POSIX and ANSI C require that applications call fseek or similar between
read and writing to a RW file. OpenBSD doesn't enforce this, but some
(System V derived) platforms need this to prevent it from writing a
spurious extra byte (in this case, a newline). ok djm@ deraadt@
OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
to set this was removed in OpenSSH 7.7 when support for SSH implementations
dating back to before RFC standardization were removed. "burn it all" djm@
OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
was previously set for OpenSSH 2.3 (released in 2000) but this check was
removed in OpenSSH 7.7 (2018). ok djm@ deraadt@
OpenBSD-Commit-ID: 326426ea328707fc9e83305291ab135c87f678af
since it's only applicable to SSH1 and thus no longer used. ok markus@
"kill it with fire" djm@
OpenBSD-Commit-ID: ea13318b1937795d9db4790d3ce0a6ed01584dab
Check if flags to mmap and madvise are defined before using them.
Should fix problems building on older Linux systems that don't have
these. bz#3537, with & ok djm@.
-Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm
selection. bz3493 ok dtucker@
OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
effective configuration without attempting to load private keys and perform
other checks. This allows usage of the option before keys have been
generated.
bz3460 feedback/ok dtucker@
OpenBSD-Commit-ID: 774504f629023fc25a559ab1d95401adb3a7fb29
so the recently-added ones will result in the test not cleaning up
after itself. Patch from cjwatson at debian.org vi bz#3536.
OpenBSD-Regress-ID: 1fc8283568f5bf2f918517c2c1e778072cf61b1a
Linux mmap(2) and madvise(2) syscalls support quite a number of funky
flags that we don't expect that sshd/libc will ever need. We can
exclude this kernel attack surface by filtering the mmap(2) flags
and the madvise(2) advice arguments.
Similarly, the sandboxed process in sshd is a single-threaded program
that does not use shared memory for synchronisation or communication.
Therefore, there should be no reason for the advanced priority
inheritance futex(2) operations to be necessary. These can also be
excluded.
Motivated by Jann Horn pointing out that there have been kernel bugs
in nearby Linux kernel code, e.g. CVE-2020-29368, CVE-2020-29374 and
CVE-2022-42703.
Feedback Jann Horn, ok dtucker@
Minix 3's Unix domain sockets don't seem to work the way we expect, so
skip connection-timeout test on that platform. While there, group
together all similarly skipped tests and explicitly comment.
../Makefile.inc and Makfile are concatenated for reuse, which hopefully won't
be too fragile, we'll see if we need a different approach. The resulting sshd
binary is tested with the new sshd -V option before installation. As the
binary layout is now semi-unknown (meaning relative, fixed, and gadget
offsets are not precisely known), change the filesystem permissions to 511 to
prevent what I call "logged in BROP". I have ideas for improving this further
but this is a first step ok djm
OpenBSD-Commit-ID: 1e0a2692b7e20b126dda60bf04999d1d30d959d8
exactly the flags that ssh started with and don't just clobber them with
zero, as this could also remove the append flag from the set;
bz3523; ok dtucker@
OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
again. This was missed when the fallthrough in the switch case above it was
removed. OK deraadt@
OpenBSD-Commit-ID: 5583e5d8f6d62a8a4215cfa95a69932f344c8120
client connections that have no open channels for some length of time. This
complements the recently-added ChannelTimeout option that terminates inactive
channels after a timeout.
ok markus@
OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
Darren Tucker
djm@openbsd.org
dtucker@openbsd.org
Mayank Sharma
Damien Miller
jmc@openbsd.org
deraadt@openbsd.org
millert@openbsd.org