Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/crypto/dist/ssh Pull up revisions 1.3-1.6 (requested by...
details: https://anonhg.NetBSD.org/src/rev/0600ac663336
branches: netbsd-1-5
changeset: 490705:0600ac663336
user: he <he%NetBSD.org@localhost>
date: Mon Feb 26 20:27:04 2001 +0000
description:
Pull up revisions 1.3-1.6 (requested by itojun):
Update SSH to version found on trunk as of 26 Feb 2001.
diffstat:
crypto/dist/ssh/ssh-add.c | 68 +++------
crypto/dist/ssh/ssh-agent.c | 319 +++++++++++++++++++++++++------------------
2 files changed, 207 insertions(+), 180 deletions(-)
diffs (truncated from 795 to 300 lines):
diff -r d7fa5f4074e2 -r 0600ac663336 crypto/dist/ssh/ssh-add.c
--- a/crypto/dist/ssh/ssh-add.c Mon Feb 26 20:27:01 2001 +0000
+++ b/crypto/dist/ssh/ssh-add.c Mon Feb 26 20:27:04 2001 +0000
@@ -1,5 +1,3 @@
-/* $NetBSD: ssh-add.c,v 1.1.1.1.2.2 2000/10/17 01:21:01 tv Exp $ */
-
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -36,26 +34,20 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* from OpenBSD: ssh-add.c,v 1.22 2000/09/07 20:27:54 deraadt Exp */
-
-#include <sys/cdefs.h>
-#ifndef lint
-__RCSID("$NetBSD: ssh-add.c,v 1.1.1.1.2.2 2000/10/17 01:21:01 tv Exp $");
-#endif
-
#include "includes.h"
+RCSID("$OpenBSD: ssh-add.c,v 1.28 2001/02/04 15:32:25 stevesk Exp $");
#include <openssl/evp.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
+#include "ssh.h"
#include "rsa.h"
-#include "ssh.h"
-#include "pathnames.h"
+#include "log.h"
#include "xmalloc.h"
#include "key.h"
#include "authfd.h"
#include "authfile.h"
+#include "pathnames.h"
+#include "readpass.h"
static void
delete_file(AuthenticationConnection *ac, const char *filename)
@@ -63,10 +55,10 @@
Key *public;
char *comment;
- public = key_new(KEY_RSA);
+ public = key_new(KEY_RSA1);
if (!load_public_key(filename, public, &comment)) {
key_free(public);
- public = key_new(KEY_DSA);
+ public = key_new(KEY_UNSPEC);
if (!try_load_public_key(filename, public, &comment)) {
printf("Bad key file %s\n", filename);
return;
@@ -94,11 +86,11 @@
if (success)
fprintf(stderr, "All identities removed.\n");
else
- fprintf(stderr, "Failed to remove all identitities.\n");
+ fprintf(stderr, "Failed to remove all identities.\n");
}
static char *
-ssh_askpass(const char *askpass, char *msg)
+ssh_askpass(char *askpass, char *msg)
{
pid_t pid;
size_t len;
@@ -106,6 +98,8 @@
int p[2], status;
char buf[1024];
+ if (fflush(stdout) != 0)
+ error("ssh_askpass: fflush: %s", strerror(errno));
if (askpass == NULL)
fatal("internal error: askpass undefined");
if (pipe(p) < 0)
@@ -141,13 +135,11 @@
struct stat st;
Key *public;
Key *private;
- char *saved_comment, *comment;
- const char *askpass = NULL;
+ char *saved_comment, *comment, *askpass = NULL;
char buf[1024], msg[1024];
int success;
int interactive = isatty(STDIN_FILENO);
- int type = KEY_RSA;
- int count;
+ int type = KEY_RSA1;
if (stat(filename, &st) < 0) {
perror(filename);
@@ -157,10 +149,10 @@
* try to load the public key. right now this only works for RSA,
* since DSA keys are fully encrypted
*/
- public = key_new(KEY_RSA);
+ public = key_new(KEY_RSA1);
if (!load_public_key(filename, public, &saved_comment)) {
- /* ok, so we will asume this is a DSA key */
- type = KEY_DSA;
+ /* ok, so we will assume this is 'some' key */
+ type = KEY_UNSPEC;
saved_comment = xstrdup(filename);
}
key_free(public);
@@ -169,7 +161,7 @@
if (getenv(SSH_ASKPASS_ENV))
askpass = getenv(SSH_ASKPASS_ENV);
else
- askpass = _PATH_SSH_ASKPASS;
+ askpass = _PATH_SSH_ASKPASS_DEFAULT;
}
/* At first, try empty passphrase */
@@ -181,14 +173,9 @@
xfree(saved_comment);
return;
}
- for (count = 0; ; count++) {
+ snprintf(msg, sizeof msg, "Enter passphrase for %.200s", saved_comment);
+ for (;;) {
char *pass;
-
- snprintf(msg, sizeof msg,
- "%sEnter passphrase for %.200s",
- count > 0 ?
- "You entered the wrong passphrase. " : "",
- saved_comment);
if (interactive) {
snprintf(buf, sizeof buf, "%s: ", msg);
pass = read_passphrase(buf, 1);
@@ -205,6 +192,7 @@
xfree(pass);
if (success)
break;
+ strlcpy(msg, "Bad passphrase, try again", sizeof msg);
}
}
xfree(comment);
@@ -230,8 +218,9 @@
key = ssh_get_next_identity(ac, &comment, version)) {
had_identities = 1;
if (fp) {
- printf("%d %s %s\n",
- key_size(key), key_fingerprint(key), comment);
+ printf("%d %s %s (%s)\n",
+ key_size(key), key_fingerprint(key),
+ comment, key_type(key));
} else {
if (!key_write(key, stdout))
fprintf(stderr, "key_write failed");
@@ -255,16 +244,7 @@
int i;
int deleting = 0;
- /* check if RSA support exists */
- if (rsa_alive() == 0) {
- extern char *__progname;
-
- fprintf(stderr,
- "%s: failed to generate RSA key: rnd(4) is mandatory.\n",
- __progname);
- exit(1);
- }
- SSLeay_add_all_algorithms();
+ SSLeay_add_all_algorithms();
/* At first, get a connection to the authentication agent. */
ac = ssh_get_authentication_connection();
diff -r d7fa5f4074e2 -r 0600ac663336 crypto/dist/ssh/ssh-agent.c
--- a/crypto/dist/ssh/ssh-agent.c Mon Feb 26 20:27:01 2001 +0000
+++ b/crypto/dist/ssh/ssh-agent.c Mon Feb 26 20:27:04 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ssh-agent.c,v 1.1.1.1.2.2 2000/10/17 01:21:02 tv Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.50 2001/02/08 19:30:52 itojun Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -36,14 +36,11 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* from OpenBSD: ssh-agent.c,v 1.37 2000/09/21 11:07:51 markus Exp */
+#include "includes.h"
+RCSID("$OpenBSD: ssh-agent.c,v 1.50 2001/02/08 19:30:52 itojun Exp $");
-#include <sys/cdefs.h>
-#ifndef lint
-__RCSID("$NetBSD: ssh-agent.c,v 1.1.1.1.2.2 2000/10/17 01:21:02 tv Exp $");
-#endif
-
-#include "includes.h"
+#include <openssl/evp.h>
+#include <openssl/md5.h>
#include "ssh.h"
#include "rsa.h"
@@ -51,19 +48,14 @@
#include "bufaux.h"
#include "xmalloc.h"
#include "packet.h"
-#include "pathnames.h"
#include "getput.h"
#include "mpaux.h"
-
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include "key.h"
#include "authfd.h"
-#include "dsa.h"
+#include "cipher.h"
#include "kex.h"
#include "compat.h"
+#include "log.h"
typedef struct {
int fd;
@@ -74,7 +66,7 @@
Buffer output;
} SocketEntry;
-unsigned int sockets_alloc = 0;
+u_int sockets_alloc = 0;
SocketEntry *sockets = NULL;
typedef struct {
@@ -101,6 +93,8 @@
extern char *__progname;
+int prepare_select(fd_set **, fd_set **, int *);
+
static void
idtab_init(void)
{
@@ -150,14 +144,14 @@
buffer_put_int(&msg, tab->nentries);
for (i = 0; i < tab->nentries; i++) {
Identity *id = &tab->identities[i];
- if (id->key->type == KEY_RSA) {
+ if (id->key->type == KEY_RSA1) {
buffer_put_int(&msg, BN_num_bits(id->key->rsa->n));
buffer_put_bignum(&msg, id->key->rsa->e);
buffer_put_bignum(&msg, id->key->rsa->n);
} else {
- unsigned char *blob;
- unsigned int blen;
- dsa_make_key_blob(id->key, &blob, &blen);
+ u_char *blob;
+ u_int blen;
+ key_to_blob(id->key, &blob, &blen);
buffer_put_string(&msg, blob, blen);
xfree(blob);
}
@@ -177,11 +171,11 @@
int i, len;
Buffer msg;
MD5_CTX md;
- unsigned char buf[32], mdbuf[16], session_id[16];
- unsigned int response_type;
+ u_char buf[32], mdbuf[16], session_id[16];
+ u_int response_type;
buffer_init(&msg);
- key = key_new(KEY_RSA);
+ key = key_new(KEY_RSA1);
challenge = BN_new();
buffer_get_int(&e->input); /* ignored */
@@ -200,7 +194,8 @@
private = lookup_private_key(key, NULL, 1);
if (private != NULL) {
/* Decrypt the challenge using the private key. */
- rsa_private_decrypt(challenge, challenge, private->rsa);
+ if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0)
+ goto failure;
/* The response is MD5 of decrypted challenge plus session id. */
len = BN_num_bytes(challenge);
@@ -239,14 +234,14 @@
{
extern int datafellows;
Key *key, *private;
- unsigned char *blob, *data, *signature = NULL;
- unsigned int blen, dlen, slen = 0;
+ u_char *blob, *data, *signature = NULL;
+ u_int blen, dlen, slen = 0;
int flags;
Buffer msg;
int ok = -1;
datafellows = 0;
-
+
blob = buffer_get_string(&e->input, &blen);
data = buffer_get_string(&e->input, &dlen);
Home |
Main Index |
Thread Index |
Old Index