summaryrefslogtreecommitdiff
path: root/openbsd-compat
AgeCommit message (Collapse)Author
2017-10-04Don't check the status field of the OpenSSL versionKurt Roeckx
There is no reason to check the version of OpenSSL (in Debian). If it's not compatible the soname will change. OpenSSH seems to want to do a check for the soname based on the version number, but wants to keep the status of the release the same. Remove that check on the status since it doesn't tell you anything about how compatible that version is. Author: Colin Watson <cjwatson@debian.org> Bug-Debian: https://bugs.debian.org/93581 Bug-Debian: https://bugs.debian.org/664383 Bug-Debian: https://bugs.debian.org/732940 Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: no-openssl-version-status.patch
2017-10-04Force use of DNSSEC even if "options edns0" isn't in resolv.confColin Watson
This allows SSHFP DNS records to be verified if glibc 2.11 is installed. Origin: vendor, https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.2p1-edns.patch?revision=1.1&view=markup Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Last-Update: 2010-04-06 Patch-Name: dnssec-sshfp.patch
2017-10-04Handle SELinux authorisation rolesManoj Srivastava
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2017-10-04 Patch-Name: selinux-role.patch
2017-09-27Check for and handle calloc(p, 0) = NULL.Darren Tucker
On some platforms (AIX, maybe others) allocating zero bytes of memory via the various *alloc functions returns NULL, which is permitted by the standards. Autoconf has some macros for detecting this (with the exception of calloc for some reason) so use these and if necessary activate shims for them. ok djm@
2017-09-25Add minimal strsignal for platforms without it.Darren Tucker
2017-09-19add freezero(3) replacementDamien Miller
ok dtucker@
2017-09-12adapt portable to channels API changesDamien Miller
2017-08-27Add missing includes for bsd-err.c.Darren Tucker
Patch from cjwatson at debian.org via bz#2767.
2017-07-28fix problems in tunnel forwarding portability codeDamien Miller
This fixes a few problems in the tun forwarding code, mostly to do with host/network byte order confusion. Based on a report and patch by stepe AT centaurus.uberspace.de; bz#2735; ok dtucker@
2017-07-14make explicit_bzero/memset safe for sz=0Damien Miller
2017-06-09Wrap stdint.h include in #ifdef.Darren Tucker
2017-06-01avoid compiler warningDamien Miller
2017-06-01add recallocarray replacement and dependencyDamien Miller
recallocarray() needs getpagesize() so add a tiny replacement for that.
2017-03-29Import fmt_scaled.c rev 1.16 from OpenBSD.Darren Tucker
Fix overly-conservative overflow checks on mulitplications and add checks on additions. This allows scan_scaled to work up to +/-LLONG_MAX (LLONG_MIN will still be flagged as a range error). ok millert@
2017-03-29Import fmt_scaled.c rev 1.15 from OpenBSD.Darren Tucker
Collapse underflow and overflow checks into a single block. ok djm@ millert@
2017-03-29Import fmt_scaled.c rev 1.14 from OpenBSD.Darren Tucker
Catch integer underflow in scan_scaled reported by Nicolas Iooss. ok deraadt@ djm@
2017-03-20Add llabs() implementation.Darren Tucker
2017-03-12sync fmt_scaled.c with OpenBSDDamien Miller
revision 1.13 date: 2017/03/11 23:37:23; author: djm; state: Exp; lines: +14 -1; commitid: jnFKyHkB3CEiEZ2R; fix signed integer overflow in scan_scaled. Found by Nicolas Iooss using AFL against ssh_config. ok deraadt@ millert@ ---------------------------- revision 1.12 date: 2013/11/29 19:00:51; author: deraadt; state: Exp; lines: +6 -5; fairly simple unsigned char casts for ctype ok krw ---------------------------- revision 1.11 date: 2012/11/12 14:07:20; author: halex; state: Exp; lines: +4 -2; make scan_scaled set errno to EINVAL rather than ERANGE if it encounters an invalid multiplier, like the man page says it should "looks sensible" deraadt@, ok ian@ ---------------------------- revision 1.10 date: 2009/06/20 15:00:04; author: martynas; state: Exp; lines: +4 -4; use llabs instead of the home-grown version; and some comment changes ok ian@, millert@ ----------------------------
2016-12-13Remove commented-out includes.Darren Tucker
These commented-out includes have "Still needed?" comments. Since they've been commented out for ~13 years I assert that they're not.
2016-12-13Add prototype for strcasestr in compat library.Darren Tucker
2016-12-13Add strcasestr to compat library.Darren Tucker
Fixes build on (at least) Solaris 10.
2016-10-28Move OPENSSL_NO_RIPEMD160 to compat.Darren Tucker
Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the ripemd160 MACs.
2016-10-26Use !=NULL instead of >0 for getdefaultproj.Darren Tucker
getdefaultproj() returns a pointer so test it for NULL inequality instead of >0. Fixes compiler warning and is more correct. Patch from David Binderman.
2016-10-19Import readpassphrase.c rev 1.26.Darren Tucker
Author: miller@openbsd.org: Avoid generate SIGTTOU when restoring the terminal mode. If we get SIGTTOU it means the process is not in the foreground process group which, in most cases, means that the shell has taken control of the tty. Requiring the user the fg the process in this case doesn't make sense and can result in both SIGTSTP and SIGTTOU being sent which can lead to the process being suspended again immediately after being brought into the foreground.
2016-10-19Import readpassphrase.c rev 1.25.Darren Tucker
Wrap <readpassphrase.h> so internal calls go direct and readpassphrase is weak. (DEF_WEAK is a no-op in portable.)
2016-10-15Move DEF_WEAK into defines.h.Darren Tucker
As well pull in more recent changes from OpenBSD these will start to arrive so put it where the definition is shared.
2016-10-13Import rev 1.24 from OpenBSD.Darren Tucker
revision 1.24 date: 2013/11/24 23:51:29; author: deraadt; state: Exp; lines: +4 -4; most obvious unsigned char casts for ctype ok jca krw ingo
2016-10-13Import rev 1.23 from OpenBSD. Fixes bz#2619.Darren Tucker
revision 1.23 date: 2010/05/14 13:30:34; author: millert; state: Exp; lines: +41 -39; Defer installing signal handlers until echo is disabled so that we get suspended normally when not the foreground process. Fix potential infinite loop when restoring terminal settings if process is in the background when restore occurs. OK miod@
2016-10-13If we don't have TCSASOFT, define it to zero.Darren Tucker
This makes it a no-op when we use it below, which allows us to re-sync those lines with the upstream and make future updates easier.
2016-09-29Remove portability support for mmapDamien Miller
We no longer need to wrap/replace mmap for portability now that pre-auth compression has been removed from OpenSSH.
2016-08-17Remove obsolete CVS $Id from source files.Darren Tucker
Since -portable switched to git the CVS $Id tags are no longer being updated and are becoming increasingly misleading. Remove them.
2016-08-16fix false positives when compiled with msanDamien Miller
Our explicit_bzero successfully confused clang -fsanitize-memory in to thinking that memset is never called to initialise memory. Ensure that it is called in a way that the compiler recognises.
2016-08-02Replace spaces with tabs.Darren Tucker
Mechanically replace spaces with tabs in compat files not synced with OpenBSD.
2016-08-02Strip trailing whitespace.Darren Tucker
Mechanically strip trailing whitespace on files not synced with OpenBSD (or in the case of bsd-snprint.c, rsync).
2016-08-02Repair $OpenBSD markers.Darren Tucker
2016-08-02Repair $OpenBSD marker.Darren Tucker
2016-07-21Search users for one with a valid salt.Darren Tucker
If the root account is locked (eg password "!!" or "*LK*") keep looking until we find a user with a valid salt to use for crypting passwords of invalid users. ok djm@
2016-07-15cast to avoid type warning in error messageDamien Miller
2016-07-15Move VA_COPY macro into compat header.Darren Tucker
Some AIX compilers unconditionally undefine va_copy but don't set it back to an internal function, causing link errors. In some compat code we already use VA_COPY instead so move the two existing instances into the shared header and use for sshbuf-getput-basic.c too. Should fix building with at lease some versions of AIX's compiler. bz#2589, ok djm@
2016-07-15Determine appropriate salt for invalid users.Darren Tucker
When sshd is processing a non-PAM login for a non-existent user it uses the string from the fakepw structure as the salt for crypt(3)ing the password supplied by the client. That string has a Blowfish prefix, so on systems that don't understand that crypt will fail fast due to an invalid salt, and even on those that do it may have significantly different timing from the hash methods used for real accounts (eg sha512). This allows user enumeration by, eg, sending large password strings. This was noted by EddieEzra.Harari at verint.com (CVE-2016-6210). To mitigate, use the same hash algorithm that root uses for hashing passwords for users that do not exist on the system. ok djm@
2016-07-14Add compat code for missing wcwidth.Darren Tucker
If we don't have wcwidth force fallback implementations of nl_langinfo and mbtowc. Based on advice from Ingo Schwarze.
2016-07-13Move err.h replacements into compat lib.Darren Tucker
Move implementations of err.h replacement functions into their own file in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@
2016-06-14Remove now-defunct .cvsignore files. ok djmDarren Tucker
2016-06-03Update vis.h and vis.c from OpenBSD.Darren Tucker
This will be needed for the upcoming utf8 changes.
2016-05-31whitespace at EOLDamien Miller
2016-05-10initialise salen in binresvport_saDamien Miller
avoids failures with UsePrivilegedPort=yes patch from Juan Gallego
2016-03-11Include priv.h for priv_set_t.Darren Tucker
From alex at cooperi.net.
2016-02-19Make Solaris privs code build on older systems.Darren Tucker
Not all systems with Solaris privs have priv_basicset so factor that out and provide backward compatibility code. Similarly, not all have PRIV_NET_ACCESS so wrap that in #ifdef. Based on code from alex at cooperi.net and djm@ with help from carson at taltos.org and wieland at purdue.edu.
2016-02-17Rollback addition of va_start.Darren Tucker
va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however it has the wrong number of args and it's not usable in non-variadic functions anyway so it breaks things (for example Solaris 2.6 as reported by Tom G. Christensen).i ok djm@
2016-01-08Support Illumos/Solaris fine-grained privilegesDamien Miller
Includes a pre-auth privsep sandbox and several pledge() emulations. bz#2511, patch by Alex Wilson. ok dtucker@