summaryrefslogtreecommitdiff
path: root/ssh.c
AgeCommit message (Collapse)Author
2020-01-06upstream: fix CanonicalizeHostname, broken by rev 1.507beck@openbsd.org
Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com> ok dtucker@ markus@ djm@ OpenBSD-Commit-ID: 749f3168ec520609c35b0c4e1984e5fa47f16094
2019-12-21upstream: Allow forwarding a different agent socket to the pathdjm@openbsd.org
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to accepting an explicit path or the name of an environment variable in addition to yes/no. Patch by Eric Chiang, manpage by me; ok markus@ OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
2019-11-20upstream: additional missing stdarg.h includes when built withoutnaddy@openbsd.org
WITH_OPENSSL; ok djm@ OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
2019-11-01upstream: ssh client support for U2F/FIDO keysdjm@openbsd.org
OpenBSD-Commit-ID: eb2cfa6cf7419a1895e06e398ea6d41516c5b0bc
2019-09-13upstream: allow %n to be expanded in ProxyCommand stringsdjm@openbsd.org
From Zachary Harmany via github.com/openssh/openssh-portable/pull/118 ok dtucker@ OpenBSD-Commit-ID: 7eebf1b7695f50c66d42053d352a4db9e8fb84b6
2019-09-08upstream: Allow prepending a list of algorithms to the default setnaddy@openbsd.org
by starting the list with the '^' character, e.g. HostKeyAlgorithms ^ssh-ed25519 Ciphers ^aes128-gcm@openssh.com,aes256-gcm@openssh.com ok djm@ dtucker@ OpenBSD-Commit-ID: 1e1996fac0dc8a4b0d0ff58395135848287f6f97
2019-07-05upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org
some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-06-14upstream: slightly more instructive error message when the userdjm@openbsd.org
specifies multiple -J options on the commandline. bz3015 ok dtucker@ OpenBSD-Commit-ID: 181c15a65cac3b575819bc8d9a56212c3c748179
2019-06-14upstream: Hostname->HostName cleanup; from lauri tirkkonen okjmc@openbsd.org
dtucker OpenBSD-Commit-ID: 4ade73629ede63b691f36f9a929f943d4e7a44e4
2019-06-08upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org
malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
2019-05-08upstream: Use the LogLevel typdef instead of int where appropriate. Patch ↵dtucker@openbsd.org
from Markus Schmidt via openssh-unix-dev, ok markus@ OpenBSD-Commit-ID: 4c0f0f458e3da7807806b35e3eb5c1e8403c968a
2019-01-20upstream: remove last references to active_statedjm@openbsd.org
with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
2019-01-20upstream: convert ssh.c to new packet APIdjm@openbsd.org
with & ok markus@ OpenBSD-Commit-ID: eb146878b24e85c2a09ee171afa6797c166a2e21
2019-01-20upstream: begin landing remaining refactoring of packet parsingdjm@openbsd.org
API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2018-12-27upstream: move client/server SSH-* banners to buffers underdjm@openbsd.org
ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
2018-11-23upstream: add a ssh_config "Match final" predicatedjm@openbsd.org
Matches in same pass as "Match canonical" but doesn't require hostname canonicalisation be enabled. bz#2906 ok markus OpenBSD-Commit-ID: fba1dfe9f6e0cabcd0e2b3be13f7a434199beffa
2018-11-23refactor libcrypto initialisationDamien Miller
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
2018-10-23upstream: refer to OpenSSL not SSLeay;djm@openbsd.org
we're old, but we don't have to act it OpenBSD-Commit-ID: 9ca38d11f8ed19e61a55108d1e892d696cee08ec
2018-10-03upstream: Allow ssh_config IdentityAgent directive to acceptdjm@openbsd.org
environment variable names as well as explicit paths. ok dtucker@ OpenBSD-Commit-ID: 2f0996e103876c53d8c9dd51dcce9889d700767b
2018-09-21upstream: Treat connections with ProxyJump specified the same as onesdjm@openbsd.org
with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't try to canonicalise the hostname unless CanonicalizeHostname is set to 'always'). Patch from Sven Wegener via bz#2896 OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37
2018-09-20upstream: fix "ssh -Q sig" to show correct signature algorithm listdjm@openbsd.org
(it was erroneously showing certificate algorithms); prompted by markus@ OpenBSD-Commit-ID: 1cdee002f2f0c21456979deeb887fc889afb154d
2018-09-12upstream: Add "ssh -Q sig" to allow listing supported signaturedjm@openbsd.org
algorithms ok markus@ OpenBSD-Commit-ID: 7a8c6eb6c249dc37823ba5081fce64876d10fe2b
2018-07-31upstream: Now that ssh can't be setuid, remove thedtucker@openbsd.org
original_real_uid and original_effective_uid globals and replace with calls to plain getuid(). ok djm@ OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c
2018-07-26upstream: Use the caller provided (copied) pwent struct inbeck@openbsd.org
load_public_identity_files instead of calling getpwuid() again and discarding the argument. This prevents a client crash where tilde_expand_filename calls getpwuid() again before the pwent pointer is used. Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@ OpenBSD-Commit-ID: a067d74b5b098763736c94cc1368de8ea3f0b157
2018-07-19upstream: Deprecate UsePrivilegedPort now that support for runningdtucker@openbsd.org
ssh(1) setuid has been removed, remove supporting code and clean up references to it in the man pages We have not shipped ssh(1) the setuid bit since 2002. If ayone really needs to make connections from a low port number this can be implemented via a small setuid ProxyCommand. ok markus@ jmc@ djm@ OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e
2018-07-19upstream: Remove support for running ssh(1) setuid and fatal ifdtucker@openbsd.org
attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@ OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
2018-07-19upstream: Slot 0 in the hostbased key array was previously RSA1,dtucker@openbsd.org
but that is now gone and the slot is unused so remove it. Remove two now-unused macros, and add an array bounds check to the two remaining ones (array is statically sized, so mostly a safety check on future changes). ok markus@ OpenBSD-Commit-ID: 2e4c0ca6cc1d8daeccead2aa56192a3f9d5e1e7a
2018-07-19upstream: Remove support for loading HostBasedAuthentication keysdtucker@openbsd.org
directly in ssh(1) and always use ssh-keysign. This removes one of the few remaining reasons why ssh(1) might be setuid. ok markus@ OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d
2018-07-16upstream: keep options.identity_file_userprovided array in sync when wedjm@openbsd.org
load keys, fixing some spurious error messages; ok markus OpenBSD-Commit-ID: c63e3d5200ee2cf9e35bda98de847302566c6a00
2018-07-12upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-10upstream: client: switch to sshbuf API; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
2018-06-09upstream: fix incorrect expansion of %i indjm@openbsd.org
load_public_identity_files(); reported by Roumen Petrov OpenBSD-Commit-ID: a827289e77149b5e0850d72a350c8b0300e7ef25
2018-06-07upstream: Add a PermitListen directive to control which server-sidedjm@openbsd.org
addresses may be listened on when the client requests remote forwarding (ssh -R). This is the converse of the existing PermitOpen directive and this includes some refactoring to share much of its implementation. feedback and ok markus@ OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
2018-06-01upstream: make UID available as a %-expansion everywhere that thedjm@openbsd.org
username is available currently. In the client this is via %i, in the server %U (since %i was already used in the client in some places for this, but used for something different in the server); bz#2870, ok dtucker@ OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
2018-06-01upstream: prefer argv0 to "ssh" when re-executing ssh for ProxyJumpdjm@openbsd.org
directive; bz2831, feedback and ok dtucker@ OpenBSD-Commit-ID: 3cec709a131499fbb0c1ea8a0a9e0b0915ce769e
2018-04-15upstream: don't free the %C expansion, it's used later fordjm@openbsd.org
LocalCommand OpenBSD-Commit-ID: 857b5cb37b2d856bfdfce61289a415257a487fb1
2018-04-10upstream: lots of typos in comments/docs. Patch from Karsten Weissdjm@openbsd.org
after checking with codespell tool (https://github.com/lucasdemarchi/codespell) OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
2018-02-26upstream: Add experimental support for PQC XMSS keys (Extendedmarkus@openbsd.org
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@ OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
2018-02-23upstream: Add BindInterface ssh_config directive and -Bdjm@openbsd.org
command-line argument to ssh(1) that directs it to bind its outgoing connection to the address of the specified network interface. BindInterface prefers to use addresses that aren't loopback or link- local, but will fall back to those if no other addresses of the required family are available on that interface. Based on patch by Mike Manning in bz#2820, ok dtucker@ OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713
2018-02-13upstream: remove space before tabdjm@openbsd.org
OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890
2018-02-13upstream Don't reset signal handlers inside handlers.dtucker@openbsd.org
The signal handlers from the original ssh1 code on which OpenSSH is based assume unreliable signals and reinstall their handlers. Since OpenBSD (and pretty much every current system) has reliable signals this is not needed. In the unlikely even that -portable is still being used on such systems we will deal with it in the compat layer. ok deraadt@ OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c
2018-01-23upstream commitdjm@openbsd.org
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2018-01-23upstream commitdjm@openbsd.org
don't attempt to force hostnames that are addresses to lowercase, but instead canonicalise them through getnameinfo/getaddrinfo to remove ambiguities (e.g. ::0001 => ::1) before they are matched against known_hosts; bz#2763, ok dtucker@ OpenBSD-Commit-ID: ba0863ff087e61e5c65efdbe53be3cb92c9aefa0
2017-11-01upstream commitdjm@openbsd.org@openbsd.org
fix broken stdout in ControlPersist mode, introduced by me in r1.467 and reported by Alf Schlichting OpenBSD-Commit-ID: 3750a16e02108fc25f747e4ebcedb7123c1ef509
2017-10-31upstream commitdjm@openbsd.org@openbsd.org
whitespace at EOL OpenBSD-Commit-ID: c95549cf5a07d56ea11aaff818415118720214f6
2017-10-25upstream commitdjm@openbsd.org
transfer ownership of stdout to the session channel by dup2'ing /dev/null to fd 1. This allows propagation of remote stdout close to the local side; reported by David Newall, ok markus@ Upstream-ID: 8d9ac18a11d89e6b0415f0cbf67b928ac67f0e79
2017-10-23upstream commitdjm@openbsd.org
Expose devices allocated for tun/tap forwarding. At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
2017-10-23upstream commitmillert@openbsd.org
Add URI support to ssh, sftp and scp. For example ssh://user@host or sftp://user@host/path. The connection parameters described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since the ssh fingerprint format in the draft uses md5 with no way to specify the hash function type. OK djm@ Upstream-ID: 4ba3768b662d6722de59e6ecb00abf2d4bf9cacc
2017-09-22upstream commitmarkus@openbsd.org
Add 'reverse' dynamic forwarding which combines dynamic forwarding (-D) with remote forwarding (-R) where the remote-forwarded port expects SOCKS-requests. The SSH server code is unchanged and the parsing happens at the SSH clients side. Thus the full SOCKS-request is sent over the forwarded channel and the client parses c->output. Parsing happens in channel_before_prepare_select(), _before_ the select bitmask is computed in the pre[] handlers, but after network input processing in the post[] handlers. help and ok djm@ Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
2017-09-12upstream commitdjm@openbsd.org
refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f