diff options
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ssh/authfd.c | 8 | ||||
-rw-r--r-- | usr.bin/ssh/channels.c | 4 | ||||
-rw-r--r-- | usr.bin/ssh/cipher.h | 8 | ||||
-rw-r--r-- | usr.bin/ssh/clientloop.c | 6 | ||||
-rw-r--r-- | usr.bin/ssh/config.h | 43 | ||||
-rw-r--r-- | usr.bin/ssh/includes.h | 32 | ||||
-rw-r--r-- | usr.bin/ssh/readpass.c | 6 | ||||
-rw-r--r-- | usr.bin/ssh/serverloop.c | 2 | ||||
-rw-r--r-- | usr.bin/ssh/ssh-agent.c | 6 | ||||
-rw-r--r-- | usr.bin/ssh/sshd.c | 20 | ||||
-rw-r--r-- | usr.bin/ssh/ttymodes.h | 20 | ||||
-rw-r--r-- | usr.bin/ssh/uidswap.c | 33 |
12 files changed, 42 insertions, 146 deletions
diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c index 4bb3806a658..1bdf69cb720 100644 --- a/usr.bin/ssh/authfd.c +++ b/usr.bin/ssh/authfd.c @@ -14,7 +14,7 @@ Functions for connecting the local authentication agent. */ #include "includes.h" -RCSID("$Id: authfd.c,v 1.3 1999/09/29 21:14:15 deraadt Exp $"); +RCSID("$Id: authfd.c,v 1.4 1999/09/30 08:34:24 deraadt Exp $"); #include "ssh.h" #include "rsa.h" @@ -53,7 +53,7 @@ ssh_get_authentication_fd() if (sock < 0) return -1; - if (connect(sock, (struct sockaddr *)&sunaddr, AF_UNIX_SIZE(sunaddr)) < 0) + if (connect(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) { close(sock); return -1; @@ -75,7 +75,7 @@ void ssh_close_authentication_socket(int sock) /* Dummy alarm used to prevent waiting for connection from the authentication agent indefinitely. */ -static RETSIGTYPE dummy_alarm_handler(int sig) +static void dummy_alarm_handler(int sig) { /* Do nothing; a cought signal will just cause accept to return. */ } @@ -88,7 +88,7 @@ int ssh_get_authentication_connection_fd() int authfd; int listen_sock, sock, port, addrlen; int old_timeout; - RETSIGTYPE (*old_handler)(); + void (*old_handler)(); struct sockaddr_in sin; char msg[3]; diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index 37a58f82ed1..70e3c977c77 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -16,7 +16,7 @@ arbitrary tcp/ip connections, and the authentication agent connection. */ #include "includes.h" -RCSID("$Id: channels.c,v 1.8 1999/09/30 08:03:39 deraadt Exp $"); +RCSID("$Id: channels.c,v 1.9 1999/09/30 08:34:24 deraadt Exp $"); #include "ssh.h" #include "packet.h" @@ -1412,7 +1412,7 @@ void auth_input_request_forwarding(struct passwd *pw) /* Temporarily use a privileged uid. */ temporarily_use_uid(pw->pw_uid); - if (bind(sock, (struct sockaddr *)&sunaddr, AF_UNIX_SIZE(sunaddr)) < 0) + if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) packet_disconnect("bind: %.100s", strerror(errno)); /* Restore the privileged uid. */ diff --git a/usr.bin/ssh/cipher.h b/usr.bin/ssh/cipher.h index 988446c4880..f0b276a25b5 100644 --- a/usr.bin/ssh/cipher.h +++ b/usr.bin/ssh/cipher.h @@ -11,7 +11,7 @@ Created: Wed Apr 19 16:50:42 1995 ylo */ -/* RCSID("$Id: cipher.h,v 1.4 1999/09/28 04:45:36 provos Exp $"); */ +/* RCSID("$Id: cipher.h,v 1.5 1999/09/30 08:34:24 deraadt Exp $"); */ #ifndef CIPHER_H #define CIPHER_H @@ -33,12 +33,6 @@ Created: Wed Apr 19 16:50:42 1995 ylo typedef struct { unsigned int type; union { -#ifdef WITH_DES - struct { - des_key_schedule key; - des_cblock iv; - } des; -#endif /* WITH_DES */ struct { des_key_schedule key1; des_key_schedule key2; diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c index 290f51eb796..2cc7dad0cb5 100644 --- a/usr.bin/ssh/clientloop.c +++ b/usr.bin/ssh/clientloop.c @@ -15,7 +15,7 @@ The main loop for the interactive session (client side). */ #include "includes.h" -RCSID("$Id: clientloop.c,v 1.5 1999/09/30 05:53:04 deraadt Exp $"); +RCSID("$Id: clientloop.c,v 1.6 1999/09/30 08:34:24 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -129,7 +129,7 @@ void enter_non_blocking() /* Signal handler for the window change signal (SIGWINCH). This just sets a flag indicating that the window has changed. */ -RETSIGTYPE window_change_handler(int sig) +void window_change_handler(int sig) { received_window_change_signal = 1; signal(SIGWINCH, window_change_handler); @@ -138,7 +138,7 @@ RETSIGTYPE window_change_handler(int sig) /* Signal handler for signals that cause the program to terminate. These signals must be trapped to restore terminal modes. */ -RETSIGTYPE signal_handler(int sig) +void signal_handler(int sig) { if (in_raw_mode) leave_raw_mode(); diff --git a/usr.bin/ssh/config.h b/usr.bin/ssh/config.h deleted file mode 100644 index 941718b9b03..00000000000 --- a/usr.bin/ssh/config.h +++ /dev/null @@ -1,43 +0,0 @@ -/* config.h. Generated automatically by configure. */ -/* config.h.in. Generated automatically from configure.in by autoheader. */ -/* - -acconfig.h - template used by autoheader to create config.h.in -config.h.in - used by autoconf to create config.h -config.h - created by autoconf; contains defines generated by autoconf - -Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi> - -*/ - -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } - - -/* Define as the return type of signal handlers (int or void). */ -#define RETSIGTYPE void - -/* Define this to be the path of the xauth program. */ -#define XAUTH_PATH "/usr/X11R6/bin/xauth" - -/* This is defined if we found a lastlog file. The presence of lastlog.h - alone is not a sufficient indicator (at least newer BSD systems have - lastlog but no lastlog.h. */ -#define HAVE_LASTLOG 1 - -/* Define this if libutil.a contains BSD 4.4 compatible login(), logout(), - and logwtmp() calls. */ -#define HAVE_LIBUTIL_LOGIN 1 - -/* Location of system mail spool directory. */ -#define MAIL_SPOOL_DIRECTORY "/var/mail" - -/* Define this to use pipes instead of socketpairs for communicating with the - client program. Socketpairs do not seem to work on all systems. */ -#define USE_PIPES 1 - -/* Define if you have the seteuid function. */ -#define HAVE_SETEUID 1 - -/* Define if you have the setlogin function. */ -#define HAVE_SETLOGIN 1 diff --git a/usr.bin/ssh/includes.h b/usr.bin/ssh/includes.h index 325d0e22b66..a60ac10c307 100644 --- a/usr.bin/ssh/includes.h +++ b/usr.bin/ssh/includes.h @@ -13,13 +13,11 @@ This file includes most of the needed system headers. */ -/* RCSID("$Id: includes.h,v 1.7 1999/09/30 05:53:04 deraadt Exp $"); */ - #ifndef INCLUDES_H #define INCLUDES_H -/* Note: autoconf documentation tells to use the <...> syntax and have -I. */ -#include <config.h> +#define RCSID(msg) \ +static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } #include <sys/types.h> #include <sys/socket.h> @@ -33,6 +31,13 @@ This file includes most of the needed system headers. #include <sys/un.h> #include <sys/resource.h> +#include <netinet/in.h> +#include <netinet/in_systm.h> +#include <netinet/tcp.h> +#include <netinet/ip.h> +#include <arpa/inet.h> +#include <netdb.h> + #include <netgroup.h> #include <stdio.h> #include <ctype.h> @@ -40,29 +45,24 @@ This file includes most of the needed system headers. #include <fcntl.h> #include <assert.h> #include <signal.h> - #include <termios.h> #include <stdlib.h> #include <string.h> #include <stdarg.h> - -#include <netinet/in.h> -#include <netinet/in_systm.h> -#include <netinet/tcp.h> -#include <netinet/ip.h> -#include <arpa/inet.h> -#include <netdb.h> - #include <pwd.h> #include <grp.h> #include <unistd.h> #include <time.h> #include <paths.h> - #include <dirent.h> -#define AF_UNIX_SIZE(unaddr) sizeof(unaddr) - #include "version.h" +/* Define this to be the path of the xauth program. */ +#define XAUTH_PATH "/usr/X11R6/bin/xauth" + +/* Define this to use pipes instead of socketpairs for communicating with the + client program. Socketpairs do not seem to work on all systems. */ +#define USE_PIPES 1 + #endif /* INCLUDES_H */ diff --git a/usr.bin/ssh/readpass.c b/usr.bin/ssh/readpass.c index e5363722601..30c340624f8 100644 --- a/usr.bin/ssh/readpass.c +++ b/usr.bin/ssh/readpass.c @@ -14,7 +14,7 @@ Functions for reading passphrases and passwords. */ #include "includes.h" -RCSID("$Id: readpass.c,v 1.2 1999/09/30 05:03:05 deraadt Exp $"); +RCSID("$Id: readpass.c,v 1.3 1999/09/30 08:34:25 deraadt Exp $"); #include "xmalloc.h" #include "ssh.h" @@ -23,11 +23,11 @@ RCSID("$Id: readpass.c,v 1.2 1999/09/30 05:03:05 deraadt Exp $"); static struct termios saved_tio; /* Old interrupt signal handler for read_passphrase. */ -static RETSIGTYPE (*old_handler)(int sig) = NULL; +static void (*old_handler)(int sig) = NULL; /* Interrupt signal handler for read_passphrase. */ -RETSIGTYPE intr_handler(int sig) +void intr_handler(int sig) { /* Restore terminal modes. */ tcsetattr(fileno(stdin), TCSANOW, &saved_tio); diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index 731914d73e1..5ce73db9da7 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -47,7 +47,7 @@ static int child_pid; /* Pid of the child. */ static volatile int child_terminated; /* The child has terminated. */ static volatile int child_wait_status; /* Status from wait(). */ -RETSIGTYPE sigchld_handler(int sig) +void sigchld_handler(int sig) { int wait_pid; debug("Received SIGCHLD."); diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index 5ad08bbb75b..255ebd5b207 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -14,7 +14,7 @@ The authentication agent program. */ #include "includes.h" -RCSID("$Id: ssh-agent.c,v 1.5 1999/09/30 05:11:29 deraadt Exp $"); +RCSID("$Id: ssh-agent.c,v 1.6 1999/09/30 08:34:25 deraadt Exp $"); #include "ssh.h" #include "rsa.h" @@ -509,7 +509,7 @@ void after_select(fd_set *readset, fd_set *writeset) int parent_pid = -1; char socket_name[1024]; -RETSIGTYPE +void check_parent_exists(int sig) { if (kill(parent_pid, 0) < 0) @@ -580,7 +580,7 @@ main(int ac, char **av) memset(&sunaddr, 0, sizeof(sunaddr)); sunaddr.sun_family = AF_UNIX; strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path)); - if (bind(sock, (struct sockaddr *)&sunaddr, AF_UNIX_SIZE(sunaddr)) < 0) + if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) { perror("bind"); exit(1); diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c index bd14d50145a..e342f80c187 100644 --- a/usr.bin/ssh/sshd.c +++ b/usr.bin/ssh/sshd.c @@ -18,7 +18,7 @@ agent connections. */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.13 1999/09/30 06:06:31 deraadt Exp $"); +RCSID("$Id: sshd.c,v 1.14 1999/09/30 08:34:25 deraadt Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -133,7 +133,7 @@ void do_child(const char *command, struct passwd *pw, const char *term, the effect is to reread the configuration file (and to regenerate the server key). */ -RETSIGTYPE sighup_handler(int sig) +void sighup_handler(int sig) { received_sighup = 1; signal(SIGHUP, sighup_handler); @@ -155,7 +155,7 @@ void sighup_restart() These close the listen socket; not closing it seems to cause "Address already in use" problems on some machines, which is inconvenient. */ -RETSIGTYPE sigterm_handler(int sig) +void sigterm_handler(int sig) { log("Received signal %d; terminating.", sig); close(listen_sock); @@ -165,7 +165,7 @@ RETSIGTYPE sigterm_handler(int sig) /* SIGCHLD handler. This is called whenever a child dies. This will then reap any zombies left by exited c. */ -RETSIGTYPE main_sigchld_handler(int sig) +void main_sigchld_handler(int sig) { int status; wait(&status); @@ -174,7 +174,7 @@ RETSIGTYPE main_sigchld_handler(int sig) /* Signal handler for the alarm after the login grace period has expired. */ -RETSIGTYPE grace_alarm_handler(int sig) +void grace_alarm_handler(int sig) { /* Close the connection. */ packet_close(); @@ -188,7 +188,7 @@ RETSIGTYPE grace_alarm_handler(int sig) do anything with the private key or random state before forking. Thus there should be no concurrency control/asynchronous execution problems. */ -RETSIGTYPE key_regeneration_alarm(int sig) +void key_regeneration_alarm(int sig) { /* Check if we should generate a new key. */ if (key_used) @@ -1353,11 +1353,7 @@ void do_authenticated(struct passwd *pw) } /* Determine the group to make the owner of the tty. */ -#ifdef TTY_GROUP - grp = getgrnam(TTY_GROUP); -#else /* TTY_GROUP */ grp = getgrnam("tty"); -#endif /* TTY_GROUP */ if (grp) { tty_gid = grp->gr_gid; @@ -1938,10 +1934,8 @@ void do_child(const char *command, struct passwd *pw, const char *term, exit(254); } -#ifdef HAVE_SETLOGIN /* Set login name in the kernel. */ setlogin(pw->pw_name); -#endif /* HAVE_SETLOGIN */ /* Set uid, gid, and groups. */ if (getuid() == 0 || geteuid() == 0) @@ -1999,7 +1993,7 @@ void do_child(const char *command, struct passwd *pw, const char *term, child_set_env(&env, &envsize, "TZ", getenv("TZ")); snprintf(buf, sizeof buf, "%.200s/%.50s", - MAIL_SPOOL_DIRECTORY, pw->pw_name); + _PATH_MAILDIR, pw->pw_name); child_set_env(&env, &envsize, "MAIL", buf); /* Normal systems set SHELL by default. */ diff --git a/usr.bin/ssh/ttymodes.h b/usr.bin/ssh/ttymodes.h index d6cebf48cb3..4acb622f99e 100644 --- a/usr.bin/ssh/ttymodes.h +++ b/usr.bin/ssh/ttymodes.h @@ -12,7 +12,7 @@ Created: Tue Mar 21 15:42:09 1995 ylo */ -/* RCSID("$Id: ttymodes.h,v 1.2 1999/09/30 05:03:05 deraadt Exp $"); */ +/* RCSID("$Id: ttymodes.h,v 1.3 1999/09/30 08:34:25 deraadt Exp $"); */ /* The tty mode description is a stream of bytes. The stream consists of opcode-arguments pairs. It is terminated by opcode TTY_OP_END (0). @@ -35,17 +35,13 @@ TTYCHAR(VINTR, 1) SGTTYCHAR(tiotc.t_intrc, 1) TTYCHAR(VQUIT, 2) SGTTYCHAR(tiotc.t_quitc, 2) TTYCHAR(VERASE, 3) SGTTYCHAR(tio.sg_erase, 3) TTYCHAR(VEOF, 5) SGTTYCHAR(tiotc.t_eofc, 5) -#ifdef VEOL2 /* n/a */ TTYCHAR(VEOL2, 7) -#endif /* VEOL2 */ TTYCHAR(VSTART, 8) SGTTYCHAR(tiotc.t_startc, 8) TTYCHAR(VSTOP, 9) SGTTYCHAR(tiotc.t_stopc, 9) #ifdef VSWTCH TTYCHAR(VSWTCH, 16) /* n/a */ #endif /* VSWTCH */ -#ifdef VDISCARD TTYCHAR(VDISCARD, 18) /* n/a */ -#endif /* VDISCARD */ /* name, field, op */ TTYMODE(IGNPAR, c_iflag, 30) /* n/a */ @@ -58,39 +54,25 @@ TTYMODE(ICRNL, c_iflag, 36) SGTTYMODE(CRMOD, tio.sg_flags, 36) TTYMODE(IXON, c_iflag, 38) /* n/a */ TTYMODE(IXANY, c_iflag, 39) SGTTYMODEN(LDECCTQ, tiolm, 39) TTYMODE(IXOFF, c_iflag, 40) SGTTYMODE(TANDEM, tio.sg_flags, 40) -#ifdef IMAXBEL TTYMODE(IMAXBEL,c_iflag, 41) /* n/a */ -#endif /* IMAXBEL */ TTYMODE(ISIG, c_lflag, 50) /* n/a */ TTYMODE(ICANON, c_lflag, 51) SGTTYMODEN(CBREAK, tio.sg_flags, 51) -#ifdef XCASE TTYMODE(XCASE, c_lflag, 52) /* n/a */ -#endif TTYMODE(ECHO, c_lflag, 53) SGTTYMODE(ECHO, tio.sg_flags, 53) TTYMODE(ECHOE, c_lflag, 54) SGTTYMODE(LCRTERA, tiolm, 54) TTYMODE(ECHOK, c_lflag, 55) SGTTYMODE(LCRTKIL, tiolm, 55) TTYMODE(ECHONL, c_lflag, 56) /* n/a */ TTYMODE(NOFLSH, c_lflag, 57) SGTTYMODE(LNOFLSH, tiolm, 57) TTYMODE(TOSTOP, c_lflag, 58) SGTTYMODE(LTOSTOP, tiolm, 58) -#ifdef IEXTEN TTYMODE(IEXTEN, c_lflag, 59) /* n/a */ -#endif /* IEXTEN */ -#ifdef ECHOKE TTYMODE(ECHOKE, c_lflag, 61) /* n/a */ -#endif /* ECHOKE */ TTYMODE(OPOST, c_oflag, 70) /* n/a */ TTYMODE(ONLCR, c_oflag, 72) SGTTYMODE(CRMOD, tio.sg_flags, 72) -#ifdef OCRNL TTYMODE(OCRNL, c_oflag, 73) /* n/a */ -#endif -#ifdef ONOCR TTYMODE(ONOCR, c_oflag, 74) /* n/a */ -#endif -#ifdef ONLRET TTYMODE(ONLRET, c_oflag, 75) /* n/a */ -#endif TTYMODE(CS7, c_cflag, 90) /* n/a */ TTYMODE(CS8, c_cflag, 91) SGTTYMODE(LPASS8, tiolm, 91) diff --git a/usr.bin/ssh/uidswap.c b/usr.bin/ssh/uidswap.c index 314be452980..20c94df1fa1 100644 --- a/usr.bin/ssh/uidswap.c +++ b/usr.bin/ssh/uidswap.c @@ -14,7 +14,7 @@ Code for uid-swapping. */ #include "includes.h" -RCSID("$Id: uidswap.c,v 1.1 1999/09/26 20:53:38 deraadt Exp $"); +RCSID("$Id: uidswap.c,v 1.2 1999/09/30 08:34:25 deraadt Exp $"); #include "ssh.h" #include "uidswap.h" @@ -28,8 +28,6 @@ RCSID("$Id: uidswap.c,v 1.1 1999/09/26 20:53:38 deraadt Exp $"); Additionally, they must work regardless of whether the system has POSIX saved uids or not. */ -#ifdef HAVE_SETEUID - #ifdef _POSIX_SAVED_IDS /* Lets assume that posix saved ids also work with seteuid, even though that is not part of the posix specification. */ @@ -95,32 +93,3 @@ void permanently_set_uid(uid_t uid) if (setuid(uid) < 0) debug("setuid %d: %.100s", (int)uid, strerror(errno)); } - -#else /* HAVE_SETEUID */ - -YOUR_SYSTEM_DOES_NOT_PERMIT_UID_SWAPPING_READ_AND_EDIT_UIDSWAP_C; -/* If we ever come here, if means that your system does not support any of - the uid swapping methods we are aware of. Tough. This means that - ssh will have to read certain files as root, which causes some security - problems. Unless your are very concerned about security, you can - comment out the above line. The effect is that local users on your - machine might be able to read each other's files. Also, you may encounter - problems if home directories are on a NFS volume. You may also - encounter other problems; please don't complain unless you have some idea - how to fix it. */ - -void temporarily_use_uid(uid_t uid) -{ -} - -void restore_uid() -{ -} - -void permanently_set_uid(uid_t uid) -{ - if (setuid(uid) < 0) - debug("setuid %d: %.100s", (int)uid, strerror(errno)); -} - -#endif /* HAVE_SETEUID */ |