Commit 3d246f10 authored by Colin Watson's avatar Colin Watson

Import openssh_7.9p1.orig.tar.gz

parents e6547182 aede1c34
This diff is collapsed.
......@@ -4,6 +4,7 @@ f2c9feb26963615c4fece921906cf72e248b61ee more Makefile
fa728823ba21c4b45212750e1d3a4b2086fd1a62 more Makefile refactoring
1de0e85522051eb2ffa00437e1885e9d7b3e0c2e moduli update
814b2f670df75759e1581ecef530980b2b3d7e0f remove redundant make defs
04431e8e7872f49a2129bf080a6b73c19d576d40 moduli update
Old upstream tree:
......
This diff is collapsed.
......@@ -280,7 +280,7 @@ distclean: regressclean
rm -f regress/unittests/utf8/*.o
rm -f regress/unittests/utf8/test_utf8
rm -f regress/misc/kexfuzz/*.o
rm -f regress/misc/kexfuzz
rm -f regress/misc/kexfuzz/kexfuzz$(EXEEXT)
(cd openbsd-compat && $(MAKE) distclean)
if test -d pkg ; then \
rm -fr pkg ; \
......
......@@ -334,6 +334,13 @@ a server may offer multiple keys of the same type for a period (to
give clients an opportunity to learn them using this extension) before
removing the deprecated key from those offered.
2.6. connection: SIGINFO support for "signal" channel request
The SSH channels protocol (RFC4254 section 6.9) supports sending a
signal to a session attached to a channel. OpenSSH supports one
extension signal "INFO@openssh.com" that allows sending SIGINFO on
BSD-derived systems.
3. SFTP protocol changes
3.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK
......@@ -489,4 +496,4 @@ OpenSSH's connection multiplexing uses messages as described in
PROTOCOL.mux over a Unix domain socket for communications between a
master instance and later clients.
$OpenBSD: PROTOCOL,v 1.35 2018/08/10 00:44:01 djm Exp $
$OpenBSD: PROTOCOL,v 1.36 2018/10/02 12:51:58 djm Exp $
......@@ -36,6 +36,7 @@ The available section types are:
#define KRL_SECTION_EXPLICIT_KEY 2
#define KRL_SECTION_FINGERPRINT_SHA1 3
#define KRL_SECTION_SIGNATURE 4
#define KRL_SECTION_FINGERPRINT_SHA256 5
2. Certificate section
......@@ -127,18 +128,19 @@ must be a raw key (i.e. not a certificate).
This section may appear multiple times.
4. SHA1 fingerprint sections
4. SHA1/SHA256 fingerprint sections
These sections, identified as KRL_SECTION_FINGERPRINT_SHA1, revoke
plain keys (i.e. not certificates) by listing their SHA1 hashes:
These sections, identified as KRL_SECTION_FINGERPRINT_SHA1 and
KRL_SECTION_FINGERPRINT_SHA256, revoke plain keys (i.e. not
certificates) by listing their hashes:
string public_key_hash[0]
....
This section must contain at least one "public_key_hash". The hash blob
is obtained by taking the SHA1 hash of the public key blob. Hashes in
this section must appear in numeric order, treating each hash as a big-
endian integer.
is obtained by taking the SHA1 or SHA256 hash of the public key blob.
Hashes in this section must appear in numeric order, treating each hash
as a big-endian integer.
This section may appear multiple times.
......@@ -166,4 +168,4 @@ Implementations that retrieve KRLs over untrusted channels must verify
signatures. Signature sections are optional for KRLs distributed by
trusted means.
$OpenBSD: PROTOCOL.krl,v 1.4 2018/04/10 00:10:49 djm Exp $
$OpenBSD: PROTOCOL.krl,v 1.5 2018/09/12 01:21:34 djm Exp $
This document describes the multiplexing protocol used by ssh(1)'s
ControlMaster connection-sharing.
Most messages from the client to the server contain a "request id" field.
This field is returned in replies as "client request id" to facilitate
matching of responses to requests.
Multiplexing starts with a ssh(1) configured to act as a multiplexing
master. This will cause ssh(1) to listen on a Unix domain socket for
requests from clients. Clients communicate over this socket using a
simple packetised protocol, where each message is proceeded with
a length and message type in SSH uint32 wire format:
uint32 packet length
uint32 packet type
... packet body
Most messages from the client to the server contain a "request id"
field. This field is returned in replies as "client request id" to
facilitate matching of responses to requests.
Many muliplexing (mux) client requests yield immediate responses from
the mux process; requesting a forwarding, performing an alive check or
requesting the master terminate itself fall in to this category.
The most common use of multiplexing however is to maintain multiple
concurrent sessions. These are supported via two separate modes:
"Passenger" clients start by requesting a new session with a
MUX_C_NEW_SESSION message and passing stdio file descriptors over the
Unix domain control socket. The passenger client then waits until it is
signaled or the mux server closes the session. This mode is so named as
the client waits around while the mux server does all the driving.
Stdio forwarding (requested using MUX_C_NEW_STDIO_FWD) is another
example of passenger mode; the client passes the stdio file descriptors
and passively waits for something to happen.
"Proxy" clients, requested using MUX_C_PROXY, work quite differently. In
this mode, the mux client/server connection socket will stop speaking
the multiplexing protocol and start proxying SSH connection protocol
messages between the client and server. The client therefore must
speak a significant subset of the SSH protocol, but in return is able
to access basically the full suite of connection protocol features.
Moreover, as no file descriptor passing is required, the connection
supporting a proxy client may iteself be forwarded or relayed to another
host if necessary.
1. Connection setup
When a multiplexing connection is made to a ssh(1) operating as a
ControlMaster from a ssh(1) in multiplex slave mode, the first
action of each is to exchange hello messages:
ControlMaster from a client ssh(1), the first action of each is send
a hello messages to its peer:
uint32 MUX_MSG_HELLO
uint32 protocol version
......@@ -17,16 +54,16 @@ action of each is to exchange hello messages:
string extension value [optional]
...
The current version of the mux protocol is 4. A slave should refuse
The current version of the mux protocol is 4. A client should refuse
to connect to a master that speaks an unsupported protocol version.
Following the version identifier are zero or more extensions
represented as a name/value pair. No extensions are currently
defined.
2. Opening sessions
Following the version identifier are zero or more extensions represented
as a name/value pair. No extensions are currently defined.
To open a new multiplexed session, a client may send the following
request:
2. Opening a passenger mode session
To open a new multiplexed session in passenger mode, a client sends the
following request:
uint32 MUX_C_NEW_SESSION
uint32 request id
......@@ -80,7 +117,25 @@ return its local tty to "cooked" mode.
uint32 MUX_S_TTY_ALLOC_FAIL
uint32 session id
3. Health checks
3. Requesting passenger-mode stdio forwarding
A client may request the master to establish a stdio forwarding:
uint32 MUX_C_NEW_STDIO_FWD
uint32 request id
string reserved
string connect host
string connect port
The client then sends its standard input and output file descriptors
(in that order) using Unix domain socket control messages.
The contents of "reserved" are currently ignored.
A server may reply with a MUX_S_SESSION_OPENED, a MUX_S_PERMISSION_DENIED
or a MUX_S_FAILURE.
4. Health checks
The client may request a health check/PID report from a server:
......@@ -93,7 +148,7 @@ The server replies with:
uint32 client request id
uint32 server pid
4. Remotely terminating a master
5. Remotely terminating a master
A client may request that a master terminate immediately:
......@@ -102,7 +157,7 @@ A client may request that a master terminate immediately:
The server will reply with one of MUX_S_OK or MUX_S_PERMISSION_DENIED.
5. Requesting establishment of port forwards
6. Requesting establishment of port forwards
A client may request the master to establish a port forward:
......@@ -131,7 +186,7 @@ For dynamically allocated listen port the server replies with
uint32 client request id
uint32 allocated remote listen port
6. Requesting closure of port forwards
7. Requesting closure of port forwards
Note: currently unimplemented (server will always reply with MUX_S_FAILURE).
......@@ -148,36 +203,45 @@ A client may request the master to close a port forward:
A server may reply with a MUX_S_OK, a MUX_S_PERMISSION_DENIED or a
MUX_S_FAILURE.
7. Requesting stdio forwarding
8. Requesting shutdown of mux listener
A client may request the master to establish a stdio forwarding:
A client may request the master to stop accepting new multiplexing requests
and remove its listener socket.
uint32 MUX_C_NEW_STDIO_FWD
uint32 MUX_C_STOP_LISTENING
uint32 request id
string reserved
string connect host
string connect port
The client then sends its standard input and output file descriptors
(in that order) using Unix domain socket control messages.
A server may reply with a MUX_S_OK, a MUX_S_PERMISSION_DENIED or a
MUX_S_FAILURE.
The contents of "reserved" are currently ignored.
9. Requesting proxy mode
A server may reply with a MUX_S_SESSION_OPENED, a MUX_S_PERMISSION_DENIED
or a MUX_S_FAILURE.
A client may request that the the control connection be placed in proxy
mode:
8. Requesting shutdown of mux listener
uint32 MUX_C_PROXY
uint32 request id
A client may request the master to stop accepting new multiplexing requests
and remove its listener socket.
When a mux master receives this message, it will reply with a
confirmation:
uint32 MUX_C_STOP_LISTENING
uint32 MUX_S_PROXY
uint32 request id
A server may reply with a MUX_S_OK, a MUX_S_PERMISSION_DENIED or a
MUX_S_FAILURE.
And go into proxy mode. All subsequent data over the connection will
be formatted as unencrypted, unpadded, SSH transport messages:
uint32 packet length
byte 0 (padding length)
byte packet type
byte[packet length - 2] ...
9. Status messages
The mux master will accept most connection messages and global requests,
and will translate channel identifiers to ensure that the proxy client has
globally unique channel numbers (i.e. a proxy client need not worry about
collisions with other clients).
10. Status messages
The MUX_S_OK message is empty:
......@@ -194,7 +258,7 @@ The MUX_S_PERMISSION_DENIED and MUX_S_FAILURE include a reason:
uint32 client request id
string reason
10. Protocol numbers
11. Protocol numbers
#define MUX_MSG_HELLO 0x00000001
#define MUX_C_NEW_SESSION 0x10000002
......@@ -224,5 +288,11 @@ XXX watch in/out traffic (pre/post crypto)
XXX inject packet (what about replies)
XXX server->client error/warning notifications
XXX send signals via mux
$OpenBSD: PROTOCOL.mux,v 1.10 2015/07/17 03:04:27 djm Exp $
XXX ^Z support in passengers
XXX extensions for multi-agent
XXX extensions for multi-X11
XXX session inspection via master
XXX signals via mux request
XXX list active connections via mux
$OpenBSD: PROTOCOL.mux,v 1.11 2018/09/26 07:30:05 djm Exp $
See https://www.openssh.com/releasenotes.html#7.8p1 for the release notes.
See https://www.openssh.com/releasenotes.html#7.9p1 for the release notes.
Please read https://www.openssh.com/report.html for bug reporting
instructions and note that we do not use Github for bug reporting or
patch/pull-request management.
- A Japanese translation of this document and of the release notes is
- available at https://www.unixuser.org/~haruyama/security/openssh/index.html
- Thanks to HARUYAMA Seigo <haruyama@unixuser.org>
This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other
Unices.
......@@ -22,7 +18,7 @@ This port consists of the re-introduction of autoconf support, PAM
support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library
functions that are (regrettably) absent from other unices. This port
has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,
NetBSD, OpenBSD, OpenServer, Solaris and UnixWare.
FreeBSD, NetBSD, OpenBSD, OpenServer, Solaris and UnixWare.
This version actively tracks changes in the OpenBSD CVS repository.
......
/* $OpenBSD: auth-options.c,v 1.83 2018/06/19 02:59:41 djm Exp $ */
/* $OpenBSD: auth-options.c,v 1.84 2018/10/03 06:38:35 djm Exp $ */
/*
* Copyright (c) 2018 Damien Miller <djm@mindrot.org>
*
......@@ -469,13 +469,16 @@ sshauthopt_parse(const char *opts, const char **errstrp)
errstr = "invalid environment string";
goto fail;
}
for (cp = opt; cp < tmp; cp++) {
if (!isalnum((u_char)*cp) && *cp != '_') {
free(opt);
errstr = "invalid environment string";
goto fail;
}
if ((cp = strdup(opt)) == NULL)
goto alloc_fail;
cp[tmp - opt] = '\0'; /* truncate at '=' */
if (!valid_env_name(cp)) {
free(cp);
free(opt);
errstr = "invalid environment string";
goto fail;
}
free(cp);
/* Append it. */
oarray = ret->env;
if ((ret->env = recallocarray(ret->env, ret->nenv,
......
......@@ -128,6 +128,10 @@ extern u_int utmp_len;
typedef pthread_t sp_pthread_t;
#else
typedef pid_t sp_pthread_t;
#define pthread_exit fake_pthread_exit
#define pthread_create fake_pthread_create
#define pthread_cancel fake_pthread_cancel
#define pthread_join fake_pthread_join
#endif
struct pam_ctxt {
......
......@@ -198,6 +198,9 @@ sys_auth_passwd(struct ssh *ssh, const char *password)
/* Just use the supplied fake password if authctxt is invalid */
char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd;
if (pw_password == NULL)
return 0;
/* Check for users with no password. */
if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0)
return (1);
......
/* $OpenBSD: auth.c,v 1.132 2018/07/11 08:19:35 martijn Exp $ */
/* $OpenBSD: auth.c,v 1.133 2018/09/12 01:19:12 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
......@@ -275,22 +275,26 @@ format_method_key(Authctxt *authctxt)
{
const struct sshkey *key = authctxt->auth_method_key;
const char *methinfo = authctxt->auth_method_info;
char *fp, *ret = NULL;
char *fp, *cafp, *ret = NULL;
if (key == NULL)
return NULL;
if (sshkey_is_cert(key)) {
fp = sshkey_fingerprint(key->cert->signature_key,
fp = sshkey_fingerprint(key,
options.fingerprint_hash, SSH_FP_DEFAULT);
xasprintf(&ret, "%s ID %s (serial %llu) CA %s %s%s%s",
sshkey_type(key), key->cert->key_id,
cafp = sshkey_fingerprint(key->cert->signature_key,
options.fingerprint_hash, SSH_FP_DEFAULT);
xasprintf(&ret, "%s %s ID %s (serial %llu) CA %s %s%s%s",
sshkey_type(key), fp == NULL ? "(null)" : fp,
key->cert->key_id,
(unsigned long long)key->cert->serial,
sshkey_type(key->cert->signature_key),
fp == NULL ? "(null)" : fp,
cafp == NULL ? "(null)" : cafp,
methinfo == NULL ? "" : ", ",
methinfo == NULL ? "" : methinfo);
free(fp);
free(cafp);
} else {
fp = sshkey_fingerprint(key, options.fingerprint_hash,
SSH_FP_DEFAULT);
......@@ -308,7 +312,7 @@ auth_log(Authctxt *authctxt, int authenticated, int partial,
const char *method, const char *submethod)
{
struct ssh *ssh = active_state; /* XXX */
void (*authlog) (const char *fmt,...) = verbose;
int level = SYSLOG_LEVEL_VERBOSE;
const char *authmsg;
char *extra = NULL;
......@@ -320,7 +324,7 @@ auth_log(Authctxt *authctxt, int authenticated, int partial,
!authctxt->valid ||
authctxt->failures >= options.max_authtries / 2 ||
strcmp(method, "password") == 0)
authlog = logit;
level = SYSLOG_LEVEL_INFO;
if (authctxt->postponed)
authmsg = "Postponed";
......@@ -334,7 +338,7 @@ auth_log(Authctxt *authctxt, int authenticated, int partial,
extra = xstrdup(authctxt->auth_method_info);
}
authlog("%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s",
do_log2(level, "%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s",
authmsg,
method,
submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
......
/* $OpenBSD: auth2-hostbased.c,v 1.36 2018/07/31 03:10:27 djm Exp $ */
/* $OpenBSD: auth2-hostbased.c,v 1.38 2018/09/20 03:28:06 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
......@@ -79,7 +79,7 @@ userauth_hostbased(struct ssh *ssh)
cuser, chost, pkalg, slen);
#ifdef DEBUG_PK
debug("signature:");
sshbuf_dump_data(sig, siglen, stderr);
sshbuf_dump_data(sig, slen, stderr);
#endif
pktype = sshkey_type_from_name(pkalg);
if (pktype == KEY_UNSPEC) {
......@@ -112,6 +112,13 @@ userauth_hostbased(struct ssh *ssh)
__func__, sshkey_type(key));
goto done;
}
if ((r = sshkey_check_cert_sigtype(key,
options.ca_sign_algorithms)) != 0) {
logit("%s: certificate signature algorithm %s: %s", __func__,
(key->cert == NULL || key->cert->signature_type == NULL) ?
"(null)" : key->cert->signature_type, ssh_err(r));
goto done;
}
if (!authctxt->valid || authctxt->user == NULL) {
debug2("%s: disabled because of invalid user", __func__);
......
/* $OpenBSD: auth2-pubkey.c,v 1.84 2018/08/23 03:01:08 djm Exp $ */
/* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
......@@ -137,7 +137,13 @@ userauth_pubkey(struct ssh *ssh)
__func__, sshkey_ssh_name(key));
goto done;
}
if ((r = sshkey_check_cert_sigtype(key,
options.ca_sign_algorithms)) != 0) {
logit("%s: certificate signature algorithm %s: %s", __func__,
(key->cert == NULL || key->cert->signature_type == NULL) ?
"(null)" : key->cert->signature_type, ssh_err(r));
goto done;
}
key_s = format_key(key);
if (sshkey_is_cert(key))
ca_s = format_key(key->cert->signature_key);
......@@ -177,7 +183,7 @@ userauth_pubkey(struct ssh *ssh)
(r = sshbuf_put_cstring(b, authctxt->service)) != 0 ||
(r = sshbuf_put_cstring(b, "publickey")) != 0 ||
(r = sshbuf_put_u8(b, have_sig)) != 0 ||
(r = sshbuf_put_cstring(b, pkalg) != 0) ||
(r = sshbuf_put_cstring(b, pkalg)) != 0 ||
(r = sshbuf_put_string(b, pkblob, blen)) != 0)
fatal("%s: build packet failed: %s",
__func__, ssh_err(r));
......
......@@ -706,7 +706,7 @@ auth2_record_key(Authctxt *authctxt, int authenticated,
struct sshkey **tmp, *dup;
int r;
if ((r = sshkey_demote(key, &dup)) != 0)
if ((r = sshkey_from_private(key, &dup)) != 0)
fatal("%s: copy key: %s", __func__, ssh_err(r));
sshkey_free(authctxt->auth_method_key);
authctxt->auth_method_key = dup;
......@@ -715,7 +715,7 @@ auth2_record_key(Authctxt *authctxt, int authenticated,
return;
/* If authenticated, make sure we don't accept this key again */
if ((r = sshkey_demote(key, &dup)) != 0)
if ((r = sshkey_from_private(key, &dup)) != 0)
fatal("%s: copy key: %s", __func__, ssh_err(r));
if (authctxt->nprev_keys >= INT_MAX ||
(tmp = recallocarray(authctxt->prev_keys, authctxt->nprev_keys,
......
/* $OpenBSD: authfile.c,v 1.130 2018/07/09 21:59:10 markus Exp $ */
/* $OpenBSD: authfile.c,v 1.131 2018/09/21 12:20:12 djm Exp $ */
/*
* Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
*
......@@ -459,6 +459,8 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
return SSH_ERR_SYSTEM_ERROR;
while (getline(&line, &linesize, f) != -1) {
sshkey_free(pub);
pub = NULL;
cp = line;
/* Skip leading whitespace. */
......@@ -477,16 +479,20 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
r = SSH_ERR_ALLOC_FAIL;
goto out;
}
if ((r = sshkey_read(pub, &cp)) != 0)
switch (r = sshkey_read(pub, &cp)) {
case 0:
break;
case SSH_ERR_KEY_LENGTH:
continue;
default:
goto out;
}
if (sshkey_compare(key, pub) ||
(check_ca && sshkey_is_cert(key) &&
sshkey_compare(key->cert->signature_key, pub))) {
r = 0;
goto out;
}
sshkey_free(pub);
pub = NULL;
}
r = SSH_ERR_KEY_NOT_FOUND;
out:
......
/* $OpenBSD: channels.c,v 1.384 2018/07/27 12:03:17 markus Exp $ */
/* $OpenBSD: channels.c,v 1.386 2018/10/04 01:04:52 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
......@@ -799,6 +799,41 @@ channel_find_open(struct ssh *ssh)
return -1;
}
/* Returns the state of the channel's extended usage flag */
const char *
channel_format_extended_usage(const Channel *c)
{
if (c->efd == -1)
return "closed";
switch (c->extended_usage) {
case CHAN_EXTENDED_WRITE:
return "write";
case CHAN_EXTENDED_READ:
return "read";
case CHAN_EXTENDED_IGNORE:
return "ignore";
default:
return "UNKNOWN";
}
}
static char *
channel_format_status(const Channel *c)
{
char *ret = NULL;
xasprintf(&ret, "t%d %s%u i%u/%zu o%u/%zu e[%s]/%zu "
"fd %d/%d/%d sock %d cc %d",
c->type,
c->have_remote_id ? "r" : "nr", c->remote_id,
c->istate, sshbuf_len(c->input),
c->ostate, sshbuf_len(c->output),
channel_format_extended_usage(c), sshbuf_len(c->extended),
c->rfd, c->wfd, c->efd, c->sock, c->ctl_chan);
return ret;
}
/*
* Returns a message describing the currently open forwarded connections,
* suitable for sending to the client. The message contains crlf pairs for
......@@ -811,7 +846,7 @@ channel_open_message(struct ssh *ssh)
Channel *c;
u_int i;
int r;
char *ret;
char *cp, *ret;
if ((buf = sshbuf_new()) == NULL)
fatal("%s: sshbuf_new", __func__);
......@@ -844,16 +879,14 @@ channel_open_message(struct ssh *ssh)
case SSH_CHANNEL_X11_OPEN:
case SSH_CHANNEL_MUX_PROXY:
case SSH_CHANNEL_MUX_CLIENT:
if ((r = sshbuf_putf(buf, " #%d %.300s "
"(t%d %s%u i%u/%zu o%u/%zu fd %d/%d cc %d)\r\n",
c->self, c->remote_name,
c->type,
c->have_remote_id ? "r" : "nr", c->remote_id,
c->istate, sshbuf_len(c->input),
c->ostate, sshbuf_len(c->output),
c->rfd, c->wfd, c->ctl_chan)) != 0)
cp = channel_format_status(c);
if ((r = sshbuf_putf(buf, " #%d %.300s (%s)\r\n",
c->self, c->remote_name, cp)) != 0) {
free(cp);
fatal("%s: sshbuf_putf: %s",
__func__, ssh_err(r));
}
free(cp);
continue;
default:
fatal("%s: bad channel type %d", __func__, c->type);
......@@ -2352,6 +2385,7 @@ channel_garbage_collect(struct ssh *ssh, Channel *c)
if (c->detach_user != NULL) {
if (!chan_is_dead(ssh, c, c->detach_close))
return;
debug2("channel %d: gc: notify user", c->self);
c->detach_user(ssh, c->self, NULL);
/* if we still have a callback */
......
/* $OpenBSD: channels.h,v 1.131 2018/06/06 18:22:41 djm Exp $ */
/* $OpenBSD: channels.h,v 1.132 2018/10/04 00:10:11 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
......@@ -285,6 +285,7 @@ void channel_output_poll(struct ssh *);
int channel_not_very_much_buffered_data(struct ssh *);
void channel_close_all(struct ssh *);
int channel_still_open(struct ssh *);
const char *channel_format_extended_usage(const Channel *);
char *channel_open_message(struct ssh *);
int channel_find_open(struct ssh *);
......
......@@ -446,7 +446,7 @@ cipher_get_keyiv_len(const struct sshcipher_ctx *cc)
}
int
cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, size_t len)
{
#ifdef WITH_OPENSSL
const struct sshcipher *c = cc->cipher;
......@@ -473,7 +473,7 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
return 0;
else if (evplen < 0)
return SSH_ERR_LIBCRYPTO_ERROR;
if ((u_int)evplen != len)
if ((size_t)evplen != len)
return SSH_ERR_INVALID_ARGUMENT;
#ifndef OPENSSL_HAVE_EVPCTR
if (c->evptype == evp_aes_128_ctr)
......@@ -484,14 +484,14 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len)
if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN,
len, iv))
return SSH_ERR_LIBCRYPTO_ERROR;
} else
memcpy(iv, cc->evp->iv, len);
} else if (!EVP_CIPHER_CTX_get_iv(cc->evp, iv, len))
return SSH_ERR_LIBCRYPTO_ERROR;
#endif
return 0;
}
int
cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv, size_t len)
{
#ifdef WITH_OPENSSL
const struct sshcipher *c = cc->cipher;
......@@ -507,6 +507,8 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
evplen = EVP_CIPHER_CTX_iv_length(cc->evp);
if (evplen <= 0)
return SSH_ERR_LIBCRYPTO_ERROR;
if ((size_t)evplen != len)
return SSH_ERR_INVALID_ARGUMENT;
#ifndef OPENSSL_HAVE_EVPCTR
/* XXX iv arg is const, but ssh_aes_ctr_iv isn't */
if (c->evptype == evp_aes_128_ctr)
......@@ -518,46 +520,8 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv)
if (!EVP_CIPHER_CTX_ctrl(cc->evp,
EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv))
return SSH_ERR_LIBCRYPTO_ERROR;
} else
memcpy(cc->evp->iv, iv, evplen);
} else if (!EVP_CIPHER_CTX_set_iv(cc->evp, iv, evplen))
return SSH_ERR_LIBCRYPTO_ERROR;
#endif
return 0;
}
#ifdef WITH_OPENSSL
#define EVP_X_STATE(evp) (evp)->cipher_data
#define EVP_X_STATE_LEN(evp) (evp)->cipher->ctx_size
#endif
int
cipher_get_keycontext(const struct sshcipher_ctx *cc, u_char *dat)
{
#if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_RC4)
const struct sshcipher *c = cc->cipher;
int plen = 0;
if (c->evptype == EVP_rc4) {
plen = EVP_X_STATE_LEN(cc->evp);
if (dat == NULL)
return (plen);
memcpy(dat, EVP_X_STATE(cc->evp), plen);
}
return (plen);
#else