djm@openbsd.org [Wed, 4 Oct 2017 18:49:30 +0000 (18:49 +0000)]
upstream commit
fix (another) problem in PermitOpen introduced during the
channels.c refactor: the third and subsequent arguments to PermitOpen were
being silently ignored; ok markus@
Damien Miller [Thu, 28 Sep 2017 21:54:34 +0000 (14:54 -0700)]
abort in configure when only openssl-1.1.x found
We don't support openssl-1.1.x yet (see multiple threads on the
openssh-unix-dev@ mailing list for the reason), but previously
./configure would accept it and the compilation would subsequently
fail. This makes ./configure display an explicit error message and
abort.
Darren Tucker [Tue, 26 Sep 2017 21:44:41 +0000 (07:44 +1000)]
Check for and handle calloc(p, 0) = NULL.
On some platforms (AIX, maybe others) allocating zero bytes of memory
via the various *alloc functions returns NULL, which is permitted
by the standards. Autoconf has some macros for detecting this (with
the exception of calloc for some reason) so use these and if necessary
activate shims for them. ok djm@
fix inverted test on channel open failure path that
"upgraded" a transient failure into a fatal error; reported by sthen and also
seen by benno@; ok sthen@
write the correct buffer when tunnel forwarding; doesn't
matter on OpenBSD (they are the same) but does matter on portable where we
use an output filter to translate os-specific tun/tap headers
Add 'reverse' dynamic forwarding which combines dynamic
forwarding (-D) with remote forwarding (-R) where the remote-forwarded port
expects SOCKS-requests.
The SSH server code is unchanged and the parsing happens at the SSH
clients side. Thus the full SOCKS-request is sent over the forwarded
channel and the client parses c->output. Parsing happens in
channel_before_prepare_select(), _before_ the select bitmask is
computed in the pre[] handlers, but after network input processing
in the post[] handlers.
Damien Miller [Tue, 19 Sep 2017 00:18:56 +0000 (10:18 +1000)]
move FORTIFY_SOURCE into hardening options group
It's still on by default, but now it's possible to turn it off using
--without-hardening. This is useful since it's known to cause problems
with some -fsanitize options. ok dtucker@
Print SKIPPED if sudo and doas configuration is missing.
Prevents that running the regression test with wrong environment is reported
as failure. Keep the fatal there to avoid interfering with other setups for
portable ssh. OK dtucker@
Don't call fatal from stop_sshd since it calls cleanup
which calls stop_sshd which will probably fail in the same way. Instead,
just bail. Differentiate between sshd dying without cleanup and not shutting
down.
-------------
identify the case where SSHFP records are missing but other DNS RR
types are present and display a more useful error message for this
case; patch by Thordur Bjornsson; bz#2501; ok dtucker@
-------------
This caused unexpected failures when VerifyHostKeyDNS=yes, SSHFP results
are missing but the user already has the key in known_hosts
Previously we tracked the remote channel IDs in an int, but this is
strictly incorrect: the wire protocol uses uint32 and there is nothing
in-principle stopping a SSH implementation from sending, say, 0xffff0000.
In practice everyone numbers their channels sequentially, so this has
never been a problem.
Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.
Damien Miller [Fri, 8 Sep 2017 02:38:31 +0000 (12:38 +1000)]
Give configure ability to set CFLAGS/LDFLAGS later
Some CFLAGS/LDFLAGS may disrupt the configure script's operation,
in particular santization and fuzzer options that break assumptions
about memory and file descriptor dispositions.
This adds two flags to configure --with-cflags-after and
--with-ldflags-after that allow specifying additional compiler and
linker options that are added to the resultant Makefiles but not
used in the configure run itself.
Expand ssh_config's StrictModes option with two new
settings:
StrictModes=accept-new will automatically accept hitherto-unseen keys
but will refuse connections for changed or invalid hostkeys.
StrictModes=off is the same as StrictModes=no
Motivation:
StrictModes=no combines two behaviours for host key processing:
automatically learning new hostkeys and continuing to connect to hosts
with invalid/changed hostkeys. The latter behaviour is quite dangerous
since it removes most of the protections the SSH protocol is supposed to
provide.
Quite a few users want to automatically learn hostkeys however, so
this makes that feature available with less danger.
At some point in the future, StrictModes=no will change to be a synonym
for accept-new, with its current behaviour remaining available via
StrictModes=off.
identify the case where SSHFP records are missing but
other DNS RR types are present and display a more useful error message for
this case; patch by Thordur Bjornsson; bz#2501; ok dtucker@
Increase the buffer sizes for user prompts to ensure that
they won't be truncated by snprintf. Based on patch from cjwatson at
debian.org via bz#2768, ok djm@
Darren Tucker [Mon, 28 Aug 2017 06:48:27 +0000 (16:48 +1000)]
Switch Capsicum header to sys/capsicum.h.
FreeBSD's <sys/capability.h> was renamed to <sys/capsicum.h> in 2014 to
avoid future conflicts with POSIX capabilities (the last release that
didn't have it was 9.3) so switch to that. Patch from des at des.no.
djm@openbsd.org [Sat, 12 Aug 2017 06:46:01 +0000 (06:46 +0000)]
upstream commit
make "--" before the hostname terminate command-line
option processing completely; previous behaviour would not prevent further
options appearing after the hostname (ssh has a supported options after the
hostname for >20 years, so that's too late to change).
djm@openbsd.org [Sat, 12 Aug 2017 06:42:52 +0000 (06:42 +0000)]
upstream commit
Switch from aes256-cbc to aes256-ctr for encrypting
new-style private keys. The latter having the advantage of being supported
for no-OpenSSL builds; bz#2754 ok markus@
Tweak previous keepalive commit: if last_time + keepalive
<= now instead of just "<" so client_alive_check will fire if the select
happens to return on exact second of the timeout. ok djm@
Keep track of the last time we actually heard from the
client and use this to also schedule a client_alive_check(). Prevents
activity on a forwarded port from indefinitely preventing the select timeout
so that client_alive_check() will eventually (although not optimally) be
called.
Analysis by willchan at google com via bz#2756, feedback & ok djm@
Make ""Killed by signal 1" LogLevel verbose so it's not
shown at the default level. Prevents it from appearing during ssh -J and
equivalent ProxyCommand configs. bz#1906, bz#2744, feedback&ok markus@
man pages with pseudo synopses which list filenames end
up creating very ugly output in man -k; after some discussion with ingo, we
feel the simplest fix is to remove such SYNOPSIS sections: the info is hardly
helpful at page top, is contained already in FILES, and there are
sufficiently few that just zapping them is simple;
ok schwarze, who also helpfully ran things through a build to check
output;
When generating all hostkeys (ssh-keygen -A), clobber
existing keys if they exist but are zero length. zero-length keys could
previously be made if ssh-keygen failed part way through generating them, so
avoid that case too. bz#2561 reported by Krzysztof Cieplucha; ok dtucker@
Only call close once in confree(). ssh_packet_close will
close the FD so only explicitly close non-SSH channels. bz#2734, from
bagajjal at microsoft.com, ok djm@
djm@openbsd.org [Sat, 24 Jun 2017 06:38:11 +0000 (06:38 +0000)]
upstream commit
don't pass pointer to struct sshcipher between privsep
processes, just redo the lookup in each using the already-passed cipher name.
bz#2704 based on patch from Brooks Davis; ok markus dtucker
When using the escape sequence &~ the code path is
client_loop() -> client_simple_escape_filter() -> process_escapes() -> fork()
and the pledge for this path lacks the proc promise and therefore aborts the
process. The solution is to just add proc the promise to this specific
pledge.
Reported by Gregoire Jadi gjadi ! omecha.info
Insight with tb@, OK jca@
Add user@host prefix to client's "Permisison denied"
messages, useful in particular when using "stacked" connections where it's
not clear which host is denying. bz#2720, ok djm@ markus@
djm@openbsd.org [Tue, 13 Jun 2017 12:13:59 +0000 (12:13 +0000)]
upstream commit
Do not require that unknown EXT_INFO extension values not
contain \0 characters. This would cause fatal connection errors if an
implementation sent e.g. string-encoded sub-values inside a value.
Damien Miller [Sat, 10 Jun 2017 13:41:25 +0000 (23:41 +1000)]
portability for sftp globbed ls sort by mtime
Include replacement timespeccmp() for systems that lack it.
Support time_t struct stat->st_mtime in addition to
timespec stat->st_mtim, as well as unsorted fallback.
djm@openbsd.org [Fri, 9 Jun 2017 06:47:13 +0000 (06:47 +0000)]
upstream commit
return failure rather than fatal() for more cases during
mux negotiations. Causes the session to fall back to a non-mux connection if
they occur. bz#2707 ok dtucker@
projects / thirdparty / openssh-portable.git / log
