summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-10-17Require OpenSSL 1.1.x series 1.1.0g or greaterDamien Miller
Previous versions have a bug with EVP_CipherInit() when passed a NULL EVP_CIPHER, per https://github.com/openssl/openssl/pull/4613 ok dtucker@
2018-10-17unbreak compilation with --with-ssl-engineDamien Miller
Missing last argument to OPENSSL_init_crypto()
2018-10-16Remove gcc spectre mitigation flags.Darren Tucker
Current impementions of the gcc spectre mitigation flags cause miscompilations when combined with other flags and do not provide much protection. Found by fweimer at redhat.com, ok djm@
2018-10-16Avoid deprecated OPENSSL_config when using 1.1.xDamien Miller
OpenSSL 1.1.x soft-deprecated OPENSSL_config in favour of OPENSSL_init_crypto; pointed out by Jakub Jelen
2018-10-12Don't avoid our *sprintf replacements.Darren Tucker
Don't let systems with broken printf(3) avoid our replacements via asprintf(3)/vasprintf(3) calling libc internally. From djm@
2018-10-12Check if snprintf understands %zu.Darren Tucker
If the platforms snprintf and friends don't understand %zu, use the compat replacement. Prevents segfaults on those platforms.
2018-10-12remove stale link, tweakDamien Miller
2018-10-12update version numbers ahead of releaseDamien Miller
2018-10-12upstream: don't send new-style rsa-sha2-*-cert-v01@openssh.com names todjm@openbsd.org
older OpenSSH that can't handle them. spotted by Adam Eijdenberg; ok dtucker OpenBSD-Commit-ID: 662bbc402e3d7c9b6c322806269698106a6ae631
2018-10-11update dependsDamien Miller
2018-10-11some more duplicated key algorithm linesDamien Miller
From Adam Eijdenberg
2018-10-11fix duplicated algorithm specification linesDamien Miller
Spotted by Adam Eijdenberg
2018-10-11upstream: typo in plain RSA algorithm counterpart names fordjm@openbsd.org
certificates; spotted by Adam Eijdenberg; ok dtucker@ OpenBSD-Commit-ID: bfcdeb6f4fc9e7607f5096574c8f118f2e709e00
2018-10-11check pw_passwd != NULL here tooDamien Miller
Again, for systems with broken NIS implementations. Prompted by coolbugcheckers AT gmail.com
2018-10-11check for NULL return from shadow_pw()Damien Miller
probably unreachable on this platform; pointed out by coolbugcheckers AT gmail.com
2018-10-11upstream: introducing openssh 7.9deraadt@openbsd.org
OpenBSD-Commit-ID: 42d526a9fe01a40dd299ac58014d3349adf40e25
2018-10-11supply callback to PEM_read_bio_PrivateKeyDamien Miller
OpenSSL 1.1.0i has changed the behaviour of their PEM APIs, so that empty passphrases are interpreted differently. This probabalistically breaks loading some keys, because the PEM format is terrible and doesn't include a proper MAC. Avoid this by providing a basic callback to avoid passing empty passphrases to OpenSSL in cases where one is required. Based on patch from Jakub Jelen in bz#2913; ok dtucker@
2018-10-10in pick_salt() avoid dereference of NULL passwordsDamien Miller
Apparently some NIS implementations can leave pw->pw_passwd (or the shadow equivalent) NULL. bz#2909; based on patch from Todd Eigenschink
2018-10-09upstream: Treat all PEM_read_bio_PrivateKey() errors when a passphrasedjm@openbsd.org
is specified as "incorrect passphrase" instead of trying to choose between that and "invalid format". libcrypto can return ASN1 parsing errors rather than the expected decrypt error in certain infrequent cases when trying to decrypt/parse PEM private keys when supplied with an invalid passphrase. Report and repro recipe from Thomas Deutschmann in bz#2901 ok markus@ OpenBSD-Commit-ID: b1d4cd92395f9743f81c0d23aab2524109580870
2018-10-07upstream: Support using service names for port numbers.naddy@openbsd.org
* Try to resolve a port specification with getservbyname(3) if a numeric conversion fails. * Make the "Port" option in ssh_config handle its argument as a port rather than a plain integer. ok dtucker@ deraadt@ OpenBSD-Commit-ID: e7f03633133205ab3dfbc67f9df7475fabae660d
2018-10-04upstream: when the peer sends a channel-close message, make sure wedjm@openbsd.org
close the local extended read fd (stderr) along with the regular read fd (stdout). Avoids weird stuck processed in multiplexing mode. Report and analysis by Nelson Elhage and Geoffrey Thomas in bz#2863 ok dtucker@ markus@ OpenBSD-Commit-ID: a48a2467fe938de4de69d2e7193d5fa701f12ae9
2018-10-04upstream: factor out channel status formatting fromdjm@openbsd.org
channel_open_message() so we can use it in other debug messages OpenBSD-Commit-ID: 9c3903ca28fcabad57f566c9d0045b41ab7d52ba
2018-10-04upstream: include a little more information about the status anddjm@openbsd.org
disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change. OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce
2018-10-04upstream: explicit_bzero here to be consistent with other kex*.c;djm@openbsd.org
report from coolbugcheckers AT gmail.com OpenBSD-Commit-ID: a90f146c5b5f5b1408700395e394f70b440856cb
2018-10-03upstream: Allow ssh_config IdentityAgent directive to acceptdjm@openbsd.org
environment variable names as well as explicit paths. ok dtucker@ OpenBSD-Commit-ID: 2f0996e103876c53d8c9dd51dcce9889d700767b
2018-10-02upstream: mention INFO@openssh.com for sending SIGINFOdjm@openbsd.org
OpenBSD-Commit-ID: 132471eeb0df658210afd27852fe65131b26e900
2018-10-02only support SIGINFO on systems with SIGINFODamien Miller
2018-10-02upstream: Add server support for signalling sessions via the SSHdjm@openbsd.org
channel/ session protocol. Signalling is only supported to sesssions that are not subsystems and were not started with a forced command. Long requested in bz#1424 Based on a patch from markus@ and reworked by dtucker@; ok markus@ dtucker@ OpenBSD-Commit-ID: 4bea826f575862eaac569c4bedd1056a268be1c3
2018-09-26upstream: remove big ugly TODO comment from start of file. Some ofdjm@openbsd.org
the mentioned tasks are obsolete and, of the remainder, most are already captured in PROTOCOL.mux where they better belong OpenBSD-Commit-ID: 16d9d76dee42a5bb651c9d6740f7f0ef68aeb407
2018-09-26upstream: Document mux proxy mode; added by Markus in openssh-7.4djm@openbsd.org
Also add a little bit of information about the overall packet format OpenBSD-Commit-ID: bdb6f6ea8580ef96792e270cae7857786ad84a95
2018-09-26upstream: s/process_mux_master/mux_master_process/ in mux masterdjm@openbsd.org
function names, Gives better symmetry with the existing mux_client_*() names and makes it more obvious when a message comes from the master vs client (they are interleved in ControlMaster=auto mode). no functional change beyond prefixing a could of log messages with __func__ where they were previously lacking. OpenBSD-Commit-ID: b01f7c3fdf92692e1713a822a89dc499333daf75
2018-09-22Remove unused variable in _ssh_compat_fflush.Darren Tucker
2018-09-22Import updated moduli.Darren Tucker
2018-09-21upstream: Allow ssh_config ForwardX11Timeout=0 to disable thedjm@openbsd.org
timeout and allow X11 connections in untrusted mode indefinitely. ok dtucker@ OpenBSD-Commit-ID: ea1ceed3f540b48e5803f933e59a03b20db10c69
2018-09-21upstream: when compiled with GSSAPI support, cache supported methoddjm@openbsd.org
OIDs by calling ssh_gssapi_prepare_supported_oids() regardless of whether GSSAPI authentication is enabled in the main config. This avoids sandbox violations for configurations that enable GSSAPI auth later, e.g. Match user djm GSSAPIAuthentication yes bz#2107; ok dtucker@ OpenBSD-Commit-ID: a5dd42d87c74e27cfb712b15b0f97ab20e0afd1d
2018-09-21upstream: In sshkey_in_file(), ignore keys that are considered fordjm@openbsd.org
being too short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered to be "in the file". This allows key revocation lists to contain short keys without the entire revocation list being considered invalid. bz#2897; ok dtucker OpenBSD-Commit-ID: d9f3d857d07194a42ad7e62889a74dc3f9d9924b
2018-09-21upstream: Treat connections with ProxyJump specified the same as onesdjm@openbsd.org
with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't try to canonicalise the hostname unless CanonicalizeHostname is set to 'always'). Patch from Sven Wegener via bz#2896 OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37
2018-09-21upstream: actually make CASignatureAlgorithms available as a configdjm@openbsd.org
option OpenBSD-Commit-ID: 93fa7ff58314ed7b1ab7744090a6a91232e6ae52
2018-09-21upstream: Import updated moduli.dtucker@openbsd.org
OpenBSD-Commit-ID: 04431e8e7872f49a2129bf080a6b73c19d576d40
2018-09-21upstream: reorder CASignatureAlgorithms, and add them to thejmc@openbsd.org
various -o lists; ok djm OpenBSD-Commit-ID: ecb88baecc3c54988b4d1654446ea033da359288
2018-09-20upstream: fix "ssh -Q sig" to show correct signature algorithm listdjm@openbsd.org
(it was erroneously showing certificate algorithms); prompted by markus@ OpenBSD-Commit-ID: 1cdee002f2f0c21456979deeb887fc889afb154d
2018-09-20upstream: add CASignatureAlgorithms option for the client, allowingdjm@openbsd.org
it to specify which signature algorithms may be used by CAs when signing certificates. Useful if you want to ban RSA/SHA1; ok markus@ OpenBSD-Commit-ID: 9159e5e9f67504829bf53ff222057307a6e3230f
2018-09-20upstream: Add sshd_config CASignatureAlgorithms option to allowdjm@openbsd.org
control over which signature algorithms a CA may use when signing certificates. In particular, this allows a sshd to ban certificates signed with RSA/SHA1. ok markus@ OpenBSD-Commit-ID: b05c86ef8b52b913ed48d54a9b9c1a7714d96bac
2018-09-20upstream: Make "ssh-add -q" do what it says on the tin: silencedjm@openbsd.org
output from successful operations. Based on patch from Thijs van Dijk; ok dtucker@ deraadt@ OpenBSD-Commit-ID: c4f754ecc055c10af166116ce7515104aa8522e1
2018-09-20upstream: When choosing a prime from the moduli file, avoidmillert@openbsd.org
re-using the linenum variable for something that is not a line number to avoid the confusion that resulted in the bug in rev. 1.64. This also lets us pass the actual linenum to parse_prime() so the error messages include the correct line number. OK markus@ some time ago. OpenBSD-Commit-ID: 4d8e5d3e924d6e8eb70053e3defa23c151a00084
2018-09-15Fix openssl-1.1 fallout for --without-openssl.Darren Tucker
ok djm@
2018-09-15add futex(2) syscall to seccomp sandboxDamien Miller
Apparently needed for some glibc/openssl combinations. Patch from Arkadiusz Miƛkiewicz
2018-09-15really add source for authopt_fuzz this timeDamien Miller
2018-09-15remove accidentally checked-in authopt_fuzz binaryDamien Miller
2018-09-14upstream: second try, deals properly with missing and private-onlydjm@openbsd.org
Use consistent format in debug log for keys readied, offered and received during public key authentication. This makes it a little easier to see what is going on, as each message now contains (where available) the key filename, its type and fingerprint, and whether the key is hosted in an agent or a token. OpenBSD-Commit-ID: f1c6a8e9cfc4e108c359db77f24f9a40e1e25ea7