Commit Graph

10517 Commits

Author SHA1 Message Date
jca
e18435fec1 partial sync of regress/netcat.c with upstream
Support for nc -T on IPv6 addresses.

ok sthen@
2020-05-29 14:47:11 +10:00
djm@openbsd.org
4c60724405 upstream: fix compilation on !HAVE_DLOPEN platforms; stub function
was not updated to match API change. From Dale Rahn via beck@ ok markus@

OpenBSD-Commit-ID: 2b8d054afe34c9ac85e417dae702ef981917b836
2020-05-29 13:28:47 +10:00
djm@openbsd.org
224418cf55 upstream: fix exit status for downloading of FIDO resident keys;
from Pedro Martelletto, ok markus@

OpenBSD-Commit-ID: 0da77dc24a1084798eedd83c39a002a9d231faef
2020-05-29 13:28:47 +10:00
dtucker@openbsd.org
1001dd148e upstream: Fix multiplier in convtime when handling seconds after
other units. bz#3171, spotted by ronf at timeheart.net, ok djm@.

OpenBSD-Commit-ID: 95b7a848e1083974a65fbb6ccb381d438e1dd5be
2020-05-29 13:28:46 +10:00
djm@openbsd.org
7af1e92cd2 upstream: fix Include before Match in sshd_config; bz#3122 patch
from Jakub Jelen

OpenBSD-Commit-ID: 1b0aaf135fe6732b5d326946042665dd3beba5f4
2020-05-28 10:25:18 +10:00
djm@openbsd.org
0a9a611619 upstream: Do not call process_queued_listen_addrs() for every
included file from sshd_config; patch from Jakub Jelen

OpenBSD-Commit-ID: 0ff603d6f06a7fab4881f12503b53024799d0a49
2020-05-28 10:25:18 +10:00
djm@openbsd.org
16ea1fdbe7 upstream: fix crash in recallocarray when deleting SendEnv
variables; spotted by & ok sthen@

OpenBSD-Commit-ID: b881e8e849edeec5082b5c0a87d8d7cff091a8fd
2020-05-28 10:25:18 +10:00
djm@openbsd.org
47adfdc07f upstream: two new tests for Include in sshd_config, checking whether
Port directives are processed correctly and handling of Include directives
that appear before Match. Both tests currently fail. bz#3122 and bz#3169 -
patch from Jakub Jelen

OpenBSD-Regress-ID: 8ad5a4a385a63f0a1c59c59c763ff029b45715df
2020-05-28 08:42:01 +10:00
Darren Tucker
47faad8f79 Document that libfido2 >= 1.4.0 is needed. 2020-05-27 23:26:23 +10:00
djm@openbsd.org
4be563994c upstream: fix memleak of signature; from Pedro Martelletto
OpenBSD-Commit-ID: d0a6eb07e77c001427d738b220dd024ddc64b2bb
2020-05-27 10:14:45 +10:00
djm@openbsd.org
0c111eb84e upstream: Restrict ssh-agent from signing web challenges for FIDO
keys.

When signing messages in ssh-agent using a FIDO key that has an
application string that does not start with "ssh:", ensure that the
message being signed is one of the forms expected for the SSH protocol
(currently pubkey authentication and sshsig signatures).

This prevents ssh-agent forwarding on a host that has FIDO keys
attached granting the ability for the remote side to sign challenges
for web authentication using those keys too.

Note that the converse case of web browsers signing SSH challenges is
already precluded because no web RP can have the "ssh:" prefix in the
application string that we require.

ok markus@

OpenBSD-Commit-ID: 9ab6012574ed0352d2f097d307f4a988222d1b19
2020-05-27 10:14:45 +10:00
djm@openbsd.org
9c5f64b6cb upstream: improve logging for MaxStartups connection throttling:
have sshd log when it starts and stops throttling and periodically while in
this state. bz#3055 ok markus@

OpenBSD-Commit-ID: 2e07a09a62ab45d790d3d2d714f8cc09a9ac7ab9
2020-05-27 10:14:05 +10:00
djm@openbsd.org
756c6f66ae upstream: add fmt_timeframe() (from bgpd) to format a time
interval in a human- friendly format. Switch copyright for this file from BSD
to MIT to make it easier to add Henning's copyright for this function. ok
markus@

OpenBSD-Commit-ID: 414a831c662df7e68893e5233e86f2cac081ccf9
2020-05-27 10:13:58 +10:00
djm@openbsd.org
2a63ce5cd6 upstream: avoid possible NULL deref; from Pedro Martelletto
OpenBSD-Commit-ID: e6099c3fbb70aa67eb106e84d8b43f1fa919b721
2020-05-27 10:13:17 +10:00
markus@openbsd.org
4b307faf2f upstream: sshd listener must not block if reexecd sshd exits
in write(2) on config_s[0] if the forked child exits early before finishing
recv_rexec_state (e.g. with fatal()) because config_s[1] stays open in the
parent. this prevents the parent from accepting new connections. ok djm,
deraadt

OpenBSD-Commit-ID: 92ccfeb939ccd55bda914dc3fe84582158c4a9ef
2020-05-27 10:13:17 +10:00
djm@openbsd.org
af8b16fb2c upstream: fix off-by-one error that caused sftp downloads to make
one more concurrent request that desired. This prevented using sftp(1) in
unpipelined request/response mode, which is useful when debugging. Patch from
Stephen Goetze in bz#3054

OpenBSD-Commit-ID: 41b394ebe57037dbc43bdd0eef21ff0511191f28
2020-05-27 10:09:19 +10:00
deraadt@openbsd.org
d7d753e297 upstream: we are still aiming for pre-C99 ...
OpenBSD-Commit-ID: a240fc9cbe60bc4e6c3d24d022eb4ab01fe1cb38
2020-05-27 10:09:19 +10:00
djm@openbsd.org
2ad7b7e464 upstream: Enable credProtect extension when generating a resident
key.

The FIDO 2.1 Client to Authenticator Protocol introduced a "credProtect"
feature to better protect resident keys. This option allows (amone other
possibilities) requiring a PIN prior to all operations that may retrieve
the key handle.

Patch by Pedro Martelletto; ok djm and markus

OpenBSD-Commit-ID: 013bc06a577dcaa66be3913b7f183eb8cad87e73
2020-05-27 10:09:19 +10:00
djm@openbsd.org
1e70dc3285 upstream: always call fido_init(); previous behaviour only called
fido_init() when SK_DEBUG was defined. Harmless with current libfido2, but
this isn't guaranteed in the future.

OpenBSD-Commit-ID: c7ea20ff2bcd98dd12015d748d3672d4f01f0864
2020-05-27 10:09:19 +10:00
djm@openbsd.org
f2d84f1b3f upstream: preserve group/world read permission on known_hosts
file across runs of "ssh-keygen -Rf /path". The old behaviour was to remove
all rights for group/other. bz#3146 ok dtucker@

OpenBSD-Commit-ID: dc369d0e0b5dd826430c63fd5f4b269953448a8a
2020-05-27 10:09:19 +10:00
djm@openbsd.org
05a651400d upstream: when ordering the hostkey algorithms to request from a
server, prefer certificate types if the known_hosts files contain a key
marked as a @cert-authority; bz#3157 ok markus@

OpenBSD-Commit-ID: 8f194573e5bb7c01b69bbfaabc68f27c9fa5e0db
2020-05-27 10:09:18 +10:00
djm@openbsd.org
829451815e upstream: fix non-ASCII quote that snuck in; spotted by Gabriel
Kihlman

OpenBSD-Commit-ID: 04bcde311de2325d9e45730c744c8de079b49800
2020-05-27 10:09:18 +10:00
djm@openbsd.org
5a442cec92 upstream: clarify role of FIDO tokens in multi-factor
authentictation; mostly from Pedro Martelletto

OpenBSD-Commit-ID: fbe05685a1f99c74b1baca7130c5a03c2df7c0ac
2020-05-27 10:09:18 +10:00
djm@openbsd.org
ecb2c02d99 upstream: fix compilation with DEBUG_KEXDH; bz#3160 ok dtucker@
OpenBSD-Commit-ID: 832e771948fb45f2270e8b8895aac36d176ba17a
2020-05-27 10:09:18 +10:00
Damien Miller
3ab6fccc39 prefer ln to cp for temporary copy of sshd
I saw failures on the reexec fallback test on Darwin 19.4 where
fork()ed children of a process that had it's executable removed
would instantly fail. Using ln to preserve the inode avoids this.
2020-05-14 12:24:24 +10:00
Darren Tucker
f700d316c6 Actually skip pty tests when needed. 2020-05-13 15:24:51 +10:00
Darren Tucker
08ce6b2210 Skip building sk-dummy library if no SK support. 2020-05-13 13:56:45 +10:00
Damien Miller
102d106bc2 explicitly manage .depend and .depend.bak
Bring back removal of .depend to give the file a known state before
running makedepend, but manually move aside the current .depend file
and restore it as .depend.bak afterwards so the stale .depend check
works as expected.
2020-05-13 12:08:34 +10:00
Damien Miller
83a6dc6ba1 make depend 2020-05-13 12:03:42 +10:00
Damien Miller
7c0bbed967 revert removal of .depend before makedepend
Commit 83657eac4 started removing .depend before running makedepend
to reset the contents of .depend to a known state. Unfortunately
this broke the depend-check step as now .depend.bak would only ever
be created as an empty file.

ok dtucker
2020-05-13 12:01:10 +10:00
Damien Miller
58ad004acd prepare for 8.3 release 2020-05-12 12:58:46 +10:00
Darren Tucker
4fa9e048c2 Ensure SA_SIGNAL test only signals itself.
When the test's child signals its parent and it exits the result of
getppid changes.  On Ubuntu 20.04 this results in the ppid being that
of the GDM session, causing it to exit.  Analysis and testing from pedro
at ambientworks.net
2020-05-08 21:50:43 +10:00
Damien Miller
dc2da29aae sync config.guess/config.sub with latest versions
ok dtucker@
2020-05-08 13:32:12 +10:00
djm@openbsd.org
a8265bd64c upstream: openssh-8.3; ok deraadt@
OpenBSD-Commit-ID: c8831ec88b9c750f5816aed9051031fb535d22c1
2020-05-07 15:39:00 +10:00
djm@openbsd.org
955854cafc upstream: another case where a utimes() failure could make scp send
a desynchronising error; reminded by Aymeric Vincent ok deraadt markus

OpenBSD-Commit-ID: 2ea611d34d8ff6d703a7a8bf858aa5dbfbfa7381
2020-05-07 15:39:00 +10:00
Darren Tucker
59d531553f Check if -D_REENTRANT is needed for localtime_r.
On at least HP-UX 11.11, the localtime_r declararation is behind
ifdef _REENTRANT.  Check for and add if needed.
2020-05-07 15:39:00 +10:00
Darren Tucker
c13403e55d Skip security key tests if ENABLE_SK not set. 2020-05-05 11:32:43 +10:00
djm@openbsd.org
4da393f87c upstream: sure enough, some of the test data that we though were in
new format were actually in the old format; fix from Michael Forney

OpenBSD-Regress-ID: a41a5c43a61b0f0b1691994dbf16dfb88e8af933
2020-05-04 18:42:13 +10:00
djm@openbsd.org
15bfafc1db upstream: make mktestdata.sh generate old/new format keys that we
expect. This script was written before OpenSSH switched to new-format private
keys by default and was never updated to the change (until now) From Michael
Forney

OpenBSD-Regress-ID: 38cf354715c96852e5b71c2393fb6e7ad28b7ca7
2020-05-04 18:42:13 +10:00
djm@openbsd.org
7882d2eda6 upstream: portability fix for sed that always emil a newline even
if the input does not contain one; from Michael Forney

OpenBSD-Regress-ID: 9190c3ddf0d2562ccc02c4a95fce0e392196bfc7
2020-05-04 18:42:13 +10:00
djm@openbsd.org
8074f9499e upstream: remove obsolete RSA1 test keys; spotted by Michael Forney
OpenBSD-Regress-ID: 6384ba889594e217d166908ed8253718ab0866da
2020-05-04 18:42:13 +10:00
Darren Tucker
c697e46c31 Update .depend. 2020-05-02 18:34:47 +10:00
Darren Tucker
83657eac42 Remove use of tail for 'make depend'.
Not every tail supports +N and we can do with out it so just remove it.
Prompted by mforney at mforney.org.
2020-05-02 18:29:40 +10:00
djm@openbsd.org
d25d630d24 upstream: we have a sshkey_save_public() function to save public keys;
use it and save a bunch of redundant code.

Patch from loic AT venez.fr; ok markus@ djm@

OpenBSD-Commit-ID: f93e030a0ebcd0fd9054ab30db501ec63454ea5f
2020-05-02 17:36:39 +10:00
Darren Tucker
e9dc986372 Use LONG_LONG_MAX and friends if available.
If we don't have LLONG_{MIN,MAX} but do have LONG_LONG_{MIN,MAX}
then use those instead.  We do calculate these values in configure,
but it turns out that at least one compiler (old HP ANSI C) can't
parse "-9223372036854775808LL" without mangling it. (It can parse
"-9223372036854775807LL" which is presumably why its limits.h defines
LONG_LONG_MIN as the latter minus 1.)

Fixes rekey test when compiled with the aforementioned compiler.
2020-05-01 18:41:40 +10:00
djm@openbsd.org
aad87b88fc upstream: when receving a file in sink(), be careful to send at
most a single error response after the file has been opened. Otherwise the
source() and sink() can become desyncronised. Reported by Daniel Goujot,
Georges-Axel Jaloyan, Ryan Lahfa, and David Naccache.

ok deraadt@ markus@

OpenBSD-Commit-ID: 6c14d233c97349cb811a8f7921ded3ae7d9e0035
2020-05-01 16:40:11 +10:00
djm@openbsd.org
31909696c4 upstream: expose vasnmprintf(); ok (as part of other commit) markus
deraadt

OpenBSD-Commit-ID: 2e80cea441c599631a870fd40307d2ade5a7f9b5
2020-05-01 16:40:11 +10:00
djm@openbsd.org
99ce9cefbe upstream: avoid NULL dereference when attempting to convert invalid
ssh.com private keys using "ssh-keygen -i"; spotted by Michael Forney

OpenBSD-Commit-ID: 2e56e6d26973967d11d13f56ea67145f435bf298
2020-05-01 16:40:11 +10:00
Darren Tucker
6c6072ba8b See if SA_RESTART signals will interrupt select().
On some platforms (at least older HP-UXes such as 11.11, possibly others)
setting SA_RESTART on signal handers will cause it to not interrupt
select(), at least for calls that do not specify a timeout.  Try to
detect this and if found, don't use SA_RESTART.

POSIX says "If SA_RESTART has been set for the interrupting signal, it
is implementation-dependent whether select() restarts or returns with
[EINTR]" so this behaviour is within spec.
2020-05-01 15:09:26 +10:00
Damien Miller
90a0b434ed fix reversed test 2020-05-01 13:55:03 +10:00