diff options
| author | Colin Watson <cjwatson@debian.org> | 2010-03-31 10:46:28 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2010-03-31 10:46:28 +0100 |
| commit | efd3d4522636ae029488c2e9730b60c88e257d2e (patch) | |
| tree | 31e02ac3f16090ce8c53448677356b2b7f423683 /servconf.c | |
| parent | bbec4db36d464ea1d464a707625125f9fd5c7b5e (diff) | |
| parent | d1a87e462e1db89f19cd960588d0c6b287cb5ccc (diff) | |
* New upstream release (LP: #535029).
- After a transition period of about 10 years, this release disables SSH
protocol 1 by default. Clients and servers that need to use the
legacy protocol must explicitly enable it in ssh_config / sshd_config
or on the command-line.
- Remove the libsectok/OpenSC-based smartcard code and add support for
PKCS#11 tokens. This support is enabled by default in the Debian
packaging, since it now doesn't involve additional library
dependencies (closes: #231472, LP: #16918).
- Add support for certificate authentication of users and hosts using a
new, minimal OpenSSH certificate format (closes: #482806).
- Added a 'netcat mode' to ssh(1): "ssh -W host:port ...".
- Add the ability to revoke keys in sshd(8) and ssh(1). (For the Debian
package, this overlaps with the key blacklisting facility added in
openssh 1:4.7p1-9, but with different file formats and slightly
different scopes; for the moment, I've roughly merged the two.)
- Various multiplexing improvements, including support for requesting
port-forwardings via the multiplex protocol (closes: #360151).
- Allow setting an explicit umask on the sftp-server(8) commandline to
override whatever default the user has (closes: #496843).
- Many sftp client improvements, including tab-completion, more options,
and recursive transfer support for get/put (LP: #33378). The old
mget/mput commands never worked properly and have been removed
(closes: #270399, #428082).
- Do not prompt for a passphrase if we fail to open a keyfile, and log
the reason why the open failed to debug (closes: #431538).
- Prevent sftp from crashing when given a "-" without a command. Also,
allow whitespace to follow a "-" (closes: #531561).
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 57 |
1 files changed, 53 insertions, 4 deletions
diff --git a/servconf.c b/servconf.c index 55b56e59e..62417def7 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.c,v 1.195 2009/04/14 21:10:54 jj Exp $ */ | 1 | /* $OpenBSD: servconf.c,v 1.204 2010/03/04 10:36:03 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -65,6 +65,7 @@ initialize_server_options(ServerOptions *options) | |||
| 65 | options->listen_addrs = NULL; | 65 | options->listen_addrs = NULL; |
| 66 | options->address_family = -1; | 66 | options->address_family = -1; |
| 67 | options->num_host_key_files = 0; | 67 | options->num_host_key_files = 0; |
| 68 | options->num_host_cert_files = 0; | ||
| 68 | options->pid_file = NULL; | 69 | options->pid_file = NULL; |
| 69 | options->server_key_bits = -1; | 70 | options->server_key_bits = -1; |
| 70 | options->login_grace_time = -1; | 71 | options->login_grace_time = -1; |
| @@ -132,6 +133,8 @@ initialize_server_options(ServerOptions *options) | |||
| 132 | options->adm_forced_command = NULL; | 133 | options->adm_forced_command = NULL; |
| 133 | options->chroot_directory = NULL; | 134 | options->chroot_directory = NULL; |
| 134 | options->zero_knowledge_password_authentication = -1; | 135 | options->zero_knowledge_password_authentication = -1; |
| 136 | options->revoked_keys_file = NULL; | ||
| 137 | options->trusted_user_ca_keys = NULL; | ||
| 135 | options->debian_banner = -1; | 138 | options->debian_banner = -1; |
| 136 | } | 139 | } |
| 137 | 140 | ||
| @@ -144,7 +147,7 @@ fill_default_server_options(ServerOptions *options) | |||
| 144 | 147 | ||
| 145 | /* Standard Options */ | 148 | /* Standard Options */ |
| 146 | if (options->protocol == SSH_PROTO_UNKNOWN) | 149 | if (options->protocol == SSH_PROTO_UNKNOWN) |
| 147 | options->protocol = SSH_PROTO_1|SSH_PROTO_2; | 150 | options->protocol = SSH_PROTO_2; |
| 148 | if (options->num_host_key_files == 0) { | 151 | if (options->num_host_key_files == 0) { |
| 149 | /* fill default hostkeys for protocols */ | 152 | /* fill default hostkeys for protocols */ |
| 150 | if (options->protocol & SSH_PROTO_1) | 153 | if (options->protocol & SSH_PROTO_1) |
| @@ -157,6 +160,7 @@ fill_default_server_options(ServerOptions *options) | |||
| 157 | _PATH_HOST_DSA_KEY_FILE; | 160 | _PATH_HOST_DSA_KEY_FILE; |
| 158 | } | 161 | } |
| 159 | } | 162 | } |
| 163 | /* No certificates by default */ | ||
| 160 | if (options->num_ports == 0) | 164 | if (options->num_ports == 0) |
| 161 | options->ports[options->num_ports++] = SSH_DEFAULT_PORT; | 165 | options->ports[options->num_ports++] = SSH_DEFAULT_PORT; |
| 162 | if (options->listen_addrs == NULL) | 166 | if (options->listen_addrs == NULL) |
| @@ -322,7 +326,8 @@ typedef enum { | |||
| 322 | sAcceptEnv, sPermitTunnel, | 326 | sAcceptEnv, sPermitTunnel, |
| 323 | sMatch, sPermitOpen, sForceCommand, sChrootDirectory, | 327 | sMatch, sPermitOpen, sForceCommand, sChrootDirectory, |
| 324 | sUsePrivilegeSeparation, sAllowAgentForwarding, | 328 | sUsePrivilegeSeparation, sAllowAgentForwarding, |
| 325 | sZeroKnowledgePasswordAuthentication, | 329 | sZeroKnowledgePasswordAuthentication, sHostCertificate, |
| 330 | sRevokedKeys, sTrustedUserCAKeys, | ||
| 326 | sDebianBanner, | 331 | sDebianBanner, |
| 327 | sDeprecated, sUnsupported | 332 | sDeprecated, sUnsupported |
| 328 | } ServerOpCodes; | 333 | } ServerOpCodes; |
| @@ -453,6 +458,9 @@ static struct { | |||
| 453 | { "permitopen", sPermitOpen, SSHCFG_ALL }, | 458 | { "permitopen", sPermitOpen, SSHCFG_ALL }, |
| 454 | { "forcecommand", sForceCommand, SSHCFG_ALL }, | 459 | { "forcecommand", sForceCommand, SSHCFG_ALL }, |
| 455 | { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, | 460 | { "chrootdirectory", sChrootDirectory, SSHCFG_ALL }, |
| 461 | { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, | ||
| 462 | { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, | ||
| 463 | { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, | ||
| 456 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, | 464 | { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, |
| 457 | { NULL, sBadOption, 0 } | 465 | { NULL, sBadOption, 0 } |
| 458 | }; | 466 | }; |
| @@ -489,6 +497,22 @@ parse_token(const char *cp, const char *filename, | |||
| 489 | return sBadOption; | 497 | return sBadOption; |
| 490 | } | 498 | } |
| 491 | 499 | ||
| 500 | char * | ||
| 501 | derelativise_path(const char *path) | ||
| 502 | { | ||
| 503 | char *expanded, *ret, *cwd; | ||
| 504 | |||
| 505 | expanded = tilde_expand_filename(path, getuid()); | ||
| 506 | if (*expanded == '/') | ||
| 507 | return expanded; | ||
| 508 | if ((cwd = getcwd(NULL, 0)) == NULL) | ||
| 509 | fatal("%s: getcwd: %s", __func__, strerror(errno)); | ||
| 510 | xasprintf(&ret, "%s/%s", cwd, expanded); | ||
| 511 | xfree(cwd); | ||
| 512 | xfree(expanded); | ||
| 513 | return ret; | ||
| 514 | } | ||
| 515 | |||
| 492 | static void | 516 | static void |
| 493 | add_listen_addr(ServerOptions *options, char *addr, int port) | 517 | add_listen_addr(ServerOptions *options, char *addr, int port) |
| 494 | { | 518 | { |
| @@ -823,13 +847,23 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 823 | fatal("%s line %d: missing file name.", | 847 | fatal("%s line %d: missing file name.", |
| 824 | filename, linenum); | 848 | filename, linenum); |
| 825 | if (*activep && *charptr == NULL) { | 849 | if (*activep && *charptr == NULL) { |
| 826 | *charptr = tilde_expand_filename(arg, getuid()); | 850 | *charptr = derelativise_path(arg); |
| 827 | /* increase optional counter */ | 851 | /* increase optional counter */ |
| 828 | if (intptr != NULL) | 852 | if (intptr != NULL) |
| 829 | *intptr = *intptr + 1; | 853 | *intptr = *intptr + 1; |
| 830 | } | 854 | } |
| 831 | break; | 855 | break; |
| 832 | 856 | ||
| 857 | case sHostCertificate: | ||
| 858 | intptr = &options->num_host_cert_files; | ||
| 859 | if (*intptr >= MAX_HOSTKEYS) | ||
| 860 | fatal("%s line %d: too many host certificates " | ||
| 861 | "specified (max %d).", filename, linenum, | ||
| 862 | MAX_HOSTCERTS); | ||
| 863 | charptr = &options->host_cert_files[*intptr]; | ||
| 864 | goto parse_filename; | ||
| 865 | break; | ||
| 866 | |||
| 833 | case sPidFile: | 867 | case sPidFile: |
| 834 | charptr = &options->pid_file; | 868 | charptr = &options->pid_file; |
| 835 | goto parse_filename; | 869 | goto parse_filename; |
| @@ -1340,6 +1374,14 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1340 | *charptr = xstrdup(arg); | 1374 | *charptr = xstrdup(arg); |
| 1341 | break; | 1375 | break; |
| 1342 | 1376 | ||
| 1377 | case sTrustedUserCAKeys: | ||
| 1378 | charptr = &options->trusted_user_ca_keys; | ||
| 1379 | goto parse_filename; | ||
| 1380 | |||
| 1381 | case sRevokedKeys: | ||
| 1382 | charptr = &options->revoked_keys_file; | ||
| 1383 | goto parse_filename; | ||
| 1384 | |||
| 1343 | case sDebianBanner: | 1385 | case sDebianBanner: |
| 1344 | intptr = &options->debian_banner; | 1386 | intptr = &options->debian_banner; |
| 1345 | goto parse_int; | 1387 | goto parse_int; |
| @@ -1458,6 +1500,8 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) | |||
| 1458 | return; | 1500 | return; |
| 1459 | M_CP_STROPT(adm_forced_command); | 1501 | M_CP_STROPT(adm_forced_command); |
| 1460 | M_CP_STROPT(chroot_directory); | 1502 | M_CP_STROPT(chroot_directory); |
| 1503 | M_CP_STROPT(trusted_user_ca_keys); | ||
| 1504 | M_CP_STROPT(revoked_keys_file); | ||
| 1461 | } | 1505 | } |
| 1462 | 1506 | ||
| 1463 | #undef M_CP_INTOPT | 1507 | #undef M_CP_INTOPT |
| @@ -1680,6 +1724,9 @@ dump_config(ServerOptions *o) | |||
| 1680 | dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file); | 1724 | dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file); |
| 1681 | dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2); | 1725 | dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2); |
| 1682 | dump_cfg_string(sForceCommand, o->adm_forced_command); | 1726 | dump_cfg_string(sForceCommand, o->adm_forced_command); |
| 1727 | dump_cfg_string(sChrootDirectory, o->chroot_directory); | ||
| 1728 | dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); | ||
| 1729 | dump_cfg_string(sRevokedKeys, o->revoked_keys_file); | ||
| 1683 | 1730 | ||
| 1684 | /* string arguments requiring a lookup */ | 1731 | /* string arguments requiring a lookup */ |
| 1685 | dump_cfg_string(sLogLevel, log_level_name(o->log_level)); | 1732 | dump_cfg_string(sLogLevel, log_level_name(o->log_level)); |
| @@ -1688,6 +1735,8 @@ dump_config(ServerOptions *o) | |||
| 1688 | /* string array arguments */ | 1735 | /* string array arguments */ |
| 1689 | dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, | 1736 | dump_cfg_strarray(sHostKeyFile, o->num_host_key_files, |
| 1690 | o->host_key_files); | 1737 | o->host_key_files); |
| 1738 | dump_cfg_strarray(sHostKeyFile, o->num_host_cert_files, | ||
| 1739 | o->host_cert_files); | ||
| 1691 | dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); | 1740 | dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users); |
| 1692 | dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); | 1741 | dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users); |
| 1693 | dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); | 1742 | dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups); |