summaryrefslogtreecommitdiff
path: root/sshd.c
AgeCommit message (Collapse)Author
2015-01-15upstream commitdjm@openbsd.org
move authfd.c and its tentacles to the new buffer/key API; ok markus@
2015-01-15support --without-openssl at configure timeDamien Miller
Disables and removes dependency on OpenSSL. Many features don't work and the set of crypto options is greatly restricted. This will only work on system with native arc4random or /dev/urandom. Considered highly experimental for now.
2015-01-09upstream committedu@openbsd.org
workaround for the Meyer, et al, Bleichenbacher Side Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm markus
2014-12-22upstream commitdjm@openbsd.org
make internal handling of filename arguments of "none" more consistent with ssh. "none" arguments are now replaced with NULL when the configuration is finalised. Simplifies checking later on (just need to test not-NULL rather than that + strcmp) and cleans up some inconsistencies. ok markus@
2014-12-11upstream commitdjm@openbsd.org
explicitly include sys/param.h in files that use the howmany() macro; from portable
2014-08-27 - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauthDamien Miller
monitor, not preauth; bz#2263
2014-08-23 - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode onDamien Miller
lastlog writing on platforms with high UIDs; bz#2263
2014-07-18 - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
2014-07-02 - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
2014-05-15 - markus@cvs.openbsd.org 2014/04/29 18:01:49Damien Miller
[auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
2014-04-20 - tedu@cvs.openbsd.org 2014/04/19 14:53:48Damien Miller
[ssh-keysign.c sshd.c] Delete futile calls to RAND_seed. ok djm NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
2014-04-20 - djm@cvs.openbsd.org 2014/04/18 23:52:25Damien Miller
[compat.c compat.h sshconnect2.c sshd.c version.h] OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections using the curve25519-sha256@libssh.org KEX exchange method to fail when connecting with something that implements the spec properly. Disable this KEX method when speaking to one of the affected versions. reported by Aris Adamantiadis; ok markus@
2014-04-20 - djm@cvs.openbsd.org 2014/04/12 04:55:53Damien Miller
[sshd.c] avoid crash at exit: check that pmonitor!=NULL before dereferencing; bz#2225, patch from kavi AT juniper.net
2014-04-20 - tedu@cvs.openbsd.org 2014/03/26 19:58:37Damien Miller
[sshd.8 sshd.c] remove libwrap support. ok deraadt djm mfriedl
2014-04-20Three commits in one (since they touch the same heavily-diverged fileDamien Miller
repeatedly): - markus@cvs.openbsd.org 2014/03/25 09:40:03 [myproposal.h] trimm default proposals. This commit removes the weaker pre-SHA2 hashes, the broken ciphers (arcfour), and the broken modes (CBC) from the default configuration (the patch only changes the default, all the modes are still available for the config files). ok djm@, reminded by tedu@ & naddy@ and discussed with many - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 [myproposal.h] The current sharing of myproposal[] between both client and server code makes the previous diff highly unpallatable. We want to go in that direction for the server, but not for the client. Sigh. Brought up by naddy. - markus@cvs.openbsd.org 2014/03/27 23:01:27 [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] disable weak proposals in sshd, but keep them in ssh; ok djm@
2014-02-27 - markus@cvs.openbsd.org 2014/02/26 21:53:37Damien Miller
[sshd.c] ssh_gssapi_prepare_supported_oids needs GSSAPI
2014-02-27 - djm@cvs.openbsd.org 2014/02/26 20:28:44Damien Miller
[auth2-gss.c gss-serv.c ssh-gss.h sshd.c] bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep sandboxing, as running this code in the sandbox can cause violations; ok markus@
2014-02-04 - djm@cvs.openbsd.org 2014/02/02 03:44:32Damien Miller
[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
2014-02-04 - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
2014-02-04 - djm@cvs.openbsd.org 2014/01/29 00:19:26Damien Miller
[sshd.c] use kill(0, ...) instead of killpg(0, ...); on most operating systems they are equivalent, but SUSv2 describes the latter as having undefined behaviour; from portable; ok dtucker (Id sync only; change is already in portable)
2014-02-04 - markus@cvs.openbsd.org 2014/01/27 19:18:54Damien Miller
[auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] replace openssl MD5 with our ssh_digest_*; ok djm@
2014-01-28 - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); theDamien Miller
latter being specified to have undefined behaviour in SUSv3; ok dtucker
2014-01-17 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]Damien Miller
[sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
2014-01-10 - djm@cvs.openbsd.org 2014/01/09 23:26:48Damien Miller
[sshconnect.c sshd.c] ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, deranged and might make some attacks on KEX easier; ok markus@
2013-12-31 - djm@cvs.openbsd.org 2013/12/30 23:52:28Damien Miller
[auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] [sshconnect.c sshconnect2.c sshd.c] refuse RSA keys from old proprietary clients/servers that use the obsolete RSA+MD5 signature scheme. it will still be possible to connect with these clients/servers but only DSA keys will be accepted, and we'll deprecate them entirely in a future release. ok markus@
2013-12-07 - markus@cvs.openbsd.org 2013/12/06 13:39:49Damien Miller
[authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
2013-11-21 - djm@cvs.openbsd.org 2013/11/20 02:19:01Damien Miller
[sshd.c] delay closure of in/out fds until after "Bad protocol version identification..." message, as get_remote_ipaddr/get_remote_port require them open.
2013-11-04 - markus@cvs.openbsd.org 2013/11/02 21:59:15Damien Miller
[kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] use curve25519 for default key exchange (curve25519-sha256@libssh.org); initial patch from Aris Adamantiadis; ok djm@
2013-10-26 - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] RemoveDamien Miller
unnecessary arc4random_stir() calls. The only ones left are to ensure that the PRNG gets a different state after fork() for platforms that have broken the API.
2013-10-24 - djm@cvs.openbsd.org 2013/10/23 23:35:32Damien Miller
[sshd.c] include local address and port in "Connection from ..." message (only shown at loglevel>=verbose)
2013-10-18 - djm@cvs.openbsd.org 2013/10/17 22:08:04Damien Miller
[sshd.c] include remote port in bad banner message; bz#2162
2013-10-15 - djm@cvs.openbsd.org 2013/10/10 01:43:03Damien Miller
[sshd.c] bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly updated; ok dtucker@
2013-09-22 - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adjDarren Tucker
setting when handling SIGHUP to maintain behaviour over retart. Patch from Matthew Ife.
2013-09-14 - deraadt@cvs.openbsd.org 2013/09/02 22:00:34Damien Miller
[ssh-keygen.c sshconnect1.c sshd.c] All the instances of arc4random_stir() are bogus, since arc4random() does this itself, inside itself, and has for a very long time.. Actually, this was probably reducing the entropy available. ok djm ID SYNC ONLY for portable; we don't trust other arc4random implementations to do this right.
2013-09-14 - djm@cvs.openbsd.org 2013/08/22 19:02:21Damien Miller
[sshd.c] Stir PRNG after post-accept fork. The child gets a different PRNG state anyway via rexec and explicit privsep reseeds, but it's good to be sure. ok markus@
2013-07-20 - markus@cvs.openbsd.org 2013/07/19 07:37:48Damien Miller
[auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] [servconf.h session.c sshd.c sshd_config.5] add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 ok djm@
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/05 02:27:50Darren Tucker
[sshd.c] When running sshd -D, close stderr unless we have explicitly requesting logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch so, err, ok dtucker.
2013-06-02 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.cDarren Tucker
groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c openbsd-compat/port-linux.c] Replace portable-specific instances of xfree with the equivalent calls to free.
2013-06-02 - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41Darren Tucker
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] Fix some "unused result" warnings found via clang and -portable. ok markus@
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14Darren Tucker
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man page.
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/07 02:10:33Damien Miller
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c] Add -E option to ssh and sshd to append debugging logs to a specified file instead of stderr or syslog. ok markus@, man page help jmc@
2013-04-23 - markus@cvs.openbsd.org 2013/04/06 16:07:00Damien Miller
[channels.c sshd.c] handle ECONNABORTED for accept(); ok deraadt some time ago...
2013-02-12 - dtucker@cvs.openbsd.org 2013/02/11 21:21:58Damien Miller
[sshd.c] Add openssl version to debug output similar to the client. ok markus@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 11:09:15Damien Miller
[auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] [sshd_config.5] Support multiple required authentication via an AuthenticationMethods option. This option lists one or more comma-separated lists of authentication method names. Successful completion of all the methods in any list is required for authentication to complete; feedback and ok markus@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 10:38:43Damien Miller
[auth2-pubkey.c sshd.c sshd_config.5] Remove default of AuthorizedCommandUser. Administrators are now expected to explicitly specify a user. feedback and ok markus@
2012-10-31 - djm@cvs.openbsd.org 2012/10/30 21:29:55Damien Miller
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] [sshd.c sshd_config sshd_config.5] new sshd_config option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run as the target server user unless another specified via a new AuthorizedKeysCommandUser option. patch originally by jchadima AT redhat.com, reworked by me; feedback and ok markus@
2012-07-31 - djm@cvs.openbsd.org 2012/07/10 02:19:15Damien Miller
[servconf.c servconf.h sshd.c sshd_config] Turn on systrace sandboxing of pre-auth sshd by default for new installs by shipping a config that overrides the current UsePrivilegeSeparation=yes default. Make it easier to flip the default in the future by adding too.
2012-07-02 - markus@cvs.openbsd.org 2012/06/30 14:35:09Darren Tucker
[sandbox-systrace.c sshd.c] fix a during the load of the sandbox policies (child can still make the read-syscall and wait forever for systrace-answers) by replacing the read/write synchronisation with SIGSTOP/SIGCONT; report and help hshoexer@; ok djm@, dtucker@
2012-05-19- (dtucker) OpenBSD CVS SyncDarren Tucker
- dtucker@cvs.openbsd.org 2012/05/13 01:42:32 [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests to match. Feedback and ok djm@ markus@.