upstream: test ssh-agent with the -T flag to force the old /tmp
location rather than inside the homedir. During relink operation,
/.ssh/agent was created which is surprising. This test sequence could use
some improvement so this is a temporary fix. observed by florian, change ok
semarie
djm@openbsd.org [Mon, 5 May 2025 02:48:06 +0000 (02:48 +0000)]
upstream: Move agent listener sockets from /tmp to under
~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8).
This ensures processes (such as Firefox) that have restricted
filesystem access that includes /tmp (via unveil(3)) do not have the
ability to use keys in an agent.
Moving the default directory has the consequence that the OS will no
longer clean up stale agent sockets, so ssh-agent now gains this
ability.
To support $HOME on NFS, the socket path includes a truncated hash of
the hostname. ssh-agent will by default only clean up sockets from
the same hostname.
ssh-agent gains some new flags: -U suppresses the automatic cleanup
of stale sockets when it starts. -u forces a cleanup without
keeping a running agent, -uu forces a cleanup that ignores the
hostname. -T makes ssh-agent put the socket back in /tmp.
upstream: make writing known_hosts lines more atomic, by writing
the entire line in one operation and using unbuffered stdio.
Usually writes to this file are serialised on the "Are you sure you
want to continue connecting?" prompt, but if host key checking is
disabled and connections were being made with high concurrency
then interleaved writes might have been possible.
Darren Tucker [Tue, 15 Apr 2025 11:58:49 +0000 (21:58 +1000)]
Look for sqrt(), possibly in libm.
The unit tests now use sqrt(), which in some platforms (notably
DragonFlyBSD and Solaris) is not in libc but rather libm. Since only
the unit tests use this, add TESTLIBS and if necessary put libm in it.
upstream: Pass "ControlMaster no" to ssh when invoked by scp & sftp.
If you have ControlMaster auto (or yes) in your config, and the
first connection you make is via scp or sftp, then you may get a
few unexpected options applied to it (eg ForwardX11 no), since sftp
and sftp explicitly disable those for reasons. These effects will
persist beyond the initial scp or sftp command.
This explicitly disables persistent session *creation* by scp and sftp.
It will not prevent them from using an existing session if one has
already been created.
Daniil Tatianin [Thu, 27 Feb 2025 08:37:13 +0000 (11:37 +0300)]
Add support for locking memory on Linux
Linux wakes up kcompactd threads in order to make more contiguous memory
available on the system, it does this by migrating live movable pages
(actively modifying live processes' page tables and constantly flooding
them with page invalidation IPIs, which can be up to millions per
second), which causes the process to become unresponsive for up to
seconds or even minutes in some severe cases. In case of sshd, we want
to always be able to connect to the system, even if it's under heavy
kcompactd load.
Introduce an option to protect sshd and its children sessions from being
compacted by kcompactd (this works in cojunction with
compact_unevictable_allowed = 0). Note that we depend on MCL_ONFAULT
being available, which was introduced in linux 4.4. MCL_ONFAULT allows
the system to lock pages lazily, thus drastically reducing memory usage
of a locked process (without MCL_ONFAULT, every existing mapping in the
process is instantly write-faulted).
Daniil Tatianin [Thu, 27 Feb 2025 08:46:25 +0000 (11:46 +0300)]
platform: introduce a way to hook new session start
Previously this was possible via post_fork_child, but ever since sshd
was split into multiple binaries, this is now no longer possible becase
of execv.
tb@openbsd.org [Fri, 14 Mar 2025 09:49:49 +0000 (09:49 +0000)]
upstream: Fix EVP_CIPHER_CTX_ctrl() return checks
While this API tries to translate negative return values (i.e. -1) to 0
in BoringSSL and LibreSSL, it is still possible for it to return negative
values in prinicple. We even incorrectly document that -1 can be returned
while Boring and OpenSSL plead the Fifth.
In OpenSSL 3 there are now code paths that explicitly return -1 and they
started shifting their return checks to <= 0 - of course they do this in
inconsistent and sometimes incorrect manner. While these paths aren't
reachable from ssh right now, who can really tell what happens in the two
hundred lines of inscrutable bloated mess this has become.
So error check with <= 0 to ensure that we don't accidentally translate an
error to success.
djm@openbsd.org [Wed, 12 Mar 2025 22:43:44 +0000 (22:43 +0000)]
upstream: remove assumption that the sshd_config and any configs
included from it can fit in a (possibly enlarged) socket buffer, by having
the sshd listener mainloop actively manage sending the configuration to the
sshd-session subprocess.
work by markus@ w/ a little feedback from me;
ok me and committing on his behalf
upstream: Prime caches for DNS names needed for tests.
When running the SSHFP tests, particularly on an ephemeral VM, the first
query or two can fail for some reason, presumably because something isn't
fully initialized or something. To work around this, issue queries for the
names we'll need before we need them.
Darren Tucker [Tue, 11 Mar 2025 08:17:46 +0000 (19:17 +1100)]
Lazily unmount github workspace at end of workflow.
Sometimes when a test times out the workspace is still busy when we try
to unmount it, which leaves the runner unusable until it's cleaned up
manually. We try to unmount this in the first step, but that usually
doesn't work since it fails during setup before it starts our workflow.
Move it to the end and make it a lazy unmount so it hopefully works
eventually.
upstream: Check if dbclient supports SHA1 before trying SHA1-based
KEX.
Dropbear 2025.87 removed SHA1 support by default, which means
diffie-hellman-group14-sha1 is not available. Unfortunately there isn't a
flag to query supported KEX, so instead check MACs and if it doesn't have
SHA1 methods, assuming SHA1 based KEXes are likewise not available. Spotted
by anton@.
Darren Tucker [Wed, 26 Feb 2025 07:16:03 +0000 (18:16 +1100)]
Check for le32toh, le64toh, htole64 individually.
It appears that at least some versions of endian.h in glibc do not have
the latter two, so check for and replace each one individually.
bz#3794, ok djm@
Damien Miller [Mon, 24 Feb 2025 06:27:50 +0000 (17:27 +1100)]
Try to fix github tcmalloc target failure
tcmalloc may, depending on the stacktrace generator it uses, create
pipe(2) fds during shared library initialisation. These will later
get clobbered by ssh/sshd calling closefrom() and chaos will ensue.
Tell tcmalloc to use an unwinder that doesn't pull this stuff.
projects / thirdparty / openssh-portable.git / log
