summaryrefslogtreecommitdiff
path: root/sshconnect2.c
AgeCommit message (Collapse)Author
2019-06-05GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Origin: other, https://github.com/openssh-gsskex/openssh-gsskex/commits/debian/master Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2019-06-05 Patch-Name: gssapi.patch
2019-02-13upstream: fix regression in r1.302 reported by naddy@ - only the firstdjm@openbsd.org
public key from the agent was being attempted for use. OpenBSD-Commit-ID: 07116aea521a04888718b2157f1ca723b2f46c8d
2019-02-11upstream: cleanup GSSAPI authentication context after completion of thedjm@openbsd.org
authmethod. Move function-static GSSAPI state to the client Authctxt structure. Make static a bunch of functions that aren't used outside this file. Based on patch from Markus Schmidt <markus@blueflash.cc>; ok markus@ OpenBSD-Commit-ID: 497fb792c0ddb4f1ba631b6eed526861f115dbe5
2019-01-21upstream: rename kex->kem_client_pub -> kex->client_pub now thatdjm@openbsd.org
KEM has been renamed to kexgen from markus@ ok djm@ OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8
2019-01-21upstream: use KEM API for vanilla ECDHdjm@openbsd.org
from markus@ ok djm@ OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
2019-01-21upstream: use KEM API for vanilla DH KEXdjm@openbsd.org
from markus@ ok djm@ OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
2019-01-21upstream: use KEM API for vanilla c25519 KEXdjm@openbsd.org
OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
2019-01-21upstream: Add support for a PQC KEX/KEM:djm@openbsd.org
sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default. introduce KEM API; a simplified framework for DH-ish KEX methods. from markus@ feedback & ok djm@ OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7
2019-01-21upstream: GSSAPI code got missed when converting to new packet APIdjm@openbsd.org
OpenBSD-Commit-ID: 37e4f06ab4a0f4214430ff462ba91acba28b7851
2019-01-20upstream: convert the remainder of sshconnect2.c to new packetdjm@openbsd.org
API with & ok markus@ OpenBSD-Commit-ID: 0986d324f2ceb5e8a12ac21c1bb10b3b4b1e0f71
2019-01-20upstream: convert sshconnect2.c to new packet APIdjm@openbsd.org
with & ok markus@ OpenBSD-Commit-ID: 1cb869e0d6e03539f943235641ea070cae2ebc58
2019-01-20upstream: begin landing remaining refactoring of packet parsingdjm@openbsd.org
API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2019-01-04upstream: eliminate function-static attempt counters fordjm@openbsd.org
passwd/kbdint authmethods by moving them to the client authctxt; Patch from Markus Schmidt, ok markus@ OpenBSD-Commit-ID: 4df4404a5d5416eb056f68e0e2f4fa91ba3b3f7f
2018-12-27upstream: move client/server SSH-* banners to buffers underdjm@openbsd.org
ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
2018-12-07upstream: don't truncate user or host name in "user@host'sdjm@openbsd.org
OpenBSD-Commit-ID: e6ca01a8d58004b7f2cac0b1b7ce8f87e425e360
2018-11-16upstream: fix bug in client that was keeping a redundant ssh-agentdjm@openbsd.org
socket around for the life of the connection; bz#2912; reported by Simon Tatham; ok dtucker@ OpenBSD-Commit-ID: 4ded588301183d343dce3e8c5fc1398e35058478
2018-10-12upstream: don't send new-style rsa-sha2-*-cert-v01@openssh.com names todjm@openbsd.org
older OpenSSH that can't handle them. spotted by Adam Eijdenberg; ok dtucker OpenBSD-Commit-ID: 662bbc402e3d7c9b6c322806269698106a6ae631
2018-09-14upstream: second try, deals properly with missing and private-onlydjm@openbsd.org
Use consistent format in debug log for keys readied, offered and received during public key authentication. This makes it a little easier to see what is going on, as each message now contains (where available) the key filename, its type and fingerprint, and whether the key is hosted in an agent or a token. OpenBSD-Commit-ID: f1c6a8e9cfc4e108c359db77f24f9a40e1e25ea7
2018-09-14upstream: revert following; deals badly with agent keysdjm@openbsd.org
revision 1.285 date: 2018/09/14 04:17:12; author: djm; state: Exp; lines: +47 -26; commitid: lflGFcNb2X2HebaK; Use consistent format in debug log for keys readied, offered and received during public key authentication. This makes it a little easier to see what is going on, as each message now contains the key filename, its type and fingerprint, and whether the key is hosted in an agent or a token. OpenBSD-Commit-ID: e496bd004e452d4b051f33ed9ae6a54ab918f56d
2018-09-14upstream: Use consistent format in debug log for keys readied,djm@openbsd.org
offered and received during public key authentication. This makes it a little easier to see what is going on, as each message now contains the key filename, its type and fingerprint, and whether the key is hosted in an agent or a token. OpenBSD-Commit-ID: 2a01d59285a8a7e01185bb0a43316084b4f06a1f
2018-08-13upstream: revert compat.[ch] section of the following change. Itdjm@openbsd.org
causes double-free under some circumstances. -- date: 2018/07/31 03:07:24; author: djm; state: Exp; lines: +33 -18; commitid: f7g4UI8eeOXReTPh; fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366 feedback and ok dtucker@ OpenBSD-Commit-ID: 1e77547f60fdb5e2ffe23e2e4733c54d8d2d1137
2018-07-31upstream: fix some memory leaks spotted by Coverity via Jakub Jelendjm@openbsd.org
in bz#2366 feedback and ok dtucker@ OpenBSD-Commit-ID: 8402bbae67d578bedbadb0ce68ff7c5a136ef563
2018-07-19upstream: Remove support for running ssh(1) setuid and fatal ifdtucker@openbsd.org
attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@ OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
2018-07-19upstream: Remove support for loading HostBasedAuthentication keysdtucker@openbsd.org
directly in ssh(1) and always use ssh-keysign. This removes one of the few remaining reasons why ssh(1) might be setuid. ok markus@ OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d
2018-07-12upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: f88ba43c9d54ed2d911218aa8d3f6285430629c3
2018-07-12upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-10upstream: client: switch to sshbuf API; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
2018-07-10upstream: Revert previous two commitssf@openbsd.org
It turns out we still support pre-auth compression on the client. Therefore revert the previous two commits: date: 2018/07/06 09:06:14; author: sf; commitid: yZVYKIRtUZWD9CmE; Rename COMP_DELAYED to COMP_ZLIB Only delayed compression is supported nowadays. ok markus@ date: 2018/07/06 09:05:01; author: sf; commitid: rEGuT5UgI9f6kddP; Remove leftovers from pre-authentication compression Support for this has been removed in 2016. COMP_DELAYED will be renamed in a later commit. ok markus@ OpenBSD-Commit-ID: cdfef526357e4e1483c86cf599491b2dafb77772
2018-07-10upstream: Remove leftovers from pre-authentication compressionsf@openbsd.org
Support for this has been removed in 2016. COMP_DELAYED will be renamed in a later commit. ok markus@ OpenBSD-Commit-ID: 6a99616c832627157113fcb0cf5a752daf2e6b58
2018-07-04upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSAdjm@openbsd.org
signature work - returns ability to add/remove/specify algorithms by wildcard. Algorithm lists are now fully expanded when the server/client configs are finalised, so errors are reported early and the config dumps (e.g. "ssh -G ...") now list the actual algorithms selected. Clarify that, while wildcards are accepted in algorithm lists, they aren't full pattern-lists that support negation. (lots of) feedback, ok markus@ OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207
2018-07-03upstream: some finesse to fix RSA-SHA2 certificate authenticationdjm@openbsd.org
for certs hosted in ssh-agent OpenBSD-Commit-ID: e5fd5edd726137dda2d020e1cdebc464110a010f
2018-07-03upstream: check correct variable; unbreak agent keysdjm@openbsd.org
OpenBSD-Commit-ID: c36981fdf1f3ce04966d3310826a3e1e6233d93e
2018-07-03upstream: Improve strictness and control over RSA-SHA2 signaturedjm@openbsd.org
In ssh, when an agent fails to return a RSA-SHA2 signature when requested and falls back to RSA-SHA1 instead, retry the signature to ensure that the public key algorithm sent in the SSH_MSG_USERAUTH matches the one in the signature itself. In sshd, strictly enforce that the public key algorithm sent in the SSH_MSG_USERAUTH message matches what appears in the signature. Make the sshd_config PubkeyAcceptedKeyTypes and HostbasedAcceptedKeyTypes options control accepted signature algorithms (previously they selected supported key types). This allows these options to ban RSA-SHA1 in favour of RSA-SHA2. Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures with certificate keys. feedback and ok markus@ OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
2018-06-26upstream: whitespacedjm@openbsd.org
OpenBSD-Commit-ID: 9276951caf4daf555f6d262e95720e7f79244572
2018-03-25upstream: fix bogus warning when signing cert keys using agent;markus@openbsd.org
from djm; ok deraadt dtucker OpenBSD-Commit-ID: 12e50836ba2040042383a8b71e12d7ea06e9633d
2018-03-03upstream: warn when the agent returns a signature type that wasdjm@openbsd.org
different to what was requested. This might happen when an old/non-OpenSSH agent is asked to make a rsa-sha2-256/512 signature but only supports ssh-rsa. bz#2799 feedback and ok markus@ OpenBSD-Commit-ID: 760c0f9438c5c58abc16b5f98008ff2d95cb13ce
2018-02-09upstream commitdtucker@openbsd.org
ssh_free checks for and handles NULL args, remove NULL checks from remaining callers. ok djm@ OpenBSD-Commit-ID: bb926825c53724c069df68a93a2597f9192f7e7b
2018-01-23upstream commitdjm@openbsd.org
Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2017-09-04upstream commitdtucker@openbsd.org
Increase the buffer sizes for user prompts to ensure that they won't be truncated by snprintf. Based on patch from cjwatson at debian.org via bz#2768, ok djm@ Upstream-ID: 6ffacf1abec8f40b469de5b94bfb29997d96af3e
2017-08-12upstream commitdjm@openbsd.org
refuse to a private keys when its corresponding .pub key does not match. bz#2737 ok dtucker@ Upstream-ID: 54ff5e2db00037f9db8d61690f26ef8f16e0d913
2017-06-16upstream commitdtucker@openbsd.org
Add user@host prefix to client's "Permisison denied" messages, useful in particular when using "stacked" connections where it's not clear which host is denying. bz#2720, ok djm@ markus@ Upstream-ID: de88e1e9dcb050c98e85377482d1287a9fe0d2be
2017-06-01upstream commitmarkus@openbsd.org
remove now obsolete ctx from ssh_dispatch_run; ok djm@ Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
2017-05-31upstream commitdjm@openbsd.org
another ctx => ssh conversion (in GSSAPI code) Upstream-ID: 4d6574c3948075c60608d8e045af42fe5b5d8ae0
2017-05-31upstream commitmarkus@openbsd.org
protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
2017-05-31upstream commitmarkus@openbsd.org
ssh: pass struct ssh to auth functions, too; ok djm@ Upstream-ID: d13c509cc782f8f19728fbea47ac7cf36f6e85dd
2017-05-31upstream commitmarkus@openbsd.org
switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
2017-05-08upstream commitnaddy@openbsd.org
more simplification and removal of SSHv1-related code; ok djm@ Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
2017-05-01upstream commitdjm@openbsd.org
remove KEY_RSA1 ok markus@ Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
2017-04-28upstream commitdjm@openbsd.org
include key fingerprint in "Offering public key" debug message Upstream-ID: 964749f820c2ed4cf6a866268b1a05e907315c52
2017-03-12upstream commitdjm@openbsd.org
allow ssh to use certificates accompanied by a private key file but no corresponding plain *.pub public key. bz#2617 based on patch from Adam Eijdenberg; ok dtucker@ markus@ Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9