From 125c87c14d8a0662d2096688aa38c946a6bc03d2 Mon Sep 17 00:00:00 2001 From: djm Date: Sun, 30 Apr 2017 23:28:41 +0000 Subject: [PATCH] obliterate ssh1.h and some dead code that used it ok markus@ --- usr.bin/ssh/channels.c | 163 +------------------------------------- usr.bin/ssh/channels.h | 10 +-- usr.bin/ssh/clientloop.c | 3 +- usr.bin/ssh/dispatch.c | 3 +- usr.bin/ssh/nchan.c | 3 +- usr.bin/ssh/packet.c | 3 +- usr.bin/ssh/ssh-keyscan.c | 3 +- usr.bin/ssh/ssh.c | 3 +- usr.bin/ssh/ssh1.h | 91 --------------------- 9 files changed, 8 insertions(+), 274 deletions(-) diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c index 6613bde3e52..e2d80186b7a 100644 --- a/usr.bin/ssh/channels.c +++ b/usr.bin/ssh/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.358 2017/04/30 23:13:25 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.359 2017/04/30 23:28:41 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -63,7 +63,6 @@ #include "xmalloc.h" #include "ssh.h" -#include "ssh1.h" #include "ssh2.h" #include "ssherr.h" #include "packet.h" @@ -2594,46 +2593,6 @@ channel_input_ieof(int type, u_int32_t seq, void *ctxt) return 0; } -/* ARGSUSED */ -int -channel_input_close(int type, u_int32_t seq, void *ctxt) -{ - int id; - Channel *c; - - id = packet_get_int(); - packet_check_eom(); - c = channel_lookup(id); - if (c == NULL) - packet_disconnect("Received close for nonexistent channel %d.", id); - if (channel_proxy_upstream(c, type, seq, ctxt)) - return 0; - /* - * Send a confirmation that we have closed the channel and no more - * data is coming for it. - */ - packet_start(SSH_MSG_CHANNEL_CLOSE_CONFIRMATION); - packet_put_int(c->remote_id); - packet_send(); - - /* - * If the channel is in closed state, we have sent a close request, - * and the other side will eventually respond with a confirmation. - * Thus, we cannot free the channel here, because then there would be - * no-one to receive the confirmation. The channel gets freed when - * the confirmation arrives. - */ - if (c->type != SSH_CHANNEL_CLOSED) { - /* - * Not a closed channel - mark it as draining, which will - * cause it to be freed later. - */ - buffer_clear(&c->input); - c->type = SSH_CHANNEL_OUTPUT_DRAINING; - } - return 0; -} - /* proto version 1.5 overloads CLOSE_CONFIRMATION with OCLOSE */ /* ARGSUSED */ int @@ -2790,38 +2749,6 @@ channel_input_window_adjust(int type, u_int32_t seq, void *ctxt) return 0; } -/* ARGSUSED */ -int -channel_input_port_open(int type, u_int32_t seq, void *ctxt) -{ - Channel *c = NULL; - u_short host_port; - char *host, *originator_string; - int remote_id; - - remote_id = packet_get_int(); - host = packet_get_string(NULL); - host_port = packet_get_int(); - - if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) { - originator_string = packet_get_string(NULL); - } else { - originator_string = xstrdup("unknown (remote did not supply name)"); - } - packet_check_eom(); - c = channel_connect_to_port(host, host_port, - "connected socket", originator_string, NULL, NULL); - free(originator_string); - free(host); - if (c == NULL) { - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remote_id); - packet_send(); - } else - c->remote_id = remote_id; - return 0; -} - /* ARGSUSED */ int channel_input_status_confirm(int type, u_int32_t seq, void *ctxt) @@ -4156,81 +4083,6 @@ x11_connect_display(void) return sock; } -/* - * This is called when SSH_SMSG_X11_OPEN is received. The packet contains - * the remote channel number. We should do whatever we want, and respond - * with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. - */ - -/* ARGSUSED */ -int -x11_input_open(int type, u_int32_t seq, void *ctxt) -{ - Channel *c = NULL; - int remote_id, sock = 0; - char *remote_host; - - debug("Received X11 open request."); - - remote_id = packet_get_int(); - - if (packet_get_protocol_flags() & SSH_PROTOFLAG_HOST_IN_FWD_OPEN) { - remote_host = packet_get_string(NULL); - } else { - remote_host = xstrdup("unknown (remote did not supply name)"); - } - packet_check_eom(); - - /* Obtain a connection to the real X display. */ - sock = x11_connect_display(); - if (sock != -1) { - /* Allocate a channel for this connection. */ - c = channel_new("connected x11 socket", - SSH_CHANNEL_X11_OPEN, sock, sock, -1, 0, 0, 0, - remote_host, 1); - c->remote_id = remote_id; - c->force_drain = 1; - } - free(remote_host); - if (c == NULL) { - /* Send refusal to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(remote_id); - } else { - /* Send a confirmation to the remote host. */ - packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION); - packet_put_int(remote_id); - packet_put_int(c->self); - } - packet_send(); - return 0; -} - -/* dummy protocol handler that denies SSH-1 requests (agent/x11) */ -/* ARGSUSED */ -int -deny_input_open(int type, u_int32_t seq, void *ctxt) -{ - int rchan = packet_get_int(); - - switch (type) { - case SSH_SMSG_AGENT_OPEN: - error("Warning: ssh server tried agent forwarding."); - break; - case SSH_SMSG_X11_OPEN: - error("Warning: ssh server tried X11 forwarding."); - break; - default: - error("deny_input_open: type %d", type); - break; - } - error("Warning: this is probably a break-in attempt by a malicious server."); - packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE); - packet_put_int(rchan); - packet_send(); - return 0; -} - /* * Requests forwarding of X11 connections, generates fake authentication * data, and enables authentication spoofing. @@ -4295,16 +4147,3 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp, packet_write_wait(); free(new_data); } - - -/* -- agent forwarding */ - -/* Sends a message to the server to request authentication fd forwarding. */ - -void -auth_request_forwarding(void) -{ - packet_start(SSH_CMSG_AGENT_REQUEST_FORWARDING); - packet_send(); - packet_write_wait(); -} diff --git a/usr.bin/ssh/channels.h b/usr.bin/ssh/channels.h index 35325f304e2..3dca51d7e25 100644 --- a/usr.bin/ssh/channels.h +++ b/usr.bin/ssh/channels.h @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.h,v 1.122 2017/04/30 23:13:25 djm Exp $ */ +/* $OpenBSD: channels.h,v 1.123 2017/04/30 23:28:41 djm Exp $ */ /* * Author: Tatu Ylonen @@ -235,7 +235,6 @@ int channel_proxy_upstream(Channel *, int, u_int32_t, void *); /* protocol handler */ -int channel_input_close(int, u_int32_t, void *); int channel_input_close_confirmation(int, u_int32_t, void *); int channel_input_data(int, u_int32_t, void *); int channel_input_extended_data(int, u_int32_t, void *); @@ -243,7 +242,6 @@ int channel_input_ieof(int, u_int32_t, void *); int channel_input_oclose(int, u_int32_t, void *); int channel_input_open_confirmation(int, u_int32_t, void *); int channel_input_open_failure(int, u_int32_t, void *); -int channel_input_port_open(int, u_int32_t, void *); int channel_input_window_adjust(int, u_int32_t, void *); int channel_input_status_confirm(int, u_int32_t, void *); @@ -292,14 +290,8 @@ int permitopen_port(const char *); void channel_set_x11_refuse_time(u_int); int x11_connect_display(void); int x11_create_display_inet(int, int, int, u_int *, int **); -int x11_input_open(int, u_int32_t, void *); void x11_request_forwarding_with_spoofing(int, const char *, const char *, const char *, int); -int deny_input_open(int, u_int32_t, void *); - -/* agent forwarding */ - -void auth_request_forwarding(void); /* channel close */ diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c index 1e2ed05e022..bb0bd12bd57 100644 --- a/usr.bin/ssh/clientloop.c +++ b/usr.bin/ssh/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.294 2017/04/30 23:21:54 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.295 2017/04/30 23:28:41 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -81,7 +81,6 @@ #include "xmalloc.h" #include "ssh.h" -#include "ssh1.h" #include "ssh2.h" #include "packet.h" #include "buffer.h" diff --git a/usr.bin/ssh/dispatch.c b/usr.bin/ssh/dispatch.c index 8f2b3fe0e7c..d38ed1689e8 100644 --- a/usr.bin/ssh/dispatch.c +++ b/usr.bin/ssh/dispatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dispatch.c,v 1.28 2017/04/30 23:13:25 djm Exp $ */ +/* $OpenBSD: dispatch.c,v 1.29 2017/04/30 23:28:42 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -28,7 +28,6 @@ #include #include -#include "ssh1.h" #include "ssh2.h" #include "log.h" #include "dispatch.h" diff --git a/usr.bin/ssh/nchan.c b/usr.bin/ssh/nchan.c index 7d6c150cd6c..a60afb33d61 100644 --- a/usr.bin/ssh/nchan.c +++ b/usr.bin/ssh/nchan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nchan.c,v 1.64 2017/04/30 23:13:25 djm Exp $ */ +/* $OpenBSD: nchan.c,v 1.65 2017/04/30 23:28:42 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -31,7 +31,6 @@ #include #include -#include "ssh1.h" #include "ssh2.h" #include "buffer.h" #include "packet.h" diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c index 6fe03affdee..9f9ae926d84 100644 --- a/usr.bin/ssh/packet.c +++ b/usr.bin/ssh/packet.c @@ -1,4 +1,4 @@ -/* $OpenBSD: packet.c,v 1.251 2017/04/30 23:26:16 djm Exp $ */ +/* $OpenBSD: packet.c,v 1.252 2017/04/30 23:28:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -63,7 +63,6 @@ #include "xmalloc.h" #include "crc32.h" #include "compat.h" -#include "ssh1.h" #include "ssh2.h" #include "cipher.h" #include "sshkey.h" diff --git a/usr.bin/ssh/ssh-keyscan.c b/usr.bin/ssh/ssh-keyscan.c index 438f66ba877..8dba83cb231 100644 --- a/usr.bin/ssh/ssh-keyscan.c +++ b/usr.bin/ssh/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.112 2017/04/30 23:18:44 djm Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.113 2017/04/30 23:28:42 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -26,7 +26,6 @@ #include "xmalloc.h" #include "ssh.h" -#include "ssh1.h" #include "sshbuf.h" #include "sshkey.h" #include "cipher.h" diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index ee3f8460d3e..06316e61139 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.457 2017/04/30 23:18:44 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.458 2017/04/30 23:28:42 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -71,7 +71,6 @@ #include "xmalloc.h" #include "ssh.h" -#include "ssh1.h" #include "ssh2.h" #include "canohost.h" #include "compat.h" diff --git a/usr.bin/ssh/ssh1.h b/usr.bin/ssh/ssh1.h index 6a05c4724bb..e69de29bb2d 100644 --- a/usr.bin/ssh/ssh1.h +++ b/usr.bin/ssh/ssh1.h @@ -1,91 +0,0 @@ -/* $OpenBSD: ssh1.h,v 1.7 2016/05/04 14:22:33 markus Exp $ */ - -/* - * Author: Tatu Ylonen - * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland - * All rights reserved - * - * As far as I am concerned, the code I have written for this software - * can be used freely for any purpose. Any derived versions of this - * software must be clearly marked as such, and if the derived work is - * incompatible with the protocol description in the RFC file, it must be - * called by a name other than "ssh" or "Secure Shell". - */ - -/* - * Definition of message types. New values can be added, but old values - * should not be removed or without careful consideration of the consequences - * for compatibility. The maximum value is 254; value 255 is reserved for - * future extension. - */ -/* Ranges */ -#define SSH_MSG_MIN 1 -#define SSH_MSG_MAX 254 -/* Message name */ /* msg code */ /* arguments */ -#define SSH_MSG_DISCONNECT 1 /* cause (string) */ -#define SSH_SMSG_PUBLIC_KEY 2 /* ck,msk,srvk,hostk */ -#define SSH_CMSG_SESSION_KEY 3 /* key (BIGNUM) */ -#define SSH_CMSG_USER 4 /* user (string) */ -#define SSH_CMSG_AUTH_RHOSTS 5 /* user (string) */ -#define SSH_CMSG_AUTH_RSA 6 /* modulus (BIGNUM) */ -#define SSH_SMSG_AUTH_RSA_CHALLENGE 7 /* int (BIGNUM) */ -#define SSH_CMSG_AUTH_RSA_RESPONSE 8 /* int (BIGNUM) */ -#define SSH_CMSG_AUTH_PASSWORD 9 /* pass (string) */ -#define SSH_CMSG_REQUEST_PTY 10 /* TERM, tty modes */ -#define SSH_CMSG_WINDOW_SIZE 11 /* row,col,xpix,ypix */ -#define SSH_CMSG_EXEC_SHELL 12 /* */ -#define SSH_CMSG_EXEC_CMD 13 /* cmd (string) */ -#define SSH_SMSG_SUCCESS 14 /* */ -#define SSH_SMSG_FAILURE 15 /* */ -#define SSH_CMSG_STDIN_DATA 16 /* data (string) */ -#define SSH_SMSG_STDOUT_DATA 17 /* data (string) */ -#define SSH_SMSG_STDERR_DATA 18 /* data (string) */ -#define SSH_CMSG_EOF 19 /* */ -#define SSH_SMSG_EXITSTATUS 20 /* status (int) */ -#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION 21 /* channel (int) */ -#define SSH_MSG_CHANNEL_OPEN_FAILURE 22 /* channel (int) */ -#define SSH_MSG_CHANNEL_DATA 23 /* ch,data (int,str) */ -#define SSH_MSG_CHANNEL_CLOSE 24 /* channel (int) */ -#define SSH_MSG_CHANNEL_CLOSE_CONFIRMATION 25 /* channel (int) */ -/* SSH_CMSG_X11_REQUEST_FORWARDING 26 OBSOLETE */ -#define SSH_SMSG_X11_OPEN 27 /* channel (int) */ -#define SSH_CMSG_PORT_FORWARD_REQUEST 28 /* p,host,hp (i,s,i) */ -#define SSH_MSG_PORT_OPEN 29 /* ch,h,p (i,s,i) */ -#define SSH_CMSG_AGENT_REQUEST_FORWARDING 30 /* */ -#define SSH_SMSG_AGENT_OPEN 31 /* port (int) */ -#define SSH_MSG_IGNORE 32 /* string */ -#define SSH_CMSG_EXIT_CONFIRMATION 33 /* */ -#define SSH_CMSG_X11_REQUEST_FORWARDING 34 /* proto,data (s,s) */ -#define SSH_CMSG_AUTH_RHOSTS_RSA 35 /* user,mod (s,mpi) */ -#define SSH_MSG_DEBUG 36 /* string */ -#define SSH_CMSG_REQUEST_COMPRESSION 37 /* level 1-9 (int) */ -#define SSH_CMSG_MAX_PACKET_SIZE 38 /* size 4k-1024k (int) */ -#define SSH_CMSG_AUTH_TIS 39 /* we use this for s/key */ -#define SSH_SMSG_AUTH_TIS_CHALLENGE 40 /* challenge (string) */ -#define SSH_CMSG_AUTH_TIS_RESPONSE 41 /* response (string) */ -#define SSH_CMSG_AUTH_KERBEROS 42 /* (KTEXT) */ -#define SSH_SMSG_AUTH_KERBEROS_RESPONSE 43 /* (KTEXT) */ -#define SSH_CMSG_HAVE_KERBEROS_TGT 44 /* credentials (s) */ -#define SSH_CMSG_HAVE_AFS_TOKEN 65 /* token (s) */ - -/* protocol version 1.5 overloads some version 1.3 message types */ -#define SSH_MSG_CHANNEL_INPUT_EOF SSH_MSG_CHANNEL_CLOSE -#define SSH_MSG_CHANNEL_OUTPUT_CLOSE SSH_MSG_CHANNEL_CLOSE_CONFIRMATION - -/* - * Authentication methods. New types can be added, but old types should not - * be removed for compatibility. The maximum allowed value is 31. - */ -#define SSH_AUTH_RHOSTS 1 -#define SSH_AUTH_RSA 2 -#define SSH_AUTH_PASSWORD 3 -#define SSH_AUTH_RHOSTS_RSA 4 -#define SSH_AUTH_TIS 5 -#define SSH_AUTH_KERBEROS 6 -#define SSH_PASS_KERBEROS_TGT 7 - /* 8 to 15 are reserved */ -#define SSH_PASS_AFS_TOKEN 21 - -/* Protocol flags. These are bit masks. */ -#define SSH_PROTOFLAG_SCREEN_NUMBER 1 /* X11 forwarding includes screen */ -#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN 2 /* forwarding opens contain host */ -- 2.20.1