Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/OPENSSH]: src/crypto/external/bsd/openssh/dist openssh: Remove upstream-...
details: https://anonhg.NetBSD.org/src/rev/794cafe09d56
branches: OPENSSH
changeset: 378248:794cafe09d56
user: rin <rin%NetBSD.org@localhost>
date: Fri Jul 28 03:57:34 2023 +0000
description:
openssh: Remove upstream-removed files from OPENSSH branch.
These files have already been removed from HEAD.
diffstat:
crypto/external/bsd/openssh/dist/README.smartcard | 73 -
crypto/external/bsd/openssh/dist/auth-chall.c | 88 -
crypto/external/bsd/openssh/dist/auth-rh-rsa.c | 103 -
crypto/external/bsd/openssh/dist/auth-rsa.c | 342 ----
crypto/external/bsd/openssh/dist/auth1.c | 366 ----
crypto/external/bsd/openssh/dist/auth2-jpake.c | 563 ------
crypto/external/bsd/openssh/dist/blocks.c | 246 --
crypto/external/bsd/openssh/dist/bufaux.c | 257 ---
crypto/external/bsd/openssh/dist/bufbn.c | 64 -
crypto/external/bsd/openssh/dist/bufec.c | 69 -
crypto/external/bsd/openssh/dist/buffer.c | 116 -
crypto/external/bsd/openssh/dist/buffer.h | 90 -
crypto/external/bsd/openssh/dist/cipher-3des1.c | 153 -
crypto/external/bsd/openssh/dist/cipher-bf1.c | 76 -
crypto/external/bsd/openssh/dist/cipher-ctr.c | 136 -
crypto/external/bsd/openssh/dist/compress.c | 165 -
crypto/external/bsd/openssh/dist/compress.h | 25 -
crypto/external/bsd/openssh/dist/crc32.c | 106 -
crypto/external/bsd/openssh/dist/crc32.h | 30 -
crypto/external/bsd/openssh/dist/deattack.c | 163 -
crypto/external/bsd/openssh/dist/deattack.h | 38 -
crypto/external/bsd/openssh/dist/fe25519.c | 335 ----
crypto/external/bsd/openssh/dist/fe25519.h | 70 -
crypto/external/bsd/openssh/dist/ge25519.c | 319 ---
crypto/external/bsd/openssh/dist/ge25519.h | 43 -
crypto/external/bsd/openssh/dist/ge25519_base.data | 858 ----------
crypto/external/bsd/openssh/dist/jpake.c | 454 -----
crypto/external/bsd/openssh/dist/jpake.h | 114 -
crypto/external/bsd/openssh/dist/kexc25519c.c | 167 --
crypto/external/bsd/openssh/dist/kexc25519s.c | 156 -
crypto/external/bsd/openssh/dist/kexdhc.c | 211 --
crypto/external/bsd/openssh/dist/kexdhs.c | 215 --
crypto/external/bsd/openssh/dist/kexecdhc.c | 216 --
crypto/external/bsd/openssh/dist/kexecdhs.c | 197 --
crypto/external/bsd/openssh/dist/kexsntrup4591761x25519.c | 217 --
crypto/external/bsd/openssh/dist/key.c | 234 --
crypto/external/bsd/openssh/dist/key.h | 69 -
crypto/external/bsd/openssh/dist/moduli-gen/moduli | 295 ---
crypto/external/bsd/openssh/dist/moduli-gen/moduli.1024 | 48 -
crypto/external/bsd/openssh/dist/moduli-gen/moduli.1536 | 49 -
crypto/external/bsd/openssh/dist/monitor_mm.c | 347 ----
crypto/external/bsd/openssh/dist/monitor_mm.h | 62 -
crypto/external/bsd/openssh/dist/opacket.c | 288 ---
crypto/external/bsd/openssh/dist/opacket.h | 153 -
crypto/external/bsd/openssh/dist/roaming.h | 45 -
crypto/external/bsd/openssh/dist/roaming_client.c | 269 ---
crypto/external/bsd/openssh/dist/roaming_common.c | 239 --
crypto/external/bsd/openssh/dist/roaming_dummy.c | 70 -
crypto/external/bsd/openssh/dist/roaming_serv.c | 29 -
crypto/external/bsd/openssh/dist/rsa.c | 185 --
crypto/external/bsd/openssh/dist/rsa.h | 26 -
crypto/external/bsd/openssh/dist/sc25519.c | 306 ---
crypto/external/bsd/openssh/dist/sc25519.h | 80 -
crypto/external/bsd/openssh/dist/scard.c | 570 ------
crypto/external/bsd/openssh/dist/scard.h | 40 -
crypto/external/bsd/openssh/dist/scard/Makefile | 20 -
crypto/external/bsd/openssh/dist/scard/Ssh.bin.uu | 17 -
crypto/external/bsd/openssh/dist/scard/Ssh.java | 164 -
crypto/external/bsd/openssh/dist/schnorr.c | 673 --------
crypto/external/bsd/openssh/dist/schnorr.h | 60 -
crypto/external/bsd/openssh/dist/sntrup4591761.c | 1081 -------------
crypto/external/bsd/openssh/dist/sntrup4591761.sh | 57 -
crypto/external/bsd/openssh/dist/ssh1.h | 91 -
crypto/external/bsd/openssh/dist/sshconnect1.c | 767 ---------
crypto/external/bsd/openssh/dist/uuencode.c | 93 -
crypto/external/bsd/openssh/dist/uuencode.h | 29 -
crypto/external/bsd/openssh/dist/verify.c | 47 -
67 files changed, 0 insertions(+), 13344 deletions(-)
diffs (truncated from 13612 to 300 lines):
diff -r 3e1d002ef79b -r 794cafe09d56 crypto/external/bsd/openssh/dist/README.smartcard
--- a/crypto/external/bsd/openssh/dist/README.smartcard Wed Jul 26 17:31:29 2023 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,73 +0,0 @@
-How to use smartcards with OpenSSH?
-
-OpenSSH contains experimental support for authentication using
-Cyberflex smartcards and TODOS card readers. To enable this you
-need to:
-
-(1) enable SMARTCARD support in OpenSSH:
-
- $ vi /usr/src/usr.bin/ssh/Makefile.inc
- and uncomment
- CFLAGS+= -DSMARTCARD
- LDADD+= -lsectok
-
-(2) If you have used a previous version of ssh with your card, you
- must remove the old applet and keys.
-
- $ sectok
- sectok> login -d
- sectok> junload Ssh.bin
- sectok> delete 0012
- sectok> delete sh
- sectok> quit
-
-(3) load the Java Cardlet to the Cyberflex card and set card passphrase:
-
- $ sectok
- sectok> login -d
- sectok> jload /usr/libdata/ssh/Ssh.bin
- sectok> setpass
- Enter new AUT0 passphrase:
- Re-enter passphrase:
- sectok> quit
-
- Do not forget the passphrase. There is no way to
- recover if you do.
-
- IMPORTANT WARNING: If you attempt to login with the
- wrong passphrase three times in a row, you will
- destroy your card.
-
-(4) load a RSA key to the card:
-
- $ ssh-keygen -f /path/to/rsakey -U 1
- (where 1 is the reader number, you can also try 0)
-
- In spite of the name, this does not generate a key.
- It just loads an already existing key on to the card.
-
-(5) tell the ssh client to use the card reader:
-
- $ ssh -I 1 otherhost
-
-(6) or tell the agent (don't forget to restart) to use the smartcard:
-
- $ ssh-add -s 1
-
-(7) Optional: If you don't want to use a card passphrase, change the
- acl on the private key file:
-
- $ sectok
- sectok> login -d
- sectok> acl 0012 world: w
- world: w
- AUT0: w inval
- sectok> quit
-
- If you do this, anyone who has access to your card
- can assume your identity. This is not recommended.
-
--markus,
-Tue Jul 17 23:54:51 CEST 2001
-
-$OpenBSD: README.smartcard,v 1.9 2003/11/21 11:57:02 djm Exp $
diff -r 3e1d002ef79b -r 794cafe09d56 crypto/external/bsd/openssh/dist/auth-chall.c
--- a/crypto/external/bsd/openssh/dist/auth-chall.c Wed Jul 26 17:31:29 2023 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,88 +0,0 @@
-/* $OpenBSD: auth-chall.c,v 1.14 2014/06/24 01:13:21 djm Exp $ */
-/*
- * Copyright (c) 2001 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include <sys/types.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#include "xmalloc.h"
-#include "key.h"
-#include "hostfile.h"
-#include "auth.h"
-#include "log.h"
-
-/* limited protocol v1 interface to kbd-interactive authentication */
-
-extern KbdintDevice *devices[];
-static KbdintDevice *device;
-
-char *
-get_challenge(Authctxt *authctxt)
-{
- char *challenge, *name, *info, **prompts;
- u_int i, numprompts;
- u_int *echo_on;
-
- device = devices[0]; /* we always use the 1st device for protocol 1 */
- if (device == NULL)
- return NULL;
- if ((authctxt->kbdintctxt = device->init_ctx(authctxt)) == NULL)
- return NULL;
- if (device->query(authctxt->kbdintctxt, &name, &info,
- &numprompts, &prompts, &echo_on)) {
- device->free_ctx(authctxt->kbdintctxt);
- authctxt->kbdintctxt = NULL;
- return NULL;
- }
- if (numprompts < 1)
- fatal("get_challenge: numprompts < 1");
- challenge = xstrdup(prompts[0]);
- for (i = 0; i < numprompts; i++)
- free(prompts[i]);
- free(prompts);
- free(name);
- free(echo_on);
- free(info);
-
- return (challenge);
-}
-int
-verify_response(Authctxt *authctxt, const char *response)
-{
- char *resp[1];
- int authenticated = 0;
-
- if (device == NULL)
- return 0;
- if (authctxt->kbdintctxt == NULL)
- return 0;
- resp[0] = (char *)response;
- if (device->respond(authctxt->kbdintctxt, 1, resp) == 0)
- authenticated = 1;
- device->free_ctx(authctxt->kbdintctxt);
- authctxt->kbdintctxt = NULL;
- return authenticated;
-}
diff -r 3e1d002ef79b -r 794cafe09d56 crypto/external/bsd/openssh/dist/auth-rh-rsa.c
--- a/crypto/external/bsd/openssh/dist/auth-rh-rsa.c Wed Jul 26 17:31:29 2023 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,103 +0,0 @@
-/* $OpenBSD: auth-rh-rsa.c,v 1.45 2016/03/07 19:02:43 djm Exp $ */
-/*
- * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
- * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
- * All rights reserved
- * Rhosts or /etc/hosts.equiv authentication combined with RSA host
- * authentication.
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-#include <sys/types.h>
-
-#include <pwd.h>
-#include <stdarg.h>
-
-#include "packet.h"
-#include "uidswap.h"
-#include "log.h"
-#include "buffer.h"
-#include "misc.h"
-#include "servconf.h"
-#include "key.h"
-#include "hostfile.h"
-#include "pathnames.h"
-#include "auth.h"
-#include "canohost.h"
-#ifdef GSSAPI
-#include "ssh-gss.h"
-#endif
-#include "monitor_wrap.h"
-
-/* import */
-extern ServerOptions options;
-
-int
-auth_rhosts_rsa_key_allowed(struct passwd *pw, const char *cuser,
- const char *chost, Key *client_host_key)
-{
- HostStatus host_status;
-
- if (auth_key_is_revoked(client_host_key))
- return 0;
-
- /* Check if we would accept it using rhosts authentication. */
- if (!auth_rhosts(pw, cuser))
- return 0;
-
- host_status = check_key_in_hostfiles(pw, client_host_key,
- chost, _PATH_SSH_SYSTEM_HOSTFILE,
- options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE);
-
- return (host_status == HOST_OK);
-}
-
-/*
- * Tries to authenticate the user using the .rhosts file and the host using
- * its host key. Returns true if authentication succeeds.
- */
-int
-auth_rhosts_rsa(Authctxt *authctxt, char *cuser, Key *client_host_key)
-{
- struct ssh *ssh = active_state; /* XXX */
- const char *chost;
- struct passwd *pw = authctxt->pw;
-
- debug("Trying rhosts with RSA host authentication for client user %.100s",
- cuser);
-
- if (!authctxt->valid || client_host_key == NULL ||
- client_host_key->rsa == NULL)
- return 0;
-
- chost = auth_get_canonical_hostname(ssh, options.use_dns);
- debug("Rhosts RSA authentication: canonical host %.900s", chost);
-
- if (!PRIVSEP(auth_rhosts_rsa_key_allowed(pw, cuser, chost, client_host_key))) {
- debug("Rhosts with RSA host authentication denied: unknown or invalid host key");
- packet_send_debug("Your host key cannot be verified: unknown or invalid host key.");
- return 0;
- }
- /* A matching host key was found and is known. */
-
- /* Perform the challenge-response dialog with the client for the host key. */
- if (!auth_rsa_challenge_dialog(client_host_key)) {
- logit("Client on %.800s failed to respond correctly to host authentication.",
- chost);
- return 0;
- }
- /*
- * We have authenticated the user using .rhosts or /etc/hosts.equiv,
- * and the host using RSA. We accept the authentication.
- */
-
- verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.",
- pw->pw_name, cuser, chost);
- packet_send_debug("Rhosts with RSA host authentication accepted.");
- return 1;
-}
diff -r 3e1d002ef79b -r 794cafe09d56 crypto/external/bsd/openssh/dist/auth-rsa.c
--- a/crypto/external/bsd/openssh/dist/auth-rsa.c Wed Jul 26 17:31:29 2023 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,342 +0,0 @@
-/* $OpenBSD: auth-rsa.c,v 1.90 2015/01/28 22:36:00 djm Exp $ */
-/*
- * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
- * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
- * All rights reserved
- * RSA-based authentication. This code determines whether to admit a login
- * based on RSA authentication. This file also contains functions to check
- * validity of the host key.
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#include <openssl/rsa.h>
Home |
Main Index |
Thread Index |
Old Index