PSARC/2008/520 SunSSH with the OpenSSL PKCS#11 engine support

6445288 ssh needs to be OpenSSL engine aware
6709963 SunSSH server leaks memory during initialization
6687401 ssh monitor shouldn't try to log remote IP when child closed the pipe
6696629 sshd should remove alarm signal handler after authentication
6674088 userland threshold for hw offloading makes it difficult for SSL and SSH protocols
6728450 6708125 prevents parent to use the Crypto Framework after the fork(2)
6742247 ssh debug output with PACKET_DEBUG code could be more readable

7 files changed, 91 insertions, 52 deletions

diff --git a/usr/src/cmd/ssh/include/altprivsep.h b/usr/src/cmd/ssh/include/altprivsep.h
index aa2d32417e..fb230d28a7 100644
--- a/usr/src/cmd/ssh/include/altprivsep.h
+++ b/usr/src/cmd/ssh/include/altprivsep.h
@@ -25,8 +25,6 @@
 #ifndef	_ALTPRIVSEP_H
 #define	_ALTPRIVSEP_H
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -40,26 +38,21 @@ extern "C" {
 #define	APS_MSG_RECORD_LOGIN	2
 #define	APS_MSG_RECORD_LOGOUT	3
 #define	APS_MSG_START_REKEX	4
+#define	APS_MSG_AUTH_CONTEXT	5
 
-pid_t	altprivsep_start_monitor(Authctxt *authctxt);
-
-void	altprivsep_do_monitor(Authctxt *authctxt, pid_t child_pid);
+void	altprivsep_start_and_do_monitor(int use_engine, int inetd, int newsock,
+		int statup_pipe);
 int	altprivsep_get_pipe_fd(void);
-int	altprivsep_is_monitor(void);
-int	altprivsep_started(void);
 
 /* child-side handler of re-key packets */
 void	altprivsep_rekey(int type, u_int32_t seq, void *ctxt);
 
-/* monitor-side fatal_cleanup callbacks */
-void	altprivsep_shutdown_sock(void *arg);
-
 /* Calls _to_ monitor from unprivileged process */
 void	altprivsep_process_input(fd_set *rset);
-void	altprivsep_get_newkeys(enum kex_modes mode);
 void	altprivsep_record_login(pid_t pid, const char *ttyname);
 void	altprivsep_record_logout(pid_t pid);
 void	altprivsep_start_rekex(void);
+void	altprivsep_send_auth_context(Authctxt *authctxt);
 
 /* Functions for use in the monitor */
 void	aps_input_altpriv_msg(int type, u_int32_t seq, void *ctxt);
diff --git a/usr/src/cmd/ssh/include/clientloop.h b/usr/src/cmd/ssh/include/clientloop.h
index 5e24594195..46c801e405 100644
--- a/usr/src/cmd/ssh/include/clientloop.h
+++ b/usr/src/cmd/ssh/include/clientloop.h
@@ -1,15 +1,3 @@
-/*	$OpenBSD: clientloop.h,v 1.7 2002/04/22 21:04:52 markus Exp $	*/
-
-#ifndef	_CLIENTLOOP_H
-#define	_CLIENTLOOP_H
-
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -44,12 +32,26 @@ extern "C" {
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
+/*
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef	_CLIENTLOOP_H
+#define	_CLIENTLOOP_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*	$OpenBSD: clientloop.h,v 1.7 2002/04/22 21:04:52 markus Exp $	*/
 
 /* Client side main loop for the interactive session. */
 int	 client_loop(int, int, int);
-void	 client_x11_get_proto(const char *, const char *, u_int,
-	     char **, char **);
+void	 client_x11_get_proto(const char *, const char *, uint_t,
+		char **, char **);
 void	 client_global_request_reply_fwd(int type, u_int32_t seq, void *ctxt);
+void	 client_daemonize(void);
 
 #ifdef __cplusplus
 }
diff --git a/usr/src/cmd/ssh/include/engine.h b/usr/src/cmd/ssh/include/engine.h
new file mode 100644
index 0000000000..74ee80db01
--- /dev/null
+++ b/usr/src/cmd/ssh/include/engine.h
@@ -0,0 +1,43 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+/*
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef _ENGINE_H
+#define	_ENGINE_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "includes.h"
+#include <openssl/engine.h>
+
+ENGINE *pkcs11_engine_load(int use_engine);
+void pkcs11_engine_finish(void *engine);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _ENGINE_H */
diff --git a/usr/src/cmd/ssh/include/kex.h b/usr/src/cmd/ssh/include/kex.h
index a454e3d7bd..77e0fc6880 100644
--- a/usr/src/cmd/ssh/include/kex.h
+++ b/usr/src/cmd/ssh/include/kex.h
@@ -1,20 +1,4 @@
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
- */
-/*	$OpenBSD: kex.h,v 1.32 2002/09/09 14:54:14 markus Exp $	*/
-
-#ifndef	_KEX_H
-#define	_KEX_H
-
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-
-/*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -37,6 +21,19 @@ extern "C" {
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
+/*
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+/*	$OpenBSD: kex.h,v 1.32 2002/09/09 14:54:14 markus Exp $	*/
+
+#ifndef	_KEX_H
+#define	_KEX_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
 
 #include <openssl/evp.h>
 #include "buffer.h"
@@ -165,6 +162,7 @@ typedef void (*Kex_hook_func)(Kex *, char **); /* for GSS-API rekeying */
 Kex	 *kex_setup(const char *host,
 		    char *proposal[PROPOSAL_MAX],
 		    Kex_hook_func hook);
+void	  kex_start(Kex *);
 void	  kex_finish(Kex *);
 
 void	  kex_send_kexinit(Kex *);
diff --git a/usr/src/cmd/ssh/include/packet.h b/usr/src/cmd/ssh/include/packet.h
index 8a71eb2864..b7eb85fca7 100644
--- a/usr/src/cmd/ssh/include/packet.h
+++ b/usr/src/cmd/ssh/include/packet.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 /*
- * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -20,8 +20,6 @@
 
 /*	$OpenBSD: packet.h,v 1.35 2002/06/19 18:01:00 markus Exp $	*/
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -38,6 +36,7 @@ void	 packet_set_monitor(int pip_fd);
 int	 packet_is_server(void);
 int	 packet_is_monitor(void);
 void	 packet_set_packet(const void *buf, u_int len);
+void	 packet_set_fds(int fd, int restore);
 #endif /* ALTPRIVSEP */
 
 void     packet_set_connection(int, int);
@@ -124,6 +123,12 @@ do { \
 int	 packet_need_rekeying(void);
 void     packet_set_rekey_limit(u_int32_t);
 
+/* see a comment attached to will_daemonize in packet.c for more information */
+#define NOT_DAEMONIZING			0
+#define DAEMONIZING_REQUESTED		1
+#define FIRST_NEWKEYS_PROCESSED		2
+#define SECOND_NEWKEYS_PROCESSED	3
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/usr/src/cmd/ssh/include/readconf.h b/usr/src/cmd/ssh/include/readconf.h
index d4829960d8..1aceb9cb7c 100644
--- a/usr/src/cmd/ssh/include/readconf.h
+++ b/usr/src/cmd/ssh/include/readconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 /*
- * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -20,8 +20,6 @@
 
 /*	$OpenBSD: readconf.h,v 1.43 2002/06/08 05:17:01 markus Exp $	*/
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -157,6 +155,7 @@ typedef struct {
 	int	server_alive_count_max;
 
 	int	hash_known_hosts;
+	int	use_openssl_engine;
 }       Options;
 
 
diff --git a/usr/src/cmd/ssh/include/servconf.h b/usr/src/cmd/ssh/include/servconf.h
index 25b36766a7..2199a1b172 100644
--- a/usr/src/cmd/ssh/include/servconf.h
+++ b/usr/src/cmd/ssh/include/servconf.h
@@ -1,5 +1,3 @@
-/*	$OpenBSD: servconf.h,v 1.59 2002/07/30 17:03:55 markus Exp $	*/
-
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -13,15 +11,15 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
+/*	$OpenBSD: servconf.h,v 1.59 2002/07/30 17:03:55 markus Exp $	*/
+
 #ifndef	_SERVCONF_H
 #define	_SERVCONF_H
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -158,6 +156,7 @@ typedef struct {
 	int	max_init_auth_tries_log;    /* SUNW: /etc/default/login */
 
 	int	lookup_client_hostnames;
+	int	use_openssl_engine;
 
 }       ServerOptions;