aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorcvs2svn <cvs2svn@FreeBSD.org>2004-10-28 16:03:54 +0000
committercvs2svn <cvs2svn@FreeBSD.org>2004-10-28 16:03:54 +0000
commit88769c040626c2b46e8f015c348b524c2cb7b7f4 (patch)
treec27d52da63f31479fae8e9eb4a987d44817435e2
parentd74d50a84bda49cca847afc2f65bf790d6af7361 (diff)
downloadsrc-vendor/openssh/3.9p1.tar.gz
src-vendor/openssh/3.9p1.zip
This commit was manufactured by cvs2svn to create tagvendor/openssh/3.9p1
'openssh-vendor-crypto-OpenSSH_3_9p1'.
-rw-r--r--crypto/openssh/.cvsignore24
-rw-r--r--crypto/openssh/COPYING.Ylonen70
-rw-r--r--crypto/openssh/Makefile14
-rw-r--r--crypto/openssh/Makefile.inc26
-rw-r--r--crypto/openssh/README.openssh244
-rw-r--r--crypto/openssh/auth2-skey.c104
-rw-r--r--crypto/openssh/aux.c36
-rw-r--r--crypto/openssh/cli.c231
-rw-r--r--crypto/openssh/cli.h42
-rw-r--r--crypto/openssh/contrib/Makefile15
-rw-r--r--crypto/openssh/contrib/README60
-rw-r--r--crypto/openssh/contrib/aix/README50
-rwxr-xr-xcrypto/openssh/contrib/aix/buildbff.sh383
-rwxr-xr-xcrypto/openssh/contrib/aix/inventory.sh63
-rw-r--r--crypto/openssh/contrib/aix/pam.conf20
-rw-r--r--crypto/openssh/contrib/caldera/openssh.spec366
-rwxr-xr-xcrypto/openssh/contrib/caldera/ssh-host-keygen36
-rwxr-xr-xcrypto/openssh/contrib/caldera/sshd.init125
-rw-r--r--crypto/openssh/contrib/caldera/sshd.pam8
-rw-r--r--crypto/openssh/contrib/cygwin/Makefile56
-rw-r--r--crypto/openssh/contrib/cygwin/README224
-rw-r--r--crypto/openssh/contrib/cygwin/ssh-host-config592
-rw-r--r--crypto/openssh/contrib/cygwin/ssh-user-config250
-rw-r--r--crypto/openssh/contrib/findssl.sh159
-rw-r--r--crypto/openssh/contrib/gnome-ssh-askpass1.c171
-rw-r--r--crypto/openssh/contrib/gnome-ssh-askpass2.c220
-rw-r--r--crypto/openssh/contrib/hpux/README45
-rw-r--r--crypto/openssh/contrib/hpux/egd15
-rwxr-xr-xcrypto/openssh/contrib/hpux/egd.rc98
-rw-r--r--crypto/openssh/contrib/hpux/sshd5
-rwxr-xr-xcrypto/openssh/contrib/hpux/sshd.rc90
-rw-r--r--crypto/openssh/contrib/redhat/gnome-ssh-askpass.csh1
-rw-r--r--crypto/openssh/contrib/redhat/gnome-ssh-askpass.sh2
-rw-r--r--crypto/openssh/contrib/redhat/openssh.spec804
-rwxr-xr-xcrypto/openssh/contrib/redhat/sshd.init154
-rw-r--r--crypto/openssh/contrib/redhat/sshd.pam8
-rwxr-xr-xcrypto/openssh/contrib/solaris/README24
-rwxr-xr-xcrypto/openssh/contrib/solaris/buildpkg.sh386
-rwxr-xr-xcrypto/openssh/contrib/solaris/opensshd.in82
-rw-r--r--crypto/openssh/contrib/ssh-copy-id50
-rw-r--r--crypto/openssh/contrib/ssh-copy-id.167
-rw-r--r--crypto/openssh/contrib/sshd.pam.freebsd5
-rw-r--r--crypto/openssh/contrib/sshd.pam.generic8
-rw-r--r--crypto/openssh/contrib/suse/openssh.spec199
-rw-r--r--crypto/openssh/contrib/suse/rc.config.sshd5
-rw-r--r--crypto/openssh/contrib/suse/rc.sshd80
-rw-r--r--crypto/openssh/dsa.c304
-rw-r--r--crypto/openssh/dsa.h45
-rw-r--r--crypto/openssh/fingerprint.c69
-rw-r--r--crypto/openssh/fingerprint.h34
-rw-r--r--crypto/openssh/hmac.c54
-rw-r--r--crypto/openssh/hmac.h34
-rw-r--r--crypto/openssh/lib/Makefile35
-rw-r--r--crypto/openssh/log-client.c84
-rw-r--r--crypto/openssh/log-server.c173
-rw-r--r--crypto/openssh/login.c145
-rw-r--r--crypto/openssh/moduli.h23
-rw-r--r--crypto/openssh/nchan.h91
-rw-r--r--crypto/openssh/openbsd-compat/.cvsignore1
-rw-r--r--crypto/openssh/openbsd-compat/fake-queue.h584
-rw-r--r--crypto/openssh/openbsd-compat/tree.h667
-rw-r--r--crypto/openssh/pty.c275
-rw-r--r--crypto/openssh/pty.h47
-rw-r--r--crypto/openssh/readpass.h19
-rwxr-xr-xcrypto/openssh/regress/copy.1bin45948 -> 0 bytes
-rwxr-xr-xcrypto/openssh/regress/copy.2bin45948 -> 0 bytes
-rw-r--r--crypto/openssh/scard/.cvsignore2
-rw-r--r--crypto/openssh/scard/Makefile20
-rw-r--r--crypto/openssh/scp-common.c98
-rw-r--r--crypto/openssh/scp-common.h64
-rw-r--r--crypto/openssh/scp/Makefile15
-rw-r--r--crypto/openssh/sftp-glob.h37
-rw-r--r--crypto/openssh/sftp-int.c1191
-rw-r--r--crypto/openssh/sftp-int.h27
-rw-r--r--crypto/openssh/sftp-server/Makefile18
-rw-r--r--crypto/openssh/sftp/Makefile19
-rw-r--r--crypto/openssh/ssh-add/Makefile18
-rw-r--r--crypto/openssh/ssh-agent/Makefile18
-rw-r--r--crypto/openssh/ssh-keygen/Makefile18
-rw-r--r--crypto/openssh/ssh-keyscan/Makefile18
-rw-r--r--crypto/openssh/ssh-keysign/Makefile18
-rw-r--r--crypto/openssh/ssh/Makefile40
-rw-r--r--crypto/openssh/sshd/Makefile56
-rw-r--r--crypto/openssh/sshtty.h47
-rw-r--r--crypto/openssh/tildexpand.h15
-rw-r--r--crypto/openssh/util.c96
86 files changed, 0 insertions, 10036 deletions
diff --git a/crypto/openssh/.cvsignore b/crypto/openssh/.cvsignore
deleted file mode 100644
index 12de9ef50509..000000000000
--- a/crypto/openssh/.cvsignore
+++ /dev/null
@@ -1,24 +0,0 @@
-ssh
-scp
-sshd
-ssh-add
-ssh-keygen
-ssh-keyscan
-ssh-keysign
-ssh-agent
-sftp-server
-sftp
-configure
-config.h.in
-config.h
-config.status
-config.cache
-config.log
-stamp-h.in
-Makefile
-ssh_prng_cmds
-*.out
-*.0
-buildit.sh
-autom4te.cache
-ssh-rand-helper
diff --git a/crypto/openssh/COPYING.Ylonen b/crypto/openssh/COPYING.Ylonen
deleted file mode 100644
index 5e681edd2930..000000000000
--- a/crypto/openssh/COPYING.Ylonen
+++ /dev/null
@@ -1,70 +0,0 @@
-This file is part of the ssh software, Copyright (c) 1995 Tatu Ylonen, Finland
-
-
-COPYING POLICY AND OTHER LEGAL ISSUES
-
-As far as I am concerned, the code I have written for this software
-can be used freely for any purpose. Any derived versions of this
-software must be clearly marked as such, and if the derived work is
-incompatible with the protocol description in the RFC file, it must be
-called by a name other than "ssh" or "Secure Shell".
-
-However, I am not implying to give any licenses to any patents or
-copyrights held by third parties, and the software includes parts that
-are not under my direct control. As far as I know, all included
-source code is used in accordance with the relevant license agreements
-and can be used freely for any purpose (the GNU license being the most
-restrictive); see below for details.
-
-[ RSA is no longer included. ]
-[ IDEA is no longer included. ]
-[ DES is now external. ]
-[ GMP is now external. No more GNU licence. ]
-[ Zlib is now external. ]
-[ The make-ssh-known-hosts script is no longer included. ]
-[ TSS has been removed. ]
-[ MD5 is now external. ]
-[ RC4 support has been removed. ]
-[ Blowfish is now external. ]
-
-The 32-bit CRC implementation in crc32.c is due to Gary S. Brown.
-Comments in the file indicate it may be used for any purpose without
-restrictions.
-
-The 32-bit CRC compensation attack detector in deattack.c was
-contributed by CORE SDI S.A. under a BSD-style license. See
-http://www.core-sdi.com/english/ssh/ for details.
-
-Note that any information and cryptographic algorithms used in this
-software are publicly available on the Internet and at any major
-bookstore, scientific library, and patent office worldwide. More
-information can be found e.g. at "http://www.cs.hut.fi/crypto".
-
-The legal status of this program is some combination of all these
-permissions and restrictions. Use only at your own responsibility.
-You will be responsible for any legal consequences yourself; I am not
-making any claims whether possessing or using this is legal or not in
-your country, and I am not taking any responsibility on your behalf.
-
-
- NO WARRANTY
-
-BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
-IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
diff --git a/crypto/openssh/Makefile b/crypto/openssh/Makefile
deleted file mode 100644
index 0b9c668b6511..000000000000
--- a/crypto/openssh/Makefile
+++ /dev/null
@@ -1,14 +0,0 @@
-# $OpenBSD: Makefile,v 1.11 2002/05/23 19:24:30 markus Exp $
-
-.include <bsd.own.mk>
-
-SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp sftp-server \
- ssh-keysign ssh-keyscan sftp scard
-
-distribution:
- install -C -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \
- ${DESTDIR}/etc/ssh/ssh_config
- install -C -o root -g wheel -m 0644 ${.CURDIR}/sshd_config \
- ${DESTDIR}/etc/ssh/sshd_config
-
-.include <bsd.subdir.mk>
diff --git a/crypto/openssh/Makefile.inc b/crypto/openssh/Makefile.inc
deleted file mode 100644
index c68f59a74e94..000000000000
--- a/crypto/openssh/Makefile.inc
+++ /dev/null
@@ -1,26 +0,0 @@
-# $OpenBSD: Makefile.inc,v 1.23 2002/03/06 00:23:27 markus Exp $
-
-CFLAGS+= -I${.CURDIR}/..
-
-CDIAGFLAGS= -Wall
-#CDIAGFLAGS+= -Werror
-CDIAGFLAGS+= -Wpointer-arith
-CDIAGFLAGS+= -Wno-uninitialized
-#CDIAGFLAGS+= -Wstrict-prototypes
-CDIAGFLAGS+= -Wmissing-prototypes
-CDIAGFLAGS+= -Wunused
-
-#DEBUG=-g
-
-#CFLAGS+= -DSMARTCARD
-#LDADD+= -lsectok
-
-.include <bsd.obj.mk>
-
-.if exists(${.CURDIR}/../lib/${__objdir})
-LDADD+= -L${.CURDIR}/../lib/${__objdir} -lssh
-DPADD+= ${.CURDIR}/../lib/${__objdir}/libssh.a
-.else
-LDADD+= -L${.CURDIR}/../lib -lssh
-DPADD+= ${.CURDIR}/../lib/libssh.a
-.endif
diff --git a/crypto/openssh/README.openssh2 b/crypto/openssh/README.openssh2
deleted file mode 100644
index 12c90aa31690..000000000000
--- a/crypto/openssh/README.openssh2
+++ /dev/null
@@ -1,44 +0,0 @@
-$Id: README.openssh2,v 1.8 2000/05/07 18:30:03 markus Exp $
-
-howto:
- 1) generate server key:
- $ ssh-keygen -d -f /etc/ssh_host_dsa_key -N ''
- 2) enable ssh2:
- server: add 'Protocol 2,1' to /etc/sshd_config
- client: ssh -o 'Protocol 2,1', or add to .ssh/config
- 3) DSA authentication similar to RSA (add keys to ~/.ssh/authorized_keys2)
- interop w/ ssh.com dsa-keys:
- ssh-keygen -f /key/from/ssh.com -X >> ~/.ssh/authorized_keys2
- and vice versa
- ssh-keygen -f /privatekey/from/openssh -x > ~/.ssh2/mykey.pub
- echo Key mykey.pub >> ~/.ssh2/authorization
-
-works:
- secsh-transport: works w/o rekey
- proposal exchange, i.e. different enc/mac/comp per direction
- encryption: blowfish-cbc, 3des-cbc, arcfour, cast128-cbc
- mac: hmac-md5, hmac-sha1, (hmac-ripemd160)
- compression: zlib, none
- secsh-userauth: passwd and pubkey with DSA
- secsh-connection: pty+shell or command, flow control works (window adjust)
- tcp-forwarding: -L works, -R incomplete
- x11-fwd
- dss/dsa: host key database in ~/.ssh/known_hosts2
- client interops w/ sshd2, lshd
- server interops w/ ssh2, lsh, ssh.com's Windows client, SecureCRT, F-Secure SSH Client 4.0, SecureFX (secure ftp)
- server supports multiple concurrent sessions (e.g. with SSH.com Windows client)
-todo:
- re-keying
- secsh-connection features:
- tcp-forwarding, agent-fwd
- auth other than passwd, and DSA-pubkey:
- keyboard-interactive, (PGP-pubkey?)
- config
- server-auth w/ old host-keys
- cleanup
- advanced key storage?
- keynote
- sftp
-
--markus
-$Date: 2000/05/07 18:30:03 $
diff --git a/crypto/openssh/auth2-skey.c b/crypto/openssh/auth2-skey.c
deleted file mode 100644
index 9de08fc09cfd..000000000000
--- a/crypto/openssh/auth2-skey.c
+++ /dev/null
@@ -1,104 +0,0 @@
-#include "includes.h"
-RCSID("$OpenBSD: auth2-skey.c,v 1.1 2000/10/11 20:14:38 markus Exp $");
-
-#include "ssh.h"
-#include "ssh2.h"
-#include "auth.h"
-#include "packet.h"
-#include "xmalloc.h"
-#include "dispatch.h"
-
-void send_userauth_into_request(Authctxt *authctxt, int echo);
-void input_userauth_info_response(int type, int plen, void *ctxt);
-
-/*
- * try skey authentication, always return -1 (= postponed) since we have to
- * wait for the s/key response.
- */
-int
-auth2_skey(Authctxt *authctxt)
-{
- send_userauth_into_request(authctxt, 0);
- dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, &input_userauth_info_response);
- return -1;
-}
-
-void
-send_userauth_into_request(Authctxt *authctxt, int echo)
-{
- int retval = -1;
- struct skey skey;
- char challenge[SKEY_MAX_CHALLENGE];
- char *fake;
-
- if (authctxt->user == NULL)
- fatal("send_userauth_into_request: internal error: no user");
-
- /* get skey challenge */
- if (authctxt->valid)
- retval = skeychallenge(&skey, authctxt->user, challenge);
-
- if (retval == -1) {
- fake = skey_fake_keyinfo(authctxt->user);
- strlcpy(challenge, fake, sizeof challenge);
- }
- /* send our info request */
- packet_start(SSH2_MSG_USERAUTH_INFO_REQUEST);
- packet_put_cstring("S/Key Authentication"); /* Name */
- packet_put_cstring(challenge); /* Instruction */
- packet_put_cstring(""); /* Language */
- packet_put_int(1); /* Number of prompts */
- packet_put_cstring(echo ?
- "Response [Echo]: ": "Response: "); /* Prompt */
- packet_put_char(echo); /* Echo */
- packet_send();
- packet_write_wait();
- memset(challenge, 'c', sizeof challenge);
-}
-
-void
-input_userauth_info_response(int type, int plen, void *ctxt)
-{
- Authctxt *authctxt = ctxt;
- int authenticated = 0;
- unsigned int nresp, rlen;
- char *resp, *method;
-
- if (authctxt == NULL)
- fatal("input_userauth_info_response: no authentication context");
-
- if (authctxt->attempt++ >= AUTH_FAIL_MAX)
- packet_disconnect("too many failed userauth_requests");
-
- nresp = packet_get_int();
- if (nresp == 1) {
- /* we only support s/key and assume s/key for nresp == 1 */
- method = "s/key";
- resp = packet_get_string(&rlen);
- packet_done();
- if (strlen(resp) == 0) {
- /*
- * if we received a null response, resend prompt with
- * echo enabled
- */
- authenticated = -1;
- userauth_log(authctxt, authenticated, method);
- send_userauth_into_request(authctxt, 1);
- } else {
- /* verify skey response */
- if (authctxt->valid &&
- skey_haskey(authctxt->pw->pw_name) == 0 &&
- skey_passcheck(authctxt->pw->pw_name, resp) != -1) {
- authenticated = 1;
- } else {
- authenticated = 0;
- }
- memset(resp, 'r', rlen);
- /* unregister callback */
- dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
- userauth_log(authctxt, authenticated, method);
- userauth_reply(authctxt, authenticated);
- }
- xfree(resp);
- }
-}
diff --git a/crypto/openssh/aux.c b/crypto/openssh/aux.c
deleted file mode 100644
index 899142da7167..000000000000
--- a/crypto/openssh/aux.c
+++ /dev/null
@@ -1,36 +0,0 @@
-#include "includes.h"
-RCSID("$OpenBSD: aux.c,v 1.2 2000/05/17 09:47:59 markus Exp $");
-
-#include "ssh.h"
-
-char *
-chop(char *s)
-{
- char *t = s;
- while (*t) {
- if(*t == '\n' || *t == '\r') {
- *t = '\0';
- return s;
- }
- t++;
- }
- return s;
-
-}
-
-void
-set_nonblock(int fd)
-{
- int val;
- val = fcntl(fd, F_GETFL, 0);
- if (val < 0) {
- error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
- return;
- }
- if (val & O_NONBLOCK)
- return;
- debug("fd %d setting O_NONBLOCK", fd);
- val |= O_NONBLOCK;
- if (fcntl(fd, F_SETFL, val) == -1)
- error("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd, strerror(errno));
-}
diff --git a/crypto/openssh/cli.c b/crypto/openssh/cli.c
deleted file mode 100644
index 8f0b2b87e36c..000000000000
--- a/crypto/openssh/cli.c
+++ /dev/null
@@ -1,231 +0,0 @@
-/* $OpenBSD: cli.c,v 1.11 2001/03/06 00:33:04 deraadt Exp $ */
-
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: cli.c,v 1.11 2001/03/06 00:33:04 deraadt Exp $");
-
-#include "xmalloc.h"
-#include "log.h"
-#include "cli.h"
-
-#include <vis.h>
-
-static int cli_input = -1;
-static int cli_output = -1;
-static int cli_from_stdin = 0;
-
-sigset_t oset;
-sigset_t nset;
-struct sigaction nsa;
-struct sigaction osa;
-struct termios ntio;
-struct termios otio;
-int echo_modified;
-
-volatile int intr;
-
-static int
-cli_open(int from_stdin)
-{
- if (cli_input >= 0 && cli_output >= 0 && cli_from_stdin == from_stdin)
- return 1;
-
- if (from_stdin) {
- if (!cli_from_stdin && cli_input >= 0) {
- (void)close(cli_input);
- }
- cli_input = STDIN_FILENO;
- cli_output = STDERR_FILENO;
- } else {
- cli_input = cli_output = open(_PATH_TTY, O_RDWR);
- if (cli_input < 0)
- fatal("You have no controlling tty. Cannot read passphrase.");
- }
-
- cli_from_stdin = from_stdin;
-
- return cli_input >= 0 && cli_output >= 0 && cli_from_stdin == from_stdin;
-}
-
-static void
-cli_close(void)
-{
- if (!cli_from_stdin && cli_input >= 0)
- close(cli_input);
- cli_input = -1;
- cli_output = -1;
- cli_from_stdin = 0;
- return;
-}
-
-void
-intrcatch(int sig)
-{
- intr = 1;
-}
-
-static void
-cli_echo_disable(void)
-{
- sigemptyset(&nset);
- sigaddset(&nset, SIGTSTP);
- (void) sigprocmask(SIG_BLOCK, &nset, &oset);
-
- intr = 0;
-
- memset(&nsa, 0, sizeof(nsa));
- nsa.sa_handler = intrcatch;
- (void) sigaction(SIGINT, &nsa, &osa);
-
- echo_modified = 0;
- if (tcgetattr(cli_input, &otio) == 0 && (otio.c_lflag & ECHO)) {
- echo_modified = 1;
- ntio = otio;
- ntio.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
- (void) tcsetattr(cli_input, TCSANOW, &ntio);
- }
- return;
-}
-
-static void
-cli_echo_restore(void)
-{
- if (echo_modified != 0) {
- tcsetattr(cli_input, TCSANOW, &otio);
- echo_modified = 0;
- }
-
- (void) sigprocmask(SIG_SETMASK, &oset, NULL);
- (void) sigaction(SIGINT, &osa, NULL);
-
- if (intr != 0) {
- kill(getpid(), SIGINT);
- sigemptyset(&nset);
- /* XXX tty has not neccessarily drained by now? */
- sigsuspend(&nset);
- intr = 0;
- }
- return;
-}
-
-static int
-cli_read(char* buf, int size, int echo)
-{
- char ch = 0;
- int i = 0;
- int n;
-
- if (!echo)
- cli_echo_disable();
-
- while (ch != '\n') {
- n = read(cli_input, &ch, 1);
- if (n == -1 && (errno == EAGAIN || errno == EINTR))
- continue;
- if (n != 1)
- break;
- if (ch == '\n' || intr != 0)
- break;
- if (i < size)
- buf[i++] = ch;
- }
- buf[i] = '\0';
-
- if (!echo)
- cli_echo_restore();
- if (!intr && !echo)
- (void) write(cli_output, "\n", 1);
- return i;
-}
-
-static int
-cli_write(char* buf, int size)
-{
- int i, len, pos, ret = 0;
- char *output, *p;
-
- output = xmalloc(4*size);
- for (p = output, i = 0; i < size; i++) {
- if (buf[i] == '\n' || buf[i] == '\r')
- *p++ = buf[i];
- else
- p = vis(p, buf[i], 0, 0);
- }
- len = p - output;
-
- for (pos = 0; pos < len; pos += ret) {
- ret = write(cli_output, output + pos, len - pos);
- if (ret == -1) {
- xfree(output);
- return -1;
- }
- }
- xfree(output);
- return 0;
-}
-
-/*
- * Presents a prompt and returns the response allocated with xmalloc().
- * Uses /dev/tty or stdin/out depending on arg. Optionally disables echo
- * of response depending on arg. Tries to ensure that no other userland
- * buffer is storing the response.
- */
-char*
-cli_read_passphrase(char* prompt, int from_stdin, int echo_enable)
-{
- char buf[BUFSIZ];
- char* p;
-
- if (!cli_open(from_stdin))
- fatal("Cannot read passphrase.");
-
- fflush(stdout);
-
- cli_write(prompt, strlen(prompt));
- cli_read(buf, sizeof buf, echo_enable);
-
- cli_close();
-
- p = xstrdup(buf);
- memset(buf, 0, sizeof(buf));
- return (p);
-}
-
-char*
-cli_prompt(char* prompt, int echo_enable)
-{
- return cli_read_passphrase(prompt, 0, echo_enable);
-}
-
-void
-cli_mesg(char* mesg)
-{
- cli_open(0);
- cli_write(mesg, strlen(mesg));
- cli_write("\n", strlen("\n"));
- cli_close();
- return;
-}
diff --git a/crypto/openssh/cli.h b/crypto/openssh/cli.h
deleted file mode 100644
index 6f57c9b8ad0a..000000000000
--- a/crypto/openssh/cli.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* $OpenBSD: cli.h,v 1.4 2001/03/01 03:38:33 deraadt Exp $ */
-
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* $OpenBSD: cli.h,v 1.4 2001/03/01 03:38:33 deraadt Exp $ */
-
-#ifndef CLI_H
-#define CLI_H
-
-/*
- * Presents a prompt and returns the response allocated with xmalloc().
- * Uses /dev/tty or stdin/out depending on arg. Optionally disables echo
- * of response depending on arg. Tries to ensure that no other userland
- * buffer is storing the response.
- */
-char * cli_read_passphrase(char * prompt, int from_stdin, int echo_enable);
-char * cli_prompt(char * prompt, int echo_enable);
-void cli_mesg(char * mesg);
-
-#endif /* CLI_H */
diff --git a/crypto/openssh/contrib/Makefile b/crypto/openssh/contrib/Makefile
deleted file mode 100644
index 2cef46f6c6d3..000000000000
--- a/crypto/openssh/contrib/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-all:
- @echo "Valid targets: gnome-ssh-askpass1 gnome-ssh-askpass2"
-
-gnome-ssh-askpass1: gnome-ssh-askpass1.c
- $(CC) `gnome-config --cflags gnome gnomeui` \
- gnome-ssh-askpass1.c -o gnome-ssh-askpass1 \
- `gnome-config --libs gnome gnomeui`
-
-gnome-ssh-askpass2: gnome-ssh-askpass2.c
- $(CC) `pkg-config --cflags gtk+-2.0` \
- gnome-ssh-askpass2.c -o gnome-ssh-askpass2 \
- `pkg-config --libs gtk+-2.0`
-
-clean:
- rm -f *.o gnome-ssh-askpass1 gnome-ssh-askpass2 gnome-ssh-askpass
diff --git a/crypto/openssh/contrib/README b/crypto/openssh/contrib/README
deleted file mode 100644
index 9de3d961d495..000000000000
--- a/crypto/openssh/contrib/README
+++ /dev/null
@@ -1,60 +0,0 @@
-Other patches and addons for OpenSSH. Please send submissions to
-djm@mindrot.org
-
-Externally maintained
----------------------
-
-SSH Proxy Command -- connect.c
-
-Shun-ichi GOTO <gotoh@imasy.or.jp> has written a very useful ProxyCommand
-which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or
-https CONNECT style proxy server. His page for connect.c has extensive
-documentation on its use as well as compiled versions for Win32.
-
-http://www.taiyo.co.jp/~gotoh/ssh/connect.html
-
-
-X11 SSH Askpass:
-
-Jim Knoble <jmknoble@pobox.com> has written an excellent X11
-passphrase requester. This is highly recommended:
-
-http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html
-
-
-In this directory
------------------
-
-ssh-copy-id:
-
-Phil Hands' <phil@hands.com> shell script to automate the process of adding
-your public key to a remote machine's ~/.ssh/authorized_keys file.
-
-gnome-ssh-askpass[12]:
-
-A GNOME and Gtk2 passphrase requesters. Use "make gnome-ssh-askpass1" or
-"make gnome-ssh-askpass2" to build.
-
-sshd.pam.generic:
-
-A generic PAM config file which may be useful on your system. YMMV
-
-sshd.pam.freebsd:
-
-A PAM config file which works with FreeBSD's PAM port. Contributed by
-Dominik Brettnacher <domi@saargate.de>
-
-mdoc2man.pl:
-
-Converts mdoc formated manpages into normal manpages. This can be used
-on Solaris machines to provide manpages that are not preformated.
-Contributed by Mark D. Roth <roth@feep.net>
-
-redhat:
-
-RPM spec file and scripts for building Redhat packages
-
-suse:
-
-RPM spec file and scripts for building SuSE packages
-
diff --git a/crypto/openssh/contrib/aix/README b/crypto/openssh/contrib/aix/README
deleted file mode 100644
index 2a299350abb0..000000000000
--- a/crypto/openssh/contrib/aix/README
+++ /dev/null
@@ -1,50 +0,0 @@
-Overview:
-
-This directory contains files to build an AIX native (installp or SMIT
-installable) openssh package.
-
-
-Directions:
-
-(optional) create config.local in your build dir
-./configure [options]
-contrib/aix/buildbff.sh
-
-The file config.local or the environment is read to set the following options
-(default first):
-PERMIT_ROOT_LOGIN=[no|yes]
-X11_FORWARDING=[no|yes]
-AIX_SRC=[no|yes]
-
-Acknowledgements:
-
-The contents of this directory are based on Ben Lindstrom's Solaris
-buildpkg.sh. Ben also supplied inventory.sh.
-
-Jim Abbey's (GPL'ed) lppbuild-2.1 was used to learn how to build .bff's
-and for comparison with the output from this script, however no code
-from lppbuild is included and it is not required for operation.
-
-SRC support based on examples provided by Sandor Sklar and Maarten Kreuger.
-PrivSep account handling fixes contributed by W. Earl Allen.
-
-
-Other notes:
-
-The script treats all packages as USR packages (not ROOT+USR when
-appropriate). It seems to work, though......
-
-If there are any patches to this that have not yet been integrated they
-may be found at http://www.zip.com.au/~dtucker/openssh/.
-
-
-Disclaimer:
-
-It is hoped that it is useful but there is no warranty. If it breaks
-you get to keep both pieces.
-
-
- - Darren Tucker (dtucker at zip dot com dot au)
- 2002/03/01
-
-$Id: README,v 1.4 2003/08/25 05:01:04 dtucker Exp $
diff --git a/crypto/openssh/contrib/aix/buildbff.sh b/crypto/openssh/contrib/aix/buildbff.sh
deleted file mode 100755
index 4a5c32b0ecb9..000000000000
--- a/crypto/openssh/contrib/aix/buildbff.sh
+++ /dev/null
@@ -1,383 +0,0 @@
-#!/bin/sh
-#
-# buildbff.sh: Create AIX SMIT-installable OpenSSH packages
-# $Id: buildbff.sh,v 1.7 2003/11/21 12:48:56 djm Exp $
-#
-# Author: Darren Tucker (dtucker at zip dot com dot au)
-# This file is placed in the public domain and comes with absolutely
-# no warranty.
-#
-# Based originally on Ben Lindstrom's buildpkg.sh for Solaris
-#
-
-#
-# Tunable configuration settings
-# create a "config.local" in your build directory or set
-# environment variables to override these.
-#
-[ -z "$PERMIT_ROOT_LOGIN" ] && PERMIT_ROOT_LOGIN=no
-[ -z "$X11_FORWARDING" ] && X11_FORWARDING=no
-[ -z "$AIX_SRC" ] && AIX_SRC=no
-
-umask 022
-
-startdir=`pwd`
-
-# Path to inventory.sh: same place as buildbff.sh
-if echo $0 | egrep '^/'
-then
- inventory=`dirname $0`/inventory.sh # absolute path
-else
- inventory=`pwd`/`dirname $0`/inventory.sh # relative path
-fi
-
-#
-# We still support running from contrib/aix, but this is deprecated
-#
-if pwd | egrep 'contrib/aix$'
-then
- echo "Changing directory to `pwd`/../.."
- echo "Please run buildbff.sh from your build directory in future."
- cd ../..
- contribaix=1
-fi
-
-if [ ! -f Makefile ]
-then
- echo "Makefile not found (did you run configure?)"
- exit 1
-fi
-
-#
-# Directories used during build:
-# current dir = $objdir directory you ran ./configure in.
-# $objdir/$PKGDIR/ directory package files are constructed in
-# $objdir/$PKGDIR/root/ package root ($FAKE_ROOT)
-#
-objdir=`pwd`
-PKGNAME=openssh
-PKGDIR=package
-
-#
-# Collect local configuration settings to override defaults
-#
-if [ -s ./config.local ]
-then
- echo Reading local settings from config.local
- . ./config.local
-fi
-
-#
-# Fill in some details from Makefile, like prefix and sysconfdir
-# the eval also expands variables like sysconfdir=${prefix}/etc
-# provided they are eval'ed in the correct order
-#
-for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir mansubdir sysconfdir piddir srcdir
-do
- eval $confvar=`grep "^$confvar=" $objdir/Makefile | cut -d = -f 2`
-done
-
-#
-# Collect values of privsep user and privsep path
-# currently only found in config.h
-#
-for confvar in SSH_PRIVSEP_USER PRIVSEP_PATH
-do
- eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' $objdir/config.h`
-done
-
-# Set privsep defaults if not defined
-if [ -z "$SSH_PRIVSEP_USER" ]
-then
- SSH_PRIVSEP_USER=sshd
-fi
-if [ -z "$PRIVSEP_PATH" ]
-then
- PRIVSEP_PATH=/var/empty
-fi
-
-# Clean package build directory
-rm -rf $objdir/$PKGDIR
-FAKE_ROOT=$objdir/$PKGDIR/root
-mkdir -p $FAKE_ROOT
-
-# Start by faking root install
-echo "Faking root install..."
-cd $objdir
-make install-nokeys DESTDIR=$FAKE_ROOT
-
-if [ $? -gt 0 ]
-then
- echo "Fake root install failed, stopping."
- exit 1
-fi
-
-#
-# Copy informational files to include in package
-#
-cp $srcdir/LICENCE $objdir/$PKGDIR/
-cp $srcdir/README* $objdir/$PKGDIR/
-
-#
-# Extract common info requires for the 'info' part of the package.
-# AIX requires 4-part version numbers
-#
-VERSION=`./ssh -V 2>&1 | cut -f 1 -d , | cut -f 2 -d _`
-MAJOR=`echo $VERSION | cut -f 1 -d p | cut -f 1 -d .`
-MINOR=`echo $VERSION | cut -f 1 -d p | cut -f 2 -d .`
-PATCH=`echo $VERSION | cut -f 1 -d p | cut -f 3 -d .`
-PORTABLE=`echo $VERSION | awk 'BEGIN{FS="p"}{print $2}'`
-[ "$PATCH" = "" ] && PATCH=0
-[ "$PORTABLE" = "" ] && PORTABLE=0
-BFFVERSION=`printf "%d.%d.%d.%d" $MAJOR $MINOR $PATCH $PORTABLE`
-
-echo "Building BFF for $PKGNAME $VERSION (package version $BFFVERSION)"
-
-#
-# Set ssh and sshd parameters as per config.local
-#
-if [ "${PERMIT_ROOT_LOGIN}" = no ]
-then
- perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
-fi
-if [ "${X11_FORWARDING}" = yes ]
-then
- perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
-fi
-
-
-# Rename config files; postinstall script will copy them if necessary
-for cfgfile in ssh_config sshd_config ssh_prng_cmds
-do
- mv $FAKE_ROOT/$sysconfdir/$cfgfile $FAKE_ROOT/$sysconfdir/$cfgfile.default
-done
-
-#
-# Generate lpp control files.
-# working dir is $FAKE_ROOT but files are generated in dir above
-# and moved into place just before creation of .bff
-#
-cd $FAKE_ROOT
-echo Generating LPP control files
-find . ! -name . -print >../openssh.al
-$inventory >../openssh.inventory
-
-cat <<EOD >../openssh.copyright
-This software is distributed under a BSD-style license.
-For the full text of the license, see /usr/lpp/openssh/LICENCE
-EOD
-
-#
-# openssh.size file allows filesystem expansion as required
-# generate list of directories containing files
-# then calculate disk usage for each directory and store in openssh.size
-#
-files=`find . -type f -print`
-dirs=`for file in $files; do dirname $file; done | sort -u`
-for dir in $dirs
-do
- du $dir
-done > ../openssh.size
-
-#
-# Create postinstall script
-#
-cat <<EOF >>../openssh.post_i
-#!/bin/sh
-
-echo Creating configs from defaults if necessary.
-for cfgfile in ssh_config sshd_config ssh_prng_cmds
-do
- if [ ! -f $sysconfdir/\$cfgfile ]
- then
- echo "Creating \$cfgfile from default"
- cp $sysconfdir/\$cfgfile.default $sysconfdir/\$cfgfile
- else
- echo "\$cfgfile already exists."
- fi
-done
-echo
-
-# Create PrivSep user if PrivSep not disabled in config
-echo Creating PrivSep prereqs if required.
-if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' $sysconfdir/sshd_config >/dev/null
-then
- echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user,"
- echo "group or chroot directory."
-else
- echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
-
- # create group if required
- if cut -f1 -d: /etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
- then
- echo "PrivSep group $SSH_PRIVSEP_USER already exists."
- else
- echo "Creating PrivSep group $SSH_PRIVSEP_USER."
- mkgroup -A $SSH_PRIVSEP_USER
- fi
-
- # Create user if required
- if lsuser ALL | cut -f1 -d: | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
- then
- echo "PrivSep user $SSH_PRIVSEP_USER already exists."
- else
- echo "Creating PrivSep user $SSH_PRIVSEP_USER."
- mkuser gecos='SSHD PrivSep User' login=false rlogin=false account_locked=true pgrp=$SSH_PRIVSEP_USER $SSH_PRIVSEP_USER
- fi
-
- # create chroot directory if required
- if [ -d $PRIVSEP_PATH ]
- then
- echo "PrivSep chroot directory $PRIVSEP_PATH already exists."
- else
- echo "Creating PrivSep chroot directory $PRIVSEP_PATH."
- mkdir $PRIVSEP_PATH
- chown 0 $PRIVSEP_PATH
- chgrp 0 $PRIVSEP_PATH
- chmod 755 $PRIVSEP_PATH
- fi
-fi
-echo
-
-# Generate keys unless they already exist
-echo Creating host keys if required.
-if [ -f "$sysconfdir/ssh_host_key" ] ; then
- echo "$sysconfdir/ssh_host_key already exists, skipping."
-else
- $bindir/ssh-keygen -t rsa1 -f $sysconfdir/ssh_host_key -N ""
-fi
-if [ -f $sysconfdir/ssh_host_dsa_key ] ; then
- echo "$sysconfdir/ssh_host_dsa_key already exists, skipping."
-else
- $bindir/ssh-keygen -t dsa -f $sysconfdir/ssh_host_dsa_key -N ""
-fi
-if [ -f $sysconfdir/ssh_host_rsa_key ] ; then
- echo "$sysconfdir/ssh_host_rsa_key already exists, skipping."
-else
- $bindir/ssh-keygen -t rsa -f $sysconfdir/ssh_host_rsa_key -N ""
-fi
-echo
-
-# Set startup command depending on SRC support
-if [ "$AIX_SRC" = "yes" ]
-then
- echo Creating SRC sshd subsystem.
- rmssys -s sshd 2>&1 >/dev/null
- mkssys -s sshd -p "$sbindir/sshd" -a '-D' -u 0 -S -n 15 -f 9 -R -G tcpip
- startupcmd="start $sbindir/sshd \\\"\\\$src_running\\\""
- oldstartcmd="$sbindir/sshd"
-else
- startupcmd="$sbindir/sshd"
- oldstartcmd="start $sbindir/sshd \\\"$src_running\\\""
-fi
-
-# If migrating to or from SRC, change previous startup command
-# otherwise add to rc.tcpip
-if egrep "^\$oldstartcmd" /etc/rc.tcpip >/dev/null
-then
- if sed "s|^\$oldstartcmd|\$startupcmd|g" /etc/rc.tcpip >/etc/rc.tcpip.new
- then
- chmod 0755 /etc/rc.tcpip.new
- mv /etc/rc.tcpip /etc/rc.tcpip.old && \
- mv /etc/rc.tcpip.new /etc/rc.tcpip
- else
- echo "Updating /etc/rc.tcpip failed, please check."
- fi
-else
- # Add to system startup if required
- if grep "^\$startupcmd" /etc/rc.tcpip >/dev/null
- then
- echo "sshd found in rc.tcpip, not adding."
- else
- echo "Adding sshd to rc.tcpip"
- echo >>/etc/rc.tcpip
- echo "# Start sshd" >>/etc/rc.tcpip
- echo "\$startupcmd" >>/etc/rc.tcpip
- fi
-fi
-EOF
-
-#
-# Create liblpp.a and move control files into it
-#
-echo Creating liblpp.a
-(
- cd ..
- for i in openssh.al openssh.copyright openssh.inventory openssh.post_i openssh.size LICENCE README*
- do
- ar -r liblpp.a $i
- rm $i
- done
-)
-
-#
-# Create lpp_name
-#
-# This will end up looking something like:
-# 4 R I OpenSSH {
-# OpenSSH 3.0.2.1 1 N U en_US OpenSSH 3.0.2p1 Portable for AIX
-# [
-# %
-# /usr/local/bin 8073
-# /usr/local/etc 189
-# /usr/local/libexec 185
-# /usr/local/man/man1 145
-# /usr/local/man/man8 83
-# /usr/local/sbin 2105
-# /usr/local/share 3
-# %
-# ]
-# }
-
-echo Creating lpp_name
-cat <<EOF >../lpp_name
-4 R I $PKGNAME {
-$PKGNAME $BFFVERSION 1 N U en_US OpenSSH $VERSION Portable for AIX
-[
-%
-EOF
-
-for i in $bindir $sysconfdir $libexecdir $mandir/${mansubdir}1 $mandir/${mansubdir}8 $sbindir $datadir /usr/lpp/openssh
-do
- # get size in 512 byte blocks
- if [ -d $FAKE_ROOT/$i ]
- then
- size=`du $FAKE_ROOT/$i | awk '{print $1}'`
- echo "$i $size" >>../lpp_name
- fi
-done
-
-echo '%' >>../lpp_name
-echo ']' >>../lpp_name
-echo '}' >>../lpp_name
-
-#
-# Move pieces into place
-#
-mkdir -p usr/lpp/openssh
-mv ../liblpp.a usr/lpp/openssh
-mv ../lpp_name .
-
-#
-# Now invoke backup to create .bff file
-# note: lpp_name needs to be the first file so we generate the
-# file list on the fly and feed it to backup using -i
-#
-echo Creating $PKGNAME-$VERSION.bff with backup...
-rm -f $PKGNAME-$VERSION.bff
-(
- echo "./lpp_name"
- find . ! -name lpp_name -a ! -name . -print
-) | backup -i -q -f ../$PKGNAME-$VERSION.bff $filelist
-
-#
-# Move package into final location and clean up
-#
-mv ../$PKGNAME-$VERSION.bff $startdir
-cd $startdir
-rm -rf $objdir/$PKGDIR
-
-echo $0: done.
-
diff --git a/crypto/openssh/contrib/aix/inventory.sh b/crypto/openssh/contrib/aix/inventory.sh
deleted file mode 100755
index e2641e79c4f9..000000000000
--- a/crypto/openssh/contrib/aix/inventory.sh
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/sh
-#
-# inventory.sh
-# $Id: inventory.sh,v 1.6 2003/11/21 12:48:56 djm Exp $
-#
-# Originally written by Ben Lindstrom, modified by Darren Tucker to use perl
-# This file is placed into the public domain.
-#
-# This will produce an AIX package inventory file, which looks like:
-#
-# /usr/local/bin:
-# class=apply,inventory,openssh
-# owner=root
-# group=system
-# mode=755
-# type=DIRECTORY
-# /usr/local/bin/slogin:
-# class=apply,inventory,openssh
-# owner=root
-# group=system
-# mode=777
-# type=SYMLINK
-# target=ssh
-# /usr/local/share/Ssh.bin:
-# class=apply,inventory,openssh
-# owner=root
-# group=system
-# mode=644
-# type=FILE
-# size=VOLATILE
-# checksum=VOLATILE
-
-find . ! -name . -print | perl -ne '{
- chomp;
- if ( -l $_ ) {
- ($dev,$ino,$mod,$nl,$uid,$gid,$rdev,$sz,$at,$mt,$ct,$bsz,$blk)=lstat;
- } else {
- ($dev,$ino,$mod,$nl,$uid,$gid,$rdev,$sz,$at,$mt,$ct,$bsz,$blk)=stat;
- }
-
- # Start to display inventory information
- $name = $_;
- $name =~ s|^.||; # Strip leading dot from path
- print "$name:\n";
- print "\tclass=apply,inventory,openssh\n";
- print "\towner=root\n";
- print "\tgroup=system\n";
- printf "\tmode=%lo\n", $mod & 07777; # Mask perm bits
-
- if ( -l $_ ) {
- # Entry is SymLink
- print "\ttype=SYMLINK\n";
- printf "\ttarget=%s\n", readlink($_);
- } elsif ( -f $_ ) {
- # Entry is File
- print "\ttype=FILE\n";
- print "\tsize=$sz\n";
- print "\tchecksum=VOLATILE\n";
- } elsif ( -d $_ ) {
- # Entry is Directory
- print "\ttype=DIRECTORY\n";
- }
-}'
diff --git a/crypto/openssh/contrib/aix/pam.conf b/crypto/openssh/contrib/aix/pam.conf
deleted file mode 100644
index 1495f43cbf82..000000000000
--- a/crypto/openssh/contrib/aix/pam.conf
+++ /dev/null
@@ -1,20 +0,0 @@
-#
-# PAM configuration file /etc/pam.conf
-# Example for OpenSSH on AIX 5.2
-#
-
-# Authentication Management
-sshd auth required /usr/lib/security/pam_aix
-OTHER auth required /usr/lib/security/pam_aix
-
-# Account Management
-sshd account required /usr/lib/security/pam_aix
-OTHER account required /usr/lib/security/pam_aix
-
-# Session Management
-sshd password required /usr/lib/security/pam_aix
-OTHER password required /usr/lib/security/pam_aix
-
-# Password Management
-sshd session required /usr/lib/security/pam_aix
-OTHER session required /usr/lib/security/pam_aix
diff --git a/crypto/openssh/contrib/caldera/openssh.spec b/crypto/openssh/contrib/caldera/openssh.spec
deleted file mode 100644
index e690f102fb5b..000000000000
--- a/crypto/openssh/contrib/caldera/openssh.spec
+++ /dev/null
@@ -1,366 +0,0 @@
-
-# Some of this will need re-evaluation post-LSB. The SVIdir is there
-# because the link appeared broken. The rest is for easy compilation,
-# the tradeoff open to discussion. (LC957)
-
-%define SVIdir /etc/rc.d/init.d
-%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages}
-%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons}
-
-%define _mandir %{_prefix}/share/man/en
-%define _sysconfdir /etc/ssh
-%define _libexecdir %{_libdir}/ssh
-
-# Do we want to disable root_login? (1=yes 0=no)
-%define no_root_login 0
-
-#old cvs stuff. please update before use. may be deprecated.
-%define use_stable 1
-%if %{use_stable}
- %define version 3.8.1p1
- %define cvs %{nil}
- %define release 1
-%else
- %define version 3.8.1p1
- %define cvs cvs20011009
- %define release 0r1
-%endif
-%define xsa x11-ssh-askpass
-%define askpass %{xsa}-1.2.4.1
-
-# OpenSSH privilege separation requires a user & group ID
-%define sshd_uid 67
-%define sshd_gid 67
-
-Name : openssh
-Version : %{version}%{cvs}
-Release : %{release}
-Group : System/Network
-
-Summary : OpenSSH free Secure Shell (SSH) implementation.
-Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH).
-Summary(es) : OpenSSH implementación libre de Secure Shell (SSH).
-Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH).
-Summary(it) : Implementazione gratuita OpenSSH della Secure Shell.
-Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH).
-Summary(pt_BR) : Implementação livre OpenSSH do protocolo Secure Shell (SSH).
-
-Copyright : BSD
-Packager : Raymund Will <ray@caldera.de>
-URL : http://www.openssh.com/
-
-Obsoletes : ssh, ssh-clients, openssh-clients
-
-BuildRoot : /tmp/%{name}-%{version}
-BuildRequires : XFree86-imake
-
-# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
-# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
-Source0: see-above:/.../openssh-%{version}.tar.gz
-%if %{use_stable}
-Source1: see-above:/.../openssh-%{version}.tar.gz.sig
-%endif
-Source2: http://www.ntrnet.net/~jmknoble/software/%{xsa}/%{askpass}.tar.gz
-Source3: http://www.openssh.com/faq.html
-
-%Package server
-Group : System/Network
-Requires : openssh = %{version}
-Obsoletes : ssh-server
-
-Summary : OpenSSH Secure Shell protocol server (sshd).
-Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd).
-Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd).
-Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd).
-Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd).
-Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
-Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd).
-
-
-%Package askpass
-Group : System/Network
-Requires : openssh = %{version}
-URL : http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/
-Obsoletes : ssh-extras
-
-Summary : OpenSSH X11 pass-phrase dialog.
-Summary(de) : OpenSSH X11 Passwort-Dialog.
-Summary(es) : Aplicación de petición de frase clave OpenSSH X11.
-Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH.
-Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH.
-Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH.
-Summary(pt_BR) : Diálogo de pedido de senha para X11 do OpenSSH.
-
-
-%Description
-OpenSSH (Secure Shell) provides access to a remote system. It replaces
-telnet, rlogin, rexec, and rsh, and provides secure encrypted
-communications between two untrusted hosts over an insecure network.
-X11 connections and arbitrary TCP/IP ports can also be forwarded over
-the secure channel.
-
-%Description -l de
-OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
-telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte
-Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres
-Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso
-über den sicheren Channel weitergeleitet werden.
-
-%Description -l es
-OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
-telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
-entre dos equipos entre los que no se ha establecido confianza a través de una
-red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden
-ser canalizadas sobre el canal seguro.
-
-%Description -l fr
-OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace
-telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées
-securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des
-connexions X11 et des ports TCP/IP arbitraires peuvent également être
-transmis sur le canal sécurisé.
-
-%Description -l it
-OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
-Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
-e crittate tra due host non fidati su una rete non sicura. Le connessioni
-X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
-un canale sicuro.
-
-%Description -l pt
-OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
-telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas
-entre duas máquinas sem confiança mútua sobre uma rede insegura.
-Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados
-pelo canal seguro.
-
-%Description -l pt_BR
-O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
-telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e criptografadas
-entre duas máquinas sem confiança mútua sobre uma rede insegura.
-Ligações X11 e portas TCP/IP arbitrárias também podem ser reenviadas
-pelo canal seguro.
-
-%Description server
-This package installs the sshd, the server portion of OpenSSH.
-
-%Description -l de server
-Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
-
-%Description -l es server
-Este paquete instala sshd, la parte servidor de OpenSSH.
-
-%Description -l fr server
-Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
-
-%Description -l it server
-Questo pacchetto installa sshd, il server di OpenSSH.
-
-%Description -l pt server
-Este pacote intala o sshd, o servidor do OpenSSH.
-
-%Description -l pt_BR server
-Este pacote intala o sshd, o servidor do OpenSSH.
-
-%Description askpass
-This package contains an X11-based pass-phrase dialog used per
-default by ssh-add(1). It is based on %{askpass}
-by Jim Knoble <jmknoble@pobox.com>.
-
-
-%Prep
-%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2
-%if ! %{use_stable}
- autoreconf
-%endif
-
-
-%Build
-CFLAGS="$RPM_OPT_FLAGS" \
-%configure \
- --with-pam \
- --with-tcp-wrappers \
- --with-privsep-path=%{_var}/empty/sshd \
- #leave this line for easy edits.
-
-%__make CFLAGS="$RPM_OPT_FLAGS"
-
-cd %{askpass}
-%configure \
- #leave this line for easy edits.
-
-xmkmf
-%__make includes
-%__make
-
-
-%Install
-[ %{buildroot} != "/" ] && rm -rf %{buildroot}
-
-make install DESTDIR=%{buildroot}
-%makeinstall -C %{askpass} \
- BINDIR=%{_libexecdir} \
- MANPATH=%{_mandir} \
- DESTDIR=%{buildroot}
-
-# OpenLinux specific configuration
-mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
-mkdir -p %{buildroot}%{_var}/empty/sshd
-
-# enabling X11 forwarding on the server is convenient and okay,
-# on the client side it's a potential security risk!
-%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
- %{buildroot}%{_sysconfdir}/sshd_config
-
-%if %{no_root_login}
-%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
- %{buildroot}%{_sysconfdir}/sshd_config
-%endif
-
-install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
-# FIXME: disabled, find out why this doesn't work with nis
-%__perl -pi -e 's:(.*pam_limits.*):#$1:' \
- %{buildroot}/etc/pam.d/sshd
-
-install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd
-
-# the last one is needless, but more future-proof
-find %{buildroot}%{SVIdir} -type f -exec \
- %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
- s:\@sysconfdir\@:%{_sysconfdir}:g; \
- s:/usr/sbin:%{_sbindir}:g'\
- \{\} \;
-
-cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
- IDENT=sshd
- DESCRIPTIVE="OpenSSH secure shell daemon"
- # This service will be marked as 'skipped' on boot if there
- # is no host key. Use ssh-host-keygen to generate one
- ONBOOT="yes"
- OPTIONS=""
-EoD
-
-SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
-install -m 0755 contrib/caldera/ssh-host-keygen $SKG
-# Fix up some path names in the keygen toy^Hol
- %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
- s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
- %{buildroot}%{_sbindir}/ssh-host-keygen
-
-# This looks terrible. Expect it to change.
-# install remaining docs
-DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
-mkdir -p $DocD/%{askpass}
-cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO $DocD
-install -p -m 0444 %{SOURCE3} $DocD/faq.html
-cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass}
-%if %{use_stable}
- cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
-%else
- cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
- ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
-%endif
-
-find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 | xargs -0r %__gzip -9nf
-rm %{buildroot}%{_mandir}/man1/slogin.1 && \
- ln -s %{_mandir}/man1/ssh.1.gz \
- %{buildroot}%{_mandir}/man1/slogin.1.gz
-
-
-%Clean
-#%{rmDESTDIR}
-[ %{buildroot} != "/" ] && rm -rf %{buildroot}
-
-%Post
-# Generate host key when none is present to get up and running,
-# both client and server require this for host-based auth!
-# ssh-host-keygen checks for existing keys.
-/usr/sbin/ssh-host-keygen
-: # to protect the rpm database
-
-%pre server
-%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || :
-%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
- -c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || :
-: # to protect the rpm database
-
-%Post server
-if [ -x %{LSBinit}-install ]; then
- %{LSBinit}-install sshd
-else
- lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6
-fi
-
-! %{SVIdir}/sshd status || %{SVIdir}/sshd restart
-: # to protect the rpm database
-
-
-%PreUn server
-[ "$1" = 0 ] || exit 0
-
-! %{SVIdir}/sshd status || %{SVIdir}/sshd stop
-: # to protect the rpm database
-
-
-%PostUn server
-if [ -x %{LSBinit}-remove ]; then
- %{LSBinit}-remove sshd
-else
- lisa --SysV-init remove sshd $1
-fi
-: # to protect the rpm database
-
-
-%Files
-%defattr(-,root,root)
-%dir %{_sysconfdir}
-%config %{_sysconfdir}/ssh_config
-%{_bindir}/scp
-%{_bindir}/sftp
-%{_bindir}/ssh
-%{_bindir}/slogin
-%{_bindir}/ssh-add
-%attr(2755,root,nobody) %{_bindir}/ssh-agent
-%{_bindir}/ssh-keygen
-%{_bindir}/ssh-keyscan
-%dir %{_libexecdir}
-%attr(4711,root,root) %{_libexecdir}/ssh-keysign
-%{_sbindir}/ssh-host-keygen
-%dir %{_defaultdocdir}/%{name}-%{version}
-%{_defaultdocdir}/%{name}-%{version}/CREDITS
-%{_defaultdocdir}/%{name}-%{version}/ChangeLog
-%{_defaultdocdir}/%{name}-%{version}/LICENCE
-%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
-%{_defaultdocdir}/%{name}-%{version}/README*
-%{_defaultdocdir}/%{name}-%{version}/TODO
-%{_defaultdocdir}/%{name}-%{version}/faq.html
-%{_mandir}/man1/*
-%{_mandir}/man8/ssh-keysign.8.gz
-%{_mandir}/man5/ssh_config.5.gz
-
-%Files server
-%defattr(-,root,root)
-%dir %{_var}/empty/sshd
-%config %{SVIdir}/sshd
-%config /etc/pam.d/sshd
-%config %{_sysconfdir}/moduli
-%config %{_sysconfdir}/sshd_config
-%config %{SVIcdir}/sshd
-%{_libexecdir}/sftp-server
-%{_sbindir}/sshd
-%{_mandir}/man5/sshd_config.5.gz
-%{_mandir}/man8/sftp-server.8.gz
-%{_mandir}/man8/sshd.8.gz
-
-%Files askpass
-%defattr(-,root,root)
-%{_libexecdir}/ssh-askpass
-%{_libexecdir}/x11-ssh-askpass
-%{_defaultdocdir}/%{name}-%{version}/%{askpass}
-
-
-%ChangeLog
-* Mon Jan 01 1998 ...
-Template Version: 1.31
-
-$Id: openssh.spec,v 1.49 2004/03/21 22:40:04 djm Exp $
diff --git a/crypto/openssh/contrib/caldera/ssh-host-keygen b/crypto/openssh/contrib/caldera/ssh-host-keygen
deleted file mode 100755
index 3c5c1718270a..000000000000
--- a/crypto/openssh/contrib/caldera/ssh-host-keygen
+++ /dev/null
@@ -1,36 +0,0 @@
-#! /bin/sh
-#
-# $Id: ssh-host-keygen,v 1.2 2003/11/21 12:48:57 djm Exp $
-#
-# This script is normally run only *once* for a given host
-# (in a given period of time) -- on updates/upgrades/recovery
-# the ssh_host_key* files _should_ be retained! Otherwise false
-# "man-in-the-middle-attack" alerts will frighten unsuspecting
-# clients...
-
-keydir=@sysconfdir@
-keygen=@sshkeygen@
-
-if [ -f $keydir/ssh_host_key -o \
- -f $keydir/ssh_host_key.pub ]; then
- echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key."
-else
- echo "Generating 1024 bit SSH1 RSA host key."
- $keygen -b 1024 -t rsa1 -f $keydir/ssh_host_key -C '' -N ''
-fi
-
-if [ -f $keydir/ssh_host_rsa_key -o \
- -f $keydir/ssh_host_rsa_key.pub ]; then
- echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key."
-else
- echo "Generating 1024 bit SSH2 RSA host key."
- $keygen -b 1024 -t rsa -f $keydir/ssh_host_rsa_key -C '' -N ''
-fi
-
-if [ -f $keydir/ssh_host_dsa_key -o \
- -f $keydir/ssh_host_dsa_key.pub ]; then
- echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key."
-else
- echo "Generating SSH2 DSA host key."
- $keygen -t dsa -f $keydir/ssh_host_dsa_key -C '' -N ''
-fi
diff --git a/crypto/openssh/contrib/caldera/sshd.init b/crypto/openssh/contrib/caldera/sshd.init
deleted file mode 100755
index 983146f4fe00..000000000000
--- a/crypto/openssh/contrib/caldera/sshd.init
+++ /dev/null
@@ -1,125 +0,0 @@
-#! /bin/bash
-#
-# $Id: sshd.init,v 1.4 2003/11/21 12:48:57 djm Exp $
-#
-### BEGIN INIT INFO
-# Provides:
-# Required-Start: $network
-# Required-Stop:
-# Default-Start: 3 4 5
-# Default-Stop: 0 1 2 6
-# Description: sshd
-# Bring up/down the OpenSSH secure shell daemon.
-### END INIT INFO
-#
-# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
-# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
-# Modified for OpenLinux by Raymund Will <ray@caldera.de>
-
-NAME=sshd
-DAEMON=/usr/sbin/$NAME
-# Hack-Alert(TM)! This is necessary to get around the 'reload'-problem
-# created by recent OpenSSH daemon/ssd combinations. See Caldera internal
-# PR [linux/8278] for details...
-PIDF=/var/run/$NAME.pid
-NAME=$DAEMON
-
-_status() {
- [ -z "$1" ] || local pidf="$1"
- local ret=-1
- local pid
- if [ -n "$pidf" ] && [ -r "$pidf" ]; then
- pid=$(head -1 $pidf)
- else
- pid=$(pidof $NAME)
- fi
-
- if [ ! -e $SVIlock ]; then
- # no lock-file => not started == stopped?
- ret=3
- elif [ -n "$pidf" -a ! -f "$pidf" ] || [ -z "$pid" ]; then
- # pid-file given but not present or no pid => died, but was not stopped
- ret=2
- elif [ -r /proc/$pid/cmdline ] &&
- echo -ne $NAME'\000' | cmp -s - /proc/$pid/cmdline; then
- # pid-file given and present or pid found => check process...
- # but don't compare exe, as this will fail after an update!
- # compares OK => all's well, that ends well...
- ret=0
- else
- # no such process or exe does not match => stale pid-file or process died
- # just recently...
- ret=1
- fi
- return $ret
-}
-
-# Source function library (and set vital variables).
-. @SVIdir@/functions
-
-case "$1" in
- start)
- [ ! -e $SVIlock ] || exit 0
- [ -x $DAEMON ] || exit 5
- SVIemptyConfig @sysconfdir@/sshd_config && exit 6
-
- if [ ! \( -f @sysconfdir@/ssh_host_key -a \
- -f @sysconfdir@/ssh_host_key.pub \) -a \
- ! \( -f @sysconfdir@/ssh_host_rsa_key -a \
- -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \
- ! \( -f @sysconfdir@/ssh_host_dsa_key -a \
- -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then
-
- echo "$SVIsubsys: host key not initialized: skipped!"
- echo "$SVIsubsys: use ssh-host-keygen to generate one!"
- exit 6
- fi
-
- echo -n "Starting $SVIsubsys services: "
- ssd -S -x $DAEMON -n $NAME -- $OPTIONS
- ret=$?
-
- echo "."
- touch $SVIlock
- ;;
-
- stop)
- [ -e $SVIlock ] || exit 0
-
- echo -n "Stopping $SVIsubsys services: "
- ssd -K -p $PIDF -n $NAME
- ret=$?
-
- echo "."
- rm -f $SVIlock
- ;;
-
- force-reload|reload)
- [ -e $SVIlock ] || exit 0
-
- echo "Reloading $SVIsubsys configuration files: "
- ssd -K --signal 1 -q -p $PIDF -n $NAME
- ret=$?
- echo "done."
- ;;
-
- restart)
- $0 stop
- $0 start
- ret=$?
- ;;
-
- status)
- _status $PIDF
- ret=$?
- ;;
-
- *)
- echo "Usage: $SVIscript {[re]start|stop|[force-]reload|status}"
- ret=2
- ;;
-
-esac
-
-exit $ret
-
diff --git a/crypto/openssh/contrib/caldera/sshd.pam b/crypto/openssh/contrib/caldera/sshd.pam
deleted file mode 100644
index 26dcb34d9e94..000000000000
--- a/crypto/openssh/contrib/caldera/sshd.pam
+++ /dev/null
@@ -1,8 +0,0 @@
-#%PAM-1.0
-auth required /lib/security/pam_pwdb.so shadow nodelay
-auth required /lib/security/pam_nologin.so
-account required /lib/security/pam_pwdb.so
-password required /lib/security/pam_cracklib.so
-password required /lib/security/pam_pwdb.so shadow nullok use_authtok
-session required /lib/security/pam_pwdb.so
-session required /lib/security/pam_limits.so
diff --git a/crypto/openssh/contrib/cygwin/Makefile b/crypto/openssh/contrib/cygwin/Makefile
deleted file mode 100644
index 09e8ea2db213..000000000000
--- a/crypto/openssh/contrib/cygwin/Makefile
+++ /dev/null
@@ -1,56 +0,0 @@
-srcdir=../..
-prefix=/usr
-exec_prefix=$(prefix)
-bindir=$(prefix)/bin
-datadir=$(prefix)/share
-docdir=$(datadir)/doc
-sshdocdir=$(docdir)/openssh
-cygdocdir=$(docdir)/Cygwin
-sysconfdir=/etc
-defaultsdir=$(sysconfdir)/defaults/etc
-PRIVSEP_PATH=/var/empty
-INSTALL=/usr/bin/install -c
-
-DESTDIR=
-
-all:
- @echo
- @echo "Use \`make cygwin-postinstall DESTDIR=[package directory]'"
- @echo "Be sure having DESTDIR set correctly!"
- @echo
-
-move-config-files: $(DESTDIR)$(sysconfdir)/ssh_config $(DESTDIR)$(sysconfdir)/sshd_config
- $(srcdir)/mkinstalldirs $(DESTDIR)$(defaultsdir)
- mv $(DESTDIR)$(sysconfdir)/ssh_config $(DESTDIR)$(defaultsdir)
- mv $(DESTDIR)$(sysconfdir)/sshd_config $(DESTDIR)$(defaultsdir)
-
-remove-empty-dir:
- rm -rf $(DESTDIR)$(PRIVSEP_PATH)
-
-install-sshdoc:
- $(srcdir)/mkinstalldirs $(DESTDIR)$(sshdocdir)
- $(INSTALL) -m 644 $(srcdir)/CREDITS $(DESTDIR)$(sshdocdir)/CREDITS
- $(INSTALL) -m 644 $(srcdir)/ChangeLog $(DESTDIR)$(sshdocdir)/ChangeLog
- $(INSTALL) -m 644 $(srcdir)/LICENCE $(DESTDIR)$(sshdocdir)/LICENCE
- $(INSTALL) -m 644 $(srcdir)/OVERVIEW $(DESTDIR)$(sshdocdir)/OVERVIEW
- $(INSTALL) -m 644 $(srcdir)/README $(DESTDIR)$(sshdocdir)/README
- $(INSTALL) -m 644 $(srcdir)/README.dns $(DESTDIR)$(sshdocdir)/README.dns
- $(INSTALL) -m 644 $(srcdir)/README.privsep $(DESTDIR)$(sshdocdir)/README.privsep
- $(INSTALL) -m 644 $(srcdir)/README.smartcard $(DESTDIR)$(sshdocdir)/README.smartcard
- $(INSTALL) -m 644 $(srcdir)/RFC.nroff $(DESTDIR)$(sshdocdir)/RFC.nroff
- $(INSTALL) -m 644 $(srcdir)/TODO $(DESTDIR)$(sshdocdir)/TODO
- $(INSTALL) -m 644 $(srcdir)/WARNING.RNG $(DESTDIR)$(sshdocdir)/WARNING.RNG
-
-install-cygwindoc: README
- $(srcdir)/mkinstalldirs $(DESTDIR)$(cygdocdir)
- $(INSTALL) -m 644 README $(DESTDIR)$(cygdocdir)/openssh.README
-
-install-doc: install-sshdoc install-cygwindoc
-
-install-scripts: ssh-host-config ssh-user-config
- $(srcdir)/mkinstalldirs $(DESTDIR)$(bindir)
- $(INSTALL) -m 755 ssh-host-config $(DESTDIR)$(bindir)/ssh-host-config
- $(INSTALL) -m 755 ssh-user-config $(DESTDIR)$(bindir)/ssh-user-config
-
-cygwin-postinstall: move-config-files remove-empty-dir install-doc install-scripts
- @echo "Cygwin specific configuration finished."
diff --git a/crypto/openssh/contrib/cygwin/README b/crypto/openssh/contrib/cygwin/README
deleted file mode 100644
index fc0a2f69bd4b..000000000000
--- a/crypto/openssh/contrib/cygwin/README
+++ /dev/null
@@ -1,224 +0,0 @@
-This package describes important Cygwin specific stuff concerning OpenSSH.
-
-The binary package is usually built for recent Cygwin versions and might
-not run on older versions. Please check http://cygwin.com/ for information
-about current Cygwin releases.
-
-Build instructions are at the end of the file.
-
-===========================================================================
-Important change since 3.7.1p2-2:
-
-The ssh-host-config file doesn't create the /etc/ssh_config and
-/etc/sshd_config files from builtin here-scripts anymore, but it uses
-skeleton files installed in /etc/defaults/etc.
-
-Also it now tries hard to create appropriate permissions on files.
-Same applies for ssh-user-config.
-
-After creating the sshd service with ssh-host-config, it's advisable to
-call ssh-user-config for all affected users, also already exising user
-configurations. In the latter case, file and directory permissions are
-checked and changed, if requireed to match the host configuration.
-
-Important note for Windows 2003 Server users:
----------------------------------------------
-
-2003 Server has a funny new feature. When starting services under SYSTEM
-account, these services have nearly all user rights which SYSTEM holds...
-except for the "Create a token object" right, which is needed to allow
-public key authentication :-(
-
-There's no way around this, except for creating a substitute account which
-has the appropriate privileges. Basically, this account should be member
-of the administrators group, plus it should have the following user rights:
-
- Create a token object
- Logon as a service
- Replace a process level token
- Increase Quota
-
-The ssh-host-config script asks you, if it should create such an account,
-called "sshd_server". If you say "no" here, you're on your own. Please
-follow the instruction in ssh-host-config exactly if possible. Note that
-ssh-user-config sets the permissions on 2003 Server machines dependent of
-whether a sshd_server account exists or not.
-===========================================================================
-
-===========================================================================
-Important change since 3.4p1-2:
-
-This version adds privilege separation as default setting, see
-/usr/doc/openssh/README.privsep. According to that document the
-privsep feature requires a non-privileged account called 'sshd'.
-
-The new ssh-host-config file which is part of this version asks
-to create 'sshd' as local user if you want to use privilege
-separation. If you confirm, it creates that NT user and adds
-the necessary entry to /etc/passwd.
-
-On 9x/Me systems the script just sets UsePrivilegeSeparation to "no"
-since that feature doesn't make any sense on a system which doesn't
-differ between privileged and unprivileged users.
-
-The new ssh-host-config script also adds the /var/empty directory
-needed by privilege separation. When creating the /var/empty directory
-by yourself, please note that in contrast to the README.privsep document
-the owner sshould not be "root" but the user which is running sshd. So,
-in the standard configuration this is SYSTEM. The ssh-host-config script
-chowns /var/empty accordingly.
-===========================================================================
-
-===========================================================================
-Important change since 3.0.1p1-2:
-
-This version introduces the ability to register sshd as service on
-Windows 9x/Me systems. This is done only when the options -D and/or
--d are not given.
-===========================================================================
-
-===========================================================================
-Important change since 2.9p2:
-
-Since Cygwin is able to switch user context without password beginning
-with version 1.3.2, OpenSSH now allows to do so when it's running under
-a version >= 1.3.2. Keep in mind that `ntsec' has to be activated to
-allow that feature.
-===========================================================================
-
-===========================================================================
-Important change since 2.3.0p1:
-
-When using `ntea' or `ntsec' you now have to care for the ownership
-and permission bits of your host key files and your private key files.
-The host key files have to be owned by the NT account which starts
-sshd. The user key files have to be owned by the user. The permission
-bits of the private key files (host and user) have to be at least
-rw------- (0600)!
-
-Note that this is forced under `ntsec' only if the files are on a NTFS
-filesystem (which is recommended) due to the lack of any basic security
-features of the FAT/FAT32 filesystems.
-===========================================================================
-
-If you are installing OpenSSH the first time, you can generate global config
-files and server keys by running
-
- /usr/bin/ssh-host-config
-
-Note that this binary archive doesn't contain default config files in /etc.
-That files are only created if ssh-host-config is started.
-
-If you are updating your installation you may run the above ssh-host-config
-as well to move your configuration files to the new location and to
-erase the files at the old location.
-
-To support testing and unattended installation ssh-host-config got
-some options:
-
-usage: ssh-host-config [OPTION]...
-Options:
- --debug -d Enable shell's debug output.
- --yes -y Answer all questions with "yes" automatically.
- --no -n Answer all questions with "no" automatically.
- --cygwin -c <options> Use "options" as value for CYGWIN environment var.
- --port -p <n> sshd listens on port n.
- --pwd -w <passwd> Use "pwd" as password for user 'sshd_server'.
-
-Additionally ssh-host-config now asks if it should install sshd as a
-service when running under NT/W2K. This requires cygrunsrv installed.
-
-You can create the private and public keys for a user now by running
-
- /usr/bin/ssh-user-config
-
-under the users account.
-
-To support testing and unattended installation ssh-user-config got
-some options as well:
-
-usage: ssh-user-config [OPTION]...
-Options:
- --debug -d Enable shell's debug output.
- --yes -y Answer all questions with "yes" automatically.
- --no -n Answer all questions with "no" automatically.
- --passphrase -p word Use "word" as passphrase automatically.
-
-Install sshd as daemon via cygrunsrv.exe (recommended on NT/W2K), via inetd
-(results in very slow deamon startup!) or from the command line (recommended
-on 9X/ME).
-
-If you start sshd as deamon via cygrunsrv.exe you MUST give the
-"-D" option to sshd. Otherwise the service can't get started at all.
-
-If starting via inetd, copy sshd to eg. /usr/sbin/in.sshd and add the
-following line to your inetd.conf file:
-
-ssh stream tcp nowait root /usr/sbin/in.sshd sshd -i
-
-Moreover you'll have to add the following line to your
-${SYSTEMROOT}/system32/drivers/etc/services file:
-
- ssh 22/tcp #SSH daemon
-
-Please note that OpenSSH does never use the value of $HOME to
-search for the users configuration files! It always uses the
-value of the pw_dir field in /etc/passwd as the home directory.
-If no home diretory is set in /etc/passwd, the root directory
-is used instead!
-
-You may use all features of the CYGWIN=ntsec setting the same
-way as they are used by Cygwin's login(1) port:
-
- The pw_gecos field may contain an additional field, that begins
- with (upper case!) "U-", followed by the domain and the username
- separated by a backslash.
- CAUTION: The SID _must_ remain the _last_ field in pw_gecos!
- BTW: The field separator in pw_gecos is the comma.
- The username in pw_name itself may be any nice name:
-
- domuser::1104:513:John Doe,U-domain\user,S-1-5-21-...
-
- Now you may use `domuser' as your login name with telnet!
- This is possible additionally for local users, if you don't like
- your NT login name ;-) You only have to leave out the domain:
-
- locuser::1104:513:John Doe,U-user,S-1-5-21-...
-
-Note that the CYGWIN=ntsec setting is required for public key authentication.
-
-SSH2 server and user keys are generated by the `ssh-*-config' scripts
-as well.
-
-If you want to build from source, the following options to
-configure are used for the Cygwin binary distribution:
-
- --prefix=/usr \
- --sysconfdir=/etc \
- --libexecdir='$(sbindir)' \
- --localstatedir=/var \
- --datadir='$(prefix)/share' \
- --mandir='$(datadir)/man' \
- --with-tcp-wrappers
-
-If you want to create a Cygwin package, equivalent to the one
-in the Cygwin binary distribution, install like this:
-
- mkdir /tmp/cygwin-ssh
- cd $(builddir)
- make install DESTDIR=/tmp/cygwin-ssh
- cd $(srcdir)/contrib/cygwin
- make cygwin-postinstall DESTDIR=/tmp/cygwin-ssh
- cd /tmp/cygwin-ssh
- find * \! -type d | tar cvjfT my-openssh.tar.bz2 -
-
-You must have installed the zlib and openssl-devel packages to be able to
-build OpenSSH!
-
-Please send requests, error reports etc. to cygwin@cygwin.com.
-
-Have fun,
-
-Corinna Vinschen
-Cygwin Developer
-Red Hat Inc.
diff --git a/crypto/openssh/contrib/cygwin/ssh-host-config b/crypto/openssh/contrib/cygwin/ssh-host-config
deleted file mode 100644
index 9c0dabf41b4d..000000000000
--- a/crypto/openssh/contrib/cygwin/ssh-host-config
+++ /dev/null
@@ -1,592 +0,0 @@
-#!/bin/bash
-#
-# ssh-host-config, Copyright 2000, 2001, 2002, 2003 Red Hat Inc.
-#
-# This file is part of the Cygwin port of OpenSSH.
-
-# Subdirectory where the new package is being installed
-PREFIX=/usr
-
-# Directory where the config files are stored
-SYSCONFDIR=/etc
-LOCALSTATEDIR=/var
-
-progname=$0
-auto_answer=""
-port_number=22
-
-privsep_configured=no
-privsep_used=yes
-sshd_in_passwd=no
-sshd_in_sam=no
-
-request()
-{
- if [ "${auto_answer}" = "yes" ]
- then
- echo "$1 (yes/no) yes"
- return 0
- elif [ "${auto_answer}" = "no" ]
- then
- echo "$1 (yes/no) no"
- return 1
- fi
-
- answer=""
- while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
- do
- echo -n "$1 (yes/no) "
- read -e answer
- done
- if [ "X${answer}" = "Xyes" ]
- then
- return 0
- else
- return 1
- fi
-}
-
-# Check options
-
-while :
-do
- case $# in
- 0)
- break
- ;;
- esac
-
- option=$1
- shift
-
- case "${option}" in
- -d | --debug )
- set -x
- ;;
-
- -y | --yes )
- auto_answer=yes
- ;;
-
- -n | --no )
- auto_answer=no
- ;;
-
- -c | --cygwin )
- cygwin_value="$1"
- shift
- ;;
-
- -p | --port )
- port_number=$1
- shift
- ;;
-
- -w | --pwd )
- password_value="$1"
- shift
- ;;
-
- *)
- echo "usage: ${progname} [OPTION]..."
- echo
- echo "This script creates an OpenSSH host configuration."
- echo
- echo "Options:"
- echo " --debug -d Enable shell's debug output."
- echo " --yes -y Answer all questions with \"yes\" automatically."
- echo " --no -n Answer all questions with \"no\" automatically."
- echo " --cygwin -c <options> Use \"options\" as value for CYGWIN environment var."
- echo " --port -p <n> sshd listens on port n."
- echo " --pwd -w <passwd> Use \"pwd\" as password for user 'sshd_server'."
- echo
- exit 1
- ;;
-
- esac
-done
-
-# Check if running on NT
-_sys="`uname`"
-_nt=`expr "${_sys}" : "CYGWIN_NT"`
-# If running on NT, check if running under 2003 Server or later
-if [ ${_nt} -gt 0 ]
-then
- _nt2003=`uname | awk -F- '{print ( $2 >= 5.2 ) ? 1 : 0;}'`
-fi
-
-# Check for running ssh/sshd processes first. Refuse to do anything while
-# some ssh processes are still running
-
-if ps -ef | grep -v grep | grep -q ssh
-then
- echo
- echo "There are still ssh processes running. Please shut them down first."
- echo
- exit 1
-fi
-
-# Check for ${SYSCONFDIR} directory
-
-if [ -e "${SYSCONFDIR}" -a ! -d "${SYSCONFDIR}" ]
-then
- echo
- echo "${SYSCONFDIR} is existant but not a directory."
- echo "Cannot create global configuration files."
- echo
- exit 1
-fi
-
-# Create it if necessary
-
-if [ ! -e "${SYSCONFDIR}" ]
-then
- mkdir "${SYSCONFDIR}"
- if [ ! -e "${SYSCONFDIR}" ]
- then
- echo
- echo "Creating ${SYSCONFDIR} directory failed"
- echo
- exit 1
- fi
-fi
-
-# Create /var/log and /var/log/lastlog if not already existing
-
-if [ -f ${LOCALSTATEDIR}/log ]
-then
- echo "Creating ${LOCALSTATEDIR}/log failed!"
-else
- if [ ! -d ${LOCALSTATEDIR}/log ]
- then
- mkdir -p ${LOCALSTATEDIR}/log
- fi
- if [ -d ${LOCALSTATEDIR}/log/lastlog ]
- then
- chmod 777 ${LOCALSTATEDIR}/log/lastlog
- elif [ ! -f ${LOCALSTATEDIR}/log/lastlog ]
- then
- cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
- chmod 666 ${LOCALSTATEDIR}/log/lastlog
- fi
-fi
-
-# Create /var/empty file used as chroot jail for privilege separation
-if [ -f ${LOCALSTATEDIR}/empty ]
-then
- echo "Creating ${LOCALSTATEDIR}/empty failed!"
-else
- mkdir -p ${LOCALSTATEDIR}/empty
- if [ ${_nt} -gt 0 ]
- then
- chmod 755 ${LOCALSTATEDIR}/empty
- fi
-fi
-
-# First generate host keys if not already existing
-
-if [ ! -f "${SYSCONFDIR}/ssh_host_key" ]
-then
- echo "Generating ${SYSCONFDIR}/ssh_host_key"
- ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null
-fi
-
-if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]
-then
- echo "Generating ${SYSCONFDIR}/ssh_host_rsa_key"
- ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null
-fi
-
-if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]
-then
- echo "Generating ${SYSCONFDIR}/ssh_host_dsa_key"
- ssh-keygen -t dsa -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' > /dev/null
-fi
-
-# Check if ssh_config exists. If yes, ask for overwriting
-
-if [ -f "${SYSCONFDIR}/ssh_config" ]
-then
- if request "Overwrite existing ${SYSCONFDIR}/ssh_config file?"
- then
- rm -f "${SYSCONFDIR}/ssh_config"
- if [ -f "${SYSCONFDIR}/ssh_config" ]
- then
- echo "Can't overwrite. ${SYSCONFDIR}/ssh_config is write protected."
- fi
- fi
-fi
-
-# Create default ssh_config from skeleton file in /etc/defaults/etc
-
-if [ ! -f "${SYSCONFDIR}/ssh_config" ]
-then
- echo "Generating ${SYSCONFDIR}/ssh_config file"
- cp ${SYSCONFDIR}/defaults/etc/ssh_config ${SYSCONFDIR}/ssh_config
- if [ "${port_number}" != "22" ]
- then
- echo "Host localhost" >> ${SYSCONFDIR}/ssh_config
- echo " Port ${port_number}" >> ${SYSCONFDIR}/ssh_config
- fi
-fi
-
-# Check if sshd_config exists. If yes, ask for overwriting
-
-if [ -f "${SYSCONFDIR}/sshd_config" ]
-then
- if request "Overwrite existing ${SYSCONFDIR}/sshd_config file?"
- then
- rm -f "${SYSCONFDIR}/sshd_config"
- if [ -f "${SYSCONFDIR}/sshd_config" ]
- then
- echo "Can't overwrite. ${SYSCONFDIR}/sshd_config is write protected."
- fi
- else
- grep -q UsePrivilegeSeparation ${SYSCONFDIR}/sshd_config && privsep_configured=yes
- fi
-fi
-
-# Prior to creating or modifying sshd_config, care for privilege separation
-
-if [ "${privsep_configured}" != "yes" ]
-then
- if [ ${_nt} -gt 0 ]
- then
- echo "Privilege separation is set to yes by default since OpenSSH 3.3."
- echo "However, this requires a non-privileged account called 'sshd'."
- echo "For more info on privilege separation read /usr/share/doc/openssh/README.privsep."
- echo
- if request "Should privilege separation be used?"
- then
- privsep_used=yes
- grep -q '^sshd:' ${SYSCONFDIR}/passwd && sshd_in_passwd=yes
- net user sshd >/dev/null 2>&1 && sshd_in_sam=yes
- if [ "${sshd_in_passwd}" != "yes" ]
- then
- if [ "${sshd_in_sam}" != "yes" ]
- then
- echo "Warning: The following function requires administrator privileges!"
- if request "Should this script create a local user 'sshd' on this machine?"
- then
- dos_var_empty=`cygpath -w ${LOCALSTATEDIR}/empty`
- net user sshd /add /fullname:"sshd privsep" "/homedir:${dos_var_empty}" /active:no > /dev/null 2>&1 && sshd_in_sam=yes
- if [ "${sshd_in_sam}" != "yes" ]
- then
- echo "Warning: Creating the user 'sshd' failed!"
- fi
- fi
- fi
- if [ "${sshd_in_sam}" != "yes" ]
- then
- echo "Warning: Can't create user 'sshd' in ${SYSCONFDIR}/passwd!"
- echo " Privilege separation set to 'no' again!"
- echo " Check your ${SYSCONFDIR}/sshd_config file!"
- privsep_used=no
- else
- mkpasswd -l -u sshd | sed -e 's/bash$/false/' >> ${SYSCONFDIR}/passwd
- fi
- fi
- else
- privsep_used=no
- fi
- else
- # On 9x don't use privilege separation. Since security isn't
- # available it just adds useless additional processes.
- privsep_used=no
- fi
-fi
-
-# Create default sshd_config from skeleton files in /etc/defaults/etc or
-# modify to add the missing privsep configuration option
-
-if [ ! -f "${SYSCONFDIR}/sshd_config" ]
-then
- echo "Generating ${SYSCONFDIR}/sshd_config file"
- sed -e "s/^#UsePrivilegeSeparation yes/UsePrivilegeSeparation ${privsep_used}/
- s/^#Port 22/Port ${port_number}/
- s/^#StrictModes yes/StrictModes no/" \
- < ${SYSCONFDIR}/defaults/etc/sshd_config \
- > ${SYSCONFDIR}/sshd_config
-elif [ "${privsep_configured}" != "yes" ]
-then
- echo >> ${SYSCONFDIR}/sshd_config
- echo "UsePrivilegeSeparation ${privsep_used}" >> ${SYSCONFDIR}/sshd_config
-fi
-
-# Care for services file
-_my_etcdir="/ssh-host-config.$$"
-if [ ${_nt} -gt 0 ]
-then
- _win_etcdir="${SYSTEMROOT}\\system32\\drivers\\etc"
- _services="${_my_etcdir}/services"
- # On NT, 27 spaces, no space after the hash
- _spaces=" #"
-else
- _win_etcdir="${WINDIR}"
- _services="${_my_etcdir}/SERVICES"
- # On 9x, 18 spaces (95 is very touchy), a space after the hash
- _spaces=" # "
-fi
-_serv_tmp="${_my_etcdir}/srv.out.$$"
-
-mount -t -f "${_win_etcdir}" "${_my_etcdir}"
-
-# Depends on the above mount
-_wservices=`cygpath -w "${_services}"`
-
-# Remove sshd 22/port from services
-if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ]
-then
- grep -v 'sshd[ \t][ \t]*22' "${_services}" > "${_serv_tmp}"
- if [ -f "${_serv_tmp}" ]
- then
- if mv "${_serv_tmp}" "${_services}"
- then
- echo "Removing sshd from ${_wservices}"
- else
- echo "Removing sshd from ${_wservices} failed!"
- fi
- rm -f "${_serv_tmp}"
- else
- echo "Removing sshd from ${_wservices} failed!"
- fi
-fi
-
-# Add ssh 22/tcp and ssh 22/udp to services
-if [ `grep -q 'ssh[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
-then
- if awk '{ if ( $2 ~ /^23\/tcp/ ) print "ssh 22/tcp'"${_spaces}"'SSH Remote Login Protocol\nssh 22/udp'"${_spaces}"'SSH Remote Login Protocol"; print $0; }' < "${_services}" > "${_serv_tmp}"
- then
- if mv "${_serv_tmp}" "${_services}"
- then
- echo "Added ssh to ${_wservices}"
- else
- echo "Adding ssh to ${_wservices} failed!"
- fi
- rm -f "${_serv_tmp}"
- else
- echo "WARNING: Adding ssh to ${_wservices} failed!"
- fi
-fi
-
-umount "${_my_etcdir}"
-
-# Care for inetd.conf file
-_inetcnf="${SYSCONFDIR}/inetd.conf"
-_inetcnf_tmp="${SYSCONFDIR}/inetd.conf.$$"
-
-if [ -f "${_inetcnf}" ]
-then
- # Check if ssh service is already in use as sshd
- with_comment=1
- grep -q '^[ \t]*sshd' "${_inetcnf}" && with_comment=0
- # Remove sshd line from inetd.conf
- if [ `grep -q '^[# \t]*sshd' "${_inetcnf}"; echo $?` -eq 0 ]
- then
- grep -v '^[# \t]*sshd' "${_inetcnf}" >> "${_inetcnf_tmp}"
- if [ -f "${_inetcnf_tmp}" ]
- then
- if mv "${_inetcnf_tmp}" "${_inetcnf}"
- then
- echo "Removed sshd from ${_inetcnf}"
- else
- echo "Removing sshd from ${_inetcnf} failed!"
- fi
- rm -f "${_inetcnf_tmp}"
- else
- echo "Removing sshd from ${_inetcnf} failed!"
- fi
- fi
-
- # Add ssh line to inetd.conf
- if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -ne 0 ]
- then
- if [ "${with_comment}" -eq 0 ]
- then
- echo 'ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
- else
- echo '# ssh stream tcp nowait root /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
- fi
- echo "Added ssh to ${_inetcnf}"
- fi
-fi
-
-# On NT ask if sshd should be installed as service
-if [ ${_nt} -gt 0 ]
-then
- # But only if it is not already installed
- if ! cygrunsrv -Q sshd > /dev/null 2>&1
- then
- echo
- echo
- echo "Warning: The following functions require administrator privileges!"
- echo
- echo "Do you want to install sshd as service?"
- if request "(Say \"no\" if it's already installed as service)"
- then
- if [ $_nt2003 -gt 0 ]
- then
- grep -q '^sshd_server:' ${SYSCONFDIR}/passwd && sshd_server_in_passwd=yes
- if [ "${sshd_server_in_passwd}" = "yes" ]
- then
- # Drop sshd_server from passwd since it could have wrong settings
- grep -v '^sshd_server:' ${SYSCONFDIR}/passwd > ${SYSCONFDIR}/passwd.$$
- rm -f ${SYSCONFDIR}/passwd
- mv ${SYSCONFDIR}/passwd.$$ ${SYSCONFDIR}/passwd
- chmod g-w,o-w ${SYSCONFDIR}/passwd
- fi
- net user sshd_server >/dev/null 2>&1 && sshd_server_in_sam=yes
- if [ "${sshd_server_in_sam}" != "yes" ]
- then
- echo
- echo "You appear to be running Windows 2003 Server or later. On 2003 and"
- echo "later systems, it's not possible to use the LocalSystem account"
- echo "if sshd should allow passwordless logon (e. g. public key authentication)."
- echo "If you want to enable that functionality, it's required to create a new"
- echo "account 'sshd_server' with special privileges, which is then used to run"
- echo "the sshd service under."
- echo
- echo "Should this script create a new local account 'sshd_server' which has"
- if request "the required privileges?"
- then
- _admingroup=`awk -F: '{if ( $2 == "S-1-5-32-544" ) print $1;}' ${SYSCONFDIR}/group`
- if [ -z "${_admingroup}" ]
- then
- echo "There's no group with SID S-1-5-32-544 (Local administrators group) in"
- echo "your ${SYSCONFDIR}/group file. Please regenerate this entry using 'mkgroup -l'"
- echo "and restart this script."
- exit 1
- fi
- dos_var_empty=`cygpath -w ${LOCALSTATEDIR}/empty`
- while [ "${sshd_server_in_sam}" != "yes" ]
- do
- if [ -n "${password_value}" ]
- then
- _password="${password_value}"
- # Allow to ask for password if first try fails
- password_value=""
- else
- echo
- echo "Please enter a password for new user 'sshd_server'. Please be sure that"
- echo "this password matches the password rules given on your system."
- echo -n "Entering no password will exit the configuration. PASSWORD="
- read -e _password
- if [ -z "${_password}" ]
- then
- echo
- echo "Exiting configuration. No user sshd_server has been created,"
- echo "no sshd service installed."
- exit 1
- fi
- fi
- net user sshd_server "${_password}" /add /fullname:"sshd server account" "/homedir:${dos_var_empty}" /yes > /tmp/nu.$$ 2>&1 && sshd_server_in_sam=yes
- if [ "${sshd_server_in_sam}" != "yes" ]
- then
- echo "Creating the user 'sshd_server' failed! Reason:"
- cat /tmp/nu.$$
- rm /tmp/nu.$$
- fi
- done
- net localgroup "${_admingroup}" sshd_server /add > /dev/null 2>&1 && sshd_server_in_admingroup=yes
- if [ "${sshd_server_in_admingroup}" != "yes" ]
- then
- echo "WARNING: Adding user sshd_server to local group ${_admingroup} failed!"
- echo "Please add sshd_server to local group ${_admingroup} before"
- echo "starting the sshd service!"
- echo
- fi
- passwd_has_expiry_flags=`passwd -v | awk '/^passwd /{print ( $3 >= 1.5 ) ? "yes" : "no";}'`
- if [ "${passwd_has_expiry_flags}" != "yes" ]
- then
- echo
- echo "WARNING: User sshd_server has password expiry set to system default."
- echo "Please check that password never expires or set it to your needs."
- elif ! passwd -e sshd_server
- then
- echo
- echo "WARNING: Setting password expiry for user sshd_server failed!"
- echo "Please check that password never expires or set it to your needs."
- fi
- editrights -a SeAssignPrimaryTokenPrivilege -u sshd_server &&
- editrights -a SeCreateTokenPrivilege -u sshd_server &&
- editrights -a SeDenyInteractiveLogonRight -u sshd_server &&
- editrights -a SeDenyNetworkLogonRight -u sshd_server &&
- editrights -a SeDenyRemoteInteractiveLogonRight -u sshd_server &&
- editrights -a SeIncreaseQuotaPrivilege -u sshd_server &&
- editrights -a SeServiceLogonRight -u sshd_server &&
- sshd_server_got_all_rights="yes"
- if [ "${sshd_server_got_all_rights}" != "yes" ]
- then
- echo
- echo "Assigning the appropriate privileges to user 'sshd_server' failed!"
- echo "Can't create sshd service!"
- exit 1
- fi
- echo
- echo "User 'sshd_server' has been created with password '${_password}'."
- echo "If you change the password, please keep in mind to change the password"
- echo "for the sshd service, too."
- echo
- echo "Also keep in mind that the user sshd_server needs read permissions on all"
- echo "users' .ssh/authorized_keys file to allow public key authentication for"
- echo "these users!. (Re-)running ssh-user-config for each user will set the"
- echo "required permissions correctly."
- echo
- fi
- fi
- if [ "${sshd_server_in_sam}" = "yes" ]
- then
- mkpasswd -l -u sshd_server | sed -e 's/bash$/false/' >> ${SYSCONFDIR}/passwd
- fi
- fi
- if [ -n "${cygwin_value}" ]
- then
- _cygwin="${cygwin_value}"
- else
- echo
- echo "Which value should the environment variable CYGWIN have when"
- echo "sshd starts? It's recommended to set at least \"ntsec\" to be"
- echo "able to change user context without password."
- echo -n "Default is \"ntsec\". CYGWIN="
- read -e _cygwin
- fi
- [ -z "${_cygwin}" ] && _cygwin="ntsec"
- if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ]
- then
- if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -u sshd_server -w "${_password}" -e "CYGWIN=${_cygwin}"
- then
- echo
- echo "The service has been installed under sshd_server account."
- echo "To start the service, call \`net start sshd' or \`cygrunsrv -S sshd'."
- fi
- else
- if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=${_cygwin}"
- then
- echo
- echo "The service has been installed under LocalSystem account."
- echo "To start the service, call \`net start sshd' or \`cygrunsrv -S sshd'."
- fi
- fi
- fi
- # Now check if sshd has been successfully installed. This allows to
- # set the ownership of the affected files correctly.
- if cygrunsrv -Q sshd > /dev/null 2>&1
- then
- if [ $_nt2003 -gt 0 -a "${sshd_server_in_sam}" = "yes" ]
- then
- _user="sshd_server"
- else
- _user="system"
- fi
- chown "${_user}" ${SYSCONFDIR}/ssh*
- chown "${_user}".544 ${LOCALSTATEDIR}/empty
- if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
- then
- chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log
- fi
- fi
- fi
-fi
-
-echo
-echo "Host configuration finished. Have fun!"
diff --git a/crypto/openssh/contrib/cygwin/ssh-user-config b/crypto/openssh/contrib/cygwin/ssh-user-config
deleted file mode 100644
index fe07ce3609bb..000000000000
--- a/crypto/openssh/contrib/cygwin/ssh-user-config
+++ /dev/null
@@ -1,250 +0,0 @@
-#!/bin/sh
-#
-# ssh-user-config, Copyright 2000, 2001, 2002, 2003, Red Hat Inc.
-#
-# This file is part of the Cygwin port of OpenSSH.
-
-# Directory where the config files are stored
-SYSCONFDIR=/etc
-
-progname=$0
-auto_answer=""
-auto_passphrase="no"
-passphrase=""
-
-request()
-{
- if [ "${auto_answer}" = "yes" ]
- then
- return 0
- elif [ "${auto_answer}" = "no" ]
- then
- return 1
- fi
-
- answer=""
- while [ "X${answer}" != "Xyes" -a "X${answer}" != "Xno" ]
- do
- echo -n "$1 (yes/no) "
- read answer
- done
- if [ "X${answer}" = "Xyes" ]
- then
- return 0
- else
- return 1
- fi
-}
-
-# Check if running on NT
-_sys="`uname -a`"
-_nt=`expr "$_sys" : "CYGWIN_NT"`
-# If running on NT, check if running under 2003 Server or later
-if [ $_nt -gt 0 ]
-then
- _nt2003=`uname | awk -F- '{print ( $2 >= 5.2 ) ? 1 : 0;}'`
-fi
-
-# Check options
-
-while :
-do
- case $# in
- 0)
- break
- ;;
- esac
-
- option=$1
- shift
-
- case "$option" in
- -d | --debug )
- set -x
- ;;
-
- -y | --yes )
- auto_answer=yes
- ;;
-
- -n | --no )
- auto_answer=no
- ;;
-
- -p | --passphrase )
- with_passphrase="yes"
- passphrase=$1
- shift
- ;;
-
- *)
- echo "usage: ${progname} [OPTION]..."
- echo
- echo "This script creates an OpenSSH user configuration."
- echo
- echo "Options:"
- echo " --debug -d Enable shell's debug output."
- echo " --yes -y Answer all questions with \"yes\" automatically."
- echo " --no -n Answer all questions with \"no\" automatically."
- echo " --passphrase -p word Use \"word\" as passphrase automatically."
- echo
- exit 1
- ;;
-
- esac
-done
-
-# Ask user if user identity should be generated
-
-if [ ! -f ${SYSCONFDIR}/passwd ]
-then
- echo "${SYSCONFDIR}/passwd is nonexistant. Please generate an ${SYSCONFDIR}/passwd file"
- echo 'first using mkpasswd. Check if it contains an entry for you and'
- echo 'please care for the home directory in your entry as well.'
- exit 1
-fi
-
-uid=`id -u`
-pwdhome=`awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd`
-
-if [ "X${pwdhome}" = "X" ]
-then
- echo "There is no home directory set for you in ${SYSCONFDIR}/passwd."
- echo 'Setting $HOME is not sufficient!'
- exit 1
-fi
-
-if [ ! -d "${pwdhome}" ]
-then
- echo "${pwdhome} is set in ${SYSCONFDIR}/passwd as your home directory"
- echo 'but it is not a valid directory. Cannot create user identity files.'
- exit 1
-fi
-
-# If home is the root dir, set home to empty string to avoid error messages
-# in subsequent parts of that script.
-if [ "X${pwdhome}" = "X/" ]
-then
- # But first raise a warning!
- echo "Your home directory in ${SYSCONFDIR}/passwd is set to root (/). This is not recommended!"
- if request "Would you like to proceed anyway?"
- then
- pwdhome=''
- else
- exit 1
- fi
-fi
-
-if [ -d "${pwdhome}" -a $_nt -gt 0 -a -n "`chmod -c g-w,o-w "${pwdhome}"`" ]
-then
- echo
- echo 'WARNING: group and other have been revoked write permission to your home'
- echo " directory ${pwdhome}."
- echo ' This is required by OpenSSH to allow public key authentication using'
- echo ' the key files stored in your .ssh subdirectory.'
- echo ' Revert this change ONLY if you know what you are doing!'
- echo
-fi
-
-if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
-then
- echo "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files."
- exit 1
-fi
-
-if [ ! -e "${pwdhome}/.ssh" ]
-then
- mkdir "${pwdhome}/.ssh"
- if [ ! -e "${pwdhome}/.ssh" ]
- then
- echo "Creating users ${pwdhome}/.ssh directory failed"
- exit 1
- fi
-fi
-
-if [ $_nt -gt 0 ]
-then
- _user="system"
- if [ $_nt2003 -gt 0 ]
- then
- grep -q '^sshd_server:' ${SYSCONFDIR}/passwd && _user="sshd_server"
- fi
- if ! setfacl -m "u::rwx,u:${_user}:r--,g::---,o::---" "${pwdhome}/.ssh"
- then
- echo "${pwdhome}/.ssh couldn't be given the correct permissions."
- echo "Please try to solve this problem first."
- exit 1
- fi
-fi
-
-if [ ! -f "${pwdhome}/.ssh/identity" ]
-then
- if request "Shall I create an SSH1 RSA identity file for you?"
- then
- echo "Generating ${pwdhome}/.ssh/identity"
- if [ "${with_passphrase}" = "yes" ]
- then
- ssh-keygen -t rsa1 -N "${passphrase}" -f "${pwdhome}/.ssh/identity" > /dev/null
- else
- ssh-keygen -t rsa1 -f "${pwdhome}/.ssh/identity" > /dev/null
- fi
- if request "Do you want to use this identity to login to this machine?"
- then
- echo "Adding to ${pwdhome}/.ssh/authorized_keys"
- cat "${pwdhome}/.ssh/identity.pub" >> "${pwdhome}/.ssh/authorized_keys"
- fi
- fi
-fi
-
-if [ ! -f "${pwdhome}/.ssh/id_rsa" ]
-then
- if request "Shall I create an SSH2 RSA identity file for you? (yes/no) "
- then
- echo "Generating ${pwdhome}/.ssh/id_rsa"
- if [ "${with_passphrase}" = "yes" ]
- then
- ssh-keygen -t rsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_rsa" > /dev/null
- else
- ssh-keygen -t rsa -f "${pwdhome}/.ssh/id_rsa" > /dev/null
- fi
- if request "Do you want to use this identity to login to this machine?"
- then
- echo "Adding to ${pwdhome}/.ssh/authorized_keys"
- cat "${pwdhome}/.ssh/id_rsa.pub" >> "${pwdhome}/.ssh/authorized_keys"
- fi
- fi
-fi
-
-if [ ! -f "${pwdhome}/.ssh/id_dsa" ]
-then
- if request "Shall I create an SSH2 DSA identity file for you? (yes/no) "
- then
- echo "Generating ${pwdhome}/.ssh/id_dsa"
- if [ "${with_passphrase}" = "yes" ]
- then
- ssh-keygen -t dsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_dsa" > /dev/null
- else
- ssh-keygen -t dsa -f "${pwdhome}/.ssh/id_dsa" > /dev/null
- fi
- if request "Do you want to use this identity to login to this machine?"
- then
- echo "Adding to ${pwdhome}/.ssh/authorized_keys"
- cat "${pwdhome}/.ssh/id_dsa.pub" >> "${pwdhome}/.ssh/authorized_keys"
- fi
- fi
-fi
-
-if [ $_nt -gt 0 -a -e "${pwdhome}/.ssh/authorized_keys" ]
-then
- if ! setfacl -m "u::rw-,u:${_user}:r--,g::---,o::---" "${pwdhome}/.ssh/authorized_keys"
- then
- echo
- echo "WARNING: Setting correct permissions to ${pwdhome}/.ssh/authorized_keys"
- echo "failed. Please care for the correct permissions. The minimum requirement"
- echo "is, the owner and ${_user} both need read permissions."
- echo
- fi
-fi
-
-echo
-echo "Configuration finished. Have fun!"
diff --git a/crypto/openssh/contrib/findssl.sh b/crypto/openssh/contrib/findssl.sh
deleted file mode 100644
index 0c08d4a189af..000000000000
--- a/crypto/openssh/contrib/findssl.sh
+++ /dev/null
@@ -1,159 +0,0 @@
-#!/bin/sh
-#
-# findssl.sh
-# Search for all instances of OpenSSL headers and libraries
-# and print their versions.
-# Intended to help diagnose OpenSSH's "OpenSSL headers do not
-# match your library" errors.
-#
-# Written by Darren Tucker (dtucker at zip dot com dot au)
-# This file is placed in the public domain.
-#
-# $Id: findssl.sh,v 1.2 2003/11/21 12:48:56 djm Exp $
-# 2002-07-27: Initial release.
-# 2002-08-04: Added public domain notice.
-# 2003-06-24: Incorporated readme, set library paths. First cvs version.
-#
-# "OpenSSL headers do not match your library" are usually caused by
-# OpenSSH's configure picking up an older version of OpenSSL headers
-# or libraries. You can use the following # procedure to help identify
-# the cause.
-#
-# The output of configure will tell you the versions of the OpenSSL
-# headers and libraries that were picked up, for example:
-#
-# checking OpenSSL header version... 90604f (OpenSSL 0.9.6d 9 May 2002)
-# checking OpenSSL library version... 90602f (OpenSSL 0.9.6b [engine] 9 Jul 2001)
-# checking whether OpenSSL's headers match the library... no
-# configure: error: Your OpenSSL headers do not match your library
-#
-# Now run findssl.sh. This should identify the headers and libraries
-# present and their versions. You should be able to identify the
-# libraries and headers used and adjust your CFLAGS or remove incorrect
-# versions. The output will show OpenSSL's internal version identifier
-# and should look something like:
-
-# $ ./findssl.sh
-# Searching for OpenSSL header files.
-# 0x0090604fL /usr/include/openssl/opensslv.h
-# 0x0090604fL /usr/local/ssl/include/openssl/opensslv.h
-#
-# Searching for OpenSSL shared library files.
-# 0x0090602fL /lib/libcrypto.so.0.9.6b
-# 0x0090602fL /lib/libcrypto.so.2
-# 0x0090581fL /usr/lib/libcrypto.so.0
-# 0x0090602fL /usr/lib/libcrypto.so
-# 0x0090581fL /usr/lib/libcrypto.so.0.9.5a
-# 0x0090600fL /usr/lib/libcrypto.so.0.9.6
-# 0x0090600fL /usr/lib/libcrypto.so.1
-#
-# Searching for OpenSSL static library files.
-# 0x0090602fL /usr/lib/libcrypto.a
-# 0x0090604fL /usr/local/ssl/lib/libcrypto.a
-#
-# In this example, I gave configure no extra flags, so it's picking up
-# the OpenSSL header from /usr/include/openssl (90604f) and the library
-# from /usr/lib/ (90602f).
-
-#
-# Adjust these to suit your compiler.
-# You may also need to set the *LIB*PATH environment variables if
-# DEFAULT_LIBPATH is not correct for your system.
-#
-CC=gcc
-STATIC=-static
-
-#
-# Set up conftest C source
-#
-rm -f findssl.log
-cat >conftest.c <<EOD
-#include <stdio.h>
-int main(){printf("0x%08xL\n", SSLeay());}
-EOD
-
-#
-# Set default library paths if not already set
-#
-DEFAULT_LIBPATH=/usr/lib:/usr/local/lib
-LIBPATH=${LIBPATH:=$DEFAULT_LIBPATH}
-LD_LIBRARY_PATH=${LD_LIBRARY_PATH:=$DEFAULT_LIBPATH}
-LIBRARY_PATH=${LIBRARY_PATH:=$DEFAULT_LIBPATH}
-export LIBPATH LD_LIBRARY_PATH LIBRARY_PATH
-
-#
-# Search for OpenSSL headers and print versions
-#
-echo Searching for OpenSSL header files.
-if [ -x "`which locate`" ]
-then
- headers=`locate opensslv.h`
-else
- headers=`find / -name opensslv.h -print 2>/dev/null`
-fi
-
-for header in $headers
-do
- ver=`awk '/OPENSSL_VERSION_NUMBER/{printf \$3}' $header`
- echo "$ver $header"
-done
-echo
-
-#
-# Search for shared libraries.
-# Relies on shared libraries looking like "libcrypto.s*"
-#
-echo Searching for OpenSSL shared library files.
-if [ -x "`which locate`" ]
-then
- libraries=`locate libcrypto.s`
-else
- libraries=`find / -name 'libcrypto.s*' -print 2>/dev/null`
-fi
-
-for lib in $libraries
-do
- (echo "Trying libcrypto $lib" >>findssl.log
- dir=`dirname $lib`
- LIBPATH="$dir:$LIBPATH"
- LD_LIBRARY_PATH="$dir:$LIBPATH"
- LIBRARY_PATH="$dir:$LIBPATH"
- export LIBPATH LD_LIBRARY_PATH LIBRARY_PATH
- ${CC} -o conftest conftest.c $lib 2>>findssl.log
- if [ -x ./conftest ]
- then
- ver=`./conftest 2>/dev/null`
- rm -f ./conftest
- echo "$ver $lib"
- fi)
-done
-echo
-
-#
-# Search for static OpenSSL libraries and print versions
-#
-echo Searching for OpenSSL static library files.
-if [ -x "`which locate`" ]
-then
- libraries=`locate libcrypto.a`
-else
- libraries=`find / -name libcrypto.a -print 2>/dev/null`
-fi
-
-for lib in $libraries
-do
- libdir=`dirname $lib`
- echo "Trying libcrypto $lib" >>findssl.log
- ${CC} ${STATIC} -o conftest conftest.c -L${libdir} -lcrypto 2>>findssl.log
- if [ -x ./conftest ]
- then
- ver=`./conftest 2>/dev/null`
- rm -f ./conftest
- echo "$ver $lib"
- fi
-done
-
-#
-# Clean up
-#
-rm -f conftest.c
diff --git a/crypto/openssh/contrib/gnome-ssh-askpass1.c b/crypto/openssh/contrib/gnome-ssh-askpass1.c
deleted file mode 100644
index 4d51032d1d36..000000000000
--- a/crypto/openssh/contrib/gnome-ssh-askpass1.c
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
- * Copyright (c) 2000-2002 Damien Miller. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * This is a simple GNOME SSH passphrase grabber. To use it, set the
- * environment variable SSH_ASKPASS to point to the location of
- * gnome-ssh-askpass before calling "ssh-add < /dev/null".
- *
- * There is only two run-time options: if you set the environment variable
- * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab
- * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the
- * pointer will be grabbed too. These may have some benefit to security if
- * you don't trust your X server. We grab the keyboard always.
- */
-
-/*
- * Compile with:
- *
- * cc `gnome-config --cflags gnome gnomeui` \
- * gnome-ssh-askpass1.c -o gnome-ssh-askpass \
- * `gnome-config --libs gnome gnomeui`
- *
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <gnome.h>
-#include <X11/Xlib.h>
-#include <gdk/gdkx.h>
-
-void
-report_failed_grab (void)
-{
- GtkWidget *err;
-
- err = gnome_message_box_new("Could not grab keyboard or mouse.\n"
- "A malicious client may be eavesdropping on your session.",
- GNOME_MESSAGE_BOX_ERROR, "EXIT", NULL);
- gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER);
- gtk_object_set(GTK_OBJECT(err), "type", GTK_WINDOW_POPUP, NULL);
-
- gnome_dialog_run_and_close(GNOME_DIALOG(err));
-}
-
-int
-passphrase_dialog(char *message)
-{
- char *passphrase;
- char **messages;
- int result, i, grab_server, grab_pointer;
- GtkWidget *dialog, *entry, *label;
-
- grab_server = (getenv("GNOME_SSH_ASKPASS_GRAB_SERVER") != NULL);
- grab_pointer = (getenv("GNOME_SSH_ASKPASS_GRAB_POINTER") != NULL);
-
- dialog = gnome_dialog_new("OpenSSH", GNOME_STOCK_BUTTON_OK,
- GNOME_STOCK_BUTTON_CANCEL, NULL);
-
- messages = g_strsplit(message, "\\n", 0);
- if (messages)
- for(i = 0; messages[i]; i++) {
- label = gtk_label_new(messages[i]);
- gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox),
- label, FALSE, FALSE, 0);
- }
-
- entry = gtk_entry_new();
- gtk_box_pack_start(GTK_BOX(GNOME_DIALOG(dialog)->vbox), entry, FALSE,
- FALSE, 0);
- gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE);
- gtk_widget_grab_focus(entry);
-
- /* Center window and prepare for grab */
- gtk_object_set(GTK_OBJECT(dialog), "type", GTK_WINDOW_POPUP, NULL);
- gnome_dialog_set_default(GNOME_DIALOG(dialog), 0);
- gtk_window_set_position (GTK_WINDOW(dialog), GTK_WIN_POS_CENTER);
- gtk_window_set_policy(GTK_WINDOW(dialog), FALSE, FALSE, TRUE);
- gnome_dialog_close_hides(GNOME_DIALOG(dialog), TRUE);
- gtk_container_set_border_width(GTK_CONTAINER(GNOME_DIALOG(dialog)->vbox),
- GNOME_PAD);
- gtk_widget_show_all(dialog);
-
- /* Grab focus */
- if (grab_server)
- XGrabServer(GDK_DISPLAY());
- if (grab_pointer && gdk_pointer_grab(dialog->window, TRUE, 0,
- NULL, NULL, GDK_CURRENT_TIME))
- goto nograb;
- if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME))
- goto nograbkb;
-
- /* Make <enter> close dialog */
- gnome_dialog_editable_enters(GNOME_DIALOG(dialog), GTK_EDITABLE(entry));
-
- /* Run dialog */
- result = gnome_dialog_run(GNOME_DIALOG(dialog));
-
- /* Ungrab */
- if (grab_server)
- XUngrabServer(GDK_DISPLAY());
- if (grab_pointer)
- gdk_pointer_ungrab(GDK_CURRENT_TIME);
- gdk_keyboard_ungrab(GDK_CURRENT_TIME);
- gdk_flush();
-
- /* Report passphrase if user selected OK */
- passphrase = gtk_entry_get_text(GTK_ENTRY(entry));
- if (result == 0)
- puts(passphrase);
-
- /* Zero passphrase in memory */
- memset(passphrase, '\0', strlen(passphrase));
- gtk_entry_set_text(GTK_ENTRY(entry), passphrase);
-
- gnome_dialog_close(GNOME_DIALOG(dialog));
- return (result == 0 ? 0 : -1);
-
- /* At least one grab failed - ungrab what we got, and report
- the failure to the user. Note that XGrabServer() cannot
- fail. */
- nograbkb:
- gdk_pointer_ungrab(GDK_CURRENT_TIME);
- nograb:
- if (grab_server)
- XUngrabServer(GDK_DISPLAY());
- gnome_dialog_close(GNOME_DIALOG(dialog));
-
- report_failed_grab();
- return (-1);
-}
-
-int
-main(int argc, char **argv)
-{
- char *message;
- int result;
-
- gnome_init("GNOME ssh-askpass", "0.1", argc, argv);
-
- if (argc == 2)
- message = argv[1];
- else
- message = "Enter your OpenSSH passphrase:";
-
- setvbuf(stdout, 0, _IONBF, 0);
- result = passphrase_dialog(message);
-
- return (result);
-}
diff --git a/crypto/openssh/contrib/gnome-ssh-askpass2.c b/crypto/openssh/contrib/gnome-ssh-askpass2.c
deleted file mode 100644
index 0ce8daec9b14..000000000000
--- a/crypto/openssh/contrib/gnome-ssh-askpass2.c
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * Copyright (c) 2000-2002 Damien Miller. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* GTK2 support by Nalin Dahyabhai <nalin@redhat.com> */
-
-/*
- * This is a simple GNOME SSH passphrase grabber. To use it, set the
- * environment variable SSH_ASKPASS to point to the location of
- * gnome-ssh-askpass before calling "ssh-add < /dev/null".
- *
- * There is only two run-time options: if you set the environment variable
- * "GNOME_SSH_ASKPASS_GRAB_SERVER=true" then gnome-ssh-askpass will grab
- * the X server. If you set "GNOME_SSH_ASKPASS_GRAB_POINTER=true", then the
- * pointer will be grabbed too. These may have some benefit to security if
- * you don't trust your X server. We grab the keyboard always.
- */
-
-#define GRAB_TRIES 16
-#define GRAB_WAIT 250 /* milliseconds */
-
-/*
- * Compile with:
- *
- * cc -Wall `pkg-config --cflags gtk+-2.0` \
- * gnome-ssh-askpass2.c -o gnome-ssh-askpass \
- * `pkg-config --libs gtk+-2.0`
- *
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <X11/Xlib.h>
-#include <gtk/gtk.h>
-#include <gdk/gdkx.h>
-
-static void
-report_failed_grab (const char *what)
-{
- GtkWidget *err;
-
- err = gtk_message_dialog_new(NULL, 0,
- GTK_MESSAGE_ERROR,
- GTK_BUTTONS_CLOSE,
- "Could not grab %s. "
- "A malicious client may be eavesdropping "
- "on your session.", what);
- gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER);
- gtk_label_set_line_wrap(GTK_LABEL((GTK_MESSAGE_DIALOG(err))->label),
- TRUE);
-
- gtk_dialog_run(GTK_DIALOG(err));
-
- gtk_widget_destroy(err);
-}
-
-static void
-ok_dialog(GtkWidget *entry, gpointer dialog)
-{
- g_return_if_fail(GTK_IS_DIALOG(dialog));
- gtk_dialog_response(GTK_DIALOG(dialog), GTK_RESPONSE_OK);
-}
-
-static int
-passphrase_dialog(char *message)
-{
- const char *failed;
- char *passphrase, *local;
- int result, grab_tries, grab_server, grab_pointer;
- GtkWidget *dialog, *entry;
- GdkGrabStatus status;
-
- grab_server = (getenv("GNOME_SSH_ASKPASS_GRAB_SERVER") != NULL);
- grab_pointer = (getenv("GNOME_SSH_ASKPASS_GRAB_POINTER") != NULL);
- grab_tries = 0;
-
- dialog = gtk_message_dialog_new(NULL, 0,
- GTK_MESSAGE_QUESTION,
- GTK_BUTTONS_OK_CANCEL,
- "%s",
- message);
-
- entry = gtk_entry_new();
- gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox), entry, FALSE,
- FALSE, 0);
- gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE);
- gtk_widget_grab_focus(entry);
- gtk_widget_show(entry);
-
- gtk_window_set_title(GTK_WINDOW(dialog), "OpenSSH");
- gtk_window_set_position (GTK_WINDOW(dialog), GTK_WIN_POS_CENTER);
- gtk_label_set_line_wrap(GTK_LABEL((GTK_MESSAGE_DIALOG(dialog))->label),
- TRUE);
-
- /* Make <enter> close dialog */
- gtk_dialog_set_default_response(GTK_DIALOG(dialog), GTK_RESPONSE_OK);
- g_signal_connect(G_OBJECT(entry), "activate",
- G_CALLBACK(ok_dialog), dialog);
-
- /* Grab focus */
- gtk_widget_show_now(dialog);
- if (grab_pointer) {
- for(;;) {
- status = gdk_pointer_grab(
- (GTK_WIDGET(dialog))->window, TRUE, 0, NULL,
- NULL, GDK_CURRENT_TIME);
- if (status == GDK_GRAB_SUCCESS)
- break;
- usleep(GRAB_WAIT * 1000);
- if (++grab_tries > GRAB_TRIES) {
- failed = "mouse";
- goto nograb;
- }
- }
- }
- for(;;) {
- status = gdk_keyboard_grab((GTK_WIDGET(dialog))->window,
- FALSE, GDK_CURRENT_TIME);
- if (status == GDK_GRAB_SUCCESS)
- break;
- usleep(GRAB_WAIT * 1000);
- if (++grab_tries > GRAB_TRIES) {
- failed = "keyboard";
- goto nograbkb;
- }
- }
- if (grab_server) {
- gdk_x11_grab_server();
- }
-
- result = gtk_dialog_run(GTK_DIALOG(dialog));
-
- /* Ungrab */
- if (grab_server)
- XUngrabServer(GDK_DISPLAY());
- if (grab_pointer)
- gdk_pointer_ungrab(GDK_CURRENT_TIME);
- gdk_keyboard_ungrab(GDK_CURRENT_TIME);
- gdk_flush();
-
- /* Report passphrase if user selected OK */
- passphrase = g_strdup(gtk_entry_get_text(GTK_ENTRY(entry)));
- if (result == GTK_RESPONSE_OK) {
- local = g_locale_from_utf8(passphrase, strlen(passphrase),
- NULL, NULL, NULL);
- if (local != NULL) {
- puts(local);
- memset(local, '\0', strlen(local));
- g_free(local);
- } else {
- puts(passphrase);
- }
- }
-
- /* Zero passphrase in memory */
- memset(passphrase, '\b', strlen(passphrase));
- gtk_entry_set_text(GTK_ENTRY(entry), passphrase);
- memset(passphrase, '\0', strlen(passphrase));
- g_free(passphrase);
-
- gtk_widget_destroy(dialog);
- return (result == GTK_RESPONSE_OK ? 0 : -1);
-
- /* At least one grab failed - ungrab what we got, and report
- the failure to the user. Note that XGrabServer() cannot
- fail. */
- nograbkb:
- gdk_pointer_ungrab(GDK_CURRENT_TIME);
- nograb:
- if (grab_server)
- XUngrabServer(GDK_DISPLAY());
- gtk_widget_destroy(dialog);
-
- report_failed_grab(failed);
-
- return (-1);
-}
-
-int
-main(int argc, char **argv)
-{
- char *message;
- int result;
-
- gtk_init(&argc, &argv);
-
- if (argc > 1) {
- message = g_strjoinv(" ", argv + 1);
- } else {
- message = g_strdup("Enter your OpenSSH passphrase:");
- }
-
- setvbuf(stdout, 0, _IONBF, 0);
- result = passphrase_dialog(message);
- g_free(message);
-
- return (result);
-}
diff --git a/crypto/openssh/contrib/hpux/README b/crypto/openssh/contrib/hpux/README
deleted file mode 100644
index f8bfa84e4986..000000000000
--- a/crypto/openssh/contrib/hpux/README
+++ /dev/null
@@ -1,45 +0,0 @@
-README for OpenSSH HP-UX contrib files
-Kevin Steves <stevesk@pobox.com>
-
-sshd: configuration file for sshd.rc
-sshd.rc: SSH startup script
-egd: configuration file for egd.rc
-egd.rc: EGD (entropy gathering daemon) startup script
-
-To install:
-
-sshd.rc:
-
-o Verify paths in sshd.rc match your local installation
- (WHAT_PATH and WHAT_PID)
-o Customize sshd if needed (SSHD_ARGS)
-o Install:
-
- # cp sshd /etc/rc.config.d
- # chmod 444 /etc/rc.config.d/sshd
- # cp sshd.rc /sbin/init.d
- # chmod 555 /sbin/init.d/sshd.rc
- # ln -s /sbin/init.d/sshd.rc /sbin/rc1.d/K100sshd
- # ln -s /sbin/init.d/sshd.rc /sbin/rc2.d/S900sshd
-
-egd.rc:
-
-o Verify egd.pl path in egd.rc matches your local installation
- (WHAT_PATH)
-o Customize egd if needed (EGD_ARGS and EGD_LOG)
-o Add pseudo account:
-
- # groupadd egd
- # useradd -g egd egd
- # mkdir -p /etc/opt/egd
- # chown egd:egd /etc/opt/egd
- # chmod 711 /etc/opt/egd
-
-o Install:
-
- # cp egd /etc/rc.config.d
- # chmod 444 /etc/rc.config.d/egd
- # cp egd.rc /sbin/init.d
- # chmod 555 /sbin/init.d/egd.rc
- # ln -s /sbin/init.d/egd.rc /sbin/rc1.d/K600egd
- # ln -s /sbin/init.d/egd.rc /sbin/rc2.d/S400egd
diff --git a/crypto/openssh/contrib/hpux/egd b/crypto/openssh/contrib/hpux/egd
deleted file mode 100644
index 21af0bd13e7a..000000000000
--- a/crypto/openssh/contrib/hpux/egd
+++ /dev/null
@@ -1,15 +0,0 @@
-# EGD_START: Set to 1 to start entropy gathering daemon
-# EGD_ARGS: Command line arguments to pass to egd
-# EGD_LOG: EGD stdout and stderr log file (default /etc/opt/egd/egd.log)
-#
-# To configure the egd environment:
-
-# groupadd egd
-# useradd -g egd egd
-# mkdir -p /etc/opt/egd
-# chown egd:egd /etc/opt/egd
-# chmod 711 /etc/opt/egd
-
-EGD_START=1
-EGD_ARGS='/etc/opt/egd/entropy'
-EGD_LOG=
diff --git a/crypto/openssh/contrib/hpux/egd.rc b/crypto/openssh/contrib/hpux/egd.rc
deleted file mode 100755
index 919dea7255cd..000000000000
--- a/crypto/openssh/contrib/hpux/egd.rc
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/sbin/sh
-
-#
-# egd.rc: EGD start-up and shutdown script
-#
-
-# Allowed exit values:
-# 0 = success; causes "OK" to show up in checklist.
-# 1 = failure; causes "FAIL" to show up in checklist.
-# 2 = skip; causes "N/A" to show up in the checklist.
-# Use this value if execution of this script is overridden
-# by the use of a control variable, or if this script is not
-# appropriate to execute for some other reason.
-# 3 = reboot; causes the system to be rebooted after execution.
-
-# Input and output:
-# stdin is redirected from /dev/null
-#
-# stdout and stderr are redirected to the /etc/rc.log file
-# during checklist mode, or to the console in raw mode.
-
-umask 022
-
-PATH=/usr/sbin:/usr/bin:/sbin
-export PATH
-
-WHAT='EGD (entropy gathering daemon)'
-WHAT_PATH=/opt/perl/bin/egd.pl
-WHAT_CONFIG=/etc/rc.config.d/egd
-WHAT_LOG=/etc/opt/egd/egd.log
-
-# NOTE: If your script executes in run state 0 or state 1, then /usr might
-# not be available. Do not attempt to access commands or files in
-# /usr unless your script executes in run state 2 or greater. Other
-# file systems typically not mounted until run state 2 include /var
-# and /opt.
-
-rval=0
-
-# Check the exit value of a command run by this script. If non-zero, the
-# exit code is echoed to the log file and the return value of this script
-# is set to indicate failure.
-
-set_return() {
- x=$?
- if [ $x -ne 0 ]; then
- echo "EXIT CODE: $x"
- rval=1 # script FAILed
- fi
-}
-
-case $1 in
-'start_msg')
- echo "Starting $WHAT"
- ;;
-
-'stop_msg')
- echo "Stopping $WHAT"
- ;;
-
-'start')
- if [ -f $WHAT_CONFIG ] ; then
- . $WHAT_CONFIG
- else
- echo "ERROR: $WHAT_CONFIG defaults file MISSING"
- fi
-
-
- if [ "$EGD_START" -eq 1 -a -x $WHAT_PATH ]; then
- EGD_LOG=${EGD_LOG:-$WHAT_LOG}
- su egd -c "nohup $WHAT_PATH $EGD_ARGS >$EGD_LOG 2>&1" &&
- echo $WHAT started
- set_return
- else
- rval=2
- fi
- ;;
-
-'stop')
- pid=`ps -fuegd | awk '$1 == "egd" { print $2 }'`
- if [ "X$pid" != "X" ]; then
- if kill "$pid"; then
- echo "$WHAT stopped"
- else
- rval=1
- echo "Unable to stop $WHAT"
- fi
- fi
- set_return
- ;;
-
-*)
- echo "usage: $0 {start|stop|start_msg|stop_msg}"
- rval=1
- ;;
-esac
-
-exit $rval
diff --git a/crypto/openssh/contrib/hpux/sshd b/crypto/openssh/contrib/hpux/sshd
deleted file mode 100644
index 8eb5e92a30bc..000000000000
--- a/crypto/openssh/contrib/hpux/sshd
+++ /dev/null
@@ -1,5 +0,0 @@
-# SSHD_START: Set to 1 to start SSH daemon
-# SSHD_ARGS: Command line arguments to pass to sshd
-#
-SSHD_START=1
-SSHD_ARGS=
diff --git a/crypto/openssh/contrib/hpux/sshd.rc b/crypto/openssh/contrib/hpux/sshd.rc
deleted file mode 100755
index f9a10999b01c..000000000000
--- a/crypto/openssh/contrib/hpux/sshd.rc
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/sbin/sh
-
-#
-# sshd.rc: SSH daemon start-up and shutdown script
-#
-
-# Allowed exit values:
-# 0 = success; causes "OK" to show up in checklist.
-# 1 = failure; causes "FAIL" to show up in checklist.
-# 2 = skip; causes "N/A" to show up in the checklist.
-# Use this value if execution of this script is overridden
-# by the use of a control variable, or if this script is not
-# appropriate to execute for some other reason.
-# 3 = reboot; causes the system to be rebooted after execution.
-
-# Input and output:
-# stdin is redirected from /dev/null
-#
-# stdout and stderr are redirected to the /etc/rc.log file
-# during checklist mode, or to the console in raw mode.
-
-PATH=/usr/sbin:/usr/bin:/sbin
-export PATH
-
-WHAT='OpenSSH'
-WHAT_PATH=/opt/openssh/sbin/sshd
-WHAT_PID=/var/run/sshd.pid
-WHAT_CONFIG=/etc/rc.config.d/sshd
-
-# NOTE: If your script executes in run state 0 or state 1, then /usr might
-# not be available. Do not attempt to access commands or files in
-# /usr unless your script executes in run state 2 or greater. Other
-# file systems typically not mounted until run state 2 include /var
-# and /opt.
-
-rval=0
-
-# Check the exit value of a command run by this script. If non-zero, the
-# exit code is echoed to the log file and the return value of this script
-# is set to indicate failure.
-
-set_return() {
- x=$?
- if [ $x -ne 0 ]; then
- echo "EXIT CODE: $x"
- rval=1 # script FAILed
- fi
-}
-
-case $1 in
-'start_msg')
- echo "Starting $WHAT"
- ;;
-
-'stop_msg')
- echo "Stopping $WHAT"
- ;;
-
-'start')
- if [ -f $WHAT_CONFIG ] ; then
- . $WHAT_CONFIG
- else
- echo "ERROR: $WHAT_CONFIG defaults file MISSING"
- fi
-
- if [ "$SSHD_START" -eq 1 -a -x "$WHAT_PATH" ]; then
- $WHAT_PATH $SSHD_ARGS && echo "$WHAT started"
- set_return
- else
- rval=2
- fi
- ;;
-
-'stop')
- if kill `cat $WHAT_PID`; then
- echo "$WHAT stopped"
- else
- rval=1
- echo "Unable to stop $WHAT"
- fi
- set_return
- ;;
-
-*)
- echo "usage: $0 {start|stop|start_msg|stop_msg}"
- rval=1
- ;;
-esac
-
-exit $rval
diff --git a/crypto/openssh/contrib/redhat/gnome-ssh-askpass.csh b/crypto/openssh/contrib/redhat/gnome-ssh-askpass.csh
deleted file mode 100644
index dd77712cdb3a..000000000000
--- a/crypto/openssh/contrib/redhat/gnome-ssh-askpass.csh
+++ /dev/null
@@ -1 +0,0 @@
-setenv SSH_ASKPASS /usr/libexec/openssh/gnome-ssh-askpass
diff --git a/crypto/openssh/contrib/redhat/gnome-ssh-askpass.sh b/crypto/openssh/contrib/redhat/gnome-ssh-askpass.sh
deleted file mode 100644
index 355189f45cbe..000000000000
--- a/crypto/openssh/contrib/redhat/gnome-ssh-askpass.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass
-export SSH_ASKPASS
diff --git a/crypto/openssh/contrib/redhat/openssh.spec b/crypto/openssh/contrib/redhat/openssh.spec
deleted file mode 100644
index b7470092b50f..000000000000
--- a/crypto/openssh/contrib/redhat/openssh.spec
+++ /dev/null
@@ -1,804 +0,0 @@
-%define ver 3.8.1p1
-%define rel 1
-
-# OpenSSH privilege separation requires a user & group ID
-%define sshd_uid 74
-%define sshd_gid 74
-
-# Version of ssh-askpass
-%define aversion 1.2.4.1
-
-# Do we want to disable building of x11-askpass? (1=yes 0=no)
-%define no_x11_askpass 0
-
-# Do we want to disable building of gnome-askpass? (1=yes 0=no)
-%define no_gnome_askpass 0
-
-# Do we want to link against a static libcrypto? (1=yes 0=no)
-%define static_libcrypto 0
-
-# Do we want smartcard support (1=yes 0=no)
-%define scard 0
-
-# Use GTK2 instead of GNOME in gnome-ssh-askpass
-%define gtk2 1
-
-# Is this build for RHL 6.x?
-%define build6x 0
-
-# Do we want kerberos5 support (1=yes 0=no)
-%define kerberos5 1
-
-# Reserve options to override askpass settings with:
-# rpm -ba|--rebuild --define 'skip_xxx 1'
-%{?skip_x11_askpass:%define no_x11_askpass 1}
-%{?skip_gnome_askpass:%define no_gnome_askpass 1}
-
-# Add option to build without GTK2 for older platforms with only GTK+.
-# RedHat <= 7.2 and Red Hat Advanced Server 2.1 are examples.
-# rpm -ba|--rebuild --define 'no_gtk2 1'
-%{?no_gtk2:%define gtk2 0}
-
-# Is this a build for RHL 6.x or earlier?
-%{?build_6x:%define build6x 1}
-
-# If this is RHL 6.x, the default configuration has sysconfdir in /usr/etc.
-%if %{build6x}
-%define _sysconfdir /etc
-%endif
-
-# Options for static OpenSSL link:
-# rpm -ba|--rebuild --define "static_openssl 1"
-%{?static_openssl:%define static_libcrypto 1}
-
-# Options for Smartcard support: (needs libsectok and openssl-engine)
-# rpm -ba|--rebuild --define "smartcard 1"
-%{?smartcard:%define scard 1}
-
-# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
-%define rescue 0
-%{?build_rescue:%define rescue 1}
-
-# Turn off some stuff for resuce builds
-%if %{rescue}
-%define kerberos5 0
-%endif
-
-Summary: The OpenSSH implementation of SSH protocol versions 1 and 2.
-Name: openssh
-Version: %{ver}
-%if %{rescue}
-Release: %{rel}rescue
-%else
-Release: %{rel}
-%endif
-URL: http://www.openssh.com/portable.html
-Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
-Source1: http://www.pobox.com/~jmknoble/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
-License: BSD
-Group: Applications/Internet
-BuildRoot: %{_tmppath}/%{name}-%{version}-buildroot
-Obsoletes: ssh
-%if %{build6x}
-PreReq: initscripts >= 5.00
-%else
-PreReq: initscripts >= 5.20
-%endif
-BuildPreReq: perl, openssl-devel, tcp_wrappers
-BuildPreReq: /bin/login
-%if ! %{build6x}
-BuildPreReq: glibc-devel, pam
-%else
-BuildPreReq: /usr/include/security/pam_appl.h
-%endif
-%if ! %{no_x11_askpass}
-BuildPreReq: XFree86-devel
-%endif
-%if ! %{no_gnome_askpass}
-BuildPreReq: pkgconfig
-%endif
-%if %{kerberos5}
-BuildPreReq: krb5-devel
-BuildPreReq: krb5-libs
-%endif
-
-%package clients
-Summary: OpenSSH clients.
-Requires: openssh = %{version}-%{release}
-Group: Applications/Internet
-Obsoletes: ssh-clients
-
-%package server
-Summary: The OpenSSH server daemon.
-Group: System Environment/Daemons
-Obsoletes: ssh-server
-PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9
-%if ! %{build6x}
-Requires: /etc/pam.d/system-auth
-%endif
-
-%package askpass
-Summary: A passphrase dialog for OpenSSH and X.
-Group: Applications/Internet
-Requires: openssh = %{version}-%{release}
-Obsoletes: ssh-extras
-
-%package askpass-gnome
-Summary: A passphrase dialog for OpenSSH, X, and GNOME.
-Group: Applications/Internet
-Requires: openssh = %{version}-%{release}
-Obsoletes: ssh-extras
-
-%description
-SSH (Secure SHell) is a program for logging into and executing
-commands on a remote machine. SSH is intended to replace rlogin and
-rsh, and to provide secure encrypted communications between two
-untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's version of the last free version of SSH, bringing
-it up to date in terms of security and features, as well as removing
-all patented algorithms to separate libraries.
-
-This package includes the core files necessary for both the OpenSSH
-client and server. To make this package useful, you should also
-install openssh-clients, openssh-server, or both.
-
-%description clients
-OpenSSH is a free version of SSH (Secure SHell), a program for logging
-into and executing commands on a remote machine. This package includes
-the clients necessary to make encrypted connections to SSH servers.
-You'll also need to install the openssh package on OpenSSH clients.
-
-%description server
-OpenSSH is a free version of SSH (Secure SHell), a program for logging
-into and executing commands on a remote machine. This package contains
-the secure shell daemon (sshd). The sshd daemon allows SSH clients to
-securely connect to your SSH server. You also need to have the openssh
-package installed.
-
-%description askpass
-OpenSSH is a free version of SSH (Secure SHell), a program for logging
-into and executing commands on a remote machine. This package contains
-an X11 passphrase dialog for OpenSSH.
-
-%description askpass-gnome
-OpenSSH is a free version of SSH (Secure SHell), a program for logging
-into and executing commands on a remote machine. This package contains
-an X11 passphrase dialog for OpenSSH and the GNOME GUI desktop
-environment.
-
-%prep
-
-%if ! %{no_x11_askpass}
-%setup -q -a 1
-%else
-%setup -q
-%endif
-
-%build
-%if %{rescue}
-CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
-%endif
-
-%if %{kerberos5}
-K5DIR=`rpm -ql krb5-devel | grep include/krb5.h | sed 's,\/include\/krb5.h,,'`
-echo K5DIR=$K5DIR
-%endif
-
-%configure \
- --sysconfdir=%{_sysconfdir}/ssh \
- --libexecdir=%{_libexecdir}/openssh \
- --datadir=%{_datadir}/openssh \
- --with-tcp-wrappers \
- --with-rsh=%{_bindir}/rsh \
- --with-default-path=/usr/local/bin:/bin:/usr/bin \
- --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
- --with-privsep-path=%{_var}/empty/sshd \
- --with-md5-passwords \
-%if %{scard}
- --with-smartcard \
-%endif
-%if %{rescue}
- --without-pam \
-%else
- --with-pam \
-%endif
-%if %{kerberos5}
- --with-kerberos5=$K5DIR \
-%endif
-
-
-%if %{static_libcrypto}
-perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
-%endif
-
-make
-
-%if ! %{no_x11_askpass}
-pushd x11-ssh-askpass-%{aversion}
-%configure --libexecdir=%{_libexecdir}/openssh
-xmkmf -a
-make
-popd
-%endif
-
-# Define a variable to toggle gnome1/gtk2 building. This is necessary
-# because RPM doesn't handle nested %if statements.
-%if %{gtk2}
- gtk2=yes
-%else
- gtk2=no
-%endif
-
-%if ! %{no_gnome_askpass}
-pushd contrib
-if [ $gtk2 = yes ] ; then
- make gnome-ssh-askpass2
- mv gnome-ssh-askpass2 gnome-ssh-askpass
-else
- make gnome-ssh-askpass1
- mv gnome-ssh-askpass1 gnome-ssh-askpass
-fi
-popd
-%endif
-
-%install
-rm -rf $RPM_BUILD_ROOT
-mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
-mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
-mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshd
-
-make install DESTDIR=$RPM_BUILD_ROOT
-
-install -d $RPM_BUILD_ROOT/etc/pam.d/
-install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
-install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
-%if %{build6x}
-install -m644 contrib/redhat/sshd.pam.old $RPM_BUILD_ROOT/etc/pam.d/sshd
-%else
-install -m644 contrib/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
-%endif
-install -m755 contrib/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
-
-%if ! %{no_x11_askpass}
-install -s x11-ssh-askpass-%{aversion}/x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/x11-ssh-askpass
-ln -s x11-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
-%endif
-
-%if ! %{no_gnome_askpass}
-install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
-%endif
-
-%if ! %{scard}
- rm -f $RPM_BUILD_ROOT/usr/share/openssh/Ssh.bin
-%endif
-
-%if ! %{no_gnome_askpass}
-install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
-install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
-install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
-%endif
-
-perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%triggerun server -- ssh-server
-if [ "$1" != 0 -a -r /var/run/sshd.pid ] ; then
- touch /var/run/sshd.restart
-fi
-
-%triggerun server -- openssh-server < 2.5.0p1
-# Count the number of HostKey and HostDsaKey statements we have.
-gawk 'BEGIN {IGNORECASE=1}
- /^hostkey/ || /^hostdsakey/ {sawhostkey = sawhostkey + 1}
- END {exit sawhostkey}' /etc/ssh/sshd_config
-# And if we only found one, we know the client was relying on the old default
-# behavior, which loaded the the SSH2 DSA host key when HostDsaKey wasn't
-# specified. Now that HostKey is used for both SSH1 and SSH2 keys, specifying
-# one nullifies the default, which would have loaded both.
-if [ $? -eq 1 ] ; then
- echo HostKey /etc/ssh/ssh_host_rsa_key >> /etc/ssh/sshd_config
- echo HostKey /etc/ssh/ssh_host_dsa_key >> /etc/ssh/sshd_config
-fi
-
-%triggerpostun server -- ssh-server
-if [ "$1" != 0 ] ; then
- /sbin/chkconfig --add sshd
- if test -f /var/run/sshd.restart ; then
- rm -f /var/run/sshd.restart
- /sbin/service sshd start > /dev/null 2>&1 || :
- fi
-fi
-
-%pre server
-%{_sbindir}/groupadd -r -g %{sshd_gid} sshd 2>/dev/null || :
-%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
- -g sshd -M -r sshd 2>/dev/null || :
-
-%post server
-/sbin/chkconfig --add sshd
-
-%postun server
-/sbin/service sshd condrestart > /dev/null 2>&1 || :
-
-%preun server
-if [ "$1" = 0 ]
-then
- /sbin/service sshd stop > /dev/null 2>&1 || :
- /sbin/chkconfig --del sshd
-fi
-
-%files
-%defattr(-,root,root)
-%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW README* RFC* TODO WARNING*
-%attr(0755,root,root) %{_bindir}/scp
-%attr(0644,root,root) %{_mandir}/man1/scp.1*
-%attr(0755,root,root) %dir %{_sysconfdir}/ssh
-%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
-%if ! %{rescue}
-%attr(0755,root,root) %{_bindir}/ssh-keygen
-%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
-%attr(0755,root,root) %dir %{_libexecdir}/openssh
-%attr(4711,root,root) %{_libexecdir}/openssh/ssh-keysign
-%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
-%endif
-%if %{scard}
-%attr(0755,root,root) %dir %{_datadir}/openssh
-%attr(0644,root,root) %{_datadir}/openssh/Ssh.bin
-%endif
-
-%files clients
-%defattr(-,root,root)
-%attr(0755,root,root) %{_bindir}/ssh
-%attr(0644,root,root) %{_mandir}/man1/ssh.1*
-%attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
-%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
-%attr(-,root,root) %{_bindir}/slogin
-%attr(-,root,root) %{_mandir}/man1/slogin.1*
-%if ! %{rescue}
-%attr(2755,root,nobody) %{_bindir}/ssh-agent
-%attr(0755,root,root) %{_bindir}/ssh-add
-%attr(0755,root,root) %{_bindir}/ssh-keyscan
-%attr(0755,root,root) %{_bindir}/sftp
-%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
-%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
-%attr(0644,root,root) %{_mandir}/man1/sftp.1*
-%endif
-
-%if ! %{rescue}
-%files server
-%defattr(-,root,root)
-%dir %attr(0111,root,root) %{_var}/empty/sshd
-%attr(0755,root,root) %{_sbindir}/sshd
-%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
-%attr(0644,root,root) %{_mandir}/man8/sshd.8*
-%attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
-%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
-%attr(0755,root,root) %dir %{_sysconfdir}/ssh
-%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
-%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
-%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
-%endif
-
-%if ! %{no_x11_askpass}
-%files askpass
-%defattr(-,root,root)
-%doc x11-ssh-askpass-%{aversion}/README
-%doc x11-ssh-askpass-%{aversion}/ChangeLog
-%doc x11-ssh-askpass-%{aversion}/SshAskpass*.ad
-%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass
-%attr(0755,root,root) %{_libexecdir}/openssh/x11-ssh-askpass
-%endif
-
-%if ! %{no_gnome_askpass}
-%files askpass-gnome
-%defattr(-,root,root)
-%attr(0755,root,root) %config %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
-%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
-%endif
-
-%changelog
-* Mon Jun 2 2003 Damien Miller <djm@mindrot.org>
-- Remove noip6 option. This may be controlled at run-time in client config
- file using new AddressFamily directive
-
-* Mon May 12 2003 Damien Miller <djm@mindrot.org>
-- Don't install profile.d scripts when not building with GNOME/GTK askpass
- (patch from bet@rahul.net)
-
-* Wed Oct 01 2002 Damien Miller <djm@mindrot.org>
-- Install ssh-agent setgid nobody to prevent ptrace() key theft attacks
-
-* Mon Sep 30 2002 Damien Miller <djm@mindrot.org>
-- Use contrib/ Makefile for building askpass programs
-
-* Fri Jun 21 2002 Damien Miller <djm@mindrot.org>
-- Merge in spec changes from seba@iq.pl (Sebastian Pachuta)
-- Add new {ssh,sshd}_config.5 manpages
-- Add new ssh-keysign program and remove setuid from ssh client
-
-* Fri May 10 2002 Damien Miller <djm@mindrot.org>
-- Merge in spec changes from RedHat, reorgansie a little
-- Add Privsep user, group and directory
-
-* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-2
-- bump and grind (through the build system)
-
-* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-1
-- require sharutils for building (mindrot #137)
-- require db1-devel only when building for 6.x (#55105), which probably won't
- work anyway (3.1 requires OpenSSL 0.9.6 to build), but what the heck
-- require pam-devel by file (not by package name) again
-- add Markus's patch to compile with OpenSSL 0.9.5a (from
- http://bugzilla.mindrot.org/show_bug.cgi?id=141) and apply it if we're
- building for 6.x
-
-* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-0
-- update to 3.1p1
-
-* Tue Mar 5 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020305
-- update to SNAP-20020305
-- drop debug patch, fixed upstream
-
-* Wed Feb 20 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020220
-- update to SNAP-20020220 for testing purposes (you've been warned, if there's
- anything to be warned about, gss patches won't apply, I don't mind)
-
-* Wed Feb 13 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-3
-- add patches from Simon Wilkinson and Nicolas Williams for GSSAPI key
- exchange, authentication, and named key support
-
-* Wed Jan 23 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-2
-- remove dependency on db1-devel, which has just been swallowed up whole
- by gnome-libs-devel
-
-* Sun Dec 29 2001 Nalin Dahyabhai <nalin@redhat.com>
-- adjust build dependencies so that build6x actually works right (fix
- from Hugo van der Kooij)
-
-* Tue Dec 4 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-1
-- update to 3.0.2p1
-
-* Fri Nov 16 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.1p1-1
-- update to 3.0.1p1
-
-* Tue Nov 13 2001 Nalin Dahyabhai <nalin@redhat.com>
-- update to current CVS (not for use in distribution)
-
-* Thu Nov 8 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0p1-1
-- merge some of Damien Miller <djm@mindrot.org> changes from the upstream
- 3.0p1 spec file and init script
-
-* Wed Nov 7 2001 Nalin Dahyabhai <nalin@redhat.com>
-- update to 3.0p1
-- update to x11-ssh-askpass 1.2.4.1
-- change build dependency on a file from pam-devel to the pam-devel package
-- replace primes with moduli
-
-* Thu Sep 27 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-9
-- incorporate fix from Markus Friedl's advisory for IP-based authorization bugs
-
-* Thu Sep 13 2001 Bernhard Rosenkraenzer <bero@redhat.com> 2.9p2-8
-- Merge changes to rescue build from current sysadmin survival cd
-
-* Thu Sep 6 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-7
-- fix scp's server's reporting of file sizes, and build with the proper
- preprocessor define to get large-file capable open(), stat(), etc.
- (sftp has been doing this correctly all along) (#51827)
-- configure without --with-ipv4-default on RHL 7.x and newer (#45987,#52247)
-- pull cvs patch to fix support for /etc/nologin for non-PAM logins (#47298)
-- mark profile.d scriptlets as config files (#42337)
-- refer to Jason Stone's mail for zsh workaround for exit-hanging quasi-bug
-- change a couple of log() statements to debug() statements (#50751)
-- pull cvs patch to add -t flag to sshd (#28611)
-- clear fd_sets correctly (one bit per FD, not one byte per FD) (#43221)
-
-* Mon Aug 20 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-6
-- add db1-devel as a BuildPrerequisite (noted by Hans Ecke)
-
-* Thu Aug 16 2001 Nalin Dahyabhai <nalin@redhat.com>
-- pull cvs patch to fix remote port forwarding with protocol 2
-
-* Thu Aug 9 2001 Nalin Dahyabhai <nalin@redhat.com>
-- pull cvs patch to add session initialization to no-pty sessions
-- pull cvs patch to not cut off challengeresponse auth needlessly
-- refuse to do X11 forwarding if xauth isn't there, handy if you enable
- it by default on a system that doesn't have X installed (#49263)
-
-* Wed Aug 8 2001 Nalin Dahyabhai <nalin@redhat.com>
-- don't apply patches to code we don't intend to build (spotted by Matt Galgoci)
-
-* Mon Aug 6 2001 Nalin Dahyabhai <nalin@redhat.com>
-- pass OPTIONS correctly to initlog (#50151)
-
-* Wed Jul 25 2001 Nalin Dahyabhai <nalin@redhat.com>
-- switch to x11-ssh-askpass 1.2.2
-
-* Wed Jul 11 2001 Nalin Dahyabhai <nalin@redhat.com>
-- rebuild in new environment
-
-* Mon Jun 25 2001 Nalin Dahyabhai <nalin@redhat.com>
-- disable the gssapi patch
-
-* Mon Jun 18 2001 Nalin Dahyabhai <nalin@redhat.com>
-- update to 2.9p2
-- refresh to a new version of the gssapi patch
-
-* Thu Jun 7 2001 Nalin Dahyabhai <nalin@redhat.com>
-- change Copyright: BSD to License: BSD
-- add Markus Friedl's unverified patch for the cookie file deletion problem
- so that we can verify it
-- drop patch to check if xauth is present (was folded into cookie patch)
-- don't apply gssapi patches for the errata candidate
-- clear supplemental groups list at startup
-
-* Fri May 25 2001 Nalin Dahyabhai <nalin@redhat.com>
-- fix an error parsing the new default sshd_config
-- add a fix from Markus Friedl (via openssh-unix-dev) for ssh-keygen not
- dealing with comments right
-
-* Thu May 24 2001 Nalin Dahyabhai <nalin@redhat.com>
-- add in Simon Wilkinson's GSSAPI patch to give it some testing in-house,
- to be removed before the next beta cycle because it's a big departure
- from the upstream version
-
-* Thu May 3 2001 Nalin Dahyabhai <nalin@redhat.com>
-- finish marking strings in the init script for translation
-- modify init script to source /etc/sysconfig/sshd and pass $OPTIONS to sshd
- at startup (change merged from openssh.com init script, originally by
- Pekka Savola)
-- refuse to do X11 forwarding if xauth isn't there, handy if you enable
- it by default on a system that doesn't have X installed
-
-* Wed May 2 2001 Nalin Dahyabhai <nalin@redhat.com>
-- update to 2.9
-- drop various patches that came from or went upstream or to or from CVS
-
-* Wed Apr 18 2001 Nalin Dahyabhai <nalin@redhat.com>
-- only require initscripts 5.00 on 6.2 (reported by Peter Bieringer)
-
-* Sun Apr 8 2001 Preston Brown <pbrown@redhat.com>
-- remove explicit openssl requirement, fixes builddistro issue
-- make initscript stop() function wait until sshd really dead to avoid
- races in condrestart
-
-* Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com>
-- mention that challengereponse supports PAM, so disabling password doesn't
- limit users to pubkey and rsa auth (#34378)
-- bypass the daemon() function in the init script and call initlog directly,
- because daemon() won't start a daemon it detects is already running (like
- open connections)
-- require the version of openssl we had when we were built
-
-* Fri Mar 23 2001 Nalin Dahyabhai <nalin@redhat.com>
-- make do_pam_setcred() smart enough to know when to establish creds and
- when to reinitialize them
-- add in a couple of other fixes from Damien for inclusion in the errata
-
-* Thu Mar 22 2001 Nalin Dahyabhai <nalin@redhat.com>
-- update to 2.5.2p2
-- call setcred() again after initgroups, because the "creds" could actually
- be group memberships
-
-* Tue Mar 20 2001 Nalin Dahyabhai <nalin@redhat.com>
-- update to 2.5.2p1 (includes endianness fixes in the rijndael implementation)
-- don't enable challenge-response by default until we find a way to not
- have too many userauth requests (we may make up to six pubkey and up to
- three password attempts as it is)
-- remove build dependency on rsh to match openssh.com's packages more closely
-
-* Sat Mar 3 2001 Nalin Dahyabhai <nalin@redhat.com>
-- remove dependency on openssl -- would need to be too precise
-
-* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com>
-- rebuild in new environment
-
-* Mon Feb 26 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Revert the patch to move pam_open_session.
-- Init script and spec file changes from Pekka Savola. (#28750)
-- Patch sftp to recognize '-o protocol' arguments. (#29540)
-
-* Thu Feb 22 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Chuck the closing patch.
-- Add a trigger to add host keys for protocol 2 to the config file, now that
- configuration file syntax requires us to specify it with HostKey if we
- specify any other HostKey values, which we do.
-
-* Tue Feb 20 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Redo patch to move pam_open_session after the server setuid()s to the user.
-- Rework the nopam patch to use be picked up by autoconf.
-
-* Mon Feb 19 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Update for 2.5.1p1.
-- Add init script mods from Pekka Savola.
-- Tweak the init script to match the CVS contrib script more closely.
-- Redo patch to ssh-add to try to adding both identity and id_dsa to also try
- adding id_rsa.
-
-* Fri Feb 16 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Update for 2.5.0p1.
-- Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass
-- Resync with parts of Damien Miller's openssh.spec from CVS, including
- update of x11 askpass to 1.2.0.
-- Only require openssl (don't prereq) because we generate keys in the init
- script now.
-
-* Tue Feb 13 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Don't open a PAM session until we've forked and become the user (#25690).
-- Apply Andrew Bartlett's patch for letting pam_authenticate() know which
- host the user is attempting a login from.
-- Resync with parts of Damien Miller's openssh.spec from CVS.
-- Don't expose KbdInt responses in debug messages (from CVS).
-- Detect and handle errors in rsa_{public,private}_decrypt (from CVS).
-
-* Wed Feb 7 2001 Trond Eivind Glomsrxd <teg@redhat.com>
-- i18n-tweak to initscript.
-
-* Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com>
-- More gettextizing.
-- Close all files after going into daemon mode (needs more testing).
-- Extract patch from CVS to handle auth banners (in the client).
-- Extract patch from CVS to handle compat weirdness.
-
-* Fri Jan 19 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Finish with the gettextizing.
-
-* Thu Jan 18 2001 Nalin Dahyabhai <nalin@redhat.com>
-- Fix a bug in auth2-pam.c (#23877)
-- Gettextize the init script.
-
-* Wed Dec 20 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Incorporate a switch for using PAM configs for 6.x, just in case.
-
-* Tue Dec 5 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Incorporate Bero's changes for a build specifically for rescue CDs.
-
-* Wed Nov 29 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Don't treat pam_setcred() failure as fatal unless pam_authenticate() has
- succeeded, to allow public-key authentication after a failure with "none"
- authentication. (#21268)
-
-* Tue Nov 28 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to x11-askpass 1.1.1. (#21301)
-- Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290)
-
-* Mon Nov 27 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Merge multiple PAM text messages into subsequent prompts when possible when
- doing keyboard-interactive authentication.
-
-* Sun Nov 26 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Disable the built-in MD5 password support. We're using PAM.
-- Take a crack at doing keyboard-interactive authentication with PAM, and
- enable use of it in the default client configuration so that the client
- will try it when the server disallows password authentication.
-- Build with debugging flags. Build root policies strip all binaries anyway.
-
-* Tue Nov 21 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Use DESTDIR instead of %%makeinstall.
-- Remove /usr/X11R6/bin from the path-fixing patch.
-
-* Mon Nov 20 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Add the primes file from the latest snapshot to the main package (#20884).
-- Add the dev package to the prereq list (#19984).
-- Remove the default path and mimic login's behavior in the server itself.
-
-* Fri Nov 17 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Resync with conditional options in Damien Miller's .spec file for an errata.
-- Change libexecdir from %%{_libexecdir}/ssh to %%{_libexecdir}/openssh.
-
-* Tue Nov 7 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to OpenSSH 2.3.0p1.
-- Update to x11-askpass 1.1.0.
-- Enable keyboard-interactive authentication.
-
-* Mon Oct 30 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to ssh-askpass-x11 1.0.3.
-- Change authentication related messages to be private (#19966).
-
-* Tue Oct 10 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Patch ssh-keygen to be able to list signatures for DSA public key files
- it generates.
-
-* Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always
- build PAM authentication in.
-- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.
-- Clean out no-longer-used patches.
-- Patch ssh-add to try to add both identity and id_dsa, and to error only
- when neither exists.
-
-* Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update x11-askpass to 1.0.2. (#17835)
-- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will
- always find them in the right place. (#17909)
-- Set the default path to be the same as the one supplied by /bin/login, but
- add /usr/X11R6/bin. (#17909)
-- Try to handle obsoletion of ssh-server more cleanly. Package names
- are different, but init script name isn't. (#17865)
-
-* Wed Sep 6 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to 2.2.0p1. (#17835)
-- Tweak the init script to allow proper restarting. (#18023)
-
-* Wed Aug 23 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to 20000823 snapshot.
-- Change subpackage requirements from %%{version} to %%{version}-%%{release}
-- Back out the pipe patch.
-
-* Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to 2.1.1p4, which includes fixes for config file parsing problems.
-- Move the init script back.
-- Add Damien's quick fix for wackiness.
-
-* Wed Jul 12 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to 2.1.1p3, which includes fixes for X11 forwarding and strtok().
-
-* Thu Jul 6 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Move condrestart to server postun.
-- Move key generation to init script.
-- Actually use the right patch for moving the key generation to the init script.
-- Clean up the init script a bit.
-
-* Wed Jul 5 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Fix X11 forwarding, from mail post by Chan Shih-Ping Richard.
-
-* Sun Jul 2 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to 2.1.1p2.
-- Use of strtok() considered harmful.
-
-* Sat Jul 1 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Get the build root out of the man pages.
-
-* Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Add and use condrestart support in the init script.
-- Add newer initscripts as a prereq.
-
-* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Build in new environment (release 2)
-- Move -clients subpackage to Applications/Internet group
-
-* Fri Jun 9 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Update to 2.2.1p1
-
-* Sat Jun 3 2000 Nalin Dahyabhai <nalin@redhat.com>
-- Patch to build with neither RSA nor RSAref.
-- Miscellaneous FHS-compliance tweaks.
-- Fix for possibly-compressed man pages.
-
-* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
-- Updated for new location
-- Updated for new gnome-ssh-askpass build
-
-* Sun Dec 26 1999 Damien Miller <djm@mindrot.org>
-- Added Jim Knoble's <jmknoble@pobox.com> askpass
-
-* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
-- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
-
-* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
-- Added 'Obsoletes' directives
-
-* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
-- Use make install
-- Subpackages
-
-* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
-- Added links for slogin
-- Fixed perms on manpages
-
-* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
-- Renamed init script
-
-* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
-- Back to old binary names
-
-* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
-- Use autoconf
-- New binary names
-
-* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
-- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
diff --git a/crypto/openssh/contrib/redhat/sshd.init b/crypto/openssh/contrib/redhat/sshd.init
deleted file mode 100755
index 4ee8630c3954..000000000000
--- a/crypto/openssh/contrib/redhat/sshd.init
+++ /dev/null
@@ -1,154 +0,0 @@
-#!/bin/bash
-#
-# Init file for OpenSSH server daemon
-#
-# chkconfig: 2345 55 25
-# description: OpenSSH server daemon
-#
-# processname: sshd
-# config: /etc/ssh/ssh_host_key
-# config: /etc/ssh/ssh_host_key.pub
-# config: /etc/ssh/ssh_random_seed
-# config: /etc/ssh/sshd_config
-# pidfile: /var/run/sshd.pid
-
-# source function library
-. /etc/rc.d/init.d/functions
-
-# pull in sysconfig settings
-[ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd
-
-RETVAL=0
-prog="sshd"
-
-# Some functions to make the below more readable
-KEYGEN=/usr/bin/ssh-keygen
-SSHD=/usr/sbin/sshd
-RSA1_KEY=/etc/ssh/ssh_host_key
-RSA_KEY=/etc/ssh/ssh_host_rsa_key
-DSA_KEY=/etc/ssh/ssh_host_dsa_key
-PID_FILE=/var/run/sshd.pid
-
-do_rsa1_keygen() {
- if [ ! -s $RSA1_KEY ]; then
- echo -n $"Generating SSH1 RSA host key: "
- if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
- chmod 600 $RSA1_KEY
- chmod 644 $RSA1_KEY.pub
- success $"RSA1 key generation"
- echo
- else
- failure $"RSA1 key generation"
- echo
- exit 1
- fi
- fi
-}
-
-do_rsa_keygen() {
- if [ ! -s $RSA_KEY ]; then
- echo -n $"Generating SSH2 RSA host key: "
- if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
- chmod 600 $RSA_KEY
- chmod 644 $RSA_KEY.pub
- success $"RSA key generation"
- echo
- else
- failure $"RSA key generation"
- echo
- exit 1
- fi
- fi
-}
-
-do_dsa_keygen() {
- if [ ! -s $DSA_KEY ]; then
- echo -n $"Generating SSH2 DSA host key: "
- if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
- chmod 600 $DSA_KEY
- chmod 644 $DSA_KEY.pub
- success $"DSA key generation"
- echo
- else
- failure $"DSA key generation"
- echo
- exit 1
- fi
- fi
-}
-
-do_restart_sanity_check()
-{
- $SSHD -t
- RETVAL=$?
- if [ ! "$RETVAL" = 0 ]; then
- failure $"Configuration file or keys are invalid"
- echo
- fi
-}
-
-start()
-{
- # Create keys if necessary
- do_rsa1_keygen
- do_rsa_keygen
- do_dsa_keygen
-
- echo -n $"Starting $prog:"
- initlog -c "$SSHD $OPTIONS" && success || failure
- RETVAL=$?
- [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd
- echo
-}
-
-stop()
-{
- echo -n $"Stopping $prog:"
- killproc $SSHD -TERM
- RETVAL=$?
- [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd
- echo
-}
-
-reload()
-{
- echo -n $"Reloading $prog:"
- killproc $SSHD -HUP
- RETVAL=$?
- echo
-}
-
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- restart)
- stop
- start
- ;;
- reload)
- reload
- ;;
- condrestart)
- if [ -f /var/lock/subsys/sshd ] ; then
- do_restart_sanity_check
- if [ "$RETVAL" = 0 ] ; then
- stop
- # avoid race
- sleep 3
- start
- fi
- fi
- ;;
- status)
- status $SSHD
- RETVAL=$?
- ;;
- *)
- echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}"
- RETVAL=1
-esac
-exit $RETVAL
diff --git a/crypto/openssh/contrib/redhat/sshd.pam b/crypto/openssh/contrib/redhat/sshd.pam
deleted file mode 100644
index 24f3b46516eb..000000000000
--- a/crypto/openssh/contrib/redhat/sshd.pam
+++ /dev/null
@@ -1,8 +0,0 @@
-#%PAM-1.0
-auth required pam_stack.so service=system-auth
-auth required pam_nologin.so
-account required pam_stack.so service=system-auth
-password required pam_stack.so service=system-auth
-session required pam_stack.so service=system-auth
-session required pam_limits.so
-session optional pam_console.so
diff --git a/crypto/openssh/contrib/solaris/README b/crypto/openssh/contrib/solaris/README
deleted file mode 100755
index eb4c590f4eaa..000000000000
--- a/crypto/openssh/contrib/solaris/README
+++ /dev/null
@@ -1,24 +0,0 @@
-The following is a new package build script for Solaris. This is being
-introduced into OpenSSH 3.0 and above in hopes of simplifying the build
-process. As of 3.1p2 the script should work on all platforms that have
-SVR4 style package tools.
-
-The build process is called a 'dummy install'.. Which means the software does
-a "make install-nokeys DESTDIR=[fakeroot]". This way all manpages should
-be handled correctly and key are defered until the first time the sshd
-is started.
-
-Directions:
-
-1. make -F Makefile.in distprep (Only if you are getting from the CVS tree)
-2. ./configure --with-pam [..any other options you want..]
-3. look at the top of contrib/solaris/buildpkg.sh for the configurable options.
-4. ./contrib/solaris/buildpkg.sh
-
-If all goes well you should have a solaris package ready to be installed.
-
-If you have any problems with this script please post them to
-openssh-unix-dev@mindrot.org and I will try to assist you as best as I can.
-
-- Ben Lindstrom
-
diff --git a/crypto/openssh/contrib/solaris/buildpkg.sh b/crypto/openssh/contrib/solaris/buildpkg.sh
deleted file mode 100755
index 29d096306488..000000000000
--- a/crypto/openssh/contrib/solaris/buildpkg.sh
+++ /dev/null
@@ -1,386 +0,0 @@
-#!/bin/sh
-#
-# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
-#
-# The following code has been provide under Public Domain License. I really
-# don't care what you use it for. Just as long as you don't complain to me
-# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
-#
-umask 022
-#
-# Options for building the package
-# You can create a config.local with your customized options
-#
-# uncommenting TEST_DIR and using
-# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
-# and
-# PKGNAME=tOpenSSH should allow testing a package without interfering
-# with a real OpenSSH package on a system. This is not needed on systems
-# that support the -R option to pkgadd.
-#TEST_DIR=/var/tmp # leave commented out for production build
-PKGNAME=OpenSSH
-SYSVINIT_NAME=opensshd
-MAKE=${MAKE:="make"}
-SSHDUID=67 # Default privsep uid
-SSHDGID=67 # Default privsep gid
-# uncomment these next three as needed
-#PERMIT_ROOT_LOGIN=no
-#X11_FORWARDING=yes
-#USR_LOCAL_IS_SYMLINK=yes
-# list of system directories we do NOT want to change owner/group/perms
-# when installing our package
-SYSTEM_DIR="/etc \
-/etc/init.d \
-/etc/rcS.d \
-/etc/rc0.d \
-/etc/rc1.d \
-/etc/rc2.d \
-/etc/opt \
-/opt \
-/opt/bin \
-/usr \
-/usr/bin \
-/usr/lib \
-/usr/sbin \
-/usr/share \
-/usr/share/man \
-/usr/share/man/man1 \
-/usr/share/man/man8 \
-/usr/local \
-/usr/local/bin \
-/usr/local/etc \
-/usr/local/libexec \
-/usr/local/man \
-/usr/local/man/man1 \
-/usr/local/man/man8 \
-/usr/local/sbin \
-/usr/local/share \
-/var \
-/var/opt \
-/var/run \
-/var/tmp \
-/tmp"
-
-# We may need to build as root so we make sure PATH is set up
-# only set the path if it's not set already
-[ -d /usr/local/bin ] && {
- echo $PATH | grep ":/usr/local/bin" > /dev/null 2>&1
- [ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
-}
-[ -d /usr/ccs/bin ] && {
- echo $PATH | grep ":/usr/ccs/bin" > /dev/null 2>&1
- [ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
-}
-export PATH
-#
-
-[ -f Makefile ] || {
- echo "Please run this script from your build directory"
- exit 1
-}
-
-# we will look for config.local to override the above options
-[ -s ./config.local ] && . ./config.local
-
-## Start by faking root install
-echo "Faking root install..."
-START=`pwd`
-OPENSSHD_IN=`dirname $0`/opensshd.in
-FAKE_ROOT=$START/package
-[ -d $FAKE_ROOT ] && rm -fr $FAKE_ROOT
-mkdir $FAKE_ROOT
-${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
-if [ $? -gt 0 ]
-then
- echo "Fake root install failed, stopping."
- exit 1
-fi
-
-## Fill in some details, like prefix and sysconfdir
-for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir
-do
- eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
-done
-
-
-## Collect value of privsep user
-for confvar in SSH_PRIVSEP_USER
-do
- eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
-done
-
-## Set privsep defaults if not defined
-if [ -z "$SSH_PRIVSEP_USER" ]
-then
- SSH_PRIVSEP_USER=sshd
-fi
-
-## Extract common info requires for the 'info' part of the package.
-VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
-
-UNAME_S=`uname -s`
-case ${UNAME_S} in
- SunOS) UNAME_S=Solaris
- ARCH=`uname -p`
- RCS_D=yes
- DEF_MSG="(default: n)"
- ;;
- *) ARCH=`uname -m`
- DEF_MSG="\n" ;;
-esac
-
-## Setup our run level stuff while we are at it.
-mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
-
-## setup our initscript correctly
-sed -e "s#%%configDir%%#${sysconfdir}#g" \
- -e "s#%%openSSHDir%%#$prefix#g" \
- -e "s#%%pidDir%%#${piddir}#g" \
- ${OPENSSHD_IN} > $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
-chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
-
-[ "${PERMIT_ROOT_LOGIN}" = no ] && \
- perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
-[ "${X11_FORWARDING}" = yes ] && \
- perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
-# fix PrintMotd
-perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
- $FAKE_ROOT/${sysconfdir}/sshd_config
-
-# We don't want to overwrite config files on multiple installs
-mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
-mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
-[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ] && \
-mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
-
-cd $FAKE_ROOT
-
-## Ok, this is outright wrong, but it will work. I'm tired of pkgmk
-## whining.
-for i in *; do
- PROTO_ARGS="$PROTO_ARGS $i=/$i";
-done
-
-## Build info file
-echo "Building pkginfo file..."
-cat > pkginfo << _EOF
-PKG=$PKGNAME
-NAME="OpenSSH Portable for ${UNAME_S}"
-DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
-VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
-ARCH=$ARCH
-VERSION=$VERSION
-CATEGORY="Security,application"
-BASEDIR=/
-CLASSES="none"
-_EOF
-
-## Build preinstall file
-echo "Building preinstall file..."
-cat > preinstall << _EOF
-#! /sbin/sh
-#
-[ "\${PRE_INS_STOP}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
-exit 0
-_EOF
-
-## Build postinstall file
-echo "Building postinstall file..."
-cat > postinstall << _EOF
-#! /sbin/sh
-#
-[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ] || \\
- cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
- \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
-[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
- cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
- \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
-[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
- [ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
- cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
- \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
-}
-
-# make rc?.d dirs only if we are doing a test install
-[ -n "${TEST_DIR}" ] && {
- [ "$RCS_D" = yes ] && mkdir -p ${TEST_DIR}/etc/rcS.d
- mkdir -p ${TEST_DIR}/etc/rc0.d
- mkdir -p ${TEST_DIR}/etc/rc1.d
- mkdir -p ${TEST_DIR}/etc/rc2.d
-}
-
-if [ "\${USE_SYM_LINKS}" = yes ]
-then
- [ "$RCS_D" = yes ] && \
-installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
- installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
- installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
- installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
-else
- [ "$RCS_D" = yes ] && \
-installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
- installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
- installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
- installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME}=$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
-fi
-
-# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
-[ -d $piddir ] || installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 755 root sys
-
-installf -f ${PKGNAME}
-
-# Use chroot to handle PKG_INSTALL_ROOT
-if [ ! -z "\${PKG_INSTALL_ROOT}" ]
-then
- chroot="chroot \${PKG_INSTALL_ROOT}"
-fi
-# If this is a test build, we will skip the groupadd/useradd/passwd commands
-if [ ! -z "${TEST_DIR}" ]
-then
- chroot=echo
-fi
-
-if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
-then
- echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
- echo "or group."
-else
- echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
-
- # create group if required
- if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
- then
- echo "PrivSep group $SSH_PRIVSEP_USER already exists."
- else
- # Use gid of 67 if possible
- if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
- then
- :
- else
- sshdgid="-g $SSHDGID"
- fi
- echo "Creating PrivSep group $SSH_PRIVSEP_USER."
- \$chroot /usr/sbin/groupadd \$sshdgid $SSH_PRIVSEP_USER
- fi
-
- # Create user if required
- if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
- then
- echo "PrivSep user $SSH_PRIVSEP_USER already exists."
- else
- # Use uid of 67 if possible
- if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDGID'\$' >/dev/null
- then
- :
- else
- sshduid="-u $SSHDUID"
- fi
- echo "Creating PrivSep user $SSH_PRIVSEP_USER."
- \$chroot /usr/sbin/useradd -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
- \$chroot /usr/bin/passwd -l $SSH_PRIVSEP_USER
- fi
-fi
-
-[ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
-exit 0
-_EOF
-
-## Build preremove file
-echo "Building preremove file..."
-cat > preremove << _EOF
-#! /sbin/sh
-#
-${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
-exit 0
-_EOF
-
-## Build request file
-echo "Building request file..."
-cat > request << _EOF
-trap 'exit 3' 15
-USE_SYM_LINKS=no
-PRE_INS_STOP=no
-POST_INS_START=no
-# Use symbolic links?
-ans=\`ckyorn -d n \
--p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
-case \$ans in
- [y,Y]*) USE_SYM_LINKS=yes ;;
-esac
-
-# determine if should restart the daemon
-if [ -s ${piddir}/sshd.pid -a -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
-then
- ans=\`ckyorn -d n \
--p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
- case \$ans in
- [y,Y]*) PRE_INS_STOP=yes
- POST_INS_START=yes
- ;;
- esac
-
-else
-
-# determine if we should start sshd
- ans=\`ckyorn -d n \
--p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
- case \$ans in
- [y,Y]*) POST_INS_START=yes ;;
- esac
-fi
-
-# make parameters available to installation service,
-# and so to any other packaging scripts
-cat >\$1 <<!
-USE_SYM_LINKS='\$USE_SYM_LINKS'
-PRE_INS_STOP='\$PRE_INS_STOP'
-POST_INS_START='\$POST_INS_START'
-!
-exit 0
-
-_EOF
-
-## Build space file
-echo "Building space file..."
-cat > space << _EOF
-# extra space required by start/stop links added by installf in postinstall
-$TEST_DIR/etc/rc0.d/K30${SYSVINIT_NAME} 0 1
-$TEST_DIR/etc/rc1.d/K30${SYSVINIT_NAME} 0 1
-$TEST_DIR/etc/rc2.d/S98${SYSVINIT_NAME} 0 1
-_EOF
-[ "$RCS_D" = yes ] && \
-echo "$TEST_DIR/etc/rcS.d/K30${SYSVINIT_NAME} 0 1" >> space
-
-## Next Build our prototype
-echo "Building prototype file..."
-cat >mk-proto.awk << _EOF
- BEGIN { print "i pkginfo"; print "i preinstall"; \\
- print "i postinstall"; print "i preremove"; \\
- print "i request"; print "i space"; \\
- split("$SYSTEM_DIR",sys_files); }
- {
- for (dir in sys_files) { if ( \$3 != sys_files[dir] )
- { \$5="root"; \$6="sys"; }
- else
- { \$4="?"; \$5="?"; \$6="?"; break;}
- } }
- { print; }
-_EOF
-find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
- pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
-
-# /usr/local is a symlink on some systems
-[ "${USR_LOCAL_IS_SYMLINK}" = yes ] && {
- grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
- mv prototype.new prototype
-}
-
-## Step back a directory and now build the package.
-echo "Building package.."
-cd ..
-pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
-echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$UNAME_S-$ARCH-$VERSION.pkg
-rm -rf $FAKE_ROOT
-
diff --git a/crypto/openssh/contrib/solaris/opensshd.in b/crypto/openssh/contrib/solaris/opensshd.in
deleted file mode 100755
index 50e18deea314..000000000000
--- a/crypto/openssh/contrib/solaris/opensshd.in
+++ /dev/null
@@ -1,82 +0,0 @@
-#!/sbin/sh
-# Donated code that was put under PD license.
-#
-# Stripped PRNGd out of it for the time being.
-
-umask 022
-
-CAT=/usr/bin/cat
-KILL=/usr/bin/kill
-
-prefix=%%openSSHDir%%
-etcdir=%%configDir%%
-piddir=%%pidDir%%
-
-SSHD=$prefix/sbin/sshd
-PIDFILE=$piddir/sshd.pid
-SSH_KEYGEN=$prefix/bin/ssh-keygen
-HOST_KEY_RSA1=$etcdir/ssh_host_key
-HOST_KEY_DSA=$etcdir/ssh_host_dsa_key
-HOST_KEY_RSA=$etcdir/ssh_host_rsa_key
-
-
-checkkeys() {
- if [ ! -f $HOST_KEY_RSA1 ]; then
- ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
- fi
- if [ ! -f $HOST_KEY_DSA ]; then
- ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
- fi
- if [ ! -f $HOST_KEY_RSA ]; then
- ${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N ""
- fi
-}
-
-stop_service() {
- if [ -r $PIDFILE -a ! -z ${PIDFILE} ]; then
- PID=`${CAT} ${PIDFILE}`
- fi
- if [ ${PID:=0} -gt 1 -a ! "X$PID" = "X " ]; then
- ${KILL} ${PID}
- else
- echo "Unable to read PID file"
- fi
-}
-
-start_service() {
- # XXX We really should check if the service is already going, but
- # XXX we will opt out at this time. - Bal
-
- # Check to see if we have keys that need to be made
- checkkeys
-
- # Start SSHD
- echo "starting $SSHD... \c" ; $SSHD
-
- sshd_rc=$?
- if [ $sshd_rc -ne 0 ]; then
- echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing."
- exit $sshd_rc
- fi
- echo done.
-}
-
-case $1 in
-
-'start')
- start_service
- ;;
-
-'stop')
- stop_service
- ;;
-
-'restart')
- stop_service
- start_service
- ;;
-
-*)
- echo "$0: usage: $0 {start|stop|restart}"
- ;;
-esac
diff --git a/crypto/openssh/contrib/ssh-copy-id b/crypto/openssh/contrib/ssh-copy-id
deleted file mode 100644
index a1c0a9234316..000000000000
--- a/crypto/openssh/contrib/ssh-copy-id
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/sh
-
-# Shell script to install your identity.pub on a remote machine
-# Takes the remote machine name as an argument.
-# Obviously, the remote machine must accept password authentication,
-# or one of the other keys in your ssh-agent, for this to work.
-
-ID_FILE="${HOME}/.ssh/identity.pub"
-
-if [ "-i" = "$1" ]; then
- shift
- # check if we have 2 parameters left, if so the first is the new ID file
- if [ -n "$2" ]; then
- if expr "$1" : ".*\.pub" ; then
- ID_FILE="$1"
- else
- ID_FILE="$1.pub"
- fi
- shift # and this should leave $1 as the target name
- fi
-else
- if [ x$SSH_AUTH_SOCK != x ] ; then
- GET_ID="$GET_ID ssh-add -L"
- fi
-fi
-
-if [ -z "`eval $GET_ID`" -a -r "${ID_FILE}" ] ; then
- GET_ID="cat ${ID_FILE}"
-fi
-
-if [ -z "`eval $GET_ID`" ]; then
- echo "$0: ERROR: No identities found" >&2
- exit 1
-fi
-
-if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
- echo "Usage: $0 [-i [identity_file]] [user@]machine" >&2
- exit 1
-fi
-
-{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1
-
-cat <<EOF
-Now try logging into the machine, with "ssh '$1'", and check in:
-
- .ssh/authorized_keys
-
-to make sure we haven't added extra keys that you weren't expecting.
-
-EOF
diff --git a/crypto/openssh/contrib/ssh-copy-id.1 b/crypto/openssh/contrib/ssh-copy-id.1
deleted file mode 100644
index b331fa149e9e..000000000000
--- a/crypto/openssh/contrib/ssh-copy-id.1
+++ /dev/null
@@ -1,67 +0,0 @@
-.ig \" -*- nroff -*-
-Copyright (c) 1999 Philip Hands Computing <http://www.hands.com/>
-
-Permission is granted to make and distribute verbatim copies of
-this manual provided the copyright notice and this permission notice
-are preserved on all copies.
-
-Permission is granted to copy and distribute modified versions of this
-manual under the conditions for verbatim copying, provided that the
-entire resulting derived work is distributed under the terms of a
-permission notice identical to this one.
-
-Permission is granted to copy and distribute translations of this
-manual into another language, under the above conditions for modified
-versions, except that this permission notice may be included in
-translations approved by the Free Software Foundation instead of in
-the original English.
-..
-.TH SSH-COPY-ID 1 "14 November 1999" "OpenSSH"
-.SH NAME
-ssh-copy-id \- install your identity.pub in a remote machine's authorized_keys
-.SH SYNOPSIS
-.B ssh-copy-id [-i [identity_file]]
-.I "[user@]machine"
-.br
-.SH DESCRIPTION
-.BR ssh-copy-id
-is a script that uses ssh to log into a remote machine (presumably
-using a login password, so password authentication should be enabled,
-unless you've done some clever use of multiple identities)
-.PP
-It also changes the permissions of the remote user's home,
-.BR ~/.ssh ,
-and
-.B ~/.ssh/authorized_keys
-to remove group writability (which would otherwise prevent you from logging in, if the remote
-.B sshd
-has
-.B StrictModes
-set in its configuration).
-.PP
-If the
-.B -i
-option is given then the identity file (defaults to
-.BR ~/.ssh/identity.pub )
-is used, regardless of whether there are any keys in your
-.BR ssh-agent .
-Otherwise, if this:
-.PP
-.B " ssh-add -L"
-.PP
-provides any output, it uses that in preference to the identity file.
-.PP
-If the
-.B -i
-option is used, or the
-.B ssh-add
-produced no output, then it uses the contents of the identity
-file. Once it has one or more fingerprints (by whatever means) it
-uses ssh to append them to
-.B ~/.ssh/authorized_keys
-on the remote machine (creating the file, and directory, if necessary)
-
-.SH "SEE ALSO"
-.BR ssh (1),
-.BR ssh-agent (1),
-.BR sshd (8)
diff --git a/crypto/openssh/contrib/sshd.pam.freebsd b/crypto/openssh/contrib/sshd.pam.freebsd
deleted file mode 100644
index c0bc36410e40..000000000000
--- a/crypto/openssh/contrib/sshd.pam.freebsd
+++ /dev/null
@@ -1,5 +0,0 @@
-sshd auth required pam_unix.so try_first_pass
-sshd account required pam_unix.so
-sshd password required pam_permit.so
-sshd session required pam_permit.so
-
diff --git a/crypto/openssh/contrib/sshd.pam.generic b/crypto/openssh/contrib/sshd.pam.generic
deleted file mode 100644
index cf5af30248a9..000000000000
--- a/crypto/openssh/contrib/sshd.pam.generic
+++ /dev/null
@@ -1,8 +0,0 @@
-#%PAM-1.0
-auth required /lib/security/pam_unix.so shadow nodelay
-auth required /lib/security/pam_nologin.so
-account required /lib/security/pam_unix.so
-password required /lib/security/pam_cracklib.so
-password required /lib/security/pam_unix.so shadow nullok use_authtok
-session required /lib/security/pam_unix.so
-session required /lib/security/pam_limits.so
diff --git a/crypto/openssh/contrib/suse/openssh.spec b/crypto/openssh/contrib/suse/openssh.spec
deleted file mode 100644
index 2b43d0368abd..000000000000
--- a/crypto/openssh/contrib/suse/openssh.spec
+++ /dev/null
@@ -1,199 +0,0 @@
-Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
-Name: openssh
-Version: 3.8.1p1
-URL: http://www.openssh.com/
-Release: 1
-Source0: openssh-%{version}.tar.gz
-Copyright: BSD
-Group: Applications/Internet
-BuildRoot: /tmp/openssh-%{version}-buildroot
-PreReq: openssl
-Obsoletes: ssh
-#
-# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
-# building prerequisites -- stuff for
-# OpenSSL (openssl-devel),
-# TCP Wrappers (nkitb),
-# and Gnome (glibdev, gtkdev, and gnlibsd)
-#
-BuildPrereq: openssl
-BuildPrereq: nkitb
-BuildPrereq: glibdev
-BuildPrereq: gtkdev
-BuildPrereq: gnlibsd
-
-%description
-Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
-
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
-
-This package includes all files necessary for both the OpenSSH
-client and server. Additionally, this package contains the GNOME
-passphrase dialog.
-
-%changelog
-* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
-- Glob manpages to catch compressed files
-* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
-- Updated for new location
-- Updated for new gnome-ssh-askpass build
-* Sun Dec 26 1999 Chris Saia <csaia@wtower.com>
-- Made symlink to gnome-ssh-askpass called ssh-askpass
-* Wed Nov 24 1999 Chris Saia <csaia@wtower.com>
-- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and
- /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into
- his released tarfile
-- Changed permissions on ssh_config in the install procedure to 644 from 600
- even though it was correct in the %files section and thus right in the RPMs
-- Postinstall script for the server now only prints "Generating SSH host
- key..." if we need to actually do this, in order to eliminate a confusing
- message if an SSH host key is already in place
-- Marked all manual pages as %doc(umentation)
-* Mon Nov 22 1999 Chris Saia <csaia@wtower.com>
-- Added flag to configure daemon with TCP Wrappers support
-- Added building prerequisites (works in RPM 3.0 and newer)
-* Thu Nov 18 1999 Chris Saia <csaia@wtower.com>
-- Made this package correct for SuSE.
-- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly
- with SuSE, and lib_pwdb.so isn't installed by default.
-* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
-- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
-* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
-- Added 'Obsoletes' directives
-* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
-- Use make install
-- Subpackages
-* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
-- Added links for slogin
-- Fixed perms on manpages
-* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
-- Renamed init script
-* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
-- Back to old binary names
-* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
-- Use autoconf
-- New binary names
-* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
-- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
-
-%prep
-
-%setup -q
-
-%build
-CFLAGS="$RPM_OPT_FLAGS" \
-./configure --prefix=/usr \
- --sysconfdir=/etc/ssh \
- --datadir=/usr/share/openssh \
- --with-pam \
- --with-gnome-askpass \
- --with-tcp-wrappers \
- --with-ipv4-default \
- --libexecdir=/usr/lib/ssh
-make
-
-cd contrib
-gcc -O -g `gnome-config --cflags gnome gnomeui` \
- gnome-ssh-askpass.c -o gnome-ssh-askpass \
- `gnome-config --libs gnome gnomeui`
-cd ..
-
-%install
-rm -rf $RPM_BUILD_ROOT
-make install DESTDIR=$RPM_BUILD_ROOT/
-install -d $RPM_BUILD_ROOT/etc/ssh/
-install -d $RPM_BUILD_ROOT/etc/pam.d/
-install -d $RPM_BUILD_ROOT/sbin/init.d/
-install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
-install -d $RPM_BUILD_ROOT/usr/lib/ssh
-install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
-install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/sbin/init.d/sshd
-ln -s ../../sbin/init.d/sshd $RPM_BUILD_ROOT/usr/sbin/rcsshd
-install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/gnome-ssh-askpass
-ln -s gnome-ssh-askpass $RPM_BUILD_ROOT/usr/lib/ssh/ssh-askpass
-install -m744 contrib/suse/rc.config.sshd \
- $RPM_BUILD_ROOT/var/adm/fillup-templates
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-
-%post
-if [ "$1" = 1 ]; then
- echo "Creating SSH stop/start scripts in the rc directories..."
- ln -s ../sshd /sbin/init.d/rc2.d/K20sshd
- ln -s ../sshd /sbin/init.d/rc2.d/S20sshd
- ln -s ../sshd /sbin/init.d/rc3.d/K20sshd
- ln -s ../sshd /sbin/init.d/rc3.d/S20sshd
-fi
-echo "Updating /etc/rc.config..."
-if [ -x /bin/fillup ] ; then
- /bin/fillup -q -d = etc/rc.config var/adm/fillup-templates/rc.config.sshd
-else
- echo "ERROR: fillup not found. This should NOT happen in SuSE Linux."
- echo "Update /etc/rc.config by hand from the following template file:"
- echo " /var/adm/fillup-templates/rc.config.sshd"
-fi
-if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
- echo "Generating SSH host key..."
- /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
-fi
-if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
- echo "Generating SSH DSA host key..."
- /usr/bin/ssh-keygen -d -f /etc/ssh/ssh_host_dsa_key -N '' >&2
-fi
-if test -r /var/run/sshd.pid
-then
- echo "Restarting the running SSH daemon..."
- /usr/sbin/rcsshd restart >&2
-fi
-
-%preun
-if [ "$1" = 0 ]
-then
- echo "Stopping the SSH daemon..."
- /usr/sbin/rcsshd stop >&2
- echo "Removing SSH stop/start scripts from the rc directories..."
- rm /sbin/init.d/rc2.d/K20sshd
- rm /sbin/init.d/rc2.d/S20sshd
- rm /sbin/init.d/rc3.d/K20sshd
- rm /sbin/init.d/rc3.d/S20sshd
-fi
-
-%files
-%defattr(-,root,root)
-%doc ChangeLog OVERVIEW README*
-%doc RFC.nroff TODO CREDITS LICENCE
-%attr(0755,root,root) %dir /etc/ssh
-%attr(0644,root,root) %config /etc/ssh/ssh_config
-%attr(0600,root,root) %config /etc/ssh/sshd_config
-%attr(0600,root,root) %config /etc/ssh/moduli
-%attr(0644,root,root) %config /etc/pam.d/sshd
-%attr(0755,root,root) %config /sbin/init.d/sshd
-%attr(0755,root,root) /usr/bin/ssh-keygen
-%attr(0755,root,root) /usr/bin/scp
-%attr(4755,root,root) /usr/bin/ssh
-%attr(-,root,root) /usr/bin/slogin
-%attr(0755,root,root) /usr/bin/ssh-agent
-%attr(0755,root,root) /usr/bin/ssh-add
-%attr(0755,root,root) /usr/bin/ssh-keyscan
-%attr(0755,root,root) /usr/bin/sftp
-%attr(0755,root,root) /usr/sbin/sshd
-%attr(-,root,root) /usr/sbin/rcsshd
-%attr(0755,root,root) %dir /usr/lib/ssh
-%attr(0755,root,root) /usr/lib/ssh/ssh-askpass
-%attr(0755,root,root) /usr/lib/ssh/gnome-ssh-askpass
-%attr(0644,root,root) %doc /usr/man/man1/scp.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh.1*
-%attr(-,root,root) %doc /usr/man/man1/slogin.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh-agent.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh-add.1*
-%attr(0644,root,root) %doc /usr/man/man1/ssh-keygen.1*
-%attr(0644,root,root) %doc /usr/man/man8/sshd.8*
-%attr(0644,root,root) /var/adm/fillup-templates/rc.config.sshd
-
diff --git a/crypto/openssh/contrib/suse/rc.config.sshd b/crypto/openssh/contrib/suse/rc.config.sshd
deleted file mode 100644
index baaa7a5a1f44..000000000000
--- a/crypto/openssh/contrib/suse/rc.config.sshd
+++ /dev/null
@@ -1,5 +0,0 @@
-#
-# Start the Secure Shell (SSH) Daemon?
-#
-START_SSHD="yes"
-
diff --git a/crypto/openssh/contrib/suse/rc.sshd b/crypto/openssh/contrib/suse/rc.sshd
deleted file mode 100644
index f7d431ebbc1b..000000000000
--- a/crypto/openssh/contrib/suse/rc.sshd
+++ /dev/null
@@ -1,80 +0,0 @@
-#! /bin/sh
-# Copyright (c) 1995-1998 SuSE GmbH Nuernberg, Germany.
-#
-# Author: Chris Saia <csaia@wtower.com>
-#
-# /sbin/init.d/sshd
-#
-# and symbolic its link
-#
-# /sbin/rcsshd
-#
-
-. /etc/rc.config
-
-# Determine the base and follow a runlevel link name.
-base=${0##*/}
-link=${base#*[SK][0-9][0-9]}
-
-# Force execution if not called by a runlevel directory.
-test $link = $base && START_SSHD=yes
-test "$START_SSHD" = yes || exit 0
-
-# The echo return value for success (defined in /etc/rc.config).
-return=$rc_done
-case "$1" in
- start)
- echo -n "Starting service sshd"
- ## Start daemon with startproc(8). If this fails
- ## the echo return value is set appropriate.
-
- startproc /usr/sbin/sshd || return=$rc_failed
-
- echo -e "$return"
- ;;
- stop)
- echo -n "Stopping service sshd"
- ## Stop daemon with killproc(8) and if this fails
- ## set echo the echo return value.
-
- killproc -TERM /usr/sbin/sshd || return=$rc_failed
-
- echo -e "$return"
- ;;
- restart)
- ## If first returns OK call the second, if first or
- ## second command fails, set echo return value.
- $0 stop && $0 start || return=$rc_failed
- ;;
- reload)
- ## Choose ONE of the following two cases:
-
- ## First possibility: A few services accepts a signal
- ## to reread the (changed) configuration.
-
- echo -n "Reload service sshd"
- killproc -HUP /usr/sbin/sshd || return=$rc_failed
- echo -e "$return"
- ;;
- status)
- echo -n "Checking for service sshd"
- ## Check status with checkproc(8), if process is running
- ## checkproc will return with exit status 0.
-
- checkproc /usr/sbin/sshd && echo OK || echo No process
- ;;
- probe)
- ## Optional: Probe for the necessity of a reload,
- ## give out the argument which is required for a reload.
-
- test /etc/ssh/sshd_config -nt /var/run/sshd.pid && echo reload
- ;;
- *)
- echo "Usage: $0 {start|stop|status|restart|reload[|probe]}"
- exit 1
- ;;
-esac
-
-# Inform the caller not only verbosely and set an exit status.
-test "$return" = "$rc_done" || exit 1
-exit 0
diff --git a/crypto/openssh/dsa.c b/crypto/openssh/dsa.c
deleted file mode 100644
index 4ff4b58f2b49..000000000000
--- a/crypto/openssh/dsa.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: dsa.c,v 1.11 2000/09/07 20:27:51 deraadt Exp $");
-
-#include "ssh.h"
-#include "xmalloc.h"
-#include "buffer.h"
-#include "bufaux.h"
-#include "compat.h"
-
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/rsa.h>
-#include <openssl/dsa.h>
-#include <openssl/evp.h>
-#include <openssl/bio.h>
-#include <openssl/pem.h>
-
-#include <openssl/hmac.h>
-#include "kex.h"
-#include "key.h"
-#include "uuencode.h"
-
-#define INTBLOB_LEN 20
-#define SIGBLOB_LEN (2*INTBLOB_LEN)
-
-Key *
-dsa_key_from_blob(char *blob, int blen)
-{
- Buffer b;
- char *ktype;
- int rlen;
- DSA *dsa;
- Key *key;
-
-#ifdef DEBUG_DSS
- dump_base64(stderr, blob, blen);
-#endif
- /* fetch & parse DSA/DSS pubkey */
- buffer_init(&b);
- buffer_append(&b, blob, blen);
- ktype = buffer_get_string(&b, NULL);
- if (strcmp(KEX_DSS, ktype) != 0) {
- error("dsa_key_from_blob: cannot handle type %s", ktype);
- buffer_free(&b);
- xfree(ktype);
- return NULL;
- }
- key = key_new(KEY_DSA);
- dsa = key->dsa;
- buffer_get_bignum2(&b, dsa->p);
- buffer_get_bignum2(&b, dsa->q);
- buffer_get_bignum2(&b, dsa->g);
- buffer_get_bignum2(&b, dsa->pub_key);
- rlen = buffer_len(&b);
- if(rlen != 0)
- error("dsa_key_from_blob: remaining bytes in key blob %d", rlen);
- buffer_free(&b);
- xfree(ktype);
-
-#ifdef DEBUG_DSS
- DSA_print_fp(stderr, dsa, 8);
-#endif
- return key;
-}
-int
-dsa_make_key_blob(Key *key, unsigned char **blobp, unsigned int *lenp)
-{
- Buffer b;
- int len;
- unsigned char *buf;
-
- if (key == NULL || key->type != KEY_DSA)
- return 0;
- buffer_init(&b);
- buffer_put_cstring(&b, KEX_DSS);
- buffer_put_bignum2(&b, key->dsa->p);
- buffer_put_bignum2(&b, key->dsa->q);
- buffer_put_bignum2(&b, key->dsa->g);
- buffer_put_bignum2(&b, key->dsa->pub_key);
- len = buffer_len(&b);
- buf = xmalloc(len);
- memcpy(buf, buffer_ptr(&b), len);
- memset(buffer_ptr(&b), 0, len);
- buffer_free(&b);
- if (lenp != NULL)
- *lenp = len;
- if (blobp != NULL)
- *blobp = buf;
- return len;
-}
-int
-dsa_sign(
- Key *key,
- unsigned char **sigp, int *lenp,
- unsigned char *data, int datalen)
-{
- unsigned char *digest;
- unsigned char *ret;
- DSA_SIG *sig;
- EVP_MD *evp_md = EVP_sha1();
- EVP_MD_CTX md;
- unsigned int rlen;
- unsigned int slen;
- unsigned int len;
- unsigned char sigblob[SIGBLOB_LEN];
- Buffer b;
-
- if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
- error("dsa_sign: no DSA key");
- return -1;
- }
- digest = xmalloc(evp_md->md_size);
- EVP_DigestInit(&md, evp_md);
- EVP_DigestUpdate(&md, data, datalen);
- EVP_DigestFinal(&md, digest, NULL);
-
- sig = DSA_do_sign(digest, evp_md->md_size, key->dsa);
- if (sig == NULL) {
- fatal("dsa_sign: cannot sign");
- }
-
- rlen = BN_num_bytes(sig->r);
- slen = BN_num_bytes(sig->s);
- if (rlen > INTBLOB_LEN || slen > INTBLOB_LEN) {
- error("bad sig size %d %d", rlen, slen);
- DSA_SIG_free(sig);
- return -1;
- }
- debug("sig size %d %d", rlen, slen);
-
- memset(sigblob, 0, SIGBLOB_LEN);
- BN_bn2bin(sig->r, sigblob+ SIGBLOB_LEN - INTBLOB_LEN - rlen);
- BN_bn2bin(sig->s, sigblob+ SIGBLOB_LEN - slen);
- DSA_SIG_free(sig);
-
- if (datafellows & SSH_BUG_SIGBLOB) {
- debug("datafellows");
- ret = xmalloc(SIGBLOB_LEN);
- memcpy(ret, sigblob, SIGBLOB_LEN);
- if (lenp != NULL)
- *lenp = SIGBLOB_LEN;
- if (sigp != NULL)
- *sigp = ret;
- } else {
- /* ietf-drafts */
- buffer_init(&b);
- buffer_put_cstring(&b, KEX_DSS);
- buffer_put_string(&b, sigblob, SIGBLOB_LEN);
- len = buffer_len(&b);
- ret = xmalloc(len);
- memcpy(ret, buffer_ptr(&b), len);
- buffer_free(&b);
- if (lenp != NULL)
- *lenp = len;
- if (sigp != NULL)
- *sigp = ret;
- }
- return 0;
-}
-int
-dsa_verify(
- Key *key,
- unsigned char *signature, int signaturelen,
- unsigned char *data, int datalen)
-{
- Buffer b;
- unsigned char *digest;
- DSA_SIG *sig;
- EVP_MD *evp_md = EVP_sha1();
- EVP_MD_CTX md;
- unsigned char *sigblob;
- char *txt;
- unsigned int len;
- int rlen;
- int ret;
-
- if (key == NULL || key->type != KEY_DSA || key->dsa == NULL) {
- error("dsa_verify: no DSA key");
- return -1;
- }
-
- if (!(datafellows & SSH_BUG_SIGBLOB) &&
- signaturelen == SIGBLOB_LEN) {
- datafellows |= ~SSH_BUG_SIGBLOB;
- log("autodetect SSH_BUG_SIGBLOB");
- } else if ((datafellows & SSH_BUG_SIGBLOB) &&
- signaturelen != SIGBLOB_LEN) {
- log("autoremove SSH_BUG_SIGBLOB");
- datafellows &= ~SSH_BUG_SIGBLOB;
- }
-
- debug("len %d datafellows %d", signaturelen, datafellows);
-
- /* fetch signature */
- if (datafellows & SSH_BUG_SIGBLOB) {
- sigblob = signature;
- len = signaturelen;
- } else {
- /* ietf-drafts */
- char *ktype;
- buffer_init(&b);
- buffer_append(&b, (char *) signature, signaturelen);
- ktype = buffer_get_string(&b, NULL);
- if (strcmp(KEX_DSS, ktype) != 0) {
- error("dsa_verify: cannot handle type %s", ktype);
- buffer_free(&b);
- return -1;
- }
- sigblob = (unsigned char *)buffer_get_string(&b, &len);
- rlen = buffer_len(&b);
- if(rlen != 0) {
- error("remaining bytes in signature %d", rlen);
- buffer_free(&b);
- return -1;
- }
- buffer_free(&b);
- xfree(ktype);
- }
-
- if (len != SIGBLOB_LEN) {
- fatal("bad sigbloblen %d != SIGBLOB_LEN", len);
- }
-
- /* parse signature */
- sig = DSA_SIG_new();
- sig->r = BN_new();
- sig->s = BN_new();
- BN_bin2bn(sigblob, INTBLOB_LEN, sig->r);
- BN_bin2bn(sigblob+ INTBLOB_LEN, INTBLOB_LEN, sig->s);
-
- if (!(datafellows & SSH_BUG_SIGBLOB)) {
- memset(sigblob, 0, len);
- xfree(sigblob);
- }
-
- /* sha1 the data */
- digest = xmalloc(evp_md->md_size);
- EVP_DigestInit(&md, evp_md);
- EVP_DigestUpdate(&md, data, datalen);
- EVP_DigestFinal(&md, digest, NULL);
-
- ret = DSA_do_verify(digest, evp_md->md_size, sig, key->dsa);
-
- memset(digest, 0, evp_md->md_size);
- xfree(digest);
- DSA_SIG_free(sig);
-
- switch (ret) {
- case 1:
- txt = "correct";
- break;
- case 0:
- txt = "incorrect";
- break;
- case -1:
- default:
- txt = "error";
- break;
- }
- debug("dsa_verify: signature %s", txt);
- return ret;
-}
-
-Key *
-dsa_generate_key(unsigned int bits)
-{
- DSA *dsa = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, NULL, NULL);
- Key *k;
- if (dsa == NULL) {
- fatal("DSA_generate_parameters failed");
- }
- if (!DSA_generate_key(dsa)) {
- fatal("DSA_generate_keys failed");
- }
-
- k = key_new(KEY_EMPTY);
- k->type = KEY_DSA;
- k->dsa = dsa;
- return k;
-}
diff --git a/crypto/openssh/dsa.h b/crypto/openssh/dsa.h
deleted file mode 100644
index 252e7880beb5..000000000000
--- a/crypto/openssh/dsa.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef DSA_H
-#define DSA_H
-
-Key *dsa_key_from_blob(char *blob, int blen);
-int dsa_make_key_blob(Key *key, unsigned char **blobp, unsigned int *lenp);
-
-int
-dsa_sign(
- Key *key,
- unsigned char **sigp, int *lenp,
- unsigned char *data, int datalen);
-
-int
-dsa_verify(
- Key *key,
- unsigned char *signature, int signaturelen,
- unsigned char *data, int datalen);
-
-Key *
-dsa_generate_key(unsigned int bits);
-
-#endif
diff --git a/crypto/openssh/fingerprint.c b/crypto/openssh/fingerprint.c
deleted file mode 100644
index 4b0966d91557..000000000000
--- a/crypto/openssh/fingerprint.c
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright (c) 1999 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by Markus Friedl.
- * 4. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$Id: fingerprint.c,v 1.6 2000/04/12 09:39:10 markus Exp $");
-
-#include "ssh.h"
-#include "xmalloc.h"
-#include <openssl/md5.h>
-
-#define FPRINT "%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x:%02x"
-
-/*
- * Generate key fingerprint in ascii format.
- * Based on ideas and code from Bjoern Groenvall <bg@sics.se>
- */
-char *
-fingerprint(BIGNUM *e, BIGNUM *n)
-{
- static char retval[80];
- MD5_CTX md;
- unsigned char d[16];
- unsigned char *buf;
- int nlen, elen;
-
- nlen = BN_num_bytes(n);
- elen = BN_num_bytes(e);
-
- buf = xmalloc(nlen + elen);
-
- BN_bn2bin(n, buf);
- BN_bn2bin(e, buf + nlen);
-
- MD5_Init(&md);
- MD5_Update(&md, buf, nlen + elen);
- MD5_Final(d, &md);
- snprintf(retval, sizeof(retval), FPRINT,
- d[0], d[1], d[2], d[3], d[4], d[5], d[6], d[7],
- d[8], d[9], d[10], d[11], d[12], d[13], d[14], d[15]);
- memset(buf, 0, nlen + elen);
- xfree(buf);
- return retval;
-}
diff --git a/crypto/openssh/fingerprint.h b/crypto/openssh/fingerprint.h
deleted file mode 100644
index fbb0d4c46206..000000000000
--- a/crypto/openssh/fingerprint.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright (c) 1999 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by Markus Friedl.
- * 4. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-/* RCSID("$Id: fingerprint.h,v 1.3 1999/11/24 16:15:25 markus Exp $"); */
-
-#ifndef FINGERPRINT_H
-#define FINGERPRINT_H
-char *fingerprint(BIGNUM * e, BIGNUM * n);
-#endif
diff --git a/crypto/openssh/hmac.c b/crypto/openssh/hmac.c
deleted file mode 100644
index 48a176304beb..000000000000
--- a/crypto/openssh/hmac.c
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: hmac.c,v 1.4 2000/09/07 20:27:51 deraadt Exp $");
-
-#include "xmalloc.h"
-#include "ssh.h"
-#include "getput.h"
-
-#include <openssl/hmac.h>
-
-unsigned char *
-hmac(
- EVP_MD *evp_md,
- unsigned int seqno,
- unsigned char *data, int datalen,
- unsigned char *key, int keylen)
-{
- HMAC_CTX c;
- static unsigned char m[EVP_MAX_MD_SIZE];
- unsigned char b[4];
-
- if (key == NULL)
- fatal("hmac: no key");
- HMAC_Init(&c, key, keylen, evp_md);
- PUT_32BIT(b, seqno);
- HMAC_Update(&c, b, sizeof b);
- HMAC_Update(&c, data, datalen);
- HMAC_Final(&c, m, NULL);
- HMAC_cleanup(&c);
- return(m);
-}
diff --git a/crypto/openssh/hmac.h b/crypto/openssh/hmac.h
deleted file mode 100644
index 281300e25c48..000000000000
--- a/crypto/openssh/hmac.h
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef HMAC_H
-#define HMAC_H
-
-unsigned char *
-hmac(
- EVP_MD *evp_md,
- unsigned int seqno,
- unsigned char *data, int datalen,
- unsigned char *key, int len);
-
-#endif
diff --git a/crypto/openssh/lib/Makefile b/crypto/openssh/lib/Makefile
deleted file mode 100644
index ac950a9ac3af..000000000000
--- a/crypto/openssh/lib/Makefile
+++ /dev/null
@@ -1,35 +0,0 @@
-# $OpenBSD: Makefile,v 1.36 2002/06/11 15:23:29 hin Exp $
-
-.PATH: ${.CURDIR}/..
-
-LIB= ssh
-SRCS= authfd.c authfile.c bufaux.c buffer.c canohost.c channels.c \
- cipher.c compat.c compress.c crc32.c deattack.c fatal.c \
- hostfile.c log.c match.c mpaux.c nchan.c packet.c readpass.c \
- rsa.c tildexpand.c ttymodes.c xmalloc.c atomicio.c \
- key.c dispatch.c kex.c mac.c uuencode.c misc.c \
- rijndael.c ssh-dss.c ssh-rsa.c dh.c kexdh.c kexgex.c \
- scard.c monitor_wrap.c monitor_fdpass.c msg.c
-
-DEBUGLIBS= no
-NOPROFILE= yes
-NOPIC= yes
-
-install:
- @echo -n
-
-.include <bsd.own.mk>
-
-.if (${KERBEROS5:L} == "yes")
-CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV
-.endif # KERBEROS5
-
-.if (${KERBEROS:L} == "yes")
-CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV
-.if (${AFS:L} == "yes")
-CFLAGS+= -DAFS
-SRCS+= radix.c
-.endif # AFS
-.endif # KERBEROS
-
-.include <bsd.lib.mk>
diff --git a/crypto/openssh/log-client.c b/crypto/openssh/log-client.c
deleted file mode 100644
index 505c8c33787a..000000000000
--- a/crypto/openssh/log-client.c
+++ /dev/null
@@ -1,84 +0,0 @@
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- * Client-side versions of debug(), log(), etc. These print to stderr.
- * This is a stripped down version of log-server.c.
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- *
- *
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: log-client.c,v 1.12 2000/09/12 20:53:10 markus Exp $");
-
-#include "xmalloc.h"
-#include "ssh.h"
-
-static LogLevel log_level = SYSLOG_LEVEL_INFO;
-
-/* Initialize the log.
- * av0 program name (should be argv[0])
- * level logging level
- */
-
-void
-log_init(char *av0, LogLevel level, SyslogFacility ignored1, int ignored2)
-{
- switch (level) {
- case SYSLOG_LEVEL_QUIET:
- case SYSLOG_LEVEL_ERROR:
- case SYSLOG_LEVEL_FATAL:
- case SYSLOG_LEVEL_INFO:
- case SYSLOG_LEVEL_VERBOSE:
- case SYSLOG_LEVEL_DEBUG1:
- case SYSLOG_LEVEL_DEBUG2:
- case SYSLOG_LEVEL_DEBUG3:
- log_level = level;
- break;
- default:
- /* unchanged */
- break;
- }
-}
-
-#define MSGBUFSIZ 1024
-
-void
-do_log(LogLevel level, const char *fmt, va_list args)
-{
- char msgbuf[MSGBUFSIZ];
-
- if (level > log_level)
- return;
- if (level >= SYSLOG_LEVEL_DEBUG1)
- fprintf(stderr, "debug: ");
- vsnprintf(msgbuf, sizeof(msgbuf), fmt, args);
- fprintf(stderr, "%s\r\n", msgbuf);
-}
diff --git a/crypto/openssh/log-server.c b/crypto/openssh/log-server.c
deleted file mode 100644
index de3d5cfeb970..000000000000
--- a/crypto/openssh/log-server.c
+++ /dev/null
@@ -1,173 +0,0 @@
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- * Server-side versions of debug(), log(), etc. These normally send the output
- * to the system log.
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- *
- *
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: log-server.c,v 1.17 2000/09/12 20:53:10 markus Exp $");
-
-#include <syslog.h>
-#include "packet.h"
-#include "xmalloc.h"
-#include "ssh.h"
-
-static LogLevel log_level = SYSLOG_LEVEL_INFO;
-static int log_on_stderr = 0;
-static int log_facility = LOG_AUTH;
-
-/* Initialize the log.
- * av0 program name (should be argv[0])
- * on_stderr print also on stderr
- * level logging level
- */
-
-void
-log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
-{
- switch (level) {
- case SYSLOG_LEVEL_QUIET:
- case SYSLOG_LEVEL_ERROR:
- case SYSLOG_LEVEL_FATAL:
- case SYSLOG_LEVEL_INFO:
- case SYSLOG_LEVEL_VERBOSE:
- case SYSLOG_LEVEL_DEBUG1:
- case SYSLOG_LEVEL_DEBUG2:
- case SYSLOG_LEVEL_DEBUG3:
- log_level = level;
- break;
- default:
- fprintf(stderr, "Unrecognized internal syslog level code %d\n",
- (int) level);
- exit(1);
- }
- switch (facility) {
- case SYSLOG_FACILITY_DAEMON:
- log_facility = LOG_DAEMON;
- break;
- case SYSLOG_FACILITY_USER:
- log_facility = LOG_USER;
- break;
- case SYSLOG_FACILITY_AUTH:
- log_facility = LOG_AUTH;
- break;
- case SYSLOG_FACILITY_LOCAL0:
- log_facility = LOG_LOCAL0;
- break;
- case SYSLOG_FACILITY_LOCAL1:
- log_facility = LOG_LOCAL1;
- break;
- case SYSLOG_FACILITY_LOCAL2:
- log_facility = LOG_LOCAL2;
- break;
- case SYSLOG_FACILITY_LOCAL3:
- log_facility = LOG_LOCAL3;
- break;
- case SYSLOG_FACILITY_LOCAL4:
- log_facility = LOG_LOCAL4;
- break;
- case SYSLOG_FACILITY_LOCAL5:
- log_facility = LOG_LOCAL5;
- break;
- case SYSLOG_FACILITY_LOCAL6:
- log_facility = LOG_LOCAL6;
- break;
- case SYSLOG_FACILITY_LOCAL7:
- log_facility = LOG_LOCAL7;
- break;
- default:
- fprintf(stderr, "Unrecognized internal syslog facility code %d\n",
- (int) facility);
- exit(1);
- }
- log_on_stderr = on_stderr;
-}
-
-#define MSGBUFSIZ 1024
-
-void
-do_log(LogLevel level, const char *fmt, va_list args)
-{
- char msgbuf[MSGBUFSIZ];
- char fmtbuf[MSGBUFSIZ];
- char *txt = NULL;
- int pri = LOG_INFO;
- extern char *__progname;
-
- if (level > log_level)
- return;
- switch (level) {
- case SYSLOG_LEVEL_ERROR:
- txt = "error";
- pri = LOG_ERR;
- break;
- case SYSLOG_LEVEL_FATAL:
- txt = "fatal";
- pri = LOG_ERR;
- break;
- case SYSLOG_LEVEL_INFO:
- case SYSLOG_LEVEL_VERBOSE:
- pri = LOG_INFO;
- break;
- case SYSLOG_LEVEL_DEBUG1:
- txt = "debug1";
- pri = LOG_DEBUG;
- break;
- case SYSLOG_LEVEL_DEBUG2:
- txt = "debug2";
- pri = LOG_DEBUG;
- break;
- case SYSLOG_LEVEL_DEBUG3:
- txt = "debug3";
- pri = LOG_DEBUG;
- break;
- default:
- txt = "internal error";
- pri = LOG_ERR;
- break;
- }
- if (txt != NULL) {
- snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt);
- vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args);
- } else {
- vsnprintf(msgbuf, sizeof(msgbuf), fmt, args);
- }
- if (log_on_stderr) {
- fprintf(stderr, "%s\n", msgbuf);
- } else {
- openlog(__progname, LOG_PID, log_facility);
- syslog(pri, "%.500s", msgbuf);
- closelog();
- }
-}
diff --git a/crypto/openssh/login.c b/crypto/openssh/login.c
deleted file mode 100644
index 1d59cd825f73..000000000000
--- a/crypto/openssh/login.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- * This file performs some of the things login(1) normally does. We cannot
- * easily use something like login -p -h host -f user, because there are
- * several different logins around, and it is hard to determined what kind of
- * login the current system has. Also, we want to be able to execute commands
- * on a tty.
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- *
- * Copyright (c) 1999 Theo de Raadt. All rights reserved.
- * Copyright (c) 1999 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: login.c,v 1.15 2000/09/07 20:27:52 deraadt Exp $");
-
-#include <util.h>
-#include <utmp.h>
-#include "ssh.h"
-
-/*
- * Returns the time when the user last logged in. Returns 0 if the
- * information is not available. This must be called before record_login.
- * The host the user logged in from will be returned in buf.
- */
-
-/*
- * Returns the time when the user last logged in (or 0 if no previous login
- * is found). The name of the host used last time is returned in buf.
- */
-
-unsigned long
-get_last_login_time(uid_t uid, const char *logname,
- char *buf, unsigned int bufsize)
-{
- struct lastlog ll;
- char *lastlog;
- int fd;
-
- lastlog = _PATH_LASTLOG;
- buf[0] = '\0';
-
- fd = open(lastlog, O_RDONLY);
- if (fd < 0)
- return 0;
- lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
- if (read(fd, &ll, sizeof(ll)) != sizeof(ll)) {
- close(fd);
- return 0;
- }
- close(fd);
- if (bufsize > sizeof(ll.ll_host) + 1)
- bufsize = sizeof(ll.ll_host) + 1;
- strncpy(buf, ll.ll_host, bufsize - 1);
- buf[bufsize - 1] = 0;
- return ll.ll_time;
-}
-
-/*
- * Records that the user has logged in. I these parts of operating systems
- * were more standardized.
- */
-
-void
-record_login(pid_t pid, const char *ttyname, const char *user, uid_t uid,
- const char *host, struct sockaddr * addr)
-{
- int fd;
- struct lastlog ll;
- char *lastlog;
- struct utmp u;
- const char *utmp, *wtmp;
-
- /* Construct an utmp/wtmp entry. */
- memset(&u, 0, sizeof(u));
- strncpy(u.ut_line, ttyname + 5, sizeof(u.ut_line));
- u.ut_time = time(NULL);
- strncpy(u.ut_name, user, sizeof(u.ut_name));
- strncpy(u.ut_host, host, sizeof(u.ut_host));
-
- /* Figure out the file names. */
- utmp = _PATH_UTMP;
- wtmp = _PATH_WTMP;
-
- login(&u);
- lastlog = _PATH_LASTLOG;
-
- /* Update lastlog unless actually recording a logout. */
- if (strcmp(user, "") != 0) {
- /*
- * It is safer to bzero the lastlog structure first because
- * some systems might have some extra fields in it (e.g. SGI)
- */
- memset(&ll, 0, sizeof(ll));
-
- /* Update lastlog. */
- ll.ll_time = time(NULL);
- strncpy(ll.ll_line, ttyname + 5, sizeof(ll.ll_line));
- strncpy(ll.ll_host, host, sizeof(ll.ll_host));
- fd = open(lastlog, O_RDWR);
- if (fd >= 0) {
- lseek(fd, (off_t) ((long) uid * sizeof(ll)), SEEK_SET);
- if (write(fd, &ll, sizeof(ll)) != sizeof(ll))
- log("Could not write %.100s: %.100s", lastlog, strerror(errno));
- close(fd);
- }
- }
-}
-
-/* Records that the user has logged out. */
-
-void
-record_logout(pid_t pid, const char *ttyname)
-{
- const char *line = ttyname + 5; /* /dev/ttyq8 -> ttyq8 */
- if (logout(line))
- logwtmp(line, "", "");
-}
diff --git a/crypto/openssh/moduli.h b/crypto/openssh/moduli.h
deleted file mode 100644
index 9cd1cd3f86c0..000000000000
--- a/crypto/openssh/moduli.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* $OpenBSD: moduli.h,v 1.1 2003/07/28 09:49:56 djm Exp $ */
-
-#include <sys/types.h>
-#include <openssl/bn.h>
-
-/*
- * Using virtual memory can cause thrashing. This should be the largest
- * number that is supported without a large amount of disk activity --
- * that would increase the run time from hours to days or weeks!
- */
-#define LARGE_MINIMUM (8UL) /* megabytes */
-
-/*
- * Do not increase this number beyond the unsigned integer bit size.
- * Due to a multiple of 4, it must be LESS than 128 (yielding 2**30 bits).
- */
-#define LARGE_MAXIMUM (127UL) /* megabytes */
-
-/* Minimum number of primality tests to perform */
-#define TRIAL_MINIMUM (4)
-
-int gen_candidates(FILE *, int, int, BIGNUM *);
-int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
diff --git a/crypto/openssh/nchan.h b/crypto/openssh/nchan.h
deleted file mode 100644
index 623ecccc31cf..000000000000
--- a/crypto/openssh/nchan.h
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Copyright (c) 1999 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* RCSID("$OpenBSD: nchan.h,v 1.10 2001/02/28 08:54:55 markus Exp $"); */
-
-#ifndef NCHAN_H
-#define NCHAN_H
-
-/*
- * SSH Protocol 1.5 aka New Channel Protocol
- * Thanks to Martina, Axel and everyone who left Erlangen, leaving me bored.
- * Written by Markus Friedl in October 1999
- *
- * Protocol versions 1.3 and 1.5 differ in the handshake protocol used for the
- * tear down of channels:
- *
- * 1.3: strict request-ack-protocol:
- * CLOSE ->
- * <- CLOSE_CONFIRM
- *
- * 1.5: uses variations of:
- * IEOF ->
- * <- OCLOSE
- * <- IEOF
- * OCLOSE ->
- * i.e. both sides have to close the channel
- *
- * See the debugging output from 'ssh -v' and 'sshd -d' of
- * ssh-1.2.27 as an example.
- *
- */
-
-/* ssh-proto-1.5 overloads prot-1.3-message-types */
-#define SSH_MSG_CHANNEL_INPUT_EOF SSH_MSG_CHANNEL_CLOSE
-#define SSH_MSG_CHANNEL_OUTPUT_CLOSE SSH_MSG_CHANNEL_CLOSE_CONFIRMATION
-
-/* possible input states */
-#define CHAN_INPUT_OPEN 0x01
-#define CHAN_INPUT_WAIT_DRAIN 0x02
-#define CHAN_INPUT_WAIT_OCLOSE 0x04
-#define CHAN_INPUT_CLOSED 0x08
-
-/* possible output states */
-#define CHAN_OUTPUT_OPEN 0x10
-#define CHAN_OUTPUT_WAIT_DRAIN 0x20
-#define CHAN_OUTPUT_WAIT_IEOF 0x40
-#define CHAN_OUTPUT_CLOSED 0x80
-
-#define CHAN_CLOSE_SENT 0x01
-#define CHAN_CLOSE_RCVD 0x02
-
-
-/* Channel EVENTS */
-typedef void chan_event_fn(Channel * c);
-
-/* for the input state */
-extern chan_event_fn *chan_rcvd_oclose;
-extern chan_event_fn *chan_read_failed;
-extern chan_event_fn *chan_ibuf_empty;
-
-/* for the output state */
-extern chan_event_fn *chan_rcvd_ieof;
-extern chan_event_fn *chan_write_failed;
-extern chan_event_fn *chan_obuf_empty;
-
-int chan_is_dead(Channel * c);
-
-void chan_init_iostates(Channel * c);
-void chan_init(void);
-#endif
diff --git a/crypto/openssh/openbsd-compat/.cvsignore b/crypto/openssh/openbsd-compat/.cvsignore
deleted file mode 100644
index f3c7a7c5da68..000000000000
--- a/crypto/openssh/openbsd-compat/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-Makefile
diff --git a/crypto/openssh/openbsd-compat/fake-queue.h b/crypto/openssh/openbsd-compat/fake-queue.h
deleted file mode 100644
index 176fe31741c3..000000000000
--- a/crypto/openssh/openbsd-compat/fake-queue.h
+++ /dev/null
@@ -1,584 +0,0 @@
-/* $OpenBSD: queue.h,v 1.22 2001/06/23 04:39:35 angelos Exp $ */
-/* $NetBSD: queue.h,v 1.11 1996/05/16 05:17:14 mycroft Exp $ */
-
-/*
- * Copyright (c) 1991, 1993
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * @(#)queue.h 8.5 (Berkeley) 8/20/94
- */
-
-#ifndef _FAKE_QUEUE_H_
-#define _FAKE_QUEUE_H_
-
-/*
- * Ignore all <sys/queue.h> since older platforms have broken/incomplete
- * <sys/queue.h> that are too hard to work around.
- */
-#undef SLIST_HEAD
-#undef SLIST_HEAD_INITIALIZER
-#undef SLIST_ENTRY
-#undef SLIST_FIRST
-#undef SLIST_END
-#undef SLIST_EMPTY
-#undef SLIST_NEXT
-#undef SLIST_FOREACH
-#undef SLIST_INIT
-#undef SLIST_INSERT_AFTER
-#undef SLIST_INSERT_HEAD
-#undef SLIST_REMOVE_HEAD
-#undef SLIST_REMOVE
-#undef LIST_HEAD
-#undef LIST_HEAD_INITIALIZER
-#undef LIST_ENTRY
-#undef LIST_FIRST
-#undef LIST_END
-#undef LIST_EMPTY
-#undef LIST_NEXT
-#undef LIST_FOREACH
-#undef LIST_INIT
-#undef LIST_INSERT_AFTER
-#undef LIST_INSERT_BEFORE
-#undef LIST_INSERT_HEAD
-#undef LIST_REMOVE
-#undef LIST_REPLACE
-#undef SIMPLEQ_HEAD
-#undef SIMPLEQ_HEAD_INITIALIZER
-#undef SIMPLEQ_ENTRY
-#undef SIMPLEQ_FIRST
-#undef SIMPLEQ_END
-#undef SIMPLEQ_EMPTY
-#undef SIMPLEQ_NEXT
-#undef SIMPLEQ_FOREACH
-#undef SIMPLEQ_INIT
-#undef SIMPLEQ_INSERT_HEAD
-#undef SIMPLEQ_INSERT_TAIL
-#undef SIMPLEQ_INSERT_AFTER
-#undef SIMPLEQ_REMOVE_HEAD
-#undef TAILQ_HEAD
-#undef TAILQ_HEAD_INITIALIZER
-#undef TAILQ_ENTRY
-#undef TAILQ_FIRST
-#undef TAILQ_END
-#undef TAILQ_NEXT
-#undef TAILQ_LAST
-#undef TAILQ_PREV
-#undef TAILQ_EMPTY
-#undef TAILQ_FOREACH
-#undef TAILQ_FOREACH_REVERSE
-#undef TAILQ_INIT
-#undef TAILQ_INSERT_HEAD
-#undef TAILQ_INSERT_TAIL
-#undef TAILQ_INSERT_AFTER
-#undef TAILQ_INSERT_BEFORE
-#undef TAILQ_REMOVE
-#undef TAILQ_REPLACE
-#undef CIRCLEQ_HEAD
-#undef CIRCLEQ_HEAD_INITIALIZER
-#undef CIRCLEQ_ENTRY
-#undef CIRCLEQ_FIRST
-#undef CIRCLEQ_LAST
-#undef CIRCLEQ_END
-#undef CIRCLEQ_NEXT
-#undef CIRCLEQ_PREV
-#undef CIRCLEQ_EMPTY
-#undef CIRCLEQ_FOREACH
-#undef CIRCLEQ_FOREACH_REVERSE
-#undef CIRCLEQ_INIT
-#undef CIRCLEQ_INSERT_AFTER
-#undef CIRCLEQ_INSERT_BEFORE
-#undef CIRCLEQ_INSERT_HEAD
-#undef CIRCLEQ_INSERT_TAIL
-#undef CIRCLEQ_REMOVE
-#undef CIRCLEQ_REPLACE
-
-/*
- * This file defines five types of data structures: singly-linked lists,
- * lists, simple queues, tail queues, and circular queues.
- *
- *
- * A singly-linked list is headed by a single forward pointer. The elements
- * are singly linked for minimum space and pointer manipulation overhead at
- * the expense of O(n) removal for arbitrary elements. New elements can be
- * added to the list after an existing element or at the head of the list.
- * Elements being removed from the head of the list should use the explicit
- * macro for this purpose for optimum efficiency. A singly-linked list may
- * only be traversed in the forward direction. Singly-linked lists are ideal
- * for applications with large datasets and few or no removals or for
- * implementing a LIFO queue.
- *
- * A list is headed by a single forward pointer (or an array of forward
- * pointers for a hash table header). The elements are doubly linked
- * so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list before
- * or after an existing element or at the head of the list. A list
- * may only be traversed in the forward direction.
- *
- * A simple queue is headed by a pair of pointers, one the head of the
- * list and the other to the tail of the list. The elements are singly
- * linked to save space, so elements can only be removed from the
- * head of the list. New elements can be added to the list before or after
- * an existing element, at the head of the list, or at the end of the
- * list. A simple queue may only be traversed in the forward direction.
- *
- * A tail queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list before or
- * after an existing element, at the head of the list, or at the end of
- * the list. A tail queue may be traversed in either direction.
- *
- * A circle queue is headed by a pair of pointers, one to the head of the
- * list and the other to the tail of the list. The elements are doubly
- * linked so that an arbitrary element can be removed without a need to
- * traverse the list. New elements can be added to the list before or after
- * an existing element, at the head of the list, or at the end of the list.
- * A circle queue may be traversed in either direction, but has a more
- * complex end of list detection.
- *
- * For details on the use of these macros, see the queue(3) manual page.
- */
-
-/*
- * Singly-linked List definitions.
- */
-#define SLIST_HEAD(name, type) \
-struct name { \
- struct type *slh_first; /* first element */ \
-}
-
-#define SLIST_HEAD_INITIALIZER(head) \
- { NULL }
-
-#define SLIST_ENTRY(type) \
-struct { \
- struct type *sle_next; /* next element */ \
-}
-
-/*
- * Singly-linked List access methods.
- */
-#define SLIST_FIRST(head) ((head)->slh_first)
-#define SLIST_END(head) NULL
-#define SLIST_EMPTY(head) (SLIST_FIRST(head) == SLIST_END(head))
-#define SLIST_NEXT(elm, field) ((elm)->field.sle_next)
-
-#define SLIST_FOREACH(var, head, field) \
- for((var) = SLIST_FIRST(head); \
- (var) != SLIST_END(head); \
- (var) = SLIST_NEXT(var, field))
-
-/*
- * Singly-linked List functions.
- */
-#define SLIST_INIT(head) { \
- SLIST_FIRST(head) = SLIST_END(head); \
-}
-
-#define SLIST_INSERT_AFTER(slistelm, elm, field) do { \
- (elm)->field.sle_next = (slistelm)->field.sle_next; \
- (slistelm)->field.sle_next = (elm); \
-} while (0)
-
-#define SLIST_INSERT_HEAD(head, elm, field) do { \
- (elm)->field.sle_next = (head)->slh_first; \
- (head)->slh_first = (elm); \
-} while (0)
-
-#define SLIST_REMOVE_HEAD(head, field) do { \
- (head)->slh_first = (head)->slh_first->field.sle_next; \
-} while (0)
-
-#define SLIST_REMOVE(head, elm, type, field) do { \
- if ((head)->slh_first == (elm)) { \
- SLIST_REMOVE_HEAD((head), field); \
- } \
- else { \
- struct type *curelm = (head)->slh_first; \
- while( curelm->field.sle_next != (elm) ) \
- curelm = curelm->field.sle_next; \
- curelm->field.sle_next = \
- curelm->field.sle_next->field.sle_next; \
- } \
-} while (0)
-
-/*
- * List definitions.
- */
-#define LIST_HEAD(name, type) \
-struct name { \
- struct type *lh_first; /* first element */ \
-}
-
-#define LIST_HEAD_INITIALIZER(head) \
- { NULL }
-
-#define LIST_ENTRY(type) \
-struct { \
- struct type *le_next; /* next element */ \
- struct type **le_prev; /* address of previous next element */ \
-}
-
-/*
- * List access methods
- */
-#define LIST_FIRST(head) ((head)->lh_first)
-#define LIST_END(head) NULL
-#define LIST_EMPTY(head) (LIST_FIRST(head) == LIST_END(head))
-#define LIST_NEXT(elm, field) ((elm)->field.le_next)
-
-#define LIST_FOREACH(var, head, field) \
- for((var) = LIST_FIRST(head); \
- (var)!= LIST_END(head); \
- (var) = LIST_NEXT(var, field))
-
-/*
- * List functions.
- */
-#define LIST_INIT(head) do { \
- LIST_FIRST(head) = LIST_END(head); \
-} while (0)
-
-#define LIST_INSERT_AFTER(listelm, elm, field) do { \
- if (((elm)->field.le_next = (listelm)->field.le_next) != NULL) \
- (listelm)->field.le_next->field.le_prev = \
- &(elm)->field.le_next; \
- (listelm)->field.le_next = (elm); \
- (elm)->field.le_prev = &(listelm)->field.le_next; \
-} while (0)
-
-#define LIST_INSERT_BEFORE(listelm, elm, field) do { \
- (elm)->field.le_prev = (listelm)->field.le_prev; \
- (elm)->field.le_next = (listelm); \
- *(listelm)->field.le_prev = (elm); \
- (listelm)->field.le_prev = &(elm)->field.le_next; \
-} while (0)
-
-#define LIST_INSERT_HEAD(head, elm, field) do { \
- if (((elm)->field.le_next = (head)->lh_first) != NULL) \
- (head)->lh_first->field.le_prev = &(elm)->field.le_next;\
- (head)->lh_first = (elm); \
- (elm)->field.le_prev = &(head)->lh_first; \
-} while (0)
-
-#define LIST_REMOVE(elm, field) do { \
- if ((elm)->field.le_next != NULL) \
- (elm)->field.le_next->field.le_prev = \
- (elm)->field.le_prev; \
- *(elm)->field.le_prev = (elm)->field.le_next; \
-} while (0)
-
-#define LIST_REPLACE(elm, elm2, field) do { \
- if (((elm2)->field.le_next = (elm)->field.le_next) != NULL) \
- (elm2)->field.le_next->field.le_prev = \
- &(elm2)->field.le_next; \
- (elm2)->field.le_prev = (elm)->field.le_prev; \
- *(elm2)->field.le_prev = (elm2); \
-} while (0)
-
-/*
- * Simple queue definitions.
- */
-#define SIMPLEQ_HEAD(name, type) \
-struct name { \
- struct type *sqh_first; /* first element */ \
- struct type **sqh_last; /* addr of last next element */ \
-}
-
-#define SIMPLEQ_HEAD_INITIALIZER(head) \
- { NULL, &(head).sqh_first }
-
-#define SIMPLEQ_ENTRY(type) \
-struct { \
- struct type *sqe_next; /* next element */ \
-}
-
-/*
- * Simple queue access methods.
- */
-#define SIMPLEQ_FIRST(head) ((head)->sqh_first)
-#define SIMPLEQ_END(head) NULL
-#define SIMPLEQ_EMPTY(head) (SIMPLEQ_FIRST(head) == SIMPLEQ_END(head))
-#define SIMPLEQ_NEXT(elm, field) ((elm)->field.sqe_next)
-
-#define SIMPLEQ_FOREACH(var, head, field) \
- for((var) = SIMPLEQ_FIRST(head); \
- (var) != SIMPLEQ_END(head); \
- (var) = SIMPLEQ_NEXT(var, field))
-
-/*
- * Simple queue functions.
- */
-#define SIMPLEQ_INIT(head) do { \
- (head)->sqh_first = NULL; \
- (head)->sqh_last = &(head)->sqh_first; \
-} while (0)
-
-#define SIMPLEQ_INSERT_HEAD(head, elm, field) do { \
- if (((elm)->field.sqe_next = (head)->sqh_first) == NULL) \
- (head)->sqh_last = &(elm)->field.sqe_next; \
- (head)->sqh_first = (elm); \
-} while (0)
-
-#define SIMPLEQ_INSERT_TAIL(head, elm, field) do { \
- (elm)->field.sqe_next = NULL; \
- *(head)->sqh_last = (elm); \
- (head)->sqh_last = &(elm)->field.sqe_next; \
-} while (0)
-
-#define SIMPLEQ_INSERT_AFTER(head, listelm, elm, field) do { \
- if (((elm)->field.sqe_next = (listelm)->field.sqe_next) == NULL)\
- (head)->sqh_last = &(elm)->field.sqe_next; \
- (listelm)->field.sqe_next = (elm); \
-} while (0)
-
-#define SIMPLEQ_REMOVE_HEAD(head, elm, field) do { \
- if (((head)->sqh_first = (elm)->field.sqe_next) == NULL) \
- (head)->sqh_last = &(head)->sqh_first; \
-} while (0)
-
-/*
- * Tail queue definitions.
- */
-#define TAILQ_HEAD(name, type) \
-struct name { \
- struct type *tqh_first; /* first element */ \
- struct type **tqh_last; /* addr of last next element */ \
-}
-
-#define TAILQ_HEAD_INITIALIZER(head) \
- { NULL, &(head).tqh_first }
-
-#define TAILQ_ENTRY(type) \
-struct { \
- struct type *tqe_next; /* next element */ \
- struct type **tqe_prev; /* address of previous next element */ \
-}
-
-/*
- * tail queue access methods
- */
-#define TAILQ_FIRST(head) ((head)->tqh_first)
-#define TAILQ_END(head) NULL
-#define TAILQ_NEXT(elm, field) ((elm)->field.tqe_next)
-#define TAILQ_LAST(head, headname) \
- (*(((struct headname *)((head)->tqh_last))->tqh_last))
-/* XXX */
-#define TAILQ_PREV(elm, headname, field) \
- (*(((struct headname *)((elm)->field.tqe_prev))->tqh_last))
-#define TAILQ_EMPTY(head) \
- (TAILQ_FIRST(head) == TAILQ_END(head))
-
-#define TAILQ_FOREACH(var, head, field) \
- for((var) = TAILQ_FIRST(head); \
- (var) != TAILQ_END(head); \
- (var) = TAILQ_NEXT(var, field))
-
-#define TAILQ_FOREACH_REVERSE(var, head, field, headname) \
- for((var) = TAILQ_LAST(head, headname); \
- (var) != TAILQ_END(head); \
- (var) = TAILQ_PREV(var, headname, field))
-
-/*
- * Tail queue functions.
- */
-#define TAILQ_INIT(head) do { \
- (head)->tqh_first = NULL; \
- (head)->tqh_last = &(head)->tqh_first; \
-} while (0)
-
-#define TAILQ_INSERT_HEAD(head, elm, field) do { \
- if (((elm)->field.tqe_next = (head)->tqh_first) != NULL) \
- (head)->tqh_first->field.tqe_prev = \
- &(elm)->field.tqe_next; \
- else \
- (head)->tqh_last = &(elm)->field.tqe_next; \
- (head)->tqh_first = (elm); \
- (elm)->field.tqe_prev = &(head)->tqh_first; \
-} while (0)
-
-#define TAILQ_INSERT_TAIL(head, elm, field) do { \
- (elm)->field.tqe_next = NULL; \
- (elm)->field.tqe_prev = (head)->tqh_last; \
- *(head)->tqh_last = (elm); \
- (head)->tqh_last = &(elm)->field.tqe_next; \
-} while (0)
-
-#define TAILQ_INSERT_AFTER(head, listelm, elm, field) do { \
- if (((elm)->field.tqe_next = (listelm)->field.tqe_next) != NULL)\
- (elm)->field.tqe_next->field.tqe_prev = \
- &(elm)->field.tqe_next; \
- else \
- (head)->tqh_last = &(elm)->field.tqe_next; \
- (listelm)->field.tqe_next = (elm); \
- (elm)->field.tqe_prev = &(listelm)->field.tqe_next; \
-} while (0)
-
-#define TAILQ_INSERT_BEFORE(listelm, elm, field) do { \
- (elm)->field.tqe_prev = (listelm)->field.tqe_prev; \
- (elm)->field.tqe_next = (listelm); \
- *(listelm)->field.tqe_prev = (elm); \
- (listelm)->field.tqe_prev = &(elm)->field.tqe_next; \
-} while (0)
-
-#define TAILQ_REMOVE(head, elm, field) do { \
- if (((elm)->field.tqe_next) != NULL) \
- (elm)->field.tqe_next->field.tqe_prev = \
- (elm)->field.tqe_prev; \
- else \
- (head)->tqh_last = (elm)->field.tqe_prev; \
- *(elm)->field.tqe_prev = (elm)->field.tqe_next; \
-} while (0)
-
-#define TAILQ_REPLACE(head, elm, elm2, field) do { \
- if (((elm2)->field.tqe_next = (elm)->field.tqe_next) != NULL) \
- (elm2)->field.tqe_next->field.tqe_prev = \
- &(elm2)->field.tqe_next; \
- else \
- (head)->tqh_last = &(elm2)->field.tqe_next; \
- (elm2)->field.tqe_prev = (elm)->field.tqe_prev; \
- *(elm2)->field.tqe_prev = (elm2); \
-} while (0)
-
-/*
- * Circular queue definitions.
- */
-#define CIRCLEQ_HEAD(name, type) \
-struct name { \
- struct type *cqh_first; /* first element */ \
- struct type *cqh_last; /* last element */ \
-}
-
-#define CIRCLEQ_HEAD_INITIALIZER(head) \
- { CIRCLEQ_END(&head), CIRCLEQ_END(&head) }
-
-#define CIRCLEQ_ENTRY(type) \
-struct { \
- struct type *cqe_next; /* next element */ \
- struct type *cqe_prev; /* previous element */ \
-}
-
-/*
- * Circular queue access methods
- */
-#define CIRCLEQ_FIRST(head) ((head)->cqh_first)
-#define CIRCLEQ_LAST(head) ((head)->cqh_last)
-#define CIRCLEQ_END(head) ((void *)(head))
-#define CIRCLEQ_NEXT(elm, field) ((elm)->field.cqe_next)
-#define CIRCLEQ_PREV(elm, field) ((elm)->field.cqe_prev)
-#define CIRCLEQ_EMPTY(head) \
- (CIRCLEQ_FIRST(head) == CIRCLEQ_END(head))
-
-#define CIRCLEQ_FOREACH(var, head, field) \
- for((var) = CIRCLEQ_FIRST(head); \
- (var) != CIRCLEQ_END(head); \
- (var) = CIRCLEQ_NEXT(var, field))
-
-#define CIRCLEQ_FOREACH_REVERSE(var, head, field) \
- for((var) = CIRCLEQ_LAST(head); \
- (var) != CIRCLEQ_END(head); \
- (var) = CIRCLEQ_PREV(var, field))
-
-/*
- * Circular queue functions.
- */
-#define CIRCLEQ_INIT(head) do { \
- (head)->cqh_first = CIRCLEQ_END(head); \
- (head)->cqh_last = CIRCLEQ_END(head); \
-} while (0)
-
-#define CIRCLEQ_INSERT_AFTER(head, listelm, elm, field) do { \
- (elm)->field.cqe_next = (listelm)->field.cqe_next; \
- (elm)->field.cqe_prev = (listelm); \
- if ((listelm)->field.cqe_next == CIRCLEQ_END(head)) \
- (head)->cqh_last = (elm); \
- else \
- (listelm)->field.cqe_next->field.cqe_prev = (elm); \
- (listelm)->field.cqe_next = (elm); \
-} while (0)
-
-#define CIRCLEQ_INSERT_BEFORE(head, listelm, elm, field) do { \
- (elm)->field.cqe_next = (listelm); \
- (elm)->field.cqe_prev = (listelm)->field.cqe_prev; \
- if ((listelm)->field.cqe_prev == CIRCLEQ_END(head)) \
- (head)->cqh_first = (elm); \
- else \
- (listelm)->field.cqe_prev->field.cqe_next = (elm); \
- (listelm)->field.cqe_prev = (elm); \
-} while (0)
-
-#define CIRCLEQ_INSERT_HEAD(head, elm, field) do { \
- (elm)->field.cqe_next = (head)->cqh_first; \
- (elm)->field.cqe_prev = CIRCLEQ_END(head); \
- if ((head)->cqh_last == CIRCLEQ_END(head)) \
- (head)->cqh_last = (elm); \
- else \
- (head)->cqh_first->field.cqe_prev = (elm); \
- (head)->cqh_first = (elm); \
-} while (0)
-
-#define CIRCLEQ_INSERT_TAIL(head, elm, field) do { \
- (elm)->field.cqe_next = CIRCLEQ_END(head); \
- (elm)->field.cqe_prev = (head)->cqh_last; \
- if ((head)->cqh_first == CIRCLEQ_END(head)) \
- (head)->cqh_first = (elm); \
- else \
- (head)->cqh_last->field.cqe_next = (elm); \
- (head)->cqh_last = (elm); \
-} while (0)
-
-#define CIRCLEQ_REMOVE(head, elm, field) do { \
- if ((elm)->field.cqe_next == CIRCLEQ_END(head)) \
- (head)->cqh_last = (elm)->field.cqe_prev; \
- else \
- (elm)->field.cqe_next->field.cqe_prev = \
- (elm)->field.cqe_prev; \
- if ((elm)->field.cqe_prev == CIRCLEQ_END(head)) \
- (head)->cqh_first = (elm)->field.cqe_next; \
- else \
- (elm)->field.cqe_prev->field.cqe_next = \
- (elm)->field.cqe_next; \
-} while (0)
-
-#define CIRCLEQ_REPLACE(head, elm, elm2, field) do { \
- if (((elm2)->field.cqe_next = (elm)->field.cqe_next) == \
- CIRCLEQ_END(head)) \
- (head).cqh_last = (elm2); \
- else \
- (elm2)->field.cqe_next->field.cqe_prev = (elm2); \
- if (((elm2)->field.cqe_prev = (elm)->field.cqe_prev) == \
- CIRCLEQ_END(head)) \
- (head).cqh_first = (elm2); \
- else \
- (elm2)->field.cqe_prev->field.cqe_next = (elm2); \
-} while (0)
-
-#endif /* !_FAKE_QUEUE_H_ */
diff --git a/crypto/openssh/openbsd-compat/tree.h b/crypto/openssh/openbsd-compat/tree.h
deleted file mode 100644
index 30b4a8561ce3..000000000000
--- a/crypto/openssh/openbsd-compat/tree.h
+++ /dev/null
@@ -1,667 +0,0 @@
-/*
- * Copyright 2002 Niels Provos <provos@citi.umich.edu>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef _SYS_TREE_H_
-#define _SYS_TREE_H_
-
-/*
- * This file defines data structures for different types of trees:
- * splay trees and red-black trees.
- *
- * A splay tree is a self-organizing data structure. Every operation
- * on the tree causes a splay to happen. The splay moves the requested
- * node to the root of the tree and partly rebalances it.
- *
- * This has the benefit that request locality causes faster lookups as
- * the requested nodes move to the top of the tree. On the other hand,
- * every lookup causes memory writes.
- *
- * The Balance Theorem bounds the total access time for m operations
- * and n inserts on an initially empty tree as O((m + n)lg n). The
- * amortized cost for a sequence of m accesses to a splay tree is O(lg n);
- *
- * A red-black tree is a binary search tree with the node color as an
- * extra attribute. It fulfills a set of conditions:
- * - every search path from the root to a leaf consists of the
- * same number of black nodes,
- * - each red node (except for the root) has a black parent,
- * - each leaf node is black.
- *
- * Every operation on a red-black tree is bounded as O(lg n).
- * The maximum height of a red-black tree is 2lg (n+1).
- */
-
-#define SPLAY_HEAD(name, type) \
-struct name { \
- struct type *sph_root; /* root of the tree */ \
-}
-
-#define SPLAY_INITIALIZER(root) \
- { NULL }
-
-#define SPLAY_INIT(root) do { \
- (root)->sph_root = NULL; \
-} while (0)
-
-#define SPLAY_ENTRY(type) \
-struct { \
- struct type *spe_left; /* left element */ \
- struct type *spe_right; /* right element */ \
-}
-
-#define SPLAY_LEFT(elm, field) (elm)->field.spe_left
-#define SPLAY_RIGHT(elm, field) (elm)->field.spe_right
-#define SPLAY_ROOT(head) (head)->sph_root
-#define SPLAY_EMPTY(head) (SPLAY_ROOT(head) == NULL)
-
-/* SPLAY_ROTATE_{LEFT,RIGHT} expect that tmp hold SPLAY_{RIGHT,LEFT} */
-#define SPLAY_ROTATE_RIGHT(head, tmp, field) do { \
- SPLAY_LEFT((head)->sph_root, field) = SPLAY_RIGHT(tmp, field); \
- SPLAY_RIGHT(tmp, field) = (head)->sph_root; \
- (head)->sph_root = tmp; \
-} while (0)
-
-#define SPLAY_ROTATE_LEFT(head, tmp, field) do { \
- SPLAY_RIGHT((head)->sph_root, field) = SPLAY_LEFT(tmp, field); \
- SPLAY_LEFT(tmp, field) = (head)->sph_root; \
- (head)->sph_root = tmp; \
-} while (0)
-
-#define SPLAY_LINKLEFT(head, tmp, field) do { \
- SPLAY_LEFT(tmp, field) = (head)->sph_root; \
- tmp = (head)->sph_root; \
- (head)->sph_root = SPLAY_LEFT((head)->sph_root, field); \
-} while (0)
-
-#define SPLAY_LINKRIGHT(head, tmp, field) do { \
- SPLAY_RIGHT(tmp, field) = (head)->sph_root; \
- tmp = (head)->sph_root; \
- (head)->sph_root = SPLAY_RIGHT((head)->sph_root, field); \
-} while (0)
-
-#define SPLAY_ASSEMBLE(head, node, left, right, field) do { \
- SPLAY_RIGHT(left, field) = SPLAY_LEFT((head)->sph_root, field); \
- SPLAY_LEFT(right, field) = SPLAY_RIGHT((head)->sph_root, field);\
- SPLAY_LEFT((head)->sph_root, field) = SPLAY_RIGHT(node, field); \
- SPLAY_RIGHT((head)->sph_root, field) = SPLAY_LEFT(node, field); \
-} while (0)
-
-/* Generates prototypes and inline functions */
-
-#define SPLAY_PROTOTYPE(name, type, field, cmp) \
-void name##_SPLAY(struct name *, struct type *); \
-void name##_SPLAY_MINMAX(struct name *, int); \
- \
-static __inline void \
-name##_SPLAY_INSERT(struct name *head, struct type *elm) \
-{ \
- if (SPLAY_EMPTY(head)) { \
- SPLAY_LEFT(elm, field) = SPLAY_RIGHT(elm, field) = NULL; \
- } else { \
- int __comp; \
- name##_SPLAY(head, elm); \
- __comp = (cmp)(elm, (head)->sph_root); \
- if(__comp < 0) { \
- SPLAY_LEFT(elm, field) = SPLAY_LEFT((head)->sph_root, field);\
- SPLAY_RIGHT(elm, field) = (head)->sph_root; \
- SPLAY_LEFT((head)->sph_root, field) = NULL; \
- } else if (__comp > 0) { \
- SPLAY_RIGHT(elm, field) = SPLAY_RIGHT((head)->sph_root, field);\
- SPLAY_LEFT(elm, field) = (head)->sph_root; \
- SPLAY_RIGHT((head)->sph_root, field) = NULL; \
- } else \
- return; \
- } \
- (head)->sph_root = (elm); \
-} \
- \
-static __inline void \
-name##_SPLAY_REMOVE(struct name *head, struct type *elm) \
-{ \
- struct type *__tmp; \
- if (SPLAY_EMPTY(head)) \
- return; \
- name##_SPLAY(head, elm); \
- if ((cmp)(elm, (head)->sph_root) == 0) { \
- if (SPLAY_LEFT((head)->sph_root, field) == NULL) { \
- (head)->sph_root = SPLAY_RIGHT((head)->sph_root, field);\
- } else { \
- __tmp = SPLAY_RIGHT((head)->sph_root, field); \
- (head)->sph_root = SPLAY_LEFT((head)->sph_root, field);\
- name##_SPLAY(head, elm); \
- SPLAY_RIGHT((head)->sph_root, field) = __tmp; \
- } \
- } \
-} \
- \
-/* Finds the node with the same key as elm */ \
-static __inline struct type * \
-name##_SPLAY_FIND(struct name *head, struct type *elm) \
-{ \
- if (SPLAY_EMPTY(head)) \
- return(NULL); \
- name##_SPLAY(head, elm); \
- if ((cmp)(elm, (head)->sph_root) == 0) \
- return (head->sph_root); \
- return (NULL); \
-} \
- \
-static __inline struct type * \
-name##_SPLAY_NEXT(struct name *head, struct type *elm) \
-{ \
- name##_SPLAY(head, elm); \
- if (SPLAY_RIGHT(elm, field) != NULL) { \
- elm = SPLAY_RIGHT(elm, field); \
- while (SPLAY_LEFT(elm, field) != NULL) { \
- elm = SPLAY_LEFT(elm, field); \
- } \
- } else \
- elm = NULL; \
- return (elm); \
-} \
- \
-static __inline struct type * \
-name##_SPLAY_MIN_MAX(struct name *head, int val) \
-{ \
- name##_SPLAY_MINMAX(head, val); \
- return (SPLAY_ROOT(head)); \
-}
-
-/* Main splay operation.
- * Moves node close to the key of elm to top
- */
-#define SPLAY_GENERATE(name, type, field, cmp) \
-void name##_SPLAY(struct name *head, struct type *elm) \
-{ \
- struct type __node, *__left, *__right, *__tmp; \
- int __comp; \
-\
- SPLAY_LEFT(&__node, field) = SPLAY_RIGHT(&__node, field) = NULL;\
- __left = __right = &__node; \
-\
- while ((__comp = (cmp)(elm, (head)->sph_root))) { \
- if (__comp < 0) { \
- __tmp = SPLAY_LEFT((head)->sph_root, field); \
- if (__tmp == NULL) \
- break; \
- if ((cmp)(elm, __tmp) < 0){ \
- SPLAY_ROTATE_RIGHT(head, __tmp, field); \
- if (SPLAY_LEFT((head)->sph_root, field) == NULL)\
- break; \
- } \
- SPLAY_LINKLEFT(head, __right, field); \
- } else if (__comp > 0) { \
- __tmp = SPLAY_RIGHT((head)->sph_root, field); \
- if (__tmp == NULL) \
- break; \
- if ((cmp)(elm, __tmp) > 0){ \
- SPLAY_ROTATE_LEFT(head, __tmp, field); \
- if (SPLAY_RIGHT((head)->sph_root, field) == NULL)\
- break; \
- } \
- SPLAY_LINKRIGHT(head, __left, field); \
- } \
- } \
- SPLAY_ASSEMBLE(head, &__node, __left, __right, field); \
-} \
- \
-/* Splay with either the minimum or the maximum element \
- * Used to find minimum or maximum element in tree. \
- */ \
-void name##_SPLAY_MINMAX(struct name *head, int __comp) \
-{ \
- struct type __node, *__left, *__right, *__tmp; \
-\
- SPLAY_LEFT(&__node, field) = SPLAY_RIGHT(&__node, field) = NULL;\
- __left = __right = &__node; \
-\
- while (1) { \
- if (__comp < 0) { \
- __tmp = SPLAY_LEFT((head)->sph_root, field); \
- if (__tmp == NULL) \
- break; \
- if (__comp < 0){ \
- SPLAY_ROTATE_RIGHT(head, __tmp, field); \
- if (SPLAY_LEFT((head)->sph_root, field) == NULL)\
- break; \
- } \
- SPLAY_LINKLEFT(head, __right, field); \
- } else if (__comp > 0) { \
- __tmp = SPLAY_RIGHT((head)->sph_root, field); \
- if (__tmp == NULL) \
- break; \
- if (__comp > 0) { \
- SPLAY_ROTATE_LEFT(head, __tmp, field); \
- if (SPLAY_RIGHT((head)->sph_root, field) == NULL)\
- break; \
- } \
- SPLAY_LINKRIGHT(head, __left, field); \
- } \
- } \
- SPLAY_ASSEMBLE(head, &__node, __left, __right, field); \
-}
-
-#define SPLAY_NEGINF -1
-#define SPLAY_INF 1
-
-#define SPLAY_INSERT(name, x, y) name##_SPLAY_INSERT(x, y)
-#define SPLAY_REMOVE(name, x, y) name##_SPLAY_REMOVE(x, y)
-#define SPLAY_FIND(name, x, y) name##_SPLAY_FIND(x, y)
-#define SPLAY_NEXT(name, x, y) name##_SPLAY_NEXT(x, y)
-#define SPLAY_MIN(name, x) (SPLAY_EMPTY(x) ? NULL \
- : name##_SPLAY_MIN_MAX(x, SPLAY_NEGINF))
-#define SPLAY_MAX(name, x) (SPLAY_EMPTY(x) ? NULL \
- : name##_SPLAY_MIN_MAX(x, SPLAY_INF))
-
-#define SPLAY_FOREACH(x, name, head) \
- for ((x) = SPLAY_MIN(name, head); \
- (x) != NULL; \
- (x) = SPLAY_NEXT(name, head, x))
-
-/* Macros that define a red-back tree */
-#define RB_HEAD(name, type) \
-struct name { \
- struct type *rbh_root; /* root of the tree */ \
-}
-
-#define RB_INITIALIZER(root) \
- { NULL }
-
-#define RB_INIT(root) do { \
- (root)->rbh_root = NULL; \
-} while (0)
-
-#define RB_BLACK 0
-#define RB_RED 1
-#define RB_ENTRY(type) \
-struct { \
- struct type *rbe_left; /* left element */ \
- struct type *rbe_right; /* right element */ \
- struct type *rbe_parent; /* parent element */ \
- int rbe_color; /* node color */ \
-}
-
-#define RB_LEFT(elm, field) (elm)->field.rbe_left
-#define RB_RIGHT(elm, field) (elm)->field.rbe_right
-#define RB_PARENT(elm, field) (elm)->field.rbe_parent
-#define RB_COLOR(elm, field) (elm)->field.rbe_color
-#define RB_ROOT(head) (head)->rbh_root
-#define RB_EMPTY(head) (RB_ROOT(head) == NULL)
-
-#define RB_SET(elm, parent, field) do { \
- RB_PARENT(elm, field) = parent; \
- RB_LEFT(elm, field) = RB_RIGHT(elm, field) = NULL; \
- RB_COLOR(elm, field) = RB_RED; \
-} while (0)
-
-#define RB_SET_BLACKRED(black, red, field) do { \
- RB_COLOR(black, field) = RB_BLACK; \
- RB_COLOR(red, field) = RB_RED; \
-} while (0)
-
-#ifndef RB_AUGMENT
-#define RB_AUGMENT(x)
-#endif
-
-#define RB_ROTATE_LEFT(head, elm, tmp, field) do { \
- (tmp) = RB_RIGHT(elm, field); \
- if ((RB_RIGHT(elm, field) = RB_LEFT(tmp, field))) { \
- RB_PARENT(RB_LEFT(tmp, field), field) = (elm); \
- } \
- RB_AUGMENT(elm); \
- if ((RB_PARENT(tmp, field) = RB_PARENT(elm, field))) { \
- if ((elm) == RB_LEFT(RB_PARENT(elm, field), field)) \
- RB_LEFT(RB_PARENT(elm, field), field) = (tmp); \
- else \
- RB_RIGHT(RB_PARENT(elm, field), field) = (tmp); \
- RB_AUGMENT(RB_PARENT(elm, field)); \
- } else \
- (head)->rbh_root = (tmp); \
- RB_LEFT(tmp, field) = (elm); \
- RB_PARENT(elm, field) = (tmp); \
- RB_AUGMENT(tmp); \
-} while (0)
-
-#define RB_ROTATE_RIGHT(head, elm, tmp, field) do { \
- (tmp) = RB_LEFT(elm, field); \
- if ((RB_LEFT(elm, field) = RB_RIGHT(tmp, field))) { \
- RB_PARENT(RB_RIGHT(tmp, field), field) = (elm); \
- } \
- RB_AUGMENT(elm); \
- if ((RB_PARENT(tmp, field) = RB_PARENT(elm, field))) { \
- if ((elm) == RB_LEFT(RB_PARENT(elm, field), field)) \
- RB_LEFT(RB_PARENT(elm, field), field) = (tmp); \
- else \
- RB_RIGHT(RB_PARENT(elm, field), field) = (tmp); \
- RB_AUGMENT(RB_PARENT(elm, field)); \
- } else \
- (head)->rbh_root = (tmp); \
- RB_RIGHT(tmp, field) = (elm); \
- RB_PARENT(elm, field) = (tmp); \
- RB_AUGMENT(tmp); \
-} while (0)
-
-/* Generates prototypes and inline functions */
-#define RB_PROTOTYPE(name, type, field, cmp) \
-void name##_RB_INSERT_COLOR(struct name *, struct type *); \
-void name##_RB_REMOVE_COLOR(struct name *, struct type *, struct type *);\
-void name##_RB_REMOVE(struct name *, struct type *); \
-struct type *name##_RB_INSERT(struct name *, struct type *); \
-struct type *name##_RB_FIND(struct name *, struct type *); \
-struct type *name##_RB_NEXT(struct name *, struct type *); \
-struct type *name##_RB_MINMAX(struct name *, int); \
- \
-
-/* Main rb operation.
- * Moves node close to the key of elm to top
- */
-#define RB_GENERATE(name, type, field, cmp) \
-void \
-name##_RB_INSERT_COLOR(struct name *head, struct type *elm) \
-{ \
- struct type *parent, *gparent, *tmp; \
- while ((parent = RB_PARENT(elm, field)) && \
- RB_COLOR(parent, field) == RB_RED) { \
- gparent = RB_PARENT(parent, field); \
- if (parent == RB_LEFT(gparent, field)) { \
- tmp = RB_RIGHT(gparent, field); \
- if (tmp && RB_COLOR(tmp, field) == RB_RED) { \
- RB_COLOR(tmp, field) = RB_BLACK; \
- RB_SET_BLACKRED(parent, gparent, field);\
- elm = gparent; \
- continue; \
- } \
- if (RB_RIGHT(parent, field) == elm) { \
- RB_ROTATE_LEFT(head, parent, tmp, field);\
- tmp = parent; \
- parent = elm; \
- elm = tmp; \
- } \
- RB_SET_BLACKRED(parent, gparent, field); \
- RB_ROTATE_RIGHT(head, gparent, tmp, field); \
- } else { \
- tmp = RB_LEFT(gparent, field); \
- if (tmp && RB_COLOR(tmp, field) == RB_RED) { \
- RB_COLOR(tmp, field) = RB_BLACK; \
- RB_SET_BLACKRED(parent, gparent, field);\
- elm = gparent; \
- continue; \
- } \
- if (RB_LEFT(parent, field) == elm) { \
- RB_ROTATE_RIGHT(head, parent, tmp, field);\
- tmp = parent; \
- parent = elm; \
- elm = tmp; \
- } \
- RB_SET_BLACKRED(parent, gparent, field); \
- RB_ROTATE_LEFT(head, gparent, tmp, field); \
- } \
- } \
- RB_COLOR(head->rbh_root, field) = RB_BLACK; \
-} \
- \
-void \
-name##_RB_REMOVE_COLOR(struct name *head, struct type *parent, struct type *elm) \
-{ \
- struct type *tmp; \
- while ((elm == NULL || RB_COLOR(elm, field) == RB_BLACK) && \
- elm != RB_ROOT(head)) { \
- if (RB_LEFT(parent, field) == elm) { \
- tmp = RB_RIGHT(parent, field); \
- if (RB_COLOR(tmp, field) == RB_RED) { \
- RB_SET_BLACKRED(tmp, parent, field); \
- RB_ROTATE_LEFT(head, parent, tmp, field);\
- tmp = RB_RIGHT(parent, field); \
- } \
- if ((RB_LEFT(tmp, field) == NULL || \
- RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) &&\
- (RB_RIGHT(tmp, field) == NULL || \
- RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK)) {\
- RB_COLOR(tmp, field) = RB_RED; \
- elm = parent; \
- parent = RB_PARENT(elm, field); \
- } else { \
- if (RB_RIGHT(tmp, field) == NULL || \
- RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK) {\
- struct type *oleft; \
- if ((oleft = RB_LEFT(tmp, field)))\
- RB_COLOR(oleft, field) = RB_BLACK;\
- RB_COLOR(tmp, field) = RB_RED; \
- RB_ROTATE_RIGHT(head, tmp, oleft, field);\
- tmp = RB_RIGHT(parent, field); \
- } \
- RB_COLOR(tmp, field) = RB_COLOR(parent, field);\
- RB_COLOR(parent, field) = RB_BLACK; \
- if (RB_RIGHT(tmp, field)) \
- RB_COLOR(RB_RIGHT(tmp, field), field) = RB_BLACK;\
- RB_ROTATE_LEFT(head, parent, tmp, field);\
- elm = RB_ROOT(head); \
- break; \
- } \
- } else { \
- tmp = RB_LEFT(parent, field); \
- if (RB_COLOR(tmp, field) == RB_RED) { \
- RB_SET_BLACKRED(tmp, parent, field); \
- RB_ROTATE_RIGHT(head, parent, tmp, field);\
- tmp = RB_LEFT(parent, field); \
- } \
- if ((RB_LEFT(tmp, field) == NULL || \
- RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) &&\
- (RB_RIGHT(tmp, field) == NULL || \
- RB_COLOR(RB_RIGHT(tmp, field), field) == RB_BLACK)) {\
- RB_COLOR(tmp, field) = RB_RED; \
- elm = parent; \
- parent = RB_PARENT(elm, field); \
- } else { \
- if (RB_LEFT(tmp, field) == NULL || \
- RB_COLOR(RB_LEFT(tmp, field), field) == RB_BLACK) {\
- struct type *oright; \
- if ((oright = RB_RIGHT(tmp, field)))\
- RB_COLOR(oright, field) = RB_BLACK;\
- RB_COLOR(tmp, field) = RB_RED; \
- RB_ROTATE_LEFT(head, tmp, oright, field);\
- tmp = RB_LEFT(parent, field); \
- } \
- RB_COLOR(tmp, field) = RB_COLOR(parent, field);\
- RB_COLOR(parent, field) = RB_BLACK; \
- if (RB_LEFT(tmp, field)) \
- RB_COLOR(RB_LEFT(tmp, field), field) = RB_BLACK;\
- RB_ROTATE_RIGHT(head, parent, tmp, field);\
- elm = RB_ROOT(head); \
- break; \
- } \
- } \
- } \
- if (elm) \
- RB_COLOR(elm, field) = RB_BLACK; \
-} \
- \
-void \
-name##_RB_REMOVE(struct name *head, struct type *elm) \
-{ \
- struct type *child, *parent; \
- int color; \
- if (RB_LEFT(elm, field) == NULL) \
- child = RB_RIGHT(elm, field); \
- else if (RB_RIGHT(elm, field) == NULL) \
- child = RB_LEFT(elm, field); \
- else { \
- struct type *old = elm, *left; \
- elm = RB_RIGHT(elm, field); \
- while ((left = RB_LEFT(elm, field))) \
- elm = left; \
- child = RB_RIGHT(elm, field); \
- parent = RB_PARENT(elm, field); \
- color = RB_COLOR(elm, field); \
- if (child) \
- RB_PARENT(child, field) = parent; \
- if (parent) { \
- if (RB_LEFT(parent, field) == elm) \
- RB_LEFT(parent, field) = child; \
- else \
- RB_RIGHT(parent, field) = child; \
- RB_AUGMENT(parent); \
- } else \
- RB_ROOT(head) = child; \
- if (RB_PARENT(elm, field) == old) \
- parent = elm; \
- (elm)->field = (old)->field; \
- if (RB_PARENT(old, field)) { \
- if (RB_LEFT(RB_PARENT(old, field), field) == old)\
- RB_LEFT(RB_PARENT(old, field), field) = elm;\
- else \
- RB_RIGHT(RB_PARENT(old, field), field) = elm;\
- RB_AUGMENT(RB_PARENT(old, field)); \
- } else \
- RB_ROOT(head) = elm; \
- RB_PARENT(RB_LEFT(old, field), field) = elm; \
- if (RB_RIGHT(old, field)) \
- RB_PARENT(RB_RIGHT(old, field), field) = elm; \
- if (parent) { \
- left = parent; \
- do { \
- RB_AUGMENT(left); \
- } while ((left = RB_PARENT(left, field))); \
- } \
- goto color; \
- } \
- parent = RB_PARENT(elm, field); \
- color = RB_COLOR(elm, field); \
- if (child) \
- RB_PARENT(child, field) = parent; \
- if (parent) { \
- if (RB_LEFT(parent, field) == elm) \
- RB_LEFT(parent, field) = child; \
- else \
- RB_RIGHT(parent, field) = child; \
- RB_AUGMENT(parent); \
- } else \
- RB_ROOT(head) = child; \
-color: \
- if (color == RB_BLACK) \
- name##_RB_REMOVE_COLOR(head, parent, child); \
-} \
- \
-/* Inserts a node into the RB tree */ \
-struct type * \
-name##_RB_INSERT(struct name *head, struct type *elm) \
-{ \
- struct type *tmp; \
- struct type *parent = NULL; \
- int comp = 0; \
- tmp = RB_ROOT(head); \
- while (tmp) { \
- parent = tmp; \
- comp = (cmp)(elm, parent); \
- if (comp < 0) \
- tmp = RB_LEFT(tmp, field); \
- else if (comp > 0) \
- tmp = RB_RIGHT(tmp, field); \
- else \
- return (tmp); \
- } \
- RB_SET(elm, parent, field); \
- if (parent != NULL) { \
- if (comp < 0) \
- RB_LEFT(parent, field) = elm; \
- else \
- RB_RIGHT(parent, field) = elm; \
- RB_AUGMENT(parent); \
- } else \
- RB_ROOT(head) = elm; \
- name##_RB_INSERT_COLOR(head, elm); \
- return (NULL); \
-} \
- \
-/* Finds the node with the same key as elm */ \
-struct type * \
-name##_RB_FIND(struct name *head, struct type *elm) \
-{ \
- struct type *tmp = RB_ROOT(head); \
- int comp; \
- while (tmp) { \
- comp = cmp(elm, tmp); \
- if (comp < 0) \
- tmp = RB_LEFT(tmp, field); \
- else if (comp > 0) \
- tmp = RB_RIGHT(tmp, field); \
- else \
- return (tmp); \
- } \
- return (NULL); \
-} \
- \
-struct type * \
-name##_RB_NEXT(struct name *head, struct type *elm) \
-{ \
- if (RB_RIGHT(elm, field)) { \
- elm = RB_RIGHT(elm, field); \
- while (RB_LEFT(elm, field)) \
- elm = RB_LEFT(elm, field); \
- } else { \
- if (RB_PARENT(elm, field) && \
- (elm == RB_LEFT(RB_PARENT(elm, field), field))) \
- elm = RB_PARENT(elm, field); \
- else { \
- while (RB_PARENT(elm, field) && \
- (elm == RB_RIGHT(RB_PARENT(elm, field), field)))\
- elm = RB_PARENT(elm, field); \
- elm = RB_PARENT(elm, field); \
- } \
- } \
- return (elm); \
-} \
- \
-struct type * \
-name##_RB_MINMAX(struct name *head, int val) \
-{ \
- struct type *tmp = RB_ROOT(head); \
- struct type *parent = NULL; \
- while (tmp) { \
- parent = tmp; \
- if (val < 0) \
- tmp = RB_LEFT(tmp, field); \
- else \
- tmp = RB_RIGHT(tmp, field); \
- } \
- return (parent); \
-}
-
-#define RB_NEGINF -1
-#define RB_INF 1
-
-#define RB_INSERT(name, x, y) name##_RB_INSERT(x, y)
-#define RB_REMOVE(name, x, y) name##_RB_REMOVE(x, y)
-#define RB_FIND(name, x, y) name##_RB_FIND(x, y)
-#define RB_NEXT(name, x, y) name##_RB_NEXT(x, y)
-#define RB_MIN(name, x) name##_RB_MINMAX(x, RB_NEGINF)
-#define RB_MAX(name, x) name##_RB_MINMAX(x, RB_INF)
-
-#define RB_FOREACH(x, name, head) \
- for ((x) = RB_MIN(name, head); \
- (x) != NULL; \
- (x) = name##_RB_NEXT(head, x))
-
-#endif /* _SYS_TREE_H_ */
diff --git a/crypto/openssh/pty.c b/crypto/openssh/pty.c
deleted file mode 100644
index 9300bd530415..000000000000
--- a/crypto/openssh/pty.c
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- * Allocating a pseudo-terminal, and making it the controlling tty.
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: pty.c,v 1.16 2000/09/07 21:13:37 markus Exp $");
-
-#include <util.h>
-#include "pty.h"
-#include "ssh.h"
-
-/* Pty allocated with _getpty gets broken if we do I_PUSH:es to it. */
-#if defined(HAVE__GETPTY) || defined(HAVE_OPENPTY)
-#undef HAVE_DEV_PTMX
-#endif
-
-#ifndef O_NOCTTY
-#define O_NOCTTY 0
-#endif
-
-/*
- * Allocates and opens a pty. Returns 0 if no pty could be allocated, or
- * nonzero if a pty was successfully allocated. On success, open file
- * descriptors for the pty and tty sides and the name of the tty side are
- * returned (the buffer must be able to hold at least 64 characters).
- */
-
-int
-pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, int namebuflen)
-{
-#if defined(HAVE_OPENPTY) || defined(BSD4_4)
- /* openpty(3) exists in OSF/1 and some other os'es */
- char buf[64];
- int i;
-
- i = openpty(ptyfd, ttyfd, buf, NULL, NULL);
- if (i < 0) {
- error("openpty: %.100s", strerror(errno));
- return 0;
- }
- strlcpy(namebuf, buf, namebuflen); /* possible truncation */
- return 1;
-#else /* HAVE_OPENPTY */
-#ifdef HAVE__GETPTY
- /*
- * _getpty(3) exists in SGI Irix 4.x, 5.x & 6.x -- it generates more
- * pty's automagically when needed
- */
- char *slave;
-
- slave = _getpty(ptyfd, O_RDWR, 0622, 0);
- if (slave == NULL) {
- error("_getpty: %.100s", strerror(errno));
- return 0;
- }
- strlcpy(namebuf, slave, namebuflen);
- /* Open the slave side. */
- *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
- if (*ttyfd < 0) {
- error("%.200s: %.100s", namebuf, strerror(errno));
- close(*ptyfd);
- return 0;
- }
- return 1;
-#else /* HAVE__GETPTY */
-#ifdef HAVE_DEV_PTMX
- /*
- * This code is used e.g. on Solaris 2.x. (Note that Solaris 2.3
- * also has bsd-style ptys, but they simply do not work.)
- */
- int ptm;
- char *pts;
-
- ptm = open("/dev/ptmx", O_RDWR | O_NOCTTY);
- if (ptm < 0) {
- error("/dev/ptmx: %.100s", strerror(errno));
- return 0;
- }
- if (grantpt(ptm) < 0) {
- error("grantpt: %.100s", strerror(errno));
- return 0;
- }
- if (unlockpt(ptm) < 0) {
- error("unlockpt: %.100s", strerror(errno));
- return 0;
- }
- pts = ptsname(ptm);
- if (pts == NULL)
- error("Slave pty side name could not be obtained.");
- strlcpy(namebuf, pts, namebuflen);
- *ptyfd = ptm;
-
- /* Open the slave side. */
- *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
- if (*ttyfd < 0) {
- error("%.100s: %.100s", namebuf, strerror(errno));
- close(*ptyfd);
- return 0;
- }
- /* Push the appropriate streams modules, as described in Solaris pts(7). */
- if (ioctl(*ttyfd, I_PUSH, "ptem") < 0)
- error("ioctl I_PUSH ptem: %.100s", strerror(errno));
- if (ioctl(*ttyfd, I_PUSH, "ldterm") < 0)
- error("ioctl I_PUSH ldterm: %.100s", strerror(errno));
- if (ioctl(*ttyfd, I_PUSH, "ttcompat") < 0)
- error("ioctl I_PUSH ttcompat: %.100s", strerror(errno));
- return 1;
-#else /* HAVE_DEV_PTMX */
-#ifdef HAVE_DEV_PTS_AND_PTC
- /* AIX-style pty code. */
- const char *name;
-
- *ptyfd = open("/dev/ptc", O_RDWR | O_NOCTTY);
- if (*ptyfd < 0) {
- error("Could not open /dev/ptc: %.100s", strerror(errno));
- return 0;
- }
- name = ttyname(*ptyfd);
- if (!name)
- fatal("Open of /dev/ptc returns device for which ttyname fails.");
- strlcpy(namebuf, name, namebuflen);
- *ttyfd = open(name, O_RDWR | O_NOCTTY);
- if (*ttyfd < 0) {
- error("Could not open pty slave side %.100s: %.100s",
- name, strerror(errno));
- close(*ptyfd);
- return 0;
- }
- return 1;
-#else /* HAVE_DEV_PTS_AND_PTC */
- /* BSD-style pty code. */
- char buf[64];
- int i;
- const char *ptymajors = "pqrstuvwxyzabcdefghijklmnoABCDEFGHIJKLMNOPQRSTUVWXYZ";
- const char *ptyminors = "0123456789abcdef";
- int num_minors = strlen(ptyminors);
- int num_ptys = strlen(ptymajors) * num_minors;
-
- for (i = 0; i < num_ptys; i++) {
- snprintf(buf, sizeof buf, "/dev/pty%c%c", ptymajors[i / num_minors],
- ptyminors[i % num_minors]);
- *ptyfd = open(buf, O_RDWR | O_NOCTTY);
- if (*ptyfd < 0)
- continue;
- snprintf(namebuf, namebuflen, "/dev/tty%c%c",
- ptymajors[i / num_minors], ptyminors[i % num_minors]);
-
- /* Open the slave side. */
- *ttyfd = open(namebuf, O_RDWR | O_NOCTTY);
- if (*ttyfd < 0) {
- error("%.100s: %.100s", namebuf, strerror(errno));
- close(*ptyfd);
- return 0;
- }
- return 1;
- }
- return 0;
-#endif /* HAVE_DEV_PTS_AND_PTC */
-#endif /* HAVE_DEV_PTMX */
-#endif /* HAVE__GETPTY */
-#endif /* HAVE_OPENPTY */
-}
-
-/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */
-
-void
-pty_release(const char *ttyname)
-{
- if (chown(ttyname, (uid_t) 0, (gid_t) 0) < 0)
- error("chown %.100s 0 0 failed: %.100s", ttyname, strerror(errno));
- if (chmod(ttyname, (mode_t) 0666) < 0)
- error("chmod %.100s 0666 failed: %.100s", ttyname, strerror(errno));
-}
-
-/* Makes the tty the processes controlling tty and sets it to sane modes. */
-
-void
-pty_make_controlling_tty(int *ttyfd, const char *ttyname)
-{
- int fd;
-
- /* First disconnect from the old controlling tty. */
-#ifdef TIOCNOTTY
- fd = open("/dev/tty", O_RDWR | O_NOCTTY);
- if (fd >= 0) {
- (void) ioctl(fd, TIOCNOTTY, NULL);
- close(fd);
- }
-#endif /* TIOCNOTTY */
- if (setsid() < 0)
- error("setsid: %.100s", strerror(errno));
-
- /*
- * Verify that we are successfully disconnected from the controlling
- * tty.
- */
- fd = open("/dev/tty", O_RDWR | O_NOCTTY);
- if (fd >= 0) {
- error("Failed to disconnect from controlling tty.");
- close(fd);
- }
- /* Make it our controlling tty. */
-#ifdef TIOCSCTTY
- debug("Setting controlling tty using TIOCSCTTY.");
- /*
- * We ignore errors from this, because HPSUX defines TIOCSCTTY, but
- * returns EINVAL with these arguments, and there is absolutely no
- * documentation.
- */
- ioctl(*ttyfd, TIOCSCTTY, NULL);
-#endif /* TIOCSCTTY */
- fd = open(ttyname, O_RDWR);
- if (fd < 0)
- error("%.100s: %.100s", ttyname, strerror(errno));
- else
- close(fd);
-
- /* Verify that we now have a controlling tty. */
- fd = open("/dev/tty", O_WRONLY);
- if (fd < 0)
- error("open /dev/tty failed - could not set controlling tty: %.100s",
- strerror(errno));
- else {
- close(fd);
- }
-}
-
-/* Changes the window size associated with the pty. */
-
-void
-pty_change_window_size(int ptyfd, int row, int col,
- int xpixel, int ypixel)
-{
- struct winsize w;
- w.ws_row = row;
- w.ws_col = col;
- w.ws_xpixel = xpixel;
- w.ws_ypixel = ypixel;
- (void) ioctl(ptyfd, TIOCSWINSZ, &w);
-}
-
-void
-pty_setowner(struct passwd *pw, const char *ttyname)
-{
- struct group *grp;
- gid_t gid;
- mode_t mode;
-
- /* Determine the group to make the owner of the tty. */
- grp = getgrnam("tty");
- if (grp) {
- gid = grp->gr_gid;
- mode = S_IRUSR | S_IWUSR | S_IWGRP;
- } else {
- gid = pw->pw_gid;
- mode = S_IRUSR | S_IWUSR | S_IWGRP | S_IWOTH;
- }
-
- /* Change ownership of the tty. */
- if (chown(ttyname, pw->pw_uid, gid) < 0)
- fatal("chown(%.100s, %d, %d) failed: %.100s",
- ttyname, pw->pw_uid, gid, strerror(errno));
- if (chmod(ttyname, mode) < 0)
- fatal("chmod(%.100s, 0%o) failed: %.100s",
- ttyname, mode, strerror(errno));
-}
diff --git a/crypto/openssh/pty.h b/crypto/openssh/pty.h
deleted file mode 100644
index 13d8e6026cc3..000000000000
--- a/crypto/openssh/pty.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- * Functions for allocating a pseudo-terminal and making it the controlling
- * tty.
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-/* RCSID("$OpenBSD: pty.h,v 1.8 2000/09/07 20:27:52 deraadt Exp $"); */
-
-#ifndef PTY_H
-#define PTY_H
-
-/*
- * Allocates and opens a pty. Returns 0 if no pty could be allocated, or
- * nonzero if a pty was successfully allocated. On success, open file
- * descriptors for the pty and tty sides and the name of the tty side are
- * returned (the buffer must be able to hold at least 64 characters).
- */
-int pty_allocate(int *ptyfd, int *ttyfd, char *ttyname, int ttynamelen);
-
-/*
- * Releases the tty. Its ownership is returned to root, and permissions to
- * 0666.
- */
-void pty_release(const char *ttyname);
-
-/*
- * Makes the tty the processes controlling tty and sets it to sane modes.
- * This may need to reopen the tty to get rid of possible eavesdroppers.
- */
-void pty_make_controlling_tty(int *ttyfd, const char *ttyname);
-
-/* Changes the window size associated with the pty. */
-void
-pty_change_window_size(int ptyfd, int row, int col,
- int xpixel, int ypixel);
-
-void pty_setowner(struct passwd *pw, const char *ttyname);
-
-#endif /* PTY_H */
diff --git a/crypto/openssh/readpass.h b/crypto/openssh/readpass.h
deleted file mode 100644
index a45d32f2a76b..000000000000
--- a/crypto/openssh/readpass.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/* $OpenBSD: readpass.h,v 1.7 2002/03/26 15:58:46 markus Exp $ */
-
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-#define RP_ECHO 0x0001
-#define RP_ALLOW_STDIN 0x0002
-#define RP_ALLOW_EOF 0x0004
-
-char *read_passphrase(const char *, int);
diff --git a/crypto/openssh/regress/copy.1 b/crypto/openssh/regress/copy.1
deleted file mode 100755
index 92d4d20f9fba..000000000000
--- a/crypto/openssh/regress/copy.1
+++ /dev/null
Binary files differ
diff --git a/crypto/openssh/regress/copy.2 b/crypto/openssh/regress/copy.2
deleted file mode 100755
index 92d4d20f9fba..000000000000
--- a/crypto/openssh/regress/copy.2
+++ /dev/null
Binary files differ
diff --git a/crypto/openssh/scard/.cvsignore b/crypto/openssh/scard/.cvsignore
deleted file mode 100644
index 5349d34aeabd..000000000000
--- a/crypto/openssh/scard/.cvsignore
+++ /dev/null
@@ -1,2 +0,0 @@
-Makefile
-Ssh.bin
diff --git a/crypto/openssh/scard/Makefile b/crypto/openssh/scard/Makefile
deleted file mode 100644
index 1cf7bbd2ca1e..000000000000
--- a/crypto/openssh/scard/Makefile
+++ /dev/null
@@ -1,20 +0,0 @@
-# $OpenBSD: Makefile,v 1.2 2001/06/29 07:02:09 markus Exp $
-
-.PATH: ${.CURDIR}/..
-
-CARDLET= Ssh.bin
-DATADIR= /usr/libdata/ssh
-
-all: ${CARDLET}
-
-clean:
- rm -f ${CARDLET}
-
-install: ${CARDLET}
- install -c -m ${LIBMODE} -o ${LIBOWN} -g ${LIBGRP} \
- ${CARDLET} ${DESTDIR}${DATADIR}
-
-Ssh.bin: ${.CURDIR}/Ssh.bin.uu
- uudecode ${.CURDIR}/$@.uu
-
-.include <bsd.prog.mk>
diff --git a/crypto/openssh/scp-common.c b/crypto/openssh/scp-common.c
deleted file mode 100644
index 7e5f09c74fae..000000000000
--- a/crypto/openssh/scp-common.c
+++ /dev/null
@@ -1,98 +0,0 @@
-/*
- * Copyright (c) 1999 Theo de Raadt. All rights reserved.
- * Copyright (c) 1999 Aaron Campbell. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * Parts from:
- *
- * Copyright (c) 1983, 1990, 1992, 1993, 1995
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: scp-common.c,v 1.1 2001/04/16 02:31:43 mouring Exp $");
-
-char *
-cleanhostname(host)
- char *host;
-{
- if (*host == '[' && host[strlen(host) - 1] == ']') {
- host[strlen(host) - 1] = '\0';
- return (host + 1);
- } else
- return host;
-}
-
-char *
-colon(cp)
- char *cp;
-{
- int flag = 0;
-
- if (*cp == ':') /* Leading colon is part of file name. */
- return (0);
- if (*cp == '[')
- flag = 1;
-
- for (; *cp; ++cp) {
- if (*cp == '@' && *(cp+1) == '[')
- flag = 1;
- if (*cp == ']' && *(cp+1) == ':' && flag)
- return (cp+1);
- if (*cp == ':' && !flag)
- return (cp);
- if (*cp == '/')
- return (0);
- }
- return (0);
-}
diff --git a/crypto/openssh/scp-common.h b/crypto/openssh/scp-common.h
deleted file mode 100644
index e0ab6ec32a7d..000000000000
--- a/crypto/openssh/scp-common.h
+++ /dev/null
@@ -1,64 +0,0 @@
-/* $OpenBSD: scp-common.h,v 1.1 2001/04/16 02:31:43 mouring Exp $ */
-/*
- * Copyright (c) 1999 Theo de Raadt. All rights reserved.
- * Copyright (c) 1999 Aaron Campbell. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/*
- * Parts from:
- *
- * Copyright (c) 1983, 1990, 1992, 1993, 1995
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- */
-
-char *cleanhostname(char *host);
-char *colon(char *cp);
diff --git a/crypto/openssh/scp/Makefile b/crypto/openssh/scp/Makefile
deleted file mode 100644
index c8959bbf6d2d..000000000000
--- a/crypto/openssh/scp/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-# $OpenBSD: Makefile,v 1.13 2001/05/03 23:09:55 mouring Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= scp
-BINOWN= root
-
-BINMODE?=555
-
-BINDIR= /usr/bin
-MAN= scp.1
-
-SRCS= scp.c misc.c
-
-.include <bsd.prog.mk>
diff --git a/crypto/openssh/sftp-glob.h b/crypto/openssh/sftp-glob.h
deleted file mode 100644
index f879e8719b4b..000000000000
--- a/crypto/openssh/sftp-glob.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* $OpenBSD: sftp-glob.h,v 1.8 2002/09/11 22:41:50 djm Exp $ */
-
-/*
- * Copyright (c) 2001,2002 Damien Miller. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* Remote sftp filename globbing */
-
-#ifndef _SFTP_GLOB_H
-#define _SFTP_GLOB_H
-
-#include "sftp-client.h"
-
-int remote_glob(struct sftp_conn *, const char *, int,
- int (*)(const char *, int), glob_t *);
-
-#endif
diff --git a/crypto/openssh/sftp-int.c b/crypto/openssh/sftp-int.c
deleted file mode 100644
index c93eaabffbe3..000000000000
--- a/crypto/openssh/sftp-int.c
+++ /dev/null
@@ -1,1191 +0,0 @@
-/*
- * Copyright (c) 2001,2002 Damien Miller. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-/* XXX: recursive operations */
-
-#include "includes.h"
-RCSID("$OpenBSD: sftp-int.c,v 1.62 2003/08/25 08:13:09 fgsch Exp $");
-
-#include "buffer.h"
-#include "xmalloc.h"
-#include "log.h"
-#include "pathnames.h"
-
-#include "sftp.h"
-#include "sftp-common.h"
-#include "sftp-glob.h"
-#include "sftp-client.h"
-#include "sftp-int.h"
-
-/* File to read commands from */
-extern FILE *infile;
-
-/* Size of buffer used when copying files */
-extern size_t copy_buffer_len;
-
-/* Number of concurrent outstanding requests */
-extern int num_requests;
-
-/* This is set to 0 if the progressmeter is not desired. */
-int showprogress = 1;
-
-/* Seperators for interactive commands */
-#define WHITESPACE " \t\r\n"
-
-/* Define what type of ls view (0 - multi-column) */
-#define LONG_VIEW 1 /* Full view ala ls -l */
-#define SHORT_VIEW 2 /* Single row view ala ls -1 */
-
-/* Commands for interactive mode */
-#define I_CHDIR 1
-#define I_CHGRP 2
-#define I_CHMOD 3
-#define I_CHOWN 4
-#define I_GET 5
-#define I_HELP 6
-#define I_LCHDIR 7
-#define I_LLS 8
-#define I_LMKDIR 9
-#define I_LPWD 10
-#define I_LS 11
-#define I_LUMASK 12
-#define I_MKDIR 13
-#define I_PUT 14
-#define I_PWD 15
-#define I_QUIT 16
-#define I_RENAME 17
-#define I_RM 18
-#define I_RMDIR 19
-#define I_SHELL 20
-#define I_SYMLINK 21
-#define I_VERSION 22
-#define I_PROGRESS 23
-
-struct CMD {
- const char *c;
- const int n;
-};
-
-static const struct CMD cmds[] = {
- { "bye", I_QUIT },
- { "cd", I_CHDIR },
- { "chdir", I_CHDIR },
- { "chgrp", I_CHGRP },
- { "chmod", I_CHMOD },
- { "chown", I_CHOWN },
- { "dir", I_LS },
- { "exit", I_QUIT },
- { "get", I_GET },
- { "mget", I_GET },
- { "help", I_HELP },
- { "lcd", I_LCHDIR },
- { "lchdir", I_LCHDIR },
- { "lls", I_LLS },
- { "lmkdir", I_LMKDIR },
- { "ln", I_SYMLINK },
- { "lpwd", I_LPWD },
- { "ls", I_LS },
- { "lumask", I_LUMASK },
- { "mkdir", I_MKDIR },
- { "progress", I_PROGRESS },
- { "put", I_PUT },
- { "mput", I_PUT },
- { "pwd", I_PWD },
- { "quit", I_QUIT },
- { "rename", I_RENAME },
- { "rm", I_RM },
- { "rmdir", I_RMDIR },
- { "symlink", I_SYMLINK },
- { "version", I_VERSION },
- { "!", I_SHELL },
- { "?", I_HELP },
- { NULL, -1}
-};
-
-static void
-help(void)
-{
- printf("Available commands:\n");
- printf("cd path Change remote directory to 'path'\n");
- printf("lcd path Change local directory to 'path'\n");
- printf("chgrp grp path Change group of file 'path' to 'grp'\n");
- printf("chmod mode path Change permissions of file 'path' to 'mode'\n");
- printf("chown own path Change owner of file 'path' to 'own'\n");
- printf("help Display this help text\n");
- printf("get remote-path [local-path] Download file\n");
- printf("lls [ls-options [path]] Display local directory listing\n");
- printf("ln oldpath newpath Symlink remote file\n");
- printf("lmkdir path Create local directory\n");
- printf("lpwd Print local working directory\n");
- printf("ls [path] Display remote directory listing\n");
- printf("lumask umask Set local umask to 'umask'\n");
- printf("mkdir path Create remote directory\n");
- printf("progress Toggle display of progress meter\n");
- printf("put local-path [remote-path] Upload file\n");
- printf("pwd Display remote working directory\n");
- printf("exit Quit sftp\n");
- printf("quit Quit sftp\n");
- printf("rename oldpath newpath Rename remote file\n");
- printf("rmdir path Remove remote directory\n");
- printf("rm path Delete remote file\n");
- printf("symlink oldpath newpath Symlink remote file\n");
- printf("version Show SFTP version\n");
- printf("!command Execute 'command' in local shell\n");
- printf("! Escape to local shell\n");
- printf("? Synonym for help\n");
-}
-
-static void
-local_do_shell(const char *args)
-{
- int status;
- char *shell;
- pid_t pid;
-
- if (!*args)
- args = NULL;
-
- if ((shell = getenv("SHELL")) == NULL)
- shell = _PATH_BSHELL;
-
- if ((pid = fork()) == -1)
- fatal("Couldn't fork: %s", strerror(errno));
-
- if (pid == 0) {
- /* XXX: child has pipe fds to ssh subproc open - issue? */
- if (args) {
- debug3("Executing %s -c \"%s\"", shell, args);
- execl(shell, shell, "-c", args, (char *)NULL);
- } else {
- debug3("Executing %s", shell);
- execl(shell, shell, (char *)NULL);
- }
- fprintf(stderr, "Couldn't execute \"%s\": %s\n", shell,
- strerror(errno));
- _exit(1);
- }
- while (waitpid(pid, &status, 0) == -1)
- if (errno != EINTR)
- fatal("Couldn't wait for child: %s", strerror(errno));
- if (!WIFEXITED(status))
- error("Shell exited abormally");
- else if (WEXITSTATUS(status))
- error("Shell exited with status %d", WEXITSTATUS(status));
-}
-
-static void
-local_do_ls(const char *args)
-{
- if (!args || !*args)
- local_do_shell(_PATH_LS);
- else {
- int len = strlen(_PATH_LS " ") + strlen(args) + 1;
- char *buf = xmalloc(len);
-
- /* XXX: quoting - rip quoting code from ftp? */
- snprintf(buf, len, _PATH_LS " %s", args);
- local_do_shell(buf);
- xfree(buf);
- }
-}
-
-/* Strip one path (usually the pwd) from the start of another */
-static char *
-path_strip(char *path, char *strip)
-{
- size_t len;
-
- if (strip == NULL)
- return (xstrdup(path));
-
- len = strlen(strip);
- if (strip != NULL && strncmp(path, strip, len) == 0) {
- if (strip[len - 1] != '/' && path[len] == '/')
- len++;
- return (xstrdup(path + len));
- }
-
- return (xstrdup(path));
-}
-
-static char *
-path_append(char *p1, char *p2)
-{
- char *ret;
- int len = strlen(p1) + strlen(p2) + 2;
-
- ret = xmalloc(len);
- strlcpy(ret, p1, len);
- if (p1[strlen(p1) - 1] != '/')
- strlcat(ret, "/", len);
- strlcat(ret, p2, len);
-
- return(ret);
-}
-
-static char *
-make_absolute(char *p, char *pwd)
-{
- char *abs;
-
- /* Derelativise */
- if (p && p[0] != '/') {
- abs = path_append(pwd, p);
- xfree(p);
- return(abs);
- } else
- return(p);
-}
-
-static int
-infer_path(const char *p, char **ifp)
-{
- char *cp;
-
- cp = strrchr(p, '/');
- if (cp == NULL) {
- *ifp = xstrdup(p);
- return(0);
- }
-
- if (!cp[1]) {
- error("Invalid path");
- return(-1);
- }
-
- *ifp = xstrdup(cp + 1);
- return(0);
-}
-
-static int
-parse_getput_flags(const char **cpp, int *pflag)
-{
- const char *cp = *cpp;
-
- /* Check for flags */
- if (cp[0] == '-' && cp[1] && strchr(WHITESPACE, cp[2])) {
- switch (cp[1]) {
- case 'p':
- case 'P':
- *pflag = 1;
- break;
- default:
- error("Invalid flag -%c", cp[1]);
- return(-1);
- }
- cp += 2;
- *cpp = cp + strspn(cp, WHITESPACE);
- }
-
- return(0);
-}
-
-static int
-parse_ls_flags(const char **cpp, int *lflag)
-{
- const char *cp = *cpp;
-
- /* Check for flags */
- if (cp++[0] == '-') {
- for(; strchr(WHITESPACE, *cp) == NULL; cp++) {
- switch (*cp) {
- case 'l':
- *lflag = LONG_VIEW;
- break;
- case '1':
- *lflag = SHORT_VIEW;
- break;
- default:
- error("Invalid flag -%c", *cp);
- return(-1);
- }
- }
- *cpp = cp + strspn(cp, WHITESPACE);
- }
-
- return(0);
-}
-
-static int
-get_pathname(const char **cpp, char **path)
-{
- const char *cp = *cpp, *end;
- char quot;
- int i, j;
-
- cp += strspn(cp, WHITESPACE);
- if (!*cp) {
- *cpp = cp;
- *path = NULL;
- return (0);
- }
-
- *path = xmalloc(strlen(cp) + 1);
-
- /* Check for quoted filenames */
- if (*cp == '\"' || *cp == '\'') {
- quot = *cp++;
-
- /* Search for terminating quote, unescape some chars */
- for (i = j = 0; i <= strlen(cp); i++) {
- if (cp[i] == quot) { /* Found quote */
- (*path)[j] = '\0';
- i++;
- break;
- }
- if (cp[i] == '\0') { /* End of string */
- error("Unterminated quote");
- goto fail;
- }
- if (cp[i] == '\\') { /* Escaped characters */
- i++;
- if (cp[i] != '\'' && cp[i] != '\"' &&
- cp[i] != '\\') {
- error("Bad escaped character '\%c'",
- cp[i]);
- goto fail;
- }
- }
- (*path)[j++] = cp[i];
- }
-
- if (j == 0) {
- error("Empty quotes");
- goto fail;
- }
- *cpp = cp + i + strspn(cp + i, WHITESPACE);
- } else {
- /* Read to end of filename */
- end = strpbrk(cp, WHITESPACE);
- if (end == NULL)
- end = strchr(cp, '\0');
- *cpp = end + strspn(end, WHITESPACE);
-
- memcpy(*path, cp, end - cp);
- (*path)[end - cp] = '\0';
- }
- return (0);
-
- fail:
- xfree(*path);
- *path = NULL;
- return (-1);
-}
-
-static int
-is_dir(char *path)
-{
- struct stat sb;
-
- /* XXX: report errors? */
- if (stat(path, &sb) == -1)
- return(0);
-
- return(sb.st_mode & S_IFDIR);
-}
-
-static int
-is_reg(char *path)
-{
- struct stat sb;
-
- if (stat(path, &sb) == -1)
- fatal("stat %s: %s", path, strerror(errno));
-
- return(S_ISREG(sb.st_mode));
-}
-
-static int
-remote_is_dir(struct sftp_conn *conn, char *path)
-{
- Attrib *a;
-
- /* XXX: report errors? */
- if ((a = do_stat(conn, path, 1)) == NULL)
- return(0);
- if (!(a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS))
- return(0);
- return(a->perm & S_IFDIR);
-}
-
-static int
-process_get(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
-{
- char *abs_src = NULL;
- char *abs_dst = NULL;
- char *tmp;
- glob_t g;
- int err = 0;
- int i;
-
- abs_src = xstrdup(src);
- abs_src = make_absolute(abs_src, pwd);
-
- memset(&g, 0, sizeof(g));
- debug3("Looking up %s", abs_src);
- if (remote_glob(conn, abs_src, 0, NULL, &g)) {
- error("File \"%s\" not found.", abs_src);
- err = -1;
- goto out;
- }
-
- /* If multiple matches, dst must be a directory or unspecified */
- if (g.gl_matchc > 1 && dst && !is_dir(dst)) {
- error("Multiple files match, but \"%s\" is not a directory",
- dst);
- err = -1;
- goto out;
- }
-
- for (i = 0; g.gl_pathv[i]; i++) {
- if (infer_path(g.gl_pathv[i], &tmp)) {
- err = -1;
- goto out;
- }
-
- if (g.gl_matchc == 1 && dst) {
- /* If directory specified, append filename */
- if (is_dir(dst)) {
- if (infer_path(g.gl_pathv[0], &tmp)) {
- err = 1;
- goto out;
- }
- abs_dst = path_append(dst, tmp);
- xfree(tmp);
- } else
- abs_dst = xstrdup(dst);
- } else if (dst) {
- abs_dst = path_append(dst, tmp);
- xfree(tmp);
- } else
- abs_dst = tmp;
-
- printf("Fetching %s to %s\n", g.gl_pathv[i], abs_dst);
- if (do_download(conn, g.gl_pathv[i], abs_dst, pflag) == -1)
- err = -1;
- xfree(abs_dst);
- abs_dst = NULL;
- }
-
-out:
- xfree(abs_src);
- if (abs_dst)
- xfree(abs_dst);
- globfree(&g);
- return(err);
-}
-
-static int
-process_put(struct sftp_conn *conn, char *src, char *dst, char *pwd, int pflag)
-{
- char *tmp_dst = NULL;
- char *abs_dst = NULL;
- char *tmp;
- glob_t g;
- int err = 0;
- int i;
-
- if (dst) {
- tmp_dst = xstrdup(dst);
- tmp_dst = make_absolute(tmp_dst, pwd);
- }
-
- memset(&g, 0, sizeof(g));
- debug3("Looking up %s", src);
- if (glob(src, 0, NULL, &g)) {
- error("File \"%s\" not found.", src);
- err = -1;
- goto out;
- }
-
- /* If multiple matches, dst may be directory or unspecified */
- if (g.gl_matchc > 1 && tmp_dst && !remote_is_dir(conn, tmp_dst)) {
- error("Multiple files match, but \"%s\" is not a directory",
- tmp_dst);
- err = -1;
- goto out;
- }
-
- for (i = 0; g.gl_pathv[i]; i++) {
- if (!is_reg(g.gl_pathv[i])) {
- error("skipping non-regular file %s",
- g.gl_pathv[i]);
- continue;
- }
- if (infer_path(g.gl_pathv[i], &tmp)) {
- err = -1;
- goto out;
- }
-
- if (g.gl_matchc == 1 && tmp_dst) {
- /* If directory specified, append filename */
- if (remote_is_dir(conn, tmp_dst)) {
- if (infer_path(g.gl_pathv[0], &tmp)) {
- err = 1;
- goto out;
- }
- abs_dst = path_append(tmp_dst, tmp);
- xfree(tmp);
- } else
- abs_dst = xstrdup(tmp_dst);
-
- } else if (tmp_dst) {
- abs_dst = path_append(tmp_dst, tmp);
- xfree(tmp);
- } else
- abs_dst = make_absolute(tmp, pwd);
-
- printf("Uploading %s to %s\n", g.gl_pathv[i], abs_dst);
- if (do_upload(conn, g.gl_pathv[i], abs_dst, pflag) == -1)
- err = -1;
- }
-
-out:
- if (abs_dst)
- xfree(abs_dst);
- if (tmp_dst)
- xfree(tmp_dst);
- globfree(&g);
- return(err);
-}
-
-static int
-sdirent_comp(const void *aa, const void *bb)
-{
- SFTP_DIRENT *a = *(SFTP_DIRENT **)aa;
- SFTP_DIRENT *b = *(SFTP_DIRENT **)bb;
-
- return (strcmp(a->filename, b->filename));
-}
-
-/* sftp ls.1 replacement for directories */
-static int
-do_ls_dir(struct sftp_conn *conn, char *path, char *strip_path, int lflag)
-{
- int n, c = 1, colspace = 0, columns = 1;
- SFTP_DIRENT **d;
-
- if ((n = do_readdir(conn, path, &d)) != 0)
- return (n);
-
- if (!(lflag & SHORT_VIEW)) {
- int m = 0, width = 80;
- struct winsize ws;
-
- /* Count entries for sort and find longest filename */
- for (n = 0; d[n] != NULL; n++)
- m = MAX(m, strlen(d[n]->filename));
-
- if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1)
- width = ws.ws_col;
-
- columns = width / (m + 2);
- columns = MAX(columns, 1);
- colspace = width / columns;
- }
-
- qsort(d, n, sizeof(*d), sdirent_comp);
-
- for (n = 0; d[n] != NULL; n++) {
- char *tmp, *fname;
-
- tmp = path_append(path, d[n]->filename);
- fname = path_strip(tmp, strip_path);
- xfree(tmp);
-
- if (lflag & LONG_VIEW) {
- char *lname;
- struct stat sb;
-
- memset(&sb, 0, sizeof(sb));
- attrib_to_stat(&d[n]->a, &sb);
- lname = ls_file(fname, &sb, 1);
- printf("%s\n", lname);
- xfree(lname);
- } else {
- printf("%-*s", colspace, fname);
- if (c >= columns) {
- printf("\n");
- c = 1;
- } else
- c++;
- }
-
- xfree(fname);
- }
-
- if (!(lflag & LONG_VIEW) && (c != 1))
- printf("\n");
-
- free_sftp_dirents(d);
- return (0);
-}
-
-/* sftp ls.1 replacement which handles path globs */
-static int
-do_globbed_ls(struct sftp_conn *conn, char *path, char *strip_path,
- int lflag)
-{
- glob_t g;
- int i, c = 1, colspace = 0, columns = 1;
- Attrib *a;
-
- memset(&g, 0, sizeof(g));
-
- if (remote_glob(conn, path, GLOB_MARK|GLOB_NOCHECK|GLOB_BRACE,
- NULL, &g)) {
- error("Can't ls: \"%s\" not found", path);
- return (-1);
- }
-
- /*
- * If the glob returns a single match, which is the same as the
- * input glob, and it is a directory, then just list its contents
- */
- if (g.gl_pathc == 1 &&
- strncmp(path, g.gl_pathv[0], strlen(g.gl_pathv[0]) - 1) == 0) {
- if ((a = do_lstat(conn, path, 1)) == NULL) {
- globfree(&g);
- return (-1);
- }
- if ((a->flags & SSH2_FILEXFER_ATTR_PERMISSIONS) &&
- S_ISDIR(a->perm)) {
- globfree(&g);
- return (do_ls_dir(conn, path, strip_path, lflag));
- }
- }
-
- if (!(lflag & SHORT_VIEW)) {
- int m = 0, width = 80;
- struct winsize ws;
-
- /* Count entries for sort and find longest filename */
- for (i = 0; g.gl_pathv[i]; i++)
- m = MAX(m, strlen(g.gl_pathv[i]));
-
- if (ioctl(fileno(stdin), TIOCGWINSZ, &ws) != -1)
- width = ws.ws_col;
-
- columns = width / (m + 2);
- columns = MAX(columns, 1);
- colspace = width / columns;
- }
-
- for (i = 0; g.gl_pathv[i]; i++) {
- char *fname;
-
- fname = path_strip(g.gl_pathv[i], strip_path);
-
- if (lflag & LONG_VIEW) {
- char *lname;
- struct stat sb;
-
- /*
- * XXX: this is slow - 1 roundtrip per path
- * A solution to this is to fork glob() and
- * build a sftp specific version which keeps the
- * attribs (which currently get thrown away)
- * that the server returns as well as the filenames.
- */
- memset(&sb, 0, sizeof(sb));
- a = do_lstat(conn, g.gl_pathv[i], 1);
- if (a != NULL)
- attrib_to_stat(a, &sb);
- lname = ls_file(fname, &sb, 1);
- printf("%s\n", lname);
- xfree(lname);
- } else {
- printf("%-*s", colspace, fname);
- if (c >= columns) {
- printf("\n");
- c = 1;
- } else
- c++;
- }
- xfree(fname);
- }
-
- if (!(lflag & LONG_VIEW) && (c != 1))
- printf("\n");
-
- if (g.gl_pathc)
- globfree(&g);
-
- return (0);
-}
-
-static int
-parse_args(const char **cpp, int *pflag, int *lflag, int *iflag,
- unsigned long *n_arg, char **path1, char **path2)
-{
- const char *cmd, *cp = *cpp;
- char *cp2;
- int base = 0;
- long l;
- int i, cmdnum;
-
- /* Skip leading whitespace */
- cp = cp + strspn(cp, WHITESPACE);
-
- /* Ignore blank lines and lines which begin with comment '#' char */
- if (*cp == '\0' || *cp == '#')
- return (0);
-
- /* Check for leading '-' (disable error processing) */
- *iflag = 0;
- if (*cp == '-') {
- *iflag = 1;
- cp++;
- }
-
- /* Figure out which command we have */
- for (i = 0; cmds[i].c; i++) {
- int cmdlen = strlen(cmds[i].c);
-
- /* Check for command followed by whitespace */
- if (!strncasecmp(cp, cmds[i].c, cmdlen) &&
- strchr(WHITESPACE, cp[cmdlen])) {
- cp += cmdlen;
- cp = cp + strspn(cp, WHITESPACE);
- break;
- }
- }
- cmdnum = cmds[i].n;
- cmd = cmds[i].c;
-
- /* Special case */
- if (*cp == '!') {
- cp++;
- cmdnum = I_SHELL;
- } else if (cmdnum == -1) {
- error("Invalid command.");
- return (-1);
- }
-
- /* Get arguments and parse flags */
- *lflag = *pflag = *n_arg = 0;
- *path1 = *path2 = NULL;
- switch (cmdnum) {
- case I_GET:
- case I_PUT:
- if (parse_getput_flags(&cp, pflag))
- return(-1);
- /* Get first pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
- error("You must specify at least one path after a "
- "%s command.", cmd);
- return(-1);
- }
- /* Try to get second pathname (optional) */
- if (get_pathname(&cp, path2))
- return(-1);
- break;
- case I_RENAME:
- case I_SYMLINK:
- if (get_pathname(&cp, path1))
- return(-1);
- if (get_pathname(&cp, path2))
- return(-1);
- if (!*path1 || !*path2) {
- error("You must specify two paths after a %s "
- "command.", cmd);
- return(-1);
- }
- break;
- case I_RM:
- case I_MKDIR:
- case I_RMDIR:
- case I_CHDIR:
- case I_LCHDIR:
- case I_LMKDIR:
- /* Get pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
- error("You must specify a path after a %s command.",
- cmd);
- return(-1);
- }
- break;
- case I_LS:
- if (parse_ls_flags(&cp, lflag))
- return(-1);
- /* Path is optional */
- if (get_pathname(&cp, path1))
- return(-1);
- break;
- case I_LLS:
- case I_SHELL:
- /* Uses the rest of the line */
- break;
- case I_LUMASK:
- base = 8;
- case I_CHMOD:
- base = 8;
- case I_CHOWN:
- case I_CHGRP:
- /* Get numeric arg (mandatory) */
- l = strtol(cp, &cp2, base);
- if (cp2 == cp || ((l == LONG_MIN || l == LONG_MAX) &&
- errno == ERANGE) || l < 0) {
- error("You must supply a numeric argument "
- "to the %s command.", cmd);
- return(-1);
- }
- cp = cp2;
- *n_arg = l;
- if (cmdnum == I_LUMASK && strchr(WHITESPACE, *cp))
- break;
- if (cmdnum == I_LUMASK || !strchr(WHITESPACE, *cp)) {
- error("You must supply a numeric argument "
- "to the %s command.", cmd);
- return(-1);
- }
- cp += strspn(cp, WHITESPACE);
-
- /* Get pathname (mandatory) */
- if (get_pathname(&cp, path1))
- return(-1);
- if (*path1 == NULL) {
- error("You must specify a path after a %s command.",
- cmd);
- return(-1);
- }
- break;
- case I_QUIT:
- case I_PWD:
- case I_LPWD:
- case I_HELP:
- case I_VERSION:
- case I_PROGRESS:
- break;
- default:
- fatal("Command not implemented");
- }
-
- *cpp = cp;
- return(cmdnum);
-}
-
-static int
-parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
- int err_abort)
-{
- char *path1, *path2, *tmp;
- int pflag, lflag, iflag, cmdnum, i;
- unsigned long n_arg;
- Attrib a, *aa;
- char path_buf[MAXPATHLEN];
- int err = 0;
- glob_t g;
-
- path1 = path2 = NULL;
- cmdnum = parse_args(&cmd, &pflag, &lflag, &iflag, &n_arg,
- &path1, &path2);
-
- if (iflag != 0)
- err_abort = 0;
-
- memset(&g, 0, sizeof(g));
-
- /* Perform command */
- switch (cmdnum) {
- case 0:
- /* Blank line */
- break;
- case -1:
- /* Unrecognized command */
- err = -1;
- break;
- case I_GET:
- err = process_get(conn, path1, path2, *pwd, pflag);
- break;
- case I_PUT:
- err = process_put(conn, path1, path2, *pwd, pflag);
- break;
- case I_RENAME:
- path1 = make_absolute(path1, *pwd);
- path2 = make_absolute(path2, *pwd);
- err = do_rename(conn, path1, path2);
- break;
- case I_SYMLINK:
- path2 = make_absolute(path2, *pwd);
- err = do_symlink(conn, path1, path2);
- break;
- case I_RM:
- path1 = make_absolute(path1, *pwd);
- remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
- for (i = 0; g.gl_pathv[i]; i++) {
- printf("Removing %s\n", g.gl_pathv[i]);
- err = do_rm(conn, g.gl_pathv[i]);
- if (err != 0 && err_abort)
- break;
- }
- break;
- case I_MKDIR:
- path1 = make_absolute(path1, *pwd);
- attrib_clear(&a);
- a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS;
- a.perm = 0777;
- err = do_mkdir(conn, path1, &a);
- break;
- case I_RMDIR:
- path1 = make_absolute(path1, *pwd);
- err = do_rmdir(conn, path1);
- break;
- case I_CHDIR:
- path1 = make_absolute(path1, *pwd);
- if ((tmp = do_realpath(conn, path1)) == NULL) {
- err = 1;
- break;
- }
- if ((aa = do_stat(conn, tmp, 0)) == NULL) {
- xfree(tmp);
- err = 1;
- break;
- }
- if (!(aa->flags & SSH2_FILEXFER_ATTR_PERMISSIONS)) {
- error("Can't change directory: Can't check target");
- xfree(tmp);
- err = 1;
- break;
- }
- if (!S_ISDIR(aa->perm)) {
- error("Can't change directory: \"%s\" is not "
- "a directory", tmp);
- xfree(tmp);
- err = 1;
- break;
- }
- xfree(*pwd);
- *pwd = tmp;
- break;
- case I_LS:
- if (!path1) {
- do_globbed_ls(conn, *pwd, *pwd, lflag);
- break;
- }
-
- /* Strip pwd off beginning of non-absolute paths */
- tmp = NULL;
- if (*path1 != '/')
- tmp = *pwd;
-
- path1 = make_absolute(path1, *pwd);
- err = do_globbed_ls(conn, path1, tmp, lflag);
- break;
- case I_LCHDIR:
- if (chdir(path1) == -1) {
- error("Couldn't change local directory to "
- "\"%s\": %s", path1, strerror(errno));
- err = 1;
- }
- break;
- case I_LMKDIR:
- if (mkdir(path1, 0777) == -1) {
- error("Couldn't create local directory "
- "\"%s\": %s", path1, strerror(errno));
- err = 1;
- }
- break;
- case I_LLS:
- local_do_ls(cmd);
- break;
- case I_SHELL:
- local_do_shell(cmd);
- break;
- case I_LUMASK:
- umask(n_arg);
- printf("Local umask: %03lo\n", n_arg);
- break;
- case I_CHMOD:
- path1 = make_absolute(path1, *pwd);
- attrib_clear(&a);
- a.flags |= SSH2_FILEXFER_ATTR_PERMISSIONS;
- a.perm = n_arg;
- remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
- for (i = 0; g.gl_pathv[i]; i++) {
- printf("Changing mode on %s\n", g.gl_pathv[i]);
- err = do_setstat(conn, g.gl_pathv[i], &a);
- if (err != 0 && err_abort)
- break;
- }
- break;
- case I_CHOWN:
- case I_CHGRP:
- path1 = make_absolute(path1, *pwd);
- remote_glob(conn, path1, GLOB_NOCHECK, NULL, &g);
- for (i = 0; g.gl_pathv[i]; i++) {
- if (!(aa = do_stat(conn, g.gl_pathv[i], 0))) {
- if (err != 0 && err_abort)
- break;
- else
- continue;
- }
- if (!(aa->flags & SSH2_FILEXFER_ATTR_UIDGID)) {
- error("Can't get current ownership of "
- "remote file \"%s\"", g.gl_pathv[i]);
- if (err != 0 && err_abort)
- break;
- else
- continue;
- }
- aa->flags &= SSH2_FILEXFER_ATTR_UIDGID;
- if (cmdnum == I_CHOWN) {
- printf("Changing owner on %s\n", g.gl_pathv[i]);
- aa->uid = n_arg;
- } else {
- printf("Changing group on %s\n", g.gl_pathv[i]);
- aa->gid = n_arg;
- }
- err = do_setstat(conn, g.gl_pathv[i], aa);
- if (err != 0 && err_abort)
- break;
- }
- break;
- case I_PWD:
- printf("Remote working directory: %s\n", *pwd);
- break;
- case I_LPWD:
- if (!getcwd(path_buf, sizeof(path_buf))) {
- error("Couldn't get local cwd: %s", strerror(errno));
- err = -1;
- break;
- }
- printf("Local working directory: %s\n", path_buf);
- break;
- case I_QUIT:
- /* Processed below */
- break;
- case I_HELP:
- help();
- break;
- case I_VERSION:
- printf("SFTP protocol version %u\n", sftp_proto_version(conn));
- break;
- case I_PROGRESS:
- showprogress = !showprogress;
- if (showprogress)
- printf("Progress meter enabled\n");
- else
- printf("Progress meter disabled\n");
- break;
- default:
- fatal("%d is not implemented", cmdnum);
- }
-
- if (g.gl_pathc)
- globfree(&g);
- if (path1)
- xfree(path1);
- if (path2)
- xfree(path2);
-
- /* If an unignored error occurs in batch mode we should abort. */
- if (err_abort && err != 0)
- return (-1);
- else if (cmdnum == I_QUIT)
- return (1);
-
- return (0);
-}
-
-int
-interactive_loop(int fd_in, int fd_out, char *file1, char *file2)
-{
- char *pwd;
- char *dir = NULL;
- char cmd[2048];
- struct sftp_conn *conn;
- int err;
-
- conn = do_init(fd_in, fd_out, copy_buffer_len, num_requests);
- if (conn == NULL)
- fatal("Couldn't initialise connection to server");
-
- pwd = do_realpath(conn, ".");
- if (pwd == NULL)
- fatal("Need cwd");
-
- if (file1 != NULL) {
- dir = xstrdup(file1);
- dir = make_absolute(dir, pwd);
-
- if (remote_is_dir(conn, dir) && file2 == NULL) {
- printf("Changing to: %s\n", dir);
- snprintf(cmd, sizeof cmd, "cd \"%s\"", dir);
- if (parse_dispatch_command(conn, cmd, &pwd, 1) != 0)
- return (-1);
- } else {
- if (file2 == NULL)
- snprintf(cmd, sizeof cmd, "get %s", dir);
- else
- snprintf(cmd, sizeof cmd, "get %s %s", dir,
- file2);
-
- err = parse_dispatch_command(conn, cmd, &pwd, 1);
- xfree(dir);
- xfree(pwd);
- return (err);
- }
- xfree(dir);
- }
-
-#if HAVE_SETVBUF
- setvbuf(stdout, NULL, _IOLBF, 0);
- setvbuf(infile, NULL, _IOLBF, 0);
-#else
- setlinebuf(stdout);
- setlinebuf(infile);
-#endif
-
- err = 0;
- for (;;) {
- char *cp;
-
- printf("sftp> ");
-
- /* XXX: use libedit */
- if (fgets(cmd, sizeof(cmd), infile) == NULL) {
- printf("\n");
- break;
- } else if (infile != stdin) /* Bluff typing */
- printf("%s", cmd);
-
- cp = strrchr(cmd, '\n');
- if (cp)
- *cp = '\0';
-
- err = parse_dispatch_command(conn, cmd, &pwd, infile != stdin);
- if (err != 0)
- break;
- }
- xfree(pwd);
-
- /* err == 1 signifies normal "quit" exit */
- return (err >= 0 ? 0 : -1);
-}
-
diff --git a/crypto/openssh/sftp-int.h b/crypto/openssh/sftp-int.h
deleted file mode 100644
index 8a04a03f6156..000000000000
--- a/crypto/openssh/sftp-int.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* $OpenBSD: sftp-int.h,v 1.6 2003/01/08 23:53:26 djm Exp $ */
-
-/*
- * Copyright (c) 2001,2002 Damien Miller. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-int interactive_loop(int, int, char *, char *);
diff --git a/crypto/openssh/sftp-server/Makefile b/crypto/openssh/sftp-server/Makefile
deleted file mode 100644
index e0682391297b..000000000000
--- a/crypto/openssh/sftp-server/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# $OpenBSD: Makefile,v 1.5 2001/03/03 23:59:36 markus Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= sftp-server
-BINOWN= root
-
-BINMODE?=555
-
-BINDIR= /usr/libexec
-MAN= sftp-server.8
-
-SRCS= sftp-server.c sftp-common.c
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto
-DPADD+= ${LIBCRYPTO}
diff --git a/crypto/openssh/sftp/Makefile b/crypto/openssh/sftp/Makefile
deleted file mode 100644
index 3f5d866a5e9e..000000000000
--- a/crypto/openssh/sftp/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
-# $OpenBSD: Makefile,v 1.5 2001/05/03 23:09:57 mouring Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= sftp
-BINOWN= root
-
-BINMODE?=555
-
-BINDIR= /usr/bin
-MAN= sftp.1
-
-SRCS= sftp.c sftp-client.c sftp-int.c sftp-common.c sftp-glob.c misc.c
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto
-DPADD+= ${LIBCRYPTO}
-
diff --git a/crypto/openssh/ssh-add/Makefile b/crypto/openssh/ssh-add/Makefile
deleted file mode 100644
index 2f7bf42b53c2..000000000000
--- a/crypto/openssh/ssh-add/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# $OpenBSD: Makefile,v 1.20 2001/03/04 00:51:25 markus Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= ssh-add
-BINOWN= root
-
-BINMODE?=555
-
-BINDIR= /usr/bin
-MAN= ssh-add.1
-
-SRCS= ssh-add.c
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto
-DPADD+= ${LIBCRYPTO}
diff --git a/crypto/openssh/ssh-agent/Makefile b/crypto/openssh/ssh-agent/Makefile
deleted file mode 100644
index c252dbdad65e..000000000000
--- a/crypto/openssh/ssh-agent/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# $OpenBSD: Makefile,v 1.21 2001/06/27 19:29:16 markus Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= ssh-agent
-BINOWN= root
-
-BINMODE?=555
-
-BINDIR= /usr/bin
-MAN= ssh-agent.1
-
-SRCS= ssh-agent.c
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto
-DPADD+= ${LIBCRYPTO}
diff --git a/crypto/openssh/ssh-keygen/Makefile b/crypto/openssh/ssh-keygen/Makefile
deleted file mode 100644
index d175813bc0cb..000000000000
--- a/crypto/openssh/ssh-keygen/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# $OpenBSD: Makefile,v 1.21 2001/06/27 19:29:16 markus Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= ssh-keygen
-BINOWN= root
-
-BINMODE?=555
-
-BINDIR= /usr/bin
-MAN= ssh-keygen.1
-
-SRCS= ssh-keygen.c
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto
-DPADD+= ${LIBCRYPTO}
diff --git a/crypto/openssh/ssh-keyscan/Makefile b/crypto/openssh/ssh-keyscan/Makefile
deleted file mode 100644
index 2ea5c23934c4..000000000000
--- a/crypto/openssh/ssh-keyscan/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# $OpenBSD: Makefile,v 1.4 2001/08/05 23:18:20 markus Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= ssh-keyscan
-BINOWN= root
-
-BINMODE?=555
-
-BINDIR= /usr/bin
-MAN= ssh-keyscan.1
-
-SRCS= ssh-keyscan.c
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto -lz
-DPADD+= ${LIBCRYPTO} ${LIBZ}
diff --git a/crypto/openssh/ssh-keysign/Makefile b/crypto/openssh/ssh-keysign/Makefile
deleted file mode 100644
index 1a13d9ed358d..000000000000
--- a/crypto/openssh/ssh-keysign/Makefile
+++ /dev/null
@@ -1,18 +0,0 @@
-# $OpenBSD: Makefile,v 1.3 2002/05/31 10:30:33 markus Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= ssh-keysign
-BINOWN= root
-
-BINMODE?=4555
-
-BINDIR= /usr/libexec
-MAN= ssh-keysign.8
-
-SRCS= ssh-keysign.c
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto -lz
-DPADD+= ${LIBCRYPTO} ${LIBZ}
diff --git a/crypto/openssh/ssh/Makefile b/crypto/openssh/ssh/Makefile
deleted file mode 100644
index 80511de5f4e7..000000000000
--- a/crypto/openssh/ssh/Makefile
+++ /dev/null
@@ -1,40 +0,0 @@
-# $OpenBSD: Makefile,v 1.42 2002/06/20 19:56:07 stevesk Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= ssh
-BINOWN= root
-
-#BINMODE?=4555
-
-BINDIR= /usr/bin
-MAN= ssh.1 ssh_config.5
-LINKS= ${BINDIR}/ssh ${BINDIR}/slogin
-MLINKS= ssh.1 slogin.1
-
-SRCS= ssh.c readconf.c clientloop.c sshtty.c \
- sshconnect.c sshconnect1.c sshconnect2.c
-
-.include <bsd.own.mk> # for AFS
-
-.if (${KERBEROS5:L} == "yes")
-CFLAGS+= -DKRB5 -I${DESTDIR}/usr/include/kerberosV
-LDADD+= -lkrb5 -lasn1 -lcom_err
-DPADD+= ${LIBKRB5} ${LIBASN1} ${LIBCOM_ERR}
-.endif # KERBEROS5
-
-.if (${KERBEROS:L} == "yes")
-CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV
-LDADD+= -lkrb
-DPADD+= ${LIBKRB}
-.if (${AFS:L} == "yes")
-CFLAGS+= -DAFS
-LDADD+= -lkafs
-DPADD+= ${LIBKAFS}
-.endif # AFS
-.endif # KERBEROS
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto -lz -ldes
-DPADD+= ${LIBCRYPTO} ${LIBZ} ${LIBDES}
diff --git a/crypto/openssh/sshd/Makefile b/crypto/openssh/sshd/Makefile
deleted file mode 100644
index 14ef3e0717bb..000000000000
--- a/crypto/openssh/sshd/Makefile
+++ /dev/null
@@ -1,56 +0,0 @@
-# $OpenBSD: Makefile,v 1.51 2002/06/20 19:56:07 stevesk Exp $
-
-.PATH: ${.CURDIR}/..
-
-PROG= sshd
-BINOWN= root
-BINMODE=555
-BINDIR= /usr/sbin
-MAN= sshd.8 sshd_config.5
-CFLAGS+=-DHAVE_LOGIN_CAP -DBSD_AUTH
-
-SRCS= sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \
- sshpty.c sshlogin.c servconf.c serverloop.c uidswap.c \
- auth.c auth1.c auth2.c auth-options.c session.c \
- auth-chall.c auth2-chall.c groupaccess.c \
- auth-skey.c auth-bsdauth.c monitor_mm.c monitor.c \
- auth2-none.c auth2-passwd.c auth2-pubkey.c \
- auth2-hostbased.c auth2-kbdint.c
-
-.include <bsd.own.mk> # for KERBEROS and AFS
-
-.if (${KERBEROS5:L} == "yes")
-CFLAGS+=-DKRB5 -I${DESTDIR}/usr/include/kerberosV
-SRCS+= auth-krb5.c
-LDADD+= -lkrb5 -lkafs -lasn1 -lcom_err
-DPADD+= ${LIBKRB5} ${LIBKAFS} ${LIBASN1} ${LIBCOM_ERR}
-.endif # KERBEROS5
-
-.if (${KERBEROS:L} == "yes")
-.if (${AFS:L} == "yes")
-CFLAGS+= -DAFS
-LDADD+= -lkafs
-DPADD+= ${LIBKAFS}
-.endif # AFS
-CFLAGS+= -DKRB4 -I${DESTDIR}/usr/include/kerberosIV
-SRCS+= auth-krb4.c
-LDADD+= -lkrb
-DPADD+= ${LIBKRB}
-.endif # KERBEROS
-
-.include <bsd.prog.mk>
-
-LDADD+= -lcrypto -lutil -lz -ldes
-DPADD+= ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} ${LIBDES}
-
-.if (${TCP_WRAPPERS:L} == "yes")
-CFLAGS+= -DLIBWRAP
-LDADD+= -lwrap
-DPADD+= ${LIBWRAP}
-.endif
-
-#.if (${SKEY:L} == "yes")
-#CFLAGS+= -DSKEY
-#LDADD+= -lskey
-#DPADD+= ${SKEY}
-#.endif
diff --git a/crypto/openssh/sshtty.h b/crypto/openssh/sshtty.h
deleted file mode 100644
index 723b27846370..000000000000
--- a/crypto/openssh/sshtty.h
+++ /dev/null
@@ -1,47 +0,0 @@
-/* $OpenBSD: sshtty.h,v 1.3 2003/09/19 17:43:35 markus Exp $ */
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-/*
- * Copyright (c) 2001 Markus Friedl. All rights reserved.
- * Copyright (c) 2001 Kevin Steves. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef SSHTTY_H
-#define SSHTTY_H
-
-#include <termios.h>
-
-struct termios get_saved_tio(void);
-void leave_raw_mode(void);
-void enter_raw_mode(void);
-
-#endif
diff --git a/crypto/openssh/tildexpand.h b/crypto/openssh/tildexpand.h
deleted file mode 100644
index f5e7e40bcc0d..000000000000
--- a/crypto/openssh/tildexpand.h
+++ /dev/null
@@ -1,15 +0,0 @@
-/* $OpenBSD: tildexpand.h,v 1.4 2001/06/26 17:27:25 markus Exp $ */
-
-/*
- * Author: Tatu Ylonen <ylo@cs.hut.fi>
- * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
- * All rights reserved
- *
- * As far as I am concerned, the code I have written for this software
- * can be used freely for any purpose. Any derived versions of this
- * software must be clearly marked as such, and if the derived work is
- * incompatible with the protocol description in the RFC file, it must be
- * called by a name other than "ssh" or "Secure Shell".
- */
-
-char *tilde_expand_filename(const char *, uid_t);
diff --git a/crypto/openssh/util.c b/crypto/openssh/util.c
deleted file mode 100644
index 1a591a6f0f51..000000000000
--- a/crypto/openssh/util.c
+++ /dev/null
@@ -1,96 +0,0 @@
-/* $OpenBSD: util.c,v 1.6 2000/10/27 07:32:19 markus Exp $ */
-
-/*
- * Copyright (c) 2000 Markus Friedl. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#include "includes.h"
-RCSID("$OpenBSD: util.c,v 1.6 2000/10/27 07:32:19 markus Exp $");
-
-#include "ssh.h"
-
-char *
-chop(char *s)
-{
- char *t = s;
- while (*t) {
- if(*t == '\n' || *t == '\r') {
- *t = '\0';
- return s;
- }
- t++;
- }
- return s;
-
-}
-
-void
-set_nonblock(int fd)
-{
- int val;
- val = fcntl(fd, F_GETFL, 0);
- if (val < 0) {
- error("fcntl(%d, F_GETFL, 0): %s", fd, strerror(errno));
- return;
- }
- if (val & O_NONBLOCK) {
- debug("fd %d IS O_NONBLOCK", fd);
- return;
- }
- debug("fd %d setting O_NONBLOCK", fd);
- val |= O_NONBLOCK;
- if (fcntl(fd, F_SETFL, val) == -1)
- if (errno != ENODEV)
- error("fcntl(%d, F_SETFL, O_NONBLOCK): %s",
- fd, strerror(errno));
-}
-
-/* Characters considered whitespace in strsep calls. */
-#define WHITESPACE " \t\r\n"
-
-char *
-strdelim(char **s)
-{
- char *old;
- int wspace = 0;
-
- if (*s == NULL)
- return NULL;
-
- old = *s;
-
- *s = strpbrk(*s, WHITESPACE "=");
- if (*s == NULL)
- return (old);
-
- /* Allow only one '=' to be skipped */
- if (*s[0] == '=')
- wspace = 1;
- *s[0] = '\0';
-
- *s += strspn(*s + 1, WHITESPACE) + 1;
- if (*s[0] == '=' && !wspace)
- *s += strspn(*s + 1, WHITESPACE) + 1;
-
- return (old);
-}