Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/dist/ssh resolve conflicts on 3.0.1 import
details: https://anonhg.NetBSD.org/src/rev/962d0c06cf27
branches: trunk
changeset: 518269:962d0c06cf27
user: itojun <itojun%NetBSD.org@localhost>
date: Tue Nov 27 04:10:22 2001 +0000
description:
resolve conflicts on 3.0.1 import
diffstat:
crypto/dist/ssh/auth.c | 8 ++--
crypto/dist/ssh/auth2.c | 8 ++--
crypto/dist/ssh/channels.h | 6 ++--
crypto/dist/ssh/clientloop.c | 16 +++++-----
crypto/dist/ssh/deattack.c | 8 ++--
crypto/dist/ssh/key.c | 9 +++--
crypto/dist/ssh/packet.c | 61 ++++++++++++++++--------------------------
crypto/dist/ssh/radix.c | 22 +++++++-------
crypto/dist/ssh/readconf.c | 6 ++--
crypto/dist/ssh/readpass.c | 13 ++++----
crypto/dist/ssh/servconf.c | 15 +++++++---
crypto/dist/ssh/serverloop.c | 10 +++---
crypto/dist/ssh/ssh-agent.1 | 9 ++++-
crypto/dist/ssh/ssh-agent.c | 18 +++++++----
crypto/dist/ssh/ssh-dss.c | 14 +++++----
crypto/dist/ssh/ssh-keygen.1 | 12 +++++--
crypto/dist/ssh/ssh-keygen.c | 8 +++--
crypto/dist/ssh/ssh-keyscan.c | 8 +++--
crypto/dist/ssh/ssh-rsa.c | 16 ++++++++--
crypto/dist/ssh/ssh.1 | 13 +++++++-
crypto/dist/ssh/sshconnect2.c | 8 ++--
crypto/dist/ssh/sshd.8 | 11 +++++--
crypto/dist/ssh/sshd.c | 49 +++++++++++++++++++++------------
23 files changed, 196 insertions(+), 152 deletions(-)
diffs (truncated from 1077 to 300 lines):
diff -r 805af5d577f2 -r 962d0c06cf27 crypto/dist/ssh/auth.c
--- a/crypto/dist/ssh/auth.c Tue Nov 27 04:03:44 2001 +0000
+++ b/crypto/dist/ssh/auth.c Tue Nov 27 04:10:22 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: auth.c,v 1.9 2001/11/07 06:26:47 itojun Exp $ */
+/* $NetBSD: auth.c,v 1.10 2001/11/27 04:10:22 itojun Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -24,7 +24,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.28 2001/10/03 10:01:20 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.30 2001/11/17 19:14:34 stevesk Exp $");
#include <libgen.h>
@@ -264,7 +264,7 @@
authmsg,
method,
authctxt->valid ? "" : "illegal user ",
- authctxt->valid && authctxt->pw->pw_uid == 0 ? "ROOT" : authctxt->user,
+ authctxt->user,
get_remote_ipaddr(),
get_remote_port(),
info);
@@ -371,7 +371,7 @@
Key *found;
char *user_hostfile;
struct stat st;
- int host_status;
+ HostStatus host_status;
/* Check if we know the host and its host key. */
found = key_new(key->type);
diff -r 805af5d577f2 -r 962d0c06cf27 crypto/dist/ssh/auth2.c
--- a/crypto/dist/ssh/auth2.c Tue Nov 27 04:03:44 2001 +0000
+++ b/crypto/dist/ssh/auth2.c Tue Nov 27 04:10:22 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: auth2.c,v 1.11 2001/11/07 06:26:47 itojun Exp $ */
+/* $NetBSD: auth2.c,v 1.12 2001/11/27 04:10:22 itojun Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -24,7 +24,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.71 2001/09/27 15:31:17 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.73 2001/11/17 19:14:34 stevesk Exp $");
#include <openssl/evp.h>
@@ -51,7 +51,6 @@
#include "misc.h"
#include "hostfile.h"
#include "canohost.h"
-#include "tildexpand.h"
#include "match.h"
/* import */
@@ -708,7 +707,8 @@
Key *key)
{
const char *resolvedname, *ipaddr, *lookup;
- int host_status, len;
+ HostStatus host_status;
+ int len;
resolvedname = get_canonical_hostname(options.reverse_mapping_check);
ipaddr = get_remote_ipaddr();
diff -r 805af5d577f2 -r 962d0c06cf27 crypto/dist/ssh/channels.h
--- a/crypto/dist/ssh/channels.h Tue Nov 27 04:03:44 2001 +0000
+++ b/crypto/dist/ssh/channels.h Tue Nov 27 04:10:22 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: channels.h,v 1.5 2001/11/07 06:26:47 itojun Exp $ */
+/* $NetBSD: channels.h,v 1.6 2001/11/27 04:10:22 itojun Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -33,7 +33,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* RCSID("$OpenBSD: channels.h,v 1.50 2001/10/10 22:18:47 markus Exp $"); */
+/* RCSID("$OpenBSD: channels.h,v 1.51 2001/11/07 22:53:21 markus Exp $"); */
#ifndef CHANNEL_H
#define CHANNEL_H
@@ -57,7 +57,7 @@
#define SSH_CHANNEL_ZOMBIE 14 /* Almost dead. */
#define SSH_CHANNEL_MAX_TYPE 15
-#define SSH_CHANNEL_PATH_LEN 30
+#define SSH_CHANNEL_PATH_LEN 256
struct Channel;
typedef struct Channel Channel;
diff -r 805af5d577f2 -r 962d0c06cf27 crypto/dist/ssh/clientloop.c
--- a/crypto/dist/ssh/clientloop.c Tue Nov 27 04:03:44 2001 +0000
+++ b/crypto/dist/ssh/clientloop.c Tue Nov 27 04:10:22 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: clientloop.c,v 1.12 2001/11/07 06:26:47 itojun Exp $ */
+/* $NetBSD: clientloop.c,v 1.13 2001/11/27 04:10:23 itojun Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -60,7 +60,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.86 2001/10/24 19:57:40 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.88 2001/11/22 12:34:22 markus Exp $");
#include "ssh.h"
#include "ssh1.h"
@@ -102,8 +102,8 @@
* window size to be sent to the server a little later. This is volatile
* because this is updated in a signal handler.
*/
-static volatile int received_window_change_signal = 0;
-static volatile int received_signal = 0;
+static volatile sig_atomic_t received_window_change_signal = 0;
+static volatile sig_atomic_t received_signal = 0;
/* Flag indicating whether the user\'s terminal is in non-blocking mode. */
static int in_non_blocking_mode = 0;
@@ -347,8 +347,8 @@
if (session_closed && !channel_still_open() &&
!packet_have_data_to_write()) {
/* clear mask since we did not call select() */
- memset(*readsetp, 0, *maxfdp);
- memset(*writesetp, 0, *maxfdp);
+ memset(*readsetp, 0, *nallocp);
+ memset(*writesetp, 0, *nallocp);
return;
} else {
FD_SET(connection_in, *readsetp);
@@ -376,8 +376,8 @@
* We have to return, because the mainloop checks for the flags
* set by the signal handlers.
*/
- memset(*readsetp, 0, *maxfdp);
- memset(*writesetp, 0, *maxfdp);
+ memset(*readsetp, 0, *nallocp);
+ memset(*writesetp, 0, *nallocp);
if (errno == EINTR)
return;
diff -r 805af5d577f2 -r 962d0c06cf27 crypto/dist/ssh/deattack.c
--- a/crypto/dist/ssh/deattack.c Tue Nov 27 04:03:44 2001 +0000
+++ b/crypto/dist/ssh/deattack.c Tue Nov 27 04:10:22 2001 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: deattack.c,v 1.8 2001/06/23 19:37:39 itojun Exp $ */
-/* $OpenBSD: deattack.c,v 1.14 2001/06/23 15:12:18 itojun Exp $ */
+/* $NetBSD: deattack.c,v 1.9 2001/11/27 04:10:23 itojun Exp $ */
+/* $OpenBSD: deattack.c,v 1.15 2001/11/19 19:02:16 mpech Exp $ */
/*
* Cryptographic attack detector for ssh - source code
@@ -87,9 +87,9 @@
{
static u_int16_t *h = (u_int16_t *) NULL;
static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
- register u_int32_t i, j;
+ u_int32_t i, j;
u_int32_t l;
- register u_char *c;
+ u_char *c;
u_char *d;
if (len > (SSH_MAXBLOCKS * SSH_BLOCKSIZE) ||
diff -r 805af5d577f2 -r 962d0c06cf27 crypto/dist/ssh/key.c
--- a/crypto/dist/ssh/key.c Tue Nov 27 04:03:44 2001 +0000
+++ b/crypto/dist/ssh/key.c Tue Nov 27 04:10:22 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.10 2001/11/07 06:26:47 itojun Exp $ */
+/* $NetBSD: key.c,v 1.11 2001/11/27 04:10:23 itojun Exp $ */
/*
* read_bignum():
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -33,7 +33,7 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: key.c,v 1.33 2001/10/04 14:34:16 markus Exp $");
+RCSID("$OpenBSD: key.c,v 1.34 2001/11/21 15:51:24 markus Exp $");
#include <openssl/evp.h>
@@ -421,14 +421,15 @@
n = uudecode(cp, blob, len);
if (n < 0) {
error("key_read: uudecode %s failed", cp);
+ xfree(blob);
return -1;
}
k = key_from_blob(blob, n);
+ xfree(blob);
if (k == NULL) {
error("key_read: key_from_blob %s failed", cp);
return -1;
}
- xfree(blob);
if (k->type != type) {
error("key_read: type mismatch: encoding error");
key_free(k);
@@ -455,9 +456,9 @@
#endif
}
/*XXXX*/
+ key_free(k);
if (success != 1)
break;
- key_free(k);
/* advance cp: skip whitespace and data */
while (*cp == ' ' || *cp == '\t')
cp++;
diff -r 805af5d577f2 -r 962d0c06cf27 crypto/dist/ssh/packet.c
--- a/crypto/dist/ssh/packet.c Tue Nov 27 04:03:44 2001 +0000
+++ b/crypto/dist/ssh/packet.c Tue Nov 27 04:10:22 2001 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: packet.c,v 1.12 2001/11/07 06:26:47 itojun Exp $ */
+/* $NetBSD: packet.c,v 1.13 2001/11/27 04:10:23 itojun Exp $ */
/*
* Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
* Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -38,7 +38,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.70 2001/09/27 11:59:37 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.72 2001/11/10 13:37:20 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
@@ -116,6 +116,9 @@
/* Session key information for Encryption and MAC */
Newkeys *newkeys[MODE_MAX];
+/* roundup current message to extra_pad bytes */
+static u_char extra_pad = 0;
+
/*
* Sets the descriptors used for communication. Disables encryption until
* packet_set_encryption_key is called.
@@ -486,9 +489,10 @@
{
static u_int32_t seqnr = 0;
u_char type, *ucp, *macbuf = NULL;
+ u_char padlen, pad;
char *cp;
u_int packet_length = 0;
- u_int i, padlen, len;
+ u_int i, len;
u_int32_t rand = 0;
Enc *enc = NULL;
Mac *mac = NULL;
@@ -534,6 +538,15 @@
padlen = block_size - (len % block_size);
if (padlen < 4)
padlen += block_size;
+ if (extra_pad) {
+ /* will wrap if extra_pad+padlen > 255 */
+ extra_pad = roundup(extra_pad, block_size);
+ pad = extra_pad - ((len + padlen) % extra_pad);
+ debug("packet_send2: adding %d (len %d padlen %d extra_pad %d)",
+ pad, len, padlen, extra_pad);
+ padlen += pad;
+ extra_pad = 0;
+ }
buffer_append_space(&outgoing_packet, &cp, padlen);
if (enc && enc->cipher->number != SSH_CIPHER_NONE) {
/* random padding */
@@ -1233,6 +1246,13 @@
return s;
}
+/* roundup current message to pad bytes */
+void
+packet_add_padding(u_char pad)
+{
+ extra_pad = pad;
+}
+
/*
* 9.2. Ignored Data Message
*
@@ -1244,41 +1264,6 @@
* required to send them. This message can be used as an additional
* protection measure against advanced traffic analysis techniques.
*/
-/* size of current + ignore message should be n*sumlen bytes (w/o mac) */
-void
-packet_inject_ignore(int sumlen)
-{
- int blocksize, padlen, have, need, nb, mini, nbytes;
- Enc *enc = NULL;
-
Home |
Main Index |
Thread Index |
Old Index