From 29d8815749c6f37c2f0ccad4bc17386676fc35e5 Mon Sep 17 00:00:00 2001 From: jbasney Date: Wed, 12 Nov 2003 02:53:04 +0000 Subject: [PATCH] merged OpenSSH 3.7.1p2 to trunk --- openssh/Makefile.in | 13 +++-- openssh/auth-pam.c | 82 ++++++++++++++++++++----------- openssh/cipher.c | 2 + openssh/configure.ac | 40 ++++++++++++++- openssh/log.c | 3 ++ openssh/misc.c | 13 +++-- openssh/openbsd-compat/port-aix.c | 3 +- openssh/openbsd-compat/port-aix.h | 4 +- openssh/packet.c | 4 +- openssh/servconf.c | 2 +- openssh/session.c | 24 +++++---- openssh/ssh-agent.c | 17 ++++--- 12 files changed, 144 insertions(+), 63 deletions(-) diff --git a/openssh/Makefile.in b/openssh/Makefile.in index 775fb19..c9630a8 100644 --- a/openssh/Makefile.in +++ b/openssh/Makefile.in @@ -193,20 +193,18 @@ ssh_prng_cmds.out: ssh_prng_cmds moduli: echo -clean: +clean: regressclean rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core (cd openbsd-compat && $(MAKE) clean) - (cd regress && $(MAKE) clean) -distclean: +distclean: regressclean rm -f *.o *.a $(TARGETS) logintest config.cache config.log rm -f *.out core rm -f Makefile config.h config.status ssh_prng_cmds *~ rm -rf autom4te.cache (cd openbsd-compat && $(MAKE) distclean) (cd scard && $(MAKE) distclean) - (cd regress && $(MAKE) distclean) veryclean: distclean rm -f configure config.h.in *.0 @@ -392,6 +390,8 @@ uninstall: tests: $(TARGETS) BUILDDIR=`pwd`; \ [ -d `pwd`/regress ] || mkdir -p `pwd`/regress; \ + [ -f `pwd`/regress/Makefile ] || \ + ln -s $(srcdir)/regress/Makefile `pwd`/regress/Makefile ; \ TEST_SSH_SSH="$${BUILDDIR}/ssh"; \ TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \ TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \ @@ -417,3 +417,8 @@ tests: $(TARGETS) TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \ EXEEXT="$(EXEEXT)" \ $@ + +regressclean: + if [ -f regress/Makefile -a -r regress/Makefile ]; then \ + (cd regress && $(MAKE) clean) \ + fi diff --git a/openssh/auth-pam.c b/openssh/auth-pam.c index bc1af46..6d55b75 100644 --- a/openssh/auth-pam.c +++ b/openssh/auth-pam.c @@ -111,12 +111,12 @@ pthread_join(sp_pthread_t thread, void **value __unused) #endif -static pam_handle_t *sshpam_handle; -static int sshpam_err; -static int sshpam_authenticated; -static int sshpam_new_authtok_reqd; -static int sshpam_session_open; -static int sshpam_cred_established; +static pam_handle_t *sshpam_handle = NULL; +static int sshpam_err = 0; +static int sshpam_authenticated = 0; +static int sshpam_new_authtok_reqd = 0; +static int sshpam_session_open = 0; +static int sshpam_cred_established = 0; struct pam_ctxt { sp_pthread_t pam_thread; @@ -136,42 +136,51 @@ sshpam_thread_conv(int n, const struct pam_message **msg, { Buffer buffer; struct pam_ctxt *ctxt; + struct pam_response *reply; int i; + *resp = NULL; + ctxt = data; if (n <= 0 || n > PAM_MAX_NUM_MSG) return (PAM_CONV_ERR); - *resp = xmalloc(n * sizeof **resp); + + if ((reply = malloc(n * sizeof(*reply))) == NULL) + return (PAM_CONV_ERR); + memset(reply, 0, n * sizeof(*reply)); + buffer_init(&buffer); for (i = 0; i < n; ++i) { - resp[i]->resp_retcode = 0; - resp[i]->resp = NULL; switch (PAM_MSG_MEMBER(msg, i, msg_style)) { case PAM_PROMPT_ECHO_OFF: - buffer_put_cstring(&buffer, PAM_MSG_MEMBER(msg, i, msg)); + buffer_put_cstring(&buffer, + PAM_MSG_MEMBER(msg, i, msg)); ssh_msg_send(ctxt->pam_csock, PAM_MSG_MEMBER(msg, i, msg_style), &buffer); ssh_msg_recv(ctxt->pam_csock, &buffer); if (buffer_get_char(&buffer) != PAM_AUTHTOK) goto fail; - resp[i]->resp = buffer_get_string(&buffer, NULL); + reply[i].resp = buffer_get_string(&buffer, NULL); break; case PAM_PROMPT_ECHO_ON: - buffer_put_cstring(&buffer, PAM_MSG_MEMBER(msg, i, msg)); + buffer_put_cstring(&buffer, + PAM_MSG_MEMBER(msg, i, msg)); ssh_msg_send(ctxt->pam_csock, PAM_MSG_MEMBER(msg, i, msg_style), &buffer); ssh_msg_recv(ctxt->pam_csock, &buffer); if (buffer_get_char(&buffer) != PAM_AUTHTOK) goto fail; - resp[i]->resp = buffer_get_string(&buffer, NULL); + reply[i].resp = buffer_get_string(&buffer, NULL); break; case PAM_ERROR_MSG: - buffer_put_cstring(&buffer, PAM_MSG_MEMBER(msg, i, msg)); + buffer_put_cstring(&buffer, + PAM_MSG_MEMBER(msg, i, msg)); ssh_msg_send(ctxt->pam_csock, PAM_MSG_MEMBER(msg, i, msg_style), &buffer); break; case PAM_TEXT_INFO: - buffer_put_cstring(&buffer, PAM_MSG_MEMBER(msg, i, msg)); + buffer_put_cstring(&buffer, + PAM_MSG_MEMBER(msg, i, msg)); ssh_msg_send(ctxt->pam_csock, PAM_MSG_MEMBER(msg, i, msg_style), &buffer); break; @@ -181,12 +190,15 @@ sshpam_thread_conv(int n, const struct pam_message **msg, buffer_clear(&buffer); } buffer_free(&buffer); + *resp = reply; return (PAM_SUCCESS); + fail: - while (i) - xfree(resp[--i]); - xfree(*resp); - *resp = NULL; + for(i = 0; i < n; i++) { + if (reply[i].resp != NULL) + xfree(reply[i].resp); + } + xfree(reply); buffer_free(&buffer); return (PAM_CONV_ERR); } @@ -258,6 +270,8 @@ sshpam_cleanup(void *arg) { (void)arg; debug("PAM: cleanup"); + if (sshpam_handle == NULL) + return; pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); if (sshpam_cred_established) { pam_setcred(sshpam_handle, PAM_DELETE_CRED); @@ -600,40 +614,50 @@ pam_chauthtok_conv(int n, const struct pam_message **msg, struct pam_response **resp, void *data) { char input[PAM_MAX_MSG_SIZE]; + struct pam_response *reply; int i; + *resp = NULL; + if (n <= 0 || n > PAM_MAX_NUM_MSG) return (PAM_CONV_ERR); - *resp = xmalloc(n * sizeof **resp); + + if ((reply = malloc(n * sizeof(*reply))) == NULL) + return (PAM_CONV_ERR); + memset(reply, 0, n * sizeof(*reply)); + for (i = 0; i < n; ++i) { switch (PAM_MSG_MEMBER(msg, i, msg_style)) { case PAM_PROMPT_ECHO_OFF: - resp[i]->resp = + reply[i].resp = read_passphrase(PAM_MSG_MEMBER(msg, i, msg), RP_ALLOW_STDIN); - resp[i]->resp_retcode = PAM_SUCCESS; + reply[i].resp_retcode = PAM_SUCCESS; break; case PAM_PROMPT_ECHO_ON: fputs(PAM_MSG_MEMBER(msg, i, msg), stderr); fgets(input, sizeof input, stdin); - resp[i]->resp = xstrdup(input); - resp[i]->resp_retcode = PAM_SUCCESS; + reply[i].resp = xstrdup(input); + reply[i].resp_retcode = PAM_SUCCESS; break; case PAM_ERROR_MSG: case PAM_TEXT_INFO: fputs(PAM_MSG_MEMBER(msg, i, msg), stderr); - resp[i]->resp_retcode = PAM_SUCCESS; + reply[i].resp_retcode = PAM_SUCCESS; break; default: goto fail; } } + *resp = reply; return (PAM_SUCCESS); + fail: - while (i) - xfree(resp[--i]); - xfree(*resp); - *resp = NULL; + for(i = 0; i < n; i++) { + if (reply[i].resp != NULL) + xfree(reply[i].resp); + } + xfree(reply); return (PAM_CONV_ERR); } diff --git a/openssh/cipher.c b/openssh/cipher.c index e7c3c54..ce53367 100644 --- a/openssh/cipher.c +++ b/openssh/cipher.c @@ -87,9 +87,11 @@ struct Cipher { { "rijndael-cbc@lysator.liu.se", SSH_CIPHER_SSH2, 16, 32, EVP_aes_256_cbc }, #endif +#if OPENSSL_VERSION_NUMBER >= 0x00906000L { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, evp_aes_128_ctr }, { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, evp_aes_128_ctr }, { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, evp_aes_128_ctr }, +#endif { NULL, SSH_CIPHER_ILLEGAL, 0, 0, NULL } }; diff --git a/openssh/configure.ac b/openssh/configure.ac index 8cc76b9..a5d692a 100644 --- a/openssh/configure.ac +++ b/openssh/configure.ac @@ -132,6 +132,9 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) [AC_MSG_RESULT(buggy) AC_DEFINE(BROKEN_GETADDRINFO)], [AC_MSG_RESULT(assume it is working)]) + AC_DEFINE(SETEUID_BREAKS_SETUID) + AC_DEFINE(BROKEN_SETREUID) + AC_DEFINE(BROKEN_SETREGID) ;; *-*-hpux10.26) if test -z "$GCC"; then @@ -198,6 +201,9 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) AC_DEFINE(WITH_IRIX_AUDIT) AC_CHECK_FUNC(jlimit_startjob, [AC_DEFINE(WITH_IRIX_JOBS)]) AC_DEFINE(BROKEN_INET_NTOA) + AC_DEFINE(SETEUID_BREAKS_SETUID) + AC_DEFINE(BROKEN_SETREUID) + AC_DEFINE(BROKEN_SETREGID) AC_DEFINE(WITH_ABBREV_NO_TTY) AC_DEFINE(LOCKED_PASSWD_STRING, "*LK*") ;; @@ -227,6 +233,11 @@ mips-sony-bsd|mips-sony-newsos4) *-*-freebsd*) check_for_libcrypt_later=1 ;; +*-*-bsdi*) + AC_DEFINE(SETEUID_BREAKS_SETUID) + AC_DEFINE(BROKEN_SETREUID) + AC_DEFINE(BROKEN_SETREGID) + ;; *-next-*) conf_lastlog_location="/usr/adm/lastlog" conf_utmp_location=/etc/utmp @@ -278,6 +289,9 @@ mips-sony-bsd|mips-sony-newsos4) LIBS="$LIBS -lc89" AC_DEFINE(USE_PIPES) AC_DEFINE(SSHD_ACQUIRES_CTTY) + AC_DEFINE(SETEUID_BREAKS_SETUID) + AC_DEFINE(BROKEN_SETREUID) + AC_DEFINE(BROKEN_SETREGID) ;; *-sni-sysv*) CPPFLAGS="$CPPFLAGS -I/usr/local/include" @@ -395,6 +409,9 @@ mips-sony-bsd|mips-sony-newsos4) fi AC_DEFINE(DISABLE_FD_PASSING) AC_DEFINE(BROKEN_GETADDRINFO) + AC_DEFINE(SETEUID_BREAKS_SETUID) + AC_DEFINE(BROKEN_SETREUID) + AC_DEFINE(BROKEN_SETREGID) AC_DEFINE(LOCKED_PASSWD_SUBSTR, "Nologin") ;; @@ -463,7 +480,7 @@ AC_CHECK_HEADERS(bstring.h crypt.h endian.h features.h floatingpoint.h \ sys/cdefs.h sys/mman.h sys/pstat.h sys/select.h sys/stat.h \ sys/stropts.h sys/sysmacros.h sys/time.h sys/timers.h \ sys/un.h time.h tmpdir.h ttyent.h usersec.h \ - util.h utime.h utmp.h utmpx.h) + util.h utime.h utmp.h utmpx.h vis.h) # Checks for libraries. AC_CHECK_FUNC(yp_match, , AC_CHECK_LIB(nsl, yp_match)) @@ -833,7 +850,7 @@ dnl Checks for library functions. Please keep in alphabetical order AC_CHECK_FUNCS(\ arc4random __b64_ntop b64_ntop __b64_pton b64_pton basename \ bcopy bindresvport_sa clock fchmod fchown freeaddrinfo futimes \ - gai_strerror getaddrinfo getcwd getgrouplist getnameinfo getopt \ + getaddrinfo getcwd getgrouplist getnameinfo getopt \ getpeereid _getpty getrlimit getttyent glob inet_aton \ inet_ntoa inet_ntop innetgr login_getcapbool md5_crypt memmove \ mkdtemp mmap ngetaddrinfo nsleep ogetaddrinfo openlog_r openpty \ @@ -845,6 +862,21 @@ AC_CHECK_FUNCS(\ truncate utimes vhangup vsnprintf waitpid \ ) +# IRIX has a const char return value for gai_strerror() +AC_CHECK_FUNCS(gai_strerror,[ + AC_DEFINE(HAVE_GAI_STRERROR) + AC_TRY_COMPILE([ +#include +#include +#include + +const char *gai_strerror(int);],[ +char *str; + +str = gai_strerror(0);],[ + AC_DEFINE(HAVE_CONST_GAI_STRERROR_PROTO, 1, + [Define if gai_strerror() returns const char *])])]) + AC_SEARCH_LIBS(nanosleep, rt posix4, AC_DEFINE(HAVE_NANOSLEEP)) dnl Make sure prototypes are defined for these before using them. @@ -2377,11 +2409,15 @@ else fi # check for /etc/default/login and use it if present. +AC_ARG_ENABLE(etc-default-login, + [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],, +[ AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) if test "x$external_path_file" = "x/etc/default/login"; then AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) fi +]) dnl BSD systems use /etc/login.conf so --with-default-path= has no effect if test $ac_cv_func_login_getcapbool = "yes" -a \ diff --git a/openssh/log.c b/openssh/log.c index 58ce8e5..9bce255 100644 --- a/openssh/log.c +++ b/openssh/log.c @@ -40,6 +40,9 @@ RCSID("$OpenBSD: log.c,v 1.28 2003/05/24 09:02:22 djm Exp $"); #include "xmalloc.h" #include +#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) +# include +#endif static LogLevel log_level = SYSLOG_LEVEL_INFO; static int log_on_stderr = 1; diff --git a/openssh/misc.c b/openssh/misc.c index 8700ce6..b28e99c 100644 --- a/openssh/misc.c +++ b/openssh/misc.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.21 2003/04/12 10:15:36 markus Exp $"); +RCSID("$OpenBSD: misc.c,v 1.22 2003/09/18 08:49:45 markus Exp $"); #include "misc.h" #include "log.h" @@ -326,18 +326,21 @@ addargs(arglist *args, char *fmt, ...) { va_list ap; char buf[1024]; + int nalloc; va_start(ap, fmt); vsnprintf(buf, sizeof(buf), fmt, ap); va_end(ap); + nalloc = args->nalloc; if (args->list == NULL) { - args->nalloc = 32; + nalloc = 32; args->num = 0; - } else if (args->num+2 >= args->nalloc) - args->nalloc *= 2; + } else if (args->num+2 >= nalloc) + nalloc *= 2; - args->list = xrealloc(args->list, args->nalloc * sizeof(char *)); + args->list = xrealloc(args->list, nalloc * sizeof(char *)); + args->nalloc = nalloc; args->list[args->num++] = xstrdup(buf); args->list[args->num] = NULL; } diff --git a/openssh/openbsd-compat/port-aix.c b/openssh/openbsd-compat/port-aix.c index 7a98163..9fbcce9 100644 --- a/openssh/openbsd-compat/port-aix.c +++ b/openssh/openbsd-compat/port-aix.c @@ -27,11 +27,12 @@ #include "ssh.h" #include "log.h" #include "servconf.h" +#include "canohost.h" +#include "xmalloc.h" #ifdef _AIX #include -#include <../xmalloc.h> #include "port-aix.h" extern ServerOptions options; diff --git a/openssh/openbsd-compat/port-aix.h b/openssh/openbsd-compat/port-aix.h index 4f1bda1..8a95816 100644 --- a/openssh/openbsd-compat/port-aix.h +++ b/openssh/openbsd-compat/port-aix.h @@ -30,10 +30,10 @@ #ifdef WITH_AIXAUTHENTICATE # include # include -# include -# ifdef HAVE_SYS_AUDIT_H +# if defined(HAVE_SYS_AUDIT_H) && defined(AIX_LOGINFAILED_4ARG) # include # endif +# include #endif /* Some versions define r_type in the above headers, which causes a conflict */ diff --git a/openssh/packet.c b/openssh/packet.c index 21b91ec..7534148 100644 --- a/openssh/packet.c +++ b/openssh/packet.c @@ -37,7 +37,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: packet.c,v 1.109 2003/07/10 14:42:28 markus Exp $"); +RCSID("$OpenBSD: packet.c,v 1.110 2003/09/19 09:02:02 markus Exp $"); #include "openbsd-compat/sys-queue.h" @@ -1020,7 +1020,9 @@ packet_read_poll2(u_int32_t *seqnr_p) cp = buffer_ptr(&incoming_packet); packet_length = GET_32BIT(cp); if (packet_length < 1 + 4 || packet_length > 256 * 1024) { +#ifdef PACKET_DEBUG buffer_dump(&incoming_packet); +#endif packet_disconnect("Bad packet length %u.", packet_length); } DBG(debug("input: packet len %u", packet_length+4)); diff --git a/openssh/servconf.c b/openssh/servconf.c index 56f5f44..4ac396e 100644 --- a/openssh/servconf.c +++ b/openssh/servconf.c @@ -117,7 +117,7 @@ fill_default_server_options(ServerOptions *options) { /* Portable-specific options */ if (options->use_pam == -1) - options->use_pam = 1; + options->use_pam = 0; /* Standard Options */ if (options->protocol == SSH_PROTO_UNKNOWN) diff --git a/openssh/session.c b/openssh/session.c index d79c6cb..5be007e 100644 --- a/openssh/session.c +++ b/openssh/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.163 2003/08/31 13:29:05 markus Exp $"); +RCSID("$OpenBSD: session.c,v 1.164 2003/09/18 08:49:45 markus Exp $"); #include "ssh.h" #include "ssh1.h" @@ -841,8 +841,9 @@ void child_set_env(char ***envp, u_int *envsizep, const char *name, const char *value) { - u_int i, namelen; char **env; + u_int envsize; + u_int i, namelen; /* * If we're passed an uninitialized list, allocate a single null @@ -869,12 +870,13 @@ child_set_env(char ***envp, u_int *envsizep, const char *name, xfree(env[i]); } else { /* New variable. Expand if necessary. */ - if (i >= (*envsizep) - 1) { - if (*envsizep >= 1000) - fatal("child_set_env: too many env vars," - " skipping: %.100s", name); - (*envsizep) += 50; - env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *)); + envsize = *envsizep; + if (i >= envsize - 1) { + if (envsize >= 1000) + fatal("child_set_env: too many env vars"); + envsize += 50; + env = (*envp) = xrealloc(env, envsize * sizeof(char *)); + *envsizep = envsize; } /* Need to set the NULL pointer at end of array beyond the new slot. */ env[i + 1] = NULL; @@ -1066,8 +1068,7 @@ static void read_etc_default_login(char ***env, u_int *envsize, uid_t uid) { char **tmpenv = NULL, *var; - u_int i; - size_t tmpenvsize = 0; + u_int i, tmpenvsize = 0; mode_t mask; /* @@ -1077,6 +1078,9 @@ read_etc_default_login(char ***env, u_int *envsize, uid_t uid) */ read_environment_file(&tmpenv, &tmpenvsize, "/etc/default/login"); + if (tmpenv == NULL) + return; + if (uid == 0) var = child_get_env(tmpenv, "SUPATH"); else diff --git a/openssh/ssh-agent.c b/openssh/ssh-agent.c index c05c614..e1e6cae 100644 --- a/openssh/ssh-agent.c +++ b/openssh/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include "openbsd-compat/sys-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.111 2003/06/12 19:12:03 markus Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.112 2003/09/18 08:49:45 markus Exp $"); #include #include @@ -784,7 +784,7 @@ process_message(SocketEntry *e) static void new_socket(sock_type type, int fd) { - u_int i, old_alloc; + u_int i, old_alloc, new_alloc; if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) error("fcntl O_NONBLOCK: %s", strerror(errno)); @@ -795,25 +795,26 @@ new_socket(sock_type type, int fd) for (i = 0; i < sockets_alloc; i++) if (sockets[i].type == AUTH_UNUSED) { sockets[i].fd = fd; - sockets[i].type = type; buffer_init(&sockets[i].input); buffer_init(&sockets[i].output); buffer_init(&sockets[i].request); + sockets[i].type = type; return; } old_alloc = sockets_alloc; - sockets_alloc += 10; + new_alloc = sockets_alloc + 10; if (sockets) - sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); + sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0])); else - sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); - for (i = old_alloc; i < sockets_alloc; i++) + sockets = xmalloc(new_alloc * sizeof(sockets[0])); + for (i = old_alloc; i < new_alloc; i++) sockets[i].type = AUTH_UNUSED; - sockets[old_alloc].type = type; + sockets_alloc = new_alloc; sockets[old_alloc].fd = fd; buffer_init(&sockets[old_alloc].input); buffer_init(&sockets[old_alloc].output); buffer_init(&sockets[old_alloc].request); + sockets[old_alloc].type = type; } static int -- 2.45.2