summaryrefslogtreecommitdiff
path: root/sshd.c
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Remove debug message from sigchld handler. While thisdtucker@openbsd.org2021-02-051-3/+1
| | | | | | | works on OpenBSD it can cause problems on other platforms. From kircherlike at outlook.com via bz#3259, ok djm@ OpenBSD-Commit-ID: 3e241d7ac1ee77e3de3651780b5dc47b283a7668
* upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_tdjm@openbsd.org2021-01-271-11/+1
| | | | | | | and use that instead of global variables containing copies of it. feedback/ok markus@ OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
* upstream: remove global variable used to stash compat flags and use thedjm@openbsd.org2021-01-271-5/+5
| | | | | | purpose-built ssh->compat variable instead; feedback/ok markus@ OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
* upstream: Add PerSourceMaxStartups and PerSourceNetBlockSizedtucker@openbsd.org2021-01-111-5/+15
| | | | | | | options which provide more fine grained MaxStartups limits. Man page help jmc@, feedback & ok djm@ OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
* upstream: Update/replace the experimental post-quantim hybrid keydjm@openbsd.org2020-12-291-2/+2
| | | | | | | | | | | | | | | | | | | | exchange method based on Streamlined NTRU Prime (coupled with X25519). The previous sntrup4591761x25519-sha512@tinyssh.org method is replaced with sntrup761x25519-sha512@openssh.com. Per the authors, sntrup4591761 was replaced almost two years ago by sntrup761. The sntrup761 implementaion, like sntrup4591761 before it, is public domain code extracted from the SUPERCOP cryptography benchmark suite (https://bench.cr.yp.to/supercop.html). Thanks for Daniel J Bernstein for guidance on algorithm selection. Patch from Tobias Heider; feedback & ok markus@ and myself (note this both the updated method and the one that it replaced are disabled by default) OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
* upstream: Replace WITH_OPENSSL ifdefs in log calls with a macro.dtucker@openbsd.org2020-11-091-16/+3
| | | | | | | | The log calls are themselves now macros, and preprocessor directives inside macro arguments are undefined behaviour which some compilers (eg old GCCs) choke on. It also makes the code tidier. ok deraadt@ OpenBSD-Commit-ID: cc12a9029833d222043aecd252d654965c351a69
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-78/+73
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: LogVerbose keyword for ssh and sshddjm@openbsd.org2020-10-171-2/+5
| | | | | | | | | Allows forcing maximum debug logging by file/function/line pattern- lists. ok markus@ OpenBSD-Commit-ID: c294c25732d1b4fe7e345cb3e044df00531a6356
* upstream: There are lots of place where we want to redirect stdin,djm@openbsd.org2020-10-031-19/+5
| | | | | | | | stdout and/or stderr to /dev/null. Factor all these out to a single stdfd_devnull() function that allows selection of which of these to redirect. ok markus@ OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099
* upstream: support for user-verified FIDO keysdjm@openbsd.org2020-08-271-4/+4
| | | | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
* upstream: update setproctitle after re-exec; ok djmmarkus@openbsd.org2020-07-151-1/+2
| | | | OpenBSD-Commit-ID: bc92d122f9184ec2a9471ade754b80edd034ce8b
* upstream: keep ignoring HUP after fork+exec; ok djmmarkus@openbsd.org2020-07-151-1/+2
| | | | OpenBSD-Commit-ID: 7679985a84ee5ceb09839905bb6f3ddd568749a2
* upstream: don't exit the listener on send_rexec_state errors; okmarkus@openbsd.org2020-07-151-2/+2
| | | | | | djm OpenBSD-Commit-ID: 57cbd757d130d3f45b7d41310b3a15eeec137d5c
* upstream: check public host key matches private; ok markus@ (asdjm@openbsd.org2020-06-191-2/+11
| | | | | | part of previous diff) OpenBSD-Commit-ID: 65a4f66436028748b59fb88b264cb8c94ce2ba63
* upstream: unbreak "sshd -ddd" - close of config passing fd happened toodjm@openbsd.org2020-06-051-2/+1
| | | | | | early. ok markus@ OpenBSD-Commit-ID: 49346e945c6447aca3e904e65fc400128d2f8ed0
* upstream: improve logging for MaxStartups connection throttling:djm@openbsd.org2020-05-271-24/+64
| | | | | | | have sshd log when it starts and stops throttling and periodically while in this state. bz#3055 ok markus@ OpenBSD-Commit-ID: 2e07a09a62ab45d790d3d2d714f8cc09a9ac7ab9
* upstream: sshd listener must not block if reexecd sshd exitsmarkus@openbsd.org2020-05-271-2/+3
| | | | | | | | | in write(2) on config_s[0] if the forked child exits early before finishing recv_rexec_state (e.g. with fatal()) because config_s[1] stays open in the parent. this prevents the parent from accepting new connections. ok djm, deraadt OpenBSD-Commit-ID: 92ccfeb939ccd55bda914dc3fe84582158c4a9ef
* upstream: fix compilation with DEBUG_KEXDH; bz#3160 ok dtucker@djm@openbsd.org2020-05-271-5/+6
| | | | OpenBSD-Commit-ID: 832e771948fb45f2270e8b8895aac36d176ba17a
* upstream: use sshpkt_fatal() for kex_exchange_identification()djm@openbsd.org2020-03-141-3/+4
| | | | | | | | errors. This ensures that the logged errors are consistent with other transport- layer errors and that the relevant IP addresses are logged. bz3129 ok dtucker@ OpenBSD-Commit-ID: 2c22891f0b9e1a6cd46771cedbb26ac96ec2e6ab
* upstream: Don't clear alarm timers in listening sshd. Previouslydtucker@openbsd.org2020-03-141-8/+2
| | | | | | | | these timers were used for regenerating the SSH1 ephemeral host keys but those are now gone so there's no need to clear the timers either. ok deraadt@ OpenBSD-Commit-ID: 280d2b885e4a1ce404632e8cc38fcb17be7dafc0
* upstream: spelling errors in comments; no code change fromdjm@openbsd.org2020-03-141-2/+2
| | | | OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
* upstream: whitespacedjm@openbsd.org2020-02-011-3/+2
| | | | OpenBSD-Commit-ID: 564cf7a5407ecf5da2d94ec15474e07427986772
* upstream: force early logging to stderr if debug_flag (-d) is set;djm@openbsd.org2020-02-011-2/+2
| | | | | | avoids missing messages from re-exec config passing OpenBSD-Commit-ID: 02484b8241c1f49010e7a543a7098e6910a8c9ff
* upstream: mistake in previous: filling the incorrect bufferdjm@openbsd.org2020-02-011-1/+1
| | | | OpenBSD-Commit-ID: 862ee84bd4b97b529f64aec5d800c3dcde952e3a
* upstream: Add a sshd_config "Include" directive to allow inclusiondjm@openbsd.org2020-02-011-16/+49
| | | | | | | | of files. This has sensible semantics wrt Match blocks and accepts glob(3) patterns to specify the included files. Based on patch by Jakub Jelen in bz2468; feedback and ok markus@ OpenBSD-Commit-ID: 36ed0e845b872e33f03355b936a4fff02d5794ff
* upstream: tweak proctitle to include sshd arguments, as these aredjm@openbsd.org2020-01-251-4/+18
| | | | | | | | | | | | frequently used to distinguish between multiple independent instances of the server. New proctitle looks like this: $ pgrep -lf sshd 12844 sshd: /usr/sbin/sshd -f /etc/ssh/sshd_config [listener] 0 of 10-100 startups requested by sthen@ and aja@; ok aja@ OpenBSD-Commit-ID: cf235a561c655a3524a82003cf7244ecb48ccc1e
* upstream: Replace all calls to signal(2) with a wrapper arounddtucker@openbsd.org2020-01-231-16/+18
| | | | | | | | sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
* upstream: expose the number of currently-authenticating connectionsdjm@openbsd.org2020-01-221-2/+8
| | | | | | | along with the MaxStartups limit in the proctitle; suggestion from Philipp Marek, w/ feedback from Craig Miskell ok dtucker@ OpenBSD-Commit-ID: a4a6db2dc1641a5df8eddf7d6652176e359dffb3
* remove accidental change in f8c11461Damien Miller2020-01-221-6/+1
|
* upstream: pass SSH_SK_HELPER explicitly past $SUDO to avoid it gettingdjm@openbsd.org2020-01-211-1/+6
| | | | | | cleared; with dtucker@ OpenBSD-Regress-ID: 03178a0580324bf0dff28f7eac6c3edbc5407f8e
* upstream: allow security keys to act as host keys as well as userdjm@openbsd.org2019-12-161-7/+35
| | | | | | | | | | | | | keys. Previously we didn't do this because we didn't want to expose the attack surface presented by USB and FIDO protocol handling, but now that this is insulated behind ssh-sk-helper there is less risk. ok markus@ OpenBSD-Commit-ID: 77b068dd133b8d87e0f010987bd5131e640ee64c
* upstream: additional missing stdarg.h includes when built withoutnaddy@openbsd.org2019-11-201-1/+1
| | | | | | WITH_OPENSSL; ok djm@ OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
* upstream: When clients get denied by MaxStartups, send adtucker@openbsd.org2019-11-151-1/+4
| | | | | | | noification prior to the SSH2 protocol banner according to RFC4253 section 4.2. ok djm@ deraadt@ markus@ OpenBSD-Commit-ID: e5dabcb722d54dea18eafb336d50b733af4f9c63
* upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org2019-11-011-4/+4
| | | | | | | | | | | | | including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
* upstream: Signal handler cleanup: remove leftover support fordtucker@openbsd.org2019-10-291-4/+1
| | | | | | | unreliable signals and now-unneeded save and restore of errno. ok deraadt@ markus@ OpenBSD-Commit-ID: 01dd8a1ebdd991c8629ba1f5237283341a93cd88
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-15/+15
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* upstream: Add protection for private keys at rest in RAM againstdjm@openbsd.org2019-06-211-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | | speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large "prekey" consisting of random data (currently 16KB). Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely. Implementation-wise, keys are encrypted "shielded" when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised. Hopefully we can remove this in a few years time when computer architecture has become less unsafe. been in snaps for a bit already; thanks deraadt@ ok dtucker@ deraadt@ OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
* upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org2019-06-081-3/+1
| | | | | | | malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
* upstream: When running sshd -T, assume any attibute not provided bydtucker@openbsd.org2019-05-081-1/+2
| | | | | | | -C does not match, which allows it to work when sshd_config contains a Match directive with or without -C. bz#2858, ok djm@ OpenBSD-Commit-ID: 1a701f0a33e3bc96753cfda2fe0b0378520b82eb
* upstream: Fix two race conditions in sshd relating to SIGHUP:djm@openbsd.org2019-03-011-28/+86
| | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Recently-forked child processes will briefly remain listening to listen_socks. If the main server sshd process completes its restart via execv() before these sockets are closed by the child processes then it can fail to listen at the desired addresses/ports and/or fail to restart. 2. When a SIGHUP is received, there may be forked child processes that are awaiting their reexecution state. If the main server sshd process restarts before passing this state, these child processes will yield errors and use a fallback path of reading the current sshd_config from the filesystem rather than use the one that sshd was started with. To fix both of these cases, we reuse the startup_pipes that are shared between the main server sshd and forked children. Previously this was used solely to implement tracking of pre-auth child processes for MaxStartups, but this extends the messaging over these pipes to include a child->parent message that the parent process is safe to restart. This message is sent from the child after it has completed its preliminaries: closing listen_socks and receiving its reexec state. bz#2953, reported by Michal Koutný; ok markus@ dtucker@ OpenBSD-Commit-ID: 7df09eacfa3ce13e9a7b1e9f17276ecc924d65ab
* upstream: rename kex->kem_client_pub -> kex->client_pub now thatdjm@openbsd.org2019-01-211-9/+9
| | | | | | | | KEM has been renamed to kexgen from markus@ ok djm@ OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8
* upstream: use KEM API for vanilla ECDHdjm@openbsd.org2019-01-211-2/+2
| | | | | | from markus@ ok djm@ OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c
* upstream: use KEM API for vanilla DH KEXdjm@openbsd.org2019-01-211-6/+6
| | | | | | from markus@ ok djm@ OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9
* upstream: use KEM API for vanilla c25519 KEXdjm@openbsd.org2019-01-211-2/+2
| | | | OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f
* upstream: Add support for a PQC KEX/KEM:djm@openbsd.org2019-01-211-1/+2
| | | | | | | | | | | | sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default. introduce KEM API; a simplified framework for DH-ish KEX methods. from markus@ feedback & ok djm@ OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7
* last bits of old packet API / active_state globalDamien Miller2019-01-201-4/+4
|
* upstream: remove last references to active_statedjm@openbsd.org2019-01-201-27/+36
| | | | | | with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
* upstream: convert monitor.c to new packet APIdjm@openbsd.org2019-01-201-6/+5
| | | | | | with & ok markus@ OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5
* upstream: convert sshd.c to new packet APIdjm@openbsd.org2019-01-201-30/+39
| | | | | | with & ok markus@ OpenBSD-Commit-ID: ea569d3eaf9b5cf1bad52779fbfa5fa0b28af891
* upstream: convert auth2.c to new packet APIDamien Miller2019-01-201-2/+3
| | | | OpenBSD-Commit-ID: ed831bb95ad228c6791bc18b60ce7a2edef2c999
View Lorry Controller Status