This patch will get OpenSSH 1.0 to compile on my Redhat 6.1 Linux box. The clients all appear to work OK and interop with ssh-1.2.27i The server needs further work. Password auth appears broken. The password auth should be replaced with PAM calls - there is a patch around that already does this and I have emailed the author asking about its license. You will need OpenSSL and Zlib to compile OpenSSH. This patch file is against the current version of OpenSSH in OpenBSD's CVS tree (distributed as ssh-openbsd-YYYYMMDDRR.tar.gz). All new code is released under a X11-style license, which is very liberal. Please email me bug reports and or patches. Damien Miller Internet Business Solutions http://www.ibs.com.au/ --------------------------------------------------------------------- diff -ruN ssh/Makefile.GNU openssh/Makefile.GNU --- ssh/Makefile.GNU Thu Jan 1 10:00:00 1970 +++ openssh/Makefile.GNU Tue Oct 26 17:17:11 1999 @@ -0,0 +1,47 @@ +CFLAGS=-g -Wall -DETCDIR=\"/etc/ssh\" +TARGETS=bin/libssh.a bin/ssh bin/sshd bin/ssh-add bin/ssh-keygen bin/ssh-agent bin/scp +LFLAGS=-L./bin +LIBS=-lssh -lcrypto -lz -lutil +AR=ar +RANLIB=ranlib + +OBJS= authfd.o authfile.o auth-passwd.o auth-rhosts.o auth-rh-rsa.o \ + auth-rsa.o bufaux.o buffer.o canohost.o channels.o cipher.o \ + clientloop.o compress.o crc32.o deattack.o helper.o hostfile.o \ + log-client.o login.o log-server.o match.o mpaux.o packet.o pty.o \ + readconf.o readpass.o rsa.o servconf.o serverloop.o \ + sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o + +all: $(OBJS) $(TARGETS) + +bin/libssh.a: authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o hostfile.o match.o mpaux.o nchan.o packet.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o helper.o rc4.o + $(AR) rv $@ $^ + $(RANLIB) $@ + +bin/ssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o + [ -d bin ] || mkdir bin + $(CC) -o $@ $^ $(LFLAGS) $(LIBS) + +bin/sshd: sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o + [ -d bin ] || mkdir bin + $(CC) -o $@ $^ $(LFLAGS) $(LIBS) + +bin/scp: scp.o + [ -d bin ] || mkdir bin + $(CC) -o $@ $^ $(LFLAGS) $(LIBS) + +bin/ssh-add: ssh-add.o log-client.o + [ -d bin ] || mkdir bin + $(CC) -o $@ $^ $(LFLAGS) $(LIBS) + +bin/ssh-agent: ssh-agent.o log-client.o + [ -d bin ] || mkdir bin + $(CC) -o $@ $^ $(LFLAGS) $(LIBS) + +bin/ssh-keygen: ssh-keygen.o log-client.o + [ -d bin ] || mkdir bin + $(CC) -o $@ $^ $(LFLAGS) $(LIBS) + +clean: + rm -f *.o core bin/* + diff -ruN ssh/README.openssh openssh/README.openssh --- ssh/README.openssh Thu Jan 1 10:00:00 1970 +++ openssh/README.openssh Tue Oct 26 17:24:26 1999 @@ -0,0 +1,10 @@ +This version of SSH is based upon code retrieved from the OpenBSD CVS +repository on 1999-10-26, which in turn was based on the last free +version of SSH released by Tatu Ylonen. + +Code in helper.[ch] is Copyright 1999 Internet Business Solutions and +is released under a X11-style license (see source file for details). + +(A)RC4 code in rc4.[ch] is Copyright 1999 Damien Miller. It too is +under a X11-style license (see sources file for details). + diff -ruN ssh/auth-rsa.c openssh/auth-rsa.c --- ssh/auth-rsa.c Mon Oct 18 11:54:18 1999 +++ openssh/auth-rsa.c Tue Oct 26 17:01:21 1999 @@ -25,8 +25,8 @@ #include "mpaux.h" #include "uidswap.h" -#include -#include +#include +#include /* Flags that may be set in authorized_keys options. */ extern int no_port_forwarding_flag; @@ -94,10 +94,10 @@ assert(len <= 32 && len); memset(buf, 0, 32); BN_bn2bin(challenge, buf + 32 - len); - MD5Init(&md); - MD5Update(&md, buf, 32); - MD5Update(&md, session_id, 16); - MD5Final(mdbuf, &md); + MD5_Init(&md); + MD5_Update(&md, buf, 32); + MD5_Update(&md, session_id, 16); + MD5_Final(mdbuf, &md); /* We will no longer need these. */ BN_clear_free(encrypted_challenge); diff -ruN ssh/authfd.c openssh/authfd.c --- ssh/authfd.c Fri Oct 15 04:17:41 1999 +++ openssh/authfd.c Tue Oct 26 17:01:18 1999 @@ -24,7 +24,7 @@ #include "xmalloc.h" #include "getput.h" -#include +#include /* Returns the number of the authentication fd, or -1 if there is none. */ diff -ruN ssh/authfile.c openssh/authfile.c --- ssh/authfile.c Tue Oct 12 06:00:35 1999 +++ openssh/authfile.c Tue Oct 26 17:01:16 1999 @@ -17,7 +17,7 @@ #include "includes.h" RCSID("$Id: authfile.c,v 1.7 1999/10/11 20:00:35 markus Exp $"); -#include +#include #include "xmalloc.h" #include "buffer.h" #include "bufaux.h" diff -ruN ssh/bufaux.c openssh/bufaux.c --- ssh/bufaux.c Tue Sep 28 14:45:36 1999 +++ openssh/bufaux.c Tue Oct 26 17:01:13 1999 @@ -18,7 +18,7 @@ RCSID("$Id: bufaux.c,v 1.2 1999/09/28 04:45:36 provos Exp $"); #include "ssh.h" -#include +#include #include "bufaux.h" #include "xmalloc.h" #include "getput.h" diff -ruN ssh/cipher.c openssh/cipher.c --- ssh/cipher.c Fri Oct 1 08:12:16 1999 +++ openssh/cipher.c Tue Oct 26 16:59:28 1999 @@ -17,7 +17,7 @@ #include "ssh.h" #include "cipher.h" -#include +#include /* * What kind of tripple DES are these 2 routines? @@ -178,9 +178,9 @@ MD5_CTX md; unsigned char digest[16]; - MD5Init(&md); - MD5Update(&md, (const unsigned char *)passphrase, strlen(passphrase)); - MD5Final(digest, &md); + MD5_Init(&md); + MD5_Update(&md, (const unsigned char *)passphrase, strlen(passphrase)); + MD5_Final(digest, &md); cipher_set_key(context, cipher, digest, 16, for_encryption); diff -ruN ssh/cipher.h openssh/cipher.h --- ssh/cipher.h Sun Oct 3 05:14:54 1999 +++ openssh/cipher.h Tue Oct 26 17:01:09 1999 @@ -16,8 +16,8 @@ #ifndef CIPHER_H #define CIPHER_H -#include -#include +#include +#include /* Cipher types. New types can be added, but old types should not be removed for compatibility. The maximum allowed value is 31. */ diff -ruN ssh/helper.c openssh/helper.c --- ssh/helper.c Thu Jan 1 10:00:00 1970 +++ openssh/helper.c Tue Oct 26 17:23:08 1999 @@ -0,0 +1,142 @@ +/* +** +** OpenBSD emulation routines +** +** Damien Miller +** +** Copyright 1999 Internet Business Solutions +** +** Permission is hereby granted, free of charge, to any person +** obtaining a copy of this software and associated documentation +** files (the "Software"), to deal in the Software without +** restriction, including without limitation the rights to use, copy, +** modify, merge, publish, distribute, sublicense, and/or sell copies +** of the Software, and to permit persons to whom the Software is +** furnished to do so, subject to the following conditions: +** +** The above copyright notice and this permission notice shall be +** included in all copies or substantial portions of the Software. +** +** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY +** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE +** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET +** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE +** OR OTHER DEALINGS IN THE SOFTWARE. +** +** Except as contained in this notice, the name of Internet Business +** Solutions shall not be used in advertising or otherwise to promote +** the sale, use or other dealings in this Software without prior +** written authorization from Internet Business Solutions. +** +*/ + +#include +#include +#include +#include +#include + +#include +#include +#include + +#include "rc4.h" +#include "xmalloc.h" + +#include "helper.h" + +void get_random_bytes(unsigned char *buf, int len); + +static rc4_t *rc4 = NULL; + +const char mkdtemp_chars[] = "abcdefghijklmnopqrstuvwxzyABCDEFGHIJKLMNOPQRSTUVWXZY0123456789"; +#define MKDTEMP_CHARS_LEN 62 + +void setproctitle(const char *fmt, ...) +{ + /* FIXME */ +} + +void strlcpy(char *dst, const char *src, int len) +{ + strncpy(dst, src, len - 1); + dst[len - 1] = '\0'; +} + +char *mkdtemp(char *template) +{ + int offset; + + offset = strlen(template) - 1; + + if (offset < 0) + { + fprintf(stderr, "Empty string passed to mkdtemp."); + exit(1); + } + + /* Start at end of line and replace each 'X' with a random char */ + while((offset >= 0) && (template[offset] == 'X')) + { + template[offset] = mkdtemp_chars[arc4random() % MKDTEMP_CHARS_LEN]; + offset--; + } + + if (mkdir(template, 0700) == -1) + return(NULL); + + return(template); +} + +unsigned char arc4random(void) +{ + unsigned char r; + + if (rc4 == NULL) + arc4random_stir(); + + rc4_getbytes(rc4, &r, 1); + + return(r); +} + +void arc4random_stir(void) +{ + unsigned char rand_buf[256]; + + if (rc4 == NULL) + rc4 = xmalloc(sizeof(*rc4)); + + get_random_bytes(rand_buf, sizeof(rand_buf)); + rc4_key(rc4, rand_buf, sizeof(rand_buf)); +} + +void get_random_bytes(unsigned char *buf, int len) +{ + int urandom; + int c; + + urandom = open("/dev/urandom", O_RDONLY); + if (urandom == -1) + { + fprintf(stderr, "Couldn't open /dev/urandom: %s", strerror(errno)); + exit(1); + } + + c = read(urandom, buf, len); + if (c == -1) + { + fprintf(stderr, "Couldn't read from /dev/urandom: %s", strerror(errno)); + exit(1); + } + + if (c != len) + { + fprintf(stderr, "Short read from /dev/urandom"); + exit(1); + } +} + diff -ruN ssh/helper.h openssh/helper.h --- ssh/helper.h Thu Jan 1 10:00:00 1970 +++ openssh/helper.h Tue Oct 26 17:22:53 1999 @@ -0,0 +1,45 @@ +/* +** +** OpenBSD emulation routines +** +** Damien Miller +** +** Copyright 1999 Internet Business Solutions +** +** Permission is hereby granted, free of charge, to any person +** obtaining a copy of this software and associated documentation +** files (the "Software"), to deal in the Software without +** restriction, including without limitation the rights to use, copy, +** modify, merge, publish, distribute, sublicense, and/or sell copies +** of the Software, and to permit persons to whom the Software is +** furnished to do so, subject to the following conditions: +** +** The above copyright notice and this permission notice shall be +** included in all copies or substantial portions of the Software. +** +** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY +** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE +** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE +** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET +** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE +** OR OTHER DEALINGS IN THE SOFTWARE. +** +** Except as contained in this notice, the name of Internet Business +** Solutions shall not be used in advertising or otherwise to promote +** the sale, use or other dealings in this Software without prior +** written authorization from Internet Business Solutions. +** +*/ + +#ifndef _HELPER_H +#define _HELPER_H + +void strlcpy(char *dst, const char *src, int len); +unsigned char arc4random(void); +void arc4random_stir(void); +char *mkdtemp(char *template); +void setproctitle(const char *fmt, ...); + +#endif /* _HELPER_H */ diff -ruN ssh/includes.h openssh/includes.h --- ssh/includes.h Thu Sep 30 18:34:25 1999 +++ openssh/includes.h Tue Oct 26 17:07:07 1999 @@ -24,7 +24,6 @@ #include #include #include -#include #include #include #include @@ -38,7 +37,7 @@ #include #include -#include +#include #include #include #include @@ -58,8 +57,17 @@ #include "version.h" +#include "helper.h" + /* Define this to be the path of the xauth program. */ +#ifndef XAUTH_PATH #define XAUTH_PATH "/usr/X11R6/bin/xauth" +#endif /* XAUTH_PATH */ + +/* Define this to be the path of the rsh program. */ +#ifndef _PATH_RSH +#define _PATH_RSH "/usr/bin/rsh" +#endif /* _PATH_RSH */ /* Define this to use pipes instead of socketpairs for communicating with the client program. Socketpairs do not seem to work on all systems. */ diff -ruN ssh/login.c openssh/login.c --- ssh/login.c Fri Oct 1 02:55:06 1999 +++ openssh/login.c Tue Oct 26 17:04:13 1999 @@ -20,7 +20,6 @@ #include "includes.h" RCSID("$Id: login.c,v 1.7 1999/09/30 16:55:06 deraadt Exp $"); -#include #include #include "ssh.h" diff -ruN ssh/mpaux.c openssh/mpaux.c --- ssh/mpaux.c Fri Oct 1 03:08:52 1999 +++ openssh/mpaux.c Tue Oct 26 17:01:07 1999 @@ -17,11 +17,11 @@ #include "includes.h" RCSID("$Id: mpaux.c,v 1.3 1999/09/30 17:08:52 deraadt Exp $"); -#include +#include #include "getput.h" #include "xmalloc.h" -#include +#include void compute_session_id(unsigned char session_id[16], @@ -39,8 +39,8 @@ BN_bn2bin(session_key_n, buf + (host_key_bits + 7 ) / 8); memcpy(buf + (host_key_bits + 7) / 8 + (session_key_bits + 7) / 8, cookie, 8); - MD5Init(&md); - MD5Update(&md, buf, bytes); - MD5Final(session_id, &md); + MD5_Init(&md); + MD5_Update(&md, buf, bytes); + MD5_Final(session_id, &md); xfree(buf); } diff -ruN ssh/packet.h openssh/packet.h --- ssh/packet.h Tue Sep 28 14:45:36 1999 +++ openssh/packet.h Tue Oct 26 17:01:04 1999 @@ -18,7 +18,7 @@ #ifndef PACKET_H #define PACKET_H -#include +#include /* Sets the socket used for communication. Disables encryption until packet_set_encryption_key is called. It is permissible that fd_in diff -ruN ssh/rc4.c openssh/rc4.c --- ssh/rc4.c Thu Jan 1 10:00:00 1970 +++ openssh/rc4.c Tue Oct 26 17:22:37 1999 @@ -0,0 +1,105 @@ +/*! \file rc4.c + \brief Source file for RC4 stream cipher routines + \author Damien Miller + \version 0.0.0 + \date 1999 + + A simple implementation of the RC4 stream cipher, based on the + description given in _Bruce Schneier's_ "Applied Cryptography" + 2nd edition. + + Copyright 1999 Damien Miller + + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation + files (the "Software"), to deal in the Software without + restriction, including without limitation the rights to use, copy, + modify, merge, publish, distribute, sublicense, and/or sell copies + of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE + AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER BE LIABLE + FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + + \warning None of these functions clears its memory after use. It + \warning is the responsability of the calling routines to ensure + \warning that any sensitive data (keystream, key or plaintext) is + \warning properly erased after use. + + \warning The name "RC4" is trademarked in the United States, + \warning you may need to use "RC4 compatible" or "ARC4" + \warning (Alleged RC4). +*/ + +/* $Id: rc4.c,v 1.1.1.1 1999/10/26 05:48:13 damien Exp $ */ + +#include "rc4.h" + + +void rc4_key(rc4_t *r, unsigned char *key, int len) +{ + int t; + + for(r->i = 0; r->i < 256; r->i++) + r->s[r->i] = r->i; + + r->j = 0; + for(r->i = 0; r->i < 256; r->i++) + { + r->j = (r->j + r->s[r->i] + key[r->i % len]) % 256; + t = r->s[r->i]; + r->s[r->i] = r->s[r->j]; + r->s[r->j] = t; + } + r->i = r->j = 0; +} + +void rc4_crypt(rc4_t *r, unsigned char *plaintext, int len) +{ + int t; + int c; + + c = 0; + while(c < len) + { + r->i = (r->i + 1) % 256; + r->j = (r->j + r->s[r->i]) % 256; + t = r->s[r->i]; + r->s[r->i] = r->s[r->j]; + r->s[r->j] = t; + + t = (r->s[r->i] + r->s[r->j]) % 256; + + plaintext[c] ^= r->s[t]; + c++; + } +} + +void rc4_getbytes(rc4_t *r, unsigned char *buffer, int len) +{ + int t; + int c; + + c = 0; + while(c < len) + { + r->i = (r->i + 1) % 256; + r->j = (r->j + r->s[r->i]) % 256; + t = r->s[r->i]; + r->s[r->i] = r->s[r->j]; + r->s[r->j] = t; + + t = (r->s[r->i] + r->s[r->j]) % 256; + + buffer[c] = r->s[t]; + c++; + } +} diff -ruN ssh/rc4.h openssh/rc4.h --- ssh/rc4.h Thu Jan 1 10:00:00 1970 +++ openssh/rc4.h Tue Oct 26 17:22:25 1999 @@ -0,0 +1,110 @@ +/*! \file rc4.h + \brief Header file for RC4 stream cipher routines + \author Damien Miller + \version 0.0.0 + \date 1999 + + A simple implementation of the RC4 stream cipher, based on the + description given in _Bruce Schneier's_ "Applied Cryptography" + 2nd edition. + + Copyright 1999 Damien Miller + + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation + files (the "Software"), to deal in the Software without + restriction, including without limitation the rights to use, copy, + modify, merge, publish, distribute, sublicense, and/or sell copies + of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY + KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE + WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE + AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER BE LIABLE + FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF + CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + + \warning None of these functions clears its memory after use. It + \warning is the responsability of the calling routines to ensure + \warning that any sensitive data (keystream, key or plaintext) is + \warning properly erased after use. + + \warning The name "RC4" is trademarked in the United States, + \warning you may need to use "RC4 compatible" or "ARC4" + \warning (Alleged RC4). +*/ + +/* $Id: rc4.h,v 1.1.1.1 1999/10/26 05:48:13 damien Exp $ */ + +#ifndef _RC4_H +#define _RC4_H + +/*! \struct rc4_t + \brief RC4 stream cipher state object + \var s State array + \var i Monotonic index + \var j Randomised index + + \warning This structure should not be accessed directly. To + \warning initialise a rc4_t object, you should use the rc4_key() + \warning function + + This structure holds the current state of the RC4 algorithm. +*/ +typedef struct +{ + unsigned int s[256]; + int i; + int j; +} rc4_t; + +/*! \fn void rc4_key(rc4_t *r, unsigned char *key, int len); + \brief Set up key structure of RC4 stream cipher + \param r pointer to RC4 structure to be seeded + \param key pointer to buffer containing raw key + \param len length of key + + This function set the internal state of the RC4 data structure + pointed to by \a r using the specified \a key of length \a len. + + This function can use up to 256 bytes of key, any more are ignored. + + \warning Stream ciphers (such as RC4) can be insecure if the same + \warning key is used repeatedly. Ensure that any key specified has + \warning an reasonably sized Initialisation Vector component. +*/ +void rc4_key(rc4_t *r, unsigned char *key, int len); + +/*! \fn rc4_crypt(rc4_t *r, unsigned char *plaintext, int len); + \brief Crypt bytes using RC4 algorithm + \param r pointer to RC4 structure to be used + \param plaintext Pointer to bytes to encrypt + \param len number of bytes to crypt + + This function encrypts one or more bytes (pointed to by \a plaintext) + using the RC4 algorithm. \a r is a state structure that must be + initialiased using the rc4_key() function prior to use. + + Since RC4 XORs each byte of plaintext with a byte of keystream, + this function can be used for both encryption and decryption. +*/ +void rc4_crypt(rc4_t *r, unsigned char *plaintext, int len); + +/*! \fn rc4_getbytes(rc4_t *r, unsigned char *buffer, int len); + \brief Generate key stream using the RC4 stream cipher + \param r pointer to RC4 structure to be used + \param buffer pointer to buffer in which to deposit keystream + \param len number of bytes to deposit + + This function gives access to the raw RC4 key stream. In this + consiguration RC4 can be used as a fast, strong pseudo-random + number generator with a very long period. +*/ +void rc4_getbytes(rc4_t *r, unsigned char *buffer, int len); + +#endif /* _RC4_H */ diff -ruN ssh/rsa.h openssh/rsa.h --- ssh/rsa.h Wed Sep 29 16:15:00 1999 +++ openssh/rsa.h Tue Oct 26 17:01:01 1999 @@ -18,8 +18,8 @@ #ifndef RSA_H #define RSA_H -#include -#include +#include +#include /* Calls SSL RSA_generate_key, only copies to prv and pub */ void rsa_generate_key(RSA *prv, RSA *pub, unsigned int bits); diff -ruN ssh/ssh-agent.c openssh/ssh-agent.c --- ssh/ssh-agent.c Fri Oct 15 04:17:42 1999 +++ openssh/ssh-agent.c Tue Oct 26 16:59:09 1999 @@ -26,7 +26,7 @@ #include "getput.h" #include "mpaux.h" -#include +#include typedef struct { @@ -132,10 +132,10 @@ assert(len <= 32 && len); memset(buf, 0, 32); BN_bn2bin(challenge, buf + 32 - len); - MD5Init(&md); - MD5Update(&md, buf, 32); - MD5Update(&md, session_id, 16); - MD5Final(mdbuf, &md); + MD5_Init(&md); + MD5_Update(&md, buf, 32); + MD5_Update(&md, session_id, 16); + MD5_Final(mdbuf, &md); break; default: diff -ruN ssh/ssh.h openssh/ssh.h --- ssh/ssh.h Tue Oct 26 06:41:55 1999 +++ openssh/ssh.h Tue Oct 26 17:58:35 1999 @@ -51,7 +51,10 @@ port if present. */ #define SSH_SERVICE_NAME "ssh" +#ifndef ETCDIR #define ETCDIR "/etc" +#endif /* ETCDIR */ + #define PIDDIR "/var/run" /* System-wide file containing host keys of known hosts. This file should be @@ -64,9 +67,9 @@ are all defined in Makefile.in. Of these, ssh_host_key should be readable only by root, whereas ssh_config should be world-readable. */ -#define HOST_KEY_FILE "/etc/ssh_host_key" -#define SERVER_CONFIG_FILE "/etc/sshd_config" -#define HOST_CONFIG_FILE "/etc/ssh_config" +#define HOST_KEY_FILE ETCDIR "/ssh_host_key" +#define SERVER_CONFIG_FILE ETCDIR "/sshd_config" +#define HOST_CONFIG_FILE ETCDIR "/ssh_config" #define SSH_PROGRAM "/usr/bin/ssh" diff -ruN ssh/sshconnect.c openssh/sshconnect.c --- ssh/sshconnect.c Tue Oct 26 06:34:30 1999 +++ openssh/sshconnect.c Tue Oct 26 17:00:58 1999 @@ -17,7 +17,7 @@ #include "includes.h" RCSID("$Id: sshconnect.c,v 1.23 1999/10/25 20:34:30 markus Exp $"); -#include +#include #include "xmalloc.h" #include "rsa.h" #include "ssh.h" @@ -28,7 +28,7 @@ #include "uidswap.h" #include "compat.h" -#include +#include /* Session id for the current session. */ unsigned char session_id[16]; @@ -452,10 +452,10 @@ assert(len <= sizeof(buf) && len); memset(buf, 0, sizeof(buf)); BN_bn2bin(challenge, buf + sizeof(buf) - len); - MD5Init(&md); - MD5Update(&md, buf, 32); - MD5Update(&md, session_id, 16); - MD5Final(response, &md); + MD5_Init(&md); + MD5_Update(&md, buf, 32); + MD5_Update(&md, session_id, 16); + MD5_Final(response, &md); debug("Sending response to host key RSA challenge.");