Commit Graph

8191 Commits

Author SHA1 Message Date
markus@openbsd.org
fc77ccdc2c upstream commit
fd leaks; report Qualys Security Advisory team; ok
 deraadt@

Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
2016-01-27 16:54:10 +11:00
markus@openbsd.org
a306863831 upstream commit
remove roaming support; ok djm@

Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
2016-01-27 16:54:10 +11:00
deraadt@openbsd.org
6ef49e83e3 upstream commit
Disable experimental client-side roaming support.  Server
 side was disabled/gutted for years already, but this aspect was surprisingly
 forgotten. Thanks for report from Qualys

Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
2016-01-27 16:41:49 +11:00
Damien Miller
8d7b523b96 bump version numbers 2016-01-27 16:39:01 +11:00
Damien Miller
8c3d512a1f openssh-7.1p2 2016-01-27 16:38:56 +11:00
Damien Miller
e6c85f8889 forcibly disable roaming support in the client 2016-01-15 01:30:36 +11:00
djm@openbsd.org
ed4ce82dbf upstream commit
eliminate fallback from untrusted X11 forwarding to trusted
 forwarding when the X server disables the SECURITY extension; Reported by
 Thomas Hoger; ok deraadt@

Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
2016-01-14 10:06:01 +11:00
djm@openbsd.org
9a728cc918 upstream commit
use explicit_bzero() more liberally in the buffer code; ok
 deraadt

Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
2016-01-13 10:48:11 +11:00
Damien Miller
4626cbaf78 Support Illumos/Solaris fine-grained privileges
Includes a pre-auth privsep sandbox and several pledge()
emulations. bz#2511, patch by Alex Wilson.

ok dtucker@
2016-01-08 14:29:12 +11:00
djm@openbsd.org
422d1b3ee9 upstream commit
fix three bugs in KRL code related to (unused) signature
 support: verification length was being incorrectly calculated, multiple
 signatures were being incorrectly processed and a NULL dereference that
 occurred when signatures were verified. Reported by Carl Jackson

Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
2016-01-07 20:13:33 +11:00
djm@openbsd.org
6074c84bf9 upstream commit
unused prototype

Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
2016-01-07 20:13:32 +11:00
guenther@openbsd.org
6213f0e180 upstream commit
Use pread/pwrite instead separate lseek+read/write for
 lastlog. Cast to off_t before multiplication to avoid truncation on ILP32

ok kettenis@ mmcc@

Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf
2016-01-07 20:13:31 +11:00
semarie@openbsd.org
d7d2bc9504 upstream commit
adjust pledge promises for ControlMaster: when using
 "ask" or "autoask", the process will use ssh-askpass for asking confirmation.

problem found by halex@

ok halex@

Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
2016-01-07 20:13:31 +11:00
djm@openbsd.org
271df8185d upstream commit
unbreak connections with peers that set
 first_kex_follows; fix from Matt Johnston va bz#2515

Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
2015-12-18 14:50:49 +11:00
doug@openbsd.org
43849a47c5 upstream commit
Add "id" to ssh-agent pledge for subprocess support.

Found the hard way by Jan Johansson when using ssh-agent with X.  Also,
rearranged proc/exec and retval to match other pledge calls in the tree.

ok djm@

Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
2015-12-18 14:50:49 +11:00
mmcc@openbsd.org
52d7078421 upstream commit
Remove NULL-checks before sshbuf_free().

ok djm@

Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
2015-12-18 14:50:48 +11:00
djm@openbsd.org
a4b9e0f4e4 upstream commit
include remote port number in a few more messages; makes
 tying log messages together into a session a bit easier; bz#2503 ok dtucker@

Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e
2015-12-18 14:50:10 +11:00
djm@openbsd.org
6091c362e8 upstream commit
don't try to load SSHv1 private key when compiled without
 SSHv1 support. From Iain Morgan bz#2505

Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7
2015-12-18 14:50:09 +11:00
djm@openbsd.org
cce6a36bb9 upstream commit
use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
 reading key files. Increase it to match the size of the buffers already being
 used.

Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
2015-12-18 14:49:32 +11:00
mmcc@openbsd.org
89540b6de0 upstream commit
Remove NULL-checks before sshkey_free().

ok djm@

Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
2015-12-18 14:49:32 +11:00
dtucker@openbsd.org
79394ed6d7 upstream commit
fflush stdout so that output is seen even when running in
 debug mode when output may otherwise not be flushed.  Patch from dustin at
 null-ptr.net.

Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc
2015-12-18 14:49:32 +11:00
Darren Tucker
ee607cccb6 Increase robustness of redhat/openssh.spec
- remove configure --with-rsh, because this option isn't supported anymore
 - replace last occurrence of BuildPreReq by BuildRequires
 - update grep statement to query the krb5 include directory

Patch from CarstenGrohmann via github, ok djm.
2015-12-15 15:23:49 +11:00
Darren Tucker
b5fa0cd735 Allow --without-ssl-engine with --without-openssl
Patch from Mike Frysinger via github.
2015-12-15 15:10:32 +11:00
Darren Tucker
c1d7e546f6 Include openssl crypto.h for SSLeay.
Patch from doughdemon via github.
2015-12-15 14:27:09 +11:00
Darren Tucker
c6f5f01651 Add sys/time.h for gettimeofday.
Should allow it it compile with MUSL libc.  Based on patch from
doughdemon via github.
2015-12-15 13:59:12 +11:00
djm@openbsd.org
39736be06c upstream commit
correct error messages; from Tomas Kuthan bz#2507

Upstream-ID: 7454a0affeab772398052954c79300aa82077093
2015-12-11 13:23:14 +11:00
mmcc@openbsd.org
94141b7ade upstream commit
Pass (char *)NULL rather than (char *)0 to execl and
 execlp.

ok dtucker@

Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492
2015-12-11 13:23:14 +11:00
mmcc@openbsd.org
d59ce08811 upstream commit
Remove NULL-checks before free().

ok dtucker@

Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
2015-12-11 13:23:14 +11:00
mmcc@openbsd.org
8e56dd46cb upstream commit
Fix a couple "the the" typos. ok dtucker@

Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72
2015-12-11 13:23:13 +11:00
markus@openbsd.org
6262a0522d upstream commit
stricter encoding type checks for ssh-rsa; ok djm@

Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650
2015-12-11 13:23:13 +11:00
Damien Miller
d86a3ba7af Don't set IPV6_V6ONLY on OpenBSD
It isn't necessary and runs afoul of pledge(2) restrictions.
2015-12-09 09:18:45 +11:00
djm@openbsd.org
da98c11d03 upstream commit
basic unit tests for rsa-sha2-* signature types

Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
2015-12-07 13:21:30 +11:00
markus@openbsd.org
3da893fdec upstream commit
prefer rsa-sha2-512 over -256 for hostkeys, too; noticed
 by naddy@

Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe
2015-12-07 12:39:20 +11:00
tobias@openbsd.org
8b56e59714 upstream commit
Properly handle invalid %-format by calling fatal.

ok deraadt, djm

Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
2015-12-07 12:38:59 +11:00
markus@openbsd.org
76c9fbbe35 upstream commit
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
 draft-ssh-ext-info-04.txt; with & ok djm@

Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2015-12-07 12:38:58 +11:00
djm@openbsd.org
6064a8b829 upstream commit
clean up agent_fd handling; properly initialise it to -1
 and make tests consistent

ok markus@

Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
2015-12-04 15:15:00 +11:00
semarie@openbsd.org
b91926a976 upstream commit
pledges ssh client:   - mux client: which is used when
 ControlMaster is in use.     will end with "stdio proc tty" (proc is to
 permit sending SIGWINCH to mux master on window resize)

  - client loop: several levels of pledging depending of your used options

ok deraadt@

Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
2015-12-04 15:14:59 +11:00
doug@openbsd.org
bcce47466b upstream commit
Add "cpath" to the ssh-agent pledge so the cleanup
 handler can unlink().

ok djm@

Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
2015-12-04 15:14:59 +11:00
djm@openbsd.org
a90d001543 upstream commit
ssh-agent pledge needs proc for askpass; spotted by todd@

Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
2015-12-04 15:14:58 +11:00
djm@openbsd.org
d952162b3c upstream commit
basic pledge() for ssh-agent, more refinement needed

Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
2015-12-04 15:14:58 +11:00
Damien Miller
f0191d7c8e Revert "stub for pledge(2) for systems that lack it"
This reverts commit 14c887c839.

dtucker beat me to it :/
2015-11-30 10:53:25 +11:00
Damien Miller
6283cc72eb revert 7d4c7513: bring back S/Key prototypes
(but leave RCSID changes)
2015-11-30 10:37:03 +11:00
Damien Miller
14c887c839 stub for pledge(2) for systems that lack it 2015-11-30 09:45:54 +11:00
djm@openbsd.org
452c0b6af5 upstream commit
pledge, better fatal() messages; feedback deraadt@

Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
2015-11-30 09:45:53 +11:00
deraadt@openbsd.org
6da413c085 upstream commit
do not leak temp file if there is no known_hosts file
 from craig leres, ok djm

Upstream-ID: c820497fd5574844c782e79405c55860f170e426
2015-11-30 09:45:53 +11:00
Darren Tucker
3ddd15e1b6 Add a null implementation of pledge.
Fixes builds on almost everything.
2015-11-30 07:23:53 +11:00
djm@openbsd.org
b1d6b3971e upstream commit
don't include port number in tcpip-forward replies for
 requests that don't allocate a port; bz#2509 diagnosed by Ron Frederick ok
 markus

Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a
2015-11-28 17:44:33 +11:00
deraadt@openbsd.org
9080bd0b9c upstream commit
pledge "stdio rpath wpath cpath fattr tty proc exec"
 except for the -p option (which sadly has insane semantics...) ok semarie
 dtucker

Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059
2015-11-28 17:44:33 +11:00
halex@openbsd.org
4d90625b22 upstream commit
allow comment change for all supported formats

ok djm@

Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
2015-11-28 17:44:32 +11:00
djm@openbsd.org
8ca915fc76 upstream commit
add cast to make -Werror clean

Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d
2015-11-20 12:46:06 +11:00