summaryrefslogtreecommitdiff
path: root/sshconnect2.c
AgeCommit message (Collapse)Author
2018-04-03GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2017-10-04 Patch-Name: gssapi.patch
2018-03-25upstream: fix bogus warning when signing cert keys using agent;markus@openbsd.org
from djm; ok deraadt dtucker OpenBSD-Commit-ID: 12e50836ba2040042383a8b71e12d7ea06e9633d
2018-03-03upstream: warn when the agent returns a signature type that wasdjm@openbsd.org
different to what was requested. This might happen when an old/non-OpenSSH agent is asked to make a rsa-sha2-256/512 signature but only supports ssh-rsa. bz#2799 feedback and ok markus@ OpenBSD-Commit-ID: 760c0f9438c5c58abc16b5f98008ff2d95cb13ce
2018-02-09upstream commitdtucker@openbsd.org
ssh_free checks for and handles NULL args, remove NULL checks from remaining callers. ok djm@ OpenBSD-Commit-ID: bb926825c53724c069df68a93a2597f9192f7e7b
2018-01-23upstream commitdjm@openbsd.org
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2017-09-04upstream commitdtucker@openbsd.org
Increase the buffer sizes for user prompts to ensure that they won't be truncated by snprintf. Based on patch from cjwatson at debian.org via bz#2768, ok djm@ Upstream-ID: 6ffacf1abec8f40b469de5b94bfb29997d96af3e
2017-08-12upstream commitdjm@openbsd.org
refuse to a private keys when its corresponding .pub key does not match. bz#2737 ok dtucker@ Upstream-ID: 54ff5e2db00037f9db8d61690f26ef8f16e0d913
2017-06-16upstream commitdtucker@openbsd.org
Add user@host prefix to client's "Permisison denied" messages, useful in particular when using "stacked" connections where it's not clear which host is denying. bz#2720, ok djm@ markus@ Upstream-ID: de88e1e9dcb050c98e85377482d1287a9fe0d2be
2017-06-01upstream commitmarkus@openbsd.org
remove now obsolete ctx from ssh_dispatch_run; ok djm@ Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
2017-05-31upstream commitdjm@openbsd.org
another ctx => ssh conversion (in GSSAPI code) Upstream-ID: 4d6574c3948075c60608d8e045af42fe5b5d8ae0
2017-05-31upstream commitmarkus@openbsd.org
protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
2017-05-31upstream commitmarkus@openbsd.org
ssh: pass struct ssh to auth functions, too; ok djm@ Upstream-ID: d13c509cc782f8f19728fbea47ac7cf36f6e85dd
2017-05-31upstream commitmarkus@openbsd.org
switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
2017-05-08upstream commitnaddy@openbsd.org
more simplification and removal of SSHv1-related code; ok djm@ Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
2017-05-01upstream commitdjm@openbsd.org
remove KEY_RSA1 ok markus@ Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
2017-04-28upstream commitdjm@openbsd.org
include key fingerprint in "Offering public key" debug message Upstream-ID: 964749f820c2ed4cf6a866268b1a05e907315c52
2017-03-12upstream commitdjm@openbsd.org
allow ssh to use certificates accompanied by a private key file but no corresponding plain *.pub public key. bz#2617 based on patch from Adam Eijdenberg; ok dtucker@ markus@ Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9
2017-02-03upstream commitdtucker@openbsd.org
Make ssh_packet_set_rekey_limits take u32 for the number of seconds until rekeying (negative values are rejected at config parse time). This allows the removal of some casts and a signed vs unsigned comparison warning. rekey_time is cast to int64 for the comparison which is a no-op on OpenBSD, but should also do the right thing in -portable on anything still using 32bit time_t (until the system time actually wraps, anyway). some early guidance deraadt@, ok djm@ Upstream-ID: c9f18613afb994a07e7622eb326f49de3d123b6c
2017-01-30upstream commitdjm@openbsd.org
misplaced braces in test; from Karsten Weiss Upstream-ID: f7b794074d3aae8e35b69a91d211c599c94afaae
2017-01-30upstream commitdjm@openbsd.org
don't dereference authctxt before testing != NULL, it causes compilers to make assumptions; from Karsten Weiss Upstream-ID: 794243aad1e976ebc717885b7a97a25e00c031b2
2016-12-05upstream commitdjm@openbsd.org
Fix public key authentication when multiple authentication is in use. Instead of deleting and re-preparing the entire keys list, just reset the 'used' flags; the keys list is already in a good order (with already- tried keys at the back) Analysis and patch from Vincent Brillault on bz#2642; ok dtucker@ Upstream-ID: 7123f12dc2f3bcaae715853035a97923d7300176
2016-09-29upstream commitdjm@openbsd.org
restore pre-auth compression support in the client -- the previous commit was intended to remove it from the server only. remove a few server-side pre-auth compression bits that escaped adjust wording of Compression directive in sshd_config(5) pointed out by naddy@ ok markus@ Upstream-ID: d23696ed72a228dacd4839dd9f2dec424ba2016b
2016-09-29upstream commitdjm@openbsd.org
Remove support for pre-authentication compression. Doing compression early in the protocol probably seemed reasonable in the 1990s, but today it's clearly a bad idea in terms of both cryptography (cf. multiple compression oracle attacks in TLS) and attack surface. Moreover, to support it across privilege-separation zlib needed the assistance of a complex shared-memory manager that made the required attack surface considerably larger. Prompted by Guido Vranken pointing out a compiler-elided security check in the shared memory manager found by Stack (http://css.csail.mit.edu/stack/); ok deraadt@ markus@ NB. pre-auth authentication has been disabled by default in sshd for >10 years. Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
2016-09-24upstream commitdtucker@openbsd.org
If ssh receives a PACKET_DISCONNECT during userauth it will cause ssh_dispatch_run(DISPATCH_BLOCK, ...) to return without the session being authenticated. Check for this and exit if necessary. ok djm@ Upstream-ID: b3afe126c0839d2eae6cddd41ff2ba317eda0903
2016-07-23upstream commitdtucker@openbsd.org
Lower loglevel for "Authenticated with partial success" message similar to other similar level. bz#2599, patch from cgallek at gmail.com, ok markus@ Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
2016-07-17upstream commitdjm@openbsd.org
support UTF-8 characters in ssh(1) banners using schwarze@'s safe fmprintf printer; bz#2058 feedback schwarze@ ok dtucker@ Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
2016-06-06upstream commitdtucker@openbsd.org
KNF compression proposal and simplify the client side a little. ok djm@ Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
2016-06-06upstream commitdjm@openbsd.org
prefer agent-hosted keys to keys from PKCS#11; ok markus Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
2016-05-02upstream commitdjm@openbsd.org
add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
2016-05-02upstream commitdjm@openbsd.org
fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
2016-04-29upstream commitdjm@openbsd.org
fix comment Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
2016-03-15upstream commitdjm@openbsd.org
unbreak authentication using lone certificate keys in ssh-agent: when attempting pubkey auth with a certificate, if no separate private key is found among the keys then try with the certificate key itself. bz#2550 reported by Peter Moody Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966
2016-02-23upstream commitdjm@openbsd.org
fix spurious error message when incorrect passphrase entered for keys; reported by espie@ ok deraadt@ Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899
2016-02-08upstream commitjsg@openbsd.org
avoid an uninitialised value when NumberOfPasswordPrompts is 0 ok markus@ djm@ Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
2016-01-27upstream commitmarkus@openbsd.org
fd leaks; report Qualys Security Advisory team; ok deraadt@ Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
2016-01-27upstream commitmarkus@openbsd.org
remove roaming support; ok djm@ Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
2015-12-18upstream commitmmcc@openbsd.org
Remove NULL-checks before sshkey_free(). ok djm@ Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
2015-12-11upstream commitdjm@openbsd.org
correct error messages; from Tomas Kuthan bz#2507 Upstream-ID: 7454a0affeab772398052954c79300aa82077093
2015-12-11upstream commitmmcc@openbsd.org
Pass (char *)NULL rather than (char *)0 to execl and execlp. ok dtucker@ Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492
2015-12-11upstream commitmmcc@openbsd.org
Remove NULL-checks before free(). ok dtucker@ Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
2015-12-07upstream commitmarkus@openbsd.org
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-12-04upstream commitdjm@openbsd.org
clean up agent_fd handling; properly initialise it to -1 and make tests consistent ok markus@ Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
2015-11-16upstream commitjcs@openbsd.org
Add an AddKeysToAgent client option which can be set to 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a private key that is used during authentication will be added to ssh-agent if it is running (with confirmation enabled if set to 'confirm'). Initial version from Joachim Schipper many years ago. ok markus@ Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
2015-10-14upstream commitdjm@openbsd.org
apply PubkeyAcceptedKeyTypes filtering earlier, so all skipped keys are noted before pubkey authentication starts. ok dtucker@ Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8
2015-10-06upstream commitdjm@openbsd.org
add ssh_config CertificateFile option to explicitly list a certificate; patch from Meghana Bhat on bz#2436; ok markus@ Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8
2015-07-30upstream commitdjm@openbsd.org
Allow ssh_config and sshd_config kex parameters options be prefixed by a '+' to indicate that the specified items be appended to the default rather than replacing it. approach suggested by dtucker@, feedback dlg@, ok markus@ Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
2015-07-15upstream commitmarkus@openbsd.org
Turn off DSA by default; add HostKeyAlgorithms to the server and PubkeyAcceptedKeyTypes to the client side, so it still can be tested or turned back on; feedback and ok djm@ Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
2015-05-10upstream commitdjm@openbsd.org
Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
2015-02-23Repair for non-ECC OpenSSL.Darren Tucker
Ifdef out the ECC parts when building with an OpenSSL that doesn't have it.
2015-01-30upstream commitdjm@openbsd.org
Add a ssh_config HostbasedKeyType option to control which host public key types are tried during hostbased authentication. This may be used to prevent too many keys being sent to the server, and blowing past its MaxAuthTries limit. bz#2211 based on patch by Iain Morgan; ok markus@