summaryrefslogtreecommitdiffstats
path: root/servconf.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Start the process of splitting sshd into separatedjm@openbsd.org2024-05-171-96/+11
| | | | | | | | | | | | | | | | | | | | binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out. OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
* upstream: Separate parsing of string array options from applying themdjm@openbsd.org2024-03-041-56/+110
| | | | | | | | | | | | | to the active configuration. This fixes the config parser from erroneously rejecting cases like: AuthenticationMethods password Match User ivy AuthenticationMethods any bz3657 ok markus@ OpenBSD-Commit-ID: 7f196cba634c2a3dba115f3fac3c4635a2199491
* upstream: don't append a gratuitous space to the end of subsystemdjm@openbsd.org2024-02-201-2/+2
| | | | | | arguments; bz3667 OpenBSD-Commit-ID: e11023aeb3f30b77a674e37b8292c862926d5dc6
* upstream: add ChannelTimeout support to the client, mirroring thedjm@openbsd.org2023-10-121-36/+4
| | | | | | same option in the server. ok markus@ OpenBSD-Commit-ID: 55630b26f390ac063980cfe7ad8c54b03284ef02
* upstream: fix sizeof(*ptr) instead sizeof(ptr) in realloc (pointer heredjm@openbsd.org2023-09-081-7/+7
| | | | | | is char**, so harmless); spotted in CID 416964 OpenBSD-Commit-ID: c61caa4a5a667ee20bb1042098861e6c72c69002
* upstream: allow override of Sybsystem directives in sshd Matchdjm@openbsd.org2023-09-071-2/+46
| | | | | | blocks OpenBSD-Commit-ID: 3911d18a826a2d2fe7e4519075cf3e57af439722
* upstream: allocate the subsystems array as necessary and remove thedjm@openbsd.org2023-09-071-5/+13
| | | | | | | fixed limit of subsystems. Saves a few kb of memory in the server and makes it more like the other options. OpenBSD-Commit-ID: e683dfca6bdcbc3cc339bb6c6517c0c4736a547f
* upstream: preserve quoting of Subsystem commands and arguments.djm@openbsd.org2023-09-071-13/+11
| | | | | | | This may change behaviour of exotic configurations, but the most common subsystem configuration (sftp-server) is unlikely to be affected. OpenBSD-Commit-ID: 8ffa296aeca981de5b0945242ce75aa6dee479bf
* upstream: downgrade duplicate Subsystem directives from being adjm@openbsd.org2023-09-071-6/+15
| | | | | | | fatal error to being a debug message to match behaviour with just about all other directives. OpenBSD-Commit-ID: fc90ed2cc0c18d4eb8e33d2c5e98d25f282588ce
* upstream: make PerSourceMaxStartups first-match-wins; ok dtucker@djm@openbsd.org2023-08-291-2/+2
| | | | OpenBSD-Commit-ID: dac0c24cb709e3c595b8b4f422a0355dc5a3b4e7
* upstream: move other RCSIDs to before their respective license blocksdjm@openbsd.org2023-07-171-2/+1
| | | | | | too no code change OpenBSD-Commit-ID: ef5bf46b57726e4260a63b032b0b5ac3b4fe9cd4
* upstream: better validate CASignatureAlgorithms in ssh_config anddjm@openbsd.org2023-06-211-2/+8
| | | | | | | | | | | sshd_config. Previously this directive would accept certificate algorithm names, but these were unusable in practice as OpenSSH does not support CA chains. part of bz3577; ok dtucker@ OpenBSD-Commit-ID: a992d410c8a78ec982701bc3f91043dbdb359912
* upstream: Store timeouts as int, not u_int as they are limited tomillert@openbsd.org2023-06-201-4/+5
| | | | | | | INT_MAX. Fixes sign compare warnings systems with 32-bit time_t due to type promotion. OK djm@ OpenBSD-Commit-ID: 48081e9ad35705c5f1705711704a4c2ff94e87b7
* upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommanddjm@openbsd.org2023-05-251-2/+2
| | | | | | | appears previously in configuration. Reported by John Meyers in bz3574 ok dtucker@ OpenBSD-Commit-ID: 1c92e4517284386703936e1d3abaa36cfacf1951
* upstream: Remove unused compat.h includes.dtucker@openbsd.org2023-03-051-2/+1
| | | | | | | | We've previously removed a lot of the really old compatibility code, and with it went the need to include compat.h in most of the files that have it. OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
* upstream: actually print "channeltimeout none" in config dump mode;djm@openbsd.org2023-03-031-3/+11
| | | | | | spotted via Coverity CID 405022 OpenBSD-Commit-ID: b074b52bf138b75f08264e8da15880b29c7a630f
* upstream: Add a sshd_config UnusedConnectionTimeout option to terminatedjm@openbsd.org2023-01-171-2/+23
| | | | | | | | | | client connections that have no open channels for some length of time. This complements the recently-added ChannelTimeout option that terminates inactive channels after a timeout. ok markus@ OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
* upstream: Implement channel inactivity timeoutsdjm@openbsd.org2023-01-061-10/+100
| | | | | | | | | | | | | | | This adds a sshd_config ChannelTimeouts directive that allows channels that have not seen traffic in a configurable interval to be automatically closed. Different timeouts may be applied to session, X11, agent and TCP forwarding channels. Note: this only affects channels over an opened SSH connection and not the connection itself. Most clients close the connection when their channels go away, with a notable exception being ssh(1) in multiplexing mode. ok markus dtucker OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
* upstream: Remove some set but otherwise unused variables, spotteddtucker@openbsd.org2022-11-071-3/+2
| | | | | | in -portable by clang 16's -Wunused-but-set-variable. ok djm@ OpenBSD-Commit-ID: 3d943ddf2369b38fbf89f5f19728e7dc1daf3982
* upstream: Check for and disallow MaxStartups values less than ordtucker@openbsd.org2022-11-071-1/+5
| | | | | | | equal to zero during config parsing, rather than faling later at runtime. bz#3489, ok djm@ OpenBSD-Commit-ID: d79c2b7a8601eb9be493629a91245d761154308b
* upstream: Add RequiredRSASize for sshd(8); RSA keys that falldjm@openbsd.org2022-09-171-1/+12
| | | | | | | | beneath this limit will be ignored for user and host-based authentication. Feedback deraadt@ ok markus@ OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
* upstream: Make SetEnv directives first-match-wins in bothdjm@openbsd.org2022-06-031-1/+7
| | | | | | | | | | | sshd_config and sshd_config; previously if the same name was reused then the last would win (which is the opposite to how the config is supposed to work). While there, make the ssh_config parsing more like sshd_config. bz3438, ok dtucker OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
* upstream: don't try to resolve ListenAddress directives in the sshddjm@openbsd.org2022-03-201-4/+5
| | | | | | | | re-exec path - we're never going to use the result and if the operation fails then it can prevent connections from being accepted. Reported by Aaron Poffenberger; with / ok dtucker@ OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
* upstream: Switch hpdelim interface to accept only ":" as delimiter.dtucker@openbsd.org2022-02-101-12/+9
| | | | | | | | | | Historicallly, hpdelim accepted ":" or "/" as a port delimiter between hosts (or addresses) and ports. These days most of the uses for "/" are no longer accepted, so there are several places where it checks the delimiter to disallow it. Make hpdelim accept only ":" and use hpdelim2 in the other cases. ok djm@ OpenBSD-Commit-ID: 7e6420bd1be87590b6840973f5ad5305804e3102
* upstream: revision 1.381 neglected to removemillert@openbsd.org2021-09-071-4/+3
| | | | | | | sChallengeResponseAuthentication from the enum. Noticed by christos@zoulas.com. OK dtucker@ OpenBSD-Commit-ID: b533283a4dd6d04a867da411a4c7a8fbc90e34ff
* Remove now-unused SSHv1 enums.Darren Tucker2021-07-021-1/+0
| | | | | sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options and are no longer used.
* upstream: Remove references to ChallengeResponseAuthentication indtucker@openbsd.org2021-07-021-13/+4
| | | | | | | | | | | | | favour of KbdInteractiveAuthentication. The former is what was in SSHv1, the latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but not entirely equivalent. We retain the old name as deprecated alias so config files continue to work and a reference in the man page for people looking for it. Prompted by bz#3303 which pointed out the discrepancy between the two when used with Match. Man page help & ok jmc@, with & ok djm@ OpenBSD-Commit-ID: 2c1bff8e5c9852cfcdab1f3ea94dfef5a22f3b7e
* upstream: switch sshd_config parsing to argv_split()djm@openbsd.org2021-06-081-283/+331
| | | | | | | | | | | | | similar to the previous commit, this switches sshd_config parsing to the newer tokeniser. Config parsing will be a little stricter wrt quote correctness and directives appearing without arguments. feedback and ok markus@ tested in snaps for the last five or so days - thanks Theo and those who caught bugs OpenBSD-Commit-ID: 9c4305631d20c2d194661504ce11e1f68b20d93e
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-7/+7
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: Add ModuliFile keyword to sshd_config to specify thedtucker@openbsd.org2021-03-131-2/+10
| | | | | | | | location of the "moduli" file containing the groups for DH-GEX. This will allow us to run tests against arbitrary moduli files without having to install them. ok djm@ OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
* upstream: Put obsolete aliases for hostbasedalgorithms anddtucker@openbsd.org2021-02-241-3/+3
| | | | | | | pubkeyacceptedalgorithms after their current names so that the config-dump mode finds and uses the current names. Spotted by Phil Pennock. OpenBSD-Commit-ID: 5dd10e93cccfaff3aaaa09060c917adff04a9b15
* upstream: factor out opt_array_append; ok djm@markus@openbsd.org2021-02-171-41/+15
| | | | OpenBSD-Commit-ID: 571bc5dd35f99c5cf9de6aaeac428b168218e74a
* upstream: Rename HostbasedKeyTypes (ssh) anddtucker@openbsd.org2021-01-261-8/+9
| | | | | | | | | HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more accurately reflects its effect. This matches a previous change to PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok djm@ OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e
* upstream: Rename PubkeyAcceptedKeyTypes keyword todtucker@openbsd.org2021-01-221-12/+13
| | | | | | | | | | PubkeyAcceptedAlgorithms. While the two were originally equivalent, this actually specifies the signature algorithms that are accepted. Some key types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is becoming increasingly misleading. The old name is retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@ OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5
* upstream: Correct spelling of persourcenetblocksize in config-dumpdtucker@openbsd.org2021-01-111-2/+2
| | | | | | mode. OpenBSD-Commit-ID: ecdc49e2b6bde6b6b0e52163d621831f6ac7b13d
* upstream: Add PerSourceMaxStartups and PerSourceNetBlockSizedtucker@openbsd.org2021-01-111-2/+59
| | | | | | | options which provide more fine grained MaxStartups limits. Man page help jmc@, feedback & ok djm@ OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-18/+16
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: LogVerbose keyword for ssh and sshddjm@openbsd.org2020-10-161-2/+17
| | | | | | | | | Allows forcing maximum debug logging by file/function/line pattern- lists. ok markus@ OpenBSD-Commit-ID: c294c25732d1b4fe7e345cb3e044df00531a6356
* Remove HAVE_MMAP and BROKEN_MMAPSebastian Andrzej Siewior2020-09-111-9/+0
| | | | | | | | | | | | | BROKEN_MMAP is no longer defined since commit 1cfd5c06efb12 ("Remove portability support for mmap") this commit also removed other HAVE_MMAP user. I didn't find anything that defines HAVE_MMAP. The check does not trigger because compression on server side is by default COMP_DELAYED (2) so it never triggers. Remove remaining HAVE_MMAP and BROKEN_MMAP bits. Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
* upstream: Check that the addresses supplied to Match Address anddtucker@openbsd.org2020-08-311-1/+8
| | | | | | | | Match LocalAddress are valid when parsing in config-test mode. This will catch address/mask mismatches before they cause problems at runtime. Found by Daniel Stocker, ok djm@ OpenBSD-Commit-ID: 2d0b10c69fad5d8fda4c703e7c6804935289378b
* upstream: support for requiring user verified FIDO keys in sshddjm@openbsd.org2020-08-271-1/+5
| | | | | | | | | | | | | This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the user identity before completing the signing/authentication attempt. Whether or not user verification was performed is already baked into the signature made on the FIDO token, so this is just plumbing that flag through and adding ways to require it. feedback and ok markus@ OpenBSD-Commit-ID: 3a2313aae153e043d57763d766bb6d55c4e276e6
* upstream: some language improvements; ok markusdjm@openbsd.org2020-07-151-11/+11
| | | | OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
* upstream: support loading big sshd_config files w/o realloc; okmarkus@openbsd.org2020-06-261-1/+7
| | | | | | djm OpenBSD-Commit-ID: ba9238e810074ac907f0cf8cee1737ac04983171
* upstream: fix Include before Match in sshd_config; bz#3122 patchdjm@openbsd.org2020-05-281-10/+21
| | | | | | from Jakub Jelen OpenBSD-Commit-ID: 1b0aaf135fe6732b5d326946042665dd3beba5f4
* upstream: Do not call process_queued_listen_addrs() for everydjm@openbsd.org2020-05-281-5/+5
| | | | | | included file from sshd_config; patch from Jakub Jelen OpenBSD-Commit-ID: 0ff603d6f06a7fab4881f12503b53024799d0a49
* Error out if given RDomain if unsupported.Darren Tucker2020-04-241-0/+6
| | | | | | | If the config contained 'RDomain %D' on a platform that did not support it, the error would not be detected until runtime resulting in a broken sshd. Detect this earlier and error out if found. bz#3126, based on a patch from jjelen at redhat.com, tweaks and ok djm@
* sys/sysctl.h is only used on OpenBSDDamien Miller2020-04-171-1/+1
| | | | | so change the preprocessor test used to include it to check __OpenBSD__, matching the code that uses the symbols it declares.
* upstream: make IgnoreRhosts a tri-state option: "yes" ignoredjm@openbsd.org2020-04-171-4/+13
| | | | | | | rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow .shosts files but not .rhosts. ok dtucker@ OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
* upstream: allow the IgnoreRhosts directive to appear anywhere in adjm@openbsd.org2020-04-171-2/+3
| | | | | | sshd_config, not just before any Match blocks; bz3148, ok dtucker@ OpenBSD-Commit-ID: e042467d703bce640b1f42c5d1a62bf3825736e8
* upstream: fix relative includes in sshd_config; ok djmmarkus@openbsd.org2020-03-131-2/+2
| | | | OpenBSD-Commit-ID: fa29b0da3c93cbc3a1d4c6bcd58af43c00ffeb5b
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 08:14:21 +0100