diff options
Diffstat (limited to 'usr.bin/ssh')
35 files changed, 242 insertions, 242 deletions
diff --git a/usr.bin/ssh/LICENCE b/usr.bin/ssh/LICENCE index abc660e2f9c..23373fecf5b 100644 --- a/usr.bin/ssh/LICENCE +++ b/usr.bin/ssh/LICENCE @@ -45,16 +45,16 @@ OpenSSH contains no GPL code. software are publicly available on the Internet and at any major bookstore, scientific library, and patent office worldwide. More information can be found e.g. at "http://www.cs.hut.fi/crypto". - + The legal status of this program is some combination of all these permissions and restrictions. Use only at your own responsibility. You will be responsible for any legal consequences yourself; I am not making any claims whether possessing or using this is legal or not in your country, and I am not taking any responsibility on your behalf. - - - NO WARRANTY - + + + NO WARRANTY + BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES @@ -64,7 +64,7 @@ OpenSSH contains no GPL code. TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - + IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, @@ -112,15 +112,15 @@ OpenSSH contains no GPL code. with the following license: * @version 3.0 (December 2000) - * + * * Optimised ANSI C code for the Rijndael cipher (now AES) - * + * * @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be> * @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be> * @author Paulo Barreto <paulo.barreto@terra.com.br> - * + * * This code is hereby placed in the public domain. - * + * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -203,4 +203,4 @@ OpenSSH contains no GPL code. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ------ -$OpenBSD: LICENCE,v 1.17 2003/08/22 20:55:06 markus Exp $ +$OpenBSD: LICENCE,v 1.18 2003/11/21 11:57:02 djm Exp $ diff --git a/usr.bin/ssh/OVERVIEW b/usr.bin/ssh/OVERVIEW index ff03ecab21b..df46ec28a37 100644 --- a/usr.bin/ssh/OVERVIEW +++ b/usr.bin/ssh/OVERVIEW @@ -5,7 +5,7 @@ to developers.] This document is intended for those who wish to read the ssh source code. This tries to give an overview of the structure of the code. - + Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi> Updated 17 Nov 1995. Updated 19 Oct 1999 for OpenSSH-1.2 @@ -20,7 +20,7 @@ There are some subsystems/abstractions that are used by a number of these programs. Buffer manipulation routines - + - These provide an arbitrary size buffer, where data can be appended. Data can be consumed from either end. The code is used heavily throughout ssh. The basic buffer manipulation functions are in @@ -28,7 +28,7 @@ these programs. data types is in bufaux.c. Compression Library - + - Ssh uses the GNU GZIP compression library (ZLIB). Encryption/Decryption @@ -89,7 +89,7 @@ these programs. code is linked into the server. The routines also manipulate known hosts files using code in hostfile.c. Code in canohost.c is used to retrieve the canonical host name of the remote host. - Code in match.c is used to match host names. + Code in match.c is used to match host names. - In the client end, authentication code is in sshconnect.c. It reads Passwords/passphrases using code in readpass.c. It reads @@ -147,10 +147,10 @@ these programs. operations, and finally the server enters the normal session mode by calling server_loop in serverloop.c. This does the real work, calling functions in other modules. - + - The code for the server is in sshd.c. It contains a lot of stuff, including: - - server main program + - server main program - waiting for connections - processing new connection - authentication @@ -162,9 +162,9 @@ these programs. - There are several other files in the distribution that contain various auxiliary routines: - ssh.h the main header file for ssh (various definitions) - getput.h byte-order independent storage of integers - includes.h includes most system headers. Lots of #ifdefs. + ssh.h the main header file for ssh (various definitions) + getput.h byte-order independent storage of integers + includes.h includes most system headers. Lots of #ifdefs. tildexpand.c expand tilde in file names uidswap.c uid-swapping xmalloc.c "safe" malloc routines diff --git a/usr.bin/ssh/README b/usr.bin/ssh/README index c13098b318e..b9c929fc499 100644 --- a/usr.bin/ssh/README +++ b/usr.bin/ssh/README @@ -1,7 +1,7 @@ This release of OpenSSH is for OpenBSD systems only. Please read - http://www.openssh.com/portable.html + http://www.openssh.com/portable.html if you want to install OpenSSH on other operating systems. To extract and install this release on your OpenBSD system use: diff --git a/usr.bin/ssh/README.smartcard b/usr.bin/ssh/README.smartcard index 4112e12416d..faeb641cd6a 100644 --- a/usr.bin/ssh/README.smartcard +++ b/usr.bin/ssh/README.smartcard @@ -27,8 +27,8 @@ need to: sectok> login -d sectok> jload /usr/libdata/ssh/Ssh.bin sectok> setpass - Enter new AUT0 passphrase: - Re-enter passphrase: + Enter new AUT0 passphrase: + Re-enter passphrase: sectok> quit Do not forget the passphrase. There is no way to @@ -59,9 +59,9 @@ need to: $ sectok sectok> login -d - sectok> acl 0012 world: w - world: w - AUT0: w inval + sectok> acl 0012 world: w + world: w + AUT0: w inval sectok> quit If you do this, anyone who has access to your card @@ -70,4 +70,4 @@ need to: -markus, Tue Jul 17 23:54:51 CEST 2001 -$OpenBSD: README.smartcard,v 1.8 2002/03/26 18:56:23 rees Exp $ +$OpenBSD: README.smartcard,v 1.9 2003/11/21 11:57:02 djm Exp $ diff --git a/usr.bin/ssh/auth-krb5.c b/usr.bin/ssh/auth-krb5.c index 5d4afd2820f..5899c8d07c3 100644 --- a/usr.bin/ssh/auth-krb5.c +++ b/usr.bin/ssh/auth-krb5.c @@ -28,7 +28,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth-krb5.c,v 1.14 2003/11/04 08:54:09 djm Exp $"); +RCSID("$OpenBSD: auth-krb5.c,v 1.15 2003/11/21 11:57:02 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -83,7 +83,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) if (problem) goto out; - problem = krb5_cc_initialize(authctxt->krb5_ctx, ccache, + problem = krb5_cc_initialize(authctxt->krb5_ctx, ccache, authctxt->krb5_user); if (problem) goto out; @@ -98,7 +98,7 @@ auth_krb5_password(Authctxt *authctxt, const char *password) if (problem) goto out; - problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, + problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &authctxt->krb5_fwd_ccache); if (problem) goto out; diff --git a/usr.bin/ssh/auth.c b/usr.bin/ssh/auth.c index 6a62e542a67..3be5b0fa4bb 100644 --- a/usr.bin/ssh/auth.c +++ b/usr.bin/ssh/auth.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: auth.c,v 1.50 2003/09/23 20:17:11 markus Exp $"); +RCSID("$OpenBSD: auth.c,v 1.51 2003/11/21 11:57:02 djm Exp $"); #include <libgen.h> @@ -472,7 +472,7 @@ fakepw(void) memset(&fake, 0, sizeof(fake)); fake.pw_name = "NOUSER"; fake.pw_passwd = - "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; + "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK"; fake.pw_gecos = "NOUSER"; fake.pw_uid = -1; fake.pw_gid = -1; diff --git a/usr.bin/ssh/auth2-gss.c b/usr.bin/ssh/auth2-gss.c index 220862dc8f0..9249988d394 100644 --- a/usr.bin/ssh/auth2-gss.c +++ b/usr.bin/ssh/auth2-gss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-gss.c,v 1.6 2003/11/17 11:06:07 markus Exp $ */ +/* $OpenBSD: auth2-gss.c,v 1.7 2003/11/21 11:57:03 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -82,11 +82,11 @@ userauth_gssapi(Authctxt *authctxt) present = 0; doid = packet_get_string(&len); - if (len > 2 && + if (len > 2 && doid[0] == SSH_GSS_OIDTYPE && doid[1] == len - 2) { - oid.elements = doid + 2; - oid.length = len - 2; + oid.elements = doid + 2; + oid.length = len - 2; gss_test_oid_set_member(&ms, &oid, supported, &present); } else { @@ -255,21 +255,21 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt) Buffer b; gss_buffer_desc mic, gssbuf; u_int len; - + if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep)) fatal("No authentication or GSSAPI context"); - + gssctxt = authctxt->methoddata; - + mic.value = packet_get_string(&len); mic.length = len; - + ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service, "gssapi-with-mic"); - + gssbuf.value = buffer_ptr(&b); gssbuf.length = buffer_len(&b); - + if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); else @@ -277,7 +277,7 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt) buffer_free(&b); xfree(mic.value); - + authctxt->postponed = 0; dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK, NULL); diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c index 5fdf1ca3da9..42ca08256d2 100644 --- a/usr.bin/ssh/authfd.c +++ b/usr.bin/ssh/authfd.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.62 2003/09/18 13:02:21 miod Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.63 2003/11/21 11:57:03 djm Exp $"); #include <openssl/evp.h> @@ -590,7 +590,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) } int -ssh_update_card(AuthenticationConnection *auth, int add, +ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id, const char *pin, u_int life, u_int confirm) { Buffer msg; @@ -607,7 +607,7 @@ ssh_update_card(AuthenticationConnection *auth, int add, buffer_put_char(&msg, type); buffer_put_cstring(&msg, reader_id); buffer_put_cstring(&msg, pin); - + if (constrained) { if (life != 0) { buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); diff --git a/usr.bin/ssh/authfd.h b/usr.bin/ssh/authfd.h index 74b825c51d1..0a6a4e3ecde 100644 --- a/usr.bin/ssh/authfd.h +++ b/usr.bin/ssh/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.33 2003/06/11 11:18:38 djm Exp $ */ +/* $OpenBSD: authfd.h,v 1.34 2003/11/21 11:57:03 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -83,7 +83,7 @@ int ssh_add_identity_constrained(AuthenticationConnection *, Key *, int ssh_remove_identity(AuthenticationConnection *, Key *); int ssh_remove_all_identities(AuthenticationConnection *, int); int ssh_lock_agent(AuthenticationConnection *, int, const char *); -int ssh_update_card(AuthenticationConnection *, int, const char *, +int ssh_update_card(AuthenticationConnection *, int, const char *, const char *, u_int, u_int); int diff --git a/usr.bin/ssh/buffer.c b/usr.bin/ssh/buffer.c index 69d5b57c00d..9217cb2695c 100644 --- a/usr.bin/ssh/buffer.c +++ b/usr.bin/ssh/buffer.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: buffer.c,v 1.20 2003/09/19 09:03:00 markus Exp $"); +RCSID("$OpenBSD: buffer.c,v 1.21 2003/11/21 11:57:03 djm Exp $"); #include "xmalloc.h" #include "buffer.h" @@ -105,7 +105,7 @@ restart: goto restart; } /* Increase the size of the buffer and retry. */ - + newlen = buffer->alloc + len + 32768; if (newlen > 0xa00000) fatal("buffer_append_space: alloc %u not supported", diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index cc75b4853f4..24c4dc4ffe1 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: channels.c,v 1.197 2003/09/23 20:41:11 markus Exp $"); +RCSID("$OpenBSD: channels.c,v 1.198 2003/11/21 11:57:03 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -969,7 +969,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) have = buffer_len(&c->input); if (!(c->flags & SSH_SOCKS5_AUTHDONE)) { /* format: ver | nmethods | methods */ - if (have < 2) + if (have < 2) return 0; nmethods = p[1]; if (have < nmethods + 2) @@ -1034,7 +1034,7 @@ channel_decode_socks5(Channel *c, fd_set * readset, fd_set * writeset) else if (inet_ntop(af, dest_addr, c->path, sizeof(c->path)) == NULL) return -1; c->host_port = ntohs(dest_port); - + debug2("channel %d: dynamic request: socks5 host %s port %u command %u", c->self, c->path, c->host_port, s5_req.command); diff --git a/usr.bin/ssh/cipher-ctr.c b/usr.bin/ssh/cipher-ctr.c index a2bab5c1441..4af4392fca3 100644 --- a/usr.bin/ssh/cipher-ctr.c +++ b/usr.bin/ssh/cipher-ctr.c @@ -14,7 +14,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ #include "includes.h" -RCSID("$OpenBSD: cipher-ctr.c,v 1.2 2003/06/17 18:14:23 markus Exp $"); +RCSID("$OpenBSD: cipher-ctr.c,v 1.3 2003/11/21 11:57:03 djm Exp $"); #include <openssl/evp.h> @@ -90,7 +90,7 @@ ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, EVP_CIPHER_CTX_set_app_data(ctx, c); } if (key != NULL) - AES_set_encrypt_key(key, ctx->key_len * 8, &c->aes_ctx); + AES_set_encrypt_key(key, ctx->key_len * 8, &c->aes_ctx); if (iv != NULL) memcpy(c->aes_counter, iv, AES_BLOCK_SIZE); return (1); diff --git a/usr.bin/ssh/dns.c b/usr.bin/ssh/dns.c index 2342b660945..ad634f1f75a 100644 --- a/usr.bin/ssh/dns.c +++ b/usr.bin/ssh/dns.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dns.c,v 1.8 2003/11/12 16:39:58 jakob Exp $ */ +/* $OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $ */ /* * Copyright (c) 2003 Wesley Griffin. All rights reserved. @@ -43,7 +43,7 @@ #include "uuencode.h" extern char *__progname; -RCSID("$OpenBSD: dns.c,v 1.8 2003/11/12 16:39:58 jakob Exp $"); +RCSID("$OpenBSD: dns.c,v 1.9 2003/11/21 11:57:03 djm Exp $"); #ifndef LWRES static const char *errset_text[] = { @@ -145,7 +145,7 @@ dns_read_rdata(u_int8_t *algorithm, u_int8_t *digest_type, /* * Verify the given hostname, address and host key using DNS. - * Returns 0 if lookup succeeds, -1 otherwise + * Returns 0 if lookup succeeds, -1 otherwise */ int verify_host_key_dns(const char *hostname, struct sockaddr *address, diff --git a/usr.bin/ssh/gss-genr.c b/usr.bin/ssh/gss-genr.c index 6b7caad0e7b..3f5727b3ed2 100644 --- a/usr.bin/ssh/gss-genr.c +++ b/usr.bin/ssh/gss-genr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-genr.c,v 1.2 2003/11/17 11:06:07 markus Exp $ */ +/* $OpenBSD: gss-genr.c,v 1.3 2003/11/21 11:57:03 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -253,14 +253,14 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); - + return (ctx->major); } void -ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, - const char *context) -{ +ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, + const char *context) +{ buffer_init(b); buffer_put_string(b, session_id2, session_id2_len); buffer_put_char(b, SSH2_MSG_USERAUTH_REQUEST); diff --git a/usr.bin/ssh/gss-serv-krb5.c b/usr.bin/ssh/gss-serv-krb5.c index d868722589a..e6e2a80ffb9 100644 --- a/usr.bin/ssh/gss-serv-krb5.c +++ b/usr.bin/ssh/gss-serv-krb5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gss-serv-krb5.c,v 1.1 2003/08/22 10:56:09 markus Exp $ */ +/* $OpenBSD: gss-serv-krb5.c,v 1.2 2003/11/21 11:57:03 djm Exp $ */ /* * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. @@ -44,7 +44,7 @@ static krb5_context krb_context = NULL; /* Initialise the krb5 library, for the stuff that GSSAPI won't do */ -static int +static int ssh_gssapi_krb5_init() { krb5_error_code problem; @@ -119,7 +119,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; } - if ((problem = krb5_parse_name(krb_context, + if ((problem = krb5_parse_name(krb_context, client->exportedname.value, &princ))) { logit("krb5_parse_name(): %.100s", krb5_get_err_text(krb_context, problem)); @@ -137,7 +137,7 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_free_principal(krb_context, princ); - if ((maj_status = gss_krb5_copy_ccache(&min_status, + if ((maj_status = gss_krb5_copy_ccache(&min_status, client->creds, ccache))) { logit("gss_krb5_copy_ccache() failed"); krb5_cc_destroy(krb_context, ccache); diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c index b070ccf42eb..5a952c9c22d 100644 --- a/usr.bin/ssh/kex.c +++ b/usr.bin/ssh/kex.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: kex.c,v 1.55 2003/04/01 10:31:26 markus Exp $"); +RCSID("$OpenBSD: kex.c,v 1.56 2003/11/21 11:57:03 djm Exp $"); #include <openssl/crypto.h> @@ -310,7 +310,7 @@ choose_hostkeyalg(Kex *k, char *client, char *server) xfree(hostkeyalg); } -static int +static int proposals_match(char *my[PROPOSAL_MAX], char *peer[PROPOSAL_MAX]) { static int check[] = { @@ -392,7 +392,7 @@ kex_choose_conf(Kex *kex) kex->we_need = need; /* ignore the next message if the proposals do not match */ - if (first_kex_follows && !proposals_match(my, peer) && + if (first_kex_follows && !proposals_match(my, peer) && !(datafellows & SSH_BUG_FIRSTKEX)) { type = packet_read(); debug2("skipping next packet (type %u)", type); diff --git a/usr.bin/ssh/lib/Makefile b/usr.bin/ssh/lib/Makefile index 9204fe14289..de7d279819e 100644 --- a/usr.bin/ssh/lib/Makefile +++ b/usr.bin/ssh/lib/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.45 2003/09/23 20:17:11 markus Exp $ +# $OpenBSD: Makefile,v 1.46 2003/11/21 11:57:03 djm Exp $ .PATH: ${.CURDIR}/.. @@ -24,8 +24,8 @@ install: .if (${KERBEROS5:L} == "yes") CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV -SRCS+= gss-genr.c -CFLAGS+= -DGSSAPI +SRCS+= gss-genr.c +CFLAGS+= -DGSSAPI .endif # KERBEROS5 .include <bsd.lib.mk> diff --git a/usr.bin/ssh/moduli.c b/usr.bin/ssh/moduli.c index eb2c0fd18e8..eb8cb78e910 100644 --- a/usr.bin/ssh/moduli.c +++ b/usr.bin/ssh/moduli.c @@ -1,4 +1,4 @@ -/* $OpenBSD: moduli.c,v 1.1 2003/07/28 09:49:56 djm Exp $ */ +/* $OpenBSD: moduli.c,v 1.2 2003/11/21 11:57:03 djm Exp $ */ /* * Copyright 1994 Phil Karn <karn@qualcomm.com> * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> @@ -46,7 +46,7 @@ /* - * Debugging defines + * Debugging defines */ /* define DEBUG_LARGE 1 */ @@ -151,7 +151,7 @@ qfileout(FILE * ofile, u_int32_t otype, u_int32_t otests, u_int32_t otries, time(&time_now); gtm = gmtime(&time_now); - + res = fprintf(ofile, "%04d%02d%02d%02d%02d%02d %u %u %u %u %x ", gtm->tm_year + 1900, gtm->tm_mon + 1, gtm->tm_mday, gtm->tm_hour, gtm->tm_min, gtm->tm_sec, @@ -244,9 +244,9 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) largememory = memory; /* - * Set power to the length in bits of the prime to be generated. - * This is changed to 1 less than the desired safe prime moduli p. - */ + * Set power to the length in bits of the prime to be generated. + * This is changed to 1 less than the desired safe prime moduli p. + */ if (power > TEST_MAXIMUM) { error("Too many bits: %u > %lu", power, TEST_MAXIMUM); return (-1); @@ -257,16 +257,16 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) power--; /* decrement before squaring */ /* - * The density of ordinary primes is on the order of 1/bits, so the - * density of safe primes should be about (1/bits)**2. Set test range - * to something well above bits**2 to be reasonably sure (but not - * guaranteed) of catching at least one safe prime. + * The density of ordinary primes is on the order of 1/bits, so the + * density of safe primes should be about (1/bits)**2. Set test range + * to something well above bits**2 to be reasonably sure (but not + * guaranteed) of catching at least one safe prime. */ largewords = ((power * power) >> (SHIFT_WORD - TEST_POWER)); /* - * Need idea of how much memory is available. We don't have to use all - * of it. + * Need idea of how much memory is available. We don't have to use all + * of it. */ if (largememory > LARGE_MAXIMUM) { logit("Limited memory: %u MB; limit %lu MB", @@ -315,8 +315,8 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) q = BN_new(); /* - * Generate random starting point for subprime search, or use - * specified parameter. + * Generate random starting point for subprime search, or use + * specified parameter. */ largebase = BN_new(); if (start == NULL) @@ -329,13 +329,13 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) time(&time_start); - logit("%.24s Sieve next %u plus %u-bit", ctime(&time_start), + logit("%.24s Sieve next %u plus %u-bit", ctime(&time_start), largenumbers, power); debug2("start point: 0x%s", BN_bn2hex(largebase)); /* - * TinySieve - */ + * TinySieve + */ for (i = 0; i < tinybits; i++) { if (BIT_TEST(TinySieve, i)) continue; /* 2*i+3 is composite */ @@ -351,9 +351,9 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) } /* - * Start the small block search at the next possible prime. To avoid - * fencepost errors, the last pass is skipped. - */ + * Start the small block search at the next possible prime. To avoid + * fencepost errors, the last pass is skipped. + */ for (smallbase = TINY_NUMBER + 3; smallbase < (SMALL_MAXIMUM - TINY_NUMBER); smallbase += TINY_NUMBER) { @@ -386,8 +386,8 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) } /* - * SmallSieve - */ + * SmallSieve + */ for (i = 0; i < smallbits; i++) { if (BIT_TEST(SmallSieve, i)) continue; /* 2*i+smallbase is composite */ @@ -438,7 +438,7 @@ gen_candidates(FILE *out, int memory, int power, BIGNUM *start) * The result is a list of so-call "safe" primes */ int -prime_test(FILE *in, FILE *out, u_int32_t trials, +prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted) { BIGNUM *q, *p, *a; @@ -562,10 +562,10 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, count_possible++; /* - * The (1/4)^N performance bound on Miller-Rabin is - * extremely pessimistic, so don't spend a lot of time - * really verifying that q is prime until after we know - * that p is also prime. A single pass will weed out the + * The (1/4)^N performance bound on Miller-Rabin is + * extremely pessimistic, so don't spend a lot of time + * really verifying that q is prime until after we know + * that p is also prime. A single pass will weed out the * vast majority of composite q's. */ if (BN_is_prime(q, 1, NULL, ctx, NULL) <= 0) { @@ -573,11 +573,11 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, count_in); continue; } - + /* - * q is possibly prime, so go ahead and really make sure - * that p is prime. If it is, then we can go back and do - * the same for q. If p is composite, chances are that + * q is possibly prime, so go ahead and really make sure + * that p is prime. If it is, then we can go back and do + * the same for q. If p is composite, chances are that * will show up on the first Rabin-Miller iteration so it * doesn't hurt to specify a high iteration count. */ @@ -594,7 +594,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, } debug("%10u: q is almost certainly prime", count_in); - if (qfileout(out, QTYPE_SAFE, (in_tests | QTEST_MILLER_RABIN), + if (qfileout(out, QTYPE_SAFE, (in_tests | QTEST_MILLER_RABIN), in_tries, in_size, generator_known, p)) { res = -1; break; @@ -610,7 +610,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, BN_CTX_free(ctx); logit("%.24s Found %u safe primes of %u candidates in %ld seconds", - ctime(&time_stop), count_out, count_possible, + ctime(&time_stop), count_out, count_possible, (long) (time_stop - time_start)); return (res); diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c index dd45aefc7e8..186524490ee 100644 --- a/usr.bin/ssh/monitor.c +++ b/usr.bin/ssh/monitor.c @@ -25,7 +25,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: monitor.c,v 1.53 2003/11/18 10:53:07 djm Exp $"); +RCSID("$OpenBSD: monitor.c,v 1.54 2003/11/21 11:57:03 djm Exp $"); #include <openssl/dh.h> @@ -1615,25 +1615,25 @@ mm_answer_gss_checkmic(int socket, Buffer *m) gss_buffer_desc gssbuf, mic; OM_uint32 ret; u_int len; - + gssbuf.value = buffer_get_string(m, &len); gssbuf.length = len; mic.value = buffer_get_string(m, &len); mic.length = len; - + ret = ssh_gssapi_checkmic(gsscontext, &gssbuf, &mic); - + xfree(gssbuf.value); xfree(mic.value); - + buffer_clear(m); buffer_put_int(m, ret); - + mm_request_send(socket, MONITOR_ANS_GSSCHECKMIC, m); - + if (!GSS_ERROR(ret)) monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); - + return (0); } diff --git a/usr.bin/ssh/nchan.ms b/usr.bin/ssh/nchan.ms index 2d080228c75..57576017b36 100644 --- a/usr.bin/ssh/nchan.ms +++ b/usr.bin/ssh/nchan.ms @@ -1,8 +1,8 @@ -.\" $OpenBSD: nchan.ms,v 1.7 2001/01/29 01:58:17 niklas Exp $ +.\" $OpenBSD: nchan.ms,v 1.8 2003/11/21 11:57:03 djm Exp $ +.\" .\" -.\" .\" Copyright (c) 1999 Markus Friedl. All rights reserved. -.\" +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -11,7 +11,7 @@ .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. -.\" +.\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. diff --git a/usr.bin/ssh/nchan2.ms b/usr.bin/ssh/nchan2.ms index 1cc51fa12b3..a7a67b12701 100644 --- a/usr.bin/ssh/nchan2.ms +++ b/usr.bin/ssh/nchan2.ms @@ -1,7 +1,7 @@ -.\" $OpenBSD: nchan2.ms,v 1.2 2001/10/03 10:05:57 markus Exp $ -.\" +.\" $OpenBSD: nchan2.ms,v 1.3 2003/11/21 11:57:03 djm Exp $ +.\" .\" Copyright (c) 2000 Markus Friedl. All rights reserved. -.\" +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -10,7 +10,7 @@ .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. -.\" +.\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h index 8aab2e6066f..6501323461b 100644 --- a/usr.bin/ssh/readconf.h +++ b/usr.bin/ssh/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.56 2003/10/11 08:24:08 markus Exp $ */ +/* $OpenBSD: readconf.h,v 1.57 2003/11/21 11:57:03 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -61,7 +61,7 @@ typedef struct { int connection_attempts; /* Max attempts (seconds) before * giving up */ int connection_timeout; /* Max time (seconds) before - * aborting connection attempt */ + * aborting connection attempt */ int number_of_password_prompts; /* Max number of password * prompts. */ int cipher; /* Cipher to use. */ diff --git a/usr.bin/ssh/rijndael.c b/usr.bin/ssh/rijndael.c index 6e310075d18..ed90bc2a1ac 100644 --- a/usr.bin/ssh/rijndael.c +++ b/usr.bin/ssh/rijndael.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rijndael.c,v 1.14 2002/07/10 17:53:54 deraadt Exp $ */ +/* $OpenBSD: rijndael.c,v 1.15 2003/11/21 11:57:03 djm Exp $ */ /** * rijndael-alg-fst.c @@ -723,7 +723,7 @@ static const u32 rcon[] = { * @return the number of rounds for the given cipher key size. */ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int keyBits) { - int i = 0; + int i = 0; u32 temp; rk[0] = GETU32(cipherKey ); @@ -795,7 +795,7 @@ static int rijndaelKeySetupEnc(u32 rk[/*4*(Nr + 1)*/], const u8 cipherKey[], int (Te4[(temp ) & 0xff] & 0x000000ff); rk[13] = rk[ 5] ^ rk[12]; rk[14] = rk[ 6] ^ rk[13]; - rk[15] = rk[ 7] ^ rk[14]; + rk[15] = rk[ 7] ^ rk[14]; rk += 8; } } @@ -869,50 +869,50 @@ static void rijndaelEncrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 pt[16 s3 = GETU32(pt + 12) ^ rk[3]; #ifdef FULL_UNROLL /* round 1: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; - /* round 2: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[ 4]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[ 5]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[ 6]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[ 7]; + /* round 2: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[ 8]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[ 9]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[10]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[11]; /* round 3: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; - /* round 4: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[12]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[13]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[14]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[15]; + /* round 4: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[16]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[17]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[18]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[19]; /* round 5: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; - /* round 6: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[20]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[21]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[22]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[23]; + /* round 6: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[24]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[25]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[26]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[27]; /* round 7: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; - /* round 8: */ - s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; - s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; - s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; - s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[28]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[29]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[30]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[31]; + /* round 8: */ + s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[32]; + s1 = Te0[t1 >> 24] ^ Te1[(t2 >> 16) & 0xff] ^ Te2[(t3 >> 8) & 0xff] ^ Te3[t0 & 0xff] ^ rk[33]; + s2 = Te0[t2 >> 24] ^ Te1[(t3 >> 16) & 0xff] ^ Te2[(t0 >> 8) & 0xff] ^ Te3[t1 & 0xff] ^ rk[34]; + s3 = Te0[t3 >> 24] ^ Te1[(t0 >> 16) & 0xff] ^ Te2[(t1 >> 8) & 0xff] ^ Te3[t2 & 0xff] ^ rk[35]; /* round 9: */ - t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; - t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; - t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; - t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; + t0 = Te0[s0 >> 24] ^ Te1[(s1 >> 16) & 0xff] ^ Te2[(s2 >> 8) & 0xff] ^ Te3[s3 & 0xff] ^ rk[36]; + t1 = Te0[s1 >> 24] ^ Te1[(s2 >> 16) & 0xff] ^ Te2[(s3 >> 8) & 0xff] ^ Te3[s0 & 0xff] ^ rk[37]; + t2 = Te0[s2 >> 24] ^ Te1[(s3 >> 16) & 0xff] ^ Te2[(s0 >> 8) & 0xff] ^ Te3[s1 & 0xff] ^ rk[38]; + t3 = Te0[s3 >> 24] ^ Te1[(s0 >> 16) & 0xff] ^ Te2[(s1 >> 8) & 0xff] ^ Te3[s2 & 0xff] ^ rk[39]; if (Nr > 10) { /* round 10: */ s0 = Te0[t0 >> 24] ^ Te1[(t1 >> 16) & 0xff] ^ Te2[(t2 >> 8) & 0xff] ^ Te3[t3 & 0xff] ^ rk[40]; @@ -1185,33 +1185,33 @@ static void rijndaelDecrypt(const u32 rk[/*4*(Nr + 1)*/], int Nr, const u8 ct[16 * apply last round and * map cipher state to byte array block: */ - s0 = - (Td4[(t0 >> 24) ] & 0xff000000) ^ - (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t1 ) & 0xff] & 0x000000ff) ^ - rk[0]; + s0 = + (Td4[(t0 >> 24) ] & 0xff000000) ^ + (Td4[(t3 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t2 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t1 ) & 0xff] & 0x000000ff) ^ + rk[0]; PUTU32(pt , s0); - s1 = - (Td4[(t1 >> 24) ] & 0xff000000) ^ - (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t2 ) & 0xff] & 0x000000ff) ^ - rk[1]; + s1 = + (Td4[(t1 >> 24) ] & 0xff000000) ^ + (Td4[(t0 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t3 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t2 ) & 0xff] & 0x000000ff) ^ + rk[1]; PUTU32(pt + 4, s1); - s2 = - (Td4[(t2 >> 24) ] & 0xff000000) ^ - (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t3 ) & 0xff] & 0x000000ff) ^ - rk[2]; + s2 = + (Td4[(t2 >> 24) ] & 0xff000000) ^ + (Td4[(t1 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t0 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t3 ) & 0xff] & 0x000000ff) ^ + rk[2]; PUTU32(pt + 8, s2); - s3 = - (Td4[(t3 >> 24) ] & 0xff000000) ^ - (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ - (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ - (Td4[(t0 ) & 0xff] & 0x000000ff) ^ - rk[3]; + s3 = + (Td4[(t3 >> 24) ] & 0xff000000) ^ + (Td4[(t2 >> 16) & 0xff] & 0x00ff0000) ^ + (Td4[(t1 >> 8) & 0xff] & 0x0000ff00) ^ + (Td4[(t0 ) & 0xff] & 0x000000ff) ^ + rk[3]; PUTU32(pt + 12, s3); } diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c index 4cc79339845..bf8f543b064 100644 --- a/usr.bin/ssh/scp.c +++ b/usr.bin/ssh/scp.c @@ -71,7 +71,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.111 2003/11/12 10:12:15 dtucker Exp $"); +RCSID("$OpenBSD: scp.c,v 1.112 2003/11/21 11:57:03 djm Exp $"); #include "xmalloc.h" #include "atomicio.h" @@ -898,7 +898,7 @@ bad: run_err("%s: %s", np, strerror(errno)); cp += j; statbytes += j; } while (amt > 0); - + if (limit) bwlimit(4096); diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c index ae48b1d237f..2a56a3dffa5 100644 --- a/usr.bin/ssh/session.c +++ b/usr.bin/ssh/session.c @@ -33,7 +33,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: session.c,v 1.167 2003/11/04 08:54:09 djm Exp $"); +RCSID("$OpenBSD: session.c,v 1.168 2003/11/21 11:57:03 djm Exp $"); #include "ssh.h" #include "ssh1.h" @@ -781,7 +781,7 @@ do_setup_env(Session *s, const char *shell) env[0] = NULL; #ifdef GSSAPI - /* Allow any GSSAPI methods that we've used to alter + /* Allow any GSSAPI methods that we've used to alter * the childs environment as they see fit */ ssh_gssapi_do_child(&env, &envsize); diff --git a/usr.bin/ssh/sftp-client.c b/usr.bin/ssh/sftp-client.c index b32bf9c90da..932658ea9bd 100644 --- a/usr.bin/ssh/sftp-client.c +++ b/usr.bin/ssh/sftp-client.c @@ -28,7 +28,7 @@ /* XXX: copy between two remote sites */ #include "includes.h" -RCSID("$OpenBSD: sftp-client.c,v 1.44 2003/06/28 16:23:06 deraadt Exp $"); +RCSID("$OpenBSD: sftp-client.c,v 1.45 2003/11/21 11:57:03 djm Exp $"); #include <sys/queue.h> @@ -798,7 +798,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path, return(-1); } - local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, + local_fd = open(local_path, O_WRONLY | O_CREAT | O_TRUNC, mode | S_IWRITE); if (local_fd == -1) { error("Couldn't open local file \"%s\" for writing: %s", diff --git a/usr.bin/ssh/sftp-int.c b/usr.bin/ssh/sftp-int.c index ab037ab8489..749b0661d81 100644 --- a/usr.bin/ssh/sftp-int.c +++ b/usr.bin/ssh/sftp-int.c @@ -25,7 +25,7 @@ /* XXX: recursive operations */ #include "includes.h" -RCSID("$OpenBSD: sftp-int.c,v 1.64 2003/11/08 19:17:29 jmc Exp $"); +RCSID("$OpenBSD: sftp-int.c,v 1.65 2003/11/21 11:57:03 djm Exp $"); #include <glob.h> @@ -362,7 +362,7 @@ get_pathname(const char **cpp, char **path) } if (cp[i] == '\\') { /* Escaped characters */ i++; - if (cp[i] != '\'' && cp[i] != '\"' && + if (cp[i] != '\'' && cp[i] != '\"' && cp[i] != '\\') { error("Bad escaped character '\%c'", cp[i]); @@ -390,8 +390,8 @@ get_pathname(const char **cpp, char **path) return (0); fail: - xfree(*path); - *path = NULL; + xfree(*path); + *path = NULL; return (-1); } @@ -531,7 +531,7 @@ process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag) for (i = 0; g.gl_pathv[i]; i++) { if (!is_reg(g.gl_pathv[i])) { - error("skipping non-regular file %s", + error("skipping non-regular file %s", g.gl_pathv[i]); continue; } @@ -599,7 +599,7 @@ do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag) for (n = 0; d[n] != NULL; n++) m = MAX(m, strlen(d[n]->filename)); - if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) + if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) width = ws.ws_col; columns = width / (m + 2); @@ -669,7 +669,7 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, strncmp(path, g.gl_pathv[0], strlen(g.gl_pathv[0]) - 1) == 0) { if ((a = do_lstat(conn, path, 1)) == NULL) { globfree(&g); - return (-1); + return (-1); } if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) && S_ISDIR(a->perm)) { @@ -680,10 +680,10 @@ do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path, if (!(lflag & SHORT_VIEW)) { int m = 0, width = 80; - struct winsize ws; + struct winsize ws; /* Count entries for sort and find longest filename */ - for (i = 0; g.gl_pathv[i]; i++) + for (i = 0; g.gl_pathv[i]; i++) m = MAX(m, strlen(g.gl_pathv[i])); if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1) @@ -760,7 +760,7 @@ parse_args(const char **cpp, int *pflag, int *lflag, int *iflag, *iflag = 1; cp++; } - + /* Figure out which command we have */ for (i = 0; cmds[i].c; i++) { int cmdlen = strlen(cmds[i].c); diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index cd3ef906e58..e76fa985fee 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-add.c,v 1.68 2003/06/16 10:22:45 markus Exp $"); +RCSID("$OpenBSD: ssh-add.c,v 1.69 2003/11/21 11:57:03 djm Exp $"); #include <openssl/evp.h> @@ -163,14 +163,14 @@ add_file(AuthenticationConnection *ac, const char *filename) } } - if (ssh_add_identity_constrained(ac, private, comment, lifetime, - confirm)) { + if (ssh_add_identity_constrained(ac, private, comment, lifetime, + confirm)) { fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); ret = 0; if (lifetime != 0) fprintf(stderr, "Lifetime set to %d seconds\n", lifetime); - if (confirm != 0) + if (confirm != 0) fprintf(stderr, "The user has to confirm each use of the key\n"); } else if (ssh_add_identity(ac, private, comment)) { diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 29ddf199117..01cc31fd943 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include <sys/queue.h> -RCSID("$OpenBSD: ssh-agent.c,v 1.115 2003/10/14 19:54:39 markus Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.116 2003/11/21 11:57:03 djm Exp $"); #include <openssl/evp.h> #include <openssl/md5.h> @@ -175,7 +175,7 @@ confirm_key(Identity *id) p = read_passphrase(prompt, RP_ALLOW_EOF); if (p != NULL) { /* - * Accept empty responses and responses consisting + * Accept empty responses and responses consisting * of the word "yes" as affirmative. */ if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index 46874e9ba05..3c3ade59339 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-keygen.c,v 1.110 2003/10/14 19:42:10 jakob Exp $"); +RCSID("$OpenBSD: ssh-keygen.c,v 1.111 2003/11/21 11:57:03 djm Exp $"); #include <openssl/evp.h> #include <openssl/pem.h> @@ -893,13 +893,13 @@ main(int ac, char **av) case 'a': trials = atoi(optarg); if (trials < TRIAL_MINIMUM) { - fatal("Minimum primality trials is %d", + fatal("Minimum primality trials is %d", TRIAL_MINIMUM); } break; case 'M': memory = atoi(optarg); - if (memory != 0 && + if (memory != 0 && (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) { fatal("Invalid memory amount (min %ld, max %ld)", LARGE_MINIMUM, LARGE_MAXIMUM); @@ -959,7 +959,7 @@ main(int ac, char **av) if (do_gen_candidates) { FILE *out = fopen(out_file, "w"); - + if (out == NULL) { error("Couldn't open modulus candidate file \"%s\": %s", out_file, strerror(errno)); @@ -978,7 +978,7 @@ main(int ac, char **av) if (have_identity && strcmp(identity_file, "-") != 0) { if ((in = fopen(identity_file, "r")) == NULL) { fatal("Couldn't open modulus candidate " - "file \"%s\": %s", identity_file, + "file \"%s\": %s", identity_file, strerror(errno)); } } else diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 29729c60b69..e3f5e4cee19 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -40,7 +40,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.202 2003/10/11 08:24:08 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.203 2003/11/21 11:57:03 djm Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -594,7 +594,7 @@ again: options.proxy_command = NULL; /* Open a connection to the remote host. */ - if (ssh_connect(host, &hostaddr, options.port, + if (ssh_connect(host, &hostaddr, options.port, options.address_family, options.connection_attempts, original_effective_uid == 0 && options.use_privileged_port, options.proxy_command) != 0) @@ -702,7 +702,7 @@ again: packet_close(); /* - * Send SIGHUP to proxy command if used. We don't wait() in + * Send SIGHUP to proxy command if used. We don't wait() in * case it hangs and instead rely on init to reap the child */ if (proxy_command_pid > 1) diff --git a/usr.bin/ssh/ssh/Makefile b/usr.bin/ssh/ssh/Makefile index f5325f56365..ef560aca7af 100644 --- a/usr.bin/ssh/ssh/Makefile +++ b/usr.bin/ssh/ssh/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.50 2003/08/28 07:49:13 markus Exp $ +# $OpenBSD: Makefile,v 1.51 2003/11/21 11:57:03 djm Exp $ .PATH: ${.CURDIR}/.. @@ -18,7 +18,7 @@ SRCS= ssh.c readconf.c clientloop.c sshtty.c \ .include <bsd.own.mk> # for AFS .if (${KERBEROS5:L} == "yes") -CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV -DGSSAPI +CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV -DGSSAPI .endif # KERBEROS5 .include <bsd.prog.mk> diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index fd6a9b2aba4..6d3ae7336f9 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -13,7 +13,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect.c,v 1.153 2003/11/12 16:39:58 jakob Exp $"); +RCSID("$OpenBSD: sshconnect.c,v 1.154 2003/11/21 11:57:03 djm Exp $"); #include <openssl/bn.h> @@ -70,7 +70,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) * Build the final command string in the buffer by making the * appropriate substitutions to the given proxy command. * - * Use "exec" to avoid "sh -c" processes on some platforms + * Use "exec" to avoid "sh -c" processes on some platforms * (e.g. Solaris) */ buffer_init(&command); @@ -257,15 +257,15 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, break; case -1: /* Select error */ - debug("select: %s", strerror(errno)); + debug("select: %s", strerror(errno)); break; case 1: /* Completed or failed */ optval = 0; optlen = sizeof(optval); - if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, + if (getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &optval, &optlen) == -1) { - debug("getsockopt: %s", strerror(errno)); + debug("getsockopt: %s", strerror(errno)); break; } if (optval != 0) { diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index ca7859160a6..04c67c202bc 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -23,7 +23,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: sshconnect2.c,v 1.132 2003/11/17 11:06:07 markus Exp $"); +RCSID("$OpenBSD: sshconnect2.c,v 1.133 2003/11/21 11:57:03 djm Exp $"); #include "ssh.h" #include "ssh2.h" @@ -474,7 +474,7 @@ done: } #ifdef GSSAPI -int +int userauth_gssapi(Authctxt *authctxt) { Gssctxt *gssctxt = NULL; @@ -544,7 +544,7 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok) gss_buffer_desc gssbuf, mic; OM_uint32 status, ms, flags; Buffer b; - + status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds, recv_tok, &send_tok, &flags); @@ -553,12 +553,12 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok) packet_start(SSH2_MSG_USERAUTH_GSSAPI_ERRTOK); else packet_start(SSH2_MSG_USERAUTH_GSSAPI_TOKEN); - + packet_put_string(send_tok.value, send_tok.length); packet_send(); gss_release_buffer(&ms, &send_tok); } - + if (status == GSS_S_COMPLETE) { /* send either complete or MIC, depending on mechanism */ if (!(flags & GSS_C_INTEG_FLAG)) { @@ -570,21 +570,21 @@ process_gssapi_token(void *ctxt, gss_buffer_t recv_tok) gssbuf.value = buffer_ptr(&b); gssbuf.length = buffer_len(&b); - + status = ssh_gssapi_sign(gssctxt, &gssbuf, &mic); - + if (!GSS_ERROR(status)) { packet_start(SSH2_MSG_USERAUTH_GSSAPI_MIC); packet_put_string(mic.value, mic.length); - + packet_send(); } - + buffer_free(&b); gss_release_buffer(&ms, &mic); - } + } } - + return status; } @@ -1031,7 +1031,7 @@ pubkey_prepare(Authctxt *authctxt) key = ssh_get_next_identity(ac, &comment, 2)) { found = 0; TAILQ_FOREACH(id, &files, next) { - /* agent keys from the config file are preferred */ + /* agent keys from the config file are preferred */ if (key_equal(key, id->key)) { key_free(key); xfree(comment); diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index f4fd2aa4be1..2128c06d215 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.25 2003/09/01 09:50:04 markus Exp $ +.\" $OpenBSD: sshd_config.5,v 1.26 2003/11/21 11:57:03 djm Exp $ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 .Os @@ -227,7 +227,7 @@ The default is .Dq no . .It Cm GSSAPIAuthentication Specifies whether user authentication based on GSSAPI is allowed. -The default is +The default is .Dq no . Note that this option applies to protocol version 2 only. .It Cm GSSAPICleanupCredentials |