which interferes with the new poll()-based listen loop; spotted and debugged
by anton@+deraadt@
OpenBSD-Commit-ID: f7ab8ab124f615a2e0c45fee14c38d2f2abbabbd
returns -1, eg if it was interrupted by a signal. This should prevent
the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has
an unauthenticated child and goes on to a blocking read on a notify_pipe.
feedback deraadt@, ok djm@
OpenBSD-Commit-ID: 0243c1c5544fca0974dae92cd4079543a3fceaa0
keys. Allows use of certificates with private keys held in a ssh-agent.
Reported by Miles Zhou in bz3524; ok dtucker@
OpenBSD-Commit-ID: 25f5bf70003126d19162862d9eb380bf34bac22a
pselect() and mask signals while checking signal flags, umasking for pselect
and restoring afterwards. Also restore signals before sighup_restart so they
don't remain blocked after restart.
This prevents a race where a SIGTERM or SIGHUP can arrive between
checking the flag and calling select (eg if sshd is processing a
new connection) resulting in sshd not shutting down until the next
time it receives a new connection. bz#2158, with & ok djm@
OpenBSD-Commit-ID: bf85bf880fd78e00d7478657644fcda97b9a936f
location of the "moduli" file containing the groups for DH-GEX. This will
allow us to run tests against arbitrary moduli files without having to
install them. ok djm@
OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
works on OpenBSD it can cause problems on other platforms. From kircherlike
at outlook.com via bz#3259, ok djm@
OpenBSD-Commit-ID: 3e241d7ac1ee77e3de3651780b5dc47b283a7668
options which provide more fine grained MaxStartups limits. Man page help
jmc@, feedback & ok djm@
OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
exchange method based on Streamlined NTRU Prime (coupled with X25519).
The previous sntrup4591761x25519-sha512@tinyssh.org method is
replaced with sntrup761x25519-sha512@openssh.com. Per the authors,
sntrup4591761 was replaced almost two years ago by sntrup761.
The sntrup761 implementaion, like sntrup4591761 before it, is public
domain code extracted from the SUPERCOP cryptography benchmark
suite (https://bench.cr.yp.to/supercop.html).
Thanks for Daniel J Bernstein for guidance on algorithm selection.
Patch from Tobias Heider; feedback & ok markus@ and myself
(note this both the updated method and the one that it replaced are
disabled by default)
OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
The log calls are themselves now macros, and preprocessor directives inside
macro arguments are undefined behaviour which some compilers (eg old GCCs)
choke on. It also makes the code tidier. ok deraadt@
OpenBSD-Commit-ID: cc12a9029833d222043aecd252d654965c351a69
stdout and/or stderr to /dev/null. Factor all these out to a single
stdfd_devnull() function that allows selection of which of these to redirect.
ok markus@
OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099
FIDO2 supports a notion of "user verification" where the user is
required to demonstrate their identity to the token before particular
operations (e.g. signing). Typically this is done by authenticating
themselves using a PIN that has been set on the token.
This adds support for generating and using user verified keys where
the verification happens via PIN (other options might be added in the
future, but none are in common use now). Practically, this adds
another key generation option "verify-required" that yields a key that
requires a PIN before each authentication.
feedback markus@ and Pedro Martelletto; ok markus@
OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
have sshd log when it starts and stops throttling and periodically while in
this state. bz#3055 ok markus@
OpenBSD-Commit-ID: 2e07a09a62ab45d790d3d2d714f8cc09a9ac7ab9
in write(2) on config_s[0] if the forked child exits early before finishing
recv_rexec_state (e.g. with fatal()) because config_s[1] stays open in the
parent. this prevents the parent from accepting new connections. ok djm,
deraadt
OpenBSD-Commit-ID: 92ccfeb939ccd55bda914dc3fe84582158c4a9ef
errors. This ensures that the logged errors are consistent with other
transport- layer errors and that the relevant IP addresses are logged. bz3129
ok dtucker@
OpenBSD-Commit-ID: 2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab
these timers were used for regenerating the SSH1 ephemeral host keys but
those are now gone so there's no need to clear the timers either. ok
deraadt@
OpenBSD-Commit-ID: 280d2b885e4a1ce404632e8cc38fcb17be7dafc0
of files. This has sensible semantics wrt Match blocks and accepts glob(3)
patterns to specify the included files. Based on patch by Jakub Jelen in
bz2468; feedback and ok markus@
OpenBSD-Commit-ID: 36ed0e845b872e33f03355b936a4fff02d5794ff
frequently used to distinguish between multiple independent instances of the
server. New proctitle looks like this:
$ pgrep -lf sshd
12844 sshd: /usr/sbin/sshd -f /etc/ssh/sshd_config [listener] 0 of 10-100 startups
requested by sthen@ and aja@; ok aja@
OpenBSD-Commit-ID: cf235a561c655a3524a82003cf7244ecb48ccc1e
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.
OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
along with the MaxStartups limit in the proctitle; suggestion from Philipp
Marek, w/ feedback from Craig Miskell ok dtucker@
OpenBSD-Commit-ID: a4a6db2dc1641a5df8eddf7d6652176e359dffb3
keys.
Previously we didn't do this because we didn't want to expose
the attack surface presented by USB and FIDO protocol handling,
but now that this is insulated behind ssh-sk-helper there is
less risk.
ok markus@
OpenBSD-Commit-ID: 77b068dd133b8d87e0f010987bd5131e640ee64c
noification prior to the SSH2 protocol banner according to RFC4253 section
4.2. ok djm@ deraadt@ markus@
OpenBSD-Commit-ID: e5dabcb722d54dea18eafb336d50b733af4f9c63
including the new U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.
Suggested by / ok markus@
OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.
OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
