diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | servconf.c | 14 | ||||
| -rw-r--r-- | servconf.h | 3 | ||||
| -rw-r--r-- | session.c | 4 | ||||
| -rw-r--r-- | sshd_config | 4 | ||||
| -rw-r--r-- | sshd_config.5 | 11 |
6 files changed, 33 insertions, 8 deletions
| @@ -4,6 +4,11 @@ | |||
| 4 | [key.c key.h] | 4 | [key.c key.h] |
| 5 | fix potential stack exhaustion caused by nested certificates; | 5 | fix potential stack exhaustion caused by nested certificates; |
| 6 | report by Mateusz Kocielski; ok dtucker@ markus@ | 6 | report by Mateusz Kocielski; ok dtucker@ markus@ |
| 7 | - djm@cvs.openbsd.org 2013/10/29 09:48:02 | ||
| 8 | [servconf.c servconf.h session.c sshd_config sshd_config.5] | ||
| 9 | shd_config PermitTTY to disallow TTY allocation, mirroring the | ||
| 10 | longstanding no-pty authorized_keys option; | ||
| 11 | bz#2070, patch from Teran McKinney; ok markus@ | ||
| 7 | 12 | ||
| 8 | 20131026 | 13 | 20131026 |
| 9 | - (djm) OpenBSD CVS Sync | 14 | - (djm) OpenBSD CVS Sync |
diff --git a/servconf.c b/servconf.c index 82146723f..0f1bdd09a 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | 1 | ||
| 2 | /* $OpenBSD: servconf.c,v 1.243 2013/10/24 00:51:48 dtucker Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.244 2013/10/29 09:48:02 djm Exp $ */ |
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 5 | * All rights reserved | 5 | * All rights reserved |
| @@ -92,6 +92,7 @@ initialize_server_options(ServerOptions *options) | |||
| 92 | options->x11_forwarding = -1; | 92 | options->x11_forwarding = -1; |
| 93 | options->x11_display_offset = -1; | 93 | options->x11_display_offset = -1; |
| 94 | options->x11_use_localhost = -1; | 94 | options->x11_use_localhost = -1; |
| 95 | options->permit_tty = -1; | ||
| 95 | options->xauth_location = NULL; | 96 | options->xauth_location = NULL; |
| 96 | options->strict_modes = -1; | 97 | options->strict_modes = -1; |
| 97 | options->tcp_keep_alive = -1; | 98 | options->tcp_keep_alive = -1; |
| @@ -212,6 +213,8 @@ fill_default_server_options(ServerOptions *options) | |||
| 212 | options->x11_use_localhost = 1; | 213 | options->x11_use_localhost = 1; |
| 213 | if (options->xauth_location == NULL) | 214 | if (options->xauth_location == NULL) |
| 214 | options->xauth_location = _PATH_XAUTH; | 215 | options->xauth_location = _PATH_XAUTH; |
| 216 | if (options->permit_tty == -1) | ||
| 217 | options->permit_tty = 1; | ||
| 215 | if (options->strict_modes == -1) | 218 | if (options->strict_modes == -1) |
| 216 | options->strict_modes = 1; | 219 | options->strict_modes = 1; |
| 217 | if (options->tcp_keep_alive == -1) | 220 | if (options->tcp_keep_alive == -1) |
| @@ -329,7 +332,7 @@ typedef enum { | |||
| 329 | sListenAddress, sAddressFamily, | 332 | sListenAddress, sAddressFamily, |
| 330 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, | 333 | sPrintMotd, sPrintLastLog, sIgnoreRhosts, |
| 331 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, | 334 | sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, |
| 332 | sStrictModes, sEmptyPasswd, sTCPKeepAlive, | 335 | sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive, |
| 333 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, | 336 | sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, |
| 334 | sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, | 337 | sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, |
| 335 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, | 338 | sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, |
| @@ -462,6 +465,7 @@ static struct { | |||
| 462 | { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, | 465 | { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, |
| 463 | { "acceptenv", sAcceptEnv, SSHCFG_ALL }, | 466 | { "acceptenv", sAcceptEnv, SSHCFG_ALL }, |
| 464 | { "permittunnel", sPermitTunnel, SSHCFG_ALL }, | 467 | { "permittunnel", sPermitTunnel, SSHCFG_ALL }, |
| 468 | { "permittty", sPermitTTY, SSHCFG_ALL }, | ||
| 465 | { "match", sMatch, SSHCFG_ALL }, | 469 | { "match", sMatch, SSHCFG_ALL }, |
| 466 | { "permitopen", sPermitOpen, SSHCFG_ALL }, | 470 | { "permitopen", sPermitOpen, SSHCFG_ALL }, |
| 467 | { "forcecommand", sForceCommand, SSHCFG_ALL }, | 471 | { "forcecommand", sForceCommand, SSHCFG_ALL }, |
| @@ -1132,6 +1136,10 @@ process_server_config_line(ServerOptions *options, char *line, | |||
| 1132 | charptr = &options->xauth_location; | 1136 | charptr = &options->xauth_location; |
| 1133 | goto parse_filename; | 1137 | goto parse_filename; |
| 1134 | 1138 | ||
| 1139 | case sPermitTTY: | ||
| 1140 | intptr = &options->permit_tty; | ||
| 1141 | goto parse_flag; | ||
| 1142 | |||
| 1135 | case sStrictModes: | 1143 | case sStrictModes: |
| 1136 | intptr = &options->strict_modes; | 1144 | intptr = &options->strict_modes; |
| 1137 | goto parse_flag; | 1145 | goto parse_flag; |
| @@ -1783,6 +1791,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) | |||
| 1783 | M_CP_INTOPT(x11_display_offset); | 1791 | M_CP_INTOPT(x11_display_offset); |
| 1784 | M_CP_INTOPT(x11_forwarding); | 1792 | M_CP_INTOPT(x11_forwarding); |
| 1785 | M_CP_INTOPT(x11_use_localhost); | 1793 | M_CP_INTOPT(x11_use_localhost); |
| 1794 | M_CP_INTOPT(permit_tty); | ||
| 1786 | M_CP_INTOPT(max_sessions); | 1795 | M_CP_INTOPT(max_sessions); |
| 1787 | M_CP_INTOPT(max_authtries); | 1796 | M_CP_INTOPT(max_authtries); |
| 1788 | M_CP_INTOPT(ip_qos_interactive); | 1797 | M_CP_INTOPT(ip_qos_interactive); |
| @@ -2013,6 +2022,7 @@ dump_config(ServerOptions *o) | |||
| 2013 | dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); | 2022 | dump_cfg_fmtint(sPrintLastLog, o->print_lastlog); |
| 2014 | dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); | 2023 | dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding); |
| 2015 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); | 2024 | dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); |
| 2025 | dump_cfg_fmtint(sPermitTTY, o->permit_tty); | ||
| 2016 | dump_cfg_fmtint(sStrictModes, o->strict_modes); | 2026 | dump_cfg_fmtint(sStrictModes, o->strict_modes); |
| 2017 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); | 2027 | dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); |
| 2018 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); | 2028 | dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd); |
diff --git a/servconf.h b/servconf.h index 98aad8ba2..2d4b6ecb4 100644 --- a/servconf.h +++ b/servconf.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.h,v 1.109 2013/07/19 07:37:48 markus Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.110 2013/10/29 09:48:02 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -82,6 +82,7 @@ typedef struct { | |||
| 82 | * searching at */ | 82 | * searching at */ |
| 83 | int x11_use_localhost; /* If true, use localhost for fake X11 server. */ | 83 | int x11_use_localhost; /* If true, use localhost for fake X11 server. */ |
| 84 | char *xauth_location; /* Location of xauth program */ | 84 | char *xauth_location; /* Location of xauth program */ |
| 85 | int permit_tty; /* If false, deny pty allocation */ | ||
| 85 | int strict_modes; /* If true, require string home dir modes. */ | 86 | int strict_modes; /* If true, require string home dir modes. */ |
| 86 | int tcp_keep_alive; /* If true, set SO_KEEPALIVE. */ | 87 | int tcp_keep_alive; /* If true, set SO_KEEPALIVE. */ |
| 87 | int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ | 88 | int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: session.c,v 1.267 2013/10/14 21:20:52 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.268 2013/10/29 09:48:02 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -2062,7 +2062,7 @@ session_pty_req(Session *s) | |||
| 2062 | u_int len; | 2062 | u_int len; |
| 2063 | int n_bytes; | 2063 | int n_bytes; |
| 2064 | 2064 | ||
| 2065 | if (no_pty_flag) { | 2065 | if (no_pty_flag || !options.permit_tty) { |
| 2066 | debug("Allocating a pty not permitted for this authentication."); | 2066 | debug("Allocating a pty not permitted for this authentication."); |
| 2067 | return 0; | 2067 | return 0; |
| 2068 | } | 2068 | } |
diff --git a/sshd_config b/sshd_config index dbda7491e..235459af0 100644 --- a/sshd_config +++ b/sshd_config | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: sshd_config,v 1.91 2013/09/07 13:53:11 sthen Exp $ | 1 | # $OpenBSD: sshd_config,v 1.92 2013/10/29 09:48:02 djm Exp $ |
| 2 | 2 | ||
| 3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
| 4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
| @@ -101,6 +101,7 @@ AuthorizedKeysFile .ssh/authorized_keys | |||
| 101 | #X11Forwarding no | 101 | #X11Forwarding no |
| 102 | #X11DisplayOffset 10 | 102 | #X11DisplayOffset 10 |
| 103 | #X11UseLocalhost yes | 103 | #X11UseLocalhost yes |
| 104 | #PermitTTY yes | ||
| 104 | #PrintMotd yes | 105 | #PrintMotd yes |
| 105 | #PrintLastLog yes | 106 | #PrintLastLog yes |
| 106 | #TCPKeepAlive yes | 107 | #TCPKeepAlive yes |
| @@ -127,4 +128,5 @@ Subsystem sftp /usr/libexec/sftp-server | |||
| 127 | #Match User anoncvs | 128 | #Match User anoncvs |
| 128 | # X11Forwarding no | 129 | # X11Forwarding no |
| 129 | # AllowTcpForwarding no | 130 | # AllowTcpForwarding no |
| 131 | # PermitTTY no | ||
| 130 | # ForceCommand cvs server | 132 | # ForceCommand cvs server |
diff --git a/sshd_config.5 b/sshd_config.5 index 0536cc3c6..c3e30e614 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
| @@ -33,8 +33,8 @@ | |||
| 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 35 | .\" | 35 | .\" |
| 36 | .\" $OpenBSD: sshd_config.5,v 1.163 2013/10/24 00:51:48 dtucker Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.164 2013/10/29 09:48:02 djm Exp $ |
| 37 | .Dd $Mdocdate: October 24 2013 $ | 37 | .Dd $Mdocdate: October 29 2013 $ |
| 38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
| 39 | .Os | 39 | .Os |
| 40 | .Sh NAME | 40 | .Sh NAME |
| @@ -813,6 +813,7 @@ Available keywords are | |||
| 813 | .Cm PermitEmptyPasswords , | 813 | .Cm PermitEmptyPasswords , |
| 814 | .Cm PermitOpen , | 814 | .Cm PermitOpen , |
| 815 | .Cm PermitRootLogin , | 815 | .Cm PermitRootLogin , |
| 816 | .Cm PermitTTY , | ||
| 816 | .Cm PermitTunnel , | 817 | .Cm PermitTunnel , |
| 817 | .Cm PubkeyAuthentication , | 818 | .Cm PubkeyAuthentication , |
| 818 | .Cm RekeyLimit , | 819 | .Cm RekeyLimit , |
| @@ -942,6 +943,12 @@ and | |||
| 942 | .Dq ethernet . | 943 | .Dq ethernet . |
| 943 | The default is | 944 | The default is |
| 944 | .Dq no . | 945 | .Dq no . |
| 946 | .It Cm PermitTTY | ||
| 947 | Specifies whether | ||
| 948 | .Xr pty 7 | ||
| 949 | allocation is permitted. | ||
| 950 | The default is | ||
| 951 | .Dq yes . | ||
| 945 | .It Cm PermitUserEnvironment | 952 | .It Cm PermitUserEnvironment |
| 946 | Specifies whether | 953 | Specifies whether |
| 947 | .Pa ~/.ssh/environment | 954 | .Pa ~/.ssh/environment |