Commit Graph

5353 Commits

Author SHA1 Message Date
Damien Miller 1be2cc4496 - djm@cvs.openbsd.org 2008/12/09 02:39:59
[sftp.c]
     Deal correctly with failures in remote stat() operation in sftp,
     correcting fail-on-error behaviour in batchmode. bz#1541 report and
     fix from anedvedicky AT gmail.com; ok markus@
2008-12-09 14:11:49 +11:00
Damien Miller 586b00532f - djm@cvs.openbsd.org 2008/12/09 02:38:18
[clientloop.c]
     The ~C escape handler does not work correctly for multiplexed sessions -
     it opens a commandline on the master session, instead of on the slave
     that requested it. Disable it on slave sessions until such time as it
     is fixed; bz#1543 report from Adrian Bridgett via Colin Watson
     ok markus@
2008-12-09 14:11:32 +11:00
Damien Miller 16a73076b7 - markus@cvs.openbsd.org 2008/12/02 19:09:38
[channels.c]
     s/remote_id/id/ to be more consistent with other code; ok djm@
2008-12-08 09:55:25 +11:00
Damien Miller 5a33ec68bc - markus@cvs.openbsd.org 2008/12/02 19:08:59
[serverloop.c]
     backout 1.149, since it's not necessary and openssh clients send
     broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@
2008-12-08 09:55:02 +11:00
Damien Miller 8533c7801d - markus@cvs.openbsd.org 2008/12/02 19:01:07
[clientloop.c]
     we have to use the recipient's channel number (RFC 4254) for
     SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages,
     otherwise we trigger 'Non-public channel' error messages on sshd
     systems with clientkeepalive enabled; noticed by sturm; ok djm;
2008-12-08 09:54:40 +11:00
Damien Miller 7df2e40074 - (djm) [configure.ac] bz#1538: better test for ProPolice/SSP: actually
use some stack in main().
   Report and suggested fix from vapier AT gentoo.org
2008-12-08 09:35:36 +11:00
Darren Tucker 23645649bb - dtucker@cvs.openbsd.org 2008/11/30 11:59:26
[monitor_fdpass.c]
     Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@
2008-12-01 21:42:13 +11:00
Darren Tucker 99d11a3ed2 - markus@cvs.openbsd.org 2008/11/21 15:47:38
[packet.c]
     packet_disconnect() on padding error, too.  should reduce the success
     probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
     ok djm@
2008-12-01 21:40:48 +11:00
Darren Tucker 83795d61d2 - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files
and tweak the is-sshd-running check in ssh-host-config.  Patch from
   vinschen at redhat com.
2008-12-01 21:34:28 +11:00
Darren Tucker d3782b4e76 cmsg thing was originally spotted by des 2008-11-23 19:05:53 +11:00
Darren Tucker 69087eae6d - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some
declarations, removing an unnecessary union member and adding whitespace.
    ok djm some time ago.
2008-11-23 14:03:19 +11:00
Tim Rice 0f4d2c02f2 - (tim) [addrmatch.c configure.ac] Some platforms do not have sin6_scope_id
member of sockaddr_in6. Also reported in Bug 1491 by David Leonard. OK and
   feedback by djm@
2008-11-18 21:26:41 -08:00
Damien Miller edecb37a4b test commit 2008-11-19 11:54:24 +11:00
Darren Tucker 4a6f62d4ae - djm@cvs.openbsd.org 2008/11/10 02:06:35
[regress/putty-ciphers.sh]
     PuTTY supports AES CTR modes, so interop test against them too
2008-11-11 16:55:25 +11:00
Darren Tucker 22662e880f - stevesk@cvs.openbsd.org 2008/11/11 03:55:11
[channels.c]
     for sshd -T print 'permitopen any' vs. 'permitopen' for case of no
     permitopen's; ok and input dtucker@
2008-11-11 16:40:22 +11:00
Darren Tucker 49c31c4225 - stevesk@cvs.openbsd.org 2008/11/11 02:58:09
[servconf.c]
     USE_AFS not referenced so remove #ifdef.  fixes sshd -T not printing
     kerberosgetafstoken. ok dtucker@
     (Id sync only, we still want the ifdef in portable)
2008-11-11 16:39:44 +11:00
Darren Tucker 63917bd0da - tobias@cvs.openbsd.org 2008/11/09 12:34:47
[session.c ssh.1]
     typo fixed (overriden -> overridden)
     ok espie, jmc
2008-11-11 16:33:48 +11:00
Darren Tucker c6d744e9cd - dtucker@cvs.openbsd.org 2008/11/07 23:34:48
[auth2-jpake.c]
     Move JPAKE define to make life easier for portable.  ok djm@
2008-11-11 16:33:03 +11:00
Darren Tucker b57fab6b0b - stevesk@cvs.openbsd.org 2008/11/07 18:50:18
[nchan.c]
     add space to some log/debug messages for readability; ok djm@ markus@
2008-11-11 16:32:25 +11:00
Darren Tucker e15fb09847 - stevesk@cvs.openbsd.org 2008/11/07 00:42:12
[ssh-keygen.c]
     spelling/typo in comment
2008-11-11 16:31:43 +11:00
Darren Tucker ff4350e1b8 - (dtucker) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2008/11/05 11:22:54
     [servconf.c]
     passord -> password;
     fixes user/5975 from Rene Maroufi
2008-11-11 16:31:05 +11:00
Damien Miller 0164cb8a87 - stevesk@cvs.openbsd.org 2008/11/05 03:23:09
[clientloop.c ssh.1]
     add dynamic forward escape command line; ok djm@
2008-11-05 16:30:31 +11:00
Damien Miller 1a0442fce8 - stevesk@cvs.openbsd.org 2008/11/04 19:18:00
[readconf.c]
     because parse_forward() is now used to parse all forward types (DLR),
     and it malloc's space for host variables, we don't need to malloc
     here.  fixes small memory leaks.

     previously dynamic forwards were not parsed in parse_forward() and
     space was not malloc'd in that case.

     ok djm@
2008-11-05 16:30:06 +11:00
Damien Miller 01ed2272a1 - djm@cvs.openbsd.org 2008/11/04 08:22:13
[auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
     [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
     [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
     [Makefile.in]
     Add support for an experimental zero-knowledge password authentication
     method using the J-PAKE protocol described in F. Hao, P. Ryan,
     "Password Authenticated Key Exchange by Juggling", 16th Workshop on
     Security Protocols, Cambridge, April 2008.

     This method allows password-based authentication without exposing
     the password to the server. Instead, the client and server exchange
     cryptographic proofs to demonstrate of knowledge of the password while
     revealing nothing useful to an attacker or compromised endpoint.

     This is experimental, work-in-progress code and is presently
     compiled-time disabled (turn on -DJPAKE in Makefile.inc).

     "just commit it.  It isn't too intrusive." deraadt@
2008-11-05 16:20:46 +11:00
Damien Miller 6f66d34308 - djm@cvs.openbsd.org 2008/11/04 07:58:09
[auth.c]
     need unistd.h for close() prototype
     (ID sync only)
2008-11-05 16:12:54 +11:00
Damien Miller 7fc5c0f621 - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/11/03 08:59:41
     [servconf.c]
     include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.gov
2008-11-05 16:12:11 +11:00
Damien Miller 250071fd77 - (djm) [contrib/sshd.pam.generic contrib/caldera/sshd.pam]
[contrib/redhat/sshd.pam] Move pam_nologin to account group from
   incorrect auth group in example files;
   patch from imorgan AT nas.nasa.gov
2008-11-03 20:18:12 +11:00
Damien Miller 85dec73463 - (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd]
Make example scripts generate keys with default sizes rather than fixed,
   non-default 1024 bits; patch from imorgan AT nas.nasa.gov
2008-11-03 20:16:01 +11:00
Damien Miller f4b39538f4 - stevesk@cvs.openbsd.org 2008/11/03 02:44:41
[readconf.c]
     fix comment
2008-11-03 19:28:21 +11:00
Damien Miller a279d252ab - stevesk@cvs.openbsd.org 2008/11/03 01:07:02
[readconf.c]
     remove valueless comment
2008-11-03 19:28:07 +11:00
Damien Miller 660d7dabc0 - stevesk@cvs.openbsd.org 2008/11/02 00:16:16
[ttymodes.c]
     protocol 2 tty modes support is now 7.5 years old so remove these
     debug3()s; ok deraadt@
2008-11-03 19:27:52 +11:00
Damien Miller a699d952e5 - stevesk@cvs.openbsd.org 2008/11/01 17:40:33
[clientloop.c readconf.c readconf.h ssh.c]
     merge dynamic forward parsing into parse_forward(); 'i think this is OK' djm@
2008-11-03 19:27:34 +11:00
Damien Miller c1719f7f0d - sobrado@cvs.openbsd.org 2008/11/01 11:14:36
[ssh-keyscan.1 ssh-keyscan.c]
     the ellipsis is not an optional argument; while here, improve spacing.
2008-11-03 19:27:07 +11:00
Damien Miller a009433333 - stevesk@cvs.openbsd.org 2008/11/01 06:43:33
[channels.c]
     fix some typos in log messages; ok djm@
2008-11-03 19:26:35 +11:00
Damien Miller f7475d7e97 - djm@cvs.openbsd.org 2008/11/01 04:50:08
[sshconnect2.c]
     sprinkle ARGSUSED on dispatch handlers
     nuke stale unusued prototype
2008-11-03 19:26:18 +11:00
Damien Miller 2b20a92b7b - stevesk@cvs.openbsd.org 2008/10/31 15:05:34
[dispatch.c]
     remove unused #define DISPATCH_MIN; ok markus@
2008-11-03 19:26:00 +11:00
Damien Miller e7261c7e36 - stevesk@cvs.openbsd.org 2008/10/30 19:31:16
[clientloop.c sshd.c]
     don't need to #include "monitor_fdpass.h"
2008-11-03 19:25:40 +11:00
Damien Miller a414cd3b19 - stevesk@cvs.openbsd.org 2008/10/17 18:36:24
[ssh_config.5]
     correct and clarify VisualHostKey; ok jmc@
2008-11-03 19:25:21 +11:00
Damien Miller ece92c8c5e - stevesk@cvs.openbsd.org 2008/10/14 18:11:33
[sshconnect.c]
     use #define ROQUIET here; no binary change. ok dtucker@
2008-11-03 19:25:03 +11:00
Damien Miller 2f54adabbb - stevesk@cvs.openbsd.org 2008/10/10 05:00:12
[key.c]
     typo in error message; ok djm@
2008-11-03 19:24:16 +11:00
Damien Miller b4acb47f5f - stevesk@cvs.openbsd.org 2008/10/10 04:55:16
[scp.c]
     spelling in comment; ok djm@
2008-11-03 19:23:45 +11:00
Damien Miller c13c3ee44a - jmc@cvs.openbsd.org 2008/10/09 06:54:22
[ssh.c]
     add -y to usage();
2008-11-03 19:23:28 +11:00
Damien Miller 51bde6000a - djm@cvs.openbsd.org 2008/10/09 03:50:54
[servconf.c sshd_config.5]
     support setting PermitEmptyPasswords in a Match block
     requested in PR3891; ok dtucker@
2008-11-03 19:23:10 +11:00
Damien Miller e272a5bb29 - djm@cvs.openbsd.org 2008/10/08 23:34:03
[ssh.1 ssh.c]
     Add -y option to force logging via syslog rather than stderr.
     Useful for daemonised ssh connection (ssh -f). Patch originally from
     and ok'd by markus@
2008-11-03 19:22:37 +11:00
Damien Miller c4d1b36cc2 aadt@cvs.openbsd.org 2008/10/03 23:56:28
[sshconnect2.c]
     Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the
     function.
     spotted by des@freebsd, who commited an incorrect fix to the freebsd tree
     and (as is fairly typical) did not report the problem to us.  But this fix
     is correct.
     ok djm
2008-11-03 19:22:09 +11:00
Damien Miller 49b78d4fbc - jmc@cvs.openbsd.org 2008/10/03 13:08:12
[sshd.8]
     do not give an example of how to chmod files: we can presume the user
     knows that. removes an ambiguity in the permission of authorized_keys;
     ok deraadt
2008-11-03 19:21:21 +11:00
Damien Miller d58f56000c - millert@cvs.openbsd.org 2008/10/02 14:39:35
[session.c]
     Convert an unchecked strdup to xstrdup.  OK deraadt@
2008-11-03 19:20:49 +11:00
Damien Miller 456e6f0ebb - markus@cvs.openbsd.org 2008/09/11 14:22:37
[compat.c compat.h nchan.c ssh.c]
     only send eow and no-more-sessions requests to openssh 5 and newer;
     fixes interop problems with broken ssh v2 implementations; ok djm@
2008-11-03 19:20:10 +11:00
Damien Miller 15bce6b8f0 - djm@cvs.openbsd.org 2008/09/06 12:24:13
[kex.c]
     OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need our
     replacement anymore
     (ID sync only for portable - we still need this)
2008-11-03 19:19:12 +11:00
Damien Miller ad793d59a9 - djm@cvs.openbsd.org 2008/08/21 04:09:57
[session.c]
     allow ForceCommand internal-sftp with arguments. based on patch from
     michael.barabanov AT gmail.com; ok markus@
2008-11-03 19:17:57 +11:00
Damien Miller fa51b1626c - krw@cvs.openbsd.org 2008/08/02 04:29:51
[ssh_config.5]
     whitepsace -> whitespace. From Matthew Clarke via bugs@.
2008-11-03 19:17:33 +11:00
Damien Miller c674d580dc - markus@cvs.openbsd.org 2008/07/31 14:48:28
[sshconnect2.c]
     don't allocate space for empty banners; report t8m at centrum.cz;
     ok deraadt
2008-11-03 19:16:57 +11:00
Damien Miller c6aadd994d - grunk@cvs.openbsd.org 2008/07/25 07:05:16
[key.c]
     In random art visualization, make sure to use the end marker only at the
     end.  Initial diff by Dirk Loss, tweaks and ok djm@
2008-11-03 19:16:20 +11:00
Damien Miller 9f6fb56ab8 - grunk@cvs.openbsd.org 2008/07/25 06:56:35
[ssh_config]
     Add VisualHostKey to example file, ok djm@
2008-11-03 19:15:44 +11:00
Darren Tucker c570ff7fa4 - (dtucker) [config.guess config.sub] Update to latest versions from
http://git.savannah.gnu.org/gitweb/ (2008-04-14 and 2008-06-16
   respectively).
2008-09-06 18:20:57 +10:00
Darren Tucker 661f63b7d2 - (dtucker) [openbsd-compat/bsd-poll.c] correctly check for number of FDs
larger than FD_SETSIZE (OpenSSH only ever uses poll with one fd).  Patch
   from Nicholas Marriott.
2008-08-30 07:32:37 +10:00
Damien Miller 212f0b0879 - (djm) [servconf.c] Print UsePAM option in config test mode (when it
has been compiled in); report from nix-corp AT esperi.org.uk
   ok dtucker@
2008-07-23 17:42:29 +10:00
Damien Miller 6ef430dcc3 - djm@cvs.openbsd.org 2008/07/23 07:36:55
[servconf.c]
     do not try to print options that have been compile-time disabled
     in config test mode (sshd -T); report from nix-corp AT esperi.org.uk
     ok dtucker@
2008-07-23 17:40:04 +10:00
Damien Miller 8f42e9b75a - (djm) Release OpenSSH-5.1 2008-07-21 18:22:25 +10:00
Damien Miller 1f8909c2c2 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
[contrib/suse/openssh.spec] Update version number in README and RPM specs
2008-07-21 18:21:52 +10:00
Damien Miller aaae43e7d3 - djm@cvs.openbsd.org 2008/07/21 08:19:07
[version.h]
     openssh-5.1
2008-07-21 18:21:05 +10:00
Damien Miller aa5f433287 - jmc@cvs.openbsd.org 2008/07/18 22:51:01
[sftp-server.8]
     no need for .Pp before or after .Sh;
2008-07-21 18:20:39 +10:00
Damien Miller 2e28d8622d - (djm) [sshconnect2.c] vis.h isn't available everywhere 2008-07-17 19:15:43 +10:00
Darren Tucker 9a3f2b4cc3 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Remove long-unneeded compat
code, replace with equivalent cygwin library call.  Patch from vinschen
   at redhat.comi, ok djm@.
2008-07-17 19:03:49 +10:00
Damien Miller a1d03a5069 - djm@cvs.openbsd.org 2008/07/17 08:51:07
[auth2-hostbased.c]
     strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes
     report and patch from res AT qoxp.net (bz#1200); ok markus@
2008-07-17 18:57:19 +10:00
Damien Miller 7ba0ca7f6f - djm@cvs.openbsd.org 2008/07/17 08:48:00
[sshconnect2.c]
     strnvis preauth banner; pointed out by mpf@ ok markus@
2008-07-17 18:57:06 +10:00
Damien Miller 6ef17495e9 - djm@cvs.openbsd.org 2008/07/16 11:52:19
[channels.c]
     this loop index should be automatic, not static
2008-07-16 22:42:06 +10:00
Damien Miller b9d3bee003 - djm@cvs.openbsd.org 2008/07/16 11:51:14
[clientloop.c]
     rename variable first_gc -> last_gc (since it is actually the last
     in the list).
2008-07-16 22:40:52 +10:00
Damien Miller 94717b0be1 - djm@cvs.openbsd.org 2008/07/15 02:23:14
[sftp.1]
     number of pipelined requests is now 64;
     prodded by Iain.Morgan AT nasa.gov
2008-07-16 21:17:23 +10:00
Damien Miller c4657ef181 - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h]
return EAI_FAMILY when trying to lookup unsupported address family;
   from vinschen AT redhat.com
2008-07-14 21:37:36 +10:00
Damien Miller 1fc231cbb5 - (djm) [contrib/cygwin/Makefile contrib/cygwin/ssh-host-config]
[contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd]
   Revamped and simplified Cygwin ssh-host-config script that uses
   unified csih configuration tool. Requires recent Cygwin.
   Patch from vinschen AT redhat.com
2008-07-14 12:12:52 +10:00
Damien Miller 276571c29d - djm@cvs.openbsd.org 2008/07/14 01:55:56
[sftp-server.8]
     mention requirement for /dev/log inside chroot when using sftp-server
     with ChrootDirectory
2008-07-14 12:09:57 +10:00
Damien Miller 36d7056f4d - (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash;
reported by cristian.ionescu-idbohrn AT axis.com
2008-07-14 12:04:43 +10:00
Damien Miller 639ce593d4 - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close()
prototype; reported by cristian.ionescu-idbohrn AT axis.com
2008-07-14 12:03:27 +10:00
Damien Miller ce02e5e09e - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to
avoid clash with sin(3) function; reported by
   cristian.ionescu-idbohrn AT axis.com
2008-07-14 12:02:24 +10:00
Damien Miller 7f980d1ac7 - djm@cvs.openbsd.org 2008/07/13 22:16:03
[sftp.c]
     increase number of piplelined requests so they properly fill the
     (recently increased) channel window. prompted by rapier AT psc.edu;
     ok markus@
2008-07-14 11:29:24 +10:00
Damien Miller 163886ff71 - djm@cvs.openbsd.org 2008/07/13 22:13:07
[channels.c]
     use struct sockaddr_storage instead of struct sockaddr for accept(2)
     address argument. from visibilis AT yahoo.com in bz#1485; ok markus@
2008-07-14 11:28:58 +10:00
Damien Miller 81dec0589a - sthen@cvs.openbsd.org 2008/07/13 21:22:52
[ssh-keygen.c]
     Change "ssh-keygen -F [host] -l" to not display random art unless
     -v is also specified, making it consistent with the manual and other
     uses of -l.
     ok grunk@
2008-07-14 11:28:29 +10:00
Damien Miller a034baf1b9 - djm@cvs.openbsd.org 2008/07/12 05:33:41
[scp.1]
     better description for -i flag:
     s/RSA authentication/public key authentication/
2008-07-12 17:12:49 +10:00
Damien Miller 2bcb866327 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/07/12 04:52:50
     [channels.c]
     unbreak; move clearing of cctx struct to before first use
     reported by dkrause@
2008-07-12 17:12:29 +10:00
Damien Miller b61f3fc31f - markus@cvs.openbsd.org 2008/07/10 18:08:11
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
     sync v1 and v2 traffic accounting; add it to sshd, too;
     ok djm@, dtucker@
2008-07-11 17:36:48 +10:00
Damien Miller dda5fffb84 - markus@cvs.openbsd.org 2008/07/10 18:05:58
[channels.c]
     missing bzero; from mickey; ok djm@
2008-07-11 17:35:37 +10:00
Damien Miller 87dd5f2804 - stevesk@cvs.openbsd.org 2008/07/07 23:32:51
[key.c]
     /*NOTREACHED*/ for lint warning:
       warning: function key_equal falls off bottom without returning value
     ok djm@
2008-07-11 17:35:09 +10:00
Damien Miller 2f7faf19d5 - stevesk@cvs.openbsd.org 2008/07/07 00:31:41
[ttymodes.c]
     we don't need arg after the debug3() was removed.  from lint.
     ok djm@
2008-07-11 17:34:35 +10:00
Damien Miller 73193b3693 - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x 2008-07-09 21:07:19 +10:00
Damien Miller 7acf550aeb - (djm) [auth.c] Missing unistd.h for close() 2008-07-09 20:54:37 +10:00
Damien Miller 773a7b98f9 - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM
account check failure path. The vulnerable format buffer is supplied
   from PAM and should not contain attacker-supplied data.
2008-07-09 20:54:05 +10:00
Damien Miller d9648eee7c - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass 2008-07-09 00:21:12 +10:00
Damien Miller c9c96f2e28 - djm@cvs.openbsd.org 2008/07/05 05:16:01
[PROTOCOL]
     grammar
2008-07-05 15:17:48 +10:00
Damien Miller ff2e492028 - (djm) [configure.ac] unbreak: remove extra closing brace 2008-07-05 09:52:03 +10:00
Damien Miller 42743cb6ba - (djm) [Makefile.in] Pass though pass to conch for interop tests 2008-07-05 09:50:23 +10:00
Damien Miller 0b4d48ba74 - djm@cvs.openbsd.org 2008/07/04 23:30:16
[auth1.c auth2.c]
     Make protocol 1 MaxAuthTries logic match protocol 2's.
     Do not treat the first protocol 2 authentication attempt as
     a failure IFF it is for method "none".
     Makes MaxAuthTries' user-visible behaviour identical for
     protocol 1 vs 2.
     ok dtucker@
2008-07-05 09:44:53 +10:00
Damien Miller d874fa517b - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/07/04 23:08:25
     [packet.c]
     handle EINTR in packet_write_poll()l ok dtucker@
2008-07-05 09:40:56 +10:00
Damien Miller 20d1694719 - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for
Tru64. readv doesn't seem to be a comparable object there.
   bz#1386, patch from dtucker@ ok me
2008-07-05 09:36:58 +10:00
Damien Miller 22989f1b5e - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed
passwords disabled. bz#1083 report & patch from senthilkumar_sen AT
   hotpop.com, w/ dtucker@
2008-07-05 08:59:43 +10:00
Damien Miller d8968adb5f - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
[packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
   [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
   some platforms (HP nonstop) it is a distinct errno;
   bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
2008-07-04 23:10:49 +10:00
Darren Tucker b01bac109b - djm@cvs.openbsd.org 2008/06/30 10:43:03
[regress/conch-ciphers.sh]
     explicitly disable conch options that could interfere with the test
2008-07-04 17:11:30 +10:00
Darren Tucker 5d6d70a842 - djm@cvs.openbsd.org 2008/06/30 10:31:11
[putty-transfer.sh putty-kex.sh putty-ciphers.sh]
     remove "set -e" left over from debugging
2008-07-04 17:10:30 +10:00
Darren Tucker 8c7a14ea28 - djm@cvs.openbsd.org 2008/06/30 08:07:34
[key-options.sh]
     shell portability: use "=" instead of "==" in test(1) expressions,
     double-quote string with backslash escaped /
2008-07-04 17:08:58 +10:00
Darren Tucker f7fa706e70 - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link
returns EXDEV.  Patch from Mike Garrison, ok djm@
2008-07-04 14:10:19 +10:00
Darren Tucker 2784f1fcc3 - dtucker@cvs.openbsd.org 2008/07/04 03:47:02
[monitor.c]
     Make debug a little clearer.  ok djm@
2008-07-04 13:51:45 +10:00
Darren Tucker b03fd02aed - djm@cvs.openbsd.org 2008/07/04 03:44:59
[servconf.c groupaccess.h groupaccess.c]
     support negation of groups in "Match group" block (bz#1315); ok dtucker@
2008-07-04 13:51:12 +10:00
Darren Tucker f5cafb0c85 - otto@cvs.openbsd.org 2008/07/03 21:46:58
[auth2-pubkey.c]
     avoid nasty double free; ok dtucker@ djm@
2008-07-04 12:54:25 +10:00
Darren Tucker 9a2a60986b - djm@cvs.openbsd.org 2008/07/02 13:47:39
[ssh.1 ssh.c]
     When forking after authentication ("ssh -f") with ExitOnForwardFailure
     enabled, delay the fork until after replies for any -R forwards have
     been seen. Allows for robust detection of -R forward failure when
     using -f (similar to bz#92); ok dtucker@
2008-07-04 12:53:50 +10:00
Darren Tucker 7c99b1ceda - djm@cvs.openbsd.org 2008/07/02 13:30:34
[auth2.c]
     really really remove the freebie "none" auth try for protocol 2
2008-07-04 12:53:23 +10:00
Darren Tucker 4230a5dc30 - djm@cvs.openbsd.org 2008/07/02 12:36:39
[auth2-none.c auth2.c]
     Make protocol 2 MaxAuthTries behaviour a little more sensible:
     Check whether client has exceeded MaxAuthTries before running
     an authentication method and skip it if they have, previously it
     would always allow one try (for "none" auth).
     Preincrement failure count before post-auth test - previously this
     checked and postincremented, also to allow one "none" try.
     Together, these two changes always count the "none" auth method
     which could be skipped by a malicious client (e.g. an SSH worm)
     to get an extra attempt at a real auth method. They also make
     MaxAuthTries=0 a useful way to block users entirely (esp. in a
     sshd_config Match block).
     Also, move sending of any preauth banner from "none" auth method
     to the first call to input_userauth_request(), so worms that skip
     the "none" method get to see it too.
2008-07-02 22:56:09 +10:00
Darren Tucker 33c787f23c - dtucker@cvs.openbsd.org 2008/07/02 12:03:51
[auth-rsa.c auth.c auth2-pubkey.c auth.h]
     Merge duplicate host key file checks, based in part on a patch from Rob
     Holland via bz #1348 .  Also checks for non-regular files during protocol
     1 RSA auth.  ok djm@
2008-07-02 22:37:30 +10:00
Darren Tucker 7499b0cca0 - djm@cvs.openbsd.org 2008/07/02 02:24:18
[sshd_config sshd_config.5 sshd.8 servconf.c]
     increase default size of ssh protocol 1 ephemeral key from 768 to 1024
     bits; prodded by & ok dtucker@ ok deraadt@
2008-07-02 22:35:43 +10:00
Darren Tucker f2e21dec68 - stevesk@cvs.openbsd.org 2008/07/01 23:12:47
[PROTOCOL.agent]
     fix some typos; ok djm@
2008-07-02 22:35:00 +10:00
Darren Tucker d7bdc0c8e8 - dtucker@cvs.openbsd.org 2008/07/01 07:24:22
[sshconnect.c sshd.c]
     Send CR LF during protocol banner exchanges, but only for Protocol 2 only,
     in order to comply with RFC 4253.  bz #1443, ok djm@
2008-07-02 22:34:30 +10:00
Darren Tucker 068e01f53f - dtucker@cvs.openbsd.org 2008/07/01 07:20:52
[sshconnect.c]
     Check ExitOnForwardFailure if forwardings are disabled due to a failed
     host key check.  ok djm@
2008-07-02 22:33:55 +10:00
Darren Tucker 1f781b194f - djm@cvs.openbsd.org 2008/06/30 12:18:34
[PROTOCOL]
     clarify that eow@openssh.com is only sent on session channels
2008-07-02 22:33:16 +10:00
Darren Tucker 8748b96522 - djm@cvs.openbsd.org 2008/06/30 12:16:02
[nchan.c]
     only send eow@openssh.com notifications for session channels; ok! markus@
2008-07-02 22:32:43 +10:00
Darren Tucker 8810dd41b9 - djm@cvs.openbsd.org 2008/06/30 12:15:39
[serverloop.c]
     only pass channel requests on session channels through to the session
     channel handler, avoiding spurious log messages; ok! markus@
2008-07-02 22:32:14 +10:00
Darren Tucker 00f00f0451 - djm@cvs.openbsd.org 2008/06/30 08:05:59
[PROTOCOL.agent]
      typo: s/constraint_date/constraint_data/
2008-07-02 22:31:31 +10:00
Damien Miller a766cea689 - (djm) [regress/Makefile] search for conch by path, like we do putty 2008-06-30 08:12:37 +10:00
Damien Miller 4268a136d4 - djm@cvs.openbsd.org 2008/06/28 13:57:25
[regress/Makefile regress/test-exec.sh regress/conch-ciphers.sh]
     very basic regress test against Twisted Conch in "make interop"
     target (conch is available in ports/devel/py-twisted/conch);
     ok markus@
2008-06-30 08:07:56 +10:00
Damien Miller d9bfce83b7 - dtucker@cvs.openbsd.org 2008/06/11 23:11:40
[Makefile]
     Don't run cipher-speed test by default; mistakenly enabled by me
2008-06-30 08:06:51 +10:00
Damien Miller 2e80cf2b63 - dtucker@cvs.openbsd.org 2008/06/10 23:13:43
[regress/Makefile regress/key-options.sh]
     Add regress test for key options.  ok djm@
2008-06-30 08:06:25 +10:00
Damien Miller 1e18beb1e7 - djm@cvs.openbsd.org 2008/06/28 14:08:30
[PROTOCOL PROTOCOL.agent]
     document the protocol used by ssh-agent; "looks ok" markus@
2008-06-30 00:07:00 +10:00
Damien Miller 471db5c2eb - djm@cvs.openbsd.org 2008/06/28 14:05:15
[ssh-agent.c]
     reset global compat flag after processing a protocol 2 signature
     request with the legacy DSA encoding flag set; ok markus
2008-06-30 00:05:48 +10:00
Damien Miller 1cfadabc0e - djm@cvs.openbsd.org 2008/06/28 13:58:23
[ssh-agent.c]
     refuse to add a key that has unknown constraints specified;
     ok markus
2008-06-30 00:05:21 +10:00
Damien Miller bd45afb5ad - djm@cvs.openbsd.org 2008/06/28 07:25:07
[PROTOCOL]
     spelling fixes
2008-06-30 00:04:57 +10:00
Damien Miller 8639920a9b - jmc@cvs.openbsd.org 2008/06/26 21:11:46
[ssh.1]
     add VisualHostKey to the list of options listed in -o;
2008-06-30 00:04:31 +10:00
Damien Miller 1028824e5c - grunk@cvs.openbsd.org 2008/06/26 11:46:31
[readconf.c readconf.h ssh.1 ssh_config.5 sshconnect.c]
     Move SSH Fingerprint Visualization away from sharing the config option
     CheckHostIP to an own config option named VisualHostKey.
     While there, fix the behaviour that ssh would draw a random art picture
     on every newly seen host even when the option was not enabled.
     prodded by deraadt@, discussions,
     help and ok markus@ djm@ dtucker@
2008-06-30 00:04:03 +10:00
Damien Miller 2e9cf49069 - djm@cvs.openbsd.org 2008/06/26 09:19:40
[dh.c dh.h moduli.c]
     when loading moduli from /etc/moduli in sshd(8), check that they
     are of the expected "safe prime" structure and have had
     appropriate primality tests performed;
     feedback and ok dtucker@
2008-06-29 22:47:04 +10:00
Damien Miller 9e720284fe - djm@cvs.openbsd.org 2008/06/26 06:10:09
[sftp-client.c sftp-server.c]
     allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky
     bits. Note that this only affects explicit setting of modes (e.g. via
     sftp(1)'s chmod command) and not file transfers. (bz#1310)
     ok deraadt@ at c2k8
2008-06-29 22:46:35 +10:00
Damien Miller 007132a7c9 - otto@cvs.openbsd.org 2008/06/25 11:13:43
[key.c]
     add key length to visual fingerprint; zap magical constants;
     ok grunk@ djm@
2008-06-29 22:45:37 +10:00
Damien Miller f184bcf89e - (djm) OpenBSD CVS Sync
- martynas@cvs.openbsd.org 2008/06/21 07:46:46
     [sftp.c]
     use optopt to get invalid flag, instead of return value of getopt,
     which is always '?';  ok djm@
2008-06-29 22:45:13 +10:00
Damien Miller 493f032440 - (djm) [RFC.nroff contrib/cygwin/Makefile contrib/suse/openssh.spec]
RFC.nroff lacks a license, remove it (it is long gone in OpenBSD).
2008-06-28 16:01:35 +10:00
Damien Miller f299ff8c1f - (djm) [ contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
[contrib/suse/openssh.spec] Include moduli.5 in RPM spec files.
2008-06-26 16:01:56 +10:00
Damien Miller 60dcc62535 - (djm) [Makefile.in moduli.5] Include moduli(5) manpage from OpenBSD.
(bz#1372)
2008-06-26 15:59:32 +10:00
Darren Tucker 1a48aecfbc - (dtucker) [channels.c] isatty -> is_tty here too. 2008-06-16 23:35:56 +10:00
Darren Tucker ed3cdc0a7c - dtucker@cvs.openbsd.org 2008/06/16 13:22:53
[session.c channels.c]
     Rename the isatty argument to is_tty so we don't shadow
     isatty(3).  ok markus@
2008-06-16 23:29:18 +10:00
Damien Miller d310d51bad - djm@cvs.openbsd.org 2008/06/15 20:06:26
[channels.c channels.h session.c]
     don't call isatty() on a pty master, instead pass a flag down to
     channel_set_fds() indicating that te fds refer to a tty. Fixes a
     hang on exit on Solaris (bz#1463) in portable but is actually
     a generic bug; ok dtucker deraadt markus
2008-06-16 07:59:23 +10:00
Damien Miller 307c1d10a7 - dtucker@cvs.openbsd.org 2008/06/15 16:58:40
[servconf.c sshd_config.5]
     Allow MaxAuthTries within a Match block.  ok djm@
2008-06-16 07:56:20 +10:00
Damien Miller c62a5af29a - dtucker@cvs.openbsd.org 2008/06/15 16:55:38
[sshd_config.5]
     MaxSessions is allowed in a Match block too
2008-06-16 07:55:46 +10:00
Damien Miller c7ce0da3b0 - dtucker@cvs.openbsd.org 2008/06/14 19:42:10
[scp.1]
     Mention that scp follows symlinks during -r.  bz #1466,
     from nectar at apple
2008-06-16 07:55:06 +10:00
Damien Miller 6051c94a0a - djm@cvs.openbsd.org 2008/06/14 18:33:43
[session.c]
     suppress the warning message from chdir(homedir) failures
     when chrooted (bz#1461); ok dtucker
2008-06-16 07:53:16 +10:00
Damien Miller 6ca16c63c2 - dtucker@cvs.openbsd.org 2008/06/14 17:07:11
[sshd.c]
     ensure default umask disallows at least group and world write; ok djm@
2008-06-16 07:50:58 +10:00
Damien Miller 2a6284782d - OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2008/06/14 15:49:48
     [sshd.c]
     wrap long line at 80 chars
2008-06-16 07:50:24 +10:00
Darren Tucker 330c93f68a - (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc. 2008-06-16 02:27:48 +10:00
Damien Miller 8b7ab960df - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction
replacement code; patch from ighighi AT gmail.com in bz#1240;
   ok dtucker
2008-06-15 10:55:34 +10:00
Darren Tucker 30fd49e606 - (dtucker) [configure.ac] Bug #1276: avoid linking against libgssapi, which
despite its name doesn't seem to implement all of GSSAPI.  Patch from
   Jan Engelhardt, sanity checked by Simon Wilkinson.
2008-06-14 09:14:46 +10:00
Darren Tucker f6bffb1391 - grunk@cvs.openbsd.org 2008/06/13 20:13:26
[ssh.1]
     Explain the use of SSH fpr visualization using random art, and cite the
     original scientific paper inspiring that technique.
     Much help with English and nroff by jmc@, thanks.
2008-06-14 09:04:26 +10:00
Darren Tucker 03ccc9b142 - dtucker@cvs.openbsd.org 2008/06/13 18:55:22
[scp.c]
     Prevent -Wsign-compare warnings on LP64 systems.  bz #1192, ok deraadt@
2008-06-14 09:02:25 +10:00
Darren Tucker 47e713be94 - dtucker@cvs.openbsd.org 2008/06/13 17:21:20
[mux.c]
     Friendlier error messages for mux fallback.  ok djm@
2008-06-14 09:01:54 +10:00
Darren Tucker d9526a5e96 - dtucker@cvs.openbsd.org 2008/06/13 14:18:51
[auth2-pubkey.c auth-rhosts.c]
     Include unistd.h for close(), prevents warnings in -portable
2008-06-14 09:01:24 +10:00
Darren Tucker f2c16d30b4 - dtucker@cvs.openbsd.org 2008/06/13 13:56:59
[monitor.c]
     Clear key options in the monitor on failed authentication, prevents
     applying additional restrictions to non-pubkey authentications in
     the case where pubkey fails but another method subsequently succeeds.
     bz #1472, found by Colin Watson, ok markus@ djm
2008-06-14 08:59:49 +10:00
Darren Tucker 99bb7619d4 - deraadt@cvs.openbsd.org 2008/06/13 09:44:36
[packet.c]
     compile on older gcc; no decl after code
2008-06-13 22:02:50 +10:00
Darren Tucker f387e59d52 - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent
compiler warnings on some platforms.  Based on a discussion with otto@
2008-06-13 15:03:14 +10:00
Darren Tucker 06db584e9d - djm@cvs.openbsd.org 2008/06/13 04:40:22
[auth2-pubkey.c auth-rhosts.c]
     refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not
     regular files; report from Solar Designer via Colin Watson in bz#1471
     ok dtucker@ deraadt@
2008-06-13 14:51:28 +10:00
Darren Tucker 7517b5bd31 - dtucker@cvs.openbsd.org 2008/06/13 01:38:23
[misc.c]
     upcast uid to long with matching %ld, prevents warnings in portable
2008-06-13 14:48:59 +10:00
Darren Tucker 2c91b28a6d - (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used
on big endian machines, so ifdef them for little endian only to prevent
    unused function warnings.
2008-06-13 12:40:55 +10:00
Darren Tucker 2c1eb82695 - (dtucker) [auth-sia.c] Bug #1241: support password expiry on Tru64 SIA
systems.  Patch from R. Scott Bailey.
2008-06-13 11:13:13 +10:00
Darren Tucker c7e030fd78 - dtucker@cvs.openbsd.org 2008/06/13 00:51:47
[mac.c]
     upcast another size_t to u_long to match format
2008-06-13 10:58:50 +10:00
Darren Tucker 1adfd368c4 - dtucker@cvs.openbsd.org 2008/06/13 00:47:53
[mux.c]
     upcast size_t to u_long to match format arg; ok djm@
2008-06-13 10:58:10 +10:00
Darren Tucker 61b0695273 - (dtucker) [defines.h] Bug #1112: __dead is, well dead. Based on a patch
from Todd Vierling.
2008-06-13 10:28:57 +10:00
Darren Tucker ca19bfe254 - djm@cvs.openbsd.org 2008/06/13 00:16:49
[mux.c]
     fall back to creating a new TCP connection on most multiplexing errors
     (socket connect fail, invalid version, refused permittion, corrupted
     messages, etc.); bz #1329 ok dtucker@
2008-06-13 10:24:03 +10:00
Darren Tucker f8b7eb7c3c - dtucker@cvs.openbsd.org 2008/06/13 00:12:02
[sftp.h log.h]
     replace __dead with __attribute__((noreturn)), makes things
     a little easier to port.  Also, add it to sigdie().  ok djm@
2008-06-13 10:22:54 +10:00
Darren Tucker ff4454dbda - ian@cvs.openbsd.org 2008/06/12 23:24:58
[sshconnect.c]
     tweak wording in message, ok deraadt@ jmc@
2008-06-13 10:21:51 +10:00
Darren Tucker 0f0ef0ab1f - grunk@cvs.openbsd.org 2008/06/12 22:03:36
[key.c]
     add my copyright, ok djm@
2008-06-13 08:58:05 +10:00
Darren Tucker b68fb4ad21 - grunk@cvs.openbsd.org 2008/06/12 21:14:46
[ssh-keygen.c]
     make ssh-keygen -lf show the key type just as ssh-add -l would do it
     ok djm@ markus@
2008-06-13 08:57:27 +10:00
Darren Tucker babc1d5f73 - djm@cvs.openbsd.org 2008/06/12 21:06:25
[clientloop.c]
     I was coalescing expected global request confirmation replies at
     the wrong end of the queue - fix; prompted by markus@
2008-06-13 08:56:01 +10:00
Darren Tucker a64ab33f04 - djm@cvs.openbsd.org 2008/06/12 20:47:04
[sftp-client.c]
     print extension revisions for extensions that we understand
2008-06-13 07:01:29 +10:00
Darren Tucker 3fc464efdc - dtucker@cvs.openbsd.org 2008/06/12 20:38:28
[sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
     Make keepalive timeouts apply while waiting for a packet, particularly
     during key renegotiation (bz #1363).  With djm and Matt Day, ok djm@
2008-06-13 06:42:45 +10:00
Darren Tucker f09e825329 - jmc@cvs.openbsd.org 2008/06/12 19:10:09
[ssh_config.5 ssh-keygen.1]
     tweak the ascii art text; ok grunk
2008-06-13 05:18:03 +10:00
Darren Tucker 1cf65ae61d - (dtucker) [clientloop.c serverloop.c] channel_register_filter now
takes 2 more args.  with djm@
2008-06-13 05:09:18 +10:00
Darren Tucker f6b01b758f - dtucker@cvs.openbsd.org 2008/06/12 16:35:31
[ssh_config.5 ssh.c]
     keyword expansion for localcommand.  ok djm@
2008-06-13 04:56:37 +10:00
Darren Tucker 84c56f536c - djm@cvs.openbsd.org 2008/06/12 15:19:17
[clientloop.h channels.h clientloop.c channels.c mux.c]
     The multiplexing escape char handler commit last night introduced a
     small memory leak per session; plug it.
2008-06-13 04:55:46 +10:00
Darren Tucker 4b3b9773ec - grunk@cvs.openbsd.org 2008/06/12 06:32:59
[key.c]
     We already mark the start of the worm, now also mark the end of the worm
     in our random art drawings.
     ok djm@
2008-06-13 04:55:10 +10:00
Darren Tucker ba69c7a987 - djm@cvs.openbsd.org 2008/06/12 05:32:30
[mux.c]
     some more TODO for me
2008-06-13 04:54:05 +10:00
Darren Tucker e5d98290a6 - djm@cvs.openbsd.org 2008/06/12 05:15:41
[PROTOCOL]
     document tun@openssh.com forwarding method
2008-06-13 04:53:27 +10:00
Darren Tucker d6173c0bd7 - djm@cvs.openbsd.org 2008/06/12 04:24:06
[ssh.c]
     thal shalt not code past the eightieth column
2008-06-13 04:52:53 +10:00
Darren Tucker 4d5cd33a5f - djm@cvs.openbsd.org 2008/06/12 04:17:47
[clientloop.c]
     thall shalt not code past the eightieth column
2008-06-13 04:51:14 +10:00
Darren Tucker 9f407c4422 - djm@cvs.openbsd.org 2008/06/12 04:06:00
[clientloop.h ssh.c clientloop.c]
     maintain an ordered queue of outstanding global requests that we
     expect replies to, similar to the per-channel confirmation queue.
     Use this queue to verify success or failure for remote forward
     establishment in a race free way.
     ok dtucker@
2008-06-13 04:50:27 +10:00
Darren Tucker 2fb66caca2 - djm@cvs.openbsd.org 2008/06/12 03:40:52
[clientloop.h mux.c channels.c clientloop.c channels.h]
     Enable ~ escapes for multiplex slave sessions; give each channel
     its own escape state and hook the escape filters up to muxed
     channels. bz #1331
     Mux slaves do not currently support the ~^Z and ~& escapes.
     NB. this change cranks the mux protocol version, so a new ssh
     mux client will not be able to connect to a running old ssh
     mux master.
     ok dtucker@
2008-06-13 04:49:33 +10:00
Darren Tucker 267e28bb75 - otto@cvs.openbsd.org 2008/06/12 00:13:13
[key.c]
     use an odd number of rows and columns and a separate start marker, looks
     better; ok grunk@
2008-06-13 04:48:11 +10:00
Darren Tucker 78913e0059 - grunk@cvs.openbsd.org 2008/06/12 00:13:55
[sshconnect.c]
     Make ssh print the random art also when ssh'ing to a host using IP only.
     spotted by naddy@, ok and help djm@ dtucker@
2008-06-13 04:47:34 +10:00
Darren Tucker d32b28a307 - grunk@cvs.openbsd.org 2008/06/11 23:51:57
[key.c]
     #define statements that are not atoms need braces around them, else they
     will cause trouble in some cases.
     Also do a computation of -1 once, and not in a loop several times.
     spotted by otto@
2008-06-13 04:45:50 +10:00
Darren Tucker dcc1ab5483 - grunk@cvs.openbsd.org 2008/06/11 23:03:56
[ssh_config.5]
     CheckHostIP set to ``fingerprint'' will display both hex and random art
     spotted by naddy@
2008-06-13 04:44:25 +10:00
Darren Tucker 014d76fa72 - otto@cvs.openbsd.org 2008/06/11 23:02:22
[key.c]
     simpler way of computing the augmentations; ok grunk@
2008-06-13 04:43:51 +10:00
Darren Tucker 35c45535ea - grunk@cvs.openbsd.org 2008/06/11 22:20:46
[ssh-keygen.c ssh-keygen.1]
     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
     that is not how it was envisioned.
     Also correct manpage saying that -v is needed along with -l for it to work.
     spotted by naddy@
2008-06-13 04:43:15 +10:00
Darren Tucker a376a32e8e - grunk@cvs.openbsd.org 2008/06/11 21:38:25
[ssh-keygen.c]
     ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
     would not display you the random art as intended, spotted by canacar@
2008-06-13 04:42:14 +10:00
Darren Tucker 9c16ac9263 - grunk@cvs.openbsd.org 2008/06/11 21:01:35
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
      sshconnect.c]
     Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
     graphical hash visualization schemes known as "random art", and by
     Dan Kaminsky's musings on the subject during a BlackOp talk at the
     23C3 in Berlin.
     Scientific publication (original paper):
     "Hash Visualization: a New Technique to improve Real-World Security",
     Perrig A. and Song D., 1999, International Workshop on Cryptographic
     Techniques and E-Commerce (CrypTEC '99)
     http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
     The algorithm used here is a worm crawling over a discrete plane,
     leaving a trace (augmenting the field) everywhere it goes.
     Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
     makes the respective movement vector be ignored for this turn,
     thus switching to the other color of the chessboard.
     Graphs are not unambiguous for now, because circles in graphs can be
     walked in either direction.
     discussions with several people,
     help, corrections and ok markus@ djm@
2008-06-13 04:40:35 +10:00
Darren Tucker 1199673393 - jmc@cvs.openbsd.org 2008/06/11 07:30:37
[sshd.8]
     kill trailing whitespace;
2008-06-13 04:32:00 +10:00
Damien Miller 4401e45be6 - (djm) [channels.c configure.ac]
Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no)
   bz#1464; ok dtucker
2008-06-12 06:05:12 +10:00
Darren Tucker b8e0500351 - (dtucker) [Makefile.in] Move addrmatch.o to libssh.a where it's needed now. 2008-06-11 09:47:59 +10:00
Darren Tucker e045e0c62a - dtucker@cvs.openbsd.org 2008/06/10 23:13:43
[Makefile regress/key-options.sh]
     Add regress test for key options.  ok djm@
2008-06-11 09:38:12 +10:00
Darren Tucker 2a8b138ed8 - dtucker@cvs.openbsd.org 2008/06/10 23:21:34
[bufaux.c]
     Use '\0' for a nul byte rather than unadorned 0.  ok djm@
2008-06-11 09:35:37 +10:00
Darren Tucker 896ad5a4e4 - djm@cvs.openbsd.org 2008/06/10 23:06:19
[auth-options.c match.c servconf.c addrmatch.c sshd.8]
     support CIDR address matching in .ssh/authorized_keys from="..." stanzas
     ok and extensive testing dtucker@
2008-06-11 09:34:46 +10:00
Darren Tucker 8901fa9c88 - djm@cvs.openbsd.org 2008/06/10 22:15:23
[PROTOCOL ssh.c serverloop.c]
     Add a no-more-sessions@openssh.com global request extension that the
     client sends when it knows that it will never request another session
     (i.e. when session multiplexing is disabled). This allows a server to
     disallow further session requests and terminate the session.
     Why would a non-multiplexing client ever issue additional session
     requests? It could have been attacked with something like SSH'jack:
     http://www.storm.net.nz/projects/7
     feedback & ok markus
2008-06-11 09:34:01 +10:00
Darren Tucker c9807e825a - dtucker@cvs.openbsd.org 2008/06/10 18:21:24
[ssh_config.5]
     clarify that Host patterns are space-separated.  ok deraadt
2008-06-11 09:33:01 +10:00
Darren Tucker 34f49c60fd - (dtucker) [Makefile.in] Define TEST_SSH_IPV6 in make's arguments as well
as environment.
2008-06-11 05:15:51 +10:00
Darren Tucker 5d37690a1f - (dtucker) [Makefile.in configure.ac regress/addrmatch.sh] Skip IPv6
specific tests on platforms that don't do IPv6.
2008-06-11 04:15:05 +10:00
Darren Tucker d8bafea5a0 - dtucker@cvs.openbsd.org 2008/06/10 15:28:49
[test-exec.sh]
     Add quotes
2008-06-11 01:39:38 +10:00
Darren Tucker 5f346649ce - dtucker@cvs.openbsd.org 2008/06/10 15:21:41
[test-exec.sh]
     Use a more portable construct for checking if we're running a putty test
2008-06-11 01:38:52 +10:00
Darren Tucker 9d3739daa1 - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6
since the new CIDR code in addmatch.c references it.
2008-06-10 23:52:51 +10:00
Darren Tucker 10f9242b86 - dtucker@cvs.openbsd.org 2008/06/10 05:23:32
[addrmatch.sh Makefile]
     Regress test for Match CIDR rules.  ok djm@
2008-06-10 23:16:46 +10:00
Darren Tucker d788b7cb35 - dtucker@cvs.openbsd.org 2008/06/09 18:06:32
[regress/test-exec.sh]
     Don't generate putty keys if we're not going to use them.  ok djm
2008-06-10 23:15:54 +10:00
Darren Tucker e7f3f75651 - jmc@cvs.openbsd.org 2008/06/10 08:17:40
[sshd.8 sshd.c]
     - update usage()
     - fix SYNOPSIS, and sort options
     - some minor additional fixes
2008-06-10 23:06:01 +10:00
Darren Tucker 6a2a400f7a - jmc@cvs.openbsd.org 2008/06/10 07:12:00
[sshd_config.5]
     tweak previous;
2008-06-10 23:03:04 +10:00
Darren Tucker e7140f20cb - dtucker@cvs.openbsd.org 2008/06/10 04:50:25
[sshd.c channels.h channels.c log.c servconf.c log.h servconf.h sshd.8]
     Add extended test mode (-T) and connection parameters for test mode (-C).
     -T causes sshd to write its effective configuration to stdout and exit.
     -C causes any relevant Match rules to be applied before output.  The
     combination allows tesing of the parser and config files.  ok deraadt djm
2008-06-10 23:01:51 +10:00
Darren Tucker b06cc4abf8 - djm@cvs.openbsd.org 2008/06/10 04:17:46
[sshd_config.5]
     better reference for pattern-list
2008-06-10 22:59:53 +10:00
Darren Tucker 7a3935de2f - (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/06/10 03:57:27
     [servconf.c match.h sshd_config.5]
     support CIDR address matching in sshd_config "Match address" blocks, with
     full support for negation and fall-back to classic wildcard matching.
     For example:
     Match address 192.0.2.0/24,3ffe:ffff::/32,!10.*
         PasswordAuthentication yes
     addrmatch.c code mostly lifted from flowd's addr.c
     feedback and ok dtucker@
2008-06-10 22:59:10 +10:00
Darren Tucker 588fe0efa4 - dtucker@cvs.openbsd.org 2008/06/09 13:38:46
[PROTOCOL]
     Use a $OpenBSD tag so our scripts will sync changes.
2008-06-09 23:52:22 +10:00
Darren Tucker 3463acaebf - dtucker@cvs.openbsd.org 2008/06/09 13:02:39
Extend 32bit -> 64bit values for statvfs extension missed in previous
     commit.
2008-06-09 23:06:55 +10:00
Darren Tucker 7b598892be - dtucker@cvs.openbsd.org 2008/06/08 20:15:29
[sftp.c sftp-client.c sftp-client.h]
     Have the sftp client store the statvfs replies in wire format,
     which prevents problems when the server's native sizes exceed the
     client's.
     Also extends the sizes of the remaining 32bit wire format to 64bit,
     they're specified as unsigned long in the standard.
2008-06-09 22:49:36 +10:00
Darren Tucker 422c34c96d - dtucker@cvs.openbsd.org 2008/06/08 17:04:41
[sftp-server.c]
     Add case for ENOSYS in errno_to_portable; ok deraadt
2008-06-09 22:48:31 +10:00
Darren Tucker 77001384cc - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a
macro to convert fsid to unsigned long for platforms where fsid is a
   2-member array.
2008-06-09 06:17:53 +10:00
Darren Tucker 598eaa6c0c - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c
openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
   openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and
   fstatvfs and remove #defines around statvfs code.  ok djm@
2008-06-09 03:32:29 +10:00
Darren Tucker df189fb279 - djm@cvs.openbsd.org 2008/05/19 20:53:52
[clientloop.c]
     unbreak tree by committing this bit that I missed from:
     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
     we would send the modes corresponding to a zeroed struct termios,
     whereas we should have been sending an empty list of modes.
     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
2008-06-08 12:55:32 +10:00
Darren Tucker 0f7e910604 - djm@cvs.openbsd.org 2008/05/19 15:46:31
[ssh-keygen.c]
     support -l (print fingerprint) in combination with -F (find host) to
     search for a host in ~/.ssh/known_hosts and display its fingerprint;
     ok markus@
2008-06-08 12:54:29 +10:00
Darren Tucker dd39264e4b - djm@cvs.openbsd.org 2008/05/19 15:45:07
[sshtty.c ttymodes.c sshpty.h]
     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
     we would send the modes corresponding to a zeroed struct termios,
     whereas we should have been sending an empty list of modes.
     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
2008-06-08 12:53:20 +10:00
Darren Tucker 136e56f689 - djm@cvs.openbsd.org 2008/05/19 06:14:02
[packet.c] unbreak protocol keepalive timeouts bz#1465; ok dtucker@
2008-06-08 12:49:30 +10:00
Darren Tucker 5b2e2ba9e4 - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c] Do not enable statvfs extensions on platforms that do not have statvfs. ok djm@ 2008-06-08 09:25:28 +10:00
Darren Tucker ce38d8234d - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H. 2008-06-07 06:25:15 +10:00
Damien Miller 58ea61ba2a - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias
in arc4random_uniform with upper_bound in (2^30,2*31). Note that
   OpenSSH did not make requests with upper bounds in this range.
2008-06-04 10:54:00 +10:00
Damien Miller a7058ec7c0 - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
[openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h]
   Fix compilation on Linux, including pulling in fmt_scaled(3)
   implementation from OpenBSD's libutil.
2008-05-20 08:57:06 +10:00
Damien Miller 58a8114880 - djm@cvs.openbsd.org 2008/05/16 08:30:42
[PROTOCOL]
     document our protocol extensions and deviations; ok markus@
   - djm@cvs.openbsd.org 2008/05/17 01:31:56
     [PROTOCOL]
     grammar and correctness fixes from stevesk@
2008-05-19 16:11:56 +10:00
Damien Miller a7e0d5a34a - djm@cvs.openbsd.org 2008/05/18 21:29:05
[sftp-server.c]
     comment extension announcement
2008-05-19 16:08:41 +10:00
Damien Miller 5159bdd0ec - djm@cvs.openbsd.org 2008/05/15 23:52:24
[nchan2.ms]
     document eow message in ssh protocol 2 channel state machine;
     feedback and ok markus@
2008-05-19 16:08:20 +10:00
Damien Miller 0f30c87c45 - pvalchev@cvs.openbsd.org 2008/05/12 20:52:20
[umac.c]
     Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
     on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@
2008-05-19 16:07:45 +10:00
Damien Miller bab9bd4c20 - markus@cvs.openbsd.org 2008/05/09 16:21:13
[channels.h clientloop.c nchan.c serverloop.c]
     unbreak
        ssh -2 localhost od /bin/ls | true
     ignoring SIGPIPE by adding a new channel message (EOW) that signals
     the peer that we're not interested in any data it might send.
     fixes bz #85; discussion, debugging and ok djm@
2008-05-19 16:06:47 +10:00
Damien Miller d654dd27b5 - markus@cvs.openbsd.org 2008/05/09 16:17:51
[channels.c]
     error-fd race: don't enable the error fd in the select bitmask
     for channels with both in- and output closed, since the channel
     will go away before we call select();
     report, lots of debugging help and ok djm@
2008-05-19 16:05:41 +10:00
Damien Miller 2ff1ca56eb - markus@cvs.openbsd.org 2008/05/09 16:16:06
[session.c]
     re-add the USE_PIPES code and enable it.
     without pipes shutdown-read from the sshd does not trigger
     a SIGPIPE when the forked program does a write.
     ok djm@
     (Id sync only, USE_PIPES never left portable OpenSSH)
2008-05-19 16:04:56 +10:00
Damien Miller b3da593962 - djm@cvs.openbsd.org 2008/05/09 14:26:08
[ssh.c]
     dingo stole my diff hunk
2008-05-19 16:02:37 +10:00
Damien Miller b1cbfa25f1 - djm@cvs.openbsd.org 2008/05/09 14:18:44
[clientloop.c clientloop.h ssh.c mux.c]
     tidy up session multiplexing code, moving it into its own file and
     making the function names more consistent - making ssh.c and
     clientloop.c a fair bit more readable.
     ok markus@
2008-05-19 16:00:08 +10:00
Damien Miller bd74025c7b - djm@cvs.openbsd.org 2008/05/09 04:55:56
[channels.c channels.h clientloop.c serverloop.c]
     Try additional addresses when connecting to a port forward destination
     whose DNS name resolves to more than one address. The previous behaviour
     was to try the first address and give up.

     Reported by stig AT venaas.com in bz#343

     great feedback and ok markus@
2008-05-19 15:37:09 +10:00
Damien Miller 5771ed7d1b - djm@cvs.openbsd.org 2008/05/08 13:06:11
[clientloop.c clientloop.h ssh.c]
     Use new channel status confirmation callback system to properly deal
     with "important" channel requests that fail, in particular command exec,
     shell and subsystem requests. Previously we would optimistically assume
     that the requests would always succeed, which could cause hangs if they
     did not (e.g. when the server runs out of fds) or were unimplemented by
     the server (bz #1384)
     Also, properly report failing multiplex channel requests via the mux
     client stderr (subject to LogLevel in the mux master) - better than
     silently failing.
     most bits ok markus@ (as part of a larger diff)
2008-05-19 15:35:33 +10:00
Damien Miller 7207f64a23 - djm@cvs.openbsd.org 2008/05/08 12:21:16
[monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
     [sshd_config sshd_config.5]
     Make the maximum number of sessions run-time controllable via
     a sshd_config MaxSessions knob. This is useful for disabling
     login/shell/subsystem access while leaving port-forwarding working
     (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
     simply increasing the number of allows multiplexed sessions.
     Because some bozos are sure to configure MaxSessions in excess of the
     number of available file descriptors in sshd (which, at peak, might be
     as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
     on error paths, and make it fail gracefully on out-of-fd conditions -
     sending channel errors instead of than exiting with fatal().
     bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
     ok markus@
2008-05-19 15:34:50 +10:00
Damien Miller 9417831ece - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h 2008-05-19 15:28:35 +10:00
Damien Miller caaed01e90 - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes 2008-05-19 15:26:54 +10:00
Damien Miller b84886ba3e - djm@cvs.openbsd.org 2008/05/08 12:02:23
[auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
     [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
     [ssh.c sshd.c]
     Implement a channel success/failure status confirmation callback
     mechanism. Each channel maintains a queue of callbacks, which will
     be drained in order (RFC4253 guarantees confirm messages are not
     reordered within an channel).
     Also includes a abandonment callback to clean up if a channel is
     closed without sending confirmation messages. This probably
     shouldn't happen in compliant implementations, but it could be
     abused to leak memory.
     ok markus@ (as part of a larger diff)
2008-05-19 15:05:07 +10:00
Damien Miller db255cad05 - markus@cvs.openbsd.org 2008/05/08 06:59:01
[bufaux.c buffer.h channels.c packet.c packet.h]
     avoid extra malloc/copy/free when receiving data over the net;
     ~10% speedup for localhost-scp; ok djm@
2008-05-19 14:59:37 +10:00
Damien Miller e989019303 - jmc@cvs.openbsd.org 2008/05/07 08:00:14
[sshd_config.5]
     sort;
2008-05-19 14:59:02 +10:00
Damien Miller ba3a6599a2 - pyr@cvs.openbsd.org 2008/05/07 06:43:35
[sshd_config]
     push the sshd_config bits in, spotted by ajacoutot@
2008-05-19 14:58:22 +10:00
Damien Miller 4f755cdc05 - pyr@cvs.openbsd.org 2008/05/07 05:49:37
[servconf.c servconf.h session.c sshd_config.5]
     Enable the AllowAgentForwarding option in sshd_config (global and match
     context), to specify if agents should be permitted on the server.
     As the man page states:
     ``Note that disabling Agent forwarding does not improve security
     unless users are also denied shell access, as they can always install
     their own forwarders.''
     ok djm@, ok and a mild frown markus@
2008-05-19 14:57:41 +10:00
Damien Miller bacb7fbd7e - djm@cvs.openbsd.org 2008/04/30 10:14:03
[ssh-keyscan.1 ssh-keyscan.c]
     default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by
     larsnooden AT openoffice.org
2008-05-19 14:56:33 +10:00
Damien Miller 0b4c16589a - otto@cvs.openbsd.org 2008/04/29 11:20:31
[monitor_mm.h]
     garbage collect two unused fields in struct mm_master; ok markus@
2008-05-19 14:55:29 +10:00
Damien Miller ff0dd88999 - djm@cvs.openbsd.org 2008/04/18 22:01:33
[session.c]
     remove unneccessary parentheses
2008-05-19 14:55:02 +10:00
Damien Miller 64058cb8ef - jmc@cvs.openbsd.org 2008/04/18 17:15:47
[sftp.1]
     macro fixage;
2008-05-19 14:54:25 +10:00
Damien Miller d671e5a978 - djm@cvs.openbsd.org 2008/04/18 12:32:11
[sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h]
     introduce sftp extension methods statvfs@openssh.com and
     fstatvfs@openssh.com that implement statvfs(2)-like operations,
     based on a patch from miklos AT szeredi.hu (bz#1399)
     also add a "df" command to the sftp client that uses the
     statvfs@openssh.com to produce a df(1)-like display of filesystem
     space and inode utilisation
     ok markus@
2008-05-19 14:53:33 +10:00
Damien Miller 354c48c641 - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/04/13 00:22:17
     [dh.c sshd.c]
     Use arc4random_buf() when requesting more than a single word of output
     Use arc4random_uniform() when the desired random number upper bound
     is not a power of two
     ok deraadt@ millert@
2008-05-19 14:50:00 +10:00
Damien Miller a4be7c23fd - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
[configure.ac] Implement arc4random_buf(), import implementation of
     arc4random_uniform() from OpenBSD
2008-05-19 14:47:37 +10:00
Damien Miller 25434de460 - djm@cvs.openbsd.org 2008/04/05 02:46:02
[sshd_config.5]
     HostbasedAuthentication is supported under Match too
2008-05-19 14:29:08 +10:00
Damien Miller 56f41ddc54 - djm@cvs.openbsd.org 2008/04/04 06:44:26
[sshd_config.5]
     oops, some unrelated stuff crept into that commit - backout.
     spotted by jmc@
2008-05-19 14:28:19 +10:00
Damien Miller 797e3d117f - (djm) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2008/04/04 05:14:38
     [sshd_config.5]
     ChrootDirectory is supported in Match blocks (in fact, it is most useful
     there). Spotted by Minstrel AT minstrel.org.uk
2008-05-19 14:27:42 +10:00
Damien Miller c5750226af - (djm) Force string arguments to replacement setproctitle() though
strnvis first. Ok dtucker@
2008-05-16 10:01:54 +10:00
Damien Miller 55754fb002 - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
time warnings on LynxOS. Patch from ops AT iki.fi
2008-04-04 16:16:35 +11:00