summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3200
-rw-r--r--Makefile.in72
-rw-r--r--README2
-rw-r--r--README.platform3
-rw-r--r--auth-bsdauth.c4
-rw-r--r--auth-krb5.c4
-rw-r--r--auth-options.c111
-rw-r--r--auth-pam.c3
-rw-r--r--auth.h4
-rw-r--r--auth2-pubkey.c36
-rw-r--r--authfd.c20
-rw-r--r--authfd.h6
-rw-r--r--authfile.c27
-rw-r--r--channels.c16
-rw-r--r--cipher.c5
-rw-r--r--clientloop.c195
-rw-r--r--clientloop.h4
-rw-r--r--config.h.in27
-rwxr-xr-xconfigure735
-rw-r--r--configure.ac75
-rw-r--r--contrib/redhat/openssh.spec7
-rw-r--r--contrib/ssh-copy-id53
-rw-r--r--contrib/ssh-copy-id.15
-rw-r--r--contrib/suse/openssh.spec2
-rw-r--r--defines.h7
-rw-r--r--dh.h9
-rw-r--r--includes.h6
-rw-r--r--kex.c168
-rw-r--r--kex.h13
-rw-r--r--kexc25519s.c6
-rw-r--r--kexdhs.c6
-rw-r--r--kexecdhs.c6
-rw-r--r--kexgexs.c6
-rw-r--r--key.c6
-rw-r--r--key.h5
-rw-r--r--krl.c23
-rw-r--r--krl.h3
-rw-r--r--loginrec.c3
-rw-r--r--misc.c58
-rw-r--r--moduli.02
-rw-r--r--monitor.c39
-rw-r--r--monitor_wrap.c6
-rw-r--r--monitor_wrap.h4
-rw-r--r--mux.c34
-rw-r--r--myproposal.h23
-rw-r--r--opacket.c12
-rw-r--r--opacket.h4
-rw-r--r--openbsd-compat/bsd-misc.c8
-rw-r--r--openbsd-compat/bsd-misc.h4
-rw-r--r--openbsd-compat/bsd-poll.h4
-rw-r--r--openbsd-compat/glob.c1
-rw-r--r--openbsd-compat/glob.h8
-rw-r--r--openbsd-compat/openbsd-compat.h1
-rw-r--r--openbsd-compat/port-solaris.c136
-rw-r--r--openbsd-compat/port-solaris.h6
-rw-r--r--openbsd-compat/realpath.c61
-rw-r--r--packet.c366
-rw-r--r--packet.h11
-rw-r--r--platform-pledge.c71
-rw-r--r--platform.h5
-rw-r--r--readconf.c110
-rw-r--r--readconf.h12
-rw-r--r--readpass.c4
-rw-r--r--regress/Makefile5
-rw-r--r--regress/agent-ptrace.sh5
-rw-r--r--regress/cert-file.sh138
-rw-r--r--regress/check-perm.c205
-rw-r--r--regress/dhgex.sh6
-rw-r--r--regress/hostkey-rotate.sh20
-rw-r--r--regress/keys-command.sh6
-rw-r--r--regress/keyscan.sh4
-rw-r--r--regress/limit-keytype.sh37
-rw-r--r--regress/principals-command.sh7
-rw-r--r--regress/proxy-connect.sh5
-rw-r--r--regress/rekey.sh6
-rw-r--r--regress/setuid-allowed.c2
-rw-r--r--regress/sftp-chroot.sh5
-rw-r--r--regress/unittests/sshkey/test_file.c42
-rw-r--r--regress/unittests/sshkey/test_fuzz.c102
-rw-r--r--regress/unittests/sshkey/test_sshkey.c46
-rw-r--r--roaming.h45
-rw-r--r--roaming_client.c271
-rw-r--r--roaming_common.c241
-rw-r--r--roaming_dummy.c72
-rw-r--r--roaming_serv.c31
-rw-r--r--sandbox-pledge.c77
-rw-r--r--sandbox-seccomp-filter.c3
-rw-r--r--sandbox-solaris.c108
-rw-r--r--sandbox-systrace.c36
-rw-r--r--scp.03
-rw-r--r--scp.15
-rw-r--r--scp.c14
-rw-r--r--servconf.c59
-rw-r--r--serverloop.c31
-rw-r--r--session.c52
-rw-r--r--sftp-client.c22
-rw-r--r--sftp-client.h6
-rw-r--r--sftp-server-main.c4
-rw-r--r--sftp-server.02
-rw-r--r--sftp-server.c12
-rw-r--r--sftp.03
-rw-r--r--sftp.15
-rw-r--r--sftp.c3
-rw-r--r--ssh-add.02
-rw-r--r--ssh-add.c35
-rw-r--r--ssh-agent.014
-rw-r--r--ssh-agent.115
-rw-r--r--ssh-agent.c26
-rw-r--r--ssh-dss.c11
-rw-r--r--ssh-ecdsa.c14
-rw-r--r--ssh-keygen.023
-rw-r--r--ssh-keygen.118
-rw-r--r--ssh-keygen.c366
-rw-r--r--ssh-keyscan.06
-rw-r--r--ssh-keyscan.18
-rw-r--r--ssh-keyscan.c71
-rw-r--r--ssh-keysign.05
-rw-r--r--ssh-keysign.86
-rw-r--r--ssh-keysign.c27
-rw-r--r--ssh-pkcs11-client.c4
-rw-r--r--ssh-pkcs11-helper.02
-rw-r--r--ssh-pkcs11-helper.c3
-rw-r--r--ssh-pkcs11.c8
-rw-r--r--ssh-rsa.c149
-rw-r--r--ssh.0114
-rw-r--r--ssh.197
-rw-r--r--ssh.c148
-rw-r--r--ssh.h10
-rw-r--r--ssh2.h10
-rw-r--r--ssh_api.c16
-rw-r--r--ssh_config6
-rw-r--r--ssh_config.0140
-rw-r--r--ssh_config.5143
-rw-r--r--sshbuf-getput-basic.c8
-rw-r--r--sshbuf.c8
-rw-r--r--sshbuf.h65
-rw-r--r--sshconnect.c75
-rw-r--r--sshconnect.h4
-rw-r--r--sshconnect1.c15
-rw-r--r--sshconnect2.c265
-rw-r--r--sshd.044
-rw-r--r--sshd.855
-rw-r--r--sshd.c76
-rw-r--r--sshd_config4
-rw-r--r--sshd_config.0128
-rw-r--r--sshd_config.564
-rw-r--r--ssherr.c4
-rw-r--r--sshkey.c210
-rw-r--r--sshkey.h17
-rw-r--r--sshlogin.c2
-rw-r--r--uidswap.c18
-rw-r--r--version.h6
-rw-r--r--xmalloc.c12
-rw-r--r--xmalloc.h3
154 files changed, 6545 insertions, 3654 deletions
diff --git a/ChangeLog b/ChangeLog
index 35a1a76b1..b01bb5642 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,22 +1,1895 @@
1commit c88ac102f0eb89f2eaa314cb2e2e0ca3c890c443 1commit 72b061d4ba0f909501c595d709ea76e06b01e5c9
2Author: Darren Tucker <dtucker@zip.com.au>
3Date: Fri Feb 26 14:40:04 2016 +1100
4
5 Add a note about using xlc on AIX.
6
7commit fd4e4f2416baa2e6565ea49d52aade296bad3e28
8Author: Darren Tucker <dtucker@zip.com.au>
9Date: Wed Feb 24 10:44:25 2016 +1100
10
11 Skip PrintLastLog in config dump mode.
12
13 When DISABLE_LASTLOG is set, do not try to include PrintLastLog in the
14 config dump since it'll be reported as UNKNOWN.
15
16commit 99135c764fa250801da5ec3b8d06cbd0111caae8
17Author: Damien Miller <djm@mindrot.org>
18Date: Tue Feb 23 20:17:23 2016 +1100
19
20 update spec/README versions ahead of release
21
22commit b86a334aaaa4d1e643eb1fd71f718573d6d948b5
23Author: Damien Miller <djm@mindrot.org>
24Date: Tue Feb 23 20:16:53 2016 +1100
25
26 put back portable patchlevel to p1
27
28commit 555dd35ff176847e3c6bd068ba2e8db4022eb24f
29Author: djm@openbsd.org <djm@openbsd.org>
30Date: Tue Feb 23 09:14:34 2016 +0000
31
32 upstream commit
33
34 openssh-7.2
35
36 Upstream-ID: 9db776b26014147fc907ece8460ef2bcb0f11e78
37
38commit 1acc058d0a7913838c830ed998a1a1fb5b7864bf
39Author: Damien Miller <djm@mindrot.org>
40Date: Tue Feb 23 16:12:13 2016 +1100
41
42 Disable tests where fs perms are incorrect
43
44 Some tests have strict requirements on the filesystem permissions
45 for certain files and directories. This adds a regress/check-perm
46 tool that copies the relevant logic from sshd to exactly test
47 the paths in question. This lets us skip tests when the local
48 filesystem doesn't conform to our expectations rather than
49 continuing and failing the test run.
50
51 ok dtucker@
52
53commit 39f303b1f36d934d8410b05625f25c7bcb75db4d
54Author: Damien Miller <djm@mindrot.org>
55Date: Tue Feb 23 12:56:59 2016 +1100
56
57 fix sandbox on OSX Lion
58
59 sshd was failing with:
60
61 ssh_sandbox_child: sandbox_init: dlopen(/usr/lib/libsandbox.1.dylib, 261):cw
62 image not found [preauth]
63
64 caused by chroot before sandboxing. Avoid by explicitly linking libsandbox
65 to sshd. Spotted by Darren.
66
67commit 0d1451a32c7436e6d3d482351e776bc5e7824ce4
68Author: djm@openbsd.org <djm@openbsd.org>
69Date: Tue Feb 23 01:34:14 2016 +0000
70
71 upstream commit
72
73 fix spurious error message when incorrect passphrase
74 entered for keys; reported by espie@ ok deraadt@
75
76 Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899
77
78commit 09d87d79741beb85768b5e788d7dfdf4bc3543dc
79Author: sobrado@openbsd.org <sobrado@openbsd.org>
80Date: Sat Feb 20 23:06:23 2016 +0000
81
82 upstream commit
83
84 set ssh(1) protocol version to 2 only.
85
86 ok djm@
87
88 Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10
89
90commit 9262e07826ba5eebf8423f7ac9e47ec488c47869
91Author: sobrado@openbsd.org <sobrado@openbsd.org>
92Date: Sat Feb 20 23:02:39 2016 +0000
93
94 upstream commit
95
96 add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to
97 IdentityFile.
98
99 ok djm@
100
101 Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf
102
103commit c12f0fdce8f985fca8d71829fd64c5b89dc777f5
104Author: sobrado@openbsd.org <sobrado@openbsd.org>
105Date: Sat Feb 20 23:01:46 2016 +0000
106
107 upstream commit
108
109 AddressFamily defaults to any.
110
111 ok djm@
112
113 Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c
114
115commit 907091acb188b1057d50c2158f74c3ecf1c2302b
116Author: Darren Tucker <dtucker@zip.com.au>
117Date: Fri Feb 19 09:05:39 2016 +1100
118
119 Make Solaris privs code build on older systems.
120
121 Not all systems with Solaris privs have priv_basicset so factor that
122 out and provide backward compatibility code. Similarly, not all have
123 PRIV_NET_ACCESS so wrap that in #ifdef. Based on code from
124 alex at cooperi.net and djm@ with help from carson at taltos.org and
125 wieland at purdue.edu.
126
127commit 292a8dee14e5e67dcd1b49ba5c7b9023e8420d59
128Author: djm@openbsd.org <djm@openbsd.org>
129Date: Wed Feb 17 22:20:14 2016 +0000
130
131 upstream commit
132
133 rekey refactor broke SSH1; spotted by Tom G. Christensen
134
135 Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243
136
137commit 3a13cb543df9919aec2fc6b75f3dd3802facaeca
138Author: djm@openbsd.org <djm@openbsd.org>
139Date: Wed Feb 17 08:57:34 2016 +0000
140
141 upstream commit
142
143 rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly
144 in *KeyTypes options yet. Remove them from the lists of algorithms for now.
145 committing on behalf of markus@ ok djm@
146
147 Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7
148
149commit a685ae8d1c24fb7c712c55a4f3280ee76f5f1e4b
150Author: jmc@openbsd.org <jmc@openbsd.org>
151Date: Wed Feb 17 07:38:19 2016 +0000
152
153 upstream commit
154
155 since these pages now clearly tell folks to avoid v1,
156 normalise the docs from a v2 perspective (i.e. stop pointing out which bits
157 are v2 only);
158
159 ok/tweaks djm ok markus
160
161 Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129
162
163commit c5c3f3279a0e4044b8de71b70d3570d692d0f29d
164Author: djm@openbsd.org <djm@openbsd.org>
165Date: Wed Feb 17 05:29:04 2016 +0000
166
167 upstream commit
168
169 make sandboxed privilege separation the default, not just
170 for new installs; "absolutely" deraadt@
171
172 Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b
173
174commit eb3f7337a651aa01d5dec019025e6cdc124ed081
175Author: jmc@openbsd.org <jmc@openbsd.org>
176Date: Tue Feb 16 07:47:54 2016 +0000
177
178 upstream commit
179
180 no need to state that protocol 2 is the default twice;
181
182 Upstream-ID: b1e4c36b0c2e12e338e5b66e2978f2ac953b95eb
183
184commit e7901efa9b24e5b0c7e74f2c5520d47eead4d005
185Author: djm@openbsd.org <djm@openbsd.org>
186Date: Tue Feb 16 05:11:04 2016 +0000
187
188 upstream commit
189
190 Replace list of ciphers and MACs adjacent to -1/-2 flag
191 descriptions in ssh(1) with a strong recommendation not to use protocol 1.
192 Add a similar warning to the Protocol option descriptions in ssh_config(5)
193 and sshd_config(5);
194
195 prompted by and ok mmcc@
196
197 Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e
198
199commit 5a0fcb77287342e2fc2ba1cee79b6af108973dc2
200Author: djm@openbsd.org <djm@openbsd.org>
201Date: Tue Feb 16 03:37:48 2016 +0000
202
203 upstream commit
204
205 add a "Close session" log entry (at loglevel=verbose) to
206 correspond to the existing "Starting session" one. Also include the session
207 id number to make multiplexed sessions more apparent.
208
209 feedback and ok dtucker@
210
211 Upstream-ID: e72d2ac080e02774376325136e532cb24c2e617c
212
213commit 624fd395b559820705171f460dd33d67743d13d6
214Author: djm@openbsd.org <djm@openbsd.org>
215Date: Wed Feb 17 02:24:17 2016 +0000
216
217 upstream commit
218
219 include bad $SSH_CONNECTION in failure output
220
221 Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529
222
223commit 60d860e54b4f199e5e89963b1c086981309753cb
224Author: Darren Tucker <dtucker@zip.com.au>
225Date: Wed Feb 17 13:37:09 2016 +1100
226
227 Rollback addition of va_start.
228
229 va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however
230 it has the wrong number of args and it's not usable in non-variadic
231 functions anyway so it breaks things (for example Solaris 2.6 as
232 reported by Tom G. Christensen).i ok djm@
233
234commit 2fee909c3cee2472a98b26eb82696297b81e0d38
235Author: Darren Tucker <dtucker@zip.com.au>
236Date: Wed Feb 17 09:48:15 2016 +1100
237
238 Look for gethostbyname in libresolv and libnsl.
239
240 Should fix build problem on Solaris 2.6 reported by Tom G. Christensen.
241
242commit 5ac712d81a84396aab441a272ec429af5b738302
243Author: Damien Miller <djm@mindrot.org>
244Date: Tue Feb 16 10:45:02 2016 +1100
245
246 make existing ssh_malloc_init only for __OpenBSD__
247
248commit 24c9bded569d9f2449ded73f92fb6d12db7a9eec
249Author: djm@openbsd.org <djm@openbsd.org>
250Date: Mon Feb 15 23:32:37 2016 +0000
251
252 upstream commit
253
254 memleak of algorithm name in mm_answer_sign; reported by
255 Jakub Jelen
256
257 Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
258
259commit ffb1e7e896139a42ceb78676f637658f44612411
260Author: dtucker@openbsd.org <dtucker@openbsd.org>
261Date: Mon Feb 15 09:47:49 2016 +0000
262
263 upstream commit
264
265 Add a function to enable security-related malloc_options.
266 With and ok deraadt@, something similar has been in the snaps for a while.
267
268 Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
269
270commit ef39e8c0497ff0564990a4f9e8b7338b3ba3507c
271Author: Damien Miller <djm@mindrot.org>
272Date: Tue Feb 16 10:34:39 2016 +1100
273
274 sync ssh-copy-id with upstream 783ef08b0a75
275
276commit d2d772f55b19bb0e8d03c2fe1b9bb176d9779efd
277Author: djm@openbsd.org <djm@openbsd.org>
278Date: Fri Feb 12 00:20:30 2016 +0000
279
280 upstream commit
281
282 avoid fatal() for PKCS11 tokens that present empty key IDs
283 bz#1773, ok markus@
284
285 Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54
286
287commit e4c918a6c721410792b287c9fd21356a1bed5805
288Author: djm@openbsd.org <djm@openbsd.org>
289Date: Thu Feb 11 02:56:32 2016 +0000
290
291 upstream commit
292
293 sync crypto algorithm lists in ssh_config(5) and
294 sshd_config(5) with current reality. bz#2527
295
296 Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6
297
298commit e30cabfa4ab456a30b3224f7f545f1bdfc4a2517
299Author: djm@openbsd.org <djm@openbsd.org>
300Date: Thu Feb 11 02:21:34 2016 +0000
301
302 upstream commit
303
304 fix regression in openssh-6.8 sftp client: existing
305 destination directories would incorrectly terminate recursive uploads;
306 bz#2528
307
308 Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
309
310commit 714e367226ded4dc3897078be48b961637350b05
311Author: djm@openbsd.org <djm@openbsd.org>
312Date: Tue Feb 9 05:30:04 2016 +0000
313
314 upstream commit
315
316 turn off more old crypto in the client: hmac-md5, ripemd,
317 truncated HMACs, RC4, blowfish. ok markus@ dtucker@
318
319 Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e
320
321commit 5a622844ff7f78dcb75e223399f9ef0977e8d0a3
322Author: djm@openbsd.org <djm@openbsd.org>
323Date: Mon Feb 8 23:40:12 2016 +0000
324
325 upstream commit
326
327 don't attempt to percent_expand() already-canonicalised
328 addresses, avoiding unnecessary failures when attempting to connect to scoped
329 IPv6 addresses (that naturally contain '%' characters)
330
331 Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a
332
333commit 19bcf2ea2d17413f2d9730dd2a19575ff86b9b6a
334Author: djm@openbsd.org <djm@openbsd.org>
335Date: Mon Feb 8 10:57:07 2016 +0000
336
337 upstream commit
338
339 refactor activation of rekeying
340
341 This makes automatic rekeying internal to the packet code (previously
342 the server and client loops needed to assist). In doing to it makes
343 application of rekey limits more accurate by accounting for packets
344 about to be sent as well as packets queued during rekeying events
345 themselves.
346
347 Based on a patch from dtucker@ which was in turn based on a patch
348 Aleksander Adamowski in bz#2521; ok markus@
349
350 Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8
351
352commit 603ba41179e4b53951c7b90ee95b6ef3faa3f15d
353Author: naddy@openbsd.org <naddy@openbsd.org>
354Date: Fri Feb 5 13:28:19 2016 +0000
355
356 upstream commit
357
358 Only check errno if read() has returned an error. EOF is
359 not an error. This fixes a problem where the mux master would sporadically
360 fail to notice that the client had exited. ok mikeb@ djm@
361
362 Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53
363
364commit 56d7dac790693ce420d225119283bc355cff9185
365Author: jsg@openbsd.org <jsg@openbsd.org>
366Date: Fri Feb 5 04:31:21 2016 +0000
367
368 upstream commit
369
370 avoid an uninitialised value when NumberOfPasswordPrompts
371 is 0 ok markus@ djm@
372
373 Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
374
375commit deae7d52d59c5019c528f977360d87fdda15d20b
376Author: djm@openbsd.org <djm@openbsd.org>
377Date: Fri Feb 5 03:07:06 2016 +0000
378
379 upstream commit
380
381 mention internal DH-GEX fallback groups; bz#2302
382
383 Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e
384
385commit cac3b6665f884d46192c0dc98a64112e8b11a766
386Author: djm@openbsd.org <djm@openbsd.org>
387Date: Fri Feb 5 02:37:56 2016 +0000
388
389 upstream commit
390
391 better description for MaxSessions; bz#2531
392
393 Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da
394
395commit 5ef4b0fdcc7a239577a754829b50022b91ab4712
396Author: Damien Miller <djm@mindrot.org>
397Date: Wed Jan 27 17:45:56 2016 +1100
398
399 avoid FreeBSD RCS Id in comment
400
401 Change old $FreeBSD version string in comment so it doesn't
402 become an RCS ident downstream; requested by des AT des.no
403
404commit 696d12683c90d20a0a9c5f4275fc916b7011fb04
405Author: djm@openbsd.org <djm@openbsd.org>
406Date: Thu Feb 4 23:43:48 2016 +0000
407
408 upstream commit
409
410 printf argument casts to avoid warnings on strict
411 compilers
412
413 Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c
414
415commit 5658ef2501e785fbbdf5de2dc33b1ff7a4dca73a
416Author: millert@openbsd.org <millert@openbsd.org>
417Date: Mon Feb 1 21:18:17 2016 +0000
418
419 upstream commit
420
421 Avoid ugly "DISPLAY "(null)" invalid; disabling X11
422 forwarding" message when DISPLAY is not set. This could also result in a
423 crash on systems with a printf that doesn't handle NULL. OK djm@
424
425 Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412
426
427commit 537f88ec7bcf40bd444ac5584c707c5588c55c43
428Author: dtucker@openbsd.org <dtucker@openbsd.org>
429Date: Fri Jan 29 05:18:15 2016 +0000
430
431 upstream commit
432
433 Add regression test for RekeyLimit parsing of >32bit values
434 (4G and 8G).
435
436 Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328
437
438commit 4c6cb8330460f94e6c7ae28a364236d4188156a3
439Author: dtucker@openbsd.org <dtucker@openbsd.org>
440Date: Fri Jan 29 23:04:46 2016 +0000
441
442 upstream commit
443
444 Remove leftover roaming dead code. ok djm markus.
445
446 Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be
447
448commit 28136471809806d6246ef41e4341467a39fe2f91
449Author: djm@openbsd.org <djm@openbsd.org>
450Date: Fri Jan 29 05:46:01 2016 +0000
451
452 upstream commit
453
454 include packet type of non-data packets in debug3 output;
455 ok markus dtucker
456
457 Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41
458
459commit 6fd6e28daccafaa35f02741036abe64534c361a1
460Author: dtucker@openbsd.org <dtucker@openbsd.org>
461Date: Fri Jan 29 03:31:03 2016 +0000
462
463 upstream commit
464
465 Revert "account for packets buffered but not yet
466 processed" change as it breaks for very small RekeyLimit values due to
467 continuous rekeying. ok djm@
468
469 Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19
470
471commit 921ff00b0ac429666fb361d2d6cb1c8fff0006cb
472Author: dtucker@openbsd.org <dtucker@openbsd.org>
473Date: Fri Jan 29 02:54:45 2016 +0000
474
475 upstream commit
476
477 Allow RekeyLimits in excess of 4G up to 2**63 bits
478 (limited by the return type of scan_scaled). Part of bz#2521, ok djm.
479
480 Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979
481
482commit c0060a65296f01d4634f274eee184c0e93ba0f23
483Author: dtucker@openbsd.org <dtucker@openbsd.org>
484Date: Fri Jan 29 02:42:46 2016 +0000
485
486 upstream commit
487
488 Account for packets buffered but not yet processed when
489 computing whether or not it is time to perform rekeying. bz#2521, based
490 loosely on a patch from olo at fb.com, ok djm@
491
492 Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c
493
494commit 44cf930e670488c85c9efeb373fa5f4b455692ac
495Author: djm@openbsd.org <djm@openbsd.org>
496Date: Wed Jan 27 06:44:58 2016 +0000
497
498 upstream commit
499
500 change old $FreeBSD version string in comment so it doesn't
501 become an RCS ident downstream; requested by des AT des.no
502
503 Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722
504
505commit ebacd377769ac07d1bf3c75169644336056b7060
506Author: djm@openbsd.org <djm@openbsd.org>
507Date: Wed Jan 27 00:53:12 2016 +0000
508
509 upstream commit
510
511 make the debug messages a bit more useful here
512
513 Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
514
515commit 458abc2934e82034c5c281336d8dc0f910aecad3
516Author: jsg@openbsd.org <jsg@openbsd.org>
517Date: Sat Jan 23 05:31:35 2016 +0000
518
519 upstream commit
520
521 Zero a stack buffer with explicit_bzero() instead of
522 memset() when returning from client_loop() for consistency with
523 buffer_free()/sshbuf_free().
524
525 ok dtucker@ deraadt@ djm@
526
527 Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66
528
529commit 65a3c0dacbc7dbb75ddb6a70ebe22d8de084d0b0
530Author: dtucker@openbsd.org <dtucker@openbsd.org>
531Date: Wed Jan 20 09:22:39 2016 +0000
532
533 upstream commit
534
535 Include sys/time.h for gettimeofday. From sortie at
536 maxsi.org.
537
538 Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b
539
540commit fc77ccdc2ce6d5d06628b8da5048a6a5f6ffca5a
541Author: markus@openbsd.org <markus@openbsd.org>
542Date: Thu Jan 14 22:56:56 2016 +0000
543
544 upstream commit
545
546 fd leaks; report Qualys Security Advisory team; ok
547 deraadt@
548
549 Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
550
551commit a306863831c57ec5fad918687cc5d289ee8e2635
552Author: markus@openbsd.org <markus@openbsd.org>
553Date: Thu Jan 14 16:17:39 2016 +0000
554
555 upstream commit
556
557 remove roaming support; ok djm@
558
559 Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
560
561commit 6ef49e83e30688504552ac10875feabd5521565f
562Author: deraadt@openbsd.org <deraadt@openbsd.org>
563Date: Thu Jan 14 14:34:34 2016 +0000
564
565 upstream commit
566
567 Disable experimental client-side roaming support. Server
568 side was disabled/gutted for years already, but this aspect was surprisingly
569 forgotten. Thanks for report from Qualys
570
571 Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
572
573commit 8d7b523b96d3be180572d9d338cedaafc0570f60
2Author: Damien Miller <djm@mindrot.org> 574Author: Damien Miller <djm@mindrot.org>
3Date: Thu Jan 14 11:08:19 2016 +1100 575Date: Thu Jan 14 11:08:19 2016 +1100
4 576
5 bump version numbers 577 bump version numbers
6 578
7commit 302bc21e6fadacb04b665868cd69b625ef69df90 579commit 8c3d512a1fac8b9c83b4d0c9c3f2376290bd84ca
8Author: Damien Miller <djm@mindrot.org> 580Author: Damien Miller <djm@mindrot.org>
9Date: Thu Jan 14 11:04:04 2016 +1100 581Date: Thu Jan 14 11:04:04 2016 +1100
10 582
11 openssh-7.1p2 583 openssh-7.1p2
12 584
13commit 6b33763242c063e4e0593877e835eeb1fd1b60aa 585commit e6c85f8889c5c9eb04796fdb76d2807636b9eef5
14Author: Damien Miller <djm@mindrot.org> 586Author: Damien Miller <djm@mindrot.org>
15Date: Thu Jan 14 11:02:58 2016 +1100 587Date: Fri Jan 15 01:30:36 2016 +1100
16 588
17 forcibly disable roaming support in the client 589 forcibly disable roaming support in the client
18 590
19commit 34d364f0d2e1e30a444009f0e04299bb7c94ba13 591commit ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
592Author: djm@openbsd.org <djm@openbsd.org>
593Date: Wed Jan 13 23:04:47 2016 +0000
594
595 upstream commit
596
597 eliminate fallback from untrusted X11 forwarding to trusted
598 forwarding when the X server disables the SECURITY extension; Reported by
599 Thomas Hoger; ok deraadt@
600
601 Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
602
603commit 9a728cc918fad67c8a9a71201088b1e150340ba4
604Author: djm@openbsd.org <djm@openbsd.org>
605Date: Tue Jan 12 23:42:54 2016 +0000
606
607 upstream commit
608
609 use explicit_bzero() more liberally in the buffer code; ok
610 deraadt
611
612 Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
613
614commit 4626cbaf78767fc8e9c86dd04785386c59ae0839
615Author: Damien Miller <djm@mindrot.org>
616Date: Fri Jan 8 14:24:56 2016 +1100
617
618 Support Illumos/Solaris fine-grained privileges
619
620 Includes a pre-auth privsep sandbox and several pledge()
621 emulations. bz#2511, patch by Alex Wilson.
622
623 ok dtucker@
624
625commit 422d1b3ee977ff4c724b597fb2e437d38fc8de9d
626Author: djm@openbsd.org <djm@openbsd.org>
627Date: Thu Dec 31 00:33:52 2015 +0000
628
629 upstream commit
630
631 fix three bugs in KRL code related to (unused) signature
632 support: verification length was being incorrectly calculated, multiple
633 signatures were being incorrectly processed and a NULL dereference that
634 occurred when signatures were verified. Reported by Carl Jackson
635
636 Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
637
638commit 6074c84bf95d00f29cc7d5d3cd3798737851aa1a
639Author: djm@openbsd.org <djm@openbsd.org>
640Date: Wed Dec 30 23:46:14 2015 +0000
641
642 upstream commit
643
644 unused prototype
645
646 Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
647
648commit 6213f0e180e54122bb1ba928e11c784e2b4e5380
649Author: guenther@openbsd.org <guenther@openbsd.org>
650Date: Sat Dec 26 20:51:35 2015 +0000
651
652 upstream commit
653
654 Use pread/pwrite instead separate lseek+read/write for
655 lastlog. Cast to off_t before multiplication to avoid truncation on ILP32
656
657 ok kettenis@ mmcc@
658
659 Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf
660
661commit d7d2bc95045a43dd56ea696cc1d030ac9d77e81f
662Author: semarie@openbsd.org <semarie@openbsd.org>
663Date: Sat Dec 26 07:46:03 2015 +0000
664
665 upstream commit
666
667 adjust pledge promises for ControlMaster: when using
668 "ask" or "autoask", the process will use ssh-askpass for asking confirmation.
669
670 problem found by halex@
671
672 ok halex@
673
674 Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
675
676commit 271df8185d9689b3fb0523f58514481b858f6843
677Author: djm@openbsd.org <djm@openbsd.org>
678Date: Sun Dec 13 22:42:23 2015 +0000
679
680 upstream commit
681
682 unbreak connections with peers that set
683 first_kex_follows; fix from Matt Johnston va bz#2515
684
685 Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
686
687commit 43849a47c5f8687699eafbcb5604f6b9c395179f
688Author: doug@openbsd.org <doug@openbsd.org>
689Date: Fri Dec 11 17:41:37 2015 +0000
690
691 upstream commit
692
693 Add "id" to ssh-agent pledge for subprocess support.
694
695 Found the hard way by Jan Johansson when using ssh-agent with X. Also,
696 rearranged proc/exec and retval to match other pledge calls in the tree.
697
698 ok djm@
699
700 Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
701
702commit 52d7078421844b2f88329f5be3de370b0a938636
703Author: mmcc@openbsd.org <mmcc@openbsd.org>
704Date: Fri Dec 11 04:21:11 2015 +0000
705
706 upstream commit
707
708 Remove NULL-checks before sshbuf_free().
709
710 ok djm@
711
712 Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
713
714commit a4b9e0f4e4a6980a0eb8072f76ea611cab5b77e7
715Author: djm@openbsd.org <djm@openbsd.org>
716Date: Fri Dec 11 03:24:25 2015 +0000
717
718 upstream commit
719
720 include remote port number in a few more messages; makes
721 tying log messages together into a session a bit easier; bz#2503 ok dtucker@
722
723 Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e
724
725commit 6091c362e89079397e68744ae30df121b0a72c07
726Author: djm@openbsd.org <djm@openbsd.org>
727Date: Fri Dec 11 03:20:09 2015 +0000
728
729 upstream commit
730
731 don't try to load SSHv1 private key when compiled without
732 SSHv1 support. From Iain Morgan bz#2505
733
734 Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7
735
736commit cce6a36bb95e81fa8bfb46daf22eabcf13afc352
737Author: djm@openbsd.org <djm@openbsd.org>
738Date: Fri Dec 11 03:19:09 2015 +0000
739
740 upstream commit
741
742 use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
743 reading key files. Increase it to match the size of the buffers already being
744 used.
745
746 Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
747
748commit 89540b6de025b80404a0cb8418c06377f3f98848
749Author: mmcc@openbsd.org <mmcc@openbsd.org>
750Date: Fri Dec 11 02:31:47 2015 +0000
751
752 upstream commit
753
754 Remove NULL-checks before sshkey_free().
755
756 ok djm@
757
758 Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
759
760commit 79394ed6d74572c2d2643d73937dad33727fc240
761Author: dtucker@openbsd.org <dtucker@openbsd.org>
762Date: Fri Dec 11 02:29:03 2015 +0000
763
764 upstream commit
765
766 fflush stdout so that output is seen even when running in
767 debug mode when output may otherwise not be flushed. Patch from dustin at
768 null-ptr.net.
769
770 Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc
771
772commit ee607cccb6636eb543282ba90e0677b0604d8b7a
773Author: Darren Tucker <dtucker@zip.com.au>
774Date: Tue Dec 15 15:23:49 2015 +1100
775
776 Increase robustness of redhat/openssh.spec
777
778 - remove configure --with-rsh, because this option isn't supported anymore
779 - replace last occurrence of BuildPreReq by BuildRequires
780 - update grep statement to query the krb5 include directory
781
782 Patch from CarstenGrohmann via github, ok djm.
783
784commit b5fa0cd73555b991a543145603658d7088ec6b60
785Author: Darren Tucker <dtucker@zip.com.au>
786Date: Tue Dec 15 15:10:32 2015 +1100
787
788 Allow --without-ssl-engine with --without-openssl
789
790 Patch from Mike Frysinger via github.
791
792commit c1d7e546f6029024f3257cc25c92f2bddf163125
793Author: Darren Tucker <dtucker@zip.com.au>
794Date: Tue Dec 15 14:27:09 2015 +1100
795
796 Include openssl crypto.h for SSLeay.
797
798 Patch from doughdemon via github.
799
800commit c6f5f01651526e88c00d988ce59d71f481ebac62
801Author: Darren Tucker <dtucker@zip.com.au>
802Date: Tue Dec 15 13:59:12 2015 +1100
803
804 Add sys/time.h for gettimeofday.
805
806 Should allow it it compile with MUSL libc. Based on patch from
807 doughdemon via github.
808
809commit 39736be06c7498ef57d6970f2d85cf066ae57c82
810Author: djm@openbsd.org <djm@openbsd.org>
811Date: Fri Dec 11 02:20:28 2015 +0000
812
813 upstream commit
814
815 correct error messages; from Tomas Kuthan bz#2507
816
817 Upstream-ID: 7454a0affeab772398052954c79300aa82077093
818
819commit 94141b7ade24afceeb6762a3f99e09e47a6c42b6
820Author: mmcc@openbsd.org <mmcc@openbsd.org>
821Date: Fri Dec 11 00:20:04 2015 +0000
822
823 upstream commit
824
825 Pass (char *)NULL rather than (char *)0 to execl and
826 execlp.
827
828 ok dtucker@
829
830 Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492
831
832commit d59ce08811bf94111c2f442184cf7d1257ffae24
833Author: mmcc@openbsd.org <mmcc@openbsd.org>
834Date: Thu Dec 10 17:08:40 2015 +0000
835
836 upstream commit
837
838 Remove NULL-checks before free().
839
840 ok dtucker@
841
842 Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
843
844commit 8e56dd46cb37879c73bce2d6032cf5e7f82d5a71
845Author: mmcc@openbsd.org <mmcc@openbsd.org>
846Date: Thu Dec 10 07:01:35 2015 +0000
847
848 upstream commit
849
850 Fix a couple "the the" typos. ok dtucker@
851
852 Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72
853
854commit 6262a0522ddc2c0f2e9358dcb68d59b46e9c533e
855Author: markus@openbsd.org <markus@openbsd.org>
856Date: Mon Dec 7 20:04:09 2015 +0000
857
858 upstream commit
859
860 stricter encoding type checks for ssh-rsa; ok djm@
861
862 Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650
863
864commit d86a3ba7af160c13496102aed861ae48a4297072
865Author: Damien Miller <djm@mindrot.org>
866Date: Wed Dec 9 09:18:45 2015 +1100
867
868 Don't set IPV6_V6ONLY on OpenBSD
869
870 It isn't necessary and runs afoul of pledge(2) restrictions.
871
872commit da98c11d03d819a15429d8fff9688acd7505439f
873Author: djm@openbsd.org <djm@openbsd.org>
874Date: Mon Dec 7 02:20:46 2015 +0000
875
876 upstream commit
877
878 basic unit tests for rsa-sha2-* signature types
879
880 Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
881
882commit 3da893fdec9936dd2c23739cdb3c0c9d4c59fca0
883Author: markus@openbsd.org <markus@openbsd.org>
884Date: Sat Dec 5 20:53:21 2015 +0000
885
886 upstream commit
887
888 prefer rsa-sha2-512 over -256 for hostkeys, too; noticed
889 by naddy@
890
891 Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe
892
893commit 8b56e59714d87181505e4678f0d6d39955caf10e
894Author: tobias@openbsd.org <tobias@openbsd.org>
895Date: Fri Dec 4 21:51:06 2015 +0000
896
897 upstream commit
898
899 Properly handle invalid %-format by calling fatal.
900
901 ok deraadt, djm
902
903 Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
904
905commit 76c9fbbe35aabc1db977fb78e827644345e9442e
906Author: markus@openbsd.org <markus@openbsd.org>
907Date: Fri Dec 4 16:41:28 2015 +0000
908
909 upstream commit
910
911 implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
912 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
913 draft-ssh-ext-info-04.txt; with & ok djm@
914
915 Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
916
917commit 6064a8b8295cb5a17b5ebcfade53053377714f40
918Author: djm@openbsd.org <djm@openbsd.org>
919Date: Fri Dec 4 00:24:55 2015 +0000
920
921 upstream commit
922
923 clean up agent_fd handling; properly initialise it to -1
924 and make tests consistent
925
926 ok markus@
927
928 Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
929
930commit b91926a97620f3e51761c271ba57aa5db790f48d
931Author: semarie@openbsd.org <semarie@openbsd.org>
932Date: Thu Dec 3 17:00:18 2015 +0000
933
934 upstream commit
935
936 pledges ssh client: - mux client: which is used when
937 ControlMaster is in use. will end with "stdio proc tty" (proc is to
938 permit sending SIGWINCH to mux master on window resize)
939
940 - client loop: several levels of pledging depending of your used options
941
942 ok deraadt@
943
944 Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
945
946commit bcce47466bbc974636f588b5e4a9a18ae386f64a
947Author: doug@openbsd.org <doug@openbsd.org>
948Date: Wed Dec 2 08:30:50 2015 +0000
949
950 upstream commit
951
952 Add "cpath" to the ssh-agent pledge so the cleanup
953 handler can unlink().
954
955 ok djm@
956
957 Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
958
959commit a90d001543f46716b6590c6dcc681d5f5322f8cf
960Author: djm@openbsd.org <djm@openbsd.org>
961Date: Wed Dec 2 08:00:58 2015 +0000
962
963 upstream commit
964
965 ssh-agent pledge needs proc for askpass; spotted by todd@
966
967 Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
968
969commit d952162b3c158a8f23220587bb6c8fcda75da551
970Author: djm@openbsd.org <djm@openbsd.org>
971Date: Tue Dec 1 23:29:24 2015 +0000
972
973 upstream commit
974
975 basic pledge() for ssh-agent, more refinement needed
976
977 Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
978
979commit f0191d7c8e76e30551084b79341886d9bb38e453
980Author: Damien Miller <djm@mindrot.org>
981Date: Mon Nov 30 10:53:25 2015 +1100
982
983 Revert "stub for pledge(2) for systems that lack it"
984
985 This reverts commit 14c887c8393adde2d9fd437d498be30f8c98535c.
986
987 dtucker beat me to it :/
988
989commit 6283cc72eb0e49a3470d30e07ca99a1ba9e89676
990Author: Damien Miller <djm@mindrot.org>
991Date: Mon Nov 30 10:37:03 2015 +1100
992
993 revert 7d4c7513: bring back S/Key prototypes
994
995 (but leave RCSID changes)
996
997commit 14c887c8393adde2d9fd437d498be30f8c98535c
998Author: Damien Miller <djm@mindrot.org>
999Date: Mon Nov 30 09:45:29 2015 +1100
1000
1001 stub for pledge(2) for systems that lack it
1002
1003commit 452c0b6af5d14c37553e30059bf74456012493f3
1004Author: djm@openbsd.org <djm@openbsd.org>
1005Date: Sun Nov 29 22:18:37 2015 +0000
1006
1007 upstream commit
1008
1009 pledge, better fatal() messages; feedback deraadt@
1010
1011 Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
1012
1013commit 6da413c085dba37127687b2617a415602505729b
1014Author: deraadt@openbsd.org <deraadt@openbsd.org>
1015Date: Sat Nov 28 06:50:52 2015 +0000
1016
1017 upstream commit
1018
1019 do not leak temp file if there is no known_hosts file
1020 from craig leres, ok djm
1021
1022 Upstream-ID: c820497fd5574844c782e79405c55860f170e426
1023
1024commit 3ddd15e1b63a4d4f06c8ab16fbdd8a5a61764f16
1025Author: Darren Tucker <dtucker@zip.com.au>
1026Date: Mon Nov 30 07:23:53 2015 +1100
1027
1028 Add a null implementation of pledge.
1029
1030 Fixes builds on almost everything.
1031
1032commit b1d6b3971ef256a08692efc409fc9ada719111cc
1033Author: djm@openbsd.org <djm@openbsd.org>
1034Date: Sat Nov 28 06:41:03 2015 +0000
1035
1036 upstream commit
1037
1038 don't include port number in tcpip-forward replies for
1039 requests that don't allocate a port; bz#2509 diagnosed by Ron Frederick ok
1040 markus
1041
1042 Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a
1043
1044commit 9080bd0b9cf10d0f13b1f642f20cb84285cb8d65
1045Author: deraadt@openbsd.org <deraadt@openbsd.org>
1046Date: Fri Nov 27 00:49:31 2015 +0000
1047
1048 upstream commit
1049
1050 pledge "stdio rpath wpath cpath fattr tty proc exec"
1051 except for the -p option (which sadly has insane semantics...) ok semarie
1052 dtucker
1053
1054 Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059
1055
1056commit 4d90625b229cf6b3551d81550a9861897509a65f
1057Author: halex@openbsd.org <halex@openbsd.org>
1058Date: Fri Nov 20 23:04:01 2015 +0000
1059
1060 upstream commit
1061
1062 allow comment change for all supported formats
1063
1064 ok djm@
1065
1066 Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
1067
1068commit 8ca915fc761519dd1f7766a550ec597a81db5646
1069Author: djm@openbsd.org <djm@openbsd.org>
1070Date: Fri Nov 20 01:45:29 2015 +0000
1071
1072 upstream commit
1073
1074 add cast to make -Werror clean
1075
1076 Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d
1077
1078commit ac9473580dcd401f8281305af98635cdaae9bf96
1079Author: Damien Miller <djm@mindrot.org>
1080Date: Fri Nov 20 12:35:41 2015 +1100
1081
1082 fix multiple authentication using S/Key w/ privsep
1083
1084 bz#2502, patch from Kevin Korb and feandil_
1085
1086commit 88b6fcdeb87a2fb76767854d9eb15006662dca57
1087Author: djm@openbsd.org <djm@openbsd.org>
1088Date: Thu Nov 19 08:23:27 2015 +0000
1089
1090 upstream commit
1091
1092 ban ConnectionAttempts=0, it makes no sense and would cause
1093 ssh_connect_direct() to print an uninitialised stack variable; bz#2500
1094 reported by dvw AT phas.ubc.ca
1095
1096 Upstream-ID: 32b5134c608270583a90b93a07b3feb3cbd5f7d5
1097
1098commit 964ab3ee7a8f96bdbc963d5b5a91933d6045ebe7
1099Author: djm@openbsd.org <djm@openbsd.org>
1100Date: Thu Nov 19 01:12:32 2015 +0000
1101
1102 upstream commit
1103
1104 trailing whitespace
1105
1106 Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
1107
1108commit f96516d052dbe38561f6b92b0e4365d8e24bb686
1109Author: djm@openbsd.org <djm@openbsd.org>
1110Date: Thu Nov 19 01:09:38 2015 +0000
1111
1112 upstream commit
1113
1114 print host certificate contents at debug level
1115
1116 Upstream-ID: 39354cdd8a2b32b308fd03f98645f877f540f00d
1117
1118commit 499cf36fecd6040e30e2912dd25655bc574739a7
1119Author: djm@openbsd.org <djm@openbsd.org>
1120Date: Thu Nov 19 01:08:55 2015 +0000
1121
1122 upstream commit
1123
1124 move the certificate validity formatting code to
1125 sshkey.[ch]
1126
1127 Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
1128
1129commit bcb7bc77bbb1535d1008c7714085556f3065d99d
1130Author: djm@openbsd.org <djm@openbsd.org>
1131Date: Wed Nov 18 08:37:28 2015 +0000
1132
1133 upstream commit
1134
1135 fix "ssh-keygen -l" of private key, broken in support for
1136 multiple plain keys on stdin
1137
1138 Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d
1139
1140commit 259adb6179e23195c8f6913635ea71040d1ccd63
1141Author: millert@openbsd.org <millert@openbsd.org>
1142Date: Mon Nov 16 23:47:52 2015 +0000
1143
1144 upstream commit
1145
1146 Replace remaining calls to index(3) with strchr(3). OK
1147 jca@ krw@
1148
1149 Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d
1150
1151commit c56a255162c2166884539c0a1f7511575325b477
1152Author: djm@openbsd.org <djm@openbsd.org>
1153Date: Mon Nov 16 22:53:07 2015 +0000
1154
1155 upstream commit
1156
1157 Allow fingerprinting from standard input "ssh-keygen -lf
1158 -"
1159
1160 Support fingerprinting multiple plain keys in a file and authorized_keys
1161 files too (bz#1319)
1162
1163 ok markus@
1164
1165 Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77
1166
1167commit 5b4010d9b923cf1b46c9c7b1887c013c2967e204
1168Author: djm@openbsd.org <djm@openbsd.org>
1169Date: Mon Nov 16 22:51:05 2015 +0000
1170
1171 upstream commit
1172
1173 always call privsep_preauth_child() regardless of whether
1174 sshd was started by root; it does important priming before sandboxing and
1175 failing to call it could result in sandbox violations later; ok markus@
1176
1177 Upstream-ID: c8a6d0d56c42f3faab38460dc917ca0d1705d383
1178
1179commit 3a9f84b58b0534bbb485f1eeab75665e2d03371f
1180Author: djm@openbsd.org <djm@openbsd.org>
1181Date: Mon Nov 16 22:50:01 2015 +0000
1182
1183 upstream commit
1184
1185 improve sshkey_read() semantics; only update *cpp when a
1186 key is successfully read; ok markus@
1187
1188 Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089
1189
1190commit db6f8dc5dd5655b59368efd074994d4568bc3556
1191Author: logan@openbsd.org <logan@openbsd.org>
1192Date: Mon Nov 16 06:13:04 2015 +0000
1193
1194 upstream commit
1195
1196 1) Use xcalloc() instead of xmalloc() to check for
1197 potential overflow. (Feedback from both mmcc@ and djm@) 2) move set_size
1198 just before the for loop. (suggested by djm@)
1199
1200 OK djm@
1201
1202 Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213
1203
1204commit 383f10fb84a0fee3c01f9d97594f3e22aa3cd5e0
1205Author: djm@openbsd.org <djm@openbsd.org>
1206Date: Mon Nov 16 00:30:02 2015 +0000
1207
1208 upstream commit
1209
1210 Add a new authorized_keys option "restrict" that
1211 includes all current and future key restrictions (no-*-forwarding, etc). Also
1212 add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty".
1213 This simplifies the task of setting up restricted keys and ensures they are
1214 maximally-restricted, regardless of any permissions we might implement in the
1215 future.
1216
1217 Example:
1218
1219 restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1...
1220
1221 Idea from Jann Horn; ok markus@
1222
1223 Upstream-ID: 04ceb9d448e46e67e13887a7ae5ea45b4f1719d0
1224
1225commit e41a071f7bda6af1fb3f081bed0151235fa61f15
1226Author: jmc@openbsd.org <jmc@openbsd.org>
1227Date: Sun Nov 15 23:58:04 2015 +0000
1228
1229 upstream commit
1230
1231 correct section number for ssh-agent;
1232
1233 Upstream-ID: 44be72fd8bcc167635c49b357b1beea8d5674bd6
1234
1235commit 1a11670286acddcc19f5eff0966c380831fc4638
1236Author: jmc@openbsd.org <jmc@openbsd.org>
1237Date: Sun Nov 15 23:54:15 2015 +0000
1238
1239 upstream commit
1240
1241 do not confuse mandoc by presenting "Dd";
1242
1243 Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65
1244
1245commit f361df474c49a097bfcf16d1b7b5c36fcd844b4b
1246Author: jcs@openbsd.org <jcs@openbsd.org>
1247Date: Sun Nov 15 22:26:49 2015 +0000
1248
1249 upstream commit
1250
1251 Add an AddKeysToAgent client option which can be set to
1252 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a
1253 private key that is used during authentication will be added to ssh-agent if
1254 it is running (with confirmation enabled if set to 'confirm').
1255
1256 Initial version from Joachim Schipper many years ago.
1257
1258 ok markus@
1259
1260 Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
1261
1262commit d87063d9baf5479b6e813d47dfb694a97df6f6f5
1263Author: djm@openbsd.org <djm@openbsd.org>
1264Date: Fri Nov 13 04:39:35 2015 +0000
1265
1266 upstream commit
1267
1268 send SSH2_MSG_UNIMPLEMENTED replies to unexpected
1269 messages during KEX; bz#2949, ok dtucker@
1270
1271 Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786
1272
1273commit 9fd04681a1e9b0af21e08ff82eb674cf0a499bfc
1274Author: djm@openbsd.org <djm@openbsd.org>
1275Date: Fri Nov 13 04:38:06 2015 +0000
1276
1277 upstream commit
1278
1279 Support "none" as an argument for sshd_config
1280 ForceCommand and ChrootDirectory. Useful inside Match blocks to override a
1281 global default. bz#2486 ok dtucker@
1282
1283 Upstream-ID: 7ef478d6592bc7db5c7376fc33b4443e63dccfa5
1284
1285commit 94bc0b72c29e511cbbc5772190d43282e5acfdfe
1286Author: djm@openbsd.org <djm@openbsd.org>
1287Date: Fri Nov 13 04:34:15 2015 +0000
1288
1289 upstream commit
1290
1291 support multiple certificates (one per line) and
1292 reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@
1293
1294 Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db
1295
1296commit b6b9108f5b561c83612cb97ece4134eb59fde071
1297Author: djm@openbsd.org <djm@openbsd.org>
1298Date: Fri Nov 13 02:57:46 2015 +0000
1299
1300 upstream commit
1301
1302 list a couple more options usable in Match blocks;
1303 bz#2489
1304
1305 Upstream-ID: e4d03f39d254db4c0cc54101921bb89fbda19879
1306
1307commit a7994b3f5a5a5a33b52b0a6065d08e888f0a99fb
1308Author: djm@openbsd.org <djm@openbsd.org>
1309Date: Wed Nov 11 04:56:39 2015 +0000
1310
1311 upstream commit
1312
1313 improve PEEK/POKE macros: better casts, don't multiply
1314 evaluate arguments; ok deraadt@
1315
1316 Upstream-ID: 9a1889e19647615ededbbabab89064843ba92d3e
1317
1318commit 7d4c7513a7f209cb303a608ac6e46b3f1dfc11ec
1319Author: djm@openbsd.org <djm@openbsd.org>
1320Date: Wed Nov 11 01:48:01 2015 +0000
1321
1322 upstream commit
1323
1324 remove prototypes for long-gone s/key support; ok
1325 dtucker@
1326
1327 Upstream-ID: db5bed3c57118af986490ab23d399df807359a79
1328
1329commit 07889c75926c040b8e095949c724e66af26441cb
1330Author: Damien Miller <djm@mindrot.org>
1331Date: Sat Nov 14 18:44:49 2015 +1100
1332
1333 read back from libcrypto RAND when privdropping
1334
1335 makes certain libcrypto implementations cache a /dev/urandom fd
1336 in preparation of sandboxing. Based on patch by Greg Hartman.
1337
1338commit 1560596f44c01bb0cef977816410950ed17b8ecd
1339Author: Darren Tucker <dtucker@zip.com.au>
1340Date: Tue Nov 10 11:14:47 2015 +1100
1341
1342 Fix compiler warnings in the openssl header check.
1343
1344 Noted by Austin English.
1345
1346commit e72a8575ffe1d8adff42c9abe9ca36938acc036b
1347Author: jmc@openbsd.org <jmc@openbsd.org>
1348Date: Sun Nov 8 23:24:03 2015 +0000
1349
1350 upstream commit
1351
1352 -c before -H, in SYNOPSIS and usage();
1353
1354 Upstream-ID: 25e8c58a69e1f37fcd54ac2cd1699370acb5e404
1355
1356commit 3a424cdd21db08c7b0ded902f97b8f02af5aa485
1357Author: djm@openbsd.org <djm@openbsd.org>
1358Date: Sun Nov 8 22:30:20 2015 +0000
1359
1360 upstream commit
1361
1362 Add "ssh-keyscan -c ..." flag to allow fetching
1363 certificates instead of plain keys; ok markus@
1364
1365 Upstream-ID: 0947e2177dba92339eced9e49d3c5bf7dda69f82
1366
1367commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346
1368Author: jmc@openbsd.org <jmc@openbsd.org>
1369Date: Sun Nov 8 22:08:38 2015 +0000
1370
1371 upstream commit
1372
1373 remove slogin links; ok deraadt markus djm
1374
1375 Upstream-ID: 39ba08548acde4c54f2d4520c202c2a863a3c730
1376
1377commit 2fecfd486bdba9f51b3a789277bb0733ca36e1c0
1378Author: djm@openbsd.org <djm@openbsd.org>
1379Date: Sun Nov 8 21:59:11 2015 +0000
1380
1381 upstream commit
1382
1383 fix OOB read in packet code caused by missing return
1384 statement found by Ben Hawkes; ok markus@ deraadt@
1385
1386 Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62
1387
1388commit 5e288923a303ca672b686908320bc5368ebec6e6
1389Author: mmcc@openbsd.org <mmcc@openbsd.org>
1390Date: Fri Nov 6 00:31:41 2015 +0000
1391
1392 upstream commit
1393
1394 1. rlogin and rsh are long gone 2. protocol version isn't
1395 of core relevance here, and v1 is going away
1396
1397 ok markus@, deraadt@
1398
1399 Upstream-ID: 8b46bc94cf1ca7c8c1a75b1c958b2bb38d7579c8
1400
1401commit 8b29008bbe97f33381d9b4b93fcfa304168d0286
1402Author: jmc@openbsd.org <jmc@openbsd.org>
1403Date: Thu Nov 5 09:48:05 2015 +0000
1404
1405 upstream commit
1406
1407 "commandline" -> "command line", since there are so few
1408 examples of the former in the pages, so many of the latter, and in some of
1409 these pages we had multiple spellings;
1410
1411 prompted by tj
1412
1413 Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659
1414
1415commit 996b24cebf20077fbe5db07b3a2c20c2d9db736e
1416Author: Darren Tucker <dtucker@zip.com.au>
1417Date: Thu Oct 29 20:57:34 2015 +1100
1418
1419 (re)wrap SYS_sendsyslog in ifdef.
1420
1421 Replace ifdef that went missing in commit
1422 c61b42f2678f21f05653ac2d3d241b48ab5d59ac. Fixes build on older
1423 OpenBSDs.
1424
1425commit b67e2e76fcf1ae7c802eb27ca927e16c91a513ff
1426Author: djm@openbsd.org <djm@openbsd.org>
1427Date: Thu Oct 29 08:05:17 2015 +0000
1428
1429 upstream commit
1430
1431 regress test for "PubkeyAcceptedKeyTypes +..." inside a
1432 Match block
1433
1434 Upstream-Regress-ID: 246c37ed64a2e5704d4c158ccdca1ff700e10647
1435
1436commit abd9dbc3c0d8c8c7561347cfa22166156e78c077
1437Author: dtucker@openbsd.org <dtucker@openbsd.org>
1438Date: Mon Oct 26 02:50:58 2015 +0000
1439
1440 upstream commit
1441
1442 Fix typo certopt->certopts in shell variable. This would
1443 cause the test to hang at a host key prompt if you have an A or CNAME for
1444 "proxy" in your local domain.
1445
1446 Upstream-Regress-ID: 6ea03bcd39443a83c89e2c5606392ceb9585836a
1447
1448commit ed08510d38aef930a061ae30d10f2a9cf233bafa
1449Author: djm@openbsd.org <djm@openbsd.org>
1450Date: Thu Oct 29 08:05:01 2015 +0000
1451
1452 upstream commit
1453
1454 Fix "PubkeyAcceptedKeyTypes +..." inside a Match block;
1455 ok dtucker@
1456
1457 Upstream-ID: 853662c4036730b966aab77684390c47b9738c69
1458
1459commit a4aef3ed29071719b2af82fdf1ac3c2514f82bc5
1460Author: djm@openbsd.org <djm@openbsd.org>
1461Date: Tue Oct 27 08:54:52 2015 +0000
1462
1463 upstream commit
1464
1465 fix execv arguments in a way less likely to cause grief
1466 for -portable; ok dtucker@
1467
1468 Upstream-ID: 5902bf0ea0371f39f1300698dc3b8e4105fc0fc5
1469
1470commit 63d188175accea83305e89fafa011136ff3d96ad
1471Author: djm@openbsd.org <djm@openbsd.org>
1472Date: Tue Oct 27 01:44:45 2015 +0000
1473
1474 upstream commit
1475
1476 log certificate serial in verbose() messages to match the
1477 main auth success/fail message; ok dtucker@
1478
1479 Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288
1480
1481commit 2aaba0cfd560ecfe92aa50c00750e6143842cf1f
1482Author: djm@openbsd.org <djm@openbsd.org>
1483Date: Tue Oct 27 00:49:53 2015 +0000
1484
1485 upstream commit
1486
1487 avoid de-const warning & shrink; ok dtucker@
1488
1489 Upstream-ID: 69a85ef94832378952a22c172009cbf52aaa11db
1490
1491commit 03239c18312b9bab7d1c3b03062c61e8bbc1ca6e
1492Author: dtucker@openbsd.org <dtucker@openbsd.org>
1493Date: Sun Oct 25 23:42:00 2015 +0000
1494
1495 upstream commit
1496
1497 Expand tildes in filenames passed to -i before checking
1498 whether or not the identity file exists. This means that if the shell
1499 doesn't do the expansion (eg because the option and filename were given as a
1500 single argument) then we'll still add the key. bz#2481, ok markus@
1501
1502 Upstream-ID: db1757178a14ac519e9a3e1a2dbd21113cb3bfc6
1503
1504commit 97e184e508dd33c37860c732c0eca3fc57698b40
1505Author: dtucker@openbsd.org <dtucker@openbsd.org>
1506Date: Sun Oct 25 23:14:03 2015 +0000
1507
1508 upstream commit
1509
1510 Do not prepend "exec" to the shell command run by "Match
1511 exec" in a config file. It's an unnecessary optimization from repurposed
1512 ProxyCommand code and prevents some things working with some shells.
1513 bz#2471, pointed out by res at qoxp.net. ok markus@
1514
1515 Upstream-ID: a1ead25ae336bfa15fb58d8c6b5589f85b4c33a3
1516
1517commit 8db134e7f457bcb069ec72bc4ee722e2af557c69
1518Author: Darren Tucker <dtucker@zip.com.au>
1519Date: Thu Oct 29 10:48:23 2015 +1100
1520
1521 Prevent name collisions with system glob (bz#2463)
1522
1523 Move glob.h from includes.h to the only caller (sftp) and override the
1524 names for the symbols. This prevents name collisions with the system glob
1525 in the case where something other than ssh uses it (eg kerberos). With
1526 jjelen at redhat.com, ok djm@
1527
1528commit 86c10dbbef6a5800d2431a66cf7f41a954bb62b5
1529Author: dtucker@openbsd.org <dtucker@openbsd.org>
1530Date: Fri Oct 23 02:22:01 2015 +0000
1531
1532 upstream commit
1533
1534 Update expected group sizes to match recent code changes.
1535
1536 Upstream-Regress-ID: 0004f0ea93428969fe75bcfff0d521c553977794
1537
1538commit 9ada37d36003a77902e90a3214981e417457cf13
1539Author: djm@openbsd.org <djm@openbsd.org>
1540Date: Sat Oct 24 22:56:19 2015 +0000
1541
1542 upstream commit
1543
1544 fix keyscan output for multiple hosts/addrs on one line
1545 when host hashing or a non standard port is in use; bz#2479 ok dtucker@
1546
1547 Upstream-ID: 5321dabfaeceba343da3c8a8b5754c6f4a0a307b
1548
1549commit 44fc7cd7dcef6c52c6b7e9ff830dfa32879bd319
1550Author: djm@openbsd.org <djm@openbsd.org>
1551Date: Sat Oct 24 22:52:22 2015 +0000
1552
1553 upstream commit
1554
1555 skip "Could not chdir to home directory" message when
1556 chrooted
1557
1558 patch from Christian Hesse in bz#2485 ok dtucker@
1559
1560 Upstream-ID: 86783c1953da426dff5b03b03ce46e699d9e5431
1561
1562commit a820a8618ec44735dabc688fab96fba38ad66bb2
1563Author: sthen@openbsd.org <sthen@openbsd.org>
1564Date: Sat Oct 24 08:34:09 2015 +0000
1565
1566 upstream commit
1567
1568 Handle the split of tun(4) "link0" into tap(4) in ssh
1569 tun-forwarding. Adapted from portable (using separate devices for this is the
1570 normal case in most OS). ok djm@
1571
1572 Upstream-ID: 90facf4c59ce73d6741db1bc926e578ef465cd39
1573
1574commit 66d2e229baa9fe57b868c373b05f7ff3bb20055b
1575Author: gsoares@openbsd.org <gsoares@openbsd.org>
1576Date: Wed Oct 21 11:33:03 2015 +0000
1577
1578 upstream commit
1579
1580 fix memory leak in error path ok djm@
1581
1582 Upstream-ID: dd2f402b0a0029b755df029fc7f0679e1365ce35
1583
1584commit 7d6c0362039ceacdc1366b5df29ad5d2693c13e5
1585Author: mmcc@openbsd.org <mmcc@openbsd.org>
1586Date: Tue Oct 20 23:24:25 2015 +0000
1587
1588 upstream commit
1589
1590 Compare pointers to NULL rather than 0.
1591
1592 ok djm@
1593
1594 Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8
1595
1596commit f98a09cacff7baad8748c9aa217afd155a4d493f
1597Author: mmcc@openbsd.org <mmcc@openbsd.org>
1598Date: Tue Oct 20 03:36:35 2015 +0000
1599
1600 upstream commit
1601
1602 Replace a function-local allocation with stack memory.
1603
1604 ok djm@
1605
1606 Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e
1607
1608commit ac908c1eeacccfa85659594d92428659320fd57e
1609Author: Damien Miller <djm@mindrot.org>
1610Date: Thu Oct 22 09:35:24 2015 +1100
1611
1612 turn off PrintLastLog when --disable-lastlog
1613
1614 bz#2278 from Brent Paulson
1615
1616commit b56deb847f4a0115a8bf488bf6ee8524658162fd
1617Author: djm@openbsd.org <djm@openbsd.org>
1618Date: Fri Oct 16 22:32:22 2015 +0000
1619
1620 upstream commit
1621
1622 increase the minimum modulus that we will send or accept in
1623 diffie-hellman-group-exchange to 2048 bits; ok markus@
1624
1625 Upstream-ID: 06dce7a24c17b999a0f5fadfe95de1ed6a1a9b6a
1626
1627commit 5ee0063f024bf5b3f3ffb275b8cd20055d62b4b9
1628Author: djm@openbsd.org <djm@openbsd.org>
1629Date: Fri Oct 16 18:40:49 2015 +0000
1630
1631 upstream commit
1632
1633 better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in
1634 hostname canonicalisation - treat them as already canonical and remove the
1635 trailing '.' before matching ssh_config; ok markus@
1636
1637 Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a
1638
1639commit e92c499a75477ecfe94dd7b4aed89f20b1fac5a7
1640Author: mmcc@openbsd.org <mmcc@openbsd.org>
1641Date: Fri Oct 16 17:07:24 2015 +0000
1642
1643 upstream commit
1644
1645 0 -> NULL when comparing with a char*.
1646
1647 ok dtucker@, djm@.
1648
1649 Upstream-ID: a928e9c21c0a9020727d99738ff64027c1272300
1650
1651commit b1d38a3cc6fe349feb8d16a5f520ef12d1de7cb2
1652Author: djm@openbsd.org <djm@openbsd.org>
1653Date: Thu Oct 15 23:51:40 2015 +0000
1654
1655 upstream commit
1656
1657 fix some signed/unsigned integer type mismatches in
1658 format strings; reported by Nicholas Lemonias
1659
1660 Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c
1661
1662commit 1a2663a15d356bb188196b6414b4c50dc12fd42b
1663Author: djm@openbsd.org <djm@openbsd.org>
1664Date: Thu Oct 15 23:08:23 2015 +0000
1665
1666 upstream commit
1667
1668 argument to sshkey_from_private() and sshkey_demote()
1669 can't be NULL
1670
1671 Upstream-ID: 0111245b1641d387977a9b38da15916820a5fd1f
1672
1673commit 0f754e29dd3760fc0b172c1220f18b753fb0957e
1674Author: Damien Miller <djm@mindrot.org>
1675Date: Fri Oct 16 10:53:14 2015 +1100
1676
1677 need va_copy before va_start
1678
1679 reported by Nicholas Lemonias
1680
1681commit eb6c50d82aa1f0d3fc95f5630ea69761e918bfcd
1682Author: Damien Miller <djm@mindrot.org>
1683Date: Thu Oct 15 15:48:28 2015 -0700
1684
1685 fix compilation on systems without SYMLOOP_MAX
1686
1687commit fafe1d84a210fb3dae7744f268059cc583db8c12
1688Author: Damien Miller <djm@mindrot.org>
1689Date: Wed Oct 14 09:22:15 2015 -0700
1690
1691 s/SANDBOX_TAME/SANDBOX_PLEDGE/g
1692
1693commit 8f22911027ff6c17d7226d232ccd20727f389310
1694Author: Damien Miller <djm@mindrot.org>
1695Date: Wed Oct 14 08:28:19 2015 +1100
1696
1697 upstream commit
1698
1699 revision 1.20
1700 date: 2015/10/13 20:55:37; author: millert; state: Exp; lines: +2 -2; commitid: X39sl5ay1czgFIgp;
1701 In rev 1.15 the sizeof argument was fixed in a strlcat() call but
1702 the truncation check immediately following it was not updated to
1703 match. Not an issue in practice since the buffers are the same
1704 size. OK deraadt@
1705
1706commit 23fa695bb735f54f04d46123662609edb6c76767
1707Author: Damien Miller <djm@mindrot.org>
1708Date: Wed Oct 14 08:27:51 2015 +1100
1709
1710 upstream commit
1711
1712 revision 1.19
1713 date: 2015/01/16 16:48:51; author: deraadt; state: Exp; lines: +3 -3; commitid: 0DYulI8hhujBHMcR;
1714 Move to the <limits.h> universe.
1715 review by millert, binary checking process with doug, concept with guenther
1716
1717commit c71be375a69af00c2d0a0c24d8752bec12d8fd1b
1718Author: Damien Miller <djm@mindrot.org>
1719Date: Wed Oct 14 08:27:08 2015 +1100
1720
1721 upstream commit
1722
1723 revision 1.18
1724 date: 2014/10/19 03:56:28; author: doug; state: Exp; lines: +9 -9; commitid: U6QxmtbXrGoc02S5;
1725 Revert last commit due to changed semantics found by make release.
1726
1727commit c39ad23b06e9aecc3ff788e92f787a08472905b1
1728Author: Damien Miller <djm@mindrot.org>
1729Date: Wed Oct 14 08:26:24 2015 +1100
1730
1731 upstream commit
1732
1733 revision 1.17
1734 date: 2014/10/18 20:43:52; author: doug; state: Exp; lines: +10 -10; commitid: I74hI1tVZtsspKEt;
1735 Better POSIX compliance in realpath(3).
1736
1737 millert@ made changes to realpath.c based on FreeBSD's version. I merged
1738 Todd's changes into dl_realpath.c.
1739
1740 ok millert@, guenther@
1741
1742commit e929a43f957dbd1254aca2aaf85c8c00cbfc25f4
1743Author: Damien Miller <djm@mindrot.org>
1744Date: Wed Oct 14 08:25:55 2015 +1100
1745
1746 upstream commit
1747
1748 revision 1.16
1749 date: 2013/04/05 12:59:54; author: kurt; state: Exp; lines: +3 -1;
1750 - Add comments regarding copies of these files also in libexec/ld.so
1751 okay guenther@
1752
1753commit 5225db68e58a1048cb17f0e36e0d33bc4a8fc410
1754Author: Damien Miller <djm@mindrot.org>
1755Date: Wed Oct 14 08:25:32 2015 +1100
1756
1757 upstream commit
1758
1759 revision 1.15
1760 date: 2012/09/13 15:39:05; author: deraadt; state: Exp; lines: +2 -2;
1761 specify the bounds of the dst to strlcat (both values were static and
1762 equal, but it is more correct)
1763 from Michal Mazurek
1764
1765commit 7365fe5b4859de2305e40ea132da3823830fa710
1766Author: Damien Miller <djm@mindrot.org>
1767Date: Wed Oct 14 08:25:09 2015 +1100
1768
1769 upstream commit
1770
1771 revision 1.14
1772 date: 2011/07/24 21:03:00; author: miod; state: Exp; lines: +35 -13;
1773 Recent Single Unix will malloc memory if the second argument of realpath()
1774 is NULL, and third-party software is starting to rely upon this.
1775 Adapted from FreeBSD via Jona Joachim (jaj ; hcl-club , .lu), with minor
1776 tweaks from nicm@ and yours truly.
1777
1778commit e679c09cd1951f963793aa3d9748d1c3fdcf808f
1779Author: djm@openbsd.org <djm@openbsd.org>
1780Date: Tue Oct 13 16:15:21 2015 +0000
1781
1782 upstream commit
1783
1784 apply PubkeyAcceptedKeyTypes filtering earlier, so all
1785 skipped keys are noted before pubkey authentication starts. ok dtucker@
1786
1787 Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8
1788
1789commit 179c353f564ec7ada64b87730b25fb41107babd7
1790Author: djm@openbsd.org <djm@openbsd.org>
1791Date: Tue Oct 13 00:21:27 2015 +0000
1792
1793 upstream commit
1794
1795 free the correct IV length, don't assume it's always the
1796 cipher blocksize; ok dtucker@
1797
1798 Upstream-ID: c260d9e5ec73628d9ff4b067fbb060eff5a7d298
1799
1800commit 2539dce2a049a8f6bb0d44cac51f07ad48e691d3
1801Author: deraadt@openbsd.org <deraadt@openbsd.org>
1802Date: Fri Oct 9 01:37:08 2015 +0000
1803
1804 upstream commit
1805
1806 Change all tame callers to namechange to pledge(2).
1807
1808 Upstream-ID: 17e654fc27ceaf523c60f4ffd9ec7ae4e7efc7f2
1809
1810commit 9846a2f4067383bb76b4e31a9d2303e0a9c13a73
1811Author: Damien Miller <djm@mindrot.org>
1812Date: Thu Oct 8 04:30:48 2015 +1100
1813
1814 hook tame(2) sandbox up to build
1815
1816 OpenBSD only for now
1817
1818commit 0c46bbe68b70bdf0d6d20588e5847e71f3739fe6
1819Author: djm@openbsd.org <djm@openbsd.org>
1820Date: Wed Oct 7 15:59:12 2015 +0000
1821
1822 upstream commit
1823
1824 include PubkeyAcceptedKeyTypes in ssh -G config dump
1825
1826 Upstream-ID: 6c097ce6ffebf6fe393fb7988b5d152a5d6b36bb
1827
1828commit bdcb73fb7641b1cf73c0065d1a0dd57b1e8b778e
1829Author: sobrado@openbsd.org <sobrado@openbsd.org>
1830Date: Wed Oct 7 14:45:30 2015 +0000
1831
1832 upstream commit
1833
1834 UsePrivilegeSeparation defaults to sandbox now.
1835
1836 ok djm@
1837
1838 Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f
1839
1840commit 2905d6f99c837bb699b6ebc61711b19acd030709
1841Author: djm@openbsd.org <djm@openbsd.org>
1842Date: Wed Oct 7 00:54:06 2015 +0000
1843
1844 upstream commit
1845
1846 don't try to change tun device flags if they are already
1847 what we need; makes it possible to use tun/tap networking as non- root user
1848 if device permissions and interface flags are pre-established; based on patch
1849 by Ossi Herrala
1850
1851 Upstream-ID: 89099ac4634cd477b066865acf54cb230780fd21
1852
1853commit 0dc74512bdb105b048883f07de538b37e5e024d4
1854Author: Damien Miller <djm@mindrot.org>
1855Date: Mon Oct 5 18:33:05 2015 -0700
1856
1857 unbreak merge botch
1858
1859commit fdd020e86439afa7f537e2429d29d4b744c94331
1860Author: djm@openbsd.org <djm@openbsd.org>
1861Date: Tue Oct 6 01:20:59 2015 +0000
1862
1863 upstream commit
1864
1865 adapt to recent sshkey_parse_private_fileblob() API
1866 change
1867
1868 Upstream-Regress-ID: 5c0d818da511e33e0abf6a92a31bd7163b7ad988
1869
1870commit 21ae8ee3b630b0925f973db647a1b9aa5fcdd4c5
1871Author: djm@openbsd.org <djm@openbsd.org>
1872Date: Thu Sep 24 07:15:39 2015 +0000
1873
1874 upstream commit
1875
1876 fix command-line option to match what was actually
1877 committed
1878
1879 Upstream-Regress-ID: 3e8c24a2044e8afd37e7ce17b69002ca817ac699
1880
1881commit e14ac43b75e68f1ffbd3e1a5e44143c8ae578dcd
1882Author: djm@openbsd.org <djm@openbsd.org>
1883Date: Thu Sep 24 06:16:53 2015 +0000
1884
1885 upstream commit
1886
1887 regress test for CertificateFile; patch from Meghana Bhat
1888 via bz#2436
1889
1890 Upstream-Regress-ID: e7a6e980cbe0f8081ba2e83de40d06c17be8bd25
1891
1892commit 905b054ed24e0d5b4ef226ebf2c8bfc02ae6d4ad
20Author: djm@openbsd.org <djm@openbsd.org> 1893Author: djm@openbsd.org <djm@openbsd.org>
21Date: Mon Oct 5 17:11:21 2015 +0000 1894Date: Mon Oct 5 17:11:21 2015 +0000
22 1895
@@ -26,7 +1899,129 @@ Date: Mon Oct 5 17:11:21 2015 +0000
26 1899
27 Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0 1900 Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0
28 1901
29commit 8f5b93026797b9f7fba90d0c717570421ccebbd3 1902commit b007159a0acdbcf65814b3ee05dbe2cf4ea46011
1903Author: deraadt@openbsd.org <deraadt@openbsd.org>
1904Date: Fri Oct 2 15:52:55 2015 +0000
1905
1906 upstream commit
1907
1908 fix email
1909
1910 Upstream-ID: 72150f2d54b94de14ebef1ea054ef974281bf834
1911
1912commit b19e1b4ab11884c4f62aee9f8ab53127a4732658
1913Author: deraadt@openbsd.org <deraadt@openbsd.org>
1914Date: Fri Oct 2 01:39:52 2015 +0000
1915
1916 upstream commit
1917
1918 a sandbox using tame ok djm
1919
1920 Upstream-ID: 4ca24e47895e72f5daaa02f3e3d3e5ca2d820fa3
1921
1922commit c61b42f2678f21f05653ac2d3d241b48ab5d59ac
1923Author: deraadt@openbsd.org <deraadt@openbsd.org>
1924Date: Fri Oct 2 01:39:26 2015 +0000
1925
1926 upstream commit
1927
1928 re-order system calls in order of risk, ok i'll be
1929 honest, ordered this way they look like tame... ok djm
1930
1931 Upstream-ID: 42a1e6d251fd8be13c8262bee026059ae6328813
1932
1933commit c5f7c0843cb6e6074a93c8ac34e49ce33a6f5546
1934Author: jmc@openbsd.org <jmc@openbsd.org>
1935Date: Fri Sep 25 18:19:54 2015 +0000
1936
1937 upstream commit
1938
1939 some certificatefile tweaks; ok djm
1940
1941 Upstream-ID: 0e5a7852c28c05fc193419cc7e50e64c1c535af0
1942
1943commit 4e44a79a07d4b88b6a4e5e8c1bed5f58c841b1b8
1944Author: djm@openbsd.org <djm@openbsd.org>
1945Date: Thu Sep 24 06:15:11 2015 +0000
1946
1947 upstream commit
1948
1949 add ssh_config CertificateFile option to explicitly list
1950 a certificate; patch from Meghana Bhat on bz#2436; ok markus@
1951
1952 Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8
1953
1954commit e3cbb06ade83c72b640a53728d362bbefa0008e2
1955Author: sobrado@openbsd.org <sobrado@openbsd.org>
1956Date: Tue Sep 22 08:33:23 2015 +0000
1957
1958 upstream commit
1959
1960 fix two typos.
1961
1962 Upstream-ID: 424402c0d8863a11b51749bacd7f8d932083b709
1963
1964commit 8408218c1ca88cb17d15278174a24a94a6f65fe1
1965Author: djm@openbsd.org <djm@openbsd.org>
1966Date: Mon Sep 21 04:31:00 2015 +0000
1967
1968 upstream commit
1969
1970 fix possible hang on closed output; bz#2469 reported by Tomas
1971 Kuthan ok markus@
1972
1973 Upstream-ID: f7afd41810f8540f524284f1be6b970859f94fe3
1974
1975commit 0097248f90a00865082e8c146b905a6555cc146f
1976Author: djm@openbsd.org <djm@openbsd.org>
1977Date: Fri Sep 11 04:55:01 2015 +0000
1978
1979 upstream commit
1980
1981 skip if running as root; many systems (inc OpenBSD) allow
1982 root to ptrace arbitrary processes
1983
1984 Upstream-Regress-ID: be2b925df89360dff36f972951fa0fa793769038
1985
1986commit 9c06c814aff925e11a5cc592c06929c258a014f6
1987Author: djm@openbsd.org <djm@openbsd.org>
1988Date: Fri Sep 11 03:44:21 2015 +0000
1989
1990 upstream commit
1991
1992 try all supported key types here; bz#2455 reported by
1993 Jakub Jelen
1994
1995 Upstream-Regress-ID: 188cb7d9031cdbac3a0fa58b428b8fa2b2482bba
1996
1997commit 3c019a936b43f3e2773f3edbde7c114d73caaa4c
1998Author: tim@openbsd.org <tim@openbsd.org>
1999Date: Sun Sep 13 14:39:16 2015 +0000
2000
2001 upstream commit
2002
2003 - Fix error message: passphrase needs to be at least 5
2004 characters, not 4. - Remove unused function argument. - Remove two
2005 unnecessary variables.
2006
2007 OK djm@
2008
2009 Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
2010
2011commit 2681cdb6e0de7c1af549dac37a9531af202b4434
2012Author: tim@openbsd.org <tim@openbsd.org>
2013Date: Sun Sep 13 13:48:19 2015 +0000
2014
2015 upstream commit
2016
2017 When adding keys to the agent, don't ignore the comment
2018 of keys for which the user is prompted for a passphrase.
2019
2020 Tweak and OK djm@
2021
2022 Upstream-ID: dc737c620a5a8d282cc4f66e3b9b624e9abefbec
2023
2024commit 14692f7b8251cdda847e648a82735eef8a4d2a33
30Author: guenther@openbsd.org <guenther@openbsd.org> 2025Author: guenther@openbsd.org <guenther@openbsd.org>
31Date: Fri Sep 11 08:50:04 2015 +0000 2026Date: Fri Sep 11 08:50:04 2015 +0000
32 2027
@@ -39,47 +2034,272 @@ Date: Fri Sep 11 08:50:04 2015 +0000
39 2034
40 Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50 2035 Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50
41 2036
42commit d77148e3a3ef6c29b26ec74331455394581aa257 2037commit 846f6fa4cfa8483a9195971dbdd162220f199d85
2038Author: jmc@openbsd.org <jmc@openbsd.org>
2039Date: Fri Sep 11 06:55:46 2015 +0000
2040
2041 upstream commit
2042
2043 sync -Q in usage() to SYNOPSIS; since it's drastically
2044 shorter, i've reformatted the block to sync with the man (80 cols) and saved
2045 a line;
2046
2047 Upstream-ID: 86e2c65c3989a0777a6258a77e589b9f6f354abd
2048
2049commit 95923e0520a8647417ee6dcdff44694703dfeef0
2050Author: jmc@openbsd.org <jmc@openbsd.org>
2051Date: Fri Sep 11 06:51:39 2015 +0000
2052
2053 upstream commit
2054
2055 tweak previous;
2056
2057 Upstream-ID: f29b3cfcfd9aa31fa140c393e7bd48c1c74139d6
2058
2059commit 86ac462f833b05d8ed9de9c50ccb295d7faa79ff
2060Author: dtucker@openbsd.org <dtucker@openbsd.org>
2061Date: Fri Sep 11 05:27:02 2015 +0000
2062
2063 upstream commit
2064
2065 Update usage to match man page.
2066
2067 Upstream-ID: 9e85aefaecfb6aaf34c7cfd0700cd21783a35675
2068
2069commit 674b3b68c1d36b2562324927cd03857b565e05e8
43Author: djm@openbsd.org <djm@openbsd.org> 2070Author: djm@openbsd.org <djm@openbsd.org>
44Date: Sun Nov 8 21:59:11 2015 +0000 2071Date: Fri Sep 11 03:47:28 2015 +0000
45 2072
46 upstream commit 2073 upstream commit
47 2074
48 fix OOB read in packet code caused by missing return 2075 expand %i in ControlPath to UID; bz#2449
49 statement found by Ben Hawkes; ok markus@ deraadt@
50 2076
51 Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62 2077 patch from Christian Hesse w/ feedback from dtucker@
2078
2079 Upstream-ID: 2ba8d303e555a84e2f2165ab4b324b41e80ab925
2080
2081commit c0f55db7ee00c8202b05cb4b9ad4ce72cc45df41
2082Author: djm@openbsd.org <djm@openbsd.org>
2083Date: Fri Sep 11 03:42:32 2015 +0000
2084
2085 upstream commit
2086
2087 mention -Q key-plain and -Q key-cert; bz#2455 pointed out
2088 by Jakub Jelen
2089
2090 Upstream-ID: c8f1f8169332e4fa73ac96b0043e3b84e01d4896
2091
2092commit cfffbdb10fdf0f02d3f4232232eef7ec3876c383
2093Author: Darren Tucker <dtucker@zip.com.au>
2094Date: Mon Sep 14 16:24:21 2015 +1000
2095
2096 Use ssh-keygen -A when generating host keys.
2097
2098 Use ssh-keygen -A instead of per-keytype invocations when generating host
2099 keys. Add tests when doing host-key-force since we can't use ssh-keygen -A
2100 since it can't specify alternate locations. bz#2459, ok djm@
2101
2102commit 366bada1e9e124654aac55b72b6ccf878755b0dc
2103Author: Darren Tucker <dtucker@zip.com.au>
2104Date: Fri Sep 11 13:29:22 2015 +1000
2105
2106 Correct default value for --with-ssh1.
2107
2108 bz#2457, from konto-mindrot.org at walimnieto.com.
2109
2110commit 2bca8a43e7dd9b04d7070824ffebb823c72587b2
2111Author: djm@openbsd.org <djm@openbsd.org>
2112Date: Fri Sep 11 03:13:36 2015 +0000
2113
2114 upstream commit
2115
2116 more clarity on what AuthorizedKeysFile=none does; based
2117 on diff by Thiebaud Weksteen
2118
2119 Upstream-ID: 78ab87f069080f0cc3bc353bb04eddd9e8ad3704
2120
2121commit 61942ea4a01e6db4fdf37ad61de81312ffe310e9
2122Author: djm@openbsd.org <djm@openbsd.org>
2123Date: Wed Sep 9 00:52:44 2015 +0000
2124
2125 upstream commit
2126
2127 openssh_RSA_verify return type is int, so don't make it
2128 size_t within the function itself with only negative numbers or zero assigned
2129 to it. bz#2460
2130
2131 Upstream-ID: b6e794b0c7fc4f9f329509263c8668d35f83ea55
2132
2133commit 4f7cc2f8cc861a21e6dbd7f6c25652afb38b9b96
2134Author: dtucker@openbsd.org <dtucker@openbsd.org>
2135Date: Fri Sep 4 08:21:47 2015 +0000
2136
2137 upstream commit
2138
2139 Plug minor memory leaks when options are used more than
2140 once. bz#2182, patch from Tiago Cunha, ok deraadt djm
2141
2142 Upstream-ID: 5b84d0401e27fe1614c10997010cc55933adb48e
2143
2144commit 7ad8b287c8453a3e61dbc0d34d467632b8b06fc8
2145Author: Darren Tucker <dtucker@zip.com.au>
2146Date: Fri Sep 11 13:11:02 2015 +1000
2147
2148 Force resolution of _res for correct detection.
2149
2150 bz#2259, from sconeu at yahoo.com.
52 2151
53commit 076d849e17ab12603627f87b301e2dca71bae518 2152commit 26ad18247213ff72b4438abe7fc660c958810fa2
54Author: Damien Miller <djm@mindrot.org> 2153Author: Damien Miller <djm@mindrot.org>
55Date: Sat Nov 14 18:44:49 2015 +1100 2154Date: Thu Sep 10 10:57:41 2015 +1000
56 2155
57 read back from libcrypto RAND when privdropping 2156 allow getrandom syscall; from Felix von Leitner
2157
2158commit 5245bc1e6b129a10a928f73f11c3aa32656c44b4
2159Author: jmc@openbsd.org <jmc@openbsd.org>
2160Date: Fri Sep 4 06:40:45 2015 +0000
2161
2162 upstream commit
58 2163
59 makes certain libcrypto implementations cache a /dev/urandom fd 2164 full stop belongs outside the brackets, not inside;
60 in preparation of sandboxing. Based on patch by Greg Hartman. 2165
2166 Upstream-ID: 99d098287767799ac33d2442a05b5053fa5a551a
61 2167
62commit f72adc0150011a28f177617a8456e1f83733099d 2168commit a85768a9321d74b41219eeb3c9be9f1702cbf6a5
63Author: djm@openbsd.org <djm@openbsd.org> 2169Author: djm@openbsd.org <djm@openbsd.org>
64Date: Sun Dec 13 22:42:23 2015 +0000 2170Date: Fri Sep 4 04:56:09 2015 +0000
65 2171
66 upstream commit 2172 upstream commit
67 2173
68 unbreak connections with peers that set 2174 add a debug2() right before DNS resolution; it's a place
69 first_kex_follows; fix from Matt Johnston va bz#2515 2175 where ssh could previously silently hang for a while. bz#2433
70 2176
71 Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b 2177 Upstream-ID: 52a1a3e0748db66518e7598352c427145692a6a0
72 2178
73commit 04bd8d019ccd906cac1a2b362517b8505f3759e6 2179commit 46152af8d27aa34d5d26ed1c371dc8aa142d4730
74Author: djm@openbsd.org <djm@openbsd.org> 2180Author: djm@openbsd.org <djm@openbsd.org>
75Date: Tue Jan 12 23:42:54 2016 +0000 2181Date: Fri Sep 4 04:55:24 2015 +0000
76 2182
77 upstream commit 2183 upstream commit
78 2184
79 use explicit_bzero() more liberally in the buffer code; ok 2185 correct function name in error messages
80 deraadt
81 2186
82 Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf 2187 Upstream-ID: 92fb2798617ad9561370897f4ab60adef2ff4c0e
2188
2189commit a954cdb799a4d83c2d40fbf3e7b9f187fbfd72fc
2190Author: djm@openbsd.org <djm@openbsd.org>
2191Date: Fri Sep 4 04:47:50 2015 +0000
2192
2193 upstream commit
2194
2195 better document ExitOnForwardFailure; bz#2444, ok
2196 dtucker@
2197
2198 Upstream-ID: a126209b5a6d9cb3117ac7ab5bc63d284538bfc2
2199
2200commit f54d8ac2474b6fc3afa081cf759b48a6c89d3319
2201Author: djm@openbsd.org <djm@openbsd.org>
2202Date: Fri Sep 4 04:44:08 2015 +0000
2203
2204 upstream commit
2205
2206 don't record hostbased authentication hostkeys as user
2207 keys in test for multiple authentication with the same key
2208
2209 Upstream-ID: 26b368fa2cff481f47f37e01b8da1ae5b57b1adc
2210
2211commit ac3451dd65f27ecf85dc045c46d49e2bbcb8dddd
2212Author: djm@openbsd.org <djm@openbsd.org>
2213Date: Fri Sep 4 03:57:38 2015 +0000
2214
2215 upstream commit
2216
2217 remove extra newline in nethack-mode hostkey; from
2218 Christian Hesse bz#2686
2219
2220 Upstream-ID: 4f56368b1cc47baeea0531912186f66007fd5b92
2221
2222commit 9e3ed9ebb1a7e47c155c28399ddf09b306ea05df
2223Author: djm@openbsd.org <djm@openbsd.org>
2224Date: Fri Sep 4 04:23:10 2015 +0000
2225
2226 upstream commit
2227
2228 trim junk from end of file; bz#2455 from Jakub Jelen
2229
2230 Upstream-Regress-ID: a4e64e8931e40d23874b047074444eff919cdfe6
2231
2232commit f3a3ea180afff080bab82087ee0b60db9fd84f6c
2233Author: jsg@openbsd.org <jsg@openbsd.org>
2234Date: Wed Sep 2 07:51:12 2015 +0000
2235
2236 upstream commit
2237
2238 Fix occurrences of "r = func() != 0" which result in the
2239 wrong error codes being returned due to != having higher precedence than =.
2240
2241 ok deraadt@ markus@
2242
2243 Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
2244
2245commit f498a98cf83feeb7ea01c15cd1c98b3111361f3a
2246Author: Damien Miller <djm@mindrot.org>
2247Date: Thu Sep 3 09:11:22 2015 +1000
2248
2249 don't check for yp_match; ok tim@
2250
2251commit 9690b78b7848b0b376980a61d51b1613e187ddb5
2252Author: djm@openbsd.org <djm@openbsd.org>
2253Date: Fri Aug 21 23:57:48 2015 +0000
2254
2255 upstream commit
2256
2257 Improve printing of KEX offers and decisions
2258
2259 The debug output now labels the client and server offers and the
2260 negotiated options. ok markus@
2261
2262 Upstream-ID: 8db921b3f92a4565271b1c1fbce6e7f508e1a2cb
2263
2264commit 60a92470e21340e1a3fc10f9c7140d8e1519dc55
2265Author: djm@openbsd.org <djm@openbsd.org>
2266Date: Fri Aug 21 23:53:08 2015 +0000
2267
2268 upstream commit
2269
2270 Fix printing (ssh -G ...) of HostKeyAlgorithms=+...
2271 Reported by Bryan Drewery
2272
2273 Upstream-ID: 19ad20c41bd5971e006289b6f9af829dd46c1293
2274
2275commit 6310f60fffca2d1e464168e7d1f7e3b6b0268897
2276Author: djm@openbsd.org <djm@openbsd.org>
2277Date: Fri Aug 21 23:52:30 2015 +0000
2278
2279 upstream commit
2280
2281 Fix expansion of HostkeyAlgorithms=+...
2282
2283 Reported by Bryan Drewery
2284
2285 Upstream-ID: 70ca1deea39d758ba36d36428ae832e28566f78d
2286
2287commit e774e5ea56237fd626a8161f9005023dff3e76c9
2288Author: deraadt@openbsd.org <deraadt@openbsd.org>
2289Date: Fri Aug 21 23:29:31 2015 +0000
2290
2291 upstream commit
2292
2293 Improve size == 0, count == 0 checking in mm_zalloc,
2294 which is "array" like. Discussed with tedu, millert, otto.... and ok djm
2295
2296 Upstream-ID: 899b021be43b913fad3eca1aef44efe710c53e29
2297
2298commit 189de02d9ad6f3645417c0ddf359b923aae5f926
2299Author: Damien Miller <djm@mindrot.org>
2300Date: Fri Aug 21 15:45:02 2015 +1000
2301
2302 expose POLLHUP and POLLNVAL for netcat.c
83 2303
84commit e91346dc2bbf460246df2ab591b7613908c1b0ad 2304commit e91346dc2bbf460246df2ab591b7613908c1b0ad
85Author: Damien Miller <djm@mindrot.org> 2305Author: Damien Miller <djm@mindrot.org>
@@ -6685,931 +8905,3 @@ Date: Sun Mar 2 04:01:00 2014 +1100
6685 8905
6686 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when 8906 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
6687 no moduli file exists at the expected location. 8907 no moduli file exists at the expected location.
6688
6689commit c83fdf30e9db865575b2521b1fe46315cf4c70ae
6690Author: Damien Miller <djm@mindrot.org>
6691Date: Fri Feb 28 10:34:03 2014 +1100
6692
6693 - (djm) [regress/host-expand.sh] Add RCS Id
6694
6695commit 834aeac3555e53f7d29a6fcf3db010dfb99681c7
6696Author: Damien Miller <djm@mindrot.org>
6697Date: Fri Feb 28 10:25:16 2014 +1100
6698
6699 - djm@cvs.openbsd.org 2014/02/27 21:21:25
6700 [agent-ptrace.sh agent.sh]
6701 keep return values that are printed in error messages;
6702 from portable
6703 (Id sync only)
6704
6705commit 4f7f1a9a0de24410c30952c7e16d433240422182
6706Author: Damien Miller <djm@mindrot.org>
6707Date: Fri Feb 28 10:24:11 2014 +1100
6708
6709 - djm@cvs.openbsd.org 2014/02/27 20:04:16
6710 [login-timeout.sh]
6711 remove any existing LoginGraceTime from sshd_config before adding
6712 a specific one for the test back in
6713
6714commit d705d987c27f68080c8798eeb5262adbdd6b4ffd
6715Author: Damien Miller <djm@mindrot.org>
6716Date: Fri Feb 28 10:23:26 2014 +1100
6717
6718 - djm@cvs.openbsd.org 2014/01/26 10:49:17
6719 [scp-ssh-wrapper.sh scp.sh]
6720 make sure $SCP is tested on the remote end rather than whichever one
6721 happens to be in $PATH; from portable
6722 (Id sync only)
6723
6724commit 624a3ca376e3955a4b9d936c9e899e241b65d357
6725Author: Damien Miller <djm@mindrot.org>
6726Date: Fri Feb 28 10:22:37 2014 +1100
6727
6728 - djm@cvs.openbsd.org 2014/01/26 10:22:10
6729 [regress/cert-hostkey.sh]
6730 automatically generate revoked keys from listed keys rather than
6731 manually specifying each type; from portable
6732 (Id sync only)
6733
6734commit b84392328425e4b9a71f8bde5fe6a4a4c48d3ec4
6735Author: Damien Miller <djm@mindrot.org>
6736Date: Fri Feb 28 10:21:26 2014 +1100
6737
6738 - dtucker@cvs.openbsd.org 2014/01/25 04:35:32
6739 [regress/Makefile regress/dhgex.sh]
6740 Add a test for DH GEX sizes
6741
6742commit 1e2aa3d90472293ea19008f02336d6d68aa05793
6743Author: Damien Miller <djm@mindrot.org>
6744Date: Fri Feb 28 10:19:51 2014 +1100
6745
6746 - dtucker@cvs.openbsd.org 2014/01/20 00:00:30
6747 [sftp-chroot.sh]
6748 append to rather than truncating the log file
6749
6750commit f483cc16fe7314e24a37aa3a4422b03c013c3213
6751Author: Damien Miller <djm@mindrot.org>
6752Date: Fri Feb 28 10:19:11 2014 +1100
6753
6754 - dtucker@cvs.openbsd.org 2014/01/19 23:43:02
6755 [regress/sftp-chroot.sh]
6756 Don't use -q on sftp as it suppresses logging, instead redirect the
6757 output to the regress logfile.
6758
6759commit 6486f16f1c0ebd6f39286f6ab5e08286d90a994a
6760Author: Damien Miller <djm@mindrot.org>
6761Date: Fri Feb 28 10:03:52 2014 +1100
6762
6763 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
6764 [contrib/suse/openssh.spec] Crank version numbers
6765
6766commit 92cf5adea194140380e6af6ec32751f9ad540794
6767Author: Damien Miller <djm@mindrot.org>
6768Date: Fri Feb 28 10:01:53 2014 +1100
6769
6770 - djm@cvs.openbsd.org 2014/02/27 22:57:40
6771 [version.h]
6772 openssh-6.6
6773
6774commit fc5d6759aba71eb205b296b5f148010ffc828583
6775Author: Damien Miller <djm@mindrot.org>
6776Date: Fri Feb 28 10:01:28 2014 +1100
6777
6778 - djm@cvs.openbsd.org 2014/02/27 22:47:07
6779 [sshd_config.5]
6780 bz#2184 clarify behaviour of a keyword that appears in multiple
6781 matching Match blocks; ok dtucker@
6782
6783commit 172ec7e0af1a5f1d682f6a2dca335c6c186153d5
6784Author: Damien Miller <djm@mindrot.org>
6785Date: Fri Feb 28 10:00:57 2014 +1100
6786
6787 - djm@cvs.openbsd.org 2014/02/27 08:25:09
6788 [bufbn.c]
6789 off by one in range check
6790
6791commit f9a9aaba437c2787e40cf7cc928281950e161678
6792Author: Damien Miller <djm@mindrot.org>
6793Date: Fri Feb 28 10:00:27 2014 +1100
6794
6795 - djm@cvs.openbsd.org 2014/02/27 00:41:49
6796 [bufbn.c]
6797 fix unsigned overflow that could lead to reading a short ssh protocol
6798 1 bignum value; found by Ben Hawkes; ok deraadt@
6799
6800commit fb3423b612713d9cde67c8a75f6f51188d6a3de3
6801Author: Damien Miller <djm@mindrot.org>
6802Date: Thu Feb 27 10:20:07 2014 +1100
6803
6804 - markus@cvs.openbsd.org 2014/02/26 21:53:37
6805 [sshd.c]
6806 ssh_gssapi_prepare_supported_oids needs GSSAPI
6807
6808commit 1348129a34f0f7728c34d86c100a32dcc8d1f922
6809Author: Damien Miller <djm@mindrot.org>
6810Date: Thu Feb 27 10:18:32 2014 +1100
6811
6812 - djm@cvs.openbsd.org 2014/02/26 20:29:29
6813 [channels.c]
6814 don't assume that the socks4 username is \0 terminated;
6815 spotted by Ben Hawkes; ok markus@
6816
6817commit e6a74aeeacd01d885262ff8e50eb28faee8c8039
6818Author: Damien Miller <djm@mindrot.org>
6819Date: Thu Feb 27 10:17:49 2014 +1100
6820
6821 - djm@cvs.openbsd.org 2014/02/26 20:28:44
6822 [auth2-gss.c gss-serv.c ssh-gss.h sshd.c]
6823 bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep
6824 sandboxing, as running this code in the sandbox can cause violations;
6825 ok markus@
6826
6827commit 08b57c67f3609340ff703fe2782d7058acf2529e
6828Author: Damien Miller <djm@mindrot.org>
6829Date: Thu Feb 27 10:17:13 2014 +1100
6830
6831 - djm@cvs.openbsd.org 2014/02/26 20:18:37
6832 [ssh.c]
6833 bz#2205: avoid early hostname lookups unless canonicalisation is enabled;
6834 ok dtucker@ markus@
6835
6836commit 13f97b2286142fd0b8eab94e4ce84fe124eeb752
6837Author: Damien Miller <djm@mindrot.org>
6838Date: Mon Feb 24 15:57:55 2014 +1100
6839
6840 - djm@cvs.openbsd.org 2014/02/23 20:11:36
6841 [readconf.c readconf.h ssh.c ssh_config.5]
6842 reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes
6843 the hostname. This allows users to write configurations that always
6844 refer to canonical hostnames, e.g.
6845
6846 CanonicalizeHostname yes
6847 CanonicalDomains int.example.org example.org
6848 CanonicalizeFallbackLocal no
6849
6850 Host *.int.example.org
6851 Compression off
6852 Host *.example.org
6853 User djm
6854
6855 ok markus@
6856
6857commit bee3a234f3d1ad4244952bcff1b4b7c525330dc2
6858Author: Damien Miller <djm@mindrot.org>
6859Date: Mon Feb 24 15:57:22 2014 +1100
6860
6861 - djm@cvs.openbsd.org 2014/02/23 20:03:42
6862 [ssh-ed25519.c]
6863 check for unsigned overflow; not reachable in OpenSSH but others might
6864 copy our code...
6865
6866commit 0628780abe61e7e50cba48cdafb1837f49ff23b2
6867Author: Damien Miller <djm@mindrot.org>
6868Date: Mon Feb 24 15:56:45 2014 +1100
6869
6870 - djm@cvs.openbsd.org 2014/02/22 01:32:19
6871 [readconf.c]
6872 when processing Match blocks, skip 'exec' clauses if previous predicates
6873 failed to match; ok markus@
6874
6875commit 0890dc8191bb201eb01c3429feec0300a9d3a930
6876Author: Damien Miller <djm@mindrot.org>
6877Date: Mon Feb 24 15:56:07 2014 +1100
6878
6879 - djm@cvs.openbsd.org 2014/02/15 23:05:36
6880 [channels.c]
6881 avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;
6882 bz#2200, debian#738692 via Colin Watson; ok dtucker@
6883
6884commit d3cf67e1117c25d151d0f86396e77ee3a827045a
6885Author: Damien Miller <djm@mindrot.org>
6886Date: Mon Feb 24 15:55:36 2014 +1100
6887
6888 - djm@cvs.openbsd.org 2014/02/07 06:55:54
6889 [cipher.c mac.c]
6890 remove some logging that makes ssh debugging output very verbose;
6891 ok markus
6892
6893commit 03ae081aeaa118361c81ece76eb7cc1aaa2b40c5
6894Author: Tim Rice <tim@multitalents.net>
6895Date: Fri Feb 21 09:09:34 2014 -0800
6896
6897 20140221
6898 - (tim) [configure.ac] Fix cut-and-paste error. Patch from Bryan Drewery.
6899
6900commit 4a20959d2e3c90e9d66897c0b4032c785672d815
6901Author: Darren Tucker <dtucker@zip.com.au>
6902Date: Thu Feb 13 16:38:32 2014 +1100
6903
6904 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat
6905 code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
6906
6907commit d1a7a9c0fd1ac2e3314cceb2891959fd2cd9eabb
6908Author: Damien Miller <djm@mindrot.org>
6909Date: Fri Feb 7 09:24:33 2014 +1100
6910
6911 - djm@cvs.openbsd.org 2014/02/06 22:21:01
6912 [sshconnect.c]
6913 in ssh_create_socket(), only do the getaddrinfo for BindAddress when
6914 BindAddress is actually specified. Fixes regression in 6.5 for
6915 UsePrivilegedPort=yes; patch from Corinna Vinschen
6916
6917commit 6ce35b6cc4ead1bf98abec34cb2e2d6ca0abb15e
6918Author: Damien Miller <djm@mindrot.org>
6919Date: Fri Feb 7 09:24:14 2014 +1100
6920
6921 - naddy@cvs.openbsd.org 2014/02/05 20:13:25
6922 [ssh-keygen.1 ssh-keygen.c]
6923 tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@
6924 while here, fix ordering in usage(); requested by jmc@
6925
6926commit 6434cb2cfbbf0a46375d2d22f2ff9927feb5e478
6927Author: Damien Miller <djm@mindrot.org>
6928Date: Thu Feb 6 11:17:50 2014 +1100
6929
6930 - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define
6931 __NR_shutdown; some go via the socketcall(2) multiplexer.
6932
6933commit 8d36f9ac71eff2e9f5770c0518b73d875f270647
6934Author: Darren Tucker <dtucker@zip.com.au>
6935Date: Thu Feb 6 10:44:13 2014 +1100
6936
6937 - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL
6938 before freeing since free(NULL) is a no-op. ok djm.
6939
6940commit a0959da3680b4ce8cf911caf3293a6d90f88eeb7
6941Author: Damien Miller <djm@mindrot.org>
6942Date: Wed Feb 5 10:33:45 2014 +1100
6943
6944 - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by
6945 headers/libc but not supported by the kernel. Patch from Loganaden
6946 Velvindron @ AfriNIC
6947
6948commit 9c449bc183b256c84d8f740727b0bc54d247b15e
6949Author: Damien Miller <djm@mindrot.org>
6950Date: Tue Feb 4 11:38:28 2014 +1100
6951
6952 - (djm) [regress/setuid-allowed.c] Missing string.h for strerror()
6953
6954commit bf7e0f03be661b6f5b3bfe325135ce19391f9c4d
6955Author: Damien Miller <djm@mindrot.org>
6956Date: Tue Feb 4 11:37:50 2014 +1100
6957
6958 - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o
6959
6960commit eb6d870a0ea8661299bb2ea8f013d3ace04e2024
6961Author: Damien Miller <djm@mindrot.org>
6962Date: Tue Feb 4 11:26:34 2014 +1100
6963
6964 - djm@cvs.openbsd.org 2014/02/04 00:24:29
6965 [ssh.c]
6966 delay lowercasing of hostname until right before hostname
6967 canonicalisation to unbreak case-sensitive matching of ssh_config;
6968 reported by Ike Devolder; ok markus@
6969
6970commit d56b44d2dfa093883a5c4e91be3f72d99946b170
6971Author: Damien Miller <djm@mindrot.org>
6972Date: Tue Feb 4 11:26:04 2014 +1100
6973
6974 - djm@cvs.openbsd.org 2014/02/04 00:24:29
6975 [ssh.c]
6976 delay lowercasing of hostname until right before hostname
6977 canonicalisation to unbreak case-sensitive matching of ssh_config;
6978 reported by Ike Devolder; ok markus@
6979
6980commit db3c595ea74ea9ccd5aa644d7e1f8dc675710731
6981Author: Damien Miller <djm@mindrot.org>
6982Date: Tue Feb 4 11:25:45 2014 +1100
6983
6984 - djm@cvs.openbsd.org 2014/02/02 03:44:31
6985 [digest-libc.c digest-openssl.c]
6986 convert memset of potentially-private data to explicit_bzero()
6987
6988commit aae07e2e2000dd318418fd7fd4597760904cae32
6989Author: Damien Miller <djm@mindrot.org>
6990Date: Tue Feb 4 11:20:40 2014 +1100
6991
6992 - djm@cvs.openbsd.org 2014/02/03 23:28:00
6993 [ssh-ecdsa.c]
6994 fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike
6995 DSA_SIG_new. Reported by Batz Spear; ok markus@
6996
6997commit a5103f413bde6f31bff85d6e1fd29799c647d765
6998Author: Damien Miller <djm@mindrot.org>
6999Date: Tue Feb 4 11:20:14 2014 +1100
7000
7001 - djm@cvs.openbsd.org 2014/02/02 03:44:32
7002 [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
7003 [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
7004 [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
7005 [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
7006 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
7007 [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
7008 [sshd.c]
7009 convert memset of potentially-private data to explicit_bzero()
7010
7011commit 1d2c4564265ee827147af246a16f3777741411ed
7012Author: Damien Miller <djm@mindrot.org>
7013Date: Tue Feb 4 11:18:20 2014 +1100
7014
7015 - tedu@cvs.openbsd.org 2014/01/31 16:39:19
7016 [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
7017 [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
7018 [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
7019 [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
7020 [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
7021 replace most bzero with explicit_bzero, except a few that cna be memset
7022 ok djm dtucker
7023
7024commit 3928de067c286683a95fbdbdb5fdb3c78a0e5efd
7025Author: Damien Miller <djm@mindrot.org>
7026Date: Tue Feb 4 11:13:54 2014 +1100
7027
7028 - djm@cvs.openbsd.org 2014/01/30 22:26:14
7029 [sandbox-systrace.c]
7030 allow shutdown(2) syscall in sandbox - it may be called by packet_close()
7031 from portable
7032 (Id sync only; change is already in portable)
7033
7034commit e1e480aee8a9af6cfbe7188667b7b940d6b57f9f
7035Author: Damien Miller <djm@mindrot.org>
7036Date: Tue Feb 4 11:13:17 2014 +1100
7037
7038 - jmc@cvs.openbsd.org 2014/01/29 14:04:51
7039 [sshd_config.5]
7040 document kbdinteractiveauthentication;
7041 requested From: Ross L Richardson
7042
7043 dtucker/markus helped explain its workings;
7044
7045commit 7cc194f70d4a5ec9a82d19422eaf18db4a6624c6
7046Author: Damien Miller <djm@mindrot.org>
7047Date: Tue Feb 4 11:12:56 2014 +1100
7048
7049 - djm@cvs.openbsd.org 2014/01/29 06:18:35
7050 [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c]
7051 [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h]
7052 [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c]
7053 remove experimental, never-enabled JPAKE code; ok markus@
7054
7055commit b0f26544cf6f4feeb1a4f6db09fca834f5c9867d
7056Author: Damien Miller <djm@mindrot.org>
7057Date: Tue Feb 4 11:10:01 2014 +1100
7058
7059 - djm@cvs.openbsd.org 2014/01/29 00:19:26
7060 [sshd.c]
7061 use kill(0, ...) instead of killpg(0, ...); on most operating systems
7062 they are equivalent, but SUSv2 describes the latter as having undefined
7063 behaviour; from portable; ok dtucker
7064 (Id sync only; change is already in portable)
7065
7066commit f8f35bc471500348bb262039fb1fc43175d251b0
7067Author: Damien Miller <djm@mindrot.org>
7068Date: Tue Feb 4 11:09:12 2014 +1100
7069
7070 - jmc@cvs.openbsd.org 2014/01/28 14:13:39
7071 [ssh-keyscan.1]
7072 kill some bad Pa;
7073 From: Jan Stary
7074
7075commit 0ba85d696ae9daf66002c2e4ab0d6bb111e1a787
7076Author: Damien Miller <djm@mindrot.org>
7077Date: Tue Feb 4 11:08:38 2014 +1100
7078
7079 ignore a few more regress droppings
7080
7081commit ec93d15170b7a6ddf63fd654bd0f6a752acc19dd
7082Author: Damien Miller <djm@mindrot.org>
7083Date: Tue Feb 4 11:07:13 2014 +1100
7084
7085 - markus@cvs.openbsd.org 2014/01/27 20:13:46
7086 [digest.c digest-openssl.c digest-libc.c Makefile.in]
7087 rename digest.c to digest-openssl.c and add libc variant; ok djm@
7088
7089commit 4a1c7aa640fb97d3472d51b215b6a0ec0fd025c7
7090Author: Damien Miller <djm@mindrot.org>
7091Date: Tue Feb 4 11:03:36 2014 +1100
7092
7093 - markus@cvs.openbsd.org 2014/01/27 19:18:54
7094 [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c]
7095 replace openssl MD5 with our ssh_digest_*; ok djm@
7096
7097commit 4e8d937af79ce4e253f77ec93489d098b25becc3
7098Author: Damien Miller <djm@mindrot.org>
7099Date: Tue Feb 4 11:02:42 2014 +1100
7100
7101 - markus@cvs.openbsd.org 2014/01/27 18:58:14
7102 [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h]
7103 replace openssl HMAC with an implementation based on our ssh_digest_*
7104 ok and feedback djm@
7105
7106commit 69d0d09f76bab5aec86fbf78489169f63bd16475
7107Author: Tim Rice <tim@multitalents.net>
7108Date: Fri Jan 31 14:25:18 2014 -0800
7109
7110 - (tim) [Makefile.in] build regress/setuid-allow.
7111
7112commit 0eeafcd76b972a3d159f3118227c149a4d7817fe
7113Author: Darren Tucker <dtucker@zip.com.au>
7114Date: Fri Jan 31 14:18:51 2014 +1100
7115
7116 - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes
7117 build with HP-UX's compiler. Patch from Kevin Brott.
7118
7119commit 7e5cec6070673e9f9785ffc749837ada22fbe99f
7120Author: Damien Miller <djm@mindrot.org>
7121Date: Fri Jan 31 09:25:34 2014 +1100
7122
7123 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
7124 syscall from sandboxes; it may be called by packet_close.
7125
7126commit cdb6c90811caa5df2df856be9b0b16db020fe31d
7127Author: Damien Miller <djm@mindrot.org>
7128Date: Thu Jan 30 12:50:17 2014 +1100
7129
7130 - (djm) Release openssh-6.5p1
7131
7132commit 996ea80b1884b676a901439f1f2681eb6ff68501
7133Author: Damien Miller <djm@mindrot.org>
7134Date: Thu Jan 30 12:49:55 2014 +1100
7135
7136 trim entries prior to openssh-6.0p1
7137
7138commit f5bbd3b657b6340551c8a95f74a70857ff8fac79
7139Author: Damien Miller <djm@mindrot.org>
7140Date: Thu Jan 30 11:26:46 2014 +1100
7141
7142 - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering
7143 different symbols for 'read' when various compiler flags are
7144 in use, causing atomicio.c comparisons against it to break and
7145 read/write operations to hang; ok dtucker
7146
7147commit c2868192ddc4e1420a50389e18c05db20b0b1f32
7148Author: Damien Miller <djm@mindrot.org>
7149Date: Thu Jan 30 10:21:19 2014 +1100
7150
7151 - (djm) [configure.ac] Only check for width-specified integer types
7152 in headers that actually exist. patch from Tom G. Christensen;
7153 ok dtucker@
7154
7155commit c161fc90fc86e2035710570238a9e1ca7a68d2a5
7156Author: Damien Miller <djm@mindrot.org>
7157Date: Wed Jan 29 21:01:33 2014 +1100
7158
7159 - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from
7160 Tom G. Christensen
7161
7162commit 6f917ad376481995ab7d29fb53b08ec8d507eb9e
7163Author: Tim Rice <tim@multitalents.net>
7164Date: Tue Jan 28 10:26:25 2014 -0800
7165
7166 - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable
7167 when used as an error message inside an if statement so we display the
7168 correct into. agent.sh patch from Petr Lautrbach.
7169
7170commit ab16ef4152914d44ce6f76e48167d26d22f66a06
7171Author: Damien Miller <djm@mindrot.org>
7172Date: Tue Jan 28 15:08:12 2014 +1100
7173
7174 - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the
7175 latter being specified to have undefined behaviour in SUSv3;
7176 ok dtucker
7177
7178commit ab0394905884dc6e58c3721211c6b38fb8fc2ca8
7179Author: Damien Miller <djm@mindrot.org>
7180Date: Tue Jan 28 15:07:10 2014 +1100
7181
7182 - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl;
7183 ok dtucker
7184
7185commit 4ab20a82d4d4168d62318923f62382f6ef242fcd
7186Author: Darren Tucker <dtucker@zip.com.au>
7187Date: Mon Jan 27 17:35:04 2014 +1100
7188
7189 - (dtucker) [Makefile.in] Remove trailing backslash which some make
7190 implementations (eg older Solaris) do not cope with.
7191
7192commit e7e8b3cfe9f8665faaf0e68b33df5bbb431bd129
7193Author: Darren Tucker <dtucker@zip.com.au>
7194Date: Mon Jan 27 17:32:50 2014 +1100
7195
7196 Welcome to 2014
7197
7198commit 5b447c0aac0dd444251e276f6bb3bbbe1c05331c
7199Author: Damien Miller <djm@mindrot.org>
7200Date: Sun Jan 26 09:46:53 2014 +1100
7201
7202 - (djm) [configure.ac] correct AC_DEFINE for previous.
7203
7204commit 2035b2236d3b1f76c749c642a43e03c85eae76e6
7205Author: Damien Miller <djm@mindrot.org>
7206Date: Sun Jan 26 09:39:53 2014 +1100
7207
7208 - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable
7209 RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
7210 libc will attempt to open additional file descriptors for crypto
7211 offload and crash if they cannot be opened.
7212
7213commit a92ac7410475fbb00383c7402aa954dc0a75ae19
7214Author: Damien Miller <djm@mindrot.org>
7215Date: Sun Jan 26 09:38:03 2014 +1100
7216
7217 - markus@cvs.openbsd.org 2014/01/25 20:35:37
7218 [kex.c]
7219 dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len)
7220 ok dtucker@, noted by mancha
7221
7222commit 76eea4ab4e658670ca6e76dd1e6d17f262208b57
7223Author: Damien Miller <djm@mindrot.org>
7224Date: Sun Jan 26 09:37:25 2014 +1100
7225
7226 - dtucker@cvs.openbsd.org 2014/01/25 10:12:50
7227 [cipher.c cipher.h kex.c kex.h kexgexc.c]
7228 Add a special case for the DH group size for 3des-cbc, which has an
7229 effective strength much lower than the key size. This causes problems
7230 with some cryptlib implementations, which don't support group sizes larger
7231 than 4k but also don't use the largest group size it does support as
7232 specified in the RFC. Based on a patch from Petr Lautrbach at Redhat,
7233 reduced by me with input from Markus. ok djm@ markus@
7234
7235commit 603b8f47f1cd9ed95a2017447db8e60ca6704594
7236Author: Damien Miller <djm@mindrot.org>
7237Date: Sat Jan 25 13:16:59 2014 +1100
7238
7239 - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test
7240 against the correct thing.
7241
7242commit c96d85376d779b6ac61525b5440010d344d2f23f
7243Author: Damien Miller <djm@mindrot.org>
7244Date: Sat Jan 25 13:12:28 2014 +1100
7245
7246 - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless
7247 sys/capability.h exists and cap_rights_limit is in libc. Fixes
7248 build on FreeBSD9x which provides the header but not the libc
7249 support.
7250
7251commit f62ecef9939cb3dbeb10602fd705d4db3976d822
7252Author: Damien Miller <djm@mindrot.org>
7253Date: Sat Jan 25 12:34:38 2014 +1100
7254
7255 - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD
7256
7257commit b0e0f760b861676a3fe5c40133b270713d5321a9
7258Author: Damien Miller <djm@mindrot.org>
7259Date: Fri Jan 24 14:27:04 2014 +1100
7260
7261 - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make
7262 the scp regress test actually test the built scp rather than the one
7263 in $PATH. ok dtucker@
7264
7265commit 42a092530159637da9cb7f9e1b5f4679e34a85e6
7266Author: Darren Tucker <dtucker@zip.com.au>
7267Date: Thu Jan 23 23:14:39 2014 +1100
7268
7269 - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously
7270 incompatible with OpenBSD's despite post-dating it by more than a decade.
7271 Declare it as broken, and document FreeBSD's as the same. ok djm@
7272
7273commit 617da33c20cb59f9ea6c99c881d92493371ef7b8
7274Author: Tim Rice <tim@multitalents.net>
7275Date: Wed Jan 22 19:16:10 2014 -0800
7276
7277 - (tim) [session.c] Improve error reporting on set_id().
7278
7279commit 5c2ff5e31f57d303ebb414d84a934c02728fa568
7280Author: Damien Miller <djm@mindrot.org>
7281Date: Wed Jan 22 21:30:12 2014 +1100
7282
7283 - (djm) [configure.ac aclocal.m4] More tests to detect fallout from
7284 platform hardening options: include some long long int arithmatic
7285 to detect missing support functions for -ftrapv in libgcc and
7286 equivalents, actually test linking when -ftrapv is supplied and
7287 set either both -pie/-fPIE or neither. feedback and ok dtucker@
7288
7289commit 852472a54b8a0dc3e53786b313baaa86850a4273
7290Author: Damien Miller <djm@mindrot.org>
7291Date: Wed Jan 22 16:31:18 2014 +1100
7292
7293 - (djm) [configure.ac] Unless specifically requested, only attempt
7294 to build Position Independent Executables on gcc >= 4.x; ok dtucker
7295
7296commit ee87838786cef0194db36ae0675b3e7c4e8ec661
7297Author: Damien Miller <djm@mindrot.org>
7298Date: Wed Jan 22 16:30:15 2014 +1100
7299
7300 - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a
7301 platform that is expected to use the reuse-argv style setproctitle
7302 hack surprises us by providing a setproctitle in libc; ok dtucker
7303
7304commit 5c96a154c7940fa67b1f11c421e390dbbc159f27
7305Author: Damien Miller <djm@mindrot.org>
7306Date: Tue Jan 21 13:10:26 2014 +1100
7307
7308 - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE
7309 and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of
7310 detecting toolchain-related problems; ok dtucker
7311
7312commit 9464ba6fb34bb42eb3501ec3c5143662e75674bf
7313Author: Tim Rice <tim@multitalents.net>
7314Date: Mon Jan 20 17:59:28 2014 -0800
7315
7316 - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced
7317 with sftp chroot support. Move set_id call after chroot.
7318
7319commit a6d573caa14d490e6c42fb991bcb5c6860ec704b
7320Author: Darren Tucker <dtucker@zip.com.au>
7321Date: Tue Jan 21 12:50:46 2014 +1100
7322
7323 - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time
7324 tests in the configure output. ok djm.
7325
7326commit 096118dc73ab14810b3c12785c0b5acb01ad6123
7327Author: Darren Tucker <dtucker@zip.com.au>
7328Date: Tue Jan 21 12:48:51 2014 +1100
7329
7330 - (dtucker) [configure.ac] Make PIE a configure-time option which defaults
7331 to on platforms where it's known to be reliably detected and off elsewhere.
7332 Works around platforms such as FreeBSD 9.1 where it does not interop with
7333 -ftrapv (it seems to work but fails when trying to link ssh). ok djm@
7334
7335commit f9df7f6f477792254eab33cdef71a6d66488cb88
7336Author: Damien Miller <djm@mindrot.org>
7337Date: Mon Jan 20 20:07:15 2014 +1100
7338
7339 - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that
7340 skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@
7341
7342commit c74e70eb52ccc0082bd5a70b5798bb01c114d138
7343Author: Darren Tucker <dtucker@zip.com.au>
7344Date: Mon Jan 20 13:18:09 2014 +1100
7345
7346 - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos
7347 implementation does not have krb5_cc_new_unique, similar to what we do
7348 in auth-krb5.c.
7349
7350commit 3510979e83b6a18ec8773c64c3fa04aa08b2e783
7351Author: Damien Miller <djm@mindrot.org>
7352Date: Mon Jan 20 12:41:53 2014 +1100
7353
7354 - djm@cvs.openbsd.org 2014/01/20 00:08:48
7355 [digest.c]
7356 memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@
7357
7358commit 7eee358d7a6580479bee5cd7e52810ebfd03e5b2
7359Author: Darren Tucker <dtucker@zip.com.au>
7360Date: Sun Jan 19 22:37:02 2014 +1100
7361
7362 - dtucker@cvs.openbsd.org 2014/01/19 11:21:51
7363 [addrmatch.c]
7364 Cast the sizeof to socklen_t so it'll work even if the supplied len is
7365 negative. Suggested by and ok djm, ok deraadt.
7366
7367commit b7e01c09b56ab26e8fac56bbce0fd25e36d12bb0
7368Author: Darren Tucker <dtucker@zip.com.au>
7369Date: Sun Jan 19 22:36:13 2014 +1100
7370
7371 - djm@cvs.openbsd.org 2014/01/19 04:48:08
7372 [ssh_config.5]
7373 fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal
7374
7375commit 7b1ded04adce42efa25ada7c3a39818d3109b724
7376Author: Darren Tucker <dtucker@zip.com.au>
7377Date: Sun Jan 19 15:30:02 2014 +1100
7378
7379 - dtucker@cvs.openbsd.org 2014/01/19 04:17:29
7380 [canohost.c addrmatch.c]
7381 Cast socklen_t when comparing to size_t and use socklen_t to iterate over
7382 the ip options, both to prevent signed/unsigned comparison warnings.
7383 Patch from vinschen at redhat via portable openssh, begrudging ok deraadt.
7384
7385commit 293ee3c9f0796d99ebb033735f0e315f2e0180bf
7386Author: Darren Tucker <dtucker@zip.com.au>
7387Date: Sun Jan 19 15:28:01 2014 +1100
7388
7389 - dtucker@cvs.openbsd.org 2014/01/18 09:36:26
7390 [session.c]
7391 explicitly define USE_PIPES to 1 to prevent redefinition warnings in
7392 portable on platforms that use pipes for everything. From redhat @
7393 redhat.
7394
7395commit 2aca159d05f9e7880d1d8f1ce49a218840057f53
7396Author: Darren Tucker <dtucker@zip.com.au>
7397Date: Sun Jan 19 15:25:34 2014 +1100
7398
7399 - dtucker@cvs.openbsd.org 2014/01/17 06:23:24
7400 [sftp-server.c]
7401 fix log message statvfs. ok djm
7402
7403commit 841f7da89ae8b367bb502d61c5c41916c6e7ae4c
7404Author: Darren Tucker <dtucker@zip.com.au>
7405Date: Sat Jan 18 22:12:15 2014 +1100
7406
7407 - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
7408 return value check for cap_enter() consistent with the other uses in
7409 FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140.
7410
7411commit fdce3731660699b2429e93e822f2ccbaccd163ae
7412Author: Darren Tucker <dtucker@zip.com.au>
7413Date: Sat Jan 18 21:12:42 2014 +1100
7414
7415 - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs,
7416 optind) are defined in getopt.h already. Unfortunately they are defined as
7417 "declspec(dllimport)" for historical reasons, because the GNU linker didn't
7418 allow auto-import on PE/COFF targets way back when. The problem is the
7419 dllexport attributes collide with the definitions in the various source
7420 files in OpenSSH, which obviousy define the variables without
7421 declspec(dllimport). The least intrusive way to get rid of these warnings
7422 is to disable warnings for GCC compiler attributes when building on Cygwin.
7423 Patch from vinschen at redhat.com.
7424
7425commit 1411c9263f46e1ee49d0d302bf7258ebe69ce827
7426Author: Darren Tucker <dtucker@zip.com.au>
7427Date: Sat Jan 18 21:03:59 2014 +1100
7428
7429 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function
7430 declarations that stopped being included when we stopped including
7431 <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at
7432 redhat.com.
7433
7434commit 89c532d843c95a085777c66365067d64d1937eb9
7435Author: Darren Tucker <dtucker@zip.com.au>
7436Date: Sat Jan 18 20:43:49 2014 +1100
7437
7438 - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch
7439 from vinschen at redhat.com
7440
7441commit 355f861022be7b23d3009fae8f3c9f6f7fc685f7
7442Author: Darren Tucker <dtucker@zip.com.au>
7443Date: Sat Jan 18 00:12:38 2014 +1100
7444
7445 - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after
7446 they're defined if we have to define them ourselves. Fixes builds on old
7447 AIX.
7448
7449commit a3357661ee1d5d553294f36e4940e8285c7f1332
7450Author: Darren Tucker <dtucker@zip.com.au>
7451Date: Sat Jan 18 00:03:57 2014 +1100
7452
7453 - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on
7454 Solaris.
7455
7456commit 9edcbff46ff01c8d5dee9c1aa843f09e9ad8a80e
7457Author: Darren Tucker <dtucker@zip.com.au>
7458Date: Fri Jan 17 21:54:32 2014 +1100
7459
7460 - (dtucker) [configure.ac] Have --without-toolchain-hardening not turn off
7461 stack-protector since that has a separate flag that's been around a while.
7462
7463commit 6d725687c490d4ba957a1bbc0ba0a2956c09fa69
7464Author: Darren Tucker <dtucker@zip.com.au>
7465Date: Fri Jan 17 19:17:34 2014 +1100
7466
7467 - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types.
7468
7469commit 5055699c7f7c7ef21703a443ec73117da392f6ae
7470Author: Darren Tucker <dtucker@zip.com.au>
7471Date: Fri Jan 17 18:48:22 2014 +1100
7472
7473 - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we
7474 need them to cut down on the name collisions.
7475
7476commit a5cf1e220def07290260e4125e74f41ac75cf88d
7477Author: Darren Tucker <dtucker@zip.com.au>
7478Date: Fri Jan 17 18:10:58 2014 +1100
7479
7480 - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c
7481 openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs
7482 to be useful (and for the regression tests to pass) on platforms that
7483 have statfs and fstatfs. ok djm@
7484
7485commit 1357d71d7b6d269969520aaa3e84d312ec971d5b
7486Author: Darren Tucker <dtucker@zip.com.au>
7487Date: Fri Jan 17 18:00:40 2014 +1100
7488
7489 - (dtucker) Fix typo in #ifndef.
7490
7491commit d23a91ffb289d3553a58b7a60cec39fba9f0f506
7492Author: Darren Tucker <dtucker@zip.com.au>
7493Date: Fri Jan 17 17:32:30 2014 +1100
7494
7495 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c
7496 openbsd-compat/openssl-compat.h] Add compatibility layer for older
7497 openssl versions. ok djm@
7498
7499commit 868ea1ea1c1bfdbee5dbad78f81999c5983ecf31
7500Author: Damien Miller <djm@mindrot.org>
7501Date: Fri Jan 17 16:47:04 2014 +1100
7502
7503 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]
7504 [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c]
7505 [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
7506 using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
7507 Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
7508
7509commit a9d186a8b50d18869a10e9203abf71c83ddb1f79
7510Author: Darren Tucker <dtucker@zip.com.au>
7511Date: Fri Jan 17 16:30:49 2014 +1100
7512
7513 - dtucker@cvs.openbsd.org 2014/01/17 05:26:41
7514 [digest.c]
7515 remove unused includes. ok djm@
7516
7517commit 5f1c57a7a7eb39c0e4fee3367712337dbcaef024
7518Author: Darren Tucker <dtucker@zip.com.au>
7519Date: Fri Jan 17 16:29:45 2014 +1100
7520
7521 - djm@cvs.openbsd.org 2014/01/17 00:21:06
7522 [sftp-client.c]
7523 signed/unsigned comparison warning fix; from portable (Id sync only)
7524
7525commit c548722361d89fb12c108528f96b306a26477b18
7526Author: Darren Tucker <dtucker@zip.com.au>
7527Date: Fri Jan 17 15:12:16 2014 +1100
7528
7529 - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into
7530 separate lines and alphabetize for easier diffing of changes.
7531
7532commit acad351a5b1c37de9130c9c1710445cc45a7f6b9
7533Author: Darren Tucker <dtucker@zip.com.au>
7534Date: Fri Jan 17 14:20:05 2014 +1100
7535
7536 - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that
7537 don't have them.
7538
7539commit c3ed065ce8417aaa46490836648c173a5010f226
7540Author: Darren Tucker <dtucker@zip.com.au>
7541Date: Fri Jan 17 14:18:45 2014 +1100
7542
7543 - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside
7544 #ifdef HAVE_STDINT_H.
7545
7546commit f45f78ae437062c7d9506c5f475b7215f486be44
7547Author: Darren Tucker <dtucker@zip.com.au>
7548Date: Fri Jan 17 12:43:43 2014 +1100
7549
7550 - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include
7551 includes.h to pull in all of the compatibility stuff.
7552
7553commit 99df369d0340caac145d57f700d830147ff18b87
7554Author: Darren Tucker <dtucker@zip.com.au>
7555Date: Fri Jan 17 12:42:17 2014 +1100
7556
7557 - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
7558
7559commit ac413b62ea1957e80c711acbe0c11b908273fc01
7560Author: Darren Tucker <dtucker@zip.com.au>
7561Date: Fri Jan 17 12:31:33 2014 +1100
7562
7563 - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
7564
7565commit 1c4a011e9c939e74815346a560843e1862c300b8
7566Author: Darren Tucker <dtucker@zip.com.au>
7567Date: Fri Jan 17 12:23:23 2014 +1100
7568
7569 - (dtucker) [loginrec.c] Cast to the types specfied in the format
7570 specification to prevent warnings.
7571
7572commit c3d483f9a8275be1113535a1e0d0e384f605f3c4
7573Author: Damien Miller <djm@mindrot.org>
7574Date: Fri Jan 17 11:20:26 2014 +1100
7575
7576 - (djm) [sftp-client.c] signed/unsigned comparison fix
7577
7578commit fd994379dd972417d0491767f7cd9b5bf23f4975
7579Author: Darren Tucker <dtucker@zip.com.au>
7580Date: Fri Jan 17 09:53:24 2014 +1100
7581
7582 - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain
7583 hardening flags including -fstack-protector-strong. These default to on
7584 if the toolchain supports them, but there is a configure-time knob
7585 (--without-hardening) to disable them if necessary. ok djm@
7586
7587commit 366224d21768ee8ec28cfbcc5fbade1b32582d58
7588Author: Damien Miller <djm@mindrot.org>
7589Date: Thu Jan 16 18:51:44 2014 +1100
7590
7591 - (djm) [README] update release notes URL.
7592
7593commit 2ae77e64f8fa82cbf25c9755e8e847709b978b40
7594Author: Damien Miller <djm@mindrot.org>
7595Date: Thu Jan 16 18:51:07 2014 +1100
7596
7597 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
7598 [contrib/suse/openssh.spec] Crank RPM spec version numbers.
7599
7600commit 0fa29e6d777c73a1b4ddd3b996b06ee20022ae8a
7601Author: Damien Miller <djm@mindrot.org>
7602Date: Thu Jan 16 18:42:31 2014 +1100
7603
7604 - djm@cvs.openbsd.org 2014/01/16 07:32:00
7605 [version.h]
7606 openssh-6.5
7607
7608commit 52c371cd6d2598cc73d4e633811b3012119c47e2
7609Author: Damien Miller <djm@mindrot.org>
7610Date: Thu Jan 16 18:42:10 2014 +1100
7611
7612 - djm@cvs.openbsd.org 2014/01/16 07:31:09
7613 [sftp-client.c]
7614 needless and incorrect cast to size_t can break resumption of
7615 large download; patch from tobias@
diff --git a/Makefile.in b/Makefile.in
index 40cc7aae1..d401787db 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -91,11 +91,11 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \
91 sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \ 91 sc25519.o ge25519.o fe25519.o ed25519.o verify.o hash.o blocks.o \
92 kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \ 92 kex.o kexdh.o kexgex.o kexecdh.o kexc25519.o \
93 kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \ 93 kexdhc.o kexgexc.o kexecdhc.o kexc25519c.o \
94 kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o 94 kexdhs.o kexgexs.o kexecdhs.o kexc25519s.o \
95 platform-pledge.o
95 96
96SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \ 97SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
97 sshconnect.o sshconnect1.o sshconnect2.o mux.o \ 98 sshconnect.o sshconnect1.o sshconnect2.o mux.o
98 roaming_common.o roaming_client.o
99 99
100SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ 100SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
101 audit.o audit-bsm.o audit-linux.o platform.o \ 101 audit.o audit-bsm.o audit-linux.o platform.o \
@@ -108,9 +108,9 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
108 auth2-gss.o gss-serv.o gss-serv-krb5.o \ 108 auth2-gss.o gss-serv.o gss-serv-krb5.o \
109 loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ 109 loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
110 sftp-server.o sftp-common.o \ 110 sftp-server.o sftp-common.o \
111 roaming_common.o roaming_serv.o \
112 sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ 111 sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
113 sandbox-seccomp-filter.o sandbox-capsicum.o 112 sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \
113 sandbox-solaris.o
114 114
115MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out 115MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
116MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 116MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
@@ -178,14 +178,14 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o
178ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o 178ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
179 $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 179 $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
180 180
181ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o readconf.o 181ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o
182 $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 182 $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
183 183
184ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o 184ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
185 $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) 185 $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
186 186
187ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o 187ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
188 $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) 188 $(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
189 189
190sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o 190sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o sftp-server-main.o
191 $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 191 $(LD) -o $@ sftp-server.o sftp-common.o sftp-server-main.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
@@ -327,10 +327,6 @@ install-files:
327 $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 327 $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
328 $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 328 $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
329 $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 329 $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
330 -rm -f $(DESTDIR)$(bindir)/slogin
331 ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
332 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
333 ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
334 330
335install-sysconf: 331install-sysconf:
336 if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ 332 if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
@@ -359,41 +355,19 @@ install-sysconf:
359 355
360host-key: ssh-keygen$(EXEEXT) 356host-key: ssh-keygen$(EXEEXT)
361 @if [ -z "$(DESTDIR)" ] ; then \ 357 @if [ -z "$(DESTDIR)" ] ; then \
362 if [ -f "$(sysconfdir)/ssh_host_key" ] ; then \ 358 ./ssh-keygen -A; \
363 echo "$(sysconfdir)/ssh_host_key already exists, skipping." ; \ 359 fi
364 else \
365 ./ssh-keygen -t rsa1 -f $(sysconfdir)/ssh_host_key -N "" ; \
366 fi ; \
367 if [ -f $(sysconfdir)/ssh_host_dsa_key ] ; then \
368 echo "$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \
369 else \
370 ./ssh-keygen -t dsa -f $(sysconfdir)/ssh_host_dsa_key -N "" ; \
371 fi ; \
372 if [ -f $(sysconfdir)/ssh_host_rsa_key ] ; then \
373 echo "$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \
374 else \
375 ./ssh-keygen -t rsa -f $(sysconfdir)/ssh_host_rsa_key -N "" ; \
376 fi ; \
377 if [ -f $(sysconfdir)/ssh_host_ed25519_key ] ; then \
378 echo "$(sysconfdir)/ssh_host_ed25519_key already exists, skipping." ; \
379 else \
380 ./ssh-keygen -t ed25519 -f $(sysconfdir)/ssh_host_ed25519_key -N "" ; \
381 fi ; \
382 if [ -z "@COMMENT_OUT_ECC@" ] ; then \
383 if [ -f $(sysconfdir)/ssh_host_ecdsa_key ] ; then \
384 echo "$(sysconfdir)/ssh_host_ecdsa_key already exists, skipping." ; \
385 else \
386 ./ssh-keygen -t ecdsa -f $(sysconfdir)/ssh_host_ecdsa_key -N "" ; \
387 fi ; \
388 fi ; \
389 fi ;
390 360
391host-key-force: ssh-keygen$(EXEEXT) 361host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT)
392 ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" 362 if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \
363 ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""; \
364 fi
393 ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" 365 ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N ""
394 ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" 366 ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N ""
395 ./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N "" 367 ./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N ""
396 test -z "@COMMENT_OUT_ECC@" && ./ssh-keygen -t ecdsa -f $(DESTDIR)$(sysconfdir)/ssh_host_ecdsa_key -N "" 368 if ./ssh -Q key | grep ecdsa >/dev/null ; then \
369 ./ssh-keygen -t ecdsa -f $(DESTDIR)$(sysconfdir)/ssh_host_ecdsa_key -N ""; \
370 fi
397 371
398uninstallall: uninstall 372uninstallall: uninstall
399 -rm -f $(DESTDIR)$(sysconfdir)/ssh_config 373 -rm -f $(DESTDIR)$(sysconfdir)/ssh_config
@@ -407,7 +381,6 @@ uninstallall: uninstall
407 -rmdir $(DESTDIR)$(libexecdir) 381 -rmdir $(DESTDIR)$(libexecdir)
408 382
409uninstall: 383uninstall:
410 -rm -f $(DESTDIR)$(bindir)/slogin
411 -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT) 384 -rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT)
412 -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT) 385 -rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT)
413 -rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT) 386 -rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
@@ -430,7 +403,6 @@ uninstall:
430 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 403 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
431 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 404 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
432 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 405 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
433 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
434 406
435regress-prep: 407regress-prep:
436 [ -d `pwd`/regress ] || mkdir -p `pwd`/regress 408 [ -d `pwd`/regress ] || mkdir -p `pwd`/regress
@@ -462,6 +434,10 @@ regress/netcat$(EXEEXT): $(srcdir)/regress/netcat.c
462 $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \ 434 $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \
463 $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) 435 $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
464 436
437regress/check-perm$(EXEEXT): $(srcdir)/regress/check-perm.c
438 $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $? \
439 $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
440
465UNITTESTS_TEST_HELPER_OBJS=\ 441UNITTESTS_TEST_HELPER_OBJS=\
466 regress/unittests/test_helper/test_helper.o \ 442 regress/unittests/test_helper/test_helper.o \
467 regress/unittests/test_helper/fuzz.o 443 regress/unittests/test_helper/fuzz.o
@@ -510,8 +486,7 @@ regress/unittests/bitmap/test_bitmap$(EXEEXT): ${UNITTESTS_TEST_BITMAP_OBJS} \
510 486
511UNITTESTS_TEST_KEX_OBJS=\ 487UNITTESTS_TEST_KEX_OBJS=\
512 regress/unittests/kex/tests.o \ 488 regress/unittests/kex/tests.o \
513 regress/unittests/kex/test_kex.o \ 489 regress/unittests/kex/test_kex.o
514 roaming_dummy.o
515 490
516regress/unittests/kex/test_kex$(EXEEXT): ${UNITTESTS_TEST_KEX_OBJS} \ 491regress/unittests/kex/test_kex$(EXEEXT): ${UNITTESTS_TEST_KEX_OBJS} \
517 regress/unittests/test_helper/libtest_helper.a libssh.a 492 regress/unittests/test_helper/libtest_helper.a libssh.a
@@ -534,6 +509,7 @@ REGRESS_BINARIES=\
534 regress/modpipe$(EXEEXT) \ 509 regress/modpipe$(EXEEXT) \
535 regress/setuid-allowed$(EXEEXT) \ 510 regress/setuid-allowed$(EXEEXT) \
536 regress/netcat$(EXEEXT) \ 511 regress/netcat$(EXEEXT) \
512 regress/check-perm$(EXEEXT) \
537 regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \ 513 regress/unittests/sshbuf/test_sshbuf$(EXEEXT) \
538 regress/unittests/sshkey/test_sshkey$(EXEEXT) \ 514 regress/unittests/sshkey/test_sshkey$(EXEEXT) \
539 regress/unittests/bitmap/test_bitmap$(EXEEXT) \ 515 regress/unittests/bitmap/test_bitmap$(EXEEXT) \
diff --git a/README b/README
index ea6e228dd..0dd047af3 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
1See http://www.openssh.com/txt/release-7.1p2 for the release notes. 1See http://www.openssh.com/txt/release-7.2p1 for the release notes.
2 2
3Please read http://www.openssh.com/report.html for bug reporting 3Please read http://www.openssh.com/report.html for bug reporting
4instructions and note that we do not use Github for bug reporting or 4instructions and note that we do not use Github for bug reporting or
diff --git a/README.platform b/README.platform
index d1982321e..8d75c16c1 100644
--- a/README.platform
+++ b/README.platform
@@ -36,6 +36,9 @@ loginrestrictions() function, in particular that the user has the
36"rlogin" attribute set. This check is not done for the root account, 36"rlogin" attribute set. This check is not done for the root account,
37instead the PermitRootLogin setting in sshd_config is used. 37instead the PermitRootLogin setting in sshd_config is used.
38 38
39If you are using the IBM compiler you probably want to use CC=xlc rather
40than the default of cc.
41
39 42
40Cygwin 43Cygwin
41------ 44------
diff --git a/auth-bsdauth.c b/auth-bsdauth.c
index 37ff893e6..e00718f2e 100644
--- a/auth-bsdauth.c
+++ b/auth-bsdauth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-bsdauth.c,v 1.13 2014/06/24 01:13:21 djm Exp $ */ 1/* $OpenBSD: auth-bsdauth.c,v 1.14 2015/10/20 23:24:25 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -103,7 +103,7 @@ bsdauth_respond(void *ctx, u_int numresponses, char **responses)
103 if (!authctxt->valid) 103 if (!authctxt->valid)
104 return -1; 104 return -1;
105 105
106 if (authctxt->as == 0) 106 if (authctxt->as == NULL)
107 error("bsdauth_respond: no bsd auth session"); 107 error("bsdauth_respond: no bsd auth session");
108 108
109 if (numresponses != 1) 109 if (numresponses != 1)
diff --git a/auth-krb5.c b/auth-krb5.c
index 0089b1844..d1c5a2f32 100644
--- a/auth-krb5.c
+++ b/auth-krb5.c
@@ -1,8 +1,8 @@
1/* $OpenBSD: auth-krb5.c,v 1.20 2013/07/20 01:55:13 djm Exp $ */ 1/* $OpenBSD: auth-krb5.c,v 1.21 2016/01/27 06:44:58 djm Exp $ */
2/* 2/*
3 * Kerberos v5 authentication and ticket-passing routines. 3 * Kerberos v5 authentication and ticket-passing routines.
4 * 4 *
5 * $FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar Exp $ 5 * From: FreeBSD: src/crypto/openssh/auth-krb5.c,v 1.6 2001/02/13 16:58:04 assar
6 */ 6 */
7/* 7/*
8 * Copyright (c) 2002 Daniel Kouril. All rights reserved. 8 * Copyright (c) 2002 Daniel Kouril. All rights reserved.
diff --git a/auth-options.c b/auth-options.c
index e387697d3..edbaf80bb 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.c,v 1.68 2015/07/03 03:43:18 djm Exp $ */ 1/* $OpenBSD: auth-options.c,v 1.70 2015/12/10 17:08:40 mmcc Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -75,19 +75,45 @@ auth_clear_options(void)
75 free(ce->s); 75 free(ce->s);
76 free(ce); 76 free(ce);
77 } 77 }
78 if (forced_command) { 78 free(forced_command);
79 free(forced_command); 79 forced_command = NULL;
80 forced_command = NULL; 80 free(authorized_principals);
81 } 81 authorized_principals = NULL;
82 if (authorized_principals) {
83 free(authorized_principals);
84 authorized_principals = NULL;
85 }
86 forced_tun_device = -1; 82 forced_tun_device = -1;
87 channel_clear_permitted_opens(); 83 channel_clear_permitted_opens();
88} 84}
89 85
90/* 86/*
87 * Match flag 'opt' in *optsp, and if allow_negate is set then also match
88 * 'no-opt'. Returns -1 if option not matched, 1 if option matches or 0
89 * if negated option matches.
90 * If the option or negated option matches, then *optsp is updated to
91 * point to the first character after the option and, if 'msg' is not NULL
92 * then a message based on it added via auth_debug_add().
93 */
94static int
95match_flag(const char *opt, int allow_negate, char **optsp, const char *msg)
96{
97 size_t opt_len = strlen(opt);
98 char *opts = *optsp;
99 int negate = 0;
100
101 if (allow_negate && strncasecmp(opts, "no-", 3) == 0) {
102 opts += 3;
103 negate = 1;
104 }
105 if (strncasecmp(opts, opt, opt_len) == 0) {
106 *optsp = opts + opt_len;
107 if (msg != NULL) {
108 auth_debug_add("%s %s.", msg,
109 negate ? "disabled" : "enabled");
110 }
111 return negate ? 0 : 1;
112 }
113 return -1;
114}
115
116/*
91 * return 1 if access is granted, 0 if not. 117 * return 1 if access is granted, 0 if not.
92 * side effect: sets key option flags 118 * side effect: sets key option flags
93 */ 119 */
@@ -95,7 +121,7 @@ int
95auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) 121auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
96{ 122{
97 const char *cp; 123 const char *cp;
98 int i; 124 int i, r;
99 125
100 /* reset options */ 126 /* reset options */
101 auth_clear_options(); 127 auth_clear_options();
@@ -104,52 +130,48 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
104 return 1; 130 return 1;
105 131
106 while (*opts && *opts != ' ' && *opts != '\t') { 132 while (*opts && *opts != ' ' && *opts != '\t') {
107 cp = "cert-authority"; 133 if ((r = match_flag("cert-authority", 0, &opts, NULL)) != -1) {
108 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 134 key_is_cert_authority = r;
109 key_is_cert_authority = 1;
110 opts += strlen(cp);
111 goto next_option; 135 goto next_option;
112 } 136 }
113 cp = "no-port-forwarding"; 137 if ((r = match_flag("restrict", 0, &opts, NULL)) != -1) {
114 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 138 auth_debug_add("Key is restricted.");
115 auth_debug_add("Port forwarding disabled.");
116 no_port_forwarding_flag = 1; 139 no_port_forwarding_flag = 1;
117 opts += strlen(cp); 140 no_agent_forwarding_flag = 1;
141 no_x11_forwarding_flag = 1;
142 no_pty_flag = 1;
143 no_user_rc = 1;
118 goto next_option; 144 goto next_option;
119 } 145 }
120 cp = "no-agent-forwarding"; 146 if ((r = match_flag("port-forwarding", 1, &opts,
121 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 147 "Port forwarding")) != -1) {
122 auth_debug_add("Agent forwarding disabled."); 148 no_port_forwarding_flag = r != 1;
123 no_agent_forwarding_flag = 1;
124 opts += strlen(cp);
125 goto next_option; 149 goto next_option;
126 } 150 }
127 cp = "no-X11-forwarding"; 151 if ((r = match_flag("agent-forwarding", 1, &opts,
128 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 152 "Agent forwarding")) != -1) {
129 auth_debug_add("X11 forwarding disabled."); 153 no_agent_forwarding_flag = r != 1;
130 no_x11_forwarding_flag = 1;
131 opts += strlen(cp);
132 goto next_option; 154 goto next_option;
133 } 155 }
134 cp = "no-pty"; 156 if ((r = match_flag("x11-forwarding", 1, &opts,
135 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 157 "X11 forwarding")) != -1) {
136 auth_debug_add("Pty allocation disabled."); 158 no_x11_forwarding_flag = r != 1;
137 no_pty_flag = 1;
138 opts += strlen(cp);
139 goto next_option; 159 goto next_option;
140 } 160 }
141 cp = "no-user-rc"; 161 if ((r = match_flag("pty", 1, &opts,
142 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 162 "PTY allocation")) != -1) {
143 auth_debug_add("User rc file execution disabled."); 163 no_pty_flag = r != 1;
144 no_user_rc = 1; 164 goto next_option;
145 opts += strlen(cp); 165 }
166 if ((r = match_flag("user-rc", 1, &opts,
167 "User rc execution")) != -1) {
168 no_user_rc = r != 1;
146 goto next_option; 169 goto next_option;
147 } 170 }
148 cp = "command=\""; 171 cp = "command=\"";
149 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 172 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
150 opts += strlen(cp); 173 opts += strlen(cp);
151 if (forced_command != NULL) 174 free(forced_command);
152 free(forced_command);
153 forced_command = xmalloc(strlen(opts) + 1); 175 forced_command = xmalloc(strlen(opts) + 1);
154 i = 0; 176 i = 0;
155 while (*opts) { 177 while (*opts) {
@@ -179,8 +201,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
179 cp = "principals=\""; 201 cp = "principals=\"";
180 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 202 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
181 opts += strlen(cp); 203 opts += strlen(cp);
182 if (authorized_principals != NULL) 204 free(authorized_principals);
183 free(authorized_principals);
184 authorized_principals = xmalloc(strlen(opts) + 1); 205 authorized_principals = xmalloc(strlen(opts) + 1);
185 i = 0; 206 i = 0;
186 while (*opts) { 207 while (*opts) {
@@ -566,8 +587,7 @@ parse_option_list(struct sshbuf *oblob, struct passwd *pw,
566 free(*cert_forced_command); 587 free(*cert_forced_command);
567 *cert_forced_command = NULL; 588 *cert_forced_command = NULL;
568 } 589 }
569 if (name != NULL) 590 free(name);
570 free(name);
571 sshbuf_free(data); 591 sshbuf_free(data);
572 sshbuf_free(c); 592 sshbuf_free(c);
573 return ret; 593 return ret;
@@ -611,8 +631,7 @@ auth_cert_options(struct sshkey *k, struct passwd *pw)
611 no_user_rc |= cert_no_user_rc; 631 no_user_rc |= cert_no_user_rc;
612 /* CA-specified forced command supersedes key option */ 632 /* CA-specified forced command supersedes key option */
613 if (cert_forced_command != NULL) { 633 if (cert_forced_command != NULL) {
614 if (forced_command != NULL) 634 free(forced_command);
615 free(forced_command);
616 forced_command = cert_forced_command; 635 forced_command = cert_forced_command;
617 } 636 }
618 return 0; 637 return 0;
diff --git a/auth-pam.c b/auth-pam.c
index d94c8285b..8425af1ea 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -45,7 +45,8 @@
45 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 45 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
46 */ 46 */
47 47
48/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ 48/* Based on FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des */
49
49#include "includes.h" 50#include "includes.h"
50 51
51#include <sys/types.h> 52#include <sys/types.h>
diff --git a/auth.h b/auth.h
index 8b27575b0..2160154f4 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.h,v 1.84 2015/05/08 06:41:56 djm Exp $ */ 1/* $OpenBSD: auth.h,v 1.86 2015/12/04 16:41:28 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -209,7 +209,7 @@ Key *get_hostkey_private_by_type(int, int, struct ssh *);
209int get_hostkey_index(Key *, int, struct ssh *); 209int get_hostkey_index(Key *, int, struct ssh *);
210int ssh1_session_key(BIGNUM *); 210int ssh1_session_key(BIGNUM *);
211int sshd_hostkey_sign(Key *, Key *, u_char **, size_t *, 211int sshd_hostkey_sign(Key *, Key *, u_char **, size_t *,
212 const u_char *, size_t, u_int); 212 const u_char *, size_t, const char *, u_int);
213 213
214/* debug messages during authentication */ 214/* debug messages during authentication */
215void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); 215void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 5aa319ccc..41b34aed2 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.53 2015/06/15 18:44:22 jsing Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.55 2016/01/27 00:53:12 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -79,19 +79,19 @@ userauth_pubkey(Authctxt *authctxt)
79{ 79{
80 Buffer b; 80 Buffer b;
81 Key *key = NULL; 81 Key *key = NULL;
82 char *pkalg, *userstyle; 82 char *pkalg, *userstyle, *fp = NULL;
83 u_char *pkblob, *sig; 83 u_char *pkblob, *sig;
84 u_int alen, blen, slen; 84 u_int alen, blen, slen;
85 int have_sig, pktype; 85 int have_sig, pktype;
86 int authenticated = 0; 86 int authenticated = 0;
87 87
88 if (!authctxt->valid) { 88 if (!authctxt->valid) {
89 debug2("userauth_pubkey: disabled because of invalid user"); 89 debug2("%s: disabled because of invalid user", __func__);
90 return 0; 90 return 0;
91 } 91 }
92 have_sig = packet_get_char(); 92 have_sig = packet_get_char();
93 if (datafellows & SSH_BUG_PKAUTH) { 93 if (datafellows & SSH_BUG_PKAUTH) {
94 debug2("userauth_pubkey: SSH_BUG_PKAUTH"); 94 debug2("%s: SSH_BUG_PKAUTH", __func__);
95 /* no explicit pkalg given */ 95 /* no explicit pkalg given */
96 pkblob = packet_get_string(&blen); 96 pkblob = packet_get_string(&blen);
97 buffer_init(&b); 97 buffer_init(&b);
@@ -106,18 +106,18 @@ userauth_pubkey(Authctxt *authctxt)
106 pktype = key_type_from_name(pkalg); 106 pktype = key_type_from_name(pkalg);
107 if (pktype == KEY_UNSPEC) { 107 if (pktype == KEY_UNSPEC) {
108 /* this is perfectly legal */ 108 /* this is perfectly legal */
109 logit("userauth_pubkey: unsupported public key algorithm: %s", 109 logit("%s: unsupported public key algorithm: %s",
110 pkalg); 110 __func__, pkalg);
111 goto done; 111 goto done;
112 } 112 }
113 key = key_from_blob(pkblob, blen); 113 key = key_from_blob(pkblob, blen);
114 if (key == NULL) { 114 if (key == NULL) {
115 error("userauth_pubkey: cannot decode key: %s", pkalg); 115 error("%s: cannot decode key: %s", __func__, pkalg);
116 goto done; 116 goto done;
117 } 117 }
118 if (key->type != pktype) { 118 if (key->type != pktype) {
119 error("userauth_pubkey: type mismatch for decoded key " 119 error("%s: type mismatch for decoded key "
120 "(received %d, expected %d)", key->type, pktype); 120 "(received %d, expected %d)", __func__, key->type, pktype);
121 goto done; 121 goto done;
122 } 122 }
123 if (key_type_plain(key->type) == KEY_RSA && 123 if (key_type_plain(key->type) == KEY_RSA &&
@@ -126,6 +126,7 @@ userauth_pubkey(Authctxt *authctxt)
126 "signature scheme"); 126 "signature scheme");
127 goto done; 127 goto done;
128 } 128 }
129 fp = sshkey_fingerprint(key, options.fingerprint_hash, SSH_FP_DEFAULT);
129 if (auth2_userkey_already_used(authctxt, key)) { 130 if (auth2_userkey_already_used(authctxt, key)) {
130 logit("refusing previously-used %s key", key_type(key)); 131 logit("refusing previously-used %s key", key_type(key));
131 goto done; 132 goto done;
@@ -138,6 +139,8 @@ userauth_pubkey(Authctxt *authctxt)
138 } 139 }
139 140
140 if (have_sig) { 141 if (have_sig) {
142 debug3("%s: have signature for %s %s",
143 __func__, sshkey_type(key), fp);
141 sig = packet_get_string(&slen); 144 sig = packet_get_string(&slen);
142 packet_check_eom(); 145 packet_check_eom();
143 buffer_init(&b); 146 buffer_init(&b);
@@ -183,7 +186,8 @@ userauth_pubkey(Authctxt *authctxt)
183 buffer_free(&b); 186 buffer_free(&b);
184 free(sig); 187 free(sig);
185 } else { 188 } else {
186 debug("test whether pkalg/pkblob are acceptable"); 189 debug("%s: test whether pkalg/pkblob are acceptable for %s %s",
190 __func__, sshkey_type(key), fp);
187 packet_check_eom(); 191 packet_check_eom();
188 192
189 /* XXX fake reply and always send PK_OK ? */ 193 /* XXX fake reply and always send PK_OK ? */
@@ -206,11 +210,12 @@ userauth_pubkey(Authctxt *authctxt)
206 if (authenticated != 1) 210 if (authenticated != 1)
207 auth_clear_options(); 211 auth_clear_options();
208done: 212done:
209 debug2("userauth_pubkey: authenticated %d pkalg %s", authenticated, pkalg); 213 debug2("%s: authenticated %d pkalg %s", __func__, authenticated, pkalg);
210 if (key != NULL) 214 if (key != NULL)
211 key_free(key); 215 key_free(key);
212 free(pkalg); 216 free(pkalg);
213 free(pkblob); 217 free(pkblob);
218 free(fp);
214 return authenticated; 219 return authenticated;
215} 220}
216 221
@@ -796,8 +801,9 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw)
796 free(fp); 801 free(fp);
797 continue; 802 continue;
798 } 803 }
799 verbose("Accepted certificate ID \"%s\" " 804 verbose("Accepted certificate ID \"%s\" (serial %llu) "
800 "signed by %s CA %s via %s", key->cert->key_id, 805 "signed by %s CA %s via %s", key->cert->key_id,
806 (unsigned long long)key->cert->serial,
801 key_type(found), fp, file); 807 key_type(found), fp, file);
802 free(fp); 808 free(fp);
803 found_key = 1; 809 found_key = 1;
@@ -875,8 +881,10 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
875 if (auth_cert_options(key, pw) != 0) 881 if (auth_cert_options(key, pw) != 0)
876 goto out; 882 goto out;
877 883
878 verbose("Accepted certificate ID \"%s\" signed by %s CA %s via %s", 884 verbose("Accepted certificate ID \"%s\" (serial %llu) signed by "
879 key->cert->key_id, key_type(key->cert->signature_key), ca_fp, 885 "%s CA %s via %s", key->cert->key_id,
886 (unsigned long long)key->cert->serial,
887 key_type(key->cert->signature_key), ca_fp,
880 options.trusted_user_ca_keys); 888 options.trusted_user_ca_keys);
881 ret = 1; 889 ret = 1;
882 890
diff --git a/authfd.c b/authfd.c
index eaa142648..a634bcb81 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.c,v 1.98 2015/07/03 03:43:18 djm Exp $ */ 1/* $OpenBSD: authfd.c,v 1.100 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -426,11 +426,24 @@ ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge,
426} 426}
427#endif 427#endif
428 428
429/* encode signature algoritm in flag bits, so we can keep the msg format */
430static u_int
431agent_encode_alg(struct sshkey *key, const char *alg)
432{
433 if (alg != NULL && key->type == KEY_RSA) {
434 if (strcmp(alg, "rsa-sha2-256") == 0)
435 return SSH_AGENT_RSA_SHA2_256;
436 else if (strcmp(alg, "rsa-sha2-512") == 0)
437 return SSH_AGENT_RSA_SHA2_512;
438 }
439 return 0;
440}
441
429/* ask agent to sign data, returns err.h code on error, 0 on success */ 442/* ask agent to sign data, returns err.h code on error, 0 on success */
430int 443int
431ssh_agent_sign(int sock, struct sshkey *key, 444ssh_agent_sign(int sock, struct sshkey *key,
432 u_char **sigp, size_t *lenp, 445 u_char **sigp, size_t *lenp,
433 const u_char *data, size_t datalen, u_int compat) 446 const u_char *data, size_t datalen, const char *alg, u_int compat)
434{ 447{
435 struct sshbuf *msg; 448 struct sshbuf *msg;
436 u_char *blob = NULL, type; 449 u_char *blob = NULL, type;
@@ -449,12 +462,13 @@ ssh_agent_sign(int sock, struct sshkey *key,
449 return SSH_ERR_ALLOC_FAIL; 462 return SSH_ERR_ALLOC_FAIL;
450 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0) 463 if ((r = sshkey_to_blob(key, &blob, &blen)) != 0)
451 goto out; 464 goto out;
465 flags |= agent_encode_alg(key, alg);
452 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 || 466 if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_SIGN_REQUEST)) != 0 ||
453 (r = sshbuf_put_string(msg, blob, blen)) != 0 || 467 (r = sshbuf_put_string(msg, blob, blen)) != 0 ||
454 (r = sshbuf_put_string(msg, data, datalen)) != 0 || 468 (r = sshbuf_put_string(msg, data, datalen)) != 0 ||
455 (r = sshbuf_put_u32(msg, flags)) != 0) 469 (r = sshbuf_put_u32(msg, flags)) != 0)
456 goto out; 470 goto out;
457 if ((r = ssh_request_reply(sock, msg, msg) != 0)) 471 if ((r = ssh_request_reply(sock, msg, msg)) != 0)
458 goto out; 472 goto out;
459 if ((r = sshbuf_get_u8(msg, &type)) != 0) 473 if ((r = sshbuf_get_u8(msg, &type)) != 0)
460 goto out; 474 goto out;
diff --git a/authfd.h b/authfd.h
index bea20c26b..4b417e3f4 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.h,v 1.38 2015/01/14 20:05:27 djm Exp $ */ 1/* $OpenBSD: authfd.h,v 1.39 2015/12/04 16:41:28 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -41,7 +41,7 @@ int ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge,
41 u_char session_id[16], u_char response[16]); 41 u_char session_id[16], u_char response[16]);
42int ssh_agent_sign(int sock, struct sshkey *key, 42int ssh_agent_sign(int sock, struct sshkey *key,
43 u_char **sigp, size_t *lenp, 43 u_char **sigp, size_t *lenp,
44 const u_char *data, size_t datalen, u_int compat); 44 const u_char *data, size_t datalen, const char *alg, u_int compat);
45 45
46/* Messages for the authentication agent connection. */ 46/* Messages for the authentication agent connection. */
47#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 47#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
@@ -86,5 +86,7 @@ int ssh_agent_sign(int sock, struct sshkey *key,
86#define SSH_COM_AGENT2_FAILURE 102 86#define SSH_COM_AGENT2_FAILURE 102
87 87
88#define SSH_AGENT_OLD_SIGNATURE 0x01 88#define SSH_AGENT_OLD_SIGNATURE 0x01
89#define SSH_AGENT_RSA_SHA2_256 0x02
90#define SSH_AGENT_RSA_SHA2_512 0x04
89 91
90#endif /* AUTHFD_H */ 92#endif /* AUTHFD_H */
diff --git a/authfile.c b/authfile.c
index 58f589a47..d67042411 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfile.c,v 1.116 2015/07/09 09:49:46 markus Exp $ */ 1/* $OpenBSD: authfile.c,v 1.120 2015/12/11 04:21:11 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved.
4 * 4 *
@@ -243,8 +243,7 @@ sshkey_load_private_type_fd(int fd, int type, const char *passphrase,
243 /* success */ 243 /* success */
244 r = 0; 244 r = 0;
245 out: 245 out:
246 if (buffer != NULL) 246 sshbuf_free(buffer);
247 sshbuf_free(buffer);
248 return r; 247 return r;
249} 248}
250 249
@@ -272,14 +271,13 @@ sshkey_load_private(const char *filename, const char *passphrase,
272 goto out; 271 goto out;
273 } 272 }
274 if ((r = sshkey_load_file(fd, buffer)) != 0 || 273 if ((r = sshkey_load_file(fd, buffer)) != 0 ||
275 (r = sshkey_parse_private_fileblob(buffer, passphrase, filename, 274 (r = sshkey_parse_private_fileblob(buffer, passphrase, keyp,
276 keyp, commentp)) != 0) 275 commentp)) != 0)
277 goto out; 276 goto out;
278 r = 0; 277 r = 0;
279 out: 278 out:
280 close(fd); 279 close(fd);
281 if (buffer != NULL) 280 sshbuf_free(buffer);
282 sshbuf_free(buffer);
283 return r; 281 return r;
284} 282}
285 283
@@ -426,10 +424,8 @@ sshkey_load_cert(const char *filename, struct sshkey **keyp)
426 r = 0; 424 r = 0;
427 425
428 out: 426 out:
429 if (file != NULL) 427 free(file);
430 free(file); 428 sshkey_free(pub);
431 if (pub != NULL)
432 sshkey_free(pub);
433 return r; 429 return r;
434} 430}
435 431
@@ -474,10 +470,8 @@ sshkey_load_private_cert(int type, const char *filename, const char *passphrase,
474 *keyp = key; 470 *keyp = key;
475 key = NULL; 471 key = NULL;
476 out: 472 out:
477 if (key != NULL) 473 sshkey_free(key);
478 sshkey_free(key); 474 sshkey_free(cert);
479 if (cert != NULL)
480 sshkey_free(cert);
481 return r; 475 return r;
482} 476}
483 477
@@ -538,8 +532,7 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type,
538 } 532 }
539 r = SSH_ERR_KEY_NOT_FOUND; 533 r = SSH_ERR_KEY_NOT_FOUND;
540 out: 534 out:
541 if (pub != NULL) 535 sshkey_free(pub);
542 sshkey_free(pub);
543 fclose(f); 536 fclose(f);
544 return r; 537 return r;
545} 538}
diff --git a/channels.c b/channels.c
index a84b487e5..c9d2015ee 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.c,v 1.347 2015/07/01 02:26:31 djm Exp $ */ 1/* $OpenBSD: channels.c,v 1.349 2016/02/05 13:28:19 naddy Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -662,7 +662,7 @@ channel_open_message(void)
662 case SSH_CHANNEL_INPUT_DRAINING: 662 case SSH_CHANNEL_INPUT_DRAINING:
663 case SSH_CHANNEL_OUTPUT_DRAINING: 663 case SSH_CHANNEL_OUTPUT_DRAINING:
664 snprintf(buf, sizeof buf, 664 snprintf(buf, sizeof buf,
665 " #%d %.300s (t%d r%d i%d/%d o%d/%d fd %d/%d cc %d)\r\n", 665 " #%d %.300s (t%d r%d i%u/%d o%u/%d fd %d/%d cc %d)\r\n",
666 c->self, c->remote_name, 666 c->self, c->remote_name,
667 c->type, c->remote_id, 667 c->type, c->remote_id,
668 c->istate, buffer_len(&c->input), 668 c->istate, buffer_len(&c->input),
@@ -1896,13 +1896,13 @@ read_mux(Channel *c, u_int need)
1896 if (buffer_len(&c->input) < need) { 1896 if (buffer_len(&c->input) < need) {
1897 rlen = need - buffer_len(&c->input); 1897 rlen = need - buffer_len(&c->input);
1898 len = read(c->rfd, buf, MIN(rlen, CHAN_RBUF)); 1898 len = read(c->rfd, buf, MIN(rlen, CHAN_RBUF));
1899 if (len < 0 && (errno == EINTR || errno == EAGAIN))
1900 return buffer_len(&c->input);
1899 if (len <= 0) { 1901 if (len <= 0) {
1900 if (errno != EINTR && errno != EAGAIN) { 1902 debug2("channel %d: ctl read<=0 rfd %d len %d",
1901 debug2("channel %d: ctl read<=0 rfd %d len %d", 1903 c->self, c->rfd, len);
1902 c->self, c->rfd, len); 1904 chan_read_failed(c);
1903 chan_read_failed(c); 1905 return 0;
1904 return 0;
1905 }
1906 } else 1906 } else
1907 buffer_append(&c->input, buf, len); 1907 buffer_append(&c->input, buf, len);
1908 } 1908 }
diff --git a/cipher.c b/cipher.c
index 02dae6f9f..13847e5bd 100644
--- a/cipher.c
+++ b/cipher.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: cipher.c,v 1.100 2015/01/14 10:29:45 djm Exp $ */ 1/* $OpenBSD: cipher.c,v 1.101 2015/12/10 17:08:40 mmcc Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -353,8 +353,7 @@ cipher_init(struct sshcipher_ctx *cc, const struct sshcipher *cipher,
353 if (cipher->discard_len > 0) { 353 if (cipher->discard_len > 0) {
354 if ((junk = malloc(cipher->discard_len)) == NULL || 354 if ((junk = malloc(cipher->discard_len)) == NULL ||
355 (discard = malloc(cipher->discard_len)) == NULL) { 355 (discard = malloc(cipher->discard_len)) == NULL) {
356 if (junk != NULL) 356 free(junk);
357 free(junk);
358 ret = SSH_ERR_ALLOC_FAIL; 357 ret = SSH_ERR_ALLOC_FAIL;
359 goto bad; 358 goto bad;
360 } 359 }
diff --git a/clientloop.c b/clientloop.c
index 87ceb3dab..9820455c4 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.c,v 1.275 2015/07/10 06:21:53 markus Exp $ */ 1/* $OpenBSD: clientloop.c,v 1.284 2016/02/08 10:57:07 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -111,7 +111,6 @@
111#include "sshpty.h" 111#include "sshpty.h"
112#include "match.h" 112#include "match.h"
113#include "msg.h" 113#include "msg.h"
114#include "roaming.h"
115#include "ssherr.h" 114#include "ssherr.h"
116#include "hostfile.h" 115#include "hostfile.h"
117 116
@@ -169,8 +168,6 @@ static u_int x11_refuse_time; /* If >0, refuse x11 opens after this time. */
169static void client_init_dispatch(void); 168static void client_init_dispatch(void);
170int session_ident = -1; 169int session_ident = -1;
171 170
172int session_resumed = 0;
173
174/* Track escape per proto2 channel */ 171/* Track escape per proto2 channel */
175struct escape_filter_ctx { 172struct escape_filter_ctx {
176 int escape_pending; 173 int escape_pending;
@@ -288,6 +285,9 @@ client_x11_display_valid(const char *display)
288{ 285{
289 size_t i, dlen; 286 size_t i, dlen;
290 287
288 if (display == NULL)
289 return 0;
290
291 dlen = strlen(display); 291 dlen = strlen(display);
292 for (i = 0; i < dlen; i++) { 292 for (i = 0; i < dlen; i++) {
293 if (!isalnum((u_char)display[i]) && 293 if (!isalnum((u_char)display[i]) &&
@@ -301,35 +301,34 @@ client_x11_display_valid(const char *display)
301 301
302#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" 302#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
303#define X11_TIMEOUT_SLACK 60 303#define X11_TIMEOUT_SLACK 60
304void 304int
305client_x11_get_proto(const char *display, const char *xauth_path, 305client_x11_get_proto(const char *display, const char *xauth_path,
306 u_int trusted, u_int timeout, char **_proto, char **_data) 306 u_int trusted, u_int timeout, char **_proto, char **_data)
307{ 307{
308 char cmd[1024]; 308 char cmd[1024], line[512], xdisplay[512];
309 char line[512]; 309 char xauthfile[PATH_MAX], xauthdir[PATH_MAX];
310 char xdisplay[512];
311 static char proto[512], data[512]; 310 static char proto[512], data[512];
312 FILE *f; 311 FILE *f;
313 int got_data = 0, generated = 0, do_unlink = 0, i; 312 int got_data = 0, generated = 0, do_unlink = 0, i, r;
314 char *xauthdir, *xauthfile;
315 struct stat st; 313 struct stat st;
316 u_int now, x11_timeout_real; 314 u_int now, x11_timeout_real;
317 315
318 xauthdir = xauthfile = NULL;
319 *_proto = proto; 316 *_proto = proto;
320 *_data = data; 317 *_data = data;
321 proto[0] = data[0] = '\0'; 318 proto[0] = data[0] = xauthfile[0] = xauthdir[0] = '\0';
322 319
323 if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) { 320 if (!client_x11_display_valid(display)) {
321 if (display != NULL)
322 logit("DISPLAY \"%s\" invalid; disabling X11 forwarding",
323 display);
324 return -1;
325 }
326 if (xauth_path != NULL && stat(xauth_path, &st) == -1) {
324 debug("No xauth program."); 327 debug("No xauth program.");
325 } else if (!client_x11_display_valid(display)) { 328 xauth_path = NULL;
326 logit("DISPLAY '%s' invalid, falling back to fake xauth data", 329 }
327 display); 330
328 } else { 331 if (xauth_path != NULL) {
329 if (display == NULL) {
330 debug("x11_get_proto: DISPLAY not set");
331 return;
332 }
333 /* 332 /*
334 * Handle FamilyLocal case where $DISPLAY does 333 * Handle FamilyLocal case where $DISPLAY does
335 * not match an authorization entry. For this we 334 * not match an authorization entry. For this we
@@ -338,45 +337,60 @@ client_x11_get_proto(const char *display, const char *xauth_path,
338 * is not perfect. 337 * is not perfect.
339 */ 338 */
340 if (strncmp(display, "localhost:", 10) == 0) { 339 if (strncmp(display, "localhost:", 10) == 0) {
341 snprintf(xdisplay, sizeof(xdisplay), "unix:%s", 340 if ((r = snprintf(xdisplay, sizeof(xdisplay), "unix:%s",
342 display + 10); 341 display + 10)) < 0 ||
342 (size_t)r >= sizeof(xdisplay)) {
343 error("%s: display name too long", __func__);
344 return -1;
345 }
343 display = xdisplay; 346 display = xdisplay;
344 } 347 }
345 if (trusted == 0) { 348 if (trusted == 0) {
346 xauthdir = xmalloc(PATH_MAX);
347 xauthfile = xmalloc(PATH_MAX);
348 mktemp_proto(xauthdir, PATH_MAX);
349 /* 349 /*
350 * Generate an untrusted X11 auth cookie.
351 *
350 * The authentication cookie should briefly outlive 352 * The authentication cookie should briefly outlive
351 * ssh's willingness to forward X11 connections to 353 * ssh's willingness to forward X11 connections to
352 * avoid nasty fail-open behaviour in the X server. 354 * avoid nasty fail-open behaviour in the X server.
353 */ 355 */
356 mktemp_proto(xauthdir, sizeof(xauthdir));
357 if (mkdtemp(xauthdir) == NULL) {
358 error("%s: mkdtemp: %s",
359 __func__, strerror(errno));
360 return -1;
361 }
362 do_unlink = 1;
363 if ((r = snprintf(xauthfile, sizeof(xauthfile),
364 "%s/xauthfile", xauthdir)) < 0 ||
365 (size_t)r >= sizeof(xauthfile)) {
366 error("%s: xauthfile path too long", __func__);
367 unlink(xauthfile);
368 rmdir(xauthdir);
369 return -1;
370 }
371
354 if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK) 372 if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK)
355 x11_timeout_real = UINT_MAX; 373 x11_timeout_real = UINT_MAX;
356 else 374 else
357 x11_timeout_real = timeout + X11_TIMEOUT_SLACK; 375 x11_timeout_real = timeout + X11_TIMEOUT_SLACK;
358 if (mkdtemp(xauthdir) != NULL) { 376 if ((r = snprintf(cmd, sizeof(cmd),
359 do_unlink = 1; 377 "%s -f %s generate %s " SSH_X11_PROTO
360 snprintf(xauthfile, PATH_MAX, "%s/xauthfile", 378 " untrusted timeout %u 2>" _PATH_DEVNULL,
361 xauthdir); 379 xauth_path, xauthfile, display,
362 snprintf(cmd, sizeof(cmd), 380 x11_timeout_real)) < 0 ||
363 "%s -f %s generate %s " SSH_X11_PROTO 381 (size_t)r >= sizeof(cmd))
364 " untrusted timeout %u 2>" _PATH_DEVNULL, 382 fatal("%s: cmd too long", __func__);
365 xauth_path, xauthfile, display, 383 debug2("%s: %s", __func__, cmd);
366 x11_timeout_real); 384 if (x11_refuse_time == 0) {
367 debug2("x11_get_proto: %s", cmd); 385 now = monotime() + 1;
368 if (x11_refuse_time == 0) { 386 if (UINT_MAX - timeout < now)
369 now = monotime() + 1; 387 x11_refuse_time = UINT_MAX;
370 if (UINT_MAX - timeout < now) 388 else
371 x11_refuse_time = UINT_MAX; 389 x11_refuse_time = now + timeout;
372 else 390 channel_set_x11_refuse_time(x11_refuse_time);
373 x11_refuse_time = now + timeout;
374 channel_set_x11_refuse_time(
375 x11_refuse_time);
376 }
377 if (system(cmd) == 0)
378 generated = 1;
379 } 391 }
392 if (system(cmd) == 0)
393 generated = 1;
380 } 394 }
381 395
382 /* 396 /*
@@ -398,17 +412,20 @@ client_x11_get_proto(const char *display, const char *xauth_path,
398 got_data = 1; 412 got_data = 1;
399 if (f) 413 if (f)
400 pclose(f); 414 pclose(f);
401 } else 415 }
402 error("Warning: untrusted X11 forwarding setup failed: "
403 "xauth key data not generated");
404 } 416 }
405 417
406 if (do_unlink) { 418 if (do_unlink) {
407 unlink(xauthfile); 419 unlink(xauthfile);
408 rmdir(xauthdir); 420 rmdir(xauthdir);
409 } 421 }
410 free(xauthdir); 422
411 free(xauthfile); 423 /* Don't fall back to fake X11 data for untrusted forwarding */
424 if (!trusted && !got_data) {
425 error("Warning: untrusted X11 forwarding setup failed: "
426 "xauth key data not generated");
427 return -1;
428 }
412 429
413 /* 430 /*
414 * If we didn't get authentication data, just make up some 431 * If we didn't get authentication data, just make up some
@@ -432,6 +449,8 @@ client_x11_get_proto(const char *display, const char *xauth_path,
432 rnd >>= 8; 449 rnd >>= 8;
433 } 450 }
434 } 451 }
452
453 return 0;
435} 454}
436 455
437/* 456/*
@@ -735,7 +754,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
735static void 754static void
736client_process_net_input(fd_set *readset) 755client_process_net_input(fd_set *readset)
737{ 756{
738 int len, cont = 0; 757 int len;
739 char buf[SSH_IOBUFSZ]; 758 char buf[SSH_IOBUFSZ];
740 759
741 /* 760 /*
@@ -744,8 +763,8 @@ client_process_net_input(fd_set *readset)
744 */ 763 */
745 if (FD_ISSET(connection_in, readset)) { 764 if (FD_ISSET(connection_in, readset)) {
746 /* Read as much as possible. */ 765 /* Read as much as possible. */
747 len = roaming_read(connection_in, buf, sizeof(buf), &cont); 766 len = read(connection_in, buf, sizeof(buf));
748 if (len == 0 && cont == 0) { 767 if (len == 0) {
749 /* 768 /*
750 * Received EOF. The remote host has closed the 769 * Received EOF. The remote host has closed the
751 * connection. 770 * connection.
@@ -1483,13 +1502,43 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1483{ 1502{
1484 fd_set *readset = NULL, *writeset = NULL; 1503 fd_set *readset = NULL, *writeset = NULL;
1485 double start_time, total_time; 1504 double start_time, total_time;
1486 int r, max_fd = 0, max_fd2 = 0, len, rekeying = 0; 1505 int r, max_fd = 0, max_fd2 = 0, len;
1487 u_int64_t ibytes, obytes; 1506 u_int64_t ibytes, obytes;
1488 u_int nalloc = 0; 1507 u_int nalloc = 0;
1489 char buf[100]; 1508 char buf[100];
1490 1509
1491 debug("Entering interactive session."); 1510 debug("Entering interactive session.");
1492 1511
1512 if (options.control_master &&
1513 ! option_clear_or_none(options.control_path)) {
1514 debug("pledge: id");
1515 if (pledge("stdio rpath wpath cpath unix inet dns proc exec id tty",
1516 NULL) == -1)
1517 fatal("%s pledge(): %s", __func__, strerror(errno));
1518
1519 } else if (options.forward_x11 || options.permit_local_command) {
1520 debug("pledge: exec");
1521 if (pledge("stdio rpath wpath cpath unix inet dns proc exec tty",
1522 NULL) == -1)
1523 fatal("%s pledge(): %s", __func__, strerror(errno));
1524
1525 } else if (options.update_hostkeys) {
1526 debug("pledge: filesystem full");
1527 if (pledge("stdio rpath wpath cpath unix inet dns proc tty",
1528 NULL) == -1)
1529 fatal("%s pledge(): %s", __func__, strerror(errno));
1530
1531 } else if (! option_clear_or_none(options.proxy_command)) {
1532 debug("pledge: proc");
1533 if (pledge("stdio cpath unix inet dns proc tty", NULL) == -1)
1534 fatal("%s pledge(): %s", __func__, strerror(errno));
1535
1536 } else {
1537 debug("pledge: network");
1538 if (pledge("stdio unix inet dns tty", NULL) == -1)
1539 fatal("%s pledge(): %s", __func__, strerror(errno));
1540 }
1541
1493 start_time = get_current_time(); 1542 start_time = get_current_time();
1494 1543
1495 /* Initialize variables. */ 1544 /* Initialize variables. */
@@ -1568,10 +1617,15 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1568 if (compat20 && session_closed && !channel_still_open()) 1617 if (compat20 && session_closed && !channel_still_open())
1569 break; 1618 break;
1570 1619
1571 rekeying = (active_state->kex != NULL && !active_state->kex->done); 1620 if (ssh_packet_is_rekeying(active_state)) {
1572
1573 if (rekeying) {
1574 debug("rekeying in progress"); 1621 debug("rekeying in progress");
1622 } else if (need_rekeying) {
1623 /* manual rekey request */
1624 debug("need rekeying");
1625 if ((r = kex_start_rekex(active_state)) != 0)
1626 fatal("%s: kex_start_rekex: %s", __func__,
1627 ssh_err(r));
1628 need_rekeying = 0;
1575 } else { 1629 } else {
1576 /* 1630 /*
1577 * Make packets of buffered stdin data, and buffer 1631 * Make packets of buffered stdin data, and buffer
@@ -1602,23 +1656,14 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1602 */ 1656 */
1603 max_fd2 = max_fd; 1657 max_fd2 = max_fd;
1604 client_wait_until_can_do_something(&readset, &writeset, 1658 client_wait_until_can_do_something(&readset, &writeset,
1605 &max_fd2, &nalloc, rekeying); 1659 &max_fd2, &nalloc, ssh_packet_is_rekeying(active_state));
1606 1660
1607 if (quit_pending) 1661 if (quit_pending)
1608 break; 1662 break;
1609 1663
1610 /* Do channel operations unless rekeying in progress. */ 1664 /* Do channel operations unless rekeying in progress. */
1611 if (!rekeying) { 1665 if (!ssh_packet_is_rekeying(active_state))
1612 channel_after_select(readset, writeset); 1666 channel_after_select(readset, writeset);
1613 if (need_rekeying || packet_need_rekeying()) {
1614 debug("need rekeying");
1615 active_state->kex->done = 0;
1616 if ((r = kex_send_kexinit(active_state)) != 0)
1617 fatal("%s: kex_send_kexinit: %s",
1618 __func__, ssh_err(r));
1619 need_rekeying = 0;
1620 }
1621 }
1622 1667
1623 /* Buffer input from the connection. */ 1668 /* Buffer input from the connection. */
1624 client_process_net_input(readset); 1669 client_process_net_input(readset);
@@ -1636,14 +1681,6 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1636 client_process_output(writeset); 1681 client_process_output(writeset);
1637 } 1682 }
1638 1683
1639 if (session_resumed) {
1640 connection_in = packet_get_connection_in();
1641 connection_out = packet_get_connection_out();
1642 max_fd = MAX(max_fd, connection_out);
1643 max_fd = MAX(max_fd, connection_in);
1644 session_resumed = 0;
1645 }
1646
1647 /* 1684 /*
1648 * Send as much buffered packet data as possible to the 1685 * Send as much buffered packet data as possible to the
1649 * sender. 1686 * sender.
@@ -1737,7 +1774,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1737 } 1774 }
1738 1775
1739 /* Clear and free any buffers. */ 1776 /* Clear and free any buffers. */
1740 memset(buf, 0, sizeof(buf)); 1777 explicit_bzero(buf, sizeof(buf));
1741 buffer_free(&stdin_buffer); 1778 buffer_free(&stdin_buffer);
1742 buffer_free(&stdout_buffer); 1779 buffer_free(&stdout_buffer);
1743 buffer_free(&stderr_buffer); 1780 buffer_free(&stderr_buffer);
diff --git a/clientloop.h b/clientloop.h
index 338d45186..f4d4c69b7 100644
--- a/clientloop.h
+++ b/clientloop.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.h,v 1.31 2013/06/02 23:36:29 dtucker Exp $ */ 1/* $OpenBSD: clientloop.h,v 1.32 2016/01/13 23:04:47 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -39,7 +39,7 @@
39 39
40/* Client side main loop for the interactive session. */ 40/* Client side main loop for the interactive session. */
41int client_loop(int, int, int); 41int client_loop(int, int, int);
42void client_x11_get_proto(const char *, const char *, u_int, u_int, 42int client_x11_get_proto(const char *, const char *, u_int, u_int,
43 char **, char **); 43 char **, char **);
44void client_global_request_reply_fwd(int, u_int32_t, void *); 44void client_global_request_reply_fwd(int, u_int32_t, void *);
45void client_session2_setup(int, int, int, const char *, struct termios *, 45void client_session2_setup(int, int, int, const char *, struct termios *,
diff --git a/config.h.in b/config.h.in
index 7500df532..89bf1b0ff 100644
--- a/config.h.in
+++ b/config.h.in
@@ -694,9 +694,6 @@
694/* Define to 1 if you have the `network' library (-lnetwork). */ 694/* Define to 1 if you have the `network' library (-lnetwork). */
695#undef HAVE_LIBNETWORK 695#undef HAVE_LIBNETWORK
696 696
697/* Define to 1 if you have the `nsl' library (-lnsl). */
698#undef HAVE_LIBNSL
699
700/* Define to 1 if you have the `pam' library (-lpam). */ 697/* Define to 1 if you have the `pam' library (-lpam). */
701#undef HAVE_LIBPAM 698#undef HAVE_LIBPAM
702 699
@@ -845,6 +842,9 @@
845/* define if you have pid_t data type */ 842/* define if you have pid_t data type */
846#undef HAVE_PID_T 843#undef HAVE_PID_T
847 844
845/* Define to 1 if you have the `pledge' function. */
846#undef HAVE_PLEDGE
847
848/* Define to 1 if you have the `poll' function. */ 848/* Define to 1 if you have the `poll' function. */
849#undef HAVE_POLL 849#undef HAVE_POLL
850 850
@@ -854,6 +854,12 @@
854/* Define to 1 if you have the `prctl' function. */ 854/* Define to 1 if you have the `prctl' function. */
855#undef HAVE_PRCTL 855#undef HAVE_PRCTL
856 856
857/* Define to 1 if you have the `priv_basicset' function. */
858#undef HAVE_PRIV_BASICSET
859
860/* Define to 1 if you have the <priv.h> header file. */
861#undef HAVE_PRIV_H
862
857/* Define if you have /proc/$pid/fd */ 863/* Define if you have /proc/$pid/fd */
858#undef HAVE_PROC_PID 864#undef HAVE_PROC_PID
859 865
@@ -956,6 +962,9 @@
956/* Define to 1 if you have the `setpcred' function. */ 962/* Define to 1 if you have the `setpcred' function. */
957#undef HAVE_SETPCRED 963#undef HAVE_SETPCRED
958 964
965/* Define to 1 if you have the `setppriv' function. */
966#undef HAVE_SETPPRIV
967
959/* Define to 1 if you have the `setproctitle' function. */ 968/* Define to 1 if you have the `setproctitle' function. */
960#undef HAVE_SETPROCTITLE 969#undef HAVE_SETPROCTITLE
961 970
@@ -1444,6 +1453,9 @@
1444/* Define if you don't want to use lastlog in session.c */ 1453/* Define if you don't want to use lastlog in session.c */
1445#undef NO_SSH_LASTLOG 1454#undef NO_SSH_LASTLOG
1446 1455
1456/* Define to disable UID restoration test */
1457#undef NO_UID_RESTORATION_TEST
1458
1447/* Define if X11 doesn't support AF_UNIX sockets on that system */ 1459/* Define if X11 doesn't support AF_UNIX sockets on that system */
1448#undef NO_X11_UNIX_SOCKETS 1460#undef NO_X11_UNIX_SOCKETS
1449 1461
@@ -1520,6 +1532,9 @@
1520/* no privsep sandboxing */ 1532/* no privsep sandboxing */
1521#undef SANDBOX_NULL 1533#undef SANDBOX_NULL
1522 1534
1535/* Sandbox using pledge(2) */
1536#undef SANDBOX_PLEDGE
1537
1523/* Sandbox using setrlimit(2) */ 1538/* Sandbox using setrlimit(2) */
1524#undef SANDBOX_RLIMIT 1539#undef SANDBOX_RLIMIT
1525 1540
@@ -1532,6 +1547,9 @@
1532/* define if setrlimit RLIMIT_NOFILE breaks things */ 1547/* define if setrlimit RLIMIT_NOFILE breaks things */
1533#undef SANDBOX_SKIP_RLIMIT_NOFILE 1548#undef SANDBOX_SKIP_RLIMIT_NOFILE
1534 1549
1550/* Sandbox using Solaris/Illumos privileges */
1551#undef SANDBOX_SOLARIS
1552
1535/* Sandbox using systrace(4) */ 1553/* Sandbox using systrace(4) */
1536#undef SANDBOX_SYSTRACE 1554#undef SANDBOX_SYSTRACE
1537 1555
@@ -1638,6 +1656,9 @@
1638/* Use PIPES instead of a socketpair() */ 1656/* Use PIPES instead of a socketpair() */
1639#undef USE_PIPES 1657#undef USE_PIPES
1640 1658
1659/* Define if you have Solaris privileges */
1660#undef USE_SOLARIS_PRIVS
1661
1641/* Define if you have Solaris process contracts */ 1662/* Define if you have Solaris process contracts */
1642#undef USE_SOLARIS_PROCESS_CONTRACTS 1663#undef USE_SOLARIS_PROCESS_CONTRACTS
1643 1664
diff --git a/configure b/configure
index 0d7a5b97e..2a46ba966 100755
--- a/configure
+++ b/configure
@@ -1320,7 +1320,7 @@ Optional Packages:
1320 --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] 1320 --with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
1321 --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) 1321 --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
1322 --without-openssl Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL** 1322 --without-openssl Disable use of OpenSSL; use only limited internal crypto **EXPERIMENTAL**
1323 --without-ssh1 Enable support for SSH protocol 1 1323 --with-ssh1 Enable support for SSH protocol 1
1324 --without-stackprotect Don't use compiler's stack protection 1324 --without-stackprotect Don't use compiler's stack protection
1325 --without-hardening Don't use toolchain hardening flags 1325 --without-hardening Don't use toolchain hardening flags
1326 --without-rpath Disable auto-added -R linker paths 1326 --without-rpath Disable auto-added -R linker paths
@@ -1331,6 +1331,7 @@ Optional Packages:
1331 --with-Werror Build main code with -Werror 1331 --with-Werror Build main code with -Werror
1332 --with-solaris-contracts Enable Solaris process contracts (experimental) 1332 --with-solaris-contracts Enable Solaris process contracts (experimental)
1333 --with-solaris-projects Enable Solaris projects (experimental) 1333 --with-solaris-projects Enable Solaris projects (experimental)
1334 --with-solaris-privs Enable Solaris/Illumos privileges (experimental)
1334 --with-osfsia Enable Digital Unix SIA 1335 --with-osfsia Enable Digital Unix SIA
1335 --with-zlib=PATH Use zlib in PATH 1336 --with-zlib=PATH Use zlib in PATH
1336 --without-zlib-version-check Disable zlib version check 1337 --without-zlib-version-check Disable zlib version check
@@ -1346,7 +1347,7 @@ Optional Packages:
1346 --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool) 1347 --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)
1347 --with-pam Enable PAM support 1348 --with-pam Enable PAM support
1348 --with-privsep-user=user Specify non-privileged user for privilege separation 1349 --with-privsep-user=user Specify non-privileged user for privilege separation
1349 --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter, capsicum) 1350 --with-sandbox=style Specify privilege separation sandbox (no, capsicum, darwin, rlimit, seccomp_filter, systrace, pledge)
1350 --with-selinux Enable SELinux support 1351 --with-selinux Enable SELinux support
1351 --with-kerberos5=PATH Enable Kerberos 5 support 1352 --with-kerberos5=PATH Enable Kerberos 5 support
1352 --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty) 1353 --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty)
@@ -7972,6 +7973,11 @@ done
7972SIA_MSG="no" 7973SIA_MSG="no"
7973SPC_MSG="no" 7974SPC_MSG="no"
7974SP_MSG="no" 7975SP_MSG="no"
7976SPP_MSG="no"
7977
7978# Support for Solaris/Illumos privileges (this test is used by both
7979# the --with-solaris-privs option and --with-sandbox=solaris).
7980SOLARIS_PRIVS="no"
7975 7981
7976# Check for some target-specific stuff 7982# Check for some target-specific stuff
7977case "$host" in 7983case "$host" in
@@ -8960,6 +8966,11 @@ _ACEOF
8960 8966
8961 8967
8962cat >>confdefs.h <<\_ACEOF 8968cat >>confdefs.h <<\_ACEOF
8969#define NO_UID_RESTORATION_TEST 1
8970_ACEOF
8971
8972
8973cat >>confdefs.h <<\_ACEOF
8963#define DISABLE_SHADOW 1 8974#define DISABLE_SHADOW 1
8964_ACEOF 8975_ACEOF
8965 8976
@@ -9491,6 +9502,73 @@ fi
9491 9502
9492done 9503done
9493 9504
9505 { echo "$as_me:$LINENO: checking for sandbox_apply in -lsandbox" >&5
9506echo $ECHO_N "checking for sandbox_apply in -lsandbox... $ECHO_C" >&6; }
9507if test "${ac_cv_lib_sandbox_sandbox_apply+set}" = set; then
9508 echo $ECHO_N "(cached) $ECHO_C" >&6
9509else
9510 ac_check_lib_save_LIBS=$LIBS
9511LIBS="-lsandbox $LIBS"
9512cat >conftest.$ac_ext <<_ACEOF
9513/* confdefs.h. */
9514_ACEOF
9515cat confdefs.h >>conftest.$ac_ext
9516cat >>conftest.$ac_ext <<_ACEOF
9517/* end confdefs.h. */
9518
9519/* Override any GCC internal prototype to avoid an error.
9520 Use char because int might match the return type of a GCC
9521 builtin and then its argument prototype would still apply. */
9522#ifdef __cplusplus
9523extern "C"
9524#endif
9525char sandbox_apply ();
9526int
9527main ()
9528{
9529return sandbox_apply ();
9530 ;
9531 return 0;
9532}
9533_ACEOF
9534rm -f conftest.$ac_objext conftest$ac_exeext
9535if { (ac_try="$ac_link"
9536case "(($ac_try" in
9537 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
9538 *) ac_try_echo=$ac_try;;
9539esac
9540eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
9541 (eval "$ac_link") 2>conftest.er1
9542 ac_status=$?
9543 grep -v '^ *+' conftest.er1 >conftest.err
9544 rm -f conftest.er1
9545 cat conftest.err >&5
9546 echo "$as_me:$LINENO: \$? = $ac_status" >&5
9547 (exit $ac_status); } && {
9548 test -z "$ac_c_werror_flag" ||
9549 test ! -s conftest.err
9550 } && test -s conftest$ac_exeext &&
9551 $as_test_x conftest$ac_exeext; then
9552 ac_cv_lib_sandbox_sandbox_apply=yes
9553else
9554 echo "$as_me: failed program was:" >&5
9555sed 's/^/| /' conftest.$ac_ext >&5
9556
9557 ac_cv_lib_sandbox_sandbox_apply=no
9558fi
9559
9560rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
9561 conftest$ac_exeext conftest.$ac_ext
9562LIBS=$ac_check_lib_save_LIBS
9563fi
9564{ echo "$as_me:$LINENO: result: $ac_cv_lib_sandbox_sandbox_apply" >&5
9565echo "${ECHO_T}$ac_cv_lib_sandbox_sandbox_apply" >&6; }
9566if test $ac_cv_lib_sandbox_sandbox_apply = yes; then
9567
9568 SSHDLIBS="$SSHDLIBS -lsandbox"
9569
9570fi
9571
9494 ;; 9572 ;;
9495*-*-dragonfly*) 9573*-*-dragonfly*)
9496 SSHDLIBS="$SSHDLIBS -lcrypt" 9574 SSHDLIBS="$SSHDLIBS -lcrypt"
@@ -10789,6 +10867,339 @@ _ACEOF
10789echo "${ECHO_T}no" >&6; } 10867echo "${ECHO_T}no" >&6; }
10790 fi 10868 fi
10791 10869
10870for ac_func in setppriv
10871do
10872as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
10873{ echo "$as_me:$LINENO: checking for $ac_func" >&5
10874echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
10875if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
10876 echo $ECHO_N "(cached) $ECHO_C" >&6
10877else
10878 cat >conftest.$ac_ext <<_ACEOF
10879/* confdefs.h. */
10880_ACEOF
10881cat confdefs.h >>conftest.$ac_ext
10882cat >>conftest.$ac_ext <<_ACEOF
10883/* end confdefs.h. */
10884/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
10885 For example, HP-UX 11i <limits.h> declares gettimeofday. */
10886#define $ac_func innocuous_$ac_func
10887
10888/* System header to define __stub macros and hopefully few prototypes,
10889 which can conflict with char $ac_func (); below.
10890 Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
10891 <limits.h> exists even on freestanding compilers. */
10892
10893#ifdef __STDC__
10894# include <limits.h>
10895#else
10896# include <assert.h>
10897#endif
10898
10899#undef $ac_func
10900
10901/* Override any GCC internal prototype to avoid an error.
10902 Use char because int might match the return type of a GCC
10903 builtin and then its argument prototype would still apply. */
10904#ifdef __cplusplus
10905extern "C"
10906#endif
10907char $ac_func ();
10908/* The GNU C library defines this for functions which it implements
10909 to always fail with ENOSYS. Some functions are actually named
10910 something starting with __ and the normal name is an alias. */
10911#if defined __stub_$ac_func || defined __stub___$ac_func
10912choke me
10913#endif
10914
10915int
10916main ()
10917{
10918return $ac_func ();
10919 ;
10920 return 0;
10921}
10922_ACEOF
10923rm -f conftest.$ac_objext conftest$ac_exeext
10924if { (ac_try="$ac_link"
10925case "(($ac_try" in
10926 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
10927 *) ac_try_echo=$ac_try;;
10928esac
10929eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
10930 (eval "$ac_link") 2>conftest.er1
10931 ac_status=$?
10932 grep -v '^ *+' conftest.er1 >conftest.err
10933 rm -f conftest.er1
10934 cat conftest.err >&5
10935 echo "$as_me:$LINENO: \$? = $ac_status" >&5
10936 (exit $ac_status); } && {
10937 test -z "$ac_c_werror_flag" ||
10938 test ! -s conftest.err
10939 } && test -s conftest$ac_exeext &&
10940 $as_test_x conftest$ac_exeext; then
10941 eval "$as_ac_var=yes"
10942else
10943 echo "$as_me: failed program was:" >&5
10944sed 's/^/| /' conftest.$ac_ext >&5
10945
10946 eval "$as_ac_var=no"
10947fi
10948
10949rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
10950 conftest$ac_exeext conftest.$ac_ext
10951fi
10952ac_res=`eval echo '${'$as_ac_var'}'`
10953 { echo "$as_me:$LINENO: result: $ac_res" >&5
10954echo "${ECHO_T}$ac_res" >&6; }
10955if test `eval echo '${'$as_ac_var'}'` = yes; then
10956 cat >>confdefs.h <<_ACEOF
10957#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
10958_ACEOF
10959
10960fi
10961done
10962
10963
10964for ac_func in priv_basicset
10965do
10966as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
10967{ echo "$as_me:$LINENO: checking for $ac_func" >&5
10968echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
10969if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
10970 echo $ECHO_N "(cached) $ECHO_C" >&6
10971else
10972 cat >conftest.$ac_ext <<_ACEOF
10973/* confdefs.h. */
10974_ACEOF
10975cat confdefs.h >>conftest.$ac_ext
10976cat >>conftest.$ac_ext <<_ACEOF
10977/* end confdefs.h. */
10978/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
10979 For example, HP-UX 11i <limits.h> declares gettimeofday. */
10980#define $ac_func innocuous_$ac_func
10981
10982/* System header to define __stub macros and hopefully few prototypes,
10983 which can conflict with char $ac_func (); below.
10984 Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
10985 <limits.h> exists even on freestanding compilers. */
10986
10987#ifdef __STDC__
10988# include <limits.h>
10989#else
10990# include <assert.h>
10991#endif
10992
10993#undef $ac_func
10994
10995/* Override any GCC internal prototype to avoid an error.
10996 Use char because int might match the return type of a GCC
10997 builtin and then its argument prototype would still apply. */
10998#ifdef __cplusplus
10999extern "C"
11000#endif
11001char $ac_func ();
11002/* The GNU C library defines this for functions which it implements
11003 to always fail with ENOSYS. Some functions are actually named
11004 something starting with __ and the normal name is an alias. */
11005#if defined __stub_$ac_func || defined __stub___$ac_func
11006choke me
11007#endif
11008
11009int
11010main ()
11011{
11012return $ac_func ();
11013 ;
11014 return 0;
11015}
11016_ACEOF
11017rm -f conftest.$ac_objext conftest$ac_exeext
11018if { (ac_try="$ac_link"
11019case "(($ac_try" in
11020 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
11021 *) ac_try_echo=$ac_try;;
11022esac
11023eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
11024 (eval "$ac_link") 2>conftest.er1
11025 ac_status=$?
11026 grep -v '^ *+' conftest.er1 >conftest.err
11027 rm -f conftest.er1
11028 cat conftest.err >&5
11029 echo "$as_me:$LINENO: \$? = $ac_status" >&5
11030 (exit $ac_status); } && {
11031 test -z "$ac_c_werror_flag" ||
11032 test ! -s conftest.err
11033 } && test -s conftest$ac_exeext &&
11034 $as_test_x conftest$ac_exeext; then
11035 eval "$as_ac_var=yes"
11036else
11037 echo "$as_me: failed program was:" >&5
11038sed 's/^/| /' conftest.$ac_ext >&5
11039
11040 eval "$as_ac_var=no"
11041fi
11042
11043rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
11044 conftest$ac_exeext conftest.$ac_ext
11045fi
11046ac_res=`eval echo '${'$as_ac_var'}'`
11047 { echo "$as_me:$LINENO: result: $ac_res" >&5
11048echo "${ECHO_T}$ac_res" >&6; }
11049if test `eval echo '${'$as_ac_var'}'` = yes; then
11050 cat >>confdefs.h <<_ACEOF
11051#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
11052_ACEOF
11053
11054fi
11055done
11056
11057
11058for ac_header in priv.h
11059do
11060as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
11061if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
11062 { echo "$as_me:$LINENO: checking for $ac_header" >&5
11063echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
11064if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
11065 echo $ECHO_N "(cached) $ECHO_C" >&6
11066fi
11067ac_res=`eval echo '${'$as_ac_Header'}'`
11068 { echo "$as_me:$LINENO: result: $ac_res" >&5
11069echo "${ECHO_T}$ac_res" >&6; }
11070else
11071 # Is the header compilable?
11072{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
11073echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
11074cat >conftest.$ac_ext <<_ACEOF
11075/* confdefs.h. */
11076_ACEOF
11077cat confdefs.h >>conftest.$ac_ext
11078cat >>conftest.$ac_ext <<_ACEOF
11079/* end confdefs.h. */
11080$ac_includes_default
11081#include <$ac_header>
11082_ACEOF
11083rm -f conftest.$ac_objext
11084if { (ac_try="$ac_compile"
11085case "(($ac_try" in
11086 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
11087 *) ac_try_echo=$ac_try;;
11088esac
11089eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
11090 (eval "$ac_compile") 2>conftest.er1
11091 ac_status=$?
11092 grep -v '^ *+' conftest.er1 >conftest.err
11093 rm -f conftest.er1
11094 cat conftest.err >&5
11095 echo "$as_me:$LINENO: \$? = $ac_status" >&5
11096 (exit $ac_status); } && {
11097 test -z "$ac_c_werror_flag" ||
11098 test ! -s conftest.err
11099 } && test -s conftest.$ac_objext; then
11100 ac_header_compiler=yes
11101else
11102 echo "$as_me: failed program was:" >&5
11103sed 's/^/| /' conftest.$ac_ext >&5
11104
11105 ac_header_compiler=no
11106fi
11107
11108rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
11109{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
11110echo "${ECHO_T}$ac_header_compiler" >&6; }
11111
11112# Is the header present?
11113{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
11114echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
11115cat >conftest.$ac_ext <<_ACEOF
11116/* confdefs.h. */
11117_ACEOF
11118cat confdefs.h >>conftest.$ac_ext
11119cat >>conftest.$ac_ext <<_ACEOF
11120/* end confdefs.h. */
11121#include <$ac_header>
11122_ACEOF
11123if { (ac_try="$ac_cpp conftest.$ac_ext"
11124case "(($ac_try" in
11125 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
11126 *) ac_try_echo=$ac_try;;
11127esac
11128eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
11129 (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
11130 ac_status=$?
11131 grep -v '^ *+' conftest.er1 >conftest.err
11132 rm -f conftest.er1
11133 cat conftest.err >&5
11134 echo "$as_me:$LINENO: \$? = $ac_status" >&5
11135 (exit $ac_status); } >/dev/null && {
11136 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
11137 test ! -s conftest.err
11138 }; then
11139 ac_header_preproc=yes
11140else
11141 echo "$as_me: failed program was:" >&5
11142sed 's/^/| /' conftest.$ac_ext >&5
11143
11144 ac_header_preproc=no
11145fi
11146
11147rm -f conftest.err conftest.$ac_ext
11148{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
11149echo "${ECHO_T}$ac_header_preproc" >&6; }
11150
11151# So? What about this header?
11152case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
11153 yes:no: )
11154 { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
11155echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
11156 { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
11157echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
11158 ac_header_preproc=yes
11159 ;;
11160 no:yes:* )
11161 { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
11162echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
11163 { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
11164echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
11165 { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
11166echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
11167 { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
11168echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
11169 { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
11170echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
11171 { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
11172echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
11173 ( cat <<\_ASBOX
11174## ------------------------------------------- ##
11175## Report this to openssh-unix-dev@mindrot.org ##
11176## ------------------------------------------- ##
11177_ASBOX
11178 ) | sed "s/^/$as_me: WARNING: /" >&2
11179 ;;
11180esac
11181{ echo "$as_me:$LINENO: checking for $ac_header" >&5
11182echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
11183if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
11184 echo $ECHO_N "(cached) $ECHO_C" >&6
11185else
11186 eval "$as_ac_Header=\$ac_header_preproc"
11187fi
11188ac_res=`eval echo '${'$as_ac_Header'}'`
11189 { echo "$as_me:$LINENO: result: $ac_res" >&5
11190echo "${ECHO_T}$ac_res" >&6; }
11191
11192fi
11193if test `eval echo '${'$as_ac_Header'}'` = yes; then
11194 cat >>confdefs.h <<_ACEOF
11195#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
11196_ACEOF
11197
11198fi
11199
11200done
11201
11202
10792# Check whether --with-solaris-contracts was given. 11203# Check whether --with-solaris-contracts was given.
10793if test "${with_solaris_contracts+set}" = set; then 11204if test "${with_solaris_contracts+set}" = set; then
10794 withval=$with_solaris_contracts; 11205 withval=$with_solaris_contracts;
@@ -10859,7 +11270,7 @@ cat >>confdefs.h <<\_ACEOF
10859#define USE_SOLARIS_PROCESS_CONTRACTS 1 11270#define USE_SOLARIS_PROCESS_CONTRACTS 1
10860_ACEOF 11271_ACEOF
10861 11272
10862 SSHDLIBS="$SSHDLIBS -lcontract" 11273 LIBS="$LIBS -lcontract"
10863 SPC_MSG="yes" 11274 SPC_MSG="yes"
10864fi 11275fi
10865 11276
@@ -10937,13 +11348,45 @@ cat >>confdefs.h <<\_ACEOF
10937#define USE_SOLARIS_PROJECTS 1 11348#define USE_SOLARIS_PROJECTS 1
10938_ACEOF 11349_ACEOF
10939 11350
10940 SSHDLIBS="$SSHDLIBS -lproject" 11351 LIBS="$LIBS -lproject"
10941 SP_MSG="yes" 11352 SP_MSG="yes"
10942fi 11353fi
10943 11354
10944 11355
10945fi 11356fi
10946 11357
11358
11359# Check whether --with-solaris-privs was given.
11360if test "${with_solaris_privs+set}" = set; then
11361 withval=$with_solaris_privs;
11362 { echo "$as_me:$LINENO: checking for Solaris/Illumos privilege support" >&5
11363echo $ECHO_N "checking for Solaris/Illumos privilege support... $ECHO_C" >&6; }
11364 if test "x$ac_cv_func_setppriv" = "xyes" -a \
11365 "x$ac_cv_header_priv_h" = "xyes" ; then
11366 SOLARIS_PRIVS=yes
11367 { echo "$as_me:$LINENO: result: found" >&5
11368echo "${ECHO_T}found" >&6; }
11369
11370cat >>confdefs.h <<\_ACEOF
11371#define NO_UID_RESTORATION_TEST 1
11372_ACEOF
11373
11374
11375cat >>confdefs.h <<\_ACEOF
11376#define USE_SOLARIS_PRIVS 1
11377_ACEOF
11378
11379 SPP_MSG="yes"
11380 else
11381 { echo "$as_me:$LINENO: result: not found" >&5
11382echo "${ECHO_T}not found" >&6; }
11383 { { echo "$as_me:$LINENO: error: *** must have support for Solaris privileges to use --with-solaris-privs" >&5
11384echo "$as_me: error: *** must have support for Solaris privileges to use --with-solaris-privs" >&2;}
11385 { (exit 1); exit 1; }; }
11386 fi
11387
11388fi
11389
10947 TEST_SHELL=$SHELL # let configure find us a capable shell 11390 TEST_SHELL=$SHELL # let configure find us a capable shell
10948 ;; 11391 ;;
10949*-*-sunos4*) 11392*-*-sunos4*)
@@ -11942,163 +12385,6 @@ fi
11942 12385
11943 12386
11944# Checks for libraries. 12387# Checks for libraries.
11945{ echo "$as_me:$LINENO: checking for yp_match" >&5
11946echo $ECHO_N "checking for yp_match... $ECHO_C" >&6; }
11947if test "${ac_cv_func_yp_match+set}" = set; then
11948 echo $ECHO_N "(cached) $ECHO_C" >&6
11949else
11950 cat >conftest.$ac_ext <<_ACEOF
11951/* confdefs.h. */
11952_ACEOF
11953cat confdefs.h >>conftest.$ac_ext
11954cat >>conftest.$ac_ext <<_ACEOF
11955/* end confdefs.h. */
11956/* Define yp_match to an innocuous variant, in case <limits.h> declares yp_match.
11957 For example, HP-UX 11i <limits.h> declares gettimeofday. */
11958#define yp_match innocuous_yp_match
11959
11960/* System header to define __stub macros and hopefully few prototypes,
11961 which can conflict with char yp_match (); below.
11962 Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
11963 <limits.h> exists even on freestanding compilers. */
11964
11965#ifdef __STDC__
11966# include <limits.h>
11967#else
11968# include <assert.h>
11969#endif
11970
11971#undef yp_match
11972
11973/* Override any GCC internal prototype to avoid an error.
11974 Use char because int might match the return type of a GCC
11975 builtin and then its argument prototype would still apply. */
11976#ifdef __cplusplus
11977extern "C"
11978#endif
11979char yp_match ();
11980/* The GNU C library defines this for functions which it implements
11981 to always fail with ENOSYS. Some functions are actually named
11982 something starting with __ and the normal name is an alias. */
11983#if defined __stub_yp_match || defined __stub___yp_match
11984choke me
11985#endif
11986
11987int
11988main ()
11989{
11990return yp_match ();
11991 ;
11992 return 0;
11993}
11994_ACEOF
11995rm -f conftest.$ac_objext conftest$ac_exeext
11996if { (ac_try="$ac_link"
11997case "(($ac_try" in
11998 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
11999 *) ac_try_echo=$ac_try;;
12000esac
12001eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
12002 (eval "$ac_link") 2>conftest.er1
12003 ac_status=$?
12004 grep -v '^ *+' conftest.er1 >conftest.err
12005 rm -f conftest.er1
12006 cat conftest.err >&5
12007 echo "$as_me:$LINENO: \$? = $ac_status" >&5
12008 (exit $ac_status); } && {
12009 test -z "$ac_c_werror_flag" ||
12010 test ! -s conftest.err
12011 } && test -s conftest$ac_exeext &&
12012 $as_test_x conftest$ac_exeext; then
12013 ac_cv_func_yp_match=yes
12014else
12015 echo "$as_me: failed program was:" >&5
12016sed 's/^/| /' conftest.$ac_ext >&5
12017
12018 ac_cv_func_yp_match=no
12019fi
12020
12021rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
12022 conftest$ac_exeext conftest.$ac_ext
12023fi
12024{ echo "$as_me:$LINENO: result: $ac_cv_func_yp_match" >&5
12025echo "${ECHO_T}$ac_cv_func_yp_match" >&6; }
12026if test $ac_cv_func_yp_match = yes; then
12027 :
12028else
12029
12030{ echo "$as_me:$LINENO: checking for yp_match in -lnsl" >&5
12031echo $ECHO_N "checking for yp_match in -lnsl... $ECHO_C" >&6; }
12032if test "${ac_cv_lib_nsl_yp_match+set}" = set; then
12033 echo $ECHO_N "(cached) $ECHO_C" >&6
12034else
12035 ac_check_lib_save_LIBS=$LIBS
12036LIBS="-lnsl $LIBS"
12037cat >conftest.$ac_ext <<_ACEOF
12038/* confdefs.h. */
12039_ACEOF
12040cat confdefs.h >>conftest.$ac_ext
12041cat >>conftest.$ac_ext <<_ACEOF
12042/* end confdefs.h. */
12043
12044/* Override any GCC internal prototype to avoid an error.
12045 Use char because int might match the return type of a GCC
12046 builtin and then its argument prototype would still apply. */
12047#ifdef __cplusplus
12048extern "C"
12049#endif
12050char yp_match ();
12051int
12052main ()
12053{
12054return yp_match ();
12055 ;
12056 return 0;
12057}
12058_ACEOF
12059rm -f conftest.$ac_objext conftest$ac_exeext
12060if { (ac_try="$ac_link"
12061case "(($ac_try" in
12062 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
12063 *) ac_try_echo=$ac_try;;
12064esac
12065eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
12066 (eval "$ac_link") 2>conftest.er1
12067 ac_status=$?
12068 grep -v '^ *+' conftest.er1 >conftest.err
12069 rm -f conftest.er1
12070 cat conftest.err >&5
12071 echo "$as_me:$LINENO: \$? = $ac_status" >&5
12072 (exit $ac_status); } && {
12073 test -z "$ac_c_werror_flag" ||
12074 test ! -s conftest.err
12075 } && test -s conftest$ac_exeext &&
12076 $as_test_x conftest$ac_exeext; then
12077 ac_cv_lib_nsl_yp_match=yes
12078else
12079 echo "$as_me: failed program was:" >&5
12080sed 's/^/| /' conftest.$ac_ext >&5
12081
12082 ac_cv_lib_nsl_yp_match=no
12083fi
12084
12085rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
12086 conftest$ac_exeext conftest.$ac_ext
12087LIBS=$ac_check_lib_save_LIBS
12088fi
12089{ echo "$as_me:$LINENO: result: $ac_cv_lib_nsl_yp_match" >&5
12090echo "${ECHO_T}$ac_cv_lib_nsl_yp_match" >&6; }
12091if test $ac_cv_lib_nsl_yp_match = yes; then
12092 cat >>confdefs.h <<_ACEOF
12093#define HAVE_LIBNSL 1
12094_ACEOF
12095
12096 LIBS="-lnsl $LIBS"
12097
12098fi
12099
12100fi
12101
12102{ echo "$as_me:$LINENO: checking for setsockopt" >&5 12388{ echo "$as_me:$LINENO: checking for setsockopt" >&5
12103echo $ECHO_N "checking for setsockopt... $ECHO_C" >&6; } 12389echo $ECHO_N "checking for setsockopt... $ECHO_C" >&6; }
12104if test "${ac_cv_func_setsockopt+set}" = set; then 12390if test "${ac_cv_func_setsockopt+set}" = set; then
@@ -14599,7 +14885,8 @@ fi
14599done 14885done
14600 14886
14601 14887
14602# On some platforms, inet_ntop may be found in libresolv or libnsl. 14888# On some platforms, inet_ntop and gethostbyname may be found in libresolv
14889# or libnsl.
14603{ echo "$as_me:$LINENO: checking for library containing inet_ntop" >&5 14890{ echo "$as_me:$LINENO: checking for library containing inet_ntop" >&5
14604echo $ECHO_N "checking for library containing inet_ntop... $ECHO_C" >&6; } 14891echo $ECHO_N "checking for library containing inet_ntop... $ECHO_C" >&6; }
14605if test "${ac_cv_search_inet_ntop+set}" = set; then 14892if test "${ac_cv_search_inet_ntop+set}" = set; then
@@ -14683,6 +14970,89 @@ if test "$ac_res" != no; then
14683 14970
14684fi 14971fi
14685 14972
14973{ echo "$as_me:$LINENO: checking for library containing gethostbyname" >&5
14974echo $ECHO_N "checking for library containing gethostbyname... $ECHO_C" >&6; }
14975if test "${ac_cv_search_gethostbyname+set}" = set; then
14976 echo $ECHO_N "(cached) $ECHO_C" >&6
14977else
14978 ac_func_search_save_LIBS=$LIBS
14979cat >conftest.$ac_ext <<_ACEOF
14980/* confdefs.h. */
14981_ACEOF
14982cat confdefs.h >>conftest.$ac_ext
14983cat >>conftest.$ac_ext <<_ACEOF
14984/* end confdefs.h. */
14985
14986/* Override any GCC internal prototype to avoid an error.
14987 Use char because int might match the return type of a GCC
14988 builtin and then its argument prototype would still apply. */
14989#ifdef __cplusplus
14990extern "C"
14991#endif
14992char gethostbyname ();
14993int
14994main ()
14995{
14996return gethostbyname ();
14997 ;
14998 return 0;
14999}
15000_ACEOF
15001for ac_lib in '' resolv nsl; do
15002 if test -z "$ac_lib"; then
15003 ac_res="none required"
15004 else
15005 ac_res=-l$ac_lib
15006 LIBS="-l$ac_lib $ac_func_search_save_LIBS"
15007 fi
15008 rm -f conftest.$ac_objext conftest$ac_exeext
15009if { (ac_try="$ac_link"
15010case "(($ac_try" in
15011 *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
15012 *) ac_try_echo=$ac_try;;
15013esac
15014eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
15015 (eval "$ac_link") 2>conftest.er1
15016 ac_status=$?
15017 grep -v '^ *+' conftest.er1 >conftest.err
15018 rm -f conftest.er1
15019 cat conftest.err >&5
15020 echo "$as_me:$LINENO: \$? = $ac_status" >&5
15021 (exit $ac_status); } && {
15022 test -z "$ac_c_werror_flag" ||
15023 test ! -s conftest.err
15024 } && test -s conftest$ac_exeext &&
15025 $as_test_x conftest$ac_exeext; then
15026 ac_cv_search_gethostbyname=$ac_res
15027else
15028 echo "$as_me: failed program was:" >&5
15029sed 's/^/| /' conftest.$ac_ext >&5
15030
15031
15032fi
15033
15034rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
15035 conftest$ac_exeext
15036 if test "${ac_cv_search_gethostbyname+set}" = set; then
15037 break
15038fi
15039done
15040if test "${ac_cv_search_gethostbyname+set}" = set; then
15041 :
15042else
15043 ac_cv_search_gethostbyname=no
15044fi
15045rm conftest.$ac_ext
15046LIBS=$ac_func_search_save_LIBS
15047fi
15048{ echo "$as_me:$LINENO: result: $ac_cv_search_gethostbyname" >&5
15049echo "${ECHO_T}$ac_cv_search_gethostbyname" >&6; }
15050ac_res=$ac_cv_search_gethostbyname
15051if test "$ac_res" != no; then
15052 test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
15053
15054fi
15055
14686 15056
14687 15057
14688for ac_func in strftime 15058for ac_func in strftime
@@ -16524,6 +16894,7 @@ fi
16524 16894
16525 16895
16526 16896
16897
16527for ac_func in \ 16898for ac_func in \
16528 Blowfish_initstate \ 16899 Blowfish_initstate \
16529 Blowfish_expandstate \ 16900 Blowfish_expandstate \
@@ -16579,6 +16950,7 @@ for ac_func in \
16579 nsleep \ 16950 nsleep \
16580 ogetaddrinfo \ 16951 ogetaddrinfo \
16581 openlog_r \ 16952 openlog_r \
16953 pledge \
16582 poll \ 16954 poll \
16583 prctl \ 16955 prctl \
16584 pstat \ 16956 pstat \
@@ -20707,12 +21079,12 @@ openssl_engine=no
20707# Check whether --with-ssl-engine was given. 21079# Check whether --with-ssl-engine was given.
20708if test "${with_ssl_engine+set}" = set; then 21080if test "${with_ssl_engine+set}" = set; then
20709 withval=$with_ssl_engine; 21081 withval=$with_ssl_engine;
20710 if test "x$openssl" = "xno" ; then 21082 if test "x$withval" != "xno" ; then
20711 { { echo "$as_me:$LINENO: error: cannot use --with-ssl-engine when OpenSSL disabled" >&5 21083 if test "x$openssl" = "xno" ; then
21084 { { echo "$as_me:$LINENO: error: cannot use --with-ssl-engine when OpenSSL disabled" >&5
20712echo "$as_me: error: cannot use --with-ssl-engine when OpenSSL disabled" >&2;} 21085echo "$as_me: error: cannot use --with-ssl-engine when OpenSSL disabled" >&2;}
20713 { (exit 1); exit 1; }; } 21086 { (exit 1); exit 1; }; }
20714 fi 21087 fi
20715 if test "x$withval" != "xno" ; then
20716 openssl_engine=yes 21088 openssl_engine=yes
20717 fi 21089 fi
20718 21090
@@ -20999,6 +21371,7 @@ cat confdefs.h >>conftest.$ac_ext
20999cat >>conftest.$ac_ext <<_ACEOF 21371cat >>conftest.$ac_ext <<_ACEOF
21000/* end confdefs.h. */ 21372/* end confdefs.h. */
21001 21373
21374 #include <stdlib.h>
21002 #include <stdio.h> 21375 #include <stdio.h>
21003 #include <string.h> 21376 #include <string.h>
21004 #include <openssl/opensslv.h> 21377 #include <openssl/opensslv.h>
@@ -21015,7 +21388,8 @@ main ()
21015 if(fd == NULL) 21388 if(fd == NULL)
21016 exit(1); 21389 exit(1);
21017 21390
21018 if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 21391 if ((rc = fprintf(fd ,"%08lx (%s)\n",
21392 (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
21019 exit(1); 21393 exit(1);
21020 21394
21021 exit(0); 21395 exit(0);
@@ -21184,6 +21558,7 @@ cat >>conftest.$ac_ext <<_ACEOF
21184 21558
21185 #include <string.h> 21559 #include <string.h>
21186 #include <openssl/opensslv.h> 21560 #include <openssl/opensslv.h>
21561 #include <openssl/crypto.h>
21187 21562
21188int 21563int
21189main () 21564main ()
@@ -24145,7 +24520,19 @@ fi
24145 24520
24146 24521
24147 24522
24148if test "x$sandbox_arg" = "xsystrace" || \ 24523if test "x$sandbox_arg" = "xpledge" || \
24524 ( test -z "$sandbox_arg" && test "x$ac_cv_func_pledge" = "xyes" ) ; then
24525 test "x$ac_cv_func_pledge" != "xyes" && \
24526 { { echo "$as_me:$LINENO: error: pledge sandbox requires pledge(2) support" >&5
24527echo "$as_me: error: pledge sandbox requires pledge(2) support" >&2;}
24528 { (exit 1); exit 1; }; }
24529 SANDBOX_STYLE="pledge"
24530
24531cat >>confdefs.h <<\_ACEOF
24532#define SANDBOX_PLEDGE 1
24533_ACEOF
24534
24535elif test "x$sandbox_arg" = "xsystrace" || \
24149 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then 24536 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then
24150 test "x$have_systr_policy_kill" != "x1" && \ 24537 test "x$have_systr_policy_kill" != "x1" && \
24151 { { echo "$as_me:$LINENO: error: systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support" >&5 24538 { { echo "$as_me:$LINENO: error: systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support" >&5
@@ -24238,6 +24625,14 @@ cat >>confdefs.h <<\_ACEOF
24238#define SANDBOX_RLIMIT 1 24625#define SANDBOX_RLIMIT 1
24239_ACEOF 24626_ACEOF
24240 24627
24628elif test "x$sandbox_arg" = "xsolaris" || \
24629 ( test -z "$sandbox_arg" && test "x$SOLARIS_PRIVS" = "xyes" ) ; then
24630 SANDBOX_STYLE="solaris"
24631
24632cat >>confdefs.h <<\_ACEOF
24633#define SANDBOX_SOLARIS 1
24634_ACEOF
24635
24241elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ 24636elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \
24242 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then 24637 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then
24243 SANDBOX_STYLE="none" 24638 SANDBOX_STYLE="none"
@@ -31719,6 +32114,9 @@ int
31719main () 32114main ()
31720{ 32115{
31721 32116
32117struct __res_state *volatile p = &_res; /* force resolution of _res */
32118return 0;
32119
31722 ; 32120 ;
31723 return 0; 32121 return 0;
31724} 32122}
@@ -36811,6 +37209,7 @@ echo " MD5 password support: $MD5_MSG"
36811echo " libedit support: $LIBEDIT_MSG" 37209echo " libedit support: $LIBEDIT_MSG"
36812echo " Solaris process contract support: $SPC_MSG" 37210echo " Solaris process contract support: $SPC_MSG"
36813echo " Solaris project support: $SP_MSG" 37211echo " Solaris project support: $SP_MSG"
37212echo " Solaris privilege support: $SPP_MSG"
36814echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 37213echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
36815echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 37214echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
36816echo " BSD Auth support: $BSD_AUTH_MSG" 37215echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/configure.ac b/configure.ac
index 9b05c30f8..7258cc0e5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -140,7 +140,7 @@ else
140fi 140fi
141 141
142AC_ARG_WITH([ssh1], 142AC_ARG_WITH([ssh1],
143 [ --without-ssh1 Enable support for SSH protocol 1], 143 [ --with-ssh1 Enable support for SSH protocol 1],
144 [ 144 [
145 if test "x$withval" = "xyes" ; then 145 if test "x$withval" = "xyes" ; then
146 if test "x$openssl" = "xno" ; then 146 if test "x$openssl" = "xno" ; then
@@ -469,6 +469,11 @@ AC_CHECK_HEADERS([sys/un.h], [], [], [
469SIA_MSG="no" 469SIA_MSG="no"
470SPC_MSG="no" 470SPC_MSG="no"
471SP_MSG="no" 471SP_MSG="no"
472SPP_MSG="no"
473
474# Support for Solaris/Illumos privileges (this test is used by both
475# the --with-solaris-privs option and --with-sandbox=solaris).
476SOLARIS_PRIVS="no"
472 477
473# Check for some target-specific stuff 478# Check for some target-specific stuff
474case "$host" in 479case "$host" in
@@ -575,6 +580,8 @@ case "$host" in
575 LIBS="$LIBS /usr/lib/textreadmode.o" 580 LIBS="$LIBS /usr/lib/textreadmode.o"
576 AC_DEFINE([HAVE_CYGWIN], [1], [Define if you are on Cygwin]) 581 AC_DEFINE([HAVE_CYGWIN], [1], [Define if you are on Cygwin])
577 AC_DEFINE([USE_PIPES], [1], [Use PIPES instead of a socketpair()]) 582 AC_DEFINE([USE_PIPES], [1], [Use PIPES instead of a socketpair()])
583 AC_DEFINE([NO_UID_RESTORATION_TEST], [1],
584 [Define to disable UID restoration test])
578 AC_DEFINE([DISABLE_SHADOW], [1], 585 AC_DEFINE([DISABLE_SHADOW], [1],
579 [Define if you want to disable shadow passwords]) 586 [Define if you want to disable shadow passwords])
580 AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], 587 AC_DEFINE([NO_X11_UNIX_SOCKETS], [1],
@@ -637,6 +644,9 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16))
637 supported by bsd-setproctitle.c]) 644 supported by bsd-setproctitle.c])
638 AC_CHECK_FUNCS([sandbox_init]) 645 AC_CHECK_FUNCS([sandbox_init])
639 AC_CHECK_HEADERS([sandbox.h]) 646 AC_CHECK_HEADERS([sandbox.h])
647 AC_CHECK_LIB([sandbox], [sandbox_apply], [
648 SSHDLIBS="$SSHDLIBS -lsandbox"
649 ])
640 ;; 650 ;;
641*-*-dragonfly*) 651*-*-dragonfly*)
642 SSHDLIBS="$SSHDLIBS -lcrypt" 652 SSHDLIBS="$SSHDLIBS -lcrypt"
@@ -889,13 +899,16 @@ mips-sony-bsd|mips-sony-newsos4)
889 else 899 else
890 AC_MSG_RESULT([no]) 900 AC_MSG_RESULT([no])
891 fi 901 fi
902 AC_CHECK_FUNCS([setppriv])
903 AC_CHECK_FUNCS([priv_basicset])
904 AC_CHECK_HEADERS([priv.h])
892 AC_ARG_WITH([solaris-contracts], 905 AC_ARG_WITH([solaris-contracts],
893 [ --with-solaris-contracts Enable Solaris process contracts (experimental)], 906 [ --with-solaris-contracts Enable Solaris process contracts (experimental)],
894 [ 907 [
895 AC_CHECK_LIB([contract], [ct_tmpl_activate], 908 AC_CHECK_LIB([contract], [ct_tmpl_activate],
896 [ AC_DEFINE([USE_SOLARIS_PROCESS_CONTRACTS], [1], 909 [ AC_DEFINE([USE_SOLARIS_PROCESS_CONTRACTS], [1],
897 [Define if you have Solaris process contracts]) 910 [Define if you have Solaris process contracts])
898 SSHDLIBS="$SSHDLIBS -lcontract" 911 LIBS="$LIBS -lcontract"
899 SPC_MSG="yes" ], ) 912 SPC_MSG="yes" ], )
900 ], 913 ],
901 ) 914 )
@@ -905,10 +918,29 @@ mips-sony-bsd|mips-sony-newsos4)
905 AC_CHECK_LIB([project], [setproject], 918 AC_CHECK_LIB([project], [setproject],
906 [ AC_DEFINE([USE_SOLARIS_PROJECTS], [1], 919 [ AC_DEFINE([USE_SOLARIS_PROJECTS], [1],
907 [Define if you have Solaris projects]) 920 [Define if you have Solaris projects])
908 SSHDLIBS="$SSHDLIBS -lproject" 921 LIBS="$LIBS -lproject"
909 SP_MSG="yes" ], ) 922 SP_MSG="yes" ], )
910 ], 923 ],
911 ) 924 )
925 AC_ARG_WITH([solaris-privs],
926 [ --with-solaris-privs Enable Solaris/Illumos privileges (experimental)],
927 [
928 AC_MSG_CHECKING([for Solaris/Illumos privilege support])
929 if test "x$ac_cv_func_setppriv" = "xyes" -a \
930 "x$ac_cv_header_priv_h" = "xyes" ; then
931 SOLARIS_PRIVS=yes
932 AC_MSG_RESULT([found])
933 AC_DEFINE([NO_UID_RESTORATION_TEST], [1],
934 [Define to disable UID restoration test])
935 AC_DEFINE([USE_SOLARIS_PRIVS], [1],
936 [Define if you have Solaris privileges])
937 SPP_MSG="yes"
938 else
939 AC_MSG_RESULT([not found])
940 AC_MSG_ERROR([*** must have support for Solaris privileges to use --with-solaris-privs])
941 fi
942 ],
943 )
912 TEST_SHELL=$SHELL # let configure find us a capable shell 944 TEST_SHELL=$SHELL # let configure find us a capable shell
913 ;; 945 ;;
914*-*-sunos4*) 946*-*-sunos4*)
@@ -1122,7 +1154,6 @@ AC_RUN_IFELSE([AC_LANG_PROGRAM([[ #include <stdio.h> ]], [[ exit(0); ]])],
1122 1154
1123dnl Checks for header files. 1155dnl Checks for header files.
1124# Checks for libraries. 1156# Checks for libraries.
1125AC_CHECK_FUNC([yp_match], , [AC_CHECK_LIB([nsl], [yp_match])])
1126AC_CHECK_FUNC([setsockopt], , [AC_CHECK_LIB([socket], [setsockopt])]) 1157AC_CHECK_FUNC([setsockopt], , [AC_CHECK_LIB([socket], [setsockopt])])
1127 1158
1128dnl IRIX and Solaris 2.5.1 have dirname() in libgen 1159dnl IRIX and Solaris 2.5.1 have dirname() in libgen
@@ -1286,8 +1317,10 @@ AC_SEARCH_LIBS([openpty], [util bsd])
1286AC_SEARCH_LIBS([updwtmp], [util bsd]) 1317AC_SEARCH_LIBS([updwtmp], [util bsd])
1287AC_CHECK_FUNCS([fmt_scaled scan_scaled login logout openpty updwtmp logwtmp]) 1318AC_CHECK_FUNCS([fmt_scaled scan_scaled login logout openpty updwtmp logwtmp])
1288 1319
1289# On some platforms, inet_ntop may be found in libresolv or libnsl. 1320# On some platforms, inet_ntop and gethostbyname may be found in libresolv
1321# or libnsl.
1290AC_SEARCH_LIBS([inet_ntop], [resolv nsl]) 1322AC_SEARCH_LIBS([inet_ntop], [resolv nsl])
1323AC_SEARCH_LIBS([gethostbyname], [resolv nsl])
1291 1324
1292AC_FUNC_STRFTIME 1325AC_FUNC_STRFTIME
1293 1326
@@ -1669,6 +1702,7 @@ AC_CHECK_FUNCS([ \
1669 nsleep \ 1702 nsleep \
1670 ogetaddrinfo \ 1703 ogetaddrinfo \
1671 openlog_r \ 1704 openlog_r \
1705 pledge \
1672 poll \ 1706 poll \
1673 prctl \ 1707 prctl \
1674 pstat \ 1708 pstat \
@@ -2309,10 +2343,10 @@ openssl_engine=no
2309AC_ARG_WITH([ssl-engine], 2343AC_ARG_WITH([ssl-engine],
2310 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ], 2344 [ --with-ssl-engine Enable OpenSSL (hardware) ENGINE support ],
2311 [ 2345 [
2312 if test "x$openssl" = "xno" ; then
2313 AC_MSG_ERROR([cannot use --with-ssl-engine when OpenSSL disabled])
2314 fi
2315 if test "x$withval" != "xno" ; then 2346 if test "x$withval" != "xno" ; then
2347 if test "x$openssl" = "xno" ; then
2348 AC_MSG_ERROR([cannot use --with-ssl-engine when OpenSSL disabled])
2349 fi
2316 openssl_engine=yes 2350 openssl_engine=yes
2317 fi 2351 fi
2318 ] 2352 ]
@@ -2345,6 +2379,7 @@ if test "x$openssl" = "xyes" ; then
2345 AC_MSG_CHECKING([OpenSSL header version]) 2379 AC_MSG_CHECKING([OpenSSL header version])
2346 AC_RUN_IFELSE( 2380 AC_RUN_IFELSE(
2347 [AC_LANG_PROGRAM([[ 2381 [AC_LANG_PROGRAM([[
2382 #include <stdlib.h>
2348 #include <stdio.h> 2383 #include <stdio.h>
2349 #include <string.h> 2384 #include <string.h>
2350 #include <openssl/opensslv.h> 2385 #include <openssl/opensslv.h>
@@ -2357,7 +2392,8 @@ if test "x$openssl" = "xyes" ; then
2357 if(fd == NULL) 2392 if(fd == NULL)
2358 exit(1); 2393 exit(1);
2359 2394
2360 if ((rc = fprintf(fd ,"%08x (%s)\n", OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0) 2395 if ((rc = fprintf(fd ,"%08lx (%s)\n",
2396 (unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT)) <0)
2361 exit(1); 2397 exit(1);
2362 2398
2363 exit(0); 2399 exit(0);
@@ -2424,6 +2460,7 @@ if test "x$openssl" = "xyes" ; then
2424 [AC_LANG_PROGRAM([[ 2460 [AC_LANG_PROGRAM([[
2425 #include <string.h> 2461 #include <string.h>
2426 #include <openssl/opensslv.h> 2462 #include <openssl/opensslv.h>
2463 #include <openssl/crypto.h>
2427 ]], [[ 2464 ]], [[
2428 exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1); 2465 exit(SSLeay() == OPENSSL_VERSION_NUMBER ? 0 : 1);
2429 ]])], 2466 ]])],
@@ -2998,7 +3035,7 @@ fi
2998# Decide which sandbox style to use 3035# Decide which sandbox style to use
2999sandbox_arg="" 3036sandbox_arg=""
3000AC_ARG_WITH([sandbox], 3037AC_ARG_WITH([sandbox],
3001 [ --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter, capsicum)], 3038 [ --with-sandbox=style Specify privilege separation sandbox (no, capsicum, darwin, rlimit, seccomp_filter, systrace, pledge)],
3002 [ 3039 [
3003 if test "x$withval" = "xyes" ; then 3040 if test "x$withval" = "xyes" ; then
3004 sandbox_arg="" 3041 sandbox_arg=""
@@ -3094,7 +3131,13 @@ AC_RUN_IFELSE(
3094 [AC_MSG_WARN([cross compiling: assuming yes])] 3131 [AC_MSG_WARN([cross compiling: assuming yes])]
3095) 3132)
3096 3133
3097if test "x$sandbox_arg" = "xsystrace" || \ 3134if test "x$sandbox_arg" = "xpledge" || \
3135 ( test -z "$sandbox_arg" && test "x$ac_cv_func_pledge" = "xyes" ) ; then
3136 test "x$ac_cv_func_pledge" != "xyes" && \
3137 AC_MSG_ERROR([pledge sandbox requires pledge(2) support])
3138 SANDBOX_STYLE="pledge"
3139 AC_DEFINE([SANDBOX_PLEDGE], [1], [Sandbox using pledge(2)])
3140elif test "x$sandbox_arg" = "xsystrace" || \
3098 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then 3141 ( test -z "$sandbox_arg" && test "x$have_systr_policy_kill" = "x1" ) ; then
3099 test "x$have_systr_policy_kill" != "x1" && \ 3142 test "x$have_systr_policy_kill" != "x1" && \
3100 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support]) 3143 AC_MSG_ERROR([systrace sandbox requires systrace headers and SYSTR_POLICY_KILL support])
@@ -3147,6 +3190,10 @@ elif test "x$sandbox_arg" = "xrlimit" || \
3147 AC_MSG_ERROR([rlimit sandbox requires select to work with rlimit]) 3190 AC_MSG_ERROR([rlimit sandbox requires select to work with rlimit])
3148 SANDBOX_STYLE="rlimit" 3191 SANDBOX_STYLE="rlimit"
3149 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)]) 3192 AC_DEFINE([SANDBOX_RLIMIT], [1], [Sandbox using setrlimit(2)])
3193elif test "x$sandbox_arg" = "xsolaris" || \
3194 ( test -z "$sandbox_arg" && test "x$SOLARIS_PRIVS" = "xyes" ) ; then
3195 SANDBOX_STYLE="solaris"
3196 AC_DEFINE([SANDBOX_SOLARIS], [1], [Sandbox using Solaris/Illumos privileges])
3150elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \ 3197elif test -z "$sandbox_arg" || test "x$sandbox_arg" = "xno" || \
3151 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then 3198 test "x$sandbox_arg" = "xnone" || test "x$sandbox_arg" = "xnull" ; then
3152 SANDBOX_STYLE="none" 3199 SANDBOX_STYLE="none"
@@ -3970,7 +4017,10 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([[
3970#include <arpa/nameser.h> 4017#include <arpa/nameser.h>
3971#include <resolv.h> 4018#include <resolv.h>
3972extern struct __res_state _res; 4019extern struct __res_state _res;
3973 ]], [[ ]])], 4020 ]], [[
4021struct __res_state *volatile p = &_res; /* force resolution of _res */
4022return 0;
4023 ]],)],
3974 [AC_MSG_RESULT([yes]) 4024 [AC_MSG_RESULT([yes])
3975 AC_DEFINE([HAVE__RES_EXTERN], [1], 4025 AC_DEFINE([HAVE__RES_EXTERN], [1],
3976 [Define if you have struct __res_state _res as an extern]) 4026 [Define if you have struct __res_state _res as an extern])
@@ -4933,6 +4983,7 @@ echo " MD5 password support: $MD5_MSG"
4933echo " libedit support: $LIBEDIT_MSG" 4983echo " libedit support: $LIBEDIT_MSG"
4934echo " Solaris process contract support: $SPC_MSG" 4984echo " Solaris process contract support: $SPC_MSG"
4935echo " Solaris project support: $SP_MSG" 4985echo " Solaris project support: $SP_MSG"
4986echo " Solaris privilege support: $SPP_MSG"
4936echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" 4987echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG"
4937echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" 4988echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG"
4938echo " BSD Auth support: $BSD_AUTH_MSG" 4989echo " BSD Auth support: $BSD_AUTH_MSG"
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index 4c55227e5..2a55f454e 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
1%define ver 7.1p2 1%define ver 7.2p1
2%define rel 1 2%define rel 1
3 3
4# OpenSSH privilege separation requires a user & group ID 4# OpenSSH privilege separation requires a user & group ID
@@ -89,7 +89,7 @@ Requires: initscripts >= 5.20
89BuildRequires: perl, openssl-devel 89BuildRequires: perl, openssl-devel
90BuildRequires: /bin/login 90BuildRequires: /bin/login
91%if ! %{build6x} 91%if ! %{build6x}
92BuildPreReq: glibc-devel, pam 92BuildRequires: glibc-devel, pam
93%else 93%else
94BuildRequires: /usr/include/security/pam_appl.h 94BuildRequires: /usr/include/security/pam_appl.h
95%endif 95%endif
@@ -184,7 +184,7 @@ CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS
184%endif 184%endif
185 185
186%if %{kerberos5} 186%if %{kerberos5}
187K5DIR=`rpm -ql krb5-devel | grep include/krb5.h | sed 's,\/include\/krb5.h,,'` 187K5DIR=`rpm -ql krb5-devel | grep 'include/krb5\.h' | sed 's,\/include\/krb5.h,,'`
188echo K5DIR=$K5DIR 188echo K5DIR=$K5DIR
189%endif 189%endif
190 190
@@ -192,7 +192,6 @@ echo K5DIR=$K5DIR
192 --sysconfdir=%{_sysconfdir}/ssh \ 192 --sysconfdir=%{_sysconfdir}/ssh \
193 --libexecdir=%{_libexecdir}/openssh \ 193 --libexecdir=%{_libexecdir}/openssh \
194 --datadir=%{_datadir}/openssh \ 194 --datadir=%{_datadir}/openssh \
195 --with-rsh=%{_bindir}/rsh \
196 --with-default-path=/usr/local/bin:/bin:/usr/bin \ 195 --with-default-path=/usr/local/bin:/bin:/usr/bin \
197 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \ 196 --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
198 --with-privsep-path=%{_var}/empty/sshd \ 197 --with-privsep-path=%{_var}/empty/sshd \
diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id
index ae88e9958..afde8b170 100644
--- a/contrib/ssh-copy-id
+++ b/contrib/ssh-copy-id
@@ -56,10 +56,13 @@ then
56 fi 56 fi
57fi 57fi
58 58
59DEFAULT_PUB_ID_FILE=$(ls -t ${HOME}/.ssh/id*.pub 2>/dev/null | grep -v -- '-cert.pub$' | head -n 1) 59DEFAULT_PUB_ID_FILE="$HOME/$(cd "$HOME" ; ls -t .ssh/id*.pub 2>/dev/null | grep -v -- '-cert.pub$' | head -n 1)"
60 60
61usage () { 61usage () {
62 printf 'Usage: %s [-h|-?|-n] [-i [identity_file]] [-p port] [[-o <ssh -o options>] ...] [user@]hostname\n' "$0" >&2 62 printf 'Usage: %s [-h|-?|-f|-n] [-i [identity_file]] [-p port] [[-o <ssh -o options>] ...] [user@]hostname\n' "$0" >&2
63 printf '\t-f: force mode -- copy keys without trying to check if they are already installed\n' >&2
64 printf '\t-n: dry run -- no keys are actually copied\n' >&2
65 printf '\t-h|-?: print this help\n' >&2
63 exit 1 66 exit 1
64} 67}
65 68
@@ -77,15 +80,18 @@ use_id_file() {
77 PUB_ID_FILE="$L_ID_FILE.pub" 80 PUB_ID_FILE="$L_ID_FILE.pub"
78 fi 81 fi
79 82
80 PRIV_ID_FILE=$(dirname "$PUB_ID_FILE")/$(basename "$PUB_ID_FILE" .pub) 83 [ "$FORCED" ] || PRIV_ID_FILE=$(dirname "$PUB_ID_FILE")/$(basename "$PUB_ID_FILE" .pub)
81 84
82 # check that the files are readable 85 # check that the files are readable
83 for f in $PUB_ID_FILE $PRIV_ID_FILE ; do 86 for f in "$PUB_ID_FILE" ${PRIV_ID_FILE:+"$PRIV_ID_FILE"} ; do
84 ErrMSG=$( { : < $f ; } 2>&1 ) || { 87 ErrMSG=$( { : < "$f" ; } 2>&1 ) || {
85 printf "\n%s: ERROR: failed to open ID file '%s': %s\n\n" "$0" "$f" "$(printf "%s\n" "$ErrMSG" | sed -e 's/.*: *//')" 88 local L_PRIVMSG=""
89 [ "$f" = "$PRIV_ID_FILE" ] && L_PRIVMSG=" (to install the contents of '$PUB_ID_FILE' anyway, look at the -f option)"
90 printf "\n%s: ERROR: failed to open ID file '%s': %s\n" "$0" "$f" "$(printf "%s\n%s\n" "$ErrMSG" "$L_PRIVMSG" | sed -e 's/.*: *//')"
86 exit 1 91 exit 1
87 } 92 }
88 done 93 done
94 printf '%s: INFO: Source of key(s) to be installed: "%s"\n' "$0" "$PUB_ID_FILE" >&2
89 GET_ID="cat \"$PUB_ID_FILE\"" 95 GET_ID="cat \"$PUB_ID_FILE\""
90} 96}
91 97
@@ -121,7 +127,7 @@ do
121 } 127 }
122 shift 128 shift
123 ;; 129 ;;
124 -n|-h|-\?) 130 -f|-n|-h|-\?)
125 OPT="$1" 131 OPT="$1"
126 OPTARG= 132 OPTARG=
127 shift 133 shift
@@ -154,6 +160,9 @@ do
154 -o|-p) 160 -o|-p)
155 SSH_OPTS="${SSH_OPTS:+$SSH_OPTS }$OPT '$(quote "$OPTARG")'" 161 SSH_OPTS="${SSH_OPTS:+$SSH_OPTS }$OPT '$(quote "$OPTARG")'"
156 ;; 162 ;;
163 -f)
164 FORCED=1
165 ;;
157 -n) 166 -n)
158 DRY_RUN=1 167 DRY_RUN=1
159 ;; 168 ;;
@@ -194,27 +203,35 @@ fi
194populate_new_ids() { 203populate_new_ids() {
195 local L_SUCCESS="$1" 204 local L_SUCCESS="$1"
196 205
206 if [ "$FORCED" ] ; then
207 NEW_IDS=$(eval $GET_ID)
208 return
209 fi
210
197 # repopulate "$@" inside this function 211 # repopulate "$@" inside this function
198 eval set -- "$SSH_OPTS" 212 eval set -- "$SSH_OPTS"
199 213
200 umask 0177 214 umask 0177
201 local L_TMP_ID_FILE=$(mktemp ~/.ssh/ssh-copy-id_id.XXXXXXXXXX) 215 local L_TMP_ID_FILE=$(mktemp ~/.ssh/ssh-copy-id_id.XXXXXXXXXX)
202 if test $? -ne 0 || test "x$L_TMP_ID_FILE" = "x" ; then 216 if test $? -ne 0 || test "x$L_TMP_ID_FILE" = "x" ; then
203 echo "mktemp failed" 1>&2 217 printf '%s: ERROR: mktemp failed\n' "$0" >&2
204 exit 1 218 exit 1
205 fi 219 fi
206 trap "rm -f $L_TMP_ID_FILE ${L_TMP_ID_FILE}.pub" EXIT TERM INT QUIT 220 local L_CLEANUP="rm -f \"$L_TMP_ID_FILE\" \"${L_TMP_ID_FILE}.stderr\""
221 trap "$L_CLEANUP" EXIT TERM INT QUIT
207 printf '%s: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n' "$0" >&2 222 printf '%s: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n' "$0" >&2
208 NEW_IDS=$( 223 NEW_IDS=$(
209 eval $GET_ID | { 224 eval $GET_ID | {
210 while read ID ; do 225 while read ID || [ "$ID" ] ; do
211 printf '%s\n' "$ID" > $L_TMP_ID_FILE 226 printf '%s\n' "$ID" > "$L_TMP_ID_FILE"
212 227
213 # the next line assumes $PRIV_ID_FILE only set if using a single id file - this 228 # the next line assumes $PRIV_ID_FILE only set if using a single id file - this
214 # assumption will break if we implement the possibility of multiple -i options. 229 # assumption will break if we implement the possibility of multiple -i options.
215 # The point being that if file based, ssh needs the private key, which it cannot 230 # The point being that if file based, ssh needs the private key, which it cannot
216 # find if only given the contents of the .pub file in an unrelated tmpfile 231 # find if only given the contents of the .pub file in an unrelated tmpfile
217 ssh -i "${PRIV_ID_FILE:-$L_TMP_ID_FILE}" \ 232 ssh -i "${PRIV_ID_FILE:-$L_TMP_ID_FILE}" \
233 -o ControlPath=none \
234 -o LogLevel=INFO \
218 -o PreferredAuthentications=publickey \ 235 -o PreferredAuthentications=publickey \
219 -o IdentitiesOnly=yes "$@" exit 2>$L_TMP_ID_FILE.stderr </dev/null 236 -o IdentitiesOnly=yes "$@" exit 2>$L_TMP_ID_FILE.stderr </dev/null
220 if [ "$?" = "$L_SUCCESS" ] ; then 237 if [ "$?" = "$L_SUCCESS" ] ; then
@@ -230,20 +247,21 @@ populate_new_ids() {
230 done 247 done
231 } 248 }
232 ) 249 )
233 rm -f $L_TMP_ID_FILE* && trap - EXIT TERM INT QUIT 250 eval "$L_CLEANUP" && trap - EXIT TERM INT QUIT
234 251
235 if expr "$NEW_IDS" : "^ERROR: " >/dev/null ; then 252 if expr "$NEW_IDS" : "^ERROR: " >/dev/null ; then
236 printf '\n%s: %s\n\n' "$0" "$NEW_IDS" >&2 253 printf '\n%s: %s\n\n' "$0" "$NEW_IDS" >&2
237 exit 1 254 exit 1
238 fi 255 fi
239 if [ -z "$NEW_IDS" ] ; then 256 if [ -z "$NEW_IDS" ] ; then
240 printf '\n%s: WARNING: All keys were skipped because they already exist on the remote system.\n\n' "$0" >&2 257 printf '\n%s: WARNING: All keys were skipped because they already exist on the remote system.\n' "$0" >&2
258 printf '\t\t(if you think this is a mistake, you may want to use -f option)\n\n' "$0" >&2
241 exit 0 259 exit 0
242 fi 260 fi
243 printf '%s: INFO: %d key(s) remain to be installed -- if you are prompted now it is to install the new keys\n' "$0" "$(printf '%s\n' "$NEW_IDS" | wc -l)" >&2 261 printf '%s: INFO: %d key(s) remain to be installed -- if you are prompted now it is to install the new keys\n' "$0" "$(printf '%s\n' "$NEW_IDS" | wc -l)" >&2
244} 262}
245 263
246REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' "$@" 2>&1 | 264REMOTE_VERSION=$(ssh -v -o PreferredAuthentications=',' -o ControlPath=none "$@" 2>&1 |
247 sed -ne 's/.*remote software version //p') 265 sed -ne 's/.*remote software version //p')
248 266
249case "$REMOTE_VERSION" in 267case "$REMOTE_VERSION" in
@@ -269,10 +287,9 @@ case "$REMOTE_VERSION" in
269 *) 287 *)
270 # Assuming that the remote host treats ~/.ssh/authorized_keys as one might expect 288 # Assuming that the remote host treats ~/.ssh/authorized_keys as one might expect
271 populate_new_ids 0 289 populate_new_ids 0
272 [ "$DRY_RUN" ] || printf '%s\n' "$NEW_IDS" | ssh "$@" " 290 # in ssh below - to defend against quirky remote shells: use 'exec sh -c' to get POSIX; 'cd' to be at $HOME; and all on one line, because tcsh.
273 umask 077 ; 291 [ "$DRY_RUN" ] || printf '%s\n' "$NEW_IDS" | \
274 mkdir -p .ssh && cat >> .ssh/authorized_keys || exit 1 ; 292 ssh "$@" "exec sh -c 'cd ; umask 077 ; mkdir -p .ssh && cat >> .ssh/authorized_keys || exit 1 ; if type restorecon >/dev/null 2>&1 ; then restorecon -F .ssh .ssh/authorized_keys ; fi'" \
275 if type restorecon >/dev/null 2>&1 ; then restorecon -F .ssh .ssh/authorized_keys ; fi" \
276 || exit 1 293 || exit 1
277 ADDED=$(printf '%s\n' "$NEW_IDS" | wc -l) 294 ADDED=$(printf '%s\n' "$NEW_IDS" | wc -l)
278 ;; 295 ;;
diff --git a/contrib/ssh-copy-id.1 b/contrib/ssh-copy-id.1
index 67a59e492..8850cceda 100644
--- a/contrib/ssh-copy-id.1
+++ b/contrib/ssh-copy-id.1
@@ -29,6 +29,7 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29.Nd use locally available keys to authorise logins on a remote machine 29.Nd use locally available keys to authorise logins on a remote machine
30.Sh SYNOPSIS 30.Sh SYNOPSIS
31.Nm 31.Nm
32.Op Fl f
32.Op Fl n 33.Op Fl n
33.Op Fl i Op Ar identity_file 34.Op Fl i Op Ar identity_file
34.Op Fl p Ar port 35.Op Fl p Ar port
@@ -76,6 +77,10 @@ is used.
76Note that this can be used to ensure that the keys copied have the 77Note that this can be used to ensure that the keys copied have the
77comment one prefers and/or extra options applied, by ensuring that the 78comment one prefers and/or extra options applied, by ensuring that the
78key file has these set as preferred before the copy is attempted. 79key file has these set as preferred before the copy is attempted.
80.It Fl f
81Forced mode: doesn't check if the keys are present on the remote server.
82This means that it does not need the private key. Of course, this can result
83in more than one copy of the key being installed on the remote system.
79.It Fl n 84.It Fl n
80do a dry-run. Instead of installing keys on the remote system simply 85do a dry-run. Instead of installing keys on the remote system simply
81prints the key(s) that would have been installed. 86prints the key(s) that would have been installed.
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index 3ee526805..53264c1fb 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
13 13
14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation 14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
15Name: openssh 15Name: openssh
16Version: 7.1p2 16Version: 7.2p1
17URL: http://www.openssh.com/ 17URL: http://www.openssh.com/
18Release: 1 18Release: 1
19Source0: openssh-%{version}.tar.gz 19Source0: openssh-%{version}.tar.gz
diff --git a/defines.h b/defines.h
index fa0ccba7c..a438ddd74 100644
--- a/defines.h
+++ b/defines.h
@@ -850,4 +850,11 @@ struct winsize {
850# endif /* gcc version */ 850# endif /* gcc version */
851#endif /* __predict_true */ 851#endif /* __predict_true */
852 852
853#if defined(HAVE_GLOB_H) && defined(GLOB_HAS_ALTDIRFUNC) && \
854 defined(GLOB_HAS_GL_MATCHC) && defined(GLOB_HAS_GL_STATV) && \
855 defined(HAVE_DECL_GLOB_NOMATCH) && HAVE_DECL_GLOB_NOMATCH != 0 && \
856 !defined(BROKEN_GLOB)
857# define USE_SYSTEM_GLOB
858#endif
859
853#endif /* _DEFINES_H */ 860#endif /* _DEFINES_H */
diff --git a/dh.h b/dh.h
index 654695315..e191cfd8a 100644
--- a/dh.h
+++ b/dh.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh.h,v 1.13 2015/05/27 23:39:18 dtucker Exp $ */ 1/* $OpenBSD: dh.h,v 1.14 2015/10/16 22:32:22 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Niels Provos. All rights reserved. 4 * Copyright (c) 2000 Niels Provos. All rights reserved.
@@ -44,8 +44,11 @@ int dh_pub_is_valid(DH *, BIGNUM *);
44 44
45u_int dh_estimate(int); 45u_int dh_estimate(int);
46 46
47/* Min and max values from RFC4419. */ 47/*
48#define DH_GRP_MIN 1024 48 * Max value from RFC4419.
49 * Miniumum increased in light of DH precomputation attacks.
50 */
51#define DH_GRP_MIN 2048
49#define DH_GRP_MAX 8192 52#define DH_GRP_MAX 8192
50 53
51/* 54/*
diff --git a/includes.h b/includes.h
index 2893a54cd..497a038b2 100644
--- a/includes.h
+++ b/includes.h
@@ -32,12 +32,6 @@
32#ifdef HAVE_BSTRING_H 32#ifdef HAVE_BSTRING_H
33# include <bstring.h> 33# include <bstring.h>
34#endif 34#endif
35#if defined(HAVE_GLOB_H) && defined(GLOB_HAS_ALTDIRFUNC) && \
36 defined(GLOB_HAS_GL_MATCHC) && defined(GLOB_HAS_GL_STATV) && \
37 defined(HAVE_DECL_GLOB_NOMATCH) && HAVE_DECL_GLOB_NOMATCH != 0 && \
38 !defined(BROKEN_GLOB)
39# include <glob.h>
40#endif
41#ifdef HAVE_ENDIAN_H 35#ifdef HAVE_ENDIAN_H
42# include <endian.h> 36# include <endian.h>
43#endif 37#endif
diff --git a/kex.c b/kex.c
index b777b7d50..d371f47c4 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.c,v 1.109 2015/07/30 00:01:34 djm Exp $ */ 1/* $OpenBSD: kex.c,v 1.117 2016/02/08 10:57:07 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -49,7 +49,6 @@
49#include "misc.h" 49#include "misc.h"
50#include "dispatch.h" 50#include "dispatch.h"
51#include "monitor.h" 51#include "monitor.h"
52#include "roaming.h"
53 52
54#include "ssherr.h" 53#include "ssherr.h"
55#include "sshbuf.h" 54#include "sshbuf.h"
@@ -67,6 +66,19 @@ extern const EVP_MD *evp_ssh_sha256(void);
67static int kex_choose_conf(struct ssh *); 66static int kex_choose_conf(struct ssh *);
68static int kex_input_newkeys(int, u_int32_t, void *); 67static int kex_input_newkeys(int, u_int32_t, void *);
69 68
69static const char *proposal_names[PROPOSAL_MAX] = {
70 "KEX algorithms",
71 "host key algorithms",
72 "ciphers ctos",
73 "ciphers stoc",
74 "MACs ctos",
75 "MACs stoc",
76 "compression ctos",
77 "compression stoc",
78 "languages ctos",
79 "languages stoc",
80};
81
70struct kexalg { 82struct kexalg {
71 char *name; 83 char *name;
72 u_int type; 84 u_int type;
@@ -267,7 +279,7 @@ kex_buf2prop(struct sshbuf *raw, int *first_kex_follows, char ***propp)
267 for (i = 0; i < PROPOSAL_MAX; i++) { 279 for (i = 0; i < PROPOSAL_MAX; i++) {
268 if ((r = sshbuf_get_cstring(b, &(proposal[i]), NULL)) != 0) 280 if ((r = sshbuf_get_cstring(b, &(proposal[i]), NULL)) != 0)
269 goto out; 281 goto out;
270 debug2("kex_parse_kexinit: %s", proposal[i]); 282 debug2("%s: %s", proposal_names[i], proposal[i]);
271 } 283 }
272 /* first kex follows / reserved */ 284 /* first kex follows / reserved */
273 if ((r = sshbuf_get_u8(b, &v)) != 0 || /* first_kex_follows */ 285 if ((r = sshbuf_get_u8(b, &v)) != 0 || /* first_kex_follows */
@@ -302,7 +314,14 @@ kex_prop_free(char **proposal)
302static int 314static int
303kex_protocol_error(int type, u_int32_t seq, void *ctxt) 315kex_protocol_error(int type, u_int32_t seq, void *ctxt)
304{ 316{
305 error("Hm, kex protocol error: type %d seq %u", type, seq); 317 struct ssh *ssh = active_state; /* XXX */
318 int r;
319
320 error("kex protocol error: type %d seq %u", type, seq);
321 if ((r = sshpkt_start(ssh, SSH2_MSG_UNIMPLEMENTED)) != 0 ||
322 (r = sshpkt_put_u32(ssh, seq)) != 0 ||
323 (r = sshpkt_send(ssh)) != 0)
324 return r;
306 return 0; 325 return 0;
307} 326}
308 327
@@ -314,6 +333,20 @@ kex_reset_dispatch(struct ssh *ssh)
314 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit); 333 ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, &kex_input_kexinit);
315} 334}
316 335
336static int
337kex_send_ext_info(struct ssh *ssh)
338{
339 int r;
340
341 if ((r = sshpkt_start(ssh, SSH2_MSG_EXT_INFO)) != 0 ||
342 (r = sshpkt_put_u32(ssh, 1)) != 0 ||
343 (r = sshpkt_put_cstring(ssh, "server-sig-algs")) != 0 ||
344 (r = sshpkt_put_cstring(ssh, "rsa-sha2-256,rsa-sha2-512")) != 0 ||
345 (r = sshpkt_send(ssh)) != 0)
346 return r;
347 return 0;
348}
349
317int 350int
318kex_send_newkeys(struct ssh *ssh) 351kex_send_newkeys(struct ssh *ssh)
319{ 352{
@@ -326,9 +359,51 @@ kex_send_newkeys(struct ssh *ssh)
326 debug("SSH2_MSG_NEWKEYS sent"); 359 debug("SSH2_MSG_NEWKEYS sent");
327 debug("expecting SSH2_MSG_NEWKEYS"); 360 debug("expecting SSH2_MSG_NEWKEYS");
328 ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_input_newkeys); 361 ssh_dispatch_set(ssh, SSH2_MSG_NEWKEYS, &kex_input_newkeys);
362 if (ssh->kex->ext_info_c)
363 if ((r = kex_send_ext_info(ssh)) != 0)
364 return r;
329 return 0; 365 return 0;
330} 366}
331 367
368int
369kex_input_ext_info(int type, u_int32_t seq, void *ctxt)
370{
371 struct ssh *ssh = ctxt;
372 struct kex *kex = ssh->kex;
373 u_int32_t i, ninfo;
374 char *name, *val, *found;
375 int r;
376
377 debug("SSH2_MSG_EXT_INFO received");
378 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &kex_protocol_error);
379 if ((r = sshpkt_get_u32(ssh, &ninfo)) != 0)
380 return r;
381 for (i = 0; i < ninfo; i++) {
382 if ((r = sshpkt_get_cstring(ssh, &name, NULL)) != 0)
383 return r;
384 if ((r = sshpkt_get_cstring(ssh, &val, NULL)) != 0) {
385 free(name);
386 return r;
387 }
388 debug("%s: %s=<%s>", __func__, name, val);
389 if (strcmp(name, "server-sig-algs") == 0) {
390 found = match_list("rsa-sha2-256", val, NULL);
391 if (found) {
392 kex->rsa_sha2 = 256;
393 free(found);
394 }
395 found = match_list("rsa-sha2-512", val, NULL);
396 if (found) {
397 kex->rsa_sha2 = 512;
398 free(found);
399 }
400 }
401 free(name);
402 free(val);
403 }
404 return sshpkt_get_end(ssh);
405}
406
332static int 407static int
333kex_input_newkeys(int type, u_int32_t seq, void *ctxt) 408kex_input_newkeys(int type, u_int32_t seq, void *ctxt)
334{ 409{
@@ -468,7 +543,7 @@ kex_free_newkeys(struct newkeys *newkeys)
468 newkeys->enc.key = NULL; 543 newkeys->enc.key = NULL;
469 } 544 }
470 if (newkeys->enc.iv) { 545 if (newkeys->enc.iv) {
471 explicit_bzero(newkeys->enc.iv, newkeys->enc.block_size); 546 explicit_bzero(newkeys->enc.iv, newkeys->enc.iv_len);
472 free(newkeys->enc.iv); 547 free(newkeys->enc.iv);
473 newkeys->enc.iv = NULL; 548 newkeys->enc.iv = NULL;
474 } 549 }
@@ -511,6 +586,8 @@ kex_free(struct kex *kex)
511 free(kex->client_version_string); 586 free(kex->client_version_string);
512 free(kex->server_version_string); 587 free(kex->server_version_string);
513 free(kex->failed_choice); 588 free(kex->failed_choice);
589 free(kex->hostkey_alg);
590 free(kex->name);
514 free(kex); 591 free(kex);
515} 592}
516 593
@@ -529,6 +606,25 @@ kex_setup(struct ssh *ssh, char *proposal[PROPOSAL_MAX])
529 return 0; 606 return 0;
530} 607}
531 608
609/*
610 * Request key re-exchange, returns 0 on success or a ssherr.h error
611 * code otherwise. Must not be called if KEX is incomplete or in-progress.
612 */
613int
614kex_start_rekex(struct ssh *ssh)
615{
616 if (ssh->kex == NULL) {
617 error("%s: no kex", __func__);
618 return SSH_ERR_INTERNAL_ERROR;
619 }
620 if (ssh->kex->done == 0) {
621 error("%s: requested twice", __func__);
622 return SSH_ERR_INTERNAL_ERROR;
623 }
624 ssh->kex->done = 0;
625 return kex_send_kexinit(ssh);
626}
627
532static int 628static int
533choose_enc(struct sshenc *enc, char *client, char *server) 629choose_enc(struct sshenc *enc, char *client, char *server)
534{ 630{
@@ -593,6 +689,7 @@ choose_kex(struct kex *k, char *client, char *server)
593 689
594 k->name = match_list(client, server, NULL); 690 k->name = match_list(client, server, NULL);
595 691
692 debug("kex: algorithm: %s", k->name ? k->name : "(no match)");
596 if (k->name == NULL) 693 if (k->name == NULL)
597 return SSH_ERR_NO_KEX_ALG_MATCH; 694 return SSH_ERR_NO_KEX_ALG_MATCH;
598 if ((kexalg = kex_alg_by_name(k->name)) == NULL) 695 if ((kexalg = kex_alg_by_name(k->name)) == NULL)
@@ -606,15 +703,16 @@ choose_kex(struct kex *k, char *client, char *server)
606static int 703static int
607choose_hostkeyalg(struct kex *k, char *client, char *server) 704choose_hostkeyalg(struct kex *k, char *client, char *server)
608{ 705{
609 char *hostkeyalg = match_list(client, server, NULL); 706 k->hostkey_alg = match_list(client, server, NULL);
610 707
611 if (hostkeyalg == NULL) 708 debug("kex: host key algorithm: %s",
709 k->hostkey_alg ? k->hostkey_alg : "(no match)");
710 if (k->hostkey_alg == NULL)
612 return SSH_ERR_NO_HOSTKEY_ALG_MATCH; 711 return SSH_ERR_NO_HOSTKEY_ALG_MATCH;
613 k->hostkey_type = sshkey_type_from_name(hostkeyalg); 712 k->hostkey_type = sshkey_type_from_name(k->hostkey_alg);
614 if (k->hostkey_type == KEY_UNSPEC) 713 if (k->hostkey_type == KEY_UNSPEC)
615 return SSH_ERR_INTERNAL_ERROR; 714 return SSH_ERR_INTERNAL_ERROR;
616 k->hostkey_nid = sshkey_ecdsa_nid_from_name(hostkeyalg); 715 k->hostkey_nid = sshkey_ecdsa_nid_from_name(k->hostkey_alg);
617 free(hostkeyalg);
618 return 0; 716 return 0;
619} 717}
620 718
@@ -653,8 +751,11 @@ kex_choose_conf(struct ssh *ssh)
653 u_int mode, ctos, need, dh_need, authlen; 751 u_int mode, ctos, need, dh_need, authlen;
654 int r, first_kex_follows; 752 int r, first_kex_follows;
655 753
656 if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0 || 754 debug2("local %s KEXINIT proposal", kex->server ? "server" : "client");
657 (r = kex_buf2prop(kex->peer, &first_kex_follows, &peer)) != 0) 755 if ((r = kex_buf2prop(kex->my, NULL, &my)) != 0)
756 goto out;
757 debug2("peer %s KEXINIT proposal", kex->server ? "client" : "server");
758 if ((r = kex_buf2prop(kex->peer, &first_kex_follows, &peer)) != 0)
658 goto out; 759 goto out;
659 760
660 if (kex->server) { 761 if (kex->server) {
@@ -665,18 +766,30 @@ kex_choose_conf(struct ssh *ssh)
665 sprop=peer; 766 sprop=peer;
666 } 767 }
667 768
668 /* Check whether server offers roaming */ 769 /* Check whether client supports ext_info_c */
669 if (!kex->server) { 770 if (kex->server) {
670 char *roaming = match_list(KEX_RESUME, 771 char *ext;
671 peer[PROPOSAL_KEX_ALGS], NULL);
672 772
673 if (roaming) { 773 ext = match_list("ext-info-c", peer[PROPOSAL_KEX_ALGS], NULL);
674 kex->roaming = 1; 774 if (ext) {
675 free(roaming); 775 kex->ext_info_c = 1;
776 free(ext);
676 } 777 }
677 } 778 }
678 779
679 /* Algorithm Negotiation */ 780 /* Algorithm Negotiation */
781 if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS],
782 sprop[PROPOSAL_KEX_ALGS])) != 0) {
783 kex->failed_choice = peer[PROPOSAL_KEX_ALGS];
784 peer[PROPOSAL_KEX_ALGS] = NULL;
785 goto out;
786 }
787 if ((r = choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
788 sprop[PROPOSAL_SERVER_HOST_KEY_ALGS])) != 0) {
789 kex->failed_choice = peer[PROPOSAL_SERVER_HOST_KEY_ALGS];
790 peer[PROPOSAL_SERVER_HOST_KEY_ALGS] = NULL;
791 goto out;
792 }
680 for (mode = 0; mode < MODE_MAX; mode++) { 793 for (mode = 0; mode < MODE_MAX; mode++) {
681 if ((newkeys = calloc(1, sizeof(*newkeys))) == NULL) { 794 if ((newkeys = calloc(1, sizeof(*newkeys))) == NULL) {
682 r = SSH_ERR_ALLOC_FAIL; 795 r = SSH_ERR_ALLOC_FAIL;
@@ -709,24 +822,12 @@ kex_choose_conf(struct ssh *ssh)
709 peer[ncomp] = NULL; 822 peer[ncomp] = NULL;
710 goto out; 823 goto out;
711 } 824 }
712 debug("kex: %s %s %s %s", 825 debug("kex: %s cipher: %s MAC: %s compression: %s",
713 ctos ? "client->server" : "server->client", 826 ctos ? "client->server" : "server->client",
714 newkeys->enc.name, 827 newkeys->enc.name,
715 authlen == 0 ? newkeys->mac.name : "<implicit>", 828 authlen == 0 ? newkeys->mac.name : "<implicit>",
716 newkeys->comp.name); 829 newkeys->comp.name);
717 } 830 }
718 if ((r = choose_kex(kex, cprop[PROPOSAL_KEX_ALGS],
719 sprop[PROPOSAL_KEX_ALGS])) != 0) {
720 kex->failed_choice = peer[PROPOSAL_KEX_ALGS];
721 peer[PROPOSAL_KEX_ALGS] = NULL;
722 goto out;
723 }
724 if ((r = choose_hostkeyalg(kex, cprop[PROPOSAL_SERVER_HOST_KEY_ALGS],
725 sprop[PROPOSAL_SERVER_HOST_KEY_ALGS])) != 0) {
726 kex->failed_choice = peer[PROPOSAL_SERVER_HOST_KEY_ALGS];
727 peer[PROPOSAL_SERVER_HOST_KEY_ALGS] = NULL;
728 goto out;
729 }
730 need = dh_need = 0; 831 need = dh_need = 0;
731 for (mode = 0; mode < MODE_MAX; mode++) { 832 for (mode = 0; mode < MODE_MAX; mode++) {
732 newkeys = kex->newkeys[mode]; 833 newkeys = kex->newkeys[mode];
@@ -812,8 +913,7 @@ derive_key(struct ssh *ssh, int id, u_int need, u_char *hash, u_int hashlen,
812 digest = NULL; 913 digest = NULL;
813 r = 0; 914 r = 0;
814 out: 915 out:
815 if (digest) 916 free(digest);
816 free(digest);
817 ssh_digest_free(hashctx); 917 ssh_digest_free(hashctx);
818 return r; 918 return r;
819} 919}
diff --git a/kex.h b/kex.h
index d71b53293..1c5896605 100644
--- a/kex.h
+++ b/kex.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: kex.h,v 1.73 2015/07/30 00:01:34 djm Exp $ */ 1/* $OpenBSD: kex.h,v 1.76 2016/02/08 10:57:07 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -54,7 +54,6 @@
54#define KEX_DH14 "diffie-hellman-group14-sha1" 54#define KEX_DH14 "diffie-hellman-group14-sha1"
55#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1" 55#define KEX_DHGEX_SHA1 "diffie-hellman-group-exchange-sha1"
56#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256" 56#define KEX_DHGEX_SHA256 "diffie-hellman-group-exchange-sha256"
57#define KEX_RESUME "resume@appgate.com"
58#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256" 57#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256"
59#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384" 58#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384"
60#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521" 59#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521"
@@ -129,10 +128,12 @@ struct kex {
129 u_int dh_need; 128 u_int dh_need;
130 int server; 129 int server;
131 char *name; 130 char *name;
131 char *hostkey_alg;
132 int hostkey_type; 132 int hostkey_type;
133 int hostkey_nid; 133 int hostkey_nid;
134 u_int kex_type; 134 u_int kex_type;
135 int roaming; 135 int rsa_sha2;
136 int ext_info_c;
136 struct sshbuf *my; 137 struct sshbuf *my;
137 struct sshbuf *peer; 138 struct sshbuf *peer;
138 sig_atomic_t done; 139 sig_atomic_t done;
@@ -146,8 +147,8 @@ struct kex {
146 struct sshkey *(*load_host_public_key)(int, int, struct ssh *); 147 struct sshkey *(*load_host_public_key)(int, int, struct ssh *);
147 struct sshkey *(*load_host_private_key)(int, int, struct ssh *); 148 struct sshkey *(*load_host_private_key)(int, int, struct ssh *);
148 int (*host_key_index)(struct sshkey *, int, struct ssh *); 149 int (*host_key_index)(struct sshkey *, int, struct ssh *);
149 int (*sign)(struct sshkey *, struct sshkey *, 150 int (*sign)(struct sshkey *, struct sshkey *, u_char **, size_t *,
150 u_char **, size_t *, const u_char *, size_t, u_int); 151 const u_char *, size_t, const char *, u_int);
151 int (*kex[KEX_MAX])(struct ssh *); 152 int (*kex[KEX_MAX])(struct ssh *);
152 /* kex specific state */ 153 /* kex specific state */
153 DH *dh; /* DH */ 154 DH *dh; /* DH */
@@ -174,9 +175,11 @@ void kex_prop_free(char **);
174 175
175int kex_send_kexinit(struct ssh *); 176int kex_send_kexinit(struct ssh *);
176int kex_input_kexinit(int, u_int32_t, void *); 177int kex_input_kexinit(int, u_int32_t, void *);
178int kex_input_ext_info(int, u_int32_t, void *);
177int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *); 179int kex_derive_keys(struct ssh *, u_char *, u_int, const struct sshbuf *);
178int kex_derive_keys_bn(struct ssh *, u_char *, u_int, const BIGNUM *); 180int kex_derive_keys_bn(struct ssh *, u_char *, u_int, const BIGNUM *);
179int kex_send_newkeys(struct ssh *); 181int kex_send_newkeys(struct ssh *);
182int kex_start_rekex(struct ssh *);
180 183
181int kexdh_client(struct ssh *); 184int kexdh_client(struct ssh *);
182int kexdh_server(struct ssh *); 185int kexdh_server(struct ssh *);
diff --git a/kexc25519s.c b/kexc25519s.c
index 240272533..4e77622b0 100644
--- a/kexc25519s.c
+++ b/kexc25519s.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexc25519s.c,v 1.9 2015/04/27 00:37:53 dtucker Exp $ */ 1/* $OpenBSD: kexc25519s.c,v 1.10 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -134,8 +134,8 @@ input_kex_c25519_init(int type, u_int32_t seq, void *ctxt)
134 } 134 }
135 135
136 /* sign H */ 136 /* sign H */
137 if ((r = kex->sign(server_host_private, server_host_public, 137 if ((r = kex->sign(server_host_private, server_host_public, &signature,
138 &signature, &slen, hash, hashlen, ssh->compat)) < 0) 138 &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
139 goto out; 139 goto out;
140 140
141 /* send server hostkey, ECDH pubkey 'Q_S' and signed H */ 141 /* send server hostkey, ECDH pubkey 'Q_S' and signed H */
diff --git a/kexdhs.c b/kexdhs.c
index de7c05b17..bf933e4c9 100644
--- a/kexdhs.c
+++ b/kexdhs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexdhs.c,v 1.22 2015/01/26 06:10:03 djm Exp $ */ 1/* $OpenBSD: kexdhs.c,v 1.23 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -181,8 +181,8 @@ input_kex_dh_init(int type, u_int32_t seq, void *ctxt)
181 } 181 }
182 182
183 /* sign H */ 183 /* sign H */
184 if ((r = kex->sign(server_host_private, server_host_public, 184 if ((r = kex->sign(server_host_private, server_host_public, &signature,
185 &signature, &slen, hash, hashlen, ssh->compat)) < 0) 185 &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
186 goto out; 186 goto out;
187 187
188 /* destroy_sensitive_data(); */ 188 /* destroy_sensitive_data(); */
diff --git a/kexecdhs.c b/kexecdhs.c
index 0adb80e6a..ccdbf70b1 100644
--- a/kexecdhs.c
+++ b/kexecdhs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexecdhs.c,v 1.14 2015/01/26 06:10:03 djm Exp $ */ 1/* $OpenBSD: kexecdhs.c,v 1.15 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -169,8 +169,8 @@ input_kex_ecdh_init(int type, u_int32_t seq, void *ctxt)
169 } 169 }
170 170
171 /* sign H */ 171 /* sign H */
172 if ((r = kex->sign(server_host_private, server_host_public, 172 if ((r = kex->sign(server_host_private, server_host_public, &signature,
173 &signature, &slen, hash, hashlen, ssh->compat)) < 0) 173 &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
174 goto out; 174 goto out;
175 175
176 /* destroy_sensitive_data(); */ 176 /* destroy_sensitive_data(); */
diff --git a/kexgexs.c b/kexgexs.c
index ff6c6879e..8c5adf7e4 100644
--- a/kexgexs.c
+++ b/kexgexs.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: kexgexs.c,v 1.25 2015/04/13 02:04:08 djm Exp $ */ 1/* $OpenBSD: kexgexs.c,v 1.26 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Niels Provos. All rights reserved. 3 * Copyright (c) 2000 Niels Provos. All rights reserved.
4 * Copyright (c) 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2001 Markus Friedl. All rights reserved.
@@ -220,8 +220,8 @@ input_kex_dh_gex_init(int type, u_int32_t seq, void *ctxt)
220 } 220 }
221 221
222 /* sign H */ 222 /* sign H */
223 if ((r = kex->sign(server_host_private, server_host_public, 223 if ((r = kex->sign(server_host_private, server_host_public, &signature,
224 &signature, &slen, hash, hashlen, ssh->compat)) < 0) 224 &slen, hash, hashlen, kex->hostkey_alg, ssh->compat)) < 0)
225 goto out; 225 goto out;
226 226
227 /* destroy_sensitive_data(); */ 227 /* destroy_sensitive_data(); */
diff --git a/key.c b/key.c
index 0ba98b6f3..28d7c6207 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.c,v 1.128 2015/07/03 03:43:18 djm Exp $ */ 1/* $OpenBSD: key.c,v 1.129 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * placed in the public domain 3 * placed in the public domain
4 */ 4 */
@@ -132,7 +132,7 @@ key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
132 132
133int 133int
134key_sign(const Key *key, u_char **sigp, u_int *lenp, 134key_sign(const Key *key, u_char **sigp, u_int *lenp,
135 const u_char *data, u_int datalen) 135 const u_char *data, u_int datalen, const char *alg)
136{ 136{
137 int r; 137 int r;
138 u_char *sig; 138 u_char *sig;
@@ -143,7 +143,7 @@ key_sign(const Key *key, u_char **sigp, u_int *lenp,
143 if (lenp != NULL) 143 if (lenp != NULL)
144 *lenp = 0; 144 *lenp = 0;
145 if ((r = sshkey_sign(key, &sig, &siglen, 145 if ((r = sshkey_sign(key, &sig, &siglen,
146 data, datalen, datafellows)) != 0) { 146 data, datalen, alg, datafellows)) != 0) {
147 fatal_on_fatal_errors(r, __func__, 0); 147 fatal_on_fatal_errors(r, __func__, 0);
148 error("%s: %s", __func__, ssh_err(r)); 148 error("%s: %s", __func__, ssh_err(r));
149 return -1; 149 return -1;
diff --git a/key.h b/key.h
index 903bdf673..34c992bd3 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.h,v 1.48 2015/07/03 03:43:18 djm Exp $ */ 1/* $OpenBSD: key.h,v 1.49 2015/12/04 16:41:28 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -84,7 +84,8 @@ int key_ec_validate_private(const EC_KEY *);
84Key *key_from_blob(const u_char *, u_int); 84Key *key_from_blob(const u_char *, u_int);
85int key_to_blob(const Key *, u_char **, u_int *); 85int key_to_blob(const Key *, u_char **, u_int *);
86 86
87int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int); 87int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int,
88 const char *);
88int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); 89int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
89 90
90void key_private_serialize(const Key *, struct sshbuf *); 91void key_private_serialize(const Key *, struct sshbuf *);
diff --git a/krl.c b/krl.c
index 4075df853..fff1a3f7c 100644
--- a/krl.c
+++ b/krl.c
@@ -14,7 +14,7 @@
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17/* $OpenBSD: krl.c,v 1.33 2015/07/03 03:43:18 djm Exp $ */ 17/* $OpenBSD: krl.c,v 1.37 2015/12/31 00:33:52 djm Exp $ */
18 18
19#include "includes.h" 19#include "includes.h"
20 20
@@ -723,7 +723,7 @@ ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf,
723 if ((r = sshbuf_put(buf, KRL_MAGIC, sizeof(KRL_MAGIC) - 1)) != 0 || 723 if ((r = sshbuf_put(buf, KRL_MAGIC, sizeof(KRL_MAGIC) - 1)) != 0 ||
724 (r = sshbuf_put_u32(buf, KRL_FORMAT_VERSION)) != 0 || 724 (r = sshbuf_put_u32(buf, KRL_FORMAT_VERSION)) != 0 ||
725 (r = sshbuf_put_u64(buf, krl->krl_version)) != 0 || 725 (r = sshbuf_put_u64(buf, krl->krl_version)) != 0 ||
726 (r = sshbuf_put_u64(buf, krl->generated_date) != 0) || 726 (r = sshbuf_put_u64(buf, krl->generated_date)) != 0 ||
727 (r = sshbuf_put_u64(buf, krl->flags)) != 0 || 727 (r = sshbuf_put_u64(buf, krl->flags)) != 0 ||
728 (r = sshbuf_put_string(buf, NULL, 0)) != 0 || 728 (r = sshbuf_put_string(buf, NULL, 0)) != 0 ||
729 (r = sshbuf_put_cstring(buf, krl->comment)) != 0) 729 (r = sshbuf_put_cstring(buf, krl->comment)) != 0)
@@ -772,7 +772,7 @@ ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf,
772 goto out; 772 goto out;
773 773
774 if ((r = sshkey_sign(sign_keys[i], &sblob, &slen, 774 if ((r = sshkey_sign(sign_keys[i], &sblob, &slen,
775 sshbuf_ptr(buf), sshbuf_len(buf), 0)) != 0) 775 sshbuf_ptr(buf), sshbuf_len(buf), NULL, 0)) != 0)
776 goto out; 776 goto out;
777 KRL_DBG(("%s: signature sig len %zu", __func__, slen)); 777 KRL_DBG(("%s: signature sig len %zu", __func__, slen));
778 if ((r = sshbuf_put_string(buf, sblob, slen)) != 0) 778 if ((r = sshbuf_put_string(buf, sblob, slen)) != 0)
@@ -826,10 +826,8 @@ parse_revoked_certs(struct sshbuf *buf, struct ssh_krl *krl)
826 goto out; 826 goto out;
827 827
828 while (sshbuf_len(buf) > 0) { 828 while (sshbuf_len(buf) > 0) {
829 if (subsect != NULL) { 829 sshbuf_free(subsect);
830 sshbuf_free(subsect); 830 subsect = NULL;
831 subsect = NULL;
832 }
833 if ((r = sshbuf_get_u8(buf, &type)) != 0 || 831 if ((r = sshbuf_get_u8(buf, &type)) != 0 ||
834 (r = sshbuf_froms(buf, &subsect)) != 0) 832 (r = sshbuf_froms(buf, &subsect)) != 0)
835 goto out; 833 goto out;
@@ -1017,7 +1015,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
1017 } 1015 }
1018 /* Check signature over entire KRL up to this point */ 1016 /* Check signature over entire KRL up to this point */
1019 if ((r = sshkey_verify(key, blob, blen, 1017 if ((r = sshkey_verify(key, blob, blen,
1020 sshbuf_ptr(buf), sshbuf_len(buf) - sig_off, 0)) != 0) 1018 sshbuf_ptr(buf), sig_off, 0)) != 0)
1021 goto out; 1019 goto out;
1022 /* Check if this key has already signed this KRL */ 1020 /* Check if this key has already signed this KRL */
1023 for (i = 0; i < nca_used; i++) { 1021 for (i = 0; i < nca_used; i++) {
@@ -1038,7 +1036,6 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
1038 ca_used = tmp_ca_used; 1036 ca_used = tmp_ca_used;
1039 ca_used[nca_used++] = key; 1037 ca_used[nca_used++] = key;
1040 key = NULL; 1038 key = NULL;
1041 break;
1042 } 1039 }
1043 1040
1044 if (sshbuf_len(copy) != 0) { 1041 if (sshbuf_len(copy) != 0) {
@@ -1059,10 +1056,8 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
1059 if ((r = sshbuf_consume(copy, sects_off)) != 0) 1056 if ((r = sshbuf_consume(copy, sects_off)) != 0)
1060 goto out; 1057 goto out;
1061 while (sshbuf_len(copy) > 0) { 1058 while (sshbuf_len(copy) > 0) {
1062 if (sect != NULL) { 1059 sshbuf_free(sect);
1063 sshbuf_free(sect); 1060 sect = NULL;
1064 sect = NULL;
1065 }
1066 if ((r = sshbuf_get_u8(copy, &type)) != 0 || 1061 if ((r = sshbuf_get_u8(copy, &type)) != 0 ||
1067 (r = sshbuf_froms(copy, &sect)) != 0) 1062 (r = sshbuf_froms(copy, &sect)) != 0)
1068 goto out; 1063 goto out;
@@ -1105,7 +1100,7 @@ ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
1105 r = SSH_ERR_INVALID_FORMAT; 1100 r = SSH_ERR_INVALID_FORMAT;
1106 goto out; 1101 goto out;
1107 } 1102 }
1108 if (sshbuf_len(sect) > 0) { 1103 if (sect != NULL && sshbuf_len(sect) > 0) {
1109 error("KRL section contains unparsed data"); 1104 error("KRL section contains unparsed data");
1110 r = SSH_ERR_INVALID_FORMAT; 1105 r = SSH_ERR_INVALID_FORMAT;
1111 goto out; 1106 goto out;
diff --git a/krl.h b/krl.h
index 4e12befc3..675496cc4 100644
--- a/krl.h
+++ b/krl.h
@@ -14,7 +14,7 @@
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */ 15 */
16 16
17/* $OpenBSD: krl.h,v 1.4 2015/01/13 19:06:49 djm Exp $ */ 17/* $OpenBSD: krl.h,v 1.5 2015/12/30 23:46:14 djm Exp $ */
18 18
19#ifndef _KRL_H 19#ifndef _KRL_H
20#define _KRL_H 20#define _KRL_H
@@ -43,7 +43,6 @@ struct ssh_krl;
43struct ssh_krl *ssh_krl_init(void); 43struct ssh_krl *ssh_krl_init(void);
44void ssh_krl_free(struct ssh_krl *krl); 44void ssh_krl_free(struct ssh_krl *krl);
45void ssh_krl_set_version(struct ssh_krl *krl, u_int64_t version); 45void ssh_krl_set_version(struct ssh_krl *krl, u_int64_t version);
46void ssh_krl_set_sign_key(struct ssh_krl *krl, const struct sshkey *sign_key);
47int ssh_krl_set_comment(struct ssh_krl *krl, const char *comment); 46int ssh_krl_set_comment(struct ssh_krl *krl, const char *comment);
48int ssh_krl_revoke_cert_by_serial(struct ssh_krl *krl, 47int ssh_krl_revoke_cert_by_serial(struct ssh_krl *krl,
49 const struct sshkey *ca_key, u_int64_t serial); 48 const struct sshkey *ca_key, u_int64_t serial);
diff --git a/loginrec.c b/loginrec.c
index 94ae81dc6..788553e92 100644
--- a/loginrec.c
+++ b/loginrec.c
@@ -150,6 +150,9 @@
150#include <sys/types.h> 150#include <sys/types.h>
151#include <sys/stat.h> 151#include <sys/stat.h>
152#include <sys/socket.h> 152#include <sys/socket.h>
153#ifdef HAVE_SYS_TIME_H
154# include <sys/time.h>
155#endif
153 156
154#include <netinet/in.h> 157#include <netinet/in.h>
155 158
diff --git a/misc.c b/misc.c
index ddd2b2db4..de7e1facd 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: misc.c,v 1.97 2015/04/24 01:36:00 deraadt Exp $ */ 1/* $OpenBSD: misc.c,v 1.101 2016/01/20 09:22:39 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved. 4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -29,6 +29,7 @@
29#include <sys/types.h> 29#include <sys/types.h>
30#include <sys/ioctl.h> 30#include <sys/ioctl.h>
31#include <sys/socket.h> 31#include <sys/socket.h>
32#include <sys/time.h>
32#include <sys/un.h> 33#include <sys/un.h>
33 34
34#include <limits.h> 35#include <limits.h>
@@ -604,6 +605,8 @@ percent_expand(const char *string, ...)
604 /* %% case */ 605 /* %% case */
605 if (*string == '%') 606 if (*string == '%')
606 goto append; 607 goto append;
608 if (*string == '\0')
609 fatal("%s: invalid format", __func__);
607 for (j = 0; j < num_keys; j++) { 610 for (j = 0; j < num_keys; j++) {
608 if (strchr(keys[j].key, *string) != NULL) { 611 if (strchr(keys[j].key, *string) != NULL) {
609 i = strlcat(buf, keys[j].repl, sizeof(buf)); 612 i = strlcat(buf, keys[j].repl, sizeof(buf));
@@ -653,62 +656,63 @@ tun_open(int tun, int mode)
653 struct ifreq ifr; 656 struct ifreq ifr;
654 char name[100]; 657 char name[100];
655 int fd = -1, sock; 658 int fd = -1, sock;
659 const char *tunbase = "tun";
660
661 if (mode == SSH_TUNMODE_ETHERNET)
662 tunbase = "tap";
656 663
657 /* Open the tunnel device */ 664 /* Open the tunnel device */
658 if (tun <= SSH_TUNID_MAX) { 665 if (tun <= SSH_TUNID_MAX) {
659 snprintf(name, sizeof(name), "/dev/tun%d", tun); 666 snprintf(name, sizeof(name), "/dev/%s%d", tunbase, tun);
660 fd = open(name, O_RDWR); 667 fd = open(name, O_RDWR);
661 } else if (tun == SSH_TUNID_ANY) { 668 } else if (tun == SSH_TUNID_ANY) {
662 for (tun = 100; tun >= 0; tun--) { 669 for (tun = 100; tun >= 0; tun--) {
663 snprintf(name, sizeof(name), "/dev/tun%d", tun); 670 snprintf(name, sizeof(name), "/dev/%s%d",
671 tunbase, tun);
664 if ((fd = open(name, O_RDWR)) >= 0) 672 if ((fd = open(name, O_RDWR)) >= 0)
665 break; 673 break;
666 } 674 }
667 } else { 675 } else {
668 debug("%s: invalid tunnel %u", __func__, tun); 676 debug("%s: invalid tunnel %u", __func__, tun);
669 return (-1); 677 return -1;
670 } 678 }
671 679
672 if (fd < 0) { 680 if (fd < 0) {
673 debug("%s: %s open failed: %s", __func__, name, strerror(errno)); 681 debug("%s: %s open: %s", __func__, name, strerror(errno));
674 return (-1); 682 return -1;
675 } 683 }
676 684
677 debug("%s: %s mode %d fd %d", __func__, name, mode, fd); 685 debug("%s: %s mode %d fd %d", __func__, name, mode, fd);
678 686
679 /* Set the tunnel device operation mode */ 687 /* Bring interface up if it is not already */
680 snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun); 688 snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "%s%d", tunbase, tun);
681 if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1) 689 if ((sock = socket(PF_UNIX, SOCK_STREAM, 0)) == -1)
682 goto failed; 690 goto failed;
683 691
684 if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1) 692 if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1) {
685 goto failed; 693 debug("%s: get interface %s flags: %s", __func__,
686 694 ifr.ifr_name, strerror(errno));
687 /* Set interface mode */
688 ifr.ifr_flags &= ~IFF_UP;
689 if (mode == SSH_TUNMODE_ETHERNET)
690 ifr.ifr_flags |= IFF_LINK0;
691 else
692 ifr.ifr_flags &= ~IFF_LINK0;
693 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
694 goto failed; 695 goto failed;
696 }
695 697
696 /* Bring interface up */ 698 if (!(ifr.ifr_flags & IFF_UP)) {
697 ifr.ifr_flags |= IFF_UP; 699 ifr.ifr_flags |= IFF_UP;
698 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1) 700 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1) {
699 goto failed; 701 debug("%s: activate interface %s: %s", __func__,
702 ifr.ifr_name, strerror(errno));
703 goto failed;
704 }
705 }
700 706
701 close(sock); 707 close(sock);
702 return (fd); 708 return fd;
703 709
704 failed: 710 failed:
705 if (fd >= 0) 711 if (fd >= 0)
706 close(fd); 712 close(fd);
707 if (sock >= 0) 713 if (sock >= 0)
708 close(sock); 714 close(sock);
709 debug("%s: failed to set %s mode %d: %s", __func__, name, 715 return -1;
710 mode, strerror(errno));
711 return (-1);
712#else 716#else
713 error("Tunnel interfaces are not supported on this platform"); 717 error("Tunnel interfaces are not supported on this platform");
714 return (-1); 718 return (-1);
@@ -1107,7 +1111,7 @@ unix_listener(const char *path, int backlog, int unlink_first)
1107void 1111void
1108sock_set_v6only(int s) 1112sock_set_v6only(int s)
1109{ 1113{
1110#ifdef IPV6_V6ONLY 1114#if defined(IPV6_V6ONLY) && !defined(__OpenBSD__)
1111 int on = 1; 1115 int on = 1;
1112 1116
1113 debug3("%s: set socket %d IPV6_V6ONLY", __func__, s); 1117 debug3("%s: set socket %d IPV6_V6ONLY", __func__, s);
diff --git a/moduli.0 b/moduli.0
index 087e5963e..a74279b21 100644
--- a/moduli.0
+++ b/moduli.0
@@ -71,4 +71,4 @@ STANDARDS
71 the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006, 71 the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006,
72 2006. 72 2006.
73 73
74OpenBSD 5.8 September 26, 2012 OpenBSD 5.8 74OpenBSD 5.9 September 26, 2012 OpenBSD 5.9
diff --git a/monitor.c b/monitor.c
index a91420983..ac7dd3099 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.150 2015/06/22 23:42:16 djm Exp $ */ 1/* $OpenBSD: monitor.c,v 1.157 2016/02/15 23:32:37 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -100,7 +100,6 @@
100#include "monitor_fdpass.h" 100#include "monitor_fdpass.h"
101#include "compat.h" 101#include "compat.h"
102#include "ssh2.h" 102#include "ssh2.h"
103#include "roaming.h"
104#include "authfd.h" 103#include "authfd.h"
105#include "match.h" 104#include "match.h"
106#include "ssherr.h" 105#include "ssherr.h"
@@ -487,15 +486,10 @@ monitor_sync(struct monitor *pmonitor)
487static void * 486static void *
488mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) 487mm_zalloc(struct mm_master *mm, u_int ncount, u_int size)
489{ 488{
490 size_t len = (size_t) size * ncount; 489 if (size == 0 || ncount == 0 || ncount > SIZE_MAX / size)
491 void *address;
492
493 if (len == 0 || ncount > SIZE_MAX / size)
494 fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size); 490 fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size);
495 491
496 address = mm_malloc(mm, len); 492 return mm_malloc(mm, size * ncount);
497
498 return (address);
499} 493}
500 494
501static void 495static void
@@ -690,17 +684,18 @@ mm_answer_sign(int sock, Buffer *m)
690 struct ssh *ssh = active_state; /* XXX */ 684 struct ssh *ssh = active_state; /* XXX */
691 extern int auth_sock; /* XXX move to state struct? */ 685 extern int auth_sock; /* XXX move to state struct? */
692 struct sshkey *key; 686 struct sshkey *key;
693 struct sshbuf *sigbuf; 687 struct sshbuf *sigbuf = NULL;
694 u_char *p; 688 u_char *p = NULL, *signature = NULL;
695 u_char *signature; 689 char *alg = NULL;
696 size_t datlen, siglen; 690 size_t datlen, siglen, alglen;
697 int r, keyid, is_proof = 0; 691 int r, keyid, is_proof = 0;
698 const char proof_req[] = "hostkeys-prove-00@openssh.com"; 692 const char proof_req[] = "hostkeys-prove-00@openssh.com";
699 693
700 debug3("%s", __func__); 694 debug3("%s", __func__);
701 695
702 if ((r = sshbuf_get_u32(m, &keyid)) != 0 || 696 if ((r = sshbuf_get_u32(m, &keyid)) != 0 ||
703 (r = sshbuf_get_string(m, &p, &datlen)) != 0) 697 (r = sshbuf_get_string(m, &p, &datlen)) != 0 ||
698 (r = sshbuf_get_cstring(m, &alg, &alglen)) != 0)
704 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 699 fatal("%s: buffer error: %s", __func__, ssh_err(r));
705 700
706 /* 701 /*
@@ -727,7 +722,7 @@ mm_answer_sign(int sock, Buffer *m)
727 fatal("%s: sshbuf_new", __func__); 722 fatal("%s: sshbuf_new", __func__);
728 if ((r = sshbuf_put_cstring(sigbuf, proof_req)) != 0 || 723 if ((r = sshbuf_put_cstring(sigbuf, proof_req)) != 0 ||
729 (r = sshbuf_put_string(sigbuf, session_id2, 724 (r = sshbuf_put_string(sigbuf, session_id2,
730 session_id2_len) != 0) || 725 session_id2_len)) != 0 ||
731 (r = sshkey_puts(key, sigbuf)) != 0) 726 (r = sshkey_puts(key, sigbuf)) != 0)
732 fatal("%s: couldn't prepare private key " 727 fatal("%s: couldn't prepare private key "
733 "proof buffer: %s", __func__, ssh_err(r)); 728 "proof buffer: %s", __func__, ssh_err(r));
@@ -747,14 +742,14 @@ mm_answer_sign(int sock, Buffer *m)
747 } 742 }
748 743
749 if ((key = get_hostkey_by_index(keyid)) != NULL) { 744 if ((key = get_hostkey_by_index(keyid)) != NULL) {
750 if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, 745 if ((r = sshkey_sign(key, &signature, &siglen, p, datlen, alg,
751 datafellows)) != 0) 746 datafellows)) != 0)
752 fatal("%s: sshkey_sign failed: %s", 747 fatal("%s: sshkey_sign failed: %s",
753 __func__, ssh_err(r)); 748 __func__, ssh_err(r));
754 } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL && 749 } else if ((key = get_hostkey_public_by_index(keyid, ssh)) != NULL &&
755 auth_sock > 0) { 750 auth_sock > 0) {
756 if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen, 751 if ((r = ssh_agent_sign(auth_sock, key, &signature, &siglen,
757 p, datlen, datafellows)) != 0) { 752 p, datlen, alg, datafellows)) != 0) {
758 fatal("%s: ssh_agent_sign failed: %s", 753 fatal("%s: ssh_agent_sign failed: %s",
759 __func__, ssh_err(r)); 754 __func__, ssh_err(r));
760 } 755 }
@@ -768,6 +763,7 @@ mm_answer_sign(int sock, Buffer *m)
768 if ((r = sshbuf_put_string(m, signature, siglen)) != 0) 763 if ((r = sshbuf_put_string(m, signature, siglen)) != 0)
769 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 764 fatal("%s: buffer error: %s", __func__, ssh_err(r));
770 765
766 free(alg);
771 free(p); 767 free(p);
772 free(signature); 768 free(signature);
773 769
@@ -971,7 +967,7 @@ mm_answer_bsdauthrespond(int sock, Buffer *m)
971 char *response; 967 char *response;
972 int authok; 968 int authok;
973 969
974 if (authctxt->as == 0) 970 if (authctxt->as == NULL)
975 fatal("%s: no bsd auth session", __func__); 971 fatal("%s: no bsd auth session", __func__);
976 972
977 response = buffer_get_string(m, NULL); 973 response = buffer_get_string(m, NULL);
@@ -1040,7 +1036,8 @@ mm_answer_skeyrespond(int sock, Buffer *m)
1040 debug3("%s: sending authenticated: %d", __func__, authok); 1036 debug3("%s: sending authenticated: %d", __func__, authok);
1041 mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m); 1037 mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m);
1042 1038
1043 auth_method = "skey"; 1039 auth_method = "keyboard-interactive";
1040 auth_submethod = "skey";
1044 1041
1045 return (authok != 0); 1042 return (authok != 0);
1046} 1043}
@@ -1449,7 +1446,7 @@ mm_answer_keyverify(int sock, Buffer *m)
1449 __func__, key, (verified == 1) ? "verified" : "unverified"); 1446 __func__, key, (verified == 1) ? "verified" : "unverified");
1450 1447
1451 /* If auth was successful then record key to ensure it isn't reused */ 1448 /* If auth was successful then record key to ensure it isn't reused */
1452 if (verified == 1) 1449 if (verified == 1 && key_blobtype == MM_USERKEY)
1453 auth2_record_userkey(authctxt, key); 1450 auth2_record_userkey(authctxt, key);
1454 else 1451 else
1455 key_free(key); 1452 key_free(key);
@@ -1852,7 +1849,7 @@ monitor_apply_keystate(struct monitor *pmonitor)
1852 sshbuf_free(child_state); 1849 sshbuf_free(child_state);
1853 child_state = NULL; 1850 child_state = NULL;
1854 1851
1855 if ((kex = ssh->kex) != 0) { 1852 if ((kex = ssh->kex) != NULL) {
1856 /* XXX set callbacks */ 1853 /* XXX set callbacks */
1857#ifdef WITH_OPENSSL 1854#ifdef WITH_OPENSSL
1858 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1855 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
diff --git a/monitor_wrap.c b/monitor_wrap.c
index eac421ba1..c5db6df48 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.c,v 1.85 2015/05/01 03:23:51 djm Exp $ */ 1/* $OpenBSD: monitor_wrap.c,v 1.87 2016/01/14 16:17:40 markus Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -80,7 +80,6 @@
80#include "channels.h" 80#include "channels.h"
81#include "session.h" 81#include "session.h"
82#include "servconf.h" 82#include "servconf.h"
83#include "roaming.h"
84 83
85#include "ssherr.h" 84#include "ssherr.h"
86 85
@@ -218,7 +217,7 @@ mm_choose_dh(int min, int nbits, int max)
218 217
219int 218int
220mm_key_sign(Key *key, u_char **sigp, u_int *lenp, 219mm_key_sign(Key *key, u_char **sigp, u_int *lenp,
221 const u_char *data, u_int datalen) 220 const u_char *data, u_int datalen, const char *hostkey_alg)
222{ 221{
223 struct kex *kex = *pmonitor->m_pkex; 222 struct kex *kex = *pmonitor->m_pkex;
224 Buffer m; 223 Buffer m;
@@ -228,6 +227,7 @@ mm_key_sign(Key *key, u_char **sigp, u_int *lenp,
228 buffer_init(&m); 227 buffer_init(&m);
229 buffer_put_int(&m, kex->host_key_index(key, 0, active_state)); 228 buffer_put_int(&m, kex->host_key_index(key, 0, active_state));
230 buffer_put_string(&m, data, datalen); 229 buffer_put_string(&m, data, datalen);
230 buffer_put_cstring(&m, hostkey_alg);
231 231
232 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m); 232 mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SIGN, &m);
233 233
diff --git a/monitor_wrap.h b/monitor_wrap.h
index de4a08f99..eb820aeea 100644
--- a/monitor_wrap.h
+++ b/monitor_wrap.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor_wrap.h,v 1.27 2015/05/01 03:23:51 djm Exp $ */ 1/* $OpenBSD: monitor_wrap.h,v 1.29 2015/12/04 16:41:28 markus Exp $ */
2 2
3/* 3/*
4 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 4 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -40,7 +40,7 @@ struct Authctxt;
40void mm_log_handler(LogLevel, const char *, void *); 40void mm_log_handler(LogLevel, const char *, void *);
41int mm_is_monitor(void); 41int mm_is_monitor(void);
42DH *mm_choose_dh(int, int, int); 42DH *mm_choose_dh(int, int, int);
43int mm_key_sign(Key *, u_char **, u_int *, const u_char *, u_int); 43int mm_key_sign(Key *, u_char **, u_int *, const u_char *, u_int, const char *);
44void mm_inform_authserv(char *, char *); 44void mm_inform_authserv(char *, char *);
45struct passwd *mm_getpwnamallow(const char *); 45struct passwd *mm_getpwnamallow(const char *);
46char *mm_auth2_read_banner(void); 46char *mm_auth2_read_banner(void);
diff --git a/mux.c b/mux.c
index e6136fd28..6bf53ebd9 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mux.c,v 1.54 2015/08/19 23:18:26 djm Exp $ */ 1/* $OpenBSD: mux.c,v 1.58 2016/01/13 23:04:47 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -1354,16 +1354,18 @@ mux_session_confirm(int id, int success, void *arg)
1354 char *proto, *data; 1354 char *proto, *data;
1355 1355
1356 /* Get reasonable local authentication information. */ 1356 /* Get reasonable local authentication information. */
1357 client_x11_get_proto(display, options.xauth_location, 1357 if (client_x11_get_proto(display, options.xauth_location,
1358 options.forward_x11_trusted, options.forward_x11_timeout, 1358 options.forward_x11_trusted, options.forward_x11_timeout,
1359 &proto, &data); 1359 &proto, &data) == 0) {
1360 /* Request forwarding with authentication spoofing. */ 1360 /* Request forwarding with authentication spoofing. */
1361 debug("Requesting X11 forwarding with authentication " 1361 debug("Requesting X11 forwarding with authentication "
1362 "spoofing."); 1362 "spoofing.");
1363 x11_request_forwarding_with_spoofing(id, display, proto, 1363 x11_request_forwarding_with_spoofing(id, display, proto,
1364 data, 1); 1364 data, 1);
1365 client_expect_confirm(id, "X11 forwarding", CONFIRM_WARN); 1365 /* XXX exit_on_forward_failure */
1366 /* XXX exit_on_forward_failure */ 1366 client_expect_confirm(id, "X11 forwarding",
1367 CONFIRM_WARN);
1368 }
1367 } 1369 }
1368 1370
1369 if (cctx->want_agent_fwd && options.forward_agent) { 1371 if (cctx->want_agent_fwd && options.forward_agent) {
@@ -1744,7 +1746,7 @@ mux_client_forward(int fd, int cancel_flag, u_int ftype, struct Forward *fwd)
1744 fwd->connect_host ? fwd->connect_host : "", 1746 fwd->connect_host ? fwd->connect_host : "",
1745 fwd->connect_port); 1747 fwd->connect_port);
1746 if (muxclient_command == SSHMUX_COMMAND_FORWARD) 1748 if (muxclient_command == SSHMUX_COMMAND_FORWARD)
1747 fprintf(stdout, "%u\n", fwd->allocated_port); 1749 fprintf(stdout, "%i\n", fwd->allocated_port);
1748 break; 1750 break;
1749 case MUX_S_PERMISSION_DENIED: 1751 case MUX_S_PERMISSION_DENIED:
1750 e = buffer_get_string(&m, NULL); 1752 e = buffer_get_string(&m, NULL);
@@ -1889,6 +1891,10 @@ mux_client_request_session(int fd)
1889 } 1891 }
1890 muxclient_request_id++; 1892 muxclient_request_id++;
1891 1893
1894 if (pledge("stdio proc tty", NULL) == -1)
1895 fatal("%s pledge(): %s", __func__, strerror(errno));
1896 platform_pledge_mux();
1897
1892 signal(SIGHUP, control_client_sighandler); 1898 signal(SIGHUP, control_client_sighandler);
1893 signal(SIGINT, control_client_sighandler); 1899 signal(SIGINT, control_client_sighandler);
1894 signal(SIGTERM, control_client_sighandler); 1900 signal(SIGTERM, control_client_sighandler);
@@ -1996,6 +2002,10 @@ mux_client_request_stdio_fwd(int fd)
1996 mm_send_fd(fd, STDOUT_FILENO) == -1) 2002 mm_send_fd(fd, STDOUT_FILENO) == -1)
1997 fatal("%s: send fds failed", __func__); 2003 fatal("%s: send fds failed", __func__);
1998 2004
2005 if (pledge("stdio proc tty", NULL) == -1)
2006 fatal("%s pledge(): %s", __func__, strerror(errno));
2007 platform_pledge_mux();
2008
1999 debug3("%s: stdio forward request sent", __func__); 2009 debug3("%s: stdio forward request sent", __func__);
2000 2010
2001 /* Read their reply */ 2011 /* Read their reply */
@@ -2169,7 +2179,7 @@ muxclient(const char *path)
2169 case SSHMUX_COMMAND_ALIVE_CHECK: 2179 case SSHMUX_COMMAND_ALIVE_CHECK:
2170 if ((pid = mux_client_request_alive(sock)) == 0) 2180 if ((pid = mux_client_request_alive(sock)) == 0)
2171 fatal("%s: master alive check failed", __func__); 2181 fatal("%s: master alive check failed", __func__);
2172 fprintf(stderr, "Master running (pid=%d)\r\n", pid); 2182 fprintf(stderr, "Master running (pid=%u)\r\n", pid);
2173 exit(0); 2183 exit(0);
2174 case SSHMUX_COMMAND_TERMINATE: 2184 case SSHMUX_COMMAND_TERMINATE:
2175 mux_client_request_terminate(sock); 2185 mux_client_request_terminate(sock);
diff --git a/myproposal.h b/myproposal.h
index 46e5b988d..bdd05966f 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: myproposal.h,v 1.47 2015/07/10 06:21:53 markus Exp $ */ 1/* $OpenBSD: myproposal.h,v 1.50 2016/02/09 05:30:04 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -101,7 +101,9 @@
101 "ssh-rsa-cert-v01@openssh.com," \ 101 "ssh-rsa-cert-v01@openssh.com," \
102 HOSTKEY_ECDSA_METHODS \ 102 HOSTKEY_ECDSA_METHODS \
103 "ssh-ed25519," \ 103 "ssh-ed25519," \
104 "ssh-rsa" \ 104 "rsa-sha2-512," \
105 "rsa-sha2-256," \
106 "ssh-rsa"
105 107
106/* the actual algorithms */ 108/* the actual algorithms */
107 109
@@ -111,9 +113,7 @@
111 AESGCM_CIPHER_MODES 113 AESGCM_CIPHER_MODES
112 114
113#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT "," \ 115#define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT "," \
114 "arcfour256,arcfour128," \ 116 "aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc"
115 "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
116 "aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se"
117 117
118#define KEX_SERVER_MAC \ 118#define KEX_SERVER_MAC \
119 "umac-64-etm@openssh.com," \ 119 "umac-64-etm@openssh.com," \
@@ -127,18 +127,9 @@
127 "hmac-sha2-512," \ 127 "hmac-sha2-512," \
128 "hmac-sha1" 128 "hmac-sha1"
129 129
130#define KEX_CLIENT_MAC KEX_SERVER_MAC "," \ 130#define KEX_CLIENT_MAC KEX_SERVER_MAC
131 "hmac-md5-etm@openssh.com," \
132 "hmac-ripemd160-etm@openssh.com," \
133 "hmac-sha1-96-etm@openssh.com," \
134 "hmac-md5-96-etm@openssh.com," \
135 "hmac-md5," \
136 "hmac-ripemd160," \
137 "hmac-ripemd160@openssh.com," \
138 "hmac-sha1-96," \
139 "hmac-md5-96"
140 131
141#else 132#else /* WITH_OPENSSL */
142 133
143#define KEX_SERVER_KEX \ 134#define KEX_SERVER_KEX \
144 "curve25519-sha256@libssh.org" 135 "curve25519-sha256@libssh.org"
diff --git a/opacket.c b/opacket.c
index b9160d59d..5970dd377 100644
--- a/opacket.c
+++ b/opacket.c
@@ -235,18 +235,6 @@ packet_set_connection(int fd_in, int fd_out)
235 fatal("%s: ssh_packet_set_connection failed", __func__); 235 fatal("%s: ssh_packet_set_connection failed", __func__);
236} 236}
237 237
238void
239packet_backup_state(void)
240{
241 ssh_packet_backup_state(active_state, backup_state);
242}
243
244void
245packet_restore_state(void)
246{
247 ssh_packet_restore_state(active_state, backup_state);
248}
249
250u_int 238u_int
251packet_get_char(void) 239packet_get_char(void)
252{ 240{
diff --git a/opacket.h b/opacket.h
index a0a60e550..c26ade44c 100644
--- a/opacket.h
+++ b/opacket.h
@@ -39,8 +39,6 @@ do { \
39void packet_close(void); 39void packet_close(void);
40u_int packet_get_char(void); 40u_int packet_get_char(void);
41u_int packet_get_int(void); 41u_int packet_get_int(void);
42void packet_backup_state(void);
43void packet_restore_state(void);
44void packet_set_connection(int, int); 42void packet_set_connection(int, int);
45int packet_read_seqnr(u_int32_t *); 43int packet_read_seqnr(u_int32_t *);
46int packet_read_poll_seqnr(u_int32_t *); 44int packet_read_poll_seqnr(u_int32_t *);
@@ -127,8 +125,6 @@ void packet_disconnect(const char *, ...)
127 sshpkt_add_padding(active_state, (pad)) 125 sshpkt_add_padding(active_state, (pad))
128#define packet_send_ignore(nbytes) \ 126#define packet_send_ignore(nbytes) \
129 ssh_packet_send_ignore(active_state, (nbytes)) 127 ssh_packet_send_ignore(active_state, (nbytes))
130#define packet_need_rekeying() \
131 ssh_packet_need_rekeying(active_state)
132#define packet_set_server() \ 128#define packet_set_server() \
133 ssh_packet_set_server(active_state) 129 ssh_packet_set_server(active_state)
134#define packet_set_authenticated() \ 130#define packet_set_authenticated() \
diff --git a/openbsd-compat/bsd-misc.c b/openbsd-compat/bsd-misc.c
index f7be415ec..2a788e47f 100644
--- a/openbsd-compat/bsd-misc.c
+++ b/openbsd-compat/bsd-misc.c
@@ -276,3 +276,11 @@ getpgid(pid_t pid)
276 return -1; 276 return -1;
277} 277}
278#endif 278#endif
279
280#ifndef HAVE_PLEDGE
281int
282pledge(const char *promises, const char *paths[])
283{
284 return 0;
285}
286#endif
diff --git a/openbsd-compat/bsd-misc.h b/openbsd-compat/bsd-misc.h
index ff347a24b..0d81d1735 100644
--- a/openbsd-compat/bsd-misc.h
+++ b/openbsd-compat/bsd-misc.h
@@ -122,4 +122,8 @@ pid_t getpgid(pid_t);
122# define krb5_free_error_message(a,b) do { } while(0) 122# define krb5_free_error_message(a,b) do { } while(0)
123#endif 123#endif
124 124
125#ifndef HAVE_PLEDGE
126int pledge(const char *promises, const char *paths[]);
127#endif
128
125#endif /* _BSD_MISC_H */ 129#endif /* _BSD_MISC_H */
diff --git a/openbsd-compat/bsd-poll.h b/openbsd-compat/bsd-poll.h
index dcbb9ca40..17945f5b4 100644
--- a/openbsd-compat/bsd-poll.h
+++ b/openbsd-compat/bsd-poll.h
@@ -42,11 +42,11 @@ typedef unsigned int nfds_t;
42#define POLLIN 0x0001 42#define POLLIN 0x0001
43#define POLLOUT 0x0004 43#define POLLOUT 0x0004
44#define POLLERR 0x0008 44#define POLLERR 0x0008
45#define POLLHUP 0x0010
46#define POLLNVAL 0x0020
45#if 0 47#if 0
46/* the following are currently not implemented */ 48/* the following are currently not implemented */
47#define POLLPRI 0x0002 49#define POLLPRI 0x0002
48#define POLLHUP 0x0010
49#define POLLNVAL 0x0020
50#define POLLRDNORM 0x0040 50#define POLLRDNORM 0x0040
51#define POLLNORM POLLRDNORM 51#define POLLNORM POLLRDNORM
52#define POLLWRNORM POLLOUT 52#define POLLWRNORM POLLOUT
diff --git a/openbsd-compat/glob.c b/openbsd-compat/glob.c
index 742b4b954..7c97e67f5 100644
--- a/openbsd-compat/glob.c
+++ b/openbsd-compat/glob.c
@@ -59,6 +59,7 @@
59 */ 59 */
60 60
61#include "includes.h" 61#include "includes.h"
62#include "glob.h"
62 63
63#include <sys/types.h> 64#include <sys/types.h>
64#include <sys/stat.h> 65#include <sys/stat.h>
diff --git a/openbsd-compat/glob.h b/openbsd-compat/glob.h
index f8a7fa5ff..f069a05dc 100644
--- a/openbsd-compat/glob.h
+++ b/openbsd-compat/glob.h
@@ -42,11 +42,15 @@
42 !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 || \ 42 !defined(HAVE_DECL_GLOB_NOMATCH) || HAVE_DECL_GLOB_NOMATCH == 0 || \
43 defined(BROKEN_GLOB) 43 defined(BROKEN_GLOB)
44 44
45#ifndef _GLOB_H_ 45#ifndef _COMPAT_GLOB_H_
46#define _GLOB_H_ 46#define _COMPAT_GLOB_H_
47 47
48#include <sys/stat.h> 48#include <sys/stat.h>
49 49
50# define glob_t _ssh_compat_glob_t
51# define glob(a, b, c, d) _ssh__compat_glob(a, b, c, d)
52# define globfree(a) _ssh__compat_globfree(a)
53
50struct stat; 54struct stat;
51typedef struct { 55typedef struct {
52 int gl_pathc; /* Count of total paths so far. */ 56 int gl_pathc; /* Count of total paths so far. */
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index 1ff7114ef..8cc8a11b7 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -39,7 +39,6 @@
39/* OpenBSD function replacements */ 39/* OpenBSD function replacements */
40#include "base64.h" 40#include "base64.h"
41#include "sigact.h" 41#include "sigact.h"
42#include "glob.h"
43#include "readpassphrase.h" 42#include "readpassphrase.h"
44#include "vis.h" 43#include "vis.h"
45#include "getrrsetbyname.h" 44#include "getrrsetbyname.h"
diff --git a/openbsd-compat/port-solaris.c b/openbsd-compat/port-solaris.c
index 25382f1c9..e36e412d7 100644
--- a/openbsd-compat/port-solaris.c
+++ b/openbsd-compat/port-solaris.c
@@ -227,3 +227,139 @@ solaris_set_default_project(struct passwd *pw)
227 } 227 }
228} 228}
229#endif /* USE_SOLARIS_PROJECTS */ 229#endif /* USE_SOLARIS_PROJECTS */
230
231#ifdef USE_SOLARIS_PRIVS
232# ifdef HAVE_PRIV_H
233# include <priv.h>
234# endif
235
236priv_set_t *
237solaris_basic_privset(void)
238{
239 priv_set_t *pset;
240
241#ifdef HAVE_PRIV_BASICSET
242 if ((pset = priv_allocset()) == NULL) {
243 error("priv_allocset: %s", strerror(errno));
244 return NULL;
245 }
246 priv_basicset(pset);
247#else
248 if ((pset = priv_str_to_set("basic", ",", NULL)) == NULL) {
249 error("priv_str_to_set: %s", strerror(errno));
250 return NULL;
251 }
252#endif
253 return pset;
254}
255
256void
257solaris_drop_privs_pinfo_net_fork_exec(void)
258{
259 priv_set_t *pset = NULL, *npset = NULL;
260
261 /*
262 * Note: this variant avoids dropping DAC filesystem rights, in case
263 * the process calling it is running as root and should have the
264 * ability to read/write/chown any file on the system.
265 *
266 * We start with the basic set, then *add* the DAC rights to it while
267 * taking away other parts of BASIC we don't need. Then we intersect
268 * this with our existing PERMITTED set. In this way we keep any
269 * DAC rights we had before, while otherwise reducing ourselves to
270 * the minimum set of privileges we need to proceed.
271 *
272 * This also means we drop any other parts of "root" that we don't
273 * need (e.g. the ability to kill any process, create new device nodes
274 * etc etc).
275 */
276
277 if ((pset = priv_allocset()) == NULL)
278 fatal("priv_allocset: %s", strerror(errno));
279 if ((npset = solaris_basic_privset()) == NULL)
280 fatal("solaris_basic_privset: %s", strerror(errno));
281
282 if (priv_addset(npset, PRIV_FILE_CHOWN) != 0 ||
283 priv_addset(npset, PRIV_FILE_DAC_READ) != 0 ||
284 priv_addset(npset, PRIV_FILE_DAC_SEARCH) != 0 ||
285 priv_addset(npset, PRIV_FILE_DAC_WRITE) != 0 ||
286 priv_addset(npset, PRIV_FILE_OWNER) != 0)
287 fatal("priv_addset: %s", strerror(errno));
288
289 if (priv_delset(npset, PRIV_FILE_LINK_ANY) != 0 ||
290#ifdef PRIV_NET_ACCESS
291 priv_delset(npset, PRIV_NET_ACCESS) != 0 ||
292#endif
293 priv_delset(npset, PRIV_PROC_EXEC) != 0 ||
294 priv_delset(npset, PRIV_PROC_FORK) != 0 ||
295 priv_delset(npset, PRIV_PROC_INFO) != 0 ||
296 priv_delset(npset, PRIV_PROC_SESSION) != 0)
297 fatal("priv_delset: %s", strerror(errno));
298
299 if (getppriv(PRIV_PERMITTED, pset) != 0)
300 fatal("getppriv: %s", strerror(errno));
301
302 priv_intersect(pset, npset);
303
304 if (setppriv(PRIV_SET, PRIV_PERMITTED, npset) != 0 ||
305 setppriv(PRIV_SET, PRIV_LIMIT, npset) != 0 ||
306 setppriv(PRIV_SET, PRIV_INHERITABLE, npset) != 0)
307 fatal("setppriv: %s", strerror(errno));
308
309 priv_freeset(pset);
310 priv_freeset(npset);
311}
312
313void
314solaris_drop_privs_root_pinfo_net(void)
315{
316 priv_set_t *pset = NULL;
317
318 /* Start with "basic" and drop everything we don't need. */
319 if ((pset = solaris_basic_privset()) == NULL)
320 fatal("solaris_basic_privset: %s", strerror(errno));
321
322 if (priv_delset(pset, PRIV_FILE_LINK_ANY) != 0 ||
323#ifdef PRIV_NET_ACCESS
324 priv_delset(pset, PRIV_NET_ACCESS) != 0 ||
325#endif
326 priv_delset(pset, PRIV_PROC_INFO) != 0 ||
327 priv_delset(pset, PRIV_PROC_SESSION) != 0)
328 fatal("priv_delset: %s", strerror(errno));
329
330 if (setppriv(PRIV_SET, PRIV_PERMITTED, pset) != 0 ||
331 setppriv(PRIV_SET, PRIV_LIMIT, pset) != 0 ||
332 setppriv(PRIV_SET, PRIV_INHERITABLE, pset) != 0)
333 fatal("setppriv: %s", strerror(errno));
334
335 priv_freeset(pset);
336}
337
338void
339solaris_drop_privs_root_pinfo_net_exec(void)
340{
341 priv_set_t *pset = NULL;
342
343
344 /* Start with "basic" and drop everything we don't need. */
345 if ((pset = solaris_basic_privset()) == NULL)
346 fatal("solaris_basic_privset: %s", strerror(errno));
347
348 if (priv_delset(pset, PRIV_FILE_LINK_ANY) != 0 ||
349#ifdef PRIV_NET_ACCESS
350 priv_delset(pset, PRIV_NET_ACCESS) != 0 ||
351#endif
352 priv_delset(pset, PRIV_PROC_EXEC) != 0 ||
353 priv_delset(pset, PRIV_PROC_INFO) != 0 ||
354 priv_delset(pset, PRIV_PROC_SESSION) != 0)
355 fatal("priv_delset: %s", strerror(errno));
356
357 if (setppriv(PRIV_SET, PRIV_PERMITTED, pset) != 0 ||
358 setppriv(PRIV_SET, PRIV_LIMIT, pset) != 0 ||
359 setppriv(PRIV_SET, PRIV_INHERITABLE, pset) != 0)
360 fatal("setppriv: %s", strerror(errno));
361
362 priv_freeset(pset);
363}
364
365#endif
diff --git a/openbsd-compat/port-solaris.h b/openbsd-compat/port-solaris.h
index cd442e78b..3a41ea8cd 100644
--- a/openbsd-compat/port-solaris.h
+++ b/openbsd-compat/port-solaris.h
@@ -26,5 +26,11 @@ void solaris_contract_pre_fork(void);
26void solaris_contract_post_fork_child(void); 26void solaris_contract_post_fork_child(void);
27void solaris_contract_post_fork_parent(pid_t pid); 27void solaris_contract_post_fork_parent(pid_t pid);
28void solaris_set_default_project(struct passwd *); 28void solaris_set_default_project(struct passwd *);
29# ifdef USE_SOLARIS_PRIVS
30priv_set_t *solaris_basic_privset(void);
31void solaris_drop_privs_pinfo_net_fork_exec(void);
32void solaris_drop_privs_root_pinfo_net(void);
33void solaris_drop_privs_root_pinfo_net_exec(void);
34# endif /* USE_SOLARIS_PRIVS */
29 35
30#endif 36#endif
diff --git a/openbsd-compat/realpath.c b/openbsd-compat/realpath.c
index ba4cea938..a2f090e55 100644
--- a/openbsd-compat/realpath.c
+++ b/openbsd-compat/realpath.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: realpath.c,v 1.13 2005/08/08 08:05:37 espie Exp $ */ 1/* $OpenBSD: realpath.c,v 1.20 2015/10/13 20:55:37 millert Exp $ */
2/* 2/*
3 * Copyright (c) 2003 Constantin S. Svintsoff <kostik@iclub.nsu.ru> 3 * Copyright (c) 2003 Constantin S. Svintsoff <kostik@iclub.nsu.ru>
4 * 4 *
@@ -42,6 +42,13 @@
42#include <stddef.h> 42#include <stddef.h>
43#include <string.h> 43#include <string.h>
44#include <unistd.h> 44#include <unistd.h>
45#include <limits.h>
46
47#ifndef SYMLOOP_MAX
48# define SYMLOOP_MAX 32
49#endif
50
51/* A slightly modified copy of this file exists in libexec/ld.so */
45 52
46/* 53/*
47 * char *realpath(const char *path, char resolved[PATH_MAX]); 54 * char *realpath(const char *path, char resolved[PATH_MAX]);
@@ -51,16 +58,30 @@
51 * in which case the path which caused trouble is left in (resolved). 58 * in which case the path which caused trouble is left in (resolved).
52 */ 59 */
53char * 60char *
54realpath(const char *path, char resolved[PATH_MAX]) 61realpath(const char *path, char *resolved)
55{ 62{
56 struct stat sb; 63 struct stat sb;
57 char *p, *q, *s; 64 char *p, *q, *s;
58 size_t left_len, resolved_len; 65 size_t left_len, resolved_len;
59 unsigned symlinks; 66 unsigned symlinks;
60 int serrno, slen; 67 int serrno, slen, mem_allocated;
61 char left[PATH_MAX], next_token[PATH_MAX], symlink[PATH_MAX]; 68 char left[PATH_MAX], next_token[PATH_MAX], symlink[PATH_MAX];
62 69
70 if (path[0] == '\0') {
71 errno = ENOENT;
72 return (NULL);
73 }
74
63 serrno = errno; 75 serrno = errno;
76
77 if (resolved == NULL) {
78 resolved = malloc(PATH_MAX);
79 if (resolved == NULL)
80 return (NULL);
81 mem_allocated = 1;
82 } else
83 mem_allocated = 0;
84
64 symlinks = 0; 85 symlinks = 0;
65 if (path[0] == '/') { 86 if (path[0] == '/') {
66 resolved[0] = '/'; 87 resolved[0] = '/';
@@ -71,7 +92,10 @@ realpath(const char *path, char resolved[PATH_MAX])
71 left_len = strlcpy(left, path + 1, sizeof(left)); 92 left_len = strlcpy(left, path + 1, sizeof(left));
72 } else { 93 } else {
73 if (getcwd(resolved, PATH_MAX) == NULL) { 94 if (getcwd(resolved, PATH_MAX) == NULL) {
74 strlcpy(resolved, ".", PATH_MAX); 95 if (mem_allocated)
96 free(resolved);
97 else
98 strlcpy(resolved, ".", PATH_MAX);
75 return (NULL); 99 return (NULL);
76 } 100 }
77 resolved_len = strlen(resolved); 101 resolved_len = strlen(resolved);
@@ -79,7 +103,7 @@ realpath(const char *path, char resolved[PATH_MAX])
79 } 103 }
80 if (left_len >= sizeof(left) || resolved_len >= PATH_MAX) { 104 if (left_len >= sizeof(left) || resolved_len >= PATH_MAX) {
81 errno = ENAMETOOLONG; 105 errno = ENAMETOOLONG;
82 return (NULL); 106 goto err;
83 } 107 }
84 108
85 /* 109 /*
@@ -94,7 +118,7 @@ realpath(const char *path, char resolved[PATH_MAX])
94 s = p ? p : left + left_len; 118 s = p ? p : left + left_len;
95 if (s - left >= (ptrdiff_t)sizeof(next_token)) { 119 if (s - left >= (ptrdiff_t)sizeof(next_token)) {
96 errno = ENAMETOOLONG; 120 errno = ENAMETOOLONG;
97 return (NULL); 121 goto err;
98 } 122 }
99 memcpy(next_token, left, s - left); 123 memcpy(next_token, left, s - left);
100 next_token[s - left] = '\0'; 124 next_token[s - left] = '\0';
@@ -104,7 +128,7 @@ realpath(const char *path, char resolved[PATH_MAX])
104 if (resolved[resolved_len - 1] != '/') { 128 if (resolved[resolved_len - 1] != '/') {
105 if (resolved_len + 1 >= PATH_MAX) { 129 if (resolved_len + 1 >= PATH_MAX) {
106 errno = ENAMETOOLONG; 130 errno = ENAMETOOLONG;
107 return (NULL); 131 goto err;
108 } 132 }
109 resolved[resolved_len++] = '/'; 133 resolved[resolved_len++] = '/';
110 resolved[resolved_len] = '\0'; 134 resolved[resolved_len] = '\0';
@@ -135,23 +159,23 @@ realpath(const char *path, char resolved[PATH_MAX])
135 resolved_len = strlcat(resolved, next_token, PATH_MAX); 159 resolved_len = strlcat(resolved, next_token, PATH_MAX);
136 if (resolved_len >= PATH_MAX) { 160 if (resolved_len >= PATH_MAX) {
137 errno = ENAMETOOLONG; 161 errno = ENAMETOOLONG;
138 return (NULL); 162 goto err;
139 } 163 }
140 if (lstat(resolved, &sb) != 0) { 164 if (lstat(resolved, &sb) != 0) {
141 if (errno == ENOENT && p == NULL) { 165 if (errno == ENOENT && p == NULL) {
142 errno = serrno; 166 errno = serrno;
143 return (resolved); 167 return (resolved);
144 } 168 }
145 return (NULL); 169 goto err;
146 } 170 }
147 if (S_ISLNK(sb.st_mode)) { 171 if (S_ISLNK(sb.st_mode)) {
148 if (symlinks++ > MAXSYMLINKS) { 172 if (symlinks++ > SYMLOOP_MAX) {
149 errno = ELOOP; 173 errno = ELOOP;
150 return (NULL); 174 goto err;
151 } 175 }
152 slen = readlink(resolved, symlink, sizeof(symlink) - 1); 176 slen = readlink(resolved, symlink, sizeof(symlink) - 1);
153 if (slen < 0) 177 if (slen < 0)
154 return (NULL); 178 goto err;
155 symlink[slen] = '\0'; 179 symlink[slen] = '\0';
156 if (symlink[0] == '/') { 180 if (symlink[0] == '/') {
157 resolved[1] = 0; 181 resolved[1] = 0;
@@ -174,15 +198,15 @@ realpath(const char *path, char resolved[PATH_MAX])
174 if (slen + 1 >= 198 if (slen + 1 >=
175 (ptrdiff_t)sizeof(symlink)) { 199 (ptrdiff_t)sizeof(symlink)) {
176 errno = ENAMETOOLONG; 200 errno = ENAMETOOLONG;
177 return (NULL); 201 goto err;
178 } 202 }
179 symlink[slen] = '/'; 203 symlink[slen] = '/';
180 symlink[slen + 1] = 0; 204 symlink[slen + 1] = 0;
181 } 205 }
182 left_len = strlcat(symlink, left, sizeof(left)); 206 left_len = strlcat(symlink, left, sizeof(symlink));
183 if (left_len >= sizeof(left)) { 207 if (left_len >= sizeof(symlink)) {
184 errno = ENAMETOOLONG; 208 errno = ENAMETOOLONG;
185 return (NULL); 209 goto err;
186 } 210 }
187 } 211 }
188 left_len = strlcpy(left, symlink, sizeof(left)); 212 left_len = strlcpy(left, symlink, sizeof(left));
@@ -196,5 +220,10 @@ realpath(const char *path, char resolved[PATH_MAX])
196 if (resolved_len > 1 && resolved[resolved_len - 1] == '/') 220 if (resolved_len > 1 && resolved[resolved_len - 1] == '/')
197 resolved[resolved_len - 1] = '\0'; 221 resolved[resolved_len - 1] = '\0';
198 return (resolved); 222 return (resolved);
223
224err:
225 if (mem_allocated)
226 free(resolved);
227 return (NULL);
199} 228}
200#endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */ 229#endif /* !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) */
diff --git a/packet.c b/packet.c
index 7b5c419eb..f406c0755 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.c,v 1.214 2015/08/20 22:32:42 deraadt Exp $ */ 1/* $OpenBSD: packet.c,v 1.229 2016/02/17 22:20:14 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -83,7 +83,6 @@
83#include "channels.h" 83#include "channels.h"
84#include "ssh.h" 84#include "ssh.h"
85#include "packet.h" 85#include "packet.h"
86#include "roaming.h"
87#include "ssherr.h" 86#include "ssherr.h"
88#include "sshbuf.h" 87#include "sshbuf.h"
89 88
@@ -181,8 +180,7 @@ struct session_state {
181 struct packet_state p_read, p_send; 180 struct packet_state p_read, p_send;
182 181
183 /* Volume-based rekeying */ 182 /* Volume-based rekeying */
184 u_int64_t max_blocks_in, max_blocks_out; 183 u_int64_t max_blocks_in, max_blocks_out, rekey_limit;
185 u_int32_t rekey_limit;
186 184
187 /* Time-based rekeying */ 185 /* Time-based rekeying */
188 u_int32_t rekey_interval; /* how often in seconds */ 186 u_int32_t rekey_interval; /* how often in seconds */
@@ -261,6 +259,14 @@ ssh_alloc_session_state(void)
261 return NULL; 259 return NULL;
262} 260}
263 261
262/* Returns nonzero if rekeying is in progress */
263int
264ssh_packet_is_rekeying(struct ssh *ssh)
265{
266 return compat20 &&
267 (ssh->state->rekeying || (ssh->kex != NULL && ssh->kex->done == 0));
268}
269
264/* 270/*
265 * Sets the descriptors used for communication. Disables encryption until 271 * Sets the descriptors used for communication. Disables encryption until
266 * packet_set_encryption_key is called. 272 * packet_set_encryption_key is called.
@@ -338,7 +344,8 @@ ssh_packet_stop_discard(struct ssh *ssh)
338 sshbuf_ptr(state->incoming_packet), PACKET_MAX_SIZE, 344 sshbuf_ptr(state->incoming_packet), PACKET_MAX_SIZE,
339 NULL, 0); 345 NULL, 0);
340 } 346 }
341 logit("Finished discarding for %.200s", ssh_remote_ipaddr(ssh)); 347 logit("Finished discarding for %.200s port %d",
348 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
342 return SSH_ERR_MAC_INVALID; 349 return SSH_ERR_MAC_INVALID;
343} 350}
344 351
@@ -455,16 +462,30 @@ ssh_packet_get_connection_out(struct ssh *ssh)
455const char * 462const char *
456ssh_remote_ipaddr(struct ssh *ssh) 463ssh_remote_ipaddr(struct ssh *ssh)
457{ 464{
465 const int sock = ssh->state->connection_in;
466
458 /* Check whether we have cached the ipaddr. */ 467 /* Check whether we have cached the ipaddr. */
459 if (ssh->remote_ipaddr == NULL) 468 if (ssh->remote_ipaddr == NULL) {
460 ssh->remote_ipaddr = ssh_packet_connection_is_on_socket(ssh) ? 469 if (ssh_packet_connection_is_on_socket(ssh)) {
461 get_peer_ipaddr(ssh->state->connection_in) : 470 ssh->remote_ipaddr = get_peer_ipaddr(sock);
462 strdup("UNKNOWN"); 471 ssh->remote_port = get_sock_port(sock, 0);
463 if (ssh->remote_ipaddr == NULL) 472 } else {
464 return "UNKNOWN"; 473 ssh->remote_ipaddr = strdup("UNKNOWN");
474 ssh->remote_port = 0;
475 }
476 }
465 return ssh->remote_ipaddr; 477 return ssh->remote_ipaddr;
466} 478}
467 479
480/* Returns the port number of the remote host. */
481
482int
483ssh_remote_port(struct ssh *ssh)
484{
485 (void)ssh_remote_ipaddr(ssh); /* Will lookup and cache. */
486 return ssh->remote_port;
487}
488
468/* Closes the connection and clears and frees internal data structures. */ 489/* Closes the connection and clears and frees internal data structures. */
469 490
470void 491void
@@ -519,10 +540,8 @@ ssh_packet_close(struct ssh *ssh)
519 error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r)); 540 error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
520 if ((r = cipher_cleanup(&state->receive_context)) != 0) 541 if ((r = cipher_cleanup(&state->receive_context)) != 0)
521 error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r)); 542 error("%s: cipher_cleanup failed: %s", __func__, ssh_err(r));
522 if (ssh->remote_ipaddr) { 543 free(ssh->remote_ipaddr);
523 free(ssh->remote_ipaddr); 544 ssh->remote_ipaddr = NULL;
524 ssh->remote_ipaddr = NULL;
525 }
526 free(ssh->state); 545 free(ssh->state);
527 ssh->state = NULL; 546 ssh->state = NULL;
528} 547}
@@ -941,7 +960,12 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
941 max_blocks = &state->max_blocks_in; 960 max_blocks = &state->max_blocks_in;
942 } 961 }
943 if (state->newkeys[mode] != NULL) { 962 if (state->newkeys[mode] != NULL) {
944 debug("set_newkeys: rekeying"); 963 debug("set_newkeys: rekeying, input %llu bytes %llu blocks, "
964 "output %llu bytes %llu blocks",
965 (unsigned long long)state->p_read.bytes,
966 (unsigned long long)state->p_read.blocks,
967 (unsigned long long)state->p_send.bytes,
968 (unsigned long long)state->p_send.blocks);
945 if ((r = cipher_cleanup(cc)) != 0) 969 if ((r = cipher_cleanup(cc)) != 0)
946 return r; 970 return r;
947 enc = &state->newkeys[mode]->enc; 971 enc = &state->newkeys[mode]->enc;
@@ -1009,9 +1033,55 @@ ssh_set_newkeys(struct ssh *ssh, int mode)
1009 if (state->rekey_limit) 1033 if (state->rekey_limit)
1010 *max_blocks = MIN(*max_blocks, 1034 *max_blocks = MIN(*max_blocks,
1011 state->rekey_limit / enc->block_size); 1035 state->rekey_limit / enc->block_size);
1036 debug("rekey after %llu blocks", (unsigned long long)*max_blocks);
1012 return 0; 1037 return 0;
1013} 1038}
1014 1039
1040#define MAX_PACKETS (1U<<31)
1041static int
1042ssh_packet_need_rekeying(struct ssh *ssh, u_int outbound_packet_len)
1043{
1044 struct session_state *state = ssh->state;
1045 u_int32_t out_blocks;
1046
1047 /* XXX client can't cope with rekeying pre-auth */
1048 if (!state->after_authentication)
1049 return 0;
1050
1051 /* Haven't keyed yet or KEX in progress. */
1052 if (ssh->kex == NULL || ssh_packet_is_rekeying(ssh))
1053 return 0;
1054
1055 /* Peer can't rekey */
1056 if (ssh->compat & SSH_BUG_NOREKEY)
1057 return 0;
1058
1059 /*
1060 * Permit one packet in or out per rekey - this allows us to
1061 * make progress when rekey limits are very small.
1062 */
1063 if (state->p_send.packets == 0 && state->p_read.packets == 0)
1064 return 0;
1065
1066 /* Time-based rekeying */
1067 if (state->rekey_interval != 0 &&
1068 state->rekey_time + state->rekey_interval <= monotime())
1069 return 1;
1070
1071 /* Always rekey when MAX_PACKETS sent in either direction */
1072 if (state->p_send.packets > MAX_PACKETS ||
1073 state->p_read.packets > MAX_PACKETS)
1074 return 1;
1075
1076 /* Rekey after (cipher-specific) maxiumum blocks */
1077 out_blocks = roundup(outbound_packet_len,
1078 state->newkeys[MODE_OUT]->enc.block_size);
1079 return (state->max_blocks_out &&
1080 (state->p_send.blocks + out_blocks > state->max_blocks_out)) ||
1081 (state->max_blocks_in &&
1082 (state->p_read.blocks > state->max_blocks_in));
1083}
1084
1015/* 1085/*
1016 * Delayed compression for SSH2 is enabled after authentication: 1086 * Delayed compression for SSH2 is enabled after authentication:
1017 * This happens on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent, 1087 * This happens on the server side after a SSH2_MSG_USERAUTH_SUCCESS is sent,
@@ -1050,6 +1120,20 @@ ssh_packet_enable_delayed_compress(struct ssh *ssh)
1050 return 0; 1120 return 0;
1051} 1121}
1052 1122
1123/* Used to mute debug logging for noisy packet types */
1124static int
1125ssh_packet_log_type(u_char type)
1126{
1127 switch (type) {
1128 case SSH2_MSG_CHANNEL_DATA:
1129 case SSH2_MSG_CHANNEL_EXTENDED_DATA:
1130 case SSH2_MSG_CHANNEL_WINDOW_ADJUST:
1131 return 0;
1132 default:
1133 return 1;
1134 }
1135}
1136
1053/* 1137/*
1054 * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue) 1138 * Finalize packet in SSH2 format (compress, mac, encrypt, enqueue)
1055 */ 1139 */
@@ -1078,7 +1162,8 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
1078 aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0; 1162 aadlen = (mac && mac->enabled && mac->etm) || authlen ? 4 : 0;
1079 1163
1080 type = (sshbuf_ptr(state->outgoing_packet))[5]; 1164 type = (sshbuf_ptr(state->outgoing_packet))[5];
1081 1165 if (ssh_packet_log_type(type))
1166 debug3("send packet: type %u", type);
1082#ifdef PACKET_DEBUG 1167#ifdef PACKET_DEBUG
1083 fprintf(stderr, "plain: "); 1168 fprintf(stderr, "plain: ");
1084 sshbuf_dump(state->outgoing_packet, stderr); 1169 sshbuf_dump(state->outgoing_packet, stderr);
@@ -1200,34 +1285,58 @@ ssh_packet_send2_wrapped(struct ssh *ssh)
1200 return r; 1285 return r;
1201} 1286}
1202 1287
1288/* returns non-zero if the specified packet type is usec by KEX */
1289static int
1290ssh_packet_type_is_kex(u_char type)
1291{
1292 return
1293 type >= SSH2_MSG_TRANSPORT_MIN &&
1294 type <= SSH2_MSG_TRANSPORT_MAX &&
1295 type != SSH2_MSG_SERVICE_REQUEST &&
1296 type != SSH2_MSG_SERVICE_ACCEPT &&
1297 type != SSH2_MSG_EXT_INFO;
1298}
1299
1203int 1300int
1204ssh_packet_send2(struct ssh *ssh) 1301ssh_packet_send2(struct ssh *ssh)
1205{ 1302{
1206 struct session_state *state = ssh->state; 1303 struct session_state *state = ssh->state;
1207 struct packet *p; 1304 struct packet *p;
1208 u_char type; 1305 u_char type;
1209 int r; 1306 int r, need_rekey;
1210 1307
1308 if (sshbuf_len(state->outgoing_packet) < 6)
1309 return SSH_ERR_INTERNAL_ERROR;
1211 type = sshbuf_ptr(state->outgoing_packet)[5]; 1310 type = sshbuf_ptr(state->outgoing_packet)[5];
1311 need_rekey = !ssh_packet_type_is_kex(type) &&
1312 ssh_packet_need_rekeying(ssh, sshbuf_len(state->outgoing_packet));
1212 1313
1213 /* during rekeying we can only send key exchange messages */ 1314 /*
1214 if (state->rekeying) { 1315 * During rekeying we can only send key exchange messages.
1215 if ((type < SSH2_MSG_TRANSPORT_MIN) || 1316 * Queue everything else.
1216 (type > SSH2_MSG_TRANSPORT_MAX) || 1317 */
1217 (type == SSH2_MSG_SERVICE_REQUEST) || 1318 if ((need_rekey || state->rekeying) && !ssh_packet_type_is_kex(type)) {
1218 (type == SSH2_MSG_SERVICE_ACCEPT)) { 1319 if (need_rekey)
1219 debug("enqueue packet: %u", type); 1320 debug3("%s: rekex triggered", __func__);
1220 p = calloc(1, sizeof(*p)); 1321 debug("enqueue packet: %u", type);
1221 if (p == NULL) 1322 p = calloc(1, sizeof(*p));
1222 return SSH_ERR_ALLOC_FAIL; 1323 if (p == NULL)
1223 p->type = type; 1324 return SSH_ERR_ALLOC_FAIL;
1224 p->payload = state->outgoing_packet; 1325 p->type = type;
1225 TAILQ_INSERT_TAIL(&state->outgoing, p, next); 1326 p->payload = state->outgoing_packet;
1226 state->outgoing_packet = sshbuf_new(); 1327 TAILQ_INSERT_TAIL(&state->outgoing, p, next);
1227 if (state->outgoing_packet == NULL) 1328 state->outgoing_packet = sshbuf_new();
1228 return SSH_ERR_ALLOC_FAIL; 1329 if (state->outgoing_packet == NULL)
1229 return 0; 1330 return SSH_ERR_ALLOC_FAIL;
1331 if (need_rekey) {
1332 /*
1333 * This packet triggered a rekey, so send the
1334 * KEXINIT now.
1335 * NB. reenters this function via kex_start_rekex().
1336 */
1337 return kex_start_rekex(ssh);
1230 } 1338 }
1339 return 0;
1231 } 1340 }
1232 1341
1233 /* rekeying starts with sending KEXINIT */ 1342 /* rekeying starts with sending KEXINIT */
@@ -1243,10 +1352,22 @@ ssh_packet_send2(struct ssh *ssh)
1243 state->rekey_time = monotime(); 1352 state->rekey_time = monotime();
1244 while ((p = TAILQ_FIRST(&state->outgoing))) { 1353 while ((p = TAILQ_FIRST(&state->outgoing))) {
1245 type = p->type; 1354 type = p->type;
1355 /*
1356 * If this packet triggers a rekex, then skip the
1357 * remaining packets in the queue for now.
1358 * NB. re-enters this function via kex_start_rekex.
1359 */
1360 if (ssh_packet_need_rekeying(ssh,
1361 sshbuf_len(p->payload))) {
1362 debug3("%s: queued packet triggered rekex",
1363 __func__);
1364 return kex_start_rekex(ssh);
1365 }
1246 debug("dequeue packet: %u", type); 1366 debug("dequeue packet: %u", type);
1247 sshbuf_free(state->outgoing_packet); 1367 sshbuf_free(state->outgoing_packet);
1248 state->outgoing_packet = p->payload; 1368 state->outgoing_packet = p->payload;
1249 TAILQ_REMOVE(&state->outgoing, p, next); 1369 TAILQ_REMOVE(&state->outgoing, p, next);
1370 memset(p, 0, sizeof(*p));
1250 free(p); 1371 free(p);
1251 if ((r = ssh_packet_send2_wrapped(ssh)) != 0) 1372 if ((r = ssh_packet_send2_wrapped(ssh)) != 0)
1252 return r; 1373 return r;
@@ -1265,7 +1386,7 @@ int
1265ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p) 1386ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1266{ 1387{
1267 struct session_state *state = ssh->state; 1388 struct session_state *state = ssh->state;
1268 int len, r, ms_remain, cont; 1389 int len, r, ms_remain;
1269 fd_set *setp; 1390 fd_set *setp;
1270 char buf[8192]; 1391 char buf[8192];
1271 struct timeval timeout, start, *timeoutp = NULL; 1392 struct timeval timeout, start, *timeoutp = NULL;
@@ -1335,11 +1456,7 @@ ssh_packet_read_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1335 if (r == 0) 1456 if (r == 0)
1336 return SSH_ERR_CONN_TIMEOUT; 1457 return SSH_ERR_CONN_TIMEOUT;
1337 /* Read data from the socket. */ 1458 /* Read data from the socket. */
1338 do { 1459 len = read(state->connection_in, buf, sizeof(buf));
1339 cont = 0;
1340 len = roaming_read(state->connection_in, buf,
1341 sizeof(buf), &cont);
1342 } while (len == 0 && cont);
1343 if (len == 0) { 1460 if (len == 0) {
1344 r = SSH_ERR_CONN_CLOSED; 1461 r = SSH_ERR_CONN_CLOSED;
1345 goto out; 1462 goto out;
@@ -1734,6 +1851,8 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1734 */ 1851 */
1735 if ((r = sshbuf_get_u8(state->incoming_packet, typep)) != 0) 1852 if ((r = sshbuf_get_u8(state->incoming_packet, typep)) != 0)
1736 goto out; 1853 goto out;
1854 if (ssh_packet_log_type(*typep))
1855 debug3("receive packet: type %u", *typep);
1737 if (*typep < SSH2_MSG_MIN || *typep >= SSH2_MSG_LOCAL_MIN) { 1856 if (*typep < SSH2_MSG_MIN || *typep >= SSH2_MSG_LOCAL_MIN) {
1738 if ((r = sshpkt_disconnect(ssh, 1857 if ((r = sshpkt_disconnect(ssh,
1739 "Invalid ssh2 packet type: %d", *typep)) != 0 || 1858 "Invalid ssh2 packet type: %d", *typep)) != 0 ||
@@ -1753,6 +1872,13 @@ ssh_packet_read_poll2(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1753#endif 1872#endif
1754 /* reset for next packet */ 1873 /* reset for next packet */
1755 state->packlen = 0; 1874 state->packlen = 0;
1875
1876 /* do we need to rekey? */
1877 if (ssh_packet_need_rekeying(ssh, 0)) {
1878 debug3("%s: rekex triggered", __func__);
1879 if ((r = kex_start_rekex(ssh)) != 0)
1880 return r;
1881 }
1756 out: 1882 out:
1757 return r; 1883 return r;
1758} 1884}
@@ -1783,8 +1909,7 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1783 if ((r = sshpkt_get_u8(ssh, NULL)) != 0 || 1909 if ((r = sshpkt_get_u8(ssh, NULL)) != 0 ||
1784 (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 || 1910 (r = sshpkt_get_string(ssh, &msg, NULL)) != 0 ||
1785 (r = sshpkt_get_string(ssh, NULL, NULL)) != 0) { 1911 (r = sshpkt_get_string(ssh, NULL, NULL)) != 0) {
1786 if (msg) 1912 free(msg);
1787 free(msg);
1788 return r; 1913 return r;
1789 } 1914 }
1790 debug("Remote: %.900s", msg); 1915 debug("Remote: %.900s", msg);
@@ -1798,8 +1923,9 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1798 do_log2(ssh->state->server_side && 1923 do_log2(ssh->state->server_side &&
1799 reason == SSH2_DISCONNECT_BY_APPLICATION ? 1924 reason == SSH2_DISCONNECT_BY_APPLICATION ?
1800 SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR, 1925 SYSLOG_LEVEL_INFO : SYSLOG_LEVEL_ERROR,
1801 "Received disconnect from %s: %u: %.400s", 1926 "Received disconnect from %s port %d:"
1802 ssh_remote_ipaddr(ssh), reason, msg); 1927 "%u: %.400s", ssh_remote_ipaddr(ssh),
1928 ssh_remote_port(ssh), reason, msg);
1803 free(msg); 1929 free(msg);
1804 return SSH_ERR_DISCONNECTED; 1930 return SSH_ERR_DISCONNECTED;
1805 case SSH2_MSG_UNIMPLEMENTED: 1931 case SSH2_MSG_UNIMPLEMENTED:
@@ -1827,8 +1953,9 @@ ssh_packet_read_poll_seqnr(struct ssh *ssh, u_char *typep, u_int32_t *seqnr_p)
1827 case SSH_MSG_DISCONNECT: 1953 case SSH_MSG_DISCONNECT:
1828 if ((r = sshpkt_get_string(ssh, &msg, NULL)) != 0) 1954 if ((r = sshpkt_get_string(ssh, &msg, NULL)) != 0)
1829 return r; 1955 return r;
1830 error("Received disconnect from %s: %.400s", 1956 error("Received disconnect from %s port %d: "
1831 ssh_remote_ipaddr(ssh), msg); 1957 "%.400s", ssh_remote_ipaddr(ssh),
1958 ssh_remote_port(ssh), msg);
1832 free(msg); 1959 free(msg);
1833 return SSH_ERR_DISCONNECTED; 1960 return SSH_ERR_DISCONNECTED;
1834 default: 1961 default:
@@ -1918,19 +2045,22 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
1918{ 2045{
1919 switch (r) { 2046 switch (r) {
1920 case SSH_ERR_CONN_CLOSED: 2047 case SSH_ERR_CONN_CLOSED:
1921 logit("Connection closed by %.200s", ssh_remote_ipaddr(ssh)); 2048 logit("Connection closed by %.200s port %d",
2049 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
1922 cleanup_exit(255); 2050 cleanup_exit(255);
1923 case SSH_ERR_CONN_TIMEOUT: 2051 case SSH_ERR_CONN_TIMEOUT:
1924 logit("Connection to %.200s timed out", ssh_remote_ipaddr(ssh)); 2052 logit("Connection %s %.200s port %d timed out",
2053 ssh->state->server_side ? "from" : "to",
2054 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
1925 cleanup_exit(255); 2055 cleanup_exit(255);
1926 case SSH_ERR_DISCONNECTED: 2056 case SSH_ERR_DISCONNECTED:
1927 logit("Disconnected from %.200s", 2057 logit("Disconnected from %.200s port %d",
1928 ssh_remote_ipaddr(ssh)); 2058 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
1929 cleanup_exit(255); 2059 cleanup_exit(255);
1930 case SSH_ERR_SYSTEM_ERROR: 2060 case SSH_ERR_SYSTEM_ERROR:
1931 if (errno == ECONNRESET) { 2061 if (errno == ECONNRESET) {
1932 logit("Connection reset by %.200s", 2062 logit("Connection reset by %.200s port %d",
1933 ssh_remote_ipaddr(ssh)); 2063 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
1934 cleanup_exit(255); 2064 cleanup_exit(255);
1935 } 2065 }
1936 /* FALLTHROUGH */ 2066 /* FALLTHROUGH */
@@ -1940,15 +2070,17 @@ sshpkt_fatal(struct ssh *ssh, const char *tag, int r)
1940 case SSH_ERR_NO_KEX_ALG_MATCH: 2070 case SSH_ERR_NO_KEX_ALG_MATCH:
1941 case SSH_ERR_NO_HOSTKEY_ALG_MATCH: 2071 case SSH_ERR_NO_HOSTKEY_ALG_MATCH:
1942 if (ssh && ssh->kex && ssh->kex->failed_choice) { 2072 if (ssh && ssh->kex && ssh->kex->failed_choice) {
1943 fatal("Unable to negotiate with %.200s: %s. " 2073 fatal("Unable to negotiate with %.200s port %d: %s. "
1944 "Their offer: %s", ssh_remote_ipaddr(ssh), 2074 "Their offer: %s", ssh_remote_ipaddr(ssh),
1945 ssh_err(r), ssh->kex->failed_choice); 2075 ssh_remote_port(ssh), ssh_err(r),
2076 ssh->kex->failed_choice);
1946 } 2077 }
1947 /* FALLTHROUGH */ 2078 /* FALLTHROUGH */
1948 default: 2079 default:
1949 fatal("%s%sConnection to %.200s: %s", 2080 fatal("%s%sConnection %s %.200s port %d: %s",
1950 tag != NULL ? tag : "", tag != NULL ? ": " : "", 2081 tag != NULL ? tag : "", tag != NULL ? ": " : "",
1951 ssh_remote_ipaddr(ssh), ssh_err(r)); 2082 ssh->state->server_side ? "from" : "to",
2083 ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), ssh_err(r));
1952 } 2084 }
1953} 2085}
1954 2086
@@ -2005,19 +2137,18 @@ ssh_packet_write_poll(struct ssh *ssh)
2005{ 2137{
2006 struct session_state *state = ssh->state; 2138 struct session_state *state = ssh->state;
2007 int len = sshbuf_len(state->output); 2139 int len = sshbuf_len(state->output);
2008 int cont, r; 2140 int r;
2009 2141
2010 if (len > 0) { 2142 if (len > 0) {
2011 cont = 0; 2143 len = write(state->connection_out,
2012 len = roaming_write(state->connection_out, 2144 sshbuf_ptr(state->output), len);
2013 sshbuf_ptr(state->output), len, &cont);
2014 if (len == -1) { 2145 if (len == -1) {
2015 if (errno == EINTR || errno == EAGAIN || 2146 if (errno == EINTR || errno == EAGAIN ||
2016 errno == EWOULDBLOCK) 2147 errno == EWOULDBLOCK)
2017 return 0; 2148 return 0;
2018 return SSH_ERR_SYSTEM_ERROR; 2149 return SSH_ERR_SYSTEM_ERROR;
2019 } 2150 }
2020 if (len == 0 && !cont) 2151 if (len == 0)
2021 return SSH_ERR_CONN_CLOSED; 2152 return SSH_ERR_CONN_CLOSED;
2022 if ((r = sshbuf_consume(state->output, len)) != 0) 2153 if ((r = sshbuf_consume(state->output, len)) != 0)
2023 return r; 2154 return r;
@@ -2041,7 +2172,10 @@ ssh_packet_write_wait(struct ssh *ssh)
2041 NFDBITS), sizeof(fd_mask)); 2172 NFDBITS), sizeof(fd_mask));
2042 if (setp == NULL) 2173 if (setp == NULL)
2043 return SSH_ERR_ALLOC_FAIL; 2174 return SSH_ERR_ALLOC_FAIL;
2044 ssh_packet_write_poll(ssh); 2175 if ((r = ssh_packet_write_poll(ssh)) != 0) {
2176 free(setp);
2177 return r;
2178 }
2045 while (ssh_packet_have_data_to_write(ssh)) { 2179 while (ssh_packet_have_data_to_write(ssh)) {
2046 memset(setp, 0, howmany(state->connection_out + 1, 2180 memset(setp, 0, howmany(state->connection_out + 1,
2047 NFDBITS) * sizeof(fd_mask)); 2181 NFDBITS) * sizeof(fd_mask));
@@ -2229,29 +2363,10 @@ ssh_packet_send_ignore(struct ssh *ssh, int nbytes)
2229 } 2363 }
2230} 2364}
2231 2365
2232#define MAX_PACKETS (1U<<31)
2233int
2234ssh_packet_need_rekeying(struct ssh *ssh)
2235{
2236 struct session_state *state = ssh->state;
2237
2238 if (ssh->compat & SSH_BUG_NOREKEY)
2239 return 0;
2240 return
2241 (state->p_send.packets > MAX_PACKETS) ||
2242 (state->p_read.packets > MAX_PACKETS) ||
2243 (state->max_blocks_out &&
2244 (state->p_send.blocks > state->max_blocks_out)) ||
2245 (state->max_blocks_in &&
2246 (state->p_read.blocks > state->max_blocks_in)) ||
2247 (state->rekey_interval != 0 && state->rekey_time +
2248 state->rekey_interval <= monotime());
2249}
2250
2251void 2366void
2252ssh_packet_set_rekey_limits(struct ssh *ssh, u_int32_t bytes, time_t seconds) 2367ssh_packet_set_rekey_limits(struct ssh *ssh, u_int64_t bytes, time_t seconds)
2253{ 2368{
2254 debug3("rekey after %lld bytes, %d seconds", (long long)bytes, 2369 debug3("rekey after %llu bytes, %d seconds", (unsigned long long)bytes,
2255 (int)seconds); 2370 (int)seconds);
2256 ssh->state->rekey_limit = bytes; 2371 ssh->state->rekey_limit = bytes;
2257 ssh->state->rekey_interval = seconds; 2372 ssh->state->rekey_interval = seconds;
@@ -2291,58 +2406,6 @@ ssh_packet_get_output(struct ssh *ssh)
2291 return (void *)ssh->state->output; 2406 return (void *)ssh->state->output;
2292} 2407}
2293 2408
2294/* XXX TODO update roaming to new API (does not work anyway) */
2295/*
2296 * Save the state for the real connection, and use a separate state when
2297 * resuming a suspended connection.
2298 */
2299void
2300ssh_packet_backup_state(struct ssh *ssh,
2301 struct ssh *backup_state)
2302{
2303 struct ssh *tmp;
2304
2305 close(ssh->state->connection_in);
2306 ssh->state->connection_in = -1;
2307 close(ssh->state->connection_out);
2308 ssh->state->connection_out = -1;
2309 if (backup_state)
2310 tmp = backup_state;
2311 else
2312 tmp = ssh_alloc_session_state();
2313 backup_state = ssh;
2314 ssh = tmp;
2315}
2316
2317/* XXX FIXME FIXME FIXME */
2318/*
2319 * Swap in the old state when resuming a connecion.
2320 */
2321void
2322ssh_packet_restore_state(struct ssh *ssh,
2323 struct ssh *backup_state)
2324{
2325 struct ssh *tmp;
2326 u_int len;
2327 int r;
2328
2329 tmp = backup_state;
2330 backup_state = ssh;
2331 ssh = tmp;
2332 ssh->state->connection_in = backup_state->state->connection_in;
2333 backup_state->state->connection_in = -1;
2334 ssh->state->connection_out = backup_state->state->connection_out;
2335 backup_state->state->connection_out = -1;
2336 len = sshbuf_len(backup_state->state->input);
2337 if (len > 0) {
2338 if ((r = sshbuf_putb(ssh->state->input,
2339 backup_state->state->input)) != 0)
2340 fatal("%s: %s", __func__, ssh_err(r));
2341 sshbuf_reset(backup_state->state->input);
2342 add_recv_bytes(len);
2343 }
2344}
2345
2346/* Reset after_authentication and reset compression in post-auth privsep */ 2409/* Reset after_authentication and reset compression in post-auth privsep */
2347static int 2410static int
2348ssh_packet_set_postauth(struct ssh *ssh) 2411ssh_packet_set_postauth(struct ssh *ssh)
@@ -2430,8 +2493,7 @@ newkeys_to_blob(struct sshbuf *m, struct ssh *ssh, int mode)
2430 goto out; 2493 goto out;
2431 r = sshbuf_put_stringb(m, b); 2494 r = sshbuf_put_stringb(m, b);
2432 out: 2495 out:
2433 if (b != NULL) 2496 sshbuf_free(b);
2434 sshbuf_free(b);
2435 return r; 2497 return r;
2436} 2498}
2437 2499
@@ -2462,7 +2524,7 @@ ssh_packet_get_state(struct ssh *ssh, struct sshbuf *m)
2462 if ((r = kex_to_blob(m, ssh->kex)) != 0 || 2524 if ((r = kex_to_blob(m, ssh->kex)) != 0 ||
2463 (r = newkeys_to_blob(m, ssh, MODE_OUT)) != 0 || 2525 (r = newkeys_to_blob(m, ssh, MODE_OUT)) != 0 ||
2464 (r = newkeys_to_blob(m, ssh, MODE_IN)) != 0 || 2526 (r = newkeys_to_blob(m, ssh, MODE_IN)) != 0 ||
2465 (r = sshbuf_put_u32(m, state->rekey_limit)) != 0 || 2527 (r = sshbuf_put_u64(m, state->rekey_limit)) != 0 ||
2466 (r = sshbuf_put_u32(m, state->rekey_interval)) != 0 || 2528 (r = sshbuf_put_u32(m, state->rekey_interval)) != 0 ||
2467 (r = sshbuf_put_u32(m, state->p_send.seqnr)) != 0 || 2529 (r = sshbuf_put_u32(m, state->p_send.seqnr)) != 0 ||
2468 (r = sshbuf_put_u64(m, state->p_send.blocks)) != 0 || 2530 (r = sshbuf_put_u64(m, state->p_send.blocks)) != 0 ||
@@ -2493,11 +2555,6 @@ ssh_packet_get_state(struct ssh *ssh, struct sshbuf *m)
2493 (r = sshbuf_put_stringb(m, state->output)) != 0) 2555 (r = sshbuf_put_stringb(m, state->output)) != 0)
2494 return r; 2556 return r;
2495 2557
2496 if (compat20) {
2497 if ((r = sshbuf_put_u64(m, get_sent_bytes())) != 0 ||
2498 (r = sshbuf_put_u64(m, get_recv_bytes())) != 0)
2499 return r;
2500 }
2501 return 0; 2558 return 0;
2502} 2559}
2503 2560
@@ -2566,10 +2623,8 @@ newkeys_from_blob(struct sshbuf *m, struct ssh *ssh, int mode)
2566 newkey = NULL; 2623 newkey = NULL;
2567 r = 0; 2624 r = 0;
2568 out: 2625 out:
2569 if (newkey != NULL) 2626 free(newkey);
2570 free(newkey); 2627 sshbuf_free(b);
2571 if (b != NULL)
2572 sshbuf_free(b);
2573 return r; 2628 return r;
2574} 2629}
2575 2630
@@ -2602,10 +2657,8 @@ kex_from_blob(struct sshbuf *m, struct kex **kexp)
2602 out: 2657 out:
2603 if (r != 0 || kexp == NULL) { 2658 if (r != 0 || kexp == NULL) {
2604 if (kex != NULL) { 2659 if (kex != NULL) {
2605 if (kex->my != NULL) 2660 sshbuf_free(kex->my);
2606 sshbuf_free(kex->my); 2661 sshbuf_free(kex->peer);
2607 if (kex->peer != NULL)
2608 sshbuf_free(kex->peer);
2609 free(kex); 2662 free(kex);
2610 } 2663 }
2611 if (kexp != NULL) 2664 if (kexp != NULL)
@@ -2628,7 +2681,6 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
2628 size_t ssh1keylen, rlen, slen, ilen, olen; 2681 size_t ssh1keylen, rlen, slen, ilen, olen;
2629 int r; 2682 int r;
2630 u_int ssh1cipher = 0; 2683 u_int ssh1cipher = 0;
2631 u_int64_t sent_bytes = 0, recv_bytes = 0;
2632 2684
2633 if (!compat20) { 2685 if (!compat20) {
2634 if ((r = sshbuf_get_u32(m, &state->remote_protocol_flags)) != 0 || 2686 if ((r = sshbuf_get_u32(m, &state->remote_protocol_flags)) != 0 ||
@@ -2651,7 +2703,7 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
2651 if ((r = kex_from_blob(m, &ssh->kex)) != 0 || 2703 if ((r = kex_from_blob(m, &ssh->kex)) != 0 ||
2652 (r = newkeys_from_blob(m, ssh, MODE_OUT)) != 0 || 2704 (r = newkeys_from_blob(m, ssh, MODE_OUT)) != 0 ||
2653 (r = newkeys_from_blob(m, ssh, MODE_IN)) != 0 || 2705 (r = newkeys_from_blob(m, ssh, MODE_IN)) != 0 ||
2654 (r = sshbuf_get_u32(m, &state->rekey_limit)) != 0 || 2706 (r = sshbuf_get_u64(m, &state->rekey_limit)) != 0 ||
2655 (r = sshbuf_get_u32(m, &state->rekey_interval)) != 0 || 2707 (r = sshbuf_get_u32(m, &state->rekey_interval)) != 0 ||
2656 (r = sshbuf_get_u32(m, &state->p_send.seqnr)) != 0 || 2708 (r = sshbuf_get_u32(m, &state->p_send.seqnr)) != 0 ||
2657 (r = sshbuf_get_u64(m, &state->p_send.blocks)) != 0 || 2709 (r = sshbuf_get_u64(m, &state->p_send.blocks)) != 0 ||
@@ -2693,12 +2745,6 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
2693 (r = sshbuf_put(state->output, output, olen)) != 0) 2745 (r = sshbuf_put(state->output, output, olen)) != 0)
2694 return r; 2746 return r;
2695 2747
2696 if (compat20) {
2697 if ((r = sshbuf_get_u64(m, &sent_bytes)) != 0 ||
2698 (r = sshbuf_get_u64(m, &recv_bytes)) != 0)
2699 return r;
2700 roam_set_bytes(sent_bytes, recv_bytes);
2701 }
2702 if (sshbuf_len(m)) 2748 if (sshbuf_len(m))
2703 return SSH_ERR_INVALID_FORMAT; 2749 return SSH_ERR_INVALID_FORMAT;
2704 debug3("%s: done", __func__); 2750 debug3("%s: done", __func__);
diff --git a/packet.h b/packet.h
index 7b06544e8..28516a553 100644
--- a/packet.h
+++ b/packet.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.h,v 1.66 2015/01/30 01:13:33 djm Exp $ */ 1/* $OpenBSD: packet.h,v 1.70 2016/02/08 10:57:07 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -86,6 +86,7 @@ int ssh_packet_get_connection_in(struct ssh *);
86int ssh_packet_get_connection_out(struct ssh *); 86int ssh_packet_get_connection_out(struct ssh *);
87void ssh_packet_close(struct ssh *); 87void ssh_packet_close(struct ssh *);
88void ssh_packet_set_encryption_key(struct ssh *, const u_char *, u_int, int); 88void ssh_packet_set_encryption_key(struct ssh *, const u_char *, u_int, int);
89int ssh_packet_is_rekeying(struct ssh *);
89void ssh_packet_set_protocol_flags(struct ssh *, u_int); 90void ssh_packet_set_protocol_flags(struct ssh *, u_int);
90u_int ssh_packet_get_protocol_flags(struct ssh *); 91u_int ssh_packet_get_protocol_flags(struct ssh *);
91int ssh_packet_start_compression(struct ssh *, int); 92int ssh_packet_start_compression(struct ssh *, int);
@@ -143,15 +144,11 @@ int ssh_packet_get_state(struct ssh *, struct sshbuf *);
143int ssh_packet_set_state(struct ssh *, struct sshbuf *); 144int ssh_packet_set_state(struct ssh *, struct sshbuf *);
144 145
145const char *ssh_remote_ipaddr(struct ssh *); 146const char *ssh_remote_ipaddr(struct ssh *);
147int ssh_remote_port(struct ssh *);
146 148
147int ssh_packet_need_rekeying(struct ssh *); 149void ssh_packet_set_rekey_limits(struct ssh *, u_int64_t, time_t);
148void ssh_packet_set_rekey_limits(struct ssh *, u_int32_t, time_t);
149time_t ssh_packet_get_rekey_timeout(struct ssh *); 150time_t ssh_packet_get_rekey_timeout(struct ssh *);
150 151
151/* XXX FIXME */
152void ssh_packet_backup_state(struct ssh *, struct ssh *);
153void ssh_packet_restore_state(struct ssh *, struct ssh *);
154
155void *ssh_packet_get_input(struct ssh *); 152void *ssh_packet_get_input(struct ssh *);
156void *ssh_packet_get_output(struct ssh *); 153void *ssh_packet_get_output(struct ssh *);
157 154
diff --git a/platform-pledge.c b/platform-pledge.c
new file mode 100644
index 000000000..4a6ec15e1
--- /dev/null
+++ b/platform-pledge.c
@@ -0,0 +1,71 @@
1/*
2 * Copyright (c) 2015 Joyent, Inc
3 * Author: Alex Wilson <alex.wilson@joyent.com>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19
20#include <sys/types.h>
21
22#include <stdarg.h>
23#include <unistd.h>
24
25#include "platform.h"
26
27#include "openbsd-compat/openbsd-compat.h"
28
29/*
30 * Drop any fine-grained privileges that are not needed for post-startup
31 * operation of ssh-agent
32 *
33 * Should be as close as possible to pledge("stdio cpath unix id proc exec", ...)
34 */
35void
36platform_pledge_agent(void)
37{
38#ifdef USE_SOLARIS_PRIVS
39 /*
40 * Note: Solaris priv dropping is closer to tame() than pledge(), but
41 * we will use what we have.
42 */
43 solaris_drop_privs_root_pinfo_net();
44#endif
45}
46
47/*
48 * Drop any fine-grained privileges that are not needed for post-startup
49 * operation of sftp-server
50 */
51void
52platform_pledge_sftp_server(void)
53{
54#ifdef USE_SOLARIS_PRIVS
55 solaris_drop_privs_pinfo_net_fork_exec();
56#endif
57}
58
59/*
60 * Drop any fine-grained privileges that are not needed for the post-startup
61 * operation of the SSH client mux
62 *
63 * Should be as close as possible to pledge("stdio proc tty", ...)
64 */
65void
66platform_pledge_mux(void)
67{
68#ifdef USE_SOLARIS_PRIVS
69 solaris_drop_privs_root_pinfo_net_exec();
70#endif
71}
diff --git a/platform.h b/platform.h
index 1c7a45d8f..e687c99b6 100644
--- a/platform.h
+++ b/platform.h
@@ -31,3 +31,8 @@ void platform_setusercontext_post_groups(struct passwd *);
31char *platform_get_krb5_client(const char *); 31char *platform_get_krb5_client(const char *);
32char *platform_krb5_get_principal_name(const char *); 32char *platform_krb5_get_principal_name(const char *);
33int platform_sys_dir_uid(uid_t); 33int platform_sys_dir_uid(uid_t);
34
35/* in platform-pledge.c */
36void platform_pledge_agent(void);
37void platform_pledge_sftp_server(void);
38void platform_pledge_mux(void);
diff --git a/readconf.c b/readconf.c
index cd014821a..69d4553af 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.239 2015/07/30 00:01:34 djm Exp $ */ 1/* $OpenBSD: readconf.c,v 1.250 2016/02/08 23:40:12 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -135,6 +135,7 @@ typedef enum {
135 oPasswordAuthentication, oRSAAuthentication, 135 oPasswordAuthentication, oRSAAuthentication,
136 oChallengeResponseAuthentication, oXAuthLocation, 136 oChallengeResponseAuthentication, oXAuthLocation,
137 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, 137 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
138 oCertificateFile, oAddKeysToAgent,
138 oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, 139 oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
139 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, 140 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
140 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, 141 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
@@ -151,7 +152,7 @@ typedef enum {
151 oSendEnv, oControlPath, oControlMaster, oControlPersist, 152 oSendEnv, oControlPath, oControlMaster, oControlPersist,
152 oHashKnownHosts, 153 oHashKnownHosts,
153 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 154 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
154 oVisualHostKey, oUseRoaming, 155 oVisualHostKey,
155 oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, 156 oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass,
156 oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, 157 oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots,
157 oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, 158 oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs,
@@ -202,6 +203,8 @@ static struct {
202 { "identityfile", oIdentityFile }, 203 { "identityfile", oIdentityFile },
203 { "identityfile2", oIdentityFile }, /* obsolete */ 204 { "identityfile2", oIdentityFile }, /* obsolete */
204 { "identitiesonly", oIdentitiesOnly }, 205 { "identitiesonly", oIdentitiesOnly },
206 { "certificatefile", oCertificateFile },
207 { "addkeystoagent", oAddKeysToAgent },
205 { "hostname", oHostName }, 208 { "hostname", oHostName },
206 { "hostkeyalias", oHostKeyAlias }, 209 { "hostkeyalias", oHostKeyAlias },
207 { "proxycommand", oProxyCommand }, 210 { "proxycommand", oProxyCommand },
@@ -260,7 +263,7 @@ static struct {
260 { "localcommand", oLocalCommand }, 263 { "localcommand", oLocalCommand },
261 { "permitlocalcommand", oPermitLocalCommand }, 264 { "permitlocalcommand", oPermitLocalCommand },
262 { "visualhostkey", oVisualHostKey }, 265 { "visualhostkey", oVisualHostKey },
263 { "useroaming", oUseRoaming }, 266 { "useroaming", oDeprecated },
264 { "kexalgorithms", oKexAlgorithms }, 267 { "kexalgorithms", oKexAlgorithms },
265 { "ipqos", oIPQoS }, 268 { "ipqos", oIPQoS },
266 { "requesttty", oRequestTTY }, 269 { "requesttty", oRequestTTY },
@@ -366,6 +369,30 @@ clear_forwardings(Options *options)
366} 369}
367 370
368void 371void
372add_certificate_file(Options *options, const char *path, int userprovided)
373{
374 int i;
375
376 if (options->num_certificate_files >= SSH_MAX_CERTIFICATE_FILES)
377 fatal("Too many certificate files specified (max %d)",
378 SSH_MAX_CERTIFICATE_FILES);
379
380 /* Avoid registering duplicates */
381 for (i = 0; i < options->num_certificate_files; i++) {
382 if (options->certificate_file_userprovided[i] == userprovided &&
383 strcmp(options->certificate_files[i], path) == 0) {
384 debug2("%s: ignoring duplicate key %s", __func__, path);
385 return;
386 }
387 }
388
389 options->certificate_file_userprovided[options->num_certificate_files] =
390 userprovided;
391 options->certificate_files[options->num_certificate_files++] =
392 xstrdup(path);
393}
394
395void
369add_identity_file(Options *options, const char *dir, const char *filename, 396add_identity_file(Options *options, const char *dir, const char *filename,
370 int userprovided) 397 int userprovided)
371{ 398{
@@ -416,7 +443,7 @@ default_ssh_port(void)
416static int 443static int
417execute_in_shell(const char *cmd) 444execute_in_shell(const char *cmd)
418{ 445{
419 char *shell, *command_string; 446 char *shell;
420 pid_t pid; 447 pid_t pid;
421 int devnull, status; 448 int devnull, status;
422 extern uid_t original_real_uid; 449 extern uid_t original_real_uid;
@@ -424,12 +451,6 @@ execute_in_shell(const char *cmd)
424 if ((shell = getenv("SHELL")) == NULL) 451 if ((shell = getenv("SHELL")) == NULL)
425 shell = _PATH_BSHELL; 452 shell = _PATH_BSHELL;
426 453
427 /*
428 * Use "exec" to avoid "sh -c" processes on some platforms
429 * (e.g. Solaris)
430 */
431 xasprintf(&command_string, "exec %s", cmd);
432
433 /* Need this to redirect subprocess stdin/out */ 454 /* Need this to redirect subprocess stdin/out */
434 if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) 455 if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1)
435 fatal("open(/dev/null): %s", strerror(errno)); 456 fatal("open(/dev/null): %s", strerror(errno));
@@ -454,7 +475,7 @@ execute_in_shell(const char *cmd)
454 475
455 argv[0] = shell; 476 argv[0] = shell;
456 argv[1] = "-c"; 477 argv[1] = "-c";
457 argv[2] = command_string; 478 argv[2] = xstrdup(cmd);
458 argv[3] = NULL; 479 argv[3] = NULL;
459 480
460 execv(argv[0], argv); 481 execv(argv[0], argv);
@@ -469,7 +490,6 @@ execute_in_shell(const char *cmd)
469 fatal("%s: fork: %.100s", __func__, strerror(errno)); 490 fatal("%s: fork: %.100s", __func__, strerror(errno));
470 491
471 close(devnull); 492 close(devnull);
472 free(command_string);
473 493
474 while (waitpid(pid, &status, 0) == -1) { 494 while (waitpid(pid, &status, 0) == -1) {
475 if (errno != EINTR && errno != EAGAIN) 495 if (errno != EINTR && errno != EAGAIN)
@@ -502,12 +522,15 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
502 */ 522 */
503 port = options->port <= 0 ? default_ssh_port() : options->port; 523 port = options->port <= 0 ? default_ssh_port() : options->port;
504 ruser = options->user == NULL ? pw->pw_name : options->user; 524 ruser = options->user == NULL ? pw->pw_name : options->user;
505 if (options->hostname != NULL) { 525 if (post_canon) {
526 host = xstrdup(options->hostname);
527 } else if (options->hostname != NULL) {
506 /* NB. Please keep in sync with ssh.c:main() */ 528 /* NB. Please keep in sync with ssh.c:main() */
507 host = percent_expand(options->hostname, 529 host = percent_expand(options->hostname,
508 "h", host_arg, (char *)NULL); 530 "h", host_arg, (char *)NULL);
509 } else 531 } else {
510 host = xstrdup(host_arg); 532 host = xstrdup(host_arg);
533 }
511 534
512 debug2("checking match for '%s' host %s originally %s", 535 debug2("checking match for '%s' host %s originally %s",
513 cp, host, original_host); 536 cp, host, original_host);
@@ -693,6 +716,15 @@ static const struct multistate multistate_yesnoask[] = {
693 { "ask", 2 }, 716 { "ask", 2 },
694 { NULL, -1 } 717 { NULL, -1 }
695}; 718};
719static const struct multistate multistate_yesnoaskconfirm[] = {
720 { "true", 1 },
721 { "false", 0 },
722 { "yes", 1 },
723 { "no", 0 },
724 { "ask", 2 },
725 { "confirm", 3 },
726 { NULL, -1 }
727};
696static const struct multistate multistate_addressfamily[] = { 728static const struct multistate multistate_addressfamily[] = {
697 { "inet", AF_INET }, 729 { "inet", AF_INET },
698 { "inet6", AF_INET6 }, 730 { "inet6", AF_INET6 },
@@ -947,16 +979,12 @@ parse_time:
947 if (scan_scaled(arg, &val64) == -1) 979 if (scan_scaled(arg, &val64) == -1)
948 fatal("%.200s line %d: Bad number '%s': %s", 980 fatal("%.200s line %d: Bad number '%s': %s",
949 filename, linenum, arg, strerror(errno)); 981 filename, linenum, arg, strerror(errno));
950 /* check for too-large or too-small limits */
951 if (val64 > UINT_MAX)
952 fatal("%.200s line %d: RekeyLimit too large",
953 filename, linenum);
954 if (val64 != 0 && val64 < 16) 982 if (val64 != 0 && val64 < 16)
955 fatal("%.200s line %d: RekeyLimit too small", 983 fatal("%.200s line %d: RekeyLimit too small",
956 filename, linenum); 984 filename, linenum);
957 } 985 }
958 if (*activep && options->rekey_limit == -1) 986 if (*activep && options->rekey_limit == -1)
959 options->rekey_limit = (u_int32_t)val64; 987 options->rekey_limit = val64;
960 if (s != NULL) { /* optional rekey interval present */ 988 if (s != NULL) { /* optional rekey interval present */
961 if (strcmp(s, "none") == 0) { 989 if (strcmp(s, "none") == 0) {
962 (void)strdelim(&s); /* discard */ 990 (void)strdelim(&s); /* discard */
@@ -981,6 +1009,24 @@ parse_time:
981 } 1009 }
982 break; 1010 break;
983 1011
1012 case oCertificateFile:
1013 arg = strdelim(&s);
1014 if (!arg || *arg == '\0')
1015 fatal("%.200s line %d: Missing argument.",
1016 filename, linenum);
1017 if (*activep) {
1018 intptr = &options->num_certificate_files;
1019 if (*intptr >= SSH_MAX_CERTIFICATE_FILES) {
1020 fatal("%.200s line %d: Too many certificate "
1021 "files specified (max %d).",
1022 filename, linenum,
1023 SSH_MAX_CERTIFICATE_FILES);
1024 }
1025 add_certificate_file(options, arg,
1026 flags & SSHCONF_USERCONF);
1027 }
1028 break;
1029
984 case oXAuthLocation: 1030 case oXAuthLocation:
985 charptr=&options->xauth_location; 1031 charptr=&options->xauth_location;
986 goto parse_string; 1032 goto parse_string;
@@ -1378,10 +1424,6 @@ parse_keytypes:
1378 } 1424 }
1379 break; 1425 break;
1380 1426
1381 case oUseRoaming:
1382 intptr = &options->use_roaming;
1383 goto parse_flag;
1384
1385 case oRequestTTY: 1427 case oRequestTTY:
1386 intptr = &options->request_tty; 1428 intptr = &options->request_tty;
1387 multistate_ptr = multistate_requesttty; 1429 multistate_ptr = multistate_requesttty;
@@ -1496,6 +1538,11 @@ parse_keytypes:
1496 charptr = &options->pubkey_key_types; 1538 charptr = &options->pubkey_key_types;
1497 goto parse_keytypes; 1539 goto parse_keytypes;
1498 1540
1541 case oAddKeysToAgent:
1542 intptr = &options->add_keys_to_agent;
1543 multistate_ptr = multistate_yesnoaskconfirm;
1544 goto parse_multistate;
1545
1499 case oDeprecated: 1546 case oDeprecated:
1500 debug("%s line %d: Deprecated option \"%s\"", 1547 debug("%s line %d: Deprecated option \"%s\"",
1501 filename, linenum, keyword); 1548 filename, linenum, keyword);
@@ -1625,6 +1672,7 @@ initialize_options(Options * options)
1625 options->hostkeyalgorithms = NULL; 1672 options->hostkeyalgorithms = NULL;
1626 options->protocol = SSH_PROTO_UNKNOWN; 1673 options->protocol = SSH_PROTO_UNKNOWN;
1627 options->num_identity_files = 0; 1674 options->num_identity_files = 0;
1675 options->num_certificate_files = 0;
1628 options->hostname = NULL; 1676 options->hostname = NULL;
1629 options->host_key_alias = NULL; 1677 options->host_key_alias = NULL;
1630 options->proxy_command = NULL; 1678 options->proxy_command = NULL;
@@ -1660,7 +1708,7 @@ initialize_options(Options * options)
1660 options->tun_remote = -1; 1708 options->tun_remote = -1;
1661 options->local_command = NULL; 1709 options->local_command = NULL;
1662 options->permit_local_command = -1; 1710 options->permit_local_command = -1;
1663 options->use_roaming = 0; 1711 options->add_keys_to_agent = -1;
1664 options->visual_host_key = -1; 1712 options->visual_host_key = -1;
1665 options->ip_qos_interactive = -1; 1713 options->ip_qos_interactive = -1;
1666 options->ip_qos_bulk = -1; 1714 options->ip_qos_bulk = -1;
@@ -1765,6 +1813,8 @@ fill_default_options(Options * options)
1765 /* options->hostkeyalgorithms, default set in myproposals.h */ 1813 /* options->hostkeyalgorithms, default set in myproposals.h */
1766 if (options->protocol == SSH_PROTO_UNKNOWN) 1814 if (options->protocol == SSH_PROTO_UNKNOWN)
1767 options->protocol = SSH_PROTO_2; 1815 options->protocol = SSH_PROTO_2;
1816 if (options->add_keys_to_agent == -1)
1817 options->add_keys_to_agent = 0;
1768 if (options->num_identity_files == 0) { 1818 if (options->num_identity_files == 0) {
1769 if (options->protocol & SSH_PROTO_1) { 1819 if (options->protocol & SSH_PROTO_1) {
1770 add_identity_file(options, "~/", 1820 add_identity_file(options, "~/",
@@ -1833,7 +1883,6 @@ fill_default_options(Options * options)
1833 options->tun_remote = SSH_TUNID_ANY; 1883 options->tun_remote = SSH_TUNID_ANY;
1834 if (options->permit_local_command == -1) 1884 if (options->permit_local_command == -1)
1835 options->permit_local_command = 0; 1885 options->permit_local_command = 0;
1836 options->use_roaming = 0;
1837 if (options->visual_host_key == -1) 1886 if (options->visual_host_key == -1)
1838 options->visual_host_key = 0; 1887 options->visual_host_key = 0;
1839 if (options->ip_qos_interactive == -1) 1888 if (options->ip_qos_interactive == -1)
@@ -2242,6 +2291,10 @@ dump_client_config(Options *o, const char *host)
2242 int i; 2291 int i;
2243 char vbuf[5]; 2292 char vbuf[5];
2244 2293
2294 /* This is normally prepared in ssh_kex2 */
2295 if (kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->hostkeyalgorithms) != 0)
2296 fatal("%s: kex_assemble_names failed", __func__);
2297
2245 /* Most interesting options first: user, host, port */ 2298 /* Most interesting options first: user, host, port */
2246 dump_cfg_string(oUser, o->user); 2299 dump_cfg_string(oUser, o->user);
2247 dump_cfg_string(oHostName, host); 2300 dump_cfg_string(oHostName, host);
@@ -2302,7 +2355,7 @@ dump_client_config(Options *o, const char *host)
2302 dump_cfg_string(oBindAddress, o->bind_address); 2355 dump_cfg_string(oBindAddress, o->bind_address);
2303 dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT); 2356 dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT);
2304 dump_cfg_string(oControlPath, o->control_path); 2357 dump_cfg_string(oControlPath, o->control_path);
2305 dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms ? o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG); 2358 dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms);
2306 dump_cfg_string(oHostKeyAlias, o->host_key_alias); 2359 dump_cfg_string(oHostKeyAlias, o->host_key_alias);
2307 dump_cfg_string(oHostbasedKeyTypes, o->hostbased_key_types); 2360 dump_cfg_string(oHostbasedKeyTypes, o->hostbased_key_types);
2308 dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); 2361 dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices);
@@ -2313,6 +2366,7 @@ dump_client_config(Options *o, const char *host)
2313 dump_cfg_string(oPKCS11Provider, o->pkcs11_provider); 2366 dump_cfg_string(oPKCS11Provider, o->pkcs11_provider);
2314 dump_cfg_string(oPreferredAuthentications, o->preferred_authentications); 2367 dump_cfg_string(oPreferredAuthentications, o->preferred_authentications);
2315 dump_cfg_string(oProxyCommand, o->proxy_command); 2368 dump_cfg_string(oProxyCommand, o->proxy_command);
2369 dump_cfg_string(oPubkeyAcceptedKeyTypes, o->pubkey_key_types);
2316 dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); 2370 dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys);
2317 dump_cfg_string(oXAuthLocation, o->xauth_location); 2371 dump_cfg_string(oXAuthLocation, o->xauth_location);
2318 2372
@@ -2381,8 +2435,8 @@ dump_client_config(Options *o, const char *host)
2381 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2435 printf("%s\n", iptos2str(o->ip_qos_bulk));
2382 2436
2383 /* oRekeyLimit */ 2437 /* oRekeyLimit */
2384 printf("rekeylimit %lld %d\n", 2438 printf("rekeylimit %llu %d\n",
2385 (long long)o->rekey_limit, o->rekey_interval); 2439 (unsigned long long)o->rekey_limit, o->rekey_interval);
2386 2440
2387 /* oStreamLocalBindMask */ 2441 /* oStreamLocalBindMask */
2388 printf("streamlocalbindmask 0%o\n", 2442 printf("streamlocalbindmask 0%o\n",
diff --git a/readconf.h b/readconf.h
index bb2d55283..c84d068bd 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.h,v 1.110 2015/07/10 06:21:53 markus Exp $ */ 1/* $OpenBSD: readconf.h,v 1.113 2016/01/14 16:17:40 markus Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -95,6 +95,13 @@ typedef struct {
95 int identity_file_userprovided[SSH_MAX_IDENTITY_FILES]; 95 int identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
96 struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES]; 96 struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES];
97 97
98 int num_certificate_files; /* Number of extra certificates for ssh. */
99 char *certificate_files[SSH_MAX_CERTIFICATE_FILES];
100 int certificate_file_userprovided[SSH_MAX_CERTIFICATE_FILES];
101 struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES];
102
103 int add_keys_to_agent;
104
98 /* Local TCP/IP forward requests. */ 105 /* Local TCP/IP forward requests. */
99 int num_local_forwards; 106 int num_local_forwards;
100 struct Forward *local_forwards; 107 struct Forward *local_forwards;
@@ -130,8 +137,6 @@ typedef struct {
130 int permit_local_command; 137 int permit_local_command;
131 int visual_host_key; 138 int visual_host_key;
132 139
133 int use_roaming;
134
135 int request_tty; 140 int request_tty;
136 141
137 int proxy_use_fdpass; 142 int proxy_use_fdpass;
@@ -194,5 +199,6 @@ void dump_client_config(Options *o, const char *host);
194void add_local_forward(Options *, const struct Forward *); 199void add_local_forward(Options *, const struct Forward *);
195void add_remote_forward(Options *, const struct Forward *); 200void add_remote_forward(Options *, const struct Forward *);
196void add_identity_file(Options *, const char *, const char *, int); 201void add_identity_file(Options *, const char *, const char *, int);
202void add_certificate_file(Options *, const char *, int);
197 203
198#endif /* READCONF_H */ 204#endif /* READCONF_H */
diff --git a/readpass.c b/readpass.c
index 869d86425..05c8cac1c 100644
--- a/readpass.c
+++ b/readpass.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readpass.c,v 1.50 2014/02/02 03:44:31 djm Exp $ */ 1/* $OpenBSD: readpass.c,v 1.51 2015/12/11 00:20:04 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -76,7 +76,7 @@ ssh_askpass(char *askpass, const char *msg)
76 close(p[0]); 76 close(p[0]);
77 if (dup2(p[1], STDOUT_FILENO) < 0) 77 if (dup2(p[1], STDOUT_FILENO) < 0)
78 fatal("ssh_askpass: dup2: %s", strerror(errno)); 78 fatal("ssh_askpass: dup2: %s", strerror(errno));
79 execlp(askpass, askpass, msg, (char *) 0); 79 execlp(askpass, askpass, msg, (char *)NULL);
80 fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); 80 fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno));
81 } 81 }
82 close(p[1]); 82 close(p[1]);
diff --git a/regress/Makefile b/regress/Makefile
index cba83f4d6..451909c1a 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.81 2015/05/21 06:44:25 djm Exp $ 1# $OpenBSD: Makefile,v 1.82 2015/09/24 06:16:53 djm Exp $
2 2
3REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec 3REGRESS_TARGETS= unit t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t-exec
4tests: prep $(REGRESS_TARGETS) 4tests: prep $(REGRESS_TARGETS)
@@ -74,7 +74,8 @@ LTESTS= connect \
74 hostkey-agent \ 74 hostkey-agent \
75 keygen-knownhosts \ 75 keygen-knownhosts \
76 hostkey-rotate \ 76 hostkey-rotate \
77 principals-command 77 principals-command \
78 cert-file
78 79
79 80
80# dhgex \ 81# dhgex \
diff --git a/regress/agent-ptrace.sh b/regress/agent-ptrace.sh
index 1912ca8f9..bb676d631 100644
--- a/regress/agent-ptrace.sh
+++ b/regress/agent-ptrace.sh
@@ -12,6 +12,11 @@ if have_prog uname ; then
12 esac 12 esac
13fi 13fi
14 14
15if [ "x$USER" = "xroot" ]; then
16 echo "Skipped: running as root"
17 exit 0
18fi
19
15if have_prog gdb ; then 20if have_prog gdb ; then
16 : ok 21 : ok
17else 22else
diff --git a/regress/cert-file.sh b/regress/cert-file.sh
new file mode 100644
index 000000000..bad923ad0
--- /dev/null
+++ b/regress/cert-file.sh
@@ -0,0 +1,138 @@
1# $OpenBSD: cert-file.sh,v 1.2 2015/09/24 07:15:39 djm Exp $
2# Placed in the Public Domain.
3
4tid="ssh with certificates"
5
6rm -f $OBJ/user_ca_key* $OBJ/user_key*
7rm -f $OBJ/cert_user_key*
8
9# Create a CA key
10${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key1 ||\
11 fatal "ssh-keygen failed"
12${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key2 ||\
13 fatal "ssh-keygen failed"
14
15# Make some keys and certificates.
16${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key1 || \
17 fatal "ssh-keygen failed"
18${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_key2 || \
19 fatal "ssh-keygen failed"
20# Move the certificate to a different address to better control
21# when it is offered.
22${SSHKEYGEN} -q -s $OBJ/user_ca_key1 -I "regress user key for $USER" \
23 -z $$ -n ${USER} $OBJ/user_key1 ||
24 fail "couldn't sign user_key1 with user_ca_key1"
25mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_1.pub
26${SSHKEYGEN} -q -s $OBJ/user_ca_key2 -I "regress user key for $USER" \
27 -z $$ -n ${USER} $OBJ/user_key1 ||
28 fail "couldn't sign user_key1 with user_ca_key2"
29mv $OBJ/user_key1-cert.pub $OBJ/cert_user_key1_2.pub
30
31trace 'try with identity files'
32opts="-F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
33opts2="$opts -i $OBJ/user_key1 -i $OBJ/user_key2"
34echo "cert-authority $(cat $OBJ/user_ca_key1.pub)" > $OBJ/authorized_keys_$USER
35
36for p in ${SSH_PROTOCOLS}; do
37 # Just keys should fail
38 ${SSH} $opts2 somehost exit 5$p
39 r=$?
40 if [ $r -eq 5$p ]; then
41 fail "ssh succeeded with no certs in protocol $p"
42 fi
43
44 # Keys with untrusted cert should fail.
45 opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_2.pub"
46 ${SSH} $opts3 somehost exit 5$p
47 r=$?
48 if [ $r -eq 5$p ]; then
49 fail "ssh succeeded with bad cert in protocol $p"
50 fi
51
52 # Good cert with bad key should fail.
53 opts3="$opts -i $OBJ/user_key2"
54 opts3="$opts3 -oCertificateFile=$OBJ/cert_user_key1_1.pub"
55 ${SSH} $opts3 somehost exit 5$p
56 r=$?
57 if [ $r -eq 5$p ]; then
58 fail "ssh succeeded with no matching key in protocol $p"
59 fi
60
61 # Keys with one trusted cert, should succeed.
62 opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub"
63 ${SSH} $opts3 somehost exit 5$p
64 r=$?
65 if [ $r -ne 5$p ]; then
66 fail "ssh failed with trusted cert and key in protocol $p"
67 fi
68
69 # Multiple certs and keys, with one trusted cert, should succeed.
70 opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_2.pub"
71 opts3="$opts3 -oCertificateFile=$OBJ/cert_user_key1_1.pub"
72 ${SSH} $opts3 somehost exit 5$p
73 r=$?
74 if [ $r -ne 5$p ]; then
75 fail "ssh failed with multiple certs in protocol $p"
76 fi
77
78 #Keys with trusted certificate specified in config options, should succeed.
79 opts3="$opts2 -oCertificateFile=$OBJ/cert_user_key1_1.pub"
80 ${SSH} $opts3 somehost exit 5$p
81 r=$?
82 if [ $r -ne 5$p ]; then
83 fail "ssh failed with trusted cert in config in protocol $p"
84 fi
85done
86
87#next, using an agent in combination with the keys
88SSH_AUTH_SOCK=/nonexistent ${SSHADD} -l > /dev/null 2>&1
89if [ $? -ne 2 ]; then
90 fatal "ssh-add -l did not fail with exit code 2"
91fi
92
93trace "start agent"
94eval `${SSHAGENT} -s` > /dev/null
95r=$?
96if [ $r -ne 0 ]; then
97 fatal "could not start ssh-agent: exit code $r"
98fi
99
100# add private keys to agent
101${SSHADD} -k $OBJ/user_key2 > /dev/null 2>&1
102if [ $? -ne 0 ]; then
103 fatal "ssh-add did not succeed with exit code 0"
104fi
105${SSHADD} -k $OBJ/user_key1 > /dev/null 2>&1
106if [ $? -ne 0 ]; then
107 fatal "ssh-add did not succeed with exit code 0"
108fi
109
110# try ssh with the agent and certificates
111# note: ssh agent only uses certificates in protocol 2
112opts="-F $OBJ/ssh_proxy"
113# with no certificates, shoud fail
114${SSH} -2 $opts somehost exit 52
115if [ $? -eq 52 ]; then
116 fail "ssh connect with agent in protocol 2 succeeded with no cert"
117fi
118
119#with an untrusted certificate, should fail
120opts="$opts -oCertificateFile=$OBJ/cert_user_key1_2.pub"
121${SSH} -2 $opts somehost exit 52
122if [ $? -eq 52 ]; then
123 fail "ssh connect with agent in protocol 2 succeeded with bad cert"
124fi
125
126#with an additional trusted certificate, should succeed
127opts="$opts -oCertificateFile=$OBJ/cert_user_key1_1.pub"
128${SSH} -2 $opts somehost exit 52
129if [ $? -ne 52 ]; then
130 fail "ssh connect with agent in protocol 2 failed with good cert"
131fi
132
133trace "kill agent"
134${SSHAGENT} -k > /dev/null
135
136#cleanup
137rm -f $OBJ/user_ca_key* $OBJ/user_key*
138rm -f $OBJ/cert_user_key*
diff --git a/regress/check-perm.c b/regress/check-perm.c
new file mode 100644
index 000000000..dac307d24
--- /dev/null
+++ b/regress/check-perm.c
@@ -0,0 +1,205 @@
1/*
2 * Placed in the public domain
3 */
4
5/* $OpenBSD: modpipe.c,v 1.6 2013/11/21 03:16:47 djm Exp $ */
6
7#include "includes.h"
8
9#include <sys/types.h>
10#include <sys/stat.h>
11#include <unistd.h>
12#include <stdio.h>
13#include <string.h>
14#include <stdarg.h>
15#include <stdlib.h>
16#include <errno.h>
17#include <pwd.h>
18#ifdef HAVE_LIBGEN_H
19#include <libgen.h>
20#endif
21
22static void
23fatal(const char *fmt, ...)
24{
25 va_list args;
26
27 va_start(args, fmt);
28 vfprintf(stderr, fmt, args);
29 fputc('\n', stderr);
30 va_end(args);
31 exit(1);
32}
33/* Based on session.c. NB. keep tests in sync */
34static void
35safely_chroot(const char *path, uid_t uid)
36{
37 const char *cp;
38 char component[PATH_MAX];
39 struct stat st;
40
41 if (*path != '/')
42 fatal("chroot path does not begin at root");
43 if (strlen(path) >= sizeof(component))
44 fatal("chroot path too long");
45
46 /*
47 * Descend the path, checking that each component is a
48 * root-owned directory with strict permissions.
49 */
50 for (cp = path; cp != NULL;) {
51 if ((cp = strchr(cp, '/')) == NULL)
52 strlcpy(component, path, sizeof(component));
53 else {
54 cp++;
55 memcpy(component, path, cp - path);
56 component[cp - path] = '\0';
57 }
58
59 /* debug3("%s: checking '%s'", __func__, component); */
60
61 if (stat(component, &st) != 0)
62 fatal("%s: stat(\"%s\"): %s", __func__,
63 component, strerror(errno));
64 if (st.st_uid != 0 || (st.st_mode & 022) != 0)
65 fatal("bad ownership or modes for chroot "
66 "directory %s\"%s\"",
67 cp == NULL ? "" : "component ", component);
68 if (!S_ISDIR(st.st_mode))
69 fatal("chroot path %s\"%s\" is not a directory",
70 cp == NULL ? "" : "component ", component);
71
72 }
73
74 if (chdir(path) == -1)
75 fatal("Unable to chdir to chroot path \"%s\": "
76 "%s", path, strerror(errno));
77}
78
79/* from platform.c */
80int
81platform_sys_dir_uid(uid_t uid)
82{
83 if (uid == 0)
84 return 1;
85#ifdef PLATFORM_SYS_DIR_UID
86 if (uid == PLATFORM_SYS_DIR_UID)
87 return 1;
88#endif
89 return 0;
90}
91
92/* from auth.c */
93int
94auth_secure_path(const char *name, struct stat *stp, const char *pw_dir,
95 uid_t uid, char *err, size_t errlen)
96{
97 char buf[PATH_MAX], homedir[PATH_MAX];
98 char *cp;
99 int comparehome = 0;
100 struct stat st;
101
102 if (realpath(name, buf) == NULL) {
103 snprintf(err, errlen, "realpath %s failed: %s", name,
104 strerror(errno));
105 return -1;
106 }
107 if (pw_dir != NULL && realpath(pw_dir, homedir) != NULL)
108 comparehome = 1;
109
110 if (!S_ISREG(stp->st_mode)) {
111 snprintf(err, errlen, "%s is not a regular file", buf);
112 return -1;
113 }
114 if ((!platform_sys_dir_uid(stp->st_uid) && stp->st_uid != uid) ||
115 (stp->st_mode & 022) != 0) {
116 snprintf(err, errlen, "bad ownership or modes for file %s",
117 buf);
118 return -1;
119 }
120
121 /* for each component of the canonical path, walking upwards */
122 for (;;) {
123 if ((cp = dirname(buf)) == NULL) {
124 snprintf(err, errlen, "dirname() failed");
125 return -1;
126 }
127 strlcpy(buf, cp, sizeof(buf));
128
129 if (stat(buf, &st) < 0 ||
130 (!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) ||
131 (st.st_mode & 022) != 0) {
132 snprintf(err, errlen,
133 "bad ownership or modes for directory %s", buf);
134 return -1;
135 }
136
137 /* If are past the homedir then we can stop */
138 if (comparehome && strcmp(homedir, buf) == 0)
139 break;
140
141 /*
142 * dirname should always complete with a "/" path,
143 * but we can be paranoid and check for "." too
144 */
145 if ((strcmp("/", buf) == 0) || (strcmp(".", buf) == 0))
146 break;
147 }
148 return 0;
149}
150
151static void
152usage(void)
153{
154 fprintf(stderr, "check-perm -m [chroot | keys-command] [path]\n");
155 exit(1);
156}
157
158int
159main(int argc, char **argv)
160{
161 const char *path = ".";
162 char errmsg[256];
163 int ch, mode = -1;
164 extern char *optarg;
165 extern int optind;
166 struct stat st;
167
168 while ((ch = getopt(argc, argv, "hm:")) != -1) {
169 switch (ch) {
170 case 'm':
171 if (strcasecmp(optarg, "chroot") == 0)
172 mode = 1;
173 else if (strcasecmp(optarg, "keys-command") == 0)
174 mode = 2;
175 else {
176 fprintf(stderr, "Invalid -m option\n"),
177 usage();
178 }
179 break;
180 default:
181 usage();
182 }
183 }
184 argc -= optind;
185 argv += optind;
186
187 if (argc > 1)
188 usage();
189 else if (argc == 1)
190 path = argv[0];
191
192 if (mode == 1)
193 safely_chroot(path, getuid());
194 else if (mode == 2) {
195 if (stat(path, &st) < 0)
196 fatal("Could not stat %s: %s", path, strerror(errno));
197 if (auth_secure_path(path, &st, NULL, 0,
198 errmsg, sizeof(errmsg)) != 0)
199 fatal("Unsafe %s: %s", path, errmsg);
200 } else {
201 fprintf(stderr, "Invalid mode\n");
202 usage();
203 }
204 return 0;
205}
diff --git a/regress/dhgex.sh b/regress/dhgex.sh
index 57fca4a32..e7c573397 100644
--- a/regress/dhgex.sh
+++ b/regress/dhgex.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: dhgex.sh,v 1.2 2014/04/21 22:15:37 djm Exp $ 1# $OpenBSD: dhgex.sh,v 1.3 2015/10/23 02:22:01 dtucker Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="dhgex" 4tid="dhgex"
@@ -20,7 +20,9 @@ ssh_test_dhgex()
20 echo "Ciphers=$cipher" >> $OBJ/sshd_proxy 20 echo "Ciphers=$cipher" >> $OBJ/sshd_proxy
21 rm -f ${LOG} 21 rm -f ${LOG}
22 opts="-oKexAlgorithms=$kex -oCiphers=$cipher" 22 opts="-oKexAlgorithms=$kex -oCiphers=$cipher"
23 groupsz="1024<$bits<8192" 23 min=2048
24 max=8192
25 groupsz="$min<$bits<$max"
24 verbose "$tid bits $bits $kex $cipher" 26 verbose "$tid bits $bits $kex $cipher"
25 ${SSH} ${opts} $@ -vvv -F ${OBJ}/ssh_proxy somehost true 27 ${SSH} ${opts} $@ -vvv -F ${OBJ}/ssh_proxy somehost true
26 if [ $? -ne 0 ]; then 28 if [ $? -ne 0 ]; then
diff --git a/regress/hostkey-rotate.sh b/regress/hostkey-rotate.sh
index 3aa8c40c0..d69de3255 100644
--- a/regress/hostkey-rotate.sh
+++ b/regress/hostkey-rotate.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $ 1# $OpenBSD: hostkey-rotate.sh,v 1.5 2015/09/04 04:23:10 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="hostkey rotate" 4tid="hostkey rotate"
@@ -108,21 +108,3 @@ verbose "check rotate primary hostkey"
108dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=ssh-rsa 108dossh -oStrictHostKeyChecking=yes -oHostKeyAlgorithms=ssh-rsa
109expect_nkeys 1 "learn hostkeys" 109expect_nkeys 1 "learn hostkeys"
110check_key_present ssh-rsa || fail "didn't learn changed key" 110check_key_present ssh-rsa || fail "didn't learn changed key"
111
112# $OpenBSD: hostkey-rotate.sh,v 1.4 2015/07/10 06:23:25 markus Exp $
113# Placed in the Public Domain.
114
115tid="hostkey rotate"
116
117# Prepare hostkeys file with one key
118
119# Connect to sshd
120
121# Check that other keys learned
122
123# Change one hostkey (non primary)
124
125# Connect to sshd
126
127# Check that the key was replaced
128
diff --git a/regress/keys-command.sh b/regress/keys-command.sh
index 700273b66..af68cf15c 100644
--- a/regress/keys-command.sh
+++ b/regress/keys-command.sh
@@ -36,6 +36,12 @@ exec cat "$OBJ/authorized_keys_${LOGNAME}"
36_EOF 36_EOF
37$SUDO chmod 0755 "$KEY_COMMAND" 37$SUDO chmod 0755 "$KEY_COMMAND"
38 38
39if ! $OBJ/check-perm -m keys-command $KEY_COMMAND ; then
40 echo "skipping: $KEY_COMMAND is unsuitable as AuthorizedKeysCommand"
41 $SUDO rm -f $KEY_COMMAND
42 exit 0
43fi
44
39if [ -x $KEY_COMMAND ]; then 45if [ -x $KEY_COMMAND ]; then
40 cp $OBJ/sshd_proxy $OBJ/sshd_proxy.bak 46 cp $OBJ/sshd_proxy $OBJ/sshd_proxy.bak
41 47
diff --git a/regress/keyscan.sh b/regress/keyscan.sh
index 886f3295a..f97364b76 100644
--- a/regress/keyscan.sh
+++ b/regress/keyscan.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: keyscan.sh,v 1.4 2015/03/03 22:35:19 markus Exp $ 1# $OpenBSD: keyscan.sh,v 1.5 2015/09/11 03:44:21 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="keyscan" 4tid="keyscan"
@@ -8,7 +8,7 @@ rm -f ${OBJ}/host.dsa
8 8
9start_sshd 9start_sshd
10 10
11KEYTYPES="rsa dsa" 11KEYTYPES=`${SSH} -Q key-plain`
12if ssh_version 1; then 12if ssh_version 1; then
13 KEYTYPES="${KEYTYPES} rsa1" 13 KEYTYPES="${KEYTYPES} rsa1"
14fi 14fi
diff --git a/regress/limit-keytype.sh b/regress/limit-keytype.sh
index 2de037bd1..c0cf2fed6 100644
--- a/regress/limit-keytype.sh
+++ b/regress/limit-keytype.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: limit-keytype.sh,v 1.1 2015/01/13 07:49:49 djm Exp $ 1# $OpenBSD: limit-keytype.sh,v 1.4 2015/10/29 08:05:17 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="restrict pubkey type" 4tid="restrict pubkey type"
@@ -20,18 +20,19 @@ ${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_key2 || \
20 fatal "ssh-keygen failed" 20 fatal "ssh-keygen failed"
21${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_key3 || \ 21${SSHKEYGEN} -q -N '' -t rsa -f $OBJ/user_key3 || \
22 fatal "ssh-keygen failed" 22 fatal "ssh-keygen failed"
23${SSHKEYGEN} -q -N '' -t dsa -f $OBJ/user_key4 || \
24 fatal "ssh-keygen failed"
23${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \ 25${SSHKEYGEN} -q -s $OBJ/user_ca_key -I "regress user key for $USER" \
24 -z $$ -n ${USER},mekmitasdigoat $OBJ/user_key3 || 26 -z $$ -n ${USER},mekmitasdigoat $OBJ/user_key3 ||
25 fatal "couldn't sign user_key1" 27 fatal "couldn't sign user_key1"
26# Copy the private key alongside the cert to allow better control of when 28# Copy the private key alongside the cert to allow better control of when
27# it is offered. 29# it is offered.
28mv $OBJ/user_key3-cert.pub $OBJ/cert_user_key3.pub 30mv $OBJ/user_key3-cert.pub $OBJ/cert_user_key3.pub
29cp -p $OBJ/user_key3 $OBJ/cert_user_key3
30 31
31grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy 32grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy
32 33
33opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes" 34opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
34fullopts="$opts -i $OBJ/cert_user_key3 -i $OBJ/user_key1 -i $OBJ/user_key2" 35certopts="$opts -i $OBJ/user_key3 -oCertificateFile=$OBJ/cert_user_key3.pub"
35 36
36echo mekmitasdigoat > $OBJ/authorized_principals_$USER 37echo mekmitasdigoat > $OBJ/authorized_principals_$USER
37cat $OBJ/user_key1.pub > $OBJ/authorized_keys_$USER 38cat $OBJ/user_key1.pub > $OBJ/authorized_keys_$USER
@@ -53,28 +54,44 @@ prepare_config() {
53prepare_config 54prepare_config
54 55
55# Check we can log in with all key types. 56# Check we can log in with all key types.
56${SSH} $opts -i $OBJ/cert_user_key3 proxy true || fatal "cert failed" 57${SSH} $certopts proxy true || fatal "cert failed"
57${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" 58${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed"
58${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" 59${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed"
59 60
60# Allow plain Ed25519 and RSA. The certificate should fail. 61# Allow plain Ed25519 and RSA. The certificate should fail.
61verbose "privsep=$privsep allow rsa,ed25519" 62verbose "allow rsa,ed25519"
62prepare_config "PubkeyAcceptedKeyTypes ssh-rsa,ssh-ed25519" 63prepare_config "PubkeyAcceptedKeyTypes ssh-rsa,ssh-ed25519"
63${SSH} $opts -i $OBJ/cert_user_key3 proxy true && fatal "cert succeeded" 64${SSH} $certopts proxy true && fatal "cert succeeded"
64${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" 65${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed"
65${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed" 66${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed"
66 67
67# Allow Ed25519 only. 68# Allow Ed25519 only.
68verbose "privsep=$privsep allow ed25519" 69verbose "allow ed25519"
69prepare_config "PubkeyAcceptedKeyTypes ssh-ed25519" 70prepare_config "PubkeyAcceptedKeyTypes ssh-ed25519"
70${SSH} $opts -i $OBJ/cert_user_key3 proxy true && fatal "cert succeeded" 71${SSH} $certopts proxy true && fatal "cert succeeded"
71${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed" 72${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed"
72${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded" 73${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded"
73 74
74# Allow all certs. Plain keys should fail. 75# Allow all certs. Plain keys should fail.
75verbose "privsep=$privsep allow cert only" 76verbose "allow cert only"
76prepare_config "PubkeyAcceptedKeyTypes ssh-*-cert-v01@openssh.com" 77prepare_config "PubkeyAcceptedKeyTypes ssh-*-cert-v01@openssh.com"
77${SSH} $opts -i $OBJ/cert_user_key3 proxy true || fatal "cert failed" 78${SSH} $certopts proxy true || fatal "cert failed"
78${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded" 79${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded"
79${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded" 80${SSH} $opts -i $OBJ/user_key2 proxy true && fatal "key2 succeeded"
80 81
82# Allow RSA in main config, Ed25519 for non-existent user.
83verbose "match w/ no match"
84prepare_config "PubkeyAcceptedKeyTypes ssh-rsa" \
85 "Match user x$USER" "PubkeyAcceptedKeyTypes +ssh-ed25519"
86${SSH} $certopts proxy true && fatal "cert succeeded"
87${SSH} $opts -i $OBJ/user_key1 proxy true && fatal "key1 succeeded"
88${SSH} $opts -i $OBJ/user_key2 proxy true || fatal "key2 failed"
89
90# Allow only DSA in main config, Ed25519 for user.
91verbose "match w/ matching"
92prepare_config "PubkeyAcceptedKeyTypes ssh-dss" \
93 "Match user $USER" "PubkeyAcceptedKeyTypes +ssh-ed25519"
94${SSH} $certopts proxy true || fatal "cert failed"
95${SSH} $opts -i $OBJ/user_key1 proxy true || fatal "key1 failed"
96${SSH} $opts -i $OBJ/user_key4 proxy true && fatal "key4 succeeded"
97
diff --git a/regress/principals-command.sh b/regress/principals-command.sh
index b90a8cf2c..c0be7e747 100644
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@@ -24,6 +24,13 @@ _EOF
24test $? -eq 0 || fatal "couldn't prepare principals command" 24test $? -eq 0 || fatal "couldn't prepare principals command"
25$SUDO chmod 0755 "$PRINCIPALS_CMD" 25$SUDO chmod 0755 "$PRINCIPALS_CMD"
26 26
27if ! $OBJ/check-perm -m keys-command $PRINCIPALS_CMD ; then
28 echo "skipping: $PRINCIPALS_CMD is unsuitable as " \
29 "AuthorizedPrincipalsCommand"
30 $SUDO rm -f $PRINCIPALS_CMD
31 exit 0
32fi
33
27# Create a CA key and a user certificate. 34# Create a CA key and a user certificate.
28${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key || \ 35${SSHKEYGEN} -q -N '' -t ed25519 -f $OBJ/user_ca_key || \
29 fatal "ssh-keygen of user_ca_key failed" 36 fatal "ssh-keygen of user_ca_key failed"
diff --git a/regress/proxy-connect.sh b/regress/proxy-connect.sh
index f816962b5..b7a43fabe 100644
--- a/regress/proxy-connect.sh
+++ b/regress/proxy-connect.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: proxy-connect.sh,v 1.8 2015/03/03 22:35:19 markus Exp $ 1# $OpenBSD: proxy-connect.sh,v 1.9 2016/02/17 02:24:17 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="proxy connect" 4tid="proxy connect"
@@ -18,7 +18,8 @@ for ps in no yes; do
18 fail "ssh proxyconnect protocol $p privsep=$ps comp=$c failed" 18 fail "ssh proxyconnect protocol $p privsep=$ps comp=$c failed"
19 fi 19 fi
20 if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then 20 if [ "$SSH_CONNECTION" != "UNKNOWN 65535 UNKNOWN 65535" ]; then
21 fail "bad SSH_CONNECTION protocol $p privsep=$ps comp=$c" 21 fail "bad SSH_CONNECTION protocol $p privsep=$ps comp=$c: " \
22 "$SSH_CONNECTION"
22 fi 23 fi
23 done 24 done
24 done 25 done
diff --git a/regress/rekey.sh b/regress/rekey.sh
index 0d4444d03..ae145bc8b 100644
--- a/regress/rekey.sh
+++ b/regress/rekey.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: rekey.sh,v 1.16 2015/02/14 12:43:16 markus Exp $ 1# $OpenBSD: rekey.sh,v 1.17 2016/01/29 05:18:15 dtucker Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="rekey" 4tid="rekey"
@@ -137,13 +137,15 @@ for s in 5 10; do
137done 137done
138 138
139verbose "rekeylimit parsing" 139verbose "rekeylimit parsing"
140for size in 16 1k 1K 1m 1M 1g 1G; do 140for size in 16 1k 1K 1m 1M 1g 1G 4G 8G; do
141 for time in 1 1m 1M 1h 1H 1d 1D 1w 1W; do 141 for time in 1 1m 1M 1h 1H 1d 1D 1w 1W; do
142 case $size in 142 case $size in
143 16) bytes=16 ;; 143 16) bytes=16 ;;
144 1k|1K) bytes=1024 ;; 144 1k|1K) bytes=1024 ;;
145 1m|1M) bytes=1048576 ;; 145 1m|1M) bytes=1048576 ;;
146 1g|1G) bytes=1073741824 ;; 146 1g|1G) bytes=1073741824 ;;
147 4g|4G) bytes=4294967296 ;;
148 8g|8G) bytes=8589934592 ;;
147 esac 149 esac
148 case $time in 150 case $time in
149 1) seconds=1 ;; 151 1) seconds=1 ;;
diff --git a/regress/setuid-allowed.c b/regress/setuid-allowed.c
index 676d2661c..7a0527fd0 100644
--- a/regress/setuid-allowed.c
+++ b/regress/setuid-allowed.c
@@ -26,7 +26,7 @@
26#include <string.h> 26#include <string.h>
27#include <errno.h> 27#include <errno.h>
28 28
29void 29static void
30usage(void) 30usage(void)
31{ 31{
32 fprintf(stderr, "check-setuid [path]\n"); 32 fprintf(stderr, "check-setuid [path]\n");
diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh
index 23f7456e8..9c26eb680 100644
--- a/regress/sftp-chroot.sh
+++ b/regress/sftp-chroot.sh
@@ -12,6 +12,11 @@ if [ -z "$SUDO" ]; then
12 exit 0 12 exit 0
13fi 13fi
14 14
15if ! $OBJ/check-perm -m chroot "$CHROOT" ; then
16 echo "skipped: $CHROOT is unsuitable as ChrootDirectory"
17 exit 0
18fi
19
15$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ 20$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \
16 fatal "create $PRIVDATA failed" 21 fatal "create $PRIVDATA failed"
17 22
diff --git a/regress/unittests/sshkey/test_file.c b/regress/unittests/sshkey/test_file.c
index c8a236937..906491f2b 100644
--- a/regress/unittests/sshkey/test_file.c
+++ b/regress/unittests/sshkey/test_file.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_file.c,v 1.4 2015/07/07 14:53:30 markus Exp $ */ 1/* $OpenBSD: test_file.c,v 1.5 2015/10/06 01:20:59 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -54,8 +54,7 @@ sshkey_file_tests(void)
54#ifdef WITH_SSH1 54#ifdef WITH_SSH1
55 TEST_START("parse RSA1 from private"); 55 TEST_START("parse RSA1 from private");
56 buf = load_file("rsa1_1"); 56 buf = load_file("rsa1_1");
57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa1_1", 57 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
58 &k1, NULL), 0);
59 sshbuf_free(buf); 58 sshbuf_free(buf);
60 ASSERT_PTR_NE(k1, NULL); 59 ASSERT_PTR_NE(k1, NULL);
61 a = load_bignum("rsa1_1.param.n"); 60 a = load_bignum("rsa1_1.param.n");
@@ -66,7 +65,7 @@ sshkey_file_tests(void)
66 TEST_START("parse RSA1 from private w/ passphrase"); 65 TEST_START("parse RSA1 from private w/ passphrase");
67 buf = load_file("rsa1_1_pw"); 66 buf = load_file("rsa1_1_pw");
68 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 67 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
69 (const char *)sshbuf_ptr(pw), "rsa1_1_pw", &k2, NULL), 0); 68 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
70 sshbuf_free(buf); 69 sshbuf_free(buf);
71 ASSERT_PTR_NE(k2, NULL); 70 ASSERT_PTR_NE(k2, NULL);
72 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 71 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -104,8 +103,7 @@ sshkey_file_tests(void)
104 103
105 TEST_START("parse RSA from private"); 104 TEST_START("parse RSA from private");
106 buf = load_file("rsa_1"); 105 buf = load_file("rsa_1");
107 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "rsa_1", 106 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
108 &k1, NULL), 0);
109 sshbuf_free(buf); 107 sshbuf_free(buf);
110 ASSERT_PTR_NE(k1, NULL); 108 ASSERT_PTR_NE(k1, NULL);
111 a = load_bignum("rsa_1.param.n"); 109 a = load_bignum("rsa_1.param.n");
@@ -122,7 +120,7 @@ sshkey_file_tests(void)
122 TEST_START("parse RSA from private w/ passphrase"); 120 TEST_START("parse RSA from private w/ passphrase");
123 buf = load_file("rsa_1_pw"); 121 buf = load_file("rsa_1_pw");
124 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 122 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
125 (const char *)sshbuf_ptr(pw), "rsa_1_pw", &k2, NULL), 0); 123 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
126 sshbuf_free(buf); 124 sshbuf_free(buf);
127 ASSERT_PTR_NE(k2, NULL); 125 ASSERT_PTR_NE(k2, NULL);
128 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 126 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -131,8 +129,7 @@ sshkey_file_tests(void)
131 129
132 TEST_START("parse RSA from new-format"); 130 TEST_START("parse RSA from new-format");
133 buf = load_file("rsa_n"); 131 buf = load_file("rsa_n");
134 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 132 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
135 "", "rsa_n", &k2, NULL), 0);
136 sshbuf_free(buf); 133 sshbuf_free(buf);
137 ASSERT_PTR_NE(k2, NULL); 134 ASSERT_PTR_NE(k2, NULL);
138 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 135 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -142,7 +139,7 @@ sshkey_file_tests(void)
142 TEST_START("parse RSA from new-format w/ passphrase"); 139 TEST_START("parse RSA from new-format w/ passphrase");
143 buf = load_file("rsa_n_pw"); 140 buf = load_file("rsa_n_pw");
144 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 141 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
145 (const char *)sshbuf_ptr(pw), "rsa_n_pw", &k2, NULL), 0); 142 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
146 sshbuf_free(buf); 143 sshbuf_free(buf);
147 ASSERT_PTR_NE(k2, NULL); 144 ASSERT_PTR_NE(k2, NULL);
148 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 145 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -197,8 +194,7 @@ sshkey_file_tests(void)
197 194
198 TEST_START("parse DSA from private"); 195 TEST_START("parse DSA from private");
199 buf = load_file("dsa_1"); 196 buf = load_file("dsa_1");
200 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "dsa_1", 197 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
201 &k1, NULL), 0);
202 sshbuf_free(buf); 198 sshbuf_free(buf);
203 ASSERT_PTR_NE(k1, NULL); 199 ASSERT_PTR_NE(k1, NULL);
204 a = load_bignum("dsa_1.param.g"); 200 a = load_bignum("dsa_1.param.g");
@@ -215,7 +211,7 @@ sshkey_file_tests(void)
215 TEST_START("parse DSA from private w/ passphrase"); 211 TEST_START("parse DSA from private w/ passphrase");
216 buf = load_file("dsa_1_pw"); 212 buf = load_file("dsa_1_pw");
217 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 213 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
218 (const char *)sshbuf_ptr(pw), "dsa_1_pw", &k2, NULL), 0); 214 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
219 sshbuf_free(buf); 215 sshbuf_free(buf);
220 ASSERT_PTR_NE(k2, NULL); 216 ASSERT_PTR_NE(k2, NULL);
221 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 217 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -224,8 +220,7 @@ sshkey_file_tests(void)
224 220
225 TEST_START("parse DSA from new-format"); 221 TEST_START("parse DSA from new-format");
226 buf = load_file("dsa_n"); 222 buf = load_file("dsa_n");
227 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 223 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
228 "", "dsa_n", &k2, NULL), 0);
229 sshbuf_free(buf); 224 sshbuf_free(buf);
230 ASSERT_PTR_NE(k2, NULL); 225 ASSERT_PTR_NE(k2, NULL);
231 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 226 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -235,7 +230,7 @@ sshkey_file_tests(void)
235 TEST_START("parse DSA from new-format w/ passphrase"); 230 TEST_START("parse DSA from new-format w/ passphrase");
236 buf = load_file("dsa_n_pw"); 231 buf = load_file("dsa_n_pw");
237 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 232 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
238 (const char *)sshbuf_ptr(pw), "dsa_n_pw", &k2, NULL), 0); 233 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
239 sshbuf_free(buf); 234 sshbuf_free(buf);
240 ASSERT_PTR_NE(k2, NULL); 235 ASSERT_PTR_NE(k2, NULL);
241 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 236 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -291,8 +286,7 @@ sshkey_file_tests(void)
291#ifdef OPENSSL_HAS_ECC 286#ifdef OPENSSL_HAS_ECC
292 TEST_START("parse ECDSA from private"); 287 TEST_START("parse ECDSA from private");
293 buf = load_file("ecdsa_1"); 288 buf = load_file("ecdsa_1");
294 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ecdsa_1", 289 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
295 &k1, NULL), 0);
296 sshbuf_free(buf); 290 sshbuf_free(buf);
297 ASSERT_PTR_NE(k1, NULL); 291 ASSERT_PTR_NE(k1, NULL);
298 buf = load_text_file("ecdsa_1.param.curve"); 292 buf = load_text_file("ecdsa_1.param.curve");
@@ -315,7 +309,7 @@ sshkey_file_tests(void)
315 TEST_START("parse ECDSA from private w/ passphrase"); 309 TEST_START("parse ECDSA from private w/ passphrase");
316 buf = load_file("ecdsa_1_pw"); 310 buf = load_file("ecdsa_1_pw");
317 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 311 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
318 (const char *)sshbuf_ptr(pw), "ecdsa_1_pw", &k2, NULL), 0); 312 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
319 sshbuf_free(buf); 313 sshbuf_free(buf);
320 ASSERT_PTR_NE(k2, NULL); 314 ASSERT_PTR_NE(k2, NULL);
321 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 315 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -324,8 +318,7 @@ sshkey_file_tests(void)
324 318
325 TEST_START("parse ECDSA from new-format"); 319 TEST_START("parse ECDSA from new-format");
326 buf = load_file("ecdsa_n"); 320 buf = load_file("ecdsa_n");
327 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 321 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k2, NULL), 0);
328 "", "ecdsa_n", &k2, NULL), 0);
329 sshbuf_free(buf); 322 sshbuf_free(buf);
330 ASSERT_PTR_NE(k2, NULL); 323 ASSERT_PTR_NE(k2, NULL);
331 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 324 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -335,7 +328,7 @@ sshkey_file_tests(void)
335 TEST_START("parse ECDSA from new-format w/ passphrase"); 328 TEST_START("parse ECDSA from new-format w/ passphrase");
336 buf = load_file("ecdsa_n_pw"); 329 buf = load_file("ecdsa_n_pw");
337 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 330 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
338 (const char *)sshbuf_ptr(pw), "ecdsa_n_pw", &k2, NULL), 0); 331 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
339 sshbuf_free(buf); 332 sshbuf_free(buf);
340 ASSERT_PTR_NE(k2, NULL); 333 ASSERT_PTR_NE(k2, NULL);
341 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 334 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
@@ -391,8 +384,7 @@ sshkey_file_tests(void)
391 384
392 TEST_START("parse Ed25519 from private"); 385 TEST_START("parse Ed25519 from private");
393 buf = load_file("ed25519_1"); 386 buf = load_file("ed25519_1");
394 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "ed25519_1", 387 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
395 &k1, NULL), 0);
396 sshbuf_free(buf); 388 sshbuf_free(buf);
397 ASSERT_PTR_NE(k1, NULL); 389 ASSERT_PTR_NE(k1, NULL);
398 ASSERT_INT_EQ(k1->type, KEY_ED25519); 390 ASSERT_INT_EQ(k1->type, KEY_ED25519);
@@ -402,7 +394,7 @@ sshkey_file_tests(void)
402 TEST_START("parse Ed25519 from private w/ passphrase"); 394 TEST_START("parse Ed25519 from private w/ passphrase");
403 buf = load_file("ed25519_1_pw"); 395 buf = load_file("ed25519_1_pw");
404 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, 396 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf,
405 (const char *)sshbuf_ptr(pw), "ed25519_1_pw", &k2, NULL), 0); 397 (const char *)sshbuf_ptr(pw), &k2, NULL), 0);
406 sshbuf_free(buf); 398 sshbuf_free(buf);
407 ASSERT_PTR_NE(k2, NULL); 399 ASSERT_PTR_NE(k2, NULL);
408 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1); 400 ASSERT_INT_EQ(sshkey_equal(k1, k2), 1);
diff --git a/regress/unittests/sshkey/test_fuzz.c b/regress/unittests/sshkey/test_fuzz.c
index 1f08a2e43..1f414e0ac 100644
--- a/regress/unittests/sshkey/test_fuzz.c
+++ b/regress/unittests/sshkey/test_fuzz.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_fuzz.c,v 1.4 2015/03/04 23:22:35 djm Exp $ */ 1/* $OpenBSD: test_fuzz.c,v 1.6 2015/12/07 02:20:46 djm Exp $ */
2/* 2/*
3 * Fuzz tests for key parsing 3 * Fuzz tests for key parsing
4 * 4 *
@@ -72,13 +72,13 @@ public_fuzz(struct sshkey *k)
72} 72}
73 73
74static void 74static void
75sig_fuzz(struct sshkey *k) 75sig_fuzz(struct sshkey *k, const char *sig_alg)
76{ 76{
77 struct fuzz *fuzz; 77 struct fuzz *fuzz;
78 u_char *sig, c[] = "some junk to be signed"; 78 u_char *sig, c[] = "some junk to be signed";
79 size_t l; 79 size_t l;
80 80
81 ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), 0), 0); 81 ASSERT_INT_EQ(sshkey_sign(k, &sig, &l, c, sizeof(c), sig_alg, 0), 0);
82 ASSERT_SIZE_T_GT(l, 0); 82 ASSERT_SIZE_T_GT(l, 0);
83 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */ 83 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | /* too slow FUZZ_2_BIT_FLIP | */
84 FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP | 84 FUZZ_1_BYTE_FLIP | FUZZ_2_BYTE_FLIP |
@@ -110,8 +110,7 @@ sshkey_fuzz_tests(void)
110 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP | 110 fuzz = fuzz_begin(FUZZ_1_BIT_FLIP | FUZZ_1_BYTE_FLIP |
111 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END, 111 FUZZ_TRUNCATE_START | FUZZ_TRUNCATE_END,
112 sshbuf_mutable_ptr(buf), sshbuf_len(buf)); 112 sshbuf_mutable_ptr(buf), sshbuf_len(buf));
113 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 113 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
114 &k1, NULL), 0);
115 sshkey_free(k1); 114 sshkey_free(k1);
116 sshbuf_free(buf); 115 sshbuf_free(buf);
117 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 116 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -119,8 +118,7 @@ sshkey_fuzz_tests(void)
119 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 118 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
120 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 119 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
121 ASSERT_INT_EQ(r, 0); 120 ASSERT_INT_EQ(r, 0);
122 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 121 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
123 &k1, NULL) == 0)
124 sshkey_free(k1); 122 sshkey_free(k1);
125 sshbuf_reset(fuzzed); 123 sshbuf_reset(fuzzed);
126 } 124 }
@@ -154,8 +152,7 @@ sshkey_fuzz_tests(void)
154 buf = load_file("rsa_1"); 152 buf = load_file("rsa_1");
155 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 153 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
156 sshbuf_len(buf)); 154 sshbuf_len(buf));
157 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 155 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
158 &k1, NULL), 0);
159 sshkey_free(k1); 156 sshkey_free(k1);
160 sshbuf_free(buf); 157 sshbuf_free(buf);
161 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 158 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -163,8 +160,7 @@ sshkey_fuzz_tests(void)
163 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 160 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
164 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 161 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
165 ASSERT_INT_EQ(r, 0); 162 ASSERT_INT_EQ(r, 0);
166 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 163 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
167 &k1, NULL) == 0)
168 sshkey_free(k1); 164 sshkey_free(k1);
169 sshbuf_reset(fuzzed); 165 sshbuf_reset(fuzzed);
170 } 166 }
@@ -176,8 +172,7 @@ sshkey_fuzz_tests(void)
176 buf = load_file("rsa_n"); 172 buf = load_file("rsa_n");
177 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 173 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
178 sshbuf_len(buf)); 174 sshbuf_len(buf));
179 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 175 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
180 &k1, NULL), 0);
181 sshkey_free(k1); 176 sshkey_free(k1);
182 sshbuf_free(buf); 177 sshbuf_free(buf);
183 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 178 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -185,8 +180,7 @@ sshkey_fuzz_tests(void)
185 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 180 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
186 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 181 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
187 ASSERT_INT_EQ(r, 0); 182 ASSERT_INT_EQ(r, 0);
188 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 183 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
189 &k1, NULL) == 0)
190 sshkey_free(k1); 184 sshkey_free(k1);
191 sshbuf_reset(fuzzed); 185 sshbuf_reset(fuzzed);
192 } 186 }
@@ -198,8 +192,7 @@ sshkey_fuzz_tests(void)
198 buf = load_file("dsa_1"); 192 buf = load_file("dsa_1");
199 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 193 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
200 sshbuf_len(buf)); 194 sshbuf_len(buf));
201 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 195 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
202 &k1, NULL), 0);
203 sshkey_free(k1); 196 sshkey_free(k1);
204 sshbuf_free(buf); 197 sshbuf_free(buf);
205 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 198 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -207,8 +200,7 @@ sshkey_fuzz_tests(void)
207 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 200 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
208 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 201 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
209 ASSERT_INT_EQ(r, 0); 202 ASSERT_INT_EQ(r, 0);
210 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 203 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
211 &k1, NULL) == 0)
212 sshkey_free(k1); 204 sshkey_free(k1);
213 sshbuf_reset(fuzzed); 205 sshbuf_reset(fuzzed);
214 } 206 }
@@ -220,8 +212,7 @@ sshkey_fuzz_tests(void)
220 buf = load_file("dsa_n"); 212 buf = load_file("dsa_n");
221 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 213 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
222 sshbuf_len(buf)); 214 sshbuf_len(buf));
223 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 215 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
224 &k1, NULL), 0);
225 sshkey_free(k1); 216 sshkey_free(k1);
226 sshbuf_free(buf); 217 sshbuf_free(buf);
227 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 218 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -229,8 +220,7 @@ sshkey_fuzz_tests(void)
229 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 220 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
230 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 221 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
231 ASSERT_INT_EQ(r, 0); 222 ASSERT_INT_EQ(r, 0);
232 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 223 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
233 &k1, NULL) == 0)
234 sshkey_free(k1); 224 sshkey_free(k1);
235 sshbuf_reset(fuzzed); 225 sshbuf_reset(fuzzed);
236 } 226 }
@@ -243,8 +233,7 @@ sshkey_fuzz_tests(void)
243 buf = load_file("ecdsa_1"); 233 buf = load_file("ecdsa_1");
244 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 234 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
245 sshbuf_len(buf)); 235 sshbuf_len(buf));
246 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 236 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
247 &k1, NULL), 0);
248 sshkey_free(k1); 237 sshkey_free(k1);
249 sshbuf_free(buf); 238 sshbuf_free(buf);
250 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 239 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -252,8 +241,7 @@ sshkey_fuzz_tests(void)
252 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 241 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
253 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 242 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
254 ASSERT_INT_EQ(r, 0); 243 ASSERT_INT_EQ(r, 0);
255 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 244 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
256 &k1, NULL) == 0)
257 sshkey_free(k1); 245 sshkey_free(k1);
258 sshbuf_reset(fuzzed); 246 sshbuf_reset(fuzzed);
259 } 247 }
@@ -265,8 +253,7 @@ sshkey_fuzz_tests(void)
265 buf = load_file("ecdsa_n"); 253 buf = load_file("ecdsa_n");
266 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 254 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
267 sshbuf_len(buf)); 255 sshbuf_len(buf));
268 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 256 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
269 &k1, NULL), 0);
270 sshkey_free(k1); 257 sshkey_free(k1);
271 sshbuf_free(buf); 258 sshbuf_free(buf);
272 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 259 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -274,8 +261,7 @@ sshkey_fuzz_tests(void)
274 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 261 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
275 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 262 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
276 ASSERT_INT_EQ(r, 0); 263 ASSERT_INT_EQ(r, 0);
277 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 264 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
278 &k1, NULL) == 0)
279 sshkey_free(k1); 265 sshkey_free(k1);
280 sshbuf_reset(fuzzed); 266 sshbuf_reset(fuzzed);
281 } 267 }
@@ -288,8 +274,7 @@ sshkey_fuzz_tests(void)
288 buf = load_file("ed25519_1"); 274 buf = load_file("ed25519_1");
289 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf), 275 fuzz = fuzz_begin(FUZZ_BASE64, sshbuf_mutable_ptr(buf),
290 sshbuf_len(buf)); 276 sshbuf_len(buf));
291 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 277 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
292 &k1, NULL), 0);
293 sshkey_free(k1); 278 sshkey_free(k1);
294 sshbuf_free(buf); 279 sshbuf_free(buf);
295 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL); 280 ASSERT_PTR_NE(fuzzed = sshbuf_new(), NULL);
@@ -297,8 +282,7 @@ sshkey_fuzz_tests(void)
297 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) { 282 for(; !fuzz_done(fuzz); fuzz_next(fuzz)) {
298 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz)); 283 r = sshbuf_put(fuzzed, fuzz_ptr(fuzz), fuzz_len(fuzz));
299 ASSERT_INT_EQ(r, 0); 284 ASSERT_INT_EQ(r, 0);
300 if (sshkey_parse_private_fileblob(fuzzed, "", "key", 285 if (sshkey_parse_private_fileblob(fuzzed, "", &k1, NULL) == 0)
301 &k1, NULL) == 0)
302 sshkey_free(k1); 286 sshkey_free(k1);
303 sshbuf_reset(fuzzed); 287 sshbuf_reset(fuzzed);
304 } 288 }
@@ -308,8 +292,7 @@ sshkey_fuzz_tests(void)
308 292
309 TEST_START("fuzz RSA public"); 293 TEST_START("fuzz RSA public");
310 buf = load_file("rsa_1"); 294 buf = load_file("rsa_1");
311 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 295 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
312 &k1, NULL), 0);
313 sshbuf_free(buf); 296 sshbuf_free(buf);
314 public_fuzz(k1); 297 public_fuzz(k1);
315 sshkey_free(k1); 298 sshkey_free(k1);
@@ -323,8 +306,7 @@ sshkey_fuzz_tests(void)
323 306
324 TEST_START("fuzz DSA public"); 307 TEST_START("fuzz DSA public");
325 buf = load_file("dsa_1"); 308 buf = load_file("dsa_1");
326 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 309 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
327 &k1, NULL), 0);
328 sshbuf_free(buf); 310 sshbuf_free(buf);
329 public_fuzz(k1); 311 public_fuzz(k1);
330 sshkey_free(k1); 312 sshkey_free(k1);
@@ -339,8 +321,7 @@ sshkey_fuzz_tests(void)
339#ifdef OPENSSL_HAS_ECC 321#ifdef OPENSSL_HAS_ECC
340 TEST_START("fuzz ECDSA public"); 322 TEST_START("fuzz ECDSA public");
341 buf = load_file("ecdsa_1"); 323 buf = load_file("ecdsa_1");
342 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 324 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
343 &k1, NULL), 0);
344 sshbuf_free(buf); 325 sshbuf_free(buf);
345 public_fuzz(k1); 326 public_fuzz(k1);
346 sshkey_free(k1); 327 sshkey_free(k1);
@@ -355,8 +336,7 @@ sshkey_fuzz_tests(void)
355 336
356 TEST_START("fuzz Ed25519 public"); 337 TEST_START("fuzz Ed25519 public");
357 buf = load_file("ed25519_1"); 338 buf = load_file("ed25519_1");
358 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 339 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
359 &k1, NULL), 0);
360 sshbuf_free(buf); 340 sshbuf_free(buf);
361 public_fuzz(k1); 341 public_fuzz(k1);
362 sshkey_free(k1); 342 sshkey_free(k1);
@@ -370,39 +350,51 @@ sshkey_fuzz_tests(void)
370 350
371 TEST_START("fuzz RSA sig"); 351 TEST_START("fuzz RSA sig");
372 buf = load_file("rsa_1"); 352 buf = load_file("rsa_1");
373 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 353 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
374 &k1, NULL), 0);
375 sshbuf_free(buf); 354 sshbuf_free(buf);
376 sig_fuzz(k1); 355 sig_fuzz(k1, "ssh-rsa");
356 sshkey_free(k1);
357 TEST_DONE();
358
359 TEST_START("fuzz RSA SHA256 sig");
360 buf = load_file("rsa_1");
361 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
362 sshbuf_free(buf);
363 sig_fuzz(k1, "rsa-sha2-256");
364 sshkey_free(k1);
365 TEST_DONE();
366
367 TEST_START("fuzz RSA SHA512 sig");
368 buf = load_file("rsa_1");
369 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
370 sshbuf_free(buf);
371 sig_fuzz(k1, "rsa-sha2-512");
377 sshkey_free(k1); 372 sshkey_free(k1);
378 TEST_DONE(); 373 TEST_DONE();
379 374
380 TEST_START("fuzz DSA sig"); 375 TEST_START("fuzz DSA sig");
381 buf = load_file("dsa_1"); 376 buf = load_file("dsa_1");
382 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 377 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
383 &k1, NULL), 0);
384 sshbuf_free(buf); 378 sshbuf_free(buf);
385 sig_fuzz(k1); 379 sig_fuzz(k1, NULL);
386 sshkey_free(k1); 380 sshkey_free(k1);
387 TEST_DONE(); 381 TEST_DONE();
388 382
389#ifdef OPENSSL_HAS_ECC 383#ifdef OPENSSL_HAS_ECC
390 TEST_START("fuzz ECDSA sig"); 384 TEST_START("fuzz ECDSA sig");
391 buf = load_file("ecdsa_1"); 385 buf = load_file("ecdsa_1");
392 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 386 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
393 &k1, NULL), 0);
394 sshbuf_free(buf); 387 sshbuf_free(buf);
395 sig_fuzz(k1); 388 sig_fuzz(k1, NULL);
396 sshkey_free(k1); 389 sshkey_free(k1);
397 TEST_DONE(); 390 TEST_DONE();
398#endif 391#endif
399 392
400 TEST_START("fuzz Ed25519 sig"); 393 TEST_START("fuzz Ed25519 sig");
401 buf = load_file("ed25519_1"); 394 buf = load_file("ed25519_1");
402 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", "key", 395 ASSERT_INT_EQ(sshkey_parse_private_fileblob(buf, "", &k1, NULL), 0);
403 &k1, NULL), 0);
404 sshbuf_free(buf); 396 sshbuf_free(buf);
405 sig_fuzz(k1); 397 sig_fuzz(k1, NULL);
406 sshkey_free(k1); 398 sshkey_free(k1);
407 TEST_DONE(); 399 TEST_DONE();
408 400
diff --git a/regress/unittests/sshkey/test_sshkey.c b/regress/unittests/sshkey/test_sshkey.c
index 9b3ce7ee4..1f160d1a7 100644
--- a/regress/unittests/sshkey/test_sshkey.c
+++ b/regress/unittests/sshkey/test_sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: test_sshkey.c,v 1.7 2015/08/05 05:27:33 djm Exp $ */ 1/* $OpenBSD: test_sshkey.c,v 1.9 2015/12/07 02:20:46 djm Exp $ */
2/* 2/*
3 * Regress test for sshkey.h key management API 3 * Regress test for sshkey.h key management API
4 * 4 *
@@ -52,7 +52,8 @@ put_opt(struct sshbuf *b, const char *name, const char *value)
52 52
53static void 53static void
54build_cert(struct sshbuf *b, const struct sshkey *k, const char *type, 54build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
55 const struct sshkey *sign_key, const struct sshkey *ca_key) 55 const struct sshkey *sign_key, const struct sshkey *ca_key,
56 const char *sig_alg)
56{ 57{
57 struct sshbuf *ca_buf, *pk, *principals, *critopts, *exts; 58 struct sshbuf *ca_buf, *pk, *principals, *critopts, *exts;
58 u_char *sigblob; 59 u_char *sigblob;
@@ -99,7 +100,7 @@ build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
99 ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */ 100 ASSERT_INT_EQ(sshbuf_put_string(b, NULL, 0), 0); /* reserved */
100 ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */ 101 ASSERT_INT_EQ(sshbuf_put_stringb(b, ca_buf), 0); /* signature key */
101 ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen, 102 ASSERT_INT_EQ(sshkey_sign(sign_key, &sigblob, &siglen,
102 sshbuf_ptr(b), sshbuf_len(b), 0), 0); 103 sshbuf_ptr(b), sshbuf_len(b), sig_alg, 0), 0);
103 ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */ 104 ASSERT_INT_EQ(sshbuf_put_string(b, sigblob, siglen), 0); /* signature */
104 105
105 free(sigblob); 106 free(sigblob);
@@ -111,12 +112,13 @@ build_cert(struct sshbuf *b, const struct sshkey *k, const char *type,
111} 112}
112 113
113static void 114static void
114signature_test(struct sshkey *k, struct sshkey *bad, const u_char *d, size_t l) 115signature_test(struct sshkey *k, struct sshkey *bad, const char *sig_alg,
116 const u_char *d, size_t l)
115{ 117{
116 size_t len; 118 size_t len;
117 u_char *sig; 119 u_char *sig;
118 120
119 ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, 0), 0); 121 ASSERT_INT_EQ(sshkey_sign(k, &sig, &len, d, l, sig_alg, 0), 0);
120 ASSERT_SIZE_T_GT(len, 8); 122 ASSERT_SIZE_T_GT(len, 8);
121 ASSERT_PTR_NE(sig, NULL); 123 ASSERT_PTR_NE(sig, NULL);
122 ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, 0), 0); 124 ASSERT_INT_EQ(sshkey_verify(k, sig, len, d, l, 0), 0);
@@ -143,7 +145,7 @@ banana(u_char *s, size_t l)
143} 145}
144 146
145static void 147static void
146signature_tests(struct sshkey *k, struct sshkey *bad) 148signature_tests(struct sshkey *k, struct sshkey *bad, const char *sig_alg)
147{ 149{
148 u_char i, buf[2049]; 150 u_char i, buf[2049];
149 size_t lens[] = { 151 size_t lens[] = {
@@ -155,7 +157,7 @@ signature_tests(struct sshkey *k, struct sshkey *bad)
155 test_subtest_info("%s key, banana length %zu", 157 test_subtest_info("%s key, banana length %zu",
156 sshkey_type(k), lens[i]); 158 sshkey_type(k), lens[i]);
157 banana(buf, lens[i]); 159 banana(buf, lens[i]);
158 signature_test(k, bad, buf, lens[i]); 160 signature_test(k, bad, sig_alg, buf, lens[i]);
159 } 161 }
160} 162}
161 163
@@ -166,7 +168,7 @@ get_private(const char *n)
166 struct sshkey *ret; 168 struct sshkey *ret;
167 169
168 b = load_file(n); 170 b = load_file(n);
169 ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", n, &ret, NULL), 0); 171 ASSERT_INT_EQ(sshkey_parse_private_fileblob(b, "", &ret, NULL), 0);
170 sshbuf_free(b); 172 sshbuf_free(b);
171 return ret; 173 return ret;
172} 174}
@@ -469,7 +471,25 @@ sshkey_tests(void)
469 k1 = get_private("rsa_1"); 471 k1 = get_private("rsa_1");
470 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2, 472 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
471 NULL), 0); 473 NULL), 0);
472 signature_tests(k1, k2); 474 signature_tests(k1, k2, "ssh-rsa");
475 sshkey_free(k1);
476 sshkey_free(k2);
477 TEST_DONE();
478
479 TEST_START("sign and verify RSA-SHA256");
480 k1 = get_private("rsa_1");
481 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
482 NULL), 0);
483 signature_tests(k1, k2, "rsa-sha2-256");
484 sshkey_free(k1);
485 sshkey_free(k2);
486 TEST_DONE();
487
488 TEST_START("sign and verify RSA-SHA512");
489 k1 = get_private("rsa_1");
490 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_2.pub"), &k2,
491 NULL), 0);
492 signature_tests(k1, k2, "rsa-sha2-512");
473 sshkey_free(k1); 493 sshkey_free(k1);
474 sshkey_free(k2); 494 sshkey_free(k2);
475 TEST_DONE(); 495 TEST_DONE();
@@ -478,7 +498,7 @@ sshkey_tests(void)
478 k1 = get_private("dsa_1"); 498 k1 = get_private("dsa_1");
479 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_2.pub"), &k2, 499 ASSERT_INT_EQ(sshkey_load_public(test_data_file("dsa_2.pub"), &k2,
480 NULL), 0); 500 NULL), 0);
481 signature_tests(k1, k2); 501 signature_tests(k1, k2, NULL);
482 sshkey_free(k1); 502 sshkey_free(k1);
483 sshkey_free(k2); 503 sshkey_free(k2);
484 TEST_DONE(); 504 TEST_DONE();
@@ -488,7 +508,7 @@ sshkey_tests(void)
488 k1 = get_private("ecdsa_1"); 508 k1 = get_private("ecdsa_1");
489 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2, 509 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ecdsa_2.pub"), &k2,
490 NULL), 0); 510 NULL), 0);
491 signature_tests(k1, k2); 511 signature_tests(k1, k2, NULL);
492 sshkey_free(k1); 512 sshkey_free(k1);
493 sshkey_free(k2); 513 sshkey_free(k2);
494 TEST_DONE(); 514 TEST_DONE();
@@ -498,7 +518,7 @@ sshkey_tests(void)
498 k1 = get_private("ed25519_1"); 518 k1 = get_private("ed25519_1");
499 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_2.pub"), &k2, 519 ASSERT_INT_EQ(sshkey_load_public(test_data_file("ed25519_2.pub"), &k2,
500 NULL), 0); 520 NULL), 0);
501 signature_tests(k1, k2); 521 signature_tests(k1, k2, NULL);
502 sshkey_free(k1); 522 sshkey_free(k1);
503 sshkey_free(k2); 523 sshkey_free(k2);
504 TEST_DONE(); 524 TEST_DONE();
@@ -508,7 +528,7 @@ sshkey_tests(void)
508 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2, 528 ASSERT_INT_EQ(sshkey_load_public(test_data_file("rsa_1.pub"), &k2,
509 NULL), 0); 529 NULL), 0);
510 k3 = get_private("rsa_1"); 530 k3 = get_private("rsa_1");
511 build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1); 531 build_cert(b, k2, "ssh-rsa-cert-v01@openssh.com", k3, k1, NULL);
512 ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4), 532 ASSERT_INT_EQ(sshkey_from_blob(sshbuf_ptr(b), sshbuf_len(b), &k4),
513 SSH_ERR_KEY_CERT_INVALID_SIGN_KEY); 533 SSH_ERR_KEY_CERT_INVALID_SIGN_KEY);
514 ASSERT_PTR_EQ(k4, NULL); 534 ASSERT_PTR_EQ(k4, NULL);
diff --git a/roaming.h b/roaming.h
index da069f878..e69de29bb 100644
--- a/roaming.h
+++ b/roaming.h
@@ -1,45 +0,0 @@
1/* $OpenBSD: roaming.h,v 1.6 2011/12/07 05:44:38 djm Exp $ */
2/*
3 * Copyright (c) 2004-2009 AppGate Network Security AB
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#ifndef ROAMING_H
19#define ROAMING_H
20
21#define DEFAULT_ROAMBUF 65536
22#define MAX_ROAMBUF (2*1024*1024) /* XXX arbitrary */
23#define ROAMING_REQUEST "roaming@appgate.com"
24
25extern int roaming_enabled;
26extern int resume_in_progress;
27
28void request_roaming(void);
29int get_snd_buf_size(void);
30int get_recv_buf_size(void);
31void add_recv_bytes(u_int64_t);
32int wait_for_roaming_reconnect(void);
33void roaming_reply(int, u_int32_t, void *);
34void set_out_buffer_size(size_t);
35ssize_t roaming_write(int, const void *, size_t, int *);
36ssize_t roaming_read(int, void *, size_t, int *);
37size_t roaming_atomicio(ssize_t (*)(int, void *, size_t), int, void *, size_t);
38u_int64_t get_recv_bytes(void);
39u_int64_t get_sent_bytes(void);
40void roam_set_bytes(u_int64_t, u_int64_t);
41void resend_bytes(int, u_int64_t *);
42void calculate_new_key(u_int64_t *, u_int64_t, u_int64_t);
43int resume_kex(void);
44
45#endif /* ROAMING */
diff --git a/roaming_client.c b/roaming_client.c
deleted file mode 100644
index cb1328574..000000000
--- a/roaming_client.c
+++ /dev/null
@@ -1,271 +0,0 @@
1/* $OpenBSD: roaming_client.c,v 1.9 2015/01/27 12:54:06 okan Exp $ */
2/*
3 * Copyright (c) 2004-2009 AppGate Network Security AB
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19
20#include "openbsd-compat/sys-queue.h"
21#include <sys/types.h>
22#include <sys/socket.h>
23
24#include <signal.h>
25#include <string.h>
26#include <unistd.h>
27
28#include "xmalloc.h"
29#include "buffer.h"
30#include "channels.h"
31#include "cipher.h"
32#include "dispatch.h"
33#include "clientloop.h"
34#include "log.h"
35#include "match.h"
36#include "misc.h"
37#include "packet.h"
38#include "ssh.h"
39#include "key.h"
40#include "kex.h"
41#include "readconf.h"
42#include "roaming.h"
43#include "ssh2.h"
44#include "sshconnect.h"
45#include "digest.h"
46
47/* import */
48extern Options options;
49extern char *host;
50extern struct sockaddr_storage hostaddr;
51extern int session_resumed;
52
53static u_int32_t roaming_id;
54static u_int64_t cookie;
55static u_int64_t lastseenchall;
56static u_int64_t key1, key2, oldkey1, oldkey2;
57
58void
59roaming_reply(int type, u_int32_t seq, void *ctxt)
60{
61 if (type == SSH2_MSG_REQUEST_FAILURE) {
62 logit("Server denied roaming");
63 return;
64 }
65 verbose("Roaming enabled");
66 roaming_id = packet_get_int();
67 cookie = packet_get_int64();
68 key1 = oldkey1 = packet_get_int64();
69 key2 = oldkey2 = packet_get_int64();
70 set_out_buffer_size(packet_get_int() + get_snd_buf_size());
71 roaming_enabled = 1;
72}
73
74void
75request_roaming(void)
76{
77 packet_start(SSH2_MSG_GLOBAL_REQUEST);
78 packet_put_cstring(ROAMING_REQUEST);
79 packet_put_char(1);
80 packet_put_int(get_recv_buf_size());
81 packet_send();
82 client_register_global_confirm(roaming_reply, NULL);
83}
84
85static void
86roaming_auth_required(void)
87{
88 u_char digest[SSH_DIGEST_MAX_LENGTH];
89 Buffer b;
90 u_int64_t chall, oldchall;
91
92 chall = packet_get_int64();
93 oldchall = packet_get_int64();
94 if (oldchall != lastseenchall) {
95 key1 = oldkey1;
96 key2 = oldkey2;
97 }
98 lastseenchall = chall;
99
100 buffer_init(&b);
101 buffer_put_int64(&b, cookie);
102 buffer_put_int64(&b, chall);
103 if (ssh_digest_buffer(SSH_DIGEST_SHA1, &b, digest, sizeof(digest)) != 0)
104 fatal("%s: ssh_digest_buffer failed", __func__);
105 buffer_free(&b);
106
107 packet_start(SSH2_MSG_KEX_ROAMING_AUTH);
108 packet_put_int64(key1 ^ get_recv_bytes());
109 packet_put_raw(digest, ssh_digest_bytes(SSH_DIGEST_SHA1));
110 packet_send();
111
112 oldkey1 = key1;
113 oldkey2 = key2;
114 calculate_new_key(&key1, cookie, chall);
115 calculate_new_key(&key2, cookie, chall);
116
117 debug("Received %llu bytes", (unsigned long long)get_recv_bytes());
118 debug("Sent roaming_auth packet");
119}
120
121int
122resume_kex(void)
123{
124 /*
125 * This should not happen - if the client sends the kex method
126 * resume@appgate.com then the kex is done in roaming_resume().
127 */
128 return 1;
129}
130
131static int
132roaming_resume(void)
133{
134 u_int64_t recv_bytes;
135 char *str = NULL, *kexlist = NULL, *c;
136 int i, type;
137 int timeout_ms = options.connection_timeout * 1000;
138 u_int len;
139 u_int32_t rnd = 0;
140
141 resume_in_progress = 1;
142
143 /* Exchange banners */
144 ssh_exchange_identification(timeout_ms);
145 packet_set_nonblocking();
146
147 /* Send a kexinit message with resume@appgate.com as only kex algo */
148 packet_start(SSH2_MSG_KEXINIT);
149 for (i = 0; i < KEX_COOKIE_LEN; i++) {
150 if (i % 4 == 0)
151 rnd = arc4random();
152 packet_put_char(rnd & 0xff);
153 rnd >>= 8;
154 }
155 packet_put_cstring(KEX_RESUME);
156 for (i = 1; i < PROPOSAL_MAX; i++) {
157 /* kex algorithm added so start with i=1 and not 0 */
158 packet_put_cstring(""); /* Not used when we resume */
159 }
160 packet_put_char(1); /* first kex_packet follows */
161 packet_put_int(0); /* reserved */
162 packet_send();
163
164 /* Assume that resume@appgate.com will be accepted */
165 packet_start(SSH2_MSG_KEX_ROAMING_RESUME);
166 packet_put_int(roaming_id);
167 packet_send();
168
169 /* Read the server's kexinit and check for resume@appgate.com */
170 if ((type = packet_read()) != SSH2_MSG_KEXINIT) {
171 debug("expected kexinit on resume, got %d", type);
172 goto fail;
173 }
174 for (i = 0; i < KEX_COOKIE_LEN; i++)
175 (void)packet_get_char();
176 kexlist = packet_get_string(&len);
177 if (!kexlist
178 || (str = match_list(KEX_RESUME, kexlist, NULL)) == NULL) {
179 debug("server doesn't allow resume");
180 goto fail;
181 }
182 free(str);
183 for (i = 1; i < PROPOSAL_MAX; i++) {
184 /* kex algorithm taken care of so start with i=1 and not 0 */
185 free(packet_get_string(&len));
186 }
187 i = packet_get_char(); /* first_kex_packet_follows */
188 if (i && (c = strchr(kexlist, ',')))
189 *c = 0;
190 if (i && strcmp(kexlist, KEX_RESUME)) {
191 debug("server's kex guess (%s) was wrong, skipping", kexlist);
192 (void)packet_read(); /* Wrong guess - discard packet */
193 }
194
195 /*
196 * Read the ROAMING_AUTH_REQUIRED challenge from the server and
197 * send ROAMING_AUTH
198 */
199 if ((type = packet_read()) != SSH2_MSG_KEX_ROAMING_AUTH_REQUIRED) {
200 debug("expected roaming_auth_required, got %d", type);
201 goto fail;
202 }
203 roaming_auth_required();
204
205 /* Read ROAMING_AUTH_OK from the server */
206 if ((type = packet_read()) != SSH2_MSG_KEX_ROAMING_AUTH_OK) {
207 debug("expected roaming_auth_ok, got %d", type);
208 goto fail;
209 }
210 recv_bytes = packet_get_int64() ^ oldkey2;
211 debug("Peer received %llu bytes", (unsigned long long)recv_bytes);
212 resend_bytes(packet_get_connection_out(), &recv_bytes);
213
214 resume_in_progress = 0;
215
216 session_resumed = 1; /* Tell clientloop */
217
218 return 0;
219
220fail:
221 free(kexlist);
222 if (packet_get_connection_in() == packet_get_connection_out())
223 close(packet_get_connection_in());
224 else {
225 close(packet_get_connection_in());
226 close(packet_get_connection_out());
227 }
228 return 1;
229}
230
231int
232wait_for_roaming_reconnect(void)
233{
234 static int reenter_guard = 0;
235 int timeout_ms = options.connection_timeout * 1000;
236 int c;
237
238 if (reenter_guard != 0)
239 fatal("Server refused resume, roaming timeout may be exceeded");
240 reenter_guard = 1;
241
242 fprintf(stderr, "[connection suspended, press return to resume]");
243 fflush(stderr);
244 packet_backup_state();
245 /* TODO Perhaps we should read from tty here */
246 while ((c = fgetc(stdin)) != EOF) {
247 if (c == 'Z' - 64) {
248 kill(getpid(), SIGTSTP);
249 continue;
250 }
251 if (c != '\n' && c != '\r')
252 continue;
253
254 if (ssh_connect(host, NULL, &hostaddr, options.port,
255 options.address_family, 1, &timeout_ms,
256 options.tcp_keep_alive, options.use_privileged_port) == 0 &&
257 roaming_resume() == 0) {
258 packet_restore_state();
259 reenter_guard = 0;
260 fprintf(stderr, "[connection resumed]\n");
261 fflush(stderr);
262 return 0;
263 }
264
265 fprintf(stderr, "[reconnect failed, press return to retry]");
266 fflush(stderr);
267 }
268 fprintf(stderr, "[exiting]\n");
269 fflush(stderr);
270 exit(0);
271}
diff --git a/roaming_common.c b/roaming_common.c
deleted file mode 100644
index ea064605c..000000000
--- a/roaming_common.c
+++ /dev/null
@@ -1,241 +0,0 @@
1/* $OpenBSD: roaming_common.c,v 1.13 2015/01/27 12:54:06 okan Exp $ */
2/*
3 * Copyright (c) 2004-2009 AppGate Network Security AB
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19
20#include <sys/types.h>
21#include <sys/socket.h>
22#include <sys/uio.h>
23
24#include <errno.h>
25#include <stdarg.h>
26#include <string.h>
27#include <unistd.h>
28
29#include "atomicio.h"
30#include "log.h"
31#include "packet.h"
32#include "xmalloc.h"
33#include "cipher.h"
34#include "buffer.h"
35#include "roaming.h"
36#include "digest.h"
37
38static size_t out_buf_size = 0;
39static char *out_buf = NULL;
40static size_t out_start;
41static size_t out_last;
42
43static u_int64_t write_bytes = 0;
44static u_int64_t read_bytes = 0;
45
46int roaming_enabled = 0;
47int resume_in_progress = 0;
48
49int
50get_snd_buf_size(void)
51{
52 int fd = packet_get_connection_out();
53 int optval;
54 socklen_t optvallen = sizeof(optval);
55
56 if (getsockopt(fd, SOL_SOCKET, SO_SNDBUF, &optval, &optvallen) != 0)
57 optval = DEFAULT_ROAMBUF;
58 return optval;
59}
60
61int
62get_recv_buf_size(void)
63{
64 int fd = packet_get_connection_in();
65 int optval;
66 socklen_t optvallen = sizeof(optval);
67
68 if (getsockopt(fd, SOL_SOCKET, SO_RCVBUF, &optval, &optvallen) != 0)
69 optval = DEFAULT_ROAMBUF;
70 return optval;
71}
72
73void
74set_out_buffer_size(size_t size)
75{
76 if (size == 0 || size > MAX_ROAMBUF)
77 fatal("%s: bad buffer size %lu", __func__, (u_long)size);
78 /*
79 * The buffer size can only be set once and the buffer will live
80 * as long as the session lives.
81 */
82 if (out_buf == NULL) {
83 out_buf_size = size;
84 out_buf = xmalloc(size);
85 out_start = 0;
86 out_last = 0;
87 }
88}
89
90u_int64_t
91get_recv_bytes(void)
92{
93 return read_bytes;
94}
95
96void
97add_recv_bytes(u_int64_t num)
98{
99 read_bytes += num;
100}
101
102u_int64_t
103get_sent_bytes(void)
104{
105 return write_bytes;
106}
107
108void
109roam_set_bytes(u_int64_t sent, u_int64_t recvd)
110{
111 read_bytes = recvd;
112 write_bytes = sent;
113}
114
115static void
116buf_append(const char *buf, size_t count)
117{
118 if (count > out_buf_size) {
119 buf += count - out_buf_size;
120 count = out_buf_size;
121 }
122 if (count < out_buf_size - out_last) {
123 memcpy(out_buf + out_last, buf, count);
124 if (out_start > out_last)
125 out_start += count;
126 out_last += count;
127 } else {
128 /* data will wrap */
129 size_t chunk = out_buf_size - out_last;
130 memcpy(out_buf + out_last, buf, chunk);
131 memcpy(out_buf, buf + chunk, count - chunk);
132 out_last = count - chunk;
133 out_start = out_last + 1;
134 }
135}
136
137ssize_t
138roaming_write(int fd, const void *buf, size_t count, int *cont)
139{
140 ssize_t ret;
141
142 ret = write(fd, buf, count);
143 if (ret > 0 && !resume_in_progress) {
144 write_bytes += ret;
145 if (out_buf_size > 0)
146 buf_append(buf, ret);
147 }
148 if (out_buf_size > 0 &&
149 (ret == 0 || (ret == -1 && errno == EPIPE))) {
150 if (wait_for_roaming_reconnect() != 0) {
151 ret = 0;
152 *cont = 1;
153 } else {
154 ret = -1;
155 errno = EAGAIN;
156 }
157 }
158 return ret;
159}
160
161ssize_t
162roaming_read(int fd, void *buf, size_t count, int *cont)
163{
164 ssize_t ret = read(fd, buf, count);
165 if (ret > 0) {
166 if (!resume_in_progress) {
167 read_bytes += ret;
168 }
169 } else if (out_buf_size > 0 &&
170 (ret == 0 || (ret == -1 && (errno == ECONNRESET
171 || errno == ECONNABORTED || errno == ETIMEDOUT
172 || errno == EHOSTUNREACH)))) {
173 debug("roaming_read failed for %d ret=%ld errno=%d",
174 fd, (long)ret, errno);
175 ret = 0;
176 if (wait_for_roaming_reconnect() == 0)
177 *cont = 1;
178 }
179 return ret;
180}
181
182size_t
183roaming_atomicio(ssize_t(*f)(int, void*, size_t), int fd, void *buf,
184 size_t count)
185{
186 size_t ret = atomicio(f, fd, buf, count);
187
188 if (f == vwrite && ret > 0 && !resume_in_progress) {
189 write_bytes += ret;
190 } else if (f == read && ret > 0 && !resume_in_progress) {
191 read_bytes += ret;
192 }
193 return ret;
194}
195
196void
197resend_bytes(int fd, u_int64_t *offset)
198{
199 size_t available, needed;
200
201 if (out_start < out_last)
202 available = out_last - out_start;
203 else
204 available = out_buf_size;
205 needed = write_bytes - *offset;
206 debug3("resend_bytes: resend %lu bytes from %llu",
207 (unsigned long)needed, (unsigned long long)*offset);
208 if (needed > available)
209 fatal("Needed to resend more data than in the cache");
210 if (out_last < needed) {
211 int chunkend = needed - out_last;
212 atomicio(vwrite, fd, out_buf + out_buf_size - chunkend,
213 chunkend);
214 atomicio(vwrite, fd, out_buf, out_last);
215 } else {
216 atomicio(vwrite, fd, out_buf + (out_last - needed), needed);
217 }
218}
219
220/*
221 * Caclulate a new key after a reconnect
222 */
223void
224calculate_new_key(u_int64_t *key, u_int64_t cookie, u_int64_t challenge)
225{
226 u_char hash[SSH_DIGEST_MAX_LENGTH];
227 Buffer b;
228
229 buffer_init(&b);
230 buffer_put_int64(&b, *key);
231 buffer_put_int64(&b, cookie);
232 buffer_put_int64(&b, challenge);
233
234 if (ssh_digest_buffer(SSH_DIGEST_SHA1, &b, hash, sizeof(hash)) != 0)
235 fatal("%s: digest_buffer failed", __func__);
236
237 buffer_clear(&b);
238 buffer_append(&b, hash, ssh_digest_bytes(SSH_DIGEST_SHA1));
239 *key = buffer_get_int64(&b);
240 buffer_free(&b);
241}
diff --git a/roaming_dummy.c b/roaming_dummy.c
deleted file mode 100644
index 837de695d..000000000
--- a/roaming_dummy.c
+++ /dev/null
@@ -1,72 +0,0 @@
1/* $OpenBSD: roaming_dummy.c,v 1.4 2015/01/19 19:52:16 markus Exp $ */
2/*
3 * Copyright (c) 2004-2009 AppGate Network Security AB
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/*
19 * This file is included in the client programs which should not
20 * support roaming.
21 */
22
23#include "includes.h"
24
25#include <sys/types.h>
26#include <unistd.h>
27
28#include "roaming.h"
29
30int resume_in_progress = 0;
31
32u_int64_t
33get_recv_bytes(void)
34{
35 return 0;
36}
37
38u_int64_t
39get_sent_bytes(void)
40{
41 return 0;
42}
43
44void
45roam_set_bytes(u_int64_t sent, u_int64_t recvd)
46{
47}
48
49ssize_t
50roaming_write(int fd, const void *buf, size_t count, int *cont)
51{
52 return write(fd, buf, count);
53}
54
55ssize_t
56roaming_read(int fd, void *buf, size_t count, int *cont)
57{
58 if (cont)
59 *cont = 0;
60 return read(fd, buf, count);
61}
62
63void
64add_recv_bytes(u_int64_t num)
65{
66}
67
68int
69resume_kex(void)
70{
71 return 1;
72}
diff --git a/roaming_serv.c b/roaming_serv.c
deleted file mode 100644
index 511ca8461..000000000
--- a/roaming_serv.c
+++ /dev/null
@@ -1,31 +0,0 @@
1/* $OpenBSD: roaming_serv.c,v 1.1 2009/10/24 11:18:23 andreas Exp $ */
2/*
3 * Copyright (c) 2004-2009 AppGate Network Security AB
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19
20#include <sys/types.h>
21
22#include "roaming.h"
23
24/*
25 * Wait for the roaming client to reconnect. Returns 0 if a connect ocurred.
26 */
27int
28wait_for_roaming_reconnect(void)
29{
30 return 1;
31}
diff --git a/sandbox-pledge.c b/sandbox-pledge.c
new file mode 100644
index 000000000..d28fc2727
--- /dev/null
+++ b/sandbox-pledge.c
@@ -0,0 +1,77 @@
1/* $OpenBSD: sandbox-pledge.c,v 1.1 2015/10/09 01:37:08 deraadt Exp $ */
2/*
3 * Copyright (c) 2015 Theo de Raadt <deraadt@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19
20#ifdef SANDBOX_PLEDGE
21
22#include <sys/types.h>
23#include <sys/ioctl.h>
24#include <sys/syscall.h>
25#include <sys/socket.h>
26#include <sys/wait.h>
27
28#include <errno.h>
29#include <limits.h>
30#include <stdarg.h>
31#include <stdio.h>
32#include <stdlib.h>
33#include <unistd.h>
34#include <pwd.h>
35
36#include "log.h"
37#include "ssh-sandbox.h"
38#include "xmalloc.h"
39
40struct ssh_sandbox {
41 pid_t child_pid;
42};
43
44struct ssh_sandbox *
45ssh_sandbox_init(struct monitor *m)
46{
47 struct ssh_sandbox *box;
48
49 debug3("%s: preparing pledge sandbox", __func__);
50 box = xcalloc(1, sizeof(*box));
51 box->child_pid = 0;
52
53 return box;
54}
55
56void
57ssh_sandbox_child(struct ssh_sandbox *box)
58{
59 if (pledge("stdio", NULL) == -1)
60 fatal("%s: pledge()", __func__);
61}
62
63void
64ssh_sandbox_parent_finish(struct ssh_sandbox *box)
65{
66 free(box);
67 debug3("%s: finished", __func__);
68}
69
70void
71ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
72{
73 box->child_pid = child_pid;
74 /* Nothing to do here */
75}
76
77#endif /* SANDBOX_PLEDGE */
diff --git a/sandbox-seccomp-filter.c b/sandbox-seccomp-filter.c
index 2462bcc88..d132e2646 100644
--- a/sandbox-seccomp-filter.c
+++ b/sandbox-seccomp-filter.c
@@ -147,6 +147,9 @@ static const struct sock_filter preauth_insns[] = {
147#ifdef __NR_getpid 147#ifdef __NR_getpid
148 SC_ALLOW(getpid), 148 SC_ALLOW(getpid),
149#endif 149#endif
150#ifdef __NR_getrandom
151 SC_ALLOW(getrandom),
152#endif
150#ifdef __NR_gettimeofday 153#ifdef __NR_gettimeofday
151 SC_ALLOW(gettimeofday), 154 SC_ALLOW(gettimeofday),
152#endif 155#endif
diff --git a/sandbox-solaris.c b/sandbox-solaris.c
new file mode 100644
index 000000000..343a01022
--- /dev/null
+++ b/sandbox-solaris.c
@@ -0,0 +1,108 @@
1/*
2 * Copyright (c) 2015 Joyent, Inc
3 * Author: Alex Wilson <alex.wilson@joyent.com>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "includes.h"
19
20#ifdef SANDBOX_SOLARIS
21#ifndef USE_SOLARIS_PRIVS
22# error "--with-solaris-privs must be used with the Solaris sandbox"
23#endif
24
25#include <sys/types.h>
26
27#include <errno.h>
28#include <stdarg.h>
29#include <stdio.h>
30#include <stdlib.h>
31#include <string.h>
32#include <unistd.h>
33#ifdef HAVE_PRIV_H
34# include <priv.h>
35#endif
36
37#include "log.h"
38#include "ssh-sandbox.h"
39#include "xmalloc.h"
40
41struct ssh_sandbox {
42 priv_set_t *pset;
43};
44
45struct ssh_sandbox *
46ssh_sandbox_init(struct monitor *monitor)
47{
48 struct ssh_sandbox *box = NULL;
49
50 box = xcalloc(1, sizeof(*box));
51
52 /* Start with "basic" and drop everything we don't need. */
53 box->pset = solaris_basic_privset();
54
55 if (box->pset == NULL) {
56 free(box);
57 return NULL;
58 }
59
60 /* Drop everything except the ability to use already-opened files */
61 if (priv_delset(box->pset, PRIV_FILE_LINK_ANY) != 0 ||
62#ifdef PRIV_NET_ACCESS
63 priv_delset(box->pset, PRIV_NET_ACCESS) != 0 ||
64#endif
65 priv_delset(box->pset, PRIV_PROC_EXEC) != 0 ||
66 priv_delset(box->pset, PRIV_PROC_FORK) != 0 ||
67 priv_delset(box->pset, PRIV_PROC_INFO) != 0 ||
68 priv_delset(box->pset, PRIV_PROC_SESSION) != 0) {
69 free(box);
70 return NULL;
71 }
72
73 /* These may not be available on older Solaris-es */
74# if defined(PRIV_FILE_READ) && defined(PRIV_FILE_WRITE)
75 if (priv_delset(box->pset, PRIV_FILE_READ) != 0 ||
76 priv_delset(box->pset, PRIV_FILE_WRITE) != 0) {
77 free(box);
78 return NULL;
79 }
80# endif
81
82 return box;
83}
84
85void
86ssh_sandbox_child(struct ssh_sandbox *box)
87{
88 if (setppriv(PRIV_SET, PRIV_PERMITTED, box->pset) != 0 ||
89 setppriv(PRIV_SET, PRIV_LIMIT, box->pset) != 0 ||
90 setppriv(PRIV_SET, PRIV_INHERITABLE, box->pset) != 0)
91 fatal("setppriv: %s", strerror(errno));
92}
93
94void
95ssh_sandbox_parent_finish(struct ssh_sandbox *box)
96{
97 priv_freeset(box->pset);
98 box->pset = NULL;
99 free(box);
100}
101
102void
103ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
104{
105 /* Nothing to do here */
106}
107
108#endif /* SANDBOX_SOLARIS */
diff --git a/sandbox-systrace.c b/sandbox-systrace.c
index 3830ed16c..b4d8d04ca 100644
--- a/sandbox-systrace.c
+++ b/sandbox-systrace.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sandbox-systrace.c,v 1.17 2015/07/27 16:29:23 guenther Exp $ */ 1/* $OpenBSD: sandbox-systrace.c,v 1.18 2015/10/02 01:39:26 deraadt Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller <djm@mindrot.org> 3 * Copyright (c) 2011 Damien Miller <djm@mindrot.org>
4 * 4 *
@@ -50,9 +50,17 @@ struct sandbox_policy {
50 50
51/* Permitted syscalls in preauth. Unlisted syscalls get SYSTR_POLICY_KILL */ 51/* Permitted syscalls in preauth. Unlisted syscalls get SYSTR_POLICY_KILL */
52static const struct sandbox_policy preauth_policy[] = { 52static const struct sandbox_policy preauth_policy[] = {
53 { SYS_clock_gettime, SYSTR_POLICY_PERMIT },
54 { SYS_close, SYSTR_POLICY_PERMIT },
55 { SYS_exit, SYSTR_POLICY_PERMIT }, 53 { SYS_exit, SYSTR_POLICY_PERMIT },
54#ifdef SYS_kbind
55 { SYS_kbind, SYSTR_POLICY_PERMIT },
56#endif
57
58 { SYS_getpid, SYSTR_POLICY_PERMIT },
59 { SYS_getpgid, SYSTR_POLICY_PERMIT },
60 { SYS_clock_gettime, SYSTR_POLICY_PERMIT },
61 { SYS_gettimeofday, SYSTR_POLICY_PERMIT },
62 { SYS_sigprocmask, SYSTR_POLICY_PERMIT },
63
56#ifdef SYS_getentropy 64#ifdef SYS_getentropy
57 /* OpenBSD 5.6 and newer use getentropy(2) to seed arc4random(3). */ 65 /* OpenBSD 5.6 and newer use getentropy(2) to seed arc4random(3). */
58 { SYS_getentropy, SYSTR_POLICY_PERMIT }, 66 { SYS_getentropy, SYSTR_POLICY_PERMIT },
@@ -60,27 +68,25 @@ static const struct sandbox_policy preauth_policy[] = {
60 /* Previous releases used sysctl(3)'s kern.arnd variable. */ 68 /* Previous releases used sysctl(3)'s kern.arnd variable. */
61 { SYS___sysctl, SYSTR_POLICY_PERMIT }, 69 { SYS___sysctl, SYSTR_POLICY_PERMIT },
62#endif 70#endif
63 { SYS_getpid, SYSTR_POLICY_PERMIT }, 71#ifdef SYS_sendsyslog
64 { SYS_getpgid, SYSTR_POLICY_PERMIT }, 72 { SYS_sendsyslog, SYSTR_POLICY_PERMIT },
65 { SYS_gettimeofday, SYSTR_POLICY_PERMIT },
66#ifdef SYS_kbind
67 { SYS_kbind, SYSTR_POLICY_PERMIT },
68#endif 73#endif
74
69 { SYS_madvise, SYSTR_POLICY_PERMIT }, 75 { SYS_madvise, SYSTR_POLICY_PERMIT },
70 { SYS_mmap, SYSTR_POLICY_PERMIT }, 76 { SYS_mmap, SYSTR_POLICY_PERMIT },
71 { SYS_mprotect, SYSTR_POLICY_PERMIT }, 77 { SYS_mprotect, SYSTR_POLICY_PERMIT },
72 { SYS_mquery, SYSTR_POLICY_PERMIT }, 78 { SYS_mquery, SYSTR_POLICY_PERMIT },
73 { SYS_munmap, SYSTR_POLICY_PERMIT }, 79 { SYS_munmap, SYSTR_POLICY_PERMIT },
74 { SYS_open, SYSTR_POLICY_NEVER }, 80
75 { SYS_poll, SYSTR_POLICY_PERMIT }, 81 { SYS_poll, SYSTR_POLICY_PERMIT },
76 { SYS_read, SYSTR_POLICY_PERMIT },
77 { SYS_select, SYSTR_POLICY_PERMIT }, 82 { SYS_select, SYSTR_POLICY_PERMIT },
78#ifdef SYS_sendsyslog 83 { SYS_read, SYSTR_POLICY_PERMIT },
79 { SYS_sendsyslog, SYSTR_POLICY_PERMIT },
80#endif
81 { SYS_shutdown, SYSTR_POLICY_PERMIT },
82 { SYS_sigprocmask, SYSTR_POLICY_PERMIT },
83 { SYS_write, SYSTR_POLICY_PERMIT }, 84 { SYS_write, SYSTR_POLICY_PERMIT },
85 { SYS_shutdown, SYSTR_POLICY_PERMIT },
86 { SYS_close, SYSTR_POLICY_PERMIT },
87
88 { SYS_open, SYSTR_POLICY_NEVER },
89
84 { -1, -1 } 90 { -1, -1 }
85}; 91};
86 92
diff --git a/scp.0 b/scp.0
index 8f41f6140..6b70e4ed4 100644
--- a/scp.0
+++ b/scp.0
@@ -72,6 +72,7 @@ DESCRIPTION
72 CanonicalizeHostname 72 CanonicalizeHostname
73 CanonicalizeMaxDots 73 CanonicalizeMaxDots
74 CanonicalizePermittedCNAMEs 74 CanonicalizePermittedCNAMEs
75 CertificateFile
75 ChallengeResponseAuthentication 76 ChallengeResponseAuthentication
76 CheckHostIP 77 CheckHostIP
77 Cipher 78 Cipher
@@ -162,4 +163,4 @@ AUTHORS
162 Timo Rinne <tri@iki.fi> 163 Timo Rinne <tri@iki.fi>
163 Tatu Ylonen <ylo@cs.hut.fi> 164 Tatu Ylonen <ylo@cs.hut.fi>
164 165
165OpenBSD 5.8 July 10, 2015 OpenBSD 5.8 166OpenBSD 5.9 September 25, 2015 OpenBSD 5.9
diff --git a/scp.1 b/scp.1
index 279b0d70b..54ea352ce 100644
--- a/scp.1
+++ b/scp.1
@@ -8,9 +8,9 @@
8.\" 8.\"
9.\" Created: Sun May 7 00:14:37 1995 ylo 9.\" Created: Sun May 7 00:14:37 1995 ylo
10.\" 10.\"
11.\" $OpenBSD: scp.1,v 1.67 2015/07/10 06:21:53 markus Exp $ 11.\" $OpenBSD: scp.1,v 1.68 2015/09/25 18:19:54 jmc Exp $
12.\" 12.\"
13.Dd $Mdocdate: July 10 2015 $ 13.Dd $Mdocdate: September 25 2015 $
14.Dt SCP 1 14.Dt SCP 1
15.Os 15.Os
16.Sh NAME 16.Sh NAME
@@ -133,6 +133,7 @@ For full details of the options listed below, and their possible values, see
133.It CanonicalizeHostname 133.It CanonicalizeHostname
134.It CanonicalizeMaxDots 134.It CanonicalizeMaxDots
135.It CanonicalizePermittedCNAMEs 135.It CanonicalizePermittedCNAMEs
136.It CertificateFile
136.It ChallengeResponseAuthentication 137.It ChallengeResponseAuthentication
137.It CheckHostIP 138.It CheckHostIP
138.It Cipher 139.It Cipher
diff --git a/scp.c b/scp.c
index 593fe89bd..0bdd7cb0b 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: scp.c,v 1.182 2015/04/24 01:36:00 deraadt Exp $ */ 1/* $OpenBSD: scp.c,v 1.184 2015/11/27 00:49:31 deraadt Exp $ */
2/* 2/*
3 * scp - secure remote copy. This is basically patched BSD rcp which 3 * scp - secure remote copy. This is basically patched BSD rcp which
4 * uses ssh to do the data transfer (instead of using rcmd). 4 * uses ssh to do the data transfer (instead of using rcmd).
@@ -484,6 +484,16 @@ main(int argc, char **argv)
484 if (!isatty(STDOUT_FILENO)) 484 if (!isatty(STDOUT_FILENO))
485 showprogress = 0; 485 showprogress = 0;
486 486
487 if (pflag) {
488 /* Cannot pledge: -p allows setuid/setgid files... */
489 } else {
490 if (pledge("stdio rpath wpath cpath fattr tty proc exec",
491 NULL) == -1) {
492 perror("pledge");
493 exit(1);
494 }
495 }
496
487 remin = STDIN_FILENO; 497 remin = STDIN_FILENO;
488 remout = STDOUT_FILENO; 498 remout = STDOUT_FILENO;
489 499
@@ -866,7 +876,7 @@ rsource(char *name, struct stat *statp)
866 return; 876 return;
867 } 877 }
868 last = strrchr(name, '/'); 878 last = strrchr(name, '/');
869 if (last == 0) 879 if (last == NULL)
870 last = name; 880 last = name;
871 else 881 else
872 last++; 882 last++;
diff --git a/servconf.c b/servconf.c
index 6c7a91e6b..b19d30e18 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
1 1
2/* $OpenBSD: servconf.c,v 1.280 2015/08/06 14:53:21 deraadt Exp $ */ 2/* $OpenBSD: servconf.c,v 1.285 2016/02/17 05:29:04 djm Exp $ */
3/* 3/*
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5 * All rights reserved 5 * All rights reserved
@@ -178,6 +178,20 @@ option_clear_or_none(const char *o)
178 return o == NULL || strcasecmp(o, "none") == 0; 178 return o == NULL || strcasecmp(o, "none") == 0;
179} 179}
180 180
181static void
182assemble_algorithms(ServerOptions *o)
183{
184 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &o->ciphers) != 0 ||
185 kex_assemble_names(KEX_SERVER_MAC, &o->macs) != 0 ||
186 kex_assemble_names(KEX_SERVER_KEX, &o->kex_algorithms) != 0 ||
187 kex_assemble_names(KEX_DEFAULT_PK_ALG,
188 &o->hostkeyalgorithms) != 0 ||
189 kex_assemble_names(KEX_DEFAULT_PK_ALG,
190 &o->hostbased_key_types) != 0 ||
191 kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->pubkey_key_types) != 0)
192 fatal("kex_assemble_names failed");
193}
194
181void 195void
182fill_default_server_options(ServerOptions *options) 196fill_default_server_options(ServerOptions *options)
183{ 197{
@@ -259,8 +273,6 @@ fill_default_server_options(ServerOptions *options)
259 options->hostbased_authentication = 0; 273 options->hostbased_authentication = 0;
260 if (options->hostbased_uses_name_from_packet_only == -1) 274 if (options->hostbased_uses_name_from_packet_only == -1)
261 options->hostbased_uses_name_from_packet_only = 0; 275 options->hostbased_uses_name_from_packet_only = 0;
262 if (options->hostkeyalgorithms == NULL)
263 options->hostkeyalgorithms = xstrdup(KEX_DEFAULT_PK_ALG);
264 if (options->rsa_authentication == -1) 276 if (options->rsa_authentication == -1)
265 options->rsa_authentication = 1; 277 options->rsa_authentication = 1;
266 if (options->pubkey_authentication == -1) 278 if (options->pubkey_authentication == -1)
@@ -342,18 +354,11 @@ fill_default_server_options(ServerOptions *options)
342 if (options->fingerprint_hash == -1) 354 if (options->fingerprint_hash == -1)
343 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; 355 options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
344 356
345 if (kex_assemble_names(KEX_SERVER_ENCRYPT, &options->ciphers) != 0 || 357 assemble_algorithms(options);
346 kex_assemble_names(KEX_SERVER_MAC, &options->macs) != 0 ||
347 kex_assemble_names(KEX_SERVER_KEX, &options->kex_algorithms) != 0 ||
348 kex_assemble_names(KEX_DEFAULT_PK_ALG,
349 &options->hostbased_key_types) != 0 ||
350 kex_assemble_names(KEX_DEFAULT_PK_ALG,
351 &options->pubkey_key_types) != 0)
352 fatal("%s: kex_assemble_names failed", __func__);
353 358
354 /* Turn privilege separation on by default */ 359 /* Turn privilege separation and sandboxing on by default */
355 if (use_privsep == -1) 360 if (use_privsep == -1)
356 use_privsep = PRIVSEP_NOSANDBOX; 361 use_privsep = PRIVSEP_ON;
357 362
358#define CLEAR_ON_NONE(v) \ 363#define CLEAR_ON_NONE(v) \
359 do { \ 364 do { \
@@ -368,6 +373,8 @@ fill_default_server_options(ServerOptions *options)
368 CLEAR_ON_NONE(options->trusted_user_ca_keys); 373 CLEAR_ON_NONE(options->trusted_user_ca_keys);
369 CLEAR_ON_NONE(options->revoked_keys_file); 374 CLEAR_ON_NONE(options->revoked_keys_file);
370 CLEAR_ON_NONE(options->authorized_principals_file); 375 CLEAR_ON_NONE(options->authorized_principals_file);
376 CLEAR_ON_NONE(options->adm_forced_command);
377 CLEAR_ON_NONE(options->chroot_directory);
371 for (i = 0; i < options->num_host_key_files; i++) 378 for (i = 0; i < options->num_host_key_files; i++)
372 CLEAR_ON_NONE(options->host_key_files[i]); 379 CLEAR_ON_NONE(options->host_key_files[i]);
373 for (i = 0; i < options->num_host_cert_files; i++) 380 for (i = 0; i < options->num_host_cert_files; i++)
@@ -499,7 +506,11 @@ static struct {
499 { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, 506 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
500 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, 507 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
501 { "printmotd", sPrintMotd, SSHCFG_GLOBAL }, 508 { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
509#ifdef DISABLE_LASTLOG
510 { "printlastlog", sUnsupported, SSHCFG_GLOBAL },
511#else
502 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL }, 512 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
513#endif
503 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL }, 514 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
504 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL }, 515 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
505 { "x11forwarding", sX11Forwarding, SSHCFG_ALL }, 516 { "x11forwarding", sX11Forwarding, SSHCFG_ALL },
@@ -1319,16 +1330,12 @@ process_server_config_line(ServerOptions *options, char *line,
1319 if (scan_scaled(arg, &val64) == -1) 1330 if (scan_scaled(arg, &val64) == -1)
1320 fatal("%.200s line %d: Bad number '%s': %s", 1331 fatal("%.200s line %d: Bad number '%s': %s",
1321 filename, linenum, arg, strerror(errno)); 1332 filename, linenum, arg, strerror(errno));
1322 /* check for too-large or too-small limits */
1323 if (val64 > UINT_MAX)
1324 fatal("%.200s line %d: RekeyLimit too large",
1325 filename, linenum);
1326 if (val64 != 0 && val64 < 16) 1333 if (val64 != 0 && val64 < 16)
1327 fatal("%.200s line %d: RekeyLimit too small", 1334 fatal("%.200s line %d: RekeyLimit too small",
1328 filename, linenum); 1335 filename, linenum);
1329 } 1336 }
1330 if (*activep && options->rekey_limit == -1) 1337 if (*activep && options->rekey_limit == -1)
1331 options->rekey_limit = (u_int32_t)val64; 1338 options->rekey_limit = val64;
1332 if (cp != NULL) { /* optional rekey interval present */ 1339 if (cp != NULL) { /* optional rekey interval present */
1333 if (strcmp(cp, "none") == 0) { 1340 if (strcmp(cp, "none") == 0) {
1334 (void)strdelim(&cp); /* discard */ 1341 (void)strdelim(&cp); /* discard */
@@ -2015,6 +2022,9 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
2015 /* See comment in servconf.h */ 2022 /* See comment in servconf.h */
2016 COPY_MATCH_STRING_OPTS(); 2023 COPY_MATCH_STRING_OPTS();
2017 2024
2025 /* Arguments that accept '+...' need to be expanded */
2026 assemble_algorithms(dst);
2027
2018 /* 2028 /*
2019 * The only things that should be below this point are string options 2029 * The only things that should be below this point are string options
2020 * which are only used after authentication. 2030 * which are only used after authentication.
@@ -2022,8 +2032,17 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
2022 if (preauth) 2032 if (preauth)
2023 return; 2033 return;
2024 2034
2035 /* These options may be "none" to clear a global setting */
2025 M_CP_STROPT(adm_forced_command); 2036 M_CP_STROPT(adm_forced_command);
2037 if (option_clear_or_none(dst->adm_forced_command)) {
2038 free(dst->adm_forced_command);
2039 dst->adm_forced_command = NULL;
2040 }
2026 M_CP_STROPT(chroot_directory); 2041 M_CP_STROPT(chroot_directory);
2042 if (option_clear_or_none(dst->chroot_directory)) {
2043 free(dst->chroot_directory);
2044 dst->chroot_directory = NULL;
2045 }
2027} 2046}
2028 2047
2029#undef M_CP_INTOPT 2048#undef M_CP_INTOPT
@@ -2254,7 +2273,9 @@ dump_config(ServerOptions *o)
2254 dump_cfg_fmtint(sChallengeResponseAuthentication, 2273 dump_cfg_fmtint(sChallengeResponseAuthentication,
2255 o->challenge_response_authentication); 2274 o->challenge_response_authentication);
2256 dump_cfg_fmtint(sPrintMotd, o->print_motd); 2275 dump_cfg_fmtint(sPrintMotd, o->print_motd);
2276#ifndef DISABLE_LASTLOG
2257 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); 2277 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
2278#endif
2258 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); 2279 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
2259 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 2280 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
2260 dump_cfg_fmtint(sPermitTTY, o->permit_tty); 2281 dump_cfg_fmtint(sPermitTTY, o->permit_tty);
@@ -2338,7 +2359,7 @@ dump_config(ServerOptions *o)
2338 printf("ipqos %s ", iptos2str(o->ip_qos_interactive)); 2359 printf("ipqos %s ", iptos2str(o->ip_qos_interactive));
2339 printf("%s\n", iptos2str(o->ip_qos_bulk)); 2360 printf("%s\n", iptos2str(o->ip_qos_bulk));
2340 2361
2341 printf("rekeylimit %lld %d\n", (long long)o->rekey_limit, 2362 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit,
2342 o->rekey_interval); 2363 o->rekey_interval);
2343 2364
2344 channel_print_adm_permitted_opens(); 2365 channel_print_adm_permitted_opens();
diff --git a/serverloop.c b/serverloop.c
index 306ac36be..80d1db549 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: serverloop.c,v 1.178 2015/02/20 22:17:21 djm Exp $ */ 1/* $OpenBSD: serverloop.c,v 1.182 2016/02/08 10:57:07 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -78,7 +78,6 @@
78#include "dispatch.h" 78#include "dispatch.h"
79#include "auth-options.h" 79#include "auth-options.h"
80#include "serverloop.h" 80#include "serverloop.h"
81#include "roaming.h"
82#include "ssherr.h" 81#include "ssherr.h"
83 82
84extern ServerOptions options; 83extern ServerOptions options;
@@ -399,11 +398,8 @@ process_input(fd_set *readset)
399 398
400 /* Read and buffer any input data from the client. */ 399 /* Read and buffer any input data from the client. */
401 if (FD_ISSET(connection_in, readset)) { 400 if (FD_ISSET(connection_in, readset)) {
402 int cont = 0; 401 len = read(connection_in, buf, sizeof(buf));
403 len = roaming_read(connection_in, buf, sizeof(buf), &cont);
404 if (len == 0) { 402 if (len == 0) {
405 if (cont)
406 return;
407 verbose("Connection closed by %.100s", 403 verbose("Connection closed by %.100s",
408 get_remote_ipaddr()); 404 get_remote_ipaddr());
409 connection_closed = 1; 405 connection_closed = 1;
@@ -824,7 +820,7 @@ void
824server_loop2(Authctxt *authctxt) 820server_loop2(Authctxt *authctxt)
825{ 821{
826 fd_set *readset = NULL, *writeset = NULL; 822 fd_set *readset = NULL, *writeset = NULL;
827 int rekeying = 0, max_fd; 823 int max_fd;
828 u_int nalloc = 0; 824 u_int nalloc = 0;
829 u_int64_t rekey_timeout_ms = 0; 825 u_int64_t rekey_timeout_ms = 0;
830 826
@@ -851,11 +847,11 @@ server_loop2(Authctxt *authctxt)
851 for (;;) { 847 for (;;) {
852 process_buffered_input_packets(); 848 process_buffered_input_packets();
853 849
854 rekeying = (active_state->kex != NULL && !active_state->kex->done); 850 if (!ssh_packet_is_rekeying(active_state) &&
855 851 packet_not_very_much_data_to_write())
856 if (!rekeying && packet_not_very_much_data_to_write())
857 channel_output_poll(); 852 channel_output_poll();
858 if (options.rekey_interval > 0 && compat20 && !rekeying) 853 if (options.rekey_interval > 0 && compat20 &&
854 !ssh_packet_is_rekeying(active_state))
859 rekey_timeout_ms = packet_get_rekey_timeout() * 1000; 855 rekey_timeout_ms = packet_get_rekey_timeout() * 1000;
860 else 856 else
861 rekey_timeout_ms = 0; 857 rekey_timeout_ms = 0;
@@ -870,14 +866,8 @@ server_loop2(Authctxt *authctxt)
870 } 866 }
871 867
872 collect_children(); 868 collect_children();
873 if (!rekeying) { 869 if (!ssh_packet_is_rekeying(active_state))
874 channel_after_select(readset, writeset); 870 channel_after_select(readset, writeset);
875 if (packet_need_rekeying()) {
876 debug("need rekeying");
877 active_state->kex->done = 0;
878 kex_send_kexinit(active_state);
879 }
880 }
881 process_input(readset); 871 process_input(readset);
882 if (connection_closed) 872 if (connection_closed)
883 break; 873 break;
@@ -1201,7 +1191,7 @@ server_input_hostkeys_prove(struct sshbuf **respp)
1201 ssh->kex->session_id, ssh->kex->session_id_len)) != 0 || 1191 ssh->kex->session_id, ssh->kex->session_id_len)) != 0 ||
1202 (r = sshkey_puts(key, sigbuf)) != 0 || 1192 (r = sshkey_puts(key, sigbuf)) != 0 ||
1203 (r = ssh->kex->sign(key_prv, key_pub, &sig, &slen, 1193 (r = ssh->kex->sign(key_prv, key_pub, &sig, &slen,
1204 sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), 0)) != 0 || 1194 sshbuf_ptr(sigbuf), sshbuf_len(sigbuf), NULL, 0)) != 0 ||
1205 (r = sshbuf_put_string(resp, sig, slen)) != 0) { 1195 (r = sshbuf_put_string(resp, sig, slen)) != 0) {
1206 error("%s: couldn't prepare signature: %s", 1196 error("%s: couldn't prepare signature: %s",
1207 __func__, ssh_err(r)); 1197 __func__, ssh_err(r));
@@ -1265,7 +1255,8 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt)
1265 free(fwd.listen_host); 1255 free(fwd.listen_host);
1266 if ((resp = sshbuf_new()) == NULL) 1256 if ((resp = sshbuf_new()) == NULL)
1267 fatal("%s: sshbuf_new", __func__); 1257 fatal("%s: sshbuf_new", __func__);
1268 if ((r = sshbuf_put_u32(resp, allocated_listen_port)) != 0) 1258 if (allocated_listen_port != 0 &&
1259 (r = sshbuf_put_u32(resp, allocated_listen_port)) != 0)
1269 fatal("%s: sshbuf_put_u32: %s", __func__, ssh_err(r)); 1260 fatal("%s: sshbuf_put_u32: %s", __func__, ssh_err(r));
1270 } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) { 1261 } else if (strcmp(rtype, "cancel-tcpip-forward") == 0) {
1271 struct Forward fwd; 1262 struct Forward fwd;
diff --git a/session.c b/session.c
index 5a64715e2..7a02500ab 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: session.c,v 1.278 2015/04/24 01:36:00 deraadt Exp $ */ 1/* $OpenBSD: session.c,v 1.280 2016/02/16 03:37:48 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -160,6 +160,7 @@ login_cap_t *lc;
160#endif 160#endif
161 161
162static int is_child = 0; 162static int is_child = 0;
163static int in_chroot = 0;
163 164
164/* Name and directory of socket for authentication agent forwarding. */ 165/* Name and directory of socket for authentication agent forwarding. */
165static char *auth_sock_name = NULL; 166static char *auth_sock_name = NULL;
@@ -778,8 +779,8 @@ int
778do_exec(Session *s, const char *command) 779do_exec(Session *s, const char *command)
779{ 780{
780 int ret; 781 int ret;
781 const char *forced = NULL; 782 const char *forced = NULL, *tty = NULL;
782 char session_type[1024], *tty = NULL; 783 char session_type[1024];
783 784
784 if (options.adm_forced_command) { 785 if (options.adm_forced_command) {
785 original_command = command; 786 original_command = command;
@@ -814,13 +815,14 @@ do_exec(Session *s, const char *command)
814 tty += 5; 815 tty += 5;
815 } 816 }
816 817
817 verbose("Starting session: %s%s%s for %s from %.200s port %d", 818 verbose("Starting session: %s%s%s for %s from %.200s port %d id %d",
818 session_type, 819 session_type,
819 tty == NULL ? "" : " on ", 820 tty == NULL ? "" : " on ",
820 tty == NULL ? "" : tty, 821 tty == NULL ? "" : tty,
821 s->pw->pw_name, 822 s->pw->pw_name,
822 get_remote_ipaddr(), 823 get_remote_ipaddr(),
823 get_remote_port()); 824 get_remote_port(),
825 s->self);
824 826
825#ifdef SSH_AUDIT_EVENTS 827#ifdef SSH_AUDIT_EVENTS
826 if (command != NULL) 828 if (command != NULL)
@@ -1490,9 +1492,6 @@ void
1490do_setusercontext(struct passwd *pw) 1492do_setusercontext(struct passwd *pw)
1491{ 1493{
1492 char *chroot_path, *tmp; 1494 char *chroot_path, *tmp;
1493#ifdef USE_LIBIAF
1494 int doing_chroot = 0;
1495#endif
1496 1495
1497 platform_setusercontext(pw); 1496 platform_setusercontext(pw);
1498 1497
@@ -1520,7 +1519,7 @@ do_setusercontext(struct passwd *pw)
1520 1519
1521 platform_setusercontext_post_groups(pw); 1520 platform_setusercontext_post_groups(pw);
1522 1521
1523 if (options.chroot_directory != NULL && 1522 if (!in_chroot && options.chroot_directory != NULL &&
1524 strcasecmp(options.chroot_directory, "none") != 0) { 1523 strcasecmp(options.chroot_directory, "none") != 0) {
1525 tmp = tilde_expand_filename(options.chroot_directory, 1524 tmp = tilde_expand_filename(options.chroot_directory,
1526 pw->pw_uid); 1525 pw->pw_uid);
@@ -1532,9 +1531,7 @@ do_setusercontext(struct passwd *pw)
1532 /* Make sure we don't attempt to chroot again */ 1531 /* Make sure we don't attempt to chroot again */
1533 free(options.chroot_directory); 1532 free(options.chroot_directory);
1534 options.chroot_directory = NULL; 1533 options.chroot_directory = NULL;
1535#ifdef USE_LIBIAF 1534 in_chroot = 1;
1536 doing_chroot = 1;
1537#endif
1538 } 1535 }
1539 1536
1540#ifdef HAVE_LOGIN_CAP 1537#ifdef HAVE_LOGIN_CAP
@@ -1549,16 +1546,16 @@ do_setusercontext(struct passwd *pw)
1549 (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK); 1546 (void) setusercontext(lc, pw, pw->pw_uid, LOGIN_SETUMASK);
1550#else 1547#else
1551# ifdef USE_LIBIAF 1548# ifdef USE_LIBIAF
1552/* In a chroot environment, the set_id() will always fail; typically 1549 /*
1553 * because of the lack of necessary authentication services and runtime 1550 * In a chroot environment, the set_id() will always fail;
1554 * such as ./usr/lib/libiaf.so, ./usr/lib/libpam.so.1, and ./etc/passwd 1551 * typically because of the lack of necessary authentication
1555 * We skip it in the internal sftp chroot case. 1552 * services and runtime such as ./usr/lib/libiaf.so,
1556 * We'll lose auditing and ACLs but permanently_set_uid will 1553 * ./usr/lib/libpam.so.1, and ./etc/passwd We skip it in the
1557 * take care of the rest. 1554 * internal sftp chroot case. We'll lose auditing and ACLs but
1558 */ 1555 * permanently_set_uid will take care of the rest.
1559 if ((doing_chroot == 0) && set_id(pw->pw_name) != 0) { 1556 */
1560 fatal("set_id(%s) Failed", pw->pw_name); 1557 if (!in_chroot && set_id(pw->pw_name) != 0)
1561 } 1558 fatal("set_id(%s) Failed", pw->pw_name);
1562# endif /* USE_LIBIAF */ 1559# endif /* USE_LIBIAF */
1563 /* Permanently switch to the desired uid. */ 1560 /* Permanently switch to the desired uid. */
1564 permanently_set_uid(pw); 1561 permanently_set_uid(pw);
@@ -1790,11 +1787,11 @@ do_child(Session *s, const char *command)
1790#ifdef HAVE_LOGIN_CAP 1787#ifdef HAVE_LOGIN_CAP
1791 r = login_getcapbool(lc, "requirehome", 0); 1788 r = login_getcapbool(lc, "requirehome", 0);
1792#endif 1789#endif
1793 if (r || options.chroot_directory == NULL || 1790 if (r || !in_chroot) {
1794 strcasecmp(options.chroot_directory, "none") == 0)
1795 fprintf(stderr, "Could not chdir to home " 1791 fprintf(stderr, "Could not chdir to home "
1796 "directory %s: %s\n", pw->pw_dir, 1792 "directory %s: %s\n", pw->pw_dir,
1797 strerror(errno)); 1793 strerror(errno));
1794 }
1798 if (r) 1795 if (r)
1799 exit(1); 1796 exit(1);
1800 } 1797 }
@@ -2503,7 +2500,12 @@ session_close(Session *s)
2503{ 2500{
2504 u_int i; 2501 u_int i;
2505 2502
2506 debug("session_close: session %d pid %ld", s->self, (long)s->pid); 2503 verbose("Close session: user %s from %.200s port %d id %d",
2504 s->pw->pw_name,
2505 get_remote_ipaddr(),
2506 get_remote_port(),
2507 s->self);
2508
2507 if (s->ttyfd != -1) 2509 if (s->ttyfd != -1)
2508 session_pty_cleanup(s); 2510 session_pty_cleanup(s);
2509 free(s->term); 2511 free(s->term);
diff --git a/sftp-client.c b/sftp-client.c
index 5dbeb47c0..d49bfaaba 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp-client.c,v 1.120 2015/05/28 04:50:53 djm Exp $ */ 1/* $OpenBSD: sftp-client.c,v 1.121 2016/02/11 02:21:34 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -1760,7 +1760,7 @@ do_upload(struct sftp_conn *conn, const char *local_path,
1760 if (fsync_flag) 1760 if (fsync_flag)
1761 (void)do_fsync(conn, handle, handle_len); 1761 (void)do_fsync(conn, handle, handle_len);
1762 1762
1763 if (do_close(conn, handle, handle_len) != SSH2_FX_OK) 1763 if (do_close(conn, handle, handle_len) != 0)
1764 status = SSH2_FX_FAILURE; 1764 status = SSH2_FX_FAILURE;
1765 1765
1766 free(handle); 1766 free(handle);
@@ -1773,12 +1773,11 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1773 int depth, int preserve_flag, int print_flag, int resume, int fsync_flag) 1773 int depth, int preserve_flag, int print_flag, int resume, int fsync_flag)
1774{ 1774{
1775 int ret = 0; 1775 int ret = 0;
1776 u_int status;
1777 DIR *dirp; 1776 DIR *dirp;
1778 struct dirent *dp; 1777 struct dirent *dp;
1779 char *filename, *new_src, *new_dst; 1778 char *filename, *new_src, *new_dst;
1780 struct stat sb; 1779 struct stat sb;
1781 Attrib a; 1780 Attrib a, *dirattrib;
1782 1781
1783 if (depth >= MAX_DIR_DEPTH) { 1782 if (depth >= MAX_DIR_DEPTH) {
1784 error("Maximum directory depth exceeded: %d levels", depth); 1783 error("Maximum directory depth exceeded: %d levels", depth);
@@ -1805,17 +1804,18 @@ upload_dir_internal(struct sftp_conn *conn, const char *src, const char *dst,
1805 if (!preserve_flag) 1804 if (!preserve_flag)
1806 a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME; 1805 a.flags &= ~SSH2_FILEXFER_ATTR_ACMODTIME;
1807 1806
1808 status = do_mkdir(conn, dst, &a, 0);
1809 /* 1807 /*
1810 * we lack a portable status for errno EEXIST, 1808 * sftp lacks a portable status value to match errno EEXIST,
1811 * so if we get a SSH2_FX_FAILURE back we must check 1809 * so if we get a failure back then we must check whether
1812 * if it was created successfully. 1810 * the path already existed and is a directory.
1813 */ 1811 */
1814 if (status != SSH2_FX_OK) { 1812 if (do_mkdir(conn, dst, &a, 0) != 0) {
1815 if (status != SSH2_FX_FAILURE) 1813 if ((dirattrib = do_stat(conn, dst, 0)) == NULL)
1816 return -1; 1814 return -1;
1817 if (do_stat(conn, dst, 0) == NULL) 1815 if (!S_ISDIR(dirattrib->perm)) {
1816 error("\"%s\" exists but is not a directory", dst);
1818 return -1; 1817 return -1;
1818 }
1819 } 1819 }
1820 1820
1821 if ((dirp = opendir(src)) == NULL) { 1821 if ((dirp = opendir(src)) == NULL) {
diff --git a/sftp-client.h b/sftp-client.h
index f814b07d6..14a3b8182 100644
--- a/sftp-client.h
+++ b/sftp-client.h
@@ -21,6 +21,12 @@
21#ifndef _SFTP_CLIENT_H 21#ifndef _SFTP_CLIENT_H
22#define _SFTP_CLIENT_H 22#define _SFTP_CLIENT_H
23 23
24#ifdef USE_SYSTEM_GLOB
25# include <glob.h>
26#else
27# include "openbsd-compat/glob.h"
28#endif
29
24typedef struct SFTP_DIRENT SFTP_DIRENT; 30typedef struct SFTP_DIRENT SFTP_DIRENT;
25 31
26struct SFTP_DIRENT { 32struct SFTP_DIRENT {
diff --git a/sftp-server-main.c b/sftp-server-main.c
index 7e644ab89..c6ccd623e 100644
--- a/sftp-server-main.c
+++ b/sftp-server-main.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp-server-main.c,v 1.4 2009/02/21 19:32:04 tobias Exp $ */ 1/* $OpenBSD: sftp-server-main.c,v 1.5 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2008 Markus Friedl. All rights reserved. 3 * Copyright (c) 2008 Markus Friedl. All rights reserved.
4 * 4 *
@@ -26,6 +26,7 @@
26#include "log.h" 26#include "log.h"
27#include "sftp.h" 27#include "sftp.h"
28#include "misc.h" 28#include "misc.h"
29#include "xmalloc.h"
29 30
30void 31void
31cleanup_exit(int i) 32cleanup_exit(int i)
@@ -38,6 +39,7 @@ main(int argc, char **argv)
38{ 39{
39 struct passwd *user_pw; 40 struct passwd *user_pw;
40 41
42 ssh_malloc_init(); /* must be called before any mallocs */
41 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 43 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
42 sanitise_stdfd(); 44 sanitise_stdfd();
43 45
diff --git a/sftp-server.0 b/sftp-server.0
index b971cef40..3b22ed2a0 100644
--- a/sftp-server.0
+++ b/sftp-server.0
@@ -93,4 +93,4 @@ HISTORY
93AUTHORS 93AUTHORS
94 Markus Friedl <markus@openbsd.org> 94 Markus Friedl <markus@openbsd.org>
95 95
96OpenBSD 5.8 December 11, 2014 OpenBSD 5.8 96OpenBSD 5.9 December 11, 2014 OpenBSD 5.9
diff --git a/sftp-server.c b/sftp-server.c
index eac11d7e6..e11a1b89b 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp-server.c,v 1.107 2015/08/20 22:32:42 deraadt Exp $ */ 1/* $OpenBSD: sftp-server.c,v 1.109 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
4 * 4 *
@@ -1513,6 +1513,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1513 extern char *optarg; 1513 extern char *optarg;
1514 extern char *__progname; 1514 extern char *__progname;
1515 1515
1516 ssh_malloc_init(); /* must be called before any mallocs */
1516 __progname = ssh_get_progname(argv[0]); 1517 __progname = ssh_get_progname(argv[0]);
1517 log_init(__progname, log_level, log_facility, log_stderr); 1518 log_init(__progname, log_level, log_facility, log_stderr);
1518 1519
@@ -1598,6 +1599,9 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1598 fatal("unable to make the process undumpable"); 1599 fatal("unable to make the process undumpable");
1599#endif /* defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) */ 1600#endif /* defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) */
1600 1601
1602 /* Drop any fine-grained privileges we don't need */
1603 platform_pledge_sftp_server();
1604
1601 if ((cp = getenv("SSH_CONNECTION")) != NULL) { 1605 if ((cp = getenv("SSH_CONNECTION")) != NULL) {
1602 client_addr = xstrdup(cp); 1606 client_addr = xstrdup(cp);
1603 if ((cp = strchr(client_addr, ' ')) == NULL) { 1607 if ((cp = strchr(client_addr, ' ')) == NULL) {
@@ -1631,9 +1635,8 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1631 if ((oqueue = sshbuf_new()) == NULL) 1635 if ((oqueue = sshbuf_new()) == NULL)
1632 fatal("%s: sshbuf_new failed", __func__); 1636 fatal("%s: sshbuf_new failed", __func__);
1633 1637
1634 set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask); 1638 rset = xcalloc(howmany(max + 1, NFDBITS), sizeof(fd_mask));
1635 rset = xmalloc(set_size); 1639 wset = xcalloc(howmany(max + 1, NFDBITS), sizeof(fd_mask));
1636 wset = xmalloc(set_size);
1637 1640
1638 if (homedir != NULL) { 1641 if (homedir != NULL) {
1639 if (chdir(homedir) != 0) { 1642 if (chdir(homedir) != 0) {
@@ -1642,6 +1645,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
1642 } 1645 }
1643 } 1646 }
1644 1647
1648 set_size = howmany(max + 1, NFDBITS) * sizeof(fd_mask);
1645 for (;;) { 1649 for (;;) {
1646 memset(rset, 0, set_size); 1650 memset(rset, 0, set_size);
1647 memset(wset, 0, set_size); 1651 memset(wset, 0, set_size);
diff --git a/sftp.0 b/sftp.0
index 550f27648..ce48de9ca 100644
--- a/sftp.0
+++ b/sftp.0
@@ -108,6 +108,7 @@ DESCRIPTION
108 CanonicalizeHostname 108 CanonicalizeHostname
109 CanonicalizeMaxDots 109 CanonicalizeMaxDots
110 CanonicalizePermittedCNAMEs 110 CanonicalizePermittedCNAMEs
111 CertificateFile
111 ChallengeResponseAuthentication 112 ChallengeResponseAuthentication
112 CheckHostIP 113 CheckHostIP
113 Cipher 114 Cipher
@@ -380,4 +381,4 @@ SEE ALSO
380 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- 381 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh-
381 filexfer-00.txt, January 2001, work in progress material. 382 filexfer-00.txt, January 2001, work in progress material.
382 383
383OpenBSD 5.8 January 30, 2015 OpenBSD 5.8 384OpenBSD 5.9 September 25, 2015 OpenBSD 5.9
diff --git a/sftp.1 b/sftp.1
index 214f0118c..edc5a85e6 100644
--- a/sftp.1
+++ b/sftp.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: sftp.1,v 1.101 2015/01/30 11:43:14 djm Exp $ 1.\" $OpenBSD: sftp.1,v 1.102 2015/09/25 18:19:54 jmc Exp $
2.\" 2.\"
3.\" Copyright (c) 2001 Damien Miller. All rights reserved. 3.\" Copyright (c) 2001 Damien Miller. All rights reserved.
4.\" 4.\"
@@ -22,7 +22,7 @@
22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24.\" 24.\"
25.Dd $Mdocdate: January 30 2015 $ 25.Dd $Mdocdate: September 25 2015 $
26.Dt SFTP 1 26.Dt SFTP 1
27.Os 27.Os
28.Sh NAME 28.Sh NAME
@@ -198,6 +198,7 @@ For full details of the options listed below, and their possible values, see
198.It CanonicalizeHostname 198.It CanonicalizeHostname
199.It CanonicalizeMaxDots 199.It CanonicalizeMaxDots
200.It CanonicalizePermittedCNAMEs 200.It CanonicalizePermittedCNAMEs
201.It CertificateFile
201.It ChallengeResponseAuthentication 202.It ChallengeResponseAuthentication
202.It CheckHostIP 203.It CheckHostIP
203.It Cipher 204.It Cipher
diff --git a/sftp.c b/sftp.c
index 788601a8d..2077219fa 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp.c,v 1.171 2015/08/20 22:32:42 deraadt Exp $ */ 1/* $OpenBSD: sftp.c,v 1.172 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -2248,6 +2248,7 @@ main(int argc, char **argv)
2248 size_t num_requests = DEFAULT_NUM_REQUESTS; 2248 size_t num_requests = DEFAULT_NUM_REQUESTS;
2249 long long limit_kbps = 0; 2249 long long limit_kbps = 0;
2250 2250
2251 ssh_malloc_init(); /* must be called before any mallocs */
2251 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 2252 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
2252 sanitise_stdfd(); 2253 sanitise_stdfd();
2253 setlocale(LC_CTYPE, ""); 2254 setlocale(LC_CTYPE, "");
diff --git a/ssh-add.0 b/ssh-add.0
index 29db710ab..cc56b0035 100644
--- a/ssh-add.0
+++ b/ssh-add.0
@@ -126,4 +126,4 @@ AUTHORS
126 created OpenSSH. Markus Friedl contributed the support for SSH protocol 126 created OpenSSH. Markus Friedl contributed the support for SSH protocol
127 versions 1.5 and 2.0. 127 versions 1.5 and 2.0.
128 128
129OpenBSD 5.8 March 30, 2015 OpenBSD 5.8 129OpenBSD 5.9 March 30, 2015 OpenBSD 5.9
diff --git a/ssh-add.c b/ssh-add.c
index d6271d78e..fb9a53e64 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-add.c,v 1.123 2015/07/03 03:43:18 djm Exp $ */ 1/* $OpenBSD: ssh-add.c,v 1.128 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -93,7 +93,7 @@ static int lifetime = 0;
93/* User has to confirm key use */ 93/* User has to confirm key use */
94static int confirm = 0; 94static int confirm = 0;
95 95
96/* we keep a cache of one passphrases */ 96/* we keep a cache of one passphrase */
97static char *pass = NULL; 97static char *pass = NULL;
98static void 98static void
99clear_pass(void) 99clear_pass(void)
@@ -150,10 +150,8 @@ delete_file(int agent_fd, const char *filename, int key_only)
150 certpath, ssh_err(r)); 150 certpath, ssh_err(r));
151 151
152 out: 152 out:
153 if (cert != NULL) 153 sshkey_free(cert);
154 sshkey_free(cert); 154 sshkey_free(public);
155 if (public != NULL)
156 sshkey_free(public);
157 free(certpath); 155 free(certpath);
158 free(comment); 156 free(comment);
159 157
@@ -218,35 +216,32 @@ add_file(int agent_fd, const char *filename, int key_only)
218 close(fd); 216 close(fd);
219 217
220 /* At first, try empty passphrase */ 218 /* At first, try empty passphrase */
221 if ((r = sshkey_parse_private_fileblob(keyblob, "", filename, 219 if ((r = sshkey_parse_private_fileblob(keyblob, "", &private,
222 &private, &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) { 220 &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
223 fprintf(stderr, "Error loading key \"%s\": %s\n", 221 fprintf(stderr, "Error loading key \"%s\": %s\n",
224 filename, ssh_err(r)); 222 filename, ssh_err(r));
225 goto fail_load; 223 goto fail_load;
226 } 224 }
227 /* try last */ 225 /* try last */
228 if (private == NULL && pass != NULL) { 226 if (private == NULL && pass != NULL) {
229 if ((r = sshkey_parse_private_fileblob(keyblob, pass, filename, 227 if ((r = sshkey_parse_private_fileblob(keyblob, pass, &private,
230 &private, &comment)) != 0 && 228 &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
231 r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
232 fprintf(stderr, "Error loading key \"%s\": %s\n", 229 fprintf(stderr, "Error loading key \"%s\": %s\n",
233 filename, ssh_err(r)); 230 filename, ssh_err(r));
234 goto fail_load; 231 goto fail_load;
235 } 232 }
236 } 233 }
237 if (comment == NULL)
238 comment = xstrdup(filename);
239 if (private == NULL) { 234 if (private == NULL) {
240 /* clear passphrase since it did not work */ 235 /* clear passphrase since it did not work */
241 clear_pass(); 236 clear_pass();
242 snprintf(msg, sizeof msg, "Enter passphrase for %.200s%s: ", 237 snprintf(msg, sizeof msg, "Enter passphrase for %s%s: ",
243 comment, confirm ? " (will confirm each use)" : ""); 238 filename, confirm ? " (will confirm each use)" : "");
244 for (;;) { 239 for (;;) {
245 pass = read_passphrase(msg, RP_ALLOW_STDIN); 240 pass = read_passphrase(msg, RP_ALLOW_STDIN);
246 if (strcmp(pass, "") == 0) 241 if (strcmp(pass, "") == 0)
247 goto fail_load; 242 goto fail_load;
248 if ((r = sshkey_parse_private_fileblob(keyblob, pass, 243 if ((r = sshkey_parse_private_fileblob(keyblob, pass,
249 filename, &private, NULL)) == 0) 244 &private, &comment)) == 0)
250 break; 245 break;
251 else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) { 246 else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
252 fprintf(stderr, 247 fprintf(stderr,
@@ -254,16 +249,17 @@ add_file(int agent_fd, const char *filename, int key_only)
254 filename, ssh_err(r)); 249 filename, ssh_err(r));
255 fail_load: 250 fail_load:
256 clear_pass(); 251 clear_pass();
257 free(comment);
258 sshbuf_free(keyblob); 252 sshbuf_free(keyblob);
259 return -1; 253 return -1;
260 } 254 }
261 clear_pass(); 255 clear_pass();
262 snprintf(msg, sizeof msg, 256 snprintf(msg, sizeof msg,
263 "Bad passphrase, try again for %.200s%s: ", comment, 257 "Bad passphrase, try again for %s%s: ", filename,
264 confirm ? " (will confirm each use)" : ""); 258 confirm ? " (will confirm each use)" : "");
265 } 259 }
266 } 260 }
261 if (comment == NULL || *comment == '\0')
262 comment = xstrdup(filename);
267 sshbuf_free(keyblob); 263 sshbuf_free(keyblob);
268 264
269 if ((r = ssh_add_identity_constrained(agent_fd, private, comment, 265 if ((r = ssh_add_identity_constrained(agent_fd, private, comment,
@@ -386,7 +382,7 @@ list_identities(int agent_fd, int do_fp)
386 if (do_fp) { 382 if (do_fp) {
387 fp = sshkey_fingerprint(idlist->keys[i], 383 fp = sshkey_fingerprint(idlist->keys[i],
388 fingerprint_hash, SSH_FP_DEFAULT); 384 fingerprint_hash, SSH_FP_DEFAULT);
389 printf("%d %s %s (%s)\n", 385 printf("%u %s %s (%s)\n",
390 sshkey_size(idlist->keys[i]), 386 sshkey_size(idlist->keys[i]),
391 fp == NULL ? "(null)" : fp, 387 fp == NULL ? "(null)" : fp,
392 idlist->comments[i], 388 idlist->comments[i],
@@ -485,6 +481,7 @@ main(int argc, char **argv)
485 int r, i, ch, deleting = 0, ret = 0, key_only = 0; 481 int r, i, ch, deleting = 0, ret = 0, key_only = 0;
486 int xflag = 0, lflag = 0, Dflag = 0; 482 int xflag = 0, lflag = 0, Dflag = 0;
487 483
484 ssh_malloc_init(); /* must be called before any mallocs */
488 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 485 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
489 sanitise_stdfd(); 486 sanitise_stdfd();
490 487
diff --git a/ssh-agent.0 b/ssh-agent.0
index 65bf6e70f..2cc5ac6e0 100644
--- a/ssh-agent.0
+++ b/ssh-agent.0
@@ -18,10 +18,10 @@ DESCRIPTION
18 using ssh(1). 18 using ssh(1).
19 19
20 The agent initially does not have any private keys. Keys are added using 20 The agent initially does not have any private keys. Keys are added using
21 ssh-add(1). Multiple identities may be stored in ssh-agent concurrently 21 ssh(1) (see AddKeysToAgent in ssh_config(5) for details) or ssh-add(1).
22 and ssh(1) will automatically use them if present. ssh-add(1) is also 22 Multiple identities may be stored in ssh-agent concurrently and ssh(1)
23 used to remove keys from ssh-agent and to query the keys that are held in 23 will automatically use them if present. ssh-add(1) is also used to
24 one. 24 remove keys from ssh-agent and to query the keys that are held in one.
25 25
26 The options are as follows: 26 The options are as follows:
27 27
@@ -56,8 +56,8 @@ DESCRIPTION
56 for an identity with ssh-add(1) overrides this value. Without 56 for an identity with ssh-add(1) overrides this value. Without
57 this option the default maximum lifetime is forever. 57 this option the default maximum lifetime is forever.
58 58
59 If a commandline is given, this is executed as a subprocess of the agent. 59 If a command line is given, this is executed as a subprocess of the
60 When the command dies, so does the agent. 60 agent. When the command dies, so does the agent.
61 61
62 The idea is that the agent is run in the user's local PC, laptop, or 62 The idea is that the agent is run in the user's local PC, laptop, or
63 terminal. Authentication data need not be stored on any other machine, 63 terminal. Authentication data need not be stored on any other machine,
@@ -109,4 +109,4 @@ AUTHORS
109 created OpenSSH. Markus Friedl contributed the support for SSH protocol 109 created OpenSSH. Markus Friedl contributed the support for SSH protocol
110 versions 1.5 and 2.0. 110 versions 1.5 and 2.0.
111 111
112OpenBSD 5.8 April 24, 2015 OpenBSD 5.8 112OpenBSD 5.9 November 15, 2015 OpenBSD 5.9
diff --git a/ssh-agent.1 b/ssh-agent.1
index d0aa712f1..c4b50bbdf 100644
--- a/ssh-agent.1
+++ b/ssh-agent.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-agent.1,v 1.59 2015/04/24 06:26:49 jmc Exp $ 1.\" $OpenBSD: ssh-agent.1,v 1.62 2015/11/15 23:54:15 jmc Exp $
2.\" 2.\"
3.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 3.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.Dd $Mdocdate: April 24 2015 $ 37.Dd $Mdocdate: November 15 2015 $
38.Dt SSH-AGENT 1 38.Dt SSH-AGENT 1
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -43,7 +43,7 @@
43.Sh SYNOPSIS 43.Sh SYNOPSIS
44.Nm ssh-agent 44.Nm ssh-agent
45.Op Fl c | s 45.Op Fl c | s
46.Op Fl Dd 46.Op Fl \&Dd
47.Op Fl a Ar bind_address 47.Op Fl a Ar bind_address
48.Op Fl E Ar fingerprint_hash 48.Op Fl E Ar fingerprint_hash
49.Op Fl t Ar life 49.Op Fl t Ar life
@@ -66,6 +66,13 @@ machines using
66.Pp 66.Pp
67The agent initially does not have any private keys. 67The agent initially does not have any private keys.
68Keys are added using 68Keys are added using
69.Xr ssh 1
70(see
71.Cm AddKeysToAgent
72in
73.Xr ssh_config 5
74for details)
75or
69.Xr ssh-add 1 . 76.Xr ssh-add 1 .
70Multiple identities may be stored in 77Multiple identities may be stored in
71.Nm 78.Nm
@@ -130,7 +137,7 @@ overrides this value.
130Without this option the default maximum lifetime is forever. 137Without this option the default maximum lifetime is forever.
131.El 138.El
132.Pp 139.Pp
133If a commandline is given, this is executed as a subprocess of the agent. 140If a command line is given, this is executed as a subprocess of the agent.
134When the command dies, so does the agent. 141When the command dies, so does the agent.
135.Pp 142.Pp
136The idea is that the agent is run in the user's local PC, laptop, or 143The idea is that the agent is run in the user's local PC, laptop, or
diff --git a/ssh-agent.c b/ssh-agent.c
index a335ea33d..c38906d94 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-agent.c,v 1.204 2015/07/08 20:24:02 markus Exp $ */ 1/* $OpenBSD: ssh-agent.c,v 1.212 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -368,6 +368,18 @@ process_authentication_challenge1(SocketEntry *e)
368} 368}
369#endif 369#endif
370 370
371static char *
372agent_decode_alg(struct sshkey *key, u_int flags)
373{
374 if (key->type == KEY_RSA) {
375 if (flags & SSH_AGENT_RSA_SHA2_256)
376 return "rsa-sha2-256";
377 else if (flags & SSH_AGENT_RSA_SHA2_512)
378 return "rsa-sha2-512";
379 }
380 return NULL;
381}
382
371/* ssh2 only */ 383/* ssh2 only */
372static void 384static void
373process_sign_request2(SocketEntry *e) 385process_sign_request2(SocketEntry *e)
@@ -389,7 +401,7 @@ process_sign_request2(SocketEntry *e)
389 if (flags & SSH_AGENT_OLD_SIGNATURE) 401 if (flags & SSH_AGENT_OLD_SIGNATURE)
390 compat = SSH_BUG_SIGBLOB; 402 compat = SSH_BUG_SIGBLOB;
391 if ((r = sshkey_from_blob(blob, blen, &key)) != 0) { 403 if ((r = sshkey_from_blob(blob, blen, &key)) != 0) {
392 error("%s: cannot parse key blob: %s", __func__, ssh_err(ok)); 404 error("%s: cannot parse key blob: %s", __func__, ssh_err(r));
393 goto send; 405 goto send;
394 } 406 }
395 if ((id = lookup_identity(key, 2)) == NULL) { 407 if ((id = lookup_identity(key, 2)) == NULL) {
@@ -401,8 +413,8 @@ process_sign_request2(SocketEntry *e)
401 goto send; 413 goto send;
402 } 414 }
403 if ((r = sshkey_sign(id->key, &signature, &slen, 415 if ((r = sshkey_sign(id->key, &signature, &slen,
404 data, dlen, compat)) != 0) { 416 data, dlen, agent_decode_alg(key, flags), compat)) != 0) {
405 error("%s: sshkey_sign: %s", __func__, ssh_err(ok)); 417 error("%s: sshkey_sign: %s", __func__, ssh_err(r));
406 goto send; 418 goto send;
407 } 419 }
408 /* Success */ 420 /* Success */
@@ -1188,6 +1200,7 @@ main(int ac, char **av)
1188 size_t len; 1200 size_t len;
1189 mode_t prev_mask; 1201 mode_t prev_mask;
1190 1202
1203 ssh_malloc_init(); /* must be called before any mallocs */
1191 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 1204 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
1192 sanitise_stdfd(); 1205 sanitise_stdfd();
1193 1206
@@ -1330,6 +1343,7 @@ main(int ac, char **av)
1330 printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, 1343 printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
1331 SSH_AUTHSOCKET_ENV_NAME); 1344 SSH_AUTHSOCKET_ENV_NAME);
1332 printf("echo Agent pid %ld;\n", (long)parent_pid); 1345 printf("echo Agent pid %ld;\n", (long)parent_pid);
1346 fflush(stdout);
1333 goto skip; 1347 goto skip;
1334 } 1348 }
1335 pid = fork(); 1349 pid = fork();
@@ -1402,6 +1416,10 @@ skip:
1402 signal(SIGTERM, cleanup_handler); 1416 signal(SIGTERM, cleanup_handler);
1403 nalloc = 0; 1417 nalloc = 0;
1404 1418
1419 if (pledge("stdio cpath unix id proc exec", NULL) == -1)
1420 fatal("%s: pledge: %s", __progname, strerror(errno));
1421 platform_pledge_agent();
1422
1405 while (1) { 1423 while (1) {
1406 prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp); 1424 prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp);
1407 result = select(max_fd + 1, readsetp, writesetp, NULL, tvp); 1425 result = select(max_fd + 1, readsetp, writesetp, NULL, tvp);
diff --git a/ssh-dss.c b/ssh-dss.c
index 8ed19d849..cc47dcf5f 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-dss.c,v 1.32 2014/06/24 01:13:21 djm Exp $ */ 1/* $OpenBSD: ssh-dss.c,v 1.34 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -122,8 +122,7 @@ ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
122 explicit_bzero(digest, sizeof(digest)); 122 explicit_bzero(digest, sizeof(digest));
123 if (sig != NULL) 123 if (sig != NULL)
124 DSA_SIG_free(sig); 124 DSA_SIG_free(sig);
125 if (b != NULL) 125 sshbuf_free(b);
126 sshbuf_free(b);
127 return ret; 126 return ret;
128} 127}
129 128
@@ -209,10 +208,8 @@ ssh_dss_verify(const struct sshkey *key,
209 explicit_bzero(digest, sizeof(digest)); 208 explicit_bzero(digest, sizeof(digest));
210 if (sig != NULL) 209 if (sig != NULL)
211 DSA_SIG_free(sig); 210 DSA_SIG_free(sig);
212 if (b != NULL) 211 sshbuf_free(b);
213 sshbuf_free(b); 212 free(ktype);
214 if (ktype != NULL)
215 free(ktype);
216 if (sigblob != NULL) { 213 if (sigblob != NULL) {
217 explicit_bzero(sigblob, len); 214 explicit_bzero(sigblob, len);
218 free(sigblob); 215 free(sigblob);
diff --git a/ssh-ecdsa.c b/ssh-ecdsa.c
index 2c76f8b43..74912dfd9 100644
--- a/ssh-ecdsa.c
+++ b/ssh-ecdsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-ecdsa.c,v 1.11 2014/06/24 01:13:21 djm Exp $ */ 1/* $OpenBSD: ssh-ecdsa.c,v 1.12 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2010 Damien Miller. All rights reserved. 4 * Copyright (c) 2010 Damien Miller. All rights reserved.
@@ -99,10 +99,8 @@ ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
99 ret = 0; 99 ret = 0;
100 out: 100 out:
101 explicit_bzero(digest, sizeof(digest)); 101 explicit_bzero(digest, sizeof(digest));
102 if (b != NULL) 102 sshbuf_free(b);
103 sshbuf_free(b); 103 sshbuf_free(bb);
104 if (bb != NULL)
105 sshbuf_free(bb);
106 if (sig != NULL) 104 if (sig != NULL)
107 ECDSA_SIG_free(sig); 105 ECDSA_SIG_free(sig);
108 return ret; 106 return ret;
@@ -179,10 +177,8 @@ ssh_ecdsa_verify(const struct sshkey *key,
179 177
180 out: 178 out:
181 explicit_bzero(digest, sizeof(digest)); 179 explicit_bzero(digest, sizeof(digest));
182 if (sigbuf != NULL) 180 sshbuf_free(sigbuf);
183 sshbuf_free(sigbuf); 181 sshbuf_free(b);
184 if (b != NULL)
185 sshbuf_free(b);
186 if (sig != NULL) 182 if (sig != NULL)
187 ECDSA_SIG_free(sig); 183 ECDSA_SIG_free(sig);
188 free(ktype); 184 free(ktype);
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index 07a45b36b..2b749ae9f 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -31,8 +31,11 @@ SYNOPSIS
31 31
32DESCRIPTION 32DESCRIPTION
33 ssh-keygen generates, manages and converts authentication keys for 33 ssh-keygen generates, manages and converts authentication keys for
34 ssh(1). ssh-keygen can create RSA keys for use by SSH protocol version 1 34 ssh(1). ssh-keygen can create keys for use by SSH protocol versions 1
35 and DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2. 35 and 2. Protocol 1 should not be used and is only offered to support
36 legacy devices. It suffers from a number of cryptographic weaknesses and
37 doesn't support many of the advanced features available for protocol 2.
38
36 The type of key to be generated is specified with the -t option. If 39 The type of key to be generated is specified with the -t option. If
37 invoked without any arguments, ssh-keygen will generate an RSA key for 40 invoked without any arguments, ssh-keygen will generate an RSA key for
38 use in SSH protocol 2 connections. 41 use in SSH protocol 2 connections.
@@ -194,7 +197,7 @@ DESCRIPTION
194 file or using the format described in the KEY REVOCATION LISTS 197 file or using the format described in the KEY REVOCATION LISTS
195 section. 198 section.
196 199
197 -L Prints the contents of a certificate. 200 -L Prints the contents of one or more certificates.
198 201
199 -l Show fingerprint of specified public key file. Private RSA1 keys 202 -l Show fingerprint of specified public key file. Private RSA1 keys
200 are also supported. For RSA and DSA keys ssh-keygen tries to 203 are also supported. For RSA and DSA keys ssh-keygen tries to
@@ -275,11 +278,11 @@ DESCRIPTION
275 278
276 At present, no options are valid for host keys. 279 At present, no options are valid for host keys.
277 280
278 -o Causes ssh-keygen to save SSH protocol 2 private keys using the 281 -o Causes ssh-keygen to save private keys using the new OpenSSH
279 new OpenSSH format rather than the more compatible PEM format. 282 format rather than the more compatible PEM format. The new
280 The new format has increased resistance to brute-force password 283 format has increased resistance to brute-force password cracking
281 cracking but is not supported by versions of OpenSSH prior to 284 but is not supported by versions of OpenSSH prior to 6.5.
282 6.5. Ed25519 keys always use the new private key format. 285 Ed25519 keys always use the new private key format.
283 286
284 -P passphrase 287 -P passphrase
285 Provides the (old) passphrase. 288 Provides the (old) passphrase.
@@ -502,7 +505,7 @@ KEY REVOCATION LISTS
502 505
503 It is also possible, given a KRL, to test whether it revokes a particular 506 It is also possible, given a KRL, to test whether it revokes a particular
504 key (or keys). The -Q flag will query an existing KRL, testing each key 507 key (or keys). The -Q flag will query an existing KRL, testing each key
505 specified on the commandline. If any key listed on the command line has 508 specified on the command line. If any key listed on the command line has
506 been revoked (or an error encountered) then ssh-keygen will exit with a 509 been revoked (or an error encountered) then ssh-keygen will exit with a
507 non-zero exit status. A zero exit status will only be returned if no key 510 non-zero exit status. A zero exit status will only be returned if no key
508 was revoked. 511 was revoked.
@@ -563,4 +566,4 @@ AUTHORS
563 created OpenSSH. Markus Friedl contributed the support for SSH protocol 566 created OpenSSH. Markus Friedl contributed the support for SSH protocol
564 versions 1.5 and 2.0. 567 versions 1.5 and 2.0.
565 568
566OpenBSD 5.8 August 20, 2015 OpenBSD 5.8 569OpenBSD 5.9 February 17, 2016 OpenBSD 5.9
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index ed17a08fa..37a4fc2b2 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keygen.1,v 1.127 2015/08/20 19:20:06 naddy Exp $ 1.\" $OpenBSD: ssh-keygen.1,v 1.130 2016/02/17 07:38:19 jmc Exp $
2.\" 2.\"
3.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 3.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
35.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37.\" 37.\"
38.Dd $Mdocdate: August 20 2015 $ 38.Dd $Mdocdate: February 17 2016 $
39.Dt SSH-KEYGEN 1 39.Dt SSH-KEYGEN 1
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -141,8 +141,12 @@
141generates, manages and converts authentication keys for 141generates, manages and converts authentication keys for
142.Xr ssh 1 . 142.Xr ssh 1 .
143.Nm 143.Nm
144can create RSA keys for use by SSH protocol version 1 and 144can create keys for use by SSH protocol versions 1 and 2.
145DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2. 145Protocol 1 should not be used
146and is only offered to support legacy devices.
147It suffers from a number of cryptographic weaknesses
148and doesn't support many of the advanced features available for protocol 2.
149.Pp
146The type of key to be generated is specified with the 150The type of key to be generated is specified with the
147.Fl t 151.Fl t
148option. 152option.
@@ -376,7 +380,7 @@ using the format described in the
376.Sx KEY REVOCATION LISTS 380.Sx KEY REVOCATION LISTS
377section. 381section.
378.It Fl L 382.It Fl L
379Prints the contents of a certificate. 383Prints the contents of one or more certificates.
380.It Fl l 384.It Fl l
381Show fingerprint of specified public key file. 385Show fingerprint of specified public key file.
382Private RSA1 keys are also supported. 386Private RSA1 keys are also supported.
@@ -474,7 +478,7 @@ At present, no options are valid for host keys.
474.It Fl o 478.It Fl o
475Causes 479Causes
476.Nm 480.Nm
477to save SSH protocol 2 private keys using the new OpenSSH format rather than 481to save private keys using the new OpenSSH format rather than
478the more compatible PEM format. 482the more compatible PEM format.
479The new format has increased resistance to brute-force password cracking 483The new format has increased resistance to brute-force password cracking
480but is not supported by versions of OpenSSH prior to 6.5. 484but is not supported by versions of OpenSSH prior to 6.5.
@@ -781,7 +785,7 @@ It is also possible, given a KRL, to test whether it revokes a particular key
781(or keys). 785(or keys).
782The 786The
783.Fl Q 787.Fl Q
784flag will query an existing KRL, testing each key specified on the commandline. 788flag will query an existing KRL, testing each key specified on the command line.
785If any key listed on the command line has been revoked (or an error encountered) 789If any key listed on the command line has been revoked (or an error encountered)
786then 790then
787.Nm 791.Nm
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 4e0a85554..478520123 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.277 2015/08/19 23:17:51 djm Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -523,7 +523,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
523 sshbuf_free(b); 523 sshbuf_free(b);
524 524
525 /* try the key */ 525 /* try the key */
526 if (sshkey_sign(key, &sig, &slen, data, sizeof(data), 0) != 0 || 526 if (sshkey_sign(key, &sig, &slen, data, sizeof(data), NULL, 0) != 0 ||
527 sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) { 527 sshkey_verify(key, sig, slen, data, sizeof(data), 0) != 0) {
528 sshkey_free(key); 528 sshkey_free(key);
529 free(sig); 529 free(sig);
@@ -808,116 +808,162 @@ do_download(struct passwd *pw)
808#endif /* ENABLE_PKCS11 */ 808#endif /* ENABLE_PKCS11 */
809} 809}
810 810
811static struct sshkey *
812try_read_key(char **cpp)
813{
814 struct sshkey *ret;
815 int r;
816
817 if ((ret = sshkey_new(KEY_RSA1)) == NULL)
818 fatal("sshkey_new failed");
819 /* Try RSA1 */
820 if ((r = sshkey_read(ret, cpp)) == 0)
821 return ret;
822 /* Try modern */
823 sshkey_free(ret);
824 if ((ret = sshkey_new(KEY_UNSPEC)) == NULL)
825 fatal("sshkey_new failed");
826 if ((r = sshkey_read(ret, cpp)) == 0)
827 return ret;
828 /* Not a key */
829 sshkey_free(ret);
830 return NULL;
831}
832
811static void 833static void
812do_fingerprint(struct passwd *pw) 834fingerprint_one_key(const struct sshkey *public, const char *comment)
813{ 835{
814 FILE *f; 836 char *fp = NULL, *ra = NULL;
815 struct sshkey *public;
816 char *comment = NULL, *cp, *ep, line[16*1024], *fp, *ra;
817 int r, i, skip = 0, num = 0, invalid = 1;
818 enum sshkey_fp_rep rep; 837 enum sshkey_fp_rep rep;
819 int fptype; 838 int fptype;
820 struct stat st;
821 839
822 fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash; 840 fptype = print_bubblebabble ? SSH_DIGEST_SHA1 : fingerprint_hash;
823 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT; 841 rep = print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_DEFAULT;
824 if (!have_identity) 842 fp = sshkey_fingerprint(public, fptype, rep);
825 ask_filename(pw, "Enter file in which the key is"); 843 ra = sshkey_fingerprint(public, fingerprint_hash, SSH_FP_RANDOMART);
844 if (fp == NULL || ra == NULL)
845 fatal("%s: sshkey_fingerprint failed", __func__);
846 printf("%u %s %s (%s)\n", sshkey_size(public), fp,
847 comment ? comment : "no comment", sshkey_type(public));
848 if (log_level >= SYSLOG_LEVEL_VERBOSE)
849 printf("%s\n", ra);
850 free(ra);
851 free(fp);
852}
853
854static void
855fingerprint_private(const char *path)
856{
857 struct stat st;
858 char *comment = NULL;
859 struct sshkey *public = NULL;
860 int r;
861
826 if (stat(identity_file, &st) < 0) 862 if (stat(identity_file, &st) < 0)
827 fatal("%s: %s", identity_file, strerror(errno)); 863 fatal("%s: %s", path, strerror(errno));
828 if ((r = sshkey_load_public(identity_file, &public, &comment)) != 0) 864 if ((r = sshkey_load_public(path, &public, &comment)) != 0) {
829 debug2("Error loading public key \"%s\": %s", 865 debug("load public \"%s\": %s", path, ssh_err(r));
830 identity_file, ssh_err(r)); 866 if ((r = sshkey_load_private(path, NULL,
831 else { 867 &public, &comment)) != 0) {
832 fp = sshkey_fingerprint(public, fptype, rep); 868 debug("load private \"%s\": %s", path, ssh_err(r));
833 ra = sshkey_fingerprint(public, fingerprint_hash, 869 fatal("%s is not a key file.", path);
834 SSH_FP_RANDOMART); 870 }
835 if (fp == NULL || ra == NULL)
836 fatal("%s: sshkey_fingerprint fail", __func__);
837 printf("%u %s %s (%s)\n", sshkey_size(public), fp, comment,
838 sshkey_type(public));
839 if (log_level >= SYSLOG_LEVEL_VERBOSE)
840 printf("%s\n", ra);
841 sshkey_free(public);
842 free(comment);
843 free(ra);
844 free(fp);
845 exit(0);
846 }
847 if (comment) {
848 free(comment);
849 comment = NULL;
850 } 871 }
851 872
852 if ((f = fopen(identity_file, "r")) == NULL) 873 fingerprint_one_key(public, comment);
853 fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); 874 sshkey_free(public);
875 free(comment);
876}
854 877
855 while (fgets(line, sizeof(line), f)) { 878static void
856 if ((cp = strchr(line, '\n')) == NULL) { 879do_fingerprint(struct passwd *pw)
857 error("line %d too long: %.40s...", 880{
858 num + 1, line); 881 FILE *f;
859 skip = 1; 882 struct sshkey *public = NULL;
883 char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES];
884 int i, invalid = 1;
885 const char *path;
886 long int lnum = 0;
887
888 if (!have_identity)
889 ask_filename(pw, "Enter file in which the key is");
890 path = identity_file;
891
892 if (strcmp(identity_file, "-") == 0) {
893 f = stdin;
894 path = "(stdin)";
895 } else if ((f = fopen(path, "r")) == NULL)
896 fatal("%s: %s: %s", __progname, path, strerror(errno));
897
898 while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) {
899 cp = line;
900 cp[strcspn(cp, "\n")] = '\0';
901 /* Trim leading space and comments */
902 cp = line + strspn(line, " \t");
903 if (*cp == '#' || *cp == '\0')
860 continue; 904 continue;
905
906 /*
907 * Input may be plain keys, private keys, authorized_keys
908 * or known_hosts.
909 */
910
911 /*
912 * Try private keys first. Assume a key is private if
913 * "SSH PRIVATE KEY" appears on the first line and we're
914 * not reading from stdin (XXX support private keys on stdin).
915 */
916 if (lnum == 1 && strcmp(identity_file, "-") != 0 &&
917 strstr(cp, "PRIVATE KEY") != NULL) {
918 fclose(f);
919 fingerprint_private(path);
920 exit(0);
861 } 921 }
862 num++; 922
863 if (skip) { 923 /*
864 skip = 0; 924 * If it's not a private key, then this must be prepared to
925 * accept a public key prefixed with a hostname or options.
926 * Try a bare key first, otherwise skip the leading stuff.
927 */
928 if ((public = try_read_key(&cp)) == NULL) {
929 i = strtol(cp, &ep, 10);
930 if (i == 0 || ep == NULL ||
931 (*ep != ' ' && *ep != '\t')) {
932 int quoted = 0;
933
934 comment = cp;
935 for (; *cp && (quoted || (*cp != ' ' &&
936 *cp != '\t')); cp++) {
937 if (*cp == '\\' && cp[1] == '"')
938 cp++; /* Skip both */
939 else if (*cp == '"')
940 quoted = !quoted;
941 }
942 if (!*cp)
943 continue;
944 *cp++ = '\0';
945 }
946 }
947 /* Retry after parsing leading hostname/key options */
948 if (public == NULL && (public = try_read_key(&cp)) == NULL) {
949 debug("%s:%ld: not a public key", path, lnum);
865 continue; 950 continue;
866 } 951 }
867 *cp = '\0';
868 952
869 /* Skip leading whitespace, empty and comment lines. */ 953 /* Find trailing comment, if any */
870 for (cp = line; *cp == ' ' || *cp == '\t'; cp++) 954 for (; *cp == ' ' || *cp == '\t'; cp++)
871 ; 955 ;
872 if (!*cp || *cp == '\n' || *cp == '#') 956 if (*cp != '\0' && *cp != '#')
873 continue;
874 i = strtol(cp, &ep, 10);
875 if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) {
876 int quoted = 0;
877 comment = cp; 957 comment = cp;
878 for (; *cp && (quoted || (*cp != ' ' && 958
879 *cp != '\t')); cp++) { 959 fingerprint_one_key(public, comment);
880 if (*cp == '\\' && cp[1] == '"')
881 cp++; /* Skip both */
882 else if (*cp == '"')
883 quoted = !quoted;
884 }
885 if (!*cp)
886 continue;
887 *cp++ = '\0';
888 }
889 ep = cp;
890 if ((public = sshkey_new(KEY_RSA1)) == NULL)
891 fatal("sshkey_new failed");
892 if ((r = sshkey_read(public, &cp)) != 0) {
893 cp = ep;
894 sshkey_free(public);
895 if ((public = sshkey_new(KEY_UNSPEC)) == NULL)
896 fatal("sshkey_new failed");
897 if ((r = sshkey_read(public, &cp)) != 0) {
898 sshkey_free(public);
899 continue;
900 }
901 }
902 comment = *cp ? cp : comment;
903 fp = sshkey_fingerprint(public, fptype, rep);
904 ra = sshkey_fingerprint(public, fingerprint_hash,
905 SSH_FP_RANDOMART);
906 if (fp == NULL || ra == NULL)
907 fatal("%s: sshkey_fingerprint fail", __func__);
908 printf("%u %s %s (%s)\n", sshkey_size(public), fp,
909 comment ? comment : "no comment", sshkey_type(public));
910 if (log_level >= SYSLOG_LEVEL_VERBOSE)
911 printf("%s\n", ra);
912 free(ra);
913 free(fp);
914 sshkey_free(public); 960 sshkey_free(public);
915 invalid = 0; 961 invalid = 0; /* One good key in the file is sufficient */
916 } 962 }
917 fclose(f); 963 fclose(f);
918 964
919 if (invalid) 965 if (invalid)
920 fatal("%s is not a public key file.", identity_file); 966 fatal("%s is not a public key file.", path);
921 exit(0); 967 exit(0);
922} 968}
923 969
@@ -1185,8 +1231,11 @@ do_known_hosts(struct passwd *pw, const char *name)
1185 foreach_options |= print_fingerprint ? HKF_WANT_PARSE_KEY : 0; 1231 foreach_options |= print_fingerprint ? HKF_WANT_PARSE_KEY : 0;
1186 if ((r = hostkeys_foreach(identity_file, 1232 if ((r = hostkeys_foreach(identity_file,
1187 hash_hosts ? known_hosts_hash : known_hosts_find_delete, &ctx, 1233 hash_hosts ? known_hosts_hash : known_hosts_find_delete, &ctx,
1188 name, NULL, foreach_options)) != 0) 1234 name, NULL, foreach_options)) != 0) {
1235 if (inplace)
1236 unlink(tmp);
1189 fatal("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r)); 1237 fatal("%s: hostkeys_foreach failed: %s", __func__, ssh_err(r));
1238 }
1190 1239
1191 if (inplace) 1240 if (inplace)
1192 fclose(ctx.out); 1241 fclose(ctx.out);
@@ -1383,9 +1432,11 @@ do_change_comment(struct passwd *pw)
1383 identity_file, ssh_err(r)); 1432 identity_file, ssh_err(r));
1384 } 1433 }
1385 } 1434 }
1386 /* XXX what about new-format keys? */ 1435
1387 if (private->type != KEY_RSA1) { 1436 if (private->type != KEY_RSA1 && private->type != KEY_ED25519 &&
1388 error("Comments are only supported for RSA1 keys."); 1437 !use_new_format) {
1438 error("Comments are only supported for RSA1 or keys stored in "
1439 "the new format (-o).");
1389 explicit_bzero(passphrase, strlen(passphrase)); 1440 explicit_bzero(passphrase, strlen(passphrase));
1390 sshkey_free(private); 1441 sshkey_free(private);
1391 exit(1); 1442 exit(1);
@@ -1441,44 +1492,6 @@ do_change_comment(struct passwd *pw)
1441 exit(0); 1492 exit(0);
1442} 1493}
1443 1494
1444static const char *
1445fmt_validity(u_int64_t valid_from, u_int64_t valid_to)
1446{
1447 char from[32], to[32];
1448 static char ret[64];
1449 time_t tt;
1450 struct tm *tm;
1451
1452 *from = *to = '\0';
1453 if (valid_from == 0 && valid_to == 0xffffffffffffffffULL)
1454 return "forever";
1455
1456 if (valid_from != 0) {
1457 /* XXX revisit INT_MAX in 2038 :) */
1458 tt = valid_from > INT_MAX ? INT_MAX : valid_from;
1459 tm = localtime(&tt);
1460 strftime(from, sizeof(from), "%Y-%m-%dT%H:%M:%S", tm);
1461 }
1462 if (valid_to != 0xffffffffffffffffULL) {
1463 /* XXX revisit INT_MAX in 2038 :) */
1464 tt = valid_to > INT_MAX ? INT_MAX : valid_to;
1465 tm = localtime(&tt);
1466 strftime(to, sizeof(to), "%Y-%m-%dT%H:%M:%S", tm);
1467 }
1468
1469 if (valid_from == 0) {
1470 snprintf(ret, sizeof(ret), "before %s", to);
1471 return ret;
1472 }
1473 if (valid_to == 0xffffffffffffffffULL) {
1474 snprintf(ret, sizeof(ret), "after %s", from);
1475 return ret;
1476 }
1477
1478 snprintf(ret, sizeof(ret), "from %s to %s", from, to);
1479 return ret;
1480}
1481
1482static void 1495static void
1483add_flag_option(struct sshbuf *c, const char *name) 1496add_flag_option(struct sshbuf *c, const char *name)
1484{ 1497{
@@ -1572,7 +1585,7 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1572 int r, i, fd; 1585 int r, i, fd;
1573 u_int n; 1586 u_int n;
1574 struct sshkey *ca, *public; 1587 struct sshkey *ca, *public;
1575 char *otmp, *tmp, *cp, *out, *comment, **plist = NULL; 1588 char valid[64], *otmp, *tmp, *cp, *out, *comment, **plist = NULL;
1576 FILE *f; 1589 FILE *f;
1577 1590
1578#ifdef ENABLE_PKCS11 1591#ifdef ENABLE_PKCS11
@@ -1647,13 +1660,15 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1647 fclose(f); 1660 fclose(f);
1648 1661
1649 if (!quiet) { 1662 if (!quiet) {
1663 sshkey_format_cert_validity(public->cert,
1664 valid, sizeof(valid));
1650 logit("Signed %s key %s: id \"%s\" serial %llu%s%s " 1665 logit("Signed %s key %s: id \"%s\" serial %llu%s%s "
1651 "valid %s", sshkey_cert_type(public), 1666 "valid %s", sshkey_cert_type(public),
1652 out, public->cert->key_id, 1667 out, public->cert->key_id,
1653 (unsigned long long)public->cert->serial, 1668 (unsigned long long)public->cert->serial,
1654 cert_principals != NULL ? " for " : "", 1669 cert_principals != NULL ? " for " : "",
1655 cert_principals != NULL ? cert_principals : "", 1670 cert_principals != NULL ? cert_principals : "",
1656 fmt_validity(cert_valid_from, cert_valid_to)); 1671 valid);
1657 } 1672 }
1658 1673
1659 sshkey_free(public); 1674 sshkey_free(public);
@@ -1687,7 +1702,7 @@ parse_absolute_time(const char *s)
1687 char buf[32], *fmt; 1702 char buf[32], *fmt;
1688 1703
1689 /* 1704 /*
1690 * POSIX strptime says "The application shall ensure that there 1705 * POSIX strptime says "The application shall ensure that there
1691 * is white-space or other non-alphanumeric characters between 1706 * is white-space or other non-alphanumeric characters between
1692 * any two conversion specifications" so arrange things this way. 1707 * any two conversion specifications" so arrange things this way.
1693 */ 1708 */
@@ -1851,31 +1866,18 @@ show_options(struct sshbuf *optbuf, int in_critical)
1851} 1866}
1852 1867
1853static void 1868static void
1854do_show_cert(struct passwd *pw) 1869print_cert(struct sshkey *key)
1855{ 1870{
1856 struct sshkey *key; 1871 char valid[64], *key_fp, *ca_fp;
1857 struct stat st;
1858 char *key_fp, *ca_fp;
1859 u_int i; 1872 u_int i;
1860 int r;
1861
1862 if (!have_identity)
1863 ask_filename(pw, "Enter file in which the key is");
1864 if (stat(identity_file, &st) < 0)
1865 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
1866 if ((r = sshkey_load_public(identity_file, &key, NULL)) != 0)
1867 fatal("Cannot load public key \"%s\": %s",
1868 identity_file, ssh_err(r));
1869 if (!sshkey_is_cert(key))
1870 fatal("%s is not a certificate", identity_file);
1871 1873
1872 key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT); 1874 key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT);
1873 ca_fp = sshkey_fingerprint(key->cert->signature_key, 1875 ca_fp = sshkey_fingerprint(key->cert->signature_key,
1874 fingerprint_hash, SSH_FP_DEFAULT); 1876 fingerprint_hash, SSH_FP_DEFAULT);
1875 if (key_fp == NULL || ca_fp == NULL) 1877 if (key_fp == NULL || ca_fp == NULL)
1876 fatal("%s: sshkey_fingerprint fail", __func__); 1878 fatal("%s: sshkey_fingerprint fail", __func__);
1879 sshkey_format_cert_validity(key->cert, valid, sizeof(valid));
1877 1880
1878 printf("%s:\n", identity_file);
1879 printf(" Type: %s %s certificate\n", sshkey_ssh_name(key), 1881 printf(" Type: %s %s certificate\n", sshkey_ssh_name(key),
1880 sshkey_cert_type(key)); 1882 sshkey_cert_type(key));
1881 printf(" Public key: %s %s\n", sshkey_type(key), key_fp); 1883 printf(" Public key: %s %s\n", sshkey_type(key), key_fp);
@@ -1883,8 +1885,7 @@ do_show_cert(struct passwd *pw)
1883 sshkey_type(key->cert->signature_key), ca_fp); 1885 sshkey_type(key->cert->signature_key), ca_fp);
1884 printf(" Key ID: \"%s\"\n", key->cert->key_id); 1886 printf(" Key ID: \"%s\"\n", key->cert->key_id);
1885 printf(" Serial: %llu\n", (unsigned long long)key->cert->serial); 1887 printf(" Serial: %llu\n", (unsigned long long)key->cert->serial);
1886 printf(" Valid: %s\n", 1888 printf(" Valid: %s\n", valid);
1887 fmt_validity(key->cert->valid_after, key->cert->valid_before));
1888 printf(" Principals: "); 1889 printf(" Principals: ");
1889 if (key->cert->nprincipals == 0) 1890 if (key->cert->nprincipals == 0)
1890 printf("(none)\n"); 1891 printf("(none)\n");
@@ -1908,7 +1909,60 @@ do_show_cert(struct passwd *pw)
1908 printf("\n"); 1909 printf("\n");
1909 show_options(key->cert->extensions, 0); 1910 show_options(key->cert->extensions, 0);
1910 } 1911 }
1911 exit(0); 1912}
1913
1914static void
1915do_show_cert(struct passwd *pw)
1916{
1917 struct sshkey *key = NULL;
1918 struct stat st;
1919 int r, is_stdin = 0, ok = 0;
1920 FILE *f;
1921 char *cp, line[SSH_MAX_PUBKEY_BYTES];
1922 const char *path;
1923 long int lnum = 0;
1924
1925 if (!have_identity)
1926 ask_filename(pw, "Enter file in which the key is");
1927 if (strcmp(identity_file, "-") != 0 && stat(identity_file, &st) < 0)
1928 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
1929
1930 path = identity_file;
1931 if (strcmp(path, "-") == 0) {
1932 f = stdin;
1933 path = "(stdin)";
1934 is_stdin = 1;
1935 } else if ((f = fopen(identity_file, "r")) == NULL)
1936 fatal("fopen %s: %s", identity_file, strerror(errno));
1937
1938 while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) {
1939 sshkey_free(key);
1940 key = NULL;
1941 /* Trim leading space and comments */
1942 cp = line + strspn(line, " \t");
1943 if (*cp == '#' || *cp == '\0')
1944 continue;
1945 if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
1946 fatal("key_new");
1947 if ((r = sshkey_read(key, &cp)) != 0) {
1948 error("%s:%lu: invalid key: %s", path,
1949 lnum, ssh_err(r));
1950 continue;
1951 }
1952 if (!sshkey_is_cert(key)) {
1953 error("%s:%lu is not a certificate", path, lnum);
1954 continue;
1955 }
1956 ok = 1;
1957 if (!is_stdin && lnum == 1)
1958 printf("%s:\n", path);
1959 else
1960 printf("%s:%lu:\n", path, lnum);
1961 print_cert(key);
1962 }
1963 sshkey_free(key);
1964 fclose(f);
1965 exit(ok ? 0 : 1);
1912} 1966}
1913 1967
1914static void 1968static void
@@ -2112,8 +2166,7 @@ do_gen_krl(struct passwd *pw, int updating, int argc, char **argv)
2112 close(fd); 2166 close(fd);
2113 sshbuf_free(kbuf); 2167 sshbuf_free(kbuf);
2114 ssh_krl_free(krl); 2168 ssh_krl_free(krl);
2115 if (ca != NULL) 2169 sshkey_free(ca);
2116 sshkey_free(ca);
2117} 2170}
2118 2171
2119static void 2172static void
@@ -2208,6 +2261,7 @@ main(int argc, char **argv)
2208 extern int optind; 2261 extern int optind;
2209 extern char *optarg; 2262 extern char *optarg;
2210 2263
2264 ssh_malloc_init(); /* must be called before any mallocs */
2211 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 2265 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
2212 sanitise_stdfd(); 2266 sanitise_stdfd();
2213 2267
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0
index 500c1dd30..5578cc504 100644
--- a/ssh-keyscan.0
+++ b/ssh-keyscan.0
@@ -4,7 +4,7 @@ NAME
4 ssh-keyscan M-bM-^@M-^S gather ssh public keys 4 ssh-keyscan M-bM-^@M-^S gather ssh public keys
5 5
6SYNOPSIS 6SYNOPSIS
7 ssh-keyscan [-46Hv] [-f file] [-p port] [-T timeout] [-t type] 7 ssh-keyscan [-46cHv] [-f file] [-p port] [-T timeout] [-t type]
8 [host | addrlist namelist] ... 8 [host | addrlist namelist] ...
9 9
10DESCRIPTION 10DESCRIPTION
@@ -26,6 +26,8 @@ DESCRIPTION
26 26
27 -6 Forces ssh-keyscan to use IPv6 addresses only. 27 -6 Forces ssh-keyscan to use IPv6 addresses only.
28 28
29 -c Request certificates from target hosts instead of plain keys.
30
29 -f file 31 -f file
30 Read hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from file, one per line. 32 Read hosts or M-bM-^@M-^\addrlist namelistM-bM-^@M-^] pairs from file, one per line.
31 If - is supplied instead of a filename, ssh-keyscan will read 33 If - is supplied instead of a filename, ssh-keyscan will read
@@ -106,4 +108,4 @@ BUGS
106 This is because it opens a connection to the ssh port, reads the public 108 This is because it opens a connection to the ssh port, reads the public
107 key, and drops the connection as soon as it gets the key. 109 key, and drops the connection as soon as it gets the key.
108 110
109OpenBSD 5.8 August 30, 2014 OpenBSD 5.8 111OpenBSD 5.9 November 8, 2015 OpenBSD 5.9
diff --git a/ssh-keyscan.1 b/ssh-keyscan.1
index 6bbc480cd..d29d9d906 100644
--- a/ssh-keyscan.1
+++ b/ssh-keyscan.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keyscan.1,v 1.36 2014/08/30 15:33:50 sobrado Exp $ 1.\" $OpenBSD: ssh-keyscan.1,v 1.38 2015/11/08 23:24:03 jmc Exp $
2.\" 2.\"
3.\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3.\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4.\" 4.\"
@@ -6,7 +6,7 @@
6.\" permitted provided that due credit is given to the author and the 6.\" permitted provided that due credit is given to the author and the
7.\" OpenBSD project by leaving this copyright notice intact. 7.\" OpenBSD project by leaving this copyright notice intact.
8.\" 8.\"
9.Dd $Mdocdate: August 30 2014 $ 9.Dd $Mdocdate: November 8 2015 $
10.Dt SSH-KEYSCAN 1 10.Dt SSH-KEYSCAN 1
11.Os 11.Os
12.Sh NAME 12.Sh NAME
@@ -15,7 +15,7 @@
15.Sh SYNOPSIS 15.Sh SYNOPSIS
16.Nm ssh-keyscan 16.Nm ssh-keyscan
17.Bk -words 17.Bk -words
18.Op Fl 46Hv 18.Op Fl 46cHv
19.Op Fl f Ar file 19.Op Fl f Ar file
20.Op Fl p Ar port 20.Op Fl p Ar port
21.Op Fl T Ar timeout 21.Op Fl T Ar timeout
@@ -54,6 +54,8 @@ to use IPv4 addresses only.
54Forces 54Forces
55.Nm 55.Nm
56to use IPv6 addresses only. 56to use IPv6 addresses only.
57.It Fl c
58Request certificates from target hosts instead of plain keys.
57.It Fl f Ar file 59.It Fl f Ar file
58Read hosts or 60Read hosts or
59.Dq addrlist namelist 61.Dq addrlist namelist
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 57d88429b..7fe61e4e1 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.101 2015/04/10 00:08:55 djm Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.105 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -60,6 +60,7 @@ int ssh_port = SSH_DEFAULT_PORT;
60#define KT_ECDSA 8 60#define KT_ECDSA 8
61#define KT_ED25519 16 61#define KT_ED25519 16
62 62
63int get_cert = 0;
63int get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519; 64int get_keytypes = KT_RSA|KT_ECDSA|KT_ED25519;
64 65
65int hash_hosts = 0; /* Hash hostname on output */ 66int hash_hosts = 0; /* Hash hostname on output */
@@ -267,11 +268,32 @@ keygrab_ssh2(con *c)
267 int r; 268 int r;
268 269
269 enable_compat20(); 270 enable_compat20();
270 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = 271 switch (c->c_keytype) {
271 c->c_keytype == KT_DSA ? "ssh-dss" : 272 case KT_DSA:
272 (c->c_keytype == KT_RSA ? "ssh-rsa" : 273 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
273 (c->c_keytype == KT_ED25519 ? "ssh-ed25519" : 274 "ssh-dss-cert-v01@openssh.com" : "ssh-dss";
274 "ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521")); 275 break;
276 case KT_RSA:
277 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
278 "ssh-rsa-cert-v01@openssh.com" : "ssh-rsa";
279 break;
280 case KT_ED25519:
281 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
282 "ssh-ed25519-cert-v01@openssh.com" : "ssh-ed25519";
283 break;
284 case KT_ECDSA:
285 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = get_cert ?
286 "ecdsa-sha2-nistp256-cert-v01@openssh.com,"
287 "ecdsa-sha2-nistp384-cert-v01@openssh.com,"
288 "ecdsa-sha2-nistp521-cert-v01@openssh.com" :
289 "ecdsa-sha2-nistp256,"
290 "ecdsa-sha2-nistp384,"
291 "ecdsa-sha2-nistp521";
292 break;
293 default:
294 fatal("unknown key type %d", c->c_keytype);
295 break;
296 }
275 if ((r = kex_setup(c->c_ssh, myproposal)) != 0) { 297 if ((r = kex_setup(c->c_ssh, myproposal)) != 0) {
276 free(c->c_ssh); 298 free(c->c_ssh);
277 fprintf(stderr, "kex_setup: %s\n", ssh_err(r)); 299 fprintf(stderr, "kex_setup: %s\n", ssh_err(r));
@@ -296,23 +318,39 @@ keygrab_ssh2(con *c)
296} 318}
297 319
298static void 320static void
299keyprint(con *c, struct sshkey *key) 321keyprint_one(char *host, struct sshkey *key)
300{ 322{
301 char *host = c->c_output_name ? c->c_output_name : c->c_name; 323 char *hostport;
302 char *hostport = NULL;
303 324
304 if (!key)
305 return;
306 if (hash_hosts && (host = host_hash(host, NULL, 0)) == NULL) 325 if (hash_hosts && (host = host_hash(host, NULL, 0)) == NULL)
307 fatal("host_hash failed"); 326 fatal("host_hash failed");
308 327
309 hostport = put_host_port(host, ssh_port); 328 hostport = put_host_port(host, ssh_port);
310 fprintf(stdout, "%s ", hostport); 329 if (!get_cert)
330 fprintf(stdout, "%s ", hostport);
311 sshkey_write(key, stdout); 331 sshkey_write(key, stdout);
312 fputs("\n", stdout); 332 fputs("\n", stdout);
313 free(hostport); 333 free(hostport);
314} 334}
315 335
336static void
337keyprint(con *c, struct sshkey *key)
338{
339 char *hosts = c->c_output_name ? c->c_output_name : c->c_name;
340 char *host, *ohosts;
341
342 if (key == NULL)
343 return;
344 if (get_cert || (!hash_hosts && ssh_port == SSH_DEFAULT_PORT)) {
345 keyprint_one(hosts, key);
346 return;
347 }
348 ohosts = hosts = xstrdup(hosts);
349 while ((host = strsep(&hosts, ",")) != NULL)
350 keyprint_one(host, key);
351 free(ohosts);
352}
353
316static int 354static int
317tcpconnect(char *host) 355tcpconnect(char *host)
318{ 356{
@@ -369,6 +407,7 @@ conalloc(char *iname, char *oname, int keytype)
369 if (fdcon[s].c_status) 407 if (fdcon[s].c_status)
370 fatal("conalloc: attempt to reuse fdno %d", s); 408 fatal("conalloc: attempt to reuse fdno %d", s);
371 409
410 debug3("%s: oname %s kt %d", __func__, oname, keytype);
372 fdcon[s].c_fd = s; 411 fdcon[s].c_fd = s;
373 fdcon[s].c_status = CS_CON; 412 fdcon[s].c_status = CS_CON;
374 fdcon[s].c_namebase = namebase; 413 fdcon[s].c_namebase = namebase;
@@ -639,7 +678,7 @@ static void
639usage(void) 678usage(void)
640{ 679{
641 fprintf(stderr, 680 fprintf(stderr,
642 "usage: %s [-46Hv] [-f file] [-p port] [-T timeout] [-t type]\n" 681 "usage: %s [-46cHv] [-f file] [-p port] [-T timeout] [-t type]\n"
643 "\t\t [host | addrlist namelist] ...\n", 682 "\t\t [host | addrlist namelist] ...\n",
644 __progname); 683 __progname);
645 exit(1); 684 exit(1);
@@ -657,6 +696,7 @@ main(int argc, char **argv)
657 extern int optind; 696 extern int optind;
658 extern char *optarg; 697 extern char *optarg;
659 698
699 ssh_malloc_init(); /* must be called before any mallocs */
660 __progname = ssh_get_progname(argv[0]); 700 __progname = ssh_get_progname(argv[0]);
661 seed_rng(); 701 seed_rng();
662 TAILQ_INIT(&tq); 702 TAILQ_INIT(&tq);
@@ -667,11 +707,14 @@ main(int argc, char **argv)
667 if (argc <= 1) 707 if (argc <= 1)
668 usage(); 708 usage();
669 709
670 while ((opt = getopt(argc, argv, "Hv46p:T:t:f:")) != -1) { 710 while ((opt = getopt(argc, argv, "cHv46p:T:t:f:")) != -1) {
671 switch (opt) { 711 switch (opt) {
672 case 'H': 712 case 'H':
673 hash_hosts = 1; 713 hash_hosts = 1;
674 break; 714 break;
715 case 'c':
716 get_cert = 1;
717 break;
675 case 'p': 718 case 'p':
676 ssh_port = a2port(optarg); 719 ssh_port = a2port(optarg);
677 if (ssh_port <= 0) { 720 if (ssh_port <= 0) {
diff --git a/ssh-keysign.0 b/ssh-keysign.0
index 7db72c714..65d75f313 100644
--- a/ssh-keysign.0
+++ b/ssh-keysign.0
@@ -8,8 +8,7 @@ SYNOPSIS
8 8
9DESCRIPTION 9DESCRIPTION
10 ssh-keysign is used by ssh(1) to access the local host keys and generate 10 ssh-keysign is used by ssh(1) to access the local host keys and generate
11 the digital signature required during host-based authentication with SSH 11 the digital signature required during host-based authentication.
12 protocol version 2.
13 12
14 ssh-keysign is disabled by default and can only be enabled in the global 13 ssh-keysign is disabled by default and can only be enabled in the global
15 client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign 14 client configuration file /etc/ssh/ssh_config by setting EnableSSHKeysign
@@ -50,4 +49,4 @@ HISTORY
50AUTHORS 49AUTHORS
51 Markus Friedl <markus@openbsd.org> 50 Markus Friedl <markus@openbsd.org>
52 51
53OpenBSD 5.8 December 7, 2013 OpenBSD 5.8 52OpenBSD 5.9 February 17, 2016 OpenBSD 5.9
diff --git a/ssh-keysign.8 b/ssh-keysign.8
index 69d082954..19b0dbc53 100644
--- a/ssh-keysign.8
+++ b/ssh-keysign.8
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keysign.8,v 1.14 2013/12/07 11:58:46 naddy Exp $ 1.\" $OpenBSD: ssh-keysign.8,v 1.15 2016/02/17 07:38:19 jmc Exp $
2.\" 2.\"
3.\" Copyright (c) 2002 Markus Friedl. All rights reserved. 3.\" Copyright (c) 2002 Markus Friedl. All rights reserved.
4.\" 4.\"
@@ -22,7 +22,7 @@
22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24.\" 24.\"
25.Dd $Mdocdate: December 7 2013 $ 25.Dd $Mdocdate: February 17 2016 $
26.Dt SSH-KEYSIGN 8 26.Dt SSH-KEYSIGN 8
27.Os 27.Os
28.Sh NAME 28.Sh NAME
@@ -35,7 +35,7 @@
35is used by 35is used by
36.Xr ssh 1 36.Xr ssh 1
37to access the local host keys and generate the digital signature 37to access the local host keys and generate the digital signature
38required during host-based authentication with SSH protocol version 2. 38required during host-based authentication.
39.Pp 39.Pp
40.Nm 40.Nm
41is disabled by default and can only be enabled in the 41is disabled by default and can only be enabled in the
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 1dca3e289..ac5034de8 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keysign.c,v 1.49 2015/07/03 03:56:25 djm Exp $ */ 1/* $OpenBSD: ssh-keysign.c,v 1.52 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -34,6 +34,7 @@
34#include <stdlib.h> 34#include <stdlib.h>
35#include <string.h> 35#include <string.h>
36#include <unistd.h> 36#include <unistd.h>
37#include <errno.h>
37 38
38#ifdef WITH_OPENSSL 39#ifdef WITH_OPENSSL
39#include <openssl/evp.h> 40#include <openssl/evp.h>
@@ -59,6 +60,8 @@
59 60
60struct ssh *active_state = NULL; /* XXX needed for linking */ 61struct ssh *active_state = NULL; /* XXX needed for linking */
61 62
63extern char *__progname;
64
62/* XXX readconf.c needs these */ 65/* XXX readconf.c needs these */
63uid_t original_real_uid; 66uid_t original_real_uid;
64 67
@@ -179,6 +182,10 @@ main(int argc, char **argv)
179 u_int32_t rnd[256]; 182 u_int32_t rnd[256];
180#endif 183#endif
181 184
185 ssh_malloc_init(); /* must be called before any mallocs */
186 if (pledge("stdio rpath getpw dns id", NULL) != 0)
187 fatal("%s: pledge: %s", __progname, strerror(errno));
188
182 /* Ensure that stdin and stdout are connected */ 189 /* Ensure that stdin and stdout are connected */
183 if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2) 190 if ((fd = open(_PATH_DEVNULL, O_RDWR)) < 2)
184 exit(1); 191 exit(1);
@@ -245,23 +252,26 @@ main(int argc, char **argv)
245 if (!found) 252 if (!found)
246 fatal("no hostkey found"); 253 fatal("no hostkey found");
247 254
255 if (pledge("stdio dns", NULL) != 0)
256 fatal("%s: pledge: %s", __progname, strerror(errno));
257
248 if ((b = sshbuf_new()) == NULL) 258 if ((b = sshbuf_new()) == NULL)
249 fatal("%s: sshbuf_new failed", __func__); 259 fatal("%s: sshbuf_new failed", __progname);
250 if (ssh_msg_recv(STDIN_FILENO, b) < 0) 260 if (ssh_msg_recv(STDIN_FILENO, b) < 0)
251 fatal("ssh_msg_recv failed"); 261 fatal("ssh_msg_recv failed");
252 if ((r = sshbuf_get_u8(b, &rver)) != 0) 262 if ((r = sshbuf_get_u8(b, &rver)) != 0)
253 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 263 fatal("%s: buffer error: %s", __progname, ssh_err(r));
254 if (rver != version) 264 if (rver != version)
255 fatal("bad version: received %d, expected %d", rver, version); 265 fatal("bad version: received %d, expected %d", rver, version);
256 if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0) 266 if ((r = sshbuf_get_u32(b, (u_int *)&fd)) != 0)
257 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 267 fatal("%s: buffer error: %s", __progname, ssh_err(r));
258 if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO) 268 if (fd < 0 || fd == STDIN_FILENO || fd == STDOUT_FILENO)
259 fatal("bad fd"); 269 fatal("bad fd");
260 if ((host = get_local_name(fd)) == NULL) 270 if ((host = get_local_name(fd)) == NULL)
261 fatal("cannot get local name for fd"); 271 fatal("cannot get local name for fd");
262 272
263 if ((r = sshbuf_get_string(b, &data, &dlen)) != 0) 273 if ((r = sshbuf_get_string(b, &data, &dlen)) != 0)
264 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 274 fatal("%s: buffer error: %s", __progname, ssh_err(r));
265 if (valid_request(pw, host, &key, data, dlen) < 0) 275 if (valid_request(pw, host, &key, data, dlen) < 0)
266 fatal("not a valid request"); 276 fatal("not a valid request");
267 free(host); 277 free(host);
@@ -277,19 +287,20 @@ main(int argc, char **argv)
277 if (!found) { 287 if (!found) {
278 if ((fp = sshkey_fingerprint(key, options.fingerprint_hash, 288 if ((fp = sshkey_fingerprint(key, options.fingerprint_hash,
279 SSH_FP_DEFAULT)) == NULL) 289 SSH_FP_DEFAULT)) == NULL)
280 fatal("%s: sshkey_fingerprint failed", __func__); 290 fatal("%s: sshkey_fingerprint failed", __progname);
281 fatal("no matching hostkey found for key %s %s", 291 fatal("no matching hostkey found for key %s %s",
282 sshkey_type(key), fp ? fp : ""); 292 sshkey_type(key), fp ? fp : "");
283 } 293 }
284 294
285 if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, 0)) != 0) 295 if ((r = sshkey_sign(keys[i], &signature, &slen, data, dlen, NULL, 0))
296 != 0)
286 fatal("sshkey_sign failed: %s", ssh_err(r)); 297 fatal("sshkey_sign failed: %s", ssh_err(r));
287 free(data); 298 free(data);
288 299
289 /* send reply */ 300 /* send reply */
290 sshbuf_reset(b); 301 sshbuf_reset(b);
291 if ((r = sshbuf_put_string(b, signature, slen)) != 0) 302 if ((r = sshbuf_put_string(b, signature, slen)) != 0)
292 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 303 fatal("%s: buffer error: %s", __progname, ssh_err(r));
293 if (ssh_msg_send(STDOUT_FILENO, version, b) == -1) 304 if (ssh_msg_send(STDOUT_FILENO, version, b) == -1)
294 fatal("ssh_msg_send failed"); 305 fatal("ssh_msg_send failed");
295 306
diff --git a/ssh-pkcs11-client.c b/ssh-pkcs11-client.c
index 8c74864aa..fac0167e6 100644
--- a/ssh-pkcs11-client.c
+++ b/ssh-pkcs11-client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-pkcs11-client.c,v 1.5 2014/06/24 01:13:21 djm Exp $ */ 1/* $OpenBSD: ssh-pkcs11-client.c,v 1.6 2015/12/11 00:20:04 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2010 Markus Friedl. All rights reserved. 3 * Copyright (c) 2010 Markus Friedl. All rights reserved.
4 * 4 *
@@ -173,7 +173,7 @@ pkcs11_start_helper(void)
173 close(pair[0]); 173 close(pair[0]);
174 close(pair[1]); 174 close(pair[1]);
175 execlp(_PATH_SSH_PKCS11_HELPER, _PATH_SSH_PKCS11_HELPER, 175 execlp(_PATH_SSH_PKCS11_HELPER, _PATH_SSH_PKCS11_HELPER,
176 (char *) 0); 176 (char *)NULL);
177 fprintf(stderr, "exec: %s: %s\n", _PATH_SSH_PKCS11_HELPER, 177 fprintf(stderr, "exec: %s: %s\n", _PATH_SSH_PKCS11_HELPER,
178 strerror(errno)); 178 strerror(errno));
179 _exit(1); 179 _exit(1);
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0
index 7fac805ff..47aa7bdcd 100644
--- a/ssh-pkcs11-helper.0
+++ b/ssh-pkcs11-helper.0
@@ -22,4 +22,4 @@ HISTORY
22AUTHORS 22AUTHORS
23 Markus Friedl <markus@openbsd.org> 23 Markus Friedl <markus@openbsd.org>
24 24
25OpenBSD 5.8 July 16, 2013 OpenBSD 5.8 25OpenBSD 5.9 July 16, 2013 OpenBSD 5.9
diff --git a/ssh-pkcs11-helper.c b/ssh-pkcs11-helper.c
index f2d586395..53f41c555 100644
--- a/ssh-pkcs11-helper.c
+++ b/ssh-pkcs11-helper.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-pkcs11-helper.c,v 1.11 2015/08/20 22:32:42 deraadt Exp $ */ 1/* $OpenBSD: ssh-pkcs11-helper.c,v 1.12 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2010 Markus Friedl. All rights reserved. 3 * Copyright (c) 2010 Markus Friedl. All rights reserved.
4 * 4 *
@@ -280,6 +280,7 @@ main(int argc, char **argv)
280 280
281 extern char *__progname; 281 extern char *__progname;
282 282
283 ssh_malloc_init(); /* must be called before any mallocs */
283 TAILQ_INIT(&pkcs11_keylist); 284 TAILQ_INIT(&pkcs11_keylist);
284 pkcs11_init(0); 285 pkcs11_init(0);
285 286
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 92614a52d..d1f750db0 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-pkcs11.c,v 1.21 2015/07/18 08:02:17 djm Exp $ */ 1/* $OpenBSD: ssh-pkcs11.c,v 1.22 2016/02/12 00:20:30 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2010 Markus Friedl. All rights reserved. 3 * Copyright (c) 2010 Markus Friedl. All rights reserved.
4 * 4 *
@@ -322,8 +322,10 @@ pkcs11_rsa_wrap(struct pkcs11_provider *provider, CK_ULONG slotidx,
322 k11->slotidx = slotidx; 322 k11->slotidx = slotidx;
323 /* identify key object on smartcard */ 323 /* identify key object on smartcard */
324 k11->keyid_len = keyid_attrib->ulValueLen; 324 k11->keyid_len = keyid_attrib->ulValueLen;
325 k11->keyid = xmalloc(k11->keyid_len); 325 if (k11->keyid_len > 0) {
326 memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len); 326 k11->keyid = xmalloc(k11->keyid_len);
327 memcpy(k11->keyid, keyid_attrib->pValue, k11->keyid_len);
328 }
327 k11->orig_finish = def->finish; 329 k11->orig_finish = def->finish;
328 memcpy(&k11->rsa_method, def, sizeof(k11->rsa_method)); 330 memcpy(&k11->rsa_method, def, sizeof(k11->rsa_method));
329 k11->rsa_method.name = "pkcs11"; 331 k11->rsa_method.name = "pkcs11";
diff --git a/ssh-rsa.c b/ssh-rsa.c
index cdc18a416..53d44d1f3 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-rsa.c,v 1.53 2015/06/15 01:32:50 djm Exp $ */ 1/* $OpenBSD: ssh-rsa.c,v 1.58 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> 3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4 * 4 *
@@ -36,16 +36,56 @@
36 36
37static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *); 37static int openssh_RSA_verify(int, u_char *, size_t, u_char *, size_t, RSA *);
38 38
39static const char *
40rsa_hash_alg_ident(int hash_alg)
41{
42 switch (hash_alg) {
43 case SSH_DIGEST_SHA1:
44 return "ssh-rsa";
45 case SSH_DIGEST_SHA256:
46 return "rsa-sha2-256";
47 case SSH_DIGEST_SHA512:
48 return "rsa-sha2-512";
49 }
50 return NULL;
51}
52
53static int
54rsa_hash_alg_from_ident(const char *ident)
55{
56 if (strcmp(ident, "ssh-rsa") == 0)
57 return SSH_DIGEST_SHA1;
58 if (strcmp(ident, "rsa-sha2-256") == 0)
59 return SSH_DIGEST_SHA256;
60 if (strcmp(ident, "rsa-sha2-512") == 0)
61 return SSH_DIGEST_SHA512;
62 return -1;
63}
64
65static int
66rsa_hash_alg_nid(int type)
67{
68 switch (type) {
69 case SSH_DIGEST_SHA1:
70 return NID_sha1;
71 case SSH_DIGEST_SHA256:
72 return NID_sha256;
73 case SSH_DIGEST_SHA512:
74 return NID_sha512;
75 default:
76 return -1;
77 }
78}
79
39/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */ 80/* RSASSA-PKCS1-v1_5 (PKCS #1 v2.0 signature) with SHA1 */
40int 81int
41ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, 82ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
42 const u_char *data, size_t datalen, u_int compat) 83 const u_char *data, size_t datalen, const char *alg_ident)
43{ 84{
44 int hash_alg;
45 u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL; 85 u_char digest[SSH_DIGEST_MAX_LENGTH], *sig = NULL;
46 size_t slen; 86 size_t slen;
47 u_int dlen, len; 87 u_int dlen, len;
48 int nid, ret = SSH_ERR_INTERNAL_ERROR; 88 int nid, hash_alg, ret = SSH_ERR_INTERNAL_ERROR;
49 struct sshbuf *b = NULL; 89 struct sshbuf *b = NULL;
50 90
51 if (lenp != NULL) 91 if (lenp != NULL)
@@ -53,16 +93,21 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
53 if (sigp != NULL) 93 if (sigp != NULL)
54 *sigp = NULL; 94 *sigp = NULL;
55 95
56 if (key == NULL || key->rsa == NULL || 96 if (alg_ident == NULL || strlen(alg_ident) == 0 ||
57 sshkey_type_plain(key->type) != KEY_RSA) 97 strncmp(alg_ident, "ssh-rsa-cert", strlen("ssh-rsa-cert")) == 0)
98 hash_alg = SSH_DIGEST_SHA1;
99 else
100 hash_alg = rsa_hash_alg_from_ident(alg_ident);
101 if (key == NULL || key->rsa == NULL || hash_alg == -1 ||
102 sshkey_type_plain(key->type) != KEY_RSA ||
103 BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE)
58 return SSH_ERR_INVALID_ARGUMENT; 104 return SSH_ERR_INVALID_ARGUMENT;
59 slen = RSA_size(key->rsa); 105 slen = RSA_size(key->rsa);
60 if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM) 106 if (slen <= 0 || slen > SSHBUF_MAX_BIGNUM)
61 return SSH_ERR_INVALID_ARGUMENT; 107 return SSH_ERR_INVALID_ARGUMENT;
62 108
63 /* hash the data */ 109 /* hash the data */
64 hash_alg = SSH_DIGEST_SHA1; 110 nid = rsa_hash_alg_nid(hash_alg);
65 nid = NID_sha1;
66 if ((dlen = ssh_digest_bytes(hash_alg)) == 0) 111 if ((dlen = ssh_digest_bytes(hash_alg)) == 0)
67 return SSH_ERR_INTERNAL_ERROR; 112 return SSH_ERR_INTERNAL_ERROR;
68 if ((ret = ssh_digest_memory(hash_alg, data, datalen, 113 if ((ret = ssh_digest_memory(hash_alg, data, datalen,
@@ -91,7 +136,7 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
91 ret = SSH_ERR_ALLOC_FAIL; 136 ret = SSH_ERR_ALLOC_FAIL;
92 goto out; 137 goto out;
93 } 138 }
94 if ((ret = sshbuf_put_cstring(b, "ssh-rsa")) != 0 || 139 if ((ret = sshbuf_put_cstring(b, rsa_hash_alg_ident(hash_alg))) != 0 ||
95 (ret = sshbuf_put_string(b, sig, slen)) != 0) 140 (ret = sshbuf_put_string(b, sig, slen)) != 0)
96 goto out; 141 goto out;
97 len = sshbuf_len(b); 142 len = sshbuf_len(b);
@@ -111,15 +156,13 @@ ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
111 explicit_bzero(sig, slen); 156 explicit_bzero(sig, slen);
112 free(sig); 157 free(sig);
113 } 158 }
114 if (b != NULL) 159 sshbuf_free(b);
115 sshbuf_free(b);
116 return ret; 160 return ret;
117} 161}
118 162
119int 163int
120ssh_rsa_verify(const struct sshkey *key, 164ssh_rsa_verify(const struct sshkey *key,
121 const u_char *signature, size_t signaturelen, 165 const u_char *sig, size_t siglen, const u_char *data, size_t datalen)
122 const u_char *data, size_t datalen, u_int compat)
123{ 166{
124 char *ktype = NULL; 167 char *ktype = NULL;
125 int hash_alg, ret = SSH_ERR_INTERNAL_ERROR; 168 int hash_alg, ret = SSH_ERR_INTERNAL_ERROR;
@@ -132,13 +175,13 @@ ssh_rsa_verify(const struct sshkey *key,
132 BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE) 175 BN_num_bits(key->rsa->n) < SSH_RSA_MINIMUM_MODULUS_SIZE)
133 return SSH_ERR_INVALID_ARGUMENT; 176 return SSH_ERR_INVALID_ARGUMENT;
134 177
135 if ((b = sshbuf_from(signature, signaturelen)) == NULL) 178 if ((b = sshbuf_from(sig, siglen)) == NULL)
136 return SSH_ERR_ALLOC_FAIL; 179 return SSH_ERR_ALLOC_FAIL;
137 if (sshbuf_get_cstring(b, &ktype, NULL) != 0) { 180 if (sshbuf_get_cstring(b, &ktype, NULL) != 0) {
138 ret = SSH_ERR_INVALID_FORMAT; 181 ret = SSH_ERR_INVALID_FORMAT;
139 goto out; 182 goto out;
140 } 183 }
141 if (strcmp("ssh-rsa", ktype) != 0) { 184 if ((hash_alg = rsa_hash_alg_from_ident(ktype)) == -1) {
142 ret = SSH_ERR_KEY_TYPE_MISMATCH; 185 ret = SSH_ERR_KEY_TYPE_MISMATCH;
143 goto out; 186 goto out;
144 } 187 }
@@ -167,7 +210,6 @@ ssh_rsa_verify(const struct sshkey *key,
167 explicit_bzero(sigblob, diff); 210 explicit_bzero(sigblob, diff);
168 len = modlen; 211 len = modlen;
169 } 212 }
170 hash_alg = SSH_DIGEST_SHA1;
171 if ((dlen = ssh_digest_bytes(hash_alg)) == 0) { 213 if ((dlen = ssh_digest_bytes(hash_alg)) == 0) {
172 ret = SSH_ERR_INTERNAL_ERROR; 214 ret = SSH_ERR_INTERNAL_ERROR;
173 goto out; 215 goto out;
@@ -183,10 +225,8 @@ ssh_rsa_verify(const struct sshkey *key,
183 explicit_bzero(sigblob, len); 225 explicit_bzero(sigblob, len);
184 free(sigblob); 226 free(sigblob);
185 } 227 }
186 if (ktype != NULL) 228 free(ktype);
187 free(ktype); 229 sshbuf_free(b);
188 if (b != NULL)
189 sshbuf_free(b);
190 explicit_bzero(digest, sizeof(digest)); 230 explicit_bzero(digest, sizeof(digest));
191 return ret; 231 return ret;
192} 232}
@@ -196,6 +236,7 @@ ssh_rsa_verify(const struct sshkey *key,
196 * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/ 236 * http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/
197 * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn 237 * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.asn
198 */ 238 */
239
199/* 240/*
200 * id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) 241 * id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
201 * oiw(14) secsig(3) algorithms(2) 26 } 242 * oiw(14) secsig(3) algorithms(2) 26 }
@@ -209,25 +250,71 @@ static const u_char id_sha1[] = {
209 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */ 250 0x04, 0x14 /* Octet string, length 0x14 (20), followed by sha1 hash */
210}; 251};
211 252
253/*
254 * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
255 * id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840)
256 * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2)
257 * id-sha256(1) }
258 */
259static const u_char id_sha256[] = {
260 0x30, 0x31, /* type Sequence, length 0x31 (49) */
261 0x30, 0x0d, /* type Sequence, length 0x0d (13) */
262 0x06, 0x09, /* type OID, length 0x09 */
263 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, /* id-sha256 */
264 0x05, 0x00, /* NULL */
265 0x04, 0x20 /* Octet string, length 0x20 (32), followed by sha256 hash */
266};
267
268/*
269 * See http://csrc.nist.gov/groups/ST/crypto_apps_infra/csor/algorithms.html
270 * id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840)
271 * organization(1) gov(101) csor(3) nistAlgorithm(4) hashAlgs(2)
272 * id-sha256(3) }
273 */
274static const u_char id_sha512[] = {
275 0x30, 0x51, /* type Sequence, length 0x51 (81) */
276 0x30, 0x0d, /* type Sequence, length 0x0d (13) */
277 0x06, 0x09, /* type OID, length 0x09 */
278 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, /* id-sha512 */
279 0x05, 0x00, /* NULL */
280 0x04, 0x40 /* Octet string, length 0x40 (64), followed by sha512 hash */
281};
282
283static int
284rsa_hash_alg_oid(int hash_alg, const u_char **oidp, size_t *oidlenp)
285{
286 switch (hash_alg) {
287 case SSH_DIGEST_SHA1:
288 *oidp = id_sha1;
289 *oidlenp = sizeof(id_sha1);
290 break;
291 case SSH_DIGEST_SHA256:
292 *oidp = id_sha256;
293 *oidlenp = sizeof(id_sha256);
294 break;
295 case SSH_DIGEST_SHA512:
296 *oidp = id_sha512;
297 *oidlenp = sizeof(id_sha512);
298 break;
299 default:
300 return SSH_ERR_INVALID_ARGUMENT;
301 }
302 return 0;
303}
304
212static int 305static int
213openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen, 306openssh_RSA_verify(int hash_alg, u_char *hash, size_t hashlen,
214 u_char *sigbuf, size_t siglen, RSA *rsa) 307 u_char *sigbuf, size_t siglen, RSA *rsa)
215{ 308{
216 size_t ret, rsasize = 0, oidlen = 0, hlen = 0; 309 size_t rsasize = 0, oidlen = 0, hlen = 0;
217 int len, oidmatch, hashmatch; 310 int ret, len, oidmatch, hashmatch;
218 const u_char *oid = NULL; 311 const u_char *oid = NULL;
219 u_char *decrypted = NULL; 312 u_char *decrypted = NULL;
220 313
314 if ((ret = rsa_hash_alg_oid(hash_alg, &oid, &oidlen)) != 0)
315 return ret;
221 ret = SSH_ERR_INTERNAL_ERROR; 316 ret = SSH_ERR_INTERNAL_ERROR;
222 switch (hash_alg) { 317 hlen = ssh_digest_bytes(hash_alg);
223 case SSH_DIGEST_SHA1:
224 oid = id_sha1;
225 oidlen = sizeof(id_sha1);
226 hlen = 20;
227 break;
228 default:
229 goto done;
230 }
231 if (hashlen != hlen) { 318 if (hashlen != hlen) {
232 ret = SSH_ERR_INVALID_ARGUMENT; 319 ret = SSH_ERR_INVALID_ARGUMENT;
233 goto done; 320 goto done;
diff --git a/ssh.0 b/ssh.0
index ad4817aff..9aaf4367d 100644
--- a/ssh.0
+++ b/ssh.0
@@ -8,22 +8,19 @@ SYNOPSIS
8 [-D [bind_address:]port] [-E log_file] [-e escape_char] 8 [-D [bind_address:]port] [-E log_file] [-e escape_char]
9 [-F configfile] [-I pkcs11] [-i identity_file] [-L address] 9 [-F configfile] [-I pkcs11] [-i identity_file] [-L address]
10 [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] 10 [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
11 [-Q cipher | cipher-auth | mac | kex | key | protocol-version] 11 [-Q query_option] [-R address] [-S ctl_path] [-W host:port]
12 [-R address] [-S ctl_path] [-W host:port] [-w local_tun[:remote_tun]] 12 [-w local_tun[:remote_tun]] [user@]hostname [command]
13 [user@]hostname [command]
14 13
15DESCRIPTION 14DESCRIPTION
16 ssh (SSH client) is a program for logging into a remote machine and for 15 ssh (SSH client) is a program for logging into a remote machine and for
17 executing commands on a remote machine. It is intended to replace rlogin 16 executing commands on a remote machine. It is intended to provide secure
18 and rsh, and provide secure encrypted communications between two 17 encrypted communications between two untrusted hosts over an insecure
19 untrusted hosts over an insecure network. X11 connections, arbitrary TCP 18 network. X11 connections, arbitrary TCP ports and UNIX-domain sockets
20 ports and UNIX-domain sockets can also be forwarded over the secure 19 can also be forwarded over the secure channel.
21 channel.
22 20
23 ssh connects and logs into the specified hostname (with optional user 21 ssh connects and logs into the specified hostname (with optional user
24 name). The user must prove his/her identity to the remote machine using 22 name). The user must prove his/her identity to the remote machine using
25 one of several methods depending on the protocol version used (see 23 one of several methods (see below).
26 below).
27 24
28 If command is specified, it is executed on the remote host instead of a 25 If command is specified, it is executed on the remote host instead of a
29 login shell. 26 login shell.
@@ -144,9 +141,11 @@ DESCRIPTION
144 ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. 141 ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
145 Identity files may also be specified on a per-host basis in the 142 Identity files may also be specified on a per-host basis in the
146 configuration file. It is possible to have multiple -i options 143 configuration file. It is possible to have multiple -i options
147 (and multiple identities specified in configuration files). ssh 144 (and multiple identities specified in configuration files). If
148 will also try to load certificate information from the filename 145 no certificates have been explicitly specified by the
149 obtained by appending -cert.pub to identity filenames. 146 CertificateFile directive, ssh will also try to load certificate
147 information from the filename obtained by appending -cert.pub to
148 identity filenames.
150 149
151 -K Enables GSSAPI-based authentication and forwarding (delegation) 150 -K Enables GSSAPI-based authentication and forwarding (delegation)
152 of GSSAPI credentials to the server. 151 of GSSAPI credentials to the server.
@@ -190,12 +189,12 @@ DESCRIPTION
190 details. 189 details.
191 190
192 -m mac_spec 191 -m mac_spec
193 Additionally, for protocol version 2 a comma-separated list of 192 A comma-separated list of MAC (message authentication code)
194 MAC (message authentication code) algorithms can be specified in 193 algorithms, specified in order of preference. See the MACs
195 order of preference. See the MACs keyword for more information. 194 keyword for more information.
196 195
197 -N Do not execute a remote command. This is useful for just 196 -N Do not execute a remote command. This is useful for just
198 forwarding ports (protocol version 2 only). 197 forwarding ports.
199 198
200 -n Redirects stdin from /dev/null (actually, prevents reading from 199 -n Redirects stdin from /dev/null (actually, prevents reading from
201 stdin). This must be used when ssh is run in the background. A 200 stdin). This must be used when ssh is run in the background. A
@@ -224,6 +223,7 @@ DESCRIPTION
224 of the options listed below, and their possible values, see 223 of the options listed below, and their possible values, see
225 ssh_config(5). 224 ssh_config(5).
226 225
226 AddKeysToAgent
227 AddressFamily 227 AddressFamily
228 BatchMode 228 BatchMode
229 BindAddress 229 BindAddress
@@ -232,6 +232,7 @@ DESCRIPTION
232 CanonicalizeHostname 232 CanonicalizeHostname
233 CanonicalizeMaxDots 233 CanonicalizeMaxDots
234 CanonicalizePermittedCNAMEs 234 CanonicalizePermittedCNAMEs
235 CertificateFile
235 ChallengeResponseAuthentication 236 ChallengeResponseAuthentication
236 CheckHostIP 237 CheckHostIP
237 Cipher 238 Cipher
@@ -312,13 +313,14 @@ DESCRIPTION
312 Port to connect to on the remote host. This can be specified on 313 Port to connect to on the remote host. This can be specified on
313 a per-host basis in the configuration file. 314 a per-host basis in the configuration file.
314 315
315 -Q cipher | cipher-auth | mac | kex | key | protocol-version 316 -Q query_option
316 Queries ssh for the algorithms supported for the specified 317 Queries ssh for the algorithms supported for the specified
317 version 2. The available features are: cipher (supported 318 version 2. The available features are: cipher (supported
318 symmetric ciphers), cipher-auth (supported symmetric ciphers that 319 symmetric ciphers), cipher-auth (supported symmetric ciphers that
319 support authenticated encryption), mac (supported message 320 support authenticated encryption), mac (supported message
320 integrity codes), kex (key exchange algorithms), key (key types) 321 integrity codes), kex (key exchange algorithms), key (key types),
321 and protocol-version (supported SSH protocol versions). 322 key-cert (certificate key types), key-plain (non-certificate key
323 types), and protocol-version (supported SSH protocol versions).
322 324
323 -q Quiet mode. Causes most warning and diagnostic messages to be 325 -q Quiet mode. Causes most warning and diagnostic messages to be
324 suppressed. 326 suppressed.
@@ -361,10 +363,9 @@ DESCRIPTION
361 ssh_config(5) for details. 363 ssh_config(5) for details.
362 364
363 -s May be used to request invocation of a subsystem on the remote 365 -s May be used to request invocation of a subsystem on the remote
364 system. Subsystems are a feature of the SSH2 protocol which 366 system. Subsystems facilitate the use of SSH as a secure
365 facilitate the use of SSH as a secure transport for other 367 transport for other applications (e.g. sftp(1)). The subsystem
366 applications (eg. sftp(1)). The subsystem is specified as the 368 is specified as the remote command.
367 remote command.
368 369
369 -T Disable pseudo-terminal allocation. 370 -T Disable pseudo-terminal allocation.
370 371
@@ -383,8 +384,7 @@ DESCRIPTION
383 -W host:port 384 -W host:port
384 Requests that standard input and output on the client be 385 Requests that standard input and output on the client be
385 forwarded to host on port over the secure channel. Implies -N, 386 forwarded to host on port over the secure channel. Implies -N,
386 -T, ExitOnForwardFailure and ClearAllForwardings. Works with 387 -T, ExitOnForwardFailure and ClearAllForwardings.
387 Protocol version 2 only.
388 388
389 -w local_tun[:remote_tun] 389 -w local_tun[:remote_tun]
390 Requests tunnel device forwarding with the specified tun(4) 390 Requests tunnel device forwarding with the specified tun(4)
@@ -427,20 +427,16 @@ DESCRIPTION
427AUTHENTICATION 427AUTHENTICATION
428 The OpenSSH SSH client supports SSH protocols 1 and 2. The default is to 428 The OpenSSH SSH client supports SSH protocols 1 and 2. The default is to
429 use protocol 2 only, though this can be changed via the Protocol option 429 use protocol 2 only, though this can be changed via the Protocol option
430 in ssh_config(5) or the -1 and -2 options (see above). Both protocols 430 in ssh_config(5) or the -1 and -2 options (see above). Protocol 1 should
431 support similar authentication methods, but protocol 2 is the default 431 not be used and is only offered to support legacy devices. It suffers
432 since it provides additional mechanisms for confidentiality (the traffic 432 from a number of cryptographic weaknesses and doesn't support many of the
433 is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and 433 advanced features available for protocol 2.
434 integrity (hmac-md5, hmac-sha1, hmac-sha2-256, hmac-sha2-512, umac-64,
435 umac-128, hmac-ripemd160). Protocol 1 lacks a strong mechanism for
436 ensuring the integrity of the connection.
437 434
438 The methods available for authentication are: GSSAPI-based 435 The methods available for authentication are: GSSAPI-based
439 authentication, host-based authentication, public key authentication, 436 authentication, host-based authentication, public key authentication,
440 challenge-response authentication, and password authentication. 437 challenge-response authentication, and password authentication.
441 Authentication methods are tried in the order specified above, though 438 Authentication methods are tried in the order specified above, though
442 protocol 2 has a configuration option to change the default order: 439 PreferredAuthentications can be used to change the default order.
443 PreferredAuthentications.
444 440
445 Host-based authentication works as follows: If the machine the user logs 441 Host-based authentication works as follows: If the machine the user logs
446 in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote 442 in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote
@@ -463,10 +459,8 @@ AUTHENTICATION
463 creates a public/private key pair for authentication purposes. The 459 creates a public/private key pair for authentication purposes. The
464 server knows the public key, and only the user knows the private key. 460 server knows the public key, and only the user knows the private key.
465 ssh implements public key authentication protocol automatically, using 461 ssh implements public key authentication protocol automatically, using
466 one of the DSA, ECDSA, Ed25519 or RSA algorithms. Protocol 1 is 462 one of the DSA, ECDSA, Ed25519 or RSA algorithms. The HISTORY section of
467 restricted to using only RSA keys, but protocol 2 may use any. The 463 ssl(8) contains a brief discussion of the DSA and RSA algorithms.
468 HISTORY section of ssl(8) contains a brief discussion of the DSA and RSA
469 algorithms.
470 464
471 The file ~/.ssh/authorized_keys lists the public keys that are permitted 465 The file ~/.ssh/authorized_keys lists the public keys that are permitted
472 for logging in. When the user logs in, the ssh program tells the server 466 for logging in. When the user logs in, the ssh program tells the server
@@ -475,13 +469,12 @@ AUTHENTICATION
475 the corresponding public key is authorized to accept the account. 469 the corresponding public key is authorized to accept the account.
476 470
477 The user creates his/her key pair by running ssh-keygen(1). This stores 471 The user creates his/her key pair by running ssh-keygen(1). This stores
478 the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol 472 the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (DSA),
479 2 DSA), ~/.ssh/id_ecdsa (protocol 2 ECDSA), ~/.ssh/id_ed25519 (protocol 2 473 ~/.ssh/id_ecdsa (ECDSA), ~/.ssh/id_ed25519 (Ed25519), or ~/.ssh/id_rsa
480 Ed25519), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in 474 (RSA) and stores the public key in ~/.ssh/identity.pub (protocol 1),
481 ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), 475 ~/.ssh/id_dsa.pub (DSA), ~/.ssh/id_ecdsa.pub (ECDSA),
482 ~/.ssh/id_ecdsa.pub (protocol 2 ECDSA), ~/.ssh/id_ed25519.pub (protocol 2 476 ~/.ssh/id_ed25519.pub (Ed25519), or ~/.ssh/id_rsa.pub (RSA) in the user's
483 Ed25519), or ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home 477 home directory. The user should then copy the public key to
484 directory. The user should then copy the public key to
485 ~/.ssh/authorized_keys in his/her home directory on the remote machine. 478 ~/.ssh/authorized_keys in his/her home directory on the remote machine.
486 The authorized_keys file corresponds to the conventional ~/.rhosts file, 479 The authorized_keys file corresponds to the conventional ~/.rhosts file,
487 and has one key per line, though the lines can be very long. After this, 480 and has one key per line, though the lines can be very long. After this,
@@ -495,15 +488,13 @@ AUTHENTICATION
495 more information. 488 more information.
496 489
497 The most convenient way to use public key or certificate authentication 490 The most convenient way to use public key or certificate authentication
498 may be with an authentication agent. See ssh-agent(1) for more 491 may be with an authentication agent. See ssh-agent(1) and (optionally)
499 information. 492 the AddKeysToAgent directive in ssh_config(5) for more information.
500 493
501 Challenge-response authentication works as follows: The server sends an 494 Challenge-response authentication works as follows: The server sends an
502 arbitrary "challenge" text, and prompts for a response. Protocol 2 495 arbitrary "challenge" text, and prompts for a response. Examples of
503 allows multiple challenges and responses; protocol 1 is restricted to 496 challenge-response authentication include BSD Authentication (see
504 just one challenge/response. Examples of challenge-response 497 login.conf(5)) and PAM (some non-OpenBSD systems).
505 authentication include BSD Authentication (see login.conf(5)) and PAM
506 (some non-OpenBSD systems).
507 498
508 Finally, if other authentication methods fail, ssh prompts the user for a 499 Finally, if other authentication methods fail, ssh prompts the user for a
509 password. The password is sent to the remote host for checking; however, 500 password. The password is sent to the remote host for checking; however,
@@ -565,8 +556,8 @@ ESCAPE CHARACTERS
565 556
566 ~? Display a list of escape characters. 557 ~? Display a list of escape characters.
567 558
568 ~B Send a BREAK to the remote system (only useful for SSH protocol 559 ~B Send a BREAK to the remote system (only useful if the peer
569 version 2 and if the peer supports it). 560 supports it).
570 561
571 ~C Open command line. Currently this allows the addition of port 562 ~C Open command line. Currently this allows the addition of port
572 forwardings using the -L, -R and -D options (see above). It also 563 forwardings using the -L, -R and -D options (see above). It also
@@ -577,8 +568,8 @@ ESCAPE CHARACTERS
577 PermitLocalCommand option is enabled in ssh_config(5). Basic 568 PermitLocalCommand option is enabled in ssh_config(5). Basic
578 help is available, using the -h option. 569 help is available, using the -h option.
579 570
580 ~R Request rekeying of the connection (only useful for SSH protocol 571 ~R Request rekeying of the connection (only useful if the peer
581 version 2 and if the peer supports it). 572 supports it).
582 573
583 ~V Decrease the verbosity (LogLevel) when errors are being written 574 ~V Decrease the verbosity (LogLevel) when errors are being written
584 to stderr. 575 to stderr.
@@ -892,12 +883,7 @@ FILES
892 /etc/ssh/ssh_host_ed25519_key 883 /etc/ssh/ssh_host_ed25519_key
893 /etc/ssh/ssh_host_rsa_key 884 /etc/ssh/ssh_host_rsa_key
894 These files contain the private parts of the host keys and are 885 These files contain the private parts of the host keys and are
895 used for host-based authentication. If protocol version 1 is 886 used for host-based authentication.
896 used, ssh must be setuid root, since the host key is readable
897 only by root. For protocol version 2, ssh uses ssh-keysign(8) to
898 access the host keys, eliminating the requirement that ssh be
899 setuid root when host-based authentication is used. By default
900 ssh is not setuid root.
901 887
902 /etc/ssh/ssh_known_hosts 888 /etc/ssh/ssh_known_hosts
903 Systemwide list of known host keys. This file should be prepared 889 Systemwide list of known host keys. This file should be prepared
@@ -969,4 +955,4 @@ AUTHORS
969 created OpenSSH. Markus Friedl contributed the support for SSH protocol 955 created OpenSSH. Markus Friedl contributed the support for SSH protocol
970 versions 1.5 and 2.0. 956 versions 1.5 and 2.0.
971 957
972OpenBSD 5.8 July 20, 2015 OpenBSD 5.8 958OpenBSD 5.9 February 17, 2016 OpenBSD 5.9
diff --git a/ssh.1 b/ssh.1
index 2ea0a2058..cc5334338 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh.1,v 1.361 2015/07/20 18:44:12 millert Exp $ 36.\" $OpenBSD: ssh.1,v 1.369 2016/02/17 07:38:19 jmc Exp $
37.Dd $Mdocdate: July 20 2015 $ 37.Dd $Mdocdate: February 17 2016 $
38.Dt SSH 1 38.Dt SSH 1
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -58,7 +58,7 @@
58.Op Fl O Ar ctl_cmd 58.Op Fl O Ar ctl_cmd
59.Op Fl o Ar option 59.Op Fl o Ar option
60.Op Fl p Ar port 60.Op Fl p Ar port
61.Op Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version 61.Op Fl Q Ar query_option
62.Op Fl R Ar address 62.Op Fl R Ar address
63.Op Fl S Ar ctl_path 63.Op Fl S Ar ctl_path
64.Op Fl W Ar host : Ns Ar port 64.Op Fl W Ar host : Ns Ar port
@@ -70,8 +70,7 @@
70.Nm 70.Nm
71(SSH client) is a program for logging into a remote machine and for 71(SSH client) is a program for logging into a remote machine and for
72executing commands on a remote machine. 72executing commands on a remote machine.
73It is intended to replace rlogin and rsh, 73It is intended to provide secure encrypted communications between
74and provide secure encrypted communications between
75two untrusted hosts over an insecure network. 74two untrusted hosts over an insecure network.
76X11 connections, arbitrary TCP ports and 75X11 connections, arbitrary TCP ports and
77.Ux Ns -domain 76.Ux Ns -domain
@@ -85,7 +84,7 @@ connects and logs into the specified
85name). 84name).
86The user must prove 85The user must prove
87his/her identity to the remote machine using one of several methods 86his/her identity to the remote machine using one of several methods
88depending on the protocol version used (see below). 87(see below).
89.Pp 88.Pp
90If 89If
91.Ar command 90.Ar command
@@ -304,6 +303,9 @@ It is possible to have multiple
304.Fl i 303.Fl i
305options (and multiple identities specified in 304options (and multiple identities specified in
306configuration files). 305configuration files).
306If no certificates have been explicitly specified by the
307.Cm CertificateFile
308directive,
307.Nm 309.Nm
308will also try to load certificate information from the filename obtained 310will also try to load certificate information from the filename obtained
309by appending 311by appending
@@ -400,17 +402,15 @@ in
400for details. 402for details.
401.Pp 403.Pp
402.It Fl m Ar mac_spec 404.It Fl m Ar mac_spec
403Additionally, for protocol version 2 a comma-separated list of MAC 405A comma-separated list of MAC (message authentication code) algorithms,
404(message authentication code) algorithms can 406specified in order of preference.
405be specified in order of preference.
406See the 407See the
407.Cm MACs 408.Cm MACs
408keyword for more information. 409keyword for more information.
409.Pp 410.Pp
410.It Fl N 411.It Fl N
411Do not execute a remote command. 412Do not execute a remote command.
412This is useful for just forwarding ports 413This is useful for just forwarding ports.
413(protocol version 2 only).
414.Pp 414.Pp
415.It Fl n 415.It Fl n
416Redirects stdin from 416Redirects stdin from
@@ -460,6 +460,7 @@ For full details of the options listed below, and their possible values, see
460.Xr ssh_config 5 . 460.Xr ssh_config 5 .
461.Pp 461.Pp
462.Bl -tag -width Ds -offset indent -compact 462.Bl -tag -width Ds -offset indent -compact
463.It AddKeysToAgent
463.It AddressFamily 464.It AddressFamily
464.It BatchMode 465.It BatchMode
465.It BindAddress 466.It BindAddress
@@ -468,6 +469,7 @@ For full details of the options listed below, and their possible values, see
468.It CanonicalizeHostname 469.It CanonicalizeHostname
469.It CanonicalizeMaxDots 470.It CanonicalizeMaxDots
470.It CanonicalizePermittedCNAMEs 471.It CanonicalizePermittedCNAMEs
472.It CertificateFile
471.It ChallengeResponseAuthentication 473.It ChallengeResponseAuthentication
472.It CheckHostIP 474.It CheckHostIP
473.It Cipher 475.It Cipher
@@ -550,7 +552,7 @@ Port to connect to on the remote host.
550This can be specified on a 552This can be specified on a
551per-host basis in the configuration file. 553per-host basis in the configuration file.
552.Pp 554.Pp
553.It Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version 555.It Fl Q Ar query_option
554Queries 556Queries
555.Nm 557.Nm
556for the algorithms supported for the specified version 2. 558for the algorithms supported for the specified version 2.
@@ -564,7 +566,11 @@ The available features are:
564.Ar kex 566.Ar kex
565(key exchange algorithms), 567(key exchange algorithms),
566.Ar key 568.Ar key
567(key types) and 569(key types),
570.Ar key-cert
571(certificate key types),
572.Ar key-plain
573(non-certificate key types), and
568.Ar protocol-version 574.Ar protocol-version
569(supported SSH protocol versions). 575(supported SSH protocol versions).
570.Pp 576.Pp
@@ -656,8 +662,8 @@ for details.
656.Pp 662.Pp
657.It Fl s 663.It Fl s
658May be used to request invocation of a subsystem on the remote system. 664May be used to request invocation of a subsystem on the remote system.
659Subsystems are a feature of the SSH2 protocol which facilitate the use 665Subsystems facilitate the use of SSH
660of SSH as a secure transport for other applications (eg.\& 666as a secure transport for other applications (e.g.\&
661.Xr sftp 1 ) . 667.Xr sftp 1 ) .
662The subsystem is specified as the remote command. 668The subsystem is specified as the remote command.
663.Pp 669.Pp
@@ -702,7 +708,6 @@ Implies
702.Cm ExitOnForwardFailure 708.Cm ExitOnForwardFailure
703and 709and
704.Cm ClearAllForwardings . 710.Cm ClearAllForwardings .
705Works with Protocol version 2 only.
706.Pp 711.Pp
707.It Fl w Xo 712.It Fl w Xo
708.Ar local_tun Ns Op : Ns Ar remote_tun 713.Ar local_tun Ns Op : Ns Ar remote_tun
@@ -787,15 +792,10 @@ or the
787and 792and
788.Fl 2 793.Fl 2
789options (see above). 794options (see above).
790Both protocols support similar authentication methods, 795Protocol 1 should not be used
791but protocol 2 is the default since 796and is only offered to support legacy devices.
792it provides additional mechanisms for confidentiality 797It suffers from a number of cryptographic weaknesses
793(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) 798and doesn't support many of the advanced features available for protocol 2.
794and integrity (hmac-md5, hmac-sha1,
795hmac-sha2-256, hmac-sha2-512,
796umac-64, umac-128, hmac-ripemd160).
797Protocol 1 lacks a strong mechanism for ensuring the
798integrity of the connection.
799.Pp 799.Pp
800The methods available for authentication are: 800The methods available for authentication are:
801GSSAPI-based authentication, 801GSSAPI-based authentication,
@@ -804,8 +804,9 @@ public key authentication,
804challenge-response authentication, 804challenge-response authentication,
805and password authentication. 805and password authentication.
806Authentication methods are tried in the order specified above, 806Authentication methods are tried in the order specified above,
807though protocol 2 has a configuration option to change the default order: 807though
808.Cm PreferredAuthentications . 808.Cm PreferredAuthentications
809can be used to change the default order.
809.Pp 810.Pp
810Host-based authentication works as follows: 811Host-based authentication works as follows:
811If the machine the user logs in from is listed in 812If the machine the user logs in from is listed in
@@ -849,8 +850,6 @@ The server knows the public key, and only the user knows the private key.
849.Nm 850.Nm
850implements public key authentication protocol automatically, 851implements public key authentication protocol automatically,
851using one of the DSA, ECDSA, Ed25519 or RSA algorithms. 852using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
852Protocol 1 is restricted to using only RSA keys,
853but protocol 2 may use any.
854The HISTORY section of 853The HISTORY section of
855.Xr ssl 8 854.Xr ssl 8
856contains a brief discussion of the DSA and RSA algorithms. 855contains a brief discussion of the DSA and RSA algorithms.
@@ -872,26 +871,26 @@ This stores the private key in
872.Pa ~/.ssh/identity 871.Pa ~/.ssh/identity
873(protocol 1), 872(protocol 1),
874.Pa ~/.ssh/id_dsa 873.Pa ~/.ssh/id_dsa
875(protocol 2 DSA), 874(DSA),
876.Pa ~/.ssh/id_ecdsa 875.Pa ~/.ssh/id_ecdsa
877(protocol 2 ECDSA), 876(ECDSA),
878.Pa ~/.ssh/id_ed25519 877.Pa ~/.ssh/id_ed25519
879(protocol 2 Ed25519), 878(Ed25519),
880or 879or
881.Pa ~/.ssh/id_rsa 880.Pa ~/.ssh/id_rsa
882(protocol 2 RSA) 881(RSA)
883and stores the public key in 882and stores the public key in
884.Pa ~/.ssh/identity.pub 883.Pa ~/.ssh/identity.pub
885(protocol 1), 884(protocol 1),
886.Pa ~/.ssh/id_dsa.pub 885.Pa ~/.ssh/id_dsa.pub
887(protocol 2 DSA), 886(DSA),
888.Pa ~/.ssh/id_ecdsa.pub 887.Pa ~/.ssh/id_ecdsa.pub
889(protocol 2 ECDSA), 888(ECDSA),
890.Pa ~/.ssh/id_ed25519.pub 889.Pa ~/.ssh/id_ed25519.pub
891(protocol 2 Ed25519), 890(Ed25519),
892or 891or
893.Pa ~/.ssh/id_rsa.pub 892.Pa ~/.ssh/id_rsa.pub
894(protocol 2 RSA) 893(RSA)
895in the user's home directory. 894in the user's home directory.
896The user should then copy the public key 895The user should then copy the public key
897to 896to
@@ -919,14 +918,16 @@ The most convenient way to use public key or certificate authentication
919may be with an authentication agent. 918may be with an authentication agent.
920See 919See
921.Xr ssh-agent 1 920.Xr ssh-agent 1
921and (optionally) the
922.Cm AddKeysToAgent
923directive in
924.Xr ssh_config 5
922for more information. 925for more information.
923.Pp 926.Pp
924Challenge-response authentication works as follows: 927Challenge-response authentication works as follows:
925The server sends an arbitrary 928The server sends an arbitrary
926.Qq challenge 929.Qq challenge
927text, and prompts for a response. 930text, and prompts for a response.
928Protocol 2 allows multiple challenges and responses;
929protocol 1 is restricted to just one challenge/response.
930Examples of challenge-response authentication include 931Examples of challenge-response authentication include
931.Bx 932.Bx
932Authentication (see 933Authentication (see
@@ -1025,7 +1026,7 @@ at logout when waiting for forwarded connection / X11 sessions to terminate.
1025Display a list of escape characters. 1026Display a list of escape characters.
1026.It Cm ~B 1027.It Cm ~B
1027Send a BREAK to the remote system 1028Send a BREAK to the remote system
1028(only useful for SSH protocol version 2 and if the peer supports it). 1029(only useful if the peer supports it).
1029.It Cm ~C 1030.It Cm ~C
1030Open command line. 1031Open command line.
1031Currently this allows the addition of port forwardings using the 1032Currently this allows the addition of port forwardings using the
@@ -1058,7 +1059,7 @@ Basic help is available, using the
1058option. 1059option.
1059.It Cm ~R 1060.It Cm ~R
1060Request rekeying of the connection 1061Request rekeying of the connection
1061(only useful for SSH protocol version 2 and if the peer supports it). 1062(only useful if the peer supports it).
1062.It Cm ~V 1063.It Cm ~V
1063Decrease the verbosity 1064Decrease the verbosity
1064.Pq Ic LogLevel 1065.Pq Ic LogLevel
@@ -1526,20 +1527,6 @@ The file format and configuration options are described in
1526.It Pa /etc/ssh/ssh_host_rsa_key 1527.It Pa /etc/ssh/ssh_host_rsa_key
1527These files contain the private parts of the host keys 1528These files contain the private parts of the host keys
1528and are used for host-based authentication. 1529and are used for host-based authentication.
1529If protocol version 1 is used,
1530.Nm
1531must be setuid root, since the host key is readable only by root.
1532For protocol version 2,
1533.Nm
1534uses
1535.Xr ssh-keysign 8
1536to access the host keys,
1537eliminating the requirement that
1538.Nm
1539be setuid root when host-based authentication is used.
1540By default
1541.Nm
1542is not setuid root.
1543.Pp 1530.Pp
1544.It Pa /etc/ssh/ssh_known_hosts 1531.It Pa /etc/ssh/ssh_known_hosts
1545Systemwide list of known host keys. 1532Systemwide list of known host keys.
diff --git a/ssh.c b/ssh.c
index 67c1ebfa2..f9ff91f04 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.420 2015/07/30 00:01:34 djm Exp $ */ 1/* $OpenBSD: ssh.c,v 1.436 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -105,7 +105,6 @@
105#include "match.h" 105#include "match.h"
106#include "msg.h" 106#include "msg.h"
107#include "uidswap.h" 107#include "uidswap.h"
108#include "roaming.h"
109#include "version.h" 108#include "version.h"
110#include "ssherr.h" 109#include "ssherr.h"
111#include "myproposal.h" 110#include "myproposal.h"
@@ -203,11 +202,9 @@ usage(void)
203 fprintf(stderr, 202 fprintf(stderr,
204"usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n" 203"usage: ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]\n"
205" [-D [bind_address:]port] [-E log_file] [-e escape_char]\n" 204" [-D [bind_address:]port] [-E log_file] [-e escape_char]\n"
206" [-F configfile] [-I pkcs11] [-i identity_file]\n" 205" [-F configfile] [-I pkcs11] [-i identity_file] [-L address]\n"
207" [-L address] [-l login_name] [-m mac_spec]\n" 206" [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n"
208" [-O ctl_cmd] [-o option] [-p port]\n" 207" [-Q query_option] [-R address] [-S ctl_path] [-W host:port]\n"
209" [-Q cipher | cipher-auth | mac | kex | key]\n"
210" [-R address] [-S ctl_path] [-W host:port]\n"
211" [-w local_tun[:remote_tun]] [user@]hostname [command]\n" 208" [-w local_tun[:remote_tun]] [user@]hostname [command]\n"
212 ); 209 );
213 exit(255); 210 exit(255);
@@ -252,7 +249,7 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen)
252 if (port <= 0) 249 if (port <= 0)
253 port = default_ssh_port(); 250 port = default_ssh_port();
254 251
255 snprintf(strport, sizeof strport, "%u", port); 252 snprintf(strport, sizeof strport, "%d", port);
256 memset(&hints, 0, sizeof(hints)); 253 memset(&hints, 0, sizeof(hints));
257 hints.ai_family = options.address_family == -1 ? 254 hints.ai_family = options.address_family == -1 ?
258 AF_UNSPEC : options.address_family; 255 AF_UNSPEC : options.address_family;
@@ -406,6 +403,17 @@ resolve_canonicalize(char **hostp, int port)
406 return addrs; 403 return addrs;
407 } 404 }
408 405
406 /* If domain name is anchored, then resolve it now */
407 if ((*hostp)[strlen(*hostp) - 1] == '.') {
408 debug3("%s: name is fully qualified", __func__);
409 fullhost = xstrdup(*hostp);
410 if ((addrs = resolve_host(fullhost, port, 0,
411 newname, sizeof(newname))) != NULL)
412 goto found;
413 free(fullhost);
414 goto notfound;
415 }
416
409 /* Don't apply canonicalization to sufficiently-qualified hostnames */ 417 /* Don't apply canonicalization to sufficiently-qualified hostnames */
410 ndots = 0; 418 ndots = 0;
411 for (cp = *hostp; *cp != '\0'; cp++) { 419 for (cp = *hostp; *cp != '\0'; cp++) {
@@ -429,6 +437,7 @@ resolve_canonicalize(char **hostp, int port)
429 free(fullhost); 437 free(fullhost);
430 continue; 438 continue;
431 } 439 }
440 found:
432 /* Remove trailing '.' */ 441 /* Remove trailing '.' */
433 fullhost[strlen(fullhost) - 1] = '\0'; 442 fullhost[strlen(fullhost) - 1] = '\0';
434 /* Follow CNAME if requested */ 443 /* Follow CNAME if requested */
@@ -440,6 +449,7 @@ resolve_canonicalize(char **hostp, int port)
440 *hostp = fullhost; 449 *hostp = fullhost;
441 return addrs; 450 return addrs;
442 } 451 }
452 notfound:
443 if (!options.canonicalize_fallback_local) 453 if (!options.canonicalize_fallback_local)
444 fatal("%s: Could not resolve host \"%s\"", __progname, *hostp); 454 fatal("%s: Could not resolve host \"%s\"", __progname, *hostp);
445 debug2("%s: host %s not found in any suffix", __func__, *hostp); 455 debug2("%s: host %s not found in any suffix", __func__, *hostp);
@@ -506,7 +516,7 @@ main(int ac, char **av)
506 int i, r, opt, exit_status, use_syslog, config_test = 0; 516 int i, r, opt, exit_status, use_syslog, config_test = 0;
507 char *p, *cp, *line, *argv0, buf[PATH_MAX], *host_arg, *logfile; 517 char *p, *cp, *line, *argv0, buf[PATH_MAX], *host_arg, *logfile;
508 char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; 518 char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
509 char cname[NI_MAXHOST]; 519 char cname[NI_MAXHOST], uidstr[32], *conn_hash_hex;
510 struct stat st; 520 struct stat st;
511 struct passwd *pw; 521 struct passwd *pw;
512 int timeout_ms; 522 int timeout_ms;
@@ -516,8 +526,8 @@ main(int ac, char **av)
516 struct addrinfo *addrs = NULL; 526 struct addrinfo *addrs = NULL;
517 struct ssh_digest_ctx *md; 527 struct ssh_digest_ctx *md;
518 u_char conn_hash[SSH_DIGEST_MAX_LENGTH]; 528 u_char conn_hash[SSH_DIGEST_MAX_LENGTH];
519 char *conn_hash_hex;
520 529
530 ssh_malloc_init(); /* must be called before any mallocs */
521 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 531 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
522 sanitise_stdfd(); 532 sanitise_stdfd();
523 533
@@ -627,7 +637,7 @@ main(int ac, char **av)
627 use_syslog = 1; 637 use_syslog = 1;
628 break; 638 break;
629 case 'E': 639 case 'E':
630 logfile = xstrdup(optarg); 640 logfile = optarg;
631 break; 641 break;
632 case 'G': 642 case 'G':
633 config_test = 1; 643 config_test = 1;
@@ -704,16 +714,18 @@ main(int ac, char **av)
704 options.gss_deleg_creds = 1; 714 options.gss_deleg_creds = 1;
705 break; 715 break;
706 case 'i': 716 case 'i':
707 if (stat(optarg, &st) < 0) { 717 p = tilde_expand_filename(optarg, original_real_uid);
718 if (stat(p, &st) < 0)
708 fprintf(stderr, "Warning: Identity file %s " 719 fprintf(stderr, "Warning: Identity file %s "
709 "not accessible: %s.\n", optarg, 720 "not accessible: %s.\n", p,
710 strerror(errno)); 721 strerror(errno));
711 break; 722 else
712 } 723 add_identity_file(&options, NULL, p, 1);
713 add_identity_file(&options, NULL, optarg, 1); 724 free(p);
714 break; 725 break;
715 case 'I': 726 case 'I':
716#ifdef ENABLE_PKCS11 727#ifdef ENABLE_PKCS11
728 free(options.pkcs11_provider);
717 options.pkcs11_provider = xstrdup(optarg); 729 options.pkcs11_provider = xstrdup(optarg);
718#else 730#else
719 fprintf(stderr, "no support for PKCS#11.\n"); 731 fprintf(stderr, "no support for PKCS#11.\n");
@@ -798,6 +810,7 @@ main(int ac, char **av)
798 if (ciphers_valid(*optarg == '+' ? 810 if (ciphers_valid(*optarg == '+' ?
799 optarg + 1 : optarg)) { 811 optarg + 1 : optarg)) {
800 /* SSH2 only */ 812 /* SSH2 only */
813 free(options.ciphers);
801 options.ciphers = xstrdup(optarg); 814 options.ciphers = xstrdup(optarg);
802 options.cipher = SSH_CIPHER_INVALID; 815 options.cipher = SSH_CIPHER_INVALID;
803 break; 816 break;
@@ -817,9 +830,10 @@ main(int ac, char **av)
817 options.ciphers = xstrdup(KEX_CLIENT_ENCRYPT); 830 options.ciphers = xstrdup(KEX_CLIENT_ENCRYPT);
818 break; 831 break;
819 case 'm': 832 case 'm':
820 if (mac_valid(optarg)) 833 if (mac_valid(optarg)) {
834 free(options.macs);
821 options.macs = xstrdup(optarg); 835 options.macs = xstrdup(optarg);
822 else { 836 } else {
823 fprintf(stderr, "Unknown mac type '%s'\n", 837 fprintf(stderr, "Unknown mac type '%s'\n",
824 optarg); 838 optarg);
825 exit(255); 839 exit(255);
@@ -897,8 +911,7 @@ main(int ac, char **av)
897 subsystem_flag = 1; 911 subsystem_flag = 1;
898 break; 912 break;
899 case 'S': 913 case 'S':
900 if (options.control_path != NULL) 914 free(options.control_path);
901 free(options.control_path);
902 options.control_path = xstrdup(optarg); 915 options.control_path = xstrdup(optarg);
903 break; 916 break;
904 case 'b': 917 case 'b':
@@ -980,10 +993,8 @@ main(int ac, char **av)
980 */ 993 */
981 if (use_syslog && logfile != NULL) 994 if (use_syslog && logfile != NULL)
982 fatal("Can't specify both -y and -E"); 995 fatal("Can't specify both -y and -E");
983 if (logfile != NULL) { 996 if (logfile != NULL)
984 log_redirect_stderr_to(logfile); 997 log_redirect_stderr_to(logfile);
985 free(logfile);
986 }
987 log_init(argv0, 998 log_init(argv0,
988 options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level, 999 options.log_level == -1 ? SYSLOG_LEVEL_INFO : options.log_level,
989 SYSLOG_FACILITY_USER, !use_syslog); 1000 SYSLOG_FACILITY_USER, !use_syslog);
@@ -1084,6 +1095,8 @@ main(int ac, char **av)
1084 "disabling"); 1095 "disabling");
1085 options.update_hostkeys = 0; 1096 options.update_hostkeys = 0;
1086 } 1097 }
1098 if (options.connection_attempts <= 0)
1099 fatal("Invalid number of ConnectionAttempts");
1087#ifndef HAVE_CYGWIN 1100#ifndef HAVE_CYGWIN
1088 if (original_effective_uid != 0) 1101 if (original_effective_uid != 0)
1089 options.use_privileged_port = 0; 1102 options.use_privileged_port = 0;
@@ -1122,6 +1135,7 @@ main(int ac, char **av)
1122 strlcpy(shorthost, thishost, sizeof(shorthost)); 1135 strlcpy(shorthost, thishost, sizeof(shorthost));
1123 shorthost[strcspn(thishost, ".")] = '\0'; 1136 shorthost[strcspn(thishost, ".")] = '\0';
1124 snprintf(portstr, sizeof(portstr), "%d", options.port); 1137 snprintf(portstr, sizeof(portstr), "%d", options.port);
1138 snprintf(uidstr, sizeof(uidstr), "%d", pw->pw_uid);
1125 1139
1126 if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL || 1140 if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL ||
1127 ssh_digest_update(md, thishost, strlen(thishost)) < 0 || 1141 ssh_digest_update(md, thishost, strlen(thishost)) < 0 ||
@@ -1164,6 +1178,7 @@ main(int ac, char **av)
1164 "p", portstr, 1178 "p", portstr,
1165 "r", options.user, 1179 "r", options.user,
1166 "u", pw->pw_name, 1180 "u", pw->pw_name,
1181 "i", uidstr,
1167 (char *)NULL); 1182 (char *)NULL);
1168 free(cp); 1183 free(cp);
1169 } 1184 }
@@ -1184,6 +1199,7 @@ main(int ac, char **av)
1184 * have yet resolved the hostname. Do so now. 1199 * have yet resolved the hostname. Do so now.
1185 */ 1200 */
1186 if (addrs == NULL && options.proxy_command == NULL) { 1201 if (addrs == NULL && options.proxy_command == NULL) {
1202 debug2("resolving \"%s\" port %d", host, options.port);
1187 if ((addrs = resolve_host(host, options.port, 1, 1203 if ((addrs = resolve_host(host, options.port, 1,
1188 cname, sizeof(cname))) == NULL) 1204 cname, sizeof(cname))) == NULL)
1189 cleanup_exit(255); /* resolve_host logs the error */ 1205 cleanup_exit(255); /* resolve_host logs the error */
@@ -1227,8 +1243,10 @@ main(int ac, char **av)
1227 sensitive_data.keys[i] = NULL; 1243 sensitive_data.keys[i] = NULL;
1228 1244
1229 PRIV_START; 1245 PRIV_START;
1246#if WITH_SSH1
1230 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, 1247 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
1231 _PATH_HOST_KEY_FILE, "", NULL, NULL); 1248 _PATH_HOST_KEY_FILE, "", NULL, NULL);
1249#endif
1232#ifdef OPENSSL_HAS_ECC 1250#ifdef OPENSSL_HAS_ECC
1233 sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, 1251 sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,
1234 _PATH_HOST_ECDSA_KEY_FILE, "", NULL); 1252 _PATH_HOST_ECDSA_KEY_FILE, "", NULL);
@@ -1353,6 +1371,10 @@ main(int ac, char **av)
1353 options.identity_keys[i] = NULL; 1371 options.identity_keys[i] = NULL;
1354 } 1372 }
1355 } 1373 }
1374 for (i = 0; i < options.num_certificate_files; i++) {
1375 free(options.certificate_files[i]);
1376 options.certificate_files[i] = NULL;
1377 }
1356 1378
1357 exit_status = compat20 ? ssh_session2() : ssh_session(); 1379 exit_status = compat20 ? ssh_session2() : ssh_session();
1358 packet_close(); 1380 packet_close();
@@ -1604,6 +1626,7 @@ ssh_session(void)
1604 struct winsize ws; 1626 struct winsize ws;
1605 char *cp; 1627 char *cp;
1606 const char *display; 1628 const char *display;
1629 char *proto = NULL, *data = NULL;
1607 1630
1608 /* Enable compression if requested. */ 1631 /* Enable compression if requested. */
1609 if (options.compression) { 1632 if (options.compression) {
@@ -1674,13 +1697,9 @@ ssh_session(void)
1674 display = getenv("DISPLAY"); 1697 display = getenv("DISPLAY");
1675 if (display == NULL && options.forward_x11) 1698 if (display == NULL && options.forward_x11)
1676 debug("X11 forwarding requested but DISPLAY not set"); 1699 debug("X11 forwarding requested but DISPLAY not set");
1677 if (options.forward_x11 && display != NULL) { 1700 if (options.forward_x11 && client_x11_get_proto(display,
1678 char *proto, *data; 1701 options.xauth_location, options.forward_x11_trusted,
1679 /* Get reasonable local authentication information. */ 1702 options.forward_x11_timeout, &proto, &data) == 0) {
1680 client_x11_get_proto(display, options.xauth_location,
1681 options.forward_x11_trusted,
1682 options.forward_x11_timeout,
1683 &proto, &data);
1684 /* Request forwarding with authentication spoofing. */ 1703 /* Request forwarding with authentication spoofing. */
1685 debug("Requesting X11 forwarding with authentication " 1704 debug("Requesting X11 forwarding with authentication "
1686 "spoofing."); 1705 "spoofing.");
@@ -1770,6 +1789,7 @@ ssh_session2_setup(int id, int success, void *arg)
1770 extern char **environ; 1789 extern char **environ;
1771 const char *display; 1790 const char *display;
1772 int interactive = tty_flag; 1791 int interactive = tty_flag;
1792 char *proto = NULL, *data = NULL;
1773 1793
1774 if (!success) 1794 if (!success)
1775 return; /* No need for error message, channels code sens one */ 1795 return; /* No need for error message, channels code sens one */
@@ -1777,12 +1797,9 @@ ssh_session2_setup(int id, int success, void *arg)
1777 display = getenv("DISPLAY"); 1797 display = getenv("DISPLAY");
1778 if (display == NULL && options.forward_x11) 1798 if (display == NULL && options.forward_x11)
1779 debug("X11 forwarding requested but DISPLAY not set"); 1799 debug("X11 forwarding requested but DISPLAY not set");
1780 if (options.forward_x11 && display != NULL) { 1800 if (options.forward_x11 && client_x11_get_proto(display,
1781 char *proto, *data; 1801 options.xauth_location, options.forward_x11_trusted,
1782 /* Get reasonable local authentication information. */ 1802 options.forward_x11_timeout, &proto, &data) == 0) {
1783 client_x11_get_proto(display, options.xauth_location,
1784 options.forward_x11_trusted,
1785 options.forward_x11_timeout, &proto, &data);
1786 /* Request forwarding with authentication spoofing. */ 1803 /* Request forwarding with authentication spoofing. */
1787 debug("Requesting X11 forwarding with authentication " 1804 debug("Requesting X11 forwarding with authentication "
1788 "spoofing."); 1805 "spoofing.");
@@ -1936,25 +1953,30 @@ ssh_session2(void)
1936 options.escape_char : SSH_ESCAPECHAR_NONE, id); 1953 options.escape_char : SSH_ESCAPECHAR_NONE, id);
1937} 1954}
1938 1955
1956/* Loads all IdentityFile and CertificateFile keys */
1939static void 1957static void
1940load_public_identity_files(void) 1958load_public_identity_files(void)
1941{ 1959{
1942 char *filename, *cp, thishost[NI_MAXHOST]; 1960 char *filename, *cp, thishost[NI_MAXHOST];
1943 char *pwdir = NULL, *pwname = NULL; 1961 char *pwdir = NULL, *pwname = NULL;
1944 int i = 0;
1945 Key *public; 1962 Key *public;
1946 struct passwd *pw; 1963 struct passwd *pw;
1947 u_int n_ids; 1964 int i;
1965 u_int n_ids, n_certs;
1948 char *identity_files[SSH_MAX_IDENTITY_FILES]; 1966 char *identity_files[SSH_MAX_IDENTITY_FILES];
1949 Key *identity_keys[SSH_MAX_IDENTITY_FILES]; 1967 Key *identity_keys[SSH_MAX_IDENTITY_FILES];
1968 char *certificate_files[SSH_MAX_CERTIFICATE_FILES];
1969 struct sshkey *certificates[SSH_MAX_CERTIFICATE_FILES];
1950#ifdef ENABLE_PKCS11 1970#ifdef ENABLE_PKCS11
1951 Key **keys; 1971 Key **keys;
1952 int nkeys; 1972 int nkeys;
1953#endif /* PKCS11 */ 1973#endif /* PKCS11 */
1954 1974
1955 n_ids = 0; 1975 n_ids = n_certs = 0;
1956 memset(identity_files, 0, sizeof(identity_files)); 1976 memset(identity_files, 0, sizeof(identity_files));
1957 memset(identity_keys, 0, sizeof(identity_keys)); 1977 memset(identity_keys, 0, sizeof(identity_keys));
1978 memset(certificate_files, 0, sizeof(certificate_files));
1979 memset(certificates, 0, sizeof(certificates));
1958 1980
1959#ifdef ENABLE_PKCS11 1981#ifdef ENABLE_PKCS11
1960 if (options.pkcs11_provider != NULL && 1982 if (options.pkcs11_provider != NULL &&
@@ -1986,6 +2008,7 @@ load_public_identity_files(void)
1986 if (n_ids >= SSH_MAX_IDENTITY_FILES || 2008 if (n_ids >= SSH_MAX_IDENTITY_FILES ||
1987 strcasecmp(options.identity_files[i], "none") == 0) { 2009 strcasecmp(options.identity_files[i], "none") == 0) {
1988 free(options.identity_files[i]); 2010 free(options.identity_files[i]);
2011 options.identity_files[i] = NULL;
1989 continue; 2012 continue;
1990 } 2013 }
1991 cp = tilde_expand_filename(options.identity_files[i], 2014 cp = tilde_expand_filename(options.identity_files[i],
@@ -2004,7 +2027,12 @@ load_public_identity_files(void)
2004 if (++n_ids >= SSH_MAX_IDENTITY_FILES) 2027 if (++n_ids >= SSH_MAX_IDENTITY_FILES)
2005 continue; 2028 continue;
2006 2029
2007 /* Try to add the certificate variant too */ 2030 /*
2031 * If no certificates have been explicitly listed then try
2032 * to add the default certificate variant too.
2033 */
2034 if (options.num_certificate_files != 0)
2035 continue;
2008 xasprintf(&cp, "%s-cert", filename); 2036 xasprintf(&cp, "%s-cert", filename);
2009 public = key_load_public(cp, NULL); 2037 public = key_load_public(cp, NULL);
2010 debug("identity file %s type %d", cp, 2038 debug("identity file %s type %d", cp,
@@ -2021,14 +2049,50 @@ load_public_identity_files(void)
2021 continue; 2049 continue;
2022 } 2050 }
2023 identity_keys[n_ids] = public; 2051 identity_keys[n_ids] = public;
2024 /* point to the original path, most likely the private key */ 2052 identity_files[n_ids] = cp;
2025 identity_files[n_ids] = xstrdup(filename);
2026 n_ids++; 2053 n_ids++;
2027 } 2054 }
2055
2056 if (options.num_certificate_files > SSH_MAX_CERTIFICATE_FILES)
2057 fatal("%s: too many certificates", __func__);
2058 for (i = 0; i < options.num_certificate_files; i++) {
2059 cp = tilde_expand_filename(options.certificate_files[i],
2060 original_real_uid);
2061 filename = percent_expand(cp, "d", pwdir,
2062 "u", pwname, "l", thishost, "h", host,
2063 "r", options.user, (char *)NULL);
2064 free(cp);
2065
2066 public = key_load_public(filename, NULL);
2067 debug("certificate file %s type %d", filename,
2068 public ? public->type : -1);
2069 free(options.certificate_files[i]);
2070 options.certificate_files[i] = NULL;
2071 if (public == NULL) {
2072 free(filename);
2073 continue;
2074 }
2075 if (!key_is_cert(public)) {
2076 debug("%s: key %s type %s is not a certificate",
2077 __func__, filename, key_type(public));
2078 key_free(public);
2079 free(filename);
2080 continue;
2081 }
2082 certificate_files[n_certs] = filename;
2083 certificates[n_certs] = public;
2084 ++n_certs;
2085 }
2086
2028 options.num_identity_files = n_ids; 2087 options.num_identity_files = n_ids;
2029 memcpy(options.identity_files, identity_files, sizeof(identity_files)); 2088 memcpy(options.identity_files, identity_files, sizeof(identity_files));
2030 memcpy(options.identity_keys, identity_keys, sizeof(identity_keys)); 2089 memcpy(options.identity_keys, identity_keys, sizeof(identity_keys));
2031 2090
2091 options.num_certificate_files = n_certs;
2092 memcpy(options.certificate_files,
2093 certificate_files, sizeof(certificate_files));
2094 memcpy(options.certificates, certificates, sizeof(certificates));
2095
2032 explicit_bzero(pwname, strlen(pwname)); 2096 explicit_bzero(pwname, strlen(pwname));
2033 free(pwname); 2097 free(pwname);
2034 explicit_bzero(pwdir, strlen(pwdir)); 2098 explicit_bzero(pwdir, strlen(pwdir));
diff --git a/ssh.h b/ssh.h
index 39c7e18af..50467a792 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.h,v 1.81 2015/08/04 05:23:06 djm Exp $ */ 1/* $OpenBSD: ssh.h,v 1.83 2015/12/11 03:19:09 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -19,6 +19,12 @@
19#define SSH_DEFAULT_PORT 22 19#define SSH_DEFAULT_PORT 22
20 20
21/* 21/*
22 * Maximum number of certificate files that can be specified
23 * in configuration files or on the command line.
24 */
25#define SSH_MAX_CERTIFICATE_FILES 100
26
27/*
22 * Maximum number of RSA authentication identity files that can be specified 28 * Maximum number of RSA authentication identity files that can be specified
23 * in configuration files or on the command line. 29 * in configuration files or on the command line.
24 */ 30 */
@@ -29,7 +35,7 @@
29 * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with 35 * Current value permits 16kbit RSA and RSA1 keys and 8kbit DSA keys, with
30 * some room for options and comments. 36 * some room for options and comments.
31 */ 37 */
32#define SSH_MAX_PUBKEY_BYTES 8192 38#define SSH_MAX_PUBKEY_BYTES 16384
33 39
34/* 40/*
35 * Major protocol version. Different version indicates major incompatibility 41 * Major protocol version. Different version indicates major incompatibility
diff --git a/ssh2.h b/ssh2.h
index 59417e612..5d1918bf8 100644
--- a/ssh2.h
+++ b/ssh2.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh2.h,v 1.15 2014/01/29 06:18:35 djm Exp $ */ 1/* $OpenBSD: ssh2.h,v 1.17 2016/01/14 16:17:40 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -80,6 +80,7 @@
80#define SSH2_MSG_DEBUG 4 80#define SSH2_MSG_DEBUG 4
81#define SSH2_MSG_SERVICE_REQUEST 5 81#define SSH2_MSG_SERVICE_REQUEST 5
82#define SSH2_MSG_SERVICE_ACCEPT 6 82#define SSH2_MSG_SERVICE_ACCEPT 6
83#define SSH2_MSG_EXT_INFO 7
83 84
84/* transport layer: alg negotiation */ 85/* transport layer: alg negotiation */
85 86
@@ -164,13 +165,6 @@
164 165
165#define SSH2_EXTENDED_DATA_STDERR 1 166#define SSH2_EXTENDED_DATA_STDERR 1
166 167
167/* kex messages for resume@appgate.com */
168#define SSH2_MSG_KEX_ROAMING_RESUME 30
169#define SSH2_MSG_KEX_ROAMING_AUTH_REQUIRED 31
170#define SSH2_MSG_KEX_ROAMING_AUTH 32
171#define SSH2_MSG_KEX_ROAMING_AUTH_OK 33
172#define SSH2_MSG_KEX_ROAMING_AUTH_FAIL 34
173
174/* Certificate types for OpenSSH certificate keys extension */ 168/* Certificate types for OpenSSH certificate keys extension */
175#define SSH2_CERT_TYPE_USER 1 169#define SSH2_CERT_TYPE_USER 1
176#define SSH2_CERT_TYPE_HOST 2 170#define SSH2_CERT_TYPE_HOST 2
diff --git a/ssh_api.c b/ssh_api.c
index 6c712584f..f544f006b 100644
--- a/ssh_api.c
+++ b/ssh_api.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh_api.c,v 1.4 2015/02/16 22:13:32 djm Exp $ */ 1/* $OpenBSD: ssh_api.c,v 1.5 2015/12/04 16:41:28 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2012 Markus Friedl. All rights reserved. 3 * Copyright (c) 2012 Markus Friedl. All rights reserved.
4 * 4 *
@@ -40,8 +40,8 @@ int _ssh_order_hostkeyalgs(struct ssh *);
40int _ssh_verify_host_key(struct sshkey *, struct ssh *); 40int _ssh_verify_host_key(struct sshkey *, struct ssh *);
41struct sshkey *_ssh_host_public_key(int, int, struct ssh *); 41struct sshkey *_ssh_host_public_key(int, int, struct ssh *);
42struct sshkey *_ssh_host_private_key(int, int, struct ssh *); 42struct sshkey *_ssh_host_private_key(int, int, struct ssh *);
43int _ssh_host_key_sign(struct sshkey *, struct sshkey *, u_char **, 43int _ssh_host_key_sign(struct sshkey *, struct sshkey *,
44 size_t *, const u_char *, size_t, u_int); 44 u_char **, size_t *, const u_char *, size_t, const char *, u_int);
45 45
46/* 46/*
47 * stubs for the server side implementation of kex. 47 * stubs for the server side implementation of kex.
@@ -49,7 +49,7 @@ int _ssh_host_key_sign(struct sshkey *, struct sshkey *, u_char **,
49 */ 49 */
50int use_privsep = 0; 50int use_privsep = 0;
51int mm_sshkey_sign(struct sshkey *, u_char **, u_int *, 51int mm_sshkey_sign(struct sshkey *, u_char **, u_int *,
52 u_char *, u_int, u_int); 52 u_char *, u_int, char *, u_int);
53DH *mm_choose_dh(int, int, int); 53DH *mm_choose_dh(int, int, int);
54 54
55/* Define these two variables here so that they are part of the library */ 55/* Define these two variables here so that they are part of the library */
@@ -58,7 +58,7 @@ u_int session_id2_len = 0;
58 58
59int 59int
60mm_sshkey_sign(struct sshkey *key, u_char **sigp, u_int *lenp, 60mm_sshkey_sign(struct sshkey *key, u_char **sigp, u_int *lenp,
61 u_char *data, u_int datalen, u_int compat) 61 u_char *data, u_int datalen, char *alg, u_int compat)
62{ 62{
63 return (-1); 63 return (-1);
64} 64}
@@ -530,8 +530,8 @@ _ssh_order_hostkeyalgs(struct ssh *ssh)
530 530
531int 531int
532_ssh_host_key_sign(struct sshkey *privkey, struct sshkey *pubkey, 532_ssh_host_key_sign(struct sshkey *privkey, struct sshkey *pubkey,
533 u_char **signature, size_t *slen, 533 u_char **signature, size_t *slen, const u_char *data, size_t dlen,
534 const u_char *data, size_t dlen, u_int compat) 534 const char *alg, u_int compat)
535{ 535{
536 return sshkey_sign(privkey, signature, slen, data, dlen, compat); 536 return sshkey_sign(privkey, signature, slen, data, dlen, alg, compat);
537} 537}
diff --git a/ssh_config b/ssh_config
index 03a228fbd..90fb63f0b 100644
--- a/ssh_config
+++ b/ssh_config
@@ -1,4 +1,4 @@
1# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $ 1# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $
2 2
3# This is the ssh client system-wide configuration file. See 3# This is the ssh client system-wide configuration file. See
4# ssh_config(5) for more information. This file provides defaults for 4# ssh_config(5) for more information. This file provides defaults for
@@ -34,8 +34,10 @@
34# IdentityFile ~/.ssh/identity 34# IdentityFile ~/.ssh/identity
35# IdentityFile ~/.ssh/id_rsa 35# IdentityFile ~/.ssh/id_rsa
36# IdentityFile ~/.ssh/id_dsa 36# IdentityFile ~/.ssh/id_dsa
37# IdentityFile ~/.ssh/id_ecdsa
38# IdentityFile ~/.ssh/id_ed25519
37# Port 22 39# Port 22
38# Protocol 2,1 40# Protocol 2
39# Cipher 3des 41# Cipher 3des
40# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc 42# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
41# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 43# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
diff --git a/ssh_config.0 b/ssh_config.0
index 67133cd4d..b823c021c 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -59,7 +59,7 @@ DESCRIPTION
59 Match Restricts the following declarations (up to the next Host or 59 Match Restricts the following declarations (up to the next Host or
60 Match keyword) to be used only when the conditions following the 60 Match keyword) to be used only when the conditions following the
61 Match keyword are satisfied. Match conditions are specified 61 Match keyword are satisfied. Match conditions are specified
62 using one or more critera or the single token all which always 62 using one or more criteria or the single token all which always
63 matches. The available criteria keywords are: canonical, exec, 63 matches. The available criteria keywords are: canonical, exec,
64 host, originalhost, user, and localuser. The all criteria must 64 host, originalhost, user, and localuser. The all criteria must
65 appear alone or immediately after canonical. Other criteria may 65 appear alone or immediately after canonical. Other criteria may
@@ -94,10 +94,23 @@ DESCRIPTION
94 matches against the name of the local user running ssh(1) (this 94 matches against the name of the local user running ssh(1) (this
95 keyword may be useful in system-wide ssh_config files). 95 keyword may be useful in system-wide ssh_config files).
96 96
97 AddKeysToAgent
98 Specifies whether keys should be automatically added to a running
99 ssh-agent(1). If this option is set to M-bM-^@M-^\yesM-bM-^@M-^] and a key is loaded
100 from a file, the key and its passphrase are added to the agent
101 with the default lifetime, as if by ssh-add(1). If this option
102 is set to M-bM-^@M-^\askM-bM-^@M-^], ssh will require confirmation using the
103 SSH_ASKPASS program before adding a key (see ssh-add(1) for
104 details). If this option is set to M-bM-^@M-^\confirmM-bM-^@M-^], each use of the
105 key must be confirmed, as if the -c option was specified to
106 ssh-add(1). If this option is set to M-bM-^@M-^\noM-bM-^@M-^], no keys are added to
107 the agent. The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\confirmM-bM-^@M-^], M-bM-^@M-^\askM-bM-^@M-^], or
108 M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^].
109
97 AddressFamily 110 AddressFamily
98 Specifies which address family to use when connecting. Valid 111 Specifies which address family to use when connecting. Valid
99 arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (use IPv4 only), or M-bM-^@M-^\inet6M-bM-^@M-^] (use IPv6 112 arguments are M-bM-^@M-^\anyM-bM-^@M-^], M-bM-^@M-^\inetM-bM-^@M-^] (use IPv4 only), or M-bM-^@M-^\inet6M-bM-^@M-^] (use IPv6
100 only). 113 only). The default is M-bM-^@M-^\anyM-bM-^@M-^].
101 114
102 BatchMode 115 BatchMode
103 If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled. 116 If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled.
@@ -157,6 +170,22 @@ DESCRIPTION
157 canonicalized to names in the M-bM-^@M-^\*.b.example.comM-bM-^@M-^] or 170 canonicalized to names in the M-bM-^@M-^\*.b.example.comM-bM-^@M-^] or
158 M-bM-^@M-^\*.c.example.comM-bM-^@M-^] domains. 171 M-bM-^@M-^\*.c.example.comM-bM-^@M-^] domains.
159 172
173 CertificateFile
174 Specifies a file from which the user's certificate is read. A
175 corresponding private key must be provided separately in order to
176 use this certificate either from an IdentityFile directive or -i
177 flag to ssh(1), via ssh-agent(1), or via a PKCS11Provider.
178
179 The file name may use the tilde syntax to refer to a user's home
180 directory or one of the following escape characters: M-bM-^@M-^X%dM-bM-^@M-^Y (local
181 user's home directory), M-bM-^@M-^X%uM-bM-^@M-^Y (local user name), M-bM-^@M-^X%lM-bM-^@M-^Y (local host
182 name), M-bM-^@M-^X%hM-bM-^@M-^Y (remote host name) or M-bM-^@M-^X%rM-bM-^@M-^Y (remote user name).
183
184 It is possible to have multiple certificate files specified in
185 configuration files; these certificates will be tried in
186 sequence. Multiple CertificateFile directives will add to the
187 list of certificates used for authentication.
188
160 ChallengeResponseAuthentication 189 ChallengeResponseAuthentication
161 Specifies whether to use challenge-response authentication. The 190 Specifies whether to use challenge-response authentication. The
162 argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is 191 argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is
@@ -208,9 +237,7 @@ DESCRIPTION
208 chacha20-poly1305@openssh.com, 237 chacha20-poly1305@openssh.com,
209 aes128-ctr,aes192-ctr,aes256-ctr, 238 aes128-ctr,aes192-ctr,aes256-ctr,
210 aes128-gcm@openssh.com,aes256-gcm@openssh.com, 239 aes128-gcm@openssh.com,aes256-gcm@openssh.com,
211 arcfour256,arcfour128, 240 aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
212 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
213 aes192-cbc,aes256-cbc,arcfour
214 241
215 The list of available ciphers may also be obtained using the -Q 242 The list of available ciphers may also be obtained using the -Q
216 option of ssh(1) with an argument of M-bM-^@M-^\cipherM-bM-^@M-^]. 243 option of ssh(1) with an argument of M-bM-^@M-^\cipherM-bM-^@M-^].
@@ -282,13 +309,13 @@ DESCRIPTION
282 any domain name), M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the target host 309 any domain name), M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the target host
283 name, M-bM-^@M-^X%nM-bM-^@M-^Y will be substituted by the original target host name 310 name, M-bM-^@M-^X%nM-bM-^@M-^Y will be substituted by the original target host name
284 specified on the command line, M-bM-^@M-^X%pM-bM-^@M-^Y the destination port, M-bM-^@M-^X%rM-bM-^@M-^Y by 311 specified on the command line, M-bM-^@M-^X%pM-bM-^@M-^Y the destination port, M-bM-^@M-^X%rM-bM-^@M-^Y by
285 the remote login username, M-bM-^@M-^X%uM-bM-^@M-^Y by the username of the user 312 the remote login username, M-bM-^@M-^X%uM-bM-^@M-^Y by the username and M-bM-^@M-^X%iM-bM-^@M-^Y by the
286 running ssh(1), and M-bM-^@M-^X%CM-bM-^@M-^Y by a hash of the concatenation: 313 numeric user ID (uid) of the user running ssh(1), and M-bM-^@M-^X%CM-bM-^@M-^Y by a
287 %l%h%p%r. It is recommended that any ControlPath used for 314 hash of the concatenation: %l%h%p%r. It is recommended that any
288 opportunistic connection sharing include at least %h, %p, and %r 315 ControlPath used for opportunistic connection sharing include at
289 (or alternatively %C) and be placed in a directory that is not 316 least %h, %p, and %r (or alternatively %C) and be placed in a
290 writable by other users. This ensures that shared connections 317 directory that is not writable by other users. This ensures that
291 are uniquely identified. 318 shared connections are uniquely identified.
292 319
293 ControlPersist 320 ControlPersist
294 When used in conjunction with ControlMaster, specifies that the 321 When used in conjunction with ControlMaster, specifies that the
@@ -342,8 +369,12 @@ DESCRIPTION
342 ExitOnForwardFailure 369 ExitOnForwardFailure
343 Specifies whether ssh(1) should terminate the connection if it 370 Specifies whether ssh(1) should terminate the connection if it
344 cannot set up all requested dynamic, tunnel, local, and remote 371 cannot set up all requested dynamic, tunnel, local, and remote
345 port forwardings. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The 372 port forwardings, (e.g. if either end is unable to bind and
346 default is M-bM-^@M-^\noM-bM-^@M-^]. 373 listen on a specified port). Note that ExitOnForwardFailure does
374 not apply to connections made over port forwardings and will not,
375 for example, cause ssh(1) to exit if TCP connections to the
376 ultimate forwarding destination fail. The argument must be M-bM-^@M-^\yesM-bM-^@M-^]
377 or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\noM-bM-^@M-^].
347 378
348 FingerprintHash 379 FingerprintHash
349 Specifies the hash algorithm used when displaying key 380 Specifies the hash algorithm used when displaying key
@@ -415,12 +446,11 @@ DESCRIPTION
415 446
416 GSSAPIAuthentication 447 GSSAPIAuthentication
417 Specifies whether user authentication based on GSSAPI is allowed. 448 Specifies whether user authentication based on GSSAPI is allowed.
418 The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol 449 The default is M-bM-^@M-^\noM-bM-^@M-^].
419 version 2 only.
420 450
421 GSSAPIDelegateCredentials 451 GSSAPIDelegateCredentials
422 Forward (delegate) credentials to the server. The default is 452 Forward (delegate) credentials to the server. The default is
423 M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol version 2 only. 453 M-bM-^@M-^\noM-bM-^@M-^].
424 454
425 HashKnownHosts 455 HashKnownHosts
426 Indicates that ssh(1) should hash host names and addresses when 456 Indicates that ssh(1) should hash host names and addresses when
@@ -434,8 +464,7 @@ DESCRIPTION
434 HostbasedAuthentication 464 HostbasedAuthentication
435 Specifies whether to try rhosts based authentication with public 465 Specifies whether to try rhosts based authentication with public
436 key authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The 466 key authentication. The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The
437 default is M-bM-^@M-^\noM-bM-^@M-^]. This option applies to protocol version 2 only 467 default is M-bM-^@M-^\noM-bM-^@M-^].
438 and is similar to RhostsRSAAuthentication.
439 468
440 HostbasedKeyTypes 469 HostbasedKeyTypes
441 Specifies the key types that will be used for hostbased 470 Specifies the key types that will be used for hostbased
@@ -455,11 +484,11 @@ DESCRIPTION
455 The -Q option of ssh(1) may be used to list supported key types. 484 The -Q option of ssh(1) may be used to list supported key types.
456 485
457 HostKeyAlgorithms 486 HostKeyAlgorithms
458 Specifies the protocol version 2 host key algorithms that the 487 Specifies the host key algorithms that the client wants to use in
459 client wants to use in order of preference. Alternately if the 488 order of preference. Alternately if the specified value begins
460 specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified 489 with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified key types will be
461 key types will be appended to the default set instead of 490 appended to the default set instead of replacing them. The
462 replacing them. The default for this option is: 491 default for this option is:
463 492
464 ecdsa-sha2-nistp256-cert-v01@openssh.com, 493 ecdsa-sha2-nistp256-cert-v01@openssh.com,
465 ecdsa-sha2-nistp384-cert-v01@openssh.com, 494 ecdsa-sha2-nistp384-cert-v01@openssh.com,
@@ -496,8 +525,9 @@ DESCRIPTION
496 525
497 IdentitiesOnly 526 IdentitiesOnly
498 Specifies that ssh(1) should only use the authentication identity 527 Specifies that ssh(1) should only use the authentication identity
499 files configured in the ssh_config files, even if ssh-agent(1) or 528 and certificate files explicitly configured in the ssh_config
500 a PKCS11Provider offers more identities. The argument to this 529 files or passed on the ssh(1) command-line, even if ssh-agent(1)
530 or a PKCS11Provider offers more identities. The argument to this
501 keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. This option is intended for 531 keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. This option is intended for
502 situations where ssh-agent offers many different identities. The 532 situations where ssh-agent offers many different identities. The
503 default is M-bM-^@M-^\noM-bM-^@M-^]. 533 default is M-bM-^@M-^\noM-bM-^@M-^].
@@ -509,9 +539,10 @@ DESCRIPTION
509 ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2. 539 ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
510 Additionally, any identities represented by the authentication 540 Additionally, any identities represented by the authentication
511 agent will be used for authentication unless IdentitiesOnly is 541 agent will be used for authentication unless IdentitiesOnly is
512 set. ssh(1) will try to load certificate information from the 542 set. If no certificates have been explicitly specified by
513 filename obtained by appending -cert.pub to the path of a 543 CertificateFile, ssh(1) will try to load certificate information
514 specified IdentityFile. 544 from the filename obtained by appending -cert.pub to the path of
545 a specified IdentityFile.
515 546
516 The file name may use the tilde syntax to refer to a user's home 547 The file name may use the tilde syntax to refer to a user's home
517 directory or one of the following escape characters: M-bM-^@M-^X%dM-bM-^@M-^Y (local 548 directory or one of the following escape characters: M-bM-^@M-^X%dM-bM-^@M-^Y (local
@@ -526,7 +557,9 @@ DESCRIPTION
526 557
527 IdentityFile may be used in conjunction with IdentitiesOnly to 558 IdentityFile may be used in conjunction with IdentitiesOnly to
528 select which identities in an agent are offered during 559 select which identities in an agent are offered during
529 authentication. 560 authentication. IdentityFile may also be used in conjunction
561 with CertificateFile in order to provide any certificate also
562 needed for authentication with the identity.
530 563
531 IgnoreUnknown 564 IgnoreUnknown
532 Specifies a pattern-list of unknown options to be ignored if they 565 Specifies a pattern-list of unknown options to be ignored if they
@@ -620,11 +653,11 @@ DESCRIPTION
620 higher levels of verbose output. 653 higher levels of verbose output.
621 654
622 MACs Specifies the MAC (message authentication code) algorithms in 655 MACs Specifies the MAC (message authentication code) algorithms in
623 order of preference. The MAC algorithm is used in protocol 656 order of preference. The MAC algorithm is used for data
624 version 2 for data integrity protection. Multiple algorithms 657 integrity protection. Multiple algorithms must be comma-
625 must be comma-separated. If the specified value begins with a 658 separated. If the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character,
626 M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified algorithms will be appended to 659 then the specified algorithms will be appended to the default set
627 the default set instead of replacing them. 660 instead of replacing them.
628 661
629 The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after 662 The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after
630 encryption (encrypt-then-mac). These are considered safer and 663 encryption (encrypt-then-mac). These are considered safer and
@@ -634,13 +667,9 @@ DESCRIPTION
634 667
635 umac-64-etm@openssh.com,umac-128-etm@openssh.com, 668 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
636 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 669 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
670 hmac-sha1-etm@openssh.com,
637 umac-64@openssh.com,umac-128@openssh.com, 671 umac-64@openssh.com,umac-128@openssh.com,
638 hmac-sha2-256,hmac-sha2-512, 672 hmac-sha2-256,hmac-sha2-512,hmac-sha1
639 hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,
640 hmac-ripemd160-etm@openssh.com,
641 hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,
642 hmac-md5,hmac-sha1,hmac-ripemd160,
643 hmac-sha1-96,hmac-md5-96
644 673
645 The list of available MAC algorithms may also be obtained using 674 The list of available MAC algorithms may also be obtained using
646 the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^]. 675 the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^].
@@ -677,10 +706,10 @@ DESCRIPTION
677 default is 22. 706 default is 22.
678 707
679 PreferredAuthentications 708 PreferredAuthentications
680 Specifies the order in which the client should try protocol 2 709 Specifies the order in which the client should try authentication
681 authentication methods. This allows a client to prefer one 710 methods. This allows a client to prefer one method (e.g.
682 method (e.g. keyboard-interactive) over another method (e.g. 711 keyboard-interactive) over another method (e.g. password). The
683 password). The default is: 712 default is:
684 713
685 gssapi-with-mic,hostbased,publickey, 714 gssapi-with-mic,hostbased,publickey,
686 keyboard-interactive,password 715 keyboard-interactive,password
@@ -690,7 +719,9 @@ DESCRIPTION
690 preference. The possible values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y. Multiple 719 preference. The possible values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y. Multiple
691 versions must be comma-separated. When this option is set to 720 versions must be comma-separated. When this option is set to
692 M-bM-^@M-^\2,1M-bM-^@M-^] ssh will try version 2 and fall back to version 1 if 721 M-bM-^@M-^\2,1M-bM-^@M-^] ssh will try version 2 and fall back to version 1 if
693 version 2 is not available. The default is M-bM-^@M-^X2M-bM-^@M-^Y. 722 version 2 is not available. The default is M-bM-^@M-^X2M-bM-^@M-^Y. Protocol 1
723 suffers from a number of cryptographic weaknesses and should not
724 be used. It is only offered to support legacy devices.
694 725
695 ProxyCommand 726 ProxyCommand
696 Specifies the command to use to connect to the server. The 727 Specifies the command to use to connect to the server. The
@@ -740,7 +771,6 @@ DESCRIPTION
740 PubkeyAuthentication 771 PubkeyAuthentication
741 Specifies whether to try public key authentication. The argument 772 Specifies whether to try public key authentication. The argument
742 to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^]. 773 to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^]. The default is M-bM-^@M-^\yesM-bM-^@M-^].
743 This option applies to protocol version 2 only.
744 774
745 RekeyLimit 775 RekeyLimit
746 Specifies the maximum amount of data that may be transmitted 776 Specifies the maximum amount of data that may be transmitted
@@ -755,7 +785,6 @@ DESCRIPTION
755 default value for RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that 785 default value for RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that
756 rekeying is performed after the cipher's default amount of data 786 rekeying is performed after the cipher's default amount of data
757 has been sent or received and no time based rekeying is done. 787 has been sent or received and no time based rekeying is done.
758 This option applies to protocol version 2 only.
759 788
760 RemoteForward 789 RemoteForward
761 Specifies that a TCP port on the remote machine be forwarded over 790 Specifies that a TCP port on the remote machine be forwarded over
@@ -808,8 +837,7 @@ DESCRIPTION
808 837
809 SendEnv 838 SendEnv
810 Specifies what variables from the local environ(7) should be sent 839 Specifies what variables from the local environ(7) should be sent
811 to the server. Note that environment passing is only supported 840 to the server. The server must also support it, and the server
812 for protocol 2. The server must also support it, and the server
813 must be configured to accept these environment variables. Note 841 must be configured to accept these environment variables. Note
814 that the TERM environment variable is always sent whenever a 842 that the TERM environment variable is always sent whenever a
815 pseudo-terminal is requested as it is required by the protocol. 843 pseudo-terminal is requested as it is required by the protocol.
@@ -838,15 +866,14 @@ DESCRIPTION
838 The default value is 3. If, for example, ServerAliveInterval 866 The default value is 3. If, for example, ServerAliveInterval
839 (see below) is set to 15 and ServerAliveCountMax is left at the 867 (see below) is set to 15 and ServerAliveCountMax is left at the
840 default, if the server becomes unresponsive, ssh will disconnect 868 default, if the server becomes unresponsive, ssh will disconnect
841 after approximately 45 seconds. This option applies to protocol 869 after approximately 45 seconds.
842 version 2 only.
843 870
844 ServerAliveInterval 871 ServerAliveInterval
845 Sets a timeout interval in seconds after which if no data has 872 Sets a timeout interval in seconds after which if no data has
846 been received from the server, ssh(1) will send a message through 873 been received from the server, ssh(1) will send a message through
847 the encrypted channel to request a response from the server. The 874 the encrypted channel to request a response from the server. The
848 default is 0, indicating that these messages will not be sent to 875 default is 0, indicating that these messages will not be sent to
849 the server. This option applies to protocol version 2 only. 876 the server.
850 877
851 StreamLocalBindMask 878 StreamLocalBindMask
852 Sets the octal file creation mode mask (umask) used when creating 879 Sets the octal file creation mode mask (umask) used when creating
@@ -924,7 +951,7 @@ DESCRIPTION
924 graceful key rotation by allowing a server to send replacement 951 graceful key rotation by allowing a server to send replacement
925 public keys before old ones are removed. Additional hostkeys are 952 public keys before old ones are removed. Additional hostkeys are
926 only accepted if the key used to authenticate the host was 953 only accepted if the key used to authenticate the host was
927 already trusted or explicity accepted by the user. If 954 already trusted or explicitly accepted by the user. If
928 UpdateHostKeys is set to M-bM-^@M-^\askM-bM-^@M-^], then the user is asked to confirm 955 UpdateHostKeys is set to M-bM-^@M-^\askM-bM-^@M-^], then the user is asked to confirm
929 the modifications to the known_hosts file. Confirmation is 956 the modifications to the known_hosts file. Confirmation is
930 currently incompatible with ControlPersist, and will be disabled 957 currently incompatible with ControlPersist, and will be disabled
@@ -960,8 +987,7 @@ DESCRIPTION
960 fingerprint match will be displayed, but the user will still need 987 fingerprint match will be displayed, but the user will still need
961 to confirm new host keys according to the StrictHostKeyChecking 988 to confirm new host keys according to the StrictHostKeyChecking
962 option. The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^], or M-bM-^@M-^\askM-bM-^@M-^]. The default 989 option. The argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^], or M-bM-^@M-^\askM-bM-^@M-^]. The default
963 is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol version 2 990 is M-bM-^@M-^\noM-bM-^@M-^].
964 only.
965 991
966 See also VERIFYING HOST KEYS in ssh(1). 992 See also VERIFYING HOST KEYS in ssh(1).
967 993
@@ -1023,4 +1049,4 @@ AUTHORS
1023 created OpenSSH. Markus Friedl contributed the support for SSH protocol 1049 created OpenSSH. Markus Friedl contributed the support for SSH protocol
1024 versions 1.5 and 2.0. 1050 versions 1.5 and 2.0.
1025 1051
1026OpenBSD 5.8 August 14, 2015 OpenBSD 5.8 1052OpenBSD 5.9 February 20, 2016 OpenBSD 5.9
diff --git a/ssh_config.5 b/ssh_config.5
index a47f3ca9e..caf13a62d 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $ 36.\" $OpenBSD: ssh_config.5,v 1.228 2016/02/20 23:01:46 sobrado Exp $
37.Dd $Mdocdate: August 14 2015 $ 37.Dd $Mdocdate: February 20 2016 $
38.Dt SSH_CONFIG 5 38.Dt SSH_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -139,7 +139,7 @@ or
139keyword) to be used only when the conditions following the 139keyword) to be used only when the conditions following the
140.Cm Match 140.Cm Match
141keyword are satisfied. 141keyword are satisfied.
142Match conditions are specified using one or more critera 142Match conditions are specified using one or more criteria
143or the single token 143or the single token
144.Cm all 144.Cm all
145which always matches. 145which always matches.
@@ -221,6 +221,39 @@ keyword matches against the name of the local user running
221(this keyword may be useful in system-wide 221(this keyword may be useful in system-wide
222.Nm 222.Nm
223files). 223files).
224.It Cm AddKeysToAgent
225Specifies whether keys should be automatically added to a running
226.Xr ssh-agent 1 .
227If this option is set to
228.Dq yes
229and a key is loaded from a file, the key and its passphrase are added to
230the agent with the default lifetime, as if by
231.Xr ssh-add 1 .
232If this option is set to
233.Dq ask ,
234.Nm ssh
235will require confirmation using the
236.Ev SSH_ASKPASS
237program before adding a key (see
238.Xr ssh-add 1
239for details).
240If this option is set to
241.Dq confirm ,
242each use of the key must be confirmed, as if the
243.Fl c
244option was specified to
245.Xr ssh-add 1 .
246If this option is set to
247.Dq no ,
248no keys are added to the agent.
249The argument must be
250.Dq yes ,
251.Dq confirm ,
252.Dq ask ,
253or
254.Dq no .
255The default is
256.Dq no .
224.It Cm AddressFamily 257.It Cm AddressFamily
225Specifies which address family to use when connecting. 258Specifies which address family to use when connecting.
226Valid arguments are 259Valid arguments are
@@ -229,6 +262,8 @@ Valid arguments are
229(use IPv4 only), or 262(use IPv4 only), or
230.Dq inet6 263.Dq inet6
231(use IPv6 only). 264(use IPv6 only).
265The default is
266.Dq any .
232.It Cm BatchMode 267.It Cm BatchMode
233If set to 268If set to
234.Dq yes , 269.Dq yes ,
@@ -325,6 +360,41 @@ to be canonicalized to names in the
325or 360or
326.Dq *.c.example.com 361.Dq *.c.example.com
327domains. 362domains.
363.It Cm CertificateFile
364Specifies a file from which the user's certificate is read.
365A corresponding private key must be provided separately in order
366to use this certificate either
367from an
368.Cm IdentityFile
369directive or
370.Fl i
371flag to
372.Xr ssh 1 ,
373via
374.Xr ssh-agent 1 ,
375or via a
376.Cm PKCS11Provider .
377.Pp
378The file name may use the tilde
379syntax to refer to a user's home directory or one of the following
380escape characters:
381.Ql %d
382(local user's home directory),
383.Ql %u
384(local user name),
385.Ql %l
386(local host name),
387.Ql %h
388(remote host name) or
389.Ql %r
390(remote user name).
391.Pp
392It is possible to have multiple certificate files specified in
393configuration files; these certificates will be tried in sequence.
394Multiple
395.Cm CertificateFile
396directives will add to the list of certificates used for
397authentication.
328.It Cm ChallengeResponseAuthentication 398.It Cm ChallengeResponseAuthentication
329Specifies whether to use challenge-response authentication. 399Specifies whether to use challenge-response authentication.
330The argument to this keyword must be 400The argument to this keyword must be
@@ -418,9 +488,7 @@ The default is:
418chacha20-poly1305@openssh.com, 488chacha20-poly1305@openssh.com,
419aes128-ctr,aes192-ctr,aes256-ctr, 489aes128-ctr,aes192-ctr,aes256-ctr,
420aes128-gcm@openssh.com,aes256-gcm@openssh.com, 490aes128-gcm@openssh.com,aes256-gcm@openssh.com,
421arcfour256,arcfour128, 491aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
422aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
423aes192-cbc,aes256-cbc,arcfour
424.Ed 492.Ed
425.Pp 493.Pp
426The list of available ciphers may also be obtained using the 494The list of available ciphers may also be obtained using the
@@ -538,8 +606,11 @@ the destination port,
538.Ql %r 606.Ql %r
539by the remote login username, 607by the remote login username,
540.Ql %u 608.Ql %u
541by the username of the user running 609by the username and
542.Xr ssh 1 , and 610.Ql %i
611by the numeric user ID (uid) of the user running
612.Xr ssh 1 ,
613and
543.Ql \&%C 614.Ql \&%C
544by a hash of the concatenation: %l%h%p%r. 615by a hash of the concatenation: %l%h%p%r.
545It is recommended that any 616It is recommended that any
@@ -639,7 +710,14 @@ data).
639Specifies whether 710Specifies whether
640.Xr ssh 1 711.Xr ssh 1
641should terminate the connection if it cannot set up all requested 712should terminate the connection if it cannot set up all requested
642dynamic, tunnel, local, and remote port forwardings. 713dynamic, tunnel, local, and remote port forwardings, (e.g.\&
714if either end is unable to bind and listen on a specified port).
715Note that
716.Cm ExitOnForwardFailure
717does not apply to connections made over port forwardings and will not,
718for example, cause
719.Xr ssh 1
720to exit if TCP connections to the ultimate forwarding destination fail.
643The argument must be 721The argument must be
644.Dq yes 722.Dq yes
645or 723or
@@ -748,12 +826,10 @@ The default is
748Specifies whether user authentication based on GSSAPI is allowed. 826Specifies whether user authentication based on GSSAPI is allowed.
749The default is 827The default is
750.Dq no . 828.Dq no .
751Note that this option applies to protocol version 2 only.
752.It Cm GSSAPIDelegateCredentials 829.It Cm GSSAPIDelegateCredentials
753Forward (delegate) credentials to the server. 830Forward (delegate) credentials to the server.
754The default is 831The default is
755.Dq no . 832.Dq no .
756Note that this option applies to protocol version 2 only.
757.It Cm HashKnownHosts 833.It Cm HashKnownHosts
758Indicates that 834Indicates that
759.Xr ssh 1 835.Xr ssh 1
@@ -780,9 +856,6 @@ or
780.Dq no . 856.Dq no .
781The default is 857The default is
782.Dq no . 858.Dq no .
783This option applies to protocol version 2 only and
784is similar to
785.Cm RhostsRSAAuthentication .
786.It Cm HostbasedKeyTypes 859.It Cm HostbasedKeyTypes
787Specifies the key types that will be used for hostbased authentication 860Specifies the key types that will be used for hostbased authentication
788as a comma-separated pattern list. 861as a comma-separated pattern list.
@@ -807,7 +880,7 @@ option of
807.Xr ssh 1 880.Xr ssh 1
808may be used to list supported key types. 881may be used to list supported key types.
809.It Cm HostKeyAlgorithms 882.It Cm HostKeyAlgorithms
810Specifies the protocol version 2 host key algorithms 883Specifies the host key algorithms
811that the client wants to use in order of preference. 884that the client wants to use in order of preference.
812Alternately if the specified value begins with a 885Alternately if the specified value begins with a
813.Sq + 886.Sq +
@@ -859,9 +932,13 @@ specifications).
859.It Cm IdentitiesOnly 932.It Cm IdentitiesOnly
860Specifies that 933Specifies that
861.Xr ssh 1 934.Xr ssh 1
862should only use the authentication identity files configured in the 935should only use the authentication identity and certificate files explicitly
936configured in the
863.Nm 937.Nm
864files, 938files
939or passed on the
940.Xr ssh 1
941command-line,
865even if 942even if
866.Xr ssh-agent 1 943.Xr ssh-agent 1
867or a 944or a
@@ -891,6 +968,8 @@ Additionally, any identities represented by the authentication agent
891will be used for authentication unless 968will be used for authentication unless
892.Cm IdentitiesOnly 969.Cm IdentitiesOnly
893is set. 970is set.
971If no certificates have been explicitly specified by
972.Cm CertificateFile ,
894.Xr ssh 1 973.Xr ssh 1
895will try to load certificate information from the filename obtained by 974will try to load certificate information from the filename obtained by
896appending 975appending
@@ -924,6 +1003,11 @@ differs from that of other configuration directives).
924may be used in conjunction with 1003may be used in conjunction with
925.Cm IdentitiesOnly 1004.Cm IdentitiesOnly
926to select which identities in an agent are offered during authentication. 1005to select which identities in an agent are offered during authentication.
1006.Cm IdentityFile
1007may also be used in conjunction with
1008.Cm CertificateFile
1009in order to provide any certificate also needed for authentication with
1010the identity.
927.It Cm IgnoreUnknown 1011.It Cm IgnoreUnknown
928Specifies a pattern-list of unknown options to be ignored if they are 1012Specifies a pattern-list of unknown options to be ignored if they are
929encountered in configuration parsing. 1013encountered in configuration parsing.
@@ -1083,8 +1167,7 @@ DEBUG2 and DEBUG3 each specify higher levels of verbose output.
1083.It Cm MACs 1167.It Cm MACs
1084Specifies the MAC (message authentication code) algorithms 1168Specifies the MAC (message authentication code) algorithms
1085in order of preference. 1169in order of preference.
1086The MAC algorithm is used in protocol version 2 1170The MAC algorithm is used for data integrity protection.
1087for data integrity protection.
1088Multiple algorithms must be comma-separated. 1171Multiple algorithms must be comma-separated.
1089If the specified value begins with a 1172If the specified value begins with a
1090.Sq + 1173.Sq +
@@ -1100,13 +1183,9 @@ The default is:
1100.Bd -literal -offset indent 1183.Bd -literal -offset indent
1101umac-64-etm@openssh.com,umac-128-etm@openssh.com, 1184umac-64-etm@openssh.com,umac-128-etm@openssh.com,
1102hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 1185hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
1186hmac-sha1-etm@openssh.com,
1103umac-64@openssh.com,umac-128@openssh.com, 1187umac-64@openssh.com,umac-128@openssh.com,
1104hmac-sha2-256,hmac-sha2-512, 1188hmac-sha2-256,hmac-sha2-512,hmac-sha1
1105hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,
1106hmac-ripemd160-etm@openssh.com,
1107hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,
1108hmac-md5,hmac-sha1,hmac-ripemd160,
1109hmac-sha1-96,hmac-md5-96
1110.Ed 1189.Ed
1111.Pp 1190.Pp
1112The list of available MAC algorithms may also be obtained using the 1191The list of available MAC algorithms may also be obtained using the
@@ -1160,8 +1239,7 @@ private RSA key.
1160Specifies the port number to connect on the remote host. 1239Specifies the port number to connect on the remote host.
1161The default is 22. 1240The default is 22.
1162.It Cm PreferredAuthentications 1241.It Cm PreferredAuthentications
1163Specifies the order in which the client should try protocol 2 1242Specifies the order in which the client should try authentication methods.
1164authentication methods.
1165This allows a client to prefer one method (e.g.\& 1243This allows a client to prefer one method (e.g.\&
1166.Cm keyboard-interactive ) 1244.Cm keyboard-interactive )
1167over another method (e.g.\& 1245over another method (e.g.\&
@@ -1187,6 +1265,9 @@ will try version 2 and fall back to version 1
1187if version 2 is not available. 1265if version 2 is not available.
1188The default is 1266The default is
1189.Sq 2 . 1267.Sq 2 .
1268Protocol 1 suffers from a number of cryptographic weaknesses and should
1269not be used.
1270It is only offered to support legacy devices.
1190.It Cm ProxyCommand 1271.It Cm ProxyCommand
1191Specifies the command to use to connect to the server. 1272Specifies the command to use to connect to the server.
1192The command 1273The command
@@ -1267,7 +1348,6 @@ or
1267.Dq no . 1348.Dq no .
1268The default is 1349The default is
1269.Dq yes . 1350.Dq yes .
1270This option applies to protocol version 2 only.
1271.It Cm RekeyLimit 1351.It Cm RekeyLimit
1272Specifies the maximum amount of data that may be transmitted before the 1352Specifies the maximum amount of data that may be transmitted before the
1273session key is renegotiated, optionally followed a maximum amount of 1353session key is renegotiated, optionally followed a maximum amount of
@@ -1293,7 +1373,6 @@ is
1293.Dq default none , 1373.Dq default none ,
1294which means that rekeying is performed after the cipher's default amount 1374which means that rekeying is performed after the cipher's default amount
1295of data has been sent or received and no time based rekeying is done. 1375of data has been sent or received and no time based rekeying is done.
1296This option applies to protocol version 2 only.
1297.It Cm RemoteForward 1376.It Cm RemoteForward
1298Specifies that a TCP port on the remote machine be forwarded over 1377Specifies that a TCP port on the remote machine be forwarded over
1299the secure channel to the specified host and port from the local machine. 1378the secure channel to the specified host and port from the local machine.
@@ -1386,7 +1465,6 @@ Note that this option applies to protocol version 1 only.
1386Specifies what variables from the local 1465Specifies what variables from the local
1387.Xr environ 7 1466.Xr environ 7
1388should be sent to the server. 1467should be sent to the server.
1389Note that environment passing is only supported for protocol 2.
1390The server must also support it, and the server must be configured to 1468The server must also support it, and the server must be configured to
1391accept these environment variables. 1469accept these environment variables.
1392Note that the 1470Note that the
@@ -1434,7 +1512,6 @@ If, for example,
1434.Cm ServerAliveCountMax 1512.Cm ServerAliveCountMax
1435is left at the default, if the server becomes unresponsive, 1513is left at the default, if the server becomes unresponsive,
1436ssh will disconnect after approximately 45 seconds. 1514ssh will disconnect after approximately 45 seconds.
1437This option applies to protocol version 2 only.
1438.It Cm ServerAliveInterval 1515.It Cm ServerAliveInterval
1439Sets a timeout interval in seconds after which if no data has been received 1516Sets a timeout interval in seconds after which if no data has been received
1440from the server, 1517from the server,
@@ -1443,7 +1520,6 @@ will send a message through the encrypted
1443channel to request a response from the server. 1520channel to request a response from the server.
1444The default 1521The default
1445is 0, indicating that these messages will not be sent to the server. 1522is 0, indicating that these messages will not be sent to the server.
1446This option applies to protocol version 2 only.
1447.It Cm StreamLocalBindMask 1523.It Cm StreamLocalBindMask
1448Sets the octal file creation mode mask 1524Sets the octal file creation mode mask
1449.Pq umask 1525.Pq umask
@@ -1575,7 +1651,7 @@ Enabling this option allows learning alternate hostkeys for a server
1575and supports graceful key rotation by allowing a server to send replacement 1651and supports graceful key rotation by allowing a server to send replacement
1576public keys before old ones are removed. 1652public keys before old ones are removed.
1577Additional hostkeys are only accepted if the key used to authenticate the 1653Additional hostkeys are only accepted if the key used to authenticate the
1578host was already trusted or explicity accepted by the user. 1654host was already trusted or explicitly accepted by the user.
1579If 1655If
1580.Cm UpdateHostKeys 1656.Cm UpdateHostKeys
1581is set to 1657is set to
@@ -1640,7 +1716,6 @@ or
1640.Dq ask . 1716.Dq ask .
1641The default is 1717The default is
1642.Dq no . 1718.Dq no .
1643Note that this option applies to protocol version 2 only.
1644.Pp 1719.Pp
1645See also VERIFYING HOST KEYS in 1720See also VERIFYING HOST KEYS in
1646.Xr ssh 1 . 1721.Xr ssh 1 .
diff --git a/sshbuf-getput-basic.c b/sshbuf-getput-basic.c
index 8ff8a0a28..23e0fd7c1 100644
--- a/sshbuf-getput-basic.c
+++ b/sshbuf-getput-basic.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshbuf-getput-basic.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ 1/* $OpenBSD: sshbuf-getput-basic.c,v 1.5 2015/10/20 23:24:25 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -131,7 +131,7 @@ sshbuf_get_string_direct(struct sshbuf *buf, const u_char **valp, size_t *lenp)
131 *lenp = 0; 131 *lenp = 0;
132 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) < 0) 132 if ((r = sshbuf_peek_string_direct(buf, &p, &len)) < 0)
133 return r; 133 return r;
134 if (valp != 0) 134 if (valp != NULL)
135 *valp = p; 135 *valp = p;
136 if (lenp != NULL) 136 if (lenp != NULL)
137 *lenp = len; 137 *lenp = len;
@@ -168,7 +168,7 @@ sshbuf_peek_string_direct(const struct sshbuf *buf, const u_char **valp,
168 SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE")); 168 SSHBUF_DBG(("SSH_ERR_MESSAGE_INCOMPLETE"));
169 return SSH_ERR_MESSAGE_INCOMPLETE; 169 return SSH_ERR_MESSAGE_INCOMPLETE;
170 } 170 }
171 if (valp != 0) 171 if (valp != NULL)
172 *valp = p + 4; 172 *valp = p + 4;
173 if (lenp != NULL) 173 if (lenp != NULL)
174 *lenp = len; 174 *lenp = len;
@@ -448,7 +448,7 @@ sshbuf_get_bignum2_bytes_direct(struct sshbuf *buf,
448 d++; 448 d++;
449 len--; 449 len--;
450 } 450 }
451 if (valp != 0) 451 if (valp != NULL)
452 *valp = d; 452 *valp = d;
453 if (lenp != NULL) 453 if (lenp != NULL)
454 *lenp = len; 454 *lenp = len;
diff --git a/sshbuf.c b/sshbuf.c
index 19e162c07..4d6e0ea0a 100644
--- a/sshbuf.c
+++ b/sshbuf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshbuf.c,v 1.4 2015/10/05 17:11:21 djm Exp $ */ 1/* $OpenBSD: sshbuf.c,v 1.6 2016/01/12 23:42:54 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -163,10 +163,8 @@ sshbuf_free(struct sshbuf *buf)
163 * If we are a child, the free our parent to decrement its reference 163 * If we are a child, the free our parent to decrement its reference
164 * count and possibly free it. 164 * count and possibly free it.
165 */ 165 */
166 if (buf->parent != NULL) { 166 sshbuf_free(buf->parent);
167 sshbuf_free(buf->parent); 167 buf->parent = NULL;
168 buf->parent = NULL;
169 }
170 /* 168 /*
171 * If we are a parent with still-extant children, then don't free just 169 * If we are a parent with still-extant children, then don't free just
172 * yet. The last child's call to sshbuf_free should decrement our 170 * yet. The last child's call to sshbuf_free should decrement our
diff --git a/sshbuf.h b/sshbuf.h
index eb0d92e10..63495fbb0 100644
--- a/sshbuf.h
+++ b/sshbuf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshbuf.h,v 1.4 2015/01/14 15:02:39 djm Exp $ */ 1/* $OpenBSD: sshbuf.h,v 1.6 2015/12/10 07:01:35 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -120,12 +120,12 @@ size_t sshbuf_len(const struct sshbuf *buf);
120size_t sshbuf_avail(const struct sshbuf *buf); 120size_t sshbuf_avail(const struct sshbuf *buf);
121 121
122/* 122/*
123 * Returns a read-only pointer to the start of the the data in buf 123 * Returns a read-only pointer to the start of the data in buf
124 */ 124 */
125const u_char *sshbuf_ptr(const struct sshbuf *buf); 125const u_char *sshbuf_ptr(const struct sshbuf *buf);
126 126
127/* 127/*
128 * Returns a mutable pointer to the start of the the data in buf, or 128 * Returns a mutable pointer to the start of the data in buf, or
129 * NULL if the buffer is read-only. 129 * NULL if the buffer is read-only.
130 */ 130 */
131u_char *sshbuf_mutable_ptr(const struct sshbuf *buf); 131u_char *sshbuf_mutable_ptr(const struct sshbuf *buf);
@@ -241,45 +241,48 @@ int sshbuf_b64tod(struct sshbuf *buf, const char *b64);
241 241
242/* Macros for decoding/encoding integers */ 242/* Macros for decoding/encoding integers */
243#define PEEK_U64(p) \ 243#define PEEK_U64(p) \
244 (((u_int64_t)(((u_char *)(p))[0]) << 56) | \ 244 (((u_int64_t)(((const u_char *)(p))[0]) << 56) | \
245 ((u_int64_t)(((u_char *)(p))[1]) << 48) | \ 245 ((u_int64_t)(((const u_char *)(p))[1]) << 48) | \
246 ((u_int64_t)(((u_char *)(p))[2]) << 40) | \ 246 ((u_int64_t)(((const u_char *)(p))[2]) << 40) | \
247 ((u_int64_t)(((u_char *)(p))[3]) << 32) | \ 247 ((u_int64_t)(((const u_char *)(p))[3]) << 32) | \
248 ((u_int64_t)(((u_char *)(p))[4]) << 24) | \ 248 ((u_int64_t)(((const u_char *)(p))[4]) << 24) | \
249 ((u_int64_t)(((u_char *)(p))[5]) << 16) | \ 249 ((u_int64_t)(((const u_char *)(p))[5]) << 16) | \
250 ((u_int64_t)(((u_char *)(p))[6]) << 8) | \ 250 ((u_int64_t)(((const u_char *)(p))[6]) << 8) | \
251 (u_int64_t)(((u_char *)(p))[7])) 251 (u_int64_t)(((const u_char *)(p))[7]))
252#define PEEK_U32(p) \ 252#define PEEK_U32(p) \
253 (((u_int32_t)(((u_char *)(p))[0]) << 24) | \ 253 (((u_int32_t)(((const u_char *)(p))[0]) << 24) | \
254 ((u_int32_t)(((u_char *)(p))[1]) << 16) | \ 254 ((u_int32_t)(((const u_char *)(p))[1]) << 16) | \
255 ((u_int32_t)(((u_char *)(p))[2]) << 8) | \ 255 ((u_int32_t)(((const u_char *)(p))[2]) << 8) | \
256 (u_int32_t)(((u_char *)(p))[3])) 256 (u_int32_t)(((const u_char *)(p))[3]))
257#define PEEK_U16(p) \ 257#define PEEK_U16(p) \
258 (((u_int16_t)(((u_char *)(p))[0]) << 8) | \ 258 (((u_int16_t)(((const u_char *)(p))[0]) << 8) | \
259 (u_int16_t)(((u_char *)(p))[1])) 259 (u_int16_t)(((const u_char *)(p))[1]))
260 260
261#define POKE_U64(p, v) \ 261#define POKE_U64(p, v) \
262 do { \ 262 do { \
263 ((u_char *)(p))[0] = (((u_int64_t)(v)) >> 56) & 0xff; \ 263 const u_int64_t __v = (v); \
264 ((u_char *)(p))[1] = (((u_int64_t)(v)) >> 48) & 0xff; \ 264 ((u_char *)(p))[0] = (__v >> 56) & 0xff; \
265 ((u_char *)(p))[2] = (((u_int64_t)(v)) >> 40) & 0xff; \ 265 ((u_char *)(p))[1] = (__v >> 48) & 0xff; \
266 ((u_char *)(p))[3] = (((u_int64_t)(v)) >> 32) & 0xff; \ 266 ((u_char *)(p))[2] = (__v >> 40) & 0xff; \
267 ((u_char *)(p))[4] = (((u_int64_t)(v)) >> 24) & 0xff; \ 267 ((u_char *)(p))[3] = (__v >> 32) & 0xff; \
268 ((u_char *)(p))[5] = (((u_int64_t)(v)) >> 16) & 0xff; \ 268 ((u_char *)(p))[4] = (__v >> 24) & 0xff; \
269 ((u_char *)(p))[6] = (((u_int64_t)(v)) >> 8) & 0xff; \ 269 ((u_char *)(p))[5] = (__v >> 16) & 0xff; \
270 ((u_char *)(p))[7] = ((u_int64_t)(v)) & 0xff; \ 270 ((u_char *)(p))[6] = (__v >> 8) & 0xff; \
271 ((u_char *)(p))[7] = __v & 0xff; \
271 } while (0) 272 } while (0)
272#define POKE_U32(p, v) \ 273#define POKE_U32(p, v) \
273 do { \ 274 do { \
274 ((u_char *)(p))[0] = (((u_int64_t)(v)) >> 24) & 0xff; \ 275 const u_int32_t __v = (v); \
275 ((u_char *)(p))[1] = (((u_int64_t)(v)) >> 16) & 0xff; \ 276 ((u_char *)(p))[0] = (__v >> 24) & 0xff; \
276 ((u_char *)(p))[2] = (((u_int64_t)(v)) >> 8) & 0xff; \ 277 ((u_char *)(p))[1] = (__v >> 16) & 0xff; \
277 ((u_char *)(p))[3] = ((u_int64_t)(v)) & 0xff; \ 278 ((u_char *)(p))[2] = (__v >> 8) & 0xff; \
279 ((u_char *)(p))[3] = __v & 0xff; \
278 } while (0) 280 } while (0)
279#define POKE_U16(p, v) \ 281#define POKE_U16(p, v) \
280 do { \ 282 do { \
281 ((u_char *)(p))[0] = (((u_int64_t)(v)) >> 8) & 0xff; \ 283 const u_int16_t __v = (v); \
282 ((u_char *)(p))[1] = ((u_int64_t)(v)) & 0xff; \ 284 ((u_char *)(p))[0] = (__v >> 8) & 0xff; \
285 ((u_char *)(p))[1] = __v & 0xff; \
283 } while (0) 286 } while (0)
284 287
285/* Internal definitions follow. Exposed for regress tests */ 288/* Internal definitions follow. Exposed for regress tests */
diff --git a/sshconnect.c b/sshconnect.c
index 17fbe39b0..356ec79f0 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.c,v 1.263 2015/08/20 22:32:42 deraadt Exp $ */ 1/* $OpenBSD: sshconnect.c,v 1.271 2016/01/14 22:56:56 markus Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -59,12 +59,12 @@
59#include "readconf.h" 59#include "readconf.h"
60#include "atomicio.h" 60#include "atomicio.h"
61#include "dns.h" 61#include "dns.h"
62#include "roaming.h"
63#include "monitor_fdpass.h" 62#include "monitor_fdpass.h"
64#include "ssh2.h" 63#include "ssh2.h"
65#include "version.h" 64#include "version.h"
66#include "authfile.h" 65#include "authfile.h"
67#include "ssherr.h" 66#include "ssherr.h"
67#include "authfd.h"
68 68
69char *client_version_string = NULL; 69char *client_version_string = NULL;
70char *server_version_string = NULL; 70char *server_version_string = NULL;
@@ -167,6 +167,7 @@ ssh_proxy_fdpass_connect(const char *host, u_short port,
167 167
168 if ((sock = mm_receive_fd(sp[1])) == -1) 168 if ((sock = mm_receive_fd(sp[1])) == -1)
169 fatal("proxy dialer did not pass back a connection"); 169 fatal("proxy dialer did not pass back a connection");
170 close(sp[1]);
170 171
171 while (waitpid(pid, NULL, 0) == -1) 172 while (waitpid(pid, NULL, 0) == -1)
172 if (errno != EINTR) 173 if (errno != EINTR)
@@ -432,7 +433,9 @@ ssh_connect_direct(const char *host, struct addrinfo *aitop,
432 char ntop[NI_MAXHOST], strport[NI_MAXSERV]; 433 char ntop[NI_MAXHOST], strport[NI_MAXSERV];
433 struct addrinfo *ai; 434 struct addrinfo *ai;
434 435
435 debug2("ssh_connect: needpriv %d", needpriv); 436 debug2("%s: needpriv %d", __func__, needpriv);
437 memset(ntop, 0, sizeof(ntop));
438 memset(strport, 0, sizeof(strport));
436 439
437 for (attempt = 0; attempt < connection_attempts; attempt++) { 440 for (attempt = 0; attempt < connection_attempts; attempt++) {
438 if (attempt > 0) { 441 if (attempt > 0) {
@@ -451,7 +454,7 @@ ssh_connect_direct(const char *host, struct addrinfo *aitop,
451 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, 454 if (getnameinfo(ai->ai_addr, ai->ai_addrlen,
452 ntop, sizeof(ntop), strport, sizeof(strport), 455 ntop, sizeof(ntop), strport, sizeof(strport),
453 NI_NUMERICHOST|NI_NUMERICSERV) != 0) { 456 NI_NUMERICHOST|NI_NUMERICSERV) != 0) {
454 error("ssh_connect: getnameinfo failed"); 457 error("%s: getnameinfo failed", __func__);
455 continue; 458 continue;
456 } 459 }
457 debug("Connecting to %.200s [%.100s] port %s.", 460 debug("Connecting to %.200s [%.100s] port %s.",
@@ -529,7 +532,7 @@ send_client_banner(int connection_out, int minor1)
529 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n", 532 xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n",
530 PROTOCOL_MAJOR_1, minor1, SSH_VERSION); 533 PROTOCOL_MAJOR_1, minor1, SSH_VERSION);
531 } 534 }
532 if (roaming_atomicio(vwrite, connection_out, client_version_string, 535 if (atomicio(vwrite, connection_out, client_version_string,
533 strlen(client_version_string)) != strlen(client_version_string)) 536 strlen(client_version_string)) != strlen(client_version_string))
534 fatal("write: %.100s", strerror(errno)); 537 fatal("write: %.100s", strerror(errno));
535 chop(client_version_string); 538 chop(client_version_string);
@@ -589,7 +592,7 @@ ssh_exchange_identification(int timeout_ms)
589 } 592 }
590 } 593 }
591 594
592 len = roaming_atomicio(read, connection_in, &buf[i], 1); 595 len = atomicio(read, connection_in, &buf[i], 1);
593 596
594 if (len != 1 && errno == EPIPE) 597 if (len != 1 && errno == EPIPE)
595 fatal("ssh_exchange_identification: " 598 fatal("ssh_exchange_identification: "
@@ -925,7 +928,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
925 options.fingerprint_hash, SSH_FP_RANDOMART); 928 options.fingerprint_hash, SSH_FP_RANDOMART);
926 if (fp == NULL || ra == NULL) 929 if (fp == NULL || ra == NULL)
927 fatal("%s: sshkey_fingerprint fail", __func__); 930 fatal("%s: sshkey_fingerprint fail", __func__);
928 logit("Host key fingerprint is %s\n%s\n", fp, ra); 931 logit("Host key fingerprint is %s\n%s", fp, ra);
929 free(ra); 932 free(ra);
930 free(fp); 933 free(fp);
931 } 934 }
@@ -1236,8 +1239,9 @@ fail:
1236int 1239int
1237verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) 1240verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
1238{ 1241{
1242 u_int i;
1239 int r = -1, flags = 0; 1243 int r = -1, flags = 0;
1240 char *fp = NULL; 1244 char valid[64], *fp = NULL, *cafp = NULL;
1241 struct sshkey *plain = NULL; 1245 struct sshkey *plain = NULL;
1242 1246
1243 if ((fp = sshkey_fingerprint(host_key, 1247 if ((fp = sshkey_fingerprint(host_key,
@@ -1247,8 +1251,31 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
1247 goto out; 1251 goto out;
1248 } 1252 }
1249 1253
1250 debug("Server host key: %s %s", 1254 if (sshkey_is_cert(host_key)) {
1251 compat20 ? sshkey_ssh_name(host_key) : sshkey_type(host_key), fp); 1255 if ((cafp = sshkey_fingerprint(host_key->cert->signature_key,
1256 options.fingerprint_hash, SSH_FP_DEFAULT)) == NULL) {
1257 error("%s: fingerprint CA key: %s",
1258 __func__, ssh_err(r));
1259 r = -1;
1260 goto out;
1261 }
1262 sshkey_format_cert_validity(host_key->cert,
1263 valid, sizeof(valid));
1264 debug("Server host certificate: %s %s, serial %llu "
1265 "ID \"%s\" CA %s %s valid %s",
1266 sshkey_ssh_name(host_key), fp,
1267 (unsigned long long)host_key->cert->serial,
1268 host_key->cert->key_id,
1269 sshkey_ssh_name(host_key->cert->signature_key), cafp,
1270 valid);
1271 for (i = 0; i < host_key->cert->nprincipals; i++) {
1272 debug2("Server host certificate hostname: %s",
1273 host_key->cert->principals[i]);
1274 }
1275 } else {
1276 debug("Server host key: %s %s", compat20 ?
1277 sshkey_ssh_name(host_key) : sshkey_type(host_key), fp);
1278 }
1252 1279
1253 if (sshkey_equal(previous_host_key, host_key)) { 1280 if (sshkey_equal(previous_host_key, host_key)) {
1254 debug2("%s: server host key %s %s matches cached key", 1281 debug2("%s: server host key %s %s matches cached key",
@@ -1313,6 +1340,7 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
1313out: 1340out:
1314 sshkey_free(plain); 1341 sshkey_free(plain);
1315 free(fp); 1342 free(fp);
1343 free(cafp);
1316 if (r == 0 && host_key != NULL) { 1344 if (r == 0 && host_key != NULL) {
1317 key_free(previous_host_key); 1345 key_free(previous_host_key);
1318 previous_host_key = key_from_private(host_key); 1346 previous_host_key = key_from_private(host_key);
@@ -1487,3 +1515,30 @@ ssh_local_cmd(const char *args)
1487 1515
1488 return (WEXITSTATUS(status)); 1516 return (WEXITSTATUS(status));
1489} 1517}
1518
1519void
1520maybe_add_key_to_agent(char *authfile, Key *private, char *comment,
1521 char *passphrase)
1522{
1523 int auth_sock = -1, r;
1524
1525 if (options.add_keys_to_agent == 0)
1526 return;
1527
1528 if ((r = ssh_get_authentication_socket(&auth_sock)) != 0) {
1529 debug3("no authentication agent, not adding key");
1530 return;
1531 }
1532
1533 if (options.add_keys_to_agent == 2 &&
1534 !ask_permission("Add key %s (%s) to agent?", authfile, comment)) {
1535 debug3("user denied adding this key");
1536 return;
1537 }
1538
1539 if ((r = ssh_add_identity_constrained(auth_sock, private, comment, 0,
1540 (options.add_keys_to_agent == 3))) == 0)
1541 debug("identity added to agent: %s", authfile);
1542 else
1543 debug("could not add identity to agent: %s (%d)", authfile, r);
1544}
diff --git a/sshconnect.h b/sshconnect.h
index 0ea6e99f6..cf1851a95 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.h,v 1.28 2013/10/16 02:31:47 djm Exp $ */ 1/* $OpenBSD: sshconnect.h,v 1.29 2015/11/15 22:26:49 jcs Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -55,6 +55,8 @@ void ssh_userauth2(const char *, const char *, char *, Sensitive *);
55void ssh_put_password(char *); 55void ssh_put_password(char *);
56int ssh_local_cmd(const char *); 56int ssh_local_cmd(const char *);
57 57
58void maybe_add_key_to_agent(char *, Key *, char *, char *);
59
58/* 60/*
59 * Macros to raise/lower permissions. 61 * Macros to raise/lower permissions.
60 */ 62 */
diff --git a/sshconnect1.c b/sshconnect1.c
index 016abbce5..bfc523bde 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect1.c,v 1.77 2015/01/14 20:05:27 djm Exp $ */ 1/* $OpenBSD: sshconnect1.c,v 1.78 2015/11/15 22:26:49 jcs Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -221,7 +221,7 @@ try_rsa_authentication(int idx)
221{ 221{
222 BIGNUM *challenge; 222 BIGNUM *challenge;
223 Key *public, *private; 223 Key *public, *private;
224 char buf[300], *passphrase, *comment, *authfile; 224 char buf[300], *passphrase = NULL, *comment, *authfile;
225 int i, perm_ok = 1, type, quit; 225 int i, perm_ok = 1, type, quit;
226 226
227 public = options.identity_keys[idx]; 227 public = options.identity_keys[idx];
@@ -283,13 +283,20 @@ try_rsa_authentication(int idx)
283 debug2("no passphrase given, try next key"); 283 debug2("no passphrase given, try next key");
284 quit = 1; 284 quit = 1;
285 } 285 }
286 explicit_bzero(passphrase, strlen(passphrase));
287 free(passphrase);
288 if (private != NULL || quit) 286 if (private != NULL || quit)
289 break; 287 break;
290 debug2("bad passphrase given, try again..."); 288 debug2("bad passphrase given, try again...");
291 } 289 }
292 } 290 }
291
292 if (private != NULL)
293 maybe_add_key_to_agent(authfile, private, comment, passphrase);
294
295 if (passphrase != NULL) {
296 explicit_bzero(passphrase, strlen(passphrase));
297 free(passphrase);
298 }
299
293 /* We no longer need the comment. */ 300 /* We no longer need the comment. */
294 free(comment); 301 free(comment);
295 302
diff --git a/sshconnect2.c b/sshconnect2.c
index 775103185..f79c96beb 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect2.c,v 1.226 2015/07/30 00:01:34 djm Exp $ */ 1/* $OpenBSD: sshconnect2.c,v 1.239 2016/02/23 01:34:14 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Damien Miller. All rights reserved. 4 * Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -157,14 +157,16 @@ void
157ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) 157ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
158{ 158{
159 char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; 159 char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT };
160 char *s;
160 struct kex *kex; 161 struct kex *kex;
161 int r; 162 int r;
162 163
163 xxx_host = host; 164 xxx_host = host;
164 xxx_hostaddr = hostaddr; 165 xxx_hostaddr = hostaddr;
165 166
166 myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( 167 if ((s = kex_names_cat(options.kex_algorithms, "ext-info-c")) == NULL)
167 options.kex_algorithms); 168 fatal("%s: kex_names_cat", __func__);
169 myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal(s);
168 myproposal[PROPOSAL_ENC_ALGS_CTOS] = 170 myproposal[PROPOSAL_ENC_ALGS_CTOS] =
169 compat_cipher_proposal(options.ciphers); 171 compat_cipher_proposal(options.ciphers);
170 myproposal[PROPOSAL_ENC_ALGS_STOC] = 172 myproposal[PROPOSAL_ENC_ALGS_STOC] =
@@ -217,10 +219,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port)
217 219
218 dispatch_run(DISPATCH_BLOCK, &kex->done, active_state); 220 dispatch_run(DISPATCH_BLOCK, &kex->done, active_state);
219 221
220 if (options.use_roaming && !kex->roaming) { 222 /* remove ext-info from the KEX proposals for rekeying */
221 debug("Roaming not allowed by server"); 223 myproposal[PROPOSAL_KEX_ALGS] =
222 options.use_roaming = 0; 224 compat_kex_proposal(options.kex_algorithms);
223 } 225 if ((r = kex_prop2buf(kex->my, myproposal)) != 0)
226 fatal("kex_prop2buf: %s", ssh_err(r));
224 227
225 session_id2 = kex->session_id; 228 session_id2 = kex->session_id;
226 session_id2_len = kex->session_id_len; 229 session_id2_len = kex->session_id_len;
@@ -284,6 +287,8 @@ struct cauthmethod {
284 int *batch_flag; /* flag in option struct that disables method */ 287 int *batch_flag; /* flag in option struct that disables method */
285}; 288};
286 289
290int input_userauth_service_accept(int, u_int32_t, void *);
291int input_userauth_ext_info(int, u_int32_t, void *);
287int input_userauth_success(int, u_int32_t, void *); 292int input_userauth_success(int, u_int32_t, void *);
288int input_userauth_success_unexpected(int, u_int32_t, void *); 293int input_userauth_success_unexpected(int, u_int32_t, void *);
289int input_userauth_failure(int, u_int32_t, void *); 294int input_userauth_failure(int, u_int32_t, void *);
@@ -313,7 +318,7 @@ void userauth(Authctxt *, char *);
313static int sign_and_send_pubkey(Authctxt *, Identity *); 318static int sign_and_send_pubkey(Authctxt *, Identity *);
314static void pubkey_prepare(Authctxt *); 319static void pubkey_prepare(Authctxt *);
315static void pubkey_cleanup(Authctxt *); 320static void pubkey_cleanup(Authctxt *);
316static Key *load_identity_file(char *, int); 321static Key *load_identity_file(Identity *);
317 322
318static Authmethod *authmethod_get(char *authlist); 323static Authmethod *authmethod_get(char *authlist);
319static Authmethod *authmethod_lookup(const char *name); 324static Authmethod *authmethod_lookup(const char *name);
@@ -359,30 +364,12 @@ void
359ssh_userauth2(const char *local_user, const char *server_user, char *host, 364ssh_userauth2(const char *local_user, const char *server_user, char *host,
360 Sensitive *sensitive) 365 Sensitive *sensitive)
361{ 366{
367 struct ssh *ssh = active_state;
362 Authctxt authctxt; 368 Authctxt authctxt;
363 int type; 369 int r;
364 370
365 if (options.challenge_response_authentication) 371 if (options.challenge_response_authentication)
366 options.kbd_interactive_authentication = 1; 372 options.kbd_interactive_authentication = 1;
367
368 packet_start(SSH2_MSG_SERVICE_REQUEST);
369 packet_put_cstring("ssh-userauth");
370 packet_send();
371 debug("SSH2_MSG_SERVICE_REQUEST sent");
372 packet_write_wait();
373 type = packet_read();
374 if (type != SSH2_MSG_SERVICE_ACCEPT)
375 fatal("Server denied authentication request: %d", type);
376 if (packet_remaining() > 0) {
377 char *reply = packet_get_string(NULL);
378 debug2("service_accept: %s", reply);
379 free(reply);
380 } else {
381 debug2("buggy server: service_accept w/o service");
382 }
383 packet_check_eom();
384 debug("SSH2_MSG_SERVICE_ACCEPT received");
385
386 if (options.preferred_authentications == NULL) 373 if (options.preferred_authentications == NULL)
387 options.preferred_authentications = authmethods_get(); 374 options.preferred_authentications = authmethods_get();
388 375
@@ -404,21 +391,63 @@ ssh_userauth2(const char *local_user, const char *server_user, char *host,
404 if (authctxt.method == NULL) 391 if (authctxt.method == NULL)
405 fatal("ssh_userauth2: internal error: cannot send userauth none request"); 392 fatal("ssh_userauth2: internal error: cannot send userauth none request");
406 393
407 /* initial userauth request */ 394 if ((r = sshpkt_start(ssh, SSH2_MSG_SERVICE_REQUEST)) != 0 ||
408 userauth_none(&authctxt); 395 (r = sshpkt_put_cstring(ssh, "ssh-userauth")) != 0 ||
396 (r = sshpkt_send(ssh)) != 0)
397 fatal("%s: %s", __func__, ssh_err(r));
409 398
410 dispatch_init(&input_userauth_error); 399 ssh_dispatch_init(ssh, &input_userauth_error);
411 dispatch_set(SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success); 400 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_ext_info);
412 dispatch_set(SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure); 401 ssh_dispatch_set(ssh, SSH2_MSG_SERVICE_ACCEPT, &input_userauth_service_accept);
413 dispatch_set(SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner); 402 ssh_dispatch_run(ssh, DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */
414 dispatch_run(DISPATCH_BLOCK, &authctxt.success, &authctxt); /* loop until success */
415 403
416 pubkey_cleanup(&authctxt); 404 pubkey_cleanup(&authctxt);
417 dispatch_range(SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL); 405 ssh_dispatch_range(ssh, SSH2_MSG_USERAUTH_MIN, SSH2_MSG_USERAUTH_MAX, NULL);
418 406
419 debug("Authentication succeeded (%s).", authctxt.method->name); 407 debug("Authentication succeeded (%s).", authctxt.method->name);
420} 408}
421 409
410/* ARGSUSED */
411int
412input_userauth_service_accept(int type, u_int32_t seqnr, void *ctxt)
413{
414 Authctxt *authctxt = ctxt;
415 struct ssh *ssh = active_state;
416 int r;
417
418 if (ssh_packet_remaining(ssh) > 0) {
419 char *reply;
420
421 if ((r = sshpkt_get_cstring(ssh, &reply, NULL)) != 0)
422 goto out;
423 debug2("service_accept: %s", reply);
424 free(reply);
425 } else {
426 debug2("buggy server: service_accept w/o service");
427 }
428 if ((r = sshpkt_get_end(ssh)) != 0)
429 goto out;
430 debug("SSH2_MSG_SERVICE_ACCEPT received");
431
432 /* initial userauth request */
433 userauth_none(authctxt);
434
435 ssh_dispatch_set(ssh, SSH2_MSG_EXT_INFO, &input_userauth_error);
436 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_SUCCESS, &input_userauth_success);
437 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_FAILURE, &input_userauth_failure);
438 ssh_dispatch_set(ssh, SSH2_MSG_USERAUTH_BANNER, &input_userauth_banner);
439 r = 0;
440 out:
441 return r;
442}
443
444/* ARGSUSED */
445int
446input_userauth_ext_info(int type, u_int32_t seqnr, void *ctxt)
447{
448 return kex_input_ext_info(type, seqnr, active_state);
449}
450
422void 451void
423userauth(Authctxt *authctxt, char *authlist) 452userauth(Authctxt *authctxt, char *authlist)
424{ 453{
@@ -970,29 +999,48 @@ input_userauth_passwd_changereq(int type, u_int32_t seqnr, void *ctxt)
970 return 0; 999 return 0;
971} 1000}
972 1001
1002static const char *
1003identity_sign_encode(struct identity *id)
1004{
1005 struct ssh *ssh = active_state;
1006
1007 if (id->key->type == KEY_RSA) {
1008 switch (ssh->kex->rsa_sha2) {
1009 case 256:
1010 return "rsa-sha2-256";
1011 case 512:
1012 return "rsa-sha2-512";
1013 }
1014 }
1015 return key_ssh_name(id->key);
1016}
1017
973static int 1018static int
974identity_sign(struct identity *id, u_char **sigp, size_t *lenp, 1019identity_sign(struct identity *id, u_char **sigp, size_t *lenp,
975 const u_char *data, size_t datalen, u_int compat) 1020 const u_char *data, size_t datalen, u_int compat)
976{ 1021{
977 Key *prv; 1022 Key *prv;
978 int ret; 1023 int ret;
1024 const char *alg;
1025
1026 alg = identity_sign_encode(id);
979 1027
980 /* the agent supports this key */ 1028 /* the agent supports this key */
981 if (id->agent_fd) 1029 if (id->agent_fd != -1)
982 return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp, 1030 return ssh_agent_sign(id->agent_fd, id->key, sigp, lenp,
983 data, datalen, compat); 1031 data, datalen, alg, compat);
984 1032
985 /* 1033 /*
986 * we have already loaded the private key or 1034 * we have already loaded the private key or
987 * the private key is stored in external hardware 1035 * the private key is stored in external hardware
988 */ 1036 */
989 if (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT)) 1037 if (id->isprivate || (id->key->flags & SSHKEY_FLAG_EXT))
990 return (sshkey_sign(id->key, sigp, lenp, data, datalen, 1038 return (sshkey_sign(id->key, sigp, lenp, data, datalen, alg,
991 compat)); 1039 compat));
992 /* load the private key from the file */ 1040 /* load the private key from the file */
993 if ((prv = load_identity_file(id->filename, id->userprovided)) == NULL) 1041 if ((prv = load_identity_file(id)) == NULL)
994 return (-1); /* XXX return decent error code */ 1042 return SSH_ERR_KEY_NOT_FOUND;
995 ret = sshkey_sign(prv, sigp, lenp, data, datalen, compat); 1043 ret = sshkey_sign(prv, sigp, lenp, data, datalen, alg, compat);
996 sshkey_free(prv); 1044 sshkey_free(prv);
997 return (ret); 1045 return (ret);
998} 1046}
@@ -1001,18 +1049,17 @@ static int
1001sign_and_send_pubkey(Authctxt *authctxt, Identity *id) 1049sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
1002{ 1050{
1003 Buffer b; 1051 Buffer b;
1052 Identity *private_id;
1004 u_char *blob, *signature; 1053 u_char *blob, *signature;
1005 u_int bloblen;
1006 size_t slen; 1054 size_t slen;
1007 u_int skip = 0; 1055 u_int bloblen, skip = 0;
1008 int ret = -1; 1056 int matched, ret = -1, have_sig = 1;
1009 int have_sig = 1;
1010 char *fp; 1057 char *fp;
1011 1058
1012 if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash, 1059 if ((fp = sshkey_fingerprint(id->key, options.fingerprint_hash,
1013 SSH_FP_DEFAULT)) == NULL) 1060 SSH_FP_DEFAULT)) == NULL)
1014 return 0; 1061 return 0;
1015 debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp); 1062 debug3("%s: %s %s", __func__, key_type(id->key), fp);
1016 free(fp); 1063 free(fp);
1017 1064
1018 if (key_to_blob(id->key, &blob, &bloblen) == 0) { 1065 if (key_to_blob(id->key, &blob, &bloblen) == 0) {
@@ -1040,14 +1087,46 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
1040 } else { 1087 } else {
1041 buffer_put_cstring(&b, authctxt->method->name); 1088 buffer_put_cstring(&b, authctxt->method->name);
1042 buffer_put_char(&b, have_sig); 1089 buffer_put_char(&b, have_sig);
1043 buffer_put_cstring(&b, key_ssh_name(id->key)); 1090 buffer_put_cstring(&b, identity_sign_encode(id));
1044 } 1091 }
1045 buffer_put_string(&b, blob, bloblen); 1092 buffer_put_string(&b, blob, bloblen);
1046 1093
1094 /*
1095 * If the key is an certificate, try to find a matching private key
1096 * and use it to complete the signature.
1097 * If no such private key exists, return failure and continue with
1098 * other methods of authentication.
1099 */
1100 if (key_is_cert(id->key)) {
1101 matched = 0;
1102 TAILQ_FOREACH(private_id, &authctxt->keys, next) {
1103 if (sshkey_equal_public(id->key, private_id->key) &&
1104 id->key->type != private_id->key->type) {
1105 id = private_id;
1106 matched = 1;
1107 break;
1108 }
1109 }
1110 if (matched) {
1111 debug2("%s: using private key \"%s\"%s for "
1112 "certificate", __func__, id->filename,
1113 id->agent_fd != -1 ? " from agent" : "");
1114 } else {
1115 /* XXX maybe verbose/error? */
1116 debug("%s: no private key for certificate "
1117 "\"%s\"", __func__, id->filename);
1118 free(blob);
1119 buffer_free(&b);
1120 return 0;
1121 }
1122 }
1123
1047 /* generate signature */ 1124 /* generate signature */
1048 ret = identity_sign(id, &signature, &slen, 1125 ret = identity_sign(id, &signature, &slen,
1049 buffer_ptr(&b), buffer_len(&b), datafellows); 1126 buffer_ptr(&b), buffer_len(&b), datafellows);
1050 if (ret != 0) { 1127 if (ret != 0) {
1128 if (ret != SSH_ERR_KEY_NOT_FOUND)
1129 error("%s: signing failed: %s", __func__, ssh_err(ret));
1051 free(blob); 1130 free(blob);
1052 buffer_free(&b); 1131 buffer_free(&b);
1053 return 0; 1132 return 0;
@@ -1110,7 +1189,7 @@ send_pubkey_test(Authctxt *authctxt, Identity *id)
1110 packet_put_cstring(authctxt->method->name); 1189 packet_put_cstring(authctxt->method->name);
1111 packet_put_char(have_sig); 1190 packet_put_char(have_sig);
1112 if (!(datafellows & SSH_BUG_PKAUTH)) 1191 if (!(datafellows & SSH_BUG_PKAUTH))
1113 packet_put_cstring(key_ssh_name(id->key)); 1192 packet_put_cstring(identity_sign_encode(id));
1114 packet_put_string(blob, bloblen); 1193 packet_put_string(blob, bloblen);
1115 free(blob); 1194 free(blob);
1116 packet_send(); 1195 packet_send();
@@ -1118,20 +1197,20 @@ send_pubkey_test(Authctxt *authctxt, Identity *id)
1118} 1197}
1119 1198
1120static Key * 1199static Key *
1121load_identity_file(char *filename, int userprovided) 1200load_identity_file(Identity *id)
1122{ 1201{
1123 Key *private; 1202 Key *private = NULL;
1124 char prompt[300], *passphrase; 1203 char prompt[300], *passphrase, *comment;
1125 int r, perm_ok = 0, quit = 0, i; 1204 int r, perm_ok = 0, quit = 0, i;
1126 struct stat st; 1205 struct stat st;
1127 1206
1128 if (stat(filename, &st) < 0) { 1207 if (stat(id->filename, &st) < 0) {
1129 (userprovided ? logit : debug3)("no such identity: %s: %s", 1208 (id->userprovided ? logit : debug3)("no such identity: %s: %s",
1130 filename, strerror(errno)); 1209 id->filename, strerror(errno));
1131 return NULL; 1210 return NULL;
1132 } 1211 }
1133 snprintf(prompt, sizeof prompt, 1212 snprintf(prompt, sizeof prompt,
1134 "Enter passphrase for key '%.100s': ", filename); 1213 "Enter passphrase for key '%.100s': ", id->filename);
1135 for (i = 0; i <= options.number_of_password_prompts; i++) { 1214 for (i = 0; i <= options.number_of_password_prompts; i++) {
1136 if (i == 0) 1215 if (i == 0)
1137 passphrase = ""; 1216 passphrase = "";
@@ -1143,8 +1222,8 @@ load_identity_file(char *filename, int userprovided)
1143 break; 1222 break;
1144 } 1223 }
1145 } 1224 }
1146 switch ((r = sshkey_load_private_type(KEY_UNSPEC, filename, 1225 switch ((r = sshkey_load_private_type(KEY_UNSPEC, id->filename,
1147 passphrase, &private, NULL, &perm_ok))) { 1226 passphrase, &private, &comment, &perm_ok))) {
1148 case 0: 1227 case 0:
1149 break; 1228 break;
1150 case SSH_ERR_KEY_WRONG_PASSPHRASE: 1229 case SSH_ERR_KEY_WRONG_PASSPHRASE:
@@ -1158,20 +1237,25 @@ load_identity_file(char *filename, int userprovided)
1158 case SSH_ERR_SYSTEM_ERROR: 1237 case SSH_ERR_SYSTEM_ERROR:
1159 if (errno == ENOENT) { 1238 if (errno == ENOENT) {
1160 debug2("Load key \"%s\": %s", 1239 debug2("Load key \"%s\": %s",
1161 filename, ssh_err(r)); 1240 id->filename, ssh_err(r));
1162 quit = 1; 1241 quit = 1;
1163 break; 1242 break;
1164 } 1243 }
1165 /* FALLTHROUGH */ 1244 /* FALLTHROUGH */
1166 default: 1245 default:
1167 error("Load key \"%s\": %s", filename, ssh_err(r)); 1246 error("Load key \"%s\": %s", id->filename, ssh_err(r));
1168 quit = 1; 1247 quit = 1;
1169 break; 1248 break;
1170 } 1249 }
1250 if (!quit && private != NULL && id->agent_fd == -1 &&
1251 !(id->key && id->isprivate))
1252 maybe_add_key_to_agent(id->filename, private, comment,
1253 passphrase);
1171 if (i > 0) { 1254 if (i > 0) {
1172 explicit_bzero(passphrase, strlen(passphrase)); 1255 explicit_bzero(passphrase, strlen(passphrase));
1173 free(passphrase); 1256 free(passphrase);
1174 } 1257 }
1258 free(comment);
1175 if (private != NULL || quit) 1259 if (private != NULL || quit)
1176 break; 1260 break;
1177 } 1261 }
@@ -1180,9 +1264,11 @@ load_identity_file(char *filename, int userprovided)
1180 1264
1181/* 1265/*
1182 * try keys in the following order: 1266 * try keys in the following order:
1183 * 1. agent keys that are found in the config file 1267 * 1. certificates listed in the config file
1184 * 2. other agent keys 1268 * 2. other input certificates
1185 * 3. keys that are only listed in the config file 1269 * 3. agent keys that are found in the config file
1270 * 4. other agent keys
1271 * 5. keys that are only listed in the config file
1186 */ 1272 */
1187static void 1273static void
1188pubkey_prepare(Authctxt *authctxt) 1274pubkey_prepare(Authctxt *authctxt)
@@ -1190,7 +1276,7 @@ pubkey_prepare(Authctxt *authctxt)
1190 struct identity *id, *id2, *tmp; 1276 struct identity *id, *id2, *tmp;
1191 struct idlist agent, files, *preferred; 1277 struct idlist agent, files, *preferred;
1192 struct sshkey *key; 1278 struct sshkey *key;
1193 int agent_fd, i, r, found; 1279 int agent_fd = -1, i, r, found;
1194 size_t j; 1280 size_t j;
1195 struct ssh_identitylist *idlist; 1281 struct ssh_identitylist *idlist;
1196 1282
@@ -1208,6 +1294,7 @@ pubkey_prepare(Authctxt *authctxt)
1208 continue; 1294 continue;
1209 options.identity_keys[i] = NULL; 1295 options.identity_keys[i] = NULL;
1210 id = xcalloc(1, sizeof(*id)); 1296 id = xcalloc(1, sizeof(*id));
1297 id->agent_fd = -1;
1211 id->key = key; 1298 id->key = key;
1212 id->filename = xstrdup(options.identity_files[i]); 1299 id->filename = xstrdup(options.identity_files[i]);
1213 id->userprovided = options.identity_file_userprovided[i]; 1300 id->userprovided = options.identity_file_userprovided[i];
@@ -1236,6 +1323,19 @@ pubkey_prepare(Authctxt *authctxt)
1236 free(id); 1323 free(id);
1237 } 1324 }
1238 } 1325 }
1326 /* list of certificates specified by user */
1327 for (i = 0; i < options.num_certificate_files; i++) {
1328 key = options.certificates[i];
1329 if (!key_is_cert(key) || key->cert == NULL ||
1330 key->cert->type != SSH2_CERT_TYPE_USER)
1331 continue;
1332 id = xcalloc(1, sizeof(*id));
1333 id->agent_fd = -1;
1334 id->key = key;
1335 id->filename = xstrdup(options.certificate_files[i]);
1336 id->userprovided = options.certificate_file_userprovided[i];
1337 TAILQ_INSERT_TAIL(preferred, id, next);
1338 }
1239 /* list of keys supported by the agent */ 1339 /* list of keys supported by the agent */
1240 if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) { 1340 if ((r = ssh_get_authentication_socket(&agent_fd)) != 0) {
1241 if (r != SSH_ERR_AGENT_NOT_PRESENT) 1341 if (r != SSH_ERR_AGENT_NOT_PRESENT)
@@ -1245,6 +1345,7 @@ pubkey_prepare(Authctxt *authctxt)
1245 if (r != SSH_ERR_AGENT_NO_IDENTITIES) 1345 if (r != SSH_ERR_AGENT_NO_IDENTITIES)
1246 debug("%s: ssh_fetch_identitylist: %s", 1346 debug("%s: ssh_fetch_identitylist: %s",
1247 __func__, ssh_err(r)); 1347 __func__, ssh_err(r));
1348 close(agent_fd);
1248 } else { 1349 } else {
1249 for (j = 0; j < idlist->nkeys; j++) { 1350 for (j = 0; j < idlist->nkeys; j++) {
1250 found = 0; 1351 found = 0;
@@ -1285,9 +1386,23 @@ pubkey_prepare(Authctxt *authctxt)
1285 TAILQ_REMOVE(&files, id, next); 1386 TAILQ_REMOVE(&files, id, next);
1286 TAILQ_INSERT_TAIL(preferred, id, next); 1387 TAILQ_INSERT_TAIL(preferred, id, next);
1287 } 1388 }
1288 TAILQ_FOREACH(id, preferred, next) { 1389 /* finally, filter by PubkeyAcceptedKeyTypes */
1289 debug2("key: %s (%p),%s", id->filename, id->key, 1390 TAILQ_FOREACH_SAFE(id, preferred, next, id2) {
1290 id->userprovided ? " explicit" : ""); 1391 if (id->key != NULL &&
1392 match_pattern_list(sshkey_ssh_name(id->key),
1393 options.pubkey_key_types, 0) != 1) {
1394 debug("Skipping %s key %s - "
1395 "not in PubkeyAcceptedKeyTypes",
1396 sshkey_ssh_name(id->key), id->filename);
1397 TAILQ_REMOVE(preferred, id, next);
1398 sshkey_free(id->key);
1399 free(id->filename);
1400 memset(id, 0, sizeof(*id));
1401 continue;
1402 }
1403 debug2("key: %s (%p)%s%s", id->filename, id->key,
1404 id->userprovided ? ", explicit" : "",
1405 id->agent_fd != -1 ? ", agent" : "");
1291 } 1406 }
1292} 1407}
1293 1408
@@ -1301,8 +1416,7 @@ pubkey_cleanup(Authctxt *authctxt)
1301 for (id = TAILQ_FIRST(&authctxt->keys); id; 1416 for (id = TAILQ_FIRST(&authctxt->keys); id;
1302 id = TAILQ_FIRST(&authctxt->keys)) { 1417 id = TAILQ_FIRST(&authctxt->keys)) {
1303 TAILQ_REMOVE(&authctxt->keys, id, next); 1418 TAILQ_REMOVE(&authctxt->keys, id, next);
1304 if (id->key) 1419 sshkey_free(id->key);
1305 sshkey_free(id->key);
1306 free(id->filename); 1420 free(id->filename);
1307 free(id); 1421 free(id);
1308 } 1422 }
@@ -1313,12 +1427,6 @@ try_identity(Identity *id)
1313{ 1427{
1314 if (!id->key) 1428 if (!id->key)
1315 return (0); 1429 return (0);
1316 if (match_pattern_list(sshkey_ssh_name(id->key),
1317 options.pubkey_key_types, 0) != 1) {
1318 debug("Skipping %s key %s for not in PubkeyAcceptedKeyTypes",
1319 sshkey_ssh_name(id->key), id->filename);
1320 return (0);
1321 }
1322 if (key_type_plain(id->key->type) == KEY_RSA && 1430 if (key_type_plain(id->key->type) == KEY_RSA &&
1323 (datafellows & SSH_BUG_RSASIGMD5) != 0) { 1431 (datafellows & SSH_BUG_RSASIGMD5) != 0) {
1324 debug("Skipped %s key %s for RSA/MD5 server", 1432 debug("Skipped %s key %s for RSA/MD5 server",
@@ -1353,8 +1461,7 @@ userauth_pubkey(Authctxt *authctxt)
1353 } 1461 }
1354 } else { 1462 } else {
1355 debug("Trying private key: %s", id->filename); 1463 debug("Trying private key: %s", id->filename);
1356 id->key = load_identity_file(id->filename, 1464 id->key = load_identity_file(id);
1357 id->userprovided);
1358 if (id->key != NULL) { 1465 if (id->key != NULL) {
1359 if (try_identity(id)) { 1466 if (try_identity(id)) {
1360 id->isprivate = 1; 1467 id->isprivate = 1;
@@ -1513,7 +1620,7 @@ ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp,
1513 closefrom(sock + 1); 1620 closefrom(sock + 1);
1514 debug3("%s: [child] pid=%ld, exec %s", 1621 debug3("%s: [child] pid=%ld, exec %s",
1515 __func__, (long)getpid(), _PATH_SSH_KEY_SIGN); 1622 __func__, (long)getpid(), _PATH_SSH_KEY_SIGN);
1516 execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *) 0); 1623 execl(_PATH_SSH_KEY_SIGN, _PATH_SSH_KEY_SIGN, (char *)NULL);
1517 fatal("%s: exec(%s): %s", __func__, _PATH_SSH_KEY_SIGN, 1624 fatal("%s: exec(%s): %s", __func__, _PATH_SSH_KEY_SIGN,
1518 strerror(errno)); 1625 strerror(errno));
1519 } 1626 }
@@ -1685,7 +1792,7 @@ userauth_hostbased(Authctxt *authctxt)
1685 r = ssh_keysign(private, &sig, &siglen, 1792 r = ssh_keysign(private, &sig, &siglen,
1686 sshbuf_ptr(b), sshbuf_len(b)); 1793 sshbuf_ptr(b), sshbuf_len(b));
1687 else if ((r = sshkey_sign(private, &sig, &siglen, 1794 else if ((r = sshkey_sign(private, &sig, &siglen,
1688 sshbuf_ptr(b), sshbuf_len(b), datafellows)) != 0) 1795 sshbuf_ptr(b), sshbuf_len(b), NULL, datafellows)) != 0)
1689 debug("%s: sshkey_sign: %s", __func__, ssh_err(r)); 1796 debug("%s: sshkey_sign: %s", __func__, ssh_err(r));
1690 if (r != 0) { 1797 if (r != 0) {
1691 error("sign using hostkey %s %s failed", 1798 error("sign using hostkey %s %s failed",
diff --git a/sshd.0 b/sshd.0
index 798022568..7eb05312f 100644
--- a/sshd.0
+++ b/sshd.0
@@ -146,11 +146,11 @@ DESCRIPTION
146AUTHENTICATION 146AUTHENTICATION
147 The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to 147 The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to
148 use protocol 2 only, though this can be changed via the Protocol option 148 use protocol 2 only, though this can be changed via the Protocol option
149 in sshd_config(5). Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; 149 in sshd_config(5). Protocol 1 should not be used and is only offered to
150 protocol 1 only supports RSA keys. For both protocols, each host has a 150 support legacy devices.
151 host-specific key, normally 2048 bits, used to identify the host.
152 151
153 Forward security for protocol 1 is provided through an additional server 152 Each host has a host-specific key, used to identify the host. Partial
153 forward security for protocol 1 is provided through an additional server
154 key, normally 1024 bits, generated when the server starts. This key is 154 key, normally 1024 bits, generated when the server starts. This key is
155 normally regenerated every hour if it has been used, and is never stored 155 normally regenerated every hour if it has been used, and is never stored
156 on disk. Whenever a client connects, the daemon responds with its public 156 on disk. Whenever a client connects, the daemon responds with its public
@@ -268,7 +268,7 @@ SSHRC
268 268
269AUTHORIZED_KEYS FILE FORMAT 269AUTHORIZED_KEYS FILE FORMAT
270 AuthorizedKeysFile specifies the files containing public keys for public 270 AuthorizedKeysFile specifies the files containing public keys for public
271 key authentication; if none is specified, the default is 271 key authentication; if this option is not specified, the default is
272 ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the 272 ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the
273 file contains one key (empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y are 273 file contains one key (empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y are
274 ignored as comments). Protocol 1 public keys consist of the following 274 ignored as comments). Protocol 1 public keys consist of the following
@@ -298,6 +298,10 @@ AUTHORIZED_KEYS FILE FORMAT
298 The following option specifications are supported (note that option 298 The following option specifications are supported (note that option
299 keywords are case-insensitive): 299 keywords are case-insensitive):
300 300
301 agent-forwarding
302 Enable authentication agent forwarding previously disabled by the
303 restrict option.
304
301 cert-authority 305 cert-authority
302 Specifies that the listed key is a certification authority (CA) 306 Specifies that the listed key is a certification authority (CA)
303 that is trusted to validate signed certificates for user 307 that is trusted to validate signed certificates for user
@@ -378,6 +382,9 @@ AUTHORIZED_KEYS FILE FORMAT
378 must be literal domains or addresses. A port specification of * 382 must be literal domains or addresses. A port specification of *
379 matches any port. 383 matches any port.
380 384
385 port-forwarding
386 Enable port forwarding previously disabled by the restrict
387
381 principals="principals" 388 principals="principals"
382 On a cert-authority line, specifies allowed principals for 389 On a cert-authority line, specifies allowed principals for
383 certificate authentication as a comma-separated list. At least 390 certificate authentication as a comma-separated list. At least
@@ -386,11 +393,28 @@ AUTHORIZED_KEYS FILE FORMAT
386 ignored for keys that are not marked as trusted certificate 393 ignored for keys that are not marked as trusted certificate
387 signers using the cert-authority option. 394 signers using the cert-authority option.
388 395
396 pty Permits tty allocation previously disabled by the restrict
397 option.
398
399 restrict
400 Enable all restrictions, i.e. disable port, agent and X11
401 forwarding, as well as disabling PTY allocation and execution of
402 ~/.ssh/rc. If any future restriction capabilities are added to
403 authorized_keys files they will be included in this set.
404
389 tunnel="n" 405 tunnel="n"
390 Force a tun(4) device on the server. Without this option, the 406 Force a tun(4) device on the server. Without this option, the
391 next available device will be used if the client requests a 407 next available device will be used if the client requests a
392 tunnel. 408 tunnel.
393 409
410 user-rc
411 Enables execution of ~/.ssh/rc previously disabled by the
412 restrict option.
413
414 X11-forwarding
415 Permits X11 forwarding previously disabled by the restrict
416 option.
417
394 An example authorized_keys file: 418 An example authorized_keys file:
395 419
396 # Comments allowed at start of line 420 # Comments allowed at start of line
@@ -403,6 +427,10 @@ AUTHORIZED_KEYS FILE FORMAT
403 AAAAB5...21S== 427 AAAAB5...21S==
404 tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== 428 tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...==
405 jane@example.net 429 jane@example.net
430 restrict,command="uptime" ssh-rsa AAAA1C8...32Tv==
431 user@example.net
432 restrict,pty,command="nethack" ssh-rsa AAAA1f8...IrrC5==
433 user@example.net
406 434
407SSH_KNOWN_HOSTS FILE FORMAT 435SSH_KNOWN_HOSTS FILE FORMAT
408 The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host 436 The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host
@@ -552,7 +580,9 @@ FILES
552 580
553 /etc/moduli 581 /etc/moduli
554 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group 582 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group
555 Exchange". The file format is described in moduli(5). 583 Exchange" key exchange method. The file format is described in
584 moduli(5). If no usable groups are found in this file then fixed
585 internal groups will be used.
556 586
557 /etc/motd 587 /etc/motd
558 See motd(5). 588 See motd(5).
@@ -632,4 +662,4 @@ AUTHORS
632 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 662 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
633 for privilege separation. 663 for privilege separation.
634 664
635OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 665OpenBSD 5.9 February 17, 2016 OpenBSD 5.9
diff --git a/sshd.8 b/sshd.8
index 213b5fc43..6c521f23e 100644
--- a/sshd.8
+++ b/sshd.8
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $ 36.\" $OpenBSD: sshd.8,v 1.284 2016/02/17 07:38:19 jmc Exp $
37.Dd $Mdocdate: July 3 2015 $ 37.Dd $Mdocdate: February 17 2016 $
38.Dt SSHD 8 38.Dt SSHD 8
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -275,14 +275,12 @@ though this can be changed via the
275.Cm Protocol 275.Cm Protocol
276option in 276option in
277.Xr sshd_config 5 . 277.Xr sshd_config 5 .
278Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; 278Protocol 1 should not be used
279protocol 1 only supports RSA keys. 279and is only offered to support legacy devices.
280For both protocols,
281each host has a host-specific key,
282normally 2048 bits,
283used to identify the host.
284.Pp 280.Pp
285Forward security for protocol 1 is provided through 281Each host has a host-specific key,
282used to identify the host.
283Partial forward security for protocol 1 is provided through
286an additional server key, 284an additional server key,
287normally 1024 bits, 285normally 1024 bits,
288generated when the server starts. 286generated when the server starts.
@@ -470,7 +468,7 @@ does not exist either, xauth is used to add the cookie.
470.Cm AuthorizedKeysFile 468.Cm AuthorizedKeysFile
471specifies the files containing public keys for 469specifies the files containing public keys for
472public key authentication; 470public key authentication;
473if none is specified, the default is 471if this option is not specified, the default is
474.Pa ~/.ssh/authorized_keys 472.Pa ~/.ssh/authorized_keys
475and 473and
476.Pa ~/.ssh/authorized_keys2 . 474.Pa ~/.ssh/authorized_keys2 .
@@ -522,6 +520,10 @@ No spaces are permitted, except within double quotes.
522The following option specifications are supported (note 520The following option specifications are supported (note
523that option keywords are case-insensitive): 521that option keywords are case-insensitive):
524.Bl -tag -width Ds 522.Bl -tag -width Ds
523.It Cm agent-forwarding
524Enable authentication agent forwarding previously disabled by the
525.Cm restrict
526option.
525.It Cm cert-authority 527.It Cm cert-authority
526Specifies that the listed key is a certification authority (CA) that is 528Specifies that the listed key is a certification authority (CA) that is
527trusted to validate signed certificates for user authentication. 529trusted to validate signed certificates for user authentication.
@@ -616,6 +618,9 @@ they must be literal domains or addresses.
616A port specification of 618A port specification of
617.Cm * 619.Cm *
618matches any port. 620matches any port.
621.It Cm port-forwarding
622Enable port forwarding previously disabled by the
623.Cm restrict
619.It Cm principals="principals" 624.It Cm principals="principals"
620On a 625On a
621.Cm cert-authority 626.Cm cert-authority
@@ -627,12 +632,33 @@ This option is ignored for keys that are not marked as trusted certificate
627signers using the 632signers using the
628.Cm cert-authority 633.Cm cert-authority
629option. 634option.
635.It Cm pty
636Permits tty allocation previously disabled by the
637.Cm restrict
638option.
639.It Cm restrict
640Enable all restrictions, i.e. disable port, agent and X11 forwarding,
641as well as disabling PTY allocation
642and execution of
643.Pa ~/.ssh/rc .
644If any future restriction capabilities are added to authorized_keys files
645they will be included in this set.
630.It Cm tunnel="n" 646.It Cm tunnel="n"
631Force a 647Force a
632.Xr tun 4 648.Xr tun 4
633device on the server. 649device on the server.
634Without this option, the next available device will be used if 650Without this option, the next available device will be used if
635the client requests a tunnel. 651the client requests a tunnel.
652.It Cm user-rc
653Enables execution of
654.Pa ~/.ssh/rc
655previously disabled by the
656.Cm restrict
657option.
658.It Cm X11-forwarding
659Permits X11 forwarding previously disabled by the
660.Cm restrict
661option.
636.El 662.El
637.Pp 663.Pp
638An example authorized_keys file: 664An example authorized_keys file:
@@ -647,6 +673,10 @@ permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss
647AAAAB5...21S== 673AAAAB5...21S==
648tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== 674tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...==
649jane@example.net 675jane@example.net
676restrict,command="uptime" ssh-rsa AAAA1C8...32Tv==
677user@example.net
678restrict,pty,command="nethack" ssh-rsa AAAA1f8...IrrC5==
679user@example.net
650.Ed 680.Ed
651.Sh SSH_KNOWN_HOSTS FILE FORMAT 681.Sh SSH_KNOWN_HOSTS FILE FORMAT
652The 682The
@@ -856,9 +886,12 @@ This file is for host-based authentication (see
856It should only be writable by root. 886It should only be writable by root.
857.Pp 887.Pp
858.It Pa /etc/moduli 888.It Pa /etc/moduli
859Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". 889Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange"
890key exchange method.
860The file format is described in 891The file format is described in
861.Xr moduli 5 . 892.Xr moduli 5 .
893If no usable groups are found in this file then fixed internal groups will
894be used.
862.Pp 895.Pp
863.It Pa /etc/motd 896.It Pa /etc/motd
864See 897See
diff --git a/sshd.c b/sshd.c
index 43d465085..430569c46 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.458 2015/08/20 22:32:42 deraadt Exp $ */ 1/* $OpenBSD: sshd.c,v 1.465 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -121,7 +121,6 @@
121#include "ssh-gss.h" 121#include "ssh-gss.h"
122#endif 122#endif
123#include "monitor_wrap.h" 123#include "monitor_wrap.h"
124#include "roaming.h"
125#include "ssh-sandbox.h" 124#include "ssh-sandbox.h"
126#include "version.h" 125#include "version.h"
127#include "ssherr.h" 126#include "ssherr.h"
@@ -437,7 +436,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
437 options.version_addendum, newline); 436 options.version_addendum, newline);
438 437
439 /* Send our protocol version identification. */ 438 /* Send our protocol version identification. */
440 if (roaming_atomicio(vwrite, sock_out, server_version_string, 439 if (atomicio(vwrite, sock_out, server_version_string,
441 strlen(server_version_string)) 440 strlen(server_version_string))
442 != strlen(server_version_string)) { 441 != strlen(server_version_string)) {
443 logit("Could not write ident string to %s", get_remote_ipaddr()); 442 logit("Could not write ident string to %s", get_remote_ipaddr());
@@ -447,7 +446,7 @@ sshd_exchange_identification(int sock_in, int sock_out)
447 /* Read other sides version identification. */ 446 /* Read other sides version identification. */
448 memset(buf, 0, sizeof(buf)); 447 memset(buf, 0, sizeof(buf));
449 for (i = 0; i < sizeof(buf) - 1; i++) { 448 for (i = 0; i < sizeof(buf) - 1; i++) {
450 if (roaming_atomicio(read, sock_in, &buf[i], 1) != 1) { 449 if (atomicio(read, sock_in, &buf[i], 1) != 1) {
451 logit("Did not receive identification string from %s", 450 logit("Did not receive identification string from %s",
452 get_remote_ipaddr()); 451 get_remote_ipaddr());
453 cleanup_exit(255); 452 cleanup_exit(255);
@@ -632,25 +631,23 @@ privsep_preauth_child(void)
632 /* Demote the private keys to public keys. */ 631 /* Demote the private keys to public keys. */
633 demote_sensitive_data(); 632 demote_sensitive_data();
634 633
635 /* Change our root directory */ 634 /* Demote the child */
636 if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1) 635 if (getuid() == 0 || geteuid() == 0) {
637 fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR, 636 /* Change our root directory */
638 strerror(errno)); 637 if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
639 if (chdir("/") == -1) 638 fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
640 fatal("chdir(\"/\"): %s", strerror(errno)); 639 strerror(errno));
641 640 if (chdir("/") == -1)
642 /* Drop our privileges */ 641 fatal("chdir(\"/\"): %s", strerror(errno));
643 debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid, 642
644 (u_int)privsep_pw->pw_gid); 643 /* Drop our privileges */
645#if 0 644 debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
646 /* XXX not ready, too heavy after chroot */ 645 (u_int)privsep_pw->pw_gid);
647 do_setusercontext(privsep_pw); 646 gidset[0] = privsep_pw->pw_gid;
648#else 647 if (setgroups(1, gidset) < 0)
649 gidset[0] = privsep_pw->pw_gid; 648 fatal("setgroups: %.100s", strerror(errno));
650 if (setgroups(1, gidset) < 0) 649 permanently_set_uid(privsep_pw);
651 fatal("setgroups: %.100s", strerror(errno)); 650 }
652 permanently_set_uid(privsep_pw);
653#endif
654} 651}
655 652
656static int 653static int
@@ -716,9 +713,7 @@ privsep_preauth(Authctxt *authctxt)
716 /* Arrange for logging to be sent to the monitor */ 713 /* Arrange for logging to be sent to the monitor */
717 set_log_handler(mm_log_handler, pmonitor); 714 set_log_handler(mm_log_handler, pmonitor);
718 715
719 /* Demote the child */ 716 privsep_preauth_child();
720 if (getuid() == 0 || geteuid() == 0)
721 privsep_preauth_child();
722 setproctitle("%s", "[net]"); 717 setproctitle("%s", "[net]");
723 if (box != NULL) 718 if (box != NULL)
724 ssh_sandbox_child(box); 719 ssh_sandbox_child(box);
@@ -820,6 +815,12 @@ list_hostkey_types(void)
820 buffer_append(&b, ",", 1); 815 buffer_append(&b, ",", 1);
821 p = key_ssh_name(key); 816 p = key_ssh_name(key);
822 buffer_append(&b, p, strlen(p)); 817 buffer_append(&b, p, strlen(p));
818
819 /* for RSA we also support SHA2 signatures */
820 if (key->type == KEY_RSA) {
821 p = ",rsa-sha2-512,rsa-sha2-256";
822 buffer_append(&b, p, strlen(p));
823 }
823 break; 824 break;
824 } 825 }
825 /* If the private key has a cert peer, then list that too */ 826 /* If the private key has a cert peer, then list that too */
@@ -1255,8 +1256,7 @@ server_accept_loop(int *sock_in, int *sock_out, int *newsock, int *config_s)
1255 for (;;) { 1256 for (;;) {
1256 if (received_sighup) 1257 if (received_sighup)
1257 sighup_restart(); 1258 sighup_restart();
1258 if (fdset != NULL) 1259 free(fdset);
1259 free(fdset);
1260 fdset = xcalloc(howmany(maxfd + 1, NFDBITS), 1260 fdset = xcalloc(howmany(maxfd + 1, NFDBITS),
1261 sizeof(fd_mask)); 1261 sizeof(fd_mask));
1262 1262
@@ -1476,6 +1476,8 @@ main(int ac, char **av)
1476 Authctxt *authctxt; 1476 Authctxt *authctxt;
1477 struct connection_info *connection_info = get_connection_info(0, 0); 1477 struct connection_info *connection_info = get_connection_info(0, 0);
1478 1478
1479 ssh_malloc_init(); /* must be called before any mallocs */
1480
1479#ifdef HAVE_SECUREWARE 1481#ifdef HAVE_SECUREWARE
1480 (void)set_auth_parameters(ac, av); 1482 (void)set_auth_parameters(ac, av);
1481#endif 1483#endif
@@ -1536,7 +1538,7 @@ main(int ac, char **av)
1536 no_daemon_flag = 1; 1538 no_daemon_flag = 1;
1537 break; 1539 break;
1538 case 'E': 1540 case 'E':
1539 logfile = xstrdup(optarg); 1541 logfile = optarg;
1540 /* FALLTHROUGH */ 1542 /* FALLTHROUGH */
1541 case 'e': 1543 case 'e':
1542 log_stderr = 1; 1544 log_stderr = 1;
@@ -1638,10 +1640,8 @@ main(int ac, char **av)
1638#endif 1640#endif
1639 1641
1640 /* If requested, redirect the logs to the specified logfile. */ 1642 /* If requested, redirect the logs to the specified logfile. */
1641 if (logfile != NULL) { 1643 if (logfile != NULL)
1642 log_redirect_stderr_to(logfile); 1644 log_redirect_stderr_to(logfile);
1643 free(logfile);
1644 }
1645 /* 1645 /*
1646 * Force logging to stderr until we have loaded the private host 1646 * Force logging to stderr until we have loaded the private host
1647 * key (unless started from inetd) 1647 * key (unless started from inetd)
@@ -2513,24 +2513,26 @@ do_ssh1_kex(void)
2513 2513
2514int 2514int
2515sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen, 2515sshd_hostkey_sign(Key *privkey, Key *pubkey, u_char **signature, size_t *slen,
2516 const u_char *data, size_t dlen, u_int flag) 2516 const u_char *data, size_t dlen, const char *alg, u_int flag)
2517{ 2517{
2518 int r; 2518 int r;
2519 u_int xxx_slen, xxx_dlen = dlen; 2519 u_int xxx_slen, xxx_dlen = dlen;
2520 2520
2521 if (privkey) { 2521 if (privkey) {
2522 if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen) < 0)) 2522 if (PRIVSEP(key_sign(privkey, signature, &xxx_slen, data, xxx_dlen,
2523 alg) < 0))
2523 fatal("%s: key_sign failed", __func__); 2524 fatal("%s: key_sign failed", __func__);
2524 if (slen) 2525 if (slen)
2525 *slen = xxx_slen; 2526 *slen = xxx_slen;
2526 } else if (use_privsep) { 2527 } else if (use_privsep) {
2527 if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen) < 0) 2528 if (mm_key_sign(pubkey, signature, &xxx_slen, data, xxx_dlen,
2529 alg) < 0)
2528 fatal("%s: pubkey_sign failed", __func__); 2530 fatal("%s: pubkey_sign failed", __func__);
2529 if (slen) 2531 if (slen)
2530 *slen = xxx_slen; 2532 *slen = xxx_slen;
2531 } else { 2533 } else {
2532 if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen, 2534 if ((r = ssh_agent_sign(auth_sock, pubkey, signature, slen,
2533 data, dlen, datafellows)) != 0) 2535 data, dlen, alg, datafellows)) != 0)
2534 fatal("%s: ssh_agent_sign failed: %s", 2536 fatal("%s: ssh_agent_sign failed: %s",
2535 __func__, ssh_err(r)); 2537 __func__, ssh_err(r));
2536 } 2538 }
@@ -2563,7 +2565,7 @@ do_ssh2_kex(void)
2563 } 2565 }
2564 2566
2565 if (options.rekey_limit || options.rekey_interval) 2567 if (options.rekey_limit || options.rekey_interval)
2566 packet_set_rekey_limits((u_int32_t)options.rekey_limit, 2568 packet_set_rekey_limits(options.rekey_limit,
2567 (time_t)options.rekey_interval); 2569 (time_t)options.rekey_interval);
2568 2570
2569 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( 2571 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(
diff --git a/sshd_config b/sshd_config
index 4d77f05aa..a848d73e4 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $ 1# $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $
2 2
3# This is the sshd server system-wide configuration file. See 3# This is the sshd server system-wide configuration file. See
4# sshd_config(5) for more information. 4# sshd_config(5) for more information.
@@ -107,7 +107,7 @@ AuthorizedKeysFile .ssh/authorized_keys
107#PrintLastLog yes 107#PrintLastLog yes
108#TCPKeepAlive yes 108#TCPKeepAlive yes
109#UseLogin no 109#UseLogin no
110UsePrivilegeSeparation sandbox # Default for new installations. 110#UsePrivilegeSeparation sandbox
111#PermitUserEnvironment no 111#PermitUserEnvironment no
112#Compression delayed 112#Compression delayed
113#ClientAliveInterval 0 113#ClientAliveInterval 0
diff --git a/sshd_config.0 b/sshd_config.0
index aae7fb6af..8bda6a39f 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -19,17 +19,16 @@ DESCRIPTION
19 AcceptEnv 19 AcceptEnv
20 Specifies what environment variables sent by the client will be 20 Specifies what environment variables sent by the client will be
21 copied into the session's environ(7). See SendEnv in 21 copied into the session's environ(7). See SendEnv in
22 ssh_config(5) for how to configure the client. Note that 22 ssh_config(5) for how to configure the client. The TERM
23 environment passing is only supported for protocol 2, and that 23 environment variable is always sent whenever the client requests
24 the TERM environment variable is always sent whenever the client 24 a pseudo-terminal as it is required by the protocol. Variables
25 requests a pseudo-terminal as it is required by the protocol. 25 are specified by name, which may contain the wildcard characters
26 Variables are specified by name, which may contain the wildcard 26 M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y. Multiple environment variables may be separated by
27 characters M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y. Multiple environment variables may be 27 whitespace or spread across multiple AcceptEnv directives. Be
28 separated by whitespace or spread across multiple AcceptEnv 28 warned that some environment variables could be used to bypass
29 directives. Be warned that some environment variables could be 29 restricted user environments. For this reason, care should be
30 used to bypass restricted user environments. For this reason, 30 taken in the use of this directive. The default is not to accept
31 care should be taken in the use of this directive. The default 31 any environment variables.
32 is not to accept any environment variables.
33 32
34 AddressFamily 33 AddressFamily
35 Specifies which address family should be used by sshd(8). Valid 34 Specifies which address family should be used by sshd(8). Valid
@@ -115,12 +114,11 @@ DESCRIPTION
115 AuthenticationMethods of M-bM-^@M-^\publickey,publickeyM-bM-^@M-^] will require 114 AuthenticationMethods of M-bM-^@M-^\publickey,publickeyM-bM-^@M-^] will require
116 successful authentication using two different public keys. 115 successful authentication using two different public keys.
117 116
118 This option is only available for SSH protocol 2 and will yield a 117 This option will yield a fatal error if enabled if protocol 1 is
119 fatal error if enabled if protocol 1 is also enabled. Note that 118 also enabled. Note that each authentication method listed should
120 each authentication method listed should also be explicitly 119 also be explicitly enabled in the configuration. The default is
121 enabled in the configuration. The default is not to require 120 not to require multiple authentication; successful completion of
122 multiple authentication; successful completion of a single 121 a single authentication method is sufficient.
123 authentication method is sufficient.
124 122
125 AuthorizedKeysCommand 123 AuthorizedKeysCommand
126 Specifies a program to be used to look up the user's public keys. 124 Specifies a program to be used to look up the user's public keys.
@@ -162,8 +160,9 @@ DESCRIPTION
162 replaced by the username of that user. After expansion, 160 replaced by the username of that user. After expansion,
163 AuthorizedKeysFile is taken to be an absolute path or one 161 AuthorizedKeysFile is taken to be an absolute path or one
164 relative to the user's home directory. Multiple files may be 162 relative to the user's home directory. Multiple files may be
165 listed, separated by whitespace. The default is 163 listed, separated by whitespace. Alternately this option may be
166 M-bM-^@M-^\.ssh/authorized_keys .ssh/authorized_keys2M-bM-^@M-^]. 164 set to M-bM-^@M-^\noneM-bM-^@M-^] to skip checking for user keys in files. The
165 default is M-bM-^@M-^\.ssh/authorized_keys .ssh/authorized_keys2M-bM-^@M-^].
167 166
168 AuthorizedPrincipalsCommand 167 AuthorizedPrincipalsCommand
169 Specifies a program to be used to generate the list of allowed 168 Specifies a program to be used to generate the list of allowed
@@ -220,8 +219,7 @@ DESCRIPTION
220 219
221 Banner The contents of the specified file are sent to the remote user 220 Banner The contents of the specified file are sent to the remote user
222 before authentication is allowed. If the argument is M-bM-^@M-^\noneM-bM-^@M-^] then 221 before authentication is allowed. If the argument is M-bM-^@M-^\noneM-bM-^@M-^] then
223 no banner is displayed. This option is only available for 222 no banner is displayed. By default, no banner is displayed.
224 protocol version 2. By default, no banner is displayed.
225 223
226 ChallengeResponseAuthentication 224 ChallengeResponseAuthentication
227 Specifies whether challenge-response authentication is allowed 225 Specifies whether challenge-response authentication is allowed
@@ -258,13 +256,13 @@ DESCRIPTION
258 (especially those outside the jail). Misconfiguration can lead 256 (especially those outside the jail). Misconfiguration can lead
259 to unsafe environments which sshd(8) cannot detect. 257 to unsafe environments which sshd(8) cannot detect.
260 258
261 The default is not to chroot(2). 259 The default is M-bM-^@M-^\noneM-bM-^@M-^], indicating not to chroot(2).
262 260
263 Ciphers 261 Ciphers
264 Specifies the ciphers allowed for protocol version 2. Multiple 262 Specifies the ciphers allowed. Multiple ciphers must be comma-
265 ciphers must be comma-separated. If the specified value begins 263 separated. If the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character,
266 with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified ciphers will be appended 264 then the specified ciphers will be appended to the default set
267 to the default set instead of replacing them. 265 instead of replacing them.
268 266
269 The supported ciphers are: 267 The supported ciphers are:
270 268
@@ -309,15 +307,14 @@ DESCRIPTION
309 The default value is 3. If ClientAliveInterval (see below) is 307 The default value is 3. If ClientAliveInterval (see below) is
310 set to 15, and ClientAliveCountMax is left at the default, 308 set to 15, and ClientAliveCountMax is left at the default,
311 unresponsive SSH clients will be disconnected after approximately 309 unresponsive SSH clients will be disconnected after approximately
312 45 seconds. This option applies to protocol version 2 only. 310 45 seconds.
313 311
314 ClientAliveInterval 312 ClientAliveInterval
315 Sets a timeout interval in seconds after which if no data has 313 Sets a timeout interval in seconds after which if no data has
316 been received from the client, sshd(8) will send a message 314 been received from the client, sshd(8) will send a message
317 through the encrypted channel to request a response from the 315 through the encrypted channel to request a response from the
318 client. The default is 0, indicating that these messages will 316 client. The default is 0, indicating that these messages will
319 not be sent to the client. This option applies to protocol 317 not be sent to the client.
320 version 2 only.
321 318
322 Compression 319 Compression
323 Specifies whether compression is allowed, or delayed until the 320 Specifies whether compression is allowed, or delayed until the
@@ -362,7 +359,7 @@ DESCRIPTION
362 SSH_ORIGINAL_COMMAND environment variable. Specifying a command 359 SSH_ORIGINAL_COMMAND environment variable. Specifying a command
363 of M-bM-^@M-^\internal-sftpM-bM-^@M-^] will force the use of an in-process sftp 360 of M-bM-^@M-^\internal-sftpM-bM-^@M-^] will force the use of an in-process sftp
364 server that requires no support files when used with 361 server that requires no support files when used with
365 ChrootDirectory. 362 ChrootDirectory. The default is M-bM-^@M-^\noneM-bM-^@M-^].
366 363
367 GatewayPorts 364 GatewayPorts
368 Specifies whether remote hosts are allowed to connect to ports 365 Specifies whether remote hosts are allowed to connect to ports
@@ -379,13 +376,11 @@ DESCRIPTION
379 376
380 GSSAPIAuthentication 377 GSSAPIAuthentication
381 Specifies whether user authentication based on GSSAPI is allowed. 378 Specifies whether user authentication based on GSSAPI is allowed.
382 The default is M-bM-^@M-^\noM-bM-^@M-^]. Note that this option applies to protocol 379 The default is M-bM-^@M-^\noM-bM-^@M-^].
383 version 2 only.
384 380
385 GSSAPICleanupCredentials 381 GSSAPICleanupCredentials
386 Specifies whether to automatically destroy the user's credentials 382 Specifies whether to automatically destroy the user's credentials
387 cache on logout. The default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option 383 cache on logout. The default is M-bM-^@M-^\yesM-bM-^@M-^].
388 applies to protocol version 2 only.
389 384
390 GSSAPIStrictAcceptorCheck 385 GSSAPIStrictAcceptorCheck
391 Determines whether to be strict about the identity of the GSSAPI 386 Determines whether to be strict about the identity of the GSSAPI
@@ -416,9 +411,7 @@ DESCRIPTION
416 HostbasedAuthentication 411 HostbasedAuthentication
417 Specifies whether rhosts or /etc/hosts.equiv authentication 412 Specifies whether rhosts or /etc/hosts.equiv authentication
418 together with successful public key client host authentication is 413 together with successful public key client host authentication is
419 allowed (host-based authentication). This option is similar to 414 allowed (host-based authentication). The default is M-bM-^@M-^\noM-bM-^@M-^].
420 RhostsRSAAuthentication and applies to protocol version 2 only.
421 The default is M-bM-^@M-^\noM-bM-^@M-^].
422 415
423 HostbasedUsesNameFromPacketOnly 416 HostbasedUsesNameFromPacketOnly
424 Specifies whether or not the server will attempt to perform a 417 Specifies whether or not the server will attempt to perform a
@@ -459,8 +452,8 @@ DESCRIPTION
459 read from the SSH_AUTH_SOCK environment variable. 452 read from the SSH_AUTH_SOCK environment variable.
460 453
461 HostKeyAlgorithms 454 HostKeyAlgorithms
462 Specifies the protocol version 2 host key algorithms that the 455 Specifies the host key algorithms that the server offers. The
463 server offers. The default for this option is: 456 default for this option is:
464 457
465 ecdsa-sha2-nistp256-cert-v01@openssh.com, 458 ecdsa-sha2-nistp256-cert-v01@openssh.com,
466 ecdsa-sha2-nistp384-cert-v01@openssh.com, 459 ecdsa-sha2-nistp384-cert-v01@openssh.com,
@@ -585,11 +578,11 @@ DESCRIPTION
585 violates the privacy of users and is not recommended. 578 violates the privacy of users and is not recommended.
586 579
587 MACs Specifies the available MAC (message authentication code) 580 MACs Specifies the available MAC (message authentication code)
588 algorithms. The MAC algorithm is used in protocol version 2 for 581 algorithms. The MAC algorithm is used for data integrity
589 data integrity protection. Multiple algorithms must be comma- 582 protection. Multiple algorithms must be comma-separated. If the
590 separated. If the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, 583 specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified
591 then the specified algorithms will be appended to the default set 584 algorithms will be appended to the default set instead of
592 instead of replacing them. 585 replacing them.
593 586
594 The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after 587 The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after
595 encryption (encrypt-then-mac). These are considered safer and 588 encryption (encrypt-then-mac). These are considered safer and
@@ -618,8 +611,9 @@ DESCRIPTION
618 611
619 umac-64-etm@openssh.com,umac-128-etm@openssh.com, 612 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
620 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 613 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
614 hmac-sha1-etm@openssh.com,
621 umac-64@openssh.com,umac-128@openssh.com, 615 umac-64@openssh.com,umac-128@openssh.com,
622 hmac-sha2-256,hmac-sha2-512 616 hmac-sha2-256,hmac-sha2-512,hmac-sha1
623 617
624 The list of available MAC algorithms may also be obtained using 618 The list of available MAC algorithms may also be obtained using
625 the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^]. 619 the -Q option of ssh(1) with an argument of M-bM-^@M-^\macM-bM-^@M-^].
@@ -651,8 +645,9 @@ DESCRIPTION
651 AllowAgentForwarding, AllowGroups, AllowStreamLocalForwarding, 645 AllowAgentForwarding, AllowGroups, AllowStreamLocalForwarding,
652 AllowTcpForwarding, AllowUsers, AuthenticationMethods, 646 AllowTcpForwarding, AllowUsers, AuthenticationMethods,
653 AuthorizedKeysCommand, AuthorizedKeysCommandUser, 647 AuthorizedKeysCommand, AuthorizedKeysCommandUser,
654 AuthorizedKeysFile, AuthorizedPrincipalsFile, Banner, 648 AuthorizedKeysFile, AuthorizedPrincipalsCommand,
655 ChrootDirectory, DenyGroups, DenyUsers, ForceCommand, 649 AuthorizedPrincipalsCommandUser, AuthorizedPrincipalsFile,
650 Banner, ChrootDirectory, DenyGroups, DenyUsers, ForceCommand,
656 GatewayPorts, GSSAPIAuthentication, HostbasedAcceptedKeyTypes, 651 GatewayPorts, GSSAPIAuthentication, HostbasedAcceptedKeyTypes,
657 HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS, 652 HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS,
658 KbdInteractiveAuthentication, KerberosAuthentication, 653 KbdInteractiveAuthentication, KerberosAuthentication,
@@ -670,8 +665,13 @@ DESCRIPTION
670 value, additional failures are logged. The default is 6. 665 value, additional failures are logged. The default is 6.
671 666
672 MaxSessions 667 MaxSessions
673 Specifies the maximum number of open sessions permitted per 668 Specifies the maximum number of open shell, login or subsystem
674 network connection. The default is 10. 669 (e.g. sftp) sessions permitted per network connection. Multiple
670 sessions may be established by clients that support connection
671 multiplexing. Setting MaxSessions to 1 will effectively disable
672 session multiplexing, whereas setting it to 0 will prevent all
673 shell, login and subsystem sessions while still permitting
674 forwarding. The default is 10.
675 675
676 MaxStartups 676 MaxStartups
677 Specifies the maximum number of concurrent unauthenticated 677 Specifies the maximum number of concurrent unauthenticated
@@ -775,10 +775,14 @@ DESCRIPTION
775 Protocol 775 Protocol
776 Specifies the protocol versions sshd(8) supports. The possible 776 Specifies the protocol versions sshd(8) supports. The possible
777 values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y. Multiple versions must be comma- 777 values are M-bM-^@M-^X1M-bM-^@M-^Y and M-bM-^@M-^X2M-bM-^@M-^Y. Multiple versions must be comma-
778 separated. The default is M-bM-^@M-^X2M-bM-^@M-^Y. Note that the order of the 778 separated. The default is M-bM-^@M-^X2M-bM-^@M-^Y. Protocol 1 suffers from a number
779 protocol list does not indicate preference, because the client 779 of cryptographic weaknesses and should not be used. It is only
780 selects among multiple protocol versions offered by the server. 780 offered to support legacy devices.
781 Specifying M-bM-^@M-^\2,1M-bM-^@M-^] is identical to M-bM-^@M-^\1,2M-bM-^@M-^]. 781
782 Note that the order of the protocol list does not indicate
783 preference, because the client selects among multiple protocol
784 versions offered by the server. Specifying M-bM-^@M-^\2,1M-bM-^@M-^] is identical to
785 M-bM-^@M-^\1,2M-bM-^@M-^].
782 786
783 PubkeyAcceptedKeyTypes 787 PubkeyAcceptedKeyTypes
784 Specifies the key types that will be accepted for public key 788 Specifies the key types that will be accepted for public key
@@ -799,8 +803,7 @@ DESCRIPTION
799 803
800 PubkeyAuthentication 804 PubkeyAuthentication
801 Specifies whether public key authentication is allowed. The 805 Specifies whether public key authentication is allowed. The
802 default is M-bM-^@M-^\yesM-bM-^@M-^]. Note that this option applies to protocol 806 default is M-bM-^@M-^\yesM-bM-^@M-^].
803 version 2 only.
804 807
805 RekeyLimit 808 RekeyLimit
806 Specifies the maximum amount of data that may be transmitted 809 Specifies the maximum amount of data that may be transmitted
@@ -814,8 +817,7 @@ DESCRIPTION
814 documented in the TIME FORMATS section. The default value for 817 documented in the TIME FORMATS section. The default value for
815 RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that rekeying is 818 RekeyLimit is M-bM-^@M-^\default noneM-bM-^@M-^], which means that rekeying is
816 performed after the cipher's default amount of data has been sent 819 performed after the cipher's default amount of data has been sent
817 or received and no time based rekeying is done. This option 820 or received and no time based rekeying is done.
818 applies to protocol version 2 only.
819 821
820 RevokedKeys 822 RevokedKeys
821 Specifies revoked public keys file, or M-bM-^@M-^\noneM-bM-^@M-^] to not use one. 823 Specifies revoked public keys file, or M-bM-^@M-^\noneM-bM-^@M-^] to not use one.
@@ -882,8 +884,7 @@ DESCRIPTION
882 M-bM-^@M-^\sftpM-bM-^@M-^] server. This may simplify configurations using 884 M-bM-^@M-^\sftpM-bM-^@M-^] server. This may simplify configurations using
883 ChrootDirectory to force a different filesystem root on clients. 885 ChrootDirectory to force a different filesystem root on clients.
884 886
885 By default no subsystems are defined. Note that this option 887 By default no subsystems are defined.
886 applies to protocol version 2 only.
887 888
888 SyslogFacility 889 SyslogFacility
889 Gives the facility code that is used when logging messages from 890 Gives the facility code that is used when logging messages from
@@ -957,9 +958,10 @@ DESCRIPTION
957 that has the privilege of the authenticated user. The goal of 958 that has the privilege of the authenticated user. The goal of
958 privilege separation is to prevent privilege escalation by 959 privilege separation is to prevent privilege escalation by
959 containing any corruption within the unprivileged processes. The 960 containing any corruption within the unprivileged processes. The
960 default is M-bM-^@M-^\yesM-bM-^@M-^]. If UsePrivilegeSeparation is set to M-bM-^@M-^\sandboxM-bM-^@M-^] 961 argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^], or M-bM-^@M-^\sandboxM-bM-^@M-^]. If
961 then the pre-authentication unprivileged process is subject to 962 UsePrivilegeSeparation is set to M-bM-^@M-^\sandboxM-bM-^@M-^] then the pre-
962 additional restrictions. 963 authentication unprivileged process is subject to additional
964 restrictions. The default is M-bM-^@M-^\sandboxM-bM-^@M-^].
963 965
964 VersionAddendum 966 VersionAddendum
965 Optionally specifies additional text to append to the SSH 967 Optionally specifies additional text to append to the SSH
@@ -1049,4 +1051,4 @@ AUTHORS
1049 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 1051 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
1050 for privilege separation. 1052 for privilege separation.
1051 1053
1052OpenBSD 5.8 August 14, 2015 OpenBSD 5.8 1054OpenBSD 5.9 February 17, 2016 OpenBSD 5.9
diff --git a/sshd_config.5 b/sshd_config.5
index b18d340af..a37a3aca3 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $ 36.\" $OpenBSD: sshd_config.5,v 1.220 2016/02/17 08:57:34 djm Exp $
37.Dd $Mdocdate: August 14 2015 $ 37.Dd $Mdocdate: February 17 2016 $
38.Dt SSHD_CONFIG 5 38.Dt SSHD_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -70,8 +70,7 @@ See
70in 70in
71.Xr ssh_config 5 71.Xr ssh_config 5
72for how to configure the client. 72for how to configure the client.
73Note that environment passing is only supported for protocol 2, and 73The
74that the
75.Ev TERM 74.Ev TERM
76environment variable is always sent whenever the client 75environment variable is always sent whenever the client
77requests a pseudo-terminal as it is required by the protocol. 76requests a pseudo-terminal as it is required by the protocol.
@@ -226,7 +225,7 @@ of
226.Dq publickey,publickey 225.Dq publickey,publickey
227will require successful authentication using two different public keys. 226will require successful authentication using two different public keys.
228.Pp 227.Pp
229This option is only available for SSH protocol 2 and will yield a fatal 228This option will yield a fatal
230error if enabled if protocol 1 is also enabled. 229error if enabled if protocol 1 is also enabled.
231Note that each authentication method listed should also be explicitly enabled 230Note that each authentication method listed should also be explicitly enabled
232in the configuration. 231in the configuration.
@@ -285,6 +284,9 @@ After expansion,
285is taken to be an absolute path or one relative to the user's home 284is taken to be an absolute path or one relative to the user's home
286directory. 285directory.
287Multiple files may be listed, separated by whitespace. 286Multiple files may be listed, separated by whitespace.
287Alternately this option may be set to
288.Dq none
289to skip checking for user keys in files.
288The default is 290The default is
289.Dq .ssh/authorized_keys .ssh/authorized_keys2 . 291.Dq .ssh/authorized_keys .ssh/authorized_keys2 .
290.It Cm AuthorizedPrincipalsCommand 292.It Cm AuthorizedPrincipalsCommand
@@ -370,7 +372,6 @@ authentication is allowed.
370If the argument is 372If the argument is
371.Dq none 373.Dq none
372then no banner is displayed. 374then no banner is displayed.
373This option is only available for protocol version 2.
374By default, no banner is displayed. 375By default, no banner is displayed.
375.It Cm ChallengeResponseAuthentication 376.It Cm ChallengeResponseAuthentication
376Specifies whether challenge-response authentication is allowed (e.g. via 377Specifies whether challenge-response authentication is allowed (e.g. via
@@ -429,10 +430,12 @@ Misconfiguration can lead to unsafe environments which
429.Xr sshd 8 430.Xr sshd 8
430cannot detect. 431cannot detect.
431.Pp 432.Pp
432The default is not to 433The default is
434.Dq none ,
435indicating not to
433.Xr chroot 2 . 436.Xr chroot 2 .
434.It Cm Ciphers 437.It Cm Ciphers
435Specifies the ciphers allowed for protocol version 2. 438Specifies the ciphers allowed.
436Multiple ciphers must be comma-separated. 439Multiple ciphers must be comma-separated.
437If the specified value begins with a 440If the specified value begins with a
438.Sq + 441.Sq +
@@ -513,7 +516,6 @@ If
513.Cm ClientAliveCountMax 516.Cm ClientAliveCountMax
514is left at the default, unresponsive SSH clients 517is left at the default, unresponsive SSH clients
515will be disconnected after approximately 45 seconds. 518will be disconnected after approximately 45 seconds.
516This option applies to protocol version 2 only.
517.It Cm ClientAliveInterval 519.It Cm ClientAliveInterval
518Sets a timeout interval in seconds after which if no data has been received 520Sets a timeout interval in seconds after which if no data has been received
519from the client, 521from the client,
@@ -522,7 +524,6 @@ will send a message through the encrypted
522channel to request a response from the client. 524channel to request a response from the client.
523The default 525The default
524is 0, indicating that these messages will not be sent to the client. 526is 0, indicating that these messages will not be sent to the client.
525This option applies to protocol version 2 only.
526.It Cm Compression 527.It Cm Compression
527Specifies whether compression is allowed, or delayed until 528Specifies whether compression is allowed, or delayed until
528the user has authenticated successfully. 529the user has authenticated successfully.
@@ -596,6 +597,8 @@ Specifying a command of
596will force the use of an in-process sftp server that requires no support 597will force the use of an in-process sftp server that requires no support
597files when used with 598files when used with
598.Cm ChrootDirectory . 599.Cm ChrootDirectory .
600The default is
601.Dq none .
599.It Cm GatewayPorts 602.It Cm GatewayPorts
600Specifies whether remote hosts are allowed to connect to ports 603Specifies whether remote hosts are allowed to connect to ports
601forwarded for the client. 604forwarded for the client.
@@ -620,13 +623,11 @@ The default is
620Specifies whether user authentication based on GSSAPI is allowed. 623Specifies whether user authentication based on GSSAPI is allowed.
621The default is 624The default is
622.Dq no . 625.Dq no .
623Note that this option applies to protocol version 2 only.
624.It Cm GSSAPICleanupCredentials 626.It Cm GSSAPICleanupCredentials
625Specifies whether to automatically destroy the user's credentials cache 627Specifies whether to automatically destroy the user's credentials cache
626on logout. 628on logout.
627The default is 629The default is
628.Dq yes . 630.Dq yes .
629Note that this option applies to protocol version 2 only.
630.It Cm GSSAPIStrictAcceptorCheck 631.It Cm GSSAPIStrictAcceptorCheck
631Determines whether to be strict about the identity of the GSSAPI acceptor 632Determines whether to be strict about the identity of the GSSAPI acceptor
632a client authenticates against. 633a client authenticates against.
@@ -669,9 +670,6 @@ may be used to list supported key types.
669Specifies whether rhosts or /etc/hosts.equiv authentication together 670Specifies whether rhosts or /etc/hosts.equiv authentication together
670with successful public key client host authentication is allowed 671with successful public key client host authentication is allowed
671(host-based authentication). 672(host-based authentication).
672This option is similar to
673.Cm RhostsRSAAuthentication
674and applies to protocol version 2 only.
675The default is 673The default is
676.Dq no . 674.Dq no .
677.It Cm HostbasedUsesNameFromPacketOnly 675.It Cm HostbasedUsesNameFromPacketOnly
@@ -742,7 +740,7 @@ is specified, the location of the socket will be read from the
742.Ev SSH_AUTH_SOCK 740.Ev SSH_AUTH_SOCK
743environment variable. 741environment variable.
744.It Cm HostKeyAlgorithms 742.It Cm HostKeyAlgorithms
745Specifies the protocol version 2 host key algorithms 743Specifies the host key algorithms
746that the server offers. 744that the server offers.
747The default for this option is: 745The default for this option is:
748.Bd -literal -offset 3n 746.Bd -literal -offset 3n
@@ -963,8 +961,7 @@ DEBUG2 and DEBUG3 each specify higher levels of debugging output.
963Logging with a DEBUG level violates the privacy of users and is not recommended. 961Logging with a DEBUG level violates the privacy of users and is not recommended.
964.It Cm MACs 962.It Cm MACs
965Specifies the available MAC (message authentication code) algorithms. 963Specifies the available MAC (message authentication code) algorithms.
966The MAC algorithm is used in protocol version 2 964The MAC algorithm is used for data integrity protection.
967for data integrity protection.
968Multiple algorithms must be comma-separated. 965Multiple algorithms must be comma-separated.
969If the specified value begins with a 966If the specified value begins with a
970.Sq + 967.Sq +
@@ -1020,8 +1017,9 @@ The default is:
1020.Bd -literal -offset indent 1017.Bd -literal -offset indent
1021umac-64-etm@openssh.com,umac-128-etm@openssh.com, 1018umac-64-etm@openssh.com,umac-128-etm@openssh.com,
1022hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 1019hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
1020hmac-sha1-etm@openssh.com,
1023umac-64@openssh.com,umac-128@openssh.com, 1021umac-64@openssh.com,umac-128@openssh.com,
1024hmac-sha2-256,hmac-sha2-512 1022hmac-sha2-256,hmac-sha2-512,hmac-sha1
1025.Ed 1023.Ed
1026.Pp 1024.Pp
1027The list of available MAC algorithms may also be obtained using the 1025The list of available MAC algorithms may also be obtained using the
@@ -1091,6 +1089,8 @@ Available keywords are
1091.Cm AuthorizedKeysCommand , 1089.Cm AuthorizedKeysCommand ,
1092.Cm AuthorizedKeysCommandUser , 1090.Cm AuthorizedKeysCommandUser ,
1093.Cm AuthorizedKeysFile , 1091.Cm AuthorizedKeysFile ,
1092.Cm AuthorizedPrincipalsCommand ,
1093.Cm AuthorizedPrincipalsCommandUser ,
1094.Cm AuthorizedPrincipalsFile , 1094.Cm AuthorizedPrincipalsFile ,
1095.Cm Banner , 1095.Cm Banner ,
1096.Cm ChrootDirectory , 1096.Cm ChrootDirectory ,
@@ -1134,7 +1134,15 @@ Once the number of failures reaches half this value,
1134additional failures are logged. 1134additional failures are logged.
1135The default is 6. 1135The default is 6.
1136.It Cm MaxSessions 1136.It Cm MaxSessions
1137Specifies the maximum number of open sessions permitted per network connection. 1137Specifies the maximum number of open shell, login or subsystem (e.g. sftp)
1138sessions permitted per network connection.
1139Multiple sessions may be established by clients that support connection
1140multiplexing.
1141Setting
1142.Cm MaxSessions
1143to 1 will effectively disable session multiplexing, whereas setting it to 0
1144will prevent all shell, login and subsystem sessions while still permitting
1145forwarding.
1138The default is 10. 1146The default is 10.
1139.It Cm MaxStartups 1147.It Cm MaxStartups
1140Specifies the maximum number of concurrent unauthenticated connections to the 1148Specifies the maximum number of concurrent unauthenticated connections to the
@@ -1324,6 +1332,10 @@ and
1324Multiple versions must be comma-separated. 1332Multiple versions must be comma-separated.
1325The default is 1333The default is
1326.Sq 2 . 1334.Sq 2 .
1335Protocol 1 suffers from a number of cryptographic weaknesses and should
1336not be used.
1337It is only offered to support legacy devices.
1338.Pp
1327Note that the order of the protocol list does not indicate preference, 1339Note that the order of the protocol list does not indicate preference,
1328because the client selects among multiple protocol versions offered 1340because the client selects among multiple protocol versions offered
1329by the server. 1341by the server.
@@ -1358,7 +1370,6 @@ may be used to list supported key types.
1358Specifies whether public key authentication is allowed. 1370Specifies whether public key authentication is allowed.
1359The default is 1371The default is
1360.Dq yes . 1372.Dq yes .
1361Note that this option applies to protocol version 2 only.
1362.It Cm RekeyLimit 1373.It Cm RekeyLimit
1363Specifies the maximum amount of data that may be transmitted before the 1374Specifies the maximum amount of data that may be transmitted before the
1364session key is renegotiated, optionally followed a maximum amount of 1375session key is renegotiated, optionally followed a maximum amount of
@@ -1384,7 +1395,6 @@ is
1384.Dq default none , 1395.Dq default none ,
1385which means that rekeying is performed after the cipher's default amount 1396which means that rekeying is performed after the cipher's default amount
1386of data has been sent or received and no time based rekeying is done. 1397of data has been sent or received and no time based rekeying is done.
1387This option applies to protocol version 2 only.
1388.It Cm RevokedKeys 1398.It Cm RevokedKeys
1389Specifies revoked public keys file, or 1399Specifies revoked public keys file, or
1390.Dq none 1400.Dq none
@@ -1471,7 +1481,6 @@ This may simplify configurations using
1471to force a different filesystem root on clients. 1481to force a different filesystem root on clients.
1472.Pp 1482.Pp
1473By default no subsystems are defined. 1483By default no subsystems are defined.
1474Note that this option applies to protocol version 2 only.
1475.It Cm SyslogFacility 1484.It Cm SyslogFacility
1476Gives the facility code that is used when logging messages from 1485Gives the facility code that is used when logging messages from
1477.Xr sshd 8 . 1486.Xr sshd 8 .
@@ -1584,14 +1593,19 @@ After successful authentication, another process will be created that has
1584the privilege of the authenticated user. 1593the privilege of the authenticated user.
1585The goal of privilege separation is to prevent privilege 1594The goal of privilege separation is to prevent privilege
1586escalation by containing any corruption within the unprivileged processes. 1595escalation by containing any corruption within the unprivileged processes.
1587The default is 1596The argument must be
1588.Dq yes . 1597.Dq yes ,
1598.Dq no ,
1599or
1600.Dq sandbox .
1589If 1601If
1590.Cm UsePrivilegeSeparation 1602.Cm UsePrivilegeSeparation
1591is set to 1603is set to
1592.Dq sandbox 1604.Dq sandbox
1593then the pre-authentication unprivileged process is subject to additional 1605then the pre-authentication unprivileged process is subject to additional
1594restrictions. 1606restrictions.
1607The default is
1608.Dq sandbox .
1595.It Cm VersionAddendum 1609.It Cm VersionAddendum
1596Optionally specifies additional text to append to the SSH protocol banner 1610Optionally specifies additional text to append to the SSH protocol banner
1597sent by the server upon connection. 1611sent by the server upon connection.
diff --git a/ssherr.c b/ssherr.c
index 4ca793992..680207063 100644
--- a/ssherr.c
+++ b/ssherr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssherr.c,v 1.4 2015/02/16 22:13:32 djm Exp $ */ 1/* $OpenBSD: ssherr.c,v 1.5 2015/09/13 14:39:16 tim Exp $ */
2/* 2/*
3 * Copyright (c) 2011 Damien Miller 3 * Copyright (c) 2011 Damien Miller
4 * 4 *
@@ -104,7 +104,7 @@ ssh_err(int n)
104 case SSH_ERR_NEED_REKEY: 104 case SSH_ERR_NEED_REKEY:
105 return "rekeying not supported by peer"; 105 return "rekeying not supported by peer";
106 case SSH_ERR_PASSPHRASE_TOO_SHORT: 106 case SSH_ERR_PASSPHRASE_TOO_SHORT:
107 return "passphrase is too short (minimum four characters)"; 107 return "passphrase is too short (minimum five characters)";
108 case SSH_ERR_FILE_CHANGED: 108 case SSH_ERR_FILE_CHANGED:
109 return "file changed while reading"; 109 return "file changed while reading";
110 case SSH_ERR_KEY_UNKNOWN_CIPHER: 110 case SSH_ERR_KEY_UNKNOWN_CIPHER:
diff --git a/sshkey.c b/sshkey.c
index 32dd8f225..87b093e91 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.21 2015/08/19 23:19:01 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.31 2015/12/11 04:21:12 mmcc Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -83,36 +83,39 @@ struct keytype {
83 int type; 83 int type;
84 int nid; 84 int nid;
85 int cert; 85 int cert;
86 int sigonly;
86}; 87};
87static const struct keytype keytypes[] = { 88static const struct keytype keytypes[] = {
88 { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 }, 89 { "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0, 0 },
89 { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", 90 { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT",
90 KEY_ED25519_CERT, 0, 1 }, 91 KEY_ED25519_CERT, 0, 1, 0 },
91#ifdef WITH_OPENSSL 92#ifdef WITH_OPENSSL
92 { NULL, "RSA1", KEY_RSA1, 0, 0 }, 93 { NULL, "RSA1", KEY_RSA1, 0, 0, 0 },
93 { "ssh-rsa", "RSA", KEY_RSA, 0, 0 }, 94 { "ssh-rsa", "RSA", KEY_RSA, 0, 0, 0 },
94 { "ssh-dss", "DSA", KEY_DSA, 0, 0 }, 95 { "rsa-sha2-256", "RSA", KEY_RSA, 0, 0, 1 },
96 { "rsa-sha2-512", "RSA", KEY_RSA, 0, 0, 1 },
97 { "ssh-dss", "DSA", KEY_DSA, 0, 0, 0 },
95# ifdef OPENSSL_HAS_ECC 98# ifdef OPENSSL_HAS_ECC
96 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0 }, 99 { "ecdsa-sha2-nistp256", "ECDSA", KEY_ECDSA, NID_X9_62_prime256v1, 0, 0 },
97 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0 }, 100 { "ecdsa-sha2-nistp384", "ECDSA", KEY_ECDSA, NID_secp384r1, 0, 0 },
98# ifdef OPENSSL_HAS_NISTP521 101# ifdef OPENSSL_HAS_NISTP521
99 { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0 }, 102 { "ecdsa-sha2-nistp521", "ECDSA", KEY_ECDSA, NID_secp521r1, 0, 0 },
100# endif /* OPENSSL_HAS_NISTP521 */ 103# endif /* OPENSSL_HAS_NISTP521 */
101# endif /* OPENSSL_HAS_ECC */ 104# endif /* OPENSSL_HAS_ECC */
102 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1 }, 105 { "ssh-rsa-cert-v01@openssh.com", "RSA-CERT", KEY_RSA_CERT, 0, 1, 0 },
103 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1 }, 106 { "ssh-dss-cert-v01@openssh.com", "DSA-CERT", KEY_DSA_CERT, 0, 1, 0 },
104# ifdef OPENSSL_HAS_ECC 107# ifdef OPENSSL_HAS_ECC
105 { "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-CERT", 108 { "ecdsa-sha2-nistp256-cert-v01@openssh.com", "ECDSA-CERT",
106 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1 }, 109 KEY_ECDSA_CERT, NID_X9_62_prime256v1, 1, 0 },
107 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT", 110 { "ecdsa-sha2-nistp384-cert-v01@openssh.com", "ECDSA-CERT",
108 KEY_ECDSA_CERT, NID_secp384r1, 1 }, 111 KEY_ECDSA_CERT, NID_secp384r1, 1, 0 },
109# ifdef OPENSSL_HAS_NISTP521 112# ifdef OPENSSL_HAS_NISTP521
110 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT", 113 { "ecdsa-sha2-nistp521-cert-v01@openssh.com", "ECDSA-CERT",
111 KEY_ECDSA_CERT, NID_secp521r1, 1 }, 114 KEY_ECDSA_CERT, NID_secp521r1, 1, 0 },
112# endif /* OPENSSL_HAS_NISTP521 */ 115# endif /* OPENSSL_HAS_NISTP521 */
113# endif /* OPENSSL_HAS_ECC */ 116# endif /* OPENSSL_HAS_ECC */
114#endif /* WITH_OPENSSL */ 117#endif /* WITH_OPENSSL */
115 { NULL, NULL, -1, -1, 0 } 118 { NULL, NULL, -1, -1, 0, 0 }
116}; 119};
117 120
118const char * 121const char *
@@ -200,7 +203,7 @@ key_alg_list(int certs_only, int plain_only)
200 const struct keytype *kt; 203 const struct keytype *kt;
201 204
202 for (kt = keytypes; kt->type != -1; kt++) { 205 for (kt = keytypes; kt->type != -1; kt++) {
203 if (kt->name == NULL) 206 if (kt->name == NULL || kt->sigonly)
204 continue; 207 continue;
205 if ((certs_only && !kt->cert) || (plain_only && kt->cert)) 208 if ((certs_only && !kt->cert) || (plain_only && kt->cert))
206 continue; 209 continue;
@@ -417,20 +420,14 @@ cert_free(struct sshkey_cert *cert)
417 420
418 if (cert == NULL) 421 if (cert == NULL)
419 return; 422 return;
420 if (cert->certblob != NULL) 423 sshbuf_free(cert->certblob);
421 sshbuf_free(cert->certblob); 424 sshbuf_free(cert->critical);
422 if (cert->critical != NULL) 425 sshbuf_free(cert->extensions);
423 sshbuf_free(cert->critical); 426 free(cert->key_id);
424 if (cert->extensions != NULL)
425 sshbuf_free(cert->extensions);
426 if (cert->key_id != NULL)
427 free(cert->key_id);
428 for (i = 0; i < cert->nprincipals; i++) 427 for (i = 0; i < cert->nprincipals; i++)
429 free(cert->principals[i]); 428 free(cert->principals[i]);
430 if (cert->principals != NULL) 429 free(cert->principals);
431 free(cert->principals); 430 sshkey_free(cert->signature_key);
432 if (cert->signature_key != NULL)
433 sshkey_free(cert->signature_key);
434 explicit_bzero(cert, sizeof(*cert)); 431 explicit_bzero(cert, sizeof(*cert));
435 free(cert); 432 free(cert);
436} 433}
@@ -1216,7 +1213,7 @@ read_decimal_bignum(char **cpp, BIGNUM *v)
1216 return SSH_ERR_BIGNUM_TOO_LARGE; 1213 return SSH_ERR_BIGNUM_TOO_LARGE;
1217 if (cp[e] == '\0') 1214 if (cp[e] == '\0')
1218 skip = 0; 1215 skip = 0;
1219 else if (index(" \t\r\n", cp[e]) == NULL) 1216 else if (strchr(" \t\r\n", cp[e]) == NULL)
1220 return SSH_ERR_INVALID_FORMAT; 1217 return SSH_ERR_INVALID_FORMAT;
1221 cp[e] = '\0'; 1218 cp[e] = '\0';
1222 if (BN_dec2bn(&v, cp) <= 0) 1219 if (BN_dec2bn(&v, cp) <= 0)
@@ -1232,11 +1229,10 @@ sshkey_read(struct sshkey *ret, char **cpp)
1232{ 1229{
1233 struct sshkey *k; 1230 struct sshkey *k;
1234 int retval = SSH_ERR_INVALID_FORMAT; 1231 int retval = SSH_ERR_INVALID_FORMAT;
1235 char *cp, *space; 1232 char *ep, *cp, *space;
1236 int r, type, curve_nid = -1; 1233 int r, type, curve_nid = -1;
1237 struct sshbuf *blob; 1234 struct sshbuf *blob;
1238#ifdef WITH_SSH1 1235#ifdef WITH_SSH1
1239 char *ep;
1240 u_long bits; 1236 u_long bits;
1241#endif /* WITH_SSH1 */ 1237#endif /* WITH_SSH1 */
1242 1238
@@ -1247,7 +1243,7 @@ sshkey_read(struct sshkey *ret, char **cpp)
1247#ifdef WITH_SSH1 1243#ifdef WITH_SSH1
1248 /* Get number of bits. */ 1244 /* Get number of bits. */
1249 bits = strtoul(cp, &ep, 10); 1245 bits = strtoul(cp, &ep, 10);
1250 if (*cp == '\0' || index(" \t\r\n", *ep) == NULL || 1246 if (*cp == '\0' || strchr(" \t\r\n", *ep) == NULL ||
1251 bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8) 1247 bits == 0 || bits > SSHBUF_MAX_BIGNUM * 8)
1252 return SSH_ERR_INVALID_FORMAT; /* Bad bit count... */ 1248 return SSH_ERR_INVALID_FORMAT; /* Bad bit count... */
1253 /* Get public exponent, public modulus. */ 1249 /* Get public exponent, public modulus. */
@@ -1255,10 +1251,10 @@ sshkey_read(struct sshkey *ret, char **cpp)
1255 return r; 1251 return r;
1256 if ((r = read_decimal_bignum(&ep, ret->rsa->n)) < 0) 1252 if ((r = read_decimal_bignum(&ep, ret->rsa->n)) < 0)
1257 return r; 1253 return r;
1258 *cpp = ep;
1259 /* validate the claimed number of bits */ 1254 /* validate the claimed number of bits */
1260 if (BN_num_bits(ret->rsa->n) != (int)bits) 1255 if (BN_num_bits(ret->rsa->n) != (int)bits)
1261 return SSH_ERR_KEY_BITS_MISMATCH; 1256 return SSH_ERR_KEY_BITS_MISMATCH;
1257 *cpp = ep;
1262 retval = 0; 1258 retval = 0;
1263#endif /* WITH_SSH1 */ 1259#endif /* WITH_SSH1 */
1264 break; 1260 break;
@@ -1296,9 +1292,9 @@ sshkey_read(struct sshkey *ret, char **cpp)
1296 *space++ = '\0'; 1292 *space++ = '\0';
1297 while (*space == ' ' || *space == '\t') 1293 while (*space == ' ' || *space == '\t')
1298 space++; 1294 space++;
1299 *cpp = space; 1295 ep = space;
1300 } else 1296 } else
1301 *cpp = cp + strlen(cp); 1297 ep = cp + strlen(cp);
1302 if ((r = sshbuf_b64tod(blob, cp)) != 0) { 1298 if ((r = sshbuf_b64tod(blob, cp)) != 0) {
1303 sshbuf_free(blob); 1299 sshbuf_free(blob);
1304 return r; 1300 return r;
@@ -1329,8 +1325,9 @@ sshkey_read(struct sshkey *ret, char **cpp)
1329 ret->cert = k->cert; 1325 ret->cert = k->cert;
1330 k->cert = NULL; 1326 k->cert = NULL;
1331 } 1327 }
1328 switch (sshkey_type_plain(ret->type)) {
1332#ifdef WITH_OPENSSL 1329#ifdef WITH_OPENSSL
1333 if (sshkey_type_plain(ret->type) == KEY_RSA) { 1330 case KEY_RSA:
1334 if (ret->rsa != NULL) 1331 if (ret->rsa != NULL)
1335 RSA_free(ret->rsa); 1332 RSA_free(ret->rsa);
1336 ret->rsa = k->rsa; 1333 ret->rsa = k->rsa;
@@ -1338,8 +1335,8 @@ sshkey_read(struct sshkey *ret, char **cpp)
1338#ifdef DEBUG_PK 1335#ifdef DEBUG_PK
1339 RSA_print_fp(stderr, ret->rsa, 8); 1336 RSA_print_fp(stderr, ret->rsa, 8);
1340#endif 1337#endif
1341 } 1338 break;
1342 if (sshkey_type_plain(ret->type) == KEY_DSA) { 1339 case KEY_DSA:
1343 if (ret->dsa != NULL) 1340 if (ret->dsa != NULL)
1344 DSA_free(ret->dsa); 1341 DSA_free(ret->dsa);
1345 ret->dsa = k->dsa; 1342 ret->dsa = k->dsa;
@@ -1347,9 +1344,9 @@ sshkey_read(struct sshkey *ret, char **cpp)
1347#ifdef DEBUG_PK 1344#ifdef DEBUG_PK
1348 DSA_print_fp(stderr, ret->dsa, 8); 1345 DSA_print_fp(stderr, ret->dsa, 8);
1349#endif 1346#endif
1350 } 1347 break;
1351# ifdef OPENSSL_HAS_ECC 1348# ifdef OPENSSL_HAS_ECC
1352 if (sshkey_type_plain(ret->type) == KEY_ECDSA) { 1349 case KEY_ECDSA:
1353 if (ret->ecdsa != NULL) 1350 if (ret->ecdsa != NULL)
1354 EC_KEY_free(ret->ecdsa); 1351 EC_KEY_free(ret->ecdsa);
1355 ret->ecdsa = k->ecdsa; 1352 ret->ecdsa = k->ecdsa;
@@ -1359,17 +1356,19 @@ sshkey_read(struct sshkey *ret, char **cpp)
1359#ifdef DEBUG_PK 1356#ifdef DEBUG_PK
1360 sshkey_dump_ec_key(ret->ecdsa); 1357 sshkey_dump_ec_key(ret->ecdsa);
1361#endif 1358#endif
1362 } 1359 break;
1363# endif /* OPENSSL_HAS_ECC */ 1360# endif /* OPENSSL_HAS_ECC */
1364#endif /* WITH_OPENSSL */ 1361#endif /* WITH_OPENSSL */
1365 if (sshkey_type_plain(ret->type) == KEY_ED25519) { 1362 case KEY_ED25519:
1366 free(ret->ed25519_pk); 1363 free(ret->ed25519_pk);
1367 ret->ed25519_pk = k->ed25519_pk; 1364 ret->ed25519_pk = k->ed25519_pk;
1368 k->ed25519_pk = NULL; 1365 k->ed25519_pk = NULL;
1369#ifdef DEBUG_PK 1366#ifdef DEBUG_PK
1370 /* XXX */ 1367 /* XXX */
1371#endif 1368#endif
1369 break;
1372 } 1370 }
1371 *cpp = ep;
1373 retval = 0; 1372 retval = 0;
1374/*XXXX*/ 1373/*XXXX*/
1375 sshkey_free(k); 1374 sshkey_free(k);
@@ -1717,7 +1716,7 @@ sshkey_cert_copy(const struct sshkey *from_key, struct sshkey *to_key)
1717 1716
1718 if ((ret = sshbuf_putb(to->certblob, from->certblob)) != 0 || 1717 if ((ret = sshbuf_putb(to->certblob, from->certblob)) != 0 ||
1719 (ret = sshbuf_putb(to->critical, from->critical)) != 0 || 1718 (ret = sshbuf_putb(to->critical, from->critical)) != 0 ||
1720 (ret = sshbuf_putb(to->extensions, from->extensions) != 0)) 1719 (ret = sshbuf_putb(to->extensions, from->extensions)) != 0)
1721 return ret; 1720 return ret;
1722 1721
1723 to->serial = from->serial; 1722 to->serial = from->serial;
@@ -1758,9 +1757,7 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp)
1758 struct sshkey *n = NULL; 1757 struct sshkey *n = NULL;
1759 int ret = SSH_ERR_INTERNAL_ERROR; 1758 int ret = SSH_ERR_INTERNAL_ERROR;
1760 1759
1761 if (pkp != NULL) 1760 *pkp = NULL;
1762 *pkp = NULL;
1763
1764 switch (k->type) { 1761 switch (k->type) {
1765#ifdef WITH_OPENSSL 1762#ifdef WITH_OPENSSL
1766 case KEY_DSA: 1763 case KEY_DSA:
@@ -2174,7 +2171,7 @@ sshkey_froms(struct sshbuf *buf, struct sshkey **keyp)
2174int 2171int
2175sshkey_sign(const struct sshkey *key, 2172sshkey_sign(const struct sshkey *key,
2176 u_char **sigp, size_t *lenp, 2173 u_char **sigp, size_t *lenp,
2177 const u_char *data, size_t datalen, u_int compat) 2174 const u_char *data, size_t datalen, const char *alg, u_int compat)
2178{ 2175{
2179 if (sigp != NULL) 2176 if (sigp != NULL)
2180 *sigp = NULL; 2177 *sigp = NULL;
@@ -2194,7 +2191,7 @@ sshkey_sign(const struct sshkey *key,
2194# endif /* OPENSSL_HAS_ECC */ 2191# endif /* OPENSSL_HAS_ECC */
2195 case KEY_RSA_CERT: 2192 case KEY_RSA_CERT:
2196 case KEY_RSA: 2193 case KEY_RSA:
2197 return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat); 2194 return ssh_rsa_sign(key, sigp, lenp, data, datalen, alg);
2198#endif /* WITH_OPENSSL */ 2195#endif /* WITH_OPENSSL */
2199 case KEY_ED25519: 2196 case KEY_ED25519:
2200 case KEY_ED25519_CERT: 2197 case KEY_ED25519_CERT:
@@ -2226,7 +2223,7 @@ sshkey_verify(const struct sshkey *key,
2226# endif /* OPENSSL_HAS_ECC */ 2223# endif /* OPENSSL_HAS_ECC */
2227 case KEY_RSA_CERT: 2224 case KEY_RSA_CERT:
2228 case KEY_RSA: 2225 case KEY_RSA:
2229 return ssh_rsa_verify(key, sig, siglen, data, dlen, compat); 2226 return ssh_rsa_verify(key, sig, siglen, data, dlen);
2230#endif /* WITH_OPENSSL */ 2227#endif /* WITH_OPENSSL */
2231 case KEY_ED25519: 2228 case KEY_ED25519:
2232 case KEY_ED25519_CERT: 2229 case KEY_ED25519_CERT:
@@ -2243,9 +2240,7 @@ sshkey_demote(const struct sshkey *k, struct sshkey **dkp)
2243 struct sshkey *pk; 2240 struct sshkey *pk;
2244 int ret = SSH_ERR_INTERNAL_ERROR; 2241 int ret = SSH_ERR_INTERNAL_ERROR;
2245 2242
2246 if (dkp != NULL) 2243 *dkp = NULL;
2247 *dkp = NULL;
2248
2249 if ((pk = calloc(1, sizeof(*pk))) == NULL) 2244 if ((pk = calloc(1, sizeof(*pk))) == NULL)
2250 return SSH_ERR_ALLOC_FAIL; 2245 return SSH_ERR_ALLOC_FAIL;
2251 pk->type = k->type; 2246 pk->type = k->type;
@@ -2462,7 +2457,7 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
2462 2457
2463 /* Sign the whole mess */ 2458 /* Sign the whole mess */
2464 if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), 2459 if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert),
2465 sshbuf_len(cert), 0)) != 0) 2460 sshbuf_len(cert), NULL, 0)) != 0)
2466 goto out; 2461 goto out;
2467 2462
2468 /* Append signature and we are done */ 2463 /* Append signature and we are done */
@@ -2472,12 +2467,9 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca)
2472 out: 2467 out:
2473 if (ret != 0) 2468 if (ret != 0)
2474 sshbuf_reset(cert); 2469 sshbuf_reset(cert);
2475 if (sig_blob != NULL) 2470 free(sig_blob);
2476 free(sig_blob); 2471 free(ca_blob);
2477 if (ca_blob != NULL) 2472 sshbuf_free(principals);
2478 free(ca_blob);
2479 if (principals != NULL)
2480 sshbuf_free(principals);
2481 return ret; 2473 return ret;
2482} 2474}
2483 2475
@@ -2538,6 +2530,43 @@ sshkey_cert_check_authority(const struct sshkey *k,
2538 return 0; 2530 return 0;
2539} 2531}
2540 2532
2533size_t
2534sshkey_format_cert_validity(const struct sshkey_cert *cert, char *s, size_t l)
2535{
2536 char from[32], to[32], ret[64];
2537 time_t tt;
2538 struct tm *tm;
2539
2540 *from = *to = '\0';
2541 if (cert->valid_after == 0 &&
2542 cert->valid_before == 0xffffffffffffffffULL)
2543 return strlcpy(s, "forever", l);
2544
2545 if (cert->valid_after != 0) {
2546 /* XXX revisit INT_MAX in 2038 :) */
2547 tt = cert->valid_after > INT_MAX ?
2548 INT_MAX : cert->valid_after;
2549 tm = localtime(&tt);
2550 strftime(from, sizeof(from), "%Y-%m-%dT%H:%M:%S", tm);
2551 }
2552 if (cert->valid_before != 0xffffffffffffffffULL) {
2553 /* XXX revisit INT_MAX in 2038 :) */
2554 tt = cert->valid_before > INT_MAX ?
2555 INT_MAX : cert->valid_before;
2556 tm = localtime(&tt);
2557 strftime(to, sizeof(to), "%Y-%m-%dT%H:%M:%S", tm);
2558 }
2559
2560 if (cert->valid_after == 0)
2561 snprintf(ret, sizeof(ret), "before %s", to);
2562 else if (cert->valid_before == 0xffffffffffffffffULL)
2563 snprintf(ret, sizeof(ret), "after %s", from);
2564 else
2565 snprintf(ret, sizeof(ret), "from %s to %s", from, to);
2566
2567 return strlcpy(s, ret, l);
2568}
2569
2541int 2570int
2542sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b) 2571sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b)
2543{ 2572{
@@ -2701,7 +2730,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2701 goto out; 2730 goto out;
2702 } 2731 }
2703 if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(k->ecdsa), 2732 if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(k->ecdsa),
2704 EC_KEY_get0_public_key(k->ecdsa)) != 0) || 2733 EC_KEY_get0_public_key(k->ecdsa))) != 0 ||
2705 (r = sshkey_ec_validate_private(k->ecdsa)) != 0) 2734 (r = sshkey_ec_validate_private(k->ecdsa)) != 0)
2706 goto out; 2735 goto out;
2707 break; 2736 break;
@@ -2719,7 +2748,7 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2719 goto out; 2748 goto out;
2720 } 2749 }
2721 if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(k->ecdsa), 2750 if ((r = sshkey_ec_validate_public(EC_KEY_get0_group(k->ecdsa),
2722 EC_KEY_get0_public_key(k->ecdsa)) != 0) || 2751 EC_KEY_get0_public_key(k->ecdsa))) != 0 ||
2723 (r = sshkey_ec_validate_private(k->ecdsa)) != 0) 2752 (r = sshkey_ec_validate_private(k->ecdsa)) != 0)
2724 goto out; 2753 goto out;
2725 break; 2754 break;
@@ -2741,10 +2770,10 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp)
2741 case KEY_RSA_CERT: 2770 case KEY_RSA_CERT:
2742 if ((r = sshkey_froms(buf, &k)) != 0 || 2771 if ((r = sshkey_froms(buf, &k)) != 0 ||
2743 (r = sshkey_add_private(k)) != 0 || 2772 (r = sshkey_add_private(k)) != 0 ||
2744 (r = sshbuf_get_bignum2(buf, k->rsa->d) != 0) || 2773 (r = sshbuf_get_bignum2(buf, k->rsa->d)) != 0 ||
2745 (r = sshbuf_get_bignum2(buf, k->rsa->iqmp) != 0) || 2774 (r = sshbuf_get_bignum2(buf, k->rsa->iqmp)) != 0 ||
2746 (r = sshbuf_get_bignum2(buf, k->rsa->p) != 0) || 2775 (r = sshbuf_get_bignum2(buf, k->rsa->p)) != 0 ||
2747 (r = sshbuf_get_bignum2(buf, k->rsa->q) != 0) || 2776 (r = sshbuf_get_bignum2(buf, k->rsa->q)) != 0 ||
2748 (r = rsa_generate_additional_parameters(k->rsa)) != 0) 2777 (r = rsa_generate_additional_parameters(k->rsa)) != 0)
2749 goto out; 2778 goto out;
2750 break; 2779 break;
@@ -3431,9 +3460,9 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob,
3431 3460
3432 /* Store public key. This will be in plain text. */ 3461 /* Store public key. This will be in plain text. */
3433 if ((r = sshbuf_put_u32(encrypted, BN_num_bits(key->rsa->n))) != 0 || 3462 if ((r = sshbuf_put_u32(encrypted, BN_num_bits(key->rsa->n))) != 0 ||
3434 (r = sshbuf_put_bignum1(encrypted, key->rsa->n) != 0) || 3463 (r = sshbuf_put_bignum1(encrypted, key->rsa->n)) != 0 ||
3435 (r = sshbuf_put_bignum1(encrypted, key->rsa->e) != 0) || 3464 (r = sshbuf_put_bignum1(encrypted, key->rsa->e)) != 0 ||
3436 (r = sshbuf_put_cstring(encrypted, comment) != 0)) 3465 (r = sshbuf_put_cstring(encrypted, comment)) != 0)
3437 goto out; 3466 goto out;
3438 3467
3439 /* Allocate space for the private part of the key in the buffer. */ 3468 /* Allocate space for the private part of the key in the buffer. */
@@ -3454,10 +3483,8 @@ sshkey_private_rsa1_to_blob(struct sshkey *key, struct sshbuf *blob,
3454 out: 3483 out:
3455 explicit_bzero(&ciphercontext, sizeof(ciphercontext)); 3484 explicit_bzero(&ciphercontext, sizeof(ciphercontext));
3456 explicit_bzero(buf, sizeof(buf)); 3485 explicit_bzero(buf, sizeof(buf));
3457 if (buffer != NULL) 3486 sshbuf_free(buffer);
3458 sshbuf_free(buffer); 3487 sshbuf_free(encrypted);
3459 if (encrypted != NULL)
3460 sshbuf_free(encrypted);
3461 3488
3462 return r; 3489 return r;
3463} 3490}
@@ -3611,10 +3638,8 @@ sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob,
3611 pub = NULL; 3638 pub = NULL;
3612 3639
3613 out: 3640 out:
3614 if (copy != NULL) 3641 sshbuf_free(copy);
3615 sshbuf_free(copy); 3642 sshkey_free(pub);
3616 if (pub != NULL)
3617 sshkey_free(pub);
3618 return r; 3643 return r;
3619} 3644}
3620 3645
@@ -3726,14 +3751,10 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase,
3726 } 3751 }
3727 out: 3752 out:
3728 explicit_bzero(&ciphercontext, sizeof(ciphercontext)); 3753 explicit_bzero(&ciphercontext, sizeof(ciphercontext));
3729 if (comment != NULL) 3754 free(comment);
3730 free(comment); 3755 sshkey_free(prv);
3731 if (prv != NULL) 3756 sshbuf_free(copy);
3732 sshkey_free(prv); 3757 sshbuf_free(decrypted);
3733 if (copy != NULL)
3734 sshbuf_free(copy);
3735 if (decrypted != NULL)
3736 sshbuf_free(decrypted);
3737 return r; 3758 return r;
3738} 3759}
3739#endif /* WITH_SSH1 */ 3760#endif /* WITH_SSH1 */
@@ -3823,8 +3844,7 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type,
3823 BIO_free(bio); 3844 BIO_free(bio);
3824 if (pk != NULL) 3845 if (pk != NULL)
3825 EVP_PKEY_free(pk); 3846 EVP_PKEY_free(pk);
3826 if (prv != NULL) 3847 sshkey_free(prv);
3827 sshkey_free(prv);
3828 return r; 3848 return r;
3829} 3849}
3830#endif /* WITH_OPENSSL */ 3850#endif /* WITH_OPENSSL */
@@ -3833,8 +3853,6 @@ int
3833sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, 3853sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
3834 const char *passphrase, struct sshkey **keyp, char **commentp) 3854 const char *passphrase, struct sshkey **keyp, char **commentp)
3835{ 3855{
3836 int r;
3837
3838 *keyp = NULL; 3856 *keyp = NULL;
3839 if (commentp != NULL) 3857 if (commentp != NULL)
3840 *commentp = NULL; 3858 *commentp = NULL;
@@ -3856,8 +3874,8 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
3856 return sshkey_parse_private2(blob, type, passphrase, 3874 return sshkey_parse_private2(blob, type, passphrase,
3857 keyp, commentp); 3875 keyp, commentp);
3858 case KEY_UNSPEC: 3876 case KEY_UNSPEC:
3859 if ((r = sshkey_parse_private2(blob, type, passphrase, keyp, 3877 if (sshkey_parse_private2(blob, type, passphrase, keyp,
3860 commentp)) == 0) 3878 commentp) == 0)
3861 return 0; 3879 return 0;
3862#ifdef WITH_OPENSSL 3880#ifdef WITH_OPENSSL
3863 return sshkey_parse_private_pem_fileblob(blob, type, 3881 return sshkey_parse_private_pem_fileblob(blob, type,
@@ -3872,10 +3890,8 @@ sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
3872 3890
3873int 3891int
3874sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase, 3892sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase,
3875 const char *filename, struct sshkey **keyp, char **commentp) 3893 struct sshkey **keyp, char **commentp)
3876{ 3894{
3877 int r;
3878
3879 if (keyp != NULL) 3895 if (keyp != NULL)
3880 *keyp = NULL; 3896 *keyp = NULL;
3881 if (commentp != NULL) 3897 if (commentp != NULL)
@@ -3883,13 +3899,11 @@ sshkey_parse_private_fileblob(struct sshbuf *buffer, const char *passphrase,
3883 3899
3884#ifdef WITH_SSH1 3900#ifdef WITH_SSH1
3885 /* it's a SSH v1 key if the public key part is readable */ 3901 /* it's a SSH v1 key if the public key part is readable */
3886 if ((r = sshkey_parse_public_rsa1_fileblob(buffer, NULL, NULL)) == 0) { 3902 if (sshkey_parse_public_rsa1_fileblob(buffer, NULL, NULL) == 0) {
3887 return sshkey_parse_private_fileblob_type(buffer, KEY_RSA1, 3903 return sshkey_parse_private_fileblob_type(buffer, KEY_RSA1,
3888 passphrase, keyp, commentp); 3904 passphrase, keyp, commentp);
3889 } 3905 }
3890#endif /* WITH_SSH1 */ 3906#endif /* WITH_SSH1 */
3891 if ((r = sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC, 3907 return sshkey_parse_private_fileblob_type(buffer, KEY_UNSPEC,
3892 passphrase, keyp, commentp)) == 0) 3908 passphrase, keyp, commentp);
3893 return 0;
3894 return r;
3895} 3909}
diff --git a/sshkey.h b/sshkey.h
index c8d3cddca..a20a14f9e 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.h,v 1.9 2015/08/04 05:23:06 djm Exp $ */ 1/* $OpenBSD: sshkey.h,v 1.12 2015/12/04 16:41:28 markus Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -141,6 +141,8 @@ int sshkey_certify(struct sshkey *, struct sshkey *);
141int sshkey_cert_copy(const struct sshkey *, struct sshkey *); 141int sshkey_cert_copy(const struct sshkey *, struct sshkey *);
142int sshkey_cert_check_authority(const struct sshkey *, int, int, 142int sshkey_cert_check_authority(const struct sshkey *, int, int,
143 const char *, const char **); 143 const char *, const char **);
144size_t sshkey_format_cert_validity(const struct sshkey_cert *,
145 char *, size_t) __attribute__((__bounded__(__string__, 2, 3)));
144 146
145int sshkey_ecdsa_nid_from_name(const char *); 147int sshkey_ecdsa_nid_from_name(const char *);
146int sshkey_curve_name_to_nid(const char *); 148int sshkey_curve_name_to_nid(const char *);
@@ -167,7 +169,7 @@ int sshkey_plain_to_blob(const struct sshkey *, u_char **, size_t *);
167int sshkey_putb_plain(const struct sshkey *, struct sshbuf *); 169int sshkey_putb_plain(const struct sshkey *, struct sshbuf *);
168 170
169int sshkey_sign(const struct sshkey *, u_char **, size_t *, 171int sshkey_sign(const struct sshkey *, u_char **, size_t *,
170 const u_char *, size_t, u_int); 172 const u_char *, size_t, const char *, u_int);
171int sshkey_verify(const struct sshkey *, const u_char *, size_t, 173int sshkey_verify(const struct sshkey *, const u_char *, size_t,
172 const u_char *, size_t, u_int); 174 const u_char *, size_t, u_int);
173 175
@@ -186,17 +188,16 @@ int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob,
186int sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, 188int sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob,
187 struct sshkey **keyp, char **commentp); 189 struct sshkey **keyp, char **commentp);
188int sshkey_parse_private_fileblob(struct sshbuf *buffer, 190int sshkey_parse_private_fileblob(struct sshbuf *buffer,
189 const char *passphrase, const char *filename, struct sshkey **keyp, 191 const char *passphrase, struct sshkey **keyp, char **commentp);
190 char **commentp);
191int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, 192int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
192 const char *passphrase, struct sshkey **keyp, char **commentp); 193 const char *passphrase, struct sshkey **keyp, char **commentp);
193 194
194#ifdef SSHKEY_INTERNAL 195#ifdef SSHKEY_INTERNAL
195int ssh_rsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, 196int ssh_rsa_sign(const struct sshkey *key,
196 const u_char *data, size_t datalen, u_int compat); 197 u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,
198 const char *ident);
197int ssh_rsa_verify(const struct sshkey *key, 199int ssh_rsa_verify(const struct sshkey *key,
198 const u_char *signature, size_t signaturelen, 200 const u_char *sig, size_t siglen, const u_char *data, size_t datalen);
199 const u_char *data, size_t datalen, u_int compat);
200int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, 201int ssh_dss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
201 const u_char *data, size_t datalen, u_int compat); 202 const u_char *data, size_t datalen, u_int compat);
202int ssh_dss_verify(const struct sshkey *key, 203int ssh_dss_verify(const struct sshkey *key,
diff --git a/sshlogin.c b/sshlogin.c
index 818312ff1..cea3e7697 100644
--- a/sshlogin.c
+++ b/sshlogin.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshlogin.c,v 1.31 2015/01/20 23:14:00 deraadt Exp $ */ 1/* $OpenBSD: sshlogin.c,v 1.32 2015/12/26 20:51:35 guenther Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
diff --git a/uidswap.c b/uidswap.c
index 0702e1d9e..8bf6b244e 100644
--- a/uidswap.c
+++ b/uidswap.c
@@ -134,7 +134,7 @@ temporarily_use_uid(struct passwd *pw)
134void 134void
135permanently_drop_suid(uid_t uid) 135permanently_drop_suid(uid_t uid)
136{ 136{
137#ifndef HAVE_CYGWIN 137#ifndef NO_UID_RESTORATION_TEST
138 uid_t old_uid = getuid(); 138 uid_t old_uid = getuid();
139#endif 139#endif
140 140
@@ -142,8 +142,14 @@ permanently_drop_suid(uid_t uid)
142 if (setresuid(uid, uid, uid) < 0) 142 if (setresuid(uid, uid, uid) < 0)
143 fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno)); 143 fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno));
144 144
145#ifndef HAVE_CYGWIN 145#ifndef NO_UID_RESTORATION_TEST
146 /* Try restoration of UID if changed (test clearing of saved uid) */ 146 /*
147 * Try restoration of UID if changed (test clearing of saved uid).
148 *
149 * Note that we don't do this on Cygwin, or on Solaris-based platforms
150 * where fine-grained privileges are available (the user might be
151 * deliberately allowed the right to setuid back to root).
152 */
147 if (old_uid != uid && 153 if (old_uid != uid &&
148 (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) 154 (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
149 fatal("%s: was able to restore old [e]uid", __func__); 155 fatal("%s: was able to restore old [e]uid", __func__);
@@ -199,7 +205,7 @@ restore_uid(void)
199void 205void
200permanently_set_uid(struct passwd *pw) 206permanently_set_uid(struct passwd *pw)
201{ 207{
202#ifndef HAVE_CYGWIN 208#ifndef NO_UID_RESTORATION_TEST
203 uid_t old_uid = getuid(); 209 uid_t old_uid = getuid();
204 gid_t old_gid = getgid(); 210 gid_t old_gid = getgid();
205#endif 211#endif
@@ -227,7 +233,7 @@ permanently_set_uid(struct passwd *pw)
227 if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) 233 if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)
228 fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno)); 234 fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
229 235
230#ifndef HAVE_CYGWIN 236#ifndef NO_UID_RESTORATION_TEST
231 /* Try restoration of GID if changed (test clearing of saved gid) */ 237 /* Try restoration of GID if changed (test clearing of saved gid) */
232 if (old_gid != pw->pw_gid && pw->pw_uid != 0 && 238 if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
233 (setgid(old_gid) != -1 || setegid(old_gid) != -1)) 239 (setgid(old_gid) != -1 || setegid(old_gid) != -1))
@@ -241,7 +247,7 @@ permanently_set_uid(struct passwd *pw)
241 (u_int)pw->pw_gid); 247 (u_int)pw->pw_gid);
242 } 248 }
243 249
244#ifndef HAVE_CYGWIN 250#ifndef NO_UID_RESTORATION_TEST
245 /* Try restoration of UID if changed (test clearing of saved uid) */ 251 /* Try restoration of UID if changed (test clearing of saved uid) */
246 if (old_uid != pw->pw_uid && 252 if (old_uid != pw->pw_uid &&
247 (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) 253 (setuid(old_uid) != -1 || seteuid(old_uid) != -1))
diff --git a/version.h b/version.h
index 41e1ea931..4189982a9 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
1/* $OpenBSD: version.h,v 1.75 2015/08/21 03:45:26 djm Exp $ */ 1/* $OpenBSD: version.h,v 1.76 2016/02/23 09:14:34 djm Exp $ */
2 2
3#define SSH_VERSION "OpenSSH_7.1" 3#define SSH_VERSION "OpenSSH_7.2"
4 4
5#define SSH_PORTABLE "p2" 5#define SSH_PORTABLE "p1"
6#define SSH_RELEASE SSH_VERSION SSH_PORTABLE 6#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
diff --git a/xmalloc.c b/xmalloc.c
index 98cbf8776..b58323677 100644
--- a/xmalloc.c
+++ b/xmalloc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: xmalloc.c,v 1.32 2015/04/24 01:36:01 deraadt Exp $ */ 1/* $OpenBSD: xmalloc.c,v 1.33 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -26,6 +26,16 @@
26#include "xmalloc.h" 26#include "xmalloc.h"
27#include "log.h" 27#include "log.h"
28 28
29void
30ssh_malloc_init(void)
31{
32#if defined(__OpenBSD__)
33 extern char *malloc_options;
34
35 malloc_options = "S";
36#endif /* __OpenBSD__ */
37}
38
29void * 39void *
30xmalloc(size_t size) 40xmalloc(size_t size)
31{ 41{
diff --git a/xmalloc.h b/xmalloc.h
index 2bec77ba8..e49928932 100644
--- a/xmalloc.h
+++ b/xmalloc.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: xmalloc.h,v 1.15 2015/04/24 01:36:01 deraadt Exp $ */ 1/* $OpenBSD: xmalloc.h,v 1.16 2016/02/15 09:47:49 dtucker Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -16,6 +16,7 @@
16 * called by a name other than "ssh" or "Secure Shell". 16 * called by a name other than "ssh" or "Secure Shell".
17 */ 17 */
18 18
19void ssh_malloc_init(void);
19void *xmalloc(size_t); 20void *xmalloc(size_t);
20void *xcalloc(size_t, size_t); 21void *xcalloc(size_t, size_t);
21void *xreallocarray(void *, size_t, size_t); 22void *xreallocarray(void *, size_t, size_t);