struct spwd *spw;
#endif
- if (pw->pw_uid == 0 && options.permit_root_login == 2) {
- /* Server does not permit root login with password */
+ if (pw->pw_uid == 0 && options.permit_root_login == 2)
return 0;
- }
- if (*password == '\0' && options.permit_empty_passwd == 0) {
- /* Server does not permit empty password login */
+ if (*password == '\0' && options.permit_empty_passwd == 0)
return 0;
- }
/* deny if no user. */
if (pw == NULL)
return 0;
#endif
#if defined(KRB4)
- /* Support for Kerberos v4 authentication - Dug Song
- <dugsong@UMICH.EDU> */
+ /*
+ * Support for Kerberos v4 authentication
+ * - Dug Song <dugsong@UMICH.EDU>
+ */
if (options.kerberos_authentication) {
AUTH_DAT adata;
KTEXT_ST tkt;
char realm[REALM_SZ];
int r;
- /* Try Kerberos password authentication only for non-root
- users and only if Kerberos is installed. */
+ /*
+ * Try Kerberos password authentication only for non-root
+ * users and only if Kerberos is installed.
+ */
if (pw->pw_uid != 0 && krb_get_lrealm(realm, 1) == KSUCCESS) {
/* Set up our ticket file. */
goto kerberos_auth_failure;
}
} else if (r == KDC_PR_UNKNOWN) {
- /* Allow login if no rcmd service exists,
- but log the error. */
+ /*
+ * Allow login if no rcmd service exists, but
+ * log the error.
+ */
log("Kerberos V4 TGT for %s unverifiable: %s; %s.%s "
"not registered, or srvtab is wrong?", pw->pw_name,
krb_err_txt[r], KRB4_SERVICE_NAME, phost);
} else {
- /* TGT is bad, forget it. Possibly
- spoofed! */
+ /*
+ * TGT is bad, forget it. Possibly spoofed!
+ */
packet_send_debug("WARNING: Kerberos V4 TGT "
"possibly spoofed for %s: %s",
pw->pw_name, krb_err_txt[r]);
#endif /* KRB4 */
/* Check for users with no password. */
- if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) {
- packet_send_debug("Login permitted without a password "
- "because the account has no password.");
+ if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0)
return 1;
- }
#ifdef HAVE_SHADOW_H
spw = getspnam(pw->pw_name);
#include "uidswap.h"
#include "servconf.h"
-/* Tries to authenticate the user using the .rhosts file and the host using
- its host key. Returns true if authentication succeeds. */
+/*
+ * Tries to authenticate the user using the .rhosts file and the host using
+ * its host key. Returns true if authentication succeeds.
+ */
int
auth_rhosts_rsa(struct passwd *pw, const char *client_user,
if (host_status != HOST_OK && !options.ignore_user_known_hosts) {
struct stat st;
char *user_hostfile = tilde_expand_filename(SSH_USER_HOSTFILE, pw->pw_uid);
- /* Check file permissions of SSH_USER_HOSTFILE, auth_rsa()
- did already check pw->pw_dir, but there is a race XXX */
+ /*
+ * Check file permissions of SSH_USER_HOSTFILE, auth_rsa()
+ * did already check pw->pw_dir, but there is a race XXX
+ */
if (options.strict_modes &&
(stat(user_hostfile, &st) == 0) &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
canonical_hostname);
return 0;
}
- /* We have authenticated the user using .rhosts or /etc/hosts.equiv, and the host using RSA.
- We accept the authentication. */
+ /*
+ * We have authenticated the user using .rhosts or /etc/hosts.equiv,
+ * and the host using RSA. We accept the authentication.
+ */
verbose("Rhosts with RSA host authentication accepted for %.100s, %.100s on %.700s.",
pw->pw_name, client_user, canonical_hostname);
#include "uidswap.h"
#include "servconf.h"
-/* This function processes an rhosts-style file (.rhosts, .shosts, or
- /etc/hosts.equiv). This returns true if authentication can be granted
- based on the file, and returns zero otherwise. */
+/*
+ * This function processes an rhosts-style file (.rhosts, .shosts, or
+ * /etc/hosts.equiv). This returns true if authentication can be granted
+ * based on the file, and returns zero otherwise.
+ */
int
check_rhosts_file(const char *filename, const char *hostname,
if (!f)
return 0;
- /* Go through the file, checking every entry. */
while (fgets(buf, sizeof(buf), f)) {
/* All three must be at least as big as buf to avoid overflows. */
char hostbuf[1024], userbuf[1024], dummy[1024], *host, *user, *cp;
if (*cp == '#' || *cp == '\n' || !*cp)
continue;
- /* NO_PLUS is supported at least on OSF/1. We skip it (we
- don't ever support the plus syntax). */
+ /*
+ * NO_PLUS is supported at least on OSF/1. We skip it (we
+ * don't ever support the plus syntax).
+ */
if (strncmp(cp, "NO_PLUS", 7) == 0)
continue;
- /* This should be safe because each buffer is as big as
- the whole string, and thus cannot be overwritten. */
+ /*
+ * This should be safe because each buffer is as big as the
+ * whole string, and thus cannot be overwritten.
+ */
switch (sscanf(buf, "%s %s %s", hostbuf, userbuf, dummy)) {
case 0:
packet_send_debug("Found empty line in %.100s.", filename);
return 0;
}
-/* Tries to authenticate the user using the .shosts or .rhosts file.
- Returns true if authentication succeeds. If ignore_rhosts is
- true, only /etc/hosts.equiv will be considered (.rhosts and .shosts
- are ignored). */
+/*
+ * Tries to authenticate the user using the .shosts or .rhosts file. Returns
+ * true if authentication succeeds. If ignore_rhosts is true, only
+ * /etc/hosts.equiv will be considered (.rhosts and .shosts are ignored).
+ */
int
auth_rhosts(struct passwd *pw, const char *client_user)
static const char *rhosts_files[] = {".shosts", ".rhosts", NULL};
unsigned int rhosts_file_index;
- /* Quick check: if the user has no .shosts or .rhosts files,
- return failure immediately without doing costly lookups from
- name servers. */
/* Switch to the user's uid. */
temporarily_use_uid(pw->pw_uid);
+ /*
+ * Quick check: if the user has no .shosts or .rhosts files, return
+ * failure immediately without doing costly lookups from name
+ * servers.
+ */
for (rhosts_file_index = 0; rhosts_files[rhosts_file_index];
rhosts_file_index++) {
/* Check users .rhosts or .shosts. */
stat(SSH_HOSTS_EQUIV, &st) < 0)
return 0;
- /* Get the name, address, and port of the remote host. */
hostname = get_canonical_hostname();
ipaddr = get_remote_ipaddr();
return 1;
}
}
- /* Check that the home directory is owned by root or the user, and
- is not group or world writable. */
+ /*
+ * Check that the home directory is owned by root or the user, and is
+ * not group or world writable.
+ */
if (stat(pw->pw_dir, &st) < 0) {
log("Rhosts authentication refused for %.100s: no home directory %.200s",
pw->pw_name, pw->pw_dir);
if (stat(buf, &st) < 0)
continue;
- /* Make sure that the file is either owned by the user or
- by root, and make sure it is not writable by anyone but
- the owner. This is to help avoid novices accidentally
- allowing access to their account by anyone. */
+ /*
+ * Make sure that the file is either owned by the user or by
+ * root, and make sure it is not writable by anyone but the
+ * owner. This is to help avoid novices accidentally
+ * allowing access to their account by anyone.
+ */
if (options.strict_modes &&
((st.st_uid != 0 && st.st_uid != pw->pw_uid) ||
(st.st_mode & 022) != 0)) {
extern char *forced_command;
extern struct envstring *custom_environment;
-/* Session identifier that is used to bind key exchange and authentication
- responses to a particular session. */
+/*
+ * Session identifier that is used to bind key exchange and authentication
+ * responses to a particular session.
+ */
extern unsigned char session_id[16];
-/* The .ssh/authorized_keys file contains public keys, one per line, in the
- following format:
- options bits e n comment
- where bits, e and n are decimal numbers,
- and comment is any string of characters up to newline. The maximum
- length of a line is 8000 characters. See the documentation for a
- description of the options.
-*/
+/*
+ * The .ssh/authorized_keys file contains public keys, one per line, in the
+ * following format:
+ * options bits e n comment
+ * where bits, e and n are decimal numbers,
+ * and comment is any string of characters up to newline. The maximum
+ * length of a line is 8000 characters. See the documentation for a
+ * description of the options.
+ */
-/* Performs the RSA authentication challenge-response dialog with the client,
- and returns true (non-zero) if the client gave the correct answer to
- our challenge; returns zero if the client gives a wrong answer. */
+/*
+ * Performs the RSA authentication challenge-response dialog with the client,
+ * and returns true (non-zero) if the client gave the correct answer to
+ * our challenge; returns zero if the client gives a wrong answer.
+ */
int
auth_rsa_challenge_dialog(BIGNUM *e, BIGNUM *n)
return 1;
}
-/* Performs the RSA authentication dialog with the client. This returns
- 0 if the client could not be authenticated, and 1 if authentication was
- successful. This may exit if there is a serious protocol violation. */
+/*
+ * Performs the RSA authentication dialog with the client. This returns
+ * 0 if the client could not be authenticated, and 1 if authentication was
+ * successful. This may exit if there is a serious protocol violation.
+ */
int
auth_rsa(struct passwd *pw, BIGNUM *client_n)
/* Flag indicating whether authentication has succeeded. */
authenticated = 0;
- /* Initialize mp-int variables. */
e = BN_new();
n = BN_new();
- /* Go though the accepted keys, looking for the current key. If
- found, perform a challenge-response dialog to verify that the
- user really has the corresponding private key. */
+ /*
+ * Go though the accepted keys, looking for the current key. If
+ * found, perform a challenge-response dialog to verify that the
+ * user really has the corresponding private key.
+ */
while (fgets(line, sizeof(line), f)) {
char *cp;
char *options;
linenum++;
- /* Skip leading whitespace. */
- for (cp = line; *cp == ' ' || *cp == '\t'; cp++);
-
- /* Skip empty and comment lines. */
+ /* Skip leading whitespace, empty and comment lines. */
+ for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
+ ;
if (!*cp || *cp == '\n' || *cp == '#')
continue;
- /* Check if there are options for this key, and if so,
- save their starting address and skip the option part
- for now. If there are no options, set the starting
- address to NULL. */
+ /*
+ * Check if there are options for this key, and if so,
+ * save their starting address and skip the option part
+ * for now. If there are no options, set the starting
+ * address to NULL.
+ */
if (*cp < '0' || *cp > '9') {
int quoted = 0;
options = cp;
/* Check if the we have found the desired key (identified by its modulus). */
if (BN_cmp(n, client_n) != 0)
- continue; /* Wrong key. */
+ continue;
/* We have found the desired key. */
packet_send_debug("Wrong response to RSA authentication challenge.");
continue;
}
- /* Correct response. The client has been successfully
- authenticated. Note that we have not yet processed the
- options; this will be reset if the options cause the
- authentication to be rejected. */
+ /*
+ * Correct response. The client has been successfully
+ * authenticated. Note that we have not yet processed the
+ * options; this will be reset if the options cause the
+ * authentication to be rejected.
+ */
authenticated = 1;
/* RSA part of authentication was accepted. Now process the options. */
goto next_option;
}
bad_option:
- /* Unknown option. */
log("Bad options in %.100s file, line %lu: %.50s",
SSH_USER_PERMITTED_KEYS, linenum, options);
packet_send_debug("Bad options in %.100s file, line %lu: %.50s",
break;
next_option:
- /* Skip the comma, and move to the next option
- (or break out if there are no more). */
+ /*
+ * Skip the comma, and move to the next option
+ * (or break out if there are no more).
+ */
if (!*options)
fatal("Bugs in auth-rsa.c option processing.");
if (*options == ' ' || *options == '\t')
- break; /* End of options. */
+ break; /* End of options. */
if (*options != ',')
goto bad_option;
options++;
continue;
}
}
- /* Break out of the loop if authentication was successful;
- otherwise continue searching. */
+ /*
+ * Break out of the loop if authentication was successful;
+ * otherwise continue searching.
+ */
if (authenticated)
break;
}
/* Close the file. */
fclose(f);
- /* Clear any mp-int variables. */
BN_clear_free(n);
BN_clear_free(e);
#include "includes.h"
#ifdef SKEY
-
RCSID("$Id$");
#include "ssh.h"
-#include <sha1.h>
+#ifdef HAVE_OPENSSL
+#include <openssl/sha1.h>
+#endif
+#ifdef HAVE_SSL
+#include <ssl/sha1.h>
+#endif
/* from %OpenBSD: skeylogin.c,v 1.32 1999/08/16 14:46:56 millert Exp % */
return sock;
}
-/* Closes the agent socket if it should be closed (depends on how it was
- obtained). The argument must have been returned by
- ssh_get_authentication_socket(). */
+/*
+ * Closes the agent socket if it should be closed (depends on how it was
+ * obtained). The argument must have been returned by
+ * ssh_get_authentication_socket().
+ */
void
ssh_close_authentication_socket(int sock)
close(sock);
}
-/* Opens and connects a private socket for communication with the
- authentication agent. Returns the file descriptor (which must be
- shut down and closed by the caller when no longer needed).
- Returns NULL if an error occurred and the connection could not be
- opened. */
+/*
+ * Opens and connects a private socket for communication with the
+ * authentication agent. Returns the file descriptor (which must be
+ * shut down and closed by the caller when no longer needed).
+ * Returns NULL if an error occurred and the connection could not be
+ * opened.
+ */
AuthenticationConnection *
ssh_get_authentication_connection()
sock = ssh_get_authentication_socket();
- /* Fail if we couldn't obtain a connection. This happens if we
- exited due to a timeout. */
+ /*
+ * Fail if we couldn't obtain a connection. This happens if we
+ * exited due to a timeout.
+ */
if (sock < 0)
return NULL;
- /* Applocate the connection structure and initialize it. */
auth = xmalloc(sizeof(*auth));
auth->fd = sock;
buffer_init(&auth->packet);
return auth;
}
-/* Closes the connection to the authentication agent and frees any associated
- memory. */
+/*
+ * Closes the connection to the authentication agent and frees any associated
+ * memory.
+ */
void
ssh_close_authentication_connection(AuthenticationConnection *ac)
xfree(ac);
}
-/* Returns the first authentication identity held by the agent.
- Returns true if an identity is available, 0 otherwise.
- The caller must initialize the integers before the call, and free the
- comment after a successful call (before calling ssh_get_next_identity). */
+/*
+ * Returns the first authentication identity held by the agent.
+ * Returns true if an identity is available, 0 otherwise.
+ * The caller must initialize the integers before the call, and free the
+ * comment after a successful call (before calling ssh_get_next_identity).
+ */
int
ssh_get_first_identity(AuthenticationConnection *auth,
unsigned char msg[8192];
int len, l;
- /* Send a message to the agent requesting for a list of the
- identities it can represent. */
+ /*
+ * Send a message to the agent requesting for a list of the
+ * identities it can represent.
+ */
msg[0] = 0;
msg[1] = 0;
msg[2] = 0;
len -= l;
}
- /* Extract the length, and check it for sanity. (We cannot trust
- authentication agents). */
+ /*
+ * Extract the length, and check it for sanity. (We cannot trust
+ * authentication agents).
+ */
len = GET_32BIT(msg);
if (len < 1 || len > 256 * 1024)
fatal("Authentication reply message too long: %d\n", len);
return ssh_get_next_identity(auth, e, n, comment);
}
-/* Returns the next authentication identity for the agent. Other functions
- can be called between this and ssh_get_first_identity or two calls of this
- function. This returns 0 if there are no more identities. The caller
- must free comment after a successful return. */
+/*
+ * Returns the next authentication identity for the agent. Other functions
+ * can be called between this and ssh_get_first_identity or two calls of this
+ * function. This returns 0 if there are no more identities. The caller
+ * must free comment after a successful return.
+ */
int
ssh_get_next_identity(AuthenticationConnection *auth,
if (auth->howmany <= 0)
return 0;
- /* Get the next entry from the packet. These will abort with a
- fatal error if the packet is too short or contains corrupt data. */
+ /*
+ * Get the next entry from the packet. These will abort with a fatal
+ * error if the packet is too short or contains corrupt data.
+ */
bits = buffer_get_int(&auth->identities);
buffer_get_bignum(&auth->identities, e);
buffer_get_bignum(&auth->identities, n);
return 1;
}
-/* Generates a random challenge, sends it to the agent, and waits for response
- from the agent. Returns true (non-zero) if the agent gave the correct
- answer, zero otherwise. Response type selects the style of response
- desired, with 0 corresponding to protocol version 1.0 (no longer supported)
- and 1 corresponding to protocol version 1.1. */
+/*
+ * Generates a random challenge, sends it to the agent, and waits for
+ * response from the agent. Returns true (non-zero) if the agent gave the
+ * correct answer, zero otherwise. Response type selects the style of
+ * response desired, with 0 corresponding to protocol version 1.0 (no longer
+ * supported) and 1 corresponding to protocol version 1.1.
+ */
int
ssh_decrypt_challenge(AuthenticationConnection *auth,
buffer_free(&buffer);
return 0;
}
- /* Wait for response from the agent. First read the length of the
- response packet. */
+ /*
+ * Wait for response from the agent. First read the length of the
+ * response packet.
+ */
len = 4;
while (len > 0) {
l = read(auth->fd, buf + 4 - len, len);
if (buf[0] != SSH_AGENT_RSA_RESPONSE)
fatal("Bad authentication response: %d", buf[0]);
- /* Get the response from the packet. This will abort with a fatal
- error if the packet is corrupt. */
+ /*
+ * Get the response from the packet. This will abort with a fatal
+ * error if the packet is corrupt.
+ */
for (i = 0; i < 16; i++)
response[i] = buffer_get_char(&buffer);
return 1;
}
-/* Adds an identity to the authentication server. This call is not meant to
- be used by normal applications. */
+/*
+ * Adds an identity to the authentication server. This call is not meant to
+ * be used by normal applications.
+ */
int
ssh_add_identity(AuthenticationConnection *auth,
return 0;
}
-/* Removes an identity from the authentication server. This call is not meant
- to be used by normal applications. */
+/*
+ * Removes an identity from the authentication server. This call is not
+ * meant to be used by normal applications.
+ */
int
ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
buffer_free(&buffer);
return 0;
}
- /* Wait for response from the agent. First read the length of the
- response packet. */
+ /*
+ * Wait for response from the agent. First read the length of the
+ * response packet.
+ */
len = 4;
while (len > 0) {
l = read(auth->fd, buf + 4 - len, len);
return 0;
}
-/* Removes all identities from the agent. This call is not meant
- to be used by normal applications. */
+/*
+ * Removes all identities from the agent. This call is not meant to be used
+ * by normal applications.
+ */
int
ssh_remove_all_identities(AuthenticationConnection *auth)
error("Error writing to authentication socket.");
return 0;
}
- /* Wait for response from the agent. First read the length of the
- response packet. */
+ /*
+ * Wait for response from the agent. First read the length of the
+ * response packet.
+ */
len = 4;
while (len > 0) {
l = read(auth->fd, buf + 4 - len, len);
/* Returns the number of the authentication fd, or -1 if there is none. */
int ssh_get_authentication_socket();
-/* This should be called for any descriptor returned by
- ssh_get_authentication_socket(). Depending on the way the descriptor was
- obtained, this may close the descriptor. */
+/*
+ * This should be called for any descriptor returned by
+ * ssh_get_authentication_socket(). Depending on the way the descriptor was
+ * obtained, this may close the descriptor.
+ */
void ssh_close_authentication_socket(int authfd);
-/* Opens and connects a private socket for communication with the
- authentication agent. Returns NULL if an error occurred and the
- connection could not be opened. The connection should be closed by
- the caller by calling ssh_close_authentication_connection(). */
+/*
+ * Opens and connects a private socket for communication with the
+ * authentication agent. Returns NULL if an error occurred and the
+ * connection could not be opened. The connection should be closed by the
+ * caller by calling ssh_close_authentication_connection().
+ */
AuthenticationConnection *ssh_get_authentication_connection();
-/* Closes the connection to the authentication agent and frees any associated
- memory. */
+/*
+ * Closes the connection to the authentication agent and frees any associated
+ * memory.
+ */
void ssh_close_authentication_connection(AuthenticationConnection * ac);
-/* Returns the first authentication identity held by the agent.
- Returns true if an identity is available, 0 otherwise.
- The caller must initialize the integers before the call, and free the
- comment after a successful call (before calling ssh_get_next_identity). */
+/*
+ * Returns the first authentication identity held by the agent. Returns true
+ * if an identity is available, 0 otherwise. The caller must initialize the
+ * integers before the call, and free the comment after a successful call
+ * (before calling ssh_get_next_identity).
+ */
int
ssh_get_first_identity(AuthenticationConnection * connection,
BIGNUM * e, BIGNUM * n, char **comment);
-/* Returns the next authentication identity for the agent. Other functions
- can be called between this and ssh_get_first_identity or two calls of this
- function. This returns 0 if there are no more identities. The caller
- must free comment after a successful return. */
+/*
+ * Returns the next authentication identity for the agent. Other functions
+ * can be called between this and ssh_get_first_identity or two calls of this
+ * function. This returns 0 if there are no more identities. The caller
+ * must free comment after a successful return.
+ */
int
ssh_get_next_identity(AuthenticationConnection * connection,
BIGNUM * e, BIGNUM * n, char **comment);
unsigned int response_type,
unsigned char response[16]);
-/* Adds an identity to the authentication server. This call is not meant to
- be used by normal applications. This returns true if the identity
- was successfully added. */
- int ssh_add_identity(AuthenticationConnection * connection,
- RSA * key, const char *comment);
+/*
+ * Adds an identity to the authentication server. This call is not meant to
+ * be used by normal applications. This returns true if the identity was
+ * successfully added.
+ */
+int
+ssh_add_identity(AuthenticationConnection * connection, RSA * key,
+ const char *comment);
-/* Removes the identity from the authentication server. This call is
- not meant to be used by normal applications. This returns true if the
- identity was successfully added. */
- int ssh_remove_identity(AuthenticationConnection * connection,
- RSA * key);
+/*
+ * Removes the identity from the authentication server. This call is not
+ * meant to be used by normal applications. This returns true if the
+ * identity was successfully added.
+ */
+int ssh_remove_identity(AuthenticationConnection * connection, RSA * key);
-/* Removes all identities from the authentication agent. This call is not
- meant to be used by normal applications. This returns true if the
- operation was successful. */
- int ssh_remove_all_identities(AuthenticationConnection * connection);
+/*
+ * Removes all identities from the authentication agent. This call is not
+ * meant to be used by normal applications. This returns true if the
+ * operation was successful.
+ */
+int ssh_remove_all_identities(AuthenticationConnection * connection);
/* Closes the connection to the authentication agent. */
- void ssh_close_authentication(AuthenticationConnection * connection);
+void ssh_close_authentication(AuthenticationConnection * connection);
#endif /* AUTHFD_H */
/* Version identification string for identity files. */
#define AUTHFILE_ID_STRING "SSH PRIVATE KEY FILE FORMAT 1.1\n"
-/* Saves the authentication (private) key in a file, encrypting it with
- passphrase. The identification of the file (lowest 64 bits of n)
- will precede the key to provide identification of the key without
- needing a passphrase. */
+/*
+ * Saves the authentication (private) key in a file, encrypting it with
+ * passphrase. The identification of the file (lowest 64 bits of n) will
+ * precede the key to provide identification of the key without needing a
+ * passphrase.
+ */
int
save_private_key(const char *filename, const char *passphrase,
int cipher_type;
u_int32_t rand;
- /* If the passphrase is empty, use SSH_CIPHER_NONE to ease
- converting to another cipher; otherwise use
- SSH_AUTHFILE_CIPHER. */
+ /*
+ * If the passphrase is empty, use SSH_CIPHER_NONE to ease converting
+ * to another cipher; otherwise use SSH_AUTHFILE_CIPHER.
+ */
if (strcmp(passphrase, "") == 0)
cipher_type = SSH_CIPHER_NONE;
else
buf[3] = buf[1];
buffer_append(&buffer, buf, 4);
- /* Store the private key (n and e will not be stored because they
- will be stored in plain text, and storing them also in
- encrypted format would just give known plaintext). */
+ /*
+ * Store the private key (n and e will not be stored because they
+ * will be stored in plain text, and storing them also in encrypted
+ * format would just give known plaintext).
+ */
buffer_put_bignum(&buffer, key->d);
buffer_put_bignum(&buffer, key->iqmp);
buffer_put_bignum(&buffer, key->q); /* reverse from SSL p */
memset(buf, 0, sizeof(buf));
buffer_free(&buffer);
- /* Write to a file. */
f = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600);
if (f < 0)
return 0;
-
if (write(f, buffer_ptr(&encrypted), buffer_len(&encrypted)) !=
buffer_len(&encrypted)) {
debug("Write to key file %.200s failed: %.100s", filename,
return 1;
}
-/* Loads the public part of the key file. Returns 0 if an error
- was encountered (the file does not exist or is not readable), and
- non-zero otherwise. */
+/*
+ * Loads the public part of the key file. Returns 0 if an error was
+ * encountered (the file does not exist or is not readable), and non-zero
+ * otherwise.
+ */
int
load_public_key(const char *filename, RSA * pub,
Buffer buffer;
char *cp;
- /* Read data from the file into the buffer. */
f = open(filename, O_RDONLY);
if (f < 0)
return 0;
-
len = lseek(f, (off_t) 0, SEEK_END);
lseek(f, (off_t) 0, SEEK_SET);
buffer_free(&buffer);
return 0;
}
- /* Make sure it begins with the id string. Consume the id string
- from the buffer. */
+ /*
+ * Make sure it begins with the id string. Consume the id string
+ * from the buffer.
+ */
for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++)
if (buffer_get_char(&buffer) != (unsigned char) AUTHFILE_ID_STRING[i]) {
debug("Bad key file %.200s.", filename);
return 1;
}
-/* Loads the private key from the file. Returns 0 if an error is encountered
- (file does not exist or is not readable, or passphrase is bad).
- This initializes the private key. */
+/*
+ * Loads the private key from the file. Returns 0 if an error is encountered
+ * (file does not exist or is not readable, or passphrase is bad). This
+ * initializes the private key.
+ * Assumes we are called under uid of the owner of the file.
+ */
int
load_private_key(const char *filename, const char *passphrase,
BIGNUM *aux;
struct stat st;
- /* Read the file into the buffer. */
f = open(filename, O_RDONLY);
if (f < 0)
return 0;
- /* We assume we are called under uid of the owner of the file */
+ /* check owner and modes */
if (fstat(f, &st) < 0 ||
(st.st_uid != 0 && st.st_uid != getuid()) ||
(st.st_mode & 077) != 0) {
buffer_free(&buffer);
return 0;
}
- /* Make sure it begins with the id string. Consume the id string
- from the buffer. */
+ /*
+ * Make sure it begins with the id string. Consume the id string
+ * from the buffer.
+ */
for (i = 0; i < (unsigned int) strlen(AUTHFILE_ID_STRING) + 1; i++)
if (buffer_get_char(&buffer) != (unsigned char) AUTHFILE_ID_STRING[i]) {
debug("Bad key file %.200s.", filename);
buffer_append(buffer, msg, 2);
/* Store the binary data. */
buffer_append(buffer, buf, oi);
- /* Clear the temporary data. */
+
memset(buf, 0, bin_size);
xfree(buf);
}
#include "buffer.h"
-/* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
- by (bits+7)/8 bytes of binary data, msb first. */
+/*
+ * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
+ * by (bits+7)/8 bytes of binary data, msb first.
+ */
void buffer_put_bignum(Buffer * buffer, BIGNUM * value);
/* Retrieves an BIGNUM from the buffer. */
/* Stores a character in the buffer. */
void buffer_put_char(Buffer * buffer, int value);
-/* Returns an arbitrary binary string from the buffer. The string cannot
- be longer than 256k. The returned value points to memory allocated
- with xmalloc; it is the responsibility of the calling function to free
- the data. If length_ptr is non-NULL, the length of the returned data
- will be stored there. A null character will be automatically appended
- to the returned string, and is not counted in length. */
+/*
+ * Returns an arbitrary binary string from the buffer. The string cannot be
+ * longer than 256k. The returned value points to memory allocated with
+ * xmalloc; it is the responsibility of the calling function to free the
+ * data. If length_ptr is non-NULL, the length of the returned data will be
+ * stored there. A null character will be automatically appended to the
+ * returned string, and is not counted in length.
+ */
char *buffer_get_string(Buffer * buffer, unsigned int *length_ptr);
/* Stores and arbitrary binary string in the buffer. */
xfree(buffer->buf);
}
-/* Clears any data from the buffer, making it empty. This does not actually
- zero the memory. */
+/*
+ * Clears any data from the buffer, making it empty. This does not actually
+ * zero the memory.
+ */
void
buffer_clear(Buffer *buffer)
memcpy(cp, data, len);
}
-/* Appends space to the buffer, expanding the buffer if necessary.
- This does not actually copy the data into the buffer, but instead
- returns a pointer to the allocated region. */
+/*
+ * Appends space to the buffer, expanding the buffer if necessary. This does
+ * not actually copy the data into the buffer, but instead returns a pointer
+ * to the allocated region.
+ */
void
buffer_append_space(Buffer *buffer, char **datap, unsigned int len)
buffer->end += len;
return;
}
- /* If the buffer is quite empty, but all data is at the end, move
- the data to the beginning and retry. */
+ /*
+ * If the buffer is quite empty, but all data is at the end, move the
+ * data to the beginning and retry.
+ */
if (buffer->offset > buffer->alloc / 2) {
memmove(buffer->buf, buffer->buf + buffer->offset,
buffer->end - buffer->offset);
/* Appends data to the buffer, expanding it if necessary. */
void buffer_append(Buffer * buffer, const char *data, unsigned int len);
-/* Appends space to the buffer, expanding the buffer if necessary.
- This does not actually copy the data into the buffer, but instead
- returns a pointer to the allocated region. */
+/*
+ * Appends space to the buffer, expanding the buffer if necessary. This does
+ * not actually copy the data into the buffer, but instead returns a pointer
+ * to the allocated region.
+ */
void buffer_append_space(Buffer * buffer, char **datap, unsigned int len);
/* Returns the number of bytes of data in the buffer. */
/* Returns a pointer to the first used byte in the buffer. */
char *buffer_ptr(Buffer * buffer);
-/* Dumps the contents of the buffer to stderr in hex. This intended for
- debugging purposes only. */
+/*
+ * Dumps the contents of the buffer to stderr in hex. This intended for
+ * debugging purposes only.
+ */
void buffer_dump(Buffer * buffer);
#endif /* BUFFER_H */
#include "xmalloc.h"
#include "ssh.h"
-/* Return the canonical name of the host at the other end of the socket.
- The caller should free the returned string with xfree. */
+/*
+ * Return the canonical name of the host at the other end of the socket. The
+ * caller should free the returned string with xfree.
+ */
char *
get_remote_hostname(int socket)
else
strlcpy(name, hp->h_name, sizeof(name));
- /* Convert it to all lowercase (which is expected by the
- rest of this software). */
+ /*
+ * Convert it to all lowercase (which is expected by the rest
+ * of this software).
+ */
for (i = 0; name[i]; i++)
if (isupper(name[i]))
name[i] = tolower(name[i]);
- /* Map it back to an IP address and check that the given
- address actually is an address of this host. This is
- necessary because anyone with access to a name server
- can define arbitrary names for an IP address. Mapping
- from name to IP address can be trusted better (but can
- still be fooled if the intruder has access to the name
- server of the domain). */
+ /*
+ * Map it back to an IP address and check that the given
+ * address actually is an address of this host. This is
+ * necessary because anyone with access to a name server can
+ * define arbitrary names for an IP address. Mapping from
+ * name to IP address can be trusted better (but can still be
+ * fooled if the intruder has access to the name server of
+ * the domain).
+ */
hp = gethostbyname(name);
if (!hp) {
log("reverse mapping checking gethostbyname for %.700s failed - POSSIBLE BREAKIN ATTEMPT!", name);
if (memcmp(hp->h_addr_list[i], &from.sin_addr, sizeof(from.sin_addr))
== 0)
break;
- /* If we reached the end of the list, the address was not
- there. */
+ /*
+ * If we reached the end of the list, the address was not
+ * there.
+ */
if (!hp->h_addr_list[i]) {
/* Address not found for the host name. */
log("Address %.100s maps to %.600s, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!",
check_ip_options:
- /* If IP options are supported, make sure there are none (log and
- disconnect them if any are found). Basically we are worried
- about source routing; it can be used to pretend you are
- somebody (ip-address) you are not. That itself may be "almost
- acceptable" under certain circumstances, but rhosts
- autentication is useless if source routing is accepted. Notice
- also that if we just dropped source routing here, the other
- side could use IP spoofing to do rest of the interaction and
- could still bypass security. So we exit here if we detect any
- IP options. */
+ /*
+ * If IP options are supported, make sure there are none (log and
+ * disconnect them if any are found). Basically we are worried about
+ * source routing; it can be used to pretend you are somebody
+ * (ip-address) you are not. That itself may be "almost acceptable"
+ * under certain circumstances, but rhosts autentication is useless
+ * if source routing is accepted. Notice also that if we just dropped
+ * source routing here, the other side could use IP spoofing to do
+ * rest of the interaction and could still bypass security. So we
+ * exit here if we detect any IP options.
+ */
{
unsigned char options[200], *ucp;
char text[1024], *cp;
static char *canonical_host_name = NULL;
static char *canonical_host_ip = NULL;
-/* Return the canonical name of the host in the other side of the current
- connection. The host name is cached, so it is efficient to call this
- several times. */
+/*
+ * Return the canonical name of the host in the other side of the current
+ * connection. The host name is cached, so it is efficient to call this
+ * several times.
+ */
const char *
get_canonical_hostname()
return canonical_host_name;
}
-/* Returns the IP-address of the remote host as a string. The returned
- string need not be freed. */
+/*
+ * Returns the IP-address of the remote host as a string. The returned
+ * string need not be freed.
+ */
const char *
get_remote_ipaddr()
struct sockaddr_in from;
int fromlen, socket;
- /* Check if we have previously retrieved this same name. */
+ /* Check whether we have chached the name. */
if (canonical_host_ip != NULL)
return canonical_host_ip;
{
int socket;
- /* If the connection is not a socket, return 65535. This is
- intentionally chosen to be an unprivileged port number. */
+ /*
+ * If the connection is not a socket, return 65535. This is
+ * intentionally chosen to be an unprivileged port number.
+ */
if (packet_get_connection_in() != packet_get_connection_out())
return 65535;
/* Max len of agent socket */
#define MAX_SOCKET_NAME 100
-/* Pointer to an array containing all allocated channels. The array is
- dynamically extended as needed. */
+/*
+ * Pointer to an array containing all allocated channels. The array is
+ * dynamically extended as needed.
+ */
static Channel *channels = NULL;
-/* Size of the channel array. All slots of the array must always be
- initialized (at least the type field); unused slots are marked with
- type SSH_CHANNEL_FREE. */
+/*
+ * Size of the channel array. All slots of the array must always be
+ * initialized (at least the type field); unused slots are marked with type
+ * SSH_CHANNEL_FREE.
+ */
static int channels_alloc = 0;
-/* Maximum file descriptor value used in any of the channels. This is updated
- in channel_allocate. */
+/*
+ * Maximum file descriptor value used in any of the channels. This is
+ * updated in channel_allocate.
+ */
static int channel_max_fd_value = 0;
/* Name and directory of socket for authentication agent forwarding. */
char *x11_saved_data = NULL;
unsigned int x11_saved_data_len = 0;
-/* Fake X11 authentication data. This is what the server will be sending
- us; we should replace any occurrences of this by the real data. */
+/*
+ * Fake X11 authentication data. This is what the server will be sending us;
+ * we should replace any occurrences of this by the real data.
+ */
char *x11_fake_data = NULL;
unsigned int x11_fake_data_len;
-/* Data structure for storing which hosts are permitted for forward requests.
- The local sides of any remote forwards are stored in this array to prevent
- a corrupt remote server from accessing arbitrary TCP/IP ports on our
- local network (which might be behind a firewall). */
+/*
+ * Data structure for storing which hosts are permitted for forward requests.
+ * The local sides of any remote forwards are stored in this array to prevent
+ * a corrupt remote server from accessing arbitrary TCP/IP ports on our local
+ * network (which might be behind a firewall).
+ */
typedef struct {
char *host; /* Host name. */
int port; /* Port number. */
static ForwardPermission permitted_opens[SSH_MAX_FORWARDS_PER_DIRECTION];
/* Number of permitted host/port pairs in the array. */
static int num_permitted_opens = 0;
-/* If this is true, all opens are permitted. This is the case on the
- server on which we have to trust the client anyway, and the user could
- do anything after logging in anyway. */
+/*
+ * If this is true, all opens are permitted. This is the case on the server
+ * on which we have to trust the client anyway, and the user could do
+ * anything after logging in anyway.
+ */
static int all_opens_permitted = 0;
/* This is set to true if both sides support SSH_PROTOFLAG_HOST_IN_FWD_OPEN. */
have_hostname_in_open = hostname_in_open;
}
-/* Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually
- called by the server, because the user could connect to any port anyway,
- and the server has no way to know but to trust the client anyway. */
+/*
+ * Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually
+ * called by the server, because the user could connect to any port anyway,
+ * and the server has no way to know but to trust the client anyway.
+ */
void
channel_permit_all_opens()
all_opens_permitted = 1;
}
-/* Allocate a new channel object and set its type and socket.
- This will cause remote_name to be freed. */
+/*
+ * Allocate a new channel object and set its type and socket. This will cause
+ * remote_name to be freed.
+ */
int
channel_allocate(int type, int sock, char *remote_name)
/* Update the maximum file descriptor value. */
if (sock > channel_max_fd_value)
channel_max_fd_value = sock;
+ /* XXX set close-on-exec -markus */
/* Do initial allocation if this is the first call. */
if (channels_alloc == 0) {
channels = xmalloc(channels_alloc * sizeof(Channel));
for (i = 0; i < channels_alloc; i++)
channels[i].type = SSH_CHANNEL_FREE;
-
- /* Kludge: arrange a call to channel_stop_listening if we
- terminate with fatal(). */
+ /*
+ * Kludge: arrange a call to channel_stop_listening if we
+ * terminate with fatal().
+ */
fatal_add_cleanup((void (*) (void *)) channel_stop_listening, NULL);
}
/* Try to find a free slot where to put the new channel. */
break;
}
if (found == -1) {
- /* There are no free slots. Take last+1 slot and expand
- the array. */
+ /* There are no free slots. Take last+1 slot and expand the array. */
found = channels_alloc;
channels_alloc += 10;
debug("channel: expanding %d", channels_alloc);
}
}
-/* This is called just before select() to add any bits relevant to
- channels in the select bitmasks. */
+/*
+ * This is called just before select() to add any bits relevant to channels
+ * in the select bitmasks.
+ */
void
channel_prepare_select(fd_set * readset, fd_set * writeset)
break;
case SSH_CHANNEL_X11_OPEN:
- /* This is a special state for X11 authentication
- spoofing. An opened X11 connection (when
- authentication spoofing is being done) remains
- in this state until the first packet has been
- completely read. The authentication data in
- that packet is then substituted by the real
- data if it matches the fake data, and the
- channel is put into normal mode. */
-
+ /*
+ * This is a special state for X11 authentication
+ * spoofing. An opened X11 connection (when
+ * authentication spoofing is being done) remains in
+ * this state until the first packet has been
+ * completely read. The authentication data in that
+ * packet is then substituted by the real data if it
+ * matches the fake data, and the channel is put into
+ * normal mode.
+ */
/* Check if the fixed size part of the packet is in buffer. */
if (buffer_len(&ch->output) < 12)
break;
ch->type = SSH_CHANNEL_OPEN;
goto reject;
}
- /* Received authentication protocol and data match
- our fake data. Substitute the fake data with
- real data. */
+ /*
+ * Received authentication protocol and data match
+ * our fake data. Substitute the fake data with real
+ * data.
+ */
memcpy(ucp + 12 + ((proto_len + 3) & ~3),
x11_saved_data, x11_saved_data_len);
goto redo;
reject:
- /* We have received an X11 connection that has bad
- authentication information. */
+ /*
+ * We have received an X11 connection that has bad
+ * authentication information.
+ */
log("X11 connection rejected because of wrong authentication.\r\n");
buffer_clear(&ch->input);
buffer_clear(&ch->output);
}
}
-/* After select, perform any appropriate operations for channels which
- have events pending. */
+/*
+ * After select, perform any appropriate operations for channels which have
+ * events pending.
+ */
void
channel_after_select(fd_set * readset, fd_set * writeset)
break;
case SSH_CHANNEL_PORT_LISTENER:
- /* This socket is listening for connections to a
- forwarded TCP/IP port. */
+ /*
+ * This socket is listening for connections to a
+ * forwarded TCP/IP port.
+ */
if (FD_ISSET(ch->sock, readset)) {
debug("Connection to port %d forwarding to %.100s:%d requested.",
ch->listening_port, ch->path, ch->host_port);
break;
case SSH_CHANNEL_AUTH_SOCKET:
- /* This is the authentication agent socket
- listening for connections from clients. */
+ /*
+ * This is the authentication agent socket listening
+ * for connections from clients.
+ */
if (FD_ISSET(ch->sock, readset)) {
int nchan;
len = sizeof(addr);
break;
case SSH_CHANNEL_OPEN:
- /* This is an open two-way communication channel.
- It is not of interest to us at this point what
- kind of data is being transmitted. */
-
- /* Read available incoming data and append it to
- buffer; shutdown socket, if read or write
- failes */
+ /*
+ * This is an open two-way communication channel. It
+ * is not of interest to us at this point what kind
+ * of data is being transmitted.
+ */
+
+ /*
+ * Read available incoming data and append it to
+ * buffer; shutdown socket, if read or write failes
+ */
if (FD_ISSET(ch->sock, readset)) {
len = read(ch->sock, buf, sizeof(buf));
if (len <= 0) {
for (i = 0; i < channels_alloc; i++) {
ch = &channels[i];
- /* We are only interested in channels that can have
- buffered incoming data. */
+ /* We are only interested in channels that can have buffered incoming data. */
if (ch->type != SSH_CHANNEL_OPEN &&
ch->type != SSH_CHANNEL_INPUT_DRAINING)
continue;
/* Get the amount of buffered data for this channel. */
len = buffer_len(&ch->input);
if (len > 0) {
- /* Send some data for the other side over the
- secure connection. */
+ /* Send some data for the other side over the secure connection. */
if (packet_is_interactive()) {
if (len > 1024)
len = 512;
} else if (ch->istate == CHAN_INPUT_WAIT_DRAIN) {
if (compat13)
fatal("cannot happen: istate == INPUT_WAIT_DRAIN for proto 1.3");
- /* input-buffer is empty and read-socket shutdown:
- tell peer, that we will not send more data:
- send IEOF */
+ /*
+ * input-buffer is empty and read-socket shutdown:
+ * tell peer, that we will not send more data: send IEOF
+ */
chan_ibuf_empty(ch);
}
}
}
-/* This is called when a packet of type CHANNEL_DATA has just been received.
- The message type has already been consumed, but channel number and data
- is still there. */
+/*
+ * This is called when a packet of type CHANNEL_DATA has just been received.
+ * The message type has already been consumed, but channel number and data is
+ * still there.
+ */
void
channel_input_data(int payload_len)
xfree(data);
}
-/* Returns true if no channel has too much buffered data, and false if
- one or more channel is overfull. */
+/*
+ * Returns true if no channel has too much buffered data, and false if one or
+ * more channel is overfull.
+ */
int
channel_not_very_much_buffered_data()
chan_rcvd_ieof(&channels[channel]);
return;
}
- /* Send a confirmation that we have closed the channel and no more
- data is coming for it. */
+
+ /*
+ * Send a confirmation that we have closed the channel and no more
+ * data is coming for it.
+ */
packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION);
packet_put_int(channels[channel].remote_id);
packet_send();
- /* If the channel is in closed state, we have sent a close
- request, and the other side will eventually respond with a
- confirmation. Thus, we cannot free the channel here, because
- then there would be no-one to receive the confirmation. The
- channel gets freed when the confirmation arrives. */
+ /*
+ * If the channel is in closed state, we have sent a close request,
+ * and the other side will eventually respond with a confirmation.
+ * Thus, we cannot free the channel here, because then there would be
+ * no-one to receive the confirmation. The channel gets freed when
+ * the confirmation arrives.
+ */
if (channels[channel].type != SSH_CHANNEL_CLOSED) {
- /* Not a closed channel - mark it as draining, which will
- cause it to be freed later. */
+ /*
+ * Not a closed channel - mark it as draining, which will
+ * cause it to be freed later.
+ */
buffer_consume(&channels[channel].input,
buffer_len(&channels[channel].input));
channels[channel].type = SSH_CHANNEL_OUTPUT_DRAINING;
/* Get remote side's id for this channel. */
remote_channel = packet_get_int();
- /* Record the remote channel number and mark that the channel is
- now open. */
+ /* Record the remote channel number and mark that the channel is now open. */
channels[channel].remote_id = remote_channel;
channels[channel].type = SSH_CHANNEL_OPEN;
}
channel_free(channel);
}
-/* Stops listening for channels, and removes any unix domain sockets that
- we might have. */
+/*
+ * Stops listening for channels, and removes any unix domain sockets that we
+ * might have.
+ */
void
channel_stop_listening()
}
}
-/* Closes the sockets of all channels. This is used to close extra file
- descriptors after a fork. */
+/*
+ * Closes the sockets of all channels. This is used to close extra file
+ * descriptors after a fork.
+ */
void
channel_close_all()
return 0;
}
-/* Returns a message describing the currently open forwarded
- connections, suitable for sending to the client. The message
- contains crlf pairs for newlines. */
+/*
+ * Returns a message describing the currently open forwarded connections,
+ * suitable for sending to the client. The message contains crlf pairs for
+ * newlines.
+ */
char *
channel_open_message()
return cp;
}
-/* Initiate forwarding of connections to local port "port" through the secure
- channel to host:port from remote side. */
+/*
+ * Initiate forwarding of connections to local port "port" through the secure
+ * channel to host:port from remote side.
+ */
void
channel_request_local_forwarding(int port, const char *host,
int host_port)
{
- int ch, sock;
+ int ch, sock, on = 1;
struct sockaddr_in sin;
extern Options options;
+ struct linger linger;
if (strlen(host) > sizeof(channels[0].path) - 1)
packet_disconnect("Forward host name too long.");
sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
sin.sin_port = htons(port);
+ /*
+ * Set socket options. We would like the socket to disappear as soon
+ * as it has been closed for whatever reason.
+ */
+ setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on));
+ linger.l_onoff = 1;
+ linger.l_linger = 5;
+ setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *) &linger, sizeof(linger));
+
/* Bind the socket to the address. */
if (bind(sock, (struct sockaddr *) & sin, sizeof(sin)) < 0)
packet_disconnect("bind: %.100s", strerror(errno));
channels[ch].listening_port = port;
}
-/* Initiate forwarding of connections to port "port" on remote host through
- the secure channel to host:port from local side. */
+/*
+ * Initiate forwarding of connections to port "port" on remote host through
+ * the secure channel to host:port from local side.
+ */
void
channel_request_remote_forwarding(int port, const char *host,
packet_send();
packet_write_wait();
- /* Wait for response from the remote side. It will send a
- disconnect message on failure, and we will never see it here. */
+ /*
+ * Wait for response from the remote side. It will send a disconnect
+ * message on failure, and we will never see it here.
+ */
packet_read_expect(&payload_len, SSH_SMSG_SUCCESS);
}
-/* This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
- listening for the port, and sends back a success reply (or disconnect
- message if there was an error). This never returns if there was an
- error. */
+/*
+ * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
+ * listening for the port, and sends back a success reply (or disconnect
+ * message if there was an error). This never returns if there was an error.
+ */
void
channel_input_port_forward_request(int is_root)
if ((port & 0xffff) != port)
packet_disconnect("Requested forwarding of nonexistent port %d.", port);
- /* Check that an unprivileged user is not trying to forward a
- privileged port. */
+ /*
+ * Check that an unprivileged user is not trying to forward a
+ * privileged port.
+ */
if (port < IPPORT_RESERVED && !is_root)
packet_disconnect("Requested forwarding of port %d but user is not root.",
port);
xfree(hostname);
}
-/* This is called after receiving PORT_OPEN message. This attempts to connect
- to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION or
- CHANNEL_OPEN_FAILURE. */
+/*
+ * This is called after receiving PORT_OPEN message. This attempts to
+ * connect to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION
+ * or CHANNEL_OPEN_FAILURE.
+ */
void
channel_input_port_open(int payload_len)
host_port = packet_get_int();
/* Get remote originator name. */
- if (have_hostname_in_open)
+ if (have_hostname_in_open) {
originator_string = packet_get_string(&originator_len);
- else
+ originator_len += 4; /* size of packet_int */
+ } else {
originator_string = xstrdup("unknown (remote did not supply name)");
+ originator_len = 0; /* no originator supplied */
+ }
packet_integrity_check(payload_len,
- 4 + 4 + host_len + 4 + 4 + originator_len,
+ 4 + 4 + host_len + 4 + originator_len,
SSH_MSG_PORT_OPEN);
/* Check if opening that port is permitted. */
packet_send();
}
-/* Creates an internet domain socket for listening for X11 connections.
- Returns a suitable value for the DISPLAY variable, or NULL if an error
- occurs. */
+/*
+ * Creates an internet domain socket for listening for X11 connections.
+ * Returns a suitable value for the DISPLAY variable, or NULL if an error
+ * occurs.
+ */
char *
x11_create_display_inet(int screen_number)
}
-/* This is called when SSH_SMSG_X11_OPEN is received. The packet contains
- the remote channel number. We should do whatever we want, and respond
- with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */
+/*
+ * This is called when SSH_SMSG_X11_OPEN is received. The packet contains
+ * the remote channel number. We should do whatever we want, and respond
+ * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
+ */
void
x11_input_open(int payload_len)
remote_channel = packet_get_int();
/* Get remote originator name. */
- if (have_hostname_in_open)
+ if (have_hostname_in_open) {
remote_host = packet_get_string(&remote_len);
- else
+ remote_len += 4;
+ } else {
remote_host = xstrdup("unknown (remote did not supply name)");
+ remote_len = 0;
+ }
debug("Received X11 open request.");
- packet_integrity_check(payload_len, 4 + 4 + remote_len, SSH_SMSG_X11_OPEN);
+ packet_integrity_check(payload_len, 4 + remote_len, SSH_SMSG_X11_OPEN);
/* Try to open a socket for the local X server. */
display = getenv("DISPLAY");
error("DISPLAY not set.");
goto fail;
}
- /* Now we decode the value of the DISPLAY variable and make a
- connection to the real X server. */
-
- /* Check if it is a unix domain socket. Unix domain displays are
- in one of the following formats: unix:d[.s], :d[.s], ::d[.s] */
+ /*
+ * Now we decode the value of the DISPLAY variable and make a
+ * connection to the real X server.
+ */
+
+ /*
+ * Check if it is a unix domain socket. Unix domain displays are in
+ * one of the following formats: unix:d[.s], :d[.s], ::d[.s]
+ */
if (strncmp(display, "unix:", 5) == 0 ||
display[0] == ':') {
/* Connect to the unix domain socket. */
/* OK, we now have a connection to the display. */
goto success;
}
- /* Connect to an inet socket. The DISPLAY value is supposedly
- hostname:d[.s], where hostname may also be numeric IP address. */
+ /*
+ * Connect to an inet socket. The DISPLAY value is supposedly
+ * hostname:d[.s], where hostname may also be numeric IP address.
+ */
strncpy(buf, display, sizeof(buf));
buf[sizeof(buf) - 1] = 0;
cp = strchr(buf, ':');
goto fail;
}
*cp = 0;
- /* buf now contains the host name. But first we parse the display
- number. */
+ /* buf now contains the host name. But first we parse the display number. */
if (sscanf(cp + 1, "%d", &display_number) != 1) {
error("Could not parse display number from DISPLAY: %.100s",
display);
packet_send();
}
-/* Requests forwarding of X11 connections, generates fake authentication
- data, and enables authentication spoofing. */
+/*
+ * Requests forwarding of X11 connections, generates fake authentication
+ * data, and enables authentication spoofing.
+ */
void
x11_request_forwarding_with_spoofing(const char *proto, const char *data)
/* Save protocol name. */
x11_saved_proto = xstrdup(proto);
- /* Extract real authentication data and generate fake data of the
- same length. */
+ /*
+ * Extract real authentication data and generate fake data of the
+ * same length.
+ */
x11_saved_data = xmalloc(data_len);
x11_fake_data = xmalloc(data_len);
for (i = 0; i < data_len; i++) {
packet_write_wait();
}
-/* Returns the name of the forwarded authentication socket. Returns NULL
- if there is no forwarded authentication socket. The returned value
- points to a static buffer. */
+/*
+ * Returns the name of the forwarded authentication socket. Returns NULL if
+ * there is no forwarded authentication socket. The returned value points to
+ * a static buffer.
+ */
char *
auth_get_socket_name()
rmdir(channel_forwarded_auth_socket_dir);
}
-/* This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
- This starts forwarding authentication requests. */
+/*
+ * This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
+ * This starts forwarding authentication requests.
+ */
void
auth_input_request_forwarding(struct passwd * pw)
/* Read the remote channel number from the message. */
remch = packet_get_int();
- /* Get a connection to the local authentication agent (this may
- again get forwarded). */
+ /*
+ * Get a connection to the local authentication agent (this may again
+ * get forwarded).
+ */
sock = ssh_get_authentication_socket();
- /* If we could not connect the agent, send an error message back
- to the server. This should never happen unless the agent dies,
- because authentication forwarding is only enabled if we have an
- agent. */
+ /*
+ * If we could not connect the agent, send an error message back to
+ * the server. This should never happen unless the agent dies,
+ * because authentication forwarding is only enabled if we have an
+ * agent.
+ */
if (sock < 0) {
packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
packet_put_int(remch);
}
debug("Forwarding authentication connection.");
- /* Dummy host name. This will be freed when the channel is freed;
- it will still be valid in the packet_put_string below since the
- channel cannot yet be freed at that point. */
+ /*
+ * Dummy host name. This will be freed when the channel is freed; it
+ * will still be valid in the packet_put_string below since the
+ * channel cannot yet be freed at that point.
+ */
dummyname = xstrdup("authentication agent connection");
newch = channel_allocate(SSH_CHANNEL_OPEN, sock, dummyname);
#define CHANNELS_H
/* Definitions for channel types. */
-#define SSH_CHANNEL_FREE 0 /* This channel is free
- * (unused). */
-#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11
- * conn. */
+#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */
+#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */
#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */
#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */
#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */
-#define SSH_CHANNEL_CLOSED 5 /* waiting for close
- * confirmation */
-/* SSH_CHANNEL_AUTH_FD 6 authentication fd */
+#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */
+/* SSH_CHANNEL_AUTH_FD 6 authentication fd */
#define SSH_CHANNEL_AUTH_SOCKET 7 /* authentication socket */
-/* SSH_CHANNEL_AUTH_SOCKET_FD 8 connection to auth socket */
+/* SSH_CHANNEL_AUTH_SOCKET_FD 8 connection to auth socket */
#define SSH_CHANNEL_X11_OPEN 9 /* reading first X11 packet */
-#define SSH_CHANNEL_INPUT_DRAINING 10 /* sending remaining data to
- * conn */
-#define SSH_CHANNEL_OUTPUT_DRAINING 11 /* sending remaining data to
- * app */
+#define SSH_CHANNEL_INPUT_DRAINING 10 /* sending remaining data to conn */
+#define SSH_CHANNEL_OUTPUT_DRAINING 11 /* sending remaining data to app */
-/* Data structure for channel data. This is iniailized in channel_allocate
- and cleared in channel_free. */
+/*
+ * Data structure for channel data. This is iniailized in channel_allocate
+ * and cleared in channel_free.
+ */
typedef struct Channel {
int type; /* channel type/state */
cipher_attack_detected("CRC-32 CBC insertion attack detected");
}
-/* Names of all encryption algorithms. These must match the numbers defined
- int cipher.h. */
+/*
+ * Names of all encryption algorithms.
+ * These must match the numbers defined in cipher.h.
+ */
static char *cipher_names[] =
{
"none",
"blowfish"
};
-/* Returns a bit mask indicating which ciphers are supported by this
- implementation. The bit mask has the corresponding bit set of each
- supported cipher. */
+/*
+ * Returns a bit mask indicating which ciphers are supported by this
+ * implementation. The bit mask has the corresponding bit set of each
+ * supported cipher.
+ */
unsigned int
cipher_mask()
return cipher_names[cipher];
}
-/* Parses the name of the cipher. Returns the number of the corresponding
- cipher, or -1 on error. */
+/*
+ * Parses the name of the cipher. Returns the number of the corresponding
+ * cipher, or -1 on error.
+ */
int
cipher_number(const char *name)
return -1;
}
-/* Selects the cipher, and keys if by computing the MD5 checksum of the
- passphrase and using the resulting 16 bytes as the key. */
+/*
+ * Selects the cipher, and keys if by computing the MD5 checksum of the
+ * passphrase and using the resulting 16 bytes as the key.
+ */
void
cipher_set_key_string(CipherContext *context, int cipher,
/* Initialize the initialization vector. */
switch (cipher) {
case SSH_CIPHER_NONE:
- /* Has to stay for authfile saving of private key with
- no passphrase */
+ /*
+ * Has to stay for authfile saving of private key with no
+ * passphrase
+ */
break;
case SSH_CIPHER_3DES:
- /* Note: the least significant bit of each byte of key is
- parity, and must be ignored by the implementation. 16
- bytes of key are used (first and last keys are the
- same). */
+ /*
+ * Note: the least significant bit of each byte of key is
+ * parity, and must be ignored by the implementation. 16
+ * bytes of key are used (first and last keys are the same).
+ */
if (keylen < 16)
error("Key length %d is insufficient for 3DES.", keylen);
des_set_key((void *) padded, context->u.des3.key1);
} bf;
} u;
} CipherContext;
-/* Returns a bit mask indicating which ciphers are supported by this
- implementation. The bit mask has the corresponding bit set of each
- supported cipher. */
+/*
+ * Returns a bit mask indicating which ciphers are supported by this
+ * implementation. The bit mask has the corresponding bit set of each
+ * supported cipher.
+ */
unsigned int cipher_mask();
/* Returns the name of the cipher. */
const char *cipher_name(int cipher);
-/* Parses the name of the cipher. Returns the number of the corresponding
- cipher, or -1 on error. */
+/*
+ * Parses the name of the cipher. Returns the number of the corresponding
+ * cipher, or -1 on error.
+ */
int cipher_number(const char *name);
-/* Selects the cipher to use and sets the key. If for_encryption is true,
- the key is setup for encryption; otherwise it is setup for decryption. */
+/*
+ * Selects the cipher to use and sets the key. If for_encryption is true,
+ * the key is setup for encryption; otherwise it is setup for decryption.
+ */
void
cipher_set_key(CipherContext * context, int cipher,
const unsigned char *key, int keylen, int for_encryption);
-/* Sets key for the cipher by computing the MD5 checksum of the passphrase,
- and using the resulting 16 bytes as the key. */
+/*
+ * Sets key for the cipher by computing the MD5 checksum of the passphrase,
+ * and using the resulting 16 bytes as the key.
+ */
void
cipher_set_key_string(CipherContext * context, int cipher,
const char *passphrase, int for_encryption);
cipher_decrypt(CipherContext * context, unsigned char *dest,
const unsigned char *src, unsigned int len);
-/* If and CRC-32 attack is detected this function is called. Defaults
- * to fatal, changed to packet_disconnect in sshd and ssh. */
-extern void (*cipher_attack_detected) (const char *fmt,...);
+/*
+ * If and CRC-32 attack is detected this function is called. Defaults to
+ * fatal, changed to packet_disconnect in sshd and ssh.
+ */
+extern void (*cipher_attack_detected) (const char *fmt, ...);
#endif /* CIPHER_H */
/* Flag indicating that stdin should be redirected from /dev/null. */
extern int stdin_null_flag;
-/* Name of the host we are connecting to. This is the name given on the
- command line, or the HostName specified for the user-supplied name
- in a configuration file. */
+/*
+ * Name of the host we are connecting to. This is the name given on the
+ * command line, or the HostName specified for the user-supplied name in a
+ * configuration file.
+ */
extern char *host;
-/* Flag to indicate that we have received a window change signal which has
- not yet been processed. This will cause a message indicating the new
- window size to be sent to the server a little later. This is volatile
- because this is updated in a signal handler. */
+/*
+ * Flag to indicate that we have received a window change signal which has
+ * not yet been processed. This will cause a message indicating the new
+ * window size to be sent to the server a little later. This is volatile
+ * because this is updated in a signal handler.
+ */
static volatile int received_window_change_signal = 0;
/* Terminal modes, as saved by enter_raw_mode. */
static struct termios saved_tio;
-/* Flag indicating whether we are in raw mode. This is used by enter_raw_mode
- and leave_raw_mode. */
+/*
+ * Flag indicating whether we are in raw mode. This is used by
+ * enter_raw_mode and leave_raw_mode.
+ */
static int in_raw_mode = 0;
/* Flag indicating whether the user\'s terminal is in non-blocking mode. */
static int quit_pending; /* Set to non-zero to quit the client loop. */
static int escape_char; /* Escape character. */
-/* Returns the user\'s terminal to normal mode if it had been put in raw
- mode. */
+/* Returns the user\'s terminal to normal mode if it had been put in raw mode. */
void
leave_raw_mode()
fatal_add_cleanup((void (*) (void *)) leave_non_blocking, NULL);
}
-/* Signal handler for the window change signal (SIGWINCH). This just
- sets a flag indicating that the window has changed. */
+/*
+ * Signal handler for the window change signal (SIGWINCH). This just sets a
+ * flag indicating that the window has changed.
+ */
void
window_change_handler(int sig)
signal(SIGWINCH, window_change_handler);
}
-/* Signal handler for signals that cause the program to terminate. These
- signals must be trapped to restore terminal modes. */
+/*
+ * Signal handler for signals that cause the program to terminate. These
+ * signals must be trapped to restore terminal modes.
+ */
void
signal_handler(int sig)
fatal("Killed by signal %d.", sig);
}
-/* Returns current time in seconds from Jan 1, 1970 with the maximum available
- resolution. */
+/*
+ * Returns current time in seconds from Jan 1, 1970 with the maximum
+ * available resolution.
+ */
double
get_current_time()
return (double) tv.tv_sec + (double) tv.tv_usec / 1000000.0;
}
-/* This is called when the interactive is entered. This checks if there
- is an EOF coming on stdin. We must check this explicitly, as select()
- does not appear to wake up when redirecting from /dev/null. */
+/*
+ * This is called when the interactive is entered. This checks if there is
+ * an EOF coming on stdin. We must check this explicitly, as select() does
+ * not appear to wake up when redirecting from /dev/null.
+ */
void
client_check_initial_eof_on_stdin()
int len;
char buf[1];
- /* If standard input is to be "redirected from /dev/null", we
- simply mark that we have seen an EOF and send an EOF message to
- the server. Otherwise, we try to read a single character; it
- appears that for some files, such /dev/null, select() never
- wakes up for read for this descriptor, which means that we
- never get EOF. This way we will get the EOF if stdin comes
- from /dev/null or similar. */
+ /*
+ * If standard input is to be "redirected from /dev/null", we simply
+ * mark that we have seen an EOF and send an EOF message to the
+ * server. Otherwise, we try to read a single character; it appears
+ * that for some files, such /dev/null, select() never wakes up for
+ * read for this descriptor, which means that we never get EOF. This
+ * way we will get the EOF if stdin comes from /dev/null or similar.
+ */
if (stdin_null_flag) {
/* Fake EOF on stdin. */
debug("Sending eof.");
packet_start(SSH_CMSG_EOF);
packet_send();
} else {
- /* Enter non-blocking mode for stdin. */
enter_non_blocking();
/* Check for immediate EOF on stdin. */
len = read(fileno(stdin), buf, 1);
if (len == 0) {
- /* EOF. Record that we have seen it and send EOF
- to server. */
+ /* EOF. Record that we have seen it and send EOF to server. */
debug("Sending eof.");
stdin_eof = 1;
packet_start(SSH_CMSG_EOF);
packet_send();
} else if (len > 0) {
- /* Got data. We must store the data in the
- buffer, and also process it as an escape
- character if appropriate. */
+ /*
+ * Got data. We must store the data in the buffer,
+ * and also process it as an escape character if
+ * appropriate.
+ */
if ((unsigned char) buf[0] == escape_char)
escape_pending = 1;
else {
stdin_bytes += 1;
}
}
- /* Leave non-blocking mode. */
leave_non_blocking();
}
}
-/* Get packets from the connection input buffer, and process them as long
- as there are packets available. */
+/*
+ * Get packets from the connection input buffer, and process them as long as
+ * there are packets available.
+ */
void
client_process_buffered_input_packets()
/* Acknowledge the exit. */
packet_start(SSH_CMSG_EXIT_CONFIRMATION);
packet_send();
- /* Must wait for packet to be sent since we are
- exiting the loop. */
+ /*
+ * Must wait for packet to be sent since we are
+ * exiting the loop.
+ */
packet_write_wait();
/* Flag that we want to exit. */
quit_pending = 1;
break;
default:
- /* Any unknown packets received during the actual
- session cause the session to terminate. This
- is intended to make debugging easier since no
- confirmations are sent. Any compatible
- protocol extensions must be negotiated during
- the preparatory phase. */
+ /*
+ * Any unknown packets received during the actual
+ * session cause the session to terminate. This is
+ * intended to make debugging easier since no
+ * confirmations are sent. Any compatible protocol
+ * extensions must be negotiated during the
+ * preparatory phase.
+ */
packet_disconnect("Protocol error during session: type %d",
type);
}
}
}
-/* Make packets from buffered stdin data, and buffer them for sending to
- the connection. */
+/*
+ * Make packets from buffered stdin data, and buffer them for sending to the
+ * connection.
+ */
void
client_make_packets_from_stdin_data()
}
}
-/* Checks if the client window has changed, and sends a packet about it to
- the server if so. The actual change is detected elsewhere (by a software
- interrupt on Unix); this just checks the flag and sends a message if
- appropriate. */
+/*
+ * Checks if the client window has changed, and sends a packet about it to
+ * the server if so. The actual change is detected elsewhere (by a software
+ * interrupt on Unix); this just checks the flag and sends a message if
+ * appropriate.
+ */
void
client_check_window_change()
}
}
-/* Waits until the client can do something (some data becomes available on
- one of the file descriptors). */
+/*
+ * Waits until the client can do something (some data becomes available on
+ * one of the file descriptors).
+ */
void
client_wait_until_can_do_something(fd_set * readset, fd_set * writeset)
channel_not_very_much_buffered_data())
FD_SET(connection_in, readset);
- /* Read from stdin, unless we have seen EOF or have very much
- buffered data to send to the server. */
+ /*
+ * Read from stdin, unless we have seen EOF or have very much
+ * buffered data to send to the server.
+ */
if (!stdin_eof && packet_not_very_much_data_to_write())
FD_SET(fileno(stdin), readset);
if (channel_max_fd() > max_fd)
max_fd = channel_max_fd();
- /* Wait for something to happen. This will suspend the process
- until some selected descriptor can be read, written, or has
- some other event pending.
- Note: if you want to implement SSH_MSG_IGNORE messages to fool
- traffic analysis, this might be the place to do it:
- just have a random timeout for the select, and send a random
- SSH_MSG_IGNORE packet when the timeout expires. */
+ /*
+ * Wait for something to happen. This will suspend the process until
+ * some selected descriptor can be read, written, or has some other
+ * event pending. Note: if you want to implement SSH_MSG_IGNORE
+ * messages to fool traffic analysis, this might be the place to do
+ * it: just have a random timeout for the select, and send a random
+ * SSH_MSG_IGNORE packet when the timeout expires.
+ */
if (select(max_fd + 1, readset, writeset, NULL, NULL) < 0) {
char buf[100];
buffer_ptr(&stderr_buffer),
buffer_len(&stderr_buffer));
- /* Leave raw mode. */
leave_raw_mode();
- /* Free (and clear) the buffer to reduce the amount of data that
- gets written to swap. */
+ /*
+ * Free (and clear) the buffer to reduce the amount of data that gets
+ * written to swap.
+ */
buffer_free(&stdin_buffer);
buffer_free(&stdout_buffer);
buffer_free(&stderr_buffer);
buffer_init(&stdout_buffer);
buffer_init(&stderr_buffer);
- /* Re-enter raw mode. */
enter_raw_mode();
}
int len, pid;
char buf[8192], *s;
- /* Read input from the server, and add any such data to the buffer
- of the packet subsystem. */
+ /*
+ * Read input from the server, and add any such data to the buffer of
+ * the packet subsystem.
+ */
if (FD_ISSET(connection_in, readset)) {
/* Read as much as possible. */
len = read(connection_in, buf, sizeof(buf));
quit_pending = 1;
return;
}
- /* There is a kernel bug on Solaris that causes select to
- sometimes wake up even though there is no data
- available. */
+ /*
+ * There is a kernel bug on Solaris that causes select to
+ * sometimes wake up even though there is no data available.
+ */
if (len < 0 && errno == EAGAIN)
len = 0;
/* Read as much as possible. */
len = read(fileno(stdin), buf, sizeof(buf));
if (len <= 0) {
- /* Received EOF or error. They are treated
- similarly, except that an error message is
- printed if it was an error condition. */
+ /*
+ * Received EOF or error. They are treated
+ * similarly, except that an error message is printed
+ * if it was an error condition.
+ */
if (len < 0) {
snprintf(buf, sizeof buf, "read: %.100s\r\n", strerror(errno));
buffer_append(&stderr_buffer, buf, strlen(buf));
}
/* Mark that we have seen EOF. */
stdin_eof = 1;
- /* Send an EOF message to the server unless there
- is data in the buffer. If there is data in the
- buffer, no message will be sent now. Code
- elsewhere will send the EOF when the buffer
- becomes empty if stdin_eof is set. */
+ /*
+ * Send an EOF message to the server unless there is
+ * data in the buffer. If there is data in the
+ * buffer, no message will be sent now. Code
+ * elsewhere will send the EOF when the buffer
+ * becomes empty if stdin_eof is set.
+ */
if (buffer_len(&stdin_buffer) == 0) {
packet_start(SSH_CMSG_EOF);
packet_send();
}
} else if (escape_char == -1) {
- /* Normal successful read, and no escape
- character. Just append the data to buffer. */
+ /*
+ * Normal successful read, and no escape character.
+ * Just append the data to buffer.
+ */
buffer_append(&stdin_buffer, buf, len);
stdin_bytes += len;
} else {
- /* Normal, successful read. But we have an escape
- character and have to process the characters
- one by one. */
+ /*
+ * Normal, successful read. But we have an escape character
+ * and have to process the characters one by one.
+ */
unsigned int i;
for (i = 0; i < len; i++) {
unsigned char ch;
/* Get one character at a time. */
ch = buf[i];
- /* Check if we have a pending escape
- character. */
if (escape_pending) {
/* We have previously seen an escape character. */
/* Clear the flag now. */
continue;
case '&':
- /* Detach the program (continue to serve connections,
- but put in background and no more new connections). */
+ /*
+ * Detach the program (continue to serve connections,
+ * but put in background and no more new connections).
+ */
if (!stdin_eof) {
- /* Sending SSH_CMSG_EOF alone does not always appear
- to be enough. So we try to send an EOF character
- first. */
+ /*
+ * Sending SSH_CMSG_EOF alone does not always appear
+ * to be enough. So we try to send an EOF character
+ * first.
+ */
packet_start(SSH_CMSG_STDIN_DATA);
packet_put_string("\004", 1);
packet_send();
default:
if (ch != escape_char) {
- /* Escape character followed by non-special character.
- Append both to the input buffer. */
+ /*
+ * Escape character followed by non-special character.
+ * Append both to the input buffer.
+ */
buf[0] = escape_char;
buf[1] = ch;
buffer_append(&stdin_buffer, buf, 2);
stdin_bytes += 2;
continue;
}
- /* Note that escape character typed twice
- falls through here; the latter gets processed
- as a normal character below. */
+ /*
+ * Note that escape character typed twice
+ * falls through here; the latter gets processed
+ * as a normal character below.
+ */
break;
}
} else {
- /* The previous character was not an escape char. Check if this
- is an escape. */
+ /*
+ * The previous character was not an escape char. Check if this
+ * is an escape.
+ */
if (last_was_cr && ch == escape_char) {
/* It is. Set the flag and continue to next character. */
escape_pending = 1;
}
}
- /* Normal character. Record whether it was a newline, and append it to the
- buffer. */
+ /*
+ * Normal character. Record whether it was a newline,
+ * and append it to the buffer.
+ */
last_was_cr = (ch == '\r' || ch == '\n');
buf[0] = ch;
buffer_append(&stdin_buffer, buf, 1);
if (errno == EAGAIN)
len = 0;
else {
- /* An error or EOF was encountered. Put
- an error message to stderr buffer. */
+ /*
+ * An error or EOF was encountered. Put an
+ * error message to stderr buffer.
+ */
snprintf(buf, sizeof buf, "write stdout: %.50s\r\n", strerror(errno));
buffer_append(&stderr_buffer, buf, strlen(buf));
stderr_bytes += strlen(buf);
if (errno == EAGAIN)
len = 0;
else {
- /* EOF or error, but can't even print
- error message. */
+ /* EOF or error, but can't even print error message. */
quit_pending = 1;
return;
}
}
}
-/* Implements the interactive session with the server. This is called
- after the user has been authenticated, and a command has been
- started on the remote host. If escape_char != -1, it is the character
- used as an escape character for terminating or suspending the
- session. */
+/*
+ * Implements the interactive session with the server. This is called after
+ * the user has been authenticated, and a command has been started on the
+ * remote host. If escape_char != -1, it is the character used as an escape
+ * character for terminating or suspending the session.
+ */
int
client_loop(int have_pty, int escape_char_arg)
if (have_pty)
signal(SIGWINCH, window_change_handler);
- /* Enter raw mode if have a pseudo terminal. */
if (have_pty)
enter_raw_mode();
while (!quit_pending) {
fd_set readset, writeset;
- /* Precess buffered packets sent by the server. */
+ /* Process buffered packets sent by the server. */
client_process_buffered_input_packets();
- /* Make packets of buffered stdin data, and buffer them
- for sending to the server. */
+ /*
+ * Make packets of buffered stdin data, and buffer them for
+ * sending to the server.
+ */
client_make_packets_from_stdin_data();
- /* Make packets from buffered channel data, and buffer
- them for sending to the server. */
+ /*
+ * Make packets from buffered channel data, and buffer them
+ * for sending to the server.
+ */
if (packet_not_very_much_data_to_write())
channel_output_poll();
- /* Check if the window size has changed, and buffer a
- message about it to the server if so. */
+ /*
+ * Check if the window size has changed, and buffer a message
+ * about it to the server if so.
+ */
client_check_window_change();
if (quit_pending)
break;
- /* Wait until we have something to do (something becomes
- available on one of the descriptors). */
+ /*
+ * Wait until we have something to do (something becomes
+ * available on one of the descriptors).
+ */
client_wait_until_can_do_something(&readset, &writeset);
if (quit_pending)
/* Do channel operations. */
channel_after_select(&readset, &writeset);
- /* Process input from the connection and from stdin.
- Buffer any data that is available. */
+ /*
+ * Process input from the connection and from stdin. Buffer
+ * any data that is available.
+ */
client_process_input(&readset);
- /* Process output to stdout and stderr. Output to the
- connection is processed elsewhere (above). */
+ /*
+ * Process output to stdout and stderr. Output to the
+ * connection is processed elsewhere (above).
+ */
client_process_output(&writeset);
- /* Send as much buffered packet data as possible to the
- sender. */
+ /* Send as much buffered packet data as possible to the sender. */
if (FD_ISSET(connection_out, &writeset))
packet_write_poll();
}
/* Stop listening for connections. */
channel_stop_listening();
- /* In interactive mode (with pseudo tty) display a message
- indicating that the connection has been closed. */
+ /*
+ * In interactive mode (with pseudo tty) display a message indicating
+ * that the connection has been closed.
+ */
if (have_pty && options.log_level != SYSLOG_LEVEL_QUIET) {
snprintf(buf, sizeof buf, "Connection to %.64s closed.\r\n", host);
buffer_append(&stderr_buffer, buf, strlen(buf));
buffer_consume(&stderr_buffer, len);
}
- /* Leave raw mode. */
if (have_pty)
leave_raw_mode();
+/*
+ * Copyright (c) 1999 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Markus Friedl.
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
#include "includes.h"
RCSID("$Id$");
+/*
+ * Copyright (c) 1999 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Markus Friedl.
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
/* RCSID("$Id$"); */
#ifndef COMPAT_H
static z_stream incoming_stream;
static z_stream outgoing_stream;
-/* Initializes compression; level is compression level from 1 to 9
- (as in gzip). */
+/*
+ * Initializes compression; level is compression level from 1 to 9
+ * (as in gzip).
+ */
void
buffer_compress_init(int level)
deflateEnd(&outgoing_stream);
}
-/* Compresses the contents of input_buffer into output_buffer. All
- packets compressed using this function will form a single
- compressed data stream; however, data will be flushed at the end of
- every call so that each output_buffer can be decompressed
- independently (but in the appropriate order since they together
- form a single compression stream) by the receiver. This appends
- the compressed data to the output buffer. */
+/*
+ * Compresses the contents of input_buffer into output_buffer. All packets
+ * compressed using this function will form a single compressed data stream;
+ * however, data will be flushed at the end of every call so that each
+ * output_buffer can be decompressed independently (but in the appropriate
+ * order since they together form a single compression stream) by the
+ * receiver. This appends the compressed data to the output buffer.
+ */
void
buffer_compress(Buffer * input_buffer, Buffer * output_buffer)
while (outgoing_stream.avail_out == 0);
}
-/* Uncompresses the contents of input_buffer into output_buffer. All
- packets uncompressed using this function will form a single
- compressed data stream; however, data will be flushed at the end of
- every call so that each output_buffer. This must be called for the
- same size units that the buffer_compress was called, and in the
- same order that buffers compressed with that. This appends the
- uncompressed data to the output buffer. */
+/*
+ * Uncompresses the contents of input_buffer into output_buffer. All packets
+ * uncompressed using this function will form a single compressed data
+ * stream; however, data will be flushed at the end of every call so that
+ * each output_buffer. This must be called for the same size units that the
+ * buffer_compress was called, and in the same order that buffers compressed
+ * with that. This appends the uncompressed data to the output buffer.
+ */
void
buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer)
fatal("buffer_uncompress: inflate returned Z_STREAM_ERROR");
/* NOTREACHED */
case Z_BUF_ERROR:
- /* Comments in zlib.h say that we should keep
- calling inflate() until we get an error. This
- appears to be the error that we get. */
+ /*
+ * Comments in zlib.h say that we should keep calling
+ * inflate() until we get an error. This appears to
+ * be the error that we get.
+ */
return;
case Z_MEM_ERROR:
fatal("buffer_uncompress: inflate returned Z_MEM_ERROR");
#ifndef COMPRESS_H
#define COMPRESS_H
-/* Initializes compression; level is compression level from 1 to 9 (as in
- gzip). */
+/*
+ * Initializes compression; level is compression level from 1 to 9 (as in
+ * gzip).
+ */
void buffer_compress_init(int level);
/* Frees any data structures allocated by buffer_compress_init. */
void buffer_compress_uninit();
-/* Compresses the contents of input_buffer into output_buffer. All
- packets compressed using this function will form a single
- compressed data stream; however, data will be flushed at the end of
- every call so that each output_buffer can be decompressed
- independently (but in the appropriate order since they together
- form a single compression stream) by the receiver. This appends
- the compressed data to the output buffer. */
+/*
+ * Compresses the contents of input_buffer into output_buffer. All packets
+ * compressed using this function will form a single compressed data stream;
+ * however, data will be flushed at the end of every call so that each
+ * output_buffer can be decompressed independently (but in the appropriate
+ * order since they together form a single compression stream) by the
+ * receiver. This appends the compressed data to the output buffer.
+ */
void buffer_compress(Buffer * input_buffer, Buffer * output_buffer);
-/* Uncompresses the contents of input_buffer into output_buffer. All
- packets uncompressed using this function will form a single
- compressed data stream; however, data will be flushed at the end of
- every call so that each output_buffer. This must be called for the
- same size units that the buffer_compress was called, and in the
- same order that buffers compressed with that. This appends the
- uncompressed data to the output buffer. */
+/*
+ * Uncompresses the contents of input_buffer into output_buffer. All packets
+ * uncompressed using this function will form a single compressed data
+ * stream; however, data will be flushed at the end of every call so that
+ * each output_buffer. This must be called for the same size units that the
+ * buffer_compress was called, and in the same order that buffers compressed
+ * with that. This appends the uncompressed data to the output buffer.
+ */
void buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer);
#endif /* COMPRESS_H */
#ifndef CRC32_H
#define CRC32_H
-/* This computes a 32 bit CRC of the data in the buffer, and returns the
- CRC. The polynomial used is 0xedb88320. */
+/*
+ * This computes a 32 bit CRC of the data in the buffer, and returns the CRC.
+ * The polynomial used is 0xedb88320.
+ */
unsigned int crc32(const unsigned char *buf, unsigned int len);
#endif /* CRC32_H */
+/*
+ * Copyright (c) 1999 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Markus Friedl.
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
#include "includes.h"
RCSID("$Id$");
+/*
+ * Copyright (c) 1999 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Markus Friedl.
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
/* RCSID("$Id$"); */
#ifndef FINGERPRINT_H
#include "packet.h"
#include "ssh.h"
-/* Reads a multiple-precision integer in hex from the buffer, and advances the
- pointer. The integer must already be initialized. This function is
- permitted to modify the buffer. This leaves *cpp to point just beyond
- the last processed (and maybe modified) character. Note that this may
- modify the buffer containing the number. */
+/*
+ * Reads a multiple-precision integer in hex from the buffer, and advances
+ * the pointer. The integer must already be initialized. This function is
+ * permitted to modify the buffer. This leaves *cpp to point just beyond the
+ * last processed (and maybe modified) character. Note that this may modify
+ * the buffer containing the number.
+ */
int
auth_rsa_read_bignum(char **cpp, BIGNUM * value)
int len, old;
/* Skip any leading whitespace. */
- for (; *cp == ' ' || *cp == '\t'; cp++);
+ for (; *cp == ' ' || *cp == '\t'; cp++)
+ ;
/* Check that it begins with a hex digit. */
if (*cp < '0' || *cp > '9')
*cpp = cp;
/* Move forward until all hex digits skipped. */
- for (; *cp >= '0' && *cp <= '9'; cp++);
+ for (; *cp >= '0' && *cp <= '9'; cp++)
+ ;
/* Compute the length of the hex number. */
len = cp - *cpp;
old = *cp;
*cp = 0;
-
/* Parse the number. */
if (BN_dec2bn(&value, *cpp) == 0)
return 0;
return 1;
}
-/* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
- over the key. Skips any whitespace at the beginning and at end. */
+/*
+ * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
+ * over the key. Skips any whitespace at the beginning and at end.
+ */
int
auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n)
char *cp;
/* Skip leading whitespace. */
- for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++);
+ for (cp = *cpp; *cp == ' ' || *cp == '\t'; cp++)
+ ;
/* Get number of bits. */
if (*cp < '0' || *cp > '9')
return 0;
/* Skip trailing whitespace. */
- for (; *cp == ' ' || *cp == '\t'; cp++);
+ for (; *cp == ' ' || *cp == '\t'; cp++)
+ ;
/* Return results. */
*cpp = cp;
return 1;
}
-/* Tries to match the host name (which must be in all lowercase) against the
- comma-separated sequence of subpatterns (each possibly preceded by ! to
- indicate negation). Returns true if there is a positive match; zero
- otherwise. */
+/*
+ * Tries to match the host name (which must be in all lowercase) against the
+ * comma-separated sequence of subpatterns (each possibly preceded by ! to
+ * indicate negation). Returns true if there is a positive match; zero
+ * otherwise.
+ */
int
match_hostname(const char *host, const char *pattern, unsigned int len)
} else
negated = 0;
- /* Extract the subpattern up to a comma or end. Convert
- the subpattern to lowercase. */
+ /*
+ * Extract the subpattern up to a comma or end. Convert the
+ * subpattern to lowercase.
+ */
for (subi = 0;
- i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
+ i < len && subi < sizeof(sub) - 1 && pattern[i] != ',';
subi++, i++)
sub[subi] = isupper(pattern[i]) ? tolower(pattern[i]) : pattern[i];
/* If subpattern too long, return failure (no match). */
if (subi >= sizeof(sub) - 1)
return 0;
- /* If the subpattern was terminated by a comma, skip the
- comma. */
+ /* If the subpattern was terminated by a comma, skip the comma. */
if (i < len && pattern[i] == ',')
i++;
/* Try to match the subpattern against the host name. */
if (match_pattern(host, sub)) {
if (negated)
- return 0; /* Fail if host matches
- any negated subpattern. */
+ return 0; /* Fail */
else
got_positive = 1;
}
}
- /* Return success if got a positive match. If there was a
- negative match, we have already returned zero and never get
- here. */
+ /*
+ * Return success if got a positive match. If there was a negative
+ * match, we have already returned zero and never get here.
+ */
return got_positive;
}
-/* Checks whether the given host (which must be in all lowercase) is
- already in the list of our known hosts.
- Returns HOST_OK if the host is known and has the specified key,
- HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
- but used to have a different host key. */
+/*
+ * Checks whether the given host (which must be in all lowercase) is already
+ * in the list of our known hosts. Returns HOST_OK if the host is known and
+ * has the specified key, HOST_NEW if the host is not known, and HOST_CHANGED
+ * if the host is known but used to have a different host key.
+ */
HostStatus
check_host_in_hostfile(const char *filename, const char *host,
/* Cache the length of the host name. */
hostlen = strlen(host);
- /* Return value when the loop terminates. This is set to
- HOST_CHANGED if we have seen a different key for the host and
- have not found the proper one. */
+ /*
+ * Return value when the loop terminates. This is set to
+ * HOST_CHANGED if we have seen a different key for the host and have
+ * not found the proper one.
+ */
end_return = HOST_NEW;
/* size of modulus 'n' */
cp = line;
linenum++;
- /* Skip any leading whitespace. */
- for (; *cp == ' ' || *cp == '\t'; cp++);
-
- /* Ignore comment lines and empty lines. */
+ /* Skip any leading whitespace, comments and empty lines. */
+ for (; *cp == ' ' || *cp == '\t'; cp++)
+ ;
if (!*cp || *cp == '#' || *cp == '\n')
continue;
/* Find the end of the host name portion. */
- for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++);
+ for (cp2 = cp; *cp2 && *cp2 != ' ' && *cp2 != '\t'; cp2++)
+ ;
/* Check if the host name matches. */
if (!match_hostname(host, cp, (unsigned int) (cp2 - cp)))
/* Got a match. Skip host name. */
cp = cp2;
- /* Extract the key from the line. This will skip any
- leading whitespace. Ignore badly formatted lines. */
+ /*
+ * Extract the key from the line. This will skip any leading
+ * whitespace. Ignore badly formatted lines.
+ */
if (!auth_rsa_read_key(&cp, &kbits, ke, kn))
continue;
fclose(f);
return HOST_OK;
}
- /* They do not match. We will continue to go through the
- file; however, we note that we will not return that it
- is new. */
+ /*
+ * They do not match. We will continue to go through the
+ * file; however, we note that we will not return that it is
+ * new.
+ */
end_return = HOST_CHANGED;
}
/* Clear variables and close the file. */
fclose(f);
- /* Return either HOST_NEW or HOST_CHANGED, depending on whether we
- saw a different key for the host. */
+ /*
+ * Return either HOST_NEW or HOST_CHANGED, depending on whether we
+ * saw a different key for the host.
+ */
return end_return;
}
-/* Appends an entry to the host file. Returns false if the entry
- could not be appended. */
+/*
+ * Appends an entry to the host file. Returns false if the entry could not
+ * be appended.
+ */
int
add_host_to_hostfile(const char *filename, const char *host,
#define _PATH_RSH "/usr/bin/rsh"
#endif /* _PATH_RSH */
-/* Define this to use pipes instead of socketpairs for communicating with the
- client program. Socketpairs do not seem to work on all systems. */
+/*
+ * Define this to use pipes instead of socketpairs for communicating with the
+ * client program. Socketpairs do not seem to work on all systems.
+ */
#define USE_PIPES 1
#endif /* INCLUDES_H */
/*
- *
* Shared versions of debug(), log(), etc.
- *
-*/
+ */
#include "includes.h"
-RCSID("$OpenBSD: log.c,v 1.5 1999/11/24 00:26:02 deraadt Exp $");
+RCSID("$OpenBSD: log.c,v 1.6 1999/11/24 19:53:47 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
# include <lastlog.h>
#endif
-/* Returns the time when the user last logged in. Returns 0 if the
- information is not available. This must be called before record_login.
- The host the user logged in from will be returned in buf. */
+/*
+ * Returns the time when the user last logged in. Returns 0 if the
+ * information is not available. This must be called before record_login.
+ * The host the user logged in from will be returned in buf.
+ */
-/* Returns the time when the user last logged in (or 0 if no previous login
- is found). The name of the host used last time is returned in buf. */
+/*
+ * Returns the time when the user last logged in (or 0 if no previous login
+ * is found). The name of the host used last time is returned in buf.
+ */
unsigned long
get_last_login_time(uid_t uid, const char *logname,
return ll.ll_time;
}
-/* Records that the user has logged in. I these parts of operating systems
- were more standardized. */
+/*
+ * Records that the user has logged in. I these parts of operating systems
+ * were more standardized.
+ */
void
record_login(int pid, const char *ttyname, const char *user, uid_t uid,
/* Update lastlog unless actually recording a logout. */
if (strcmp(user, "") != 0) {
- /* It is safer to bzero the lastlog structure first
- because some systems might have some extra fields in it
- (e.g. SGI) */
+ /*
+ * It is safer to bzero the lastlog structure first because
+ * some systems might have some extra fields in it (e.g. SGI)
+ */
memset(&ll, 0, sizeof(ll));
/* Update lastlog. */
#include "ssh.h"
-/* Returns true if the given string matches the pattern (which may contain
- ? and * as wildcards), and zero if it does not match. */
+/*
+ * Returns true if the given string matches the pattern (which may contain ?
+ * and * as wildcards), and zero if it does not match.
+ */
int
match_pattern(const char *s, const char *pattern)
if (!*pattern)
return !*s;
- /* Process '*'. */
if (*pattern == '*') {
/* Skip the asterisk. */
pattern++;
/* If next character in pattern is known, optimize. */
if (*pattern != '?' && *pattern != '*') {
- /* Look instances of the next character in
- pattern, and try to match starting from
- those. */
+ /*
+ * Look instances of the next character in
+ * pattern, and try to match starting from
+ * those.
+ */
for (; *s; s++)
if (*s == *pattern &&
match_pattern(s + 1, pattern + 1))
/* Failed. */
return 0;
}
- /* Move ahead one character at a time and try to
- match at each position. */
+ /*
+ * Move ahead one character at a time and try to
+ * match at each position.
+ */
for (; *s; s++)
if (match_pattern(s, pattern))
return 1;
/* Failed. */
return 0;
}
- /* There must be at least one more character in the
- string. If we are at the end, fail. */
+ /*
+ * There must be at least one more character in the string.
+ * If we are at the end, fail.
+ */
if (!*s)
return 0;
- /* Check if the next character of the string is
- acceptable. */
+ /* Check if the next character of the string is acceptable. */
if (*pattern != '?' && *pattern != *s)
return 0;
- /* Move to the next character, both in string and in
- pattern. */
+ /* Move to the next character, both in string and in pattern. */
s++;
pattern++;
}
#ifndef MPAUX_H
#define MPAUX_H
-/* Computes a 16-byte session id in the global variable session_id.
- The session id is computed by concatenating the linearized, msb
- first representations of host_key_n, session_key_n, and the cookie. */
+/*
+ * Computes a 16-byte session id in the global variable session_id. The
+ * session id is computed by concatenating the linearized, msb first
+ * representations of host_key_n, session_key_n, and the cookie.
+ */
void
compute_session_id(unsigned char session_id[16],
unsigned char cookie[8],
+/*
+ * Copyright (c) 1999 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Markus Friedl.
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
#include "includes.h"
RCSID("$Id$");
static void
chan_shutdown_write(Channel *c)
{
+ /* shutdown failure is allowed if write failed already */
debug("channel %d: shutdown_write", c->self);
if (shutdown(c->sock, SHUT_WR) < 0)
- error("chan_shutdown_write failed for #%d/fd%d: %.100s",
+ debug("chan_shutdown_write failed for #%d/fd%d: %.100s",
c->self, c->sock, strerror(errno));
}
static void
+/*
+ * Copyright (c) 1999 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Markus Friedl.
+ * 4. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
/* RCSID("$Id$"); */
#ifndef NCHAN_H
+.\"
+.\" Copyright (c) 1999 Markus Friedl. All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\" must display the following acknowledgement:
+.\" This product includes software developed by Markus Friedl.
+.\" 4. The name of the author may not be used to endorse or promote products
+.\" derived from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
.TL
OpenSSH Channel Close Protocol 1.5 Implementation
.SH
#include "compress.h"
#include "deattack.h"
-/* This variable contains the file descriptors used for communicating with
- the other side. connection_in is used for reading; connection_out
- for writing. These can be the same descriptor, in which case it is
- assumed to be a socket. */
+/*
+ * This variable contains the file descriptors used for communicating with
+ * the other side. connection_in is used for reading; connection_out for
+ * writing. These can be the same descriptor, in which case it is assumed to
+ * be a socket.
+ */
static int connection_in = -1;
static int connection_out = -1;
-/* Cipher type. This value is only used to determine whether to pad the
- packets with zeroes or random data. */
+/*
+ * Cipher type. This value is only used to determine whether to pad the
+ * packets with zeroes or random data.
+ */
static int cipher_type = SSH_CIPHER_NONE;
/* Protocol flags for the remote side. */
/* Set to true if the connection is interactive. */
static int interactive_mode = 0;
-/* Sets the descriptors used for communication. Disables encryption until
- packet_set_encryption_key is called. */
+/*
+ * Sets the descriptors used for communication. Disables encryption until
+ * packet_set_encryption_key is called.
+ */
void
packet_set_connection(int fd_in, int fd_out)
return remote_protocol_flags;
}
-/* Starts packet compression from the next packet on in both directions.
- Level is compression level 1 (fastest) - 9 (slow, best) as in gzip. */
+/*
+ * Starts packet compression from the next packet on in both directions.
+ * Level is compression level 1 (fastest) - 9 (slow, best) as in gzip.
+ */
void
packet_start_compression(int level)
buffer_compress_init(level);
}
-/* Encrypts the given number of bytes, copying from src to dest.
- bytes is known to be a multiple of 8. */
+/*
+ * Encrypts the given number of bytes, copying from src to dest. bytes is
+ * known to be a multiple of 8.
+ */
void
packet_encrypt(CipherContext * cc, void *dest, void *src,
cipher_encrypt(cc, dest, src, bytes);
}
-/* Decrypts the given number of bytes, copying from src to dest.
- bytes is known to be a multiple of 8. */
+/*
+ * Decrypts the given number of bytes, copying from src to dest. bytes is
+ * known to be a multiple of 8.
+ */
void
packet_decrypt(CipherContext * cc, void *dest, void *src,
if ((bytes % 8) != 0)
fatal("packet_decrypt: bad ciphertext length %d", bytes);
- /* Cryptographic attack detector for ssh - Modifications for packet.c
- (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com) */
+ /*
+ * Cryptographic attack detector for ssh - Modifications for packet.c
+ * (C)1998 CORE-SDI, Buenos Aires Argentina Ariel Futoransky(futo@core-sdi.com)
+ */
switch (cc->type) {
case SSH_CIPHER_NONE:
cipher_decrypt(cc, dest, src, bytes);
}
-/* Causes any further packets to be encrypted using the given key. The same
- key is used for both sending and reception. However, both directions
- are encrypted independently of each other. */
+/*
+ * Causes any further packets to be encrypted using the given key. The same
+ * key is used for both sending and reception. However, both directions are
+ * encrypted independently of each other.
+ */
void
packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
buffer_put_bignum(&outgoing_packet, value);
}
-/* Finalizes and sends the packet. If the encryption key has been set,
- encrypts the packet before sending. */
+/*
+ * Finalizes and sends the packet. If the encryption key has been set,
+ * encrypts the packet before sending.
+ */
void
packet_send()
unsigned int checksum;
u_int32_t rand = 0;
- /* If using packet compression, compress the payload of the
- outgoing packet. */
+ /*
+ * If using packet compression, compress the payload of the outgoing
+ * packet.
+ */
if (packet_compression) {
buffer_clear(&compression_buffer);
/* Skip padding. */
buffer_clear(&outgoing_packet);
- /* Note that the packet is now only buffered in output. It won\'t
- be actually sent until packet_write_wait or packet_write_poll
- is called. */
+ /*
+ * Note that the packet is now only buffered in output. It won\'t be
+ * actually sent until packet_write_wait or packet_write_poll is
+ * called.
+ */
}
-/* Waits until a packet has been received, and returns its type. Note that
- no other data is processed until this returns, so this function should
- not be used during the interactive session. */
+/*
+ * Waits until a packet has been received, and returns its type. Note that
+ * no other data is processed until this returns, so this function should not
+ * be used during the interactive session.
+ */
int
packet_read(int *payload_len_ptr)
/* If we got a packet, return it. */
if (type != SSH_MSG_NONE)
return type;
- /* Otherwise, wait for some data to arrive, add it to the
- buffer, and try again. */
+ /*
+ * Otherwise, wait for some data to arrive, add it to the
+ * buffer, and try again.
+ */
FD_ZERO(&set);
FD_SET(connection_in, &set);
+
/* Wait for some data to arrive. */
select(connection_in + 1, &set, NULL, NULL, NULL);
+
/* Read data from the socket. */
len = read(connection_in, buf, sizeof(buf));
if (len == 0)
/* NOTREACHED */
}
-/* Waits until a packet has been received, verifies that its type matches
- that given, and gives a fatal error and exits if there is a mismatch. */
+/*
+ * Waits until a packet has been received, verifies that its type matches
+ * that given, and gives a fatal error and exits if there is a mismatch.
+ */
void
packet_read_expect(int *payload_len_ptr, int expected_type)
return (unsigned char) buf[0];
}
-/* Buffers the given amount of input characters. This is intended to be
- used together with packet_read_poll. */
+/*
+ * Buffers the given amount of input characters. This is intended to be used
+ * together with packet_read_poll.
+ */
void
packet_process_incoming(const char *buf, unsigned int len)
return buffer_get_int(&incoming_packet);
}
-/* Returns an arbitrary precision integer from the packet data. The integer
- must have been initialized before this call. */
+/*
+ * Returns an arbitrary precision integer from the packet data. The integer
+ * must have been initialized before this call.
+ */
void
packet_get_bignum(BIGNUM * value, int *length_ptr)
*length_ptr = buffer_get_bignum(&incoming_packet, value);
}
-/* Returns a string from the packet data. The string is allocated using
- xmalloc; it is the responsibility of the calling program to free it when
- no longer needed. The length_ptr argument may be NULL, or point to an
- integer into which the length of the string is stored. */
+/*
+ * Returns a string from the packet data. The string is allocated using
+ * xmalloc; it is the responsibility of the calling program to free it when
+ * no longer needed. The length_ptr argument may be NULL, or point to an
+ * integer into which the length of the string is stored.
+ */
-char
-*
+char *
packet_get_string(unsigned int *length_ptr)
{
return buffer_get_string(&incoming_packet, length_ptr);
}
-/* Sends a diagnostic message from the server to the client. This message
- can be sent at any time (but not while constructing another message).
- The message is printed immediately, but only if the client is being
- executed in verbose mode. These messages are primarily intended to
- ease debugging authentication problems. The length of the formatted
- message must not exceed 1024 bytes. This will automatically call
- packet_write_wait. */
+/*
+ * Sends a diagnostic message from the server to the client. This message
+ * can be sent at any time (but not while constructing another message). The
+ * message is printed immediately, but only if the client is being executed
+ * in verbose mode. These messages are primarily intended to ease debugging
+ * authentication problems. The length of the formatted message must not
+ * exceed 1024 bytes. This will automatically call packet_write_wait.
+ */
void
packet_send_debug(const char *fmt,...)
packet_write_wait();
}
-/* Logs the error plus constructs and sends a disconnect
- packet, closes the connection, and exits. This function never returns.
- The error message should not contain a newline. The length of the
- formatted message must not exceed 1024 bytes. */
+/*
+ * Logs the error plus constructs and sends a disconnect packet, closes the
+ * connection, and exits. This function never returns. The error message
+ * should not contain a newline. The length of the formatted message must
+ * not exceed 1024 bytes.
+ */
void
packet_disconnect(const char *fmt,...)
fatal("packet_disconnect called recursively.");
disconnecting = 1;
- /* Format the message. Note that the caller must make sure the
- message is of limited size. */
+ /*
+ * Format the message. Note that the caller must make sure the
+ * message is of limited size.
+ */
va_start(args, fmt);
vsnprintf(buf, sizeof(buf), fmt, args);
va_end(args);
fatal("Disconnecting: %.100s", buf);
}
-/* Checks if there is any buffered output, and tries to write some of the
- output. */
+/* Checks if there is any buffered output, and tries to write some of the output. */
void
packet_write_poll()
}
}
-/* Calls packet_write_poll repeatedly until all pending output data has
- been written. */
+/*
+ * Calls packet_write_poll repeatedly until all pending output data has been
+ * written.
+ */
void
packet_write_wait()
/* Record that we are in interactive mode. */
interactive_mode = interactive;
- /* Only set socket options if using a socket (as indicated by the
- descriptors being the same). */
+ /*
+ * Only set socket options if using a socket (as indicated by the
+ * descriptors being the same).
+ */
if (connection_in != connection_out)
return;
error("setsockopt SO_KEEPALIVE: %.100s", strerror(errno));
}
if (interactive) {
- /* Set IP options for an interactive connection. Use
- IPTOS_LOWDELAY and TCP_NODELAY. */
+ /*
+ * Set IP options for an interactive connection. Use
+ * IPTOS_LOWDELAY and TCP_NODELAY.
+ */
int lowdelay = IPTOS_LOWDELAY;
if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &lowdelay,
sizeof(lowdelay)) < 0)
sizeof(on)) < 0)
error("setsockopt TCP_NODELAY: %.100s", strerror(errno));
} else {
- /* Set IP options for a non-interactive connection. Use
- IPTOS_THROUGHPUT. */
+ /*
+ * Set IP options for a non-interactive connection. Use
+ * IPTOS_THROUGHPUT.
+ */
int throughput = IPTOS_THROUGHPUT;
if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, (void *) &throughput,
sizeof(throughput)) < 0)
#include <ssl/bn.h>
#endif
-/* Sets the socket used for communication. Disables encryption until
- packet_set_encryption_key is called. It is permissible that fd_in
- and fd_out are the same descriptor; in that case it is assumed to
- be a socket. */
+/*
+ * Sets the socket used for communication. Disables encryption until
+ * packet_set_encryption_key is called. It is permissible that fd_in and
+ * fd_out are the same descriptor; in that case it is assumed to be a socket.
+ */
void packet_set_connection(int fd_in, int fd_out);
/* Puts the connection file descriptors into non-blocking mode. */
/* Returns the file descriptor used for output. */
int packet_get_connection_out(void);
-/* Closes the connection (both descriptors) and clears and frees
- internal data structures. */
+/*
+ * Closes the connection (both descriptors) and clears and frees internal
+ * data structures.
+ */
void packet_close(void);
-/* Causes any further packets to be encrypted using the given key. The same
- key is used for both sending and reception. However, both directions
- are encrypted independently of each other. Cipher types are
- defined in ssh.h. */
+/*
+ * Causes any further packets to be encrypted using the given key. The same
+ * key is used for both sending and reception. However, both directions are
+ * encrypted independently of each other. Cipher types are defined in ssh.h.
+ */
void
packet_set_encryption_key(const unsigned char *key, unsigned int keylen,
int cipher_type);
-/* Sets remote side protocol flags for the current connection. This can
- be called at any time. */
+/*
+ * Sets remote side protocol flags for the current connection. This can be
+ * called at any time.
+ */
void packet_set_protocol_flags(unsigned int flags);
/* Returns the remote protocol flags set earlier by the above function. */
/* Enables compression in both directions starting from the next packet. */
void packet_start_compression(int level);
-/* Informs that the current session is interactive. Sets IP flags for optimal
- performance in interactive use. */
+/*
+ * Informs that the current session is interactive. Sets IP flags for
+ * optimal performance in interactive use.
+ */
void packet_set_interactive(int interactive, int keepalives);
/* Returns true if the current connection is interactive. */
/* Appends a string to packet data. */
void packet_put_string(const char *buf, unsigned int len);
-/* Finalizes and sends the packet. If the encryption key has been set,
- encrypts the packet before sending. */
+/*
+ * Finalizes and sends the packet. If the encryption key has been set,
+ * encrypts the packet before sending.
+ */
void packet_send(void);
/* Waits until a packet has been received, and returns its type. */
int packet_read(int *payload_len_ptr);
-/* Waits until a packet has been received, verifies that its type matches
- that given, and gives a fatal error and exits if there is a mismatch. */
+/*
+ * Waits until a packet has been received, verifies that its type matches
+ * that given, and gives a fatal error and exits if there is a mismatch.
+ */
void packet_read_expect(int *payload_len_ptr, int type);
-/* Checks if a full packet is available in the data received so far via
- packet_process_incoming. If so, reads the packet; otherwise returns
- SSH_MSG_NONE. This does not wait for data from the connection.
-
- SSH_MSG_DISCONNECT is handled specially here. Also,
- SSH_MSG_IGNORE messages are skipped by this function and are never returned
- to higher levels. */
+/*
+ * Checks if a full packet is available in the data received so far via
+ * packet_process_incoming. If so, reads the packet; otherwise returns
+ * SSH_MSG_NONE. This does not wait for data from the connection.
+ * SSH_MSG_DISCONNECT is handled specially here. Also, SSH_MSG_IGNORE
+ * messages are skipped by this function and are never returned to higher
+ * levels.
+ */
int packet_read_poll(int *packet_len_ptr);
-/* Buffers the given amount of input characters. This is intended to be
- used together with packet_read_poll. */
+/*
+ * Buffers the given amount of input characters. This is intended to be used
+ * together with packet_read_poll.
+ */
void packet_process_incoming(const char *buf, unsigned int len);
/* Returns a character (0-255) from the packet data. */
/* Returns an integer from the packet data. */
unsigned int packet_get_int(void);
-/* Returns an arbitrary precision integer from the packet data. The integer
- must have been initialized before this call. */
+/*
+ * Returns an arbitrary precision integer from the packet data. The integer
+ * must have been initialized before this call.
+ */
void packet_get_bignum(BIGNUM * value, int *length_ptr);
-/* Returns a string from the packet data. The string is allocated using
- xmalloc; it is the responsibility of the calling program to free it when
- no longer needed. The length_ptr argument may be NULL, or point to an
- integer into which the length of the string is stored. */
+/*
+ * Returns a string from the packet data. The string is allocated using
+ * xmalloc; it is the responsibility of the calling program to free it when
+ * no longer needed. The length_ptr argument may be NULL, or point to an
+ * integer into which the length of the string is stored.
+ */
char *packet_get_string(unsigned int *length_ptr);
-/* Logs the error in syslog using LOG_INFO, constructs and sends a disconnect
- packet, closes the connection, and exits. This function never returns.
- The error message should not contain a newline. The total length of the
- message must not exceed 1024 bytes. */
+/*
+ * Logs the error in syslog using LOG_INFO, constructs and sends a disconnect
+ * packet, closes the connection, and exits. This function never returns.
+ * The error message should not contain a newline. The total length of the
+ * message must not exceed 1024 bytes.
+ */
void packet_disconnect(const char *fmt,...);
-/* Sends a diagnostic message to the other side. This message
- can be sent at any time (but not while constructing another message).
- The message is printed immediately, but only if the client is being
- executed in verbose mode. These messages are primarily intended to
- ease debugging authentication problems. The total length of the message
- must not exceed 1024 bytes. This will automatically call
- packet_write_wait. If the remote side protocol flags do not indicate
- that it supports SSH_MSG_DEBUG, this will do nothing. */
+/*
+ * Sends a diagnostic message to the other side. This message can be sent at
+ * any time (but not while constructing another message). The message is
+ * printed immediately, but only if the client is being executed in verbose
+ * mode. These messages are primarily intended to ease debugging
+ * authentication problems. The total length of the message must not exceed
+ * 1024 bytes. This will automatically call packet_write_wait. If the
+ * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG,
+ * this will do nothing.
+ */
void packet_send_debug(const char *fmt,...);
-/* Checks if there is any buffered output, and tries to write some of the
- output. */
+/* Checks if there is any buffered output, and tries to write some of the output. */
void packet_write_poll(void);
/* Waits until all pending output data has been written. */
#define O_NOCTTY 0
#endif
-/* Allocates and opens a pty. Returns 0 if no pty could be allocated,
- or nonzero if a pty was successfully allocated. On success, open file
- descriptors for the pty and tty sides and the name of the tty side are
- returned (the buffer must be able to hold at least 64 characters). */
+/*
+ * Allocates and opens a pty. Returns 0 if no pty could be allocated, or
+ * nonzero if a pty was successfully allocated. On success, open file
+ * descriptors for the pty and tty sides and the name of the tty side are
+ * returned (the buffer must be able to hold at least 64 characters).
+ */
int
pty_allocate(int *ptyfd, int *ttyfd, char *namebuf)
return 1;
#else /* HAVE_OPENPTY */
#ifdef HAVE__GETPTY
- /* _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates
- more pty's automagically when needed */
+ /*
+ * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
+ * pty's automagically when needed
+ */
char *slave;
slave = _getpty(ptyfd, O_RDWR, 0622, 0);
return 1;
#else /* HAVE__GETPTY */
#ifdef HAVE_DEV_PTMX
- /* This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3
- also has bsd-style ptys, but they simply do not work.) */
+ /*
+ * This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3
+ * also has bsd-style ptys, but they simply do not work.)
+ */
int ptm;
char *pts;
close(*ptyfd);
return 0;
}
- /* Push the appropriate streams modules, as described in Solaris
- pts(7). */
+ /* Push the appropriate streams modules, as described in Solaris pts(7). */
if (ioctl(*ttyfd, I_PUSH, "ptem") < 0)
error("ioctl I_PUSH ptem: %.100s", strerror(errno));
if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0)
/* BSD-style pty code. */
char buf[64];
int i;
- const char *ptymajors =
- "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ const char *ptymajors = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
const char *ptyminors = "0123456789abcdef";
int num_minors = strlen(ptyminors);
int num_ptys = strlen(ptymajors) * num_minors;
if (setsid() < 0)
error("setsid: %.100s", strerror(errno));
- /* Verify that we are successfully disconnected from the
- controlling tty. */
+ /*
+ * Verify that we are successfully disconnected from the controlling
+ * tty.
+ */
fd = open("/dev/tty", O_RDWR | O_NOCTTY);
if (fd >= 0) {
error("Failed to disconnect from controlling tty.");
/* Make it our controlling tty. */
#ifdef TIOCSCTTY
debug("Setting controlling tty using TIOCSCTTY.");
- /* We ignore errors from this, because HPSUX defines TIOCSCTTY,
- but returns EINVAL with these arguments, and there is
- absolutely no documentation. */
+ /*
+ * We ignore errors from this, because HPSUX defines TIOCSCTTY, but
+ * returns EINVAL with these arguments, and there is absolutely no
+ * documentation.
+ */
ioctl(*ttyfd, TIOCSCTTY, NULL);
#endif /* TIOCSCTTY */
fd = open(ttyname, O_RDWR);
#ifndef PTY_H
#define PTY_H
-/* Allocates and opens a pty. Returns 0 if no pty could be allocated,
- or nonzero if a pty was successfully allocated. On success, open file
- descriptors for the pty and tty sides and the name of the tty side are
- returned (the buffer must be able to hold at least 64 characters). */
+/*
+ * Allocates and opens a pty. Returns 0 if no pty could be allocated, or
+ * nonzero if a pty was successfully allocated. On success, open file
+ * descriptors for the pty and tty sides and the name of the tty side are
+ * returned (the buffer must be able to hold at least 64 characters).
+ */
int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname);
-/* Releases the tty. Its ownership is returned to root, and permissions to
- 0666. */
+/*
+ * Releases the tty. Its ownership is returned to root, and permissions to
+ * 0666.
+ */
void pty_release(const char *ttyname);
-/* Makes the tty the processes controlling tty and sets it to sane modes.
- This may need to reopen the tty to get rid of possible eavesdroppers. */
+/*
+ * Makes the tty the processes controlling tty and sets it to sane modes.
+ * This may need to reopen the tty to get rid of possible eavesdroppers.
+ */
void pty_make_controlling_tty(int *ttyfd, const char *ttyname);
/* Changes the window size associated with the pty. */
while (*bufcoded == ' ' || *bufcoded == '\t')
bufcoded++;
- /* Figure out how many characters are in the input buffer. If this
- would decode into more bytes than would fit into the output
- buffer, adjust the number of input bytes downwards. */
+ /*
+ * Figure out how many characters are in the input buffer. If this
+ * would decode into more bytes than would fit into the output
+ * buffer, adjust the number of input bytes downwards.
+ */
bufin = bufcoded;
while (DEC(*(bufin++)) <= MAXVAL);
nprbytes = bufin - bufcoded - 1;
#define WHITESPACE " \t\r\n"
-/* Adds a local TCP/IP port forward to options. Never returns if there
- is an error. */
+/*
+ * Adds a local TCP/IP port forward to options. Never returns if there is an
+ * error.
+ */
void
add_local_forward(Options *options, int port, const char *host,
fwd->host_port = host_port;
}
-/* Adds a remote TCP/IP port forward to options. Never returns if there
- is an error. */
+/*
+ * Adds a remote TCP/IP port forward to options. Never returns if there is
+ * an error.
+ */
void
add_remote_forward(Options *options, int port, const char *host,
fwd->host_port = host_port;
}
-/* Returns the number of the token pointed to by cp of length len.
- Never returns if the token is not known. */
+/*
+ * Returns the number of the token pointed to by cp of length len. Never
+ * returns if the token is not known.
+ */
static OpCodes
parse_token(const char *cp, const char *filename, int linenum)
unsigned int i;
for (i = 0; keywords[i].name; i++)
- if (strcmp(cp, keywords[i].name) == 0)
+ if (strcasecmp(cp, keywords[i].name) == 0)
return keywords[i].opcode;
fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
return oBadOption;
}
-/* Processes a single option line as used in the configuration files.
- This only sets those values that have not already been set. */
+/*
+ * Processes a single option line as used in the configuration files. This
+ * only sets those values that have not already been set.
+ */
int
process_config_line(Options *options, const char *host,
char *line, const char *filename, int linenum,
int *activep)
{
- char buf[256], *cp, *string, **charptr;
+ char buf[256], *cp, *string, **charptr, *cp2;
int opcode, *intptr, value, fwd_port, fwd_host_port;
/* Skip leading whitespace. */
if (!*cp || *cp == '\n' || *cp == '#')
return 0;
- /* Get the keyword. (Each line is supposed to begin with a
- keyword). */
+ /* Get the keyword. (Each line is supposed to begin with a keyword). */
cp = strtok(cp, WHITESPACE);
- {
- char *t = cp;
- for (; *t != 0; t++)
- if ('A' <= *t && *t <= 'Z')
- *t = *t - 'A' + 'a'; /* tolower */
-
- }
opcode = parse_token(cp, filename, linenum);
switch (opcode) {
case oBadOption:
- return -1; /* don't panic, but count bad options */
+ /* don't panic, but count bad options */
+ return -1;
/* NOTREACHED */
case oForwardAgent:
intptr = &options->forward_agent;
fatal("%.200s line %d: Missing argument.", filename, linenum);
if (cp[0] < '0' || cp[0] > '9')
fatal("%.200s line %d: Bad number.", filename, linenum);
-#if 0
- value = atoi(cp);
-#else
- {
- char *ptr;
- value = strtol(cp, &ptr, 0); /* Octal, decimal, or
- hex format? */
- if (cp == ptr)
- fatal("%.200s line %d: Bad number.", filename, linenum);
- }
-#endif
+
+ /* Octal, decimal, or hex format? */
+ value = strtol(cp, &cp2, 0);
+ if (cp == cp2)
+ fatal("%.200s line %d: Bad number.", filename, linenum);
if (*activep && *intptr == -1)
*intptr = value;
break;
*activep = 1;
break;
}
- /* Avoid garbage check below, as strtok already returned
- NULL. */
+ /* Avoid garbage check below, as strtok already returned NULL. */
return 0;
case oEscapeChar:
}
-/* Reads the config file and modifies the options accordingly. Options should
- already be initialized before this call. This never returns if there
- is an error. If the file does not exist, this returns immediately. */
+/*
+ * Reads the config file and modifies the options accordingly. Options
+ * should already be initialized before this call. This never returns if
+ * there is an error. If the file does not exist, this returns immediately.
+ */
void
read_config_file(const char *filename, const char *host, Options *options)
debug("Reading configuration data %.200s", filename);
- /* Mark that we are now processing the options. This flag is
- turned on/off by Host specifications. */
+ /*
+ * Mark that we are now processing the options. This flag is turned
+ * on/off by Host specifications.
+ */
active = 1;
linenum = 0;
while (fgets(line, sizeof(line), f)) {
filename, bad_options);
}
-/* Initializes options to special values that indicate that they have not
- yet been set. Read_config_file will only set options with this value.
- Options are processed in the following order: command line, user config
- file, system config file. Last, fill_default_options is called. */
+/*
+ * Initializes options to special values that indicate that they have not yet
+ * been set. Read_config_file will only set options with this value. Options
+ * are processed in the following order: command line, user config file,
+ * system config file. Last, fill_default_options is called.
+ */
void
initialize_options(Options * options)
options->log_level = (LogLevel) - 1;
}
-/* Called after processing other sources of option data, this fills those
- options for which no value has been specified with their default values. */
+/*
+ * Called after processing other sources of option data, this fills those
+ * options for which no value has been specified with their default values.
+ */
void
fill_default_options(Options * options)
} Options;
-/* Initializes options to special values that indicate that they have not
- yet been set. Read_config_file will only set options with this value.
- Options are processed in the following order: command line, user config
- file, system config file. Last, fill_default_options is called. */
+/*
+ * Initializes options to special values that indicate that they have not yet
+ * been set. Read_config_file will only set options with this value. Options
+ * are processed in the following order: command line, user config file,
+ * system config file. Last, fill_default_options is called.
+ */
void initialize_options(Options * options);
-/* Called after processing other sources of option data, this fills those
- options for which no value has been specified with their default values. */
+/*
+ * Called after processing other sources of option data, this fills those
+ * options for which no value has been specified with their default values.
+ */
void fill_default_options(Options * options);
-/* Processes a single option line as used in the configuration files.
- This only sets those values that have not already been set.
- Returns 0 for legal options */
+/*
+ * Processes a single option line as used in the configuration files. This
+ * only sets those values that have not already been set. Returns 0 for legal
+ * options
+ */
int
process_config_line(Options * options, const char *host,
char *line, const char *filename, int linenum,
int *activep);
-/* Reads the config file and modifies the options accordingly. Options should
- already be initialized before this call. This never returns if there
- is an error. If the file does not exist, this returns immediately. */
+/*
+ * Reads the config file and modifies the options accordingly. Options
+ * should already be initialized before this call. This never returns if
+ * there is an error. If the file does not exist, this returns immediately.
+ */
void
read_config_file(const char *filename, const char *host,
Options * options);
-/* Adds a local TCP/IP port forward to options. Never returns if there
- is an error. */
+/*
+ * Adds a local TCP/IP port forward to options. Never returns if there is an
+ * error.
+ */
void
add_local_forward(Options * options, int port, const char *host,
int host_port);
-/* Adds a remote TCP/IP port forward to options. Never returns if there
- is an error. */
+/*
+ * Adds a remote TCP/IP port forward to options. Never returns if there is
+ * an error.
+ */
void
add_remote_forward(Options * options, int port, const char *host,
int host_port);
-
#endif /* READCONF_H */
kill(getpid(), sig);
}
-/* Reads a passphrase from /dev/tty with echo turned off. Returns the
- passphrase (allocated with xmalloc). Exits if EOF is encountered.
- The passphrase if read from stdin if from_stdin is true (as is the
- case with ssh-keygen). */
+/*
+ * Reads a passphrase from /dev/tty with echo turned off. Returns the
+ * passphrase (allocated with xmalloc). Exits if EOF is encountered. The
+ * passphrase if read from stdin if from_stdin is true (as is the case with
+ * ssh-keygen).
+ */
char *
read_passphrase(const char *prompt, int from_stdin)
if (from_stdin)
f = stdin;
else {
- /* Read the passphrase from /dev/tty to make it possible
- to ask it even when stdin has been redirected. */
+ /*
+ * Read the passphrase from /dev/tty to make it possible to
+ * ask it even when stdin has been redirected.
+ */
f = fopen("/dev/tty", "r");
if (!f) {
/* No controlling terminal and no DISPLAY. Nowhere to read. */
*strchr(buf, '\n') = 0;
/* Allocate a copy of the passphrase. */
cp = xstrdup(buf);
- /* Clear the buffer so we don\'t leave copies of the passphrase
- laying around. */
+ /*
+ * Clear the buffer so we don\'t leave copies of the passphrase
+ * laying around.
+ */
memset(buf, 0, sizeof(buf));
/* Print a newline since the prompt probably didn\'t have one. */
fprintf(stderr, "\n");
return (1);
}
-/* Generates RSA public and private keys. This initializes the data
- structures; they should be freed with rsa_clear_private_key and
- rsa_clear_public_key. */
+/*
+ * Generates RSA public and private keys. This initializes the data
+ * structures; they should be freed with rsa_clear_private_key and
+ * rsa_clear_public_key.
+ */
void
rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits)
/* Calls SSL RSA_generate_key, only copies to prv and pub */
void rsa_generate_key(RSA * prv, RSA * pub, unsigned int bits);
-/* Indicates whether the rsa module is permitted to show messages on
- the terminal. */
+/*
+ * Indicates whether the rsa module is permitted to show messages on the
+ * terminal.
+ */
void rsa_set_verbose __P((int verbose));
int rsa_alive __P((void));
/* This is the port to use in contacting the remote site (is non-NULL). */
char *port = NULL;
-/* This function executes the given command as the specified user on the given
- host. This returns < 0 if execution fails, and >= 0 otherwise.
- This assigns the input and output file descriptors on success. */
+/*
+ * This function executes the given command as the specified user on the
+ * given host. This returns < 0 if execution fails, and >= 0 otherwise. This
+ * assigns the input and output file descriptors on success.
+ */
int
do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
fprintf(stderr, "Executing: host %s, user %s, command %s\n",
host, remuser ? remuser : "(unspecified)", cmd);
- /* Reserve two descriptors so that the real pipes won't get
- descriptors 0 and 1 because that will screw up dup2 below. */
+ /*
+ * Reserve two descriptors so that the real pipes won't get
+ * descriptors 0 and 1 because that will screw up dup2 below.
+ */
pipe(reserved);
/* Create a socket pair for communicating with ssh. */
(void) gettimeofday(&now, (struct timezone *) 0);
cursize = statbytes;
if (totalbytes != 0) {
- ratio = cursize * 100.0 / totalbytes;
+ ratio = 100.0 * cursize / totalbytes;
ratio = MAX(ratio, 0);
ratio = MIN(ratio, 100);
} else
{ NULL, 0 }
};
-/* Returns the number of the token pointed to by cp of length len.
- Never returns if the token is not known. */
+/*
+ * Returns the number of the token pointed to by cp of length len. Never
+ * returns if the token is not known.
+ */
static ServerOpCodes
parse_token(const char *cp, const char *filename,
unsigned int i;
for (i = 0; keywords[i].name; i++)
- if (strcmp(cp, keywords[i].name) == 0)
+ if (strcasecmp(cp, keywords[i].name) == 0)
return keywords[i].opcode;
fprintf(stderr, "%s: line %d: Bad configuration option: %s\n",
if (!*cp || *cp == '#')
continue;
cp = strtok(cp, WHITESPACE);
- {
- char *t = cp;
- for (; *t != 0; t++)
- if ('A' <= *t && *t <= 'Z')
- *t = *t - 'A' + 'a'; /* tolower */
-
- }
opcode = parse_token(cp, filename, linenum);
switch (opcode) {
case sBadOption:
unsigned int num_deny_groups;
char *deny_groups[MAX_DENY_GROUPS];
} ServerOptions;
-/* Initializes the server options to special values that indicate that they
- have not yet been set. */
+/*
+ * Initializes the server options to special values that indicate that they
+ * have not yet been set.
+ */
void initialize_server_options(ServerOptions * options);
-/* Reads the server configuration file. This only sets the values for those
- options that have the special value indicating they have not been set. */
+/*
+ * Reads the server configuration file. This only sets the values for those
+ * options that have the special value indicating they have not been set.
+ */
void read_server_config(ServerOptions * options, const char *filename);
/* Sets values for those values that have not yet been set. */
static unsigned int buffer_high;/* "Soft" max buffer size. */
static int max_fd; /* Max file descriptor number for select(). */
-/* This SIGCHLD kludge is used to detect when the child exits. The server
- will exit after that, as soon as forwarded connections have terminated. */
+/*
+ * This SIGCHLD kludge is used to detect when the child exits. The server
+ * will exit after that, as soon as forwarded connections have terminated.
+ */
static int child_pid; /* Pid of the child. */
static volatile int child_terminated; /* The child has terminated. */
break;
case SSH_CMSG_EOF:
- /* Eof from the client. The stdin descriptor to
- the program will be closed when all buffered
- data has drained. */
+ /*
+ * Eof from the client. The stdin descriptor to the
+ * program will be closed when all buffered data has
+ * drained.
+ */
debug("EOF received for stdin.");
packet_integrity_check(payload_len, 0, type);
stdin_eof = 1;
break;
default:
- /* In this phase, any unexpected messages cause a
- protocol error. This is to ease debugging;
- also, since no confirmations are sent messages,
- unprocessed unknown messages could cause
- strange problems. Any compatible protocol
- extensions must be negotiated before entering
- the interactive session. */
+ /*
+ * In this phase, any unexpected messages cause a
+ * protocol error. This is to ease debugging; also,
+ * since no confirmations are sent messages,
+ * unprocessed unknown messages could cause strange
+ * problems. Any compatible protocol extensions must
+ * be negotiated before entering the interactive
+ * session.
+ */
packet_disconnect("Protocol error during session: type %d",
type);
}
/* Initialize select() masks. */
FD_ZERO(readset);
- /* Read packets from the client unless we have too much buffered
- stdin or channel data. */
+ /*
+ * Read packets from the client unless we have too much buffered
+ * stdin or channel data.
+ */
if (buffer_len(&stdin_buffer) < 4096 &&
channel_not_very_much_buffered_data())
FD_SET(connection_in, readset);
- /* If there is not too much data already buffered going to the
- client, try to get some more data from the program. */
+ /*
+ * If there is not too much data already buffered going to the
+ * client, try to get some more data from the program.
+ */
if (packet_not_very_much_data_to_write()) {
if (!fdout_eof)
FD_SET(fdout, readset);
/* Set masks for channel descriptors. */
channel_prepare_select(readset, writeset);
- /* If we have buffered packet data going to the client, mark that
- descriptor. */
+ /*
+ * If we have buffered packet data going to the client, mark that
+ * descriptor.
+ */
if (packet_have_data_to_write())
FD_SET(connection_out, writeset);
if (channel_max_fd() > max_fd)
max_fd = channel_max_fd();
- /* If child has terminated and there is enough buffer space to
- read from it, then read as much as is available and exit. */
+ /*
+ * If child has terminated and there is enough buffer space to read
+ * from it, then read as much as is available and exit.
+ */
if (child_terminated && packet_not_very_much_data_to_write())
if (max_time_milliseconds == 0)
max_time_milliseconds = 100;
verbose("Connection closed by remote host.");
fatal_cleanup();
}
- /* There is a kernel bug on Solaris that causes select to
- sometimes wake up even though there is no data
- available. */
+ /*
+ * There is a kernel bug on Solaris that causes select to
+ * sometimes wake up even though there is no data available.
+ */
if (len < 0 && errno == EAGAIN)
len = 0;
buffer_init(&stdout_buffer);
buffer_init(&stderr_buffer);
- /* If we have no separate fderr (which is the case when we have a
- pty - there we cannot make difference between data sent to
- stdout and stderr), indicate that we have seen an EOF from
- stderr. This way we don\'t need to check the descriptor
- everywhere. */
+ /*
+ * If we have no separate fderr (which is the case when we have a pty
+ * - there we cannot make difference between data sent to stdout and
+ * stderr), indicate that we have seen an EOF from stderr. This way
+ * we don\'t need to check the descriptor everywhere.
+ */
if (fderr == -1)
fderr_eof = 1;
/* Process buffered packets from the client. */
process_buffered_input_packets();
- /* If we have received eof, and there is no more pending
- input data, cause a real eof by closing fdin. */
+ /*
+ * If we have received eof, and there is no more pending
+ * input data, cause a real eof by closing fdin.
+ */
if (stdin_eof && fdin != -1 && buffer_len(&stdin_buffer) == 0) {
#ifdef USE_PIPES
close(fdin);
#endif
fdin = -1;
}
- /* Make packets from buffered stderr data to send to the
- client. */
+ /* Make packets from buffered stderr data to send to the client. */
make_packets_from_stderr_data();
- /* Make packets from buffered stdout data to send to the
- client. If there is very little to send, this arranges
- to not send them now, but to wait a short while to see
- if we are getting more data. This is necessary, as some
- systems wake up readers from a pty after each separate
- character. */
+ /*
+ * Make packets from buffered stdout data to send to the
+ * client. If there is very little to send, this arranges to
+ * not send them now, but to wait a short while to see if we
+ * are getting more data. This is necessary, as some systems
+ * wake up readers from a pty after each separate character.
+ */
max_time_milliseconds = 0;
stdout_buffer_bytes = buffer_len(&stdout_buffer);
if (stdout_buffer_bytes != 0 && stdout_buffer_bytes < 256 &&
if (packet_not_very_much_data_to_write())
channel_output_poll();
- /* Bail out of the loop if the program has closed its
- output descriptors, and we have no more data to send to
- the client, and there is no pending buffered data. */
+ /*
+ * Bail out of the loop if the program has closed its output
+ * descriptors, and we have no more data to send to the
+ * client, and there is no pending buffered data.
+ */
if (fdout_eof && fderr_eof && !packet_have_data_to_write() &&
buffer_len(&stdout_buffer) == 0 && buffer_len(&stderr_buffer) == 0) {
if (!channel_still_open())
packet_send();
packet_write_wait();
- /* Wait for exit confirmation. Note that there might be
- other packets coming before it; however, the program
- has already died so we just ignore them. The client is
- supposed to respond with the confirmation when it
- receives the exit status. */
+ /*
+ * Wait for exit confirmation. Note that there might be
+ * other packets coming before it; however, the program has
+ * already died so we just ignore them. The client is
+ * supposed to respond with the confirmation when it receives
+ * the exit status.
+ */
do {
int plen;
type = packet_read(&plen);
.Nm
does not have a terminal associated with it but
.Ev DISPLAY
-is set, it
-will open an X11 window to read the passphrase. This is particularly
+and
+.Ev SSH_ASKPASS
+are set, it will execute the program specified by
+.Ev SSH_ASKPASS
+and open an X11 window to read the passphrase. This is particularly
useful when calling
.Nm
from a
#include "authfd.h"
#include "fingerprint.h"
-#ifdef USE_EXTERNAL_ASKPASS
-int askpass(const char *filename, RSA *key, const char *saved_comment, char **comment);
-#endif /* USE_EXTERNAL_ASKPASS */
-
#ifdef HAVE___PROGNAME
extern char *__progname;
#else /* HAVE___PROGNAME */
fprintf(stderr, "Failed to remove all identitities.\n");
}
+char *
+ssh_askpass(char *askpass, char *msg)
+{
+ pid_t pid;
+ size_t len;
+ char *nl, *pass;
+ int p[2], status;
+ char buf[1024];
+
+ if (askpass == NULL)
+ fatal("internal error: askpass undefined");
+ if (pipe(p) < 0)
+ fatal("ssh_askpass: pipe: %s", strerror(errno));
+ if ((pid = fork()) < 0)
+ fatal("ssh_askpass: fork: %s", strerror(errno));
+ if (pid == 0) {
+ close(p[0]);
+ if (dup2(p[1], STDOUT_FILENO) < 0)
+ fatal("ssh_askpass: dup2: %s", strerror(errno));
+ execlp(askpass, askpass, msg, (char *) 0);
+ fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno));
+ }
+ close(p[1]);
+ len = read(p[0], buf, sizeof buf);
+ close(p[0]);
+ while (waitpid(pid, &status, 0) < 0)
+ if (errno != EINTR)
+ break;
+ if (len <= 1)
+ return xstrdup("");
+ nl = strchr(buf, '\n');
+ if (nl)
+ *nl = '\0';
+ pass = xstrdup(buf);
+ memset(buf, 0, sizeof(buf));
+ return pass;
+}
+
void
add_file(AuthenticationConnection *ac, const char *filename)
{
RSA *key;
RSA *public_key;
- char *saved_comment, *comment;
+ char *saved_comment, *comment, *askpass = NULL;
+ char buf[1024], msg[1024];
int success;
+ int interactive = isatty(STDIN_FILENO);
key = RSA_new();
public_key = RSA_new();
}
RSA_free(public_key);
+ if (!interactive && getenv("DISPLAY"))
+ askpass = getenv("SSH_ASKPASS");
+
/* At first, try empty passphrase */
success = load_private_key(filename, "", key, &comment);
if (!success) {
- printf("Need passphrase for %s (%s).\n", filename, saved_comment);
- if (!isatty(STDIN_FILENO)) {
-#ifdef USE_EXTERNAL_ASKPASS
- int prompts = 3;
- while (prompts && !success) {
- success = askpass(filename, key, saved_comment, &comment);
- prompts--;
- }
- if (!success) {
- xfree(saved_comment);
- return;
- }
-#else /* !USE_EXTERNAL_ASKPASS */
- xfree(saved_comment);
- return;
-#endif /* USE_EXTERNAL_ASKPASS */
+ printf("Need passphrase for %.200s\n", filename);
+ if (!interactive && askpass == NULL) {
+ xfree(saved_comment);
+ return;
}
-
- while (!success) {
- char *pass = read_passphrase("Enter passphrase: ", 1);
+ snprintf(msg, sizeof msg, "Enter passphrase for %.200s", saved_comment);
+ for (;;) {
+ char *pass;
+ if (interactive) {
+ snprintf(buf, sizeof buf, "%s: ", msg);
+ pass = read_passphrase(buf, 1);
+ } else {
+ pass = ssh_askpass(askpass, msg);
+ }
if (strcmp(pass, "") == 0) {
xfree(pass);
xfree(saved_comment);
xfree(pass);
if (success)
break;
- printf("Bad passphrase.\n");
+ strlcpy(msg, "Bad passphrase, try again", sizeof msg);
}
}
xfree(saved_comment);
ssh_close_authentication_connection(ac);
exit(0);
}
-
-#ifdef USE_EXTERNAL_ASKPASS
-int askpass(const char *filename, RSA *key, const char *saved_comment, char **comment)
-{
- int pipes[2];
- char buf[1024];
- int tmp;
- pid_t child;
- FILE *pipef;
-
- /* Check that we are X11-capable */
- if (getenv("DISPLAY") == NULL)
- exit(1);
-
- if (pipe(pipes) == -1) {
- fprintf(stderr, "Creating pipes failed: %s\n", strerror(errno));
- exit(1);
- }
-
- if (fflush(NULL) == EOF) {
- fprintf(stderr, "Cannot flush buffers: %s\n", strerror(errno));
- exit(1);
- }
-
- child = fork();
- if (child == -1) {
- fprintf(stderr, "Cannot fork: %s\n", strerror(errno));
- exit(1);
- }
-
- if (child == 0) {
- /* In child */
-
- close(pipes[0]);
- if (dup2(pipes[1], 1) ==-1) {
- fprintf(stderr, "dup2 failed: %s\n", strerror(errno));
- exit(1);
- }
-
- tmp = snprintf(buf, sizeof(buf), "Need passphrase for %s", saved_comment);
- /* skip the prompt if it won't fit */
- if ((tmp < 0) || (tmp >= sizeof(buf)))
- tmp = execlp(ASKPASS_PROGRAM, "ssh-askpass", 0);
- else
- tmp = execlp(ASKPASS_PROGRAM, "ssh-askpass", buf, 0);
-
- /* Shouldn't get this far */
- fprintf(stderr, "Executing ssh-askpass failed: %s\n", strerror(errno));
- exit(1);
- }
-
- /* In parent */
- close(pipes[1]);
-
- if ((pipef = fdopen(pipes[0], "r")) == NULL) {
- fprintf(stderr, "fdopen failed: %s\n", strerror(errno));
- exit(1);
- }
-
- /* Read passphrase back from child, abort if none presented */
- if(fgets(buf, sizeof(buf), pipef) == NULL)
- exit(1);
-
- fclose(pipef);
-
- if (strchr(buf, '\n'))
- *strchr(buf, '\n') = 0;
-
- if (waitpid(child, NULL, 0) == -1) {
- fprintf(stderr, "Waiting for child failed: %s\n",
- strerror(errno));
- exit(1);
- }
-
- /* Try password as it was presented */
- tmp = load_private_key(filename, buf, key, comment);
-
- memset(buf, 0, sizeof(buf));
-
- return(tmp);
-}
-#endif /* USE_EXTERNAL_ASKPASS */
-/* $OpenBSD: ssh-agent.c,v 1.22 1999/11/24 00:26:03 deraadt Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.23 1999/11/24 19:53:51 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.22 1999/11/24 00:26:03 deraadt Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.23 1999/11/24 19:53:51 markus Exp $");
#include "ssh.h"
#include "rsa.h"
/* Check if we have the key. */
for (i = 0; i < num_identities; i++)
if (BN_cmp(identities[i].key->n, n) == 0) {
- /* We have this key. Free the old key. Since we
- don\'t want to leave empty slots in the middle
- of the array, we actually free the key there
- and copy data from the last entry. */
+ /*
+ * We have this key. Free the old key. Since we
+ * don\'t want to leave empty slots in the middle of
+ * the array, we actually free the key there and copy
+ * data from the last entry.
+ */
RSA_free(identities[i].key);
xfree(identities[i].comment);
if (i < num_identities - 1)
/* Check if we already have the key. */
for (i = 0; i < num_identities; i++)
if (BN_cmp(identities[i].key->n, k->n) == 0) {
- /* We already have this key. Clear and free the
- new data and return success. */
+ /*
+ * We already have this key. Clear and free the new
+ * data and return success.
+ */
RSA_free(k);
xfree(identities[num_identities].comment);
__progname);
exit(1);
}
-#if defined(__GNU_LIBRARY__)
- while ((ch = getopt(ac, av, "+cks")) != -1) {
-#else
while ((ch = getopt(ac, av, "cks")) != -1) {
-#endif /* defined(__GNU_LIBRARY__) */
switch (ch) {
case 'c':
if (s_flag)
snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
parent_pid);
- /* Create socket early so it will exist before command gets run
- from the parent. */
+ /*
+ * Create socket early so it will exist before command gets run from
+ * the parent.
+ */
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0) {
perror("socket");
perror("listen");
cleanup_exit(1);
}
- /* Fork, and have the parent execute the command, if any, or
- present the socket data. The child continues as the
- authentication agent. */
+ /*
+ * Fork, and have the parent execute the command, if any, or present
+ * the socket data. The child continues as the authentication agent.
+ */
pid = fork();
if (pid == -1) {
perror("fork");
/* Generated public key. */
RSA *public_key;
-/* Number of bits in the RSA key. This value can be changed on the command
- line. */
+/* Number of bits in the RSA key. This value can be changed on the command line. */
int bits = 1024;
-/* Flag indicating that we just want to change the passphrase. This can be
- set on the command line. */
+/*
+ * Flag indicating that we just want to change the passphrase. This can be
+ * set on the command line.
+ */
int change_passphrase = 0;
-/* Flag indicating that we just want to change the comment. This can be set
- on the command line. */
+/*
+ * Flag indicating that we just want to change the comment. This can be set
+ * on the command line.
+ */
int change_comment = 0;
int quiet = 0;
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- /* Check if the file exists. */
if (stat(identity_file, &st) < 0) {
perror(identity_file);
exit(1);
}
- /* Try to load the public key from the file the verify that it is
- readable and of the proper format. */
public_key = RSA_new();
if (!load_public_key(identity_file, public_key, NULL)) {
printf("%s is not a valid key file.\n", identity_file);
/* Try to load the file with empty passphrase. */
private_key = RSA_new();
if (!load_private_key(identity_file, "", private_key, &comment)) {
- /* Read passphrase from the user. */
if (identity_passphrase)
old_passphrase = xstrdup(identity_passphrase);
else
old_passphrase = read_passphrase("Enter old passphrase: ", 1);
- /* Try to load using the passphrase. */
if (!load_private_key(identity_file, old_passphrase, private_key, &comment)) {
memset(old_passphrase, 0, strlen(old_passphrase));
xfree(old_passphrase);
printf("Bad passphrase.\n");
exit(1);
}
- /* Destroy the passphrase. */
memset(old_passphrase, 0, strlen(old_passphrase));
xfree(old_passphrase);
}
if (!have_identity)
ask_filename(pw, "Enter file in which the key is");
- /* Check if the file exists. */
if (stat(identity_file, &st) < 0) {
perror(identity_file);
exit(1);
}
- /* Try to load the public key from the file the verify that it is
- readable and of the proper format. */
+ /*
+ * Try to load the public key from the file the verify that it is
+ * readable and of the proper format.
+ */
public_key = RSA_new();
if (!load_public_key(identity_file, public_key, NULL)) {
printf("%s is not a valid key file.\n", identity_file);
exit(1);
}
private_key = RSA_new();
- /* Try to load the file with empty passphrase. */
+
if (load_private_key(identity_file, "", private_key, &comment))
passphrase = xstrdup("");
else {
- /* Read passphrase from the user. */
if (identity_passphrase)
passphrase = xstrdup(identity_passphrase);
else if (identity_new_passphrase)
RSA_free(private_key);
exit(1);
}
- /* Remove terminating newline from comment. */
if (strchr(new_comment, '\n'))
*strchr(new_comment, '\n') = 0;
}
xfree(comment);
exit(1);
}
- /* Destroy the passphrase and the private key in memory. */
memset(passphrase, 0, strlen(passphrase));
xfree(passphrase);
RSA_free(private_key);
- /* Save the public key in text format in a file with the same name
- but .pub appended. */
strlcat(identity_file, ".pub", sizeof(identity_file));
f = fopen(identity_file, "w");
if (!f) {
/* check if RSA support exists */
if (rsa_alive() == 0) {
- extern char *__progname;
-
fprintf(stderr,
"%s: no RSA support in libssl and libcrypto. See ssl(8).\n",
__progname);
exit(1);
}
- /* Get user\'s passwd structure. We need this for the home
- directory. */
+ /* we need this for the home * directory. */
pw = getpwuid(getuid());
if (!pw) {
printf("You don't exist, go away!\n");
exit(1);
}
- /* Parse command line arguments. */
+
while ((opt = getopt(ac, av, "qpclb:f:P:N:C:")) != EOF) {
switch (opt) {
case 'b':
}
if (print_fingerprint)
do_fingerprint(pw);
-
- /* If the user requested to change the passphrase, do it now.
- This function never returns. */
if (change_passphrase)
do_change_passphrase(pw);
-
- /* If the user requested to change the comment, do it now. This
- function never returns. */
if (change_comment)
do_change_comment(pw);
xfree(passphrase2);
}
- /* Create default commend field for the passphrase. The user can
- later edit this field. */
if (identity_comment) {
strlcpy(comment, identity_comment, sizeof(comment));
} else {
+ /* Create default commend field for the passphrase. */
if (gethostname(hostname, sizeof(hostname)) < 0) {
perror("gethostname");
exit(1);
if (!quiet)
printf("Your identification has been saved in %s.\n", identity_file);
- /* Save the public key in text format in a file with the same name
- but .pub appended. */
strlcat(identity_file, ".pub", sizeof(identity_file));
f = fopen(identity_file, "w");
if (!f) {
.It Fl f
Requests
.Nm
-to go to background after authentication. This is useful
+to go to background just before command execution. This is useful
if
.Nm
is going to ask for passwords or passphrases, but the user
/* Flag indicating whether debug mode is on. This can be set on the command line. */
int debug_flag = 0;
-/* Flag indicating whether to allocate a pseudo tty. This can be set on the command
- line, and is automatically set if no command is given on the command line. */
int tty_flag = 0;
-/* Flag indicating that nothing should be read from stdin. This can be set
- on the command line. */
+/*
+ * Flag indicating that nothing should be read from stdin. This can be set
+ * on the command line.
+ */
int stdin_null_flag = 0;
-/* Flag indicating that ssh should fork after authentication. This is useful
- so that the pasphrase can be entered manually, and then ssh goes to the
- background. */
+/*
+ * Flag indicating that ssh should fork after authentication. This is useful
+ * so that the pasphrase can be entered manually, and then ssh goes to the
+ * background.
+ */
int fork_after_authentication_flag = 0;
-/* General data structure for command line options and options configurable
- in configuration files. See readconf.h. */
+/*
+ * General data structure for command line options and options configurable
+ * in configuration files. See readconf.h.
+ */
Options options;
-/* Name of the host we are connecting to. This is the name given on the
- command line, or the HostName specified for the user-supplied name
- in a configuration file. */
+/*
+ * Name of the host we are connecting to. This is the name given on the
+ * command line, or the HostName specified for the user-supplied name in a
+ * configuration file.
+ */
char *host;
/* socket address the host resolves to */
struct sockaddr_in hostaddr;
-/* Flag to indicate that we have received a window change signal which has
- not yet been processed. This will cause a message indicating the new
- window size to be sent to the server a little later. This is volatile
- because this is updated in a signal handler. */
+/*
+ * Flag to indicate that we have received a window change signal which has
+ * not yet been processed. This will cause a message indicating the new
+ * window size to be sent to the server a little later. This is volatile
+ * because this is updated in a signal handler.
+ */
volatile int received_window_change_signal = 0;
/* Value of argv[0] (set in the main program). */
uid_t original_effective_uid;
int plen;
- /* Save the original real uid. It will be needed later
- (uid-swapping may clobber the real uid). */
+ /*
+ * Save the original real uid. It will be needed later (uid-swapping
+ * may clobber the real uid).
+ */
original_real_uid = getuid();
original_effective_uid = geteuid();
if (setrlimit(RLIMIT_CORE, &rlim) < 0)
fatal("setrlimit failed: %.100s", strerror(errno));
}
- /* Use uid-swapping to give up root privileges for the duration of
- option processing. We will re-instantiate the rights when we
- are ready to create the privileged port, and will permanently
- drop them when the port has been created (actually, when the
- connection has been made, as we may need to create the port
- several times). */
+ /*
+ * Use uid-swapping to give up root privileges for the duration of
+ * option processing. We will re-instantiate the rights when we are
+ * ready to create the privileged port, and will permanently drop
+ * them when the port has been created (actually, when the connection
+ * has been made, as we may need to create the port several times).
+ */
temporarily_use_uid(original_real_uid);
- /* Set our umask to something reasonable, as some files are
- created with the default umask. This will make them
- world-readable but writable only by the owner, which is ok for
- all files for which we don't set the modes explicitly. */
+ /*
+ * Set our umask to something reasonable, as some files are created
+ * with the default umask. This will make them world-readable but
+ * writable only by the owner, which is ok for all files for which we
+ * don't set the modes explicitly.
+ */
umask(022);
/* Save our own name. */
/* Initialize the command to execute on remote host. */
buffer_init(&command);
- /* Save the command to execute on the remote host in a buffer.
- There is no limit on the length of the command, except by the
- maximum packet size. Also sets the tty flag if there is no
- command. */
+ /*
+ * Save the command to execute on the remote host in a buffer. There
+ * is no limit on the length of the command, except by the maximum
+ * packet size. Also sets the tty flag if there is no command.
+ */
if (optind == ac) {
/* No command specified - execute shell on a tty. */
tty_flag = 1;
options.rhosts_authentication = 0;
options.rhosts_rsa_authentication = 0;
}
- /* If using rsh has been selected, exec it now (without trying
- anything else). Note that we must release privileges first. */
+ /*
+ * If using rsh has been selected, exec it now (without trying
+ * anything else). Note that we must release privileges first.
+ */
if (options.use_rsh) {
- /* Restore our superuser privileges. This must be done
- before permanently setting the uid. */
+ /*
+ * Restore our superuser privileges. This must be done
+ * before permanently setting the uid.
+ */
restore_uid();
/* Switch to the original uid permanently. */
/* Restore our superuser privileges. */
restore_uid();
- /* Open a connection to the remote host. This needs root
- privileges if rhosts_{rsa_}authentication is enabled. */
+ /*
+ * Open a connection to the remote host. This needs root privileges
+ * if rhosts_{rsa_}authentication is enabled.
+ */
ok = ssh_connect(host, &hostaddr, options.port,
options.connection_attempts,
original_real_uid,
options.proxy_command);
- /* If we successfully made the connection, load the host private
- key in case we will need it later for combined rsa-rhosts
- authentication. This must be done before releasing extra
- privileges, because the file is only readable by root. */
+ /*
+ * If we successfully made the connection, load the host private key
+ * in case we will need it later for combined rsa-rhosts
+ * authentication. This must be done before releasing extra
+ * privileges, because the file is only readable by root.
+ */
if (ok) {
host_private_key = RSA_new();
if (load_private_key(HOST_KEY_FILE, "", host_private_key, NULL))
host_private_key_loaded = 1;
}
- /* Get rid of any extra privileges that we may have. We will no
- longer need them. Also, extra privileges could make it very
- hard to read identity files and other non-world-readable files
- from the user's home directory if it happens to be on a NFS
- volume where root is mapped to nobody. */
-
- /* Note that some legacy systems need to postpone the following
- call to permanently_set_uid() until the private hostkey is
- destroyed with RSA_free(). Otherwise the calling user could
- ptrace() the process, read the private hostkey and impersonate
- the host. OpenBSD does not allow ptracing of setuid processes. */
-
+ /*
+ * Get rid of any extra privileges that we may have. We will no
+ * longer need them. Also, extra privileges could make it very hard
+ * to read identity files and other non-world-readable files from the
+ * user's home directory if it happens to be on a NFS volume where
+ * root is mapped to nobody.
+ */
+
+ /*
+ * Note that some legacy systems need to postpone the following call
+ * to permanently_set_uid() until the private hostkey is destroyed
+ * with RSA_free(). Otherwise the calling user could ptrace() the
+ * process, read the private hostkey and impersonate the host.
+ * OpenBSD does not allow ptracing of setuid processes.
+ */
permanently_set_uid(original_real_uid);
- /* Now that we are back to our own permissions, create ~/.ssh
- directory if it doesn\'t already exist. */
+ /*
+ * Now that we are back to our own permissions, create ~/.ssh
+ * directory if it doesn\'t already exist.
+ */
snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, SSH_USER_DIR);
if (stat(buf, &st) < 0)
if (mkdir(buf, 0755) < 0)
/* Close connection cleanly after attack. */
cipher_attack_detected = packet_disconnect;
- /* If requested, fork and let ssh continue in the background. */
- if (fork_after_authentication_flag) {
- int ret = fork();
- if (ret == -1)
- fatal("fork failed: %.100s", strerror(errno));
- if (ret != 0)
- exit(0);
- setsid();
- }
/* Enable compression if requested. */
if (options.compression) {
debug("Requesting compression at level %d.", options.compression_level);
if (f)
pclose(f);
#endif /* XAUTH_PATH */
- /* If we didn't get authentication data, just make up some
- data. The forwarding code will check the validity of
- the response anyway, and substitute this data. The X11
- server, however, will ignore this fake data and use
- whatever authentication mechanisms it was using
- otherwise for the local connection. */
+ /*
+ * If we didn't get authentication data, just make up some
+ * data. The forwarding code will check the validity of the
+ * response anyway, and substitute this data. The X11
+ * server, however, will ignore this fake data and use
+ * whatever authentication mechanisms it was using otherwise
+ * for the local connection.
+ */
if (!got_data) {
u_int32_t rand = 0;
rand >>= 8;
}
}
- /* Got local authentication reasonable information.
- Request forwarding with authentication spoofing. */
+ /*
+ * Got local authentication reasonable information. Request
+ * forwarding with authentication spoofing.
+ */
debug("Requesting X11 forwarding with authentication spoofing.");
x11_request_forwarding_with_spoofing(proto, data);
options.remote_forwards[i].host_port);
}
- /* If a command was specified on the command line, execute the
- command now. Otherwise request the server to start a shell. */
+ /* If requested, let ssh continue in the background. */
+ if (fork_after_authentication_flag)
+ if (daemon(1, 1) < 0)
+ fatal("daemon() failed: %.200s", strerror(errno));
+
+ /*
+ * If a command was specified on the command line, execute the
+ * command now. Otherwise request the server to start a shell.
+ */
if (buffer_len(&command) > 0) {
int len = buffer_len(&command);
if (len > 900)
#include "rsa.h"
#include "cipher.h"
-/* The default cipher used if IDEA is not supported by the remote host.
- It is recommended that this be one of the mandatory ciphers (DES, 3DES),
- though that is not required. */
+/*
+ * The default cipher used if IDEA is not supported by the remote host. It is
+ * recommended that this be one of the mandatory ciphers (DES, 3DES), though
+ * that is not required.
+ */
#define SSH_FALLBACK_CIPHER SSH_CIPHER_3DES
/* Cipher used for encrypting authentication files. */
/* Maximum number of TCP/IP ports forwarded per direction. */
#define SSH_MAX_FORWARDS_PER_DIRECTION 100
-/* Maximum number of RSA authentication identity files that can be specified
- in configuration files or on the command line. */
+/*
+ * Maximum number of RSA authentication identity files that can be specified
+ * in configuration files or on the command line.
+ */
#define SSH_MAX_IDENTITY_FILES 100
-/* Major protocol version. Different version indicates major incompatiblity
- that prevents communication. */
+/*
+ * Major protocol version. Different version indicates major incompatiblity
+ * that prevents communication.
+ */
#define PROTOCOL_MAJOR 1
-/* Minor protocol version. Different version indicates minor incompatibility
- that does not prevent interoperation. */
+/*
+ * Minor protocol version. Different version indicates minor incompatibility
+ * that does not prevent interoperation.
+ */
#define PROTOCOL_MINOR 5
-/* Name for the service. The port named by this service overrides the default
- port if present. */
+/*
+ * Name for the service. The port named by this service overrides the
+ * default port if present.
+ */
#define SSH_SERVICE_NAME "ssh"
#ifndef ETCDIR
#define PIDDIR "/var/run"
#endif /* PIDDIR */
-/* System-wide file containing host keys of known hosts. This file should be
- world-readable. */
+/*
+ * System-wide file containing host keys of known hosts. This file should be
+ * world-readable.
+ */
#define SSH_SYSTEM_HOSTFILE ETCDIR "/ssh_known_hosts"
-/* HOST_KEY_FILE /etc/ssh_host_key,
- SERVER_CONFIG_FILE /etc/sshd_config,
-and HOST_CONFIG_FILE /etc/ssh_config
-are all defined in Makefile.in. Of these, ssh_host_key should be readable
-only by root, whereas ssh_config should be world-readable. */
-
+/*
+ * Of these, ssh_host_key must be readable only by root, whereas ssh_config
+ * should be world-readable.
+ */
#define HOST_KEY_FILE ETCDIR "/ssh_host_key"
#define SERVER_CONFIG_FILE ETCDIR "/sshd_config"
#define HOST_CONFIG_FILE ETCDIR "/ssh_config"
#define ASKPASS_PROGRAM "/usr/lib/ssh/ssh-askpass"
#endif /* ASKPASS_PROGRAM */
-/* The process id of the daemon listening for connections is saved
- here to make it easier to kill the correct daemon when necessary. */
+/*
+ * The process id of the daemon listening for connections is saved here to
+ * make it easier to kill the correct daemon when necessary.
+ */
#define SSH_DAEMON_PID_FILE PIDDIR "/sshd.pid"
-/* The directory in user\'s home directory in which the files reside.
- The directory should be world-readable (though not all files are). */
+/*
+ * The directory in user\'s home directory in which the files reside. The
+ * directory should be world-readable (though not all files are).
+ */
#define SSH_USER_DIR ".ssh"
-/* Per-user file containing host keys of known hosts. This file need
- not be readable by anyone except the user him/herself, though this does
- not contain anything particularly secret. */
+/*
+ * Per-user file containing host keys of known hosts. This file need not be
+ * readable by anyone except the user him/herself, though this does not
+ * contain anything particularly secret.
+ */
#define SSH_USER_HOSTFILE "~/.ssh/known_hosts"
-/* Name of the default file containing client-side authentication key.
- This file should only be readable by the user him/herself. */
+/*
+ * Name of the default file containing client-side authentication key. This
+ * file should only be readable by the user him/herself.
+ */
#define SSH_CLIENT_IDENTITY ".ssh/identity"
-/* Configuration file in user\'s home directory. This file need not be
- readable by anyone but the user him/herself, but does not contain
- anything particularly secret. If the user\'s home directory resides
- on an NFS volume where root is mapped to nobody, this may need to be
- world-readable. */
+/*
+ * Configuration file in user\'s home directory. This file need not be
+ * readable by anyone but the user him/herself, but does not contain anything
+ * particularly secret. If the user\'s home directory resides on an NFS
+ * volume where root is mapped to nobody, this may need to be world-readable.
+ */
#define SSH_USER_CONFFILE ".ssh/config"
-/* File containing a list of those rsa keys that permit logging in as
- this user. This file need not be
- readable by anyone but the user him/herself, but does not contain
- anything particularly secret. If the user\'s home directory resides
- on an NFS volume where root is mapped to nobody, this may need to be
- world-readable. (This file is read by the daemon which is running as
- root.) */
+/*
+ * File containing a list of those rsa keys that permit logging in as this
+ * user. This file need not be readable by anyone but the user him/herself,
+ * but does not contain anything particularly secret. If the user\'s home
+ * directory resides on an NFS volume where root is mapped to nobody, this
+ * may need to be world-readable. (This file is read by the daemon which is
+ * running as root.)
+ */
#define SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys"
-/* Per-user and system-wide ssh "rc" files. These files are executed with
- /bin/sh before starting the shell or command if they exist. They
- will be passed "proto cookie" as arguments if X11 forwarding with
- spoofing is in use. xauth will be run if neither of these exists. */
+/*
+ * Per-user and system-wide ssh "rc" files. These files are executed with
+ * /bin/sh before starting the shell or command if they exist. They will be
+ * passed "proto cookie" as arguments if X11 forwarding with spoofing is in
+ * use. xauth will be run if neither of these exists.
+ */
#define SSH_USER_RC ".ssh/rc"
#define SSH_SYSTEM_RC ETCDIR "/sshrc"
-/* Ssh-only version of /etc/hosts.equiv. */
+/*
+ * Ssh-only version of /etc/hosts.equiv. Additionally, the daemon may use
+ * ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled.
+ */
#define SSH_HOSTS_EQUIV ETCDIR "/shosts.equiv"
-/* Additionally, the daemon may use ~/.rhosts and /etc/hosts.equiv if
- rhosts authentication is enabled. */
-
-/* Name of the environment variable containing the pathname of the
- authentication socket. */
+/*
+ * Name of the environment variable containing the pathname of the
+ * authentication socket.
+ */
#define SSH_AUTHSOCKET_ENV_NAME "SSH_AUTH_SOCK"
-/* Name of the environment variable containing the pathname of the
- authentication socket. */
+/*
+ * Name of the environment variable containing the pathname of the
+ * authentication socket.
+ */
#define SSH_AGENTPID_ENV_NAME "SSH_AGENT_PID"
-/* Force host key length and server key length to differ by at least this
- many bits. This is to make double encryption with rsaref work. */
+/*
+ * Force host key length and server key length to differ by at least this
+ * many bits. This is to make double encryption with rsaref work.
+ */
#define SSH_KEY_BITS_RESERVED 128
-/* Length of the session key in bytes. (Specified as 256 bits in the
- protocol.) */
+/*
+ * Length of the session key in bytes. (Specified as 256 bits in the
+ * protocol.)
+ */
#define SSH_SESSION_KEY_LENGTH 32
/* Name of Kerberos service for SSH to use. */
#define KRB4_SERVICE_NAME "rcmd"
-/* Authentication methods. New types can be added, but old types should not
- be removed for compatibility. The maximum allowed value is 31. */
+/*
+ * Authentication methods. New types can be added, but old types should not
+ * be removed for compatibility. The maximum allowed value is 31.
+ */
#define SSH_AUTH_RHOSTS 1
#define SSH_AUTH_RSA 2
#define SSH_AUTH_PASSWORD 3
#define SSH_AUTH_TIS 5
#define SSH_AUTH_KERBEROS 6
#define SSH_PASS_KERBEROS_TGT 7
- /* 8 to 15 are reserved */
+ /* 8 to 15 are reserved */
#define SSH_PASS_AFS_TOKEN 21
/* Protocol flags. These are bit masks. */
-#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes
- * screen */
-#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain
- * host */
-
-/* Definition of message types. New values can be added, but old values
- should not be removed or without careful consideration of the consequences
- for compatibility. The maximum value is 254; value 255 is reserved
- for future extension. */
- /* Message name *//* msg code *//* arguments */
+#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */
+#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */
+
+/*
+ * Definition of message types. New values can be added, but old values
+ * should not be removed or without careful consideration of the consequences
+ * for compatibility. The maximum value is 254; value 255 is reserved for
+ * future extension.
+ */
+/* Message name */ /* msg code */ /* arguments */
#define SSH_MSG_NONE 0 /* no message */
#define SSH_MSG_DISCONNECT 1 /* cause (string) */
#define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */
/*------------ definitions for login.c -------------*/
-/* Returns the time when the user last logged in. Returns 0 if the
- information is not available. This must be called before record_login.
- The host from which the user logged in is stored in buf. */
+/*
+ * Returns the time when the user last logged in. Returns 0 if the
+ * information is not available. This must be called before record_login.
+ * The host from which the user logged in is stored in buf.
+ */
unsigned long
get_last_login_time(uid_t uid, const char *logname,
char *buf, unsigned int bufsize);
-/* Records that the user has logged in. This does many things normally
- done by login(1). */
+/*
+ * Records that the user has logged in. This does many things normally done
+ * by login(1).
+ */
void
record_login(int pid, const char *ttyname, const char *user, uid_t uid,
const char *host, struct sockaddr_in * addr);
-/* Records that the user has logged out. This does many thigs normally
- done by login(1) or init. */
+/*
+ * Records that the user has logged out. This does many thigs normally done
+ * by login(1) or init.
+ */
void record_logout(int pid, const char *ttyname);
/*------------ definitions for sshconnect.c ----------*/
-/* Opens a TCP/IP connection to the remote server on the given host. If
- port is 0, the default port will be used. If anonymous is zero,
- a privileged port will be allocated to make the connection.
- This requires super-user privileges if anonymous is false.
- Connection_attempts specifies the maximum number of tries, one per
- second. This returns true on success, and zero on failure. If the
- connection is successful, this calls packet_set_connection for the
- connection. */
+/*
+ * Opens a TCP/IP connection to the remote server on the given host. If port
+ * is 0, the default port will be used. If anonymous is zero, a privileged
+ * port will be allocated to make the connection. This requires super-user
+ * privileges if anonymous is false. Connection_attempts specifies the
+ * maximum number of tries, one per second. This returns true on success,
+ * and zero on failure. If the connection is successful, this calls
+ * packet_set_connection for the connection.
+ */
int
ssh_connect(const char *host, struct sockaddr_in * hostaddr,
int port, int connection_attempts,
int anonymous, uid_t original_real_uid,
const char *proxy_command);
-/* Starts a dialog with the server, and authenticates the current user on the
- server. This does not need any extra privileges. The basic connection
- to the server must already have been established before this is called.
- If login fails, this function prints an error and never returns.
- This initializes the random state, and leaves it initialized (it will also
- have references from the packet module). */
+/*
+ * Starts a dialog with the server, and authenticates the current user on the
+ * server. This does not need any extra privileges. The basic connection to
+ * the server must already have been established before this is called. If
+ * login fails, this function prints an error and never returns. This
+ * initializes the random state, and leaves it initialized (it will also have
+ * references from the packet module).
+ */
void
ssh_login(int host_key_valid, RSA * host_key, const char *host,
/*------------ Definitions for various authentication methods. -------*/
-/* Tries to authenticate the user using the .rhosts file. Returns true if
- authentication succeeds. If ignore_rhosts is non-zero, this will not
- consider .rhosts and .shosts (/etc/hosts.equiv will still be used). */
+/*
+ * Tries to authenticate the user using the .rhosts file. Returns true if
+ * authentication succeeds. If ignore_rhosts is non-zero, this will not
+ * consider .rhosts and .shosts (/etc/hosts.equiv will still be used).
+ */
int auth_rhosts(struct passwd * pw, const char *client_user);
-/* Tries to authenticate the user using the .rhosts file and the host using
- its host key. Returns true if authentication succeeds. */
+/*
+ * Tries to authenticate the user using the .rhosts file and the host using
+ * its host key. Returns true if authentication succeeds.
+ */
int
auth_rhosts_rsa(struct passwd * pw, const char *client_user,
BIGNUM * client_host_key_e, BIGNUM * client_host_key_n);
-/* Tries to authenticate the user using password. Returns true if
- authentication succeeds. */
+/*
+ * Tries to authenticate the user using password. Returns true if
+ * authentication succeeds.
+ */
int auth_password(struct passwd * pw, const char *password);
-/* Performs the RSA authentication dialog with the client. This returns
- 0 if the client could not be authenticated, and 1 if authentication was
- successful. This may exit if there is a serious protocol violation. */
+/*
+ * Performs the RSA authentication dialog with the client. This returns 0 if
+ * the client could not be authenticated, and 1 if authentication was
+ * successful. This may exit if there is a serious protocol violation.
+ */
int auth_rsa(struct passwd * pw, BIGNUM * client_n);
-/* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
- over the key. Skips any whitespace at the beginning and at end. */
+/*
+ * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
+ * over the key. Skips any whitespace at the beginning and at end.
+ */
int auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n);
-/* Returns the name of the machine at the other end of the socket. The
- returned string should be freed by the caller. */
+/*
+ * Returns the name of the machine at the other end of the socket. The
+ * returned string should be freed by the caller.
+ */
char *get_remote_hostname(int socket);
-/* Return the canonical name of the host in the other side of the current
- connection (as returned by packet_get_connection). The host name is
- cached, so it is efficient to call this several times. */
+/*
+ * Return the canonical name of the host in the other side of the current
+ * connection (as returned by packet_get_connection). The host name is
+ * cached, so it is efficient to call this several times.
+ */
const char *get_canonical_hostname(void);
-/* Returns the remote IP address as an ascii string. The value need not be
- freed by the caller. */
+/*
+ * Returns the remote IP address as an ascii string. The value need not be
+ * freed by the caller.
+ */
const char *get_remote_ipaddr(void);
/* Returns the port number of the peer of the socket. */
/* Returns the port number of the remote host. */
int get_remote_port(void);
-/* Tries to match the host name (which must be in all lowercase) against the
- comma-separated sequence of subpatterns (each possibly preceded by ! to
- indicate negation). Returns true if there is a positive match; zero
- otherwise. */
+/*
+ * Tries to match the host name (which must be in all lowercase) against the
+ * comma-separated sequence of subpatterns (each possibly preceded by ! to
+ * indicate negation). Returns true if there is a positive match; zero
+ * otherwise.
+ */
int match_hostname(const char *host, const char *pattern, unsigned int len);
-/* Checks whether the given host is already in the list of our known hosts.
- Returns HOST_OK if the host is known and has the specified key,
- HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
- but used to have a different host key. The host must be in all lowercase. */
+/*
+ * Checks whether the given host is already in the list of our known hosts.
+ * Returns HOST_OK if the host is known and has the specified key, HOST_NEW
+ * if the host is not known, and HOST_CHANGED if the host is known but used
+ * to have a different host key. The host must be in all lowercase.
+ */
typedef enum {
HOST_OK, HOST_NEW, HOST_CHANGED
} HostStatus;
check_host_in_hostfile(const char *filename, const char *host,
BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn);
-/* Appends an entry to the host file. Returns false if the entry
- could not be appended. */
+/*
+ * Appends an entry to the host file. Returns false if the entry could not
+ * be appended.
+ */
int
add_host_to_hostfile(const char *filename, const char *host,
BIGNUM * e, BIGNUM * n);
-/* Performs the RSA authentication challenge-response dialog with the client,
- and returns true (non-zero) if the client gave the correct answer to
- our challenge; returns zero if the client gives a wrong answer. */
+/*
+ * Performs the RSA authentication challenge-response dialog with the client,
+ * and returns true (non-zero) if the client gave the correct answer to our
+ * challenge; returns zero if the client gives a wrong answer.
+ */
int auth_rsa_challenge_dialog(BIGNUM * e, BIGNUM * n);
-/* Reads a passphrase from /dev/tty with echo turned off. Returns the
- passphrase (allocated with xmalloc). Exits if EOF is encountered.
- If from_stdin is true, the passphrase will be read from stdin instead. */
+/*
+ * Reads a passphrase from /dev/tty with echo turned off. Returns the
+ * passphrase (allocated with xmalloc). Exits if EOF is encountered. If
+ * from_stdin is true, the passphrase will be read from stdin instead.
+ */
char *read_passphrase(const char *prompt, int from_stdin);
-/* Saves the authentication (private) key in a file, encrypting it with
- passphrase. The identification of the file (lowest 64 bits of n)
- will precede the key to provide identification of the key without
- needing a passphrase. */
+/*
+ * Saves the authentication (private) key in a file, encrypting it with
+ * passphrase. The identification of the file (lowest 64 bits of n) will
+ * precede the key to provide identification of the key without needing a
+ * passphrase.
+ */
int
save_private_key(const char *filename, const char *passphrase,
RSA * private_key, const char *comment);
-/* Loads the public part of the key file (public key and comment).
- Returns 0 if an error occurred; zero if the public key was successfully
- read. The comment of the key is returned in comment_return if it is
- non-NULL; the caller must free the value with xfree. */
+/*
+ * Loads the public part of the key file (public key and comment). Returns 0
+ * if an error occurred; zero if the public key was successfully read. The
+ * comment of the key is returned in comment_return if it is non-NULL; the
+ * caller must free the value with xfree.
+ */
int
load_public_key(const char *filename, RSA * pub,
char **comment_return);
-/* Loads the private key from the file. Returns 0 if an error is encountered
- (file does not exist or is not readable, or passphrase is bad).
- This initializes the private key. The comment of the key is returned
- in comment_return if it is non-NULL; the caller must free the value
- with xfree. */
+/*
+ * Loads the private key from the file. Returns 0 if an error is encountered
+ * (file does not exist or is not readable, or passphrase is bad). This
+ * initializes the private key. The comment of the key is returned in
+ * comment_return if it is non-NULL; the caller must free the value with
+ * xfree.
+ */
int
load_private_key(const char *filename, const char *passphrase,
RSA * private_key, char **comment_return);
/* same as fatal() but w/o logging */
void fatal_cleanup(void);
-/* Registers a cleanup function to be called by fatal()/fatal_cleanup() before exiting.
- It is permissible to call fatal_remove_cleanup for the function itself
- from the function. */
+/*
+ * Registers a cleanup function to be called by fatal()/fatal_cleanup()
+ * before exiting. It is permissible to call fatal_remove_cleanup for the
+ * function itself from the function.
+ */
void fatal_add_cleanup(void (*proc) (void *context), void *context);
/* Removes a cleanup function to be called at fatal(). */
/* Sets specific protocol options. */
void channel_set_options(int hostname_in_open);
-/* Allocate a new channel object and set its type and socket. Remote_name
- must have been allocated with xmalloc; this will free it when the channel
- is freed. */
+/*
+ * Allocate a new channel object and set its type and socket. Remote_name
+ * must have been allocated with xmalloc; this will free it when the channel
+ * is freed.
+ */
int channel_allocate(int type, int sock, char *remote_name);
/* Free the channel and close its socket. */
/* Add any bits relevant to channels in select bitmasks. */
void channel_prepare_select(fd_set * readset, fd_set * writeset);
-/* After select, perform any appropriate operations for channels which
- have events pending. */
+/*
+ * After select, perform any appropriate operations for channels which have
+ * events pending.
+ */
void channel_after_select(fd_set * readset, fd_set * writeset);
/* If there is data to send to the connection, send some of it now. */
void channel_output_poll(void);
-/* This is called when a packet of type CHANNEL_DATA has just been received.
- The message type has already been consumed, but channel number and data
- is still there. */
+/*
+ * This is called when a packet of type CHANNEL_DATA has just been received.
+ * The message type has already been consumed, but channel number and data is
+ * still there.
+ */
void channel_input_data(int payload_len);
/* Returns true if no channel has too much buffered data. */
any unix domain sockets. */
void channel_stop_listening(void);
-/* Closes the sockets of all channels. This is used to close extra file
- descriptors after a fork. */
+/*
+ * Closes the sockets of all channels. This is used to close extra file
+ * descriptors after a fork.
+ */
void channel_close_all(void);
/* Returns the maximum file descriptor number used by the channels. */
/* Returns true if there is still an open channel over the connection. */
int channel_still_open(void);
-/* Returns a string containing a list of all open channels. The list is
- suitable for displaying to the user. It uses crlf instead of newlines.
- The caller should free the string with xfree. */
+/*
+ * Returns a string containing a list of all open channels. The list is
+ * suitable for displaying to the user. It uses crlf instead of newlines.
+ * The caller should free the string with xfree.
+ */
char *channel_open_message(void);
-/* Initiate forwarding of connections to local port "port" through the secure
- channel to host:port from remote side. This never returns if there
- was an error. */
+/*
+ * Initiate forwarding of connections to local port "port" through the secure
+ * channel to host:port from remote side. This never returns if there was an
+ * error.
+ */
void
channel_request_local_forwarding(int port, const char *host,
int remote_port);
-/* Initiate forwarding of connections to port "port" on remote host through
- the secure channel to host:port from local side. This never returns
- if there was an error. This registers that open requests for that
- port are permitted. */
+/*
+ * Initiate forwarding of connections to port "port" on remote host through
+ * the secure channel to host:port from local side. This never returns if
+ * there was an error. This registers that open requests for that port are
+ * permitted.
+ */
void
channel_request_remote_forwarding(int port, const char *host,
int remote_port);
-/* Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually
- called by the server, because the user could connect to any port anyway,
- and the server has no way to know but to trust the client anyway. */
+/*
+ * Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually
+ * called by the server, because the user could connect to any port anyway,
+ * and the server has no way to know but to trust the client anyway.
+ */
void channel_permit_all_opens(void);
-/* This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
- listening for the port, and sends back a success reply (or disconnect
- message if there was an error). This never returns if there was an
- error. */
+/*
+ * This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates
+ * listening for the port, and sends back a success reply (or disconnect
+ * message if there was an error). This never returns if there was an error.
+ */
void channel_input_port_forward_request(int is_root);
-/* This is called after receiving PORT_OPEN message. This attempts to connect
- to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION or
- CHANNEL_OPEN_FAILURE. */
+/*
+ * This is called after receiving PORT_OPEN message. This attempts to
+ * connect to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION
+ * or CHANNEL_OPEN_FAILURE.
+ */
void channel_input_port_open(int payload_len);
-/* Creates a port for X11 connections, and starts listening for it.
- Returns the display name, or NULL if an error was encountered. */
+/*
+ * Creates a port for X11 connections, and starts listening for it. Returns
+ * the display name, or NULL if an error was encountered.
+ */
char *x11_create_display(int screen);
-/* Creates an internet domain socket for listening for X11 connections.
- Returns a suitable value for the DISPLAY variable, or NULL if an error
- occurs. */
+/*
+ * Creates an internet domain socket for listening for X11 connections.
+ * Returns a suitable value for the DISPLAY variable, or NULL if an error
+ * occurs.
+ */
char *x11_create_display_inet(int screen);
-/* This is called when SSH_SMSG_X11_OPEN is received. The packet contains
- the remote channel number. We should do whatever we want, and respond
- with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */
+/*
+ * This is called when SSH_SMSG_X11_OPEN is received. The packet contains
+ * the remote channel number. We should do whatever we want, and respond
+ * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE.
+ */
void x11_input_open(int payload_len);
-/* Requests forwarding of X11 connections. This should be called on the
- client only. */
+/*
+ * Requests forwarding of X11 connections. This should be called on the
+ * client only.
+ */
void x11_request_forwarding(void);
-/* Requests forwarding for X11 connections, with authentication spoofing.
- This should be called in the client only. */
+/*
+ * Requests forwarding for X11 connections, with authentication spoofing.
+ * This should be called in the client only.
+ */
void x11_request_forwarding_with_spoofing(const char *proto, const char *data);
/* Sends a message to the server to request authentication fd forwarding. */
void auth_request_forwarding(void);
-/* Returns the name of the forwarded authentication socket. Returns NULL
- if there is no forwarded authentication socket. The returned value points
- to a static buffer. */
+/*
+ * Returns the name of the forwarded authentication socket. Returns NULL if
+ * there is no forwarded authentication socket. The returned value points to
+ * a static buffer.
+ */
char *auth_get_socket_name(void);
-/* This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
- This starts forwarding authentication requests. */
+/*
+ * This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
+ * This starts forwarding authentication requests.
+ */
void auth_input_request_forwarding(struct passwd * pw);
/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
void auth_input_open_request(void);
-/* Returns true if the given string matches the pattern (which may contain
- ? and * as wildcards), and zero if it does not match. */
+/*
+ * Returns true if the given string matches the pattern (which may contain ?
+ * and * as wildcards), and zero if it does not match.
+ */
int match_pattern(const char *s, const char *pattern);
-/* Expands tildes in the file name. Returns data allocated by xmalloc.
- Warning: this calls getpw*. */
+/*
+ * Expands tildes in the file name. Returns data allocated by xmalloc.
+ * Warning: this calls getpw*.
+ */
char *tilde_expand_filename(const char *filename, uid_t my_uid);
-/* Performs the interactive session. This handles data transmission between
- the client and the program. Note that the notion of stdin, stdout, and
- stderr in this function is sort of reversed: this function writes to
- stdin (of the child program), and reads from stdout and stderr (of the
- child program). */
+/*
+ * Performs the interactive session. This handles data transmission between
+ * the client and the program. Note that the notion of stdin, stdout, and
+ * stderr in this function is sort of reversed: this function writes to stdin
+ * (of the child program), and reads from stdout and stderr (of the child
+ * program).
+ */
void server_loop(int pid, int fdin, int fdout, int fderr);
/* Client side main loop for the interactive session. */
#ifdef KRB4
#include <krb.h>
-/* Performs Kerberos v4 mutual authentication with the client. This returns
- 0 if the client could not be authenticated, and 1 if authentication was
- successful. This may exit if there is a serious protocol violation. */
+/*
+ * Performs Kerberos v4 mutual authentication with the client. This returns 0
+ * if the client could not be authenticated, and 1 if authentication was
+ * successful. This may exit if there is a serious protocol violation.
+ */
int auth_krb4(const char *server_user, KTEXT auth, char **client);
int krb4_init(uid_t uid);
void krb4_cleanup_proc(void *ignore);
{
int sock;
- /* If we are running as root and want to connect to a privileged
- port, bind our own socket to a privileged port. */
+ /*
+ * If we are running as root and want to connect to a privileged
+ * port, bind our own socket to a privileged port.
+ */
if (privileged) {
int p = IPPORT_RESERVED - 1;
!anonymous && geteuid() == 0 &&
port < IPPORT_RESERVED);
- /* Connect to the host. We use the user's uid in
- the hope that it will help with the problems of
- tcp_wrappers showing the remote uid as root. */
+ /*
+ * Connect to the host. We use the user's uid in the
+ * hope that it will help with the problems of
+ * tcp_wrappers showing the remote uid as root.
+ */
temporarily_use_uid(original_real_uid);
if (connect(sock, (struct sockaddr *) hostaddr, sizeof(*hostaddr))
>= 0) {
!anonymous && geteuid() == 0 &&
port < IPPORT_RESERVED);
- /* Connect to the host. We use the user's uid in the hope that
- it will help with tcp_wrappers showing the remote uid as root. */
+ /*
+ * Connect to the host. We use the user's
+ * uid in the hope that it will help with
+ * tcp_wrappers showing the remote uid as
+ * root.
+ */
temporarily_use_uid(original_real_uid);
if (connect(sock, (struct sockaddr *) hostaddr,
sizeof(*hostaddr)) >= 0) {
debug("connect: %.100s", strerror(errno));
restore_uid();
- /* Close the failed socket; there appear to be some problems when
- reusing a socket for which connect() has already returned an error. */
+ /*
+ * Close the failed socket; there appear to
+ * be some problems when reusing a socket for
+ * which connect() has already returned an
+ * error.
+ */
shutdown(sock, SHUT_RDWR);
close(sock);
}
debug("Connection established.");
- /* Set socket options. We would like the socket to disappear as
- soon as it has been closed for whatever reason. */
- /* setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
- sizeof(on)); */
+ /*
+ * Set socket options. We would like the socket to disappear as soon
+ * as it has been closed for whatever reason.
+ */
+ /* setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */
setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, (void *) &on, sizeof(on));
linger.l_onoff = 1;
linger.l_linger = 5;
/* Wait for server's response. */
type = packet_read(&plen);
- /* The server responds with failure if it doesn\'t like our key or
- doesn\'t support RSA authentication. */
+ /*
+ * The server responds with failure if it doesn\'t like our key or
+ * doesn\'t support RSA authentication.
+ */
if (type == SSH_SMSG_FAILURE) {
debug("Server refused our key.");
xfree(comment);
debug("Received RSA challenge from server.");
private_key = RSA_new();
- /* Load the private key. Try first with empty passphrase; if it
- fails, ask for a passphrase. */
+ /*
+ * Load the private key. Try first with empty passphrase; if it
+ * fails, ask for a passphrase.
+ */
if (!load_private_key(authfile, "", private_key, NULL)) {
char buf[300];
snprintf(buf, sizeof buf, "Enter passphrase for RSA key '%.100s': ",
packet_integrity_check(plen, 4 + auth.length, type);
- /* If his response isn't properly encrypted with the
- session key, and the decrypted checksum fails to match,
- he's bogus. Bail out. */
+ /*
+ * If his response isn't properly encrypted with the session
+ * key, and the decrypted checksum fails to match, he's
+ * bogus. Bail out.
+ */
r = krb_rd_priv(auth.dat, auth.length, schedule, &cred.session,
&foreign, &local, &msg_data);
if (r != KSUCCESS) {
}
buf[sizeof(buf) - 1] = 0;
- /* Check that the versions match. In future this might accept
- several versions and set appropriate flags to handle them. */
+ /*
+ * Check that the versions match. In future this might accept
+ * several versions and set appropriate flags to handle them.
+ */
if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor,
remote_version) != 3)
fatal("Bad remote protocol version identification: '%.100s'", buf);
}
}
#if 0
- /* Removed for now, to permit compatibility with latter versions.
- The server will reject our version and disconnect if it doesn't
- support it. */
+ /*
+ * Removed for now, to permit compatibility with latter versions. The
+ * server will reject our version and disconnect if it doesn't
+ * support it.
+ */
if (remote_major != PROTOCOL_MAJOR)
fatal("Protocol major versions differ: %d vs. %d",
PROTOCOL_MAJOR, remote_major);
protocol_flags = packet_get_int();
packet_set_protocol_flags(protocol_flags);
- /* Get supported cipher types. */
supported_ciphers = packet_get_int();
-
- /* Get supported authentication types. */
supported_authentications = packet_get_int();
debug("Received server public key (%d bits) and host key (%d bits).",
8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
SSH_SMSG_PUBLIC_KEY);
- /* Compute the session id. */
compute_session_id(session_id, check_bytes, host_key->n, public_key->n);
- /* Check if the host key is present in the user\'s list of known
- hosts or in the systemwide list. */
+ /*
+ * Check if the host key is present in the user\'s list of known
+ * hosts or in the systemwide list.
+ */
host_status = check_host_in_hostfile(options.user_hostfile, host,
host_key->e, host_key->n,
file_key->e, file_key->n);
host_status = check_host_in_hostfile(options.system_hostfile, host,
host_key->e, host_key->n,
file_key->e, file_key->n);
- /* Force accepting of the host key for localhost and 127.0.0.1.
- The problem is that if the home directory is NFS-mounted to
- multiple machines, localhost will refer to a different machine
- in each of them, and the user will get bogus HOST_CHANGED
- warnings. This essentially disables host authentication for
- localhost; however, this is probably not a real problem. */
+ /*
+ * Force accepting of the host key for localhost and 127.0.0.1. The
+ * problem is that if the home directory is NFS-mounted to multiple
+ * machines, localhost will refer to a different machine in each of
+ * them, and the user will get bogus HOST_CHANGED warnings. This
+ * essentially disables host authentication for localhost; however,
+ * this is probably not a real problem.
+ */
if (local) {
debug("Forcing accepting of host key for localhost.");
host_status = HOST_OK;
}
- /* Also perform check for the ip address, skip the check if we are
- localhost or the hostname was an ip address to begin with */
+ /*
+ * Also perform check for the ip address, skip the check if we are
+ * localhost or the hostname was an ip address to begin with
+ */
if (options.check_host_ip && !local && strcmp(host, ip)) {
RSA *ip_key = RSA_new();
ip_key->n = BN_new();
error("Add correct host key in %.100s to get rid of this message.",
options.user_hostfile);
- /* If strict host key checking is in use, the user will
- have to edit the key manually and we can only abort. */
+ /*
+ * If strict host key checking is in use, the user will have
+ * to edit the key manually and we can only abort.
+ */
if (options.strict_host_key_checking)
fatal("Host key for %.200s has changed and you have requested strict checking.", host);
- /* If strict host key checking has not been requested, allow the connection
- but without password authentication or agent forwarding. */
+ /*
+ * If strict host key checking has not been requested, allow
+ * the connection but without password authentication or
+ * agent forwarding.
+ */
if (options.password_authentication) {
error("Password authentication is disabled to avoid trojan horses.");
options.password_authentication = 0;
error("Agent forwarding is disabled to avoid trojan horses.");
options.forward_agent = 0;
}
- /* XXX Should permit the user to change to use the new id.
- This could be done by converting the host key to an
- identifying sentence, tell that the host identifies
- itself by that sentence, and ask the user if he/she
- whishes to accept the authentication. */
+ /*
+ * XXX Should permit the user to change to use the new id.
+ * This could be done by converting the host key to an
+ * identifying sentence, tell that the host identifies itself
+ * by that sentence, and ask the user if he/she whishes to
+ * accept the authentication.
+ */
break;
}
/* Generate a session key. */
arc4random_stir();
- /* Generate an encryption key for the session. The key is a 256
- bit random number, interpreted as a 32-byte key, with the least
- significant 8 bits being the first byte of the key. */
+ /*
+ * Generate an encryption key for the session. The key is a 256 bit
+ * random number, interpreted as a 32-byte key, with the least
+ * significant 8 bits being the first byte of the key.
+ */
for (i = 0; i < 32; i++) {
if (i % 4 == 0)
rand = arc4random();
rand >>= 8;
}
- /* According to the protocol spec, the first byte of the session
- key is the highest byte of the integer. The session key is
- xored with the first 16 bytes of the session id. */
+ /*
+ * According to the protocol spec, the first byte of the session key
+ * is the highest byte of the integer. The session key is xored with
+ * the first 16 bytes of the session id.
+ */
key = BN_new();
BN_set_word(key, 0);
for (i = 0; i < SSH_SESSION_KEY_LENGTH; i++) {
BN_add_word(key, session_key[i]);
}
- /* Encrypt the integer using the public key and host key of the
- server (key with smaller modulus first). */
+ /*
+ * Encrypt the integer using the public key and host key of the
+ * server (key with smaller modulus first).
+ */
if (BN_cmp(public_key->n, host_key->n) < 0) {
/* Public key has smaller modulus. */
if (BN_num_bits(host_key->n) <
/* We will no longer need the session key here. Destroy any extra copies. */
memset(session_key, 0, sizeof(session_key));
- /* Expect a success message from the server. Note that this
- message will be received in encrypted form. */
+ /*
+ * Expect a success message from the server. Note that this message
+ * will be received in encrypted form.
+ */
packet_read_expect(&payload_len, SSH_SMSG_SUCCESS);
debug("Received encrypted confirmation.");
packet_send();
packet_write_wait();
- /* The server should respond with success if no authentication is
- needed (the user has no password). Otherwise the server
- responds with failure. */
+ /*
+ * The server should respond with success if no authentication is
+ * needed (the user has no password). Otherwise the server responds
+ * with failure.
+ */
type = packet_read(&payload_len);
/* check whether the connection was accepted without authentication. */
}
#endif /* KRB4 */
- /* Use rhosts authentication if running in privileged socket and
- we do not wish to remain anonymous. */
+ /*
+ * Use rhosts authentication if running in privileged socket and we
+ * do not wish to remain anonymous.
+ */
if ((supported_authentications & (1 << SSH_AUTH_RHOSTS)) &&
options.rhosts_authentication) {
debug("Trying rhosts authentication.");
packet_disconnect("Protocol error: got %d in response to rhosts auth",
type);
}
- /* Try .rhosts or /etc/hosts.equiv authentication with RSA host
- authentication. */
+ /*
+ * Try .rhosts or /etc/hosts.equiv authentication with RSA host
+ * authentication.
+ */
if ((supported_authentications & (1 << SSH_AUTH_RHOSTS_RSA)) &&
options.rhosts_rsa_authentication && host_key_valid) {
if (try_rhosts_rsa_authentication(local_user, own_host_key))
/* Try RSA authentication if the server supports it. */
if ((supported_authentications & (1 << SSH_AUTH_RSA)) &&
options.rsa_authentication) {
- /* Try RSA authentication using the authentication agent.
- The agent is tried first because no passphrase is
- needed for it, whereas identity files may require
- passphrases. */
+ /*
+ * Try RSA authentication using the authentication agent. The
+ * agent is tried first because no passphrase is needed for
+ * it, whereas identity files may require passphrases.
+ */
if (try_agent_authentication())
return;
/* Saved arguments to main(). */
char **saved_argv;
-/* This is set to the socket that the server is listening; this is used in
- the SIGHUP signal handler. */
+/*
+ * This is set to the socket that the server is listening; this is used in
+ * the SIGHUP signal handler.
+ */
int listen_sock;
-/* the client's version string, passed by sshd2 in compat mode.
- if != NULL, sshd will skip the version-number exchange */
+/*
+ * the client's version string, passed by sshd2 in compat mode. if != NULL,
+ * sshd will skip the version-number exchange
+ */
char *client_version_string = NULL;
/* Flags set in auth-rsa from authorized_keys flags. These are set in auth-rsa.c. */
/* Session id for the current session. */
unsigned char session_id[16];
-/* Any really sensitive data in the application is contained in this structure.
- The idea is that this structure could be locked into memory so that the
- pages do not get written into swap. However, there are some problems.
- The private key contains BIGNUMs, and we do not (in principle) have
- access to the internals of them, and locking just the structure is not
- very useful. Currently, memory locking is not implemented. */
+/*
+ * Any really sensitive data in the application is contained in this
+ * structure. The idea is that this structure could be locked into memory so
+ * that the pages do not get written into swap. However, there are some
+ * problems. The private key contains BIGNUMs, and we do not (in principle)
+ * have access to the internals of them, and locking just the structure is
+ * not very useful. Currently, memory locking is not implemented.
+ */
struct {
RSA *private_key; /* Private part of server key. */
RSA *host_key; /* Private part of host key. */
} sensitive_data;
-/* Flag indicating whether the current session key has been used. This flag
- is set whenever the key is used, and cleared when the key is regenerated. */
+/*
+ * Flag indicating whether the current session key has been used. This flag
+ * is set whenever the key is used, and cleared when the key is regenerated.
+ */
int key_used = 0;
/* This is set to true when SIGHUP is received. */
fprintf(stderr, "sshd version %s\n", SSH_VERSION);
fprintf(stderr, "Usage: %s [options]\n", av0);
fprintf(stderr, "Options:\n");
- fprintf(stderr, " -f file Configuration file (default %s/sshd_config)\n", ETCDIR);
+ fprintf(stderr, " -f file Configuration file (default %s)\n", SERVER_CONFIG_FILE);
fprintf(stderr, " -d Debugging mode\n");
fprintf(stderr, " -i Started from inetd\n");
fprintf(stderr, " -q Quiet (no logging)\n");
setsockopt(listen_sock, SOL_SOCKET, SO_LINGER, (void *) &linger,
sizeof(linger));
- /* Initialize the socket address. */
memset(&sin, 0, sizeof(sin));
sin.sin_family = AF_INET;
sin.sin_addr = options.listen_addr;
sin.sin_port = htons(options.port);
- /* Bind the socket to the desired port. */
if (bind(listen_sock, (struct sockaddr *) & sin, sizeof(sin)) < 0) {
error("bind: %.100s", strerror(errno));
shutdown(listen_sock, SHUT_RDWR);
fatal("Bind to port %d failed.", options.port);
}
if (!debug_flag) {
- /* Record our pid in /etc/sshd_pid to make it
- easier to kill the correct sshd. We don\'t
- want to do this before the bind above because
- the bind will fail if there already is a
- daemon, and this will overwrite any old pid in
- the file. */
+ /*
+ * Record our pid in /etc/sshd_pid to make it easier
+ * to kill the correct sshd. We don\'t want to do
+ * this before the bind above because the bind will
+ * fail if there already is a daemon, and this will
+ * overwrite any old pid in the file.
+ */
f = fopen(SSH_DAEMON_PID_FILE, "w");
if (f) {
fprintf(f, "%u\n", (unsigned int) getpid());
/* Arrange SIGCHLD to be caught. */
signal(SIGCHLD, main_sigchld_handler);
- /* Stay listening for connections until the system crashes
- or the daemon is killed with a signal. */
+ /*
+ * Stay listening for connections until the system crashes or
+ * the daemon is killed with a signal.
+ */
for (;;) {
if (received_sighup)
sighup_restart();
error("accept: %.100s", strerror(errno));
continue;
}
- /* Got connection. Fork a child to handle it,
- unless we are in debugging mode. */
+ /*
+ * Got connection. Fork a child to handle it, unless
+ * we are in debugging mode.
+ */
if (debug_flag) {
- /* In debugging mode. Close the listening
- socket, and start processing the
- connection without forking. */
+ /*
+ * In debugging mode. Close the listening
+ * socket, and start processing the
+ * connection without forking.
+ */
debug("Server will not fork when running in debugging mode.");
close(listen_sock);
sock_in = newsock;
pid = getpid();
break;
} else {
- /* Normal production daemon. Fork, and
- have the child process the connection.
- The parent continues listening. */
+ /*
+ * Normal production daemon. Fork, and have
+ * the child process the connection. The
+ * parent continues listening.
+ */
if ((pid = fork()) == 0) {
- /* Child. Close the listening
- socket, and start using the
- accepted socket. Reinitialize
- logging (since our pid has
- changed). We break out of the
- loop to handle the connection. */
+ /*
+ * Child. Close the listening socket, and start using the
+ * accepted socket. Reinitialize logging (since our pid has
+ * changed). We break out of the loop to handle the connection.
+ */
close(listen_sock);
sock_in = newsock;
sock_out = newsock;
/* This is the child processing a new connection. */
- /* Disable the key regeneration alarm. We will not regenerate the
- key since we are no longer in a position to give it to anyone.
- We will not restart on SIGHUP since it no longer makes sense. */
+ /*
+ * Disable the key regeneration alarm. We will not regenerate the
+ * key since we are no longer in a position to give it to anyone. We
+ * will not restart on SIGHUP since it no longer makes sense.
+ */
alarm(0);
signal(SIGALRM, SIG_DFL);
signal(SIGHUP, SIG_DFL);
signal(SIGQUIT, SIG_DFL);
signal(SIGCHLD, SIG_DFL);
- /* Set socket options for the connection. We want the socket to
- close as fast as possible without waiting for anything. If the
- connection is not a socket, these will do nothing. */
- /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on,
- sizeof(on)); */
+ /*
+ * Set socket options for the connection. We want the socket to
+ * close as fast as possible without waiting for anything. If the
+ * connection is not a socket, these will do nothing.
+ */
+ /* setsockopt(sock_in, SOL_SOCKET, SO_REUSEADDR, (void *)&on, sizeof(on)); */
linger.l_onoff = 1;
linger.l_linger = 5;
setsockopt(sock_in, SOL_SOCKET, SO_LINGER, (void *) &linger, sizeof(linger));
- /* Register our connection. This turns encryption off because we
- do not have a key. */
+ /*
+ * Register our connection. This turns encryption off because we do
+ * not have a key.
+ */
packet_set_connection(sock_in, sock_out);
remote_port = get_remote_port();
verbose("Connection from %.500s port %d", remote_ip, remote_port);
#endif /* LIBWRAP */
- /* We don\'t want to listen forever unless the other side
- successfully authenticates itself. So we set up an alarm which
- is cleared after successful authentication. A limit of zero
- indicates no limit. Note that we don\'t set the alarm in
- debugging mode; it is just annoying to have the server exit
- just when you are about to discover the bug. */
+ /*
+ * We don\'t want to listen forever unless the other side
+ * successfully authenticates itself. So we set up an alarm which is
+ * cleared after successful authentication. A limit of zero
+ * indicates no limit. Note that we don\'t set the alarm in debugging
+ * mode; it is just annoying to have the server exit just when you
+ * are about to discover the bug.
+ */
signal(SIGALRM, grace_alarm_handler);
if (!debug_flag)
alarm(options.login_grace_time);
buf[sizeof(buf) - 1] = 0;
}
- /* Check that the versions match. In future this might accept
- several versions and set appropriate flags to handle them. */
+ /*
+ * Check that the versions match. In future this might accept
+ * several versions and set appropriate flags to handle them.
+ */
if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major, &remote_minor,
remote_version) != 3) {
const char *s = "Protocol mismatch.\n";
no_agent_forwarding_flag = 1;
}
}
- /* Check that the connection comes from a privileged port. Rhosts-
- and Rhosts-RSA-Authentication only make sense from priviledged
- programs. Of course, if the intruder has root access on his
- local machine, he can connect from any port. So do not use
- these authentication methods from machines that you do not trust. */
+ /*
+ * Check that the connection comes from a privileged port. Rhosts-
+ * and Rhosts-RSA-Authentication only make sense from priviledged
+ * programs. Of course, if the intruder has root access on his local
+ * machine, he can connect from any port. So do not use these
+ * authentication methods from machines that you do not trust.
+ */
if (remote_port >= IPPORT_RESERVED ||
remote_port < IPPORT_RESERVED / 2) {
options.rhosts_authentication = 0;
int plen, slen;
u_int32_t rand = 0;
- /* Generate check bytes that the client must send back in the user
- packet in order for it to be accepted; this is used to defy ip
- spoofing attacks. Note that this only works against somebody
- doing IP spoofing from a remote machine; any machine on the
- local network can still see outgoing packets and catch the
- random cookie. This only affects rhosts authentication, and
- this is one of the reasons why it is inherently insecure. */
+ /*
+ * Generate check bytes that the client must send back in the user
+ * packet in order for it to be accepted; this is used to defy ip
+ * spoofing attacks. Note that this only works against somebody
+ * doing IP spoofing from a remote machine; any machine on the local
+ * network can still see outgoing packets and catch the random
+ * cookie. This only affects rhosts authentication, and this is one
+ * of the reasons why it is inherently insecure.
+ */
for (i = 0; i < 8; i++) {
if (i % 4 == 0)
rand = arc4random();
rand >>= 8;
}
- /* Send our public key. We include in the packet 64 bits of
- random data that must be matched in the reply in order to
- prevent IP spoofing. */
+ /*
+ * Send our public key. We include in the packet 64 bits of random
+ * data that must be matched in the reply in order to prevent IP
+ * spoofing.
+ */
packet_start(SSH_SMSG_PUBLIC_KEY);
for (i = 0; i < 8; i++)
packet_put_char(check_bytes[i]);
session_key_int = BN_new();
packet_get_bignum(session_key_int, &slen);
- /* Get protocol flags. */
protocol_flags = packet_get_int();
packet_set_protocol_flags(protocol_flags);
packet_integrity_check(plen, 1 + 8 + slen + 4, SSH_CMSG_SESSION_KEY);
- /* Decrypt it using our private server key and private host key
- (key with larger modulus first). */
+ /*
+ * Decrypt it using our private server key and private host key (key
+ * with larger modulus first).
+ */
if (BN_cmp(sensitive_data.private_key->n, sensitive_data.host_key->n) > 0) {
/* Private key has bigger modulus. */
if (BN_num_bits(sensitive_data.private_key->n) <
sensitive_data.private_key);
}
- /* Compute session id for this session. */
compute_session_id(session_id, check_bytes,
sensitive_data.host_key->n,
sensitive_data.private_key->n);
- /* Extract session key from the decrypted integer. The key is in
- the least significant 256 bits of the integer; the first byte
- of the key is in the highest bits. */
+ /*
+ * Extract session key from the decrypted integer. The key is in the
+ * least significant 256 bits of the integer; the first byte of the
+ * key is in the highest bits.
+ */
BN_mask_bits(session_key_int, sizeof(session_key) * 8);
len = BN_num_bytes(session_key_int);
if (len < 0 || len > sizeof(session_key))
if (match_pattern(pw->pw_name, options.deny_users[i]))
return 0;
}
- /* Return false if AllowUsers isn't empty and user isn't listed
- there */
+ /* Return false if AllowUsers isn't empty and user isn't listed there */
if (options.num_allow_users > 0) {
if (!pw->pw_name)
return 0;
if (match_pattern(grp->gr_name, options.deny_groups[i]))
return 0;
}
- /* Return false if AllowGroups isn't empty and user's
- group isn't listed there */
+ /*
+ * Return false if AllowGroups isn't empty and user's group
+ * isn't listed there
+ */
if (options.num_allow_groups > 0) {
if (!grp->gr_name)
return 0;
}
#endif
- /* If we are not running as root, the user must have the same uid
- as the server. */
+ /*
+ * If we are not running as root, the user must have the same uid as
+ * the server.
+ */
if (getuid() != 0 && pw->pw_uid != getuid())
packet_disconnect("Cannot change user when server not running as root.");
verbose("Rhosts authentication disabled.");
break;
}
- /* Get client user name. Note that we just have
- to trust the client; this is one reason why
- rhosts authentication is insecure. (Another is
- IP-spoofing on a local network.) */
+ /*
+ * Get client user name. Note that we just have to
+ * trust the client; this is one reason why rhosts
+ * authentication is insecure. (Another is
+ * IP-spoofing on a local network.)
+ */
client_user = packet_get_string(&ulen);
packet_integrity_check(plen, 4 + ulen, type);
verbose("Rhosts with RSA authentication disabled.");
break;
}
- /* Get client user name. Note that we just have
- to trust the client; root on the client machine
- can claim to be any user. */
+ /*
+ * Get client user name. Note that we just have to
+ * trust the client; root on the client machine can
+ * claim to be any user.
+ */
client_user = packet_get_string(&ulen);
/* Get the client host key. */
verbose("Password authentication disabled.");
break;
}
- /* Read user password. It is in plain text, but
- was transmitted over the encrypted channel so
- it is not visible to an outside observer. */
+ /*
+ * Read user password. It is in plain text, but was
+ * transmitted over the encrypted channel so it is
+ * not visible to an outside observer.
+ */
password = packet_get_string(&dlen);
packet_integrity_check(plen, 4 + dlen, type);
skeyinfo = skey_fake_keyinfo(pw->pw_name);
}
if (skeyinfo != NULL) {
- /* we send our s/key- in
- tis-challenge messages */
+ /* we send our s/key- in tis-challenge messages */
debug("sending challenge '%s'", skeyinfo);
packet_start(SSH_SMSG_AUTH_TIS_CHALLENGE);
packet_put_string(skeyinfo, strlen(skeyinfo));
#endif
default:
- /* Any unknown messages will be ignored (and
- failure returned) during authentication. */
+ /*
+ * Any unknown messages will be ignored (and failure
+ * returned) during authentication.
+ */
log("Unknown message during authentication: type %d", type);
break;
}
packet_send();
packet_write_wait();
- /* Keep reading packets, and always respond with a failure. This
- is to avoid disclosing whether such a user really exists. */
+ /*
+ * Keep reading packets, and always respond with a failure. This is
+ * to avoid disclosing whether such a user really exists.
+ */
for (attempt = 1;; attempt++) {
- /* Read a packet. This will not return if the client
- disconnects. */
+ /* Read a packet. This will not return if the client disconnects. */
int plen;
int type = packet_read(&plen);
#ifdef SKEY
if (attempt > AUTH_FAIL_MAX)
packet_disconnect(AUTH_FAIL_MSG, user);
- /* Send failure. This should be indistinguishable from a
- failed authentication. */
+ /*
+ * Send failure. This should be indistinguishable from a
+ * failed authentication.
+ */
packet_start(SSH_SMSG_FAILURE);
packet_send();
packet_write_wait();
mode_t tty_mode;
int n_bytes;
- /* Cancel the alarm we set to limit the time taken for
- authentication. */
+ /*
+ * Cancel the alarm we set to limit the time taken for
+ * authentication.
+ */
alarm(0);
- /* Inform the channel mechanism that we are the server side and
- that the client may request to connect to any port at all.
- (The user could do it anyway, and we wouldn\'t know what is
- permitted except by the client telling us, so we can equally
- well trust the client not to request anything bogus.) */
+ /*
+ * Inform the channel mechanism that we are the server side and that
+ * the client may request to connect to any port at all. (The user
+ * could do it anyway, and we wouldn\'t know what is permitted except
+ * by the client telling us, so we can equally well trust the client
+ * not to request anything bogus.)
+ */
channel_permit_all_opens();
- /* We stay in this loop until the client requests to execute a
- shell or a command. */
+ /*
+ * We stay in this loop until the client requests to execute a shell
+ * or a command.
+ */
while (1) {
int plen, dlen;
return;
default:
- /* Any unknown messages in this phase are ignored,
- and a failure message is returned. */
+ /*
+ * Any unknown messages in this phase are ignored,
+ * and a failure message is returned.
+ */
log("Unknown packet type received after authentication: %d", type);
goto fail;
}
continue;
do_forced_command:
- /* There is a forced command specified for this login.
- Execute it. */
+ /*
+ * There is a forced command specified for this login.
+ * Execute it.
+ */
debug("Executing forced command: %.900s", forced_command);
if (have_pty)
do_exec_pty(forced_command, ptyfd, ttyfd, ttyname, pw, term, display, proto, data);
/* Child. Reinitialize the log since the pid has changed. */
log_init(av0, options.log_level, options.log_facility, log_stderr);
- /* Create a new session and process group since the 4.4BSD
- setlogin() affects the entire process group. */
+ /*
+ * Create a new session and process group since the 4.4BSD
+ * setlogin() affects the entire process group.
+ */
if (setsid() < 0)
error("setsid failed: %.100s", strerror(errno));
#ifdef USE_PIPES
- /* Redirect stdin. We close the parent side of the socket
- pair, and make the child side the standard input. */
+ /*
+ * Redirect stdin. We close the parent side of the socket
+ * pair, and make the child side the standard input.
+ */
close(pin[1]);
if (dup2(pin[0], 0) < 0)
perror("dup2 stdin");
perror("dup2 stderr");
close(perr[1]);
#else /* USE_PIPES */
- /* Redirect stdin, stdout, and stderr. Stdin and stdout
- will use the same socket, as some programs
- (particularly rdist) seem to depend on it. */
+ /*
+ * Redirect stdin, stdout, and stderr. Stdin and stdout will
+ * use the same socket, as some programs (particularly rdist)
+ * seem to depend on it.
+ */
close(inout[1]);
close(err[1]);
if (dup2(inout[0], 0) < 0) /* stdin */
close(inout[0]);
close(err[0]);
- /* Enter the interactive session. Note: server_loop must be able
- to handle the case that fdin and fdout are the same. */
+ /*
+ * Enter the interactive session. Note: server_loop must be able to
+ * handle the case that fdin and fdout are the same.
+ */
server_loop(pid, inout[1], inout[1], err[1]);
/* server_loop has closed inout[1] and err[1]. */
#endif /* USE_PIPES */
/* Get remote host name. */
hostname = get_canonical_hostname();
- /* Get the time when the user last logged in. Buf will be set to
- contain the hostname the last login was from. */
+ /*
+ * Get the time when the user last logged in. Buf will be set to
+ * contain the hostname the last login was from.
+ */
if (!options.use_login) {
last_login_time = get_last_login_time(pw->pw_uid, pw->pw_name,
buf, sizeof(buf));
/* Close the extra descriptor for the pseudo tty. */
close(ttyfd);
- /* Get IP address of client. This is needed because we
- want to record where the user logged in from. If the
- connection is not a socket, let the ip address be 0.0.0.0. */
+ /*
+ * Get IP address of client. This is needed because we want
+ * to record where the user logged in from. If the
+ * connection is not a socket, let the ip address be 0.0.0.0.
+ */
memset(&from, 0, sizeof(from));
if (packet_get_connection_in() == packet_get_connection_out()) {
fromlen = sizeof(from);
fprintf(stderr, pamconv_msg);
#endif
- /* If the user has logged in before, display the time of
- last login. However, don't display anything extra if a
- command has been specified (so that ssh can be used to
- execute commands on a remote machine without users
- knowing they are going to another machine). Login(1)
- will do this for us as well, so check if login(1) is used */
+ /*
+ * If the user has logged in before, display the time of last
+ * login. However, don't display anything extra if a command
+ * has been specified (so that ssh can be used to execute
+ * commands on a remote machine without users knowing they
+ * are going to another machine). Login(1) will do this for
+ * us as well, so check if login(1) is used
+ */
if (command == NULL && last_login_time != 0 && !quiet_login &&
!options.use_login) {
/* Convert the date to a string. */
else
printf("Last login: %s from %s\r\n", time_string, buf);
}
- /* Print /etc/motd unless a command was specified or
- printing it was disabled in server options or login(1)
- will be used. Note that some machines appear to print
- it in /etc/profile or similar. */
+ /*
+ * Print /etc/motd unless a command was specified or printing
+ * it was disabled in server options or login(1) will be
+ * used. Note that some machines appear to print it in
+ * /etc/profile or similar.
+ */
if (command == NULL && options.print_motd && !quiet_login &&
!options.use_login) {
/* Print /etc/motd if it exists. */
/* Parent. Close the slave side of the pseudo tty. */
close(ttyfd);
- /* Create another descriptor of the pty master side for use as the
- standard input. We could use the original descriptor, but this
- simplifies code in server_loop. The descriptor is bidirectional. */
+ /*
+ * Create another descriptor of the pty master side for use as the
+ * standard input. We could use the original descriptor, but this
+ * simplifies code in server_loop. The descriptor is bidirectional.
+ */
fdout = dup(ptyfd);
if (fdout < 0)
packet_disconnect("dup failed: %.100s", strerror(errno));
- /* Add a cleanup function to clear the utmp entry and record logout
- time in case we call fatal() (e.g., the connection gets closed). */
+ /*
+ * Add a cleanup function to clear the utmp entry and record logout
+ * time in case we call fatal() (e.g., the connection gets closed).
+ */
cleanup_context.pid = pid;
cleanup_context.ttyname = ttyname;
fatal_add_cleanup(pty_cleanup_proc, (void *) &cleanup_context);
/* Release the pseudo-tty. */
pty_release(ttyname);
- /* Close the server side of the socket pairs. We must do this
- after the pty cleanup, so that another process doesn't get this
- pty while we're still cleaning up. */
+ /*
+ * Close the server side of the socket pairs. We must do this after
+ * the pty cleanup, so that another process doesn't get this pty
+ * while we're still cleaning up.
+ */
close(ptyfd);
close(fdout);
}
unsigned int i, namelen;
char **env;
- /* Find the slot where the value should be stored. If the
- variable already exists, we reuse the slot; otherwise we append
- a new slot at the end of the array, expanding if necessary. */
+ /*
+ * Find the slot where the value should be stored. If the variable
+ * already exists, we reuse the slot; otherwise we append a new slot
+ * at the end of the array, expanding if necessary.
+ */
env = *envp;
namelen = strlen(name);
for (i = 0; env[i]; i++)
if (strncmp(env[i], name, namelen) == 0 && env[i][namelen] == '=')
break;
if (env[i]) {
- /* Name already exists. Reuse the slot. */
+ /* Reuse the slot. */
xfree(env[i]);
} else {
- /* New variable. Expand the array if necessary. */
+ /* New variable. Expand if necessary. */
if (i >= (*envsizep) - 1) {
(*envsizep) += 50;
env = (*envp) = xrealloc(env, (*envsizep) * sizeof(char *));
char buf[4096];
char *cp, *value;
- /* Open the environment file. */
f = fopen(filename, "r");
if (!f)
return;
- /* Process each line. */
while (fgets(buf, sizeof(buf), f)) {
- /* Skip leading whitespace. */
- for (cp = buf; *cp == ' ' || *cp == '\t'; cp++);
-
- /* Ignore empty and comment lines. */
+ for (cp = buf; *cp == ' ' || *cp == '\t'; cp++)
+ ;
if (!*cp || *cp == '#' || *cp == '\n')
continue;
-
- /* Remove newline. */
if (strchr(cp, '\n'))
*strchr(cp, '\n') = '\0';
-
- /* Find the equals sign. Its lack indicates badly
- formatted line. */
value = strchr(cp, '=');
if (value == NULL) {
fprintf(stderr, "Bad line in %.100s: %.200s\n", filename, buf);
continue;
}
- /* Replace the equals sign by nul, and advance value to
- the value string. */
+ /* Replace the equals sign by nul, and advance value to the value string. */
*value = '\0';
value++;
-
- /* Set the value in environment. */
child_set_env(env, envsize, cp, value);
}
-
fclose(f);
}
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid)
fatal("Failed to set uids to %d.", (int) pw->pw_uid);
}
- /* Get the shell from the password data. An empty shell field is
- legal, and means /bin/sh. */
+ /*
+ * Get the shell from the password data. An empty shell field is
+ * legal, and means /bin/sh.
+ */
shell = (pw->pw_shell[0] == '\0') ? _PATH_BSHELL : pw->pw_shell;
#ifdef AFS
}
#endif /* AFS */
- /* Initialize the environment. In the first part we allocate
- space for all environment variables. */
+ /* Initialize the environment. */
envsize = 100;
env = xmalloc(envsize * sizeof(char *));
env[0] = NULL;
/* Normal systems set SHELL by default. */
child_set_env(&env, &envsize, "SHELL", shell);
}
- /* Let it inherit timezone if we have one. */
if (getenv("TZ"))
child_set_env(&env, &envsize, "TZ", getenv("TZ"));
xfree(ce);
}
- /* Set SSH_CLIENT. */
snprintf(buf, sizeof buf, "%.50s %d %d",
get_remote_ipaddr(), get_remote_port(), options.port);
child_set_env(&env, &envsize, "SSH_CLIENT", buf);
- /* Set SSH_TTY if we have a pty. */
if (ttyname)
child_set_env(&env, &envsize, "SSH_TTY", ttyname);
-
- /* Set TERM if we have a pty. */
if (term)
child_set_env(&env, &envsize, "TERM", term);
-
- /* Set DISPLAY if we have one. */
if (display)
child_set_env(&env, &envsize, "DISPLAY", display);
}
#endif /* HAVE_LIBPAM */
- /* Set XAUTHORITY to always be a local file. */
if (xauthfile)
child_set_env(&env, &envsize, "XAUTHORITY", xauthfile);
- /* Set variable for forwarded authentication connection, if we
- have one. */
if (auth_get_socket_name() != NULL)
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
auth_get_socket_name());
- /* Read $HOME/.ssh/environment. */
+ /* read $HOME/.ssh/environment. */
if (!options.use_login) {
snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir);
read_environment_file(&env, &envsize, buf);
}
- /* If debugging, dump the environment to stderr. */
if (debug_flag) {
+ /* dump the environment */
fprintf(stderr, "Environment:\n");
for (i = 0; env[i]; i++)
fprintf(stderr, " %.200s\n", env[i]);
}
- /* Close the connection descriptors; note that this is the child,
- and the server will still have the socket open, and it is
- important that we do not shutdown it. Note that the
- descriptors cannot be closed before building the environment,
- as we call get_remote_ipaddr there. */
+ /*
+ * Close the connection descriptors; note that this is the child, and
+ * the server will still have the socket open, and it is important
+ * that we do not shutdown it. Note that the descriptors cannot be
+ * closed before building the environment, as we call
+ * get_remote_ipaddr there.
+ */
if (packet_get_connection_in() == packet_get_connection_out())
close(packet_get_connection_in());
else {
close(packet_get_connection_in());
close(packet_get_connection_out());
}
- /* Close all descriptors related to channels. They will still
- remain open in the parent. */
+ /*
+ * Close all descriptors related to channels. They will still remain
+ * open in the parent.
+ */
+ /* XXX better use close-on-exec? -markus */
channel_close_all();
- /* Close any extra file descriptors. Note that there may still be
- descriptors left by system functions. They will be closed
- later. */
+ /*
+ * Close any extra file descriptors. Note that there may still be
+ * descriptors left by system functions. They will be closed later.
+ */
endpwent();
endhostent();
- /* Close any extra open file descriptors so that we don\'t have
- them hanging around in clients. Note that we want to do this
- after initgroups, because at least on Solaris 2.3 it leaves
- file descriptors open. */
+ /*
+ * Close any extra open file descriptors so that we don\'t have them
+ * hanging around in clients. Note that we want to do this after
+ * initgroups, because at least on Solaris 2.3 it leaves file
+ * descriptors open.
+ */
for (i = 3; i < 64; i++)
close(i);
fprintf(stderr, "Could not chdir to home directory %s: %s\n",
pw->pw_dir, strerror(errno));
- /* Must take new environment into use so that .ssh/rc, /etc/sshrc
- and xauth are run in the proper environment. */
+ /*
+ * Must take new environment into use so that .ssh/rc, /etc/sshrc and
+ * xauth are run in the proper environment.
+ */
environ = env;
- /* Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found
- first in this order). */
+ /*
+ * Run $HOME/.ssh/rc, /etc/sshrc, or xauth (whichever is found first
+ * in this order).
+ */
if (!options.use_login) {
if (stat(SSH_USER_RC, &st) >= 0) {
if (debug_flag)
}
#ifdef XAUTH_PATH
else {
- /* Add authority data to .Xauthority if
- appropriate. */
+ /* Add authority data to .Xauthority if appropriate. */
if (auth_proto != NULL && auth_data != NULL) {
if (debug_flag)
fprintf(stderr, "Running %.100s add %.100s %.100s %.100s\n",
else
cp = shell;
}
- /* If we have no command, execute the shell. In this case, the
- shell name to be passed in argv[0] is preceded by '-' to
- indicate that this is a login shell. */
+ /*
+ * If we have no command, execute the shell. In this case, the shell
+ * name to be passed in argv[0] is preceded by '-' to indicate that
+ * this is a login shell.
+ */
if (!command) {
if (!options.use_login) {
char buf[256];
- /* Check for mail if we have a tty and it was
- enabled in server options. */
+ /*
+ * Check for mail if we have a tty and it was enabled
+ * in server options.
+ */
if (ttyname && options.check_mail) {
char *mailbox;
struct stat mailstat;
exit(1);
}
}
- /* Execute the command using the user's shell. This uses the -c
- option to execute the command. */
+ /*
+ * Execute the command using the user's shell. This uses the -c
+ * option to execute the command.
+ */
argv[0] = (char *) cp;
argv[1] = "-c";
argv[2] = (char *) command;
else
userlen = strlen(filename); /* Nothing after username. */
if (userlen == 0)
- pw = getpwuid(my_uid); /* Own home directory. */
+ pw = getpwuid(my_uid); /* Own home directory. */
else {
/* Tilde refers to someone elses home directory. */
if (userlen > sizeof(user) - 1)
user[userlen] = 0;
pw = getpwnam(user);
}
- /* Check that we found the user. */
if (!pw)
fatal("Unknown user %100s.", user);
/* If referring to someones home directory, return it now. */
- if (!cp) { /* Only home directory specified */
+ if (!cp) {
+ /* Only home directory specified */
return xstrdup(pw->pw_dir);
}
/* Build a path combining the specified directory and path. */
struct termios tio;
int baud;
- /* Get the modes. */
if (tcgetattr(fd, &tio) < 0) {
packet_put_char(TTY_OP_END);
log("tcgetattr: %.100s", strerror(errno));
/*
* Some constants and prototypes are defined in packet.h; this file
- * is only intended for including from ttymodes.h.
+ * is only intended for including from ttymodes.c.
*/
- /* termios macro *//* sgtty macro */
+/* termios macro */ /* sgtty macro */
/* name, op */
-TTYCHAR(VINTR, 1) SGTTYCHAR(tiotc.t_intrc, 1)
-TTYCHAR(VQUIT, 2) SGTTYCHAR(tiotc.t_quitc, 2)
-TTYCHAR(VERASE, 3) SGTTYCHAR(tio.sg_erase, 3)
+TTYCHAR(VINTR, 1) SGTTYCHAR(tiotc.t_intrc, 1)
+TTYCHAR(VQUIT, 2) SGTTYCHAR(tiotc.t_quitc, 2)
+TTYCHAR(VERASE, 3) SGTTYCHAR(tio.sg_erase, 3)
#if defined(VKILL)
-TTYCHAR(VKILL, 4) SGTTYCHAR(tio.sg_kill, 4)
-#endif /* VKILL */
-TTYCHAR(VEOF, 5) SGTTYCHAR(tiotc.t_eofc, 5)
+TTYCHAR(VKILL, 4) SGTTYCHAR(tio.sg_kill, 4)
+#endif /* VKILL */
+TTYCHAR(VEOF, 5) SGTTYCHAR(tiotc.t_eofc, 5)
#if defined(VEOL)
-TTYCHAR(VEOL, 6) SGTTYCHAR(tiotc.t_brkc, 6)
-#endif /* VEOL */
+TTYCHAR(VEOL, 6) SGTTYCHAR(tiotc.t_brkc, 6)
+#endif /* VEOL */
#ifdef VEOL2 /* n/a */
TTYCHAR(VEOL2, 7)
-#endif /* VEOL2 */
-TTYCHAR(VSTART, 8) SGTTYCHAR(tiotc.t_startc, 8)
-TTYCHAR(VSTOP, 9) SGTTYCHAR(tiotc.t_stopc, 9)
+#endif /* VEOL2 */
+TTYCHAR(VSTART, 8) SGTTYCHAR(tiotc.t_startc, 8)
+TTYCHAR(VSTOP, 9) SGTTYCHAR(tiotc.t_stopc, 9)
#if defined(VSUSP)
-TTYCHAR(VSUSP, 10) SGTTYCHAR(tioltc.t_suspc, 10)
-#endif /* VSUSP */
+TTYCHAR(VSUSP, 10) SGTTYCHAR(tioltc.t_suspc, 10)
+#endif /* VSUSP */
#if defined(VDSUSP)
-TTYCHAR(VDSUSP, 11) SGTTYCHAR(tioltc.t_dsuspc, 11)
-#endif /* VDSUSP */
+TTYCHAR(VDSUSP, 11) SGTTYCHAR(tioltc.t_dsuspc, 11)
+#endif /* VDSUSP */
#if defined(VREPRINT)
-TTYCHAR(VREPRINT, 12) SGTTYCHAR(tioltc.t_rprntc, 12)
-#endif /* VREPRINT */
+TTYCHAR(VREPRINT, 12) SGTTYCHAR(tioltc.t_rprntc, 12)
+#endif /* VREPRINT */
#if defined(VWERASE)
-TTYCHAR(VWERASE, 13) SGTTYCHAR(tioltc.t_werasc, 13)
-#endif /* VWERASE */
+TTYCHAR(VWERASE, 13) SGTTYCHAR(tioltc.t_werasc, 13)
+#endif /* VWERASE */
#if defined(VLNEXT)
-TTYCHAR(VLNEXT, 14) SGTTYCHAR(tioltc.t_lnextc, 14)
-#endif /* VLNEXT */
+TTYCHAR(VLNEXT, 14) SGTTYCHAR(tioltc.t_lnextc, 14)
+#endif /* VLNEXT */
#if defined(VFLUSH)
-TTYCHAR(VFLUSH, 15) SGTTYCHAR(tioltc.t_flushc, 15)
-#endif /* VFLUSH */
+TTYCHAR(VFLUSH, 15) SGTTYCHAR(tioltc.t_flushc, 15)
+#endif /* VFLUSH */
#ifdef VSWTCH
TTYCHAR(VSWTCH, 16) /* n/a */
-#endif /* VSWTCH */
+#endif /* VSWTCH */
#if defined(VSTATUS)
-TTYCHAR(VSTATUS, 17) SGTTYCHAR(tiots.tc_statusc, 17)
-#endif /* VSTATUS */
+TTYCHAR(VSTATUS, 17) SGTTYCHAR(tiots.tc_statusc, 17)
+#endif /* VSTATUS */
#ifdef VDISCARD
TTYCHAR(VDISCARD, 18) /* n/a */
-#endif /* VDISCARD */
+#endif /* VDISCARD */
/* name, field, op */
-TTYMODE(IGNPAR, c_iflag, 30) /* n/a */
-TTYMODE(PARMRK, c_iflag, 31) /* n/a */
-TTYMODE(INPCK, c_iflag, 32) SGTTYMODEN(ANYP, tio.sg_flags, 32)
-TTYMODE(ISTRIP, c_iflag, 33) SGTTYMODEN(LPASS8, tiolm, 33)
-TTYMODE(INLCR, c_iflag, 34) /* n/a */
-TTYMODE(IGNCR, c_iflag, 35) /* n/a */
-TTYMODE(ICRNL, c_iflag, 36) SGTTYMODE(CRMOD, tio.sg_flags, 36)
+TTYMODE(IGNPAR, c_iflag, 30) /* n/a */
+TTYMODE(PARMRK, c_iflag, 31) /* n/a */
+TTYMODE(INPCK, c_iflag, 32) SGTTYMODEN(ANYP, tio.sg_flags, 32)
+TTYMODE(ISTRIP, c_iflag, 33) SGTTYMODEN(LPASS8, tiolm, 33)
+TTYMODE(INLCR, c_iflag, 34) /* n/a */
+TTYMODE(IGNCR, c_iflag, 35) /* n/a */
+TTYMODE(ICRNL, c_iflag, 36) SGTTYMODE(CRMOD, tio.sg_flags, 36)
#if defined(IUCLC)
-TTYMODE(IUCLC, c_iflag, 37) SGTTYMODE(LCASE, tio.sg_flags, 37)
+TTYMODE(IUCLC, c_iflag, 37) SGTTYMODE(LCASE, tio.sg_flags, 37)
#endif
-TTYMODE(IXON, c_iflag, 38) /* n/a */
-TTYMODE(IXANY, c_iflag, 39) SGTTYMODEN(LDECCTQ, tiolm, 39)
-TTYMODE(IXOFF, c_iflag, 40) SGTTYMODE(TANDEM, tio.sg_flags, 40)
+TTYMODE(IXON, c_iflag, 38) /* n/a */
+TTYMODE(IXANY, c_iflag, 39) SGTTYMODEN(LDECCTQ, tiolm, 39)
+TTYMODE(IXOFF, c_iflag, 40) SGTTYMODE(TANDEM, tio.sg_flags, 40)
#ifdef IMAXBEL
-TTYMODE(IMAXBEL, c_iflag, 41) /* n/a */
-#endif /* IMAXBEL */
+TTYMODE(IMAXBEL,c_iflag, 41) /* n/a */
+#endif /* IMAXBEL */
-TTYMODE(ISIG, c_lflag, 50) /* n/a */
-TTYMODE(ICANON, c_lflag, 51) SGTTYMODEN(CBREAK, tio.sg_flags, 51)
+TTYMODE(ISIG, c_lflag, 50) /* n/a */
+TTYMODE(ICANON, c_lflag, 51) SGTTYMODEN(CBREAK, tio.sg_flags, 51)
#ifdef XCASE
-TTYMODE(XCASE, c_lflag, 52) /* n/a */
+TTYMODE(XCASE, c_lflag, 52) /* n/a */
#endif
-TTYMODE(ECHO, c_lflag, 53) SGTTYMODE(ECHO, tio.sg_flags, 53)
-TTYMODE(ECHOE, c_lflag, 54) SGTTYMODE(LCRTERA, tiolm, 54)
-TTYMODE(ECHOK, c_lflag, 55) SGTTYMODE(LCRTKIL, tiolm, 55)
-TTYMODE(ECHONL, c_lflag, 56) /* n/a */
-TTYMODE(NOFLSH, c_lflag, 57) SGTTYMODE(LNOFLSH, tiolm, 57)
-TTYMODE(TOSTOP, c_lflag, 58) SGTTYMODE(LTOSTOP, tiolm, 58)
+TTYMODE(ECHO, c_lflag, 53) SGTTYMODE(ECHO, tio.sg_flags, 53)
+TTYMODE(ECHOE, c_lflag, 54) SGTTYMODE(LCRTERA, tiolm, 54)
+TTYMODE(ECHOK, c_lflag, 55) SGTTYMODE(LCRTKIL, tiolm, 55)
+TTYMODE(ECHONL, c_lflag, 56) /* n/a */
+TTYMODE(NOFLSH, c_lflag, 57) SGTTYMODE(LNOFLSH, tiolm, 57)
+TTYMODE(TOSTOP, c_lflag, 58) SGTTYMODE(LTOSTOP, tiolm, 58)
#ifdef IEXTEN
TTYMODE(IEXTEN, c_lflag, 59) /* n/a */
-#endif /* IEXTEN */
+#endif /* IEXTEN */
#if defined(ECHOCTL)
-TTYMODE(ECHOCTL, c_lflag, 60) SGTTYMODE(LCTLECH, tiolm, 60)
-#endif /* ECHOCTL */
+TTYMODE(ECHOCTL,c_lflag, 60) SGTTYMODE(LCTLECH, tiolm, 60)
+#endif /* ECHOCTL */
#ifdef ECHOKE
-TTYMODE(ECHOKE, c_lflag, 61) /* n/a */
-#endif /* ECHOKE */
+TTYMODE(ECHOKE, c_lflag, 61) /* n/a */
+#endif /* ECHOKE */
#if defined(PENDIN)
-TTYMODE(PENDIN, c_lflag, 62) SGTTYMODE(LPENDIN, tiolm, 62)
-#endif /* PENDIN */
+TTYMODE(PENDIN, c_lflag, 62) SGTTYMODE(LPENDIN, tiolm, 62)
+#endif /* PENDIN */
-TTYMODE(OPOST, c_oflag, 70) /* n/a */
+TTYMODE(OPOST, c_oflag, 70) /* n/a */
#if defined(OLCUC)
-TTYMODE(OLCUC, c_oflag, 71) SGTTYMODE(LCASE, tio.sg_flags, 71)
+TTYMODE(OLCUC, c_oflag, 71) SGTTYMODE(LCASE, tio.sg_flags, 71)
#endif
-TTYMODE(ONLCR, c_oflag, 72) SGTTYMODE(CRMOD, tio.sg_flags, 72)
+TTYMODE(ONLCR, c_oflag, 72) SGTTYMODE(CRMOD, tio.sg_flags, 72)
#ifdef OCRNL
-TTYMODE(OCRNL, c_oflag, 73) /* n/a */
+TTYMODE(OCRNL, c_oflag, 73) /* n/a */
#endif
#ifdef ONOCR
-TTYMODE(ONOCR, c_oflag, 74) /* n/a */
+TTYMODE(ONOCR, c_oflag, 74) /* n/a */
#endif
#ifdef ONLRET
-TTYMODE(ONLRET, c_oflag, 75) /* n/a */
+TTYMODE(ONLRET, c_oflag, 75) /* n/a */
#endif
-TTYMODE(CS7, c_cflag, 90) /* n/a */
-TTYMODE(CS8, c_cflag, 91) SGTTYMODE(LPASS8, tiolm, 91)
-TTYMODE(PARENB, c_cflag, 92) /* n/a */
-TTYMODE(PARODD, c_cflag, 93) SGTTYMODE(ODDP, tio.sg_flags, 93)
+TTYMODE(CS7, c_cflag, 90) /* n/a */
+TTYMODE(CS8, c_cflag, 91) SGTTYMODE(LPASS8, tiolm, 91)
+TTYMODE(PARENB, c_cflag, 92) /* n/a */
+TTYMODE(PARODD, c_cflag, 93) SGTTYMODE(ODDP, tio.sg_flags, 93)
+
if (seteuid(saved_euid) < 0)
debug("seteuid %d: %.100s", (int) saved_euid, strerror(errno));
#else /* SAVED_IDS_WORK_WITH_SETEUID */
- /* We are unable to restore the real uid to its unprivileged
- value. */
- /* Propagate the real uid (usually more privileged) to effective
- uid as well. */
+ /*
+ * We are unable to restore the real uid to its unprivileged value.
+ * Propagate the real uid (usually more privileged) to effective uid
+ * as well.
+ */
setuid(getuid());
#endif /* SAVED_IDS_WORK_WITH_SETEUID */
}
andersk / openssh.git / commitdiff
