summaryrefslogtreecommitdiff
path: root/sshconnect2.c
Commit message (Collapse)AuthorAgeFilesLines
* upstream: second try, deals properly with missing and private-onlydjm@openbsd.org2018-09-141-26/+53
| | | | | | | | | | | Use consistent format in debug log for keys readied, offered and received during public key authentication. This makes it a little easier to see what is going on, as each message now contains (where available) the key filename, its type and fingerprint, and whether the key is hosted in an agent or a token. OpenBSD-Commit-ID: f1c6a8e9cfc4e108c359db77f24f9a40e1e25ea7
* upstream: revert following; deals badly with agent keysdjm@openbsd.org2018-09-141-47/+26
| | | | | | | | | | | | | revision 1.285 date: 2018/09/14 04:17:12; author: djm; state: Exp; lines: +47 -26; commitid: lflGFcNb2X2HebaK; Use consistent format in debug log for keys readied, offered and received during public key authentication. This makes it a little easier to see what is going on, as each message now contains the key filename, its type and fingerprint, and whether the key is hosted in an agent or a token. OpenBSD-Commit-ID: e496bd004e452d4b051f33ed9ae6a54ab918f56d
* upstream: Use consistent format in debug log for keys readied,djm@openbsd.org2018-09-141-26/+47
| | | | | | | | | | offered and received during public key authentication. This makes it a little easier to see what is going on, as each message now contains the key filename, its type and fingerprint, and whether the key is hosted in an agent or a token. OpenBSD-Commit-ID: 2a01d59285a8a7e01185bb0a43316084b4f06a1f
* upstream: revert compat.[ch] section of the following change. Itdjm@openbsd.org2018-08-131-8/+7
| | | | | | | | | | | | causes double-free under some circumstances. -- date: 2018/07/31 03:07:24; author: djm; state: Exp; lines: +33 -18; commitid: f7g4UI8eeOXReTPh; fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366 feedback and ok dtucker@ OpenBSD-Commit-ID: 1e77547f60fdb5e2ffe23e2e4733c54d8d2d1137
* upstream: fix some memory leaks spotted by Coverity via Jakub Jelendjm@openbsd.org2018-07-311-7/+8
| | | | | | in bz#2366 feedback and ok dtucker@ OpenBSD-Commit-ID: 8402bbae67d578bedbadb0ce68ff7c5a136ef563
* upstream: Remove support for running ssh(1) setuid and fatal ifdtucker@openbsd.org2018-07-191-2/+1
| | | | | | | | attempted. Do not link uidwap.c into ssh any more. Neuters UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ djm@ OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
* upstream: Remove support for loading HostBasedAuthentication keysdtucker@openbsd.org2018-07-191-7/+3
| | | | | | | directly in ssh(1) and always use ssh-keysign. This removes one of the few remaining reasons why ssh(1) might be setuid. ok markus@ OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d
* upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@markus@openbsd.org2018-07-121-3/+3
| | | | OpenBSD-Commit-ID: f88ba43c9d54ed2d911218aa8d3f6285430629c3
* upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org2018-07-121-6/+6
| | | | OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
* upstream: client: switch to sshbuf API; ok djm@markus@openbsd.org2018-07-101-212/+277
| | | | OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
* upstream: Revert previous two commitssf@openbsd.org2018-07-101-2/+2
| | | | | | | | | | | | | | | | | | | | | | It turns out we still support pre-auth compression on the client. Therefore revert the previous two commits: date: 2018/07/06 09:06:14; author: sf; commitid: yZVYKIRtUZWD9CmE; Rename COMP_DELAYED to COMP_ZLIB Only delayed compression is supported nowadays. ok markus@ date: 2018/07/06 09:05:01; author: sf; commitid: rEGuT5UgI9f6kddP; Remove leftovers from pre-authentication compression Support for this has been removed in 2016. COMP_DELAYED will be renamed in a later commit. ok markus@ OpenBSD-Commit-ID: cdfef526357e4e1483c86cf599491b2dafb77772
* upstream: Remove leftovers from pre-authentication compressionsf@openbsd.org2018-07-101-2/+2
| | | | | | | | | Support for this has been removed in 2016. COMP_DELAYED will be renamed in a later commit. ok markus@ OpenBSD-Commit-ID: 6a99616c832627157113fcb0cf5a752daf2e6b58
* upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSAdjm@openbsd.org2018-07-041-4/+6
| | | | | | | | | | | | | | | | signature work - returns ability to add/remove/specify algorithms by wildcard. Algorithm lists are now fully expanded when the server/client configs are finalised, so errors are reported early and the config dumps (e.g. "ssh -G ...") now list the actual algorithms selected. Clarify that, while wildcards are accepted in algorithm lists, they aren't full pattern-lists that support negation. (lots of) feedback, ok markus@ OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207
* upstream: some finesse to fix RSA-SHA2 certificate authenticationdjm@openbsd.org2018-07-031-3/+6
| | | | | | for certs hosted in ssh-agent OpenBSD-Commit-ID: e5fd5edd726137dda2d020e1cdebc464110a010f
* upstream: check correct variable; unbreak agent keysdjm@openbsd.org2018-07-031-2/+2
| | | | OpenBSD-Commit-ID: c36981fdf1f3ce04966d3310826a3e1e6233d93e
* upstream: Improve strictness and control over RSA-SHA2 signaturedjm@openbsd.org2018-07-031-129/+216
| | | | | | | | | | | | | | | | | | | | | | | In ssh, when an agent fails to return a RSA-SHA2 signature when requested and falls back to RSA-SHA1 instead, retry the signature to ensure that the public key algorithm sent in the SSH_MSG_USERAUTH matches the one in the signature itself. In sshd, strictly enforce that the public key algorithm sent in the SSH_MSG_USERAUTH message matches what appears in the signature. Make the sshd_config PubkeyAcceptedKeyTypes and HostbasedAcceptedKeyTypes options control accepted signature algorithms (previously they selected supported key types). This allows these options to ban RSA-SHA1 in favour of RSA-SHA2. Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures with certificate keys. feedback and ok markus@ OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
* upstream: whitespacedjm@openbsd.org2018-06-261-2/+2
| | | | OpenBSD-Commit-ID: 9276951caf4daf555f6d262e95720e7f79244572
* upstream: fix bogus warning when signing cert keys using agent;markus@openbsd.org2018-03-251-1/+3
| | | | | | from djm; ok deraadt dtucker OpenBSD-Commit-ID: 12e50836ba2040042383a8b71e12d7ea06e9633d
* upstream: warn when the agent returns a signature type that wasdjm@openbsd.org2018-03-031-7/+34
| | | | | | | | different to what was requested. This might happen when an old/non-OpenSSH agent is asked to make a rsa-sha2-256/512 signature but only supports ssh-rsa. bz#2799 feedback and ok markus@ OpenBSD-Commit-ID: 760c0f9438c5c58abc16b5f98008ff2d95cb13ce
* upstream commitdtucker@openbsd.org2018-02-091-3/+2
| | | | | | | ssh_free checks for and handles NULL args, remove NULL checks from remaining callers. ok djm@ OpenBSD-Commit-ID: bb926825c53724c069df68a93a2597f9192f7e7b
* upstream commitdjm@openbsd.org2018-01-231-45/+10
| | | | | | | | | | | | | Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
* upstream commitdtucker@openbsd.org2017-09-041-3/+3
| | | | | | | | Increase the buffer sizes for user prompts to ensure that they won't be truncated by snprintf. Based on patch from cjwatson at debian.org via bz#2768, ok djm@ Upstream-ID: 6ffacf1abec8f40b469de5b94bfb29997d96af3e
* upstream commitdjm@openbsd.org2017-08-121-1/+6
| | | | | | | refuse to a private keys when its corresponding .pub key does not match. bz#2737 ok dtucker@ Upstream-ID: 54ff5e2db00037f9db8d61690f26ef8f16e0d913
* upstream commitdtucker@openbsd.org2017-06-161-2/+3
| | | | | | | | Add user@host prefix to client's "Permisison denied" messages, useful in particular when using "stacked" connections where it's not clear which host is denying. bz#2720, ok djm@ markus@ Upstream-ID: de88e1e9dcb050c98e85377482d1287a9fe0d2be
* upstream commitmarkus@openbsd.org2017-06-011-3/+3
| | | | | | remove now obsolete ctx from ssh_dispatch_run; ok djm@ Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
* upstream commitdjm@openbsd.org2017-05-311-5/+4
| | | | | | another ctx => ssh conversion (in GSSAPI code) Upstream-ID: 4d6574c3948075c60608d8e045af42fe5b5d8ae0
* upstream commitmarkus@openbsd.org2017-05-311-41/+31
| | | | | | protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
* upstream commitmarkus@openbsd.org2017-05-311-15/+27
| | | | | | ssh: pass struct ssh to auth functions, too; ok djm@ Upstream-ID: d13c509cc782f8f19728fbea47ac7cf36f6e85dd
* upstream commitmarkus@openbsd.org2017-05-311-7/+7
| | | | | | switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
* upstream commitnaddy@openbsd.org2017-05-081-2/+2
| | | | | | | more simplification and removal of SSHv1-related code; ok djm@ Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
* upstream commitdjm@openbsd.org2017-05-011-5/+2
| | | | | | | | remove KEY_RSA1 ok markus@ Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
* upstream commitdjm@openbsd.org2017-04-281-3/+12
| | | | | | | include key fingerprint in "Offering public key" debug message Upstream-ID: 964749f820c2ed4cf6a866268b1a05e907315c52
* upstream commitdjm@openbsd.org2017-03-121-15/+52
| | | | | | | | allow ssh to use certificates accompanied by a private key file but no corresponding plain *.pub public key. bz#2617 based on patch from Adam Eijdenberg; ok dtucker@ markus@ Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9
* upstream commitdtucker@openbsd.org2017-02-031-3/+3
| | | | | | | | | | | | | | | | Make ssh_packet_set_rekey_limits take u32 for the number of seconds until rekeying (negative values are rejected at config parse time). This allows the removal of some casts and a signed vs unsigned comparison warning. rekey_time is cast to int64 for the comparison which is a no-op on OpenBSD, but should also do the right thing in -portable on anything still using 32bit time_t (until the system time actually wraps, anyway). some early guidance deraadt@, ok djm@ Upstream-ID: c9f18613afb994a07e7622eb326f49de3d123b6c
* upstream commitdjm@openbsd.org2017-01-301-2/+2
| | | | | | misplaced braces in test; from Karsten Weiss Upstream-ID: f7b794074d3aae8e35b69a91d211c599c94afaae
* upstream commitdjm@openbsd.org2017-01-301-3/+3
| | | | | | | don't dereference authctxt before testing != NULL, it causes compilers to make assumptions; from Karsten Weiss Upstream-ID: 794243aad1e976ebc717885b7a97a25e00c031b2
* upstream commitdjm@openbsd.org2016-12-051-3/+13
| | | | | | | | | | | Fix public key authentication when multiple authentication is in use. Instead of deleting and re-preparing the entire keys list, just reset the 'used' flags; the keys list is already in a good order (with already- tried keys at the back) Analysis and patch from Vincent Brillault on bz#2642; ok dtucker@ Upstream-ID: 7123f12dc2f3bcaae715853035a97923d7300176
* upstream commitdjm@openbsd.org2016-09-291-2/+2
| | | | | | | | | | | | | restore pre-auth compression support in the client -- the previous commit was intended to remove it from the server only. remove a few server-side pre-auth compression bits that escaped adjust wording of Compression directive in sshd_config(5) pointed out by naddy@ ok markus@ Upstream-ID: d23696ed72a228dacd4839dd9f2dec424ba2016b
* upstream commitdjm@openbsd.org2016-09-291-2/+2
| | | | | | | | | | | | | | | | | | | | Remove support for pre-authentication compression. Doing compression early in the protocol probably seemed reasonable in the 1990s, but today it's clearly a bad idea in terms of both cryptography (cf. multiple compression oracle attacks in TLS) and attack surface. Moreover, to support it across privilege-separation zlib needed the assistance of a complex shared-memory manager that made the required attack surface considerably larger. Prompted by Guido Vranken pointing out a compiler-elided security check in the shared memory manager found by Stack (http://css.csail.mit.edu/stack/); ok deraadt@ markus@ NB. pre-auth authentication has been disabled by default in sshd for >10 years. Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
* upstream commitdtucker@openbsd.org2016-09-241-1/+3
| | | | | | | | If ssh receives a PACKET_DISCONNECT during userauth it will cause ssh_dispatch_run(DISPATCH_BLOCK, ...) to return without the session being authenticated. Check for this and exit if necessary. ok djm@ Upstream-ID: b3afe126c0839d2eae6cddd41ff2ba317eda0903
* upstream commitdtucker@openbsd.org2016-07-231-2/+2
| | | | | | | | Lower loglevel for "Authenticated with partial success" message similar to other similar level. bz#2599, patch from cgallek at gmail.com, ok markus@ Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
* upstream commitdjm@openbsd.org2016-07-171-13/+8
| | | | | | | | | support UTF-8 characters in ssh(1) banners using schwarze@'s safe fmprintf printer; bz#2058 feedback schwarze@ ok dtucker@ Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
* upstream commitdtucker@openbsd.org2016-06-061-8/+4
| | | | | | | KNF compression proposal and simplify the client side a little. ok djm@ Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
* upstream commitdjm@openbsd.org2016-06-061-24/+24
| | | | | | prefer agent-hosted keys to keys from PKCS#11; ok markus Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
* upstream commitdjm@openbsd.org2016-05-021-1/+4
| | | | | | | | | | | | | | add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
* upstream commitdjm@openbsd.org2016-05-021-3/+3
| | | | | | | | fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
* upstream commitdjm@openbsd.org2016-04-291-3/+3
| | | | | | fix comment Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
* upstream commitdjm@openbsd.org2016-03-151-6/+2
| | | | | | | | | | unbreak authentication using lone certificate keys in ssh-agent: when attempting pubkey auth with a certificate, if no separate private key is found among the keys then try with the certificate key itself. bz#2550 reported by Peter Moody Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966
* upstream commitdjm@openbsd.org2016-02-231-3/+4
| | | | | | | fix spurious error message when incorrect passphrase entered for keys; reported by espie@ ok deraadt@ Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899
* upstream commitjsg@openbsd.org2016-02-081-2/+2
| | | | | | | avoid an uninitialised value when NumberOfPasswordPrompts is 0 ok markus@ djm@ Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
View Lorry Controller Status