summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-06-24upstream commitdjm@openbsd.org
ban AuthenticationMethods="" and accept AuthenticationMethods=any for the default behaviour of not requiring multiple authentication bz#2398 from Jakub Jelen; ok dtucker@ Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27
2016-06-24upstream commitdtucker@openbsd.org
Include stdarg.h for va_copy as per man page. Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd
2016-06-24upstream commitjmc@openbsd.org
keys stored in openssh format can have comments too; diff from yonas yanfa, tweaked a bit; ok djm Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27
2016-06-20get_remote_name_or_ip inside LOGIN_NEEDS_UTMPXDarren Tucker
Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX. Fixes build on AIX.
2016-06-17Remove duplicate code from PAM. ok djm@Darren Tucker
2016-06-15upstream commitdtucker@openbsd.org
Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message about forward and reverse DNS not matching. We haven't supported IP-based auth methods for a very long time so it's now misleading. part of bz#2585, ok markus@ Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29
2016-06-15Move platform_disable_tracing into its own file.Darren Tucker
Prevents link errors resolving the extern "options" when platform.o gets linked into ssh-agent when building --with-pam.
2016-06-14Track skipped upstream commit IDs.Darren Tucker
There are a small number of "upstream" commits that do not correspond to a file in -portable. This file tracks those so that we can reconcile OpenBSD and Portable to ensure that no commits are accidentally missed. If you add something to .skipped-commit-ids please also add an upstream ID line in the following format when you commit it. Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee
2016-06-14Remove now-defunct .cvsignore files. ok djmDarren Tucker
2016-06-14upstream commitdtucker@openbsd.org
Back out rev 1.28 "Check min and max sizes sent by the client" change. It caused "key_verify failed for server_host_key" in clients that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. ok djm@ Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65
2016-06-14Use Solaris setpflags(__PROC_PROTECT, ...).Darren Tucker
Where possible, use Solaris setpflags to disable process tracing on ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee at oracle.com, ok djm.
2016-06-14Shorten prctl code a tiny bit.Darren Tucker
2016-06-09Move prctl PR_SET_DUMPABLE into platform.c.Darren Tucker
This should make it easier to add additional platform support such as Solaris (bz#2584).
2016-06-08upstream commitdtucker@openbsd.org
Add a test for ssh(1)'s config file parsing. Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601
2016-06-08upstream commitdtucker@openbsd.org
Add 'sshd' to the test ID as I'm about to add a similar set for ssh. Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a
2016-06-08upstream commitschwarze@openbsd.org
stricter malloc.conf(5) options for utf8 tests Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6
2016-06-08upstream commitschwarze@openbsd.org
Fix two rare edge cases: 1. If vasprintf() returns < 0, do not access a NULL pointer in snmprintf(), and do not free() the pointer returned from vasprintf() because on some systems other than OpenBSD, it might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" rather than -1 and NULL. Besides, free(dst) is pointless after failure (not a bug). One half OK martijn@, the other half OK deraadt@; committing quickly before people get hurt. Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4
2016-06-08upstream commitschwarze@openbsd.org
test the new utf8 module Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3
2016-06-08upstream commitdtucker@openbsd.org
Set umask to prevent "Bad owner or permissions" errors. Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417
2016-06-08upstream commitdjm@openbsd.org
support doas Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38
2016-06-08upstream commitdjm@openbsd.org
unit tests for sshbuf_dup_string() Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d
2016-06-08upstream commitjmc@openbsd.org
tweak previous; Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698
2016-06-08upstream commitdtucker@openbsd.org
Allow ExitOnForwardFailure and ClearAllForwardings to be overridden when using ssh -W (but still default to yes in that case). bz#2577, ok djm@. Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4
2016-06-08upstream commitdtucker@openbsd.org
Move the host and port used by ssh -W into the Options struct. This will make future changes a bit easier. ok djm@ Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382
2016-06-08upstream commitdtucker@openbsd.org
Check min and max sizes sent by the client against what we support before passing them to the monitor. ok djm@ Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece
2016-06-08upstream commitdtucker@openbsd.org
Ensure that the client's proposed DH-GEX max value is at least as big as the minimum the server will accept. ok djm@ Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775
2016-06-06Add compat bits to utf8.c.Darren Tucker
2016-06-06Fix utf->utf8 typo.Darren Tucker
2016-06-06upstream commitschwarze@openbsd.org
Backout rev. 1.43 for now. The function update_progress_meter() calls refresh_progress_meter() which calls snmprintf() which calls malloc(); but update_progress_meter() acts as the SIGALRM signal handler. "malloc(): error: recursive call" reported by sobrado@. Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
2016-06-06upstream commitschwarze@openbsd.org
Even when only writing an unescaped character, the dst buffer may need to grow, or it would be overrun; issue found by tb@ with malloc.conf(5) 'C'. While here, reserve an additional byte for the terminating NUL up front such that we don't have to realloc() later just for that. OK tb@ Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
2016-06-06upstream commitschwarze@openbsd.org
Fix two rare edge cases: 1. If vasprintf() returns < 0, do not access a NULL pointer in snmprintf(), and do not free() the pointer returned from vasprintf() because on some systems other than OpenBSD, it might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" rather than -1 and NULL. Besides, free(dst) is pointless after failure (not a bug). One half OK martijn@, the other half OK deraadt@; committing quickly before people get hurt. Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
2016-06-06upstream commitschwarze@openbsd.org
To prevent screwing up terminal settings when printing to the terminal, for ASCII and UTF-8, escape bytes not forming characters and bytes forming non-printable characters with vis(3) VIS_OCTAL. For other character sets, abort printing of the current string in these cases. In particular, * let scp(1) respect the local user's LC_CTYPE locale(1); * sanitize data received from the remote host; * sanitize filenames, usernames, and similar data even locally; * take character display widths into account for the progressmeter. This is believed to be sufficient to keep the local terminal safe on OpenBSD, but bad things can still happen on other systems with state-dependent locales because many places in the code print unencoded ASCII characters into the output stream. Using feedback from djm@ and martijn@, various aspects discussed with many others. deraadt@ says it should go in now, i probably already hesitated too long Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
2016-06-06upstream commitdtucker@openbsd.org
KNF compression proposal and simplify the client side a little. ok djm@ Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
2016-06-06upstream commitdtucker@openbsd.org
Back out 'plug memleak'. Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
2016-06-06upstream commitdjm@openbsd.org
prefer agent-hosted keys to keys from PKCS#11; ok markus Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
2016-06-06upstream commitdtucker@openbsd.org
Plug mem leak in filter_proposal. ok djm@ Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
2016-06-03Update vis.h and vis.c from OpenBSD.Darren Tucker
This will be needed for the upcoming utf8 changes.
2016-05-31modified: configure.acTim Rice
whitspace clean up. No code changes.
2016-05-31whitespace at EOLDamien Miller
2016-05-30Add missing ssh-host-config --name optionDarren Tucker
Patch from vinschen@redhat.com.
2016-05-20Fix comment about sshpam_const and AIX.Darren Tucker
From mschwager via github.
2016-05-20Deny lstat syscalls in seccomp sandboxDamien Miller
Avoids sandbox violations for some krb/gssapi libraries.
2016-05-19upstream commitdjm@openbsd.org
fix type of ed25519 values Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
2016-05-19upstream commitmarkus@openbsd.org
add IdentityAgent; noticed & ok jmc@ Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
2016-05-19upstream commitmarkus@openbsd.org
allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@ Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
2016-05-19upstream commitmarkus@openbsd.org
move SSH_MSG_NONE, so we don't have to include ssh1.h; ok deraadt@ Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
2016-05-10initialise salen in binresvport_saDamien Miller
avoids failures with UsePrivilegedPort=yes patch from Juan Gallego
2016-05-05upstream commitmarkus@openbsd.org
missing const in prototypes (ssh1) Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
2016-05-05upstream commitdtucker@openbsd.org
Fix inverted logic for updating StreamLocalBindMask which would cause the server to set an invalid mask. ok djm@ Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
2016-05-05upstream commitmarkus@openbsd.org
IdentityAgent for specifying specific agent sockets; ok djm@ Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1