Lines Matching defs:ssh
6 * This program is the ssh daemon. It listens for connections from clients,
16 * called by a name other than "ssh" or "Secure Shell".
102 #include "ssh.h"
130 #include "ssh-gss.h"
133 #include "ssh-sandbox.h"
259 struct ssh *the_active_state;
261 /* global key/cert auth options. XXX move to permanent ssh->authctxt? */
279 static void do_ssh2_kex(struct ssh *);
484 privsep_preauth(struct ssh *ssh)
493 pmonitor->m_pkex = &ssh->kex;
513 monitor_child_preauth(ssh, pmonitor);
552 privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
573 monitor_clear_keystate(ssh, pmonitor);
574 monitor_child_postauth(ssh, pmonitor);
595 monitor_apply_keystate(ssh, pmonitor);
601 ssh_packet_set_authenticated(ssh);
678 get_hostkey_by_type(int type, int nid, int need_private, struct ssh *ssh)
719 get_hostkey_public_by_type(int type, int nid, struct ssh *ssh)
721 return get_hostkey_by_type(type, nid, 0, ssh);
725 get_hostkey_private_by_type(int type, int nid, struct ssh *ssh)
727 return get_hostkey_by_type(type, nid, 1, ssh);
739 get_hostkey_public_by_index(int ind, struct ssh *ssh)
747 get_hostkey_index(struct sshkey *key, int compare, struct ssh *ssh)
774 notify_hostkeys(struct ssh *ssh)
783 if (ssh->compat & SSH_BUG_HOSTKEYS)
789 key = get_hostkey_public_by_index(i, ssh);
802 if ((r = sshpkt_start(ssh, SSH2_MSG_GLOBAL_REQUEST)) != 0 ||
803 (r = sshpkt_put_cstring(ssh, "hostkeys-00@openssh.com")) != 0 ||
804 (r = sshpkt_put_u8(ssh, 0)) != 0) /* want reply */
805 sshpkt_fatal(ssh, r, "%s: start request", __func__);
811 if ((r = sshpkt_put_stringb(ssh, buf)) != 0)
812 sshpkt_fatal(ssh, r, "%s: append key", __func__);
818 if ((r = sshpkt_send(ssh)) != 0)
819 sshpkt_fatal(ssh, r, "%s: send", __func__);
1468 check_ip_options(struct ssh *ssh)
1471 int sock_in = ssh_packet_get_connection_in(ssh);
1492 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), text);
1500 set_process_rdomain(struct ssh *ssh, const char *name)
1508 if ((name = ssh_packet_rdomain_in(ssh)) == NULL)
1511 /* NB. We don't pass 'ssh' to sys_set_process_rdomain() */
1522 if ((name = ssh_packet_rdomain_in(ssh)) == NULL)
1587 print_config(struct ssh *ssh, struct connection_info *connection_info)
1594 connection_info = get_connection_info(ssh, 0, 0);
1607 struct ssh *ssh = NULL;
1743 connection_info = get_connection_info(ssh, 0, 0);
1880 print_config(ssh, connection_info);
2065 print_config(ssh, connection_info);
2257 if ((ssh = ssh_packet_set_connection(NULL, sock_in, sock_out)) == NULL)
2259 the_active_state = ssh;
2260 ssh_packet_set_server(ssh);
2262 check_ip_options(ssh);
2265 channel_init_channels(ssh);
2266 channel_set_af(ssh, options.address_family);
2267 process_channel_timeouts(ssh, &options);
2268 process_permitopen(ssh, &options);
2271 if (options.tcp_keep_alive && ssh_packet_connection_is_on_socket(ssh) &&
2275 if ((remote_port = ssh_remote_port(ssh)) < 0) {
2281 set_process_rdomain(ssh, options.routing_domain);
2288 remote_ip = ssh_remote_ipaddr(ssh);
2292 auth_get_canonical_hostname(ssh, options.use_dns);
2299 rdomain = ssh_packet_rdomain_in(ssh);
2304 remote_ip, remote_port, laddr, ssh_local_port(ssh),
2322 if ((r = kex_exchange_identification(ssh, -1,
2324 sshpkt_fatal(ssh, r, "banner exchange");
2326 ssh_packet_set_nonblocking(ssh);
2330 ssh->authctxt = authctxt;
2349 if (privsep_preauth(ssh) == 1)
2360 do_ssh2_kex(ssh);
2361 do_authentication2(ssh);
2368 mm_send_keystate(ssh, pmonitor);
2369 ssh_packet_clear_keys(ssh);
2387 audit_event(ssh, SSH_AUTH_SUCCESS);
2400 do_pam_session(ssh);
2409 privsep_postauth(ssh, authctxt);
2413 ssh_packet_set_timeout(ssh, options.client_alive_interval,
2417 notify_hostkeys(ssh);
2420 do_authenticated(ssh, authctxt);
2423 ssh_packet_get_bytes(ssh, &ibytes, &obytes);
2435 PRIVSEP(audit_event(ssh, SSH_CONNECTION_CLOSE));
2438 ssh_packet_close(ssh);
2447 sshd_hostkey_sign(struct ssh *ssh, struct sshkey *privkey,
2455 if (mm_sshkey_sign(ssh, privkey, signature, slenp,
2457 ssh->compat) < 0)
2460 if (mm_sshkey_sign(ssh, pubkey, signature, slenp,
2462 ssh->compat) < 0)
2468 alg, options.sk_provider, NULL, ssh->compat) < 0)
2473 ssh->compat)) != 0) {
2483 do_ssh2_kex(struct ssh *ssh)
2491 ssh_packet_set_rekey_limits(ssh, options.rekey_limit,
2498 kex_proposal_populate_entries(ssh, myproposal, options.kex_algorithms,
2504 if ((r = kex_setup(ssh, myproposal)) != 0)
2506 kex_set_server_sig_algs(ssh, options.pubkey_accepted_algos);
2507 kex = ssh->kex;
2528 ssh_dispatch_run_fatal(ssh, DISPATCH_BLOCK, &kex->done);
2533 if ((r = sshpkt_start(ssh, SSH2_MSG_IGNORE)) != 0 ||
2534 (r = sshpkt_put_cstring(ssh, "markus")) != 0 ||
2535 (r = sshpkt_send(ssh)) != 0 ||
2536 (r = ssh_packet_write_wait(ssh)) != 0)