summaryrefslogtreecommitdiff
path: root/monitor.c
AgeCommit message (Collapse)Author
2018-02-07upstream committb@openbsd.org
Add a couple of non-negativity checks to avoid close(-1). ok djm OpenBSD-Commit-ID: 4701ce0b37161c891c838d0931305f1d37a50880
2018-01-23upstream commitdjm@openbsd.org
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2017-12-21upstream commitdjm@openbsd.org
revert stricter key type / signature type checking in userauth path; too much software generates inconsistent messages, so we need a better plan. OpenBSD-Commit-ID: 4a44ddc991c803c4ecc8f1ad40e0ab4d22e1c519
2017-12-19upstream commitdjm@openbsd.org
pass negotiated signing algorithm though to sshkey_verify() and check that the negotiated algorithm matches the type in the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@ OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-10-20upstream commitdjm@openbsd.org
replace statically-sized arrays in ServerOptions with dynamic ones managed by xrecallocarray, removing some arbitrary (though large) limits and saving a bit of memory; "much nicer" markus@ Upstream-ID: 1732720b2f478fe929d6687ac7b0a97ff2efe9d2
2017-10-03upstream commitdjm@openbsd.org
Fix PermitOpen crash; spotted by benno@, ok dtucker@ deraadt@ Upstream-ID: c2cc84ffac070d2e1ff76182c70ca230a387983c
2017-09-12upstream commitdjm@openbsd.org
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
2017-06-24upstream commitdjm@openbsd.org
refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@ Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
2017-06-01upstream commitmarkus@openbsd.org
use SO_ZEROIZE for privsep communication (if available) Upstream-ID: abcbb6d2f8039fc4367a6a78096e5d5c39de4a62
2017-06-01upstream commitmarkus@openbsd.org
clear session keys from memory; ok djm@ Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
2017-05-31upstream commitmarkus@openbsd.org
switch auth2-pubkey.c to modern APIs; with & ok djm@ Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
2017-05-31upstream commitmarkus@openbsd.org
switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
2017-02-04upstream commitdjm@openbsd.org
use ssh_packet_set_log_preamble() to include connection username in packet log messages, e.g. Connection closed by invalid user foo 10.1.1.1 port 44056 [preauth] ok markus@ bz#113 Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15
2016-09-29upstream commitdjm@openbsd.org
Remove support for pre-authentication compression. Doing compression early in the protocol probably seemed reasonable in the 1990s, but today it's clearly a bad idea in terms of both cryptography (cf. multiple compression oracle attacks in TLS) and attack surface. Moreover, to support it across privilege-separation zlib needed the assistance of a complex shared-memory manager that made the required attack surface considerably larger. Prompted by Guido Vranken pointing out a compiler-elided security check in the shared memory manager found by Stack (http://css.csail.mit.edu/stack/); ok deraadt@ markus@ NB. pre-auth authentication has been disabled by default in sshd for >10 years. Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
2016-09-12upstream commitdjm@openbsd.org
enforce expected request flow for GSSAPI calls; thanks to Jakub Jelen for testing; ok markus@ Upstream-ID: d4bc0e70e1be403735d3d9d7e176309b1fd626b9
2016-08-31tighten PAM monitor callsDamien Miller
only allow kbd-interactive ones when that authentication method is enabled. Prompted by Solar Designer
2016-08-31upstream commitdjm@openbsd.org
restrict monitor auth calls to be allowed only when their respective authentication methods are enabled in the configuration. prompted by Solar Designer; ok markus dtucker Upstream-ID: 6eb3f89332b3546d41d6dbf5a8e6ff920142b553
2016-08-29Tighten monitor state-machine flow for PAM callsDamien Miller
(attack surface reduction)
2016-08-23upstream commitdjm@openbsd.org
remove UseLogin option and support for having /bin/login manage login sessions; ok deraadt markus dtucker Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712
2016-08-14upstream commitmarkus@openbsd.org
remove ssh1 server code; ok djm@ Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
2016-07-22upstream commitdjm@openbsd.org
move debug("%p", key) to before key is free'd; probable undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
2016-07-18Handle PAM_MAXTRIES from modules.Darren Tucker
bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer password and keyboard-interative authentication methods. Should prevent "sshd ignoring max retries" warnings in the log. ok djm@ It probably won't trigger with keyboard-interactive in the default configuration because the retry counter is stored in module-private storage which goes away with the sshd PAM process (see bz#688). On the other hand, those cases probably won't log a warning either.
2016-05-02upstream commitdjm@openbsd.org
add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
2016-05-02upstream commitdjm@openbsd.org
fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
2016-03-08upstream commitdjm@openbsd.org
refactor canohost.c: move functions that cache results closer to the places that use them (authn and session code). After this, no state is cached in canohost.c feedback and ok markus@ Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e
2016-02-16upstream commitdjm@openbsd.org
memleak of algorithm name in mm_answer_sign; reported by Jakub Jelen Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
2016-01-27upstream commitmarkus@openbsd.org
remove roaming support; ok djm@ Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
2015-12-07upstream commitmarkus@openbsd.org
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-11-20fix multiple authentication using S/Key w/ privsepDamien Miller
bz#2502, patch from Kevin Korb and feandil_
2015-10-25upstream commitmmcc@openbsd.org
Compare pointers to NULL rather than 0. ok djm@ Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8
2015-09-04upstream commitdjm@openbsd.org
don't record hostbased authentication hostkeys as user keys in test for multiple authentication with the same key Upstream-ID: 26b368fa2cff481f47f37e01b8da1ae5b57b1adc
2015-09-03upstream commitjsg@openbsd.org
Fix occurrences of "r = func() != 0" which result in the wrong error codes being returned due to != having higher precedence than =. ok deraadt@ markus@ Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
2015-08-22upstream commitderaadt@openbsd.org
Improve size == 0, count == 0 checking in mm_zalloc, which is "array" like. Discussed with tedu, millert, otto.... and ok djm Upstream-ID: 899b021be43b913fad3eca1aef44efe710c53e29
2015-08-11set sshpam_ctxt to NULL after freeDamien Miller
Avoids use-after-free in monitor when privsep child is compromised. Reported by Moritz Jodeit; ok dtucker@
2015-08-11Don't resend username to PAM; it already has it.Damien Miller
Pointed out by Moritz Jodeit; ok dtucker@
2015-06-23upstream commitdjm@openbsd.org
Don't count successful partial authentication as failures in monitor; this may have caused the monitor to refuse multiple authentications that would otherwise have successfully completed; ok markus@ Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3
2015-05-10upstream commitdjm@openbsd.org
prevent authorized_keys options picked up on public key tests without a corresponding private key authentication being applied to other authentication methods. Reported by halex@, ok markus@
2015-05-10upstream commitdjm@openbsd.org
Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
2015-04-29upstream commitdjm@openbsd.org
fix compilation with OPENSSL=no; ok dtucker@
2015-04-29upstream commitdjm@openbsd.org
don't call record_login() in monitor when UseLogin is enabled; bz#278 reported by drk AT sgi.com; ok dtucker
2015-02-24don't include stdint.h unless HAVE_STDINT_H setDamien Miller
2015-02-23Repair for non-ECC OpenSSL.Darren Tucker
Ifdef out the ECC parts when building with an OpenSSL that doesn't have it.
2015-02-21upstream commitdjm@openbsd.org
UpdateHostKeys fixes: I accidentally changed the format of the hostkeys@openssh.com messages last week without changing the extension name, and this has been causing connection failures for people who are running -current. First reported by sthen@ s/hostkeys@openssh.com/hostkeys-00@openssh.com/ Change the name of the proof message too, and reorder it a little. Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY available to read the response) so disable UpdateHostKeys if it is in ask mode and ControlPersist is active (and document this)
2015-02-18repair --without-openssl; broken in refactorDamien Miller
2015-02-17upstream commitdjm@openbsd.org
Revise hostkeys@openssh.com hostkey learning extension. The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@
2015-02-17upstream commitmarkus@openbsd.org
make rekey_limit for sshd w/privsep work; ok djm@ dtucker@
2015-02-09upstream commitmillert@openbsd.org
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
2015-01-26upstream commitderaadt@openbsd.org
Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
2015-01-20upstream commitmarkus@openbsd.org
adapt kex to sshbuf and struct ssh; ok djm@
2015-01-20upstream commitmarkus@openbsd.org
update packet.c & isolate, introduce struct ssh a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@