summaryrefslogtreecommitdiff
path: root/sshd.c
AgeCommit message (Collapse)Author
2014-07-02 - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
2014-05-15 - markus@cvs.openbsd.org 2014/04/29 18:01:49Damien Miller
[auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
2014-04-20 - tedu@cvs.openbsd.org 2014/04/19 14:53:48Damien Miller
[ssh-keysign.c sshd.c] Delete futile calls to RAND_seed. ok djm NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
2014-04-20 - djm@cvs.openbsd.org 2014/04/18 23:52:25Damien Miller
[compat.c compat.h sshconnect2.c sshd.c version.h] OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections using the curve25519-sha256@libssh.org KEX exchange method to fail when connecting with something that implements the spec properly. Disable this KEX method when speaking to one of the affected versions. reported by Aris Adamantiadis; ok markus@
2014-04-20 - djm@cvs.openbsd.org 2014/04/12 04:55:53Damien Miller
[sshd.c] avoid crash at exit: check that pmonitor!=NULL before dereferencing; bz#2225, patch from kavi AT juniper.net
2014-04-20 - tedu@cvs.openbsd.org 2014/03/26 19:58:37Damien Miller
[sshd.8 sshd.c] remove libwrap support. ok deraadt djm mfriedl
2014-04-20Three commits in one (since they touch the same heavily-diverged fileDamien Miller
repeatedly): - markus@cvs.openbsd.org 2014/03/25 09:40:03 [myproposal.h] trimm default proposals. This commit removes the weaker pre-SHA2 hashes, the broken ciphers (arcfour), and the broken modes (CBC) from the default configuration (the patch only changes the default, all the modes are still available for the config files). ok djm@, reminded by tedu@ & naddy@ and discussed with many - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 [myproposal.h] The current sharing of myproposal[] between both client and server code makes the previous diff highly unpallatable. We want to go in that direction for the server, but not for the client. Sigh. Brought up by naddy. - markus@cvs.openbsd.org 2014/03/27 23:01:27 [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] disable weak proposals in sshd, but keep them in ssh; ok djm@
2014-02-27 - markus@cvs.openbsd.org 2014/02/26 21:53:37Damien Miller
[sshd.c] ssh_gssapi_prepare_supported_oids needs GSSAPI
2014-02-27 - djm@cvs.openbsd.org 2014/02/26 20:28:44Damien Miller
[auth2-gss.c gss-serv.c ssh-gss.h sshd.c] bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep sandboxing, as running this code in the sandbox can cause violations; ok markus@
2014-02-04 - djm@cvs.openbsd.org 2014/02/02 03:44:32Damien Miller
[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
2014-02-04 - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
2014-02-04 - djm@cvs.openbsd.org 2014/01/29 00:19:26Damien Miller
[sshd.c] use kill(0, ...) instead of killpg(0, ...); on most operating systems they are equivalent, but SUSv2 describes the latter as having undefined behaviour; from portable; ok dtucker (Id sync only; change is already in portable)
2014-02-04 - markus@cvs.openbsd.org 2014/01/27 19:18:54Damien Miller
[auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] replace openssl MD5 with our ssh_digest_*; ok djm@
2014-01-28 - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); theDamien Miller
latter being specified to have undefined behaviour in SUSv3; ok dtucker
2014-01-17 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]Damien Miller
[sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
2014-01-10 - djm@cvs.openbsd.org 2014/01/09 23:26:48Damien Miller
[sshconnect.c sshd.c] ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, deranged and might make some attacks on KEX easier; ok markus@
2013-12-31 - djm@cvs.openbsd.org 2013/12/30 23:52:28Damien Miller
[auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] [sshconnect.c sshconnect2.c sshd.c] refuse RSA keys from old proprietary clients/servers that use the obsolete RSA+MD5 signature scheme. it will still be possible to connect with these clients/servers but only DSA keys will be accepted, and we'll deprecate them entirely in a future release. ok markus@
2013-12-07 - markus@cvs.openbsd.org 2013/12/06 13:39:49Damien Miller
[authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] support ed25519 keys (hostkeys and user identities) using the public domain ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
2013-11-21 - djm@cvs.openbsd.org 2013/11/20 02:19:01Damien Miller
[sshd.c] delay closure of in/out fds until after "Bad protocol version identification..." message, as get_remote_ipaddr/get_remote_port require them open.
2013-11-04 - markus@cvs.openbsd.org 2013/11/02 21:59:15Damien Miller
[kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] use curve25519 for default key exchange (curve25519-sha256@libssh.org); initial patch from Aris Adamantiadis; ok djm@
2013-10-26 - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] RemoveDamien Miller
unnecessary arc4random_stir() calls. The only ones left are to ensure that the PRNG gets a different state after fork() for platforms that have broken the API.
2013-10-24 - djm@cvs.openbsd.org 2013/10/23 23:35:32Damien Miller
[sshd.c] include local address and port in "Connection from ..." message (only shown at loglevel>=verbose)
2013-10-18 - djm@cvs.openbsd.org 2013/10/17 22:08:04Damien Miller
[sshd.c] include remote port in bad banner message; bz#2162
2013-10-15 - djm@cvs.openbsd.org 2013/10/10 01:43:03Damien Miller
[sshd.c] bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly updated; ok dtucker@
2013-09-22 - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adjDarren Tucker
setting when handling SIGHUP to maintain behaviour over retart. Patch from Matthew Ife.
2013-09-14 - deraadt@cvs.openbsd.org 2013/09/02 22:00:34Damien Miller
[ssh-keygen.c sshconnect1.c sshd.c] All the instances of arc4random_stir() are bogus, since arc4random() does this itself, inside itself, and has for a very long time.. Actually, this was probably reducing the entropy available. ok djm ID SYNC ONLY for portable; we don't trust other arc4random implementations to do this right.
2013-09-14 - djm@cvs.openbsd.org 2013/08/22 19:02:21Damien Miller
[sshd.c] Stir PRNG after post-accept fork. The child gets a different PRNG state anyway via rexec and explicit privsep reseeds, but it's good to be sure. ok markus@
2013-07-20 - markus@cvs.openbsd.org 2013/07/19 07:37:48Damien Miller
[auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] [servconf.h session.c sshd.c sshd_config.5] add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 ok djm@
2013-06-06 - dtucker@cvs.openbsd.org 2013/06/05 02:27:50Darren Tucker
[sshd.c] When running sshd -D, close stderr unless we have explicitly requesting logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch so, err, ok dtucker.
2013-06-02 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.cDarren Tucker
groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c openbsd-compat/port-linux.c] Replace portable-specific instances of xfree with the equivalent calls to free.
2013-06-02 - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41Darren Tucker
[log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] Fix some "unused result" warnings found via clang and -portable. ok markus@
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14Darren Tucker
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man page.
2013-04-23 - dtucker@cvs.openbsd.org 2013/04/07 02:10:33Damien Miller
[log.c log.h ssh.1 ssh.c sshd.8 sshd.c] Add -E option to ssh and sshd to append debugging logs to a specified file instead of stderr or syslog. ok markus@, man page help jmc@
2013-04-23 - markus@cvs.openbsd.org 2013/04/06 16:07:00Damien Miller
[channels.c sshd.c] handle ECONNABORTED for accept(); ok deraadt some time ago...
2013-02-12 - dtucker@cvs.openbsd.org 2013/02/11 21:21:58Damien Miller
[sshd.c] Add openssl version to debug output similar to the client. ok markus@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 11:09:15Damien Miller
[auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] [sshd_config.5] Support multiple required authentication via an AuthenticationMethods option. This option lists one or more comma-separated lists of authentication method names. Successful completion of all the methods in any list is required for authentication to complete; feedback and ok markus@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 10:38:43Damien Miller
[auth2-pubkey.c sshd.c sshd_config.5] Remove default of AuthorizedCommandUser. Administrators are now expected to explicitly specify a user. feedback and ok markus@
2012-10-31 - djm@cvs.openbsd.org 2012/10/30 21:29:55Damien Miller
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] [sshd.c sshd_config sshd_config.5] new sshd_config option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run as the target server user unless another specified via a new AuthorizedKeysCommandUser option. patch originally by jchadima AT redhat.com, reworked by me; feedback and ok markus@
2012-07-31 - djm@cvs.openbsd.org 2012/07/10 02:19:15Damien Miller
[servconf.c servconf.h sshd.c sshd_config] Turn on systrace sandboxing of pre-auth sshd by default for new installs by shipping a config that overrides the current UsePrivilegeSeparation=yes default. Make it easier to flip the default in the future by adding too.
2012-07-02 - markus@cvs.openbsd.org 2012/06/30 14:35:09Darren Tucker
[sandbox-systrace.c sshd.c] fix a during the load of the sandbox policies (child can still make the read-syscall and wait forever for systrace-answers) by replacing the read/write synchronisation with SIGSTOP/SIGCONT; report and help hshoexer@; ok djm@, dtucker@
2012-05-19- (dtucker) OpenBSD CVS SyncDarren Tucker
- dtucker@cvs.openbsd.org 2012/05/13 01:42:32 [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests to match. Feedback and ok djm@ markus@.
2012-04-22 - djm@cvs.openbsd.org 2012/04/12 02:42:32Damien Miller
[servconf.c servconf.h sshd.c sshd_config sshd_config.5] VersionAddendum option to allow server operators to append some arbitrary text to the SSH-... banner; ok deraadt@ "don't care" markus@
2012-04-22 - djm@cvs.openbsd.org 2012/04/11 13:26:40Damien Miller
[sshd.c] don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a while; ok deraadt@ markus@
2012-02-14 - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type forTim Rice
unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c ok dtucker@
2011-10-02 - djm@cvs.openbsd.org 2011/09/30 21:22:49Darren Tucker
[sshd.c] fix inverted test that caused logspam; spotted by henning@
2011-10-02 - djm@cvs.openbsd.org 2011/09/25 05:44:47Darren Tucker
[auth2-pubkey.c] improve the AuthorizedPrincipalsFile debug log message to include file and line number
2011-09-22 - djm@cvs.openbsd.org 2011/09/09 22:38:21Damien Miller
[sshd.c] kill the preauth privsep child on fatal errors in the monitor; ok markus@
2011-06-23 - djm@cvs.openbsd.org 2011/06/23 09:34:13Damien Miller
[sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c] [sandbox-null.c] rename sandbox.h => ssh-sandbox.h to make things easier for portable
2011-06-23 - djm@cvs.openbsd.org 2011/06/22 21:57:01Damien Miller
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c] [sandbox-systrace.c sandbox.h configure.ac Makefile.in] introduce sandboxing of the pre-auth privsep child using systrace(4). This introduces a new "UsePrivilegeSeparation=sandbox" option for sshd_config that applies mandatory restrictions on the syscalls the privsep child can perform. This prevents a compromised privsep child from being used to attack other hosts (by opening sockets and proxying) or probing local kernel attack surface. The sandbox is implemented using systrace(4) in unsupervised "fast-path" mode, where a list of permitted syscalls is supplied. Any syscall not on the list results in SIGKILL being sent to the privsep child. Note that this requires a kernel with the new SYSTR_POLICY_KILL option. UsePrivilegeSeparation=sandbox will become the default in the future so please start testing it now. feedback dtucker@; ok markus@