summaryrefslogtreecommitdiffstats
path: root/compat.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Refactor creation of KEX proposal.dtucker@openbsd.org2023-03-061-17/+2
| | | | | | | | | | This adds kex_proposal_populate_entries (and corresponding free) which populates the KEX proposal array with dynamically allocated strings. This replaces the previous mix of static and dynamic that has been the source of previous leaks and bugs. Remove unused compat functions. With & ok djm@. OpenBSD-Commit-ID: f2f99da4aae2233cb18bf9c749320c5e040a9c7b
* upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The codedtucker@openbsd.org2023-02-171-10/+2
| | | | | | | to set this was removed in OpenSSH 7.7 when support for SSH implementations dating back to before RFC standardization were removed. "burn it all" djm@ OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
* upstream: Remove now-unused compat bit SSH_BUG_BIGENDIANAES. Thisdtucker@openbsd.org2023-02-171-10/+2
| | | | | | | was previously set for OpenSSH 2.3 (released in 2000) but this check was removed in OpenSSH 7.7 (2018). ok djm@ deraadt@ OpenBSD-Commit-ID: 326426ea328707fc9e83305291ab135c87f678af
* upstream: Remove SSH_BUG_PASSWORDPAD compat bitdtucker@openbsd.org2023-02-161-12/+1
| | | | | | since it's no longer used. ok markus@ OpenBSD-Commit-ID: b92c21f56fe4b7f9a54790d6a9650725c226820b
* upstream: Remove SSH_BUG_IGNOREMSG compat flagdtucker@openbsd.org2023-02-161-8/+1
| | | | | | | since it's only applicable to SSH1 and thus no longer used. ok markus@ "kill it with fire" djm@ OpenBSD-Commit-ID: ea13318b1937795d9db4790d3ce0a6ed01584dab
* upstream: fix double-free caused by compat_kex_proposal(); bz3522djm@openbsd.org2023-02-021-8/+8
| | | | | | by dtucker@, ok me OpenBSD-Commit-ID: 2bfc37cd2d41f67dad64c17a64cf2cd3806a5c80
* upstream: Always return allocated strings from the kex filtering sodtucker@openbsd.org2022-07-011-4/+11
| | | | | | | that we can free them later. Fix one leak in compat_kex_proposal. Based on github PR#324 from ZoltanFridrich with some simplications by me. ok djm@ OpenBSD-Commit-ID: 9171616da3307612d0ede086fd511142f91246e4
* upstream: openssh-7.4 was incorrectly listed twice; spotted bydjm@openbsd.org2021-09-101-2/+1
| | | | | | Dmitry Belyavskiy, ok dtucker@ OpenBSD-Commit-ID: 4b823ae448f6e899927ce7b04225ac9e489f58ef
* upstream: Client-side workaround for a bug in OpenSSH 7.4: this releasedjm@openbsd.org2021-06-061-1/+3
| | | | | | | | | | | | allows RSA/SHA2 signatures for public key authentication but fails to advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse to offer valid keys. Reported by and based on patch from Gordon Messmer via bz3213, thanks also for additional analysis by Jakub Jelen. ok dtucker OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7
* upstream: remove global variable used to stash compat flags and use thedjm@openbsd.org2021-01-271-19/+17
| | | | | | purpose-built ssh->compat variable instead; feedback/ok markus@ OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-7/+7
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: some language improvements; ok markusdjm@openbsd.org2020-07-151-9/+9
| | | | OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
* upstream: Remove now-unused proto_spec and associated definitions.dtucker@openbsd.org2020-06-041-27/+1
| | | | | | ok djm@ OpenBSD-Commit-ID: 2e2b18e3aa6ee22a7b69c39f2d3bd679ec35c362
* upstream: revert compat.[ch] section of the following change. Itdjm@openbsd.org2018-08-131-33/+18
| | | | | | | | | | | | causes double-free under some circumstances. -- date: 2018/07/31 03:07:24; author: djm; state: Exp; lines: +33 -18; commitid: f7g4UI8eeOXReTPh; fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366 feedback and ok dtucker@ OpenBSD-Commit-ID: 1e77547f60fdb5e2ffe23e2e4733c54d8d2d1137
* upstream: fix some memory leaks spotted by Coverity via Jakub Jelendjm@openbsd.org2018-07-311-18/+33
| | | | | | in bz#2366 feedback and ok dtucker@ OpenBSD-Commit-ID: 8402bbae67d578bedbadb0ce68ff7c5a136ef563
* upstream: client: switch to sshbuf API; ok djm@markus@openbsd.org2018-07-101-2/+1
| | | | OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
* upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSAdjm@openbsd.org2018-07-041-9/+9
| | | | | | | | | | | | | | | | signature work - returns ability to add/remove/specify algorithms by wildcard. Algorithm lists are now fully expanded when the server/client configs are finalised, so errors are reported early and the config dumps (e.g. "ssh -G ...") now list the actual algorithms selected. Clarify that, while wildcards are accepted in algorithm lists, they aren't full pattern-lists that support negation. (lots of) feedback, ok markus@ OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207
* upstream: crank version number to 7.8; needed for new compat flagdjm@openbsd.org2018-07-031-2/+3
| | | | | | for prior version; part of RSA-SHA2 strictification, ok markus@ OpenBSD-Commit-ID: 84a11fc0efd2674c050712336b5093f5d408e32b
* upstream: Improve strictness and control over RSA-SHA2 signaturedjm@openbsd.org2018-07-031-8/+19
| | | | | | | | | | | | | | | | | | | | | | | In ssh, when an agent fails to return a RSA-SHA2 signature when requested and falls back to RSA-SHA1 instead, retry the signature to ensure that the public key algorithm sent in the SSH_MSG_USERAUTH matches the one in the signature itself. In sshd, strictly enforce that the public key algorithm sent in the SSH_MSG_USERAUTH message matches what appears in the signature. Make the sshd_config PubkeyAcceptedKeyTypes and HostbasedAcceptedKeyTypes options control accepted signature algorithms (previously they selected supported key types). This allows these options to ban RSA-SHA1 in favour of RSA-SHA2. Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures with certificate keys. feedback and ok markus@ OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
* upstream: Disable SSH2_MSG_DEBUG messages for Twisted Conch clientsdjm@openbsd.org2018-04-171-1/+3
| | | | | | | | | | without version numbers since they choke on them under some circumstances. https://twistedmatrix.com/trac/ticket/9422 via Colin Watson Newer Conch versions have a version number in their ident string and handle debug messages okay. https://twistedmatrix.com/trac/ticket/9424 OpenBSD-Commit-ID: 6cf7be262af0419c58ddae11324d9c0dc1577539
* upstream: Don't send IUTF8 to servers that don't like them.dtucker@openbsd.org2018-02-161-1/+3
| | | | | | | | Some SSH servers eg "ConfD" drop the connection if the client sends the new IUTF8 (RFC8160) terminal mode even if it's not set. Add a bug bit for such servers and avoid sending IUTF8 to them. ok djm@ OpenBSD-Commit-ID: 26425855402d870c3c0a90491e72e2a8a342ceda
* upstream commitdjm@openbsd.org2018-01-231-67/+4
| | | | | | | | | | | | | Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
* upstream commitdtucker@openbsd.org2017-07-281-4/+7
| | | | | | | Make WinSCP patterns for SSH_OLD_DHGEX more specific to exclude WinSCP 5.10.x and up. bz#2748, from martin at winscp.net, ok djm@ Upstream-ID: 6fd7c32e99af3952db007aa180e73142ddbc741a
* upstream commitdjm@openbsd.org2017-05-011-17/+1
| | | | | | | | remove compat20/compat13/compat15 variables ok markus@ Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
* upstream commitdjm@openbsd.org2017-05-011-3/+1
| | | | | | | | | remove options.protocol and client Protocol configuration knob ok markus@ Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
* upstream commitdjm@openbsd.org2017-05-011-6/+1
| | | | | | unifdef WITH_SSH1 ok markus@ Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
* upstream commitdjm@openbsd.org2017-02-041-35/+13
| | | | | | | | support =- for removing methods from algorithms lists, e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like it" markus@ Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
* upstream commitdtucker@openbsd.org2016-06-061-3/+2
| | | | | | Back out 'plug memleak'. Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
* upstream commitdtucker@openbsd.org2016-06-061-2/+3
| | | | | | Plug mem leak in filter_proposal. ok djm@ Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
* upstream commitdjm@openbsd.org2015-08-201-2/+13
| | | | | | | Better compat matching for WinSCP, add compat matching for FuTTY (fork of PuTTY); ok markus@ deraadt@ Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389
* upstream commitdjm@openbsd.org2015-07-291-2/+3
| | | | | | | add Cisco to the list of clients that choke on the hostkeys update extension. Pointed out by Howard Kash Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84
* upstream commitdtucker@openbsd.org2015-07-151-2/+3
| | | | | | | | | | Add "PuTTY_Local:" to the clients to which we do not offer DH-GEX. This was the string that was used for development versions prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately there are some extant products based on those versions. bx2424 from Jay Rouman, ok markus@ djm@ Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5
* upstream commitdtucker@openbsd.org2015-05-271-1/+2
| | | | | | | | Cap DH-GEX group size at 4kbits for Cisco implementations. Some of them will choke when asked for preferred sizes >4k instead of returning the 4k group that they do have. bz#2209, ok djm@ Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d
* upstream commitdjm@openbsd.org2015-05-101-3/+2
| | | | | | | | | | | Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
* upstream commitdtucker@openbsd.org2015-05-081-2/+9
| | | | | | | Blacklist DH-GEX for specific PuTTY versions known to send non-RFC4419 DH-GEX messages rather than all versions of PuTTY. According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX messages. ok djm@
* upstream commitdtucker@openbsd.org2015-05-081-1/+2
| | | | | WinSCP doesn't implement RFC4419 DH-GEX so flag it so we don't offer that KEX method. ok markus@
* upstream commitdjm@openbsd.org2015-04-131-9/+15
| | | | | | deprecate ancient, pre-RFC4419 and undocumented SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems reasonable" dtucker@
* upstream commitdtucker@openbsd.org2015-04-131-1/+12
| | | | | | | Don't send hostkey advertisments (hostkeys-00@openssh.com) to current versions of Tera Term as they can't handle them. Newer versions should be OK. Patch from Bryan Drewery and IWAMOTO Kouichi, ok djm@
* upstream commitdjm@openbsd.org2015-04-131-1/+3
| | | | | treat Protocol=1,2|2,1 as Protocol=2 when compiled without SSH1 support; ok dtucker@ millert@
* upstream commitmarkus@openbsd.org2015-01-191-6/+9
| | | | store compat flags in struct ssh; ok djm@
* upstream commitdjm@openbsd.org2014-10-131-2/+2
| | | | another -Wpointer-sign from clang
* - djm@cvs.openbsd.org 2014/04/20 02:49:32Damien Miller2014-04-201-1/+2
| | | | | | [compat.c] add a canonical 6.6 + curve25519 bignum fix fake version that I can recommend people use ahead of the openssh-6.7 release
* - djm@cvs.openbsd.org 2014/04/19 05:54:59Damien Miller2014-04-201-2/+2
| | | | | [compat.c] missing wildcard; pointed out by naddy@
* - djm@cvs.openbsd.org 2014/04/18 23:52:25Damien Miller2014-04-201-2/+16
| | | | | | | | | | | | [compat.c compat.h sshconnect2.c sshd.c version.h] OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections using the curve25519-sha256@libssh.org KEX exchange method to fail when connecting with something that implements the spec properly. Disable this KEX method when speaking to one of the affected versions. reported by Aris Adamantiadis; ok markus@
* - djm@cvs.openbsd.org 2013/12/30 23:52:28Damien Miller2013-12-311-17/+44
| | | | | | | | | [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] [sshconnect.c sshconnect2.c sshd.c] refuse RSA keys from old proprietary clients/servers that use the obsolete RSA+MD5 signature scheme. it will still be possible to connect with these clients/servers but only DSA keys will be accepted, and we'll deprecate them entirely in a future release. ok markus@
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-011-3/+3
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
* - djm@cvs.openbsd.org 2012/08/17 01:30:00Darren Tucker2012-09-061-1/+3
| | | | | | | [compat.c sshconnect.c] Send client banner immediately, rather than waiting for the server to move first for SSH protocol 2 connections (the default). Patch based on one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
* - markus@cvs.openbsd.org 2011/09/23 07:45:05Darren Tucker2011-10-021-1/+2
| | | | | | | | | | | [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c version.h] unbreak remote portforwarding with dynamic allocated listen ports: 1) send the actual listen port in the open message (instead of 0). this allows multiple forwardings with a dynamic listen port 2) update the matching permit-open entry, so we can identify where to connect to report: den at skbkontur.ru and P. Szczygielski feedback and ok djm@
* - markus@cvs.openbsd.org 2008/09/11 14:22:37Damien Miller2008-11-031-2/+3
| | | | | | [compat.c compat.h nchan.c ssh.c] only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations; ok djm@
* - djm@cvs.openbsd.org 2006/12/12 03:58:42Damien Miller2007-01-051-2/+3
| | | | | | | | | [channels.c compat.c compat.h] bz #1019: some ssh.com versions apparently can't cope with the remote port forwarding bind_address being a hostname, so send them an address for cases where they are not explicitly specified (wildcard or localhost bind). reported by daveroth AT acm.org; ok dtucker@ deraadt@