Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/OPENSSH]: src/crypto/external/bsd/openssh/dist OpenSSH 8.5/8.5p1 (2021-0...
details: https://anonhg.NetBSD.org/src/rev/5abec8d16d19
branches: OPENSSH
changeset: 953322:5abec8d16d19
user: christos <christos%NetBSD.org@localhost>
date: Fri Mar 05 17:45:24 2021 +0000
description:
OpenSSH 8.5/8.5p1 (2021-03-03)
OpenSSH 8.5 was released on 2021-03-03. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
https://www.openssh.com/donations.html
Future deprecation notice
=========================
It is now possible[1] to perform chosen-prefix attacks against the
SHA-1 algorithm for less than USD$50K.
In the SSH protocol, the "ssh-rsa" signature scheme uses the SHA-1
hash algorithm in conjunction with the RSA public key algorithm.
OpenSSH will disable this signature scheme by default in the near
future.
Note that the deactivation of "ssh-rsa" signatures does not necessarily
require cessation of use for RSA keys. In the SSH protocol, keys may be
capable of signing using multiple algorithms. In particular, "ssh-rsa"
keys are capable of signing using "rsa-sha2-256" (RSA/SHA256),
"rsa-sha2-512" (RSA/SHA512) and "ssh-rsa" (RSA/SHA1). Only the last of
these is being turned off by default.
This algorithm is unfortunately still used widely despite the
existence of better alternatives, being the only remaining public key
signature algorithm specified by the original SSH RFCs that is still
enabled by default.
The better alternatives include:
* The RFC8332 RSA SHA-2 signature algorithms rsa-sha2-256/512. These
algorithms have the advantage of using the same key type as
"ssh-rsa" but use the safe SHA-2 hash algorithms. These have been
supported since OpenSSH 7.2 and are already used by default if the
client and server support them.
* The RFC8709 ssh-ed25519 signature algorithm. It has been supported
in OpenSSH since release 6.5.
* The RFC5656 ECDSA algorithms: ecdsa-sha2-nistp256/384/521. These
have been supported by OpenSSH since release 5.7.
To check whether a server is using the weak ssh-rsa public key
algorithm, for host authentication, try to connect to it after
removing the ssh-rsa algorithm from ssh(1)'s allowed list:
ssh -oHostKeyAlgorithms=-ssh-rsa user@host
If the host key verification fails and no other supported host key
types are available, the server software on that host should be
upgraded.
This release enables the UpdateHostKeys option by default to assist
the client by automatically migrating to better algorithms.
[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
Application to the PGP Web of Trust" Leurent, G and Peyrin, T
(2020) https://eprint.iacr.org/2020/014.pdf
Security
========
* ssh-agent(1): fixed a double-free memory corruption that was
introduced in OpenSSH 8.2 . We treat all such memory faults as
potentially exploitable. This bug could be reached by an attacker
with access to the agent socket.
On modern operating systems where the OS can provide information
about the user identity connected to a socket, OpenSSH ssh-agent
and sshd limit agent socket access only to the originating user
and root. Additional mitigation may be afforded by the system's
malloc(3)/free(3) implementation, if it detects double-free
conditions.
The most likely scenario for exploitation is a user forwarding an
agent either to an account shared with a malicious user or to a
host with an attacker holding root access.
* Portable sshd(8): Prevent excessively long username going to PAM.
This is a mitigation for a buffer overflow in Solaris' PAM username
handling (CVE-2020-14871), and is only enabled for Sun-derived PAM
implementations. This is not a problem in sshd itself, it only
prevents sshd from being used as a vector to attack Solaris' PAM.
It does not prevent the bug in PAM from being exploited via some
other PAM application. GHPR212
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh(1), sshd(8): this release changes the first-preference signature
algorithm from ECDSA to ED25519.
* ssh(1), sshd(8): set the TOS/DSCP specified in the configuration
for interactive use prior to TCP connect. The connection phase of
the SSH session is time-sensitive and often explicitly interactive.
The ultimate interactive/bulk TOS/DSCP will be set after
authentication completes.
* ssh(1), sshd(8): remove the pre-standardization cipher
rijndael-cbc%lysator.liu.se@localhost. It is an alias for aes256-cbc before
it was standardized in RFC4253 (2006), has been deprecated and
disabled by default since OpenSSH 7.2 (2016) and was only briefly
documented in ssh.1 in 2001.
* ssh(1), sshd(8): update/replace the experimental post-quantum
hybrid key exchange method based on Streamlined NTRU Prime coupled
with X25519.
The previous sntrup4591761x25519-sha512%tinyssh.org@localhost method is
replaced with sntrup761x25519-sha512%openssh.com@localhost. Per its
designers, the sntrup4591761 algorithm was superseded almost two
years ago by sntrup761.
(note this both the updated method and the one that it replaced are
disabled by default)
* ssh(1): disable CheckHostIP by default. It provides insignificant
benefits while making key rotation significantly more difficult,
especially for hosts behind IP-based load-balancers.
Changes since OpenSSH 8.4
=========================
New features
------------
* ssh(1): this release enables UpdateHostkeys by default subject to
some conservative preconditions:
- The key was matched in the UserKnownHostsFile (and not in the
GlobalKnownHostsFile).
- The same key does not exist under another name.
- A certificate host key is not in use.
- known_hosts contains no matching wildcard hostname pattern.
- VerifyHostKeyDNS is not enabled.
- The default UserKnownHostsFile is in use.
We expect some of these conditions will be modified or relaxed in
future.
* ssh(1), sshd(8): add a new LogVerbose configuration directive for
that allows forcing maximum debug logging by file/function/line
pattern-lists.
* ssh(1): when prompting the user to accept a new hostkey, display
any other host names/addresses already associated with the key.
* ssh(1): allow UserKnownHostsFile=none to indicate that no
known_hosts file should be used to identify host keys.
* ssh(1): add a ssh_config KnownHostsCommand option that allows the
client to obtain known_hosts data from a command in addition to
the usual files.
* ssh(1): add a ssh_config PermitRemoteOpen option that allows the
client to restrict the destination when RemoteForward is used
with SOCKS.
* ssh(1): for FIDO keys, if a signature operation fails with a
"incorrect PIN" reason and no PIN was initially requested from the
user, then request a PIN and retry the operation. This supports
some biometric devices that fall back to requiring PIN when reading
of the biometric failed, and devices that require PINs for all
hosted credentials.
* sshd(8): implement client address-based rate-limiting via new
sshd_config(5) PerSourceMaxStartups and PerSourceNetBlockSize
directives that provide more fine-grained control on a per-origin
address basis than the global MaxStartups limit.
Bugfixes
--------
* ssh(1): Prefix keyboard interactive prompts with "(user@host)" to
make it easier to determine which connection they are associated
with in cases like scp -3, ProxyJump, etc. bz#3224
* sshd(8): fix sshd_config SetEnv directives located inside Match
blocks. GHPR201
* ssh(1): when requesting a FIDO token touch on stderr, inform the
user once the touch has been recorded.
* ssh(1): prevent integer overflow when ridiculously large
ConnectTimeout values are specified, capping the effective value
(for most platforms) at 24 days. bz#3229
* ssh(1): consider the ECDSA key subtype when ordering host key
algorithms in the client.
* ssh(1), sshd(8): rename the PubkeyAcceptedKeyTypes keyword to
PubkeyAcceptedAlgorithms. The previous name incorrectly suggested
that it control allowed key algorithms, when this option actually
specifies the signature algorithms that are accepted. The previous
name remains available as an alias. bz#3253
* ssh(1), sshd(8): similarly, rename HostbasedKeyTypes (ssh) and
HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms.
* sftp-server(8): add missing lsetstat%openssh.com@localhost documentation
and advertisement in the server's SSH2_FXP_VERSION hello packet.
* ssh(1), sshd(8): more strictly enforce KEX state-machine by
banning packet types once they are received. Fixes memleak caused
by duplicate SSH2_MSG_KEX_DH_GEX_REQUEST (oss-fuzz #30078).
* sftp(1): allow the full range of UIDs/GIDs for chown/chgrp on 32bit
platforms instead of being limited by LONG_MAX. bz#3206
* Minor man page fixes (capitalization, commas, etc.) bz#3223
* sftp(1): when doing an sftp recursive upload or download of a
read-only directory, ensure that the directory is created with
write and execute permissions in the interim so that the transfer
can actually complete, then set the directory permission as the
final step. bz#3222
* ssh-keygen(1): document the -Z, check the validity of its argument
earlier and provide a better error message if it's not correct.
bz#2879
* ssh(1): ignore comments at the end of config lines in ssh_config,
similar to what we already do for sshd_config. bz#2320
* sshd_config(5): mention that DisableForwarding is valid in a
sshd_config Match block. bz3239
* sftp(1): fix incorrect sorting of "ls -ltr" under some
circumstances. bz3248.
* ssh(1), sshd(8): fix potential integer truncation of (unlikely)
timeout values. bz#3250
* ssh(1): make hostbased authentication send the signature algorithm
in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
This make HostbasedAcceptedAlgorithms do what it is supposed to -
filter on signature algorithm and not key type.
Portability
-----------
* sshd(8): add a number of platform-specific syscalls to the Linux
seccomp-bpf sandbox. bz#3232 bz#3260
* sshd(8): remove debug message from sigchld handler that could cause
deadlock on some platforms. bz#3259
* Sync contrib/ssh-copy-id with upstream.
* unittests: add a hostname function for systems that don't have it.
Some systems don't have a hostname command (it's not required by
POSIX). The do have uname -n (which is), but not all of those have
it report the FQDN.
Checksums:
==========
- SHA1 (openssh-8.5.tar.gz) = 04cae43c389fb411227c01219e4eb46e3113f34e
- SHA256 (openssh-8.5.tar.gz) = 5qB2CgzNG4io4DmChTjHgCWqRWvEOvCKJskLdJCz+SU=
- SHA1 (openssh-8.5p1.tar.gz) = 72eadcbe313b07b1dd3b693e41d3cd56d354e24e
- SHA256 (openssh-8.5p1.tar.gz) = 9S8/QdQpqpkY44zyAK8iXM3Y5m8FLaVyhwyJc3ZG7CU=
Please note that the SHA256 signatures are base64 encoded and not
hexadecimal (which is the default for most checksum tools). The PGP
key used to sign the releases is available from the mirror sites:
https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
Please note that the OpenPGP key used to sign releases has been
rotated for this release. The new key has been signed by the previous
key to provide continuity.
Reporting Bugs:
===============
- Please read https://www.openssh.com/report.html
Security bugs should be reported directly to openssh%openssh.com@localhost
diffstat:
crypto/external/bsd/openssh/dist/PROTOCOL | 62 +-
crypto/external/bsd/openssh/dist/PROTOCOL.agent | 4 +-
crypto/external/bsd/openssh/dist/addr.c | 419 ++++
crypto/external/bsd/openssh/dist/addr.h | 60 +
crypto/external/bsd/openssh/dist/addrmatch.c | 347 +---
crypto/external/bsd/openssh/dist/auth-options.c | 15 +-
crypto/external/bsd/openssh/dist/auth-passwd.c | 6 +-
crypto/external/bsd/openssh/dist/auth-rhosts.c | 6 +-
crypto/external/bsd/openssh/dist/auth.c | 190 +--
crypto/external/bsd/openssh/dist/auth.h | 8 +-
crypto/external/bsd/openssh/dist/auth2-chall.c | 37 +-
crypto/external/bsd/openssh/dist/auth2-gss.c | 29 +-
crypto/external/bsd/openssh/dist/auth2-hostbased.c | 60 +-
crypto/external/bsd/openssh/dist/auth2-kbdint.c | 4 +-
crypto/external/bsd/openssh/dist/auth2-none.c | 4 +-
crypto/external/bsd/openssh/dist/auth2-passwd.c | 4 +-
crypto/external/bsd/openssh/dist/auth2-pubkey.c | 131 +-
crypto/external/bsd/openssh/dist/auth2.c | 58 +-
crypto/external/bsd/openssh/dist/authfd.c | 67 +-
crypto/external/bsd/openssh/dist/canohost.c | 8 +-
crypto/external/bsd/openssh/dist/channels.c | 490 ++---
crypto/external/bsd/openssh/dist/cipher.c | 4 +-
crypto/external/bsd/openssh/dist/clientloop.c | 563 ++++--
crypto/external/bsd/openssh/dist/compat.c | 48 +-
crypto/external/bsd/openssh/dist/compat.h | 12 +-
crypto/external/bsd/openssh/dist/crypto_api.h | 18 +-
crypto/external/bsd/openssh/dist/dh.c | 6 +-
crypto/external/bsd/openssh/dist/digest-openssl.c | 10 +-
crypto/external/bsd/openssh/dist/dns.c | 7 +-
crypto/external/bsd/openssh/dist/fatal.c | 7 +-
crypto/external/bsd/openssh/dist/gss-genr.c | 19 +-
crypto/external/bsd/openssh/dist/hostfile.c | 203 +-
crypto/external/bsd/openssh/dist/hostfile.h | 24 +-
crypto/external/bsd/openssh/dist/kex.c | 131 +-
crypto/external/bsd/openssh/dist/kex.h | 18 +-
crypto/external/bsd/openssh/dist/kexdh.c | 3 +-
crypto/external/bsd/openssh/dist/kexgen.c | 24 +-
crypto/external/bsd/openssh/dist/kexgexc.c | 14 +-
crypto/external/bsd/openssh/dist/kexgexs.c | 7 +-
crypto/external/bsd/openssh/dist/kexsntrup761x25519.c | 217 ++
crypto/external/bsd/openssh/dist/krl.c | 100 +-
crypto/external/bsd/openssh/dist/log.c | 195 +-
crypto/external/bsd/openssh/dist/log.h | 88 +-
crypto/external/bsd/openssh/dist/match.c | 8 +-
crypto/external/bsd/openssh/dist/misc.c | 362 +++-
crypto/external/bsd/openssh/dist/misc.h | 28 +-
crypto/external/bsd/openssh/dist/moduli-gen/Makefile | 3 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 | 147 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 | 146 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 | 163 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 | 145 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 | 131 +-
crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 | 125 +-
crypto/external/bsd/openssh/dist/monitor.c | 387 ++--
crypto/external/bsd/openssh/dist/monitor_fdpass.c | 20 +-
crypto/external/bsd/openssh/dist/monitor_wrap.c | 248 +-
crypto/external/bsd/openssh/dist/monitor_wrap.h | 5 +-
crypto/external/bsd/openssh/dist/msg.c | 16 +-
crypto/external/bsd/openssh/dist/mux.c | 562 +++---
crypto/external/bsd/openssh/dist/myproposal.h | 14 +-
crypto/external/bsd/openssh/dist/nchan.c | 67 +-
crypto/external/bsd/openssh/dist/packet.c | 85 +-
crypto/external/bsd/openssh/dist/readconf.c | 747 ++++++--
crypto/external/bsd/openssh/dist/readconf.h | 18 +-
crypto/external/bsd/openssh/dist/readpass.c | 71 +-
crypto/external/bsd/openssh/dist/sandbox-pledge.c | 8 +-
crypto/external/bsd/openssh/dist/sandbox-rlimit.c | 18 +-
crypto/external/bsd/openssh/dist/scp.1 | 17 +-
crypto/external/bsd/openssh/dist/scp.c | 6 +-
crypto/external/bsd/openssh/dist/servconf.c | 200 +-
crypto/external/bsd/openssh/dist/servconf.h | 17 +-
crypto/external/bsd/openssh/dist/serverloop.c | 86 +-
crypto/external/bsd/openssh/dist/session.c | 137 +-
crypto/external/bsd/openssh/dist/sftp-client.c | 234 +-
crypto/external/bsd/openssh/dist/sftp-client.h | 15 +-
crypto/external/bsd/openssh/dist/sftp-common.c | 4 +-
crypto/external/bsd/openssh/dist/sftp-server.c | 163 +-
crypto/external/bsd/openssh/dist/sftp.1 | 36 +-
crypto/external/bsd/openssh/dist/sftp.c | 81 +-
crypto/external/bsd/openssh/dist/sk-api.h | 4 +-
crypto/external/bsd/openssh/dist/sk-usbhid.c | 9 +-
crypto/external/bsd/openssh/dist/sntrup761.c | 1269 +++++++++++++++
crypto/external/bsd/openssh/dist/sntrup761.sh | 85 +
crypto/external/bsd/openssh/dist/srclimit.c | 138 +
crypto/external/bsd/openssh/dist/srclimit.h | 18 +
crypto/external/bsd/openssh/dist/ssh-add.c | 40 +-
crypto/external/bsd/openssh/dist/ssh-agent.c | 617 ++++---
crypto/external/bsd/openssh/dist/ssh-ed25519-sk.c | 5 +-
crypto/external/bsd/openssh/dist/ssh-ed25519.c | 5 +-
crypto/external/bsd/openssh/dist/ssh-gss.h | 4 +-
crypto/external/bsd/openssh/dist/ssh-keygen.1 | 23 +-
crypto/external/bsd/openssh/dist/ssh-keygen.c | 320 +--
crypto/external/bsd/openssh/dist/ssh-keyscan.c | 26 +-
crypto/external/bsd/openssh/dist/ssh-keysign.c | 55 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c | 53 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c | 72 +-
crypto/external/bsd/openssh/dist/ssh-pkcs11.c | 100 +-
crypto/external/bsd/openssh/dist/ssh-sk-client.c | 77 +-
crypto/external/bsd/openssh/dist/ssh-sk-helper.c | 47 +-
crypto/external/bsd/openssh/dist/ssh-sk.c | 98 +-
crypto/external/bsd/openssh/dist/ssh-xmss.c | 9 +-
crypto/external/bsd/openssh/dist/ssh.1 | 10 +-
crypto/external/bsd/openssh/dist/ssh.c | 406 ++--
crypto/external/bsd/openssh/dist/ssh2.h | 4 +-
crypto/external/bsd/openssh/dist/ssh_api.c | 33 +-
crypto/external/bsd/openssh/dist/ssh_config.5 | 269 ++-
crypto/external/bsd/openssh/dist/sshconnect.c | 544 ++++-
crypto/external/bsd/openssh/dist/sshconnect.h | 47 +-
crypto/external/bsd/openssh/dist/sshconnect2.c | 372 ++--
crypto/external/bsd/openssh/dist/sshd.c | 231 +-
crypto/external/bsd/openssh/dist/sshd_config.5 | 115 +-
crypto/external/bsd/openssh/dist/sshkey-xmss.c | 18 +-
crypto/external/bsd/openssh/dist/sshkey-xmss.h | 6 +-
crypto/external/bsd/openssh/dist/sshkey.c | 68 +-
crypto/external/bsd/openssh/dist/sshkey.h | 15 +-
crypto/external/bsd/openssh/dist/sshlogin.c | 8 +-
crypto/external/bsd/openssh/dist/sshsig.c | 120 +-
crypto/external/bsd/openssh/dist/ttymodes.c | 44 +-
crypto/external/bsd/openssh/dist/version.h | 4 +-
119 files changed, 8403 insertions(+), 5232 deletions(-)
diffs (truncated from 28997 to 300 lines):
diff -r c0b39a208867 -r 5abec8d16d19 crypto/external/bsd/openssh/dist/PROTOCOL
--- a/crypto/external/bsd/openssh/dist/PROTOCOL Fri Dec 04 18:40:04 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL Fri Mar 05 17:45:24 2021 +0000
@@ -292,6 +292,7 @@
byte SSH_MSG_GLOBAL_REQUEST
string "hostkeys-00%openssh.com@localhost"
+ char 0 /* want-reply */
string[] hostkeys
Upon receiving this message, a client should check which of the
@@ -465,6 +466,65 @@
This extension is advertised in the SSH_FXP_VERSION hello with version
"1".
+3.7. sftp: Extension request "lsetstat%openssh.com@localhost"
+
+This request is like the "setstat" command, but sets file attributes on
+symlinks. It is implemented as a SSH_FXP_EXTENDED request with the
+following format:
+
+ uint32 id
+ string "lsetstat%openssh.com@localhost"
+ string path
+ ATTRS attrs
+
+See the "setstat" command for more details.
+
+This extension is advertised in the SSH_FXP_VERSION hello with version
+"1".
+
+3.8. sftp: Extension request "limits%openssh.com@localhost"
+
+This request is used to determine various limits the server might impose.
+Clients should not attempt to exceed these limits as the server might sever
+the connection immediately.
+
+ uint32 id
+ string "limits%openssh.com@localhost"
+
+The server will respond with a SSH_FXP_EXTENDED_REPLY reply:
+
+ uint32 id
+ uint64 max-packet-length
+ uint64 max-read-length
+ uint64 max-write-length
+ uint64 max-open-handles
+
+The 'max-packet-length' applies to the total number of bytes in a
+single SFTP packet. Servers SHOULD set this at least to 34000.
+
+The 'max-read-length' is the largest length in a SSH_FXP_READ packet.
+Even if the client requests a larger size, servers will usually respond
+with a shorter SSH_FXP_DATA packet. Servers SHOULD set this at least to
+32768.
+
+The 'max-write-length' is the largest length in a SSH_FXP_WRITE packet
+the server will accept. Servers SHOULD set this at least to 32768.
+
+The 'max-open-handles' is the maximum number of active handles that the
+server allows (e.g. handles created by SSH_FXP_OPEN and SSH_FXP_OPENDIR
+packets). Servers MAY count internal file handles against this limit
+(e.g. system logging or stdout/stderr), so clients SHOULD NOT expect to
+open this many handles in practice.
+
+If the server doesn't enforce a specific limit, then the field may be
+set to 0. This implies the server relies on the OS to enforce limits
+(e.g. available memory or file handles), and such limits might be
+dynamic. The client SHOULD take care to not try to exceed reasonable
+limits.
+
+This extension is advertised in the SSH_FXP_VERSION hello with version
+"1".
+
4. Miscellaneous changes
4.1 Public key format
@@ -496,4 +556,4 @@
PROTOCOL.mux over a Unix domain socket for communications between a
master instance and later clients.
-$OpenBSD: PROTOCOL,v 1.38 2020/07/05 23:59:45 djm Exp $
+$OpenBSD: PROTOCOL,v 1.41 2021/02/18 02:49:35 djm Exp $
diff -r c0b39a208867 -r 5abec8d16d19 crypto/external/bsd/openssh/dist/PROTOCOL.agent
--- a/crypto/external/bsd/openssh/dist/PROTOCOL.agent Fri Dec 04 18:40:04 2020 +0000
+++ b/crypto/external/bsd/openssh/dist/PROTOCOL.agent Fri Mar 05 17:45:24 2021 +0000
@@ -1,5 +1,5 @@
This file used to contain a description of the SSH agent protocol
implemented by OpenSSH. It has since been superseded by
-https://tools.ietf.org/html/draft-miller-ssh-agent-00
+https://tools.ietf.org/html/draft-miller-ssh-agent-04
-$OpenBSD: PROTOCOL.agent,v 1.13 2020/08/31 00:17:41 djm Exp $
+$OpenBSD: PROTOCOL.agent,v 1.14 2020/10/06 07:12:04 dtucker Exp $
diff -r c0b39a208867 -r 5abec8d16d19 crypto/external/bsd/openssh/dist/addr.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/crypto/external/bsd/openssh/dist/addr.c Fri Mar 05 17:45:24 2021 +0000
@@ -0,0 +1,419 @@
+/* $OpenBSD: addr.c,v 1.1 2021/01/09 11:58:50 dtucker Exp $ */
+
+/*
+ * Copyright (c) 2004-2008 Damien Miller <djm%mindrot.org@localhost>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include <netdb.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+#include "addr.h"
+
+#define _SA(x) ((struct sockaddr *)(x))
+
+int
+addr_unicast_masklen(int af)
+{
+ switch (af) {
+ case AF_INET:
+ return 32;
+ case AF_INET6:
+ return 128;
+ default:
+ return -1;
+ }
+}
+
+static inline int
+masklen_valid(int af, u_int masklen)
+{
+ switch (af) {
+ case AF_INET:
+ return masklen <= 32 ? 0 : -1;
+ case AF_INET6:
+ return masklen <= 128 ? 0 : -1;
+ default:
+ return -1;
+ }
+}
+
+int
+addr_xaddr_to_sa(const struct xaddr *xa, struct sockaddr *sa, socklen_t *len,
+ u_int16_t port)
+{
+ struct sockaddr_in *in4 = (struct sockaddr_in *)sa;
+ struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)sa;
+
+ if (xa == NULL || sa == NULL || len == NULL)
+ return -1;
+
+ switch (xa->af) {
+ case AF_INET:
+ if (*len < sizeof(*in4))
+ return -1;
+ memset(sa, '\0', sizeof(*in4));
+ *len = sizeof(*in4);
+#ifdef SOCK_HAS_LEN
+ in4->sin_len = sizeof(*in4);
+#endif
+ in4->sin_family = AF_INET;
+ in4->sin_port = htons(port);
+ memcpy(&in4->sin_addr, &xa->v4, sizeof(in4->sin_addr));
+ break;
+ case AF_INET6:
+ if (*len < sizeof(*in6))
+ return -1;
+ memset(sa, '\0', sizeof(*in6));
+ *len = sizeof(*in6);
+#ifdef SOCK_HAS_LEN
+ in6->sin6_len = sizeof(*in6);
+#endif
+ in6->sin6_family = AF_INET6;
+ in6->sin6_port = htons(port);
+ memcpy(&in6->sin6_addr, &xa->v6, sizeof(in6->sin6_addr));
+ in6->sin6_scope_id = xa->scope_id;
+ break;
+ default:
+ return -1;
+ }
+ return 0;
+}
+
+/*
+ * Convert struct sockaddr to struct xaddr
+ * Returns 0 on success, -1 on failure.
+ */
+int
+addr_sa_to_xaddr(struct sockaddr *sa, socklen_t slen, struct xaddr *xa)
+{
+ struct sockaddr_in *in4 = (struct sockaddr_in *)sa;
+ struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)sa;
+
+ memset(xa, '\0', sizeof(*xa));
+
+ switch (sa->sa_family) {
+ case AF_INET:
+ if (slen < (socklen_t)sizeof(*in4))
+ return -1;
+ xa->af = AF_INET;
+ memcpy(&xa->v4, &in4->sin_addr, sizeof(xa->v4));
+ break;
+ case AF_INET6:
+ if (slen < (socklen_t)sizeof(*in6))
+ return -1;
+ xa->af = AF_INET6;
+ memcpy(&xa->v6, &in6->sin6_addr, sizeof(xa->v6));
+#ifdef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID
+ xa->scope_id = in6->sin6_scope_id;
+#endif
+ break;
+ default:
+ return -1;
+ }
+
+ return 0;
+}
+
+int
+addr_invert(struct xaddr *n)
+{
+ int i;
+
+ if (n == NULL)
+ return -1;
+
+ switch (n->af) {
+ case AF_INET:
+ n->v4.s_addr = ~n->v4.s_addr;
+ return 0;
+ case AF_INET6:
+ for (i = 0; i < 4; i++)
+ n->addr32[i] = ~n->addr32[i];
+ return 0;
+ default:
+ return -1;
+ }
+}
+
+/*
+ * Calculate a netmask of length 'l' for address family 'af' and
+ * store it in 'n'.
+ * Returns 0 on success, -1 on failure.
+ */
+int
+addr_netmask(int af, u_int l, struct xaddr *n)
+{
+ int i;
+
+ if (masklen_valid(af, l) != 0 || n == NULL)
+ return -1;
+
+ memset(n, '\0', sizeof(*n));
+ switch (af) {
+ case AF_INET:
+ n->af = AF_INET;
+ if (l == 0)
+ return 0;
+ n->v4.s_addr = htonl((0xffffffff << (32 - l)) & 0xffffffff);
+ return 0;
+ case AF_INET6:
+ n->af = AF_INET6;
+ for (i = 0; i < 4 && l >= 32; i++, l -= 32)
+ n->addr32[i] = 0xffffffffU;
+ if (i < 4 && l != 0)
+ n->addr32[i] = htonl((0xffffffff << (32 - l)) &
+ 0xffffffff);
+ return 0;
+ default:
+ return -1;
+ }
+}
+
+int
+addr_hostmask(int af, u_int l, struct xaddr *n)
+{
+ if (addr_netmask(af, l, n) == -1 || addr_invert(n) == -1)
+ return -1;
+ return 0;
+}
+
+/*
+ * Perform logical AND of addresses 'a' and 'b', storing result in 'dst'.
+ * Returns 0 on success, -1 on failure.
+ */
Home |
Main Index |
Thread Index |
Old Index