upstream: Help OpenSSH's PKCS#11 support kick its meth habit.
The PKCS#11 code in OpenSSH used the libcrypto public key method API
(e.g. the delightfully named RSA_meth_free()) to delegate signing
operations to external keys. This had one advantage - that it was
basically transparent to callers, but also had a big disadvantage -
that we'd manually have to track the method implementations, their
state and their relationships to the underlying PKCS#11 objects.
This rips this out and replaces it with explicit delegation to
PKCS#11 code for externally hosted keys via the ssh-pkcs11-helper
subprocess. This is very similar to how we handle FIDO keys in
OpenSSH (i.e. via ssh-sk-helper). All we need to track now is a
much simpler mapping of public key -> helper subprocess.
Kicking our libcrypto meth dependency also makes it much easier
to support Ed25519 keys in PKCS#11, which will happen in a subsequent
commit.
upstream: add a ssh_config RefuseConnection option that, when
encountered while processing an active section in a configuration file,
terminates ssh(1) with an error message that contains the argument to the
option.
This may be useful for expressing reminders or warnings in config
files, for example:
Match host foo
RefuseConnection "foo is deprecated, use splork instead"
Jan Tojnar [Thu, 18 May 2023 14:30:35 +0000 (16:30 +0200)]
Add gnome-ssh-askpass4 for GNOME 40+
GTK 3 has been in maintenance mode for a while now, and it is on the road
to being abandoned. As a result, the dialogue looks out of place on modern
systems.
We could port it to GTK 4 but without the program being registered as an
application (i.e. having a .desktop file), GNOME Shell would ask for
permission to grab input every time.
Let’s instead use the GNOME Shell’s native prompt through the unstable
Gcr API.
Damien Miller [Sat, 12 Jul 2025 00:20:27 +0000 (17:20 -0700)]
let ga_init() fail gracefully if getgrouplist does
Apparently getgrouplist() can fail on OSX for when passed a non-existent
group name. Other platforms seem to return a group list consisting of
the numeric gid passed to the function.
This makes ga_init() handle this failure case gracefully, where it will
return success but with an empty group list array.
upstream: the messaging layer between sshd-session and sshd-auth had a
maximum message size of 256KB. Some people apparently have configurations
larger than this and would hit this limit.
Worse, there was no good logging that could help diagnose what was
going wrong.
So this bumps the maximum message size to 4MB and implements an early
check (usable via the sshd -t test mode) that will report it to the
user where it is hopefully more visible.
bz3808, reported by Dmitry Belyavskiy, ok dtucker@
upstream: mux: fix incorrect return value check in local forward
cancellation
channel_cancel_lport_listener() returns 1 on success and 0 on failure.
The previous code incorrectly checked for `== -1`, a value the function
never returns, so failure was not detected and the "port not found"
error message was never shown when cancelling dynamic or local port
forwards.
Damien Miller [Wed, 2 Jul 2025 03:47:38 +0000 (13:47 +1000)]
wrap some autoconf macros in AC_CACHE_CHECK
This allows skipping/overriding the OSSH_CHECK_CFLAG_COMPILE and
OSSH_CHECK_CFLAG_LINK macros used to discover supported compiler
or linker flags. E.g.
$ ./configure ossh_cv_cflag__fzero_call_used_regs_used=no
[...]
checking if cc supports compile flag -ftrapv and linking succeeds... yes
checking if cc supports compile flag -fzero-call-used-regs=used and linking succeeds... (cached) no
checking if cc supports compile flag -ftrivial-auto-var-init=zero... yes
Darren Tucker [Sun, 29 Jun 2025 04:34:48 +0000 (14:34 +1000)]
Encrypt temporary password we're setting.
Now that we want to actually use the random password for tests, we need
to correctly encrypt it, instead of just setting it to a random string
that's not the "locked" value.
upstream: Now that ssh-keygen defaults to the maximum memory for
moduli generation we no longer need to run it twice to get enough. Use mkdir
-p instead of a conditional, which allows "make -jN" to work without error.
upstream: Set user, host and path to NULL immediately before calling
parse_user_host_path in tests. This ensures that we don't accidentally use
the previous value if the function under test doesn't set them Also fixes
Coverity CIDs 405056 405065 405066.
upstream: Fix x11_channel_used_recently() to return true when channel
has been used within the last second, instead of more than a second ago.
Should fix ~5s delay on X client startup when ObscureKeystrokeTiming is
enabled. bz#3820, ok (& sigh) djm@
upstream: Make the display number check relative to
X11DisplayOffset.
This will allows people to use X11DisplayOffset to configure much higher
port ranges if they really want, while not changing the default behaviour.
Patch from Roman Gubarev via github PR#559, ok djm@
BENCH_START and BENCH_FINISH are actually a while() loop in disguise,
so if sshkey_generate does not reset the key pointer on failure the test
may incorrectly pass. It also confuses Coverity (CID 551234).
auth-pam: Check the user didn't change during PAM transaction
PAM modules can change the user during their execution, in such case ssh
would still use the user that has been provided giving potentially
access to another user with the credentials of another one.
So prevent this to happen, by ensuring that the final PAM user is
matching the one that initiated the transaction.
This vaguely made sense 20 years ago, but these days you'd be hard
pressed to *find* a machine small enough to not support the maximum
(127MB), and no one is screening moduli on such machines anyway,
so just use the max. This also fixes Coverity CID 470522 by deleting
code in question. "kill it with fire" djm@.
Damien Miller [Thu, 22 May 2025 08:42:44 +0000 (18:42 +1000)]
minimal shims for fstatat(2)/unlinkat(2) in agent
Add some very minimal and task-specific replacements for
fstatat(2) and unlinkat(2) in the ssh-agent socket cleanup
loop, for platforms that lack these functions. ok dtucker@
POSIX allows dirname() to modify its args and return a pointer into it,
so this prevents an overlapping strlcpy. bz#3819, patch from cjwatson
at debian.org
projects / thirdparty / openssh-portable.git / log
