Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/crypto/dist/ssh Pull up revisions 1.3-1.7 (requested by...
details: https://anonhg.NetBSD.org/src/rev/de32cc98fc3f
branches: netbsd-1-5
changeset: 490706:de32cc98fc3f
user: he <he%NetBSD.org@localhost>
date: Mon Feb 26 20:27:07 2001 +0000
description:
Pull up revisions 1.3-1.7 (requested by itojun):
Update SSH to version found on trunk as of 26 Feb 2001.
diffstat:
crypto/dist/ssh/ssh.c | 422 ++++++++++++++++++++++++++++---------------------
1 files changed, 238 insertions(+), 184 deletions(-)
diffs (truncated from 767 to 300 lines):
diff -r 0600ac663336 -r de32cc98fc3f crypto/dist/ssh/ssh.c
--- a/crypto/dist/ssh/ssh.c Mon Feb 26 20:27:04 2001 +0000
+++ b/crypto/dist/ssh/ssh.c Mon Feb 26 20:27:07 2001 +0000
@@ -1,5 +1,3 @@
-/* $NetBSD: ssh.c,v 1.1.1.1.2.2 2000/10/17 01:21:02 tv Exp $ */
-
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -40,36 +38,35 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* from OpenBSD: ssh.c,v 1.66 2000/09/12 20:53:10 markus Exp */
-
-#include <sys/cdefs.h>
-#ifndef lint
-__RCSID("$NetBSD: ssh.c,v 1.1.1.1.2.2 2000/10/17 01:21:02 tv Exp $");
-#endif
-
#include "includes.h"
+RCSID("$OpenBSD: ssh.c,v 1.96 2001/02/17 23:28:58 deraadt Exp $");
#include <openssl/evp.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
-#include <openssl/rand.h>
+#include <openssl/err.h>
-#include "xmalloc.h"
#include "ssh.h"
-#include "packet.h"
-#include "pathnames.h"
-#include "buffer.h"
-#include "readconf.h"
-#include "uidswap.h"
-
+#include "ssh1.h"
#include "ssh2.h"
#include "compat.h"
+#include "cipher.h"
+#include "xmalloc.h"
+#include "packet.h"
+#include "buffer.h"
+#include "uidswap.h"
#include "channels.h"
#include "key.h"
#include "authfd.h"
#include "authfile.h"
-
-#include "client.h"
+#include "pathnames.h"
+#include "clientloop.h"
+#include "log.h"
+#include "readconf.h"
+#include "sshconnect.h"
+#include "tildexpand.h"
+#include "dispatch.h"
+#include "misc.h"
+#include "kex.h"
+#include "mac.h"
extern char *__progname;
@@ -82,10 +79,11 @@
/* Flag indicating whether a tty should be allocated */
int tty_flag = 0;
+int no_tty_flag = 0;
+int force_tty_flag = 0;
/* don't exec a shell */
int no_shell_flag = 0;
-int no_tty_flag = 0;
/*
* Flag indicating that nothing should be read from stdin. This can be set
@@ -116,8 +114,13 @@
/* socket address the host resolves to */
struct sockaddr_storage hostaddr;
-/* Value of argv[0] (set in the main program). */
-char *av0;
+/*
+ * Flag to indicate that we have received a window change signal which has
+ * not yet been processed. This will cause a message indicating the new
+ * window size to be sent to the server a little later. This is volatile
+ * because this is updated in a signal handler.
+ */
+volatile int received_window_change_signal = 0;
/* Flag indicating whether we have a valid host private key loaded. */
int host_private_key_loaded = 0;
@@ -131,12 +134,15 @@
/* command to be executed */
Buffer command;
+/* Should we execute a command or invoke a subsystem? */
+int subsystem_flag = 0;
+
/* Prints a help message to the user. This function never returns. */
static void
usage(void)
{
- fprintf(stderr, "Usage: %s [options] host [command]\n", av0);
+ fprintf(stderr, "Usage: %s [options] host [command]\n", __progname);
fprintf(stderr, "Options:\n");
fprintf(stderr, " -l user Log in using this user name.\n");
fprintf(stderr, " -n Redirect input from " _PATH_DEVNULL ".\n");
@@ -145,9 +151,9 @@
#ifdef AFS
fprintf(stderr, " -k Disable Kerberos ticket and AFS token forwarding.\n");
#endif /* AFS */
- fprintf(stderr, " -X Enable X11 connection forwarding.\n");
+ fprintf(stderr, " -X Enable X11 connection forwarding.\n");
fprintf(stderr, " -x Disable X11 connection forwarding.\n");
- fprintf(stderr, " -i file Identity for RSA authentication (default: " _PATH_SSH_CLIENT_IDENTITY ".\n");
+ fprintf(stderr, " -i file Identity for RSA authentication (default: ~/.ssh/identity).\n");
fprintf(stderr, " -t Tty; allocate a tty even if command is given.\n");
fprintf(stderr, " -T Do not allocate a tty.\n");
fprintf(stderr, " -v Verbose; display verbose debugging messages.\n");
@@ -164,15 +170,17 @@
fprintf(stderr, " -p port Connect to this port. Server must be on the same port.\n");
fprintf(stderr, " -L listen-port:host:port Forward local port to remote address\n");
fprintf(stderr, " -R listen-port:host:port Forward remote port to local address\n");
- fprintf(stderr, " These cause %s to listen for connections on a port, and\n", av0);
+ fprintf(stderr, " These cause %s to listen for connections on a port, and\n", __progname);
fprintf(stderr, " forward them to the other side by connecting to host:port.\n");
fprintf(stderr, " -C Enable compression.\n");
fprintf(stderr, " -N Do not execute a shell or command.\n");
fprintf(stderr, " -g Allow remote hosts to connect to forwarded ports.\n");
+ fprintf(stderr, " -1 Force protocol version 1.\n");
+ fprintf(stderr, " -2 Force protocol version 2.\n");
fprintf(stderr, " -4 Use IPv4 only.\n");
fprintf(stderr, " -6 Use IPv6 only.\n");
- fprintf(stderr, " -2 Force protocol version 2.\n");
fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
+ fprintf(stderr, " -s Invoke command (mandatory) as SSH2 subsystem.\n");
exit(1);
}
@@ -214,8 +222,9 @@
exit(1);
}
-int ssh_session(void);
-int ssh_session2(void);
+int ssh_session(void);
+int ssh_session2(void);
+int guess_identity_file_type(const char *filename);
/*
* Main program for the ssh client.
@@ -262,24 +271,12 @@
*/
umask(022);
- /* Save our own name. */
- av0 = av[0];
-
/* Initialize option structure to indicate that no values have been set. */
initialize_options(&options);
/* Parse command-line arguments. */
host = NULL;
- /* If program name is not one of the standard names, use it as host name. */
- if (strchr(av0, '/'))
- cp = strrchr(av0, '/') + 1;
- else
- cp = av0;
- if (strcmp(cp, "rsh") && strcmp(cp, "ssh") && strcmp(cp, "rlogin") &&
- strcmp(cp, "slogin") && strcmp(cp, "remsh"))
- host = cp;
-
for (optind = 1; optind < ac; optind++) {
if (av[optind][0] != '-') {
if (host)
@@ -297,7 +294,7 @@
opt = av[optind][1];
if (!opt)
usage();
- if (strchr("eilcpLRo", opt)) { /* options with arguments */
+ if (strchr("eilcmpLRo", opt)) { /* options with arguments */
optarg = av[optind] + 2;
if (strcmp(optarg, "") == 0) {
if (optind >= ac - 1)
@@ -310,6 +307,9 @@
optarg = NULL;
}
switch (opt) {
+ case '1':
+ options.protocol = SSH_PROTO_1;
+ break;
case '2':
options.protocol = SSH_PROTO_2;
break;
@@ -344,27 +344,26 @@
case 'A':
options.forward_agent = 1;
break;
-#if defined(AFS) || defined(KRB5)
+#ifdef AFS
case 'k':
options.kerberos_tgt_passing = 0;
-#if defined(AFS)
options.afs_token_passing = 0;
+ break;
#endif
- break;
-#endif /* AFS || KRB5 */
case 'i':
if (stat(optarg, &st) < 0) {
fprintf(stderr, "Warning: Identity file %s does not exist.\n",
- optarg);
+ optarg);
break;
}
if (options.num_identity_files >= SSH_MAX_IDENTITY_FILES)
fatal("Too many identity files specified (max %d)",
- SSH_MAX_IDENTITY_FILES);
- options.identity_files[options.num_identity_files++] =
- xstrdup(optarg);
+ SSH_MAX_IDENTITY_FILES);
+ options.identity_files[options.num_identity_files++] = xstrdup(optarg);
break;
case 't':
+ if (tty_flag)
+ force_tty_flag = 1;
tty_flag = 1;
break;
case 'v':
@@ -379,11 +378,12 @@
}
/* fallthrough */
case 'V':
- fprintf(stderr, "SSH Version %s, protocol versions %d.%d/%d.%d.\n",
+ fprintf(stderr,
+ "%s, SSH protocols %d.%d/%d.%d, OpenSSL 0x%8.8lx\n",
SSH_VERSION,
PROTOCOL_MAJOR_1, PROTOCOL_MINOR_1,
- PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2);
- fprintf(stderr, "Compiled with OpenSSL (0x%8.8lx).\n", SSLeay());
+ PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2,
+ SSLeay());
if (opt == 'V')
exit(0);
break;
@@ -392,10 +392,10 @@
break;
case 'e':
if (optarg[0] == '^' && optarg[2] == 0 &&
- (unsigned char) optarg[1] >= 64 && (unsigned char) optarg[1] < 128)
- options.escape_char = (unsigned char) optarg[1] & 31;
+ (u_char) optarg[1] >= 64 && (u_char) optarg[1] < 128)
+ options.escape_char = (u_char) optarg[1] & 31;
else if (strlen(optarg) == 1)
- options.escape_char = (unsigned char) optarg[0];
+ options.escape_char = (u_char) optarg[0];
else if (strcmp(optarg, "none") == 0)
options.escape_char = -2;
else {
@@ -415,6 +415,21 @@
fprintf(stderr, "Unknown cipher type '%s'\n", optarg);
exit(1);
}
+ if (options.cipher == SSH_CIPHER_3DES) {
+ options.ciphers = "3des-cbc";
+ } else if (options.cipher == SSH_CIPHER_BLOWFISH) {
+ options.ciphers = "blowfish-cbc";
+ } else {
+ options.ciphers = (char *)-1;
+ }
+ }
+ break;
+ case 'm':
+ if (mac_valid(optarg))
+ options.macs = xstrdup(optarg);
+ else {
+ fprintf(stderr, "Unknown mac type '%s'\n", optarg);
+ exit(1);
}
break;
case 'p':
@@ -461,6 +476,9 @@
"command-line", 0, &dummy) != 0)
exit(1);
break;
+ case 's':
+ subsystem_flag = 1;
+ break;
default:
usage();
}
@@ -471,6 +489,7 @@
usage();
SSLeay_add_all_algorithms();
+ ERR_load_crypto_strings();
Home |
Main Index |
Thread Index |
Old Index