Commit Graph

8530 Commits

Author SHA1 Message Date
markus@openbsd.org 6cb6dcffe1 upstream commit
remove ssh1 server code; ok djm@

Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
2016-08-14 11:19:14 +10:00
jca@openbsd.org 42d47adc5a upstream commit
Use 2001:db8::/32, the official IPv6 subnet for
configuration examples.

This makes the IPv6 example consistent with IPv4, and removes a dubious
mention of a 6bone subnet.

ok sthen@ millert@

Upstream-ID: b027f3d0e0073419a132fd1bf002e8089b233634
2016-08-14 11:19:14 +10:00
dtucker@openbsd.org b61f53c0c3 upstream commit
Update moduli file.

Upstream-ID: 6da9a37f74aef9f9cc639004345ad893cad582d8
2016-08-14 11:19:14 +10:00
Darren Tucker f217d9bd42 Import updated moduli. 2016-08-11 11:42:48 +10:00
dtucker@openbsd.org 67dca60fbb upstream commit
Improve error message for overlong ControlPath.  ok markus@
djm@

Upstream-ID: aed374e2e88dd3eb41390003e5303d0089861eb5
2016-08-09 09:33:23 +10:00
djm@openbsd.org 4706c1d8c1 upstream commit
small refactor of cipher.c: make ciphercontext opaque to
callers feedback and ok markus@

Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f
2016-08-09 09:06:52 +10:00
dtucker@openbsd.org e600348a7a upstream commit
Fix bug introduced in rev 1.467 which causes
"buffer_get_bignum_ret: incomplete message" errors when built with WITH_SSH1
and run such that no Protocol 1 ephemeral host key is generated (eg "Protocol
2", no SSH1 host key supplied).  Reported by rainer.laatsch at t-online.de,
ok deraadt@

Upstream-ID: aa6b132da5c325523aed7989cc5a320497c919dc
2016-08-03 15:39:28 +10:00
djm@openbsd.org d7e7348e72 upstream commit
better bounds check on iovcnt (we only ever use fixed,
positive values)

Upstream-ID: 9baa6eb5cd6e30c9dc7398e5fe853721a3a5bdee
2016-08-03 15:38:43 +10:00
Darren Tucker 5faa52d295 Use tabs consistently inside "case $host". 2016-08-02 15:22:40 +10:00
Darren Tucker 20e5e8ba9c Explicitly test for broken strnvis.
NetBSD added an strnvis and unfortunately made it incompatible with the
existing one in OpenBSD and Linux's libbsd (the former having existed
for over ten years). Despite this incompatibility being reported during
development (see http://gnats.netbsd.org/44977) they still shipped it.
Even more unfortunately FreeBSD and later MacOS picked up this incompatible
implementation.  Try to detect this mess, and assume the only safe option
if we're cross compiling.

OpenBSD 2.9 (2001): strnvis(char *dst, const char *src, size_t dlen, int flag);
NetBSD 6.0 (2012):  strnvis(char *dst, size_t dlen, const char *src, int flag);

ok djm@
2016-08-02 12:16:34 +10:00
Damien Miller b0b48beab1 update recommended autoconf version 2016-08-02 11:06:23 +10:00
Damien Miller 23902e31df update config.guess and config.sub to current
upstream commit 562f3512b3911ba0c77a7f68214881d1f241f46e
2016-08-02 10:48:04 +10:00
Darren Tucker dd1031b78b Replace spaces with tabs.
Mechanically replace spaces with tabs in compat files not synced with
OpenBSD.
2016-08-02 10:01:52 +10:00
Darren Tucker c20dccb561 Strip trailing whitespace.
Mechanically strip trailing whitespace on files not synced with OpenBSD
(or in the case of bsd-snprint.c, rsync).
2016-08-02 09:44:25 +10:00
Darren Tucker 30f9bd1c09 Repair $OpenBSD markers. 2016-08-02 09:06:27 +10:00
Darren Tucker 9715d4ad4b Repair $OpenBSD marker. 2016-08-02 09:02:42 +10:00
Tim Rice cf3e0be7f5 modified: configure.ac opensshd.init.in
Skip generating missing RSA1 key on startup unless ssh1 support is enabled.
Spotted by Jean-Pierre Radley
2016-08-01 14:31:52 -07:00
Damien Miller 99522ba7ec define _OPENBSD_SOURCE for reallocarray on NetBSD
Report by and debugged with Hisashi T Fujinaka, dtucker nailed
the problem (lack of prototype causing return type confusion).
2016-07-28 08:54:27 +10:00
Damien Miller 3e1e076550 KNF 2016-07-27 08:25:42 +10:00
Damien Miller d99ee9c4e5 Linux auditing also needs packet.h 2016-07-27 08:25:23 +10:00
Damien Miller 393bd381a4 fix auditing on Linux
get_remote_ipaddr() was replaced with ssh_remote_ipaddr()
2016-07-27 08:18:05 +10:00
Damien Miller 80e766fb08 crank version numbers 2016-07-24 21:50:13 +10:00
djm@openbsd.org b1a478792d upstream commit
openssh-7.3

Upstream-ID: af106a7eb665f642648cf1993e162c899f358718
2016-07-24 21:47:18 +10:00
Darren Tucker 353766e088 Move Cygwin IPPORT_RESERVED overrride to defines.h
Patch from vinschen at redhat.com.
2016-07-23 16:14:42 +10:00
djm@openbsd.org 368dd977ae upstream commit
fix pledge violation with ssh -f; reported by Valentin
Kozamernik ok dtucker@

Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
2016-07-23 13:24:20 +10:00
djm@openbsd.org f00211e3c6 upstream commit
improve wording; suggested by jmc@

Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8
2016-07-23 13:24:20 +10:00
dtucker@openbsd.org 83cbca693c upstream commit
Lower loglevel for "Authenticated with partial success"
message similar to other similar level.  bz#2599, patch from cgallek at
gmail.com, ok markus@

Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
2016-07-23 13:24:20 +10:00
Damien Miller 10358abd08 retry waitpid on EINTR failure
patch from Jakub Jelen on bz#2581; ok dtucker@
2016-07-22 14:07:08 +10:00
djm@openbsd.org da88a70a89 upstream commit
constify a few functions' arguments; patch from Jakub
Jelen bz#2581

Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d
2016-07-22 14:06:27 +10:00
djm@openbsd.org c36d91bd4e upstream commit
move debug("%p", key) to before key is free'd; probable
undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581

Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
2016-07-22 14:06:27 +10:00
djm@openbsd.org 286f5a77c3 upstream commit
reverse the order in which -J/JumpHost proxies are visited to
be more intuitive and document

reported by and manpage bits naddy@

Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a
2016-07-22 13:36:40 +10:00
dtucker@openbsd.org fcd135c9df upstream commit
Skip passwords longer than 1k in length so clients can't
easily DoS sshd by sending very long passwords, causing it to spend CPU
hashing them. feedback djm@, ok markus@.

Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
360.cn and coredump at autistici.org

Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
2016-07-22 13:36:40 +10:00
naddy@openbsd.org 324583e8fb upstream commit
Do not clobber the global jump_host variables when
parsing an inactive configuration.  ok djm@

Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31
2016-07-22 13:36:40 +10:00
jmc@openbsd.org 32d921c323 upstream commit
tweak previous;

Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534
2016-07-22 13:36:40 +10:00
dtucker@openbsd.org d7eabc86fa upstream commit
Allow wildcard for PermitOpen hosts as well as ports.
bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com.  ok
markus@

Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
2016-07-22 13:36:40 +10:00
markus@openbsd.org b98a2a8348 upstream commit
Reduce timing attack against obsolete CBC modes by always
computing the MAC over a fixed size of data. Reported by Jean Paul
Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@

Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912
2016-07-22 13:36:40 +10:00
Darren Tucker dbf788b4d9 Search users for one with a valid salt.
If the root account is locked (eg password "!!" or "*LK*") keep looking
until we find a user with a valid salt to use for crypting passwords of
invalid users.  ok djm@
2016-07-21 14:17:31 +10:00
Darren Tucker e8b58f48fb Explicitly specify source files for regress tools.
Since adding $(REGRESSLIBS), $? is wrong because it includes only the
changed source files.  $< seems like it'd be right however it doesn't
seem to work on some non-GNU makes, so do what works everywhere.
2016-07-18 17:22:49 +10:00
Darren Tucker eac1bbd068 Conditionally include err.h. 2016-07-18 17:12:22 +10:00
Darren Tucker 0a45414756 Remove local implementation of err, errx.
We now have a shared implementation in libopenbsd-compat.
2016-07-18 16:27:26 +10:00
djm@openbsd.org eb999a4590 upstream commit
Add some unsigned overflow checks for extra_pad. None of
these are reachable with the amount of padding that we use internally.
bz#2566, pointed out by Torben Hansen. ok markus@

Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76
2016-07-18 16:11:46 +10:00
Darren Tucker c71ba790c3 Add dependency on libs for unit tests.
Makes "./configure && make tests" work again.  ok djm@
2016-07-18 15:43:25 +10:00
Darren Tucker 8199d0311a Correct location for kexfuzz in clean target. 2016-07-18 13:47:39 +10:00
Darren Tucker 01558b7b07 Handle PAM_MAXTRIES from modules.
bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer
password and keyboard-interative authentication methods.  Should prevent
"sshd ignoring max retries" warnings in the log.  ok djm@

It probably won't trigger with keyboard-interactive in the default
configuration because the retry counter is stored in module-private
storage which goes away with the sshd PAM process (see bz#688).  On the
other hand, those cases probably won't log a warning either.
2016-07-18 09:33:25 +10:00
djm@openbsd.org 65c6c6b567 upstream commit
support UTF-8 characters in ssh(1) banners using
schwarze@'s safe fmprintf printer; bz#2058

feedback schwarze@ ok dtucker@

Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
2016-07-17 14:21:38 +10:00
jmc@openbsd.org e4eb7d9109 upstream commit
- add proxyjump to the options list - formatting fixes -
update usage()

ok djm

Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
2016-07-17 14:21:09 +10:00
dtucker@openbsd.org af1f084857 upstream commit
Reduce the syslog level of some relatively common protocol
events from LOG_CRIT by replacing fatal() calls with logdie().  Part of
bz#2585, ok djm@

Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5
2016-07-15 20:54:55 +10:00
Damien Miller bd5f2b78b6 missing openssl/dh.h 2016-07-15 20:02:27 +10:00
Damien Miller 4a984fd342 cast to avoid type warning in error message 2016-07-15 20:02:27 +10:00
Darren Tucker 5abfb15ced Move VA_COPY macro into compat header.
Some AIX compilers unconditionally undefine va_copy but don't set it back
to an internal function, causing link errors.  In some compat code we
already use VA_COPY instead so move the two existing instances into the
shared header and use for sshbuf-getput-basic.c too.  Should fix building
with at lease some versions of AIX's compiler.  bz#2589, ok djm@
2016-07-15 14:54:16 +10:00