├── .gitignore ├── Makefile ├── README ├── TODO ├── leakmalloc ├── Makefile ├── README ├── leakmalloc │ ├── Makefile │ ├── leakmalloc.c │ └── leakmalloc.h ├── leakresolve.py ├── objdump2dot.pl └── regress │ ├── Makefile │ └── leaky.c ├── regress ├── CVS │ ├── Entries │ ├── Repository │ └── Root ├── Makefile ├── addrmatch.sh ├── agent-getpeereid.sh ├── agent-pkcs11.sh ├── agent-ptrace.sh ├── agent-timeout.sh ├── agent.sh ├── banner.sh ├── broken-pipe.sh ├── brokenkeys.sh ├── cert-hostkey.sh ├── cert-userkey.sh ├── cfgmatch.sh ├── cipher-speed.sh ├── conch-ciphers.sh ├── connect-privsep.sh ├── connect.sh ├── dsa_ssh2.prv ├── dsa_ssh2.pub ├── dynamic-forward.sh ├── envpass.sh ├── exit-status.sh ├── forcecommand.sh ├── forward-control.sh ├── forwarding.sh ├── host-expand.sh ├── integrity.sh ├── kextype.sh ├── key-options.sh ├── keygen-change.sh ├── keygen-convert.sh ├── keys-command.sh ├── keyscan.sh ├── keytype.sh ├── localcommand.sh ├── login-timeout.sh ├── modpipe.c ├── multiplex.sh ├── portnum.sh ├── proto-mismatch.sh ├── proto-version.sh ├── proxy-connect.sh ├── putty-ciphers.sh ├── putty-kex.sh ├── putty-transfer.sh ├── reconfigure.sh ├── reexec.sh ├── rekey.sh ├── rsa_openssh.prv ├── rsa_openssh.pub ├── rsa_ssh2.prv ├── scp-ssh-wrapper.sh ├── scp.sh ├── sftp-badcmds.sh ├── sftp-batch.sh ├── sftp-cmds.sh ├── sftp-glob.sh ├── sftp.sh ├── ssh-com-client.sh ├── ssh-com-keygen.sh ├── ssh-com-sftp.sh ├── ssh-com.sh ├── ssh2putty.sh ├── sshd-log-wrapper.sh ├── stderr-after-eof.sh ├── stderr-data.sh ├── t4.ok ├── t5.ok ├── test-exec.sh ├── transfer.sh ├── try-ciphers.sh └── yes-head.sh ├── ssh ├── CVS │ ├── Entries │ ├── Repository │ └── Root ├── LICENCE ├── Makefile ├── Makefile.inc ├── OVERVIEW ├── PROTOCOL ├── PROTOCOL.agent ├── PROTOCOL.certkeys ├── PROTOCOL.mux ├── README ├── addrmatch.c ├── atomicio.c ├── atomicio.h ├── auth-bsdauth.c ├── auth-chall.c ├── auth-krb5.c ├── auth-options.c ├── auth-options.h ├── auth-passwd.c ├── auth-rh-rsa.c ├── auth-rhosts.c ├── auth-rsa.c ├── auth.c ├── auth.h ├── auth1.c ├── auth2-chall.c ├── auth2-gss.c ├── auth2-hostbased.c ├── auth2-jpake.c ├── auth2-kbdint.c ├── auth2-none.c ├── auth2-passwd.c ├── auth2-pubkey.c ├── auth2.c ├── authfd.c ├── authfd.h ├── authfile.c ├── authfile.h ├── canohost.c ├── canohost.h ├── channels.c ├── channels.h ├── cipher-3des1.c ├── cipher-bf1.c ├── cipher.c ├── cipher.h ├── cleanup.c ├── clientloop.c ├── clientloop.h ├── compat.c ├── compat.h ├── crc32.c ├── crc32.h ├── deattack.c ├── deattack.h ├── dh.c ├── dh.h ├── dispatch.c ├── dispatch.h ├── dns.c ├── dns.h ├── err.c ├── err.h ├── fatal.c ├── groupaccess.c ├── groupaccess.h ├── gss-genr.c ├── gss-serv-krb5.c ├── gss-serv.c ├── hostfile.c ├── hostfile.h ├── jpake.c ├── jpake.h ├── kex.c ├── kex.h ├── kexdh.c ├── kexdhc.c ├── kexdhs.c ├── kexecdh.c ├── kexecdhc.c ├── kexecdhs.c ├── kexgex.c ├── kexgexc.c ├── kexgexs.c ├── key.c ├── key.h ├── lib │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ ├── Makefile │ └── shlib_version ├── log.c ├── log.h ├── mac.c ├── mac.h ├── match.c ├── match.h ├── misc.c ├── misc.h ├── moduli.c ├── monitor.c ├── monitor.h ├── monitor_fdpass.c ├── monitor_fdpass.h ├── monitor_mm.c ├── monitor_mm.h ├── monitor_wrap.c ├── monitor_wrap.h ├── msg.c ├── msg.h ├── mux.c ├── myproposal.h ├── nchan.c ├── nchan.ms ├── nchan2.ms ├── packet.c ├── packet.h ├── pathnames.h ├── pkcs11.h ├── progressmeter.c ├── progressmeter.h ├── readconf.c ├── readconf.h ├── readpass.c ├── roaming.h ├── roaming_client.c ├── roaming_common.c ├── roaming_dummy.c ├── roaming_serv.c ├── rsa.c ├── rsa.h ├── sandbox-rlimit.c ├── sandbox-systrace.c ├── schnorr.c ├── schnorr.h ├── scp.1 ├── scp.c ├── scp │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── servconf.c ├── servconf.h ├── serverloop.c ├── serverloop.h ├── session.c ├── session.h ├── sftp-client.c ├── sftp-client.h ├── sftp-common.c ├── sftp-common.h ├── sftp-glob.c ├── sftp-server-main.c ├── sftp-server.8 ├── sftp-server.c ├── sftp-server │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── sftp.1 ├── sftp.c ├── sftp.h ├── sftp │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh-add.1 ├── ssh-add.c ├── ssh-add │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh-agent.1 ├── ssh-agent.c ├── ssh-agent │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh-dss.c ├── ssh-ecdsa.c ├── ssh-gss.h ├── ssh-keygen.1 ├── ssh-keygen.c ├── ssh-keygen │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh-keyscan.1 ├── ssh-keyscan.c ├── ssh-keyscan │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh-keysign.8 ├── ssh-keysign.c ├── ssh-keysign │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh-pkcs11-client.c ├── ssh-pkcs11-helper.8 ├── ssh-pkcs11-helper.c ├── ssh-pkcs11-helper │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh-pkcs11.c ├── ssh-pkcs11.h ├── ssh-proxy.c ├── ssh-proxy.txt ├── ssh-proxy │ ├── Makefile │ └── Makefile2 ├── ssh-rsa.c ├── ssh-sandbox.h ├── ssh.1 ├── ssh.c ├── ssh.h ├── ssh │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── ssh1.h ├── ssh2.h ├── ssh_api.c ├── ssh_api.h ├── ssh_config ├── ssh_config.5 ├── sshbuf-getput-basic.c ├── sshbuf-getput-crypto.c ├── sshbuf-misc.c ├── sshbuf.c ├── sshbuf.h ├── sshconnect.c ├── sshconnect.h ├── sshconnect1.c ├── sshconnect2.c ├── sshd.8 ├── sshd.c ├── sshd │ ├── CVS │ │ ├── Entries │ │ ├── Repository │ │ └── Root │ └── Makefile ├── sshd_config ├── sshd_config.5 ├── sshlogin.c ├── sshlogin.h ├── sshpty.c ├── sshpty.h ├── sshtty.c ├── ttymodes.c ├── ttymodes.h ├── uidswap.c ├── uidswap.h ├── umac.c ├── umac.h ├── uuencode.c ├── uuencode.h ├── version.h ├── xmalloc.c └── xmalloc.h └── unittests ├── Makefile ├── Makefile.inc ├── TODO ├── kex ├── Makefile ├── test_kex.c └── tests.c ├── sshbuf ├── Makefile ├── test_sshbuf.c ├── test_sshbuf_fixed.c ├── test_sshbuf_fuzz.c ├── test_sshbuf_getput_basic.c ├── test_sshbuf_getput_crypto.c ├── test_sshbuf_getput_fuzz.c ├── test_sshbuf_misc.c └── tests.c ├── sshkey ├── Makefile ├── common.c ├── common.h ├── mktestdata.sh ├── test_file.c ├── test_fuzz.c ├── test_sshkey.c ├── testdata │ ├── dsa_1 │ ├── dsa_1-cert.pub │ ├── dsa_1.fp │ ├── dsa_1.fp.bb │ ├── dsa_1.param.g │ ├── dsa_1.param.priv │ ├── dsa_1.param.pub │ ├── dsa_1.pub │ ├── dsa_1_pw │ ├── dsa_2 │ ├── dsa_2.fp │ ├── dsa_2.fp.bb │ ├── dsa_2.pub │ ├── ecdsa_1 │ ├── ecdsa_1-cert.pub │ ├── ecdsa_1.fp │ ├── ecdsa_1.fp.bb │ ├── ecdsa_1.param.curve │ ├── ecdsa_1.param.priv │ ├── ecdsa_1.param.pub │ ├── ecdsa_1.pub │ ├── ecdsa_1_pw │ ├── ecdsa_2 │ ├── ecdsa_2.fp │ ├── ecdsa_2.fp.bb │ ├── ecdsa_2.param.curve │ ├── ecdsa_2.param.priv │ ├── ecdsa_2.param.pub │ ├── ecdsa_2.pub │ ├── pw │ ├── rsa1_1 │ ├── rsa1_1.fp │ ├── rsa1_1.fp.bb │ ├── rsa1_1.param.n │ ├── rsa1_1.pub │ ├── rsa1_1_pw │ ├── rsa1_2 │ ├── rsa1_2.fp │ ├── rsa1_2.fp.bb │ ├── rsa1_2.param.n │ ├── rsa1_2.pub │ ├── rsa_1 │ ├── rsa_1-cert.pub │ ├── rsa_1.fp │ ├── rsa_1.fp.bb │ ├── rsa_1.param.n │ ├── rsa_1.param.p │ ├── rsa_1.param.q │ ├── rsa_1.pub │ ├── rsa_1_pw │ ├── rsa_2 │ ├── rsa_2.fp │ ├── rsa_2.fp.bb │ ├── rsa_2.param.n │ ├── rsa_2.param.p │ ├── rsa_2.param.q │ └── rsa_2.pub └── tests.c └── test_helper ├── Makefile ├── fuzz.c ├── test_helper.c └── test_helper.h /.gitignore: -------------------------------------------------------------------------------- 1 | *.bak 2 | *.core 3 | *.dif 4 | *.diff 5 | *.orig 6 | *.rej 7 | ID 8 | obj 9 | tags 10 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD:$ 2 | 3 | .if defined(LEAKMALLOC) 4 | SUBDIR= leakmalloc ssh unittests 5 | .else 6 | SUBDIR= ssh unittests regress 7 | .endif 8 | 9 | .include 10 | -------------------------------------------------------------------------------- /README: -------------------------------------------------------------------------------- 1 | libopenssh 2 | ========== 3 | 4 | turn openssh into a library 5 | 6 | ssh a copy of openbsd src/usr.bin/ssh 7 | regress a copy of openbsd src/regress/usr.bin/ssh 8 | 9 | diff against vanilla openssh: 10 | 11 | % cd ssh && cvs -qd anoncvs@anoncvs1.ca.openbsd.org:/cvs diff -u 12 | 13 | -m 14 | -------------------------------------------------------------------------------- /TODO: -------------------------------------------------------------------------------- 1 | 1) [DONE] split functions from kex*[cs].c into callbacks similar to kexgexc.c 2 | and remove packet_read_expect. 3 | 4 | 2) [DONE] move to session state 5 | struct session_state { 6 | Kex kex; 7 | Newkeys *current_keys; /* cf kex.c */ 8 | dispatch_fn dispatch[] 9 | int datafellows 10 | } 11 | 12 | 3) [DONE] Code for parsing the keys 13 | 14 | 4) [DONE] Implement callback for kex->verify_host_key for checking key 15 | 16 | 5) [DONE] Implement callbacks for: 17 | kex->load_host_public_key 18 | kex->load_host_private_key 19 | 20 | 5) [DONE] figure out how to integrate the banner exchange into ssh_packet_get() 21 | 22 | 6) [DONE] figure out how integrate kex into ssh_packet_get() 23 | 24 | 7) [DONE] figure out initial API 25 | 26 | 8) figure out error-handling and remove fatal() 27 | 28 | 9) [DONE] Rework privsep's interaction with packet.c: factor everything into 29 | packet_get_state() and packet_set_state() functions 30 | 31 | -------------------------------------------------------------------------------- /leakmalloc/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD:$ 2 | 3 | SUBDIR= leakmalloc regress 4 | 5 | .include 6 | -------------------------------------------------------------------------------- /leakmalloc/README: -------------------------------------------------------------------------------- 1 | This is a very simple memory leak detector using libexecinfo (in 2 | OpenBSD ports as devel/libexecinfo). It could be adapted to use the 3 | backtrace function in glibc too. 4 | 5 | It tracks memory allocations by redirecting malloc/free and friends 6 | to its own functions using preprocessor defines. When an allocation 7 | is made, leakmalloc grabs the call chain from the stack and stores it. 8 | When the program exits, leakmalloc dumps all unfreed allocations. 9 | 10 | leakresolve.py consumes one of these dumps and produces a fairly 11 | readable report with leaks coalesced by stack trace and sorted by 12 | number of leak instances. Usually the last entry on this report is 13 | the one to care most about. 14 | 15 | leaky.c in regress/ shows how you might use it (run 'make' in that directory 16 | and run it manually, or look at the Makefile for tips). 17 | 18 | Note that everything needs to be compiled without optimisation and with 19 | debugging symbols. 20 | -------------------------------------------------------------------------------- /leakmalloc/leakmalloc/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | LIB= leakmalloc 4 | SRCS= leakmalloc.c 5 | HDRS= leakmalloc.h 6 | #MAN= leakmalloc.3 7 | NOMAN=1 8 | NOPIC=1 9 | NOPROFILE=1 10 | 11 | CDIAGFLAGS= -Wall 12 | CDIAGFLAGS+= -Werror 13 | CDIAGFLAGS+= -Wstrict-prototypes 14 | CDIAGFLAGS+= -Wmissing-prototypes 15 | CDIAGFLAGS+= -Wmissing-declarations 16 | CDIAGFLAGS+= -Wshadow 17 | CDIAGFLAGS+= -Wpointer-arith 18 | CDIAGFLAGS+= -Wcast-qual 19 | CDIAGFLAGS+= -Wsign-compare 20 | CDIAGFLAGS+= -Wcast-align 21 | CDIAGFLAGS+= -Wbad-function-cast 22 | 23 | CPPFLAGS+= -I/usr/local/include 24 | DEBUG=-ggdb3 25 | COPTS=-O0 26 | INSTALL_STRIP= 27 | 28 | .include 29 | -------------------------------------------------------------------------------- /leakmalloc/leakmalloc/leakmalloc.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2012 Damien Miller 3 | * 4 | * Permission to use, copy, modify, and distribute this software for any 5 | * purpose with or without fee is hereby granted, provided that the above 6 | * copyright notice and this permission notice appear in all copies. 7 | * 8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 | */ 16 | 17 | #ifndef _LEAKMALLOC_H 18 | #define _LEAKMALLOC_H 19 | 20 | #include 21 | #include 22 | #include 23 | 24 | char *leak_strdup(const char *s); 25 | void *leak_malloc(size_t len); 26 | void *leak_calloc(size_t nmemb, size_t size); 27 | void *leak_realloc(void *s, size_t len); 28 | void leak_free(void *s); 29 | 30 | #ifndef LEAKMALLOC_NO_REDIRECT 31 | #define malloc leak_malloc 32 | #define strdup leak_strdup 33 | #define calloc leak_calloc 34 | #define realloc leak_realloc 35 | #define free leak_free 36 | #endif /* LEAKMALLOC_NO_REDIRECT */ 37 | 38 | #endif /* _LEAKMALLOC_H */ 39 | 40 | -------------------------------------------------------------------------------- /leakmalloc/objdump2dot.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/perl 2 | 3 | use Data::Dumper; 4 | use Getopt::Std; 5 | use strict; 6 | use warnings; 7 | 8 | sub usage () { 9 | my $argv0 = $0; 10 | $argv0 =~ s|.*/||; 11 | printf "usage: objdump -rd *.o | $argv0 [-rb] f1 [f2...] | dot -Tpdf > out.pdf\n"; 12 | exit 1; 13 | } 14 | 15 | my %opts; 16 | getopts('brd', \%opts) or usage(); 17 | $#ARGV >= 0 or usage(); 18 | my $reverse = $opts{r} || 0; # print callers, otherwise callee-s 19 | my $both = $opts{b} || 0; 20 | my $debug = $opts{d} || 0; 21 | my @functions = @ARGV; 22 | @ARGV=(); 23 | 24 | ## parse Relocated-Disassemble output from 'objdump -rd' 25 | ##00000000 : 26 | ## 9: e8 00 00 00 00 call e NOT 27 | ## 16: R_386_PLT32 BIO_s_file YES 28 | ## 1e: R_386_PLT32 BIO_new YES 29 | ## 106: e8 c5 00 00 00 call 1d0 YES 30 | 31 | my $graph = {}; 32 | my $inverse = {}; 33 | 34 | # check for function calls and build call-graph 35 | my $caller = ''; 36 | while(<>) { 37 | chomp; 38 | if (/^\S+ <(\S+)>:/) { 39 | $caller=$1; 40 | $caller='' if $caller =~ /^\./; 41 | print "# FOUND FUNC $1\n" if $caller && $debug; 42 | } 43 | next unless $caller; 44 | if (/(R_386_PC32|R_386_PLT32)\s+(\S+)/) { 45 | my $f=$2; 46 | print "# $caller => $f\n" if $debug; 47 | $graph->{$caller}->{$f} = 1; 48 | } 49 | if (/call\s.+<(\S+)>/) { 50 | my $f=$1; 51 | next if ($f =~ /\+0x/); 52 | print "# $caller -> $f\n" if $debug; 53 | $graph->{$caller}->{$f} = 1; 54 | } 55 | } 56 | print Dumper($graph) if $debug; 57 | 58 | if ($reverse || $both) { 59 | # build the inverse call graph (callee->caller) 60 | while (my ($caller, $calls) = each %$graph) { 61 | foreach my $f (sort keys %$calls) { 62 | $inverse->{$f}->{$caller} = 1; 63 | } 64 | } 65 | print Dumper($inverse) if $debug; 66 | } 67 | 68 | # recurse over the call-graph ($map) until no callers 69 | # are found, skip if already seen (by deleting them) 70 | sub show { 71 | my $func = shift; 72 | my $map = shift; 73 | my $entry = delete $map->{$func}; 74 | if (defined($entry)) { 75 | foreach my $f (sort keys %{$entry}) { 76 | if ($map == $inverse) { 77 | printf "$f -> $func\n"; 78 | } else { 79 | printf "$func -> $f\n"; 80 | } 81 | show($f, $map); 82 | } 83 | } 84 | } 85 | 86 | print "digraph callgraph {\n"; 87 | print "rankdir=LR\n"; # left-to-right 88 | foreach my $f (@functions) { 89 | if ($reverse || $both) { 90 | show($f, $inverse); 91 | } 92 | if (!$reverse || $both) { 93 | show($f, $graph); 94 | } 95 | print "$f [color=red]\n"; 96 | } 97 | print "}\n"; 98 | -------------------------------------------------------------------------------- /leakmalloc/regress/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | .include 4 | .include 5 | 6 | CDIAGFLAGS= -Wall 7 | CDIAGFLAGS+= -Werror 8 | CDIAGFLAGS+= -Wpointer-arith 9 | CDIAGFLAGS+= -Wstrict-prototypes 10 | CDIAGFLAGS+= -Wmissing-prototypes 11 | CDIAGFLAGS+= -Wunused 12 | CDIAGFLAGS+= -Wsign-compare 13 | CDIAGFLAGS+= -Wshadow 14 | CDIAGFLAGS+= -Wformat 15 | .if (${CC:L} == "gcc" || ${CC:L} == "cc") 16 | CDIAGFLAGS+= -Wbounded 17 | .endif 18 | DEBUG=-g 19 | COPTS=-O0 20 | 21 | CPPFLAGS+=-I${.CURDIR}/../leakmalloc 22 | 23 | .if exists(${.CURDIR}/../leakmalloc/${__objdir}) 24 | LDADD+=-L${.CURDIR}/../leakmalloc/${__objdir} -lleakmalloc 25 | DPADD+=${.CURDIR}/../leakmalloc/${__objdir}/libleakmalloc.a 26 | .else 27 | LDADD+=-L${.CURDIR}/../leakmalloc -lleakmalloc 28 | DPADD+=${.CURDIR}/../leakmalloc/libleakmalloc.a 29 | .endif 30 | 31 | LDFLAGS+=-L/usr/local/lib 32 | LDADD+=-lexecinfo 33 | 34 | PROG=leaky 35 | SRCS=leaky.c 36 | REGRESS_TARGETS=does-leak outfile exit-leak summary 37 | 38 | does-leak: ${PROG} 39 | ./${PROG} | grep -q "^LEAK " 40 | 41 | outfile: ${PROG} 42 | rm -f leakmalloc.out 43 | env LEAKMALLOC_OPTIONS=D ./${PROG} 44 | grep -q "^LEAK " leakmalloc.out 45 | 46 | exit-leak: ${PROG} 47 | sh -c 'export LEAKMALLOC_OPTIONS=XQ ; ./${PROG} ; test $$? -eq 99' 48 | 49 | summary: ${PROG} 50 | test `./${PROG} | ${.CURDIR}/../leakresolve.py -p ${PROG} | \ 51 | grep "^Total:" | cut -d' ' -f 2` -eq 22 52 | 53 | clean: 54 | rm -f ${PROG} *.o *.core leakmalloc.out 55 | 56 | .include 57 | 58 | -------------------------------------------------------------------------------- /leakmalloc/regress/leaky.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | #include "leakmalloc.h" 5 | 6 | static void *a, *b, *c, *d, *e, *f; 7 | 8 | static void 9 | f6(void) 10 | { 11 | d = strdup("hello"); 12 | e = malloc(789); 13 | } 14 | 15 | static void 16 | f5(void) 17 | { 18 | c = calloc(1, 678); 19 | f6(); 20 | } 21 | 22 | static void 23 | f4(void) 24 | { 25 | b = malloc(456); 26 | f5(); 27 | free(e); 28 | } 29 | 30 | static void 31 | f3(void) 32 | { 33 | a = malloc(123); 34 | f = realloc(NULL, 321); 35 | } 36 | 37 | static void 38 | f2(void) 39 | { 40 | f4(); 41 | b = realloc(b, 567); 42 | } 43 | 44 | static void 45 | f1(void) 46 | { 47 | int i; 48 | 49 | f2(); 50 | for (i = 0; i < 10; i++) 51 | f3(); 52 | } 53 | 54 | int 55 | main(void) 56 | { 57 | f1(); 58 | free(f); 59 | return 0; 60 | } 61 | -------------------------------------------------------------------------------- /regress/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/regress/usr.bin/ssh 2 | -------------------------------------------------------------------------------- /regress/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /regress/addrmatch.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: addrmatch.sh,v 1.4 2012/05/13 01:42:32 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="address match" 5 | 6 | mv $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 7 | 8 | run_trial() 9 | { 10 | user="$1"; addr="$2"; host="$3"; laddr="$4"; lport="$5" 11 | expected="$6"; descr="$7" 12 | 13 | verbose "test $descr for $user $addr $host" 14 | result=`${SSHD} -f $OBJ/sshd_proxy -T \ 15 | -C user=${user},addr=${addr},host=${host},laddr=${laddr},lport=${lport} | \ 16 | awk '/^forcecommand/ {print $2}'` 17 | if [ "$result" != "$expected" ]; then 18 | fail "failed '$descr' expected $expected got $result" 19 | fi 20 | } 21 | 22 | cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 23 | cat >>$OBJ/sshd_proxy < /dev/null 16 | r=$? 17 | if [ $r -ne 0 ]; then 18 | fail "could not start ssh-agent: exit code $r" 19 | else 20 | chmod 644 ${SSH_AUTH_SOCK} 21 | 22 | ssh-add -l > /dev/null 2>&1 23 | r=$? 24 | if [ $r -ne 1 ]; then 25 | fail "ssh-add failed with $r != 1" 26 | fi 27 | 28 | < /dev/null ${SUDO} -S -u ${UNPRIV} ssh-add -l > /dev/null 2>&1 29 | r=$? 30 | if [ $r -lt 2 ]; then 31 | fail "ssh-add did not fail for ${UNPRIV}: $r < 2" 32 | fi 33 | 34 | trace "kill agent" 35 | ${SSHAGENT} -k > /dev/null 36 | fi 37 | 38 | rm -f ${OBJ}/agent 39 | -------------------------------------------------------------------------------- /regress/agent-pkcs11.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: agent-pkcs11.sh,v 1.1 2010/02/08 10:52:47 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="pkcs11 agent test" 5 | 6 | TEST_SSH_PIN="" 7 | TEST_SSH_PKCS11=/usr/local/lib/soft-pkcs11.so.0.0 8 | 9 | # setup environment for soft-pkcs11 token 10 | SOFTPKCS11RC=$OBJ/pkcs11.info 11 | export SOFTPKCS11RC 12 | # prevent ssh-agent from calling ssh-askpass 13 | SSH_ASKPASS=/usr/bin/true 14 | export SSH_ASKPASS 15 | unset DISPLAY 16 | 17 | # start command w/o tty, so ssh-add accepts pin from stdin 18 | notty() { 19 | perl -e 'use POSIX; POSIX::setsid(); 20 | if (fork) { wait; exit($? >> 8); } else { exec(@ARGV) }' "$@" 21 | } 22 | 23 | trace "start agent" 24 | eval `${SSHAGENT} -s` > /dev/null 25 | r=$? 26 | if [ $r -ne 0 ]; then 27 | fail "could not start ssh-agent: exit code $r" 28 | else 29 | trace "generating key/cert" 30 | rm -f $OBJ/pkcs11.key $OBJ/pkcs11.crt 31 | openssl genrsa -out $OBJ/pkcs11.key 2048 > /dev/null 2>&1 32 | chmod 600 $OBJ/pkcs11.key 33 | openssl req -key $OBJ/pkcs11.key -new -x509 \ 34 | -out $OBJ/pkcs11.crt -text -subj '/CN=pkcs11 test' > /dev/null 35 | printf "a\ta\t$OBJ/pkcs11.crt\t$OBJ/pkcs11.key" > $SOFTPKCS11RC 36 | # add to authorized keys 37 | ${SSHKEYGEN} -y -f $OBJ/pkcs11.key > $OBJ/authorized_keys_$USER 38 | 39 | trace "add pkcs11 key to agent" 40 | echo ${TEST_SSH_PIN} | notty ${SSHADD} -s ${TEST_SSH_PKCS11} > /dev/null 2>&1 41 | r=$? 42 | if [ $r -ne 0 ]; then 43 | fail "ssh-add -s failed: exit code $r" 44 | fi 45 | 46 | trace "pkcs11 list via agent" 47 | ${SSHADD} -l > /dev/null 2>&1 48 | r=$? 49 | if [ $r -ne 0 ]; then 50 | fail "ssh-add -l failed: exit code $r" 51 | fi 52 | 53 | trace "pkcs11 connect via agent" 54 | ${SSH} -2 -F $OBJ/ssh_proxy somehost exit 5 55 | r=$? 56 | if [ $r -ne 5 ]; then 57 | fail "ssh connect failed (exit code $r)" 58 | fi 59 | 60 | trace "remove pkcs11 keys" 61 | echo ${TEST_SSH_PIN} | notty ${SSHADD} -e ${TEST_SSH_PKCS11} > /dev/null 2>&1 62 | r=$? 63 | if [ $r -ne 0 ]; then 64 | fail "ssh-add -e failed: exit code $r" 65 | fi 66 | 67 | trace "kill agent" 68 | ${SSHAGENT} -k > /dev/null 69 | fi 70 | -------------------------------------------------------------------------------- /regress/agent-ptrace.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: agent-ptrace.sh,v 1.1 2002/12/09 15:38:30 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="disallow agent ptrace attach" 5 | 6 | trace "start agent" 7 | eval `${SSHAGENT} -s` > /dev/null 8 | r=$? 9 | if [ $r -ne 0 ]; then 10 | fail "could not start ssh-agent: exit code $r" 11 | else 12 | # ls -l ${SSH_AUTH_SOCK} 13 | gdb ${SSHAGENT} ${SSH_AGENT_PID} > ${OBJ}/gdb.out 2>&1 << EOF 14 | quit 15 | EOF 16 | if [ $? -ne 0 ]; then 17 | fail "gdb failed: exit code $?" 18 | fi 19 | grep -q 'ptrace: Operation not permitted.' ${OBJ}/gdb.out 20 | r=$? 21 | rm -f ${OBJ}/gdb.out 22 | if [ $r -ne 0 ]; then 23 | fail "ptrace succeeded?: exit code $r" 24 | fi 25 | 26 | trace "kill agent" 27 | ${SSHAGENT} -k > /dev/null 28 | fi 29 | -------------------------------------------------------------------------------- /regress/agent-timeout.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: agent-timeout.sh,v 1.1 2002/06/06 00:38:40 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="agent timeout test" 5 | 6 | TIMEOUT=5 7 | 8 | trace "start agent" 9 | eval `${SSHAGENT} -s` > /dev/null 10 | r=$? 11 | if [ $r -ne 0 ]; then 12 | fail "could not start ssh-agent: exit code $r" 13 | else 14 | trace "add keys with timeout" 15 | for t in rsa rsa1; do 16 | ${SSHADD} -t ${TIMEOUT} $OBJ/$t > /dev/null 2>&1 17 | if [ $? -ne 0 ]; then 18 | fail "ssh-add did succeed exit code 0" 19 | fi 20 | done 21 | n=`${SSHADD} -l 2> /dev/null | wc -l` 22 | trace "agent has $n keys" 23 | if [ $n -ne 2 ]; then 24 | fail "ssh-add -l did not return 2 keys: $n" 25 | fi 26 | trace "sleeping 2*${TIMEOUT} seconds" 27 | sleep ${TIMEOUT} 28 | sleep ${TIMEOUT} 29 | ${SSHADD} -l 2> /dev/null | grep -q 'The agent has no identities.' 30 | if [ $? -ne 0 ]; then 31 | fail "ssh-add -l still returns keys after timeout" 32 | fi 33 | 34 | trace "kill agent" 35 | ${SSHAGENT} -k > /dev/null 36 | fi 37 | -------------------------------------------------------------------------------- /regress/agent.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: agent.sh,v 1.7 2007/11/25 15:35:09 jmc Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="simple agent test" 5 | 6 | SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1 7 | if [ $? -ne 2 ]; then 8 | fail "ssh-add -l did not fail with exit code 2" 9 | fi 10 | 11 | trace "start agent" 12 | eval `${SSHAGENT} -s` > /dev/null 13 | r=$? 14 | if [ $r -ne 0 ]; then 15 | fail "could not start ssh-agent: exit code $r" 16 | else 17 | ${SSHADD} -l > /dev/null 2>&1 18 | if [ $? -ne 1 ]; then 19 | fail "ssh-add -l did not fail with exit code 1" 20 | fi 21 | trace "overwrite authorized keys" 22 | echo -n > $OBJ/authorized_keys_$USER 23 | for t in rsa rsa1; do 24 | # generate user key for agent 25 | rm -f $OBJ/$t-agent 26 | ${SSHKEYGEN} -q -N '' -t $t -f $OBJ/$t-agent ||\ 27 | fail "ssh-keygen for $t-agent failed" 28 | # add to authorized keys 29 | cat $OBJ/$t-agent.pub >> $OBJ/authorized_keys_$USER 30 | # add privat key to agent 31 | ${SSHADD} $OBJ/$t-agent > /dev/null 2>&1 32 | if [ $? -ne 0 ]; then 33 | fail "ssh-add did succeed exit code 0" 34 | fi 35 | done 36 | ${SSHADD} -l > /dev/null 2>&1 37 | if [ $? -ne 0 ]; then 38 | fail "ssh-add -l failed: exit code $?" 39 | fi 40 | # the same for full pubkey output 41 | ${SSHADD} -L > /dev/null 2>&1 42 | if [ $? -ne 0 ]; then 43 | fail "ssh-add -L failed: exit code $?" 44 | fi 45 | 46 | trace "simple connect via agent" 47 | for p in 1 2; do 48 | ${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p 49 | if [ $? -ne 5$p ]; then 50 | fail "ssh connect with protocol $p failed (exit code $?)" 51 | fi 52 | done 53 | 54 | trace "agent forwarding" 55 | for p in 1 2; do 56 | ${SSH} -A -$p -F $OBJ/ssh_proxy somehost ${SSHADD} -l > /dev/null 2>&1 57 | if [ $? -ne 0 ]; then 58 | fail "ssh-add -l via agent fwd proto $p failed (exit code $?)" 59 | fi 60 | ${SSH} -A -$p -F $OBJ/ssh_proxy somehost \ 61 | "${SSH} -$p -F $OBJ/ssh_proxy somehost exit 5$p" 62 | if [ $? -ne 5$p ]; then 63 | fail "agent fwd proto $p failed (exit code $?)" 64 | fi 65 | done 66 | 67 | trace "delete all agent keys" 68 | ${SSHADD} -D > /dev/null 2>&1 69 | if [ $? -ne 0 ]; then 70 | fail "ssh-add -D failed: exit code $?" 71 | fi 72 | 73 | trace "kill agent" 74 | ${SSHAGENT} -k > /dev/null 75 | fi 76 | -------------------------------------------------------------------------------- /regress/banner.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: banner.sh,v 1.2 2003/10/11 11:49:49 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="banner" 5 | echo "Banner $OBJ/banner.in" >> $OBJ/sshd_proxy 6 | 7 | rm -f $OBJ/banner.out $OBJ/banner.in $OBJ/empty.in 8 | touch $OBJ/empty.in 9 | 10 | trace "test missing banner file" 11 | verbose "test $tid: missing banner file" 12 | ( ${SSH} -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \ 13 | cmp $OBJ/empty.in $OBJ/banner.out ) || \ 14 | fail "missing banner file" 15 | 16 | for s in 0 10 100 1000 10000 100000 ; do 17 | if [ "$s" = "0" ]; then 18 | # create empty banner 19 | touch $OBJ/banner.in 20 | elif [ "$s" = "10" ]; then 21 | # create 10-byte banner file 22 | echo "abcdefghi" >$OBJ/banner.in 23 | else 24 | # increase size 10x 25 | cp $OBJ/banner.in $OBJ/banner.out 26 | for i in 0 1 2 3 4 5 6 7 8 ; do 27 | cat $OBJ/banner.out >> $OBJ/banner.in 28 | done 29 | fi 30 | 31 | trace "test banner size $s" 32 | verbose "test $tid: size $s" 33 | ( ${SSH} -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \ 34 | cmp $OBJ/banner.in $OBJ/banner.out ) || \ 35 | fail "banner size $s mismatch" 36 | done 37 | 38 | trace "test suppress banner (-q)" 39 | verbose "test $tid: suppress banner (-q)" 40 | ( ${SSH} -q -2 -F $OBJ/ssh_proxy otherhost true 2>$OBJ/banner.out && \ 41 | cmp $OBJ/empty.in $OBJ/banner.out ) || \ 42 | fail "suppress banner (-q)" 43 | 44 | rm -f $OBJ/banner.out $OBJ/banner.in $OBJ/empty.in 45 | -------------------------------------------------------------------------------- /regress/broken-pipe.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: broken-pipe.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="broken pipe test" 5 | 6 | for p in 1 2; do 7 | trace "protocol $p" 8 | for i in 1 2 3 4; do 9 | ${SSH} -$p -F $OBJ/ssh_config_config nexthost echo $i 2> /dev/null | true 10 | r=$? 11 | if [ $r -ne 0 ]; then 12 | fail "broken pipe returns $r for protocol $p" 13 | fi 14 | done 15 | done 16 | -------------------------------------------------------------------------------- /regress/brokenkeys.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: brokenkeys.sh,v 1.1 2004/10/29 23:59:22 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="broken keys" 5 | 6 | KEYS="$OBJ/authorized_keys_${USER}" 7 | 8 | start_sshd 9 | 10 | mv ${KEYS} ${KEYS}.bak 11 | 12 | # Truncated key 13 | echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEABTM= bad key" > $KEYS 14 | cat ${KEYS}.bak >> ${KEYS} 15 | cat $OBJ/$t.pub >> $OBJ/authorized_keys_$USER 16 | 17 | ${SSH} -2 -F $OBJ/ssh_config somehost true 18 | if [ $? -ne 0 ]; then 19 | fail "ssh connect with protocol $p failed" 20 | fi 21 | 22 | mv ${KEYS}.bak ${KEYS} 23 | 24 | -------------------------------------------------------------------------------- /regress/cipher-speed.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: cipher-speed.sh,v 1.6 2012/10/05 02:20:48 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="cipher speed" 5 | 6 | getbytes () 7 | { 8 | sed -n '/transferred/s/.*secs (\(.* bytes.sec\).*/\1/p' 9 | } 10 | 11 | tries="1 2" 12 | DATA=/bin/ls 13 | DATA=/bsd 14 | 15 | ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc 16 | arcfour128 arcfour256 arcfour 17 | aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se 18 | aes128-ctr aes192-ctr aes256-ctr" 19 | macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com 20 | hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512" 21 | 22 | for c in $ciphers; do for m in $macs; do 23 | trace "proto 2 cipher $c mac $m" 24 | for x in $tries; do 25 | echo -n "$c/$m:\t" 26 | ( ${SSH} -o 'compression no' \ 27 | -F $OBJ/ssh_proxy -2 -m $m -c $c somehost \ 28 | exec sh -c \'"dd of=/dev/null obs=32k"\' \ 29 | < ${DATA} ) 2>&1 | getbytes 30 | 31 | if [ $? -ne 0 ]; then 32 | fail "ssh -2 failed with mac $m cipher $c" 33 | fi 34 | done 35 | done; done 36 | 37 | ciphers="3des blowfish" 38 | for c in $ciphers; do 39 | trace "proto 1 cipher $c" 40 | for x in $tries; do 41 | echo -n "$c:\t" 42 | ( ${SSH} -o 'compression no' \ 43 | -F $OBJ/ssh_proxy -1 -c $c somehost \ 44 | exec sh -c \'"dd of=/dev/null obs=32k"\' \ 45 | < ${DATA} ) 2>&1 | getbytes 46 | if [ $? -ne 0 ]; then 47 | fail "ssh -1 failed with cipher $c" 48 | fi 49 | done 50 | done 51 | -------------------------------------------------------------------------------- /regress/conch-ciphers.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: conch-ciphers.sh,v 1.2 2008/06/30 10:43:03 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="conch ciphers" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | if test "x$REGRESS_INTEROP_CONCH" != "xyes" ; then 10 | fatal "conch interop tests not enabled" 11 | fi 12 | 13 | start_sshd 14 | 15 | for c in aes256-ctr aes256-cbc aes192-ctr aes192-cbc aes128-ctr aes128-cbc \ 16 | cast128-cbc blowfish 3des-cbc ; do 17 | verbose "$tid: cipher $c" 18 | rm -f ${COPY} 19 | # XXX the 2nd "cat" seems to be needed because of buggy FD handling 20 | # in conch 21 | ${CONCH} --identity $OBJ/rsa --port $PORT --user $USER -e none \ 22 | --known-hosts $OBJ/known_hosts --notty --noagent --nox11 -n \ 23 | 127.0.0.1 "cat ${DATA}" 2>/dev/null | cat > ${COPY} 24 | if [ $? -ne 0 ]; then 25 | fail "ssh cat $DATA failed" 26 | fi 27 | cmp ${DATA} ${COPY} || fail "corrupted copy" 28 | done 29 | rm -f ${COPY} 30 | 31 | -------------------------------------------------------------------------------- /regress/connect-privsep.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: connect-privsep.sh,v 1.4 2012/07/02 14:37:06 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="proxy connect with privsep" 5 | 6 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig 7 | echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy 8 | 9 | for p in 1 2; do 10 | ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 11 | if [ $? -ne 0 ]; then 12 | fail "ssh privsep+proxyconnect protocol $p failed" 13 | fi 14 | done 15 | 16 | cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy 17 | echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy 18 | 19 | for p in 1 2; do 20 | ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 21 | if [ $? -ne 0 ]; then 22 | fail "ssh privsep/sandbox+proxyconnect protocol $p failed" 23 | fi 24 | done 25 | 26 | # Because sandbox is sensitive to changes in libc, especially malloc, retest 27 | # with every malloc.conf option (and none). 28 | for m in '' A F G H J P R S X Z '<' '>'; do 29 | for p in 1 2; do 30 | env MALLOC_OPTIONS="$m" ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 31 | if [ $? -ne 0 ]; then 32 | fail "ssh privsep/sandbox+proxyconnect protocol $p mopt '$m' failed" 33 | fi 34 | done 35 | done 36 | -------------------------------------------------------------------------------- /regress/connect.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: connect.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="simple connect" 5 | 6 | start_sshd 7 | 8 | for p in 1 2; do 9 | ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true 10 | if [ $? -ne 0 ]; then 11 | fail "ssh connect with protocol $p failed" 12 | fi 13 | done 14 | -------------------------------------------------------------------------------- /regress/dsa_ssh2.prv: -------------------------------------------------------------------------------- 1 | ---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ---- 2 | Subject: ssh-keygen test 3 | Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100" 4 | P2/56wAAAgIAAAAmZGwtbW9kcHtzaWdue2RzYS1uaXN0LXNoYTF9LGRoe3BsYWlufX0AAA 5 | AEbm9uZQAAAcQAAAHAAAAAAAAABACwUfm3AxZTut3icBmwCcD48nY64HzuELlQ+vEqjIcR 6 | Lo49es/DQTeLNQ+kdKRCfouosGNv0WqxRtF0tUsWdXxS37oHGa4QPugBdHRd7YlZGZv8kg 7 | x7FsoepY7v7E683/97dv2zxL3AGagTEzWr7fl0yPexAaZoDvtQrrjX44BLmwAABACWQkvv 8 | MxnD8eFkS1konFfMJ1CkuRfTN34CBZ6dY7VTSGemy4QwtFdMKmoufD0eKgy3p5WOeWCYKt 9 | F4FhjHKZk/aaxFjjIbtkrnlvXg64QI11dSZyBN6/ViQkHPSkUDF+A6AAEhrNbQbAFSvao1 10 | kTvNtPCtL0AkUIduEMzGQfLCTAAAAKDeC043YVo9Zo0zAEeIA4uZh4LBCQAAA/9aj7Y5ik 11 | ehygJ4qTDSlVypsPuV+n59tMS0e2pfrSG87yf5r94AKBmJeho5OO6wYaXCxsVB7AFbSUD6 12 | 75AK8mHF4v1/+7SWKk5f8xlMCMSPZ9K0+j/W1d/q2qkhnnDZolOHDomLA+U00i5ya/jnTV 13 | zyDPWLFpWK8u3xGBPAYX324gAAAKDHFvooRnaXdZbeWGTTqmgHB1GU9A== 14 | ---- END SSH2 ENCRYPTED PRIVATE KEY ---- 15 | -------------------------------------------------------------------------------- /regress/dsa_ssh2.pub: -------------------------------------------------------------------------------- 1 | ---- BEGIN SSH2 PUBLIC KEY ---- 2 | Subject: ssh-keygen test 3 | Comment: "1024-bit dsa, Tue Jan 08 2002 22:00:23 +0100" 4 | AAAAB3NzaC1kc3MAAACBALBR+bcDFlO63eJwGbAJwPjydjrgfO4QuVD68SqMhxEujj16z8 5 | NBN4s1D6R0pEJ+i6iwY2/RarFG0XS1SxZ1fFLfugcZrhA+6AF0dF3tiVkZm/ySDHsWyh6l 6 | ju/sTrzf/3t2/bPEvcAZqBMTNavt+XTI97EBpmgO+1CuuNfjgEubAAAAFQDeC043YVo9Zo 7 | 0zAEeIA4uZh4LBCQAAAIEAlkJL7zMZw/HhZEtZKJxXzCdQpLkX0zd+AgWenWO1U0hnpsuE 8 | MLRXTCpqLnw9HioMt6eVjnlgmCrReBYYxymZP2msRY4yG7ZK55b14OuECNdXUmcgTev1Yk 9 | JBz0pFAxfgOgABIazW0GwBUr2qNZE7zbTwrS9AJFCHbhDMxkHywkwAAACAWo+2OYpHocoC 10 | eKkw0pVcqbD7lfp+fbTEtHtqX60hvO8n+a/eACgZiXoaOTjusGGlwsbFQewBW0lA+u+QCv 11 | JhxeL9f/u0lipOX/MZTAjEj2fStPo/1tXf6tqpIZ5w2aJThw6JiwPlNNIucmv4501c8gz1 12 | ixaVivLt8RgTwGF99uI= 13 | ---- END SSH2 PUBLIC KEY ---- 14 | -------------------------------------------------------------------------------- /regress/dynamic-forward.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: dynamic-forward.sh,v 1.9 2011/06/03 00:29:52 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="dynamic forwarding" 5 | 6 | FWDPORT=`expr $PORT + 1` 7 | 8 | if [ -x "`which nc`" ] && nc -h 2>&1 | grep "proxy address" >/dev/null; then 9 | proxycmd="nc -x 127.0.0.1:$FWDPORT -X" 10 | elif [ -x "`which connect`" ]; then 11 | proxycmd="connect -S 127.0.0.1:$FWDPORT -" 12 | else 13 | echo "skipped (no suitable ProxyCommand found)" 14 | exit 0 15 | fi 16 | trace "will use ProxyCommand $proxycmd" 17 | 18 | start_sshd 19 | 20 | for p in 1 2; do 21 | n=0 22 | error="1" 23 | trace "start dynamic forwarding, fork to background" 24 | while [ "$error" -ne 0 -a "$n" -lt 3 ]; do 25 | n=`expr $n + 1` 26 | ${SSH} -$p -F $OBJ/ssh_config -f -D $FWDPORT -q \ 27 | -oExitOnForwardFailure=yes somehost exec sh -c \ 28 | \'"echo \$\$ > $OBJ/remote_pid; exec sleep 444"\' 29 | error=$? 30 | if [ "$error" -ne 0 ]; then 31 | trace "forward failed proto $p attempt $n err $error" 32 | sleep $n 33 | fi 34 | done 35 | if [ "$error" -ne 0 ]; then 36 | fatal "failed to start dynamic forwarding proto $p" 37 | fi 38 | 39 | for s in 4 5; do 40 | for h in 127.0.0.1 localhost; do 41 | trace "testing ssh protocol $p socks version $s host $h" 42 | ${SSH} -F $OBJ/ssh_config \ 43 | -o "ProxyCommand ${proxycmd}${s} $h $PORT" \ 44 | somehost cat /bin/ls > $OBJ/ls.copy 45 | test -f $OBJ/ls.copy || fail "failed copy /bin/ls" 46 | cmp /bin/ls $OBJ/ls.copy || fail "corrupted copy of /bin/ls" 47 | done 48 | done 49 | 50 | if [ -f $OBJ/remote_pid ]; then 51 | remote=`cat $OBJ/remote_pid` 52 | trace "terminate remote shell, pid $remote" 53 | if [ $remote -gt 1 ]; then 54 | kill -HUP $remote 55 | fi 56 | else 57 | fail "no pid file: $OBJ/remote_pid" 58 | fi 59 | done 60 | -------------------------------------------------------------------------------- /regress/envpass.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: envpass.sh,v 1.4 2005/03/04 08:48:46 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="environment passing" 5 | 6 | # NB accepted env vars are in test-exec.sh (_XXX_TEST_* and _XXX_TEST) 7 | 8 | # Prepare a custom config to test for a configuration parsing bug fixed in 4.0 9 | cat << EOF > $OBJ/ssh_proxy_envpass 10 | Host test-sendenv-confparse-bug 11 | SendEnv * 12 | EOF 13 | cat $OBJ/ssh_proxy >> $OBJ/ssh_proxy_envpass 14 | 15 | trace "pass env, don't accept" 16 | verbose "test $tid: pass env, don't accept" 17 | _TEST_ENV=blah ${SSH} -oSendEnv="*" -F $OBJ/ssh_proxy_envpass otherhost \ 18 | sh << 'EOF' 19 | test -z "$_TEST_ENV" 20 | EOF 21 | r=$? 22 | if [ $r -ne 0 ]; then 23 | fail "environment found" 24 | fi 25 | 26 | trace "don't pass env, accept" 27 | verbose "test $tid: don't pass env, accept" 28 | _XXX_TEST_A=1 _XXX_TEST_B=2 ${SSH} -F $OBJ/ssh_proxy_envpass otherhost \ 29 | sh << 'EOF' 30 | test -z "$_XXX_TEST_A" && test -z "$_XXX_TEST_B" 31 | EOF 32 | r=$? 33 | if [ $r -ne 0 ]; then 34 | fail "environment found" 35 | fi 36 | 37 | trace "pass single env, accept single env" 38 | verbose "test $tid: pass single env, accept single env" 39 | _XXX_TEST=blah ${SSH} -oSendEnv="_XXX_TEST" -F $OBJ/ssh_proxy_envpass \ 40 | otherhost sh << 'EOF' 41 | test X"$_XXX_TEST" = X"blah" 42 | EOF 43 | r=$? 44 | if [ $r -ne 0 ]; then 45 | fail "environment not found" 46 | fi 47 | 48 | trace "pass multiple env, accept multiple env" 49 | verbose "test $tid: pass multiple env, accept multiple env" 50 | _XXX_TEST_A=1 _XXX_TEST_B=2 ${SSH} -oSendEnv="_XXX_TEST_*" \ 51 | -F $OBJ/ssh_proxy_envpass otherhost \ 52 | sh << 'EOF' 53 | test X"$_XXX_TEST_A" = X"1" -a X"$_XXX_TEST_B" = X"2" 54 | EOF 55 | r=$? 56 | if [ $r -ne 0 ]; then 57 | fail "environment not found" 58 | fi 59 | 60 | rm -f $OBJ/ssh_proxy_envpass 61 | -------------------------------------------------------------------------------- /regress/exit-status.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: exit-status.sh,v 1.6 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="remote exit status" 5 | 6 | for p in 1 2; do 7 | for s in 0 1 4 5 44; do 8 | trace "proto $p status $s" 9 | verbose "test $tid: proto $p status $s" 10 | ${SSH} -$p -F $OBJ/ssh_proxy otherhost exit $s 11 | r=$? 12 | if [ $r -ne $s ]; then 13 | fail "exit code mismatch for protocol $p: $r != $s" 14 | fi 15 | 16 | # same with early close of stdout/err 17 | ${SSH} -$p -F $OBJ/ssh_proxy -n otherhost \ 18 | exec sh -c \'"sleep 2; exec > /dev/null 2>&1; sleep 3; exit $s"\' 19 | r=$? 20 | if [ $r -ne $s ]; then 21 | fail "exit code (with sleep) mismatch for protocol $p: $r != $s" 22 | fi 23 | done 24 | done 25 | -------------------------------------------------------------------------------- /regress/forcecommand.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: forcecommand.sh,v 1.1 2006/07/19 13:09:28 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="forced command" 5 | 6 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 7 | 8 | echo -n 'command="true" ' >$OBJ/authorized_keys_$USER 9 | cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER 10 | echo -n 'command="true" ' >>$OBJ/authorized_keys_$USER 11 | cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER 12 | 13 | for p in 1 2; do 14 | trace "forced command in key option proto $p" 15 | ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 16 | fail "forced command in key proto $p" 17 | done 18 | 19 | echo -n 'command="false" ' >$OBJ/authorized_keys_$USER 20 | cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER 21 | echo -n 'command="false" ' >>$OBJ/authorized_keys_$USER 22 | cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER 23 | 24 | cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 25 | echo "ForceCommand true" >> $OBJ/sshd_proxy 26 | 27 | for p in 1 2; do 28 | trace "forced command in sshd_config overrides key option proto $p" 29 | ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 30 | fail "forced command in key proto $p" 31 | done 32 | 33 | cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 34 | echo "ForceCommand false" >> $OBJ/sshd_proxy 35 | echo "Match User $USER" >> $OBJ/sshd_proxy 36 | echo " ForceCommand true" >> $OBJ/sshd_proxy 37 | 38 | for p in 1 2; do 39 | trace "forced command with match proto $p" 40 | ${SSH} -$p -F $OBJ/ssh_proxy somehost false \ || 41 | fail "forced command in key proto $p" 42 | done 43 | -------------------------------------------------------------------------------- /regress/host-expand.sh: -------------------------------------------------------------------------------- 1 | # Placed in the Public Domain. 2 | 3 | tid="expand %h and %n" 4 | 5 | echo 'PermitLocalCommand yes' >> $OBJ/ssh_proxy 6 | echo 'LocalCommand echo %n-%h' >> $OBJ/ssh_proxy 7 | 8 | cat >expect <actual 15 | diff expect actual || fail "$tid proto $p" 16 | done 17 | 18 | -------------------------------------------------------------------------------- /regress/integrity.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: integrity.sh,v 1.1 2012/12/11 22:42:11 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="integrity" 5 | 6 | # start at byte 2300 (i.e. after kex) and corrupt at different offsets 7 | # XXX the test hangs if we modify the low bytes of the packet length 8 | # XXX and ssh tries to read... 9 | tries=10 10 | startoffset=2300 11 | macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com 12 | hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 13 | hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com 14 | umac-64-etm@openssh.com umac-128-etm@openssh.com 15 | hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com 16 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com" 17 | 18 | # sshd-command for proxy (see test-exec.sh) 19 | cmd="sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy" 20 | 21 | for m in $macs; do 22 | trace "test $tid: mac $m" 23 | elen=0 24 | epad=0 25 | emac=0 26 | ecnt=0 27 | skip=0 28 | for off in $(jot $tries $startoffset); do 29 | if [ $((skip--)) -gt 0 ]; then 30 | # avoid modifying the high bytes of the length 31 | continue 32 | fi 33 | # modify output from sshd at offset $off 34 | pxy="proxycommand=$cmd | $OBJ/modpipe -m xor:$off:1" 35 | output=$(${SSH} -m $m -2F $OBJ/ssh_proxy -o "$pxy" \ 36 | 999.999.999.999 true 2>&1) 37 | if [ $? -eq 0 ]; then 38 | fail "ssh -m $m succeeds with bit-flip at $off" 39 | fi 40 | ecnt=$((ecnt+1)) 41 | output=$(echo $output | tr -s '\r\n' '.') 42 | verbose "test $tid: $m @$off $output" 43 | case "$output" in 44 | Bad?packet*) elen=$((elen+1)); skip=2;; 45 | Corrupted?MAC*) emac=$((emac+1)); skip=0;; 46 | padding*) epad=$((epad+1)); skip=0;; 47 | *) fail "unexpected error mac $m at $off";; 48 | esac 49 | done 50 | verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" 51 | if [ $emac -eq 0 ]; then 52 | fail "$m: no mac errors" 53 | fi 54 | expect=$((ecnt-epad-elen)) 55 | if [ $emac -ne $expect ]; then 56 | fail "$m: expected $expect mac errors, got $emac" 57 | fi 58 | done 59 | -------------------------------------------------------------------------------- /regress/kextype.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: kextype.sh,v 1.1 2010/09/22 12:26:05 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="login with different key exchange algorithms" 5 | 6 | TIME=/usr/bin/time 7 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 8 | cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak 9 | 10 | kextypes="ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521" 11 | kextypes="$kextypes diffie-hellman-group-exchange-sha256" 12 | kextypes="$kextypes diffie-hellman-group-exchange-sha1" 13 | kextypes="$kextypes diffie-hellman-group14-sha1" 14 | kextypes="$kextypes diffie-hellman-group1-sha1" 15 | 16 | tries="1 2 3 4" 17 | for k in $kextypes; do 18 | verbose "kex $k" 19 | for i in $tries; do 20 | ${SSH} -F $OBJ/ssh_proxy -o KexAlgorithms=$k x true 21 | if [ $? -ne 0 ]; then 22 | fail "ssh kex $k" 23 | fi 24 | done 25 | done 26 | 27 | -------------------------------------------------------------------------------- /regress/key-options.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: key-options.sh,v 1.2 2008/06/30 08:07:34 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="key options" 5 | 6 | origkeys="$OBJ/authkeys_orig" 7 | authkeys="$OBJ/authorized_keys_${USER}" 8 | cp $authkeys $origkeys 9 | 10 | # Test command= forced command 11 | for p in 1 2; do 12 | for c in 'command="echo bar"' 'no-pty,command="echo bar"'; do 13 | sed "s/.*/$c &/" $origkeys >$authkeys 14 | verbose "key option proto $p $c" 15 | r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost echo foo` 16 | if [ "$r" = "foo" ]; then 17 | fail "key option forced command not restricted" 18 | fi 19 | if [ "$r" != "bar" ]; then 20 | fail "key option forced command not executed" 21 | fi 22 | done 23 | done 24 | 25 | # Test no-pty 26 | sed 's/.*/no-pty &/' $origkeys >$authkeys 27 | for p in 1 2; do 28 | verbose "key option proto $p no-pty" 29 | r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost tty` 30 | if [ -f "$r" ]; then 31 | fail "key option failed proto $p no-pty (pty $r)" 32 | fi 33 | done 34 | 35 | # Test environment= 36 | echo 'PermitUserEnvironment yes' >> $OBJ/sshd_proxy 37 | sed 's/.*/environment="FOO=bar" &/' $origkeys >$authkeys 38 | for p in 1 2; do 39 | verbose "key option proto $p environment" 40 | r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost 'echo $FOO'` 41 | if [ "$r" != "bar" ]; then 42 | fail "key option environment not set" 43 | fi 44 | done 45 | 46 | # Test from= restriction 47 | start_sshd 48 | for p in 1 2; do 49 | for f in 127.0.0.1 '127.0.0.0\/8'; do 50 | cat $origkeys >$authkeys 51 | ${SSH} -$p -q -F $OBJ/ssh_proxy somehost true 52 | if [ $? -ne 0 ]; then 53 | fail "key option proto $p failed without restriction" 54 | fi 55 | 56 | sed 's/.*/from="'"$f"'" &/' $origkeys >$authkeys 57 | from=`head -1 $authkeys | cut -f1 -d ' '` 58 | verbose "key option proto $p $from" 59 | r=`${SSH} -$p -q -F $OBJ/ssh_proxy somehost 'echo true'` 60 | if [ "$r" = "true" ]; then 61 | fail "key option proto $p $from not restricted" 62 | fi 63 | 64 | r=`${SSH} -$p -q -F $OBJ/ssh_config somehost 'echo true'` 65 | if [ "$r" != "true" ]; then 66 | fail "key option proto $p $from not allowed but should be" 67 | fi 68 | done 69 | done 70 | 71 | rm -f "$origkeys" 72 | -------------------------------------------------------------------------------- /regress/keygen-change.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: keygen-change.sh,v 1.2 2002/07/16 09:15:55 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="change passphrase for key" 5 | 6 | S1="secret1" 7 | S2="2secret" 8 | 9 | for t in rsa dsa rsa1; do 10 | # generate user key for agent 11 | trace "generating $t key" 12 | rm -f $OBJ/$t-key 13 | ${SSHKEYGEN} -q -N ${S1} -t $t -f $OBJ/$t-key 14 | if [ $? -eq 0 ]; then 15 | ${SSHKEYGEN} -p -P ${S1} -N ${S2} -f $OBJ/$t-key > /dev/null 16 | if [ $? -ne 0 ]; then 17 | fail "ssh-keygen -p failed for $t-key" 18 | fi 19 | else 20 | fail "ssh-keygen for $t-key failed" 21 | fi 22 | rm -f $OBJ/$t-key $OBJ/$t-key.pub 23 | done 24 | -------------------------------------------------------------------------------- /regress/keygen-convert.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: keygen-convert.sh,v 1.1 2009/11/09 04:20:04 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="convert keys" 5 | 6 | for t in rsa dsa; do 7 | # generate user key for agent 8 | trace "generating $t key" 9 | rm -f $OBJ/$t-key 10 | ${SSHKEYGEN} -q -N "" -t $t -f $OBJ/$t-key 11 | 12 | trace "export $t private to rfc4716 public" 13 | ${SSHKEYGEN} -q -e -f $OBJ/$t-key >$OBJ/$t-key-rfc || \ 14 | fail "export $t private to rfc4716 public" 15 | 16 | trace "export $t public to rfc4716 public" 17 | ${SSHKEYGEN} -q -e -f $OBJ/$t-key.pub >$OBJ/$t-key-rfc.pub || \ 18 | fail "$t public to rfc4716 public" 19 | 20 | cmp $OBJ/$t-key-rfc $OBJ/$t-key-rfc.pub || \ 21 | fail "$t rfc4716 exports differ between public and private" 22 | 23 | trace "import $t rfc4716 public" 24 | ${SSHKEYGEN} -q -i -f $OBJ/$t-key-rfc >$OBJ/$t-rfc-imported || \ 25 | fail "$t import rfc4716 public" 26 | 27 | cut -f1,2 -d " " $OBJ/$t-key.pub >$OBJ/$t-key-nocomment.pub 28 | cmp $OBJ/$t-key-nocomment.pub $OBJ/$t-rfc-imported || \ 29 | fail "$t imported differs from original" 30 | 31 | rm -f $OBJ/$t-key $OBJ/$t-key.pub $OBJ/$t-key-rfc $OBJ/$t-key-rfc.pub \ 32 | $OBJ/$t-rfc-imported $OBJ/$t-key-nocomment.pub 33 | done 34 | -------------------------------------------------------------------------------- /regress/keys-command.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: keys-command.sh,v 1.2 2012/12/06 06:06:54 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="authorized keys from command" 5 | 6 | if [ -z "$SUDO" ]; then 7 | fatal "need SUDO to create file in /var/run, test won't work without" 8 | fi 9 | 10 | # Establish a AuthorizedKeysCommand in /var/run where it will have 11 | # acceptable directory permissions. 12 | KEY_COMMAND="/var/run/keycommand_${LOGNAME}" 13 | cat << _EOF | $SUDO sh -c "cat > '$KEY_COMMAND'" 14 | #!/bin/sh 15 | test "x\$1" != "x${LOGNAME}" && exit 1 16 | exec cat "$OBJ/authorized_keys_${LOGNAME}" 17 | _EOF 18 | $SUDO chmod 0755 "$KEY_COMMAND" 19 | 20 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy.bak 21 | ( 22 | grep -vi AuthorizedKeysFile $OBJ/sshd_proxy.bak 23 | echo AuthorizedKeysFile none 24 | echo AuthorizedKeysCommand $KEY_COMMAND 25 | echo AuthorizedKeysCommandUser ${LOGNAME} 26 | ) > $OBJ/sshd_proxy 27 | 28 | if [ -x $KEY_COMMAND ]; then 29 | ${SSH} -F $OBJ/ssh_proxy somehost true 30 | if [ $? -ne 0 ]; then 31 | fail "connect failed" 32 | fi 33 | else 34 | echo "SKIPPED: $KEY_COMMAND not executable (/var/run mounted noexec?)" 35 | fi 36 | 37 | $SUDO rm -f $KEY_COMMAND 38 | -------------------------------------------------------------------------------- /regress/keyscan.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: keyscan.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="keyscan" 5 | 6 | # remove DSA hostkey 7 | rm -f ${OBJ}/host.dsa 8 | 9 | start_sshd 10 | 11 | for t in rsa1 rsa dsa; do 12 | trace "keyscan type $t" 13 | ${SSHKEYSCAN} -t $t -p $PORT 127.0.0.1 127.0.0.1 127.0.0.1 \ 14 | > /dev/null 2>&1 15 | r=$? 16 | if [ $r -ne 0 ]; then 17 | fail "ssh-keyscan -t $t failed with: $r" 18 | fi 19 | done 20 | -------------------------------------------------------------------------------- /regress/keytype.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: keytype.sh,v 1.1 2010/09/02 16:12:55 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="login with different key types" 5 | 6 | TIME=/usr/bin/time 7 | cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 8 | cp $OBJ/ssh_proxy $OBJ/ssh_proxy_bak 9 | 10 | ktypes="dsa-1024 rsa-2048 ecdsa-256 rsa-3072 ecdsa-384 ecdsa-521" 11 | 12 | for kt in $ktypes; do 13 | rm -f $OBJ/key.$kt 14 | bits=${kt#*-} 15 | type=${kt%-*} 16 | printf "keygen $type, $bits bits:\t" 17 | ${TIME} ${SSHKEYGEN} -b $bits -q -N '' -t $type -f $OBJ/key.$kt ||\ 18 | fail "ssh-keygen for type $type, $bits bits failed" 19 | done 20 | 21 | tries="1 2 3" 22 | for ut in $ktypes; do 23 | htypes=$ut 24 | #htypes=$ktypes 25 | for ht in $htypes; do 26 | trace "ssh connect, userkey $ut, hostkey $ht" 27 | ( 28 | grep -v HostKey $OBJ/sshd_proxy_bak 29 | echo HostKey $OBJ/key.$ht 30 | ) > $OBJ/sshd_proxy 31 | ( 32 | grep -v IdentityFile $OBJ/ssh_proxy_bak 33 | echo IdentityFile $OBJ/key.$ut 34 | ) > $OBJ/ssh_proxy 35 | ( 36 | echo -n 'localhost-with-alias,127.0.0.1,::1 ' 37 | cat $OBJ/key.$ht.pub 38 | ) > $OBJ/known_hosts 39 | cat $OBJ/key.$ut.pub > $OBJ/authorized_keys_$USER 40 | for i in $tries; do 41 | printf "userkey $ut, hostkey ${ht}:\t" 42 | ${TIME} ${SSH} -F $OBJ/ssh_proxy 999.999.999.999 true 43 | if [ $? -ne 0 ]; then 44 | fail "ssh userkey $ut, hostkey $ht failed" 45 | fi 46 | done 47 | done 48 | done 49 | -------------------------------------------------------------------------------- /regress/localcommand.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: localcommand.sh,v 1.1 2007/10/29 06:57:13 dtucker Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="localcommand" 5 | 6 | echo 'PermitLocalCommand yes' >> $OBJ/ssh_proxy 7 | echo 'LocalCommand echo foo' >> $OBJ/ssh_proxy 8 | 9 | for p in 1 2; do 10 | verbose "test $tid: proto $p localcommand" 11 | a=$(${SSH} -F $OBJ/ssh_proxy -$p somehost true) 12 | if [ "$a" != "foo" ] ; then 13 | fail "$tid proto $p" 14 | fi 15 | done 16 | -------------------------------------------------------------------------------- /regress/login-timeout.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: login-timeout.sh,v 1.4 2005/02/27 23:13:36 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="connect after login grace timeout" 5 | 6 | trace "test login grace with privsep" 7 | echo "LoginGraceTime 10s" >> $OBJ/sshd_config 8 | echo "MaxStartups 1" >> $OBJ/sshd_config 9 | start_sshd 10 | 11 | (echo SSH-2.0-fake; sleep 60) | telnet 127.0.0.1 ${PORT} >/dev/null 2>&1 & 12 | sleep 15 13 | ${SSH} -F $OBJ/ssh_config somehost true 14 | if [ $? -ne 0 ]; then 15 | fail "ssh connect after login grace timeout failed with privsep" 16 | fi 17 | 18 | $SUDO kill `cat $PIDFILE` 19 | 20 | trace "test login grace without privsep" 21 | echo "UsePrivilegeSeparation no" >> $OBJ/sshd_config 22 | start_sshd 23 | 24 | (echo SSH-2.0-fake; sleep 60) | telnet 127.0.0.1 ${PORT} >/dev/null 2>&1 & 25 | sleep 15 26 | ${SSH} -F $OBJ/ssh_config somehost true 27 | if [ $? -ne 0 ]; then 28 | fail "ssh connect after login grace timeout failed without privsep" 29 | fi 30 | -------------------------------------------------------------------------------- /regress/portnum.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: portnum.sh,v 1.1 2009/08/13 00:57:17 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="port number parsing" 5 | 6 | badport() { 7 | port=$1 8 | verbose "$tid: invalid port $port" 9 | if ${SSH} -F $OBJ/ssh_proxy -p $port somehost true 2>/dev/null ; then 10 | fail "$tid accepted invalid port $port" 11 | fi 12 | } 13 | goodport() { 14 | port=$1 15 | verbose "$tid: valid port $port" 16 | if ! ${SSH} -F $OBJ/ssh_proxy -p $port somehost true 2>/dev/null ; then 17 | fail "$tid rejected valid port $port" 18 | fi 19 | } 20 | 21 | badport 0 22 | badport 65536 23 | badport 131073 24 | badport 2000blah 25 | badport blah2000 26 | 27 | goodport 1 28 | goodport 22 29 | goodport 2222 30 | goodport 22222 31 | goodport 65535 32 | 33 | -------------------------------------------------------------------------------- /regress/proto-mismatch.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: proto-mismatch.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="protocol version mismatch" 5 | 6 | mismatch () 7 | { 8 | server=$1 9 | client=$2 10 | banner=`echo ${client} | ${SSHD} -o "Protocol=${server}" -i -f ${OBJ}/sshd_proxy` 11 | r=$? 12 | trace "sshd prints ${banner}" 13 | if [ $r -ne 255 ]; then 14 | fail "sshd prints ${banner} and accepts connect with version ${client}" 15 | fi 16 | } 17 | 18 | mismatch 2 SSH-1.5-HALLO 19 | mismatch 1 SSH-2.0-HALLO 20 | -------------------------------------------------------------------------------- /regress/proto-version.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: proto-version.sh,v 1.3 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="sshd version with different protocol combinations" 5 | 6 | # we just start sshd in inetd mode and check the banner 7 | check_version () 8 | { 9 | version=$1 10 | expect=$2 11 | banner=`echo -n | ${SSHD} -o "Protocol=${version}" -i -f ${OBJ}/sshd_proxy` 12 | case ${banner} in 13 | SSH-1.99-*) 14 | proto=199 15 | ;; 16 | SSH-2.0-*) 17 | proto=20 18 | ;; 19 | SSH-1.5-*) 20 | proto=15 21 | ;; 22 | *) 23 | proto=0 24 | ;; 25 | esac 26 | if [ ${expect} -ne ${proto} ]; then 27 | fail "wrong protocol version ${banner} for ${version}" 28 | fi 29 | } 30 | 31 | check_version 2,1 199 32 | check_version 1,2 199 33 | check_version 2 20 34 | check_version 1 15 35 | -------------------------------------------------------------------------------- /regress/proxy-connect.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: proxy-connect.sh,v 1.5 2002/12/09 15:28:46 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="proxy connect" 5 | 6 | for p in 1 2; do 7 | ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true 8 | if [ $? -ne 0 ]; then 9 | fail "ssh proxyconnect protocol $p failed" 10 | fi 11 | SSH_CONNECTION=`${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 'echo $SSH_CONNECTION'` 12 | if [ $? -ne 0 ]; then 13 | fail "ssh proxyconnect protocol $p failed" 14 | fi 15 | if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then 16 | fail "bad SSH_CONNECTION" 17 | fi 18 | done 19 | -------------------------------------------------------------------------------- /regress/putty-ciphers.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: putty-ciphers.sh,v 1.3 2008/11/10 02:06:35 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="putty ciphers" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then 10 | fatal "putty interop tests not enabled" 11 | fi 12 | 13 | for c in aes blowfish 3des arcfour aes128-ctr aes192-ctr aes256-ctr ; do 14 | verbose "$tid: cipher $c" 15 | cp ${OBJ}/.putty/sessions/localhost_proxy \ 16 | ${OBJ}/.putty/sessions/cipher_$c 17 | echo "Cipher=$c" >> ${OBJ}/.putty/sessions/cipher_$c 18 | 19 | rm -f ${COPY} 20 | env HOME=$PWD ${PLINK} -load cipher_$c -batch -i putty.rsa2 \ 21 | 127.0.0.1 cat ${DATA} > ${COPY} 22 | if [ $? -ne 0 ]; then 23 | fail "ssh cat $DATA failed" 24 | fi 25 | cmp ${DATA} ${COPY} || fail "corrupted copy" 26 | done 27 | rm -f ${COPY} 28 | 29 | -------------------------------------------------------------------------------- /regress/putty-kex.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: putty-kex.sh,v 1.2 2008/06/30 10:31:11 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="putty KEX" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then 10 | fatal "putty interop tests not enabled" 11 | fi 12 | 13 | for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ; do 14 | verbose "$tid: kex $k" 15 | cp ${OBJ}/.putty/sessions/localhost_proxy \ 16 | ${OBJ}/.putty/sessions/kex_$k 17 | echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k 18 | 19 | env HOME=$PWD ${PLINK} -load kex_$k -batch -i putty.rsa2 \ 20 | 127.0.0.1 true 21 | if [ $? -ne 0 ]; then 22 | fail "KEX $k failed" 23 | fi 24 | done 25 | 26 | -------------------------------------------------------------------------------- /regress/putty-transfer.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: putty-transfer.sh,v 1.2 2008/06/30 10:31:11 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="putty transfer data" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then 10 | fatal "putty interop tests not enabled" 11 | fi 12 | 13 | # XXX support protocol 1 too 14 | for p in 2; do 15 | for c in 0 1 ; do 16 | verbose "$tid: proto $p compression $c" 17 | rm -f ${COPY} 18 | cp ${OBJ}/.putty/sessions/localhost_proxy \ 19 | ${OBJ}/.putty/sessions/compression_$c 20 | echo "Compression=$c" >> ${OBJ}/.putty/sessions/kex_$k 21 | env HOME=$PWD ${PLINK} -load compression_$c -batch \ 22 | -i putty.rsa$p 127.0.0.1 cat ${DATA} > ${COPY} 23 | if [ $? -ne 0 ]; then 24 | fail "ssh cat $DATA failed" 25 | fi 26 | cmp ${DATA} ${COPY} || fail "corrupted copy" 27 | 28 | for s in 10 100 1k 32k 64k 128k 256k; do 29 | trace "proto $p compression $c dd-size ${s}" 30 | rm -f ${COPY} 31 | dd if=$DATA obs=${s} 2> /dev/null | \ 32 | env HOME=$PWD ${PLINK} -load compression_$c \ 33 | -batch -i putty.rsa$p 127.0.0.1 \ 34 | "cat > ${COPY}" 35 | if [ $? -ne 0 ]; then 36 | fail "ssh cat $DATA failed" 37 | fi 38 | cmp $DATA ${COPY} || fail "corrupted copy" 39 | done 40 | done 41 | done 42 | rm -f ${COPY} 43 | 44 | -------------------------------------------------------------------------------- /regress/reconfigure.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: reconfigure.sh,v 1.2 2003/06/21 09:14:05 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="simple connect after reconfigure" 5 | 6 | # we need the full path to sshd for -HUP 7 | SSHD=/usr/sbin/sshd 8 | 9 | start_sshd 10 | 11 | $SUDO kill -HUP `cat $PIDFILE` 12 | sleep 1 13 | 14 | trace "wait for sshd to restart" 15 | i=0; 16 | while [ ! -f $PIDFILE -a $i -lt 10 ]; do 17 | i=`expr $i + 1` 18 | sleep $i 19 | done 20 | 21 | test -f $PIDFILE || fatal "sshd did not restart" 22 | 23 | for p in 1 2; do 24 | ${SSH} -o "Protocol=$p" -F $OBJ/ssh_config somehost true 25 | if [ $? -ne 0 ]; then 26 | fail "ssh connect with protocol $p failed after reconfigure" 27 | fi 28 | done 29 | -------------------------------------------------------------------------------- /regress/reexec.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: reexec.sh,v 1.5 2004/10/08 02:01:50 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="reexec tests" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | SSHD_ORIG=$SSHD 9 | SSHD_COPY=$OBJ/sshd 10 | 11 | # Start a sshd and then delete it 12 | start_sshd_copy () 13 | { 14 | cp $SSHD_ORIG $SSHD_COPY 15 | SSHD=$SSHD_COPY 16 | start_sshd 17 | SSHD=$SSHD_ORIG 18 | } 19 | 20 | # Do basic copy tests 21 | copy_tests () 22 | { 23 | rm -f ${COPY} 24 | for p in 1 2; do 25 | verbose "$tid: proto $p" 26 | ${SSH} -nqo "Protocol=$p" -F $OBJ/ssh_config somehost \ 27 | cat ${DATA} > ${COPY} 28 | if [ $? -ne 0 ]; then 29 | fail "ssh cat $DATA failed" 30 | fi 31 | cmp ${DATA} ${COPY} || fail "corrupted copy" 32 | rm -f ${COPY} 33 | done 34 | } 35 | 36 | verbose "test config passing" 37 | 38 | cp $OBJ/sshd_config $OBJ/sshd_config.orig 39 | start_sshd 40 | echo "InvalidXXX=no" >> $OBJ/sshd_config 41 | 42 | copy_tests 43 | 44 | $SUDO kill `cat $PIDFILE` 45 | rm -f $PIDFILE 46 | 47 | cp $OBJ/sshd_config.orig $OBJ/sshd_config 48 | 49 | verbose "test reexec fallback" 50 | 51 | start_sshd_copy 52 | rm -f $SSHD_COPY 53 | 54 | copy_tests 55 | 56 | $SUDO kill `cat $PIDFILE` 57 | rm -f $PIDFILE 58 | 59 | verbose "test reexec fallback without privsep" 60 | 61 | cp $OBJ/sshd_config.orig $OBJ/sshd_config 62 | echo "UsePrivilegeSeparation=no" >> $OBJ/sshd_config 63 | 64 | start_sshd_copy 65 | rm -f $SSHD_COPY 66 | 67 | copy_tests 68 | 69 | $SUDO kill `cat $PIDFILE` 70 | rm -f $PIDFILE 71 | 72 | 73 | -------------------------------------------------------------------------------- /regress/rekey.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: rekey.sh,v 1.1 2003/03/28 13:58:28 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="rekey during transfer data" 5 | 6 | DATA=${OBJ}/data 7 | COPY=${OBJ}/copy 8 | LOG=${OBJ}/log 9 | 10 | rm -f ${COPY} ${LOG} ${DATA} 11 | dd if=/dev/zero of=${DATA} bs=1k count=512 > /dev/null 2>&1 12 | 13 | for s in 16 1k 128k 256k; do 14 | trace "rekeylimit ${s}" 15 | rm -f ${COPY} 16 | cat $DATA | \ 17 | ${SSH} -oCompression=no -oRekeyLimit=$s \ 18 | -v -F $OBJ/ssh_proxy somehost "cat > ${COPY}" \ 19 | 2> ${LOG} 20 | if [ $? -ne 0 ]; then 21 | fail "ssh failed" 22 | fi 23 | cmp $DATA ${COPY} || fail "corrupted copy" 24 | n=`grep 'NEWKEYS sent' ${LOG} | wc -l` 25 | n=`expr $n - 1` 26 | trace "$n rekeying(s)" 27 | if [ $n -lt 1 ]; then 28 | fail "no rekeying occured" 29 | fi 30 | done 31 | rm -f ${COPY} ${LOG} ${DATA} 32 | -------------------------------------------------------------------------------- /regress/rsa_openssh.prv: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIICWgIBAAKBgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko 3 | +dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3 4 | xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQIDAQAB 5 | An8nH5VzvHkMbSqJ6eOYDsVwomRvYbH5IEaYl1x6VATITNvAu9kUdQ4NsSpuMc+7 6 | Jj9gKZvmO1y2YCKc0P/iO+i/eV0L+yQh1Rw18jQZll+12T+LZrKRav03YNvMx0gN 7 | wqWY48Kt6hv2/N/ebQzKRe79+D0t2cTh92hT7xENFLIBAkEBGnoGKFjAUkJCwO1V 8 | mzpUqMHpRZVOrqP9hUmPjzNJ5oBPFGe4+h1hoSRFOAzaNuZt8ssbqaLCkzB8bfzj 9 | qhZqAQJBANZekuUpp8iBLeLSagw5FkcPwPzq6zfExbhvsZXb8Bo/4SflNs4JHXwI 10 | 7SD9Z8aJLvM4uQ/5M70lblDMQ40i3o0CQQDIJvBYBFL5tlOgakq/O7yi+wt0L5BZ 11 | 9H79w5rCSAA0IHRoK/qI1urHiHC3f3vbbLk5UStfrqEaND/mm0shyNIBAkBLsYdC 12 | /ctt5Bc0wUGK4Vl5bBmj9LtrrMJ4FpBpLwj/69BwCuKoK9XKZ0h73p6XHveCEGRg 13 | PIlFX4MtaoLrwgU9AkBV2k4dgIws+X8YX65EsyyFjnlDqX4x0nSOjQB1msIKfHBr 14 | dh5XLDBTTCxnKhMJ0Yx/opgOvf09XHBFwaQntR5i 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /regress/rsa_openssh.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDsilwKcaKN6wSMNd1WgQ9+HRqQEkD0kCTVttrazGu0OhBU3Uko+dFD1Ip0CxdXmN25JQWxOYF7h/Ocu8P3jzv3RTX87xKR0YzlXTLX+SLtF/ySebS3xWPrlfRUDhh03hR5V+8xxvvy9widPYKw/oItwGSueOsEq1LTczCDv2dAjQ== 2 | -------------------------------------------------------------------------------- /regress/rsa_ssh2.prv: -------------------------------------------------------------------------------- 1 | ---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ---- 2 | Subject: ssh-keygen test 3 | Comment: "1024-bit rsa, Sat Jun 23 2001 12:21:26 -0400" 4 | P2/56wAAAi4AAAA3aWYtbW9kbntzaWdue3JzYS1wa2NzMS1zaGExfSxlbmNyeXB0e3JzYS 5 | 1wa2NzMXYyLW9hZXB9fQAAAARub25lAAAB3wAAAdsAAAARAQABAAAD9icflXO8eQxtKonp 6 | 45gOxXCiZG9hsfkgRpiXXHpUBMhM28C72RR1Dg2xKm4xz7smP2Apm+Y7XLZgIpzQ/+I76L 7 | 95XQv7JCHVHDXyNBmWX7XZP4tmspFq/Tdg28zHSA3CpZjjwq3qG/b8395tDMpF7v34PS3Z 8 | xOH3aFPvEQ0UsgEAAAQA7IpcCnGijesEjDXdVoEPfh0akBJA9JAk1bba2sxrtDoQVN1JKP 9 | nRQ9SKdAsXV5jduSUFsTmBe4fznLvD948790U1/O8SkdGM5V0y1/ki7Rf8knm0t8Vj65X0 10 | VA4YdN4UeVfvMcb78vcInT2CsP6CLcBkrnjrBKtS03Mwg79nQI0AAAH/VdpOHYCMLPl/GF 11 | +uRLMshY55Q6l+MdJ0jo0AdZrCCnxwa3YeVywwU0wsZyoTCdGMf6KYDr39PVxwRcGkJ7Ue 12 | YgAAAgDWXpLlKafIgS3i0moMORZHD8D86us3xMW4b7GV2/AaP+En5TbOCR18CO0g/WfGiS 13 | 7zOLkP+TO9JW5QzEONIt6NAAACAQEaegYoWMBSQkLA7VWbOlSowelFlU6uo/2FSY+PM0nm 14 | gE8UZ7j6HWGhJEU4DNo25m3yyxuposKTMHxt/OOqFmoB 15 | ---- END SSH2 ENCRYPTED PRIVATE KEY ---- 16 | --- 17 | -------------------------------------------------------------------------------- /regress/scp-ssh-wrapper.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # $OpenBSD: scp-ssh-wrapper.sh,v 1.2 2005/12/14 04:36:39 dtucker Exp $ 3 | # Placed in the Public Domain. 4 | 5 | printname () { 6 | NAME=$1 7 | save_IFS=$IFS 8 | IFS=/ 9 | set -- `echo "$NAME"` 10 | IFS="$save_IFS" 11 | while [ $# -ge 1 ] ; do 12 | if [ "x$1" != "x" ]; then 13 | echo "D0755 0 $1" 14 | fi 15 | shift; 16 | done 17 | } 18 | 19 | # Discard all but last argument. We use arg later. 20 | while test "$1" != ""; do 21 | arg="$1" 22 | shift 23 | done 24 | 25 | BAD="../../../../../../../../../../../../../${DIR}/dotpathdir" 26 | 27 | case "$SCPTESTMODE" in 28 | badserver_0) 29 | echo "D0755 0 /${DIR}/rootpathdir" 30 | echo "C755 2 rootpathfile" 31 | echo "X" 32 | ;; 33 | badserver_1) 34 | echo "D0755 0 $BAD" 35 | echo "C755 2 file" 36 | echo "X" 37 | ;; 38 | badserver_2) 39 | echo "D0755 0 $BAD" 40 | echo "C755 2 file" 41 | echo "X" 42 | ;; 43 | badserver_3) 44 | printname $BAD 45 | echo "C755 2 file" 46 | echo "X" 47 | ;; 48 | badserver_4) 49 | printname $BAD 50 | echo "D0755 0 .." 51 | echo "C755 2 file" 52 | echo "X" 53 | ;; 54 | *) 55 | exec $arg 56 | ;; 57 | esac 58 | -------------------------------------------------------------------------------- /regress/sftp-badcmds.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sftp-badcmds.sh,v 1.4 2009/08/13 01:11:55 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="sftp invalid commands" 5 | 6 | DATA=/bin/ls 7 | DATA2=/bin/cat 8 | NONEXIST=/NONEXIST.$$ 9 | COPY=${OBJ}/copy 10 | GLOBFILES=`(cd /bin;echo l*)` 11 | 12 | rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* 13 | 14 | rm -f ${COPY} 15 | verbose "$tid: get nonexistent" 16 | echo "get $NONEXIST $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ 17 | || fail "get nonexistent failed" 18 | test -f ${COPY} && fail "existing copy after get nonexistent" 19 | 20 | rm -f ${COPY}.dd/* 21 | verbose "$tid: glob get to nonexistent directory" 22 | echo "get /bin/l* $NONEXIST" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ 23 | || fail "get nonexistent failed" 24 | for x in $GLOBFILES; do 25 | test -f ${COPY}.dd/$x && fail "existing copy after get nonexistent" 26 | done 27 | 28 | rm -f ${COPY} 29 | verbose "$tid: put nonexistent" 30 | echo "put $NONEXIST $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ 31 | || fail "put nonexistent failed" 32 | test -f ${COPY} && fail "existing copy after put nonexistent" 33 | 34 | rm -f ${COPY}.dd/* 35 | verbose "$tid: glob put to nonexistent directory" 36 | echo "put /bin/l* ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ 37 | || fail "put nonexistent failed" 38 | for x in $GLOBFILES; do 39 | test -f ${COPY}.dd/$x && fail "existing copy after nonexistent" 40 | done 41 | 42 | rm -f ${COPY} 43 | verbose "$tid: rename nonexistent" 44 | echo "rename $NONEXIST ${COPY}.1" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ 45 | || fail "rename nonexist failed" 46 | test -f ${COPY}.1 && fail "file exists after rename nonexistent" 47 | 48 | rm -rf ${COPY} ${COPY}.dd 49 | cp $DATA $COPY 50 | mkdir ${COPY}.dd 51 | verbose "$tid: rename target exists (directory)" 52 | echo "rename $COPY ${COPY}.dd" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 \ 53 | || fail "rename target exists (directory) failed" 54 | test -f ${COPY} || fail "oldname missing after rename target exists (directory)" 55 | test -d ${COPY}.dd || fail "newname missing after rename target exists (directory)" 56 | cmp $DATA ${COPY} >/dev/null 2>&1 || fail "corrupted oldname after rename target exists (directory)" 57 | 58 | rm -f ${COPY}.dd/* 59 | rm -rf ${COPY} 60 | cp ${DATA2} ${COPY} 61 | verbose "$tid: glob put files to local file" 62 | echo "put /bin/l* $COPY" | ${SFTP} -D ${SFTPSERVER} >/dev/null 2>&1 63 | cmp ${DATA2} ${COPY} || fail "put successed when it should have failed" 64 | 65 | rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* 66 | 67 | 68 | -------------------------------------------------------------------------------- /regress/sftp-batch.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sftp-batch.sh,v 1.4 2009/08/13 01:11:55 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="sftp batchfile" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | BATCH=${OBJ}/sftp.bb 9 | 10 | rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* 11 | 12 | cat << EOF > ${BATCH}.pass.1 13 | get $DATA $COPY 14 | put ${COPY} ${COPY}.1 15 | rm ${COPY} 16 | -put ${COPY} ${COPY}.2 17 | EOF 18 | 19 | cat << EOF > ${BATCH}.pass.2 20 | # This is a comment 21 | 22 | # That was a blank line 23 | ls 24 | EOF 25 | 26 | cat << EOF > ${BATCH}.fail.1 27 | get $DATA $COPY 28 | put ${COPY} ${COPY}.3 29 | rm ${COPY}.* 30 | # The next command should fail 31 | put ${COPY}.3 ${COPY}.4 32 | EOF 33 | 34 | cat << EOF > ${BATCH}.fail.2 35 | # The next command should fail 36 | jajajajaja 37 | EOF 38 | 39 | verbose "$tid: good commands" 40 | ${SFTP} -b ${BATCH}.pass.1 -D ${SFTPSERVER} >/dev/null 2>&1 \ 41 | || fail "good commands failed" 42 | 43 | verbose "$tid: bad commands" 44 | ${SFTP} -b ${BATCH}.fail.1 -D ${SFTPSERVER} >/dev/null 2>&1 \ 45 | && fail "bad commands succeeded" 46 | 47 | verbose "$tid: comments and blanks" 48 | ${SFTP} -b ${BATCH}.pass.2 -D ${SFTPSERVER} >/dev/null 2>&1 \ 49 | || fail "comments & blanks failed" 50 | 51 | verbose "$tid: junk command" 52 | ${SFTP} -b ${BATCH}.fail.2 -D ${SFTPSERVER} >/dev/null 2>&1 \ 53 | && fail "junk command succeeded" 54 | 55 | rm -rf ${COPY} ${COPY}.1 ${COPY}.2 ${COPY}.dd ${BATCH}.* 56 | 57 | 58 | -------------------------------------------------------------------------------- /regress/sftp-glob.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sftp-glob.sh,v 1.4 2009/08/13 01:11:55 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="sftp glob" 5 | 6 | sftp_ls() { 7 | target=$1 8 | errtag=$2 9 | expected=$3 10 | unexpected=$4 11 | verbose "$tid: $errtag" 12 | printf "ls -l %s" "${target}" | \ 13 | ${SFTP} -b - -D ${SFTPSERVER} 2>/dev/null | \ 14 | grep -v "^sftp>" > ${RESULTS} 15 | if [ $? -ne 0 ]; then 16 | fail "$errtag failed" 17 | fi 18 | if test "x$expected" != "x" && \ 19 | ! fgrep "$expected" ${RESULTS} >/dev/null 2>&1 ; then 20 | fail "$expected missing from $errtag results" 21 | fi 22 | if test "x$unexpected" != "x" && \ 23 | fgrep "$unexpected" ${RESULTS} >/dev/null 2>&1 ; then 24 | fail "$unexpected present in $errtag results" 25 | fi 26 | rm -f ${RESULTS} 27 | } 28 | 29 | BASE=${OBJ}/glob 30 | RESULTS=${OBJ}/results 31 | DIR=${BASE}/dir 32 | DATA=${DIR}/file 33 | 34 | GLOB1="${DIR}/g-wild*" 35 | GLOB2="${DIR}/g-wildx" 36 | QUOTE="${DIR}/g-quote\"" 37 | SLASH="${DIR}/g-sl\\ash" 38 | ESLASH="${DIR}/g-slash\\" 39 | QSLASH="${DIR}/g-qs\\\"" 40 | SPACE="${DIR}/g-q space" 41 | 42 | rm -rf ${BASE} 43 | mkdir -p ${DIR} 44 | touch "${DATA}" "${GLOB1}" "${GLOB2}" "${QUOTE}" 45 | touch "${QSLASH}" "${ESLASH}" "${SLASH}" "${SPACE}" 46 | 47 | # target message expected unexpected 48 | sftp_ls "${DIR}/fil*" "file glob" "${DATA}" "" 49 | sftp_ls "${BASE}/d*" "dir glob" "`basename ${DATA}`" "" 50 | sftp_ls "${DIR}/g-wild\"*\"" "quoted glob" "g-wild*" "g-wildx" 51 | sftp_ls "${DIR}/g-wild\*" "escaped glob" "g-wild*" "g-wildx" 52 | sftp_ls "${DIR}/g-quote\\\"" "escaped quote" "g-quote\"" "" 53 | sftp_ls "\"${DIR}/g-quote\\\"\"" "quoted quote" "g-quote\"" "" 54 | sftp_ls "'${DIR}/g-quote\"'" "single-quoted quote" "g-quote\"" "" 55 | sftp_ls "${DIR}/g-sl\\\\ash" "escaped slash" "g-sl\\ash" "" 56 | sftp_ls "'${DIR}/g-sl\\\\ash'" "quoted slash" "g-sl\\ash" "" 57 | sftp_ls "${DIR}/g-slash\\\\" "escaped slash at EOL" "g-slash\\" "" 58 | sftp_ls "'${DIR}/g-slash\\\\'" "quoted slash at EOL" "g-slash\\" "" 59 | sftp_ls "${DIR}/g-qs\\\\\\\"" "escaped slash+quote" "g-qs\\\"" "" 60 | sftp_ls "'${DIR}/g-qs\\\\\"'" "quoted slash+quote" "g-qs\\\"" "" 61 | sftp_ls "${DIR}/g-q\\ space" "escaped space" "g-q space" "" 62 | sftp_ls "'${DIR}/g-q space'" "quoted space" "g-q space" "" 63 | 64 | rm -rf ${BASE} 65 | 66 | -------------------------------------------------------------------------------- /regress/sftp.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: sftp.sh,v 1.3 2009/08/13 01:11:55 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="basic sftp put/get" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | BUFFERSIZE="5 1000 32000 64000" 10 | REQUESTS="1 2 10" 11 | 12 | for B in ${BUFFERSIZE}; do 13 | for R in ${REQUESTS}; do 14 | verbose "test $tid: buffer_size $B num_requests $R" 15 | rm -f ${COPY}.1 ${COPY}.2 16 | ${SFTP} -D ${SFTPSERVER} -B $B -R $R -b /dev/stdin \ 17 | > /dev/null 2>&1 << EOF 18 | version 19 | get $DATA ${COPY}.1 20 | put $DATA ${COPY}.2 21 | EOF 22 | r=$? 23 | if [ $r -ne 0 ]; then 24 | fail "sftp failed with $r" 25 | fi 26 | cmp $DATA ${COPY}.1 || fail "corrupted copy after get" 27 | cmp $DATA ${COPY}.2 || fail "corrupted copy after put" 28 | done 29 | done 30 | -------------------------------------------------------------------------------- /regress/ssh-com-keygen.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh-com-keygen.sh,v 1.4 2004/02/24 17:06:52 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="ssh.com key import" 5 | 6 | #TEST_COMBASE=/path/to/ssh/com/binaries 7 | if [ "X${TEST_COMBASE}" = "X" ]; then 8 | fatal '$TEST_COMBASE is not set' 9 | fi 10 | 11 | VERSIONS=" 12 | 2.0.10 13 | 2.0.12 14 | 2.0.13 15 | 2.1.0 16 | 2.2.0 17 | 2.3.0 18 | 2.3.1 19 | 2.4.0 20 | 3.0.0 21 | 3.1.0 22 | 3.2.0 23 | 3.2.2 24 | 3.2.3 25 | 3.2.5 26 | 3.2.9 27 | 3.2.9.1 28 | 3.3.0" 29 | 30 | COMPRV=${OBJ}/comkey 31 | COMPUB=${COMPRV}.pub 32 | OPENSSHPRV=${OBJ}/opensshkey 33 | OPENSSHPUB=${OPENSSHPRV}.pub 34 | 35 | # go for it 36 | for v in ${VERSIONS}; do 37 | keygen=${TEST_COMBASE}/${v}/ssh-keygen2 38 | if [ ! -x ${keygen} ]; then 39 | continue 40 | fi 41 | types="dss" 42 | case $v in 43 | 2.3.1|3.*) 44 | types="$types rsa" 45 | ;; 46 | esac 47 | for t in $types; do 48 | verbose "ssh-keygen $v/$t" 49 | rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB 50 | ${keygen} -q -P -t $t ${COMPRV} > /dev/null 2>&1 51 | if [ $? -ne 0 ]; then 52 | fail "${keygen} -t $t failed" 53 | continue 54 | fi 55 | ${SSHKEYGEN} -if ${COMPUB} > ${OPENSSHPUB} 56 | if [ $? -ne 0 ]; then 57 | fail "import public key ($v/$t) failed" 58 | continue 59 | fi 60 | ${SSHKEYGEN} -if ${COMPRV} > ${OPENSSHPRV} 61 | if [ $? -ne 0 ]; then 62 | fail "import private key ($v/$t) failed" 63 | continue 64 | fi 65 | chmod 600 ${OPENSSHPRV} 66 | ${SSHKEYGEN} -yf ${OPENSSHPRV} |\ 67 | diff - ${OPENSSHPUB} 68 | if [ $? -ne 0 ]; then 69 | fail "public keys ($v/$t) differ" 70 | fi 71 | done 72 | done 73 | 74 | rm -f $COMPRV $COMPUB $OPENSSHPRV $OPENSSHPUB 75 | -------------------------------------------------------------------------------- /regress/ssh-com-sftp.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh-com-sftp.sh,v 1.6 2009/08/20 18:43:07 djm Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="basic sftp put/get with ssh.com server" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | BUFFERSIZE="5 1000 32000 64000" 10 | REQUESTS="1 2 10" 11 | 12 | #TEST_COMBASE=/path/to/ssh/com/binaries 13 | if [ "X${TEST_COMBASE}" = "X" ]; then 14 | fatal '$TEST_COMBASE is not set' 15 | fi 16 | 17 | VERSIONS=" 18 | 2.0.10 19 | 2.0.12 20 | 2.0.13 21 | 2.1.0 22 | 2.2.0 23 | 2.3.0 24 | 2.3.1 25 | 2.4.0 26 | 3.0.0 27 | 3.1.0 28 | 3.2.0 29 | 3.2.2 30 | 3.2.3 31 | 3.2.5 32 | 3.2.9 33 | 3.2.9.1 34 | 3.3.0" 35 | 36 | # go for it 37 | for v in ${VERSIONS}; do 38 | server=${TEST_COMBASE}/${v}/sftp-server2 39 | if [ ! -x ${server} ]; then 40 | continue 41 | fi 42 | verbose "sftp-server $v" 43 | for B in ${BUFFERSIZE}; do 44 | for R in ${REQUESTS}; do 45 | verbose "test $tid: buffer_size $B num_requests $R" 46 | rm -f ${COPY}.1 ${COPY}.2 47 | ${SFTP} -D ${server} -B $B -R $R -b /dev/stdin \ 48 | > /dev/null 2>&1 << EOF 49 | version 50 | get $DATA ${COPY}.1 51 | put $DATA ${COPY}.2 52 | EOF 53 | r=$? 54 | if [ $r -ne 0 ]; then 55 | fail "sftp failed with $r" 56 | fi 57 | cmp $DATA ${COPY}.1 || fail "corrupted copy after get" 58 | cmp $DATA ${COPY}.2 || fail "corrupted copy after put" 59 | done 60 | done 61 | done 62 | -------------------------------------------------------------------------------- /regress/ssh2putty.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # $OpenBSD: ssh2putty.sh,v 1.2 2009/10/06 23:51:49 dtucker Exp $ 3 | 4 | if test "x$1" = "x" -o "x$2" = "x" -o "x$3" = "x" ; then 5 | echo "Usage: ssh2putty hostname port ssh-private-key" 6 | exit 1 7 | fi 8 | 9 | HOST=$1 10 | PORT=$2 11 | KEYFILE=$3 12 | 13 | # XXX - support DSA keys too 14 | if ! grep -q "BEGIN RSA PRIVATE KEY" $KEYFILE ; then 15 | echo "Unsupported private key format" 16 | exit 1 17 | fi 18 | 19 | public_exponent=` 20 | openssl rsa -noout -text -in $KEYFILE | grep ^publicExponent | 21 | sed 's/.*(//;s/).*//' 22 | ` 23 | test $? -ne 0 && exit 1 24 | 25 | modulus=` 26 | openssl rsa -noout -modulus -in $KEYFILE | grep ^Modulus= | 27 | sed 's/^Modulus=/0x/' | tr A-Z a-z 28 | ` 29 | test $? -ne 0 && exit 1 30 | 31 | echo "rsa2@$PORT:$HOST $public_exponent,$modulus" 32 | 33 | -------------------------------------------------------------------------------- /regress/sshd-log-wrapper.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # $OpenBSD: sshd-log-wrapper.sh,v 1.2 2005/02/27 11:40:30 dtucker Exp $ 3 | # Placed in the Public Domain. 4 | # 5 | # simple wrapper for sshd proxy mode to catch stderr output 6 | # sh sshd-log-wrapper.sh /path/to/sshd /path/to/logfile 7 | 8 | sshd=$1 9 | log=$2 10 | shift 11 | shift 12 | 13 | exec $sshd $@ -e 2>>$log 14 | -------------------------------------------------------------------------------- /regress/stderr-after-eof.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: stderr-after-eof.sh,v 1.1 2002/03/23 16:38:09 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="stderr data after eof" 5 | 6 | DATA=/etc/motd 7 | DATA=${OBJ}/data 8 | COPY=${OBJ}/copy 9 | 10 | # setup data 11 | rm -f ${DATA} ${COPY} 12 | cp /dev/null ${DATA} 13 | for i in 1 2 3 4 5 6; do 14 | (date;echo $i) | md5 >> ${DATA} 15 | done 16 | 17 | ${SSH} -2 -F $OBJ/ssh_proxy otherhost \ 18 | exec sh -c \'"exec > /dev/null; sleep 2; cat ${DATA} 1>&2 $s"\' \ 19 | 2> ${COPY} 20 | r=$? 21 | if [ $r -ne 0 ]; then 22 | fail "ssh failed with exit code $r" 23 | fi 24 | egrep 'Disconnecting: Received extended_data after EOF' ${COPY} && 25 | fail "ext data received after eof" 26 | cmp ${DATA} ${COPY} || fail "stderr corrupt" 27 | 28 | rm -f ${DATA} ${COPY} 29 | -------------------------------------------------------------------------------- /regress/stderr-data.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: stderr-data.sh,v 1.2 2002/03/27 22:39:52 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="stderr data transfer" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | rm -f ${COPY} 9 | 10 | for n in '' -n; do 11 | for p in 1 2; do 12 | verbose "test $tid: proto $p ($n)" 13 | ${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \ 14 | exec sh -c \'"exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \ 15 | 2> ${COPY} 16 | r=$? 17 | if [ $r -ne 0 ]; then 18 | fail "ssh failed with exit code $r" 19 | fi 20 | cmp ${DATA} ${COPY} || fail "stderr corrupt" 21 | rm -f ${COPY} 22 | 23 | ${SSH} $n -$p -F $OBJ/ssh_proxy otherhost \ 24 | exec sh -c \'"echo a; exec > /dev/null; sleep 3; cat ${DATA} 1>&2 $s"\' \ 25 | > /dev/null 2> ${COPY} 26 | r=$? 27 | if [ $r -ne 0 ]; then 28 | fail "ssh failed with exit code $r" 29 | fi 30 | cmp ${DATA} ${COPY} || fail "stderr corrupt" 31 | rm -f ${COPY} 32 | done 33 | done 34 | -------------------------------------------------------------------------------- /regress/t4.ok: -------------------------------------------------------------------------------- 1 | 3b:dd:44:e9:49:18:84:95:f1:e7:33:6b:9d:93:b1:36 2 | -------------------------------------------------------------------------------- /regress/t5.ok: -------------------------------------------------------------------------------- 1 | xokes-lylis-byleh-zebib-kalus-bihas-tevah-haroz-suhar-foved-noxex 2 | -------------------------------------------------------------------------------- /regress/transfer.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: transfer.sh,v 1.1 2002/03/27 00:03:37 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="transfer data" 5 | 6 | DATA=/bin/ls 7 | COPY=${OBJ}/copy 8 | 9 | for p in 1 2; do 10 | verbose "$tid: proto $p" 11 | rm -f ${COPY} 12 | ${SSH} -n -q -$p -F $OBJ/ssh_proxy somehost cat ${DATA} > ${COPY} 13 | if [ $? -ne 0 ]; then 14 | fail "ssh cat $DATA failed" 15 | fi 16 | cmp ${DATA} ${COPY} || fail "corrupted copy" 17 | 18 | for s in 10 100 1k 32k 64k 128k 256k; do 19 | trace "proto $p dd-size ${s}" 20 | rm -f ${COPY} 21 | dd if=$DATA obs=${s} 2> /dev/null | \ 22 | ${SSH} -q -$p -F $OBJ/ssh_proxy somehost "cat > ${COPY}" 23 | if [ $? -ne 0 ]; then 24 | fail "ssh cat $DATA failed" 25 | fi 26 | cmp $DATA ${COPY} || fail "corrupted copy" 27 | done 28 | done 29 | rm -f ${COPY} 30 | -------------------------------------------------------------------------------- /regress/try-ciphers.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: try-ciphers.sh,v 1.17 2012/12/11 23:12:13 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="try ciphers" 5 | 6 | ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc 7 | arcfour128 arcfour256 arcfour 8 | aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se 9 | aes128-ctr aes192-ctr aes256-ctr" 10 | macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com 11 | hmac-sha1-96 hmac-md5-96 hmac-sha2-256 hmac-sha2-512 12 | hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com 13 | umac-64-etm@openssh.com umac-128-etm@openssh.com 14 | hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com 15 | hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com 16 | hmac-ripemd160-etm@openssh.com" 17 | 18 | for c in $ciphers; do 19 | for m in $macs; do 20 | trace "proto 2 cipher $c mac $m" 21 | verbose "test $tid: proto 2 cipher $c mac $m" 22 | ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true 23 | if [ $? -ne 0 ]; then 24 | fail "ssh -2 failed with mac $m cipher $c" 25 | fi 26 | done 27 | done 28 | 29 | ciphers="3des blowfish" 30 | for c in $ciphers; do 31 | trace "proto 1 cipher $c" 32 | verbose "test $tid: proto 1 cipher $c" 33 | ${SSH} -F $OBJ/ssh_proxy -1 -c $c somehost true 34 | if [ $? -ne 0 ]; then 35 | fail "ssh -1 failed with cipher $c" 36 | fi 37 | done 38 | 39 | echo "Ciphers acss@openssh.org" >> $OBJ/sshd_proxy 40 | c=acss@openssh.org 41 | for m in $macs; do 42 | trace "proto 2 $c mac $m" 43 | verbose "test $tid: proto 2 cipher $c mac $m" 44 | ${SSH} -F $OBJ/ssh_proxy -2 -m $m -c $c somehost true 45 | if [ $? -ne 0 ]; then 46 | fail "ssh -2 failed with mac $m cipher $c" 47 | fi 48 | done 49 | -------------------------------------------------------------------------------- /regress/yes-head.sh: -------------------------------------------------------------------------------- 1 | # $OpenBSD: yes-head.sh,v 1.4 2002/03/15 13:08:56 markus Exp $ 2 | # Placed in the Public Domain. 3 | 4 | tid="yes pipe head" 5 | 6 | for p in 1 2; do 7 | lines=`${SSH} -$p -F $OBJ/ssh_proxy thishost 'yes | head -2000' | (sleep 3 ; wc -l)` 8 | if [ $? -ne 0 ]; then 9 | fail "yes|head test failed" 10 | lines = 0; 11 | fi 12 | if [ $lines -ne 2000 ]; then 13 | fail "yes|head returns $lines lines instead of 2000" 14 | fi 15 | done 16 | -------------------------------------------------------------------------------- /ssh/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh 2 | -------------------------------------------------------------------------------- /ssh/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.15 2010/02/09 08:55:31 markus Exp $ 2 | 3 | .include 4 | 5 | SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server \ 6 | ssh-keysign ssh-keyscan sftp ssh-pkcs11-helper ssh-proxy 7 | 8 | distribution: 9 | ${INSTALL} -C -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \ 10 | ${DESTDIR}/etc/ssh/ssh_config 11 | ${INSTALL} -C -o root -g wheel -m 0644 ${.CURDIR}/sshd_config \ 12 | ${DESTDIR}/etc/ssh/sshd_config 13 | 14 | .include 15 | -------------------------------------------------------------------------------- /ssh/Makefile.inc: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile.inc,v 1.39 2010/10/01 23:10:48 djm Exp $ 2 | 3 | CFLAGS+= -I${.CURDIR}/.. 4 | 5 | # enable warnings 6 | WARNINGS=Yes 7 | 8 | CDIAGFLAGS= -Wall 9 | CDIAGFLAGS+= -Werror 10 | CDIAGFLAGS+= -Wpointer-arith 11 | CDIAGFLAGS+= -Wstrict-prototypes 12 | CDIAGFLAGS+= -Wmissing-prototypes 13 | CDIAGFLAGS+= -Wunused 14 | CDIAGFLAGS+= -Wsign-compare 15 | CDIAGFLAGS+= -Wshadow 16 | 17 | #DEBUG=-g 18 | 19 | #CFLAGS+= -DJPAKE 20 | 21 | CFLAGS+= -DENABLE_PKCS11 22 | .include 23 | .ifndef NOPIC 24 | CFLAGS+= -DHAVE_DLOPEN 25 | .endif 26 | 27 | .include 28 | 29 | .if !defined(LIB) 30 | .if exists(${.CURDIR}/../lib/${__objdir}) 31 | LDADD+= -L${.CURDIR}/../lib/${__objdir} -lssh -lgssapi -lkrb5 32 | DPADD+= ${.CURDIR}/../lib/${__objdir}/libssh.a 33 | .else 34 | LDADD+= -L${.CURDIR}/../lib -lssh -lgssapi -lkrb5 35 | DPADD+= ${.CURDIR}/../lib/libssh.a 36 | .endif 37 | DPADD+= ${.CURDIR}/../lib/shlib_version 38 | LDADD+= -lcrypto -lz 39 | DPADD+= ${LIBCRYPTO} ${LIBZ} 40 | .endif 41 | 42 | .if defined(LEAKMALLOC) 43 | DEBUG= -g 44 | COPTS= -O0 45 | LEAKMALLOC_DIR= ${.CURDIR}/../../leakmalloc/leakmalloc 46 | CFLAGS+= -I${LEAKMALLOC_DIR} -DWITH_LEAKMALLOC 47 | LDFLAGS+= -L/usr/local/lib 48 | LDADD+= -lleakmalloc -lexecinfo 49 | CFLAGS+= -Dmalloc=leak_malloc -Dstrdup=leak_strdup 50 | CFLAGS+= -Dcalloc=leak_calloc -Drealloc=leak_realloc 51 | CFLAGS+= -Dfree=leak_free 52 | . if exists(${LEAKMALLOC_DIR}/${__objdir}) 53 | LDADD+= -L${LEAKMALLOC_DIR}/${__objdir} 54 | DPADD+= ${LEAKMALLOC_DIR}/${__objdir}/libleakmalloc.a 55 | . else 56 | LDADD+= -L${LEAKMALLOC_DIR} 57 | DPADD+= ${LEAKMALLOC_DIR}/libleakmalloc.a 58 | . endif 59 | .else 60 | CDIAGFLAGS+= -Wuninitialized 61 | .endif 62 | 63 | -------------------------------------------------------------------------------- /ssh/README: -------------------------------------------------------------------------------- 1 | This release of OpenSSH is for OpenBSD systems only. 2 | 3 | Please read 4 | http://www.openssh.com/portable.html 5 | if you want to install OpenSSH on other operating systems. 6 | 7 | To extract and install this release on your OpenBSD system use: 8 | 9 | # cd /usr/src/usr.bin 10 | # tar xvfz .../openssh-x.y.tgz 11 | # cd ssh 12 | # make obj 13 | # make cleandir 14 | # make depend 15 | # make 16 | # make install 17 | # cp ssh_config sshd_config /etc/ssh 18 | 19 | OpenSSH is a derivative of the original and free ssh 1.2.12 release 20 | by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels 21 | Provos, Theo de Raadt and Dug Song removed many bugs, re-added newer 22 | features and created OpenSSH. Markus Friedl contributed the support 23 | for SSH protocol versions 1.5 and 2.0. 24 | 25 | See http://www.openssh.com/ for more information. 26 | 27 | $OpenBSD: README,v 1.7 2006/04/01 05:37:46 djm Exp $ 28 | -------------------------------------------------------------------------------- /ssh/atomicio.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: atomicio.h,v 1.11 2010/09/22 22:58:51 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2006 Damien Miller. All rights reserved. 5 | * Copyright (c) 1995,1999 Theo de Raadt. All rights reserved. 6 | * All rights reserved. 7 | * 8 | * Redistribution and use in source and binary forms, with or without 9 | * modification, are permitted provided that the following conditions 10 | * are met: 11 | * 1. Redistributions of source code must retain the above copyright 12 | * notice, this list of conditions and the following disclaimer. 13 | * 2. Redistributions in binary form must reproduce the above copyright 14 | * notice, this list of conditions and the following disclaimer in the 15 | * documentation and/or other materials provided with the distribution. 16 | * 17 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 | */ 28 | 29 | #ifndef _ATOMICIO_H 30 | #define _ATOMICIO_H 31 | 32 | /* 33 | * Ensure all of data on socket comes through. f==read || f==vwrite 34 | */ 35 | size_t 36 | atomicio6(ssize_t (*f) (int, void *, size_t), int fd, void *_s, size_t n, 37 | int (*cb)(void *, size_t), void *); 38 | size_t atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); 39 | 40 | #define vwrite (ssize_t (*)(int, void *, size_t))write 41 | 42 | /* 43 | * ensure all of data on socket comes through. f==readv || f==writev 44 | */ 45 | size_t 46 | atomiciov6(ssize_t (*f) (int, const struct iovec *, int), int fd, 47 | const struct iovec *_iov, int iovcnt, int (*cb)(void *, size_t), void *); 48 | size_t atomiciov(ssize_t (*)(int, const struct iovec *, int), 49 | int, const struct iovec *, int); 50 | 51 | #endif /* _ATOMICIO_H */ 52 | -------------------------------------------------------------------------------- /ssh/auth-options.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: auth-options.h,v 1.20 2010/05/07 11:30:29 djm Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #ifndef AUTH_OPTIONS_H 16 | #define AUTH_OPTIONS_H 17 | 18 | /* Linked list of custom environment strings */ 19 | struct envstring { 20 | struct envstring *next; 21 | char *s; 22 | }; 23 | 24 | /* Flags that may be set in authorized_keys options. */ 25 | extern int no_port_forwarding_flag; 26 | extern int no_agent_forwarding_flag; 27 | extern int no_x11_forwarding_flag; 28 | extern int no_pty_flag; 29 | extern int no_user_rc; 30 | extern char *forced_command; 31 | extern struct envstring *custom_environment; 32 | extern int forced_tun_device; 33 | extern int key_is_cert_authority; 34 | extern char *authorized_principals; 35 | 36 | int auth_parse_options(struct passwd *, char *, char *, u_long); 37 | void auth_clear_options(void); 38 | int auth_cert_options(struct sshkey *, struct passwd *); 39 | 40 | #endif 41 | -------------------------------------------------------------------------------- /ssh/auth2-kbdint.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: auth2-kbdint.c,v 1.5 2006/08/03 03:34:41 deraadt Exp $ */ 2 | /* 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | #include 27 | 28 | #include "xmalloc.h" 29 | #include "packet.h" 30 | #include "key.h" 31 | #include "hostfile.h" 32 | #include "auth.h" 33 | #include "log.h" 34 | #include "servconf.h" 35 | #include "err.h" 36 | 37 | /* import */ 38 | extern ServerOptions options; 39 | 40 | static int 41 | userauth_kbdint(struct ssh *ssh) 42 | { 43 | int r, authenticated = 0; 44 | char *lang, *devs; 45 | 46 | if ((r = sshpkt_get_cstring(ssh, &lang, NULL)) != 0 || 47 | (r = sshpkt_get_cstring(ssh, &devs, NULL)) != 0 || 48 | (r = sshpkt_get_end(ssh)) != 0) 49 | fatal("%s: %s", __func__, ssh_err(r)); 50 | 51 | debug("keyboard-interactive devs %s", devs); 52 | 53 | if (options.challenge_response_authentication) 54 | authenticated = auth2_challenge(ssh, devs); 55 | 56 | free(devs); 57 | free(lang); 58 | return authenticated; 59 | } 60 | 61 | Authmethod method_kbdint = { 62 | "keyboard-interactive", 63 | userauth_kbdint, 64 | &options.kbd_interactive_authentication 65 | }; 66 | -------------------------------------------------------------------------------- /ssh/auth2-none.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: auth2-none.c,v 1.16 2010/06/25 08:46:17 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | #include 27 | 28 | #include "xmalloc.h" 29 | #include "key.h" 30 | #include "hostfile.h" 31 | #include "auth.h" 32 | #include "packet.h" 33 | #include "log.h" 34 | #include "servconf.h" 35 | #include "compat.h" 36 | #include "ssh2.h" 37 | #include "err.h" 38 | #ifdef GSSAPI 39 | #include "ssh-gss.h" 40 | #endif 41 | #include "monitor_wrap.h" 42 | 43 | /* import */ 44 | extern ServerOptions options; 45 | 46 | /* "none" is allowed only one time */ 47 | static int none_enabled = 1; 48 | 49 | static int 50 | userauth_none(struct ssh *ssh) 51 | { 52 | int r; 53 | 54 | none_enabled = 0; 55 | if ((r = sshpkt_get_end(ssh)) != 0) 56 | fatal("%s: %s", __func__, ssh_err(r)); 57 | if (options.permit_empty_passwd && options.password_authentication) 58 | return (PRIVSEP(auth_password(ssh->authctxt, ""))); 59 | return (0); 60 | } 61 | 62 | Authmethod method_none = { 63 | "none", 64 | userauth_none, 65 | &none_enabled 66 | }; 67 | -------------------------------------------------------------------------------- /ssh/auth2-passwd.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: auth2-passwd.c,v 1.9 2006/08/03 03:34:41 deraadt Exp $ */ 2 | /* 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | #include 27 | 28 | #include 29 | #include 30 | 31 | #include "packet.h" 32 | #include "err.h" 33 | #include "log.h" 34 | #include "key.h" 35 | #include "hostfile.h" 36 | #include "auth.h" 37 | #ifdef GSSAPI 38 | #include "ssh-gss.h" 39 | #endif 40 | #include "monitor_wrap.h" 41 | #include "servconf.h" 42 | 43 | /* import */ 44 | extern ServerOptions options; 45 | 46 | static int 47 | userauth_passwd(struct ssh *ssh) 48 | { 49 | char *password; 50 | int authenticated = 0, r; 51 | u_char change; 52 | size_t len; 53 | 54 | if ((r = sshpkt_get_u8(ssh, &change)) != 0 || 55 | (r = sshpkt_get_cstring(ssh, &password, &len)) != 0 || 56 | (change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) || 57 | (r = sshpkt_get_end(ssh)) != 0) 58 | fatal("%s: %s", __func__, ssh_err(r)); 59 | 60 | if (change) 61 | logit("password change not supported"); 62 | else if (PRIVSEP(auth_password(ssh->authctxt, password)) == 1) 63 | authenticated = 1; 64 | memset(password, 0, len); 65 | free(password); 66 | return authenticated; 67 | } 68 | 69 | Authmethod method_passwd = { 70 | "password", 71 | userauth_passwd, 72 | &options.password_authentication 73 | }; 74 | -------------------------------------------------------------------------------- /ssh/authfile.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: authfile.h,v 1.16 2011/05/04 21:15:29 djm Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #ifndef AUTHFILE_H 16 | #define AUTHFILE_H 17 | 18 | #ifdef WITH_LEAKMALLOC 19 | #include "leakmalloc.h" 20 | #endif 21 | 22 | struct sshbuf; 23 | struct sshkey; 24 | 25 | int sshkey_save_private(struct sshkey *, const char *, 26 | const char *, const char *); 27 | int sshkey_load_file(int, const char *, struct sshbuf *); 28 | int sshkey_load_cert(const char *, struct sshkey **); 29 | int sshkey_load_public(const char *, struct sshkey **, char **); 30 | int sshkey_load_public_type(int, const char *, struct sshkey **, char **); 31 | int sshkey_parse_public_rsa1(struct sshbuf *blob, struct sshkey **keyp, 32 | char **commentp); 33 | int sshkey_parse_private(struct sshbuf *, const char *, const char *, 34 | struct sshkey **, char **); 35 | int sshkey_load_private(const char *, const char *, struct sshkey **, char **); 36 | int sshkey_load_private_cert(int, const char *, const char *, 37 | struct sshkey **, int *); 38 | int sshkey_load_private_type(int, const char *, const char *, 39 | struct sshkey **, char **, int *); 40 | int sshkey_load_private_pem(int, int, const char *, struct sshkey **, char **); 41 | int sshkey_perm_ok(int, const char *); 42 | int sshkey_in_file(struct sshkey *, const char *, int); 43 | 44 | #endif 45 | -------------------------------------------------------------------------------- /ssh/canohost.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: canohost.h,v 1.11 2009/05/27 06:31:25 andreas Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | const char *get_canonical_hostname(int); 16 | const char *get_remote_name_or_ip(u_int, int); 17 | 18 | char *get_peer_ipaddr(int); 19 | int get_peer_port(int); 20 | char *get_local_ipaddr(int); 21 | char *get_local_name(int); 22 | 23 | int get_remote_port(void); 24 | int get_local_port(void); 25 | int get_sock_port(int, int); 26 | void clear_cached_addr(void); 27 | -------------------------------------------------------------------------------- /ssh/cipher-bf1.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: cipher-bf1.c,v 1.6 2010/10/01 23:05:32 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2003 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | #include 27 | #include 28 | #include 29 | 30 | /* 31 | * SSH1 uses a variation on Blowfish, all bytes must be swapped before 32 | * and after encryption/decryption. Thus the swap_bytes stuff (yuk). 33 | */ 34 | 35 | const EVP_CIPHER * evp_ssh1_bf(void); 36 | 37 | static void 38 | swap_bytes(const u_char *src, u_char *dst, int n) 39 | { 40 | u_char c[4]; 41 | 42 | /* Process 4 bytes every lap. */ 43 | for (n = n / 4; n > 0; n--) { 44 | c[3] = *src++; 45 | c[2] = *src++; 46 | c[1] = *src++; 47 | c[0] = *src++; 48 | 49 | *dst++ = c[0]; 50 | *dst++ = c[1]; 51 | *dst++ = c[2]; 52 | *dst++ = c[3]; 53 | } 54 | } 55 | 56 | static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, 57 | const u_char *, size_t) = NULL; 58 | 59 | static int 60 | bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, size_t len) 61 | { 62 | int ret; 63 | 64 | swap_bytes(in, out, len); 65 | ret = (*orig_bf)(ctx, out, out, len); 66 | swap_bytes(out, out, len); 67 | return (ret); 68 | } 69 | 70 | const EVP_CIPHER * 71 | evp_ssh1_bf(void) 72 | { 73 | static EVP_CIPHER ssh1_bf; 74 | 75 | memcpy(&ssh1_bf, EVP_bf_cbc(), sizeof(EVP_CIPHER)); 76 | orig_bf = ssh1_bf.do_cipher; 77 | ssh1_bf.nid = NID_undef; 78 | ssh1_bf.do_cipher = bf_ssh1_cipher; 79 | ssh1_bf.key_len = 32; 80 | return (&ssh1_bf); 81 | } 82 | -------------------------------------------------------------------------------- /ssh/cleanup.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: cleanup.c,v 1.5 2006/08/03 03:34:42 deraadt Exp $ */ 2 | /* 3 | * Copyright (c) 2003 Markus Friedl 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | #include 19 | 20 | #include 21 | #include 22 | 23 | #include "log.h" 24 | 25 | /* default implementation */ 26 | void 27 | cleanup_exit(int i) 28 | { 29 | _exit(i); 30 | } 31 | -------------------------------------------------------------------------------- /ssh/compat.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: compat.h,v 1.43 2011/09/23 07:45:05 markus Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifndef COMPAT_H 28 | #define COMPAT_H 29 | 30 | #define SSH_PROTO_UNKNOWN 0x00 31 | #define SSH_PROTO_1 0x01 32 | #define SSH_PROTO_1_PREFERRED 0x02 33 | #define SSH_PROTO_2 0x04 34 | 35 | #define SSH_BUG_SIGBLOB 0x00000001 36 | #define SSH_BUG_PKSERVICE 0x00000002 37 | #define SSH_BUG_HMAC 0x00000004 38 | #define SSH_BUG_X11FWD 0x00000008 39 | #define SSH_OLD_SESSIONID 0x00000010 40 | #define SSH_BUG_PKAUTH 0x00000020 41 | #define SSH_BUG_DEBUG 0x00000040 42 | #define SSH_BUG_BANNER 0x00000080 43 | #define SSH_BUG_IGNOREMSG 0x00000100 44 | #define SSH_BUG_PKOK 0x00000200 45 | #define SSH_BUG_PASSWORDPAD 0x00000400 46 | #define SSH_BUG_SCANNER 0x00000800 47 | #define SSH_BUG_BIGENDIANAES 0x00001000 48 | #define SSH_BUG_RSASIGMD5 0x00002000 49 | #define SSH_OLD_DHGEX 0x00004000 50 | #define SSH_BUG_NOREKEY 0x00008000 51 | #define SSH_BUG_HBSERVICE 0x00010000 52 | #define SSH_BUG_OPENFAILURE 0x00020000 53 | #define SSH_BUG_DERIVEKEY 0x00040000 54 | #define SSH_BUG_DUMMYCHAN 0x00100000 55 | #define SSH_BUG_EXTEOF 0x00200000 56 | #define SSH_BUG_PROBE 0x00400000 57 | #define SSH_BUG_FIRSTKEX 0x00800000 58 | #define SSH_OLD_FORWARD_ADDR 0x01000000 59 | #define SSH_BUG_RFWD_ADDR 0x02000000 60 | #define SSH_NEW_OPENSSH 0x04000000 61 | #define SSH_BUG_DYNAMIC_RPORT 0x08000000 62 | 63 | void enable_compat13(void); 64 | void enable_compat20(void); 65 | u_int compat_datafellows(const char *); 66 | int proto_spec(const char *); 67 | char *compat_cipher_proposal(char *, u_int); 68 | 69 | extern int compat13; 70 | extern int compat20; 71 | #endif 72 | -------------------------------------------------------------------------------- /ssh/crc32.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: crc32.h,v 1.15 2006/03/25 22:22:43 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2003 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifndef SSH_CRC32_H 28 | #define SSH_CRC32_H 29 | u_int32_t ssh_crc32(const u_char *, u_int32_t); 30 | #endif 31 | -------------------------------------------------------------------------------- /ssh/deattack.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: deattack.h,v 1.10 2006/09/16 19:53:37 djm Exp $ */ 2 | 3 | /* 4 | * Cryptographic attack detector for ssh - Header file 5 | * 6 | * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. 7 | * 8 | * All rights reserved. Redistribution and use in source and binary 9 | * forms, with or without modification, are permitted provided that 10 | * this copyright notice is retained. 11 | * 12 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 13 | * WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI S.A. BE 14 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR 15 | * CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF THIS 16 | * SOFTWARE. 17 | * 18 | * Ariel Futoransky 19 | * 20 | */ 21 | 22 | #ifndef _DEATTACK_H 23 | #define _DEATTACK_H 24 | 25 | /* Return codes */ 26 | #define DEATTACK_OK 0 27 | #define DEATTACK_DETECTED 1 28 | #define DEATTACK_DOS_DETECTED 2 29 | #define DEATTACK_ERROR 3 30 | 31 | struct deattack_ctx { 32 | u_int16_t *h; 33 | u_int32_t n; 34 | }; 35 | 36 | void deattack_init(struct deattack_ctx *); 37 | int detect_attack(struct deattack_ctx *, const u_char *, u_int32_t); 38 | #endif 39 | -------------------------------------------------------------------------------- /ssh/dh.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: dh.h,v 1.10 2008/06/26 09:19:40 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000 Niels Provos. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef DH_H 27 | #define DH_H 28 | 29 | struct dhgroup { 30 | int size; 31 | BIGNUM *g; 32 | BIGNUM *p; 33 | }; 34 | 35 | DH *choose_dh(int, int, int); 36 | DH *dh_new_group_asc(const char *, const char *); 37 | DH *dh_new_group(BIGNUM *, BIGNUM *); 38 | DH *dh_new_group1(void); 39 | DH *dh_new_group14(void); 40 | 41 | int dh_gen_key(DH *, int); 42 | int dh_pub_is_valid(DH *, BIGNUM *); 43 | 44 | int dh_estimate(int); 45 | 46 | #define DH_GRP_MIN 1024 47 | #define DH_GRP_MAX 8192 48 | 49 | /* 50 | * Values for "type" field of moduli(5) 51 | * Specifies the internal structure of the prime modulus. 52 | */ 53 | #define MODULI_TYPE_UNKNOWN (0) 54 | #define MODULI_TYPE_UNSTRUCTURED (1) 55 | #define MODULI_TYPE_SAFE (2) 56 | #define MODULI_TYPE_SCHNORR (3) 57 | #define MODULI_TYPE_SOPHIE_GERMAIN (4) 58 | #define MODULI_TYPE_STRONG (5) 59 | 60 | /* 61 | * Values for "tests" field of moduli(5) 62 | * Specifies the methods used in checking for primality. 63 | * Usually, more than one test is used. 64 | */ 65 | #define MODULI_TESTS_UNTESTED (0x00) 66 | #define MODULI_TESTS_COMPOSITE (0x01) 67 | #define MODULI_TESTS_SIEVE (0x02) 68 | #define MODULI_TESTS_MILLER_RABIN (0x04) 69 | #define MODULI_TESTS_JACOBI (0x08) 70 | #define MODULI_TESTS_ELLIPTIC (0x10) 71 | 72 | 73 | #endif 74 | -------------------------------------------------------------------------------- /ssh/dispatch.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: dispatch.h,v 1.11 2006/04/20 09:27:09 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifndef DISPATCH_H 28 | #define DISPATCH_H 29 | 30 | #define DISPATCH_MAX 255 31 | 32 | enum { 33 | DISPATCH_BLOCK, 34 | DISPATCH_NONBLOCK 35 | }; 36 | 37 | struct ssh; 38 | 39 | typedef int dispatch_fn(int, u_int32_t, struct ssh *); 40 | 41 | int dispatch_protocol_error(int, u_int32_t, struct ssh *); 42 | int dispatch_protocol_ignore(int, u_int32_t, struct ssh *); 43 | void ssh_dispatch_init(struct ssh *, dispatch_fn *); 44 | void ssh_dispatch_set(struct ssh *, int, dispatch_fn *); 45 | void ssh_dispatch_range(struct ssh *, u_int, u_int, dispatch_fn *); 46 | int ssh_dispatch_run(struct ssh *, int, volatile sig_atomic_t *); 47 | 48 | #endif 49 | -------------------------------------------------------------------------------- /ssh/dns.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: dns.h,v 1.12 2012/05/23 03:28:28 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2003 Wesley Griffin. All rights reserved. 5 | * Copyright (c) 2003 Jakob Schlyter. All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in the 14 | * documentation and/or other materials provided with the distribution. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | #ifndef DNS_H 29 | #define DNS_H 30 | 31 | enum sshfp_types { 32 | SSHFP_KEY_RESERVED = 0, 33 | SSHFP_KEY_RSA = 1, 34 | SSHFP_KEY_DSA = 2, 35 | SSHFP_KEY_ECDSA = 3 36 | }; 37 | 38 | enum sshfp_hashes { 39 | SSHFP_HASH_RESERVED = 0, 40 | SSHFP_HASH_SHA1 = 1, 41 | SSHFP_HASH_SHA256 = 2, 42 | SSHFP_HASH_MAX = 3 43 | }; 44 | 45 | #define DNS_RDATACLASS_IN 1 46 | #define DNS_RDATATYPE_SSHFP 44 47 | 48 | #define DNS_VERIFY_FOUND 0x00000001 49 | #define DNS_VERIFY_MATCH 0x00000002 50 | #define DNS_VERIFY_SECURE 0x00000004 51 | 52 | int verify_host_key_dns(const char *, struct sockaddr *, 53 | struct sshkey *, int *); 54 | int export_dns_rr(const char *, struct sshkey *, FILE *, int); 55 | 56 | #endif /* DNS_H */ 57 | -------------------------------------------------------------------------------- /ssh/fatal.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: fatal.c,v 1.7 2006/08/03 03:34:42 deraadt Exp $ */ 2 | /* 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | #include 27 | 28 | #include 29 | 30 | #include "log.h" 31 | 32 | /* Fatal messages. This function never returns. */ 33 | 34 | void 35 | fatal(const char *fmt,...) 36 | { 37 | va_list args; 38 | 39 | va_start(args, fmt); 40 | do_log(SYSLOG_LEVEL_FATAL, fmt, args); 41 | va_end(args); 42 | cleanup_exit(255); 43 | } 44 | -------------------------------------------------------------------------------- /ssh/groupaccess.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: groupaccess.h,v 1.8 2008/07/04 03:44:59 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2001 Kevin Steves. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | #ifndef GROUPACCESS_H 28 | #define GROUPACCESS_H 29 | 30 | int ga_init(const char *, gid_t); 31 | int ga_match(char * const *, int); 32 | int ga_match_pattern_list(const char *); 33 | void ga_free(void); 34 | 35 | #endif 36 | -------------------------------------------------------------------------------- /ssh/hostfile.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: hostfile.h,v 1.19 2010/11/29 23:45:51 djm Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | #ifndef HOSTFILE_H 15 | #define HOSTFILE_H 16 | 17 | typedef enum { 18 | HOST_OK, HOST_NEW, HOST_CHANGED, HOST_REVOKED, HOST_FOUND 19 | } HostStatus; 20 | 21 | typedef enum { 22 | MRK_ERROR, MRK_NONE, MRK_REVOKE, MRK_CA 23 | } HostkeyMarker; 24 | 25 | struct hostkey_entry { 26 | char *host; 27 | char *file; 28 | u_long line; 29 | struct sshkey *key; 30 | HostkeyMarker marker; 31 | }; 32 | struct hostkeys; 33 | 34 | struct hostkeys *init_hostkeys(void); 35 | void load_hostkeys(struct hostkeys *, const char *, const char *); 36 | void free_hostkeys(struct hostkeys *); 37 | 38 | HostStatus check_key_in_hostkeys(struct hostkeys *, struct sshkey *, 39 | const struct hostkey_entry **); 40 | int lookup_key_in_hostkeys_by_type(struct hostkeys *, int, 41 | const struct hostkey_entry **); 42 | 43 | int hostfile_read_key(char **, u_int *, struct sshkey *); 44 | int add_host_to_hostfile(const char *, const char *, 45 | const struct sshkey *, int); 46 | 47 | #define HASH_MAGIC "|1|" 48 | #define HASH_DELIM '|' 49 | 50 | #define CA_MARKER "@cert-authority" 51 | #define REVOKE_MARKER "@revoked" 52 | 53 | char *host_hash(const char *, const char *, u_int); 54 | 55 | #endif 56 | -------------------------------------------------------------------------------- /ssh/kex.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openssh/libopenssh/05dfdd5f54d9a1bae5544141a7ee65baa3313ecd/ssh/kex.h -------------------------------------------------------------------------------- /ssh/lib/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.66/Result of merge+Mon Dec 17 20:16:07 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/lib/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/lib 2 | -------------------------------------------------------------------------------- /ssh/lib/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/lib/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.66 2012/12/12 16:46:10 naddy Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | LIB= ssh 6 | SRCS= authfd.c authfile.c canohost.c \ 7 | channels.c cipher.c cipher-3des1.c cipher-bf1.c \ 8 | cleanup.c compat.c crc32.c deattack.c fatal.c \ 9 | hostfile.c log.c match.c nchan.c packet.c readpass.c \ 10 | rsa.c ttymodes.c xmalloc.c atomicio.c \ 11 | key.c dispatch.c kex.c mac.c uidswap.c uuencode.c misc.c \ 12 | ssh-dss.c ssh-rsa.c ssh-ecdsa.c dh.c kexdh.c kexgex.c kexecdh.c \ 13 | kexdhc.c kexgexc.c kexecdhc.c msg.c progressmeter.c dns.c \ 14 | monitor_fdpass.c umac.c addrmatch.c schnorr.c jpake.c ssh-pkcs11.c \ 15 | \ 16 | sshbuf-getput-basic.c \ 17 | sshbuf-getput-crypto.c \ 18 | sshbuf-misc.c \ 19 | sshbuf.c \ 20 | err.c 21 | 22 | SRCS+= kexdhs.c kexgexs.c kexecdhs.c 23 | SRCS+= ssh_api.c 24 | SRCS+= roaming_dummy.c 25 | 26 | SRCS+= umac128.c 27 | CLEANFILES+= umac128.c 28 | umac128.c: umac.c Makefile 29 | sed \ 30 | -e "s/^#define UMAC_OUTPUT_LEN 8/#define UMAC_OUTPUT_LEN 16/" \ 31 | -e s/umac_new/umac128_new/g \ 32 | -e s/umac_update/umac128_update/g \ 33 | -e s/umac_final/umac128_final/g \ 34 | -e s/umac_delete/umac128_delete/g \ 35 | < ${.CURDIR}/../umac.c > ${.TARGET} 36 | 37 | DEBUGLIBS= no 38 | NOPROFILE= yes 39 | 40 | install: 41 | @echo -n 42 | 43 | .include "${.CURDIR}/../Makefile.inc" 44 | .include 45 | 46 | .if (${KERBEROS5:L} == "yes") 47 | CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV 48 | 49 | SRCS+= gss-genr.c 50 | CFLAGS+= -DGSSAPI 51 | .endif # KERBEROS5 52 | 53 | NOPIC= yes 54 | .include 55 | -------------------------------------------------------------------------------- /ssh/lib/shlib_version: -------------------------------------------------------------------------------- 1 | major=1 2 | minor=0 3 | -------------------------------------------------------------------------------- /ssh/log.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: log.h,v 1.19 2012/09/06 04:37:39 dtucker Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | #ifndef SSH_LOG_H 16 | #define SSH_LOG_H 17 | 18 | /* Supported syslog facilities and levels. */ 19 | typedef enum { 20 | SYSLOG_FACILITY_DAEMON, 21 | SYSLOG_FACILITY_USER, 22 | SYSLOG_FACILITY_AUTH, 23 | SYSLOG_FACILITY_LOCAL0, 24 | SYSLOG_FACILITY_LOCAL1, 25 | SYSLOG_FACILITY_LOCAL2, 26 | SYSLOG_FACILITY_LOCAL3, 27 | SYSLOG_FACILITY_LOCAL4, 28 | SYSLOG_FACILITY_LOCAL5, 29 | SYSLOG_FACILITY_LOCAL6, 30 | SYSLOG_FACILITY_LOCAL7, 31 | SYSLOG_FACILITY_NOT_SET = -1 32 | } SyslogFacility; 33 | 34 | typedef enum { 35 | SYSLOG_LEVEL_QUIET, 36 | SYSLOG_LEVEL_FATAL, 37 | SYSLOG_LEVEL_ERROR, 38 | SYSLOG_LEVEL_INFO, 39 | SYSLOG_LEVEL_VERBOSE, 40 | SYSLOG_LEVEL_DEBUG1, 41 | SYSLOG_LEVEL_DEBUG2, 42 | SYSLOG_LEVEL_DEBUG3, 43 | SYSLOG_LEVEL_NOT_SET = -1 44 | } LogLevel; 45 | 46 | typedef void (log_handler_fn)(LogLevel, const char *, void *); 47 | 48 | void log_init(char *, LogLevel, SyslogFacility, int); 49 | void log_change_level(LogLevel); 50 | int log_is_on_stderr(void); 51 | 52 | SyslogFacility log_facility_number(char *); 53 | const char * log_facility_name(SyslogFacility); 54 | LogLevel log_level_number(char *); 55 | const char * log_level_name(LogLevel); 56 | 57 | void fatal(const char *, ...) __attribute__((noreturn)) 58 | __attribute__((format(printf, 1, 2))); 59 | void error(const char *, ...) __attribute__((format(printf, 1, 2))); 60 | void sigdie(const char *, ...) __attribute__((noreturn)) 61 | __attribute__((format(printf, 1, 2))); 62 | void logit(const char *, ...) __attribute__((format(printf, 1, 2))); 63 | void verbose(const char *, ...) __attribute__((format(printf, 1, 2))); 64 | void debug(const char *, ...) __attribute__((format(printf, 1, 2))); 65 | void debug2(const char *, ...) __attribute__((format(printf, 1, 2))); 66 | void debug3(const char *, ...) __attribute__((format(printf, 1, 2))); 67 | 68 | 69 | void set_log_handler(log_handler_fn *, void *); 70 | void do_log2(LogLevel, const char *, ...) 71 | __attribute__((format(printf, 2, 3))); 72 | void do_log(LogLevel, const char *, va_list); 73 | void cleanup_exit(int) __attribute__((noreturn)); 74 | #endif 75 | -------------------------------------------------------------------------------- /ssh/mac.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: mac.h,v 1.6 2007/06/07 19:37:34 pvalchev Exp $ */ 2 | /* 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | #ifndef SSHMAC_H 27 | #define SSHMAC_H 28 | 29 | #include 30 | #include 31 | #include 32 | 33 | #define MAC_DIGEST_LEN_MAX EVP_MAX_MD_SIZE 34 | 35 | struct sshmac { 36 | char *name; 37 | int enabled; 38 | u_int mac_len; 39 | u_char *key; 40 | u_int key_len; 41 | int type; 42 | int etm; /* Encrypt-then-MAC */ 43 | const EVP_MD *evp_md; 44 | HMAC_CTX evp_ctx; 45 | struct umac_ctx *umac_ctx; 46 | }; 47 | 48 | int mac_valid(const char *); 49 | int mac_setup(struct sshmac *, char *); 50 | int mac_init(struct sshmac *); 51 | int mac_compute(struct sshmac *, u_int32_t, const u_char *, int, 52 | u_char *, size_t); 53 | void mac_clear(struct sshmac *); 54 | 55 | #endif /* SSHMAC_H */ 56 | -------------------------------------------------------------------------------- /ssh/match.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: match.h,v 1.15 2010/02/26 20:29:54 djm Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | #ifndef MATCH_H 15 | #define MATCH_H 16 | 17 | int match_pattern(const char *, const char *); 18 | int match_pattern_list(const char *, const char *, u_int, int); 19 | int match_hostname(const char *, const char *, u_int); 20 | int match_host_and_ip(const char *, const char *, const char *); 21 | int match_user(const char *, const char *, const char *, const char *); 22 | char *match_list(const char *, const char *, u_int *); 23 | 24 | /* addrmatch.c */ 25 | int addr_match_list(const char *, const char *); 26 | int addr_match_cidr_list(const char *, const char *); 27 | #endif 28 | -------------------------------------------------------------------------------- /ssh/monitor_fdpass.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: monitor_fdpass.h,v 1.4 2007/09/04 03:21:03 djm Exp $ */ 2 | 3 | /* 4 | * Copyright 2002 Niels Provos 5 | * All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in the 14 | * documentation and/or other materials provided with the distribution. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | #ifndef _MM_FDPASS_H_ 29 | #define _MM_FDPASS_H_ 30 | 31 | int mm_send_fd(int, int); 32 | int mm_receive_fd(int); 33 | 34 | #endif /* _MM_FDPASS_H_ */ 35 | -------------------------------------------------------------------------------- /ssh/monitor_mm.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: monitor_mm.h,v 1.5 2008/04/29 11:20:31 otto Exp $ */ 2 | 3 | /* 4 | * Copyright 2002 Niels Provos 5 | * All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in the 14 | * documentation and/or other materials provided with the distribution. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | #ifndef _MM_H_ 29 | #define _MM_H_ 30 | 31 | struct mm_share { 32 | RB_ENTRY(mm_share) next; 33 | void *address; 34 | size_t size; 35 | }; 36 | 37 | struct mm_master { 38 | RB_HEAD(mmtree, mm_share) rb_free; 39 | struct mmtree rb_allocated; 40 | void *address; 41 | size_t size; 42 | 43 | struct mm_master *mmalloc; /* Used to completely share */ 44 | }; 45 | 46 | RB_PROTOTYPE(mmtree, mm_share, next, mm_compare) 47 | 48 | #define MM_MINSIZE 128 49 | 50 | #define MM_ADDRESS_END(x) (void *)((u_char *)(x)->address + (x)->size) 51 | 52 | struct mm_master *mm_create(struct mm_master *, size_t); 53 | void mm_destroy(struct mm_master *); 54 | 55 | void mm_share_sync(struct mm_master **, struct mm_master **); 56 | 57 | void *mm_malloc(struct mm_master *, size_t); 58 | void *mm_xmalloc(struct mm_master *, size_t); 59 | void mm_free(struct mm_master *, void *); 60 | 61 | void mm_memvalid(struct mm_master *, void *, size_t); 62 | #endif /* _MM_H_ */ 63 | -------------------------------------------------------------------------------- /ssh/msg.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: msg.h,v 1.4 2006/03/25 22:22:43 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | #ifndef SSH_MSG_H 26 | #define SSH_MSG_H 27 | 28 | struct sshbuf; 29 | int ssh_msg_send(int, u_char, struct sshbuf *); 30 | int ssh_msg_recv(int, struct sshbuf *); 31 | 32 | #endif 33 | -------------------------------------------------------------------------------- /ssh/progressmeter.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: progressmeter.h,v 1.2 2006/03/25 22:22:43 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2002 Nils Nordman. All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions 7 | * are met: 8 | * 1. Redistributions of source code must retain the above copyright 9 | * notice, this list of conditions and the following disclaimer. 10 | * 2. Redistributions in binary form must reproduce the above copyright 11 | * notice, this list of conditions and the following disclaimer in the 12 | * documentation and/or other materials provided with the distribution. 13 | * 14 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 | */ 25 | 26 | void start_progress_meter(char *, off_t, off_t *); 27 | void stop_progress_meter(void); 28 | -------------------------------------------------------------------------------- /ssh/roaming.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: roaming.h,v 1.6 2011/12/07 05:44:38 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2004-2009 AppGate Network Security AB 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | #ifndef ROAMING_H 19 | #define ROAMING_H 20 | 21 | #define DEFAULT_ROAMBUF 65536 22 | #define MAX_ROAMBUF (2*1024*1024) /* XXX arbitrary */ 23 | #define ROAMING_REQUEST "roaming@appgate.com" 24 | 25 | struct ssh; 26 | 27 | extern int roaming_enabled; 28 | extern int resume_in_progress; 29 | struct ssh; 30 | 31 | void request_roaming(struct ssh *ssh); 32 | int get_snd_buf_size(struct ssh *ssh); 33 | int get_recv_buf_size(struct ssh *ssh); 34 | void add_recv_bytes(u_int64_t); 35 | int wait_for_roaming_reconnect(void); 36 | void roaming_reply(struct ssh *, int, u_int32_t, void *); 37 | void set_out_buffer_size(size_t); 38 | ssize_t roaming_write(int, const void *, size_t, int *); 39 | ssize_t roaming_read(int, void *, size_t, int *); 40 | size_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t); 41 | u_int64_t get_recv_bytes(void); 42 | u_int64_t get_sent_bytes(void); 43 | void roam_set_bytes(u_int64_t, u_int64_t); 44 | void resend_bytes(int, u_int64_t *); 45 | void calculate_new_key(u_int64_t *, u_int64_t, u_int64_t); 46 | int resume_kex(void); 47 | 48 | #endif /* ROAMING */ 49 | -------------------------------------------------------------------------------- /ssh/roaming_dummy.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: roaming_dummy.c,v 1.3 2009/06/21 09:04:03 dtucker Exp $ */ 2 | /* 3 | * Copyright (c) 2004-2009 AppGate Network Security AB 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | /* 19 | * This file is included in the client programs which should not 20 | * support roaming. 21 | */ 22 | 23 | #include 24 | #include 25 | 26 | #include "roaming.h" 27 | 28 | int resume_in_progress = 0; 29 | 30 | u_int64_t 31 | get_recv_bytes(void) 32 | { 33 | return 0; 34 | } 35 | 36 | u_int64_t 37 | get_sent_bytes(void) 38 | { 39 | return 0; 40 | } 41 | 42 | void 43 | roam_set_bytes(u_int64_t sent, u_int64_t recvd) 44 | { 45 | } 46 | 47 | ssize_t 48 | roaming_write(int fd, const void *buf, size_t count, int *cont) 49 | { 50 | return write(fd, buf, count); 51 | } 52 | 53 | ssize_t 54 | roaming_read(int fd, void *buf, size_t count, int *cont) 55 | { 56 | if (cont) 57 | *cont = 0; 58 | return read(fd, buf, count); 59 | } 60 | 61 | void 62 | add_recv_bytes(u_int64_t num) 63 | { 64 | } 65 | 66 | int 67 | resume_kex(void) 68 | { 69 | return 1; 70 | } 71 | -------------------------------------------------------------------------------- /ssh/roaming_serv.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: roaming_serv.c,v 1.1 2009/10/24 11:18:23 andreas Exp $ */ 2 | /* 3 | * Copyright (c) 2004-2009 AppGate Network Security AB 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | #include 19 | 20 | #include "roaming.h" 21 | 22 | /* 23 | * Wait for the roaming client to reconnect. Returns 0 if a connect ocurred. 24 | */ 25 | int 26 | wait_for_roaming_reconnect(void) 27 | { 28 | return 1; 29 | } 30 | -------------------------------------------------------------------------------- /ssh/rsa.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: rsa.h,v 1.16 2006/03/25 22:22:43 djm Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * RSA key generation, encryption and decryption. 8 | * 9 | * As far as I am concerned, the code I have written for this software 10 | * can be used freely for any purpose. Any derived versions of this 11 | * software must be clearly marked as such, and if the derived work is 12 | * incompatible with the protocol description in the RFC file, it must be 13 | * called by a name other than "ssh" or "Secure Shell". 14 | */ 15 | 16 | #ifndef RSA_H 17 | #define RSA_H 18 | 19 | #include 20 | #include 21 | 22 | int rsa_public_encrypt(BIGNUM *, BIGNUM *, RSA *); 23 | int rsa_private_decrypt(BIGNUM *, BIGNUM *, RSA *); 24 | int rsa_generate_additional_parameters(RSA *); 25 | 26 | #endif /* RSA_H */ 27 | -------------------------------------------------------------------------------- /ssh/sandbox-rlimit.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sandbox-rlimit.c,v 1.3 2011/06/23 09:34:13 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2011 Damien Miller 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | 23 | #include 24 | #include 25 | #include 26 | #include 27 | #include 28 | #include 29 | 30 | #include "log.h" 31 | #include "ssh-sandbox.h" 32 | #include "xmalloc.h" 33 | 34 | /* Minimal sandbox that sets zero nfiles, nprocs and filesize rlimits */ 35 | 36 | struct ssh_sandbox { 37 | pid_t child_pid; 38 | }; 39 | 40 | struct ssh_sandbox * 41 | ssh_sandbox_init(void) 42 | { 43 | struct ssh_sandbox *box; 44 | 45 | /* 46 | * Strictly, we don't need to maintain any state here but we need 47 | * to return non-NULL to satisfy the API. 48 | */ 49 | debug3("%s: preparing rlimit sandbox", __func__); 50 | box = xcalloc(1, sizeof(*box)); 51 | box->child_pid = 0; 52 | 53 | return box; 54 | } 55 | 56 | void 57 | ssh_sandbox_child(struct ssh_sandbox *box) 58 | { 59 | struct rlimit rl_zero; 60 | 61 | rl_zero.rlim_cur = rl_zero.rlim_max = 0; 62 | 63 | if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1) 64 | fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s", 65 | __func__, strerror(errno)); 66 | if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1) 67 | fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s", 68 | __func__, strerror(errno)); 69 | if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1) 70 | fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s", 71 | __func__, strerror(errno)); 72 | } 73 | 74 | void 75 | ssh_sandbox_parent_finish(struct ssh_sandbox *box) 76 | { 77 | free(box); 78 | debug3("%s: finished", __func__); 79 | } 80 | 81 | void 82 | ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid) 83 | { 84 | box->child_pid = child_pid; 85 | /* Nothing to do here */ 86 | } 87 | 88 | -------------------------------------------------------------------------------- /ssh/schnorr.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: schnorr.h,v 1.1 2009/03/05 07:18:19 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2009 Damien Miller. All rights reserved. 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | #ifndef SCHNORR_H 19 | #define SCHNORR_H 20 | 21 | #include 22 | 23 | #include 24 | 25 | struct modp_group { 26 | BIGNUM *p, *q, *g; 27 | }; 28 | 29 | BIGNUM *bn_rand_range_gt_one(const BIGNUM *high); 30 | int hash_buffer(const u_char *, u_int, const EVP_MD *, u_char **, u_int *); 31 | void debug3_bn(const BIGNUM *, const char *, ...) 32 | __attribute__((__nonnull__ (2))) 33 | __attribute__((format(printf, 2, 3))); 34 | void debug3_buf(const u_char *, u_int, const char *, ...) 35 | __attribute__((__nonnull__ (3))) 36 | __attribute__((format(printf, 3, 4))); 37 | struct modp_group *modp_group_from_g_and_safe_p(const char *, const char *); 38 | void modp_group_free(struct modp_group *); 39 | 40 | /* Signature and verification functions */ 41 | int 42 | schnorr_sign(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, 43 | const EVP_MD *evp_md, const BIGNUM *x, const BIGNUM *g_x, 44 | const u_char *id, u_int idlen, BIGNUM **r_p, BIGNUM **e_p); 45 | int 46 | schnorr_sign_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, 47 | const BIGNUM *x, const BIGNUM *g_x, const u_char *id, u_int idlen, 48 | u_char **sig, u_int *siglen); 49 | int 50 | schnorr_verify(const BIGNUM *grp_p, const BIGNUM *grp_q, const BIGNUM *grp_g, 51 | const EVP_MD *evp_md, const BIGNUM *g_x, const u_char *id, u_int idlen, 52 | const BIGNUM *r, const BIGNUM *e); 53 | int 54 | schnorr_verify_buf(const BIGNUM *grp_p, const BIGNUM *grp_q, 55 | const BIGNUM *grp_g, 56 | const BIGNUM *g_x, const u_char *id, u_int idlen, 57 | const u_char *sig, u_int siglen); 58 | 59 | #endif /* JPAKE_H */ 60 | 61 | -------------------------------------------------------------------------------- /ssh/scp/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.16/Mon Mar 19 16:04:54 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/scp/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/scp 2 | -------------------------------------------------------------------------------- /ssh/scp/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/scp/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.16 2003/01/12 16:59:14 markus Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= scp 6 | BINOWN= root 7 | 8 | BINMODE?=555 9 | 10 | BINDIR= /usr/bin 11 | MAN= scp.1 12 | 13 | SRCS= scp.c 14 | 15 | .include 16 | -------------------------------------------------------------------------------- /ssh/serverloop.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: serverloop.h,v 1.6 2006/03/25 22:22:43 djm Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | /* 15 | * Performs the interactive session. This handles data transmission between 16 | * the client and the program. Note that the notion of stdin, stdout, and 17 | * stderr in this function is sort of reversed: this function writes to stdin 18 | * (of the child program), and reads from stdout and stderr (of the child 19 | * program). 20 | */ 21 | #ifndef SERVERLOOP_H 22 | #define SERVERLOOP_H 23 | 24 | void server_loop(pid_t, int, int, int); 25 | void server_loop2(struct ssh *); 26 | 27 | #endif 28 | -------------------------------------------------------------------------------- /ssh/session.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: session.h,v 1.30 2008/05/08 12:21:16 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | #ifndef SESSION_H 27 | #define SESSION_H 28 | 29 | #define TTYSZ 64 30 | typedef struct Session Session; 31 | struct Session { 32 | struct ssh *ssh; 33 | 34 | int used; 35 | int self; 36 | int next_unused; 37 | struct passwd *pw; 38 | Authctxt *authctxt; 39 | pid_t pid; 40 | 41 | /* tty */ 42 | char *term; 43 | int ptyfd, ttyfd, ptymaster; 44 | u_int row, col, xpixel, ypixel; 45 | char tty[TTYSZ]; 46 | 47 | /* X11 */ 48 | u_int display_number; 49 | char *display; 50 | u_int screen; 51 | char *auth_display; 52 | char *auth_proto; 53 | char *auth_data; 54 | u_char single_connection; 55 | 56 | /* proto 2 */ 57 | int chanid; 58 | int *x11_chanids; 59 | int is_subsystem; 60 | u_int num_env; 61 | struct { 62 | char *name; 63 | char *val; 64 | } *env; 65 | }; 66 | 67 | void do_authenticated(struct ssh *); 68 | void do_cleanup(Authctxt *); 69 | 70 | int session_open(struct ssh *, int); 71 | void session_unused(int); 72 | int session_input_channel_req(Channel *, const char *); 73 | void session_close_by_pid(pid_t, int); 74 | void session_close_by_channel(int, void *); 75 | void session_destroy_all(void (*)(Session *)); 76 | void session_pty_cleanup2(Session *); 77 | 78 | Session *session_new(void); 79 | Session *session_by_tty(char *); 80 | void session_close(Session *); 81 | void do_setusercontext(struct passwd *); 82 | void child_set_env(char ***envp, u_int *envsizep, const char *name, 83 | const char *value); 84 | 85 | #endif 86 | -------------------------------------------------------------------------------- /ssh/sftp-common.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sftp-common.h,v 1.11 2010/01/13 01:40:16 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2001 Markus Friedl. All rights reserved. 5 | * Copyright (c) 2001 Damien Miller. All rights reserved. 6 | * 7 | * Redistribution and use in source and binary forms, with or without 8 | * modification, are permitted provided that the following conditions 9 | * are met: 10 | * 1. Redistributions of source code must retain the above copyright 11 | * notice, this list of conditions and the following disclaimer. 12 | * 2. Redistributions in binary form must reproduce the above copyright 13 | * notice, this list of conditions and the following disclaimer in the 14 | * documentation and/or other materials provided with the distribution. 15 | * 16 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | */ 27 | 28 | /* Maximum packet that we are willing to send/accept */ 29 | #define SFTP_MAX_MSG_LENGTH (256 * 1024) 30 | 31 | struct sshbuf; 32 | typedef struct Attrib Attrib; 33 | 34 | /* File attributes */ 35 | struct Attrib { 36 | u_int32_t flags; 37 | u_int64_t size; 38 | u_int32_t uid; 39 | u_int32_t gid; 40 | u_int32_t perm; 41 | u_int32_t atime; 42 | u_int32_t mtime; 43 | }; 44 | 45 | void attrib_clear(Attrib *); 46 | void stat_to_attrib(const struct stat *, Attrib *); 47 | void attrib_to_stat(const Attrib *, struct stat *); 48 | int decode_attrib(struct sshbuf *, Attrib *); 49 | int encode_attrib(struct sshbuf *, const Attrib *); 50 | char *ls_file(const char *, const struct stat *, int, int); 51 | 52 | const char *fx2txt(int); 53 | -------------------------------------------------------------------------------- /ssh/sftp-server-main.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sftp-server-main.c,v 1.4 2009/02/21 19:32:04 tobias Exp $ */ 2 | /* 3 | * Copyright (c) 2008 Markus Friedl. All rights reserved. 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | 24 | #include "log.h" 25 | #include "sftp.h" 26 | #include "misc.h" 27 | 28 | void 29 | cleanup_exit(int i) 30 | { 31 | sftp_server_cleanup_exit(i); 32 | } 33 | 34 | int 35 | main(int argc, char **argv) 36 | { 37 | struct passwd *user_pw; 38 | 39 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 40 | sanitise_stdfd(); 41 | 42 | if ((user_pw = getpwuid(getuid())) == NULL) { 43 | fprintf(stderr, "No user found for uid %lu\n", 44 | (u_long)getuid()); 45 | return 1; 46 | } 47 | 48 | return (sftp_server_main(argc, argv, user_pw)); 49 | } 50 | -------------------------------------------------------------------------------- /ssh/sftp-server/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.8/Mon Mar 19 16:04:54 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/sftp-server/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/sftp-server 2 | -------------------------------------------------------------------------------- /ssh/sftp-server/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/sftp-server/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.8 2010/01/13 01:40:16 djm Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= sftp-server 6 | BINOWN= root 7 | 8 | BINMODE?=555 9 | 10 | BINDIR= /usr/libexec 11 | MAN= sftp-server.8 12 | 13 | SRCS= sftp-server.c sftp-common.c sftp-server-main.c 14 | 15 | LDADD+= -lutil 16 | 17 | .include 18 | -------------------------------------------------------------------------------- /ssh/sftp/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.11/Mon Mar 19 16:04:54 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/sftp/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/sftp 2 | -------------------------------------------------------------------------------- /ssh/sftp/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/sftp/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.11 2008/04/18 12:32:11 djm Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= sftp 6 | BINOWN= root 7 | 8 | BINMODE?=555 9 | 10 | BINDIR= /usr/bin 11 | MAN= sftp.1 12 | 13 | SRCS= sftp.c sftp-client.c sftp-common.c sftp-glob.c 14 | 15 | .include 16 | 17 | LDADD+= -ledit -ltermcap -lutil 18 | -------------------------------------------------------------------------------- /ssh/ssh-add/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.20/Mon Mar 19 16:04:54 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/ssh-add/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/ssh-add 2 | -------------------------------------------------------------------------------- /ssh/ssh-add/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/ssh-add/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.20 2001/03/04 00:51:25 markus Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-add 6 | BINOWN= root 7 | 8 | BINMODE?=555 9 | 10 | BINDIR= /usr/bin 11 | MAN= ssh-add.1 12 | 13 | SRCS= ssh-add.c 14 | 15 | .include 16 | 17 | LDADD+= -lcrypto 18 | DPADD+= ${LIBCRYPTO} 19 | -------------------------------------------------------------------------------- /ssh/ssh-agent/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.24/Mon Mar 19 16:04:54 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/ssh-agent/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/ssh-agent 2 | -------------------------------------------------------------------------------- /ssh/ssh-agent/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/ssh-agent/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.24 2010/02/09 08:55:31 markus Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-agent 6 | BINOWN= root 7 | BINGRP= _sshagnt 8 | 9 | BINMODE?=2555 10 | 11 | BINDIR= /usr/bin 12 | MAN= ssh-agent.1 13 | 14 | SRCS= ssh-agent.c ssh-pkcs11-client.c 15 | 16 | .include 17 | 18 | LDADD+= -lcrypto 19 | DPADD+= ${LIBCRYPTO} 20 | -------------------------------------------------------------------------------- /ssh/ssh-keygen/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.22/Mon Mar 19 16:04:54 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/ssh-keygen/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/ssh-keygen 2 | -------------------------------------------------------------------------------- /ssh/ssh-keygen/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/ssh-keygen/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.22 2003/07/28 09:49:56 djm Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-keygen 6 | BINOWN= root 7 | 8 | BINMODE?=555 9 | 10 | BINDIR= /usr/bin 11 | MAN= ssh-keygen.1 12 | 13 | SRCS= ssh-keygen.c moduli.c 14 | 15 | .include 16 | 17 | LDADD+= -lcrypto 18 | DPADD+= ${LIBCRYPTO} 19 | -------------------------------------------------------------------------------- /ssh/ssh-keyscan/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.5/Thu May 28 16:50:16 2009// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/ssh-keyscan/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/ssh-keyscan 2 | -------------------------------------------------------------------------------- /ssh/ssh-keyscan/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/ssh-keyscan/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.5 2009/05/28 16:50:16 andreas Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-keyscan 6 | BINOWN= root 7 | 8 | BINMODE?=555 9 | 10 | BINDIR= /usr/bin 11 | MAN= ssh-keyscan.1 12 | 13 | SRCS= ssh-keyscan.c 14 | 15 | .include 16 | 17 | LDADD+= -lcrypto -lz 18 | DPADD+= ${LIBCRYPTO} ${LIBZ} 19 | -------------------------------------------------------------------------------- /ssh/ssh-keysign/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.6/Thu May 28 16:50:16 2009// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/ssh-keysign/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/ssh-keysign 2 | -------------------------------------------------------------------------------- /ssh/ssh-keysign/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/ssh-keysign/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.6 2009/05/28 16:50:16 andreas Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-keysign 6 | BINOWN= root 7 | 8 | BINMODE?=4555 9 | 10 | BINDIR= /usr/libexec 11 | MAN= ssh-keysign.8 12 | 13 | SRCS= ssh-keysign.c readconf.c 14 | 15 | .include 16 | 17 | LDADD+= -lcrypto -lz 18 | DPADD+= ${LIBCRYPTO} ${LIBZ} 19 | -------------------------------------------------------------------------------- /ssh/ssh-pkcs11-helper.8: -------------------------------------------------------------------------------- 1 | .\" $OpenBSD: ssh-pkcs11-helper.8,v 1.3 2010/02/10 23:20:38 markus Exp $ 2 | .\" 3 | .\" Copyright (c) 2010 Markus Friedl. All rights reserved. 4 | .\" 5 | .\" Permission to use, copy, modify, and distribute this software for any 6 | .\" purpose with or without fee is hereby granted, provided that the above 7 | .\" copyright notice and this permission notice appear in all copies. 8 | .\" 9 | .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | .\" 17 | .Dd $Mdocdate: February 10 2010 $ 18 | .Dt SSH-PKCS11-HELPER 8 19 | .Os 20 | .Sh NAME 21 | .Nm ssh-pkcs11-helper 22 | .Nd ssh-agent helper program for PKCS#11 support 23 | .Sh SYNOPSIS 24 | .Nm 25 | .Sh DESCRIPTION 26 | .Nm 27 | is used by 28 | .Xr ssh-agent 1 29 | to access keys provided by a PKCS#11 token. 30 | .Pp 31 | .Nm 32 | is not intended to be invoked by the user, but from 33 | .Xr ssh-agent 1 . 34 | .Sh SEE ALSO 35 | .Xr ssh 1 , 36 | .Xr ssh-add 1 , 37 | .Xr ssh-agent 1 38 | .Sh HISTORY 39 | .Nm 40 | first appeared in 41 | .Ox 4.7 . 42 | .Sh AUTHORS 43 | .An Markus Friedl Aq markus@openbsd.org 44 | -------------------------------------------------------------------------------- /ssh/ssh-pkcs11-helper/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.2/Mon Mar 19 16:04:54 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/ssh-pkcs11-helper/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/ssh-pkcs11-helper 2 | -------------------------------------------------------------------------------- /ssh/ssh-pkcs11-helper/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/ssh-pkcs11-helper/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.2 2010/02/09 08:25:32 markus Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-pkcs11-helper 6 | BINOWN= root 7 | 8 | BINMODE?=555 9 | 10 | BINDIR= /usr/libexec 11 | MAN= ssh-pkcs11-helper.8 12 | 13 | SRCS= ssh-pkcs11-helper.c ssh-pkcs11.c 14 | 15 | .include 16 | 17 | LDADD+= -lcrypto 18 | DPADD+= ${LIBCRYPTO} 19 | -------------------------------------------------------------------------------- /ssh/ssh-pkcs11.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: ssh-pkcs11.h,v 1.2 2010/02/24 06:12:53 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2010 Markus Friedl. All rights reserved. 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | int pkcs11_init(int); 18 | void pkcs11_terminate(void); 19 | int pkcs11_add_provider(char *, char *, struct sshkey ***); 20 | int pkcs11_del_provider(char *); 21 | -------------------------------------------------------------------------------- /ssh/ssh-proxy.txt: -------------------------------------------------------------------------------- 1 | # example usage of proxy: 2 | # generate hostkey 3 | test -f /tmp/hk2 || ssh-keygen -N '' -t ecdsa -f /tmp/hk2 4 | # get known hostkey for target (127.0.0.1:22) 5 | ssh-keyscan -t ecdsa 127.0.0.1 | sed 's/^[^ ]* //' > /tmp/hk.pub 6 | # start proxy in foreground, enable packet dumping (except auth-requests) 7 | ./ssh-proxy/obj/ssh-proxy -S /tmp/hk2 -C /tmp/hk.pub -L 127.0.0.1:12345:127.0.0.1:22 -dDf 8 | # connect 9 | ssh -o hostkeyalias'='egal2 -v 127.0.0.1 -p 12345 10 | -------------------------------------------------------------------------------- /ssh/ssh-proxy/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.24 2010/02/09 08:55:31 markus Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-proxy 6 | 7 | BINDIR= /usr/sbin 8 | NOMAN= yes 9 | 10 | SRCS= ssh-proxy.c readconf.c 11 | 12 | .include 13 | 14 | DPADD+= ${LIBCRYPTO} ${LIBZ} ${LIBEVENT} 15 | LDADD+= -lcrypto -lz -levent 16 | -------------------------------------------------------------------------------- /ssh/ssh-proxy/Makefile2: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.24 2010/02/09 08:55:31 markus Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh-proxy 6 | 7 | BINDIR= /usr/sbin 8 | NOMAN= yes 9 | 10 | 11 | SRCS= ssh-proxy.c 12 | SRCS+= \ 13 | addrmatch.c \ 14 | atomicio.c \ 15 | authfile.c \ 16 | cipher-3des1.c \ 17 | cipher-bf1.c \ 18 | cipher-ctr.c \ 19 | cipher.c \ 20 | cleanup.c \ 21 | compat.c \ 22 | crc32.c \ 23 | deattack.c \ 24 | dh.c \ 25 | dispatch.c \ 26 | err.c \ 27 | kex.c \ 28 | kexdh.c \ 29 | kexdhc.c \ 30 | kexdhs.c \ 31 | kexecdh.c \ 32 | kexecdhc.c \ 33 | kexecdhs.c \ 34 | kexgex.c \ 35 | kexgexc.c \ 36 | kexgexs.c \ 37 | key.c \ 38 | mac.c \ 39 | match.c \ 40 | misc.c \ 41 | packet.c \ 42 | readconf.c \ 43 | roaming_dummy.c \ 44 | rsa.c \ 45 | ssh-dss.c \ 46 | ssh-ecdsa.c \ 47 | ssh-rsa.c \ 48 | ssh_api.c \ 49 | sshbuf-getput-basic.c \ 50 | sshbuf-getput-crypto.c \ 51 | sshbuf-misc.c \ 52 | sshbuf.c \ 53 | umac.c \ 54 | 55 | # provides get_peer_ipaddr(), depends on active_state 56 | SRCS+= canohost.c 57 | # provides logging and fatal() 58 | SRCS+= log.c 59 | SRCS+= fatal.c 60 | # uses fatal, used by readconf+misc 61 | SRCS+= xmalloc.c 62 | # provides active state 63 | SRCS+= opacket.c 64 | 65 | .include 66 | 67 | DPADD= ${LIBCRYPTO} ${LIBZ} ${LIBEVENT} 68 | LDADD= -lcrypto -lz -levent 69 | -------------------------------------------------------------------------------- /ssh/ssh-sandbox.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: ssh-sandbox.h,v 1.1 2011/06/23 09:34:13 djm Exp $ */ 2 | /* 3 | * Copyright (c) 2011 Damien Miller 4 | * 5 | * Permission to use, copy, modify, and distribute this software for any 6 | * purpose with or without fee is hereby granted, provided that the above 7 | * copyright notice and this permission notice appear in all copies. 8 | * 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 | */ 17 | 18 | struct ssh_sandbox; 19 | 20 | struct ssh_sandbox *ssh_sandbox_init(void); 21 | void ssh_sandbox_child(struct ssh_sandbox *); 22 | void ssh_sandbox_parent_finish(struct ssh_sandbox *); 23 | void ssh_sandbox_parent_preauth(struct ssh_sandbox *, pid_t); 24 | -------------------------------------------------------------------------------- /ssh/ssh/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.56/Mon Sep 17 19:41:04 2012// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/ssh/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/ssh 2 | -------------------------------------------------------------------------------- /ssh/ssh/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/ssh/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.56 2012/08/24 19:50:19 deraadt Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= ssh 6 | BINOWN= root 7 | 8 | #BINMODE?=4555 9 | 10 | BINDIR= /usr/bin 11 | MAN= ssh.1 ssh_config.5 12 | LINKS= ${BINDIR}/ssh ${BINDIR}/slogin 13 | MLINKS= ssh.1 slogin.1 14 | 15 | SRCS= ssh.c readconf.c clientloop.c sshtty.c \ 16 | sshconnect.c sshconnect1.c sshconnect2.c mux.c \ 17 | roaming_common.c roaming_client.c 18 | 19 | .include 20 | 21 | .if (${KERBEROS5:L} == "yes") 22 | CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV -DGSSAPI 23 | .endif # KERBEROS5 24 | 25 | .include 26 | 27 | .if (${KERBEROS5:L} == "yes") 28 | DPADD+= ${LIBGSSAPI} ${LIBKRB5} 29 | LDADD+= -lgssapi -lkrb5 30 | .endif # KERBEROS5 31 | 32 | DPADD+= ${LIBCRYPTO} ${LIBZ} 33 | LDADD+= -lcrypto -lz 34 | -------------------------------------------------------------------------------- /ssh/ssh_config: -------------------------------------------------------------------------------- 1 | # $OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $ 2 | 3 | # This is the ssh client system-wide configuration file. See 4 | # ssh_config(5) for more information. This file provides defaults for 5 | # users, and the values can be changed in per-user configuration files 6 | # or on the command line. 7 | 8 | # Configuration data is parsed as follows: 9 | # 1. command line options 10 | # 2. user-specific file 11 | # 3. system-wide file 12 | # Any configuration value is only changed the first time it is set. 13 | # Thus, host-specific definitions should be at the beginning of the 14 | # configuration file, and defaults at the end. 15 | 16 | # Site-wide defaults for some commonly used options. For a comprehensive 17 | # list of available options, their meanings and defaults, please see the 18 | # ssh_config(5) man page. 19 | 20 | # Host * 21 | # ForwardAgent no 22 | # ForwardX11 no 23 | # RhostsRSAAuthentication no 24 | # RSAAuthentication yes 25 | # PasswordAuthentication yes 26 | # HostbasedAuthentication no 27 | # GSSAPIAuthentication no 28 | # GSSAPIDelegateCredentials no 29 | # BatchMode no 30 | # CheckHostIP yes 31 | # AddressFamily any 32 | # ConnectTimeout 0 33 | # StrictHostKeyChecking ask 34 | # IdentityFile ~/.ssh/identity 35 | # IdentityFile ~/.ssh/id_rsa 36 | # IdentityFile ~/.ssh/id_dsa 37 | # Port 22 38 | # Protocol 2,1 39 | # Cipher 3des 40 | # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc 41 | # MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 42 | # EscapeChar ~ 43 | # Tunnel no 44 | # TunnelDevice any:any 45 | # PermitLocalCommand no 46 | # VisualHostKey no 47 | # ProxyCommand ssh -q -W %h:%p gateway.example.com 48 | -------------------------------------------------------------------------------- /ssh/sshconnect.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sshconnect.h,v 1.27 2010/11/29 23:45:51 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | struct ssh; 28 | typedef struct Sensitive Sensitive; 29 | struct Sensitive { 30 | struct sshkey **keys; 31 | int nkeys; 32 | int external_keysign; 33 | }; 34 | 35 | struct ssh * 36 | ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int, 37 | int *, int, int, const char *); 38 | void ssh_kill_proxy_command(void); 39 | 40 | void ssh_login(struct ssh *, Sensitive *, const char *, struct sockaddr *, 41 | u_short, struct passwd *, int); 42 | 43 | void ssh_exchange_identification(struct ssh *, int); 44 | 45 | int verify_host_key(char *, struct sockaddr *, struct sshkey *); 46 | 47 | void get_hostfile_hostname_ipaddr(char *, struct sockaddr *, u_short, 48 | char **, char **); 49 | 50 | void ssh_kex(struct ssh *, char *, struct sockaddr *); 51 | void ssh_kex2(struct ssh *, u_short); 52 | 53 | void ssh_userauth1(struct ssh *, const char *, const char *, char *, Sensitive *); 54 | void ssh_userauth2(struct ssh *, const char *, const char *, Sensitive *); 55 | 56 | int ssh_put_password(struct ssh *, char *); 57 | int ssh_local_cmd(const char *); 58 | 59 | /* 60 | * Macros to raise/lower permissions. 61 | */ 62 | #define PRIV_START do { \ 63 | int save_errno = errno; \ 64 | if (seteuid(original_effective_uid) != 0) \ 65 | fatal("PRIV_START: seteuid: %s", \ 66 | strerror(errno)); \ 67 | errno = save_errno; \ 68 | } while (0) 69 | 70 | #define PRIV_END do { \ 71 | int save_errno = errno; \ 72 | if (seteuid(original_real_uid) != 0) \ 73 | fatal("PRIV_END: seteuid: %s", \ 74 | strerror(errno)); \ 75 | errno = save_errno; \ 76 | } while (0) 77 | -------------------------------------------------------------------------------- /ssh/sshd/CVS/Entries: -------------------------------------------------------------------------------- 1 | /Makefile/1.73/Wed Jun 22 21:57:01 2011// 2 | D 3 | -------------------------------------------------------------------------------- /ssh/sshd/CVS/Repository: -------------------------------------------------------------------------------- 1 | src/usr.bin/ssh/sshd 2 | -------------------------------------------------------------------------------- /ssh/sshd/CVS/Root: -------------------------------------------------------------------------------- 1 | /cvs 2 | -------------------------------------------------------------------------------- /ssh/sshd/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD: Makefile,v 1.73 2011/06/22 21:57:01 djm Exp $ 2 | 3 | .PATH: ${.CURDIR}/.. 4 | 5 | PROG= sshd 6 | BINOWN= root 7 | BINMODE=555 8 | BINDIR= /usr/sbin 9 | MAN= sshd.8 sshd_config.5 10 | 11 | SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \ 12 | sshpty.c sshlogin.c servconf.c serverloop.c \ 13 | auth.c auth1.c auth2.c auth-options.c session.c \ 14 | auth-chall.c auth2-chall.c groupaccess.c \ 15 | auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c auth2-jpake.c \ 16 | auth2-none.c auth2-passwd.c auth2-pubkey.c \ 17 | monitor_mm.c monitor.c monitor_wrap.c \ 18 | sftp-server.c sftp-common.c \ 19 | roaming_common.c roaming_serv.c sandbox-systrace.c 20 | 21 | .include # for KERBEROS and AFS 22 | 23 | .if (${KERBEROS5:L} == "yes") 24 | CFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/kerberosV -DGSSAPI 25 | SRCS+= auth-krb5.c auth2-gss.c gss-serv.c gss-serv-krb5.c 26 | .endif 27 | 28 | .include 29 | 30 | .if (${KERBEROS5:L} == "yes") 31 | LDADD+= -lgssapi -lkrb5 -lkafs 32 | DPADD+= ${LIBGSSAPI} ${LIBKRB5} 33 | .endif 34 | 35 | DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} 36 | LDADD+= -lcrypto -lutil -lz 37 | 38 | .if (${TCP_WRAPPERS:L} == "yes") 39 | CFLAGS+= -DLIBWRAP 40 | DPADD+= ${LIBWRAP} 41 | LDADD+= -lwrap 42 | .endif 43 | -------------------------------------------------------------------------------- /ssh/sshlogin.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sshlogin.h,v 1.8 2006/08/03 03:34:42 deraadt Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | void 16 | record_login(pid_t, const char *, const char *, uid_t, 17 | const char *, struct sockaddr *, socklen_t); 18 | void record_logout(pid_t, const char *); 19 | time_t get_last_login_time(uid_t, const char *, char *, size_t); 20 | -------------------------------------------------------------------------------- /ssh/sshpty.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: sshpty.h,v 1.12 2010/01/09 05:04:24 djm Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * Functions for allocating a pseudo-terminal and making it the controlling 8 | * tty. 9 | * 10 | * As far as I am concerned, the code I have written for this software 11 | * can be used freely for any purpose. Any derived versions of this 12 | * software must be clearly marked as such, and if the derived work is 13 | * incompatible with the protocol description in the RFC file, it must be 14 | * called by a name other than "ssh" or "Secure Shell". 15 | */ 16 | 17 | #include 18 | 19 | struct termios *get_saved_tio(void); 20 | void leave_raw_mode(int); 21 | void enter_raw_mode(int); 22 | 23 | int pty_allocate(int *, int *, char *, size_t); 24 | void pty_release(const char *); 25 | void pty_make_controlling_tty(int *, const char *); 26 | void pty_change_window_size(int, u_int, u_int, u_int, u_int); 27 | void pty_setowner(struct passwd *, const char *); 28 | -------------------------------------------------------------------------------- /ssh/uidswap.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: uidswap.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * 8 | * As far as I am concerned, the code I have written for this software 9 | * can be used freely for any purpose. Any derived versions of this 10 | * software must be clearly marked as such, and if the derived work is 11 | * incompatible with the protocol description in the RFC file, it must be 12 | * called by a name other than "ssh" or "Secure Shell". 13 | */ 14 | 15 | void temporarily_use_uid(struct passwd *); 16 | void restore_uid(void); 17 | void permanently_set_uid(struct passwd *); 18 | void permanently_drop_suid(uid_t); 19 | -------------------------------------------------------------------------------- /ssh/uuencode.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: uuencode.h,v 1.14 2010/08/31 11:54:45 djm Exp $ */ 2 | 3 | /* 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. 5 | * 6 | * Redistribution and use in source and binary forms, with or without 7 | * modification, are permitted provided that the following conditions 8 | * are met: 9 | * 1. Redistributions of source code must retain the above copyright 10 | * notice, this list of conditions and the following disclaimer. 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 | */ 26 | 27 | int uuencode(const u_char *, u_int, char *, size_t); 28 | int uudecode(const char *, u_char *, size_t); 29 | void dump_base64(FILE *, const u_char *, u_int); 30 | -------------------------------------------------------------------------------- /ssh/version.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: version.h,v 1.65 2012/07/22 18:19:21 markus Exp $ */ 2 | 3 | #define SSH_VERSION "OpenSSH_6.1" 4 | -------------------------------------------------------------------------------- /ssh/xmalloc.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: xmalloc.c,v 1.27 2006/08/03 03:34:42 deraadt Exp $ */ 2 | /* 3 | * Author: Tatu Ylonen 4 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 5 | * All rights reserved 6 | * Versions of malloc and friends that check their results, and never return 7 | * failure (they call fatal if they encounter an error). 8 | * 9 | * As far as I am concerned, the code I have written for this software 10 | * can be used freely for any purpose. Any derived versions of this 11 | * software must be clearly marked as such, and if the derived work is 12 | * incompatible with the protocol description in the RFC file, it must be 13 | * called by a name other than "ssh" or "Secure Shell". 14 | */ 15 | 16 | #include 17 | #include 18 | #include 19 | #include 20 | #include 21 | 22 | #include "xmalloc.h" 23 | #include "log.h" 24 | 25 | void * 26 | xmalloc(size_t size) 27 | { 28 | void *ptr; 29 | 30 | if (size == 0) 31 | fatal("xmalloc: zero size"); 32 | ptr = malloc(size); 33 | if (ptr == NULL) 34 | fatal("xmalloc: out of memory (allocating %lu bytes)", (u_long) size); 35 | return ptr; 36 | } 37 | 38 | void * 39 | xcalloc(size_t nmemb, size_t size) 40 | { 41 | void *ptr; 42 | 43 | if (size == 0 || nmemb == 0) 44 | fatal("xcalloc: zero size"); 45 | if (SIZE_T_MAX / nmemb < size) 46 | fatal("xcalloc: nmemb * size > SIZE_T_MAX"); 47 | ptr = calloc(nmemb, size); 48 | if (ptr == NULL) 49 | fatal("xcalloc: out of memory (allocating %lu bytes)", 50 | (u_long)(size * nmemb)); 51 | return ptr; 52 | } 53 | 54 | void * 55 | xrealloc(void *ptr, size_t nmemb, size_t size) 56 | { 57 | void *new_ptr; 58 | size_t new_size = nmemb * size; 59 | 60 | if (new_size == 0) 61 | fatal("xrealloc: zero size"); 62 | if (SIZE_T_MAX / nmemb < size) 63 | fatal("xrealloc: nmemb * size > SIZE_T_MAX"); 64 | if (ptr == NULL) 65 | new_ptr = malloc(new_size); 66 | else 67 | new_ptr = realloc(ptr, new_size); 68 | if (new_ptr == NULL) 69 | fatal("xrealloc: out of memory (new_size %lu bytes)", 70 | (u_long) new_size); 71 | return new_ptr; 72 | } 73 | 74 | void 75 | xfree(void *ptr) 76 | { 77 | if (ptr == NULL) 78 | fatal("xfree: NULL pointer given as argument"); 79 | free(ptr); 80 | } 81 | 82 | char * 83 | xstrdup(const char *str) 84 | { 85 | size_t len; 86 | char *cp; 87 | 88 | len = strlen(str) + 1; 89 | cp = xmalloc(len); 90 | strlcpy(cp, str, len); 91 | return cp; 92 | } 93 | 94 | int 95 | xasprintf(char **ret, const char *fmt, ...) 96 | { 97 | va_list ap; 98 | int i; 99 | 100 | va_start(ap, fmt); 101 | i = vasprintf(ret, fmt, ap); 102 | va_end(ap); 103 | 104 | if (i < 0 || *ret == NULL) 105 | fatal("xasprintf: could not allocate memory"); 106 | 107 | return (i); 108 | } 109 | -------------------------------------------------------------------------------- /ssh/xmalloc.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD: xmalloc.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ 2 | 3 | /* 4 | * Author: Tatu Ylonen 5 | * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland 6 | * All rights reserved 7 | * Created: Mon Mar 20 22:09:17 1995 ylo 8 | * 9 | * Versions of malloc and friends that check their results, and never return 10 | * failure (they call fatal if they encounter an error). 11 | * 12 | * As far as I am concerned, the code I have written for this software 13 | * can be used freely for any purpose. Any derived versions of this 14 | * software must be clearly marked as such, and if the derived work is 15 | * incompatible with the protocol description in the RFC file, it must be 16 | * called by a name other than "ssh" or "Secure Shell". 17 | */ 18 | 19 | void *xmalloc(size_t); 20 | void *xcalloc(size_t, size_t); 21 | void *xrealloc(void *, size_t, size_t); 22 | void xfree(void *); 23 | char *xstrdup(const char *); 24 | int xasprintf(char **, const char *, ...) 25 | __attribute__((__format__ (printf, 2, 3))) 26 | __attribute__((__nonnull__ (2))); 27 | -------------------------------------------------------------------------------- /unittests/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | SUBDIR= test_helper sshbuf sshkey kex 4 | 5 | .include 6 | -------------------------------------------------------------------------------- /unittests/Makefile.inc: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | .include 4 | .include 5 | 6 | CDIAGFLAGS= -Wall 7 | CDIAGFLAGS+= -Werror 8 | CDIAGFLAGS+= -Wpointer-arith 9 | CDIAGFLAGS+= -Wstrict-prototypes 10 | CDIAGFLAGS+= -Wmissing-prototypes 11 | CDIAGFLAGS+= -Wunused 12 | CDIAGFLAGS+= -Wsign-compare 13 | CDIAGFLAGS+= -Wshadow 14 | CDIAGFLAGS+= -Wformat 15 | .if (${CC:L} == "gcc" || ${CC:L} == "cc") 16 | CDIAGFLAGS+= -Wbounded 17 | .endif 18 | 19 | DEBUG=-g 20 | 21 | CFLAGS+=-I${.CURDIR}/../test_helper -I${.CURDIR}/../../ssh 22 | 23 | .if exists(${.CURDIR}/../test_helper/${__objdir}) 24 | LDADD+=-L${.CURDIR}/../test_helper/${__objdir} -ltest_helper 25 | DPADD+=${.CURDIR}/../test_helper/${__objdir}/libtest_helper.a 26 | .else 27 | LDADD+=-L${.CURDIR}/../test_helper -ltest_helper 28 | DPADD+=${.CURDIR}/../test_helper/libtest_helper.a 29 | .endif 30 | 31 | .if exists(${.CURDIR}/../../ssh/lib/${__objdir}) 32 | LDADD+=-L${.CURDIR}/../../ssh/lib/${__objdir} -lssh 33 | DPADD+=${.CURDIR}/../../ssh/lib/${__objdir}/libssh.a 34 | .else 35 | LDADD+=-L${.CURDIR}/../../ssh/lib -lssh 36 | DPADD+=${.CURDIR}/../../ssh/lib/libssh.a 37 | .endif 38 | 39 | LDADD+= -lcrypto 40 | DPADD+= ${LIBCRYPTO} 41 | 42 | .if defined(LEAKMALLOC) 43 | DEBUG= -g 44 | COPTS= -O0 45 | LEAKMALLOC_DIR= ${.CURDIR}/../../leakmalloc/leakmalloc 46 | CFLAGS+= -I${LEAKMALLOC_DIR} -DWITH_LEAKMALLOC 47 | LDFLAGS+= -L/usr/local/lib 48 | LDADD+= -lleakmalloc -lexecinfo 49 | . if exists(${LEAKMALLOC_DIR}/${__objdir}) 50 | LDADD+= -L${LEAKMALLOC_DIR}/${__objdir} 51 | DPADD+= ${LEAKMALLOC_DIR}/${__objdir}/libleakmalloc.a 52 | . else 53 | LDADD+= -L${LEAKMALLOC_DIR} 54 | DPADD+= ${LEAKMALLOC_DIR}/libleakmalloc.a 55 | . endif 56 | .else 57 | CDIAGFLAGS+= -Wuninitialized 58 | .endif 59 | 60 | -------------------------------------------------------------------------------- /unittests/TODO: -------------------------------------------------------------------------------- 1 | figure out how to hook up gcov to generate coverage reports 2 | 3 | get tests to run under valgrind (where supported) 4 | 5 | ditto clang-analyzer 6 | -------------------------------------------------------------------------------- /unittests/kex/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | PROG=test_kex 4 | SRCS=tests.c test_kex.c 5 | LDADD=-lz 6 | 7 | .include 8 | 9 | -------------------------------------------------------------------------------- /unittests/kex/tests.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD$ */ 2 | /* 3 | * Placed in the public domain 4 | */ 5 | 6 | #include "test_helper.h" 7 | 8 | void kex_tests(void); 9 | 10 | void 11 | tests(void) 12 | { 13 | kex_tests(); 14 | } 15 | -------------------------------------------------------------------------------- /unittests/sshbuf/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | PROG=test_sshbuf 4 | SRCS=tests.c 5 | SRCS+=test_sshbuf.c 6 | SRCS+=test_sshbuf_getput_basic.c 7 | SRCS+=test_sshbuf_getput_crypto.c 8 | SRCS+=test_sshbuf_misc.c 9 | SRCS+=test_sshbuf_fuzz.c 10 | SRCS+=test_sshbuf_getput_fuzz.c 11 | SRCS+=test_sshbuf_fixed.c 12 | 13 | .include 14 | 15 | -------------------------------------------------------------------------------- /unittests/sshbuf/tests.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD$ */ 2 | /* 3 | * Regress test for sshbuf.h buffer API 4 | * 5 | * Placed in the public domain 6 | */ 7 | 8 | #include "test_helper.h" 9 | 10 | void sshbuf_tests(void); 11 | void sshbuf_getput_basic_tests(void); 12 | void sshbuf_getput_crypto_tests(void); 13 | void sshbuf_misc_tests(void); 14 | void sshbuf_fuzz_tests(void); 15 | void sshbuf_getput_fuzz_tests(void); 16 | void sshbuf_fixed(void); 17 | 18 | void 19 | tests(void) 20 | { 21 | sshbuf_tests(); 22 | sshbuf_getput_basic_tests(); 23 | sshbuf_getput_crypto_tests(); 24 | sshbuf_misc_tests(); 25 | sshbuf_fuzz_tests(); 26 | sshbuf_getput_fuzz_tests(); 27 | sshbuf_fixed(); 28 | } 29 | -------------------------------------------------------------------------------- /unittests/sshkey/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | PROG=test_sshkey 4 | SRCS=tests.c test_sshkey.c test_file.c test_fuzz.c common.c 5 | REGRESS_TARGETS=run-regress-${PROG} 6 | 7 | run-regress-${PROG}: ${PROG} 8 | ./${PROG} -d ${.CURDIR}/testdata 9 | 10 | .include 11 | 12 | -------------------------------------------------------------------------------- /unittests/sshkey/common.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD$ */ 2 | /* 3 | * Helpers for key API tests 4 | * 5 | * Placed in the public domain 6 | */ 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | #include 16 | #include 17 | 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | 24 | #include "test_helper.h" 25 | 26 | #include "err.h" 27 | #include "authfile.h" 28 | #include "key.h" 29 | #include "sshbuf.h" 30 | 31 | #include "common.h" 32 | 33 | struct sshbuf * 34 | load_file(const char *name) 35 | { 36 | int fd; 37 | struct sshbuf *ret; 38 | 39 | ASSERT_PTR_NE(ret = sshbuf_new(), NULL); 40 | ASSERT_INT_NE(fd = open(test_data_file(name), O_RDONLY), -1); 41 | ASSERT_INT_EQ(sshkey_load_file(fd, name, ret), 0); 42 | close(fd); 43 | return ret; 44 | } 45 | 46 | struct sshbuf * 47 | load_text_file(const char *name) 48 | { 49 | struct sshbuf *ret = load_file(name); 50 | const u_char *p; 51 | 52 | /* Trim whitespace at EOL */ 53 | for (p = sshbuf_ptr(ret); sshbuf_len(ret) > 0;) { 54 | if (p[sshbuf_len(ret) - 1] == '\r' || 55 | p[sshbuf_len(ret) - 1] == '\t' || 56 | p[sshbuf_len(ret) - 1] == ' ' || 57 | p[sshbuf_len(ret) - 1] == '\n') 58 | ASSERT_INT_EQ(sshbuf_consume_end(ret, 1), 0); 59 | else 60 | break; 61 | } 62 | /* \0 terminate */ 63 | ASSERT_INT_EQ(sshbuf_put_u8(ret, 0), 0); 64 | return ret; 65 | } 66 | 67 | BIGNUM * 68 | load_bignum(const char *name) 69 | { 70 | BIGNUM *ret = NULL; 71 | struct sshbuf *buf; 72 | 73 | buf = load_text_file(name); 74 | ASSERT_INT_NE(BN_hex2bn(&ret, sshbuf_ptr(buf)), 0); 75 | sshbuf_free(buf); 76 | return ret; 77 | } 78 | 79 | -------------------------------------------------------------------------------- /unittests/sshkey/common.h: -------------------------------------------------------------------------------- 1 | /* $OpenBSD$ */ 2 | /* 3 | * Helpers for key API tests 4 | * 5 | * Placed in the public domain 6 | */ 7 | 8 | /* Load a binary file into a buffer */ 9 | struct sshbuf *load_file(const char *name); 10 | 11 | /* Load a text file into a buffer */ 12 | struct sshbuf *load_text_file(const char *name); 13 | 14 | /* Load a bignum from a file */ 15 | BIGNUM *load_bignum(const char *name); 16 | 17 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBugIBAAKBgQCoCA1sDYYZZoVGWyG5zy2VabK2fRirsBsswND7n2n3eZrmjiBF 3 | tU89I8Gw8Pa/3BaAzhYNFeA/NZ2FonQS0P3uBbbtMVmW8adiwcRg3ZZRmEOUp/4v 4 | rIlxdWAv8D7NgnJQIUOUwzxbVFuy7Qd4iy+pGFYEkB25BMs7EzqncwzwxwIVAPvU 5 | 1LJskihQmWNeSjbQRsEJpi4nAoGAWTPLaSu0RXasfslIWeaGidUdPaTbW6hzZmUT 6 | jH9joga+/72XiIiwDcG3bG/vpglTr9uKq1bkGTmbPH6LpoF24iLpSLjWgjWjdDcy 7 | BfTt4QTRGMI/xRqL4c9lg5sXMmaHCtYmNdPdOq6h24JRrSXlm3wcNXNYEiaQiiPS 8 | QbjFyYUCgYAVKVjfhR/+jl3Ly3+y2onS83eJqb4qBN6riqz58WOVV8N4KkTAn1jR 9 | hXauEMckSLQJaTlETRTCLEiKENK/Tcua1+V7G4cwyzw4+0akz0fcNPE0fwfOO6lq 10 | OGrJoStP51jYa5jkqqJUmGEZTw894qTNJzjAA4WCRJho6z7QEUMq0AIUGWJNo6fy 11 | +fZLMmKD81epk07PiZI= 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-dss-cert-v01@openssh.com AAAAHHNzaC1kc3MtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgYNd8rXl1xdIIly+MD29KTTtQ59MA7KNamST+Jxo1FZkAAACBAKgIDWwNhhlmhUZbIbnPLZVpsrZ9GKuwGyzA0Pufafd5muaOIEW1Tz0jwbDw9r/cFoDOFg0V4D81nYWidBLQ/e4Ftu0xWZbxp2LBxGDdllGYQ5Sn/i+siXF1YC/wPs2CclAhQ5TDPFtUW7LtB3iLL6kYVgSQHbkEyzsTOqdzDPDHAAAAFQD71NSybJIoUJljXko20EbBCaYuJwAAAIBZM8tpK7RFdqx+yUhZ5oaJ1R09pNtbqHNmZROMf2OiBr7/vZeIiLANwbdsb++mCVOv24qrVuQZOZs8foumgXbiIulIuNaCNaN0NzIF9O3hBNEYwj/FGovhz2WDmxcyZocK1iY10906rqHbglGtJeWbfBw1c1gSJpCKI9JBuMXJhQAAAIAVKVjfhR/+jl3Ly3+y2onS83eJqb4qBN6riqz58WOVV8N4KkTAn1jRhXauEMckSLQJaTlETRTCLEiKENK/Tcua1+V7G4cwyzw4+0akz0fcNPE0fwfOO6lqOGrJoStP51jYa5jkqqJUmGEZTw894qTNJzjAA4WCRJho6z7QEUMq0AAAAAAAAAAFAAAAAgAAAAZqdWxpdXMAAAASAAAABWhvc3QxAAAABWhvc3QyAAAAADaLg2AAAAAATR3h4AAAAAAAAAAAAAAAAAAAAGgAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAAhuaXN0cDI1NgAAAEEEfxVAyoLd0WG39ttePgnsc0Dwb1Nuz4x63kit+HriSHCGaK/JlUVYFVRkTsbQEiCwlr9WSHxaTehmnGqtAQTQAAAAAGQAAAATZWNkc2Etc2hhMi1uaXN0cDI1NgAAAEkAAAAgQcKxnX3d3G03xZ4ymusqlLQfMl0U7ftSwnH4W8dKlNUAAAAhALJWEugdDK5Q416b4AD2bpB4WAdh2BggJtrPp4v2BPaQ DSA test key #1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1.fp: -------------------------------------------------------------------------------- 1 | 33:cc:6c:e5:60:8c:df:c3:a5:dd:9e:6d:5a:d3:1b:fa 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1.fp.bb: -------------------------------------------------------------------------------- 1 | xulad-pyvok-datyg-kyfat-fobah-piful-zyrus-numuk-zapyl-fusaf-kyxix 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1.param.g: -------------------------------------------------------------------------------- 1 | 5933cb692bb44576ac7ec94859e68689d51d3da4db5ba8736665138c7f63a206beffbd978888b00dc1b76c6fefa60953afdb8aab56e419399b3c7e8ba68176e222e948b8d68235a374373205f4ede104d118c23fc51a8be1cf65839b173266870ad62635d3dd3aaea1db8251ad25e59b7c1c3573581226908a23d241b8c5c985 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1.param.priv: -------------------------------------------------------------------------------- 1 | 19624da3a7f2f9f64b326283f357a9934ecf8992 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1.param.pub: -------------------------------------------------------------------------------- 1 | 152958df851ffe8e5dcbcb7fb2da89d2f37789a9be2a04deab8aacf9f1639557c3782a44c09f58d18576ae10c72448b4096939444d14c22c488a10d2bf4dcb9ad7e57b1b8730cb3c38fb46a4cf47dc34f1347f07ce3ba96a386ac9a12b4fe758d86b98e4aaa2549861194f0f3de2a4cd2738c0038582449868eb3ed011432ad0 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1.pub: -------------------------------------------------------------------------------- 1 | ssh-dss AAAAB3NzaC1kc3MAAACBAKgIDWwNhhlmhUZbIbnPLZVpsrZ9GKuwGyzA0Pufafd5muaOIEW1Tz0jwbDw9r/cFoDOFg0V4D81nYWidBLQ/e4Ftu0xWZbxp2LBxGDdllGYQ5Sn/i+siXF1YC/wPs2CclAhQ5TDPFtUW7LtB3iLL6kYVgSQHbkEyzsTOqdzDPDHAAAAFQD71NSybJIoUJljXko20EbBCaYuJwAAAIBZM8tpK7RFdqx+yUhZ5oaJ1R09pNtbqHNmZROMf2OiBr7/vZeIiLANwbdsb++mCVOv24qrVuQZOZs8foumgXbiIulIuNaCNaN0NzIF9O3hBNEYwj/FGovhz2WDmxcyZocK1iY10906rqHbglGtJeWbfBw1c1gSJpCKI9JBuMXJhQAAAIAVKVjfhR/+jl3Ly3+y2onS83eJqb4qBN6riqz58WOVV8N4KkTAn1jRhXauEMckSLQJaTlETRTCLEiKENK/Tcua1+V7G4cwyzw4+0akz0fcNPE0fwfOO6lqOGrJoStP51jYa5jkqqJUmGEZTw894qTNJzjAA4WCRJho6z7QEUMq0A== DSA test key #1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_1_pw: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: AES-128-CBC,DB0E2F085B77D199DC7B4F228C22B550 4 | 5 | nMUUflJrx63EXr1Qoq/Oyp1Sq33YP0KcMBO4c535sledc3ZLoOtJeJoNTaDbngOP 6 | QXQaqdBY4RzU6BhP42RbhULAizPWyECPYHeQguYdpN5Wk1suv1grBINzqwVAMuu/ 7 | NCsTJV3gLP2ZbgRQaUulDq3930MQne82LrKLGOQjClk28oUqdSDOGngNs9ReScoi 8 | zYgSQ5H+RLR2/HPg2onB9FKXmbXAASiXnXdeGlPXnadrrvR+pomRFrwuem7rgrtT 9 | mf3nCnVGQ1d9/pYLekKehQBgYqdjwnK4yxwp8QMUhkSCiEbSkHTO8iq2YZsPuR9A 10 | jihM9kK1ETjf8aNvaDyoCl1wDA+xf5uIFBXNJLUGK9XksLMNPX4eZW/E2ZecmDTa 11 | D51hTXljrCct8ogzX/EI3H2i4DvkTG907FvTWoCw8h7bOMSOm373BUO2HdNUuE3m 12 | vD54mAJp4L8tZ2SYDaEFDuHjlGS7zfL81NyDXXqUWYzMZRp9IrMjk70OTXLyPCN2 13 | itQQHcQVffFZM4IWvZxyI70I2jhVsJ3aPUj/t1BWwYjPeJlXB6ri1oaPisB+lvtY 14 | 3vF0g+z4gk9wdX+UdXSA6Q== 15 | -----END DSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_2: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBugIBAAKBgQDsbGFNNqg0rbBo12419E9UGb4bKLPmQamF1+uUWq3jo/+7HrvO 3 | z7fzxn4K7+LGY2SOCt4Z1pcP13iM1YvmCN0PuQQTJ9pj7F/0NJU8OdJ+FU87vCxm 4 | eLY6ApBj1cWgWodT0YJn0z5AdzWB7XX7yTxY99N5+4SNW3u2CXmutu5PVQIVAN0B 5 | GqY6DcsLC0Wb1YqOmsjavwcbAoGAXh7s1oJ21Jv2dGeP8zS3AC17q5ZdQ+VGw5Wj 6 | pJrwy0iJ9nAurCJ9ifILduj43FPWYdvL0o+7S6UGjRxFAKcugpHF2H7oAQ2KH2OG 7 | jNdg0y3qX3STXJrvJBl9v7izzwpzT7/WzfEH+uhxoVj/fogAY+JNgfjvEhbxCTy3 8 | Hpm5KEYCgYAzFh5fMm2WN8gjW6cJ3bU9MBgXTUKA3Br5Hx1uw/Nq4ZVeOXE+VJph 9 | M0u+BjyyBeozwmUbp22A4DSBBD4yEwkFXO6SYIO+XVdDg3j7Ht0Jta5IqhQ0sDUS 10 | N/8jxNhwh6gvUxK5UmjaoJ6AoXI9E+rXhG3D2lSzH38UTIf1WrVPIgIUPBuUdO3Z 11 | QHowtlX7GmcGmzX8Dvg= 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_2.fp: -------------------------------------------------------------------------------- 1 | d1:50:82:3a:04:02:82:ab:3d:ff:df:04:7a:3d:bf:11 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_2.fp.bb: -------------------------------------------------------------------------------- 1 | xesok-dyhuc-vinen-sizef-vazoh-zasoh-caras-dyvem-vevot-zamik-taxax 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/dsa_2.pub: -------------------------------------------------------------------------------- 1 | ssh-dss AAAAB3NzaC1kc3MAAACBAOxsYU02qDStsGjXbjX0T1QZvhsos+ZBqYXX65RareOj/7seu87Pt/PGfgrv4sZjZI4K3hnWlw/XeIzVi+YI3Q+5BBMn2mPsX/Q0lTw50n4VTzu8LGZ4tjoCkGPVxaBah1PRgmfTPkB3NYHtdfvJPFj303n7hI1be7YJea627k9VAAAAFQDdARqmOg3LCwtFm9WKjprI2r8HGwAAAIBeHuzWgnbUm/Z0Z4/zNLcALXurll1D5UbDlaOkmvDLSIn2cC6sIn2J8gt26PjcU9Zh28vSj7tLpQaNHEUApy6CkcXYfugBDYofY4aM12DTLepfdJNcmu8kGX2/uLPPCnNPv9bN8Qf66HGhWP9+iABj4k2B+O8SFvEJPLcembkoRgAAAIAzFh5fMm2WN8gjW6cJ3bU9MBgXTUKA3Br5Hx1uw/Nq4ZVeOXE+VJphM0u+BjyyBeozwmUbp22A4DSBBD4yEwkFXO6SYIO+XVdDg3j7Ht0Jta5IqhQ0sDUSN/8jxNhwh6gvUxK5UmjaoJ6AoXI9E+rXhG3D2lSzH38UTIf1WrVPIg== DSA test key #2 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MHcCAQEEICjLBCQfwXIsLKyGugDZsIp2gFbBFCpDVICELkALQvuyoAoGCCqGSM49 3 | AwEHoUQDQgAEfxVAyoLd0WG39ttePgnsc0Dwb1Nuz4x63kit+HriSHCGaK/JlUVY 4 | FVRkTsbQEiCwlr9WSHxaTehmnGqtAQTQAA== 5 | -----END EC PRIVATE KEY----- 6 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1-cert.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256-cert-v01@openssh.com AAAAKGVjZHNhLXNoYTItbmlzdHAyNTYtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgYUtEyKVUL/tjD+oIzeIPXceDlKX7L/9uU2X9k47DfxkAAAAIbmlzdHAyNTYAAABBBH8VQMqC3dFht/bbXj4J7HNA8G9Tbs+Met5Irfh64khwhmivyZVFWBVUZE7G0BIgsJa/Vkh8Wk3oZpxqrQEE0AAAAAAAAAAABgAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8VQMqC3dFht/bbXj4J7HNA8G9Tbs+Met5Irfh64khwhmivyZVFWBVUZE7G0BIgsJa/Vkh8Wk3oZpxqrQEE0AAAAABjAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABIAAAAIGi6KpysSXdaD0bqr1X6QAyKhs+QxHmY9vDxkGh3la8vAAAAIDg87ogOQ71oxAjNJDzc2PFheDRxqrZwfKp0liMGbkWr ECDSA test key #1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1.fp: -------------------------------------------------------------------------------- 1 | 11:92:cd:b4:0a:59:62:33:3d:6a:9d:a9:d0:89:dc:c7 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1.fp.bb: -------------------------------------------------------------------------------- 1 | xigir-cihep-rusam-ravif-nekop-hepyl-rabed-pomof-mezym-capyr-pyxix 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1.param.curve: -------------------------------------------------------------------------------- 1 | prime256v1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1.param.priv: -------------------------------------------------------------------------------- 1 | 28cb04241fc1722c2cac86ba00d9b08a768056c1142a435480842e400b42fbb2 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1.param.pub: -------------------------------------------------------------------------------- 1 | 047f1540ca82ddd161b7f6db5e3e09ec7340f06f536ecf8c7ade48adf87ae248708668afc99545581554644ec6d01220b096bf56487c5a4de8669c6aad0104d000 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8VQMqC3dFht/bbXj4J7HNA8G9Tbs+Met5Irfh64khwhmivyZVFWBVUZE7G0BIgsJa/Vkh8Wk3oZpxqrQEE0AA= ECDSA test key #1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_1_pw: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: AES-128-CBC,C3A63EA7C4DD22D92D61779DEB06944A 4 | 5 | KDWkx+sJbiHEqqee5aR7rQxlLkNC5jCrOHE0AoajdGkCYtscOZPFvuipbij9wkz7 6 | CpHdBn0O6Un/iZWu//0alI7mzyqEfqY0ow2QfXZ3QTojQKvfryzMd7dN7mH27mE7 7 | YJsHNb60ahfibINe1X3YzbpSYdqt/wEBckRa5LbmqDI= 8 | -----END EC PRIVATE KEY----- 9 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_2: -------------------------------------------------------------------------------- 1 | -----BEGIN EC PRIVATE KEY----- 2 | MIHcAgEBBEIBcFnSJ4JvQBN3OC7Mq1PGNoTTUXKICnzHhae9xvjYze9uXwcWytTb 3 | cTsvNbd+Zo9FwaYK8Xi+VsUsKTzUlH3i7wSgBwYFK4EEACOhgYkDgYYABADUQWLG 4 | rCS0lJHeReAhU0/ifSp769W6GfWWqmJwvPogt2q890WkNgLrNHftARuUd5XXIw14 5 | 8fjWmF35Qi9ZtIyzfgHbP3cKjMqvOBZ4oLSTK1I9ixetVxN5I+U+HlPVpfepFVrR 6 | sy2g8GzcjGeT1o+9OTgnIeqHSFOXNCqTc1JVDlx6vQ== 7 | -----END EC PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_2.fp: -------------------------------------------------------------------------------- 1 | bf:a0:3c:72:8f:cd:76:95:6e:86:d1:c5:de:23:cf:b9 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_2.fp.bb: -------------------------------------------------------------------------------- 1 | xeban-tadum-funab-kibav-buzub-hetel-sivur-bilar-vipoc-dugup-ryxix 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_2.param.curve: -------------------------------------------------------------------------------- 1 | secp521r1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_2.param.priv: -------------------------------------------------------------------------------- 1 | 017059d227826f401377382eccab53c63684d35172880a7cc785a7bdc6f8d8cdef6e5f0716cad4db713b2f35b77e668f45c1a60af178be56c52c293cd4947de2ef04 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_2.param.pub: -------------------------------------------------------------------------------- 1 | 0400d44162c6ac24b49491de45e021534fe27d2a7bebd5ba19f596aa6270bcfa20b76abcf745a43602eb3477ed011b947795d7230d78f1f8d6985df9422f59b48cb37e01db3f770a8ccaaf381678a0b4932b523d8b17ad57137923e53e1e53d5a5f7a9155ad1b32da0f06cdc8c6793d68fbd39382721ea87485397342a937352550e5c7abd 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/ecdsa_2.pub: -------------------------------------------------------------------------------- 1 | ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBADUQWLGrCS0lJHeReAhU0/ifSp769W6GfWWqmJwvPogt2q890WkNgLrNHftARuUd5XXIw148fjWmF35Qi9ZtIyzfgHbP3cKjMqvOBZ4oLSTK1I9ixetVxN5I+U+HlPVpfepFVrRsy2g8GzcjGeT1o+9OTgnIeqHSFOXNCqTc1JVDlx6vQ== ECDSA test key #2 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/pw: -------------------------------------------------------------------------------- 1 | mekmitasdigoat 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openssh/libopenssh/05dfdd5f54d9a1bae5544141a7ee65baa3313ecd/unittests/sshkey/testdata/rsa1_1 -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_1.fp: -------------------------------------------------------------------------------- 1 | df:56:8a:78:e5:de:52:a8:a7:df:73:02:57:32:08:c3 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_1.fp.bb: -------------------------------------------------------------------------------- 1 | xihon-talis-bedet-vupyv-monov-tohap-butop-letir-nokub-muhil-goxix 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_1.param.n: -------------------------------------------------------------------------------- 1 | 00abfdd779a7b421aa2f59e6875eb2e56ef93ccd11e2b7d7bcf777d41194ace1bc37f3917eb6852f2bb3d29e2f5a20d14d1ed7db3f06817559b00b9c117b4eed333933b559d862931dbac64a1d13e2957a9bc2f068caea6d53d5da6abc7abdf6b5 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_1.pub: -------------------------------------------------------------------------------- 1 | 768 65537 1043046964118628096729144162858864009270450616453608896597588394026103177248332819575590098154468211137313920644640262264068383277501914760712354575669711236115536984899210675058617195039863025357466744136007215865407013766626670261 RSA1 test key #1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_1_pw: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openssh/libopenssh/05dfdd5f54d9a1bae5544141a7ee65baa3313ecd/unittests/sshkey/testdata/rsa1_1_pw -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/openssh/libopenssh/05dfdd5f54d9a1bae5544141a7ee65baa3313ecd/unittests/sshkey/testdata/rsa1_2 -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_2.fp: -------------------------------------------------------------------------------- 1 | e4:18:5f:93:ac:71:ec:92:e0:d7:cc:b6:10:32:07:0e 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_2.fp.bb: -------------------------------------------------------------------------------- 1 | xitob-pozol-hiraf-huleb-megeb-fugob-tafuc-sedaz-gagoc-nazet-fexix 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_2.param.n: -------------------------------------------------------------------------------- 1 | 00d209461d163422c5a32392d857b5065be026adb011ac017ff22934bca8d73d48f4c21e11ebdb894b1c5627eba0a6fab146d1650327687177890ea55510d46d92d0fff78255786f768c29717293865174d5c3f49cb5e55040c9c9a7fe53a10ce1b304f8c9787b6f72d97fb7df9c0050b8288250a4106b7c90f1c32d6bedfb66ce3510d0c084314683990631471b0d57de6a0ad0c69496bc12abeb0c1d32b8bdf9730ca147f6c2bf74884367bd6c398a9fa48b5050a9cdd802990563f106734c4e711e7c50bb50c06eab3523668af39d35adba88764638961742a85401c4e672c505b73d032560e11eea8469155bf863bb289f56802dca3d433a76efd24cfdfa03 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa1_2.pub: -------------------------------------------------------------------------------- 1 | 2048 65537 26514617164197873093216883054736546954668603832380183918015193064915195083233486325311151924567949054282396389879794571380830287640395767029829591245224389516281011896023250570285994096042054027961013072721346672412295901560758996322115203325283509411286602769564592195772004534543433436173498383068184183179623840071486870572247486355132812260762490936503572540426040067047547925964909156787897104511854826383788803547077673394691079096418130789336995020132892177049042646048895889073217392237048556575319564512099040024995425850728688425607903907151117903496017652379920616180754291785285073042485875141583644260867 RSA1 test key #2 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIBygIBAAJhAOKZVqoC3KAXRNXufhZDTflJ+9+FDxhZrnQhD4WxpZor2KQBq3NO 3 | 4Htp13omr8GPXdOIVgaQGcgxLy1faAUMmApkL4FXWm9oan70VU7oCBaP7WdoAghc 4 | 29mX4dXlFYKI3wIDAQABAmEA4h1rSolCiQnPKb8r2KFezJTUHu6S6pSLLdzTtXBY 5 | tOht7PKxmIWsIdqzJ3Q1S+v3LtKHnhevh9eMwBcrBMxS7KpIXFZecrgTolA0C7La 6 | JAsaD+5zEdcjFtvtKnpgpDi5AjEA9kU5o1BThZAlWRoQTCzHdcdlP4euJpQQIlhv 7 | xInULVV1NRMkRTynAH8cRpHNDkR9AjEA640oJwPEDedUZx8o4XmEUDZxqRYEsb7L 8 | TYrg8PgDlhgWbDXH4fS9UTL3wi1ZvQ2LAjAWzUoM6P8Susn6egNQSkUdjpy9SR7C 9 | y6rCw1V16R0QJX14sJEHKBp+XUaM8ir+SzECMFiBrJGkT5ltz4AD7Ed0cmv1WRXQ 10 | iSkEaL2VLlo8xpQyLtKwDo/vduc4wHF8uthXawIwNBdZAHS/CAwfJfMZRLFWNwyj 11 | A9nsqErFOH93IpOX+QGgVYFFOU5uh7XKveNVisXC 12 | -----END RSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1-cert.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa-cert-v01@openssh.com AAAAHHNzaC1yc2EtY2VydC12MDFAb3BlbnNzaC5jb20AAAAgK/rC1hpsu/3mW+dqhna0bmFhumF57HKjvmTs70C21QoAAAADAQABAAAAYQDimVaqAtygF0TV7n4WQ035SfvfhQ8YWa50IQ+FsaWaK9ikAatzTuB7add6Jq/Bj13TiFYGkBnIMS8tX2gFDJgKZC+BV1pvaGp+9FVO6AgWj+1naAIIXNvZl+HV5RWCiN8AAAAAAAAABAAAAAIAAAAGanVsaXVzAAAAEgAAAAVob3N0MQAAAAVob3N0MgAAAAA2i4NgAAAAAE0d4eAAAAAAAAAAAAAAAAAAAABoAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBH8VQMqC3dFht/bbXj4J7HNA8G9Tbs+Met5Irfh64khwhmivyZVFWBVUZE7G0BIgsJa/Vkh8Wk3oZpxqrQEE0AAAAABkAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAABJAAAAIAb9KnV8ENyyb6iX6ZFLJsCB34yc4waXFqiyN/g73xfuAAAAIQCduCi2HtQniaU3eKuCoS8V+rg0fJsfBNeDv7ZhyIx06g== RSA test key #1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1.fp: -------------------------------------------------------------------------------- 1 | e1:68:65:e4:b3:44:52:01:64:22:67:40:95:54:0b:b6 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1.fp.bb: -------------------------------------------------------------------------------- 1 | xibat-kicoh-nalul-fohuh-fyboh-kanan-mirun-zufyd-hyfuh-bezoz-zixox 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1.param.n: -------------------------------------------------------------------------------- 1 | 00e29956aa02dca01744d5ee7e16434df949fbdf850f1859ae74210f85b1a59a2bd8a401ab734ee07b69d77a26afc18f5dd38856069019c8312f2d5f68050c980a642f81575a6f686a7ef4554ee808168fed676802085cdbd997e1d5e5158288df 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1.param.p: -------------------------------------------------------------------------------- 1 | 00f64539a35053859025591a104c2cc775c7653f87ae26941022586fc489d42d5575351324453ca7007f1c4691cd0e447d 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1.param.q: -------------------------------------------------------------------------------- 1 | 00eb8d282703c40de754671f28e17984503671a91604b1becb4d8ae0f0f8039618166c35c7e1f4bd5132f7c22d59bd0d8b 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQDimVaqAtygF0TV7n4WQ035SfvfhQ8YWa50IQ+FsaWaK9ikAatzTuB7add6Jq/Bj13TiFYGkBnIMS8tX2gFDJgKZC+BV1pvaGp+9FVO6AgWj+1naAIIXNvZl+HV5RWCiN8= RSA test key #1 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_1_pw: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | Proc-Type: 4,ENCRYPTED 3 | DEK-Info: AES-128-CBC,36571CDB18D8DDF83DED9EE7385DF7F1 4 | 5 | +UKWJQJgPtWhyLdHbLIZmg7Pp/PhvksEhis0n/4sQ2Dp8pocOoYDB6PavRfPQXE1 6 | nNIU6lt3SHxeNJzs98GTAIghzsJ1w3jRMeEaKAXXDuLaXoouy/M6Ze50wRBXqaoo 7 | +N99GLIHaWLwn7M97kTZAQyEwHsK3cOgFQTR2uYAhTJdyHCtL2uKZsPcaWYm0bNN 8 | 1V3kVKeblCkD5Eja3uLlhsomTjY6t/rlLnybuXM0ujWDa7R6mbTzH8ObOA+w7fTy 9 | 2zk2iruiiUpOiOxEHuNuvajk62vXLTAWP31GdGc3j4oHMX5CoQONzfgNhyKxtTwD 10 | pS9dihBFdiYT4hxbOdN3Qcm4wRSXkgLAFurGU2l4DDVPK39UvTLU+HVAhlcOlvXi 11 | bZvOLcHH0hYMKwjFyPM/o8QCj+II+LwYnzIbL/nI2OiEBpopP1LKiSIA9Xi0TpPe 12 | iPd9pF9ZmPgfEzE7jGAIJh1KEIpND31Eh81XGlzMQWGgCqW1HNYaLVFQMmFv0s4S 13 | 8naM/Mb16WAoJMqdPXvIpen8pjdMmmI9caZPvprbK/uVquhD+tk40sJUScgOaEJY 14 | MTYtCI9mvFsmLVTGLNj7+xFpfGaZeycKKCTMTyYGeA0= 15 | -----END RSA PRIVATE KEY----- 16 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_2: -------------------------------------------------------------------------------- 1 | -----BEGIN RSA PRIVATE KEY----- 2 | MIIEpAIBAAKCAQEAtrLf6Oeuty62X7g67t31l8i3GcKo4mrU38aZxp02Gf/Mt9cG 3 | aBM1yj7No+Zt/1zz8RthFpAQcdysR8YcsBsa50kTtTkHveTcz8P+5VnI8Z5H5LnK 4 | b9oQxBAYowV1OsK64mDFDRSnLhRNLvhig79ep05GNM9PEMusy5dowbe97r3NxHiC 5 | vY85H+mPl9fmRNtP7Hhf0sBelljivKg/mHymdaOlWTp27EXcKM+bOQhNAH7sTgFF 6 | /4Qt7ob4U5cpYGRT+qqeRjtQQfK+82e/TJ3MKF+NAswCE/J3M+SRLTowvRDOYSjz 7 | Inr4YT+ddEP6trHmWduFNPWeZ2+hwA8WqPt/7wIDAQABAoIBAD6XAUaVOLHg+vHH 8 | 98ilmeGqDbBxk9Idr1gKfdwhN8uoasYAkF1PV3o2EdU4uC5n9dp/+r70E+4uH4dn 9 | Q6TBZHIgAvRu2Uwg/9Td3JFONR0xkIe3brbrChthOE+BKyw6UjQD2v4kOTH8GoUg 10 | 6v8frJm8oyisbPXgEQ6ejHDxNcx3/aomzld02nIV2XMns+yw2yUMkvHdrLrl73IG 11 | YId5R0z1wRIftCiGF9Nhfxzt5FTMYL8TJWPfr9/GojEtSbiK8y88MuaJdv3VDPk6 12 | aABWtfqpHIHm2kOudsG0Wl4FwESLj1oS8BoIQSIe+tESwF1kxPKwr06glvA5e7ic 13 | 1+rPpqECgYEA3wVBrxIBDykCM9MOttcfWLOahozUY9cloGiCByUdgj8Zf3d+iIPD 14 | 2HNmB7epZMNYibvWGNDn3F/V4CXCMR0QpuwZT1ykCha/0xg3PtZ/oIM0PdZyG0Ut 15 | lDAuR4cdNG4lKN7s3ehrAnDExZvnzpq7QEZ4KtrMphqTKM/JdLLRC6UCgYEA0bcu 16 | hT5VFguyo/SSAnRK/tzVADHkhAWLKlbRxS1XlZ2aRSuoEMtceYtBUjZJr1WiMbsI 17 | 9wKtbLNVFHD5MgcpZm4fz2fgXfBRZr6w93fR7rJcQa81gRJxk/kkHKbjIMTR+FxO 18 | 2UlKn2Skp8X2REewYpTaDIGoeSJ8d6M7o2zMWQMCgYA+OSw7WU2cWje4F+HaF6ky 19 | SWIKuk4j0Qo5eA8XST6zcUF+8+sE0aaZxJCqBI8pgus3+oVghSC7tq1ojYBhzZcw 20 | y1zAbLuD6Rb6IZ6AVL5lHVY9DpDllOaDmvG+mS8HytdpUNFLlKYOl0H/VGFXnooy 21 | A7dRVZyVl4KJd3fgrGdw1QKBgQCi0FSNnZbxRqOqJnY08ZRHyaqUPCftV2BzvnOd 22 | YVZeEb1zdjFE2J0yv6o26W7LcPA7K7oKC0oY2iFzfUH6VRUPMPABVeQbCjgoTGOX 23 | vK5/Ynm9hQlE68zB1Or0U5yCFEvvRbrxdrU4iipLFqXa3M1Tu7yNeRwS73Mybsge 24 | WJlNgQKBgQCjrJWwwGcxkPZRYaNP3gmLZELrziJl9k8M8iCxXAemwzgHUFv97w4v 25 | 3ftM85Of1Ra8q60o+2aPjqNHLkY/EBcCBjfJzqpYTCUsrBo7n0RImznWiG+Orxy1 26 | Jm3GOBtkn8r9NWFAAwyoVS+1kp8o2CoDLTAI/DfS5WxB+Xo1QrNB/A== 27 | -----END RSA PRIVATE KEY----- 28 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_2.fp: -------------------------------------------------------------------------------- 1 | f4:ef:df:19:25:b8:c1:fc:51:37:91:c9:6d:b6:cf:29 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_2.fp.bb: -------------------------------------------------------------------------------- 1 | xebot-reluv-saryd-ganul-kylub-dutes-mesym-pufor-fypyr-fenot-lexix 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_2.param.n: -------------------------------------------------------------------------------- 1 | 00b6b2dfe8e7aeb72eb65fb83aeeddf597c8b719c2a8e26ad4dfc699c69d3619ffccb7d706681335ca3ecda3e66dff5cf3f11b6116901071dcac47c61cb01b1ae74913b53907bde4dccfc3fee559c8f19e47e4b9ca6fda10c41018a305753ac2bae260c50d14a72e144d2ef86283bf5ea74e4634cf4f10cbaccb9768c1b7bdeebdcdc47882bd8f391fe98f97d7e644db4fec785fd2c05e9658e2bca83f987ca675a3a5593a76ec45dc28cf9b39084d007eec4e0145ff842dee86f8539729606453faaa9e463b5041f2bef367bf4c9dcc285f8d02cc0213f27733e4912d3a30bd10ce6128f3227af8613f9d7443fab6b1e659db8534f59e676fa1c00f16a8fb7fef 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_2.param.p: -------------------------------------------------------------------------------- 1 | 00df0541af12010f290233d30eb6d71f58b39a868cd463d725a0688207251d823f197f777e8883c3d8736607b7a964c35889bbd618d0e7dc5fd5e025c2311d10a6ec194f5ca40a16bfd318373ed67fa083343dd6721b452d94302e47871d346e2528deecdde86b0270c4c59be7ce9abb4046782adacca61a9328cfc974b2d10ba5 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_2.param.q: -------------------------------------------------------------------------------- 1 | 00d1b72e853e55160bb2a3f49202744afedcd50031e484058b2a56d1c52d57959d9a452ba810cb5c798b41523649af55a231bb08f702ad6cb3551470f9320729666e1fcf67e05df05166beb0f777d1eeb25c41af3581127193f9241ca6e320c4d1f85c4ed9494a9f64a4a7c5f64447b06294da0c81a879227c77a33ba36ccc5903 2 | -------------------------------------------------------------------------------- /unittests/sshkey/testdata/rsa_2.pub: -------------------------------------------------------------------------------- 1 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2st/o5663LrZfuDru3fWXyLcZwqjiatTfxpnGnTYZ/8y31wZoEzXKPs2j5m3/XPPxG2EWkBBx3KxHxhywGxrnSRO1OQe95NzPw/7lWcjxnkfkucpv2hDEEBijBXU6wrriYMUNFKcuFE0u+GKDv16nTkY0z08Qy6zLl2jBt73uvc3EeIK9jzkf6Y+X1+ZE20/seF/SwF6WWOK8qD+YfKZ1o6VZOnbsRdwoz5s5CE0AfuxOAUX/hC3uhvhTlylgZFP6qp5GO1BB8r7zZ79MncwoX40CzAIT8ncz5JEtOjC9EM5hKPMievhhP510Q/q2seZZ24U09Z5nb6HADxao+3/v RSA test key #2 2 | -------------------------------------------------------------------------------- /unittests/sshkey/tests.c: -------------------------------------------------------------------------------- 1 | /* $OpenBSD$ */ 2 | /* 3 | * Regress test for sshbuf.h buffer API 4 | * 5 | * Placed in the public domain 6 | */ 7 | 8 | #include 9 | 10 | #include "test_helper.h" 11 | 12 | void sshkey_tests(void); 13 | void sshkey_file_tests(void); 14 | void sshkey_fuzz_tests(void); 15 | 16 | void 17 | tests(void) 18 | { 19 | OpenSSL_add_all_algorithms(); 20 | ERR_load_CRYPTO_strings(); 21 | 22 | sshkey_tests(); 23 | sshkey_file_tests(); 24 | sshkey_fuzz_tests(); 25 | } 26 | -------------------------------------------------------------------------------- /unittests/test_helper/Makefile: -------------------------------------------------------------------------------- 1 | # $OpenBSD$ 2 | 3 | LIB= test_helper 4 | SRCS= test_helper.c fuzz.c 5 | 6 | DEBUGLIBS= no 7 | NOPROFILE= yes 8 | NOPIC= yes 9 | 10 | install: 11 | @echo -n 12 | 13 | .include 14 | --------------------------------------------------------------------------------