+19991117
+ - Merged OpenBSD CVS changes
+ - [ChangeLog.Ylonen] noone needs this anymore
+ - [authfd.c] close-on-exec for auth-socket, ok deraadt
+ - [hostfile.c]
+ in known_hosts key lookup the entry for the bits does not need
+ to match, all the information is contained in n and e. This
+ solves the problem with buggy servers announcing the wrong
+ modulus length. markus and me.
+ - [serverloop.c]
+ bugfix: check for space if child has terminated, from:
+ iedowse@maths.tcd.ie
+ - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
+ [fingerprint.c fingerprint.h]
+ rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
+ - [ssh-agent.1] typo
+ - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
+ - [sshd.c]
+ force logging to stderr while loading private key file
+ (lost while converting to new log-levels)
+
19991116
- Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com>
- Merged OpenBSD CVS changes:
+++ /dev/null
-Fri Nov 17 16:19:20 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi>
-
- * Released 1.2.12.
-
- * channels.c: Commented out debugging messages about output draining.
-
- * Added file OVERVIEW to give some idea about the structure of the
- ssh software.
-
-Thu Nov 16 16:40:17 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi>
-
- * canohost.c (get_remote_hostname): Don't ever return NULL (causes
- segmentation violation).
-
- * sshconnect.c: Host ip address printed incorrectly with -v.
-
- * Implemented SSH_TTY environment variable.
-
-Wed Nov 15 01:47:40 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi>
-
- * Implemented server and client option KeepAlive to specify
- whether to set SO_KEEPALIVE. Both default to "yes"; to disable
- keepalives, set the value to "no" in both the server and the
- client configuration files. Updated manual pages.
-
- * sshd.c: Fixed Solaris utmp problem: wrong pid stored in utmp
- (patch from Petri Virkkula <argon@bat.cs.hut.fi>).
-
- * login.c (record_logout): Fixed removing user from utmp on BSD
- (with HAVE_LIBUTIL_LOGIN).
-
- * Added cleanup functions to be called from fatal(). Arranged for
- utmp to be cleaned if sshd terminates by calling fatal (e.g.,
- after dropping connection). Eliminated separate client-side
- fatal() functions and moved fatal() to log-client.c. Made all
- cleanups, including channel_stop_listening() and packet_close()
- be called using this mechanism.
-
-Thu Nov 9 09:58:05 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * sshd.c: Permit immediate login with empty password only if
- password authentication is allowed.
-
-Wed Nov 8 00:43:55 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * Eliminated unix-domain X11 forwarding. Inet-domain forwarding is
- now the only supported form. Renamed server option
- X11InetForwarding to X11Forwarding, and eliminated
- X11UnixForwarding. Updated documentation. Updated RFC (marked
- the SSH_CMSG_X11_REQUEST_FORWARDING message (code 26) as
- obsolete, and removed all references to it). Increased protocol
- version number to 1.3.
-
- * scp.c (main): Added -B (BatchMode). Updated manual page.
-
- * Cleaned up and updated all manual pages.
-
- * clientloop.c: Added new escape sequences ~# (lists forwarded
- connections), ~& (background ssh when waiting for forwarded
- connections to terminate), ~? (list available escapes).
- Polished the output of the connection listing. Updated
- documentation.
-
- * uidswap.c: If _POSIX_SAVED_IDS is defined, don't change the real
- uid. Assume that _POSIX_SAVED_IDS also applies to seteuid.
- This may solve problems with tcp_wrappers (libwrap) showing
- connections as coming from root.
-
-Tue Nov 7 20:28:57 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * Added RandomSeed server configuration option. The argument
- specifies the location of the random seed file. Updated
- documentation.
-
- * Locate perl5 in configure. Generate make-ssh-known-hosts (with
- the correct path for perl5) in Makefile.in, and install it with
- the other programs. Updated manual page.
-
- * sshd.c (main): Added a call to umask to set the umask to a
- reasonable value.
-
- * compress.c (buffer_compress): Fixed to follow the zlib
- documentation (which is slightly confusing).
-
- * INSTALL: Added information about Linux libc.so.4 problem.
-
-Mon Nov 6 15:42:36 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * (Actually autoconf fix) Installed patch to AC_ARG_PROGRAM.
-
- * sshd.c, sshd.8.in: Renamed $HOME/.environment ->
- $HOME/.ssh/environment.
-
- * configure.in: Disable shadow password checking on convex.
- Convex has /etc/shadow, but sets pw_passwd automatically if
- running as root.
-
- * Eliminated HAVE_ETC_MASTER_PASSWD (NetBSD, FreeBSD); the
- pw_passwd field is automatically filled if running as root.
- Put explicit code in configure.in to prevent shadow password
- checking on FreeBSD and NetBSD.
-
- * serverloop.c (signchld_handler): Don't print error if wait
- returns -1.
-
- * Makefile.in (install): Fixed modes of data files.
-
- * Makefile.in (install): Make links for slogin.1.
-
- * make-ssh-known-hosts: Merged a patch from melo@ci.uminho.pt to
- fix the ping command.
-
-Fri Nov 3 16:25:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * ssh.1.in: Added more information about X11 forwarding.
-
-Thu Nov 2 18:42:13 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * Changes to use O_NONBLOCK_BROKEN consistently.
-
- * pty.c (pty_make_controlling_tty): Use setpgid instead of
- setsid() on Ultrix.
-
- * includes.h: Removed redundant #undefs for Ultrix and Sony News;
- these are already handled in configure.in.
-
-Tue Oct 31 13:31:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * configure.in: Define SSH_WTMP to /var/adm/wtmp is wtmp not found.
-
- * configure.in: Disable vhangup on Ultrix. I am told this fixes
- the server problems.
-
-Sat Oct 28 14:22:05 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * sshconnect.c: Fixed a bug in connecting to a multi-homed host.
- Restructured the connecting code to never try to use the same
- socket a second time after a failed connection.
-
- * Makefile.in: Added explicit -m option to install, and umask 022
- when creating directories and the host key.
-
-Fri Oct 27 01:05:10 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * Makefile.in: Added cleaning of $(ZLIBDIR) to clean and distclean.
-
- * login.c (get_last_login_time): Fixed a typo (define -> defined).
-
-Thu Oct 26 01:28:07 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * configure.in: Moved testing for ANSI C compiler after the host
- specific code (problems on HPUX).
-
- * Minor fixes to /etc/default/login stuff from Bryan O'Sullivan.
-
- * Fixed .SH NAME sections in manual pages.
-
- * compress.c: Trying to fix a mysterious bug in the compression
- glue.
-
- * ssh-1.2.11.
-
- * scp.c: disable agent forwarding when running ssh from scp.
-
- * Added compression of plaintext packets using the gzip library
- (zlib). Client configuration options Compression and
- CompressionLevel (1-9 as in gzip). New ssh and scp option -C
- (to enable compression). Updated RFC.
-
-Wed Oct 25 05:11:55 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * Implemented ProxyCommand stuff based on patches from Bryan
- O'Sullivan <bos@serpentine.com>.
-
- * Merged BSD login/logout/lastlog patches from Mark Treacy
- <mark@labtam.oz.au>.
-
- * sshd.c: Added chdir("/").
-
-Tue Oct 24 00:29:01 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * Merged RSA environment= patches from Felix Leitner
- <leitner@prz.tu-berlin.de> with some changes.
-
- * sshd.c: Made the packet code use two separate descriptors for
- the connection (one for input, the other for output). This will
- make future extensions easier (e.g., non-socket transports, etc.).
- sshd -i now uses both stdin and stdout separately.
-
-Mon Oct 23 21:29:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * sshd.c: Merged execle -> execve patches from Mark Martinec
- <Mark.Martinec@nsc.ijs.si>. This may help with execle bugs on
- Convex (environment not getting passed properly). This might
- also solve similar problems on Sonys; please test!
-
- * Removed all compatibility code for protocol version 1.0.
- THIS MEANS THAT WE ARE NO LONGER COMPATIBLE WITH SSH VERSIONS
- PRIOR TO 1.1.0.
-
- * randoms.c (random_acquire_light_environmental_noise): If
- /dev/random is available, read up to 32 bytes (256 bits) from
- there in non-blocking mode, and mix the new random bytes into
- the pool.
-
- * Added client configuration option StrictHostKeyChecking
- (disabled by default). If this is enabled, the client will not
- automatically add new host keys to $HOME/.ssh/known_hosts;
- instead the connection will be refused if the host key is not
- known. Similarly, if the host key has changed, the connection
- will be refused instead if just issuing a warning. This
- provides additional security against man-in-the-middle/trojan
- horse attacks (especially in scripts where there is no-one to
- see the warnings), but may be quite inconvenient in everyday
- interactive use unless /etc/ssh_known_hosts is very complete,
- because new host keys must now be added manually.
-
- * sshconnect.c (ssh_connect): Use the user's uid when creating the
- socket and connecting it. I am hoping that this might help with
- tcp_wrappers showing the remote user as root.
-
- * ssh.c: Try inet-domain X11 forwarding regardless of whether we
- can get local authorization information. If we don't, we just
- come up with fake information; the forwarding code will anyway
- generate its own fake information and validate that the client
- knows that information. It will then substitute our fake
- information for that, but that info should get ignored by the
- server if it doesn't support it.
-
- * Added option BatchMode to disable password/passphrase querying
- in scripts.
-
- * auth-rh-rsa.c: Changed to use uid-swapping when reading
- .ssh/known_hosts.
-
- * sshd.8.in (command): Improved documentation of file permissions
- on the manual pages.
-
-Thu Oct 19 21:05:51 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi>
-
- * ssh-add.c (add_file): Fixed a bug causing ssh to sometimes refer
- to freed memory (comment -> saved_comment).
-
- * log-server.c: Added a prefix to debug/warning/error/fatal
- messages describing message types. Syslog does not include that
- information automatically.
-
-Sun Oct 8 01:56:01 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Merged /etc/default/login and MAIL environment variable changes
- from Bryan O'Sullivan <bos@serpentine.com>.
- - mail spool file location
- - process /etc/default/login
- - add HAVE_ETC_DEFAULT_LOGIN
- - new function child_get_env and read_etc_default_login (sshd.c)
-
- * ssh-add.c (add_file): Fixed asking for passphrase.
-
- * Makefile.in: Fixed installing configure-generated man pages when
- compiling in a separate object directory.
-
- * sshd.c (main): Moved RSA key generation until after allocating
- the port number. (Actually, the code got duplicated because we
- never listen when run from inetd.)
-
- * ssh.c: Fixed a problem that caused scp to hang when called with
- stdin closed.
-
-Sat Oct 7 03:08:06 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Added server config option StrictModes. It specifies whether to
- check ownership and modes of home directory and .rhosts files.
-
- * ssh.c: If ssh is renamed/linked to a host name, connect to that
- host.
-
- * serverloop.c, clientloop.c: Ignore EAGAIN reported on read from
- connection. Solaris has a kernel bug which causes select() to
- sometimes wake up even though there is no data available.
-
- * Display all open connections when printing the "Waiting for
- forwarded connections to terminate" message.
-
- * sshd.c, readconf.c: Added X11InetForwarding and
- X11UnixForwarding server config options.
-
-Thu Oct 5 17:41:16 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Some more SCO fixes.
-
-Tue Oct 3 01:04:34 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Fixes and cleanups in README, INSTALL, COPYING.
-
-Mon Oct 2 03:36:08 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * ssh-add.c (add_file): Fixed a bug in ssh-add (xfree: NULL ...).
-
- * Removed .BR from ".SH NAME" in man pages.
-
-Sun Oct 1 04:16:07 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * ssh-1.2.10.
-
- * configure.in: When checking that the compiler works, check that
- it understands ANSI C prototypes.
-
- * Made uidswap error message a debug() to avoid confusing errors
- on AIX (AIX geteuid is brain-damaged and fails even for root).
-
- * Fixed an error in sshd.8 (FacistLogging -> FascistLogging).
-
- * Fixed distribution in Makefile.in (missing manual page .in files).
-
-Sat Sep 30 17:38:46 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * auth-rhosts.c: Fixed serious security problem in
- /etc/hosts.equiv authentication.
-
-Fri Sep 29 00:41:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Include machine/endian.h on Paragon.
-
- * ssh-add.c (add_file): Made ssh-add keep asking for the
- passphrase until the user just types return or cancels.
- Make the dialog display the comment of the key.
-
- * Read use shosts.equiv in addition to /etc/hosts.equiv.
-
- * sshd.8 is now sshd.8.in and is processed by configure to
- substitute the proper paths for various files. Ditto for ssh.1.
- Ditto for make-ssh-known-hosts.1.
-
- * configure.in: Moved /etc/sshd_pid to PIDDIR/sshd.pid. PIDDIR
- will be /var/run if it exists, and ETCDIR otherwise.
-
-Thu Sep 28 21:52:42 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * On Ultrix, check if sys/syslog.h needs to be included in
- addition to syslog.h.
-
- * make-ssh-known-hosts.pl: Merged Kivinen's fixes for HPUX.
-
- * configure.in: Put -lwrap, -lsocks, etc. at the head of LIBS.
-
- * Fixed case-insensitivity in auth-rhosts.c.
-
- * Added missing socketpair.c to EXTRA_SRCS (needed on SCO), plus
- other SCO fixes.
-
- * Makefile.in: Fixed missing install_prefixes.
-
-Wed Sep 27 03:57:00 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * ssh-1.2.9.
-
- * Added SOCKS support.
-
- * Fixed default setting of IgnoreRhosts option.
-
- * Pass the magic cookie to xauth in stdin instead of command line;
- the command line is visible in ps.
-
- * Added processing $HOME/.ssh/rc and /etc/sshrc.
-
- * Added a section to sshd.8 on what happens at login time.
-
-Tue Sep 26 01:27:40 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Don't define speed_t on SunOS 4.1.1; it conflicts with system
- headers.
-
- * Added support for .hushlogin.
-
- * Added --with-etcdir.
-
- * Read $HOME/.environment after /etc/environment.
-
-Mon Sep 25 03:26:06 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Merged patches for SCO Unix (from Michael Henits).
-
-Sun Sep 24 22:28:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Added ssh option ConnectionAttempts.
-
-Sat Sep 23 12:30:15 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * sshd.c: Don't print last login time and /etc/motd if a command
- has been specified (with ssh -t host command).
-
- * Added support for passing the screen number in X11 forwarding.
- It is implemented as a compatible protocol extension, signalled
- by SSH_PROTOFLAG_SCREEN_NUMBER by the child.
-
- * clientloop.c: Fixed bugs in the order in which things were
- processed. This may solve problems with some data not getting
- sent to the server as soon as possible (probably solves the TCP
- forwarding delayed close problem). Also, it looked like window
- changes might not get transmitted as early as possible in some
- cases.
-
- * clientloop.c: Changed to detect window size change that
- happened while ssh was suspended.
-
- * ssh.c: Moved the do_session function (client main loop) to
- clientloop.c. Divided it into smaller functions. General cleanup.
-
- * ssh-1.2.8
-
-Fri Sep 22 22:07:46 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * sshconnect.c (ssh_login): Made ssh_login take the options
- structure as argument, instead of the individual arguments.
-
- * auth-rhosts.c (check_rhosts_file): Added support for netgroups.
-
- * auth-rhosts.c (check_rhosts_file): Added support for negated
- entries.
-
-Thu Sep 21 00:07:56 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * auth-rhosts.c: Restructured rhosts authentication code.
- Hosts.equiv now has same format as .rhosts: user names are allowed.
-
- * Added support for the Intel Paragon.
-
- * sshd.c: Don't use X11 forwarding with spoofing if no xauth
- program. Changed configure.in to not define XAUTH_PATH if
- there is no xauth program.
-
- * ssh-1.2.7
-
- * sshd.c: Rewrote the code to build the environment. Now also reads
- /etc/environment.
-
- * sshd.c: Fixed problems in libwrap code. --with-libwrap now
- takes optional library name/path.
-
- * ssh-1.2.6
-
- * Define USE_PIPES by default.
-
- * Added support for Univel Unixware and MachTen.
-
- * Added IgnoreRhosts server option.
-
- * Added USE_STRLEN_FOR_AF_UNIX; it is needed at least on MachTen.
-
-Wed Sep 20 02:41:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * sshd.c (do_child): don't call packet_close when /etc/nologin,
- because packet_close does shutdown, and the message does not get
- sent.
-
- * pty.c (pty_allocate): Push ttcompat streams module.
-
- * randoms.c (random_acquire_light_environmental_noise): Don't use
- the second argument to gettimeofday as it is not supported on
- all systems.
-
- * login.c (record_login): Added NULL second argument to gettimeofday.
-
-Tue Sep 19 13:25:48 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * fixed pclose wait() in sshd key regeneration (now only collects
- easily available noise).
-
- * configure.in: test for bsdi before bsd*.
-
- * ssh.c: Don't print "Connection closed" if -q.
-
-Wed Sep 13 04:19:52 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Released ssh-1.2.5.
-
- * Hopefully fixed "Waiting for forwarded connections to terminate"
- message.
-
- * randoms.c, md5.c: Large modifications to make these work on Cray
- (which has no 32 bit integer type).
-
- * Fixed a problem with forwarded connection closes not being
- reported immediately.
-
- * ssh.c: fixed rhosts authentication (broken by uid-swapping).
-
- * scp.c: Don't use -l if server user not specified (it made
- setting User in the configuration file not work).
-
- * configure.in: don't use -pipe on BSDI.
-
- * randoms.c: Major modifications to make it work without 32 bit
- integers (e.g. Cray).
-
- * md5.c: Major modifications to make it work without 32 bit
- integers (e.g. Cray).
-
- * Eliminated HPSUX_BROKEN_PTYS. The code is now enabled by
- default on all systems.
-
-Mon Sep 11 00:53:12 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * sshd.c: don't include sshd pathname in log messages.
-
- * Added libwrap stuff (includes support for identd).
-
- * Added OSF/1 C2 extended security stuff.
-
- * Fixed interactions between getuid() and uid-swap stuff.
-
-Sun Sep 10 00:29:27 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * serverloop.c: Don't send stdout data to client until after a few
- milliseconds if there is very little data. This is because some
- systems give data from pty one character at a time, which would
- multiply data size by about 16.
-
- * serverloop.c: Moved server do_session to a separate file and
- renamed it server_loop. Split it into several functions and
- partially rewrote it. Fixed "cat /etc/termcap | ssh foo cat" hangup.
-
- * Screwed up something while checking stuff in under cvs. No harm,
- but bogus log entries...
-
-Sat Sep 9 02:24:51 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * minfd.c (_get_permanent_fd): Use SHELL environment variable.
-
- * channels.c (x11_create_display_inet): Created
- HPSUX_NONSTANDARD_X11_KLUDGE; it causes DISPLAY to contain the
- IP address of the host instead of the name, because HPSUX uses
- some magic shared memory communication for local connections.
-
- * Changed SIGHUP processing in server; it should now work multiple
- times.
-
- * Added length limits in many debug/log/error/fatal calls just in
- case.
-
- * login.c (get_last_login_time): Fixed location of lastlog.
-
- * Rewrote all uid-swapping code. New files uidswap.h, uidswap.c.
-
- * Fixed several security problems involving chmod and chgrp (race
- conditions). Added warnings about dubious modes for /tmp/.X11-unix.
-
-Fri Sep 8 20:03:36 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi>
-
- * Changed readconf.c to never display anything from the config
- file. This should now be prevented otherwise, but let's play safe.
-
- * log-server.c: Use %.500s in syslog() just to be sure (they
- should already be shorter than 1024 though).
-
- * sshd.c: Moved setuid in child a little earlier (just to be
- conservative, there was no security problem that I could detect).
-
- * README, INSTALL: Added info about mailing list and WWW page.
-
- * sshd.c: Added code to use SIGCHLD and wait zombies immediately.
-
- * Merged patch to set ut_addr in utmp.
-
- * Created ChangeLog and added it to Makefile.in.
-
- * Use read_passphrase instead of getpass().
-
- * Added SSH_FALLBACK_CIPHER. Fixed a bug in default cipher
- selection (IDEA used to be selected even if not supported by the
- server).
-
- * Use no encryption for key files if empty passphrase.
-
- * Added section about --without-idea in INSTALL.
-
- * Version 1.2.0 was released a couple of days ago.
-
all: $(OBJS) $(TARGETS)
-libssh.a: authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o hostfile.o match.o mpaux.o nchan.o packet.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o helper.o rc4.o mktemp.o strlcpy.o log.o
+libssh.a: authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o hostfile.o match.o mpaux.o nchan.o packet.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o helper.o rc4.o mktemp.o strlcpy.o log.o fingerprint.o
$(AR) rv $@ $^
$(RANLIB) $@
all patent-encumbered algorithms removed, all known security bugs
fixed, new features reintroduced and many other clean-ups. More
information about SSH itself can be found in the file README.Ylonen.
+OpenSSH has been created by Aaron Cambell, Bob Beck, Markus Friedl,
+Niels Provos, Theo de Raadt, and Dug Song.
This port consists of the re-introduction of autoconf support, PAM
support (for Linux and Solaris), EGD[1] support, and replacements for
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock < 0)
return -1;
+
+ /* close on exec */
+ if (fcntl(sock, F_SETFD, 1) == -1)
+ {
+ close(sock);
+ return -1;
+ }
if (connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0)
{
--- /dev/null
+#include "includes.h"
+RCSID("$Id$");
+
+#include "ssh.h"
+#include "xmalloc.h"
+#include <ssl/md5.h>
+
+#define FPRINT "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x"
+
+/* Generate key fingerprint in ascii format.
+ Based on ideas and code from Bjoern Groenvall <bg@sics.se> */
+
+char *
+fingerprint(BIGNUM *e, BIGNUM *n)
+{
+ static char retval[80];
+ MD5_CTX md;
+ unsigned char d[16];
+ char *buf;
+ int nlen, elen;
+
+ nlen = BN_num_bytes(n);
+ elen = BN_num_bytes(e);
+
+ buf = xmalloc(nlen + elen);
+
+ BN_bn2bin(n, buf);
+ BN_bn2bin(e, buf + nlen);
+
+ MD5_Init(&md);
+ MD5_Update(&md, buf, nlen + elen);
+ MD5_Final(d, &md);
+ snprintf(retval, sizeof(retval), FPRINT,
+ d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7],
+ d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
+ memset(buf, 0, nlen + elen);
+ xfree(buf);
+ return retval;
+}
--- /dev/null
+/* RCSID("$Id$"); */
+
+#ifndef FINGERPRINT_H
+#define FINGERPRINT_H
+char * fingerprint(BIGNUM *e, BIGNUM *n);
+#endif
}
/* Check if the current key is the same as the given key. */
- if (kbits == bits && BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0)
+ if (BN_cmp(ke, e) == 0 && BN_cmp(kn, n) == 0)
{
/* Ok, they match. */
fclose(f);
if (channel_max_fd() > max_fd)
max_fd = channel_max_fd();
- /* If child has terminated, read as much as is available and then exit. */
- if (child_terminated)
+ /* If child has terminated and there is enough buffer space to read from
+ it, then read as much as is available and exit. */
+ if (child_terminated && packet_not_very_much_data_to_write())
if (max_time_milliseconds == 0)
max_time_milliseconds = 100;
.Nd adds identities for the authentication agent
.Sh SYNOPSIS
.Nm ssh-add
-.Op Fl ldD
+.Op Fl lLdD
.Op Ar
.Sh DESCRIPTION
.Nm
The options are as follows:
.Bl -tag -width Ds
.It Fl l
-Lists all identities currently represented by the agent.
+Lists fingerprints of all identities currently represented by the agent.
+.It Fl L
+Lists public key parameters of all identities currently represented by the agent.
.It Fl d
Instead of adding the identity, removes the identity from the agent.
.It Fl D
#include "ssh.h"
#include "xmalloc.h"
#include "authfd.h"
+#include "fingerprint.h"
#ifdef USE_EXTERNAL_ASKPASS
int askpass(const char *filename, RSA *key, const char *saved_comment, char **comment);
xfree(pass);
if (success)
break;
-
printf("Bad passphrase.\n");
}
}
}
void
-list_identities(AuthenticationConnection *ac)
+list_identities(AuthenticationConnection *ac, int fp)
{
BIGNUM *e, *n;
int status;
status;
status = ssh_get_next_identity(ac, e, n, &comment))
{
- char *ebuf, *nbuf;
+ unsigned int bits = BN_num_bits(n);
had_identities = 1;
- ebuf = BN_bn2dec(e);
- if (ebuf == NULL) {
- error("list_identities: BN_bn2dec(e) failed.");
- }else{
- nbuf = BN_bn2dec(n);
- if (nbuf == NULL) {
- error("list_identities: BN_bn2dec(n) failed.");
- }else{
- unsigned int bits = BN_num_bits(n);
- printf("%d %s %s %s\n", bits, ebuf, nbuf, comment);
- free(nbuf);
- }
- free(ebuf);
+ if (fp) {
+ printf("%d %s %s\n", bits, fingerprint(e, n), comment);
+ } else {
+ char *ebuf, *nbuf;
+ ebuf = BN_bn2dec(e);
+ if (ebuf == NULL) {
+ error("list_identities: BN_bn2dec(e) failed.");
+ }else{
+ nbuf = BN_bn2dec(n);
+ if (nbuf == NULL) {
+ error("list_identities: BN_bn2dec(n) failed.");
+ }else{
+ printf("%d %s %s %s\n", bits, ebuf, nbuf, comment);
+ free(nbuf);
+ }
+ free(ebuf);
+ }
}
xfree(comment);
}
/* check if RSA support exists */
if (rsa_alive() == 0) {
+ extern char *__progname;
fprintf(stderr,
"%s: no RSA support in libssl and libcrypto. See ssl(8).\n",
for (i = 1; i < argc; i++)
{
- if (strcmp(argv[i], "-l") == 0)
+ if ((strcmp(argv[i], "-l") == 0) ||
+ (strcmp(argv[i], "-L") == 0))
{
- list_identities(ac);
+ list_identities(ac, argv[i][1] == 'l' ? 1 : 0);
no_files = 0; /* Don't default-add/delete if -l. */
continue;
}
-.\" $OpenBSD: ssh-agent.1,v 1.7 1999/10/28 08:43:10 markus Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.8 1999/11/16 23:59:21 deraadt Exp $
.\"
.\" -*- nroff -*-
.\"
.\" ssh-agent.1
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
-pp.\"
+.\"
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\" All rights reserved
.\"
.Op Fl b Ar bits
.Op Fl N Ar new_passphrase
.Op Fl C Ar comment
+.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl p
.Op Fl P Ar old_passphrase
.Op Fl N Ar new_passphrase
+.Op Fl f Ar keyfile
.Nm ssh-keygen
.Fl c
.Op Fl P Ar passphrase
.Op Fl C Ar comment
+.Op Fl f Ar keyfile
+.Nm ssh-keygen
+.Fl l
+.Op Fl f Ar keyfile
.Sh DESCRIPTION
.Nm
generates and manages authentication keys for
Requests changing the comment in the private and public key files.
The program will prompt for the file containing the private keys, for
passphrase if the key has one, and for the new comment.
+.It Fl f
+Specifies the filename of the key file.
+.It Fl l
+Show fingerprint of specified private or public key file.
.It Fl p
Requests changing the passphrase of a private key file instead of
creating a new private key. The program will prompt for the file
#include "rsa.h"
#include "ssh.h"
#include "xmalloc.h"
+#include "fingerprint.h"
#ifdef HAVE___PROGNAME
extern char *__progname;
int quiet = 0;
+/* Flag indicating that we just want to see the key fingerprint */
+int print_fingerprint = 0;
+
/* This is set to the identity file name if given on the command line. */
char *identity_file = NULL;
/* Perform changing a passphrase. The argument is the passwd structure
for the current user. */
-void
-do_change_passphrase(struct passwd *pw)
+char *
+get_filename(struct passwd *pw, const char *prompt)
{
- char buf[1024], *comment;
- char *old_passphrase, *passphrase1, *passphrase2;
- struct stat st;
- RSA *private_key;
+ char buf[1024], default_file[1024];
/* Read key file name. */
if (identity_file != NULL) {
- strncpy(buf, identity_file, sizeof(buf));
- buf[sizeof(buf) - 1] = '\0';
+ return xstrdup(identity_file);
} else {
- printf("Enter file in which the key is ($HOME/%s): ", SSH_CLIENT_IDENTITY);
+ snprintf(default_file, sizeof default_file, "%s/%s",
+ pw->pw_dir, SSH_CLIENT_IDENTITY);
+ printf("%s (%s): ", prompt, default_file);
fflush(stdout);
if (fgets(buf, sizeof(buf), stdin) == NULL)
exit(1);
if (strchr(buf, '\n'))
*strchr(buf, '\n') = 0;
if (strcmp(buf, "") == 0)
- snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY);
+ return xstrdup(default_file);
}
+ return xstrdup(buf);
+}
+void
+do_fingerprint(struct passwd *pw)
+{
+ char *file, *comment;
+ RSA *public_key;
+ struct stat st;
+
+ file = get_filename(pw, "Enter file in which the key is");
+ if (stat(file, &st) < 0)
+ {
+ perror(file);
+ exit(1);
+ }
+ public_key = RSA_new();
+ if (!load_public_key(file, public_key, &comment)) {
+ char *cp, line[1024];
+ BIGNUM *e, *n;
+ int dummy, invalid = 0;
+ FILE *f = fopen(file, "r");
+ n = BN_new();
+ e = BN_new();
+ if (f && fgets(line, sizeof(line), f)) {
+ cp = line;
+ line[strlen(line)-1] = '\0';
+ if (auth_rsa_read_key(&cp, &dummy, e, n)) {
+ public_key->e = e;
+ public_key->n = n;
+ comment = xstrdup(cp ? cp : "no comment");
+ } else {
+ invalid = 1;
+ }
+ } else {
+ invalid = 1;
+ }
+ if (invalid) {
+ printf("%s is not a valid key file.\n", file);
+ BN_free(e);
+ BN_free(n);
+ exit(1);
+ }
+ }
+
+ printf("%d %s %s\n", BN_num_bits(public_key->n),
+ fingerprint(public_key->e, public_key->n),
+ comment);
+ RSA_free(public_key);
+ exit(0);
+}
+
+
+void
+do_change_passphrase(struct passwd *pw)
+{
+ char *file, *comment;
+ char *old_passphrase, *passphrase1, *passphrase2;
+ struct stat st;
+ RSA *private_key;
+
+ file = get_filename(pw, "Enter file in which the key is");
/* Check if the file exists. */
- if (stat(buf, &st) < 0)
+ if (stat(file, &st) < 0)
{
- perror(buf);
+ perror(file);
exit(1);
}
/* Try to load the public key from the file the verify that it is
readable and of the proper format. */
public_key = RSA_new();
- if (!load_public_key(buf, public_key, NULL))
+ if (!load_public_key(file, public_key, NULL))
{
- printf("%s is not a valid key file.\n", buf);
+ printf("%s is not a valid key file.\n", file);
exit(1);
}
/* Clear the public key since we are just about to load the whole file. */
/* Try to load the file with empty passphrase. */
private_key = RSA_new();
- if (!load_private_key(buf, "", private_key, &comment)) {
+ if (!load_private_key(file, "", private_key, &comment)) {
/* Read passphrase from the user. */
if (identity_passphrase)
old_passphrase = xstrdup(identity_passphrase);
else
old_passphrase = read_passphrase("Enter old passphrase: ", 1);
/* Try to load using the passphrase. */
- if (!load_private_key(buf, old_passphrase, private_key, &comment))
+ if (!load_private_key(file, old_passphrase, private_key, &comment))
{
memset(old_passphrase, 0, strlen(old_passphrase));
xfree(old_passphrase);
}
/* Save the file using the new passphrase. */
- if (!save_private_key(buf, passphrase1, private_key, comment))
+ if (!save_private_key(file, passphrase1, private_key, comment))
{
printf("Saving the key failed: %s: %s.\n",
- buf, strerror(errno));
+ file, strerror(errno));
memset(passphrase1, 0, strlen(passphrase1));
xfree(passphrase1);
RSA_free(private_key);
void
do_change_comment(struct passwd *pw)
{
- char buf[1024], new_comment[1024], *comment;
+ char new_comment[1024], *file, *comment;
RSA *private_key;
char *passphrase;
struct stat st;
FILE *f;
char *tmpbuf;
- /* Read key file name. */
- if (identity_file)
- {
- strncpy(buf, identity_file, sizeof(buf));
- buf[sizeof(buf) - 1] = '\0';
- }
- else
- {
- printf("Enter file in which the key is ($HOME/%s): ",
- SSH_CLIENT_IDENTITY);
- fflush(stdout);
- if (fgets(buf, sizeof(buf), stdin) == NULL)
- exit(1);
- if (strchr(buf, '\n'))
- *strchr(buf, '\n') = 0;
- if (strcmp(buf, "") == 0)
- snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY);
- }
-
+ file = get_filename(pw, "Enter file in which the key is");
/* Check if the file exists. */
- if (stat(buf, &st) < 0)
+ if (stat(file, &st) < 0)
{
- perror(buf);
+ perror(file);
exit(1);
}
/* Try to load the public key from the file the verify that it is
readable and of the proper format. */
public_key = RSA_new();
- if (!load_public_key(buf, public_key, NULL))
+ if (!load_public_key(file, public_key, NULL))
{
- printf("%s is not a valid key file.\n", buf);
+ printf("%s is not a valid key file.\n", file);
exit(1);
}
private_key = RSA_new();
/* Try to load the file with empty passphrase. */
- if (load_private_key(buf, "", private_key, &comment))
+ if (load_private_key(file, "", private_key, &comment))
passphrase = xstrdup("");
else
{
else
passphrase = read_passphrase("Enter passphrase: ", 1);
/* Try to load using the passphrase. */
- if (!load_private_key(buf, passphrase, private_key, &comment))
+ if (!load_private_key(file, passphrase, private_key, &comment))
{
memset(passphrase, 0, strlen(passphrase));
xfree(passphrase);
if (identity_comment)
{
- strncpy(new_comment, identity_comment, sizeof(new_comment));
- new_comment[sizeof(new_comment) - 1] = '\0';
+ strlcpy(new_comment, identity_comment, sizeof(new_comment));
}
else
{
}
/* Save the file using the new passphrase. */
- if (!save_private_key(buf, passphrase, private_key, new_comment))
+ if (!save_private_key(file, passphrase, private_key, new_comment))
{
printf("Saving the key failed: %s: %s.\n",
- buf, strerror(errno));
+ file, strerror(errno));
memset(passphrase, 0, strlen(passphrase));
xfree(passphrase);
RSA_free(private_key);
/* Save the public key in text format in a file with the same name but
.pub appended. */
- strcat(buf, ".pub");
- f = fopen(buf, "w");
+ strcat(file, ".pub");
+ f = fopen(file, "w");
if (!f)
{
- printf("Could not save your public key in %s\n", buf);
+ printf("Could not save your public key in %s\n", file);
exit(1);
}
fprintf(f, "%d ", BN_num_bits(public_key->n));
{
char buf[16384], buf2[1024], *passphrase1, *passphrase2;
struct passwd *pw;
- char *tmpbuf;
+ char *file, *tmpbuf;
int opt;
struct stat st;
FILE *f;
/* check if RSA support exists */
if (rsa_alive() == 0) {
+ extern char *__progname;
fprintf(stderr,
"%s: no RSA support in libssl and libcrypto. See ssl(8).\n",
error("Could not create directory '%s'.", buf);
/* Parse command line arguments. */
- while ((opt = getopt(ac, av, "qpcb:f:P:N:C:")) != EOF)
+ while ((opt = getopt(ac, av, "qpclb:f:P:N:C:")) != EOF)
{
switch (opt)
{
}
break;
+ case 'l':
+ print_fingerprint = 1;
+ break;
+
case 'p':
change_passphrase = 1;
break;
exit(1);
}
+ if (print_fingerprint)
+ do_fingerprint(pw);
+
/* If the user requested to change the passphrase, do it now. This
function never returns. */
if (change_passphrase)
ask_file_again:
- /* Ask for a file to save the key in. */
- if (identity_file)
- {
- strncpy(buf, identity_file, sizeof(buf));
- buf[sizeof(buf) - 1] = '\0';
- }
- else
- {
- printf("Enter file in which to save the key ($HOME/%s): ",
- SSH_CLIENT_IDENTITY);
- fflush(stdout);
- if (fgets(buf, sizeof(buf), stdin) == NULL)
- exit(1);
- if (strchr(buf, '\n'))
- *strchr(buf, '\n') = 0;
- if (strcmp(buf, "") == 0)
- snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY);
- }
+ file = get_filename(pw, "Enter file in which to save the key");
/* If the file aready exists, ask the user to confirm. */
- if (stat(buf, &st) >= 0)
+ if (stat(file, &st) >= 0)
{
- printf("%s already exists.\n", buf);
+ printf("%s already exists.\n", file);
printf("Overwrite (y/n)? ");
fflush(stdout);
if (fgets(buf2, sizeof(buf2), stdin) == NULL)
}
/* Save the key with the given passphrase and comment. */
- if (!save_private_key(buf, passphrase1, private_key, buf2))
+ if (!save_private_key(file, passphrase1, private_key, buf2))
{
printf("Saving the key failed: %s: %s.\n",
- buf, strerror(errno));
+ file, strerror(errno));
memset(passphrase1, 0, strlen(passphrase1));
xfree(passphrase1);
+ xfree(file);
goto ask_file_again;
}
/* Clear the passphrase. */
arc4random_stir();
if (!quiet)
- printf("Your identification has been saved in %s.\n", buf);
+ printf("Your identification has been saved in %s.\n", file);
/* Display the public key on the screen. */
if (!quiet) {
/* Save the public key in text format in a file with the same name but
.pub appended. */
- strcat(buf, ".pub");
- f = fopen(buf, "w");
+ strcat(file, ".pub");
+ f = fopen(file, "w");
if (!f)
{
- printf("Could not save your public key in %s\n", buf);
+ printf("Could not save your public key in %s\n", file);
exit(1);
}
fprintf(f, "%d ", BN_num_bits(public_key->n));
fclose(f);
if (!quiet)
- printf("Your public key has been saved in %s\n", buf);
+ printf("Your public key has been saved in %s\n", file);
exit(0);
}
The libraries described in
.Xr ssl 8
are required for proper operation.
+.Pp
+OpenSSH has been created by Aaron Cambell, Bob Beck, Markus Friedl,
+Niels Provos, Theo de Raadt, and Dug Song.
.Sh SEE ALSO
.Xr rlogin 1 ,
.Xr rsh 1 ,
rbits = BN_num_bits(public_key->n);
if (bits != rbits) {
- log("Warning: Server lies about size of server public key,");
- log("Warning: this may be due to an old implementation of ssh.");
- log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits);
+ log("Warning: Server lies about size of server public key: "
+ "actual size is %d bits vs. announced %d.", rbits, bits);
+ log("Warning: This may be due to an old implementation of ssh.");
}
/* Get the host key. */
rbits = BN_num_bits(host_key->n);
if (bits != rbits) {
- log("Warning: Server lies about size of server host key,");
- log("Warning: this may be due to an old implementation of ssh.");
- log("Warning: (actual size %d bits, announced size %d bits)", rbits, bits);
+ log("Warning: Server lies about size of server host key: "
+ "actual size is %d bits vs. announced %d.", rbits, bits);
+ log("Warning: This may be due to an old implementation of ssh.");
}
/* Store the host key from the known host file in here
fatal("No host key is known for %.200s and you have requested strict checking.", host);
} else if (options.strict_host_key_checking == 2) { /* The default */
char prompt[1024];
+ char *fp = fingerprint(host_key->e, host_key->n);
snprintf(prompt, sizeof(prompt),
"The authenticity of host '%.200s' can't be established.\n"
- "Are you sure you want to continue connecting (yes/no)? ",
- host);
+ "Key fingerprint is %d %s.\n"
+ "Are you sure you want to continue connecting (yes/no)? ",
+ host, BN_num_bits(host_key->n), fp);
if (!read_yes_or_no(prompt, -1))
fatal("Aborted by user!\n");
}
exit(1);
}
- /* Initialize the log (it is reinitialized below in case we forked). */
-
- if (debug_flag && !inetd_flag)
- log_stderr = 1;
-
- log_init(av0, options.log_level, options.log_facility, log_stderr);
+ /* Force logging to stderr while loading the private host key
+ unless started from inetd */
+ log_init(av0, options.log_level, options.log_facility, !inetd_flag);
debug("sshd version %.100s", SSH_VERSION);
sensitive_data.host_key = RSA_new();
+ errno = 0;
/* Load the host key. It must have empty passphrase. */
if (!load_private_key(options.host_key_file, "",
sensitive_data.host_key, &comment))
{
- if (debug_flag)
- fprintf(stderr, "Could not load host key: %s: %s\n",
- options.host_key_file, strerror(errno));
- else
- {
- int err = errno;
- /* force logging */
- log_init(av0, SYSLOG_LEVEL_DEBUG, options.log_facility, log_stderr);
- error("Could not load host key: %.200s: %.100s",
- options.host_key_file, strerror(err));
- }
+ error("Could not load host key: %.200s: %.100s",
+ options.host_key_file, strerror(errno));
exit(1);
}
xfree(comment);
+ /* Initialize the log (it is reinitialized below in case we forked). */
+ if (debug_flag && !inetd_flag)
+ log_stderr = 1;
+ log_init(av0, options.log_level, options.log_facility, log_stderr);
+
/* If not in debugging mode, and not started from inetd, disconnect from
the controlling terminal, and fork. The original process exits. */
if (!debug_flag && !inetd_flag)
andersk / openssh.git / commitdiff
