summaryrefslogtreecommitdiff
path: root/gss-genr.c
AgeCommit message (Collapse)Author
2018-08-24GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2018-08-24 Patch-Name: gssapi.patch
2018-07-10upstream: kerberos/gssapi fixes for buffer removaldjm@openbsd.org
OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c
2018-07-10upstream: sshd: switch GSSAPI to sshbuf API; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: e48449ab4be3f006f7ba33c66241b7d652973e30
2016-09-12upstream commitderaadt@openbsd.org
Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then use those definitions rather than pulling <sys/param.h> and unknown namespace pollution. ok djm markus dtucker Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
2015-05-22Include signal.h for sig_atomic_t, used by kex.h.Darren Tucker
bz#2402, from tomas.kuthan at oracle com.
2015-01-26upstream commitderaadt@openbsd.org
Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
2013-11-08 - djm@cvs.openbsd.org 2013/11/08 00:39:15Damien Miller
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] [sftp-client.c sftp-glob.c] use calloc for all structure allocations; from markus@
2013-06-02 - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
2009-06-22 - dtucker@cvs.openbsd.org 2009/06/22 05:39:28Darren Tucker
[monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c] alphabetize includes; reduces diff vs portable and style(9). ok stevesk djm (Id sync only; these were already in order in -portable)
2007-06-12 - dtucker@cvs.openbsd.org 2007/06/12 11:56:15Darren Tucker
[gss-genr.c] Pass GSS OID to gss_display_status to provide better information in error messages. Patch from Simon Wilkinson via bz 1220. ok djm@
2007-06-12 - djm@cvs.openbsd.org 2007/06/12 08:20:00Darren Tucker
[ssh-gss.h gss-serv.c gss-genr.c] relocate server-only GSSAPI code from libssh to server; bz #1225 patch from simon AT sxw.org.uk; ok markus@ dtucker@
2006-08-30 - dtucker@cvs.openbsd.org 2006/08/29 12:02:30Damien Miller
[gss-genr.c] Work around a problem in Heimdal that occurs when KRB5CCNAME file is missing, by checking whether or not kerberos allocated us a context before attempting to free it. Patch from Simon Wilkinson, tested by biorn@, ok djm@
2006-08-19 - (djm) OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2006/08/18 22:41:29 [gss-genr.c] GSSAPI error code should be 0 and not -1; from simon@sxw.org.uk
2006-08-19 - djm@cvs.openbsd.org 2006/08/18 14:40:34Damien Miller
[gss-genr.c ssh-gss.h] constify host argument to match the rest of the GSSAPI functions and unbreak compilation with -Werror
2006-08-19 - djm@cvs.openbsd.org 2006/08/18 13:54:54Damien Miller
[gss-genr.c ssh-gss.h sshconnect2.c] bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.uk ok markus@
2006-08-05 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42Damien Miller
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c] [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ] [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c] [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c] [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c] [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c] [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c] [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c] [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h] [serverloop.c session.c session.h sftp-client.c sftp-common.c] [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c] [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c] [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c] [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h] [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h] almost entirely get rid of the culture of ".h files that include .h files" ok djm, sort of ok stevesk makes the pain stop in one easy step NB. portable commit contains everything *except* removing includes.h, as that will take a fair bit more work as we move headers that are required for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 - stevesk@cvs.openbsd.org 2006/07/26 02:35:17Damien Miller
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c] [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c] [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c] [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c] [uidswap.c xmalloc.c] move #include <sys/param.h> out of includes.h
2006-07-24 - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]Damien Miller
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c] [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c] [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c] [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c] [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c] [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c] [openbsd-compat/mktemp.c openbsd-compat/port-linux.c] [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c] [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c] make the portable tree compile again - sprinkle unistd.h and string.h back in. Don't redefine __unused, as it turned out to be used in headers on Linux, and replace its use in auth-pam.c with ARGSUSED
2006-07-24 - stevesk@cvs.openbsd.org 2006/07/22 20:48:23Damien Miller
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c] [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c] [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c] [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c] [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c] [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c] [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c] [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c] [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c] [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c] move #include <string.h> out of includes.h
2006-04-23 - djm@cvs.openbsd.org 2006/04/03 07:10:38Damien Miller
[gss-genr.c] GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066 by dleonard AT vintela.com. use xasprintf() to simplify code while in there; "looks right" deraadt@
2006-03-26 - djm@cvs.openbsd.org 2006/03/25 22:22:43Damien Miller
[atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h] [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h] [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h] [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c] [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h] [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h] [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h] [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h] [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h] [ttymodes.h uidswap.h uuencode.h xmalloc.h] standardise spacing in $OpenBSD$ tags; requested by deraadt@
2006-03-26 - djm@cvs.openbsd.org 2006/03/25 00:05:41Damien Miller
[auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c] [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c] [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c] [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c] [xmalloc.c xmalloc.h] introduce xcalloc() and xasprintf() failure-checked allocations functions and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@
2006-03-26 - djm@cvs.openbsd.org 2006/03/20 04:07:49Damien Miller
[gss-genr.c] more GSSAPI related leaks detected by Coverity via elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok
2005-11-05 - stevesk@cvs.openbsd.org 2005/10/13 22:24:31Damien Miller
[auth2-gss.c gss-genr.c gss-serv.c monitor.c] KNF; ok djm@
2005-11-05 - stevesk@cvs.openbsd.org 2005/10/13 14:03:01Damien Miller
[auth2-gss.c gss-genr.c gss-serv.c] remove unneeded #includes; ok markus@
2005-07-17 - djm@cvs.openbsd.org 2005/07/17 07:17:55Damien Miller
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c] [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c] [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c] [sshconnect.c sshconnect2.c] knf says that a 2nd level indent is four (not three or five) spaces
2003-11-21more whitespace (tabs this time)Damien Miller
2003-11-21 - djm@cvs.openbsd.org 2003/11/21 11:57:03Damien Miller
[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)
2003-11-17 - markus@cvs.openbsd.org 2003/11/17 11:06:07Damien Miller
[auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h sshconnect2.c ssh-gss.h] replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson; test + ok jakob.
2003-08-26 - markus@cvs.openbsd.org 2003/08/22 10:56:09Darren Tucker
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c session.h ssh-gss.h ssh_config.5 sshconnect2.c sshd_config sshd_config.5] support GSS API user authentication; patches from Simon Wilkinson, stripped down and tested by Jakob and myself.