Commit Graph

5937 Commits

Author SHA1 Message Date
Darren Tucker
4438354870 - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey. 2011-08-28 04:50:16 +10:00
Tim Rice
a6e60616be - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze 2011-08-17 21:48:22 -07:00
Damien Miller
2df1bec086 - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
MAC tests for platforms that hack EVP_SHA2 support
2011-08-17 12:25:46 +10:00
Damien Miller
062fa30532 - djm@cvs.openbsd.org 2011/08/02 01:23:41
[regress/cipher-speed.sh regress/try-ciphers.sh]
     add SHA256/SHA512 based HMAC modes
2011-08-17 12:10:02 +10:00
Damien Miller
faf4d80420 - markus@cvs.openbsd.org 2011/06/30 22:44:43
[connect-privsep.sh]
     test with sandbox enabled; ok djm@
2011-08-17 12:09:19 +10:00
Damien Miller
9231c8bde4 - dtucker@cvs.openbsd.org 2011/06/03 05:35:10
[regress/cfgmatch.sh]
     use OBJ to find test configs, patch from Tim Rice
2011-08-17 12:08:15 +10:00
Damien Miller
44a6c9340a - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
bisson AT archlinux.org
2011-08-17 12:01:44 +10:00
Damien Miller
1a91c0f163 - (djm) [configure.ac] error out if the host lacks the necessary bits for
an explicitly requested sandbox type
2011-08-17 11:59:25 +10:00
Damien Miller
9c08312968 - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
2011-08-17 11:31:07 +10:00
Tim Rice
a1226828ad - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
OpenSSL 0.9.7. ok djm
2011-08-16 17:29:01 -07:00
Damien Miller
d1eb1dd5ed - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
   AT gmail.com; ok dtucker@
2011-08-12 11:22:47 +10:00
Damien Miller
2db9977c06 - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
[contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
   init scrips from imorgan AT nas.nasa.gov
2011-08-12 11:02:35 +10:00
Darren Tucker
4d47ec9c89 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
change error by reporting old and new context names  Patch from
   jchadima at redhat.
2011-08-12 10:12:53 +10:00
Darren Tucker
ddccfb4b98 - dtucker@cvs.openbsd.org 2011/08/07 12:55:30
[sftp.1]
     typo, fix from Laurent Gautrot
2011-08-07 23:12:26 +10:00
Darren Tucker
91e6b57729 - jmc@cvs.openbsd.org 2010/10/14 20:41:28
[moduli.5]
     probabalistic -> probabilistic; from naddy
2011-08-07 23:10:56 +10:00
Darren Tucker
f279474f1b - sobrado@cvs.openbsd.org 2009/10/28 08:56:54
[moduli.5]
     "Diffie-Hellman" is the usual spelling for the cryptographic protocol
     first published by Whitfield Diffie and Martin Hellman in 1976.
     ok jmc@
2011-08-07 23:10:11 +10:00
Darren Tucker
578451ddda - (dtucker) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2008/06/26 06:59:39
     [moduli.5]
     tweak previous;
2011-08-07 23:09:20 +10:00
Damien Miller
765f8c4eff - djm@cvs.openbsd.org 2011/08/02 23:15:03
[ssh.c]
     typo in comment
2011-08-06 06:18:16 +10:00
Damien Miller
c471860d25 - djm@cvs.openbsd.org 2011/08/02 23:13:01
[version.h]
     crank now, release later
2011-08-06 06:17:48 +10:00
Damien Miller
20bd4535c0 - djm@cvs.openbsd.org 2011/08/02 01:22:11
[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     Add new SHA256 and SHA512 based HMAC modes from
     http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
     Patch from mdb AT juniper.net; feedback and ok markus@
2011-08-06 06:17:30 +10:00
Damien Miller
adb467fb69 - markus@cvs.openbsd.org 2011/08/01 19:18:15
[gss-serv.c]
     prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
     report Adam Zabrock; ok djm@, deraadt@
2011-08-06 06:16:46 +10:00
Damien Miller
35e48198a8 - djm@cvs.openbsd.org 2011/07/29 14:42:45
[sandbox-systrace.c]
     fail open(2) with EPERM rather than SIGKILLing the whole process. libc
     will call open() to do strerror() when NLS is enabled;
     feedback and ok markus@
2011-08-06 06:16:23 +10:00
Damien Miller
6ea5e44871 - tedu@cvs.openbsd.org 2011/07/06 18:09:21
[authfd.c]
     bzero the agent address.  the kernel was for a while very cranky about
     these things.  evne though that's fixed, always good to initialize
     memory.  ok deraadt djm
2011-08-06 06:16:00 +10:00
Damien Miller
7741ce8bd2 - djm@cvs.openbsd.org 2011/06/23 23:35:42
[monitor.c]
     ignore EINTR errors from poll()
2011-08-06 06:15:15 +10:00
Damien Miller
cd5e52ee78 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
   markus@
2011-06-27 07:18:18 +10:00
Damien Miller
dcbd41e7af - djm@cvs.openbsd.org 2011/06/23 09:34:13
[sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
     [sandbox-null.c]
     rename sandbox.h => ssh-sandbox.h to make things easier for portable
2011-06-23 19:45:51 +10:00
Damien Miller
80b62e3738 - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
setrlimit(2)
2011-06-23 19:03:18 +10:00
Damien Miller
6d7b4377dd - djm@cvs.openbsd.org 2011/06/22 22:08:42
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
     hook up a channel confirm callback to warn the user then requested X11
     forwarding was refused by the server; ok markus@
2011-06-23 08:31:57 +10:00
Damien Miller
69ff1df952 - djm@cvs.openbsd.org 2011/06/22 21:57:01
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c]
     [sandbox-systrace.c sandbox.h configure.ac Makefile.in]
     introduce sandboxing of the pre-auth privsep child using systrace(4).

     This introduces a new "UsePrivilegeSeparation=sandbox" option for
     sshd_config that applies mandatory restrictions on the syscalls the
     privsep child can perform. This prevents a compromised privsep child
     from being used to attack other hosts (by opening sockets and proxying)
     or probing local kernel attack surface.

     The sandbox is implemented using systrace(4) in unsupervised "fast-path"
     mode, where a list of permitted syscalls is supplied. Any syscall not
     on the list results in SIGKILL being sent to the privsep child. Note
     that this requires a kernel with the new SYSTR_POLICY_KILL option.

     UsePrivilegeSeparation=sandbox will become the default in the future
     so please start testing it now.

     feedback dtucker@; ok markus@
2011-06-23 08:30:03 +10:00
Damien Miller
82c558761d - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2011/06/22 21:47:28
     [servconf.c]
     reuse the multistate option arrays to pretty-print options for "sshd -T"
2011-06-23 08:20:30 +10:00
Damien Miller
4ac99c366c - djm@cvs.openbsd.org 2011/06/17 21:57:25
[clientloop.c]
     setproctitle for a mux master that has been gracefully stopped;
     bz#1911 from Bert.Wesarg AT googlemail.com
2011-06-20 14:43:31 +10:00
Damien Miller
33322127ec - djm@cvs.openbsd.org 2011/06/17 21:47:35
[servconf.c]
     factor out multi-choice option parsing into a parse_multistate label
     and some support structures; ok dtucker@
2011-06-20 14:43:11 +10:00
Damien Miller
f145a5be1c - djm@cvs.openbsd.org 2011/06/17 21:46:16
[sftp-server.c]
     the protocol version should be unsigned; bz#1913 reported by mb AT
     smartftp.com
2011-06-20 14:42:51 +10:00
Damien Miller
8f0bf237d4 - djm@cvs.openbsd.org 2011/06/17 21:44:31
[log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
     make the pre-auth privsep slave log via a socketpair shared with the
     monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
2011-06-20 14:42:23 +10:00
Damien Miller
e7ac2bd42a - markus@cvs.openbsd.org 2011/06/14 22:49:18
[authfile.c]
     make sure key_parse_public/private_rsa1() no longer consumes its input
     buffer.  fixes ssh-add for passphrase-protected ssh1-keys;
     noted by naddy@; ok djm@
2011-06-20 14:23:25 +10:00
Damien Miller
6029e076b2 - djm@cvs.openbsd.org 2011/06/04 00:10:26
[ssh_config.5]
     explain IdentifyFile's semantics a little better, prompted by bz#1898
     ok dtucker jmc
2011-06-20 14:22:49 +10:00
Tim Rice
bc481570d1 - (tim) [regress/cfgmatch.sh] Build/test out of tree fix. 2011-06-02 22:26:19 -07:00
Darren Tucker
bf4d05a37c - dtucker@cvs.openbsd.org 2011/06/03 00:29:52
[regress/dynamic-forward.sh]
     Retry establishing the port forwarding after a small delay, should make
     the tests less flaky when the previous test is slow to shut down and free
     up the port.
2011-06-03 14:19:02 +10:00
Darren Tucker
75e035c34e - dtucker@cvs.openbsd.org 2011/05/31 02:03:34
[regress/dynamic-forward.sh]
     work around startup and teardown races; caught by deraadt
2011-06-03 14:18:17 +10:00
Darren Tucker
260c8fbc4d - dtucker@cvs.openbsd.org 2011/05/31 02:01:58
[regress/dynamic-forward.sh]
     back out revs 1.6 and 1.5 since it's not reliable
2011-06-03 14:17:27 +10:00
Darren Tucker
3e78a516a0 - dtucker@cvs.openbsd.org 2011/06/03 01:37:40
[ssh-agent.c]
     Check current parent process ID against saved one to determine if the parent
     has exited, rather than attempting to send a zero signal, since the latter
     won't work if the parent has changed privs.  bz#1905, patch from Daniel Kahn
     Gillmor, ok djm@
2011-06-03 14:14:16 +10:00
Damien Miller
c09182f613 - (djm) [configure.ac] enable setproctitle emulation for OS X 2011-06-03 12:11:38 +10:00
Damien Miller
ea2c1a4dc6 - djm@cvs.openbsd.org 2011/06/03 00:54:38
[ssh.c]
    bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
    AT googlemail.com; ok dtucker@
    NB. includes additional portability code to enable setproctitle emulation
    on platforms that don't support it.
2011-06-03 12:10:22 +10:00
Darren Tucker
c3c7227ccc add missing changelog entry 2011-06-03 11:20:06 +10:00
Tim Rice
90f42b0705 - (tim) [configure.ac defines.h] Run test program to detect system mail
directory. Add --with-maildir option to override. Fixed OpenServer 6
   getting it wrong. Fixed many systems having MAIL=/var/mail//username
   ok dtucker
2011-06-02 18:17:49 -07:00
Darren Tucker
c412c1567b - (dtucker) [README version.h contrib/caldera/openssh.spec
contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
   bumps from the 5.8p2 branch into HEAD.  ok djm.
2011-06-03 10:35:23 +10:00
Damien Miller
8cb3587336 - djm@cvs.openbsd.org 2011/05/23 03:31:31
[regress/cfgmatch.sh]
     include testing of multiple/overridden AuthorizedKeysFiles
     refactor to simply daemon start/stop and get rid of racy constructs
2011-05-29 21:59:10 +10:00
Damien Miller
295ee63ab2 - djm@cvs.openbsd.org 2011/05/24 07:15:47
[readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
     Remove undocumented legacy options UserKnownHostsFile2 and
     GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
     accept multiple paths per line and making their defaults include
     known_hosts2; ok markus
2011-05-29 21:42:31 +10:00
Damien Miller
04bb56ef10 - djm@cvs.openbsd.org 2011/05/23 07:24:57
[authfile.c]
     read in key comments for v.2 keys (though note that these are not
     passed over the agent protocol); bz#439, based on patch from binder
     AT arago.de; ok markus@
2011-05-29 21:42:08 +10:00
Damien Miller
b9132fc427 - jmc@cvs.openbsd.org 2011/05/23 07:10:21
[sshd.8 sshd_config.5]
     tweak previous; ok djm
2011-05-29 21:41:40 +10:00