* New upstream release (http://www.openssh.org/txt/release-5.9).

- Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. - Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt. - The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot (closes: #75043, #429243, #599240). - ssh(1) now warns when a server refuses X11 forwarding (closes: #504757). - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace (closes: #76312). The authorized_keys2 fallback is deprecated but documented (closes: #560156). - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4 ToS/DSCP (closes: #498297). - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" (closes: #229124). - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691). - Say "required" rather than "recommended" in unprotected-private-key warning (LP: #663455).
author: Colin Watson <cjwatson@debian.org> 2011-09-06 14:56:29 +0100
committer: Colin Watson <cjwatson@debian.org> 2011-09-06 14:56:29 +0100
commit: 978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree: 89400a44e42d84937deba7864e4964d6c7734da5 /monitor_wrap.c
parent: 87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent: 3a7e89697ca363de0f64e0d5704c57219294e41c (diff)
1 files changed, 42 insertions, 4 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index d69e4cce7..f46be660d 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.70 2010/08/31 11:54:45 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.73 2011/06/17 21:44:31 djm Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -88,6 +88,32 @@ extern struct monitor *pmonitor;
 extern Buffer loginmsg;
 extern ServerOptions options;
+void
+mm_log_handler(LogLevel level, const char *msg, void *ctx)
+{
+        Buffer log_msg;
+        struct monitor *mon = (struct monitor *)ctx;
+        if (mon->m_log_sendfd == -1)
+                fatal("%s: no log channel", __func__);
+        buffer_init(&log_msg);
+        /*
+         * Placeholder for packet length. Will be filled in with the actual
+         * packet length once the packet has been constucted. This saves
+         * fragile math.
+         */
+        buffer_put_int(&log_msg, 0);
+        buffer_put_int(&log_msg, level);
+        buffer_put_cstring(&log_msg, msg);
+        put_u32(buffer_ptr(&log_msg), buffer_len(&log_msg) - 4);
+        if (atomicio(vwrite, mon->m_log_sendfd, buffer_ptr(&log_msg),
+            buffer_len(&log_msg)) != buffer_len(&log_msg))
+                fatal("%s: write: %s", __func__, strerror(errno));
+        buffer_free(&log_msg);
+}
 int
 mm_is_monitor(void)
 {
@@ -211,7 +237,7 @@ mm_getpwnamallow(const char *username)
 {
        Buffer m;
        struct passwd *pw;
-        u_int len;
+        u_int len, i;
        ServerOptions *newopts;
        debug3("%s entering", __func__);
@@ -245,8 +271,20 @@ out:
        newopts = buffer_get_string(&m, &len);
        if (len != sizeof(*newopts))
                fatal("%s: option block size mismatch", __func__);
-        if (newopts->banner != NULL)
-                newopts->banner = buffer_get_string(&m, NULL);
+#define M_CP_STROPT(x) do { \
+                if (newopts->x != NULL) \
+                        newopts->x = buffer_get_string(&m, NULL); \
+        } while (0)
+#define M_CP_STRARRAYOPT(x, nx) do { \
+                for (i = 0; i < newopts->nx; i++) \
+                        newopts->x[i] = buffer_get_string(&m, NULL); \
+        } while (0)
+        /* See comment in servconf.h */
+        COPY_MATCH_STRING_OPTS();
+#undef M_CP_STROPT
+#undef M_CP_STRARRAYOPT
        copy_set_server_options(&options, newopts, 1);
        xfree(newopts);
author	Colin Watson <cjwatson@debian.org>	2011-09-06 14:56:29 +0100
committer	Colin Watson <cjwatson@debian.org>	2011-09-06 14:56:29 +0100
commit	978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree	89400a44e42d84937deba7864e4964d6c7734da5 /monitor_wrap.c
parent	87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent	3a7e89697ca363de0f64e0d5704c57219294e41c (diff)

diff --git a/monitor_wrap.c b/monitor_wrap.c index d69e4cce7..f46be660d 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor_wrap.c,v 1.70 2010/08/31 11:54:45 djm Exp $ */	1	/* $OpenBSD: monitor_wrap.c,v 1.73 2011/06/17 21:44:31 djm Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -88,6 +88,32 @@ extern struct monitor *pmonitor;
88	extern Buffer loginmsg;	88	extern Buffer loginmsg;
89	extern ServerOptions options;	89	extern ServerOptions options;
90		90
		91	void
		92	mm_log_handler(LogLevel level, const char msg, void ctx)
		93	{
		94	Buffer log_msg;
		95	struct monitor mon = (struct monitor )ctx;
		96
		97	if (mon->m_log_sendfd == -1)
		98	fatal("%s: no log channel", __func__);
		99
		100	buffer_init(&log_msg);
		101	/*
		102	* Placeholder for packet length. Will be filled in with the actual
		103	* packet length once the packet has been constucted. This saves
		104	* fragile math.
		105	*/
		106	buffer_put_int(&log_msg, 0);
		107
		108	buffer_put_int(&log_msg, level);
		109	buffer_put_cstring(&log_msg, msg);
		110	put_u32(buffer_ptr(&log_msg), buffer_len(&log_msg) - 4);
		111	if (atomicio(vwrite, mon->m_log_sendfd, buffer_ptr(&log_msg),
		112	buffer_len(&log_msg)) != buffer_len(&log_msg))
		113	fatal("%s: write: %s", __func__, strerror(errno));
		114	buffer_free(&log_msg);
		115	}
		116
91	int	117	int
92	mm_is_monitor(void)	118	mm_is_monitor(void)
93	{	119	{
@@ -211,7 +237,7 @@ mm_getpwnamallow(const char *username)
211	{	237	{
212	Buffer m;	238	Buffer m;
213	struct passwd *pw;	239	struct passwd *pw;
214	u_int len;	240	u_int len, i;
215	ServerOptions *newopts;	241	ServerOptions *newopts;
216		242
217	debug3("%s entering", __func__);	243	debug3("%s entering", __func__);
@@ -245,8 +271,20 @@ out:
245	newopts = buffer_get_string(&m, &len);	271	newopts = buffer_get_string(&m, &len);
246	if (len != sizeof(*newopts))	272	if (len != sizeof(*newopts))
247	fatal("%s: option block size mismatch", __func__);	273	fatal("%s: option block size mismatch", __func__);
248	if (newopts->banner != NULL)	274
249	newopts->banner = buffer_get_string(&m, NULL);	275	#define M_CP_STROPT(x) do { \
		276	if (newopts->x != NULL) \
		277	newopts->x = buffer_get_string(&m, NULL); \
		278	} while (0)
		279	#define M_CP_STRARRAYOPT(x, nx) do { \
		280	for (i = 0; i < newopts->nx; i++) \
		281	newopts->x[i] = buffer_get_string(&m, NULL); \
		282	} while (0)
		283	/* See comment in servconf.h */
		284	COPY_MATCH_STRING_OPTS();
		285	#undef M_CP_STROPT
		286	#undef M_CP_STRARRAYOPT
		287
250	copy_set_server_options(&options, newopts, 1);	288	copy_set_server_options(&options, newopts, 1);
251	xfree(newopts);	289	xfree(newopts);
252		290