summaryrefslogtreecommitdiffstats
path: root/auth-sia.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2016-07-24upstream commitdjm@openbsd.org1-2/+2
openssh-7.3 Upstream-ID: af106a7eb665f642648cf1993e162c899f358718
2016-07-23Move Cygwin IPPORT_RESERVED overrride to defines.hDarren Tucker2-2/+13
Patch from vinschen at redhat.com.
2016-07-23upstream commitdjm@openbsd.org1-3/+7
fix pledge violation with ssh -f; reported by Valentin Kozamernik ok dtucker@ Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
2016-07-23upstream commitdjm@openbsd.org1-2/+2
improve wording; suggested by jmc@ Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8
2016-07-23upstream commitdtucker@openbsd.org1-2/+2
Lower loglevel for "Authenticated with partial success" message similar to other similar level. bz#2599, patch from cgallek at gmail.com, ok markus@ Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
2016-07-22retry waitpid on EINTR failureDamien Miller1-4/+11
patch from Jakub Jelen on bz#2581; ok dtucker@
2016-07-22upstream commitdjm@openbsd.org1-14/+15
constify a few functions' arguments; patch from Jakub Jelen bz#2581 Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d
2016-07-22upstream commitdjm@openbsd.org1-4/+5
move debug("%p", key) to before key is free'd; probable undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
2016-07-22upstream commitdjm@openbsd.org2-12/+20
reverse the order in which -J/JumpHost proxies are visited to be more intuitive and document reported by and manpage bits naddy@ Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a
2016-07-22upstream commitdtucker@openbsd.org1-1/+6
Skip passwords longer than 1k in length so clients can't easily DoS sshd by sending very long passwords, causing it to spend CPU hashing them. feedback djm@, ok markus@. Brought to our attention by tomas.kuthan at oracle.com, shilei-c at 360.cn and coredump at autistici.org Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
2016-07-22upstream commitnaddy@openbsd.org1-12/+15
Do not clobber the global jump_host variables when parsing an inactive configuration. ok djm@ Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31
2016-07-22upstream commitjmc@openbsd.org1-3/+3
tweak previous; Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534
2016-07-22upstream commitdtucker@openbsd.org2-4/+11
Allow wildcard for PermitOpen hosts as well as ports. bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok markus@ Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
2016-07-22upstream commitmarkus@openbsd.org1-14/+23
Reduce timing attack against obsolete CBC modes by always computing the MAC over a fixed size of data. Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@ Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912
2016-07-21Search users for one with a valid salt.Darren Tucker1-9/+15
If the root account is locked (eg password "!!" or "*LK*") keep looking until we find a user with a valid salt to use for crypting passwords of invalid users. ok djm@
2016-07-18Explicitly specify source files for regress tools.Darren Tucker1-4/+4
Since adding $(REGRESSLIBS), $? is wrong because it includes only the changed source files. $< seems like it'd be right however it doesn't seem to work on some non-GNU makes, so do what works everywhere.
2016-07-18Conditionally include err.h.Darren Tucker1-0/+3
2016-07-18Remove local implementation of err, errx.Darren Tucker1-28/+0
We now have a shared implementation in libopenbsd-compat.
2016-07-18upstream commitdjm@openbsd.org1-5/+15
Add some unsigned overflow checks for extra_pad. None of these are reachable with the amount of padding that we use internally. bz#2566, pointed out by Torben Hansen. ok markus@ Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76
2016-07-18Add dependency on libs for unit tests.Darren Tucker1-4/+6
Makes "./configure && make tests" work again. ok djm@
2016-07-18Correct location for kexfuzz in clean target.Darren Tucker1-1/+2
2016-07-18Handle PAM_MAXTRIES from modules.Darren Tucker4-1/+41
bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer password and keyboard-interative authentication methods. Should prevent "sshd ignoring max retries" warnings in the log. ok djm@ It probably won't trigger with keyboard-interactive in the default configuration because the retry counter is stored in module-private storage which goes away with the sshd PAM process (see bz#688). On the other hand, those cases probably won't log a warning either.
2016-07-17upstream commitdjm@openbsd.org2-14/+12
support UTF-8 characters in ssh(1) banners using schwarze@'s safe fmprintf printer; bz#2058 feedback schwarze@ ok dtucker@ Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
2016-07-17upstream commitjmc@openbsd.org5-24/+26
- add proxyjump to the options list - formatting fixes - update usage() ok djm Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
2016-07-15upstream commitdtucker@openbsd.org3-15/+22
Reduce the syslog level of some relatively common protocol events from LOG_CRIT by replacing fatal() calls with logdie(). Part of bz#2585, ok djm@ Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5
2016-07-15missing openssl/dh.hDamien Miller1-0/+1
2016-07-15cast to avoid type warning in error messageDamien Miller1-2/+2
2016-07-15Move VA_COPY macro into compat header.Darren Tucker4-26/+19
Some AIX compilers unconditionally undefine va_copy but don't set it back to an internal function, causing link errors. In some compat code we already use VA_COPY instead so move the two existing instances into the shared header and use for sshbuf-getput-basic.c too. Should fix building with at lease some versions of AIX's compiler. bz#2589, ok djm@
2016-07-15disable ciphers not supported by OpenSSLDamien Miller2-4/+12
bz#2466 ok dtucker@
2016-07-15add a --disable-pkcs11 knobDamien Miller1-1/+11
2016-07-15fix newline escaping for unsupported_algorithmsDamien Miller1-11/+20
The hmac-ripemd160 was incorrect and could lead to broken Makefiles on systems that lacked support for it, but I made all the others consistent too.
2016-07-15upstream commitdjm@openbsd.org7-27/+271
Add a ProxyJump ssh_config(5) option and corresponding -J ssh(1) command-line flag to allow simplified indirection through a SSH bastion or "jump host". These options construct a proxy command that connects to the specified jump host(s) (more than one may be specified) and uses port-forwarding to establish a connection to the next destination. This codifies the safest way of indirecting connections through SSH servers and makes it easy to use. ok markus@ Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
2016-07-15Map umac_ctx struct name too.Darren Tucker1-1/+1
Prevents size mismatch linker warnings on Solaris 11.
2016-07-15Mitigate timing of disallowed users PAM logins.Darren Tucker1-4/+31
When sshd decides to not allow a login (eg PermitRootLogin=no) and it's using PAM, it sends a fake password to PAM so that the timing for the failure is not noticeably different whether or not the password is correct. This behaviour can be detected by sending a very long password string which is slower to hash than the fake password. Mitigate by constructing an invalid password that is the same length as the one from the client and thus takes the same time to hash. Diff from djm@
2016-07-15Determine appropriate salt for invalid users.Darren Tucker2-4/+42
When sshd is processing a non-PAM login for a non-existent user it uses the string from the fakepw structure as the salt for crypt(3)ing the password supplied by the client. That string has a Blowfish prefix, so on systems that don't understand that crypt will fail fast due to an invalid salt, and even on those that do it may have significantly different timing from the hash methods used for real accounts (eg sha512). This allows user enumeration by, eg, sending large password strings. This was noted by EddieEzra.Harari at verint.com (CVE-2016-6210). To mitigate, use the same hash algorithm that root uses for hashing passwords for users that do not exist on the system. ok djm@
2016-07-14OpenSSL 1.1.x not currently supported.Darren Tucker1-2/+3
2016-07-14Check for VIS_ALL.Darren Tucker1-0/+3
If we don't have it, set BROKEN_STRNVIS to activate the compat replacement.
2016-07-14upstream commitdtucker@openbsd.org1-7/+7
Correct equal in test. Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a
2016-07-14upstream committb@openbsd.org1-2/+2
Add missing "recvfd" pledge promise: Raf Czlonka reported ssh coredumps when Control* keywords were set in ssh_config. This patch also fixes similar problems with scp and sftp. ok deraadt, looks good to millert Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b
2016-07-14upstream committedu@openbsd.org1-2/+1
obsolete note about fascistloggin is obsolete. ok djm dtucker Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a
2016-07-14Add compat code for missing wcwidth.Darren Tucker3-1/+41
If we don't have wcwidth force fallback implementations of nl_langinfo and mbtowc. Based on advice from Ingo Schwarze.
2016-07-14fix missing include for systems with err.hDamien Miller1-0/+3
2016-07-13Move err.h replacements into compat lib.Darren Tucker6-42/+90
Move implementations of err.h replacement functions into their own file in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@
2016-07-11Check for wchar.h and langinfo.hDarren Tucker2-2/+8
Wrap includes in the appropriate #ifdefs.
2016-07-08whitelist more architectures for seccomp-bpfDamien Miller1-0/+24
bz#2590 - testing and patch from Jakub Jelen
2016-07-08upstream commitguenther@openbsd.org1-2/+1
DEBUGLIBS has been broken since the gcc4 switch, so delete it. CFLAGS contains -g by default anyway problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) ok millert@ kettenis@ deraadt@ Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542
2016-07-08upstream commitdjm@openbsd.org3-21/+41
Improve crypto ordering for Encrypt-then-MAC (EtM) mode MAC algorithms. Previously we were computing the MAC, decrypting the packet and then checking the MAC. This gave rise to the possibility of creating a side-channel oracle in the decryption step, though no such oracle has been identified. This adds a mac_check() function that computes and checks the MAC in one pass, and uses it to advance MAC checking for EtM algorithms to before payload decryption. Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. feedback and ok markus@ Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b
2016-07-08upstream commitguenther@openbsd.org1-0/+1
DEBUGLIBS has been broken since the gcc4 switch, so delete it. CFLAGS contains -g by default anyway problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) ok millert@ kettenis@ deraadt@ Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603
2016-07-08upstream commitdtucker@openbsd.org1-4/+4
Explicitly check for 100% completion to avoid potential floating point rounding error, which could cause progressmeter to report 99% on completion. While there invert the test so the 100% case is clearer. with & ok djm@ Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d
2016-07-08upstream commitjmc@openbsd.org3-9/+9
sort the -o list; Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac