From 68d3a2a059183ebd83b15e54984ffaced04d2742 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 28 Apr 2017 03:20:27 +0000 Subject: upstream commit Add SyslogFacility option to ssh(1) matching the equivalent option in sshd(8). bz#2705, patch from erahn at arista.com, ok djm@ Upstream-ID: d5115c2c0193ceb056ed857813b2a7222abda9ed --- readconf.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'readconf.h') diff --git a/readconf.h b/readconf.h index cef55f71c..d62428101 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.117 2016/07/15 00:24:30 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.118 2017/04/28 03:20:27 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -59,6 +59,7 @@ typedef struct { int tcp_keep_alive; /* Set SO_KEEPALIVE. */ int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ + SyslogFacility log_facility; /* Facility for system logging. */ LogLevel log_level; /* Level for logging. */ int port; /* Port to connect. */ -- cgit v1.2.3 From 99f95ba82673d33215dce17bfa1512b57f54ec09 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 30 Apr 2017 23:11:45 +0000 Subject: upstream commit remove options.protocol and client Protocol configuration knob ok markus@ Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366 --- compat.c | 4 +--- readconf.c | 57 +++++++++++---------------------------------------------- readconf.h | 3 +-- ssh.c | 6 +++--- sshconnect.c | 49 ++++++++++--------------------------------------- 5 files changed, 26 insertions(+), 93 deletions(-) (limited to 'readconf.h') diff --git a/compat.c b/compat.c index aa50d2ce8..945fd349b 100644 --- a/compat.c +++ b/compat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: compat.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: compat.c,v 1.102 2017/04/30 23:11:45 djm Exp $ */ /* * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved. * @@ -232,8 +232,6 @@ proto_spec(const char *spec) return ret; for ((p = strsep(&q, SEP)); p && *p != '\0'; (p = strsep(&q, SEP))) { switch (atoi(p)) { - case 1: - break; case 2: ret |= SSH_PROTO_2; break; diff --git a/readconf.c b/readconf.c index 975f00ff4..963c648b9 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.272 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.273 2017/04/30 23:11:45 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -152,7 +152,7 @@ typedef enum { oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts, - oUsePrivilegedPort, oLogFacility, oLogLevel, oCiphers, oProtocol, oMacs, + oUsePrivilegedPort, oLogFacility, oLogLevel, oCiphers, oMacs, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, @@ -171,7 +171,7 @@ typedef enum { oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, oPubkeyAcceptedKeyTypes, oProxyJump, - oIgnoredUnknownOption, oDeprecated, oUnsupported + oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; /* Textual representations of the tokens. */ @@ -181,6 +181,7 @@ static struct { OpCodes opcode; } keywords[] = { /* Deprecated options */ + { "protocol", oIgnore }, /* NB. silently ignored */ { "fallbacktorsh", oDeprecated }, { "globalknownhostsfile2", oDeprecated }, { "rhostsauthentication", oDeprecated }, @@ -242,7 +243,6 @@ static struct { { "cipher", oCipher }, { "ciphers", oCiphers }, { "macs", oMacs }, - { "protocol", oProtocol }, { "remoteforward", oRemoteForward }, { "localforward", oLocalForward }, { "user", oUser }, @@ -866,6 +866,8 @@ process_config_line_depth(Options *options, struct passwd *pw, const char *host, case oBadOption: /* don't panic, but count bad options */ return -1; + case oIgnore: + return 0; case oIgnoredUnknownOption: debug("%s line %d: Ignored unknown option \"%s\"", filename, linenum, keyword); @@ -1236,19 +1238,6 @@ parse_keytypes: *charptr = xstrdup(arg); break; - case oProtocol: - intptr = &options->protocol; - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - value = proto_spec(arg); - if (value == SSH_PROTO_UNKNOWN) - fatal("%.200s line %d: Bad protocol spec '%s'.", - filename, linenum, arg ? arg : ""); - if (*activep && *intptr == SSH_PROTO_UNKNOWN) - *intptr = value; - break; - case oLogLevel: log_level_ptr = &options->log_level; arg = strdelim(&s); @@ -1827,7 +1816,6 @@ initialize_options(Options * options) options->macs = NULL; options->kex_algorithms = NULL; options->hostkeyalgorithms = NULL; - options->protocol = SSH_PROTO_UNKNOWN; options->num_identity_files = 0; options->num_certificate_files = 0; options->hostname = NULL; @@ -1984,27 +1972,16 @@ fill_default_options(Options * options) if (options->cipher == -1) options->cipher = SSH_CIPHER_NOT_SET; /* options->hostkeyalgorithms, default set in myproposals.h */ - if (options->protocol == SSH_PROTO_UNKNOWN) - options->protocol = SSH_PROTO_2; if (options->add_keys_to_agent == -1) options->add_keys_to_agent = 0; if (options->num_identity_files == 0) { - if (options->protocol & SSH_PROTO_1) { - add_identity_file(options, "~/", - _PATH_SSH_CLIENT_IDENTITY, 0); - } - if (options->protocol & SSH_PROTO_2) { - add_identity_file(options, "~/", - _PATH_SSH_CLIENT_ID_RSA, 0); - add_identity_file(options, "~/", - _PATH_SSH_CLIENT_ID_DSA, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0); #ifdef OPENSSL_HAS_ECC - add_identity_file(options, "~/", - _PATH_SSH_CLIENT_ID_ECDSA, 0); + add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA, 0); #endif - add_identity_file(options, "~/", - _PATH_SSH_CLIENT_ID_ED25519, 0); - } + add_identity_file(options, "~/", + _PATH_SSH_CLIENT_ID_ED25519, 0); } if (options->escape_char == -1) options->escape_char = '~'; @@ -2395,17 +2372,6 @@ fmt_intarg(OpCodes code, int val) return fmt_multistate_int(val, multistate_canonicalizehostname); case oFingerprintHash: return ssh_digest_alg_name(val); - case oProtocol: - switch (val) { - case SSH_PROTO_1: - return "1"; - case SSH_PROTO_2: - return "2"; - case (SSH_PROTO_1|SSH_PROTO_2): - return "2,1"; - default: - return "UNKNOWN"; - } default: switch (val) { case 0: @@ -2550,7 +2516,6 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oNoHostAuthenticationForLocalhost, o->no_host_authentication_for_localhost); dump_cfg_fmtint(oPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(oPermitLocalCommand, o->permit_local_command); - dump_cfg_fmtint(oProtocol, o->protocol); dump_cfg_fmtint(oProxyUseFdpass, o->proxy_use_fdpass); dump_cfg_fmtint(oPubkeyAuthentication, o->pubkey_authentication); dump_cfg_fmtint(oRequestTTY, o->request_tty); diff --git a/readconf.h b/readconf.h index d62428101..f53864854 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.118 2017/04/28 03:20:27 dtucker Exp $ */ +/* $OpenBSD: readconf.h,v 1.119 2017/04/30 23:11:45 djm Exp $ */ /* * Author: Tatu Ylonen @@ -75,7 +75,6 @@ typedef struct { char *macs; /* SSH2 macs in order of preference. */ char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ char *kex_algorithms; /* SSH2 kex methods in order of preference. */ - int protocol; /* Protocol in order of preference. */ char *hostname; /* Real host to connect. */ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ diff --git a/ssh.c b/ssh.c index 38c8e837f..766a1790d 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.453 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.454 2017/04/30 23:11:45 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -609,10 +609,10 @@ main(int ac, char **av) "ACD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { switch (opt) { case '1': - options.protocol = SSH_PROTO_1; + fatal("SSH protocol v.1 is no longer supported"); break; case '2': - options.protocol = SSH_PROTO_2; + /* Ignored */ break; case '4': options.address_family = AF_INET; diff --git a/sshconnect.c b/sshconnect.c index 26ffbc802..d48f2e06c 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.274 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.275 2017/04/30 23:11:45 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -549,7 +549,7 @@ ssh_exchange_identification(int timeout_ms) int remote_major, remote_minor, mismatch; int connection_in = packet_get_connection_in(); int connection_out = packet_get_connection_out(); - int minor1 = PROTOCOL_MINOR_1, client_banner_sent = 0; + int client_banner_sent = 0; u_int i, n; size_t len; int fdsetsz, remaining, rc; @@ -559,15 +559,9 @@ ssh_exchange_identification(int timeout_ms) fdsetsz = howmany(connection_in + 1, NFDBITS) * sizeof(fd_mask); fdset = xcalloc(1, fdsetsz); - /* - * If we are SSH2-only then we can send the banner immediately and - * save a round-trip. - */ - if (options.protocol == SSH_PROTO_2) { - enable_compat20(); - send_client_banner(connection_out, 0); - client_banner_sent = 1; - } + enable_compat20(); + send_client_banner(connection_out, 0); + client_banner_sent = 1; /* Read other side's version identification. */ remaining = timeout_ms; @@ -635,50 +629,27 @@ ssh_exchange_identification(int timeout_ms) switch (remote_major) { case 1: - if (remote_minor == 99 && - (options.protocol & SSH_PROTO_2) && - !(options.protocol & SSH_PROTO_1_PREFERRED)) { + if (remote_minor == 99) enable_compat20(); - break; - } - if (!(options.protocol & SSH_PROTO_1)) { + else mismatch = 1; - break; - } - if (remote_minor < 3) { - fatal("Remote machine has too old SSH software version."); - } else if (remote_minor == 3 || remote_minor == 4) { - /* We speak 1.3, too. */ - enable_compat13(); - minor1 = 3; - if (options.forward_agent) { - logit("Agent forwarding disabled for protocol 1.3"); - options.forward_agent = 0; - } - } break; case 2: - if (options.protocol & SSH_PROTO_2) { - enable_compat20(); - break; - } - /* FALLTHROUGH */ + enable_compat20(); + break; default: mismatch = 1; break; } if (mismatch) fatal("Protocol major versions differ: %d vs. %d", - (options.protocol & SSH_PROTO_2) ? PROTOCOL_MAJOR_2 : PROTOCOL_MAJOR_1, - remote_major); + PROTOCOL_MAJOR_2, remote_major); if ((datafellows & SSH_BUG_DERIVEKEY) != 0) fatal("Server version \"%.100s\" uses unsafe key agreement; " "refusing connection", remote_version); if ((datafellows & SSH_BUG_RSASIGMD5) != 0) logit("Server version \"%.100s\" uses unsafe RSA signature " "scheme; disabling use of RSA keys", remote_version); - if (!client_banner_sent) - send_client_banner(connection_out, minor1); chop(server_version_string); } -- cgit v1.2.3 From cdccebdf85204bf7542b7fcc1aa2ea3f36661833 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 30 Apr 2017 23:15:04 +0000 Subject: upstream commit remove SSHv1 ciphers; ok markus@ Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890 --- Makefile.in | 2 +- cipher-3des1.c | 158 -------------------------------------- cipher-bf1.c | 106 -------------------------- cipher.c | 237 ++++++++++++++++++--------------------------------------- cipher.h | 25 +----- readconf.c | 25 +----- readconf.h | 3 +- ssh.c | 21 +---- sshkey.c | 8 +- 9 files changed, 86 insertions(+), 499 deletions(-) delete mode 100644 cipher-3des1.c delete mode 100644 cipher-bf1.c (limited to 'readconf.h') diff --git a/Makefile.in b/Makefile.in index e247c0de7..f6625734a 100644 --- a/Makefile.in +++ b/Makefile.in @@ -78,7 +78,7 @@ LIBOPENSSH_OBJS=\ LIBSSH_OBJS=${LIBOPENSSH_OBJS} \ authfd.o authfile.o bufaux.o bufbn.o bufec.o buffer.o \ canohost.o channels.o cipher.o cipher-aes.o cipher-aesctr.o \ - cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \ + cipher-ctr.o cleanup.o \ compat.o crc32.o deattack.o fatal.o hostfile.o \ log.o match.o moduli.o nchan.o packet.o opacket.o \ readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ diff --git a/cipher-3des1.c b/cipher-3des1.c deleted file mode 100644 index 9fcc2785a..000000000 --- a/cipher-3des1.c +++ /dev/null @@ -1,158 +0,0 @@ -/* $OpenBSD: cipher-3des1.c,v 1.12 2015/01/14 10:24:42 markus Exp $ */ -/* - * Copyright (c) 2003 Markus Friedl. All rights reserved. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" - -#ifdef WITH_SSH1 - -#include -#include -#include - -#include "ssherr.h" - -/* - * This is used by SSH1: - * - * What kind of triple DES are these 2 routines? - * - * Why is there a redundant initialization vector? - * - * If only iv3 was used, then, this would till effect have been - * outer-cbc. However, there is also a private iv1 == iv2 which - * perhaps makes differential analysis easier. On the other hand, the - * private iv1 probably makes the CRC-32 attack ineffective. This is a - * result of that there is no longer any known iv1 to use when - * choosing the X block. - */ -struct ssh1_3des_ctx -{ - EVP_CIPHER_CTX k1, k2, k3; -}; - -const EVP_CIPHER * evp_ssh1_3des(void); -int ssh1_3des_iv(EVP_CIPHER_CTX *, int, u_char *, int); - -static int -ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv, - int enc) -{ - struct ssh1_3des_ctx *c; - u_char *k1, *k2, *k3; - - if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) { - if ((c = calloc(1, sizeof(*c))) == NULL) - return 0; - EVP_CIPHER_CTX_set_app_data(ctx, c); - } - if (key == NULL) - return 1; - if (enc == -1) - enc = ctx->encrypt; - k1 = k2 = k3 = (u_char *) key; - k2 += 8; - if (EVP_CIPHER_CTX_key_length(ctx) >= 16+8) { - if (enc) - k3 += 16; - else - k1 += 16; - } - EVP_CIPHER_CTX_init(&c->k1); - EVP_CIPHER_CTX_init(&c->k2); - EVP_CIPHER_CTX_init(&c->k3); - if (EVP_CipherInit(&c->k1, EVP_des_cbc(), k1, NULL, enc) == 0 || - EVP_CipherInit(&c->k2, EVP_des_cbc(), k2, NULL, !enc) == 0 || - EVP_CipherInit(&c->k3, EVP_des_cbc(), k3, NULL, enc) == 0) { - explicit_bzero(c, sizeof(*c)); - free(c); - EVP_CIPHER_CTX_set_app_data(ctx, NULL); - return 0; - } - return 1; -} - -static int -ssh1_3des_cbc(EVP_CIPHER_CTX *ctx, u_char *dest, const u_char *src, size_t len) -{ - struct ssh1_3des_ctx *c; - - if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) - return 0; - if (EVP_Cipher(&c->k1, dest, (u_char *)src, len) == 0 || - EVP_Cipher(&c->k2, dest, dest, len) == 0 || - EVP_Cipher(&c->k3, dest, dest, len) == 0) - return 0; - return 1; -} - -static int -ssh1_3des_cleanup(EVP_CIPHER_CTX *ctx) -{ - struct ssh1_3des_ctx *c; - - if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) { - EVP_CIPHER_CTX_cleanup(&c->k1); - EVP_CIPHER_CTX_cleanup(&c->k2); - EVP_CIPHER_CTX_cleanup(&c->k3); - explicit_bzero(c, sizeof(*c)); - free(c); - EVP_CIPHER_CTX_set_app_data(ctx, NULL); - } - return 1; -} - -int -ssh1_3des_iv(EVP_CIPHER_CTX *evp, int doset, u_char *iv, int len) -{ - struct ssh1_3des_ctx *c; - - if (len != 24) - return SSH_ERR_INVALID_ARGUMENT; - if ((c = EVP_CIPHER_CTX_get_app_data(evp)) == NULL) - return SSH_ERR_INTERNAL_ERROR; - if (doset) { - memcpy(c->k1.iv, iv, 8); - memcpy(c->k2.iv, iv + 8, 8); - memcpy(c->k3.iv, iv + 16, 8); - } else { - memcpy(iv, c->k1.iv, 8); - memcpy(iv + 8, c->k2.iv, 8); - memcpy(iv + 16, c->k3.iv, 8); - } - return 0; -} - -const EVP_CIPHER * -evp_ssh1_3des(void) -{ - static EVP_CIPHER ssh1_3des; - - memset(&ssh1_3des, 0, sizeof(ssh1_3des)); - ssh1_3des.nid = NID_undef; - ssh1_3des.block_size = 8; - ssh1_3des.iv_len = 0; - ssh1_3des.key_len = 16; - ssh1_3des.init = ssh1_3des_init; - ssh1_3des.cleanup = ssh1_3des_cleanup; - ssh1_3des.do_cipher = ssh1_3des_cbc; - ssh1_3des.flags = EVP_CIPH_CBC_MODE | EVP_CIPH_VARIABLE_LENGTH; - return &ssh1_3des; -} -#endif /* WITH_SSH1 */ diff --git a/cipher-bf1.c b/cipher-bf1.c deleted file mode 100644 index c205b077c..000000000 --- a/cipher-bf1.c +++ /dev/null @@ -1,106 +0,0 @@ -/* $OpenBSD: cipher-bf1.c,v 1.7 2015/01/14 10:24:42 markus Exp $ */ -/* - * Copyright (c) 2003 Markus Friedl. All rights reserved. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, - * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF - * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include "includes.h" - -#ifdef WITH_SSH1 -#if defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF) - -#include - -#include -#include - -#include - -#include "openbsd-compat/openssl-compat.h" - -/* - * SSH1 uses a variation on Blowfish, all bytes must be swapped before - * and after encryption/decryption. Thus the swap_bytes stuff (yuk). - */ - -const EVP_CIPHER * evp_ssh1_bf(void); - -static void -swap_bytes(const u_char *src, u_char *dst, int n) -{ - u_char c[4]; - - /* Process 4 bytes every lap. */ - for (n = n / 4; n > 0; n--) { - c[3] = *src++; - c[2] = *src++; - c[1] = *src++; - c[0] = *src++; - - *dst++ = c[0]; - *dst++ = c[1]; - *dst++ = c[2]; - *dst++ = c[3]; - } -} - -#ifdef SSH_OLD_EVP -static void bf_ssh1_init (EVP_CIPHER_CTX * ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - if (iv != NULL) - memcpy (&(ctx->oiv[0]), iv, 8); - memcpy (&(ctx->iv[0]), &(ctx->oiv[0]), 8); - if (key != NULL) - BF_set_key (&(ctx->c.bf_ks), EVP_CIPHER_CTX_key_length (ctx), - key); -} -#endif - -static int (*orig_bf)(EVP_CIPHER_CTX *, u_char *, - const u_char *, LIBCRYPTO_EVP_INL_TYPE) = NULL; - -static int -bf_ssh1_cipher(EVP_CIPHER_CTX *ctx, u_char *out, const u_char *in, - LIBCRYPTO_EVP_INL_TYPE len) -{ - int ret; - - swap_bytes(in, out, len); - ret = (*orig_bf)(ctx, out, out, len); - swap_bytes(out, out, len); - return (ret); -} - -const EVP_CIPHER * -evp_ssh1_bf(void) -{ - static EVP_CIPHER ssh1_bf; - - memcpy(&ssh1_bf, EVP_bf_cbc(), sizeof(EVP_CIPHER)); - orig_bf = ssh1_bf.do_cipher; - ssh1_bf.nid = NID_undef; -#ifdef SSH_OLD_EVP - ssh1_bf.init = bf_ssh1_init; -#endif - ssh1_bf.do_cipher = bf_ssh1_cipher; - ssh1_bf.key_len = 32; - return (&ssh1_bf); -} -#endif /* defined(WITH_OPENSSL) && !defined(OPENSSL_NO_BF) */ - -#endif /* WITH_SSH1 */ diff --git a/cipher.c b/cipher.c index 2df2b84bc..622e745d0 100644 --- a/cipher.c +++ b/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.103 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: cipher.c,v 1.104 2017/04/30 23:15:04 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -63,7 +63,6 @@ struct sshcipher_ctx { struct sshcipher { char *name; - int number; /* for ssh1 only */ u_int block_size; u_int key_len; u_int iv_len; /* defaults to block_size */ @@ -74,6 +73,7 @@ struct sshcipher { #define CFLAG_CHACHAPOLY (1<<1) #define CFLAG_AESCTR (1<<2) #define CFLAG_NONE (1<<3) +#define CFLAG_INTERNAL CFLAG_NONE /* Don't use "none" for packets */ #ifdef WITH_OPENSSL const EVP_CIPHER *(*evptype)(void); #else @@ -83,45 +83,42 @@ struct sshcipher { static const struct sshcipher ciphers[] = { #ifdef WITH_OPENSSL - { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, 0, EVP_enc_null }, - { "3des-cbc", SSH_CIPHER_SSH2, 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, + { "3des-cbc", 8, 24, 0, 0, 0, 1, EVP_des_ede3_cbc }, # ifndef OPENSSL_NO_BF - { "blowfish-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, + { "blowfish-cbc", 8, 16, 0, 0, 0, 1, EVP_bf_cbc }, # endif /* OPENSSL_NO_BF */ # ifndef OPENSSL_NO_CAST - { "cast128-cbc", - SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, + { "cast128-cbc", 8, 16, 0, 0, 0, 1, EVP_cast5_cbc }, # endif /* OPENSSL_NO_CAST */ # ifndef OPENSSL_NO_RC4 - { "arcfour", SSH_CIPHER_SSH2, 8, 16, 0, 0, 0, 0, EVP_rc4 }, - { "arcfour128", SSH_CIPHER_SSH2, 8, 16, 0, 0, 1536, 0, EVP_rc4 }, - { "arcfour256", SSH_CIPHER_SSH2, 8, 32, 0, 0, 1536, 0, EVP_rc4 }, + { "arcfour", 8, 16, 0, 0, 0, 0, EVP_rc4 }, + { "arcfour128", 8, 16, 0, 0, 1536, 0, EVP_rc4 }, + { "arcfour256", 8, 32, 0, 0, 1536, 0, EVP_rc4 }, # endif /* OPENSSL_NO_RC4 */ - { "aes128-cbc", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, - { "aes192-cbc", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, - { "aes256-cbc", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, + { "aes128-cbc", 16, 16, 0, 0, 0, 1, EVP_aes_128_cbc }, + { "aes192-cbc", 16, 24, 0, 0, 0, 1, EVP_aes_192_cbc }, + { "aes256-cbc", 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, { "rijndael-cbc@lysator.liu.se", - SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, - { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr }, - { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, 0, EVP_aes_192_ctr }, - { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, 0, EVP_aes_256_ctr }, + 16, 32, 0, 0, 0, 1, EVP_aes_256_cbc }, + { "aes128-ctr", 16, 16, 0, 0, 0, 0, EVP_aes_128_ctr }, + { "aes192-ctr", 16, 24, 0, 0, 0, 0, EVP_aes_192_ctr }, + { "aes256-ctr", 16, 32, 0, 0, 0, 0, EVP_aes_256_ctr }, # ifdef OPENSSL_HAVE_EVPGCM { "aes128-gcm@openssh.com", - SSH_CIPHER_SSH2, 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm }, + 16, 16, 12, 16, 0, 0, EVP_aes_128_gcm }, { "aes256-gcm@openssh.com", - SSH_CIPHER_SSH2, 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm }, + 16, 32, 12, 16, 0, 0, EVP_aes_256_gcm }, # endif /* OPENSSL_HAVE_EVPGCM */ -#else /* WITH_OPENSSL */ - { "aes128-ctr", SSH_CIPHER_SSH2, 16, 16, 0, 0, 0, CFLAG_AESCTR, NULL }, - { "aes192-ctr", SSH_CIPHER_SSH2, 16, 24, 0, 0, 0, CFLAG_AESCTR, NULL }, - { "aes256-ctr", SSH_CIPHER_SSH2, 16, 32, 0, 0, 0, CFLAG_AESCTR, NULL }, - { "none", SSH_CIPHER_NONE, 8, 0, 0, 0, 0, CFLAG_NONE, NULL }, -#endif /* WITH_OPENSSL */ +#else + { "aes128-ctr", 16, 16, 0, 0, 0, CFLAG_AESCTR, NULL }, + { "aes192-ctr", 16, 24, 0, 0, 0, CFLAG_AESCTR, NULL }, + { "aes256-ctr", 16, 32, 0, 0, 0, CFLAG_AESCTR, NULL }, +#endif { "chacha20-poly1305@openssh.com", - SSH_CIPHER_SSH2, 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL }, + 8, 64, 0, 16, 0, CFLAG_CHACHAPOLY, NULL }, + { "none", 8, 0, 0, 0, 0, CFLAG_NONE, NULL }, - { NULL, SSH_CIPHER_INVALID, 0, 0, 0, 0, 0, 0, NULL } + { NULL, 0, 0, 0, 0, 0, 0, NULL } }; /*--*/ @@ -135,7 +132,7 @@ cipher_alg_list(char sep, int auth_only) const struct sshcipher *c; for (c = ciphers; c->name != NULL; c++) { - if (c->number != SSH_CIPHER_SSH2) + if ((c->flags & CFLAG_INTERNAL) != 0) continue; if (auth_only && c->auth_len == 0) continue; @@ -190,12 +187,6 @@ cipher_ivlen(const struct sshcipher *c) c->iv_len : c->block_size; } -u_int -cipher_get_number(const struct sshcipher *c) -{ - return (c->number); -} - u_int cipher_is_cbc(const struct sshcipher *c) { @@ -208,24 +199,6 @@ cipher_ctx_is_plaintext(struct sshcipher_ctx *cc) return cc->plaintext; } -u_int -cipher_ctx_get_number(struct sshcipher_ctx *cc) -{ - return cc->cipher->number; -} - -u_int -cipher_mask_ssh1(int client) -{ - u_int mask = 0; - mask |= 1 << SSH_CIPHER_3DES; /* Mandatory */ - mask |= 1 << SSH_CIPHER_BLOWFISH; - if (client) { - mask |= 1 << SSH_CIPHER_DES; - } - return mask; -} - const struct sshcipher * cipher_by_name(const char *name) { @@ -236,16 +209,6 @@ cipher_by_name(const char *name) return NULL; } -const struct sshcipher * -cipher_by_number(int id) -{ - const struct sshcipher *c; - for (c = ciphers; c->name != NULL; c++) - if (c->number == id) - return c; - return NULL; -} - #define CIPHER_SEP "," int ciphers_valid(const char *names) @@ -261,7 +224,7 @@ ciphers_valid(const char *names) for ((p = strsep(&cp, CIPHER_SEP)); p && *p != '\0'; (p = strsep(&cp, CIPHER_SEP))) { c = cipher_by_name(p); - if (c == NULL || c->number != SSH_CIPHER_SSH2) { + if (c == NULL || (c->flags & CFLAG_INTERNAL) != 0) { free(cipher_list); return 0; } @@ -270,38 +233,12 @@ ciphers_valid(const char *names) return 1; } -/* - * Parses the name of the cipher. Returns the number of the corresponding - * cipher, or -1 on error. - */ - -int -cipher_number(const char *name) -{ - const struct sshcipher *c; - if (name == NULL) - return -1; - for (c = ciphers; c->name != NULL; c++) - if (strcasecmp(c->name, name) == 0) - return c->number; - return -1; -} - -char * -cipher_name(int id) -{ - const struct sshcipher *c = cipher_by_number(id); - return (c==NULL) ? "" : c->name; -} - const char * cipher_warning_message(const struct sshcipher_ctx *cc) { if (cc == NULL || cc->cipher == NULL) return NULL; - if (cc->cipher->number == SSH_CIPHER_DES) - return "use of DES is strongly discouraged due to " - "cryptographic weaknesses"; + /* XXX repurpose for CBC warning */ return NULL; } @@ -322,12 +259,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, if ((cc = calloc(sizeof(*cc), 1)) == NULL) return SSH_ERR_ALLOC_FAIL; - if (cipher->number == SSH_CIPHER_DES) { - if (keylen > 8) - keylen = 8; - } - - cc->plaintext = (cipher->number == SSH_CIPHER_NONE); + cc->plaintext = 0; /* XXX */ cc->encrypt = do_encrypt; if (keylen < cipher->key_len || @@ -341,6 +273,10 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, ret = chachapoly_init(&cc->cp_ctx, key, keylen); goto out; } + if ((cc->cipher->flags & CFLAG_NONE) != 0) { + ret = 0; + goto out; + } #ifndef WITH_OPENSSL if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { aesctr_keysetup(&cc->ac_ctx, key, 8 * keylen, 8 * ivlen); @@ -348,10 +284,6 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, ret = 0; goto out; } - if ((cc->cipher->flags & CFLAG_NONE) != 0) { - ret = 0; - goto out; - } ret = SSH_ERR_INVALID_ARGUMENT; goto out; #else /* WITH_OPENSSL */ @@ -436,6 +368,10 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest, return chachapoly_crypt(&cc->cp_ctx, seqnr, dest, src, len, aadlen, authlen, cc->encrypt); } + if ((cc->cipher->flags & CFLAG_NONE) != 0) { + memcpy(dest, src, aadlen + len); + return 0; + } #ifndef WITH_OPENSSL if ((cc->cipher->flags & CFLAG_AESCTR) != 0) { if (aadlen) @@ -444,10 +380,6 @@ cipher_crypt(struct sshcipher_ctx *cc, u_int seqnr, u_char *dest, dest + aadlen, len); return 0; } - if ((cc->cipher->flags & CFLAG_NONE) != 0) { - memcpy(dest, src, aadlen + len); - return 0; - } return SSH_ERR_INVALID_ARGUMENT; #else if (authlen) { @@ -554,19 +486,16 @@ int cipher_get_keyiv_len(const struct sshcipher_ctx *cc) { const struct sshcipher *c = cc->cipher; - int ivlen = 0; - if (c->number == SSH_CIPHER_3DES) - ivlen = 24; - else if ((cc->cipher->flags & CFLAG_CHACHAPOLY) != 0) - ivlen = 0; - else if ((cc->cipher->flags & CFLAG_AESCTR) != 0) - ivlen = sizeof(cc->ac_ctx.ctr); + if ((c->flags & CFLAG_CHACHAPOLY) != 0) + return 0; + else if ((c->flags & CFLAG_AESCTR) != 0) + return sizeof(cc->ac_ctx.ctr); #ifdef WITH_OPENSSL - else - ivlen = EVP_CIPHER_CTX_iv_length(cc->evp); -#endif /* WITH_OPENSSL */ - return (ivlen); + return EVP_CIPHER_CTX_iv_length(cc->evp); +#else + return 0; +#endif } int @@ -591,34 +520,26 @@ cipher_get_keyiv(struct sshcipher_ctx *cc, u_char *iv, u_int len) if ((cc->cipher->flags & CFLAG_NONE) != 0) return 0; - switch (c->number) { #ifdef WITH_OPENSSL - case SSH_CIPHER_SSH2: - case SSH_CIPHER_DES: - case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(cc->evp); - if (evplen == 0) - return 0; - else if (evplen < 0) - return SSH_ERR_LIBCRYPTO_ERROR; - if ((u_int)evplen != len) - return SSH_ERR_INVALID_ARGUMENT; + evplen = EVP_CIPHER_CTX_iv_length(cc->evp); + if (evplen == 0) + return 0; + else if (evplen < 0) + return SSH_ERR_LIBCRYPTO_ERROR; + if ((u_int)evplen != len) + return SSH_ERR_INVALID_ARGUMENT; #ifndef OPENSSL_HAVE_EVPCTR - if (c->evptype == evp_aes_128_ctr) - ssh_aes_ctr_iv(cc->evp, 0, iv, len); - else + if (c->evptype == evp_aes_128_ctr) + ssh_aes_ctr_iv(cc->evp, 0, iv, len); + else #endif - if (cipher_authlen(c)) { - if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, - len, iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else - memcpy(iv, cc->evp->iv, len); - break; + if (cipher_authlen(c)) { + if (!EVP_CIPHER_CTX_ctrl(cc->evp, EVP_CTRL_GCM_IV_GEN, + len, iv)) + return SSH_ERR_LIBCRYPTO_ERROR; + } else + memcpy(iv, cc->evp->iv, len); #endif - default: - return SSH_ERR_INVALID_ARGUMENT; - } return 0; } @@ -635,32 +556,24 @@ cipher_set_keyiv(struct sshcipher_ctx *cc, const u_char *iv) if ((cc->cipher->flags & CFLAG_NONE) != 0) return 0; - switch (c->number) { #ifdef WITH_OPENSSL - case SSH_CIPHER_SSH2: - case SSH_CIPHER_DES: - case SSH_CIPHER_BLOWFISH: - evplen = EVP_CIPHER_CTX_iv_length(cc->evp); - if (evplen <= 0) - return SSH_ERR_LIBCRYPTO_ERROR; + evplen = EVP_CIPHER_CTX_iv_length(cc->evp); + if (evplen <= 0) + return SSH_ERR_LIBCRYPTO_ERROR; #ifndef OPENSSL_HAVE_EVPCTR - /* XXX iv arg is const, but ssh_aes_ctr_iv isn't */ - if (c->evptype == evp_aes_128_ctr) - ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen); - else + /* XXX iv arg is const, but ssh_aes_ctr_iv isn't */ + if (c->evptype == evp_aes_128_ctr) + ssh_aes_ctr_iv(cc->evp, 1, (u_char *)iv, evplen); + else #endif - if (cipher_authlen(c)) { - /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ - if (!EVP_CIPHER_CTX_ctrl(cc->evp, - EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) - return SSH_ERR_LIBCRYPTO_ERROR; - } else - memcpy(cc->evp->iv, iv, evplen); - break; + if (cipher_authlen(c)) { + /* XXX iv arg is const, but EVP_CIPHER_CTX_ctrl isn't */ + if (!EVP_CIPHER_CTX_ctrl(cc->evp, + EVP_CTRL_GCM_SET_IV_FIXED, -1, (void *)iv)) + return SSH_ERR_LIBCRYPTO_ERROR; + } else + memcpy(cc->evp->iv, iv, evplen); #endif - default: - return SSH_ERR_INVALID_ARGUMENT; - } return 0; } diff --git a/cipher.h b/cipher.h index f4bca6285..312bbc8a0 100644 --- a/cipher.h +++ b/cipher.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.h,v 1.49 2016/08/03 05:41:57 djm Exp $ */ +/* $OpenBSD: cipher.h,v 1.50 2017/04/30 23:15:04 djm Exp $ */ /* * Author: Tatu Ylonen @@ -42,34 +42,13 @@ #include "cipher-chachapoly.h" #include "cipher-aesctr.h" -/* - * Cipher types for SSH-1. New types can be added, but old types should not - * be removed for compatibility. The maximum allowed value is 31. - */ -#define SSH_CIPHER_SSH2 -3 -#define SSH_CIPHER_INVALID -2 /* No valid cipher selected. */ -#define SSH_CIPHER_NOT_SET -1 /* None selected (invalid number). */ -#define SSH_CIPHER_NONE 0 /* no encryption */ -#define SSH_CIPHER_IDEA 1 /* IDEA CFB */ -#define SSH_CIPHER_DES 2 /* DES CBC */ -#define SSH_CIPHER_3DES 3 /* 3DES CBC */ -#define SSH_CIPHER_BROKEN_TSS 4 /* TRI's Simple Stream encryption CBC */ -#define SSH_CIPHER_BROKEN_RC4 5 /* Alleged RC4 */ -#define SSH_CIPHER_BLOWFISH 6 -#define SSH_CIPHER_RESERVED 7 -#define SSH_CIPHER_MAX 31 - #define CIPHER_ENCRYPT 1 #define CIPHER_DECRYPT 0 struct sshcipher; struct sshcipher_ctx; -u_int cipher_mask_ssh1(int); const struct sshcipher *cipher_by_name(const char *); -const struct sshcipher *cipher_by_number(int); -int cipher_number(const char *); -char *cipher_name(int); const char *cipher_warning_message(const struct sshcipher_ctx *); int ciphers_valid(const char *); char *cipher_alg_list(char, int); @@ -90,9 +69,7 @@ u_int cipher_ivlen(const struct sshcipher *); u_int cipher_is_cbc(const struct sshcipher *); u_int cipher_ctx_is_plaintext(struct sshcipher_ctx *); -u_int cipher_ctx_get_number(struct sshcipher_ctx *); -u_int cipher_get_number(const struct sshcipher *); int cipher_get_keyiv(struct sshcipher_ctx *, u_char *, u_int); int cipher_set_keyiv(struct sshcipher_ctx *, const u_char *); int cipher_get_keyiv_len(const struct sshcipher_ctx *); diff --git a/readconf.c b/readconf.c index 963c648b9..5a7197c14 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.273 2017/04/30 23:11:45 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.274 2017/04/30 23:15:04 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -182,6 +182,7 @@ static struct { } keywords[] = { /* Deprecated options */ { "protocol", oIgnore }, /* NB. silently ignored */ + { "cipher", oDeprecated }, { "fallbacktorsh", oDeprecated }, { "globalknownhostsfile2", oDeprecated }, { "rhostsauthentication", oDeprecated }, @@ -240,7 +241,6 @@ static struct { { "hostkeyalias", oHostKeyAlias }, { "proxycommand", oProxyCommand }, { "port", oPort }, - { "cipher", oCipher }, { "ciphers", oCiphers }, { "macs", oMacs }, { "remoteforward", oRemoteForward }, @@ -1175,19 +1175,6 @@ parse_int: intptr = &options->connection_attempts; goto parse_int; - case oCipher: - intptr = &options->cipher; - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing argument.", filename, linenum); - value = cipher_number(arg); - if (value == -1) - fatal("%.200s line %d: Bad cipher '%s'.", - filename, linenum, arg ? arg : ""); - if (*activep && *intptr == -1) - *intptr = value; - break; - case oCiphers: arg = strdelim(&s); if (!arg || *arg == '\0') @@ -1811,7 +1798,6 @@ initialize_options(Options * options) options->connection_attempts = -1; options->connection_timeout = -1; options->number_of_password_prompts = -1; - options->cipher = -1; options->ciphers = NULL; options->macs = NULL; options->kex_algorithms = NULL; @@ -1968,9 +1954,6 @@ fill_default_options(Options * options) options->connection_attempts = 1; if (options->number_of_password_prompts == -1) options->number_of_password_prompts = 3; - /* Selected in ssh_login(). */ - if (options->cipher == -1) - options->cipher = SSH_CIPHER_NOT_SET; /* options->hostkeyalgorithms, default set in myproposals.h */ if (options->add_keys_to_agent == -1) options->add_keys_to_agent = 0; @@ -2603,10 +2586,6 @@ dump_client_config(Options *o, const char *host) printf("\n"); } - /* oCipher */ - if (o->cipher != SSH_CIPHER_NOT_SET) - printf("Cipher %s\n", cipher_name(o->cipher)); - /* oControlPersist */ if (o->control_persist == 0 || o->control_persist_timeout == 0) dump_cfg_fmtint(oControlPersist, o->control_persist); diff --git a/readconf.h b/readconf.h index f53864854..c2ffd9ed4 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.119 2017/04/30 23:11:45 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.120 2017/04/30 23:15:04 djm Exp $ */ /* * Author: Tatu Ylonen @@ -70,7 +70,6 @@ typedef struct { * aborting connection attempt */ int number_of_password_prompts; /* Max number of password * prompts. */ - int cipher; /* Cipher to use. */ char *ciphers; /* SSH2 ciphers in order of preference. */ char *macs; /* SSH2 macs in order of preference. */ char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ diff --git a/ssh.c b/ssh.c index a682ce91a..c1316f44c 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.455 2017/04/30 23:13:25 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.456 2017/04/30 23:15:04 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -813,27 +813,14 @@ main(int ac, char **av) } break; case 'c': - if (ciphers_valid(*optarg == '+' ? + if (!ciphers_valid(*optarg == '+' ? optarg + 1 : optarg)) { - /* SSH2 only */ - free(options.ciphers); - options.ciphers = xstrdup(optarg); - options.cipher = SSH_CIPHER_INVALID; - break; - } - /* SSH1 only */ - options.cipher = cipher_number(optarg); - if (options.cipher == -1) { fprintf(stderr, "Unknown cipher type '%s'\n", optarg); exit(255); } - if (options.cipher == SSH_CIPHER_3DES) - options.ciphers = xstrdup("3des-cbc"); - else if (options.cipher == SSH_CIPHER_BLOWFISH) - options.ciphers = xstrdup("blowfish-cbc"); - else - options.ciphers = xstrdup(KEX_CLIENT_ENCRYPT); + free(options.ciphers); + options.ciphers = xstrdup(optarg); break; case 'm': if (mac_valid(optarg)) { diff --git a/sshkey.c b/sshkey.c index 045f1284f..1741d9b19 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.46 2017/04/30 23:10:43 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.47 2017/04/30 23:15:04 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -2971,12 +2971,8 @@ sshkey_private_to_blob2(const struct sshkey *prv, struct sshbuf *blob, kdfname = "none"; } else if (ciphername == NULL) ciphername = DEFAULT_CIPHERNAME; - else if (cipher_number(ciphername) != SSH_CIPHER_SSH2) { - r = SSH_ERR_INVALID_ARGUMENT; - goto out; - } if ((cipher = cipher_by_name(ciphername)) == NULL) { - r = SSH_ERR_INTERNAL_ERROR; + r = SSH_ERR_INVALID_ARGUMENT; goto out; } -- cgit v1.2.3 From 788ac799a6efa40517f2ac0d895a610394298ffc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 30 Apr 2017 23:18:22 +0000 Subject: upstream commit remove SSHv1 configuration options and man pages bits ok markus@ Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424 --- readconf.c | 27 +-------------------- readconf.h | 7 +----- ssh.1 | 57 ++++---------------------------------------- ssh_config | 4 +--- ssh_config.5 | 77 ++++-------------------------------------------------------- 5 files changed, 12 insertions(+), 160 deletions(-) (limited to 'readconf.h') diff --git a/readconf.c b/readconf.c index 5a7197c14..aee5a8a79 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.274 2017/04/30 23:15:04 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.275 2017/04/30 23:18:22 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -951,14 +951,6 @@ parse_time: intptr = &options->pubkey_authentication; goto parse_flag; - case oRSAAuthentication: - intptr = &options->rsa_authentication; - goto parse_flag; - - case oRhostsRSAAuthentication: - intptr = &options->rhosts_rsa_authentication; - goto parse_flag; - case oHostbasedAuthentication: intptr = &options->hostbased_authentication; goto parse_flag; @@ -1009,10 +1001,6 @@ parse_time: intptr = &options->number_of_password_prompts; goto parse_int; - case oCompressionLevel: - intptr = &options->compression_level; - goto parse_int; - case oRekeyLimit: arg = strdelim(&s); if (!arg || *arg == '\0') @@ -1777,7 +1765,6 @@ initialize_options(Options * options) options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; options->fwd_opts.streamlocal_bind_unlink = -1; options->use_privileged_port = -1; - options->rsa_authentication = -1; options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; @@ -1785,14 +1772,12 @@ initialize_options(Options * options) options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; - options->rhosts_rsa_authentication = -1; options->hostbased_authentication = -1; options->batch_mode = -1; options->check_host_ip = -1; options->strict_host_key_checking = -1; options->compression = -1; options->tcp_keep_alive = -1; - options->compression_level = -1; options->port = -1; options->address_family = -1; options->connection_attempts = -1; @@ -1916,8 +1901,6 @@ fill_default_options(Options * options) options->fwd_opts.streamlocal_bind_unlink = 0; if (options->use_privileged_port == -1) options->use_privileged_port = 0; - if (options->rsa_authentication == -1) - options->rsa_authentication = 1; if (options->pubkey_authentication == -1) options->pubkey_authentication = 1; if (options->challenge_response_authentication == -1) @@ -1930,8 +1913,6 @@ fill_default_options(Options * options) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) options->kbd_interactive_authentication = 1; - if (options->rhosts_rsa_authentication == -1) - options->rhosts_rsa_authentication = 0; if (options->hostbased_authentication == -1) options->hostbased_authentication = 0; if (options->batch_mode == -1) @@ -1944,8 +1925,6 @@ fill_default_options(Options * options) options->compression = 0; if (options->tcp_keep_alive == -1) options->tcp_keep_alive = 1; - if (options->compression_level == -1) - options->compression_level = 6; if (options->port == -1) options->port = 0; /* Filled in ssh_connect. */ if (options->address_family == -1) @@ -2502,10 +2481,6 @@ dump_client_config(Options *o, const char *host) dump_cfg_fmtint(oProxyUseFdpass, o->proxy_use_fdpass); dump_cfg_fmtint(oPubkeyAuthentication, o->pubkey_authentication); dump_cfg_fmtint(oRequestTTY, o->request_tty); -#ifdef WITH_RSA1 - dump_cfg_fmtint(oRhostsRSAAuthentication, o->rhosts_rsa_authentication); - dump_cfg_fmtint(oRSAAuthentication, o->rsa_authentication); -#endif dump_cfg_fmtint(oStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink); dump_cfg_fmtint(oStrictHostKeyChecking, o->strict_host_key_checking); dump_cfg_fmtint(oTCPKeepAlive, o->tcp_keep_alive); diff --git a/readconf.h b/readconf.h index c2ffd9ed4..f47f53402 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.120 2017/04/30 23:15:04 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.121 2017/04/30 23:18:22 djm Exp $ */ /* * Author: Tatu Ylonen @@ -37,9 +37,6 @@ typedef struct { char *xauth_location; /* Location for xauth program */ struct ForwardOptions fwd_opts; /* forwarding options */ int use_privileged_port; /* Don't use privileged port if false. */ - int rhosts_rsa_authentication; /* Try rhosts with RSA - * authentication. */ - int rsa_authentication; /* Try RSA authentication. */ int pubkey_authentication; /* Try ssh2 pubkey authentication. */ int hostbased_authentication; /* ssh2's rhosts_rsa */ int challenge_response_authentication; @@ -54,8 +51,6 @@ typedef struct { int check_host_ip; /* Also keep track of keys for IP address */ int strict_host_key_checking; /* Strict host key checking. */ int compression; /* Compress packets in both directions. */ - int compression_level; /* Compression level 1 (fast) to 9 - * (best). */ int tcp_keep_alive; /* Set SO_KEEPALIVE. */ int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ diff --git a/ssh.1 b/ssh.1 index 4011c65aa..325742f98 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.376 2016/07/16 06:57:55 jmc Exp $ -.Dd $Mdocdate: July 16 2016 $ +.\" $OpenBSD: ssh.1,v 1.377 2017/04/30 23:18:22 djm Exp $ +.Dd $Mdocdate: April 30 2017 $ .Dt SSH 1 .Os .Sh NAME @@ -43,7 +43,7 @@ .Sh SYNOPSIS .Nm ssh .Bk -words -.Op Fl 1246AaCfGgKkMNnqsTtVvXxYy +.Op Fl 46AaCfGgKkMNnqsTtVvXxYy .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Op Fl D Oo Ar bind_address : Oc Ns Ar port @@ -95,16 +95,6 @@ it is executed on the remote host instead of a login shell. The options are as follows: .Pp .Bl -tag -width Ds -compact -.It Fl 1 -Forces -.Nm -to try protocol version 1 only. -.Pp -.It Fl 2 -Forces -.Nm -to try protocol version 2 only. -.Pp .It Fl 4 Forces .Nm @@ -144,12 +134,7 @@ data for forwarded X11, TCP and .Ux Ns -domain connections). The compression algorithm is the same used by -.Xr gzip 1 , -and the -.Dq level -can be controlled by the -.Cm CompressionLevel -option for protocol version 1. +.Xr gzip 1 . Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks. The default value can be set on a host-by-host basis in the @@ -159,14 +144,6 @@ option. .Pp .It Fl c Ar cipher_spec Selects the cipher specification for encrypting the session. -.Pp -Protocol version 1 allows specification of a single cipher. -The supported values are -.Dq 3des , -.Dq blowfish , -and -.Dq des . -For protocol version 2, .Ar cipher_spec is a comma-separated list of ciphers listed in order of preference. @@ -290,8 +267,6 @@ private RSA key. Selects a file from which the identity (private key) for public key authentication is read. The default is -.Pa ~/.ssh/identity -for protocol version 1, and .Pa ~/.ssh/id_dsa , .Pa ~/.ssh/id_ecdsa , .Pa ~/.ssh/id_ed25519 @@ -495,7 +470,6 @@ For full details of the options listed below, and their possible values, see .It Ciphers .It ClearAllForwardings .It Compression -.It CompressionLevel .It ConnectionAttempts .It ConnectTimeout .It ControlMaster @@ -540,7 +514,6 @@ For full details of the options listed below, and their possible values, see .It PKCS11Provider .It Port .It PreferredAuthentications -.It Protocol .It ProxyCommand .It ProxyJump .It ProxyUseFdpass @@ -549,8 +522,6 @@ For full details of the options listed below, and their possible values, see .It RekeyLimit .It RemoteForward .It RequestTTY -.It RhostsRSAAuthentication -.It RSAAuthentication .It SendEnv .It ServerAliveInterval .It ServerAliveCountMax @@ -806,21 +777,7 @@ a per-user configuration file and a system-wide configuration file. The file format and configuration options are described in .Xr ssh_config 5 . .Sh AUTHENTICATION -The OpenSSH SSH client supports SSH protocols 1 and 2. -The default is to use protocol 2 only, -though this can be changed via the -.Cm Protocol -option in -.Xr ssh_config 5 -or the -.Fl 1 -and -.Fl 2 -options (see above). -Protocol 1 should not be used -and is only offered to support legacy devices. -It suffers from a number of cryptographic weaknesses -and doesn't support many of the advanced features available for protocol 2. +The OpenSSH SSH client supports SSH protocol 2. .Pp The methods available for authentication are: GSSAPI-based authentication, @@ -893,8 +850,6 @@ is authorized to accept the account. The user creates his/her key pair by running .Xr ssh-keygen 1 . This stores the private key in -.Pa ~/.ssh/identity -(protocol 1), .Pa ~/.ssh/id_dsa (DSA), .Pa ~/.ssh/id_ecdsa @@ -905,8 +860,6 @@ or .Pa ~/.ssh/id_rsa (RSA) and stores the public key in -.Pa ~/.ssh/identity.pub -(protocol 1), .Pa ~/.ssh/id_dsa.pub (DSA), .Pa ~/.ssh/id_ecdsa.pub diff --git a/ssh_config b/ssh_config index 90fb63f0b..b986d52ce 100644 --- a/ssh_config +++ b/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $ +# $OpenBSD: ssh_config,v 1.31 2017/04/30 23:18:22 djm Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -20,8 +20,6 @@ # Host * # ForwardAgent no # ForwardX11 no -# RhostsRSAAuthentication no -# RSAAuthentication yes # PasswordAuthentication yes # HostbasedAuthentication no # GSSAPIAuthentication no diff --git a/ssh_config.5 b/ssh_config.5 index c9dca08d8..a565f330d 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.244 2017/04/28 06:15:03 jmc Exp $ -.Dd $Mdocdate: April 28 2017 $ +.\" $OpenBSD: ssh_config.5,v 1.245 2017/04/30 23:18:22 djm Exp $ +.Dd $Mdocdate: April 30 2017 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -391,25 +391,8 @@ in the process, regardless of the setting of If the option is set to .Cm no , the check will not be executed. -.It Cm Cipher -Specifies the cipher to use for encrypting the session -in protocol version 1. -Currently, -.Cm blowfish , -.Cm 3des -(the default), -and -.Cm des -are supported, -though -.Cm des -is only supported in the -.Xr ssh 1 -client for interoperability with legacy protocol 1 implementations; -its use is strongly discouraged due to cryptographic weaknesses. .It Cm Ciphers -Specifies the ciphers allowed for protocol version 2 -in order of preference. +Specifies the ciphers allowed and their order of preference. Multiple ciphers must be comma-separated. If the specified value begins with a .Sq + @@ -472,18 +455,6 @@ The argument must be or .Cm no (the default). -.It Cm CompressionLevel -Specifies the compression level to use if compression is enabled. -The argument must be an integer from 1 (fast) to 9 (slow, best). -The default level is 6, which is good for most applications. -The meaning of the values is the same as in -.Xr gzip 1 . -Note that this option applies to protocol version 1 only. -.It Cm ConnectionAttempts -Specifies the number of tries (one per second) to make before exiting. -The argument must be an integer. -This may be useful in scripts if the connection sometimes fails. -The default is 1. .It Cm ConnectTimeout Specifies the timeout (in seconds) used when connecting to the SSH server, instead of using the default system TCP timeout. @@ -902,14 +873,11 @@ section. Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication identity is read. The default is -.Pa ~/.ssh/identity -for protocol version 1, and .Pa ~/.ssh/id_dsa , .Pa ~/.ssh/id_ecdsa , .Pa ~/.ssh/id_ed25519 and -.Pa ~/.ssh/id_rsa -for protocol version 2. +.Pa ~/.ssh/id_rsa . Additionally, any identities represented by the authentication agent will be used for authentication unless .Cm IdentitiesOnly @@ -1192,21 +1160,6 @@ The default is: gssapi-with-mic,hostbased,publickey, keyboard-interactive,password .Ed -.It Cm Protocol -Specifies the protocol versions -.Xr ssh 1 -should support in order of preference. -The possible values are 1 and 2. -Multiple versions must be comma-separated. -When this option is set to -.Cm 2,1 -.Nm ssh -will try version 2 and fall back to version 1 -if version 2 is not available. -The default is version 2. -Protocol 1 suffers from a number of cryptographic weaknesses and should -not be used. -It is only offered to support legacy devices. .It Cm ProxyCommand Specifies the command to use to connect to the server. The command @@ -1397,28 +1350,6 @@ an OpenSSH Key Revocation List (KRL) as generated by .Xr ssh-keygen 1 . For more information on KRLs, see the KEY REVOCATION LISTS section in .Xr ssh-keygen 1 . -.It Cm RhostsRSAAuthentication -Specifies whether to try rhosts based authentication with RSA host -authentication. -The argument must be -.Cm yes -or -.Cm no -(the default). -This option applies to protocol version 1 only and requires -.Xr ssh 1 -to be setuid root. -.It Cm RSAAuthentication -Specifies whether to try RSA authentication. -The argument to this keyword must be -.Cm yes -(the default) -or -.Cm no . -RSA authentication will only be -attempted if the identity file exists, or an authentication agent is -running. -Note that this option applies to protocol version 1 only. .It Cm SendEnv Specifies what variables from the local .Xr environ 7 -- cgit v1.2.3 From 1112b534a6a7a07190e497e6bf86b0d5c5fb02dc Mon Sep 17 00:00:00 2001 From: "bluhm@openbsd.org" Date: Tue, 30 May 2017 18:58:37 +0000 Subject: upstream commit Add RemoteCommand option to specify a command in the ssh config file instead of giving it on the client's command line. This command will be executed on the remote host. The feature allows to automate tasks using ssh config. OK markus@ Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee --- readconf.c | 13 +++++++++++-- readconf.h | 3 ++- ssh.1 | 5 +++-- ssh.c | 40 ++++++++++++++++++++++++++++++++-------- ssh_config.5 | 12 ++++++++++-- 5 files changed, 58 insertions(+), 15 deletions(-) (limited to 'readconf.h') diff --git a/readconf.c b/readconf.c index 4be5327a9..b11c628f9 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.276 2017/05/20 02:35:47 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.277 2017/05/30 18:58:37 bluhm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -163,7 +163,8 @@ typedef enum { oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, - oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, + oTunnel, oTunnelDevice, + oLocalCommand, oPermitLocalCommand, oRemoteCommand, oVisualHostKey, oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, @@ -284,6 +285,7 @@ static struct { { "tunneldevice", oTunnelDevice }, { "localcommand", oLocalCommand }, { "permitlocalcommand", oPermitLocalCommand }, + { "remotecommand", oRemoteCommand }, { "visualhostkey", oVisualHostKey }, { "kexalgorithms", oKexAlgorithms }, { "ipqos", oIPQoS }, @@ -1440,6 +1442,10 @@ parse_keytypes: intptr = &options->permit_local_command; goto parse_flag; + case oRemoteCommand: + charptr = &options->remote_command; + goto parse_command; + case oVisualHostKey: intptr = &options->visual_host_key; goto parse_flag; @@ -1828,6 +1834,7 @@ initialize_options(Options * options) options->tun_remote = -1; options->local_command = NULL; options->permit_local_command = -1; + options->remote_command = NULL; options->add_keys_to_agent = -1; options->identity_agent = NULL; options->visual_host_key = -1; @@ -2032,6 +2039,7 @@ fill_default_options(Options * options) } \ } while(0) CLEAR_ON_NONE(options->local_command); + CLEAR_ON_NONE(options->remote_command); CLEAR_ON_NONE(options->proxy_command); CLEAR_ON_NONE(options->control_path); CLEAR_ON_NONE(options->revoked_host_keys); @@ -2509,6 +2517,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_string(oKbdInteractiveDevices, o->kbd_interactive_devices); dump_cfg_string(oKexAlgorithms, o->kex_algorithms ? o->kex_algorithms : KEX_CLIENT_KEX); dump_cfg_string(oLocalCommand, o->local_command); + dump_cfg_string(oRemoteCommand, o->remote_command); dump_cfg_string(oLogLevel, log_level_name(o->log_level)); dump_cfg_string(oMacs, o->macs ? o->macs : KEX_CLIENT_MAC); #ifdef ENABLE_PKCS11 diff --git a/readconf.h b/readconf.h index f47f53402..94dd427f5 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.121 2017/04/30 23:18:22 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.122 2017/05/30 18:58:37 bluhm Exp $ */ /* * Author: Tatu Ylonen @@ -134,6 +134,7 @@ typedef struct { char *local_command; int permit_local_command; + char *remote_command; int visual_host_key; int request_tty; diff --git a/ssh.1 b/ssh.1 index 10633d92b..47cd0211d 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.381 2017/05/05 10:41:58 naddy Exp $ -.Dd $Mdocdate: May 5 2017 $ +.\" $OpenBSD: ssh.1,v 1.382 2017/05/30 18:58:37 bluhm Exp $ +.Dd $Mdocdate: May 30 2017 $ .Dt SSH 1 .Os .Sh NAME @@ -518,6 +518,7 @@ For full details of the options listed below, and their possible values, see .It PubkeyAcceptedKeyTypes .It PubkeyAuthentication .It RekeyLimit +.It RemoteCommand .It RemoteForward .It RequestTTY .It SendEnv diff --git a/ssh.c b/ssh.c index cfd6b70e5..6137fd7da 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.460 2017/05/30 08:52:19 markus Exp $ */ +/* $OpenBSD: ssh.c,v 1.461 2017/05/30 18:58:37 bluhm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -973,12 +973,6 @@ main(int ac, char **av) } } - /* Cannot fork to background if no command. */ - if (fork_after_authentication_flag && buffer_len(&command) == 0 && - !no_shell_flag) - fatal("Cannot fork into background without a command " - "to execute."); - /* * Initialize "log" output. Since we are the client all output * goes to stderr unless otherwise specified by -y or -E. @@ -1133,6 +1127,15 @@ main(int ac, char **av) options.use_privileged_port = 0; #endif + if (buffer_len(&command) != 0 && options.remote_command != NULL) + fatal("Cannot execute command-line and remote command."); + + /* Cannot fork to background if no command. */ + if (fork_after_authentication_flag && buffer_len(&command) == 0 && + options.remote_command == NULL && !no_shell_flag) + fatal("Cannot fork into background without a command " + "to execute."); + /* reinit */ log_init(argv0, options.log_level, options.log_facility, !use_syslog); @@ -1141,7 +1144,7 @@ main(int ac, char **av) tty_flag = 1; /* Allocate a tty by default if no command specified. */ - if (buffer_len(&command) == 0) + if (buffer_len(&command) == 0 && options.remote_command == NULL) tty_flag = options.request_tty != REQUEST_TTY_NO; /* Force no tty */ @@ -1197,6 +1200,27 @@ main(int ac, char **av) free(cp); } + if (options.remote_command != NULL) { + debug3("expanding RemoteCommand: %s", options.remote_command); + cp = options.remote_command; + options.remote_command = percent_expand(cp, + "C", conn_hash_hex, + "L", shorthost, + "d", pw->pw_dir, + "h", host, + "l", thishost, + "n", host_arg, + "p", portstr, + "r", options.user, + "u", pw->pw_name, + (char *)NULL); + debug3("expanded RemoteCommand: %s", options.remote_command); + free(cp); + buffer_append(&command, options.remote_command, + strlen(options.remote_command)); + + } + if (options.control_path != NULL) { cp = tilde_expand_filename(options.control_path, original_real_uid); diff --git a/ssh_config.5 b/ssh_config.5 index db37b92cd..2c9e20fec 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.248 2017/05/07 23:12:57 djm Exp $ -.Dd $Mdocdate: May 7 2017 $ +.\" $OpenBSD: ssh_config.5,v 1.249 2017/05/30 18:58:37 bluhm Exp $ +.Dd $Mdocdate: May 30 2017 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1287,6 +1287,14 @@ is .Cm default none , which means that rekeying is performed after the cipher's default amount of data has been sent or received and no time based rekeying is done. +.It Cm RemoteCommand +Specifies a command to execute on the remote machine after successfully +connecting to the server. +The command string extends to the end of the line, and is executed with +the user's shell. +The same escape character substitutions as for +.Cm LocalCommand +will be performed. .It Cm RemoteForward Specifies that a TCP port on the remote machine be forwarded over the secure channel to the specified host and port from the local machine. -- cgit v1.2.3 From 22376d27a349f62c502fec3396dfe0fdcb2a40b7 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 3 Sep 2017 23:33:13 +0000 Subject: upstream commit Expand ssh_config's StrictModes option with two new settings: StrictModes=accept-new will automatically accept hitherto-unseen keys but will refuse connections for changed or invalid hostkeys. StrictModes=off is the same as StrictModes=no Motivation: StrictModes=no combines two behaviours for host key processing: automatically learning new hostkeys and continuing to connect to hosts with invalid/changed hostkeys. The latter behaviour is quite dangerous since it removes most of the protections the SSH protocol is supposed to provide. Quite a few users want to automatically learn hostkeys however, so this makes that feature available with less danger. At some point in the future, StrictModes=no will change to be a synonym for accept-new, with its current behaviour remaining available via StrictModes=off. bz#2400, suggested by Michael Samuel; ok markus Upstream-ID: 0f55502bf75fc93a74fb9853264a8276b9680b64 --- readconf.c | 19 +++++++++++++++---- readconf.h | 7 ++++++- ssh_config.5 | 18 +++++++++++++----- sshconnect.c | 30 ++++++++++++++++++------------ 4 files changed, 52 insertions(+), 22 deletions(-) (limited to 'readconf.h') diff --git a/readconf.c b/readconf.c index b11c628f9..4f38b27cf 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.277 2017/05/30 18:58:37 bluhm Exp $ */ +/* $OpenBSD: readconf.c,v 1.278 2017/09/03 23:33:13 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -751,6 +751,16 @@ static const struct multistate multistate_yesnoask[] = { { "ask", 2 }, { NULL, -1 } }; +static const struct multistate multistate_strict_hostkey[] = { + { "true", SSH_STRICT_HOSTKEY_YES }, + { "false", SSH_STRICT_HOSTKEY_OFF }, + { "yes", SSH_STRICT_HOSTKEY_YES }, + { "no", SSH_STRICT_HOSTKEY_OFF }, + { "ask", SSH_STRICT_HOSTKEY_ASK }, + { "off", SSH_STRICT_HOSTKEY_OFF }, + { "accept-new", SSH_STRICT_HOSTKEY_NEW }, + { NULL, -1 } +}; static const struct multistate multistate_yesnoaskconfirm[] = { { "true", 1 }, { "false", 0 }, @@ -984,7 +994,7 @@ parse_time: case oStrictHostKeyChecking: intptr = &options->strict_host_key_checking; - multistate_ptr = multistate_yesnoask; + multistate_ptr = multistate_strict_hostkey; goto parse_multistate; case oCompression: @@ -1927,7 +1937,7 @@ fill_default_options(Options * options) if (options->check_host_ip == -1) options->check_host_ip = 1; if (options->strict_host_key_checking == -1) - options->strict_host_key_checking = 2; /* 2 is default */ + options->strict_host_key_checking = SSH_STRICT_HOSTKEY_ASK; if (options->compression == -1) options->compression = 0; if (options->tcp_keep_alive == -1) @@ -2329,9 +2339,10 @@ fmt_intarg(OpCodes code, int val) case oAddressFamily: return fmt_multistate_int(val, multistate_addressfamily); case oVerifyHostKeyDNS: - case oStrictHostKeyChecking: case oUpdateHostkeys: return fmt_multistate_int(val, multistate_yesnoask); + case oStrictHostKeyChecking: + return fmt_multistate_int(val, multistate_strict_hostkey); case oControlMaster: return fmt_multistate_int(val, multistate_controlmaster); case oTunnel: diff --git a/readconf.h b/readconf.h index 94dd427f5..22fe5c187 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.122 2017/05/30 18:58:37 bluhm Exp $ */ +/* $OpenBSD: readconf.h,v 1.123 2017/09/03 23:33:13 djm Exp $ */ /* * Author: Tatu Ylonen @@ -190,6 +190,11 @@ typedef struct { #define SSH_UPDATE_HOSTKEYS_YES 1 #define SSH_UPDATE_HOSTKEYS_ASK 2 +#define SSH_STRICT_HOSTKEY_OFF 0 +#define SSH_STRICT_HOSTKEY_NEW 1 +#define SSH_STRICT_HOSTKEY_YES 2 +#define SSH_STRICT_HOSTKEY_ASK 3 + void initialize_options(Options *); void fill_default_options(Options *); void fill_default_options_for_canonicalization(Options *); diff --git a/ssh_config.5 b/ssh_config.5 index 15ca0b4f9..3823da6f3 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.253 2017/07/23 23:37:02 djm Exp $ -.Dd $Mdocdate: July 23 2017 $ +.\" $OpenBSD: ssh_config.5,v 1.254 2017/09/03 23:33:13 djm Exp $ +.Dd $Mdocdate: September 3 2017 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1459,9 +1459,17 @@ frequently made. This option forces the user to manually add all new hosts. If this flag is set to -.Cm no , -ssh will automatically add new host keys to the -user known hosts files. +.Dq accept-new +then ssh will automatically add new new host keys to the user +known hosts files, but will not permit connections to hosts with +changed host keys. +If this flag is set to +.Dq no +or +.Dq off , +ssh will automatically add new host keys to the user known hosts files, +and allow connections to hosts with changed hostkeys to proceed subject +to some restrictions. If this flag is set to .Cm ask (the default), diff --git a/sshconnect.c b/sshconnect.c index 4013ec7db..2842d9e59 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.284 2017/09/01 05:53:56 djm Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.285 2017/09/03 23:33:13 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -891,7 +891,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, if (readonly || want_cert) goto fail; /* The host is new. */ - if (options.strict_host_key_checking == 1) { + if (options.strict_host_key_checking == + SSH_STRICT_HOSTKEY_YES) { /* * User has requested strict host key checking. We * will not add the host key automatically. The only @@ -900,7 +901,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, error("No %s host key is known for %.200s and you " "have requested strict checking.", type, host); goto fail; - } else if (options.strict_host_key_checking == 2) { + } else if (options.strict_host_key_checking == + SSH_STRICT_HOSTKEY_ASK) { char msg1[1024], msg2[1024]; if (show_other_keys(host_hostkeys, host_key)) @@ -944,8 +946,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, hostkey_trusted = 1; /* user explicitly confirmed */ } /* - * If not in strict mode, add the key automatically to the - * local known_hosts file. + * If in "new" or "off" strict mode, add the key automatically + * to the local known_hosts file. */ if (options.check_host_ip && ip_status == HOST_NEW) { snprintf(hostline, sizeof(hostline), "%s,%s", host, ip); @@ -987,7 +989,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, * If strict host key checking is in use, the user will have * to edit the key manually and we can only abort. */ - if (options.strict_host_key_checking) { + if (options.strict_host_key_checking != + SSH_STRICT_HOSTKEY_OFF) { error("%s host key for %.200s was revoked and you have " "requested strict checking.", type, host); goto fail; @@ -1040,7 +1043,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, * If strict host key checking is in use, the user will have * to edit the key manually and we can only abort. */ - if (options.strict_host_key_checking) { + if (options.strict_host_key_checking != + SSH_STRICT_HOSTKEY_OFF) { error("%s host key for %.200s has changed and you have " "requested strict checking.", type, host); goto fail; @@ -1127,15 +1131,17 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, "\nMatching host key in %s:%lu", host_found->file, host_found->line); } - if (options.strict_host_key_checking == 1) { - logit("%s", msg); - error("Exiting, you have requested strict checking."); - goto fail; - } else if (options.strict_host_key_checking == 2) { + if (options.strict_host_key_checking == + SSH_STRICT_HOSTKEY_ASK) { strlcat(msg, "\nAre you sure you want " "to continue connecting (yes/no)? ", sizeof(msg)); if (!confirm(msg)) goto fail; + } else if (options.strict_host_key_checking != + SSH_STRICT_HOSTKEY_OFF) { + logit("%s", msg); + error("Exiting, you have requested strict checking."); + goto fail; } else { logit("%s", msg); } -- cgit v1.2.3