Merged latest OpenBSD changes:
nchan.ms -\
channels.[ch] - remove broken x11 fix and document istate/ostate
ssh-agent.c - call setsid() regardless of argv[]
ssh.c - save a few lines when disabling rhosts-{rsa-}auth
diff --git a/ChangeLog b/ChangeLog
index 0ab1152..bc0115e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
19991030
- Integrated debian package support from Dan Brosemer <odin@linuxfreak.com>
+ - Merged latest updates for OpenBSD CVS:
+ - channels.[ch] - remove broken x11 fix and document istate/ostate
+ - ssh-agent.c - call setsid() regardless of argv[]
+ - ssh.c - save a few lines when disabling rhosts-{rsa-}auth
+ - Documentation cleanups
+ - Renamed README -> README.Ylonen
+ - Renamed README.openssh ->README
19991029
- Renamed openssh* back to ssh* at request of Theo de Raadt
diff --git a/README b/README
index 94de3da..7c351d1 100644
--- a/README
+++ b/README
@@ -6,7 +6,8 @@
This Linux port basically consists of a few fixes to deal with the way
that OpenSSL is usually installed on Linux systems, a few replacements
-for OpenBSD library functions and the introduction of PAM support.
+for OpenBSD library functions and the introduction of PAM support. This
+version tracks changes made to the OpenBSD CVS version.
The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
@@ -40,7 +41,7 @@
Miscellania -
This version of SSH is based upon code retrieved from the OpenBSD CVS
-repository on 1999-10-29 patched by Damien Miller <djm@ibs.com.au>,
+repository on 1999-10-30 patched by Damien Miller <djm@ibs.com.au>,
which in turn was based on the last free version of SSH released by
Tatu Ylonen.
diff --git a/channels.c b/channels.c
index 29a842f..79a02c8 100644
--- a/channels.c
+++ b/channels.c
@@ -16,7 +16,7 @@
*/
#include "includes.h"
-RCSID("$Id: channels.c,v 1.2 1999/10/28 05:23:30 damien Exp $");
+RCSID("$Id: channels.c,v 1.3 1999/10/30 01:39:56 damien Exp $");
#include "ssh.h"
#include "packet.h"
@@ -155,7 +155,6 @@
chan_init_iostates(c);
c->self = found;
c->type = type;
- c->x11 = 0;
c->sock = sock;
c->remote_id = -1;
c->remote_name = remote_name;
@@ -316,8 +315,6 @@
/* Start normal processing for the channel. */
ch->type = SSH_CHANNEL_OPEN;
- /* Enable X11 Problem FIX */
- ch->x11 = 1;
goto redo;
reject:
diff --git a/channels.h b/channels.h
index 9794ef5..608c774 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
-/* RCSID("$Id: channels.h,v 1.1 1999/10/27 03:42:44 damien Exp $"); */
+/* RCSID("$Id: channels.h,v 1.2 1999/10/30 01:39:56 damien Exp $"); */
#ifndef CHANNELS_H
#define CHANNELS_H
@@ -26,9 +26,8 @@
int self; /* my own channel identifier */
int remote_id; /* channel identifier for remote peer */
/* peer can be reached over encrypted connection, via packet-sent */
- int istate;
- int ostate;
- int x11;
+ int istate; /* input from channel (state of receive half) */
+ int ostate; /* output to channel (state of transmit half) */
int sock; /* data socket, linked to this channel */
Buffer input; /* data read from socket, to be sent over encrypted connection */
Buffer output; /* data received over encrypted connection for send on socket */
diff --git a/nchan.ms b/nchan.ms
index b01512f..18e7e9a 100644
--- a/nchan.ms
+++ b/nchan.ms
@@ -50,9 +50,9 @@
The input buffer is filled with data from the socket
(the socket represents the local comsumer/producer of the
forwarded channel).
-The data is then sent over the INPUT-end of the channel to the
+The data is then sent over the INPUT-end (transmit-end) of the channel to the
remote peer.
-Data sent by the peer is received on the OUTPUT-end,
+Data sent by the peer is received on the OUTPUT-end (receive-end),
saved in the output buffer and written to the socket.
.PP
If the local protocol instance has forwarded all data on the
diff --git a/ssh-agent.c b/ssh-agent.c
index a9d2a14..4f7f57f 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.15 1999/10/28 08:43:10 markus Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.16 1999/10/28 20:41:23 markus Exp $ */
/*
@@ -15,9 +15,8 @@
*/
-#include "config.h"
#include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.15 1999/10/28 08:43:10 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.16 1999/10/28 20:41:23 markus Exp $");
#include "ssh.h"
#include "rsa.h"
@@ -656,11 +655,17 @@
close(1);
close(2);
- if (ac == 0 && setsid() == -1)
- cleanup_exit(1);
+ if (setsid() == -1)
+ {
+ perror("setsid");
+ cleanup_exit(1);
+ }
if (atexit(cleanup_socket) < 0)
- cleanup_exit(1);
+ {
+ perror("atexit");
+ cleanup_exit(1);
+ }
new_socket(AUTH_SOCKET, sock);
if (ac > 0)
diff --git a/ssh.c b/ssh.c
index ed4ceaf..7630048 100644
--- a/ssh.c
+++ b/ssh.c
@@ -18,7 +18,7 @@
*/
#include "includes.h"
-RCSID("$Id: ssh.c,v 1.3 1999/10/28 05:23:30 damien Exp $");
+RCSID("$Id: ssh.c,v 1.4 1999/10/30 01:39:56 damien Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -213,7 +213,6 @@
else
cp = av0;
if (strcmp(cp, "rsh") != 0 && strcmp(cp, "ssh") != 0 &&
- strcmp(cp, "openssh") != 0 && strcmp(cp, "openlogin") != 0 &&
strcmp(cp, "rlogin") != 0 && strcmp(cp, "slogin") != 0)
host = cp;
@@ -500,7 +499,7 @@
}
/* Disable rhosts authentication if not running as root. */
- if (original_effective_uid != 0)
+ if (original_effective_uid != 0 || !options.use_privileged_port)
{
options.rhosts_authentication = 0;
options.rhosts_rsa_authentication = 0;
@@ -526,13 +525,7 @@
restore_uid();
/* Open a connection to the remote host. This needs root privileges if
- rhosts_{rsa_}authentication is true. */
-
- if (!options.use_privileged_port)
- {
- options.rhosts_authentication = 0;
- options.rhosts_rsa_authentication = 0;
- }
+ rhosts_{rsa_}authentication is enabled. */
ok = ssh_connect(host, &hostaddr, options.port, options.connection_attempts,
!options.rhosts_authentication &&