Commit Graph

438 Commits

Author SHA1 Message Date
Damien Miller
b2eb9db35b pass TEST_SSH_SSHPKCS11HELPER to regress tests 2019-01-21 13:09:23 +11:00
djm@openbsd.org
245c6a0b22 upstream: remove last traces of old packet API!
with & ok markus@

OpenBSD-Commit-ID: 9bd10437026423eb8245636ad34797a20fbafd7d
2019-01-20 09:45:18 +11:00
djm@openbsd.org
0a843d9a0e upstream: move client/server SSH-* banners to buffers under
ssh->kex and factor out the banner exchange. This eliminates some common code
from the client and server.

Also be more strict about handling \r characters - these should only
be accepted immediately before \n (pointed out by Jann Horn).

Inspired by a patch from Markus Schmidt.
(lots of) feedback and ok markus@

OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
2018-12-27 14:38:22 +11:00
Damien Miller
41c115a5ea delete the correct thing; kexfuzz binary 2018-09-12 16:50:01 +10:00
Damien Miller
ff729025c7 fix path in distclean target
Patch from Jakub Jelen
2018-08-23 13:03:32 +10:00
Damien Miller
87f08be054 Remove support for S/Key
Most people will 1) be using modern multi-factor authentication methods
like TOTP/OATH etc and 2) be getting support for multi-factor
authentication via PAM or BSD Auth.
2018-07-31 12:59:30 +10:00
Damien Miller
c59aca8adb Create control sockets in clean temp directories
Adds a regress/mkdtemp tool and uses it to create empty temp
directories for tests needing control sockets.

Patch from Colin Watson via bz#2660; ok dtucker
2018-07-20 14:55:29 +10:00
dtucker@openbsd.org
258dc8bb07 upstream: Remove support for running ssh(1) setuid and fatal if
attempted. Do not link uidwap.c into ssh any more.  Neuters
UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@
djm@

OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
2018-07-19 21:41:42 +10:00
Damien Miller
6aa1bf475c rm regress/misc/kexfuzz/*.o in distclean target 2018-07-13 11:41:33 +10:00
markus@openbsd.org
5467fbcb09 upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12 13:18:25 +10:00
markus@openbsd.org
cb30cd4704 upstream: remove legacy buffer API emulation layer; ok djm@
OpenBSD-Commit-ID: 2dd5dc17cbc23195be4299fa93be2707a0e08ad9
2018-07-10 16:44:17 +10:00
Darren Tucker
575fac34a9 Revert $REGRESSTMP changes.
Revert 3fd2d229 and subsequent changes as they turned out to be a
portability hassle.
2018-04-13 13:13:33 +10:00
Damien Miller
10479cc2a4 Many typo fixes from Karsten Weiss
Spotted using https://github.com/lucasdemarchi/codespell
2018-04-10 10:19:02 +10:00
Darren Tucker
ac53ce46cf Replace $(CURDIR) with $(PWD).
The former doesn't work on Solaris or BSDs.
2018-02-26 16:24:23 +11:00
Darren Tucker
89212533dd Fix breakage when REGRESSTMP not set.
BUILDDIR is not set where used for REGRESSTMP, use make's CURDIR
instead.  Pointed out by djm@.
2018-02-26 12:32:14 +11:00
Damien Miller
612faa34c7 object files end with .o - not .c 2018-02-26 12:17:55 +11:00
markus@openbsd.org
1b11ea7c58 upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
2018-02-26 11:40:41 +11:00
Darren Tucker
3e9d3192ad Use portable syntax for REGRESSTMP. 2018-02-23 14:10:53 +11:00
Darren Tucker
3fd2d2291a Add REGRESSTMP make var override.
Defaults to original location ($srcdir/regress) but allows overriding
if desired, eg a directory in /tmp.
2018-02-19 18:37:40 +11:00
Darren Tucker
265d88d4e6 Remove remaining now-obsolete cvs $Ids. 2018-02-15 20:06:19 +11:00
Damien Miller
748dd8e5de remove blocks.c from Makefile 2017-12-19 16:17:59 +11:00
naddy@openbsd.org
012e5cb839 upstream commit
Create a persistent umac128.c source file: #define the
output size and the name of the entry points for UMAC-128 before including
umac.c. Idea from FreeBSD. ok dtucker@

OpenBSD-Commit-ID: 463cfacfa07cb8060a4d4961e63dca307bf3f4b1
2017-12-19 15:17:38 +11:00
Darren Tucker
2d96f28246 Ensure config.h is always in dependencies.
Put an empty config.h into the dependency list to ensure that it's
always listed and consistent.
2017-12-12 11:17:22 +11:00
Darren Tucker
79c0e1d299 Add autogenerated dependency info to Makefile.
Adds a .depend file containing dependency information generated by
makedepend, which is appended to the generated Makefile by configure.

You can regen the file with "make -f Makefile.in depend" if necessary,
but we'll be looking at some way to automatically keep this up to date.

"no objection" djm@
2017-12-11 14:38:33 +11:00
Darren Tucker
bb82e61a40 Remove now-used check for perl. 2017-12-09 08:06:00 +11:00
Darren Tucker
6c8a246437 Replace mkinstalldirs with mkdir -p.
Check for MIKDIR_P and use it instead of mkinstalldirs.  Should fix "mkdir:
cannot create directory:... File exists" during "make install".
Patch from eb at emlix.com.
2017-12-01 17:13:34 +11:00
Darren Tucker
79226e5413 Remove RSA1 host key generation.
SSH1 support is now gone, remove SSH1 key generation.
Patch from eb at emlix.com.
2017-12-01 16:55:35 +11:00
Damien Miller
878e029797 Split platform_sys_dir_uid into its own file
platform.o is too heavy for libssh.a use; it calls into the server on
many platforms. Move just the function needed by misc.c into its own
file.
2017-08-25 13:25:01 +10:00
Damien Miller
07949bfe91 misc.c needs functions from platform.c now 2017-08-23 20:13:18 +10:00
djm@openbsd.org
83fa3a0448 upstream commit
remove post-SSHv1 removal dead code from rsa.c and merge
the remaining bit that it still used into ssh-rsa.c; ok markus

Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f
2017-07-21 14:17:32 +10:00
Damien Miller
6bdf70f01e clean up regress files and add a .gitignore 2017-05-09 18:41:54 -07:00
djm@openbsd.org
dfa641f758 upstream commit
remove the (in)famous SSHv1 CRC compensation attack
detector.

Despite your cameo in The Matrix movies, you will not be missed.

ok markus

Upstream-ID: 44261fce51a56d93cdb2af7b6e184be629f667e0
2017-05-01 10:05:04 +10:00
djm@openbsd.org
e6882463a8 upstream commit
remove SSH1 make flag and associated files ok markus@

Upstream-ID: ba9feacc5787337c413db7cf26ea3d53f854cfef
2017-05-01 10:04:59 +10:00
djm@openbsd.org
cdccebdf85 upstream commit
remove SSHv1 ciphers; ok markus@

Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
2017-05-01 10:04:58 +10:00
Darren Tucker
f2742a481f Remove SHA256 EVP wrapper implementation.
All supported versions of OpenSSL should now have SHA256 so remove our
EVP wrapper implementaion.  ok djm@
2017-03-29 10:50:31 +11:00
Darren Tucker
b1b22dd0df Plumb conversion test into makefile. 2017-03-14 14:19:36 +11:00
Darren Tucker
f5907982f4 Add a "unit" target to run only unit tests. 2017-03-14 13:38:15 +11:00
Darren Tucker
47b8c99ab3 Check for utf8 local support before testing it.
Check for utf8 local support and if not found, do not attempt to run the
utf8 tests.  Suggested by djm@
2016-12-08 15:48:34 +11:00
djm@openbsd.org
0082fba4ef upstream commit
Remove support for pre-authentication compression. Doing
compression early in the protocol probably seemed reasonable in the 1990s,
but today it's clearly a bad idea in terms of both cryptography (cf. multiple
compression oracle attacks in TLS) and attack surface.

Moreover, to support it across privilege-separation zlib needed
the assistance of a complex shared-memory manager that made the
required attack surface considerably larger.

Prompted by Guido Vranken pointing out a compiler-elided security
check in the shared memory manager found by Stack
(http://css.csail.mit.edu/stack/); ok deraadt@ markus@

NB. pre-auth authentication has been disabled by default in sshd
for >10 years.

Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
2016-09-29 03:11:32 +10:00
Damien Miller
6ee4f1c01e hook match and utf8 unittests up to Makefile 2016-08-23 16:33:48 +10:00
markus@openbsd.org
6cb6dcffe1 upstream commit
remove ssh1 server code; ok djm@

Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
2016-08-14 11:19:14 +10:00
Darren Tucker
e8b58f48fb Explicitly specify source files for regress tools.
Since adding $(REGRESSLIBS), $? is wrong because it includes only the
changed source files.  $< seems like it'd be right however it doesn't
seem to work on some non-GNU makes, so do what works everywhere.
2016-07-18 17:22:49 +10:00
Darren Tucker
c71ba790c3 Add dependency on libs for unit tests.
Makes "./configure && make tests" work again.  ok djm@
2016-07-18 15:43:25 +10:00
Darren Tucker
8199d0311a Correct location for kexfuzz in clean target. 2016-07-18 13:47:39 +10:00
Darren Tucker
5c02dd1262 Map umac_ctx struct name too.
Prevents size mismatch linker warnings on Solaris 11.
2016-07-15 14:19:24 +10:00
Darren Tucker
57b4ee04ca Move platform_disable_tracing into its own file.
Prevents link errors resolving the extern "options" when platform.o
gets linked into ssh-agent when building --with-pam.
2016-06-15 11:29:24 +10:00
Darren Tucker
0fb7f59853 Move prctl PR_SET_DUMPABLE into platform.c.
This should make it easier to add additional platform support such as
Solaris (bz#2584).
2016-06-09 16:23:07 +10:00
Darren Tucker
05c6574652 Fix utf->utf8 typo. 2016-06-06 11:33:43 +10:00
schwarze@openbsd.org
0e059cdf5f upstream commit
To prevent screwing up terminal settings when printing to
 the terminal, for ASCII and UTF-8, escape bytes not forming characters and
 bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
 character sets, abort printing of the current string in these cases.  In
 particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
 sanitize data received from the remote host; * sanitize filenames, usernames,
 and similar data even locally; * take character display widths into account
 for the progressmeter.

This is believed to be sufficient to keep the local terminal safe
on OpenBSD, but bad things can still happen on other systems with
state-dependent locales because many places in the code print
unencoded ASCII characters into the output stream.

Using feedback from djm@ and martijn@,
various aspects discussed with many others.

deraadt@ says it should go in now, i probably already hesitated too long

Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
2016-06-06 11:27:38 +10:00
Darren Tucker
732b463d37 Pass supported malloc options to connect-privsep.
This allows us to activate only the supported options during the malloc
option portion of the connect-privsep test.
2016-03-14 16:04:23 +11:00