summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-03-29Add DebianBanner server configuration optionKees Cook
Setting this to "no" causes sshd to omit the Debian revision from its initial protocol handshake, for those scared by package-versioning.patch. Bug-Debian: http://bugs.debian.org/562048 Forwarded: not-needed Last-Update: 2015-11-29 Patch-Name: debian-banner.patch
2017-03-29Include the Debian version in our identificationMatthew Vernon
This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
2017-03-29Mention ssh-keygen in ssh fingerprint changed warningScott Moser
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843 Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607 Last-Update: 2015-09-08 Patch-Name: mention-ssh-keygen-on-keychange.patch
2017-03-29Quieten logs when multiple from= restrictions are usedColin Watson
Bug-Debian: http://bugs.debian.org/630606 Forwarded: no Last-Update: 2013-09-14 Patch-Name: auth-log-verbosity.patch
2017-03-29Force use of DNSSEC even if "options edns0" isn't in resolv.confColin Watson
This allows SSHFP DNS records to be verified if glibc 2.11 is installed. Origin: vendor, https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.2p1-edns.patch?revision=1.1&view=markup Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Last-Update: 2010-04-06 Patch-Name: dnssec-sshfp.patch
2017-03-29Look for $SHELL on the path for ProxyCommand/LocalCommandColin Watson
There's some debate on the upstream bug about whether POSIX requires this. I (Colin Watson) agree with Vincent and think it does. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494 Bug-Debian: http://bugs.debian.org/492728 Last-Update: 2013-09-14 Patch-Name: shell-path.patch
2017-03-29Adjust scp quoting in verbose modeNicolas Valcárcel
Tweak scp's reporting of filenames in verbose mode to be a bit less confusing with spaces. This should be revised to mimic real shell quoting. Bug-Ubuntu: https://bugs.launchpad.net/bugs/89945 Last-Update: 2010-02-27 Patch-Name: scp-quoting.patch
2017-03-29Allow harmless group-writabilityColin Watson
Allow secure files (~/.ssh/config, ~/.ssh/authorized_keys, etc.) to be group-writable, provided that the group in question contains only the file's owner. Rejected upstream for IMO incorrect reasons (e.g. a misunderstanding about the contents of gr->gr_mem). Given that per-user groups and umask 002 are the default setup in Debian (for good reasons - this makes operating in setgid directories with other groups much easier), we need to permit this by default. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 Last-Update: 2013-09-14 Patch-Name: user-group-modes.patch
2017-03-29Reduce severity of "Killed by signal %d"Peter Samuelson
This produces irritating messages when using ProxyCommand or other programs that use ssh under the covers (e.g. Subversion). These messages are more normally printed by the calling program, such as the shell. According to the upstream bug, the right way to avoid this is to use the -q option, so we may drop this patch after further investigation into whether any software in Debian is still relying on it. Author: Colin Watson <cjwatson@debian.org> Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1118 Bug-Debian: http://bugs.debian.org/313371 Last-Update: 2013-09-14 Patch-Name: quieter-signals.patch
2017-03-29"LogLevel SILENT" compatibilityJonathan David Amery
"LogLevel SILENT" (-qq) was introduced in Debian openssh 1:3.0.1p1-1 to match the behaviour of non-free SSH, in which -q does not suppress fatal errors. However, this was unintentionally broken in 1:4.6p1-2 and nobody complained, so we've dropped most of it. The parts that remain are basic configuration file compatibility, and an adjustment to "Pseudo-terminal will not be allocated ..." which should be split out into a separate patch. Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2013-09-14 Patch-Name: syslog-level-silent.patch
2017-03-29Various keepalive extensionsRichard Kettlewell
Add compatibility aliases for ProtocolKeepAlives and SetupTimeOut, supported in previous versions of Debian's OpenSSH package but since superseded by ServerAliveInterval. (We're probably stuck with this bit for compatibility.) In batch mode, default ServerAliveInterval to five minutes. Adjust documentation to match and to give some more advice on use of keepalives. Author: Ian Jackson <ian@chiark.greenend.org.uk> Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2016-12-26 Patch-Name: keepalive-extensions.patch
2017-03-29Accept obsolete ssh-vulnkey configuration optionsColin Watson
These options were used as part of Debian's response to CVE-2008-0166. Nearly six years later, we no longer need to continue carrying the bulk of that patch, but we do need to avoid failing when the associated configuration options are still present. Last-Update: 2014-02-09 Patch-Name: ssh-vulnkey-compat.patch
2017-03-29Handle SELinux authorisation rolesManoj Srivastava
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2015-08-19 Patch-Name: selinux-role.patch
2017-03-29Restore TCP wrappers supportColin Watson
Support for TCP wrappers was dropped in OpenSSH 6.7. See this message and thread: https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html It is true that this reduces preauth attack surface in sshd. On the other hand, this support seems to be quite widely used, and abruptly dropping it (from the perspective of users who don't read openssh-unix-dev) could easily cause more serious problems in practice. It's not entirely clear what the right long-term answer for Debian is, but it at least probably doesn't involve dropping this feature shortly before a freeze. Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: restore-tcp-wrappers.patch
2017-03-29GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2017-01-16 Patch-Name: gssapi.patch
2017-03-29Import openssh_7.5p1.orig.tar.gzColin Watson
2017-03-20Add llabs() implementation.Darren Tucker
2017-03-20crank version numbersDamien Miller
2017-03-20upstream commitdjm@openbsd.org
openssh-7.5 Upstream-ID: b8b9a4a949427c393cd868215e1724ceb3467ee5
2017-03-20I'm a doofus.Damien Miller
Unbreak obvious syntax error.
2017-03-20on Cygwin, check paths from server for backslashesDamien Miller
Pointed out by Jann Horn of Google Project Zero
2017-03-20Yet another synonym for ASCII: "646"Damien Miller
Used by NetBSD; this unbreaks mprintf() and friends there for the C locale (caught by dtucker@ and his menagerie of test systems).
2017-03-20create test mux socket in /tmpDamien Miller
Creating the socket in $OBJ could blow past the (quite limited) path limit for Unix domain sockets. As a bandaid for bz#2660, reported by Colin Watson; ok dtucker@
2017-03-17upstream commitmarkus@openbsd.org
disallow KEXINIT before NEWKEYS; ok djm; report by vegard.nossum at oracle.com Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234
2017-03-16Include includes.h for compat bits.Darren Tucker
2017-03-16Wrap stdint.h in #ifdef HAVE_STDINT_HDarren Tucker
2017-03-16Adapt Cygwin config script to privsep knob removalDamien Miller
Patch from Corinna Vinschen.
2017-03-15upstream commitderaadt@openbsd.org
accidents happen to the best of us; ok djm Upstream-ID: b7a9dbd71011ffde95e06f6945fe7197dedd1604
2017-03-15upstream commitdjm@openbsd.org
fix regression in 7.4: deletion of PKCS#11-hosted keys would fail unless they were specified by full physical pathname. Report and fix from Jakub Jelen via bz#2682; ok dtucker@ Upstream-ID: 5b5bc20ca11cacb5d5eb29c3f93fd18425552268
2017-03-15upstream commitdjm@openbsd.org
Fix segfault when sshd attempts to load RSA1 keys (can only happen when protocol v.1 support is enabled for the client). Reported by Jakub Jelen in bz#2686; ok dtucker Upstream-ID: 8fdaec2ba4b5f65db1d094f6714ce64b25d871d7
2017-03-15upstream commitdjm@openbsd.org
Mark the sshd_config UsePrivilegeSeparation option as deprecated, effectively making privsep mandatory in sandboxing mode. ok markus@ deraadt@ (note: this doesn't remove the !privsep code paths, though that will happen eventually). Upstream-ID: b4c52666256c4dd865f8ce9431af5d6ce2d74a0a
2017-03-14Make seccomp-bpf sandbox work on Linux/X32Damien Miller
Allow clock_gettime syscall with X32 bit masked off. Apparently this is required for at least some kernel versions. bz#2142 Patch mostly by Colin Watson. ok dtucker@
2017-03-14require OpenSSL >=1.0.1Damien Miller
2017-03-14Remove macro trickery; no binary changeDamien Miller
This stops the SC_ALLOW(), SC_ALLOW_ARG() and SC_DENY() macros prepending __NR_ to the syscall number parameter and just makes them explicit in the macro invocations. No binary change in stripped object file before/after.
2017-03-14support ioctls for ICA crypto card on Linux/s390Damien Miller
Based on patch from Eduardo Barretto; ok dtucker@
2017-03-14Plumb conversion test into makefile.Darren Tucker
2017-03-14upstream commitdtucker@openbsd.org
Add unit test for convtime(). Upstream-Regress-ID: 8717bc0ca4c21120f6dd3a1d3b7a363f707c31e1
2017-03-14upstream commitdtucker@openbsd.org
Add ASSERT_LONG_* helpers. Upstream-Regress-ID: fe15beaea8f5063c7f21b0660c722648e3d76431
2017-03-14upstream commitdtucker@openbsd.org
Fix convtime() overflow test on boundary condition, spotted by & ok djm. Upstream-ID: 51f14c507ea87a3022e63f574100613ab2ba5708
2017-03-14upstream commitdtucker@openbsd.org
Check for integer overflow when parsing times in convtime(). Reported by nicolas.iooss at m4x.org, ok djm@ Upstream-ID: 35e6a4e98f6fa24df50bfb8ba1307cf70e966f13
2017-03-14Add a "unit" target to run only unit tests.Darren Tucker
2017-03-14Fix weakness in seccomp-bpf sandbox arg inspectionDamien Miller
Syscall arguments are passed via an array of 64-bit values in struct seccomp_data, but we were only inspecting the bottom 32 bits and not even those correctly for BE systems. Fortunately, the only case argument inspection was used was in the socketcall filtering so using this for sandbox escape seems impossible. ok dtucker
2017-03-12upstream commitdjm@openbsd.org
regress tests for loading certificates without public keys; bz#2617 based on patch from Adam Eijdenberg; ok markus@ dtucker@ Upstream-Regress-ID: 0145d19328ed995b73fe2d9da33596b17429d0d0
2017-03-12upstream commitdjm@openbsd.org
allow ssh to use certificates accompanied by a private key file but no corresponding plain *.pub public key. bz#2617 based on patch from Adam Eijdenberg; ok dtucker@ markus@ Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9
2017-03-12upstream commitmarkus@openbsd.org
Don't count the initial block twice when computing how many bytes to discard for the work around for the attacks against CBC-mode. ok djm@; report from Jean Paul, Kenny, Martin and Torben @ RHUL Upstream-ID: f445f509a4e0a7ba3b9c0dae7311cb42458dc1e2
2017-03-12upstream commitdtucker@openbsd.org
krl.c Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1
2017-03-12sync fmt_scaled.c with OpenBSDDamien Miller
revision 1.13 date: 2017/03/11 23:37:23; author: djm; state: Exp; lines: +14 -1; commitid: jnFKyHkB3CEiEZ2R; fix signed integer overflow in scan_scaled. Found by Nicolas Iooss using AFL against ssh_config. ok deraadt@ millert@ ---------------------------- revision 1.12 date: 2013/11/29 19:00:51; author: deraadt; state: Exp; lines: +6 -5; fairly simple unsigned char casts for ctype ok krw ---------------------------- revision 1.11 date: 2012/11/12 14:07:20; author: halex; state: Exp; lines: +4 -2; make scan_scaled set errno to EINVAL rather than ERANGE if it encounters an invalid multiplier, like the man page says it should "looks sensible" deraadt@, ok ian@ ---------------------------- revision 1.10 date: 2009/06/20 15:00:04; author: martynas; state: Exp; lines: +4 -4; use llabs instead of the home-grown version; and some comment changes ok ian@, millert@ ----------------------------
2017-03-10upstream commitdjm@openbsd.org
When updating hostkeys, accept RSA keys if HostkeyAlgorithms contains any RSA keytype. Previously, ssh could ignore RSA keys when any of the ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms nit ssh-rsa (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; ok dtucker@ Upstream-ID: c5e8cfee15c42f4a05d126158a0766ea06da79d2
2017-03-10upstream commitdjm@openbsd.org
make hostname matching really insensitive to case; bz#2685, reported by Petr Cerny; ok dtucker@ Upstream-ID: e467622ff154269e36ba8b6c9e3d105e1c4a9253
2017-03-10upstream commitdjm@openbsd.org
reword a comment to make it fit 80 columns Upstream-ID: 4ef509a66b96c7314bbcc87027c2af71fa9d0ba4