Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssh/dist merge conflicts
details: https://anonhg.NetBSD.org/src/rev/e9b510a20b0e
branches: trunk
changeset: 344034:e9b510a20b0e
user: christos <christos%NetBSD.org@localhost>
date: Fri Mar 11 01:55:00 2016 +0000
description:
merge conflicts
diffstat:
crypto/external/bsd/openssh/dist/auth-bsdauth.c | 9 +-
crypto/external/bsd/openssh/dist/auth-krb5.c | 9 +-
crypto/external/bsd/openssh/dist/auth-options.c | 116 ++--
crypto/external/bsd/openssh/dist/auth.h | 8 +-
crypto/external/bsd/openssh/dist/auth2-pubkey.c | 41 +-
crypto/external/bsd/openssh/dist/authfd.c | 25 +-
crypto/external/bsd/openssh/dist/authfd.h | 8 +-
crypto/external/bsd/openssh/dist/authfile.c | 32 +-
crypto/external/bsd/openssh/dist/bitmap.c | 6 +-
crypto/external/bsd/openssh/dist/channels.c | 21 +-
crypto/external/bsd/openssh/dist/cipher.c | 10 +-
crypto/external/bsd/openssh/dist/clientloop.c | 98 ++-
crypto/external/bsd/openssh/dist/clientloop.h | 4 +-
crypto/external/bsd/openssh/dist/dh.h | 11 +-
crypto/external/bsd/openssh/dist/kex.c | 179 ++++++-
crypto/external/bsd/openssh/dist/kex.h | 13 +-
crypto/external/bsd/openssh/dist/kexc25519s.c | 11 +-
crypto/external/bsd/openssh/dist/kexdhs.c | 11 +-
crypto/external/bsd/openssh/dist/kexecdhs.c | 11 +-
crypto/external/bsd/openssh/dist/kexgexs.c | 11 +-
crypto/external/bsd/openssh/dist/key.c | 11 +-
crypto/external/bsd/openssh/dist/key.h | 7 +-
crypto/external/bsd/openssh/dist/krl.c | 28 +-
crypto/external/bsd/openssh/dist/misc.c | 74 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.1536 | 49 --
crypto/external/bsd/openssh/dist/monitor.c | 42 +-
crypto/external/bsd/openssh/dist/monitor_wrap.c | 10 +-
crypto/external/bsd/openssh/dist/monitor_wrap.h | 6 +-
crypto/external/bsd/openssh/dist/mux.c | 21 +-
crypto/external/bsd/openssh/dist/myproposal.h | 23 +-
crypto/external/bsd/openssh/dist/opacket.c | 4 +-
crypto/external/bsd/openssh/dist/opacket.h | 4 +-
crypto/external/bsd/openssh/dist/packet.c | 307 ++++++++----
crypto/external/bsd/openssh/dist/packet.h | 13 +-
crypto/external/bsd/openssh/dist/readconf.c | 105 +++-
crypto/external/bsd/openssh/dist/readconf.h | 12 +-
crypto/external/bsd/openssh/dist/readpass.c | 9 +-
crypto/external/bsd/openssh/dist/scp.1 | 7 +-
crypto/external/bsd/openssh/dist/scp.c | 21 +-
crypto/external/bsd/openssh/dist/servconf.c | 57 +-
crypto/external/bsd/openssh/dist/serverloop.c | 34 +-
crypto/external/bsd/openssh/dist/session.c | 31 +-
crypto/external/bsd/openssh/dist/sftp-client.c | 27 +-
crypto/external/bsd/openssh/dist/sftp-server-main.c | 9 +-
crypto/external/bsd/openssh/dist/sftp-server.c | 14 +-
crypto/external/bsd/openssh/dist/sftp.1 | 7 +-
crypto/external/bsd/openssh/dist/sftp.c | 8 +-
crypto/external/bsd/openssh/dist/ssh-add.c | 40 +-
crypto/external/bsd/openssh/dist/ssh-agent.1 | 17 +-
crypto/external/bsd/openssh/dist/ssh-agent.c | 32 +-
crypto/external/bsd/openssh/dist/ssh-dss.c | 16 +-
crypto/external/bsd/openssh/dist/ssh-ecdsa.c | 19 +-
crypto/external/bsd/openssh/dist/ssh-keygen.1 | 20 +-
crypto/external/bsd/openssh/dist/ssh-keygen.c | 377 +++++++++------
crypto/external/bsd/openssh/dist/ssh-keyscan.1 | 10 +-
crypto/external/bsd/openssh/dist/ssh-keyscan.c | 82 ++-
crypto/external/bsd/openssh/dist/ssh-keysign.8 | 8 +-
crypto/external/bsd/openssh/dist/ssh-keysign.c | 36 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c | 9 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c | 8 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11.c | 13 +-
crypto/external/bsd/openssh/dist/ssh-rsa.c | 154 +++++-
crypto/external/bsd/openssh/dist/ssh.1 | 99 +--
crypto/external/bsd/openssh/dist/ssh.c | 132 ++++-
crypto/external/bsd/openssh/dist/ssh.h | 12 +-
crypto/external/bsd/openssh/dist/ssh2.h | 5 +-
crypto/external/bsd/openssh/dist/ssh_api.c | 21 +-
crypto/external/bsd/openssh/dist/ssh_config | 8 +-
crypto/external/bsd/openssh/dist/ssh_config.5 | 145 ++++-
crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c | 10 +-
crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c | 4 +-
crypto/external/bsd/openssh/dist/sshbuf-misc.c | 12 +-
crypto/external/bsd/openssh/dist/sshbuf.c | 10 +-
crypto/external/bsd/openssh/dist/sshbuf.h | 37 +-
crypto/external/bsd/openssh/dist/sshconnect.c | 75 ++-
crypto/external/bsd/openssh/dist/sshconnect.h | 6 +-
crypto/external/bsd/openssh/dist/sshconnect1.c | 20 +-
crypto/external/bsd/openssh/dist/sshconnect2.c | 278 ++++++++---
crypto/external/bsd/openssh/dist/sshd.8 | 57 +-
crypto/external/bsd/openssh/dist/sshd.c | 88 +-
crypto/external/bsd/openssh/dist/sshd_config | 6 +-
crypto/external/bsd/openssh/dist/sshd_config.5 | 66 +-
crypto/external/bsd/openssh/dist/ssherr.c | 6 +-
crypto/external/bsd/openssh/dist/sshkey.c | 215 ++++----
crypto/external/bsd/openssh/dist/sshlogin.c | 11 +-
crypto/external/bsd/openssh/dist/version.h | 8 +-
crypto/external/bsd/openssh/dist/xmalloc.c | 17 +-
crypto/external/bsd/openssh/dist/xmalloc.h | 5 +-
88 files changed, 2373 insertions(+), 1395 deletions(-)
diffs (truncated from 8473 to 300 lines):
diff -r de7d6f102ecb -r e9b510a20b0e crypto/external/bsd/openssh/dist/auth-bsdauth.c
--- a/crypto/external/bsd/openssh/dist/auth-bsdauth.c Fri Mar 11 01:49:59 2016 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-bsdauth.c Fri Mar 11 01:55:00 2016 +0000
@@ -1,5 +1,6 @@
-/* $NetBSD: auth-bsdauth.c,v 1.4 2015/04/03 23:58:19 christos Exp $ */
-/* $OpenBSD: auth-bsdauth.c,v 1.13 2014/06/24 01:13:21 djm Exp $ */
+/* $NetBSD: auth-bsdauth.c,v 1.5 2016/03/11 01:55:00 christos Exp $ */
+/* $OpenBSD: auth-bsdauth.c,v 1.14 2015/10/20 23:24:25 mmcc Exp $ */
+
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
@@ -25,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-bsdauth.c,v 1.4 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: auth-bsdauth.c,v 1.5 2016/03/11 01:55:00 christos Exp $");
#include <sys/types.h>
#include <stdarg.h>
#include <stdio.h>
@@ -102,7 +103,7 @@
if (!authctxt->valid)
return -1;
- if (authctxt->as == 0)
+ if (authctxt->as == NULL)
error("bsdauth_respond: no bsd auth session");
if (numresponses != 1)
diff -r de7d6f102ecb -r e9b510a20b0e crypto/external/bsd/openssh/dist/auth-krb5.c
--- a/crypto/external/bsd/openssh/dist/auth-krb5.c Fri Mar 11 01:49:59 2016 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-krb5.c Fri Mar 11 01:55:00 2016 +0000
@@ -1,9 +1,10 @@
-/* $NetBSD: auth-krb5.c,v 1.7 2015/04/03 23:58:19 christos Exp $ */
-/* $OpenBSD: auth-krb5.c,v 1.20 2013/07/20 01:55:13 djm Exp $ */
+/* $NetBSD: auth-krb5.c,v 1.8 2016/03/11 01:55:00 christos Exp $ */
+/* $OpenBSD: auth-krb5.c,v 1.21 2016/01/27 06:44:58 djm Exp $ */
+
/*
* Kerberos v5 authentication and ticket-passing routines.
*
- * $FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar Exp $
+ * From: FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar
*/
/*
* Copyright (c) 2002 Daniel Kouril. All rights reserved.
@@ -30,7 +31,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-krb5.c,v 1.7 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: auth-krb5.c,v 1.8 2016/03/11 01:55:00 christos Exp $");
#include <sys/types.h>
#include <pwd.h>
#include <stdarg.h>
diff -r de7d6f102ecb -r e9b510a20b0e crypto/external/bsd/openssh/dist/auth-options.c
--- a/crypto/external/bsd/openssh/dist/auth-options.c Fri Mar 11 01:49:59 2016 +0000
+++ b/crypto/external/bsd/openssh/dist/auth-options.c Fri Mar 11 01:55:00 2016 +0000
@@ -1,5 +1,6 @@
-/* $NetBSD: auth-options.c,v 1.11 2015/08/13 10:33:21 christos Exp $ */
-/* $OpenBSD: auth-options.c,v 1.68 2015/07/03 03:43:18 djm Exp $ */
+/* $NetBSD: auth-options.c,v 1.12 2016/03/11 01:55:00 christos Exp $ */
+/* $OpenBSD: auth-options.c,v 1.70 2015/12/10 17:08:40 mmcc Exp $ */
+
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -12,7 +13,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth-options.c,v 1.11 2015/08/13 10:33:21 christos Exp $");
+__RCSID("$NetBSD: auth-options.c,v 1.12 2016/03/11 01:55:00 christos Exp $");
#include <sys/types.h>
#include <sys/queue.h>
@@ -76,19 +77,45 @@
free(ce->s);
free(ce);
}
- if (forced_command) {
- free(forced_command);
- forced_command = NULL;
- }
- if (authorized_principals) {
- free(authorized_principals);
- authorized_principals = NULL;
- }
+ free(forced_command);
+ forced_command = NULL;
+ free(authorized_principals);
+ authorized_principals = NULL;
forced_tun_device = -1;
channel_clear_permitted_opens();
}
/*
+ * Match flag 'opt' in *optsp, and if allow_negate is set then also match
+ * 'no-opt'. Returns -1 if option not matched, 1 if option matches or 0
+ * if negated option matches.
+ * If the option or negated option matches, then *optsp is updated to
+ * point to the first character after the option and, if 'msg' is not NULL
+ * then a message based on it added via auth_debug_add().
+ */
+static int
+match_flag(const char *opt, int allow_negate, const char **optsp, const char *msg)
+{
+ size_t opt_len = strlen(opt);
+ const char *opts = *optsp;
+ int negate = 0;
+
+ if (allow_negate && strncasecmp(opts, "no-", 3) == 0) {
+ opts += 3;
+ negate = 1;
+ }
+ if (strncasecmp(opts, opt, opt_len) == 0) {
+ *optsp = opts + opt_len;
+ if (msg != NULL) {
+ auth_debug_add("%s %s.", msg,
+ negate ? "disabled" : "enabled");
+ }
+ return negate ? 0 : 1;
+ }
+ return -1;
+}
+
+/*
* return 1 if access is granted, 0 if not.
* side effect: sets key option flags
*/
@@ -97,7 +124,7 @@
u_long linenum)
{
const char *cp;
- int i;
+ int i, r;
/* reset options */
auth_clear_options();
@@ -106,52 +133,48 @@
return 1;
while (*opts && *opts != ' ' && *opts != '\t') {
- cp = "cert-authority";
- if (strncasecmp(opts, cp, strlen(cp)) == 0) {
- key_is_cert_authority = 1;
- opts += strlen(cp);
+ if ((r = match_flag("cert-authority", 0, &opts, NULL)) != -1) {
+ key_is_cert_authority = r;
goto next_option;
}
- cp = "no-port-forwarding";
- if (strncasecmp(opts, cp, strlen(cp)) == 0) {
- auth_debug_add("Port forwarding disabled.");
+ if ((r = match_flag("restrict", 0, &opts, NULL)) != -1) {
+ auth_debug_add("Key is restricted.");
no_port_forwarding_flag = 1;
- opts += strlen(cp);
+ no_agent_forwarding_flag = 1;
+ no_x11_forwarding_flag = 1;
+ no_pty_flag = 1;
+ no_user_rc = 1;
goto next_option;
}
- cp = "no-agent-forwarding";
- if (strncasecmp(opts, cp, strlen(cp)) == 0) {
- auth_debug_add("Agent forwarding disabled.");
- no_agent_forwarding_flag = 1;
- opts += strlen(cp);
+ if ((r = match_flag("port-forwarding", 1, &opts,
+ "Port forwarding")) != -1) {
+ no_port_forwarding_flag = r != 1;
goto next_option;
}
- cp = "no-X11-forwarding";
- if (strncasecmp(opts, cp, strlen(cp)) == 0) {
- auth_debug_add("X11 forwarding disabled.");
- no_x11_forwarding_flag = 1;
- opts += strlen(cp);
+ if ((r = match_flag("agent-forwarding", 1, &opts,
+ "Agent forwarding")) != -1) {
+ no_agent_forwarding_flag = r != 1;
goto next_option;
}
- cp = "no-pty";
- if (strncasecmp(opts, cp, strlen(cp)) == 0) {
- auth_debug_add("Pty allocation disabled.");
- no_pty_flag = 1;
- opts += strlen(cp);
+ if ((r = match_flag("x11-forwarding", 1, &opts,
+ "X11 forwarding")) != -1) {
+ no_x11_forwarding_flag = r != 1;
goto next_option;
}
- cp = "no-user-rc";
- if (strncasecmp(opts, cp, strlen(cp)) == 0) {
- auth_debug_add("User rc file execution disabled.");
- no_user_rc = 1;
- opts += strlen(cp);
+ if ((r = match_flag("pty", 1, &opts,
+ "PTY allocation")) != -1) {
+ no_pty_flag = r != 1;
+ goto next_option;
+ }
+ if ((r = match_flag("user-rc", 1, &opts,
+ "User rc execution")) != -1) {
+ no_user_rc = r != 1;
goto next_option;
}
cp = "command=\"";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
opts += strlen(cp);
- if (forced_command != NULL)
- free(forced_command);
+ free(forced_command);
forced_command = xmalloc(strlen(opts) + 1);
i = 0;
while (*opts) {
@@ -181,8 +204,7 @@
cp = "principals=\"";
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
opts += strlen(cp);
- if (authorized_principals != NULL)
- free(authorized_principals);
+ free(authorized_principals);
authorized_principals = xmalloc(strlen(opts) + 1);
i = 0;
while (*opts) {
@@ -568,8 +590,7 @@
free(*cert_forced_command);
*cert_forced_command = NULL;
}
- if (name != NULL)
- free(name);
+ free(name);
sshbuf_free(data);
sshbuf_free(c);
return ret;
@@ -613,8 +634,7 @@
no_user_rc |= cert_no_user_rc;
/* CA-specified forced command supersedes key option */
if (cert_forced_command != NULL) {
- if (forced_command != NULL)
- free(forced_command);
+ free(forced_command);
forced_command = cert_forced_command;
}
return 0;
diff -r de7d6f102ecb -r e9b510a20b0e crypto/external/bsd/openssh/dist/auth.h
--- a/crypto/external/bsd/openssh/dist/auth.h Fri Mar 11 01:49:59 2016 +0000
+++ b/crypto/external/bsd/openssh/dist/auth.h Fri Mar 11 01:55:00 2016 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: auth.h,v 1.11 2015/07/03 00:59:59 christos Exp $ */
-/* $OpenBSD: auth.h,v 1.84 2015/05/08 06:41:56 djm Exp $ */
+/* $NetBSD: auth.h,v 1.12 2016/03/11 01:55:00 christos Exp $ */
+/* $OpenBSD: auth.h,v 1.86 2015/12/04 16:41:28 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -188,8 +188,6 @@
void auth2_challenge_stop(Authctxt *);
int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
int bsdauth_respond(void *, u_int, char **);
-int skey_query(void *, char **, char **, u_int *, char ***, u_int **);
-int skey_respond(void *, u_int, char **);
int allowed_user(struct passwd *);
struct passwd * getpwnamallow(const char *user);
@@ -216,7 +214,7 @@
int get_hostkey_index(Key *, int, struct ssh *);
int ssh1_session_key(BIGNUM *);
int sshd_hostkey_sign(Key *, Key *, u_char **, size_t *,
- const u_char *, size_t, u_int);
+ const u_char *, size_t, const char *, u_int);
/* debug messages during authentication */
void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
diff -r de7d6f102ecb -r e9b510a20b0e crypto/external/bsd/openssh/dist/auth2-pubkey.c
--- a/crypto/external/bsd/openssh/dist/auth2-pubkey.c Fri Mar 11 01:49:59 2016 +0000
+++ b/crypto/external/bsd/openssh/dist/auth2-pubkey.c Fri Mar 11 01:55:00 2016 +0000
@@ -1,5 +1,6 @@
-/* $NetBSD: auth2-pubkey.c,v 1.13 2015/07/06 15:09:17 christos Exp $ */
-/* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */
+/* $NetBSD: auth2-pubkey.c,v 1.14 2016/03/11 01:55:00 christos Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.55 2016/01/27 00:53:12 djm Exp $ */
+
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -25,7 +26,7 @@
*/
#include "includes.h"
-__RCSID("$NetBSD: auth2-pubkey.c,v 1.13 2015/07/06 15:09:17 christos Exp $");
+__RCSID("$NetBSD: auth2-pubkey.c,v 1.14 2016/03/11 01:55:00 christos Exp $");
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
@@ -84,19 +85,19 @@
Home |
Main Index |
Thread Index |
Old Index