Commit Graph

508 Commits

Author SHA1 Message Date
Damien Miller
715c892f0a remove sys/param.h in -portable, after upstream 2021-12-22 09:02:50 +11:00
djm@openbsd.org
b5aa27b69a upstream: remove a bunch of %p in format strings; leftovers of
debuggings past. prompted by Michael Forney, ok dtucker@

OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
2021-08-11 18:37:30 +10:00
djm@openbsd.org
31d8d231eb upstream: highly polished whitespace, mostly fixing spaces-for-tab
and bad indentation on continuation lines. Prompted by GHPR#185

OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
2021-04-03 17:23:02 +11:00
Damien Miller
f060c2bc85 don't free string returned by login_getcapstr(3)
OpenBSD and NetBSD require the caller to free strings returned
bu the login_* functions, but FreeBSD requires that callers don't.

Fortunately in this case, we can harmlessly leak as the process is
about to exec the shell/command.

From https://reviews.freebsd.org/D28617 via Ed Maste; ok dtucker@
2021-02-18 10:36:54 +11:00
djm@openbsd.org
bef92346c4 upstream: use _PATH_SSH_USER_DIR instead of hardcoded .ssh in path
OpenBSD-Commit-ID: 5c1048468813107baa872f5ee33ba51623630e01
2020-12-14 15:38:50 +11:00
djm@openbsd.org
022def7bd1 upstream: check result of strchr() against NULL rather than
searched-for characters; from zhongjubin@huawei.com

OpenBSD-Commit-ID: e6f57de1d4a4d25f8db2d44e8d58d847e247a4fe
2020-11-28 23:59:42 +11:00
Duncan Eastoe
a575cf44e5 session.c: use "denylist" terminology
Follow upstream (6d755706a0) language
improvements in this portable-specific code.
2020-10-29 13:45:10 +11:00
djm@openbsd.org
816036f142 upstream: use the new variant log macros instead of prepending
__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
Darren Tucker
d7e71be4fd Adjust portable code to match changes in 939d787d, 2020-07-15 15:30:43 +10:00
deraadt@openbsd.org
6368022cd4 upstream: correct recently broken comments
OpenBSD-Commit-ID: 964d9a88f7de1d0eedd3f8070b43fb6e426351f1
2020-07-15 15:08:10 +10:00
djm@openbsd.org
6d755706a0 upstream: some language improvements; ok markus
OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
2020-07-15 15:07:42 +10:00
djm@openbsd.org
20b5fab9f7 upstream: avoid tilde_expand_filename() in expanding ~/.ssh/rc - if
sshd is in chroot mode, the likely absence of a password database will cause
tilde_expand_filename() to fatal; ok dtucker@

OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
2020-07-03 17:03:54 +10:00
djm@openbsd.org
c8935081db upstream: when redirecting sshd's log output to a file, undo this
redirection after the session child process is forked(); ok dtucker@

OpenBSD-Commit-ID: 6df86dd653c91f5bc8ac1916e7680d9d24690865
2020-07-03 17:03:54 +10:00
dtucker@openbsd.org
c9e24daac6 upstream: Expand path to ~/.ssh/rc rather than relying on it
being relative to the current directory, so that it'll still be found if the
shell startup changes its directory.  Since the path is potentially longer,
make the cmd buffer that uses it dynamically sized.  bz#3185, with & ok djm@

OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
2020-06-26 15:18:45 +10:00
djm@openbsd.org
d081f017c2 upstream: spelling errors in comments; no code change from
OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
2020-03-14 19:39:09 +11:00
dtucker@openbsd.org
3bf2a6ac79 upstream: Replace all calls to signal(2) with a wrapper around
sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
2020-01-23 18:51:25 +11:00
Damien Miller
a8bd5fdbdb Wrap copy_environment_blacklist() in #ifdef
It's only needed for USE_PAM or HAVE_CYGWIN cases and will cause compiler
warnings otherwise.
2020-01-21 12:32:16 +11:00
Ruben Kerkhof
b3f7009c9f Fix missing prototype warning for copy_environment
This function is only used in this file, and only on Cygwin, so make
it static and hide it behind HAVE_CYGWIN.  Prevents missing prototype
warning.
2020-01-21 10:47:29 +11:00
deraadt@openbsd.org
72687c8e7c upstream: stdarg.h required more broadly; ok djm
OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
2019-11-15 08:50:10 +11:00
deraadt@openbsd.org
4d28fa78ab upstream: When system calls indicate an error they return -1, not
some arbitrary value < 0.  errno is only updated in this case.  Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-07-05 11:10:39 +10:00
Damien Miller
885bc11469 session: Do not use removed API
from Jakub Jelen
2019-04-04 02:47:40 +11:00
djm@openbsd.org
625b62634c upstream: perform removal of agent-forwarding directory in forward
setup error path with user's privileged. This is a no-op as this code always
runs with user privilege now that we no longer support running sshd with
privilege separation disabled, but as long as the privsep skeleton is there
we should follow the rules.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

bz#2969 with patch from Erik Sjölund

OpenBSD-Commit-ID: 2b708401a5a8d6133c865d7698d9852210dca846
2019-02-22 14:38:38 +11:00
djm@openbsd.org
318e4f8548 upstream: syslog when connection is dropped for attempting to run a
command when ForceCommand=internal-sftp is in effect; bz2960; ok dtucker@

OpenBSD-Commit-ID: 8c87fa66d7fc6c0fffa3a3c28e8ab5e8dde234b8
2019-02-10 22:24:24 +11:00
Damien Miller
2ff2e19653 don't set $MAIL if UsePam=yes
PAM typically specifies the user environment if it's enabled, so don't
second guess. bz#2937; ok dtucker@
2019-02-08 14:53:35 +11:00
dtucker@openbsd.org
8c53d409ba upstream: Adapt code in the non-USE_PIPES codepath to the new packet
API. This code is not normally reachable since USE_PIPES is always defined.
bz#2961, patch from adrian.fita at gmail com.

OpenBSD-Commit-ID: 8d8428d678d1d5eb4bb21921df34e8173e6d238a
2019-02-08 13:10:57 +11:00
Damien Miller
9b655dc9c9 last bits of old packet API / active_state global 2019-01-20 14:55:27 +11:00
djm@openbsd.org
a5e2ad88ac upstream: convert session.c to new packet API
with & ok markus@

OpenBSD-Commit-ID: fae817207e23099ddd248960c984f7b7f26ea68e
2019-01-20 09:45:18 +11:00
djm@openbsd.org
3a00a92159 upstream: convert auth.c to new packet API
with & ok markus@

OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
2019-01-20 09:45:17 +11:00
djm@openbsd.org
0fa174ebe1 upstream: begin landing remaining refactoring of packet parsing
API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.

with & ok markus@

OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2019-01-20 09:02:10 +11:00
djm@openbsd.org
f47d72ddad upstream: tun_fwd_ifnames variable should b
=?UTF-8?q?e=20extern;=20from=20Hanno=20B=C3=B6ck?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

OpenBSD-Commit-ID: d53dede6e521161bf04d39d09947db6253a38271
2019-01-17 15:47:24 +11:00
Damien Miller
8a22ffaa13 expose $SSH_CONNECTION in the PAM environment
This makes the connection 4-tuple available to PAM modules that
wish to use it in decision-making. bz#2741
2018-12-14 13:23:48 +11:00
djm@openbsd.org
2a35862e66 upstream: use path_absolute() for pathname checks; from Manoj Ampalam
OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925
2018-11-16 14:37:33 +11:00
djm@openbsd.org
f1dd179e12 upstream: include a little more information about the status and
disposition of channel's extended (stderr) fd; makes debugging some things a
bit easier. No behaviour change.

OpenBSD-Commit-ID: 483eb6467dc7d5dbca8eb109c453e7a43075f7ce
2018-10-04 10:44:49 +10:00
Damien Miller
ff3a411cae only support SIGINFO on systems with SIGINFO 2018-10-02 22:49:40 +10:00
djm@openbsd.org
cd98925c64 upstream: Add server support for signalling sessions via the SSH
channel/ session protocol. Signalling is only supported to sesssions that are
not subsystems and were not started with a forced command.

Long requested in bz#1424

Based on a patch from markus@ and reworked by dtucker@;
ok markus@ dtucker@

OpenBSD-Commit-ID: 4bea826f575862eaac569c4bedd1056a268be1c3
2018-10-02 22:41:01 +10:00
deraadt@openbsd.org
21fd477a85 upstream: fix indent; Clemens Goessnitzer
OpenBSD-Commit-ID: b5149a6d92b264d35f879d24608087b254857a83
2018-07-26 13:54:30 +10:00
markus@openbsd.org
5467fbcb09 upstream: remove legacy key emulation layer; ok djm@
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-12 13:18:25 +10:00
Damien Miller
120a1ec74e Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
markus@openbsd.org
2808d18ca4 upstream: sshd: switch loginmsg to sshbuf API; ok djm@
OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
2018-07-10 15:21:58 +10:00
markus@openbsd.org
89dd615b8b upstream: ttymodes: switch to sshbuf API; ok djm@
OpenBSD-Commit-ID: 5df340c5965e822c9da21e19579d08dea3cbe429
2018-07-10 15:19:12 +10:00
Darren Tucker
3deb56f719 Fix other callers of read_environment_file.
read_environment_file recently gained an extra argument   Some platform
specific code also calls it so add the argument to those too.  Fixes
build on Solaris and AIX.
2018-07-05 13:32:01 +10:00
djm@openbsd.org
95344c2574 upstream: allow sshd_config PermitUserEnvironment to accept a
pattern-list of whitelisted environment variable names in addition to yes|no.

bz#1800, feedback and ok markus@

OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
2018-07-03 21:01:30 +10:00
djm@openbsd.org
28013759f0 upstream: add a SetEnv directive for sshd_config to allow an
administrator to explicitly specify environment variables set in sessions
started by sshd. These override the default environment and any variables set
by user configuration (PermitUserEnvironment, etc), but not the SSH_*
variables set by sshd itself.

ok markus@

OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0
2018-06-09 13:11:00 +10:00
djm@openbsd.org
3b9798bda1 upstream: reorder child environment preparation so that variables
read from ~/.ssh/environment (if enabled) do not override SSH_* variables set
by the server.

OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
2018-06-09 13:11:00 +10:00
markus@openbsd.org
7f90635216 upstream: switch config file parsing to getline(3) as this avoids
static limits noted by gerhard@; ok dtucker@, djm@

OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
2018-06-07 04:34:05 +10:00
djm@openbsd.org
93c06ab6b7 upstream: permitlisten option for authorized_keys; ok markus@
OpenBSD-Commit-ID: 8650883018d7aa893173d703379e4456a222c672
2018-06-07 04:27:20 +10:00
djm@openbsd.org
115063a664 upstream: Add a PermitListen directive to control which server-side
addresses may be listened on when the client requests remote forwarding (ssh
-R).

This is the converse of the existing PermitOpen directive and this
includes some refactoring to share much of its implementation.

feedback and ok markus@

OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
2018-06-07 04:27:20 +10:00
djm@openbsd.org
9c935dd9bf upstream: make UID available as a %-expansion everywhere that the
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@

OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
2018-06-01 13:35:59 +10:00
djm@openbsd.org
7c85685760 upstream: switch over to the new authorized_keys options API and
remove the legacy one.

Includes a fairly big refactor of auth2-pubkey.c to retain less state
between key file lines.

feedback and ok markus@

OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
2018-03-03 14:37:16 +11:00
Darren Tucker
ddc0f38148 Remove UNICOS support.
The code required to support it is quite invasive to the mainline
code that is synced with upstream and is an ongoing maintenance burden.
Both the hardware and software are literal museum pieces these days and
we could not find anyone still running OpenSSH on one.
2018-02-15 20:04:02 +11:00