summaryrefslogtreecommitdiff
path: root/session.c
AgeCommit message (Collapse)Author
2021-03-13Restore wildcard semanticsAndrew Cady
We now ignore the wildcard if we have another matching key -- even if the wildcard entry comes first in authorized_keys. This is how it worked before the forward port.
2021-03-13variable renames, store key typeAndrew Cady
2021-03-13Added wildcard authorization for authorized_keys.joe
2020-10-18Handle SELinux authorisation rolesManoj Srivastava
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2020-10-18 Patch-Name: selinux-role.patch
2020-10-18GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Author: Simon Wilkinson <simon@sxw.org.uk> Author: Colin Watson <cjwatson@debian.org> Author: Jakub Jelen <jjelen@redhat.com> Origin: other, https://github.com/openssh-gsskex/openssh-gsskex/commits/debian/master Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2020-06-07 Patch-Name: gssapi.patch
2020-07-15Adjust portable code to match changes in 939d787d,Darren Tucker
2020-07-15upstream: correct recently broken commentsderaadt@openbsd.org
OpenBSD-Commit-ID: 964d9a88f7de1d0eedd3f8070b43fb6e426351f1
2020-07-15upstream: some language improvements; ok markusdjm@openbsd.org
OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
2020-07-03upstream: avoid tilde_expand_filename() in expanding ~/.ssh/rc - ifdjm@openbsd.org
sshd is in chroot mode, the likely absence of a password database will cause tilde_expand_filename() to fatal; ok dtucker@ OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
2020-07-03upstream: when redirecting sshd's log output to a file, undo thisdjm@openbsd.org
redirection after the session child process is forked(); ok dtucker@ OpenBSD-Commit-ID: 6df86dd653c91f5bc8ac1916e7680d9d24690865
2020-06-26upstream: Expand path to ~/.ssh/rc rather than relying on itdtucker@openbsd.org
being relative to the current directory, so that it'll still be found if the shell startup changes its directory. Since the path is potentially longer, make the cmd buffer that uses it dynamically sized. bz#3185, with & ok djm@ OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
2020-03-14upstream: spelling errors in comments; no code change fromdjm@openbsd.org
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
2020-01-23upstream: Replace all calls to signal(2) with a wrapper arounddtucker@openbsd.org
sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
2020-01-21Wrap copy_environment_blacklist() in #ifdefDamien Miller
It's only needed for USE_PAM or HAVE_CYGWIN cases and will cause compiler warnings otherwise.
2020-01-21Fix missing prototype warning for copy_environmentRuben Kerkhof
This function is only used in this file, and only on Cygwin, so make it static and hide it behind HAVE_CYGWIN. Prevents missing prototype warning.
2019-11-15upstream: stdarg.h required more broadly; ok djmderaadt@openbsd.org
OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
2019-07-05upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org
some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-04-04session: Do not use removed APIDamien Miller
from Jakub Jelen
2019-02-22upstream: perform removal of agent-forwarding directory in forwarddjm@openbsd.org
setup error path with user's privileged. This is a no-op as this code always runs with user privilege now that we no longer support running sshd with privilege separation disabled, but as long as the privsep skeleton is there we should follow the rules. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit bz#2969 with patch from Erik Sjölund OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846
2019-02-10upstream: syslog when connection is dropped for attempting to run adjm@openbsd.org
command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@ OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8
2019-02-08don't set $MAIL if UsePam=yesDamien Miller
PAM typically specifies the user environment if it's enabled, so don't second guess. bz#2937; ok dtucker@
2019-02-08upstream: Adapt code in the non-USE_PIPES codepath to the new packetdtucker@openbsd.org
API. This code is not normally reachable since USE_PIPES is always defined. bz#2961, patch from adrian.fita at gmail com. OpenBSD-Commit-ID: 8d8428d678d1d5eb4bb21921df34e8173e6d238a
2019-01-20last bits of old packet API / active_state globalDamien Miller
2019-01-20upstream: convert session.c to new packet APIdjm@openbsd.org
with & ok markus@ OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e
2019-01-20upstream: convert auth.c to new packet APIdjm@openbsd.org
with & ok markus@ OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
2019-01-20upstream: begin landing remaining refactoring of packet parsingdjm@openbsd.org
API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2019-01-17upstream: tun_fwd_ifnames variable should bdjm@openbsd.org
=?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: d53dede6e521161bf04d39d09947db6253a38271
2018-12-14expose $SSH_CONNECTION in the PAM environmentDamien Miller
This makes the connection 4-tuple available to PAM modules that wish to use it in decision-making. bz#2741
2018-11-16upstream: use path_absolute() for pathname checks; from Manoj Ampalamdjm@openbsd.org
OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925
2018-10-04upstream: include a little more information about the status anddjm@openbsd.org
disposition of channel's extended (stderr) fd; makes debugging some things a bit easier. No behaviour change. OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce
2018-10-02only support SIGINFO on systems with SIGINFODamien Miller
2018-10-02upstream: Add server support for signalling sessions via the SSHdjm@openbsd.org
channel/ session protocol. Signalling is only supported to sesssions that are not subsystems and were not started with a forced command. Long requested in bz#1424 Based on a patch from markus@ and reworked by dtucker@; ok markus@ dtucker@ OpenBSD-Commit-ID: 4bea826f575862eaac569c4bedd1056a268be1c3
2018-07-26upstream: fix indent; Clemens Goessnitzerderaadt@openbsd.org
OpenBSD-Commit-ID: b5149a6d92b264d35f879d24608087b254857a83
2018-07-12upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-10Adapt portable to legacy buffer API removalDamien Miller
2018-07-10upstream: sshd: switch loginmsg to sshbuf API; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
2018-07-10upstream: ttymodes: switch to sshbuf API; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 5df340c5965e822c9da21e19579d08dea3cbe429
2018-07-05Fix other callers of read_environment_file.Darren Tucker
read_environment_file recently gained an extra argument Some platform specific code also calls it so add the argument to those too. Fixes build on Solaris and AIX.
2018-07-03upstream: allow sshd_config PermitUserEnvironment to accept adjm@openbsd.org
pattern-list of whitelisted environment variable names in addition to yes|no. bz#1800, feedback and ok markus@ OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
2018-06-09upstream: add a SetEnv directive for sshd_config to allow andjm@openbsd.org
administrator to explicitly specify environment variables set in sessions started by sshd. These override the default environment and any variables set by user configuration (PermitUserEnvironment, etc), but not the SSH_* variables set by sshd itself. ok markus@ OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0
2018-06-09upstream: reorder child environment preparation so that variablesdjm@openbsd.org
read from ~/.ssh/environment (if enabled) do not override SSH_* variables set by the server. OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
2018-06-07upstream: switch config file parsing to getline(3) as this avoidsmarkus@openbsd.org
static limits noted by gerhard@; ok dtucker@, djm@ OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
2018-06-07upstream: permitlisten option for authorized_keys; ok markus@djm@openbsd.org
OpenBSD-Commit-ID: 8650883018d7aa893173d703379e4456a222c672
2018-06-07upstream: Add a PermitListen directive to control which server-sidedjm@openbsd.org
addresses may be listened on when the client requests remote forwarding (ssh -R). This is the converse of the existing PermitOpen directive and this includes some refactoring to share much of its implementation. feedback and ok markus@ OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
2018-06-01upstream: make UID available as a %-expansion everywhere that thedjm@openbsd.org
username is available currently. In the client this is via %i, in the server %U (since %i was already used in the client in some places for this, but used for something different in the server); bz#2870, ok dtucker@ OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
2018-03-03upstream: switch over to the new authorized_keys options API anddjm@openbsd.org
remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@ OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
2018-02-15Remove UNICOS support.Darren Tucker
The code required to support it is quite invasive to the mainline code that is synced with upstream and is an ongoing maintenance burden. Both the hardware and software are literal museum pieces these days and we could not find anyone still running OpenSSH on one.
2018-02-13Whitespace sync with upstream.Darren Tucker
2018-02-13Whitespace sync with upstream.Darren Tucker
2017-10-23upstream commitdjm@openbsd.org
Expose devices allocated for tun/tap forwarding. At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e