diff options
| author | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
| commit | c3e531b12b2335b7fa5a6bcc9a309d3c523ff64b (patch) | |
| tree | b72c0867348e7e7914d64af6fc5e25c728922e03 /clientloop.c | |
| parent | 6b222fdf3cb54c11a446df38e027fe7acf2220cb (diff) | |
| parent | 70847d299887abb96f8703ca99db6d817b78960e (diff) | |
* New upstream release (closes: #453367).
- CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if
creation of an untrusted cookie fails; found and fixed by Jan Pechanec
(closes: #444738).
- sshd(8) in new installations defaults to SSH Protocol 2 only. Existing
installations are unchanged.
- The SSH channel window size has been increased, and both ssh(1)
sshd(8) now send window updates more aggressively. These improves
performance on high-BDP (Bandwidth Delay Product) networks.
- ssh(1) and sshd(8) now preserve MAC contexts between packets, which
saves 2 hash calls per packet and results in 12-16% speedup for
arcfour256/hmac-md5.
- A new MAC algorithm has been added, UMAC-64 (RFC4418) as
"umac-64@openssh.com". UMAC-64 has been measured to be approximately
20% faster than HMAC-MD5.
- Failure to establish a ssh(1) TunnelForward is now treated as a fatal
error when the ExitOnForwardFailure option is set.
- ssh(1) returns a sensible exit status if the control master goes away
without passing the full exit status.
- When using a ProxyCommand in ssh(1), set the outgoing hostname with
gethostname(2), allowing hostbased authentication to work.
- Make scp(1) skip FIFOs rather than hanging (closes: #246774).
- Encode non-printing characters in scp(1) filenames. These could cause
copies to be aborted with a "protocol error".
- Handle SIGINT in sshd(8) privilege separation child process to ensure
that wtmp and lastlog records are correctly updated.
- Report GSSAPI mechanism in errors, for libraries that support multiple
mechanisms.
- Improve documentation for ssh-add(1)'s -d option.
- Rearrange and tidy GSSAPI code, removing server-only code being linked
into the client.
- Delay execution of ssh(1)'s LocalCommand until after all forwardings
have been established.
- In scp(1), do not truncate non-regular files.
- Improve exit message from ControlMaster clients.
- Prevent sftp-server(8) from reading until it runs out of buffer space,
whereupon it would exit with a fatal error (closes: #365541).
- pam_end() was not being called if authentication failed
(closes: #405041).
- Manual page datestamps updated (closes: #433181).
Diffstat (limited to 'clientloop.c')
| -rw-r--r-- | clientloop.c | 89 |
1 files changed, 71 insertions, 18 deletions
diff --git a/clientloop.c b/clientloop.c index 766a4b3bf..aa8697900 100644 --- a/clientloop.c +++ b/clientloop.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: clientloop.c,v 1.178 2007/02/20 10:25:14 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.181 2007/08/15 08:14:46 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -290,19 +290,29 @@ client_x11_get_proto(const char *display, const char *xauth_path, | |||
| 290 | generated = 1; | 290 | generated = 1; |
| 291 | } | 291 | } |
| 292 | } | 292 | } |
| 293 | snprintf(cmd, sizeof(cmd), | 293 | |
| 294 | "%s %s%s list %s 2>" _PATH_DEVNULL, | 294 | /* |
| 295 | xauth_path, | 295 | * When in untrusted mode, we read the cookie only if it was |
| 296 | generated ? "-f " : "" , | 296 | * successfully generated as an untrusted one in the step |
| 297 | generated ? xauthfile : "", | 297 | * above. |
| 298 | display); | 298 | */ |
| 299 | debug2("x11_get_proto: %s", cmd); | 299 | if (trusted || generated) { |
| 300 | f = popen(cmd, "r"); | 300 | snprintf(cmd, sizeof(cmd), |
| 301 | if (f && fgets(line, sizeof(line), f) && | 301 | "%s %s%s list %s 2>" _PATH_DEVNULL, |
| 302 | sscanf(line, "%*s %511s %511s", proto, data) == 2) | 302 | xauth_path, |
| 303 | got_data = 1; | 303 | generated ? "-f " : "" , |
| 304 | if (f) | 304 | generated ? xauthfile : "", |
| 305 | pclose(f); | 305 | display); |
| 306 | debug2("x11_get_proto: %s", cmd); | ||
| 307 | f = popen(cmd, "r"); | ||
| 308 | if (f && fgets(line, sizeof(line), f) && | ||
| 309 | sscanf(line, "%*s %511s %511s", proto, data) == 2) | ||
| 310 | got_data = 1; | ||
| 311 | if (f) | ||
| 312 | pclose(f); | ||
| 313 | } else | ||
| 314 | error("Warning: untrusted X11 forwarding setup failed: " | ||
| 315 | "xauth key data not generated"); | ||
| 306 | } | 316 | } |
| 307 | 317 | ||
| 308 | if (do_unlink) { | 318 | if (do_unlink) { |
| @@ -940,7 +950,7 @@ process_cmdline(void) | |||
| 940 | cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); | 950 | cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); |
| 941 | if (s == NULL) | 951 | if (s == NULL) |
| 942 | goto out; | 952 | goto out; |
| 943 | while (*s && isspace(*s)) | 953 | while (isspace(*s)) |
| 944 | s++; | 954 | s++; |
| 945 | if (*s == '-') | 955 | if (*s == '-') |
| 946 | s++; /* Skip cmdline '-', if any */ | 956 | s++; /* Skip cmdline '-', if any */ |
| @@ -987,9 +997,8 @@ process_cmdline(void) | |||
| 987 | goto out; | 997 | goto out; |
| 988 | } | 998 | } |
| 989 | 999 | ||
| 990 | s++; | 1000 | while (isspace(*++s)) |
| 991 | while (*s && isspace(*s)) | 1001 | ; |
| 992 | s++; | ||
| 993 | 1002 | ||
| 994 | if (delete) { | 1003 | if (delete) { |
| 995 | cancel_port = 0; | 1004 | cancel_port = 0; |
| @@ -1781,6 +1790,50 @@ client_request_agent(const char *request_type, int rchan) | |||
| 1781 | return c; | 1790 | return c; |
| 1782 | } | 1791 | } |
| 1783 | 1792 | ||
| 1793 | int | ||
| 1794 | client_request_tun_fwd(int tun_mode, int local_tun, int remote_tun) | ||
| 1795 | { | ||
| 1796 | Channel *c; | ||
| 1797 | int fd; | ||
| 1798 | |||
| 1799 | if (tun_mode == SSH_TUNMODE_NO) | ||
| 1800 | return 0; | ||
| 1801 | |||
| 1802 | if (!compat20) { | ||
| 1803 | error("Tunnel forwarding is not support for protocol 1"); | ||
| 1804 | return -1; | ||
| 1805 | } | ||
| 1806 | |||
| 1807 | debug("Requesting tun unit %d in mode %d", local_tun, tun_mode); | ||
| 1808 | |||
| 1809 | /* Open local tunnel device */ | ||
| 1810 | if ((fd = tun_open(local_tun, tun_mode)) == -1) { | ||
| 1811 | error("Tunnel device open failed."); | ||
| 1812 | return -1; | ||
| 1813 | } | ||
| 1814 | |||
| 1815 | c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1, | ||
| 1816 | CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); | ||
| 1817 | c->datagram = 1; | ||
| 1818 | |||
| 1819 | #if defined(SSH_TUN_FILTER) | ||
| 1820 | if (options.tun_open == SSH_TUNMODE_POINTOPOINT) | ||
| 1821 | channel_register_filter(c->self, sys_tun_infilter, | ||
| 1822 | sys_tun_outfilter); | ||
| 1823 | #endif | ||
| 1824 | |||
| 1825 | packet_start(SSH2_MSG_CHANNEL_OPEN); | ||
| 1826 | packet_put_cstring("tun@openssh.com"); | ||
| 1827 | packet_put_int(c->self); | ||
| 1828 | packet_put_int(c->local_window_max); | ||
| 1829 | packet_put_int(c->local_maxpacket); | ||
| 1830 | packet_put_int(tun_mode); | ||
| 1831 | packet_put_int(remote_tun); | ||
| 1832 | packet_send(); | ||
| 1833 | |||
| 1834 | return 0; | ||
| 1835 | } | ||
| 1836 | |||
| 1784 | /* XXXX move to generic input handler */ | 1837 | /* XXXX move to generic input handler */ |
| 1785 | static void | 1838 | static void |
| 1786 | client_input_channel_open(int type, u_int32_t seq, void *ctxt) | 1839 | client_input_channel_open(int type, u_int32_t seq, void *ctxt) |