By design, 'partial' logins are successful logins, so initially with
authenticated set to 1, for which another authentication is required. As
a result, authenticated is always reset to 0 when partial is set to 1.
However, even if authenticated is 0, those are not failed login
attempts, similarly to attempts with authctxt->postponed set to 1.
upstream: Switch the listening select loop from select() to
pselect() and mask signals while checking signal flags, umasking for pselect
and restoring afterwards. Also restore signals before sighup_restart so they
don't remain blocked after restart.
This prevents a race where a SIGTERM or SIGHUP can arrive between
checking the flag and calling select (eg if sshd is processing a
new connection) resulting in sshd not shutting down until the next
time it receives a new connection. bz#2158, with & ok djm@
djm@openbsd.org [Fri, 4 Jun 2021 05:02:40 +0000 (05:02 +0000)]
upstream: allow ssh_config SetEnv to override $TERM, which is otherwise
handled specially by the protocol. Useful in ~/.ssh/config to set TERM to
something generic (e.g. "xterm" instead of "xterm-256color") for destinations
that lack terminfo entries. feedback and ok dtucker@
djm@openbsd.org [Mon, 31 May 2021 06:48:42 +0000 (06:48 +0000)]
upstream: Hash challenge supplied by client during FIDO key enrollment
prior to passing it to libfido2, which does expect a hash.
There is no effect for users who are simply generating FIDO keys using
ssh-keygen - by default we generate a random 256 bit challenge, but
people building attestation workflows around our tools should now have
a more consistent experience (esp. fewer failures when they fail to
guess the magic 32-byte challenge length requirement).
Darren Tucker [Tue, 25 May 2021 01:40:47 +0000 (11:40 +1000)]
Rename README.md to ci-status.md.
The original intent was to provide a status page for the CIs configured
in that directory, but it had the side effect of replacing the top-level
README.md.
djm@openbsd.org [Wed, 19 May 2021 01:24:05 +0000 (01:24 +0000)]
upstream: restore blocking status on stdio fds before close
ssh(1) needs to set file descriptors to non-blocking mode to operate
but it was not restoring the original state on exit. This could cause
problems with fds shared with other programs via the shell, e.g.
> $ cat > test.sh << _EOF
> #!/bin/sh
> {
> ssh -Fnone -oLogLevel=verbose ::1 hostname
> cat /usr/share/dict/words
> } | sleep 10
> _EOF
> $ ./test.sh
> Authenticated to ::1 ([::1]:22).
> Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
> Bytes per second: sent 44338.9, received 55197.4
> cat: stdout: Resource temporarily unavailable
This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
abandons/closes them.
This was reported as bz3280 and GHPR246; ok dtucker@
upstream: Clarify language about moduli. While both ends of the
connection do need to use the same parameters (ie groups), the DH-GEX
protocol takes care of that and both ends do not need the same contents in
the moduli file, which is what the previous text suggested. ok djm@ jmc@
Darren Tucker [Mon, 26 Apr 2021 23:18:02 +0000 (09:18 +1000)]
Fix custom OpenSSL tests.
Check out specified OpenSSL version. Install custom libcrypto where
configure expects to find it. Remove unneeded OpenSSL config time
options. Older OpenSSL versions were not make -j safe so remove it.
Damien Miller [Wed, 14 Apr 2021 01:42:55 +0000 (11:42 +1000)]
sshd don't exit on transient read errors
openssh-8.5 introduced a regression that would cause sshd to exit
because of transient read errors on the network socket (e.g. EINTR,
EAGAIN). Reported by balu.gajjala AT gmail.com via bz3297
Damien Miller [Sat, 10 Apr 2021 08:22:57 +0000 (18:22 +1000)]
dedicated gnome-ssk-askpass3 source
Compatibility with Wayland requires that we use the gdk_seat_grab()
API for grabbing mouse/keyboard, however these API don't exist in
Gtk+2.
This branches gnome-ssk-askpass2.c => gnome-ssk-askpass3.c and
makes the changes to use the gdk_seat_grab() instead of grabbing
mouse/focus separately via GDK.
In the future, we can also use the branched file to avoid some
API that has been soft-deprecated in GTK+3, e.g. gtk_widget_modify_fg
Darren Tucker [Thu, 8 Apr 2021 03:25:57 +0000 (13:25 +1000)]
ifdef out MIN and MAX.
In -portable, defines.h ensures that these are defined, so redefining
potentially causes a warning. We don't just delete it to make any
future code syncs a little but easier. bz#3293.
Darren Tucker [Wed, 7 Apr 2021 00:23:51 +0000 (10:23 +1000)]
Remove only use of warn().
The warn() function is only used in one place in portable and does not
exist upstream. Upgrade the only instance it's used to fail()
(the privsep/sandbox+proxyconnect, from back when that was new) and
remove the now-unused function.
upstream: Don't check return value of unsetenv(). It's part of the
environment setup and not part of the actual test, and some platforms
-portable runs on declare it as returning void, which prevents the test from
compiling.
projects / thirdparty / openssh-portable.git / log
