From 5ee8448ad7c306f05a9f56769f95336a8269f379 Mon Sep 17 00:00:00 2001 From: "job@openbsd.org" Date: Wed, 4 Apr 2018 15:12:17 +0000 Subject: upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for interactive and CS1 for bulk AF21 was selected as this is the highest priority within the low-latency service class (and it is higher than what we have today). SSH is elastic and time-sensitive data, where a user is waiting for a response via the network in order to continue with a task at hand. As such, these flows should be considered foreground traffic, with delays or drops to such traffic directly impacting user-productivity. For bulk SSH traffic, the CS1 "Lower Effort" marker was chosen to enable networks implementing a scavanger/lower-than-best effort class to discriminate scp(1) below normal activities, such as web surfing. In general this type of bulk SSH traffic is a background activity. An advantage of using "AF21" for interactive SSH and "CS1" for bulk SSH is that they are recognisable values on all common platforms (IANA https://www.iana.org/assignments/dscp-registry/dscp-registry.xml), and for AF21 specifically a definition of the intended behavior exists https://tools.ietf.org/html/rfc4594#section-4.7 in addition to the definition of the Assured Forwarding PHB group https://tools.ietf.org/html/rfc2597, and for CS1 (Lower Effort) there is https://tools.ietf.org/html/rfc3662 The first three bits of "AF21" map to the equivalent IEEEE 802.1D PCP, IEEE 802.11e, MPLS EXP/CoS and IP Precedence value of 2 (also known as "Immediate", or "AC_BE"), and CS1's first 3 bits map to IEEEE 802.1D PCP, IEEE 802.11e, MPLS/CoS and IP Precedence value 1 ("Background" or "AC_BK"). OK deraadt@, "no objection" djm@ OpenBSD-Commit-ID: d11d2a4484f461524ef0c20870523dfcdeb52181 --- readconf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index 88051db57..f69b46547 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.283 2018/02/23 15:58:37 markus Exp $ */ +/* $OpenBSD: readconf.c,v 1.284 2018/04/04 15:12:17 job Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1998,9 +1998,9 @@ fill_default_options(Options * options) if (options->visual_host_key == -1) options->visual_host_key = 0; if (options->ip_qos_interactive == -1) - options->ip_qos_interactive = IPTOS_LOWDELAY; + options->ip_qos_interactive = IPTOS_DSCP_AF21; if (options->ip_qos_bulk == -1) - options->ip_qos_bulk = IPTOS_THROUGHPUT; + options->ip_qos_bulk = IPTOS_DSCP_CS1; if (options->request_tty == -1) options->request_tty = REQUEST_TTY_AUTO; if (options->proxy_use_fdpass == -1) -- cgit v1.2.3 From 30fd7f9af0f553aaa2eeda5a1f53f26cfc222b5e Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 6 Apr 2018 03:51:27 +0000 Subject: upstream: add a couple of missed options to the config dump; patch from Jakub Jelen via bz2835 OpenBSD-Commit-ID: 5970adadf6ef206bee0dddfc75d24c2019861446 --- readconf.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index f69b46547..ae1c31da0 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.284 2018/04/04 15:12:17 job Exp $ */ +/* $OpenBSD: readconf.c,v 1.285 2018/04/06 03:51:27 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2348,6 +2348,8 @@ fmt_intarg(OpCodes code, int val) return fmt_multistate_int(val, multistate_requesttty); case oCanonicalizeHostname: return fmt_multistate_int(val, multistate_canonicalizehostname); + case oAddKeysToAgent: + return fmt_multistate_int(val, multistate_yesnoaskconfirm); case oFingerprintHash: return ssh_digest_alg_name(val); default: @@ -2467,6 +2469,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_int(oPort, o->port); /* Flag options */ + dump_cfg_fmtint(oAddKeysToAgent, o->add_keys_to_agent); dump_cfg_fmtint(oAddressFamily, o->address_family); dump_cfg_fmtint(oBatchMode, o->batch_mode); dump_cfg_fmtint(oCanonicalizeFallbackLocal, o->canonicalize_fallback_local); @@ -2523,6 +2526,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_string(oHostKeyAlias, o->host_key_alias); dump_cfg_string(oHostbasedKeyTypes, o->hostbased_key_types); dump_cfg_string(oIdentityAgent, o->identity_agent); + dump_cfg_string(oIgnoreUnknown, o->ignored_unknown); dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); dump_cfg_string(oLocalCommand, o->local_command); @@ -2545,6 +2549,7 @@ dump_client_config(Options *o, const char *host) /* String array options */ dump_cfg_strarray(oIdentityFile, o->num_identity_files, o->identity_files); dump_cfg_strarray_oneline(oCanonicalDomains, o->num_canonical_domains, o->canonical_domains); + dump_cfg_strarray(oCertificateFile, o->num_certificate_files, o->certificate_files); dump_cfg_strarray_oneline(oGlobalKnownHostsFile, o->num_system_hostfiles, o->system_hostfiles); dump_cfg_strarray_oneline(oUserKnownHostsFile, o->num_user_hostfiles, o->user_hostfiles); dump_cfg_strarray(oSendEnv, o->num_send_env, o->send_env); @@ -2605,6 +2610,9 @@ dump_client_config(Options *o, const char *host) printf("streamlocalbindmask 0%o\n", o->fwd_opts.streamlocal_bind_mask); + /* oLogFacility */ + printf("syslogfacility %s\n", log_facility_name(o->log_facility)); + /* oProxyCommand / oProxyJump */ if (o->jump_host == NULL) dump_cfg_string(oProxyCommand, o->proxy_command); -- cgit v1.2.3 From 555294a7279914ae6795b71bedf4e6011b7636df Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 6 Apr 2018 13:02:39 +0000 Subject: upstream: Allow "SendEnv -PATTERN" to clear environment variables previously labeled for sendind. bz#1285 ok dtucker@ OpenBSD-Commit-ID: f6fec9e3d0f366f15903094fbe1754cb359a0df9 --- readconf.c | 48 ++++++++++++++++++++++++++++++++++++++++++------ ssh_config.5 | 11 ++++++++--- 2 files changed, 50 insertions(+), 9 deletions(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index ae1c31da0..5a1055bcb 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.285 2018/04/06 03:51:27 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.286 2018/04/06 13:02:39 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -684,6 +684,35 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, return result; } +/* Remove environment variable by pattern */ +static void +rm_env(Options *options, const char *arg, const char *filename, int linenum) +{ + int i, j; + char *cp; + + /* Remove an environment variable */ + for (i = 0; i < options->num_send_env; ) { + cp = xstrdup(options->send_env[i]); + if (!match_pattern(cp, arg + 1)) { + free(cp); + i++; + continue; + } + debug3("%s line %d: removing environment %s", + filename, linenum, cp); + free(cp); + free(options->send_env[i]); + options->send_env[i] = NULL; + for (j = i; j < options->num_send_env - 1; j++) { + options->send_env[j] = options->send_env[j + 1]; + options->send_env[j + 1] = NULL; + } + options->num_send_env--; + /* NB. don't increment i */ + } +} + /* * Returns the number of the token pointed to by cp or oBadOption. */ @@ -1359,11 +1388,18 @@ parse_keytypes: filename, linenum); if (!*activep) continue; - if (options->num_send_env >= MAX_SEND_ENV) - fatal("%s line %d: too many send env.", - filename, linenum); - options->send_env[options->num_send_env++] = - xstrdup(arg); + if (*arg == '-') { + /* Removing an env var */ + rm_env(options, arg, filename, linenum); + continue; + } else { + /* Adding an env var */ + if (options->num_send_env >= MAX_SEND_ENV) + fatal("%s line %d: too many send env.", + filename, linenum); + options->send_env[options->num_send_env++] = + xstrdup(arg); + } } break; diff --git a/ssh_config.5 b/ssh_config.5 index 75a21b595..0e3c4db2e 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.270 2018/04/05 22:54:28 djm Exp $ -.Dd $Mdocdate: April 5 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.271 2018/04/06 13:02:39 djm Exp $ +.Dd $Mdocdate: April 6 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1394,11 +1394,16 @@ Multiple environment variables may be separated by whitespace or spread across multiple .Cm SendEnv directives. -The default is not to send any environment variables. .Pp See .Sx PATTERNS for more information on patterns. +.Pp +It is possible to clear previously-set +.Cm SendEnv +variable names by prefixing patterns with +.Pa - . +The default is not to send any environment variables. .It Cm ServerAliveCountMax Sets the number of server alive messages (see below) which may be sent without -- cgit v1.2.3 From 4b22fd8ecefd059a66140be67f352eb6145a9d88 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 22 May 2018 00:13:26 +0000 Subject: upstream: support ProxyJump=none to disable ProxyJump functionality; bz#2869 ok dtucker@ OpenBSD-Commit-ID: 1c06ee08eb78451b5837fcfd8cbebc5ff3a67a01 --- readconf.c | 31 ++++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index 5a1055bcb..7b7a0d7e0 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.286 2018/04/06 13:02:39 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.287 2018/05/22 00:13:26 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2072,6 +2072,12 @@ fill_default_options(Options * options) CLEAR_ON_NONE(options->proxy_command); CLEAR_ON_NONE(options->control_path); CLEAR_ON_NONE(options->revoked_host_keys); + if (options->jump_host != NULL && + strcmp(options->jump_host, "none") == 0 && + options->jump_port == 0 && options->jump_user == NULL) { + free(options->jump_host); + options->jump_host = NULL; + } /* options->identity_agent distinguishes NULL from 'none' */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ @@ -2300,6 +2306,8 @@ parse_jump(const char *s, Options *o, int active) orig = sdup = xstrdup(s); first = active; do { + if (strcasecmp(s, "none") == 0) + break; if ((cp = strrchr(sdup, ',')) == NULL) cp = sdup; /* last */ else @@ -2320,14 +2328,19 @@ parse_jump(const char *s, Options *o, int active) } while (cp != sdup); /* success */ if (active) { - o->jump_user = user; - o->jump_host = host; - o->jump_port = port; - o->proxy_command = xstrdup("none"); - user = host = NULL; - if ((cp = strrchr(s, ',')) != NULL && cp != s) { - o->jump_extra = xstrdup(s); - o->jump_extra[cp - s] = '\0'; + if (strcasecmp(s, "none") == 0) { + o->jump_host = xstrdup("none"); + o->jump_port = 0; + } else { + o->jump_user = user; + o->jump_host = host; + o->jump_port = port; + o->proxy_command = xstrdup("none"); + user = host = NULL; + if ((cp = strrchr(s, ',')) != NULL && cp != s) { + o->jump_extra = xstrdup(s); + o->jump_extra[cp - s] = '\0'; + } } } ret = 0; -- cgit v1.2.3 From 9c935dd9bf05628826ad2495d3e8bdf3d3271c21 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 1 Jun 2018 03:33:53 +0000 Subject: upstream: make UID available as a %-expansion everywhere that the username is available currently. In the client this is via %i, in the server %U (since %i was already used in the client in some places for this, but used for something different in the server); bz#2870, ok dtucker@ OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95 --- auth.c | 8 +++++--- auth2-pubkey.c | 12 +++++++++--- readconf.c | 6 +++++- session.c | 8 +++++--- sftp-server.c | 8 +++++--- ssh.c | 30 ++++++++++++++++++++++-------- ssh_config.5 | 14 +++++++------- sshd_config.5 | 16 +++++++++------- 8 files changed, 67 insertions(+), 35 deletions(-) (limited to 'readconf.c') diff --git a/auth.c b/auth.c index 0b7a335fc..573cd03b0 100644 --- a/auth.c +++ b/auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth.c,v 1.128 2018/05/25 07:11:01 djm Exp $ */ +/* $OpenBSD: auth.c,v 1.129 2018/06/01 03:33:53 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -422,11 +422,13 @@ auth_root_allowed(struct ssh *ssh, const char *method) char * expand_authorized_keys(const char *filename, struct passwd *pw) { - char *file, ret[PATH_MAX]; + char *file, uidstr[32], ret[PATH_MAX]; int i; + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)pw->pw_uid); file = percent_expand(filename, "h", pw->pw_dir, - "u", pw->pw_name, (char *)NULL); + "u", pw->pw_name, "U", uidstr, (char *)NULL); /* * Ensure that filename starts anchored. If not, be backward diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 8024b1d6a..5603f5ef3 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.77 2018/03/03 03:15:51 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.78 2018/06/01 03:33:53 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -387,7 +387,7 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, pid_t pid; char *tmp, *username = NULL, *command = NULL, **av = NULL; char *ca_fp = NULL, *key_fp = NULL, *catext = NULL, *keytext = NULL; - char serial_s[16]; + char serial_s[16], uidstr[32]; void (*osigchld)(int); if (authoptsp != NULL) @@ -447,8 +447,11 @@ match_principals_command(struct ssh *ssh, struct passwd *user_pw, } snprintf(serial_s, sizeof(serial_s), "%llu", (unsigned long long)cert->serial); + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)user_pw->pw_uid); for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], + "U", uidstr, "u", user_pw->pw_name, "h", user_pw->pw_dir, "t", sshkey_ssh_name(key), @@ -852,7 +855,7 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, int i, uid_swapped = 0, ac = 0; pid_t pid; char *username = NULL, *key_fp = NULL, *keytext = NULL; - char *tmp, *command = NULL, **av = NULL; + char uidstr[32], *tmp, *command = NULL, **av = NULL; void (*osigchld)(int); if (authoptsp != NULL) @@ -902,8 +905,11 @@ user_key_command_allowed2(struct ssh *ssh, struct passwd *user_pw, command); goto out; } + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)user_pw->pw_uid); for (i = 1; i < ac; i++) { tmp = percent_expand(av[i], + "U", uidstr, "u", user_pw->pw_name, "h", user_pw->pw_dir, "t", sshkey_ssh_name(key), diff --git a/readconf.c b/readconf.c index 7b7a0d7e0..9c4a234b5 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.287 2018/05/22 00:13:26 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.288 2018/06/01 03:33:53 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -551,6 +551,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, const char *ruser; int r, port, this_result, result = 1, attributes = 0, negate; char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; + char uidstr[32]; /* * Configuration is likely to be incomplete at this point so we @@ -631,6 +632,8 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, strlcpy(shorthost, thishost, sizeof(shorthost)); shorthost[strcspn(thishost, ".")] = '\0'; snprintf(portstr, sizeof(portstr), "%d", port); + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)pw->pw_uid); cmd = percent_expand(arg, "L", shorthost, @@ -641,6 +644,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, "p", portstr, "r", ruser, "u", pw->pw_name, + "i", uidstr, (char *)NULL); if (result != 1) { /* skip execution if prior predicate failed */ diff --git a/session.c b/session.c index 58826db16..5ceebff51 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.294 2018/03/03 03:15:51 djm Exp $ */ +/* $OpenBSD: session.c,v 1.295 2018/06/01 03:33:53 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -1324,7 +1324,7 @@ safely_chroot(const char *path, uid_t uid) void do_setusercontext(struct passwd *pw) { - char *chroot_path, *tmp; + char uidstr[32], *chroot_path, *tmp; platform_setusercontext(pw); @@ -1356,8 +1356,10 @@ do_setusercontext(struct passwd *pw) strcasecmp(options.chroot_directory, "none") != 0) { tmp = tilde_expand_filename(options.chroot_directory, pw->pw_uid); + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)pw->pw_uid); chroot_path = percent_expand(tmp, "h", pw->pw_dir, - "u", pw->pw_name, (char *)NULL); + "u", pw->pw_name, "U", uidstr, (char *)NULL); safely_chroot(chroot_path, pw->pw_uid); free(tmp); free(chroot_path); diff --git a/sftp-server.c b/sftp-server.c index df0fb5068..ab1b063f2 100644 --- a/sftp-server.c +++ b/sftp-server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sftp-server.c,v 1.111 2017/04/04 00:24:56 djm Exp $ */ +/* $OpenBSD: sftp-server.c,v 1.112 2018/06/01 03:33:53 djm Exp $ */ /* * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * @@ -1503,7 +1503,7 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) int i, r, in, out, max, ch, skipargs = 0, log_stderr = 0; ssize_t len, olen, set_size; SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; - char *cp, *homedir = NULL, buf[4*4096]; + char *cp, *homedir = NULL, uidstr[32], buf[4*4096]; long mask; extern char *optarg; @@ -1554,8 +1554,10 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) break; case 'd': cp = tilde_expand_filename(optarg, user_pw->pw_uid); + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)pw->pw_uid); homedir = percent_expand(cp, "d", user_pw->pw_dir, - "u", user_pw->pw_name, (char *)NULL); + "u", user_pw->pw_name, "U", uidstr, (char *)NULL); free(cp); break; case 'p': diff --git a/ssh.c b/ssh.c index 40e63c325..d25960bce 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.478 2018/06/01 03:11:49 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.479 2018/06/01 03:33:53 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1278,7 +1278,8 @@ main(int ac, char **av) strlcpy(shorthost, thishost, sizeof(shorthost)); shorthost[strcspn(thishost, ".")] = '\0'; snprintf(portstr, sizeof(portstr), "%d", options.port); - snprintf(uidstr, sizeof(uidstr), "%d", pw->pw_uid); + snprintf(uidstr, sizeof(uidstr), "%llu", + (unsigned long long)pw->pw_uid); if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL || ssh_digest_update(md, thishost, strlen(thishost)) < 0 || @@ -1303,6 +1304,7 @@ main(int ac, char **av) "L", shorthost, "d", pw->pw_dir, "h", host, + "i", uidstr, "l", thishost, "n", host_arg, "p", portstr, @@ -1323,6 +1325,7 @@ main(int ac, char **av) "C", conn_hash_hex, "L", shorthost, "h", host, + "i", uidstr, "l", thishost, "n", host_arg, "p", portstr, @@ -1501,9 +1504,14 @@ main(int ac, char **av) } else { p = tilde_expand_filename(options.identity_agent, original_real_uid); - cp = percent_expand(p, "d", pw->pw_dir, - "u", pw->pw_name, "l", thishost, "h", host, - "r", options.user, (char *)NULL); + cp = percent_expand(p, + "d", pw->pw_dir, + "h", host, + "i", uidstr, + "l", thishost, + "r", options.user, + "u", pw->pw_name, + (char *)NULL); setenv(SSH_AUTHSOCKET_ENV_NAME, cp, 1); free(cp); free(p); @@ -1908,6 +1916,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw) "L", shorthost, "d", pw->pw_dir, "h", host, + "i", uidstr, "l", thishost, "n", host_arg, "p", portstr, @@ -2106,9 +2115,14 @@ load_public_identity_files(struct passwd *pw) for (i = 0; i < options.num_certificate_files; i++) { cp = tilde_expand_filename(options.certificate_files[i], original_real_uid); - filename = percent_expand(cp, "d", pw->pw_dir, - "u", pw->pw_name, "l", thishost, "h", host, - "r", options.user, (char *)NULL); + filename = percent_expand(cp, + "d", pw->pw_dir, + "h", host, + "i", host, + "l", thishost, + "r", options.user, + "u", pw->pw_name, + (char *)NULL); free(cp); public = key_load_public(filename, NULL); diff --git a/ssh_config.5 b/ssh_config.5 index bcd18a872..94c12bdda 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.273 2018/04/10 00:10:49 djm Exp $ -.Dd $Mdocdate: April 10 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.274 2018/06/01 03:33:53 djm Exp $ +.Dd $Mdocdate: June 1 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1743,10 +1743,10 @@ The local username. .El .Pp .Cm Match exec -accepts the tokens %%, %h, %L, %l, %n, %p, %r, and %u. +accepts the tokens %%, %h, %i, %L, %l, %n, %p, %r, and %u. .Pp .Cm CertificateFile -accepts the tokens %%, %d, %h, %l, %r, and %u. +accepts the tokens %%, %d, %h, %i %l, %r, and %u. .Pp .Cm ControlPath accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and %u. @@ -1757,16 +1757,16 @@ accepts the tokens %% and %h. .Cm IdentityAgent and .Cm IdentityFile -accept the tokens %%, %d, %h, %l, %r, and %u. +accept the tokens %%, %d, %h, %i %l, %r, and %u. .Pp .Cm LocalCommand -accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, %T, and %u. +accepts the tokens %%, %C, %d, %h, %i %l, %n, %p, %r, %T, and %u. .Pp .Cm ProxyCommand accepts the tokens %%, %h, %p, and %r. .Pp .Cm RemoteCommand -accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, and %u. +accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and %u. .Sh FILES .Bl -tag -width Ds .It Pa ~/.ssh/config diff --git a/sshd_config.5 b/sshd_config.5 index 95dbc1d12..1d6e0d1e4 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.266 2018/05/15 05:40:11 jmc Exp $ -.Dd $Mdocdate: May 15 2018 $ +.\" $OpenBSD: sshd_config.5,v 1.267 2018/06/01 03:33:53 djm Exp $ +.Dd $Mdocdate: June 1 2018 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -1689,24 +1689,26 @@ The serial number of the certificate. The type of the CA key. .It %t The key or certificate type. +.It %U +The numeric user-id id of the target user. .It %u The username. .El .Pp .Cm AuthorizedKeysCommand -accepts the tokens %%, %f, %h, %k, %t, and %u. +accepts the tokens %%, %f, %h, %k, %t, %U and %u. .Pp .Cm AuthorizedKeysFile -accepts the tokens %%, %h, and %u. +accepts the tokens %%, %h, %U and %u. .Pp .Cm AuthorizedPrincipalsCommand -accepts the tokens %%, %F, %f, %h, %i, %K, %k, %s, %T, %t, and %u. +accepts the tokens %%, %F, %f, %h, %i, %K, %k, %s, %T, %t, %U and %u. .Pp .Cm AuthorizedPrincipalsFile -accepts the tokens %%, %h, and %u. +accepts the tokens %%, %h, and %U %u. .Pp .Cm ChrootDirectory -accepts the tokens %%, %h, and %u. +accepts the tokens %%, %h, and %U %u. .Pp .Cm RoutingDomain accepts the token %D. -- cgit v1.2.3 From 7f90635216851f6cb4bf3999e98b825f85d604f8 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Wed, 6 Jun 2018 18:29:18 +0000 Subject: upstream: switch config file parsing to getline(3) as this avoids static limits noted by gerhard@; ok dtucker@, djm@ OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c --- auth2-pubkey.c | 16 +++++++++++----- authfile.c | 22 +++++++++++----------- dh.c | 18 ++++++++++++------ hostfile.c | 15 +++++++++------ misc.c | 27 +-------------------------- misc.h | 3 +-- readconf.c | 10 +++++----- servconf.c | 10 +++++----- session.c | 11 ++++++----- ssh-keygen.c | 25 +++++++++++++++++-------- ssh-keyscan.c | 12 +++++------- ssh.h | 9 +-------- 12 files changed, 84 insertions(+), 94 deletions(-) (limited to 'readconf.c') diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 5603f5ef3..3ccc3a213 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-pubkey.c,v 1.78 2018/06/01 03:33:53 djm Exp $ */ +/* $OpenBSD: auth2-pubkey.c,v 1.79 2018/06/06 18:29:18 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -319,14 +319,16 @@ static int process_principals(struct ssh *ssh, FILE *f, const char *file, const struct sshkey_cert *cert, struct sshauthopt **authoptsp) { - char loc[256], line[SSH_MAX_PUBKEY_BYTES], *cp, *ep; + char loc[256], *line = NULL, *cp, *ep; + size_t linesize = 0; u_long linenum = 0; u_int found_principal = 0; if (authoptsp != NULL) *authoptsp = NULL; - while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { + while (getline(&line, &linesize, f) != -1) { + linenum++; /* Always consume entire input */ if (found_principal) continue; @@ -344,6 +346,7 @@ process_principals(struct ssh *ssh, FILE *f, const char *file, if (check_principals_line(ssh, cp, cert, loc, authoptsp) == 0) found_principal = 1; } + free(line); return found_principal; } @@ -687,14 +690,16 @@ static int check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f, char *file, struct sshkey *key, struct sshauthopt **authoptsp) { - char *cp, line[SSH_MAX_PUBKEY_BYTES], loc[256]; + char *cp, *line = NULL, loc[256]; + size_t linesize = 0; int found_key = 0; u_long linenum = 0; if (authoptsp != NULL) *authoptsp = NULL; - while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { + while (getline(&line, &linesize, f) != -1) { + linenum++; /* Always consume entire file */ if (found_key) continue; @@ -708,6 +713,7 @@ check_authkeys_file(struct ssh *ssh, struct passwd *pw, FILE *f, if (check_authkey_line(ssh, pw, key, cp, loc, authoptsp) == 0) found_key = 1; } + free(line); return found_key; } diff --git a/authfile.c b/authfile.c index 57dcd808c..c3a6345d3 100644 --- a/authfile.c +++ b/authfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfile.c,v 1.128 2018/02/23 15:58:37 markus Exp $ */ +/* $OpenBSD: authfile.c,v 1.129 2018/06/06 18:29:18 markus Exp $ */ /* * Copyright (c) 2000, 2013 Markus Friedl. All rights reserved. * @@ -265,17 +265,15 @@ static int sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) { FILE *f; - char line[SSH_MAX_PUBKEY_BYTES]; - char *cp; - u_long linenum = 0; + char *line = NULL, *cp; + size_t linesize = 0; int r; if (commentp != NULL) *commentp = NULL; if ((f = fopen(filename, "r")) == NULL) return SSH_ERR_SYSTEM_ERROR; - while (read_keyfile_line(f, filename, line, sizeof(line), - &linenum) != -1) { + while (getline(&line, &linesize, f) != -1) { cp = line; switch (*cp) { case '#': @@ -299,11 +297,13 @@ sshkey_try_load_public(struct sshkey *k, const char *filename, char **commentp) if (*commentp == NULL) r = SSH_ERR_ALLOC_FAIL; } + free(line); fclose(f); return r; } } } + free(line); fclose(f); return SSH_ERR_INVALID_FORMAT; } @@ -447,19 +447,18 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, int check_ca) { FILE *f; - char line[SSH_MAX_PUBKEY_BYTES]; - char *cp; - u_long linenum = 0; + char *line = NULL, *cp; + size_t linesize = 0; int r = 0; struct sshkey *pub = NULL; + int (*sshkey_compare)(const struct sshkey *, const struct sshkey *) = strict_type ? sshkey_equal : sshkey_equal_public; if ((f = fopen(filename, "r")) == NULL) return SSH_ERR_SYSTEM_ERROR; - while (read_keyfile_line(f, filename, line, sizeof(line), - &linenum) != -1) { + while (getline(&line, &linesize, f) != -1) { cp = line; /* Skip leading whitespace. */ @@ -491,6 +490,7 @@ sshkey_in_file(struct sshkey *key, const char *filename, int strict_type, } r = SSH_ERR_KEY_NOT_FOUND; out: + free(line); sshkey_free(pub); fclose(f); return r; diff --git a/dh.c b/dh.c index 46afba033..16eb13276 100644 --- a/dh.c +++ b/dh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dh.c,v 1.63 2018/02/07 02:06:50 jsing Exp $ */ +/* $OpenBSD: dh.c,v 1.64 2018/06/06 18:29:18 markus Exp $ */ /* * Copyright (c) 2000 Niels Provos. All rights reserved. * @@ -145,9 +145,9 @@ DH * choose_dh(int min, int wantbits, int max) { FILE *f; - char line[4096]; - int best, bestcount, which; - int linenum; + char *line = NULL; + size_t linesize = 0; + int best, bestcount, which, linenum; struct dhgroup dhg; if ((f = fopen(_PATH_DH_MODULI, "r")) == NULL) { @@ -158,7 +158,7 @@ choose_dh(int min, int wantbits, int max) linenum = 0; best = bestcount = 0; - while (fgets(line, sizeof(line), f)) { + while (getline(&line, &linesize, f) != -1) { linenum++; if (!parse_prime(linenum, line, &dhg)) continue; @@ -176,6 +176,9 @@ choose_dh(int min, int wantbits, int max) if (dhg.size == best) bestcount++; } + free(line); + line = NULL; + linesize = 0; rewind(f); if (bestcount == 0) { @@ -186,7 +189,8 @@ choose_dh(int min, int wantbits, int max) linenum = 0; which = arc4random_uniform(bestcount); - while (fgets(line, sizeof(line), f)) { + while (getline(&line, &linesize, f) != -1) { + linenum++; if (!parse_prime(linenum, line, &dhg)) continue; if ((dhg.size > max || dhg.size < min) || @@ -198,6 +202,8 @@ choose_dh(int min, int wantbits, int max) } break; } + free(line); + line = NULL; fclose(f); if (linenum != which+1) { logit("WARNING: line %d disappeared in %s, giving up", diff --git a/hostfile.c b/hostfile.c index 12f174ff9..e08339379 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.71 2017/05/31 09:15:42 deraadt Exp $ */ +/* $OpenBSD: hostfile.c,v 1.72 2018/06/06 18:29:18 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -663,14 +663,14 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, const char *host, const char *ip, u_int options) { FILE *f; - char line[8192], oline[8192], ktype[128]; + char *line = NULL, ktype[128]; u_long linenum = 0; char *cp, *cp2; u_int kbits; int hashed; int s, r = 0; struct hostkey_foreach_line lineinfo; - size_t l; + size_t linesize = 0, l; memset(&lineinfo, 0, sizeof(lineinfo)); if (host == NULL && (options & HKF_WANT_MATCH) != 0) @@ -679,15 +679,16 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, return SSH_ERR_SYSTEM_ERROR; debug3("%s: reading file \"%s\"", __func__, path); - while (read_keyfile_line(f, path, line, sizeof(line), &linenum) == 0) { + while (getline(&line, &linesize, f) != -1) { + linenum++; line[strcspn(line, "\n")] = '\0'; - strlcpy(oline, line, sizeof(oline)); sshkey_free(lineinfo.key); memset(&lineinfo, 0, sizeof(lineinfo)); lineinfo.path = path; lineinfo.linenum = linenum; - lineinfo.line = oline; + free(lineinfo.line); + lineinfo.line = xstrdup(line); lineinfo.marker = MRK_NONE; lineinfo.status = HKF_STATUS_OK; lineinfo.keytype = KEY_UNSPEC; @@ -826,6 +827,8 @@ hostkeys_foreach(const char *path, hostkeys_foreach_fn *callback, void *ctx, break; } sshkey_free(lineinfo.key); + free(lineinfo.line); + free(line); fclose(f); return r; } diff --git a/misc.c b/misc.c index 874dcc8a2..3e62320ab 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.127 2018/03/12 00:52:01 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.128 2018/06/06 18:29:18 markus Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -1005,31 +1005,6 @@ percent_expand(const char *string, ...) #undef EXPAND_MAX_KEYS } -/* - * Read an entire line from a public key file into a static buffer, discarding - * lines that exceed the buffer size. Returns 0 on success, -1 on failure. - */ -int -read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, - u_long *lineno) -{ - while (fgets(buf, bufsz, f) != NULL) { - if (buf[0] == '\0') - continue; - (*lineno)++; - if (buf[strlen(buf) - 1] == '\n' || feof(f)) { - return 0; - } else { - debug("%s: %s line %lu exceeds size limit", __func__, - filename, *lineno); - /* discard remainder of line */ - while (fgetc(f) != '\n' && !feof(f)) - ; /* nothing */ - } - } - return -1; -} - int tun_open(int tun, int mode, char **ifname) { diff --git a/misc.h b/misc.h index cdafea735..daa4abc4c 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.71 2018/03/12 00:52:01 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.72 2018/06/06 18:29:18 markus Exp $ */ /* * Author: Tatu Ylonen @@ -166,7 +166,6 @@ int safe_path_fd(int, const char *, struct passwd *, char *read_passphrase(const char *, int); int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); -int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); #define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) diff --git a/readconf.c b/readconf.c index 9c4a234b5..733b67f76 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.288 2018/06/01 03:33:53 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.289 2018/06/06 18:29:18 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1728,7 +1728,8 @@ read_config_file_depth(const char *filename, struct passwd *pw, int flags, int *activep, int depth) { FILE *f; - char line[4096]; + char *line = NULL; + size_t linesize = 0; int linenum; int bad_options = 0; @@ -1755,15 +1756,14 @@ read_config_file_depth(const char *filename, struct passwd *pw, * on/off by Host specifications. */ linenum = 0; - while (fgets(line, sizeof(line), f)) { + while (getline(&line, &linesize, f) != -1) { /* Update line number counter. */ linenum++; - if (strlen(line) == sizeof(line) - 1) - fatal("%s line %d too long", filename, linenum); if (process_config_line_depth(options, pw, host, original_host, line, filename, linenum, activep, flags, depth) != 0) bad_options++; } + free(line); fclose(f); if (bad_options > 0) fatal("%s: terminating, %d bad configuration options", diff --git a/servconf.c b/servconf.c index 3c41490b3..f55b66736 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.330 2018/06/06 18:23:32 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.331 2018/06/06 18:29:18 markus Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -2103,7 +2103,8 @@ process_server_config_line(ServerOptions *options, char *line, void load_server_config(const char *filename, Buffer *conf) { - char line[4096], *cp; + char *line = NULL, *cp; + size_t linesize = 0; FILE *f; int lineno = 0; @@ -2113,10 +2114,8 @@ load_server_config(const char *filename, Buffer *conf) exit(1); } buffer_clear(conf); - while (fgets(line, sizeof(line), f)) { + while (getline(&line, &linesize, f) != -1) { lineno++; - if (strlen(line) == sizeof(line) - 1) - fatal("%s line %d too long", filename, lineno); /* * Trim out comments and strip whitespace * NB - preserve newlines, they are needed to reproduce @@ -2128,6 +2127,7 @@ load_server_config(const char *filename, Buffer *conf) buffer_append(conf, cp, strlen(cp)); } + free(line); buffer_append(conf, "\0", 1); fclose(f); debug2("%s: done config len = %d", __func__, buffer_len(conf)); diff --git a/session.c b/session.c index e72fcb0a8..511fc4e87 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.297 2018/06/06 18:23:32 djm Exp $ */ +/* $OpenBSD: session.c,v 1.298 2018/06/06 18:29:18 markus Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -873,18 +873,18 @@ read_environment_file(char ***env, u_int *envsize, const char *filename) { FILE *f; - char buf[4096]; - char *cp, *value; + char *line = NULL, *cp, *value; + size_t linesize = 0; u_int lineno = 0; f = fopen(filename, "r"); if (!f) return; - while (fgets(buf, sizeof(buf), f)) { + while (getline(&line, &linesize, f) != -1) { if (++lineno > 1000) fatal("Too many lines in environment file %s", filename); - for (cp = buf; *cp == ' ' || *cp == '\t'; cp++) + for (cp = line; *cp == ' ' || *cp == '\t'; cp++) ; if (!*cp || *cp == '#' || *cp == '\n') continue; @@ -905,6 +905,7 @@ read_environment_file(char ***env, u_int *envsize, value++; child_set_env(env, envsize, cp, value); } + free(line); fclose(f); } diff --git a/ssh-keygen.c b/ssh-keygen.c index 2568c00e8..ccebbaf76 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.316 2018/06/01 04:21:29 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.317 2018/06/06 18:29:18 markus Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -870,7 +870,8 @@ do_fingerprint(struct passwd *pw) { FILE *f; struct sshkey *public = NULL; - char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; + char *comment = NULL, *cp, *ep, *line = NULL; + size_t linesize = 0; int i, invalid = 1; const char *path; u_long lnum = 0; @@ -885,7 +886,8 @@ do_fingerprint(struct passwd *pw) } else if ((f = fopen(path, "r")) == NULL) fatal("%s: %s: %s", __progname, path, strerror(errno)); - while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) { + while (getline(&line, &linesize, f) != -1) { + lnum++; cp = line; cp[strcspn(cp, "\n")] = '\0'; /* Trim leading space and comments */ @@ -905,6 +907,7 @@ do_fingerprint(struct passwd *pw) */ if (lnum == 1 && strcmp(identity_file, "-") != 0 && strstr(cp, "PRIVATE KEY") != NULL) { + free(line); fclose(f); fingerprint_private(path); exit(0); @@ -951,6 +954,7 @@ do_fingerprint(struct passwd *pw) invalid = 0; /* One good key in the file is sufficient */ } fclose(f); + free(line); if (invalid) fatal("%s is not a public key file.", path); @@ -2004,8 +2008,9 @@ do_show_cert(struct passwd *pw) struct stat st; int r, is_stdin = 0, ok = 0; FILE *f; - char *cp, line[SSH_MAX_PUBKEY_BYTES]; + char *cp, *line = NULL; const char *path; + size_t linesize = 0; u_long lnum = 0; if (!have_identity) @@ -2021,7 +2026,8 @@ do_show_cert(struct passwd *pw) } else if ((f = fopen(identity_file, "r")) == NULL) fatal("fopen %s: %s", identity_file, strerror(errno)); - while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) { + while (getline(&line, &linesize, f) != -1) { + lnum++; sshkey_free(key); key = NULL; /* Trim leading space and comments */ @@ -2046,6 +2052,7 @@ do_show_cert(struct passwd *pw) printf("%s:%lu:\n", path, lnum); print_cert(key); } + free(line); sshkey_free(key); fclose(f); exit(ok ? 0 : 1); @@ -2077,7 +2084,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, { struct sshkey *key = NULL; u_long lnum = 0; - char *path, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; + char *path, *cp, *ep, *line = NULL; + size_t linesize = 0; unsigned long long serial, serial2; int i, was_explicit_key, was_sha1, r; FILE *krl_spec; @@ -2092,8 +2100,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, if (!quiet) printf("Revoking from %s\n", path); - while (read_keyfile_line(krl_spec, path, line, sizeof(line), - &lnum) == 0) { + while (getline(&line, &linesize, krl_spec) != -1) { + lnum++; was_explicit_key = was_sha1 = 0; cp = line + strspn(line, " \t"); /* Trim trailing space, comments and strip \n */ @@ -2193,6 +2201,7 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca, } if (strcmp(path, "-") != 0) fclose(krl_spec); + free(line); free(path); } diff --git a/ssh-keyscan.c b/ssh-keyscan.c index 381fb0844..38b1c548b 100644 --- a/ssh-keyscan.c +++ b/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.119 2018/03/02 21:40:15 jmc Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.120 2018/06/06 18:29:18 markus Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -646,9 +646,9 @@ main(int argc, char **argv) { int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO; int opt, fopt_count = 0, j; - char *tname, *cp, line[NI_MAXHOST]; + char *tname, *cp, *line = NULL; + size_t linesize = 0; FILE *fp; - u_long linenum; extern int optind; extern char *optarg; @@ -769,11 +769,8 @@ main(int argc, char **argv) else if ((fp = fopen(argv[j], "r")) == NULL) fatal("%s: %s: %s", __progname, argv[j], strerror(errno)); - linenum = 0; - while (read_keyfile_line(fp, - argv[j] == NULL ? "(stdin)" : argv[j], line, sizeof(line), - &linenum) != -1) { + while (getline(&line, &linesize, fp) != -1) { /* Chomp off trailing whitespace and comments */ if ((cp = strchr(line, '#')) == NULL) cp = line + strlen(line) - 1; @@ -798,6 +795,7 @@ main(int argc, char **argv) fclose(fp); } + free(line); while (optind < argc) do_host(argv[optind++]); diff --git a/ssh.h b/ssh.h index 12d800922..5abfd7a68 100644 --- a/ssh.h +++ b/ssh.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.h,v 1.87 2017/05/07 23:15:59 djm Exp $ */ +/* $OpenBSD: ssh.h,v 1.88 2018/06/06 18:29:18 markus Exp $ */ /* * Author: Tatu Ylonen @@ -30,13 +30,6 @@ */ #define SSH_MAX_IDENTITY_FILES 100 -/* - * Maximum length of lines in authorized_keys file. - * Current value permits 16kbit RSA keys and 8kbit DSA keys, with - * some room for options and comments. - */ -#define SSH_MAX_PUBKEY_BYTES 16384 - /* * Major protocol version. Different version indicates major incompatibility * that prevents communication. -- cgit v1.2.3 From 7082bb58a2eb878d23ec674587c742e5e9673c36 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 9 Jun 2018 03:01:12 +0000 Subject: upstream: add a SetEnv directive to ssh_config that allows setting environment variables for the remote session (subject to the server accepting them) refactor SendEnv to remove the arbitrary limit of variable names. ok markus@ OpenBSD-Commit-ID: cfbb00d9b0e10c1ffff1d83424351fd961d1f2be --- clientloop.c | 24 +++++++++++++++++++----- misc.c | 32 ++++++++++++++++++++++++++------ misc.h | 3 ++- mux.c | 10 ++++++---- readconf.c | 34 +++++++++++++++++++++++++++++++--- readconf.h | 7 ++++--- scp.1 | 5 +++-- sftp.1 | 5 +++-- ssh.1 | 5 +++-- ssh_config.5 | 10 ++++++++-- sshd_config.5 | 6 ++++-- 11 files changed, 109 insertions(+), 32 deletions(-) (limited to 'readconf.c') diff --git a/clientloop.c b/clientloop.c index 4801f4a77..247b83979 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.312 2018/04/10 00:10:49 djm Exp $ */ +/* $OpenBSD: clientloop.c,v 1.313 2018/06/09 03:01:12 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -2158,7 +2158,8 @@ void client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, const char *term, struct termios *tiop, int in_fd, Buffer *cmd, char **env) { - int len; + int i, j, matched, len; + char *name, *val; Channel *c = NULL; debug2("%s: id %d", __func__, id); @@ -2193,9 +2194,6 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, /* Transfer any environment variables from client to server */ if (options.num_send_env != 0 && env != NULL) { - int i, j, matched; - char *name, *val; - debug("Sending environment."); for (i = 0; env[i] != NULL; i++) { /* Split */ @@ -2227,6 +2225,22 @@ client_session2_setup(struct ssh *ssh, int id, int want_tty, int want_subsystem, free(name); } } + for (i = 0; i < options.num_setenv; i++) { + /* Split */ + name = xstrdup(options.setenv[i]); + if ((val = strchr(name, '=')) == NULL) { + free(name); + continue; + } + *val++ = '\0'; + + debug("Setting env %s = %s", name, val); + channel_request_start(ssh, id, "env", 0); + packet_put_cstring(name); + packet_put_cstring(val); + packet_send(); + free(name); + } len = buffer_len(cmd); if (len > 0) { diff --git a/misc.c b/misc.c index 3e62320ab..1198e70ca 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.128 2018/06/06 18:29:18 markus Exp $ */ +/* $OpenBSD: misc.c,v 1.129 2018/06/09 03:01:12 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -239,8 +239,8 @@ set_rdomain(int fd, const char *name) #define QUOTE "\"" /* return next token in configuration line */ -char * -strdelim(char **s) +static char * +strdelim_internal(char **s, int split_equals) { char *old; int wspace = 0; @@ -250,7 +250,8 @@ strdelim(char **s) old = *s; - *s = strpbrk(*s, WHITESPACE QUOTE "="); + *s = strpbrk(*s, + split_equals ? WHITESPACE QUOTE "=" : WHITESPACE QUOTE); if (*s == NULL) return (old); @@ -267,18 +268,37 @@ strdelim(char **s) } /* Allow only one '=' to be skipped */ - if (*s[0] == '=') + if (split_equals && *s[0] == '=') wspace = 1; *s[0] = '\0'; /* Skip any extra whitespace after first token */ *s += strspn(*s + 1, WHITESPACE) + 1; - if (*s[0] == '=' && !wspace) + if (split_equals && *s[0] == '=' && !wspace) *s += strspn(*s + 1, WHITESPACE) + 1; return (old); } +/* + * Return next token in configuration line; splts on whitespace or a + * single '=' character. + */ +char * +strdelim(char **s) +{ + return strdelim_internal(s, 1); +} + +/* + * Return next token in configuration line; splts on whitespace only. + */ +char * +strdelimw(char **s) +{ + return strdelim_internal(s, 0); +} + struct passwd * pwcopy(struct passwd *pw) { diff --git a/misc.h b/misc.h index daa4abc4c..837b005aa 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.72 2018/06/06 18:29:18 markus Exp $ */ +/* $OpenBSD: misc.h,v 1.73 2018/06/09 03:01:12 djm Exp $ */ /* * Author: Tatu Ylonen @@ -45,6 +45,7 @@ struct ForwardOptions { char *chop(char *); char *strdelim(char **); +char *strdelimw(char **); int set_nonblock(int); int unset_nonblock(int); void set_nodelay(int); diff --git a/mux.c b/mux.c index c591cb154..8433cd8e5 100644 --- a/mux.c +++ b/mux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mux.c,v 1.70 2018/06/06 18:22:41 djm Exp $ */ +/* $OpenBSD: mux.c,v 1.71 2018/06/09 03:01:12 djm Exp $ */ /* * Copyright (c) 2002-2008 Damien Miller * @@ -1852,9 +1852,9 @@ mux_client_request_session(int fd) { Buffer m; char *e, *term; - u_int i, rid, sid, esid, exitval, type, exitval_seen; + u_int rid, sid, esid, exitval, type, exitval_seen; extern char **environ; - int devnull, rawmode; + int i, devnull, rawmode; debug3("%s: entering", __func__); @@ -1889,14 +1889,16 @@ mux_client_request_session(int fd) buffer_put_cstring(&m, term == NULL ? "" : term); buffer_put_string(&m, buffer_ptr(&command), buffer_len(&command)); + /* Pass environment */ if (options.num_send_env > 0 && environ != NULL) { - /* Pass environment */ for (i = 0; environ[i] != NULL; i++) { if (env_permitted(environ[i])) { buffer_put_cstring(&m, environ[i]); } } } + for (i = 0; i < options.num_setenv; i++) + buffer_put_cstring(&m, options.setenv[i]); if (mux_client_write_packet(fd, &m) != 0) fatal("%s: write packet: %s", __func__, strerror(errno)); diff --git a/readconf.c b/readconf.c index 733b67f76..8ff23c05c 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.289 2018/06/06 18:29:18 markus Exp $ */ +/* $OpenBSD: readconf.c,v 1.290 2018/06/09 03:01:12 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -161,7 +161,7 @@ typedef enum { oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, - oSendEnv, oControlPath, oControlMaster, oControlPersist, + oSendEnv, oSetEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, oRemoteCommand, @@ -277,6 +277,7 @@ static struct { { "serveraliveinterval", oServerAliveInterval }, { "serveralivecountmax", oServerAliveCountMax }, { "sendenv", oSendEnv }, + { "setenv", oSetEnv }, { "controlpath", oControlPath }, { "controlmaster", oControlMaster }, { "controlpersist", oControlPersist }, @@ -1398,15 +1399,38 @@ parse_keytypes: continue; } else { /* Adding an env var */ - if (options->num_send_env >= MAX_SEND_ENV) + if (options->num_send_env >= INT_MAX) fatal("%s line %d: too many send env.", filename, linenum); + options->send_env = xrecallocarray( + options->send_env, options->num_send_env, + options->num_send_env, + sizeof(*options->send_env)); options->send_env[options->num_send_env++] = xstrdup(arg); } } break; + case oSetEnv: + value = options->num_setenv; + while ((arg = strdelimw(&s)) != NULL && *arg != '\0') { + if (strchr(arg, '=') == NULL) + fatal("%s line %d: Invalid SetEnv.", + filename, linenum); + if (!*activep || value != 0) + continue; + /* Adding a setenv var */ + if (options->num_setenv >= INT_MAX) + fatal("%s line %d: too many SetEnv.", + filename, linenum); + options->setenv = xrecallocarray( + options->setenv, options->num_setenv, + options->num_setenv + 1, sizeof(*options->setenv)); + options->setenv[options->num_setenv++] = xstrdup(arg); + } + break; + case oControlPath: charptr = &options->control_path; goto parse_string; @@ -1855,7 +1879,10 @@ initialize_options(Options * options) options->verify_host_key_dns = -1; options->server_alive_interval = -1; options->server_alive_count_max = -1; + options->send_env = NULL; options->num_send_env = 0; + options->setenv = NULL; + options->num_setenv = 0; options->control_path = NULL; options->control_master = -1; options->control_persist = -1; @@ -2606,6 +2633,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_strarray_oneline(oGlobalKnownHostsFile, o->num_system_hostfiles, o->system_hostfiles); dump_cfg_strarray_oneline(oUserKnownHostsFile, o->num_user_hostfiles, o->user_hostfiles); dump_cfg_strarray(oSendEnv, o->num_send_env, o->send_env); + dump_cfg_strarray(oSetEnv, o->num_setenv, o->setenv); /* Special cases */ diff --git a/readconf.h b/readconf.h index f4d9e2b26..d8595f07e 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.125 2018/02/23 02:34:33 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.126 2018/06/09 03:01:12 djm Exp $ */ /* * Author: Tatu Ylonen @@ -18,7 +18,6 @@ /* Data structure for representing option data. */ -#define MAX_SEND_ENV 256 #define SSH_MAX_HOSTS_FILES 32 #define MAX_CANON_DOMAINS 32 #define PATH_MAX_SUN (sizeof((struct sockaddr_un *)0)->sun_path) @@ -120,7 +119,9 @@ typedef struct { int server_alive_count_max; int num_send_env; - char *send_env[MAX_SEND_ENV]; + char **send_env; + int num_setenv; + char **setenv; char *control_path; int control_master; diff --git a/scp.1 b/scp.1 index 8d251e34a..b8886be64 100644 --- a/scp.1 +++ b/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.77 2018/02/23 07:38:09 jmc Exp $ +.\" $OpenBSD: scp.1,v 1.78 2018/06/09 03:01:12 djm Exp $ .\" -.Dd $Mdocdate: February 23 2018 $ +.Dd $Mdocdate: June 9 2018 $ .Dt SCP 1 .Os .Sh NAME @@ -171,6 +171,7 @@ For full details of the options listed below, and their possible values, see .It PubkeyAuthentication .It RekeyLimit .It SendEnv +.It SetEnv .It ServerAliveInterval .It ServerAliveCountMax .It StrictHostKeyChecking diff --git a/sftp.1 b/sftp.1 index 43e0442f7..686844b46 100644 --- a/sftp.1 +++ b/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.114 2018/02/23 07:38:09 jmc Exp $ +.\" $OpenBSD: sftp.1,v 1.115 2018/06/09 03:01:12 djm Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: February 23 2018 $ +.Dd $Mdocdate: June 9 2018 $ .Dt SFTP 1 .Os .Sh NAME @@ -241,6 +241,7 @@ For full details of the options listed below, and their possible values, see .It PubkeyAuthentication .It RekeyLimit .It SendEnv +.It SetEnv .It ServerAliveInterval .It ServerAliveCountMax .It StrictHostKeyChecking diff --git a/ssh.1 b/ssh.1 index 40034463f..65f4e3966 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.393 2018/05/11 04:01:11 djm Exp $ -.Dd $Mdocdate: May 11 2018 $ +.\" $OpenBSD: ssh.1,v 1.394 2018/06/09 03:01:12 djm Exp $ +.Dd $Mdocdate: June 9 2018 $ .Dt SSH 1 .Os .Sh NAME @@ -525,6 +525,7 @@ For full details of the options listed below, and their possible values, see .It RemoteForward .It RequestTTY .It SendEnv +.It SetEnv .It ServerAliveInterval .It ServerAliveCountMax .It StreamLocalBindMask diff --git a/ssh_config.5 b/ssh_config.5 index f6f36c45f..20a60a2d5 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.275 2018/06/01 06:23:10 jmc Exp $ -.Dd $Mdocdate: June 1 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.276 2018/06/09 03:01:12 djm Exp $ +.Dd $Mdocdate: June 9 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1404,6 +1404,12 @@ It is possible to clear previously set variable names by prefixing patterns with .Pa - . The default is not to send any environment variables. +.It Cm SetEnv +Directly specify one or more environment variables and their contents to +be sent to the server. +Similarly to +.Cm SendEnv , +the server must be prepared to accept the environment variable. .It Cm ServerAliveCountMax Sets the number of server alive messages (see below) which may be sent without diff --git a/sshd_config.5 b/sshd_config.5 index 7cf7e63db..395f5f6ac 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.272 2018/06/07 11:26:14 jmc Exp $ -.Dd $Mdocdate: June 7 2018 $ +.\" $OpenBSD: sshd_config.5,v 1.273 2018/06/09 03:01:12 djm Exp $ +.Dd $Mdocdate: June 9 2018 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -66,6 +66,8 @@ the session's .Xr environ 7 . See .Cm SendEnv +and +.Cm SetEnv in .Xr ssh_config 5 for how to configure the client. -- cgit v1.2.3 From 89a85d724765b6b82e0135ee5a1181fdcccea9c6 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 10 Jun 2018 23:45:41 +0000 Subject: upstream: unbreak SendEnv; patch from tb@ OpenBSD-Commit-ID: fc808daced813242563b80976e1478de95940056 --- readconf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index 8ff23c05c..8d2029547 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.290 2018/06/09 03:01:12 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.291 2018/06/10 23:45:41 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1404,7 +1404,7 @@ parse_keytypes: filename, linenum); options->send_env = xrecallocarray( options->send_env, options->num_send_env, - options->num_send_env, + options->num_send_env + 1, sizeof(*options->send_env)); options->send_env[options->num_send_env++] = xstrdup(arg); -- cgit v1.2.3 From 312d2f2861a2598ed08587cb6c45c0e98a85408f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 4 Jul 2018 13:49:31 +0000 Subject: upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA signature work - returns ability to add/remove/specify algorithms by wildcard. Algorithm lists are now fully expanded when the server/client configs are finalised, so errors are reported early and the config dumps (e.g. "ssh -G ...") now list the actual algorithms selected. Clarify that, while wildcards are accepted in algorithm lists, they aren't full pattern-lists that support negation. (lots of) feedback, ok markus@ OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207 --- compat.c | 18 +++++------ kex.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++----------- kex.h | 4 +-- match.c | 36 ++++++++++++++++++---- match.h | 5 ++-- readconf.c | 38 +++++++++++++++++------- servconf.c | 32 ++++++++++++++------ ssh_config.5 | 8 ++--- sshconnect2.c | 10 ++++--- sshd_config.5 | 8 ++--- 10 files changed, 187 insertions(+), 67 deletions(-) (limited to 'readconf.c') diff --git a/compat.c b/compat.c index 8335f2a94..d8fd6eaf8 100644 --- a/compat.c +++ b/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.109 2018/07/03 11:42:12 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.110 2018/07/04 13:49:31 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -190,8 +190,8 @@ compat_cipher_proposal(char *cipher_prop) if (!(datafellows & SSH_BUG_BIGENDIANAES)) return cipher_prop; debug2("%s: original cipher proposal: %s", __func__, cipher_prop); - if ((cipher_prop = match_filter_list(cipher_prop, "aes*")) == NULL) - fatal("match_filter_list failed"); + if ((cipher_prop = match_filter_blacklist(cipher_prop, "aes*")) == NULL) + fatal("match_filter_blacklist failed"); debug2("%s: compat cipher proposal: %s", __func__, cipher_prop); if (*cipher_prop == '\0') fatal("No supported ciphers found"); @@ -204,8 +204,8 @@ compat_pkalg_proposal(char *pkalg_prop) if (!(datafellows & SSH_BUG_RSASIGMD5)) return pkalg_prop; debug2("%s: original public key proposal: %s", __func__, pkalg_prop); - if ((pkalg_prop = match_filter_list(pkalg_prop, "ssh-rsa")) == NULL) - fatal("match_filter_list failed"); + if ((pkalg_prop = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == NULL) + fatal("match_filter_blacklist failed"); debug2("%s: compat public key proposal: %s", __func__, pkalg_prop); if (*pkalg_prop == '\0') fatal("No supported PK algorithms found"); @@ -219,14 +219,14 @@ compat_kex_proposal(char *p) return p; debug2("%s: original KEX proposal: %s", __func__, p); if ((datafellows & SSH_BUG_CURVE25519PAD) != 0) - if ((p = match_filter_list(p, + if ((p = match_filter_blacklist(p, "curve25519-sha256@libssh.org")) == NULL) - fatal("match_filter_list failed"); + fatal("match_filter_blacklist failed"); if ((datafellows & SSH_OLD_DHGEX) != 0) { - if ((p = match_filter_list(p, + if ((p = match_filter_blacklist(p, "diffie-hellman-group-exchange-sha256," "diffie-hellman-group-exchange-sha1")) == NULL) - fatal("match_filter_list failed"); + fatal("match_filter_blacklist failed"); } debug2("%s: compat KEX proposal: %s", __func__, p); if (*p == '\0') diff --git a/kex.c b/kex.c index d0a5f1b66..2fd052e96 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.137 2018/07/03 11:39:54 djm Exp $ */ +/* $OpenBSD: kex.c,v 1.138 2018/07/04 13:49:31 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -174,7 +174,7 @@ kex_names_cat(const char *a, const char *b) size_t len; if (a == NULL || *a == '\0') - return NULL; + return strdup(b); if (b == NULL || *b == '\0') return strdup(a); if (strlen(b) > 1024*1024) @@ -209,27 +209,88 @@ kex_names_cat(const char *a, const char *b) * specified names should be removed. */ int -kex_assemble_names(const char *def, char **list) +kex_assemble_names(char **listp, const char *def, const char *all) { - char *ret; + char *cp, *tmp, *patterns; + char *list = NULL, *ret = NULL, *matching = NULL, *opatterns = NULL; + int r = SSH_ERR_INTERNAL_ERROR; - if (list == NULL || *list == NULL || **list == '\0') { - *list = strdup(def); + if (listp == NULL || *listp == NULL || **listp == '\0') { + if ((*listp = strdup(def)) == NULL) + return SSH_ERR_ALLOC_FAIL; return 0; } - if (**list == '+') { - if ((ret = kex_names_cat(def, *list + 1)) == NULL) - return SSH_ERR_ALLOC_FAIL; - free(*list); - *list = ret; - } else if (**list == '-') { - if ((ret = match_filter_list(def, *list + 1)) == NULL) - return SSH_ERR_ALLOC_FAIL; - free(*list); - *list = ret; + + list = *listp; + *listp = NULL; + if (*list == '+') { + /* Append names to default list */ + if ((tmp = kex_names_cat(def, list + 1)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto fail; + } + free(list); + list = tmp; + } else if (*list == '-') { + /* Remove names from default list */ + if ((*listp = match_filter_blacklist(def, list + 1)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto fail; + } + free(list); + /* filtering has already been done */ + return 0; + } else { + /* Explicit list, overrides default - just use "list" as is */ } - return 0; + /* + * The supplied names may be a pattern-list. For the -list case, + * the patterns are applied above. For the +list and explicit list + * cases we need to do it now. + */ + ret = NULL; + if ((patterns = opatterns = strdup(list)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto fail; + } + /* Apply positive (i.e. non-negated) patterns from the list */ + while ((cp = strsep(&patterns, ",")) != NULL) { + if (*cp == '!') { + /* negated matches are not supported here */ + r = SSH_ERR_INVALID_ARGUMENT; + goto fail; + } + free(matching); + if ((matching = match_filter_whitelist(all, cp)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto fail; + } + if ((tmp = kex_names_cat(ret, matching)) == NULL) { + r = SSH_ERR_ALLOC_FAIL; + goto fail; + } + free(ret); + ret = tmp; + } + if (ret == NULL || *ret == '\0') { + /* An empty name-list is an error */ + /* XXX better error code? */ + r = SSH_ERR_INVALID_ARGUMENT; + goto fail; + } + + /* success */ + *listp = ret; + ret = NULL; + r = 0; + + fail: + free(matching); + free(opatterns); + free(list); + free(ret); + return r; } /* put algorithm proposal into buffer */ diff --git a/kex.h b/kex.h index 6210630df..3ffae2df0 100644 --- a/kex.h +++ b/kex.h @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.h,v 1.84 2018/07/03 11:39:54 djm Exp $ */ +/* $OpenBSD: kex.h,v 1.85 2018/07/04 13:49:31 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -169,7 +169,7 @@ struct kex { int kex_names_valid(const char *); char *kex_alg_list(char); char *kex_names_cat(const char *, const char *); -int kex_assemble_names(const char *, char **); +int kex_assemble_names(char **, const char *, const char *); int kex_new(struct ssh *, char *[PROPOSAL_MAX], struct kex **); int kex_setup(struct ssh *, char *[PROPOSAL_MAX]); diff --git a/match.c b/match.c index 3cf40306b..bb3e95f67 100644 --- a/match.c +++ b/match.c @@ -1,4 +1,4 @@ -/* $OpenBSD: match.c,v 1.37 2017/03/10 04:24:55 djm Exp $ */ +/* $OpenBSD: match.c,v 1.38 2018/07/04 13:49:31 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -294,16 +294,20 @@ match_list(const char *client, const char *server, u_int *next) } /* - * Filters a comma-separated list of strings, excluding any entry matching - * the 'filter' pattern list. Caller must free returned string. + * Filter proposal using pattern-list filter. + * "blacklist" determines sense of filter: + * non-zero indicates that items matching filter should be excluded. + * zero indicates that only items matching filter should be included. + * returns NULL on allocation error, otherwise caller must free result. */ -char * -match_filter_list(const char *proposal, const char *filter) +static char * +filter_list(const char *proposal, const char *filter, int blacklist) { size_t len = strlen(proposal) + 1; char *fix_prop = malloc(len); char *orig_prop = strdup(proposal); char *cp, *tmp; + int r; if (fix_prop == NULL || orig_prop == NULL) { free(orig_prop); @@ -314,7 +318,8 @@ match_filter_list(const char *proposal, const char *filter) tmp = orig_prop; *fix_prop = '\0'; while ((cp = strsep(&tmp, ",")) != NULL) { - if (match_pattern_list(cp, filter, 0) != 1) { + r = match_pattern_list(cp, filter, 0); + if ((blacklist && r != 1) || (!blacklist && r == 1)) { if (*fix_prop != '\0') strlcat(fix_prop, ",", len); strlcat(fix_prop, cp, len); @@ -324,3 +329,22 @@ match_filter_list(const char *proposal, const char *filter) return fix_prop; } +/* + * Filters a comma-separated list of strings, excluding any entry matching + * the 'filter' pattern list. Caller must free returned string. + */ +char * +match_filter_blacklist(const char *proposal, const char *filter) +{ + return filter_list(proposal, filter, 1); +} + +/* + * Filters a comma-separated list of strings, including only entries matching + * the 'filter' pattern list. Caller must free returned string. + */ +char * +match_filter_whitelist(const char *proposal, const char *filter) +{ + return filter_list(proposal, filter, 0); +} diff --git a/match.h b/match.h index 937ba0412..852b1a5cb 100644 --- a/match.h +++ b/match.h @@ -1,4 +1,4 @@ -/* $OpenBSD: match.h,v 1.17 2017/02/03 23:01:19 djm Exp $ */ +/* $OpenBSD: match.h,v 1.18 2018/07/04 13:49:31 djm Exp $ */ /* * Author: Tatu Ylonen @@ -20,7 +20,8 @@ int match_hostname(const char *, const char *); int match_host_and_ip(const char *, const char *, const char *); int match_user(const char *, const char *, const char *, const char *); char *match_list(const char *, const char *, u_int *); -char *match_filter_list(const char *, const char *); +char *match_filter_blacklist(const char *, const char *); +char *match_filter_whitelist(const char *, const char *); /* addrmatch.c */ int addr_match_list(const char *, const char *); diff --git a/readconf.c b/readconf.c index 8d2029547..2bc27075f 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.291 2018/06/10 23:45:41 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.292 2018/07/04 13:49:31 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1936,6 +1936,8 @@ fill_default_options_for_canonicalization(Options *options) void fill_default_options(Options * options) { + char *all_cipher, *all_mac, *all_kex, *all_key; + if (options->forward_agent == -1) options->forward_agent = 0; if (options->forward_x11 == -1) @@ -2082,14 +2084,27 @@ fill_default_options(Options * options) options->fingerprint_hash = SSH_FP_HASH_DEFAULT; if (options->update_hostkeys == -1) options->update_hostkeys = 0; - if (kex_assemble_names(KEX_CLIENT_ENCRYPT, &options->ciphers) != 0 || - kex_assemble_names(KEX_CLIENT_MAC, &options->macs) != 0 || - kex_assemble_names(KEX_CLIENT_KEX, &options->kex_algorithms) != 0 || - kex_assemble_names(KEX_DEFAULT_PK_ALG, - &options->hostbased_key_types) != 0 || - kex_assemble_names(KEX_DEFAULT_PK_ALG, - &options->pubkey_key_types) != 0) + + /* Expand KEX name lists */ + all_cipher = cipher_alg_list(',', 0); + all_mac = mac_alg_list(','); + all_kex = kex_alg_list(','); + all_key = sshkey_alg_list(0, 0, 1, ','); + if (kex_assemble_names(&options->ciphers, + KEX_CLIENT_ENCRYPT, all_cipher) != 0 || + kex_assemble_names(&options->macs, + KEX_CLIENT_MAC, all_mac) != 0 || + kex_assemble_names(&options->kex_algorithms, + KEX_CLIENT_KEX, all_kex) != 0 || + kex_assemble_names(&options->hostbased_key_types, + KEX_DEFAULT_PK_ALG, all_key) != 0 || + kex_assemble_names(&options->pubkey_key_types, + KEX_DEFAULT_PK_ALG, all_key) != 0) fatal("%s: kex_assemble_names failed", __func__); + free(all_cipher); + free(all_mac); + free(all_kex); + free(all_key); #define CLEAR_ON_NONE(v) \ do { \ @@ -2537,11 +2552,14 @@ void dump_client_config(Options *o, const char *host) { int i; - char buf[8]; + char buf[8], *all_key; /* This is normally prepared in ssh_kex2 */ - if (kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->hostkeyalgorithms) != 0) + all_key = sshkey_alg_list(0, 0, 1, ','); + if (kex_assemble_names( &o->hostkeyalgorithms, + KEX_DEFAULT_PK_ALG, all_key) != 0) fatal("%s: kex_assemble_names failed", __func__); + free(all_key); /* Most interesting options first: user, host, port */ dump_cfg_string(oUser, o->user); diff --git a/servconf.c b/servconf.c index a41fdc26a..a54219f01 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.334 2018/07/03 10:59:35 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.335 2018/07/04 13:49:31 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -190,15 +190,29 @@ option_clear_or_none(const char *o) static void assemble_algorithms(ServerOptions *o) { - if (kex_assemble_names(KEX_SERVER_ENCRYPT, &o->ciphers) != 0 || - kex_assemble_names(KEX_SERVER_MAC, &o->macs) != 0 || - kex_assemble_names(KEX_SERVER_KEX, &o->kex_algorithms) != 0 || - kex_assemble_names(KEX_DEFAULT_PK_ALG, - &o->hostkeyalgorithms) != 0 || - kex_assemble_names(KEX_DEFAULT_PK_ALG, - &o->hostbased_key_types) != 0 || - kex_assemble_names(KEX_DEFAULT_PK_ALG, &o->pubkey_key_types) != 0) + char *all_cipher, *all_mac, *all_kex, *all_key; + + all_cipher = cipher_alg_list(',', 0); + all_mac = mac_alg_list(','); + all_kex = kex_alg_list(','); + all_key = sshkey_alg_list(0, 0, 1, ','); + if (kex_assemble_names(&o->ciphers, + KEX_SERVER_ENCRYPT, all_cipher) != 0 || + kex_assemble_names(&o->macs, + KEX_SERVER_MAC, all_mac) != 0 || + kex_assemble_names(&o->kex_algorithms, + KEX_SERVER_KEX, all_kex) != 0 || + kex_assemble_names(&o->hostkeyalgorithms, + KEX_DEFAULT_PK_ALG, all_key) != 0 || + kex_assemble_names(&o->hostbased_key_types, + KEX_DEFAULT_PK_ALG, all_key) != 0 || + kex_assemble_names(&o->pubkey_key_types, + KEX_DEFAULT_PK_ALG, all_key) != 0) fatal("kex_assemble_names failed"); + free(all_cipher); + free(all_mac); + free(all_kex); + free(all_key); } static void diff --git a/ssh_config.5 b/ssh_config.5 index eff9c5e61..df94d60db 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.278 2018/07/03 11:39:54 djm Exp $ -.Dd $Mdocdate: July 3 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.279 2018/07/04 13:49:31 djm Exp $ +.Dd $Mdocdate: July 4 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -757,7 +757,7 @@ or (the default). .It Cm HostbasedKeyTypes Specifies the key types that will be used for hostbased authentication -as a comma-separated pattern list. +as a comma-separated list of patterns. Alternately if the specified value begins with a .Sq + character, then the specified key types will be appended to the default set @@ -1242,7 +1242,7 @@ The default is .Cm no . .It Cm PubkeyAcceptedKeyTypes Specifies the key types that will be used for public key authentication -as a comma-separated pattern list. +as a comma-separated list of patterns. Alternately if the specified value begins with a .Sq + character, then the key types after it will be appended to the default diff --git a/sshconnect2.c b/sshconnect2.c index db95cb214..f3ccd53a9 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.274 2018/07/03 13:20:25 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.275 2018/07/04 13:49:31 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -158,7 +158,7 @@ void ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) { char *myproposal[PROPOSAL_MAX] = { KEX_CLIENT }; - char *s; + char *s, *all_key; struct kex *kex; int r; @@ -178,9 +178,11 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) myproposal[PROPOSAL_MAC_ALGS_CTOS] = myproposal[PROPOSAL_MAC_ALGS_STOC] = options.macs; if (options.hostkeyalgorithms != NULL) { - if (kex_assemble_names(KEX_DEFAULT_PK_ALG, - &options.hostkeyalgorithms) != 0) + all_key = sshkey_alg_list(0, 0, 1, ','); + if (kex_assemble_names(&options.hostkeyalgorithms, + KEX_DEFAULT_PK_ALG, all_key) != 0) fatal("%s: kex_assemble_namelist", __func__); + free(all_key); myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal(options.hostkeyalgorithms); } else { diff --git a/sshd_config.5 b/sshd_config.5 index cc019ec7d..aa888796e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.279 2018/07/03 11:39:54 djm Exp $ -.Dd $Mdocdate: July 3 2018 $ +.\" $OpenBSD: sshd_config.5,v 1.280 2018/07/04 13:49:31 djm Exp $ +.Dd $Mdocdate: July 4 2018 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -659,7 +659,7 @@ The default is .Cm yes . .It Cm HostbasedAcceptedKeyTypes Specifies the key types that will be accepted for hostbased authentication -as a comma-separated pattern list. +as a list of comma-separated patterns. Alternately if the specified value begins with a .Sq + character, then the specified key types will be appended to the default set @@ -1386,7 +1386,7 @@ The default is .Cm yes . .It Cm PubkeyAcceptedKeyTypes Specifies the key types that will be accepted for public key authentication -as a comma-separated pattern list. +as a list of comma-separated patterns. Alternately if the specified value begins with a .Sq + character, then the specified key types will be appended to the default set -- cgit v1.2.3 From 258dc8bb07dfb35a46e52b0822a2c5b7027df60a Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 18 Jul 2018 11:34:04 +0000 Subject: upstream: Remove support for running ssh(1) setuid and fatal if attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@ OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42 --- .depend | 12 ++++++------ Makefile.in | 8 ++++---- misc.c | 3 +-- readconf.c | 5 +---- readpass.c | 3 +-- ssh.c | 37 ++----------------------------------- sshconnect.c | 28 +++------------------------- sshconnect.h | 21 +-------------------- sshconnect2.c | 3 +-- uidswap.c | 33 +-------------------------------- uidswap.h | 3 +-- 11 files changed, 22 insertions(+), 134 deletions(-) (limited to 'readconf.c') diff --git a/.depend b/.depend index 1de442236..845fe6c93 100644 --- a/.depend +++ b/.depend @@ -76,12 +76,12 @@ kexgexc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compa kexgexs.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h krl.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h sshbuf.h ssherr.h sshkey.h authfile.h misc.h log.h digest.h bitmap.h krl.h log.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h -loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h +loginrec.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h sshkey.h hostfile.h ssh.h loginrec.h log.h atomicio.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h canohost.h auth.h auth-pam.h audit.h sshbuf.h ssherr.h logintest.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h loginrec.h mac.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h digest.h hmac.h umac.h mac.h misc.h ssherr.h sshbuf.h openbsd-compat/openssl-compat.h match.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h match.h misc.h md5crypt.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h -misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssh.h sshbuf.h ssherr.h uidswap.h +misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h misc.h log.h ssh.h sshbuf.h ssherr.h moduli.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h monitor.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h atomicio.h xmalloc.h ssh.h sshkey.h sshbuf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h monitor.o: rijndael.h kex.h mac.h dh.h packet.h dispatch.h opacket.h auth-options.h sshpty.h channels.h session.h sshlogin.h canohost.h log.h misc.h servconf.h monitor.h monitor_wrap.h monitor_fdpass.h compat.h ssh2.h authfd.h match.h ssherr.h @@ -97,7 +97,7 @@ packet.o: packet.h dispatch.h opacket.h ssherr.h sshbuf.h platform-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h platform-pledge.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h platform-tracing.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h -platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h misc.h servconf.h hostfile.h auth.h auth-pam.h audit.h loginrec.h +platform.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h log.h misc.h servconf.h sshkey.h hostfile.h auth.h auth-pam.h audit.h loginrec.h poly1305.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h poly1305.h progressmeter.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h progressmeter.h atomicio.h misc.h readconf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/glob.h xmalloc.h ssh.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h pathnames.h log.h sshkey.h misc.h readconf.h match.h kex.h mac.h uidswap.h myproposal.h @@ -141,15 +141,15 @@ ssh-pkcs11.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-co ssh-rsa.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh-xmss.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/openssl-compat.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h canohost.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h digest.h packet.h dispatch.h opacket.h -ssh.o: sshbuf.h channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h uidswap.h version.h ssherr.h myproposal.h utf8.h +ssh.o: sshbuf.h channels.h sshkey.h authfd.h authfile.h pathnames.h clientloop.h log.h misc.h readconf.h sshconnect.h kex.h mac.h sshpty.h match.h msg.h version.h ssherr.h myproposal.h utf8.h ssh_api.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssh_api.h openbsd-compat/sys-queue.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h ssh.h ssh2.h packet.h dispatch.h opacket.h compat.h log.h authfile.h misc.h ssh_api.o: version.h myproposal.h ssherr.h sshbuf.h sshbuf-getput-basic.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h sshbuf-getput-crypto.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h sshbuf-misc.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h sshbuf.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ssherr.h sshbuf.h misc.h -sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h uidswap.h compat.h sshkey.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h -sshconnect.o: authfile.h ssherr.h authfd.h +sshconnect.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h xmalloc.h hostfile.h ssh.h sshbuf.h packet.h openbsd-compat/sys-queue.h dispatch.h opacket.h compat.h sshkey.h sshconnect.h log.h misc.h readconf.h atomicio.h dns.h monitor_fdpass.h ssh2.h version.h authfile.h +sshconnect.o: ssherr.h authfd.h sshconnect2.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshbuf.h packet.h dispatch.h opacket.h compat.h cipher.h cipher-chachapoly.h chacha.h poly1305.h cipher-aesctr.h rijndael.h sshkey.h kex.h mac.h myproposal.h sshconnect2.o: sshconnect.h authfile.h dh.h authfd.h log.h misc.h readconf.h match.h canohost.h msg.h pathnames.h uidswap.h hostfile.h ssherr.h utf8.h sshd.o: includes.h config.h defines.h platform.h openbsd-compat/openbsd-compat.h openbsd-compat/base64.h openbsd-compat/sigact.h openbsd-compat/readpassphrase.h openbsd-compat/vis.h openbsd-compat/getrrsetbyname.h openbsd-compat/sha1.h openbsd-compat/sha2.h openbsd-compat/rmd160.h openbsd-compat/md5.h openbsd-compat/blf.h openbsd-compat/getopt.h openbsd-compat/bsd-misc.h openbsd-compat/bsd-setres_id.h openbsd-compat/bsd-signal.h openbsd-compat/bsd-statvfs.h openbsd-compat/bsd-waitpid.h openbsd-compat/bsd-poll.h openbsd-compat/fake-rfc2553.h openbsd-compat/bsd-cygwin_util.h openbsd-compat/port-aix.h openbsd-compat/port-irix.h openbsd-compat/port-linux.h openbsd-compat/port-solaris.h openbsd-compat/port-net.h openbsd-compat/port-uw.h openbsd-compat/bsd-nextstep.h entropy.h ./openbsd-compat/sys-tree.h openbsd-compat/sys-queue.h xmalloc.h ssh.h ssh2.h sshpty.h packet.h dispatch.h opacket.h log.h sshbuf.h misc.h match.h servconf.h uidswap.h compat.h cipher.h cipher-chachapoly.h chacha.h diff --git a/Makefile.in b/Makefile.in index d1f708020..e09e27954 100644 --- a/Makefile.in +++ b/Makefile.in @@ -90,7 +90,7 @@ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ compat.o crc32.o fatal.o hostfile.o \ log.o match.o moduli.o nchan.o packet.o opacket.o \ readpass.o ttymodes.o xmalloc.o addrmatch.o \ - atomicio.o dispatch.o mac.o uidswap.o uuencode.o misc.o utf8.o \ + atomicio.o dispatch.o mac.o uuencode.o misc.o utf8.o \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o smult_curve25519_ref.o \ @@ -118,7 +118,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ sftp-server.o sftp-common.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-pledge.o \ - sandbox-solaris.o + sandbox-solaris.o uidswap.o MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 @@ -186,8 +186,8 @@ ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o ssh-pkcs11-client.o ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o $(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) -ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o - $(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) +ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o readconf.o uidswap.o + $(LD) -o $@ ssh-keysign.o readconf.o uidswap.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS) diff --git a/misc.c b/misc.c index 1198e70ca..6b093f21b 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.129 2018/06/09 03:01:12 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.130 2018/07/18 11:34:04 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -69,7 +69,6 @@ #include "ssh.h" #include "sshbuf.h" #include "ssherr.h" -#include "uidswap.h" #include "platform.h" /* remove newline at end of string */ diff --git a/readconf.c b/readconf.c index 2bc27075f..f40eb3803 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.292 2018/07/04 13:49:31 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.293 2018/07/18 11:34:04 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -498,9 +498,6 @@ execute_in_shell(const char *cmd) if ((pid = fork()) == 0) { char *argv[4]; - /* Child. Permanently give up superuser privileges. */ - permanently_drop_suid(original_real_uid); - /* Redirect child stdin and stdout. Leave stderr */ if (dup2(devnull, STDIN_FILENO) == -1) fatal("dup2: %s", strerror(errno)); diff --git a/readpass.c b/readpass.c index 05c8cac1c..f160f866b 100644 --- a/readpass.c +++ b/readpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.c,v 1.51 2015/12/11 00:20:04 mmcc Exp $ */ +/* $OpenBSD: readpass.c,v 1.52 2018/07/18 11:34:04 dtucker Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -72,7 +72,6 @@ ssh_askpass(char *askpass, const char *msg) return NULL; } if (pid == 0) { - permanently_drop_suid(getuid()); close(p[0]); if (dup2(p[1], STDOUT_FILENO) < 0) fatal("ssh_askpass: dup2: %s", strerror(errno)); diff --git a/ssh.c b/ssh.c index 609c209d1..49a9fab20 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.486 2018/07/16 22:25:01 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.487 2018/07/18 11:34:04 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -104,7 +104,6 @@ #include "sshpty.h" #include "match.h" #include "msg.h" -#include "uidswap.h" #include "version.h" #include "ssherr.h" #include "myproposal.h" @@ -628,24 +627,6 @@ main(int ac, char **av) original_real_uid = getuid(); original_effective_uid = geteuid(); - /* - * Use uid-swapping to give up root privileges for the duration of - * option processing. We will re-instantiate the rights when we are - * ready to create the privileged port, and will permanently drop - * them when the port has been created (actually, when the connection - * has been made, as we may need to create the port several times). - */ - PRIV_END; - -#ifdef HAVE_SETRLIMIT - /* If we are installed setuid root be careful to not drop core. */ - if (original_real_uid != original_effective_uid) { - struct rlimit rlim; - rlim.rlim_cur = rlim.rlim_max = 0; - if (setrlimit(RLIMIT_CORE, &rlim) < 0) - fatal("setrlimit failed: %.100s", strerror(errno)); - } -#endif /* Get user data. */ pw = getpwuid(original_real_uid); if (!pw) { @@ -1448,22 +1429,8 @@ main(int ac, char **av) L_PUBKEY(_PATH_HOST_XMSS_KEY_FILE, 9); } } - /* - * Get rid of any extra privileges that we may have. We will no - * longer need them. Also, extra privileges could make it very hard - * to read identity files and other non-world-readable files from the - * user's home directory if it happens to be on a NFS volume where - * root is mapped to nobody. - */ - if (original_effective_uid == 0) { - PRIV_START; - permanently_set_uid(pw); - } - /* - * Now that we are back to our own permissions, create ~/.ssh - * directory if it doesn't already exist. - */ + /* Create ~/.ssh * directory if it doesn't already exist. */ if (config == NULL) { r = snprintf(buf, sizeof buf, "%s%s%s", pw->pw_dir, strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); diff --git a/sshconnect.c b/sshconnect.c index 2eaf020e0..9fa95e1e3 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.300 2018/07/11 18:53:29 markus Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.301 2018/07/18 11:34:04 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -53,7 +53,6 @@ #include "ssh.h" #include "sshbuf.h" #include "packet.h" -#include "uidswap.h" #include "compat.h" #include "sshkey.h" #include "sshconnect.h" @@ -130,9 +129,6 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, if ((pid = fork()) == 0) { char *argv[10]; - /* Child. Permanently give up superuser privileges. */ - permanently_drop_suid(original_real_uid); - close(sp[1]); /* Redirect stdin and stdout. */ if (sp[0] != 0) { @@ -212,9 +208,6 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, if ((pid = fork()) == 0) { char *argv[10]; - /* Child. Permanently give up superuser privileges. */ - permanently_drop_suid(original_real_uid); - /* Redirect stdin and stdout. */ close(pin[1]); if (pin[0] != 0) { @@ -342,7 +335,7 @@ check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs, static int ssh_create_socket(int privileged, struct addrinfo *ai) { - int sock, r, oerrno; + int sock, r; struct sockaddr_storage bindaddr; socklen_t bindaddrlen = 0; struct addrinfo hints, *res = NULL; @@ -409,22 +402,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai) ssh_gai_strerror(r)); goto fail; } - /* - * If we are running as root and want to connect to a privileged - * port, bind our own socket to a privileged port. - */ - if (privileged) { - PRIV_START; - r = bindresvport_sa(sock, - bindaddrlen == 0 ? NULL : (struct sockaddr *)&bindaddr); - oerrno = errno; - PRIV_END; - if (r < 0) { - error("bindresvport_sa %s: %s", ntop, - strerror(oerrno)); - goto fail; - } - } else if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) { + if (bind(sock, (struct sockaddr *)&bindaddr, bindaddrlen) != 0) { error("bind %s: %s", ntop, strerror(errno)); goto fail; } diff --git a/sshconnect.h b/sshconnect.h index 6bba62ad0..05a1fb327 100644 --- a/sshconnect.h +++ b/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.33 2018/07/16 11:05:41 dtucker Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.34 2018/07/18 11:34:04 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -57,22 +57,3 @@ void ssh_put_password(char *); int ssh_local_cmd(const char *); void maybe_add_key_to_agent(char *, const struct sshkey *, char *, char *); - -/* - * Macros to raise/lower permissions. - */ -#define PRIV_START do { \ - int save_errno = errno; \ - if (seteuid(original_effective_uid) != 0) \ - fatal("PRIV_START: seteuid: %s", \ - strerror(errno)); \ - errno = save_errno; \ -} while (0) - -#define PRIV_END do { \ - int save_errno = errno; \ - if (seteuid(original_real_uid) != 0) \ - fatal("PRIV_END: seteuid: %s", \ - strerror(errno)); \ - errno = save_errno; \ -} while (0) diff --git a/sshconnect2.c b/sshconnect2.c index 7b0e18f28..5d2bde81d 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.281 2018/07/16 11:05:41 dtucker Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.282 2018/07/18 11:34:04 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1812,7 +1812,6 @@ ssh_keysign(struct sshkey *key, u_char **sigp, size_t *lenp, if (pid == 0) { /* keep the socket on exec */ fcntl(sock, F_SETFD, 0); - permanently_drop_suid(getuid()); close(from[0]); if (dup2(from[1], STDOUT_FILENO) < 0) fatal("%s: dup2: %s", __func__, strerror(errno)); diff --git a/uidswap.c b/uidswap.c index 1430b822a..49f76d818 100644 --- a/uidswap.c +++ b/uidswap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.c,v 1.40 2018/06/15 07:01:11 djm Exp $ */ +/* $OpenBSD: uidswap.c,v 1.41 2018/07/18 11:34:04 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -135,37 +135,6 @@ temporarily_use_uid(struct passwd *pw) strerror(errno)); } -void -permanently_drop_suid(uid_t uid) -{ -#ifndef NO_UID_RESTORATION_TEST - uid_t old_uid = getuid(); -#endif - - debug("permanently_drop_suid: %u", (u_int)uid); - if (setresuid(uid, uid, uid) < 0) - fatal("setresuid %u: %.100s", (u_int)uid, strerror(errno)); - -#ifndef NO_UID_RESTORATION_TEST - /* - * Try restoration of UID if changed (test clearing of saved uid). - * - * Note that we don't do this on Cygwin, or on Solaris-based platforms - * where fine-grained privileges are available (the user might be - * deliberately allowed the right to setuid back to root). - */ - if (old_uid != uid && - (setuid(old_uid) != -1 || seteuid(old_uid) != -1)) - fatal("%s: was able to restore old [e]uid", __func__); -#endif - - /* Verify UID drop was successful */ - if (getuid() != uid || geteuid() != uid) { - fatal("%s: euid incorrect uid:%u euid:%u (should be %u)", - __func__, (u_int)getuid(), (u_int)geteuid(), (u_int)uid); - } -} - /* * Restores to the original (privileged) uid. */ diff --git a/uidswap.h b/uidswap.h index 1c1163d75..4ac91aa04 100644 --- a/uidswap.h +++ b/uidswap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: uidswap.h,v 1.13 2006/08/03 03:34:42 deraadt Exp $ */ +/* $OpenBSD: uidswap.h,v 1.14 2018/07/18 11:34:05 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -15,4 +15,3 @@ void temporarily_use_uid(struct passwd *); void restore_uid(void); void permanently_set_uid(struct passwd *); -void permanently_drop_suid(uid_t); -- cgit v1.2.3 From 95d41e90eafcd1286a901e8e361e4a37b98aeb52 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 19 Jul 2018 10:28:47 +0000 Subject: upstream: Deprecate UsePrivilegedPort now that support for running ssh(1) setuid has been removed, remove supporting code and clean up references to it in the man pages We have not shipped ssh(1) the setuid bit since 2002. If ayone really needs to make connections from a low port number this can be implemented via a small setuid ProxyCommand. ok markus@ jmc@ djm@ OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e --- readconf.c | 12 ++---------- readconf.h | 3 +-- scp.1 | 5 ++--- sftp.1 | 5 ++--- ssh.1 | 5 ++--- ssh.c | 10 ++-------- ssh_config.5 | 23 ++--------------------- sshconnect.c | 24 ++++++++++-------------- sshconnect.h | 4 ++-- 9 files changed, 25 insertions(+), 66 deletions(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index f40eb3803..ce832526a 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.293 2018/07/18 11:34:04 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.294 2018/07/19 10:28:47 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -190,6 +190,7 @@ static struct { { "userknownhostsfile2", oDeprecated }, { "useroaming", oDeprecated }, { "usersh", oDeprecated }, + { "useprivilegedport", oDeprecated }, /* Unsupported options */ { "afstokenpassing", oUnsupported }, @@ -222,7 +223,6 @@ static struct { { "exitonforwardfailure", oExitOnForwardFailure }, { "xauthlocation", oXAuthLocation }, { "gatewayports", oGatewayPorts }, - { "useprivilegedport", oUsePrivilegedPort }, { "passwordauthentication", oPasswordAuthentication }, { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, { "kbdinteractivedevices", oKbdInteractiveDevices }, @@ -949,10 +949,6 @@ parse_time: intptr = &options->exit_on_forward_failure; goto parse_flag; - case oUsePrivilegedPort: - intptr = &options->use_privileged_port; - goto parse_flag; - case oPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; @@ -1822,7 +1818,6 @@ initialize_options(Options * options) options->fwd_opts.gateway_ports = -1; options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; options->fwd_opts.streamlocal_bind_unlink = -1; - options->use_privileged_port = -1; options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -1964,8 +1959,6 @@ fill_default_options(Options * options) options->fwd_opts.streamlocal_bind_mask = 0177; if (options->fwd_opts.streamlocal_bind_unlink == -1) options->fwd_opts.streamlocal_bind_unlink = 0; - if (options->use_privileged_port == -1) - options->use_privileged_port = 0; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; if (options->challenge_response_authentication == -1) @@ -2599,7 +2592,6 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oStrictHostKeyChecking, o->strict_host_key_checking); dump_cfg_fmtint(oTCPKeepAlive, o->tcp_keep_alive); dump_cfg_fmtint(oTunnel, o->tun_open); - dump_cfg_fmtint(oUsePrivilegedPort, o->use_privileged_port); dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns); dump_cfg_fmtint(oVisualHostKey, o->visual_host_key); dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys); diff --git a/readconf.h b/readconf.h index d8595f07e..c56887816 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.126 2018/06/09 03:01:12 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.127 2018/07/19 10:28:47 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -35,7 +35,6 @@ typedef struct { int exit_on_forward_failure; /* Exit if bind(2) fails for -L/-R */ char *xauth_location; /* Location for xauth program */ struct ForwardOptions fwd_opts; /* forwarding options */ - int use_privileged_port; /* Don't use privileged port if false. */ int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ int challenge_response_authentication; diff --git a/scp.1 b/scp.1 index be8309b22..92abcaf07 100644 --- a/scp.1 +++ b/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.79 2018/06/09 06:36:31 jmc Exp $ +.\" $OpenBSD: scp.1,v 1.80 2018/07/19 10:28:47 dtucker Exp $ .\" -.Dd $Mdocdate: June 9 2018 $ +.Dd $Mdocdate: July 19 2018 $ .Dt SCP 1 .Os .Sh NAME @@ -177,7 +177,6 @@ For full details of the options listed below, and their possible values, see .It StrictHostKeyChecking .It TCPKeepAlive .It UpdateHostKeys -.It UsePrivilegedPort .It User .It UserKnownHostsFile .It VerifyHostKeyDNS diff --git a/sftp.1 b/sftp.1 index 1e21e2023..2ae5e354e 100644 --- a/sftp.1 +++ b/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.116 2018/06/09 06:36:31 jmc Exp $ +.\" $OpenBSD: sftp.1,v 1.117 2018/07/19 10:28:47 dtucker Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 9 2018 $ +.Dd $Mdocdate: July 19 2018 $ .Dt SFTP 1 .Os .Sh NAME @@ -247,7 +247,6 @@ For full details of the options listed below, and their possible values, see .It StrictHostKeyChecking .It TCPKeepAlive .It UpdateHostKeys -.It UsePrivilegedPort .It User .It UserKnownHostsFile .It VerifyHostKeyDNS diff --git a/ssh.1 b/ssh.1 index 40b4bfb16..b20908a5e 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.395 2018/06/09 06:36:31 jmc Exp $ -.Dd $Mdocdate: June 9 2018 $ +.\" $OpenBSD: ssh.1,v 1.396 2018/07/19 10:28:47 dtucker Exp $ +.Dd $Mdocdate: July 19 2018 $ .Dt SSH 1 .Os .Sh NAME @@ -535,7 +535,6 @@ For full details of the options listed below, and their possible values, see .It Tunnel .It TunnelDevice .It UpdateHostKeys -.It UsePrivilegedPort .It User .It UserKnownHostsFile .It VerifyHostKeyDNS diff --git a/ssh.c b/ssh.c index 49a9fab20..a95d0cf93 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.487 2018/07/18 11:34:04 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.488 2018/07/19 10:28:47 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -733,7 +733,6 @@ main(int ac, char **av) fatal("Invalid multiplex command."); break; case 'P': /* deprecated */ - options.use_privileged_port = 0; break; case 'Q': cp = NULL; @@ -1236,10 +1235,6 @@ main(int ac, char **av) } if (options.connection_attempts <= 0) fatal("Invalid number of ConnectionAttempts"); -#ifndef HAVE_CYGWIN - if (original_effective_uid != 0) - options.use_privileged_port = 0; -#endif if (sshbuf_len(command) != 0 && options.remote_command != NULL) fatal("Cannot execute command-line and remote command."); @@ -1376,8 +1371,7 @@ main(int ac, char **av) /* Open a connection to the remote host. */ if (ssh_connect(ssh, host, addrs, &hostaddr, options.port, options.address_family, options.connection_attempts, - &timeout_ms, options.tcp_keep_alive, - options.use_privileged_port) != 0) + &timeout_ms, options.tcp_keep_alive) != 0) exit(255); if (addrs != NULL) diff --git a/ssh_config.5 b/ssh_config.5 index df94d60db..0e5bb9078 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.279 2018/07/04 13:49:31 djm Exp $ -.Dd $Mdocdate: July 4 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.280 2018/07/19 10:28:47 dtucker Exp $ +.Dd $Mdocdate: July 19 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -258,17 +258,9 @@ or Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than one address. -Note that this option does not work if -.Cm UsePrivilegedPort -is set to -.Cm yes . .It Cm BindInterface Use the address of the specified interface on the local machine as the source address of the connection. -Note that this option does not work if -.Cm UsePrivilegedPort -is set to -.Cm yes . .It Cm CanonicalDomains When .Cm CanonicalizeHostname @@ -1603,17 +1595,6 @@ Presently, only from OpenSSH 6.8 and greater support the .Qq hostkeys@openssh.com protocol extension used to inform the client of all the server's hostkeys. -.It Cm UsePrivilegedPort -Specifies whether to use a privileged port for outgoing connections. -The argument must be -.Cm yes -or -.Cm no -(the default). -If set to -.Cm yes , -.Xr ssh 1 -must be setuid root. .It Cm User Specifies the user to log in as. This can be useful when a different user name is used on different machines. diff --git a/sshconnect.c b/sshconnect.c index 9fa95e1e3..3f45e0ba0 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.301 2018/07/18 11:34:04 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.302 2018/07/19 10:28:47 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -330,10 +330,10 @@ check_ifaddrs(const char *ifname, int af, const struct ifaddrs *ifaddrs, #endif /* - * Creates a (possibly privileged) socket for use as the ssh connection. + * Creates a ocket for use as the ssh connection. */ static int -ssh_create_socket(int privileged, struct addrinfo *ai) +ssh_create_socket(struct addrinfo *ai) { int sock, r; struct sockaddr_storage bindaddr; @@ -352,8 +352,7 @@ ssh_create_socket(int privileged, struct addrinfo *ai) fcntl(sock, F_SETFD, FD_CLOEXEC); /* Bind the socket to an alternative local IP address */ - if (options.bind_address == NULL && options.bind_interface == NULL && - !privileged) + if (options.bind_address == NULL && options.bind_interface == NULL) return sock; if (options.bind_address != NULL) { @@ -492,9 +491,7 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, /* * Opens a TCP/IP connection to the remote server on the given host. * The address of the remote host will be returned in hostaddr. - * If port is 0, the default port will be used. If needpriv is true, - * a privileged port will be allocated to make the connection. - * This requires super-user privileges if needpriv is true. + * If port is 0, the default port will be used. * Connection_attempts specifies the maximum number of tries (one per * second). If proxy_command is non-NULL, it specifies the command (with %h * and %p substituted for host and port, respectively) to use to contact @@ -503,14 +500,14 @@ timeout_connect(int sockfd, const struct sockaddr *serv_addr, static int ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, struct sockaddr_storage *hostaddr, u_short port, int family, - int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv) + int connection_attempts, int *timeout_ms, int want_keepalive) { int on = 1; int oerrno, sock = -1, attempt; char ntop[NI_MAXHOST], strport[NI_MAXSERV]; struct addrinfo *ai; - debug2("%s: needpriv %d", __func__, needpriv); + debug2("%s", __func__); memset(ntop, 0, sizeof(ntop)); memset(strport, 0, sizeof(strport)); @@ -542,7 +539,7 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, host, ntop, strport); /* Create a socket for connecting. */ - sock = ssh_create_socket(needpriv, ai); + sock = ssh_create_socket(ai); if (sock < 0) { /* Any error is already output */ errno = 0; @@ -592,12 +589,11 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, int ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs, struct sockaddr_storage *hostaddr, u_short port, int family, - int connection_attempts, int *timeout_ms, int want_keepalive, int needpriv) + int connection_attempts, int *timeout_ms, int want_keepalive) { if (options.proxy_command == NULL) { return ssh_connect_direct(ssh, host, addrs, hostaddr, port, - family, connection_attempts, timeout_ms, want_keepalive, - needpriv); + family, connection_attempts, timeout_ms, want_keepalive); } else if (strcmp(options.proxy_command, "-") == 0) { if ((ssh_packet_set_connection(ssh, STDIN_FILENO, STDOUT_FILENO)) == NULL) diff --git a/sshconnect.h b/sshconnect.h index 05a1fb327..890d85733 100644 --- a/sshconnect.h +++ b/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.34 2018/07/18 11:34:04 dtucker Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.35 2018/07/19 10:28:47 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -34,7 +34,7 @@ struct addrinfo; struct ssh; int ssh_connect(struct ssh *, const char *, struct addrinfo *, - struct sockaddr_storage *, u_short, int, int, int *, int, int); + struct sockaddr_storage *, u_short, int, int, int *, int); void ssh_kill_proxy_command(void); void ssh_login(Sensitive *, const char *, struct sockaddr *, u_short, -- cgit v1.2.3 From 73ddb25bae4c33a0db361ac13f2e3a60d7c6c4a5 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 27 Jul 2018 05:13:02 +0000 Subject: upstream: Remove uid checks from low port binds. Now that ssh cannot be setuid and sshd always has privsep on, we can remove the uid checks for low port binds and just let the system do the check. We leave a sanity check for the !privsep case so long as the code is stil there. with & ok djm@ OpenBSD-Commit-ID: 9535cfdbd1cd54486fdbedfaee44ce4367ec7ca0 --- misc.c | 11 +---------- misc.h | 3 +-- readconf.c | 5 +---- serverloop.c | 13 ++++++++++++- 4 files changed, 15 insertions(+), 17 deletions(-) (limited to 'readconf.c') diff --git a/misc.c b/misc.c index 6b093f21b..ae4d29b84 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.130 2018/07/18 11:34:04 dtucker Exp $ */ +/* $OpenBSD: misc.c,v 1.131 2018/07/27 05:13:02 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -1576,15 +1576,6 @@ forward_equals(const struct Forward *a, const struct Forward *b) return 1; } -/* returns 1 if bind to specified port by specified user is permitted */ -int -bind_permitted(int port, uid_t uid) -{ - if (port < IPPORT_RESERVED && uid != 0) - return 0; - return 1; -} - /* returns 1 if process is already daemonized, 0 otherwise */ int daemonized(void) diff --git a/misc.h b/misc.h index 837b005aa..6be289fd2 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.73 2018/06/09 03:01:12 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.74 2018/07/27 05:13:02 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -31,7 +31,6 @@ struct Forward { }; int forward_equals(const struct Forward *, const struct Forward *); -int bind_permitted(int, uid_t); int daemonized(void); /* Common server and client forwarding options. */ diff --git a/readconf.c b/readconf.c index ce832526a..d9b6e4cf9 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.294 2018/07/19 10:28:47 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.295 2018/07/27 05:13:02 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -323,9 +323,6 @@ add_local_forward(Options *options, const struct Forward *newfwd) extern uid_t original_real_uid; int i; - if (!bind_permitted(newfwd->listen_port, original_real_uid) && - newfwd->listen_path == NULL) - fatal("Privileged ports can only be forwarded by root."); /* Don't add duplicates */ for (i = 0; i < options->num_local_forwards; i++) { if (forward_equals(newfwd, options->local_forwards + i)) diff --git a/serverloop.c b/serverloop.c index cf18e387e..7be83e2d3 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.208 2018/07/11 18:53:29 markus Exp $ */ +/* $OpenBSD: serverloop.c,v 1.209 2018/07/27 05:13:02 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -103,6 +103,17 @@ static void server_init_dispatch(void); /* requested tunnel forwarding interface(s), shared with session.c */ char *tun_fwd_ifnames = NULL; +/* returns 1 if bind to specified port by specified user is permitted */ +static int +bind_permitted(int port, uid_t uid) +{ + if (use_privsep) + return 1; /* allow system to decide */ + if (port < IPPORT_RESERVED && uid != 0) + return 0; + return 1; +} + /* * we write to this pipe if a SIGCHLD is caught in order to avoid * the race between select() and child_terminated -- cgit v1.2.3 From e655ee04a3cb7999dbf9641b25192353e2b69418 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 27 Jul 2018 05:34:42 +0000 Subject: upstream: Now that ssh can't be setuid, remove the original_real_uid and original_effective_uid globals and replace with calls to plain getuid(). ok djm@ OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c --- readconf.c | 4 +--- ssh-keysign.c | 10 ++-------- ssh.c | 31 +++++++++---------------------- sshconnect.c | 4 +--- 4 files changed, 13 insertions(+), 36 deletions(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index d9b6e4cf9..4ab312fff 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.295 2018/07/27 05:13:02 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.296 2018/07/27 05:34:42 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -320,7 +320,6 @@ void add_local_forward(Options *options, const struct Forward *newfwd) { struct Forward *fwd; - extern uid_t original_real_uid; int i; /* Don't add duplicates */ @@ -480,7 +479,6 @@ execute_in_shell(const char *cmd) char *shell; pid_t pid; int devnull, status; - extern uid_t original_real_uid; if ((shell = getenv("SHELL")) == NULL) shell = _PATH_BSHELL; diff --git a/ssh-keysign.c b/ssh-keysign.c index 78bb66b08..744ecb4f9 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keysign.c,v 1.54 2018/02/23 15:58:38 markus Exp $ */ +/* $OpenBSD: ssh-keysign.c,v 1.55 2018/07/27 05:34:42 dtucker Exp $ */ /* * Copyright (c) 2002 Markus Friedl. All rights reserved. * @@ -62,11 +62,6 @@ struct ssh *active_state = NULL; /* XXX needed for linking */ extern char *__progname; -/* XXX readconf.c needs these */ -uid_t original_real_uid; - -extern char *__progname; - static int valid_request(struct passwd *pw, char *host, struct sshkey **ret, u_char *data, size_t datalen) @@ -201,8 +196,7 @@ main(int argc, char **argv) key_fd[i++] = open(_PATH_HOST_XMSS_KEY_FILE, O_RDONLY); key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); - original_real_uid = getuid(); /* XXX readconf.c needs this */ - if ((pw = getpwuid(original_real_uid)) == NULL) + if ((pw = getpwuid(getuid())) == NULL) fatal("getpwuid failed"); pw = pwcopy(pw); diff --git a/ssh.c b/ssh.c index c08693d30..ce628848c 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.489 2018/07/25 13:10:56 beck Exp $ */ +/* $OpenBSD: ssh.c,v 1.490 2018/07/27 05:34:42 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -177,10 +177,6 @@ struct sockaddr_storage hostaddr; /* Private host keys. */ Sensitive sensitive_data; -/* Original real UID. */ -uid_t original_real_uid; -uid_t original_effective_uid; - /* command to be executed */ struct sshbuf *command; @@ -223,7 +219,7 @@ tilde_expand_paths(char **paths, u_int num_paths) char *cp; for (i = 0; i < num_paths; i++) { - cp = tilde_expand_filename(paths[i], original_real_uid); + cp = tilde_expand_filename(paths[i], getuid()); free(paths[i]); paths[i] = cp; } @@ -620,17 +616,10 @@ main(int ac, char **av) */ closefrom(STDERR_FILENO + 1); - /* - * Save the original real uid. It will be needed later (uid-swapping - * may clobber the real uid). - */ - original_real_uid = getuid(); - original_effective_uid = geteuid(); - /* Get user data. */ - pw = getpwuid(original_real_uid); + pw = getpwuid(getuid()); if (!pw) { - logit("No user exists for uid %lu", (u_long)original_real_uid); + logit("No user exists for uid %lu", (u_long)getuid()); exit(255); } /* Take a copy of the returned structure. */ @@ -773,7 +762,7 @@ main(int ac, char **av) options.gss_deleg_creds = 1; break; case 'i': - p = tilde_expand_filename(optarg, original_real_uid); + p = tilde_expand_filename(optarg, getuid()); if (stat(p, &st) < 0) fprintf(stderr, "Warning: Identity file %s " "not accessible: %s.\n", p, @@ -1321,8 +1310,7 @@ main(int ac, char **av) } if (options.control_path != NULL) { - cp = tilde_expand_filename(options.control_path, - original_real_uid); + cp = tilde_expand_filename(options.control_path, getuid()); free(options.control_path); options.control_path = percent_expand(cp, "C", conn_hash_hex, @@ -1450,7 +1438,7 @@ main(int ac, char **av) unsetenv(SSH_AUTHSOCKET_ENV_NAME); } else { p = tilde_expand_filename(options.identity_agent, - original_real_uid); + getuid()); cp = percent_expand(p, "d", pw->pw_dir, "h", host, @@ -2018,8 +2006,7 @@ load_public_identity_files(struct passwd *pw) options.identity_files[i] = NULL; continue; } - cp = tilde_expand_filename(options.identity_files[i], - original_real_uid); + cp = tilde_expand_filename(options.identity_files[i], getuid()); filename = percent_expand(cp, "d", pw->pw_dir, "u", pw->pw_name, "l", thishost, "h", host, "r", options.user, (char *)NULL); @@ -2070,7 +2057,7 @@ load_public_identity_files(struct passwd *pw) fatal("%s: too many certificates", __func__); for (i = 0; i < options.num_certificate_files; i++) { cp = tilde_expand_filename(options.certificate_files[i], - original_real_uid); + getuid()); filename = percent_expand(cp, "d", pw->pw_dir, "h", host, diff --git a/sshconnect.c b/sshconnect.c index 64250dab1..78813c164 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.303 2018/07/19 23:03:16 dtucker Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.304 2018/07/27 05:34:42 dtucker Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -80,8 +80,6 @@ static pid_t proxy_command_pid = 0; /* import */ extern Options options; extern char *__progname; -extern uid_t original_real_uid; -extern uid_t original_effective_uid; static int show_other_keys(struct hostkeys *, struct sshkey *); static void warn_changed_key(struct sshkey *); -- cgit v1.2.3 From 87f08be054b7eeadbb9cdeb3fb4872be79ccf218 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 20 Jul 2018 13:18:28 +1000 Subject: Remove support for S/Key Most people will 1) be using modern multi-factor authentication methods like TOTP/OATH etc and 2) be getting support for multi-factor authentication via PAM or BSD Auth. --- INSTALL | 10 --------- Makefile.in | 2 +- TODO | 2 +- auth.h | 4 ---- auth2-chall.c | 14 +----------- configure.ac | 50 ------------------------------------------- defines.h | 6 ------ monitor.c | 66 --------------------------------------------------------- monitor.h | 2 -- monitor_wrap.c | 67 ---------------------------------------------------------- monitor_wrap.h | 4 ---- readconf.c | 2 +- servconf.c | 2 +- ssh_config.5 | 5 ++--- sshd_config.5 | 5 ++--- 15 files changed, 9 insertions(+), 232 deletions(-) (limited to 'readconf.c') diff --git a/INSTALL b/INSTALL index d5275113b..3fd265dbf 100644 --- a/INSTALL +++ b/INSTALL @@ -66,13 +66,6 @@ passphrase requester. This is maintained separately at: http://www.jmknoble.net/software/x11-ssh-askpass/ -S/Key Libraries: - -If you wish to use --with-skey then you will need the library below -installed. No other S/Key library is currently known to be supported. - -http://www.sparc.spb.su/solaris/skey/ - LibEdit: sftp supports command-line editing via NetBSD's libedit. If your platform @@ -184,9 +177,6 @@ it if lastlog is installed in a different place. --with-osfsia, --without-osfsia will enable or disable OSF1's Security Integration Architecture. The default for OSF1 machines is enable. ---with-skey=PATH will enable S/Key one time password support. You will -need the S/Key libraries and header files installed for this to work. - --with-md5-passwords will enable the use of MD5 passwords. Enable this if your operating system uses MD5 passwords and the system crypt() does not support them directly (see the crypt(3/3c) man page). If enabled, the diff --git a/Makefile.in b/Makefile.in index c3b67aa61..ac744cbd2 100644 --- a/Makefile.in +++ b/Makefile.in @@ -110,7 +110,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o \ sshpty.o sshlogin.o servconf.o serverloop.o \ auth.o auth2.o auth-options.o session.o \ auth2-chall.o groupaccess.o \ - auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ + auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o \ monitor.o monitor_wrap.o auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o \ diff --git a/TODO b/TODO index 771162b30..b76529c96 100644 --- a/TODO +++ b/TODO @@ -35,7 +35,7 @@ Programming: - Use different PAM service name for kbdint vs regular auth (suggest from Solar Designer) - Ability to select which ChallengeResponseAuthentications may be used - and order to try them in e.g. "ChallengeResponseAuthentication skey, pam" + and order to try them in e.g. "ChallengeResponseAuthentication pam" - Complete Tru64 SIA support - It looks like we could merge it into the password auth code to cut down diff --git a/auth.h b/auth.h index 29491df98..977562f0a 100644 --- a/auth.h +++ b/auth.h @@ -187,8 +187,6 @@ int auth2_challenge(struct ssh *, char *); void auth2_challenge_stop(struct ssh *); int bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); int bsdauth_respond(void *, u_int, char **); -int skey_query(void *, char **, char **, u_int *, char ***, u_int **); -int skey_respond(void *, u_int, char **); int allowed_user(struct passwd *); struct passwd * getpwnamallow(const char *user); @@ -239,8 +237,6 @@ pid_t subprocess(const char *, struct passwd *, int sys_auth_passwd(struct ssh *, const char *); -#define SKEY_PROMPT "\nS/Key Password: " - #if defined(KRB5) && !defined(HEIMDAL) #include krb5_error_code ssh_krb5_cc_gen(krb5_context, krb5_ccache *); diff --git a/auth2-chall.c b/auth2-chall.c index 4fd18f467..2d5cff448 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -58,9 +58,6 @@ extern KbdintDevice bsdauth_device; #ifdef USE_PAM extern KbdintDevice sshpam_device; #endif -#ifdef SKEY -extern KbdintDevice skey_device; -#endif #endif KbdintDevice *devices[] = { @@ -70,9 +67,6 @@ KbdintDevice *devices[] = { #ifdef USE_PAM &sshpam_device, #endif -#ifdef SKEY - &skey_device, -#endif #endif NULL }; @@ -369,7 +363,7 @@ input_userauth_info_response(int type, u_int32_t seq, struct ssh *ssh) void privsep_challenge_enable(void) { -#if defined(BSD_AUTH) || defined(USE_PAM) || defined(SKEY) +#if defined(BSD_AUTH) || defined(USE_PAM) int n = 0; #endif #ifdef BSD_AUTH @@ -378,9 +372,6 @@ privsep_challenge_enable(void) #ifdef USE_PAM extern KbdintDevice mm_sshpam_device; #endif -#ifdef SKEY - extern KbdintDevice mm_skey_device; -#endif #ifdef BSD_AUTH devices[n++] = &mm_bsdauth_device; @@ -388,8 +379,5 @@ privsep_challenge_enable(void) #ifdef USE_PAM devices[n++] = &mm_sshpam_device; #endif -#ifdef SKEY - devices[n++] = &mm_skey_device; -#endif #endif } diff --git a/configure.ac b/configure.ac index 8c6827a7b..c4c759d4e 100644 --- a/configure.ac +++ b/configure.ac @@ -1495,55 +1495,6 @@ else AC_MSG_RESULT([no]) fi -# Check whether user wants S/Key support -SKEY_MSG="no" -AC_ARG_WITH([skey], - [ --with-skey[[=PATH]] Enable S/Key support (optionally in PATH)], - [ - if test "x$withval" != "xno" ; then - - if test "x$withval" != "xyes" ; then - CPPFLAGS="$CPPFLAGS -I${withval}/include" - LDFLAGS="$LDFLAGS -L${withval}/lib" - fi - - AC_DEFINE([SKEY], [1], [Define if you want S/Key support]) - LIBS="-lskey $LIBS" - SKEY_MSG="yes" - - AC_MSG_CHECKING([for s/key support]) - AC_LINK_IFELSE( - [AC_LANG_PROGRAM([[ -#include -#include - ]], [[ - char *ff = skey_keyinfo(""); ff=""; - exit(0); - ]])], - [AC_MSG_RESULT([yes])], - [ - AC_MSG_RESULT([no]) - AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) - ]) - AC_MSG_CHECKING([if skeychallenge takes 4 arguments]) - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ -#include -#include - ]], [[ - (void)skeychallenge(NULL,"name","",0); - ]])], - [ - AC_MSG_RESULT([yes]) - AC_DEFINE([SKEYCHALLENGE_4ARG], [1], - [Define if your skeychallenge() - function takes 4 arguments (NetBSD)])], - [ - AC_MSG_RESULT([no]) - ]) - fi - ] -) - # Check whether user wants to use ldns LDNS_MSG="no" AC_ARG_WITH(ldns, @@ -5219,7 +5170,6 @@ echo " PAM support: $PAM_MSG" echo " OSF SIA support: $SIA_MSG" echo " KerberosV support: $KRB5_MSG" echo " SELinux support: $SELINUX_MSG" -echo " S/KEY support: $SKEY_MSG" echo " MD5 password support: $MD5_MSG" echo " libedit support: $LIBEDIT_MSG" echo " libldns support: $LDNS_MSG" diff --git a/defines.h b/defines.h index 3fa5ec5a9..8f4213062 100644 --- a/defines.h +++ b/defines.h @@ -660,12 +660,6 @@ struct winsize { # define krb5_get_err_text(context,code) error_message(code) #endif -#if defined(SKEYCHALLENGE_4ARG) -# define _compat_skeychallenge(a,b,c,d) skeychallenge(a,b,c,d) -#else -# define _compat_skeychallenge(a,b,c,d) skeychallenge(a,b,c) -#endif - /* Maximum number of file descriptors available */ #ifdef HAVE_SYSCONF # define SSH_SYSFDMAX sysconf(_SC_OPEN_MAX) diff --git a/monitor.c b/monitor.c index 78f9c5038..d4b4b0471 100644 --- a/monitor.c +++ b/monitor.c @@ -56,10 +56,6 @@ # endif #endif -#ifdef SKEY -#include -#endif - #ifdef WITH_OPENSSL #include #endif @@ -122,8 +118,6 @@ int mm_answer_authserv(int, struct sshbuf *); int mm_answer_authpassword(int, struct sshbuf *); int mm_answer_bsdauthquery(int, struct sshbuf *); int mm_answer_bsdauthrespond(int, struct sshbuf *); -int mm_answer_skeyquery(int, struct sshbuf *); -int mm_answer_skeyrespond(int, struct sshbuf *); int mm_answer_keyallowed(int, struct sshbuf *); int mm_answer_keyverify(int, struct sshbuf *); int mm_answer_pty(int, struct sshbuf *); @@ -211,10 +205,6 @@ struct mon_table mon_dispatch_proto20[] = { #ifdef BSD_AUTH {MONITOR_REQ_BSDAUTHQUERY, MON_ISAUTH, mm_answer_bsdauthquery}, {MONITOR_REQ_BSDAUTHRESPOND, MON_AUTH, mm_answer_bsdauthrespond}, -#endif -#ifdef SKEY - {MONITOR_REQ_SKEYQUERY, MON_ISAUTH, mm_answer_skeyquery}, - {MONITOR_REQ_SKEYRESPOND, MON_AUTH, mm_answer_skeyrespond}, #endif {MONITOR_REQ_KEYALLOWED, MON_ISAUTH, mm_answer_keyallowed}, {MONITOR_REQ_KEYVERIFY, MON_AUTH, mm_answer_keyverify}, @@ -960,62 +950,6 @@ mm_answer_bsdauthrespond(int sock, struct sshbuf *m) } #endif -#ifdef SKEY -int -mm_answer_skeyquery(int sock, struct sshbuf *m) -{ - struct skey skey; - char challenge[1024]; - u_int success; - int r; - - success = _compat_skeychallenge(&skey, authctxt->user, challenge, - sizeof(challenge)) < 0 ? 0 : 1; - - sshbuf_reset(m); - if ((r = sshbuf_put_u32(m, success)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (success) { - if ((r = sshbuf_put_cstring(m, challenge)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - } - debug3("%s: sending challenge success: %u", __func__, success); - mm_request_send(sock, MONITOR_ANS_SKEYQUERY, m); - - return (0); -} - -int -mm_answer_skeyrespond(int sock, struct sshbuf *m) -{ - char *response; - size_t rlen; - int authok, r; - - if ((r = sshbuf_get_cstring(m, &response, &rlen)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - authok = (options.challenge_response_authentication && - authctxt->valid && - skey_haskey(authctxt->pw->pw_name) == 0 && - skey_passcheck(authctxt->pw->pw_name, response) != -1); - - freezero(response, rlen); - - sshbuf_reset(m); - if ((r = sshbuf_put_u32(m, authok)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - - debug3("%s: sending authenticated: %d", __func__, authok); - mm_request_send(sock, MONITOR_ANS_SKEYRESPOND, m); - - auth_method = "keyboard-interactive"; - auth_submethod = "skey"; - - return (authok != 0); -} -#endif - #ifdef USE_PAM int mm_answer_pam_start(int sock, struct sshbuf *m) diff --git a/monitor.h b/monitor.h index 0c7635000..16047299f 100644 --- a/monitor.h +++ b/monitor.h @@ -39,8 +39,6 @@ enum monitor_reqtype { MONITOR_REQ_AUTHPASSWORD = 12, MONITOR_ANS_AUTHPASSWORD = 13, MONITOR_REQ_BSDAUTHQUERY = 14, MONITOR_ANS_BSDAUTHQUERY = 15, MONITOR_REQ_BSDAUTHRESPOND = 16, MONITOR_ANS_BSDAUTHRESPOND = 17, - MONITOR_REQ_SKEYQUERY = 18, MONITOR_ANS_SKEYQUERY = 19, - MONITOR_REQ_SKEYRESPOND = 20, MONITOR_ANS_SKEYRESPOND = 21, MONITOR_REQ_KEYALLOWED = 22, MONITOR_ANS_KEYALLOWED = 23, MONITOR_REQ_KEYVERIFY = 24, MONITOR_ANS_KEYVERIFY = 25, MONITOR_REQ_KEYEXPORT = 26, diff --git a/monitor_wrap.c b/monitor_wrap.c index 3cb26c2ac..732fb3476 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -867,73 +867,6 @@ mm_bsdauth_respond(void *ctx, u_int numresponses, char **responses) return ((authok == 0) ? -1 : 0); } -#ifdef SKEY -int -mm_skey_query(void *ctx, char **name, char **infotxt, - u_int *numprompts, char ***prompts, u_int **echo_on) -{ - struct sshbuf *m; - u_int success; - char *challenge; - int r; - - debug3("%s: entering", __func__); - - if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYQUERY, m); - - mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_SKEYQUERY, m); - if ((r = sshbuf_get_u32(m, &success)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - if (success == 0) { - debug3("%s: no challenge", __func__); - sshbuf_free(m); - return (-1); - } - - /* Get the challenge, and format the response */ - if ((r = sshbuf_get_cstring(m, &challenge, NULL)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - sshbuf_free(m); - - debug3("%s: received challenge: %s", __func__, challenge); - - mm_chall_setup(name, infotxt, numprompts, prompts, echo_on); - - xasprintf(*prompts, "%s%s", challenge, SKEY_PROMPT); - free(challenge); - - return (0); -} - -int -mm_skey_respond(void *ctx, u_int numresponses, char **responses) -{ - struct sshbuf *m; - int authok, r; - - debug3("%s: entering", __func__); - if (numresponses != 1) - return (-1); - - if ((m = sshbuf_new()) == NULL) - fatal("%s: sshbuf_new failed", __func__); - if ((r = sshbuf_put_cstring(m, responses[0])) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_SKEYRESPOND, m); - - mm_request_receive_expect(pmonitor->m_recvfd, - MONITOR_ANS_SKEYRESPOND, m); - - if ((r = sshbuf_get_u32(m, &authok)) != 0) - fatal("%s: buffer error: %s", __func__, ssh_err(r)); - sshbuf_free(m); - - return ((authok == 0) ? -1 : 0); -} -#endif /* SKEY */ - #ifdef SSH_AUDIT_EVENTS void mm_audit_event(ssh_audit_event_t event) diff --git a/monitor_wrap.h b/monitor_wrap.h index a3ac17d1d..644da081d 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -97,8 +97,4 @@ void mm_send_keystate(struct monitor*); int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); int mm_bsdauth_respond(void *, u_int, char **); -/* skey */ -int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); -int mm_skey_respond(void *, u_int, char **); - #endif /* _MM_WRAP_H_ */ diff --git a/readconf.c b/readconf.c index 4ab312fff..4b11bab5e 100644 --- a/readconf.c +++ b/readconf.c @@ -230,7 +230,7 @@ static struct { { "dsaauthentication", oPubkeyAuthentication }, /* alias */ { "hostbasedauthentication", oHostbasedAuthentication }, { "challengeresponseauthentication", oChallengeResponseAuthentication }, - { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */ + { "skeyauthentication", oUnsupported }, { "tisauthentication", oChallengeResponseAuthentication }, /* alias */ { "identityfile", oIdentityFile }, { "identityfile2", oIdentityFile }, /* obsolete */ diff --git a/servconf.c b/servconf.c index aafefde93..f1010b3b9 100644 --- a/servconf.c +++ b/servconf.c @@ -564,7 +564,7 @@ static struct { { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, - { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */ + { "skeyauthentication", sDeprecated, SSHCFG_GLOBAL }, { "checkmail", sDeprecated, SSHCFG_GLOBAL }, { "listenaddress", sListenAddress, SSHCFG_GLOBAL }, { "addressfamily", sAddressFamily, SSHCFG_GLOBAL }, diff --git a/ssh_config.5 b/ssh_config.5 index fe52578f4..f499396a3 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -997,10 +997,9 @@ The default is to use the server specified list. The methods available vary depending on what the server supports. For an OpenSSH server, it may be zero or more of: -.Cm bsdauth , -.Cm pam , +.Cm bsdauth and -.Cm skey . +.Cm pam . .It Cm KexAlgorithms Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms must be comma-separated. diff --git a/sshd_config.5 b/sshd_config.5 index 02d8e436b..e1b54ba20 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -205,10 +205,9 @@ keyboard-interactive authentication before public key. For keyboard interactive authentication it is also possible to restrict authentication to a specific device by appending a colon followed by the device identifier -.Cm bsdauth , -.Cm pam , +.Cm bsdauth or -.Cm skey , +.Cm pam . depending on the server configuration. For example, .Qq keyboard-interactive:bsdauth -- cgit v1.2.3 From 1b9dd4aa15208100fbc3650f33ea052255578282 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 12 Aug 2018 20:19:13 +0000 Subject: upstream: better diagnosics on alg list assembly errors; ok deraadt@ markus@ OpenBSD-Commit-ID: 5a557e74b839daf13cc105924d2af06a1560faee --- readconf.c | 27 +++++++++++++++------------ servconf.c | 28 ++++++++++++++-------------- 2 files changed, 29 insertions(+), 26 deletions(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index 4b11bab5e..db5f2d547 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.296 2018/07/27 05:34:42 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.297 2018/08/12 20:19:13 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -53,6 +53,7 @@ #include "xmalloc.h" #include "ssh.h" +#include "ssherr.h" #include "compat.h" #include "cipher.h" #include "pathnames.h" @@ -1924,6 +1925,7 @@ void fill_default_options(Options * options) { char *all_cipher, *all_mac, *all_kex, *all_key; + int r; if (options->forward_agent == -1) options->forward_agent = 0; @@ -2075,17 +2077,18 @@ fill_default_options(Options * options) all_mac = mac_alg_list(','); all_kex = kex_alg_list(','); all_key = sshkey_alg_list(0, 0, 1, ','); - if (kex_assemble_names(&options->ciphers, - KEX_CLIENT_ENCRYPT, all_cipher) != 0 || - kex_assemble_names(&options->macs, - KEX_CLIENT_MAC, all_mac) != 0 || - kex_assemble_names(&options->kex_algorithms, - KEX_CLIENT_KEX, all_kex) != 0 || - kex_assemble_names(&options->hostbased_key_types, - KEX_DEFAULT_PK_ALG, all_key) != 0 || - kex_assemble_names(&options->pubkey_key_types, - KEX_DEFAULT_PK_ALG, all_key) != 0) - fatal("%s: kex_assemble_names failed", __func__); +#define ASSEMBLE(what, defaults, all) \ + do { \ + if ((r = kex_assemble_names(&options->what, \ + defaults, all)) != 0) \ + fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ + } while (0) + ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); + ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); + ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); + ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); + ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); +#undef ASSEMBLE free(all_cipher); free(all_mac); free(all_kex); diff --git a/servconf.c b/servconf.c index f1010b3b9..c0f6af0be 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.339 2018/07/11 18:53:29 markus Exp $ */ +/* $OpenBSD: servconf.c,v 1.340 2018/08/12 20:19:13 djm Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -192,24 +192,24 @@ static void assemble_algorithms(ServerOptions *o) { char *all_cipher, *all_mac, *all_kex, *all_key; + int r; all_cipher = cipher_alg_list(',', 0); all_mac = mac_alg_list(','); all_kex = kex_alg_list(','); all_key = sshkey_alg_list(0, 0, 1, ','); - if (kex_assemble_names(&o->ciphers, - KEX_SERVER_ENCRYPT, all_cipher) != 0 || - kex_assemble_names(&o->macs, - KEX_SERVER_MAC, all_mac) != 0 || - kex_assemble_names(&o->kex_algorithms, - KEX_SERVER_KEX, all_kex) != 0 || - kex_assemble_names(&o->hostkeyalgorithms, - KEX_DEFAULT_PK_ALG, all_key) != 0 || - kex_assemble_names(&o->hostbased_key_types, - KEX_DEFAULT_PK_ALG, all_key) != 0 || - kex_assemble_names(&o->pubkey_key_types, - KEX_DEFAULT_PK_ALG, all_key) != 0) - fatal("kex_assemble_names failed"); +#define ASSEMBLE(what, defaults, all) \ + do { \ + if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \ + fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \ + } while (0) + ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher); + ASSEMBLE(macs, KEX_SERVER_MAC, all_mac); + ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex); + ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key); + ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key); + ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key); +#undef ASSEMBLE free(all_cipher); free(all_mac); free(all_kex); -- cgit v1.2.3