults for those values that are not specified in the user's configuration file, and for those users who do not have a configuration file. This file must be world-readable. +.It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key +These three files contain the private parts of the host keys +and are used for +.Cm RhostsRSAAuthentication +and +.Cm HostbasedAuthentication . +Since they are readable only by root +.Nm +must be setuid root if these authentication methods are desired. .It Pa $HOME/.rhosts This file is used in .Pa \&.rhosts @@ -1299,9 +1430,9 @@ Note that by default .Xr sshd 8 will be installed so that it requires successful RSA host authentication before permitting \s+2.\s0rhosts authentication. -If your server machine does not have the client's host key in -.Pa /etc/ssh_known_hosts , -you can store it in +If the server machine does not have the client's host key in +.Pa /etc/ssh/ssh_known_hosts , +it can be stored in .Pa $HOME/.ssh/known_hosts . The easiest way to do this is to connect back to the client from the server machine using ssh; this @@ -1337,7 +1468,7 @@ This file is processed exactly as This file may be useful to permit logins using .Nm but not using rsh/rlogin. -.It Pa /etc/sshrc +.It Pa /etc/ssh/sshrc Commands in this file are executed by .Nm when the user logs in just before the user's shell (or command) is started. @@ -1357,6 +1488,10 @@ Contains additional definitions for environment variables, see section .Sx ENVIRONMENT above. .El +.Sh DIAGNOSTICS +.Nm +exits with the exit status of the remote command or with 255 +if an error occurred. .Sh AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. @@ -1383,7 +1518,7 @@ protocol versions 1.5 and 2.0. .%A T. Rinne .%A S. Lehtinen .%T "SSH Protocol Architecture" -.%N draft-ietf-secsh-architecture-07.txt -.%D January 2001 +.%N draft-ietf-secsh-architecture-09.txt +.%D July 2001 .%O work in progress material .Re diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index b9a56c938bce..44af61f4d4ee 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.116 2001/04/17 12:55:04 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.164 2002/02/14 23:28:00 markus Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -69,6 +69,11 @@ RCSID("$OpenBSD: ssh.c,v 1.116 2001/04/17 12:55:04 markus Exp $"); #include "mac.h" #include "sshtty.h" +#ifdef SMARTCARD +#include <openssl/engine.h> +#include "scard.h" +#endif + extern char *__progname; /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. @@ -105,6 +110,9 @@ int fork_after_authentication_flag = 0; */ Options options; +/* optional user configfile */ +char *config = NULL; + /* * Name of the host we are connecting to. This is the name given on the * command line, or the HostName specified for the user-supplied name in a @@ -115,14 +123,6 @@ char *host; /* socket address the host resolves to */ struct sockaddr_storage hostaddr; -/* - * Flag to indicate that we have received a window change signal which has - * not yet been processed. This will cause a message indicating the new - * window size to be sent to the server a little later. This is volatile - * because this is updated in a signal handler. - */ -volatile int received_window_change_signal = 0; - /* Private host keys. */ struct { Key **keys; @@ -140,22 +140,27 @@ int subsystem_flag = 0; /* Prints a help message to the user. This function never returns. */ -void +static void usage(void) { fprintf(stderr, "Usage: %s [options] host [command]\n", __progname); fprintf(stderr, "Options:\n"); fprintf(stderr, " -l user Log in using this user name.\n"); fprintf(stderr, " -n Redirect input from " _PATH_DEVNULL ".\n"); + fprintf(stderr, " -F config Config file (default: ~/%s).\n", + _PATH_SSH_USER_CONFFILE); fprintf(stderr, " -A Enable authentication agent forwarding.\n"); - fprintf(stderr, " -a Disable authentication agent forwarding.\n"); + fprintf(stderr, " -a Disable authentication agent forwarding (default).\n"); #ifdef AFS fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n"); #endif /* AFS */ fprintf(stderr, " -X Enable X11 connection forwarding.\n"); - fprintf(stderr, " -x Disable X11 connection forwarding.\n"); + fprintf(stderr, " -x Disable X11 connection forwarding (default).\n"); fprintf(stderr, " -i file Identity for public key authentication " "(default: ~/.ssh/identity)\n"); +#ifdef SMARTCARD + fprintf(stderr, " -I reader Set smartcard reader.\n"); +#endif fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n"); fprintf(stderr, " -T Do not allocate a tty.\n"); fprintf(stderr, " -v Verbose; display verbose debugging messages.\n"); @@ -166,14 +171,14 @@ usage(void) fprintf(stderr, " -f Fork into background after authentication.\n"); fprintf(stderr, " -e char Set escape character; ``none'' = disable (default: ~).\n"); - fprintf(stderr, " -c cipher Select encryption algorithm: " - "``3des'', ``blowfish''\n"); + fprintf(stderr, " -c cipher Select encryption algorithm\n"); fprintf(stderr, " -m macs Specify MAC algorithms for protocol version 2.\n"); fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n"); fprintf(stderr, " -L listen-port:host:port Forward local port to remote address\n"); fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n"); fprintf(stderr, " These cause %s to listen for connections on a port, and\n", __progname); fprintf(stderr, " forward them to the other side by connecting to host:port.\n"); + fprintf(stderr, " -D port Enable dynamic application-level port forwarding.\n"); fprintf(stderr, " -C Enable compression.\n"); fprintf(stderr, " -N Do not execute a shell or command.\n"); fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n"); @@ -183,6 +188,7 @@ usage(void) fprintf(stderr, " -6 Use IPv6 only.\n"); fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n"); fprintf(stderr, " -s Invoke command (mandatory) as SSH2 subsystem.\n"); + fprintf(stderr, " -b addr Local IP address.\n"); exit(1); } @@ -190,7 +196,7 @@ usage(void) * Connects to the given host using rsh (or prints an error message and exits * if rsh is not available). This function never returns. */ -void +static void rsh_connect(char *host, char *user, Buffer * command) { char *args[10]; @@ -224,9 +230,9 @@ rsh_connect(char *host, char *user, Buffer * command) exit(1); } -int ssh_session(void); -int ssh_session2(void); -void load_public_identity_files(void); +static int ssh_session(void); +static int ssh_session2(void); +static void load_public_identity_files(void); /* * Main program for the ssh client. @@ -234,13 +240,16 @@ void load_public_identity_files(void); int main(int ac, char **av) { - int i, opt, optind, exit_status, ok; + int i, opt, exit_status, cerr; u_short fwd_port, fwd_host_port; - char *optarg, *cp, buf[256]; + char sfwd_port[6], sfwd_host_port[6]; + char *p, *cp, buf[256]; struct stat st; struct passwd *pw; int dummy; uid_t original_effective_uid; + extern int optind, optreset; + extern char *optarg; /* * Save the original real uid. It will be needed later (uid-swapping @@ -288,35 +297,9 @@ main(int ac, char **av) /* Parse command-line arguments. */ host = NULL; - for (optind = 1; optind < ac; optind++) { - if (av[optind][0] != '-') { - if (host) - break; - if ((cp = strchr(av[optind], '@'))) { - if(cp == av[optind]) - usage(); - options.user = av[optind]; - *cp = '\0'; - host = ++cp; - } else - host = av[optind]; - continue; - } - opt = av[optind][1]; - if (!opt) - usage(); - if (strchr("eilcmpLRDo", opt)) { /* options with arguments */ - optarg = av[optind] + 2; - if (strcmp(optarg, "") == 0) { - if (optind >= ac - 1) - usage(); - optarg = av[++optind]; - } - } else { - if (av[optind][2]) - usage(); - optarg = NULL; - } +again: + while ((opt = getopt(ac, av, + "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:NPR:TVX")) != -1) { switch (opt) { case '1': options.protocol = SSH_PROTO_1; @@ -363,14 +346,23 @@ main(int ac, char **av) #endif case 'i': if (stat(optarg, &st) < 0) { - fprintf(stderr, "Warning: Identity file %s does not exist.\n", - optarg); + fprintf(stderr, "Warning: Identity file %s " + "does not exist.\n", optarg); break; } - if (options.num_identity_files >= SSH_MAX_IDENTITY_FILES) - fatal("Too many identity files specified (max %d)", - SSH_MAX_IDENTITY_FILES); - options.identity_files[options.num_identity_files++] = xstrdup(optarg); + if (options.num_identity_files >= + SSH_MAX_IDENTITY_FILES) + fatal("Too many identity files specified " + "(max %d)", SSH_MAX_IDENTITY_FILES); + options.identity_files[options.num_identity_files++] = + xstrdup(optarg); + break; + case 'I': +#ifdef SMARTCARD + options.smartcard_device = xstrdup(optarg); +#else + fprintf(stderr, "no support for smartcards.\n"); +#endif break; case 't': if (tty_flag) @@ -384,9 +376,8 @@ main(int ac, char **av) } else if (options.log_level < SYSLOG_LEVEL_DEBUG3) { options.log_level++; break; - } else { + } else fatal("Too high debugging level."); - } /* fallthrough */ case 'V': fprintf(stderr, @@ -403,14 +394,16 @@ main(int ac, char **av) break; case 'e': if (optarg[0] == '^' && optarg[2] == 0 && - (u_char) optarg[1] >= 64 && (u_char) optarg[1] < 128) + (u_char) optarg[1] >= 64 && + (u_char) optarg[1] < 128) options.escape_char = (u_char) optarg[1] & 31; else if (strlen(optarg) == 1) options.escape_char = (u_char) optarg[0]; else if (strcmp(optarg, "none") == 0) - options.escape_char = -2; + options.escape_char = SSH_ESCAPECHAR_NONE; else { - fprintf(stderr, "Bad escape character '%s'.\n", optarg); + fprintf(stderr, "Bad escape character '%s'.\n", + optarg); exit(1); } break; @@ -423,23 +416,25 @@ main(int ac, char **av) /* SSH1 only */ options.cipher = cipher_number(optarg); if (options.cipher == -1) { - fprintf(stderr, "Unknown cipher type '%s'\n", optarg); + fprintf(stderr, + "Unknown cipher type '%s'\n", + optarg); exit(1); } - if (options.cipher == SSH_CIPHER_3DES) { + if (options.cipher == SSH_CIPHER_3DES) options.ciphers = "3des-cbc"; - } else if (options.cipher == SSH_CIPHER_BLOWFISH) { + else if (options.cipher == SSH_CIPHER_BLOWFISH) options.ciphers = "blowfish-cbc"; - } else { + else options.ciphers = (char *)-1; - } } break; case 'm': if (mac_valid(optarg)) options.macs = xstrdup(optarg); else { - fprintf(stderr, "Unknown mac type '%s'\n", optarg); + fprintf(stderr, "Unknown mac type '%s'\n", + optarg); exit(1); } break; @@ -453,33 +448,38 @@ main(int ac, char **av) case 'l': options.user = optarg; break; + + case 'L': case 'R': - if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf, - &fwd_host_port) != 3 && - sscanf(optarg, "%hu:%255[^:]:%hu", &fwd_port, buf, - &fwd_host_port) != 3) { - fprintf(stderr, "Bad forwarding specification '%s'.\n", optarg); + if (sscanf(optarg, "%5[0-9]:%255[^:]:%5[0-9]", + sfwd_port, buf, sfwd_host_port) != 3 && + sscanf(optarg, "%5[0-9]/%255[^/]/%5[0-9]", + sfwd_port, buf, sfwd_host_port) != 3) { + fprintf(stderr, + "Bad forwarding specification '%s'\n", + optarg); usage(); /* NOTREACHED */ } - add_remote_forward(&options, fwd_port, buf, fwd_host_port); - break; - case 'L': - if (sscanf(optarg, "%hu/%255[^/]/%hu", &fwd_port, buf, - &fwd_host_port) != 3 && - sscanf(optarg, "%hu:%255[^:]:%hu", &fwd_port, buf, - &fwd_host_port) != 3) { - fprintf(stderr, "Bad forwarding specification '%s'.\n", optarg); - usage(); - /* NOTREACHED */ + if ((fwd_port = a2port(sfwd_port)) == 0 || + (fwd_host_port = a2port(sfwd_host_port)) == 0) { + fprintf(stderr, + "Bad forwarding port(s) '%s'\n", optarg); + exit(1); } - add_local_forward(&options, fwd_port, buf, fwd_host_port); + if (opt == 'L') + add_local_forward(&options, fwd_port, buf, + fwd_host_port); + else if (opt == 'R') + add_remote_forward(&options, fwd_port, buf, + fwd_host_port); break; case 'D': fwd_port = a2port(optarg); if (fwd_port == 0) { - fprintf(stderr, "Bad dynamic port '%s'\n", optarg); + fprintf(stderr, "Bad dynamic port '%s'\n", + optarg); exit(1); } add_local_forward(&options, fwd_port, "socks4", 0); @@ -497,24 +497,53 @@ main(int ac, char **av) break; case 'o': dummy = 1; - if (process_config_line(&options, host ? host : "", optarg, - "command-line", 0, &dummy) != 0) + if (process_config_line(&options, host ? host : "", + optarg, "command-line", 0, &dummy) != 0) exit(1); break; case 's': subsystem_flag = 1; break; + case 'b': + options.bind_address = optarg; + break; + case 'F': + config = optarg; + break; default: usage(); } } + ac -= optind; + av += optind; + + if (ac > 0 && !host && **av != '-') { + if (strchr(*av, '@')) { + p = xstrdup(*av); + cp = strchr(p, '@'); + if (cp == NULL || cp == p) + usage(); + options.user = p; + *cp = '\0'; + host = ++cp; + } else + host = *av; + ac--, av++; + if (ac > 0) { + optind = 0; + optreset = 1; + goto again; + } + } + /* Check that we got a host name. */ if (!host) usage(); SSLeay_add_all_algorithms(); ERR_load_crypto_strings(); + channel_set_af(IPv4or6); /* Initialize the command to execute on remote host. */ buffer_init(&command); @@ -524,18 +553,18 @@ main(int ac, char **av) * is no limit on the length of the command, except by the maximum * packet size. Also sets the tty flag if there is no command. */ - if (optind == ac) { + if (!ac) { /* No command specified - execute shell on a tty. */ tty_flag = 1; if (subsystem_flag) { - fprintf(stderr, "You must specify a subsystem to invoke.\n"); + fprintf(stderr, + "You must specify a subsystem to invoke.\n"); usage(); } } else { - /* A command has been specified. Store it into the - buffer. */ - for (i = optind; i < ac; i++) { - if (i > optind) + /* A command has been specified. Store it into the buffer. */ + for (i = 0; i < ac; i++) { + if (i) buffer_append(&command, " ", 1); buffer_append(&command, av[i], strlen(av[i])); } @@ -566,12 +595,22 @@ main(int ac, char **av) log_init(av[0], options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level, SYSLOG_FACILITY_USER, 1); - /* Read per-user configuration file. */ - snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); - read_config_file(buf, host, &options); - - /* Read systemwide configuration file. */ - read_config_file(_PATH_HOST_CONFIG_FILE, host, &options); + /* + * Read per-user configuration file. Ignore the system wide config + * file if the user specifies a config file on the command line. + */ + if (config != NULL) { + if (!read_config_file(config, host, &options)) + fatal("Can't open user config file %.100s: " + "%.100s", config, strerror(errno)); + } else { + snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, + _PATH_SSH_USER_CONFFILE); + (void)read_config_file(buf, host, &options); + + /* Read systemwide configuration file after use config. */ + (void)read_config_file(_PATH_HOST_CONFIG_FILE, host, &options); + } /* Fill configuration defaults. */ fill_default_options(&options); @@ -614,7 +653,7 @@ main(int ac, char **av) /* Open a connection to the remote host. */ - ok = ssh_connect(host, &hostaddr, options.port, + cerr = ssh_connect(host, &hostaddr, options.port, IPv4or6, options.connection_attempts, original_effective_uid != 0 || !options.use_privileged_port, pw, options.proxy_command); @@ -627,7 +666,7 @@ main(int ac, char **av) */ sensitive_data.nkeys = 0; sensitive_data.keys = NULL; - if (ok && (options.rhosts_rsa_authentication || + if (!cerr && (options.rhosts_rsa_authentication || options.hostbased_authentication)) { sensitive_data.nkeys = 3; sensitive_data.keys = xmalloc(sensitive_data.nkeys*sizeof(Key)); @@ -659,26 +698,25 @@ main(int ac, char **av) * Now that we are back to our own permissions, create ~/.ssh * directory if it doesn\'t already exist. */ - snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, _PATH_SSH_USER_DIR); + snprintf(buf, sizeof buf, "%.100s%s%.100s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); if (stat(buf, &st) < 0) if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); /* Check if the connection failed, and try "rsh" if appropriate. */ - if (!ok) { + if (cerr) { + if (!options.fallback_to_rsh) + exit(1); if (options.port != 0) - log("Secure connection to %.100s on port %hu refused%.100s.", - host, options.port, - options.fallback_to_rsh ? "; reverting to insecure method" : ""); + log("Secure connection to %.100s on port %hu refused; " + "reverting to insecure method", + host, options.port); else - log("Secure connection to %.100s refused%.100s.", host, - options.fallback_to_rsh ? "; reverting to insecure method" : ""); + log("Secure connection to %.100s refused; " + "reverting to insecure method.", host); - if (options.fallback_to_rsh) { - rsh_connect(host, options.user, &command); - fatal("rsh_connect returned"); - } - exit(1); + rsh_connect(host, options.user, &command); + fatal("rsh_connect returned"); } /* load options.identity_files */ load_public_identity_files(); @@ -694,6 +732,8 @@ main(int ac, char **av) options.user_hostfile2 = tilde_expand_filename(options.user_hostfile2, original_real_uid); + signal(SIGPIPE, SIG_IGN); /* ignore SIGPIPE early */ + /* Log into the remote system. This never returns if the login fails. */ ssh_login(sensitive_data.keys, sensitive_data.nkeys, host, (struct sockaddr *)&hostaddr, pw); @@ -710,26 +750,53 @@ main(int ac, char **av) } xfree(sensitive_data.keys); } + for (i = 0; i < options.num_identity_files; i++) { + if (options.identity_files[i]) { + xfree(options.identity_files[i]); + options.identity_files[i] = NULL; + } + if (options.identity_keys[i]) { + key_free(options.identity_keys[i]); + options.identity_keys[i] = NULL; + } + } exit_status = compat20 ? ssh_session2() : ssh_session(); packet_close(); return exit_status; } -void -x11_get_proto(char *proto, int proto_len, char *data, int data_len) +static void +x11_get_proto(char **_proto, char **_data) { char line[512]; + static char proto[512], data[512]; FILE *f; int got_data = 0, i; + char *display; - if (options.xauth_location) { + *_proto = proto; + *_data = data; + proto[0] = data[0] = '\0'; + if (options.xauth_location && (display = getenv("DISPLAY"))) { /* Try to get Xauthority information for the display. */ - snprintf(line, sizeof line, "%.100s list %.200s 2>" _PATH_DEVNULL, - options.xauth_location, getenv("DISPLAY")); + if (strncmp(display, "localhost:", 10) == 0) + /* + * Handle FamilyLocal case where $DISPLAY does + * not match an authorization entry. For this we + * just try "xauth list unix:displaynum.screennum". + * XXX: "localhost" match to determine FamilyLocal + * is not perfect. + */ + snprintf(line, sizeof line, "%.100s list unix:%s 2>" + _PATH_DEVNULL, options.xauth_location, display+10); + else + snprintf(line, sizeof line, "%.100s list %.200s 2>" + _PATH_DEVNULL, options.xauth_location, display); + debug2("x11_get_proto %s", line); f = popen(line, "r"); if (f && fgets(line, sizeof(line), f) && - sscanf(line, "%*s %s %s", proto, data) == 2) + sscanf(line, "%*s %511s %511s", proto, data) == 2) got_data = 1; if (f) pclose(f); @@ -745,17 +812,17 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len) if (!got_data) { u_int32_t rand = 0; - strlcpy(proto, "MIT-MAGIC-COOKIE-1", proto_len); + strlcpy(proto, "MIT-MAGIC-COOKIE-1", sizeof proto); for (i = 0; i < 16; i++) { if (i % 4 == 0) rand = arc4random(); - snprintf(data + 2 * i, data_len - 2 * i, "%02x", rand & 0xff); + snprintf(data + 2 * i, sizeof data - 2 * i, "%02x", rand & 0xff); rand >>= 8; } } } -void +static void ssh_init_forwarding(void) { int success = 0; @@ -767,7 +834,7 @@ ssh_init_forwarding(void) options.local_forwards[i].port, options.local_forwards[i].host, options.local_forwards[i].host_port); - success += channel_request_local_forwarding( + success += channel_setup_local_fwd_listener( options.local_forwards[i].port, options.local_forwards[i].host, options.local_forwards[i].host_port, @@ -789,7 +856,7 @@ ssh_init_forwarding(void) } } -void +static void check_agent_present(void) { if (options.forward_agent) { @@ -802,11 +869,10 @@ check_agent_present(void) } } -int +static int ssh_session(void) { int type; - int plen; int interactive = 0; int have_tty = 0; struct winsize ws; @@ -824,7 +890,7 @@ ssh_session(void) packet_put_int(options.compression_level); packet_send(); packet_write_wait(); - type = packet_read(&plen); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) packet_start_compression(options.compression_level); else if (type == SSH_SMSG_FAILURE) @@ -844,7 +910,7 @@ ssh_session(void) cp = getenv("TERM"); if (!cp) cp = ""; - packet_put_string(cp, strlen(cp)); + packet_put_cstring(cp); /* Store window size in the packet. */ if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0) @@ -862,7 +928,7 @@ ssh_session(void) packet_write_wait(); /* Read response from the server. */ - type = packet_read(&plen); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) { interactive = 1; have_tty = 1; @@ -873,15 +939,15 @@ ssh_session(void) } /* Request X11 forwarding if enabled and DISPLAY is set. */ if (options.forward_x11 && getenv("DISPLAY") != NULL) { - char proto[512], data[512]; + char *proto, *data; /* Get reasonable local authentication information. */ - x11_get_proto(proto, sizeof proto, data, sizeof data); + x11_get_proto(&proto, &data); /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication spoofing."); x11_request_forwarding_with_spoofing(0, proto, data); /* Read response from the server. */ - type = packet_read(&plen); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) { interactive = 1; } else if (type == SSH_SMSG_FAILURE) { @@ -901,8 +967,8 @@ ssh_session(void) auth_request_forwarding(); /* Read response from the server. */ - type = packet_read(&plen); - packet_integrity_check(plen, 0, type); + type = packet_read(); + packet_check_eom(); if (type != SSH_SMSG_SUCCESS) log("Warning: Remote host denied authentication agent forwarding."); } @@ -923,7 +989,7 @@ ssh_session(void) int len = buffer_len(&command); if (len > 900) len = 900; - debug("Sending command: %.*s", len, buffer_ptr(&command)); + debug("Sending command: %.*s", len, (u_char *)buffer_ptr(&command)); packet_start(SSH_CMSG_EXEC_CMD); packet_put_string(buffer_ptr(&command), buffer_len(&command)); packet_send(); @@ -936,11 +1002,12 @@ ssh_session(void) } /* Enter the interactive session. */ - return client_loop(have_tty, tty_flag ? options.escape_char : -1, 0); + return client_loop(have_tty, tty_flag ? + options.escape_char : SSH_ESCAPECHAR_NONE, 0); } -void -client_subsystem_reply(int type, int plen, void *ctxt) +static void +client_subsystem_reply(int type, u_int32_t seq, void *ctxt) { int id, len; @@ -948,20 +1015,21 @@ client_subsystem_reply(int type, int plen, void *ctxt) len = buffer_len(&command); if (len > 900) len = 900; - packet_done(); + packet_check_eom(); if (type == SSH2_MSG_CHANNEL_FAILURE) fatal("Request for subsystem '%.*s' failed on channel %d", - len, buffer_ptr(&command), id); + len, (u_char *)buffer_ptr(&command), id); } -void -ssh_session2_callback(int id, void *arg) +/* request pty/x11/agent/tcpfwd/shell for channel */ +static void +ssh_session2_setup(int id, void *arg) { int len; int interactive = 0; struct termios tio; - debug("client_init id %d arg %ld", id, (long)arg); + debug("ssh_session2_setup: id %d", id); if (tty_flag) { struct winsize ws; @@ -987,9 +1055,9 @@ ssh_session2_callback(int id, void *arg) } if (options.forward_x11 && getenv("DISPLAY") != NULL) { - char proto[512], data[512]; + char *proto, *data; /* Get reasonable local authentication information. */ - x11_get_proto(proto, sizeof proto, data, sizeof data); + x11_get_proto(&proto, &data); /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication spoofing."); x11_request_forwarding_with_spoofing(id, proto, data); @@ -1009,32 +1077,32 @@ ssh_session2_callback(int id, void *arg) if (len > 900) len = 900; if (subsystem_flag) { - debug("Sending subsystem: %.*s", len, buffer_ptr(&command)); + debug("Sending subsystem: %.*s", len, (u_char *)buffer_ptr(&command)); channel_request_start(id, "subsystem", /*want reply*/ 1); /* register callback for reply */ /* XXX we asume that client_loop has already been called */ dispatch_set(SSH2_MSG_CHANNEL_FAILURE, &client_subsystem_reply); dispatch_set(SSH2_MSG_CHANNEL_SUCCESS, &client_subsystem_reply); } else { - debug("Sending command: %.*s", len, buffer_ptr(&command)); + debug("Sending command: %.*s", len, (u_char *)buffer_ptr(&command)); channel_request_start(id, "exec", 0); } packet_put_string(buffer_ptr(&command), buffer_len(&command)); packet_send(); } else { - channel_request(id, "shell", 0); + channel_request_start(id, "shell", 0); + packet_send(); } - /* channel_callback(id, SSH2_MSG_OPEN_CONFIGMATION, client_init, 0); */ - /* register different callback, etc. XXX */ packet_set_interactive(interactive); } -int -ssh_session2_command(void) +/* open new channel for a session */ +static int +ssh_session2_open(void) { - int id, window, packetmax; - int in, out, err; + Channel *c; + int window, packetmax, in, out, err; if (stdin_null_flag) { in = open(_PATH_DEVNULL, O_RDONLY); @@ -1057,50 +1125,85 @@ ssh_session2_command(void) window = CHAN_SES_WINDOW_DEFAULT; packetmax = CHAN_SES_PACKET_DEFAULT; - if (!tty_flag) { - window *= 2; - packetmax *=2; + if (tty_flag) { + window >>= 1; + packetmax >>= 1; } - id = channel_new( + c = channel_new( "session", SSH_CHANNEL_OPENING, in, out, err, window, packetmax, CHAN_EXTENDED_WRITE, xstrdup("client-session"), /*nonblock*/0); -debug("channel_new: %d", id); + debug3("ssh_session2_open: channel_new: %d", c->self); - channel_open(id); - channel_register_callback(id, SSH2_MSG_CHANNEL_OPEN_CONFIRMATION, - ssh_session2_callback, (void *)0); + channel_send_open(c->self); + if (!no_shell_flag) + channel_register_confirm(c->self, ssh_session2_setup); - return id; + return c->self; } -int +static int ssh_session2(void) { - int id; + int id = -1; /* XXX should be pre-session */ ssh_init_forwarding(); - id = no_shell_flag ? -1 : ssh_session2_command(); + if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN)) + id = ssh_session2_open(); /* If requested, let ssh continue in the background. */ if (fork_after_authentication_flag) if (daemon(1, 1) < 0) fatal("daemon() failed: %.200s", strerror(errno)); - return client_loop(tty_flag, tty_flag ? options.escape_char : -1, id); + return client_loop(tty_flag, tty_flag ? + options.escape_char : SSH_ESCAPECHAR_NONE, id); } -void +static void load_public_identity_files(void) { char *filename; Key *public; - int i; - - for (i = 0; i < options.num_identity_files; i++) { + int i = 0; + +#ifdef SMARTCARD + if (options.smartcard_device != NULL && + options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES && + (public = sc_get_key(options.smartcard_device)) != NULL ) { + Key *new; + + if (options.num_identity_files + 2 > SSH_MAX_IDENTITY_FILES) + options.num_identity_files = SSH_MAX_IDENTITY_FILES - 2; + memmove(&options.identity_files[2], &options.identity_files[0], + sizeof(char *) * options.num_identity_files); + options.num_identity_files += 2; + i = 2; + + /* XXX ssh1 vs ssh2 */ + new = key_new(KEY_RSA); + new->flags = KEY_FLAG_EXT; + BN_copy(new->rsa->n, public->rsa->n); + BN_copy(new->rsa->e, public->rsa->e); + RSA_set_method(new->rsa, sc_get_engine()); + options.identity_keys[0] = new; + options.identity_files[0] = xstrdup("smartcard rsa key");; + + new = key_new(KEY_RSA1); + new->flags = KEY_FLAG_EXT; + BN_copy(new->rsa->n, public->rsa->n); + BN_copy(new->rsa->e, public->rsa->e); + RSA_set_method(new->rsa, sc_get_engine()); + options.identity_keys[1] = new; + options.identity_files[1] = xstrdup("smartcard rsa1 key"); + + key_free(public); + } +#endif /* SMARTCARD */ + for (; i < options.num_identity_files; i++) { filename = tilde_expand_filename(options.identity_files[i], original_real_uid); public = key_load_public(filename, NULL); diff --git a/crypto/openssh/ssh.h b/crypto/openssh/ssh.h index 63c75875c05f..7b0ccf3e73e0 100644 --- a/crypto/openssh/ssh.h +++ b/crypto/openssh/ssh.h @@ -1,3 +1,5 @@ +/* $OpenBSD: ssh.h,v 1.64 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -10,8 +12,6 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: ssh.h,v 1.62 2001/01/23 10:45:10 markus Exp $"); */ - #ifndef SSH_H #define SSH_H @@ -82,4 +82,7 @@ /* Name of Kerberos service for SSH to use. */ #define KRB4_SERVICE_NAME "rcmd" +/* Used to identify ``EscapeChar none'' */ +#define SSH_ESCAPECHAR_NONE -2 + #endif /* SSH_H */ diff --git a/crypto/openssh/ssh/Makefile b/crypto/openssh/ssh/Makefile index 2cf80e10f82d..f493e1ff9685 100644 --- a/crypto/openssh/ssh/Makefile +++ b/crypto/openssh/ssh/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.30 2001/04/14 16:33:20 stevesk Exp $ +# $OpenBSD: Makefile,v 1.37 2002/03/05 00:49:51 deraadt Exp $ .PATH: ${.CURDIR}/.. @@ -17,6 +17,12 @@ SRCS= ssh.c readconf.c clientloop.c sshtty.c \ .include <bsd.own.mk> # for AFS +.if (${KERBEROS5:L} == "yes") +CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV +LDADD+= -lkrb5 -lasn1 -lcom_err +DPADD+= ${LIBKRB5} ${LIBASN1} +.endif # KERBEROS5 + .if (${KERBEROS:L} == "yes") CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV LDADD+= -lkrb @@ -30,5 +36,5 @@ DPADD+= ${LIBKRBAFS} .include <bsd.prog.mk> -LDADD+= -lcrypto -lz +LDADD+= -lcrypto -lz -ldes DPADD+= ${LIBCRYPTO} ${LIBZ} diff --git a/crypto/openssh/ssh1.h b/crypto/openssh/ssh1.h index 770c5e4b021b..98d1dc9303cc 100644 --- a/crypto/openssh/ssh1.h +++ b/crypto/openssh/ssh1.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh1.h,v 1.2 2001/01/29 01:58:18 niklas Exp $ */ +/* $OpenBSD: ssh1.h,v 1.3 2001/05/30 12:55:13 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -66,6 +66,10 @@ #define SSH_CMSG_HAVE_KERBEROS_TGT 44 /* credentials (s) */ #define SSH_CMSG_HAVE_AFS_TOKEN 65 /* token (s) */ +/* protocol version 1.5 overloads some version 1.3 message types */ +#define SSH_MSG_CHANNEL_INPUT_EOF SSH_MSG_CHANNEL_CLOSE +#define SSH_MSG_CHANNEL_OUTPUT_CLOSE SSH_MSG_CHANNEL_CLOSE_CONFIRMATION + /* * Authentication methods. New types can be added, but old types should not * be removed for compatibility. The maximum allowed value is 31. @@ -83,4 +87,3 @@ /* Protocol flags. These are bit masks. */ #define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */ #define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */ - diff --git a/crypto/openssh/ssh2.h b/crypto/openssh/ssh2.h index e45aef275feb..091e52b139f1 100644 --- a/crypto/openssh/ssh2.h +++ b/crypto/openssh/ssh2.h @@ -1,3 +1,5 @@ +/* $OpenBSD: ssh2.h,v 1.8 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -52,7 +54,21 @@ * * 192-255 Local extensions */ -/* RCSID("$OpenBSD: ssh2.h,v 1.6 2001/03/27 17:46:49 provos Exp $"); */ + +/* ranges */ + +#define SSH2_MSG_TRANSPORT_MIN 1 +#define SSH2_MSG_TRANSPORT_MAX 49 +#define SSH2_MSG_USERAUTH_MIN 50 +#define SSH2_MSG_USERAUTH_MAX 79 +#define SSH2_MSG_CONNECTION_MIN 80 +#define SSH2_MSG_CONNECTION_MAX 127 +#define SSH2_MSG_RESERVED_MIN 128 +#define SSH2_MSG_RESERVED_MAX 191 +#define SSH2_MSG_LOCAL_MIN 192 +#define SSH2_MSG_LOCAL_MAX 255 +#define SSH2_MSG_MIN 1 +#define SSH2_MSG_MAX 255 /* transport layer: generic */ diff --git a/crypto/openssh/ssh_config b/crypto/openssh/ssh_config index 62093545444b..a8a8d72abfc6 100644 --- a/crypto/openssh/ssh_config +++ b/crypto/openssh/ssh_config @@ -1,8 +1,9 @@ -# $OpenBSD: ssh_config,v 1.10 2001/04/03 21:19:38 todd Exp $ +# $OpenBSD: ssh_config,v 1.12 2002/01/16 17:55:33 stevesk Exp $ -# This is ssh client systemwide configuration file. See ssh(1) for more -# information. This file provides defaults for users, and the values can -# be changed in per-user configuration files or on the command line. +# This is the ssh client system-wide configuration file. See ssh(1) +# for more information. This file provides defaults for users, and +# the values can be changed in per-user configuration files or on the +# command line. # Configuration data is parsed as follows: # 1. command line options @@ -17,7 +18,7 @@ # Host * # ForwardAgent no # ForwardX11 no -# RhostsAuthentication no +# RhostsAuthentication yes # RhostsRSAAuthentication yes # RSAAuthentication yes # PasswordAuthentication yes @@ -25,11 +26,12 @@ # UseRsh no # BatchMode no # CheckHostIP yes -# StrictHostKeyChecking yes +# StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity -# IdentityFile ~/.ssh/id_dsa # IdentityFile ~/.ssh/id_rsa +# IdentityFile ~/.ssh/id_dsa # Port 22 # Protocol 2,1 -# Cipher blowfish +# Cipher 3des +# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index 31d06964bb0f..afa40bee573d 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.104 2001/04/12 19:15:25 markus Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.119 2002/01/21 15:13:51 markus Exp $"); #include <openssl/bn.h> @@ -31,6 +31,7 @@ RCSID("$OpenBSD: sshconnect.c,v 1.104 2001/04/12 19:15:25 markus Exp $"); #include "readconf.h" #include "atomicio.h" #include "misc.h" +#include "readpass.h" char *client_version_string = NULL; char *server_version_string = NULL; @@ -38,13 +39,31 @@ char *server_version_string = NULL; extern Options options; extern char *__progname; -/* AF_UNSPEC or AF_INET or AF_INET6 */ -extern int IPv4or6; +static const char * +sockaddr_ntop(struct sockaddr *sa) +{ + void *addr; + static char addrbuf[INET6_ADDRSTRLEN]; + + switch (sa->sa_family) { + case AF_INET: + addr = &((struct sockaddr_in *)sa)->sin_addr; + break; + case AF_INET6: + addr = &((struct sockaddr_in6 *)sa)->sin6_addr; + break; + default: + /* This case should be protected against elsewhere */ + abort(); /* XXX abort is bad -- do something else */ + } + inet_ntop(sa->sa_family, addr, addrbuf, sizeof(addrbuf)); + return addrbuf; +} /* * Connect to the given ssh server using a proxy command. */ -int +static int ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, const char *proxy_command) { @@ -87,7 +106,7 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, /* Create pipes for communicating with the proxy. */ if (pipe(pin) < 0 || pipe(pout) < 0) fatal("Could not create pipes to communicate with the proxy: %.100s", - strerror(errno)); + strerror(errno)); debug("Executing proxy command: %.500s", command_string); @@ -138,16 +157,18 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw, /* Set the connection file descriptors. */ packet_set_connection(pout[0], pin[1]); - return 1; + /* Indicate OK return */ + return 0; } /* * Creates a (possibly privileged) socket for use as the ssh connection. */ -int +static int ssh_create_socket(struct passwd *pw, int privileged, int family) { - int sock; + int sock, gaierr; + struct addrinfo hints, *res; /* * If we are running as root and want to connect to a privileged @@ -160,17 +181,40 @@ ssh_create_socket(struct passwd *pw, int privileged, int family) error("rresvport: af=%d %.100s", family, strerror(errno)); else debug("Allocated local port %d.", p); - } else { - /* - * Just create an ordinary socket on arbitrary port. We use - * the user's uid to create the socket. - */ - temporarily_use_uid(pw); - sock = socket(family, SOCK_STREAM, 0); - if (sock < 0) - error("socket: %.100s", strerror(errno)); - restore_uid(); + return sock; } + /* + * Just create an ordinary socket on arbitrary port. We use + * the user's uid to create the socket. + */ + temporarily_use_uid(pw); + sock = socket(family, SOCK_STREAM, 0); + if (sock < 0) + error("socket: %.100s", strerror(errno)); + restore_uid(); + + /* Bind the socket to an alternative local IP address */ + if (options.bind_address == NULL) + return sock; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = family; + hints.ai_socktype = SOCK_STREAM; + hints.ai_flags = AI_PASSIVE; + gaierr = getaddrinfo(options.bind_address, "0", &hints, &res); + if (gaierr) { + error("getaddrinfo: %s: %s", options.bind_address, + gai_strerror(gaierr)); + close(sock); + return -1; + } + if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) { + error("bind: %s: %s", options.bind_address, strerror(errno)); + close(sock); + freeaddrinfo(res); + return -1; + } + freeaddrinfo(res); return sock; } @@ -184,12 +228,17 @@ ssh_create_socket(struct passwd *pw, int privileged, int family) * second). If proxy_command is non-NULL, it specifies the command (with %h * and %p substituted for host and port, respectively) to use to contact * the daemon. + * Return values: + * 0 for OK + * ECONNREFUSED if we got a "Connection Refused" by the peer on any address + * ECONNABORTED if we failed without a "Connection refused" + * Suitable error messages for the connection failure will already have been + * printed. */ int ssh_connect(const char *host, struct sockaddr_storage * hostaddr, - u_short port, int connection_attempts, - int anonymous, struct passwd *pw, - const char *proxy_command) + u_short port, int family, int connection_attempts, + int anonymous, struct passwd *pw, const char *proxy_command) { int gaierr; int on = 1; @@ -198,9 +247,15 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, struct addrinfo hints, *ai, *aitop; struct linger linger; struct servent *sp; + /* + * Did we get only other errors than "Connection refused" (which + * should block fallback to rsh and similar), or did we get at least + * one "Connection refused"? + */ + int full_failure = 1; debug("ssh_connect: getuid %u geteuid %u anon %d", - (u_int) getuid(), (u_int) geteuid(), anonymous); + (u_int) getuid(), (u_int) geteuid(), anonymous); /* Get default port if port has not been set. */ if (port == 0) { @@ -217,7 +272,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, /* No proxy command. */ memset(&hints, 0, sizeof(hints)); - hints.ai_family = IPv4or6; + hints.ai_family = family; hints.ai_socktype = SOCK_STREAM; snprintf(strport, sizeof strport, "%d", port); if ((gaierr = getaddrinfo(host, strport, &hints, &aitop)) != 0) @@ -228,8 +283,8 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, * Try to connect several times. On some machines, the first time * will sometimes fail. In general socket code appears to behave * quite magically on many machines. - */ - for (attempt = 0; attempt < connection_attempts; attempt++) { + */ + for (attempt = 0; ;) { if (attempt > 0) debug("Trying again..."); @@ -252,6 +307,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, !anonymous && geteuid() == 0, ai->ai_family); if (sock < 0) + /* Any error is already output */ continue; /* Connect to the host. We use the user's uid in the @@ -265,7 +321,11 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, restore_uid(); break; } else { - debug("connect: %.100s", strerror(errno)); + if (errno == ECONNREFUSED) + full_failure = 0; + log("ssh: connect to address %s port %s: %s", + sockaddr_ntop(ai->ai_addr), strport, + strerror(errno)); restore_uid(); /* * Close the failed socket; there appear to @@ -273,13 +333,15 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, * which connect() has already returned an * error. */ - shutdown(sock, SHUT_RDWR); close(sock); } } if (ai) break; /* Successful connection. */ + attempt++; + if (attempt >= connection_attempts) + break; /* Sleep a moment before retrying. */ sleep(1); } @@ -288,7 +350,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, /* Return failure if we didn't get a successful connection. */ if (attempt >= connection_attempts) - return 0; + return full_failure ? ECONNABORTED : ECONNREFUSED; debug("Connection established."); @@ -310,14 +372,14 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, /* Set the connection. */ packet_set_connection(sock, sock); - return 1; + return 0; } /* * Waits for the server identification string, and sends our own * identification string. */ -void +static void ssh_exchange_identification(void) { char buf[256], remote_version[256]; /* must be same size! */ @@ -359,12 +421,12 @@ ssh_exchange_identification(void) &remote_major, &remote_minor, remote_version) != 3) fatal("Bad remote protocol version identification: '%.100s'", buf); debug("Remote protocol version %d.%d, remote software version %.100s", - remote_major, remote_minor, remote_version); + remote_major, remote_minor, remote_version); compat_datafellows(remote_version); mismatch = 0; - switch(remote_major) { + switch (remote_major) { case 1: if (remote_minor == 99 && (options.protocol & SSH_PROTO_2) && @@ -402,8 +464,6 @@ ssh_exchange_identification(void) fatal("Protocol major versions differ: %d vs. %d", (options.protocol & SSH_PROTO_2) ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, remote_major); - if (compat20) - packet_set_ssh2_format(); /* Send our own protocol version identification. */ snprintf(buf, sizeof buf, "SSH-%d.%d-%.100s\n", compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, @@ -418,61 +478,38 @@ ssh_exchange_identification(void) } /* defaults to 'no' */ -int -read_yes_or_no(const char *prompt, int defval) +static int +confirm(const char *prompt) { - char buf[1024]; - FILE *f; - int retval = -1; + const char *msg, *again = "Please type 'yes' or 'no': "; + char *p; + int ret = -1; if (options.batch_mode) return 0; - - if (isatty(STDIN_FILENO)) - f = stdin; - else - f = fopen(_PATH_TTY, "rw"); - - if (f == NULL) - return 0; - - fflush(stdout); - - while (1) { - fprintf(stderr, "%s", prompt); - if (fgets(buf, sizeof(buf), f) == NULL) { - /* Print a newline (the prompt probably didn\'t have one). */ - fprintf(stderr, "\n"); - strlcpy(buf, "no", sizeof buf); - } - /* Remove newline from response. */ - if (strchr(buf, '\n')) - *strchr(buf, '\n') = 0; - - if (buf[0] == 0) - retval = defval; - if (strcmp(buf, "yes") == 0) - retval = 1; - else if (strcmp(buf, "no") == 0) - retval = 0; - else - fprintf(stderr, "Please type 'yes' or 'no'.\n"); - - if (retval != -1) { - if (f != stdin) - fclose(f); - return retval; - } + for (msg = prompt;;msg = again) { + p = read_passphrase(msg, RP_ECHO); + if (p == NULL || + (p[0] == '\0') || (p[0] == '\n') || + strncasecmp(p, "no", 2) == 0) + ret = 0; + if (strncasecmp(p, "yes", 3) == 0) + ret = 1; + if (p) + xfree(p); + if (ret != -1) + return ret; } } /* - * check whether the supplied host key is valid, return only if ok. + * check whether the supplied host key is valid, return -1 if the key + * is not valid. the user_hostfile will not be updated if 'readonly' is true. */ -void +static int check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, - const char *user_hostfile, const char *system_hostfile) + int readonly, const char *user_hostfile, const char *system_hostfile) { Key *file_key; char *type = key_type(host_key); @@ -482,7 +519,8 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, HostStatus ip_status; int local = 0, host_ip_differ = 0; char ntop[NI_MAXHOST]; - int host_line, ip_line; + char msg[1024]; + int len, host_line, ip_line; const char *host_file = NULL, *ip_file = NULL; /* @@ -496,19 +534,22 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, /** hostaddr == 0! */ switch (hostaddr->sa_family) { case AF_INET: - local = (ntohl(((struct sockaddr_in *)hostaddr)->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; + local = (ntohl(((struct sockaddr_in *)hostaddr)-> + sin_addr.s_addr) >> 24) == IN_LOOPBACKNET; break; case AF_INET6: - local = IN6_IS_ADDR_LOOPBACK(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr)); + local = IN6_IS_ADDR_LOOPBACK( + &(((struct sockaddr_in6 *)hostaddr)->sin6_addr)); break; default: local = 0; break; } - if (local && options.host_key_alias == NULL) { + if (options.no_host_authentication_for_localhost == 1 && local && + options.host_key_alias == NULL) { debug("Forcing accepting of host key for " "loopback/localhost."); - return; + return 0; } /* @@ -552,10 +593,12 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, * hosts or in the systemwide list. */ host_file = user_hostfile; - host_status = check_host_in_hostfile(host_file, host, host_key, file_key, &host_line); + host_status = check_host_in_hostfile(host_file, host, host_key, + file_key, &host_line); if (host_status == HOST_NEW) { host_file = system_hostfile; - host_status = check_host_in_hostfile(host_file, host, host_key, file_key, &host_line); + host_status = check_host_in_hostfile(host_file, host, host_key, + file_key, &host_line); } /* * Also perform check for the ip address, skip the check if we are @@ -565,10 +608,12 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, Key *ip_key = key_new(host_key->type); ip_file = user_hostfile; - ip_status = check_host_in_hostfile(ip_file, ip, host_key, ip_key, &ip_line); + ip_status = check_host_in_hostfile(ip_file, ip, host_key, + ip_key, &ip_line); if (ip_status == HOST_NEW) { ip_file = system_hostfile; - ip_status = check_host_in_hostfile(ip_file, ip, host_key, ip_key, &ip_line); + ip_status = check_host_in_hostfile(ip_file, ip, + host_key, ip_key, &ip_line); } if (host_status == HOST_CHANGED && (ip_status != HOST_CHANGED || !key_equal(ip_key, file_key))) @@ -587,32 +632,46 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, host, type); debug("Found key in %s:%d", host_file, host_line); if (options.check_host_ip && ip_status == HOST_NEW) { - if (!add_host_to_hostfile(user_hostfile, ip, host_key)) - log("Failed to add the %s host key for IP address '%.128s' to the list of known hosts (%.30s).", - type, ip, user_hostfile); - else - log("Warning: Permanently added the %s host key for IP address '%.128s' to the list of known hosts.", + if (readonly) + log("%s host key for IP address " + "'%.128s' not in list of known hosts.", type, ip); + else if (!add_host_to_hostfile(user_hostfile, ip, + host_key)) + log("Failed to add the %s host key for IP " + "address '%.128s' to the list of known " + "hosts (%.30s).", type, ip, user_hostfile); + else + log("Warning: Permanently added the %s host " + "key for IP address '%.128s' to the list " + "of known hosts.", type, ip); } break; case HOST_NEW: + if (readonly) + goto fail; /* The host is new. */ if (options.strict_host_key_checking == 1) { - /* User has requested strict host key checking. We will not add the host key - automatically. The only alternative left is to abort. */ - fatal("No %s host key is known for %.200s and you have requested strict checking.", type, host); + /* + * User has requested strict host key checking. We + * will not add the host key automatically. The only + * alternative left is to abort. + */ + error("No %s host key is known for %.200s and you " + "have requested strict checking.", type, host); + goto fail; } else if (options.strict_host_key_checking == 2) { /* The default */ - char prompt[1024]; fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); - snprintf(prompt, sizeof(prompt), - "The authenticity of host '%.200s (%s)' can't be established.\n" + snprintf(msg, sizeof(msg), + "The authenticity of host '%.200s (%s)' can't be " + "established.\n" "%s key fingerprint is %s.\n" - "Are you sure you want to continue connecting (yes/no)? ", - host, ip, type, fp); + "Are you sure you want to continue connecting " + "(yes/no)? ", host, ip, type, fp); xfree(fp); - if (!read_yes_or_no(prompt, -1)) - fatal("Aborted by user!"); + if (!confirm(msg)) + goto fail; } if (options.check_host_ip && ip_status == HOST_NEW) { snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); @@ -620,13 +679,16 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, } else hostp = host; - /* If not in strict mode, add the key automatically to the local known_hosts file. */ + /* + * If not in strict mode, add the key automatically to the + * local known_hosts file. + */ if (!add_host_to_hostfile(user_hostfile, hostp, host_key)) - log("Failed to add the host to the list of known hosts (%.500s).", - user_hostfile); + log("Failed to add the host to the list of known " + "hosts (%.500s).", user_hostfile); else - log("Warning: Permanently added '%.200s' (%s) to the list of known hosts.", - hostp, type); + log("Warning: Permanently added '%.200s' (%s) to the " + "list of known hosts.", hostp, type); break; case HOST_CHANGED: if (options.check_host_ip && host_ip_differ) { @@ -668,8 +730,11 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, * If strict host key checking is in use, the user will have * to edit the key manually and we can only abort. */ - if (options.strict_host_key_checking) - fatal("%s host key for %.200s has changed and you have requested strict checking.", type, host); + if (options.strict_host_key_checking) { + error("%s host key for %.200s has changed and you have " + "requested strict checking.", type, host); + goto fail; + } /* * If strict host key checking has not been requested, allow @@ -677,20 +742,26 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, * agent forwarding. */ if (options.password_authentication) { - error("Password authentication is disabled to avoid trojan horses."); + error("Password authentication is disabled to avoid " + "man-in-the-middle attacks."); options.password_authentication = 0; } if (options.forward_agent) { - error("Agent forwarding is disabled to avoid trojan horses."); + error("Agent forwarding is disabled to avoid " + "man-in-the-middle attacks."); options.forward_agent = 0; } if (options.forward_x11) { - error("X11 forwarding is disabled to avoid trojan horses."); + error("X11 forwarding is disabled to avoid " + "man-in-the-middle attacks."); options.forward_x11 = 0; } - if (options.num_local_forwards > 0 || options.num_remote_forwards > 0) { - error("Port forwarding is disabled to avoid trojan horses."); - options.num_local_forwards = options.num_remote_forwards = 0; + if (options.num_local_forwards > 0 || + options.num_remote_forwards > 0) { + error("Port forwarding is disabled to avoid " + "man-in-the-middle attacks."); + options.num_local_forwards = + options.num_remote_forwards = 0; } /* * XXX Should permit the user to change to use the new id. @@ -704,22 +775,53 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, if (options.check_host_ip && host_status != HOST_CHANGED && ip_status == HOST_CHANGED) { - log("Warning: the %s host key for '%.200s' " - "differs from the key for the IP address '%.128s'", - type, host, ip); - if (host_status == HOST_OK) - log("Matching host key in %s:%d", host_file, host_line); - log("Offending key for IP in %s:%d", ip_file, ip_line); + snprintf(msg, sizeof(msg), + "Warning: the %s host key for '%.200s' " + "differs from the key for the IP address '%.128s'" + "\nOffending key for IP in %s:%d", + type, host, ip, ip_file, ip_line); + if (host_status == HOST_OK) { + len = strlen(msg); + snprintf(msg + len, sizeof(msg) - len, + "\nMatching host key in %s:%d", + host_file, host_line); + } if (options.strict_host_key_checking == 1) { - fatal("Exiting, you have requested strict checking."); + log(msg); + error("Exiting, you have requested strict checking."); + goto fail; } else if (options.strict_host_key_checking == 2) { - if (!read_yes_or_no("Are you sure you want " \ - "to continue connecting (yes/no)? ", -1)) - fatal("Aborted by user!"); + strlcat(msg, "\nAre you sure you want " + "to continue connecting (yes/no)? ", sizeof(msg)); + if (!confirm(msg)) + goto fail; + } else { + log(msg); } } xfree(ip); + return 0; + +fail: + xfree(ip); + return -1; +} + +int +verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) +{ + struct stat st; + + /* return ok if the key can be found in an old keyfile */ + if (stat(options.system_hostfile2, &st) == 0 || + stat(options.user_hostfile2, &st) == 0) { + if (check_host_key(host, hostaddr, host_key, /*readonly*/ 1, + options.user_hostfile2, options.system_hostfile2) == 0) + return 0; + } + return check_host_key(host, hostaddr, host_key, /*readonly*/ 0, + options.user_hostfile, options.system_hostfile); } /* @@ -769,7 +871,7 @@ ssh_put_password(char *password) char *padded; if (datafellows & SSH_BUG_PASSWORDPAD) { - packet_put_string(password, strlen(password)); + packet_put_cstring(password); return; } size = roundup(strlen(password) + 1, 32); diff --git a/crypto/openssh/sshconnect.h b/crypto/openssh/sshconnect.h index 6610401858d1..b475adde0df3 100644 --- a/crypto/openssh/sshconnect.h +++ b/crypto/openssh/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.9 2001/04/12 19:15:25 markus Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.13 2001/10/08 19:05:05 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -27,29 +27,20 @@ #define SSHCONNECT_H int -ssh_connect(const char *host, struct sockaddr_storage * hostaddr, - u_short port, int connection_attempts, - int anonymous, struct passwd *pw, - const char *proxy_command); +ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, + int, struct passwd *, const char *); void -ssh_login(Key **keys, int nkeys, const char *orighost, - struct sockaddr *hostaddr, struct passwd *pw); +ssh_login(Key **, int, const char *, struct sockaddr *, struct passwd *); -void -check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, - const char *user_hostfile, const char *system_hostfile); +int verify_host_key(char *, struct sockaddr *, Key *); -void ssh_kex(char *host, struct sockaddr *hostaddr); -void ssh_kex2(char *host, struct sockaddr *hostaddr); +void ssh_kex(char *, struct sockaddr *); +void ssh_kex2(char *, struct sockaddr *); -void -ssh_userauth1(const char *local_user, const char *server_user, char *host, - Key **keys, int nkeys); -void -ssh_userauth2(const char *local_user, const char *server_user, char *host, - Key **keys, int nkeys); +void ssh_userauth1(const char *, const char *, char *, Key **, int); +void ssh_userauth2(const char *, const char *, char *, Key **, int); -void ssh_put_password(char *password); +void ssh_put_password(char *); #endif diff --git a/crypto/openssh/sshconnect1.c b/crypto/openssh/sshconnect1.c index d42676676bfd..d7722f4b9bf4 100644 --- a/crypto/openssh/sshconnect1.c +++ b/crypto/openssh/sshconnect1.c @@ -13,14 +13,17 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect1.c,v 1.31 2001/04/17 08:14:01 markus Exp $"); +RCSID("$OpenBSD: sshconnect1.c,v 1.48 2002/02/11 16:15:46 markus Exp $"); #include <openssl/bn.h> -#include <openssl/evp.h> +#include <openssl/md5.h> #ifdef KRB4 #include <krb.h> #endif +#ifdef KRB5 +#include <krb5.h> +#endif #ifdef AFS #include <kafs.h> #include "radix.h" @@ -43,6 +46,7 @@ RCSID("$OpenBSD: sshconnect1.c,v 1.31 2001/04/17 08:14:01 markus Exp $"); #include "readpass.h" #include "cipher.h" #include "canohost.h" +#include "auth.h" /* Session id for the current session. */ u_char session_id[16]; @@ -55,7 +59,7 @@ extern char *__progname; * Checks if the user has an authentication agent, and if so, tries to * authenticate using the agent. */ -int +static int try_agent_authentication(void) { int type; @@ -63,7 +67,6 @@ try_agent_authentication(void) AuthenticationConnection *auth; u_char response[16]; u_int i; - int plen, clen; Key *key; BIGNUM *challenge; @@ -72,12 +75,12 @@ try_agent_authentication(void) if (!auth) return 0; - challenge = BN_new(); - + if ((challenge = BN_new()) == NULL) + fatal("try_agent_authentication: BN_new failed"); /* Loop through identities served by the agent. */ for (key = ssh_get_first_identity(auth, &comment, 1); - key != NULL; - key = ssh_get_next_identity(auth, &comment, 1)) { + key != NULL; + key = ssh_get_next_identity(auth, &comment, 1)) { /* Try this identity. */ debug("Trying RSA authentication via agent with '%.100s'", comment); @@ -90,7 +93,7 @@ try_agent_authentication(void) packet_write_wait(); /* Wait for server's response. */ - type = packet_read(&plen); + type = packet_read(); /* The server sends failure if it doesn\'t like our key or does not support RSA authentication. */ @@ -104,9 +107,8 @@ try_agent_authentication(void) packet_disconnect("Protocol error during RSA authentication: %d", type); - packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); + packet_get_bignum(challenge); + packet_check_eom(); debug("Received RSA challenge from server."); @@ -131,7 +133,7 @@ try_agent_authentication(void) packet_write_wait(); /* Wait for response from the server. */ - type = packet_read(&plen); + type = packet_read(); /* The server returns success if it accepted the authentication. */ if (type == SSH_SMSG_SUCCESS) { @@ -155,7 +157,7 @@ try_agent_authentication(void) * Computes the proper response to a RSA challenge, and sends the response to * the server. */ -void +static void respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) { u_char buf[32], response[16]; @@ -200,23 +202,18 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) * Checks if the user has authentication file, and if so, tries to authenticate * the user using it. */ -int -try_rsa_authentication(const char *authfile) +static int +try_rsa_authentication(int idx) { BIGNUM *challenge; - Key *public; - Key *private; - char *passphrase, *comment; - int type, i; - int plen, clen; + Key *public, *private; + char buf[300], *passphrase, *comment, *authfile; + int i, type, quit; + + public = options.identity_keys[idx]; + authfile = options.identity_files[idx]; + comment = xstrdup(authfile); - /* Try to load identification for the authentication key. */ - /* XXKEYLOAD */ - public = key_load_public_type(KEY_RSA1, authfile, &comment); - if (public == NULL) { - /* Could not load it. Fail. */ - return 0; - } debug("Trying RSA authentication with key '%.100s'", comment); /* Tell the server that we are willing to authenticate using this key. */ @@ -225,11 +222,8 @@ try_rsa_authentication(const char *authfile) packet_send(); packet_write_wait(); - /* We no longer need the public key. */ - key_free(public); - /* Wait for server's response. */ - type = packet_read(&plen); + type = packet_read(); /* * The server responds with failure if it doesn\'t like our key or @@ -245,68 +239,74 @@ try_rsa_authentication(const char *authfile) packet_disconnect("Protocol error during RSA authentication: %d", type); /* Get the challenge from the packet. */ - challenge = BN_new(); - packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); + if ((challenge = BN_new()) == NULL) + fatal("try_rsa_authentication: BN_new failed"); + packet_get_bignum(challenge); + packet_check_eom(); debug("Received RSA challenge from server."); /* - * Load the private key. Try first with empty passphrase; if it + * If the key is not stored in external hardware, we have to + * load the private key. Try first with empty passphrase; if it * fails, ask for a passphrase. */ - private = key_load_private_type(KEY_RSA1, authfile, "", NULL); - if (private == NULL) { - char buf[300]; - snprintf(buf, sizeof buf, "Enter passphrase for RSA key '%.100s': ", - comment); - if (!options.batch_mode) + if (public->flags && KEY_FLAG_EXT) + private = public; + else + private = key_load_private_type(KEY_RSA1, authfile, "", NULL); + if (private == NULL && !options.batch_mode) { + snprintf(buf, sizeof(buf), + "Enter passphrase for RSA key '%.100s': ", comment); + for (i = 0; i < options.number_of_password_prompts; i++) { passphrase = read_passphrase(buf, 0); - else { - debug("Will not query passphrase for %.100s in batch mode.", - comment); - passphrase = xstrdup(""); - } - - /* Load the authentication file using the pasphrase. */ - private = key_load_private_type(KEY_RSA1, authfile, passphrase, NULL); - if (private == NULL) { + if (strcmp(passphrase, "") != 0) { + private = key_load_private_type(KEY_RSA1, + authfile, passphrase, NULL); + quit = 0; + } else { + debug2("no passphrase given, try next key"); + quit = 1; + } memset(passphrase, 0, strlen(passphrase)); xfree(passphrase); - error("Bad passphrase."); - - /* Send a dummy response packet to avoid protocol error. */ - packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); - for (i = 0; i < 16; i++) - packet_put_char(0); - packet_send(); - packet_write_wait(); - - /* Expect the server to reject it... */ - packet_read_expect(&plen, SSH_SMSG_FAILURE); - xfree(comment); - BN_clear_free(challenge); - return 0; + if (private != NULL || quit) + break; + debug2("bad passphrase given, try again..."); } - /* Destroy the passphrase. */ - memset(passphrase, 0, strlen(passphrase)); - xfree(passphrase); } /* We no longer need the comment. */ xfree(comment); + if (private == NULL) { + if (!options.batch_mode) + error("Bad passphrase."); + + /* Send a dummy response packet to avoid protocol error. */ + packet_start(SSH_CMSG_AUTH_RSA_RESPONSE); + for (i = 0; i < 16; i++) + packet_put_char(0); + packet_send(); + packet_write_wait(); + + /* Expect the server to reject it... */ + packet_read_expect(SSH_SMSG_FAILURE); + BN_clear_free(challenge); + return 0; + } + /* Compute and send a response to the challenge. */ respond_to_rsa_challenge(challenge, private->rsa); - /* Destroy the private key. */ - key_free(private); + /* Destroy the private key unless it in external hardware. */ + if (!(private->flags & KEY_FLAG_EXT)) + key_free(private); /* We no longer need the challenge. */ BN_clear_free(challenge); /* Wait for response from the server. */ - type = packet_read(&plen); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) { debug("RSA authentication accepted by server."); return 1; @@ -321,18 +321,17 @@ try_rsa_authentication(const char *authfile) * Tries to authenticate the user using combined rhosts or /etc/hosts.equiv * authentication and RSA host authentication. */ -int +static int try_rhosts_rsa_authentication(const char *local_user, Key * host_key) { int type; BIGNUM *challenge; - int plen, clen; debug("Trying rhosts or /etc/hosts.equiv with RSA host authentication."); /* Tell the server that we are willing to authenticate using this key. */ packet_start(SSH_CMSG_AUTH_RHOSTS_RSA); - packet_put_string(local_user, strlen(local_user)); + packet_put_cstring(local_user); packet_put_int(BN_num_bits(host_key->rsa->n)); packet_put_bignum(host_key->rsa->e); packet_put_bignum(host_key->rsa->n); @@ -340,7 +339,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) packet_write_wait(); /* Wait for server's response. */ - type = packet_read(&plen); + type = packet_read(); /* The server responds with failure if it doesn't admit our .rhosts authentication or doesn't know our host key. */ @@ -353,10 +352,10 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) packet_disconnect("Protocol error during RSA authentication: %d", type); /* Get the challenge from the packet. */ - challenge = BN_new(); - packet_get_bignum(challenge, &clen); - - packet_integrity_check(plen, clen, type); + if ((challenge = BN_new()) == NULL) + fatal("try_rhosts_rsa_authentication: BN_new failed"); + packet_get_bignum(challenge); + packet_check_eom(); debug("Received RSA challenge for host key from server."); @@ -367,7 +366,7 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) BN_clear_free(challenge); /* Wait for response from the server. */ - type = packet_read(&plen); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) { debug("Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server."); return 1; @@ -379,15 +378,15 @@ try_rhosts_rsa_authentication(const char *local_user, Key * host_key) } #ifdef KRB4 -int -try_kerberos_authentication(void) +static int +try_krb4_authentication(void) { KTEXT_ST auth; /* Kerberos data */ char *reply; char inst[INST_SZ]; char *realm; CREDENTIALS cred; - int r, type, plen; + int r, type; socklen_t slen; Key_schedule schedule; u_long checksum, cksum; @@ -399,19 +398,20 @@ try_kerberos_authentication(void) if (stat(tkt_string(), &st) < 0) return 0; - strncpy(inst, (char *) krb_get_phost(get_canonical_hostname(1)), INST_SZ); + strlcpy(inst, (char *)krb_get_phost(get_canonical_hostname(1)), + INST_SZ); - realm = (char *) krb_realmofhost(get_canonical_hostname(1)); + realm = (char *)krb_realmofhost(get_canonical_hostname(1)); if (!realm) { - debug("Kerberos V4: no realm for %s", get_canonical_hostname(1)); + debug("Kerberos v4: no realm for %s", get_canonical_hostname(1)); return 0; } /* This can really be anything. */ - checksum = (u_long) getpid(); + checksum = (u_long)getpid(); r = krb_mk_req(&auth, KRB4_SERVICE_NAME, inst, realm, checksum); if (r != KSUCCESS) { - debug("Kerberos V4 krb_mk_req failed: %s", krb_err_txt[r]); + debug("Kerberos v4 krb_mk_req failed: %s", krb_err_txt[r]); return 0; } /* Get session key to decrypt the server's reply with. */ @@ -434,35 +434,35 @@ try_kerberos_authentication(void) slen = sizeof(local); memset(&local, 0, sizeof(local)); if (getsockname(packet_get_connection_in(), - (struct sockaddr *) & local, &slen) < 0) + (struct sockaddr *)&local, &slen) < 0) debug("getsockname failed: %s", strerror(errno)); slen = sizeof(foreign); memset(&foreign, 0, sizeof(foreign)); if (getpeername(packet_get_connection_in(), - (struct sockaddr *) & foreign, &slen) < 0) { + (struct sockaddr *)&foreign, &slen) < 0) { debug("getpeername failed: %s", strerror(errno)); fatal_cleanup(); } /* Get server reply. */ - type = packet_read(&plen); + type = packet_read(); switch (type) { case SSH_SMSG_FAILURE: /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */ - debug("Kerberos V4 authentication failed."); + debug("Kerberos v4 authentication failed."); return 0; break; case SSH_SMSG_AUTH_KERBEROS_RESPONSE: /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ - debug("Kerberos V4 authentication accepted."); + debug("Kerberos v4 authentication accepted."); /* Get server's response. */ reply = packet_get_string((u_int *) &auth.length); memcpy(auth.dat, reply, auth.length); xfree(reply); - packet_integrity_check(plen, 4 + auth.length, type); + packet_check_eom(); /* * If his response isn't properly encrypted with the session @@ -470,84 +470,275 @@ try_kerberos_authentication(void) * bogus. Bail out. */ r = krb_rd_priv(auth.dat, auth.length, schedule, &cred.session, - &foreign, &local, &msg_data); + &foreign, &local, &msg_data); if (r != KSUCCESS) { - debug("Kerberos V4 krb_rd_priv failed: %s", krb_err_txt[r]); - packet_disconnect("Kerberos V4 challenge failed!"); + debug("Kerberos v4 krb_rd_priv failed: %s", + krb_err_txt[r]); + packet_disconnect("Kerberos v4 challenge failed!"); } /* Fetch the (incremented) checksum that we supplied in the request. */ - (void) memcpy((char *) &cksum, (char *) msg_data.app_data, sizeof(cksum)); + memcpy((char *)&cksum, (char *)msg_data.app_data, + sizeof(cksum)); cksum = ntohl(cksum); /* If it matches, we're golden. */ if (cksum == checksum + 1) { - debug("Kerberos V4 challenge successful."); + debug("Kerberos v4 challenge successful."); return 1; } else - packet_disconnect("Kerberos V4 challenge failed!"); + packet_disconnect("Kerberos v4 challenge failed!"); break; default: - packet_disconnect("Protocol error on Kerberos V4 response: %d", type); + packet_disconnect("Protocol error on Kerberos v4 response: %d", type); } return 0; } #endif /* KRB4 */ +#ifdef KRB5 +static int +try_krb5_authentication(krb5_context *context, krb5_auth_context *auth_context) +{ + krb5_error_code problem; + const char *tkfile; + struct stat buf; + krb5_ccache ccache = NULL; + const char *remotehost; + krb5_data ap; + int type; + krb5_ap_rep_enc_part *reply = NULL; + int ret; + + memset(&ap, 0, sizeof(ap)); + + problem = krb5_init_context(context); + if (problem) { + debug("Kerberos v5: krb5_init_context failed"); + ret = 0; + goto out; + } + + tkfile = krb5_cc_default_name(*context); + if (strncmp(tkfile, "FILE:", 5) == 0) + tkfile += 5; + + if (stat(tkfile, &buf) == 0 && getuid() != buf.st_uid) { + debug("Kerberos v5: could not get default ccache (permission denied)."); + ret = 0; + goto out; + } + + problem = krb5_cc_default(*context, &ccache); + if (problem) { + debug("Kerberos v5: krb5_cc_default failed: %s", + krb5_get_err_text(*context, problem)); + ret = 0; + goto out; + } + + remotehost = get_canonical_hostname(1); + + problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED, + "host", remotehost, NULL, ccache, &ap); + if (problem) { + debug("Kerberos v5: krb5_mk_req failed: %s", + krb5_get_err_text(*context, problem)); + ret = 0; + goto out; + } + + packet_start(SSH_CMSG_AUTH_KERBEROS); + packet_put_string((char *) ap.data, ap.length); + packet_send(); + packet_write_wait(); + + xfree(ap.data); + ap.length = 0; + + type = packet_read(); + switch (type) { + case SSH_SMSG_FAILURE: + /* Should really be SSH_SMSG_AUTH_KERBEROS_FAILURE */ + debug("Kerberos v5 authentication failed."); + ret = 0; + break; + + case SSH_SMSG_AUTH_KERBEROS_RESPONSE: + /* SSH_SMSG_AUTH_KERBEROS_SUCCESS */ + debug("Kerberos v5 authentication accepted."); + + /* Get server's response. */ + ap.data = packet_get_string((unsigned int *) &ap.length); + packet_check_eom(); + /* XXX je to dobre? */ + + problem = krb5_rd_rep(*context, *auth_context, &ap, &reply); + if (problem) { + ret = 0; + } + ret = 1; + break; + + default: + packet_disconnect("Protocol error on Kerberos v5 response: %d", + type); + ret = 0; + break; + + } + + out: + if (ccache != NULL) + krb5_cc_close(*context, ccache); + if (reply != NULL) + krb5_free_ap_rep_enc_part(*context, reply); + if (ap.length > 0) + krb5_data_free(&ap); + + return (ret); +} + +static void +send_krb5_tgt(krb5_context context, krb5_auth_context auth_context) +{ + int fd, type; + krb5_error_code problem; + krb5_data outbuf; + krb5_ccache ccache = NULL; + krb5_creds creds; + krb5_kdc_flags flags; + const char *remotehost; + + memset(&creds, 0, sizeof(creds)); + memset(&outbuf, 0, sizeof(outbuf)); + + fd = packet_get_connection_in(); + + problem = krb5_auth_con_setaddrs_from_fd(context, auth_context, &fd); + if (problem) + goto out; + + problem = krb5_cc_default(context, &ccache); + if (problem) + goto out; + + problem = krb5_cc_get_principal(context, ccache, &creds.client); + if (problem) + goto out; + + problem = krb5_build_principal(context, &creds.server, + strlen(creds.client->realm), creds.client->realm, + "krbtgt", creds.client->realm, NULL); + if (problem) + goto out; + + creds.times.endtime = 0; + + flags.i = 0; + flags.b.forwarded = 1; + flags.b.forwardable = krb5_config_get_bool(context, NULL, + "libdefaults", "forwardable", NULL); + + remotehost = get_canonical_hostname(1); + + problem = krb5_get_forwarded_creds(context, auth_context, + ccache, flags.i, remotehost, &creds, &outbuf); + if (problem) + goto out; + + packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); + packet_put_string((char *)outbuf.data, outbuf.length); + packet_send(); + packet_write_wait(); + + type = packet_read(); + + if (type == SSH_SMSG_SUCCESS) { + char *pname; + + krb5_unparse_name(context, creds.client, &pname); + debug("Kerberos v5 TGT forwarded (%s).", pname); + xfree(pname); + } else + debug("Kerberos v5 TGT forwarding failed."); + + return; + + out: + if (problem) + debug("Kerberos v5 TGT forwarding failed: %s", + krb5_get_err_text(context, problem)); + if (creds.client) + krb5_free_principal(context, creds.client); + if (creds.server) + krb5_free_principal(context, creds.server); + if (ccache) + krb5_cc_close(context, ccache); + if (outbuf.data) + xfree(outbuf.data); +} +#endif /* KRB5 */ + #ifdef AFS -int -send_kerberos_tgt(void) +static void +send_krb4_tgt(void) { CREDENTIALS *creds; - char pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; - int r, type, plen; - char buffer[8192]; struct stat st; + char buffer[4096], pname[ANAME_SZ], pinst[INST_SZ], prealm[REALM_SZ]; + int problem, type; /* Don't do anything if we don't have any tickets. */ if (stat(tkt_string(), &st) < 0) - return 0; + return; creds = xmalloc(sizeof(*creds)); - if ((r = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm)) != KSUCCESS) { - debug("Kerberos V4 tf_fullname failed: %s", krb_err_txt[r]); - return 0; - } - if ((r = krb_get_cred("krbtgt", prealm, prealm, creds)) != GC_OK) { - debug("Kerberos V4 get_cred failed: %s", krb_err_txt[r]); - return 0; - } + problem = krb_get_tf_fullname(TKT_FILE, pname, pinst, prealm); + if (problem) + goto out; + + problem = krb_get_cred("krbtgt", prealm, prealm, creds); + if (problem) + goto out; + if (time(0) > krb_life_to_time(creds->issue_date, creds->lifetime)) { - debug("Kerberos V4 ticket expired: %s", TKT_FILE); - return 0; + problem = RD_AP_EXP; + goto out; } - creds_to_radix(creds, (u_char *)buffer, sizeof buffer); - xfree(creds); + creds_to_radix(creds, (u_char *)buffer, sizeof(buffer)); packet_start(SSH_CMSG_HAVE_KERBEROS_TGT); - packet_put_string(buffer, strlen(buffer)); + packet_put_cstring(buffer); packet_send(); packet_write_wait(); - type = packet_read(&plen); + type = packet_read(); - if (type == SSH_SMSG_FAILURE) - debug("Kerberos TGT for realm %s rejected.", prealm); - else if (type != SSH_SMSG_SUCCESS) - packet_disconnect("Protocol error on Kerberos TGT response: %d", type); + if (type == SSH_SMSG_SUCCESS) + debug("Kerberos v4 TGT forwarded (%s%s%s@%s).", + creds->pname, creds->pinst[0] ? "." : "", + creds->pinst, creds->realm); + else + debug("Kerberos v4 TGT rejected."); + + xfree(creds); + return; - return 1; + out: + debug("Kerberos v4 TGT passing failed: %s", krb_err_txt[problem]); + xfree(creds); } -void +static void send_afs_tokens(void) { CREDENTIALS creds; struct ViceIoctl parms; struct ClearToken ct; - int i, type, len, plen; + int i, type, len; char buf[2048], *p, *server_cell; char buffer[8192]; @@ -580,27 +771,29 @@ send_afs_tokens(void) server_cell = p; /* Flesh out our credentials. */ - strlcpy(creds.service, "afs", sizeof creds.service); + strlcpy(creds.service, "afs", sizeof(creds.service)); creds.instance[0] = '\0'; strlcpy(creds.realm, server_cell, REALM_SZ); memcpy(creds.session, ct.HandShakeKey, DES_KEY_SZ); creds.issue_date = ct.BeginTimestamp; - creds.lifetime = krb_time_to_life(creds.issue_date, ct.EndTimestamp); + creds.lifetime = krb_time_to_life(creds.issue_date, + ct.EndTimestamp); creds.kvno = ct.AuthHandle; snprintf(creds.pname, sizeof(creds.pname), "AFS ID %d", ct.ViceId); creds.pinst[0] = '\0'; /* Encode token, ship it off. */ - if (creds_to_radix(&creds, (u_char *) buffer, sizeof buffer) <= 0) + if (creds_to_radix(&creds, (u_char *)buffer, + sizeof(buffer)) <= 0) break; packet_start(SSH_CMSG_HAVE_AFS_TOKEN); - packet_put_string(buffer, strlen(buffer)); + packet_put_cstring(buffer); packet_send(); packet_write_wait(); /* Roger, Roger. Clearance, Clarence. What's your vector, Victor? */ - type = packet_read(&plen); + type = packet_read(); if (type == SSH_SMSG_FAILURE) debug("AFS token for cell %s rejected.", server_cell); @@ -615,16 +808,15 @@ send_afs_tokens(void) * Tries to authenticate with any string-based challenge/response system. * Note that the client code is not tied to s/key or TIS. */ -int -try_challenge_reponse_authentication(void) +static int +try_challenge_response_authentication(void) { int type, i; - int payload_len; u_int clen; char prompt[1024]; char *challenge, *response; - debug("Doing challenge reponse authentication."); + debug("Doing challenge response authentication."); for (i = 0; i < options.number_of_password_prompts; i++) { /* request a challenge */ @@ -632,7 +824,7 @@ try_challenge_reponse_authentication(void) packet_send(); packet_write_wait(); - type = packet_read(&payload_len); + type = packet_read(); if (type != SSH_SMSG_FAILURE && type != SSH_SMSG_AUTH_TIS_CHALLENGE) { packet_disconnect("Protocol error: got %d in response " @@ -643,9 +835,9 @@ try_challenge_reponse_authentication(void) return 0; } challenge = packet_get_string(&clen); - packet_integrity_check(payload_len, (4 + clen), type); + packet_check_eom(); snprintf(prompt, sizeof prompt, "%s%s", challenge, - strchr(challenge, '\n') ? "" : "\nResponse: "); + strchr(challenge, '\n') ? "" : "\nResponse: "); xfree(challenge); if (i != 0) error("Permission denied, please try again."); @@ -663,7 +855,7 @@ try_challenge_reponse_authentication(void) xfree(response); packet_send(); packet_write_wait(); - type = packet_read(&payload_len); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) return 1; if (type != SSH_SMSG_FAILURE) @@ -677,10 +869,10 @@ try_challenge_reponse_authentication(void) /* * Tries to authenticate with plain passwd authentication. */ -int +static int try_password_authentication(char *prompt) { - int type, i, payload_len; + int type, i; char *password; debug("Doing password authentication."); @@ -697,7 +889,7 @@ try_password_authentication(char *prompt) packet_send(); packet_write_wait(); - type = packet_read(&payload_len); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) return 1; if (type != SSH_SMSG_FAILURE) @@ -715,54 +907,43 @@ ssh_kex(char *host, struct sockaddr *hostaddr) { int i; BIGNUM *key; - RSA *host_key; - RSA *public_key; - Key k; + Key *host_key, *server_key; int bits, rbits; int ssh_cipher_default = SSH_CIPHER_3DES; u_char session_key[SSH_SESSION_KEY_LENGTH]; u_char cookie[8]; u_int supported_ciphers; u_int server_flags, client_flags; - int payload_len, clen, sum_len = 0; u_int32_t rand = 0; debug("Waiting for server public key."); /* Wait for a public key packet from the server. */ - packet_read_expect(&payload_len, SSH_SMSG_PUBLIC_KEY); + packet_read_expect(SSH_SMSG_PUBLIC_KEY); /* Get cookie from the packet. */ for (i = 0; i < 8; i++) cookie[i] = packet_get_char(); /* Get the public key. */ - public_key = RSA_new(); - bits = packet_get_int();/* bits */ - public_key->e = BN_new(); - packet_get_bignum(public_key->e, &clen); - sum_len += clen; - public_key->n = BN_new(); - packet_get_bignum(public_key->n, &clen); - sum_len += clen; - - rbits = BN_num_bits(public_key->n); + server_key = key_new(KEY_RSA1); + bits = packet_get_int(); + packet_get_bignum(server_key->rsa->e); + packet_get_bignum(server_key->rsa->n); + + rbits = BN_num_bits(server_key->rsa->n); if (bits != rbits) { log("Warning: Server lies about size of server public key: " "actual size is %d bits vs. announced %d.", rbits, bits); log("Warning: This may be due to an old implementation of ssh."); } /* Get the host key. */ - host_key = RSA_new(); - bits = packet_get_int();/* bits */ - host_key->e = BN_new(); - packet_get_bignum(host_key->e, &clen); - sum_len += clen; - host_key->n = BN_new(); - packet_get_bignum(host_key->n, &clen); - sum_len += clen; - - rbits = BN_num_bits(host_key->n); + host_key = key_new(KEY_RSA1); + bits = packet_get_int(); + packet_get_bignum(host_key->rsa->e); + packet_get_bignum(host_key->rsa->n); + + rbits = BN_num_bits(host_key->rsa->n); if (bits != rbits) { log("Warning: Server lies about size of server host key: " "actual size is %d bits vs. announced %d.", rbits, bits); @@ -775,21 +956,17 @@ ssh_kex(char *host, struct sockaddr *hostaddr) supported_ciphers = packet_get_int(); supported_authentications = packet_get_int(); + packet_check_eom(); debug("Received server public key (%d bits) and host key (%d bits).", - BN_num_bits(public_key->n), BN_num_bits(host_key->n)); + BN_num_bits(server_key->rsa->n), BN_num_bits(host_key->rsa->n)); - packet_integrity_check(payload_len, - 8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4, - SSH_SMSG_PUBLIC_KEY); - k.type = KEY_RSA1; - k.rsa = host_key; - check_host_key(host, hostaddr, &k, - options.user_hostfile, options.system_hostfile); + if (verify_host_key(host, hostaddr, host_key) == -1) + fatal("Host key verification failed."); client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN; - compute_session_id(session_id, cookie, host_key->n, public_key->n); + compute_session_id(session_id, cookie, host_key->rsa->n, server_key->rsa->n); /* Generate a session key. */ arc4random_stir(); @@ -811,7 +988,8 @@ ssh_kex(char *host, struct sockaddr *hostaddr) * is the highest byte of the integer. The session key is xored with * the first 16 bytes of the session id. */ - key = BN_new(); + if ((key = BN_new()) == NULL) + fatal("respond_to_rsa_challenge: BN_new failed"); BN_set_word(key, 0); for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) { BN_lshift(key, key, 8); @@ -825,35 +1003,35 @@ ssh_kex(char *host, struct sockaddr *hostaddr) * Encrypt the integer using the public key and host key of the * server (key with smaller modulus first). */ - if (BN_cmp(public_key->n, host_key->n) < 0) { + if (BN_cmp(server_key->rsa->n, host_key->rsa->n) < 0) { /* Public key has smaller modulus. */ - if (BN_num_bits(host_key->n) < - BN_num_bits(public_key->n) + SSH_KEY_BITS_RESERVED) { - fatal("respond_to_rsa_challenge: host_key %d < public_key %d + " - "SSH_KEY_BITS_RESERVED %d", - BN_num_bits(host_key->n), - BN_num_bits(public_key->n), - SSH_KEY_BITS_RESERVED); + if (BN_num_bits(host_key->rsa->n) < + BN_num_bits(server_key->rsa->n) + SSH_KEY_BITS_RESERVED) { + fatal("respond_to_rsa_challenge: host_key %d < server_key %d + " + "SSH_KEY_BITS_RESERVED %d", + BN_num_bits(host_key->rsa->n), + BN_num_bits(server_key->rsa->n), + SSH_KEY_BITS_RESERVED); } - rsa_public_encrypt(key, key, public_key); - rsa_public_encrypt(key, key, host_key); + rsa_public_encrypt(key, key, server_key->rsa); + rsa_public_encrypt(key, key, host_key->rsa); } else { /* Host key has smaller modulus (or they are equal). */ - if (BN_num_bits(public_key->n) < - BN_num_bits(host_key->n) + SSH_KEY_BITS_RESERVED) { - fatal("respond_to_rsa_challenge: public_key %d < host_key %d + " - "SSH_KEY_BITS_RESERVED %d", - BN_num_bits(public_key->n), - BN_num_bits(host_key->n), - SSH_KEY_BITS_RESERVED); + if (BN_num_bits(server_key->rsa->n) < + BN_num_bits(host_key->rsa->n) + SSH_KEY_BITS_RESERVED) { + fatal("respond_to_rsa_challenge: server_key %d < host_key %d + " + "SSH_KEY_BITS_RESERVED %d", + BN_num_bits(server_key->rsa->n), + BN_num_bits(host_key->rsa->n), + SSH_KEY_BITS_RESERVED); } - rsa_public_encrypt(key, key, host_key); - rsa_public_encrypt(key, key, public_key); + rsa_public_encrypt(key, key, host_key->rsa); + rsa_public_encrypt(key, key, server_key->rsa); } /* Destroy the public keys since we no longer need them. */ - RSA_free(public_key); - RSA_free(host_key); + key_free(server_key); + key_free(host_key); if (options.cipher == SSH_CIPHER_NOT_SET) { if (cipher_mask_ssh1(1) & supported_ciphers & (1 << ssh_cipher_default)) @@ -867,7 +1045,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) /* Check that the selected cipher is supported. */ if (!(supported_ciphers & (1 << options.cipher))) fatal("Selected cipher type %.100s not supported by server.", - cipher_name(options.cipher)); + cipher_name(options.cipher)); debug("Encryption type: %.100s", cipher_name(options.cipher)); @@ -902,7 +1080,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr) * Expect a success message from the server. Note that this message * will be received in encrypted form. */ - packet_read_expect(&payload_len, SSH_SMSG_SUCCESS); + packet_read_expect(SSH_SMSG_SUCCESS); debug("Received encrypted confirmation."); } @@ -914,15 +1092,18 @@ void ssh_userauth1(const char *local_user, const char *server_user, char *host, Key **keys, int nkeys) { +#ifdef KRB5 + krb5_context context = NULL; + krb5_auth_context auth_context = NULL; +#endif int i, type; - int payload_len; if (supported_authentications == 0) fatal("ssh_userauth1: server supports no auth methods"); /* Send the name of the user to log in as on the server. */ packet_start(SSH_CMSG_USER); - packet_put_string(server_user, strlen(server_user)); + packet_put_cstring(server_user); packet_send(); packet_write_wait(); @@ -931,43 +1112,40 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, * needed (the user has no password). Otherwise the server responds * with failure. */ - type = packet_read(&payload_len); + type = packet_read(); /* check whether the connection was accepted without authentication. */ if (type == SSH_SMSG_SUCCESS) - return; + goto success; if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", - type); + packet_disconnect("Protocol error: got %d in response to SSH_CMSG_USER", type); -#ifdef AFS - /* Try Kerberos tgt passing if the server supports it. */ - if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && - options.kerberos_tgt_passing) { - if (options.cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); - (void) send_kerberos_tgt(); - } - /* Try AFS token passing if the server supports it. */ - if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) && - options.afs_token_passing && k_hasafs()) { - if (options.cipher == SSH_CIPHER_NONE) - log("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); - send_afs_tokens(); +#ifdef KRB5 + if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && + options.kerberos_authentication) { + debug("Trying Kerberos v5 authentication."); + + if (try_krb5_authentication(&context, &auth_context)) { + type = packet_read(); + if (type == SSH_SMSG_SUCCESS) + goto success; + if (type != SSH_SMSG_FAILURE) + packet_disconnect("Protocol error: got %d in response to Kerberos v5 auth", type); + } } -#endif /* AFS */ +#endif /* KRB5 */ #ifdef KRB4 if ((supported_authentications & (1 << SSH_AUTH_KERBEROS)) && options.kerberos_authentication) { - debug("Trying Kerberos authentication."); - if (try_kerberos_authentication()) { - /* The server should respond with success or failure. */ - type = packet_read(&payload_len); + debug("Trying Kerberos v4 authentication."); + + if (try_krb4_authentication()) { + type = packet_read(); if (type == SSH_SMSG_SUCCESS) - return; + goto success; if (type != SSH_SMSG_FAILURE) - packet_disconnect("Protocol error: got %d in response to Kerberos auth", type); + packet_disconnect("Protocol error: got %d in response to Kerberos v4 auth", type); } } #endif /* KRB4 */ @@ -980,14 +1158,14 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, options.rhosts_authentication) { debug("Trying rhosts authentication."); packet_start(SSH_CMSG_AUTH_RHOSTS); - packet_put_string(local_user, strlen(local_user)); + packet_put_cstring(local_user); packet_send(); packet_write_wait(); /* The server should respond with success or failure. */ - type = packet_read(&payload_len); + type = packet_read(); if (type == SSH_SMSG_SUCCESS) - return; + goto success; if (type != SSH_SMSG_FAILURE) packet_disconnect("Protocol error: got %d in response to rhosts auth", type); @@ -1001,7 +1179,7 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, for (i = 0; i < nkeys; i++) { if (keys[i] != NULL && keys[i]->type == KEY_RSA1 && try_rhosts_rsa_authentication(local_user, keys[i])) - return; + goto success; } } /* Try RSA authentication if the server supports it. */ @@ -1013,20 +1191,20 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, * it, whereas identity files may require passphrases. */ if (try_agent_authentication()) - return; + goto success; /* Try RSA authentication for each identity. */ for (i = 0; i < options.num_identity_files; i++) if (options.identity_keys[i] != NULL && options.identity_keys[i]->type == KEY_RSA1 && - try_rsa_authentication(options.identity_files[i])) - return; + try_rsa_authentication(i)) + goto success; } /* Try challenge response authentication if the server supports it. */ if ((supported_authentications & (1 << SSH_AUTH_TIS)) && - options.challenge_reponse_authentication && !options.batch_mode) { - if (try_challenge_reponse_authentication()) - return; + options.challenge_response_authentication && !options.batch_mode) { + if (try_challenge_response_authentication()) + goto success; } /* Try password authentication if the server supports it. */ if ((supported_authentications & (1 << SSH_AUTH_PASSWORD)) && @@ -1036,9 +1214,43 @@ ssh_userauth1(const char *local_user, const char *server_user, char *host, snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", server_user, host); if (try_password_authentication(prompt)) - return; + goto success; } /* All authentication methods have failed. Exit with an error message. */ fatal("Permission denied."); /* NOTREACHED */ + + success: +#ifdef KRB5 + /* Try Kerberos v5 TGT passing. */ + if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && + options.kerberos_tgt_passing && context && auth_context) { + if (options.cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); + send_krb5_tgt(context, auth_context); + } + if (auth_context) + krb5_auth_con_free(context, auth_context); + if (context) + krb5_free_context(context); +#endif + +#ifdef AFS + /* Try Kerberos v4 TGT passing if the server supports it. */ + if ((supported_authentications & (1 << SSH_PASS_KERBEROS_TGT)) && + options.kerberos_tgt_passing) { + if (options.cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! Ticket will be transmitted in the clear!"); + send_krb4_tgt(); + } + /* Try AFS token passing if the server supports it. */ + if ((supported_authentications & (1 << SSH_PASS_AFS_TOKEN)) && + options.afs_token_passing && k_hasafs()) { + if (options.cipher == SSH_CIPHER_NONE) + log("WARNING: Encryption is disabled! Token will be transmitted in the clear!"); + send_afs_tokens(); + } +#endif /* AFS */ + + return; /* need statement after label */ } diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c index 14e3d401a78a..c5b5ee51550c 100644 --- a/crypto/openssh/sshconnect2.c +++ b/crypto/openssh/sshconnect2.c @@ -23,29 +23,20 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.72 2001/04/18 23:43:26 markus Exp $"); - -#include <openssl/bn.h> -#include <openssl/md5.h> -#include <openssl/dh.h> -#include <openssl/hmac.h> +RCSID("$OpenBSD: sshconnect2.c,v 1.97 2002/02/25 16:33:27 markus Exp $"); #include "ssh.h" #include "ssh2.h" #include "xmalloc.h" -#include "rsa.h" #include "buffer.h" #include "packet.h" -#include "uidswap.h" #include "compat.h" #include "bufaux.h" #include "cipher.h" #include "kex.h" #include "myproposal.h" -#include "key.h" #include "sshconnect.h" #include "authfile.h" -#include "cli.h" #include "dh.h" #include "authfd.h" #include "log.h" @@ -72,11 +63,11 @@ struct sockaddr *xxx_hostaddr; Kex *xxx_kex = NULL; -int -check_host_key_callback(Key *hostkey) +static int +verify_host_key_callback(Key *hostkey) { - check_host_key(xxx_host, xxx_hostaddr, hostkey, - options.user_hostfile2, options.system_hostfile2); + if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1) + fatal("Host key verification failed."); return 0; } @@ -112,14 +103,14 @@ ssh_kex2(char *host, struct sockaddr *hostaddr) myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; } if (options.hostkeyalgorithms != NULL) - myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = options.hostkeyalgorithms; /* start key exchange */ kex = kex_setup(myproposal); kex->client_version_string=client_version_string; kex->server_version_string=server_version_string; - kex->check_host_key=&check_host_key_callback; + kex->verify_host_key=&verify_host_key_callback; xxx_kex = kex; @@ -147,7 +138,7 @@ typedef struct Authmethod Authmethod; typedef int sign_cb_fn( Authctxt *authctxt, Key *key, - u_char **sigp, int *lenp, u_char *data, int datalen); + u_char **sigp, u_int *lenp, u_char *data, u_int datalen); struct Authctxt { const char *server_user; @@ -165,6 +156,8 @@ struct Authctxt { /* hostbased */ Key **keys; int nkeys; + /* kbd-interactive */ + int info_req_seen; }; struct Authmethod { char *name; /* string to compare against server's list */ @@ -173,47 +166,45 @@ struct Authmethod { int *batch_flag; /* flag in option struct that disables method */ }; -void input_userauth_success(int type, int plen, void *ctxt); -void input_userauth_failure(int type, int plen, void *ctxt); -void input_userauth_banner(int type, int plen, void *ctxt); -void input_userauth_error(int type, int plen, void *ctxt); -void input_userauth_info_req(int type, int plen, void *ctxt); -void input_userauth_pk_ok(int type, int plen, void *ctxt); +void input_userauth_success(int, u_int32_t, void *); +void input_userauth_failure(int, u_int32_t, void *); +void input_userauth_banner(int, u_int32_t, void *); +void input_userauth_error(int, u_int32_t, void *); +void input_userauth_info_req(int, u_int32_t, void *); +void input_userauth_pk_ok(int, u_int32_t, void *); -int userauth_none(Authctxt *authctxt); -int userauth_pubkey(Authctxt *authctxt); -int userauth_passwd(Authctxt *authctxt); -int userauth_kbdint(Authctxt *authctxt); -int userauth_hostbased(Authctxt *authctxt); +int userauth_none(Authctxt *); +int userauth_pubkey(Authctxt *); +int userauth_passwd(Authctxt *); +int userauth_kbdint(Authctxt *); +int userauth_hostbased(Authctxt *); -void userauth(Authctxt *authctxt, char *authlist); +void userauth(Authctxt *, char *); -int -sign_and_send_pubkey(Authctxt *authctxt, Key *k, - sign_cb_fn *sign_callback); -void clear_auth_state(Authctxt *authctxt); +static int sign_and_send_pubkey(Authctxt *, Key *, sign_cb_fn *); +static void clear_auth_state(Authctxt *); -Authmethod *authmethod_get(char *authlist); -Authmethod *authmethod_lookup(const char *name); -char *authmethods_get(void); +static Authmethod *authmethod_get(char *authlist); +static Authmethod *authmethod_lookup(const char *name); +static char *authmethods_get(void); Authmethod authmethods[] = { + {"hostbased", + userauth_hostbased, + &options.hostbased_authentication, + NULL}, {"publickey", userauth_pubkey, &options.pubkey_authentication, NULL}, - {"password", - userauth_passwd, - &options.password_authentication, - &options.batch_mode}, {"keyboard-interactive", userauth_kbdint, &options.kbd_interactive_authentication, &options.batch_mode}, - {"hostbased", - userauth_hostbased, - &options.hostbased_authentication, - NULL}, + {"password", + userauth_passwd, + &options.password_authentication, + &options.batch_mode}, {"none", userauth_none, NULL, @@ -227,9 +218,8 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, { Authctxt authctxt; int type; - int plen; - if (options.challenge_reponse_authentication) + if (options.challenge_response_authentication) options.kbd_interactive_authentication = 1; debug("send SSH2_MSG_SERVICE_REQUEST"); @@ -237,24 +227,25 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, packet_put_cstring("ssh-userauth"); packet_send(); packet_write_wait(); - type = packet_read(&plen); + type = packet_read(); if (type != SSH2_MSG_SERVICE_ACCEPT) { fatal("denied SSH2_MSG_SERVICE_ACCEPT: %d", type); } if (packet_remaining() > 0) { - char *reply = packet_get_string(&plen); + char *reply = packet_get_string(NULL); debug("service_accept: %s", reply); xfree(reply); } else { debug("buggy server: service_accept w/o service"); } - packet_done(); + packet_check_eom(); debug("got SSH2_MSG_SERVICE_ACCEPT"); if (options.preferred_authentications == NULL) options.preferred_authentications = authmethods_get(); /* setup authentication context */ + memset(&authctxt, 0, sizeof(authctxt)); authctxt.agent = ssh_get_authentication_connection(); authctxt.server_user = server_user; authctxt.local_user = local_user; @@ -265,6 +256,7 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host, authctxt.authlist = NULL; authctxt.keys = keys; authctxt.nkeys = nkeys; + authctxt.info_req_seen = 0; if (authctxt.method == NULL) fatal("ssh_userauth2: internal error: cannot send userauth none request"); @@ -307,13 +299,13 @@ userauth(Authctxt *authctxt, char *authlist) } } void -input_userauth_error(int type, int plen, void *ctxt) +input_userauth_error(int type, u_int32_t seq, void *ctxt) { fatal("input_userauth_error: bad message during authentication: " "type %d", type); } void -input_userauth_banner(int type, int plen, void *ctxt) +input_userauth_banner(int type, u_int32_t seq, void *ctxt) { char *msg, *lang; debug3("input_userauth_banner"); @@ -324,7 +316,7 @@ input_userauth_banner(int type, int plen, void *ctxt) xfree(lang); } void -input_userauth_success(int type, int plen, void *ctxt) +input_userauth_success(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; if (authctxt == NULL) @@ -335,7 +327,7 @@ input_userauth_success(int type, int plen, void *ctxt) authctxt->success = 1; /* break out */ } void -input_userauth_failure(int type, int plen, void *ctxt) +input_userauth_failure(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; char *authlist = NULL; @@ -346,7 +338,7 @@ input_userauth_failure(int type, int plen, void *ctxt) authlist = packet_get_string(NULL); partial = packet_get_char(); - packet_done(); + packet_check_eom(); if (partial != 0) log("Authenticated with partial success."); @@ -356,13 +348,15 @@ input_userauth_failure(int type, int plen, void *ctxt) userauth(authctxt, authlist); } void -input_userauth_pk_ok(int type, int plen, void *ctxt) +input_userauth_pk_ok(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; Key *key = NULL; Buffer b; - int alen, blen, sent = 0; - char *pkalg, *pkblob, *fp; + int pktype, sent = 0; + u_int alen, blen; + char *pkalg, *fp; + u_char *pkblob; if (authctxt == NULL) fatal("input_userauth_pk_ok: no authentication context"); @@ -378,7 +372,7 @@ input_userauth_pk_ok(int type, int plen, void *ctxt) pkalg = packet_get_string(&alen); pkblob = packet_get_string(&blen); } - packet_done(); + packet_check_eom(); debug("input_userauth_pk_ok: pkalg %s blen %d lastkey %p hint %d", pkalg, blen, authctxt->last_key, authctxt->last_key_hint); @@ -389,7 +383,7 @@ input_userauth_pk_ok(int type, int plen, void *ctxt) debug("no last key or no sign cb"); break; } - if (key_type_from_name(pkalg) == KEY_UNSPEC) { + if ((pktype = key_type_from_name(pkalg)) == KEY_UNSPEC) { debug("unknown pkalg %s", pkalg); break; } @@ -397,6 +391,12 @@ input_userauth_pk_ok(int type, int plen, void *ctxt) debug("no key from blob. pkalg %s", pkalg); break; } + if (key->type != pktype) { + error("input_userauth_pk_ok: type mismatch " + "for decoded key (received %d, expected %d)", + key->type, pktype); + break; + } fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); debug2("input_userauth_pk_ok: fp %s", fp); xfree(fp); @@ -406,7 +406,7 @@ input_userauth_pk_ok(int type, int plen, void *ctxt) } sent = sign_and_send_pubkey(authctxt, key, authctxt->last_key_sign); - } while(0); + } while (0); if (key != NULL) key_free(key); @@ -445,7 +445,7 @@ userauth_passwd(Authctxt *authctxt) if (attempt++ >= options.number_of_password_prompts) return 0; - if(attempt != 1) + if (attempt != 1) error("Permission denied, please try again."); snprintf(prompt, sizeof(prompt), "%.30s@%.128s's password: ", @@ -459,12 +459,12 @@ userauth_passwd(Authctxt *authctxt) packet_put_cstring(password); memset(password, 0, strlen(password)); xfree(password); - packet_inject_ignore(64); + packet_add_padding(64); packet_send(); return 1; } -void +static void clear_auth_state(Authctxt *authctxt) { /* XXX clear authentication state */ @@ -477,12 +477,12 @@ clear_auth_state(Authctxt *authctxt) authctxt->last_key_sign = NULL; } -int +static int sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) { Buffer b; u_char *blob, *signature; - int bloblen, slen; + u_int bloblen, slen; int skip = 0; int ret = -1; int have_sig = 1; @@ -562,12 +562,12 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback) return 1; } -int +static int send_pubkey_test(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback, int hint) { u_char *blob; - int bloblen, have_sig = 0; + u_int bloblen, have_sig = 0; debug3("send_pubkey_test"); @@ -595,7 +595,7 @@ send_pubkey_test(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback, return 1; } -Key * +static Key * load_identity_file(char *filename) { Key *private; @@ -612,7 +612,7 @@ load_identity_file(char *filename) if (options.batch_mode) return NULL; snprintf(prompt, sizeof prompt, - "Enter passphrase for key '%.100s': ", filename); + "Enter passphrase for key '%.100s': ", filename); for (i = 0; i < options.number_of_password_prompts; i++) { passphrase = read_passphrase(prompt, 0); if (strcmp(passphrase, "") != 0) { @@ -633,9 +633,9 @@ load_identity_file(char *filename) return private; } -int -identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, - u_char *data, int datalen) +static int +identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) { Key *private; int idx, ret; @@ -643,6 +643,11 @@ identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, idx = authctxt->last_key_hint; if (idx < 0) return -1; + + /* private key is stored in external hardware */ + if (options.identity_keys[idx]->flags & KEY_FLAG_EXT) + return key_sign(options.identity_keys[idx], sigp, lenp, data, datalen); + private = load_identity_file(options.identity_files[idx]); if (private == NULL) return -1; @@ -651,19 +656,21 @@ identity_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, return ret; } -int agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, - u_char *data, int datalen) +static int +agent_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) { return ssh_agent_sign(authctxt->agent, key, sigp, lenp, data, datalen); } -int key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, int *lenp, - u_char *data, int datalen) +static int +key_sign_cb(Authctxt *authctxt, Key *key, u_char **sigp, u_int *lenp, + u_char *data, u_int datalen) { return key_sign(key, sigp, lenp, data, datalen); } -int +static int userauth_pubkey_agent(Authctxt *authctxt) { static int called = 0; @@ -702,7 +709,7 @@ userauth_pubkey(Authctxt *authctxt) if (authctxt->agent != NULL) { do { sent = userauth_pubkey_agent(authctxt); - } while(!sent && authctxt->agent->howmany > 0); + } while (!sent && authctxt->agent->howmany > 0); } while (!sent && idx < options.num_identity_files) { key = options.identity_keys[idx]; @@ -735,6 +742,12 @@ userauth_kbdint(Authctxt *authctxt) if (attempt++ >= options.number_of_password_prompts) return 0; + /* disable if no SSH2_MSG_USERAUTH_INFO_REQUEST has been seen */ + if (attempt > 1 && !authctxt->info_req_seen) { + debug3("userauth_kbdint: disable: no info_req_seen"); + dispatch_set(SSH2_MSG_USERAUTH_INFO_REQUEST, NULL); + return 0; + } debug2("userauth_kbdint"); packet_start(SSH2_MSG_USERAUTH_REQUEST); @@ -754,7 +767,7 @@ userauth_kbdint(Authctxt *authctxt) * parse INFO_REQUEST, prompt user and send INFO_RESPONSE */ void -input_userauth_info_req(int type, int plen, void *ctxt) +input_userauth_info_req(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; char *name, *inst, *lang, *prompt, *response; @@ -766,13 +779,15 @@ input_userauth_info_req(int type, int plen, void *ctxt) if (authctxt == NULL) fatal("input_userauth_info_req: no authentication context"); + authctxt->info_req_seen = 1; + name = packet_get_string(NULL); inst = packet_get_string(NULL); lang = packet_get_string(NULL); if (strlen(name) > 0) - cli_mesg(name); + log("%s", name); if (strlen(inst) > 0) - cli_mesg(inst); + log("%s", inst); xfree(name); xfree(inst); xfree(lang); @@ -787,20 +802,21 @@ input_userauth_info_req(int type, int plen, void *ctxt) packet_start(SSH2_MSG_USERAUTH_INFO_RESPONSE); packet_put_int(num_prompts); + debug2("input_userauth_info_req: num_prompts %d", num_prompts); for (i = 0; i < num_prompts; i++) { prompt = packet_get_string(NULL); echo = packet_get_char(); - response = cli_prompt(prompt, echo); + response = read_passphrase(prompt, echo ? RP_ECHO : 0); packet_put_cstring(response); memset(response, 0, strlen(response)); xfree(response); xfree(prompt); } - packet_done(); /* done with parsing incoming message. */ + packet_check_eom(); /* done with parsing incoming message. */ - packet_inject_ignore(64); + packet_add_padding(64); packet_send(); } @@ -819,16 +835,6 @@ userauth_hostbased(Authctxt *authctxt) u_int blen, slen; int ok, i, len, found = 0; - p = get_local_name(packet_get_connection_in()); - if (p == NULL) { - error("userauth_hostbased: cannot get local ipaddr/name"); - return 0; - } - len = strlen(p) + 2; - chost = xmalloc(len); - strlcpy(chost, p, len); - strlcat(chost, ".", len); - debug2("userauth_hostbased: chost %s", chost); /* check for a useful key */ for (i = 0; i < authctxt->nkeys; i++) { private = authctxt->keys[i]; @@ -840,14 +846,26 @@ userauth_hostbased(Authctxt *authctxt) } } if (!found) { - xfree(chost); + debug("userauth_hostbased: no more client hostkeys"); return 0; } if (key_to_blob(private, &blob, &blen) == 0) { key_free(private); - xfree(chost); return 0; } + /* figure out a name for the client host */ + p = get_local_name(packet_get_connection_in()); + if (p == NULL) { + error("userauth_hostbased: cannot get local ipaddr/name"); + key_free(private); + return 0; + } + len = strlen(p) + 2; + chost = xmalloc(len); + strlcpy(chost, p, len); + strlcat(chost, ".", len); + debug2("userauth_hostbased: chost %s", chost); + service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : authctxt->service; pkalg = xstrdup(key_ssh_name(private)); @@ -865,7 +883,6 @@ userauth_hostbased(Authctxt *authctxt) #ifdef DEBUG_PK buffer_dump(&b); #endif - debug2("xxx: chost %s", chost); ok = key_sign(private, &signature, &slen, buffer_ptr(&b), buffer_len(&b)); key_free(private); buffer_free(&b); @@ -899,7 +916,7 @@ userauth_hostbased(Authctxt *authctxt) * given auth method name, if configurable options permit this method fill * in auth_ident field and return true, otherwise return false. */ -int +static int authmethod_is_enabled(Authmethod *method) { if (method == NULL) @@ -913,7 +930,7 @@ authmethod_is_enabled(Authmethod *method) return 1; } -Authmethod * +static Authmethod * authmethod_lookup(const char *name) { Authmethod *method = NULL; @@ -934,12 +951,12 @@ static char *preferred = NULL; * next method we should try. If the server initially sends a nil list, * use a built-in default list. */ -Authmethod * +static Authmethod * authmethod_get(char *authlist) { char *name = NULL; - int next; + u_int next; /* Use a suitable default if we're passed a nil list. */ if (authlist == NULL || strlen(authlist) == 0) @@ -974,21 +991,23 @@ authmethod_get(char *authlist) } } - -#define DELIM "," -char * +static char * authmethods_get(void) { Authmethod *method = NULL; - char buf[1024]; + Buffer b; + char *list; - buf[0] = '\0'; + buffer_init(&b); for (method = authmethods; method->name != NULL; method++) { if (authmethod_is_enabled(method)) { - if (buf[0] != '\0') - strlcat(buf, DELIM, sizeof buf); - strlcat(buf, method->name, sizeof buf); + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + buffer_append(&b, method->name, strlen(method->name)); } } - return xstrdup(buf); + buffer_append(&b, "\0", 1); + list = xstrdup(buffer_ptr(&b)); + buffer_free(&b); + return list; } diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index 62e3de7c6a20..9d579f173ea8 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.120 2001/04/22 23:58:36 markus Exp $ +.\" $OpenBSD: sshd.8,v 1.170 2002/02/28 20:46:10 stevesk Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -43,15 +43,15 @@ .Nd OpenSSH SSH daemon .Sh SYNOPSIS .Nm sshd -.Op Fl deiqD46 +.Op Fl deiqtD46 .Op Fl b Ar bits .Op Fl f Ar config_file .Op Fl g Ar login_grace_time .Op Fl h Ar host_key_file .Op Fl k Ar key_gen_time +.Op Fl o Ar option .Op Fl p Ar port .Op Fl u Ar len -.Op Fl V Ar client_protocol_id .Sh DESCRIPTION .Nm (SSH Daemon) is the daemon program for @@ -118,9 +118,8 @@ configuration file if desired. System security is not improved unless .Xr rshd 8 , .Xr rlogind 8 , -.Xr rexecd 8 , and -.Xr rexd 8 +.Xr rexecd 8 are disabled (thus completely disabling .Xr rlogin 1 and @@ -130,7 +129,7 @@ into the machine). .Ss SSH protocol version 2 .Pp Version 2 works similarly: -Each host has a host-specific DSA key used to identify the host. +Each host has a host-specific key (RSA or DSA) used to identify the host. However, when the daemon starts, it does not generate a server key. Forward security is provided through a Diffie-Hellman key agreement. This key agreement results in a shared session key. @@ -176,7 +175,7 @@ configuration file. .Nm rereads its configuration file when it receives a hangup signal, .Dv SIGHUP , -by executing itself with the name it was started as, ie. +by executing itself with the name it was started as, i.e., .Pa /usr/sbin/sshd . .Pp The options are as follows: @@ -184,7 +183,6 @@ The options are as follows: .It Fl b Ar bits Specifies the number of bits in the ephemeral protocol version 1 server key (default 768). -.Pp .It Fl d Debug mode. The server sends verbose debug output to the system @@ -200,7 +198,7 @@ will send the output to the standard error instead of the system log. .It Fl f Ar configuration_file Specifies the name of the configuration file. The default is -.Pa /etc/sshd_config . +.Pa /etc/ssh/sshd_config . .Nm refuses to start if there is no configuration file. .It Fl g Ar login_grace_time @@ -210,12 +208,18 @@ If the client fails to authenticate the user within this many seconds, the server disconnects and exits. A value of zero indicates no limit. .It Fl h Ar host_key_file -Specifies the file from which the host key is read (default -.Pa /etc/ssh_host_key ) . +Specifies a file from which a host key is read. This option must be given if .Nm is not run as root (as the normal -host file is normally not readable by anyone but root). +host key files are normally not readable by anyone but root). +The default is +.Pa /etc/ssh/ssh_host_key +for protocol version 1, and +.Pa /etc/ssh/ssh_host_rsa_key +and +.Pa /etc/ssh/ssh_host_dsa_key +for protocol version 2. It is possible to have multiple host key files for the different protocol versions and host key algorithms. .It Fl i @@ -240,14 +244,27 @@ it becomes impossible to recover the key for decrypting intercepted communications even if the machine is cracked into or physically seized. A value of zero indicates that the key will never be regenerated. +.It Fl o Ar option +Can be used to give options in the format used in the configuration file. +This is useful for specifying options for which there is no separate +command-line flag. .It Fl p Ar port Specifies the port on which the server listens for connections (default 22). +Multiple port options are permitted. +Ports specified in the configuration file are ignored when a +command-line port is specified. .It Fl q Quiet mode. Nothing is sent to the system log. Normally the beginning, authentication, and termination of each connection is logged. +.It Fl t +Test mode. +Only check the validity of the configuration file and sanity of the keys. +This is useful for updating +.Nm +reliably as configuration options may change. .It Fl u Ar len This option is used to specify the size of the field in the @@ -264,6 +281,23 @@ indicates that only dotted decimal addresses should be put into the .Pa utmp file. +.Fl u0 +is also be used to prevent +.Nm +from making DNS requests unless the authentication +mechanism or configuration requires it. +Authentication mechanisms that may require DNS include +.Cm RhostsAuthentication , +.Cm RhostsRSAAuthentication , +.Cm HostbasedAuthentication +and using a +.Cm from="pattern-list" +option in a key file. +Configuration options that require DNS include using a +USER@HOST pattern in +.Cm AllowUsers +or +.Cm DenyUsers . .It Fl D When this option is specified .Nm @@ -282,23 +316,25 @@ to use IPv6 addresses only. .Sh CONFIGURATION FILE .Nm reads configuration data from -.Pa /etc/sshd_config +.Pa /etc/ssh/sshd_config (or the file specified with .Fl f on the command line). -The file contains keyword-value pairs, one per line. +The file contains keyword-argument pairs, one per line. Lines starting with .Ql # and empty lines are interpreted as comments. .Pp -The following keywords are possible. +The possible +keywords and their meanings are as follows (note that +keywords are case-insensitive and arguments are case-sensitive): .Bl -tag -width Ds .It Cm AFSTokenPassing Specifies whether an AFS token may be forwarded to the server. Default is .Dq yes . .It Cm AllowGroups -This keyword can be followed by a list of group names, separated +This keyword can be followed by a list of group name patterns, separated by spaces. If specified, login is allowed only for users whose primary group or supplementary group list matches one of the patterns. @@ -307,8 +343,8 @@ and .Ql ? can be used as wildcards in the patterns. -Only group names are valid; a numerical group ID isn't recognized. -By default login is allowed regardless of the group list. +Only group names are valid; a numerical group ID is not recognized. +By default, login is allowed for all groups. .Pp .It Cm AllowTcpForwarding Specifies whether TCP forwarding is permitted. @@ -319,7 +355,7 @@ users are also denied shell access, as they can always install their own forwarders. .Pp .It Cm AllowUsers -This keyword can be followed by a list of user names, separated +This keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for users names that match one of the patterns. @@ -328,9 +364,26 @@ and .Ql ? can be used as wildcards in the patterns. -Only user names are valid; a numerical user ID isn't recognized. -By default login is allowed regardless of the user name. +Only user names are valid; a numerical user ID is not recognized. +By default, login is allowed for all users. +If the pattern takes the form USER@HOST then USER and HOST +are separately checked, restricting logins to particular +users from particular hosts. .Pp +.It Cm AuthorizedKeysFile +Specifies the file that contains the public keys that can be used +for user authentication. +.Cm AuthorizedKeysFile +may contain tokens of the form %T which are substituted during connection +set-up. The following tokens are defined: %% is replaced by a literal '%', +%h is replaced by the home directory of the user being authenticated and +%u is replaced by the username of that user. +After expansion, +.Cm AuthorizedKeysFile +is taken to be an absolute path or one relative to the user's home +directory. +The default is +.Dq .ssh/authorized_keys . .It Cm Banner In some jurisdictions, sending a warning message before authentication may be relevant for getting legal protection. @@ -339,28 +392,24 @@ authentication is allowed. This option is only available for protocol version 2. .Pp .It Cm ChallengeResponseAuthentication -Specifies whether -challenge response -authentication is allowed. -Currently there is only support for -.Xr skey 1 -authentication. +Specifies whether challenge response authentication is allowed. +All authentication styles from +.Xr login.conf 5 +are supported. The default is .Dq yes . .It Cm Ciphers Specifies the ciphers allowed for protocol version 2. Multiple ciphers must be comma-separated. The default is -.Dq aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour. -.It Cm CheckMail -Specifies whether -.Nm -should check for new mail for interactive logins. -The default is -.Dq no . +.Pp +.Bd -literal + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, + aes192-cbc,aes256-cbc'' +.Ed .It Cm ClientAliveInterval Sets a timeout interval in seconds after which if no data has been received -from the client, +from the client, .Nm will send a message through the encrypted channel to request a response from the client. @@ -372,49 +421,62 @@ Sets the number of client alive messages (see above) which may be sent without .Nm receiving any messages back from the client. If this threshold is -reached while client alive messages are being sent, +reached while client alive messages are being sent, .Nm will disconnect the client, terminating the session. It is important -to note that the use of client alive messages is very different from -.Cm Keepalive +to note that the use of client alive messages is very different from +.Cm KeepAlive (below). The client alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by -.Cm Keepalive -is spoofable. You want to use the client -alive mechanism when you are basing something important on -clients having an active connection to the server. +.Cm KeepAlive +is spoofable. The client alive mechanism is valuable when the client or +server depend on knowing when a connection has become inactive. .Pp -The default value is 3. If you set +The default value is 3. If .Cm ClientAliveInterval -(above) to 15, and leave this value at the default, unresponsive ssh clients -will be disconnected after approximately 45 seconds. +(above) is set to 15, and +.Cm ClientAliveCountMax +is left at the default, unresponsive ssh clients +will be disconnected after approximately 45 seconds. .It Cm DenyGroups -This keyword can be followed by a number of group names, separated +This keyword can be followed by a list of group name patterns, separated by spaces. -Users whose primary group or supplementary group list matches -one of the patterns aren't allowed to log in. +Login is disallowed for users whose primary group or supplementary +group list matches one of the patterns. .Ql \&* and .Ql ? can be used as wildcards in the patterns. -Only group names are valid; a numerical group ID isn't recognized. -By default login is allowed regardless of the group list. +Only group names are valid; a numerical group ID is not recognized. +By default, login is allowed for all groups. .Pp .It Cm DenyUsers -This keyword can be followed by a number of user names, separated +This keyword can be followed by a list of user name patterns, separated by spaces. Login is disallowed for user names that match one of the patterns. .Ql \&* and .Ql ? can be used as wildcards in the patterns. -Only user names are valid; a numerical user ID isn't recognized. -By default login is allowed regardless of the user name. +Only user names are valid; a numerical user ID is not recognized. +By default, login is allowed for all users. +If the pattern takes the form USER@HOST then USER and HOST +are separately checked, restricting logins to particular +users from particular hosts. .It Cm GatewayPorts Specifies whether remote hosts are allowed to connect to ports forwarded for the client. +By default, +.Nm +binds remote port forwardings to the loopback addresss. This +prevents other remote hosts from connecting to forwarded ports. +.Cm GatewayPorts +can be used to specify that +.Nm +should bind remote port forwardings to the wildcard address, +thus allowing remote hosts to connect to forwarded ports. The argument must be .Dq yes or @@ -431,9 +493,15 @@ and applies to protocol version 2 only. The default is .Dq no . .It Cm HostKey -Specifies the file containing the private host keys (default -.Pa /etc/ssh_host_key ) -used by SSH protocol versions 1 and 2. +Specifies a file containing a private host key +used by SSH. +The default is +.Pa /etc/ssh/ssh_host_key +for protocol version 1, and +.Pa /etc/ssh/ssh_host_rsa_key +and +.Pa /etc/ssh/ssh_host_dsa_key +for protocol version 2. Note that .Nm will refuse to use a file if it is group/world-accessible. @@ -473,7 +541,7 @@ or The default is .Dq no . .It Cm KeepAlive -Specifies whether the system should send keepalive messages to the +Specifies whether the system should send TCP keepalive messages to the other side. If they are sent, death of the connection or crash of one of the machines will be properly noticed. @@ -488,12 +556,11 @@ users and consuming server resources. The default is .Dq yes (to send keepalives), and the server will notice -if the network goes down or the client host reboots. +if the network goes down or the client host crashes. This avoids infinitely hanging sessions. .Pp To disable keepalives, the value should be set to -.Dq no -in both the server and the client configuration files. +.Dq no . .It Cm KerberosAuthentication Specifies whether Kerberos authentication is allowed. This can be in the form of a Kerberos ticket, or if @@ -576,9 +643,10 @@ The default is 600 (seconds). Gives the verbosity level that is used when logging messages from .Nm sshd . The possible values are: -QUIET, FATAL, ERROR, INFO, VERBOSE and DEBUG. -The default is INFO. -Logging with level DEBUG violates the privacy of users +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. +The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 +and DEBUG3 each specify higher levels of debugging output. +Logging with a DEBUG level violates the privacy of users and is not recommended. .It Cm MACs Specifies the available MAC (message authentication code) algorithms. @@ -586,11 +654,7 @@ The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. The default is -.Pp -.Bd -literal - ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com, - hmac-sha1-96,hmac-md5-96'' -.Ed +.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 . .It Cm MaxStartups Specifies the maximum number of concurrent unauthenticated connections to the .Nm @@ -701,14 +765,6 @@ Specifies whether public key authentication is allowed. The default is .Dq yes . Note that this option applies to protocol version 2 only. -.It Cm ReverseMappingCheck -Specifies whether -.Nm -should try to verify the remote host name and check that -the resolved host name for the remote IP address maps back to the -very same IP address. -The default is -.Dq no . .It Cm RhostsAuthentication Specifies whether authentication using rhosts or /etc/hosts.equiv files is sufficient. @@ -764,9 +820,24 @@ The default is AUTH. Specifies whether .Xr login 1 is used for interactive login sessions. +The default is +.Dq no . Note that .Xr login 1 is never used for remote command execution. +Note also, that if this is enabled, +.Cm X11Forwarding +will be disabled because +.Xr login 1 +does not know how to handle +.Xr xauth 1 +cookies. +.It Cm VerifyReverseMapping +Specifies whether +.Nm +should try to verify the remote host name and check that +the resolved host name for the remote IP address maps back to the +very same IP address. The default is .Dq no . .It Cm X11DisplayOffset @@ -783,6 +854,34 @@ The default is .Dq no . Note that disabling X11 forwarding does not improve security in any way, as users can always install their own forwarders. +X11 forwarding is automatically disabled if +.Cm UseLogin +is enabled. +.It Cm X11UseLocalhost +Specifies whether +.Nm +should bind the X11 forwarding server to the loopback address or to +the wildcard address. By default, +.Nm +binds the forwarding server to the loopback address and sets the +hostname part of the +.Ev DISPLAY +environment variable to +.Dq localhost . +This prevents remote hosts from connecting to the fake display. +However, some older X11 clients may not function with this +configuration. +.Cm X11UseLocalhost +may be set to +.Dq no +to specify that the forwarding server should be bound to the wildcard +address. +The argument must be +.Dq yes +or +.Dq no . +The default is +.Dq yes . .It Cm XAuthLocation Specifies the location of the .Xr xauth 1 @@ -790,6 +889,48 @@ program. The default is .Pa /usr/X11R6/bin/xauth . .El +.Ss Time Formats +.Pp +.Nm +command-line arguments and configuration file options that specify time +may be expressed using a sequence of the form: +.Sm off +.Ar time Oo Ar qualifier Oc , +.Sm on +where +.Ar time +is a positive integer value and +.Ar qualifier +is one of the following: +.Pp +.Bl -tag -width Ds -compact -offset indent +.It Cm <none> +seconds +.It Cm s | Cm S +seconds +.It Cm m | Cm M +minutes +.It Cm h | Cm H +hours +.It Cm d | Cm D +days +.It Cm w | Cm W +weeks +.El +.Pp +Each member of the sequence is added together to calculate +the total time value. +.Pp +Time format examples: +.Pp +.Bl -tag -width Ds -compact -offset indent +.It 600 +600 seconds (10 minutes) +.It 10m +10 minutes +.It 1h30m +1 hour 30 minutes (90 minutes) +.El .Sh LOGIN PROCESS When a user successfully logs in, .Nm @@ -825,7 +966,7 @@ Changes to user's home directory. If .Pa $HOME/.ssh/rc exists, runs it; else if -.Pa /etc/sshrc +.Pa /etc/ssh/sshrc exists, runs it; otherwise runs xauth. The @@ -836,15 +977,13 @@ authentication protocol and cookie in standard input. Runs user's shell or command. .El .Sh AUTHORIZED_KEYS FILE FORMAT -The .Pa $HOME/.ssh/authorized_keys -file lists the RSA keys that are +is the default file that lists the public keys that are permitted for RSA authentication in protocol version 1 -Similarly, the -.Pa $HOME/.ssh/authorized_keys2 -file lists the DSA and RSA keys that are -permitted for public key authentication (PubkeyAuthentication) +and for public key authentication (PubkeyAuthentication) in protocol version 2. +.Cm AuthorizedKeysFile +may be used to specify an alternative file. .Pp Each line of the file contains one key (empty lines and lines starting with a @@ -879,7 +1018,8 @@ file and edit it. The options (if present) consist of comma-separated option specifications. No spaces are permitted, except within double quotes. -The following option specifications are supported: +The following option specifications are supported (note +that option keywords are case-insensitive): .Bl -tag -width Ds .It Cm from="pattern-list" Specifies that in addition to RSA authentication, the canonical name @@ -905,10 +1045,10 @@ just the key). Specifies that the command is executed whenever this key is used for authentication. The command supplied by the user (if any) is ignored. -The command is run on a pty if the connection requests a pty; +The command is run on a pty if the client requests a pty; otherwise it is run without a tty. -Note that if you want a 8-bit clean channel, -you must not request a pty or should specify +If a 8-bit clean channel is required, +one must not request a pty or should specify .Cm no-pty . A quote may be included in the command by quoting it with a backslash. This option might be useful @@ -916,12 +1056,16 @@ to restrict certain RSA keys to perform just a specific operation. An example might be a key that permits remote backups but nothing else. Note that the client may specify TCP/IP and/or X11 forwarding unless they are explicitly prohibited. +Note that this option applies to shell, command or subsystem execution. .It Cm environment="NAME=value" Specifies that the string is to be added to the environment when logging in using this key. Environment variables set this way override other default environment values. Multiple options of this type are permitted. +This option is automatically disabled if +.Cm UseLogin +is enabled. .It Cm no-port-forwarding Forbids TCP/IP forwarding when this key is used for authentication. Any port forward requests by the client will return an error. @@ -937,13 +1081,16 @@ authentication. .It Cm no-pty Prevents tty allocation (a request to allocate a pty will fail). .It Cm permitopen="host:port" -Limit local +Limit local .Li ``ssh -L'' port forwarding such that it may only connect to the specified host and -port. Multiple +port. +IPv6 addresses can be specified with an alternative syntax: +.Ar host/port . +Multiple .Cm permitopen -options may be applied separated by commas. No pattern matching is -performed on the specified hostnames, they must be literal domains or +options may be applied separated by commas. No pattern matching is +performed on the specified hostnames, they must be literal domains or addresses. .El .Ss Examples @@ -956,11 +1103,9 @@ command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hu permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 .Sh SSH_KNOWN_HOSTS FILE FORMAT The -.Pa /etc/ssh_known_hosts , -.Pa /etc/ssh_known_hosts2 , -.Pa $HOME/.ssh/known_hosts , +.Pa /etc/ssh/ssh_known_hosts , and -.Pa $HOME/.ssh/known_hosts2 +.Pa $HOME/.ssh/known_hosts files contain host public keys for all known hosts. The global file should be prepared by the administrator (optional), and the per-user file is @@ -983,7 +1128,7 @@ pattern on the line. .Pp Bits, exponent, and modulus are taken directly from the RSA host key; they can be obtained, e.g., from -.Pa /etc/ssh_host_key.pub . +.Pa /etc/ssh/ssh_host_key.pub . The optional comment field continues to the end of the line, and is not used. .Pp Lines starting with @@ -1005,7 +1150,7 @@ Note that the lines in these files are typically hundreds of characters long, and you definitely don't want to type in the host keys by hand. Rather, generate them by a script or by taking -.Pa /etc/ssh_host_key.pub +.Pa /etc/ssh/ssh_host_key.pub and adding the host names at the front. .Ss Examples .Bd -literal @@ -1014,19 +1159,19 @@ cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= .Ed .Sh FILES .Bl -tag -width Ds -.It Pa /etc/sshd_config +.It Pa /etc/ssh/sshd_config Contains configuration data for .Nm sshd . This file should be writable by root only, but it is recommended (though not necessary) that it be world-readable. -.It Pa /etc/ssh_host_key, /etc/ssh_host_dsa_key, /etc/ssh_host_rsa_key +.It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key These three files contain the private parts of the host keys. These files should only be owned by root, readable only by root, and not accessible to others. Note that .Nm does not start if this file is group/world-accessible. -.It Pa /etc/ssh_host_key.pub, /etc/ssh_host_dsa_key.pub, /etc/ssh_host_rsa_key.pub +.It Pa /etc/ssh/ssh_host_key.pub, /etc/ssh/ssh_host_dsa_key.pub, /etc/ssh/ssh_host_rsa_key.pub These three files contain the public parts of the host keys. These files should be world-readable but writable only by root. @@ -1036,7 +1181,7 @@ really used for anything; they are provided for the convenience of the user so their contents can be copied to known hosts files. These files are created using .Xr ssh-keygen 1 . -.It Pa /etc/primes +.It Pa /etc/moduli Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". .It Pa /var/run/sshd.pid Contains the process ID of the @@ -1046,17 +1191,6 @@ concurrently for different ports, this contains the pid of the one started last). The content of this file is not sensitive; it can be world-readable. .It Pa $HOME/.ssh/authorized_keys -Lists the RSA keys that can be used to log into the user's account. -This file must be readable by root (which may on some machines imply -it being world-readable if the user's home directory resides on an NFS -volume). -It is recommended that it not be accessible by others. -The format of this file is described above. -Users will place the contents of their -.Pa identity.pub -files into this file, as described in -.Xr ssh-keygen 1 . -.It Pa $HOME/.ssh/authorized_keys2 Lists the public keys (RSA or DSA) that can be used to log into the user's account. This file must be readable by root (which may on some machines imply it being world-readable if the user's home directory resides on an NFS @@ -1064,33 +1198,24 @@ volume). It is recommended that it not be accessible by others. The format of this file is described above. Users will place the contents of their +.Pa identity.pub , .Pa id_dsa.pub and/or .Pa id_rsa.pub files into this file, as described in .Xr ssh-keygen 1 . -.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts" +.It Pa "/etc/ssh/ssh_known_hosts" and "$HOME/.ssh/known_hosts" These files are consulted when using rhosts with RSA host -authentication to check the public key of the host. +authentication or protocol version 2 hostbased authentication +to check the public key of the host. The key must be listed in one of these files to be accepted. The client uses the same files to verify that it is connecting to the correct remote host. These files should be writable only by root/the owner. -.Pa /etc/ssh_known_hosts +.Pa /etc/ssh/ssh_known_hosts should be world-readable, and .Pa $HOME/.ssh/known_hosts can but need not be world-readable. -.It Pa "/etc/ssh_known_hosts2" and "$HOME/.ssh/known_hosts2" -These files are consulted when using protocol version 2 hostbased -authentication to check the public key of the host. -The key must be listed in one of these files to be accepted. -The client uses the same files -to verify that it is connecting to the correct remote host. -These files should be writable only by root/the owner. -.Pa /etc/ssh_known_hosts2 -should be world-readable, and -.Pa $HOME/.ssh/known_hosts2 -can but need not be world-readable. .It Pa /etc/nologin If this file exists, .Nm @@ -1100,9 +1225,8 @@ are displayed to anyone trying to log in, and non-root connections are refused. The file should be world-readable. .It Pa /etc/hosts.allow, /etc/hosts.deny -If compiled with -.Sy LIBWRAP -support, tcp-wrappers access controls may be defined here as described in +Access controls that should be enforced by tcp-wrappers are defined here. +Further details are described in .Xr hosts_access 5 . .It Pa $HOME/.rhosts This file contains host-username pairs, separated by a space, one per @@ -1196,13 +1320,13 @@ something similar to: .Ed .Pp If this file does not exist, -.Pa /etc/sshrc +.Pa /etc/ssh/sshrc is run, and if that does not exist either, xauth is used to store the cookie. .Pp This file should be writable only by the user, and need not be readable by anyone else. -.It Pa /etc/sshrc +.It Pa /etc/ssh/sshrc Like .Pa $HOME/.ssh/rc . This can be used to specify @@ -1221,13 +1345,13 @@ protocol versions 1.5 and 2.0. .Sh SEE ALSO .Xr scp 1 , .Xr sftp 1 , -.Xr sftp-server 8 , .Xr ssh 1 , .Xr ssh-add 1 , .Xr ssh-agent 1 , .Xr ssh-keygen 1 , -.Xr rlogin 1 , -.Xr rsh 1 +.Xr login.conf 5 , +.Xr moduli 5 , +.Xr sftp-server 8 .Rs .%A T. Ylonen .%A T. Kivinen @@ -1235,8 +1359,8 @@ protocol versions 1.5 and 2.0. .%A T. Rinne .%A S. Lehtinen .%T "SSH Protocol Architecture" -.%N draft-ietf-secsh-architecture-07.txt -.%D January 2001 +.%N draft-ietf-secsh-architecture-09.txt +.%D July 2001 .%O work in progress material .Re .Rs @@ -1244,7 +1368,7 @@ protocol versions 1.5 and 2.0. .%A N. Provos .%A W. A. Simpson .%T "Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol" -.%N draft-ietf-secsh-dh-group-exchange-00.txt -.%D January 2001 +.%N draft-ietf-secsh-dh-group-exchange-01.txt +.%D April 2001 .%O work in progress material .Re diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 2c7b201f0400..eca004fa0925 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -40,11 +40,11 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshd.c,v 1.195 2001/04/15 16:58:03 markus Exp $"); +RCSID("$OpenBSD: sshd.c,v 1.228 2002/02/27 21:23:13 stevesk Exp $"); #include <openssl/dh.h> #include <openssl/bn.h> -#include <openssl/hmac.h> +#include <openssl/md5.h> #include "ssh.h" #include "ssh1.h" @@ -71,6 +71,7 @@ RCSID("$OpenBSD: sshd.c,v 1.195 2001/04/15 16:58:03 markus Exp $"); #include "auth.h" #include "misc.h" #include "dispatch.h" +#include "channels.h" #ifdef LIBWRAP #include <tcpd.h> @@ -105,6 +106,9 @@ int IPv4or6 = AF_UNSPEC; */ int debug_flag = 0; +/* Flag indicating that the daemon should only test the configuration and keys. */ +int test_flag = 0; + /* Flag indicating that the daemon is being started from inetd. */ int inetd_flag = 0; @@ -156,10 +160,11 @@ struct { * Flag indicating whether the RSA server key needs to be regenerated. * Is set in the SIGALRM handler and cleared when the key is regenerated. */ -int key_do_regen = 0; +static volatile sig_atomic_t key_do_regen = 0; -/* This is set to true when SIGHUP is received. */ -int received_sighup = 0; +/* This is set to true when a signal is received. */ +static volatile sig_atomic_t received_sighup = 0; +static volatile sig_atomic_t received_sigterm = 0; /* session identifier, used by RSA-auth */ u_char session_id[16]; @@ -171,17 +176,20 @@ int session_id2_len = 0; /* record remote hostname or ip */ u_int utmp_len = MAXHOSTNAMELEN; +/* options.max_startup sized array of fd ints */ +int *startup_pipes = NULL; +int startup_pipe; /* in child */ + /* Prototypes for various functions defined later in this file. */ -void do_ssh1_kex(void); -void do_ssh2_kex(void); +void destroy_sensitive_data(void); -void ssh_dh1_server(Kex *, Buffer *_kexinit, Buffer *); -void ssh_dhgex_server(Kex *, Buffer *_kexinit, Buffer *); +static void do_ssh1_kex(void); +static void do_ssh2_kex(void); /* * Close all listening sockets */ -void +static void close_listen_socks(void) { int i; @@ -190,27 +198,41 @@ close_listen_socks(void) num_listen_socks = -1; } +static void +close_startup_pipes(void) +{ + int i; + if (startup_pipes) + for (i = 0; i < options.max_startups; i++) + if (startup_pipes[i] != -1) + close(startup_pipes[i]); +} + /* * Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; * the effect is to reread the configuration file (and to regenerate * the server key). */ -void +static void sighup_handler(int sig) { + int save_errno = errno; + received_sighup = 1; signal(SIGHUP, sighup_handler); + errno = save_errno; } /* * Called from the main program after receiving SIGHUP. * Restarts the server. */ -void +static void sighup_restart(void) { log("Received SIGHUP; restarting."); close_listen_socks(); + close_startup_pipes(); execv(saved_argv[0], saved_argv); log("RESTART FAILED: av[0]='%.100s', error: %.100s.", saved_argv[0], strerror(errno)); exit(1); @@ -218,23 +240,18 @@ sighup_restart(void) /* * Generic signal handler for terminating signals in the master daemon. - * These close the listen socket; not closing it seems to cause "Address - * already in use" problems on some machines, which is inconvenient. */ -void +static void sigterm_handler(int sig) { - log("Received signal %d; terminating.", sig); - close_listen_socks(); - unlink(options.pid_file); - exit(255); + received_sigterm = sig; } /* * SIGCHLD handler. This is called whenever a child dies. This will then - * reap any zombies left by exited c. + * reap any zombies left by exited children. */ -void +static void main_sigchld_handler(int sig) { int save_errno = errno; @@ -250,9 +267,11 @@ main_sigchld_handler(int sig) /* * Signal handler for the alarm after the login grace period has expired. */ -void +static void grace_alarm_handler(int sig) { + /* XXX no idea how fix this signal handler */ + /* Close the connection. */ packet_close(); @@ -267,7 +286,7 @@ grace_alarm_handler(int sig) * Thus there should be no concurrency control/asynchronous execution * problems. */ -void +static void generate_ephemeral_server_key(void) { u_int32_t rand = 0; @@ -290,7 +309,7 @@ generate_ephemeral_server_key(void) arc4random_stir(); } -void +static void key_regeneration_alarm(int sig) { int save_errno = errno; @@ -299,7 +318,7 @@ key_regeneration_alarm(int sig) key_do_regen = 1; } -void +static void sshd_exchange_identification(int sock_in, int sock_out) { int i, mismatch; @@ -327,7 +346,7 @@ sshd_exchange_identification(int sock_in, int sock_out) /* Send our protocol version identification. */ if (atomicio(write, sock_out, server_version_string, strlen(server_version_string)) != strlen(server_version_string)) { - log("Could not write ident string to %s.", get_remote_ipaddr()); + log("Could not write ident string to %s", get_remote_ipaddr()); fatal_cleanup(); } @@ -335,7 +354,7 @@ sshd_exchange_identification(int sock_in, int sock_out) memset(buf, 0, sizeof(buf)); for (i = 0; i < sizeof(buf) - 1; i++) { if (atomicio(read, sock_in, &buf[i], 1) != 1) { - log("Did not receive identification string from %s.", + log("Did not receive identification string from %s", get_remote_ipaddr()); fatal_cleanup(); } @@ -371,7 +390,7 @@ sshd_exchange_identification(int sock_in, int sock_out) fatal_cleanup(); } debug("Client protocol version %d.%d; client software version %.100s", - remote_major, remote_minor, remote_version); + remote_major, remote_minor, remote_version); compat_datafellows(remote_version); @@ -382,7 +401,7 @@ sshd_exchange_identification(int sock_in, int sock_out) } mismatch = 0; - switch(remote_major) { + switch (remote_major) { case 1: if (remote_minor == 99) { if (options.protocol & SSH_PROTO_2) @@ -426,8 +445,6 @@ sshd_exchange_identification(int sock_in, int sock_out) server_version_string, client_version_string); fatal_cleanup(); } - if (compat20) - packet_set_ssh2_format(); } @@ -441,7 +458,7 @@ destroy_sensitive_data(void) key_free(sensitive_data.server_key); sensitive_data.server_key = NULL; } - for(i = 0; i < options.num_host_key_files; i++) { + for (i = 0; i < options.num_host_key_files; i++) { if (sensitive_data.host_keys[i]) { key_free(sensitive_data.host_keys[i]); sensitive_data.host_keys[i] = NULL; @@ -451,36 +468,40 @@ destroy_sensitive_data(void) memset(sensitive_data.ssh1_cookie, 0, SSH_SESSION_KEY_LENGTH); } -char * +static char * list_hostkey_types(void) { - static char buf[1024]; + Buffer b; + char *p; int i; - buf[0] = '\0'; - for(i = 0; i < options.num_host_key_files; i++) { + + buffer_init(&b); + for (i = 0; i < options.num_host_key_files; i++) { Key *key = sensitive_data.host_keys[i]; if (key == NULL) continue; - switch(key->type) { + switch (key->type) { case KEY_RSA: case KEY_DSA: - strlcat(buf, key_ssh_name(key), sizeof buf); - strlcat(buf, ",", sizeof buf); + if (buffer_len(&b) > 0) + buffer_append(&b, ",", 1); + p = key_ssh_name(key); + buffer_append(&b, p, strlen(p)); break; } } - i = strlen(buf); - if (i > 0 && buf[i-1] == ',') - buf[i-1] = '\0'; - debug("list_hostkey_types: %s", buf); - return buf; + buffer_append(&b, "\0", 1); + p = xstrdup(buffer_ptr(&b)); + buffer_free(&b); + debug("list_hostkey_types: %s", p); + return p; } -Key * +static Key * get_hostkey_by_type(int type) { int i; - for(i = 0; i < options.num_host_key_files; i++) { + for (i = 0; i < options.num_host_key_files; i++) { Key *key = sensitive_data.host_keys[i]; if (key != NULL && key->type == type) return key; @@ -494,7 +515,7 @@ get_hostkey_by_type(int type) * of (max_startups_rate/100). the probability increases linearly until * all connections are dropped for startups > max_startups */ -int +static int drop_connection(int startups) { double p, r; @@ -517,8 +538,30 @@ drop_connection(int startups) return (r < p) ? 1 : 0; } -int *startup_pipes = NULL; /* options.max_startup sized array of fd ints */ -int startup_pipe; /* in child */ +static void +usage(void) +{ + fprintf(stderr, "sshd version %s\n", SSH_VERSION); + fprintf(stderr, "Usage: %s [options]\n", __progname); + fprintf(stderr, "Options:\n"); + fprintf(stderr, " -f file Configuration file (default %s)\n", _PATH_SERVER_CONFIG_FILE); + fprintf(stderr, " -d Debugging mode (multiple -d means more debugging)\n"); + fprintf(stderr, " -i Started from inetd\n"); + fprintf(stderr, " -D Do not fork into daemon mode\n"); + fprintf(stderr, " -t Only test configuration file and keys\n"); + fprintf(stderr, " -q Quiet (no logging)\n"); + fprintf(stderr, " -p port Listen on the specified port (default: 22)\n"); + fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n"); + fprintf(stderr, " -g seconds Grace period for authentication (default: 600)\n"); + fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n"); + fprintf(stderr, " -h file File from which to read host key (default: %s)\n", + _PATH_HOST_KEY_FILE); + fprintf(stderr, " -u len Maximum hostname length for utmp recording\n"); + fprintf(stderr, " -4 Use IPv4 only\n"); + fprintf(stderr, " -6 Use IPv6 only\n"); + fprintf(stderr, " -o option Process the option as if it was read from a configuration file.\n"); + exit(1); +} /* * Main program for the daemon. @@ -552,7 +595,7 @@ main(int ac, char **av) initialize_server_options(&options); /* Parse command-line arguments. */ - while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:dDeiqQ46")) != -1) { + while ((opt = getopt(ac, av, "f:p:b:k:h:g:V:u:o:dDeiqtQ46")) != -1) { switch (opt) { case '4': IPv4or6 = AF_INET; @@ -605,10 +648,16 @@ main(int ac, char **av) } break; case 'g': - options.login_grace_time = atoi(optarg); + if ((options.login_grace_time = convtime(optarg)) == -1) { + fprintf(stderr, "Invalid login grace time.\n"); + exit(1); + } break; case 'k': - options.key_regeneration_time = atoi(optarg); + if ((options.key_regeneration_time = convtime(optarg)) == -1) { + fprintf(stderr, "Invalid key regeneration interval.\n"); + exit(1); + } break; case 'h': if (options.num_host_key_files >= MAX_HOSTKEYS) { @@ -622,40 +671,35 @@ main(int ac, char **av) /* only makes sense with inetd_flag, i.e. no listen() */ inetd_flag = 1; break; + case 't': + test_flag = 1; + break; case 'u': utmp_len = atoi(optarg); break; + case 'o': + if (process_server_config_line(&options, optarg, + "command-line", 0) != 0) + exit(1); + break; case '?': default: - fprintf(stderr, "sshd version %s\n", SSH_VERSION); - fprintf(stderr, "Usage: %s [options]\n", __progname); - fprintf(stderr, "Options:\n"); - fprintf(stderr, " -f file Configuration file (default %s)\n", _PATH_SERVER_CONFIG_FILE); - fprintf(stderr, " -d Debugging mode (multiple -d means more debugging)\n"); - fprintf(stderr, " -i Started from inetd\n"); - fprintf(stderr, " -D Do not fork into daemon mode\n"); - fprintf(stderr, " -q Quiet (no logging)\n"); - fprintf(stderr, " -p port Listen on the specified port (default: 22)\n"); - fprintf(stderr, " -k seconds Regenerate server key every this many seconds (default: 3600)\n"); - fprintf(stderr, " -g seconds Grace period for authentication (default: 600)\n"); - fprintf(stderr, " -b bits Size of server RSA key (default: 768 bits)\n"); - fprintf(stderr, " -h file File from which to read host key (default: %s)\n", - _PATH_HOST_KEY_FILE); - fprintf(stderr, " -u len Maximum hostname length for utmp recording\n"); - fprintf(stderr, " -4 Use IPv4 only\n"); - fprintf(stderr, " -6 Use IPv6 only\n"); - exit(1); + usage(); + break; } } SSLeay_add_all_algorithms(); + channel_set_af(IPv4or6); /* * Force logging to stderr until we have loaded the private host * key (unless started from inetd) */ log_init(__progname, - options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level, - options.log_facility == -1 ? SYSLOG_FACILITY_AUTH : options.log_facility, + options.log_level == SYSLOG_LEVEL_NOT_SET ? + SYSLOG_LEVEL_INFO : options.log_level, + options.log_facility == SYSLOG_FACILITY_NOT_SET ? + SYSLOG_FACILITY_AUTH : options.log_facility, !inetd_flag); /* Read server configuration options from the configuration file. */ @@ -674,14 +718,14 @@ main(int ac, char **av) /* load private host keys */ sensitive_data.host_keys = xmalloc(options.num_host_key_files*sizeof(Key*)); - for(i = 0; i < options.num_host_key_files; i++) + for (i = 0; i < options.num_host_key_files; i++) sensitive_data.host_keys[i] = NULL; sensitive_data.server_key = NULL; sensitive_data.ssh1_host_key = NULL; sensitive_data.have_ssh1_key = 0; sensitive_data.have_ssh2_key = 0; - for(i = 0; i < options.num_host_key_files; i++) { + for (i = 0; i < options.num_host_key_files; i++) { key = key_load_private(options.host_key_files[i], "", NULL); sensitive_data.host_keys[i] = key; if (key == NULL) { @@ -690,7 +734,7 @@ main(int ac, char **av) sensitive_data.host_keys[i] = NULL; continue; } - switch(key->type){ + switch (key->type) { case KEY_RSA1: sensitive_data.ssh1_host_key = key; sensitive_data.have_ssh1_key = 1; @@ -739,6 +783,10 @@ main(int ac, char **av) } } + /* Configuration looks good, so exit if in test mode. */ + if (test_flag) + exit(0); + /* Initialize the log (it is reinitialized below in case we forked). */ if (debug_flag && !inetd_flag) log_stderr = 1; @@ -774,7 +822,7 @@ main(int ac, char **av) /* Chdir to the root directory so that the current disk can be unmounted if desired. */ chdir("/"); - + /* ignore SIGPIPE */ signal(SIGPIPE, SIG_IGN); @@ -826,11 +874,11 @@ main(int ac, char **av) * close. */ setsockopt(listen_sock, SOL_SOCKET, SO_REUSEADDR, - (void *) &on, sizeof(on)); + &on, sizeof(on)); linger.l_onoff = 1; linger.l_linger = 5; setsockopt(listen_sock, SOL_SOCKET, SO_LINGER, - (void *) &linger, sizeof(linger)); + &linger, sizeof(linger)); debug("Bind to port %s on %s.", strport, ntop); @@ -855,6 +903,22 @@ main(int ac, char **av) if (!num_listen_socks) fatal("Cannot bind any address."); + if (options.protocol & SSH_PROTO_1) + generate_ephemeral_server_key(); + + /* + * Arrange to restart on SIGHUP. The handler needs + * listen_sock. + */ + signal(SIGHUP, sighup_handler); + + signal(SIGTERM, sigterm_handler); + signal(SIGQUIT, sigterm_handler); + + /* Arrange SIGCHLD to be caught. */ + signal(SIGCHLD, main_sigchld_handler); + + /* Write out the pid file after the sigterm handler is setup */ if (!debug_flag) { /* * Record our pid in /var/run/sshd.pid to make it @@ -869,17 +933,6 @@ main(int ac, char **av) fclose(f); } } - if (options.protocol & SSH_PROTO_1) - generate_ephemeral_server_key(); - - /* Arrange to restart on SIGHUP. The handler needs listen_sock. */ - signal(SIGHUP, sighup_handler); - - signal(SIGTERM, sigterm_handler); - signal(SIGQUIT, sigterm_handler); - - /* Arrange SIGCHLD to be caught. */ - signal(SIGCHLD, main_sigchld_handler); /* setup fd set for listen */ fdset = NULL; @@ -915,6 +968,13 @@ main(int ac, char **av) ret = select(maxfd+1, fdset, NULL, NULL, NULL); if (ret < 0 && errno != EINTR) error("select: %.100s", strerror(errno)); + if (received_sigterm) { + log("Received signal %d; terminating.", + (int) received_sigterm); + close_listen_socks(); + unlink(options.pid_file); + exit(255); + } if (key_used && key_do_regen) { generate_ephemeral_server_key(); key_used = 0; @@ -949,6 +1009,7 @@ main(int ac, char **av) } if (fcntl(newsock, F_SETFL, 0) < 0) { error("newsock del O_NONBLOCK: %s", strerror(errno)); + close(newsock); continue; } if (drop_connection(startups) == 1) { @@ -1002,9 +1063,7 @@ main(int ac, char **av) * the connection. */ startup_pipe = startup_p[1]; - for (j = 0; j < options.max_startups; j++) - if (startup_pipes[j] != -1) - close(startup_pipes[j]); + close_startup_pipes(); close_listen_socks(); sock_in = newsock; sock_out = newsock; @@ -1063,11 +1122,11 @@ main(int ac, char **av) /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */ linger.l_onoff = 1; linger.l_linger = 5; - setsockopt(sock_in, SOL_SOCKET, SO_LINGER, (void *) &linger, sizeof(linger)); + setsockopt(sock_in, SOL_SOCKET, SO_LINGER, &linger, sizeof(linger)); /* Set keepalives if requested. */ if (options.keepalives && - setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, + setsockopt(sock_in, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) < 0) error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno)); @@ -1080,23 +1139,23 @@ main(int ac, char **av) remote_port = get_remote_port(); remote_ip = get_remote_ipaddr(); - /* Check whether logins are denied from this host. */ #ifdef LIBWRAP - /* XXX LIBWRAP noes not know about IPv6 */ + /* Check whether logins are denied from this host. */ { struct request_info req; - request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, NULL); + request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); fromhost(&req); if (!hosts_access(&req)) { + debug("Connection refused by tcp wrapper"); refuse(&req); - close(sock_in); - close(sock_out); + /* NOTREACHED */ + fatal("libwrap refuse returns"); } -/*XXX IPv6 verbose("Connection from %.500s port %d", eval_client(&req), remote_port); */ } #endif /* LIBWRAP */ + /* Log the connection. */ verbose("Connection from %.500s port %d", remote_ip, remote_port); @@ -1120,19 +1179,20 @@ main(int ac, char **av) * machine, he can connect from any port. So do not use these * authentication methods from machines that you do not trust. */ - if (remote_port >= IPPORT_RESERVED || - remote_port < IPPORT_RESERVED / 2) { + if (options.rhosts_authentication && + (remote_port >= IPPORT_RESERVED || + remote_port < IPPORT_RESERVED / 2)) { debug("Rhosts Authentication disabled, " - "originating port not trusted."); + "originating port %d not trusted.", remote_port); options.rhosts_authentication = 0; } -#ifdef KRB4 +#if defined(KRB4) && !defined(KRB5) if (!packet_connection_is_ipv4() && options.kerberos_authentication) { debug("Kerberos Authentication disabled, only available for IPv4."); options.kerberos_authentication = 0; } -#endif /* KRB4 */ +#endif /* KRB4 && !KRB5 */ #ifdef AFS /* If machine has AFS, set process authentication group. */ if (k_hasafs()) { @@ -1152,13 +1212,6 @@ main(int ac, char **av) do_ssh1_kex(); do_authentication(); } - -#ifdef KRB4 - /* Cleanup user's ticket cache file. */ - if (options.kerberos_ticket_cleanup) - (void) dest_tkt(); -#endif /* KRB4 */ - /* The connection has been terminated. */ verbose("Closing connection to %.100s", remote_ip); packet_close(); @@ -1168,11 +1221,10 @@ main(int ac, char **av) /* * SSH1 key exchange */ -void +static void do_ssh1_kex(void) { int i, len; - int plen, slen; int rsafail = 0; BIGNUM *session_key_int; u_char session_key[SSH_SESSION_KEY_LENGTH]; @@ -1229,17 +1281,19 @@ do_ssh1_kex(void) auth_mask |= 1 << SSH_AUTH_RHOSTS_RSA; if (options.rsa_authentication) auth_mask |= 1 << SSH_AUTH_RSA; -#ifdef KRB4 +#if defined(KRB4) || defined(KRB5) if (options.kerberos_authentication) auth_mask |= 1 << SSH_AUTH_KERBEROS; #endif -#ifdef AFS +#if defined(AFS) || defined(KRB5) if (options.kerberos_tgt_passing) auth_mask |= 1 << SSH_PASS_KERBEROS_TGT; +#endif +#ifdef AFS if (options.afs_token_passing) auth_mask |= 1 << SSH_PASS_AFS_TOKEN; #endif - if (options.challenge_reponse_authentication == 1) + if (options.challenge_response_authentication == 1) auth_mask |= 1 << SSH_AUTH_TIS; if (options.password_authentication) auth_mask |= 1 << SSH_AUTH_PASSWORD; @@ -1254,7 +1308,7 @@ do_ssh1_kex(void) BN_num_bits(sensitive_data.ssh1_host_key->rsa->n)); /* Read clients reply (cipher type and session key). */ - packet_read_expect(&plen, SSH_CMSG_SESSION_KEY); + packet_read_expect(SSH_CMSG_SESSION_KEY); /* Get cipher type and check whether we accept this. */ cipher_type = packet_get_char(); @@ -1271,13 +1325,13 @@ do_ssh1_kex(void) debug("Encryption type: %.200s", cipher_name(cipher_type)); /* Get the encrypted integer. */ - session_key_int = BN_new(); - packet_get_bignum(session_key_int, &slen); + if ((session_key_int = BN_new()) == NULL) + fatal("do_ssh1_kex: BN_new failed"); + packet_get_bignum(session_key_int); protocol_flags = packet_get_int(); packet_set_protocol_flags(protocol_flags); - - packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY); + packet_check_eom(); /* * Decrypt it using our private server key and private host key (key @@ -1347,7 +1401,7 @@ do_ssh1_kex(void) } if (rsafail) { int bytes = BN_num_bytes(session_key_int); - char *buf = xmalloc(bytes); + u_char *buf = xmalloc(bytes); MD5_CTX md; log("do_connection: generating a fake encryption key"); @@ -1389,7 +1443,7 @@ do_ssh1_kex(void) /* * SSH2 key exchange: diffie-hellman-group1-sha1 */ -void +static void do_ssh2_kex(void) { Kex *kex; diff --git a/crypto/openssh/sshd/Makefile b/crypto/openssh/sshd/Makefile index 5ccce8d9fc94..8fdd8e6b676b 100644 --- a/crypto/openssh/sshd/Makefile +++ b/crypto/openssh/sshd/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.38 2001/03/29 21:17:40 markus Exp $ +# $OpenBSD: Makefile,v 1.46 2002/03/05 00:49:51 deraadt Exp $ .PATH: ${.CURDIR}/.. @@ -7,15 +7,23 @@ BINOWN= root BINMODE=555 BINDIR= /usr/sbin MAN= sshd.8 -CFLAGS+=-DHAVE_LOGIN_CAP +CFLAGS+=-DHAVE_LOGIN_CAP -DBSD_AUTH SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ sshpty.c sshlogin.c servconf.c serverloop.c \ auth.c auth1.c auth2.c auth-options.c session.c \ - auth-chall.c auth2-chall.c groupaccess.c + auth-chall.c auth2-chall.c groupaccess.c \ + auth-skey.c auth-bsdauth.c .include <bsd.own.mk> # for KERBEROS and AFS +.if (${KERBEROS5:L} == "yes") +CFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/kerberosV +SRCS+= auth-krb5.c +LDADD+= -lkrb5 -lkafs -lasn1 -lcom_err +DPADD+= ${LIBKRB5} ${LIBKAFS} ${LIBASN1} +.endif # KERBEROS5 + .if (${KERBEROS:L} == "yes") .if (${AFS:L} == "yes") CFLAGS+= -DAFS @@ -30,7 +38,7 @@ DPADD+= ${LIBKRB} .include <bsd.prog.mk> -LDADD+= -lcrypto -lutil -lz +LDADD+= -lcrypto -lutil -lz -ldes DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} .if (${TCP_WRAPPERS:L} == "yes") @@ -39,8 +47,8 @@ LDADD+= -lwrap DPADD+= ${LIBWRAP} .endif -.if (${SKEY:L} == "yes") -CFLAGS+= -DSKEY -LDADD+= -lskey -DPADD+= ${SKEY} -.endif +#.if (${SKEY:L} == "yes") +#CFLAGS+= -DSKEY +#LDADD+= -lskey +#DPADD+= ${SKEY} +#.endif diff --git a/crypto/openssh/sshd_config b/crypto/openssh/sshd_config index 1b7c9d767b61..4529861092c4 100644 --- a/crypto/openssh/sshd_config +++ b/crypto/openssh/sshd_config @@ -1,66 +1,86 @@ -# $OpenBSD: sshd_config,v 1.38 2001/04/15 21:41:29 deraadt Exp $ +# $OpenBSD: sshd_config,v 1.48 2002/02/19 02:50:59 deraadt Exp $ # This is the sshd server system-wide configuration file. See sshd(8) # for more information. -Port 22 +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options change a +# default value. + +#Port 22 #Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: -HostKey /etc/ssh_host_key -HostKey /etc/ssh_host_rsa_key -HostKey /etc/ssh_host_dsa_key -ServerKeyBits 768 -LoginGraceTime 600 -KeyRegenerationInterval 3600 -PermitRootLogin yes -# -# Don't read ~/.rhosts and ~/.shosts files -IgnoreRhosts yes -# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication -#IgnoreUserKnownHosts yes -StrictModes yes -X11Forwarding no -X11DisplayOffset 10 -PrintMotd yes -#PrintLastLog no -KeepAlive yes + +# HostKey for protocol version 1 +#HostKey /etc/ssh/ssh_host_key +# HostKeys for protocol version 2 +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_dsa_key + +# Lifetime and size of ephemeral version 1 server key +#KeyRegenerationInterval 3600 +#ServerKeyBits 768 # Logging -SyslogFacility AUTH -LogLevel INFO #obsoletes QuietMode and FascistLogging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: -RhostsAuthentication no -# -# For this to work you will also need host keys in /etc/ssh_known_hosts -RhostsRSAAuthentication no +#LoginGraceTime 600 +#PermitRootLogin yes +#StrictModes yes + +#RSAAuthentication yes +#PubkeyAuthentication yes +#AuthorizedKeysFile .ssh/authorized_keys + +# rhosts authentication should not be used +#RhostsAuthentication no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#RhostsRSAAuthentication no # similar for protocol version 2 -HostbasedAuthentication no -# -RSAAuthentication yes +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# RhostsRSAAuthentication and HostbasedAuthentication +#IgnoreUserKnownHosts no # To disable tunneled clear text passwords, change to no here! -PasswordAuthentication yes -PermitEmptyPasswords no +#PasswordAuthentication yes +#PermitEmptyPasswords no -# Uncomment to disable s/key passwords -#ChallengeResponseAuthentication no +# Change to no to disable s/key passwords +#ChallengeResponseAuthentication yes -# To change Kerberos options -#KerberosAuthentication no +# Kerberos options +# KerberosAuthentication automatically enabled if keyfile exists +#KerberosAuthentication yes #KerberosOrLocalPasswd yes -#AFSTokenPassing no -#KerberosTicketCleanup no +#KerberosTicketCleanup yes + +# AFSTokenPassing automatically enabled if k_hasafs() is true +#AFSTokenPassing yes -# Kerberos TGT Passing does only work with the AFS kaserver -#KerberosTgtPassing yes +# Kerberos TGT Passing only works with the AFS kaserver +#KerberosTgtPassing no -#CheckMail yes +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PrintMotd yes +#PrintLastLog yes +#KeepAlive yes #UseLogin no -#MaxStartups 10:30:60 -#Banner /etc/issue.net -#ReverseMappingCheck yes +#MaxStartups 10 +# no default banner path +#Banner /some/path +#VerifyReverseMapping no +# override default of no subsystems Subsystem sftp /usr/libexec/sftp-server diff --git a/crypto/openssh/sshlogin.c b/crypto/openssh/sshlogin.c index a8a76c6156d7..c6e2ad4fe279 100644 --- a/crypto/openssh/sshlogin.c +++ b/crypto/openssh/sshlogin.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $"); +RCSID("$OpenBSD: sshlogin.c,v 1.3 2001/12/19 07:18:56 deraadt Exp $"); #include <util.h> #include <utmp.h> @@ -86,7 +86,7 @@ get_last_login_time(uid_t uid, const char *logname, void record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr * addr) + const char *host, struct sockaddr * addr) { int fd; struct lastlog ll; diff --git a/crypto/openssh/sshlogin.h b/crypto/openssh/sshlogin.h index 7285bc23e60a..27a838646a94 100644 --- a/crypto/openssh/sshlogin.h +++ b/crypto/openssh/sshlogin.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshlogin.h,v 1.1 2001/03/04 01:46:30 djm Exp $ */ +/* $OpenBSD: sshlogin.h,v 1.3 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -14,27 +14,10 @@ #ifndef SSHLOGIN_H #define SSHLOGIN_H -/* - * Returns the time when the user last logged in. Returns 0 if the - * information is not available. This must be called before record_login. - * The host from which the user logged in is stored in buf. - */ -u_long -get_last_login_time(uid_t uid, const char *logname, - char *buf, u_int bufsize); - -/* - * Records that the user has logged in. This does many things normally done - * by login(1). - */ void -record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr *addr); - -/* - * Records that the user has logged out. This does many thigs normally done - * by login(1) or init. - */ -void record_logout(pid_t pid, const char *ttyname); +record_login(pid_t, const char *, const char *, uid_t, + const char *, struct sockaddr *); +void record_logout(pid_t, const char *); +u_long get_last_login_time(uid_t, const char *, char *, u_int); #endif diff --git a/crypto/openssh/sshpty.c b/crypto/openssh/sshpty.c index d0f255436ed3..b21d3cc17691 100644 --- a/crypto/openssh/sshpty.c +++ b/crypto/openssh/sshpty.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshpty.c,v 1.1 2001/03/04 01:46:30 djm Exp $"); +RCSID("$OpenBSD: sshpty.c,v 1.4 2001/12/19 07:18:56 deraadt Exp $"); #include <util.h> #include "sshpty.h" @@ -131,7 +131,7 @@ pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen) *ttyfd = open(name, O_RDWR | O_NOCTTY); if (*ttyfd < 0) { error("Could not open pty slave side %.100s: %.100s", - name, strerror(errno)); + name, strerror(errno)); close(*ptyfd); return 0; } @@ -224,7 +224,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) fd = open(_PATH_TTY, O_WRONLY); if (fd < 0) error("open /dev/tty failed - could not set controlling tty: %.100s", - strerror(errno)); + strerror(errno)); else { close(fd); } @@ -234,7 +234,7 @@ pty_make_controlling_tty(int *ttyfd, const char *ttyname) void pty_change_window_size(int ptyfd, int row, int col, - int xpixel, int ypixel) + int xpixel, int ypixel) { struct winsize w; w.ws_row = row; @@ -264,7 +264,8 @@ pty_setowner(struct passwd *pw, const char *ttyname) /* * Change owner and mode of the tty as required. - * Warn but continue if filesystem is read-only and the uids match. + * Warn but continue if filesystem is read-only and the uids match/ + * tty is owned by root. */ if (stat(ttyname, &st)) fatal("stat(%.100s) failed: %.100s", ttyname, @@ -272,14 +273,15 @@ pty_setowner(struct passwd *pw, const char *ttyname) if (st.st_uid != pw->pw_uid || st.st_gid != gid) { if (chown(ttyname, pw->pw_uid, gid) < 0) { - if (errno == EROFS && st.st_uid == pw->pw_uid) + if (errno == EROFS && + (st.st_uid == pw->pw_uid || st.st_uid == 0)) error("chown(%.100s, %d, %d) failed: %.100s", - ttyname, pw->pw_uid, gid, - strerror(errno)); + ttyname, pw->pw_uid, gid, + strerror(errno)); else fatal("chown(%.100s, %d, %d) failed: %.100s", - ttyname, pw->pw_uid, gid, - strerror(errno)); + ttyname, pw->pw_uid, gid, + strerror(errno)); } } @@ -288,10 +290,10 @@ pty_setowner(struct passwd *pw, const char *ttyname) if (errno == EROFS && (st.st_mode & (S_IRGRP | S_IROTH)) == 0) error("chmod(%.100s, 0%o) failed: %.100s", - ttyname, mode, strerror(errno)); + ttyname, mode, strerror(errno)); else fatal("chmod(%.100s, 0%o) failed: %.100s", - ttyname, mode, strerror(errno)); + ttyname, mode, strerror(errno)); } } } diff --git a/crypto/openssh/sshpty.h b/crypto/openssh/sshpty.h index d7aac0f55593..df65e284e4c3 100644 --- a/crypto/openssh/sshpty.h +++ b/crypto/openssh/sshpty.h @@ -1,3 +1,5 @@ +/* $OpenBSD: sshpty.h,v 1.4 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -12,36 +14,13 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: sshpty.h,v 1.1 2001/03/04 01:46:30 djm Exp $"); */ - #ifndef SSHPTY_H #define SSHPTY_H -/* - * Allocates and opens a pty. Returns 0 if no pty could be allocated, or - * nonzero if a pty was successfully allocated. On success, open file - * descriptors for the pty and tty sides and the name of the tty side are - * returned (the buffer must be able to hold at least 64 characters). - */ -int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname, int ttynamelen); - -/* - * Releases the tty. Its ownership is returned to root, and permissions to - * 0666. - */ -void pty_release(const char *ttyname); - -/* - * Makes the tty the processes controlling tty and sets it to sane modes. - * This may need to reopen the tty to get rid of possible eavesdroppers. - */ -void pty_make_controlling_tty(int *ttyfd, const char *ttyname); - -/* Changes the window size associated with the pty. */ -void -pty_change_window_size(int ptyfd, int row, int col, - int xpixel, int ypixel); - -void pty_setowner(struct passwd *pw, const char *ttyname); +int pty_allocate(int *, int *, char *, int); +void pty_release(const char *); +void pty_make_controlling_tty(int *, const char *); +void pty_change_window_size(int, int, int, int, int); +void pty_setowner(struct passwd *, const char *); #endif /* SSHPTY_H */ diff --git a/crypto/openssh/sshtty.c b/crypto/openssh/sshtty.c index 78498908fc60..5c016f80af87 100644 --- a/crypto/openssh/sshtty.c +++ b/crypto/openssh/sshtty.c @@ -1,4 +1,3 @@ -/* $OpenBSD: sshtty.c,v 1.1 2001/04/14 16:33:20 stevesk Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -36,6 +35,7 @@ */ #include "includes.h" +RCSID("$OpenBSD: sshtty.c,v 1.3 2002/03/04 17:27:39 stevesk Exp $"); #include "sshtty.h" #include "log.h" @@ -46,7 +46,7 @@ static int _in_raw_mode = 0; int in_raw_mode(void) { - return _in_raw_mode; + return _in_raw_mode; } struct termios diff --git a/crypto/openssh/sshtty.h b/crypto/openssh/sshtty.h index e29385e3522e..7ba4a2627273 100644 --- a/crypto/openssh/sshtty.h +++ b/crypto/openssh/sshtty.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshtty.h,v 1.1 2001/04/14 16:33:20 stevesk Exp $ */ +/* $OpenBSD: sshtty.h,v 1.2 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -40,26 +40,9 @@ #include <termios.h> -/* - * Accessor function indicating whether we are in raw mode. Set by - * enter_raw_mode() and leave_raw_mode(). - */ -int in_raw_mode(void); - -/* - * Return terminal modes, as saved by enter_raw_mode(). - */ +int in_raw_mode(void); struct termios get_saved_tio(void); - -/* - * Returns the user's terminal to normal mode if it had been - * put in raw mode. - */ -void leave_raw_mode(void); - -/* - * Puts the user's terminal in raw mode. - */ -void enter_raw_mode(void); +void leave_raw_mode(void); +void enter_raw_mode(void); #endif diff --git a/crypto/openssh/tildexpand.c b/crypto/openssh/tildexpand.c index 46bdaae87bab..e89a7ade8acd 100644 --- a/crypto/openssh/tildexpand.c +++ b/crypto/openssh/tildexpand.c @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: tildexpand.c,v 1.11 2001/02/08 19:30:53 itojun Exp $"); +RCSID("$OpenBSD: tildexpand.c,v 1.12 2001/08/11 22:51:27 jakob Exp $"); #include "xmalloc.h" #include "log.h" @@ -67,6 +67,6 @@ tilde_expand_filename(const char *filename, uid_t my_uid) if (len > MAXPATHLEN) fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1); expanded = xmalloc(len); - snprintf(expanded, len, "%s/%s", pw->pw_dir, cp + 1); + snprintf(expanded, len, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", cp + 1); return expanded; } diff --git a/crypto/openssh/tildexpand.h b/crypto/openssh/tildexpand.h index 88734f4bf5bd..f5e7e40bcc0d 100644 --- a/crypto/openssh/tildexpand.h +++ b/crypto/openssh/tildexpand.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tildexpand.h,v 1.2 2001/01/29 01:58:19 niklas Exp $ */ +/* $OpenBSD: tildexpand.h,v 1.4 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -12,8 +12,4 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* - * Expands tildes in the file name. Returns data allocated by xmalloc. - * Warning: this calls getpw*. - */ -char *tilde_expand_filename(const char *filename, uid_t my_uid); +char *tilde_expand_filename(const char *, uid_t); diff --git a/crypto/openssh/ttymodes.c b/crypto/openssh/ttymodes.c index 6124cb4b12b9..ccc001f20019 100644 --- a/crypto/openssh/ttymodes.c +++ b/crypto/openssh/ttymodes.c @@ -43,7 +43,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ttymodes.c,v 1.13 2001/04/15 01:35:22 stevesk Exp $"); +RCSID("$OpenBSD: ttymodes.c,v 1.16 2001/12/27 20:39:58 markus Exp $"); #include "packet.h" #include "log.h" @@ -275,22 +275,22 @@ tty_make_modes(int fd, struct termios *tiop) /* Store input and output baud rates. */ baud = speed_to_baud(cfgetospeed(&tio)); - debug2("tty_make_modes: ospeed %d", baud); + debug3("tty_make_modes: ospeed %d", baud); buffer_put_char(&buf, tty_op_ospeed); buffer_put_int(&buf, baud); baud = speed_to_baud(cfgetispeed(&tio)); - debug2("tty_make_modes: ispeed %d", baud); + debug3("tty_make_modes: ispeed %d", baud); buffer_put_char(&buf, tty_op_ispeed); buffer_put_int(&buf, baud); /* Store values of mode flags. */ #define TTYCHAR(NAME, OP) \ - debug2("tty_make_modes: %d %d", OP, tio.c_cc[NAME]); \ + debug3("tty_make_modes: %d %d", OP, tio.c_cc[NAME]); \ buffer_put_char(&buf, OP); \ put_arg(&buf, tio.c_cc[NAME]); #define TTYMODE(NAME, FIELD, OP) \ - debug2("tty_make_modes: %d %d", OP, ((tio.FIELD & NAME) != 0)); \ + debug3("tty_make_modes: %d %d", OP, ((tio.FIELD & NAME) != 0)); \ buffer_put_char(&buf, OP); \ put_arg(&buf, ((tio.FIELD & NAME) != 0)); @@ -326,7 +326,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) if (compat20) { *n_bytes_ptr = packet_get_int(); - debug2("tty_parse_modes: SSH2 n_bytes %d", *n_bytes_ptr); + debug3("tty_parse_modes: SSH2 n_bytes %d", *n_bytes_ptr); if (*n_bytes_ptr == 0) return; get_arg = packet_get_int; @@ -358,7 +358,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) case TTY_OP_ISPEED_PROTO2: n_bytes += 4; baud = packet_get_int(); - debug2("tty_parse_modes: ispeed %d", baud); + debug3("tty_parse_modes: ispeed %d", baud); if (failure != -1 && cfsetispeed(&tio, baud_to_speed(baud)) == -1) error("cfsetispeed failed for %d", baud); break; @@ -368,7 +368,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) case TTY_OP_OSPEED_PROTO2: n_bytes += 4; baud = packet_get_int(); - debug2("tty_parse_modes: ospeed %d", baud); + debug3("tty_parse_modes: ospeed %d", baud); if (failure != -1 && cfsetospeed(&tio, baud_to_speed(baud)) == -1) error("cfsetospeed failed for %d", baud); break; @@ -377,7 +377,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) case OP: \ n_bytes += arg_size; \ tio.c_cc[NAME] = get_arg(); \ - debug2("tty_parse_modes: %d %d", OP, tio.c_cc[NAME]); \ + debug3("tty_parse_modes: %d %d", OP, tio.c_cc[NAME]); \ break; #define TTYMODE(NAME, FIELD, OP) \ case OP: \ @@ -386,7 +386,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) tio.FIELD |= NAME; \ else \ tio.FIELD &= ~NAME; \ - debug2("tty_parse_modes: %d %d", OP, arg); \ + debug3("tty_parse_modes: %d %d", OP, arg); \ break; #include "ttymodes.h" @@ -396,7 +396,7 @@ tty_parse_modes(int fd, int *n_bytes_ptr) default: debug("Ignoring unsupported tty mode opcode %d (0x%x)", - opcode, opcode); + opcode, opcode); if (!compat20) { /* * SSH1: @@ -422,7 +422,6 @@ tty_parse_modes(int fd, int *n_bytes_ptr) * more coming after the mode data. */ log("parse_tty_modes: unknown opcode %d", opcode); - packet_integrity_check(0, 1, SSH_CMSG_REQUEST_PTY); goto set; } } else { diff --git a/crypto/openssh/ttymodes.h b/crypto/openssh/ttymodes.h index ad980e98cfe0..687059281cc1 100644 --- a/crypto/openssh/ttymodes.h +++ b/crypto/openssh/ttymodes.h @@ -1,4 +1,5 @@ -/* RCSID("$OpenBSD: ttymodes.h,v 1.11 2001/04/14 16:33:20 stevesk Exp $"); */ +/* $OpenBSD: ttymodes.h,v 1.12 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland diff --git a/crypto/openssh/uidswap.c b/crypto/openssh/uidswap.c index 39952e2b0fca..e794facd7706 100644 --- a/crypto/openssh/uidswap.c +++ b/crypto/openssh/uidswap.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: uidswap.c,v 1.16 2001/04/20 16:32:22 markus Exp $"); +RCSID("$OpenBSD: uidswap.c,v 1.19 2001/12/19 07:18:56 deraadt Exp $"); #include "log.h" #include "uidswap.h" @@ -54,8 +54,8 @@ temporarily_use_uid(struct passwd *pw) } privileged = 1; temporarily_use_uid_effective = 1; - saved_egid = getegid(); - saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups); + saved_egid = getegid(); + saved_egroupslen = getgroups(NGROUPS_MAX, saved_egroups); if (saved_egroupslen < 0) fatal("getgroups: %.100s", strerror(errno)); @@ -64,7 +64,7 @@ temporarily_use_uid(struct passwd *pw) if (initgroups(pw->pw_name, pw->pw_gid) < 0) fatal("initgroups: %s: %.100s", pw->pw_name, strerror(errno)); - user_groupslen = getgroups(NGROUPS_MAX, user_groups); + user_groupslen = getgroups(NGROUPS_MAX, user_groups); if (user_groupslen < 0) fatal("getgroups: %.100s", strerror(errno)); } diff --git a/crypto/openssh/uidswap.h b/crypto/openssh/uidswap.h index 228e5a5e98c5..0726980d087d 100644 --- a/crypto/openssh/uidswap.h +++ b/crypto/openssh/uidswap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.h,v 1.7 2001/04/06 21:00:17 markus Exp $ */ +/* $OpenBSD: uidswap.h,v 1.9 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -15,22 +15,8 @@ #ifndef UIDSWAP_H #define UIDSWAP_H -/* - * Temporarily changes to the given uid. If the effective user id is not - * root, this does nothing. This call cannot be nested. - */ -void temporarily_use_uid(struct passwd *pw); - -/* - * Restores the original effective user id after temporarily_use_uid(). - * This should only be called while temporarily_use_uid is effective. - */ -void restore_uid(void); - -/* - * Permanently sets all uids to the given uid. This cannot be called while - * temporarily_use_uid is effective. This must also clear any saved uids. - */ -void permanently_set_uid(struct passwd *pw); +void temporarily_use_uid(struct passwd *); +void restore_uid(void); +void permanently_set_uid(struct passwd *); #endif /* UIDSWAP_H */ diff --git a/crypto/openssh/uuencode.c b/crypto/openssh/uuencode.c index 1be975a6c4e4..0074cd89070e 100644 --- a/crypto/openssh/uuencode.c +++ b/crypto/openssh/uuencode.c @@ -1,5 +1,3 @@ -/* $OpenBSD: uuencode.c,v 1.12 2001/03/01 02:27:18 deraadt Exp $ */ - /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -25,13 +23,13 @@ */ #include "includes.h" +RCSID("$OpenBSD: uuencode.c,v 1.15 2002/03/04 17:27:39 stevesk Exp $"); + #include "xmalloc.h" #include "uuencode.h" #include <resolv.h> -RCSID("$OpenBSD: uuencode.c,v 1.12 2001/03/01 02:27:18 deraadt Exp $"); - int uuencode(u_char *src, u_int srclength, char *target, size_t targsize) @@ -52,7 +50,7 @@ uudecode(const char *src, u_char *target, size_t targsize) ; for (; *p != '\0' && *p != ' ' && *p != '\t'; p++) ; - /* and remote trailing whitespace because __b64_pton needs this */ + /* and remove trailing whitespace because __b64_pton needs this */ *p = '\0'; len = __b64_pton(encoded, target, targsize); xfree(encoded); @@ -60,7 +58,7 @@ uudecode(const char *src, u_char *target, size_t targsize) } void -dump_base64(FILE *fp, u_char *data, int len) +dump_base64(FILE *fp, u_char *data, u_int len) { u_char *buf = xmalloc(2*len); int i, n; diff --git a/crypto/openssh/uuencode.h b/crypto/openssh/uuencode.h index 42f83c2c06b5..682b623acb81 100644 --- a/crypto/openssh/uuencode.h +++ b/crypto/openssh/uuencode.h @@ -1,7 +1,7 @@ -/* $OpenBSD: uuencode.h,v 1.5 2001/01/29 01:58:19 niklas Exp $ */ +/* $OpenBSD: uuencode.h,v 1.9 2002/02/25 16:33:27 markus Exp $ */ /* - * Copyright (c) 1999 Markus Friedl. All rights reserved. + * Copyright (c) 2000 Markus Friedl. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -26,7 +26,7 @@ #ifndef UUENCODE_H #define UUENCODE_H -int uuencode(u_char *src, u_int srclength, char *target, size_t targsize); -int uudecode(const char *src, u_char *target, size_t targsize); -void dump_base64(FILE *fp, u_char *data, int len); +int uuencode(u_char *, u_int, char *, size_t); +int uudecode(const char *, u_char *, size_t); +void dump_base64(FILE *, u_char *, u_int); #endif diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index 1430063f1c7d..b11977ffcf02 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -1,3 +1,3 @@ -/* $OpenBSD: version.h,v 1.23 2001/04/24 16:43:16 markus Exp $ */ +/* $OpenBSD: version.h,v 1.28 2002/03/06 00:25:55 markus Exp $ */ -#define SSH_VERSION "OpenSSH_2.9" +#define SSH_VERSION "OpenSSH_3.1" diff --git a/crypto/openssh/xmalloc.c b/crypto/openssh/xmalloc.c index 504662749076..99c6ac3301ae 100644 --- a/crypto/openssh/xmalloc.c +++ b/crypto/openssh/xmalloc.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: xmalloc.c,v 1.15 2001/04/16 08:05:34 deraadt Exp $"); +RCSID("$OpenBSD: xmalloc.c,v 1.16 2001/07/23 18:21:46 stevesk Exp $"); #include "xmalloc.h" #include "log.h" @@ -58,11 +58,10 @@ xfree(void *ptr) char * xstrdup(const char *str) { - size_t len = strlen(str) + 1; + size_t len; char *cp; - if (len == 0) - fatal("xstrdup: zero size"); + len = strlen(str) + 1; cp = xmalloc(len); strlcpy(cp, str, len); return cp; diff --git a/crypto/openssh/xmalloc.h b/crypto/openssh/xmalloc.h index 59a598ed6df1..338a2d22dfce 100644 --- a/crypto/openssh/xmalloc.h +++ b/crypto/openssh/xmalloc.h @@ -1,3 +1,5 @@ +/* $OpenBSD: xmalloc.h,v 1.8 2002/03/04 17:27:39 stevesk Exp $ */ + /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -14,21 +16,12 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: xmalloc.h,v 1.5 2000/09/07 20:27:56 deraadt Exp $"); */ - #ifndef XMALLOC_H #define XMALLOC_H -/* Like malloc, but calls fatal() if out of memory. */ -void *xmalloc(size_t size); - -/* Like realloc, but calls fatal() if out of memory. */ -void *xrealloc(void *ptr, size_t new_size); - -/* Frees memory allocated using xmalloc or xrealloc. */ -void xfree(void *ptr); - -/* Allocates memory using xmalloc, and copies the string into that memory. */ -char *xstrdup(const char *str); +void *xmalloc(size_t); +void *xrealloc(void *, size_t); +void xfree(void *); +char *xstrdup(const char *); #endif /* XMALLOC_H */ |