| Age | Commit message (Collapse) | Author |
|---|
|
the estimates from NIST Special Publication 800-57, 3k bits provides security
equivalent to 128 bits which is the smallest symmetric cipher we enable by
default. ok markus@ deraadt@
OpenBSD-Commit-ID: 461dd32ebe808f88f4fc3ec74749b0e6bef2276b
|
|
OpenBSD-Commit-ID: 478a0567c83553a2aebf95d0f1bd67ac1b1253e4
|
|
OpenBSD-Commit-ID: d4bec27edefde636fb632b7f0b7c656b9c7b7f08
|
|
OpenBSD-Commit-ID: febce81cca72b71f70513fbee4ff52ca050f675c
|
|
ok djm@
|
|
Seteuid now creates user token using S4U. We don't create a token
from scratch anymore, so we don't need the "Create a process token"
privilege. The service can run under SYSTEM again...
...unless Cygwin is running on Windows Vista or Windows 7 in the
WOW64 32 bit emulation layer. It turns out that WOW64 on these systems
didn't implement MsV1_0 S4U Logon so we still need the fallback
to NtCreateToken for these systems.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
|
|
The latter checks for memory exhaustion and integer overflow and may be
at a less predictable place. Sanity check by vinschen at redhat.com, ok
djm@
|
|
Patch from vinschen at redhat.com, updated a little by me.
|
|
function. This is a no-op on OpenBSD but will make things easier in
-portable, eg on systems where these checks should be case-insensitive. ok
djm@
OpenBSD-Commit-ID: 8bc9c8d98670e23f8eaaaefe29c1f98e7ba0487e
|
|
sending two keepalives successively and prematurely terminating connection
when ClientAliveCount=1. While there, collapse two similar tests into one.
ok markus@
OpenBSD-Commit-ID: 043670d201dfe222537a2a4bed16ce1087de5ddd
|
|
kn@
OpenBSD-Commit-ID: 1a9bec64d530aed5f434a960e7515a3e80cbc826
|
|
keying in debug messages. Previously it would be difficult to tell which
direction it was talking about
OpenBSD-Commit-ID: c2b71bfcceb2a7389b9d0b497fb2122a406a522d
|
|
1. Recently-forked child processes will briefly remain listening to
listen_socks. If the main server sshd process completes its restart
via execv() before these sockets are closed by the child processes
then it can fail to listen at the desired addresses/ports and/or
fail to restart.
2. When a SIGHUP is received, there may be forked child processes that
are awaiting their reexecution state. If the main server sshd
process restarts before passing this state, these child processes
will yield errors and use a fallback path of reading the current
sshd_config from the filesystem rather than use the one that sshd
was started with.
To fix both of these cases, we reuse the startup_pipes that are shared
between the main server sshd and forked children. Previously this was
used solely to implement tracking of pre-auth child processes for
MaxStartups, but this extends the messaging over these pipes to include
a child->parent message that the parent process is safe to restart. This
message is sent from the child after it has completed its preliminaries:
closing listen_socks and receiving its reexec state.
bz#2953, reported by Michal Koutný; ok markus@ dtucker@
OpenBSD-Commit-ID: 7df09eacfa3ce13e9a7b1e9f17276ecc924d65ab
|
|
mention of RSA keys only (since we support ECDSA now and might support others
in the future). Inspired by Jakub Jelen via bz#2974
OpenBSD-Commit-ID: a92e3686561bf624ccc64ab320c96c9e9a263aa5
|
|
print PKCS11Provider instead of obsolete SmartcardDevice in config dump.
bz#2974 ok dtucker@
OpenBSD-Commit-ID: c303d6f0230a33aa2dd92dc9b68843d56a64f846
|
|
be redirected to /dev/null; ok djm@
OpenBSD-Commit-ID: 97dfce4c47ed4055042de8ebde85b7d88793e595
|
|
in the client for KEX, ciphers and MACs. The ciphers and MACs were identical
between the client and server, but the error accidentially disabled the
diffie-hellman-group-exchange-sha1 KEX method.
This fixes the client code to use the correct method list, but
because nobody complained, it also disables the
diffie-hellman-group-exchange-sha1 KEX method.
Reported by nuxi AT vault24.org via bz#2697; ok dtucker
OpenBSD-Commit-ID: e30c33a23c10fd536fefa120e86af1842e33fd57
|
|
The previous revert enabled case-insensitive user names again. This
patch implements the case-insensitive user and group name matching.
To allow Unicode chars, implement the matcher using wchar_t chars in
Cygwin-specific code. Keep the generic code changes as small as possible.
Cygwin: implement case-insensitive Unicode user and group name matching
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
|
|
|
|
This reverts commit acc9b29486dfd649dfda474e5c1a03b317449f1c.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
|
|
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
|
|
setup error path with user's privileged. This is a no-op as this code always
runs with user privilege now that we no longer support running sshd with
privilege separation disabled, but as long as the privsep skeleton is there
we should follow the rules.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
bz#2969 with patch from Erik Sjölund
OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846
|
|
description in ssh.1; issue pointed out by andreas kahari
ok dtucker djm
OpenBSD-Commit-ID: 1b01ef0ae2c6328165150badae317ec92e52b01c
|
|
public key from the agent was being attempted for use.
OpenBSD-Commit-ID: 07116aea521a04888718b2157f1ca723b2f46c8d
|
|
authmethod. Move function-static GSSAPI state to the client Authctxt
structure. Make static a bunch of functions that aren't used outside this
file.
Based on patch from Markus Schmidt <markus@blueflash.cc>; ok markus@
OpenBSD-Commit-ID: 497fb792c0ddb4f1ba631b6eed526861f115dbe5
|
|
interactive, so it can ask for the smartcards PIN. ok markus@
OpenBSD-Commit-ID: 1be7ccf88f1876e0fc4d7c9b3f96019ac5655bab
|
|
match what the client requested, be prepared to handle shell-style brace
alternations, e.g. "{foo,bar}".
"looks good to me" millert@ + in snaps for the last week courtesy
deraadt@
OpenBSD-Commit-ID: 3b1ce7639b0b25b2248e3a30f561a548f6815f3e
|
|
command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@
OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8
|
|
PAM typically specifies the user environment if it's enabled, so don't
second guess. bz#2937; ok dtucker@
|
|
Avoids sending SIGPIPE to child processes after their parent exits
if they attempt to write to stderr.
Analysis and patch from JD Paul; patch reworked by Jakub Jelen and
myself. bz#2071; ok dtucker@
|
|
API. This code is not normally reachable since USE_PIPES is always defined.
bz#2961, patch from adrian.fita at gmail com.
OpenBSD-Commit-ID: 8d8428d678d1d5eb4bb21921df34e8173e6d238a
|
|
login to a token requiring a PIN; reported by benno@ fix mostly by markus@
OpenBSD-Commit-ID: 438d0b114b1b4ba25a9869733db1921209aa9a31
|
|
from samy.mahmoudi at gmail com.
OpenBSD-Commit-ID: 16aede33dae299725a03abdac5dcb4d73f5d0cbf
|
|
subsequent attempts, preventing them from having no timeout. bz#2918, ok
djm@
OpenBSD-Commit-ID: 4977f1d0521d9b6bba0c9a20d3d226cefac48292
|
|
confirmed by Daniel J. Bernstein
OpenBSD-Commit-ID: b4621f22b8b8ef13e063c852af5e54dbbfa413c1
|
|
OpenBSD-Commit-ID: a7ae14d9436c64e1bd05022329187ea3a0ce1899
|
|
OpenBSD-Regress-ID: 1e5d908a286d8e7de3a15a0020c8857f3a7c9172
|
|
OpenBSD-Regress-ID: 3d86c3d4867e46b35af3fd2ac8c96df0ffdcfeb9
|
|
certificate test.
OpenBSD-Regress-ID: 388c1e03e1def539d350f139b37d69f12334668d
|
|
are only two.
OpenBSD-Regress-ID: 0998702c41235782cf0beee396ec49b5056eaed9
|
|
The sshd_config tweaks were executed even if the old file was
still in place. Fix that. Also disable sshd user creation.
It's not used on Cygwin.
|
|
Microsoft hijacked the sshd service name without asking.
|
|
test.
OpenBSD-Regress-ID: 72f72ff49946c61bc949e1692dd9e3d71370891b
|
|
remote->local directory copies satisfy the wildcard specified by the user.
This checking provides some protection against a malicious server
sending unexpected filenames, but it comes at a risk of rejecting wanted
files due to differences between client and server wildcard expansion rules.
For this reason, this also adds a new -T flag to disable the check.
reported by Harry Sintonen
fix approach suggested by markus@;
has been in snaps for ~1wk courtesy deraadt@
OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda
|
|
finds no keys. bz#2903
OpenBSD-Commit-ID: 89f1081fb81d950ebb48e6e73d21807b2723d488
|
|
when accepting an unknown host key. This allows you to paste a fingerprint
obtained out of band into the yes/no prompt and have the client do the
comparison for you. ok markus@ djm@
OpenBSD-Commit-ID: 3c47d10b9f43d3d345e044fd9ec09709583a2767
|
|
end of each transfer. Fixes the problem recently introduces where very quick
transfers do not display the progressmeter at all. Spotted by naddy@
OpenBSD-Commit-ID: 68dc46c259e8fdd4f5db3ec2a130f8e4590a7a9a
|
|
in OpenBSD (they are the same value) but makes things easier in -portable
where they may be distinct values. "sigh ok" deraadt@
(ID sync only, portable already had this change).
OpenBSD-Commit-ID: 91f2bc7c0ecec905915ed59fa37feb9cc90e17d7
|
|
*ONLY IF* there's a delimiter. If there's not (the common case) it checked
uninitialized memory, which usually passed, but if not would cause spurious
failures when the uninitialized memory happens to contain "/". ok deraadt.
OpenBSD-Commit-ID: 4291611eaf2a53d4c92f4a57c7f267c9f944e0d3
|
|
host/port was added in 2001 as an alternative to host:port syntax for
the benefit of IPv6 users. These days there are establised standards
for this like [::1]:22 and the slash syntax is easily mistaken for CIDR
notation, which OpenSSH now supports for some things. Remove the slash
notation from ListenAddress and PermitOpen. bz#2335, patch from jjelen
at redhat.com, ok markus@
OpenBSD-Commit-ID: fae5f4e23c51a368d6b2d98376069ac2b10ad4b7
|
