Commit Graph

8948 Commits

Author SHA1 Message Date
Damien Miller
e3fa20e2e5 avoid -Wsign-compare warning in argv copying 2017-10-23 16:25:24 +11:00
djm@openbsd.org
b7548b12a6 upstream commit
Expose devices allocated for tun/tap forwarding.

At the client, the device may be obtained from a new %T expansion
for LocalCommand.

At the server, the allocated devices will be listed in a
SSH_TUNNEL variable exposed to the environment of any user sessions
started after the tunnel forwarding was established.

ok markus

Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
2017-10-23 16:14:30 +11:00
millert@openbsd.org
887669ef03 upstream commit
Add URI support to ssh, sftp and scp.  For example
ssh://user@host or sftp://user@host/path.  The connection parameters
described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since
the ssh fingerprint format in the draft uses md5 with no way to specify the
hash function type.  OK djm@

Upstream-ID: 4ba3768b662d6722de59e6ecb00abf2d4bf9cacc
2017-10-23 16:10:08 +11:00
Damien Miller
d27bff293c Fix missed RCSID merges 2017-10-20 13:22:00 +11:00
djm@openbsd.org
d3b6aeb546 upstream commit
more RCSIDs

Upstream-Regress-ID: 1aecbe3f8224793f0ec56741a86d619830eb33be
2017-10-20 13:15:40 +11:00
djm@openbsd.org
b011edbb32 upstream commit
add RCSIDs to these; they make syncing portable a bit
easier

Upstream-ID: 56cb7021faea599736dd7e7f09c2e714425b1e68
2017-10-20 12:58:35 +11:00
Damien Miller
6eb2759778 upstream commit
Apply missing commit 1.11 to kexc25519s.c

Upstream-ID: 5f020e23a1ee6c3597af1f91511e68552cdf15e8
2017-10-20 12:58:18 +11:00
Damien Miller
6f72280553 upstream commit
Apply missing commit 1.127 to servconf.h

Upstream-ID: f14c4bac74a2b7cf1e3cff6bea5c447f192a7d15
2017-10-20 12:57:24 +11:00
jmc@openbsd.org
bb3e16ab25 upstream commit
remove unused Pp;

Upstream-ID: 8ad26467f1f6a40be887234085a8e01a61a00550
2017-10-20 12:01:03 +11:00
djm@openbsd.org
05b69e9957 upstream commit
In the description of pattern-lists, clarify negated
matches by explicitly stating that a negated match will never yield a
positive result, and that at least one positive term in the pattern-list must
match. bz#1918

Upstream-ID: 652d2f9d993f158fc5f83cef4a95cd9d95ae6a14
2017-10-20 12:01:03 +11:00
djm@openbsd.org
eb80e26a15 upstream commit
log debug messages sent to peer; ok deraadt markus

Upstream-ID: 3b4fdc0a06ea5083f61d96e20043000f477103d9
2017-10-20 12:01:03 +11:00
jmc@openbsd.org
071325f458 upstream commit
trim permitrootlogin description somewhat, to avoid
ambiguity; original diff from walter alejandro iglesias, tweaked by sthen and
myself

ok sthen schwarze deraadt

Upstream-ID: 1749418b2bc073f3fdd25fe21f8263c3637fe5d2
2017-10-20 12:01:03 +11:00
djm@openbsd.org
10727487be upstream commit
mention SSH_USER_AUTH in the list of environment
variables

Upstream-ID: 1083397c3ee54b4933121ab058c70a0fc6383691
2017-10-20 12:01:03 +11:00
djm@openbsd.org
224f193d6a upstream commit
BIO_get_mem_data() is supposed to take a char* as pointer
argument, so don't pass it a const char*

Upstream-ID: 1ccd91eb7f4dd4f0fa812d4f956987cd00b5f6ec
2017-10-20 12:01:03 +11:00
benno@openbsd.org
cfa46825b5 upstream commit
clarify the order in which config statements are used. ok
jmc@ djm@

Upstream-ID: e37e27bb6bbac71315e22cb9690fd8a556a501ed
2017-10-20 12:01:03 +11:00
djm@openbsd.org
dceabc7ad7 upstream commit
replace statically-sized arrays in ServerOptions with
dynamic ones managed by xrecallocarray, removing some arbitrary (though
large) limits and saving a bit of memory; "much nicer" markus@

Upstream-ID: 1732720b2f478fe929d6687ac7b0a97ff2efe9d2
2017-10-20 12:01:02 +11:00
jmc@openbsd.org
2b4f3ab050 upstream commit
%C is hashed; from klemens nanni ok markus

Upstream-ID: 6ebed7b2e1b6ee5402a67875d74f5e2859d8f998
2017-10-20 11:58:34 +11:00
djm@openbsd.org
a66714508b upstream commit
exercise PermitOpen a little more thoroughly

Upstream-Regress-ID: f41592334e227a4c1f9a983044522de4502d5eac
2017-10-05 05:51:46 +11:00
dtucker@openbsd.org
609ecc8e57 upstream commit
UsePrivilegeSeparation is gone, stop trying to test it.

Upstream-Regress-ID: 796a5057cfd79456a20ea935cc53f6eb80ace191
2017-10-05 05:51:46 +11:00
djm@openbsd.org
69bda02288 upstream commit
fix (another) problem in PermitOpen introduced during the
channels.c refactor: the third and subsequent arguments to PermitOpen were
being silently ignored; ok markus@

Upstream-ID: 067c89f1f53cbc381628012ba776d6861e6782fd
2017-10-05 05:51:12 +11:00
djm@openbsd.org
66bf74a921 upstream commit
Fix PermitOpen crash; spotted by benno@, ok dtucker@ deraadt@

Upstream-ID: c2cc84ffac070d2e1ff76182c70ca230a387983c
2017-10-03 06:34:26 +11:00
Damien Miller
d63b38160a update URL again
I spotted a typo in the draft so uploaded a new version...
2017-10-01 10:32:25 +11:00
Damien Miller
6f64f59643 sync release notes URL 2017-10-01 10:01:56 +11:00
Damien Miller
35ff70a04d sync contrib/ssh-copy-id with upstream 2017-10-01 10:01:25 +11:00
Damien Miller
290843b8ed update version in RPM spec files 2017-10-01 09:59:19 +11:00
Damien Miller
4e4e0bb223 update agent draft URL 2017-10-01 09:58:24 +11:00
djm@openbsd.org
e4a798f001 upstream commit
openssh-7.6; ok deraadt@

Upstream-ID: a39c3a5b63a1baae109ae1ae4c7c34c2a59acde0
2017-10-01 09:27:30 +11:00
jmc@openbsd.org
5fa1407e16 upstream commit
tweak EposeAuthinfo; diff from lars nooden

tweaked by sthen; ok djm dtucker

Upstream-ID: 8f2ea5d2065184363e8be7a0ba24d98a3b259748
2017-10-01 05:24:18 +11:00
Damien Miller
bba69c246f don't fatal ./configure for LibreSSL 2017-09-28 16:06:21 -07:00
Damien Miller
04dc070e8b abort in configure when only openssl-1.1.x found
We don't support openssl-1.1.x yet (see multiple threads on the
openssh-unix-dev@ mailing list for the reason), but previously
./configure would accept it and the compilation would subsequently
fail. This makes ./configure display an explicit error message and
abort.

ok dtucker@
2017-09-28 14:54:34 -07:00
Darren Tucker
74c1c3660a Check for and handle calloc(p, 0) = NULL.
On some platforms (AIX, maybe others) allocating zero bytes of memory
via the various *alloc functions returns NULL, which is permitted
by the standards.  Autoconf has some macros for detecting this (with
the exception of calloc for some reason) so use these and if necessary
activate shims for them.  ok djm@
2017-09-27 07:44:41 +10:00
markus@openbsd.org
6a9481258a upstream commit
test reverse dynamic forwarding with SOCKS

Upstream-Regress-ID: 95cf290470f7e5e2f691e4bc6ba19b91eced2f79
2017-09-26 16:56:15 +10:00
Damien Miller
1b9f321605 sync missing changes in dynamic-forward.sh 2017-09-26 16:55:55 +10:00
Darren Tucker
44fc334c7a Add minimal strsignal for platforms without it. 2017-09-25 09:48:10 +10:00
djm@openbsd.org
218e6f98df upstream commit
fix inverted test on channel open failure path that
"upgraded" a transient failure into a fatal error; reported by sthen and also
seen by benno@; ok sthen@

Upstream-ID: b58b3fbb79ba224599c6cd6b60c934fc46c68472
2017-09-24 23:46:12 +10:00
djm@openbsd.org
c704f641f7 upstream commit
write the correct buffer when tunnel forwarding; doesn't
matter on OpenBSD (they are the same) but does matter on portable where we
use an output filter to translate os-specific tun/tap headers

Upstream-ID: f1ca94eff48404827b12e1d12f6139ee99a72284
2017-09-24 19:51:01 +10:00
djm@openbsd.org
55486f5cef upstream commit
fix tunnel forwarding problem introduced in refactor;
reported by stsp@ ok markus@

Upstream-ID: 81a731cdae1122c8522134095d1a8b60fa9dcd04
2017-09-24 14:08:36 +10:00
markus@openbsd.org
609d7a66ce upstream commit
Add 'reverse' dynamic forwarding which combines dynamic
forwarding (-D) with remote forwarding (-R) where the remote-forwarded port
expects SOCKS-requests.

The SSH server code is unchanged and the parsing happens at the SSH
clients side. Thus the full SOCKS-request is sent over the forwarded
channel and the client parses c->output. Parsing happens in
channel_before_prepare_select(), _before_ the select bitmask is
computed in the pre[] handlers, but after network input processing
in the post[] handlers.

help and ok djm@

Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
2017-09-22 09:14:53 +10:00
dtucker@openbsd.org
36945fa103 upstream commit
Use strsignal in debug message instead of casting for the
benefit of portable where sig_atomic_t might not be int.  "much nicer"
deraadt@

Upstream-ID: 2dac6c1e40511c700bd90664cd263ed2299dcf79
2017-09-22 09:14:53 +10:00
millert@openbsd.org
3e8d185af3 upstream commit
Use explicit_bzero() instead of bzero() before free() to
prevent the compiler from optimizing away the bzero() call.  OK djm@

Upstream-ID: cdc6197e64c9684c7250e23d60863ee1b53cef1d
2017-09-22 09:14:53 +10:00
djm@openbsd.org
5b8da1f538 upstream commit
fix use-after-free in ~^Z escape handler path, introduced
in channels.c refactor; spotted by millert@ "makes sense" deraadt@

Upstream-ID: 8fa2cdc65c23ad6420c1e59444b0c955b0589b22
2017-09-19 14:26:43 +10:00
dtucker@openbsd.org
a3839d8d2b upstream commit
Prevent type mismatch warning in debug on platforms where
sig_atomic_t != int.  ok djm@

Upstream-ID: 306e2375eb0364a4c68e48f091739bea4f4892ed
2017-09-19 14:26:43 +10:00
dtucker@openbsd.org
30484e5e5f upstream commit
Add braces missing after channels refactor.  ok markus@

Upstream-ID: 72ab325c84e010680dbc88f226e2aa96b11a3980
2017-09-19 14:26:43 +10:00
Damien Miller
b79569190b add freezero(3) replacement
ok dtucker@
2017-09-19 14:16:45 +10:00
Damien Miller
161af8f5ec move FORTIFY_SOURCE into hardening options group
It's still on by default, but now it's possible to turn it off using
--without-hardening. This is useful since it's known to cause problems
with some -fsanitize options. ok dtucker@
2017-09-19 10:22:33 +10:00
bluhm@openbsd.org
09eacf856e upstream commit
Print SKIPPED if sudo and doas configuration is missing.
Prevents that running the regression test with wrong environment is reported
as failure.  Keep the fatal there to avoid interfering with other setups for
portable ssh. OK dtucker@

Upstream-Regress-ID: f0dc60023caef496ded341ac5aade2a606fa234e
2017-09-18 14:13:02 +10:00
dtucker@openbsd.org
cdede10899 upstream commit
Remove obsolete privsep=no fallback test.

Upstream-Regress-ID: 7d6e1baa1678ac6be50c2a1555662eb1047638df
2017-09-18 14:11:42 +10:00
dtucker@openbsd.org
ec218c105d upstream commit
Remove non-privsep test since disabling privsep is now
deprecated.

Upstream-Regress-ID: 77ad3f3d8d52e87f514a80f285c6c1229b108ce8
2017-09-18 14:11:22 +10:00
dtucker@openbsd.org
239c57d5bc upstream commit
Don't call fatal from stop_sshd since it calls cleanup
which calls stop_sshd which will probably fail in the same way.  Instead,
just bail. Differentiate between sshd dying without cleanup and not shutting
down.

Upstream-Regress-ID: f97315f538618b349e2b0bea02d6b0c9196c6bc4
2017-09-18 14:11:22 +10:00
djm@openbsd.org
aea59a0d9f upstream commit
Revert commitid: gJtIN6rRTS3CHy9b.

-------------
identify the case where SSHFP records are missing but other DNS RR
types are present and display a more useful error message for this
case; patch by Thordur Bjornsson; bz#2501; ok dtucker@
-------------

This caused unexpected failures when VerifyHostKeyDNS=yes, SSHFP results
are missing but the user already has the key in known_hosts

Spotted by dtucker@

Upstream-ID: 97e31742fddaf72046f6ffef091ec0d823299920
2017-09-14 14:33:06 +10:00