Commit Graph

9359 Commits

Author SHA1 Message Date
djm@openbsd.org
04df43208b upstream: man bits for PermitListen
OpenBSD-Commit-ID: 35b200cba4e46a16a4db6a80ef11838ab0fad67c
2018-06-07 04:27:21 +10:00
djm@openbsd.org
93c06ab6b7 upstream: permitlisten option for authorized_keys; ok markus@
OpenBSD-Commit-ID: 8650883018d7aa893173d703379e4456a222c672
2018-06-07 04:27:20 +10:00
djm@openbsd.org
115063a664 upstream: Add a PermitListen directive to control which server-side
addresses may be listened on when the client requests remote forwarding (ssh
-R).

This is the converse of the existing PermitOpen directive and this
includes some refactoring to share much of its implementation.

feedback and ok markus@

OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
2018-06-07 04:27:20 +10:00
Darren Tucker
7703ae5f5d Use ssh-keygen -A to generate missing host keys.
Instead of testing for each specific key type, use ssh-keygen -A to
generate any missing host key types.
2018-06-06 16:05:44 +10:00
jmc@openbsd.org
e8d59fef10 upstream: add missing punctuation after %i in ssh_config.5, and
make the grammatical format in sshd_config.5 match that in ssh_config.5;

OpenBSD-Commit-ID: e325663b9342f3d556e223e5306e0d5fa1a74fa0
2018-06-04 14:54:43 +10:00
jmc@openbsd.org
a1f737d6a9 upstream: oops - further adjustment to text neccessary;
OpenBSD-Commit-ID: 23585576c807743112ab956be0fb3c786bdef025
2018-06-04 14:54:43 +10:00
jmc@openbsd.org
2940284934 upstream: %U needs to be escaped; tweak text;
OpenBSD-Commit-ID: 30887b73ece257273fb619ab6f4e86dc92ddc15e
2018-06-04 14:54:43 +10:00
dtucker@openbsd.org
e5019da3c5 upstream: Apply umask to all incoming files and directories not
just files. This makes sure it gets applied to directories too, and prevents
a race where files get chmodded after creation.  bz#2839, ok djm@

OpenBSD-Commit-ID: 3168ee6c7c39093adac4fd71039600cfa296203b
2018-06-04 14:54:43 +10:00
djm@openbsd.org
a1dcafc41c upstream: Adapt to extra default verboisity from ssh-keygen when
searching for and hashing known_hosts entries in a single operation
(ssh-keygen -HF ...) Patch from Anton Kremenetsky

OpenBSD-Regress-ID: 519585a4de35c4611285bd6a7272766c229b19dd
2018-06-01 14:24:08 +10:00
djm@openbsd.org
76f314c75d upstream: Add TEST_SSH_FAIL_FATAL variable, to force all failures
to instantly abort the test. Useful in capturing clean logs for individual
failure cases.

OpenBSD-Regress-ID: feba18cf338c2328b9601bd4093cabdd9baa3af1
2018-06-01 14:24:08 +10:00
dtucker@openbsd.org
065c8c055d upstream: Clean up comment.
OpenBSD-Regress-ID: 6adb35f384d447e7dcb9f170d4f0d546d3973e10
2018-06-01 14:23:22 +10:00
djm@openbsd.org
01b048c8eb upstream: whitespace
OpenBSD-Commit-ID: e5edb5e843ddc9b73a8e46518899be41d5709add
2018-06-01 14:22:29 +10:00
djm@openbsd.org
854ae209f9 upstream: make ssh_remote_ipaddr() capable of being called after
the ssh->state has been torn down; bz#2773

OpenBSD-Commit-ID: 167f12523613ca3d16d7716a690e7afa307dc7eb
2018-06-01 14:20:12 +10:00
djm@openbsd.org
3e088aaf23 upstream: return correct exit code when searching for and hashing
known_hosts entries in a single operation (ssh-keygen -HF hostname); bz2772
Report and fix from Anton Kremenetsky

OpenBSD-Commit-ID: ac10ca13eb9bb0bc50fcd42ad11c56c317437b58
2018-06-01 14:20:12 +10:00
djm@openbsd.org
9c935dd9bf upstream: make UID available as a %-expansion everywhere that the
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@

OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
2018-06-01 13:35:59 +10:00
djm@openbsd.org
d8748b91d1 upstream: prefer argv0 to "ssh" when re-executing ssh for ProxyJump
directive; bz2831, feedback and ok dtucker@

OpenBSD-Commit-ID: 3cec709a131499fbb0c1ea8a0a9e0b0915ce769e
2018-06-01 13:14:54 +10:00
djm@openbsd.org
fbb4b5fd4f upstream: Do not ban PTY allocation when a sshd session is restricted
because the user password is expired as it breaks password change dialog.

regression in openssh-7.7 reported by Daniel Wagner

OpenBSD-Commit-ID: 9fc09c584c6f1964b00595e3abe7f83db4d90d73
2018-05-25 17:12:04 +10:00
djm@openbsd.org
f6a59a22b0 upstream: Fix return value confusion in several functions (readdir,
download and fsync). These should return -1 on error, not a sftp status code.

patch from Petr Cerny in bz#2871

OpenBSD-Commit-ID: 651aa0220ad23c9167d9297a436162d741f97a09
2018-05-25 14:27:50 +10:00
dtucker@openbsd.org
1da5934b86 upstream: If select() fails in ssh_packet_read_seqnr go directly to
the error path instead of trying to read from the socket on the way out,
which resets errno and causes the true error to be misreported.  ok djm@

OpenBSD-Commit-ID: 2614edaadbd05a957aa977728aa7a030af7c6f0a
2018-05-25 14:27:50 +10:00
Damien Miller
4ef75926ef Permit getuid()/geteuid() syscalls.
Requested for Linux/s390; patch from Eduardo Barretto via bz#2752;
ok dtucker
2018-05-25 13:45:01 +10:00
djm@openbsd.org
4b22fd8ece upstream: support ProxyJump=none to disable ProxyJump
functionality; bz#2869 ok dtucker@

OpenBSD-Commit-ID: 1c06ee08eb78451b5837fcfd8cbebc5ff3a67a01
2018-05-22 10:15:18 +10:00
jmc@openbsd.org
f41bcd70f5 upstream: correct keyowrd name (permitemptypasswords); from brendan
macdonell

OpenBSD-Commit-ID: ef1bdbc936b2ea693ee37a4c20a94d4d43f5fda3
2018-05-22 10:15:18 +10:00
djm@openbsd.org
f18bc97151 upstream: Emphasise that -w implicitly sets Tunnel=point-to-point
and that users should specify an explicit Tunnel directive if they don't want
this. bz#2365.

OpenBSD-Commit-ID: 1a8d9c67ae213ead180481900dbbb3e04864560d
2018-05-22 10:15:18 +10:00
Damien Miller
32e4e94e15 sync fmt_scaled.c
revision 1.17
date: 2018/05/14 04:39:04;  author: djm;  state: Exp;  lines: +5 -2;
commitid: 53zY8GjViUBnWo8Z;
constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
2018-05-14 14:40:08 +10:00
Damien Miller
54268d589e fix key-options.sh on platforms without openpty(3)
Skip the pty tests if the platform lacks openpty(3) and has to chown(2)
the pty device explicitly. This typically requires root permissions that
this test lacks.

bz#2856 ok dtucker@
2018-05-11 14:04:40 +10:00
djm@openbsd.org
b2140a739b upstream: implement EMFILE mitigation for ssh-agent: remember the
fd rlimit and stop accepting new connections when it is exceeded (with some
grace). Accept is resumed when enough connections are closed.

bz#2576. feedback deraadt; ok dtucker@

OpenBSD-Commit-ID: 6a85d9cec7b85741961e7116a49f8dae777911ea
2018-05-11 13:56:42 +10:00
dtucker@openbsd.org
fdba503fdf upstream: Explicit cast when snprintf'ing an uint64. Prevents
warnings on platforms where int64 is long not long long.  ok djm@

OpenBSD-Commit-ID: 9c5359e2fbfce11dea2d93f7bc257e84419bd001
2018-05-11 13:56:23 +10:00
bluhm@openbsd.org
e7751aa409 upstream: Since the previous commit, ssh regress test sftp-chroot was
failing. The sftp program terminated with the wrong exit code as sftp called
fatal() instad of exit(0).  So when the sigchld handler waits for the child,
remember that it was found.  Then don't expect that main() can wait again. OK
dtucker@

OpenBSD-Commit-ID: bfafd940c0de5297940c71ddf362053db0232266
2018-05-11 13:10:49 +10:00
Darren Tucker
7c15301841 Use includes.h instead of config.h.
This ensures it picks up the definition of DEF_WEAK, the lack of which
can cause compile errors in some cases (eg modern AIX).  From
michael at felt.demon.nl.
2018-04-29 17:54:12 +10:00
Darren Tucker
cec338967a Omit 3des-cbc if OpenSSL built without DES.
Patch from hongxu.jia at windriver.com, ok djm@
2018-04-19 13:19:35 +10:00
djm@openbsd.org
a575ddd588 upstream: Disable SSH2_MSG_DEBUG messages for Twisted Conch clients
without version numbers since they choke on them under some circumstances.
https://twistedmatrix.com/trac/ticket/9422 via Colin Watson

Newer Conch versions have a version number in their ident string and
handle debug messages okay. https://twistedmatrix.com/trac/ticket/9424

OpenBSD-Commit-ID: 6cf7be262af0419c58ddae11324d9c0dc1577539
2018-04-17 08:51:51 +10:00
djm@openbsd.org
390c7000a8 upstream: don't free the %C expansion, it's used later for
LocalCommand

OpenBSD-Commit-ID: 857b5cb37b2d856bfdfce61289a415257a487fb1
2018-04-15 07:52:57 +10:00
djm@openbsd.org
3455f1e7c4 upstream: notify user immediately when underlying ssh process dies;
patch from Thomas Kuthan in bz2719; ok dtucker@

OpenBSD-Commit-ID: 78fac88c2f08054d1fc5162c43c24162b131cf78
2018-04-15 07:52:56 +10:00
Darren Tucker
1c5b4bc827 Allow nanosleep in preauth privsep child.
The new timing attack mitigation code uses nanosleep in the preauth
codepath, allow in systrace andbox too.
2018-04-13 16:23:57 +10:00
Darren Tucker
0e73428038 Allow nanosleep in preauth privsep child.
The new timing attack mitigation code uses nanosleep in the preauth
codepath, allow in sandbox.
2018-04-13 16:06:29 +10:00
dtucker@openbsd.org
e9d910b028 upstream: Defend against user enumeration timing attacks. This
establishes a minimum time for each failed authentication attempt (5ms) and
adds a per-user constant derived from a host secret (0-4ms).  Based on work
by joona.kannisto at tut.fi, ok markus@ djm@.

OpenBSD-Commit-ID: b7845b355bb7381703339c8fb0e57e81a20ae5ca
2018-04-13 15:26:11 +10:00
Darren Tucker
d97874cbd9 Using "==" in shell tests is not portable.
Patch from rsbecker at nexbridge.com.
2018-04-13 13:45:51 +10:00
Damien Miller
cfb1d9bc76 Fix tunnel forwarding broken in 7.7p1
bz2855, ok dtucker@
2018-04-13 13:38:06 +10:00
Damien Miller
afa6e79b76 prefer to use getrandom() for PRNG seeding
Only applies when built --without-openssl. Thanks Jann Horn for
reminder.
2018-04-13 13:32:23 +10:00
Darren Tucker
575fac34a9 Revert $REGRESSTMP changes.
Revert 3fd2d229 and subsequent changes as they turned out to be a
portability hassle.
2018-04-13 13:13:33 +10:00
Damien Miller
10479cc2a4 Many typo fixes from Karsten Weiss
Spotted using https://github.com/lucasdemarchi/codespell
2018-04-10 10:19:02 +10:00
djm@openbsd.org
907da2f885 upstream: more typos spotted by Karsten Weiss using codespell
OpenBSD-Regress-ID: d906a2aea0663810a658b7d0bc61a1d2907d4d69
2018-04-10 10:17:56 +10:00
djm@openbsd.org
37e5f4a7ab upstream: make this a bit more portable-friendly
OpenBSD-Regress-ID: 62f7b9e055e8dfaab92b3825f158beeb4ca3f963
2018-04-10 10:17:56 +10:00
djm@openbsd.org
001aa55484 upstream: lots of typos in comments/docs. Patch from Karsten Weiss
after checking with codespell tool
(https://github.com/lucasdemarchi/codespell)

OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
2018-04-10 10:17:15 +10:00
djm@openbsd.org
260ede2787 upstream: don't kill ssh-agent's listening socket entriely if we
fail to accept a connection; bz#2837, patch from Lukas Kuster

OpenBSD-Commit-ID: 52413f5069179bebf30d38f524afe1a2133c738f
2018-04-10 10:16:36 +10:00
tj@openbsd.org
ebc8b4656f upstream: the UseLogin option was removed, so remove it here too.
ok dtucker

OpenBSD-Commit-ID: 7080be73a64d68e21f22f5408a67a0ba8b1b6b06
2018-04-10 10:16:36 +10:00
jmc@openbsd.org
3e36f28185 upstream: tweak previous;
OpenBSD-Commit-ID: 2b9c23022ea7b9dddb62864de4e906000f9d7474
2018-04-10 10:16:36 +10:00
jmc@openbsd.org
8368571efd upstream: tweak previous;
OpenBSD-Commit-ID: 38e347b6f8e888f5e0700d01abb1eba7caa154f9
2018-04-10 10:16:36 +10:00
djm@openbsd.org
555294a727 upstream: Allow "SendEnv -PATTERN" to clear environment variables
previously labeled for sendind. bz#1285 ok dtucker@

OpenBSD-Commit-ID: f6fec9e3d0f366f15903094fbe1754cb359a0df9
2018-04-06 23:15:29 +10:00
djm@openbsd.org
40f5f03544 upstream: relax checking of authorized_keys environment="..."
options to allow underscores in variable names (regression introduced in
7.7). bz2851, ok deraadt@

OpenBSD-Commit-ID: 69690ffe0c97ff393f2c76d25b4b3d2ed4e4ac9c
2018-04-06 14:20:33 +10:00