[openssh-commits] [openssh] 04/08: upstream commit
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Jan 27 16:55:03 AEDT 2016
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit a306863831c57ec5fad918687cc5d289ee8e2635
Author: markus at openbsd.org <markus at openbsd.org>
Date: Thu Jan 14 16:17:39 2016 +0000
upstream commit
remove roaming support; ok djm@
Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
---
Makefile.in | 15 ++-
clientloop.c | 9 +-
kex.c | 14 +--
kex.h | 4 +-
monitor.c | 3 +-
monitor_wrap.c | 3 +-
opacket.c | 12 ---
opacket.h | 2 -
packet.c | 84 ++---------------
packet.h | 6 +-
readconf.c | 12 +--
readconf.h | 4 +-
roaming.h | 45 ---------
roaming_client.c | 271 -------------------------------------------------------
roaming_common.c | 241 -------------------------------------------------
roaming_dummy.c | 72 ---------------
roaming_serv.c | 31 -------
serverloop.c | 8 +-
ssh.c | 3 +-
ssh2.h | 9 +-
sshconnect.c | 7 +-
sshconnect2.c | 6 +-
sshd.c | 7 +-
23 files changed, 37 insertions(+), 831 deletions(-)
diff --git a/Makefile.in b/Makefile.in
index 9e32641..a8984c8 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -95,8 +95,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
platform-pledge.o
SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
- sshconnect.o sshconnect1.o sshconnect2.o mux.o \
- roaming_common.o roaming_client.o
+ sshconnect.o sshconnect1.o sshconnect2.o mux.o
SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
audit.o audit-bsm.o audit-linux.o platform.o \
@@ -109,7 +108,6 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
auth2-gss.o gss-serv.o gss-serv-krb5.o \
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
sftp-server.o sftp-common.o \
- roaming_common.o roaming_serv.o \
sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
sandbox-solaris.o
@@ -180,14 +178,14 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
$(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
-ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o readconf.o
- $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o
+ $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
$(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
-ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
- $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
+ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
+ $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
$(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
@@ -484,8 +482,7 @@ regress/unittests/bitmap/test_bitmap$(EXEEXT): ${UNITTESTS_TEST_BITMAP_OBJS} \
UNITTESTS_TEST_KEX_OBJS=\
regress/unittests/kex/tests.o \
- regress/unittests/kex/test_kex.o \
- roaming_dummy.o
+ regress/unittests/kex/test_kex.o
regress/unittests/kex/test_kex$(EXEEXT): ${UNITTESTS_TEST_KEX_OBJS} \
regress/unittests/test_helper/libtest_helper.a libssh.a
diff --git a/clientloop.c b/clientloop.c
index c0386d5..d324e29 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.279 2016/01/13 23:04:47 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.280 2016/01/14 16:17:39 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -111,7 +111,6 @@
#include "sshpty.h"
#include "match.h"
#include "msg.h"
-#include "roaming.h"
#include "ssherr.h"
#include "hostfile.h"
@@ -756,7 +755,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
static void
client_process_net_input(fd_set *readset)
{
- int len, cont = 0;
+ int len;
char buf[SSH_IOBUFSZ];
/*
@@ -765,8 +764,8 @@ client_process_net_input(fd_set *readset)
*/
if (FD_ISSET(connection_in, readset)) {
/* Read as much as possible. */
- len = roaming_read(connection_in, buf, sizeof(buf), &cont);
- if (len == 0 && cont == 0) {
+ len = read(connection_in, buf, sizeof(buf));
+ if (len == 0) {
/*
* Received EOF. The remote host has closed the
* connection.
diff --git a/kex.c b/kex.c
index 2dba1c5..335b789 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.115 2015/12/13 22:42:23 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.116 2016/01/14 16:17:39 markus Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@@ -49,7 +49,6 @@
#include "misc.h"
#include "dispatch.h"
#include "monitor.h"
-#include "roaming.h"
#include "ssherr.h"
#include "sshbuf.h"
@@ -748,17 +747,6 @@ kex_choose_conf(struct ssh *ssh)
sprop=peer;
}
- /* Check whether server offers roaming */
- if (!kex->server) {
- char *roaming = match_list(KEX_RESUME,
- peer[PROPOSAL_KEX_ALGS], NULL);
-
- if (roaming) {
- kex->roaming = 1;
- free(roaming);
- }
- }
-
/* Check whether client supports ext_info_c */
if (kex->server) {
char *ext;
diff --git a/kex.h b/kex.h
index 25ccf2e..24d4aa1 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.h,v 1.74 2015/12/04 16:41:28 markus Exp $ */
+/* $OpenBSD: kex.h,v 1.75 2016/01/14 16:17:39 markus Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -54,7 +54,6 @@
#define KEX_DH14 "diffie-hellman-group14-sha1"
#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
-#define KEX_RESUME "resume at appgate.com"
#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256"
#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384"
#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521"
@@ -133,7 +132,6 @@ struct kex {
int hostkey_type;
int hostkey_nid;
u_int kex_type;
- int roaming;
int rsa_sha2;
int ext_info_c;
struct sshbuf *my;
diff --git a/monitor.c b/monitor.c
index b3edd64..b7fe74b 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.155 2015/12/04 16:41:28 markus Exp $ */
+/* $OpenBSD: monitor.c,v 1.156 2016/01/14 16:17:39 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos at citi.umich.edu>
* Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -100,7 +100,6 @@
#include "monitor_fdpass.h"
#include "compat.h"
#include "ssh2.h"
-#include "roaming.h"
#include "authfd.h"
#include "match.h"
#include "ssherr.h"
diff --git a/monitor_wrap.c b/monitor_wrap.c
index d4bfaf3..c5db6df 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.86 2015/12/04 16:41:28 markus Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.87 2016/01/14 16:17:40 markus Exp $ */
/*
* Copyright 2002 Niels Provos <provos at citi.umich.edu>
* Copyright 2002 Markus Friedl <markus at openbsd.org>
@@ -80,7 +80,6 @@
#include "channels.h"
#include "session.h"
#include "servconf.h"
-#include "roaming.h"
#include "ssherr.h"
diff --git a/opacket.c b/opacket.c
index b9160d5..5970dd3 100644
--- a/opacket.c
+++ b/opacket.c
@@ -235,18 +235,6 @@ packet_set_connection(int fd_in, int fd_out)
fatal("%s: ssh_packet_set_connection failed", __func__);
}
-void
-packet_backup_state(void)
-{
- ssh_packet_backup_state(active_state, backup_state);
-}
-
-void
-packet_restore_state(void)
-{
- ssh_packet_restore_state(active_state, backup_state);
-}
-
u_int
packet_get_char(void)
{
diff --git a/opacket.h b/opacket.h
index a0a60e5..b14b676 100644
--- a/opacket.h
+++ b/opacket.h
@@ -39,8 +39,6 @@ do { \
void packet_close(void);
u_int packet_get_char(void);
u_int packet_get_int(void);
-void packet_backup_state(void);
-void packet_restore_state(void);
void packet_set_connection(int, int);
int packet_read_seqnr(u_int32_t *);
int packet_read_poll_seqnr(u_int32_t *);
diff --git a/packet.c b/packet.c
index 27e85e3..9cf200c 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.221 2015/12/11 04:21:12 mmcc Exp $ */
+/* $OpenBSD: packet.c,v 1.222 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -83,7 +83,6 @@
#include "channels.h"
#include "ssh.h"
#include "packet.h"
-#include "roaming.h"
#include "ssherr.h"
#include "sshbuf.h"
@@ -1279,7 +1278,7 @@ int
ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
{
struct session_state *state = ssh->state;
- int len, r, ms_remain, cont;
+ int len, r, ms_remain;
fd_set *setp;
char buf[8192];
struct timeval timeout, start, *timeoutp = NULL;
@@ -1349,11 +1348,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
if (r == 0)
return SSH_ERR_CONN_TIMEOUT;
/* Read data from the socket. */
- do {
- cont = 0;
- len = roaming_read(state->connection_in, buf,
- sizeof(buf), &cont);
- } while (len == 0 && cont);
+ len = read(state->connection_in, buf, sizeof(buf));
if (len == 0) {
r = SSH_ERR_CONN_CLOSED;
goto out;
@@ -2025,19 +2020,18 @@ ssh_packet_write_poll(struct ssh *ssh)
{
struct session_state *state = ssh->state;
int len = sshbuf_len(state->output);
- int cont, r;
+ int r;
if (len > 0) {
- cont = 0;
- len = roaming_write(state->connection_out,
- sshbuf_ptr(state->output), len, &cont);
+ len = write(state->connection_out,
+ sshbuf_ptr(state->output), len);
if (len == -1) {
if (errno == EINTR || errno == EAGAIN ||
errno == EWOULDBLOCK)
return 0;
return SSH_ERR_SYSTEM_ERROR;
}
- if (len == 0 && !cont)
+ if (len == 0)
return SSH_ERR_CONN_CLOSED;
if ((r = sshbuf_consume(state->output, len)) != 0)
return r;
@@ -2314,58 +2308,6 @@ ssh_packet_get_output(struct ssh *ssh)
return (void *)ssh->state->output;
}
-/* XXX TODO update roaming to new API (does not work anyway) */
-/*
- * Save the state for the real connection, and use a separate state when
- * resuming a suspended connection.
- */
-void
-ssh_packet_backup_state(struct ssh *ssh,
- struct ssh *backup_state)
-{
- struct ssh *tmp;
-
- close(ssh->state->connection_in);
- ssh->state->connection_in = -1;
- close(ssh->state->connection_out);
- ssh->state->connection_out = -1;
- if (backup_state)
- tmp = backup_state;
- else
- tmp = ssh_alloc_session_state();
- backup_state = ssh;
- ssh = tmp;
-}
-
-/* XXX FIXME FIXME FIXME */
-/*
- * Swap in the old state when resuming a connecion.
- */
-void
-ssh_packet_restore_state(struct ssh *ssh,
- struct ssh *backup_state)
-{
- struct ssh *tmp;
- u_int len;
- int r;
-
- tmp = backup_state;
- backup_state = ssh;
- ssh = tmp;
- ssh->state->connection_in = backup_state->state->connection_in;
- backup_state->state->connection_in = -1;
- ssh->state->connection_out = backup_state->state->connection_out;
- backup_state->state->connection_out = -1;
- len = sshbuf_len(backup_state->state->input);
- if (len > 0) {
- if ((r = sshbuf_putb(ssh->state->input,
- backup_state->state->input)) != 0)
- fatal("%s: %s", __func__, ssh_err(r));
- sshbuf_reset(backup_state->state->input);
- add_recv_bytes(len);
- }
-}
-
/* Reset after_authentication and reset compression in post-auth privsep */
static int
ssh_packet_set_postauth(struct ssh *ssh)
@@ -2515,11 +2457,6 @@ ssh_packet_get_state(struct ssh *ssh, struct sshbuf *m)
(r = sshbuf_put_stringb(m, state->output)) != 0)
return r;
- if (compat20) {
- if ((r = sshbuf_put_u64(m, get_sent_bytes())) != 0 ||
- (r = sshbuf_put_u64(m, get_recv_bytes())) != 0)
- return r;
- }
return 0;
}
@@ -2646,7 +2583,6 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
size_t ssh1keylen, rlen, slen, ilen, olen;
int r;
u_int ssh1cipher = 0;
- u_int64_t sent_bytes = 0, recv_bytes = 0;
if (!compat20) {
if ((r = sshbuf_get_u32(m, &state->remote_protocol_flags)) != 0 ||
@@ -2711,12 +2647,6 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
(r = sshbuf_put(state->output, output, olen)) != 0)
return r;
- if (compat20) {
- if ((r = sshbuf_get_u64(m, &sent_bytes)) != 0 ||
- (r = sshbuf_get_u64(m, &recv_bytes)) != 0)
- return r;
- roam_set_bytes(sent_bytes, recv_bytes);
- }
if (sshbuf_len(m))
return SSH_ERR_INVALID_FORMAT;
debug3("%s: done", __func__);
diff --git a/packet.h b/packet.h
index bc2e2ba..c8f36eb 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.h,v 1.67 2015/12/11 03:24:25 djm Exp $ */
+/* $OpenBSD: packet.h,v 1.68 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -149,10 +149,6 @@ int ssh_packet_need_rekeying(struct ssh *);
void ssh_packet_set_rekey_limits(struct ssh *, u_int32_t, time_t);
time_t ssh_packet_get_rekey_timeout(struct ssh *);
-/* XXX FIXME */
-void ssh_packet_backup_state(struct ssh *, struct ssh *);
-void ssh_packet_restore_state(struct ssh *, struct ssh *);
-
void *ssh_packet_get_input(struct ssh *);
void *ssh_packet_get_output(struct ssh *);
diff --git a/readconf.c b/readconf.c
index bf12507..8e9a25d 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.247 2016/01/14 14:34:34 deraadt Exp $ */
+/* $OpenBSD: readconf.c,v 1.248 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -152,7 +152,7 @@ typedef enum {
oSendEnv, oControlPath, oControlMaster, oControlPersist,
oHashKnownHosts,
oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
- oVisualHostKey, oUseRoaming,
+ oVisualHostKey,
oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass,
oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots,
oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
@@ -263,7 +263,7 @@ static struct {
{ "localcommand", oLocalCommand },
{ "permitlocalcommand", oPermitLocalCommand },
{ "visualhostkey", oVisualHostKey },
- { "useroaming", oUseRoaming },
+ { "useroaming", oDeprecated },
{ "kexalgorithms", oKexAlgorithms },
{ "ipqos", oIPQoS },
{ "requesttty", oRequestTTY },
@@ -1425,10 +1425,6 @@ parse_keytypes:
}
break;
- case oUseRoaming:
- intptr = &options->use_roaming;
- goto parse_flag;
-
case oRequestTTY:
intptr = &options->request_tty;
multistate_ptr = multistate_requesttty;
@@ -1713,7 +1709,6 @@ initialize_options(Options * options)
options->tun_remote = -1;
options->local_command = NULL;
options->permit_local_command = -1;
- options->use_roaming = 0;
options->add_keys_to_agent = -1;
options->visual_host_key = -1;
options->ip_qos_interactive = -1;
@@ -1889,7 +1884,6 @@ fill_default_options(Options * options)
options->tun_remote = SSH_TUNID_ANY;
if (options->permit_local_command == -1)
options->permit_local_command = 0;
- options->use_roaming = 0;
if (options->visual_host_key == -1)
options->visual_host_key = 0;
if (options->ip_qos_interactive == -1)
diff --git a/readconf.h b/readconf.h
index 2034bfd..c84d068 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.112 2015/11/15 22:26:49 jcs Exp $ */
+/* $OpenBSD: readconf.h,v 1.113 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -137,8 +137,6 @@ typedef struct {
int permit_local_command;
int visual_host_key;
- int use_roaming;
-
int request_tty;
int proxy_use_fdpass;
diff --git a/roaming.h b/roaming.h
index da069f8..e69de29 100644
--- a/roaming.h
+++ b/roaming.h
@@ -1,45 +0,0 @@
-/* $OpenBSD: roaming.h,v 1.6 2011/12/07 05:44:38 djm Exp $ */
-/*
- * Copyright (c) 2004-2009 AppGate Network Security AB
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#ifndef ROAMING_H
-#define ROAMING_H
-
-#define DEFAULT_ROAMBUF 65536
-#define MAX_ROAMBUF (2*1024*1024) /* XXX arbitrary */
-#define ROAMING_REQUEST "roaming at appgate.com"
-
-extern int roaming_enabled;
-extern int resume_in_progress;
-
-void request_roaming(void);
-int get_snd_buf_size(void);
-int get_recv_buf_size(void);
-void add_recv_bytes(u_int64_t);
-int wait_for_roaming_reconnect(void);
-void roaming_reply(int, u_int32_t, void *);
-void set_out_buffer_size(size_t);
-ssize_t roaming_write(int, const void *, size_t, int *);
-ssize_t roaming_read(int, void *, size_t, int *);
-size_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t);
-u_int64_t get_recv_bytes(void);
-u_int64_t get_sent_bytes(void);
-void roam_set_bytes(u_int64_t, u_int64_t);
-void resend_bytes(int, u_int64_t *);
-void calculate_new_key(u_int64_t *, u_int64_t, u_int64_t);
-int resume_kex(void);
-
-#endif /* ROAMING */
diff --git a/roaming_client.c b/roaming_client.c
deleted file mode 100644
index cb13285..0000000
--- a/roaming_client.c
+++ /dev/null
@@ -1,271 +0,0 @@
-/* $OpenBSD: roaming_client.c,v 1.9 2015/01/27 12:54:06 okan Exp $ */
-/*
- * Copyright (c) 2004-2009 AppGate Network Security AB
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include "includes.h"
-
-#include "openbsd-compat/sys-queue.h"
-#include <sys/types.h>
-#include <sys/socket.h>
-
-#include <signal.h>
-#include <string.h>
-#include <unistd.h>
-
-#include "xmalloc.h"
-#include "buffer.h"
-#include "channels.h"
-#include "cipher.h"
-#include "dispatch.h"
-#include "clientloop.h"
-#include "log.h"
-#include "match.h"
-#include "misc.h"
-#include "packet.h"
-#include "ssh.h"
-#include "key.h"
-#include "kex.h"
-#include "readconf.h"
-#include "roaming.h"
-#include "ssh2.h"
-#include "sshconnect.h"
-#include "digest.h"
-
-/* import */
-extern Options options;
-extern char *host;
-extern struct sockaddr_storage hostaddr;
-extern int session_resumed;
-
-static u_int32_t roaming_id;
-static u_int64_t cookie;
-static u_int64_t lastseenchall;
-static u_int64_t key1, key2, oldkey1, oldkey2;
-
-void
-roaming_reply(int type, u_int32_t seq, void *ctxt)
-{
- if (type == SSH2_MSG_REQUEST_FAILURE) {
- logit("Server denied roaming");
- return;
- }
- verbose("Roaming enabled");
- roaming_id = packet_get_int();
- cookie = packet_get_int64();
- key1 = oldkey1 = packet_get_int64();
- key2 = oldkey2 = packet_get_int64();
- set_out_buffer_size(packet_get_int() + get_snd_buf_size());
- roaming_enabled = 1;
-}
-
-void
-request_roaming(void)
-{
- packet_start(SSH2_MSG_GLOBAL_REQUEST);
- packet_put_cstring(ROAMING_REQUEST);
- packet_put_char(1);
- packet_put_int(get_recv_buf_size());
- packet_send();
- client_register_global_confirm(roaming_reply, NULL);
-}
-
-static void
-roaming_auth_required(void)
-{
- u_char digest[SSH_DIGEST_MAX_LENGTH];
- Buffer b;
- u_int64_t chall, oldchall;
-
- chall = packet_get_int64();
- oldchall = packet_get_int64();
- if (oldchall != lastseenchall) {
- key1 = oldkey1;
- key2 = oldkey2;
- }
- lastseenchall = chall;
-
- buffer_init(&b);
- buffer_put_int64(&b, cookie);
- buffer_put_int64(&b, chall);
- if (ssh_digest_buffer(SSH_DIGEST_SHA1, &b, digest, sizeof(digest)) != 0)
- fatal("%s: ssh_digest_buffer failed", __func__);
- buffer_free(&b);
-
- packet_start(SSH2_MSG_KEX_ROAMING_AUTH);
- packet_put_int64(key1 ^ get_recv_bytes());
- packet_put_raw(digest, ssh_digest_bytes(SSH_DIGEST_SHA1));
- packet_send();
-
- oldkey1 = key1;
- oldkey2 = key2;
- calculate_new_key(&key1, cookie, chall);
- calculate_new_key(&key2, cookie, chall);
-
- debug("Received %llu bytes", (unsigned long long)get_recv_bytes());
- debug("Sent roaming_auth packet");
-}
-
-int
-resume_kex(void)
-{
- /*
- * This should not happen - if the client sends the kex method
- * resume at appgate.com then the kex is done in roaming_resume().
- */
- return 1;
-}
-
-static int
-roaming_resume(void)
-{
- u_int64_t recv_bytes;
- char *str = NULL, *kexlist = NULL, *c;
- int i, type;
- int timeout_ms = options.connection_timeout * 1000;
- u_int len;
- u_int32_t rnd = 0;
-
- resume_in_progress = 1;
-
- /* Exchange banners */
- ssh_exchange_identification(timeout_ms);
- packet_set_nonblocking();
-
- /* Send a kexinit message with resume at appgate.com as only kex algo */
- packet_start(SSH2_MSG_KEXINIT);
- for (i = 0; i < KEX_COOKIE_LEN; i++) {
- if (i % 4 == 0)
- rnd = arc4random();
- packet_put_char(rnd & 0xff);
- rnd >>= 8;
- }
- packet_put_cstring(KEX_RESUME);
- for (i = 1; i < PROPOSAL_MAX; i++) {
- /* kex algorithm added so start with i=1 and not 0 */
- packet_put_cstring(""); /* Not used when we resume */
- }
- packet_put_char(1); /* first kex_packet follows */
- packet_put_int(0); /* reserved */
- packet_send();
-
- /* Assume that resume at appgate.com will be accepted */
- packet_start(SSH2_MSG_KEX_ROAMING_RESUME);
- packet_put_int(roaming_id);
- packet_send();
-
- /* Read the server's kexinit and check for resume at appgate.com */
- if ((type = packet_read()) != SSH2_MSG_KEXINIT) {
- debug("expected kexinit on resume, got %d", type);
- goto fail;
- }
- for (i = 0; i < KEX_COOKIE_LEN; i++)
- (void)packet_get_char();
- kexlist = packet_get_string(&len);
- if (!kexlist
- || (str = match_list(KEX_RESUME, kexlist, NULL)) == NULL) {
- debug("server doesn't allow resume");
- goto fail;
- }
- free(str);
- for (i = 1; i < PROPOSAL_MAX; i++) {
- /* kex algorithm taken care of so start with i=1 and not 0 */
- free(packet_get_string(&len));
- }
- i = packet_get_char(); /* first_kex_packet_follows */
- if (i && (c = strchr(kexlist, ',')))
- *c = 0;
- if (i && strcmp(kexlist, KEX_RESUME)) {
- debug("server's kex guess (%s) was wrong, skipping", kexlist);
- (void)packet_read(); /* Wrong guess - discard packet */
- }
-
- /*
- * Read the ROAMING_AUTH_REQUIRED challenge from the server and
- * send ROAMING_AUTH
- */
- if ((type = packet_read()) != SSH2_MSG_KEX_ROAMING_AUTH_REQUIRED) {
- debug("expected roaming_auth_required, got %d", type);
- goto fail;
- }
- roaming_auth_required();
-
- /* Read ROAMING_AUTH_OK from the server */
- if ((type = packet_read()) != SSH2_MSG_KEX_ROAMING_AUTH_OK) {
- debug("expected roaming_auth_ok, got %d", type);
- goto fail;
- }
- recv_bytes = packet_get_int64() ^ oldkey2;
- debug("Peer received %llu bytes", (unsigned long long)recv_bytes);
- resend_bytes(packet_get_connection_out(), &recv_bytes);
-
- resume_in_progress = 0;
-
- session_resumed = 1; /* Tell clientloop */
-
- return 0;
-
-fail:
- free(kexlist);
- if (packet_get_connection_in() == packet_get_connection_out())
- close(packet_get_connection_in());
- else {
- close(packet_get_connection_in());
- close(packet_get_connection_out());
- }
- return 1;
-}
-
-int
-wait_for_roaming_reconnect(void)
-{
- static int reenter_guard = 0;
- int timeout_ms = options.connection_timeout * 1000;
- int c;
-
- if (reenter_guard != 0)
- fatal("Server refused resume, roaming timeout may be exceeded");
- reenter_guard = 1;
-
- fprintf(stderr, "[connection suspended, press return to resume]");
- fflush(stderr);
- packet_backup_state();
- /* TODO Perhaps we should read from tty here */
- while ((c = fgetc(stdin)) != EOF) {
- if (c == 'Z' - 64) {
- kill(getpid(), SIGTSTP);
- continue;
- }
- if (c != '\n' && c != '\r')
- continue;
-
- if (ssh_connect(host, NULL, &hostaddr, options.port,
- options.address_family, 1, &timeout_ms,
- options.tcp_keep_alive, options.use_privileged_port) == 0 &&
- roaming_resume() == 0) {
- packet_restore_state();
- reenter_guard = 0;
- fprintf(stderr, "[connection resumed]\n");
- fflush(stderr);
- return 0;
- }
-
- fprintf(stderr, "[reconnect failed, press return to retry]");
- fflush(stderr);
- }
- fprintf(stderr, "[exiting]\n");
- fflush(stderr);
- exit(0);
-}
diff --git a/roaming_common.c b/roaming_common.c
deleted file mode 100644
index ea06460..0000000
--- a/roaming_common.c
+++ /dev/null
@@ -1,241 +0,0 @@
-/* $OpenBSD: roaming_common.c,v 1.13 2015/01/27 12:54:06 okan Exp $ */
-/*
- * Copyright (c) 2004-2009 AppGate Network Security AB
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include "includes.h"
-
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/uio.h>
-
-#include <errno.h>
-#include <stdarg.h>
-#include <string.h>
-#include <unistd.h>
-
-#include "atomicio.h"
-#include "log.h"
-#include "packet.h"
-#include "xmalloc.h"
-#include "cipher.h"
-#include "buffer.h"
-#include "roaming.h"
-#include "digest.h"
-
-static size_t out_buf_size = 0;
-static char *out_buf = NULL;
-static size_t out_start;
-static size_t out_last;
-
-static u_int64_t write_bytes = 0;
-static u_int64_t read_bytes = 0;
-
-int roaming_enabled = 0;
-int resume_in_progress = 0;
-
-int
-get_snd_buf_size(void)
-{
- int fd = packet_get_connection_out();
- int optval;
- socklen_t optvallen = sizeof(optval);
-
- if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &optval, &optvallen) != 0)
- optval = DEFAULT_ROAMBUF;
- return optval;
-}
-
-int
-get_recv_buf_size(void)
-{
- int fd = packet_get_connection_in();
- int optval;
- socklen_t optvallen = sizeof(optval);
-
- if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &optval, &optvallen) != 0)
- optval = DEFAULT_ROAMBUF;
- return optval;
-}
-
-void
-set_out_buffer_size(size_t size)
-{
- if (size == 0 || size > MAX_ROAMBUF)
- fatal("%s: bad buffer size %lu", __func__, (u_long)size);
- /*
- * The buffer size can only be set once and the buffer will live
- * as long as the session lives.
- */
- if (out_buf == NULL) {
- out_buf_size = size;
- out_buf = xmalloc(size);
- out_start = 0;
- out_last = 0;
- }
-}
-
-u_int64_t
-get_recv_bytes(void)
-{
- return read_bytes;
-}
-
-void
-add_recv_bytes(u_int64_t num)
-{
- read_bytes += num;
-}
-
-u_int64_t
-get_sent_bytes(void)
-{
- return write_bytes;
-}
-
-void
-roam_set_bytes(u_int64_t sent, u_int64_t recvd)
-{
- read_bytes = recvd;
- write_bytes = sent;
-}
-
-static void
-buf_append(const char *buf, size_t count)
-{
- if (count > out_buf_size) {
- buf += count - out_buf_size;
- count = out_buf_size;
- }
- if (count < out_buf_size - out_last) {
- memcpy(out_buf + out_last, buf, count);
- if (out_start > out_last)
- out_start += count;
- out_last += count;
- } else {
- /* data will wrap */
- size_t chunk = out_buf_size - out_last;
- memcpy(out_buf + out_last, buf, chunk);
- memcpy(out_buf, buf + chunk, count - chunk);
- out_last = count - chunk;
- out_start = out_last + 1;
- }
-}
-
-ssize_t
-roaming_write(int fd, const void *buf, size_t count, int *cont)
-{
- ssize_t ret;
-
- ret = write(fd, buf, count);
- if (ret > 0 && !resume_in_progress) {
- write_bytes += ret;
- if (out_buf_size > 0)
- buf_append(buf, ret);
- }
- if (out_buf_size > 0 &&
- (ret == 0 || (ret == -1 && errno == EPIPE))) {
- if (wait_for_roaming_reconnect() != 0) {
- ret = 0;
- *cont = 1;
- } else {
- ret = -1;
- errno = EAGAIN;
- }
- }
- return ret;
-}
-
-ssize_t
-roaming_read(int fd, void *buf, size_t count, int *cont)
-{
- ssize_t ret = read(fd, buf, count);
- if (ret > 0) {
- if (!resume_in_progress) {
- read_bytes += ret;
- }
- } else if (out_buf_size > 0 &&
- (ret == 0 || (ret == -1 && (errno == ECONNRESET
- || errno == ECONNABORTED || errno == ETIMEDOUT
- || errno == EHOSTUNREACH)))) {
- debug("roaming_read failed for %d ret=%ld errno=%d",
- fd, (long)ret, errno);
- ret = 0;
- if (wait_for_roaming_reconnect() == 0)
- *cont = 1;
- }
- return ret;
-}
-
-size_t
-roaming_atomicio(ssize_t(*f)(int, void*, size_t), int fd, void *buf,
- size_t count)
-{
- size_t ret = atomicio(f, fd, buf, count);
-
- if (f == vwrite && ret > 0 && !resume_in_progress) {
- write_bytes += ret;
- } else if (f == read && ret > 0 && !resume_in_progress) {
- read_bytes += ret;
- }
- return ret;
-}
-
-void
-resend_bytes(int fd, u_int64_t *offset)
-{
- size_t available, needed;
-
- if (out_start < out_last)
- available = out_last - out_start;
- else
- available = out_buf_size;
- needed = write_bytes - *offset;
- debug3("resend_bytes: resend %lu bytes from %llu",
- (unsigned long)needed, (unsigned long long)*offset);
- if (needed > available)
- fatal("Needed to resend more data than in the cache");
- if (out_last < needed) {
- int chunkend = needed - out_last;
- atomicio(vwrite, fd, out_buf + out_buf_size - chunkend,
- chunkend);
- atomicio(vwrite, fd, out_buf, out_last);
- } else {
- atomicio(vwrite, fd, out_buf + (out_last - needed), needed);
- }
-}
-
-/*
- * Caclulate a new key after a reconnect
- */
-void
-calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge)
-{
- u_char hash[SSH_DIGEST_MAX_LENGTH];
- Buffer b;
-
- buffer_init(&b);
- buffer_put_int64(&b, *key);
- buffer_put_int64(&b, cookie);
- buffer_put_int64(&b, challenge);
-
- if (ssh_digest_buffer(SSH_DIGEST_SHA1, &b, hash, sizeof(hash)) != 0)
- fatal("%s: digest_buffer failed", __func__);
-
- buffer_clear(&b);
- buffer_append(&b, hash, ssh_digest_bytes(SSH_DIGEST_SHA1));
- *key = buffer_get_int64(&b);
- buffer_free(&b);
-}
diff --git a/roaming_dummy.c b/roaming_dummy.c
deleted file mode 100644
index 837de69..0000000
--- a/roaming_dummy.c
+++ /dev/null
@@ -1,72 +0,0 @@
-/* $OpenBSD: roaming_dummy.c,v 1.4 2015/01/19 19:52:16 markus Exp $ */
-/*
- * Copyright (c) 2004-2009 AppGate Network Security AB
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
- * This file is included in the client programs which should not
- * support roaming.
- */
-
-#include "includes.h"
-
-#include <sys/types.h>
-#include <unistd.h>
-
-#include "roaming.h"
-
-int resume_in_progress = 0;
-
-u_int64_t
-get_recv_bytes(void)
-{
- return 0;
-}
-
-u_int64_t
-get_sent_bytes(void)
-{
- return 0;
-}
-
-void
-roam_set_bytes(u_int64_t sent, u_int64_t recvd)
-{
-}
-
-ssize_t
-roaming_write(int fd, const void *buf, size_t count, int *cont)
-{
- return write(fd, buf, count);
-}
-
-ssize_t
-roaming_read(int fd, void *buf, size_t count, int *cont)
-{
- if (cont)
- *cont = 0;
- return read(fd, buf, count);
-}
-
-void
-add_recv_bytes(u_int64_t num)
-{
-}
-
-int
-resume_kex(void)
-{
- return 1;
-}
diff --git a/roaming_serv.c b/roaming_serv.c
deleted file mode 100644
index 511ca84..0000000
--- a/roaming_serv.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/* $OpenBSD: roaming_serv.c,v 1.1 2009/10/24 11:18:23 andreas Exp $ */
-/*
- * Copyright (c) 2004-2009 AppGate Network Security AB
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include "includes.h"
-
-#include <sys/types.h>
-
-#include "roaming.h"
-
-/*
- * Wait for the roaming client to reconnect. Returns 0 if a connect ocurred.
- */
-int
-wait_for_roaming_reconnect(void)
-{
- return 1;
-}
diff --git a/serverloop.c b/serverloop.c
index 85fc8d3..47bc168 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.180 2015/12/04 16:41:28 markus Exp $ */
+/* $OpenBSD: serverloop.c,v 1.181 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -78,7 +78,6 @@
#include "dispatch.h"
#include "auth-options.h"
#include "serverloop.h"
-#include "roaming.h"
#include "ssherr.h"
extern ServerOptions options;
@@ -399,11 +398,8 @@ process_input(fd_set *readset)
/* Read and buffer any input data from the client. */
if (FD_ISSET(connection_in, readset)) {
- int cont = 0;
- len = roaming_read(connection_in, buf, sizeof(buf), &cont);
+ len = read(connection_in, buf, sizeof(buf));
if (len == 0) {
- if (cont)
- return;
verbose("Connection closed by %.100s",
get_remote_ipaddr());
connection_closed = 1;
diff --git a/ssh.c b/ssh.c
index ecaf302..993ea17 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.434 2016/01/14 14:34:34 deraadt Exp $ */
+/* $OpenBSD: ssh.c,v 1.435 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -105,7 +105,6 @@
#include "match.h"
#include "msg.h"
#include "uidswap.h"
-#include "roaming.h"
#include "version.h"
#include "ssherr.h"
#include "myproposal.h"
diff --git a/ssh2.h b/ssh2.h
index bdff6c5..5d1918b 100644
--- a/ssh2.h
+++ b/ssh2.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh2.h,v 1.16 2015/12/04 16:41:28 markus Exp $ */
+/* $OpenBSD: ssh2.h,v 1.17 2016/01/14 16:17:40 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -165,13 +165,6 @@
#define SSH2_EXTENDED_DATA_STDERR 1
-/* kex messages for resume at appgate.com */
-#define SSH2_MSG_KEX_ROAMING_RESUME 30
-#define SSH2_MSG_KEX_ROAMING_AUTH_REQUIRED 31
-#define SSH2_MSG_KEX_ROAMING_AUTH 32
-#define SSH2_MSG_KEX_ROAMING_AUTH_OK 33
-#define SSH2_MSG_KEX_ROAMING_AUTH_FAIL 34
-
/* Certificate types for OpenSSH certificate keys extension */
#define SSH2_CERT_TYPE_USER 1
#define SSH2_CERT_TYPE_HOST 2
diff --git a/sshconnect.c b/sshconnect.c
index 9dcbdeb..a22710d 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.269 2015/11/20 01:45:29 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.270 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -59,7 +59,6 @@
#include "readconf.h"
#include "atomicio.h"
#include "dns.h"
-#include "roaming.h"
#include "monitor_fdpass.h"
#include "ssh2.h"
#include "version.h"
@@ -532,7 +531,7 @@ send_client_banner(int connection_out, int minor1)
xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
}
- if (roaming_atomicio(vwrite, connection_out, client_version_string,
+ if (atomicio(vwrite, connection_out, client_version_string,
strlen(client_version_string)) != strlen(client_version_string))
fatal("write: %.100s", strerror(errno));
chop(client_version_string);
@@ -592,7 +591,7 @@ ssh_exchange_identification(int timeout_ms)
}
}
- len = roaming_atomicio(read, connection_in, &buf[i], 1);
+ len = atomicio(read, connection_in, &buf[i], 1);
if (len != 1 && errno == EPIPE)
fatal("ssh_exchange_identification: "
diff --git a/sshconnect2.c b/sshconnect2.c
index 6c79a79..1f91853 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.235 2015/12/11 02:31:47 mmcc Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.236 2016/01/14 16:17:40 markus Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -219,10 +219,6 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
dispatch_run(DISPATCH_BLOCK, &kex->done, active_state);
- if (options.use_roaming && !kex->roaming) {
- debug("Roaming not allowed by server");
- options.use_roaming = 0;
- }
/* remove ext-info from the KEX proposals for rekeying */
myproposal[PROPOSAL_KEX_ALGS] =
compat_kex_proposal(options.kex_algorithms);
diff --git a/sshd.c b/sshd.c
index 5d2e0a0..7504bff 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshd.c,v 1.462 2015/12/10 17:08:40 mmcc Exp $ */
+/* $OpenBSD: sshd.c,v 1.463 2016/01/14 16:17:40 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -121,7 +121,6 @@
#include "ssh-gss.h"
#endif
#include "monitor_wrap.h"
-#include "roaming.h"
#include "ssh-sandbox.h"
#include "version.h"
#include "ssherr.h"
@@ -437,7 +436,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
options.version_addendum, newline);
/* Send our protocol version identification. */
- if (roaming_atomicio(vwrite, sock_out, server_version_string,
+ if (atomicio(vwrite, sock_out, server_version_string,
strlen(server_version_string))
!= strlen(server_version_string)) {
logit("Could not write ident string to %s", get_remote_ipaddr());
@@ -447,7 +446,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
/* Read other sides version identification. */
memset(buf, 0, sizeof(buf));
for (i = 0; i < sizeof(buf) - 1; i++) {
- if (roaming_atomicio(read, sock_in, &buf[i], 1) != 1) {
+ if (atomicio(read, sock_in, &buf[i], 1) != 1) {
logit("Did not receive identification string from %s",
get_remote_ipaddr());
cleanup_exit(255);
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list