summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2001-01-21 19:06:04 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2001-01-21 19:06:04 +0000
commit20d4f3f5511955443bb70d975d9770ee5fd69864 (patch)
tree99edf3839ed38146ac2cf4d819f73e54cf31bd08 /usr.bin/ssh
parent6375d59db88b8b0f764076512ae81d248118e097 (diff)
split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.
rename util.[ch] -> misc.[ch]
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/atomicio.c4
-rw-r--r--usr.bin/ssh/atomicio.h29
-rw-r--r--usr.bin/ssh/auth-chall.c3
-rw-r--r--usr.bin/ssh/auth-krb4.c11
-rw-r--r--usr.bin/ssh/auth-options.c6
-rw-r--r--usr.bin/ssh/auth-options.h9
-rw-r--r--usr.bin/ssh/auth-passwd.c7
-rw-r--r--usr.bin/ssh/auth-rh-rsa.c10
-rw-r--r--usr.bin/ssh/auth-rhosts.c7
-rw-r--r--usr.bin/ssh/auth-rsa.c14
-rw-r--r--usr.bin/ssh/auth.c8
-rw-r--r--usr.bin/ssh/auth.h66
-rw-r--r--usr.bin/ssh/auth1.c4
-rw-r--r--usr.bin/ssh/auth2-chall.c4
-rw-r--r--usr.bin/ssh/auth2.c10
-rw-r--r--usr.bin/ssh/authfd.c12
-rw-r--r--usr.bin/ssh/authfile.c11
-rw-r--r--usr.bin/ssh/bufaux.c4
-rw-r--r--usr.bin/ssh/bufaux.h3
-rw-r--r--usr.bin/ssh/buffer.c4
-rw-r--r--usr.bin/ssh/canohost.c4
-rw-r--r--usr.bin/ssh/canohost.h36
-rw-r--r--usr.bin/ssh/channels.c22
-rw-r--r--usr.bin/ssh/cipher.c5
-rw-r--r--usr.bin/ssh/cli.c5
-rw-r--r--usr.bin/ssh/clientloop.c19
-rw-r--r--usr.bin/ssh/clientloop.h15
-rw-r--r--usr.bin/ssh/compat.c7
-rw-r--r--usr.bin/ssh/compress.c4
-rw-r--r--usr.bin/ssh/deattack.c4
-rw-r--r--usr.bin/ssh/dh.c6
-rw-r--r--usr.bin/ssh/dispatch.c5
-rw-r--r--usr.bin/ssh/groupaccess.c2
-rw-r--r--usr.bin/ssh/hmac.c4
-rw-r--r--usr.bin/ssh/hostfile.c6
-rw-r--r--usr.bin/ssh/kex.c21
-rw-r--r--usr.bin/ssh/key.c10
-rw-r--r--usr.bin/ssh/key.h3
-rw-r--r--usr.bin/ssh/lib/Makefile2
-rw-r--r--usr.bin/ssh/log-client.c4
-rw-r--r--usr.bin/ssh/log-server.c4
-rw-r--r--usr.bin/ssh/log.c4
-rw-r--r--usr.bin/ssh/log.h73
-rw-r--r--usr.bin/ssh/login.c5
-rw-r--r--usr.bin/ssh/login.h38
-rw-r--r--usr.bin/ssh/match.c4
-rw-r--r--usr.bin/ssh/misc.c (renamed from usr.bin/ssh/util.c)7
-rw-r--r--usr.bin/ssh/misc.h19
-rw-r--r--usr.bin/ssh/nchan.c10
-rw-r--r--usr.bin/ssh/packet.c5
-rw-r--r--usr.bin/ssh/pty.c4
-rw-r--r--usr.bin/ssh/radix.h26
-rw-r--r--usr.bin/ssh/readconf.c9
-rw-r--r--usr.bin/ssh/readpass.c3
-rw-r--r--usr.bin/ssh/readpass.h18
-rw-r--r--usr.bin/ssh/rsa.c4
-rw-r--r--usr.bin/ssh/scp.c5
-rw-r--r--usr.bin/ssh/servconf.c17
-rw-r--r--usr.bin/ssh/serverloop.c7
-rw-r--r--usr.bin/ssh/serverloop.h20
-rw-r--r--usr.bin/ssh/session.c15
-rw-r--r--usr.bin/ssh/sftp-server.c4
-rw-r--r--usr.bin/ssh/ssh-add.c8
-rw-r--r--usr.bin/ssh/ssh-agent.c15
-rw-r--r--usr.bin/ssh/ssh-dss.c13
-rw-r--r--usr.bin/ssh/ssh-keygen.c9
-rw-r--r--usr.bin/ssh/ssh-keyscan.c5
-rw-r--r--usr.bin/ssh/ssh-rsa.c13
-rw-r--r--usr.bin/ssh/ssh.c20
-rw-r--r--usr.bin/ssh/ssh.h269
-rw-r--r--usr.bin/ssh/sshconnect.c14
-rw-r--r--usr.bin/ssh/sshconnect.h28
-rw-r--r--usr.bin/ssh/sshconnect1.c20
-rw-r--r--usr.bin/ssh/sshconnect2.c11
-rw-r--r--usr.bin/ssh/sshd.c26
-rw-r--r--usr.bin/ssh/tildexpand.c4
-rw-r--r--usr.bin/ssh/tildexpand.h17
-rw-r--r--usr.bin/ssh/ttymodes.c4
-rw-r--r--usr.bin/ssh/uidswap.c4
-rw-r--r--usr.bin/ssh/xmalloc.c5
80 files changed, 680 insertions, 516 deletions
diff --git a/usr.bin/ssh/atomicio.c b/usr.bin/ssh/atomicio.c
index 744ccc7a50f..8ccce3986d5 100644
--- a/usr.bin/ssh/atomicio.c
+++ b/usr.bin/ssh/atomicio.c
@@ -24,10 +24,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: atomicio.c,v 1.7 2000/10/18 18:04:02 markus Exp $");
+RCSID("$OpenBSD: atomicio.c,v 1.8 2001/01/21 19:05:40 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
+#include "atomicio.h"
/*
* ensure all of data on socket comes through. f==read || f==write
diff --git a/usr.bin/ssh/atomicio.h b/usr.bin/ssh/atomicio.h
new file mode 100644
index 00000000000..15fc025c332
--- /dev/null
+++ b/usr.bin/ssh/atomicio.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 1995,1999 Theo de Raadt
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Ensure all of data on socket comes through. f==read || f==write
+ */
+ssize_t atomicio(ssize_t (*f)(), int fd, void *s, size_t n);
diff --git a/usr.bin/ssh/auth-chall.c b/usr.bin/ssh/auth-chall.c
index e99ddb39f9f..b8b0c5d1ed3 100644
--- a/usr.bin/ssh/auth-chall.c
+++ b/usr.bin/ssh/auth-chall.c
@@ -23,9 +23,8 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-chall.c,v 1.2 2001/01/19 12:45:26 markus Exp $");
+RCSID("$OpenBSD: auth-chall.c,v 1.3 2001/01/21 19:05:41 markus Exp $");
-#include "ssh.h"
#include "auth.h"
#ifdef SKEY
diff --git a/usr.bin/ssh/auth-krb4.c b/usr.bin/ssh/auth-krb4.c
index befd6581e93..b23f393e608 100644
--- a/usr.bin/ssh/auth-krb4.c
+++ b/usr.bin/ssh/auth-krb4.c
@@ -23,13 +23,16 @@
*/
#include "includes.h"
-#include "packet.h"
-#include "xmalloc.h"
+RCSID("$OpenBSD: auth-krb4.c,v 1.22 2001/01/21 19:05:41 markus Exp $");
+
#include "ssh.h"
#include "ssh1.h"
+#include "packet.h"
+#include "xmalloc.h"
+#include "log.h"
#include "servconf.h"
-
-RCSID("$OpenBSD: auth-krb4.c,v 1.21 2001/01/19 15:55:10 markus Exp $");
+#include "auth.h"
+#include "radix.h"
#ifdef KRB4
char *ticket = NULL;
diff --git a/usr.bin/ssh/auth-options.c b/usr.bin/ssh/auth-options.c
index 5a830bfa403..5457d9b149c 100644
--- a/usr.bin/ssh/auth-options.c
+++ b/usr.bin/ssh/auth-options.c
@@ -10,12 +10,14 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-options.c,v 1.10 2001/01/20 15:55:20 markus Exp $");
+RCSID("$OpenBSD: auth-options.c,v 1.11 2001/01/21 19:05:41 markus Exp $");
-#include "ssh.h"
#include "packet.h"
#include "xmalloc.h"
#include "match.h"
+#include "log.h"
+#include "canohost.h"
+#include "auth-options.h"
/* Flags set authorized_keys flags */
int no_port_forwarding_flag = 0;
diff --git a/usr.bin/ssh/auth-options.h b/usr.bin/ssh/auth-options.h
index 0808673e6ad..8ee26949103 100644
--- a/usr.bin/ssh/auth-options.h
+++ b/usr.bin/ssh/auth-options.h
@@ -11,10 +11,17 @@
* called by a name other than "ssh" or "Secure Shell".
*/
-/* $OpenBSD: auth-options.h,v 1.7 2001/01/20 15:55:20 markus Exp $ */
+/* $OpenBSD: auth-options.h,v 1.8 2001/01/21 19:05:42 markus Exp $ */
#ifndef AUTH_OPTIONS_H
#define AUTH_OPTIONS_H
+
+/* Linked list of custom environment strings */
+struct envstring {
+ struct envstring *next;
+ char *s;
+};
+
/* Flags that may be set in authorized_keys options. */
extern int no_port_forwarding_flag;
extern int no_agent_forwarding_flag;
diff --git a/usr.bin/ssh/auth-passwd.c b/usr.bin/ssh/auth-passwd.c
index 409c3462521..74590dfdad7 100644
--- a/usr.bin/ssh/auth-passwd.c
+++ b/usr.bin/ssh/auth-passwd.c
@@ -36,13 +36,12 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-passwd.c,v 1.19 2001/01/18 16:59:59 markus Exp $");
+RCSID("$OpenBSD: auth-passwd.c,v 1.20 2001/01/21 19:05:42 markus Exp $");
#include "packet.h"
-#include "ssh.h"
-#include "servconf.h"
#include "xmalloc.h"
-
+#include "log.h"
+#include "servconf.h"
#include "auth.h"
/*
diff --git a/usr.bin/ssh/auth-rh-rsa.c b/usr.bin/ssh/auth-rh-rsa.c
index fcbb2197384..87d51549d20 100644
--- a/usr.bin/ssh/auth-rh-rsa.c
+++ b/usr.bin/ssh/auth-rh-rsa.c
@@ -13,19 +13,19 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rh-rsa.c,v 1.20 2001/01/19 15:55:10 markus Exp $");
+RCSID("$OpenBSD: auth-rh-rsa.c,v 1.21 2001/01/21 19:05:42 markus Exp $");
#include "packet.h"
-#include "ssh.h"
#include "xmalloc.h"
#include "uidswap.h"
+#include "log.h"
#include "servconf.h"
-
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
#include "key.h"
#include "hostfile.h"
#include "pathnames.h"
+#include "auth.h"
+#include "tildexpand.h"
+#include "canohost.h"
/*
* Tries to authenticate the user using the .rhosts file and the host using
diff --git a/usr.bin/ssh/auth-rhosts.c b/usr.bin/ssh/auth-rhosts.c
index 4ee2b215f18..4f9ea886d47 100644
--- a/usr.bin/ssh/auth-rhosts.c
+++ b/usr.bin/ssh/auth-rhosts.c
@@ -14,14 +14,15 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rhosts.c,v 1.18 2001/01/19 15:55:10 markus Exp $");
+RCSID("$OpenBSD: auth-rhosts.c,v 1.19 2001/01/21 19:05:42 markus Exp $");
#include "packet.h"
-#include "ssh.h"
#include "xmalloc.h"
#include "uidswap.h"
-#include "servconf.h"
#include "pathnames.h"
+#include "log.h"
+#include "servconf.h"
+#include "canohost.h"
/*
* This function processes an rhosts-style file (.rhosts, .shosts, or
diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c
index dc39995a7b3..ee71655f364 100644
--- a/usr.bin/ssh/auth-rsa.c
+++ b/usr.bin/ssh/auth-rsa.c
@@ -14,23 +14,23 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.37 2001/01/20 17:34:25 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.38 2001/01/21 19:05:42 markus Exp $");
+
+#include <openssl/rsa.h>
+#include <openssl/md5.h>
#include "rsa.h"
#include "packet.h"
#include "xmalloc.h"
-#include "ssh.h"
#include "ssh1.h"
#include "mpaux.h"
#include "uidswap.h"
#include "match.h"
-#include "servconf.h"
#include "auth-options.h"
#include "pathnames.h"
-
-#include <openssl/rsa.h>
-#include <openssl/md5.h>
-
+#include "log.h"
+#include "servconf.h"
+#include "auth.h"
/* import */
extern ServerOptions options;
diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c
index 34df2ff5364..450250e28d4 100644
--- a/usr.bin/ssh/auth.c
+++ b/usr.bin/ssh/auth.c
@@ -23,16 +23,16 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth.c,v 1.13 2001/01/18 16:59:59 markus Exp $");
+RCSID("$OpenBSD: auth.c,v 1.14 2001/01/21 19:05:43 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
#include "match.h"
-#include "servconf.h"
#include "groupaccess.h"
-
+#include "log.h"
+#include "servconf.h"
#include "auth.h"
#include "auth-options.h"
+#include "canohost.h"
/* import */
extern ServerOptions options;
diff --git a/usr.bin/ssh/auth.h b/usr.bin/ssh/auth.h
index 65ba95997f2..6b4efebe4c9 100644
--- a/usr.bin/ssh/auth.h
+++ b/usr.bin/ssh/auth.h
@@ -21,11 +21,13 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
- * $OpenBSD: auth.h,v 1.9 2001/01/18 16:59:59 markus Exp $
+ * $OpenBSD: auth.h,v 1.10 2001/01/21 19:05:43 markus Exp $
*/
#ifndef AUTH_H
#define AUTH_H
+#include <openssl/rsa.h>
+
typedef struct Authctxt Authctxt;
struct Authctxt {
int success;
@@ -39,6 +41,68 @@ struct Authctxt {
char *style;
};
+/*
+ * Tries to authenticate the user using the .rhosts file. Returns true if
+ * authentication succeeds. If ignore_rhosts is non-zero, this will not
+ * consider .rhosts and .shosts (/etc/hosts.equiv will still be used).
+ */
+int auth_rhosts(struct passwd * pw, const char *client_user);
+
+/*
+ * Tries to authenticate the user using the .rhosts file and the host using
+ * its host key. Returns true if authentication succeeds.
+ */
+int
+auth_rhosts_rsa(struct passwd * pw, const char *client_user, RSA* client_host_key);
+
+/*
+ * Tries to authenticate the user using password. Returns true if
+ * authentication succeeds.
+ */
+int auth_password(struct passwd * pw, const char *password);
+
+/*
+ * Performs the RSA authentication dialog with the client. This returns 0 if
+ * the client could not be authenticated, and 1 if authentication was
+ * successful. This may exit if there is a serious protocol violation.
+ */
+int auth_rsa(struct passwd * pw, BIGNUM * client_n);
+
+/*
+ * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
+ * over the key. Skips any whitespace at the beginning and at end.
+ */
+int auth_rsa_read_key(char **cpp, u_int *bitsp, BIGNUM * e, BIGNUM * n);
+
+/*
+ * Performs the RSA authentication challenge-response dialog with the client,
+ * and returns true (non-zero) if the client gave the correct answer to our
+ * challenge; returns zero if the client gives a wrong answer.
+ */
+int auth_rsa_challenge_dialog(RSA *pk);
+
+#ifdef KRB4
+#include <krb.h>
+/*
+ * Performs Kerberos v4 mutual authentication with the client. This returns 0
+ * if the client could not be authenticated, and 1 if authentication was
+ * successful. This may exit if there is a serious protocol violation.
+ */
+int auth_krb4(const char *server_user, KTEXT auth, char **client);
+int krb4_init(uid_t uid);
+void krb4_cleanup_proc(void *ignore);
+int auth_krb4_password(struct passwd * pw, const char *password);
+
+#ifdef AFS
+#include <kafs.h>
+
+/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */
+int auth_kerberos_tgt(struct passwd * pw, const char *string);
+int auth_afs_token(struct passwd * pw, const char *token_string);
+#endif /* AFS */
+
+#endif /* KRB4 */
+
void do_authentication(void);
void do_authentication2(void);
diff --git a/usr.bin/ssh/auth1.c b/usr.bin/ssh/auth1.c
index 254cac6a972..cba6085afc3 100644
--- a/usr.bin/ssh/auth1.c
+++ b/usr.bin/ssh/auth1.c
@@ -10,15 +10,15 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth1.c,v 1.12 2001/01/19 15:55:10 markus Exp $");
+RCSID("$OpenBSD: auth1.c,v 1.13 2001/01/21 19:05:43 markus Exp $");
#include "xmalloc.h"
#include "rsa.h"
-#include "ssh.h"
#include "ssh1.h"
#include "packet.h"
#include "buffer.h"
#include "mpaux.h"
+#include "log.h"
#include "servconf.h"
#include "compat.h"
#include "auth.h"
diff --git a/usr.bin/ssh/auth2-chall.c b/usr.bin/ssh/auth2-chall.c
index 77294f4b895..39dc285b9a8 100644
--- a/usr.bin/ssh/auth2-chall.c
+++ b/usr.bin/ssh/auth2-chall.c
@@ -22,14 +22,14 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2-chall.c,v 1.1 2001/01/18 17:12:43 markus Exp $");
+RCSID("$OpenBSD: auth2-chall.c,v 1.2 2001/01/21 19:05:43 markus Exp $");
-#include "ssh.h"
#include "ssh2.h"
#include "auth.h"
#include "packet.h"
#include "xmalloc.h"
#include "dispatch.h"
+#include "log.h"
void send_userauth_into_request(Authctxt *authctxt, char *challenge, int echo);
void input_userauth_info_response(int type, int plen, void *ctxt);
diff --git a/usr.bin/ssh/auth2.c b/usr.bin/ssh/auth2.c
index 52cee38f9b6..d6aa7f3e51f 100644
--- a/usr.bin/ssh/auth2.c
+++ b/usr.bin/ssh/auth2.c
@@ -23,28 +23,28 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.31 2001/01/20 17:34:25 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.32 2001/01/21 19:05:44 markus Exp $");
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include <openssl/evp.h>
+#include "ssh2.h"
#include "xmalloc.h"
#include "rsa.h"
-#include "ssh.h"
#include "pty.h"
#include "packet.h"
#include "buffer.h"
+#include "log.h"
#include "servconf.h"
#include "compat.h"
#include "channels.h"
#include "bufaux.h"
-#include "ssh2.h"
#include "auth.h"
#include "session.h"
#include "dispatch.h"
#include "auth.h"
#include "key.h"
+#include "cipher.h"
+#include "kex.h"
#include "kex.h"
#include "pathnames.h"
diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c
index 7fa9080ca48..2ee8479b02c 100644
--- a/usr.bin/ssh/authfd.c
+++ b/usr.bin/ssh/authfd.c
@@ -35,7 +35,9 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.32 2000/12/20 19:37:21 markus Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.33 2001/01/21 19:05:44 markus Exp $");
+
+#include <openssl/evp.h>
#include "ssh.h"
#include "rsa.h"
@@ -43,14 +45,14 @@ RCSID("$OpenBSD: authfd.c,v 1.32 2000/12/20 19:37:21 markus Exp $");
#include "bufaux.h"
#include "xmalloc.h"
#include "getput.h"
-
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
#include "key.h"
#include "authfd.h"
+#include "cipher.h"
#include "kex.h"
#include "compat.h"
+#include "log.h"
+#include "atomicio.h"
+#include "authfd.h"
/* helper */
int decode_reply(int type);
diff --git a/usr.bin/ssh/authfile.c b/usr.bin/ssh/authfile.c
index f9b920334ea..0bc33b0ef83 100644
--- a/usr.bin/ssh/authfile.c
+++ b/usr.bin/ssh/authfile.c
@@ -36,20 +36,19 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: authfile.c,v 1.24 2000/12/20 19:26:56 markus Exp $");
+RCSID("$OpenBSD: authfile.c,v 1.25 2001/01/21 19:05:44 markus Exp $");
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include <openssl/err.h>
-#include <openssl/pem.h>
#include <openssl/evp.h>
+#include <openssl/pem.h>
+#include "cipher.h"
#include "xmalloc.h"
#include "buffer.h"
#include "bufaux.h"
-#include "ssh.h"
#include "key.h"
+#include "ssh.h"
+#include "log.h"
/* Version identification string for identity files. */
#define AUTHFILE_ID_STRING "SSH PRIVATE KEY FILE FORMAT 1.1\n"
diff --git a/usr.bin/ssh/bufaux.c b/usr.bin/ssh/bufaux.c
index 2d20ad6db77..8970ba13721 100644
--- a/usr.bin/ssh/bufaux.c
+++ b/usr.bin/ssh/bufaux.c
@@ -37,13 +37,13 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: bufaux.c,v 1.16 2001/01/16 23:58:08 deraadt Exp $");
+RCSID("$OpenBSD: bufaux.c,v 1.17 2001/01/21 19:05:45 markus Exp $");
-#include "ssh.h"
#include <openssl/bn.h>
#include "bufaux.h"
#include "xmalloc.h"
#include "getput.h"
+#include "log.h"
/*
* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
diff --git a/usr.bin/ssh/bufaux.h b/usr.bin/ssh/bufaux.h
index ec4300227b5..8902ec2a8a0 100644
--- a/usr.bin/ssh/bufaux.h
+++ b/usr.bin/ssh/bufaux.h
@@ -10,12 +10,13 @@
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: bufaux.h,v 1.10 2001/01/10 22:56:22 markus Exp $"); */
+/* RCSID("$OpenBSD: bufaux.h,v 1.11 2001/01/21 19:05:45 markus Exp $"); */
#ifndef BUFAUX_H
#define BUFAUX_H
#include "buffer.h"
+#include <openssl/bn.h>
/*
* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed
diff --git a/usr.bin/ssh/buffer.c b/usr.bin/ssh/buffer.c
index 668c173839f..0a8a4aa3599 100644
--- a/usr.bin/ssh/buffer.c
+++ b/usr.bin/ssh/buffer.c
@@ -12,11 +12,11 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: buffer.c,v 1.9 2000/12/19 23:17:55 markus Exp $");
+RCSID("$OpenBSD: buffer.c,v 1.10 2001/01/21 19:05:45 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
-#include "ssh.h"
+#include "log.h"
/* Initializes the buffer structure. */
diff --git a/usr.bin/ssh/canohost.c b/usr.bin/ssh/canohost.c
index 01823fb9167..ceb840050de 100644
--- a/usr.bin/ssh/canohost.c
+++ b/usr.bin/ssh/canohost.c
@@ -12,11 +12,11 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: canohost.c,v 1.17 2000/12/19 23:17:55 markus Exp $");
+RCSID("$OpenBSD: canohost.c,v 1.18 2001/01/21 19:05:45 markus Exp $");
#include "packet.h"
#include "xmalloc.h"
-#include "ssh.h"
+#include "log.h"
/*
* Return the canonical name of the host at the other end of the socket. The
diff --git a/usr.bin/ssh/canohost.h b/usr.bin/ssh/canohost.h
new file mode 100644
index 00000000000..572adb037af
--- /dev/null
+++ b/usr.bin/ssh/canohost.h
@@ -0,0 +1,36 @@
+/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+/*
+ * Returns the name of the machine at the other end of the socket. The
+ * returned string should be freed by the caller.
+ */
+char *get_remote_hostname(int socket);
+
+/*
+ * Return the canonical name of the host in the other side of the current
+ * connection (as returned by packet_get_connection). The host name is
+ * cached, so it is efficient to call this several times.
+ */
+const char *get_canonical_hostname(void);
+
+/*
+ * Returns the remote IP address as an ascii string. The value need not be
+ * freed by the caller.
+ */
+const char *get_remote_ipaddr(void);
+
+/* Returns the port number of the peer of the socket. */
+int get_peer_port(int sock);
+
+/* Returns the port number of the remote/local host. */
+int get_remote_port(void);
+int get_local_port(void);
diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 2953ef6484d..8e3592b8566 100644
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -40,25 +40,24 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.81 2001/01/19 15:55:10 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.82 2001/01/21 19:05:46 markus Exp $");
+
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
#include "ssh.h"
+#include "ssh1.h"
+#include "ssh2.h"
#include "packet.h"
#include "xmalloc.h"
#include "buffer.h"
#include "uidswap.h"
-#include "readconf.h"
-#include "servconf.h"
-
+#include "log.h"
+#include "misc.h"
#include "channels.h"
#include "nchan.h"
#include "compat.h"
-
-#include "ssh1.h"
-#include "ssh2.h"
-
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
+#include "canohost.h"
#include "key.h"
#include "authfd.h"
@@ -131,6 +130,9 @@ static int all_opens_permitted = 0;
/* This is set to true if both sides support SSH_PROTOFLAG_HOST_IN_FWD_OPEN. */
static int have_hostname_in_open = 0;
+/* AF_UNSPEC or AF_INET or AF_INET6 */
+extern int IPv4or6;
+
/* Sets specific protocol options. */
void
diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c
index 89e3c279fcc..c867216cc67 100644
--- a/usr.bin/ssh/cipher.c
+++ b/usr.bin/ssh/cipher.c
@@ -35,10 +35,11 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.41 2000/12/19 23:17:56 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.42 2001/01/21 19:05:46 markus Exp $");
-#include "ssh.h"
#include "xmalloc.h"
+#include "log.h"
+#include "cipher.h"
#include <openssl/md5.h>
diff --git a/usr.bin/ssh/cli.c b/usr.bin/ssh/cli.c
index fa18e7b54b6..943bc104b2c 100644
--- a/usr.bin/ssh/cli.c
+++ b/usr.bin/ssh/cli.c
@@ -1,8 +1,9 @@
#include "includes.h"
-RCSID("$OpenBSD: cli.c,v 1.5 2001/01/08 08:50:29 markus Exp $");
+RCSID("$OpenBSD: cli.c,v 1.6 2001/01/21 19:05:47 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
+#include "log.h"
+
#include <vis.h>
static int cli_input = -1;
diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index beaef8c2330..aade8606b63 100644
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c
@@ -59,28 +59,25 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.44 2001/01/19 15:55:10 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.45 2001/01/21 19:05:47 markus Exp $");
-#include "xmalloc.h"
#include "ssh.h"
-#include "packet.h"
-#include "buffer.h"
-#include "readconf.h"
-
#include "ssh1.h"
#include "ssh2.h"
+#include "xmalloc.h"
+#include "packet.h"
+#include "buffer.h"
#include "compat.h"
#include "channels.h"
#include "dispatch.h"
-
#include "buffer.h"
#include "bufaux.h"
-
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include "key.h"
-#include "authfd.h"
+#include "log.h"
+#include "readconf.h"
#include "clientloop.h"
+#include "authfd.h"
+#include "atomicio.h"
/* import options */
extern Options options;
diff --git a/usr.bin/ssh/clientloop.h b/usr.bin/ssh/clientloop.h
index 3ad72aa55ce..58a1a7afb13 100644
--- a/usr.bin/ssh/clientloop.h
+++ b/usr.bin/ssh/clientloop.h
@@ -1,4 +1,15 @@
/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -21,4 +32,8 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+
void clientloop_set_session_ident(int id);
+
+/* Client side main loop for the interactive session. */
+int client_loop(int have_pty, int escape_char, int id);
diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index c7df1906b06..87caf71cec6 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c
@@ -23,13 +23,14 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.33 2001/01/08 22:29:05 markus Exp $");
+RCSID("$OpenBSD: compat.c,v 1.34 2001/01/21 19:05:48 markus Exp $");
+
+#include <regex.h>
-#include "ssh.h"
#include "packet.h"
#include "xmalloc.h"
#include "compat.h"
-#include <regex.h>
+#include "log.h"
int compat13 = 0;
int compat20 = 0;
diff --git a/usr.bin/ssh/compress.c b/usr.bin/ssh/compress.c
index 2437606b7ab..1871bc8cc03 100644
--- a/usr.bin/ssh/compress.c
+++ b/usr.bin/ssh/compress.c
@@ -12,9 +12,9 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: compress.c,v 1.11 2000/12/20 19:37:21 markus Exp $");
+RCSID("$OpenBSD: compress.c,v 1.12 2001/01/21 19:05:48 markus Exp $");
-#include "ssh.h"
+#include "log.h"
#include "buffer.h"
#include "zlib.h"
diff --git a/usr.bin/ssh/deattack.c b/usr.bin/ssh/deattack.c
index c3c3f08d2eb..9b9babace3b 100644
--- a/usr.bin/ssh/deattack.c
+++ b/usr.bin/ssh/deattack.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: deattack.c,v 1.11 2000/12/19 23:17:56 markus Exp $ */
+/* $OpenBSD: deattack.c,v 1.12 2001/01/21 19:05:48 markus Exp $ */
/*
* Cryptographic attack detector for ssh - source code
@@ -21,7 +21,7 @@
#include "includes.h"
#include "deattack.h"
-#include "ssh.h"
+#include "log.h"
#include "crc32.h"
#include "getput.h"
#include "xmalloc.h"
diff --git a/usr.bin/ssh/dh.c b/usr.bin/ssh/dh.c
index 605148f908a..f1f7e5d43fa 100644
--- a/usr.bin/ssh/dh.c
+++ b/usr.bin/ssh/dh.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: dh.c,v 1.5 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: dh.c,v 1.6 2001/01/21 19:05:49 markus Exp $");
#include "xmalloc.h"
@@ -31,11 +31,13 @@ RCSID("$OpenBSD: dh.c,v 1.5 2001/01/19 15:55:11 markus Exp $");
#include <openssl/dh.h>
#include <openssl/evp.h>
-#include "ssh.h"
#include "buffer.h"
+#include "cipher.h"
#include "kex.h"
#include "dh.h"
#include "pathnames.h"
+#include "log.h"
+#include "misc.h"
int
parse_prime(int linenum, char *line, struct dhgroup *dhg)
diff --git a/usr.bin/ssh/dispatch.c b/usr.bin/ssh/dispatch.c
index 45bb47e92da..74fcc553cfc 100644
--- a/usr.bin/ssh/dispatch.c
+++ b/usr.bin/ssh/dispatch.c
@@ -22,9 +22,10 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: dispatch.c,v 1.6 2001/01/19 15:55:11 markus Exp $");
-#include "ssh.h"
+RCSID("$OpenBSD: dispatch.c,v 1.7 2001/01/21 19:05:49 markus Exp $");
+
#include "ssh1.h"
+#include "log.h"
#include "dispatch.h"
#include "packet.h"
diff --git a/usr.bin/ssh/groupaccess.c b/usr.bin/ssh/groupaccess.c
index bf6be997ed8..9f72e577eb2 100644
--- a/usr.bin/ssh/groupaccess.c
+++ b/usr.bin/ssh/groupaccess.c
@@ -25,9 +25,9 @@
#include "includes.h"
#include "groupaccess.h"
-#include "ssh.h"
#include "xmalloc.h"
#include "match.h"
+#include "log.h"
static int ngroups;
static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */
diff --git a/usr.bin/ssh/hmac.c b/usr.bin/ssh/hmac.c
index 6c3883e67e5..e440d611762 100644
--- a/usr.bin/ssh/hmac.c
+++ b/usr.bin/ssh/hmac.c
@@ -23,11 +23,11 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: hmac.c,v 1.5 2000/12/19 23:17:56 markus Exp $");
+RCSID("$OpenBSD: hmac.c,v 1.6 2001/01/21 19:05:49 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
#include "getput.h"
+#include "log.h"
#include <openssl/hmac.h>
diff --git a/usr.bin/ssh/hostfile.c b/usr.bin/ssh/hostfile.c
index 1c3fb22ad43..b285ee83cf5 100644
--- a/usr.bin/ssh/hostfile.c
+++ b/usr.bin/ssh/hostfile.c
@@ -36,15 +36,13 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: hostfile.c,v 1.23 2000/12/21 15:10:16 markus Exp $");
+RCSID("$OpenBSD: hostfile.c,v 1.24 2001/01/21 19:05:49 markus Exp $");
#include "packet.h"
#include "match.h"
-#include "ssh.h"
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
#include "key.h"
#include "hostfile.h"
+#include "log.h"
/*
* Parses an RSA (number of bits, e, n) or DSA key from a string. Moves the
diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c
index 9a31ae92739..d3099f7085c 100644
--- a/usr.bin/ssh/kex.c
+++ b/usr.bin/ssh/kex.c
@@ -23,18 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: kex.c,v 1.17 2001/01/08 21:48:17 markus Exp $");
-
-#include "ssh.h"
-#include "ssh2.h"
-#include "xmalloc.h"
-#include "buffer.h"
-#include "bufaux.h"
-#include "packet.h"
-#include "compat.h"
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
+RCSID("$OpenBSD: kex.c,v 1.18 2001/01/21 19:05:49 markus Exp $");
#include <openssl/crypto.h>
#include <openssl/bio.h>
@@ -42,8 +31,16 @@ RCSID("$OpenBSD: kex.c,v 1.17 2001/01/08 21:48:17 markus Exp $");
#include <openssl/dh.h>
#include <openssl/pem.h>
+#include "ssh2.h"
+#include "xmalloc.h"
+#include "buffer.h"
+#include "bufaux.h"
+#include "packet.h"
+#include "compat.h"
+#include "cipher.h"
#include "kex.h"
#include "key.h"
+#include "log.h"
#define KEX_COOKIE_LEN 16
diff --git a/usr.bin/ssh/key.c b/usr.bin/ssh/key.c
index 21e13b8631f..a2306fed661 100644
--- a/usr.bin/ssh/key.c
+++ b/usr.bin/ssh/key.c
@@ -31,12 +31,11 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-
#include "includes.h"
-#include "ssh.h"
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
+RCSID("$OpenBSD: key.c,v 1.15 2001/01/21 19:05:50 markus Exp $");
+
#include <openssl/evp.h>
+
#include "xmalloc.h"
#include "key.h"
#include "rsa.h"
@@ -45,8 +44,7 @@
#include "uuencode.h"
#include "buffer.h"
#include "bufaux.h"
-
-RCSID("$OpenBSD: key.c,v 1.14 2001/01/16 19:20:06 markus Exp $");
+#include "log.h"
Key *
key_new(int type)
diff --git a/usr.bin/ssh/key.h b/usr.bin/ssh/key.h
index 91f4d005506..00e71839add 100644
--- a/usr.bin/ssh/key.h
+++ b/usr.bin/ssh/key.h
@@ -24,6 +24,9 @@
#ifndef KEY_H
#define KEY_H
+#include <openssl/rsa.h>
+#include <openssl/dsa.h>
+
typedef struct Key Key;
enum types {
KEY_RSA1,
diff --git a/usr.bin/ssh/lib/Makefile b/usr.bin/ssh/lib/Makefile
index d82ad9b9390..59ae9005001 100644
--- a/usr.bin/ssh/lib/Makefile
+++ b/usr.bin/ssh/lib/Makefile
@@ -5,7 +5,7 @@ SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \
cipher.c compat.c compress.c crc32.c deattack.c \
hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \
rsa.c tildexpand.c ttymodes.c uidswap.c xmalloc.c atomicio.c \
- key.c dispatch.c kex.c hmac.c uuencode.c util.c \
+ key.c dispatch.c kex.c hmac.c uuencode.c misc.c \
cli.c rijndael.c ssh-dss.c ssh-rsa.c
NOPROFILE= yes
diff --git a/usr.bin/ssh/log-client.c b/usr.bin/ssh/log-client.c
index 656499ad1d7..b35f77bc9b6 100644
--- a/usr.bin/ssh/log-client.c
+++ b/usr.bin/ssh/log-client.c
@@ -36,10 +36,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: log-client.c,v 1.14 2001/01/18 16:20:21 markus Exp $");
+RCSID("$OpenBSD: log-client.c,v 1.15 2001/01/21 19:05:50 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
+#include "log.h"
static LogLevel log_level = SYSLOG_LEVEL_INFO;
diff --git a/usr.bin/ssh/log-server.c b/usr.bin/ssh/log-server.c
index 3c5547387ec..5e2b7722de0 100644
--- a/usr.bin/ssh/log-server.c
+++ b/usr.bin/ssh/log-server.c
@@ -36,12 +36,12 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: log-server.c,v 1.19 2001/01/18 16:20:21 markus Exp $");
+RCSID("$OpenBSD: log-server.c,v 1.20 2001/01/21 19:05:50 markus Exp $");
#include <syslog.h>
#include "packet.h"
#include "xmalloc.h"
-#include "ssh.h"
+#include "log.h"
static LogLevel log_level = SYSLOG_LEVEL_INFO;
static int log_on_stderr = 0;
diff --git a/usr.bin/ssh/log.c b/usr.bin/ssh/log.c
index 94b189b8da6..239997aec73 100644
--- a/usr.bin/ssh/log.c
+++ b/usr.bin/ssh/log.c
@@ -36,9 +36,9 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: log.c,v 1.14 2001/01/18 16:20:21 markus Exp $");
+RCSID("$OpenBSD: log.c,v 1.15 2001/01/21 19:05:51 markus Exp $");
-#include "ssh.h"
+#include "log.h"
#include "xmalloc.h"
/* Fatal messages. This function never returns. */
diff --git a/usr.bin/ssh/log.h b/usr.bin/ssh/log.h
new file mode 100644
index 00000000000..b9a9455dabb
--- /dev/null
+++ b/usr.bin/ssh/log.h
@@ -0,0 +1,73 @@
+/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+
+#ifndef SSH_LOG_H
+#define SSH_LOG_H
+
+/* Supported syslog facilities and levels. */
+typedef enum {
+ SYSLOG_FACILITY_DAEMON,
+ SYSLOG_FACILITY_USER,
+ SYSLOG_FACILITY_AUTH,
+ SYSLOG_FACILITY_LOCAL0,
+ SYSLOG_FACILITY_LOCAL1,
+ SYSLOG_FACILITY_LOCAL2,
+ SYSLOG_FACILITY_LOCAL3,
+ SYSLOG_FACILITY_LOCAL4,
+ SYSLOG_FACILITY_LOCAL5,
+ SYSLOG_FACILITY_LOCAL6,
+ SYSLOG_FACILITY_LOCAL7
+} SyslogFacility;
+
+typedef enum {
+ SYSLOG_LEVEL_QUIET,
+ SYSLOG_LEVEL_FATAL,
+ SYSLOG_LEVEL_ERROR,
+ SYSLOG_LEVEL_INFO,
+ SYSLOG_LEVEL_VERBOSE,
+ SYSLOG_LEVEL_DEBUG1,
+ SYSLOG_LEVEL_DEBUG2,
+ SYSLOG_LEVEL_DEBUG3
+} LogLevel;
+/* Initializes logging. */
+void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr);
+
+/* Logging implementation, depending on server or client */
+void do_log(LogLevel level, const char *fmt, va_list args);
+
+/* name to facility/level */
+SyslogFacility log_facility_number(char *name);
+LogLevel log_level_number(char *name);
+
+/* Output a message to syslog or stderr */
+void fatal(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void error(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void log(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void verbose(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void debug2(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void debug3(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+
+/* same as fatal() but w/o logging */
+void fatal_cleanup(void);
+
+/*
+ * Registers a cleanup function to be called by fatal()/fatal_cleanup()
+ * before exiting. It is permissible to call fatal_remove_cleanup for the
+ * function itself from the function.
+ */
+void fatal_add_cleanup(void (*proc) (void *context), void *context);
+
+/* Removes a cleanup function to be called at fatal(). */
+void fatal_remove_cleanup(void (*proc) (void *context), void *context);
+
+#endif
diff --git a/usr.bin/ssh/login.c b/usr.bin/ssh/login.c
index 06eb0611c81..76ea2277f6d 100644
--- a/usr.bin/ssh/login.c
+++ b/usr.bin/ssh/login.c
@@ -39,11 +39,12 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: login.c,v 1.16 2000/12/19 23:17:57 markus Exp $");
+RCSID("$OpenBSD: login.c,v 1.17 2001/01/21 19:05:51 markus Exp $");
#include <util.h>
#include <utmp.h>
-#include "ssh.h"
+#include "login.h"
+#include "log.h"
/*
* Returns the time when the user last logged in. Returns 0 if the
diff --git a/usr.bin/ssh/login.h b/usr.bin/ssh/login.h
new file mode 100644
index 00000000000..fc9b5ded1af
--- /dev/null
+++ b/usr.bin/ssh/login.h
@@ -0,0 +1,38 @@
+/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+#ifndef LOGIN_H
+#define LOGIN_H
+
+/*
+ * Returns the time when the user last logged in. Returns 0 if the
+ * information is not available. This must be called before record_login.
+ * The host from which the user logged in is stored in buf.
+ */
+u_long
+get_last_login_time(uid_t uid, const char *logname,
+ char *buf, u_int bufsize);
+
+/*
+ * Records that the user has logged in. This does many things normally done
+ * by login(1).
+ */
+void
+record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
+ const char *host, struct sockaddr *addr);
+
+/*
+ * Records that the user has logged out. This does many thigs normally done
+ * by login(1) or init.
+ */
+void record_logout(pid_t pid, const char *ttyname);
+
+#endif
diff --git a/usr.bin/ssh/match.c b/usr.bin/ssh/match.c
index 895ecab37a8..81030da6a70 100644
--- a/usr.bin/ssh/match.c
+++ b/usr.bin/ssh/match.c
@@ -12,9 +12,9 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: match.c,v 1.10 2000/12/19 23:17:57 markus Exp $");
+RCSID("$OpenBSD: match.c,v 1.11 2001/01/21 19:05:52 markus Exp $");
-#include "ssh.h"
+#include "match.h"
/*
* Returns true if the given string matches the pattern (which may contain ?
diff --git a/usr.bin/ssh/util.c b/usr.bin/ssh/misc.c
index 1a591a6f0f5..e4e1fc76c17 100644
--- a/usr.bin/ssh/util.c
+++ b/usr.bin/ssh/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: util.c,v 1.6 2000/10/27 07:32:19 markus Exp $ */
+/* $OpenBSD: misc.c,v 1.1 2001/01/21 19:05:52 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -25,9 +25,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: util.c,v 1.6 2000/10/27 07:32:19 markus Exp $");
+RCSID("$OpenBSD: misc.c,v 1.1 2001/01/21 19:05:52 markus Exp $");
-#include "ssh.h"
+#include "misc.h"
+#include "log.h"
char *
chop(char *s)
diff --git a/usr.bin/ssh/misc.h b/usr.bin/ssh/misc.h
new file mode 100644
index 00000000000..8205a6070a1
--- /dev/null
+++ b/usr.bin/ssh/misc.h
@@ -0,0 +1,19 @@
+/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+/* remove newline at end of string */
+char *chop(char *s);
+
+/* return next token in configuration line */
+char *strdelim(char **s);
+
+/* set filedescriptor to non-blocking */
+void set_nonblock(int fd);
diff --git a/usr.bin/ssh/nchan.c b/usr.bin/ssh/nchan.c
index 84f3a2fdecb..4a76489bf3d 100644
--- a/usr.bin/ssh/nchan.c
+++ b/usr.bin/ssh/nchan.c
@@ -23,18 +23,16 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: nchan.c,v 1.21 2001/01/19 15:55:11 markus Exp $");
-
-#include "ssh.h"
+RCSID("$OpenBSD: nchan.c,v 1.22 2001/01/21 19:05:52 markus Exp $");
+#include "ssh1.h"
+#include "ssh2.h"
#include "buffer.h"
#include "packet.h"
#include "channels.h"
#include "nchan.h"
-
-#include "ssh1.h"
-#include "ssh2.h"
#include "compat.h"
+#include "log.h"
/* functions manipulating channel states */
/*
diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c
index 9661e145312..24764f448b1 100644
--- a/usr.bin/ssh/packet.c
+++ b/usr.bin/ssh/packet.c
@@ -37,13 +37,12 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: packet.c,v 1.45 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: packet.c,v 1.46 2001/01/21 19:05:53 markus Exp $");
#include "xmalloc.h"
#include "buffer.h"
#include "packet.h"
#include "bufaux.h"
-#include "ssh.h"
#include "crc32.h"
#include "getput.h"
@@ -62,6 +61,8 @@ RCSID("$OpenBSD: packet.c,v 1.45 2001/01/19 15:55:11 markus Exp $");
#include "cipher.h"
#include "kex.h"
#include "hmac.h"
+#include "log.h"
+#include "canohost.h"
#ifdef PACKET_DEBUG
#define DBG(x) x
diff --git a/usr.bin/ssh/pty.c b/usr.bin/ssh/pty.c
index 25ab0077a36..125f2c705f3 100644
--- a/usr.bin/ssh/pty.c
+++ b/usr.bin/ssh/pty.c
@@ -12,11 +12,11 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: pty.c,v 1.19 2000/12/20 20:00:34 markus Exp $");
+RCSID("$OpenBSD: pty.c,v 1.20 2001/01/21 19:05:53 markus Exp $");
#include <util.h>
#include "pty.h"
-#include "ssh.h"
+#include "log.h"
/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
diff --git a/usr.bin/ssh/radix.h b/usr.bin/ssh/radix.h
new file mode 100644
index 00000000000..993fa588759
--- /dev/null
+++ b/usr.bin/ssh/radix.h
@@ -0,0 +1,26 @@
+/*
+ * Copyright (c) 1999 Dug Song. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+int creds_to_radix(CREDENTIALS * creds, u_char *buf, size_t buflen);
+int radix_to_creds(const char *buf, CREDENTIALS * creds);
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index 6086776b026..b2b3f10d5f5 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c
@@ -12,14 +12,17 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.57 2001/01/20 23:02:07 djm Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.58 2001/01/21 19:05:53 markus Exp $");
#include "ssh.h"
-#include "readconf.h"
-#include "match.h"
#include "xmalloc.h"
#include "compat.h"
+#include "cipher.h"
#include "pathnames.h"
+#include "log.h"
+#include "readconf.h"
+#include "match.h"
+#include "misc.h"
/* Format of the configuration file:
diff --git a/usr.bin/ssh/readpass.c b/usr.bin/ssh/readpass.c
index f3a7dcbed27..6df20f60b93 100644
--- a/usr.bin/ssh/readpass.c
+++ b/usr.bin/ssh/readpass.c
@@ -32,10 +32,9 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readpass.c,v 1.12 2000/10/11 20:14:39 markus Exp $");
+RCSID("$OpenBSD: readpass.c,v 1.13 2001/01/21 19:05:54 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
#include "cli.h"
/*
diff --git a/usr.bin/ssh/readpass.h b/usr.bin/ssh/readpass.h
new file mode 100644
index 00000000000..fa64b4b343b
--- /dev/null
+++ b/usr.bin/ssh/readpass.h
@@ -0,0 +1,18 @@
+/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+
+/*
+ * Reads a passphrase from /dev/tty with echo turned off. Returns the
+ * passphrase (allocated with xmalloc). Exits if EOF is encountered. If
+ * from_stdin is true, the passphrase will be read from stdin instead.
+ */
+char *read_passphrase(char *prompt, int from_stdin);
diff --git a/usr.bin/ssh/rsa.c b/usr.bin/ssh/rsa.c
index e5eea29f5e3..04bb239e532 100644
--- a/usr.bin/ssh/rsa.c
+++ b/usr.bin/ssh/rsa.c
@@ -60,10 +60,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: rsa.c,v 1.18 2000/12/19 23:17:57 markus Exp $");
+RCSID("$OpenBSD: rsa.c,v 1.19 2001/01/21 19:05:54 markus Exp $");
#include "rsa.h"
-#include "ssh.h"
+#include "log.h"
#include "xmalloc.h"
void
diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c
index 806115bfae2..4180cdade85 100644
--- a/usr.bin/ssh/scp.c
+++ b/usr.bin/ssh/scp.c
@@ -75,11 +75,12 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.50 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: scp.c,v 1.51 2001/01/21 19:05:55 markus Exp $");
-#include "ssh.h"
#include "xmalloc.h"
+#include "atomicio.h"
#include "pathnames.h"
+#include "log.h"
/* For progressmeter() -- number of seconds before xfer considered "stalled" */
#define STALLTIME 5
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 036eeb63289..67a82b8e867 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -10,17 +10,31 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.61 2001/01/20 23:00:56 djm Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.62 2001/01/21 19:05:55 markus Exp $");
+
+#ifdef KRB4
+#include <krb.h>
+#endif
+#ifdef AFS
+#include <kafs.h>
+#endif
#include "ssh.h"
+#include "log.h"
#include "servconf.h"
#include "xmalloc.h"
#include "compat.h"
#include "pathnames.h"
+#include "tildexpand.h"
+#include "misc.h"
+#include "cipher.h"
/* add listen address */
void add_listen_addr(ServerOptions *options, char *addr);
+/* AF_UNSPEC or AF_INET or AF_INET6 */
+extern int IPv4or6;
+
/* Initializes the server options to their default values. */
void
@@ -282,7 +296,6 @@ parse_token(const char *cp, const char *filename,
void
add_listen_addr(ServerOptions *options, char *addr)
{
- extern int IPv4or6;
struct addrinfo hints, *ai, *aitop;
char strport[NI_MAXSERV];
int gaierr;
diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c
index a7d21fbcad4..61f2c038516 100644
--- a/usr.bin/ssh/serverloop.c
+++ b/usr.bin/ssh/serverloop.c
@@ -35,16 +35,15 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.41 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.42 2001/01/21 19:05:55 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
#include "packet.h"
#include "buffer.h"
+#include "log.h"
#include "servconf.h"
#include "pty.h"
#include "channels.h"
-
#include "compat.h"
#include "ssh1.h"
#include "ssh2.h"
@@ -52,6 +51,8 @@ RCSID("$OpenBSD: serverloop.c,v 1.41 2001/01/19 15:55:11 markus Exp $");
#include "session.h"
#include "dispatch.h"
#include "auth-options.h"
+#include "serverloop.h"
+#include "misc.h"
extern ServerOptions options;
diff --git a/usr.bin/ssh/serverloop.h b/usr.bin/ssh/serverloop.h
new file mode 100644
index 00000000000..915bffeab5e
--- /dev/null
+++ b/usr.bin/ssh/serverloop.h
@@ -0,0 +1,20 @@
+/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+/*
+ * Performs the interactive session. This handles data transmission between
+ * the client and the program. Note that the notion of stdin, stdout, and
+ * stderr in this function is sort of reversed: this function writes to stdin
+ * (of the child program), and reads from stdout and stderr (of the child
+ * program).
+ */
+void server_loop(pid_t pid, int fdin, int fdout, int fderr);
+void server_loop2(void);
diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c
index 64a0a6e8a71..7a5e867b965 100644
--- a/usr.bin/ssh/session.c
+++ b/usr.bin/ssh/session.c
@@ -33,26 +33,29 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.50 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.51 2001/01/21 19:05:56 markus Exp $");
-#include "xmalloc.h"
#include "ssh.h"
+#include "ssh1.h"
+#include "ssh2.h"
+#include "xmalloc.h"
#include "pty.h"
#include "packet.h"
#include "buffer.h"
#include "mpaux.h"
-#include "servconf.h"
#include "uidswap.h"
#include "compat.h"
#include "channels.h"
#include "nchan.h"
-
#include "bufaux.h"
-#include "ssh1.h"
-#include "ssh2.h"
#include "auth.h"
#include "auth-options.h"
#include "pathnames.h"
+#include "log.h"
+#include "servconf.h"
+#include "login.h"
+#include "serverloop.h"
+#include "canohost.h"
#ifdef HAVE_LOGIN_CAP
#include <login_cap.h>
diff --git a/usr.bin/ssh/sftp-server.c b/usr.bin/ssh/sftp-server.c
index 406133d31e6..30c93354713 100644
--- a/usr.bin/ssh/sftp-server.c
+++ b/usr.bin/ssh/sftp-server.c
@@ -22,12 +22,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "includes.h"
-RCSID("$OpenBSD: sftp-server.c,v 1.13 2001/01/16 20:54:27 markus Exp $");
+RCSID("$OpenBSD: sftp-server.c,v 1.14 2001/01/21 19:05:56 markus Exp $");
-#include "ssh.h"
#include "buffer.h"
#include "bufaux.h"
#include "getput.h"
+#include "log.h"
#include "xmalloc.h"
#include "sftp.h"
diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c
index b8a8aef2030..693055a0efb 100644
--- a/usr.bin/ssh/ssh-add.c
+++ b/usr.bin/ssh/ssh-add.c
@@ -35,19 +35,19 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.26 2001/01/20 21:33:42 markus Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.27 2001/01/21 19:05:56 markus Exp $");
#include <openssl/evp.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include "rsa.h"
#include "ssh.h"
+#include "rsa.h"
+#include "log.h"
#include "xmalloc.h"
#include "key.h"
#include "authfd.h"
#include "authfile.h"
#include "pathnames.h"
+#include "readpass.h"
void
delete_file(AuthenticationConnection *ac, const char *filename)
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 1ce56b5d7db..d1739e273f9 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.46 2001/01/11 21:37:30 markus Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.47 2001/01/21 19:05:56 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,7 +37,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.46 2001/01/11 21:37:30 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.47 2001/01/21 19:05:56 markus Exp $");
+
+#include <openssl/evp.h>
+#include <openssl/md5.h>
#include "ssh.h"
#include "rsa.h"
@@ -47,16 +50,12 @@ RCSID("$OpenBSD: ssh-agent.c,v 1.46 2001/01/11 21:37:30 markus Exp $");
#include "packet.h"
#include "getput.h"
#include "mpaux.h"
-#include "includes.h"
-
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include "key.h"
#include "authfd.h"
+#include "cipher.h"
#include "kex.h"
#include "compat.h"
+#include "log.h"
typedef struct {
int fd;
diff --git a/usr.bin/ssh/ssh-dss.c b/usr.bin/ssh/ssh-dss.c
index 4e7c94fcd88..2366c211790 100644
--- a/usr.bin/ssh/ssh-dss.c
+++ b/usr.bin/ssh/ssh-dss.c
@@ -23,19 +23,16 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-dss.c,v 1.3 2001/01/19 16:50:58 markus Exp $");
+RCSID("$OpenBSD: ssh-dss.c,v 1.4 2001/01/21 19:05:57 markus Exp $");
+
+#include <openssl/bn.h>
+#include <openssl/evp.h>
-#include "ssh.h"
#include "xmalloc.h"
#include "buffer.h"
#include "bufaux.h"
#include "compat.h"
-
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-
+#include "log.h"
#include "key.h"
#define INTBLOB_LEN 20
diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index 66406d9cb48..d6bb3a0d9f6 100644
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -12,23 +12,20 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.40 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.41 2001/01/21 19:05:57 markus Exp $");
#include <openssl/evp.h>
#include <openssl/pem.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include "ssh.h"
#include "xmalloc.h"
#include "key.h"
-#include "rsa.h"
#include "authfile.h"
#include "uuencode.h"
-
#include "buffer.h"
#include "bufaux.h"
#include "pathnames.h"
+#include "log.h"
+#include "readpass.h"
/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */
int bits = 1024;
diff --git a/usr.bin/ssh/ssh-keyscan.c b/usr.bin/ssh/ssh-keyscan.c
index e6d2bbb0f12..6387c5ded4f 100644
--- a/usr.bin/ssh/ssh-keyscan.c
+++ b/usr.bin/ssh/ssh-keyscan.c
@@ -8,14 +8,12 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-keyscan.c,v 1.10 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: ssh-keyscan.c,v 1.11 2001/01/21 19:05:57 markus Exp $");
#include <sys/queue.h>
#include <errno.h>
#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
#include "xmalloc.h"
#include "ssh.h"
@@ -23,6 +21,7 @@ RCSID("$OpenBSD: ssh-keyscan.c,v 1.10 2001/01/19 15:55:11 markus Exp $");
#include "key.h"
#include "buffer.h"
#include "bufaux.h"
+#include "log.h"
static int argno = 1; /* Number of argument currently being parsed */
diff --git a/usr.bin/ssh/ssh-rsa.c b/usr.bin/ssh/ssh-rsa.c
index e53af9e0a3b..2dc34106667 100644
--- a/usr.bin/ssh/ssh-rsa.c
+++ b/usr.bin/ssh/ssh-rsa.c
@@ -23,18 +23,15 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-rsa.c,v 1.4 2001/01/16 19:20:06 markus Exp $");
-
-#include "ssh.h"
-#include "xmalloc.h"
-#include "buffer.h"
-#include "bufaux.h"
+RCSID("$OpenBSD: ssh-rsa.c,v 1.5 2001/01/21 19:05:58 markus Exp $");
#include <openssl/evp.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include <openssl/err.h>
+#include "xmalloc.h"
+#include "log.h"
+#include "buffer.h"
+#include "bufaux.h"
#include "key.h"
/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 110f51ef1b4..41e24605e97 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -39,29 +39,31 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.83 2001/01/19 15:55:11 markus Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.84 2001/01/21 19:05:58 markus Exp $");
#include <openssl/evp.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include <openssl/err.h>
-#include "xmalloc.h"
#include "ssh.h"
-#include "packet.h"
-#include "buffer.h"
-#include "readconf.h"
-#include "uidswap.h"
-
#include "ssh1.h"
#include "ssh2.h"
#include "compat.h"
+#include "cipher.h"
+#include "xmalloc.h"
+#include "packet.h"
+#include "buffer.h"
+#include "uidswap.h"
#include "channels.h"
#include "key.h"
#include "authfd.h"
#include "authfile.h"
#include "pathnames.h"
#include "clientloop.h"
+#include "log.h"
+#include "readconf.h"
+#include "sshconnect.h"
+#include "tildexpand.h"
+#include "misc.h"
extern char *__progname;
diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h
index 6dffccbd6b2..8860ff84aad 100644
--- a/usr.bin/ssh/ssh.h
+++ b/usr.bin/ssh/ssh.h
@@ -3,8 +3,6 @@
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
*
- * Generic header file for ssh.
- *
* As far as I am concerned, the code I have written for this software
* can be used freely for any purpose. Any derived versions of this
* software must be clearly marked as such, and if the derived work is
@@ -12,13 +10,13 @@
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: ssh.h,v 1.60 2001/01/19 15:55:11 markus Exp $"); */
+/* RCSID("$OpenBSD: ssh.h,v 1.61 2001/01/21 19:05:59 markus Exp $"); */
#ifndef SSH_H
#define SSH_H
-#include "rsa.h"
-#include "cipher.h"
+//#include "rsa.h"
+//#include "cipher.h"
/* Cipher used for encrypting authentication files. */
#define SSH_AUTHFILE_CIPHER SSH_CIPHER_3DES
@@ -87,265 +85,4 @@
/* Name of Kerberos service for SSH to use. */
#define KRB4_SERVICE_NAME "rcmd"
-
-/*------------ definitions for login.c -------------*/
-
-/*
- * Returns the time when the user last logged in. Returns 0 if the
- * information is not available. This must be called before record_login.
- * The host from which the user logged in is stored in buf.
- */
-u_long
-get_last_login_time(uid_t uid, const char *logname,
- char *buf, u_int bufsize);
-
-/*
- * Records that the user has logged in. This does many things normally done
- * by login(1).
- */
-void
-record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
- const char *host, struct sockaddr *addr);
-
-/*
- * Records that the user has logged out. This does many thigs normally done
- * by login(1) or init.
- */
-void record_logout(pid_t pid, const char *ttyname);
-
-/*------------ definitions for sshconnect.c ----------*/
-
-/*
- * Opens a TCP/IP connection to the remote server on the given host. If port
- * is 0, the default port will be used. If anonymous is zero, a privileged
- * port will be allocated to make the connection. This requires super-user
- * privileges if anonymous is false. Connection_attempts specifies the
- * maximum number of tries, one per second. This returns true on success,
- * and zero on failure. If the connection is successful, this calls
- * packet_set_connection for the connection.
- */
-int
-ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
- u_short port, int connection_attempts,
- int anonymous, uid_t original_real_uid,
- const char *proxy_command);
-
-/*
- * Starts a dialog with the server, and authenticates the current user on the
- * server. This does not need any extra privileges. The basic connection to
- * the server must already have been established before this is called. If
- * login fails, this function prints an error and never returns. This
- * initializes the random state, and leaves it initialized (it will also have
- * references from the packet module).
- */
-
-void
-ssh_login(int host_key_valid, RSA * host_key, const char *host,
- struct sockaddr * hostaddr, uid_t original_real_uid);
-
-/*------------ Definitions for various authentication methods. -------*/
-
-/*
- * Tries to authenticate the user using the .rhosts file. Returns true if
- * authentication succeeds. If ignore_rhosts is non-zero, this will not
- * consider .rhosts and .shosts (/etc/hosts.equiv will still be used).
- */
-int auth_rhosts(struct passwd * pw, const char *client_user);
-
-/*
- * Tries to authenticate the user using the .rhosts file and the host using
- * its host key. Returns true if authentication succeeds.
- */
-int
-auth_rhosts_rsa(struct passwd * pw, const char *client_user, RSA* client_host_key);
-
-/*
- * Tries to authenticate the user using password. Returns true if
- * authentication succeeds.
- */
-int auth_password(struct passwd * pw, const char *password);
-
-/*
- * Performs the RSA authentication dialog with the client. This returns 0 if
- * the client could not be authenticated, and 1 if authentication was
- * successful. This may exit if there is a serious protocol violation.
- */
-int auth_rsa(struct passwd * pw, BIGNUM * client_n);
-
-/*
- * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
- * over the key. Skips any whitespace at the beginning and at end.
- */
-int auth_rsa_read_key(char **cpp, u_int *bitsp, BIGNUM * e, BIGNUM * n);
-
-/*
- * Returns the name of the machine at the other end of the socket. The
- * returned string should be freed by the caller.
- */
-char *get_remote_hostname(int socket);
-
-/*
- * Return the canonical name of the host in the other side of the current
- * connection (as returned by packet_get_connection). The host name is
- * cached, so it is efficient to call this several times.
- */
-const char *get_canonical_hostname(void);
-
-/*
- * Returns the remote IP address as an ascii string. The value need not be
- * freed by the caller.
- */
-const char *get_remote_ipaddr(void);
-
-/* Returns the port number of the peer of the socket. */
-int get_peer_port(int sock);
-
-/* Returns the port number of the remote/local host. */
-int get_remote_port(void);
-int get_local_port(void);
-
-
-/*
- * Performs the RSA authentication challenge-response dialog with the client,
- * and returns true (non-zero) if the client gave the correct answer to our
- * challenge; returns zero if the client gives a wrong answer.
- */
-int auth_rsa_challenge_dialog(RSA *pk);
-
-/*
- * Reads a passphrase from /dev/tty with echo turned off. Returns the
- * passphrase (allocated with xmalloc). Exits if EOF is encountered. If
- * from_stdin is true, the passphrase will be read from stdin instead.
- */
-char *read_passphrase(char *prompt, int from_stdin);
-
-
-/*------------ Definitions for logging. -----------------------*/
-
-/* Supported syslog facilities and levels. */
-typedef enum {
- SYSLOG_FACILITY_DAEMON,
- SYSLOG_FACILITY_USER,
- SYSLOG_FACILITY_AUTH,
- SYSLOG_FACILITY_LOCAL0,
- SYSLOG_FACILITY_LOCAL1,
- SYSLOG_FACILITY_LOCAL2,
- SYSLOG_FACILITY_LOCAL3,
- SYSLOG_FACILITY_LOCAL4,
- SYSLOG_FACILITY_LOCAL5,
- SYSLOG_FACILITY_LOCAL6,
- SYSLOG_FACILITY_LOCAL7
-} SyslogFacility;
-
-typedef enum {
- SYSLOG_LEVEL_QUIET,
- SYSLOG_LEVEL_FATAL,
- SYSLOG_LEVEL_ERROR,
- SYSLOG_LEVEL_INFO,
- SYSLOG_LEVEL_VERBOSE,
- SYSLOG_LEVEL_DEBUG1,
- SYSLOG_LEVEL_DEBUG2,
- SYSLOG_LEVEL_DEBUG3
-} LogLevel;
-/* Initializes logging. */
-void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr);
-
-/* Logging implementation, depending on server or client */
-void do_log(LogLevel level, const char *fmt, va_list args);
-
-/* name to facility/level */
-SyslogFacility log_facility_number(char *name);
-LogLevel log_level_number(char *name);
-
-/* Output a message to syslog or stderr */
-void fatal(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-void error(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-void log(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-void verbose(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-void debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-void debug2(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-void debug3(const char *fmt,...) __attribute__((format(printf, 1, 2)));
-
-/* same as fatal() but w/o logging */
-void fatal_cleanup(void);
-
-/*
- * Registers a cleanup function to be called by fatal()/fatal_cleanup()
- * before exiting. It is permissible to call fatal_remove_cleanup for the
- * function itself from the function.
- */
-void fatal_add_cleanup(void (*proc) (void *context), void *context);
-
-/* Removes a cleanup function to be called at fatal(). */
-void fatal_remove_cleanup(void (*proc) (void *context), void *context);
-
-/* ---- misc */
-
-/*
- * Expands tildes in the file name. Returns data allocated by xmalloc.
- * Warning: this calls getpw*.
- */
-char *tilde_expand_filename(const char *filename, uid_t my_uid);
-
-/* remove newline at end of string */
-char *chop(char *s);
-
-/* return next token in configuration line */
-char *strdelim(char **s);
-
-/* set filedescriptor to non-blocking */
-void set_nonblock(int fd);
-
-/*
- * Performs the interactive session. This handles data transmission between
- * the client and the program. Note that the notion of stdin, stdout, and
- * stderr in this function is sort of reversed: this function writes to stdin
- * (of the child program), and reads from stdout and stderr (of the child
- * program).
- */
-void server_loop(pid_t pid, int fdin, int fdout, int fderr);
-void server_loop2(void);
-
-/* Client side main loop for the interactive session. */
-int client_loop(int have_pty, int escape_char, int id);
-
-/* Linked list of custom environment strings (see auth-rsa.c). */
-struct envstring {
- struct envstring *next;
- char *s;
-};
-
-/*
- * Ensure all of data on socket comes through. f==read || f==write
- */
-ssize_t atomicio(ssize_t (*f)(), int fd, void *s, size_t n);
-
-#ifdef KRB4
-#include <krb.h>
-/*
- * Performs Kerberos v4 mutual authentication with the client. This returns 0
- * if the client could not be authenticated, and 1 if authentication was
- * successful. This may exit if there is a serious protocol violation.
- */
-int auth_krb4(const char *server_user, KTEXT auth, char **client);
-int krb4_init(uid_t uid);
-void krb4_cleanup_proc(void *ignore);
-int auth_krb4_password(struct passwd * pw, const char *password);
-
-#ifdef AFS
-#include <kafs.h>
-
-/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */
-int auth_kerberos_tgt(struct passwd * pw, const char *string);
-int auth_afs_token(struct passwd * pw, const char *token_string);
-
-int creds_to_radix(CREDENTIALS * creds, u_char *buf, size_t buflen);
-int radix_to_creds(const char *buf, CREDENTIALS * creds);
-#endif /* AFS */
-
-#endif /* KRB4 */
-
-/* AF_UNSPEC or AF_INET or AF_INET6 */
-extern int IPv4or6;
-
#endif /* SSH_H */
diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c
index 8d24f8852cc..00649967439 100644
--- a/usr.bin/ssh/sshconnect.c
+++ b/usr.bin/ssh/sshconnect.c
@@ -13,23 +13,24 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.90 2001/01/13 18:32:50 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.91 2001/01/21 19:05:59 markus Exp $");
#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
+#include "ssh.h"
#include "xmalloc.h"
#include "rsa.h"
-#include "ssh.h"
#include "buffer.h"
#include "packet.h"
#include "uidswap.h"
#include "compat.h"
-#include "readconf.h"
#include "key.h"
#include "sshconnect.h"
#include "hostfile.h"
+#include "log.h"
+#include "readconf.h"
+#include "atomicio.h"
+#include "misc.h"
char *client_version_string = NULL;
char *server_version_string = NULL;
@@ -37,6 +38,9 @@ char *server_version_string = NULL;
extern Options options;
extern char *__progname;
+/* AF_UNSPEC or AF_INET or AF_INET6 */
+extern int IPv4or6;
+
/*
* Connect to the given ssh server using a proxy command.
*/
diff --git a/usr.bin/ssh/sshconnect.h b/usr.bin/ssh/sshconnect.h
index 720004675b3..4e16f2d8598 100644
--- a/usr.bin/ssh/sshconnect.h
+++ b/usr.bin/ssh/sshconnect.h
@@ -23,6 +23,34 @@
*/
#ifndef SSHCONNECT_H
#define SSHCONNECT_H
+/*
+ * Opens a TCP/IP connection to the remote server on the given host. If port
+ * is 0, the default port will be used. If anonymous is zero, a privileged
+ * port will be allocated to make the connection. This requires super-user
+ * privileges if anonymous is false. Connection_attempts specifies the
+ * maximum number of tries, one per second. This returns true on success,
+ * and zero on failure. If the connection is successful, this calls
+ * packet_set_connection for the connection.
+ */
+int
+ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
+ u_short port, int connection_attempts,
+ int anonymous, uid_t original_real_uid,
+ const char *proxy_command);
+
+/*
+ * Starts a dialog with the server, and authenticates the current user on the
+ * server. This does not need any extra privileges. The basic connection to
+ * the server must already have been established before this is called. If
+ * login fails, this function prints an error and never returns. This
+ * initializes the random state, and leaves it initialized (it will also have
+ * references from the packet module).
+ */
+
+void
+ssh_login(int host_key_valid, RSA * host_key, const char *host,
+ struct sockaddr * hostaddr, uid_t original_real_uid);
+
void
check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
diff --git a/usr.bin/ssh/sshconnect1.c b/usr.bin/ssh/sshconnect1.c
index ecfdfe5d6c0..d0c0215cab8 100644
--- a/usr.bin/ssh/sshconnect1.c
+++ b/usr.bin/ssh/sshconnect1.c
@@ -13,26 +13,36 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.17 2001/01/19 15:55:12 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.18 2001/01/21 19:06:00 markus Exp $");
#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include <openssl/evp.h>
-#include "xmalloc.h"
-#include "rsa.h"
+#ifdef KRB4
+#include <krb.h>
+#include "radix.h"
+#endif
+#ifdef AFS
+#include <kafs.h>
+#endif
+
#include "ssh.h"
#include "ssh1.h"
+#include "xmalloc.h"
+#include "rsa.h"
#include "buffer.h"
#include "packet.h"
#include "mpaux.h"
#include "uidswap.h"
+#include "log.h"
#include "readconf.h"
#include "key.h"
#include "authfd.h"
#include "sshconnect.h"
#include "authfile.h"
+#include "readpass.h"
+#include "cipher.h"
+#include "canohost.h"
/* Session id for the current session. */
u_char session_id[16];
diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c
index 88df3aaf7c8..6f41b987a12 100644
--- a/usr.bin/ssh/sshconnect2.c
+++ b/usr.bin/ssh/sshconnect2.c
@@ -23,25 +23,23 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.36 2001/01/20 18:20:29 stevesk Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.37 2001/01/21 19:06:00 markus Exp $");
#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
#include <openssl/md5.h>
#include <openssl/dh.h>
#include <openssl/hmac.h>
#include "ssh.h"
+#include "ssh2.h"
#include "xmalloc.h"
#include "rsa.h"
#include "buffer.h"
#include "packet.h"
#include "uidswap.h"
#include "compat.h"
-#include "readconf.h"
#include "bufaux.h"
-#include "ssh2.h"
+#include "cipher.h"
#include "kex.h"
#include "myproposal.h"
#include "key.h"
@@ -50,6 +48,9 @@ RCSID("$OpenBSD: sshconnect2.c,v 1.36 2001/01/20 18:20:29 stevesk Exp $");
#include "cli.h"
#include "dispatch.h"
#include "authfd.h"
+#include "log.h"
+#include "readconf.h"
+#include "readpass.h"
void ssh_dh1_client(Kex *, char *, struct sockaddr *, Buffer *, Buffer *);
void ssh_dhgex_client(Kex *, char *, struct sockaddr *, Buffer *, Buffer *);
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index 9148f0f7af7..21b0cdbe3ca 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -40,34 +40,36 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.154 2001/01/19 15:55:12 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.155 2001/01/21 19:06:00 markus Exp $");
+#include <openssl/dh.h>
+#include <openssl/bn.h>
+#include <openssl/hmac.h>
+
+#include "ssh.h"
+#include "ssh1.h"
+#include "ssh2.h"
#include "xmalloc.h"
#include "rsa.h"
-#include "ssh.h"
#include "pty.h"
#include "packet.h"
#include "mpaux.h"
+#include "log.h"
#include "servconf.h"
#include "uidswap.h"
#include "compat.h"
#include "buffer.h"
-
-#include "ssh1.h"
-#include "ssh2.h"
-#include <openssl/dh.h>
-#include <openssl/bn.h>
-#include <openssl/hmac.h>
+#include "cipher.h"
#include "kex.h"
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
#include "key.h"
#include "dh.h"
-
-#include "auth.h"
#include "myproposal.h"
#include "authfile.h"
#include "pathnames.h"
+#include "atomicio.h"
+#include "canohost.h"
+#include "auth.h"
+#include "misc.h"
#ifdef LIBWRAP
#include <tcpd.h>
diff --git a/usr.bin/ssh/tildexpand.c b/usr.bin/ssh/tildexpand.c
index b091d51ec0b..b72744683b7 100644
--- a/usr.bin/ssh/tildexpand.c
+++ b/usr.bin/ssh/tildexpand.c
@@ -11,10 +11,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: tildexpand.c,v 1.9 2000/12/19 23:17:59 markus Exp $");
+RCSID("$OpenBSD: tildexpand.c,v 1.10 2001/01/21 19:06:01 markus Exp $");
#include "xmalloc.h"
-#include "ssh.h"
+#include "log.h"
/*
* Expands tildes in the file name. Returns data allocated by xmalloc.
diff --git a/usr.bin/ssh/tildexpand.h b/usr.bin/ssh/tildexpand.h
new file mode 100644
index 00000000000..fc999773657
--- /dev/null
+++ b/usr.bin/ssh/tildexpand.h
@@ -0,0 +1,17 @@
+/*
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ * All rights reserved
+ *
+ * As far as I am concerned, the code I have written for this software
+ * can be used freely for any purpose. Any derived versions of this
+ * software must be clearly marked as such, and if the derived work is
+ * incompatible with the protocol description in the RFC file, it must be
+ * called by a name other than "ssh" or "Secure Shell".
+ */
+
+/*
+ * Expands tildes in the file name. Returns data allocated by xmalloc.
+ * Warning: this calls getpw*.
+ */
+char *tilde_expand_filename(const char *filename, uid_t my_uid);
diff --git a/usr.bin/ssh/ttymodes.c b/usr.bin/ssh/ttymodes.c
index 68d38614621..2516e931065 100644
--- a/usr.bin/ssh/ttymodes.c
+++ b/usr.bin/ssh/ttymodes.c
@@ -15,10 +15,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ttymodes.c,v 1.9 2001/01/19 15:55:12 markus Exp $");
+RCSID("$OpenBSD: ttymodes.c,v 1.10 2001/01/21 19:06:01 markus Exp $");
#include "packet.h"
-#include "ssh.h"
+#include "log.h"
#include "ssh1.h"
#define TTY_OP_END 0
diff --git a/usr.bin/ssh/uidswap.c b/usr.bin/ssh/uidswap.c
index fb95702a9c8..8b7f535bec9 100644
--- a/usr.bin/ssh/uidswap.c
+++ b/usr.bin/ssh/uidswap.c
@@ -12,9 +12,9 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: uidswap.c,v 1.12 2000/12/29 10:48:56 markus Exp $");
+RCSID("$OpenBSD: uidswap.c,v 1.13 2001/01/21 19:06:01 markus Exp $");
-#include "ssh.h"
+#include "log.h"
#include "uidswap.h"
/*
diff --git a/usr.bin/ssh/xmalloc.c b/usr.bin/ssh/xmalloc.c
index 738c9cdc390..566bbfd2027 100644
--- a/usr.bin/ssh/xmalloc.c
+++ b/usr.bin/ssh/xmalloc.c
@@ -13,9 +13,10 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: xmalloc.c,v 1.8 2000/09/07 20:27:55 deraadt Exp $");
+RCSID("$OpenBSD: xmalloc.c,v 1.9 2001/01/21 19:06:02 markus Exp $");
-#include "ssh.h"
+#include "xmalloc.h"
+#include "log.h"
void *
xmalloc(size_t size)