Commit Graph

78 Commits

Author SHA1 Message Date
Darren Tucker
5372db7e79
Remove seed passing over reexec.
This was added for the benefit of platforms using ssh-rand-helper to
prevent a delay on each connection as sshd reseeded itself.

ssh-random-helper is long gone, and since the re-exec happens before the
chroot the re-execed sshd can reseed itself normally. ok djm@
2022-11-10 12:44:51 +11:00
Darren Tucker
e43a898043 Split EGD/PRNGD interface into its own file.
This will allow us to use it when building --without-openssl.
2021-06-18 18:32:51 +10:00
Darren Tucker
945bf52c3c Fix a couple of mysig_t leftovers. 2020-01-23 21:06:45 +11:00
dtucker@openbsd.org
3bf2a6ac79 upstream: Replace all calls to signal(2) with a wrapper around
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
2020-01-23 18:51:25 +11:00
Damien Miller
13c508dfed typo in comment 2019-10-02 10:51:15 +10:00
Darren Tucker
9634ffbf29 Add headers to prevent warnings w/out OpenSSL. 2019-07-23 22:26:20 +10:00
Darren Tucker
01a1e21cd5 Add missing bracket in EGD seeding code.
When configured --with-prngd-socket the code had a missing bracket after
an API change.  Fix that and a couple of warnings.  bz#3032 , from
ole.weidner at protonmail.ch
2019-07-06 12:06:48 +10:00
Darren Tucker
c721d58775 Move RANDOM_SEED_SIZE outside ifdef.
RANDOM_SEED_SIZE is used by both the OpenSSL and non-OpenSSL code
This fixes the build with configureed --without-openssl.
2018-11-23 14:11:20 +11:00
Damien Miller
42c5ec4b97 refactor libcrypto initialisation
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
supports it.

Move all libcrypto initialisation to a single function, and call that
from seed_rng() that is called early in each tool's main().

Prompted by patch from Rosen Penev
2018-11-23 10:42:05 +11:00
Damien Miller
859754bdeb remove remaining references to SSLeay
Prompted by Rosen Penev
2018-10-23 17:10:41 +11:00
Damien Miller
120a1ec74e Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
Darren Tucker
389125b25d Replace remaining mysignal() with signal().
These seem to have been missed during the replacement of mysignal
with #define signal in commit 5ade9ab.  Both include the requisite
headers to pick up the #define.
2018-02-15 22:06:26 +11:00
Damien Miller
72ef7c148c support --without-openssl at configure time
Disables and removes dependency on OpenSSL. Many features don't
work and the set of crypto options is greatly restricted. This
will only work on system with native arc4random or /dev/urandom.

Considered highly experimental for now.
2015-01-15 02:28:36 +11:00
Damien Miller
8668706d0f - djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
     [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
     [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
     [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
     [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
     [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
     [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
     [sshconnect2.c sshd.c sshkey.c sshkey.h
     [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
     New key API: refactor key-related functions to be more library-like,
     existing API is offered as a set of wrappers.

     with and ok markus@

     Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
     Dempsky and Ron Bowes for a detailed review a few months ago.

     NB. This commit also removes portable OpenSSH support for OpenSSL
     <0.9.8e.
2014-07-02 15:28:02 +10:00
Darren Tucker
316fac6f18 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
   Move the OpenSSL header/library version test into its own function and add
   tests for it. Fix it to allow fix version upgrades (but not downgrades).
   Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
   ok djm@ chl@
2014-06-17 23:06:07 +10:00
Damien Miller
4d55734c16 - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running
openssh binaries on a newer fix release than they were compiled on.
   with and ok dtucker@
2012-03-30 11:34:27 +11:00
Damien Miller
f22019bdbf - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@ for testing on affected platforms.
2011-05-05 13:48:37 +10:00
Damien Miller
ff22df538e - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
gcc warning on platforms where it defaults to int
2011-01-13 21:05:27 +11:00
Darren Tucker
a8d51ee307 - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include
string.h to prevent warnings, from vapier at gentoo.org.
2007-03-13 07:35:38 +11:00
Darren Tucker
23dd658e57 - (dtucker) [entropy.c] Bug #1238: include signal.h to fix compilation error
on Solaris 8 w/out /dev/random or prngd.  Patch from rl at
   math.technion.ac.il.
2006-09-28 19:40:20 +10:00
Damien Miller
ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
Darren Tucker
ecf28ba7aa - (dtucker) [entropy.c] Needs unistd.h too. 2006-08-05 15:50:20 +10:00
Damien Miller
4cbfe8ebeb - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
remove last traces of bufaux.h - it was merged into buffer.h in the big
   includes.h commit
2006-08-05 12:49:30 +10:00
Darren Tucker
e0e4aad1fd - (dtucker) [entropy.c] More fcntl.h, this time on AIX (and probably
others).
2006-07-11 19:01:51 +10:00
Damien Miller
b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
2006-03-26 00:03:21 +11:00
Darren Tucker
d82cbcb9da - (dtucker) [entropy.c] Add headers for WIFEXITED and friends. 2006-03-16 07:21:35 +11:00
Darren Tucker
46e7ba5d53 - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency 2005-09-28 08:26:30 +10:00
Darren Tucker
c6f8219e0d - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
process when sshd relies on ssh-random-helper.  Should result in faster
   logins on systems without a real random device or prngd.  ok djm@
2005-09-27 22:46:32 +10:00
Darren Tucker
f1377bdeed - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
calls, since they can't possibly fail.  ok djm@
2005-09-27 19:50:25 +10:00
Damien Miller
b6f72f5294 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
2005-07-17 17:26:43 +10:00
Damien Miller
787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller
a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
Ben Lindstrom
5ade9abc37 - (bal) redo how we handle 'mysignal()'. Move it to
openbsd-compat/bsd-misc.c, s/mysignal/signal/ and #define signal to
   be our 'mysignal' by default.  OK djm@
2003-08-25 01:16:21 +00:00
Damien Miller
c46b6bc4f7 - (djm) A few type mismatch fixes from Bug #565 2003-05-16 15:51:44 +10:00
Ben Lindstrom
5a6abdae0f unexpand 2002-06-09 19:41:48 +00:00
Tim Rice
f02dccc0dc [entropy.c.] Portability fix for SCO Unix 3.2v4.x (SCO OSR 3.0).
entropy.c needs seteuid(getuid()) for the setuid(original_uid) to succeed.
Patch by gert@greenie.muc.de. This fixes one part of Bug 208
2002-04-21 11:26:10 -07:00
Damien Miller
a370f4dcc6 - (djm) Avoid SIGCHLD breakage when run from rsync. Fix from
Sturle Sunde <sturle.sunde@usit.uio.no>
2002-04-18 22:53:22 +10:00
Kevin Steves
581930735a - (stevesk) entropy.c: typo in debug message 2002-03-11 00:16:34 +00:00
Damien Miller
6c21c51c48 - (djm) autoconf hacking:
- We don't support --without-zlib currently, so don't allow it.
   - Rework cryptographic random number support detection. We now detect
     whether OpenSSL seeds itself. If it does, then we don't bother with
     the ssh-rand-helper program. You can force the use of ssh-rand-helper
     using the --with-rand-helper configure argument
   - Simplify and clean up ssh-rand-helper configuration
2002-01-22 21:57:53 +11:00
Damien Miller
62116dcc0a - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from
solar@openwall.com
 - (djm) Rework entropy code. If the OpenSSL PRNG is has not been
   internally seeded, execute a subprogram "ssh-rand-helper" to obtain
   some entropy for us. Rewrite the old in-process entropy collecter as
   an example ssh-rand-helper.
 - (djm) Always perform ssh_prng_cmds path lookups in configure, even if
   we don't end up using ssh_prng_cmds (so we always get a valid file)
2001-12-24 01:41:47 +11:00
Damien Miller
2ab5924d1f - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
a fast UltraSPARC.
2001-08-06 16:51:49 +10:00
Damien Miller
79b332dd67 - (djm) Fix a few warnings the above turned up 2001-06-27 23:36:08 +10:00
Damien Miller
60bc517356 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
do it implicitly.
2001-03-19 09:38:15 +11:00
Damien Miller
d0ccb989c2 - Allow PRNGd entropy collection from localhost TCP socket. Replace
"--with-egd-pool" configure option with "--with-prngd-socket" and
   "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
   <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2001-03-04 00:29:20 +11:00
Damien Miller
3456d32a92 avoid warning 2001-02-27 11:00:52 +11:00
Damien Miller
248131ae99 - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
<markm@swoon.net>
2001-02-27 09:47:16 +11:00
Damien Miller
767c7fc27c - (djm) fatal() on OpenSSL version mismatch 2001-02-27 09:20:57 +11:00
Damien Miller
fbd884a80d - (djm) Fix up POSIX saved uid support. Report from Mark Miller
<markm@swoon.net>
 - (djm) Search for -lcrypt on FreeBSD too
2001-02-27 08:39:07 +11:00
Damien Miller
bb7c976202 - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
Based on patch from Tim Rice <tim@multitalents.net>
2001-02-26 20:49:58 +11:00
Kevin Steves
4679f5b94f - (stevesk) entropy.c: typo; should be SIGPIPE 2001-02-18 11:34:32 +00:00