changeset 68:eee77ac31ccc

cleaning up the pubkey defines
author Matt Johnston <matt@ucc.asn.au>
date Thu, 12 Aug 2004 14:56:22 +0000
parents 86725004a0ea
children 59d16db56e9f
files Makefile.in authpasswd.h authpubkey.h cli-auth.c cli-authpasswd.c cli-authpubkey.c cli-runopts.c cli-session.c dbutil.c options.h runopts.h svr-auth.c svr-authpasswd.c svr-authpubkey.c svr-runopts.c svr-session.c
diffstat 16 files changed, 38 insertions(+), 105 deletions(-) [+]
line wrap: on
line diff
--- a/Makefile.in	Thu Aug 12 14:39:17 2004 +0000
+++ b/Makefile.in	Thu Aug 12 14:56:22 2004 +0000
@@ -43,9 +43,9 @@
 SCPOBJS=scp.o progressmeter.o atomicio.o scpmisc.o
 
 HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \
-		dss.h bignum.h signkey.h rsa.h random.h service.h auth.h authpasswd.h \
+		dss.h bignum.h signkey.h rsa.h random.h service.h auth.h \
 		debug.h channel.h chansession.h config.h queue.h sshpty.h \
-		termcodes.h gendss.h genrsa.h authpubkey.h runopts.h includes.h \
+		termcodes.h gendss.h genrsa.h runopts.h includes.h \
 		loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
 		listener.h fake-rfc2553.h
 
--- a/authpasswd.h	Thu Aug 12 14:39:17 2004 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,33 +0,0 @@
-/*
- * Dropbear - a SSH2 server
- * 
- * Copyright (c) 2002,2003 Matt Johnston
- * All rights reserved.
- * 
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- * 
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE. */
-
-#ifndef _AUTH_PASSWD_
-#define _AUTH_PASSWD_
-
-#ifdef DROPBEAR_PASSWORD_AUTH
-
-void passwordauth();
-
-#endif /* DROPBEAR_PASSWORD_AUTH */
-#endif /* _AUTH_PASSWD_ */
--- a/authpubkey.h	Thu Aug 12 14:39:17 2004 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,33 +0,0 @@
-/*
- * Dropbear - a SSH2 server
- * 
- * Copyright (c) 2002,2003 Matt Johnston
- * All rights reserved.
- * 
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- * 
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE. */
-
-#ifndef _PUBKEY_AUTH_
-#define _PUBKEY_AUTH_
-
-#ifdef DROPBEAR_PUBKEY_AUTH
-
-void pubkeyauth();
-
-#endif /* DROPBEAR_PUBKEY_AUTH */
-#endif /* _PUBKEY_AUTH_ */
--- a/cli-auth.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/cli-auth.c	Thu Aug 12 14:56:22 2004 +0000
@@ -92,7 +92,7 @@
 		return;
 	}
 
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	/* If it was a pubkey auth request, we should cross that key 
 	 * off the list. */
 	if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) {
@@ -126,13 +126,13 @@
 	for (i = 0; i <= methlen; i++) {
 		if (methods[i] == '\0') {
 			TRACE(("auth method '%s'", tok));
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 			if (strncmp(AUTH_METHOD_PUBKEY, tok,
 				AUTH_METHOD_PUBKEY_LEN) == 0) {
 				ses.authstate.authtypes |= AUTH_TYPE_PUBKEY;
 			}
 #endif
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_CLI_PASSWORD_AUTH
 			if (strncmp(AUTH_METHOD_PASSWORD, tok,
 				AUTH_METHOD_PASSWORD_LEN) == 0) {
 				ses.authstate.authtypes |= AUTH_TYPE_PASSWORD;
@@ -163,14 +163,14 @@
 	CHECKCLEARTOWRITE();
 	
 	/* XXX We hardcode that we try a pubkey first */
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	if (ses.authstate.authtypes & AUTH_TYPE_PUBKEY) {
 		finished = cli_auth_pubkey();
 		cli_ses.lastauthtype = AUTH_TYPE_PUBKEY;
 	}
 #endif
 
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_CLI_PASSWORD_AUTH
 	if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
 		finished = cli_auth_password();
 		cli_ses.lastauthtype = AUTH_TYPE_PASSWORD;
--- a/cli-authpasswd.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/cli-authpasswd.c	Thu Aug 12 14:56:22 2004 +0000
@@ -5,6 +5,7 @@
 #include "ssh.h"
 #include "runopts.h"
 
+#ifdef ENABLE_CLI_PASSWORD_AUTH
 int cli_auth_password() {
 
 	char* password = NULL;
@@ -35,3 +36,4 @@
 	return 1; /* Password auth can always be tried */
 
 }
+#endif
--- a/cli-authpubkey.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/cli-authpubkey.c	Thu Aug 12 14:56:22 2004 +0000
@@ -6,6 +6,7 @@
 #include "runopts.h"
 #include "auth.h"
 
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign);
 
 /* Called when we receive a SSH_MSG_USERAUTH_FAILURE for a pubkey request.
@@ -158,3 +159,4 @@
 		return 0;
 	}
 }
+#endif /* Pubkey auth */
--- a/cli-runopts.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/cli-runopts.c	Thu Aug 12 14:56:22 2004 +0000
@@ -34,7 +34,7 @@
 
 static void printhelp();
 static void parsehostname(char* userhostarg);
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 static void loadidentityfile(const char* filename);
 #endif
 #ifdef ENABLE_CLI_ANYTCPFWD
@@ -49,7 +49,7 @@
 					"-p <remoteport>\n"
 					"-t    Allocate a pty\n"
 					"-T    Don't allocate a pty\n"
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 					"-i <identityfile>   (multiple allowed)\n"
 #endif
 #ifdef ENABLE_CLI_LOCALTCPFWD
@@ -67,7 +67,7 @@
 	unsigned int i, j;
 	char ** next = 0;
 	unsigned int cmdlen;
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	int nextiskey = 0; /* A flag if the next argument is a keyfile */
 #endif
 #ifdef ENABLE_CLI_LOCALTCPFWD
@@ -85,7 +85,7 @@
 	cli_opts.username = NULL;
 	cli_opts.cmd = NULL;
 	cli_opts.wantpty = 9; /* 9 means "it hasn't been touched", gets set later */
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	cli_opts.pubkeys = NULL;
 #endif
 #ifdef ENABLE_CLI_LOCALTCPFWD
@@ -103,7 +103,7 @@
 
 	/* Iterate all the arguments */
 	for (i = 1; i < (unsigned int)argc; i++) {
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 		if (nextiskey) {
 			/* Load a hostkey since the previous argument was "-i" */
 			loadidentityfile(argv[i]);
@@ -150,7 +150,7 @@
 				case 'p': /* remoteport */
 					next = &cli_opts.remoteport;
 					break;
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 				case 'i': /* an identityfile */
 					nextiskey = 1;
 					break;
@@ -255,7 +255,7 @@
 	}
 }
 
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 static void loadidentityfile(const char* filename) {
 
 	struct PubkeyList * nextkey;
--- a/cli-session.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/cli-session.c	Thu Aug 12 14:56:22 2004 +0000
@@ -37,7 +37,7 @@
 	{SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation},
 	{SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
 	{SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	{SSH_MSG_USERAUTH_PK_OK, recv_msg_userauth_pk_ok}, /* client */
 #endif
 	{0, 0} /* End */
--- a/dbutil.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/dbutil.c	Thu Aug 12 14:56:22 2004 +0000
@@ -442,7 +442,7 @@
  * authkeys file.
  * Will return DROPBEAR_SUCCESS if data is read, or DROPBEAR_FAILURE on EOF.*/
 /* Only used for ~/.ssh/known_hosts and ~/.ssh/authorized_keys */
-#if defined(DROPBEAR_CLIENT) || defined(DROPBEAR_PUBKEY_AUTH)
+#if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH)
 int buf_getline(buffer * line, FILE * authfile) {
 
 	int c = EOF;
--- a/options.h	Thu Aug 12 14:39:17 2004 +0000
+++ b/options.h	Thu Aug 12 14:56:22 2004 +0000
@@ -114,11 +114,11 @@
 
 /* Authentication types to enable, at least one required.
    RFC Draft requires pubkey auth, and recommends password */
-#define DROPBEAR_SVR_PASSWORD_AUTH
-#define DROPBEAR_SVR_PUBKEY_AUTH
+#define ENABLE_SVR_PASSWORD_AUTH
+#define ENABLE_SVR_PUBKEY_AUTH
 
-#define DROPBEAR_CLI_PASSWORD_AUTH
-#define DROPBEAR_CLI_PUBKEY_AUTH
+#define ENABLE_CLI_PASSWORD_AUTH
+#define ENABLE_CLI_PUBKEY_AUTH
 
 /* Random device to use - you must specify _one only_.
  * DEV_RANDOM is recommended on hosts with a good /dev/urandom, otherwise use
@@ -241,7 +241,7 @@
 #define DROPBEAR_COMP_ZLIB 1
 
 /* Required for pubkey auth */
-#if defined(DROPBEAR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)
+#if defined(ENABLE_SVR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)
 #define DROPBEAR_SIGNKEY_VERIFY
 #endif
 
@@ -320,7 +320,7 @@
 #define USING_LISTENERS
 #endif
 
-#if defined(DROPBEAR_CLIENT) || defined(DROPBEAR_PUBKEY_AUTH)
+#if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH)
 #define DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */
 #endif
 
--- a/runopts.h	Thu Aug 12 14:39:17 2004 +0000
+++ b/runopts.h	Thu Aug 12 14:56:22 2004 +0000
@@ -91,7 +91,7 @@
 
 	char *cmd;
 	int wantpty;
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	struct PubkeyList *pubkeys; /* Keys to use for public-key auth */
 #endif
 #ifdef ENABLE_CLI_REMOTETCPFWD
--- a/svr-auth.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/svr-auth.c	Thu Aug 12 14:56:22 2004 +0000
@@ -32,8 +32,6 @@
 #include "ssh.h"
 #include "packet.h"
 #include "auth.h"
-#include "authpasswd.h"
-#include "authpubkey.h"
 #include "runopts.h"
 
 static void authclear();
@@ -54,10 +52,10 @@
 static void authclear() {
 	
 	memset(&ses.authstate, 0, sizeof(ses.authstate));
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_SVR_PUBKEY_AUTH
 	ses.authstate.authtypes |= AUTH_TYPE_PUBKEY;
 #endif
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 	if (!svr_opts.noauthpass) {
 		ses.authstate.authtypes |= AUTH_TYPE_PASSWORD;
 	}
@@ -143,7 +141,7 @@
 		goto out;
 	}
 
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 	if (!svr_opts.noauthpass &&
 			!(svr_opts.norootpass && ses.authstate.pw->pw_uid == 0) ) {
 		/* user wants to try password auth */
@@ -156,7 +154,7 @@
 	}
 #endif
 
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_SVR_PUBKEY_AUTH
 	/* user wants to try pubkey auth */
 	if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
 			strncmp(methodname, AUTH_METHOD_PUBKEY,
--- a/svr-authpasswd.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/svr-authpasswd.c	Thu Aug 12 14:56:22 2004 +0000
@@ -29,9 +29,8 @@
 #include "buffer.h"
 #include "dbutil.h"
 #include "auth.h"
-#include "authpasswd.h"
 
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 
 /* Process a password auth request, sending success or failure messages as
  * appropriate */
@@ -105,4 +104,4 @@
 
 }
 
-#endif /* DROPBEAR_PASSWORD_AUTH */
+#endif
--- a/svr-authpubkey.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/svr-authpubkey.c	Thu Aug 12 14:56:22 2004 +0000
@@ -30,12 +30,11 @@
 #include "buffer.h"
 #include "signkey.h"
 #include "auth.h"
-#include "authpubkey.h"
 #include "ssh.h"
 #include "packet.h"
 #include "algo.h"
 
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_SVR_PUBKEY_AUTH
 
 #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */
 #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */
@@ -336,4 +335,4 @@
 }
 
 
-#endif /* DROPBEAR_PUBKEY_AUTH */
+#endif 
--- a/svr-runopts.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/svr-runopts.c	Thu Aug 12 14:56:22 2004 +0000
@@ -61,7 +61,7 @@
 					"-m		Don't display the motd on login\n"
 #endif
 					"-w		Disallow root logins\n"
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 					"-s		Disable password logins\n"
 					"-g		Disable password logins for root\n"
 #endif
@@ -174,7 +174,7 @@
 				case 'w':
 					svr_opts.norootlogin = 1;
 					break;
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 				case 's':
 					svr_opts.noauthpass = 1;
 					break;
--- a/svr-session.c	Thu Aug 12 14:39:17 2004 +0000
+++ b/svr-session.c	Thu Aug 12 14:56:22 2004 +0000
@@ -35,8 +35,7 @@
 #include "channel.h"
 #include "chansession.h"
 #include "atomicio.h"
-#include "tcp-accept.h"
-#include "tcp-connect.h"
+#include "tcpfwd.h"
 #include "service.h"
 #include "auth.h"
 #include "runopts.h"