Commit Graph

5959 Commits

Author SHA1 Message Date
Darren Tucker
c614c78c53 - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace
"echo -n" with "echon" for portability.
2010-03-01 12:49:05 +11:00
Tim Rice
bff24b8ad2 - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions
to make older compilers (gcc 2.95) happy.
2010-02-28 14:51:56 -08:00
Damien Miller
acc9b29486 - (djm) [auth.c] On Cygwin, refuse usernames that have differences in
case from that matched in the system password database. On this
   platform, passwords are stored case-insensitively, but sshd requires
   exact case matching for Match blocks in sshd_config(5). Based on
   a patch from vinschen AT redhat.com.
2010-03-01 04:36:54 +11:00
Damien Miller
d05951fcee - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment
variables copied into sshd child processes. From vinschen AT redhat.com
2010-02-28 03:29:33 +11:00
Damien Miller
09a24db2d7 - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded 2010-02-28 03:28:05 +11:00
Damien Miller
58ac6de964 - djm@cvs.openbsd.org 2010/02/26 20:33:21
[Makefile regress/cert-hostkey.sh regress/cert-userkey.sh]
     regression tests for certified keys
2010-02-27 07:57:12 +11:00
Damien Miller
0a80ca190a - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/02/26 20:29:54
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
     [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
     [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
     [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
     [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
     [sshconnect2.c sshd.8 sshd.c sshd_config.5]
     Add support for certificate key types for users and hosts.

     OpenSSH certificate key types are not X.509 certificates, but a much
     simpler format that encodes a public key, identity information and
     some validity constraints and signs it with a CA key. CA keys are
     regular SSH keys. This certificate style avoids the attack surface
     of X.509 certificates and is very easy to deploy.

     Certified host keys allow automatic acceptance of new host keys
     when a CA certificate is marked as sh/known_hosts.
     see VERIFYING HOST KEYS in ssh(1) for details.

     Certified user keys allow authentication of users when the signing
     CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
     FILE FORMAT" in sshd(8) for details.

     Certificates are minted using ssh-keygen(1), documentation is in
     the "CERTIFICATES" section of that manpage.

     Documentation on the format of certificates is in the file
     PROTOCOL.certkeys

     feedback and ok markus@
2010-02-27 07:55:05 +11:00
Damien Miller
d27d85d532 contrib/caldera/openssh.spec
contrib/redhat/openssh.spec
contrib/suse/openssh.spec
2010-02-24 18:21:45 +11:00
Damien Miller
43001b3b3b - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper 2010-02-24 18:18:51 +11:00
Damien Miller
8eff8e8f59 - dtucker@cvs.openbsd.org 2009/11/09 04:20:04
[regress/Makefile keygen-convert.sh]
     add regression test for ssh-keygen pubkey conversions
2010-02-24 17:33:30 +11:00
Damien Miller
cfa42d2fd2 - markus@cvs.openbsd.org 2010/02/08 10:52:47
[regress/agent-pkcs11.sh]
     test for PKCS#11 support (currently disabled)
2010-02-24 17:31:20 +11:00
Damien Miller
c1739211a6 - djm@cvs.openbsd.org 2010/02/24 06:21:56
[regress/test-exec.sh]
     wait for sshd to fully stop in cleanup() function; avoids races in tests
     that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@
2010-02-24 17:29:34 +11:00
Damien Miller
8f9492c90d - djm@cvs.openbsd.org 2010/02/09 06:29:02
[regress/Makefile]
     turn on all the malloc(3) checking options when running regression
     tests. this has caught a few bugs for me in the past; ok dtucker@
2010-02-24 17:28:45 +11:00
Damien Miller
bb4ae5583b - djm@cvs.openbsd.org 2010/02/09 04:57:36
[regress/addrmatch.sh]
     clean up droppings
2010-02-24 17:26:38 +11:00
Damien Miller
0dff9c7e6d - dtucker@cvs.openbsd.org 2010/01/11 02:53:44
[regress/forwarding.sh]
     regress test for stdio forwarding
2010-02-24 17:25:58 +11:00
Damien Miller
b6bd3c2ca8 - dtucker@cvs.openbsd.org 2009/11/09 04:20:04
[regress/Makefile]
     add regression test for ssh-keygen pubkey conversions
2010-02-24 17:24:56 +11:00
Damien Miller
a80f1404bb - djm@cvs.openbsd.org 2010/02/11 20:37:47
[pathnames.h]
     correct comment
2010-02-24 17:17:58 +11:00
Damien Miller
05abd2c968 - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
[ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable
2010-02-24 17:16:08 +11:00
Damien Miller
b3c9f78711 - (djm) [configure.ac] Enable PKCS#11 support only when we find a working
dlopen()
2010-02-12 10:11:34 +11:00
Damien Miller
dfa4156dbd - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
Use ssh_get_progname to fill __progname
2010-02-12 10:06:28 +11:00
Damien Miller
8ad0fbd98e - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
Make it compile on OSX
2010-02-12 09:49:06 +11:00
Damien Miller
d8f6002272 - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c]
[scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java]
   Remove obsolete smartcard support
2010-02-12 09:34:22 +11:00
Damien Miller
d400da5ba8 - jmc@cvs.openbsd.org 2010/02/11 13:23:29
[ssh.1]
     libarary -> library;
2010-02-12 09:26:23 +11:00
Damien Miller
a761844455 - markus@cvs.openbsd.org 2010/02/10 23:20:38
[ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
     pkcs#11 is no longer optional; improve wording; ok jmc@
2010-02-12 09:26:02 +11:00
Damien Miller
47cf16b8df - djm@cvs.openbsd.org 2010/02/09 06:18:46
[auth.c]
     unbreak ChrootDirectory+internal-sftp by skipping check for executable
     shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
2010-02-12 09:25:29 +11:00
Damien Miller
8922106fe9 - djm@cvs.openbsd.org 2010/02/09 03:56:28
[buffer.c buffer.h]
     constify the arguments to buffer_len, buffer_ptr and buffer_dump
2010-02-12 09:23:40 +11:00
Damien Miller
86cbb44d47 - djm@cvs.openbsd.org 2010/02/09 00:50:59
[ssh-keygen.c]
     fix -Wall
2010-02-12 09:22:57 +11:00
Damien Miller
a183c6edee - djm@cvs.openbsd.org 2010/02/09 00:50:36
[ssh-agent.c]
     fallout from PKCS#11: unbreak -D
2010-02-12 09:22:31 +11:00
Damien Miller
048dc93617 - jmc@cvs.openbsd.org 2010/02/08 22:03:05
[ssh-add.1 ssh-keygen.1 ssh.1 ssh.c]
     tweak previous; ok markus
2010-02-12 09:22:04 +11:00
Damien Miller
7ea845e48d - markus@cvs.openbsd.org 2010/02/08 10:50:20
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
     replace our obsolete smartcard code with PKCS#11.
        ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
     ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
     provider (shared library) while ssh-agent(1) delegates PKCS#11 to
     a forked a ssh-pkcs11-helper process.
     PKCS#11 is currently a compile time option.
     feedback and ok djm@; inspired by patches from Alon Bar-Lev
`
2010-02-12 09:21:02 +11:00
Damien Miller
17751bcab2 - djm@cvs.openbsd.org 2010/02/02 22:49:34
[bufaux.c]
     make buffer_get_string_ret() really non-fatal in all cases (it was
     using buffer_get_int(), which could fatal() on buffer empty);
     ok markus dtucker
2010-02-12 07:35:08 +11:00
Damien Miller
1d2bfc4118 - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
getseuserbyname; patch from calebcase AT gmail.com via
   cjwatson AT debian.org
2010-02-10 10:19:29 +11:00
Damien Miller
b401f922b2 This should have gone in with the multiplexing merge, but I dropped it
at the time.
2010-02-10 10:17:49 +11:00
Damien Miller
d636943d08 - djm@cvs.openbsd.org 2010/01/30 21:12:08
[channels.c]
     fake local addr:port when stdio fowarding as some servers (Tectia at
     least) validate that they are well-formed;
     reported by imorgan AT nas.nasa.gov
     ok dtucker
2010-02-02 17:02:07 +11:00
Damien Miller
74d9825c0f - djm@cvs.openbsd.org 2010/01/30 21:08:33
[sshd.8]
     debug output goes to stderr, not "the system log"; ok markus dtucker
2010-02-02 17:01:46 +11:00
Damien Miller
c3ca35f424 - djm@cvs.openbsd.org 2010/01/30 02:54:53
[mux.c]
     don't mark channel as read failed if it is already closing; suppresses
     harmless error messages when connecting to SSH.COM Tectia server
     report by imorgan AT nas.nasa.gov
2010-01-30 17:42:01 +11:00
Damien Miller
0dac03febd - djm@cvs.openbsd.org 2010/01/29 20:16:17
[mux.c]
     kill correct channel (was killing already-dead mux channel, not
     its session channel)
2010-01-30 17:36:33 +11:00
Damien Miller
133d9d313e - djm@cvs.openbsd.org 2010/01/29 00:20:41
[sshd.c]
     set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com
     ok dtucker@
2010-01-30 17:30:04 +11:00
Damien Miller
36f57ebf3b - djm@cvs.openbsd.org 2010/01/28 00:21:18
[clientloop.c]
     downgrade an error() to a debug() - this particular case can be hit in
     normal operation for certain sequences of mux slave vs session closure
     and is harmless
2010-01-30 17:28:34 +11:00
Darren Tucker
19d32cb934 - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()
after registering the hardware engines, which causes the openssl.cnf file to
   be processed.  See OpenSSL's man page for OPENSSL_config(3) for details.
   Patch from Solomon Peachy, ok djm@.
2010-01-29 10:54:11 +11:00
Damien Miller
a1162985a5 - djm@cvs.openbsd.org 2010/01/27 19:21:39
[sftp.c]
     add missing "p" flag to getopt optstring;
     bz#1704 from imorgan AT nas.nasa.gov
2010-01-28 06:27:54 +11:00
Damien Miller
a21cdfac2f - djm@cvs.openbsd.org 2010/01/27 13:26:17
[mux.c]
     fix bug introduced in mux rewrite:

     In a mux master, when a socket to a mux slave closes before its server
     session (as may occur when the slave has been signalled), gracefully
     close the server session rather than deleting its channel immediately.
     A server may have more messages on that channel to send (e.g. an exit
     message) that will fatal() the client if they are sent to a channel that
     has been prematurely deleted.

     spotted by imorgan AT nas.nasa.gov
2010-01-28 06:26:59 +11:00
Damien Miller
45a81a0e18 - djm@cvs.openbsd.org 2010/01/26 02:15:20
[mux.c]
     -Wuninitialized and remove a // comment; from portable
     (Id sync only)
2010-01-28 06:26:20 +11:00
Damien Miller
e1537f951f - djm@cvs.openbsd.org 2010/01/26 01:28:35
[channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
     rewrite ssh(1) multiplexing code to a more sensible protocol.

     The new multiplexing code uses channels for the listener and
     accepted control sockets to make the mux master non-blocking, so
     no stalls when processing messages from a slave.

     avoid use of fatal() in mux master protocol parsing so an errant slave
     process cannot take down a running master.

     implement requesting of port-forwards over multiplexed sessions. Any
     port forwards requested by the slave are added to those the master has
     established.

     add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.

     document master/slave mux protocol so that other tools can use it to
     control a running ssh(1). Note: there are no guarantees that this
     protocol won't be incompatibly changed (though it is versioned).

     feedback Salvador Fandino, dtucker@
     channel changes ok markus@
2010-01-26 13:26:22 +11:00
Damien Miller
f589fd1ea8 - dtucker@cvs.openbsd.org 2010/01/18 01:50:27
[roaming_client.c]
     s/long long unsigned/unsigned long long/, from tim via portable
     (Id sync only, change already in portable)
2010-01-26 12:53:06 +11:00
Damien Miller
2e68d793d6 - tedu@cvs.openbsd.org 2010/01/17 21:49:09
[ssh-agent.1]
     Correct and clarify ssh-add's password asking behavior.
     Improved text dtucker and ok jmc
2010-01-26 12:51:13 +11:00
Tim Rice
6761c7417d - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of
socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size
   in Cygwin to 65535. Patch from Corinna Vinschen.
2010-01-22 10:25:15 -08:00
Tim Rice
7bb7471b80 Reword comment in last commit for additional clearity. 2010-01-17 22:49:57 -08:00
Tim Rice
641ebf1f86 - (tim) [configure.ac] Use the C99-conforming functions snprintf() and
vsnprintf() named _xsnprintf() and _xvsnprintf() on SVR5 systems.
2010-01-17 17:05:39 -08:00
Tim Rice
7ab7b9346d - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too. 2010-01-17 12:48:22 -08:00