summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* avoid gcc warning in fuzz testDamien Miller2024-09-151-1/+1
|
* upstream: bad whitespace in config dump outputdjm@openbsd.org2024-09-151-2/+2
| | | | OpenBSD-Commit-ID: d899c13b0e8061d209298eaf58fe53e3643e967c
* use construct_utmp to construct btmp recordsDamien Miller2024-09-151-63/+26
| | | | Simpler and removes some code with the old-style BSD license.
* upstream: update the Streamlined NTRU Prime code from the "ref"djm@openbsd.org2024-09-153-1022/+1925
| | | | | | | | | | | implementation in SUPERCOP 20201130 to the "compact" implementation in SUPERCOP 20240808. The new version is substantially faster. Thanks to Daniel J Bernstein for pointing out the new implementation (and of course for writing it). tested in snaps/ok deraadt@ OpenBSD-Commit-ID: bf1a77924c125ecdbf03e2f3df8ad13bd3dafdcb
* upstream: document Match invalid-userdjm@openbsd.org2024-09-151-2/+6
| | | | OpenBSD-Commit-ID: 2c84a9b517283e9711e2812c1f268081dcb02081
* upstream: add a "Match invalid-user" predicate to sshd_config Matchdjm@openbsd.org2024-09-154-8/+25
| | | | | | | | | | | | | | | | | | options. This allows writing Match conditions that trigger for invalid username. E.g. PerSourcePenalties refuseconnection:90s Match invalid-user RefuseConnection yes Will effectively penalise bots try to guess passwords for bogus accounts, at the cost of implicitly revealing which accounts are invalid. feedback markus@ OpenBSD-Commit-ID: 93d3a46ca04bbd9d84a94d1e1d9d3a21073fbb07
* upstream: Add a "refuseconnection" penalty class to sshd_configdjm@openbsd.org2024-09-156-11/+42
| | | | | | | | | PerSourcePenalties This allows penalising connection sources that have had connections dropped by the RefuseConnection option. ok markus@ OpenBSD-Commit-ID: 3c8443c427470bb3eac1880aa075cb4864463cb6
* upstream: Add a sshd_config "RefuseConnection" optiondjm@openbsd.org2024-09-155-6/+38
| | | | | | | | | If set, this will terminate the connection at the first authentication request (this is the earliest we can evaluate sshd_config Match blocks) ok markus@ OpenBSD-Commit-ID: 43cc2533984074c44d0d2f92eb93f661e7a0b09c
* upstream: switch sshd_config Match processing to the argv tokeniserdjm@openbsd.org2024-09-151-20/+16
| | | | | | too; ok markus@ OpenBSD-Commit-ID: b74b5b0385f2e0379670e2b869318a65b0bc3923
* upstream: switch "Match" directive processing over to the argvdjm@openbsd.org2024-09-151-21/+14
| | | | | | | string tokeniser, making it possible to use shell-like quoting in Match directives, particularly "Match exec". ok markus@ OpenBSD-Commit-ID: 0877309650b76f624b2194c35dbacaf065e769a5
* upstream: include pathname in some of the ssh-keygen passphrasedjm@openbsd.org2024-09-151-9/+17
| | | | | | | prompts. Helps the user know what's going on when ssh-keygen is invoked via other tools. Requested in GHPR503 OpenBSD-Commit-ID: 613b0bb6cf845b7e787d69a5b314057ceda6a8b6
* upstream: Do not apply authorized_keys options when signaturedjm@openbsd.org2024-09-151-2/+2
| | | | | | | verification fails. Prevents restrictive key options being incorrectly applied to subsequent keys in authorized_keys. bz3733, ok markus@ OpenBSD-Commit-ID: ba3776d9da4642443c19dbc015a1333622eb5a4e
* Fix without_openssl always being set to 1Wu Weixin2024-09-131-2/+2
| | | | | In Fedora systems, %{?rhel} is empty. In RHEL systems, %{?fedora} is empty. Therefore, the original code always sets without_openssl to 1.
* upstream: Relax absolute path requirement back to what it was prior todjm@openbsd.org2024-09-121-2/+2
| | | | | | | OpenSSH 9.8, which incorrectly required that sshd was started with an absolute path in inetd mode. bz3717, patch from Colin Wilson OpenBSD-Commit-ID: 25c57f22764897242d942853f8cccc5e991ea058
* upstream: document the mlkem768x25519-sha256 key exchange algorithmnaddy@openbsd.org2024-09-112-4/+8
| | | | OpenBSD-Commit-ID: fa18dccdd9753dd287e62ecab189b3de45672521
* Spell omnios test host correctly.Darren Tucker2024-09-101-1/+1
|
* Add omnios test target.Darren Tucker2024-09-101-0/+2
|
* Wrap stdint.h in ifdef.Darren Tucker2024-09-101-0/+2
|
* Also test PAM on dfly64.Darren Tucker2024-09-101-0/+1
|
* stubs for ML-KEM KEX functionsDamien Miller2024-09-091-2/+23
| | | | used for C89 compilers
* declare defeat trying to detect C89 compilersDamien Miller2024-09-092-18/+2
| | | | | | | I can't find a reliable way to detect the features the ML-KEM code requires in configure. Give up for now and use VLA support (that we can detect) as a proxy for "old compiler" and turn off ML-KEM if it isn't supported.
* fix previous; check for C99 compound literalsDamien Miller2024-09-092-8/+9
| | | | | The previous commit was incorrect (or at least insufficient), the ML-KEM code is actually using compound literals, so test for them.
* test for compiler feature needed for ML-KEMDamien Miller2024-09-095-1/+25
| | | | | | | The ML-KEM implementation we uses need the compiler to support C99-style named struct initialisers (e.g foo = {.bar = 1}). We still support (barely) building OpenSSH with older compilers, so add a configure test for this.
* upstream: test mlkem768x25519-sha256djm@openbsd.org2024-09-092-2/+5
| | | | OpenBSD-Regress-ID: 7baf6bc39ae55648db1a2bfdc55a624954847611
* upstream: pull post-quantum ML-KEM/x25519 key exchange out fromdjm@openbsd.org2024-09-0910-40/+9
| | | | | | | | | | | compile-time flag now than an IANA codepoint has been assigned for the algorithm. Add mlkem768x25519-sha256 in 2nd KexAlgorithms preference slot. ok markus@ OpenBSD-Commit-ID: 9f50a0fae7d7ae8b27fcca11f8dc6f979207451a
* upstream: make parsing user@host consistently look for the last '@' indjm@openbsd.org2024-09-062-6/+6
| | | | | | | | | | | | the string rather than the first. This makes it possible to use usernames that contain '@' characters. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Prompted by Max Zettlmeißl; feedback/ok millert@ OpenBSD-Commit-ID: 0b16eec246cda15469ebdcf3b1e2479810e394c5
* upstream: be more strict in parsing key type names. Only allowdjm@openbsd.org2024-09-044-13/+28
| | | | | | | | | shortnames (e.g "rsa") in user-interface code and require full SSH protocol names (e.g. "ssh-rsa") everywhere else. Prompted by bz3725; ok markus@ OpenBSD-Commit-ID: b3d8de9dac37992eab78adbf84fab2fe0d84b187
* upstream: fix RCSID in outputdjm@openbsd.org2024-09-041-2/+2
| | | | OpenBSD-Commit-ID: 889ae07f2d2193ddc4351711919134664951dd76
* upstream: envrionment -> environment;jmc@openbsd.org2024-09-041-2/+2
| | | | OpenBSD-Commit-ID: b719f39c20e8c671ec6135c832d6cc67a595af9c
* add basic fuzzers for our import of sntrup761Damien Miller2024-09-046-16/+265
|
* upstream: regression test for Include variable expansiondjm@openbsd.org2024-09-031-2/+24
| | | | OpenBSD-Regress-ID: 35477da3ba1abd9ca64bc49080c50a9c1350c6ca
* upstream: allow the "Include" directive to expand the same set ofdjm@openbsd.org2024-09-032-47/+95
| | | | | | | | %-tokens that "Match Exec" and environment variables. ok dtucker@ OpenBSD-Commit-ID: 12ef521eaa966a9241e684258564f52f1f3c5d37
* upstream: missing ifdefdjm@openbsd.org2024-09-021-2/+4
| | | | OpenBSD-Commit-ID: 85f09da957dd39fd0abe08fe5ee19393f25c2021
* upstream: Add experimental support for hybrid post-quantum key exchangedjm@openbsd.org2024-09-0216-12/+12812
| | | | | | | | | | | | | | | | | | ML-KEM768 with ECDH/X25519 from the Internet-draft: https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 This is based on previous patches from markus@ but adapted to use the final FIPS203 standard ML-KEM using a formally-verified implementation from libcrux. Note this key exchange method is still a draft and thus subject to change. It is therefore disabled by default; set MLKEM=yes to build it. We're making it available now to make it easy for other SSH implementations to test against it. ok markus@ deraadt@ OpenBSD-Commit-ID: 02a8730a570b63fa8acd9913ec66353735dea42c
* Don't skip audit before exitting cleanup_exitAntonio Larrosa2024-08-281-3/+3
| | | | | | | | | | | This fixes an issue where the SSH_CONNECTION_ABANDON event is not audited because cleanup_exit overrides the regular _exit too soon and as a result, failed auth attempts are not logged correctly. The problem was introduced in 81c1099d22b81ebfd20a334ce986c4f753b0db29 where the code from upstream was merged before the audit_event call when it should have been merged right before the _exit call in order to honor the comment that just mentions an override of the exit value.
* upstream: fix test: -F is the argument to specify a non-defaultdjm@openbsd.org2024-08-281-3/+3
| | | | | | ssh_config, not -f (this is sadly not a new bug) OpenBSD-Regress-ID: 45a7bda4cf33f2cea218507d8b6a55cddbcfb322
* upstream: As defined in the RFC, the SSH protocol has negotiablederaadt@openbsd.org2024-08-275-15/+10
| | | | | | | | | | | | | | | | | | | | | | compression support (which is requested as the name "zlib"). Compression starts very early in the session. Relative early in OpenSSH lifetime, privsep was added to sshd, and this required a shared-memory hack so the two processes could see what was going on in the dataflow. This shared-memory hack was soon recognized as a tremendous complexity risk, because it put libz (which very much trusts it's memory) in a dangerous place, and a new option ("zlib@openssh.com") was added begins compression after authentication (aka delayed-compression). That change also permitted removal of the shared-memory hack. Despite removal from the server, the old "zlib" support remained in the client, to allow negotiation with non-OpenSSH daemons which lack the delayed-compression option. This commit deletes support for the older "zlib" option in the client. It reduces our featureset in a small way, and encourages other servers to move to a better design. The SSH protocol is different enough that compressed-key-material attacks like BEAST are unlikely, but who wants to take the chance? We encourage other ssh servers who care about optional compression support to add delayed-zlib support. (Some already do "zlib@openssh.com") ok djm markus OpenBSD-Commit-ID: 6df986f38e4ab389f795a6e39e7c6857a763ba72
* upstream: sntrup761x25519-sha512 now has an IANA codepoint assigned, sodjm@openbsd.org2024-08-235-10/+16
| | | | | | | we can make the algorithm available without the @openssh.com suffix too. ok markus@ deraadt@ OpenBSD-Commit-ID: eeed8fcde688143a737729d3d56d20ab4353770f
* Move rekey test into valgrind-2.Darren Tucker2024-08-222-7/+2
| | | | | | | Now that the rekey test has been optimized it's fast enough to not be in its own valgrind test, so move it into valgrind-2, which is currently the quickest of the others, bringing all of them to roughly the same runtime of ~1.1 hours.
* upstream: Use aes128-ctr for MAC tests since default has implicit MAC.dtucker@openbsd.org2024-08-221-8/+19
| | | | | | | Also verify that the Cipher or MAC we intended to use is actually the one selected during the test. OpenBSD-Regress-ID: ff43fed30552afe23d1364526fe8cf88cbfafe1d
* fix incorrect default for PasswordAuthenticationDamien Miller2024-08-221-1/+1
| | | | merge botch spotted by gsgleason
* upstream: Some awks won't match on the \r so delete it instead. Fixesdtucker@openbsd.org2024-08-211-3/+3
| | | | | | regress in portable on, eg Solaris. OpenBSD-Regress-ID: 44a96d6d2f8341d89b7d5fff777502b92ac9e9ba
* upstream: Import regenerated moduli.dtucker@openbsd.org2024-08-211-468/+411
| | | | OpenBSD-Commit-ID: 5db7049ad5558dee5b2079d3422e8ddab187c1cc
* upstream: Use curve25519-sha256 kex where possible.dtucker@openbsd.org2024-08-211-2/+13
| | | | | | | | | Except where we're explicitly testing a different kex, use curve25519-sha256 since it's faster than the default and supported even when configured without OpenSSL. Add a check to ensure that the kex we intended to test is the one we actually tested. Speeds test up by ~5%. OpenBSD-Regress-ID: 3b27fcc2ae953cb08fd82a0d3155c498b226d6e0
* upstream: Send only as much data as needed to trigger rekeying. Speedsdtucker@openbsd.org2024-08-211-14/+23
| | | | | | | up tests by about 10% in the common case, hopefully more when instrumented with something like valgrind. OpenBSD-Regress-ID: 7bf9292b4803357efcf0baf7cfbdc8521f212da1
* simplify sshkey_prekey_alloc(); always use mmapDamien Miller2024-08-211-17/+10
|
* upstream: Merge AEAD test into main test loop.dtucker@openbsd.org2024-08-201-12/+10
| | | | | | Removes 3 duplicate tests and speeds overall test up by about 1%. OpenBSD-Regress-ID: 5e5c9ff3f7588091ed369e34ac28520490ad2619
* upstream: Set a default RekeyLimit of 256k.dtucker@openbsd.org2024-08-201-3/+4
| | | | | | | Used unless overridden by a command-line flag, which simplifies some of the ssh command lines. OpenBSD-Regress-ID: e7cffa57027088e10336e412b34113969f88cb87
* upstream: Add Compression=no to default ssh_config.dtucker@openbsd.org2024-08-201-7/+9
| | | | | | | All of the rekey tests use it (otherwise the encrypted byte counts would not match) so this lets us simplify the command lines. OpenBSD-Regress-ID: dab7ce10f4cf6c68827eb8658141272aab3ea262
* upstream: Remove duplicate curve25519-sha256 kex.dtucker@openbsd.org2024-08-201-4/+10
| | | | | | | curve25519-sha256@libssh.org is the pre-standardization name for the same thing, so remove it as a duplicate. Speeds up test by a tiny amount. OpenBSD-Regress-ID: 5a5ee5fa1595a6e140b1cc16040bedf5996a5715
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 06:22:03 +0100