summaryrefslogtreecommitdiff
path: root/ssh.c
AgeCommit message (Collapse)Author
2019-01-20upstream: remove last references to active_statedjm@openbsd.org
with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
2019-01-20upstream: convert ssh.c to new packet APIdjm@openbsd.org
with & ok markus@ OpenBSD-Commit-ID: eb146878b24e85c2a09ee171afa6797c166a2e21
2019-01-20upstream: begin landing remaining refactoring of packet parsingdjm@openbsd.org
API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2018-12-27upstream: move client/server SSH-* banners to buffers underdjm@openbsd.org
ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
2018-11-23upstream: add a ssh_config "Match final" predicatedjm@openbsd.org
Matches in same pass as "Match canonical" but doesn't require hostname canonicalisation be enabled. bz#2906 ok markus OpenBSD-Commit-ID: fba1dfe9f6e0cabcd0e2b3be13f7a434199beffa
2018-11-23refactor libcrypto initialisationDamien Miller
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
2018-10-23upstream: refer to OpenSSL not SSLeay;djm@openbsd.org
we're old, but we don't have to act it OpenBSD-Commit-ID: 9ca38d11f8ed19e61a55108d1e892d696cee08ec
2018-10-03upstream: Allow ssh_config IdentityAgent directive to acceptdjm@openbsd.org
environment variable names as well as explicit paths. ok dtucker@ OpenBSD-Commit-ID: 2f0996e103876c53d8c9dd51dcce9889d700767b
2018-09-21upstream: Treat connections with ProxyJump specified the same as onesdjm@openbsd.org
with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't try to canonicalise the hostname unless CanonicalizeHostname is set to 'always'). Patch from Sven Wegener via bz#2896 OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37
2018-09-20upstream: fix "ssh -Q sig" to show correct signature algorithm listdjm@openbsd.org
(it was erroneously showing certificate algorithms); prompted by markus@ OpenBSD-Commit-ID: 1cdee002f2f0c21456979deeb887fc889afb154d
2018-09-12upstream: Add "ssh -Q sig" to allow listing supported signaturedjm@openbsd.org
algorithms ok markus@ OpenBSD-Commit-ID: 7a8c6eb6c249dc37823ba5081fce64876d10fe2b
2018-07-31upstream: Now that ssh can't be setuid, remove thedtucker@openbsd.org
original_real_uid and original_effective_uid globals and replace with calls to plain getuid(). ok djm@ OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c
2018-07-26upstream: Use the caller provided (copied) pwent struct inbeck@openbsd.org
load_public_identity_files instead of calling getpwuid() again and discarding the argument. This prevents a client crash where tilde_expand_filename calls getpwuid() again before the pwent pointer is used. Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@ OpenBSD-Commit-ID: a067d74b5b098763736c94cc1368de8ea3f0b157
2018-07-19upstream: Deprecate UsePrivilegedPort now that support for runningdtucker@openbsd.org
ssh(1) setuid has been removed, remove supporting code and clean up references to it in the man pages We have not shipped ssh(1) the setuid bit since 2002. If ayone really needs to make connections from a low port number this can be implemented via a small setuid ProxyCommand. ok markus@ jmc@ djm@ OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e
2018-07-19upstream: Remove support for running ssh(1) setuid and fatal ifdtucker@openbsd.org
attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@ OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
2018-07-19upstream: Slot 0 in the hostbased key array was previously RSA1,dtucker@openbsd.org
but that is now gone and the slot is unused so remove it. Remove two now-unused macros, and add an array bounds check to the two remaining ones (array is statically sized, so mostly a safety check on future changes). ok markus@ OpenBSD-Commit-ID: 2e4c0ca6cc1d8daeccead2aa56192a3f9d5e1e7a
2018-07-19upstream: Remove support for loading HostBasedAuthentication keysdtucker@openbsd.org
directly in ssh(1) and always use ssh-keysign. This removes one of the few remaining reasons why ssh(1) might be setuid. ok markus@ OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d
2018-07-16upstream: keep options.identity_file_userprovided array in sync when wedjm@openbsd.org
load keys, fixing some spurious error messages; ok markus OpenBSD-Commit-ID: c63e3d5200ee2cf9e35bda98de847302566c6a00
2018-07-12upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-10upstream: client: switch to sshbuf API; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
2018-06-09upstream: fix incorrect expansion of %i indjm@openbsd.org
load_public_identity_files(); reported by Roumen Petrov OpenBSD-Commit-ID: a827289e77149b5e0850d72a350c8b0300e7ef25
2018-06-07upstream: Add a PermitListen directive to control which server-sidedjm@openbsd.org
addresses may be listened on when the client requests remote forwarding (ssh -R). This is the converse of the existing PermitOpen directive and this includes some refactoring to share much of its implementation. feedback and ok markus@ OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
2018-06-01upstream: make UID available as a %-expansion everywhere that thedjm@openbsd.org
username is available currently. In the client this is via %i, in the server %U (since %i was already used in the client in some places for this, but used for something different in the server); bz#2870, ok dtucker@ OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
2018-06-01upstream: prefer argv0 to "ssh" when re-executing ssh for ProxyJumpdjm@openbsd.org
directive; bz2831, feedback and ok dtucker@ OpenBSD-Commit-ID: 3cec709a131499fbb0c1ea8a0a9e0b0915ce769e
2018-04-15upstream: don't free the %C expansion, it's used later fordjm@openbsd.org
LocalCommand OpenBSD-Commit-ID: 857b5cb37b2d856bfdfce61289a415257a487fb1
2018-04-10upstream: lots of typos in comments/docs. Patch from Karsten Weissdjm@openbsd.org
after checking with codespell tool (https://github.com/lucasdemarchi/codespell) OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
2018-02-26upstream: Add experimental support for PQC XMSS keys (Extendedmarkus@openbsd.org
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@ OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
2018-02-23upstream: Add BindInterface ssh_config directive and -Bdjm@openbsd.org
command-line argument to ssh(1) that directs it to bind its outgoing connection to the address of the specified network interface. BindInterface prefers to use addresses that aren't loopback or link- local, but will fall back to those if no other addresses of the required family are available on that interface. Based on patch by Mike Manning in bz#2820, ok dtucker@ OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713
2018-02-13upstream: remove space before tabdjm@openbsd.org
OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890
2018-02-13upstream Don't reset signal handlers inside handlers.dtucker@openbsd.org
The signal handlers from the original ssh1 code on which OpenSSH is based assume unreliable signals and reinstall their handlers. Since OpenBSD (and pretty much every current system) has reliable signals this is not needed. In the unlikely even that -portable is still being used on such systems we will deal with it in the compat layer. ok deraadt@ OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c
2018-01-23upstream commitdjm@openbsd.org
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2018-01-23upstream commitdjm@openbsd.org
don't attempt to force hostnames that are addresses to lowercase, but instead canonicalise them through getnameinfo/getaddrinfo to remove ambiguities (e.g. ::0001 => ::1) before they are matched against known_hosts; bz#2763, ok dtucker@ OpenBSD-Commit-ID: ba0863ff087e61e5c65efdbe53be3cb92c9aefa0
2017-11-01upstream commitdjm@openbsd.org@openbsd.org
fix broken stdout in ControlPersist mode, introduced by me in r1.467 and reported by Alf Schlichting OpenBSD-Commit-ID: 3750a16e02108fc25f747e4ebcedb7123c1ef509
2017-10-31upstream commitdjm@openbsd.org@openbsd.org
whitespace at EOL OpenBSD-Commit-ID: c95549cf5a07d56ea11aaff818415118720214f6
2017-10-25upstream commitdjm@openbsd.org
transfer ownership of stdout to the session channel by dup2'ing /dev/null to fd 1. This allows propagation of remote stdout close to the local side; reported by David Newall, ok markus@ Upstream-ID: 8d9ac18a11d89e6b0415f0cbf67b928ac67f0e79
2017-10-23upstream commitdjm@openbsd.org
Expose devices allocated for tun/tap forwarding. At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
2017-10-23upstream commitmillert@openbsd.org
Add URI support to ssh, sftp and scp. For example ssh://user@host or sftp://user@host/path. The connection parameters described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since the ssh fingerprint format in the draft uses md5 with no way to specify the hash function type. OK djm@ Upstream-ID: 4ba3768b662d6722de59e6ecb00abf2d4bf9cacc
2017-09-22upstream commitmarkus@openbsd.org
Add 'reverse' dynamic forwarding which combines dynamic forwarding (-D) with remote forwarding (-R) where the remote-forwarded port expects SOCKS-requests. The SSH server code is unchanged and the parsing happens at the SSH clients side. Thus the full SOCKS-request is sent over the forwarded channel and the client parses c->output. Parsing happens in channel_before_prepare_select(), _before_ the select bitmask is computed in the pre[] handlers, but after network input processing in the post[] handlers. help and ok djm@ Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
2017-09-12upstream commitdjm@openbsd.org
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
2017-08-12upstream commitdjm@openbsd.org
make "--" before the hostname terminate command-line option processing completely; previous behaviour would not prevent further options appearing after the hostname (ssh has a supported options after the hostname for >20 years, so that's too late to change). ok deraadt@ Upstream-ID: ef5ee50571b98ad94dcdf8282204e877ec88ad89
2017-05-31upstream commitbluhm@openbsd.org
Add RemoteCommand option to specify a command in the ssh config file instead of giving it on the client's command line. This command will be executed on the remote host. The feature allows to automate tasks using ssh config. OK markus@ Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee
2017-05-31upstream commitmarkus@openbsd.org
switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
2017-05-08upstream commitjmc@openbsd.org
remove options -12 from usage(); Upstream-ID: db7ceef25132e63b50ed05289bf447fece1d1270
2017-05-01upstream commitdjm@openbsd.org
obliterate ssh1.h and some dead code that used it ok markus@ Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
2017-05-01upstream commitdjm@openbsd.org
remove KEY_RSA1 ok markus@ Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
2017-05-01upstream commitdjm@openbsd.org
remove SSHv1 ciphers; ok markus@ Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
2017-05-01upstream commitdjm@openbsd.org
remove compat20/compat13/compat15 variables ok markus@ Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
2017-05-01upstream commitdjm@openbsd.org
remove options.protocol and client Protocol configuration knob ok markus@ Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
2017-05-01upstream commitdjm@openbsd.org
unifdef WITH_SSH1 ok markus@ Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
2017-04-28upstream commitdtucker@openbsd.org
Add SyslogFacility option to ssh(1) matching the equivalent option in sshd(8). bz#2705, patch from erahn at arista.com, ok djm@ Upstream-ID: d5115c2c0193ceb056ed857813b2a7222abda9ed