Commit Graph

10855 Commits

Author SHA1 Message Date
dtucker@openbsd.org
e9f78d6b06 upstream: Rename HostbasedKeyTypes (ssh) and
HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more
accurately reflects its effect. This matches a previous change to
PubkeyAcceptedAlgorithms.  The previous names are retained as aliases.  ok
djm@

OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e
2021-01-26 22:50:40 +11:00
Darren Tucker
48d0d7a4dd Disable sntrup761 if compiler doesn't support VLAs.
The sntrup761 code sourced from supercop uses variable length
arrays.  Although widely supported, they are not part of the ANSI
C89 spec so if the compiler does not support VLAs, disable the
sntrup761x25519-sha512@openssh.com KEX method by replacing the kex
functions with no-op ones similar to what we do in kexecdh.c.

This should allow OpenSSH to build with a plain C89 compiler again.
Spotted by tim@, ok djm@.
2021-01-26 14:48:07 +11:00
djm@openbsd.org
37c70ea8d4 upstream: refactor key constraint parsing in ssh-agent
Key constraints parsing code previously existed in both the "add regular
key" and "add smartcard key" path. This unifies them but also introduces
more consistency checking: duplicated constraints and constraints that
are nonsensical for a particular situation (e.g. FIDO provider for a
smartcard key) are now banned.

ok markus@

OpenBSD-Commit-ID: 511cb1b1c021ee1d51a4c2d649b937445de7983c
2021-01-26 12:21:48 +11:00
djm@openbsd.org
e0e8bee802 upstream: more ssh-agent refactoring
Allow confirm_key() to accept an additional reason suffix

Factor publickey userauth parsing out into its own function and allow
it to optionally return things it parsed out of the message to its
caller.

feedback/ok markus@

OpenBSD-Commit-ID: 29006515617d1aa2d8b85cd2bf667e849146477e
2021-01-26 12:21:48 +11:00
djm@openbsd.org
dfe18a2955 upstream: make struct hostkeys public; I have no idea why I made it
opaque originally.

ok markus@

OpenBSD-Commit-ID: e50780b34d4bbe628d69b2405b024dd749d982f3
2021-01-26 12:21:48 +11:00
djm@openbsd.org
3b44f2513c upstream: move check_host_cert() from sshconnect,c to sshkey.c and
refactor it to make it more generally usable and testable.

ok markus@

OpenBSD-Commit-ID: 536f489f5ff38808c1fa711ba58d4579b636f9e4
2021-01-26 12:21:48 +11:00
djm@openbsd.org
1fe16fd61b upstream: use recallocarray to allocate the agent sockets table;
also clear socket entries that are being marked as unused.

spinkle in some debug2() spam to make it easier to watch an agent
do its thing.

ok markus

OpenBSD-Commit-ID: 74582c8e82e96afea46f6c7b6813a429cbc75922
2021-01-26 12:21:48 +11:00
djm@openbsd.org
cb7b22ea20 upstream: factor out common code in the agent client
Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for all requests that only expect success/failure

ok markus@

OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb
2021-01-26 12:21:48 +11:00
djm@openbsd.org
d1e578afe7 upstream: make ssh hostbased authentication send the signature
algorithm in its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
This make HostbasedAcceptedAlgorithms do what it is supposed to - filter on
signature algorithm and not key type.

spotted with dtucker@ ok markus@

OpenBSD-Commit-ID: 25bffe19f0326972f5728170f7da81d5f45c78c6
2021-01-25 17:04:40 +11:00
Darren Tucker
95eca1e195 ifdef new instance of sin6_scope_id
Put inside HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID similar to
existing instance.  Should fix error on UnixWare 7.
2021-01-23 18:28:37 +11:00
dtucker@openbsd.org
6ffdcdda12 upstream: Fix long->int for convtime tests here too. Spotted by
tobhe@.

OpenBSD-Regress-ID: a87094f5863312d00938afba771d25f788c849d0
2021-01-22 16:07:02 +11:00
dtucker@openbsd.org
b55b7565f1 upstream: PubkeyAcceptedKeyTypes->PubkeyAcceptedAlgorithms
here too.

OpenBSD-Commit-ID: 3b64a640f8ce8c21d9314da9df7ce2420eefde3a
2021-01-22 15:05:00 +11:00
dtucker@openbsd.org
ee9c0da803 upstream: Rename PubkeyAcceptedKeyTypes keyword to
PubkeyAcceptedAlgorithms. While the two were originally equivalent, this
actually specifies the signature algorithms that are accepted.  Some key
types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512)
so the old name is becoming increasingly misleading.  The old name is
retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@

OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5
2021-01-22 15:03:56 +11:00
dtucker@openbsd.org
a8e798feab upstream: Change types in convtime() unit test to int to match change
its new type. Add tests for boundary conditions and fix convtime to work up
to INT_MAX. ok djm@

OpenBSD-Regress-ID: ba2b81e9a3257fff204b020affe85b604a44f97e
2021-01-18 18:44:03 +11:00
dtucker@openbsd.org
9bde1a4206 upstream: Make output buffer larger to prevent potential truncation
warnings from compilers not smart enough to know the strftime calls won't
ever fully fill "to" and "from".  ok djm@

OpenBSD-Commit-ID: 83733f1b01b82da88b9dd1769475952aff10bdd7
2021-01-18 18:43:43 +11:00
dtucker@openbsd.org
02da325f10 upstream: Change types in convtime() unit test to int to match
change its new type. Add tests for boundary conditions and fix convtime to
work up to INT_MAX. ok djm@

OpenBSD-Commit-ID: 01dc0475f1484ac2f47facdfcf9221f9472145de
2021-01-18 18:43:43 +11:00
dtucker@openbsd.org
5339ab369c upstream: In waitfd(), when poll returns early we are subtracting
the elapsed time from the timeout each loop, so we only want to measure the
elapsed time the poll() in that loop, not since the start of the function.
Spotted by chris.xj.zhu at gmail.com, ok djm@

OpenBSD-Commit-ID: 199df060978ee9aa89b8041a3dfaf1bf7ae8dd7a
2021-01-18 18:43:43 +11:00
rob@openbsd.org
a164862dfa upstream: Minor grammatical correction.
OK jmc@

OpenBSD-Commit-ID: de0fad0581e212b2750751e479b79c18ff8cac02
2021-01-18 18:43:43 +11:00
Darren Tucker
8635e7df7e Merge Mac OS X targets into a single config. 2021-01-13 18:00:57 +11:00
Darren Tucker
ac112ade99 Add Mac OS X test targets. 2021-01-12 19:33:27 +11:00
anatasluo
1050109b4b Remove duplicated declaration in fatal.c . 2021-01-12 07:08:26 +11:00
dtucker@openbsd.org
7d0f8a3369 upstream: Correct spelling of persourcenetblocksize in config-dump
mode.

OpenBSD-Commit-ID: ecdc49e2b6bde6b6b0e52163d621831f6ac7b13d
2021-01-11 16:35:44 +11:00
dtucker@openbsd.org
ba328bd7a6 upstream: Adjust kexfuzz to addr.c/addrmatch.c split.
OpenBSD-Regress-ID: 1d8d23bb548078020be2fb52c4c643efb190f0eb
2021-01-11 15:24:31 +11:00
dtucker@openbsd.org
b08ef25552 upstream: Update unittests for addr.c/addrmatch.c split.
OpenBSD-Regress-ID: de2b415fb7af084a91c6ef147a90482d8f771eef
2021-01-11 15:24:31 +11:00
dtucker@openbsd.org
6d30673fed upstream: Change convtime() from returning long to returning int.
On platforms where sizeof(int) != sizeof(long), convtime could accept values
>MAX_INT which subsequently truncate when stored in an int during config
parsing.  bz#3250, ok djm@

OpenBSD-Commit-ID: 8fc932683d6b4660d52f50911d62bd6639c5db31
2021-01-11 15:04:12 +11:00
jmc@openbsd.org
7a57adb8b0 upstream: add a comma to previous;
OpenBSD-Commit-ID: 9139433701c0aa86a0d3a6c7afe10d1c9c2e0869
2021-01-11 15:04:12 +11:00
dtucker@openbsd.org
3a92312953 upstream: Add PerSourceMaxStartups and PerSourceNetBlockSize
options which provide more fine grained MaxStartups limits.  Man page help
jmc@, feedback & ok djm@

OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
2021-01-11 15:04:12 +11:00
dtucker@openbsd.org
d9a2bc7169 upstream: Move address handling functions out into their own file
in order to reuse them for per-source maxstartups limiting.  Supplement with
some additional functions from djm's flowtools that we'll also need.  ok djm@
(as part of a larger diff).

OpenBSD-Commit-ID: e3e7d9ccc6c9b82e25cfef0ec83598e8e2327cbf
2021-01-11 15:04:12 +11:00
Darren Tucker
b744914fcb Add test against Graphene hardened malloc. 2021-01-09 00:36:05 +11:00
djm@openbsd.org
6cb52d5bf7 upstream: make CheckHostIP default to 'no'. It doesn't provide any
perceptible value and makes it much harder for hosts to change host keys,
particularly ones that use IP-based load-balancing.

ok dtucker@

OpenBSD-Commit-ID: 0db98413e82074f78c7d46784b1286d08aee78f0
2021-01-08 16:01:30 +11:00
Darren Tucker
309b642e14 Run tests with sudo for better coverage. 2021-01-08 15:50:41 +11:00
Darren Tucker
c336644351 Add Ubuntu 16.04 and 20.04 test targets. 2021-01-08 15:49:06 +11:00
djm@openbsd.org
4c7af01f9d upstream: If a signature operation on a FIDO key fails with a
"incorrect PIN" reason and no PIN was initially requested from the user, then
request a PIN and retry the operation.

This smoothes over a few corner cases including FIDO devices that
require PINs for all hosted credentials, biometric FIDO devices that
fall back to requiring PIN when reading the biometric failed, devices
that don't implement reading credProtect status for downloaded keys
and probably a few more cases that I haven't though of yet.

ok dtucker@

OpenBSD-Commit-ID: 176db8518933d6a5bbf81a2e3cf62447158dc878
2021-01-08 13:58:27 +11:00
djm@openbsd.org
64ddd0fe68 upstream: don't try to use timespeccmp(3) directly as a qsort(3)
comparison function - it returns 0/1 and not the -1/0/1 that qsort expectes.

fixes sftp "ls -ltr" under some circumstances.

Based on patch by Masahiro Matsuya via bz3248.

OpenBSD-Commit-ID: 65b5e9f18bb0d10573868c3516de6e5170adb163
2021-01-08 13:50:46 +11:00
dtucker@openbsd.org
599df78f30 upstream: Update the sntrup761 creation script and generated code:
- remove unneeded header files and typedefs and rely on crypto_api.h  - add
defines to map types used to the crypto_api ones instead of typedefs.  This
 prevents typedef name collisions in -portable.  - remove CRYPTO_NAMESPACE
entirely instead of making it a no-op  - delete unused functions and make the
remaining ones that aren't exported static.

ok djm@

OpenBSD-Commit-ID: 7b9d0cf3acd5a3c1091da8afe00c904d38cf5783
2021-01-08 13:49:49 +11:00
djm@openbsd.org
16448ff529 upstream: mention that DisableForwarding is valid in a sshd_config
Match block reported by Fredrik Eriksson in bz3239

OpenBSD-Commit-ID: 3a71c3d84b597f5e43e4b40d5232797daf0993f6
2021-01-08 13:46:35 +11:00
dtucker@openbsd.org
91bac5e95b upstream: estructure sntrup761.sh to process all files in a single
list, which will make it easier to reorder.  Re-inline int32_MINMAX.  ok
tobhe@

OpenBSD-Commit-ID: d145c6c19b08bb93c9e14bfaa7af589d90f144c0
2021-01-08 13:46:35 +11:00
tobhe@openbsd.org
4d96a3ebab upstream: Prevent redefinition of `crypto_int32' error with gcc3.
Fixes compilation on luna88k.

Feedback millert@
Found by and ok aoyama@

OpenBSD-Commit-ID: f305ddfe575a26cc53431af3fde3f4aeebed9ba6
2021-01-08 13:45:46 +11:00
Darren Tucker
a23954eeb9 Undef int32 after sort routines.
This prevents typedef'ing crypto_int32 twice, in sntrup761.c and
crypto_api.h, which some compilers (at least some GCCs) don't accept.
2021-01-01 22:00:49 +11:00
Damien Miller
148b8a661c fix: missing pieces of previous commit 2020-12-31 12:47:22 +11:00
tobhe@openbsd.org
3d999be7b9 upstream: Use int64_t for intermediate values in int32_MINMAX to
prevent signed 32-bit integer overflow.

Found by and ok djm@
ok markus@

OpenBSD-Commit-ID: 4f0704768e34cf45fdd792bac4011c6971881bb3
2020-12-31 12:42:16 +11:00
Damien Miller
5c1953bf98 adapt KEX fuzzer to PQ kex change 2020-12-29 12:40:54 +11:00
djm@openbsd.org
659864fe81 upstream: Adapt to replacement of
sntrup4591761x25519-sha512@tinyssh.org with
sntrup761x25519-sha512@openssh.com.

Also test sntrup761x25519-sha512@openssh.com in unittests/kex

OpenBSD-Regress-ID: cfa3506b2b077a9cac1877fb521efd2641b6030c
2020-12-29 12:39:40 +11:00
djm@openbsd.org
2c71cec020 upstream: Update/replace the experimental post-quantim hybrid key
exchange method based on Streamlined NTRU Prime (coupled with X25519).

The previous sntrup4591761x25519-sha512@tinyssh.org method is
replaced with sntrup761x25519-sha512@openssh.com. Per the authors,
sntrup4591761 was replaced almost two years ago by sntrup761.

The sntrup761 implementaion, like sntrup4591761 before it, is public
domain code extracted from the SUPERCOP cryptography benchmark
suite (https://bench.cr.yp.to/supercop.html).

Thanks for Daniel J Bernstein for guidance on algorithm selection.
Patch from Tobias Heider; feedback & ok markus@ and myself

(note this both the updated method and the one that it replaced are
disabled by default)

OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
2020-12-29 12:38:53 +11:00
jmc@openbsd.org
09d070ccc3 upstream: tweak the description of KnownHostsCommand in ssh_conf.5,
and add entries for it to the -O list in scp.1 and sftp.1;

ok djm

OpenBSD-Commit-ID: aba31ebea03f38f8d218857f7ce16a500c3e4aff
2020-12-29 12:02:51 +11:00
Damien Miller
931c93389a whitespace at EOL 2020-12-22 19:43:55 +11:00
Damien Miller
397b1c4d39 whitespace at EOL 2020-12-22 19:42:52 +11:00
Darren Tucker
33fa3ac547 Improve AIX text. 2020-12-22 19:21:26 +11:00
Darren Tucker
0f2e21c9dc Include stdio.h for FILE in misc.h.
Fixes build on at least OpenBSD.
2020-12-22 18:56:54 +11:00
Damien Miller
3e9811e57b ensure $LOGNAME is set in tests 2020-12-22 18:31:50 +11:00