# HG changeset patch # User matt-ucc@ucc.asn.au # Date 1143448604 0 # Node ID 827f87dfbc22a18fe0a02637dd2b3b8b648db727 # Parent fabcee5513498e438d3c5aa7193c49eef2b38f2c *hack hack hack* get rid of a few more bits diff -r fabcee551349 -r 827f87dfbc22 common-channel.c --- a/common-channel.c Sun Mar 26 13:18:30 2006 +0000 +++ b/common-channel.c Mon Mar 27 08:36:44 2006 +0000 @@ -883,6 +883,7 @@ } #if defined(USING_LISTENERS) || defined(DROPBEAR_CLIENT) +matterror /* Create a new channel, and start the open request. This is intended * for X11, agent, tcp forwarding, and should be filled with channel-specific * options, with the calling function calling encrypt_packet() after diff -r fabcee551349 -r 827f87dfbc22 common-chansession.c --- a/common-chansession.c Sun Mar 26 13:18:30 2006 +0000 +++ b/common-chansession.c Mon Mar 27 08:36:44 2006 +0000 @@ -25,6 +25,7 @@ #include "chansession.h" /* Mapping of signal values to ssh signal strings */ +#if 0 const struct SigMap signames[] = { {SIGABRT, "ABRT"}, {SIGALRM, "ALRM"}, @@ -41,3 +42,4 @@ {SIGUSR2, "USR2"}, {0, NULL} }; +#endif diff -r fabcee551349 -r 827f87dfbc22 debug.h --- a/debug.h Sun Mar 26 13:18:30 2006 +0000 +++ b/debug.h Mon Mar 27 08:36:44 2006 +0000 @@ -39,7 +39,7 @@ * Caution: Don't use this in an unfriendly environment (ie unfirewalled), * since the printing may not sanitise strings etc. This will add a reasonable * amount to your executable size. */ -#define DEBUG_TRACE +//#define DEBUG_TRACE /* All functions writing to the cleartext payload buffer call * CHECKCLEARTOWRITE() before writing. This is only really useful if you're diff -r fabcee551349 -r 827f87dfbc22 libtomcrypt/src/misc/error_to_string.c --- a/libtomcrypt/src/misc/error_to_string.c Sun Mar 26 13:18:30 2006 +0000 +++ b/libtomcrypt/src/misc/error_to_string.c Mon Mar 27 08:36:44 2006 +0000 @@ -16,6 +16,7 @@ Convert error codes to ASCII strings, Tom St Denis */ +#if 0 static const char *err_2_str[] = { "CRYPT_OK", @@ -67,6 +68,12 @@ return err_2_str[err]; } } +#endif +const char *error_to_string(int err) +{ + static *ret = ""; + return ret; +} /* $Source: /cvs/libtom/libtomcrypt/src/misc/error_to_string.c,v $ */ diff -r fabcee551349 -r 827f87dfbc22 options.h --- a/options.h Sun Mar 26 13:18:30 2006 +0000 +++ b/options.h Mon Mar 27 08:36:44 2006 +0000 @@ -39,7 +39,7 @@ * * Both of these flags can be defined at once, don't compile without at least * one of them. */ -#define NON_INETD_MODE +//#define NON_INETD_MODE #define INETD_MODE /* Setting this disables the fast exptmod bignum code. It saves ~5kB, but is @@ -59,14 +59,14 @@ /* 'Local' is "-L" style (client listening port forwarded via server) * 'Remote' is "-R" style (server listening port forwarded via client) */ -#define ENABLE_CLI_LOCALTCPFWD -#define ENABLE_CLI_REMOTETCPFWD +//#define ENABLE_CLI_LOCALTCPFWD +//#define ENABLE_CLI_REMOTETCPFWD -#define ENABLE_SVR_LOCALTCPFWD -#define ENABLE_SVR_REMOTETCPFWD +//#define ENABLE_SVR_LOCALTCPFWD +//#define ENABLE_SVR_REMOTETCPFWD /* Enable Authentication Agent Forwarding - server only for now */ -#define ENABLE_AGENTFWD +//#define ENABLE_AGENTFWD /* Encryption - at least one required. * RFC Draft requires 3DES and recommends AES128 for interoperability. @@ -99,7 +99,7 @@ * for hostkey as well as for verifying signatures with pubkey auth. * Removing either of these won't save very much space. * SSH2 RFC Draft requires dss, recommends rsa */ -#define DROPBEAR_RSA +//#define DROPBEAR_RSA #define DROPBEAR_DSS /* RSA can be vulnerable to timing attacks which use the time required for @@ -136,11 +136,11 @@ #define ENABLE_SVR_PASSWORD_AUTH /* #define ENABLE_SVR_PAM_AUTH */ /* requires ./configure --enable-pam */ -#define ENABLE_SVR_PUBKEY_AUTH +//#define ENABLE_SVR_PUBKEY_AUTH #define ENABLE_CLI_PASSWORD_AUTH -#define ENABLE_CLI_PUBKEY_AUTH -#define ENABLE_CLI_INTERACT_AUTH +//#define ENABLE_CLI_PUBKEY_AUTH +//#define ENABLE_CLI_INTERACT_AUTH /* Define this (as well as ENABLE_CLI_PASSWORD_AUTH) to allow the use of * a helper program for the ssh client. The helper program should be @@ -199,7 +199,7 @@ * OpenSSH), set the path below. If the path isn't defined, sftp will not * be enabled */ #ifndef SFTPSERVER_PATH -#define SFTPSERVER_PATH "/usr/libexec/sftp-server" +//#define SFTPSERVER_PATH "/usr/libexec/sftp-server" #endif /* This is used by the scp binary when used as a client binary. If you're diff -r fabcee551349 -r 827f87dfbc22 svr-chansession.c --- a/svr-chansession.c Sun Mar 26 13:18:30 2006 +0000 +++ b/svr-chansession.c Mon Mar 27 08:36:44 2006 +0000 @@ -131,6 +131,7 @@ TRACE(("leave sigchld handler")) } +#if 0 /* send the exit status or the signal causing termination for a session */ /* XXX server */ static void send_exitsignalstatus(struct Channel *channel) { @@ -201,6 +202,7 @@ encrypt_packet(); } +#endif /* set up a session channel */ static int newchansess(struct Channel *channel) { @@ -248,7 +250,9 @@ chansess = (struct ChanSess*)channel->typedata; +#if 0 send_exitsignalstatus(channel); +#endif TRACE(("enter closechansess")) if (chansess == NULL) { @@ -259,6 +263,7 @@ m_free(chansess->cmd); m_free(chansess->term); +#if 0 if (chansess->tty) { /* write the utmp/wtmp login record */ li = login_alloc_entry(chansess->pid, ses.authstate.username, @@ -269,6 +274,7 @@ pty_release(chansess->tty); m_free(chansess->tty); } +#endif #ifndef DISABLE_X11FWD x11cleanup(chansess); @@ -389,6 +395,7 @@ /* Send a signal to a session's process as requested by the client*/ static int sessionsignal(struct ChanSess *chansess) { +#if 0 int sig = 0; unsigned char* signame = NULL; @@ -420,6 +427,7 @@ if (kill(chansess->pid, sig) < 0) { return DROPBEAR_FAILURE; } +#endif return DROPBEAR_SUCCESS; } @@ -428,6 +436,7 @@ * client. Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ static int sessionwinchange(struct ChanSess *chansess) { +#if 0 int termc, termr, termw, termh; if (chansess->master < 0) { @@ -442,9 +451,11 @@ pty_change_window_size(chansess->master, termr, termc, termw, termh); - return DROPBEAR_FAILURE; +#endif + return DROPBEAR_SUCCESS; } +#if 0 static void get_termmodes(struct ChanSess *chansess) { struct termios termio; @@ -535,6 +546,7 @@ } TRACE(("leave get_termmodes")) } +#endif /* Set up a session pty which will be used to execute the shell or program. * The pty is allocated now, and kept for when the shell/program executes. @@ -635,7 +647,7 @@ ret = noptycommand(channel, chansess); } else { /* want pty */ - ret = ptycommand(channel, chansess); + //ret = ptycommand(channel, chansess); } if (ret == DROPBEAR_FAILURE) { @@ -786,6 +798,7 @@ /* Execute a command or shell within a pty environment, and set up * redirection as appropriate. * Returns DROPBEAR_SUCCESS or DROPBEAR_FAILURE */ +#if 0 static int ptycommand(struct Channel *channel, struct ChanSess *chansess) { pid_t pid; @@ -832,12 +845,14 @@ close(chansess->slave); +#if 0 /* write the utmp/wtmp login record - must be after changing the * terminal used for stdout with the dup2 above */ li= login_alloc_entry(getpid(), ses.authstate.username, ses.remotehost, chansess->tty); login_login(li); login_free_entry(li); +#endif m_free(chansess->tty); @@ -893,6 +908,7 @@ TRACE(("leave ptycommand")) return DROPBEAR_SUCCESS; } +#endif /* Add the pid of a child to the list for exit-handling */ static void addchildpid(struct ChanSess *chansess, pid_t pid) {