summaryrefslogtreecommitdiffstats
path: root/authfile.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2022-06-27upstream: Don't leak the strings allocated by order_hostkeyalgs()dtucker@openbsd.org2-6/+12
and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of github PR#324 from ZoltanFridrich, ok djm@ OpenBSD-Commit-ID: b2f6e5f60f2bba293b831654328a8a0035ef4a1b
2022-06-25Zero out LIBFIDO2 when SK support not usable.Darren Tucker1-1/+1
Prevents us from trying to link them into ssh-sk-helper and failing to build.
2022-06-25Disable SK support if FIDO libs not found.Darren Tucker1-0/+1
2022-06-24fix broken case statement in previousDamien Miller1-0/+1
2022-06-24request 1.1x API compatibility for OpenSSL >=3.xDamien Miller1-2/+7
idea/patch from Pedro Martelletto via GHPR#322; ok dtucker@
2022-06-24upstream: make it clear that RekeyLimit applies to both transmitteddjm@openbsd.org2-10/+10
and received data. GHPR#328 from Jan Pazdziora OpenBSD-Commit-ID: d180a905fec9ff418a75c07bb96ea41c9308c3f9
2022-06-24upstream: Make sure not to fclose() the same fd twice in case of antobhe@openbsd.org1-7/+12
error. ok dtucker@ OpenBSD-Commit-ID: e384c4e05d5521e7866b3d53ca59acd2a86eef99
2022-06-24upstream: Don't attempt to fprintf a null identity comment. Fromdtucker@openbsd.org1-3/+3
Martin Vahlensieck via tech@. OpenBSD-Commit-ID: 4c54d20a8e8e4e9912c38a7b4ef5bfc5ca2e05c2
2022-06-24upstream: Log an error if pipe() fails while accepting adtucker@openbsd.org1-3/+7
connection. bz#3447, from vincent-openssh at vinc17 net, ok djm@ OpenBSD-Commit-ID: 9d59f19872b94900a5c79da2d57850241ac5df94
2022-06-24automatically enable built-in FIDO supportDamien Miller1-31/+34
If libfido2 is found and usable, then enable the built-in security key support unless --without-security-key-builtin was requested. ok dtucker@
2022-06-24fix possible NULL deref when built without FIDODamien Miller1-1/+2
Analysis/fix from kircher in bz3443; ok dtucker@
2022-06-15upstream: make sure that UseDNS hostname lookup happens in the monitordjm@openbsd.org5-27/+20
and not in the pledge(2)'d unprivileged process; fixes regression caused by recent refactoring spotted by henning@ OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
2022-06-03upstream: move auth_openprincipals() and auth_openkeyfile() over todjm@openbsd.org3-61/+60
auth2-pubkeyfile.c too; they make more sense there. OpenBSD-Commit-ID: 9970d99f900e1117fdaab13e9e910a621b7c60ee
2022-06-03upstream: test setenv in both client and server, test first-match-winsdjm@openbsd.org2-4/+79
too OpenBSD-Regress-ID: 4c8804f9db38a02db480b9923317457b377fe34b
2022-06-03upstream: Make SetEnv directives first-match-wins in bothdjm@openbsd.org7-42/+58
sshd_config and sshd_config; previously if the same name was reused then the last would win (which is the opposite to how the config is supposed to work). While there, make the ssh_config parsing more like sshd_config. bz3438, ok dtucker OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
2022-06-03upstream: Add missing *-sk types to ssh-keyscan manpage. Fromdtucker@openbsd.org1-3/+7
skazi0 via github PR#294. OpenBSD-Commit-ID: fda2c869cdb871f3c90a89fb3f985370bb5d25c0
2022-06-03upstream: Add period at end of "not known by any other names"dtucker@openbsd.org1-2/+2
message. github PR#320 from jschauma, ok djm@ OpenBSD-Commit-ID: bd60809803c4bfd3ebb7c5c4d918b10e275266f2
2022-06-03upstream: ssh-keygen -A: do not generate DSA keys by default.dtucker@openbsd.org2-7/+6
Based on github PR#303 from jsegitz with man page text from jmc@, ok markus@ djm@ OpenBSD-Commit-ID: 5c4c57bdd7063ff03381cfb6696659dd3f9f5b9f
2022-06-03upstream: ssh-keygen: implement "verify-required" certificate option.naddy@openbsd.org1-1/+11
This was already documented when support for user-verified FIDO keys was added, but the ssh-keygen(1) code was missing. ok djm@ OpenBSD-Commit-ID: f660f973391b593fea4b7b25913c9a15c3eb8a06
2022-06-03upstream: keywords ref ssh_config.5;jmc@openbsd.org1-4/+7
from caspar schutijser OpenBSD-Commit-ID: f146a19d7d5c9374c3b9c520da43b2732d7d1a4e
2022-05-30fix some bugs in the fuzzerDamien Miller1-1/+6
2022-05-27Test against OpenSSL 1.1.1o and 3.0.3.Darren Tucker1-1/+2
2022-05-27Test against LibreSSL 3.5.3.Darren Tucker1-1/+1
2022-05-27fuzzer for authorized_keys parsingDamien Miller2-1/+80
mostly redundant to authopt_fuzz, but it's sensitive code so IMO it makes sense to test this layer too
2022-05-27upstream: split the low-level file handling functions out fromdjm@openbsd.org5-402/+465
auth2-pubkey.c Put them in a new auth2-pubkeyfile.c to make it easier to refer to them (e.g. in unit/fuzz tests) without having to refer to everything else pubkey auth brings in. ok dtucker@ OpenBSD-Commit-ID: 3fdca2c61ad97dc1b8d4a7346816f83dc4ce2217
2022-05-27upstream: refactor authorized_keys/principals handlingdjm@openbsd.org6-57/+77
remove "struct ssh *" from arguments - this was only used to pass the remote host/address. These can be passed in instead and the resulting code is less tightly coupled to ssh_api.[ch] ok dtucker@ OpenBSD-Commit-ID: 9d4373d013edc4cc4b5c21a599e1837ac31dda0d
2022-05-27upstream: f sshpkt functions fail, then password is not cleareddtucker@openbsd.org1-4/+6
with freezero. Unconditionally call freezero to guarantee that password is removed from RAM. From tobias@ and c3h2_ctf via github PR#286, ok djm@ OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
2022-05-27upstream: Avoid kill with -1 argument. The out_ctx label can bedtucker@openbsd.org1-2/+3
reached before fork has been called. If this happens, then kill -1 would be called, sending SIGTERM to all processes reachable by the current process. From tobias@ and c3h2_ctf via github PR#286, ok djm@ OpenBSD-Commit-ID: 6277af1207d81202f5daffdccfeeaed4c763b1a8
2022-05-27upstream: Note that ProxyJump also accepts the same tokens asdtucker@openbsd.org1-3/+5
ProxyCommand. From pallxk via github PR#305. OpenBSD-Commit-ID: 7115ac351b129205f1f1ffa6bbfd62abd76be7c5
2022-05-25upstream: revert previous; it was broken (spotted by Theo)djm@openbsd.org4-36/+35
OpenBSD-Commit-ID: 457c79afaca2f89ec2606405c1059b98b30d8b0d
2022-05-25upstream: make SSHBUF_DBG/SSHBUF_TELL (off by default and only enableddjm@openbsd.org4-35/+36
via #define) dump to stderr rather than stdout OpenBSD-Commit-ID: 10298513ee32db8390aecb0397d782d68cb14318
2022-05-24configure.ac: Add missing AC_DEFINE for caph_cache_tzdata test causingTim Rice1-1/+5
HAVE_CAPH_CACHE_TZDATA to be missing from config.h.in. Spotted by Bryan Drewery
2022-05-16upstream: regress test for in-place transfers and clobbering largerdjm@openbsd.org1-1/+26
files with smaller ones; would have caught last regression in scp(1) OpenBSD-Regress-ID: 19de4e88dd3a4f7e5c1618c9be3c32415bd93bc2
2022-05-16upstream: Only run agent-ptrace.sh if gdb is available as allanton@openbsd.org1-1/+1
architectures do not ship with gdb. OpenBSD-Regress-ID: ec53e928803e6b87f9ac142d38888ca79a45348d
2022-05-16upstream: fix in-place copies; r1.163 incorrectly skipped truncation indjm@openbsd.org1-5/+8
all cases, not just at the start of a transfer. This could cause overwrites of larger files to leave junk at the end. Spotted by tb@ OpenBSD-Commit-ID: b189f19cd68119548c8e24e39c79f61e115bf92c
2022-05-13upstream: arrange for scp, when in sftp mode, to not ftruncate(3) filesdjm@openbsd.org4-43/+64
early previous behavious of unconditionally truncating the destination file would cause "scp ~/foo localhost:" and "scp localhost:foo ~/" to delete all the contents of their destination. spotted by solene@ sthen@, also bz3431; ok dtucker@ OpenBSD-Commit-ID: ca39fdd39e0ec1466b9666f15cbcfddea6aaa179
2022-05-13upstream: Remove errant apostrophe. From haruyama at queen-ml org.dtucker@openbsd.org1-2/+2
OpenBSD-Commit-ID: dc6b294567cb84b384ad6ced9ca469f2bbf0bd10
2022-05-09upstream: Allow existing -U (use agent) flag to work with "-Y sign"djm@openbsd.org2-10/+17
operations, where it will be interpreted to require that the private keys is hosted in an agent; bz3429, suggested by Adam Szkoda; ok dtucker@ OpenBSD-Commit-ID: a7bc69873b99c32c42c7628ed9ea91565ba08c2f
2022-05-09upstream: improve error message when 'ssh-keygen -Y sign' is unable todjm@openbsd.org1-6/+13
load a private key; bz3429, reported by Adam Szkoda ok dtucker@ OpenBSD-Commit-ID: bb57b285e67bea536ef81b1055467be2fc380e74
2022-05-09Remove duplicate bcrypt_pbkdf.o from MakefileTobias Heider1-1/+0
bcrypt_pbkdf.o is duplicated in the openbsd-compat Makefile's object file list.
2022-05-09upstream: When performing operations that glob(3) a remote path, ensuredjm@openbsd.org1-11/+38
that the implicit working directory used to construct that path escapes glob(3) characters. This prevents glob characters from being processed in places they shouldn't, e.g. "cd /tmp/a*/", "get *.txt" should have the get operation treat the path "/tmp/a*" literally and not attempt to expand it. Reported by Lusia Kundel; ok markus@ OpenBSD-Commit-ID: 4f647f58482cbad3d58b1eab7f6a1691433deeef
2022-05-06Also retest OpenBSD upstream on .yml changes.Darren Tucker1-1/+1
2022-05-06Note that, for now, we need variadic macros.Darren Tucker1-3/+4
2022-05-06Add ubsan minimal testcase on OpenBSD.Darren Tucker1-5/+7
As suggested by djm@.
2022-05-05upstream: sshkey_unshield_private() contains a exact duplicate ofdjm@openbsd.org1-40/+32
the code in private2_check_padding(). Pull private2_check_padding() up so the code can be reused. From Martin Vahlensieck, ok deraadt@ OpenBSD-Commit-ID: 876884c3f0e62e8fd8d1594bab06900f971c9c85
2022-05-05upstream: channel_new no longer frees remote_name. So update thedjm@openbsd.org2-6/+6
comment accordingly. As remote_name is not modified, it can be const as well. From Martin Vahlensieck OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
2022-05-05upstream: mux.c: mark argument as const; from Martin Vahlensieckdjm@openbsd.org1-2/+2
OpenBSD-Commit-ID: 69a1a93a55986c7c2ad9f733c093b46a47184341
2022-05-05upstream: make sure stdout is non-blocking; ok djm@markus@openbsd.org1-4/+9
OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
2022-05-05upstream: Add FIDO AUTHENTICATOR section and explain a bit how FIDOflorian@openbsd.org1-52/+78
works. The wording came mostly from the 8.2 OpenSSH release notes, addapted to fit the man page. Then move the -O bits into the new section as is already done for CERTIFICATES and MODULI GENERATION. Finally we can explain the trade-offs of resident keys. While here, consistently refer to the FIDO thingies as "FIDO authenticators", not "FIDO tokens". input & OK jmc, naddy OpenBSD-Commit-ID: dd98748d7644df048f78dcf793b3b63db9ab1d25
2022-05-05upstream: remove an obsolete rsa1 format example from an example;jmc@openbsd.org1-3/+2
from megan batty ok djm OpenBSD-Commit-ID: db2c89879c29bf083df996bd830abfb1e70d62bf