upstream: Replace OPENSSL as the variable that points to the
openssl binary with OPENSSL_BIN. This will allow us to use the OPENSSL
variable from mk.conf or the make(1) command line indicating if we're
building with our without OpenSSL, and ultimately get the regress tests
working in the OPENSSL=no configuration.
upstream: Exclude key conversion options from usage when built
without OpenSSL since those are not available, similar to what we currently
do with the moduli screening options. We can also use this to skip the
conversion regression tests in this case.
upstream: Let allowed signers files used by ssh-keygen(1)
signatures support key lifetimes, and allow the verification mode to specify
a signature time to check at. This is intended for use by git to support
signing objects using ssh keys. ok dtucker@
upstream: Ensure that all returned SSHFP records for the specified host
name and hostkey type match instead of only one. While there, simplify the
code somewhat and add some debugging. Based on discussion in bz#3322, ok
djm@.
upstream: Explicitly check for and start time-based rekeying in the
client and server mainloops.
Previously the rekey timeout could expire but rekeying would not start
until a packet was sent or received. This could cause us to spin in
select() on the rekey timeout if the connection was quiet.
Darren Tucker [Mon, 12 Jul 2021 08:00:05 +0000 (18:00 +1000)]
Add configure-time detection for SSH_TIME_T_MAX.
Should fix printing cert times exceeding INT_MAX (bz#3329) on platforms
were time_t is a long long. The limit used is for the signed type, so if
some system has a 32bit unsigned time_t then the lower limit will still
be imposed and we would need to add some way to detect this. Anyone using
an unsigned 64bit can let us know when it starts being a problem.
upstream: Make limit for time_t test unconditional in the
format_absolute_time fix for bz#3329 that allows printing of timestamps past
INT_MAX. This was incorrectly included with the previous commit. Based on
discussion with djm@.
upstream: Remove references to ChallengeResponseAuthentication in
favour of KbdInteractiveAuthentication. The former is what was in SSHv1, the
latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but
not entirely equivalent. We retain the old name as deprecated alias so
config files continue to work and a reference in the man page for people
looking for it.
Prompted by bz#3303 which pointed out the discrepancy between the two
when used with Match. Man page help & ok jmc@, with & ok djm@
upstream: Replace SIGCHLD/notify_pipe kludge with pselect.
Previously sshd's SIGCHLD handler would wake up select() by writing a
byte to notify_pipe. We can remove this by blocking SIGCHLD, checking
for child terminations then passing the original signal mask through
to pselect. This ensures that the pselect will immediately wake up if
a child terminates between wait()ing on them and the pselect.
In -portable, for platforms that do not have pselect the kludge is still
there but is hidden behind a pselect interface.
Darren Tucker [Fri, 25 Jun 2021 05:08:18 +0000 (15:08 +1000)]
Move closefrom() to before first malloc.
When built against tcmalloc, tcmalloc allocates a descriptor for its
internal use, so calling closefrom() afterward causes the descriptor
number to be reused resulting in a corrupted connection. Moving the
closefrom a little earlier should resolve this. From kircherlike at
outlook.com via bz#3321, ok djm@
Darren Tucker [Fri, 18 Jun 2021 10:41:45 +0000 (20:41 +1000)]
Put second -lssh in link line for sftp-server.
When building --without-openssl the recent port-prngd.c change adds
a dependency on atomicio, but since nothing else in sftp-server uses
it, the linker may not find it. Add a second -lssh similar to other
binaries.
returns -1, eg if it was interrupted by a signal. This should prevent
the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has
an unauthenticated child and goes on to a blocking read on a notify_pipe.
feedback deraadt@, ok djm@
djm@openbsd.org [Tue, 8 Jun 2021 07:09:42 +0000 (07:09 +0000)]
upstream: switch sshd_config parsing to argv_split()
similar to the previous commit, this switches sshd_config parsing to
the newer tokeniser. Config parsing will be a little stricter wrt
quote correctness and directives appearing without arguments.
feedback and ok markus@
tested in snaps for the last five or so days - thanks Theo and those who
caught bugs
djm@openbsd.org [Tue, 8 Jun 2021 07:07:15 +0000 (07:07 +0000)]
upstream: Switch ssh_config parsing to use argv_split()
This fixes a couple of problems with the previous tokeniser,
strdelim()
1. strdelim() is permissive wrt accepting '=' characters. This is
intended to allow it to tokenise "Option=value" but because it
cannot keep state, it will incorrectly split "Opt=val=val2".
2. strdelim() has rudimentry handling of quoted strings, but it
is incomplete and inconsistent. E.g. it doesn't handle escaped
quotes inside a quoted string.
3. It has no support for stopping on a (unquoted) comment. Because
of this readconf.c r1.343 added chopping of lines at '#', but
this caused a regression because these characters may legitimately
appear inside quoted strings.
The new tokeniser is stricter is a number of cases, including #1 above
but previously it was also possible for some directives to appear
without arguments. AFAIK these were nonsensical in all cases, and the
new tokeniser refuses to accept them.
The new code handles quotes much better, permitting quoted space as
well as escaped closing quotes. Finally, comment handling should be
fixed - the tokeniser will terminate only on unquoted # characters.
feedback & ok markus@
tested in snaps for the last five or so days - thanks Theo and those who
caught bugs
djm@openbsd.org [Mon, 7 Jun 2021 03:38:38 +0000 (03:38 +0000)]
upstream: fix debug message when finding a private key to match a
certificate being attempted for user authentication. Previously it would
print the certificate's path, whereas it was supposed to be showing the
private key's path. Patch from Alex Sherwin via GHPR247
djm@openbsd.org [Sun, 6 Jun 2021 03:40:39 +0000 (03:40 +0000)]
upstream: Client-side workaround for a bug in OpenSSH 7.4: this release
allows RSA/SHA2 signatures for public key authentication but fails to
advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse
to offer valid keys.
Reported by and based on patch from Gordon Messmer via bz3213, thanks
also for additional analysis by Jakub Jelen. ok dtucker
projects / thirdparty / openssh-portable.git / log
