Commit Graph

178 Commits

Author SHA1 Message Date
djm@openbsd.org
a69062f169
upstream: handle rlimits > INT_MAX (rlim_t is u64); ok dtucker
bz3581

OpenBSD-Commit-ID: 31cf59c041becc0e5ccb0a77106f812c4cd1cd74
2023-06-21 15:13:54 +10:00
djm@openbsd.org
1883841fc1
upstream: don't print key if printing hostname failed; with/ok
dtucker@

OpenBSD-Commit-ID: ad42971a6ee5a46feab2d79f7f656f8cf4b119f3
2023-03-31 15:32:36 +11:00
jmc@openbsd.org
285cf6cd4b
upstream: space between macro and punctuation; sort usage();
OpenBSD-Commit-ID: 6141610cfca037700730e41f868d1d9124958f8c
2023-02-16 21:11:38 +11:00
djm@openbsd.org
d651f5c9fe
upstream: let ssh-keygen and ssh-keyscan accept
-Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm
selection. bz3493 ok dtucker@

OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
2023-02-10 16:12:42 +11:00
jmc@openbsd.org
0872663a7b
upstream: spelling fixes; from paul tagliamonte amendments to his
diff are noted on tech

OpenBSD-Commit-ID: d776dd03d0b882ca9c83b84f6b384f6f9bd7de4a
2023-01-03 17:53:05 +11:00
cheloha@openbsd.org
b85c3581c1
upstream: remove '?' from getopt(3) loops
userspace: remove vestigial '?' cases from top-level getopt(3) loops

getopt(3) returns '?' when it encounters a flag not present in the in
the optstring or if a flag is missing its option argument.  We can
handle this case with the "default" failure case with no loss of
legibility.  Hence, remove all the redundant "case '?':" lines.

Prompted by dlg@.  With help from dlg@ and millert@.

Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2

ok naddy@ millert@ dlg@

OpenBSD-Commit-ID: b2f89346538ce4f5b33ab8011a23e0626a67e66e
2022-12-09 11:36:12 +11:00
djm@openbsd.org
1192588546
upstream: allow ssh-keyscan(1) to accept CIDR address ranges, e.g.
ssh-keyscan 192.168.0.0/24

If a CIDR range is passed, then it will be expanded to all possible
addresses in the range including the all-0s and all-1s addresses.

bz#976 feedback/ok markus@

OpenBSD-Commit-ID: ce6c5211f936ac0053fd4a2ddb415277931e6c4b
2022-10-28 13:39:35 +11:00
dtucker@openbsd.org
ff89b1bed8 upstream: Strictly enforce the maximum allowed SSH2 banner size in
ssh-keyscan and prevent a one-byte buffer overflow.  Patch from Qualys, ok
djm@

OpenBSD-Commit-ID: 6ae664f9f4db6e8a0589425f74cd0bbf3aeef4e4
2022-08-19 16:34:06 +10:00
deraadt@openbsd.org
d069b020a0 upstream: When poll(2) returns -1, for some error conditions
pfd[].revents is not cleared.  There are subtle errors in various programs.
In this particular case, the program should error out. ok djm millert

OpenBSD-Commit-ID: 00f839b16861f7fb2adcf122e95e8a82fa6a375c
2022-01-25 10:33:03 +11:00
djm@openbsd.org
e9c71498a0 upstream: hash full host:port when asked to hash output, fixes hashes
for non- default ports. bz3367 ok dtucker@

OpenBSD-Commit-ID: 096021cc847da7318ac408742f2d0813ebe9aa73
2021-12-03 11:30:30 +11:00
Darren Tucker
b544ce1ad4 Put poll.h inside ifdef HAVE_POLL_H. 2021-11-18 23:06:35 +11:00
djm@openbsd.org
875408270c upstream: check for POLLHUP wherever we check for POLLIN
OpenBSD-Commit-ID: 6aa6f3ec6b17c3bd9bfec672a917f003a76d93e5
2021-11-18 14:32:54 +11:00
deraadt@openbsd.org
06acb04c20 upstream: aggressively pre-fill the pollfd array with fd=-1
OpenBSD-Commit-ID: c2a525de8f83c1a04405bd79122c424140552a5b
2021-11-18 08:58:54 +11:00
deraadt@openbsd.org
7eec76793d upstream: Convert from select() to ppoll(). Along the way, I
observed that the select() code was using exceptfds incorrectly.. ok millert

OpenBSD-Commit-ID: 548e05bfc31b2af02319eb3d051286d4128dec96
2021-11-18 08:58:54 +11:00
dtucker@openbsd.org
57680a2ab4 upstream: Dynamically allocate encoded HashKnownHosts and free as
appropriate. Saves 1k of static storage and prevents snprintf "possible
truncation" warnings from newer compilers (although in this case it's false
positive since the actual sizes are limited by the output size of the SHA1).
ok djm@

OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
2021-10-06 14:40:32 +11:00
djm@openbsd.org
4ca6a1fac3 upstream: remove global variable used to stash compat flags and use the
purpose-built ssh->compat variable instead; feedback/ok markus@

OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
2021-01-27 20:28:25 +11:00
djm@openbsd.org
2c71cec020 upstream: Update/replace the experimental post-quantim hybrid key
exchange method based on Streamlined NTRU Prime (coupled with X25519).

The previous sntrup4591761x25519-sha512@tinyssh.org method is
replaced with sntrup761x25519-sha512@openssh.com. Per the authors,
sntrup4591761 was replaced almost two years ago by sntrup761.

The sntrup761 implementaion, like sntrup4591761 before it, is public
domain code extracted from the SUPERCOP cryptography benchmark
suite (https://bench.cr.yp.to/supercop.html).

Thanks for Daniel J Bernstein for guidance on algorithm selection.
Patch from Tobias Heider; feedback & ok markus@ and myself

(note this both the updated method and the one that it replaced are
disabled by default)

OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
2020-12-29 12:38:53 +11:00
djm@openbsd.org
f7bd11e494 upstream: fix SEGV on fatal() errors spotted by dtucker@
OpenBSD-Commit-ID: 75f155a1ac61e364ed00dc379e2c42df81067ce2
2020-10-19 19:09:08 +11:00
djm@openbsd.org
816036f142 upstream: use the new variant log macros instead of prepending
__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
2020-10-18 23:46:29 +11:00
djm@openbsd.org
9e2c4f6422 upstream: variants of the log methods that append a ssherr.h string
from a supplied error code; ok markus@

OpenBSD-Commit-ID: aed98c4435d48d036ae6740300f6a8357b7cc0bf
2020-10-18 22:34:20 +11:00
djm@openbsd.org
3554b4afa3 upstream: make the log functions that exit (sshlogdie(),
sshfatal(), etc) have identical signatures. Makes things a bit more
consistent...

OpenBSD-Commit-ID: bd0ae124733389d7c0042e135c71ee9091362eb9
2020-10-17 22:45:37 +11:00
djm@openbsd.org
752250caab upstream: revised log infrastructure for OpenSSH
log functions receive function, filename and line number of caller.
We can use this to selectively enable logging via pattern-lists.

ok markus@

OpenBSD-Commit-ID: 51a472610cbe37834ce6ce4a3f0e0b1ccc95a349
2020-10-17 00:42:29 +11:00
cheloha@openbsd.org
1196d7f49d upstream: ssh-keyscan(1): simplify conloop() with timercmp(3),
timersub(3); ok djm@

OpenBSD-Commit-ID: a102acb544f840d33ad73d40088adab4a687fa27
2020-08-27 11:27:01 +10:00
djm@openbsd.org
9b6e30b96b upstream: allow ssh-keyscan to find security key hostkeys
OpenBSD-Commit-ID: 1fe822a7f714df19a7e7184e3a3bbfbf546811d3
2019-12-16 14:19:41 +11:00
djm@openbsd.org
670104b923 upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@
OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
2019-09-06 17:54:21 +10:00
djm@openbsd.org
7250879c72 upstream: include SHA2-variant RSA key algorithms in KEX proposal;
allows ssh-keyscan to harvest keys from servers that disable olde SHA1
ssh-rsa. bz#3029 from Jakub Jelen

OpenBSD-Commit-ID: 9f95ebf76a150c2f727ca4780fb2599d50bbab7a
2019-07-12 14:09:52 +10:00
deraadt@openbsd.org
4d28fa78ab upstream: When system calls indicate an error they return -1, not
some arbitrary value < 0.  errno is only updated in this case.  Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-07-05 11:10:39 +10:00
otto@openbsd.org
0323d9b619 upstream: Replace calls to ssh_malloc_init() by a static init of
malloc_options. Prepares for changes in the way malloc is initialized.  ok
guenther@ dtucker@

OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
2019-06-08 00:25:42 +10:00
djm@openbsd.org
c2c18a3968 upstream: make ssh-keyscan return a non-zero exit status if it
finds no keys. bz#2903

OpenBSD-Commit-ID: 89f1081fb81d950ebb48e6e73d21807b2723d488
2019-01-27 09:42:19 +11:00
djm@openbsd.org
aaca72d6f1 upstream: rename kex->kem_client_pub -> kex->client_pub now that
KEM has been renamed to kexgen

from markus@ ok djm@

OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8
2019-01-21 23:13:03 +11:00
djm@openbsd.org
92dda34e37 upstream: use KEM API for vanilla ECDH
from markus@ ok djm@

OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
2019-01-21 23:13:02 +11:00
djm@openbsd.org
9c9c97e14f upstream: use KEM API for vanilla DH KEX
from markus@ ok djm@

OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
2019-01-21 22:08:47 +11:00
djm@openbsd.org
2f6a9ddbbf upstream: use KEM API for vanilla c25519 KEX
OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
2019-01-21 22:08:04 +11:00
djm@openbsd.org
dfd591618c upstream: Add support for a PQC KEX/KEM:
sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not
enabled by default.

introduce KEM API; a simplified framework for DH-ish KEX methods.

from markus@ feedback & ok djm@

OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7
2019-01-21 22:07:02 +11:00
Damien Miller
9b655dc9c9 last bits of old packet API / active_state global 2019-01-20 14:55:27 +11:00
markus@openbsd.org
7f90635216 upstream: switch config file parsing to getline(3) as this avoids
static limits noted by gerhard@; ok dtucker@, djm@

OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
2018-06-07 04:34:05 +10:00
jmc@openbsd.org
f493d2b0b6 upstream: apply a lick of paint; tweaks/ok dtucker
OpenBSD-Commit-ID: 518a6736338045e0037f503c21027d958d05e703
2018-03-03 14:20:47 +11:00
markus@openbsd.org
1b11ea7c58 upstream: Add experimental support for PQC XMSS keys (Extended
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
2018-02-26 11:40:41 +11:00
djm@openbsd.org
1a348359e4 upstream: Add ssh-keyscan -D option to make it print its results in
SSHFP format bz#2821, ok dtucker@

OpenBSD-Commit-ID: 831446b582e0f298ca15c9d99c415c899e392221
2018-02-23 17:00:52 +11:00
dtucker@openbsd.org@openbsd.org
5db6fbf143 upstream commit
Add monotime_ts and monotime_tv that return monotonic
timespec and timeval respectively.  Replace calls to gettimeofday() in packet
timing with monotime_tv so that the callers will work over a clock step.
Should prevent integer overflow during clock steps reported by wangle6 at
huawei.com. "I like" markus@

OpenBSD-Commit-ID: 74d684264814ff806f197948b87aa732cb1b0b8a
2017-11-28 12:01:49 +11:00
dtucker@openbsd.org
d79bceb931 upstream commit
Only call close once in confree().  ssh_packet_close will
close the FD so only explicitly close non-SSH channels.  bz#2734, from
bagajjal at microsoft.com, ok djm@

Upstream-ID: a81ce0c8b023527167739fccf1732b154718ab02
2017-06-30 16:07:55 +10:00
markus@openbsd.org
92e9fe6331 upstream commit
remove now obsolete ctx from ssh_dispatch_run; ok djm@

Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
2017-06-01 14:53:33 +10:00
djm@openbsd.org
930e8d2827 upstream commit
obliterate ssh1.h and some dead code that used it

ok markus@

Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
2017-05-01 10:05:06 +10:00
djm@openbsd.org
873d3e7d9a upstream commit
remove KEY_RSA1

ok markus@

Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
2017-05-01 10:05:01 +10:00
djm@openbsd.org
97f4d3083b upstream commit
remove compat20/compat13/compat15 variables

ok markus@

Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
2017-05-01 09:42:37 +10:00
djm@openbsd.org
56912dea6e upstream commit
unifdef WITH_SSH1 ok markus@

Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
2017-05-01 09:37:40 +10:00
djm@openbsd.org
db2597207e upstream commit
ensure hostname is lower-case before hashing it;
bz#2591 reported by Griff Miller II; ok dtucker@

Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
2017-03-10 15:35:39 +11:00
djm@openbsd.org
8a2834454c upstream commit
correctly hash hosts with a port number. Reported by Josh
Powers in bz#2692; ok dtucker@

Upstream-ID: 468e357ff143e00acc05bdd2803a696b3d4b6442
2017-03-10 15:25:11 +11:00
djm@openbsd.org
f89b928534 upstream commit
Avoid confusing error message when attempting to use
ssh-keyscan built without SSH protocol v.1 to scan for v.1 keys; bz#2583

Upstream-ID: 5d214abd3a21337d67c6dcc5aa6f313298d0d165
2017-01-30 11:05:18 +11:00
djm@openbsd.org
0e8eeec8e7 upstream commit
add support for additional fixed DH groups from
 draft-ietf-curdle-ssh-kex-sha2-03

diffie-hellman-group14-sha256 (2K group)
diffie-hellman-group16-sha512 (4K group)
diffie-hellman-group18-sha512 (8K group)

based on patch from Mark D. Baushke and Darren Tucker
ok markus@

Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
2016-05-02 20:39:32 +10:00