diff options
Diffstat (limited to 'usr.bin/ssh')
66 files changed, 1735 insertions, 1671 deletions
diff --git a/usr.bin/ssh/auth-krb4.c b/usr.bin/ssh/auth-krb4.c index 9d767c6b384..9f99533b19b 100644 --- a/usr.bin/ssh/auth-krb4.c +++ b/usr.bin/ssh/auth-krb4.c @@ -1,13 +1,7 @@ /* - - auth-kerberos.c - - Dug Song <dugsong@UMICH.EDU> - - Kerberos v4 authentication and ticket-passing routines. - - $Id: auth-krb4.c,v 1.9 1999/11/23 22:25:52 markus Exp $ -*/ + * Dug Song <dugsong@UMICH.EDU> + * Kerberos v4 authentication and ticket-passing routines. + */ #include "includes.h" #include "packet.h" @@ -107,7 +101,7 @@ auth_krb4(const char *server_user, KTEXT auth, char **client) *client = xmalloc(MAX_K_NAME_SZ); (void) snprintf(*client, MAX_K_NAME_SZ, "%s%s%s@%s", adat.pname, - *adat.pinst ? "." : "", adat.pinst, adat.prealm); + *adat.pinst ? "." : "", adat.pinst, adat.prealm); /* Check ~/.klogin authorization now. */ if (kuserok(&adat, (char *) server_user) != KSUCCESS) { @@ -125,7 +119,7 @@ auth_krb4(const char *server_user, KTEXT auth, char **client) /* If we can't successfully encrypt the checksum, we send back an empty message, admitting our failure. */ if ((r = krb_mk_priv((u_char *) & cksum, reply.dat, sizeof(cksum) + 1, - schedule, &adat.session, &local, &foreign)) < 0) { + schedule, &adat.session, &local, &foreign)) < 0) { packet_send_debug("Kerberos V4 mk_priv: (%d) %s", r, krb_err_txt[r]); reply.dat[0] = 0; reply.length = 0; @@ -159,10 +153,11 @@ auth_kerberos_tgt(struct passwd *pw, const char *string) if (strcmp(creds.service, "krbtgt")) { log("Kerberos V4 tgt (%s%s%s@%s) rejected for %s", creds.pname, - creds.pinst[0] ? "." : "", creds.pinst, creds.realm, pw->pw_name); + creds.pinst[0] ? "." : "", creds.pinst, creds.realm, + pw->pw_name); packet_send_debug("Kerberos V4 tgt (%s%s%s@%s) rejected for %s", - creds.pname, creds.pinst[0] ? "." : "", creds.pinst, - creds.realm, pw->pw_name); + creds.pname, creds.pinst[0] ? "." : "", creds.pinst, + creds.realm, pw->pw_name); goto auth_kerberos_tgt_failure; } if (!krb4_init(pw->pw_uid)) @@ -172,8 +167,8 @@ auth_kerberos_tgt(struct passwd *pw, const char *string) goto auth_kerberos_tgt_failure; if (save_credentials(creds.service, creds.instance, creds.realm, - creds.session, creds.lifetime, creds.kvno, - &creds.ticket_st, creds.issue_date) != KSUCCESS) { + creds.session, creds.lifetime, creds.kvno, + &creds.ticket_st, creds.issue_date) != KSUCCESS) { packet_send_debug("Kerberos V4 tgt refused: couldn't save credentials"); goto auth_kerberos_tgt_failure; } @@ -181,8 +176,8 @@ auth_kerberos_tgt(struct passwd *pw, const char *string) chown(tkt_string(), pw->pw_uid, pw->pw_gid); packet_send_debug("Kerberos V4 tgt accepted (%s.%s@%s, %s%s%s@%s)", - creds.service, creds.instance, creds.realm, creds.pname, - creds.pinst[0] ? "." : "", creds.pinst, creds.realm); + creds.service, creds.instance, creds.realm, creds.pname, + creds.pinst[0] ? "." : "", creds.pinst, creds.realm); memset(&creds, 0, sizeof(creds)); packet_start(SSH_SMSG_SUCCESS); packet_send(); @@ -222,7 +217,7 @@ auth_afs_token(struct passwd *pw, const char *token_string) log("AFS token (%s@%s) rejected for %s", creds.pname, creds.realm, pw->pw_name); packet_send_debug("AFS token (%s@%s) rejected for %s", creds.pname, - creds.realm, pw->pw_name); + creds.realm, pw->pw_name); memset(&creds, 0, sizeof(creds)); packet_start(SSH_SMSG_FAILURE); packet_send(); @@ -230,7 +225,7 @@ auth_afs_token(struct passwd *pw, const char *token_string) return 0; } packet_send_debug("AFS token accepted (%s@%s, %s@%s)", creds.service, - creds.realm, creds.pname, creds.realm); + creds.realm, creds.pname, creds.realm); memset(&creds, 0, sizeof(creds)); packet_start(SSH_SMSG_SUCCESS); packet_send(); diff --git a/usr.bin/ssh/auth-passwd.c b/usr.bin/ssh/auth-passwd.c index c7c2ac870b7..542c393183b 100644 --- a/usr.bin/ssh/auth-passwd.c +++ b/usr.bin/ssh/auth-passwd.c @@ -1,30 +1,24 @@ /* - -auth-passwd.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Mar 18 05:11:38 1995 ylo - -Password authentication. This file contains the functions to check whether -the password is valid for the user. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Sat Mar 18 05:11:38 1995 ylo + * Password authentication. This file contains the functions to check whether + * the password is valid for the user. + */ #include "includes.h" -RCSID("$Id: auth-passwd.c,v 1.10 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: auth-passwd.c,v 1.11 1999/11/24 00:26:00 deraadt Exp $"); #include "packet.h" #include "ssh.h" #include "servconf.h" #include "xmalloc.h" -/* Tries to authenticate the user using password. Returns true if - authentication succeeds. */ - +/* + * Tries to authenticate the user using password. Returns true if + * authentication succeeds. + */ int auth_password(struct passwd * pw, const char *password) { @@ -48,7 +42,8 @@ auth_password(struct passwd * pw, const char *password) if (strncasecmp(password, "s/key", 5) == 0) { char *skeyinfo = skey_keyinfo(pw->pw_name); if (skeyinfo == NULL) { - debug("generating fake skeyinfo for %.100s.", pw->pw_name); + debug("generating fake skeyinfo for %.100s.", + pw->pw_name); skeyinfo = skey_fake_keyinfo(pw->pw_name); } if (skeyinfo != NULL) @@ -83,25 +78,31 @@ auth_password(struct passwd * pw, const char *password) /* Set up our ticket file. */ if (!krb4_init(pw->pw_uid)) { - log("Couldn't initialize Kerberos ticket file for %s!", pw->pw_name); + log("Couldn't initialize Kerberos ticket file for %s!", + pw->pw_name); goto kerberos_auth_failure; } /* Try to get TGT using our password. */ - r = krb_get_pw_in_tkt((char *) pw->pw_name, "", realm, "krbtgt", realm, - DEFAULT_TKT_LIFE, (char *) password); + r = krb_get_pw_in_tkt((char *) pw->pw_name, "", + realm, "krbtgt", realm, + DEFAULT_TKT_LIFE, (char *) password); if (r != INTK_OK) { - packet_send_debug("Kerberos V4 password authentication for %s " - "failed: %s", pw->pw_name, krb_err_txt[r]); + packet_send_debug("Kerberos V4 password " + "authentication for %s failed: %s", + pw->pw_name, krb_err_txt[r]); goto kerberos_auth_failure; } /* Successful authentication. */ chown(tkt_string(), pw->pw_uid, pw->pw_gid); - /* Now that we have a TGT, try to get a local - "rcmd" ticket to ensure that we are not talking - to a bogus Kerberos server. */ + /* + * Now that we have a TGT, try to get a local + * "rcmd" ticket to ensure that we are not talking + * to a bogus Kerberos server. + */ (void) gethostname(localhost, sizeof(localhost)); - (void) strlcpy(phost, (char *) krb_get_phost(localhost), INST_SZ); + (void) strlcpy(phost, (char *) krb_get_phost(localhost), + INST_SZ); r = krb_mk_req(&tkt, KRB4_SERVICE_NAME, phost, realm, 33); if (r == KSUCCESS) { @@ -109,14 +110,20 @@ auth_password(struct passwd * pw, const char *password) log("Couldn't get local host address!"); goto kerberos_auth_failure; } - memmove((void *) &faddr, (void *) hp->h_addr, sizeof(faddr)); + memmove((void *) &faddr, (void *) hp->h_addr, + sizeof(faddr)); /* Verify our "rcmd" ticket. */ - r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, faddr, &adata, ""); + r = krb_rd_req(&tkt, KRB4_SERVICE_NAME, phost, + faddr, &adata, ""); if (r == RD_AP_UNDEC) { - /* Probably didn't have a srvtab on localhost. Allow login. */ - log("Kerberos V4 TGT for %s unverifiable, no srvtab installed? " - "krb_rd_req: %s", pw->pw_name, krb_err_txt[r]); + /* + * Probably didn't have a srvtab on + * localhost. Allow login. + */ + log("Kerberos V4 TGT for %s unverifiable, " + "no srvtab installed? krb_rd_req: %s", + pw->pw_name, krb_err_txt[r]); } else if (r != KSUCCESS) { log("Kerberos V4 %s ticket unverifiable: %s", KRB4_SERVICE_NAME, krb_err_txt[r]); @@ -131,8 +138,9 @@ auth_password(struct passwd * pw, const char *password) } else { /* TGT is bad, forget it. Possibly spoofed! */ - packet_send_debug("WARNING: Kerberos V4 TGT possibly spoofed for" - "%s: %s", pw->pw_name, krb_err_txt[r]); + packet_send_debug("WARNING: Kerberos V4 TGT " + "possibly spoofed for %s: %s", + pw->pw_name, krb_err_txt[r]); goto kerberos_auth_failure; } @@ -154,12 +162,13 @@ auth_password(struct passwd * pw, const char *password) /* Check for users with no password. */ if (strcmp(password, "") == 0 && strcmp(pw->pw_passwd, "") == 0) { - packet_send_debug("Login permitted without a password because the account has no password."); + packet_send_debug("Login permitted without a password " + "because the account has no password."); return 1; } /* Encrypt the candidate password using the proper salt. */ encrypted_password = crypt(password, - (pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx"); + (pw->pw_passwd[0] && pw->pw_passwd[1]) ? pw->pw_passwd : "xx"); /* Authentication is accepted if the encrypted passwords are identical. */ return (strcmp(encrypted_password, pw->pw_passwd) == 0); diff --git a/usr.bin/ssh/auth-rh-rsa.c b/usr.bin/ssh/auth-rh-rsa.c index 40b3682201d..696e47965d1 100644 --- a/usr.bin/ssh/auth-rh-rsa.c +++ b/usr.bin/ssh/auth-rh-rsa.c @@ -1,21 +1,21 @@ /* - -auth-rh-rsa.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sun May 7 03:08:06 1995 ylo - -Rhosts or /etc/hosts.equiv authentication combined with RSA host -authentication. - -*/ + * + * auth-rh-rsa.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sun May 7 03:08:06 1995 ylo + * + * Rhosts or /etc/hosts.equiv authentication combined with RSA host + * authentication. + * + */ #include "includes.h" -RCSID("$Id: auth-rh-rsa.c,v 1.8 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: auth-rh-rsa.c,v 1.9 1999/11/24 00:26:00 deraadt Exp $"); #include "packet.h" #include "ssh.h" diff --git a/usr.bin/ssh/auth-rhosts.c b/usr.bin/ssh/auth-rhosts.c index 0fe95b9b0a6..7e9f1d4c876 100644 --- a/usr.bin/ssh/auth-rhosts.c +++ b/usr.bin/ssh/auth-rhosts.c @@ -1,22 +1,22 @@ /* - -auth-rhosts.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 17 05:12:18 1995 ylo - -Rhosts authentication. This file contains code to check whether to admit -the login based on rhosts authentication. This file also processes -/etc/hosts.equiv. - -*/ + * + * auth-rhosts.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 05:12:18 1995 ylo + * + * Rhosts authentication. This file contains code to check whether to admit + * the login based on rhosts authentication. This file also processes + * /etc/hosts.equiv. + * + */ #include "includes.h" -RCSID("$Id: auth-rhosts.c,v 1.9 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: auth-rhosts.c,v 1.10 1999/11/24 00:26:00 deraadt Exp $"); #include "packet.h" #include "ssh.h" diff --git a/usr.bin/ssh/auth-rsa.c b/usr.bin/ssh/auth-rsa.c index 85cfc1980f8..2b324a0a26d 100644 --- a/usr.bin/ssh/auth-rsa.c +++ b/usr.bin/ssh/auth-rsa.c @@ -1,22 +1,22 @@ /* - -auth-rsa.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Mar 27 01:46:52 1995 ylo - -RSA-based authentication. This code determines whether to admit a login -based on RSA authentication. This file also contains functions to check -validity of the host key. - -*/ + * + * auth-rsa.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 27 01:46:52 1995 ylo + * + * RSA-based authentication. This code determines whether to admit a login + * based on RSA authentication. This file also contains functions to check + * validity of the host key. + * + */ #include "includes.h" -RCSID("$Id: auth-rsa.c,v 1.12 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: auth-rsa.c,v 1.13 1999/11/24 00:26:00 deraadt Exp $"); #include "rsa.h" #include "packet.h" diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c index e708c638d17..d70686362ac 100644 --- a/usr.bin/ssh/authfd.c +++ b/usr.bin/ssh/authfd.c @@ -1,20 +1,20 @@ /* - -authfd.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Mar 29 01:30:28 1995 ylo - -Functions for connecting the local authentication agent. - -*/ + * + * authfd.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 01:30:28 1995 ylo + * + * Functions for connecting the local authentication agent. + * + */ #include "includes.h" -RCSID("$Id: authfd.c,v 1.12 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: authfd.c,v 1.13 1999/11/24 00:26:00 deraadt Exp $"); #include "ssh.h" #include "rsa.h" diff --git a/usr.bin/ssh/authfd.h b/usr.bin/ssh/authfd.h index 61fc21bc4a4..a808ba0a7a6 100644 --- a/usr.bin/ssh/authfd.h +++ b/usr.bin/ssh/authfd.h @@ -1,19 +1,19 @@ /* - -authfd.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Mar 29 01:17:41 1995 ylo - -Functions to interface with the SSH_AUTHENTICATION_FD socket. - -*/ - -/* RCSID("$Id: authfd.h,v 1.4 1999/11/15 20:53:24 markus Exp $"); */ + * + * authfd.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 01:17:41 1995 ylo + * + * Functions to interface with the SSH_AUTHENTICATION_FD socket. + * + */ + +/* RCSID("$Id: authfd.h,v 1.5 1999/11/24 00:26:00 deraadt Exp $"); */ #ifndef AUTHFD_H #define AUTHFD_H @@ -31,72 +31,73 @@ Functions to interface with the SSH_AUTHENTICATION_FD socket. #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 -typedef struct -{ - int fd; - Buffer packet; - Buffer identities; - int howmany; -} AuthenticationConnection; - +typedef struct { + int fd; + Buffer packet; + Buffer identities; + int howmany; +} AuthenticationConnection; /* Returns the number of the authentication fd, or -1 if there is none. */ -int ssh_get_authentication_socket(); +int ssh_get_authentication_socket(); -/* This should be called for any descriptor returned by +/* This should be called for any descriptor returned by ssh_get_authentication_socket(). Depending on the way the descriptor was obtained, this may close the descriptor. */ -void ssh_close_authentication_socket(int authfd); +void ssh_close_authentication_socket(int authfd); /* Opens and connects a private socket for communication with the - authentication agent. Returns NULL if an error occurred and the + authentication agent. Returns NULL if an error occurred and the connection could not be opened. The connection should be closed by the caller by calling ssh_close_authentication_connection(). */ AuthenticationConnection *ssh_get_authentication_connection(); /* Closes the connection to the authentication agent and frees any associated memory. */ -void ssh_close_authentication_connection(AuthenticationConnection *ac); +void ssh_close_authentication_connection(AuthenticationConnection * ac); /* Returns the first authentication identity held by the agent. Returns true if an identity is available, 0 otherwise. The caller must initialize the integers before the call, and free the comment after a successful call (before calling ssh_get_next_identity). */ -int ssh_get_first_identity(AuthenticationConnection *connection, - BIGNUM *e, BIGNUM *n, char **comment); +int +ssh_get_first_identity(AuthenticationConnection * connection, + BIGNUM * e, BIGNUM * n, char **comment); /* Returns the next authentication identity for the agent. Other functions can be called between this and ssh_get_first_identity or two calls of this function. This returns 0 if there are no more identities. The caller must free comment after a successful return. */ -int ssh_get_next_identity(AuthenticationConnection *connection, - BIGNUM *e, BIGNUM *n, char **comment); +int +ssh_get_next_identity(AuthenticationConnection * connection, + BIGNUM * e, BIGNUM * n, char **comment); /* Requests the agent to decrypt the given challenge. Returns true if the agent claims it was able to decrypt it. */ -int ssh_decrypt_challenge(AuthenticationConnection *auth, - BIGNUM *e, BIGNUM *n, BIGNUM *challenge, - unsigned char session_id[16], - unsigned int response_type, - unsigned char response[16]); +int +ssh_decrypt_challenge(AuthenticationConnection * auth, + BIGNUM * e, BIGNUM * n, BIGNUM * challenge, + unsigned char session_id[16], + unsigned int response_type, + unsigned char response[16]); /* Adds an identity to the authentication server. This call is not meant to be used by normal applications. This returns true if the identity was successfully added. */ -int ssh_add_identity(AuthenticationConnection *connection, - RSA *key, const char *comment); + int ssh_add_identity(AuthenticationConnection * connection, + RSA * key, const char *comment); /* Removes the identity from the authentication server. This call is not meant to be used by normal applications. This returns true if the identity was successfully added. */ -int ssh_remove_identity(AuthenticationConnection *connection, - RSA *key); + int ssh_remove_identity(AuthenticationConnection * connection, + RSA * key); /* Removes all identities from the authentication agent. This call is not meant to be used by normal applications. This returns true if the operation was successful. */ -int ssh_remove_all_identities(AuthenticationConnection *connection); + int ssh_remove_all_identities(AuthenticationConnection * connection); /* Closes the connection to the authentication agent. */ -void ssh_close_authentication(AuthenticationConnection *connection); + void ssh_close_authentication(AuthenticationConnection * connection); -#endif /* AUTHFD_H */ +#endif /* AUTHFD_H */ diff --git a/usr.bin/ssh/authfile.c b/usr.bin/ssh/authfile.c index ce2f846e7ec..143cdf00c7b 100644 --- a/usr.bin/ssh/authfile.c +++ b/usr.bin/ssh/authfile.c @@ -1,21 +1,21 @@ /* - -authfile.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Mar 27 03:52:05 1995 ylo - -This file contains functions for reading and writing identity files, and -for reading the passphrase from the user. - -*/ + * + * authfile.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 27 03:52:05 1995 ylo + * + * This file contains functions for reading and writing identity files, and + * for reading the passphrase from the user. + * + */ #include "includes.h" -RCSID("$Id: authfile.c,v 1.8 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: authfile.c,v 1.9 1999/11/24 00:26:00 deraadt Exp $"); #include <ssl/bn.h> #include "xmalloc.h" diff --git a/usr.bin/ssh/bufaux.c b/usr.bin/ssh/bufaux.c index 8b6f7b43740..6b59c8f1d91 100644 --- a/usr.bin/ssh/bufaux.c +++ b/usr.bin/ssh/bufaux.c @@ -1,21 +1,21 @@ /* - -bufaux.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Mar 29 02:24:47 1995 ylo - -Auxiliary functions for storing and retrieving various data types to/from -Buffers. - -*/ + * + * bufaux.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 02:24:47 1995 ylo + * + * Auxiliary functions for storing and retrieving various data types to/from + * Buffers. + * + */ #include "includes.h" -RCSID("$Id: bufaux.c,v 1.5 1999/11/23 22:25:52 markus Exp $"); +RCSID("$Id: bufaux.c,v 1.6 1999/11/24 00:26:01 deraadt Exp $"); #include "ssh.h" #include <ssl/bn.h> @@ -23,9 +23,10 @@ RCSID("$Id: bufaux.c,v 1.5 1999/11/23 22:25:52 markus Exp $"); #include "xmalloc.h" #include "getput.h" -/* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed - by (bits+7)/8 bytes of binary data, msb first. */ - +/* + * Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed + * by (bits+7)/8 bytes of binary data, msb first. + */ void buffer_put_bignum(Buffer *buffer, BIGNUM *value) { @@ -51,8 +52,9 @@ buffer_put_bignum(Buffer *buffer, BIGNUM *value) xfree(buf); } -/* Retrieves an BIGNUM from the buffer. */ - +/* + * Retrieves an BIGNUM from the buffer. + */ int buffer_get_bignum(Buffer *buffer, BIGNUM *value) { @@ -73,8 +75,9 @@ buffer_get_bignum(Buffer *buffer, BIGNUM *value) return 2 + bytes; } -/* Returns an integer from the buffer (4 bytes, msb first). */ - +/* + * Returns an integer from the buffer (4 bytes, msb first). + */ unsigned int buffer_get_int(Buffer *buffer) { @@ -83,8 +86,9 @@ buffer_get_int(Buffer *buffer) return GET_32BIT(buf); } -/* Stores an integer in the buffer in 4 bytes, msb first. */ - +/* + * Stores an integer in the buffer in 4 bytes, msb first. + */ void buffer_put_int(Buffer *buffer, unsigned int value) { @@ -93,13 +97,14 @@ buffer_put_int(Buffer *buffer, unsigned int value) buffer_append(buffer, buf, 4); } -/* Returns an arbitrary binary string from the buffer. The string cannot - be longer than 256k. The returned value points to memory allocated - with xmalloc; it is the responsibility of the calling function to free - the data. If length_ptr is non-NULL, the length of the returned data - will be stored there. A null character will be automatically appended - to the returned string, and is not counted in length. */ - +/* + * Returns an arbitrary binary string from the buffer. The string cannot + * be longer than 256k. The returned value points to memory allocated + * with xmalloc; it is the responsibility of the calling function to free + * the data. If length_ptr is non-NULL, the length of the returned data + * will be stored there. A null character will be automatically appended + * to the returned string, and is not counted in length. + */ char * buffer_get_string(Buffer *buffer, unsigned int *length_ptr) { @@ -121,8 +126,9 @@ buffer_get_string(Buffer *buffer, unsigned int *length_ptr) return value; } -/* Stores and arbitrary binary string in the buffer. */ - +/* + * Stores and arbitrary binary string in the buffer. + */ void buffer_put_string(Buffer *buffer, const void *buf, unsigned int len) { @@ -130,8 +136,9 @@ buffer_put_string(Buffer *buffer, const void *buf, unsigned int len) buffer_append(buffer, buf, len); } -/* Returns a character from the buffer (0 - 255). */ - +/* + * Returns a character from the buffer (0 - 255). + */ int buffer_get_char(Buffer *buffer) { @@ -140,8 +147,9 @@ buffer_get_char(Buffer *buffer) return (unsigned char) ch; } -/* Stores a character in the buffer. */ - +/* + * Stores a character in the buffer. + */ void buffer_put_char(Buffer *buffer, int value) { diff --git a/usr.bin/ssh/bufaux.h b/usr.bin/ssh/bufaux.h index 06f3dfc5008..d7839c2f7bd 100644 --- a/usr.bin/ssh/bufaux.h +++ b/usr.bin/ssh/bufaux.h @@ -1,17 +1,17 @@ /* - -bufaux.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Mar 29 02:18:23 1995 ylo - -*/ - -/* RCSID("$Id: bufaux.h,v 1.2 1999/09/28 04:45:36 provos Exp $"); */ + * + * bufaux.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Mar 29 02:18:23 1995 ylo + * + */ + +/* RCSID("$Id: bufaux.h,v 1.3 1999/11/24 00:26:01 deraadt Exp $"); */ #ifndef BUFAUX_H #define BUFAUX_H @@ -20,22 +20,22 @@ Created: Wed Mar 29 02:18:23 1995 ylo /* Stores an BIGNUM in the buffer with a 2-byte msb first bit count, followed by (bits+7)/8 bytes of binary data, msb first. */ -void buffer_put_bignum(Buffer *buffer, BIGNUM *value); +void buffer_put_bignum(Buffer * buffer, BIGNUM * value); /* Retrieves an BIGNUM from the buffer. */ -int buffer_get_bignum(Buffer *buffer, BIGNUM *value); +int buffer_get_bignum(Buffer * buffer, BIGNUM * value); /* Returns an integer from the buffer (4 bytes, msb first). */ -unsigned int buffer_get_int(Buffer *buffer); +unsigned int buffer_get_int(Buffer * buffer); /* Stores an integer in the buffer in 4 bytes, msb first. */ -void buffer_put_int(Buffer *buffer, unsigned int value); +void buffer_put_int(Buffer * buffer, unsigned int value); /* Returns a character from the buffer (0 - 255). */ -int buffer_get_char(Buffer *buffer); +int buffer_get_char(Buffer * buffer); /* Stores a character in the buffer. */ -void buffer_put_char(Buffer *buffer, int value); +void buffer_put_char(Buffer * buffer, int value); /* Returns an arbitrary binary string from the buffer. The string cannot be longer than 256k. The returned value points to memory allocated @@ -43,9 +43,9 @@ void buffer_put_char(Buffer *buffer, int value); the data. If length_ptr is non-NULL, the length of the returned data will be stored there. A null character will be automatically appended to the returned string, and is not counted in length. */ -char *buffer_get_string(Buffer *buffer, unsigned int *length_ptr); +char *buffer_get_string(Buffer * buffer, unsigned int *length_ptr); /* Stores and arbitrary binary string in the buffer. */ -void buffer_put_string(Buffer *buffer, const void *buf, unsigned int len); +void buffer_put_string(Buffer * buffer, const void *buf, unsigned int len); -#endif /* BUFAUX_H */ +#endif /* BUFAUX_H */ diff --git a/usr.bin/ssh/buffer.c b/usr.bin/ssh/buffer.c index dfdeba41eef..0f117ccc1c7 100644 --- a/usr.bin/ssh/buffer.c +++ b/usr.bin/ssh/buffer.c @@ -1,20 +1,20 @@ /* - -buffer.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Mar 18 04:15:33 1995 ylo - -Functions for manipulating fifo buffers (that can grow if needed). - -*/ + * + * buffer.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 04:15:33 1995 ylo + * + * Functions for manipulating fifo buffers (that can grow if needed). + * + */ #include "includes.h" -RCSID("$Id: buffer.c,v 1.2 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: buffer.c,v 1.3 1999/11/24 00:26:01 deraadt Exp $"); #include "xmalloc.h" #include "buffer.h" diff --git a/usr.bin/ssh/buffer.h b/usr.bin/ssh/buffer.h index f2bdac29651..5031ea5790e 100644 --- a/usr.bin/ssh/buffer.h +++ b/usr.bin/ssh/buffer.h @@ -1,66 +1,64 @@ /* - -buffer.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Mar 18 04:12:25 1995 ylo - -Code for manipulating FIFO buffers. - -*/ - -/* RCSID("$Id: buffer.h,v 1.1 1999/09/26 20:53:34 deraadt Exp $"); */ + * + * buffer.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 04:12:25 1995 ylo + * + * Code for manipulating FIFO buffers. + * + */ + +/* RCSID("$Id: buffer.h,v 1.2 1999/11/24 00:26:01 deraadt Exp $"); */ #ifndef BUFFER_H #define BUFFER_H -typedef struct -{ - char *buf; /* Buffer for data. */ - unsigned int alloc; /* Number of bytes allocated for data. */ - unsigned int offset; /* Offset of first byte containing data. */ - unsigned int end; /* Offset of last byte containing data. */ -} Buffer; - +typedef struct { + char *buf; /* Buffer for data. */ + unsigned int alloc; /* Number of bytes allocated for data. */ + unsigned int offset; /* Offset of first byte containing data. */ + unsigned int end; /* Offset of last byte containing data. */ +} Buffer; /* Initializes the buffer structure. */ -void buffer_init(Buffer *buffer); +void buffer_init(Buffer * buffer); /* Frees any memory used for the buffer. */ -void buffer_free(Buffer *buffer); +void buffer_free(Buffer * buffer); /* Clears any data from the buffer, making it empty. This does not actually zero the memory. */ -void buffer_clear(Buffer *buffer); +void buffer_clear(Buffer * buffer); /* Appends data to the buffer, expanding it if necessary. */ -void buffer_append(Buffer *buffer, const char *data, unsigned int len); +void buffer_append(Buffer * buffer, const char *data, unsigned int len); /* Appends space to the buffer, expanding the buffer if necessary. This does not actually copy the data into the buffer, but instead returns a pointer to the allocated region. */ -void buffer_append_space(Buffer *buffer, char **datap, unsigned int len); +void buffer_append_space(Buffer * buffer, char **datap, unsigned int len); /* Returns the number of bytes of data in the buffer. */ -unsigned int buffer_len(Buffer *buffer); +unsigned int buffer_len(Buffer * buffer); /* Gets data from the beginning of the buffer. */ -void buffer_get(Buffer *buffer, char *buf, unsigned int len); +void buffer_get(Buffer * buffer, char *buf, unsigned int len); /* Consumes the given number of bytes from the beginning of the buffer. */ -void buffer_consume(Buffer *buffer, unsigned int bytes); +void buffer_consume(Buffer * buffer, unsigned int bytes); /* Consumes the given number of bytes from the end of the buffer. */ -void buffer_consume_end(Buffer *buffer, unsigned int bytes); +void buffer_consume_end(Buffer * buffer, unsigned int bytes); /* Returns a pointer to the first used byte in the buffer. */ -char *buffer_ptr(Buffer *buffer); +char *buffer_ptr(Buffer * buffer); /* Dumps the contents of the buffer to stderr in hex. This intended for debugging purposes only. */ -void buffer_dump(Buffer *buffer); +void buffer_dump(Buffer * buffer); -#endif /* BUFFER_H */ +#endif /* BUFFER_H */ diff --git a/usr.bin/ssh/canohost.c b/usr.bin/ssh/canohost.c index 0dc1b140464..91a6c257566 100644 --- a/usr.bin/ssh/canohost.c +++ b/usr.bin/ssh/canohost.c @@ -1,20 +1,20 @@ /* - -canohost.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sun Jul 2 17:52:22 1995 ylo - -Functions for returning the canonical host name of the remote site. - -*/ + * + * canohost.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sun Jul 2 17:52:22 1995 ylo + * + * Functions for returning the canonical host name of the remote site. + * + */ #include "includes.h" -RCSID("$Id: canohost.c,v 1.6 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: canohost.c,v 1.7 1999/11/24 00:26:01 deraadt Exp $"); #include "packet.h" #include "xmalloc.h" diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index 086f5260ec0..a10b9c356f8 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -1,22 +1,22 @@ /* - -channels.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 24 16:35:24 1995 ylo - -This file contains functions for generic socket connection forwarding. -There is also code for initiating connection forwarding for X11 connections, -arbitrary tcp/ip connections, and the authentication agent connection. - -*/ + * + * channels.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 24 16:35:24 1995 ylo + * + * This file contains functions for generic socket connection forwarding. + * There is also code for initiating connection forwarding for X11 connections, + * arbitrary tcp/ip connections, and the authentication agent connection. + * + */ #include "includes.h" -RCSID("$Id: channels.c,v 1.25 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: channels.c,v 1.26 1999/11/24 00:26:01 deraadt Exp $"); #include "ssh.h" #include "packet.h" diff --git a/usr.bin/ssh/channels.h b/usr.bin/ssh/channels.h index 3cb4d3eb051..f55b74c2c01 100644 --- a/usr.bin/ssh/channels.h +++ b/usr.bin/ssh/channels.h @@ -1,40 +1,46 @@ -/* RCSID("$Id: channels.h,v 1.4 1999/10/28 21:26:09 markus Exp $"); */ +/* RCSID("$Id: channels.h,v 1.5 1999/11/24 00:26:01 deraadt Exp $"); */ #ifndef CHANNELS_H #define CHANNELS_H /* Definitions for channel types. */ -#define SSH_CHANNEL_FREE 0 /* This channel is free (unused). */ -#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 conn. */ -#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ -#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ -#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */ -#define SSH_CHANNEL_CLOSED 5 /* waiting for close confirmation */ +#define SSH_CHANNEL_FREE 0 /* This channel is free + * (unused). */ +#define SSH_CHANNEL_X11_LISTENER 1 /* Listening for inet X11 + * conn. */ +#define SSH_CHANNEL_PORT_LISTENER 2 /* Listening on a port. */ +#define SSH_CHANNEL_OPENING 3 /* waiting for confirmation */ +#define SSH_CHANNEL_OPEN 4 /* normal open two-way channel */ +#define SSH_CHANNEL_CLOSED 5 /* waiting for close + * confirmation */ /* SSH_CHANNEL_AUTH_FD 6 authentication fd */ -#define SSH_CHANNEL_AUTH_SOCKET 7 /* authentication socket */ +#define SSH_CHANNEL_AUTH_SOCKET 7 /* authentication socket */ /* SSH_CHANNEL_AUTH_SOCKET_FD 8 connection to auth socket */ -#define SSH_CHANNEL_X11_OPEN 9 /* reading first X11 packet */ -#define SSH_CHANNEL_INPUT_DRAINING 10 /* sending remaining data to conn */ -#define SSH_CHANNEL_OUTPUT_DRAINING 11 /* sending remaining data to app */ +#define SSH_CHANNEL_X11_OPEN 9 /* reading first X11 packet */ +#define SSH_CHANNEL_INPUT_DRAINING 10 /* sending remaining data to + * conn */ +#define SSH_CHANNEL_OUTPUT_DRAINING 11 /* sending remaining data to + * app */ /* Data structure for channel data. This is iniailized in channel_allocate and cleared in channel_free. */ -typedef struct Channel -{ - int type; /* channel type/state */ - int self; /* my own channel identifier */ - int remote_id; /* channel identifier for remote peer */ - /* peer can be reached over encrypted connection, via packet-sent */ - int istate; /* input from channel (state of receive half) */ - int ostate; /* output to channel (state of transmit half) */ - int sock; /* data socket, linked to this channel */ - Buffer input; /* data read from socket, to be sent over encrypted connection */ - Buffer output; /* data received over encrypted connection for send on socket */ - char path[200]; /* path for unix domain sockets, or host name for forwards */ - int listening_port; /* port being listened for forwards */ - int host_port; /* remote port to connect for forwards */ - char *remote_name; /* remote hostname */ -} Channel; - +typedef struct Channel { + int type; /* channel type/state */ + int self; /* my own channel identifier */ + int remote_id; /* channel identifier for remote peer */ + /* peer can be reached over encrypted connection, via packet-sent */ + int istate; /* input from channel (state of receive half) */ + int ostate; /* output to channel (state of transmit half) */ + int sock; /* data socket, linked to this channel */ + Buffer input; /* data read from socket, to be sent over + * encrypted connection */ + Buffer output; /* data received over encrypted connection for + * send on socket */ + char path[200]; /* path for unix domain sockets, or host name + * for forwards */ + int listening_port; /* port being listened for forwards */ + int host_port; /* remote port to connect for forwards */ + char *remote_name; /* remote hostname */ +} Channel; #endif diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c index 6fb3f9842ab..06176271020 100644 --- a/usr.bin/ssh/cipher.c +++ b/usr.bin/ssh/cipher.c @@ -1,18 +1,18 @@ /* - -cipher.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Apr 19 17:41:39 1995 ylo - -*/ + * + * cipher.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Apr 19 17:41:39 1995 ylo + * + */ #include "includes.h" -RCSID("$Id: cipher.c,v 1.16 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: cipher.c,v 1.17 1999/11/24 00:26:01 deraadt Exp $"); #include "ssh.h" #include "cipher.h" diff --git a/usr.bin/ssh/cipher.h b/usr.bin/ssh/cipher.h index 3b5e57c95d0..3f2e202442b 100644 --- a/usr.bin/ssh/cipher.h +++ b/usr.bin/ssh/cipher.h @@ -1,17 +1,17 @@ /* - -cipher.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Apr 19 16:50:42 1995 ylo - -*/ - -/* RCSID("$Id: cipher.h,v 1.8 1999/11/15 21:38:54 markus Exp $"); */ + * + * cipher.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Apr 19 16:50:42 1995 ylo + * + */ + +/* RCSID("$Id: cipher.h,v 1.9 1999/11/24 00:26:01 deraadt Exp $"); */ #ifndef CIPHER_H #define CIPHER_H @@ -21,32 +21,31 @@ Created: Wed Apr 19 16:50:42 1995 ylo /* Cipher types. New types can be added, but old types should not be removed for compatibility. The maximum allowed value is 31. */ -#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ -#define SSH_CIPHER_NONE 0 /* no encryption */ -#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ -#define SSH_CIPHER_DES 2 /* DES CBC */ -#define SSH_CIPHER_3DES 3 /* 3DES CBC */ -#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ -#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ +#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ +#define SSH_CIPHER_NONE 0 /* no encryption */ +#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ +#define SSH_CIPHER_DES 2 /* DES CBC */ +#define SSH_CIPHER_3DES 3 /* 3DES CBC */ +#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ +#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ #define SSH_CIPHER_BLOWFISH 6 typedef struct { - unsigned int type; - union { - struct { - des_key_schedule key1; - des_key_schedule key2; - des_cblock iv2; - des_key_schedule key3; - des_cblock iv3; - } des3; - struct { - struct bf_key_st key; - unsigned char iv[8]; - } bf; - } u; -} CipherContext; - + unsigned int type; + union { + struct { + des_key_schedule key1; + des_key_schedule key2; + des_cblock iv2; + des_key_schedule key3; + des_cblock iv3; + } des3; + struct { + struct bf_key_st key; + unsigned char iv[8]; + } bf; + } u; +} CipherContext; /* Returns a bit mask indicating which ciphers are supported by this implementation. The bit mask has the corresponding bit set of each supported cipher. */ @@ -57,28 +56,32 @@ const char *cipher_name(int cipher); /* Parses the name of the cipher. Returns the number of the corresponding cipher, or -1 on error. */ -int cipher_number(const char *name); +int cipher_number(const char *name); /* Selects the cipher to use and sets the key. If for_encryption is true, the key is setup for encryption; otherwise it is setup for decryption. */ -void cipher_set_key(CipherContext *context, int cipher, - const unsigned char *key, int keylen, int for_encryption); +void +cipher_set_key(CipherContext * context, int cipher, + const unsigned char *key, int keylen, int for_encryption); /* Sets key for the cipher by computing the MD5 checksum of the passphrase, and using the resulting 16 bytes as the key. */ -void cipher_set_key_string(CipherContext *context, int cipher, - const char *passphrase, int for_encryption); +void +cipher_set_key_string(CipherContext * context, int cipher, + const char *passphrase, int for_encryption); /* Encrypts data using the cipher. */ -void cipher_encrypt(CipherContext *context, unsigned char *dest, - const unsigned char *src, unsigned int len); +void +cipher_encrypt(CipherContext * context, unsigned char *dest, + const unsigned char *src, unsigned int len); /* Decrypts data using the cipher. */ -void cipher_decrypt(CipherContext *context, unsigned char *dest, - const unsigned char *src, unsigned int len); +void +cipher_decrypt(CipherContext * context, unsigned char *dest, + const unsigned char *src, unsigned int len); /* If and CRC-32 attack is detected this function is called. Defaults * to fatal, changed to packet_disconnect in sshd and ssh. */ -extern void (*cipher_attack_detected)(const char *fmt, ...); +extern void (*cipher_attack_detected) (const char *fmt,...); -#endif /* CIPHER_H */ +#endif /* CIPHER_H */ diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c index 62a6e3cd4a5..b8ea16f0e52 100644 --- a/usr.bin/ssh/clientloop.c +++ b/usr.bin/ssh/clientloop.c @@ -1,21 +1,21 @@ /* - -clientloop.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - - -Created: Sat Sep 23 12:23:57 1995 ylo - -The main loop for the interactive session (client side). - -*/ + * + * clientloop.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * + * Created: Sat Sep 23 12:23:57 1995 ylo + * + * The main loop for the interactive session (client side). + * + */ #include "includes.h" -RCSID("$Id: clientloop.c,v 1.11 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: clientloop.c,v 1.12 1999/11/24 00:26:01 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" diff --git a/usr.bin/ssh/compat.h b/usr.bin/ssh/compat.h index 03289c27ab1..d1b60084ae9 100644 --- a/usr.bin/ssh/compat.h +++ b/usr.bin/ssh/compat.h @@ -1,7 +1,7 @@ -/* RCSID("$Id: compat.h,v 1.2 1999/10/16 22:29:01 markus Exp $"); */ +/* RCSID("$Id: compat.h,v 1.3 1999/11/24 00:26:01 deraadt Exp $"); */ #ifndef COMPAT_H #define COMPAT_H -void enable_compat13(void); +void enable_compat13(void); extern int compat13; #endif diff --git a/usr.bin/ssh/compress.c b/usr.bin/ssh/compress.c index 3e226cb22e9..be9180e6d12 100644 --- a/usr.bin/ssh/compress.c +++ b/usr.bin/ssh/compress.c @@ -1,20 +1,20 @@ /* - -compress.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Oct 25 22:12:46 1995 ylo - -Interface to packet compression for ssh. - -*/ + * + * compress.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Oct 25 22:12:46 1995 ylo + * + * Interface to packet compression for ssh. + * + */ #include "includes.h" -RCSID("$Id: compress.c,v 1.2 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: compress.c,v 1.3 1999/11/24 00:26:01 deraadt Exp $"); #include "ssh.h" #include "buffer.h" diff --git a/usr.bin/ssh/compress.h b/usr.bin/ssh/compress.h index c46e2ea7025..e6bd513e667 100644 --- a/usr.bin/ssh/compress.h +++ b/usr.bin/ssh/compress.h @@ -1,29 +1,29 @@ /* - -compress.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Oct 25 22:12:46 1995 ylo - -Interface to packet compression for ssh. - -*/ - -/* RCSID("$Id: compress.h,v 1.1 1999/09/26 20:53:34 deraadt Exp $"); */ + * + * compress.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Oct 25 22:12:46 1995 ylo + * + * Interface to packet compression for ssh. + * + */ + +/* RCSID("$Id: compress.h,v 1.2 1999/11/24 00:26:01 deraadt Exp $"); */ #ifndef COMPRESS_H #define COMPRESS_H /* Initializes compression; level is compression level from 1 to 9 (as in gzip). */ -void buffer_compress_init(int level); +void buffer_compress_init(int level); /* Frees any data structures allocated by buffer_compress_init. */ -void buffer_compress_uninit(); +void buffer_compress_uninit(); /* Compresses the contents of input_buffer into output_buffer. All packets compressed using this function will form a single @@ -32,7 +32,7 @@ void buffer_compress_uninit(); independently (but in the appropriate order since they together form a single compression stream) by the receiver. This appends the compressed data to the output buffer. */ -void buffer_compress(Buffer *input_buffer, Buffer *output_buffer); +void buffer_compress(Buffer * input_buffer, Buffer * output_buffer); /* Uncompresses the contents of input_buffer into output_buffer. All packets uncompressed using this function will form a single @@ -41,6 +41,6 @@ void buffer_compress(Buffer *input_buffer, Buffer *output_buffer); same size units that the buffer_compress was called, and in the same order that buffers compressed with that. This appends the uncompressed data to the output buffer. */ -void buffer_uncompress(Buffer *input_buffer, Buffer *output_buffer); +void buffer_uncompress(Buffer * input_buffer, Buffer * output_buffer); -#endif /* COMPRESS_H */ +#endif /* COMPRESS_H */ diff --git a/usr.bin/ssh/crc32.c b/usr.bin/ssh/crc32.c index b832eb3a585..42c99dad353 100644 --- a/usr.bin/ssh/crc32.c +++ b/usr.bin/ssh/crc32.c @@ -1,9 +1,12 @@ -/* The implementation here was originally done by Gary S. Brown. I have - borrowed the tables directly, and made some minor changes to the - crc32-function (including changing the interface). //ylo */ +/* + * The implementation here was originally done by Gary S. Brown. + * I have borrowed the tables directly, and made some minor changes + * to the crc32-function (including changing the interface). + * //ylo + */ #include "includes.h" -RCSID("$Id: crc32.c,v 1.3 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: crc32.c,v 1.4 1999/11/24 00:26:01 deraadt Exp $"); #include "crc32.h" diff --git a/usr.bin/ssh/crc32.h b/usr.bin/ssh/crc32.h index de7704d6da5..014536c1482 100644 --- a/usr.bin/ssh/crc32.h +++ b/usr.bin/ssh/crc32.h @@ -1,19 +1,19 @@ /* - -crc32.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1992 Tatu Ylonen, Espoo, Finland - All rights reserved - -Created: Tue Feb 11 14:37:27 1992 ylo - -Functions for computing 32-bit CRC. - -*/ - -/* RCSID("$Id: crc32.h,v 1.2 1999/10/01 18:18:56 deraadt Exp $"); */ + * + * crc32.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1992 Tatu Ylonen, Espoo, Finland + * All rights reserved + * + * Created: Tue Feb 11 14:37:27 1992 ylo + * + * Functions for computing 32-bit CRC. + * + */ + +/* RCSID("$Id: crc32.h,v 1.3 1999/11/24 00:26:01 deraadt Exp $"); */ #ifndef CRC32_H #define CRC32_H @@ -22,4 +22,4 @@ Functions for computing 32-bit CRC. CRC. The polynomial used is 0xedb88320. */ unsigned int crc32(const unsigned char *buf, unsigned int len); -#endif /* CRC32_H */ +#endif /* CRC32_H */ diff --git a/usr.bin/ssh/deattack.c b/usr.bin/ssh/deattack.c index e070e8180ba..263e0396c86 100644 --- a/usr.bin/ssh/deattack.c +++ b/usr.bin/ssh/deattack.c @@ -1,5 +1,5 @@ /* - * $Id: deattack.c,v 1.5 1999/11/23 22:25:53 markus Exp $ + * $Id: deattack.c,v 1.6 1999/11/24 00:26:01 deraadt Exp $ * Cryptographic attack detector for ssh - source code * * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. @@ -15,7 +15,8 @@ * SOFTWARE. * * Ariel Futoransky <futo@core-sdi.com> - * <http://www.core-sdi.com> */ + * <http://www.core-sdi.com> + */ #include "includes.h" #include "deattack.h" diff --git a/usr.bin/ssh/deattack.h b/usr.bin/ssh/deattack.h index dc9b0f7dcc5..6ce54dedb17 100644 --- a/usr.bin/ssh/deattack.h +++ b/usr.bin/ssh/deattack.h @@ -1,4 +1,4 @@ -/* $Id: deattack.h,v 1.2 1999/10/05 02:35:57 dugsong Exp $ +/* * Cryptographic attack detector for ssh - Header file * * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. @@ -14,7 +14,8 @@ * SOFTWARE. * * Ariel Futoransky <futo@core-sdi.com> - * <http://www.core-sdi.com> */ + * <http://www.core-sdi.com> + */ #ifndef _DEATTACK_H #define _DEATTACK_H @@ -23,5 +24,5 @@ #define DEATTACK_OK 0 #define DEATTACK_DETECTED 1 -int detect_attack(unsigned char *buf, u_int32_t len, unsigned char IV[8]); +int detect_attack(unsigned char *buf, u_int32_t len, unsigned char IV[8]); #endif diff --git a/usr.bin/ssh/fingerprint.c b/usr.bin/ssh/fingerprint.c index 642ca39f6ed..c1be4ff2569 100644 --- a/usr.bin/ssh/fingerprint.c +++ b/usr.bin/ssh/fingerprint.c @@ -1,5 +1,5 @@ #include "includes.h" -RCSID("$Id: fingerprint.c,v 1.2 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: fingerprint.c,v 1.3 1999/11/24 00:26:01 deraadt Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -7,9 +7,10 @@ RCSID("$Id: fingerprint.c,v 1.2 1999/11/23 22:25:53 markus Exp $"); #define FPRINT "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x" -/* Generate key fingerprint in ascii format. - Based on ideas and code from Bjoern Groenvall <bg@sics.se> */ - +/* + * Generate key fingerprint in ascii format. + * Based on ideas and code from Bjoern Groenvall <bg@sics.se> + */ char * fingerprint(BIGNUM *e, BIGNUM *n) { @@ -31,8 +32,8 @@ fingerprint(BIGNUM *e, BIGNUM *n) MD5_Update(&md, buf, nlen + elen); MD5_Final(d, &md); snprintf(retval, sizeof(retval), FPRINT, - d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], - d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); + d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7], + d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]); memset(buf, 0, nlen + elen); xfree(buf); return retval; diff --git a/usr.bin/ssh/fingerprint.h b/usr.bin/ssh/fingerprint.h index c4ec22fc419..8c603aa1654 100644 --- a/usr.bin/ssh/fingerprint.h +++ b/usr.bin/ssh/fingerprint.h @@ -1,6 +1,6 @@ -/* RCSID("$Id: fingerprint.h,v 1.1 1999/11/16 22:49:28 markus Exp $"); */ +/* RCSID("$Id: fingerprint.h,v 1.2 1999/11/24 00:26:02 deraadt Exp $"); */ #ifndef FINGERPRINT_H #define FINGERPRINT_H -char * fingerprint(BIGNUM *e, BIGNUM *n); +char *fingerprint(BIGNUM * e, BIGNUM * n); #endif diff --git a/usr.bin/ssh/getput.h b/usr.bin/ssh/getput.h index 1c255bdbaa4..d2e138089a4 100644 --- a/usr.bin/ssh/getput.h +++ b/usr.bin/ssh/getput.h @@ -1,19 +1,19 @@ /* - -getput.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Jun 28 22:36:30 1995 ylo - -Macros for storing and retrieving data in msb first and lsb first order. - -*/ - -/* RCSID("$Id: getput.h,v 1.1 1999/09/26 20:53:36 deraadt Exp $"); */ + * + * getput.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Wed Jun 28 22:36:30 1995 ylo + * + * Macros for storing and retrieving data in msb first and lsb first order. + * + */ + +/* RCSID("$Id: getput.h,v 1.2 1999/11/24 00:26:02 deraadt Exp $"); */ #ifndef GETPUT_H #define GETPUT_H @@ -60,5 +60,4 @@ Macros for storing and retrieving data in msb first and lsb first order. (cp)[0] = (value); \ (cp)[1] = (value) >> 8; } while (0) -#endif /* GETPUT_H */ - +#endif /* GETPUT_H */ diff --git a/usr.bin/ssh/hostfile.c b/usr.bin/ssh/hostfile.c index 780b52f2dad..8e181c8989f 100644 --- a/usr.bin/ssh/hostfile.c +++ b/usr.bin/ssh/hostfile.c @@ -1,20 +1,20 @@ /* - -hostfile.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Thu Jun 29 07:10:56 1995 ylo - -Functions for manipulating the known hosts files. - -*/ + * + * hostfile.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Thu Jun 29 07:10:56 1995 ylo + * + * Functions for manipulating the known hosts files. + * + */ #include "includes.h" -RCSID("$Id: hostfile.c,v 1.7 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: hostfile.c,v 1.8 1999/11/24 00:26:02 deraadt Exp $"); #include "packet.h" #include "ssh.h" diff --git a/usr.bin/ssh/includes.h b/usr.bin/ssh/includes.h index 1267acb76a2..712f86bd71b 100644 --- a/usr.bin/ssh/includes.h +++ b/usr.bin/ssh/includes.h @@ -1,17 +1,17 @@ /* - -includes.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Thu Mar 23 16:29:37 1995 ylo - -This file includes most of the needed system headers. - -*/ + * + * includes.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Thu Mar 23 16:29:37 1995 ylo + * + * This file includes most of the needed system headers. + * + */ #ifndef INCLUDES_H #define INCLUDES_H @@ -64,4 +64,4 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } client program. Socketpairs do not seem to work on all systems. */ #define USE_PIPES 1 -#endif /* INCLUDES_H */ +#endif /* INCLUDES_H */ diff --git a/usr.bin/ssh/log-client.c b/usr.bin/ssh/log-client.c index 0a109ece78e..62709d96cdc 100644 --- a/usr.bin/ssh/log-client.c +++ b/usr.bin/ssh/log-client.c @@ -1,21 +1,21 @@ /* - -log-client.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Mar 20 21:13:40 1995 ylo - -Client-side versions of debug(), log(), etc. These print to stderr. -This is a stripped down version of log-server.c. - -*/ + * + * log-client.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 20 21:13:40 1995 ylo + * + * Client-side versions of debug(), log(), etc. These print to stderr. + * This is a stripped down version of log-server.c. + * + */ #include "includes.h" -RCSID("$Id: log-client.c,v 1.5 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: log-client.c,v 1.6 1999/11/24 00:26:02 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" diff --git a/usr.bin/ssh/log-server.c b/usr.bin/ssh/log-server.c index 043300c6db1..52f56a307e8 100644 --- a/usr.bin/ssh/log-server.c +++ b/usr.bin/ssh/log-server.c @@ -1,21 +1,21 @@ /* - -log-server.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Mar 20 21:19:30 1995 ylo - -Server-side versions of debug(), log(), etc. These normally send the output -to the system log. - -*/ + * + * log-server.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 20 21:19:30 1995 ylo + * + * Server-side versions of debug(), log(), etc. These normally send the output + * to the system log. + * + */ #include "includes.h" -RCSID("$Id: log-server.c,v 1.10 1999/11/23 22:25:53 markus Exp $"); +RCSID("$Id: log-server.c,v 1.11 1999/11/24 00:26:02 deraadt Exp $"); #include <syslog.h> #include "packet.h" diff --git a/usr.bin/ssh/log.c b/usr.bin/ssh/log.c index a096d08e8c4..e7052115e1f 100644 --- a/usr.bin/ssh/log.c +++ b/usr.bin/ssh/log.c @@ -1,11 +1,11 @@ /* - -Shared versions of debug(), log(), etc. - + * + * Shared versions of debug(), log(), etc. + * */ #include "includes.h" -RCSID("$OpenBSD: log.c,v 1.4 1999/11/23 22:25:54 markus Exp $"); +RCSID("$OpenBSD: log.c,v 1.5 1999/11/24 00:26:02 deraadt Exp $"); #include "ssh.h" #include "xmalloc.h" diff --git a/usr.bin/ssh/login.c b/usr.bin/ssh/login.c index a0d7e0aee1b..b47aa15b36e 100644 --- a/usr.bin/ssh/login.c +++ b/usr.bin/ssh/login.c @@ -1,24 +1,24 @@ /* - -login.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 24 14:51:08 1995 ylo - -This file performs some of the things login(1) normally does. We cannot -easily use something like login -p -h host -f user, because there are -several different logins around, and it is hard to determined what kind of -login the current system has. Also, we want to be able to execute commands -on a tty. - -*/ + * + * login.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 24 14:51:08 1995 ylo + * + * This file performs some of the things login(1) normally does. We cannot + * easily use something like login -p -h host -f user, because there are + * several different logins around, and it is hard to determined what kind of + * login the current system has. Also, we want to be able to execute commands + * on a tty. + * + */ #include "includes.h" -RCSID("$Id: login.c,v 1.8 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: login.c,v 1.9 1999/11/24 00:26:02 deraadt Exp $"); #include <util.h> #include <utmp.h> diff --git a/usr.bin/ssh/match.c b/usr.bin/ssh/match.c index 9783d4118d0..1eccf4d2cad 100644 --- a/usr.bin/ssh/match.c +++ b/usr.bin/ssh/match.c @@ -1,20 +1,20 @@ /* - -match.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Thu Jun 22 01:17:50 1995 ylo - -Simple pattern matching, with '*' and '?' as wildcards. - -*/ + * + * match.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Thu Jun 22 01:17:50 1995 ylo + * + * Simple pattern matching, with '*' and '?' as wildcards. + * + */ #include "includes.h" -RCSID("$Id: match.c,v 1.2 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: match.c,v 1.3 1999/11/24 00:26:02 deraadt Exp $"); #include "ssh.h" diff --git a/usr.bin/ssh/mpaux.c b/usr.bin/ssh/mpaux.c index a2e22fd6aa0..df045004b8d 100644 --- a/usr.bin/ssh/mpaux.c +++ b/usr.bin/ssh/mpaux.c @@ -1,21 +1,21 @@ /* - -mpaux.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sun Jul 16 04:29:30 1995 ylo - -This file contains various auxiliary functions related to multiple -precision integers. - + * + * mpaux.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sun Jul 16 04:29:30 1995 ylo + * + * This file contains various auxiliary functions related to multiple + * precision integers. + * */ #include "includes.h" -RCSID("$Id: mpaux.c,v 1.7 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: mpaux.c,v 1.8 1999/11/24 00:26:02 deraadt Exp $"); #include <ssl/bn.h> #include "getput.h" diff --git a/usr.bin/ssh/mpaux.h b/usr.bin/ssh/mpaux.h index b8f6522d46e..3c19a173b83 100644 --- a/usr.bin/ssh/mpaux.h +++ b/usr.bin/ssh/mpaux.h @@ -1,20 +1,19 @@ /* - -mpaux.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sun Jul 16 04:29:30 1995 ylo - -This file contains various auxiliary functions related to multiple -precision integers. - -*/ - -/* RCSID("$Id: mpaux.h,v 1.3 1999/11/15 20:53:24 markus Exp $"); */ + * + * mpaux.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sun Jul 16 04:29:30 1995 ylo + * + * This file contains various auxiliary functions related to multiple + * precision integers. + */ + +/* RCSID("$Id: mpaux.h,v 1.4 1999/11/24 00:26:02 deraadt Exp $"); */ #ifndef MPAUX_H #define MPAUX_H @@ -22,9 +21,10 @@ precision integers. /* Computes a 16-byte session id in the global variable session_id. The session id is computed by concatenating the linearized, msb first representations of host_key_n, session_key_n, and the cookie. */ -void compute_session_id(unsigned char session_id[16], - unsigned char cookie[8], - BIGNUM *host_key_n, - BIGNUM *session_key_n); +void +compute_session_id(unsigned char session_id[16], + unsigned char cookie[8], + BIGNUM * host_key_n, + BIGNUM * session_key_n); -#endif /* MPAUX_H */ +#endif /* MPAUX_H */ diff --git a/usr.bin/ssh/nchan.h b/usr.bin/ssh/nchan.h index 5fb3bc04e90..21d4397d0ce 100644 --- a/usr.bin/ssh/nchan.h +++ b/usr.bin/ssh/nchan.h @@ -1,4 +1,4 @@ -/* RCSID("$Id: nchan.h,v 1.3 1999/10/17 16:56:09 markus Exp $"); */ +/* RCSID("$Id: nchan.h,v 1.4 1999/11/24 00:26:02 deraadt Exp $"); */ #ifndef NCHAN_H #define NCHAN_H @@ -7,24 +7,24 @@ * SSH Protocol 1.5 aka New Channel Protocol * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored. * Written by Markus Friedl in October 1999 - * + * * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the * tear down of channels: - * + * * 1.3: strict request-ack-protocol: * CLOSE -> * <- CLOSE_CONFIRM - * + * * 1.5: uses variations of: * IEOF -> * <- OCLOSE * <- IEOF * OCLOSE -> * i.e. both sides have to close the channel - * + * * See the debugging output from 'ssh -v' and 'sshd -d' of * ssh-1.2.27 as an example. - * + * */ /* ssh-proto-1.5 overloads prot-1.3-message-types */ @@ -44,14 +44,14 @@ #define CHAN_OUTPUT_CLOSED 0x80 /* EVENTS for the input state */ -void chan_rcvd_oclose(Channel *c); -void chan_read_failed(Channel *c); -void chan_ibuf_empty(Channel *c); +void chan_rcvd_oclose(Channel * c); +void chan_read_failed(Channel * c); +void chan_ibuf_empty(Channel * c); /* EVENTS for the output state */ -void chan_rcvd_ieof(Channel *c); -void chan_write_failed(Channel *c); -void chan_obuf_empty(Channel *c); +void chan_rcvd_ieof(Channel * c); +void chan_write_failed(Channel * c); +void chan_obuf_empty(Channel * c); -void chan_init_iostates(Channel *c); +void chan_init_iostates(Channel * c); #endif diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index 7a507adc6f8..1d6d25a90da 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -1,21 +1,21 @@ /* - -packet.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Mar 18 02:40:40 1995 ylo - -This file contains code implementing the packet protocol and communication -with the other side. This same code is used both on client and server side. - -*/ + * + * packet.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 02:40:40 1995 ylo + * + * This file contains code implementing the packet protocol and communication + * with the other side. This same code is used both on client and server side. + * + */ #include "includes.h" -RCSID("$Id: packet.c,v 1.14 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: packet.c,v 1.15 1999/11/24 00:26:02 deraadt Exp $"); #include "xmalloc.h" #include "buffer.h" diff --git a/usr.bin/ssh/packet.h b/usr.bin/ssh/packet.h index f729894219b..15e5e45d2a2 100644 --- a/usr.bin/ssh/packet.h +++ b/usr.bin/ssh/packet.h @@ -1,19 +1,19 @@ /* - -packet.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Mar 18 02:02:14 1995 ylo - -Interface for the packet protocol functions. - -*/ - -/* RCSID("$Id: packet.h,v 1.4 1999/11/19 19:58:18 markus Exp $"); */ + * + * packet.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sat Mar 18 02:02:14 1995 ylo + * + * Interface for the packet protocol functions. + * + */ + +/* RCSID("$Id: packet.h,v 1.5 1999/11/24 00:26:02 deraadt Exp $"); */ #ifndef PACKET_H #define PACKET_H @@ -24,83 +24,84 @@ Interface for the packet protocol functions. packet_set_encryption_key is called. It is permissible that fd_in and fd_out are the same descriptor; in that case it is assumed to be a socket. */ -void packet_set_connection(int fd_in, int fd_out); +void packet_set_connection(int fd_in, int fd_out); /* Puts the connection file descriptors into non-blocking mode. */ -void packet_set_nonblocking(void); +void packet_set_nonblocking(void); /* Returns the file descriptor used for input. */ -int packet_get_connection_in(void); +int packet_get_connection_in(void); /* Returns the file descriptor used for output. */ -int packet_get_connection_out(void); +int packet_get_connection_out(void); /* Closes the connection (both descriptors) and clears and frees - internal data structures. */ -void packet_close(void); + internal data structures. */ +void packet_close(void); /* Causes any further packets to be encrypted using the given key. The same key is used for both sending and reception. However, both directions are encrypted independently of each other. Cipher types are defined in ssh.h. */ -void packet_set_encryption_key(const unsigned char *key, unsigned int keylen, - int cipher_type); +void +packet_set_encryption_key(const unsigned char *key, unsigned int keylen, + int cipher_type); /* Sets remote side protocol flags for the current connection. This can be called at any time. */ -void packet_set_protocol_flags(unsigned int flags); +void packet_set_protocol_flags(unsigned int flags); /* Returns the remote protocol flags set earlier by the above function. */ unsigned int packet_get_protocol_flags(void); /* Enables compression in both directions starting from the next packet. */ -void packet_start_compression(int level); +void packet_start_compression(int level); /* Informs that the current session is interactive. Sets IP flags for optimal performance in interactive use. */ -void packet_set_interactive(int interactive, int keepalives); +void packet_set_interactive(int interactive, int keepalives); /* Returns true if the current connection is interactive. */ -int packet_is_interactive(void); +int packet_is_interactive(void); /* Starts constructing a packet to send. */ -void packet_start(int type); +void packet_start(int type); /* Appends a character to the packet data. */ -void packet_put_char(int ch); +void packet_put_char(int ch); /* Appends an integer to the packet data. */ -void packet_put_int(unsigned int value); +void packet_put_int(unsigned int value); /* Appends an arbitrary precision integer to packet data. */ -void packet_put_bignum(BIGNUM *value); +void packet_put_bignum(BIGNUM * value); /* Appends a string to packet data. */ -void packet_put_string(const char *buf, unsigned int len); +void packet_put_string(const char *buf, unsigned int len); /* Finalizes and sends the packet. If the encryption key has been set, encrypts the packet before sending. */ -void packet_send(void); +void packet_send(void); /* Waits until a packet has been received, and returns its type. */ -int packet_read(int *payload_len_ptr); +int packet_read(int *payload_len_ptr); /* Waits until a packet has been received, verifies that its type matches that given, and gives a fatal error and exits if there is a mismatch. */ -void packet_read_expect(int *payload_len_ptr, int type); +void packet_read_expect(int *payload_len_ptr, int type); /* Checks if a full packet is available in the data received so far via packet_process_incoming. If so, reads the packet; otherwise returns - SSH_MSG_NONE. This does not wait for data from the connection. - + SSH_MSG_NONE. This does not wait for data from the connection. + SSH_MSG_DISCONNECT is handled specially here. Also, SSH_MSG_IGNORE messages are skipped by this function and are never returned to higher levels. */ -int packet_read_poll(int *packet_len_ptr); +int packet_read_poll(int *packet_len_ptr); /* Buffers the given amount of input characters. This is intended to be used together with packet_read_poll. */ -void packet_process_incoming(const char *buf, unsigned int len); +void packet_process_incoming(const char *buf, unsigned int len); /* Returns a character (0-255) from the packet data. */ unsigned int packet_get_char(void); @@ -110,19 +111,19 @@ unsigned int packet_get_int(void); /* Returns an arbitrary precision integer from the packet data. The integer must have been initialized before this call. */ -void packet_get_bignum(BIGNUM *value, int *length_ptr); +void packet_get_bignum(BIGNUM * value, int *length_ptr); /* Returns a string from the packet data. The string is allocated using xmalloc; it is the responsibility of the calling program to free it when no longer needed. The length_ptr argument may be NULL, or point to an integer into which the length of the string is stored. */ -char *packet_get_string(unsigned int *length_ptr); +char *packet_get_string(unsigned int *length_ptr); /* Logs the error in syslog using LOG_INFO, constructs and sends a disconnect packet, closes the connection, and exits. This function never returns. The error message should not contain a newline. The total length of the message must not exceed 1024 bytes. */ -void packet_disconnect(const char *fmt, ...); +void packet_disconnect(const char *fmt,...); /* Sends a diagnostic message to the other side. This message can be sent at any time (but not while constructing another message). @@ -132,31 +133,31 @@ void packet_disconnect(const char *fmt, ...); must not exceed 1024 bytes. This will automatically call packet_write_wait. If the remote side protocol flags do not indicate that it supports SSH_MSG_DEBUG, this will do nothing. */ -void packet_send_debug(const char *fmt, ...); +void packet_send_debug(const char *fmt,...); /* Checks if there is any buffered output, and tries to write some of the output. */ -void packet_write_poll(void); +void packet_write_poll(void); /* Waits until all pending output data has been written. */ -void packet_write_wait(void); +void packet_write_wait(void); /* Returns true if there is buffered data to write to the connection. */ -int packet_have_data_to_write(void); +int packet_have_data_to_write(void); /* Returns true if there is not too much data to write to the connection. */ -int packet_not_very_much_data_to_write(void); +int packet_not_very_much_data_to_write(void); /* maximum packet size, requested by client with SSH_CMSG_MAX_PACKET_SIZE */ extern int max_packet_size; -int packet_set_maxsize(int s); +int packet_set_maxsize(int s); #define packet_get_maxsize() max_packet_size /* Stores tty modes from the fd into current packet. */ -void tty_make_modes(int fd); +void tty_make_modes(int fd); /* Parses tty modes for the fd from the current packet. */ -void tty_parse_modes(int fd, int *n_bytes_ptr); +void tty_parse_modes(int fd, int *n_bytes_ptr); #define packet_integrity_check(payload_len, expected_len, type) \ do { \ @@ -168,4 +169,4 @@ do { \ } \ } while (0) -#endif /* PACKET_H */ +#endif /* PACKET_H */ diff --git a/usr.bin/ssh/pty.c b/usr.bin/ssh/pty.c index 0e1db6df20e..ff0173ff738 100644 --- a/usr.bin/ssh/pty.c +++ b/usr.bin/ssh/pty.c @@ -1,20 +1,20 @@ /* - -pty.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 17 04:37:25 1995 ylo - -Allocating a pseudo-terminal, and making it the controlling tty. - -*/ + * + * pty.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 04:37:25 1995 ylo + * + * Allocating a pseudo-terminal, and making it the controlling tty. + * + */ #include "includes.h" -RCSID("$Id: pty.c,v 1.6 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: pty.c,v 1.7 1999/11/24 00:26:02 deraadt Exp $"); #include "pty.h" #include "ssh.h" diff --git a/usr.bin/ssh/pty.h b/usr.bin/ssh/pty.h index c88ae92718c..f2a98dc1099 100644 --- a/usr.bin/ssh/pty.h +++ b/usr.bin/ssh/pty.h @@ -1,40 +1,40 @@ /* - -pty.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 17 05:03:28 1995 ylo - -Functions for allocating a pseudo-terminal and making it the controlling -tty. - -*/ - -/* RCSID("$Id: pty.h,v 1.1 1999/09/26 20:53:36 deraadt Exp $"); */ + * + * pty.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 05:03:28 1995 ylo + * + * Functions for allocating a pseudo-terminal and making it the controlling + * tty. + */ + +/* RCSID("$Id: pty.h,v 1.2 1999/11/24 00:26:02 deraadt Exp $"); */ #ifndef PTY_H #define PTY_H /* Allocates and opens a pty. Returns 0 if no pty could be allocated, or nonzero if a pty was successfully allocated. On success, open file - descriptors for the pty and tty sides and the name of the tty side are + descriptors for the pty and tty sides and the name of the tty side are returned (the buffer must be able to hold at least 64 characters). */ -int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname); +int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname); /* Releases the tty. Its ownership is returned to root, and permissions to 0666. */ -void pty_release(const char *ttyname); +void pty_release(const char *ttyname); -/* Makes the tty the processes controlling tty and sets it to sane modes. +/* Makes the tty the processes controlling tty and sets it to sane modes. This may need to reopen the tty to get rid of possible eavesdroppers. */ -void pty_make_controlling_tty(int *ttyfd, const char *ttyname); +void pty_make_controlling_tty(int *ttyfd, const char *ttyname); /* Changes the window size associated with the pty. */ -void pty_change_window_size(int ptyfd, int row, int col, - int xpixel, int ypixel); +void +pty_change_window_size(int ptyfd, int row, int col, + int xpixel, int ypixel); -#endif /* PTY_H */ +#endif /* PTY_H */ diff --git a/usr.bin/ssh/radix.c b/usr.bin/ssh/radix.c index d61daf47b4a..6637b2fb109 100644 --- a/usr.bin/ssh/radix.c +++ b/usr.bin/ssh/radix.c @@ -1,12 +1,12 @@ /* - radix.c - - base-64 encoding pinched from lynx2-7-2, who pinched it from rpem. - Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991 - and placed in the public domain. - - Dug Song <dugsong@UMICH.EDU> -*/ + * radix.c + * + * base-64 encoding pinched from lynx2-7-2, who pinched it from rpem. + * Originally written by Mark Riordan 12 August 1990 and 17 Feb 1991 + * and placed in the public domain. + * + * Dug Song <dugsong@UMICH.EDU> + */ #include "includes.h" diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index cd55fc9581d..68f97758040 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,20 +1,20 @@ /* - -readconf.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Apr 22 00:03:10 1995 ylo - -Functions for reading the configuration files. - -*/ + * + * readconf.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sat Apr 22 00:03:10 1995 ylo + * + * Functions for reading the configuration files. + * + */ #include "includes.h" -RCSID("$Id: readconf.c,v 1.17 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: readconf.c,v 1.18 1999/11/24 00:26:02 deraadt Exp $"); #include "ssh.h" #include "cipher.h" diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h index 91eb23dc133..25262e49f27 100644 --- a/usr.bin/ssh/readconf.h +++ b/usr.bin/ssh/readconf.h @@ -1,119 +1,126 @@ /* - -readconf.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Apr 22 00:25:29 1995 ylo - -Functions for reading the configuration file. - -*/ - -/* RCSID("$Id: readconf.h,v 1.10 1999/11/22 21:52:41 markus Exp $"); */ + * + * readconf.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sat Apr 22 00:25:29 1995 ylo + * + * Functions for reading the configuration file. + * + */ + +/* RCSID("$Id: readconf.h,v 1.11 1999/11/24 00:26:02 deraadt Exp $"); */ #ifndef READCONF_H #define READCONF_H /* Data structure for representing a forwarding request. */ -typedef struct -{ - int port; /* Port to forward. */ - char *host; /* Host to connect. */ - int host_port; /* Port to connect on host. */ -} Forward; - +typedef struct { + int port; /* Port to forward. */ + char *host; /* Host to connect. */ + int host_port; /* Port to connect on host. */ +} Forward; /* Data structure for representing option data. */ -typedef struct -{ - int forward_agent; /* Forward authentication agent. */ - int forward_x11; /* Forward X11 display. */ - int gateway_ports; /* Allow remote connects to forwarded ports. */ - int use_privileged_port; /* Don't use privileged port if false. */ - int rhosts_authentication; /* Try rhosts authentication. */ - int rhosts_rsa_authentication;/* Try rhosts with RSA authentication. */ - int rsa_authentication; /* Try RSA authentication. */ - int skey_authentication; /* Try S/Key or TIS authentication. */ +typedef struct { + int forward_agent; /* Forward authentication agent. */ + int forward_x11; /* Forward X11 display. */ + int gateway_ports; /* Allow remote connects to forwarded ports. */ + int use_privileged_port; /* Don't use privileged port if false. */ + int rhosts_authentication; /* Try rhosts authentication. */ + int rhosts_rsa_authentication; /* Try rhosts with RSA + * authentication. */ + int rsa_authentication; /* Try RSA authentication. */ + int skey_authentication; /* Try S/Key or TIS authentication. */ #ifdef KRB4 - int kerberos_authentication; /* Try Kerberos authentication. */ + int kerberos_authentication; /* Try Kerberos + * authentication. */ #endif #ifdef AFS - int kerberos_tgt_passing; /* Try Kerberos tgt passing. */ - int afs_token_passing; /* Try AFS token passing. */ + int kerberos_tgt_passing; /* Try Kerberos tgt passing. */ + int afs_token_passing; /* Try AFS token passing. */ #endif - int password_authentication; /* Try password authentication. */ - int fallback_to_rsh; /* Use rsh if cannot connect with ssh. */ - int use_rsh; /* Always use rsh (don\'t try ssh). */ - int batch_mode; /* Batch mode: do not ask for passwords. */ - int check_host_ip; /* Also keep track of keys for IP address */ - int strict_host_key_checking; /* Strict host key checking. */ - int compression; /* Compress packets in both directions. */ - int compression_level; /* Compression level 1 (fast) to 9 (best). */ - int keepalives; /* Set SO_KEEPALIVE. */ - LogLevel log_level; /* Level for logging. */ - - int port; /* Port to connect. */ - int connection_attempts; /* Max attempts (seconds) before giving up */ - int number_of_password_prompts; /* Max number of password prompts. */ - int cipher; /* Cipher to use. */ - char *hostname; /* Real host to connect. */ - char *proxy_command; /* Proxy command for connecting the host. */ - char *user; /* User to log in as. */ - int escape_char; /* Escape character; -2 = none */ - - char *system_hostfile; /* Path for /etc/ssh_known_hosts. */ - char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */ - - int num_identity_files; /* Number of files for RSA identities. */ - char *identity_files[SSH_MAX_IDENTITY_FILES]; - - /* Local TCP/IP forward requests. */ - int num_local_forwards; - Forward local_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; - - /* Remote TCP/IP forward requests. */ - int num_remote_forwards; - Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; -} Options; + int password_authentication; /* Try password + * authentication. */ + int fallback_to_rsh;/* Use rsh if cannot connect with ssh. */ + int use_rsh; /* Always use rsh (don\'t try ssh). */ + int batch_mode; /* Batch mode: do not ask for passwords. */ + int check_host_ip; /* Also keep track of keys for IP address */ + int strict_host_key_checking; /* Strict host key checking. */ + int compression; /* Compress packets in both directions. */ + int compression_level; /* Compression level 1 (fast) to 9 + * (best). */ + int keepalives; /* Set SO_KEEPALIVE. */ + LogLevel log_level; /* Level for logging. */ + + int port; /* Port to connect. */ + int connection_attempts; /* Max attempts (seconds) before + * giving up */ + int number_of_password_prompts; /* Max number of password + * prompts. */ + int cipher; /* Cipher to use. */ + char *hostname; /* Real host to connect. */ + char *proxy_command; /* Proxy command for connecting the host. */ + char *user; /* User to log in as. */ + int escape_char; /* Escape character; -2 = none */ + + char *system_hostfile;/* Path for /etc/ssh_known_hosts. */ + char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */ + + int num_identity_files; /* Number of files for RSA identities. */ + char *identity_files[SSH_MAX_IDENTITY_FILES]; + + /* Local TCP/IP forward requests. */ + int num_local_forwards; + Forward local_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; + + /* Remote TCP/IP forward requests. */ + int num_remote_forwards; + Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; +} Options; /* Initializes options to special values that indicate that they have not yet been set. Read_config_file will only set options with this value. Options are processed in the following order: command line, user config file, system config file. Last, fill_default_options is called. */ -void initialize_options(Options *options); +void initialize_options(Options * options); /* Called after processing other sources of option data, this fills those options for which no value has been specified with their default values. */ -void fill_default_options(Options *options); +void fill_default_options(Options * options); -/* Processes a single option line as used in the configuration files. +/* Processes a single option line as used in the configuration files. This only sets those values that have not already been set. Returns 0 for legal options */ -int process_config_line(Options *options, const char *host, - char *line, const char *filename, int linenum, - int *activep); +int +process_config_line(Options * options, const char *host, + char *line, const char *filename, int linenum, + int *activep); /* Reads the config file and modifies the options accordingly. Options should already be initialized before this call. This never returns if there is an error. If the file does not exist, this returns immediately. */ -void read_config_file(const char *filename, const char *host, - Options *options); +void +read_config_file(const char *filename, const char *host, + Options * options); /* Adds a local TCP/IP port forward to options. Never returns if there is an error. */ -void add_local_forward(Options *options, int port, const char *host, - int host_port); +void +add_local_forward(Options * options, int port, const char *host, + int host_port); /* Adds a remote TCP/IP port forward to options. Never returns if there is an error. */ -void add_remote_forward(Options *options, int port, const char *host, - int host_port); +void +add_remote_forward(Options * options, int port, const char *host, + int host_port); -#endif /* READCONF_H */ +#endif /* READCONF_H */ diff --git a/usr.bin/ssh/readpass.c b/usr.bin/ssh/readpass.c index 57d2f984671..9cd50a86884 100644 --- a/usr.bin/ssh/readpass.c +++ b/usr.bin/ssh/readpass.c @@ -1,20 +1,20 @@ /* - -readpass.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Jul 10 22:08:59 1995 ylo - -Functions for reading passphrases and passwords. - -*/ + * + * readpass.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Jul 10 22:08:59 1995 ylo + * + * Functions for reading passphrases and passwords. + * + */ #include "includes.h" -RCSID("$Id: readpass.c,v 1.5 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: readpass.c,v 1.6 1999/11/24 00:26:03 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" diff --git a/usr.bin/ssh/rsa.c b/usr.bin/ssh/rsa.c index 85c1941c779..624820d8442 100644 --- a/usr.bin/ssh/rsa.c +++ b/usr.bin/ssh/rsa.c @@ -1,41 +1,41 @@ /* - -rsa.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 3 22:07:06 1995 ylo - -Description of the RSA algorithm can be found e.g. from the following sources: - - Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994. - - Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to - Computer Security. Prentice-Hall, 1989. - - Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill, - 1994. - - R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications - System and Method. US Patent 4,405,829, 1983. - - Hans Riesel: Prime Numbers and Computer Methods for Factorization. - Birkhauser, 1994. - - The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995. - - RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as included - below: - - gone - had to be deleted - what a pity - + * + * rsa.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 3 22:07:06 1995 ylo + * + * Description of the RSA algorithm can be found e.g. from the following sources: + * + * Bruce Schneier: Applied Cryptography. John Wiley & Sons, 1994. + * + * Jennifer Seberry and Josed Pieprzyk: Cryptography: An Introduction to + * Computer Security. Prentice-Hall, 1989. + * + * Man Young Rhee: Cryptography and Secure Data Communications. McGraw-Hill, + * 1994. + * + * R. Rivest, A. Shamir, and L. M. Adleman: Cryptographic Communications + * System and Method. US Patent 4,405,829, 1983. + * + * Hans Riesel: Prime Numbers and Computer Methods for Factorization. + * Birkhauser, 1994. + * + * The RSA Frequently Asked Questions document by RSA Data Security, Inc., 1995. + * + * RSA in 3 lines of perl by Adam Back <aba@atlax.ex.ac.uk>, 1995, as included + * below: + * + * [gone - had to be deleted - what a pity] + * */ #include "includes.h" -RCSID("$Id: rsa.c,v 1.9 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: rsa.c,v 1.10 1999/11/24 00:26:03 deraadt Exp $"); #include "rsa.h" #include "ssh.h" diff --git a/usr.bin/ssh/rsa.h b/usr.bin/ssh/rsa.h index a1023a2a0c4..d5a5ba81dd3 100644 --- a/usr.bin/ssh/rsa.h +++ b/usr.bin/ssh/rsa.h @@ -1,19 +1,19 @@ /* - -rsa.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 3 22:01:06 1995 ylo - -RSA key generation, encryption and decryption. - + * + * rsa.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 3 22:01:06 1995 ylo + * + * RSA key generation, encryption and decryption. + * */ -/* RCSID("$Id: rsa.h,v 1.2 1999/09/29 06:15:00 deraadt Exp $"); */ +/* RCSID("$Id: rsa.h,v 1.3 1999/11/24 00:26:03 deraadt Exp $"); */ #ifndef RSA_H #define RSA_H @@ -22,15 +22,15 @@ RSA key generation, encryption and decryption. #include <ssl/rsa.h> /* Calls SSL RSA_generate_key, only copies to prv and pub */ -void rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits); +void rsa_generate_key(RSA * prv, RSA * pub, unsigned int bits); /* Indicates whether the rsa module is permitted to show messages on the terminal. */ void rsa_set_verbose __P((int verbose)); -int rsa_alive __P((void)); +int rsa_alive __P((void)); -void rsa_public_encrypt __P((BIGNUM *out, BIGNUM *in, RSA *prv)); -void rsa_private_decrypt __P((BIGNUM *out, BIGNUM *in, RSA *prv)); +void rsa_public_encrypt __P((BIGNUM * out, BIGNUM * in, RSA * prv)); +void rsa_private_decrypt __P((BIGNUM * out, BIGNUM * in, RSA * prv)); -#endif /* RSA_H */ +#endif /* RSA_H */ diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c index 2e79f301d88..f5f53e7ad3b 100644 --- a/usr.bin/ssh/scp.c +++ b/usr.bin/ssh/scp.c @@ -1,13 +1,13 @@ /* - -scp - secure remote copy. This is basically patched BSD rcp which uses ssh -to do the data transfer (instead of using rcmd). - -NOTE: This version should NOT be suid root. (This uses ssh to do the transfer -and ssh has the necessary privileges.) - -1995 Timo Rinne <tri@iki.fi>, Tatu Ylonen <ylo@cs.hut.fi> - + * + * scp - secure remote copy. This is basically patched BSD rcp which uses ssh + * to do the data transfer (instead of using rcmd). + * + * NOTE: This version should NOT be suid root. (This uses ssh to do the transfer + * and ssh has the necessary privileges.) + * + * 1995 Timo Rinne <tri@iki.fi>, Tatu Ylonen <ylo@cs.hut.fi> + * */ /* @@ -45,7 +45,7 @@ and ssh has the necessary privileges.) */ #include "includes.h" -RCSID("$Id: scp.c,v 1.18 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: scp.c,v 1.19 1999/11/24 00:26:03 deraadt Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -970,7 +970,7 @@ run_err(const char *fmt,...) * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: scp.c,v 1.18 1999/11/23 22:25:54 markus Exp $ + * $Id: scp.c,v 1.19 1999/11/24 00:26:03 deraadt Exp $ */ char * diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c index b47a7e64cc0..ca4d17878f7 100644 --- a/usr.bin/ssh/servconf.c +++ b/usr.bin/ssh/servconf.c @@ -1,18 +1,18 @@ /* - -servconf.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Aug 21 15:48:58 1995 ylo - -*/ + * + * servconf.c + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Aug 21 15:48:58 1995 ylo + * + */ #include "includes.h" -RCSID("$Id: servconf.c,v 1.25 1999/11/23 22:25:54 markus Exp $"); +RCSID("$Id: servconf.c,v 1.26 1999/11/24 00:26:03 deraadt Exp $"); #include "ssh.h" #include "servconf.h" diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h index 721ce7decf3..d5a15b697f8 100644 --- a/usr.bin/ssh/servconf.h +++ b/usr.bin/ssh/servconf.h @@ -1,86 +1,98 @@ /* + * + * servconf.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Aug 21 15:35:03 1995 ylo + * + * Definitions for server configuration data and for the functions reading it. + * + */ -servconf.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Aug 21 15:35:03 1995 ylo - -Definitions for server configuration data and for the functions reading it. - -*/ - -/* RCSID("$Id: servconf.h,v 1.12 1999/11/11 22:58:38 markus Exp $"); */ +/* RCSID("$Id: servconf.h,v 1.13 1999/11/24 00:26:03 deraadt Exp $"); */ #ifndef SERVCONF_H #define SERVCONF_H -#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ -#define MAX_DENY_USERS 256 /* Max # users on deny list. */ -#define MAX_ALLOW_GROUPS 256 /* Max # groups on allow list. */ -#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */ +#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */ +#define MAX_DENY_USERS 256 /* Max # users on deny list. */ +#define MAX_ALLOW_GROUPS 256 /* Max # groups on allow list. */ +#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */ -typedef struct -{ - int port; /* Port number to listen on. */ - struct in_addr listen_addr; /* Address on which the server listens. */ - char *host_key_file; /* File containing host key. */ - int server_key_bits; /* Size of the server key. */ - int login_grace_time; /* Disconnect if no auth in this time (sec). */ - int key_regeneration_time; /* Server key lifetime (seconds). */ - int permit_root_login; /* If true, permit root login. */ - int ignore_rhosts; /* Ignore .rhosts and .shosts. */ - int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts for RhostsRsaAuth */ - int print_motd; /* If true, print /etc/motd. */ - int check_mail; /* If true, check for new mail. */ - int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ - int x11_display_offset; /* What DISPLAY number to start searching at */ - int strict_modes; /* If true, require string home dir modes. */ - int keepalives; /* If true, set SO_KEEPALIVE. */ - SyslogFacility log_facility; /* Facility for system logging. */ - LogLevel log_level; /* Level for system logging. */ - int rhosts_authentication; /* If true, permit rhosts authentication. */ - int rhosts_rsa_authentication;/* If true, permit rhosts RSA authentication.*/ - int rsa_authentication; /* If true, permit RSA authentication. */ +typedef struct { + int port; /* Port number to listen on. */ + struct in_addr listen_addr; /* Address on which the server + * listens. */ + char *host_key_file; /* File containing host key. */ + int server_key_bits;/* Size of the server key. */ + int login_grace_time; /* Disconnect if no auth in this time + * (sec). */ + int key_regeneration_time; /* Server key lifetime (seconds). */ + int permit_root_login; /* If true, permit root login. */ + int ignore_rhosts; /* Ignore .rhosts and .shosts. */ + int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts + * for RhostsRsaAuth */ + int print_motd; /* If true, print /etc/motd. */ + int check_mail; /* If true, check for new mail. */ + int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ + int x11_display_offset; /* What DISPLAY number to start + * searching at */ + int strict_modes; /* If true, require string home dir modes. */ + int keepalives; /* If true, set SO_KEEPALIVE. */ + SyslogFacility log_facility; /* Facility for system logging. */ + LogLevel log_level; /* Level for system logging. */ + int rhosts_authentication; /* If true, permit rhosts + * authentication. */ + int rhosts_rsa_authentication; /* If true, permit rhosts RSA + * authentication. */ + int rsa_authentication; /* If true, permit RSA authentication. */ #ifdef KRB4 - int kerberos_authentication; /* If true, permit Kerberos authentication. */ - int kerberos_or_local_passwd; /* If true, permit kerberos and any other - password authentication mechanism, such - as SecurID or /etc/passwd */ - int kerberos_ticket_cleanup; /* If true, destroy ticket file on logout. */ + int kerberos_authentication; /* If true, permit Kerberos + * authentication. */ + int kerberos_or_local_passwd; /* If true, permit kerberos + * and any other password + * authentication mechanism, + * such as SecurID or + * /etc/passwd */ + int kerberos_ticket_cleanup; /* If true, destroy ticket + * file on logout. */ #endif #ifdef AFS - int kerberos_tgt_passing; /* If true, permit Kerberos tgt passing. */ - int afs_token_passing; /* If true, permit AFS token passing. */ + int kerberos_tgt_passing; /* If true, permit Kerberos tgt + * passing. */ + int afs_token_passing; /* If true, permit AFS token passing. */ #endif - int password_authentication; /* If true, permit password authentication. */ + int password_authentication; /* If true, permit password + * authentication. */ #ifdef SKEY - int skey_authentication; /* If true, permit s/key authentication. */ + int skey_authentication; /* If true, permit s/key + * authentication. */ #endif - int permit_empty_passwd; /* If false, do not permit empty passwords. */ - int use_login; /* If true, login(1) is used */ - unsigned int num_allow_users; - char *allow_users[MAX_ALLOW_USERS]; - unsigned int num_deny_users; - char *deny_users[MAX_DENY_USERS]; - unsigned int num_allow_groups; - char *allow_groups[MAX_ALLOW_GROUPS]; - unsigned int num_deny_groups; - char *deny_groups[MAX_DENY_GROUPS]; -} ServerOptions; - + int permit_empty_passwd; /* If false, do not permit empty + * passwords. */ + int use_login; /* If true, login(1) is used */ + unsigned int num_allow_users; + char *allow_users[MAX_ALLOW_USERS]; + unsigned int num_deny_users; + char *deny_users[MAX_DENY_USERS]; + unsigned int num_allow_groups; + char *allow_groups[MAX_ALLOW_GROUPS]; + unsigned int num_deny_groups; + char *deny_groups[MAX_DENY_GROUPS]; +} ServerOptions; /* Initializes the server options to special values that indicate that they have not yet been set. */ -void initialize_server_options(ServerOptions *options); +void initialize_server_options(ServerOptions * options); /* Reads the server configuration file. This only sets the values for those options that have the special value indicating they have not been set. */ -void read_server_config(ServerOptions *options, const char *filename); +void read_server_config(ServerOptions * options, const char *filename); /* Sets values for those values that have not yet been set. */ -void fill_default_server_options(ServerOptions *options); +void fill_default_server_options(ServerOptions * options); -#endif /* SERVCONF_H */ +#endif /* SERVCONF_H */ diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index 4ad8e74acaf..fc959baef8e 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -1,17 +1,10 @@ /* - -serverloop.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sun Sep 10 00:30:37 1995 ylo - -Server main loop for handling the interactive session. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Sun Sep 10 00:30:37 1995 ylo + * Server main loop for handling the interactive session. + */ #include "includes.h" #include "xmalloc.h" @@ -66,8 +59,9 @@ sigchld_handler(int sig) errno = save_errno; } -/* Process any buffered packets that have been received from the client. */ - +/* + * Process any buffered packets that have been received from the client. + */ void process_buffered_input_packets() { @@ -159,9 +153,10 @@ process_buffered_input_packets() } } -/* Make packets from buffered stderr data, and buffer it for sending - to the client. */ - +/* + * Make packets from buffered stderr data, and buffer it for sending + * to the client. + */ void make_packets_from_stderr_data() { @@ -187,9 +182,10 @@ make_packets_from_stderr_data() } } -/* Make packets from buffered stdout data, and buffer it for sending to the - client. */ - +/* + * Make packets from buffered stdout data, and buffer it for sending to the + * client. + */ void make_packets_from_stdout_data() { @@ -215,11 +211,12 @@ make_packets_from_stdout_data() } } -/* Sleep in select() until we can do something. This will initialize the - select masks. Upon return, the masks will indicate which descriptors - have data or can accept data. Optionally, a maximum time can be specified - for the duration of the wait (0 = infinite). */ - +/* + * Sleep in select() until we can do something. This will initialize the + * select masks. Upon return, the masks will indicate which descriptors + * have data or can accept data. Optionally, a maximum time can be specified + * for the duration of the wait (0 = infinite). + */ void wait_until_can_do_something(fd_set * readset, fd_set * writeset, unsigned int max_time_milliseconds) @@ -291,9 +288,10 @@ retry_select: } } -/* Processes input from the client and the program. Input data is stored - in buffers and processed later. */ - +/* + * Processes input from the client and the program. Input data is stored + * in buffers and processed later. + */ void process_input(fd_set * readset) { @@ -340,8 +338,9 @@ process_input(fd_set * readset) } } -/* Sends data from internal buffers to client program stdin. */ - +/* + * Sends data from internal buffers to client program stdin. + */ void process_output(fd_set * writeset) { @@ -373,9 +372,10 @@ process_output(fd_set * writeset) packet_write_poll(); } -/* Wait until all buffered output has been sent to the client. - This is used when the program terminates. */ - +/* + * Wait until all buffered output has been sent to the client. + * This is used when the program terminates. + */ void drain_output() { @@ -401,12 +401,13 @@ drain_output() packet_write_wait(); } -/* Performs the interactive session. This handles data transmission between - the client and the program. Note that the notion of stdin, stdout, and - stderr in this function is sort of reversed: this function writes to - stdin (of the child program), and reads from stdout and stderr (of the - child program). */ - +/* + * Performs the interactive session. This handles data transmission between + * the client and the program. Note that the notion of stdin, stdout, and + * stderr in this function is sort of reversed: this function writes to + * stdin (of the child program), and reads from stdout and stderr (of the + * child program). + */ void server_loop(int pid, int fdin_arg, int fdout_arg, int fderr_arg) { @@ -575,9 +576,11 @@ quit: /* Wait for the child to exit. Get its exit status. */ wait_pid = wait(&wait_status); if (wait_pid < 0) { - /* It is possible that the wait was handled by SIGCHLD - handler. This may result in either: this call - returning with EINTR, or: this call returning ECHILD. */ + /* + * It is possible that the wait was handled by SIGCHLD + * handler. This may result in either: this call + * returning with EINTR, or: this call returning ECHILD. + */ if (child_terminated) wait_status = child_wait_status; else @@ -585,7 +588,8 @@ quit: } else { /* Check if it matches the process we forked. */ if (wait_pid != pid) - error("Strange, wait returned pid %d, expected %d", wait_pid, pid); + error("Strange, wait returned pid %d, expected %d", + wait_pid, pid); } /* We no longer want our SIGCHLD handler to be called. */ diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c index b1512018691..cf922e609eb 100644 --- a/usr.bin/ssh/ssh-add.c +++ b/usr.bin/ssh/ssh-add.c @@ -1,20 +1,13 @@ /* - -ssh-add.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Thu Apr 6 00:52:24 1995 ylo - -Adds an identity to the authentication server, or removes an identity. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Thu Apr 6 00:52:24 1995 ylo + * Adds an identity to the authentication server, or removes an identity. + */ #include "includes.h" -RCSID("$Id: ssh-add.c,v 1.12 1999/11/23 22:25:55 markus Exp $"); +RCSID("$Id: ssh-add.c,v 1.13 1999/11/24 00:26:03 deraadt Exp $"); #include "rsa.h" #include "ssh.h" diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 3062383ef4d..5057a171950 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,22 +1,15 @@ -/* $OpenBSD: ssh-agent.c,v 1.21 1999/11/23 22:25:55 markus Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.22 1999/11/24 00:26:03 deraadt Exp $ */ /* - -ssh-agent.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Mar 29 03:46:59 1995 ylo - -The authentication agent program. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Wed Mar 29 03:46:59 1995 ylo + * The authentication agent program. + */ #include "includes.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.21 1999/11/23 22:25:55 markus Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.22 1999/11/24 00:26:03 deraadt Exp $"); #include "ssh.h" #include "rsa.h" @@ -213,8 +206,9 @@ process_remove_identity(SocketEntry *e) buffer_put_char(&e->output, SSH_AGENT_FAILURE); } -/* Removes all identities from the agent. */ - +/* + * Removes all identities from the agent. + */ void process_remove_all_identities(SocketEntry *e) { @@ -235,8 +229,9 @@ process_remove_all_identities(SocketEntry *e) return; } -/* Adds an identity to the agent. */ - +/* + * Adds an identity to the agent. + */ void process_add_identity(SocketEntry *e) { diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index abf47ba9f3e..3919f62ea38 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,20 +1,13 @@ /* - -ssh-keygen.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Mar 27 02:26:40 1995 ylo - -Identity and host key generation and maintenance. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Mon Mar 27 02:26:40 1995 ylo + * Identity and host key generation and maintenance. + */ #include "includes.h" -RCSID("$Id: ssh-keygen.c,v 1.12 1999/11/23 22:25:55 markus Exp $"); +RCSID("$Id: ssh-keygen.c,v 1.13 1999/11/24 00:26:03 deraadt Exp $"); #include "rsa.h" #include "ssh.h" @@ -125,9 +118,10 @@ do_fingerprint(struct passwd *pw) exit(0); } -/* Perform changing a passphrase. The argument is the passwd structure - for the current user. */ - +/* + * Perform changing a passphrase. The argument is the passwd structure + * for the current user. + */ void do_change_passphrase(struct passwd *pw) { @@ -217,8 +211,9 @@ do_change_passphrase(struct passwd *pw) exit(0); } -/* Change the comment of a private key file. */ - +/* + * Change the comment of a private key file. + */ void do_change_comment(struct passwd *pw) { @@ -326,8 +321,9 @@ usage(void) exit(1); } -/* Main program for key management. */ - +/* + * Main program for key management. + */ int main(int ac, char **av) { diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 81471290870..1755f17e54d 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,24 +1,17 @@ /* - -ssh.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Mar 18 16:36:11 1995 ylo - -Ssh client program. This program can be used to log into a remote machine. -The software supports strong authentication, encryption, and forwarding -of X11, TCP/IP, and authentication connections. - -Modified to work with SSL by Niels Provos <provos@citi.umich.edu> in Canada. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Sat Mar 18 16:36:11 1995 ylo + * Ssh client program. This program can be used to log into a remote machine. + * The software supports strong authentication, encryption, and forwarding + * of X11, TCP/IP, and authentication connections. + * + * Modified to work with SSL by Niels Provos <provos@citi.umich.edu> in Canada. + */ #include "includes.h" -RCSID("$Id: ssh.c,v 1.31 1999/11/23 22:25:55 markus Exp $"); +RCSID("$Id: ssh.c,v 1.32 1999/11/24 00:26:03 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -111,9 +104,10 @@ usage() exit(1); } -/* Connects to the given host using rsh (or prints an error message and exits - if rsh is not available). This function never returns. */ - +/* + * Connects to the given host using rsh (or prints an error message and exits + * if rsh is not available). This function never returns. + */ void rsh_connect(char *host, char *user, Buffer * command) { @@ -148,8 +142,9 @@ rsh_connect(char *host, char *user, Buffer * command) exit(1); } -/* Main program for the ssh client. */ - +/* + * Main program for the ssh client. + */ int main(int ac, char **av) { diff --git a/usr.bin/ssh/ssh.h b/usr.bin/ssh/ssh.h index 5cd7eb92f55..ec43f932dff 100644 --- a/usr.bin/ssh/ssh.h +++ b/usr.bin/ssh/ssh.h @@ -1,19 +1,19 @@ /* - -ssh.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 17 17:09:37 1995 ylo - -Generic header file for ssh. - -*/ - -/* RCSID("$Id: ssh.h,v 1.24 1999/11/22 21:52:42 markus Exp $"); */ + * + * ssh.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Fri Mar 17 17:09:37 1995 ylo + * + * Generic header file for ssh. + * + */ + +/* RCSID("$Id: ssh.h,v 1.25 1999/11/24 00:26:03 deraadt Exp $"); */ #ifndef SSH_H #define SSH_H @@ -21,7 +21,7 @@ Generic header file for ssh. #include "rsa.h" #include "cipher.h" -/* The default cipher used if IDEA is not supported by the remote host. +/* The default cipher used if IDEA is not supported by the remote host. It is recommended that this be one of the mandatory ciphers (DES, 3DES), though that is not required. */ #define SSH_FALLBACK_CIPHER SSH_CIPHER_3DES @@ -83,7 +83,7 @@ only by root, whereas ssh_config should be world-readable. */ not contain anything particularly secret. */ #define SSH_USER_HOSTFILE "~/.ssh/known_hosts" -/* Name of the default file containing client-side authentication key. +/* Name of the default file containing client-side authentication key. This file should only be readable by the user him/herself. */ #define SSH_CLIENT_IDENTITY ".ssh/identity" @@ -99,7 +99,7 @@ only by root, whereas ssh_config should be world-readable. */ readable by anyone but the user him/herself, but does not contain anything particularly secret. If the user\'s home directory resides on an NFS volume where root is mapped to nobody, this may need to be - world-readable. (This file is read by the daemon which is running as + world-readable. (This file is read by the daemon which is running as root.) */ #define SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys" @@ -113,7 +113,7 @@ only by root, whereas ssh_config should be world-readable. */ /* Ssh-only version of /etc/hosts.equiv. */ #define SSH_HOSTS_EQUIV ETCDIR "/shosts.equiv" -/* Additionally, the daemon may use ~/.rhosts and /etc/hosts.equiv if +/* Additionally, the daemon may use ~/.rhosts and /etc/hosts.equiv if rhosts authentication is enabled. */ /* Name of the environment variable containing the pathname of the @@ -128,7 +128,7 @@ only by root, whereas ssh_config should be world-readable. */ many bits. This is to make double encryption with rsaref work. */ #define SSH_KEY_BITS_RESERVED 128 -/* Length of the session key in bytes. (Specified as 256 bits in the +/* Length of the session key in bytes. (Specified as 256 bits in the protocol.) */ #define SSH_SESSION_KEY_LENGTH 32 @@ -144,18 +144,20 @@ only by root, whereas ssh_config should be world-readable. */ #define SSH_AUTH_TIS 5 #define SSH_AUTH_KERBEROS 6 #define SSH_PASS_KERBEROS_TGT 7 - /* 8 to 15 are reserved */ + /* 8 to 15 are reserved */ #define SSH_PASS_AFS_TOKEN 21 /* Protocol flags. These are bit masks. */ -#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */ -#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */ +#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes + * screen */ +#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain + * host */ /* Definition of message types. New values can be added, but old values should not be removed or without careful consideration of the consequences for compatibility. The maximum value is 254; value 255 is reserved for future extension. */ -/* Message name */ /* msg code */ /* arguments */ + /* Message name *//* msg code *//* arguments */ #define SSH_MSG_NONE 0 /* no message */ #define SSH_MSG_DISCONNECT 1 /* cause (string) */ #define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */ @@ -205,74 +207,79 @@ only by root, whereas ssh_config should be world-readable. */ /*------------ definitions for login.c -------------*/ -/* Returns the time when the user last logged in. Returns 0 if the - information is not available. This must be called before record_login. +/* Returns the time when the user last logged in. Returns 0 if the + information is not available. This must be called before record_login. The host from which the user logged in is stored in buf. */ -unsigned long get_last_login_time(uid_t uid, const char *logname, - char *buf, unsigned int bufsize); +unsigned long +get_last_login_time(uid_t uid, const char *logname, + char *buf, unsigned int bufsize); /* Records that the user has logged in. This does many things normally done by login(1). */ -void record_login(int pid, const char *ttyname, const char *user, uid_t uid, - const char *host, struct sockaddr_in *addr); +void +record_login(int pid, const char *ttyname, const char *user, uid_t uid, + const char *host, struct sockaddr_in * addr); /* Records that the user has logged out. This does many thigs normally done by login(1) or init. */ -void record_logout(int pid, const char *ttyname); +void record_logout(int pid, const char *ttyname); /*------------ definitions for sshconnect.c ----------*/ /* Opens a TCP/IP connection to the remote server on the given host. If port is 0, the default port will be used. If anonymous is zero, - a privileged port will be allocated to make the connection. - This requires super-user privileges if anonymous is false. + a privileged port will be allocated to make the connection. + This requires super-user privileges if anonymous is false. Connection_attempts specifies the maximum number of tries, one per second. This returns true on success, and zero on failure. If the connection is successful, this calls packet_set_connection for the connection. */ -int ssh_connect(const char *host, struct sockaddr_in *hostaddr, - int port, int connection_attempts, - int anonymous, uid_t original_real_uid, - const char *proxy_command); +int +ssh_connect(const char *host, struct sockaddr_in * hostaddr, + int port, int connection_attempts, + int anonymous, uid_t original_real_uid, + const char *proxy_command); /* Starts a dialog with the server, and authenticates the current user on the server. This does not need any extra privileges. The basic connection - to the server must already have been established before this is called. - If login fails, this function prints an error and never returns. + to the server must already have been established before this is called. + If login fails, this function prints an error and never returns. This initializes the random state, and leaves it initialized (it will also have references from the packet module). */ -void ssh_login(int host_key_valid, RSA *host_key, const char *host, - struct sockaddr_in *hostaddr, uid_t original_real_uid); +void +ssh_login(int host_key_valid, RSA * host_key, const char *host, + struct sockaddr_in * hostaddr, uid_t original_real_uid); /*------------ Definitions for various authentication methods. -------*/ /* Tries to authenticate the user using the .rhosts file. Returns true if authentication succeeds. If ignore_rhosts is non-zero, this will not consider .rhosts and .shosts (/etc/hosts.equiv will still be used). */ -int auth_rhosts(struct passwd *pw, const char *client_user); +int auth_rhosts(struct passwd * pw, const char *client_user); /* Tries to authenticate the user using the .rhosts file and the host using its host key. Returns true if authentication succeeds. */ -int auth_rhosts_rsa(struct passwd *pw, const char *client_user, - BIGNUM *client_host_key_e, BIGNUM *client_host_key_n); +int +auth_rhosts_rsa(struct passwd * pw, const char *client_user, + BIGNUM * client_host_key_e, BIGNUM * client_host_key_n); /* Tries to authenticate the user using password. Returns true if authentication succeeds. */ -int auth_password(struct passwd *pw, const char *password); +int auth_password(struct passwd * pw, const char *password); /* Performs the RSA authentication dialog with the client. This returns 0 if the client could not be authenticated, and 1 if authentication was successful. This may exit if there is a serious protocol violation. */ -int auth_rsa(struct passwd *pw, BIGNUM *client_n); +int auth_rsa(struct passwd * pw, BIGNUM * client_n); /* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer over the key. Skips any whitespace at the beginning and at end. */ -int auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM *e, BIGNUM *n); +int auth_rsa_read_key(char **cpp, unsigned int *bitsp, BIGNUM * e, BIGNUM * n); /* Returns the name of the machine at the other end of the socket. The returned string should be freed by the caller. */ -char *get_remote_hostname(int socket); +char *get_remote_hostname(int socket); /* Return the canonical name of the host in the other side of the current connection (as returned by packet_get_connection). The host name is @@ -284,296 +291,301 @@ const char *get_canonical_hostname(void); const char *get_remote_ipaddr(void); /* Returns the port number of the peer of the socket. */ -int get_peer_port(int sock); +int get_peer_port(int sock); /* Returns the port number of the remote host. */ -int get_remote_port(void); +int get_remote_port(void); /* Tries to match the host name (which must be in all lowercase) against the - comma-separated sequence of subpatterns (each possibly preceded by ! to + comma-separated sequence of subpatterns (each possibly preceded by ! to indicate negation). Returns true if there is a positive match; zero otherwise. */ -int match_hostname(const char *host, const char *pattern, unsigned int len); +int match_hostname(const char *host, const char *pattern, unsigned int len); /* Checks whether the given host is already in the list of our known hosts. Returns HOST_OK if the host is known and has the specified key, HOST_NEW if the host is not known, and HOST_CHANGED if the host is known but used to have a different host key. The host must be in all lowercase. */ -typedef enum { HOST_OK, HOST_NEW, HOST_CHANGED } HostStatus; -HostStatus check_host_in_hostfile(const char *filename, const char *host, - BIGNUM *e, BIGNUM *n, BIGNUM *ke, BIGNUM *kn); +typedef enum { + HOST_OK, HOST_NEW, HOST_CHANGED +} HostStatus; +HostStatus +check_host_in_hostfile(const char *filename, const char *host, + BIGNUM * e, BIGNUM * n, BIGNUM * ke, BIGNUM * kn); /* Appends an entry to the host file. Returns false if the entry could not be appended. */ -int add_host_to_hostfile(const char *filename, const char *host, - BIGNUM *e, BIGNUM *n); +int +add_host_to_hostfile(const char *filename, const char *host, + BIGNUM * e, BIGNUM * n); /* Performs the RSA authentication challenge-response dialog with the client, and returns true (non-zero) if the client gave the correct answer to our challenge; returns zero if the client gives a wrong answer. */ -int auth_rsa_challenge_dialog(BIGNUM *e, BIGNUM *n); +int auth_rsa_challenge_dialog(BIGNUM * e, BIGNUM * n); -/* Reads a passphrase from /dev/tty with echo turned off. Returns the - passphrase (allocated with xmalloc). Exits if EOF is encountered. +/* Reads a passphrase from /dev/tty with echo turned off. Returns the + passphrase (allocated with xmalloc). Exits if EOF is encountered. If from_stdin is true, the passphrase will be read from stdin instead. */ -char *read_passphrase(const char *prompt, int from_stdin); +char *read_passphrase(const char *prompt, int from_stdin); /* Saves the authentication (private) key in a file, encrypting it with passphrase. The identification of the file (lowest 64 bits of n) will precede the key to provide identification of the key without needing a passphrase. */ -int save_private_key(const char *filename, const char *passphrase, - RSA *private_key, const char *comment); +int +save_private_key(const char *filename, const char *passphrase, + RSA * private_key, const char *comment); -/* Loads the public part of the key file (public key and comment). +/* Loads the public part of the key file (public key and comment). Returns 0 if an error occurred; zero if the public key was successfully read. The comment of the key is returned in comment_return if it is non-NULL; the caller must free the value with xfree. */ -int load_public_key(const char *filename, RSA *pub, - char **comment_return); +int +load_public_key(const char *filename, RSA * pub, + char **comment_return); /* Loads the private key from the file. Returns 0 if an error is encountered (file does not exist or is not readable, or passphrase is bad). - This initializes the private key. The comment of the key is returned - in comment_return if it is non-NULL; the caller must free the value + This initializes the private key. The comment of the key is returned + in comment_return if it is non-NULL; the caller must free the value with xfree. */ -int load_private_key(const char *filename, const char *passphrase, - RSA *private_key, char **comment_return); +int +load_private_key(const char *filename, const char *passphrase, + RSA * private_key, char **comment_return); /*------------ Definitions for logging. -----------------------*/ /* Supported syslog facilities and levels. */ -typedef enum -{ - SYSLOG_FACILITY_DAEMON, - SYSLOG_FACILITY_USER, - SYSLOG_FACILITY_AUTH, - SYSLOG_FACILITY_LOCAL0, - SYSLOG_FACILITY_LOCAL1, - SYSLOG_FACILITY_LOCAL2, - SYSLOG_FACILITY_LOCAL3, - SYSLOG_FACILITY_LOCAL4, - SYSLOG_FACILITY_LOCAL5, - SYSLOG_FACILITY_LOCAL6, - SYSLOG_FACILITY_LOCAL7 -} SyslogFacility; - -typedef enum -{ - SYSLOG_LEVEL_QUIET, - SYSLOG_LEVEL_FATAL, - SYSLOG_LEVEL_ERROR, - SYSLOG_LEVEL_INFO, - SYSLOG_LEVEL_VERBOSE, - SYSLOG_LEVEL_DEBUG -} LogLevel; - +typedef enum { + SYSLOG_FACILITY_DAEMON, + SYSLOG_FACILITY_USER, + SYSLOG_FACILITY_AUTH, + SYSLOG_FACILITY_LOCAL0, + SYSLOG_FACILITY_LOCAL1, + SYSLOG_FACILITY_LOCAL2, + SYSLOG_FACILITY_LOCAL3, + SYSLOG_FACILITY_LOCAL4, + SYSLOG_FACILITY_LOCAL5, + SYSLOG_FACILITY_LOCAL6, + SYSLOG_FACILITY_LOCAL7 +} SyslogFacility; + +typedef enum { + SYSLOG_LEVEL_QUIET, + SYSLOG_LEVEL_FATAL, + SYSLOG_LEVEL_ERROR, + SYSLOG_LEVEL_INFO, + SYSLOG_LEVEL_VERBOSE, + SYSLOG_LEVEL_DEBUG +} LogLevel; /* Initializes logging. */ -void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr); +void log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr); /* Logging implementation, depending on server or client */ -void do_log(LogLevel level, const char *fmt, va_list args); +void do_log(LogLevel level, const char *fmt, va_list args); /* name to facility/level */ SyslogFacility log_facility_number(char *name); LogLevel log_level_number(char *name); /* Output a message to syslog or stderr */ -void fatal(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); -void error(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); -void log(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); -void verbose(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); -void debug(const char *fmt, ...) __attribute__ ((format (printf, 1, 2))); - +void fatal(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void error(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void log(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void verbose(const char *fmt,...) __attribute__((format(printf, 1, 2))); +void debug(const char *fmt,...) __attribute__((format(printf, 1, 2))); + /* same as fatal() but w/o logging */ -void fatal_cleanup(void); +void fatal_cleanup(void); -/* Registers a cleanup function to be called by fatal()/fatal_cleanup() before exiting. +/* Registers a cleanup function to be called by fatal()/fatal_cleanup() before exiting. It is permissible to call fatal_remove_cleanup for the function itself from the function. */ -void fatal_add_cleanup(void (*proc)(void *context), void *context); +void fatal_add_cleanup(void (*proc) (void *context), void *context); /* Removes a cleanup function to be called at fatal(). */ -void fatal_remove_cleanup(void (*proc)(void *context), void *context); +void fatal_remove_cleanup(void (*proc) (void *context), void *context); /*---------------- definitions for channels ------------------*/ /* Sets specific protocol options. */ -void channel_set_options(int hostname_in_open); +void channel_set_options(int hostname_in_open); /* Allocate a new channel object and set its type and socket. Remote_name must have been allocated with xmalloc; this will free it when the channel is freed. */ -int channel_allocate(int type, int sock, char *remote_name); +int channel_allocate(int type, int sock, char *remote_name); /* Free the channel and close its socket. */ -void channel_free(int channel); +void channel_free(int channel); /* Add any bits relevant to channels in select bitmasks. */ -void channel_prepare_select(fd_set *readset, fd_set *writeset); +void channel_prepare_select(fd_set * readset, fd_set * writeset); /* After select, perform any appropriate operations for channels which have events pending. */ -void channel_after_select(fd_set *readset, fd_set *writeset); +void channel_after_select(fd_set * readset, fd_set * writeset); /* If there is data to send to the connection, send some of it now. */ -void channel_output_poll(void); +void channel_output_poll(void); /* This is called when a packet of type CHANNEL_DATA has just been received. The message type has already been consumed, but channel number and data is still there. */ -void channel_input_data(int payload_len); +void channel_input_data(int payload_len); /* Returns true if no channel has too much buffered data. */ -int channel_not_very_much_buffered_data(void); +int channel_not_very_much_buffered_data(void); /* This is called after receiving CHANNEL_CLOSE. */ -void channel_input_close(void); +void channel_input_close(void); /* This is called after receiving CHANNEL_CLOSE_CONFIRMATION. */ -void channel_input_close_confirmation(void); +void channel_input_close_confirmation(void); /* This is called after receiving CHANNEL_OPEN_CONFIRMATION. */ -void channel_input_open_confirmation(void); +void channel_input_open_confirmation(void); /* This is called after receiving CHANNEL_OPEN_FAILURE from the other side. */ -void channel_input_open_failure(void); +void channel_input_open_failure(void); /* This closes any sockets that are listening for connections; this removes any unix domain sockets. */ -void channel_stop_listening(void); +void channel_stop_listening(void); /* Closes the sockets of all channels. This is used to close extra file descriptors after a fork. */ -void channel_close_all(void); +void channel_close_all(void); /* Returns the maximum file descriptor number used by the channels. */ -int channel_max_fd(void); +int channel_max_fd(void); /* Returns true if there is still an open channel over the connection. */ -int channel_still_open(void); +int channel_still_open(void); /* Returns a string containing a list of all open channels. The list is suitable for displaying to the user. It uses crlf instead of newlines. The caller should free the string with xfree. */ -char *channel_open_message(void); +char *channel_open_message(void); /* Initiate forwarding of connections to local port "port" through the secure channel to host:port from remote side. This never returns if there was an error. */ -void channel_request_local_forwarding(int port, const char *host, - int remote_port); +void +channel_request_local_forwarding(int port, const char *host, + int remote_port); /* Initiate forwarding of connections to port "port" on remote host through the secure channel to host:port from local side. This never returns if there was an error. This registers that open requests for that port are permitted. */ -void channel_request_remote_forwarding(int port, const char *host, - int remote_port); +void +channel_request_remote_forwarding(int port, const char *host, + int remote_port); /* Permits opening to any host/port in SSH_MSG_PORT_OPEN. This is usually called by the server, because the user could connect to any port anyway, and the server has no way to know but to trust the client anyway. */ -void channel_permit_all_opens(void); +void channel_permit_all_opens(void); /* This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates listening for the port, and sends back a success reply (or disconnect - message if there was an error). This never returns if there was an + message if there was an error). This never returns if there was an error. */ -void channel_input_port_forward_request(int is_root); +void channel_input_port_forward_request(int is_root); /* This is called after receiving PORT_OPEN message. This attempts to connect to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION or CHANNEL_OPEN_FAILURE. */ -void channel_input_port_open(int payload_len); +void channel_input_port_open(int payload_len); /* Creates a port for X11 connections, and starts listening for it. Returns the display name, or NULL if an error was encountered. */ -char *x11_create_display(int screen); +char *x11_create_display(int screen); -/* Creates an internet domain socket for listening for X11 connections. +/* Creates an internet domain socket for listening for X11 connections. Returns a suitable value for the DISPLAY variable, or NULL if an error occurs. */ -char *x11_create_display_inet(int screen); +char *x11_create_display_inet(int screen); /* This is called when SSH_SMSG_X11_OPEN is received. The packet contains the remote channel number. We should do whatever we want, and respond with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */ -void x11_input_open(int payload_len); +void x11_input_open(int payload_len); -/* Requests forwarding of X11 connections. This should be called on the +/* Requests forwarding of X11 connections. This should be called on the client only. */ -void x11_request_forwarding(void); +void x11_request_forwarding(void); /* Requests forwarding for X11 connections, with authentication spoofing. This should be called in the client only. */ -void x11_request_forwarding_with_spoofing(const char *proto, const char *data); +void x11_request_forwarding_with_spoofing(const char *proto, const char *data); /* Sends a message to the server to request authentication fd forwarding. */ -void auth_request_forwarding(void); +void auth_request_forwarding(void); /* Returns the name of the forwarded authentication socket. Returns NULL if there is no forwarded authentication socket. The returned value points to a static buffer. */ -char *auth_get_socket_name(void); +char *auth_get_socket_name(void); /* This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server. This starts forwarding authentication requests. */ -void auth_input_request_forwarding(struct passwd *pw); +void auth_input_request_forwarding(struct passwd * pw); /* This is called to process an SSH_SMSG_AGENT_OPEN message. */ -void auth_input_open_request(void); +void auth_input_open_request(void); /* Returns true if the given string matches the pattern (which may contain ? and * as wildcards), and zero if it does not match. */ -int match_pattern(const char *s, const char *pattern); +int match_pattern(const char *s, const char *pattern); /* Expands tildes in the file name. Returns data allocated by xmalloc. Warning: this calls getpw*. */ -char *tilde_expand_filename(const char *filename, uid_t my_uid); +char *tilde_expand_filename(const char *filename, uid_t my_uid); /* Performs the interactive session. This handles data transmission between the client and the program. Note that the notion of stdin, stdout, and stderr in this function is sort of reversed: this function writes to stdin (of the child program), and reads from stdout and stderr (of the child program). */ -void server_loop(int pid, int fdin, int fdout, int fderr); +void server_loop(int pid, int fdin, int fdout, int fderr); /* Client side main loop for the interactive session. */ -int client_loop(int have_pty, int escape_char); +int client_loop(int have_pty, int escape_char); /* Linked list of custom environment strings (see auth-rsa.c). */ struct envstring { - struct envstring *next; - char *s; + struct envstring *next; + char *s; }; - #ifdef KRB4 #include <krb.h> /* Performs Kerberos v4 mutual authentication with the client. This returns 0 if the client could not be authenticated, and 1 if authentication was successful. This may exit if there is a serious protocol violation. */ -int auth_krb4(const char *server_user, KTEXT auth, char **client); -int krb4_init(uid_t uid); -void krb4_cleanup_proc(void *ignore); +int auth_krb4(const char *server_user, KTEXT auth, char **client); +int krb4_init(uid_t uid); +void krb4_cleanup_proc(void *ignore); #ifdef AFS #include <kafs.h> /* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */ -int auth_kerberos_tgt(struct passwd *pw, const char *string); -int auth_afs_token(struct passwd *pw, const char *token_string); +int auth_kerberos_tgt(struct passwd * pw, const char *string); +int auth_afs_token(struct passwd * pw, const char *token_string); -int creds_to_radix(CREDENTIALS *creds, unsigned char *buf); -int radix_to_creds(const char *buf, CREDENTIALS *creds); -#endif /* AFS */ +int creds_to_radix(CREDENTIALS * creds, unsigned char *buf); +int radix_to_creds(const char *buf, CREDENTIALS * creds); +#endif /* AFS */ -#endif /* KRB4 */ +#endif /* KRB4 */ #ifdef SKEY #include <skey.h> -char *skey_fake_keyinfo(char *username); -#endif /* SKEY */ +char *skey_fake_keyinfo(char *username); +#endif /* SKEY */ -#endif /* SSH_H */ +#endif /* SSH_H */ diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 68fa5d4f463..19a8235586f 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -1,21 +1,14 @@ /* - -sshconnect.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Mar 18 22:15:47 1995 ylo - -Code to connect to a remote host, and to perform the client side of the -login (authentication) dialog. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Sat Mar 18 22:15:47 1995 ylo + * Code to connect to a remote host, and to perform the client side of the + * login (authentication) dialog. + */ #include "includes.h" -RCSID("$Id: sshconnect.c,v 1.38 1999/11/23 22:25:55 markus Exp $"); +RCSID("$Id: sshconnect.c,v 1.39 1999/11/24 00:26:03 deraadt Exp $"); #include <ssl/bn.h> #include "xmalloc.h" @@ -35,8 +28,9 @@ RCSID("$Id: sshconnect.c,v 1.38 1999/11/23 22:25:55 markus Exp $"); /* Session id for the current session. */ unsigned char session_id[16]; -/* Connect to the given ssh server using a proxy command. */ - +/* + * Connect to the given ssh server using a proxy command. + */ int ssh_proxy_connect(const char *host, int port, uid_t original_real_uid, const char *proxy_command) @@ -134,8 +128,9 @@ ssh_proxy_connect(const char *host, int port, uid_t original_real_uid, return 1; } -/* Creates a (possibly privileged) socket for use as the ssh connection. */ - +/* + * Creates a (possibly privileged) socket for use as the ssh connection. + */ int ssh_create_socket(uid_t original_real_uid, int privileged) { @@ -162,15 +157,16 @@ ssh_create_socket(uid_t original_real_uid, int privileged) return sock; } -/* Opens a TCP/IP connection to the remote server on the given host. If - port is 0, the default port will be used. If anonymous is zero, - a privileged port will be allocated to make the connection. - This requires super-user privileges if anonymous is false. - Connection_attempts specifies the maximum number of tries (one per - second). If proxy_command is non-NULL, it specifies the command (with %h - and %p substituted for host and port, respectively) to use to contact - the daemon. */ - +/* + * Opens a TCP/IP connection to the remote server on the given host. If + * port is 0, the default port will be used. If anonymous is zero, + * a privileged port will be allocated to make the connection. + * This requires super-user privileges if anonymous is false. + * Connection_attempts specifies the maximum number of tries (one per + * second). If proxy_command is non-NULL, it specifies the command (with %h + * and %p substituted for host and port, respectively) to use to contact + * the daemon. + */ int ssh_connect(const char *host, struct sockaddr_in * hostaddr, int port, int connection_attempts, @@ -313,9 +309,10 @@ ssh_connect(const char *host, struct sockaddr_in * hostaddr, return 1; } -/* Checks if the user has an authentication agent, and if so, tries to - authenticate using the agent. */ - +/* + * Checks if the user has an authentication agent, and if so, tries to + * authenticate using the agent. + */ int try_agent_authentication() { @@ -413,9 +410,10 @@ try_agent_authentication() return 0; } -/* Computes the proper response to a RSA challenge, and sends the response to - the server. */ - +/* + * Computes the proper response to a RSA challenge, and sends the response to + * the server. + */ void respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) { @@ -454,9 +452,10 @@ respond_to_rsa_challenge(BIGNUM * challenge, RSA * prv) memset(&md, 0, sizeof(md)); } -/* Checks if the user has authentication file, and if so, tries to authenticate - the user using it. */ - +/* + * Checks if the user has authentication file, and if so, tries to authenticate + * the user using it. + */ int try_rsa_authentication(struct passwd * pw, const char *authfile) { @@ -569,9 +568,10 @@ try_rsa_authentication(struct passwd * pw, const char *authfile) return 0; } -/* Tries to authenticate the user using combined rhosts or /etc/hosts.equiv - authentication and RSA host authentication. */ - +/* + * Tries to authenticate the user using combined rhosts or /etc/hosts.equiv + * authentication and RSA host authentication. + */ int try_rhosts_rsa_authentication(const char *local_user, RSA * host_key) { @@ -859,9 +859,10 @@ send_afs_tokens(void) #endif /* AFS */ -/* Waits for the server identification string, and sends our own - identification string. */ - +/* + * Waits for the server identification string, and sends our own + * identification string. + */ void ssh_exchange_identification() { @@ -969,14 +970,15 @@ read_yes_or_no(const char *prompt, int defval) } } -/* Starts a dialog with the server, and authenticates the current user on the - server. This does not need any extra privileges. The basic connection - to the server must already have been established before this is called. - User is the remote user; if it is NULL, the current local user name will - be used. Anonymous indicates that no rhosts authentication will be used. - If login fails, this function prints an error and never returns. - This function does not require super-user privileges. */ - +/* + * Starts a dialog with the server, and authenticates the current user on the + * server. This does not need any extra privileges. The basic connection + * to the server must already have been established before this is called. + * User is the remote user; if it is NULL, the current local user name will + * be used. Anonymous indicates that no rhosts authentication will be used. + * If login fails, this function prints an error and never returns. + * This function does not require super-user privileges. + */ void ssh_login(int host_key_valid, RSA *own_host_key, diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index 3f20bab491e..17800aeb221 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -1,24 +1,17 @@ /* - -sshd.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Fri Mar 17 17:09:28 1995 ylo - -This program is the ssh daemon. It listens for connections from clients, and -performs authentication, executes use commands or shell, and forwards -information to/from the application to the user client over an encrypted -connection. This can also handle forwarding of X11, TCP/IP, and authentication -agent connections. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Fri Mar 17 17:09:28 1995 ylo + * This program is the ssh daemon. It listens for connections from clients, and + * performs authentication, executes use commands or shell, and forwards + * information to/from the application to the user client over an encrypted + * connection. This can also handle forwarding of X11, TCP/IP, and authentication + * agent connections. + */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.64 1999/11/23 22:25:55 markus Exp $"); +RCSID("$Id: sshd.c,v 1.65 1999/11/24 00:26:03 deraadt Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -52,10 +45,12 @@ ServerOptions options; /* Name of the server configuration file. */ char *config_file_name = SERVER_CONFIG_FILE; -/* Debug mode flag. This can be set on the command line. If debug - mode is enabled, extra debugging output will be sent to the system - log, the daemon will not go to background, and will exit after processing - the first connection. */ +/* + * Debug mode flag. This can be set on the command line. If debug + * mode is enabled, extra debugging output will be sent to the system + * log, the daemon will not go to background, and will exit after processing + * the first connection. + */ int debug_flag = 0; /* Flag indicating that the daemon is being started from inetd. */ @@ -132,10 +127,11 @@ void do_child(const char *command, struct passwd * pw, const char *term, const char *display, const char *auth_proto, const char *auth_data, const char *ttyname); -/* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; - the effect is to reread the configuration file (and to regenerate - the server key). */ - +/* + * Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; + * the effect is to reread the configuration file (and to regenerate + * the server key). + */ void sighup_handler(int sig) { @@ -143,8 +139,10 @@ sighup_handler(int sig) signal(SIGHUP, sighup_handler); } -/* Called from the main program after receiving SIGHUP. Restarts the server. */ - +/* + * Called from the main program after receiving SIGHUP. + * Restarts the server. + */ void sighup_restart() { @@ -155,10 +153,11 @@ sighup_restart() exit(1); } -/* Generic signal handler for terminating signals in the master daemon. - These close the listen socket; not closing it seems to cause "Address - already in use" problems on some machines, which is inconvenient. */ - +/* + * Generic signal handler for terminating signals in the master daemon. + * These close the listen socket; not closing it seems to cause "Address + * already in use" problems on some machines, which is inconvenient. + */ void sigterm_handler(int sig) { @@ -167,9 +166,10 @@ sigterm_handler(int sig) exit(255); } -/* SIGCHLD handler. This is called whenever a child dies. This will then - reap any zombies left by exited c. */ - +/* + * SIGCHLD handler. This is called whenever a child dies. This will then + * reap any zombies left by exited c. + */ void main_sigchld_handler(int sig) { @@ -183,8 +183,9 @@ main_sigchld_handler(int sig) errno = save_errno; } -/* Signal handler for the alarm after the login grace period has expired. */ - +/* + * Signal handler for the alarm after the login grace period has expired. + */ void grace_alarm_handler(int sig) { @@ -195,7 +196,9 @@ grace_alarm_handler(int sig) fatal("Timeout before authentication for %s.", get_remote_ipaddr()); } -/* convert ssh auth msg type into description */ +/* + * convert ssh auth msg type into description + */ char * get_authname(int type) { @@ -221,11 +224,13 @@ get_authname(int type) return NULL; } -/* Signal handler for the key regeneration alarm. Note that this - alarm only occurs in the daemon waiting for connections, and it does not - do anything with the private key or random state before forking. Thus there - should be no concurrency control/asynchronous execution problems. */ - +/* + * Signal handler for the key regeneration alarm. Note that this + * alarm only occurs in the daemon waiting for connections, and it does not + * do anything with the private key or random state before forking. + * Thus there should be no concurrency control/asynchronous execution + * problems. + */ void key_regeneration_alarm(int sig) { @@ -256,8 +261,9 @@ key_regeneration_alarm(int sig) errno = save_errno; } -/* Main program for the daemon. */ - +/* + * Main program for the daemon. + */ int main(int ac, char **av) { @@ -742,10 +748,11 @@ main(int ac, char **av) exit(0); } -/* Process an incoming connection. Protocol version identifiers have already - been exchanged. This sends server key and performs the key exchange. - Server and host keys will no longer be needed after this functions. */ - +/* + * Process an incoming connection. Protocol version identifiers have already + * been exchanged. This sends server key and performs the key exchange. + * Server and host keys will no longer be needed after this functions. + */ void do_connection() { @@ -941,13 +948,14 @@ do_connection() do_authentication(user); } -/* Check if the user is allowed to log in via ssh. If user is listed in - DenyUsers or user's primary group is listed in DenyGroups, false will - be returned. If AllowUsers isn't empty and user isn't listed there, or - if AllowGroups isn't empty and user isn't listed there, false will be - returned. Otherwise true is returned. - XXX This function should also check if user has a valid shell */ - +/* + * Check if the user is allowed to log in via ssh. If user is listed in + * DenyUsers or user's primary group is listed in DenyGroups, false will + * be returned. If AllowUsers isn't empty and user isn't listed there, or + * if AllowGroups isn't empty and user isn't listed there, false will be + * returned. Otherwise true is returned. + * XXX This function should also check if user has a valid shell + */ static int allowed_user(struct passwd * pw) { @@ -1012,10 +1020,11 @@ allowed_user(struct passwd * pw) return 1; } -/* Performs authentication of an incoming connection. Session key has already - been exchanged and encryption is enabled. User is the user name to log - in as (received from the client). */ - +/* + * Performs authentication of an incoming connection. Session key has already + * been exchanged and encryption is enabled. User is the user name to log + * in as (received from the client). + */ void do_authentication(char *user) { @@ -1088,8 +1097,10 @@ do_authentication(char *user) #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" -/* read packets and try to authenticate local user *pw. - return if authentication is successfull */ +/* + * read packets and try to authenticate local user *pw. + * return if authentication is successfull + */ void do_authloop(struct passwd * pw) { @@ -1330,8 +1341,10 @@ do_authloop(struct passwd * pw) } } -/* The user does not exist or access is denied, - but fake indication that authentication is needed. */ +/* + * The user does not exist or access is denied, + * but fake indication that authentication is needed. + */ void do_fake_authloop(char *user) { @@ -1382,7 +1395,9 @@ do_fake_authloop(char *user) } -/* Remove local Xauthority file. */ +/* + * Remove local Xauthority file. + */ static void xauthfile_cleanup_proc(void *ignore) { @@ -1395,11 +1410,12 @@ xauthfile_cleanup_proc(void *ignore) } } -/* Prepares for an interactive session. This is called after the user has - been successfully authenticated. During this message exchange, pseudo - terminals are allocated, X11, TCP/IP, and authentication agent forwardings - are requested, etc. */ - +/* + * Prepares for an interactive session. This is called after the user has + * been successfully authenticated. During this message exchange, pseudo + * terminals are allocated, X11, TCP/IP, and authentication agent forwardings + * are requested, etc. + */ void do_authenticated(struct passwd * pw) { @@ -1648,10 +1664,11 @@ do_forced_command: } } -/* This is called to fork and execute a command when we have no tty. This - will call do_child from the child, and server_loop from the parent after - setting up file descriptors and such. */ - +/* + * This is called to fork and execute a command when we have no tty. This + * will call do_child from the child, and server_loop from the parent after + * setting up file descriptors and such. + */ void do_exec_no_pty(const char *command, struct passwd * pw, const char *display, const char *auth_proto, @@ -1751,9 +1768,10 @@ struct pty_cleanup_context { int pid; }; -/* Function to perform cleanup if we get aborted abnormally (e.g., due to a - dropped connection). */ - +/* + * Function to perform cleanup if we get aborted abnormally (e.g., due to a + * dropped connection). + */ void pty_cleanup_proc(void *context) { @@ -1768,11 +1786,12 @@ pty_cleanup_proc(void *context) pty_release(cu->ttyname); } -/* This is called to fork and execute a command when we have a tty. This - will call do_child from the child, and server_loop from the parent after - setting up file descriptors, controlling tty, updating wtmp, utmp, - lastlog, and other such operations. */ - +/* + * This is called to fork and execute a command when we have a tty. This + * will call do_child from the child, and server_loop from the parent after + * setting up file descriptors, controlling tty, updating wtmp, utmp, + * lastlog, and other such operations. + */ void do_exec_pty(const char *command, int ptyfd, int ttyfd, const char *ttyname, struct passwd * pw, const char *term, @@ -1927,9 +1946,10 @@ do_exec_pty(const char *command, int ptyfd, int ttyfd, close(fdout); } -/* Sets the value of the given variable in the environment. If the variable - already exists, its value is overriden. */ - +/* + * Sets the value of the given variable in the environment. If the variable + * already exists, its value is overriden. + */ void child_set_env(char ***envp, unsigned int *envsizep, const char *name, const char *value) @@ -1963,11 +1983,12 @@ child_set_env(char ***envp, unsigned int *envsizep, const char *name, snprintf(env[i], strlen(name) + 1 + strlen(value) + 1, "%s=%s", name, value); } -/* Reads environment variables from the given file and adds/overrides them - into the environment. If the file does not exist, this does nothing. - Otherwise, it must consist of empty lines, comments (line starts with '#') - and assignments of the form name=value. No other forms are allowed. */ - +/* + * Reads environment variables from the given file and adds/overrides them + * into the environment. If the file does not exist, this does nothing. + * Otherwise, it must consist of empty lines, comments (line starts with '#') + * and assignments of the form name=value. No other forms are allowed. + */ void read_environment_file(char ***env, unsigned int *envsize, const char *filename) @@ -2013,10 +2034,11 @@ read_environment_file(char ***env, unsigned int *envsize, fclose(f); } -/* Performs common processing for the child, such as setting up the - environment, closing extra file descriptors, setting the user and group - ids, and executing the command or shell. */ - +/* + * Performs common processing for the child, such as setting up the + * environment, closing extra file descriptors, setting the user and group + * ids, and executing the command or shell. + */ void do_child(const char *command, struct passwd * pw, const char *term, const char *display, const char *auth_proto, diff --git a/usr.bin/ssh/tildexpand.c b/usr.bin/ssh/tildexpand.c index d02a991e943..c7b5be16767 100644 --- a/usr.bin/ssh/tildexpand.c +++ b/usr.bin/ssh/tildexpand.c @@ -1,25 +1,20 @@ /* - -tildexpand.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Wed Jul 12 01:07:36 1995 ylo - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Wed Jul 12 01:07:36 1995 ylo + */ #include "includes.h" -RCSID("$Id: tildexpand.c,v 1.3 1999/11/23 22:25:56 markus Exp $"); +RCSID("$Id: tildexpand.c,v 1.4 1999/11/24 00:26:03 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" -/* Expands tildes in the file name. Returns data allocated by xmalloc. - Warning: this calls getpw*. */ - +/* + * Expands tildes in the file name. Returns data allocated by xmalloc. + * Warning: this calls getpw*. + */ char * tilde_expand_filename(const char *filename, uid_t my_uid) { @@ -39,9 +34,9 @@ tilde_expand_filename(const char *filename, uid_t my_uid) /* Find where the username ends. */ cp = strchr(filename, '/'); if (cp) - userlen = cp - filename; /* Have something after username. */ + userlen = cp - filename; /* Something after username. */ else - userlen = strlen(filename); /* Nothign after username. */ + userlen = strlen(filename); /* Nothing after username. */ if (userlen == 0) pw = getpwuid(my_uid); /* Own home directory. */ else { diff --git a/usr.bin/ssh/ttymodes.c b/usr.bin/ssh/ttymodes.c index 9472d0f9ada..0b4d8f9811d 100644 --- a/usr.bin/ssh/ttymodes.c +++ b/usr.bin/ssh/ttymodes.c @@ -1,23 +1,16 @@ /* - -ttymodes.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Tue Mar 21 15:59:15 1995 ylo - -Encoding and decoding of terminal modes in a portable way. -Much of the format is defined in ttymodes.h; it is included multiple times -into this file with the appropriate macro definitions to generate the -suitable code. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Tue Mar 21 15:59:15 1995 ylo + * Encoding and decoding of terminal modes in a portable way. + * Much of the format is defined in ttymodes.h; it is included multiple times + * into this file with the appropriate macro definitions to generate the + * suitable code. + */ #include "includes.h" -RCSID("$Id: ttymodes.c,v 1.3 1999/11/23 22:25:56 markus Exp $"); +RCSID("$Id: ttymodes.c,v 1.4 1999/11/24 00:26:04 deraadt Exp $"); #include "packet.h" #include "ssh.h" @@ -26,9 +19,10 @@ RCSID("$Id: ttymodes.c,v 1.3 1999/11/23 22:25:56 markus Exp $"); #define TTY_OP_ISPEED 192 /* int follows */ #define TTY_OP_OSPEED 193 /* int follows */ -/* Converts POSIX speed_t to a baud rate. The values of the constants - for speed_t are not themselves portable. */ - +/* + * Converts POSIX speed_t to a baud rate. The values of the + * constants for speed_t are not themselves portable. + */ static int speed_to_baud(speed_t speed) { @@ -115,8 +109,9 @@ speed_to_baud(speed_t speed) } } -/* Converts a numeric baud rate to a POSIX speed_t. */ - +/* + * Converts a numeric baud rate to a POSIX speed_t. + */ static speed_t baud_to_speed(int baud) { @@ -203,9 +198,11 @@ baud_to_speed(int baud) } } -/* Encodes terminal modes for the terminal referenced by fd in a portable - manner, and appends the modes to a packet being constructed. */ - +/* + * Encodes terminal modes for the terminal referenced by fd + * in a portable manner, and appends the modes to a packet + * being constructed. + */ void tty_make_modes(int fd) { @@ -247,9 +244,10 @@ tty_make_modes(int fd) packet_put_char(TTY_OP_END); } -/* Decodes terminal modes for the terminal referenced by fd in a portable - manner from a packet being read. */ - +/* + * Decodes terminal modes for the terminal referenced by fd in a portable + * manner from a packet being read. + */ void tty_parse_modes(int fd, int *n_bytes_ptr) { @@ -258,9 +256,11 @@ tty_parse_modes(int fd, int *n_bytes_ptr) int n_bytes = 0; int failure = 0; - /* Get old attributes for the terminal. We will modify these - flags. I am hoping that if there are any machine-specific - modes, they will initially have reasonable values. */ + /* + * Get old attributes for the terminal. We will modify these + * flags. I am hoping that if there are any machine-specific + * modes, they will initially have reasonable values. + */ if (tcgetattr(fd, &tio) < 0) failure = -1; @@ -313,24 +313,32 @@ tty_parse_modes(int fd, int *n_bytes_ptr) default: debug("Ignoring unsupported tty mode opcode %d (0x%x)", opcode, opcode); - /* Opcodes 0 to 127 are defined to have a one-byte argument. */ + /* + * Opcodes 0 to 127 are defined to have + * a one-byte argument. + */ if (opcode >= 0 && opcode < 128) { n_bytes += 1; (void) packet_get_char(); break; } else { - /* Opcodes 128 to 159 are defined to have an integer argument. */ + /* + * Opcodes 128 to 159 are defined to have + * an integer argument. + */ if (opcode >= 128 && opcode < 160) { n_bytes += 4; (void) packet_get_int(); break; } } - /* It is a truly undefined opcode (160 to 255). - We have no idea about its arguments. So we - must stop parsing. Note that some data may be - left in the packet; hopefully there is nothing - more coming after the mode data. */ + /* + * It is a truly undefined opcode (160 to 255). + * We have no idea about its arguments. So we + * must stop parsing. Note that some data may be + * left in the packet; hopefully there is nothing + * more coming after the mode data. + */ log("parse_tty_modes: unknown opcode %d", opcode); packet_integrity_check(0, 1, SSH_CMSG_REQUEST_PTY); goto set; diff --git a/usr.bin/ssh/ttymodes.h b/usr.bin/ssh/ttymodes.h index 2b7ad7397ca..74a7d411a07 100644 --- a/usr.bin/ssh/ttymodes.h +++ b/usr.bin/ssh/ttymodes.h @@ -1,138 +1,140 @@ /* + * + * ttymodes.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * SGTTY stuff contributed by Janne Snabb <snabb@niksula.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Tue Mar 21 15:42:09 1995 ylo + * + */ -ttymodes.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - SGTTY stuff contributed by Janne Snabb <snabb@niksula.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Tue Mar 21 15:42:09 1995 ylo - -*/ - -/* RCSID("$Id: ttymodes.h,v 1.4 1999/10/03 04:12:21 deraadt Exp $"); */ +/* RCSID("$Id: ttymodes.h,v 1.5 1999/11/24 00:26:04 deraadt Exp $"); */ /* The tty mode description is a stream of bytes. The stream consists of - opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0). - Opcodes 1-127 have one-byte arguments. Opcodes 128-159 have integer - arguments. Opcodes 160-255 are not yet defined, and cause parsing to - stop (they should only be used after any other data). + * opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0). + * Opcodes 1-127 have one-byte arguments. Opcodes 128-159 have integer + * arguments. Opcodes 160-255 are not yet defined, and cause parsing to + * stop (they should only be used after any other data). + * + * The client puts in the stream any modes it knows about, and the + * server ignores any modes it does not know about. This allows some degree + * of machine-independence, at least between systems that use a posix-like + * tty interface. The protocol can support other systems as well, but might + * require reimplementing as mode names would likely be different. + */ - The client puts in the stream any modes it knows about, and the - server ignores any modes it does not know about. This allows some degree - of machine-independence, at least between systems that use a posix-like - tty interface. The protocol can support other systems as well, but might - require reimplementing as mode names would likely be different. */ - -/* Some constants and prototypes are defined in packet.h; this file - is only intended for including from ttymodes.h. */ +/* + * Some constants and prototypes are defined in packet.h; this file + * is only intended for including from ttymodes.h. + */ -/* termios macro */ /* sgtty macro */ + /* termios macro *//* sgtty macro */ /* name, op */ -TTYCHAR(VINTR, 1) SGTTYCHAR(tiotc.t_intrc, 1) -TTYCHAR(VQUIT, 2) SGTTYCHAR(tiotc.t_quitc, 2) -TTYCHAR(VERASE, 3) SGTTYCHAR(tio.sg_erase, 3) +TTYCHAR(VINTR, 1) SGTTYCHAR(tiotc.t_intrc, 1) +TTYCHAR(VQUIT, 2) SGTTYCHAR(tiotc.t_quitc, 2) +TTYCHAR(VERASE, 3) SGTTYCHAR(tio.sg_erase, 3) #if defined(VKILL) -TTYCHAR(VKILL, 4) SGTTYCHAR(tio.sg_kill, 4) -#endif /* VKILL */ -TTYCHAR(VEOF, 5) SGTTYCHAR(tiotc.t_eofc, 5) +TTYCHAR(VKILL, 4) SGTTYCHAR(tio.sg_kill, 4) +#endif /* VKILL */ +TTYCHAR(VEOF, 5) SGTTYCHAR(tiotc.t_eofc, 5) #if defined(VEOL) -TTYCHAR(VEOL, 6) SGTTYCHAR(tiotc.t_brkc, 6) -#endif /* VEOL */ +TTYCHAR(VEOL, 6) SGTTYCHAR(tiotc.t_brkc, 6) +#endif /* VEOL */ #ifdef VEOL2 /* n/a */ TTYCHAR(VEOL2, 7) -#endif /* VEOL2 */ -TTYCHAR(VSTART, 8) SGTTYCHAR(tiotc.t_startc, 8) -TTYCHAR(VSTOP, 9) SGTTYCHAR(tiotc.t_stopc, 9) +#endif /* VEOL2 */ +TTYCHAR(VSTART, 8) SGTTYCHAR(tiotc.t_startc, 8) +TTYCHAR(VSTOP, 9) SGTTYCHAR(tiotc.t_stopc, 9) #if defined(VSUSP) -TTYCHAR(VSUSP, 10) SGTTYCHAR(tioltc.t_suspc, 10) -#endif /* VSUSP */ +TTYCHAR(VSUSP, 10) SGTTYCHAR(tioltc.t_suspc, 10) +#endif /* VSUSP */ #if defined(VDSUSP) -TTYCHAR(VDSUSP, 11) SGTTYCHAR(tioltc.t_dsuspc, 11) -#endif /* VDSUSP */ +TTYCHAR(VDSUSP, 11) SGTTYCHAR(tioltc.t_dsuspc, 11) +#endif /* VDSUSP */ #if defined(VREPRINT) -TTYCHAR(VREPRINT, 12) SGTTYCHAR(tioltc.t_rprntc, 12) -#endif /* VREPRINT */ +TTYCHAR(VREPRINT, 12) SGTTYCHAR(tioltc.t_rprntc, 12) +#endif /* VREPRINT */ #if defined(VWERASE) -TTYCHAR(VWERASE, 13) SGTTYCHAR(tioltc.t_werasc, 13) -#endif /* VWERASE */ +TTYCHAR(VWERASE, 13) SGTTYCHAR(tioltc.t_werasc, 13) +#endif /* VWERASE */ #if defined(VLNEXT) -TTYCHAR(VLNEXT, 14) SGTTYCHAR(tioltc.t_lnextc, 14) -#endif /* VLNEXT */ +TTYCHAR(VLNEXT, 14) SGTTYCHAR(tioltc.t_lnextc, 14) +#endif /* VLNEXT */ #if defined(VFLUSH) -TTYCHAR(VFLUSH, 15) SGTTYCHAR(tioltc.t_flushc, 15) -#endif /* VFLUSH */ +TTYCHAR(VFLUSH, 15) SGTTYCHAR(tioltc.t_flushc, 15) +#endif /* VFLUSH */ #ifdef VSWTCH TTYCHAR(VSWTCH, 16) /* n/a */ -#endif /* VSWTCH */ +#endif /* VSWTCH */ #if defined(VSTATUS) -TTYCHAR(VSTATUS, 17) SGTTYCHAR(tiots.tc_statusc, 17) -#endif /* VSTATUS */ +TTYCHAR(VSTATUS, 17) SGTTYCHAR(tiots.tc_statusc, 17) +#endif /* VSTATUS */ #ifdef VDISCARD TTYCHAR(VDISCARD, 18) /* n/a */ -#endif /* VDISCARD */ +#endif /* VDISCARD */ /* name, field, op */ -TTYMODE(IGNPAR, c_iflag, 30) /* n/a */ -TTYMODE(PARMRK, c_iflag, 31) /* n/a */ -TTYMODE(INPCK, c_iflag, 32) SGTTYMODEN(ANYP, tio.sg_flags, 32) -TTYMODE(ISTRIP, c_iflag, 33) SGTTYMODEN(LPASS8, tiolm, 33) -TTYMODE(INLCR, c_iflag, 34) /* n/a */ -TTYMODE(IGNCR, c_iflag, 35) /* n/a */ -TTYMODE(ICRNL, c_iflag, 36) SGTTYMODE(CRMOD, tio.sg_flags, 36) +TTYMODE(IGNPAR, c_iflag, 30) /* n/a */ +TTYMODE(PARMRK, c_iflag, 31) /* n/a */ +TTYMODE(INPCK, c_iflag, 32) SGTTYMODEN(ANYP, tio.sg_flags, 32) +TTYMODE(ISTRIP, c_iflag, 33) SGTTYMODEN(LPASS8, tiolm, 33) +TTYMODE(INLCR, c_iflag, 34) /* n/a */ +TTYMODE(IGNCR, c_iflag, 35) /* n/a */ +TTYMODE(ICRNL, c_iflag, 36) SGTTYMODE(CRMOD, tio.sg_flags, 36) #if defined(IUCLC) -TTYMODE(IUCLC, c_iflag, 37) SGTTYMODE(LCASE, tio.sg_flags, 37) +TTYMODE(IUCLC, c_iflag, 37) SGTTYMODE(LCASE, tio.sg_flags, 37) #endif -TTYMODE(IXON, c_iflag, 38) /* n/a */ -TTYMODE(IXANY, c_iflag, 39) SGTTYMODEN(LDECCTQ, tiolm, 39) -TTYMODE(IXOFF, c_iflag, 40) SGTTYMODE(TANDEM, tio.sg_flags, 40) +TTYMODE(IXON, c_iflag, 38) /* n/a */ +TTYMODE(IXANY, c_iflag, 39) SGTTYMODEN(LDECCTQ, tiolm, 39) +TTYMODE(IXOFF, c_iflag, 40) SGTTYMODE(TANDEM, tio.sg_flags, 40) #ifdef IMAXBEL -TTYMODE(IMAXBEL,c_iflag, 41) /* n/a */ -#endif /* IMAXBEL */ +TTYMODE(IMAXBEL, c_iflag, 41) /* n/a */ +#endif /* IMAXBEL */ -TTYMODE(ISIG, c_lflag, 50) /* n/a */ -TTYMODE(ICANON, c_lflag, 51) SGTTYMODEN(CBREAK, tio.sg_flags, 51) +TTYMODE(ISIG, c_lflag, 50) /* n/a */ +TTYMODE(ICANON, c_lflag, 51) SGTTYMODEN(CBREAK, tio.sg_flags, 51) #ifdef XCASE -TTYMODE(XCASE, c_lflag, 52) /* n/a */ +TTYMODE(XCASE, c_lflag, 52) /* n/a */ #endif -TTYMODE(ECHO, c_lflag, 53) SGTTYMODE(ECHO, tio.sg_flags, 53) -TTYMODE(ECHOE, c_lflag, 54) SGTTYMODE(LCRTERA, tiolm, 54) -TTYMODE(ECHOK, c_lflag, 55) SGTTYMODE(LCRTKIL, tiolm, 55) -TTYMODE(ECHONL, c_lflag, 56) /* n/a */ -TTYMODE(NOFLSH, c_lflag, 57) SGTTYMODE(LNOFLSH, tiolm, 57) -TTYMODE(TOSTOP, c_lflag, 58) SGTTYMODE(LTOSTOP, tiolm, 58) +TTYMODE(ECHO, c_lflag, 53) SGTTYMODE(ECHO, tio.sg_flags, 53) +TTYMODE(ECHOE, c_lflag, 54) SGTTYMODE(LCRTERA, tiolm, 54) +TTYMODE(ECHOK, c_lflag, 55) SGTTYMODE(LCRTKIL, tiolm, 55) +TTYMODE(ECHONL, c_lflag, 56) /* n/a */ +TTYMODE(NOFLSH, c_lflag, 57) SGTTYMODE(LNOFLSH, tiolm, 57) +TTYMODE(TOSTOP, c_lflag, 58) SGTTYMODE(LTOSTOP, tiolm, 58) #ifdef IEXTEN TTYMODE(IEXTEN, c_lflag, 59) /* n/a */ -#endif /* IEXTEN */ +#endif /* IEXTEN */ #if defined(ECHOCTL) -TTYMODE(ECHOCTL,c_lflag, 60) SGTTYMODE(LCTLECH, tiolm, 60) -#endif /* ECHOCTL */ +TTYMODE(ECHOCTL, c_lflag, 60) SGTTYMODE(LCTLECH, tiolm, 60) +#endif /* ECHOCTL */ #ifdef ECHOKE -TTYMODE(ECHOKE, c_lflag, 61) /* n/a */ -#endif /* ECHOKE */ +TTYMODE(ECHOKE, c_lflag, 61) /* n/a */ +#endif /* ECHOKE */ #if defined(PENDIN) -TTYMODE(PENDIN, c_lflag, 62) SGTTYMODE(LPENDIN, tiolm, 62) -#endif /* PENDIN */ +TTYMODE(PENDIN, c_lflag, 62) SGTTYMODE(LPENDIN, tiolm, 62) +#endif /* PENDIN */ -TTYMODE(OPOST, c_oflag, 70) /* n/a */ +TTYMODE(OPOST, c_oflag, 70) /* n/a */ #if defined(OLCUC) -TTYMODE(OLCUC, c_oflag, 71) SGTTYMODE(LCASE, tio.sg_flags, 71) +TTYMODE(OLCUC, c_oflag, 71) SGTTYMODE(LCASE, tio.sg_flags, 71) #endif -TTYMODE(ONLCR, c_oflag, 72) SGTTYMODE(CRMOD, tio.sg_flags, 72) +TTYMODE(ONLCR, c_oflag, 72) SGTTYMODE(CRMOD, tio.sg_flags, 72) #ifdef OCRNL -TTYMODE(OCRNL, c_oflag, 73) /* n/a */ +TTYMODE(OCRNL, c_oflag, 73) /* n/a */ #endif #ifdef ONOCR -TTYMODE(ONOCR, c_oflag, 74) /* n/a */ +TTYMODE(ONOCR, c_oflag, 74) /* n/a */ #endif #ifdef ONLRET -TTYMODE(ONLRET, c_oflag, 75) /* n/a */ +TTYMODE(ONLRET, c_oflag, 75) /* n/a */ #endif -TTYMODE(CS7, c_cflag, 90) /* n/a */ -TTYMODE(CS8, c_cflag, 91) SGTTYMODE(LPASS8, tiolm, 91) -TTYMODE(PARENB, c_cflag, 92) /* n/a */ -TTYMODE(PARODD, c_cflag, 93) SGTTYMODE(ODDP, tio.sg_flags, 93) - +TTYMODE(CS7, c_cflag, 90) /* n/a */ +TTYMODE(CS8, c_cflag, 91) SGTTYMODE(LPASS8, tiolm, 91) +TTYMODE(PARENB, c_cflag, 92) /* n/a */ +TTYMODE(PARODD, c_cflag, 93) SGTTYMODE(ODDP, tio.sg_flags, 93) diff --git a/usr.bin/ssh/uidswap.c b/usr.bin/ssh/uidswap.c index 9201de2d380..3025f86fdff 100644 --- a/usr.bin/ssh/uidswap.c +++ b/usr.bin/ssh/uidswap.c @@ -1,32 +1,25 @@ /* - -uidswap.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Sep 9 01:56:14 1995 ylo - -Code for uid-swapping. - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Sat Sep 9 01:56:14 1995 ylo + * Code for uid-swapping. + */ #include "includes.h" -RCSID("$Id: uidswap.c,v 1.3 1999/11/23 22:25:56 markus Exp $"); +RCSID("$Id: uidswap.c,v 1.4 1999/11/24 00:26:04 deraadt Exp $"); #include "ssh.h" #include "uidswap.h" -/* Note: all these functions must work in all of the following cases: - - 1. euid=0, ruid=0 - 2. euid=0, ruid!=0 - 3. euid!=0, ruid!=0 - - Additionally, they must work regardless of whether the system has - POSIX saved uids or not. */ +/* + * Note: all these functions must work in all of the following cases: + * 1. euid=0, ruid=0 + * 2. euid=0, ruid!=0 + * 3. euid!=0, ruid!=0 + * Additionally, they must work regardless of whether the system has + * POSIX saved uids or not. + */ #ifdef _POSIX_SAVED_IDS /* Lets assume that posix saved ids also work with seteuid, even though that @@ -37,9 +30,10 @@ RCSID("$Id: uidswap.c,v 1.3 1999/11/23 22:25:56 markus Exp $"); /* Saved effective uid. */ static uid_t saved_euid = 0; -/* Temporarily changes to the given uid. If the effective user id is not - root, this does nothing. This call cannot be nested. */ - +/* + * Temporarily changes to the given uid. If the effective user + * id is not root, this does nothing. This call cannot be nested. + */ void temporarily_use_uid(uid_t uid) { @@ -61,8 +55,9 @@ temporarily_use_uid(uid_t uid) #endif /* SAVED_IDS_WORK_WITH_SETEUID */ } -/* Restores to the original uid. */ - +/* + * Restores to the original uid. + */ void restore_uid() { @@ -79,9 +74,10 @@ restore_uid() #endif /* SAVED_IDS_WORK_WITH_SETEUID */ } -/* Permanently sets all uids to the given uid. This cannot be called while - temporarily_use_uid is effective. */ - +/* + * Permanently sets all uids to the given uid. This cannot be + * called while temporarily_use_uid is effective. + */ void permanently_set_uid(uid_t uid) { diff --git a/usr.bin/ssh/uidswap.h b/usr.bin/ssh/uidswap.h index af4f924f0ce..4755710dea9 100644 --- a/usr.bin/ssh/uidswap.h +++ b/usr.bin/ssh/uidswap.h @@ -1,30 +1,36 @@ /* - -uidswap.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Sat Sep 9 01:43:15 1995 ylo -Last modified: Sat Sep 9 02:34:04 1995 ylo - -*/ + * + * uidswap.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Sat Sep 9 01:43:15 1995 ylo + * Last modified: Sat Sep 9 02:34:04 1995 ylo + * + */ #ifndef UIDSWAP_H #define UIDSWAP_H -/* Temporarily changes to the given uid. If the effective user id is not - root, this does nothing. This call cannot be nested. */ -void temporarily_use_uid(uid_t uid); +/* + * Temporarily changes to the given uid. If the effective user id is not + * root, this does nothing. This call cannot be nested. + */ +void temporarily_use_uid(uid_t uid); -/* Restores the original effective user id after temporarily_use_uid(). - This should only be called while temporarily_use_uid is effective. */ -void restore_uid(); +/* + * Restores the original effective user id after temporarily_use_uid(). + * This should only be called while temporarily_use_uid is effective. + */ +void restore_uid(); -/* Permanently sets all uids to the given uid. This cannot be called while - temporarily_use_uid is effective. This must also clear any saved uids. */ -void permanently_set_uid(uid_t uid); +/* + * Permanently sets all uids to the given uid. This cannot be called while + * temporarily_use_uid is effective. This must also clear any saved uids. + */ +void permanently_set_uid(uid_t uid); -#endif /* UIDSWAP_H */ +#endif /* UIDSWAP_H */ diff --git a/usr.bin/ssh/xmalloc.c b/usr.bin/ssh/xmalloc.c index 72205dab953..afcdbd97cab 100644 --- a/usr.bin/ssh/xmalloc.c +++ b/usr.bin/ssh/xmalloc.c @@ -1,21 +1,14 @@ /* - -xmalloc.c - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Mar 20 21:23:10 1995 ylo - -Versions of malloc and friends that check their results, and never return -failure (they call fatal if they encounter an error). - -*/ + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * Created: Mon Mar 20 21:23:10 1995 ylo + * Versions of malloc and friends that check their results, and never return + * failure (they call fatal if they encounter an error). + */ #include "includes.h" -RCSID("$Id: xmalloc.c,v 1.4 1999/11/23 22:25:56 markus Exp $"); +RCSID("$Id: xmalloc.c,v 1.5 1999/11/24 00:26:04 deraadt Exp $"); #include "ssh.h" diff --git a/usr.bin/ssh/xmalloc.h b/usr.bin/ssh/xmalloc.h index ffdde62ed1d..ec49eb1af49 100644 --- a/usr.bin/ssh/xmalloc.h +++ b/usr.bin/ssh/xmalloc.h @@ -1,34 +1,34 @@ /* - -xmalloc.h - -Author: Tatu Ylonen <ylo@cs.hut.fi> - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland - All rights reserved - -Created: Mon Mar 20 22:09:17 1995 ylo - -Versions of malloc and friends that check their results, and never return -failure (they call fatal if they encounter an error). - -*/ - -/* RCSID("$Id: xmalloc.h,v 1.1 1999/09/26 20:53:38 deraadt Exp $"); */ + * + * xmalloc.h + * + * Author: Tatu Ylonen <ylo@cs.hut.fi> + * + * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland + * All rights reserved + * + * Created: Mon Mar 20 22:09:17 1995 ylo + * + * Versions of malloc and friends that check their results, and never return + * failure (they call fatal if they encounter an error). + * + */ + +/* RCSID("$Id: xmalloc.h,v 1.2 1999/11/24 00:26:04 deraadt Exp $"); */ #ifndef XMALLOC_H #define XMALLOC_H /* Like malloc, but calls fatal() if out of memory. */ -void *xmalloc(size_t size); +void *xmalloc(size_t size); /* Like realloc, but calls fatal() if out of memory. */ -void *xrealloc(void *ptr, size_t new_size); +void *xrealloc(void *ptr, size_t new_size); /* Frees memory allocated using xmalloc or xrealloc. */ -void xfree(void *ptr); +void xfree(void *ptr); /* Allocates memory using xmalloc, and copies the string into that memory. */ -char *xstrdup(const char *str); +char *xstrdup(const char *str); -#endif /* XMALLOC_H */ +#endif /* XMALLOC_H */ |