Commit Graph

10706 Commits

Author SHA1 Message Date
djm@openbsd.org d98f14b532 upstream: UpdateHostkeys: better CheckHostIP handling
When preparing to update the known_hosts file, fully check both
entries for both the host and the address (if CheckHostIP enabled)
and ensure that, at the end of the operation, entries for both are
recorded.

Make sure this works with HashKnownHosts too, which requires maintaining
a list of entry-types seen across the whole file for each key.

ok markus@

OpenBSD-Commit-ID: 374dc263103f6b343d9671f87dbf81ffd0d6abdd
2020-10-12 11:22:55 +11:00
djm@openbsd.org af5941ae9b upstream: UpdateHostkeys: better detect manual host entries
Disable UpdateHostkeys if the known_hosts line has more than two
entries in the pattern-list. ssh(1) only writes "host" or "host,ip"
lines so anything else was added by a different tool or by a human.

ok markus@

OpenBSD-Commit-ID: e434828191fb5f3877d4887c218682825aa59820
2020-10-12 11:22:55 +11:00
djm@openbsd.org 6247812c76 upstream: don't misdetect comma-separated hostkey names as wildcards;
spotted by naddy@

OpenBSD-Commit-ID: 4b874edfec7fc324a21b130bdb42f912177739ce
2020-10-09 18:39:17 +11:00
wangxp006 67146c7d02 fix TEST_MALLOC_OPTIONS var 2020-10-08 21:15:17 +11:00
djm@openbsd.org 3205eaa3f8 upstream: clarify conditions for UpdateHostkeys
OpenBSD-Commit-ID: 9cba714cf6aeed769f998ccbe8c483077a618e27
2020-10-08 12:28:06 +11:00
djm@openbsd.org e8dfca9bfe upstream: remove GlobalKnownHostsFile for this test after
UpdateHostkeys change

OpenBSD-Regress-ID: a940ad79d59343319613ba8fc46b6ef24aa3f8e1
2020-10-07 17:39:17 +11:00
djm@openbsd.org 4aa2717d75 upstream: Disable UpdateHostkeys when hostkey checking fails
If host key checking fails (i.e. a wrong host key is recorded for the
server) and the user elects to continue (via StrictHostKeyChecking=no),
then disable UpdateHostkeys for the session.

reminded by Mark D. Baushke; ok markus@

OpenBSD-Commit-ID: 98b524f121f4252309dd21becd8c4cacb0c6042a
2020-10-07 13:34:11 +11:00
djm@openbsd.org 04c06d0447 upstream: Fix UpdateHostkeys/HashKnownHosts/CheckHostIP bug
When all of UpdateHostkeys, HashKnownHosts and ChechHostIP
were enabled and new host keys were learned, known_hosts IP
entries were not being recorded for new host keys.

reported by matthieu@ ok markus@

OpenBSD-Commit-ID: a654a8290bd1c930aac509e8158cf85e42e49cb7
2020-10-07 13:34:11 +11:00
djm@openbsd.org b70e337112 upstream: don't UpdateHostkeys when the hostkey is verified by the
GlobalKnownHostsFile file, support only UserKnownHostsFile matches

suggested by Mark D. Baushke; feedback and ok markus@

OpenBSD-Commit-ID: eabb771a6add676c398d38a143a1aff5f04abbb9
2020-10-07 13:34:11 +11:00
djm@openbsd.org aa623142e4 upstream: revert kex->flags cert hostkey downgrade back to a plain
key (commitid VtF8vozGOF8DMKVg). We now do this a simpler way that needs less
plumbing.

ok markus@

OpenBSD-Commit-ID: fb92d25b216bff8c136da818ac2221efaadf18ed
2020-10-07 13:34:11 +11:00
djm@openbsd.org f4f14e023c upstream: simply disable UpdateHostkeys when a certificate
successfully authenticated the host; simpler than the complicated plumbing
via kex->flags we have now.

ok markus@

OpenBSD-Commit-ID: 80e39644eed75717d563a7f177e8117a0e14f42c
2020-10-07 13:34:11 +11:00
djm@openbsd.org e79957e877 upstream: disable UpdateHostkeys by default if VerifyHostKeyDNS is
enabled; suggested by Mark D. Baushke

OpenBSD-Commit-ID: 85a1b88592c81bc85df7ee7787dbbe721a0542bf
2020-10-07 13:34:11 +11:00
dtucker@openbsd.org 3d4c2016ba upstream: Agent protocol draft is now at rev 4. ok djm@
OpenBSD-Commit-ID: 8c01ea3aae48aab45e01b7421b0fca2dad5e7837
2020-10-07 13:34:11 +11:00
djm@openbsd.org af889a40ff upstream: when ordering host key algorithms in the client, consider
the ECDSA key subtype; ok markus@

OpenBSD-Commit-ID: 3097686f853c61ff61772ea35f8b699931392ece
2020-10-07 13:33:12 +11:00
dtucker@openbsd.org 2d39fc9f7e upstream: Allow full range of UIDs and GIDs for sftp chown and
chgrp on 32bit platforms instead of being limited by LONG_MAX.  bz#3206,
found by booking00 at sina.cn, ok markus@

OpenBSD-Commit-ID: 373b7bbf1f15ae482d39567ce30d18b51c9229b5
2020-10-07 13:33:12 +11:00
djm@openbsd.org 396d32f3a1 upstream: There are lots of place where we want to redirect stdin,
stdout and/or stderr to /dev/null. Factor all these out to a single
stdfd_devnull() function that allows selection of which of these to redirect.
ok markus@

OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099
2020-10-03 19:34:24 +10:00
djm@openbsd.org 1286981d08 upstream: enable UpdateHostkeys by default when the configuration
has not overridden UserKnownHostsFile; ok markus@ "The timing is perfect"
deraadt@

OpenBSD-Commit-ID: 62df71c9c5242da5763cb473c2a2deefbd0cef60
2020-10-03 18:31:49 +10:00
djm@openbsd.org 332f215372 upstream: disable UpdateHostkeys when a wildcard hostname pattern
is encountered or when a certificate host key is in use. feedback/ok markus@

OpenBSD-Commit-ID: b6e5575af7e6732322be82ec299e09051a5413bd
2020-10-03 18:31:49 +10:00
djm@openbsd.org 13cee44ef9 upstream: record when the host key checking code downgrades a
certificate host key to a plain key. This occurs when the user connects to a
host with a certificate host key but no corresponding CA key configured in
known_hosts; feedback and ok markus@

OpenBSD-Commit-ID: 2ada81853ff9ee7824c62f440bcf4ad62030c901
2020-10-03 18:31:49 +10:00
djm@openbsd.org 12ae8f95e2 upstream: prefer ed25519 signature algorithm variants to ECDSA; ok
markus@

OpenBSD-Commit-ID: 82187926fca96d35a5b5afbc091afa84e0966e5b
2020-10-03 14:34:06 +10:00
djm@openbsd.org e5ed753add upstream: want time.h here too
OpenBSD-Commit-ID: fafee8f1108c64ad8b282f9a1ed5ea830d8c58a7
2020-10-03 14:33:58 +10:00
deraadt@openbsd.org 66bd9fdf8b upstream: split introductory paragraph, and insert ominous words about
the glob issue, which cannot be fully fixed and really requires completely
replacing scp with a completely different subsystem. team effort to find the
right words..

OpenBSD-Commit-ID: 58e1f72d292687f63eb357183036ee242513691c
2020-10-03 13:39:22 +10:00
Damien Miller 86cc8ce002 use relative rather than system include here 2020-10-03 13:39:17 +10:00
Damien Miller 922cfac5ed add some openbsd-compat licenses we missed 2020-10-03 13:39:17 +10:00
Philip Hands ce941c75ea un-nest $() to make ksh cheerful 2020-10-03 09:26:00 +10:00
Philip Hands 18ea5f4b88 ksh doesn't grok 'local'
and AFAICT it's not actually doing anything useful in the code, so let's
see how things go without it.
2020-10-03 09:25:32 +10:00
Oleg d9e727dcc0 Fix `EOF: command not found` error in ssh-copy-id 2020-10-03 09:20:55 +10:00
dtucker@openbsd.org a1a856d50c upstream: Regen moduli.
OpenBSD-Commit-ID: 04967f8c43e9854ac34b917bcd6f5ac96c53a693
2020-09-30 19:35:35 +10:00
HARUYAMA Seigo fa1fe3ead7 Restore first section title of INSTALL 2020-09-27 21:12:12 +10:00
Damien Miller 279261e1ea update version numbers 2020-09-27 17:25:01 +10:00
djm@openbsd.org 58ca6ab6ff upstream: openssh 8.4
OpenBSD-Commit-ID: a29e5b372d2c00e297da8a35a3b87c9beb3b4a58
2020-09-27 17:23:20 +10:00
Damien Miller 9bb8a303ce sync with upstream ssh-copy-id rev f0da1a1b7 2020-09-22 10:07:43 +10:00
djm@openbsd.org 0a4a5571ad upstream: close stdin when forking after authentication too; ok markus
OpenBSD-Commit-ID: 43db17e4abc3e6b4a7b033aa8cdab326a7cb6c24
2020-09-21 17:30:27 +10:00
djm@openbsd.org d14fe25e6c upstream: close stdout/stderr after "ssh -f ..." forking
bz#3137, ok markus

OpenBSD-Commit-ID: e2d83cc4dea1665651a7aa924ad1ed6bcaaab3e2
2020-09-21 09:32:48 +10:00
Damien Miller 53a33a0d74 .depend 2020-09-20 16:16:47 +10:00
djm@openbsd.org 107eb3eeaf upstream: cap channel input buffer size at 16MB; avoids high memory use
when peer advertises a large window but is slow to consume the data we send
(e.g. because of a slow network)

reported by Pierre-Yves David

fix with & ok markus@

OpenBSD-Commit-ID: 1452771f5e5e768876d3bfe2544e3866d6ade216
2020-09-20 16:16:46 +10:00
Damien Miller acfe2ac5fe libfido2 1.5.0 is recommended 2020-09-18 22:02:53 +10:00
djm@openbsd.org 52a03e9fca upstream: handle multiple messages in a single read()
PR#183 by Dennis Kaarsemaker; feedback and ok markus@

OpenBSD-Commit-ID: 8570bb4d02d00cf70b98590716ea6a7d1cce68d1
2020-09-18 18:17:59 +10:00
pedro martelletto dc098405b2 configure.ac: add missing includes
when testing, make sure to include the relevant header files that
declare the types of the functions used by the test:

- stdio.h for printf();
- stdlib.h for exit();
- string.h for strcmp();
- unistd.h for unlink(), _exit(), fork(), getppid(), sleep().
2020-09-18 08:57:29 +02:00
djm@openbsd.org b3855ff053 upstream: tweak the client hostkey preference ordering algorithm to
prefer the default ordering if the user has a key that matches the
best-preference default algorithm.

feedback and ok markus@

OpenBSD-Commit-ID: a92dd7d7520ddd95c0a16786a7519e6d0167d35f
2020-09-18 15:25:01 +10:00
Damien Miller f93b187ab9 control over the colours in gnome-ssh-askpass[23]
Optionally set the textarea colours via $GNOME_SSH_ASKPASS_FG_COLOR and
$GNOME_SSH_ASKPASS_BG_COLOR. These accept the usual three or six digit
hex colours.
2020-09-18 14:55:48 +10:00
Damien Miller 9d3d36bdb1 focus improvement for gnome-ssh-askpass[23]
When serving a SSH_ASKPASS_PROMPT=none information dialog, ensure
then <enter> doesn't immediately close the dialog. Instead, require an
explicit <tab> to reach the close button, or <esc>.
2020-09-18 14:50:38 +10:00
dtucker@openbsd.org d6f507f37e upstream: Remove unused buf, last user was removed when switching
to the sshbuf API. Patch from Sebastian Andrzej Siewior.

OpenBSD-Commit-ID: 250fa17f0cec01039cc4abd95917d9746e24c889
2020-09-16 14:21:53 +10:00
djm@openbsd.org c3c786c3a0 upstream: For the hostkey confirmation message:
> Are you sure you want to continue connecting (yes/no/[fingerprint])?

compare the fingerprint case sensitively; spotted Patrik Lundin
ok dtucker

OpenBSD-Commit-ID: 73097afee1b3a5929324e345ba4a4a42347409f2
2020-09-16 14:21:53 +10:00
Darren Tucker f2950baf0b New config-build-time dependency on automake. 2020-09-11 14:45:23 +10:00
Darren Tucker 600c1c27ab Add aclocal.m4 and config.h.in~ to .gitignore.
aclocal.m4 is now generated by autoreconf.
2020-09-11 13:18:42 +10:00
Sebastian Andrzej Siewior 4bf7e1d00b Quote the definition of OSSH_CHECK_HEADER_FOR_FIELD
autoreconf complains about underquoted definition of
OSSH_CHECK_HEADER_FOR_FIELD after aclocal.m4 has been and now is beeing
recreated.

Quote OSSH_CHECK_HEADER_FOR_FIELD as suggested.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2020-09-11 13:18:42 +10:00
Sebastian Andrzej Siewior a2f3ae386b Move the local m4 macros
The `aclocal' step is skipped during `autoreconf' because aclocal.m4 is
present.
Move the current aclocal.m4 which contains local macros into the m4/
folder. With this change the aclocal.m4 will be re-created during
changes to the m4/ macro.
This is needed so the `aclocal' can fetch m4 macros from the system if
they are references in the configure script. This is a prerequisite to
use PKG_CHECK_MODULES.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2020-09-11 13:18:42 +10:00
Sebastian Andrzej Siewior 8372bff3a8 Remove HAVE_MMAP and BROKEN_MMAP
BROKEN_MMAP is no longer defined since commit
   1cfd5c06ef ("Remove portability support for mmap")

this commit also removed other HAVE_MMAP user. I didn't find anything
that defines HAVE_MMAP. The check does not trigger because compression
on server side is by default COMP_DELAYED (2) so it never triggers.

Remove remaining HAVE_MMAP and BROKEN_MMAP bits.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2020-09-11 13:18:42 +10:00
djm@openbsd.org bbf20ac806 upstream: adapt to SSH_SK_VERSION_MAJOR crank
OpenBSD-Regress-ID: 0f3e76bdc8f9dbd9d22707c7bdd86051d5112ab8
2020-09-09 13:12:29 +10:00