- OpenBSD CVS update:

- markus@cvs.openbsd.org [ssh.c] fix usage() [ssh2.h] draft-ietf-secsh-architecture-05.txt [ssh.1] document ssh -T -N (ssh2 only) [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c] enable nonblocking IO for sshd w/ proto 1, too; split out common code [aux.c] missing include
2024-11-27 14:44:21 +08:00 · 2000-05-17 22:34:22 +10:00 · 2000-05-17 22:34:22 +10:00 · dcb6ecd1b3
commit dcb6ecd1b3
parent 0e65eed58a
11 changed files with 102 additions and 74 deletions
--- a/12
+++ b/12
@ -13,6 +13,18 @@
 - Avoid WCOREDUMP complation errors for systems that lack it
 - Avoid SIGCHLD warnings from entropy commands 
 - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
+ - OpenBSD CVS update:
+  - markus@cvs.openbsd.org 
+    [ssh.c]
+    fix usage()
+    [ssh2.h]
+    draft-ietf-secsh-architecture-05.txt
+    [ssh.1]
+    document ssh -T -N (ssh2 only)
+    [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
+    enable nonblocking IO for sshd w/ proto 1, too; split out common code
+    [aux.c]
+    missing include

 20000513
 - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz 
--- a/Makefile.in
+++ b/Makefile.in
@ -34,7 +34,7 @@ INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@

 TARGETS=ssh sshd ssh-add ssh-keygen ssh-agent scp $(EXTRA_TARGETS)

-LIBSSH_OBJS=atomicio.o authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o dsa.o fingerprint.o hmac.o hostfile.o key.o kex.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o 
+LIBSSH_OBJS=atomicio.o authfd.o authfile.o aux.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o dispatch.o dsa.o fingerprint.o hmac.o hostfile.o key.o kex.o log.o match.o mpaux.o nchan.o packet.o radix.o entropy.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o uuencode.o xmalloc.o 

 LIBOPENBSD_COMPAT_OBJS=bsd-base64.o bsd-bindresvport.o bsd-daemon.o bsd-misc.o bsd-mktemp.o bsd-rresvport.o bsd-setenv.o bsd-snprintf.o bsd-strlcat.o bsd-strlcpy.o fake-getaddrinfo.o fake-getnameinfo.o 

--- a/aux.c
+++ b/aux.c
@ -0,0 +1,36 @@
+#include "includes.h"
+RCSID("$OpenBSD: aux.c,v 1.2 2000/05/17 09:47:59 markus Exp $");
+
+#include "ssh.h"
+
+char *
+chop(char *s)
+{
+	char *t = s;
+	while (*t) {
+		if(*t == '\n' || *t == '\r') {
+			*t = '\0';
+			return s;
+		}
+		t++;
+	}
+	return s;
+
+}
+
+void
+set_nonblock(int fd)
+{
+	int val;
+	val = fcntl(fd, F_GETFL, 0);
+	if (val < 0) {
+		error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
+		return;
+	}
+	if (val & O_NONBLOCK)
+		return;
+	debug("fd %d setting O_NONBLOCK", fd);
+	val |= O_NONBLOCK;
+	if (fcntl(fd, F_SETFL, val) == -1)
+		error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, strerror(errno));
+}
--- a/channels.c
+++ b/channels.c
@ -17,7 +17,7 @@
 */

 #include "includes.h"
-RCSID("$Id: channels.c,v 1.30 2000/05/09 01:02:59 damien Exp $");
+RCSID("$Id: channels.c,v 1.31 2000/05/17 12:34:23 damien Exp $");

 #include "ssh.h"
 #include "packet.h"
@ -147,23 +147,6 @@ channel_lookup(int id)
 	return c;
 }

-void
-set_nonblock(int fd)
-{
-	int val;
-	val = fcntl(fd, F_GETFL, 0);
-	if (val < 0) {
-		error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
-		return;
-	}
-	if (val & O_NONBLOCK)
-		return;
-	debug("fd %d setting O_NONBLOCK", fd);
-	val |= O_NONBLOCK;
-	if (fcntl(fd, F_SETFL, val) == -1)
-		error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, strerror(errno));
-}
-
 /*
 * Register filedescriptors for a channel, used when allocating a channel or
 * when the channel consumer/producer is ready, e.g. shell exec'd
--- a/serverloop.c
+++ b/serverloop.c
@ -259,20 +259,15 @@ process_input(fd_set * readset)
 		if (len == 0) {
 			verbose("Connection closed by remote host.");
 			fatal_cleanup();
+		} else if (len < 0) {
+			if (errno != EINTR && errno != EAGAIN) {
+				verbose("Read error from remote host: %.100s", strerror(errno));
+				fatal_cleanup();
+			}
+		} else {
+			/* Buffer any received data. */
+			packet_process_incoming(buf, len);
 		}
-		/*
-		 * There is a kernel bug on Solaris that causes select to
-		 * sometimes wake up even though there is no data available.
-		 */
-		if (len < 0 && errno == EAGAIN)
-			len = 0;
-
-		if (len < 0) {
-			verbose("Read error from remote host: %.100s", strerror(errno));
-			fatal_cleanup();
-		}
-		/* Buffer any received data. */
-		packet_process_incoming(buf, len);
 	}
 	if (compat20)
 		return;
@ -280,9 +275,11 @@ process_input(fd_set * readset)
 	/* Read and buffer any available stdout data from the program. */
 	if (!fdout_eof && FD_ISSET(fdout, readset)) {
 		len = read(fdout, buf, sizeof(buf));
-		if (len <= 0)
+		if (len < 0 && (errno == EINTR || errno == EAGAIN)) {
+			/* do nothing */
+		} else if (len <= 0) {
 			fdout_eof = 1;
-		else {
+		} else {
 			buffer_append(&stdout_buffer, buf, len);
 			fdout_bytes += len;
 		}
@ -290,10 +287,13 @@ process_input(fd_set * readset)
 	/* Read and buffer any available stderr data from the program. */
 	if (!fderr_eof && FD_ISSET(fderr, readset)) {
 		len = read(fderr, buf, sizeof(buf));
-		if (len <= 0)
+		if (len < 0 && (errno == EINTR || errno == EAGAIN)) {
+			/* do nothing */
+		} else if (len <= 0) {
 			fderr_eof = 1;
-		else
+		} else {
 			buffer_append(&stderr_buffer, buf, len);
+		}
 	}
 }

@ -309,7 +309,9 @@ process_output(fd_set * writeset)
 	if (!compat20 && fdin != -1 && FD_ISSET(fdin, writeset)) {
 		len = write(fdin, buffer_ptr(&stdin_buffer),
 		    buffer_len(&stdin_buffer));
-		if (len <= 0) {
+		if (len < 0 && (errno == EINTR || errno == EAGAIN)) {
+			/* do nothing */
+		} else if (len <= 0) {
 #ifdef USE_PIPES
 			close(fdin);
 #else
@ -396,6 +398,12 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg)
 	fdin = fdin_arg;
 	fdout = fdout_arg;
 	fderr = fderr_arg;
+
+	/* nonblocking IO */
+	set_nonblock(fdin);
+	set_nonblock(fdout);
+	set_nonblock(fderr);
+
 	connection_in = packet_get_connection_in();
 	connection_out = packet_get_connection_out();

--- a/ssh.1
+++ b/ssh.1
@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: ssh.1,v 1.25 2000/05/09 01:03:02 damien Exp $
+.\" $Id: ssh.1,v 1.26 2000/05/17 12:34:24 damien Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSH 1
@ -24,7 +24,7 @@
 .Op Ar command
 .Pp
 .Nm ssh
-.Op Fl afgknqtvxCPX246
+.Op Fl afgknqtvxCNPTX246
 .Op Fl c Ar cipher_spec
 .Op Fl e Ar escape_char
 .Op Fl i Ar identity_file
@ -416,6 +416,10 @@ program will be put in the background.
 needs to ask for a password or passphrase; see also the
 .Fl f
 option.)
+.It Fl N
+Do not execute a remote command.
+This is usefull if you just want to forward ports
+(protocol version 2 only).
 .It Fl o Ar option
 Can be used to give options in the format used in the config file.
 This is useful for specifying options for which there is no separate
@ -442,6 +446,8 @@ Force pseudo-tty allocation.
 This can be used to execute arbitrary
 screen-based programs on a remote machine, which can be very useful,
 e.g., when implementing menu services.
+.It Fl T
+Disable pseudo-tty allocation (protocol version 2 only).
 .It Fl v
 Verbose mode.
 Causes
--- a/ssh.c
+++ b/ssh.c
@ -11,7 +11,7 @@
 */

 #include "includes.h"
-RCSID("$Id: ssh.c,v 1.30 2000/05/09 01:03:02 damien Exp $");
+RCSID("$Id: ssh.c,v 1.31 2000/05/17 12:34:24 damien Exp $");

 #include <openssl/evp.h>
 #include <openssl/dsa.h>
@ -120,6 +120,7 @@ usage()
 #ifdef AFS
 	fprintf(stderr, "  -k          Disable Kerberos ticket and AFS token forwarding.\n");
 #endif				/* AFS */
+        fprintf(stderr, "  -X          Enable X11 connection forwarding.\n");
 	fprintf(stderr, "  -x          Disable X11 connection forwarding.\n");
 	fprintf(stderr, "  -i file     Identity for RSA authentication (default: ~/.ssh/identity).\n");
 	fprintf(stderr, "  -t          Tty; allocate a tty even if command is given.\n");
--- a/ssh.h
+++ b/ssh.h
@ -13,7 +13,7 @@
 *
 */

-/* RCSID("$Id: ssh.h,v 1.39 2000/05/09 01:03:02 damien Exp $"); */
+/* RCSID("$Id: ssh.h,v 1.40 2000/05/17 12:34:24 damien Exp $"); */

 #ifndef SSH_H
 #define SSH_H
@ -486,6 +486,12 @@ void    fatal_remove_cleanup(void (*proc) (void *context), void *context);
 */
 char   *tilde_expand_filename(const char *filename, uid_t my_uid);

+/* remove newline at end of string */
+char	*chop(char *s);
+
+/* set filedescriptor to non-blocking */
+void	set_nonblock(int fd);
+
 /*
 * Performs the interactive session.  This handles data transmission between
 * the client and the program.  Note that the notion of stdin, stdout, and
--- a/ssh2.h
+++ b/ssh2.h
@ -1,5 +1,5 @@
 /*
- * draft-ietf-secsh-architecture-04.txt
+ * draft-ietf-secsh-architecture-05.txt
 *
 *   Transport layer protocol:
 *
@ -28,6 +28,7 @@
 *
 *     192-255  Local extensions
 */
+/* RCSID("$OpenBSD: ssh2.h,v 1.3 2000/05/15 07:03:12 markus Exp $"); */

 /* transport layer: generic */

@ -88,6 +89,7 @@
 #define SSH2_DISCONNECT_PROTOCOL_ERROR			2
 #define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED		3
 #define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED	4
+#define SSH2_DISCONNECT_RESERVED			4
 #define SSH2_DISCONNECT_MAC_ERROR			5
 #define SSH2_DISCONNECT_COMPRESSION_ERROR		6
 #define SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE		7
@ -95,6 +97,10 @@
 #define SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE		9
 #define SSH2_DISCONNECT_CONNECTION_LOST			10
 #define SSH2_DISCONNECT_BY_APPLICATION			11
+#define SSH2_DISCONNECT_TOO_MANY_CONNECTIONS		12
+#define SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER		13
+#define SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE	14
+#define SSH2_DISCONNECT_ILLEGAL_USER_NAME		15

 /* misc */

--- a/sshconnect.c
+++ b/sshconnect.c
@ -8,7 +8,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: sshconnect.c,v 1.72 2000/05/04 09:50:22 markus Exp $");
+RCSID("$OpenBSD: sshconnect.c,v 1.73 2000/05/17 08:20:15 markus Exp $");

 #include <openssl/bn.h>
 #include <openssl/dsa.h>
@ -301,21 +301,6 @@ ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
 	return 1;
 }

-char *
-chop(char *s)
-{
-	char *t = s;
-	while (*t) {
-		if(*t == '\n' || *t == '\r') {
-			*t = '\0';
-			return s;
-		}
-		t++;
-	}
-	return s;
-
-}
-
 /*
 * Waits for the server identification string, and sends our own
 * identification string.
--- a/sshd.c
+++ b/sshd.c
@ -14,7 +14,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.115 2000/05/03 10:21:49 markus Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.116 2000/05/17 08:20:16 markus Exp $");

 #include "xmalloc.h"
 #include "rsa.h"
@ -262,21 +262,6 @@ key_regeneration_alarm(int sig)
 	errno = save_errno;
 }

-char *
-chop(char *s)
-{
-	char *t = s;
-	while (*t) {
-		if(*t == '\n' || *t == '\r') {
-			*t = '\0';
-			return s;
-		}
-		t++;
-	}
-	return s;
-
-}
-
 void
 sshd_exchange_identification(int sock_in, int sock_out)
 {