cleaning up the pubkey defines

--HG-- extra : convert_revision : 149ce7a9a9cc5fe670994d6789b40be49895c595
2025-04-02 12:06:15 +00:00 · 2004-08-12 14:56:22 +00:00 · 2004-08-12 14:56:22 +00:00 · d7575f95f0
commit d7575f95f0
parent 96a0f77bb4
16 changed files with 38 additions and 105 deletions
--- a/Makefile.in
+++ b/Makefile.in
@ -43,9 +43,9 @@ CONVERTOBJS=dropbearconvert.o keyimport.o
 SCPOBJS=scp.o progressmeter.o atomicio.o scpmisc.o

 HEADERS=options.h dbutil.h session.h packet.h algo.h ssh.h buffer.h kex.h \
-		dss.h bignum.h signkey.h rsa.h random.h service.h auth.h authpasswd.h \
+		dss.h bignum.h signkey.h rsa.h random.h service.h auth.h \
 		debug.h channel.h chansession.h config.h queue.h sshpty.h \
-		termcodes.h gendss.h genrsa.h authpubkey.h runopts.h includes.h \
+		termcodes.h gendss.h genrsa.h runopts.h includes.h \
 		loginrec.h atomicio.h x11fwd.h agentfwd.h tcpfwd.h compat.h \
 		listener.h fake-rfc2553.h

--- a/authpasswd.h
+++ b/authpasswd.h
@ -1,33 +0,0 @@
-/*
- * Dropbear - a SSH2 server
- * 
- * Copyright (c) 2002,2003 Matt Johnston
- * All rights reserved.
- * 
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- * 
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE. */
-
-#ifndef _AUTH_PASSWD_
-#define _AUTH_PASSWD_
-
-#ifdef DROPBEAR_PASSWORD_AUTH
-
-void passwordauth();
-
-#endif /* DROPBEAR_PASSWORD_AUTH */
-#endif /* _AUTH_PASSWD_ */
--- a/authpubkey.h
+++ b/authpubkey.h
@ -1,33 +0,0 @@
-/*
- * Dropbear - a SSH2 server
- * 
- * Copyright (c) 2002,2003 Matt Johnston
- * All rights reserved.
- * 
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- * 
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE. */
-
-#ifndef _PUBKEY_AUTH_
-#define _PUBKEY_AUTH_
-
-#ifdef DROPBEAR_PUBKEY_AUTH
-
-void pubkeyauth();
-
-#endif /* DROPBEAR_PUBKEY_AUTH */
-#endif /* _PUBKEY_AUTH_ */
--- a/cli-auth.c
+++ b/cli-auth.c
@ -92,7 +92,7 @@ void recv_msg_userauth_failure() {
 		return;
 	}

-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	/* If it was a pubkey auth request, we should cross that key 
 	 * off the list. */
 	if (cli_ses.lastauthtype == AUTH_TYPE_PUBKEY) {
@ -126,13 +126,13 @@ void recv_msg_userauth_failure() {
 	for (i = 0; i <= methlen; i++) {
 		if (methods[i] == '\0') {
 			TRACE(("auth method '%s'", tok));
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 			if (strncmp(AUTH_METHOD_PUBKEY, tok,
 				AUTH_METHOD_PUBKEY_LEN) == 0) {
 				ses.authstate.authtypes |= AUTH_TYPE_PUBKEY;
 			}
 #endif
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_CLI_PASSWORD_AUTH
 			if (strncmp(AUTH_METHOD_PASSWORD, tok,
 				AUTH_METHOD_PASSWORD_LEN) == 0) {
 				ses.authstate.authtypes |= AUTH_TYPE_PASSWORD;
@ -163,14 +163,14 @@ void cli_auth_try() {
 	CHECKCLEARTOWRITE();
 	
 	/* XXX We hardcode that we try a pubkey first */
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	if (ses.authstate.authtypes & AUTH_TYPE_PUBKEY) {
 		finished = cli_auth_pubkey();
 		cli_ses.lastauthtype = AUTH_TYPE_PUBKEY;
 	}
 #endif

-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_CLI_PASSWORD_AUTH
 	if (!finished && ses.authstate.authtypes & AUTH_TYPE_PASSWORD) {
 		finished = cli_auth_password();
 		cli_ses.lastauthtype = AUTH_TYPE_PASSWORD;
--- a/cli-authpasswd.c
+++ b/cli-authpasswd.c
@ -5,6 +5,7 @@
 #include "ssh.h"
 #include "runopts.h"

+#ifdef ENABLE_CLI_PASSWORD_AUTH
 int cli_auth_password() {

 	char* password = NULL;
@ -35,3 +36,4 @@ int cli_auth_password() {
 	return 1; /* Password auth can always be tried */

 }
+#endif
--- a/cli-authpubkey.c
+++ b/cli-authpubkey.c
@ -6,6 +6,7 @@
 #include "runopts.h"
 #include "auth.h"

+#ifdef ENABLE_CLI_PUBKEY_AUTH
 static void send_msg_userauth_pubkey(sign_key *key, int type, int realsign);

 /* Called when we receive a SSH_MSG_USERAUTH_FAILURE for a pubkey request.
@ -158,3 +159,4 @@ int cli_auth_pubkey() {
 		return 0;
 	}
 }
+#endif /* Pubkey auth */
--- a/cli-runopts.c
+++ b/cli-runopts.c
@ -34,7 +34,7 @@ cli_runopts cli_opts; /* GLOBAL */

 static void printhelp();
 static void parsehostname(char* userhostarg);
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 static void loadidentityfile(const char* filename);
 #endif
 #ifdef ENABLE_CLI_ANYTCPFWD
@ -49,7 +49,7 @@ static void printhelp() {
 					"-p <remoteport>\n"
 					"-t    Allocate a pty\n"
 					"-T    Don't allocate a pty\n"
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 					"-i <identityfile>   (multiple allowed)\n"
 #endif
 #ifdef ENABLE_CLI_LOCALTCPFWD
@ -67,7 +67,7 @@ void cli_getopts(int argc, char ** argv) {
 	unsigned int i, j;
 	char ** next = 0;
 	unsigned int cmdlen;
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	int nextiskey = 0; /* A flag if the next argument is a keyfile */
 #endif
 #ifdef ENABLE_CLI_LOCALTCPFWD
@ -85,7 +85,7 @@ void cli_getopts(int argc, char ** argv) {
 	cli_opts.username = NULL;
 	cli_opts.cmd = NULL;
 	cli_opts.wantpty = 9; /* 9 means "it hasn't been touched", gets set later */
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	cli_opts.pubkeys = NULL;
 #endif
 #ifdef ENABLE_CLI_LOCALTCPFWD
@ -103,7 +103,7 @@ void cli_getopts(int argc, char ** argv) {

 	/* Iterate all the arguments */
 	for (i = 1; i < (unsigned int)argc; i++) {
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 		if (nextiskey) {
 			/* Load a hostkey since the previous argument was "-i" */
 			loadidentityfile(argv[i]);
@ -150,7 +150,7 @@ void cli_getopts(int argc, char ** argv) {
 				case 'p': /* remoteport */
 					next = &cli_opts.remoteport;
 					break;
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 				case 'i': /* an identityfile */
 					nextiskey = 1;
 					break;
@ -255,7 +255,7 @@ void cli_getopts(int argc, char ** argv) {
 	}
 }

-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 static void loadidentityfile(const char* filename) {

 	struct PubkeyList * nextkey;
--- a/cli-session.c
+++ b/cli-session.c
@ -37,7 +37,7 @@ static const packettype cli_packettypes[] = {
 	{SSH_MSG_CHANNEL_OPEN_CONFIRMATION, recv_msg_channel_open_confirmation},
 	{SSH_MSG_CHANNEL_OPEN_FAILURE, recv_msg_channel_open_failure},
 	{SSH_MSG_USERAUTH_BANNER, recv_msg_userauth_banner}, /* client */
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	{SSH_MSG_USERAUTH_PK_OK, recv_msg_userauth_pk_ok}, /* client */
 #endif
 	{0, 0} /* End */
--- a/dbutil.c
+++ b/dbutil.c
@ -442,7 +442,7 @@ int buf_readfile(buffer* buf, const char* filename) {
 * authkeys file.
 * Will return DROPBEAR_SUCCESS if data is read, or DROPBEAR_FAILURE on EOF.*/
 /* Only used for ~/.ssh/known_hosts and ~/.ssh/authorized_keys */
-#if defined(DROPBEAR_CLIENT) || defined(DROPBEAR_PUBKEY_AUTH)
+#if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH)
 int buf_getline(buffer * line, FILE * authfile) {

 	int c = EOF;
--- a/options.h
+++ b/options.h
@ -114,11 +114,11 @@

 /* Authentication types to enable, at least one required.
   RFC Draft requires pubkey auth, and recommends password */
-#define DROPBEAR_SVR_PASSWORD_AUTH
-#define DROPBEAR_SVR_PUBKEY_AUTH
+#define ENABLE_SVR_PASSWORD_AUTH
+#define ENABLE_SVR_PUBKEY_AUTH

-#define DROPBEAR_CLI_PASSWORD_AUTH
-#define DROPBEAR_CLI_PUBKEY_AUTH
+#define ENABLE_CLI_PASSWORD_AUTH
+#define ENABLE_CLI_PUBKEY_AUTH

 /* Random device to use - you must specify _one only_.
 * DEV_RANDOM is recommended on hosts with a good /dev/urandom, otherwise use
@ -241,7 +241,7 @@
 #define DROPBEAR_COMP_ZLIB 1

 /* Required for pubkey auth */
-#if defined(DROPBEAR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)
+#if defined(ENABLE_SVR_PUBKEY_AUTH) || defined(DROPBEAR_CLIENT)
 #define DROPBEAR_SIGNKEY_VERIFY
 #endif

@ -320,7 +320,7 @@
 #define USING_LISTENERS
 #endif

-#if defined(DROPBEAR_CLIENT) || defined(DROPBEAR_PUBKEY_AUTH)
+#if defined(DROPBEAR_CLIENT) || defined(ENABLE_SVR_PUBKEY_AUTH)
 #define DROPBEAR_KEY_LINES /* ie we're using authorized_keys or known_hosts */
 #endif

--- a/runopts.h
+++ b/runopts.h
@ -91,7 +91,7 @@ typedef struct cli_runopts {

 	char *cmd;
 	int wantpty;
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_CLI_PUBKEY_AUTH
 	struct PubkeyList *pubkeys; /* Keys to use for public-key auth */
 #endif
 #ifdef ENABLE_CLI_REMOTETCPFWD
--- a/svr-auth.c
+++ b/svr-auth.c
@ -32,8 +32,6 @@
 #include "ssh.h"
 #include "packet.h"
 #include "auth.h"
-#include "authpasswd.h"
-#include "authpubkey.h"
 #include "runopts.h"

 static void authclear();
@ -54,10 +52,10 @@ void svr_authinitialise() {
 static void authclear() {
 	
 	memset(&ses.authstate, 0, sizeof(ses.authstate));
-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_SVR_PUBKEY_AUTH
 	ses.authstate.authtypes |= AUTH_TYPE_PUBKEY;
 #endif
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 	if (!svr_opts.noauthpass) {
 		ses.authstate.authtypes |= AUTH_TYPE_PASSWORD;
 	}
@ -143,7 +141,7 @@ void recv_msg_userauth_request() {
 		goto out;
 	}

-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 	if (!svr_opts.noauthpass &&
 			!(svr_opts.norootpass && ses.authstate.pw->pw_uid == 0) ) {
 		/* user wants to try password auth */
@ -156,7 +154,7 @@ void recv_msg_userauth_request() {
 	}
 #endif

-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_SVR_PUBKEY_AUTH
 	/* user wants to try pubkey auth */
 	if (methodlen == AUTH_METHOD_PUBKEY_LEN &&
 			strncmp(methodname, AUTH_METHOD_PUBKEY,
--- a/svr-authpasswd.c
+++ b/svr-authpasswd.c
@ -29,9 +29,8 @@
 #include "buffer.h"
 #include "dbutil.h"
 #include "auth.h"
-#include "authpasswd.h"

-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH

 /* Process a password auth request, sending success or failure messages as
 * appropriate */
@ -105,4 +104,4 @@ void svr_auth_password() {

 }

-#endif /* DROPBEAR_PASSWORD_AUTH */
+#endif
--- a/svr-authpubkey.c
+++ b/svr-authpubkey.c
@ -30,12 +30,11 @@
 #include "buffer.h"
 #include "signkey.h"
 #include "auth.h"
-#include "authpubkey.h"
 #include "ssh.h"
 #include "packet.h"
 #include "algo.h"

-#ifdef DROPBEAR_PUBKEY_AUTH
+#ifdef ENABLE_SVR_PUBKEY_AUTH

 #define MIN_AUTHKEYS_LINE 10 /* "ssh-rsa AB" - short but doesn't matter */
 #define MAX_AUTHKEYS_LINE 4200 /* max length of a line in authkeys */
@ -336,4 +335,4 @@ static int checkfileperm(char * filename) {
 }


-#endif /* DROPBEAR_PUBKEY_AUTH */
+#endif 
--- a/svr-runopts.c
+++ b/svr-runopts.c
@ -61,7 +61,7 @@ static void printhelp(const char * progname) {
 					"-m		Don't display the motd on login\n"
 #endif
 					"-w		Disallow root logins\n"
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 					"-s		Disable password logins\n"
 					"-g		Disable password logins for root\n"
 #endif
@ -174,7 +174,7 @@ void svr_getopts(int argc, char ** argv) {
 				case 'w':
 					svr_opts.norootlogin = 1;
 					break;
-#ifdef DROPBEAR_PASSWORD_AUTH
+#ifdef ENABLE_SVR_PASSWORD_AUTH
 				case 's':
 					svr_opts.noauthpass = 1;
 					break;
--- a/svr-session.c
+++ b/svr-session.c
@ -35,8 +35,7 @@
 #include "channel.h"
 #include "chansession.h"
 #include "atomicio.h"
-#include "tcp-accept.h"
-#include "tcp-connect.h"
+#include "tcpfwd.h"
 #include "service.h"
 #include "auth.h"
 #include "runopts.h"