Commit Graph

922 Commits

Author SHA1 Message Date
Damien Miller
ea6fdf9a1a
use calloc for allocating arc4random structs
ok dtucker
2022-12-09 18:00:50 +11:00
Darren Tucker
15a01cf15f
Add fallback for old platforms w/out MAP_ANON. 2022-11-23 13:24:53 +11:00
Pierre Ossman
d9df5689c2
Avoid assuming layout of fd_set
POSIX doesn't specify the internal layout of the fd_set object, so let's
not assume it is just a bit mask. This increases compatibility with
systems that have a different layout.

The assumption is also worthless as we already refuse to use file
descriptors over FD_SETSIZE anyway. Meaning that the default size of
fd_set is quite sufficient.
2022-11-08 19:33:47 +11:00
Darren Tucker
3500f0405a
Link libssh into compat tests.
The cygwin compat code uses xmalloc, so add libssh.a so pick up that.
2022-11-03 23:04:08 +11:00
Darren Tucker
ec59effcf6
Fix compat regress to work with non-GNU make. 2022-11-03 21:44:23 +11:00
Darren Tucker
db97d8d0b9
Only run opensslver tests if built with OpenSSL. 2022-11-03 10:00:43 +11:00
Darren Tucker
fe88d67e75
Compat tests need libcrypto.
This was moved to CHANNELLIBS during the libs refactor.  Spotted by
rapier at psc.edu.
2022-11-03 08:14:05 +11:00
Darren Tucker
96b519726b
Include time.h when defining timegm.
Fixes build on some platforms eg recent AIX.
2022-11-03 04:25:34 +11:00
Darren Tucker
da6038bd5c
Always use compat getentropy.
Have it call native getentropy and fall back as required.  Should fix
issues of platforms where libc has getentropy but it is not implemented
in the kernel.  Based on github PR#354 from simsergey.
2022-11-02 12:20:50 +11:00
Damien Miller
195e5a65fd
revert c64b62338b and guard POLL* defines instead
c64b62338b broke OSX builds, which do have poll.h but lack ppoll(2)
Spotted by dtucker
2022-10-17 09:41:47 +11:00
Damien Miller
bc2e480d99
undef _get{short,long} before redefining 2022-10-14 14:52:22 +11:00
Damien Miller
c64b62338b
skip bsd-poll.h if poll.h found; ok dtucker 2022-10-10 12:32:43 +11:00
Damien Miller
fe646de03c
whitespace at EOL 2022-10-05 03:47:26 +11:00
Sam James
be19763532
openbsd-compat/bsd-asprintf: add <stdio.h> include for vsnprintf
Fixes the following build failure with Clang 15 on musl:
```
bsd-asprintf.c:51:8: error: call to undeclared library function 'vsnprintf' with type 'int (char *, unsigned long, const char *, struct __va_list_tag *)'; ISO C99 and laterclang -O2 -pipe -fdiagnostics-color=always -frecord-gcc-switches -pipe -Wunknown-warning-option -Qunused-arguments -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -Wmisleading-indentation -Wbitwise-instead-of-logical -fno-strict-aliasing -mretpoline  -ftrapv -fzero-call-used-regs=all -fno-builtin-memset -fstack-protector-strong -fPIE   -I. -I.  -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -DSSHDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/lib/misc/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/lib/misc/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/lib/misc/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/lib/misc/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/lib/misc/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c cipher-aes.c -o cipher-aes.o
 do not support
      implicit function declarations [-Wimplicit-function-declaration]
        ret = vsnprintf(string, INIT_SZ, fmt, ap2);
              ^
bsd-asprintf.c:51:8: note: include the header <stdio.h> or explicitly provide a declaration for 'vsnprintf'
1 error generated.
```
2022-09-08 12:04:00 +10:00
Darren Tucker
6cb6f660bb
Remove DEF_WEAK, it's already in defines.h. 2022-09-02 16:43:27 +10:00
Darren Tucker
ce39e7d8b7
Resync arc4random with OpenBSD.
This brings us up to current, including djm's random-reseeding change,
as prompted by logan at cyberstorm.mu in bz#3467.  It brings the
platform-specific hooks from LibreSSL Portable, simplified to match our
use case.  ok djm@.
2022-09-02 14:30:38 +10:00
Darren Tucker
beaddde26f
Move OPENBSD ORIGINAL marker.
Putting this after the copyright statement (which doesn't change)
instead of before the version identifier (which does) prevents merge
conflicts when resyncing changes.
2022-09-02 14:30:38 +10:00
Darren Tucker
c83e467ead
Remove arc4random_uniform from arc4random.c
This was previously moved into its own file (matching OpenBSD) which
prematurely committed in commit 73541f2.
2022-09-02 14:30:38 +10:00
Darren Tucker
87b0d9c1b7 Add a timegm implementation from Heimdal via Samba.
Fixes build on (at least Solaris 10).
2022-08-11 22:51:10 +10:00
Darren Tucker
7e2f51940b Rename our getentropy to prevent possible loops.
Since arc4random seeds from getentropy, and we use OpenSSL for that
if enabled, there's the possibility that if we build on a system that
does not have getentropy then run on a system that does have it, then
OpenSSL could end up calling our getentropy and getting stuck in a loop.
Pointed out by deraadt@, ok djm@
2022-08-10 17:36:44 +10:00
Darren Tucker
7a01f61be8 Actually put HAVE_STDINT_H around the stdint.h. 2022-08-08 12:17:04 +10:00
Darren Tucker
73541f29f0 Give unused param a name.
Fixes builds on platforms that do have fido2 but don't have
fido_dev_is_winhello.
2022-08-08 10:32:27 +10:00
Darren Tucker
3d3a932a01 Factor out getrnd() and rename to getentropy().
Factor out the arc4random seeding into its own file and change the
interface to match getentropy.  Use native getentropy if available.
This will make it easier to resync OpenBSD changes to arc4random.
Prompted by bz#3467, ok djm@.
2022-08-05 13:12:27 +10:00
Darren Tucker
800c2483e6 Remove workarounds for OpenSSL missing AES-CTR.
We have some compatibility hacks that were added to support OpenSSL
versions that do not support AES CTR mode.  Since that time, however,
the minimum OpenSSL version that we support has moved to 1.0.1 which
*does* have CTR, so this is no longer needed.  ok djm@
2022-07-25 21:49:04 +10:00
Darren Tucker
b7c56b65c1 Remove workarounds for OpenSSL missing AES-GCM.
We have some compatibility hacks that were added to support OpenSSL
versions that do not support AES GCM mode.  Since that time, however,
the minimum OpenSSL version that we support has moved to 1.0.1 which
*does* have GCM, so this is no longer needed.  ok djm@
2022-07-25 21:43:00 +10:00
Darren Tucker
527cb43fa1 Return ERANGE from getcwd() if buffer size is 1.
If getcwd() is supplied a buffer size of exactly 1 and a path of "/", it
could result in a nul byte being written out of array bounds.  POSIX says
it should return ERANGE if the path will not fit in the available buffer
(with terminating nul). 1 byte cannot fit any possible path with its nul,
so immediately return ERANGE in that case.

OpenSSH never uses getcwd() with this buffer size, and all current
(and even quite old) platforms that we are currently known to work
on have a native getcwd() so this code is not used on those anyway.
Reported by Qualys, ok djm@
2022-07-14 11:22:08 +10:00
Darren Tucker
7394ed80c4 Add clang sanitizer tests. 2022-07-03 22:53:44 +10:00
Tobias Heider
aa61fc82c6 Remove duplicate bcrypt_pbkdf.o from Makefile
bcrypt_pbkdf.o is duplicated in the openbsd-compat Makefile's object
file list.
2022-05-09 10:58:02 +10:00
Darren Tucker
90452c8b69 Only return events from ppoll that were requested.
If the underlying system's select() returns bits that were not in the
request set, our ppoll() implementation can return revents for events
not requested, which can apparently cause a hang.  Only return revents
for activity in the requested event set.  bz#3416, analysis and fix by
yaroslav.kuzmin at vmssoftware com, ok djm@
2022-04-01 23:38:44 +11:00
Darren Tucker
2893c5e764 Resync fmt_scaled. with OpenBSD.
Fixes underflow reported in bz#3401.
2022-03-11 18:43:58 +11:00
Darren Tucker
5ae31a0fdd Provide killpg implementation.
Based on github PR#301 for Tandem NonStop.
2022-03-09 09:41:56 +11:00
Darren Tucker
c41c84b439 Check for missing ftruncate prototype.
From github PR#301 in conjunction with rsbeckerca.
2022-03-09 09:29:30 +11:00
Darren Tucker
6f117cb151 Remove unused ivbits argument from chacha_keysetup 2022-03-01 09:02:06 +11:00
Darren Tucker
15974235dd Add OPENBSD ORIGINAL marker. 2022-03-01 09:00:20 +11:00
Darren Tucker
0132056efa Improve handling of _getshort and _getlong.
If the system native ones are exactly as required then use them,
otherwise use the local versions mapped to another name to prevent
name collisions.
2022-02-25 19:47:48 +11:00
Darren Tucker
8e206e0dd6 Constify utimes in compat library to match specs.
Patch from vapier at chromium.org.
2022-02-25 15:14:22 +11:00
Darren Tucker
1b2920e3b6 ANSIfy getshort and getlong.
These functions appear to have come from OpenBSD's lib/libc/net/res_comp.c
which made this change in 2005.
2022-02-25 13:50:56 +11:00
Darren Tucker
a4b325a3fc Include sys/param.h if present.
Needed for howmany() on MUSL systems such as Alpine.
2022-02-22 12:27:07 +11:00
Darren Tucker
5a102e9cb2 Only include sys/poll.h if we don't have poll.h.
Prevents warnings on MUSL based systems such as Alpine.
2022-02-22 12:25:52 +11:00
Darren Tucker
df93529dd7 Test if sshd accidentally acquires controlling tty
When SSHD_ACQUIRES_CTTY is defined, test for the problematic behaviour
in the STREAMS code before activating the workaround.  ok djm@
2022-02-14 14:19:40 +11:00
Darren Tucker
b30698662b Move SSHD_ACQUIRES_CTTY workaround into compat.
On some (most? all?) SysV based systems with STREAMS based ptys,
sshd could acquire a controlling terminal during pty setup when
it pushed the "ptem" module, due to what is probably a bug in
the STREAMS driver that's old enough to vote.  Because it was the
privileged sshd's controlling terminal, it was not available for
the user's session, which ended up without one.  This is known to
affect at least Solaris <=10, derivatives such as OpenIndiana and
several other SysV systems.  See bz#245 for the backstory.

In the we past worked around that by not calling setsid in the
privileged sshd child, which meant it was not a session or process
group leader.  This solved controlling terminal problem because sshd
was not eligble to acquire one, but had other side effects such as
not cleaning up helper subprocesses in the SIGALRM handler since it
was not PG leader.  Recent cleanups in the signal handler uncovered
this, resulting in the LoginGraceTime timer not cleaning up privsep
unprivileged processes.

This change moves the workaround into the STREAMS pty allocation code,
by allocating a sacrificial pty to act as sshd's controlling terminal
before allocating user ptys, so those are still available for users'
sessions.

On the down side:
 - this will waste a pty per ssh connection on affected platforms.

On the up side:
 - it makes the process group behaviour consistent between platforms.

 - it puts the workaround nearest the code that actually causes the
   problem and competely out of the mainline code.

 - the workaround is only activated if you use the STREAMS code.  If,
   say, Solaris 11 has the bug but also a working openpty() it doesn't
   matter that we defined SSHD_ACQUIRES_CTTY.

 - the workaround is only activated when the fist pty is allocated,
   ie in the post-auth privsep monitor.  This means there's no risk
   of fd leaks to the unprivileged processes, and there's no effect on
   sessions that do not allocate a pty.

Based on analysis and work by djm@, ok djm@
2022-02-11 21:00:35 +11:00
Darren Tucker
3ac00dfeb5 We now support POLLPRI so actually define it. 2022-02-10 22:18:02 +11:00
Corinna Vinschen
68085066b6 Fix signedness bug in Cygwin code
The Cygwin-specific pattern match code has a bug.  It checks
the size_t value returned by mbstowcs for being < 0.  The right
thing to do is to check against (size_t) -1.  Fix that.

Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2022-01-21 09:53:07 +11:00
Damien Miller
a1d42a6ce0 fix edge case in poll(2) wrapper
Correct handling of select(2) exceptfds. These should only be consulted
for POLLPRI flagged pfds and not unconditionally converted to POLLERR.

with and ok dtucker@
2022-01-14 14:09:38 +11:00
Damien Miller
61a1a6af22 OS X poll(2) is broken; use compat replacement
Darwin's poll(2) implementation is broken. For character-special
devices like /dev/null, it returns POLLNVAL when polled with
POLLIN.

Apparently this is Apple bug 3710161, which is AFAIK not public,
but a websearch will find other OSS projects rediscovering it
periodically since it was first identified in 2005 (!!)
2022-01-12 09:02:36 +11:00
Damien Miller
715c892f0a remove sys/param.h in -portable, after upstream 2021-12-22 09:02:50 +11:00
Damien Miller
e6e7d2654a previous commit broke bcrypt_pbkdf()
Accidentally reverted part of the conversion to use SHA512 from SUPERCOP
instead of OpenBSD-style libc SHA512.
2021-11-29 14:11:51 +11:00
Damien Miller
158bf854e2 sync bcrypt-related files with OpenBSD
The main change is that Niels Provos kindly agreed to rescind the
BSD license advertising clause, shifting them to the 3-term BSD
license.

This was the last thing in OpenSSH that used the advertising clause.
2021-11-29 12:30:22 +11:00
Darren Tucker
5a0f461904 Correct ifdef to activate poll() only if needed. 2021-11-28 15:31:37 +11:00
Darren Tucker
b7ffbb17e3 Allow for fd = -1 in compat ppoll overflow check.
Fixes tests on at least FreeBSD 6, possibly others.
2021-11-19 18:54:34 +11:00