diff options
50 files changed, 405 insertions, 900 deletions
diff --git a/usr.bin/ssh/auth-options.h b/usr.bin/ssh/auth-options.h index db0e6e8fb9d..3b2ce344b0f 100644 --- a/usr.bin/ssh/auth-options.h +++ b/usr.bin/ssh/auth-options.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* $OpenBSD: auth-options.h,v 1.9 2001/06/26 06:32:47 itojun Exp $ */ +/* $OpenBSD: auth-options.h,v 1.10 2001/06/26 17:27:22 markus Exp $ */ #ifndef AUTH_OPTIONS_H #define AUTH_OPTIONS_H @@ -30,14 +30,7 @@ extern int no_pty_flag; extern char *forced_command; extern struct envstring *custom_environment; -/* - * return 1 if access is granted, 0 if not. - * side effect: sets key option flags - */ -int -auth_parse_options(struct passwd *, char *, char *, u_long); - -/* reset options flags */ +int auth_parse_options(struct passwd *, char *, char *, u_long); void auth_clear_options(void); #endif diff --git a/usr.bin/ssh/auth.h b/usr.bin/ssh/auth.h index 01351d78da8..ffc9a004083 100644 --- a/usr.bin/ssh/auth.h +++ b/usr.bin/ssh/auth.h @@ -21,7 +21,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $OpenBSD: auth.h,v 1.21 2001/06/26 16:15:23 dugsong Exp $ + * $OpenBSD: auth.h,v 1.22 2001/06/26 17:27:22 markus Exp $ */ #ifndef AUTH_H #define AUTH_H @@ -87,70 +87,29 @@ struct KbdintDevice void (*free_ctx) __P((void *ctx)); }; -/* - * Tries to authenticate the user using the .rhosts file. Returns true if - * authentication succeeds. If ignore_rhosts is non-zero, this will not - * consider .rhosts and .shosts (/etc/hosts.equiv will still be used). - */ int auth_rhosts(struct passwd *, const char *); - -/* extended interface similar to auth_rhosts() */ int auth_rhosts2(struct passwd *, const char *, const char *, const char *); -/* - * Tries to authenticate the user using the .rhosts file and the host using - * its host key. Returns true if authentication succeeds. - */ -int -auth_rhosts_rsa(struct passwd *, const char *, RSA *); - -/* - * Tries to authenticate the user using password. Returns true if - * authentication succeeds. - */ -int auth_password(Authctxt *, const char *); - -/* - * Performs the RSA authentication dialog with the client. This returns 0 if - * the client could not be authenticated, and 1 if authentication was - * successful. This may exit if there is a serious protocol violation. - */ -int auth_rsa(struct passwd *, BIGNUM *); - -/* - * Parses an RSA key (number of bits, e, n) from a string. Moves the pointer - * over the key. Skips any whitespace at the beginning and at end. - */ -int auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *); - -/* - * Performs the RSA authentication challenge-response dialog with the client, - * and returns true (non-zero) if the client gave the correct answer to our - * challenge; returns zero if the client gives a wrong answer. - */ -int auth_rsa_challenge_dialog(RSA *); +int auth_rhosts_rsa(struct passwd *, const char *, RSA *); +int auth_password(Authctxt *, const char *); +int auth_rsa(struct passwd *, BIGNUM *); +int auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *); +int auth_rsa_challenge_dialog(RSA *); #ifdef KRB4 #include <krb.h> -/* - * Performs Kerberos v4 mutual authentication with the client. This returns 0 - * if the client could not be authenticated, and 1 if authentication was - * successful. This may exit if there is a serious protocol violation. - */ int auth_krb4(Authctxt *, KTEXT, char **); int auth_krb4_password(Authctxt *, const char *); void krb4_cleanup_proc(void *); #ifdef AFS #include <kafs.h> - -/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */ int auth_krb4_tgt(Authctxt *, const char *); int auth_afs_token(Authctxt *, const char *); -#endif /* AFS */ +#endif /* AFS */ -#endif /* KRB4 */ +#endif /* KRB4 */ #ifdef KRB5 int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client); @@ -176,16 +135,13 @@ int verify_response(Authctxt *, const char *); struct passwd * auth_get_user(void); -/* expand a filename - return buffer is allocated by xmalloc */ char *expand_filename(const char *, struct passwd *); char *authorized_keys_file(struct passwd *); char *authorized_keys_file2(struct passwd *); -/* check a file and the path to it */ int secure_filename(FILE *, const char *, struct passwd *, char *, size_t); -/* helper for hostbased auth */ HostStatus check_key_in_hostfiles(struct passwd *, Key *, const char *, const char *, const char *); diff --git a/usr.bin/ssh/authfd.h b/usr.bin/ssh/authfd.h index 4fe35aff8b6..5aac78bda91 100644 --- a/usr.bin/ssh/authfd.h +++ b/usr.bin/ssh/authfd.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: authfd.h,v 1.18 2001/06/26 06:32:47 itojun Exp $"); */ +/* RCSID("$OpenBSD: authfd.h,v 1.19 2001/06/26 17:27:22 markus Exp $"); */ #ifndef AUTHFD_H #define AUTHFD_H @@ -43,96 +43,35 @@ #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 /* additional error code for ssh.com's ssh-agent2 */ -#define SSH_COM_AGENT2_FAILURE 102 +#define SSH_COM_AGENT2_FAILURE 102 #define SSH_AGENT_OLD_SIGNATURE 0x01 - typedef struct { int fd; Buffer identities; int howmany; } AuthenticationConnection; -/* Returns the number of the authentication fd, or -1 if there is none. */ -int ssh_get_authentication_socket(void); - -/* - * This should be called for any descriptor returned by - * ssh_get_authentication_socket(). Depending on the way the descriptor was - * obtained, this may close the descriptor. - */ -void ssh_close_authentication_socket(int); +int ssh_get_authentication_socket(void); +void ssh_close_authentication_socket(int); -/* - * Opens and connects a private socket for communication with the - * authentication agent. Returns NULL if an error occurred and the - * connection could not be opened. The connection should be closed by the - * caller by calling ssh_close_authentication_connection(). - */ AuthenticationConnection *ssh_get_authentication_connection(void); - -/* - * Closes the connection to the authentication agent and frees any associated - * memory. - */ -void ssh_close_authentication_connection(AuthenticationConnection *); - -/* - * Returns the number authentication identity held by the agent. - */ -int ssh_get_num_identities(AuthenticationConnection *, int); - -/* - * Returns the first authentication identity held by the agent or NULL if - * no identies are available. Caller must free comment and key. - * Note that you cannot mix calls with different versions. - */ +void ssh_close_authentication_connection(AuthenticationConnection *); +int ssh_get_num_identities(AuthenticationConnection *, int); Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); - -/* - * Returns the next authentication identity for the agent. Other functions - * can be called between this and ssh_get_first_identity or two calls of this - * function. This returns NULL if there are no more identities. The caller - * must free key and comment after a successful return. - */ Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); +int ssh_add_identity(AuthenticationConnection *, Key *, const char *); +int ssh_remove_identity(AuthenticationConnection *, Key *); +int ssh_remove_all_identities(AuthenticationConnection *, int); +int ssh_update_card(AuthenticationConnection *, int, int); -/* - * Requests the agent to decrypt the given challenge. Returns true if the - * agent claims it was able to decrypt it. - */ int ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], u_int, u_char[16]); -/* Requests the agent to sign data using key */ -int -ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, int *, - u_char *, int); - -/* - * Adds an identity to the authentication server. This call is not meant to - * be used by normal applications. This returns true if the identity was - * successfully added. - */ int -ssh_add_identity(AuthenticationConnection *, Key *, const char *); - -/* - * Removes the identity from the authentication server. This call is not - * meant to be used by normal applications. This returns true if the - * identity was successfully added. - */ -int ssh_remove_identity(AuthenticationConnection *, Key *); - -/* - * Removes all identities from the authentication agent. This call is not - * meant to be used by normal applications. This returns true if the - * operation was successful. - */ -int ssh_remove_all_identities(AuthenticationConnection *, int); - -int ssh_update_card(AuthenticationConnection *, int, int); +ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, int *, u_char *, + int); #endif /* AUTHFD_H */ diff --git a/usr.bin/ssh/authfile.h b/usr.bin/ssh/authfile.h index 982645d5034..c8b31fbe66e 100644 --- a/usr.bin/ssh/authfile.h +++ b/usr.bin/ssh/authfile.h @@ -10,24 +10,15 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* $OpenBSD: authfile.h,v 1.7 2001/06/26 06:32:48 itojun Exp $ */ +/* $OpenBSD: authfile.h,v 1.8 2001/06/26 17:27:22 markus Exp $ */ #ifndef AUTHFILE_H #define AUTHFILE_H -int -key_save_private(Key *, const char *, const char *, const char *); - -Key * -key_load_public(const char *, char **); - -Key * -key_load_public_type(int, const char *, char **); - -Key * -key_load_private(const char *, const char *, char **); - -Key * -key_load_private_type(int, const char *, const char *, char **); +int key_save_private(Key *, const char *, const char *, const char *); +Key *key_load_public(const char *, char **); +Key *key_load_public_type(int, const char *, char **); +Key *key_load_private(const char *, const char *, char **); +Key *key_load_private_type(int, const char *, const char *, char **); #endif diff --git a/usr.bin/ssh/bufaux.h b/usr.bin/ssh/bufaux.h index c2b1dc99d83..eb4f413f4fb 100644 --- a/usr.bin/ssh/bufaux.h +++ b/usr.bin/ssh/bufaux.h @@ -10,7 +10,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: bufaux.h,v 1.12 2001/06/26 06:32:48 itojun Exp $"); */ +/* RCSID("$OpenBSD: bufaux.h,v 1.13 2001/06/26 17:27:22 markus Exp $"); */ #ifndef BUFAUX_H #define BUFAUX_H @@ -18,42 +18,21 @@ #include "buffer.h" #include <openssl/bn.h> -/* - * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed - * by (bits+7)/8 bytes of binary data, msb first. - */ void buffer_put_bignum(Buffer *, BIGNUM *); void buffer_put_bignum2(Buffer *, BIGNUM *); - -/* Retrieves an BIGNUM from the buffer. */ int buffer_get_bignum(Buffer *, BIGNUM *); int buffer_get_bignum2(Buffer *, BIGNUM *); -/* Returns an integer from the buffer (4 bytes, msb first). */ -u_int buffer_get_int(Buffer *); -u_int64_t buffer_get_int64(Buffer *); - -/* Stores an integer in the buffer in 4 bytes, msb first. */ +u_int buffer_get_int(Buffer *); void buffer_put_int(Buffer *, u_int); + +u_int64_t buffer_get_int64(Buffer *); void buffer_put_int64(Buffer *, u_int64_t); -/* Returns a character from the buffer (0 - 255). */ int buffer_get_char(Buffer *); - -/* Stores a character in the buffer. */ void buffer_put_char(Buffer *, int); -/* - * Returns an arbitrary binary string from the buffer. The string cannot be - * longer than 256k. The returned value points to memory allocated with - * xmalloc; it is the responsibility of the calling function to free the - * data. If length_ptr is non-NULL, the length of the returned data will be - * stored there. A null character will be automatically appended to the - * returned string, and is not counted in length. - */ char *buffer_get_string(Buffer *, u_int *); - -/* Stores and arbitrary binary string in the buffer. */ void buffer_put_string(Buffer *, const void *, u_int); void buffer_put_cstring(Buffer *, const char *); diff --git a/usr.bin/ssh/buffer.h b/usr.bin/ssh/buffer.h index 5e9fc278d9f..845bfb69707 100644 --- a/usr.bin/ssh/buffer.h +++ b/usr.bin/ssh/buffer.h @@ -11,56 +11,33 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: buffer.h,v 1.8 2001/06/26 06:32:48 itojun Exp $"); */ +/* RCSID("$OpenBSD: buffer.h,v 1.9 2001/06/26 17:27:23 markus Exp $"); */ #ifndef BUFFER_H #define BUFFER_H typedef struct { - char *buf; /* Buffer for data. */ - u_int alloc; /* Number of bytes allocated for data. */ - u_int offset; /* Offset of first byte containing data. */ - u_int end; /* Offset of last byte containing data. */ + char *buf; /* Buffer for data. */ + u_int alloc; /* Number of bytes allocated for data. */ + u_int offset; /* Offset of first byte containing data. */ + u_int end; /* Offset of last byte containing data. */ } Buffer; -/* Initializes the buffer structure. */ -void buffer_init(Buffer *); -/* Frees any memory used for the buffer. */ -void buffer_free(Buffer *); +void buffer_init(Buffer *); +void buffer_clear(Buffer *); +void buffer_free(Buffer *); -/* Clears any data from the buffer, making it empty. This does not actually - zero the memory. */ -void buffer_clear(Buffer *); +u_int buffer_len(Buffer *); +char *buffer_ptr(Buffer *); -/* Appends data to the buffer, expanding it if necessary. */ -void buffer_append(Buffer *, const char *, u_int); +void buffer_append(Buffer *, const char *, u_int); +void buffer_append_space(Buffer *, char **, u_int); -/* - * Appends space to the buffer, expanding the buffer if necessary. This does - * not actually copy the data into the buffer, but instead returns a pointer - * to the allocated region. - */ -void buffer_append_space(Buffer *, char **, u_int); - -/* Returns the number of bytes of data in the buffer. */ -u_int buffer_len(Buffer *); - -/* Gets data from the beginning of the buffer. */ -void buffer_get(Buffer *, char *, u_int); +void buffer_get(Buffer *, char *, u_int); -/* Consumes the given number of bytes from the beginning of the buffer. */ -void buffer_consume(Buffer *, u_int); +void buffer_consume(Buffer *, u_int); +void buffer_consume_end(Buffer *, u_int); -/* Consumes the given number of bytes from the end of the buffer. */ -void buffer_consume_end(Buffer *, u_int); - -/* Returns a pointer to the first used byte in the buffer. */ -char *buffer_ptr(Buffer *); - -/* - * Dumps the contents of the buffer to stderr in hex. This intended for - * debugging purposes only. - */ -void buffer_dump(Buffer *); +void buffer_dump(Buffer *); #endif /* BUFFER_H */ diff --git a/usr.bin/ssh/canohost.h b/usr.bin/ssh/canohost.h index 66e64d506e0..4347b488a14 100644 --- a/usr.bin/ssh/canohost.h +++ b/usr.bin/ssh/canohost.h @@ -1,4 +1,4 @@ -/* $OpenBSD: canohost.h,v 1.7 2001/06/26 06:32:49 itojun Exp $ */ +/* $OpenBSD: canohost.h,v 1.8 2001/06/26 17:27:23 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -12,27 +12,14 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* - * Return the canonical name of the host in the other side of the current - * connection (as returned by packet_get_connection). The host name is - * cached, so it is efficient to call this several times. - */ -const char *get_canonical_hostname(int); - -/* - * Returns the IP-address of the remote host as a string. The returned - * string is cached and must not be freed. - */ -const char *get_remote_ipaddr(void); - -const char *get_remote_name_or_ip(u_int, int); +const char *get_canonical_hostname(int); +const char *get_remote_ipaddr(void); +const char *get_remote_name_or_ip(u_int, int); -/* Returns the ipaddr/port number of the peer of the socket. */ -char * get_peer_ipaddr(int); -int get_peer_port(int); -char * get_local_ipaddr(int); -char * get_local_name(int); +char *get_peer_ipaddr(int); +int get_peer_port(int); +char *get_local_ipaddr(int); +char *get_local_name(int); -/* Returns the port number of the remote/local host. */ -int get_remote_port(void); -int get_local_port(void); +int get_remote_port(void); +int get_local_port(void); diff --git a/usr.bin/ssh/channels.h b/usr.bin/ssh/channels.h index 3a114e070e3..98bba1aedf0 100644 --- a/usr.bin/ssh/channels.h +++ b/usr.bin/ssh/channels.h @@ -32,7 +32,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: channels.h,v 1.41 2001/06/26 06:32:49 itojun Exp $"); */ +/* RCSID("$OpenBSD: channels.h,v 1.42 2001/06/26 17:27:23 markus Exp $"); */ #ifndef CHANNEL_H #define CHANNEL_H @@ -58,10 +58,6 @@ #define SSH_CHANNEL_PATH_LEN 30 -/* - * Data structure for channel data. This is initialized in channel_new - * and cleared in channel_free. - */ struct Channel; typedef struct Channel Channel; @@ -139,87 +135,87 @@ struct Channel { #define CHAN_CLOSE_SENT 0x01 #define CHAN_CLOSE_RCVD 0x02 - /* channel management */ Channel *channel_lookup(int); Channel *channel_new(char *, int, int, int, int, int, int, int, char *, int); -void channel_set_fds(int, int, int, int, int, int); -void channel_free(Channel *); -void channel_free_all(void); - -void channel_send_open(int); -void channel_request(int, char *, int); -void channel_request_start(int, char *, int); -void channel_register_callback(int, int mtype, channel_callback_fn *, void *); -void channel_register_cleanup(int, channel_callback_fn *); -void channel_register_filter(int, channel_filter_fn *); -void channel_cancel_cleanup(int); +void channel_set_fds(int, int, int, int, int, int); +void channel_free(Channel *); +void channel_free_all(void); + +void channel_send_open(int); +void channel_request(int, char *, int); +void channel_request_start(int, char *, int); +void channel_register_callback(int, int mtype, channel_callback_fn *, void *); +void channel_register_cleanup(int, channel_callback_fn *); +void channel_register_filter(int, channel_filter_fn *); +void channel_cancel_cleanup(int); /* protocol handler */ -void channel_input_channel_request(int, int, void *); -void channel_input_close(int, int, void *); -void channel_input_close_confirmation(int, int, void *); -void channel_input_data(int, int, void *); -void channel_input_extended_data(int, int, void *); -void channel_input_ieof(int, int, void *); -void channel_input_oclose(int, int, void *); -void channel_input_open_confirmation(int, int, void *); -void channel_input_open_failure(int, int, void *); -void channel_input_port_open(int, int, void *); -void channel_input_window_adjust(int, int, void *); +void channel_input_channel_request(int, int, void *); +void channel_input_close(int, int, void *); +void channel_input_close_confirmation(int, int, void *); +void channel_input_data(int, int, void *); +void channel_input_extended_data(int, int, void *); +void channel_input_ieof(int, int, void *); +void channel_input_oclose(int, int, void *); +void channel_input_open_confirmation(int, int, void *); +void channel_input_open_failure(int, int, void *); +void channel_input_port_open(int, int, void *); +void channel_input_window_adjust(int, int, void *); /* file descriptor handling (read/write) */ -void -channel_prepare_select(fd_set **, fd_set **, int *, int); -void channel_after_select(fd_set *, fd_set *); -void channel_output_poll(void); +void channel_prepare_select(fd_set **, fd_set **, int *, int); +void channel_after_select(fd_set *, fd_set *); +void channel_output_poll(void); -int channel_not_very_much_buffered_data(void); -void channel_close_all(void); -void channel_free_all(void); -int channel_still_open(void); -char *channel_open_message(void); -int channel_find_open(void); +int channel_not_very_much_buffered_data(void); +void channel_close_all(void); +void channel_free_all(void); +int channel_still_open(void); +char *channel_open_message(void); +int channel_find_open(void); /* channel_tcpfwd.c */ -int -channel_request_local_forwarding(u_short, const char *, u_short, int); +void channel_permit_all_opens(void); +void channel_add_permitted_opens(char *, int); +void channel_clear_permitted_opens(void); +void channel_input_port_forward_request(int, int); +int channel_connect_to(const char *, u_short); +int channel_connect_by_listen_adress(u_short); +void channel_request_remote_forwarding(u_short, const char *, u_short); +int channel_request_local_forwarding(u_short, const char *, u_short, int); int channel_request_forwarding(const char *, u_short, const char *, u_short, int, int); -void -channel_request_remote_forwarding(u_short, const char *, u_short); -void channel_permit_all_opens(void); -void channel_add_permitted_opens(char *, int); -void channel_clear_permitted_opens(void); -void channel_input_port_forward_request(int, int); -int channel_connect_to(const char *, u_short); -int channel_connect_by_listen_adress(u_short); /* x11 forwarding */ -int x11_connect_display(void); -char *x11_create_display(int); -char *x11_create_display_inet(int, int); -void x11_input_open(int, int, void *); -void x11_request_forwarding(void); -void -x11_request_forwarding_with_spoofing(int, const char *, const char *); -void deny_input_open(int, int, void *); +int x11_connect_display(void); +char *x11_create_display(int); +char *x11_create_display_inet(int, int); +void x11_input_open(int, int, void *); +void x11_request_forwarding(void); +void x11_request_forwarding_with_spoofing(int, const char *, const char *); +void deny_input_open(int, int, void *); /* agent forwarding */ -void auth_request_forwarding(void); -char *auth_get_socket_name(void); -void auth_sock_cleanup_proc(void *); -int auth_input_request_forwarding(struct passwd *); -void auth_input_open_request(int, int, void *); +void auth_request_forwarding(void); +char *auth_get_socket_name(void); +void auth_sock_cleanup_proc(void *); +int auth_input_request_forwarding(struct passwd *); +void auth_input_open_request(int, int, void *); /* channel close */ +int chan_is_dead(Channel *); +void chan_mark_dead(Channel *); +void chan_init_iostates(Channel *); +void chan_init(void); + typedef void chan_event_fn(Channel *); /* for the input state */ @@ -232,9 +228,4 @@ extern chan_event_fn *chan_rcvd_ieof; extern chan_event_fn *chan_write_failed; extern chan_event_fn *chan_obuf_empty; -int chan_is_dead(Channel *); -void chan_mark_dead(Channel *); -void chan_init_iostates(Channel *); -void chan_init(void); - #endif diff --git a/usr.bin/ssh/cipher.h b/usr.bin/ssh/cipher.h index 16dd06230f6..1b79d4d6925 100644 --- a/usr.bin/ssh/cipher.h +++ b/usr.bin/ssh/cipher.h @@ -32,7 +32,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: cipher.h,v 1.27 2001/06/26 06:32:49 itojun Exp $"); */ +/* RCSID("$OpenBSD: cipher.h,v 1.28 2001/06/26 17:27:23 markus Exp $"); */ #ifndef CIPHER_H #define CIPHER_H @@ -104,16 +104,16 @@ struct Cipher { void (*decrypt)(CipherContext *, u_char *, const u_char *, u_int); }; -u_int cipher_mask_ssh1(int); -Cipher *cipher_by_name(const char *); -Cipher *cipher_by_number(int); -int cipher_number(const char *); -char *cipher_name(int); -int ciphers_valid(const char *); -void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, +u_int cipher_mask_ssh1(int); +Cipher *cipher_by_name(const char *); +Cipher *cipher_by_number(int); +int cipher_number(const char *); +char *cipher_name(int); +int ciphers_valid(const char *); +void cipher_init(CipherContext *, Cipher *, const u_char *, u_int, const u_char *, u_int); -void cipher_encrypt(CipherContext *, u_char *, const u_char *, u_int); -void cipher_decrypt(CipherContext *, u_char *, const u_char *, u_int); -void cipher_set_key_string(CipherContext *, Cipher *, const char *); +void cipher_encrypt(CipherContext *, u_char *, const u_char *, u_int); +void cipher_decrypt(CipherContext *, u_char *, const u_char *, u_int); +void cipher_set_key_string(CipherContext *, Cipher *, const char *); #endif /* CIPHER_H */ diff --git a/usr.bin/ssh/clientloop.h b/usr.bin/ssh/clientloop.h index b7f48aa862c..1bc9a95236c 100644 --- a/usr.bin/ssh/clientloop.h +++ b/usr.bin/ssh/clientloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.h,v 1.5 2001/06/26 06:32:50 itojun Exp $ */ +/* $OpenBSD: clientloop.h,v 1.6 2001/06/26 17:27:23 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -36,4 +36,4 @@ */ /* Client side main loop for the interactive session. */ -int client_loop(int, int, int); +int client_loop(int, int, int); diff --git a/usr.bin/ssh/compat.h b/usr.bin/ssh/compat.h index a44f321cea2..7d688cc9e58 100644 --- a/usr.bin/ssh/compat.h +++ b/usr.bin/ssh/compat.h @@ -21,7 +21,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* RCSID("$OpenBSD: compat.h,v 1.27 2001/06/26 06:32:50 itojun Exp $"); */ +/* RCSID("$OpenBSD: compat.h,v 1.28 2001/06/26 17:27:23 markus Exp $"); */ #ifndef COMPAT_H #define COMPAT_H @@ -51,11 +51,12 @@ #define SSH_BUG_OPENFAILURE 0x00020000 #define SSH_BUG_DERIVEKEY 0x00040000 -void enable_compat13(void); -void enable_compat20(void); -void compat_datafellows(const char *); -int proto_spec(const char *); +void enable_compat13(void); +void enable_compat20(void); +void compat_datafellows(const char *); +int proto_spec(const char *); char *compat_cipher_proposal(char *); + extern int compat13; extern int compat20; extern int datafellows; diff --git a/usr.bin/ssh/compress.h b/usr.bin/ssh/compress.h index a9d06fc05b5..2721d450c53 100644 --- a/usr.bin/ssh/compress.h +++ b/usr.bin/ssh/compress.h @@ -11,39 +11,15 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: compress.h,v 1.9 2001/06/26 06:32:50 itojun Exp $"); */ +/* RCSID("$OpenBSD: compress.h,v 1.10 2001/06/26 17:27:23 markus Exp $"); */ #ifndef COMPRESS_H #define COMPRESS_H -/* - * Initializes compression; level is compression level from 1 to 9 (as in - * gzip). - */ -void buffer_compress_init_send(int); -void buffer_compress_init_recv(void); - -/* Frees any data structures allocated by buffer_compress_init. */ -void buffer_compress_uninit(void); - -/* - * Compresses the contents of input_buffer into output_buffer. All packets - * compressed using this function will form a single compressed data stream; - * however, data will be flushed at the end of every call so that each - * output_buffer can be decompressed independently (but in the appropriate - * order since they together form a single compression stream) by the - * receiver. This appends the compressed data to the output buffer. - */ -void buffer_compress(Buffer *, Buffer *); - -/* - * Uncompresses the contents of input_buffer into output_buffer. All packets - * uncompressed using this function will form a single compressed data - * stream; however, data will be flushed at the end of every call so that - * each output_buffer. This must be called for the same size units that the - * buffer_compress was called, and in the same order that buffers compressed - * with that. This appends the uncompressed data to the output buffer. - */ -void buffer_uncompress(Buffer *, Buffer *); +void buffer_compress_init_send(int); +void buffer_compress_init_recv(void); +void buffer_compress_uninit(void); +void buffer_compress(Buffer *, Buffer *); +void buffer_uncompress(Buffer *, Buffer *); #endif /* COMPRESS_H */ diff --git a/usr.bin/ssh/crc32.h b/usr.bin/ssh/crc32.h index 4cd93339012..bdabc1b0992 100644 --- a/usr.bin/ssh/crc32.h +++ b/usr.bin/ssh/crc32.h @@ -11,15 +11,11 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: crc32.h,v 1.11 2001/06/26 06:32:51 itojun Exp $"); */ +/* RCSID("$OpenBSD: crc32.h,v 1.12 2001/06/26 17:27:23 markus Exp $"); */ #ifndef CRC32_H #define CRC32_H -/* - * This computes a 32 bit CRC of the data in the buffer, and returns the CRC. - * The polynomial used is 0xedb88320. - */ -u_int ssh_crc32(const u_char *, u_int); +u_int ssh_crc32(const u_char *, u_int); #endif /* CRC32_H */ diff --git a/usr.bin/ssh/deattack.h b/usr.bin/ssh/deattack.h index 24d3957a647..ddccdea5059 100644 --- a/usr.bin/ssh/deattack.h +++ b/usr.bin/ssh/deattack.h @@ -1,4 +1,4 @@ -/* $OpenBSD: deattack.h,v 1.6 2001/06/26 06:32:51 itojun Exp $ */ +/* $OpenBSD: deattack.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */ /* * Cryptographic attack detector for ssh - Header file @@ -26,5 +26,5 @@ #define DEATTACK_OK 0 #define DEATTACK_DETECTED 1 -int detect_attack(u_char *, u_int32_t, u_char[8]); +int detect_attack(u_char *, u_int32_t, u_char[8]); #endif diff --git a/usr.bin/ssh/dh.h b/usr.bin/ssh/dh.h index fd90fab5a6a..a0c97b2ff22 100644 --- a/usr.bin/ssh/dh.h +++ b/usr.bin/ssh/dh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.h,v 1.6 2001/06/26 06:32:52 itojun Exp $ */ +/* $OpenBSD: dh.h,v 1.7 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. @@ -37,10 +37,10 @@ DH *dh_new_group_asc(const char *, const char *); DH *dh_new_group(BIGNUM *, BIGNUM *); DH *dh_new_group1(void); -void dh_gen_key(DH *, int); -int dh_pub_is_valid(DH *, BIGNUM *); +void dh_gen_key(DH *, int); +int dh_pub_is_valid(DH *, BIGNUM *); -int dh_estimate(int); +int dh_estimate(int); #define DH_GRP_MIN 1024 #define DH_GRP_MAX 8192 diff --git a/usr.bin/ssh/dispatch.h b/usr.bin/ssh/dispatch.h index f796705a249..7b94032afab 100644 --- a/usr.bin/ssh/dispatch.h +++ b/usr.bin/ssh/dispatch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.h,v 1.5 2001/06/26 06:32:52 itojun Exp $ */ +/* $OpenBSD: dispatch.h,v 1.6 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -30,7 +30,7 @@ enum { typedef void dispatch_fn(int, int, void *); -void dispatch_init(dispatch_fn *); -void dispatch_set(int, dispatch_fn *); -void dispatch_run(int, int *, void *); -void dispatch_protocol_error(int, int, void *); +void dispatch_init(dispatch_fn *); +void dispatch_set(int, dispatch_fn *); +void dispatch_run(int, int *, void *); +void dispatch_protocol_error(int, int, void *); diff --git a/usr.bin/ssh/groupaccess.c b/usr.bin/ssh/groupaccess.c index ac9e00acaf2..cbfe720356d 100644 --- a/usr.bin/ssh/groupaccess.c +++ b/usr.bin/ssh/groupaccess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.c,v 1.3 2001/01/29 01:58:15 niklas Exp $ */ +/* $OpenBSD: groupaccess.c,v 1.4 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. @@ -34,6 +34,10 @@ static int ngroups; static char *groups_byname[NGROUPS_MAX + 1]; /* +1 for base/primary group */ +/* + * Initialize group access list for user with primary (base) and + * supplementary groups. Return the number of groups in the list. + */ int ga_init(const char *user, gid_t base) { @@ -53,6 +57,10 @@ ga_init(const char *user, gid_t base) return (ngroups = j); } +/* + * Return 1 if one of user's groups is contained in groups. + * Return 0 otherwise. Use match_pattern() for string comparison. + */ int ga_match(char * const *groups, int n) { @@ -65,6 +73,9 @@ ga_match(char * const *groups, int n) return 0; } +/* + * Free memory allocated for group access list. + */ void ga_free(void) { diff --git a/usr.bin/ssh/groupaccess.h b/usr.bin/ssh/groupaccess.h index 01e394f6919..ede4805c2c2 100644 --- a/usr.bin/ssh/groupaccess.h +++ b/usr.bin/ssh/groupaccess.h @@ -1,4 +1,4 @@ -/* $OpenBSD: groupaccess.h,v 1.3 2001/06/26 06:32:52 itojun Exp $ */ +/* $OpenBSD: groupaccess.h,v 1.4 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2001 Kevin Steves. All rights reserved. @@ -29,21 +29,8 @@ #include <grp.h> -/* - * Initialize group access list for user with primary (base) and - * supplementary groups. Return the number of groups in the list. - */ -int ga_init(const char *, gid_t); - -/* - * Return 1 if one of user's groups is contained in groups. - * Return 0 otherwise. Use match_pattern() for string comparison. - */ -int ga_match(char * const *, int); - -/* - * Free memory allocated for group access list. - */ -void ga_free(void); +int ga_init(const char *, gid_t); +int ga_match(char * const *, int); +void ga_free(void); #endif diff --git a/usr.bin/ssh/hostfile.h b/usr.bin/ssh/hostfile.h index b83b7700829..05ef69174d7 100644 --- a/usr.bin/ssh/hostfile.h +++ b/usr.bin/ssh/hostfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.8 2001/06/26 06:32:53 itojun Exp $ */ +/* $OpenBSD: hostfile.h,v 1.9 2001/06/26 17:27:23 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -14,26 +14,13 @@ #ifndef HOSTFILE_H #define HOSTFILE_H -int -auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *); - -/* - * Checks whether the given host is already in the list of our known hosts. - * Returns HOST_OK if the host is known and has the specified key, HOST_NEW - * if the host is not known, and HOST_CHANGED if the host is known but used - * to have a different host key. The host must be in all lowercase. - */ typedef enum { HOST_OK, HOST_NEW, HOST_CHANGED } HostStatus; HostStatus check_host_in_hostfile(const char *, const char *, Key *, Key *, int *); - -/* - * Appends an entry to the host file. Returns false if the entry could not - * be appended. - */ -int add_host_to_hostfile(const char *, const char *, Key *); +int add_host_to_hostfile(const char *, const char *, Key *); +int auth_rsa_read_key(char **, u_int *, BIGNUM *, BIGNUM *); #endif diff --git a/usr.bin/ssh/kex.h b/usr.bin/ssh/kex.h index 80ce31cefea..fe339211af7 100644 --- a/usr.bin/ssh/kex.h +++ b/usr.bin/ssh/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.25 2001/06/26 06:32:53 itojun Exp $ */ +/* $OpenBSD: kex.h,v 1.26 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -112,14 +112,14 @@ struct Kex { }; Kex *kex_setup(char *[PROPOSAL_MAX]); -void kex_finish(Kex *); +void kex_finish(Kex *); -void kex_send_kexinit(Kex *); -void kex_input_kexinit(int, int, void *); -void kex_derive_keys(Kex *, u_char *, BIGNUM *); +void kex_send_kexinit(Kex *); +void kex_input_kexinit(int, int, void *); +void kex_derive_keys(Kex *, u_char *, BIGNUM *); -void kexdh(Kex *); -void kexgex(Kex *); +void kexdh(Kex *); +void kexgex(Kex *); Newkeys *kex_get_newkeys(int); diff --git a/usr.bin/ssh/key.h b/usr.bin/ssh/key.h index db2dd324c25..562834c9895 100644 --- a/usr.bin/ssh/key.h +++ b/usr.bin/ssh/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.14 2001/06/26 06:32:54 itojun Exp $ */ +/* $OpenBSD: key.h,v 1.15 2001/06/26 17:27:23 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -52,25 +52,24 @@ struct Key { Key *key_new(int); Key *key_new_private(int); -void key_free(Key *); -int key_equal(Key *, Key *); +void key_free(Key *); +int key_equal(Key *, Key *); char *key_fingerprint(Key *, enum fp_type, enum fp_rep); char *key_type(Key *); -int key_write(Key *, FILE *); -int key_read(Key *, char **); -u_int key_size(Key *); +int key_write(Key *, FILE *); +int key_read(Key *, char **); +u_int key_size(Key *); Key *key_generate(int, u_int); Key *key_from_private(Key *); -int key_type_from_name(char *); +int key_type_from_name(char *); Key *key_from_blob(char *, int); -int key_to_blob(Key *, u_char **, u_int *); +int key_to_blob(Key *, u_char **, u_int *); char *key_ssh_name(Key *); -int key_names_valid2(const char *); +int key_names_valid2(const char *); -int key_sign(Key *, u_char **, int *, u_char *, int); - -int key_verify(Key *, u_char *, int, u_char *, int); +int key_sign(Key *, u_char **, int *, u_char *, int); +int key_verify(Key *, u_char *, int, u_char *, int); #endif diff --git a/usr.bin/ssh/log.c b/usr.bin/ssh/log.c index 34b4eb96158..e10bf813cd4 100644 --- a/usr.bin/ssh/log.c +++ b/usr.bin/ssh/log.c @@ -34,7 +34,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: log.c,v 1.17 2001/03/04 17:42:28 millert Exp $"); +RCSID("$OpenBSD: log.c,v 1.18 2001/06/26 17:27:23 markus Exp $"); #include "log.h" #include "xmalloc.h" @@ -85,6 +85,8 @@ static struct { { NULL, 0 } }; +static void do_log(LogLevel level, const char *fmt, va_list args); + SyslogFacility log_facility_number(char *name) { @@ -318,7 +320,7 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr) #define MSGBUFSIZ 1024 -void +static void do_log(LogLevel level, const char *fmt, va_list args) { char msgbuf[MSGBUFSIZ]; diff --git a/usr.bin/ssh/log.h b/usr.bin/ssh/log.h index 9e59ea568c9..4493dc4046d 100644 --- a/usr.bin/ssh/log.h +++ b/usr.bin/ssh/log.h @@ -1,4 +1,4 @@ -/* $OpenBSD: log.h,v 1.3 2001/06/26 06:32:55 itojun Exp $ */ +/* $OpenBSD: log.h,v 1.4 2001/06/26 17:27:24 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -40,36 +40,22 @@ typedef enum { SYSLOG_LEVEL_DEBUG2, SYSLOG_LEVEL_DEBUG3 } LogLevel; -/* Initializes logging. */ -void log_init(char *, LogLevel, SyslogFacility, int); -/* Logging implementation, depending on server or client */ -void do_log(LogLevel, const char *, va_list); +void log_init(char *, LogLevel, SyslogFacility, int); -/* name to facility/level */ -SyslogFacility log_facility_number(char *); +SyslogFacility log_facility_number(char *); LogLevel log_level_number(char *); -/* Output a message to syslog or stderr */ -void fatal(const char *, ...) __attribute__((format(printf, 1, 2))); -void error(const char *, ...) __attribute__((format(printf, 1, 2))); -void log(const char *, ...) __attribute__((format(printf, 1, 2))); -void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); -void debug(const char *, ...) __attribute__((format(printf, 1, 2))); -void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); -void debug3(const char *, ...) __attribute__((format(printf, 1, 2))); - -/* same as fatal() but w/o logging */ -void fatal_cleanup(void); - -/* - * Registers a cleanup function to be called by fatal()/fatal_cleanup() - * before exiting. It is permissible to call fatal_remove_cleanup for the - * function itself from the function. - */ -void fatal_add_cleanup(void (*) (void *), void *); - -/* Removes a cleanup function to be called at fatal(). */ -void fatal_remove_cleanup(void (*) (void *), void *); +void fatal(const char *, ...) __attribute__((format(printf, 1, 2))); +void error(const char *, ...) __attribute__((format(printf, 1, 2))); +void log(const char *, ...) __attribute__((format(printf, 1, 2))); +void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); +void debug(const char *, ...) __attribute__((format(printf, 1, 2))); +void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); +void debug3(const char *, ...) __attribute__((format(printf, 1, 2))); + +void fatal_cleanup(void); +void fatal_add_cleanup(void (*) (void *), void *); +void fatal_remove_cleanup(void (*) (void *), void *); #endif diff --git a/usr.bin/ssh/mac.h b/usr.bin/ssh/mac.h index 67df3b605b5..43b485dd92b 100644 --- a/usr.bin/ssh/mac.h +++ b/usr.bin/ssh/mac.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mac.h,v 1.2 2001/06/26 06:32:55 itojun Exp $ */ +/* $OpenBSD: mac.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -23,6 +23,6 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -int mac_valid(const char *); -int mac_init(Mac *, char *); +int mac_valid(const char *); +int mac_init(Mac *, char *); u_char *mac_compute(Mac *, u_int32_t, u_char *, int); diff --git a/usr.bin/ssh/misc.c b/usr.bin/ssh/misc.c index 19bb16149c7..de47ef204a1 100644 --- a/usr.bin/ssh/misc.c +++ b/usr.bin/ssh/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.11 2001/06/16 08:58:34 markus Exp $ */ +/* $OpenBSD: misc.c,v 1.12 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -25,12 +25,13 @@ */ #include "includes.h" -RCSID("$OpenBSD: misc.c,v 1.11 2001/06/16 08:58:34 markus Exp $"); +RCSID("$OpenBSD: misc.c,v 1.12 2001/06/26 17:27:24 markus Exp $"); #include "misc.h" #include "log.h" #include "xmalloc.h" +/* remove newline at end of string */ char * chop(char *s) { @@ -46,6 +47,7 @@ chop(char *s) } +/* set/unset filedescriptor to non-blocking */ void set_nonblock(int fd) { @@ -93,6 +95,7 @@ unset_nonblock(int fd) /* Characters considered whitespace in strsep calls. */ #define WHITESPACE " \t\r\n" +/* return next token in configuration line */ char * strdelim(char **s) { @@ -139,7 +142,13 @@ pwcopy(struct passwd *pw) return copy; } -int a2port(const char *s) +/* + * Convert ASCII string to TCP/IP port number. + * Port must be >0 and <=65535. + * Return 0 if invalid. + */ +int +a2port(const char *s) { long port; char *endp; @@ -160,7 +169,29 @@ int a2port(const char *s) #define DAYS (HOURS * 24) #define WEEKS (DAYS * 7) -long convtime(const char *s) +/* + * Convert a time string into seconds; format is + * a sequence of: + * time[qualifier] + * + * Valid time qualifiers are: + * <none> seconds + * s|S seconds + * m|M minutes + * h|H hours + * d|D days + * w|W weeks + * + * Examples: + * 90m 90 minutes + * 1h30m 90 minutes + * 2d 2 days + * 1w 1 week + * + * Return -1 if time string is invalid. + */ +long +convtime(const char *s) { long total, secs; const char *p; @@ -247,6 +278,7 @@ colon(char *cp) return (0); } +/* function to assist building execv() arguments */ void addargs(arglist *args, char *fmt, ...) { diff --git a/usr.bin/ssh/misc.h b/usr.bin/ssh/misc.h index 2863a497abb..7400d627fbd 100644 --- a/usr.bin/ssh/misc.h +++ b/usr.bin/ssh/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.9 2001/06/26 06:32:56 itojun Exp $ */ +/* $OpenBSD: misc.h,v 1.10 2001/06/26 17:27:24 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -11,59 +11,22 @@ * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". */ -/* remove newline at end of string */ -char *chop(char *); -/* return next token in configuration line */ +char *chop(char *); char *strdelim(char **); +void set_nonblock(int); +void unset_nonblock(int); +int a2port(const char *); +char *cleanhostname(char *); +char *colon(char *); +long convtime(const char *); -/* set/unset filedescriptor to non-blocking */ -void set_nonblock(int); -void unset_nonblock(int); - -struct passwd * pwcopy(struct passwd *); - -/* - * Convert ASCII string to TCP/IP port number. - * Port must be >0 and <=65535. - * Return 0 if invalid. - */ -int a2port(const char *); +struct passwd *pwcopy(struct passwd *); -/* code from scp.c/rcp.c */ -char *cleanhostname(char *); -char *colon(char *); - -/* - * Convert a time string into seconds; format is - * a sequence of: - * time[qualifier] - * - * Valid time qualifiers are: - * <none> seconds - * s|S seconds - * m|M minutes - * h|H hours - * d|D days - * w|W weeks - * - * Examples: - * 90m 90 minutes - * 1h30m 90 minutes - * 2d 2 days - * 1w 1 week - * - * Return -1 if time string is invalid. - */ - -long convtime(const char *); - -/* function to assist building execv() arguments */ typedef struct arglist arglist; struct arglist { char **list; int num; int nalloc; }; - -void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3))); +void addargs(arglist *, char *, ...) __attribute__((format(printf, 2, 3))); diff --git a/usr.bin/ssh/mpaux.h b/usr.bin/ssh/mpaux.h index a4d324fca1a..082b7fd47c4 100644 --- a/usr.bin/ssh/mpaux.h +++ b/usr.bin/ssh/mpaux.h @@ -12,17 +12,11 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: mpaux.h,v 1.10 2001/06/26 06:32:57 itojun Exp $"); */ +/* RCSID("$OpenBSD: mpaux.h,v 1.11 2001/06/26 17:27:24 markus Exp $"); */ #ifndef MPAUX_H #define MPAUX_H -/* - * Computes a 16-byte session id in the global variable session_id. The - * session id is computed by concatenating the linearized, msb first - * representations of host_key_n, session_key_n, and the cookie. - */ -void -compute_session_id(u_char[16], u_char[8], BIGNUM *, BIGNUM *); +void compute_session_id(u_char[16], u_char[8], BIGNUM *, BIGNUM *); #endif /* MPAUX_H */ diff --git a/usr.bin/ssh/packet.h b/usr.bin/ssh/packet.h index 97afbdf60ad..ffae736d647 100644 --- a/usr.bin/ssh/packet.h +++ b/usr.bin/ssh/packet.h @@ -11,186 +11,75 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: packet.h,v 1.24 2001/06/26 06:32:57 itojun Exp $"); */ +/* RCSID("$OpenBSD: packet.h,v 1.25 2001/06/26 17:27:24 markus Exp $"); */ #ifndef PACKET_H #define PACKET_H #include <openssl/bn.h> -/* - * Sets the socket used for communication. Disables encryption until - * packet_set_encryption_key is called. It is permissible that fd_in and - * fd_out are the same descriptor; in that case it is assumed to be a socket. - */ -void packet_set_connection(int, int); - -/* Puts the connection file descriptors into non-blocking mode. */ -void packet_set_nonblocking(void); - -/* Returns the file descriptor used for input. */ -int packet_get_connection_in(void); - -/* Returns the file descriptor used for output. */ -int packet_get_connection_out(void); - -/* - * Closes the connection (both descriptors) and clears and frees internal - * data structures. - */ -void packet_close(void); - -/* - * Causes any further packets to be encrypted using the given key. The same - * key is used for both sending and reception. However, both directions are - * encrypted independently of each other. Cipher types are defined in ssh.h. - */ -void -packet_set_encryption_key(const u_char *, u_int, int); - -/* - * Sets remote side protocol flags for the current connection. This can be - * called at any time. - */ -void packet_set_protocol_flags(u_int); - -/* Returns the remote protocol flags set earlier by the above function. */ -u_int packet_get_protocol_flags(void); - -/* Enables compression in both directions starting from the next packet. */ -void packet_start_compression(int); - -/* - * Informs that the current session is interactive. Sets IP flags for - * optimal performance in interactive use. - */ -void packet_set_interactive(int); - -/* Returns true if the current connection is interactive. */ -int packet_is_interactive(void); - -/* Starts constructing a packet to send. */ -void packet_start(u_char); - -/* Appends a character to the packet data. */ -void packet_put_char(int ch); - -/* Appends an integer to the packet data. */ -void packet_put_int(u_int value); - -/* Appends an arbitrary precision integer to packet data. */ -void packet_put_bignum(BIGNUM * value); -void packet_put_bignum2(BIGNUM * value); - -/* Appends a string to packet data. */ -void packet_put_string(const char *buf, u_int len); -void packet_put_cstring(const char *str); -void packet_put_raw(const char *buf, u_int len); - -/* - * Finalizes and sends the packet. If the encryption key has been set, - * encrypts the packet before sending. - */ -void packet_send(void); - -/* Waits until a packet has been received, and returns its type. */ -int packet_read(int *payload_len_ptr); - -/* - * Waits until a packet has been received, verifies that its type matches - * that given, and gives a fatal error and exits if there is a mismatch. - */ -void packet_read_expect(int *payload_len_ptr, int type); - -/* - * Checks if a full packet is available in the data received so far via - * packet_process_incoming. If so, reads the packet; otherwise returns - * SSH_MSG_NONE. This does not wait for data from the connection. - * SSH_MSG_DISCONNECT is handled specially here. Also, SSH_MSG_IGNORE - * messages are skipped by this function and are never returned to higher - * levels. - */ -int packet_read_poll(int *packet_len_ptr); - -/* - * Buffers the given amount of input characters. This is intended to be used - * together with packet_read_poll. - */ -void packet_process_incoming(const char *buf, u_int len); - -/* Returns a character (0-255) from the packet data. */ -u_int packet_get_char(void); - -/* Returns an integer from the packet data. */ -u_int packet_get_int(void); - -/* - * Returns an arbitrary precision integer from the packet data. The integer - * must have been initialized before this call. - */ -void packet_get_bignum(BIGNUM * value, int *length_ptr); -void packet_get_bignum2(BIGNUM * value, int *length_ptr); +void packet_set_connection(int, int); +void packet_set_nonblocking(void); +int packet_get_connection_in(void); +int packet_get_connection_out(void); +void packet_close(void); +void packet_set_encryption_key(const u_char *, u_int, int); +void packet_set_protocol_flags(u_int); +u_int packet_get_protocol_flags(void); +void packet_start_compression(int); +void packet_set_interactive(int); +int packet_is_interactive(void); + +void packet_start(u_char); +void packet_put_char(int ch); +void packet_put_int(u_int value); +void packet_put_bignum(BIGNUM * value); +void packet_put_bignum2(BIGNUM * value); +void packet_put_string(const char *buf, u_int len); +void packet_put_cstring(const char *str); +void packet_put_raw(const char *buf, u_int len); +void packet_send(void); + +int packet_read(int *payload_len_ptr); +void packet_read_expect(int *payload_len_ptr, int type); +int packet_read_poll(int *packet_len_ptr); +void packet_process_incoming(const char *buf, u_int len); + +u_int packet_get_char(void); +u_int packet_get_int(void); +void packet_get_bignum(BIGNUM * value, int *length_ptr); +void packet_get_bignum2(BIGNUM * value, int *length_ptr); char *packet_get_raw(int *length_ptr); +char *packet_get_string(u_int *length_ptr); +void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); -/* - * Returns a string from the packet data. The string is allocated using - * xmalloc; it is the responsibility of the calling program to free it when - * no longer needed. The length_ptr argument may be NULL, or point to an - * integer into which the length of the string is stored. - */ -char *packet_get_string(u_int *length_ptr); - -/* - * Logs the error in syslog using LOG_INFO, constructs and sends a disconnect - * packet, closes the connection, and exits. This function never returns. - * The error message should not contain a newline. The total length of the - * message must not exceed 1024 bytes. - */ -void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2))); - -/* - * Sends a diagnostic message to the other side. This message can be sent at - * any time (but not while constructing another message). The message is - * printed immediately, but only if the client is being executed in verbose - * mode. These messages are primarily intended to ease debugging - * authentication problems. The total length of the message must not exceed - * 1024 bytes. This will automatically call packet_write_wait. If the - * remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG, - * this will do nothing. - */ -void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); - -/* Checks if there is any buffered output, and tries to write some of the output. */ -void packet_write_poll(void); - -/* Waits until all pending output data has been written. */ -void packet_write_wait(void); +void packet_write_poll(void); +void packet_write_wait(void); +int packet_have_data_to_write(void); +int packet_not_very_much_data_to_write(void); -/* Returns true if there is buffered data to write to the connection. */ -int packet_have_data_to_write(void); +int packet_connection_is_on_socket(void); +int packet_connection_is_ipv4(void); +int packet_remaining(void); +void packet_send_ignore(int); +void packet_inject_ignore(int); -/* Returns true if there is not too much data to write to the connection. */ -int packet_not_very_much_data_to_write(void); +void tty_make_modes(int, struct termios *); +void tty_parse_modes(int, int *); -/* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */ extern int max_packet_size; -int packet_set_maxsize(int); -#define packet_get_maxsize() max_packet_size - -/* Stores tty modes from the fd or tiop into current packet. */ -void tty_make_modes(int, struct termios *); - -/* Parses tty modes for the fd from the current packet. */ -void tty_parse_modes(int, int *); +int packet_set_maxsize(int); +#define packet_get_maxsize() max_packet_size #define packet_integrity_check(payload_len, expected_len, type) \ do { \ - int _p = (payload_len), _e = (expected_len); \ - if (_p != _e) { \ - log("Packet integrity error (%d != %d) at %s:%d", \ - _p, _e, __FILE__, __LINE__); \ - packet_disconnect("Packet integrity error. (%d)", (type)); \ - } \ + int _p = (payload_len), _e = (expected_len); \ + if (_p != _e) { \ + log("Packet integrity error (%d != %d) at %s:%d", \ + _p, _e, __FILE__, __LINE__); \ + packet_disconnect("Packet integrity error. (%d)", (type)); \ + } \ } while (0) #define packet_done() \ @@ -203,17 +92,4 @@ do { \ } \ } while (0) -/* remote host is connected via a socket/ipv4 */ -int packet_connection_is_on_socket(void); -int packet_connection_is_ipv4(void); - -/* returns remaining payload bytes */ -int packet_remaining(void); - -/* append an ignore message */ -void packet_send_ignore(int); - -/* add an ignore message and make sure size (current+ignore) = n*sumlen */ -void packet_inject_ignore(int); - #endif /* PACKET_H */ diff --git a/usr.bin/ssh/radix.h b/usr.bin/ssh/radix.h index 6f3428cd382..e94e4acc6ad 100644 --- a/usr.bin/ssh/radix.h +++ b/usr.bin/ssh/radix.h @@ -1,4 +1,4 @@ -/* $OpenBSD: radix.h,v 1.3 2001/06/26 06:32:57 itojun Exp $ */ +/* $OpenBSD: radix.h,v 1.4 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 1999 Dug Song. All rights reserved. @@ -24,5 +24,5 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -int creds_to_radix(CREDENTIALS *, u_char *, size_t); -int radix_to_creds(const char *, CREDENTIALS *); +int creds_to_radix(CREDENTIALS *, u_char *, size_t); +int radix_to_creds(const char *, CREDENTIALS *); diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h index 2f784e6e2d1..f91dc3899e6 100644 --- a/usr.bin/ssh/readconf.h +++ b/usr.bin/ssh/readconf.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: readconf.h,v 1.34 2001/06/26 16:15:24 dugsong Exp $"); */ +/* RCSID("$OpenBSD: readconf.h,v 1.35 2001/06/26 17:27:24 markus Exp $"); */ #ifndef READCONF_H #define READCONF_H @@ -102,48 +102,14 @@ typedef struct { } Options; -/* - * Initializes options to special values that indicate that they have not yet - * been set. Read_config_file will only set options with this value. Options - * are processed in the following order: command line, user config file, - * system config file. Last, fill_default_options is called. - */ -void initialize_options(Options *); - -/* - * Called after processing other sources of option data, this fills those - * options for which no value has been specified with their default values. - */ -void fill_default_options(Options *); +void initialize_options(Options *); +void fill_default_options(Options *); +void read_config_file(const char *, const char *, Options *); -/* - * Processes a single option line as used in the configuration files. This - * only sets those values that have not already been set. Returns 0 for legal - * options - */ int process_config_line(Options *, const char *, char *, const char *, int, int *); -/* - * Reads the config file and modifies the options accordingly. Options - * should already be initialized before this call. This never returns if - * there is an error. If the file does not exist, this returns immediately. - */ -void -read_config_file(const char *, const char *, Options *); - -/* - * Adds a local TCP/IP port forward to options. Never returns if there is an - * error. - */ -void -add_local_forward(Options *, u_short, const char *, u_short); - -/* - * Adds a remote TCP/IP port forward to options. Never returns if there is - * an error. - */ -void -add_remote_forward(Options *, u_short, const char *, u_short); +void add_local_forward(Options *, u_short, const char *, u_short); +void add_remote_forward(Options *, u_short, const char *, u_short); #endif /* READCONF_H */ diff --git a/usr.bin/ssh/readpass.h b/usr.bin/ssh/readpass.h index da362ab41e9..229973c68ad 100644 --- a/usr.bin/ssh/readpass.h +++ b/usr.bin/ssh/readpass.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.h,v 1.5 2001/06/26 06:32:58 itojun Exp $ */ +/* $OpenBSD: readpass.h,v 1.6 2001/06/26 17:27:24 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -14,4 +14,5 @@ #define RP_ECHO 0x0001 #define RP_ALLOW_STDIN 0x0002 + char *read_passphrase(const char *, int); diff --git a/usr.bin/ssh/rsa.h b/usr.bin/ssh/rsa.h index b803b3ad35f..70756f83c0d 100644 --- a/usr.bin/ssh/rsa.h +++ b/usr.bin/ssh/rsa.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: rsa.h,v 1.12 2001/06/26 06:32:58 itojun Exp $"); */ +/* RCSID("$OpenBSD: rsa.h,v 1.13 2001/06/26 17:27:24 markus Exp $"); */ #ifndef RSA_H #define RSA_H @@ -19,9 +19,8 @@ #include <openssl/bn.h> #include <openssl/rsa.h> -void rsa_public_encrypt __P((BIGNUM *, BIGNUM *, RSA *)); -int rsa_private_decrypt __P((BIGNUM *, BIGNUM *, RSA *)); - -void generate_additional_parameters __P((RSA *)); +void rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *); +int rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *); +void generate_additional_parameters(RSA *); #endif /* RSA_H */ diff --git a/usr.bin/ssh/scard.h b/usr.bin/ssh/scard.h index 46f873b35af..480be0764f3 100644 --- a/usr.bin/ssh/scard.h +++ b/usr.bin/ssh/scard.h @@ -22,9 +22,14 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* $OpenBSD: scard.h,v 1.2 2001/06/26 06:32:59 itojun Exp $ */ +/* $OpenBSD: scard.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */ #include <openssl/engine.h> +#ifndef SCARD_H +#define SCARD_H + Key *sc_get_key(int); ENGINE *sc_get_engine(void); + +#endif diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h index 715c20acfcf..4954dbd4b4e 100644 --- a/usr.bin/ssh/servconf.h +++ b/usr.bin/ssh/servconf.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: servconf.h,v 1.46 2001/06/26 16:15:24 dugsong Exp $"); */ +/* RCSID("$OpenBSD: servconf.h,v 1.47 2001/06/26 17:27:24 markus Exp $"); */ #ifndef SERVCONF_H #define SERVCONF_H @@ -131,19 +131,9 @@ typedef struct { char *authorized_keys_file2; } ServerOptions; -/* - * Initializes the server options to special values that indicate that they - * have not yet been set. - */ -void initialize_server_options(ServerOptions *); - -/* - * Reads the server configuration file. This only sets the values for those - * options that have the special value indicating they have not been set. - */ -void read_server_config(ServerOptions *, const char *); -/* Sets values for those values that have not yet been set. */ -void fill_default_server_options(ServerOptions *); +void initialize_server_options(ServerOptions *); +void read_server_config(ServerOptions *, const char *); +void fill_default_server_options(ServerOptions *); #endif /* SERVCONF_H */ diff --git a/usr.bin/ssh/serverloop.h b/usr.bin/ssh/serverloop.h index 9c2c2ccb99c..9ea2b38d4a7 100644 --- a/usr.bin/ssh/serverloop.h +++ b/usr.bin/ssh/serverloop.h @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.h,v 1.3 2001/06/26 06:33:00 itojun Exp $ */ +/* $OpenBSD: serverloop.h,v 1.4 2001/06/26 17:27:24 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -18,5 +18,10 @@ * (of the child program), and reads from stdout and stderr (of the child * program). */ +#ifndef SERVERLOOP_H +#define SERVERLOOP_H + void server_loop(pid_t, int, int, int); void server_loop2(void); + +#endif diff --git a/usr.bin/ssh/session.h b/usr.bin/ssh/session.h index 9ed83585ca2..39ab7d0e67a 100644 --- a/usr.bin/ssh/session.h +++ b/usr.bin/ssh/session.h @@ -1,4 +1,4 @@ -/* $OpenBSD: session.h,v 1.8 2001/06/26 06:33:01 itojun Exp $ */ +/* $OpenBSD: session.h,v 1.9 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -26,11 +26,11 @@ #ifndef SESSION_H #define SESSION_H -void do_authenticated(Authctxt *); +void do_authenticated(Authctxt *); -int session_open(int); -void session_input_channel_req(int, void *); -void session_close_by_pid(pid_t, int); -void session_close_by_channel(int, void *); +int session_open(int); +void session_input_channel_req(int, void *); +void session_close_by_pid(pid_t, int); +void session_close_by_channel(int, void *); #endif diff --git a/usr.bin/ssh/sftp-common.c b/usr.bin/ssh/sftp-common.c index 3310eabab57..aed95f2f008 100644 --- a/usr.bin/ssh/sftp-common.c +++ b/usr.bin/ssh/sftp-common.c @@ -24,7 +24,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sftp-common.c,v 1.2 2001/02/06 23:50:10 markus Exp $"); +RCSID("$OpenBSD: sftp-common.c,v 1.3 2001/06/26 17:27:24 markus Exp $"); #include "buffer.h" #include "bufaux.h" @@ -35,6 +35,7 @@ RCSID("$OpenBSD: sftp-common.c,v 1.2 2001/02/06 23:50:10 markus Exp $"); #include "sftp.h" #include "sftp-common.h" +/* Clear contents of attributes structure */ void attrib_clear(Attrib *a) { @@ -47,6 +48,7 @@ attrib_clear(Attrib *a) a->mtime = 0; } +/* Convert from struct stat to filexfer attribs */ void stat_to_attrib(struct stat *st, Attrib *a) { @@ -64,6 +66,7 @@ stat_to_attrib(struct stat *st, Attrib *a) a->mtime = st->st_mtime; } +/* Decode attributes in buffer */ Attrib * decode_attrib(Buffer *b) { @@ -98,6 +101,7 @@ decode_attrib(Buffer *b) return &a; } +/* Encode attributes to buffer */ void encode_attrib(Buffer *b, Attrib *a) { @@ -116,6 +120,7 @@ encode_attrib(Buffer *b, Attrib *a) } } +/* Convert from SSH2_FX_ status to text error message */ const char * fx2txt(int status) { @@ -143,4 +148,3 @@ fx2txt(int status) }; /* NOTREACHED */ } - diff --git a/usr.bin/ssh/sftp-common.h b/usr.bin/ssh/sftp-common.h index 3e4f502b059..4c126bf1065 100644 --- a/usr.bin/ssh/sftp-common.h +++ b/usr.bin/ssh/sftp-common.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-common.h,v 1.2 2001/06/26 06:33:01 itojun Exp $ */ +/* $OpenBSD: sftp-common.h,v 1.3 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. @@ -38,18 +38,9 @@ struct Attrib { u_int32_t mtime; }; -/* Clear contents of attributes structure */ -void attrib_clear(Attrib *); +void attrib_clear(Attrib *); +void stat_to_attrib(struct stat *, Attrib *); +Attrib *decode_attrib(Buffer *); +void encode_attrib(Buffer *, Attrib *); -/* Convert from struct stat to filexfer attribs */ -void stat_to_attrib(struct stat *, Attrib *); - -/* Decode attributes in buffer */ -Attrib *decode_attrib(Buffer *); - -/* Encode attributes to buffer */ -void encode_attrib(Buffer *, Attrib *); - -/* Convert from SSH2_FX_ status to text error message */ const char *fx2txt(int); - diff --git a/usr.bin/ssh/sftp-glob.h b/usr.bin/ssh/sftp-glob.h index 37bd5d2da7e..2885044ae51 100644 --- a/usr.bin/ssh/sftp-glob.h +++ b/usr.bin/ssh/sftp-glob.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-glob.h,v 1.4 2001/06/26 06:33:01 itojun Exp $ */ +/* $OpenBSD: sftp-glob.h,v 1.5 2001/06/26 17:27:24 markus Exp $ */ /* * Copyright (c) 2001 Damien Miller. All rights reserved. @@ -28,4 +28,3 @@ int remote_glob(int, int, const char *, int, int (*)(const char *, int), glob_t *); - diff --git a/usr.bin/ssh/sftp-int.h b/usr.bin/ssh/sftp-int.h index bbb138a6b26..699e758b1b6 100644 --- a/usr.bin/ssh/sftp-int.h +++ b/usr.bin/ssh/sftp-int.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-int.h,v 1.3 2001/06/26 06:33:02 itojun Exp $ */ +/* $OpenBSD: sftp-int.h,v 1.4 2001/06/26 17:27:25 markus Exp $ */ /* * Copyright (c) 2001 Damien Miller. All rights reserved. @@ -24,4 +24,4 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -void interactive_loop(int, int, char *, char *); +void interactive_loop(int, int, char *, char *); diff --git a/usr.bin/ssh/ssh-dss.h b/usr.bin/ssh/ssh-dss.h index fe7e3207c28..0613acba31f 100644 --- a/usr.bin/ssh/ssh-dss.h +++ b/usr.bin/ssh/ssh-dss.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-dss.h,v 1.4 2001/06/26 06:33:02 itojun Exp $ */ +/* $OpenBSD: ssh-dss.h,v 1.5 2001/06/26 17:27:25 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,8 +26,7 @@ #ifndef DSA_H #define DSA_H -int ssh_dss_sign(Key *, u_char **, int *, u_char *, int); - -int ssh_dss_verify(Key *, u_char *, int, u_char *, int); +int ssh_dss_sign(Key *, u_char **, int *, u_char *, int); +int ssh_dss_verify(Key *, u_char *, int, u_char *, int); #endif diff --git a/usr.bin/ssh/ssh-rsa.h b/usr.bin/ssh/ssh-rsa.h index 1e94c8b3c0c..11d355d583c 100644 --- a/usr.bin/ssh/ssh-rsa.h +++ b/usr.bin/ssh/ssh-rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-rsa.h,v 1.4 2001/06/26 06:33:03 itojun Exp $ */ +/* $OpenBSD: ssh-rsa.h,v 1.5 2001/06/26 17:27:25 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,8 +26,7 @@ #ifndef SSH_RSA_H #define SSH_RSA_H -int ssh_rsa_sign(Key *, u_char **, int *, u_char *, int); - -int ssh_rsa_verify(Key *, u_char *, int, u_char *, int); +int ssh_rsa_sign(Key *, u_char **, int *, u_char *, int); +int ssh_rsa_verify(Key *, u_char *, int, u_char *, int); #endif diff --git a/usr.bin/ssh/sshconnect.h b/usr.bin/ssh/sshconnect.h index c15ed4bc4f8..27ed2b74515 100644 --- a/usr.bin/ssh/sshconnect.h +++ b/usr.bin/ssh/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.11 2001/06/26 06:33:03 itojun Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.12 2001/06/26 17:27:25 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -33,14 +33,14 @@ ssh_connect(const char *, struct sockaddr_storage *, u_short, int, void ssh_login(Key **, int, const char *, struct sockaddr *, struct passwd *); -int verify_host_key(char *, struct sockaddr *, Key *); +int verify_host_key(char *, struct sockaddr *, Key *); -void ssh_kex(char *, struct sockaddr *); -void ssh_kex2(char *, struct sockaddr *); +void ssh_kex(char *, struct sockaddr *); +void ssh_kex2(char *, struct sockaddr *); -void ssh_userauth1(const char *, const char *, char *, Key **, int); -void ssh_userauth2(const char *, const char *, char *, Key **, int); +void ssh_userauth1(const char *, const char *, char *, Key **, int); +void ssh_userauth2(const char *, const char *, char *, Key **, int); -void ssh_put_password(char *); +void ssh_put_password(char *); #endif diff --git a/usr.bin/ssh/sshlogin.h b/usr.bin/ssh/sshlogin.h index 539bf040d9c..27a838646a9 100644 --- a/usr.bin/ssh/sshlogin.h +++ b/usr.bin/ssh/sshlogin.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshlogin.h,v 1.2 2001/06/26 06:33:04 itojun Exp $ */ +/* $OpenBSD: sshlogin.h,v 1.3 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -14,25 +14,10 @@ #ifndef SSHLOGIN_H #define SSHLOGIN_H -/* - * Returns the time when the user last logged in. Returns 0 if the - * information is not available. This must be called before record_login. - * The host from which the user logged in is stored in buf. - */ -u_long get_last_login_time(uid_t, const char *, char *, u_int); - -/* - * Records that the user has logged in. This does many things normally done - * by login(1). - */ void record_login(pid_t, const char *, const char *, uid_t, const char *, struct sockaddr *); - -/* - * Records that the user has logged out. This does many thigs normally done - * by login(1) or init. - */ -void record_logout(pid_t, const char *); +void record_logout(pid_t, const char *); +u_long get_last_login_time(uid_t, const char *, char *, u_int); #endif diff --git a/usr.bin/ssh/sshpty.h b/usr.bin/ssh/sshpty.h index d962924f8ad..4eb479f76ed 100644 --- a/usr.bin/ssh/sshpty.h +++ b/usr.bin/ssh/sshpty.h @@ -12,34 +12,15 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: sshpty.h,v 1.2 2001/06/26 06:33:04 itojun Exp $"); */ +/* RCSID("$OpenBSD: sshpty.h,v 1.3 2001/06/26 17:27:25 markus Exp $"); */ #ifndef SSHPTY_H #define SSHPTY_H -/* - * Allocates and opens a pty. Returns 0 if no pty could be allocated, or - * nonzero if a pty was successfully allocated. On success, open file - * descriptors for the pty and tty sides and the name of the tty side are - * returned (the buffer must be able to hold at least 64 characters). - */ -int pty_allocate(int *, int *, char *, int); - -/* - * Releases the tty. Its ownership is returned to root, and permissions to - * 0666. - */ -void pty_release(const char *); - -/* - * Makes the tty the processes controlling tty and sets it to sane modes. - * This may need to reopen the tty to get rid of possible eavesdroppers. - */ -void pty_make_controlling_tty(int *, const char *); - -/* Changes the window size associated with the pty. */ -void pty_change_window_size(int, int, int, int, int); - -void pty_setowner(struct passwd *, const char *); +int pty_allocate(int *, int *, char *, int); +void pty_release(const char *); +void pty_make_controlling_tty(int *, const char *); +void pty_change_window_size(int, int, int, int, int); +void pty_setowner(struct passwd *, const char *); #endif /* SSHPTY_H */ diff --git a/usr.bin/ssh/sshtty.h b/usr.bin/ssh/sshtty.h index e29385e3522..7ba4a262727 100644 --- a/usr.bin/ssh/sshtty.h +++ b/usr.bin/ssh/sshtty.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshtty.h,v 1.1 2001/04/14 16:33:20 stevesk Exp $ */ +/* $OpenBSD: sshtty.h,v 1.2 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -40,26 +40,9 @@ #include <termios.h> -/* - * Accessor function indicating whether we are in raw mode. Set by - * enter_raw_mode() and leave_raw_mode(). - */ -int in_raw_mode(void); - -/* - * Return terminal modes, as saved by enter_raw_mode(). - */ +int in_raw_mode(void); struct termios get_saved_tio(void); - -/* - * Returns the user's terminal to normal mode if it had been - * put in raw mode. - */ -void leave_raw_mode(void); - -/* - * Puts the user's terminal in raw mode. - */ -void enter_raw_mode(void); +void leave_raw_mode(void); +void enter_raw_mode(void); #endif diff --git a/usr.bin/ssh/tildexpand.h b/usr.bin/ssh/tildexpand.h index a30f0db30f7..f5e7e40bcc0 100644 --- a/usr.bin/ssh/tildexpand.h +++ b/usr.bin/ssh/tildexpand.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tildexpand.h,v 1.3 2001/06/26 06:33:06 itojun Exp $ */ +/* $OpenBSD: tildexpand.h,v 1.4 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -12,8 +12,4 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* - * Expands tildes in the file name. Returns data allocated by xmalloc. - * Warning: this calls getpw*. - */ -char *tilde_expand_filename(const char *, uid_t); +char *tilde_expand_filename(const char *, uid_t); diff --git a/usr.bin/ssh/uidswap.h b/usr.bin/ssh/uidswap.h index 9aea8836749..0726980d087 100644 --- a/usr.bin/ssh/uidswap.h +++ b/usr.bin/ssh/uidswap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.h,v 1.8 2001/06/26 06:33:06 itojun Exp $ */ +/* $OpenBSD: uidswap.h,v 1.9 2001/06/26 17:27:25 markus Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -15,22 +15,8 @@ #ifndef UIDSWAP_H #define UIDSWAP_H -/* - * Temporarily changes to the given uid. If the effective user id is not - * root, this does nothing. This call cannot be nested. - */ -void temporarily_use_uid(struct passwd *); - -/* - * Restores the original effective user id after temporarily_use_uid(). - * This should only be called while temporarily_use_uid is effective. - */ -void restore_uid(void); - -/* - * Permanently sets all uids to the given uid. This cannot be called while - * temporarily_use_uid is effective. This must also clear any saved uids. - */ -void permanently_set_uid(struct passwd *); +void temporarily_use_uid(struct passwd *); +void restore_uid(void); +void permanently_set_uid(struct passwd *); #endif /* UIDSWAP_H */ diff --git a/usr.bin/ssh/uuencode.h b/usr.bin/ssh/uuencode.h index fd8f3dbda7f..0067635b677 100644 --- a/usr.bin/ssh/uuencode.h +++ b/usr.bin/ssh/uuencode.h @@ -1,4 +1,4 @@ -/* $OpenBSD: uuencode.h,v 1.7 2001/06/26 06:33:06 itojun Exp $ */ +/* $OpenBSD: uuencode.h,v 1.8 2001/06/26 17:27:25 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -26,7 +26,7 @@ #ifndef UUENCODE_H #define UUENCODE_H -int uuencode(u_char *, u_int, char *, size_t); -int uudecode(const char *, u_char *, size_t); -void dump_base64(FILE *, u_char *, int); +int uuencode(u_char *, u_int, char *, size_t); +int uudecode(const char *, u_char *, size_t); +void dump_base64(FILE *, u_char *, int); #endif diff --git a/usr.bin/ssh/xmalloc.h b/usr.bin/ssh/xmalloc.h index d04f10293ab..e14d0141d1d 100644 --- a/usr.bin/ssh/xmalloc.h +++ b/usr.bin/ssh/xmalloc.h @@ -14,21 +14,14 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: xmalloc.h,v 1.6 2001/06/26 06:33:07 itojun Exp $"); */ +/* RCSID("$OpenBSD: xmalloc.h,v 1.7 2001/06/26 17:27:25 markus Exp $"); */ #ifndef XMALLOC_H #define XMALLOC_H -/* Like malloc, but calls fatal() if out of memory. */ -void *xmalloc(size_t); - -/* Like realloc, but calls fatal() if out of memory. */ -void *xrealloc(void *, size_t); - -/* Frees memory allocated using xmalloc or xrealloc. */ -void xfree(void *); - -/* Allocates memory using xmalloc, and copies the string into that memory. */ -char *xstrdup(const char *); +void *xmalloc(size_t); +void *xrealloc(void *, size_t); +void xfree(void *); +char *xstrdup(const char *); #endif /* XMALLOC_H */ |