Commit Graph

266 Commits

Author SHA1 Message Date
djm@openbsd.org
d081f017c2 upstream: spelling errors in comments; no code change from
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
2020-03-14 19:39:09 +11:00
jsg@openbsd.org
d5ba1c0327 upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
2020-02-28 12:26:28 +11:00
naddy@openbsd.org
a47f6a6c0e upstream: Replace "security key" with "authenticator" in program
messages.

This replaces "security key" in error/usage/verbose messages and
distinguishes between "authenticator" and "authenticator-hosted key".

ok djm@

OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
2020-02-07 09:52:59 +11:00
dtucker@openbsd.org
3bf2a6ac79 upstream: Replace all calls to signal(2) with a wrapper around
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
2020-01-23 18:51:25 +11:00
djm@openbsd.org
56584cce75 upstream: allow security keys to act as host keys as well as user
keys.

Previously we didn't do this because we didn't want to expose
the attack surface presented by USB and FIDO protocol handling,
but now that this is insulated behind ssh-sk-helper there is
less risk.

ok markus@

OpenBSD-Commit-ID: 77b068dd133b8d87e0f010987bd5131e640ee64c
2019-12-16 14:19:41 +11:00
djm@openbsd.org
21377ec2a9 upstream: redundant test
OpenBSD-Commit-ID: 38fa7806c528a590d91ae560e67bd8b246c2d7a3
2019-11-25 21:33:58 +11:00
djm@openbsd.org
2e71263b80 upstream: add a "no-touch-required" option for authorized_keys and
a similar extension for certificates. This option disables the default
requirement that security key signatures attest that the user touched their
key to authorize them.

feedback deraadt, ok markus

OpenBSD-Commit-ID: f1fb56151ba68d55d554d0f6d3d4dba0cf1a452e
2019-11-25 12:23:40 +11:00
djm@openbsd.org
0fddf2967a upstream: Add a sshd_config PubkeyAuthOptions directive
This directive has a single valid option "no-touch-required" that
causes sshd to skip checking whether user presence was tested before
a security key signature was made (usually by the user touching the
key).

ok markus@

OpenBSD-Commit-ID: 46e434a49802d4ed82bc0aa38cb985c198c407de
2019-11-25 12:23:40 +11:00
djm@openbsd.org
b7e74ea072 upstream: Add new structure for signature options
This is populated during signature verification with additional fields
that are present in and covered by the signature. At the moment, it is
only used to record security key-specific options, especially the flags
field.

with and ok markus@

OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
2019-11-25 12:23:33 +11:00
djm@openbsd.org
26369a5f7d upstream: a little more information from the monitor when signature
verification fails.

OpenBSD-Commit-ID: e6a30071e0518cac512f9e10be3dc3500e2003f3
2019-11-20 09:27:29 +11:00
djm@openbsd.org
9a14c64c38 upstream: Refactor signing - use sshkey_sign for everything,
including the new U2F signatures.

Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.

Suggested by / ok markus@

OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
2019-11-01 09:46:10 +11:00
djm@openbsd.org
e827aedf88 upstream: reversed test yielded incorrect debug message
OpenBSD-Commit-ID: 78bb512d04cfc238adb2c5b7504ac93eecf523b3
2019-10-09 11:06:47 +11:00
Damien Miller
cfc1897a20 wrap stdint.h include in HAVE_STDINT_H
make the indenting a little more consistent too..

Fixes Solaris 2.6; reported by Tom G. Christensen
2019-10-09 09:06:35 +11:00
deraadt@openbsd.org
4d28fa78ab upstream: When system calls indicate an error they return -1, not
some arbitrary value < 0.  errno is only updated in this case.  Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-07-05 11:10:39 +10:00
djm@openbsd.org
aaca72d6f1 upstream: rename kex->kem_client_pub -> kex->client_pub now that
KEM has been renamed to kexgen

from markus@ ok djm@

OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8
2019-01-21 23:13:03 +11:00
djm@openbsd.org
92dda34e37 upstream: use KEM API for vanilla ECDH
from markus@ ok djm@

OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
2019-01-21 23:13:02 +11:00
djm@openbsd.org
9c9c97e14f upstream: use KEM API for vanilla DH KEX
from markus@ ok djm@

OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
2019-01-21 22:08:47 +11:00
djm@openbsd.org
2f6a9ddbbf upstream: use KEM API for vanilla c25519 KEX
OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
2019-01-21 22:08:04 +11:00
djm@openbsd.org
dfd591618c upstream: Add support for a PQC KEX/KEM:
sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not
enabled by default.

introduce KEM API; a simplified framework for DH-ish KEX methods.

from markus@ feedback & ok djm@

OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7
2019-01-21 22:07:02 +11:00
Damien Miller
9b655dc9c9 last bits of old packet API / active_state global 2019-01-20 14:55:27 +11:00
Damien Miller
3f0786bbe7 remove PAM dependencies on old packet API
Requires some caching of values, because the PAM code isn't
always called with packet context.
2019-01-20 10:22:18 +11:00
djm@openbsd.org
04c091fc19 upstream: remove last references to active_state
with & ok markus@

OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
2019-01-20 09:45:18 +11:00
djm@openbsd.org
ec00f918b8 upstream: convert monitor.c to new packet API
with & ok markus@

OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5
2019-01-20 09:45:18 +11:00
djm@openbsd.org
3a00a92159 upstream: convert auth.c to new packet API
with & ok markus@

OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
2019-01-20 09:45:17 +11:00
djm@openbsd.org
0fa174ebe1 upstream: begin landing remaining refactoring of packet parsing
API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.

with & ok markus@

OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2019-01-20 09:02:10 +11:00
djm@openbsd.org
e76135e300 upstream: fix bug in HostbasedAcceptedKeyTypes and
PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types were
specified, then authentication would always fail for RSA keys as the monitor
checks only the base key (not the signature algorithm) type against
*AcceptedKeyTypes. bz#2746; reported by Jakub Jelen; ok dtucker

OpenBSD-Commit-ID: 117bc3dc54578dbdb515a1d3732988cb5b00461b
2018-11-16 13:52:17 +11:00
Damien Miller
48f54b9d12 adapt -portable to OpenSSL 1.1x API
Polyfill missing API with replacement functions extracted from LibreSSL
2018-09-13 12:13:50 +10:00
djm@openbsd.org
482d23bcac upstream: hold our collective noses and use the openssl-1.1.x API in
OpenSSH; feedback and ok tb@ jsing@ markus@

OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
2018-09-13 12:12:33 +10:00
Damien Miller
87f08be054 Remove support for S/Key
Most people will 1) be using modern multi-factor authentication methods
like TOTP/OATH etc and 2) be getting support for multi-factor
authentication via PAM or BSD Auth.
2018-07-31 12:59:30 +10:00
djm@openbsd.org
6ad8648e83 upstream: remove unused zlib.h
OpenBSD-Commit-ID: 8d274a9b467c7958df12668b49144056819f79f1
2018-07-20 14:32:07 +10:00
markus@openbsd.org
5467fbcb09 upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12 13:18:25 +10:00
Darren Tucker
380320bb72 Supply some more missing "int r" in skey 2018-07-11 10:11:17 +10:00
Darren Tucker
79c9d35018 Supply missing "int r" in skey code. 2018-07-11 09:54:00 +10:00
Damien Miller
120a1ec74e Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
djm@openbsd.org
0f3958c1e6 upstream: kerberos/gssapi fixes for buffer removal
OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c
2018-07-10 19:15:35 +10:00
markus@openbsd.org
235c7c4e3b upstream: sshd: switch monitor to sshbuf API; lots of help & ok
djm@

OpenBSD-Commit-ID: d89bd02d33974fd35ca0b8940d88572227b34a48
2018-07-10 16:40:18 +10:00
markus@openbsd.org
c7d39ac8dc upstream: sshd: switch authentication to sshbuf API; ok djm@
OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
2018-07-10 15:27:43 +10:00
markus@openbsd.org
2808d18ca4 upstream: sshd: switch loginmsg to sshbuf API; ok djm@
OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
2018-07-10 15:21:58 +10:00
djm@openbsd.org
7c85685760 upstream: switch over to the new authorized_keys options API and
remove the legacy one.

Includes a fairly big refactor of auth2-pubkey.c to retain less state
between key file lines.

feedback and ok markus@

OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
2018-03-03 14:37:16 +11:00
tb@openbsd.org
3484380110 upstream commit
Add a couple of non-negativity checks to avoid close(-1).

ok djm

OpenBSD-Commit-ID: 4701ce0b37161c891c838d0931305f1d37a50880
2018-02-07 07:50:46 +11:00
djm@openbsd.org
14b5c635d1 upstream commit
Drop compatibility hacks for some ancient SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*.

These versions were all released in or before 2001 and predate the
final SSH RFCs. The hacks in question aren't necessary for RFC-
compliant SSH implementations.

ok markus@

OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
2018-01-23 16:40:29 +11:00
djm@openbsd.org
d45d69f2a9 upstream commit
revert stricter key type / signature type checking in
userauth path; too much software generates inconsistent messages, so we need
a better plan.

OpenBSD-Commit-ID: 4a44ddc991c803c4ecc8f1ad40e0ab4d22e1c519
2017-12-21 15:40:19 +11:00
djm@openbsd.org
04c7e28f83 upstream commit
pass negotiated signing algorithm though to
sshkey_verify() and check that the negotiated algorithm matches the type in
the signature (only matters for RSA SHA1/SHA2 sigs). ok markus@

OpenBSD-Commit-ID: 735fb15bf4adc060d3bee9d047a4bcaaa81b1af9
2017-12-19 15:21:37 +11:00
djm@openbsd.org
dceabc7ad7 upstream commit
replace statically-sized arrays in ServerOptions with
dynamic ones managed by xrecallocarray, removing some arbitrary (though
large) limits and saving a bit of memory; "much nicer" markus@

Upstream-ID: 1732720b2f478fe929d6687ac7b0a97ff2efe9d2
2017-10-20 12:01:02 +11:00
djm@openbsd.org
66bf74a921 upstream commit
Fix PermitOpen crash; spotted by benno@, ok dtucker@ deraadt@

Upstream-ID: c2cc84ffac070d2e1ff76182c70ca230a387983c
2017-10-03 06:34:26 +11:00
djm@openbsd.org
dbee4119b5 upstream commit
refactor channels.c

Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.

Explicitly pass "struct ssh" to all channels functions.

Replace use of the legacy packet APIs in channels.c.

Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.

ok markus@

Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
2017-09-12 17:37:02 +10:00
djm@openbsd.org
8f57495927 upstream commit
refactor authentication logging

optionally record successful auth methods and public credentials
used in a file accessible to user sessions

feedback and ok markus@

Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
2017-06-24 16:56:11 +10:00
markus@openbsd.org
84008608c9 upstream commit
use SO_ZEROIZE for privsep communication (if available)

Upstream-ID: abcbb6d2f8039fc4367a6a78096e5d5c39de4a62
2017-06-01 14:55:23 +10:00
markus@openbsd.org
1e0cdf8efb upstream commit
clear session keys from memory; ok djm@

Upstream-ID: ecd178819868975affd5fd6637458b7c712b6a0f
2017-06-01 14:54:46 +10:00
markus@openbsd.org
00ed75c92d upstream commit
switch auth2-pubkey.c to modern APIs; with & ok djm@

Upstream-ID: 8f08d4316eb1b0c4ffe4a206c05cdd45ed1daf07
2017-05-31 10:47:31 +10:00