From 40c002af48fe12a59703b95d8d40ed8111fa7f98 Mon Sep 17 00:00:00 2001 From: Peter Avalos Date: Sat, 9 Jan 2010 12:06:31 -1000 Subject: [PATCH] Upgrade to OpenSSH-5.3p1. General Bugfixes: * Do not limit home directory paths to 256 characters. bz#1615 * Several minor documentation and correctness fixes. Portable OpenSSH Bugfixes: * Move the deletion of PAM credentials on logout to after the session close. bz#1534 * Accept ENOSYS as a fallback error when attempting atomic rename(). bz#1535 * Fix detection of krb5-config. bz#1639 * Fix test for server-assigned remote forwarding port for non-root users. bz#1578 --- crypto/openssh/README | 4 +- crypto/openssh/auth-pam.c | 10 +- crypto/openssh/auth-passwd.c | 2 +- crypto/openssh/auth1.c | 10 +- crypto/openssh/auth2-kbdint.c | 4 - crypto/openssh/auth2-none.c | 4 - crypto/openssh/auth2-passwd.c | 4 - crypto/openssh/auth2-pubkey.c | 4 - crypto/openssh/auth2.c | 4 +- crypto/openssh/canohost.c | 24 +- crypto/openssh/canohost.h | 4 +- crypto/openssh/channels.c | 6 +- crypto/openssh/clientloop.c | 25 +- crypto/openssh/defines.h | 13 +- crypto/openssh/gss-genr.c | 2 +- crypto/openssh/includes.h | 3 +- crypto/openssh/jpake.h | 38 +- crypto/openssh/kex.c | 4 +- crypto/openssh/kex.h | 4 +- crypto/openssh/kexdhs.c | 6 +- crypto/openssh/kexgexs.c | 6 +- crypto/openssh/monitor.c | 25 +- crypto/openssh/monitor_mm.c | 2 +- crypto/openssh/monitor_wrap.c | 31 +- crypto/openssh/monitor_wrap.h | 10 +- .../openssh/openbsd-compat/bsd-cygwin_util.h | 5 +- .../openssh/openbsd-compat/getrrsetbyname.c | 2 +- .../openssh/openbsd-compat/openssl-compat.h | 6 +- crypto/openssh/openbsd-compat/port-aix.h | 9 +- crypto/openssh/packet.c | 973 ++++++++++-------- crypto/openssh/packet.h | 17 +- crypto/openssh/readconf.c | 12 +- crypto/openssh/readconf.h | 4 +- crypto/openssh/roaming.h | 38 + crypto/openssh/roaming_common.c | 201 ++++ crypto/openssh/roaming_dummy.c | 61 ++ crypto/openssh/schnorr.h | 60 ++ crypto/openssh/servconf.c | 10 +- crypto/openssh/serverloop.c | 15 +- crypto/openssh/session.c | 30 +- crypto/openssh/sftp-client.c | 2 +- crypto/openssh/sftp-server.8 | 6 +- crypto/openssh/sftp-server.c | 6 +- crypto/openssh/ssh-agent.1 | 6 +- crypto/openssh/ssh-agent.c | 7 +- crypto/openssh/ssh-keygen.c | 2 +- crypto/openssh/ssh.1 | 27 +- crypto/openssh/ssh.c | 21 +- crypto/openssh/sshconnect.c | 10 +- crypto/openssh/sshconnect.h | 4 +- crypto/openssh/sshconnect2.c | 3 +- crypto/openssh/sshd.8 | 6 +- crypto/openssh/sshd.c | 9 +- crypto/openssh/sshd_config.5 | 23 +- crypto/openssh/sshlogin.c | 10 +- crypto/openssh/uuencode.c | 13 +- 56 files changed, 1217 insertions(+), 630 deletions(-) create mode 100644 crypto/openssh/roaming.h create mode 100644 crypto/openssh/roaming_common.c create mode 100644 crypto/openssh/roaming_dummy.c create mode 100644 crypto/openssh/schnorr.h diff --git a/crypto/openssh/README b/crypto/openssh/README index 9de00c0933..8538e8c9bb 100644 --- a/crypto/openssh/README +++ b/crypto/openssh/README @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-5.2 for the release notes. +See http://www.openssh.com/txt/release-5.3 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.70 2009/02/23 00:11:57 djm Exp $ +$Id: README,v 1.70.4.1 2009/09/26 04:11:47 djm Exp $ diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c index ccdb9937e3..675006e6fb 100644 --- a/crypto/openssh/auth-pam.c +++ b/crypto/openssh/auth-pam.c @@ -602,16 +602,16 @@ sshpam_cleanup(void) return; debug("PAM: cleanup"); pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); - if (sshpam_cred_established) { - debug("PAM: deleting credentials"); - pam_setcred(sshpam_handle, PAM_DELETE_CRED); - sshpam_cred_established = 0; - } if (sshpam_session_open) { debug("PAM: closing session"); pam_close_session(sshpam_handle, PAM_SILENT); sshpam_session_open = 0; } + if (sshpam_cred_established) { + debug("PAM: deleting credentials"); + pam_setcred(sshpam_handle, PAM_DELETE_CRED); + sshpam_cred_established = 0; + } sshpam_authenticated = 0; pam_end(sshpam_handle, sshpam_err); sshpam_handle = NULL; diff --git a/crypto/openssh/auth-passwd.c b/crypto/openssh/auth-passwd.c index bdfced023f..b1c6ce0928 100644 --- a/crypto/openssh/auth-passwd.c +++ b/crypto/openssh/auth-passwd.c @@ -102,7 +102,7 @@ auth_password(Authctxt *authctxt, const char *password) } #endif #ifdef HAVE_CYGWIN - if (is_winnt) { + { HANDLE hToken = cygwin_logon_user(pw, password); if (hToken == INVALID_HANDLE_VALUE) diff --git a/crypto/openssh/auth1.c b/crypto/openssh/auth1.c index b8a2558723..1801661fdd 100644 --- a/crypto/openssh/auth1.c +++ b/crypto/openssh/auth1.c @@ -318,15 +318,7 @@ do_authloop(Authctxt *authctxt) } #endif /* _UNICOS */ -#ifdef HAVE_CYGWIN - if (authenticated && - !check_nt_auth(type == SSH_CMSG_AUTH_PASSWORD, - authctxt->pw)) { - packet_disconnect("Authentication rejected for uid %d.", - authctxt->pw == NULL ? -1 : authctxt->pw->pw_uid); - authenticated = 0; - } -#else +#ifndef HAVE_CYGWIN /* Special handling for root */ if (authenticated && authctxt->pw->pw_uid == 0 && !auth_root_allowed(meth->name)) { diff --git a/crypto/openssh/auth2-kbdint.c b/crypto/openssh/auth2-kbdint.c index a4fc9e6f73..fae67da6e3 100644 --- a/crypto/openssh/auth2-kbdint.c +++ b/crypto/openssh/auth2-kbdint.c @@ -58,10 +58,6 @@ userauth_kbdint(Authctxt *authctxt) xfree(devs); xfree(lang); -#ifdef HAVE_CYGWIN - if (check_nt_auth(0, authctxt->pw) == 0) - authenticated = 0; -#endif return authenticated; } diff --git a/crypto/openssh/auth2-none.c b/crypto/openssh/auth2-none.c index 10accfe552..08f2f935fe 100644 --- a/crypto/openssh/auth2-none.c +++ b/crypto/openssh/auth2-none.c @@ -61,10 +61,6 @@ userauth_none(Authctxt *authctxt) { none_enabled = 0; packet_check_eom(); -#ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw) == 0) - return (0); -#endif if (options.password_authentication) return (PRIVSEP(auth_password(authctxt, ""))); return (0); diff --git a/crypto/openssh/auth2-passwd.c b/crypto/openssh/auth2-passwd.c index 421c5c25d0..5f1f3635f7 100644 --- a/crypto/openssh/auth2-passwd.c +++ b/crypto/openssh/auth2-passwd.c @@ -68,10 +68,6 @@ userauth_passwd(Authctxt *authctxt) logit("password change not supported"); else if (PRIVSEP(auth_password(authctxt, password)) == 1) authenticated = 1; -#ifdef HAVE_CYGWIN - if (check_nt_auth(1, authctxt->pw) == 0) - authenticated = 0; -#endif memset(password, 0, len); xfree(password); return authenticated; diff --git a/crypto/openssh/auth2-pubkey.c b/crypto/openssh/auth2-pubkey.c index b1e38e5f58..2886f1275f 100644 --- a/crypto/openssh/auth2-pubkey.c +++ b/crypto/openssh/auth2-pubkey.c @@ -170,10 +170,6 @@ done: key_free(key); xfree(pkalg); xfree(pkblob); -#ifdef HAVE_CYGWIN - if (check_nt_auth(0, authctxt->pw) == 0) - authenticated = 0; -#endif return authenticated; } diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c index ecf8570526..5d54685596 100644 --- a/crypto/openssh/auth2.c +++ b/crypto/openssh/auth2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2.c,v 1.120 2008/11/04 08:22:12 djm Exp $ */ +/* $OpenBSD: auth2.c,v 1.121 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -35,8 +35,8 @@ #include #include -#include "xmalloc.h" #include "atomicio.h" +#include "xmalloc.h" #include "ssh2.h" #include "packet.h" #include "log.h" diff --git a/crypto/openssh/canohost.c b/crypto/openssh/canohost.c index 7138f48d0f..22b19bb9fa 100644 --- a/crypto/openssh/canohost.c +++ b/crypto/openssh/canohost.c @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.c,v 1.64 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: canohost.c,v 1.65 2009/05/27 06:31:25 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,6 +35,8 @@ #include "misc.h" static void check_ip_options(int, char *); +static char *canonical_host_ip = NULL; +static int cached_port = -1; /* * Return the canonical name of the host at the other end of the socket. The @@ -304,6 +306,16 @@ get_local_name(int sock) return get_socket_address(sock, 0, NI_NAMEREQD); } +void +clear_cached_addr(void) +{ + if (canonical_host_ip != NULL) { + xfree(canonical_host_ip); + canonical_host_ip = NULL; + } + cached_port = -1; +} + /* * Returns the IP-address of the remote host as a string. The returned * string must not be freed. @@ -312,8 +324,6 @@ get_local_name(int sock) const char * get_remote_ipaddr(void) { - static char *canonical_host_ip = NULL; - /* Check whether we have cached the ipaddr. */ if (canonical_host_ip == NULL) { if (packet_connection_is_on_socket()) { @@ -402,13 +412,11 @@ get_peer_port(int sock) int get_remote_port(void) { - static int port = -1; - /* Cache to avoid getpeername() on a dead connection */ - if (port == -1) - port = get_port(0); + if (cached_port == -1) + cached_port = get_port(0); - return port; + return cached_port; } int diff --git a/crypto/openssh/canohost.h b/crypto/openssh/canohost.h index d9b41ffe54..4c8636f42d 100644 --- a/crypto/openssh/canohost.h +++ b/crypto/openssh/canohost.h @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.h,v 1.10 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: canohost.h,v 1.11 2009/05/27 06:31:25 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -24,6 +24,6 @@ char *get_local_name(int); int get_remote_port(void); int get_local_port(void); int get_sock_port(int, int); - +void clear_cached_addr(void); void ipv64_normalise_mapped(struct sockaddr_storage *, socklen_t *); diff --git a/crypto/openssh/channels.c b/crypto/openssh/channels.c index dea60ba24e..e8b8aa07e1 100644 --- a/crypto/openssh/channels.c +++ b/crypto/openssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.295 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.296 2009/05/25 06:48:00 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1653,6 +1653,7 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset) } return -1; } +#ifndef BROKEN_TCGETATTR_ICANON if (compat20 && c->isatty && dlen >= 1 && buf[0] != '\r') { if (tcgetattr(c->wfd, &tio) == 0 && !(tio.c_lflag & ECHO) && (tio.c_lflag & ICANON)) { @@ -1666,6 +1667,7 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset) packet_send(); } } +#endif buffer_consume(&c->output, len); if (compat20 && len > 0) { c->local_consumed += len; @@ -2431,7 +2433,7 @@ channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) int id; /* Reset keepalive timeout */ - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); id = packet_get_int(); packet_check_eom(); diff --git a/crypto/openssh/clientloop.c b/crypto/openssh/clientloop.c index a2d2d1d074..9a7dc0ab0b 100644 --- a/crypto/openssh/clientloop.c +++ b/crypto/openssh/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.209 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.213 2009/07/05 19:28:33 stevesk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -109,6 +109,7 @@ #include "misc.h" #include "match.h" #include "msg.h" +#include "roaming.h" /* import options */ extern Options options; @@ -491,13 +492,13 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt) xfree(gc); } - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); } static void server_alive_check(void) { - if (++keep_alive_timeouts > options.server_alive_count_max) { + if (packet_inc_alive_timeouts() > options.server_alive_count_max) { logit("Timeout, server not responding."); cleanup_exit(255); } @@ -634,8 +635,8 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr) static void client_process_net_input(fd_set *readset) { - int len; - char buf[8192]; + int len, cont = 0; + char buf[SSH_IOBUFSZ]; /* * Read input from the server, and add any such data to the buffer of @@ -643,8 +644,8 @@ client_process_net_input(fd_set *readset) */ if (FD_ISSET(connection_in, readset)) { /* Read as much as possible. */ - len = read(connection_in, buf, sizeof(buf)); - if (len == 0) { + len = roaming_read(connection_in, buf, sizeof(buf), &cont); + if (len == 0 && cont == 0) { /* * Received EOF. The remote host has closed the * connection. @@ -1128,7 +1129,7 @@ static void client_process_input(fd_set *readset) { int len; - char buf[8192]; + char buf[SSH_IOBUFSZ]; /* Read input from stdin. */ if (FD_ISSET(fileno(stdin), readset)) { @@ -1476,6 +1477,14 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /* Stop watching for window change. */ signal(SIGWINCH, SIG_DFL); + if (compat20) { + packet_start(SSH2_MSG_DISCONNECT); + packet_put_int(SSH2_DISCONNECT_BY_APPLICATION); + packet_put_cstring("disconnected by user"); + packet_send(); + packet_write_wait(); + } + channel_free_all(); if (have_pty) diff --git a/crypto/openssh/defines.h b/crypto/openssh/defines.h index 536ec4978b..2ddfd96d07 100644 --- a/crypto/openssh/defines.h +++ b/crypto/openssh/defines.h @@ -25,7 +25,7 @@ #ifndef _DEFINES_H #define _DEFINES_H -/* $Id: defines.h,v 1.153 2009/02/01 11:19:54 dtucker Exp $ */ +/* $Id: defines.h,v 1.156 2009/08/28 01:21:07 dtucker Exp $ */ /* Constants */ @@ -300,6 +300,9 @@ struct sockaddr_un { #ifndef HAVE_IN_ADDR_T typedef u_int32_t in_addr_t; #endif +#ifndef HAVE_IN_PORT_T +typedef u_int16_t in_port_t; +#endif #if defined(BROKEN_SYS_TERMIO_H) && !defined(_STRUCT_WINSIZE) #define _STRUCT_WINSIZE @@ -591,6 +594,10 @@ struct winsize { #define FSID_TO_ULONG(f) \ ((((u_int64_t)(f).val[0] & 0xffffffffUL) << 32) | \ ((f).val[1] & 0xffffffffUL)) +#elif defined(FSID_HAS___VAL) +#define FSID_TO_ULONG(f) \ + ((((u_int64_t)(f).__val[0] & 0xffffffffUL) << 32) | \ + ((f).__val[1] & 0xffffffffUL)) #else # define FSID_TO_ULONG(f) ((f)) #endif @@ -742,4 +749,8 @@ struct winsize { #define INET6_ADDRSTRLEN 46 #endif +#ifndef SSH_IOBUFSZ +# define SSH_IOBUFSZ 8192 +#endif + #endif /* _DEFINES_H */ diff --git a/crypto/openssh/gss-genr.c b/crypto/openssh/gss-genr.c index e9190575d3..842f38582c 100644 --- a/crypto/openssh/gss-genr.c +++ b/crypto/openssh/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.19 2007/06/12 11:56:15 dtucker Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.20 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. diff --git a/crypto/openssh/includes.h b/crypto/openssh/includes.h index f1b47f666d..6bb9878072 100644 --- a/crypto/openssh/includes.h +++ b/crypto/openssh/includes.h @@ -31,7 +31,8 @@ #endif #if defined(HAVE_GLOB_H) && defined(GLOB_HAS_ALTDIRFUNC) && \ defined(GLOB_HAS_GL_MATCHC) && \ - defined(HAVE_DECL_GLOB_NOMATCH) && HAVE_DECL_GLOB_NOMATCH != 0 + defined(HAVE_DECL_GLOB_NOMATCH) && HAVE_DECL_GLOB_NOMATCH != 0 && \ + !defined(BROKEN_GLOB) # include #endif #ifdef HAVE_ENDIAN_H diff --git a/crypto/openssh/jpake.h b/crypto/openssh/jpake.h index a3d800cd3c..a3f2cf0256 100644 --- a/crypto/openssh/jpake.h +++ b/crypto/openssh/jpake.h @@ -1,4 +1,4 @@ -/* $OpenBSD: jpake.h,v 1.1 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: jpake.h,v 1.2 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2008 Damien Miller. All rights reserved. * @@ -28,20 +28,16 @@ # define JPAKE_DEBUG_BUF(a) # define JPAKE_DEBUG_CTX(a) #else -# define JPAKE_DEBUG_BN(a) jpake_debug3_bn a -# define JPAKE_DEBUG_BUF(a) jpake_debug3_buf a +# define JPAKE_DEBUG_BN(a) debug3_bn a +# define JPAKE_DEBUG_BUF(a) debug3_buf a # define JPAKE_DEBUG_CTX(a) jpake_dump a -#endif /* SCHNORR_DEBUG */ - -struct jpake_group { - BIGNUM *p, *q, *g; -}; +#endif /* JPAKE_DEBUG */ #define KZP_ID_LEN 16 /* Length of client and server IDs */ struct jpake_ctx { /* Parameters */ - struct jpake_group *grp; + struct modp_group *grp; /* Private values shared by client and server */ BIGNUM *s; /* Secret (salted, crypted password) */ @@ -83,26 +79,18 @@ struct jpake_ctx { }; /* jpake.c */ -struct jpake_group *jpake_default_group(void); -BIGNUM *bn_rand_range_gt_one(const BIGNUM *high); -int hash_buffer(const u_char *, u_int, const EVP_MD *, u_char **, u_int *); -void jpake_debug3_bn(const BIGNUM *, const char *, ...) - __attribute__((__nonnull__ (2))) - __attribute__((format(printf, 2, 3))); -void jpake_debug3_buf(const u_char *, u_int, const char *, ...) - __attribute__((__nonnull__ (3))) - __attribute__((format(printf, 3, 4))); +struct modp_group *jpake_default_group(void); void jpake_dump(struct jpake_ctx *, const char *, ...) __attribute__((__nonnull__ (2))) __attribute__((format(printf, 2, 3))); struct jpake_ctx *jpake_new(void); void jpake_free(struct jpake_ctx *); -void jpake_step1(struct jpake_group *, u_char **, u_int *, +void jpake_step1(struct modp_group *, u_char **, u_int *, BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **, u_char **, u_int *, u_char **, u_int *); -void jpake_step2(struct jpake_group *, BIGNUM *, +void jpake_step2(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, @@ -113,7 +101,7 @@ void jpake_confirm_hash(const BIGNUM *, const u_char *, u_int, u_char **, u_int *); -void jpake_key_confirm(struct jpake_group *, BIGNUM *, BIGNUM *, +void jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, @@ -122,13 +110,5 @@ void jpake_key_confirm(struct jpake_group *, BIGNUM *, BIGNUM *, int jpake_check_confirm(const BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int); -/* schnorr.c */ -int schnorr_sign(const BIGNUM *, const BIGNUM *, const BIGNUM *, - const BIGNUM *, const BIGNUM *, const u_char *, u_int , - u_char **, u_int *); -int schnorr_verify(const BIGNUM *, const BIGNUM *, const BIGNUM *, - const BIGNUM *, const u_char *, u_int, - const u_char *, u_int); - #endif /* JPAKE_H */ diff --git a/crypto/openssh/kex.c b/crypto/openssh/kex.c index 48b54f5f73..f4f44f095d 100644 --- a/crypto/openssh/kex.c +++ b/crypto/openssh/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.80 2008/09/06 12:24:13 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.81 2009/05/27 06:34:36 andreas Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -49,8 +49,6 @@ #include "dispatch.h" #include "monitor.h" -#define KEX_COOKIE_LEN 16 - #if OPENSSL_VERSION_NUMBER >= 0x00907000L # if defined(HAVE_EVP_SHA256) # define evp_ssh_sha256 EVP_sha256 diff --git a/crypto/openssh/kex.h b/crypto/openssh/kex.h index 8e29c90e90..68c80c5a90 100644 --- a/crypto/openssh/kex.h +++ b/crypto/openssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.46 2007/06/07 19:37:34 pvalchev Exp $ */ +/* $OpenBSD: kex.h,v 1.47 2009/05/27 06:34:36 andreas Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -30,6 +30,8 @@ #include #include +#define KEX_COOKIE_LEN 16 + #define KEX_DH1 "diffie-hellman-group1-sha1" #define KEX_DH14 "diffie-hellman-group14-sha1" #define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" diff --git a/crypto/openssh/kexdhs.c b/crypto/openssh/kexdhs.c index 8617088184..a6719f6722 100644 --- a/crypto/openssh/kexdhs.c +++ b/crypto/openssh/kexdhs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexdhs.c,v 1.9 2006/11/06 21:25:28 markus Exp $ */ +/* $OpenBSD: kexdhs.c,v 1.10 2009/06/21 07:37:15 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -137,7 +137,9 @@ kexdh_server(Kex *kex) } /* sign H */ - PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen)); + if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, + hashlen)) < 0) + fatal("kexdh_server: key_sign failed"); /* destroy_sensitive_data(); */ diff --git a/crypto/openssh/kexgexs.c b/crypto/openssh/kexgexs.c index 76a0f8ca71..8515568b36 100644 --- a/crypto/openssh/kexgexs.c +++ b/crypto/openssh/kexgexs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kexgexs.c,v 1.11 2009/01/01 21:17:36 djm Exp $ */ +/* $OpenBSD: kexgexs.c,v 1.12 2009/06/21 07:37:15 dtucker Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -179,7 +179,9 @@ kexgex_server(Kex *kex) } /* sign H */ - PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, hashlen)); + if (PRIVSEP(key_sign(server_host_key, &signature, &slen, hash, + hashlen)) < 0) + fatal("kexgex_server: key_sign failed"); /* destroy_sensitive_data(); */ diff --git a/crypto/openssh/monitor.c b/crypto/openssh/monitor.c index f57e74ba5c..ace25c4047 100644 --- a/crypto/openssh/monitor.c +++ b/crypto/openssh/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.101 2009/02/12 03:26:22 djm Exp $ */ +/* $OpenBSD: monitor.c,v 1.104 2009/06/12 20:43:22 andreas Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -88,6 +88,7 @@ #include "compat.h" #include "ssh2.h" #include "jpake.h" +#include "roaming.h" #ifdef GSSAPI static Gssctxt *gsscontext = NULL; @@ -100,7 +101,6 @@ extern Newkeys *current_keys[]; extern z_stream incoming_stream; extern z_stream outgoing_stream; extern u_char session_id[]; -extern Buffer input, output; extern Buffer auth_debug; extern int auth_debug_init; extern Buffer loginmsg; @@ -126,6 +126,8 @@ struct { u_int ilen; u_char *output; u_int olen; + u_int64_t sent_bytes; + u_int64_t recv_bytes; } child_state; /* Functions on the monitor that answer unprivileged requests */ @@ -1670,15 +1672,20 @@ monitor_apply_keystate(struct monitor *pmonitor) /* Network I/O buffers */ /* XXX inefficient for large buffers, need: buffer_init_from_string */ - buffer_clear(&input); - buffer_append(&input, child_state.input, child_state.ilen); + buffer_clear(packet_get_input()); + buffer_append(packet_get_input(), child_state.input, child_state.ilen); memset(child_state.input, 0, child_state.ilen); xfree(child_state.input); - buffer_clear(&output); - buffer_append(&output, child_state.output, child_state.olen); + buffer_clear(packet_get_output()); + buffer_append(packet_get_output(), child_state.output, + child_state.olen); memset(child_state.output, 0, child_state.olen); xfree(child_state.output); + + /* Roaming */ + if (compat20) + roam_set_bytes(child_state.sent_bytes, child_state.recv_bytes); } static Kex * @@ -1794,6 +1801,12 @@ mm_get_keystate(struct monitor *pmonitor) child_state.input = buffer_get_string(&m, &child_state.ilen); child_state.output = buffer_get_string(&m, &child_state.olen); + /* Roaming */ + if (compat20) { + child_state.sent_bytes = buffer_get_int64(&m); + child_state.recv_bytes = buffer_get_int64(&m); + } + buffer_free(&m); } diff --git a/crypto/openssh/monitor_mm.c b/crypto/openssh/monitor_mm.c index dab747532a..faf9f3dcb4 100644 --- a/crypto/openssh/monitor_mm.c +++ b/crypto/openssh/monitor_mm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_mm.c,v 1.15 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: monitor_mm.c,v 1.16 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * All rights reserved. diff --git a/crypto/openssh/monitor_wrap.c b/crypto/openssh/monitor_wrap.c index 0986fc5182..b8e8710f71 100644 --- a/crypto/openssh/monitor_wrap.c +++ b/crypto/openssh/monitor_wrap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.c,v 1.64 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: monitor_wrap.c,v 1.68 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -71,19 +71,19 @@ #include "atomicio.h" #include "monitor_fdpass.h" #include "misc.h" +#include "schnorr.h" #include "jpake.h" #include "channels.h" #include "session.h" #include "servconf.h" +#include "roaming.h" /* Imports */ extern int compat20; -extern Newkeys *newkeys[]; extern z_stream incoming_stream; extern z_stream outgoing_stream; extern struct monitor *pmonitor; -extern Buffer input, output; extern Buffer loginmsg; extern ServerOptions options; @@ -508,7 +508,7 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp) Enc *enc; Mac *mac; Comp *comp; - Newkeys *newkey = newkeys[mode]; + Newkeys *newkey = (Newkeys *)packet_get_newkeys(mode); debug3("%s: converting %p", __func__, newkey); @@ -570,7 +570,7 @@ mm_send_kex(Buffer *m, Kex *kex) void mm_send_keystate(struct monitor *monitor) { - Buffer m; + Buffer m, *input, *output; u_char *blob, *p; u_int bloblen, plen; u_int32_t seqnr, packets; @@ -608,7 +608,8 @@ mm_send_keystate(struct monitor *monitor) } debug3("%s: Sending new keys: %p %p", - __func__, newkeys[MODE_OUT], newkeys[MODE_IN]); + __func__, packet_get_newkeys(MODE_OUT), + packet_get_newkeys(MODE_IN)); /* Keys from Kex */ if (!mm_newkeys_to_blob(MODE_OUT, &blob, &bloblen)) @@ -655,8 +656,16 @@ mm_send_keystate(struct monitor *monitor) buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); /* Network I/O buffers */ - buffer_put_string(&m, buffer_ptr(&input), buffer_len(&input)); - buffer_put_string(&m, buffer_ptr(&output), buffer_len(&output)); + input = (Buffer *)packet_get_input(); + output = (Buffer *)packet_get_output(); + buffer_put_string(&m, buffer_ptr(input), buffer_len(input)); + buffer_put_string(&m, buffer_ptr(output), buffer_len(output)); + + /* Roaming */ + if (compat20) { + buffer_put_int64(&m, get_sent_bytes()); + buffer_put_int64(&m, get_recv_bytes()); + } mm_request_send(monitor->m_recvfd, MONITOR_REQ_KEYEXPORT, &m); debug3("%s: Finished sending state", __func__); @@ -1282,7 +1291,7 @@ mm_auth2_jpake_get_pwdata(Authctxt *authctxt, BIGNUM **s, } void -mm_jpake_step1(struct jpake_group *grp, +mm_jpake_step1(struct modp_group *grp, u_char **id, u_int *id_len, BIGNUM **priv1, BIGNUM **priv2, BIGNUM **g_priv1, BIGNUM **g_priv2, u_char **priv1_proof, u_int *priv1_proof_len, @@ -1317,7 +1326,7 @@ mm_jpake_step1(struct jpake_group *grp, } void -mm_jpake_step2(struct jpake_group *grp, BIGNUM *s, +mm_jpake_step2(struct modp_group *grp, BIGNUM *s, BIGNUM *mypub1, BIGNUM *theirpub1, BIGNUM *theirpub2, BIGNUM *mypriv2, const u_char *theirid, u_int theirid_len, const u_char *myid, u_int myid_len, @@ -1357,7 +1366,7 @@ mm_jpake_step2(struct jpake_group *grp, BIGNUM *s, } void -mm_jpake_key_confirm(struct jpake_group *grp, BIGNUM *s, BIGNUM *step2_val, +mm_jpake_key_confirm(struct modp_group *grp, BIGNUM *s, BIGNUM *step2_val, BIGNUM *mypriv2, BIGNUM *mypub1, BIGNUM *mypub2, BIGNUM *theirpub1, BIGNUM *theirpub2, const u_char *my_id, u_int my_id_len, diff --git a/crypto/openssh/monitor_wrap.h b/crypto/openssh/monitor_wrap.h index 55c4b99f35..de2d16f662 100644 --- a/crypto/openssh/monitor_wrap.h +++ b/crypto/openssh/monitor_wrap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor_wrap.h,v 1.21 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: monitor_wrap.h,v 1.22 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright 2002 Niels Provos @@ -102,17 +102,17 @@ int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); int mm_skey_respond(void *, u_int, char **); /* jpake */ -struct jpake_group; +struct modp_group; void mm_auth2_jpake_get_pwdata(struct Authctxt *, BIGNUM **, char **, char **); -void mm_jpake_step1(struct jpake_group *, u_char **, u_int *, +void mm_jpake_step1(struct modp_group *, u_char **, u_int *, BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **, u_char **, u_int *, u_char **, u_int *); -void mm_jpake_step2(struct jpake_group *, BIGNUM *, +void mm_jpake_step2(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, BIGNUM **, u_char **, u_int *); -void mm_jpake_key_confirm(struct jpake_group *, BIGNUM *, BIGNUM *, +void mm_jpake_key_confirm(struct modp_group *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, const u_char *, u_int, diff --git a/crypto/openssh/openbsd-compat/bsd-cygwin_util.h b/crypto/openssh/openbsd-compat/bsd-cygwin_util.h index 6719b8a49c..39b8eb788d 100644 --- a/crypto/openssh/openbsd-compat/bsd-cygwin_util.h +++ b/crypto/openssh/openbsd-compat/bsd-cygwin_util.h @@ -1,4 +1,4 @@ -/* $Id: bsd-cygwin_util.h,v 1.11 2004/08/30 10:42:08 dtucker Exp $ */ +/* $Id: bsd-cygwin_util.h,v 1.12 2009/03/08 00:40:28 dtucker Exp $ */ /* * Copyright (c) 2000, 2001, Corinna Vinschen @@ -35,7 +35,6 @@ #ifdef HAVE_CYGWIN #undef ERROR -#define is_winnt (GetVersion() < 0x80000000) #include #include @@ -43,9 +42,7 @@ int binary_open(const char *, int , ...); int binary_pipe(int fd[2]); -int check_nt_auth(int, struct passwd *); int check_ntsec(const char *); -void register_9x_service(void); char **fetch_windows_environment(void); void free_windows_environment(char **); diff --git a/crypto/openssh/openbsd-compat/getrrsetbyname.c b/crypto/openssh/openbsd-compat/getrrsetbyname.c index 785b225691..98876673d0 100644 --- a/crypto/openssh/openbsd-compat/getrrsetbyname.c +++ b/crypto/openssh/openbsd-compat/getrrsetbyname.c @@ -143,7 +143,7 @@ u_int32_t _getlong(register const u_char *); /* ************** */ -#define ANSWER_BUFFER_SIZE 1024*64 +#define ANSWER_BUFFER_SIZE 0xffff struct dns_query { char *name; diff --git a/crypto/openssh/openbsd-compat/openssl-compat.h b/crypto/openssh/openbsd-compat/openssl-compat.h index 6a1bed5b2b..fcc762867d 100644 --- a/crypto/openssh/openbsd-compat/openssl-compat.h +++ b/crypto/openssh/openbsd-compat/openssl-compat.h @@ -1,4 +1,4 @@ -/* $Id: openssl-compat.h,v 1.12 2008/02/28 08:22:04 dtucker Exp $ */ +/* $Id: openssl-compat.h,v 1.14 2009/03/07 11:22:35 dtucker Exp $ */ /* * Copyright (c) 2005 Darren Tucker @@ -80,6 +80,10 @@ extern const EVP_CIPHER *evp_acss(void); # define EVP_CIPHER_CTX_cleanup(a) ssh_EVP_CIPHER_CTX_cleanup((a)) # endif /* SSH_OLD_EVP */ +# ifdef OPENSSL_EVP_DIGESTUPDATE_VOID +# define EVP_DigestUpdate(a,b,c) ssh_EVP_DigestUpdate((a),(b),(c)) +# endif + # ifdef USE_OPENSSL_ENGINE # ifdef SSLeay_add_all_algorithms # undef SSLeay_add_all_algorithms diff --git a/crypto/openssh/openbsd-compat/port-aix.h b/crypto/openssh/openbsd-compat/port-aix.h index ecb9feae8b..3ac76ae155 100644 --- a/crypto/openssh/openbsd-compat/port-aix.h +++ b/crypto/openssh/openbsd-compat/port-aix.h @@ -1,4 +1,4 @@ -/* $Id: port-aix.h,v 1.29 2008/03/09 05:36:55 dtucker Exp $ */ +/* $Id: port-aix.h,v 1.31 2009/08/20 06:20:50 dtucker Exp $ */ /* * @@ -71,6 +71,11 @@ int passwdexpired(char *, char **); # include #endif +/* for setpcred and friends */ +#ifdef HAVE_USERSEC_H +# include +#endif + /* * According to the setauthdb man page, AIX password registries must be 15 * chars or less plus terminating NUL. @@ -87,6 +92,8 @@ void aix_usrinfo(struct passwd *); int sys_auth_allowed_user(struct passwd *, Buffer *); # define CUSTOM_SYS_AUTH_RECORD_LOGIN 1 int sys_auth_record_login(const char *, const char *, const char *, Buffer *); +# define CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG +char *sys_auth_get_lastlogin_msg(const char *, uid_t); # define CUSTOM_FAILED_LOGIN 1 #endif diff --git a/crypto/openssh/packet.c b/crypto/openssh/packet.c index 5afc84ce0b..994e35b6df 100644 --- a/crypto/openssh/packet.c +++ b/crypto/openssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.160 2009/02/13 11:50:21 markus Exp $ */ +/* $OpenBSD: packet.c,v 1.166 2009/06/27 09:29:06 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -77,6 +77,7 @@ #include "canohost.h" #include "misc.h" #include "ssh.h" +#include "roaming.h" #ifdef PACKET_DEBUG #define DBG(x) x @@ -86,92 +87,126 @@ #define PACKET_MAX_SIZE (256 * 1024) -/* - * This variable contains the file descriptors used for communicating with - * the other side. connection_in is used for reading; connection_out for - * writing. These can be the same descriptor, in which case it is assumed to - * be a socket. - */ -static int connection_in = -1; -static int connection_out = -1; +struct packet_state { + u_int32_t seqnr; + u_int32_t packets; + u_int64_t blocks; + u_int64_t bytes; +}; -/* Protocol flags for the remote side. */ -static u_int remote_protocol_flags = 0; +struct packet { + TAILQ_ENTRY(packet) next; + u_char type; + Buffer payload; +}; -/* Encryption context for receiving data. This is only used for decryption. */ -static CipherContext receive_context; +struct session_state { + /* + * This variable contains the file descriptors used for + * communicating with the other side. connection_in is used for + * reading; connection_out for writing. These can be the same + * descriptor, in which case it is assumed to be a socket. + */ + int connection_in; + int connection_out; -/* Encryption context for sending data. This is only used for encryption. */ -static CipherContext send_context; + /* Protocol flags for the remote side. */ + u_int remote_protocol_flags; -/* Buffer for raw input data from the socket. */ -Buffer input; + /* Encryption context for receiving data. Only used for decryption. */ + CipherContext receive_context; -/* Buffer for raw output data going to the socket. */ -Buffer output; + /* Encryption context for sending data. Only used for encryption. */ + CipherContext send_context; -/* Buffer for the partial outgoing packet being constructed. */ -static Buffer outgoing_packet; + /* Buffer for raw input data from the socket. */ + Buffer input; -/* Buffer for the incoming packet currently being processed. */ -static Buffer incoming_packet; + /* Buffer for raw output data going to the socket. */ + Buffer output; -/* Scratch buffer for packet compression/decompression. */ -static Buffer compression_buffer; -static int compression_buffer_ready = 0; + /* Buffer for the partial outgoing packet being constructed. */ + Buffer outgoing_packet; -/* Flag indicating whether packet compression/decompression is enabled. */ -static int packet_compression = 0; + /* Buffer for the incoming packet currently being processed. */ + Buffer incoming_packet; -/* default maximum packet size */ -u_int max_packet_size = 32768; + /* Scratch buffer for packet compression/decompression. */ + Buffer compression_buffer; + int compression_buffer_ready; -/* Flag indicating whether this module has been initialized. */ -static int initialized = 0; + /* + * Flag indicating whether packet compression/decompression is + * enabled. + */ + int packet_compression; -/* Set to true if the connection is interactive. */ -static int interactive_mode = 0; + /* default maximum packet size */ + u_int max_packet_size; -/* Set to true if we are the server side. */ -static int server_side = 0; + /* Flag indicating whether this module has been initialized. */ + int initialized; -/* Set to true if we are authenticated. */ -static int after_authentication = 0; + /* Set to true if the connection is interactive. */ + int interactive_mode; -int keep_alive_timeouts = 0; + /* Set to true if we are the server side. */ + int server_side; -/* Set to the maximum time that we will wait to send or receive a packet */ -static int packet_timeout_ms = -1; + /* Set to true if we are authenticated. */ + int after_authentication; -/* Session key information for Encryption and MAC */ -Newkeys *newkeys[MODE_MAX]; -static struct packet_state { - u_int32_t seqnr; - u_int32_t packets; - u_int64_t blocks; - u_int64_t bytes; -} p_read, p_send; + int keep_alive_timeouts; -static u_int64_t max_blocks_in, max_blocks_out; -static u_int32_t rekey_limit; + /* The maximum time that we will wait to send or receive a packet */ + int packet_timeout_ms; -/* Session key for protocol v1 */ -static u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; -static u_int ssh1_keylen; + /* Session key information for Encryption and MAC */ + Newkeys *newkeys[MODE_MAX]; + struct packet_state p_read, p_send; -/* roundup current message to extra_pad bytes */ -static u_char extra_pad = 0; + u_int64_t max_blocks_in, max_blocks_out; + u_int32_t rekey_limit; -/* XXX discard incoming data after MAC error */ -static u_int packet_discard = 0; -static Mac *packet_discard_mac = NULL; + /* Session key for protocol v1 */ + u_char ssh1_key[SSH_SESSION_KEY_LENGTH]; + u_int ssh1_keylen; -struct packet { - TAILQ_ENTRY(packet) next; - u_char type; - Buffer payload; + /* roundup current message to extra_pad bytes */ + u_char extra_pad; + + /* XXX discard incoming data after MAC error */ + u_int packet_discard; + Mac *packet_discard_mac; + + /* Used in packet_read_poll2() */ + u_int packlen; + + /* Used in packet_send2 */ + int rekeying; + + /* Used in packet_set_interactive */ + int set_interactive_called; + + /* Used in packet_set_maxsize */ + int set_maxsize_called; + + TAILQ_HEAD(, packet) outgoing; }; -TAILQ_HEAD(, packet) outgoing; + +static struct session_state *active_state, *backup_state; + +static struct session_state * +alloc_session_state(void) +{ + struct session_state *s = xcalloc(1, sizeof(*s)); + + s->connection_in = -1; + s->connection_out = -1; + s->max_packet_size = 32768; + s->packet_timeout_ms = -1; + return s; +} /* * Sets the descriptors used for communication. Disables encryption until @@ -184,21 +219,23 @@ packet_set_connection(int fd_in, int fd_out) if (none == NULL) fatal("packet_set_connection: cannot load cipher 'none'"); - connection_in = fd_in; - connection_out = fd_out; - cipher_init(&send_context, none, (const u_char *)"", + if (active_state == NULL) + active_state = alloc_session_state(); + active_state->connection_in = fd_in; + active_state->connection_out = fd_out; + cipher_init(&active_state->send_context, none, (const u_char *)"", 0, NULL, 0, CIPHER_ENCRYPT); - cipher_init(&receive_context, none, (const u_char *)"", + cipher_init(&active_state->receive_context, none, (const u_char *)"", 0, NULL, 0, CIPHER_DECRYPT); - newkeys[MODE_IN] = newkeys[MODE_OUT] = NULL; - if (!initialized) { - initialized = 1; - buffer_init(&input); - buffer_init(&output); - buffer_init(&outgoing_packet); - buffer_init(&incoming_packet); - TAILQ_INIT(&outgoing); - p_send.packets = p_read.packets = 0; + active_state->newkeys[MODE_IN] = active_state->newkeys[MODE_OUT] = NULL; + if (!active_state->initialized) { + active_state->initialized = 1; + buffer_init(&active_state->input); + buffer_init(&active_state->output); + buffer_init(&active_state->outgoing_packet); + buffer_init(&active_state->incoming_packet); + TAILQ_INIT(&active_state->outgoing); + active_state->p_send.packets = active_state->p_read.packets = 0; } } @@ -206,27 +243,29 @@ void packet_set_timeout(int timeout, int count) { if (timeout == 0 || count == 0) { - packet_timeout_ms = -1; + active_state->packet_timeout_ms = -1; return; } if ((INT_MAX / 1000) / count < timeout) - packet_timeout_ms = INT_MAX; + active_state->packet_timeout_ms = INT_MAX; else - packet_timeout_ms = timeout * count * 1000; + active_state->packet_timeout_ms = timeout * count * 1000; } static void packet_stop_discard(void) { - if (packet_discard_mac) { + if (active_state->packet_discard_mac) { char buf[1024]; memset(buf, 'a', sizeof(buf)); - while (buffer_len(&incoming_packet) < PACKET_MAX_SIZE) - buffer_append(&incoming_packet, buf, sizeof(buf)); - (void) mac_compute(packet_discard_mac, - p_read.seqnr, - buffer_ptr(&incoming_packet), + while (buffer_len(&active_state->incoming_packet) < + PACKET_MAX_SIZE) + buffer_append(&active_state->incoming_packet, buf, + sizeof(buf)); + (void) mac_compute(active_state->packet_discard_mac, + active_state->p_read.seqnr, + buffer_ptr(&active_state->incoming_packet), PACKET_MAX_SIZE); } logit("Finished discarding for %.200s", get_remote_ipaddr()); @@ -239,10 +278,11 @@ packet_start_discard(Enc *enc, Mac *mac, u_int packet_length, u_int discard) if (enc == NULL || !cipher_is_cbc(enc->cipher)) packet_disconnect("Packet corrupt"); if (packet_length != PACKET_MAX_SIZE && mac && mac->enabled) - packet_discard_mac = mac; - if (buffer_len(&input) >= discard) + active_state->packet_discard_mac = mac; + if (buffer_len(&active_state->input) >= discard) packet_stop_discard(); - packet_discard = discard - buffer_len(&input); + active_state->packet_discard = discard - + buffer_len(&active_state->input); } /* Returns 1 if remote host is connected via socket, 0 if not. */ @@ -254,15 +294,17 @@ packet_connection_is_on_socket(void) socklen_t fromlen, tolen; /* filedescriptors in and out are the same, so it's a socket */ - if (connection_in == connection_out) + if (active_state->connection_in == active_state->connection_out) return 1; fromlen = sizeof(from); memset(&from, 0, sizeof(from)); - if (getpeername(connection_in, (struct sockaddr *)&from, &fromlen) < 0) + if (getpeername(active_state->connection_in, (struct sockaddr *)&from, + &fromlen) < 0) return 0; tolen = sizeof(to); memset(&to, 0, sizeof(to)); - if (getpeername(connection_out, (struct sockaddr *)&to, &tolen) < 0) + if (getpeername(active_state->connection_out, (struct sockaddr *)&to, + &tolen) < 0) return 0; if (fromlen != tolen || memcmp(&from, &to, fromlen) != 0) return 0; @@ -283,9 +325,9 @@ packet_get_keyiv(int mode, u_char *iv, u_int len) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; cipher_get_keyiv(cc, iv, len); } @@ -296,9 +338,9 @@ packet_get_keycontext(int mode, u_char *dat) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; return (cipher_get_keycontext(cc, dat)); } @@ -309,9 +351,9 @@ packet_set_keycontext(int mode, u_char *dat) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; cipher_set_keycontext(cc, dat); } @@ -322,9 +364,9 @@ packet_get_keyiv_len(int mode) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; return (cipher_get_keyiv_len(cc)); } @@ -335,9 +377,9 @@ packet_set_iv(int mode, u_char *dat) CipherContext *cc; if (mode == MODE_OUT) - cc = &send_context; + cc = &active_state->send_context; else - cc = &receive_context; + cc = &active_state->receive_context; cipher_set_keyiv(cc, dat); } @@ -345,7 +387,7 @@ packet_set_iv(int mode, u_char *dat) int packet_get_ssh1_cipher(void) { - return (cipher_get_number(receive_context.cipher)); + return (cipher_get_number(active_state->receive_context.cipher)); } void @@ -354,7 +396,8 @@ packet_get_state(int mode, u_int32_t *seqnr, u_int64_t *blocks, u_int32_t *packe { struct packet_state *state; - state = (mode == MODE_IN) ? &p_read : &p_send; + state = (mode == MODE_IN) ? + &active_state->p_read : &active_state->p_send; if (seqnr) *seqnr = state->seqnr; if (blocks) @@ -371,7 +414,8 @@ packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets, { struct packet_state *state; - state = (mode == MODE_IN) ? &p_read : &p_send; + state = (mode == MODE_IN) ? + &active_state->p_read : &active_state->p_send; state->seqnr = seqnr; state->blocks = blocks; state->packets = packets; @@ -387,7 +431,8 @@ packet_connection_is_ipv4(void) socklen_t tolen = sizeof(to); memset(&to, 0, sizeof(to)); - if (getsockname(connection_out, (struct sockaddr *)&to, &tolen) < 0) + if (getsockname(active_state->connection_out, (struct sockaddr *)&to, + &tolen) < 0) return 0; if (to.ss_family == AF_INET) return 1; @@ -405,10 +450,10 @@ void packet_set_nonblocking(void) { /* Set the socket into non-blocking mode. */ - set_nonblock(connection_in); + set_nonblock(active_state->connection_in); - if (connection_out != connection_in) - set_nonblock(connection_out); + if (active_state->connection_out != active_state->connection_in) + set_nonblock(active_state->connection_out); } /* Returns the socket used for reading. */ @@ -416,7 +461,7 @@ packet_set_nonblocking(void) int packet_get_connection_in(void) { - return connection_in; + return active_state->connection_in; } /* Returns the descriptor used for writing. */ @@ -424,7 +469,7 @@ packet_get_connection_in(void) int packet_get_connection_out(void) { - return connection_out; + return active_state->connection_out; } /* Closes the connection and clears and frees internal data structures. */ @@ -432,26 +477,26 @@ packet_get_connection_out(void) void packet_close(void) { - if (!initialized) + if (!active_state->initialized) return; - initialized = 0; - if (connection_in == connection_out) { - shutdown(connection_out, SHUT_RDWR); - close(connection_out); + active_state->initialized = 0; + if (active_state->connection_in == active_state->connection_out) { + shutdown(active_state->connection_out, SHUT_RDWR); + close(active_state->connection_out); } else { - close(connection_in); - close(connection_out); + close(active_state->connection_in); + close(active_state->connection_out); } - buffer_free(&input); - buffer_free(&output); - buffer_free(&outgoing_packet); - buffer_free(&incoming_packet); - if (compression_buffer_ready) { - buffer_free(&compression_buffer); + buffer_free(&active_state->input); + buffer_free(&active_state->output); + buffer_free(&active_state->outgoing_packet); + buffer_free(&active_state->incoming_packet); + if (active_state->compression_buffer_ready) { + buffer_free(&active_state->compression_buffer); buffer_compress_uninit(); } - cipher_cleanup(&send_context); - cipher_cleanup(&receive_context); + cipher_cleanup(&active_state->send_context); + cipher_cleanup(&active_state->receive_context); } /* Sets remote side protocol flags. */ @@ -459,7 +504,7 @@ packet_close(void) void packet_set_protocol_flags(u_int protocol_flags) { - remote_protocol_flags = protocol_flags; + active_state->remote_protocol_flags = protocol_flags; } /* Returns the remote protocol flags set earlier by the above function. */ @@ -467,7 +512,7 @@ packet_set_protocol_flags(u_int protocol_flags) u_int packet_get_protocol_flags(void) { - return remote_protocol_flags; + return active_state->remote_protocol_flags; } /* @@ -478,18 +523,18 @@ packet_get_protocol_flags(void) static void packet_init_compression(void) { - if (compression_buffer_ready == 1) + if (active_state->compression_buffer_ready == 1) return; - compression_buffer_ready = 1; - buffer_init(&compression_buffer); + active_state->compression_buffer_ready = 1; + buffer_init(&active_state->compression_buffer); } void packet_start_compression(int level) { - if (packet_compression && !compat20) + if (active_state->packet_compression && !compat20) fatal("Compression already enabled."); - packet_compression = 1; + active_state->packet_compression = 1; packet_init_compression(); buffer_compress_init_send(level); buffer_compress_init_recv(); @@ -513,19 +558,21 @@ packet_set_encryption_key(const u_char *key, u_int keylen, fatal("packet_set_encryption_key: keylen too small: %d", keylen); if (keylen > SSH_SESSION_KEY_LENGTH) fatal("packet_set_encryption_key: keylen too big: %d", keylen); - memcpy(ssh1_key, key, keylen); - ssh1_keylen = keylen; - cipher_init(&send_context, cipher, key, keylen, NULL, 0, CIPHER_ENCRYPT); - cipher_init(&receive_context, cipher, key, keylen, NULL, 0, CIPHER_DECRYPT); + memcpy(active_state->ssh1_key, key, keylen); + active_state->ssh1_keylen = keylen; + cipher_init(&active_state->send_context, cipher, key, keylen, NULL, + 0, CIPHER_ENCRYPT); + cipher_init(&active_state->receive_context, cipher, key, keylen, NULL, + 0, CIPHER_DECRYPT); } u_int packet_get_encryption_key(u_char *key) { if (key == NULL) - return (ssh1_keylen); - memcpy(key, ssh1_key, ssh1_keylen); - return (ssh1_keylen); + return (active_state->ssh1_keylen); + memcpy(key, active_state->ssh1_key, active_state->ssh1_keylen); + return (active_state->ssh1_keylen); } /* Start constructing a packet to send. */ @@ -539,8 +586,8 @@ packet_start(u_char type) len = compat20 ? 6 : 9; memset(buf, 0, len - 1); buf[len - 1] = type; - buffer_clear(&outgoing_packet); - buffer_append(&outgoing_packet, buf, len); + buffer_clear(&active_state->outgoing_packet); + buffer_append(&active_state->outgoing_packet, buf, len); } /* Append payload. */ @@ -549,43 +596,49 @@ packet_put_char(int value) { char ch = value; - buffer_append(&outgoing_packet, &ch, 1); + buffer_append(&active_state->outgoing_packet, &ch, 1); } void packet_put_int(u_int value) { - buffer_put_int(&outgoing_packet, value); + buffer_put_int(&active_state->outgoing_packet, value); +} + +void +packet_put_int64(u_int64_t value) +{ + buffer_put_int64(&active_state->outgoing_packet, value); } void packet_put_string(const void *buf, u_int len) { - buffer_put_string(&outgoing_packet, buf, len); + buffer_put_string(&active_state->outgoing_packet, buf, len); } void packet_put_cstring(const char *str) { - buffer_put_cstring(&outgoing_packet, str); + buffer_put_cstring(&active_state->outgoing_packet, str); } void packet_put_raw(const void *buf, u_int len) { - buffer_append(&outgoing_packet, buf, len); + buffer_append(&active_state->outgoing_packet, buf, len); } void packet_put_bignum(BIGNUM * value) { - buffer_put_bignum(&outgoing_packet, value); + buffer_put_bignum(&active_state->outgoing_packet, value); } void packet_put_bignum2(BIGNUM * value) { - buffer_put_bignum2(&outgoing_packet, value); + buffer_put_bignum2(&active_state->outgoing_packet, value); } /* @@ -605,24 +658,27 @@ packet_send1(void) * If using packet compression, compress the payload of the outgoing * packet. */ - if (packet_compression) { - buffer_clear(&compression_buffer); + if (active_state->packet_compression) { + buffer_clear(&active_state->compression_buffer); /* Skip padding. */ - buffer_consume(&outgoing_packet, 8); + buffer_consume(&active_state->outgoing_packet, 8); /* padding */ - buffer_append(&compression_buffer, "\0\0\0\0\0\0\0\0", 8); - buffer_compress(&outgoing_packet, &compression_buffer); - buffer_clear(&outgoing_packet); - buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_append(&active_state->compression_buffer, + "\0\0\0\0\0\0\0\0", 8); + buffer_compress(&active_state->outgoing_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->outgoing_packet); + buffer_append(&active_state->outgoing_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); } /* Compute packet length without padding (add checksum, remove padding). */ - len = buffer_len(&outgoing_packet) + 4 - 8; + len = buffer_len(&active_state->outgoing_packet) + 4 - 8; /* Insert padding. Initialized to zero in packet_start1() */ padding = 8 - len % 8; - if (!send_context.plaintext) { - cp = buffer_ptr(&outgoing_packet); + if (!active_state->send_context.plaintext) { + cp = buffer_ptr(&active_state->outgoing_packet); for (i = 0; i < padding; i++) { if (i % 4 == 0) rnd = arc4random(); @@ -630,33 +686,36 @@ packet_send1(void) rnd >>= 8; } } - buffer_consume(&outgoing_packet, 8 - padding); + buffer_consume(&active_state->outgoing_packet, 8 - padding); /* Add check bytes. */ - checksum = ssh_crc32(buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); + checksum = ssh_crc32(buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); put_u32(buf, checksum); - buffer_append(&outgoing_packet, buf, 4); + buffer_append(&active_state->outgoing_packet, buf, 4); #ifdef PACKET_DEBUG fprintf(stderr, "packet_send plain: "); - buffer_dump(&outgoing_packet); + buffer_dump(&active_state->outgoing_packet); #endif /* Append to output. */ put_u32(buf, len); - buffer_append(&output, buf, 4); - cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); - cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); + buffer_append(&active_state->output, buf, 4); + cp = buffer_append_space(&active_state->output, + buffer_len(&active_state->outgoing_packet)); + cipher_crypt(&active_state->send_context, cp, + buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); #ifdef PACKET_DEBUG fprintf(stderr, "encrypted: "); - buffer_dump(&output); + buffer_dump(&active_state->output); #endif - p_send.packets++; - p_send.bytes += len + buffer_len(&outgoing_packet); - buffer_clear(&outgoing_packet); + active_state->p_send.packets++; + active_state->p_send.bytes += len + + buffer_len(&active_state->outgoing_packet); + buffer_clear(&active_state->outgoing_packet); /* * Note that the packet is now only buffered in output. It won't be @@ -678,22 +737,22 @@ set_newkeys(int mode) debug2("set_newkeys: mode %d", mode); if (mode == MODE_OUT) { - cc = &send_context; + cc = &active_state->send_context; crypt_type = CIPHER_ENCRYPT; - p_send.packets = p_send.blocks = 0; - max_blocks = &max_blocks_out; + active_state->p_send.packets = active_state->p_send.blocks = 0; + max_blocks = &active_state->max_blocks_out; } else { - cc = &receive_context; + cc = &active_state->receive_context; crypt_type = CIPHER_DECRYPT; - p_read.packets = p_read.blocks = 0; - max_blocks = &max_blocks_in; + active_state->p_read.packets = active_state->p_read.blocks = 0; + max_blocks = &active_state->max_blocks_in; } - if (newkeys[mode] != NULL) { + if (active_state->newkeys[mode] != NULL) { debug("set_newkeys: rekeying"); cipher_cleanup(cc); - enc = &newkeys[mode]->enc; - mac = &newkeys[mode]->mac; - comp = &newkeys[mode]->comp; + enc = &active_state->newkeys[mode]->enc; + mac = &active_state->newkeys[mode]->mac; + comp = &active_state->newkeys[mode]->comp; mac_clear(mac); xfree(enc->name); xfree(enc->iv); @@ -701,14 +760,14 @@ set_newkeys(int mode) xfree(mac->name); xfree(mac->key); xfree(comp->name); - xfree(newkeys[mode]); + xfree(active_state->newkeys[mode]); } - newkeys[mode] = kex_get_newkeys(mode); - if (newkeys[mode] == NULL) + active_state->newkeys[mode] = kex_get_newkeys(mode); + if (active_state->newkeys[mode] == NULL) fatal("newkeys: no keys for mode %d", mode); - enc = &newkeys[mode]->enc; - mac = &newkeys[mode]->mac; - comp = &newkeys[mode]->comp; + enc = &active_state->newkeys[mode]->enc; + mac = &active_state->newkeys[mode]->mac; + comp = &active_state->newkeys[mode]->comp; if (mac_init(mac) == 0) mac->enabled = 1; DBG(debug("cipher_init_context: %d", mode)); @@ -719,8 +778,8 @@ set_newkeys(int mode) memset(enc->key, 0, enc->key_len); memset(mac->key, 0, mac->key_len); */ if ((comp->type == COMP_ZLIB || - (comp->type == COMP_DELAYED && after_authentication)) && - comp->enabled == 0) { + (comp->type == COMP_DELAYED && + active_state->after_authentication)) && comp->enabled == 0) { packet_init_compression(); if (mode == MODE_OUT) buffer_compress_init_send(6); @@ -736,8 +795,9 @@ set_newkeys(int mode) *max_blocks = (u_int64_t)1 << (enc->block_size*2); else *max_blocks = ((u_int64_t)1 << 30) / enc->block_size; - if (rekey_limit) - *max_blocks = MIN(*max_blocks, rekey_limit / enc->block_size); + if (active_state->rekey_limit) + *max_blocks = MIN(*max_blocks, + active_state->rekey_limit / enc->block_size); } /* @@ -755,12 +815,12 @@ packet_enable_delayed_compress(void) * Remember that we are past the authentication step, so rekeying * with COMP_DELAYED will turn on compression immediately. */ - after_authentication = 1; + active_state->after_authentication = 1; for (mode = 0; mode < MODE_MAX; mode++) { /* protocol error: USERAUTH_SUCCESS received before NEWKEYS */ - if (newkeys[mode] == NULL) + if (active_state->newkeys[mode] == NULL) continue; - comp = &newkeys[mode]->comp; + comp = &active_state->newkeys[mode]->comp; if (comp && !comp->enabled && comp->type == COMP_DELAYED) { packet_init_compression(); if (mode == MODE_OUT) @@ -788,37 +848,39 @@ packet_send2_wrapped(void) Comp *comp = NULL; int block_size; - if (newkeys[MODE_OUT] != NULL) { - enc = &newkeys[MODE_OUT]->enc; - mac = &newkeys[MODE_OUT]->mac; - comp = &newkeys[MODE_OUT]->comp; + if (active_state->newkeys[MODE_OUT] != NULL) { + enc = &active_state->newkeys[MODE_OUT]->enc; + mac = &active_state->newkeys[MODE_OUT]->mac; + comp = &active_state->newkeys[MODE_OUT]->comp; } block_size = enc ? enc->block_size : 8; - cp = buffer_ptr(&outgoing_packet); + cp = buffer_ptr(&active_state->outgoing_packet); type = cp[5]; #ifdef PACKET_DEBUG fprintf(stderr, "plain: "); - buffer_dump(&outgoing_packet); + buffer_dump(&active_state->outgoing_packet); #endif if (comp && comp->enabled) { - len = buffer_len(&outgoing_packet); + len = buffer_len(&active_state->outgoing_packet); /* skip header, compress only payload */ - buffer_consume(&outgoing_packet, 5); - buffer_clear(&compression_buffer); - buffer_compress(&outgoing_packet, &compression_buffer); - buffer_clear(&outgoing_packet); - buffer_append(&outgoing_packet, "\0\0\0\0\0", 5); - buffer_append(&outgoing_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_consume(&active_state->outgoing_packet, 5); + buffer_clear(&active_state->compression_buffer); + buffer_compress(&active_state->outgoing_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->outgoing_packet); + buffer_append(&active_state->outgoing_packet, "\0\0\0\0\0", 5); + buffer_append(&active_state->outgoing_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); DBG(debug("compression: raw %d compressed %d", len, - buffer_len(&outgoing_packet))); + buffer_len(&active_state->outgoing_packet))); } /* sizeof (packet_len + pad_len + payload) */ - len = buffer_len(&outgoing_packet); + len = buffer_len(&active_state->outgoing_packet); /* * calc size of padding, alloc space, get random data, @@ -827,17 +889,19 @@ packet_send2_wrapped(void) padlen = block_size - (len % block_size); if (padlen < 4) padlen += block_size; - if (extra_pad) { + if (active_state->extra_pad) { /* will wrap if extra_pad+padlen > 255 */ - extra_pad = roundup(extra_pad, block_size); - pad = extra_pad - ((len + padlen) % extra_pad); + active_state->extra_pad = + roundup(active_state->extra_pad, block_size); + pad = active_state->extra_pad - + ((len + padlen) % active_state->extra_pad); debug3("packet_send2: adding %d (len %d padlen %d extra_pad %d)", - pad, len, padlen, extra_pad); + pad, len, padlen, active_state->extra_pad); padlen += pad; - extra_pad = 0; + active_state->extra_pad = 0; } - cp = buffer_append_space(&outgoing_packet, padlen); - if (enc && !send_context.plaintext) { + cp = buffer_append_space(&active_state->outgoing_packet, padlen); + if (enc && !active_state->send_context.plaintext) { /* random padding */ for (i = 0; i < padlen; i++) { if (i % 4 == 0) @@ -850,86 +914,88 @@ packet_send2_wrapped(void) memset(cp, 0, padlen); } /* packet_length includes payload, padding and padding length field */ - packet_length = buffer_len(&outgoing_packet) - 4; - cp = buffer_ptr(&outgoing_packet); + packet_length = buffer_len(&active_state->outgoing_packet) - 4; + cp = buffer_ptr(&active_state->outgoing_packet); put_u32(cp, packet_length); cp[4] = padlen; DBG(debug("send: len %d (includes padlen %d)", packet_length+4, padlen)); /* compute MAC over seqnr and packet(length fields, payload, padding) */ if (mac && mac->enabled) { - macbuf = mac_compute(mac, p_send.seqnr, - buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); - DBG(debug("done calc MAC out #%d", p_send.seqnr)); + macbuf = mac_compute(mac, active_state->p_send.seqnr, + buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); + DBG(debug("done calc MAC out #%d", active_state->p_send.seqnr)); } /* encrypt packet and append to output buffer. */ - cp = buffer_append_space(&output, buffer_len(&outgoing_packet)); - cipher_crypt(&send_context, cp, buffer_ptr(&outgoing_packet), - buffer_len(&outgoing_packet)); + cp = buffer_append_space(&active_state->output, + buffer_len(&active_state->outgoing_packet)); + cipher_crypt(&active_state->send_context, cp, + buffer_ptr(&active_state->outgoing_packet), + buffer_len(&active_state->outgoing_packet)); /* append unencrypted MAC */ if (mac && mac->enabled) - buffer_append(&output, macbuf, mac->mac_len); + buffer_append(&active_state->output, macbuf, mac->mac_len); #ifdef PACKET_DEBUG fprintf(stderr, "encrypted: "); - buffer_dump(&output); + buffer_dump(&active_state->output); #endif /* increment sequence number for outgoing packets */ - if (++p_send.seqnr == 0) + if (++active_state->p_send.seqnr == 0) logit("outgoing seqnr wraps around"); - if (++p_send.packets == 0) + if (++active_state->p_send.packets == 0) if (!(datafellows & SSH_BUG_NOREKEY)) fatal("XXX too many packets with same key"); - p_send.blocks += (packet_length + 4) / block_size; - p_send.bytes += packet_length + 4; - buffer_clear(&outgoing_packet); + active_state->p_send.blocks += (packet_length + 4) / block_size; + active_state->p_send.bytes += packet_length + 4; + buffer_clear(&active_state->outgoing_packet); if (type == SSH2_MSG_NEWKEYS) set_newkeys(MODE_OUT); - else if (type == SSH2_MSG_USERAUTH_SUCCESS && server_side) + else if (type == SSH2_MSG_USERAUTH_SUCCESS && active_state->server_side) packet_enable_delayed_compress(); } static void packet_send2(void) { - static int rekeying = 0; struct packet *p; u_char type, *cp; - cp = buffer_ptr(&outgoing_packet); + cp = buffer_ptr(&active_state->outgoing_packet); type = cp[5]; /* during rekeying we can only send key exchange messages */ - if (rekeying) { + if (active_state->rekeying) { if (!((type >= SSH2_MSG_TRANSPORT_MIN) && (type <= SSH2_MSG_TRANSPORT_MAX))) { debug("enqueue packet: %u", type); p = xmalloc(sizeof(*p)); p->type = type; - memcpy(&p->payload, &outgoing_packet, sizeof(Buffer)); - buffer_init(&outgoing_packet); - TAILQ_INSERT_TAIL(&outgoing, p, next); + memcpy(&p->payload, &active_state->outgoing_packet, + sizeof(Buffer)); + buffer_init(&active_state->outgoing_packet); + TAILQ_INSERT_TAIL(&active_state->outgoing, p, next); return; } } /* rekeying starts with sending KEXINIT */ if (type == SSH2_MSG_KEXINIT) - rekeying = 1; + active_state->rekeying = 1; packet_send2_wrapped(); /* after a NEWKEYS message we can send the complete queue */ if (type == SSH2_MSG_NEWKEYS) { - rekeying = 0; - while ((p = TAILQ_FIRST(&outgoing))) { + active_state->rekeying = 0; + while ((p = TAILQ_FIRST(&active_state->outgoing))) { type = p->type; debug("dequeue packet: %u", type); - buffer_free(&outgoing_packet); - memcpy(&outgoing_packet, &p->payload, + buffer_free(&active_state->outgoing_packet); + memcpy(&active_state->outgoing_packet, &p->payload, sizeof(Buffer)); - TAILQ_REMOVE(&outgoing, p, next); + TAILQ_REMOVE(&active_state->outgoing, p, next); xfree(p); packet_send2_wrapped(); } @@ -955,15 +1021,15 @@ packet_send(void) int packet_read_seqnr(u_int32_t *seqnr_p) { - int type, len, ret, ms_remain; + int type, len, ret, ms_remain, cont; fd_set *setp; char buf[8192]; struct timeval timeout, start, *timeoutp = NULL; DBG(debug("packet_read()")); - setp = (fd_set *)xcalloc(howmany(connection_in+1, NFDBITS), - sizeof(fd_mask)); + setp = (fd_set *)xcalloc(howmany(active_state->connection_in + 1, + NFDBITS), sizeof(fd_mask)); /* Since we are blocking, ensure that all written packets have been sent. */ packet_write_wait(); @@ -987,27 +1053,27 @@ packet_read_seqnr(u_int32_t *seqnr_p) * Otherwise, wait for some data to arrive, add it to the * buffer, and try again. */ - memset(setp, 0, howmany(connection_in + 1, NFDBITS) * - sizeof(fd_mask)); - FD_SET(connection_in, setp); + memset(setp, 0, howmany(active_state->connection_in + 1, + NFDBITS) * sizeof(fd_mask)); + FD_SET(active_state->connection_in, setp); - if (packet_timeout_ms > 0) { - ms_remain = packet_timeout_ms; + if (active_state->packet_timeout_ms > 0) { + ms_remain = active_state->packet_timeout_ms; timeoutp = &timeout; } /* Wait for some data to arrive. */ for (;;) { - if (packet_timeout_ms != -1) { + if (active_state->packet_timeout_ms != -1) { ms_to_timeval(&timeout, ms_remain); gettimeofday(&start, NULL); } - if ((ret = select(connection_in + 1, setp, NULL, - NULL, timeoutp)) >= 0) + if ((ret = select(active_state->connection_in + 1, setp, + NULL, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR && + if (errno != EAGAIN && errno != EINTR && errno != EWOULDBLOCK) break; - if (packet_timeout_ms == -1) + if (active_state->packet_timeout_ms == -1) continue; ms_subtract_diff(&start, &ms_remain); if (ms_remain <= 0) { @@ -1021,7 +1087,11 @@ packet_read_seqnr(u_int32_t *seqnr_p) cleanup_exit(255); } /* Read data from the socket. */ - len = read(connection_in, buf, sizeof(buf)); + do { + cont = 0; + len = roaming_read(active_state->connection_in, buf, + sizeof(buf), &cont); + } while (len == 0 && cont); if (len == 0) { logit("Connection closed by %.200s", get_remote_ipaddr()); cleanup_exit(255); @@ -1073,31 +1143,32 @@ packet_read_poll1(void) u_int checksum, stored_checksum; /* Check if input size is less than minimum packet size. */ - if (buffer_len(&input) < 4 + 8) + if (buffer_len(&active_state->input) < 4 + 8) return SSH_MSG_NONE; /* Get length of incoming packet. */ - cp = buffer_ptr(&input); + cp = buffer_ptr(&active_state->input); len = get_u32(cp); if (len < 1 + 2 + 2 || len > 256 * 1024) packet_disconnect("Bad packet length %u.", len); padded_len = (len + 8) & ~7; /* Check if the packet has been entirely received. */ - if (buffer_len(&input) < 4 + padded_len) + if (buffer_len(&active_state->input) < 4 + padded_len) return SSH_MSG_NONE; /* The entire packet is in buffer. */ /* Consume packet length. */ - buffer_consume(&input, 4); + buffer_consume(&active_state->input, 4); /* * Cryptographic attack detector for ssh * (C)1998 CORE-SDI, Buenos Aires Argentina * Ariel Futoransky(futo@core-sdi.com) */ - if (!receive_context.plaintext) { - switch (detect_attack(buffer_ptr(&input), padded_len)) { + if (!active_state->receive_context.plaintext) { + switch (detect_attack(buffer_ptr(&active_state->input), + padded_len)) { case DEATTACK_DETECTED: packet_disconnect("crc32 compensation attack: " "network attack detected"); @@ -1108,45 +1179,48 @@ packet_read_poll1(void) } /* Decrypt data to incoming_packet. */ - buffer_clear(&incoming_packet); - cp = buffer_append_space(&incoming_packet, padded_len); - cipher_crypt(&receive_context, cp, buffer_ptr(&input), padded_len); + buffer_clear(&active_state->incoming_packet); + cp = buffer_append_space(&active_state->incoming_packet, padded_len); + cipher_crypt(&active_state->receive_context, cp, + buffer_ptr(&active_state->input), padded_len); - buffer_consume(&input, padded_len); + buffer_consume(&active_state->input, padded_len); #ifdef PACKET_DEBUG fprintf(stderr, "read_poll plain: "); - buffer_dump(&incoming_packet); + buffer_dump(&active_state->incoming_packet); #endif /* Compute packet checksum. */ - checksum = ssh_crc32(buffer_ptr(&incoming_packet), - buffer_len(&incoming_packet) - 4); + checksum = ssh_crc32(buffer_ptr(&active_state->incoming_packet), + buffer_len(&active_state->incoming_packet) - 4); /* Skip padding. */ - buffer_consume(&incoming_packet, 8 - len % 8); + buffer_consume(&active_state->incoming_packet, 8 - len % 8); /* Test check bytes. */ - if (len != buffer_len(&incoming_packet)) + if (len != buffer_len(&active_state->incoming_packet)) packet_disconnect("packet_read_poll1: len %d != buffer_len %d.", - len, buffer_len(&incoming_packet)); + len, buffer_len(&active_state->incoming_packet)); - cp = (u_char *)buffer_ptr(&incoming_packet) + len - 4; + cp = (u_char *)buffer_ptr(&active_state->incoming_packet) + len - 4; stored_checksum = get_u32(cp); if (checksum != stored_checksum) packet_disconnect("Corrupted check bytes on input."); - buffer_consume_end(&incoming_packet, 4); - - if (packet_compression) { - buffer_clear(&compression_buffer); - buffer_uncompress(&incoming_packet, &compression_buffer); - buffer_clear(&incoming_packet); - buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_consume_end(&active_state->incoming_packet, 4); + + if (active_state->packet_compression) { + buffer_clear(&active_state->compression_buffer); + buffer_uncompress(&active_state->incoming_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->incoming_packet); + buffer_append(&active_state->incoming_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); } - p_read.packets++; - p_read.bytes += padded_len + 4; - type = buffer_get_char(&incoming_packet); + active_state->p_read.packets++; + active_state->p_read.bytes += padded_len + 4; + type = buffer_get_char(&active_state->incoming_packet); if (type < SSH_MSG_MIN || type > SSH_MSG_MAX) packet_disconnect("Invalid ssh1 packet type: %d", type); return type; @@ -1155,7 +1229,6 @@ packet_read_poll1(void) static int packet_read_poll2(u_int32_t *seqnr_p) { - static u_int packet_length = 0; u_int padlen, need; u_char *macbuf, *cp, type; u_int maclen, block_size; @@ -1163,50 +1236,52 @@ packet_read_poll2(u_int32_t *seqnr_p) Mac *mac = NULL; Comp *comp = NULL; - if (packet_discard) + if (active_state->packet_discard) return SSH_MSG_NONE; - if (newkeys[MODE_IN] != NULL) { - enc = &newkeys[MODE_IN]->enc; - mac = &newkeys[MODE_IN]->mac; - comp = &newkeys[MODE_IN]->comp; + if (active_state->newkeys[MODE_IN] != NULL) { + enc = &active_state->newkeys[MODE_IN]->enc; + mac = &active_state->newkeys[MODE_IN]->mac; + comp = &active_state->newkeys[MODE_IN]->comp; } maclen = mac && mac->enabled ? mac->mac_len : 0; block_size = enc ? enc->block_size : 8; - if (packet_length == 0) { + if (active_state->packlen == 0) { /* * check if input size is less than the cipher block size, * decrypt first block and extract length of incoming packet */ - if (buffer_len(&input) < block_size) + if (buffer_len(&active_state->input) < block_size) return SSH_MSG_NONE; - buffer_clear(&incoming_packet); - cp = buffer_append_space(&incoming_packet, block_size); - cipher_crypt(&receive_context, cp, buffer_ptr(&input), + buffer_clear(&active_state->incoming_packet); + cp = buffer_append_space(&active_state->incoming_packet, block_size); - cp = buffer_ptr(&incoming_packet); - packet_length = get_u32(cp); - if (packet_length < 1 + 4 || packet_length > PACKET_MAX_SIZE) { + cipher_crypt(&active_state->receive_context, cp, + buffer_ptr(&active_state->input), block_size); + cp = buffer_ptr(&active_state->incoming_packet); + active_state->packlen = get_u32(cp); + if (active_state->packlen < 1 + 4 || + active_state->packlen > PACKET_MAX_SIZE) { #ifdef PACKET_DEBUG - buffer_dump(&incoming_packet); + buffer_dump(&active_state->incoming_packet); #endif - logit("Bad packet length %u.", packet_length); - packet_start_discard(enc, mac, packet_length, + logit("Bad packet length %u.", active_state->packlen); + packet_start_discard(enc, mac, active_state->packlen, PACKET_MAX_SIZE); return SSH_MSG_NONE; } - DBG(debug("input: packet len %u", packet_length+4)); - buffer_consume(&input, block_size); + DBG(debug("input: packet len %u", active_state->packlen+4)); + buffer_consume(&active_state->input, block_size); } /* we have a partial packet of block_size bytes */ - need = 4 + packet_length - block_size; + need = 4 + active_state->packlen - block_size; DBG(debug("partial packet %d, need %d, maclen %d", block_size, need, maclen)); if (need % block_size != 0) { logit("padding error: need %d block %d mod %d", need, block_size, need % block_size); - packet_start_discard(enc, mac, packet_length, + packet_start_discard(enc, mac, active_state->packlen, PACKET_MAX_SIZE - block_size); return SSH_MSG_NONE; } @@ -1214,84 +1289,90 @@ packet_read_poll2(u_int32_t *seqnr_p) * check if the entire packet has been received and * decrypt into incoming_packet */ - if (buffer_len(&input) < need + maclen) + if (buffer_len(&active_state->input) < need + maclen) return SSH_MSG_NONE; #ifdef PACKET_DEBUG fprintf(stderr, "read_poll enc/full: "); - buffer_dump(&input); + buffer_dump(&active_state->input); #endif - cp = buffer_append_space(&incoming_packet, need); - cipher_crypt(&receive_context, cp, buffer_ptr(&input), need); - buffer_consume(&input, need); + cp = buffer_append_space(&active_state->incoming_packet, need); + cipher_crypt(&active_state->receive_context, cp, + buffer_ptr(&active_state->input), need); + buffer_consume(&active_state->input, need); /* * compute MAC over seqnr and packet, * increment sequence number for incoming packet */ if (mac && mac->enabled) { - macbuf = mac_compute(mac, p_read.seqnr, - buffer_ptr(&incoming_packet), - buffer_len(&incoming_packet)); - if (memcmp(macbuf, buffer_ptr(&input), mac->mac_len) != 0) { + macbuf = mac_compute(mac, active_state->p_read.seqnr, + buffer_ptr(&active_state->incoming_packet), + buffer_len(&active_state->incoming_packet)); + if (memcmp(macbuf, buffer_ptr(&active_state->input), + mac->mac_len) != 0) { logit("Corrupted MAC on input."); if (need > PACKET_MAX_SIZE) fatal("internal error need %d", need); - packet_start_discard(enc, mac, packet_length, + packet_start_discard(enc, mac, active_state->packlen, PACKET_MAX_SIZE - need); return SSH_MSG_NONE; } - DBG(debug("MAC #%d ok", p_read.seqnr)); - buffer_consume(&input, mac->mac_len); + DBG(debug("MAC #%d ok", active_state->p_read.seqnr)); + buffer_consume(&active_state->input, mac->mac_len); } /* XXX now it's safe to use fatal/packet_disconnect */ if (seqnr_p != NULL) - *seqnr_p = p_read.seqnr; - if (++p_read.seqnr == 0) + *seqnr_p = active_state->p_read.seqnr; + if (++active_state->p_read.seqnr == 0) logit("incoming seqnr wraps around"); - if (++p_read.packets == 0) + if (++active_state->p_read.packets == 0) if (!(datafellows & SSH_BUG_NOREKEY)) fatal("XXX too many packets with same key"); - p_read.blocks += (packet_length + 4) / block_size; - p_read.bytes += packet_length + 4; + active_state->p_read.blocks += (active_state->packlen + 4) / block_size; + active_state->p_read.bytes += active_state->packlen + 4; /* get padlen */ - cp = buffer_ptr(&incoming_packet); + cp = buffer_ptr(&active_state->incoming_packet); padlen = cp[4]; DBG(debug("input: padlen %d", padlen)); if (padlen < 4) packet_disconnect("Corrupted padlen %d on input.", padlen); /* skip packet size + padlen, discard padding */ - buffer_consume(&incoming_packet, 4 + 1); - buffer_consume_end(&incoming_packet, padlen); + buffer_consume(&active_state->incoming_packet, 4 + 1); + buffer_consume_end(&active_state->incoming_packet, padlen); - DBG(debug("input: len before de-compress %d", buffer_len(&incoming_packet))); + DBG(debug("input: len before de-compress %d", + buffer_len(&active_state->incoming_packet))); if (comp && comp->enabled) { - buffer_clear(&compression_buffer); - buffer_uncompress(&incoming_packet, &compression_buffer); - buffer_clear(&incoming_packet); - buffer_append(&incoming_packet, buffer_ptr(&compression_buffer), - buffer_len(&compression_buffer)); + buffer_clear(&active_state->compression_buffer); + buffer_uncompress(&active_state->incoming_packet, + &active_state->compression_buffer); + buffer_clear(&active_state->incoming_packet); + buffer_append(&active_state->incoming_packet, + buffer_ptr(&active_state->compression_buffer), + buffer_len(&active_state->compression_buffer)); DBG(debug("input: len after de-compress %d", - buffer_len(&incoming_packet))); + buffer_len(&active_state->incoming_packet))); } /* * get packet type, implies consume. * return length of payload (without type field) */ - type = buffer_get_char(&incoming_packet); + type = buffer_get_char(&active_state->incoming_packet); if (type < SSH2_MSG_MIN || type >= SSH2_MSG_LOCAL_MIN) packet_disconnect("Invalid ssh2 packet type: %d", type); if (type == SSH2_MSG_NEWKEYS) set_newkeys(MODE_IN); - else if (type == SSH2_MSG_USERAUTH_SUCCESS && !server_side) + else if (type == SSH2_MSG_USERAUTH_SUCCESS && + !active_state->server_side) packet_enable_delayed_compress(); #ifdef PACKET_DEBUG fprintf(stderr, "read/plain[%d]:\r\n", type); - buffer_dump(&incoming_packet); + buffer_dump(&active_state->incoming_packet); #endif /* reset for next packet */ - packet_length = 0; + active_state->packlen = 0; return type; } @@ -1306,7 +1387,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_p) if (compat20) { type = packet_read_poll2(seqnr_p); if (type) { - keep_alive_timeouts = 0; + active_state->keep_alive_timeouts = 0; DBG(debug("received packet type %d", type)); } switch (type) { @@ -1376,14 +1457,14 @@ packet_read_poll(void) void packet_process_incoming(const char *buf, u_int len) { - if (packet_discard) { - keep_alive_timeouts = 0; /* ?? */ - if (len >= packet_discard) + if (active_state->packet_discard) { + active_state->keep_alive_timeouts = 0; /* ?? */ + if (len >= active_state->packet_discard) packet_stop_discard(); - packet_discard -= len; + active_state->packet_discard -= len; return; } - buffer_append(&input, buf, len); + buffer_append(&active_state->input, buf, len); } /* Returns a character from the packet. */ @@ -1393,7 +1474,7 @@ packet_get_char(void) { char ch; - buffer_get(&incoming_packet, &ch, 1); + buffer_get(&active_state->incoming_packet, &ch, 1); return (u_char) ch; } @@ -1402,7 +1483,15 @@ packet_get_char(void) u_int packet_get_int(void) { - return buffer_get_int(&incoming_packet); + return buffer_get_int(&active_state->incoming_packet); +} + +/* Returns an 64 bit integer from the packet data. */ + +u_int64_t +packet_get_int64(void) +{ + return buffer_get_int64(&active_state->incoming_packet); } /* @@ -1413,29 +1502,29 @@ packet_get_int(void) void packet_get_bignum(BIGNUM * value) { - buffer_get_bignum(&incoming_packet, value); + buffer_get_bignum(&active_state->incoming_packet, value); } void packet_get_bignum2(BIGNUM * value) { - buffer_get_bignum2(&incoming_packet, value); + buffer_get_bignum2(&active_state->incoming_packet, value); } void * packet_get_raw(u_int *length_ptr) { - u_int bytes = buffer_len(&incoming_packet); + u_int bytes = buffer_len(&active_state->incoming_packet); if (length_ptr != NULL) *length_ptr = bytes; - return buffer_ptr(&incoming_packet); + return buffer_ptr(&active_state->incoming_packet); } int packet_remaining(void) { - return buffer_len(&incoming_packet); + return buffer_len(&active_state->incoming_packet); } /* @@ -1448,13 +1537,13 @@ packet_remaining(void) void * packet_get_string(u_int *length_ptr) { - return buffer_get_string(&incoming_packet, length_ptr); + return buffer_get_string(&active_state->incoming_packet, length_ptr); } void * packet_get_string_ptr(u_int *length_ptr) { - return buffer_get_string_ptr(&incoming_packet, length_ptr); + return buffer_get_string_ptr(&active_state->incoming_packet, length_ptr); } /* @@ -1547,23 +1636,25 @@ packet_disconnect(const char *fmt,...) void packet_write_poll(void) { - int len = buffer_len(&output); + int len = buffer_len(&active_state->output); + int cont; if (len > 0) { - len = write(connection_out, buffer_ptr(&output), len); + cont = 0; + len = roaming_write(active_state->connection_out, + buffer_ptr(&active_state->output), len, &cont); if (len == -1) { if (errno == EINTR || errno == EAGAIN || errno == EWOULDBLOCK) return; fatal("Write failed: %.100s", strerror(errno)); } - if (len == 0) + if (len == 0 && !cont) fatal("Write connection closed"); - buffer_consume(&output, len); + buffer_consume(&active_state->output, len); } } - /* * Calls packet_write_poll repeatedly until all pending output data has been * written. @@ -1576,30 +1667,30 @@ packet_write_wait(void) int ret, ms_remain; struct timeval start, timeout, *timeoutp = NULL; - setp = (fd_set *)xcalloc(howmany(connection_out + 1, NFDBITS), - sizeof(fd_mask)); + setp = (fd_set *)xcalloc(howmany(active_state->connection_out + 1, + NFDBITS), sizeof(fd_mask)); packet_write_poll(); while (packet_have_data_to_write()) { - memset(setp, 0, howmany(connection_out + 1, NFDBITS) * - sizeof(fd_mask)); - FD_SET(connection_out, setp); + memset(setp, 0, howmany(active_state->connection_out + 1, + NFDBITS) * sizeof(fd_mask)); + FD_SET(active_state->connection_out, setp); - if (packet_timeout_ms > 0) { - ms_remain = packet_timeout_ms; + if (active_state->packet_timeout_ms > 0) { + ms_remain = active_state->packet_timeout_ms; timeoutp = &timeout; } for (;;) { - if (packet_timeout_ms != -1) { + if (active_state->packet_timeout_ms != -1) { ms_to_timeval(&timeout, ms_remain); gettimeofday(&start, NULL); } - if ((ret = select(connection_out + 1, NULL, setp, - NULL, timeoutp)) >= 0) + if ((ret = select(active_state->connection_out + 1, + NULL, setp, NULL, timeoutp)) >= 0) break; - if (errno != EAGAIN && errno != EINTR && + if (errno != EAGAIN && errno != EINTR && errno != EWOULDBLOCK) break; - if (packet_timeout_ms == -1) + if (active_state->packet_timeout_ms == -1) continue; ms_subtract_diff(&start, &ms_remain); if (ms_remain <= 0) { @@ -1622,7 +1713,7 @@ packet_write_wait(void) int packet_have_data_to_write(void) { - return buffer_len(&output) != 0; + return buffer_len(&active_state->output) != 0; } /* Returns true if there is not too much data to write to the connection. */ @@ -1630,13 +1721,12 @@ packet_have_data_to_write(void) int packet_not_very_much_data_to_write(void) { - if (interactive_mode) - return buffer_len(&output) < 16384; + if (active_state->interactive_mode) + return buffer_len(&active_state->output) < 16384; else - return buffer_len(&output) < 128 * 1024; + return buffer_len(&active_state->output) < 128 * 1024; } - static void packet_set_tos(int interactive) { @@ -1646,7 +1736,7 @@ packet_set_tos(int interactive) if (!packet_connection_is_on_socket() || !packet_connection_is_ipv4()) return; - if (setsockopt(connection_in, IPPROTO_IP, IP_TOS, &tos, + if (setsockopt(active_state->connection_in, IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) < 0) error("setsockopt IP_TOS %d: %.100s:", tos, strerror(errno)); @@ -1658,19 +1748,17 @@ packet_set_tos(int interactive) void packet_set_interactive(int interactive) { - static int called = 0; - - if (called) + if (active_state->set_interactive_called) return; - called = 1; + active_state->set_interactive_called = 1; /* Record that we are in interactive mode. */ - interactive_mode = interactive; + active_state->interactive_mode = interactive; /* Only set socket options if using a socket. */ if (!packet_connection_is_on_socket()) return; - set_nodelay(connection_in); + set_nodelay(active_state->connection_in); packet_set_tos(interactive); } @@ -1679,34 +1767,50 @@ packet_set_interactive(int interactive) int packet_is_interactive(void) { - return interactive_mode; + return active_state->interactive_mode; } int packet_set_maxsize(u_int s) { - static int called = 0; - - if (called) { + if (active_state->set_maxsize_called) { logit("packet_set_maxsize: called twice: old %d new %d", - max_packet_size, s); + active_state->max_packet_size, s); return -1; } if (s < 4 * 1024 || s > 1024 * 1024) { logit("packet_set_maxsize: bad size %d", s); return -1; } - called = 1; + active_state->set_maxsize_called = 1; debug("packet_set_maxsize: setting to %d", s); - max_packet_size = s; + active_state->max_packet_size = s; return s; } +int +packet_inc_alive_timeouts(void) +{ + return ++active_state->keep_alive_timeouts; +} + +void +packet_set_alive_timeouts(int ka) +{ + active_state->keep_alive_timeouts = ka; +} + +u_int +packet_get_maxsize(void) +{ + return active_state->max_packet_size; +} + /* roundup current message to pad bytes */ void packet_add_padding(u_char pad) { - extra_pad = pad; + active_state->extra_pad = pad; } /* @@ -1743,26 +1847,93 @@ packet_need_rekeying(void) if (datafellows & SSH_BUG_NOREKEY) return 0; return - (p_send.packets > MAX_PACKETS) || - (p_read.packets > MAX_PACKETS) || - (max_blocks_out && (p_send.blocks > max_blocks_out)) || - (max_blocks_in && (p_read.blocks > max_blocks_in)); + (active_state->p_send.packets > MAX_PACKETS) || + (active_state->p_read.packets > MAX_PACKETS) || + (active_state->max_blocks_out && + (active_state->p_send.blocks > active_state->max_blocks_out)) || + (active_state->max_blocks_in && + (active_state->p_read.blocks > active_state->max_blocks_in)); } void packet_set_rekey_limit(u_int32_t bytes) { - rekey_limit = bytes; + active_state->rekey_limit = bytes; } void packet_set_server(void) { - server_side = 1; + active_state->server_side = 1; } void packet_set_authenticated(void) { - after_authentication = 1; + active_state->after_authentication = 1; +} + +void * +packet_get_input(void) +{ + return (void *)&active_state->input; +} + +void * +packet_get_output(void) +{ + return (void *)&active_state->output; +} + +void * +packet_get_newkeys(int mode) +{ + return (void *)active_state->newkeys[mode]; +} + +/* + * Save the state for the real connection, and use a separate state when + * resuming a suspended connection. + */ +void +packet_backup_state(void) +{ + struct session_state *tmp; + + close(active_state->connection_in); + active_state->connection_in = -1; + close(active_state->connection_out); + active_state->connection_out = -1; + if (backup_state) + tmp = backup_state; + else + tmp = alloc_session_state(); + backup_state = active_state; + active_state = tmp; +} + +/* + * Swap in the old state when resuming a connecion. + */ +void +packet_restore_state(void) +{ + struct session_state *tmp; + void *buf; + u_int len; + + tmp = backup_state; + backup_state = active_state; + active_state = tmp; + active_state->connection_in = backup_state->connection_in; + backup_state->connection_in = -1; + active_state->connection_out = backup_state->connection_out; + backup_state->connection_out = -1; + len = buffer_len(&backup_state->input); + if (len > 0) { + buf = buffer_ptr(&backup_state->input); + buffer_append(&active_state->input, buf, len); + buffer_clear(&backup_state->input); + add_recv_bytes(len); + } } diff --git a/crypto/openssh/packet.h b/crypto/openssh/packet.h index 03bb87c9be..33523d7503 100644 --- a/crypto/openssh/packet.h +++ b/crypto/openssh/packet.h @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.h,v 1.49 2008/07/10 18:08:11 markus Exp $ */ +/* $OpenBSD: packet.h,v 1.52 2009/06/27 09:29:06 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -39,6 +39,7 @@ void packet_set_authenticated(void); void packet_start(u_char); void packet_put_char(int ch); void packet_put_int(u_int value); +void packet_put_int64(u_int64_t value); void packet_put_bignum(BIGNUM * value); void packet_put_bignum2(BIGNUM * value); void packet_put_string(const void *buf, u_int len); @@ -55,6 +56,7 @@ int packet_read_poll_seqnr(u_int32_t *seqnr_p); u_int packet_get_char(void); u_int packet_get_int(void); +u_int64_t packet_get_int64(void); void packet_get_bignum(BIGNUM * value); void packet_get_bignum2(BIGNUM * value); void *packet_get_raw(u_int *length_ptr); @@ -72,6 +74,7 @@ void packet_get_state(int, u_int32_t *, u_int64_t *, u_int32_t *, u_int64_t *); void packet_set_state(int, u_int32_t, u_int64_t, u_int32_t, u_int64_t); int packet_get_ssh1_cipher(void); void packet_set_iv(int, u_char *); +void *packet_get_newkeys(int); void packet_write_poll(void); void packet_write_wait(void); @@ -87,10 +90,10 @@ void packet_add_padding(u_char); void tty_make_modes(int, struct termios *); void tty_parse_modes(int, int *); -extern u_int max_packet_size; -extern int keep_alive_timeouts; +void packet_set_alive_timeouts(int); +int packet_inc_alive_timeouts(void); int packet_set_maxsize(u_int); -#define packet_get_maxsize() max_packet_size +u_int packet_get_maxsize(void); /* don't allow remaining bytes after the end of the message */ #define packet_check_eom() \ @@ -106,4 +109,10 @@ do { \ int packet_need_rekeying(void); void packet_set_rekey_limit(u_int32_t); +void packet_backup_state(void); +void packet_restore_state(void); + +void *packet_get_input(void); +void *packet_get_output(void); + #endif /* PACKET_H */ diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c index 53fc6c7ba5..0bf5d7cb48 100644 --- a/crypto/openssh/readconf.c +++ b/crypto/openssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.176 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.177 2009/06/27 09:35:06 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -130,7 +130,7 @@ typedef enum { oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, - oVisualHostKey, oZeroKnowledgePasswordAuthentication, + oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, oDeprecated, oUnsupported } OpCodes; @@ -228,6 +228,7 @@ static struct { { "localcommand", oLocalCommand }, { "permitlocalcommand", oPermitLocalCommand }, { "visualhostkey", oVisualHostKey }, + { "useroaming", oUseRoaming }, #ifdef JPAKE { "zeroknowledgepasswordauthentication", oZeroKnowledgePasswordAuthentication }, @@ -914,6 +915,10 @@ parse_int: intptr = &options->visual_host_key; goto parse_flag; + case oUseRoaming: + intptr = &options->use_roaming; + goto parse_flag; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -1063,6 +1068,7 @@ initialize_options(Options * options) options->tun_remote = -1; options->local_command = NULL; options->permit_local_command = -1; + options->use_roaming = -1; options->visual_host_key = -1; options->zero_knowledge_password_authentication = -1; } @@ -1199,6 +1205,8 @@ fill_default_options(Options * options) options->tun_remote = SSH_TUNID_ANY; if (options->permit_local_command == -1) options->permit_local_command = 0; + if (options->use_roaming == -1) + options->use_roaming = 1; if (options->visual_host_key == -1) options->visual_host_key = 0; if (options->zero_knowledge_password_authentication == -1) diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index 8fb3a85281..2ebfebe946 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.78 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.79 2009/06/27 09:35:06 andreas Exp $ */ /* * Author: Tatu Ylonen @@ -123,6 +123,8 @@ typedef struct { int permit_local_command; int visual_host_key; + int use_roaming; + } Options; #define SSHCTL_MASTER_NO 0 diff --git a/crypto/openssh/roaming.h b/crypto/openssh/roaming.h new file mode 100644 index 0000000000..e517161f62 --- /dev/null +++ b/crypto/openssh/roaming.h @@ -0,0 +1,38 @@ +/* $OpenBSD: roaming.h,v 1.4 2009/06/27 09:32:43 andreas Exp $ */ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef ROAMING_H +#define ROAMING_H + +#define DEFAULT_ROAMBUF 65536 + +extern int resume_in_progress; + +int get_snd_buf_size(void); +int get_recv_buf_size(void); +void add_recv_bytes(u_int64_t); +void set_out_buffer_size(size_t); +ssize_t roaming_write(int, const void *, size_t, int *); +ssize_t roaming_read(int, void *, size_t, int *); +size_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); +u_int64_t get_recv_bytes(void); +u_int64_t get_sent_bytes(void); +void roam_set_bytes(u_int64_t, u_int64_t); +void resend_bytes(int, u_int64_t *); +int resume_kex(void); + +#endif /* ROAMING */ diff --git a/crypto/openssh/roaming_common.c b/crypto/openssh/roaming_common.c new file mode 100644 index 0000000000..73db09d798 --- /dev/null +++ b/crypto/openssh/roaming_common.c @@ -0,0 +1,201 @@ +/* $OpenBSD: roaming_common.c,v 1.5 2009/06/27 09:32:43 andreas Exp $ */ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include "includes.h" + +#include +#include +#include + +#include +#ifdef HAVE_INTTYPES_H +#include +#endif +#include +#include +#include + +#include "atomicio.h" +#include "log.h" +#include "packet.h" +#include "xmalloc.h" +#include "cipher.h" +#include "buffer.h" +#include "roaming.h" + +static size_t out_buf_size = 0; +static char *out_buf = NULL; +static size_t out_start; +static size_t out_last; + +static u_int64_t write_bytes = 0; +static u_int64_t read_bytes = 0; + +int roaming_enabled = 0; +int resume_in_progress = 0; + +int +get_snd_buf_size() +{ + int fd = packet_get_connection_out(); + int optval, optvallen; + + optvallen = sizeof(optval); + if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &optval, &optvallen) != 0) + optval = DEFAULT_ROAMBUF; + return optval; +} + +int +get_recv_buf_size() +{ + int fd = packet_get_connection_in(); + int optval, optvallen; + + optvallen = sizeof(optval); + if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &optval, &optvallen) != 0) + optval = DEFAULT_ROAMBUF; + return optval; +} + +void +set_out_buffer_size(size_t size) +{ + /* + * The buffer size can only be set once and the buffer will live + * as long as the session lives. + */ + if (out_buf == NULL) { + out_buf_size = size; + out_buf = xmalloc(size); + out_start = 0; + out_last = 0; + } +} + +u_int64_t +get_recv_bytes(void) +{ + return read_bytes; +} + +void +add_recv_bytes(u_int64_t num) +{ + read_bytes += num; +} + +u_int64_t +get_sent_bytes(void) +{ + return write_bytes; +} + +void +roam_set_bytes(u_int64_t sent, u_int64_t recvd) +{ + read_bytes = recvd; + write_bytes = sent; +} + +static void +buf_append(const char *buf, size_t count) +{ + if (count > out_buf_size) { + buf += count - out_buf_size; + count = out_buf_size; + } + if (count < out_buf_size - out_last) { + memcpy(out_buf + out_last, buf, count); + if (out_start > out_last) + out_start += count; + out_last += count; + } else { + /* data will wrap */ + size_t chunk = out_buf_size - out_last; + memcpy(out_buf + out_last, buf, chunk); + memcpy(out_buf, buf + chunk, count - chunk); + out_last = count - chunk; + out_start = out_last + 1; + } +} + +ssize_t +roaming_write(int fd, const void *buf, size_t count, int *cont) +{ + ssize_t ret; + + ret = write(fd, buf, count); + if (ret > 0 && !resume_in_progress) { + write_bytes += ret; + if (out_buf_size > 0) + buf_append(buf, ret); + } + debug3("Wrote %ld bytes for a total of %llu", (long)ret, + (unsigned long long)write_bytes); + return ret; +} + +ssize_t +roaming_read(int fd, void *buf, size_t count, int *cont) +{ + ssize_t ret = read(fd, buf, count); + if (ret > 0) { + if (!resume_in_progress) { + read_bytes += ret; + } + } + return ret; +} + +size_t +roaming_atomicio(ssize_t(*f)(int, void*, size_t), int fd, void *buf, + size_t count) +{ + size_t ret = atomicio(f, fd, buf, count); + + if (f == vwrite && ret > 0 && !resume_in_progress) { + write_bytes += ret; + } else if (f == read && ret > 0 && !resume_in_progress) { + read_bytes += ret; + } + return ret; +} + +void +resend_bytes(int fd, u_int64_t *offset) +{ + size_t available, needed; + + if (out_start < out_last) + available = out_last - out_start; + else + available = out_buf_size; + needed = write_bytes - *offset; + debug3("resend_bytes: resend %lu bytes from %llu", + (unsigned long)needed, (unsigned long long)*offset); + if (needed > available) + fatal("Needed to resend more data than in the cache"); + if (out_last < needed) { + int chunkend = needed - out_last; + atomicio(vwrite, fd, out_buf + out_buf_size - chunkend, + chunkend); + atomicio(vwrite, fd, out_buf, out_last); + } else { + atomicio(vwrite, fd, out_buf + (out_last - needed), needed); + } +} diff --git a/crypto/openssh/roaming_dummy.c b/crypto/openssh/roaming_dummy.c new file mode 100644 index 0000000000..45c4008e7f --- /dev/null +++ b/crypto/openssh/roaming_dummy.c @@ -0,0 +1,61 @@ +/* $OpenBSD: roaming_dummy.c,v 1.3 2009/06/21 09:04:03 dtucker Exp $ */ +/* + * Copyright (c) 2004-2009 AppGate Network Security AB + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * This file is included in the client programs which should not + * support roaming. + */ + +#include "includes.h" + +#include +#include + +#include "roaming.h" + +int resume_in_progress = 0; + +u_int64_t +get_recv_bytes(void) +{ + return 0; +} + +ssize_t +roaming_write(int fd, const void *buf, size_t count, int *cont) +{ + return write(fd, buf, count); +} + +ssize_t +roaming_read(int fd, void *buf, size_t count, int *cont) +{ + if (cont) + *cont = 0; + return read(fd, buf, count); +} + +void +add_recv_bytes(u_int64_t num) +{ +} + +int +resume_kex(void) +{ + return 1; +} diff --git a/crypto/openssh/schnorr.h b/crypto/openssh/schnorr.h new file mode 100644 index 0000000000..9730b47cef --- /dev/null +++ b/crypto/openssh/schnorr.h @@ -0,0 +1,60 @@ +/* $OpenBSD: schnorr.h,v 1.1 2009/03/05 07:18:19 djm Exp $ */ +/* + * Copyright (c) 2009 Damien Miller. All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef SCHNORR_H +#define SCHNORR_H + +#include + +#include + +struct modp_group { + BIGNUM *p, *q, *g; +}; + +BIGNUM *bn_rand_range_gt_one(const BIGNUM *high); +int hash_buffer(const u_char *, u_int, const EVP_MD *, u_char **, u_int *); +void debug3_bn(const BIGNUM *, const char *, ...) + __attribute__((__nonnull__ (2))) + __attribute__((format(printf, 2, 3))); +void debug3_buf(const u_char *, u_int, const char *, ...) + __attribute__((__nonnull__ (3))) + __attribute__((format(printf, 3, 4))); +struct modp_group *modp_group_from_g_and_safe_p(const char *, const char *); +void modp_group_free(struct modp_group *); + +/* Signature and verification functions */ +int +schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, + const EVP_MD *evp_md, const BIGNUM *x, const BIGNUM *g_x, + const u_char *id, u_int idlen, BIGNUM **r_p, BIGNUM **e_p); +int +schnorr_sign_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, + const BIGNUM *x, const BIGNUM *g_x, const u_char *id, u_int idlen, + u_char **sig, u_int *siglen); +int +schnorr_verify(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, + const EVP_MD *evp_md, const BIGNUM *g_x, const u_char *id, u_int idlen, + const BIGNUM *r, const BIGNUM *e); +int +schnorr_verify_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, + const BIGNUM *grp_g, + const BIGNUM *g_x, const u_char *id, u_int idlen, + const u_char *sig, u_int siglen); + +#endif /* JPAKE_H */ + diff --git a/crypto/openssh/servconf.c b/crypto/openssh/servconf.c index e7fc2a7812..b51b86a8f5 100644 --- a/crypto/openssh/servconf.c +++ b/crypto/openssh/servconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.c,v 1.194 2009/01/22 10:02:34 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.195 2009/04/14 21:10:54 jj Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -343,7 +343,7 @@ static struct { { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_GLOBAL }, { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, - { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ + { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ #ifdef KRB5 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL }, { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL }, @@ -417,10 +417,10 @@ static struct { { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_GLOBAL }, { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL }, - { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL }, + { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL }, { "permittunnel", sPermitTunnel, SSHCFG_GLOBAL }, - { "match", sMatch, SSHCFG_ALL }, + { "match", sMatch, SSHCFG_ALL }, { "permitopen", sPermitOpen, SSHCFG_ALL }, { "forcecommand", sForceCommand, SSHCFG_ALL }, { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, @@ -1376,7 +1376,7 @@ parse_server_match_config(ServerOptions *options, const char *user, /* * Copy any supported values that are set. * - * If the preauth flag is set, we do not bother copying the the string or + * If the preauth flag is set, we do not bother copying the string or * array values that are not used pre-authentication, because any that we * do use must be explictly sent in mm_getpwnamallow(). */ diff --git a/crypto/openssh/serverloop.c b/crypto/openssh/serverloop.c index 81cafe6ad5..8be01c5c37 100644 --- a/crypto/openssh/serverloop.c +++ b/crypto/openssh/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.157 2009/02/12 03:16:01 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.159 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -78,6 +78,7 @@ #include "auth-options.h" #include "serverloop.h" #include "misc.h" +#include "roaming.h" extern ServerOptions options; @@ -249,7 +250,7 @@ client_alive_check(void) int channel_id; /* timeout, check to see how many we have had */ - if (++keep_alive_timeouts > options.client_alive_count_max) { + if (packet_inc_alive_timeouts() > options.client_alive_count_max) { logit("Timeout, client not responding."); cleanup_exit(255); } @@ -391,8 +392,11 @@ process_input(fd_set *readset) /* Read and buffer any input data from the client. */ if (FD_ISSET(connection_in, readset)) { - len = read(connection_in, buf, sizeof(buf)); + int cont = 0; + len = roaming_read(connection_in, buf, sizeof(buf), &cont); if (len == 0) { + if (cont) + return; verbose("Connection closed by %.100s", get_remote_ipaddr()); connection_closed = 1; @@ -890,7 +894,7 @@ server_input_keep_alive(int type, u_int32_t seq, void *ctxt) * even if this was generated by something other than * the bogus CHANNEL_REQUEST we send for keepalives. */ - keep_alive_timeouts = 0; + packet_set_alive_timeouts(0); } static void @@ -1120,7 +1124,8 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) no_port_forwarding_flag || (!want_reply && listen_port == 0) #ifndef NO_IPPORT_RESERVED_CONCEPT - || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0) + || (listen_port != 0 && listen_port < IPPORT_RESERVED && + pw->pw_uid != 0) #endif ) { success = 0; diff --git a/crypto/openssh/session.c b/crypto/openssh/session.c index f2549e0cd7..f4a3635437 100644 --- a/crypto/openssh/session.c +++ b/crypto/openssh/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.245 2009/01/22 09:46:01 djm Exp $ */ +/* $OpenBSD: session.c,v 1.246 2009/04/17 19:23:06 stevesk Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -571,8 +571,7 @@ do_exec_no_pty(Session *s, const char *command) signal(WJSIGNAL, cray_job_termination_handler); #endif /* _UNICOS */ #ifdef HAVE_CYGWIN - if (is_winnt) - cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); + cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); #endif s->pid = pid; @@ -716,8 +715,8 @@ do_exec_pty(Session *s, const char *command) * Do common processing for the child, such as execing * the command. */ - do_child(s, command); - /* NOTREACHED */ + do_child(s, command); + /* NOTREACHED */ default: break; } @@ -726,8 +725,7 @@ do_exec_pty(Session *s, const char *command) signal(WJSIGNAL, cray_job_termination_handler); #endif /* _UNICOS */ #ifdef HAVE_CYGWIN - if (is_winnt) - cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); + cygwin_set_impersonation_token(INVALID_HANDLE_VALUE); #endif s->pid = pid; @@ -847,7 +845,7 @@ do_login(Session *s, const char *command) fromlen = sizeof(from); if (packet_connection_is_on_socket()) { if (getpeername(packet_get_connection_in(), - (struct sockaddr *) & from, &fromlen) < 0) { + (struct sockaddr *)&from, &fromlen) < 0) { debug("getpeername: %.100s", strerror(errno)); cleanup_exit(255); } @@ -1116,7 +1114,7 @@ do_setup_env(Session *s, const char *shell) u_int i, envsize; char **env, *laddr; struct passwd *pw = s->pw; -#ifndef HAVE_LOGIN_CAP +#if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) char *path = NULL; #endif @@ -1468,11 +1466,6 @@ do_setusercontext(struct passwd *pw) if (getuid() == 0 || geteuid() == 0) #endif /* HAVE_CYGWIN */ { - -#ifdef HAVE_SETPCRED - if (setpcred(pw->pw_name, (char **)NULL) == -1) - fatal("Failed to set process credentials"); -#endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP # ifdef __bsdi__ setpgid(0, 0); @@ -1540,6 +1533,10 @@ do_setusercontext(struct passwd *pw) free(chroot_path); } +#ifdef HAVE_SETPCRED + if (setpcred(pw->pw_name, (char **)NULL) == -1) + fatal("Failed to set process credentials"); +#endif /* HAVE_SETPCRED */ #ifdef HAVE_LOGIN_CAP if (setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUSER) < 0) { perror("unable to set user context (setuser)"); @@ -1551,9 +1548,6 @@ do_setusercontext(struct passwd *pw) #endif } -#ifdef HAVE_CYGWIN - if (is_winnt) -#endif if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) fatal("Failed to set uids to %u.", (u_int) pw->pw_uid); @@ -1794,7 +1788,7 @@ do_child(Session *s, const char *command) int i; char *p, *args; - setproctitle("%s@internal-sftp-server", s->pw->pw_name); + setproctitle("%s@%s", s->pw->pw_name, INTERNAL_SFTP_NAME); args = xstrdup(command ? command : "sftp-server"); for (i = 0, (p = strtok(args, " ")); p; (p = strtok(NULL, " "))) if (i < ARGV_MAX - 1) diff --git a/crypto/openssh/sftp-client.c b/crypto/openssh/sftp-client.c index 5e39aa7d21..0990b7912f 100644 --- a/crypto/openssh/sftp-client.c +++ b/crypto/openssh/sftp-client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-client.c,v 1.86 2008/06/26 06:10:09 djm Exp $ */ +/* $OpenBSD: sftp-client.c,v 1.87 2009/06/22 05:39:28 dtucker Exp $ */ /* * Copyright (c) 2001-2004 Damien Miller * diff --git a/crypto/openssh/sftp-server.8 b/crypto/openssh/sftp-server.8 index 74c1e4bc53..372b0770e9 100644 --- a/crypto/openssh/sftp-server.8 +++ b/crypto/openssh/sftp-server.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp-server.8,v 1.14 2008/07/18 22:51:01 jmc Exp $ +.\" $OpenBSD: sftp-server.8,v 1.15 2009/03/26 08:38:39 sobrado Exp $ .\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 18 2008 $ +.Dd $Mdocdate: March 26 2009 $ .Dt SFTP-SERVER 8 .Os .Sh NAME @@ -79,7 +79,7 @@ must be able to access .Pa /dev/log . Use of .Nm -in a chroot configuation therefore requires that +in a chroot configuration therefore requires that .Xr syslogd 8 establish a logging socket inside the chroot directory. .Sh SEE ALSO diff --git a/crypto/openssh/sftp-server.c b/crypto/openssh/sftp-server.c index 24c4ff7172..d984e60493 100644 --- a/crypto/openssh/sftp-server.c +++ b/crypto/openssh/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.84 2008/06/26 06:10:09 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.85 2009/04/14 16:33:42 stevesk Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1041,7 +1041,7 @@ process_rename(void) else if (S_ISREG(sb.st_mode)) { /* Race-free rename of regular files */ if (link(oldpath, newpath) == -1) { - if (errno == EOPNOTSUPP + if (errno == EOPNOTSUPP || errno == ENOSYS #ifdef EXDEV || errno == EXDEV #endif @@ -1341,7 +1341,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) __progname = ssh_get_progname(argv[0]); log_init(__progname, log_level, log_facility, log_stderr); - while (!skipargs && (ch = getopt(argc, argv, "C:f:l:che")) != -1) { + while (!skipargs && (ch = getopt(argc, argv, "f:l:che")) != -1) { switch (ch) { case 'c': /* diff --git a/crypto/openssh/ssh-agent.1 b/crypto/openssh/ssh-agent.1 index 6a5dc62afd..533cd6f6bd 100644 --- a/crypto/openssh/ssh-agent.1 +++ b/crypto/openssh/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.46 2007/09/09 11:38:01 sobrado Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.47 2009/03/26 08:38:39 sobrado Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 5 2007 $ +.Dd $Mdocdate: March 26 2009 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -141,7 +141,7 @@ The second is that the agent prints the needed shell commands (either .Xr sh 1 or .Xr csh 1 -syntax can be generated) which can be evalled in the calling shell, eg +syntax can be generated) which can be evaluated in the calling shell, eg .Cm eval `ssh-agent -s` for Bourne-type shells such as .Xr sh 1 diff --git a/crypto/openssh/ssh-agent.c b/crypto/openssh/ssh-agent.c index 9123cfe6ba..f77dea3a63 100644 --- a/crypto/openssh/ssh-agent.c +++ b/crypto/openssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.159 2008/06/28 14:05:15 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.161 2009/03/23 19:38:04 tobias Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1061,6 +1061,7 @@ main(int ac, char **av) pid_t pid; char pidstrbuf[1 + 3 * sizeof pid]; struct timeval *tvp = NULL; + size_t len; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -1121,8 +1122,8 @@ main(int ac, char **av) if (ac == 0 && !c_flag && !s_flag) { shell = getenv("SHELL"); - if (shell != NULL && - strncmp(shell + strlen(shell) - 3, "csh", 3) == 0) + if (shell != NULL && (len = strlen(shell)) > 2 && + strncmp(shell + len - 3, "csh", 3) == 0) c_flag = 1; } if (k_flag) { diff --git a/crypto/openssh/ssh-keygen.c b/crypto/openssh/ssh-keygen.c index 5765cff088..da5db98455 100644 --- a/crypto/openssh/ssh-keygen.c +++ b/crypto/openssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.173 2009/02/21 19:32:04 tobias Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.174 2009/06/22 05:39:28 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index 421783be36..6c6271ee4f 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.282 2009/02/12 03:44:25 djm Exp $ -.Dd $Mdocdate: February 12 2009 $ +.\" $OpenBSD: ssh.1,v 1.283 2009/03/19 15:15:09 jmc Exp $ +.Dd $Mdocdate: March 19 2009 $ .Dt SSH 1 .Os .Sh NAME @@ -191,26 +191,9 @@ For protocol version 2, .Ar cipher_spec is a comma-separated list of ciphers listed in order of preference. -The supported ciphers are: -3des-cbc, -aes128-cbc, -aes192-cbc, -aes256-cbc, -aes128-ctr, -aes192-ctr, -aes256-ctr, -arcfour128, -arcfour256, -arcfour, -blowfish-cbc, -and -cast128-cbc. -The default is: -.Bd -literal -offset indent -aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, -arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, -aes192-ctr,aes256-ctr -.Ed +See the +.Cm Ciphers +keyword for more information. .It Fl D Xo .Sm off .Oo Ar bind_address : Oc diff --git a/crypto/openssh/ssh.c b/crypto/openssh/ssh.c index 9d43bb74fc..adfe60e4b2 100644 --- a/crypto/openssh/ssh.c +++ b/crypto/openssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.324 2009/02/12 03:00:56 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.326 2009/07/02 02:11:47 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -48,6 +48,7 @@ #endif #include #include +#include #include #include @@ -203,8 +204,8 @@ void muxserver_listen(void); int main(int ac, char **av) { - int i, opt, exit_status, use_syslog; - char *p, *cp, *line, buf[256]; + int i, r, opt, exit_status, use_syslog; + char *p, *cp, *line, *argv0, buf[MAXPATHLEN]; struct stat st; struct passwd *pw; int dummy, timeout_ms; @@ -270,6 +271,7 @@ main(int ac, char **av) /* Parse command-line arguments. */ host = NULL; use_syslog = 0; + argv0 = av[0]; again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" @@ -600,7 +602,7 @@ main(int ac, char **av) * Initialize "log" output. Since we are the client all output * actually goes to stderr. */ - log_init(av[0], + log_init(argv0, options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level, SYSLOG_FACILITY_USER, !use_syslog); @@ -613,9 +615,10 @@ main(int ac, char **av) fatal("Can't open user config file %.100s: " "%.100s", config, strerror(errno)); } else { - snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, + r = snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_USER_CONFFILE); - (void)read_config_file(buf, host, &options, 1); + if (r > 0 && (size_t)r < sizeof(buf)) + (void)read_config_file(buf, host, &options, 1); /* Read systemwide configuration file after use config. */ (void)read_config_file(_PATH_HOST_CONFIG_FILE, host, @@ -628,7 +631,7 @@ main(int ac, char **av) channel_set_af(options.address_family); /* reinit */ - log_init(av[0], options.log_level, SYSLOG_FACILITY_USER, !use_syslog); + log_init(argv0, options.log_level, SYSLOG_FACILITY_USER, !use_syslog); seed_rng(); @@ -766,9 +769,9 @@ main(int ac, char **av) * Now that we are back to our own permissions, create ~/.ssh * directory if it doesn't already exist. */ - snprintf(buf, sizeof buf, "%.100s%s%.100s", pw->pw_dir, + r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); - if (stat(buf, &st) < 0) + if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) if (mkdir(buf, 0700) < 0) error("Could not create directory '%.200s'.", buf); diff --git a/crypto/openssh/sshconnect.c b/crypto/openssh/sshconnect.c index c04aa10571..3e57e859df 100644 --- a/crypto/openssh/sshconnect.c +++ b/crypto/openssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.212 2008/10/14 18:11:33 stevesk Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.214 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -56,6 +56,7 @@ #include "atomicio.h" #include "misc.h" #include "dns.h" +#include "roaming.h" #include "version.h" char *client_version_string = NULL; @@ -413,7 +414,7 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr, * Waits for the server identification string, and sends our own * identification string. */ -static void +void ssh_exchange_identification(int timeout_ms) { char buf[256], remote_version[256]; /* must be same size! */ @@ -452,7 +453,7 @@ ssh_exchange_identification(int timeout_ms) } } - len = atomicio(read, connection_in, &buf[i], 1); + len = roaming_atomicio(read, connection_in, &buf[i], 1); if (len != 1 && errno == EPIPE) fatal("ssh_exchange_identification: " @@ -537,7 +538,8 @@ ssh_exchange_identification(int timeout_ms) compat20 ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, compat20 ? PROTOCOL_MINOR_2 : minor1, SSH_VERSION, compat20 ? "\r\n" : "\n"); - if (atomicio(vwrite, connection_out, buf, strlen(buf)) != strlen(buf)) + if (roaming_atomicio(vwrite, connection_out, buf, strlen(buf)) + != strlen(buf)) fatal("write: %.100s", strerror(errno)); client_version_string = xstrdup(buf); chop(client_version_string); diff --git a/crypto/openssh/sshconnect.h b/crypto/openssh/sshconnect.h index 75bde1a4db..c59a097f4e 100644 --- a/crypto/openssh/sshconnect.h +++ b/crypto/openssh/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.24 2007/09/04 11:15:56 djm Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.25 2009/05/27 06:38:16 andreas Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -38,6 +38,8 @@ ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, void ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *, int); +void ssh_exchange_identification(int); + int verify_host_key(char *, struct sockaddr *, Key *); void ssh_kex(char *, struct sockaddr *); diff --git a/crypto/openssh/sshconnect2.c b/crypto/openssh/sshconnect2.c index a762eec3bd..260c6307a6 100644 --- a/crypto/openssh/sshconnect2.c +++ b/crypto/openssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.170 2008/11/04 08:22:13 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.171 2009/03/05 07:18:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -68,6 +68,7 @@ #include "msg.h" #include "pathnames.h" #include "uidswap.h" +#include "schnorr.h" #include "jpake.h" #ifdef GSSAPI diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index a4b9e90c71..111d491d9a 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.247 2008/10/03 13:08:12 jmc Exp $ -.Dd $Mdocdate: October 3 2008 $ +.\" $OpenBSD: sshd.8,v 1.248 2009/03/26 08:38:39 sobrado Exp $ +.Dd $Mdocdate: March 26 2009 $ .Dt SSHD 8 .Os .Sh NAME @@ -543,7 +543,7 @@ for more information on patterns. In addition to the wildcard matching that may be applied to hostnames or addresses, a .Cm from -stanza may match IP addressess using CIDR address/masklen notation. +stanza may match IP addresses using CIDR address/masklen notation. .Pp The purpose of this option is to optionally increase security: public key authentication by itself does not trust the network or name servers or diff --git a/crypto/openssh/sshd.c b/crypto/openssh/sshd.c index 3b5cd3cfd6..13a455d1fe 100644 --- a/crypto/openssh/sshd.c +++ b/crypto/openssh/sshd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshd.c,v 1.366 2009/01/22 10:02:34 djm Exp $ */ +/* $OpenBSD: sshd.c,v 1.367 2009/05/28 16:50:16 andreas Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -117,6 +117,7 @@ #include "ssh-gss.h" #endif #include "monitor_wrap.h" +#include "roaming.h" #include "version.h" #ifdef LIBWRAP @@ -419,7 +420,7 @@ sshd_exchange_identification(int sock_in, int sock_out) server_version_string = xstrdup(buf); /* Send our protocol version identification. */ - if (atomicio(vwrite, sock_out, server_version_string, + if (roaming_atomicio(vwrite, sock_out, server_version_string, strlen(server_version_string)) != strlen(server_version_string)) { logit("Could not write ident string to %s", get_remote_ipaddr()); @@ -429,7 +430,7 @@ sshd_exchange_identification(int sock_in, int sock_out) /* Read other sides version identification. */ memset(buf, 0, sizeof(buf)); for (i = 0; i < sizeof(buf) - 1; i++) { - if (atomicio(read, sock_in, &buf[i], 1) != 1) { + if (roaming_atomicio(read, sock_in, &buf[i], 1) != 1) { logit("Did not receive identification string from %s", get_remote_ipaddr()); cleanup_exit(255); @@ -577,7 +578,7 @@ demote_sensitive_data(void) static void privsep_preauth_child(void) { - u_int32_t rnd[256]; + u_int32_t rnd[256]; gid_t gidset[1]; /* Enable challenge-response authentication for privilege separation */ diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index dfd07b713e..588aed56e1 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.102 2009/02/22 23:59:25 djm Exp $ -.Dd $Mdocdate: February 22 2009 $ +.\" $OpenBSD: sshd_config.5,v 1.106 2009/04/21 15:13:17 stevesk Exp $ +.Dd $Mdocdate: April 21 2009 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -176,10 +176,9 @@ then no banner is displayed. This option is only available for protocol version 2. By default, no banner is displayed. .It Cm ChallengeResponseAuthentication -Specifies whether challenge-response authentication is allowed. -All authentication styles from -.Xr login.conf 5 -are supported. +Specifies whether challenge-response authentication is allowed (e.g. via +PAM or though authentication styles supported in +.Xr login.conf 5 ) The default is .Dq yes . .It Cm ChrootDirectory @@ -188,6 +187,9 @@ Specifies a path to to after authentication. This path, and all its components, must be root-owned directories that are not writable by any other user or group. +After the chroot, +.Xr sshd 8 +changes the working directory to the user's home directory. .Pp The path may contain the following tokens that are expanded at runtime once the connecting user has been authenticated: %% is replaced by a literal '%', @@ -197,7 +199,7 @@ the connecting user has been authenticated: %% is replaced by a literal '%', The .Cm ChrootDirectory must contain the necessary files and directories to support the -users' session. +user's session. For an interactive session this requires at least a shell, typically .Xr sh 1 , and basic @@ -215,8 +217,11 @@ devices. For file transfer sessions using .Dq sftp , no additional configuration of the environment is necessary if the -in-process sftp server is used (see -.Cm Subsystem +in-process sftp server is used, +though sessions which use logging do require +.Pa /dev/log +inside the chroot directory (see +.Xr sftp-server 8 for details). .Pp The default is not to diff --git a/crypto/openssh/sshlogin.c b/crypto/openssh/sshlogin.c index cc35d6024b..33bd652fb0 100644 --- a/crypto/openssh/sshlogin.c +++ b/crypto/openssh/sshlogin.c @@ -86,13 +86,20 @@ get_last_login_time(uid_t uid, const char *logname, static void store_lastlog_message(const char *user, uid_t uid) { +#ifndef NO_SSH_LASTLOG char *time_string, hostname[MAXHOSTNAMELEN] = "", buf[512]; time_t last_login_time; -#ifndef NO_SSH_LASTLOG if (!options.print_lastlog) return; +# ifdef CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG + time_string = sys_auth_get_lastlogin_msg(user, uid); + if (time_string != NULL) { + buffer_append(&loginmsg, time_string, strlen(time_string)); + xfree(time_string); + } +# else last_login_time = get_last_login_time(uid, user, hostname, sizeof(hostname)); @@ -107,6 +114,7 @@ store_lastlog_message(const char *user, uid_t uid) time_string, hostname); buffer_append(&loginmsg, buf, strlen(buf)); } +# endif /* CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG */ #endif /* NO_SSH_LASTLOG */ } diff --git a/crypto/openssh/uuencode.c b/crypto/openssh/uuencode.c index a13949585f..b9e57e9934 100644 --- a/crypto/openssh/uuencode.c +++ b/crypto/openssh/uuencode.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uuencode.c,v 1.24 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: uuencode.c,v 1.25 2009/03/05 11:30:50 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -33,6 +33,12 @@ #include "xmalloc.h" #include "uuencode.h" +/* + * Encode binary 'src' of length 'srclength', writing base64-encoded text + * to 'target' of size 'targsize'. Will always nul-terminate 'target'. + * Returns the number of bytes stored in 'target' or -1 on error (inc. + * 'targsize' too small). + */ int uuencode(const u_char *src, u_int srclength, char *target, size_t targsize) @@ -40,6 +46,11 @@ uuencode(const u_char *src, u_int srclength, return __b64_ntop(src, srclength, target, targsize); } +/* + * Decode base64-encoded 'src' into buffer 'target' of 'targsize' bytes. + * Will skip leading and trailing whitespace. Returns the number of bytes + * stored in 'target' or -1 on error (inc. targsize too small). + */ int uudecode(const char *src, u_char *target, size_t targsize) { -- 2.41.0