Commit Graph

305 Commits

Author SHA1 Message Date
Manoj Ampalam 7079aed39c Merge branch 'V_8_0' of https://github.com/openssh/openssh-portable 2019-05-22 14:18:23 -07:00
djm@openbsd.org 95a8058c1a upstream: let PKCS11Provider=none do what users expect
print PKCS11Provider instead of obsolete SmartcardDevice in config dump.

bz#2974 ok dtucker@

OpenBSD-Commit-ID: c303d6f0230a33aa2dd92dc9b68843d56a64f846
2019-03-01 13:21:29 +11:00
djm@openbsd.org 9b61130fbd upstream: openssh-7.9 accidentally reused the server's algorithm lists
in the client for KEX, ciphers and MACs. The ciphers and MACs were identical
between the client and server, but the error accidentially disabled the
diffie-hellman-group-exchange-sha1 KEX method.

This fixes the client code to use the correct method list, but
because nobody complained, it also disables the
diffie-hellman-group-exchange-sha1 KEX method.

Reported by nuxi AT vault24.org via bz#2697; ok dtucker

OpenBSD-Commit-ID: e30c33a23c10fd536fefa120e86af1842e33fd57
2019-02-24 10:51:46 +11:00
djm@openbsd.org 9e34e0c59a upstream: add a ssh_config "Match final" predicate
Matches in same pass as "Match canonical" but doesn't require
hostname canonicalisation be enabled. bz#2906 ok markus

OpenBSD-Commit-ID: fba1dfe9f6e0cabcd0e2b3be13f7a434199beffa
2018-11-23 16:09:12 +11:00
djm@openbsd.org 2a35862e66 upstream: use path_absolute() for pathname checks; from Manoj Ampalam
OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925
2018-11-16 14:37:33 +11:00
Manoj Ampalam cc16f80123
Converge fork and upstream branches
- Removed #ifdef WINDOWS blocks in base code where the feature support can be conveyed by a failed POSIX API call
- Refactored password authentication code
- Other misc changes - Removed DebugBreak on Release Builds
2018-10-30 14:54:13 -07:00
Manoj Ampalam 456c5fc72b Merge branch 'V_7_9' of https://github.com/openssh/openssh-portable 2018-10-25 11:55:02 -07:00
naddy@openbsd.org 2581333d56 upstream: Support using service names for port numbers.
* Try to resolve a port specification with getservbyname(3) if a
 numeric conversion fails.
* Make the "Port" option in ssh_config handle its argument as a
 port rather than a plain integer.

ok dtucker@ deraadt@

OpenBSD-Commit-ID: e7f03633133205ab3dfbc67f9df7475fabae660d
2018-10-07 14:58:24 +11:00
Manoj Ampalam 1ce9e2005d Merge branch 'V_7_8' of https://github.com/openssh/openssh-portable into cwb 2018-10-04 14:43:51 -07:00
Manoj Ampalam af4e4113b2
Ported bash based E2E tests and integrated security fix for cve-2018-15473(#346)
- Updated code to dynamic load Lsa functions until RS5 SDK includes them
 - Add conpty support in openssh
- Fixed Wierd characters (?25l) are seen, when logged in from ssh client
- Backspace doesn't work in powershell window
- Changes to support ssh-shellhost as an alternative shell
- Added support to have ssh-shellhost work as a standby shell (ssh-shellhost -c "cmdline") simply executes cmdline via CreateProcess
- Added E2E test cases and fixed unittests broken from prior changes
- Added PTY launch interface that supports both conpty and ssh-shellhost pty.
- Implemented PTY control channel in ssh-shellhost that supports Window resize events.
- Fixed regression with starting a PTY session with an explicit command
- modified ssh-shellhost pty argument to ---pty to remove ambiguity in cases when both -p and -c are present in commandline. Ex. ssh-shellhost.exe -c "myprogram -p -c argument"
2018-10-04 14:16:02 -07:00
djm@openbsd.org 5eff5b858e upstream: Allow ssh_config IdentityAgent directive to accept
environment variable names as well as explicit paths. ok dtucker@

OpenBSD-Commit-ID: 2f0996e103876c53d8c9dd51dcce9889d700767b
2018-10-03 16:39:58 +10:00
djm@openbsd.org ecac7e1f7a upstream: add CASignatureAlgorithms option for the client, allowing
it to specify which signature algorithms may be used by CAs when signing
certificates. Useful if you want to ban RSA/SHA1; ok markus@

OpenBSD-Commit-ID: 9159e5e9f67504829bf53ff222057307a6e3230f
2018-09-20 14:00:29 +10:00
djm@openbsd.org 1b9dd4aa15 upstream: better diagnosics on alg list assembly errors; ok
deraadt@ markus@

OpenBSD-Commit-ID: 5a557e74b839daf13cc105924d2af06a1560faee
2018-08-13 12:42:13 +10:00
Damien Miller 87f08be054 Remove support for S/Key
Most people will 1) be using modern multi-factor authentication methods
like TOTP/OATH etc and 2) be getting support for multi-factor
authentication via PAM or BSD Auth.
2018-07-31 12:59:30 +10:00
dtucker@openbsd.org e655ee04a3 upstream: Now that ssh can't be setuid, remove the
original_real_uid and original_effective_uid globals and replace with calls
to plain getuid(). ok djm@

OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c
2018-07-31 12:20:13 +10:00
dtucker@openbsd.org 73ddb25bae upstream: Remove uid checks from low port binds. Now that ssh
cannot be setuid and sshd always has privsep on, we can remove the uid checks
for low port binds and just let the system do the check. We leave a sanity
check for the !privsep case so long as the code is stil there.  with & ok
djm@

OpenBSD-Commit-ID: 9535cfdbd1cd54486fdbedfaee44ce4367ec7ca0
2018-07-31 12:18:49 +10:00
dtucker@openbsd.org 95d41e90ea upstream: Deprecate UsePrivilegedPort now that support for running
ssh(1) setuid has been removed, remove supporting code and clean up
references to it in the man pages

We have not shipped ssh(1) the setuid bit since 2002.  If ayone
really needs to make connections from a low port number this can
be implemented via a small setuid ProxyCommand.

ok markus@ jmc@ djm@

OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e
2018-07-19 21:44:21 +10:00
dtucker@openbsd.org 258dc8bb07 upstream: Remove support for running ssh(1) setuid and fatal if
attempted. Do not link uidwap.c into ssh any more.  Neuters
UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@
djm@

OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
2018-07-19 21:41:42 +10:00
djm@openbsd.org 312d2f2861 upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA
signature work - returns ability to add/remove/specify algorithms by
wildcard.

Algorithm lists are now fully expanded when the server/client configs
are finalised, so errors are reported early and the config dumps
(e.g. "ssh -G ...") now list the actual algorithms selected.

Clarify that, while wildcards are accepted in algorithm lists, they
aren't full pattern-lists that support negation.

(lots of) feedback, ok markus@

OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207
2018-07-04 23:51:52 +10:00
djm@openbsd.org 89a85d7247 upstream: unbreak SendEnv; patch from tb@
OpenBSD-Commit-ID: fc808daced813242563b80976e1478de95940056
2018-06-11 09:50:06 +10:00
djm@openbsd.org 7082bb58a2 upstream: add a SetEnv directive to ssh_config that allows setting
environment variables for the remote session (subject to the server accepting
them)

refactor SendEnv to remove the arbitrary limit of variable names.

ok markus@

OpenBSD-Commit-ID: cfbb00d9b0e10c1ffff1d83424351fd961d1f2be
2018-06-09 13:11:00 +10:00
markus@openbsd.org 7f90635216 upstream: switch config file parsing to getline(3) as this avoids
static limits noted by gerhard@; ok dtucker@, djm@

OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
2018-06-07 04:34:05 +10:00
djm@openbsd.org 9c935dd9bf upstream: make UID available as a %-expansion everywhere that the
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@

OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
2018-06-01 13:35:59 +10:00
djm@openbsd.org 4b22fd8ece upstream: support ProxyJump=none to disable ProxyJump
functionality; bz#2869 ok dtucker@

OpenBSD-Commit-ID: 1c06ee08eb78451b5837fcfd8cbebc5ff3a67a01
2018-05-22 10:15:18 +10:00
djm@openbsd.org 555294a727 upstream: Allow "SendEnv -PATTERN" to clear environment variables
previously labeled for sendind. bz#1285 ok dtucker@

OpenBSD-Commit-ID: f6fec9e3d0f366f15903094fbe1754cb359a0df9
2018-04-06 23:15:29 +10:00
djm@openbsd.org 30fd7f9af0 upstream: add a couple of missed options to the config dump; patch
from Jakub Jelen via bz2835

OpenBSD-Commit-ID: 5970adadf6ef206bee0dddfc75d24c2019861446
2018-04-06 14:20:33 +10:00
job@openbsd.org 5ee8448ad7 upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for
interactive and CS1 for bulk

AF21 was selected as this is the highest priority within the low-latency
service class (and it is higher than what we have today). SSH is elastic
and time-sensitive data, where a user is waiting for a response via the
network in order to continue with a task at hand. As such, these flows
should be considered foreground traffic, with delays or drops to such
traffic directly impacting user-productivity.

For bulk SSH traffic, the CS1 "Lower Effort" marker was chosen to enable
networks implementing a scavanger/lower-than-best effort class to
discriminate scp(1) below normal activities, such as web surfing. In
general this type of bulk SSH traffic is a background activity.

An advantage of using "AF21" for interactive SSH and "CS1" for bulk SSH
is that they are recognisable values on all common platforms (IANA
https://www.iana.org/assignments/dscp-registry/dscp-registry.xml), and
for AF21 specifically a definition of the intended behavior exists
https://tools.ietf.org/html/rfc4594#section-4.7 in addition to the definition
of the Assured Forwarding PHB group https://tools.ietf.org/html/rfc2597, and
for CS1 (Lower Effort) there is https://tools.ietf.org/html/rfc3662

The first three bits of "AF21" map to the equivalent IEEEE 802.1D PCP, IEEE
802.11e, MPLS EXP/CoS and IP Precedence value of 2 (also known as "Immediate",
or "AC_BE"), and CS1's first 3 bits map to IEEEE 802.1D PCP, IEEE 802.11e,
MPLS/CoS and IP Precedence value 1 ("Background" or "AC_BK").

OK deraadt@, "no objection" djm@

OpenBSD-Commit-ID: d11d2a4484f461524ef0c20870523dfcdeb52181
2018-04-06 14:20:33 +10:00
Manoj Ampalam 2474b9130b Merge branch 'master' of https://github.com/openssh/openssh-portable into up_merge 2018-04-02 13:13:47 -07:00
markus@openbsd.org 1b11ea7c58 upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
2018-02-26 11:40:41 +11:00
djm@openbsd.org ac2e3026bb upstream: Add BindInterface ssh_config directive and -B
command-line argument to ssh(1) that directs it to bind its outgoing
connection to the address of the specified network interface.

BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.

Based on patch by Mike Manning in bz#2820, ok dtucker@

OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713
2018-02-23 13:37:49 +11:00
dtucker@openbsd.org 609d96b3d5 upstream commit
Replace atoi and strtol conversions for integer arguments
to config keywords with a checking wrapper around strtonum.  This will
prevent and flag invalid and negative arguments to these keywords.  ok djm@

OpenBSD-Commit-ID: 99ae3981f3d608a219ccb8d2fff635ae52c17998
2017-12-07 11:49:00 +11:00
Manoj Ampalam 2846d75e56 Merge branch 'master' of https://github.com/openssh/openssh-portable into m_temp 2017-11-16 14:03:24 -08:00
millert@openbsd.org 887669ef03 upstream commit
Add URI support to ssh, sftp and scp.  For example
ssh://user@host or sftp://user@host/path.  The connection parameters
described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since
the ssh fingerprint format in the draft uses md5 with no way to specify the
hash function type.  OK djm@

Upstream-ID: 4ba3768b662d6722de59e6ecb00abf2d4bf9cacc
2017-10-23 16:10:08 +11:00
Manoj Ampalam 6fba3a2ae9 Merge branch 'master' of https://github.com/openssh/openssh-portable into latestw 2017-10-03 14:32:45 -07:00
markus@openbsd.org 609d7a66ce upstream commit
Add 'reverse' dynamic forwarding which combines dynamic
forwarding (-D) with remote forwarding (-R) where the remote-forwarded port
expects SOCKS-requests.

The SSH server code is unchanged and the parsing happens at the SSH
clients side. Thus the full SOCKS-request is sent over the forwarded
channel and the client parses c->output. Parsing happens in
channel_before_prepare_select(), _before_ the select bitmask is
computed in the pre[] handlers, but after network input processing
in the post[] handlers.

help and ok djm@

Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
2017-09-22 09:14:53 +10:00
djm@openbsd.org 22376d27a3 upstream commit
Expand ssh_config's StrictModes option with two new
settings:

StrictModes=accept-new will automatically accept hitherto-unseen keys
but will refuse connections for changed or invalid hostkeys.

StrictModes=off is the same as StrictModes=no

Motivation:

StrictModes=no combines two behaviours for host key processing:
automatically learning new hostkeys and continuing to connect to hosts
with invalid/changed hostkeys. The latter behaviour is quite dangerous
since it removes most of the protections the SSH protocol is supposed to
provide.

Quite a few users want to automatically learn hostkeys however, so
this makes that feature available with less danger.

At some point in the future, StrictModes=no will change to be a synonym
for accept-new, with its current behaviour remaining available via
StrictModes=off.

bz#2400, suggested by Michael Samuel; ok markus

Upstream-ID: 0f55502bf75fc93a74fb9853264a8276b9680b64
2017-09-04 09:38:57 +10:00
Manoj Ampalam f7e6475b96 Merge remote-tracking branch 'openssh/master' into latestw 2017-06-07 21:46:18 -07:00
bluhm@openbsd.org 1112b534a6 upstream commit
Add RemoteCommand option to specify a command in the
ssh config file instead of giving it on the client's command line.  This
command will be executed on the remote host.  The feature allows to automate
tasks using ssh config. OK markus@

Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee
2017-05-31 10:51:09 +10:00
Yanbing 81bcaaa7cf Add mode support in open() and onboard file perm related changes and tests (#145)
PowerShell/Win32-OpenSSH#710
PowerShell/Win32-OpenSSH#725
PowerShell/Win32-OpenSSH#729
PowerShell/Win32-OpenSSH#731
PowerShell/Win32-OpenSSH#732
2017-05-23 21:45:38 -07:00
Manoj Ampalam ba7cf86417 Merge branch 'master' of https://github.com/openssh/openssh-portable into latestw 2017-05-19 23:08:42 -07:00
djm@openbsd.org 947a3e829a upstream commit
there's no reason to artificially limit the key path
here, just check that it fits PATH_MAX; spotted by Matthew Patton

Upstream-ID: 858addaf2009c9cf04d80164a41b2088edb30b58
2017-05-20 14:30:14 +10:00
Yanbing 6b807ae229 file permission on ssh_config, authorized_keys, private keys, host keys, public keys. (#110)
1. Add file permission check when load or add ssh_config, authorized_keys, private keys, host keys,.
2. set the owner and ACE for create secure file, ex, private key in ssh-keygen.exe
3. Update script OpenSSHTestHelper.psm1 to be able to run Install-OpenSSH if the sshd is running on the machine.
4. add OpenSSHBinPath to path.
5. change indents in agentconfig.c
6. update test script to represent the changes
7. Add tests for:
* authorized_keys and ssh-keygen testing
* host keys file perm testing
* user private key file perm testing
* ssh-add test
* user ssh_config
2017-05-01 14:18:20 -07:00
djm@openbsd.org 788ac799a6 upstream commit
remove SSHv1 configuration options and man pages bits

ok markus@

Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424
2017-05-01 10:05:00 +10:00
djm@openbsd.org cdccebdf85 upstream commit
remove SSHv1 ciphers; ok markus@

Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
2017-05-01 10:04:58 +10:00
djm@openbsd.org 99f95ba826 upstream commit
remove options.protocol and client Protocol
configuration knob

ok markus@

Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
2017-05-01 09:38:46 +10:00
djm@openbsd.org 56912dea6e upstream commit
unifdef WITH_SSH1 ok markus@

Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
2017-05-01 09:37:40 +10:00
dtucker@openbsd.org 68d3a2a059 upstream commit
Add SyslogFacility option to ssh(1) matching the
equivalent option in sshd(8).  bz#2705, patch from erahn at arista.com, ok
djm@

Upstream-ID: d5115c2c0193ceb056ed857813b2a7222abda9ed
2017-04-28 13:26:36 +10:00
Manoj Ampalam eab3af4216 Merge branch 'master' of https://github.com/openssh/openssh-portable into latestw 2017-03-10 12:30:28 -08:00
djm@openbsd.org 61b8ef6a66 upstream commit
better match sshd config parser behaviour: fatal() if
line is overlong, increase line buffer to match sshd's; bz#2651 reported by
Don Fong; ok dtucker@

Upstream-ID: b175ae7e0ba403833f1ee566edf10f67443ccd18
2017-03-10 15:35:39 +11:00
dtucker@openbsd.org f6edbe9feb upstream commit
Plug mem leak on GLOB_NOMATCH case.  From jjelen at
redhat.com via bz#2687, ok djm@

Upstream-ID: 8016a7ae97719d3aa55fb723fc2ad3200058340d
2017-03-10 15:25:11 +11:00