Commit Graph

248 Commits

Author SHA1 Message Date
djm@openbsd.org fec014785d upstream: Try to continue running local I/O for channels in state
OPEN during SSH transport rekeying. The most visible benefit is that it
should make ~-escapes work in the client (e.g. to exit) if the connection
happened to have stalled during a rekey event. Based work by and ok dtucker@

OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
2022-04-20 15:08:54 +10:00
Darren Tucker 9fa63a19f6 Put poll.h inside ifdef. 2022-02-10 23:51:02 +11:00
djm@openbsd.org b30d32159d upstream: add a ssh_packet_process_read() function that reads from
a fd directly into the transport input buffer.

Use this in the client and server mainloops to avoid unnecessary
copying. It also lets us use a more greedy read size without penalty.

Yields a 2-3% performance gain on cipher-speed.sh (in a fairly
unscientific test tbf)

feedback dtucker@ ok markus@

OpenBSD-Commit-ID: df4112125bf79d8e38e79a77113e1b373078e632
2022-01-25 12:18:35 +11:00
djm@openbsd.org 0fa3368322 upstream: Fix signature algorithm selection logic for
UpdateHostkeys on the server side. The previous code tried to prefer RSA/SHA2
for hostkey proofs of RSA keys, but missed some cases. This will use RSA/SHA2
signatures for RSA keys if the client proposed these algorithms in initial
KEX. bz3375

Mostly by Dmitry Belyavskiy with some tweaks by me.

ok markus@

OpenBSD-Commit-ID: c17ba0c3236340d2c6a248158ebed042ac6a8029
2022-01-07 09:21:38 +11:00
djm@openbsd.org 17877bc81d upstream: convert ssh, sshd mainloops from select() to poll();
feedback & ok deraadt@ and markus@ has been in snaps for a few months

OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
2022-01-07 09:21:38 +11:00
djm@openbsd.org 073f45c236 upstream: Explicitly check for and start time-based rekeying in the
client and server mainloops.

Previously the rekey timeout could expire but rekeying would not start
until a packet was sent or received. This could cause us to spin in
select() on the rekey timeout if the connection was quiet.

ok markus@

OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987
2021-07-16 19:21:04 +10:00
dtucker@openbsd.org 4bdf7a0479 upstream: Replace SIGCHLD/notify_pipe kludge with pselect.
Previously sshd's SIGCHLD handler would wake up select() by writing a
byte to notify_pipe.  We can remove this by blocking SIGCHLD, checking
for child terminations then passing the original signal mask through
to pselect.  This ensures that the pselect will immediately wake up if
a child terminates between wait()ing on them and the pselect.

In -portable, for platforms that do not have pselect the kludge is still
there but is hidden behind a pselect interface.

Based on other changes for bz#2158, ok djm@

OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813
2021-06-25 15:14:58 +10:00
Damien Miller 2dc328023f sshd don't exit on transient read errors
openssh-8.5 introduced a regression that would cause sshd to exit
because of transient read errors on the network socket (e.g. EINTR,
EAGAIN). Reported by balu.gajjala AT gmail.com via bz3297
2021-04-14 11:42:55 +10:00
djm@openbsd.org 31d8d231eb upstream: highly polished whitespace, mostly fixing spaces-for-tab
and bad indentation on continuation lines. Prompted by GHPR#185

OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
2021-04-03 17:23:02 +11:00
djm@openbsd.org 39be3dc209 upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t
and use that instead of global variables containing copies of it. feedback/ok
markus@

OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
2021-01-27 21:10:57 +11:00
djm@openbsd.org 816036f142 upstream: use the new variant log macros instead of prepending
__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
djm@openbsd.org 183c4aaef9 upstream: start ClientAliveInterval bookkeeping before first pass
through select() loop; fixed theoretical case where busy sshd may ignore
timeouts from client; inspired by and ok dtucker

OpenBSD-Commit-ID: 96bfc4b1f86c7da313882a84755b2b47eb31957f
2020-07-03 17:03:53 +10:00
djm@openbsd.org afeb6a960d upstream: use sshpkt_fatal() instead of plain fatal() for
ssh_packet_write_poll() failures here too as the former yields better error
messages; ok dtucker@

OpenBSD-Commit-ID: 1f7a6ca95bc2b716c2e948fc1370753be772d8e3
2020-01-30 18:22:34 +11:00
djm@openbsd.org 69334996ae upstream: make sshd_config:ClientAliveCountMax=0 disable the
connection killing behaviour, rather than killing the connection after
sending the first liveness test probe (regardless of whether the client was
responsive) bz2627; ok markus

OpenBSD-Commit-ID: 5af79c35f4c9fa280643b6852f524bfcd9bccdaf
2020-01-26 10:15:13 +11:00
djm@openbsd.org 0ecd20bc9f upstream: unrevert this:
> revision 1.217
> date: 2019/11/27 03:34:04;  author: dtucker;  state: Exp;  lines: +5 -7;  commitid: wkiMn49XJyjzoJIs;
> Make channel_id u_int32_t and remove unnecessary check and cast that were
> left over from the type conversion.  Noted by t-hashida@amiya.co.jp in
> bz#3098, ok markus@ djm@

Darren was right the first time; ok dtucker@ "agreed" markus@

OpenBSD-Commit-ID: 641dd1b99a6bbd85b7160da462ae1be83432c7c8
2020-01-25 15:51:20 +11:00
dtucker@openbsd.org 3bf2a6ac79 upstream: Replace all calls to signal(2) with a wrapper around
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
2020-01-23 18:51:25 +11:00
dtucker@openbsd.org 6e1d1bbf5a upstream: Revert previous commit. The channels code still uses int
in many places for channel ids so the INT_MAX check still makes sense.

OpenBSD-Commit-ID: 532e4b644791b826956c3c61d6ac6da39bac84bf
2019-11-28 09:38:11 +11:00
dtucker@openbsd.org 70ec5e5e26 upstream: Make channel_id u_int32_t and remove unnecessary check
and cast that were left over from the type conversion.  Noted by
t-hashida@amiya.co.jp in bz#3098, ok markus@ djm@

OpenBSD-Commit-ID: 3ad105b6a905284e780b1fd7ff118e1c346e90b5
2019-11-27 16:02:46 +11:00
deraadt@openbsd.org 4d28fa78ab upstream: When system calls indicate an error they return -1, not
some arbitrary value < 0.  errno is only updated in this case.  Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-07-05 11:10:39 +10:00
djm@openbsd.org 21da87f439 upstream: fix interaction between ClientAliveInterval and RekeyLimit
that could cause connection to close incorrectly; Report and patch from Jakub
Jelen in bz#2757; ok dtucker@ markus@

OpenBSD-Commit-ID: 17229a8a65bd8e6c2080318ec2b7a61e1aede3fb
2019-03-27 20:30:58 +11:00
dtucker@openbsd.org ab5fee8eb6 upstream: Reset last-seen time when sending a keepalive. Prevents
sending two keepalives successively and prematurely terminating connection
when ClientAliveCount=1.  While there, collapse two similar tests into one.
ok markus@

OpenBSD-Commit-ID: 043670d201dfe222537a2a4bed16ce1087de5ddd
2019-03-08 14:58:30 +11:00
djm@openbsd.org 135e302cfd upstream: fix error in refactor: use ssh_packet_disconnect() instead of
sshpkt_error(). The first one logs the error and exits (what we want) instead
of just logging and blundering on.

OpenBSD-Commit-ID: 39f51b43641dce9ce0f408ea6c0e6e077e2e91ae
2019-01-20 09:45:18 +11:00
djm@openbsd.org 04c091fc19 upstream: remove last references to active_state
with & ok markus@

OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
2019-01-20 09:45:18 +11:00
djm@openbsd.org 7ec5cb4d15 upstream: convert serverloop.c to new packet API
with & ok markus@

OpenBSD-Commit-ID: c92dd19b55457541478f95c0d6b318426d86d885
2019-01-20 09:45:17 +11:00
djm@openbsd.org 0fa174ebe1 upstream: begin landing remaining refactoring of packet parsing
API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.

with & ok markus@

OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2019-01-20 09:02:10 +11:00
dtucker@openbsd.org 73ddb25bae upstream: Remove uid checks from low port binds. Now that ssh
cannot be setuid and sshd always has privsep on, we can remove the uid checks
for low port binds and just let the system do the check. We leave a sanity
check for the !privsep case so long as the code is stil there.  with & ok
djm@

OpenBSD-Commit-ID: 9535cfdbd1cd54486fdbedfaee44ce4367ec7ca0
2018-07-31 12:18:49 +10:00
markus@openbsd.org 5467fbcb09 upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12 13:18:25 +10:00
markus@openbsd.org c3cb7790e9 upstream: sshd: switch config to sshbuf API; ok djm@
OpenBSD-Commit-ID: 72b02017bac7feac48c9dceff8355056bea300bd
2018-07-10 15:25:25 +10:00
djm@openbsd.org 027607fc2d upstream: fix some over-long lines and __func__ up some debug
messages

OpenBSD-Commit-ID: c70a60b4c8207d9f242fc2351941ba50916bb267
2018-06-09 13:10:59 +10:00
djm@openbsd.org 7c85685760 upstream: switch over to the new authorized_keys options API and
remove the legacy one.

Includes a fairly big refactor of auth2-pubkey.c to retain less state
between key file lines.

feedback and ok markus@

OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
2018-03-03 14:37:16 +11:00
Darren Tucker 389125b25d Replace remaining mysignal() with signal().
These seem to have been missed during the replacement of mysignal
with #define signal in commit 5ade9ab.  Both include the requisite
headers to pick up the #define.
2018-02-15 22:06:26 +11:00
dtucker@openbsd.org 05046d907c upstream Don't reset signal handlers inside handlers.
The signal handlers from the original ssh1 code on which OpenSSH
is based assume unreliable signals and reinstall their handlers.
Since OpenBSD (and pretty much every current system) has reliable
signals this is not needed.  In the unlikely even that -portable
is still being used on such systems we will deal with it in the
compat layer.  ok deraadt@

OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c
2018-02-13 09:29:09 +11:00
Darren Tucker 3c51143c63 Whitespace sync with upstream. 2018-02-13 09:07:29 +11:00
djm@openbsd.org 14b5c635d1 upstream commit
Drop compatibility hacks for some ancient SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*.

These versions were all released in or before 2001 and predate the
final SSH RFCs. The hacks in question aren't necessary for RFC-
compliant SSH implementations.

ok markus@

OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2018-01-23 16:40:29 +11:00
djm@openbsd.org 7860731ef1 upstream commit
unbreak hostkey rotation; attempting to sign with a
desired signature algorithm of kex->hostkey_alg is incorrect when the key
type isn't capable of making those signatures. ok markus@

OpenBSD-Commit-ID: 35ae46864e1f5859831ec0d115ee5ea50953a906
2017-12-19 15:21:37 +11:00
djm@openbsd.org 04c7e28f83 upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@

OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-12-19 15:21:37 +11:00
dtucker@openbsd.org 48c23a39a8 upstream commit
Put remote client info back into the ClientAlive
connection termination message.  Based in part on diff from  lars.nooden at
gmail, ok djm

OpenBSD-Commit-ID: 80a0f619a29bbf2f32eb5297a69978a0e05d0ee0
2017-12-12 10:32:04 +11:00
djm@openbsd.org b7548b12a6 upstream commit
Expose devices allocated for tun/tap forwarding.

At the client, the device may be obtained from a new %T expansion
for LocalCommand.

At the server, the allocated devices will be listed in a
SSH_TUNNEL variable exposed to the environment of any user sessions
started after the tunnel forwarding was established.

ok markus

Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
2017-10-23 16:14:30 +11:00
Damien Miller 871f1e4374 adapt portable to channels API changes 2017-09-12 18:01:35 +10:00
djm@openbsd.org 9f53229c2a upstream commit
Make remote channel ID a u_int

Previously we tracked the remote channel IDs in an int, but this is
strictly incorrect: the wire protocol uses uint32 and there is nothing
in-principle stopping a SSH implementation from sending, say, 0xffff0000.

In practice everyone numbers their channels sequentially, so this has
never been a problem.

ok markus@

Upstream-ID: b9f4cd3dc53155b4a5c995c0adba7da760d03e73
2017-09-12 17:37:03 +10:00
djm@openbsd.org dbee4119b5 upstream commit
refactor channels.c

Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.

Explicitly pass "struct ssh" to all channels functions.

Replace use of the legacy packet APIs in channels.c.

Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.

ok markus@

Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
2017-09-12 17:37:02 +10:00
djm@openbsd.org 71e5a536ec upstream commit
pass packet state down to some of the channels function
(more to come...); ok markus@

Upstream-ID: d8ce7a94f4059d7ac1e01fb0eb01de0c4b36c81b
2017-09-04 09:38:57 +10:00
dtucker@openbsd.org 42a8f8bc28 upstream commit
Tweak previous keepalive commit: if last_time + keepalive
<= now instead of just "<" so client_alive_check will fire if the select
happens to return on exact second of the timeout.  ok djm@

Upstream-ID: e02756bd6038d11bb8522bfd75a4761c3a684fcc
2017-08-12 16:47:10 +10:00
dtucker@openbsd.org b60ff20051 upstream commit
Keep track of the last time we actually heard from the
client and use this to also schedule a client_alive_check().  Prevents
activity on a forwarded port from indefinitely preventing the select timeout
so that client_alive_check() will eventually (although not optimally) be
called.

Analysis by willchan at google com via bz#2756, feedback & ok djm@

Upstream-ID: c08721e0bbda55c6d18e2760f3fe1b17fb71169e
2017-08-12 16:47:10 +10:00
markus@openbsd.org 92e9fe6331 upstream commit
remove now obsolete ctx from ssh_dispatch_run; ok djm@

Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
2017-06-01 14:53:33 +10:00
markus@openbsd.org 2ae666a8fc upstream commit
protocol handlers all get struct ssh passed; ok djm@

Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
2017-05-31 10:50:05 +10:00
dtucker@openbsd.org 858252fb1d upstream commit
Return true reason for port forwarding failures where
feasible rather than always "administratively prohibited".  bz#2674, ok djm@

Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419
2017-02-03 14:23:24 +11:00
djm@openbsd.org 51045869fa upstream commit
unbreak Unix domain socket forwarding for root; ok
markus@

Upstream-ID: 6649c76eb7a3fa15409373295ca71badf56920a2
2017-01-30 11:05:18 +11:00
djm@openbsd.org b737e4d743 upstream commit
disable Unix-domain socket forwarding when privsep is
disabled

Upstream-ID: ab61516ae0faadad407857808517efa900a0d6d0
2016-12-14 11:51:52 +11:00
djm@openbsd.org 7844f357cd upstream commit
Add a sshd_config DisableForwaring option that disables
X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as
anything else we might implement in the future.

This, like the 'restrict' authorized_keys flag, is intended to be a
simple and future-proof way of restricting an account. Suggested as
a complement to 'restrict' by Jann Horn; ok markus@

Upstream-ID: 203803f66e533a474086b38a59ceb4cf2410fcf7
2016-11-30 19:44:01 +11:00