| Commit message (Collapse) | Author | Files | Lines |
|---|
|
There's an extra error() call on the listen error path, it looks like
its removal was missed during an upstream sync.
|
|
Reduces diff vs OpenBSD by a small amount.
|
|
Portable had a few additional references to ChallengeResponse related to
UsePAM, replaces these with equivalent keyboard-interactive ones.
|
|
These were omitted from commit 88868fd131.
|
|
|
|
sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options
and are no longer used.
|
|
favour of KbdInteractiveAuthentication. The former is what was in SSHv1, the
latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but
not entirely equivalent. We retain the old name as deprecated alias so
config files continue to work and a reference in the man page for people
looking for it.
Prompted by bz#3303 which pointed out the discrepancy between the two
when used with Match. Man page help & ok jmc@, with & ok djm@
OpenBSD-Commit-ID: 2c1bff8e5c9852cfcdab1f3ea94dfef5a22f3b7e
|
|
get_random_bytes_prngd() is used if either of PRNGD_PORT or PRNGD_SOCKET
are defined, so adjust ifdef accordingly.
|
|
avoid unused static function warning
|
|
|
|
via bz3327 ok markus@
OpenBSD-Commit-ID: 0ea2e28f39750dd388b7e317bc43dd997a217ae8
|
|
via github PR#250, ok jmc@
OpenBSD-Commit-ID: 07ca3526626996613e128aeddf7748c93c4d6bbf
|
|
Previously sshd's SIGCHLD handler would wake up select() by writing a
byte to notify_pipe. We can remove this by blocking SIGCHLD, checking
for child terminations then passing the original signal mask through
to pselect. This ensures that the pselect will immediately wake up if
a child terminates between wait()ing on them and the pselect.
In -portable, for platforms that do not have pselect the kludge is still
there but is hidden behind a pselect interface.
Based on other changes for bz#2158, ok djm@
OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813
|
|
When built against tcmalloc, tcmalloc allocates a descriptor for its
internal use, so calling closefrom() afterward causes the descriptor
number to be reused resulting in a corrupted connection. Moving the
closefrom a little earlier should resolve this. From kircherlike at
outlook.com via bz#3321, ok djm@
|
|
When building --without-openssl the recent port-prngd.c change adds
a dependency on atomicio, but since nothing else in sftp-server uses
it, the linker may not find it. Add a second -lssh similar to other
binaries.
|
|
When built --without-openssl, try EGD/PRGGD (if configured) as a last
resort before failing.
|
|
This will allow us to use it when building --without-openssl.
|
|
When compiled in 32bit mode, the getgrouplist implementation may fail
for GIDs greater than LONG_MAX. Analysis and change from ralf.winkel
at tui.com.
|
|
OpenBSD-Regress-ID: 6bfb0d455d493f24839034a629c5306f84dbd409
|
|
created with a very restrictive umask. This resyncs with -portable.
OpenBSD-Regress-ID: 07fd2af06df759d4f64b82c59094accca1076a5d
|
|
permissions warning.
OpenBSD-Regress-ID: 382841db0ee28dfef7f7bffbd511803e1b8ab0ef
|
|
while handling active and unauthenticated clients. Should catch anything
similar to the pselect bug just fixed in sshd.c.
OpenBSD-Regress-ID: 3b3c19b5e75e43af1ebcb9586875b3ae3a4cac73
|
|
returns -1, eg if it was interrupted by a signal. This should prevent
the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has
an unauthenticated child and goes on to a blocking read on a notify_pipe.
feedback deraadt@, ok djm@
OpenBSD-Commit-ID: 0243c1c5544fca0974dae92cd4079543a3fceaa0
|
|
arguments; would have caught readconf.c r1.356 regression
OpenBSD-Regress-ID: 71ca54e66c2a0211b04999263e56390b1f323a6a
|
|
accepted multiple string arguments, ssh was only recording the first.
Reported by Lucas via bugs@
OpenBSD-Commit-ID: 7cbf182f7449bf1cb7c5b4452667dc2b41170d6d
|
|
OpenBSD-Regress-ID: 9fd1c4a27a409897437c010cfd79c54b639a059c
|
|
being overridden on the command line.
OpenBSD-Regress-ID: 801674d5d2d02abd58274a78cab2711f11de14a8
|
|
to test comment handling
OpenBSD-Regress-ID: cb82fbf40bda5c257a9f742c63b1798e5a8fdda7
|
|
OpenBSD-Regress-ID: 5300f6faf1d9e99c0cd10827b51756c5510e3509
|
|
as in the main config section
OpenBSD-Regress-ID: ebe0a686621b7cb8bb003ac520975279c28747f7
|
|
a config that has {Allow,Deny}{Users,Groups} on a line with no subsequent
arguments. Such lines are permitted but are nonsensical noops ATM
OpenBSD-Regress-ID: ef65463fcbc0bd044e27f3fe400ea56eb4b8f650
|
|
similar to the previous commit, this switches sshd_config parsing to
the newer tokeniser. Config parsing will be a little stricter wrt
quote correctness and directives appearing without arguments.
feedback and ok markus@
tested in snaps for the last five or so days - thanks Theo and those who
caught bugs
OpenBSD-Commit-ID: 9c4305631d20c2d194661504ce11e1f68b20d93e
|
|
This fixes a couple of problems with the previous tokeniser,
strdelim()
1. strdelim() is permissive wrt accepting '=' characters. This is
intended to allow it to tokenise "Option=value" but because it
cannot keep state, it will incorrectly split "Opt=val=val2".
2. strdelim() has rudimentry handling of quoted strings, but it
is incomplete and inconsistent. E.g. it doesn't handle escaped
quotes inside a quoted string.
3. It has no support for stopping on a (unquoted) comment. Because
of this readconf.c r1.343 added chopping of lines at '#', but
this caused a regression because these characters may legitimately
appear inside quoted strings.
The new tokeniser is stricter is a number of cases, including #1 above
but previously it was also possible for some directives to appear
without arguments. AFAIK these were nonsensical in all cases, and the
new tokeniser refuses to accept them.
The new code handles quotes much better, permitting quoted space as
well as escaped closing quotes. Finally, comment handling should be
fixed - the tokeniser will terminate only on unquoted # characters.
feedback & ok markus@
tested in snaps for the last five or so days - thanks Theo and those who
caught bugs
OpenBSD-Commit-ID: dc72fd12af9d5398f4d9e159d671f9269c5b14d5
|
|
overriding. Prevents values in config files from overriding values supplied
on the command line. bz#3319, ok markus.
OpenBSD-Commit-ID: f3b08b898c324debb9195e6865d8999406938f74
|
|
when it encounters an unquoted comment.
Add some additional utility function for working with argument
vectors, since we'll be switching to using them to parse
ssh/sshd_config shortly.
ok markus@ as part of a larger diff; tested in snaps
OpenBSD-Commit-ID: fd9c108cef2f713f24e3bc5848861d221bb3a1ac
|
|
|
|
|
|
certificate being attempted for user authentication. Previously it would
print the certificate's path, whereas it was supposed to be showing the
private key's path. Patch from Alex Sherwin via GHPR247
OpenBSD-Commit-ID: d5af3be66d0f22c371dc1fe6195e774a18b2327b
|
|
keys. Allows use of certificates with private keys held in a ssh-agent.
Reported by Miles Zhou in bz3524; ok dtucker@
OpenBSD-Commit-ID: 25f5bf70003126d19162862d9eb380bf34bac22a
|
|
allows RSA/SHA2 signatures for public key authentication but fails to
advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse
to offer valid keys.
Reported by and based on patch from Gordon Messmer via bz3213, thanks
also for additional analysis by Jakub Jelen. ok dtucker
OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7
|
|
limits@openssh.com extension but fails when the client tries to invoke it.
Reported by Hector Martin via bz3318
OpenBSD-Commit-ID: bd9d1839c41811616ede4da467e25746fcd9b967
|
|
as an operation that writes to the filesystem, which made it unavailable in
sftp-server read-only mode. Spotted by Hector Martin via bz3318
OpenBSD-Commit-ID: f054465230787e37516c4b57098fc7975e00f067
|
|
RFC
Also fix some typos.
ok djm@
OpenBSD-Commit-ID: 5e855b6c5a22b5b13f8ffa3897a868e40d349b44
|
|
Prevents leaking an implementation detail to the caller.
|
|
|
|
This is basically the existing notify_pipe kludge from serverloop.c
moved behind a pselect interface. It works by installing a signal
handler that writes to a pipe that the select is watching, then calls
the original handler.
The select call in serverloop will become pselect soon, at which point the
kludge will be removed from thereand will only exist in the compat layer.
Original code by markus, help from djm.
|
|
By design, 'partial' logins are successful logins, so initially with
authenticated set to 1, for which another authentication is required. As
a result, authenticated is always reset to 0 when partial is set to 1.
However, even if authenticated is 0, those are not failed login
attempts, similarly to attempts with authctxt->postponed set to 1.
|
|
function definitions and not a statement, so there should be no semicolon
following them. Patch from Michael Forney
OpenBSD-Commit-ID: c975dd180580f0bdc0a4d5b7d41ab1f5e9b7bedd
|
|
stuff, de-wrapping the example lines and better aligning the examples with
common usage and FAQs; ok jmc
OpenBSD-Commit-ID: d59f1c9281f828148e2a2e49eb9629266803b75c
|
|
OpenBSD-Commit-ID: 8b8cc0124856bc1094949d55615e5c44390bcb22
|
