subject:"CVS commit\: src\/crypto\/external\/bsd\/openssh"

CVS commit: src/crypto/external/bsd/openssh/dist

2015-04-13 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Apr 13 17:50:31 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: serverloop.c

Log Message:
CID 1293642: Check returns


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/serverloop.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/serverloop.c
diff -u src/crypto/external/bsd/openssh/dist/serverloop.c:1.10 src/crypto/external/bsd/openssh/dist/serverloop.c:1.11
--- src/crypto/external/bsd/openssh/dist/serverloop.c:1.10	Fri Apr  3 19:58:19 2015
+++ src/crypto/external/bsd/openssh/dist/serverloop.c	Mon Apr 13 13:50:31 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: serverloop.c,v 1.10 2015/04/03 23:58:19 christos Exp $	*/
+/*	$NetBSD: serverloop.c,v 1.11 2015/04/13 17:50:31 christos Exp $	*/
 /* $OpenBSD: serverloop.c,v 1.178 2015/02/20 22:17:21 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: serverloop.c,v 1.10 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: serverloop.c,v 1.11 2015/04/13 17:50:31 christos Exp $");
 #include 	/* MIN MAX */
 #include 
 #include 
@@ -861,9 +861,12 @@ server_loop2(Authctxt *authctxt)
 		if (!rekeying) {
 			channel_after_select(readset, writeset);
 			if (packet_need_rekeying()) {
+int r;
 debug("need rekeying");
 active_state->kex->done = 0;
-kex_send_kexinit(active_state);
+ if ((r = kex_send_kexinit(active_state)) != 0)
+	logit("%s: kex_send_kexinit: %s",
+	__func__, ssh_err(r));
 			}
 		}
 		process_input(readset);

CVS commit: src/crypto/external/bsd/openssh/dist

2015-04-13 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Apr 13 17:38:20 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: packet.c

Log Message:
CID 1018734: Fix uninit


To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/packet.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/packet.c
diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.17 src/crypto/external/bsd/openssh/dist/packet.c:1.18
--- src/crypto/external/bsd/openssh/dist/packet.c:1.17	Wed Apr  8 11:49:46 2015
+++ src/crypto/external/bsd/openssh/dist/packet.c	Mon Apr 13 13:38:20 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: packet.c,v 1.17 2015/04/08 15:49:46 christos Exp $	*/
+/*	$NetBSD: packet.c,v 1.18 2015/04/13 17:38:20 christos Exp $	*/
 /* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: packet.c,v 1.17 2015/04/08 15:49:46 christos Exp $");
+__RCSID("$NetBSD: packet.c,v 1.18 2015/04/13 17:38:20 christos Exp $");
 #include 	/* MIN roundup */
 #include 
 #include 
@@ -1262,7 +1262,7 @@ int
 ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
 {
 	struct session_state *state = ssh->state;
-	int len, r, ms_remain, cont;
+	int len, r, ms_remain = 0, cont;
 	fd_set *setp;
 	char buf[8192];
 	struct timeval timeout, start, *timeoutp = NULL;

CVS commit: src/crypto/external/bsd/openssh/dist

2015-04-13 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Apr 13 17:35:16 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: sftp.c

Log Message:
CID 996110: Fix memory leak


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/sftp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp.c
diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.14 src/crypto/external/bsd/openssh/dist/sftp.c:1.15
--- src/crypto/external/bsd/openssh/dist/sftp.c:1.14	Fri Apr  3 19:58:19 2015
+++ src/crypto/external/bsd/openssh/dist/sftp.c	Mon Apr 13 13:35:16 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp.c,v 1.14 2015/04/03 23:58:19 christos Exp $	*/
+/*	$NetBSD: sftp.c,v 1.15 2015/04/13 17:35:16 christos Exp $	*/
 /* $OpenBSD: sftp.c,v 1.170 2015/01/20 23:14:00 deraadt Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -17,7 +17,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp.c,v 1.14 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: sftp.c,v 1.15 2015/04/13 17:35:16 christos Exp $");
 #include 	/* MIN MAX */
 #include 
 #include 
@@ -732,6 +732,8 @@ process_put(struct sftp_conn *conn, char
 			fflag || global_fflag) == -1)
 err = -1;
 		}
+		free(abs_dst);
+		abs_dst = NULL;
 	}
 
 out:

CVS commit: src/crypto/external/bsd/openssh/dist

2015-04-11 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Sat Apr 11 21:14:31 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: packet.h ssh-keygen.c

Log Message:
Use __dead.


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/packet.h
cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/ssh-keygen.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/packet.h
diff -u src/crypto/external/bsd/openssh/dist/packet.h:1.10 src/crypto/external/bsd/openssh/dist/packet.h:1.11
--- src/crypto/external/bsd/openssh/dist/packet.h:1.10	Fri Apr  3 23:58:19 2015
+++ src/crypto/external/bsd/openssh/dist/packet.h	Sat Apr 11 21:14:31 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: packet.h,v 1.10 2015/04/03 23:58:19 christos Exp $	*/
+/*	$NetBSD: packet.h,v 1.11 2015/04/11 21:14:31 joerg Exp $	*/
 /* $OpenBSD: packet.h,v 1.66 2015/01/30 01:13:33 djm Exp $ */
 
 /*
@@ -151,7 +151,7 @@ int	sshpkt_sendx(struct ssh *ssh);
 int sshpkt_disconnect(struct ssh *, const char *fmt, ...)
 	__attribute__((format(printf, 2, 3)));
 int	sshpkt_add_padding(struct ssh *, u_char);
-void	sshpkt_fatal(struct ssh *ssh, const char *tag, int r);
+void	sshpkt_fatal(struct ssh *ssh, const char *tag, int r) __dead;
 
 int	sshpkt_put(struct ssh *ssh, const void *v, size_t len);
 int	sshpkt_putb(struct ssh *ssh, const struct sshbuf *b);

Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.15 src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.16
--- src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.15	Fri Apr  3 23:58:19 2015
+++ src/crypto/external/bsd/openssh/dist/ssh-keygen.c	Sat Apr 11 21:14:31 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-keygen.c,v 1.15 2015/04/03 23:58:19 christos Exp $	*/
+/*	$NetBSD: ssh-keygen.c,v 1.16 2015/04/11 21:14:31 joerg Exp $	*/
 /* $OpenBSD: ssh-keygen.c,v 1.266 2015/02/26 20:45:47 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-keygen.c,v 1.15 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: ssh-keygen.c,v 1.16 2015/04/11 21:14:31 joerg Exp $");
 #include 
 #include 
 #include 
@@ -291,7 +291,7 @@ load_identity(char *filename)
 #define	SSH_COM_PRIVATE_KEY_MAGIC	0x3f6ff9eb
 
 #ifdef WITH_OPENSSL
-static void
+__dead static void
 do_convert_to_ssh2(struct passwd *pw, struct sshkey *k)
 {
 	size_t len;

CVS commit: src/crypto/external/bsd/openssh/dist

2015-04-08 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Wed Apr  8 15:49:47 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: dispatch.c packet.c

Log Message:
ssh_packet_write_wait() returns number of bytes now; check for negative
for error instead of 0. Fixes ssh command restrictions, reported by
Tobias Nygren.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/dispatch.c
cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/packet.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/dispatch.c
diff -u src/crypto/external/bsd/openssh/dist/dispatch.c:1.4 src/crypto/external/bsd/openssh/dist/dispatch.c:1.5
--- src/crypto/external/bsd/openssh/dist/dispatch.c:1.4	Fri Apr  3 19:58:19 2015
+++ src/crypto/external/bsd/openssh/dist/dispatch.c	Wed Apr  8 11:49:46 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: dispatch.c,v 1.4 2015/04/03 23:58:19 christos Exp $	*/
+/*	$NetBSD: dispatch.c,v 1.5 2015/04/08 15:49:46 christos Exp $	*/
 /* $OpenBSD: dispatch.c,v 1.26 2015/02/12 20:34:19 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: dispatch.c,v 1.4 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: dispatch.c,v 1.5 2015/04/08 15:49:46 christos Exp $");
 #include 
 
 #include 
@@ -51,7 +51,7 @@ dispatch_protocol_error(int type, u_int3
 	if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
 	(r = sshpkt_put_u32(ssh, seq)) != 0 ||
 	(r = sshpkt_send(ssh)) != 0 ||
-	(r = ssh_packet_write_wait(ssh)) != 0)
+	(r = ssh_packet_write_wait(ssh)) < 0)
 		sshpkt_fatal(ssh, __func__, r);
 	return 0;
 }

Index: src/crypto/external/bsd/openssh/dist/packet.c
diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.16 src/crypto/external/bsd/openssh/dist/packet.c:1.17
--- src/crypto/external/bsd/openssh/dist/packet.c:1.16	Fri Apr  3 19:58:19 2015
+++ src/crypto/external/bsd/openssh/dist/packet.c	Wed Apr  8 11:49:46 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: packet.c,v 1.16 2015/04/03 23:58:19 christos Exp $	*/
+/*	$NetBSD: packet.c,v 1.17 2015/04/08 15:49:46 christos Exp $	*/
 /* $OpenBSD: packet.c,v 1.208 2015/02/13 18:57:00 markus Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: packet.c,v 1.16 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: packet.c,v 1.17 2015/04/08 15:49:46 christos Exp $");
 #include 	/* MIN roundup */
 #include 
 #include 
@@ -1452,7 +1452,7 @@ ssh_packet_read_poll1(struct ssh *ssh, u
 		if (emsg != NULL) {
 			error("%s", emsg);
 			if ((r = sshpkt_disconnect(ssh, "%s", emsg)) != 0 ||
-			(r = ssh_packet_write_wait(ssh)) != 0)
+			(r = ssh_packet_write_wait(ssh)) < 0)
 	return r;
 			return SSH_ERR_CONN_CORRUPT;
 		}
@@ -1487,7 +1487,7 @@ ssh_packet_read_poll1(struct ssh *ssh, u
 		error("%s: len %d != sshbuf_len %zd", __func__,
 		len, sshbuf_len(state->incoming_packet));
 		if ((r = sshpkt_disconnect(ssh, "invalid packet length")) != 0 ||
-		(r = ssh_packet_write_wait(ssh)) != 0)
+		(r = ssh_packet_write_wait(ssh)) < 0)
 			return r;
 		return SSH_ERR_CONN_CORRUPT;
 	}
@@ -1497,7 +1497,7 @@ ssh_packet_read_poll1(struct ssh *ssh, u
 	if (checksum != stored_checksum) {
 		error("Corrupted check bytes on input");
 		if ((r = sshpkt_disconnect(ssh, "connection corrupted")) != 0 ||
-		(r = ssh_packet_write_wait(ssh)) != 0)
+		(r = ssh_packet_write_wait(ssh)) < 0)
 			return r;
 		return SSH_ERR_CONN_CORRUPT;
 	}
@@ -1521,7 +1521,7 @@ ssh_packet_read_poll1(struct ssh *ssh, u
 	if (*typep < SSH_MSG_MIN || *typep > SSH_MSG_MAX) {
 		error("Invalid ssh1 packet type: %d", *typep);
 		if ((r = sshpkt_disconnect(ssh, "invalid packet type")) != 0 ||
-		(r = ssh_packet_write_wait(ssh)) != 0)
+		(r = ssh_packet_write_wait(ssh)) < 0)
 			return r;
 		return SSH_ERR_PROTOCOL_ERROR;
 	}
@@ -1694,7 +1694,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u
 	if (padlen < 4)	{
 		if ((r = sshpkt_disconnect(ssh,
 		"Corrupted padlen %d on input.", padlen)) != 0 ||
-		(r = ssh_packet_write_wait(ssh)) != 0)
+		(r = ssh_packet_write_wait(ssh)) < 0)
 			return r;
 		return SSH_ERR_CONN_CORRUPT;
 	}
@@ -1727,7 +1727,7 @@ ssh_packet_read_poll2(struct ssh *ssh, u
 	if (*typep < SSH2_MSG_MIN || *typep >= SSH2_MSG_LOCAL_MIN) {
 		if ((r = sshpkt_disconnect(ssh,
 		"Invalid ssh2 packet type: %d", *typep)) != 0 ||
-		(r = ssh_packet_write_wait(ssh)) != 0)
+		(r = ssh_packet_write_wait(ssh)) < 0)
 			return r;
 		return SSH_ERR_PROTOCOL_ERROR;
 	}
@@ -1896,7 +1896,7 @@ ssh_packet_send_debug(struct ssh *ssh, c
 		(r = sshpkt_send(ssh)) != 0)
 			fatal("%s: %s", __func__, ssh_err(r));
 	}
-	if ((r = ssh_packet_write_wait(ssh)) != 0)
+	if ((r = ssh_packet_write_wait(ssh)) < 0)
 		fatal("%s: %s", __func__, ssh_er

CVS commit: src/crypto/external/bsd/openssh/dist

2015-04-04 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Apr  4 13:59:20 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-keyscan.c

Log Message:
Alpha is the only platform where sig_atomic_t isn't int...
OpenBSD does not compile OpenSSH on the alpha anymore?


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-keyscan.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.11 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.12
--- src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.11	Fri Apr  3 19:58:19 2015
+++ src/crypto/external/bsd/openssh/dist/ssh-keyscan.c	Sat Apr  4 09:59:20 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-keyscan.c,v 1.11 2015/04/03 23:58:19 christos Exp $	*/
+/*	$NetBSD: ssh-keyscan.c,v 1.12 2015/04/04 13:59:20 christos Exp $	*/
 /* $OpenBSD: ssh-keyscan.c,v 1.99 2015/01/30 10:44:49 djm Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres .
@@ -9,7 +9,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-keyscan.c,v 1.11 2015/04/03 23:58:19 christos Exp $");
+__RCSID("$NetBSD: ssh-keyscan.c,v 1.12 2015/04/04 13:59:20 christos Exp $");
 
 #include 
 #include 
@@ -91,7 +91,7 @@ typedef struct Connection {
 	int c_len;		/* Total bytes which must be read. */
 	int c_off;		/* Length of data read so far. */
 	int c_keytype;		/* Only one of KT_RSA1, KT_DSA, or KT_RSA */
-	int c_done;		/* SSH2 done */
+	sig_atomic_t c_done;	/* SSH2 done */
 	char *c_namebase;	/* Address to free for c_name and c_namelist */
 	char *c_name;		/* Hostname of connection for errors */
 	char *c_namelist;	/* Pointer to other possible addresses */

CVS commit: src/crypto/external/bsd/openssh

2015-04-03 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Apr  3 23:58:19 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/bin/ssh-keyscan: Makefile
src/crypto/external/bsd/openssh/dist: LICENCE OVERVIEW PROTOCOL
PROTOCOL.agent PROTOCOL.certkeys PROTOCOL.mux README addrmatch.c
atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c
auth-options.c auth-options.h auth-pam.c auth-pam.h auth-passwd.c
auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth.h
auth1.c auth2-chall.c auth2-gss.c auth2-hostbased.c auth2-kbdint.c
auth2-krb5.c auth2-none.c auth2-passwd.c auth2-pubkey.c auth2.c
authfd.c authfd.h authfile.c authfile.h bcrypt_pbkdf.c bitmap.c
bitmap.h blocks.c blowfish.c bufaux.c bufbn.c bufec.c buffer.c
buffer.h canohost.c canohost.h chacha.c channels.c channels.h
cipher-3des1.c cipher-bf1.c cipher-chachapoly.c cipher-ctr-mt.c
cipher.c cipher.h cleanup.c clientloop.c clientloop.h compat.c
compat.h crc32.c crc32.h deattack.c deattack.h dh.c dh.h
digest-libc.c digest-openssl.c dispatch.c dispatch.h dns.c dns.h
ed25519.c fatal.c fe25519.c fmt_scaled.c fmt_scaled.h ge25519.c
getpeereid.c getpeereid.h getrrsetbyname.c getrrsetbyname.h
groupaccess.c groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c
hash.c hmac.c hostfile.c hostfile.h includes.h kex.c kex.h
kexc25519.c kexc25519c.c kexc25519s.c kexdh.c kexdhc.c kexdhs.c
kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c kexgexs.c key.c
key.h krl.c ldapauth.c ldapauth.h log.c log.h mac.c mac.h match.c
match.h md-sha256.c misc.c misc.h moduli moduli.5 moduli.c
monitor.c monitor.h monitor_fdpass.c monitor_fdpass.h monitor_mm.c
monitor_mm.h monitor_wrap.c monitor_wrap.h msg.c msg.h mux.c
myproposal.h namespace.h nchan.c nchan.ms nchan2.ms opacket.c
opacket.h openssh2netbsd packet.c packet.h pathnames.h pkcs11.h
poly1305.c progressmeter.c progressmeter.h random.h readconf.c
readconf.h readpass.c readpassphrase.3 readpassphrase.c
readpassphrase.h roaming.h roaming_client.c roaming_common.c
roaming_dummy.c roaming_serv.c rsa.c rsa.h sandbox-rlimit.c
sc25519.c scp.1 scp.c servconf.c servconf.h serverloop.c
serverloop.h session.c session.h sftp-client.c sftp-client.h
sftp-common.c sftp-common.h sftp-glob.c sftp-server-main.c
sftp-server.8 sftp-server.c sftp.1 sftp.c sftp.h
smult_curve25519_ref.c ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c
ssh-dss.c ssh-ecdsa.c ssh-ed25519.c ssh-gss.h ssh-keygen.1
ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8
ssh-keysign.c ssh-pkcs11-client.c ssh-pkcs11-helper.8
ssh-pkcs11-helper.c ssh-pkcs11.c ssh-pkcs11.h ssh-rsa.c ssh.1 ssh.c
ssh.h ssh1.h ssh2.h ssh_api.c ssh_api.h ssh_config ssh_config.5
sshbuf-getput-basic.c sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c
sshbuf.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c
sshd.8 sshd.c sshd_config sshd_config.5 ssherr.c sshkey.c
sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c
ttymodes.h uidswap.c uidswap.h umac.c umac.h uuencode.c uuencode.h
verify.c version.h xmalloc.c xmalloc.h
src/crypto/external/bsd/openssh/lib: Makefile shlib_version
Removed Files:
src/crypto/external/bsd/openssh/dist: compress.c compress.h

Log Message:
Merge conflicts


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/LICENCE \
src/crypto/external/bsd/openssh/dist/OVERVIEW \
src/crypto/external/bsd/openssh/dist/README \
src/crypto/external/bsd/openssh/dist/auth-bsdauth.c \
src/crypto/external/bsd/openssh/dist/auth-pam.h \
src/crypto/external/bsd/openssh/dist/auth-passwd.c \
src/crypto/external/bsd/openssh/dist/auth2-krb5.c \
src/crypto/external/bsd/openssh/dist/cleanup.c \
src/crypto/external/bsd/openssh/dist/crc32.c \
src/crypto/external/bsd/openssh/dist/crc32.h \
src/crypto/external/bsd/openssh/dist/deattack.c \
src/crypto/external/bsd/openssh/dist/deattack.h \
src/crypto/external/bsd/openssh/dist/dh.h \
src/crypto/external/bsd/openssh/dist/dispatch.c \
src/crypto/external/bsd/openssh/dist/dispatch.h \
src/crypto/external/bsd/openssh/dist/fatal.c \
src/crypto/external/bsd/openssh/dist/fmt_scaled.c \
src/crypto/external/bsd/openssh/dist/groupaccess.h \
src/crypto/external/bsd/openssh/dist/includes.h \
src/crypto/external/bsd/openssh/dist/kexdh.c \
src/crypto/external/bsd/openssh/dist/kexgex

CVS commit: src/crypto/external/bsd/openssh

2015-03-01 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Mar  1 21:00:40 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh: Makefile.inc

Log Message:
Sync the HAVE's with reality


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/Makefile.inc

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/Makefile.inc
diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.7 src/crypto/external/bsd/openssh/Makefile.inc:1.8
--- src/crypto/external/bsd/openssh/Makefile.inc:1.7	Fri Jan 16 15:17:49 2015
+++ src/crypto/external/bsd/openssh/Makefile.inc	Sun Mar  1 16:00:40 2015
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.inc,v 1.7 2015/01/16 20:17:49 christos Exp $
+#	$NetBSD: Makefile.inc,v 1.8 2015/03/01 21:00:40 christos Exp $
 
 WARNS?=	4
 
@@ -9,7 +9,13 @@ WITH_OPENSSL=1
 
 SSHDIST?= ${NETBSDSRCDIR}/crypto/external/bsd/openssh/dist
 
-CPPFLAGS+=-I${SSHDIST} -DHAVE_LOGIN_CAP -DHAVE_MMAP -DHAVE_OPENPTY
+CPPFLAGS+=-I${SSHDIST}
+
+CPPFLAGS+=-DHAVE_DLOPEN
+CPPFLAGS+=-DHAVE_HEADER_AD
+CPPFLAGS+=-DHAVE_LOGIN_CAP
+CPPFLAGS+=-DHAVE_STDLIB_H
+
 CPPFLAGS+=-DWITH_SSH1 -DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE
 .if !defined(NOPIC)
 CPPFLAGS+=-DHAVE_DLOPEN

CVS commit: src/crypto/external/bsd/openssh/dist

2015-02-14 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 14 19:05:29 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: sshd.c

Log Message:
initialize the pfilter for the privilege-separated copy (Frank Kardel)


To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/sshd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshd.c
diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.16 src/crypto/external/bsd/openssh/dist/sshd.c:1.17
--- src/crypto/external/bsd/openssh/dist/sshd.c:1.16	Sun Jan 25 10:52:44 2015
+++ src/crypto/external/bsd/openssh/dist/sshd.c	Sat Feb 14 14:05:29 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshd.c,v 1.16 2015/01/25 15:52:44 christos Exp $	*/
+/*	$NetBSD: sshd.c,v 1.17 2015/02/14 19:05:29 christos Exp $	*/
 /* $OpenBSD: sshd.c,v 1.428 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -44,7 +44,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshd.c,v 1.16 2015/01/25 15:52:44 christos Exp $");
+__RCSID("$NetBSD: sshd.c,v 1.17 2015/02/14 19:05:29 christos Exp $");
 #include 
 #include 
 #include 
@@ -628,6 +628,8 @@ privsep_preauth_child(void)
 	explicit_bzero(pw->pw_passwd, strlen(pw->pw_passwd));
 	endpwent();
 
+	pfilter_init();
+
 	/* Change our root directory */
 	if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
 		fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,

CVS commit: src/crypto/external/bsd/openssh/dist

2015-02-14 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb 14 15:41:21 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: auth1.c auth2.c

Log Message:
Also mark as bad attempts those who come in a bad users (Frank Kardel)


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/auth1.c \
src/crypto/external/bsd/openssh/dist/auth2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth1.c
diff -u src/crypto/external/bsd/openssh/dist/auth1.c:1.9 src/crypto/external/bsd/openssh/dist/auth1.c:1.10
--- src/crypto/external/bsd/openssh/dist/auth1.c:1.9	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/auth1.c	Sat Feb 14 10:41:21 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth1.c,v 1.9 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: auth1.c,v 1.10 2015/02/14 15:41:21 christos Exp $	*/
 /* $OpenBSD: auth1.c,v 1.82 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth1.c,v 1.9 2014/10/19 16:30:58 christos Exp $");
+__RCSID("$NetBSD: auth1.c,v 1.10 2015/02/14 15:41:21 christos Exp $");
 #include 
 #include 
 
@@ -41,6 +41,7 @@ __RCSID("$NetBSD: auth1.c,v 1.9 2014/10/
 #endif
 #include "monitor_wrap.h"
 #include "buffer.h"
+#include "pfilter.h"
 
 /* import */
 extern ServerOptions options;
@@ -445,6 +446,7 @@ do_authentication(Authctxt *authctxt)
 	else {
 		debug("do_authentication: invalid user %s", user);
 		authctxt->pw = fakepw();
+		pfilter_notify(1);
 	}
 
 	/* Configuration may have changed as a result of Match */
Index: src/crypto/external/bsd/openssh/dist/auth2.c
diff -u src/crypto/external/bsd/openssh/dist/auth2.c:1.9 src/crypto/external/bsd/openssh/dist/auth2.c:1.10
--- src/crypto/external/bsd/openssh/dist/auth2.c:1.9	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/auth2.c	Sat Feb 14 10:41:21 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth2.c,v 1.9 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: auth2.c,v 1.10 2015/02/14 15:41:21 christos Exp $	*/
 /* $OpenBSD: auth2.c,v 1.132 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth2.c,v 1.9 2014/10/19 16:30:58 christos Exp $");
+__RCSID("$NetBSD: auth2.c,v 1.10 2015/02/14 15:41:21 christos Exp $");
 #include 
 #include 
 #include 
@@ -52,6 +52,7 @@ __RCSID("$NetBSD: auth2.c,v 1.9 2014/10/
 #include "pathnames.h"
 #include "buffer.h"
 #include "canohost.h"
+#include "pfilter.h"
 
 #ifdef GSSAPI
 #include "ssh-gss.h"
@@ -256,6 +257,7 @@ input_userauth_request(int type, u_int32
 		} else {
 			logit("input_userauth_request: invalid user %s", user);
 			authctxt->pw = fakepw();
+			pfilter_notify(1);
 		}
 #ifdef USE_PAM
 		if (options.use_pam)

CVS commit: src/crypto/external/bsd/openssh

2015-01-25 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Jan 26 03:57:17 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/bin/sshd: Makefile
src/crypto/external/bsd/openssh/dist: pfilter.c

Log Message:
don't use blacklist if we are crunched.


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/bin/sshd/Makefile
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/dist/pfilter.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/bin/sshd/Makefile
diff -u src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.11 src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.12
--- src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.11	Sun Jan 25 10:52:44 2015
+++ src/crypto/external/bsd/openssh/bin/sshd/Makefile	Sun Jan 25 22:57:17 2015
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.11 2015/01/25 15:52:44 christos Exp $
+#	$NetBSD: Makefile,v 1.12 2015/01/26 03:57:17 christos Exp $
 
 .include 
 
@@ -69,5 +69,9 @@ DPADD+=	${LIBCRYPT} ${LIBUTIL}
 LDADD+=	-lwrap
 DPADD+=	${LIBWRAP}
 
+.ifdef CRUNCHEDPROG
+CPPFLAGS+=-DSMALL
+.else
 LDADD+=	-lblacklist
 DPADD+=	${LIBBLACKLIST}
+.endif

Index: src/crypto/external/bsd/openssh/dist/pfilter.c
diff -u src/crypto/external/bsd/openssh/dist/pfilter.c:1.1 src/crypto/external/bsd/openssh/dist/pfilter.c:1.2
--- src/crypto/external/bsd/openssh/dist/pfilter.c:1.1	Sun Jan 25 10:52:44 2015
+++ src/crypto/external/bsd/openssh/dist/pfilter.c	Sun Jan 25 22:57:17 2015
@@ -5,17 +5,22 @@
 #include "pfilter.h"
 #include 
 
+#ifndef SMALL
 static struct blacklist *blstate;
+#endif
 
 void
 pfilter_init()
 {
+#ifndef SMALL
 	blstate = blacklist_open();
+#endif
 }
 
 void
 pfilter_notify(int a)
 {
+#ifndef SMALL
 	int fd;
 	if (blstate == NULL)
 		pfilter_init();
@@ -24,4 +29,7 @@ pfilter_notify(int a)
 	// XXX: 3?
  	fd = packet_connection_is_on_socket() ? packet_get_connection_in() : 3;
 	(void)blacklist_r(blstate, a, fd, "ssh");
+#else
+	__USE(a);
+#endif
 }

CVS commit: src/crypto/external/bsd/openssh

2015-01-25 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Jan 25 15:52:44 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/bin/sshd: Makefile
src/crypto/external/bsd/openssh/dist: auth.c sshd.c
Added Files:
src/crypto/external/bsd/openssh/dist: pfilter.c pfilter.h

Log Message:
blacklist hooks


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/bin/sshd/Makefile
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/auth.c
cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/openssh/dist/pfilter.c \
src/crypto/external/bsd/openssh/dist/pfilter.h
cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/dist/sshd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/bin/sshd/Makefile
diff -u src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.10 src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.11
--- src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.10	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/bin/sshd/Makefile	Sun Jan 25 10:52:44 2015
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.10 2014/10/19 16:30:58 christos Exp $
+#	$NetBSD: Makefile,v 1.11 2015/01/25 15:52:44 christos Exp $
 
 .include 
 
@@ -15,7 +15,7 @@ SRCS=	sshd.c auth-rhosts.c auth-passwd.c
 	auth2-none.c auth2-passwd.c auth2-pubkey.c \
 	monitor_mm.c monitor.c monitor_wrap.c \
 	kexdhs.c kexgexs.c kexecdhs.c sftp-server.c sftp-common.c \
-	roaming_common.c roaming_serv.c sandbox-rlimit.c
+	roaming_common.c roaming_serv.c sandbox-rlimit.c pfilter.c
 
 COPTS.auth-options.c=	-Wno-pointer-sign
 COPTS.ldapauth.c=	-Wno-format-nonliteral	# XXX: should fix
@@ -68,3 +68,6 @@ DPADD+=	${LIBCRYPT} ${LIBUTIL}
 
 LDADD+=	-lwrap
 DPADD+=	${LIBWRAP}
+
+LDADD+=	-lblacklist
+DPADD+=	${LIBBLACKLIST}

Index: src/crypto/external/bsd/openssh/dist/auth.c
diff -u src/crypto/external/bsd/openssh/dist/auth.c:1.10 src/crypto/external/bsd/openssh/dist/auth.c:1.11
--- src/crypto/external/bsd/openssh/dist/auth.c:1.10	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/auth.c	Sun Jan 25 10:52:44 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth.c,v 1.10 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: auth.c,v 1.11 2015/01/25 15:52:44 christos Exp $	*/
 /* $OpenBSD: auth.c,v 1.106 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth.c,v 1.10 2014/10/19 16:30:58 christos Exp $");
+__RCSID("$NetBSD: auth.c,v 1.11 2015/01/25 15:52:44 christos Exp $");
 #include 
 #include 
 #include 
@@ -62,6 +62,7 @@ __RCSID("$NetBSD: auth.c,v 1.10 2014/10/
 #include "monitor_wrap.h"
 #include "krl.h"
 #include "compat.h"
+#include "pfilter.h"
 
 #ifdef HAVE_LOGIN_CAP
 #include 
@@ -362,6 +363,8 @@ auth_log(Authctxt *authctxt, int authent
 	compat20 ? "ssh2" : "ssh1",
 	authctxt->info != NULL ? ": " : "",
 	authctxt->info != NULL ? authctxt->info : "");
+	if (!authctxt->postponed)
+		pfilter_notify(!authenticated);
 	free(authctxt->info);
 	authctxt->info = NULL;
 }

Index: src/crypto/external/bsd/openssh/dist/sshd.c
diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.15 src/crypto/external/bsd/openssh/dist/sshd.c:1.16
--- src/crypto/external/bsd/openssh/dist/sshd.c:1.15	Tue Oct 28 17:36:16 2014
+++ src/crypto/external/bsd/openssh/dist/sshd.c	Sun Jan 25 10:52:44 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshd.c,v 1.15 2014/10/28 21:36:16 joerg Exp $	*/
+/*	$NetBSD: sshd.c,v 1.16 2015/01/25 15:52:44 christos Exp $	*/
 /* $OpenBSD: sshd.c,v 1.428 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -44,7 +44,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshd.c,v 1.15 2014/10/28 21:36:16 joerg Exp $");
+__RCSID("$NetBSD: sshd.c,v 1.16 2015/01/25 15:52:44 christos Exp $");
 #include 
 #include 
 #include 
@@ -109,6 +109,7 @@ __RCSID("$NetBSD: sshd.c,v 1.15 2014/10/
 #include "roaming.h"
 #include "ssh-sandbox.h"
 #include "version.h"
+#include "pfilter.h"
 
 #ifdef LIBWRAP
 #include 
@@ -364,6 +365,7 @@ grace_alarm_handler(int sig)
 		killpg(0, SIGTERM);
 	}
 
+	pfilter_notify(1);
 	/* Log error and exit. */
 	sigdie("Timeout before authentication for %s", get_remote_ipaddr());
 }
@@ -1160,6 +1162,7 @@ server_accept_loop(int *sock_in, int *so
 	for (i = 0; i < options.max_startups; i++)
 		startup_pipes[i] = -1;
 
+	pfilter_init();
 	/*
 	 * Stay listening for connections until the system crashes or
 	 * the daemon is killed with a signal.

Added files:

Index: src/crypto/external/bsd/openssh/dist/pfilter.c
diff -u /dev/null src/crypto/external/bsd/openssh/dist/pfilter.c:1.1
--- /dev/null	Sun Jan 25 10:52:44 2015
+++ src/crypto/external/bsd/openssh/dist/pfilter.c	Sun Jan 25 10:52:44 2015
@@ -0,0 +1,27 @@
+#include "namespace.h"
+#include "ssh.h"
+#include "packet.h"
+#include "log.h"
+#include "pfilter.h"
+#include 
+
+sta

CVS commit: src/crypto/external/bsd/openssh/dist

2015-01-20 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Wed Jan 21 02:05:47 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist: packet.c

Log Message:
don't print a return on debug messages


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/packet.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/packet.c
diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.14 src/crypto/external/bsd/openssh/dist/packet.c:1.15
--- src/crypto/external/bsd/openssh/dist/packet.c:1.14	Sun Oct 19 23:05:13 2014
+++ src/crypto/external/bsd/openssh/dist/packet.c	Tue Jan 20 21:05:47 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: packet.c,v 1.14 2014/10/20 03:05:13 christos Exp $	*/
+/*	$NetBSD: packet.c,v 1.15 2015/01/21 02:05:47 christos Exp $	*/
 /* $OpenBSD: packet.c,v 1.198 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: packet.c,v 1.14 2014/10/20 03:05:13 christos Exp $");
+__RCSID("$NetBSD: packet.c,v 1.15 2015/01/21 02:05:47 christos Exp $");
 #include 
 #include 
 #include 
@@ -944,7 +944,7 @@ packet_send2_wrapped(void)
 	len, padlen, aadlen));
 
 	/* compute MAC over seqnr and packet(length fields, payload, padding) */
-debug("mac %p, %d %d\n", mac, mac? mac->enabled : -1, mac ? mac->etm : -1);
+debug("mac %p, %d %d", mac, mac? mac->enabled : -1, mac ? mac->etm : -1);
 	if (mac && mac->enabled && !mac->etm) {
 		macbuf = mac_compute(mac, active_state->p_send.seqnr,
 		buffer_ptr(&active_state->outgoing_packet), len);

CVS commit: src/crypto/external/bsd/openssh

2015-01-16 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Jan 16 20:17:49 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh: Makefile.inc
src/crypto/external/bsd/openssh/dist: misc.h namespace.h
src/crypto/external/bsd/openssh/lib: Makefile
Removed Files:
src/crypto/external/bsd/openssh/dist: strtonum.c

Log Message:
kill another copy of strtonum.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/Makefile.inc
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/misc.h
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/namespace.h
cvs rdiff -u -r1.2 -r0 src/crypto/external/bsd/openssh/dist/strtonum.c
cvs rdiff -u -r1.15 -r1.16 src/crypto/external/bsd/openssh/lib/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/Makefile.inc
diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.6 src/crypto/external/bsd/openssh/Makefile.inc:1.7
--- src/crypto/external/bsd/openssh/Makefile.inc:1.6	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/Makefile.inc	Fri Jan 16 15:17:49 2015
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.inc,v 1.6 2014/10/19 16:30:58 christos Exp $
+#	$NetBSD: Makefile.inc,v 1.7 2015/01/16 20:17:49 christos Exp $
 
 WARNS?=	4
 
@@ -10,7 +10,7 @@ WITH_OPENSSL=1
 SSHDIST?= ${NETBSDSRCDIR}/crypto/external/bsd/openssh/dist
 
 CPPFLAGS+=-I${SSHDIST} -DHAVE_LOGIN_CAP -DHAVE_MMAP -DHAVE_OPENPTY
-CPPFLAGS+=-DWITH_SSH1 -DWITH_OPENSSL -DENABLE_PKCS11
+CPPFLAGS+=-DWITH_SSH1 -DWITH_OPENSSL -DENABLE_PKCS11 -D_OPENBSD_SOURCE
 .if !defined(NOPIC)
 CPPFLAGS+=-DHAVE_DLOPEN
 .endif

Index: src/crypto/external/bsd/openssh/dist/misc.h
diff -u src/crypto/external/bsd/openssh/dist/misc.h:1.7 src/crypto/external/bsd/openssh/dist/misc.h:1.8
--- src/crypto/external/bsd/openssh/dist/misc.h:1.7	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/misc.h	Fri Jan 16 15:17:49 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: misc.h,v 1.7 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: misc.h,v 1.8 2015/01/16 20:17:49 christos Exp $	*/
 /* $OpenBSD: misc.h,v 1.54 2014/07/15 15:54:14 millert Exp $ */
 
 /*
@@ -66,7 +66,6 @@ int	 unix_listener(const char *, int, in
 
 int	bcrypt_pbkdf(const char *, size_t, const u_int8_t *, size_t,
 u_int8_t *, size_t, unsigned int);
-long long strtonum(const char *, long long, long long, const char **);
 
 struct passwd *pwcopy(struct passwd *);
 const char *ssh_gai_strerror(int);

Index: src/crypto/external/bsd/openssh/dist/namespace.h
diff -u src/crypto/external/bsd/openssh/dist/namespace.h:1.3 src/crypto/external/bsd/openssh/dist/namespace.h:1.4
--- src/crypto/external/bsd/openssh/dist/namespace.h:1.3	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/namespace.h	Fri Jan 16 15:17:49 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: namespace.h,v 1.3 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: namespace.h,v 1.4 2015/01/16 20:17:49 christos Exp $	*/
 #ifndef _SSH_NAMESPACE_H_
 #define _SSH_NAMESPACE_H_
 #define addargs		ssh_addargs
@@ -22,7 +22,6 @@
 #define pwcopy		ssh_pwcopy
 #define replacearg	ssh_replacearg
 #define strdelim	ssh_strdelim
-#define strtonum	ssh_strtonum
 #define tohex		ssh_tohex
 #define uudecode	ssh_uudecode
 #define uuencode	ssh_uuencode

Index: src/crypto/external/bsd/openssh/lib/Makefile
diff -u src/crypto/external/bsd/openssh/lib/Makefile:1.15 src/crypto/external/bsd/openssh/lib/Makefile:1.16
--- src/crypto/external/bsd/openssh/lib/Makefile:1.15	Sun Oct 19 23:05:13 2014
+++ src/crypto/external/bsd/openssh/lib/Makefile	Fri Jan 16 15:17:49 2015
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.15 2014/10/20 03:05:13 christos Exp $
+#	$NetBSD: Makefile,v 1.16 2015/01/16 20:17:49 christos Exp $
 
 .include 
 
@@ -88,8 +88,7 @@ ssh-dss.c \
 ssh-ecdsa.c \
 ssh-rsa.c
 
-#	umac.c
-SRCS+=	fmt_scaled.c strtonum.c
+SRCS+=	fmt_scaled.c
 SRCS+=	readpassphrase.c getpeereid.c getrrsetbyname.c
 COPTS.monitor_fdpass.c = -Wno-stack-protector

CVS commit: src/crypto/external/bsd/openssh/dist

2014-10-28 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Tue Oct 28 21:36:30 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: umac.c

Log Message:
xor32 may be unused, mark it so.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/umac.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/umac.c
diff -u src/crypto/external/bsd/openssh/dist/umac.c:1.7 src/crypto/external/bsd/openssh/dist/umac.c:1.8
--- src/crypto/external/bsd/openssh/dist/umac.c:1.7	Mon Oct 20 10:31:32 2014
+++ src/crypto/external/bsd/openssh/dist/umac.c	Tue Oct 28 21:36:30 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: umac.c,v 1.7 2014/10/20 10:31:32 martin Exp $	*/
+/*	$NetBSD: umac.c,v 1.8 2014/10/28 21:36:30 joerg Exp $	*/
 /* $OpenBSD: umac.c,v 1.11 2014/07/22 07:13:42 guenther Exp $ */
 /* ---
  * 
@@ -67,7 +67,7 @@
 /* -- */
 
 #include "includes.h"
-__RCSID("$NetBSD: umac.c,v 1.7 2014/10/20 10:31:32 martin Exp $");
+__RCSID("$NetBSD: umac.c,v 1.8 2014/10/28 21:36:30 joerg Exp $");
 #include 
 #include 
 #include 
@@ -239,7 +239,7 @@ xor64(uint8_t *dp, int di, uint8_t *sp, 
 memcpy(dp + sizeof(dst) * di, &dst, sizeof(dst));
 }
 
-static inline void
+__unused static inline void
 xor32(uint8_t *dp, int di, uint8_t *sp, int si)
 {
 uint32_t dst, src;

CVS commit: src/crypto/external/bsd/openssh/dist

2014-10-28 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Tue Oct 28 21:36:16 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: sshd.c

Log Message:
sighup_handler is not dead.


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/sshd.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshd.c
diff -u src/crypto/external/bsd/openssh/dist/sshd.c:1.14 src/crypto/external/bsd/openssh/dist/sshd.c:1.15
--- src/crypto/external/bsd/openssh/dist/sshd.c:1.14	Sun Oct 19 16:30:59 2014
+++ src/crypto/external/bsd/openssh/dist/sshd.c	Tue Oct 28 21:36:16 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshd.c,v 1.14 2014/10/19 16:30:59 christos Exp $	*/
+/*	$NetBSD: sshd.c,v 1.15 2014/10/28 21:36:16 joerg Exp $	*/
 /* $OpenBSD: sshd.c,v 1.428 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -44,7 +44,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshd.c,v 1.14 2014/10/19 16:30:59 christos Exp $");
+__RCSID("$NetBSD: sshd.c,v 1.15 2014/10/28 21:36:16 joerg Exp $");
 #include 
 #include 
 #include 
@@ -287,7 +287,7 @@ close_startup_pipes(void)
  */
 
 /*ARGSUSED*/
-__dead static void
+static void
 sighup_handler(int sig)
 {
 	int save_errno = errno;

CVS commit: src/crypto/external/bsd/openssh/dist

2014-10-28 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Tue Oct 28 21:35:57 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: sshbuf.h

Log Message:
Mark sshbuf_putfv as __printflike.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/sshbuf.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshbuf.h
diff -u src/crypto/external/bsd/openssh/dist/sshbuf.h:1.2 src/crypto/external/bsd/openssh/dist/sshbuf.h:1.3
--- src/crypto/external/bsd/openssh/dist/sshbuf.h:1.2	Sun Oct 19 16:30:59 2014
+++ src/crypto/external/bsd/openssh/dist/sshbuf.h	Tue Oct 28 21:35:56 2014
@@ -161,7 +161,8 @@ int	sshbuf_putb(struct sshbuf *buf, cons
 /* Append using a printf(3) format */
 int	sshbuf_putf(struct sshbuf *buf, const char *fmt, ...)
 	__attribute__((format(printf, 2, 3)));
-int	sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap);
+int	sshbuf_putfv(struct sshbuf *buf, const char *fmt, va_list ap)
+	__printflike(2, 0);
 
 /* Functions to extract or store big-endian words of various sizes */
 int	sshbuf_get_u64(struct sshbuf *buf, u_int64_t *valp);

CVS commit: src/crypto/external/bsd/openssh/dist

2014-10-20 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Oct 20 18:14:37 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: myproposal.h sshconnect2.c

Log Message:
re-enable the none cipher, now that it has been tested.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/myproposal.h
cvs rdiff -u -r1.17 -r1.18 src/crypto/external/bsd/openssh/dist/sshconnect2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/myproposal.h
diff -u src/crypto/external/bsd/openssh/dist/myproposal.h:1.8 src/crypto/external/bsd/openssh/dist/myproposal.h:1.9
--- src/crypto/external/bsd/openssh/dist/myproposal.h:1.8	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/myproposal.h	Mon Oct 20 14:14:37 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: myproposal.h,v 1.8 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: myproposal.h,v 1.9 2014/10/20 18:14:37 christos Exp $	*/
 /* $OpenBSD: myproposal.h,v 1.41 2014/07/11 13:54:34 tedu Exp $ */
 
 /*
@@ -64,8 +64,6 @@
 	"arcfour256,arcfour128," \
 	"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
 	"aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se"
-#define KEX_CLIENT_ENCRYPT_INCLUDE_NONE KEX_CLIENT_ENCRYPT \
-	",none"
 
 #define	KEX_SERVER_MAC \
 	"umac-64-...@openssh.com," \
@@ -118,14 +116,19 @@
 
 #endif /* WITH_OPENSSL */
 
+#define KEX_CLIENT_ENCRYPT_INCLUDE_NONE KEX_CLIENT_ENCRYPT \
+	",none"
+#define KEX_SERVER_ENCRYPT_INCLUDE_NONE KEX_SERVER_ENCRYPT \
+	",none"
+
 #define	KEX_DEFAULT_COMP	"none,z...@openssh.com,zlib"
 #define	KEX_DEFAULT_LANG	""
 
 #define KEX_CLIENT \
 	KEX_CLIENT_KEX, \
 	KEX_DEFAULT_PK_ALG, \
-	KEX_CLIENT_ENCRYPT, \
-	KEX_CLIENT_ENCRYPT, \
+	KEX_CLIENT_ENCRYPT_INCLUDE_NONE, \
+	KEX_CLIENT_ENCRYPT_INCLUDE_NONE, \
 	KEX_CLIENT_MAC, \
 	KEX_CLIENT_MAC, \
 	KEX_DEFAULT_COMP, \
@@ -136,8 +139,8 @@
 #define KEX_SERVER \
 	KEX_SERVER_KEX, \
 	KEX_DEFAULT_PK_ALG, \
-	KEX_SERVER_ENCRYPT, \
-	KEX_SERVER_ENCRYPT, \
+	KEX_SERVER_ENCRYPT_INCLUDE_NONE, \
+	KEX_SERVER_ENCRYPT_INCLUDE_NONE, \
 	KEX_SERVER_MAC, \
 	KEX_SERVER_MAC, \
 	KEX_DEFAULT_COMP, \

Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.17 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.18
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.17	Sun Oct 19 23:05:13 2014
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c	Mon Oct 20 14:14:37 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $	*/
+/*	$NetBSD: sshconnect2.c,v 1.18 2014/10/20 18:14:37 christos Exp $	*/
 /* $OpenBSD: sshconnect2.c,v 1.210 2014/07/15 15:54:14 millert Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.17 2014/10/20 03:05:13 christos Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.18 2014/10/20 18:14:37 christos Exp $");
 #include 
 #include 
 #include 
@@ -435,9 +435,9 @@ ssh_userauth2(const char *local_user, co
 	/* tty allocated */
 	if ((options.none_switch == 1) && (options.none_enabled == 1)) 
 	{
-#ifdef notyet
 		if (!tty_flag) /* no null on tty sessions */
 		{
+			const char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
 			debug("Requesting none rekeying...");
 			myproposal[PROPOSAL_ENC_ALGS_STOC] = "none";
 			myproposal[PROPOSAL_ENC_ALGS_CTOS] = "none";
@@ -451,7 +451,6 @@ ssh_userauth2(const char *local_user, co
 			debug("Cannot switch to NONE cipher with tty allocated");
 			fprintf(stderr, "NONE cipher switch disabled when a TTY is allocated\n");
 		}
-#endif
 	}
 	debug("Authentication succeeded (%s).", authctxt.method->name);
 }

CVS commit: src/crypto/external/bsd/openssh/dist

2014-10-20 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Mon Oct 20 10:31:32 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: umac.c

Log Message:
Try to make this buildable on big endian machines.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/umac.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/umac.c
diff -u src/crypto/external/bsd/openssh/dist/umac.c:1.6 src/crypto/external/bsd/openssh/dist/umac.c:1.7
--- src/crypto/external/bsd/openssh/dist/umac.c:1.6	Mon Oct 20 03:05:13 2014
+++ src/crypto/external/bsd/openssh/dist/umac.c	Mon Oct 20 10:31:32 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: umac.c,v 1.6 2014/10/20 03:05:13 christos Exp $	*/
+/*	$NetBSD: umac.c,v 1.7 2014/10/20 10:31:32 martin Exp $	*/
 /* $OpenBSD: umac.c,v 1.11 2014/07/22 07:13:42 guenther Exp $ */
 /* ---
  * 
@@ -67,7 +67,7 @@
 /* -- */
 
 #include "includes.h"
-__RCSID("$NetBSD: umac.c,v 1.6 2014/10/20 03:05:13 christos Exp $");
+__RCSID("$NetBSD: umac.c,v 1.7 2014/10/20 10:31:32 martin Exp $");
 #include 
 #include 
 #include 
@@ -565,6 +565,7 @@ static void nh_transform(nh_ctx *hc, con
 
 /* -- */
 
+#if (__LITTLE_ENDIAN__)
 static void endian_convert(void *buf, UWORD bpw, UINT32 num_bytes)
 /* We endian convert the keys on little-endian computers to   */
 /* compensate for the lack of big-endian memory reads during hashing. */
@@ -587,7 +588,6 @@ static void endian_convert(void *buf, UW
 } while (--iters);
 }
 }
-#if (__LITTLE_ENDIAN__)
 #define endian_convert_if_le(x,y,z) endian_convert((x),(y),(z))
 #else
 #define endian_convert_if_le(x,y,z) do{}while(0)  /* Do nothing */

CVS commit: src/crypto/external/bsd/openssh

2014-10-19 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Oct 20 03:05:13 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: auth.h compat.c mac.c
monitor_wrap.c monitor_wrap.h packet.c sshconnect2.c umac.c
src/crypto/external/bsd/openssh/lib: Makefile
Added Files:
src/crypto/external/bsd/openssh/dist: umac128.c

Log Message:
- remove some more jpake remnants.
- try to fix umac; probably still broken on hosts that require strict
  alignment, but it is still a start.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/auth.h
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/compat.c
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/mac.c \
src/crypto/external/bsd/openssh/dist/monitor_wrap.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/monitor_wrap.h
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/packet.c
cvs rdiff -u -r1.16 -r1.17 src/crypto/external/bsd/openssh/dist/sshconnect2.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/umac.c
cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/openssh/dist/umac128.c
cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/lib/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth.h
diff -u src/crypto/external/bsd/openssh/dist/auth.h:1.8 src/crypto/external/bsd/openssh/dist/auth.h:1.9
--- src/crypto/external/bsd/openssh/dist/auth.h:1.8	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/auth.h	Sun Oct 19 23:05:13 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth.h,v 1.8 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: auth.h,v 1.9 2014/10/20 03:05:13 christos Exp $	*/
 /* $OpenBSD: auth.h,v 1.78 2014/07/03 11:16:55 djm Exp $ */
 
 /*
@@ -62,7 +62,6 @@ struct Authctxt {
 	char		*style;
 	void		*kbdintctxt;
 	char		*info;		/* Extra info for next auth_log */
-	void		*jpake_ctx;
 #ifdef BSD_AUTH
 	auth_session_t	*as;
 #endif

Index: src/crypto/external/bsd/openssh/dist/compat.c
diff -u src/crypto/external/bsd/openssh/dist/compat.c:1.7 src/crypto/external/bsd/openssh/dist/compat.c:1.8
--- src/crypto/external/bsd/openssh/dist/compat.c:1.7	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/compat.c	Sun Oct 19 23:05:13 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: compat.c,v 1.7 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: compat.c,v 1.8 2014/10/20 03:05:13 christos Exp $	*/
 /* $OpenBSD: compat.c,v 1.85 2014/04/20 02:49:32 djm Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: compat.c,v 1.7 2014/10/19 16:30:58 christos Exp $");
+__RCSID("$NetBSD: compat.c,v 1.8 2014/10/20 03:05:13 christos Exp $");
 #include 
 
 #include 
@@ -179,6 +179,7 @@ compat_datafellows(const char *version)
 		if (match_pattern_list(version, check[i].pat,
 		strlen(check[i].pat), 0) == 1) {
 			datafellows = check[i].bugs;
+			/* Check to see if the remote side is OpenSSH and not HPN */
 			if(strstr(version,"OpenSSH") != NULL)
 			{
 if (strstr(version,"hpn") == NULL)

Index: src/crypto/external/bsd/openssh/dist/mac.c
diff -u src/crypto/external/bsd/openssh/dist/mac.c:1.9 src/crypto/external/bsd/openssh/dist/mac.c:1.10
--- src/crypto/external/bsd/openssh/dist/mac.c:1.9	Sun Oct 19 12:30:58 2014
+++ src/crypto/external/bsd/openssh/dist/mac.c	Sun Oct 19 23:05:13 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: mac.c,v 1.9 2014/10/19 16:30:58 christos Exp $	*/
+/*	$NetBSD: mac.c,v 1.10 2014/10/20 03:05:13 christos Exp $	*/
 /* $OpenBSD: mac.c,v 1.30 2014/04/30 19:07:48 naddy Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: mac.c,v 1.9 2014/10/19 16:30:58 christos Exp $");
+__RCSID("$NetBSD: mac.c,v 1.10 2014/10/20 03:05:13 christos Exp $");
 #include 
 
 #include 
@@ -153,14 +153,12 @@ mac_init(Mac *mac)
 		ssh_hmac_init(mac->hmac_ctx, mac->key, mac->key_len) < 0)
 			return -1;
 		return 0;
-#ifdef UMAC_HAS_BEEN_UNBROKEN
 	case SSH_UMAC:
 		mac->umac_ctx = umac_new(mac->key);
 		return 0;
 	case SSH_UMAC128:
 		mac->umac_ctx = umac128_new(mac->key);
 		return 0;
-#endif
 	default:
 		return -1;
 	}
@@ -174,9 +172,7 @@ mac_compute(Mac *mac, u_int32_t seqno, u
 		u_int64_t for_align;
 	} u;
 	u_char b[4];
-#ifdef UMAC_HAS_BEEN_UNBROKEN
 	u_char nonce[8];
-#endif
 
 	if (mac->mac_len > sizeof(u))
 		fatal("mac_compute: mac too long %u %zu",
@@ -192,7 +188,6 @@ mac_compute(Mac *mac, u_int32_t seqno, u
 		ssh_hmac_final(mac->hmac_ctx, u.m, sizeof(u.m)) < 0)
 			fatal("ssh_hmac failed");
 		break;
-#ifdef UMAC_HAS_BEEN_UNBROKEN
 	case SSH_UMAC:
 		put_u64(nonce, seqno);
 		umac_update(mac->umac_ctx, data, datalen);
@@ -203,7 +198,6 @@ mac_compute(Mac *mac, u_int32_t seqno, u
 		umac128_update(

CVS commit: src/crypto/external/bsd/openssh/dist

2014-10-19 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Oct 19 16:31:47 UTC 2014

Added Files:
src/crypto/external/bsd/openssh/dist: bcrypt_pbkdf.c blf.h blowfish.c

Log Message:
add new files


To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 src/crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c \
src/crypto/external/bsd/openssh/dist/blf.h \
src/crypto/external/bsd/openssh/dist/blowfish.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Added files:

Index: src/crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c
diff -u /dev/null src/crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c:1.1
--- /dev/null	Sun Oct 19 12:31:47 2014
+++ src/crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c	Sun Oct 19 12:31:47 2014
@@ -0,0 +1,174 @@
+/* $OpenBSD: bcrypt_pbkdf.c,v 1.4 2013/07/29 00:55:53 tedu Exp $ */
+/*
+ * Copyright (c) 2013 Ted Unangst 
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include "includes.h"
+__RCSID("$NetBSD: bcrypt_pbkdf.c,v 1.1 2014/10/19 16:31:47 christos Exp $");
+
+#ifndef HAVE_BCRYPT_PBKDF
+
+#include 
+#include 
+
+#ifdef HAVE_STDLIB_H
+# include 
+#endif
+#include 
+
+#ifdef HAVE_BLF_H
+# include 
+#endif
+
+#include "crypto_api.h"
+#include 
+#include 
+#include "misc.h"
+#define SHA512_DIGEST_LENGTH crypto_hash_sha512_BYTES
+
+/*
+ * pkcs #5 pbkdf2 implementation using the "bcrypt" hash
+ *
+ * The bcrypt hash function is derived from the bcrypt password hashing
+ * function with the following modifications:
+ * 1. The input password and salt are preprocessed with SHA512.
+ * 2. The output length is expanded to 256 bits.
+ * 3. Subsequently the magic string to be encrypted is lengthened and modifed
+ *to "OxychromaticBlowfishSwatDynamite"
+ * 4. The hash function is defined to perform 64 rounds of initial state
+ *expansion. (More rounds are performed by iterating the hash.)
+ *
+ * Note that this implementation pulls the SHA512 operations into the caller
+ * as a performance optimization.
+ *
+ * One modification from official pbkdf2. Instead of outputting key material
+ * linearly, we mix it. pbkdf2 has a known weakness where if one uses it to
+ * generate (i.e.) 512 bits of key material for use as two 256 bit keys, an
+ * attacker can merely run once through the outer loop below, but the user
+ * always runs it twice. Shuffling output bytes requires computing the
+ * entirety of the key material to assemble any subkey. This is something a
+ * wise caller could do; we just do it for you.
+ */
+
+#define BCRYPT_BLOCKS 8
+#define BCRYPT_HASHSIZE (BCRYPT_BLOCKS * 4)
+
+static void
+bcrypt_hash(u_int8_t *sha2pass, u_int8_t *sha2salt, u_int8_t *out)
+{
+	blf_ctx state;
+	u_int8_t ciphertext[BCRYPT_HASHSIZE] =
+	"OxychromaticBlowfishSwatDynamite";
+	uint32_t cdata[BCRYPT_BLOCKS];
+	int i;
+	uint16_t j;
+	size_t shalen = SHA512_DIGEST_LENGTH;
+
+	/* key expansion */
+	Blowfish_initstate(&state);
+	Blowfish_expandstate(&state, sha2salt, shalen, sha2pass, shalen);
+	for (i = 0; i < 64; i++) {
+		Blowfish_expand0state(&state, sha2salt, shalen);
+		Blowfish_expand0state(&state, sha2pass, shalen);
+	}
+
+	/* encryption */
+	j = 0;
+	for (i = 0; i < BCRYPT_BLOCKS; i++)
+		cdata[i] = Blowfish_stream2word(ciphertext, sizeof(ciphertext),
+		&j);
+	for (i = 0; i < 64; i++)
+		blf_enc(&state, cdata, sizeof(cdata) / sizeof(uint64_t));
+
+	/* copy out */
+	for (i = 0; i < BCRYPT_BLOCKS; i++) {
+		out[4 * i + 3] = (cdata[i] >> 24) & 0xff;
+		out[4 * i + 2] = (cdata[i] >> 16) & 0xff;
+		out[4 * i + 1] = (cdata[i] >> 8) & 0xff;
+		out[4 * i + 0] = cdata[i] & 0xff;
+	}
+
+	/* zap */
+	memset(ciphertext, 0, sizeof(ciphertext));
+	memset(cdata, 0, sizeof(cdata));
+	memset(&state, 0, sizeof(state));
+}
+
+int
+bcrypt_pbkdf(const char *pass, size_t passlen, const u_int8_t *salt, size_t saltlen,
+u_int8_t *key, size_t keylen, unsigned int rounds)
+{
+	u_int8_t sha2pass[SHA512_DIGEST_LENGTH];
+	u_int8_t sha2salt[SHA512_DIGEST_LENGTH];
+	u_int8_t out[BCRYPT_HASHSIZE];
+	u_int8_t tmpout[BCRYPT_HASHSIZE];
+	u_int8_t *countsalt;
+	size_t i, j, amt, stride;
+	uint32_t count;
+
+	/* nothing crazy */
+	if (rounds < 1)
+		return -1;
+	if (passlen == 0 || saltlen == 0 || keylen == 0 ||
+	keylen > sizeof(out) * sizeof(out) ||

CVS commit: src/crypto/external/bsd/openssh/dist

2014-10-14 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Oct 14 16:15:18 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: auth.c

Log Message:
for consistency use options.use_dns when getting the canonical hostname.
[we do the same below for hosts.allow and deny] reported by rudolf.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/auth.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth.c
diff -u src/crypto/external/bsd/openssh/dist/auth.c:1.8 src/crypto/external/bsd/openssh/dist/auth.c:1.9
--- src/crypto/external/bsd/openssh/dist/auth.c:1.8	Fri Nov  8 14:18:24 2013
+++ src/crypto/external/bsd/openssh/dist/auth.c	Tue Oct 14 12:15:18 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth.c,v 1.8 2013/11/08 19:18:24 christos Exp $	*/
+/*	$NetBSD: auth.c,v 1.9 2014/10/14 16:15:18 christos Exp $	*/
 /* $OpenBSD: auth.c,v 1.103 2013/05/19 02:42:42 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth.c,v 1.8 2013/11/08 19:18:24 christos Exp $");
+__RCSID("$NetBSD: auth.c,v 1.9 2014/10/14 16:15:18 christos Exp $");
 #include 
 #include 
 #include 
@@ -101,7 +101,7 @@ allowed_user(struct passwd * pw)
 		return 0;
 
 #ifdef HAVE_LOGIN_CAP
-	hostname = get_canonical_hostname(1);
+	hostname = get_canonical_hostname(options.use_dns);
 	ipaddr = get_remote_ipaddr();
 
 	lc = login_getclass(pw->pw_class);

CVS commit: src/crypto/external/bsd/openssh/dist

2014-02-20 Thread Andreas Gustafsson

Module Name:src
Committed By:   gson
Date:   Thu Feb 20 08:20:05 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh.c

Log Message:
Don't print an empty line after the debug message "Enabled Dynamic
Window Scaling".


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/ssh.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh.c
diff -u src/crypto/external/bsd/openssh/dist/ssh.c:1.13 src/crypto/external/bsd/openssh/dist/ssh.c:1.14
--- src/crypto/external/bsd/openssh/dist/ssh.c:1.13	Fri Nov  8 19:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/ssh.c	Thu Feb 20 08:20:05 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh.c,v 1.13 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: ssh.c,v 1.14 2014/02/20 08:20:05 gson Exp $	*/
 /* $OpenBSD: ssh.c,v 1.381 2013/07/25 00:29:10 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh.c,v 1.13 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: ssh.c,v 1.14 2014/02/20 08:20:05 gson Exp $");
 #include 
 #include 
 #include 
@@ -1456,7 +1456,7 @@ ssh_session2_open(void)
 
 	if ((options.tcp_rcv_buf_poll > 0) && (!options.hpn_disabled)) {
 		c->dynamic_window = 1;
-		debug ("Enabled Dynamic Window Scaling\n");
+		debug ("Enabled Dynamic Window Scaling");
 	}
 	debug3("ssh_session2_open: channel_new: %d", c->self);

CVS commit: src/crypto/external/bsd/openssh/dist

2014-01-28 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Tue Jan 28 22:06:39 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: servconf.c

Log Message:
Mark a potentially unused variable (depending on #ifdef)


To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/crypto/external/bsd/openssh/dist/servconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/servconf.c
diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.14 src/crypto/external/bsd/openssh/dist/servconf.c:1.15
--- src/crypto/external/bsd/openssh/dist/servconf.c:1.14	Sun Dec 15 10:42:52 2013
+++ src/crypto/external/bsd/openssh/dist/servconf.c	Tue Jan 28 22:06:39 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: servconf.c,v 1.14 2013/12/15 10:42:52 spz Exp $	*/
+/*	$NetBSD: servconf.c,v 1.15 2014/01/28 22:06:39 martin Exp $	*/
 /* $OpenBSD: servconf.c,v 1.240 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: servconf.c,v 1.14 2013/12/15 10:42:52 spz Exp $");
+__RCSID("$NetBSD: servconf.c,v 1.15 2014/01/28 22:06:39 martin Exp $");
 #include 
 #include 
 #include 
@@ -959,7 +959,7 @@ process_server_config_line(ServerOptions
 #ifdef WITH_LDAP_PUBKEY
  	unsigned long lvalue;
 #endif
-	time_t *timetptr;
+	time_t *timetptr __unused;
 	ServerOpCodes opcode;
 	u_int i, flags = 0;
 	size_t len;

CVS commit: src/crypto/external/bsd/openssh/dist

2014-01-06 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Tue Jan  7 02:13:39 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist: log.h

Log Message:
Format string checks for do_log.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/log.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/log.h
diff -u src/crypto/external/bsd/openssh/dist/log.h:1.6 src/crypto/external/bsd/openssh/dist/log.h:1.7
--- src/crypto/external/bsd/openssh/dist/log.h:1.6	Fri Nov  8 19:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/log.h	Tue Jan  7 02:13:39 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: log.h,v 1.6 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: log.h,v 1.7 2014/01/07 02:13:39 joerg Exp $	*/
 /* $OpenBSD: log.h,v 1.20 2013/04/07 02:10:33 dtucker Exp $ */
 
 /*
@@ -71,6 +71,7 @@ void debug3(const char *, ...) __att
 void	 set_log_handler(log_handler_fn *, void *);
 void	 do_log2(LogLevel, const char *, ...)
 __attribute__((format(printf, 2, 3)));
-void	 do_log(LogLevel, const char *, va_list);
+void	 do_log(LogLevel, const char *, va_list)
+__attribute__((format(printf, 2, 0)));
 void	 cleanup_exit(int) __attribute__((noreturn));
 #endif

CVS commit: src/crypto/external/bsd/openssh/dist

2013-12-15 Thread S.P.Zeidler

Module Name:src
Committed By:   spz
Date:   Sun Dec 15 10:42:52 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: servconf.c

Log Message:
Coverity issues 996120 and 996121, Use after free

Use the M_CP_STROPT definition exclusive to servconf.c twice and
you have freed your original string.

servconf.h won copying authorized_keys_command and
authorized_keys_command_user in COPY_MATCH_STRING_OPTS in 1.107,
but servconf.c didn't drop its own, so it walks into this trap.
Remove the duplicate copies, and disarm the trap.

Note this is on a code path where authorized_keys_command and
authorized_keys_command_user don't actually get used except
for a debug dump of the config, and dump_cfg_string protects
itself against trying to print NULL pointers, so all
you get is sshd -T -C ... giving wrong results, which is rather
insignificant as far as security issues go.


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/servconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/servconf.c
diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.13 src/crypto/external/bsd/openssh/dist/servconf.c:1.14
--- src/crypto/external/bsd/openssh/dist/servconf.c:1.13	Fri Nov  8 19:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/servconf.c	Sun Dec 15 10:42:52 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: servconf.c,v 1.13 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: servconf.c,v 1.14 2013/12/15 10:42:52 spz Exp $	*/
 /* $OpenBSD: servconf.c,v 1.240 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: servconf.c,v 1.13 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: servconf.c,v 1.14 2013/12/15 10:42:52 spz Exp $");
 #include 
 #include 
 #include 
@@ -2012,7 +2012,7 @@ int server_match_spec_complete(struct co
 		dst->n = src->n; \
 } while (0)
 #define M_CP_STROPT(n) do {\
-	if (src->n != NULL) { \
+	if (src->n != NULL && dst->n != src->n) { \
 		free(dst->n); \
 		dst->n = src->n; \
 	} \
@@ -2043,8 +2043,6 @@ copy_set_server_options(ServerOptions *d
 	M_CP_INTOPT(hostbased_uses_name_from_packet_only);
 	M_CP_INTOPT(kbd_interactive_authentication);
 	M_CP_INTOPT(zero_knowledge_password_authentication);
-	M_CP_STROPT(authorized_keys_command);
-	M_CP_STROPT(authorized_keys_command_user);
 	M_CP_INTOPT(permit_root_login);
 	M_CP_INTOPT(permit_empty_passwd);

CVS commit: src/crypto/external/bsd/openssh/dist

2013-12-03 Thread S.P.Zeidler

Module Name:src
Committed By:   spz
Date:   Tue Dec  3 17:14:35 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: monitor.c

Log Message:
Coverity fix:
979928 Use after free
debug3 line moved to before one of its arguments is freed


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/monitor.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/monitor.c
diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.11 src/crypto/external/bsd/openssh/dist/monitor.c:1.12
--- src/crypto/external/bsd/openssh/dist/monitor.c:1.11	Fri Nov  8 19:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/monitor.c	Tue Dec  3 17:14:35 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: monitor.c,v 1.11 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: monitor.c,v 1.12 2013/12/03 17:14:35 spz Exp $	*/
 /* $OpenBSD: monitor.c,v 1.127 2013/07/19 07:37:48 markus Exp $ */
 /*
  * Copyright 2002 Niels Provos 
@@ -27,7 +27,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: monitor.c,v 1.11 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: monitor.c,v 1.12 2013/12/03 17:14:35 spz Exp $");
 #include 
 #include 
 #include 
@@ -1181,6 +1181,9 @@ mm_answer_keyallowed(int sock, Buffer *m
 			break;
 		}
 	}
+	debug3("%s: key %p is %s",
+	__func__, key, allowed ? "allowed" : "not allowed");
+
 	if (key != NULL)
 		key_free(key);
 
@@ -1202,9 +1205,6 @@ mm_answer_keyallowed(int sock, Buffer *m
 		free(chost);
 	}
 
-	debug3("%s: key %p is %s",
-	__func__, key, allowed ? "allowed" : "not allowed");
-
 	buffer_clear(m);
 	buffer_put_int(m, allowed);
 	buffer_put_int(m, forced_command != NULL);

CVS commit: src/crypto/external/bsd/openssh/dist

2013-11-19 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Nov 19 16:58:16 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: sftp-client.c

Log Message:
CID 1129615: close argument can't be negative


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/sftp-client.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp-client.c
diff -u src/crypto/external/bsd/openssh/dist/sftp-client.c:1.10 src/crypto/external/bsd/openssh/dist/sftp-client.c:1.11
--- src/crypto/external/bsd/openssh/dist/sftp-client.c:1.10	Mon Nov 11 11:46:20 2013
+++ src/crypto/external/bsd/openssh/dist/sftp-client.c	Tue Nov 19 11:58:16 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp-client.c,v 1.10 2013/11/11 16:46:20 christos Exp $	*/
+/*	$NetBSD: sftp-client.c,v 1.11 2013/11/19 16:58:16 christos Exp $	*/
 /* $OpenBSD: sftp-client.c,v 1.101.2.1 2013/11/08 01:33:56 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -22,7 +22,7 @@
 /* XXX: copy between two remote sites */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp-client.c,v 1.10 2013/11/11 16:46:20 christos Exp $");
+__RCSID("$NetBSD: sftp-client.c,v 1.11 2013/11/19 16:58:16 christos Exp $");
 #include 
 #include 
 #include 
@@ -1069,7 +1069,8 @@ do_download(struct sftp_conn *conn, char
 			do_close(conn, handle, handle_len);
 			buffer_free(&msg);
 			free(handle);
-			close(local_fd);
+			if (local_fd != -1)
+close(local_fd);
 			return -1;
 		}
 		offset = highwater = st.st_size;

CVS commit: src/crypto/external/bsd/openssh/dist

2013-11-11 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Nov 11 16:46:21 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: sftp-client.c

Log Message:
CID 1128376: check ftruncate result


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/sftp-client.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp-client.c
diff -u src/crypto/external/bsd/openssh/dist/sftp-client.c:1.9 src/crypto/external/bsd/openssh/dist/sftp-client.c:1.10
--- src/crypto/external/bsd/openssh/dist/sftp-client.c:1.9	Mon Nov 11 11:43:26 2013
+++ src/crypto/external/bsd/openssh/dist/sftp-client.c	Mon Nov 11 11:46:20 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp-client.c,v 1.9 2013/11/11 16:43:26 christos Exp $	*/
+/*	$NetBSD: sftp-client.c,v 1.10 2013/11/11 16:46:20 christos Exp $	*/
 /* $OpenBSD: sftp-client.c,v 1.101.2.1 2013/11/08 01:33:56 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -22,7 +22,7 @@
 /* XXX: copy between two remote sites */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp-client.c,v 1.9 2013/11/11 16:43:26 christos Exp $");
+__RCSID("$NetBSD: sftp-client.c,v 1.10 2013/11/11 16:46:20 christos Exp $");
 #include 
 #include 
 #include 
@@ -1212,7 +1212,9 @@ do_download(struct sftp_conn *conn, char
 			"server reordered requests", local_path);
 		}
 		debug("truncating at %llu", (unsigned long long)highwater);
-		ftruncate(local_fd, highwater);
+		if (ftruncate(local_fd, highwater) == -1) {
+			error("Unable to truncate \"%s\"", local_path);
+		}
 	}
 	if (read_error) {
 		error("Couldn't read from remote file \"%s\" : %s",

CVS commit: src/crypto/external/bsd/openssh/dist

2013-11-11 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Nov 11 16:44:43 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: serverloop.c

Log Message:
CID 1092495: Widen operation to prevent overflow


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/serverloop.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/serverloop.c
diff -u src/crypto/external/bsd/openssh/dist/serverloop.c:1.7 src/crypto/external/bsd/openssh/dist/serverloop.c:1.8
--- src/crypto/external/bsd/openssh/dist/serverloop.c:1.7	Fri Nov  8 14:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/serverloop.c	Mon Nov 11 11:44:43 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: serverloop.c,v 1.7 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: serverloop.c,v 1.8 2013/11/11 16:44:43 christos Exp $	*/
 /* $OpenBSD: serverloop.c,v 1.168 2013/07/12 00:19:59 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -37,7 +37,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: serverloop.c,v 1.7 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: serverloop.c,v 1.8 2013/11/11 16:44:43 christos Exp $");
 #include 
 #include 
 #include 
@@ -313,7 +313,7 @@ wait_until_can_do_something(fd_set **rea
 	if (compat20 &&
 	max_time_milliseconds == 0 && options.client_alive_interval) {
 		client_alive_scheduled = 1;
-		max_time_milliseconds = options.client_alive_interval * 1000;
+		max_time_milliseconds = options.client_alive_interval * 1000ULL;
 	}
 
 	if (compat20) {

CVS commit: src/crypto/external/bsd/openssh/dist

2013-11-11 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Nov 11 16:43:26 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: sftp-client.c

Log Message:
CID 1092473: Fix file descriptor leak


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/sftp-client.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp-client.c
diff -u src/crypto/external/bsd/openssh/dist/sftp-client.c:1.8 src/crypto/external/bsd/openssh/dist/sftp-client.c:1.9
--- src/crypto/external/bsd/openssh/dist/sftp-client.c:1.8	Fri Nov  8 14:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/sftp-client.c	Mon Nov 11 11:43:26 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp-client.c,v 1.8 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: sftp-client.c,v 1.9 2013/11/11 16:43:26 christos Exp $	*/
 /* $OpenBSD: sftp-client.c,v 1.101.2.1 2013/11/08 01:33:56 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -22,7 +22,7 @@
 /* XXX: copy between two remote sites */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp-client.c,v 1.8 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: sftp-client.c,v 1.9 2013/11/11 16:43:26 christos Exp $");
 #include 
 #include 
 #include 
@@ -1069,6 +1069,7 @@ do_download(struct sftp_conn *conn, char
 			do_close(conn, handle, handle_len);
 			buffer_free(&msg);
 			free(handle);
+			close(local_fd);
 			return -1;
 		}
 		offset = highwater = st.st_size;

CVS commit: src/crypto/external/bsd/openssh/dist

2013-11-11 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Nov 11 16:32:10 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: key.c ssh-pkcs11-helper.c

Log Message:
CID-1128381: Avoid use after free


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/key.c
cvs rdiff -u -r1.5 -r1.6 \
src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/key.c
diff -u src/crypto/external/bsd/openssh/dist/key.c:1.13 src/crypto/external/bsd/openssh/dist/key.c:1.14
--- src/crypto/external/bsd/openssh/dist/key.c:1.13	Fri Nov  8 14:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/key.c	Mon Nov 11 11:32:10 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.13 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: key.c,v 1.14 2013/11/11 16:32:10 christos Exp $	*/
 /* $OpenBSD: key.c,v 1.104 2013/05/19 02:42:42 djm Exp $ */
 /*
  * read_bignum():
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: key.c,v 1.13 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: key.c,v 1.14 2013/11/11 16:32:10 christos Exp $");
 #include 
 #include 
 
@@ -1512,6 +1512,8 @@ to_blob(const Key *key, u_char **blobp, 
 	Buffer b;
 	int len, type;
 
+	if (blobp)
+		*blobp = NULL;
 	if (key == NULL) {
 		error("key_to_blob: key == NULL");
 		return 0;

Index: src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c:1.5 src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c:1.6
--- src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c:1.5	Fri Nov  8 14:18:25 2013
+++ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c	Mon Nov 11 11:32:10 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-pkcs11-helper.c,v 1.5 2013/11/08 19:18:25 christos Exp $	*/
+/*	$NetBSD: ssh-pkcs11-helper.c,v 1.6 2013/11/11 16:32:10 christos Exp $	*/
 /* $OpenBSD: ssh-pkcs11-helper.c,v 1.6 2013/05/17 00:13:14 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
@@ -16,7 +16,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 #include "includes.h"
-__RCSID("$NetBSD: ssh-pkcs11-helper.c,v 1.5 2013/11/08 19:18:25 christos Exp $");
+__RCSID("$NetBSD: ssh-pkcs11-helper.c,v 1.6 2013/11/11 16:32:10 christos Exp $");
 
 #include 
 #include 
@@ -124,7 +124,8 @@ process_add(void)
 		buffer_put_char(&msg, SSH2_AGENT_IDENTITIES_ANSWER);
 		buffer_put_int(&msg, nkeys);
 		for (i = 0; i < nkeys; i++) {
-			key_to_blob(keys[i], &blob, &blen);
+			if (key_to_blob(keys[i], &blob, &blen) == 0)
+continue;
 			buffer_put_string(&msg, blob, blen);
 			buffer_put_cstring(&msg, name);
 			free(blob);

CVS commit: src/crypto/external/bsd/openssh/dist

2013-10-19 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Oct 20 03:35:59 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: auth2-gss.c

Log Message:
remove unused variables


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/auth2-gss.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth2-gss.c
diff -u src/crypto/external/bsd/openssh/dist/auth2-gss.c:1.4 src/crypto/external/bsd/openssh/dist/auth2-gss.c:1.5
--- src/crypto/external/bsd/openssh/dist/auth2-gss.c:1.4	Fri Mar 29 12:19:44 2013
+++ src/crypto/external/bsd/openssh/dist/auth2-gss.c	Sat Oct 19 23:35:59 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth2-gss.c,v 1.4 2013/03/29 16:19:44 christos Exp $	*/
+/*	$NetBSD: auth2-gss.c,v 1.5 2013/10/20 03:35:59 christos Exp $	*/
 /* $OpenBSD: auth2-gss.c,v 1.18 2012/12/02 20:34:09 djm Exp $ */
 
 /*
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth2-gss.c,v 1.4 2013/03/29 16:19:44 christos Exp $");
+__RCSID("$NetBSD: auth2-gss.c,v 1.5 2013/10/20 03:35:59 christos Exp $");
 
 #ifdef GSSAPI
 
@@ -229,14 +229,11 @@ static void
 input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt)
 {
 	Authctxt *authctxt = ctxt;
-	Gssctxt *gssctxt;
 	int authenticated;
 
 	if (authctxt == NULL || (authctxt->methoddata == NULL && !use_privsep))
 		fatal("No authentication or GSSAPI context");
 
-	gssctxt = authctxt->methoddata;
-
 	/*
 	 * We don't need to check the status, because we're only enabled in
 	 * the dispatcher once the exchange is complete

CVS commit: src/crypto/external/bsd/openssh/dist

2013-10-19 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Oct 20 03:35:33 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: sshconnect2.c

Log Message:
- provide the right size to the zeroing memory function
- remove unused variables


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/crypto/external/bsd/openssh/dist/sshconnect2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.13 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.14
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.13	Mon Apr 29 13:59:50 2013
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c	Sat Oct 19 23:35:32 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshconnect2.c,v 1.13 2013/04/29 17:59:50 mlelstv Exp $	*/
+/*	$NetBSD: sshconnect2.c,v 1.14 2013/10/20 03:35:32 christos Exp $	*/
 /* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.13 2013/04/29 17:59:50 mlelstv Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.14 2013/10/20 03:35:32 christos Exp $");
 #include 
 #include 
 #include 
@@ -845,7 +845,7 @@ input_gssapi_errtok(int type, u_int32_t 
 	Gssctxt *gssctxt;
 	gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER;
 	gss_buffer_desc recv_tok;
-	OM_uint32 status, ms;
+	OM_uint32 ms;
 	u_int len;
 
 	if (authctxt == NULL)
@@ -858,7 +858,7 @@ input_gssapi_errtok(int type, u_int32_t 
 	packet_check_eom();
 
 	/* Stick it into GSSAPI and see what it says */
-	status = ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
+	(void)ssh_gssapi_init_ctx(gssctxt, options.gss_deleg_creds,
 	&recv_tok, &send_tok, NULL);
 
 	xfree(recv_tok.value);
@@ -871,12 +871,11 @@ input_gssapi_errtok(int type, u_int32_t 
 void
 input_gssapi_error(int type, u_int32_t plen, void *ctxt)
 {
-	OM_uint32 maj, min;
 	char *msg;
 	char *lang;
 
-	maj=packet_get_int();
-	min=packet_get_int();
+	(void)packet_get_int();	/* max */
+	(void)packet_get_int();	/* min */
 	msg=packet_get_string(NULL);
 	lang=packet_get_string(NULL);
 
@@ -1445,7 +1444,7 @@ pubkey_prepare(Authctxt *authctxt)
 		/* If IdentitiesOnly set and key not found then don't use it */
 		if (!found && options.identities_only) {
 			TAILQ_REMOVE(&files, id, next);
-			bzero(id, sizeof(id));
+			memset(id, 0, sizeof(*id));
 			free(id);
 		}
 	}

CVS commit: src/crypto/external/bsd/openssh/dist

2013-10-19 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Oct 20 03:34:58 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: auth1.c

Log Message:
fix wrong argument to sizeof.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/auth1.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth1.c
diff -u src/crypto/external/bsd/openssh/dist/auth1.c:1.6 src/crypto/external/bsd/openssh/dist/auth1.c:1.7
--- src/crypto/external/bsd/openssh/dist/auth1.c:1.6	Fri Mar 29 12:19:44 2013
+++ src/crypto/external/bsd/openssh/dist/auth1.c	Sat Oct 19 23:34:58 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth1.c,v 1.6 2013/03/29 16:19:44 christos Exp $	*/
+/*	$NetBSD: auth1.c,v 1.7 2013/10/20 03:34:58 christos Exp $	*/
 /* $OpenBSD: auth1.c,v 1.77 2012/12/02 20:34:09 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth1.c,v 1.6 2013/03/29 16:19:44 christos Exp $");
+__RCSID("$NetBSD: auth1.c,v 1.7 2013/10/20 03:34:58 christos Exp $");
 #include 
 #include 
 
@@ -162,7 +162,7 @@ auth1_process_kerberos(Authctxt *authctx
 
 		if (PRIVSEP(auth_krb4(authctxt, &tkt, &client_user, &reply))) {
 			authenticated = 1;
-			snprintf(info, sizeof(info), " tktuser %.100s",
+			snprintf(info, infolen, " tktuser %.100s",
 			client_user);
 
 			packet_start(SSH_SMSG_AUTH_KERBEROS_RESPONSE);
@@ -182,7 +182,7 @@ auth1_process_kerberos(Authctxt *authctx
 
 		if (PRIVSEP(auth_krb5(authctxt, &tkt, &client_user, &reply))) {
 			authenticated = 1;
-			snprintf(info, sizeof(info), " tktuser %.100s",
+			snprintf(info, infolen, " tktuser %.100s",
 			client_user);
 
 			/* Send response to client */

CVS commit: src/crypto/external/bsd/openssh/dist

2013-10-06 Thread Jean-Yves Migeon

Module Name:src
Committed By:   jym
Date:   Sun Oct  6 17:25:34 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh_config

Log Message:
Enable VerifyHostKeyDNS (SSHFP records verification) from DNS for hosts
under NetBSD.org domain.

Multiple TNF hosts have an up-to-date SSHFP record inside the DNS.
This offers a second channel verification for host key fingerprints
(weaker than known_hosts, but spoofing a host on first connect would
also require DNS forgery).

This can provide a trusted second channel (like DANE TLSA records) once
DNSSEC gets more widely used, but for now it is purely informational.

No regression expected, except that the ssh client will print a message
upon first connect to confirm/infirm that it got a correct SSHFP record
from DNS.

Only done for NetBSD.org domain, SSHFP are sadly more an exception than
the rule.

Notified on netbsd-users@, no objection after a week -- committed.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/ssh_config

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh_config
diff -u src/crypto/external/bsd/openssh/dist/ssh_config:1.4 src/crypto/external/bsd/openssh/dist/ssh_config:1.5
--- src/crypto/external/bsd/openssh/dist/ssh_config:1.4	Sun Nov 21 18:29:49 2010
+++ src/crypto/external/bsd/openssh/dist/ssh_config	Sun Oct  6 17:25:34 2013
@@ -1,4 +1,4 @@
-#	$NetBSD: ssh_config,v 1.4 2010/11/21 18:29:49 adam Exp $
+#	$NetBSD: ssh_config,v 1.5 2013/10/06 17:25:34 jym Exp $
 #	$OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $
 
 # This is the ssh client system-wide configuration file.  See
@@ -48,3 +48,7 @@
 #   ProxyCommand ssh -q -W %h:%p gateway.example.com
 # If you use xorg from pkgsrc then uncomment the following line.
 #   XAuthLocation /usr/pkg/bin/xauth
+
+# NetBSD.org DNS provides SSHFP records - use them when possible
+Host *.netbsd.org *.NetBSD.org
+VerifyHostKeyDNS ask

CVS commit: src/crypto/external/bsd/openssh/dist

2013-05-13 Thread Michael van Elst

Module Name:src
Committed By:   mlelstv
Date:   Tue May 14 05:18:11 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: readconf.c

Log Message:
The previous patch didn't apply cleanly, because our code doesn't
use #ifdef OPENSSL_HAS_ECC.
Apply manually.
Drop now unused len variable.


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/readconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readconf.c
diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.9 src/crypto/external/bsd/openssh/dist/readconf.c:1.10
--- src/crypto/external/bsd/openssh/dist/readconf.c:1.9	Mon Apr 29 17:59:50 2013
+++ src/crypto/external/bsd/openssh/dist/readconf.c	Tue May 14 05:18:11 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: readconf.c,v 1.9 2013/04/29 17:59:50 mlelstv Exp $	*/
+/*	$NetBSD: readconf.c,v 1.10 2013/05/14 05:18:11 mlelstv Exp $	*/
 /* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.9 2013/04/29 17:59:50 mlelstv Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.10 2013/05/14 05:18:11 mlelstv Exp $");
 #include 
 #include 
 #include 
@@ -1334,8 +1334,6 @@ initialize_options(Options * options)
 void
 fill_default_options(Options * options)
 {
-	int len;
-
 	if (options->forward_agent == -1)
 		options->forward_agent = 0;
 	if (options->forward_x11 == -1)
@@ -1413,30 +1411,16 @@ fill_default_options(Options * options)
 		options->protocol = SSH_PROTO_2;
 	if (options->num_identity_files == 0) {
 		if (options->protocol & SSH_PROTO_1) {
-			len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
-			options->identity_files[options->num_identity_files] =
-			xmalloc(len);
-			snprintf(options->identity_files[options->num_identity_files++],
-			len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
+			add_identity_file(options, "~/",
+			_PATH_SSH_CLIENT_IDENTITY, 0);
 		}
 		if (options->protocol & SSH_PROTO_2) {
-			len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
-			options->identity_files[options->num_identity_files] =
-			xmalloc(len);
-			snprintf(options->identity_files[options->num_identity_files++],
-			len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
-
-			len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
-			options->identity_files[options->num_identity_files] =
-			xmalloc(len);
-			snprintf(options->identity_files[options->num_identity_files++],
-			len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
-
-			len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1;
-			options->identity_files[options->num_identity_files] =
-			xmalloc(len);
-			snprintf(options->identity_files[options->num_identity_files++],
-			len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA);
+			add_identity_file(options, "~/",
+			_PATH_SSH_CLIENT_ID_RSA, 0);
+			add_identity_file(options, "~/",
+			_PATH_SSH_CLIENT_ID_DSA, 0);
+			add_identity_file(options, "~/",
+			_PATH_SSH_CLIENT_ID_ECDSA, 0);
 		}
 	}
 	if (options->escape_char == -1)

CVS commit: src/crypto/external/bsd/openssh/dist

2013-05-10 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri May 10 16:38:47 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: log.c

Log Message:
remove error(1) output.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/log.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/log.c
diff -u src/crypto/external/bsd/openssh/dist/log.c:1.8 src/crypto/external/bsd/openssh/dist/log.c:1.9
--- src/crypto/external/bsd/openssh/dist/log.c:1.8	Fri Mar 29 12:19:45 2013
+++ src/crypto/external/bsd/openssh/dist/log.c	Fri May 10 12:38:47 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: log.c,v 1.8 2013/03/29 16:19:45 christos Exp $	*/
+/*	$NetBSD: log.c,v 1.9 2013/05/10 16:38:47 christos Exp $	*/
 /* $OpenBSD: log.c,v 1.43 2012/09/06 04:37:39 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: log.c,v 1.8 2013/03/29 16:19:45 christos Exp $");
+__RCSID("$NetBSD: log.c,v 1.9 2013/05/10 16:38:47 christos Exp $");
 #include 
 #include 
 
@@ -411,7 +411,6 @@ do_log(LogLevel level, const char *fmt, 
 			{ visbuf, len3 },
 			{ __UNCONST("\r\n"), 2 },
 		};
-/*###414 [lint] warning conversion to 'int' due to prototype, arg #3 [259]%%%*/
 		writev(STDERR_FILENO, iov, __arraycount(iov));
 	} else {
 #ifdef SYSLOG_DATA_INIT

CVS commit: src/crypto/external/bsd/openssh/dist

2013-04-29 Thread Michael van Elst

Module Name:src
Committed By:   mlelstv
Date:   Mon Apr 29 17:59:51 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: readconf.c readconf.h ssh.c
sshconnect2.c

Log Message:
Identityfile warnings fixes.
https://bugzilla.mindrot.org/show_bug.cgi?id=2084


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/readconf.c \
src/crypto/external/bsd/openssh/dist/readconf.h
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/ssh.c
cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/sshconnect2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readconf.c
diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.8 src/crypto/external/bsd/openssh/dist/readconf.c:1.9
--- src/crypto/external/bsd/openssh/dist/readconf.c:1.8	Wed May  2 02:41:08 2012
+++ src/crypto/external/bsd/openssh/dist/readconf.c	Mon Apr 29 17:59:50 2013
@@ -1,5 +1,5 @@
-/*	$NetBSD: readconf.c,v 1.8 2012/05/02 02:41:08 christos Exp $	*/
-/* $OpenBSD: readconf.c,v 1.194 2011/09/23 07:45:05 markus Exp $ */
+/*	$NetBSD: readconf.c,v 1.9 2013/04/29 17:59:50 mlelstv Exp $	*/
+/* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen 
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.8 2012/05/02 02:41:08 christos Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.9 2013/04/29 17:59:50 mlelstv Exp $");
 #include 
 #include 
 #include 
@@ -353,6 +353,26 @@ clear_forwardings(Options *options)
 	options->tun_open = SSH_TUNMODE_NO;
 }
 
+void
+add_identity_file(Options *options, const char *dir, const char *filename,
+int userprovided)
+{
+	char *path;
+
+	if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
+		fatal("Too many identity files specified (max %d)",
+		SSH_MAX_IDENTITY_FILES);
+
+	if (dir == NULL) /* no dir, filename is absolute */
+		path = xstrdup(filename);
+	else
+		(void)xasprintf(&path, "%.100s%.100s", dir, filename);
+
+	options->identity_file_userprovided[options->num_identity_files] =
+	userprovided;
+	options->identity_files[options->num_identity_files++] = path;
+}
+
 /*
  * Returns the number of the token pointed to by cp or oBadOption.
  */
@@ -380,7 +400,7 @@ parse_token(const char *cp, const char *
 int
 process_config_line(Options *options, const char *host,
 		char *line, const char *filename, int linenum,
-		int *activep)
+		int *activep, int userconfig)
 {
 	char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
 	char **cpptr, fwdarg[256];
@@ -662,9 +682,7 @@ parse_yesnoask:
 			if (*intptr >= SSH_MAX_IDENTITY_FILES)
 fatal("%.200s line %d: Too many identity files specified (max %d).",
 filename, linenum, SSH_MAX_IDENTITY_FILES);
-			charptr = &options->identity_files[*intptr];
-			*charptr = xstrdup(arg);
-			*intptr = *intptr + 1;
+			add_identity_file(options, NULL, arg, userconfig);
 		}
 		break;
 
@@ -1161,7 +1179,7 @@ parse_int:
 
 int
 read_config_file(const char *filename, const char *host, Options *options,
-int checkperm)
+int flags)
 {
 	FILE *f;
 	char line[1024];
@@ -1171,7 +1189,7 @@ read_config_file(const char *filename, c
 	if ((f = fopen(filename, "r")) == NULL)
 		return 0;
 
-	if (checkperm) {
+	if (flags & SSHCONF_CHECKPERM) {
 		struct stat sb;
 
 		if (fstat(fileno(f), &sb) == -1)
@@ -1192,7 +1210,8 @@ read_config_file(const char *filename, c
 	while (fgets(line, sizeof(line), f)) {
 		/* Update line number counter. */
 		linenum++;
-		if (process_config_line(options, host, line, filename, linenum, &active) != 0)
+		if (process_config_line(options, host, line, filename, linenum,
+		&active, flags & SSHCONF_USERCONF) != 0)
 			bad_options++;
 	}
 	fclose(f);
Index: src/crypto/external/bsd/openssh/dist/readconf.h
diff -u src/crypto/external/bsd/openssh/dist/readconf.h:1.8 src/crypto/external/bsd/openssh/dist/readconf.h:1.9
--- src/crypto/external/bsd/openssh/dist/readconf.h:1.8	Wed May  2 02:41:08 2012
+++ src/crypto/external/bsd/openssh/dist/readconf.h	Mon Apr 29 17:59:50 2013
@@ -1,5 +1,5 @@
-/*	$NetBSD: readconf.h,v 1.8 2012/05/02 02:41:08 christos Exp $	*/
-/* $OpenBSD: readconf.h,v 1.91 2011/09/23 07:45:05 markus Exp $ */
+/*	$NetBSD: readconf.h,v 1.9 2013/04/29 17:59:50 mlelstv Exp $	*/
+/* $OpenBSD: readconf.h,v 1.93 2013/02/22 04:45:09 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen 
@@ -111,6 +111,7 @@ typedef struct {
 
 	int num_identity_files;	/* Number of files for RSA/DSA identities. */
 	char   *identity_files[SSH_MAX_IDENTITY_FILES];
+	intidentity_file_userprovided[SSH_MAX_IDENTITY_FILES];
 	Key*identity_keys[SSH_MAX_IDENTITY_FILES];
 
 	/* Local TCP/IP forward requests. */
@@ -166,15 +167,20 @@ typedef struct {
 #define REQUEST_TTY_YES		2
 #define REQUEST_TTY_FORCE	3
 
+#d

CVS commit: src/crypto/external/bsd/openssh/dist

2013-04-25 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Thu Apr 25 20:10:29 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: packet.c

Log Message:
restore logging behavior: don't treat user disconnect messages as errors,
just log them.


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/packet.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/packet.c
diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.10 src/crypto/external/bsd/openssh/dist/packet.c:1.11
--- src/crypto/external/bsd/openssh/dist/packet.c:1.10	Fri Mar 29 12:19:45 2013
+++ src/crypto/external/bsd/openssh/dist/packet.c	Thu Apr 25 16:10:28 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: packet.c,v 1.10 2013/03/29 16:19:45 christos Exp $	*/
+/*	$NetBSD: packet.c,v 1.11 2013/04/25 20:10:28 christos Exp $	*/
 /* $OpenBSD: packet.c,v 1.181 2013/02/10 23:35:24 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: packet.c,v 1.10 2013/03/29 16:19:45 christos Exp $");
+__RCSID("$NetBSD: packet.c,v 1.11 2013/04/25 20:10:28 christos Exp $");
 #include 
 #include 
 #include 
@@ -1456,7 +1456,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_
 			case SSH2_MSG_DISCONNECT:
 reason = packet_get_int();
 msg = packet_get_string(NULL);
-error("Received disconnect from %s: %u: %.400s",
+logit("Received disconnect from %s: %u: %.400s",
 get_remote_ipaddr(), reason, msg);
 xfree(msg);
 cleanup_exit(255);
@@ -1481,7 +1481,7 @@ packet_read_poll_seqnr(u_int32_t *seqnr_
 break;
 			case SSH_MSG_DISCONNECT:
 msg = packet_get_string(NULL);
-error("Received disconnect from %s: %.400s",
+logit("Received disconnect from %s: %.400s",
 get_remote_ipaddr(), msg);
 cleanup_exit(255);
 break;

CVS commit: src/crypto/external/bsd/openssh/dist

2013-04-12 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri Apr 12 18:09:30 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-keygen.c

Log Message:
Use __dead.


To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/crypto/external/bsd/openssh/dist/ssh-keygen.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.11 src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.12
--- src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.11	Fri Mar 29 16:19:45 2013
+++ src/crypto/external/bsd/openssh/dist/ssh-keygen.c	Fri Apr 12 18:09:30 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-keygen.c,v 1.11 2013/03/29 16:19:45 christos Exp $	*/
+/*	$NetBSD: ssh-keygen.c,v 1.12 2013/04/12 18:09:30 joerg Exp $	*/
 /* $OpenBSD: ssh-keygen.c,v 1.225 2013/02/10 23:32:10 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-keygen.c,v 1.11 2013/03/29 16:19:45 christos Exp $");
+__RCSID("$NetBSD: ssh-keygen.c,v 1.12 2013/04/12 18:09:30 joerg Exp $");
 #include 
 #include 
 #include 
@@ -2082,7 +2082,7 @@ do_gen_krl(struct passwd *pw, int updati
 	ssh_krl_free(krl);
 }
 
-static void
+__dead static void
 do_check_krl(struct passwd *pw, int argc, char **argv)
 {
 	int i, r, ret = 0;
@@ -2109,7 +2109,7 @@ do_check_krl(struct passwd *pw, int argc
 	exit(ret);
 }
 
-static void
+__dead static void
 usage(void)
 {
 	fprintf(stderr, "usage: %s [options]\n", __progname);

CVS commit: src/crypto/external/bsd/openssh/dist

2013-04-12 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri Apr 12 18:09:20 UTC 2013

Modified Files:
src/crypto/external/bsd/openssh/dist: scp.c

Log Message:
Add __printflike.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/scp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/scp.c
diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.7 src/crypto/external/bsd/openssh/dist/scp.c:1.8
--- src/crypto/external/bsd/openssh/dist/scp.c:1.7	Wed May  2 02:41:08 2012
+++ src/crypto/external/bsd/openssh/dist/scp.c	Fri Apr 12 18:09:19 2013
@@ -1,4 +1,4 @@
-/*	$NetBSD: scp.c,v 1.7 2012/05/02 02:41:08 christos Exp $	*/
+/*	$NetBSD: scp.c,v 1.8 2013/04/12 18:09:19 joerg Exp $	*/
 /* $OpenBSD: scp.c,v 1.171 2011/09/09 22:37:01 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
@@ -73,7 +73,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: scp.c,v 1.7 2012/05/02 02:41:08 christos Exp $");
+__RCSID("$NetBSD: scp.c,v 1.8 2013/04/12 18:09:19 joerg Exp $");
 #include 
 #include 
 #include 
@@ -340,7 +340,7 @@ typedef struct {
 BUF *allocbuf(BUF *, int, int);
 __dead static void lostconn(int);
 int okname(char *);
-void run_err(const char *,...);
+void run_err(const char *,...) __printflike(1, 2);
 void verifydir(char *);
 
 struct passwd *pwd;

CVS commit: src/crypto/external/bsd/openssh/dist

2013-03-29 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Mar 29 14:52:54 UTC 2013

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv5751

Log Message:
from openbsd

Status:

Vendor Tag: OPENSSH
Release Tags:   v62-20130321

U src/crypto/external/bsd/openssh/dist/LICENCE
C src/crypto/external/bsd/openssh/dist/PROTOCOL.agent
U src/crypto/external/bsd/openssh/dist/OVERVIEW
C src/crypto/external/bsd/openssh/dist/PROTOCOL
U src/crypto/external/bsd/openssh/dist/cipher-3des1.c
U src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys
N src/crypto/external/bsd/openssh/dist/PROTOCOL.krl
U src/crypto/external/bsd/openssh/dist/PROTOCOL.mux
U src/crypto/external/bsd/openssh/dist/README
U src/crypto/external/bsd/openssh/dist/addrmatch.c
U src/crypto/external/bsd/openssh/dist/atomicio.c
U src/crypto/external/bsd/openssh/dist/atomicio.h
U src/crypto/external/bsd/openssh/dist/auth-bsdauth.c
U src/crypto/external/bsd/openssh/dist/auth-chall.c
U src/crypto/external/bsd/openssh/dist/auth-krb5.c
C src/crypto/external/bsd/openssh/dist/auth-options.c
U src/crypto/external/bsd/openssh/dist/auth-options.h
U src/crypto/external/bsd/openssh/dist/auth-passwd.c
U src/crypto/external/bsd/openssh/dist/canohost.c
U src/crypto/external/bsd/openssh/dist/auth-rh-rsa.c
U src/crypto/external/bsd/openssh/dist/auth-rhosts.c
C src/crypto/external/bsd/openssh/dist/auth-rsa.c
C src/crypto/external/bsd/openssh/dist/auth.c
C src/crypto/external/bsd/openssh/dist/auth.h
C src/crypto/external/bsd/openssh/dist/auth1.c
C src/crypto/external/bsd/openssh/dist/auth2-chall.c
C src/crypto/external/bsd/openssh/dist/auth2-gss.c
U src/crypto/external/bsd/openssh/dist/auth2-hostbased.c
C src/crypto/external/bsd/openssh/dist/auth2-jpake.c
U src/crypto/external/bsd/openssh/dist/auth2-kbdint.c
U src/crypto/external/bsd/openssh/dist/auth2-none.c
U src/crypto/external/bsd/openssh/dist/auth2-passwd.c
C src/crypto/external/bsd/openssh/dist/auth2-pubkey.c
C src/crypto/external/bsd/openssh/dist/auth2.c
U src/crypto/external/bsd/openssh/dist/authfd.c
U src/crypto/external/bsd/openssh/dist/authfd.h
C src/crypto/external/bsd/openssh/dist/authfile.c
U src/crypto/external/bsd/openssh/dist/authfile.h
U src/crypto/external/bsd/openssh/dist/bufaux.c
U src/crypto/external/bsd/openssh/dist/bufbn.c
U src/crypto/external/bsd/openssh/dist/bufec.c
U src/crypto/external/bsd/openssh/dist/buffer.c
U src/crypto/external/bsd/openssh/dist/buffer.h
U src/crypto/external/bsd/openssh/dist/crc32.c
U src/crypto/external/bsd/openssh/dist/canohost.h
C src/crypto/external/bsd/openssh/dist/channels.c
U src/crypto/external/bsd/openssh/dist/channels.h
U src/crypto/external/bsd/openssh/dist/groupaccess.c
U src/crypto/external/bsd/openssh/dist/cipher-bf1.c
C src/crypto/external/bsd/openssh/dist/cipher.c
C src/crypto/external/bsd/openssh/dist/cipher.h
U src/crypto/external/bsd/openssh/dist/cleanup.c
C src/crypto/external/bsd/openssh/dist/clientloop.c
C src/crypto/external/bsd/openssh/dist/clientloop.h
C src/crypto/external/bsd/openssh/dist/compat.c
U src/crypto/external/bsd/openssh/dist/compat.h
U src/crypto/external/bsd/openssh/dist/compress.c
U src/crypto/external/bsd/openssh/dist/compress.h
U src/crypto/external/bsd/openssh/dist/crc32.h
U src/crypto/external/bsd/openssh/dist/deattack.c
U src/crypto/external/bsd/openssh/dist/deattack.h
U src/crypto/external/bsd/openssh/dist/dh.c
U src/crypto/external/bsd/openssh/dist/dh.h
U src/crypto/external/bsd/openssh/dist/dispatch.c
U src/crypto/external/bsd/openssh/dist/dispatch.h
U src/crypto/external/bsd/openssh/dist/dns.c
U src/crypto/external/bsd/openssh/dist/dns.h
U src/crypto/external/bsd/openssh/dist/fatal.c
C src/crypto/external/bsd/openssh/dist/monitor.c
U src/crypto/external/bsd/openssh/dist/match.h
U src/crypto/external/bsd/openssh/dist/groupaccess.h
U src/crypto/external/bsd/openssh/dist/jpake.c
U src/crypto/external/bsd/openssh/dist/gss-genr.c
U src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
U src/crypto/external/bsd/openssh/dist/gss-serv.c
U src/crypto/external/bsd/openssh/dist/hostfile.c
U src/crypto/external/bsd/openssh/dist/hostfile.h
U src/crypto/external/bsd/openssh/dist/jpake.h
C src/crypto/external/bsd/openssh/dist/kex.c
C src/crypto/external/bsd/openssh/dist/kex.h
U src/crypto/external/bsd/openssh/dist/kexdh.c
U src/crypto/external/bsd/openssh/dist/kexdhc.c
U src/crypto/external/bsd/openssh/dist/kexdhs.c
U src/crypto/external/bsd/openssh/dist/kexecdh.c
U src/crypto/external/bsd/openssh/dist/kexecdhc.c
U src/crypto/external/bsd/openssh/dist/kexecdhs.c
U src/crypto/external/bsd/openssh/dist/kexgex.c
U src/crypto/external/bsd/openssh/dist/kexgexc.c
U src/crypto/external/bsd/openssh/dist/kexgexs.c
C src/crypto/external/bsd/openssh/dist/key.c
C src/crypto/external/bsd/openssh/dist/key.h
N src/crypto/external/bsd/openssh/dist/krl.c
N src/crypto/external/bsd/openssh/dist/krl.h
C src/crypto/external/bsd/openssh/dist/log.c
C src/crypto/external/bsd/openssh/dist/log.h

CVS commit: src/crypto/external/bsd/openssh/dist

2012-12-12 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Wed Dec 12 18:19:25 UTC 2012

Modified Files:
src/crypto/external/bsd/openssh/dist: version.h

Log Message:
make sure that our hpn patches are up-to-date


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/version.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/version.h
diff -u src/crypto/external/bsd/openssh/dist/version.h:1.9 src/crypto/external/bsd/openssh/dist/version.h:1.10
--- src/crypto/external/bsd/openssh/dist/version.h:1.9	Wed Dec 12 12:42:40 2012
+++ src/crypto/external/bsd/openssh/dist/version.h	Wed Dec 12 13:19:25 2012
@@ -1,9 +1,9 @@
-/*	$NetBSD: version.h,v 1.9 2012/12/12 17:42:40 christos Exp $	*/
+/*	$NetBSD: version.h,v 1.10 2012/12/12 18:19:25 christos Exp $	*/
 /* $OpenBSD: version.h,v 1.65 2012/07/22 18:19:21 markus Exp $ */
 
 #define __OPENSSH_VERSION	"OpenSSH_6.1"
 #define __NETBSDSSH_VERSION	"NetBSD_Secure_Shell-20121212"
-#define SSH_HPN "-hpn13v11"
+#define SSH_HPN "-hpn13v14"
 #define SSH_LPK		"-lpk"
 /*
  * it is important to retain OpenSSH version identification part, it is

CVS commit: src/crypto/external/bsd/openssh/dist

2012-12-12 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Wed Dec 12 16:52:32 UTC 2012

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv18236

Log Message:
>From ftp.openbsd.org

Status:

Vendor Tag: OPENSSH
Release Tags:   v61-20120828

U src/crypto/external/bsd/openssh/dist/PROTOCOL.agent
U src/crypto/external/bsd/openssh/dist/readconf.h
U src/crypto/external/bsd/openssh/dist/LICENCE
U src/crypto/external/bsd/openssh/dist/OVERVIEW
U src/crypto/external/bsd/openssh/dist/PROTOCOL
U src/crypto/external/bsd/openssh/dist/cipher-3des1.c
C src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys
C src/crypto/external/bsd/openssh/dist/PROTOCOL.mux
U src/crypto/external/bsd/openssh/dist/README
C src/crypto/external/bsd/openssh/dist/addrmatch.c
U src/crypto/external/bsd/openssh/dist/atomicio.c
U src/crypto/external/bsd/openssh/dist/atomicio.h
U src/crypto/external/bsd/openssh/dist/auth-bsdauth.c
U src/crypto/external/bsd/openssh/dist/auth-chall.c
U src/crypto/external/bsd/openssh/dist/auth-krb5.c
U src/crypto/external/bsd/openssh/dist/auth-options.c
U src/crypto/external/bsd/openssh/dist/auth-options.h
U src/crypto/external/bsd/openssh/dist/auth-passwd.c
U src/crypto/external/bsd/openssh/dist/auth-rh-rsa.c
C src/crypto/external/bsd/openssh/dist/channels.c
U src/crypto/external/bsd/openssh/dist/auth-rhosts.c
C src/crypto/external/bsd/openssh/dist/auth.c
U src/crypto/external/bsd/openssh/dist/auth-rsa.c
U src/crypto/external/bsd/openssh/dist/auth.h
U src/crypto/external/bsd/openssh/dist/auth1.c
U src/crypto/external/bsd/openssh/dist/auth2-chall.c
U src/crypto/external/bsd/openssh/dist/auth2-gss.c
U src/crypto/external/bsd/openssh/dist/auth2-hostbased.c
U src/crypto/external/bsd/openssh/dist/auth2-jpake.c
U src/crypto/external/bsd/openssh/dist/auth2-kbdint.c
U src/crypto/external/bsd/openssh/dist/auth2-none.c
U src/crypto/external/bsd/openssh/dist/auth2-passwd.c
U src/crypto/external/bsd/openssh/dist/auth2-pubkey.c
U src/crypto/external/bsd/openssh/dist/auth2.c
U src/crypto/external/bsd/openssh/dist/authfd.c
U src/crypto/external/bsd/openssh/dist/authfd.h
U src/crypto/external/bsd/openssh/dist/authfile.c
U src/crypto/external/bsd/openssh/dist/authfile.h
U src/crypto/external/bsd/openssh/dist/bufaux.c
U src/crypto/external/bsd/openssh/dist/bufbn.c
U src/crypto/external/bsd/openssh/dist/bufec.c
U src/crypto/external/bsd/openssh/dist/buffer.c
U src/crypto/external/bsd/openssh/dist/buffer.h
U src/crypto/external/bsd/openssh/dist/canohost.c
U src/crypto/external/bsd/openssh/dist/canohost.h
C src/crypto/external/bsd/openssh/dist/channels.h
U src/crypto/external/bsd/openssh/dist/cipher.c
U src/crypto/external/bsd/openssh/dist/groupaccess.c
U src/crypto/external/bsd/openssh/dist/cipher-bf1.c
U src/crypto/external/bsd/openssh/dist/cipher-ctr.c
U src/crypto/external/bsd/openssh/dist/cipher.h
U src/crypto/external/bsd/openssh/dist/cleanup.c
C src/crypto/external/bsd/openssh/dist/clientloop.c
U src/crypto/external/bsd/openssh/dist/clientloop.h
U src/crypto/external/bsd/openssh/dist/compat.c
U src/crypto/external/bsd/openssh/dist/compat.h
U src/crypto/external/bsd/openssh/dist/compress.c
U src/crypto/external/bsd/openssh/dist/compress.h
U src/crypto/external/bsd/openssh/dist/crc32.c
U src/crypto/external/bsd/openssh/dist/crc32.h
U src/crypto/external/bsd/openssh/dist/deattack.c
U src/crypto/external/bsd/openssh/dist/deattack.h
U src/crypto/external/bsd/openssh/dist/dh.c
U src/crypto/external/bsd/openssh/dist/dh.h
U src/crypto/external/bsd/openssh/dist/dispatch.c
U src/crypto/external/bsd/openssh/dist/dispatch.h
C src/crypto/external/bsd/openssh/dist/dns.c
C src/crypto/external/bsd/openssh/dist/dns.h
U src/crypto/external/bsd/openssh/dist/fatal.c
U src/crypto/external/bsd/openssh/dist/gss-genr.c
U src/crypto/external/bsd/openssh/dist/groupaccess.h
U src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
U src/crypto/external/bsd/openssh/dist/gss-serv.c
U src/crypto/external/bsd/openssh/dist/hostfile.c
U src/crypto/external/bsd/openssh/dist/hostfile.h
C src/crypto/external/bsd/openssh/dist/jpake.c
U src/crypto/external/bsd/openssh/dist/jpake.h
U src/crypto/external/bsd/openssh/dist/kex.c
U src/crypto/external/bsd/openssh/dist/kex.h
U src/crypto/external/bsd/openssh/dist/kexdh.c
U src/crypto/external/bsd/openssh/dist/kexdhc.c
U src/crypto/external/bsd/openssh/dist/kexdhs.c
U src/crypto/external/bsd/openssh/dist/kexecdh.c
U src/crypto/external/bsd/openssh/dist/kexecdhc.c
U src/crypto/external/bsd/openssh/dist/kexecdhs.c
U src/crypto/external/bsd/openssh/dist/kexgex.c
U src/crypto/external/bsd/openssh/dist/kexgexc.c
U src/crypto/external/bsd/openssh/dist/kexgexs.c
C src/crypto/external/bsd/openssh/dist/key.c
C src/crypto/external/bsd/openssh/dist/key.h
U src/crypto/external/bsd/openssh/dist/log.c
U src/crypto/external/bsd/openssh/dist/log.h
C src/crypto/external/bsd/openssh/dist/mac.c
U src/crypto/external/bsd/openssh/dist/mac.h
U src/crypto/external/bsd/openssh/d

CVS commit: src/crypto/external/bsd/openssh/dist

2012-10-26 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Oct 26 12:42:10 UTC 2012

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-agent.c

Log Message:
Don't forget to re-assign sock after dup2(); from Jarle Greipsland


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/ssh-agent.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-agent.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.10 src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.11
--- src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.10	Tue Sep 18 11:18:01 2012
+++ src/crypto/external/bsd/openssh/dist/ssh-agent.c	Fri Oct 26 08:42:10 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-agent.c,v 1.10 2012/09/18 15:18:01 christos Exp $	*/
+/*	$NetBSD: ssh-agent.c,v 1.11 2012/10/26 12:42:10 christos Exp $	*/
 /* $OpenBSD: ssh-agent.c,v 1.172 2011/06/03 01:37:40 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-agent.c,v 1.10 2012/09/18 15:18:01 christos Exp $");
+__RCSID("$NetBSD: ssh-agent.c,v 1.11 2012/10/26 12:42:10 christos Exp $");
 #include 
 #include 
 #include 
@@ -1322,6 +1322,7 @@ main(int ac, char **av)
 			cleanup_exit(1);
 		}
 		close(sock);
+		sock = STDERR_FILENO + 1;
 	}
 #if defined(F_CLOSEM)
 	if (fcntl(sock + 1, F_CLOSEM, 0) == -1) {

CVS commit: src/crypto/external/bsd/openssh/dist

2012-09-18 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Sep 18 15:18:01 UTC 2012

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-agent.c

Log Message:
Take better care of closing file descriptors in the agent child and dealing
with dup2 and std{in,out,err}.


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/ssh-agent.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-agent.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.9 src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.10
--- src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.9	Fri Sep 16 11:36:18 2011
+++ src/crypto/external/bsd/openssh/dist/ssh-agent.c	Tue Sep 18 11:18:01 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-agent.c,v 1.9 2011/09/16 15:36:18 joerg Exp $	*/
+/*	$NetBSD: ssh-agent.c,v 1.10 2012/09/18 15:18:01 christos Exp $	*/
 /* $OpenBSD: ssh-agent.c,v 1.172 2011/06/03 01:37:40 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-agent.c,v 1.9 2011/09/16 15:36:18 joerg Exp $");
+__RCSID("$NetBSD: ssh-agent.c,v 1.10 2012/09/18 15:18:01 christos Exp $");
 #include 
 #include 
 #include 
@@ -1315,12 +1315,49 @@ main(int ac, char **av)
 	}
 
 	(void)chdir("/");
+
+	if (sock != STDERR_FILENO + 1) {
+		if (dup2(sock, STDERR_FILENO + 1) == -1) {
+			error("dup2: %s", strerror(errno));
+			cleanup_exit(1);
+		}
+		close(sock);
+	}
+#if defined(F_CLOSEM)
+	if (fcntl(sock + 1, F_CLOSEM, 0) == -1) {
+		error("fcntl F_CLOSEM: %s", strerror(errno));
+		cleanup_exit(1);
+	}
+#else
+	{
+		int nfiles;
+#if defined(_SC_OPEN_MAX)
+		nfiles = sysconf(_SC_OPEN_MAX);
+#elif defined(RLIMIT_NOFILE)
+		if (getrlimit(RLIMIT_CORE, &rlim) < 0) {
+			error("getrlimit RLIMIT_NOFILE: %s", strerror(errno));
+			cleanup_exit(1);
+		}
+		nfiles = rlim.rlim_cur;
+#elif defined(OPEN_MAX)
+		nfiles = OPEN_MAX;
+#elif defined(NOFILE)
+		nfiles = NOFILE;
+#else
+		nfiles = 1024;
+#endif
+		for (fd = sock + 1; fd < nfiles; fd++)
+			close(fd);
+	}
+#endif
 	if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
-		/* XXX might close listen socket */
-		(void)dup2(fd, STDIN_FILENO);
-		(void)dup2(fd, STDOUT_FILENO);
-		(void)dup2(fd, STDERR_FILENO);
-		if (fd > 2)
+		if (dup2(fd, STDIN_FILENO) == -1 ||
+		dup2(fd, STDOUT_FILENO) == -1 ||
+		dup2(fd, STDERR_FILENO) == -1) {
+			error("dup2: %s", strerror(errno));
+			cleanup_exit(1);
+		}
+		if (fd > STDERR_FILENO)
 			close(fd);
 	}

CVS commit: src/crypto/external/bsd/openssh/lib

2012-05-01 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Wed May  2 02:41:13 UTC 2012

Modified Files:
src/crypto/external/bsd/openssh/lib: shlib_version

Log Message:
bump


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/lib/shlib_version

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/lib/shlib_version
diff -u src/crypto/external/bsd/openssh/lib/shlib_version:1.7 src/crypto/external/bsd/openssh/lib/shlib_version:1.8
--- src/crypto/external/bsd/openssh/lib/shlib_version:1.7	Wed Sep  7 13:49:19 2011
+++ src/crypto/external/bsd/openssh/lib/shlib_version	Tue May  1 22:41:13 2012
@@ -1,5 +1,5 @@
-#	$NetBSD: shlib_version,v 1.7 2011/09/07 17:49:19 christos Exp $
+#	$NetBSD: shlib_version,v 1.8 2012/05/02 02:41:13 christos Exp $
 #	Remember to update distrib/sets/lists/base/shl.* when changing
 #
-major=18
+major=19
 minor=0

CVS commit: src/crypto/external/bsd/openssh/dist

2012-05-01 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Wed May  2 02:13:35 UTC 2012

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv25700

Log Message:
from ftp.openbsd.org

Status:

Vendor Tag: OPENSSH
Release Tags:   v60-20120421

U src/crypto/external/bsd/openssh/dist/canohost.h
U src/crypto/external/bsd/openssh/dist/auth.c
U src/crypto/external/bsd/openssh/dist/progressmeter.h
U src/crypto/external/bsd/openssh/dist/auth-chall.c
U src/crypto/external/bsd/openssh/dist/kexgexs.c
U src/crypto/external/bsd/openssh/dist/uuencode.c
C src/crypto/external/bsd/openssh/dist/ssh-add.c
U src/crypto/external/bsd/openssh/dist/kexecdhs.c
U src/crypto/external/bsd/openssh/dist/jpake.h
U src/crypto/external/bsd/openssh/dist/LICENCE
C src/crypto/external/bsd/openssh/dist/compat.c
U src/crypto/external/bsd/openssh/dist/serverloop.c
U src/crypto/external/bsd/openssh/dist/sftp.h
U src/crypto/external/bsd/openssh/dist/dns.c
U src/crypto/external/bsd/openssh/dist/msg.h
U src/crypto/external/bsd/openssh/dist/ssh-agent.1
U src/crypto/external/bsd/openssh/dist/PROTOCOL
U src/crypto/external/bsd/openssh/dist/auth2-hostbased.c
U src/crypto/external/bsd/openssh/dist/auth-bsdauth.c
U src/crypto/external/bsd/openssh/dist/uidswap.h
U src/crypto/external/bsd/openssh/dist/umac.h
U src/crypto/external/bsd/openssh/dist/gss-serv.c
U src/crypto/external/bsd/openssh/dist/ssh-keyscan.1
C src/crypto/external/bsd/openssh/dist/dh.c
C src/crypto/external/bsd/openssh/dist/roaming_client.c
U src/crypto/external/bsd/openssh/dist/sftp-server-main.c
U src/crypto/external/bsd/openssh/dist/auth2-jpake.c
U src/crypto/external/bsd/openssh/dist/servconf.h
C src/crypto/external/bsd/openssh/dist/auth-options.c
U src/crypto/external/bsd/openssh/dist/misc.h
C src/crypto/external/bsd/openssh/dist/auth2-pubkey.c
U src/crypto/external/bsd/openssh/dist/monitor_mm.h
U src/crypto/external/bsd/openssh/dist/cipher-ctr.c
U src/crypto/external/bsd/openssh/dist/sftp-common.c
C src/crypto/external/bsd/openssh/dist/scp.1
C src/crypto/external/bsd/openssh/dist/sshd.8
C src/crypto/external/bsd/openssh/dist/ssh-keygen.c
U src/crypto/external/bsd/openssh/dist/msg.c
C src/crypto/external/bsd/openssh/dist/scp.c
U src/crypto/external/bsd/openssh/dist/bufaux.c
U src/crypto/external/bsd/openssh/dist/crc32.c
U src/crypto/external/bsd/openssh/dist/key.h
C src/crypto/external/bsd/openssh/dist/clientloop.c
U src/crypto/external/bsd/openssh/dist/auth1.c
U src/crypto/external/bsd/openssh/dist/sshd_config
C src/crypto/external/bsd/openssh/dist/mux.c
C src/crypto/external/bsd/openssh/dist/ssh.c
U src/crypto/external/bsd/openssh/dist/monitor_fdpass.c
U src/crypto/external/bsd/openssh/dist/bufec.c
C src/crypto/external/bsd/openssh/dist/sftp-glob.c
C src/crypto/external/bsd/openssh/dist/monitor.c
U src/crypto/external/bsd/openssh/dist/schnorr.h
U src/crypto/external/bsd/openssh/dist/canohost.c
U src/crypto/external/bsd/openssh/dist/kexgexc.c
U src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
U src/crypto/external/bsd/openssh/dist/cipher-bf1.c
U src/crypto/external/bsd/openssh/dist/roaming_serv.c
U src/crypto/external/bsd/openssh/dist/ssh-dss.c
U src/crypto/external/bsd/openssh/dist/xmalloc.h
U src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.8
U src/crypto/external/bsd/openssh/dist/sftp-server.8
U src/crypto/external/bsd/openssh/dist/fatal.c
U src/crypto/external/bsd/openssh/dist/auth2-none.c
U src/crypto/external/bsd/openssh/dist/myproposal.h
U src/crypto/external/bsd/openssh/dist/roaming_dummy.c
U src/crypto/external/bsd/openssh/dist/jpake.c
U src/crypto/external/bsd/openssh/dist/dispatch.h
C src/crypto/external/bsd/openssh/dist/sshd.c
U src/crypto/external/bsd/openssh/dist/addrmatch.c
U src/crypto/external/bsd/openssh/dist/groupaccess.h
U src/crypto/external/bsd/openssh/dist/cipher-3des1.c
U src/crypto/external/bsd/openssh/dist/match.c
U src/crypto/external/bsd/openssh/dist/auth-options.h
C src/crypto/external/bsd/openssh/dist/ssh_config.5
U src/crypto/external/bsd/openssh/dist/ssh-pkcs11.h
U src/crypto/external/bsd/openssh/dist/ssh2.h
U src/crypto/external/bsd/openssh/dist/kexgex.c
U src/crypto/external/bsd/openssh/dist/monitor_wrap.c
U src/crypto/external/bsd/openssh/dist/ssh-agent.c
U src/crypto/external/bsd/openssh/dist/auth-rhosts.c
C src/crypto/external/bsd/openssh/dist/channels.c
U src/crypto/external/bsd/openssh/dist/mac.h
U src/crypto/external/bsd/openssh/dist/gss-genr.c
U src/crypto/external/bsd/openssh/dist/ssh_config
U src/crypto/external/bsd/openssh/dist/kexdhs.c
U src/crypto/external/bsd/openssh/dist/sshpty.c
U src/crypto/external/bsd/openssh/dist/crc32.h
C src/crypto/external/bsd/openssh/dist/key.c
C src/crypto/external/bsd/openssh/dist/channels.h
U src/crypto/external/bsd/openssh/dist/cipher.h
U src/crypto/external/bsd/openssh/dist/monitor_mm.c
U src/crypto/external/bsd/openssh/dist/sshlogin.c
U src/crypto/external/bsd/openssh/dist/cleanup.c
U src/crypto/external/bsd/openssh/dist/sshtt

CVS commit: src/crypto/external/bsd/openssh/dist

2012-04-27 Thread Thor Lancelot Simon

Module Name:src
Committed By:   tls
Date:   Fri Apr 27 15:45:37 UTC 2012

Modified Files:
src/crypto/external/bsd/openssh/dist: readconf.c readconf.h
sshconnect.c

Log Message:
Add new "SendVersionFirst" option to OpenSSH client.  This option makes
the client send its version string first if it is configured to speak
v2 only (the old hack of waiting to see the server version is only
really useful if you might be speaking v1 to some servers).  The option
is on by default but can be disabled from the config file.

This aligns the OpenSSH client behavior with most other implementations
and eliminates a major source of connection delays and failures when
speaking SSH through particularly stupid proxies, of which, sadly, there
are many.

This change has also been submitted to OpenSSH as their bug #1999.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/readconf.c \
src/crypto/external/bsd/openssh/dist/readconf.h \
src/crypto/external/bsd/openssh/dist/sshconnect.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readconf.c
diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.6 src/crypto/external/bsd/openssh/dist/readconf.c:1.7
--- src/crypto/external/bsd/openssh/dist/readconf.c:1.6	Wed Sep  7 17:49:19 2011
+++ src/crypto/external/bsd/openssh/dist/readconf.c	Fri Apr 27 15:45:37 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: readconf.c,v 1.6 2011/09/07 17:49:19 christos Exp $	*/
+/*	$NetBSD: readconf.c,v 1.7 2012/04/27 15:45:37 tls Exp $	*/
 /* $OpenBSD: readconf.c,v 1.193 2011/05/24 07:15:47 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.6 2011/09/07 17:49:19 christos Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.7 2012/04/27 15:45:37 tls Exp $");
 #include 
 #include 
 #include 
@@ -147,6 +147,7 @@ typedef enum {
 	oKexAlgorithms, oIPQoS, oRequestTTY,
 	oNoneEnabled, oTcpRcvBufPoll, oTcpRcvBuf, oNoneSwitch, oHPNDisabled,
 	oHPNBufferSize,
+	oSendVersionFirst,
 	oDeprecated, oUnsupported
 } OpCodes;
 
@@ -272,6 +273,7 @@ static struct {
 	{ "noneswitch", oNoneSwitch },
 	{ "hpndisabled", oHPNDisabled },
 	{ "hpnbuffersize", oHPNBufferSize },
+	{ "sendversionfirst", oSendVersionFirst },
 
 	{ NULL, oBadOption }
 };
@@ -1123,6 +1125,10 @@ parse_int:
 			*intptr = value;
 		break;
 
+	case oSendVersionFirst:
+		intptr = &options->send_version_first;
+		goto parse_flag;
+
 	case oDeprecated:
 		debug("%s line %d: Deprecated option \"%s\"",
 		filename, linenum, keyword);
@@ -1297,6 +1303,7 @@ initialize_options(Options * options)
 	options->hpn_buffer_size = -1;
 	options->tcp_rcv_buf_poll = -1;
 	options->tcp_rcv_buf = -1;
+	options->send_version_first = -1;
 }
 
 /*
@@ -1495,6 +1502,8 @@ fill_default_options(Options * options)
 		options->ip_qos_bulk = IPTOS_THROUGHPUT;
 	if (options->request_tty == -1)
 		options->request_tty = REQUEST_TTY_AUTO;
+	if (options->send_version_first == -1)
+		options->send_version_first = 1;
 	/* options->local_command should not be set by default */
 	/* options->proxy_command should not be set by default */
 	/* options->user will be set in the main program if appropriate */
Index: src/crypto/external/bsd/openssh/dist/readconf.h
diff -u src/crypto/external/bsd/openssh/dist/readconf.h:1.6 src/crypto/external/bsd/openssh/dist/readconf.h:1.7
--- src/crypto/external/bsd/openssh/dist/readconf.h:1.6	Wed Sep  7 17:49:19 2011
+++ src/crypto/external/bsd/openssh/dist/readconf.h	Fri Apr 27 15:45:37 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: readconf.h,v 1.6 2011/09/07 17:49:19 christos Exp $	*/
+/*	$NetBSD: readconf.h,v 1.7 2012/04/27 15:45:37 tls Exp $	*/
 /* $OpenBSD: readconf.h,v 1.90 2011/05/24 07:15:47 djm Exp $ */
 
 /*
@@ -151,6 +151,7 @@ typedef struct {
 	int	use_roaming;
 
 	int	request_tty;
+	int	send_version_first;
 }   Options;
 
 #define SSHCTL_MASTER_NO	0
Index: src/crypto/external/bsd/openssh/dist/sshconnect.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect.c:1.6 src/crypto/external/bsd/openssh/dist/sshconnect.c:1.7
--- src/crypto/external/bsd/openssh/dist/sshconnect.c:1.6	Wed Sep  7 17:49:19 2011
+++ src/crypto/external/bsd/openssh/dist/sshconnect.c	Fri Apr 27 15:45:37 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshconnect.c,v 1.6 2011/09/07 17:49:19 christos Exp $	*/
+/*	$NetBSD: sshconnect.c,v 1.7 2012/04/27 15:45:37 tls Exp $	*/
 /* $OpenBSD: sshconnect.c,v 1.234 2011/05/24 07:15:47 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -15,7 +15,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshconnect.c,v 1.6 2011/09/07 17:49:19 christos Exp $");
+__RCSID("$NetBSD: sshconnect.c,v 1.7 2012/04/27 15:45:37 tls Exp $");
 #include 
 #include 
 #include 
@@ -474,6 +474,7 @@ ssh_exchange_identification(int timeout_
 	int connection_in = packet_get_connection_in();
 	int connection_out = packet_get_connection

CVS commit: src/crypto/external/bsd/openssh/dist

2012-04-13 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Apr 14 01:34:38 UTC 2012

Modified Files:
src/crypto/external/bsd/openssh/dist: readpassphrase.c

Log Message:
Minimize diffs.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssh/dist/readpassphrase.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readpassphrase.c
diff -u src/crypto/external/bsd/openssh/dist/readpassphrase.c:1.2 src/crypto/external/bsd/openssh/dist/readpassphrase.c:1.3
--- src/crypto/external/bsd/openssh/dist/readpassphrase.c:1.2	Fri Apr 13 19:57:08 2012
+++ src/crypto/external/bsd/openssh/dist/readpassphrase.c	Fri Apr 13 21:34:37 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: readpassphrase.c,v 1.2 2012/04/13 23:57:08 christos Exp $	*/
+/*	$NetBSD: readpassphrase.c,v 1.3 2012/04/14 01:34:37 christos Exp $	*/
 /*
  * Copyright (c) 2000 Todd C. Miller 
  * All rights reserved.
@@ -43,14 +43,32 @@ static const char rcsid[] = "$OpenBSD: r
 #include 
 
 char *
-readpassphrase(
-	const char *prompt,
-	char *buf,
-	size_t bufsiz,
-	int flags)
+readpassphrase(prompt, buf, bufsiz, flags)
+	const char *prompt;
+	char *buf;
+	size_t bufsiz;
+	int flags;
 {
+#ifdef GETPASS_ECHO
+	int gflags = GETPASS_ECHO_NL;
+
+	if (flags & RPP_ECHO_ON)
+		gflags |= GETPASS_ECHO;
+	if (flags & RPP_REQUIRE_TTY)
+		gflags |= GETPASS_NEED_TTY;
+	if (flags & RPP_FORCELOWER)
+		gflags |= GETPASS_FORCE_LOWER;
+	if (flags & RPP_FORCEUPPER)
+		gflags |= GETPASS_FORCE_UPPER;
+	if (flags & RPP_SEVENBIT)
+		gflags |= GETPASS_7BIT;
+
+	return getpassfd(prompt, buf, bufsiz, NULL, gflags, 0);
+#else
+	struct termios term, oterm;
+	char ch, *p, *end;
 	int input, output;
-	char *ret;
+	sigset_t oset, nset;
 
 	/* I suppose we could alloc on demand in this case (XXX). */
 	if (bufsiz == 0) {
@@ -71,11 +89,6 @@ readpassphrase(
 		output = STDERR_FILENO;
 	}
 
-#ifndef GETPASS_ECHO
-	struct termios term, oterm;
-	char ch, *p, *end;
-	sigset_t oset, nset;
-
 	/*
 	 * We block SIGINT and SIGTSTP so the terminal is not left
 	 * in an inconsistent state (ie: no echo).  It would probably
@@ -122,33 +135,10 @@ readpassphrase(
 	if (memcmp(&term, &oterm, sizeof(term)) != 0)
 		(void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm);
 	(void)sigprocmask(SIG_SETMASK, &oset, NULL);
-	ret = buf;
-#else
-	int gflags = 0;
-	int fd[3];
-
-	if (flags & RPP_ECHO_ON)
-		gflags |= GETPASS_ECHO;
-	if (flags & RPP_REQUIRE_TTY)
-		gflags |= GETPASS_NEED_TTY;
-	if (flags & RPP_FORCELOWER)
-		gflags |= GETPASS_FORCE_LOWER;
-	if (flags & RPP_FORCEUPPER)
-		gflags |= GETPASS_FORCE_UPPER;
-	if (flags & RPP_SEVENBIT)
-		gflags |= GETPASS_7BIT;
-
-	fd[0] = input;
-	fd[1] = fd[2] = output;
-	ret = getpassfd(prompt, buf, bufsiz, fd, gflags, 0);
-	if ((gflags & GETPASS_ECHO) == 0)
-		(void)write(output, "\n", 1);
-
-#endif
 	if (input != STDIN_FILENO)
 		(void)close(input);
-	
-	return ret;
+	return(buf);
+#endif
 }
 
 char *

CVS commit: src/crypto/external/bsd/openssh/dist

2012-04-13 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Apr 13 23:57:08 UTC 2012

Modified Files:
src/crypto/external/bsd/openssh/dist: readpassphrase.c

Log Message:
use getpassfd()


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/openssh/dist/readpassphrase.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readpassphrase.c
diff -u src/crypto/external/bsd/openssh/dist/readpassphrase.c:1.1 src/crypto/external/bsd/openssh/dist/readpassphrase.c:1.2
--- src/crypto/external/bsd/openssh/dist/readpassphrase.c:1.1	Sun Jun  7 18:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/readpassphrase.c	Fri Apr 13 19:57:08 2012
@@ -1,4 +1,4 @@
-/*	$NetBSD: readpassphrase.c,v 1.1 2009/06/07 22:38:47 christos Exp $	*/
+/*	$NetBSD: readpassphrase.c,v 1.2 2012/04/13 23:57:08 christos Exp $	*/
 /*
  * Copyright (c) 2000 Todd C. Miller 
  * All rights reserved.
@@ -43,16 +43,14 @@ static const char rcsid[] = "$OpenBSD: r
 #include 
 
 char *
-readpassphrase(prompt, buf, bufsiz, flags)
-	const char *prompt;
-	char *buf;
-	size_t bufsiz;
-	int flags;
+readpassphrase(
+	const char *prompt,
+	char *buf,
+	size_t bufsiz,
+	int flags)
 {
-	struct termios term, oterm;
-	char ch, *p, *end;
 	int input, output;
-	sigset_t oset, nset;
+	char *ret;
 
 	/* I suppose we could alloc on demand in this case (XXX). */
 	if (bufsiz == 0) {
@@ -73,6 +71,11 @@ readpassphrase(prompt, buf, bufsiz, flag
 		output = STDERR_FILENO;
 	}
 
+#ifndef GETPASS_ECHO
+	struct termios term, oterm;
+	char ch, *p, *end;
+	sigset_t oset, nset;
+
 	/*
 	 * We block SIGINT and SIGTSTP so the terminal is not left
 	 * in an inconsistent state (ie: no echo).  It would probably
@@ -119,9 +122,33 @@ readpassphrase(prompt, buf, bufsiz, flag
 	if (memcmp(&term, &oterm, sizeof(term)) != 0)
 		(void)tcsetattr(input, TCSAFLUSH|TCSASOFT, &oterm);
 	(void)sigprocmask(SIG_SETMASK, &oset, NULL);
+	ret = buf;
+#else
+	int gflags = 0;
+	int fd[3];
+
+	if (flags & RPP_ECHO_ON)
+		gflags |= GETPASS_ECHO;
+	if (flags & RPP_REQUIRE_TTY)
+		gflags |= GETPASS_NEED_TTY;
+	if (flags & RPP_FORCELOWER)
+		gflags |= GETPASS_FORCE_LOWER;
+	if (flags & RPP_FORCEUPPER)
+		gflags |= GETPASS_FORCE_UPPER;
+	if (flags & RPP_SEVENBIT)
+		gflags |= GETPASS_7BIT;
+
+	fd[0] = input;
+	fd[1] = fd[2] = output;
+	ret = getpassfd(prompt, buf, bufsiz, fd, gflags, 0);
+	if ((gflags & GETPASS_ECHO) == 0)
+		(void)write(output, "\n", 1);
+
+#endif
 	if (input != STDIN_FILENO)
 		(void)close(input);
-	return(buf);
+	
+	return ret;
 }
 
 char *

CVS commit: src/crypto/external/bsd/openssh/dist

2011-11-27 Thread Alistair G. Crooks

Module Name:src
Committed By:   agc
Date:   Mon Nov 28 06:36:14 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-keygen.1

Log Message:
get rid of an old merge conflict which managed to creep through


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/ssh-keygen.1

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.1
diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.6 src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.7
--- src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.6	Wed Sep  7 17:49:19 2011
+++ src/crypto/external/bsd/openssh/dist/ssh-keygen.1	Mon Nov 28 06:36:14 2011
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh-keygen.1,v 1.6 2011/09/07 17:49:19 christos Exp $
+.\"	$NetBSD: ssh-keygen.1,v 1.7 2011/11/28 06:36:14 agc Exp $
 .\"	$OpenBSD: ssh-keygen.1,v 1.106 2011/04/13 04:09:37 djm Exp $
 .\"
 .\"  -*- nroff -*-
@@ -410,12 +410,9 @@ new passphrase.
 .It Fl q
 Silence
 .Nm ssh-keygen .
-<<< ssh-keygen.1
 Used by
 .Pa /etc/rc.d/sshd
 when creating a new key.
-===
->>> 1.1.1.4
 .It Fl R Ar hostname
 Removes all keys belonging to
 .Ar hostname

CVS commit: src/crypto/external/bsd/openssh/dist

2011-11-04 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri Nov  4 11:54:46 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: log.c

Log Message:
Separate strings correctly with ': ', not embedded NUL. Found by
mlelstv.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/log.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/log.c
diff -u src/crypto/external/bsd/openssh/dist/log.c:1.6 src/crypto/external/bsd/openssh/dist/log.c:1.7
--- src/crypto/external/bsd/openssh/dist/log.c:1.6	Fri Sep 16 15:36:00 2011
+++ src/crypto/external/bsd/openssh/dist/log.c	Fri Nov  4 11:54:46 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: log.c,v 1.6 2011/09/16 15:36:00 joerg Exp $	*/
+/*	$NetBSD: log.c,v 1.7 2011/11/04 11:54:46 joerg Exp $	*/
 /* $OpenBSD: log.c,v 1.42 2011/06/17 21:44:30 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: log.c,v 1.6 2011/09/16 15:36:00 joerg Exp $");
+__RCSID("$NetBSD: log.c,v 1.7 2011/11/04 11:54:46 joerg Exp $");
 #include 
 #include 
 
@@ -375,12 +375,13 @@ do_log(LogLevel level, const char *fmt, 
 	msgbufp = msgbuf;
 	if (txt != NULL && log_handler == NULL) {
 		len2 = strlen(txt);
-		if (len2 >= len)
-			len2 = len - 1;
+		if (len2 > len - 2)
+			len2 = len - 2;
 		memcpy(msgbufp, txt, len2);
 		msgbufp += len2;
-		*msgbufp++ = '\0';
-		len -= len2 + 1;
+		*msgbufp++ = ':';
+		*msgbufp++ = ' ';
+		len -= len2 + 2;
 	}
 	vsnprintf(msgbufp, len, fmt, args);
 	len3 = strnvis(visbuf, sizeof(visbuf), msgbuf, VIS_SAFE|VIS_OCTAL);

CVS commit: src/crypto/external/bsd/openssh/dist

2011-09-16 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri Sep 16 15:36:18 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: auth-pam.c monitor.h scp.c
session.c sftp-server.c sftp.c ssh-agent.c ssh-keygen.c
ssh-keyscan.c sshd.c

Log Message:
Use __dead.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/auth-pam.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/monitor.h
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/scp.c
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/session.c \
src/crypto/external/bsd/openssh/dist/sftp.c \
src/crypto/external/bsd/openssh/dist/ssh-keygen.c \
src/crypto/external/bsd/openssh/dist/sshd.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/sftp-server.c \
src/crypto/external/bsd/openssh/dist/ssh-keyscan.c
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/ssh-agent.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth-pam.c
diff -u src/crypto/external/bsd/openssh/dist/auth-pam.c:1.2 src/crypto/external/bsd/openssh/dist/auth-pam.c:1.3
--- src/crypto/external/bsd/openssh/dist/auth-pam.c:1.2	Sun Dec 27 01:40:46 2009
+++ src/crypto/external/bsd/openssh/dist/auth-pam.c	Fri Sep 16 15:36:18 2011
@@ -50,7 +50,7 @@
 /*
  * NetBSD local changes
  */
-__RCSID("$NetBSD: auth-pam.c,v 1.2 2009/12/27 01:40:46 christos Exp $");
+__RCSID("$NetBSD: auth-pam.c,v 1.3 2011/09/16 15:36:18 joerg Exp $");
 #undef USE_POSIX_THREADS /* Not yet */
 #define HAVE_SECURITY_PAM_APPL_H
 #define HAVE_PAM_GETENVLIST
@@ -184,7 +184,7 @@
 }
 
 /* ARGSUSED */
-static void
+__dead static void
 pthread_exit(void *value)
 {
 	_exit(0);

Index: src/crypto/external/bsd/openssh/dist/monitor.h
diff -u src/crypto/external/bsd/openssh/dist/monitor.h:1.3 src/crypto/external/bsd/openssh/dist/monitor.h:1.4
--- src/crypto/external/bsd/openssh/dist/monitor.h:1.3	Wed Sep  7 17:49:19 2011
+++ src/crypto/external/bsd/openssh/dist/monitor.h	Fri Sep 16 15:36:18 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: monitor.h,v 1.3 2011/09/07 17:49:19 christos Exp $	*/
+/*	$NetBSD: monitor.h,v 1.4 2011/09/16 15:36:18 joerg Exp $	*/
 /* $OpenBSD: monitor.h,v 1.16 2011/06/17 21:44:31 djm Exp $ */
 
 /*
@@ -88,7 +88,7 @@
 
 struct Authctxt;
 void monitor_child_preauth(struct Authctxt *, struct monitor *);
-void monitor_child_postauth(struct monitor *);
+__dead void monitor_child_postauth(struct monitor *);
 
 struct mon_table;
 int monitor_read(struct monitor*, struct mon_table *, struct mon_table **);

Index: src/crypto/external/bsd/openssh/dist/scp.c
diff -u src/crypto/external/bsd/openssh/dist/scp.c:1.5 src/crypto/external/bsd/openssh/dist/scp.c:1.6
--- src/crypto/external/bsd/openssh/dist/scp.c:1.5	Mon Jul 25 03:03:11 2011
+++ src/crypto/external/bsd/openssh/dist/scp.c	Fri Sep 16 15:36:18 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: scp.c,v 1.5 2011/07/25 03:03:11 christos Exp $	*/
+/*	$NetBSD: scp.c,v 1.6 2011/09/16 15:36:18 joerg Exp $	*/
 /* $OpenBSD: scp.c,v 1.170 2010/12/09 14:13:33 jmc Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
@@ -73,7 +73,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: scp.c,v 1.5 2011/07/25 03:03:11 christos Exp $");
+__RCSID("$NetBSD: scp.c,v 1.6 2011/09/16 15:36:18 joerg Exp $");
 #include 
 #include 
 #include 
@@ -144,7 +144,7 @@
 /* This is used to store the pid of ssh_program */
 pid_t do_cmd_pid = -1;
 
-static void
+__dead static void
 killchild(int signo)
 {
 	if (do_cmd_pid > 1) {
@@ -338,7 +338,7 @@
 } BUF;
 
 BUF *allocbuf(BUF *, int, int);
-void lostconn(int);
+__dead static void lostconn(int);
 int okname(char *);
 void run_err(const char *,...);
 void verifydir(char *);
@@ -355,9 +355,9 @@
 void rsource(char *, struct stat *);
 void sink(int, char *[]);
 void source(int, char *[]);
-void tolocal(int, char *[]);
-void toremote(char *, int, char *[]);
-void usage(void);
+static void tolocal(int, char *[]);
+static void toremote(char *, int, char *[]);
+__dead static void usage(void);
 
 int
 main(int argc, char **argv)
@@ -539,7 +539,7 @@
 	return 0;
 }
 
-void
+static void
 toremote(char *targ, int argc, char **argv)
 {
 	char *bp, *host, *src, *suser, *thost, *tuser, *arg;
@@ -656,7 +656,7 @@
 	xfree(arg);
 }
 
-void
+static void
 tolocal(int argc, char **argv)
 {
 	char *bp, *host, *src, *suser;
@@ -1296,7 +1296,7 @@
 	return (bp);
 }
 
-void
+static void
 lostconn(int signo)
 {
 	if (!iamremote)

Index: src/crypto/external/bsd/openssh/dist/session.c
diff -u src/crypto/external/bsd/openssh/dist/session.c:1.7 src/crypto/external/bsd/openssh/dist/session.c:1.8
--- src/crypto/external/bsd/openssh/dist/session.c:1.7	Mon Jul 25 03:03:11 2011
+++ src/crypto/external/bsd/openssh/dist/session.c	Fri Sep 16 15:36:18 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: session.c,v 1.7 2011/07/25 03:03:1

CVS commit: src/crypto/external/bsd/openssh/dist

2011-09-16 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri Sep 16 15:36:01 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: log.c

Log Message:
Reapply formatting cleanup


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/log.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/log.c
diff -u src/crypto/external/bsd/openssh/dist/log.c:1.5 src/crypto/external/bsd/openssh/dist/log.c:1.6
--- src/crypto/external/bsd/openssh/dist/log.c:1.5	Wed Sep  7 17:49:19 2011
+++ src/crypto/external/bsd/openssh/dist/log.c	Fri Sep 16 15:36:00 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: log.c,v 1.5 2011/09/07 17:49:19 christos Exp $	*/
+/*	$NetBSD: log.c,v 1.6 2011/09/16 15:36:00 joerg Exp $	*/
 /* $OpenBSD: log.c,v 1.42 2011/06/17 21:44:30 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: log.c,v 1.5 2011/09/07 17:49:19 christos Exp $");
+__RCSID("$NetBSD: log.c,v 1.6 2011/09/16 15:36:00 joerg Exp $");
 #include 
 #include 
 
@@ -325,8 +325,10 @@
 #ifdef SYSLOG_DATA_INIT
 	struct syslog_data sdata = SYSLOG_DATA_INIT;
 #endif
-	char msgbuf[MSGBUFSIZ];
+	char msgbuf[MSGBUFSIZ], *msgbufp;
 	char visbuf[MSGBUFSIZ * 4 + 1];
+	size_t len, len2;
+	int len3;
 	const char *txt = NULL;
 	int pri = LOG_INFO;
 	int saved_errno = errno;
@@ -369,13 +371,19 @@
 		pri = LOG_ERR;
 		break;
 	}
+	len = sizeof(msgbuf);
+	msgbufp = msgbuf;
 	if (txt != NULL && log_handler == NULL) {
-		snprintf(visbuf, sizeof(visbuf), "%s: %s", txt, fmt);
-		vsnprintf(msgbuf, sizeof(msgbuf), visbuf, args);
-	} else {
-		vsnprintf(msgbuf, sizeof(msgbuf), fmt, args);
+		len2 = strlen(txt);
+		if (len2 >= len)
+			len2 = len - 1;
+		memcpy(msgbufp, txt, len2);
+		msgbufp += len2;
+		*msgbufp++ = '\0';
+		len -= len2 + 1;
 	}
-	strnvis(visbuf, sizeof(visbuf), msgbuf, VIS_SAFE|VIS_OCTAL);
+	vsnprintf(msgbufp, len, fmt, args);
+	len3 = strnvis(visbuf, sizeof(visbuf), msgbuf, VIS_SAFE|VIS_OCTAL);
 	if (log_handler != NULL) {
 		/* Avoid recursion */
 		tmp_handler = log_handler;
@@ -383,8 +391,11 @@
 		tmp_handler(level, visbuf, log_handler_ctx);
 		log_handler = tmp_handler;
 	} else if (log_on_stderr) {
-		snprintf(msgbuf, sizeof msgbuf, "%s\r\n", visbuf);
-		write(STDERR_FILENO, msgbuf, strlen(msgbuf));
+		struct iovec iov[] = {
+			{ visbuf, len3 },
+			{ __UNCONST("\r\n"), 2 },
+		};
+		writev(STDERR_FILENO, iov, __arraycount(iov));
 	} else {
 #ifdef SYSLOG_DATA_INIT
 		openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);

CVS commit: src/crypto/external/bsd/openssh/dist

2011-09-06 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Sep  6 20:17:29 UTC 2011

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv18387

Log Message:
new openssh:
See http://www.openssh.com/txt/release-5.9

Status:

Vendor Tag: OPENSSH
Release Tags:   v59-20110906

U src/crypto/external/bsd/openssh/dist/PROTOCOL.agent
C src/crypto/external/bsd/openssh/dist/readconf.h
U src/crypto/external/bsd/openssh/dist/LICENCE
U src/crypto/external/bsd/openssh/dist/OVERVIEW
U src/crypto/external/bsd/openssh/dist/PROTOCOL
U src/crypto/external/bsd/openssh/dist/cipher-3des1.c
U src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys
C src/crypto/external/bsd/openssh/dist/PROTOCOL.mux
U src/crypto/external/bsd/openssh/dist/README
U src/crypto/external/bsd/openssh/dist/addrmatch.c
U src/crypto/external/bsd/openssh/dist/atomicio.c
U src/crypto/external/bsd/openssh/dist/atomicio.h
U src/crypto/external/bsd/openssh/dist/auth-bsdauth.c
U src/crypto/external/bsd/openssh/dist/auth-chall.c
U src/crypto/external/bsd/openssh/dist/auth-krb5.c
U src/crypto/external/bsd/openssh/dist/auth-options.c
U src/crypto/external/bsd/openssh/dist/auth-options.h
U src/crypto/external/bsd/openssh/dist/auth-passwd.c
U src/crypto/external/bsd/openssh/dist/auth-rh-rsa.c
C src/crypto/external/bsd/openssh/dist/channels.c
U src/crypto/external/bsd/openssh/dist/auth-rhosts.c
C src/crypto/external/bsd/openssh/dist/auth.c
C src/crypto/external/bsd/openssh/dist/auth-rsa.c
C src/crypto/external/bsd/openssh/dist/auth.h
U src/crypto/external/bsd/openssh/dist/auth1.c
U src/crypto/external/bsd/openssh/dist/auth2-chall.c
C src/crypto/external/bsd/openssh/dist/auth2-gss.c
U src/crypto/external/bsd/openssh/dist/auth2-hostbased.c
U src/crypto/external/bsd/openssh/dist/auth2-jpake.c
U src/crypto/external/bsd/openssh/dist/auth2-kbdint.c
U src/crypto/external/bsd/openssh/dist/auth2-none.c
U src/crypto/external/bsd/openssh/dist/auth2-passwd.c
C src/crypto/external/bsd/openssh/dist/auth2-pubkey.c
C src/crypto/external/bsd/openssh/dist/auth2.c
C src/crypto/external/bsd/openssh/dist/authfd.c
U src/crypto/external/bsd/openssh/dist/authfd.h
C src/crypto/external/bsd/openssh/dist/authfile.c
C src/crypto/external/bsd/openssh/dist/authfile.h
U src/crypto/external/bsd/openssh/dist/bufaux.c
U src/crypto/external/bsd/openssh/dist/bufbn.c
U src/crypto/external/bsd/openssh/dist/bufec.c
U src/crypto/external/bsd/openssh/dist/buffer.c
U src/crypto/external/bsd/openssh/dist/buffer.h
U src/crypto/external/bsd/openssh/dist/canohost.c
U src/crypto/external/bsd/openssh/dist/canohost.h
C src/crypto/external/bsd/openssh/dist/channels.h
U src/crypto/external/bsd/openssh/dist/cipher.c
U src/crypto/external/bsd/openssh/dist/groupaccess.c
U src/crypto/external/bsd/openssh/dist/cipher-bf1.c
U src/crypto/external/bsd/openssh/dist/cipher-ctr.c
U src/crypto/external/bsd/openssh/dist/cipher.h
U src/crypto/external/bsd/openssh/dist/cleanup.c
C src/crypto/external/bsd/openssh/dist/clientloop.c
C src/crypto/external/bsd/openssh/dist/clientloop.h
U src/crypto/external/bsd/openssh/dist/compat.c
U src/crypto/external/bsd/openssh/dist/compat.h
U src/crypto/external/bsd/openssh/dist/compress.c
U src/crypto/external/bsd/openssh/dist/compress.h
U src/crypto/external/bsd/openssh/dist/crc32.c
U src/crypto/external/bsd/openssh/dist/crc32.h
U src/crypto/external/bsd/openssh/dist/deattack.c
U src/crypto/external/bsd/openssh/dist/deattack.h
U src/crypto/external/bsd/openssh/dist/dh.c
U src/crypto/external/bsd/openssh/dist/dh.h
U src/crypto/external/bsd/openssh/dist/dispatch.c
U src/crypto/external/bsd/openssh/dist/dispatch.h
U src/crypto/external/bsd/openssh/dist/dns.c
U src/crypto/external/bsd/openssh/dist/dns.h
U src/crypto/external/bsd/openssh/dist/fatal.c
U src/crypto/external/bsd/openssh/dist/gss-genr.c
U src/crypto/external/bsd/openssh/dist/groupaccess.h
U src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
C src/crypto/external/bsd/openssh/dist/gss-serv.c
U src/crypto/external/bsd/openssh/dist/hostfile.c
U src/crypto/external/bsd/openssh/dist/hostfile.h
U src/crypto/external/bsd/openssh/dist/jpake.c
U src/crypto/external/bsd/openssh/dist/jpake.h
U src/crypto/external/bsd/openssh/dist/kex.c
U src/crypto/external/bsd/openssh/dist/kex.h
U src/crypto/external/bsd/openssh/dist/kexdh.c
U src/crypto/external/bsd/openssh/dist/kexdhc.c
U src/crypto/external/bsd/openssh/dist/kexdhs.c
U src/crypto/external/bsd/openssh/dist/kexecdh.c
U src/crypto/external/bsd/openssh/dist/kexecdhc.c
U src/crypto/external/bsd/openssh/dist/kexecdhs.c
U src/crypto/external/bsd/openssh/dist/kexgex.c
U src/crypto/external/bsd/openssh/dist/kexgexc.c
U src/crypto/external/bsd/openssh/dist/kexgexs.c
C src/crypto/external/bsd/openssh/dist/key.c
U src/crypto/external/bsd/openssh/dist/key.h
C src/crypto/external/bsd/openssh/dist/log.c
C src/crypto/external/bsd/openssh/dist/log.h
C src/crypto/external/bsd/openssh/dist/mac.c
U src/crypto/external/bsd/openssh/dist/mac.h
U

CVS commit: src/crypto/external/bsd/openssh/dist

2011-09-06 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Sep  6 20:14:35 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: openssh2netbsd

Log Message:
some stuff got removed in 5.9


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/openssh2netbsd

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/openssh2netbsd
diff -u src/crypto/external/bsd/openssh/dist/openssh2netbsd:1.3 src/crypto/external/bsd/openssh/dist/openssh2netbsd:1.4
--- src/crypto/external/bsd/openssh/dist/openssh2netbsd:1.3	Sun Jul 24 23:03:10 2011
+++ src/crypto/external/bsd/openssh/dist/openssh2netbsd	Tue Sep  6 16:14:35 2011
@@ -1,6 +1,6 @@
 #! /bin/sh
 #
-#	$NetBSD: openssh2netbsd,v 1.3 2011/07/25 03:03:10 christos Exp $
+#	$NetBSD: openssh2netbsd,v 1.4 2011/09/06 20:14:35 christos Exp $
 #
 # Copyright (c) 2001 The NetBSD Foundation, Inc.
 # All rights reserved.
@@ -33,6 +33,6 @@
 
 ### Remove Makefile and subdirs
 rm -r Makefile Makefile.inc
-rm -r lib ssh-add ssh scp ssh-agent sshd sftp-server ssh-keygen sftp ssh-keyscan ssh-keysign ssh-pkcs11-helper scard ssh-pkcs11-helper
+rm -r lib ssh-add ssh scp ssh-agent sshd sftp-server ssh-keygen sftp ssh-keyscan ssh-keysign ssh-pkcs11-helper
 
 exit 0

CVS commit: src/crypto/external/bsd/openssh/dist

2011-08-29 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Mon Aug 29 21:08:54 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: packet.c packet.h ssh.c
sshconnect2.c

Log Message:
Use __dead


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/packet.c
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/packet.h
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/ssh.c
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/sshconnect2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/packet.c
diff -u src/crypto/external/bsd/openssh/dist/packet.c:1.6 src/crypto/external/bsd/openssh/dist/packet.c:1.7
--- src/crypto/external/bsd/openssh/dist/packet.c:1.6	Mon Jul 25 03:03:10 2011
+++ src/crypto/external/bsd/openssh/dist/packet.c	Mon Aug 29 21:08:54 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: packet.c,v 1.6 2011/07/25 03:03:10 christos Exp $	*/
+/*	$NetBSD: packet.c,v 1.7 2011/08/29 21:08:54 joerg Exp $	*/
 /* $OpenBSD: packet.c,v 1.172 2010/11/13 23:27:50 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: packet.c,v 1.6 2011/07/25 03:03:10 christos Exp $");
+__RCSID("$NetBSD: packet.c,v 1.7 2011/08/29 21:08:54 joerg Exp $");
 #include 
 #include 
 #include 
@@ -251,7 +251,7 @@
 		active_state->packet_timeout_ms = timeout * count * 1000;
 }
 
-static void
+__dead static void
 packet_stop_discard(void)
 {
 	if (active_state->packet_discard_mac) {

Index: src/crypto/external/bsd/openssh/dist/packet.h
diff -u src/crypto/external/bsd/openssh/dist/packet.h:1.4 src/crypto/external/bsd/openssh/dist/packet.h:1.5
--- src/crypto/external/bsd/openssh/dist/packet.h:1.4	Mon Jul 25 03:03:10 2011
+++ src/crypto/external/bsd/openssh/dist/packet.h	Mon Aug 29 21:08:54 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: packet.h,v 1.4 2011/07/25 03:03:10 christos Exp $	*/
+/*	$NetBSD: packet.h,v 1.5 2011/08/29 21:08:54 joerg Exp $	*/
 /* $OpenBSD: packet.h,v 1.55 2010/11/13 23:27:50 djm Exp $ */
 
 /*
@@ -69,7 +69,7 @@
 void	*packet_get_string(u_int *length_ptr);
 char	*packet_get_cstring(u_int *length_ptr);
 void	*packet_get_string_ptr(u_int *length_ptr);
-void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+__dead void packet_disconnect(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 void packet_send_debug(const char *fmt,...) __attribute__((format(printf, 1, 2)));
 
 void	 set_newkeys(int mode);

Index: src/crypto/external/bsd/openssh/dist/ssh.c
diff -u src/crypto/external/bsd/openssh/dist/ssh.c:1.7 src/crypto/external/bsd/openssh/dist/ssh.c:1.8
--- src/crypto/external/bsd/openssh/dist/ssh.c:1.7	Mon Jul 25 08:51:10 2011
+++ src/crypto/external/bsd/openssh/dist/ssh.c	Mon Aug 29 21:08:54 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh.c,v 1.7 2011/07/25 08:51:10 joerg Exp $	*/
+/*	$NetBSD: ssh.c,v 1.8 2011/08/29 21:08:54 joerg Exp $	*/
 /* $OpenBSD: ssh.c,v 1.356 2011/01/06 22:23:53 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh.c,v 1.7 2011/07/25 08:51:10 joerg Exp $");
+__RCSID("$NetBSD: ssh.c,v 1.8 2011/08/29 21:08:54 joerg Exp $");
 #include 
 #include 
 #include 
@@ -184,7 +184,7 @@
 
 /* Prints a help message to the user.  This function never returns. */
 
-static void
+__dead static void
 usage(void)
 {
 	fprintf(stderr,
@@ -984,7 +984,7 @@
 	}
 }
 
-static void
+__dead static void
 client_cleanup_stdio_fwd(int id, void *arg)
 {
 	debug("stdio forwarding: done");

Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.8 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.9
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.8	Mon Jul 25 03:03:11 2011
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c	Mon Aug 29 21:08:54 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshconnect2.c,v 1.8 2011/07/25 03:03:11 christos Exp $	*/
+/*	$NetBSD: sshconnect2.c,v 1.9 2011/08/29 21:08:54 joerg Exp $	*/
 /* $OpenBSD: sshconnect2.c,v 1.186 2010/11/29 23:45:51 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.8 2011/07/25 03:03:11 christos Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.9 2011/08/29 21:08:54 joerg Exp $");
 #include 
 #include 
 #include 
@@ -284,10 +284,10 @@
 };
 
 void	input_userauth_success(int, u_int32_t, void *);
-void	input_userauth_success_unexpected(int, u_int32_t, void *);
+__dead void	input_userauth_success_unexpected(int, u_int32_t, void *);
 void	input_userauth_failure(int, u_int32_t, void *);
 void	input_userauth_banner(int, u_int32_t, void *);
-void	input_userauth_error(int, u_int32_t, void *);
+__dead void	input_userauth_error(int, u_int32_t, void *);
 void	input_userau

CVS commit: src/crypto/external/bsd/openssh/dist

2011-08-25 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Thu Aug 25 15:37:00 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: log.c

Log Message:
Avoid using non-literal format strings and optimizing code a bit at the
same time.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/log.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/log.c
diff -u src/crypto/external/bsd/openssh/dist/log.c:1.3 src/crypto/external/bsd/openssh/dist/log.c:1.4
--- src/crypto/external/bsd/openssh/dist/log.c:1.3	Mon Jul 25 03:03:10 2011
+++ src/crypto/external/bsd/openssh/dist/log.c	Thu Aug 25 15:37:00 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: log.c,v 1.3 2011/07/25 03:03:10 christos Exp $	*/
+/*	$NetBSD: log.c,v 1.4 2011/08/25 15:37:00 joerg Exp $	*/
 /* $OpenBSD: log.c,v 1.41 2008/06/10 04:50:25 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -36,8 +36,9 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: log.c,v 1.3 2011/07/25 03:03:10 christos Exp $");
+__RCSID("$NetBSD: log.c,v 1.4 2011/08/25 15:37:00 joerg Exp $");
 #include 
+#include 
 
 #include 
 #include 
@@ -302,8 +303,10 @@
 #ifdef SYSLOG_DATA_INIT
 	struct syslog_data sdata = SYSLOG_DATA_INIT;
 #endif
-	char msgbuf[MSGBUFSIZ];
-	char fmtbuf[4 * sizeof(msgbuf) + 1];
+	size_t len, len2;
+	int len3;
+	char msgbuf[MSGBUFSIZ], *msgbufp;
+	char visbuf[MSGBUFSIZ * 4 + 1];
 	const char *txt = NULL;
 	int pri = LOG_INFO;
 	int saved_errno = errno;
@@ -345,24 +348,33 @@
 		pri = LOG_ERR;
 		break;
 	}
+	len = sizeof(msgbuf);
+	msgbufp = msgbuf;
 	if (txt != NULL) {
-		snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt);
-		vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args);
-	} else {
-		vsnprintf(msgbuf, sizeof(msgbuf), fmt, args);
+		len2 = strlen(txt);
+		if (len2 >= len)
+			len2 = len - 1;
+		memcpy(msgbufp, txt, len2);
+		msgbufp += len2;
+		*msgbufp++ = '\0';
+		len -= len2 + 1;
 	}
-	strvis(fmtbuf, msgbuf, VIS_SAFE|VIS_OCTAL);
+	vsnprintf(msgbufp, len, fmt, args);
+	len3 = strvis(visbuf, msgbuf, VIS_SAFE|VIS_OCTAL);
 	if (log_on_stderr) {
-		snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
-		write(STDERR_FILENO, msgbuf, strlen(msgbuf));
+		struct iovec iov[] = {
+			{ visbuf, len3 },
+			{ __UNCONST("\r\n"), 2 },
+		};
+		writev(STDERR_FILENO, iov, __arraycount(iov));
 	} else {
 #ifdef SYSLOG_DATA_INIT
 		openlog_r(argv0 ? argv0 : __progname, LOG_PID, log_facility, &sdata);
-		syslog_r(pri, &sdata, "%.500s", fmtbuf);
+		syslog_r(pri, &sdata, "%.500s", visbuf);
 		closelog_r(&sdata);
 #else
 		openlog(argv0 ? argv0 : __progname, LOG_PID, log_facility);
-		syslog(pri, "%.500s", fmtbuf);
+		syslog(pri, "%.500s", visbuf);
 		closelog();
 #endif
 	}

CVS commit: src/crypto/external/bsd/openssh/bin/ssh

2011-08-16 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Wed Aug 17 05:32:09 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/bin/ssh: Makefile

Log Message:
Remove gcc-4.5 hacks. I must have fixed them in a different pass.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/bin/ssh/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/bin/ssh/Makefile
diff -u src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.6 src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.7
--- src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.6	Tue Jun 21 22:49:42 2011
+++ src/crypto/external/bsd/openssh/bin/ssh/Makefile	Wed Aug 17 01:32:09 2011
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.6 2011/06/22 02:49:42 mrg Exp $
+#	$NetBSD: Makefile,v 1.7 2011/08/17 05:32:09 christos Exp $
 
 .include 
 
@@ -36,8 +36,3 @@
 .endif
 
 .include 
-
-# XXX
-.if ${HAVE_GCC} == 45
-COPTS.clientloop.c+= -Wno-error
-.endif

CVS commit: src/crypto/external/bsd/openssh/dist

2011-08-16 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Aug 16 09:43:03 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: ldapauth.c

Log Message:
undo junk committed.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ldapauth.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ldapauth.c
diff -u src/crypto/external/bsd/openssh/dist/ldapauth.c:1.2 src/crypto/external/bsd/openssh/dist/ldapauth.c:1.3
--- src/crypto/external/bsd/openssh/dist/ldapauth.c:1.2	Tue Aug 16 05:42:21 2011
+++ src/crypto/external/bsd/openssh/dist/ldapauth.c	Tue Aug 16 05:43:03 2011
@@ -1,5 +1,5 @@
-/*	$NetBSD: ldapauth.c,v 1.2 2011/08/16 09:42:21 christos Exp $	*/
-/* $Id: ldapauth.c,v 1.2 2011/08/16 09:42:21 christos Exp $
+/*	$NetBSD: ldapauth.c,v 1.3 2011/08/16 09:43:03 christos Exp $	*/
+/* $Id: ldapauth.c,v 1.3 2011/08/16 09:43:03 christos Exp $
  */
 
 /*
@@ -23,7 +23,7 @@
  *
  */
 #include "includes.h"
-__RCSID("$NetBSD: ldapauth.c,v 1.2 2011/08/16 09:42:21 christos Exp $");
+__RCSID("$NetBSD: ldapauth.c,v 1.3 2011/08/16 09:43:03 christos Exp $");
 
 #ifdef WITH_LDAP_PUBKEY
 #include 
@@ -456,7 +456,6 @@
 return FAILURE;
 
 /* build filter for LDAP request */
-/*###459 [cc] error: format not a string literal, argument types not checked%%%*/
 REQUEST_GROUP(filter, l->fgroup, user);
 
 if (ldap_search_st( l->ld,

CVS commit: src/crypto/external/bsd/openssh

2011-08-16 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Aug 16 09:42:21 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/bin/sshd: Makefile
src/crypto/external/bsd/openssh/dist: ldapauth.c ssh-agent.c

Log Message:
kill non-literal format strings or document them.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/bin/sshd/Makefile
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/dist/ldapauth.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/ssh-agent.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/bin/sshd/Makefile
diff -u src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.6 src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.7
--- src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.6	Sun Jul 24 23:03:10 2011
+++ src/crypto/external/bsd/openssh/bin/sshd/Makefile	Tue Aug 16 05:42:21 2011
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.6 2011/07/25 03:03:10 christos Exp $
+#	$NetBSD: Makefile,v 1.7 2011/08/16 09:42:21 christos Exp $
 
 .include 
 
@@ -21,6 +21,7 @@
 .if defined(HAVE_GCC) || defined(HAVE_PCC)
 COPTS.auth-options.c=	-Wno-pointer-sign
 .endif
+COPTS.ldapauth.c=	-Wno-format-nonliteral	# XXX: should fix
 
 .if (${USE_PAM} != "no")
 SRCS+=	auth-pam.c

Index: src/crypto/external/bsd/openssh/dist/ldapauth.c
diff -u src/crypto/external/bsd/openssh/dist/ldapauth.c:1.1 src/crypto/external/bsd/openssh/dist/ldapauth.c:1.2
--- src/crypto/external/bsd/openssh/dist/ldapauth.c:1.1	Sun Nov 21 13:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/ldapauth.c	Tue Aug 16 05:42:21 2011
@@ -1,5 +1,5 @@
-/*	$NetBSD: ldapauth.c,v 1.1 2010/11/21 18:59:04 adam Exp $	*/
-/* $Id: ldapauth.c,v 1.1 2010/11/21 18:59:04 adam Exp $
+/*	$NetBSD: ldapauth.c,v 1.2 2011/08/16 09:42:21 christos Exp $	*/
+/* $Id: ldapauth.c,v 1.2 2011/08/16 09:42:21 christos Exp $
  */
 
 /*
@@ -23,7 +23,7 @@
  *
  */
 #include "includes.h"
-__RCSID("$NetBSD: ldapauth.c,v 1.1 2010/11/21 18:59:04 adam Exp $");
+__RCSID("$NetBSD: ldapauth.c,v 1.2 2011/08/16 09:42:21 christos Exp $");
 
 #ifdef WITH_LDAP_PUBKEY
 #include 
@@ -456,6 +456,7 @@
 return FAILURE;
 
 /* build filter for LDAP request */
+/*###459 [cc] error: format not a string literal, argument types not checked%%%*/
 REQUEST_GROUP(filter, l->fgroup, user);
 
 if (ldap_search_st( l->ld, 

Index: src/crypto/external/bsd/openssh/dist/ssh-agent.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.6 src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.7
--- src/crypto/external/bsd/openssh/dist/ssh-agent.c:1.6	Sun Jul 24 23:03:11 2011
+++ src/crypto/external/bsd/openssh/dist/ssh-agent.c	Tue Aug 16 05:42:21 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-agent.c,v 1.6 2011/07/25 03:03:11 christos Exp $	*/
+/*	$NetBSD: ssh-agent.c,v 1.7 2011/08/16 09:42:21 christos Exp $	*/
 /* $OpenBSD: ssh-agent.c,v 1.171 2010/11/21 01:01:13 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-agent.c,v 1.6 2011/07/25 03:03:11 christos Exp $");
+__RCSID("$NetBSD: ssh-agent.c,v 1.7 2011/08/16 09:42:21 christos Exp $");
 #include 
 #include 
 #include 
@@ -1101,6 +1101,29 @@
 	exit(1);
 }
 
+static void
+csh_setenv(const char *name, const char *value)
+{
+	printf("setenv %s %s;\n", name, value);
+}
+
+static void
+csh_unsetenv(const char *name)
+{
+	printf("unsetenv %s;\n", name);
+}
+
+static void
+sh_setenv(const char *name, const char *value)
+{
+	printf("%s=%s; export %s;\n", name, value, name);
+}
+
+static void
+sh_unsetenv(const char *name)
+{
+	printf("unset %s;\n", name);
+}
 int
 main(int ac, char **av)
 {
@@ -1108,7 +1131,6 @@
 	int sock, fd, ch, result, saved_errno;
 	u_int nalloc;
 	char *shell, *pidstr, *agentsocket = NULL;
-	const char *format;
 	fd_set *readsetp = NULL, *writesetp = NULL;
 	struct sockaddr_un sunaddr;
 	struct rlimit rlim;
@@ -1118,6 +1140,8 @@
 	char pidstrbuf[1 + 3 * sizeof pid];
 	struct timeval *tvp = NULL;
 	size_t len;
+	void (*f_setenv)(const char *, const char *);
+	void (*f_unsetenv)(const char *);
 
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
 	sanitise_stdfd();
@@ -1173,6 +1197,13 @@
 		strncmp(shell + len - 3, "csh", 3) == 0)
 			c_flag = 1;
 	}
+	if (c_flag) {
+		f_setenv = csh_setenv;
+		f_unsetenv = csh_unsetenv;
+	} else {
+		f_setenv = sh_setenv;
+		f_unsetenv = sh_unsetenv;
+	}
 	if (k_flag) {
 		const char *errstr = NULL;
 
@@ -1193,9 +1224,8 @@
 			perror("kill");
 			exit(1);
 		}
-		format = c_flag ? "unsetenv %s;\n" : "unset %s;\n";
-		printf(format, SSH_AUTHSOCKET_ENV_NAME);
-		printf(format, SSH_AGENTPID_ENV_NAME);
+		(*f_unsetenv)(SSH_AUTHSOCKET_ENV_NAME);
+		(*f_unsetenv)(SSH_AGENTPID_ENV_NAME);
 		printf("echo Agent pid %ld killed;\n", (long)pid);
 		exit(0);
 	}
@@ -1245,9 +1275,7 @@
 	 */
 	if (d_flag) {
 		log_init(__progname, SYSLOG

CVS commit: src/crypto/external/bsd/openssh/dist

2011-08-01 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Aug  1 15:55:00 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: atomicio.c

Log Message:
PR/45200: : J. Hannken-Illjes: Scp hangs after sending:
- check for vwrite() instead of read() to avoid read() being renamed by SSP


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/atomicio.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/atomicio.c
diff -u src/crypto/external/bsd/openssh/dist/atomicio.c:1.3 src/crypto/external/bsd/openssh/dist/atomicio.c:1.4
--- src/crypto/external/bsd/openssh/dist/atomicio.c:1.3	Sun Jul 24 23:03:10 2011
+++ src/crypto/external/bsd/openssh/dist/atomicio.c	Mon Aug  1 11:55:00 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: atomicio.c,v 1.3 2011/07/25 03:03:10 christos Exp $	*/
+/*	$NetBSD: atomicio.c,v 1.4 2011/08/01 15:55:00 christos Exp $	*/
 /* $OpenBSD: atomicio.c,v 1.26 2010/09/22 22:58:51 djm Exp $ */
 /*
  * Copyright (c) 2006 Damien Miller. All rights reserved.
@@ -28,7 +28,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: atomicio.c,v 1.3 2011/07/25 03:03:10 christos Exp $");
+__RCSID("$NetBSD: atomicio.c,v 1.4 2011/08/01 15:55:00 christos Exp $");
 #include 
 #include 
 
@@ -52,7 +52,11 @@
 	struct pollfd pfd;
 
 	pfd.fd = fd;
-	pfd.events = f == read ? POLLIN : POLLOUT;
+	/*
+	 * check for vwrite instead of read to avoid read being renamed
+	 * by SSP issues
+	 */
+	pfd.events = f == vwrite ? POLLOUT : POLLIN;
 	while (n > pos) {
 		res = (f) (fd, s + pos, n - pos);
 		switch (res) {

CVS commit: src/crypto/external/bsd/openssh/dist

2011-07-25 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Mon Jul 25 08:51:10 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh.c

Log Message:
Fix obvious logic error


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/ssh.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh.c
diff -u src/crypto/external/bsd/openssh/dist/ssh.c:1.6 src/crypto/external/bsd/openssh/dist/ssh.c:1.7
--- src/crypto/external/bsd/openssh/dist/ssh.c:1.6	Mon Jul 25 03:03:11 2011
+++ src/crypto/external/bsd/openssh/dist/ssh.c	Mon Jul 25 08:51:10 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh.c,v 1.6 2011/07/25 03:03:11 christos Exp $	*/
+/*	$NetBSD: ssh.c,v 1.7 2011/07/25 08:51:10 joerg Exp $	*/
 /* $OpenBSD: ssh.c,v 1.356 2011/01/06 22:23:53 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh.c,v 1.6 2011/07/25 03:03:11 christos Exp $");
+__RCSID("$NetBSD: ssh.c,v 1.7 2011/07/25 08:51:10 joerg Exp $");
 #include 
 #include 
 #include 
@@ -1102,7 +1102,6 @@
 	int interactive = 0;
 	int have_tty = 0;
 	struct winsize ws;
-	char *cp;
 	const char *display;
 
 	/* Enable compression if requested. */
@@ -1142,7 +1141,7 @@
 		dp = getenv("TERM");
 		if (!dp)
 			dp = "";
-		packet_put_cstring(cp);
+		packet_put_cstring(dp);
 
 		/* Store window size in the packet. */
 		if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) < 0)

CVS commit: src/crypto/external/bsd/openssh/dist

2011-07-24 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Jul 24 15:09:11 UTC 2011

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv6082

Log Message:
from ftp.openbsd.org

Status:

Vendor Tag: OPENSSH
Release Tags:   v58-20110724

U src/crypto/external/bsd/openssh/dist/LICENCE
U src/crypto/external/bsd/openssh/dist/PROTOCOL.agent
U src/crypto/external/bsd/openssh/dist/OVERVIEW
U src/crypto/external/bsd/openssh/dist/PROTOCOL
C src/crypto/external/bsd/openssh/dist/dispatch.c
C src/crypto/external/bsd/openssh/dist/dh.c
U src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys
U src/crypto/external/bsd/openssh/dist/PROTOCOL.mux
U src/crypto/external/bsd/openssh/dist/README
C src/crypto/external/bsd/openssh/dist/addrmatch.c
C src/crypto/external/bsd/openssh/dist/atomicio.c
C src/crypto/external/bsd/openssh/dist/atomicio.h
C src/crypto/external/bsd/openssh/dist/auth-bsdauth.c
C src/crypto/external/bsd/openssh/dist/auth-chall.c
C src/crypto/external/bsd/openssh/dist/auth-krb5.c
C src/crypto/external/bsd/openssh/dist/auth-options.c
C src/crypto/external/bsd/openssh/dist/auth-options.h
C src/crypto/external/bsd/openssh/dist/auth-passwd.c
C src/crypto/external/bsd/openssh/dist/auth-rh-rsa.c
C src/crypto/external/bsd/openssh/dist/auth-rhosts.c
C src/crypto/external/bsd/openssh/dist/auth-rsa.c
C src/crypto/external/bsd/openssh/dist/auth.c
C src/crypto/external/bsd/openssh/dist/auth.h
C src/crypto/external/bsd/openssh/dist/auth1.c
C src/crypto/external/bsd/openssh/dist/auth2-chall.c
C src/crypto/external/bsd/openssh/dist/auth2-gss.c
C src/crypto/external/bsd/openssh/dist/auth2-hostbased.c
C src/crypto/external/bsd/openssh/dist/auth2-jpake.c
C src/crypto/external/bsd/openssh/dist/auth2-kbdint.c
C src/crypto/external/bsd/openssh/dist/auth2-none.c
C src/crypto/external/bsd/openssh/dist/auth2-passwd.c
C src/crypto/external/bsd/openssh/dist/auth2-pubkey.c
C src/crypto/external/bsd/openssh/dist/auth2.c
C src/crypto/external/bsd/openssh/dist/authfd.c
C src/crypto/external/bsd/openssh/dist/authfd.h
C src/crypto/external/bsd/openssh/dist/authfile.c
C src/crypto/external/bsd/openssh/dist/authfile.h
C src/crypto/external/bsd/openssh/dist/bufaux.c
C src/crypto/external/bsd/openssh/dist/bufbn.c
N src/crypto/external/bsd/openssh/dist/bufec.c
C src/crypto/external/bsd/openssh/dist/buffer.c
C src/crypto/external/bsd/openssh/dist/buffer.h
C src/crypto/external/bsd/openssh/dist/canohost.c
C src/crypto/external/bsd/openssh/dist/canohost.h
C src/crypto/external/bsd/openssh/dist/channels.c
C src/crypto/external/bsd/openssh/dist/channels.h
C src/crypto/external/bsd/openssh/dist/cipher.c
C src/crypto/external/bsd/openssh/dist/cipher-3des1.c
C src/crypto/external/bsd/openssh/dist/cipher-bf1.c
C src/crypto/external/bsd/openssh/dist/cipher-ctr.c
C src/crypto/external/bsd/openssh/dist/cipher.h
C src/crypto/external/bsd/openssh/dist/cleanup.c
C src/crypto/external/bsd/openssh/dist/clientloop.c
C src/crypto/external/bsd/openssh/dist/clientloop.h
C src/crypto/external/bsd/openssh/dist/compat.c
C src/crypto/external/bsd/openssh/dist/compat.h
C src/crypto/external/bsd/openssh/dist/compress.c
C src/crypto/external/bsd/openssh/dist/compress.h
C src/crypto/external/bsd/openssh/dist/crc32.c
C src/crypto/external/bsd/openssh/dist/crc32.h
C src/crypto/external/bsd/openssh/dist/deattack.c
C src/crypto/external/bsd/openssh/dist/deattack.h
C src/crypto/external/bsd/openssh/dist/dh.h
C src/crypto/external/bsd/openssh/dist/groupaccess.c
C src/crypto/external/bsd/openssh/dist/dispatch.h
C src/crypto/external/bsd/openssh/dist/dns.c
C src/crypto/external/bsd/openssh/dist/dns.h
C src/crypto/external/bsd/openssh/dist/fatal.c
C src/crypto/external/bsd/openssh/dist/jpake.c
C src/crypto/external/bsd/openssh/dist/gss-genr.c
C src/crypto/external/bsd/openssh/dist/groupaccess.h
C src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
C src/crypto/external/bsd/openssh/dist/gss-serv.c
C src/crypto/external/bsd/openssh/dist/hostfile.c
C src/crypto/external/bsd/openssh/dist/hostfile.h
C src/crypto/external/bsd/openssh/dist/jpake.h
C src/crypto/external/bsd/openssh/dist/kex.c
C src/crypto/external/bsd/openssh/dist/kex.h
C src/crypto/external/bsd/openssh/dist/kexdh.c
C src/crypto/external/bsd/openssh/dist/kexdhc.c
C src/crypto/external/bsd/openssh/dist/kexdhs.c
N src/crypto/external/bsd/openssh/dist/kexecdh.c
N src/crypto/external/bsd/openssh/dist/kexecdhc.c
N src/crypto/external/bsd/openssh/dist/kexecdhs.c
C src/crypto/external/bsd/openssh/dist/kexgex.c
C src/crypto/external/bsd/openssh/dist/kexgexc.c
C src/crypto/external/bsd/openssh/dist/kexgexs.c
C src/crypto/external/bsd/openssh/dist/key.c
C src/crypto/external/bsd/openssh/dist/key.h
C src/crypto/external/bsd/openssh/dist/log.c
C src/crypto/external/bsd/openssh/dist/log.h
C src/crypto/external/bsd/openssh/dist/mac.c
C src/crypto/external/bsd/openssh/dist/mac.h
C src/crypto/external/bsd/openssh/dist/match.c
C src/crypto/external/bsd/openssh/dist/m

CVS commit: src/crypto/external/bsd/openssh/dist

2011-05-24 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Tue May 24 14:27:07 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-pkcs11-helper.c

Log Message:
Kill redundant unused extern.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c:1.2 src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c:1.3
--- src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c:1.2	Sun Nov 21 18:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c	Tue May 24 14:27:07 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-pkcs11-helper.c,v 1.2 2010/11/21 18:59:04 adam Exp $	*/
+/*	$NetBSD: ssh-pkcs11-helper.c,v 1.3 2011/05/24 14:27:07 joerg Exp $	*/
 /* $OpenBSD: ssh-pkcs11-helper.c,v 1.3 2010/02/24 06:12:53 djm Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
@@ -16,7 +16,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 #include "includes.h"
-__RCSID("$NetBSD: ssh-pkcs11-helper.c,v 1.2 2010/11/21 18:59:04 adam Exp $");
+__RCSID("$NetBSD: ssh-pkcs11-helper.c,v 1.3 2011/05/24 14:27:07 joerg Exp $");
 
 #include 
 #include 
@@ -270,7 +270,6 @@
 	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
 	LogLevel log_level = SYSLOG_LEVEL_ERROR;
 	char buf[4*4096];
-	extern char *optarg;
 	extern char *__progname;
 
 	TAILQ_INIT(&pkcs11_keylist);

CVS commit: src/crypto/external/bsd/openssh/dist

2011-05-24 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Tue May 24 14:26:55 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: auth1.c

Log Message:
Use proper format string


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/auth1.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth1.c
diff -u src/crypto/external/bsd/openssh/dist/auth1.c:1.3 src/crypto/external/bsd/openssh/dist/auth1.c:1.4
--- src/crypto/external/bsd/openssh/dist/auth1.c:1.3	Sun Nov 21 18:29:48 2010
+++ src/crypto/external/bsd/openssh/dist/auth1.c	Tue May 24 14:26:55 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth1.c,v 1.3 2010/11/21 18:29:48 adam Exp $	*/
+/*	$NetBSD: auth1.c,v 1.4 2011/05/24 14:26:55 joerg Exp $	*/
 /* $OpenBSD: auth1.c,v 1.74 2010/06/25 08:46:17 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth1.c,v 1.3 2010/11/21 18:29:48 adam Exp $");
+__RCSID("$NetBSD: auth1.c,v 1.4 2011/05/24 14:26:55 joerg Exp $");
 #include 
 #include 
 
@@ -390,7 +390,7 @@
 	msg[len] = '\0';
 			else
 msg = "Access denied.";
-			packet_disconnect(msg);
+			packet_disconnect("%s", msg);
 		}
 #endif

CVS commit: src/crypto/external/bsd/openssh/dist

2011-05-03 Thread Jukka Ruohonen

Module Name:src
Committed By:   jruoho
Date:   Tue May  3 13:04:00 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: sshd_config

Log Message:
Clarify the comment on how to disable password authentication (i.e. the
combination of PasswordAuthentication=no and UsePam=yes still allow password
authentication). Fixes PR bin/32313 from Curt Sampson.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/sshd_config

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshd_config
diff -u src/crypto/external/bsd/openssh/dist/sshd_config:1.5 src/crypto/external/bsd/openssh/dist/sshd_config:1.6
--- src/crypto/external/bsd/openssh/dist/sshd_config:1.5	Sun Nov 21 18:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/sshd_config	Tue May  3 13:04:00 2011
@@ -1,4 +1,4 @@
-#	$NetBSD: sshd_config,v 1.5 2010/11/21 18:59:04 adam Exp $
+#	$NetBSD: sshd_config,v 1.6 2011/05/03 13:04:00 jruoho Exp $
 #	$OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 markus Exp $
 
 # This is the sshd server system-wide configuration file.  See
@@ -54,7 +54,7 @@
 # Don't read the user's ~/.rhosts and ~/.shosts files
 #IgnoreRhosts yes
 
-# To disable tunneled clear text passwords, change to no here!
+# To disable password authentication, set this and UsePam to no
 #PasswordAuthentication yes
 #PermitEmptyPasswords no

CVS commit: src/crypto/external/bsd/openssh

2011-04-24 Thread Roland Dowdeswell

Module Name:src
Committed By:   elric
Date:   Sun Apr 24 14:09:39 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh: Makefile.inc
src/crypto/external/bsd/openssh/dist: session.c

Log Message:
Stop using -I/usr/include/gssapi and -I/usr/include/krb5.  We must in this
case find kafs.h as krb5/kafs.h.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/Makefile.inc
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/session.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/Makefile.inc
diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.2 src/crypto/external/bsd/openssh/Makefile.inc:1.3
--- src/crypto/external/bsd/openssh/Makefile.inc:1.2	Sun Nov 21 19:19:21 2010
+++ src/crypto/external/bsd/openssh/Makefile.inc	Sun Apr 24 14:09:39 2011
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.inc,v 1.2 2010/11/21 19:19:21 adam Exp $
+#	$NetBSD: Makefile.inc,v 1.3 2011/04/24 14:09:39 elric Exp $
 
 WARNS?=	1	# XXX -Wshadow -Wcast-qual
 
@@ -23,8 +23,8 @@
 .endif	# USE_PAM == no
 
 .if (${USE_KERBEROS} != "no")
-CPPFLAGS+=-DGSSAPI -I${DESTDIR}/usr/include/gssapi
-CPPFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/krb5 -DHEIMDAL
+CPPFLAGS+=-DGSSAPI
+CPPFLAGS+=-DKRB5 -DHEIMDAL
 .endif
 
 .if (${USE_LDAP} != "no")

Index: src/crypto/external/bsd/openssh/dist/session.c
diff -u src/crypto/external/bsd/openssh/dist/session.c:1.5 src/crypto/external/bsd/openssh/dist/session.c:1.6
--- src/crypto/external/bsd/openssh/dist/session.c:1.5	Sun Nov 21 18:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/session.c	Sun Apr 24 14:09:39 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: session.c,v 1.5 2010/11/21 18:59:04 adam Exp $	*/
+/*	$NetBSD: session.c,v 1.6 2011/04/24 14:09:39 elric Exp $	*/
 /* $OpenBSD: session.c,v 1.256 2010/06/25 07:20:04 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: session.c,v 1.5 2010/11/21 18:59:04 adam Exp $");
+__RCSID("$NetBSD: session.c,v 1.6 2011/04/24 14:09:39 elric Exp $");
 #include 
 #include 
 #include 
@@ -88,7 +88,7 @@
 #include "sftp.h"
 
 #ifdef KRB5
-#include 
+#include 
 #endif
 
 #define IS_INTERNAL_SFTP(c) \

CVS commit: src/crypto/external/bsd/openssh/dist

2011-04-24 Thread Roland Dowdeswell

Module Name:src
Committed By:   elric
Date:   Sun Apr 24 14:01:46 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: auth-krb5.c gss-serv-krb5.c
sshconnect1.c sshconnect2.c

Log Message:
Stop using functions that are marked as deprecated in Heimdal.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/auth-krb5.c \
src/crypto/external/bsd/openssh/dist/sshconnect1.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/sshconnect2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth-krb5.c
diff -u src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.2 src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.3
--- src/crypto/external/bsd/openssh/dist/auth-krb5.c:1.2	Sun Jun  7 22:38:46 2009
+++ src/crypto/external/bsd/openssh/dist/auth-krb5.c	Sun Apr 24 14:01:46 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $	*/
+/*	$NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $	*/
 /* $OpenBSD: auth-krb5.c,v 1.19 2006/08/03 03:34:41 deraadt Exp $ */
 /*
  *Kerberos v5 authentication and ticket-passing routines.
@@ -30,7 +30,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: auth-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $");
+__RCSID("$NetBSD: auth-krb5.c,v 1.3 2011/04/24 14:01:46 elric Exp $");
 #include 
 #include 
 #include 
@@ -80,6 +80,7 @@
 	krb5_principal server;
 	krb5_ticket *ticket;
 	int fd, ret;
+	const char *errtxt;
 
 	ret = 0;
 	server = NULL;
@@ -143,10 +144,14 @@
 	}
 
 	if (problem) {
+		errtxt = NULL;
 		if (authctxt->krb5_ctx != NULL)
-			debug("Kerberos v5 authentication failed: %s",
-			krb5_get_err_text(authctxt->krb5_ctx, problem));
-		else
+			errtxt = krb5_get_error_message(authctxt->krb5_ctx,
+			problem);
+		if (errtxt != NULL) {
+			debug("Kerberos v5 authentication failed: %s", errtxt);
+			krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+		} else
 			debug("Kerberos v5 authentication failed: %d",
 			problem);
 	}
@@ -160,13 +165,14 @@
 	krb5_error_code problem;
 	krb5_ccache ccache = NULL;
 	char *pname;
+	const char *errtxt;
 
 	if (authctxt->pw == NULL || authctxt->krb5_user == NULL)
 		return (0);
 
 	temporarily_use_uid(authctxt->pw);
 
-	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops, &ccache);
+	problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL, &ccache);
 	if (problem)
 		goto fail;
 
@@ -201,9 +207,14 @@
 	return (1);
 
  fail:
-	if (problem)
-		debug("Kerberos v5 TGT passing failed: %s",
-		krb5_get_err_text(authctxt->krb5_ctx, problem));
+	if (problem) {
+		errtxt = krb5_get_error_message(authctxt->krb5_ctx, problem);
+		if (errtxt != NULL) {
+			debug("Kerberos v5 TGT passing failed: %s", errtxt);
+			krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+		} else
+			debug("Kerberos v5 TGT passing failed: %d", problem);
+	}
 	if (ccache)
 		krb5_cc_destroy(authctxt->krb5_ctx, ccache);
 
@@ -218,6 +229,7 @@
 {
 	krb5_error_code problem;
 	krb5_ccache ccache = NULL;
+	const char *errtxt;
 
 	temporarily_use_uid(authctxt->pw);
 
@@ -230,7 +242,8 @@
 	if (problem)
 		goto out;
 
-	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_mcc_ops, &ccache);
+	problem = krb5_cc_new_unique(authctxt->krb5_ctx, "MEMORY", NULL,
+	&ccache);
 	if (problem)
 		goto out;
 
@@ -249,7 +262,7 @@
 	if (problem)
 		goto out;
 
-	problem = krb5_cc_gen_new(authctxt->krb5_ctx, &krb5_fcc_ops,
+	problem = krb5_cc_new_unique(authctxt->krb5_ctx, "FILE", NULL,
 	&authctxt->krb5_fwd_ccache);
 	if (problem)
 		goto out;
@@ -271,10 +284,15 @@
 		if (ccache)
 			krb5_cc_destroy(authctxt->krb5_ctx, ccache);
 
+		errtxt = NULL;
 		if (authctxt->krb5_ctx != NULL)
+			errtxt = krb5_get_error_message(authctxt->krb5_ctx,
+			problem);
+		if (errtxt != NULL) {
 			debug("Kerberos password authentication failed: %s",
-			krb5_get_err_text(authctxt->krb5_ctx, problem));
-		else
+			errtxt);
+			krb5_free_error_message(authctxt->krb5_ctx, errtxt);
+		} else
 			debug("Kerberos password authentication failed: %d",
 			problem);
 
Index: src/crypto/external/bsd/openssh/dist/sshconnect1.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.2 src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.3
--- src/crypto/external/bsd/openssh/dist/sshconnect1.c:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/sshconnect1.c	Sun Apr 24 14:01:46 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshconnect1.c,v 1.2 2009/06/07 22:38:47 christos Exp $	*/
+/*	$NetBSD: sshconnect1.c,v 1.3 2011/04/24 14:01:46 elric Exp $	*/
 /* $OpenBSD: sshconnect1.c,v 1.70 2006/11/06 21:25:28 markus Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -15,7 +15,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshconnect1.c,v 1.2 2009/

CVS commit: src/crypto/external/bsd/openssh/dist

2011-04-15 Thread Roland Dowdeswell

Module Name:src
Committed By:   elric
Date:   Fri Apr 15 14:51:22 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: gss-serv-krb5.c

Log Message:
On reasonably modern versions of Heimdal, you should not include krb5.h
to get the krb5 GSS functions.  gssapi/gssapi_krb5.h should be included.

[this is necesary for the next Heimdal upgrade as krb5.h inclusion is no
longer effective.]


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
diff -u src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.2 src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.3
--- src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c:1.2	Sun Jun  7 22:38:46 2009
+++ src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c	Fri Apr 15 14:51:22 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: gss-serv-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $	*/
+/*	$NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $	*/
 /* $OpenBSD: gss-serv-krb5.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */
 
 /*
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: gss-serv-krb5.c,v 1.2 2009/06/07 22:38:46 christos Exp $");
+__RCSID("$NetBSD: gss-serv-krb5.c,v 1.3 2011/04/15 14:51:22 elric Exp $");
 #ifdef GSSAPI
 #ifdef KRB5
 
@@ -48,7 +48,7 @@
 extern ServerOptions options;
 
 #ifdef HEIMDAL
-# include 
+# include 
 #else
 # ifdef HAVE_GSSAPI_KRB5_H
 #  include

CVS commit: src/crypto/external/bsd/openssh/dist

2011-03-29 Thread Alistair G. Crooks

Module Name:src
Committed By:   agc
Date:   Tue Mar 29 21:43:17 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: sshd_config.5

Log Message:
fix a repeated typo


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/sshd_config.5

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshd_config.5
diff -u src/crypto/external/bsd/openssh/dist/sshd_config.5:1.8 src/crypto/external/bsd/openssh/dist/sshd_config.5:1.9
--- src/crypto/external/bsd/openssh/dist/sshd_config.5:1.8	Thu Feb  3 04:24:23 2011
+++ src/crypto/external/bsd/openssh/dist/sshd_config.5	Tue Mar 29 21:43:17 2011
@@ -1,4 +1,4 @@
-.\"	$NetBSD: sshd_config.5,v 1.8 2011/02/03 04:24:23 enami Exp $
+.\"	$NetBSD: sshd_config.5,v 1.9 2011/03/29 21:43:17 agc Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen 
@@ -1119,12 +1119,12 @@
 or
 .Dq try .
 .It Cm LpkSearchTimelimit
-Sepcifies the search time limit before the search is considered over. value is
+Specifies the search time limit before the search is considered over. value is
 in seconds.
 .Pp
 LpkSearchTimelimit 3
 .It Cm LpkBindTimelimit
-Sepcifies the bind time limit before the connection is considered dead. value is
+Specifies the bind time limit before the connection is considered dead. value is
 in seconds.
 .Pp
 LpkBindTimelimit 3

CVS commit: src/crypto/external/bsd/openssh/lib

2011-02-05 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sat Feb  5 16:01:58 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/lib: Makefile

Log Message:
we have arc4random_buf and uniform now; no need for random.c


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/lib/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/lib/Makefile
diff -u src/crypto/external/bsd/openssh/lib/Makefile:1.7 src/crypto/external/bsd/openssh/lib/Makefile:1.8
--- src/crypto/external/bsd/openssh/lib/Makefile:1.7	Tue Nov 23 02:12:01 2010
+++ src/crypto/external/bsd/openssh/lib/Makefile	Sat Feb  5 11:01:57 2011
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.7 2010/11/23 07:12:01 adam Exp $
+#	$NetBSD: Makefile,v 1.8 2011/02/05 16:01:57 christos Exp $
 
 .include 
 
@@ -14,7 +14,7 @@
 	monitor_fdpass.c addrmatch.c schnorr.c jpake.c ssh-pkcs11.c \
 	roaming_dummy.c
 #	umac.c
-SRCS+=	fmt_scaled.c random.c strtonum.c
+SRCS+=	fmt_scaled.c strtonum.c
 SRCS+=	readpassphrase.c getpeereid.c getrrsetbyname.c
 COPTS.monitor_fdpass.c = -Wno-stack-protector

CVS commit: src/crypto/external/bsd/openssh/dist

2011-02-04 Thread S.P.Zeidler

Module Name:src
Committed By:   spz
Date:   Sat Feb  5 06:42:45 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: key.c

Log Message:
revert previous


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/key.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/key.c
diff -u src/crypto/external/bsd/openssh/dist/key.c:1.6 src/crypto/external/bsd/openssh/dist/key.c:1.7
--- src/crypto/external/bsd/openssh/dist/key.c:1.6	Sat Feb  5 06:23:58 2011
+++ src/crypto/external/bsd/openssh/dist/key.c	Sat Feb  5 06:42:44 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.6 2011/02/05 06:23:58 spz Exp $	*/
+/*	$NetBSD: key.c,v 1.7 2011/02/05 06:42:44 spz Exp $	*/
 /* $OpenBSD: key.c,v 1.90 2010/07/13 23:13:16 djm Exp $ */
 /*
  * read_bignum():
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: key.c,v 1.6 2011/02/05 06:23:58 spz Exp $");
+__RCSID("$NetBSD: key.c,v 1.7 2011/02/05 06:42:44 spz Exp $");
 #include 
 #include 
 
@@ -1514,10 +1514,7 @@
 	buffer_put_cstring(&k->cert->certblob, key_ssh_name(k));
 
 	/* -v01 certs put nonce first */
-	/*arc4random_buf(&nonce, sizeof(nonce));*/
-	for (i = 0; i < sizeof(nonce); i += 4)
-		*(uint32_t *)&(nonce[i]) = arc4random();
-
+	arc4random_buf(&nonce, sizeof(nonce));
 	if (k->type == KEY_DSA_CERT || k->type == KEY_RSA_CERT) {
 		buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
 	}

CVS commit: src/crypto/external/bsd/openssh/dist

2011-02-04 Thread S.P.Zeidler

Module Name:src
Committed By:   spz
Date:   Sat Feb  5 06:23:58 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: key.c

Log Message:
fix compile


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/key.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/key.c
diff -u src/crypto/external/bsd/openssh/dist/key.c:1.5 src/crypto/external/bsd/openssh/dist/key.c:1.6
--- src/crypto/external/bsd/openssh/dist/key.c:1.5	Fri Feb  4 22:11:09 2011
+++ src/crypto/external/bsd/openssh/dist/key.c	Sat Feb  5 06:23:58 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.5 2011/02/04 22:11:09 christos Exp $	*/
+/*	$NetBSD: key.c,v 1.6 2011/02/05 06:23:58 spz Exp $	*/
 /* $OpenBSD: key.c,v 1.90 2010/07/13 23:13:16 djm Exp $ */
 /*
  * read_bignum():
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: key.c,v 1.5 2011/02/04 22:11:09 christos Exp $");
+__RCSID("$NetBSD: key.c,v 1.6 2011/02/05 06:23:58 spz Exp $");
 #include 
 #include 
 
@@ -1514,7 +1514,10 @@
 	buffer_put_cstring(&k->cert->certblob, key_ssh_name(k));
 
 	/* -v01 certs put nonce first */
-	arc4random_buf(&nonce, sizeof(nonce));
+	/*arc4random_buf(&nonce, sizeof(nonce));*/
+	for (i = 0; i < sizeof(nonce); i += 4)
+		*(uint32_t *)&(nonce[i]) = arc4random();
+
 	if (k->type == KEY_DSA_CERT || k->type == KEY_RSA_CERT) {
 		buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
 	}

CVS commit: src/crypto/external/bsd/openssh/dist

2011-02-04 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Fri Feb  4 22:11:09 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: key.c

Log Message:
Fix CVE-2011-0539:
Legacy certificates generated by OpenSSH might contain data
from the stack thus leaking confidential information.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/key.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/key.c
diff -u src/crypto/external/bsd/openssh/dist/key.c:1.4 src/crypto/external/bsd/openssh/dist/key.c:1.5
--- src/crypto/external/bsd/openssh/dist/key.c:1.4	Sun Nov 21 13:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/key.c	Fri Feb  4 17:11:09 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.4 2010/11/21 18:59:04 adam Exp $	*/
+/*	$NetBSD: key.c,v 1.5 2011/02/04 22:11:09 christos Exp $	*/
 /* $OpenBSD: key.c,v 1.90 2010/07/13 23:13:16 djm Exp $ */
 /*
  * read_bignum():
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: key.c,v 1.4 2010/11/21 18:59:04 adam Exp $");
+__RCSID("$NetBSD: key.c,v 1.5 2011/02/04 22:11:09 christos Exp $");
 #include 
 #include 
 
@@ -1514,10 +1514,8 @@
 	buffer_put_cstring(&k->cert->certblob, key_ssh_name(k));
 
 	/* -v01 certs put nonce first */
+	arc4random_buf(&nonce, sizeof(nonce));
 	if (k->type == KEY_DSA_CERT || k->type == KEY_RSA_CERT) {
-		/*arc4random_buf(&nonce, sizeof(nonce));*/
-		for (i = 0; i < sizeof(nonce); i += 4)
-			*(uint32_t *)&(nonce[i]) = arc4random();
 		buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
 	}

CVS commit: src/crypto/external/bsd/openssh/dist

2011-02-02 Thread enami tsugutomo

Module Name:src
Committed By:   enami
Date:   Thu Feb  3 04:24:23 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: sshd_config.5

Log Message:
Note that our installed sshd_config overwrite the LoginGraceTime to 600s.


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/sshd_config.5

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshd_config.5
diff -u src/crypto/external/bsd/openssh/dist/sshd_config.5:1.7 src/crypto/external/bsd/openssh/dist/sshd_config.5:1.8
--- src/crypto/external/bsd/openssh/dist/sshd_config.5:1.7	Sun Nov 21 18:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/sshd_config.5	Thu Feb  3 04:24:23 2011
@@ -1,4 +1,4 @@
-.\"	$NetBSD: sshd_config.5,v 1.7 2010/11/21 18:59:04 adam Exp $
+.\"	$NetBSD: sshd_config.5,v 1.8 2011/02/03 04:24:23 enami Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\" $OpenBSD: sshd_config.5,v 1.125 2010/06/30 07:28:34 jmc Exp $
-.Dd June 30, 2010
+.Dd February 3, 2010
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -589,7 +589,9 @@
 The server disconnects after this time if the user has not
 successfully logged in.
 If the value is 0, there is no time limit.
-The default is 120 seconds.
+The default is 120 seconds but the default
+.Pa /etc/ssh/sshd_config
+overwrites it to 600 seconds.
 .It Cm LogLevel
 Gives the verbosity level that is used when logging messages from
 .Xr sshd 8 .

CVS commit: src/crypto/external/bsd/openssh/dist

2011-01-09 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Jan  9 23:17:36 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: servconf.c

Log Message:
avoid unused variable warning.


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/servconf.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/servconf.c
diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.6 src/crypto/external/bsd/openssh/dist/servconf.c:1.7
--- src/crypto/external/bsd/openssh/dist/servconf.c:1.6	Mon Nov 22 04:53:01 2010
+++ src/crypto/external/bsd/openssh/dist/servconf.c	Sun Jan  9 18:17:36 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: servconf.c,v 1.6 2010/11/22 09:53:01 adam Exp $	*/
+/*	$NetBSD: servconf.c,v 1.7 2011/01/09 23:17:36 christos Exp $	*/
 /* $OpenBSD: servconf.c,v 1.209 2010/06/22 04:22:59 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: servconf.c,v 1.6 2010/11/22 09:53:01 adam Exp $");
+__RCSID("$NetBSD: servconf.c,v 1.7 2011/01/09 23:17:36 christos Exp $");
 #include 
 #include 
 #include 
@@ -816,7 +816,9 @@
 	int cmdline = 0, *intptr, value, n;
 	SyslogFacility *log_facility_ptr;
 	LogLevel *log_level_ptr;
+#ifdef WITH_LDAP_PUBKEY
  	unsigned long lvalue;
+#endif
 	time_t *timetptr;
 	ServerOpCodes opcode;
 	int port = 0;

CVS commit: src/crypto/external/bsd/openssh/dist

2011-01-03 Thread Arnaud Ysmal

Module Name:src
Committed By:   stacktic
Date:   Mon Jan  3 18:55:42 UTC 2011

Modified Files:
src/crypto/external/bsd/openssh/dist: sshconnect2.c

Log Message:
Fixed strvisx usage


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/sshconnect2.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshconnect2.c
diff -u src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.5 src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.6
--- src/crypto/external/bsd/openssh/dist/sshconnect2.c:1.5	Sun Nov 21 18:29:49 2010
+++ src/crypto/external/bsd/openssh/dist/sshconnect2.c	Mon Jan  3 18:55:41 2011
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshconnect2.c,v 1.5 2010/11/21 18:29:49 adam Exp $	*/
+/*	$NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $	*/
 /* $OpenBSD: sshconnect2.c,v 1.183 2010/04/26 22:28:24 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshconnect2.c,v 1.5 2010/11/21 18:29:49 adam Exp $");
+__RCSID("$NetBSD: sshconnect2.c,v 1.6 2011/01/03 18:55:41 stacktic Exp $");
 #include 
 #include 
 #include 
@@ -458,7 +458,7 @@
 		if (len > 65536)
 			len = 65536;
 		msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
-		strvisx(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
+		strvisx(msg, raw, len, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
 		fprintf(stderr, "%s", msg);
 		xfree(msg);
 	}

CVS commit: src/crypto/external/bsd/openssh/dist

2010-12-07 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Tue Dec  7 22:50:37 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: random.c

Log Message:
Inline string that should have been const char [] in first place.


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/dist/random.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/random.c
diff -u src/crypto/external/bsd/openssh/dist/random.c:1.1 src/crypto/external/bsd/openssh/dist/random.c:1.2
--- src/crypto/external/bsd/openssh/dist/random.c:1.1	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/random.c	Tue Dec  7 22:50:37 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: random.c,v 1.1 2009/06/07 22:38:47 christos Exp $	*/
+/*	$NetBSD: random.c,v 1.2 2010/12/07 22:50:37 joerg Exp $	*/
 
 /*-
  * Copyright (c) 2000 The NetBSD Foundation, Inc.
@@ -31,7 +31,7 @@
 
 #include "includes.h"
 #ifndef lint
-__RCSID("$NetBSD: random.c,v 1.1 2009/06/07 22:38:47 christos Exp $");
+__RCSID("$NetBSD: random.c,v 1.2 2010/12/07 22:50:37 joerg Exp $");
 #endif
 
 /*
@@ -52,8 +52,6 @@
 #include "random.h"
 #include "log.h"
 
-static const char *rndfail = "random number device is mandatory.  see rnd(4).";
-
 int
 arc4random_check(void)
 {
@@ -61,7 +59,7 @@
 
 	fd = open(_PATH_URANDOM, O_RDONLY, 0666);
 	if (fd < 0) {
-		fatal(rndfail);
+		fatal("random number device is mandatory.  see rnd(4).");
 		/*NOTREACHED*/
 	}
 	close(fd);

CVS commit: src/crypto/external/bsd/openssh/dist

2010-12-02 Thread Havard Eidnes

Module Name:src
Committed By:   he
Date:   Thu Dec  2 10:23:51 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-pkcs11.c

Log Message:
Make this build for platforms which don't define HAVE_DLOPEN, notably
our sun2 port.  Eliminates "defined but not used" warnings turned into
errors by our setup.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c:1.2 src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c:1.3
--- src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c:1.2	Sun Nov 21 18:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/ssh-pkcs11.c	Thu Dec  2 10:23:51 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-pkcs11.c,v 1.2 2010/11/21 18:59:04 adam Exp $	*/
+/*	$NetBSD: ssh-pkcs11.c,v 1.3 2010/12/02 10:23:51 he Exp $	*/
 /* $OpenBSD: ssh-pkcs11.c,v 1.6 2010/06/08 21:32:19 markus Exp $ */
 /*
  * Copyright (c) 2010 Markus Friedl.  All rights reserved.
@@ -16,7 +16,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 #include "includes.h"
-__RCSID("$NetBSD: ssh-pkcs11.c,v 1.2 2010/11/21 18:59:04 adam Exp $");
+__RCSID("$NetBSD: ssh-pkcs11.c,v 1.3 2010/12/02 10:23:51 he Exp $");
 
 #include 
 #include 
@@ -166,6 +166,7 @@
 	return (-1);
 }
 
+#ifdef HAVE_DLOPEN
 /* openssl callback for freeing an RSA key */
 static int
 pkcs11_rsa_finish(RSA *rsa)
@@ -466,7 +467,6 @@
 	return (0);
 }
 
-#ifdef HAVE_DLOPEN
 /* register a new provider, fails if provider already exists */
 int
 pkcs11_add_provider(char *provider_id, char *pin, Key ***keyp)

CVS commit: src/crypto/external/bsd/openssh/bin/sshd

2010-12-02 Thread Havard Eidnes

Module Name:src
Committed By:   he
Date:   Thu Dec  2 10:21:28 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/bin/sshd: Makefile

Log Message:
Don't rely on the shared library dependencies to pull in the ssl and lber
libraries, for the benefit of static linking and our sun2 port.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/bin/sshd/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/bin/sshd/Makefile
diff -u src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.3 src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.4
--- src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.3	Mon Nov 22 22:19:54 2010
+++ src/crypto/external/bsd/openssh/bin/sshd/Makefile	Thu Dec  2 10:21:28 2010
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.3 2010/11/22 22:19:54 christos Exp $
+#	$NetBSD: Makefile,v 1.4 2010/12/02 10:21:28 he Exp $
 
 .include 
 
@@ -58,8 +58,8 @@
 
 .if (${USE_LDAP} != "no")
 SRCS+=	ldapauth.c
-LDADD+=	-lldap
-DPADD+=	${LIBLDAP}
+LDADD+=	-lldap -lssl -llber
+DPADD+=	${LIBLDAP} ${LIBSSL} ${LIBLBER}
 .endif
 
 .include

CVS commit: src/crypto/external/bsd/openssh/lib

2010-11-22 Thread Adam Ciarcinski

Module Name:src
Committed By:   adam
Date:   Tue Nov 23 07:12:02 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/lib: Makefile

Log Message:
Removed roaming_common.c from COPTS sections


To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/lib/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/lib/Makefile
diff -u src/crypto/external/bsd/openssh/lib/Makefile:1.6 src/crypto/external/bsd/openssh/lib/Makefile:1.7
--- src/crypto/external/bsd/openssh/lib/Makefile:1.6	Mon Nov 22 22:19:54 2010
+++ src/crypto/external/bsd/openssh/lib/Makefile	Tue Nov 23 07:12:01 2010
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.6 2010/11/22 22:19:54 christos Exp $
+#	$NetBSD: Makefile,v 1.7 2010/11/23 07:12:01 adam Exp $
 
 .include 
 
@@ -29,7 +29,7 @@
 		z	${NETBSDSRCDIR}/lib/libz
 
 .if (defined(HAVE_GCC) && ${HAVE_GCC} == 4) || defined(HAVE_PCC)
-.for f in dns channels hostfile roaming_common ssh-pkcs11
+.for f in dns channels hostfile ssh-pkcs11
 COPTS.${f}.c+=	-Wno-pointer-sign
 .endfor
 .endif

CVS commit: src/crypto/external/bsd/openssh

2010-11-22 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Nov 22 22:19:54 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/bin/ssh: Makefile
src/crypto/external/bsd/openssh/bin/sshd: Makefile
src/crypto/external/bsd/openssh/dist: roaming.h roaming_client.c
roaming_common.c
src/crypto/external/bsd/openssh/lib: Makefile shlib_version

Log Message:
- Remove ifdefs for roaming support, and enable by default
- Put roaming_dummy.c in libssh.a to satisfy linking needs for most programs
  other than ssh and sshd. ssh and sshd override the shared library (and static
  library) functions by linking in their own copy of the roaming functions.
- Bump libssh major.
- Fix compilation issue in evp hash buffer.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/bin/ssh/Makefile
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/bin/sshd/Makefile
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/roaming.h \
src/crypto/external/bsd/openssh/dist/roaming_client.c
cvs rdiff -u -r1.4 -r1.5 \
src/crypto/external/bsd/openssh/dist/roaming_common.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/lib/Makefile
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/lib/shlib_version

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/bin/ssh/Makefile
diff -u src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.2 src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.3
--- src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.2	Sun Nov 21 14:19:22 2010
+++ src/crypto/external/bsd/openssh/bin/ssh/Makefile	Mon Nov 22 17:19:53 2010
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.2 2010/11/21 19:19:22 adam Exp $
+#	$NetBSD: Makefile,v 1.3 2010/11/22 22:19:53 christos Exp $
 
 .include 
 
@@ -7,7 +7,7 @@
 PROG=	ssh
 SRCS=	ssh.c readconf.c clientloop.c sshtty.c \
 	sshconnect.c sshconnect1.c sshconnect2.c mux.c \
-	roaming_client.c
+	roaming_common.c roaming_client.c
 
 COPTS.sshconnect1.c=	-fno-strict-aliasing
 .if (defined(HAVE_GCC) && ${HAVE_GCC} == 4) || defined(HAVE_PCC)

Index: src/crypto/external/bsd/openssh/bin/sshd/Makefile
diff -u src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.2 src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.3
--- src/crypto/external/bsd/openssh/bin/sshd/Makefile:1.2	Sun Nov 21 14:19:23 2010
+++ src/crypto/external/bsd/openssh/bin/sshd/Makefile	Mon Nov 22 17:19:54 2010
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.2 2010/11/21 19:19:23 adam Exp $
+#	$NetBSD: Makefile,v 1.3 2010/11/22 22:19:54 christos Exp $
 
 .include 
 
@@ -14,7 +14,8 @@
 	auth-skey.c auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \
 	auth2-none.c auth2-passwd.c auth2-pubkey.c \
 	monitor_mm.c monitor.c monitor_wrap.c \
-	kexdhs.c kexgexs.c sftp-server.c sftp-common.c auth2-jpake.c
+	kexdhs.c kexgexs.c sftp-server.c sftp-common.c auth2-jpake.c \
+	roaming_common.c roaming_serv.c
 
 .if (defined(HAVE_GCC) && ${HAVE_GCC} == 4) || defined(HAVE_PCC)
 COPTS.auth-options.c=	-Wno-pointer-sign

Index: src/crypto/external/bsd/openssh/dist/roaming.h
diff -u src/crypto/external/bsd/openssh/dist/roaming.h:1.2 src/crypto/external/bsd/openssh/dist/roaming.h:1.3
--- src/crypto/external/bsd/openssh/dist/roaming.h:1.2	Sun Nov 21 13:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/roaming.h	Mon Nov 22 17:19:54 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: roaming.h,v 1.2 2010/11/21 18:59:04 adam Exp $	*/
+/*	$NetBSD: roaming.h,v 1.3 2010/11/22 22:19:54 christos Exp $	*/
 /* $OpenBSD: roaming.h,v 1.5 2009/10/24 11:11:58 andreas Exp $ */
 /*
  * Copyright (c) 2004-2009 AppGate Network Security AB
@@ -29,9 +29,7 @@
 int	get_snd_buf_size(void);
 int	get_recv_buf_size(void);
 void	add_recv_bytes(u_int64_t);
-#ifdef ROAMING_RECONNECT
 int	wait_for_roaming_reconnect(void);
-#endif
 void	roaming_reply(int, u_int32_t, void *);
 void	set_out_buffer_size(size_t);
 ssize_t	roaming_write(int, const void *, size_t, int *);
Index: src/crypto/external/bsd/openssh/dist/roaming_client.c
diff -u src/crypto/external/bsd/openssh/dist/roaming_client.c:1.2 src/crypto/external/bsd/openssh/dist/roaming_client.c:1.3
--- src/crypto/external/bsd/openssh/dist/roaming_client.c:1.2	Sun Nov 21 13:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/roaming_client.c	Mon Nov 22 17:19:54 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: roaming_client.c,v 1.2 2010/11/21 18:59:04 adam Exp $	*/
+/*	$NetBSD: roaming_client.c,v 1.3 2010/11/22 22:19:54 christos Exp $	*/
 /* $OpenBSD: roaming_client.c,v 1.3 2010/01/18 01:50:27 dtucker Exp $ */
 /*
  * Copyright (c) 2004-2009 AppGate Network Security AB
@@ -16,7 +16,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 #include "includes.h"
-__RCSID("$NetBSD: roaming_client.c,v 1.2 2010/11/21 18:59:04 adam Exp $");
+__RCSID("$NetBSD: roaming_client.c,v 1.3 2010/11/22 22:19:54 christos Exp $");
 
 #include 
 #includ

CVS commit: src/crypto/external/bsd/openssh/dist

2010-11-22 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Mon Nov 22 13:45:26 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: sftp.c

Log Message:
add a missing GLOB_LIMIT to the new glob for completion.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/sftp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp.c
diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.5 src/crypto/external/bsd/openssh/dist/sftp.c:1.6
--- src/crypto/external/bsd/openssh/dist/sftp.c:1.5	Mon Nov 22 04:53:01 2010
+++ src/crypto/external/bsd/openssh/dist/sftp.c	Mon Nov 22 08:45:26 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp.c,v 1.5 2010/11/22 09:53:01 adam Exp $	*/
+/*	$NetBSD: sftp.c,v 1.6 2010/11/22 13:45:26 christos Exp $	*/
 /* $OpenBSD: sftp.c,v 1.125 2010/06/18 00:58:39 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -17,7 +17,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp.c,v 1.5 2010/11/22 09:53:01 adam Exp $");
+__RCSID("$NetBSD: sftp.c,v 1.6 2010/11/22 13:45:26 christos Exp $");
 #include 
 #include 
 #include 
@@ -1682,7 +1682,7 @@
 		tmp = make_absolute(tmp, remote_path);
 		remote_glob(conn, tmp, GLOB_DOOFFS|GLOB_MARK, NULL, &g);
 	} else 
-		glob(tmp, GLOB_DOOFFS|GLOB_MARK, NULL, &g);
+		glob(tmp, GLOB_LIMIT|GLOB_DOOFFS|GLOB_MARK, NULL, &g);
 	
 	/* Determine length of pwd so we can trim completion display */
 	for (hadglob = tmplen = pwdlen = 0; tmp[tmplen] != 0; tmplen++) {

CVS commit: src/crypto/external/bsd/openssh/dist

2010-11-22 Thread Adam Ciarcinski

Module Name:src
Committed By:   adam
Date:   Mon Nov 22 09:53:01 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: servconf.c sftp.c ssh-keygen.c

Log Message:
Fix compiler warnings


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/servconf.c
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/sftp.c \
src/crypto/external/bsd/openssh/dist/ssh-keygen.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/servconf.c
diff -u src/crypto/external/bsd/openssh/dist/servconf.c:1.5 src/crypto/external/bsd/openssh/dist/servconf.c:1.6
--- src/crypto/external/bsd/openssh/dist/servconf.c:1.5	Sun Nov 21 18:59:04 2010
+++ src/crypto/external/bsd/openssh/dist/servconf.c	Mon Nov 22 09:53:01 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: servconf.c,v 1.5 2010/11/21 18:59:04 adam Exp $	*/
+/*	$NetBSD: servconf.c,v 1.6 2010/11/22 09:53:01 adam Exp $	*/
 /* $OpenBSD: servconf.c,v 1.209 2010/06/22 04:22:59 djm Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: servconf.c,v 1.5 2010/11/21 18:59:04 adam Exp $");
+__RCSID("$NetBSD: servconf.c,v 1.6 2010/11/22 09:53:01 adam Exp $");
 #include 
 #include 
 #include 
@@ -816,7 +816,8 @@
 	int cmdline = 0, *intptr, value, n;
 	SyslogFacility *log_facility_ptr;
 	LogLevel *log_level_ptr;
- 	unsigned long lvalue, *longptr;
+ 	unsigned long lvalue;
+	time_t *timetptr;
 	ServerOpCodes opcode;
 	int port = 0;
 	u_int i, flags = 0;
@@ -831,7 +832,7 @@
 	if (!arg || !*arg || *arg == '#')
 		return 0;
 	intptr = NULL;
-	longptr = NULL;
+	timetptr = NULL;
 	charptr = NULL;
 	opcode = parse_token(arg, filename, linenum, &flags);
 
@@ -1627,19 +1628,19 @@
 			*intptr = value;
 		break;
 	case sBindTimeout:
-		longptr = (unsigned long *) &options->lpk.b_timeout.tv_sec;
+		timetptr = &options->lpk.b_timeout.tv_sec;
 parse_ulong:
 		arg = strdelim(&cp);
 		if (!arg || *arg == '\0')
 			fatal("%s line %d: missing integer value.",
 			filename, linenum);
 		lvalue = atol(arg);
-		if (*activep && *longptr == -1)
-			*longptr = lvalue;
+		if (*activep && *timetptr == -1)
+			*timetptr = lvalue;
 		break;
 
 	case sSearchTimeout:
-		longptr = (unsigned long *) &options->lpk.s_timeout.tv_sec;
+		timetptr = &options->lpk.s_timeout.tv_sec;
 		goto parse_ulong;
 		break;
 	case sLdapConf:

Index: src/crypto/external/bsd/openssh/dist/sftp.c
diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.4 src/crypto/external/bsd/openssh/dist/sftp.c:1.5
--- src/crypto/external/bsd/openssh/dist/sftp.c:1.4	Sun Nov 21 18:29:49 2010
+++ src/crypto/external/bsd/openssh/dist/sftp.c	Mon Nov 22 09:53:01 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp.c,v 1.4 2010/11/21 18:29:49 adam Exp $	*/
+/*	$NetBSD: sftp.c,v 1.5 2010/11/22 09:53:01 adam Exp $	*/
 /* $OpenBSD: sftp.c,v 1.125 2010/06/18 00:58:39 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -17,7 +17,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp.c,v 1.4 2010/11/21 18:29:49 adam Exp $");
+__RCSID("$NetBSD: sftp.c,v 1.5 2010/11/22 09:53:01 adam Exp $");
 #include 
 #include 
 #include 
@@ -1778,7 +1778,7 @@
 	struct complete_ctx *complete_ctx;
 
 	lf = el_line(el);
-	if (el_get(el, EL_CLIENTDATA, (void**)&complete_ctx) != 0)
+	if (el_get(el, EL_CLIENTDATA, &complete_ctx) != 0)
 		fatal("%s: el_get failed", __func__);
 
 	/* Figure out which argument the cursor points to */
Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.4 src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.5
--- src/crypto/external/bsd/openssh/dist/ssh-keygen.c:1.4	Sun Nov 21 18:29:49 2010
+++ src/crypto/external/bsd/openssh/dist/ssh-keygen.c	Mon Nov 22 09:53:01 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-keygen.c,v 1.4 2010/11/21 18:29:49 adam Exp $	*/
+/*	$NetBSD: ssh-keygen.c,v 1.5 2010/11/22 09:53:01 adam Exp $	*/
 /* $OpenBSD: ssh-keygen.c,v 1.199 2010/08/16 04:06:06 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-keygen.c,v 1.4 2010/11/21 18:29:49 adam Exp $");
+__RCSID("$NetBSD: ssh-keygen.c,v 1.5 2010/11/22 09:53:01 adam Exp $");
 #include 
 #include 
 #include 
@@ -1445,7 +1445,7 @@
 		if (!quiet) {
 			logit("Signed %s key %s: id \"%s\" serial %llu%s%s "
 			"valid %s", key_cert_type(public), 
-			out, public->cert->key_id, public->cert->serial,
+			out, public->cert->key_id, (unsigned long long)public->cert->serial,
 			cert_principals != NULL ? " for " : "",
 			cert_principals != NULL ? cert_principals : "",
 			fmt_validity(cert_valid_from, cert_valid_to));
@@ -1671,7 +1671,7 @@
 	key_type(key->cert->signature_key), ca_fp);
 	printf("Key ID: \"%s\"\n", key->cert->key_id);
 	if (!v00)
-		printf("Serial: %llu\n", key->cert-

CVS commit: src/crypto/external/bsd/openssh/dist

2010-11-21 Thread Adam Ciarcinski

Module Name:src
Committed By:   adam
Date:   Sun Nov 21 19:11:10 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: openssh2netbsd
Removed Files:
src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper: Makefile

Log Message:
We don't need dist/ssh-pkcs11-helper/Makefile


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/dist/openssh2netbsd
cvs rdiff -u -r1.1.1.1 -r0 \
src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/openssh2netbsd
diff -u src/crypto/external/bsd/openssh/dist/openssh2netbsd:1.1 src/crypto/external/bsd/openssh/dist/openssh2netbsd:1.2
--- src/crypto/external/bsd/openssh/dist/openssh2netbsd:1.1	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/openssh2netbsd	Sun Nov 21 19:11:09 2010
@@ -1,6 +1,6 @@
 #! /bin/sh
 #
-#	$NetBSD: openssh2netbsd,v 1.1 2009/06/07 22:38:47 christos Exp $
+#	$NetBSD: openssh2netbsd,v 1.2 2010/11/21 19:11:09 adam Exp $
 #
 # Copyright (c) 2001 The NetBSD Foundation, Inc.
 # All rights reserved.
@@ -33,7 +33,7 @@
 
 ### Remove Makefile and subdirs
 rm -r Makefile Makefile.inc
-rm -r lib ssh-add ssh scp ssh-agent sshd sftp-server ssh-keygen sftp ssh-keyscan ssh-keysign
+rm -r lib ssh-add ssh scp ssh-agent sshd sftp-server ssh-keygen sftp ssh-keyscan ssh-keysign ssh-pkcs11-helper
 
 ### add NetBSD RCS tag
 for i in *.c *.h; do

CVS commit: src/crypto/external/bsd/openssh

2010-11-21 Thread Adam Ciarcinski

Module Name:src
Committed By:   adam
Date:   Sun Nov 21 19:19:23 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh: Makefile.inc
src/crypto/external/bsd/openssh/bin: Makefile
src/crypto/external/bsd/openssh/bin/sftp: Makefile
src/crypto/external/bsd/openssh/bin/ssh: Makefile
src/crypto/external/bsd/openssh/bin/ssh-agent: Makefile
src/crypto/external/bsd/openssh/bin/ssh-keygen: Makefile
src/crypto/external/bsd/openssh/bin/sshd: Makefile
src/crypto/external/bsd/openssh/lib: Makefile shlib_version
Added Files:
src/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper: Makefile

Log Message:
Updated custom makefiles for OpenSSH 5.6


To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/Makefile.inc
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/bin/Makefile
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/bin/sftp/Makefile
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/bin/ssh/Makefile
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/openssh/bin/ssh-agent/Makefile
cvs rdiff -u -r1.1 -r1.2 \
src/crypto/external/bsd/openssh/bin/ssh-keygen/Makefile
cvs rdiff -u -r0 -r1.1 \
src/crypto/external/bsd/openssh/bin/ssh-pkcs11-helper/Makefile
cvs rdiff -u -r1.1 -r1.2 src/crypto/external/bsd/openssh/bin/sshd/Makefile
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/lib/Makefile
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/lib/shlib_version

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/Makefile.inc
diff -u src/crypto/external/bsd/openssh/Makefile.inc:1.1 src/crypto/external/bsd/openssh/Makefile.inc:1.2
--- src/crypto/external/bsd/openssh/Makefile.inc:1.1	Sat Dec 19 18:00:26 2009
+++ src/crypto/external/bsd/openssh/Makefile.inc	Sun Nov 21 19:19:21 2010
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile.inc,v 1.1 2009/12/19 18:00:26 christos Exp $
+#	$NetBSD: Makefile.inc,v 1.2 2010/11/21 19:19:21 adam Exp $
 
 WARNS?=	1	# XXX -Wshadow -Wcast-qual
 
@@ -8,7 +8,10 @@
 
 SSHDIST?= ${NETBSDSRCDIR}/crypto/external/bsd/openssh/dist
 
-CPPFLAGS+=-I${SSHDIST} -DHAVE_LOGIN_CAP -DHAVE_MMAP -DHAVE_OPENPTY
+CPPFLAGS+=-I${SSHDIST} -DHAVE_LOGIN_CAP -DHAVE_MMAP -DHAVE_OPENPTY -DENABLE_PKCS11
+.if !defined(NOPIC)
+CPPFLAGS+=-DHAVE_DLOPEN
+.endif
 .PATH: ${SSHDIST}
 
 .if (${USE_PAM} != "no")
@@ -24,6 +27,10 @@
 CPPFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/krb5 -DHEIMDAL
 .endif
 
+.if (${USE_LDAP} != "no")
+CPPFLAGS+=-DWITH_LDAP_PUBKEY
+.endif
+
 .if ${X11FLAVOUR} == "Xorg"
 CPPFLAGS+=-DX11BASE=\"/usr/X11R7\"
 .endif

Index: src/crypto/external/bsd/openssh/bin/Makefile
diff -u src/crypto/external/bsd/openssh/bin/Makefile:1.2 src/crypto/external/bsd/openssh/bin/Makefile:1.3
--- src/crypto/external/bsd/openssh/bin/Makefile:1.2	Tue Jul 21 00:47:23 2009
+++ src/crypto/external/bsd/openssh/bin/Makefile	Sun Nov 21 19:19:21 2010
@@ -1,12 +1,11 @@
-#	$NetBSD: Makefile,v 1.2 2009/07/21 00:47:23 mrg Exp $
+#	$NetBSD: Makefile,v 1.3 2010/11/21 19:19:21 adam Exp $
 
 .include 
 
 SSHDIST?= ${NETBSDSRCDIR}/crypto/external/bsd/openssh/dist
 
 SUBDIR=	ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server \
-	ssh-keysign ssh-keyscan sftp
-#SUBDIR+=scard
+	ssh-keysign ssh-keyscan sftp ssh-pkcs11-helper
 
 .PATH: ${SSHDIST}
 .MADE: moduli

Index: src/crypto/external/bsd/openssh/bin/sftp/Makefile
diff -u src/crypto/external/bsd/openssh/bin/sftp/Makefile:1.2 src/crypto/external/bsd/openssh/bin/sftp/Makefile:1.3
--- src/crypto/external/bsd/openssh/bin/sftp/Makefile:1.2	Wed Feb  3 15:34:37 2010
+++ src/crypto/external/bsd/openssh/bin/sftp/Makefile	Sun Nov 21 19:19:22 2010
@@ -1,9 +1,9 @@
-#	$NetBSD: Makefile,v 1.2 2010/02/03 15:34:37 roy Exp $
+#	$NetBSD: Makefile,v 1.3 2010/11/21 19:19:22 adam Exp $
 
 BINDIR=	/usr/bin
 
 PROG=	sftp
-SRCS=	sftp.c sftp-client.c sftp-common.c sftp-glob.c misc.c fmt_scaled.c
+SRCS=	sftp.c sftp-client.c sftp-common.c sftp-glob.c
 MAN=	sftp.1
 
 LDADD+=	-ledit -lterminfo
@@ -12,5 +12,6 @@
 .include 
 
 .if (defined(HAVE_GCC) && ${HAVE_GCC} == 4) || defined(HAVE_PCC)
-COPTS.sftp-client.c+=   -Wno-pointer-sign
+COPTS.sftp.c+=		-Wno-pointer-sign
+COPTS.sftp-client.c+=	-Wno-pointer-sign
 .endif

Index: src/crypto/external/bsd/openssh/bin/ssh/Makefile
diff -u src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.1 src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.2
--- src/crypto/external/bsd/openssh/bin/ssh/Makefile:1.1	Sun Jun  7 22:38:45 2009
+++ src/crypto/external/bsd/openssh/bin/ssh/Makefile	Sun Nov 21 19:19:22 2010
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.1 2009/06/07 22:38:45 christos Exp $
+#	$NetBSD: Makefile,v 1.2 2010/11/21 19:19:22 adam Exp $
 
 .include 
 
@@ -6,10 +6,12 @@
 
 PROG=	ssh
 SRCS=	ssh.c readconf.c clientloop.c sshtty.c \
-	sshconnect.c sshconnect1.c sshconnect2.c mux.c
+	sshconnect.c sshconnect1.c sshconnect2.c mux.c \

CVS commit: src/crypto/external/bsd/openssh/dist

2010-11-21 Thread Adam Ciarcinski

Module Name:src
Committed By:   adam
Date:   Sun Nov 21 17:06:13 UTC 2010

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv13101

Log Message:
Imported openssh-5.6

Status:

Vendor Tag: OPENSSH
Release Tags:   v56-20101121

C src/crypto/external/bsd/openssh/dist/addrmatch.c
U src/crypto/external/bsd/openssh/dist/atomicio.c
U src/crypto/external/bsd/openssh/dist/atomicio.h
U src/crypto/external/bsd/openssh/dist/auth-bsdauth.c
U src/crypto/external/bsd/openssh/dist/auth-chall.c
U src/crypto/external/bsd/openssh/dist/auth-krb5.c
C src/crypto/external/bsd/openssh/dist/auth-options.c
C src/crypto/external/bsd/openssh/dist/auth-options.h
U src/crypto/external/bsd/openssh/dist/auth-passwd.c
C src/crypto/external/bsd/openssh/dist/auth-rh-rsa.c
C src/crypto/external/bsd/openssh/dist/auth-rhosts.c
C src/crypto/external/bsd/openssh/dist/auth-rsa.c
C src/crypto/external/bsd/openssh/dist/auth.c
C src/crypto/external/bsd/openssh/dist/auth.h
C src/crypto/external/bsd/openssh/dist/auth1.c
U src/crypto/external/bsd/openssh/dist/auth2-chall.c
U src/crypto/external/bsd/openssh/dist/auth2-gss.c
C src/crypto/external/bsd/openssh/dist/auth2-hostbased.c
U src/crypto/external/bsd/openssh/dist/auth2-jpake.c
U src/crypto/external/bsd/openssh/dist/auth2-kbdint.c
C src/crypto/external/bsd/openssh/dist/auth2-none.c
U src/crypto/external/bsd/openssh/dist/auth2.c
U src/crypto/external/bsd/openssh/dist/auth2-passwd.c
C src/crypto/external/bsd/openssh/dist/auth2-pubkey.c
C src/crypto/external/bsd/openssh/dist/authfd.c
C src/crypto/external/bsd/openssh/dist/authfd.h
C src/crypto/external/bsd/openssh/dist/authfile.c
C src/crypto/external/bsd/openssh/dist/authfile.h
C src/crypto/external/bsd/openssh/dist/bufaux.c
U src/crypto/external/bsd/openssh/dist/bufbn.c
C src/crypto/external/bsd/openssh/dist/buffer.c
C src/crypto/external/bsd/openssh/dist/buffer.h
C src/crypto/external/bsd/openssh/dist/canohost.c
U src/crypto/external/bsd/openssh/dist/canohost.h
C src/crypto/external/bsd/openssh/dist/channels.c
C src/crypto/external/bsd/openssh/dist/channels.h
U src/crypto/external/bsd/openssh/dist/cipher-3des1.c
U src/crypto/external/bsd/openssh/dist/cipher-bf1.c
U src/crypto/external/bsd/openssh/dist/cipher-ctr.c
U src/crypto/external/bsd/openssh/dist/cipher.c
U src/crypto/external/bsd/openssh/dist/cipher.h
U src/crypto/external/bsd/openssh/dist/cleanup.c
C src/crypto/external/bsd/openssh/dist/clientloop.c
C src/crypto/external/bsd/openssh/dist/clientloop.h
U src/crypto/external/bsd/openssh/dist/compat.c
U src/crypto/external/bsd/openssh/dist/compat.h
U src/crypto/external/bsd/openssh/dist/compress.c
U src/crypto/external/bsd/openssh/dist/compress.h
U src/crypto/external/bsd/openssh/dist/crc32.c
U src/crypto/external/bsd/openssh/dist/crc32.h
U src/crypto/external/bsd/openssh/dist/deattack.c
U src/crypto/external/bsd/openssh/dist/deattack.h
C src/crypto/external/bsd/openssh/dist/dh.c
U src/crypto/external/bsd/openssh/dist/dh.h
U src/crypto/external/bsd/openssh/dist/dispatch.c
U src/crypto/external/bsd/openssh/dist/dispatch.h
C src/crypto/external/bsd/openssh/dist/dns.c
C src/crypto/external/bsd/openssh/dist/dns.h
U src/crypto/external/bsd/openssh/dist/fatal.c
U src/crypto/external/bsd/openssh/dist/groupaccess.c
U src/crypto/external/bsd/openssh/dist/groupaccess.h
U src/crypto/external/bsd/openssh/dist/gss-genr.c
U src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
U src/crypto/external/bsd/openssh/dist/gss-serv.c
C src/crypto/external/bsd/openssh/dist/hostfile.c
C src/crypto/external/bsd/openssh/dist/hostfile.h
C src/crypto/external/bsd/openssh/dist/jpake.c
U src/crypto/external/bsd/openssh/dist/jpake.h
C src/crypto/external/bsd/openssh/dist/kex.c
C src/crypto/external/bsd/openssh/dist/kex.h
U src/crypto/external/bsd/openssh/dist/kexdh.c
U src/crypto/external/bsd/openssh/dist/kexdhc.c
C src/crypto/external/bsd/openssh/dist/kexdhs.c
U src/crypto/external/bsd/openssh/dist/kexgex.c
U src/crypto/external/bsd/openssh/dist/kexgexc.c
C src/crypto/external/bsd/openssh/dist/kexgexs.c
C src/crypto/external/bsd/openssh/dist/key.c
C src/crypto/external/bsd/openssh/dist/key.h
U src/crypto/external/bsd/openssh/dist/LICENCE
U src/crypto/external/bsd/openssh/dist/log.c
U src/crypto/external/bsd/openssh/dist/log.h
U src/crypto/external/bsd/openssh/dist/mac.c
U src/crypto/external/bsd/openssh/dist/mac.h
U src/crypto/external/bsd/openssh/dist/match.c
C src/crypto/external/bsd/openssh/dist/match.h
C src/crypto/external/bsd/openssh/dist/misc.c
C src/crypto/external/bsd/openssh/dist/misc.h
U src/crypto/external/bsd/openssh/dist/moduli.c
C src/crypto/external/bsd/openssh/dist/monitor.c
U src/crypto/external/bsd/openssh/dist/monitor.h
C src/crypto/external/bsd/openssh/dist/monitor_fdpass.c
U src/crypto/external/bsd/openssh/dist/monitor_fdpass.h
U src/crypto/external/bsd/openssh/dist/monitor_mm.c
U src/crypto/external/bsd/openssh/dist/monitor_mm.h
C src/crypto/external/bsd/openssh/dist/moni

CVS commit: src/crypto/external/bsd/openssh/dist

2010-07-08 Thread Mindaugas Rasiukevicius

Module Name:src
Committed By:   rmind
Date:   Thu Jul  8 21:16:44 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-keyscan.c

Log Message:
Add missing sys/param.h


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-keyscan.c
diff -u src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.2 src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.3
--- src/crypto/external/bsd/openssh/dist/ssh-keyscan.c:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh-keyscan.c	Thu Jul  8 21:16:44 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh-keyscan.c,v 1.2 2009/06/07 22:38:47 christos Exp $	*/
+/*	$NetBSD: ssh-keyscan.c,v 1.3 2010/07/08 21:16:44 rmind Exp $	*/
 /* $OpenBSD: ssh-keyscan.c,v 1.78 2009/01/22 10:02:34 djm Exp $ */
 /*
  * Copyright 1995, 1996 by David Mazieres .
@@ -9,7 +9,9 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh-keyscan.c,v 1.2 2009/06/07 22:38:47 christos Exp $");
+__RCSID("$NetBSD: ssh-keyscan.c,v 1.3 2010/07/08 21:16:44 rmind Exp $");
+
+#include 
 #include 
 #include 
 #include

CVS commit: src/crypto/external/bsd/openssh/dist

2010-07-06 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Tue Jul  6 15:09:42 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: sftp-glob.c sftp.c

Log Message:
Add GLOB_LIMIT to the glob calls to prevent DoS attacks.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/sftp-glob.c \
src/crypto/external/bsd/openssh/dist/sftp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp-glob.c
diff -u src/crypto/external/bsd/openssh/dist/sftp-glob.c:1.2 src/crypto/external/bsd/openssh/dist/sftp-glob.c:1.3
--- src/crypto/external/bsd/openssh/dist/sftp-glob.c:1.2	Sun Jun  7 18:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/sftp-glob.c	Tue Jul  6 11:09:41 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp-glob.c,v 1.2 2009/06/07 22:38:47 christos Exp $	*/
+/*	$NetBSD: sftp-glob.c,v 1.3 2010/07/06 15:09:41 christos Exp $	*/
 /* $OpenBSD: sftp-glob.c,v 1.22 2006/08/03 03:34:42 deraadt Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -17,7 +17,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp-glob.c,v 1.2 2009/06/07 22:38:47 christos Exp $");
+__RCSID("$NetBSD: sftp-glob.c,v 1.3 2010/07/06 15:09:41 christos Exp $");
 #include 
 #include 
 
@@ -121,5 +121,5 @@
 	memset(&cur, 0, sizeof(cur));
 	cur.conn = conn;
 
-	return(glob(pattern, flags | GLOB_ALTDIRFUNC, errfunc, pglob));
+	return(glob(pattern, flags|GLOB_ALTDIRFUNC|GLOB_LIMIT, errfunc, pglob));
 }
Index: src/crypto/external/bsd/openssh/dist/sftp.c
diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.2 src/crypto/external/bsd/openssh/dist/sftp.c:1.3
--- src/crypto/external/bsd/openssh/dist/sftp.c:1.2	Sun Jun  7 18:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/sftp.c	Tue Jul  6 11:09:41 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp.c,v 1.2 2009/06/07 22:38:47 christos Exp $	*/
+/*	$NetBSD: sftp.c,v 1.3 2010/07/06 15:09:41 christos Exp $	*/
 /* $OpenBSD: sftp.c,v 1.107 2009/02/02 11:15:14 dtucker Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -17,7 +17,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp.c,v 1.2 2009/06/07 22:38:47 christos Exp $");
+__RCSID("$NetBSD: sftp.c,v 1.3 2010/07/06 15:09:41 christos Exp $");
 #include 
 #include 
 #include 
@@ -556,7 +556,7 @@
 
 	memset(&g, 0, sizeof(g));
 	debug3("Looking up %s", src);
-	if (glob(src, GLOB_NOCHECK, NULL, &g)) {
+	if (glob(src, GLOB_NOCHECK|GLOB_LIMIT, NULL, &g)) {
 		error("File \"%s\" not found.", src);
 		err = -1;
 		goto out;

CVS commit: src/crypto/external/bsd/openssh/dist

2010-05-13 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri May 14 01:46:04 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh-add.1 ssh-agent.1
ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 sshd.8

Log Message:
Fix .Dd format.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ssh-add.1 \
src/crypto/external/bsd/openssh/dist/ssh-keygen.1 \
src/crypto/external/bsd/openssh/dist/ssh-keyscan.1 \
src/crypto/external/bsd/openssh/dist/ssh-keysign.8
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/ssh-agent.1 \
src/crypto/external/bsd/openssh/dist/sshd.8

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh-add.1
diff -u src/crypto/external/bsd/openssh/dist/ssh-add.1:1.2 src/crypto/external/bsd/openssh/dist/ssh-add.1:1.3
--- src/crypto/external/bsd/openssh/dist/ssh-add.1:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh-add.1	Fri May 14 01:46:04 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh-add.1,v 1.2 2009/06/07 22:38:47 christos Exp $
+.\"	$NetBSD: ssh-add.1,v 1.3 2010/05/14 01:46:04 joerg Exp $
 .\"	$OpenBSD: ssh-add.1,v 1.46 2007/06/12 13:41:03 jmc Exp $
 .\"
 .\"  -*- nroff -*-
@@ -38,7 +38,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd June 12 2007
+.Dd June 12, 2007
 .Dt SSH-ADD 1
 .Os
 .Sh NAME
Index: src/crypto/external/bsd/openssh/dist/ssh-keygen.1
diff -u src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.2 src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.3
--- src/crypto/external/bsd/openssh/dist/ssh-keygen.1:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh-keygen.1	Fri May 14 01:46:04 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh-keygen.1,v 1.2 2009/06/07 22:38:47 christos Exp $
+.\"	$NetBSD: ssh-keygen.1,v 1.3 2010/05/14 01:46:04 joerg Exp $
 .\"	$OpenBSD: ssh-keygen.1,v 1.79 2008/07/24 23:55:30 sthen Exp $
 .\"
 .\"  -*- nroff -*-
@@ -38,7 +38,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd July 24 2008
+.Dd July 24, 2008
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
Index: src/crypto/external/bsd/openssh/dist/ssh-keyscan.1
diff -u src/crypto/external/bsd/openssh/dist/ssh-keyscan.1:1.2 src/crypto/external/bsd/openssh/dist/ssh-keyscan.1:1.3
--- src/crypto/external/bsd/openssh/dist/ssh-keyscan.1:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh-keyscan.1	Fri May 14 01:46:04 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh-keyscan.1,v 1.2 2009/06/07 22:38:47 christos Exp $
+.\"	$NetBSD: ssh-keyscan.1,v 1.3 2010/05/14 01:46:04 joerg Exp $
 .\"	$OpenBSD: ssh-keyscan.1,v 1.26 2008/12/29 01:12:36 stevesk Exp $
 .\"
 .\" Copyright 1995, 1996 by David Mazieres .
@@ -7,7 +7,7 @@
 .\" permitted provided that due credit is given to the author and the
 .\" OpenBSD project by leaving this copyright notice intact.
 .\"
-.Dd December 29 2008
+.Dd December 29, 2008
 .Dt SSH-KEYSCAN 1
 .Os
 .Sh NAME
Index: src/crypto/external/bsd/openssh/dist/ssh-keysign.8
diff -u src/crypto/external/bsd/openssh/dist/ssh-keysign.8:1.2 src/crypto/external/bsd/openssh/dist/ssh-keysign.8:1.3
--- src/crypto/external/bsd/openssh/dist/ssh-keysign.8:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh-keysign.8	Fri May 14 01:46:04 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh-keysign.8,v 1.2 2009/06/07 22:38:47 christos Exp $
+.\"	$NetBSD: ssh-keysign.8,v 1.3 2010/05/14 01:46:04 joerg Exp $
 .\" $OpenBSD: ssh-keysign.8,v 1.9 2007/05/31 19:20:16 jmc Exp $
 .\"
 .\" Copyright (c) 2002 Markus Friedl.  All rights reserved.
@@ -23,7 +23,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd May 31 2007
+.Dd May 31, 2007
 .Dt SSH-KEYSIGN 8
 .Os
 .Sh NAME

Index: src/crypto/external/bsd/openssh/dist/ssh-agent.1
diff -u src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.3 src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.4
--- src/crypto/external/bsd/openssh/dist/ssh-agent.1:1.3	Sun Dec 27 01:40:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh-agent.1	Fri May 14 01:46:04 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh-agent.1,v 1.3 2009/12/27 01:40:47 christos Exp $
+.\"	$NetBSD: ssh-agent.1,v 1.4 2010/05/14 01:46:04 joerg Exp $
 .\" $OpenBSD: ssh-agent.1,v 1.47 2009/03/26 08:38:39 sobrado Exp $
 .\"
 .\" Author: Tatu Ylonen 
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd March 26 2009
+.Dd March 26, 2009
 .Dt SSH-AGENT 1
 .Os
 .Sh NAME
Index: src/crypto/external/bsd/openssh/dist/sshd.8
diff -u src/crypto

CVS commit: src/crypto/external/bsd/openssh/dist

2010-05-13 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri May 14 01:44:06 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: sftp.1

Log Message:
Fix date. Fix trailing whitespace.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/sftp.1

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp.1
diff -u src/crypto/external/bsd/openssh/dist/sftp.1:1.3 src/crypto/external/bsd/openssh/dist/sftp.1:1.4
--- src/crypto/external/bsd/openssh/dist/sftp.1:1.3	Wed Oct 14 17:33:20 2009
+++ src/crypto/external/bsd/openssh/dist/sftp.1	Fri May 14 01:44:05 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: sftp.1,v 1.3 2009/10/14 17:33:20 joerg Exp $
+.\"	$NetBSD: sftp.1,v 1.4 2010/05/14 01:44:05 joerg Exp $
 .\" $OpenBSD: sftp.1,v 1.69 2008/12/09 15:35:00 sobrado Exp $
 .\"
 .\" Copyright (c) 2001 Damien Miller.  All rights reserved.
@@ -23,7 +23,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd December 9 2008
+.Dd December 9, 2008
 .Dt SFTP 1
 .Os
 .Sh NAME
@@ -204,7 +204,7 @@
 Specify how many requests may be outstanding at any one time.
 Increasing this may slightly improve file transfer speed
 but will increase memory usage.
-The default is 256 outstanding requests providing for 8MB 
+The default is 256 outstanding requests providing for 8MB
 of outstanding data with a 32KB buffer.
 .It Fl S Ar program
 Name of the

CVS commit: src/crypto/external/bsd/openssh/dist

2010-05-10 Thread John Nemeth

Module Name:src
Committed By:   jnemeth
Date:   Mon May 10 20:28:05 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: misc.c

Log Message:
Fix tunnelling (ssh -w).  The kernel expects a device to be passed
to the socked, not a path.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/misc.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/misc.c
diff -u src/crypto/external/bsd/openssh/dist/misc.c:1.2 src/crypto/external/bsd/openssh/dist/misc.c:1.3
--- src/crypto/external/bsd/openssh/dist/misc.c:1.2	Sun Jun  7 22:38:46 2009
+++ src/crypto/external/bsd/openssh/dist/misc.c	Mon May 10 20:28:05 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: misc.c,v 1.2 2009/06/07 22:38:46 christos Exp $	*/
+/*	$NetBSD: misc.c,v 1.3 2010/05/10 20:28:05 jnemeth Exp $	*/
 /* $OpenBSD: misc.c,v 1.71 2009/02/21 19:32:04 tobias Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: misc.c,v 1.2 2009/06/07 22:38:46 christos Exp $");
+__RCSID("$NetBSD: misc.c,v 1.3 2010/05/10 20:28:05 jnemeth Exp $");
 #include 
 #include 
 #include 
@@ -676,6 +676,7 @@
 
 	debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd);
 	/* Set the tunnel device operation mode */
+	snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s%d", tunbase, tun);
 	if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
 		goto failed;

CVS commit: src/crypto/external/bsd/openssh/dist

2010-04-29 Thread Thomas Klausner

Module Name:src
Committed By:   wiz
Date:   Thu Apr 29 18:14:09 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh_config.5 sshd_config.5

Log Message:
Fix date strings.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/ssh_config.5
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/sshd_config.5

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh_config.5
diff -u src/crypto/external/bsd/openssh/dist/ssh_config.5:1.3 src/crypto/external/bsd/openssh/dist/ssh_config.5:1.4
--- src/crypto/external/bsd/openssh/dist/ssh_config.5:1.3	Thu Apr 29 17:56:53 2010
+++ src/crypto/external/bsd/openssh/dist/ssh_config.5	Thu Apr 29 18:14:09 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh_config.5,v 1.3 2010/04/29 17:56:53 tron Exp $
+.\"	$NetBSD: ssh_config.5,v 1.4 2010/04/29 18:14:09 wiz Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\" $OpenBSD: ssh_config.5,v 1.119 2009/02/22 23:50:57 djm Exp $
-.Dd February 22 2009
+.Dd February 22, 2009
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME

Index: src/crypto/external/bsd/openssh/dist/sshd_config.5
diff -u src/crypto/external/bsd/openssh/dist/sshd_config.5:1.4 src/crypto/external/bsd/openssh/dist/sshd_config.5:1.5
--- src/crypto/external/bsd/openssh/dist/sshd_config.5:1.4	Thu Apr 29 17:56:53 2010
+++ src/crypto/external/bsd/openssh/dist/sshd_config.5	Thu Apr 29 18:14:09 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: sshd_config.5,v 1.4 2010/04/29 17:56:53 tron Exp $
+.\"	$NetBSD: sshd_config.5,v 1.5 2010/04/29 18:14:09 wiz Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\" $OpenBSD: sshd_config.5,v 1.106 2009/04/21 15:13:17 stevesk Exp $
-.Dd April 21 2009
+.Dd April 21, 2009
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME

CVS commit: src/crypto/external/bsd/openssh/dist

2010-04-29 Thread Matthias Scheler

Module Name:src
Committed By:   tron
Date:   Thu Apr 29 17:56:53 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh_config ssh_config.5
sshd_config.5

Log Message:
Don't mention "umac...@openssh.com" MAC algorithm which is not enabled
in our SSH client and daemon as it causes crashes on architectures which
strict aligment requirements (e.g. NetBSD/sparc64).

This fixes PR bin/43221 by myself.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/ssh_config \
src/crypto/external/bsd/openssh/dist/ssh_config.5
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/sshd_config.5

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh_config
diff -u src/crypto/external/bsd/openssh/dist/ssh_config:1.2 src/crypto/external/bsd/openssh/dist/ssh_config:1.3
--- src/crypto/external/bsd/openssh/dist/ssh_config:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh_config	Thu Apr 29 17:56:53 2010
@@ -1,4 +1,4 @@
-#	$NetBSD: ssh_config,v 1.2 2009/06/07 22:38:47 christos Exp $
+#	$NetBSD: ssh_config,v 1.3 2010/04/29 17:56:53 tron Exp $
 #	$OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $
 
 # This is the ssh client system-wide configuration file.  See
@@ -39,7 +39,7 @@
 #   Protocol 2,1
 #   Cipher 3des
 #   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
-#   MACs hmac-md5,hmac-sha1,umac...@openssh.com,hmac-ripemd160
+#   MACs hmac-md5,hmac-sha1,hmac-ripemd160
 #   EscapeChar ~
 #   Tunnel no
 #   TunnelDevice any:any
Index: src/crypto/external/bsd/openssh/dist/ssh_config.5
diff -u src/crypto/external/bsd/openssh/dist/ssh_config.5:1.2 src/crypto/external/bsd/openssh/dist/ssh_config.5:1.3
--- src/crypto/external/bsd/openssh/dist/ssh_config.5:1.2	Sun Jun  7 22:38:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh_config.5	Thu Apr 29 17:56:53 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh_config.5,v 1.2 2009/06/07 22:38:47 christos Exp $
+.\"	$NetBSD: ssh_config.5,v 1.3 2010/04/29 17:56:53 tron Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen 
@@ -667,7 +667,7 @@
 Multiple algorithms must be comma-separated.
 The default is:
 .Bd -literal -offset indent
-hmac-md5,hmac-sha1,umac...@openssh.com,
+hmac-md5,hmac-sha1,
 hmac-ripemd160,hmac-sha1-96,hmac-md5-96
 .Ed
 .It Cm NoHostAuthenticationForLocalhost

Index: src/crypto/external/bsd/openssh/dist/sshd_config.5
diff -u src/crypto/external/bsd/openssh/dist/sshd_config.5:1.3 src/crypto/external/bsd/openssh/dist/sshd_config.5:1.4
--- src/crypto/external/bsd/openssh/dist/sshd_config.5:1.3	Sun Dec 27 01:40:47 2009
+++ src/crypto/external/bsd/openssh/dist/sshd_config.5	Thu Apr 29 17:56:53 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: sshd_config.5,v 1.3 2009/12/27 01:40:47 christos Exp $
+.\"	$NetBSD: sshd_config.5,v 1.4 2010/04/29 17:56:53 tron Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen 
@@ -553,7 +553,7 @@
 Multiple algorithms must be comma-separated.
 The default is:
 .Bd -literal -offset indent
-hmac-md5,hmac-sha1,umac...@openssh.com,
+hmac-md5,hmac-sha1,
 hmac-ripemd160,hmac-sha1-96,hmac-md5-96
 .Ed
 .It Cm Match

CVS commit: src/crypto/external/bsd/openssh/dist

2010-04-03 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Apr  4 01:36:03 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: sshlogin.c

Log Message:
ctime can return NULL


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/crypto/external/bsd/openssh/dist/sshlogin.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sshlogin.c
diff -u src/crypto/external/bsd/openssh/dist/sshlogin.c:1.2 src/crypto/external/bsd/openssh/dist/sshlogin.c:1.3
--- src/crypto/external/bsd/openssh/dist/sshlogin.c:1.2	Sun Jun  7 18:38:48 2009
+++ src/crypto/external/bsd/openssh/dist/sshlogin.c	Sat Apr  3 21:36:03 2010
@@ -1,4 +1,4 @@
-/*	$NetBSD: sshlogin.c,v 1.2 2009/06/07 22:38:48 christos Exp $	*/
+/*	$NetBSD: sshlogin.c,v 1.3 2010/04/04 01:36:03 christos Exp $	*/
 /* $OpenBSD: sshlogin.c,v 1.26 2007/09/11 15:47:17 gilles Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -41,7 +41,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sshlogin.c,v 1.2 2009/06/07 22:38:48 christos Exp $");
+__RCSID("$NetBSD: sshlogin.c,v 1.3 2010/04/04 01:36:03 christos Exp $");
 #include 
 #include 
 #include 
@@ -144,8 +144,8 @@
 	sizeof(hostname));
 
 	if (last_login_time != 0) {
-		time_string = ctime(&last_login_time);
-		time_string[strcspn(time_string, "\n")] = '\0';
+		if ((time_string = ctime(&last_login_time)) != NULL)
+			time_string[strcspn(time_string, "\n")] = '\0';
 		if (strcmp(hostname, "") == 0)
 			snprintf(buf, sizeof(buf), "Last login: %s\r\n",
 			time_string);

CVS commit: src/crypto/external/bsd/openssh/dist

2010-01-08 Thread Joerg Sonnenberger

Module Name:src
Committed By:   joerg
Date:   Fri Jan  8 16:37:40 UTC 2010

Modified Files:
src/crypto/external/bsd/openssh/dist: ssh.1

Log Message:
Don't use .Xo/.Xc. Fix date format.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/ssh.1

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/ssh.1
diff -u src/crypto/external/bsd/openssh/dist/ssh.1:1.4 src/crypto/external/bsd/openssh/dist/ssh.1:1.5
--- src/crypto/external/bsd/openssh/dist/ssh.1:1.4	Sun Dec 27 01:40:47 2009
+++ src/crypto/external/bsd/openssh/dist/ssh.1	Fri Jan  8 16:37:39 2010
@@ -1,4 +1,4 @@
-.\"	$NetBSD: ssh.1,v 1.4 2009/12/27 01:40:47 christos Exp $
+.\"	$NetBSD: ssh.1,v 1.5 2010/01/08 16:37:39 joerg Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen 
@@ -36,7 +36,7 @@
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\" $OpenBSD: ssh.1,v 1.283 2009/03/19 15:15:09 jmc Exp $
-.Dd March 19 2009
+.Dd March 19, 2009
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -195,12 +195,7 @@
 See the
 .Cm Ciphers
 keyword for more information.
-.It Fl D Xo
-.Sm off
-.Oo Ar bind_address : Oc
-.Ar port
-.Sm on
-.Xc
+.It Fl D Oo Ar bind_address : Oc Ns Ar port
 Specifies a local
 .Dq dynamic
 application-level port forwarding.

CVS commit: src/crypto/external/bsd/openssh/dist

2009-12-26 Thread Christos Zoulas

Module Name:src
Committed By:   christos
Date:   Sun Dec 27 01:07:22 UTC 2009

Update of /cvsroot/src/crypto/external/bsd/openssh/dist
In directory ivanova.netbsd.org:/tmp/cvs-serv20149

Log Message:
import openssh 5.3

Status:

Vendor Tag: OPENSSH
Release Tags:   v53-20091226

U src/crypto/external/bsd/openssh/dist/auth1.c
U src/crypto/external/bsd/openssh/dist/LICENCE
U src/crypto/external/bsd/openssh/dist/PROTOCOL.agent
U src/crypto/external/bsd/openssh/dist/OVERVIEW
U src/crypto/external/bsd/openssh/dist/PROTOCOL
U src/crypto/external/bsd/openssh/dist/addrmatch.c
U src/crypto/external/bsd/openssh/dist/README
C src/crypto/external/bsd/openssh/dist/auth2.c
U src/crypto/external/bsd/openssh/dist/README.smartcard
U src/crypto/external/bsd/openssh/dist/atomicio.c
U src/crypto/external/bsd/openssh/dist/atomicio.h
U src/crypto/external/bsd/openssh/dist/auth-bsdauth.c
U src/crypto/external/bsd/openssh/dist/auth-chall.c
U src/crypto/external/bsd/openssh/dist/auth-krb5.c
U src/crypto/external/bsd/openssh/dist/auth-options.c
U src/crypto/external/bsd/openssh/dist/auth-options.h
U src/crypto/external/bsd/openssh/dist/auth-passwd.c
U src/crypto/external/bsd/openssh/dist/auth-rh-rsa.c
U src/crypto/external/bsd/openssh/dist/auth-rhosts.c
U src/crypto/external/bsd/openssh/dist/auth-rsa.c
U src/crypto/external/bsd/openssh/dist/auth.c
U src/crypto/external/bsd/openssh/dist/auth.h
U src/crypto/external/bsd/openssh/dist/auth2-gss.c
U src/crypto/external/bsd/openssh/dist/auth2-hostbased.c
U src/crypto/external/bsd/openssh/dist/auth2-chall.c
U src/crypto/external/bsd/openssh/dist/gss-serv.c
C src/crypto/external/bsd/openssh/dist/auth2-jpake.c
U src/crypto/external/bsd/openssh/dist/auth2-kbdint.c
U src/crypto/external/bsd/openssh/dist/auth2-none.c
U src/crypto/external/bsd/openssh/dist/auth2-passwd.c
U src/crypto/external/bsd/openssh/dist/auth2-pubkey.c
U src/crypto/external/bsd/openssh/dist/authfd.c
U src/crypto/external/bsd/openssh/dist/authfd.h
U src/crypto/external/bsd/openssh/dist/authfile.c
U src/crypto/external/bsd/openssh/dist/authfile.h
U src/crypto/external/bsd/openssh/dist/bufaux.c
U src/crypto/external/bsd/openssh/dist/bufbn.c
U src/crypto/external/bsd/openssh/dist/buffer.c
U src/crypto/external/bsd/openssh/dist/buffer.h
C src/crypto/external/bsd/openssh/dist/canohost.c
C src/crypto/external/bsd/openssh/dist/canohost.h
C src/crypto/external/bsd/openssh/dist/channels.c
U src/crypto/external/bsd/openssh/dist/channels.h
U src/crypto/external/bsd/openssh/dist/crc32.c
U src/crypto/external/bsd/openssh/dist/cipher-3des1.c
U src/crypto/external/bsd/openssh/dist/cipher.c
U src/crypto/external/bsd/openssh/dist/cipher-bf1.c
U src/crypto/external/bsd/openssh/dist/cipher-ctr.c
U src/crypto/external/bsd/openssh/dist/cipher.h
U src/crypto/external/bsd/openssh/dist/cleanup.c
C src/crypto/external/bsd/openssh/dist/clientloop.c
U src/crypto/external/bsd/openssh/dist/clientloop.h
U src/crypto/external/bsd/openssh/dist/compat.c
U src/crypto/external/bsd/openssh/dist/compat.h
U src/crypto/external/bsd/openssh/dist/compress.c
U src/crypto/external/bsd/openssh/dist/compress.h
U src/crypto/external/bsd/openssh/dist/crc32.h
U src/crypto/external/bsd/openssh/dist/deattack.c
U src/crypto/external/bsd/openssh/dist/deattack.h
U src/crypto/external/bsd/openssh/dist/dh.c
U src/crypto/external/bsd/openssh/dist/dh.h
U src/crypto/external/bsd/openssh/dist/dispatch.c
U src/crypto/external/bsd/openssh/dist/dispatch.h
U src/crypto/external/bsd/openssh/dist/dns.c
U src/crypto/external/bsd/openssh/dist/dns.h
U src/crypto/external/bsd/openssh/dist/fatal.c
U src/crypto/external/bsd/openssh/dist/groupaccess.c
U src/crypto/external/bsd/openssh/dist/groupaccess.h
C src/crypto/external/bsd/openssh/dist/gss-genr.c
U src/crypto/external/bsd/openssh/dist/gss-serv-krb5.c
U src/crypto/external/bsd/openssh/dist/hostfile.c
U src/crypto/external/bsd/openssh/dist/hostfile.h
C src/crypto/external/bsd/openssh/dist/jpake.c
C src/crypto/external/bsd/openssh/dist/jpake.h
C src/crypto/external/bsd/openssh/dist/kex.c
C src/crypto/external/bsd/openssh/dist/kex.h
U src/crypto/external/bsd/openssh/dist/kexdh.c
U src/crypto/external/bsd/openssh/dist/kexdhc.c
C src/crypto/external/bsd/openssh/dist/kexdhs.c
U src/crypto/external/bsd/openssh/dist/kexgex.c
U src/crypto/external/bsd/openssh/dist/kexgexc.c
C src/crypto/external/bsd/openssh/dist/kexgexs.c
U src/crypto/external/bsd/openssh/dist/key.c
U src/crypto/external/bsd/openssh/dist/key.h
U src/crypto/external/bsd/openssh/dist/log.c
U src/crypto/external/bsd/openssh/dist/log.h
U src/crypto/external/bsd/openssh/dist/mac.c
U src/crypto/external/bsd/openssh/dist/mac.h
U src/crypto/external/bsd/openssh/dist/match.c
U src/crypto/external/bsd/openssh/dist/match.h
U src/crypto/external/bsd/openssh/dist/misc.c
U src/crypto/external/bsd/openssh/dist/misc.h
U src/crypto/external/bsd/openssh/dist/moduli.c
C src/crypto/external/bsd/openssh/dist/monitor.c
U src/crypto/external/bsd/openssh/dist/monitor.h
U src

< 1 2 3 >

101 - 200 of 211 matches

Mail list logo