summaryrefslogtreecommitdiffstats
path: root/monitor.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* upstream commitmarkus@openbsd.org2017-05-311-3/+3
| | | | | | switch from Key typedef with struct sshkey; ok djm@ Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
* upstream commitdjm@openbsd.org2017-02-041-1/+6
| | | | | | | | | | | use ssh_packet_set_log_preamble() to include connection username in packet log messages, e.g. Connection closed by invalid user foo 10.1.1.1 port 44056 [preauth] ok markus@ bz#113 Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15
* upstream commitdjm@openbsd.org2016-09-281-47/+1
| | | | | | | | | | | | | | | | | | | | Remove support for pre-authentication compression. Doing compression early in the protocol probably seemed reasonable in the 1990s, but today it's clearly a bad idea in terms of both cryptography (cf. multiple compression oracle attacks in TLS) and attack surface. Moreover, to support it across privilege-separation zlib needed the assistance of a complex shared-memory manager that made the required attack surface considerably larger. Prompted by Guido Vranken pointing out a compiler-elided security check in the shared memory manager found by Stack (http://css.csail.mit.edu/stack/); ok deraadt@ markus@ NB. pre-auth authentication has been disabled by default in sshd for >10 years. Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
* upstream commitdjm@openbsd.org2016-09-121-4/+4
| | | | | | | enforce expected request flow for GSSAPI calls; thanks to Jakub Jelen for testing; ok markus@ Upstream-ID: d4bc0e70e1be403735d3d9d7e176309b1fd626b9
* tighten PAM monitor callsDamien Miller2016-08-311-3/+7
| | | | | only allow kbd-interactive ones when that authentication method is enabled. Prompted by Solar Designer
* upstream commitdjm@openbsd.org2016-08-311-1/+19
| | | | | | | | | restrict monitor auth calls to be allowed only when their respective authentication methods are enabled in the configuration. prompted by Solar Designer; ok markus dtucker Upstream-ID: 6eb3f89332b3546d41d6dbf5a8e6ff920142b553
* Tighten monitor state-machine flow for PAM callsDamien Miller2016-08-291-4/+17
| | | | (attack surface reduction)
* upstream commitdjm@openbsd.org2016-08-231-4/+1
| | | | | | | remove UseLogin option and support for having /bin/login manage login sessions; ok deraadt markus dtucker Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712
* upstream commitmarkus@openbsd.org2016-08-141-287/+18
| | | | | | remove ssh1 server code; ok djm@ Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
* upstream commitdjm@openbsd.org2016-07-221-4/+5
| | | | | | | move debug("%p", key) to before key is free'd; probable undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
* Handle PAM_MAXTRIES from modules.Darren Tucker2016-07-181-0/+5
| | | | | | | | | | | bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer password and keyboard-interative authentication methods. Should prevent "sshd ignoring max retries" warnings in the log. ok djm@ It probably won't trigger with keyboard-interactive in the default configuration because the retry counter is stored in module-private storage which goes away with the sshd PAM process (see bz#688). On the other hand, those cases probably won't log a warning either.
* upstream commitdjm@openbsd.org2016-05-021-1/+4
| | | | | | | | | | | | | | add support for additional fixed DH groups from draft-ietf-curdle-ssh-kex-sha2-03 diffie-hellman-group14-sha256 (2K group) diffie-hellman-group16-sha512 (4K group) diffie-hellman-group18-sha512 (8K group) based on patch from Mark D. Baushke and Darren Tucker ok markus@ Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
* upstream commitdjm@openbsd.org2016-05-021-11/+16
| | | | | | | | fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
* upstream commitdjm@openbsd.org2016-03-071-2/+3
| | | | | | | | | | refactor canohost.c: move functions that cache results closer to the places that use them (authn and session code). After this, no state is cached in canohost.c feedback and ok markus@ Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e
* upstream commitdjm@openbsd.org2016-02-161-5/+5
| | | | | | | memleak of algorithm name in mm_answer_sign; reported by Jakub Jelen Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
* upstream commitmarkus@openbsd.org2016-01-271-2/+1
| | | | | | remove roaming support; ok djm@ Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
* upstream commitmarkus@openbsd.org2015-12-071-5/+7
| | | | | | | | implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and draft-ssh-ext-info-04.txt; with & ok djm@ Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
* fix multiple authentication using S/Key w/ privsepDamien Miller2015-11-201-1/+2
| | | | bz#2502, patch from Kevin Korb and feandil_
* upstream commitmmcc@openbsd.org2015-10-251-3/+3
| | | | | | | | Compare pointers to NULL rather than 0. ok djm@ Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8
* upstream commitdjm@openbsd.org2015-09-041-2/+2
| | | | | | | don't record hostbased authentication hostkeys as user keys in test for multiple authentication with the same key Upstream-ID: 26b368fa2cff481f47f37e01b8da1ae5b57b1adc
* upstream commitjsg@openbsd.org2015-09-031-2/+2
| | | | | | | | | Fix occurrences of "r = func() != 0" which result in the wrong error codes being returned due to != having higher precedence than =. ok deraadt@ markus@ Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
* upstream commitderaadt@openbsd.org2015-08-221-8/+3
| | | | | | | Improve size == 0, count == 0 checking in mm_zalloc, which is "array" like. Discussed with tedu, millert, otto.... and ok djm Upstream-ID: 899b021be43b913fad3eca1aef44efe710c53e29
* set sshpam_ctxt to NULL after freeDamien Miller2015-08-111-1/+3
| | | | | Avoids use-after-free in monitor when privsep child is compromised. Reported by Moritz Jodeit; ok dtucker@
* Don't resend username to PAM; it already has it.Damien Miller2015-08-111-2/+0
| | | | Pointed out by Moritz Jodeit; ok dtucker@
* upstream commitdjm@openbsd.org2015-06-231-2/+2
| | | | | | | | Don't count successful partial authentication as failures in monitor; this may have caused the monitor to refuse multiple authentications that would otherwise have successfully completed; ok markus@ Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3
* upstream commitdjm@openbsd.org2015-05-101-2/+4
| | | | | | prevent authorized_keys options picked up on public key tests without a corresponding private key authentication being applied to other authentication methods. Reported by halex@, ok markus@
* upstream commitdjm@openbsd.org2015-05-101-6/+5
| | | | | | | | | | | Remove pattern length argument from match_pattern_list(), we only ever use it for strlen(pattern). Prompted by hanno AT hboeck.de pointing an out-of-bound read error caused by an incorrect pattern length found using AFL and his own tools. ok markus@
* upstream commitdjm@openbsd.org2015-04-291-1/+1
| | | | fix compilation with OPENSSL=no; ok dtucker@
* upstream commitdjm@openbsd.org2015-04-291-1/+4
| | | | | don't call record_login() in monitor when UseLogin is enabled; bz#278 reported by drk AT sgi.com; ok dtucker
* don't include stdint.h unless HAVE_STDINT_H setDamien Miller2015-02-231-0/+2
|
* Repair for non-ECC OpenSSL.Darren Tucker2015-02-221-0/+2
| | | | | Ifdef out the ECC parts when building with an OpenSSL that doesn't have it.
* upstream commitdjm@openbsd.org2015-02-201-4/+4
| | | | | | | | | | | | | | | | UpdateHostKeys fixes: I accidentally changed the format of the hostkeys@openssh.com messages last week without changing the extension name, and this has been causing connection failures for people who are running -current. First reported by sthen@ s/hostkeys@openssh.com/hostkeys-00@openssh.com/ Change the name of the proof message too, and reorder it a little. Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY available to read the response) so disable UpdateHostKeys if it is in ask mode and ControlPersist is active (and document this)
* repair --without-openssl; broken in refactorDamien Miller2015-02-181-0/+2
|
* upstream commitdjm@openbsd.org2015-02-161-6/+39
| | | | | | | | | | | | Revise hostkeys@openssh.com hostkey learning extension. The client will not ask the server to prove ownership of the private halves of any hitherto-unseen hostkeys it offers to the client. Allow UpdateHostKeys option to take an 'ask' argument to let the user manually review keys offered. ok markus@
* upstream commitmarkus@openbsd.org2015-02-161-6/+1
| | | | | make rekey_limit for sshd w/privsep work; ok djm@ dtucker@
* upstream commitmillert@openbsd.org2015-02-081-3/+3
| | | | | SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
* upstream commitderaadt@openbsd.org2015-01-261-2/+2
| | | | | Reduce use of <sys/param.h> and transition to <limits.h> throughout. ok djm markus
* upstream commitmarkus@openbsd.org2015-01-191-2/+2
| | | | adapt kex to sshbuf and struct ssh; ok djm@
* upstream commitmarkus@openbsd.org2015-01-191-228/+61
| | | | | | | | update packet.c & isolate, introduce struct ssh a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@
* upstream commitdjm@openbsd.org2015-01-151-18/+24
| | | | | move authfd.c and its tentacles to the new buffer/key API; ok markus@
* upstream commitdjm@openbsd.org2015-01-131-1/+13
| | | | | | add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes options to allow sshd to control what public key types will be accepted. Currently defaults to all. Feedback & ok markus@
* upstream commitdjm@openbsd.org2014-12-221-2/+8
| | | | | | | | | | remember which public keys have been used for authentication and refuse to accept previously-used keys. This allows AuthenticationMethods=publickey,publickey to require that users authenticate using two _different_ pubkeys. ok markus@
* - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauthDamien Miller2014-08-261-0/+3
| | | | monitor, not preauth; bz#2263
* - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller2014-07-181-2/+2
| | | | | | | | | | | | | | | | [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller2014-07-021-2/+3
| | | | | | | | | | | | | | | | | | | | | | | [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
* - markus@cvs.openbsd.org 2014/05/03 17:20:34Damien Miller2014-05-151-1/+3
| | | | | | | | [monitor.c packet.c packet.h] unbreak compression, by re-init-ing the compression code in the post-auth child. the new buffer code is more strict, and requires buffer_init() while the old code was happy after a bzero(); originally from djm@
* - markus@cvs.openbsd.org 2014/04/29 18:01:49Damien Miller2014-05-151-1/+22
| | | | | | | | | | [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] make compiling against OpenSSL optional (make OPENSSL=no); reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* - djm@cvs.openbsd.org 2014/02/02 03:44:32Damien Miller2014-02-041-4/+4
| | | | | | | | | | | [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
* - tedu@cvs.openbsd.org 2014/01/31 16:39:19Damien Miller2014-02-041-2/+2
| | | | | | | | | | [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] replace most bzero with explicit_bzero, except a few that cna be memset ok djm dtucker
* - djm@cvs.openbsd.org 2014/01/29 06:18:35Damien Miller2014-02-041-225/+1
| | | | | | | [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] remove experimental, never-enabled JPAKE code; ok markus@