mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-23 16:01:42 +00:00
Vendor import of OpenSSH 5.9p1
This commit is contained in:
parent
c00cf9e642
commit
1e26c29b77
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/vendor-crypto/openssh/dist/; revision=225825 svn path=/vendor-crypto/openssh/5.9p1/; revision=225826; tag=vendor/openssh/5.9p1
484
ChangeLog
484
ChangeLog
@ -1,13 +1,463 @@
|
||||
20110403
|
||||
- (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
|
||||
[contrib/suse/openssh.spec] Prepare for 5.8p2 release.
|
||||
- (djm) [version.h] crank version
|
||||
- Release 5.8p2
|
||||
20110906
|
||||
- (djm) [README version.h] Correct version
|
||||
- (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon
|
||||
- (djm) Respin OpenSSH-5.9p1 release
|
||||
|
||||
20110905
|
||||
- (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
|
||||
[contrib/suse/openssh.spec] Update version numbers.
|
||||
|
||||
20110904
|
||||
- (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal
|
||||
regress errors for the sandbox to warnings. ok tim dtucker
|
||||
- (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations
|
||||
ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen
|
||||
support.
|
||||
|
||||
20110829
|
||||
- (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting
|
||||
to switch SELinux context away from unconfined_t, based on patch from
|
||||
Jan Chadima; bz#1919 ok dtucker@
|
||||
|
||||
20110827
|
||||
- (dtucker) [auth-skey.c] Add log.h to fix build --with-skey.
|
||||
|
||||
20110818
|
||||
- (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze
|
||||
|
||||
20110817
|
||||
- (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for
|
||||
OpenSSL 0.9.7. ok djm
|
||||
- (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
|
||||
binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen
|
||||
- (djm) [configure.ac] error out if the host lacks the necessary bits for
|
||||
an explicitly requested sandbox type
|
||||
- (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by
|
||||
bisson AT archlinux.org
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- dtucker@cvs.openbsd.org 2011/06/03 05:35:10
|
||||
[regress/cfgmatch.sh]
|
||||
use OBJ to find test configs, patch from Tim Rice
|
||||
- markus@cvs.openbsd.org 2011/06/30 22:44:43
|
||||
[regress/connect-privsep.sh]
|
||||
test with sandbox enabled; ok djm@
|
||||
- djm@cvs.openbsd.org 2011/08/02 01:23:41
|
||||
[regress/cipher-speed.sh regress/try-ciphers.sh]
|
||||
add SHA256/SHA512 based HMAC modes
|
||||
- (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2
|
||||
MAC tests for platforms that hack EVP_SHA2 support
|
||||
|
||||
20110812
|
||||
- (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context
|
||||
change error by reporting old and new context names Patch from
|
||||
jchadima at redhat.
|
||||
- (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init]
|
||||
[contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES
|
||||
init scrips from imorgan AT nas.nasa.gov; bz#1920
|
||||
- (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the
|
||||
identify file contained whitespace. bz#1828 patch from gwenael.lambrouin
|
||||
AT gmail.com; ok dtucker@
|
||||
|
||||
20110807
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- jmc@cvs.openbsd.org 2008/06/26 06:59:39
|
||||
[moduli.5]
|
||||
tweak previous;
|
||||
- sobrado@cvs.openbsd.org 2009/10/28 08:56:54
|
||||
[moduli.5]
|
||||
"Diffie-Hellman" is the usual spelling for the cryptographic protocol
|
||||
first published by Whitfield Diffie and Martin Hellman in 1976.
|
||||
ok jmc@
|
||||
- jmc@cvs.openbsd.org 2010/10/14 20:41:28
|
||||
[moduli.5]
|
||||
probabalistic -> probabilistic; from naddy
|
||||
- dtucker@cvs.openbsd.org 2011/08/07 12:55:30
|
||||
[sftp.1]
|
||||
typo, fix from Laurent Gautrot
|
||||
|
||||
20110805
|
||||
- OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/06/23 23:35:42
|
||||
[monitor.c]
|
||||
ignore EINTR errors from poll()
|
||||
- tedu@cvs.openbsd.org 2011/07/06 18:09:21
|
||||
[authfd.c]
|
||||
bzero the agent address. the kernel was for a while very cranky about
|
||||
these things. evne though that's fixed, always good to initialize
|
||||
memory. ok deraadt djm
|
||||
- djm@cvs.openbsd.org 2011/07/29 14:42:45
|
||||
[sandbox-systrace.c]
|
||||
fail open(2) with EPERM rather than SIGKILLing the whole process. libc
|
||||
will call open() to do strerror() when NLS is enabled;
|
||||
feedback and ok markus@
|
||||
- markus@cvs.openbsd.org 2011/08/01 19:18:15
|
||||
[gss-serv.c]
|
||||
prevent post-auth resource exhaustion (int overflow leading to 4GB malloc);
|
||||
report Adam Zabrock; ok djm@, deraadt@
|
||||
- djm@cvs.openbsd.org 2011/08/02 01:22:11
|
||||
[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5]
|
||||
Add new SHA256 and SHA512 based HMAC modes from
|
||||
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
|
||||
Patch from mdb AT juniper.net; feedback and ok markus@
|
||||
- djm@cvs.openbsd.org 2011/08/02 23:13:01
|
||||
[version.h]
|
||||
crank now, release later
|
||||
- djm@cvs.openbsd.org 2011/08/02 23:15:03
|
||||
[ssh.c]
|
||||
typo in comment
|
||||
|
||||
20110624
|
||||
- (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for
|
||||
Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing
|
||||
markus@
|
||||
|
||||
20110623
|
||||
- OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/06/22 21:47:28
|
||||
[servconf.c]
|
||||
reuse the multistate option arrays to pretty-print options for "sshd -T"
|
||||
- djm@cvs.openbsd.org 2011/06/22 21:57:01
|
||||
[servconf.c servconf.h sshd.c sshd_config.5]
|
||||
[configure.ac Makefile.in]
|
||||
introduce sandboxing of the pre-auth privsep child using systrace(4).
|
||||
|
||||
This introduces a new "UsePrivilegeSeparation=sandbox" option for
|
||||
sshd_config that applies mandatory restrictions on the syscalls the
|
||||
privsep child can perform. This prevents a compromised privsep child
|
||||
from being used to attack other hosts (by opening sockets and proxying)
|
||||
or probing local kernel attack surface.
|
||||
|
||||
The sandbox is implemented using systrace(4) in unsupervised "fast-path"
|
||||
mode, where a list of permitted syscalls is supplied. Any syscall not
|
||||
on the list results in SIGKILL being sent to the privsep child. Note
|
||||
that this requires a kernel with the new SYSTR_POLICY_KILL option.
|
||||
|
||||
UsePrivilegeSeparation=sandbox will become the default in the future
|
||||
so please start testing it now.
|
||||
|
||||
feedback dtucker@; ok markus@
|
||||
- djm@cvs.openbsd.org 2011/06/22 22:08:42
|
||||
[channels.c channels.h clientloop.c clientloop.h mux.c ssh.c]
|
||||
hook up a channel confirm callback to warn the user then requested X11
|
||||
forwarding was refused by the server; ok markus@
|
||||
- djm@cvs.openbsd.org 2011/06/23 09:34:13
|
||||
[sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c]
|
||||
[sandbox-null.c]
|
||||
rename sandbox.h => ssh-sandbox.h to make things easier for portable
|
||||
- (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support
|
||||
setrlimit(2)
|
||||
|
||||
20110620
|
||||
- OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/06/04 00:10:26
|
||||
[ssh_config.5]
|
||||
explain IdentifyFile's semantics a little better, prompted by bz#1898
|
||||
ok dtucker jmc
|
||||
- markus@cvs.openbsd.org 2011/06/14 22:49:18
|
||||
[authfile.c]
|
||||
make sure key_parse_public/private_rsa1() no longer consumes its input
|
||||
buffer. fixes ssh-add for passphrase-protected ssh1-keys;
|
||||
noted by naddy@; ok djm@
|
||||
- djm@cvs.openbsd.org 2011/06/17 21:44:31
|
||||
[log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
|
||||
make the pre-auth privsep slave log via a socketpair shared with the
|
||||
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
|
||||
- djm@cvs.openbsd.org 2011/06/17 21:46:16
|
||||
[sftp-server.c]
|
||||
the protocol version should be unsigned; bz#1913 reported by mb AT
|
||||
smartftp.com
|
||||
- djm@cvs.openbsd.org 2011/06/17 21:47:35
|
||||
[servconf.c]
|
||||
factor out multi-choice option parsing into a parse_multistate label
|
||||
and some support structures; ok dtucker@
|
||||
- djm@cvs.openbsd.org 2011/06/17 21:57:25
|
||||
[clientloop.c]
|
||||
setproctitle for a mux master that has been gracefully stopped;
|
||||
bz#1911 from Bert.Wesarg AT googlemail.com
|
||||
|
||||
20110603
|
||||
- (dtucker) [README version.h contrib/caldera/openssh.spec
|
||||
contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version
|
||||
bumps from the 5.8p2 branch into HEAD. ok djm.
|
||||
- (tim) [configure.ac defines.h] Run test program to detect system mail
|
||||
directory. Add --with-maildir option to override. Fixed OpenServer 6
|
||||
getting it wrong. Fixed many systems having MAIL=/var/mail//username
|
||||
ok dtucker
|
||||
- (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case. We use socketpair
|
||||
unconditionally in other places and the survey data we have does not show
|
||||
any systems that use it. "nuke it" djm@
|
||||
- (djm) [configure.ac] enable setproctitle emulation for OS X
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/06/03 00:54:38
|
||||
[ssh.c]
|
||||
bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg
|
||||
AT googlemail.com; ok dtucker@
|
||||
NB. includes additional portability code to enable setproctitle emulation
|
||||
on platforms that don't support it.
|
||||
- dtucker@cvs.openbsd.org 2011/06/03 01:37:40
|
||||
[ssh-agent.c]
|
||||
Check current parent process ID against saved one to determine if the parent
|
||||
has exited, rather than attempting to send a zero signal, since the latter
|
||||
won't work if the parent has changed privs. bz#1905, patch from Daniel Kahn
|
||||
Gillmor, ok djm@
|
||||
- dtucker@cvs.openbsd.org 2011/05/31 02:01:58
|
||||
[regress/dynamic-forward.sh]
|
||||
back out revs 1.6 and 1.5 since it's not reliable
|
||||
- dtucker@cvs.openbsd.org 2011/05/31 02:03:34
|
||||
[regress/dynamic-forward.sh]
|
||||
work around startup and teardown races; caught by deraadt
|
||||
- dtucker@cvs.openbsd.org 2011/06/03 00:29:52
|
||||
[regress/dynamic-forward.sh]
|
||||
Retry establishing the port forwarding after a small delay, should make
|
||||
the tests less flaky when the previous test is slow to shut down and free
|
||||
up the port.
|
||||
- (tim) [regress/cfgmatch.sh] Build/test out of tree fix.
|
||||
|
||||
20110529
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/05/23 03:30:07
|
||||
[auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c]
|
||||
[pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
|
||||
allow AuthorizedKeysFile to specify multiple files, separated by spaces.
|
||||
Bring back authorized_keys2 as a default search path (to avoid breaking
|
||||
existing users of this file), but override this in sshd_config so it will
|
||||
be no longer used on fresh installs. Maybe in 2015 we can remove it
|
||||
entierly :)
|
||||
|
||||
feedback and ok markus@ dtucker@
|
||||
- djm@cvs.openbsd.org 2011/05/23 03:33:38
|
||||
[auth.c]
|
||||
make secure_filename() spam debug logs less
|
||||
- djm@cvs.openbsd.org 2011/05/23 03:52:55
|
||||
[sshconnect.c]
|
||||
remove extra newline
|
||||
- jmc@cvs.openbsd.org 2011/05/23 07:10:21
|
||||
[sshd.8 sshd_config.5]
|
||||
tweak previous; ok djm
|
||||
- djm@cvs.openbsd.org 2011/05/23 07:24:57
|
||||
[authfile.c]
|
||||
read in key comments for v.2 keys (though note that these are not
|
||||
passed over the agent protocol); bz#439, based on patch from binder
|
||||
AT arago.de; ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/24 07:15:47
|
||||
[readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c]
|
||||
Remove undocumented legacy options UserKnownHostsFile2 and
|
||||
GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile
|
||||
accept multiple paths per line and making their defaults include
|
||||
known_hosts2; ok markus
|
||||
- djm@cvs.openbsd.org 2011/05/23 03:31:31
|
||||
[regress/cfgmatch.sh]
|
||||
include testing of multiple/overridden AuthorizedKeysFiles
|
||||
refactor to simply daemon start/stop and get rid of racy constructs
|
||||
|
||||
20110520
|
||||
- (djm) [session.c] call setexeccon() before executing passwd for pw
|
||||
changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@
|
||||
- (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options
|
||||
options, we should corresponding -W-option when trying to determine
|
||||
whether it is accepted. Also includes a warning fix on the program
|
||||
fragment uses (bad main() return type).
|
||||
bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@
|
||||
- (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2
|
||||
- OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/05/15 08:09:01
|
||||
[authfd.c monitor.c serverloop.c]
|
||||
use FD_CLOEXEC consistently; patch from zion AT x96.org
|
||||
- djm@cvs.openbsd.org 2011/05/17 07:13:31
|
||||
[key.c]
|
||||
fatal() if asked to generate a legacy ECDSA cert (these don't exist)
|
||||
and fix the regress test that was trying to generate them :)
|
||||
- djm@cvs.openbsd.org 2011/05/20 00:55:02
|
||||
[servconf.c]
|
||||
the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile
|
||||
and AuthorizedPrincipalsFile were not being correctly applied in
|
||||
Match blocks, despite being overridable there; ok dtucker@
|
||||
- dtucker@cvs.openbsd.org 2011/05/20 02:00:19
|
||||
[servconf.c]
|
||||
Add comment documenting what should be after the preauth check. ok djm
|
||||
- djm@cvs.openbsd.org 2011/05/20 03:25:45
|
||||
[monitor.c monitor_wrap.c servconf.c servconf.h]
|
||||
use a macro to define which string options to copy between configs
|
||||
for Match. This avoids problems caused by forgetting to keep three
|
||||
code locations in perfect sync and ordering
|
||||
|
||||
"this is at once beautiful and horrible" + ok dtucker@
|
||||
- djm@cvs.openbsd.org 2011/05/17 07:13:31
|
||||
[regress/cert-userkey.sh]
|
||||
fatal() if asked to generate a legacy ECDSA cert (these don't exist)
|
||||
and fix the regress test that was trying to generate them :)
|
||||
- djm@cvs.openbsd.org 2011/05/20 02:43:36
|
||||
[cert-hostkey.sh]
|
||||
another attempt to generate a v00 ECDSA key that broke the test
|
||||
ID sync only - portable already had this somehow
|
||||
- dtucker@cvs.openbsd.org 2011/05/20 05:19:50
|
||||
[dynamic-forward.sh]
|
||||
Prevent races in dynamic forwarding test; ok djm
|
||||
- dtucker@cvs.openbsd.org 2011/05/20 06:32:30
|
||||
[dynamic-forward.sh]
|
||||
fix dumb error in dynamic-forward test
|
||||
|
||||
20110515
|
||||
- (djm) OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/05/05 05:12:08
|
||||
[mux.c]
|
||||
gracefully fall back when ControlPath is too large for a
|
||||
sockaddr_un. ok markus@ as part of a larger diff
|
||||
- dtucker@cvs.openbsd.org 2011/05/06 01:03:35
|
||||
[sshd_config]
|
||||
clarify language about overriding defaults. bz#1892, from Petr Cerny
|
||||
- djm@cvs.openbsd.org 2011/05/06 01:09:53
|
||||
[sftp.1]
|
||||
mention that IPv6 addresses must be enclosed in square brackets;
|
||||
bz#1845
|
||||
- djm@cvs.openbsd.org 2011/05/06 02:05:41
|
||||
[sshconnect2.c]
|
||||
fix memory leak; bz#1849 ok dtucker@
|
||||
- djm@cvs.openbsd.org 2011/05/06 21:14:05
|
||||
[packet.c packet.h]
|
||||
set traffic class for IPv6 traffic as we do for IPv4 TOS;
|
||||
patch from lionel AT mamane.lu via Colin Watson in bz#1855;
|
||||
ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/06 21:18:02
|
||||
[ssh.c ssh_config.5]
|
||||
add a %L expansion (short-form of the local host name) for ControlPath;
|
||||
sync some more expansions with LocalCommand; ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/06 21:31:38
|
||||
[readconf.c ssh_config.5]
|
||||
support negated Host matching, e.g.
|
||||
|
||||
Host *.example.org !c.example.org
|
||||
User mekmitasdigoat
|
||||
|
||||
Will match "a.example.org", "b.example.org", but not "c.example.org"
|
||||
ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/06 21:34:32
|
||||
[clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5]
|
||||
Add a RequestTTY ssh_config option to allow configuration-based
|
||||
control over tty allocation (like -t/-T); ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/06 21:38:58
|
||||
[ssh.c]
|
||||
fix dropping from previous diff
|
||||
- djm@cvs.openbsd.org 2011/05/06 22:20:10
|
||||
[PROTOCOL.mux]
|
||||
fix numbering; from bert.wesarg AT googlemail.com
|
||||
- jmc@cvs.openbsd.org 2011/05/07 23:19:39
|
||||
[ssh_config.5]
|
||||
- tweak previous
|
||||
- come consistency fixes
|
||||
ok djm
|
||||
- jmc@cvs.openbsd.org 2011/05/07 23:20:25
|
||||
[ssh.1]
|
||||
+.It RequestTTY
|
||||
- djm@cvs.openbsd.org 2011/05/08 12:52:01
|
||||
[PROTOCOL.mux clientloop.c clientloop.h mux.c]
|
||||
improve our behaviour when TTY allocation fails: if we are in
|
||||
RequestTTY=auto mode (the default), then do not treat at TTY
|
||||
allocation error as fatal but rather just restore the local TTY
|
||||
to cooked mode and continue. This is more graceful on devices that
|
||||
never allocate TTYs.
|
||||
|
||||
If RequestTTY is set to "yes" or "force", then failure to allocate
|
||||
a TTY is fatal.
|
||||
|
||||
ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/10 05:46:46
|
||||
[authfile.c]
|
||||
despam debug() logs by detecting that we are trying to load a private key
|
||||
in key_try_load_public() and returning early; ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/11 04:47:06
|
||||
[auth.c auth.h auth2-pubkey.c pathnames.h servconf.c servconf.h]
|
||||
remove support for authorized_keys2; it is a relic from the early days
|
||||
of protocol v.2 support and has been undocumented for many years;
|
||||
ok markus@
|
||||
- djm@cvs.openbsd.org 2011/05/13 00:05:36
|
||||
[authfile.c]
|
||||
warn on unexpected key type in key_parse_private_type()
|
||||
- (djm) [packet.c] unbreak portability #endif
|
||||
|
||||
20110510
|
||||
- (dtucker) [openbsd-compat/openssl-compat.{c,h}] Bug #1882: fix
|
||||
--with-ssl-engine which was broken with the change from deprecated
|
||||
SSLeay_add_all_algorithms(). ok djm
|
||||
|
||||
20110506
|
||||
- (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1875: add prototype
|
||||
for closefrom() in test code. Report from Dan Wallis via Gentoo.
|
||||
|
||||
20110505
|
||||
- (djm) [defines.h] Move up include of netinet/ip.h for IPTOS
|
||||
definitions. From des AT des.no
|
||||
- (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
|
||||
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
|
||||
[ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
|
||||
[ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
|
||||
[regress/README.regress] Remove ssh-rand-helper and all its
|
||||
tentacles. PRNGd seeding has been rolled into entropy.c directly.
|
||||
Thanks to tim@ for testing on affected platforms.
|
||||
- OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/03/10 02:52:57
|
||||
[auth2-gss.c auth2.c auth.h]
|
||||
allow GSSAPI authentication to detect when a server-side failure causes
|
||||
authentication failure and don't count such failures against MaxAuthTries;
|
||||
bz#1244 from simon AT sxw.org.uk; ok markus@ before lock
|
||||
- okan@cvs.openbsd.org 2011/03/15 10:36:02
|
||||
[ssh-keyscan.c]
|
||||
use timerclear macro
|
||||
ok djm@
|
||||
- stevesk@cvs.openbsd.org 2011/03/23 15:16:22
|
||||
[ssh-keygen.1 ssh-keygen.c]
|
||||
Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa)
|
||||
for which host keys do not exist, generate the host keys with the
|
||||
default key file path, an empty passphrase, default bits for the key
|
||||
type, and default comment. This will be used by /etc/rc to generate
|
||||
new host keys. Idea from deraadt.
|
||||
ok deraadt
|
||||
- stevesk@cvs.openbsd.org 2011/03/23 16:24:56
|
||||
[ssh-keygen.1]
|
||||
-q not used in /etc/rc now so remove statement.
|
||||
- stevesk@cvs.openbsd.org 2011/03/23 16:50:04
|
||||
[ssh-keygen.c]
|
||||
remove -d, documentation removed >10 years ago; ok markus
|
||||
- jmc@cvs.openbsd.org 2011/03/24 15:29:30
|
||||
[ssh-keygen.1]
|
||||
zap trailing whitespace;
|
||||
- stevesk@cvs.openbsd.org 2011/03/24 22:14:54
|
||||
[ssh-keygen.c]
|
||||
use strcasecmp() for "clear" cert permission option also; ok djm
|
||||
- stevesk@cvs.openbsd.org 2011/03/29 18:54:17
|
||||
[misc.c misc.h servconf.c]
|
||||
print ipqos friendly string for sshd -T; ok markus
|
||||
# sshd -Tf sshd_config|grep ipqos
|
||||
ipqos lowdelay throughput
|
||||
- djm@cvs.openbsd.org 2011/04/12 04:23:50
|
||||
[ssh-keygen.c]
|
||||
fix -Wshadow
|
||||
- djm@cvs.openbsd.org 2011/04/12 05:32:49
|
||||
[sshd.c]
|
||||
exit with 0 status on SIGTERM; bz#1879
|
||||
- djm@cvs.openbsd.org 2011/04/13 04:02:48
|
||||
[ssh-keygen.1]
|
||||
improve wording; bz#1861
|
||||
- djm@cvs.openbsd.org 2011/04/13 04:09:37
|
||||
[ssh-keygen.1]
|
||||
mention valid -b sizes for ECDSA keys; bz#1862
|
||||
- djm@cvs.openbsd.org 2011/04/17 22:42:42
|
||||
[PROTOCOL.mux clientloop.c clientloop.h mux.c ssh.1 ssh.c]
|
||||
allow graceful shutdown of multiplexing: request that a mux server
|
||||
removes its listener socket and refuse future multiplexing requests;
|
||||
ok markus@
|
||||
- djm@cvs.openbsd.org 2011/04/18 00:46:05
|
||||
[ssh-keygen.c]
|
||||
certificate options are supposed to be packed in lexical order of
|
||||
option name (though we don't actually enforce this at present).
|
||||
Move one up that was out of sequence
|
||||
- djm@cvs.openbsd.org 2011/05/04 21:15:29
|
||||
[authfile.c authfile.h ssh-add.c]
|
||||
allow "ssh-add - < key"; feedback and ok markus@
|
||||
- (tim) [configure.ac] Add AC_LANG_SOURCE to OPENSSH_CHECK_CFLAG_COMPILE
|
||||
so autoreconf 2.68 is happy.
|
||||
- (tim) [defines.h] Deal with platforms that do not have S_IFSOCK ok djm@
|
||||
|
||||
20110329
|
||||
- (djm) [entropy.c] closefrom() before running ssh-rand-helper; leftover fds
|
||||
noticed by tmraz AT redhat.com
|
||||
|
||||
20110221
|
||||
- (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
|
||||
Cygwin-specific service installer script ssh-host-config. The actual
|
||||
@ -19,6 +469,13 @@
|
||||
The new script also is more thorough to inform the user why the
|
||||
script failed. Patch from vinschen at redhat com.
|
||||
|
||||
20110218
|
||||
- OpenBSD CVS Sync
|
||||
- djm@cvs.openbsd.org 2011/02/16 00:31:14
|
||||
[ssh-keysign.c]
|
||||
make hostbased auth with ECDSA keys work correctly. Based on patch
|
||||
by harvey.eneman AT oracle.com in bz#1858; ok markus@ (pre-lock)
|
||||
|
||||
20110206
|
||||
- (dtucker) [openbsd-compat/port-linux.c] Bug #1851: fix syntax error in
|
||||
selinux code. Patch from Leonardo Chiquitto
|
||||
@ -46,6 +503,14 @@
|
||||
succeeded before using its result. Patch from cjwatson AT debian.org;
|
||||
bz#1851
|
||||
|
||||
20110127
|
||||
- (tim) [config.guess config.sub] Sync with upstream.
|
||||
- (tim) [configure.ac] Consistent M4 quoting throughout, updated obsolete
|
||||
AC_TRY_COMPILE with AC_COMPILE_IFELSE, updated obsolete AC_TRY_LINK with
|
||||
AC_LINK_IFELSE, updated obsolete AC_TRY_RUN with AC_RUN_IFELSE, misc white
|
||||
space changes for consistency/readability. Makes autoconf 2.68 happy.
|
||||
"Nice work" djm
|
||||
|
||||
20110125
|
||||
- (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c
|
||||
openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to
|
||||
@ -1256,4 +1721,3 @@
|
||||
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
|
||||
|
||||
ok markus@
|
||||
|
||||
|
6
INSTALL
6
INSTALL
@ -16,9 +16,7 @@ The remaining items are optional.
|
||||
|
||||
NB. If you operating system supports /dev/random, you should configure
|
||||
OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of
|
||||
/dev/random, or failing that, either prngd or egd. If you don't have
|
||||
any of these you will have to rely on ssh-rand-helper, which is inferior
|
||||
to a good kernel-based solution or prngd.
|
||||
/dev/random, or failing that, either prngd or egd
|
||||
|
||||
PRNGD:
|
||||
|
||||
@ -262,4 +260,4 @@ Please refer to the "reporting bugs" section of the webpage at
|
||||
http://www.openssh.com/
|
||||
|
||||
|
||||
$Id: INSTALL,v 1.85 2010/02/11 22:34:22 djm Exp $
|
||||
$Id: INSTALL,v 1.86 2011/05/05 03:48:37 djm Exp $
|
||||
|
55
Makefile.in
55
Makefile.in
@ -1,4 +1,4 @@
|
||||
# $Id: Makefile.in,v 1.320.4.1 2011/02/04 00:42:13 djm Exp $
|
||||
# $Id: Makefile.in,v 1.325 2011/08/05 20:15:18 djm Exp $
|
||||
|
||||
# uncomment if you run a non bourne compatable shell. Ie. csh
|
||||
#SHELL = @SH@
|
||||
@ -26,7 +26,6 @@ ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
|
||||
SFTP_SERVER=$(libexecdir)/sftp-server
|
||||
SSH_KEYSIGN=$(libexecdir)/ssh-keysign
|
||||
SSH_PKCS11_HELPER=$(libexecdir)/ssh-pkcs11-helper
|
||||
RAND_HELPER=$(libexecdir)/ssh-rand-helper
|
||||
PRIVSEP_PATH=@PRIVSEP_PATH@
|
||||
SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@
|
||||
STRIP_OPT=@STRIP_OPT@
|
||||
@ -39,7 +38,6 @@ PATHS= -DSSHDIR=\"$(sysconfdir)\" \
|
||||
-D_PATH_SSH_PKCS11_HELPER=\"$(SSH_PKCS11_HELPER)\" \
|
||||
-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
|
||||
-D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \
|
||||
-DSSH_RAND_HELPER=\"$(RAND_HELPER)\"
|
||||
|
||||
CC=@CC@
|
||||
LD=@LD@
|
||||
@ -61,10 +59,7 @@ LDFLAGS=-L. -Lopenbsd-compat/ @LDFLAGS@
|
||||
EXEEXT=@EXEEXT@
|
||||
MANFMT=@MANFMT@
|
||||
|
||||
INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@
|
||||
INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@
|
||||
|
||||
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
|
||||
TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-pkcs11-helper$(EXEEXT) ssh-agent$(EXEEXT) scp$(EXEEXT) sftp-server$(EXEEXT) sftp$(EXEEXT)
|
||||
|
||||
LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \
|
||||
canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
|
||||
@ -94,17 +89,17 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
|
||||
auth2-gss.o gss-serv.o gss-serv-krb5.o \
|
||||
loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
|
||||
sftp-server.o sftp-common.o \
|
||||
roaming_common.o roaming_serv.o
|
||||
roaming_common.o roaming_serv.o \
|
||||
sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o
|
||||
|
||||
MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
|
||||
MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
|
||||
MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
|
||||
MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
|
||||
MANTYPE = @MANTYPE@
|
||||
|
||||
CONFIGFILES=sshd_config.out ssh_config.out moduli.out
|
||||
CONFIGFILES_IN=sshd_config ssh_config moduli
|
||||
|
||||
PATHSUBS = \
|
||||
-e 's|/etc/ssh/ssh_prng_cmds|$(sysconfdir)/ssh_prng_cmds|g' \
|
||||
-e 's|/etc/ssh/ssh_config|$(sysconfdir)/ssh_config|g' \
|
||||
-e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \
|
||||
-e 's|/etc/ssh/sshd_config|$(sysconfdir)/sshd_config|g' \
|
||||
@ -124,7 +119,7 @@ PATHSUBS = \
|
||||
|
||||
FIXPATHSCMD = $(SED) $(PATHSUBS)
|
||||
|
||||
all: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS)
|
||||
all: $(CONFIGFILES) $(MANPAGES) $(TARGETS)
|
||||
|
||||
$(LIBSSH_OBJS): Makefile.in config.h
|
||||
$(SSHOBJS): Makefile.in config.h
|
||||
@ -175,9 +170,6 @@ sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o s
|
||||
sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
|
||||
$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
|
||||
|
||||
ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o
|
||||
$(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
|
||||
|
||||
# test driver for the loginrec code - not built by default
|
||||
logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
|
||||
$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
|
||||
@ -198,11 +190,6 @@ $(CONFIGFILES): $(CONFIGFILES_IN)
|
||||
conffile=`echo $@ | sed 's/.out$$//'`; \
|
||||
$(FIXPATHSCMD) $(srcdir)/$${conffile} > $@
|
||||
|
||||
ssh_prng_cmds.out: ssh_prng_cmds
|
||||
if test ! -z "$(INSTALL_SSH_PRNG_CMDS)"; then \
|
||||
$(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \
|
||||
fi
|
||||
|
||||
# fake rule to stop make trying to compile moduli.o into a binary "moduli.o"
|
||||
moduli:
|
||||
echo
|
||||
@ -215,7 +202,7 @@ clean: regressclean
|
||||
distclean: regressclean
|
||||
rm -f *.o *.a $(TARGETS) logintest config.cache config.log
|
||||
rm -f *.out core opensshd.init openssh.xml
|
||||
rm -f Makefile buildpkg.sh config.h config.status ssh_prng_cmds
|
||||
rm -f Makefile buildpkg.sh config.h config.status
|
||||
rm -f survey.sh openbsd-compat/regress/Makefile *~
|
||||
rm -rf autom4te.cache
|
||||
(cd openbsd-compat && $(MAKE) distclean)
|
||||
@ -226,6 +213,8 @@ distclean: regressclean
|
||||
veryclean: distclean
|
||||
rm -f configure config.h.in *.0
|
||||
|
||||
cleandir: veryclean
|
||||
|
||||
mrproper: veryclean
|
||||
|
||||
realclean: veryclean
|
||||
@ -242,9 +231,9 @@ distprep: catman-do
|
||||
$(AUTORECONF)
|
||||
-rm -rf autom4te.cache
|
||||
|
||||
install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
|
||||
install-nokeys: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf
|
||||
install-nosysconf: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files
|
||||
install: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
|
||||
install-nokeys: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files install-sysconf
|
||||
install-nosysconf: $(CONFIGFILES) $(MANPAGES) $(TARGETS) install-files
|
||||
|
||||
check-config:
|
||||
-$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config
|
||||
@ -265,9 +254,6 @@ install-files:
|
||||
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
|
||||
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan$(EXEEXT) $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
|
||||
$(INSTALL) -m 0755 $(STRIP_OPT) sshd$(EXEEXT) $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
|
||||
if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \
|
||||
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper$(EXEEXT) $(DESTDIR)$(libexecdir)/ssh-rand-helper$(EXEEXT) ; \
|
||||
fi
|
||||
$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign$(EXEEXT) $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
|
||||
$(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
|
||||
$(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT)
|
||||
@ -282,9 +268,6 @@ install-files:
|
||||
$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
|
||||
$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
|
||||
$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
|
||||
if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \
|
||||
$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
|
||||
fi
|
||||
$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
|
||||
$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
|
||||
$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
|
||||
@ -308,13 +291,6 @@ install-sysconf:
|
||||
else \
|
||||
echo "$(DESTDIR)$(sysconfdir)/sshd_config already exists, install will not overwrite"; \
|
||||
fi
|
||||
@if [ -f ssh_prng_cmds ] && [ ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \
|
||||
if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds ] ; then \
|
||||
$(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \
|
||||
else \
|
||||
echo "$(DESTDIR)$(sysconfdir)/ssh_prng_cmds already exists, install will not overwrite"; \
|
||||
fi ; \
|
||||
fi
|
||||
@if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \
|
||||
if [ -f $(DESTDIR)$(sysconfdir)/primes ]; then \
|
||||
echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \
|
||||
@ -361,7 +337,6 @@ host-key-force: ssh-keygen$(EXEEXT)
|
||||
uninstallall: uninstall
|
||||
-rm -f $(DESTDIR)$(sysconfdir)/ssh_config
|
||||
-rm -f $(DESTDIR)$(sysconfdir)/sshd_config
|
||||
-rm -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds
|
||||
-rmdir $(DESTDIR)$(sysconfdir)
|
||||
-rmdir $(DESTDIR)$(bindir)
|
||||
-rmdir $(DESTDIR)$(sbindir)
|
||||
@ -383,7 +358,6 @@ uninstall:
|
||||
-rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
|
||||
-rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
|
||||
-rm -f $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT)
|
||||
-rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT)
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
|
||||
@ -392,7 +366,6 @@ uninstall:
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
|
||||
-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
|
||||
@ -462,7 +435,7 @@ survey: survey.sh ssh
|
||||
send-survey: survey
|
||||
mail portable-survey@mindrot.org <survey
|
||||
|
||||
package: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS)
|
||||
package: $(CONFIGFILES) $(MANPAGES) $(TARGETS)
|
||||
if [ "@MAKE_PACKAGE_SUPPORTED@" = yes ]; then \
|
||||
sh buildpkg.sh; \
|
||||
fi
|
||||
|
30
PROTOCOL.mux
30
PROTOCOL.mux
@ -73,6 +73,13 @@ non-multiplexed ssh(1) connection. Two additional cases that the
|
||||
client must cope with are it receiving a signal itself and the
|
||||
server disconnecting without sending an exit message.
|
||||
|
||||
A master may also send a MUX_S_TTY_ALLOC_FAIL before MUX_S_EXIT_MESSAGE
|
||||
if remote TTY allocation was unsuccessful. The client may use this to
|
||||
return its local tty to "cooked" mode.
|
||||
|
||||
uint32 MUX_S_TTY_ALLOC_FAIL
|
||||
uint32 session id
|
||||
|
||||
3. Health checks
|
||||
|
||||
The client may request a health check/PID report from a server:
|
||||
@ -149,10 +156,21 @@ The client then sends its standard input and output file descriptors
|
||||
|
||||
The contents of "reserved" are currently ignored.
|
||||
|
||||
A server may reply with a MUX_S_SESSION_OPEED, a MUX_S_PERMISSION_DENIED
|
||||
A server may reply with a MUX_S_SESSION_OPENED, a MUX_S_PERMISSION_DENIED
|
||||
or a MUX_S_FAILURE.
|
||||
|
||||
8. Status messages
|
||||
8. Requesting shutdown of mux listener
|
||||
|
||||
A client may request the master to stop accepting new multiplexing requests
|
||||
and remove its listener socket.
|
||||
|
||||
uint32 MUX_C_STOP_LISTENING
|
||||
uint32 request id
|
||||
|
||||
A server may reply with a MUX_S_OK, a MUX_S_PERMISSION_DENIED or a
|
||||
MUX_S_FAILURE.
|
||||
|
||||
9. Status messages
|
||||
|
||||
The MUX_S_OK message is empty:
|
||||
|
||||
@ -169,7 +187,7 @@ The MUX_S_PERMISSION_DENIED and MUX_S_FAILURE include a reason:
|
||||
uint32 client request id
|
||||
string reason
|
||||
|
||||
9. Protocol numbers
|
||||
10. Protocol numbers
|
||||
|
||||
#define MUX_MSG_HELLO 0x00000001
|
||||
#define MUX_C_NEW_SESSION 0x10000002
|
||||
@ -178,6 +196,7 @@ The MUX_S_PERMISSION_DENIED and MUX_S_FAILURE include a reason:
|
||||
#define MUX_C_OPEN_FWD 0x10000006
|
||||
#define MUX_C_CLOSE_FWD 0x10000007
|
||||
#define MUX_C_NEW_STDIO_FWD 0x10000008
|
||||
#define MUX_C_STOP_LISTENING 0x10000009
|
||||
#define MUX_S_OK 0x80000001
|
||||
#define MUX_S_PERMISSION_DENIED 0x80000002
|
||||
#define MUX_S_FAILURE 0x80000003
|
||||
@ -185,6 +204,7 @@ The MUX_S_PERMISSION_DENIED and MUX_S_FAILURE include a reason:
|
||||
#define MUX_S_ALIVE 0x80000005
|
||||
#define MUX_S_SESSION_OPENED 0x80000006
|
||||
#define MUX_S_REMOTE_PORT 0x80000007
|
||||
#define MUX_S_TTY_ALLOC_FAIL 0x80000008
|
||||
|
||||
#define MUX_FWD_LOCAL 1
|
||||
#define MUX_FWD_REMOTE 2
|
||||
@ -192,12 +212,10 @@ The MUX_S_PERMISSION_DENIED and MUX_S_FAILURE include a reason:
|
||||
|
||||
XXX TODO
|
||||
XXX extended status (e.g. report open channels / forwards)
|
||||
XXX graceful close (delete listening socket, but keep existing sessions active)
|
||||
XXX lock (maybe)
|
||||
XXX watch in/out traffic (pre/post crypto)
|
||||
XXX inject packet (what about replies)
|
||||
XXX server->client error/warning notifications
|
||||
XXX port0 rfwd (need custom response message)
|
||||
XXX send signals via mux
|
||||
|
||||
$OpenBSD: PROTOCOL.mux,v 1.4 2011/01/31 21:42:15 djm Exp $
|
||||
$OpenBSD: PROTOCOL.mux,v 1.7 2011/05/08 12:52:01 djm Exp $
|
||||
|
4
README
4
README
@ -1,4 +1,4 @@
|
||||
See http://www.openssh.com/txt/release-5.8p2 for the release notes.
|
||||
See http://www.openssh.com/txt/release-5.9 for the release notes.
|
||||
|
||||
- A Japanese translation of this document and of the OpenSSH FAQ is
|
||||
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
|
||||
@ -62,4 +62,4 @@ References -
|
||||
[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
|
||||
[7] http://www.openssh.com/faq.html
|
||||
|
||||
$Id: README,v 1.75.4.2 2011/05/03 00:04:21 djm Exp $
|
||||
$Id: README,v 1.77.2.2 2011/09/06 23:11:20 djm Exp $
|
||||
|
30
aclocal.m4
vendored
30
aclocal.m4
vendored
@ -1,8 +1,26 @@
|
||||
dnl $Id: aclocal.m4,v 1.6 2005/09/19 16:33:39 tim Exp $
|
||||
dnl $Id: aclocal.m4,v 1.8 2011/05/20 01:45:25 djm Exp $
|
||||
dnl
|
||||
dnl OpenSSH-specific autoconf macros
|
||||
dnl
|
||||
|
||||
dnl OSSH_CHECK_CFLAG_COMPILE(check_flag[, define_flag])
|
||||
dnl Check that $CC accepts a flag 'check_flag'. If it is supported append
|
||||
dnl 'define_flag' to $CFLAGS. If 'define_flag' is not specified, then append
|
||||
dnl 'check_flag'.
|
||||
AC_DEFUN([OSSH_CHECK_CFLAG_COMPILE], [{
|
||||
AC_MSG_CHECKING([if $CC supports $1])
|
||||
saved_CFLAGS="$CFLAGS"
|
||||
CFLAGS="$CFLAGS $1"
|
||||
_define_flag="$2"
|
||||
test "x$_define_flag" = "x" && _define_flag="$1"
|
||||
AC_COMPILE_IFELSE([AC_LANG_SOURCE([[int main(void) { return 0; }]])],
|
||||
[ AC_MSG_RESULT([yes])
|
||||
CFLAGS="$saved_CFLAGS $_define_flag"],
|
||||
[ AC_MSG_RESULT([no])
|
||||
CFLAGS="$saved_CFLAGS" ]
|
||||
)
|
||||
}])
|
||||
|
||||
|
||||
dnl OSSH_CHECK_HEADER_FOR_FIELD(field, header, symbol)
|
||||
dnl Does AC_EGREP_HEADER on 'header' for the string 'field'
|
||||
@ -33,16 +51,6 @@ AC_DEFUN(OSSH_CHECK_HEADER_FOR_FIELD, [
|
||||
fi
|
||||
])
|
||||
|
||||
dnl OSSH_PATH_ENTROPY_PROG(variablename, command):
|
||||
dnl Tidiness function, sets 'undef' if not found, and does the AC_SUBST
|
||||
AC_DEFUN(OSSH_PATH_ENTROPY_PROG, [
|
||||
AC_PATH_PROG($1, $2)
|
||||
if test -z "[$]$1" ; then
|
||||
$1="undef"
|
||||
fi
|
||||
AC_SUBST($1)
|
||||
])
|
||||
|
||||
dnl Check for socklen_t: historically on BSD it is an int, and in
|
||||
dnl POSIX 1g it is a type of its own, but some platforms use different
|
||||
dnl types for the argument to getsockopt, getpeername, etc. So we
|
||||
|
70
auth-rsa.c
70
auth-rsa.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth-rsa.c,v 1.79 2010/12/03 23:55:27 djm Exp $ */
|
||||
/* $OpenBSD: auth-rsa.c,v 1.80 2011/05/23 03:30:07 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -160,44 +160,27 @@ auth_rsa_challenge_dialog(Key *key)
|
||||
return (success);
|
||||
}
|
||||
|
||||
/*
|
||||
* check if there's user key matching client_n,
|
||||
* return key if login is allowed, NULL otherwise
|
||||
*/
|
||||
|
||||
int
|
||||
auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||
static int
|
||||
rsa_key_allowed_in_file(struct passwd *pw, char *file,
|
||||
const BIGNUM *client_n, Key **rkey)
|
||||
{
|
||||
char line[SSH_MAX_PUBKEY_BYTES], *file;
|
||||
char line[SSH_MAX_PUBKEY_BYTES];
|
||||
int allowed = 0;
|
||||
u_int bits;
|
||||
FILE *f;
|
||||
u_long linenum = 0;
|
||||
Key *key;
|
||||
|
||||
/* Temporarily use the user's uid. */
|
||||
temporarily_use_uid(pw);
|
||||
|
||||
/* The authorized keys. */
|
||||
file = authorized_keys_file(pw);
|
||||
debug("trying public RSA key file %s", file);
|
||||
f = auth_openkeyfile(file, pw, options.strict_modes);
|
||||
if (!f) {
|
||||
xfree(file);
|
||||
restore_uid();
|
||||
return (0);
|
||||
}
|
||||
|
||||
/* Flag indicating whether the key is allowed. */
|
||||
allowed = 0;
|
||||
|
||||
key = key_new(KEY_RSA1);
|
||||
if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL)
|
||||
return 0;
|
||||
|
||||
/*
|
||||
* Go though the accepted keys, looking for the current key. If
|
||||
* found, perform a challenge-response dialog to verify that the
|
||||
* user really has the corresponding private key.
|
||||
*/
|
||||
key = key_new(KEY_RSA1);
|
||||
while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
|
||||
char *cp;
|
||||
char *key_options;
|
||||
@ -235,7 +218,10 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||
}
|
||||
/* cp now points to the comment part. */
|
||||
|
||||
/* Check if the we have found the desired key (identified by its modulus). */
|
||||
/*
|
||||
* Check if the we have found the desired key (identified
|
||||
* by its modulus).
|
||||
*/
|
||||
if (BN_cmp(key->rsa->n, client_n) != 0)
|
||||
continue;
|
||||
|
||||
@ -264,11 +250,7 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||
break;
|
||||
}
|
||||
|
||||
/* Restore the privileged uid. */
|
||||
restore_uid();
|
||||
|
||||
/* Close the file. */
|
||||
xfree(file);
|
||||
fclose(f);
|
||||
|
||||
/* return key if allowed */
|
||||
@ -276,7 +258,33 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||
*rkey = key;
|
||||
else
|
||||
key_free(key);
|
||||
return (allowed);
|
||||
|
||||
return allowed;
|
||||
}
|
||||
|
||||
/*
|
||||
* check if there's user key matching client_n,
|
||||
* return key if login is allowed, NULL otherwise
|
||||
*/
|
||||
|
||||
int
|
||||
auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
|
||||
{
|
||||
char *file;
|
||||
u_int i, allowed = 0;
|
||||
|
||||
temporarily_use_uid(pw);
|
||||
|
||||
for (i = 0; !allowed && i < options.num_authkeys_files; i++) {
|
||||
file = expand_authorized_keys(
|
||||
options.authorized_keys_files[i], pw);
|
||||
allowed = rsa_key_allowed_in_file(pw, file, client_n, rkey);
|
||||
xfree(file);
|
||||
}
|
||||
|
||||
restore_uid();
|
||||
|
||||
return allowed;
|
||||
}
|
||||
|
||||
/*
|
||||
|
@ -39,6 +39,7 @@
|
||||
#include "hostfile.h"
|
||||
#include "auth.h"
|
||||
#include "ssh-gss.h"
|
||||
#include "log.h"
|
||||
#include "monitor_wrap.h"
|
||||
|
||||
static void *
|
||||
|
23
auth.c
23
auth.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth.c,v 1.91 2010/11/29 23:45:51 djm Exp $ */
|
||||
/* $OpenBSD: auth.c,v 1.94 2011/05/23 03:33:38 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@ -331,7 +331,7 @@ auth_root_allowed(char *method)
|
||||
*
|
||||
* This returns a buffer allocated by xmalloc.
|
||||
*/
|
||||
static char *
|
||||
char *
|
||||
expand_authorized_keys(const char *filename, struct passwd *pw)
|
||||
{
|
||||
char *file, ret[MAXPATHLEN];
|
||||
@ -354,18 +354,6 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
|
||||
return (xstrdup(ret));
|
||||
}
|
||||
|
||||
char *
|
||||
authorized_keys_file(struct passwd *pw)
|
||||
{
|
||||
return expand_authorized_keys(options.authorized_keys_file, pw);
|
||||
}
|
||||
|
||||
char *
|
||||
authorized_keys_file2(struct passwd *pw)
|
||||
{
|
||||
return expand_authorized_keys(options.authorized_keys_file2, pw);
|
||||
}
|
||||
|
||||
char *
|
||||
authorized_principals_file(struct passwd *pw)
|
||||
{
|
||||
@ -468,7 +456,6 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
|
||||
}
|
||||
strlcpy(buf, cp, sizeof(buf));
|
||||
|
||||
debug3("secure_filename: checking '%s'", buf);
|
||||
if (stat(buf, &st) < 0 ||
|
||||
(st.st_uid != 0 && st.st_uid != uid) ||
|
||||
(st.st_mode & 022) != 0) {
|
||||
@ -478,11 +465,9 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
|
||||
}
|
||||
|
||||
/* If are past the homedir then we can stop */
|
||||
if (comparehome && strcmp(homedir, buf) == 0) {
|
||||
debug3("secure_filename: terminating check at '%s'",
|
||||
buf);
|
||||
if (comparehome && strcmp(homedir, buf) == 0)
|
||||
break;
|
||||
}
|
||||
|
||||
/*
|
||||
* dirname should always complete with a "/" path,
|
||||
* but we can be paranoid and check for "." too
|
||||
|
6
auth.h
6
auth.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth.h,v 1.66 2010/05/07 11:30:29 djm Exp $ */
|
||||
/* $OpenBSD: auth.h,v 1.69 2011/05/23 03:30:07 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
@ -53,6 +53,7 @@ struct Authctxt {
|
||||
int valid; /* user exists and is allowed to login */
|
||||
int attempt;
|
||||
int failures;
|
||||
int server_caused_failure;
|
||||
int force_pwchange;
|
||||
char *user; /* username sent by the client */
|
||||
char *service;
|
||||
@ -167,8 +168,7 @@ char *get_challenge(Authctxt *);
|
||||
int verify_response(Authctxt *, const char *);
|
||||
void abandon_challenge_response(Authctxt *);
|
||||
|
||||
char *authorized_keys_file(struct passwd *);
|
||||
char *authorized_keys_file2(struct passwd *);
|
||||
char *expand_authorized_keys(const char *, struct passwd *pw);
|
||||
char *authorized_principals_file(struct passwd *);
|
||||
|
||||
FILE *auth_openkeyfile(const char *, struct passwd *, int);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth2-gss.c,v 1.16 2007/10/29 00:52:45 dtucker Exp $ */
|
||||
/* $OpenBSD: auth2-gss.c,v 1.17 2011/03/10 02:52:57 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
@ -102,6 +102,7 @@ userauth_gssapi(Authctxt *authctxt)
|
||||
|
||||
if (!present) {
|
||||
xfree(doid);
|
||||
authctxt->server_caused_failure = 1;
|
||||
return (0);
|
||||
}
|
||||
|
||||
@ -109,6 +110,7 @@ userauth_gssapi(Authctxt *authctxt)
|
||||
if (ctxt != NULL)
|
||||
ssh_gssapi_delete_ctx(&ctxt);
|
||||
xfree(doid);
|
||||
authctxt->server_caused_failure = 1;
|
||||
return (0);
|
||||
}
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth2-pubkey.c,v 1.27 2010/11/20 05:12:38 deraadt Exp $ */
|
||||
/* $OpenBSD: auth2-pubkey.c,v 1.29 2011/05/23 03:30:07 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@ -436,7 +436,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
|
||||
int
|
||||
user_key_allowed(struct passwd *pw, Key *key)
|
||||
{
|
||||
int success;
|
||||
u_int success, i;
|
||||
char *file;
|
||||
|
||||
if (auth_key_is_revoked(key))
|
||||
@ -448,16 +448,13 @@ user_key_allowed(struct passwd *pw, Key *key)
|
||||
if (success)
|
||||
return success;
|
||||
|
||||
file = authorized_keys_file(pw);
|
||||
success = user_key_allowed2(pw, key, file);
|
||||
xfree(file);
|
||||
if (success)
|
||||
return success;
|
||||
for (i = 0; !success && i < options.num_authkeys_files; i++) {
|
||||
file = expand_authorized_keys(
|
||||
options.authorized_keys_files[i], pw);
|
||||
success = user_key_allowed2(pw, key, file);
|
||||
xfree(file);
|
||||
}
|
||||
|
||||
/* try suffix "2" for backward compat, too */
|
||||
file = authorized_keys_file2(pw);
|
||||
success = user_key_allowed2(pw, key, file);
|
||||
xfree(file);
|
||||
return success;
|
||||
}
|
||||
|
||||
|
6
auth2.c
6
auth2.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth2.c,v 1.122 2010/08/31 09:58:37 djm Exp $ */
|
||||
/* $OpenBSD: auth2.c,v 1.123 2011/03/10 02:52:57 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@ -274,6 +274,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt)
|
||||
#endif
|
||||
|
||||
authctxt->postponed = 0;
|
||||
authctxt->server_caused_failure = 0;
|
||||
|
||||
/* try to authenticate user */
|
||||
m = authmethod_lookup(method);
|
||||
@ -346,7 +347,8 @@ userauth_finish(Authctxt *authctxt, int authenticated, char *method)
|
||||
} else {
|
||||
|
||||
/* Allow initial try of "none" auth without failure penalty */
|
||||
if (authctxt->attempt > 1 || strcmp(method, "none") != 0)
|
||||
if (!authctxt->server_caused_failure &&
|
||||
(authctxt->attempt > 1 || strcmp(method, "none") != 0))
|
||||
authctxt->failures++;
|
||||
if (authctxt->failures >= options.max_authtries) {
|
||||
#ifdef SSH_AUDIT_EVENTS
|
||||
|
5
authfd.c
5
authfd.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: authfd.c,v 1.84 2010/08/31 11:54:45 djm Exp $ */
|
||||
/* $OpenBSD: authfd.c,v 1.86 2011/07/06 18:09:21 tedu Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -102,6 +102,7 @@ ssh_get_authentication_socket(void)
|
||||
if (!authsocket)
|
||||
return -1;
|
||||
|
||||
bzero(&sunaddr, sizeof(sunaddr));
|
||||
sunaddr.sun_family = AF_UNIX;
|
||||
strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
|
||||
|
||||
@ -110,7 +111,7 @@ ssh_get_authentication_socket(void)
|
||||
return -1;
|
||||
|
||||
/* close on exec */
|
||||
if (fcntl(sock, F_SETFD, 1) == -1) {
|
||||
if (fcntl(sock, F_SETFD, FD_CLOEXEC) == -1) {
|
||||
close(sock);
|
||||
return -1;
|
||||
}
|
||||
|
154
authfile.c
154
authfile.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: authfile.c,v 1.87 2010/11/29 18:57:04 markus Exp $ */
|
||||
/* $OpenBSD: authfile.c,v 1.92 2011/06/14 22:49:18 markus Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -69,6 +69,8 @@
|
||||
#include "misc.h"
|
||||
#include "atomicio.h"
|
||||
|
||||
#define MAX_KEY_FILE_SIZE (1024 * 1024)
|
||||
|
||||
/* Version identification string for SSH v1 identity files. */
|
||||
static const char authfile_id_string[] =
|
||||
"SSH PRIVATE KEY FILE FORMAT 1.1\n";
|
||||
@ -277,6 +279,7 @@ static Key *
|
||||
key_parse_public_rsa1(Buffer *blob, char **commentp)
|
||||
{
|
||||
Key *pub;
|
||||
Buffer copy;
|
||||
|
||||
/* Check that it is at least big enough to contain the ID string. */
|
||||
if (buffer_len(blob) < sizeof(authfile_id_string)) {
|
||||
@ -293,31 +296,33 @@ key_parse_public_rsa1(Buffer *blob, char **commentp)
|
||||
debug3("Incorrect RSA1 identifier");
|
||||
return NULL;
|
||||
}
|
||||
buffer_consume(blob, sizeof(authfile_id_string));
|
||||
buffer_init(©);
|
||||
buffer_append(©, buffer_ptr(blob), buffer_len(blob));
|
||||
buffer_consume(©, sizeof(authfile_id_string));
|
||||
|
||||
/* Skip cipher type and reserved data. */
|
||||
(void) buffer_get_char(blob); /* cipher type */
|
||||
(void) buffer_get_int(blob); /* reserved */
|
||||
(void) buffer_get_char(©); /* cipher type */
|
||||
(void) buffer_get_int(©); /* reserved */
|
||||
|
||||
/* Read the public key from the buffer. */
|
||||
(void) buffer_get_int(blob);
|
||||
(void) buffer_get_int(©);
|
||||
pub = key_new(KEY_RSA1);
|
||||
buffer_get_bignum(blob, pub->rsa->n);
|
||||
buffer_get_bignum(blob, pub->rsa->e);
|
||||
buffer_get_bignum(©, pub->rsa->n);
|
||||
buffer_get_bignum(©, pub->rsa->e);
|
||||
if (commentp)
|
||||
*commentp = buffer_get_string(blob, NULL);
|
||||
*commentp = buffer_get_string(©, NULL);
|
||||
/* The encrypted private part is not parsed by this function. */
|
||||
buffer_clear(blob);
|
||||
buffer_free(©);
|
||||
|
||||
return pub;
|
||||
}
|
||||
|
||||
/* Load the contents of a key file into a buffer */
|
||||
static int
|
||||
/* Load a key from a fd into a buffer */
|
||||
int
|
||||
key_load_file(int fd, const char *filename, Buffer *blob)
|
||||
{
|
||||
u_char buf[1024];
|
||||
size_t len;
|
||||
u_char *cp;
|
||||
struct stat st;
|
||||
|
||||
if (fstat(fd, &st) < 0) {
|
||||
@ -325,30 +330,45 @@ key_load_file(int fd, const char *filename, Buffer *blob)
|
||||
filename == NULL ? "" : filename,
|
||||
filename == NULL ? "" : " ",
|
||||
strerror(errno));
|
||||
close(fd);
|
||||
return 0;
|
||||
}
|
||||
if (st.st_size > 1*1024*1024) {
|
||||
if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
|
||||
st.st_size > MAX_KEY_FILE_SIZE) {
|
||||
toobig:
|
||||
error("%s: key file %.200s%stoo large", __func__,
|
||||
filename == NULL ? "" : filename,
|
||||
filename == NULL ? "" : " ");
|
||||
close(fd);
|
||||
return 0;
|
||||
}
|
||||
len = (size_t)st.st_size; /* truncated */
|
||||
|
||||
buffer_init(blob);
|
||||
cp = buffer_append_space(blob, len);
|
||||
|
||||
if (atomicio(read, fd, cp, len) != len) {
|
||||
debug("%s: read from key file %.200s%sfailed: %.100s", __func__,
|
||||
filename == NULL ? "" : filename,
|
||||
filename == NULL ? "" : " ",
|
||||
strerror(errno));
|
||||
for (;;) {
|
||||
if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) {
|
||||
if (errno == EPIPE)
|
||||
break;
|
||||
debug("%s: read from key file %.200s%sfailed: %.100s",
|
||||
__func__, filename == NULL ? "" : filename,
|
||||
filename == NULL ? "" : " ", strerror(errno));
|
||||
buffer_clear(blob);
|
||||
bzero(buf, sizeof(buf));
|
||||
return 0;
|
||||
}
|
||||
buffer_append(blob, buf, len);
|
||||
if (buffer_len(blob) > MAX_KEY_FILE_SIZE) {
|
||||
buffer_clear(blob);
|
||||
bzero(buf, sizeof(buf));
|
||||
goto toobig;
|
||||
}
|
||||
}
|
||||
bzero(buf, sizeof(buf));
|
||||
if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
|
||||
st.st_size != buffer_len(blob)) {
|
||||
debug("%s: key file %.200s%schanged size while reading",
|
||||
__func__, filename == NULL ? "" : filename,
|
||||
filename == NULL ? "" : " ");
|
||||
buffer_clear(blob);
|
||||
close(fd);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -403,6 +423,7 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp)
|
||||
CipherContext ciphercontext;
|
||||
Cipher *cipher;
|
||||
Key *prv = NULL;
|
||||
Buffer copy;
|
||||
|
||||
/* Check that it is at least big enough to contain the ID string. */
|
||||
if (buffer_len(blob) < sizeof(authfile_id_string)) {
|
||||
@ -419,41 +440,44 @@ key_parse_private_rsa1(Buffer *blob, const char *passphrase, char **commentp)
|
||||
debug3("Incorrect RSA1 identifier");
|
||||
return NULL;
|
||||
}
|
||||
buffer_consume(blob, sizeof(authfile_id_string));
|
||||
buffer_init(©);
|
||||
buffer_append(©, buffer_ptr(blob), buffer_len(blob));
|
||||
buffer_consume(©, sizeof(authfile_id_string));
|
||||
|
||||
/* Read cipher type. */
|
||||
cipher_type = buffer_get_char(blob);
|
||||
(void) buffer_get_int(blob); /* Reserved data. */
|
||||
cipher_type = buffer_get_char(©);
|
||||
(void) buffer_get_int(©); /* Reserved data. */
|
||||
|
||||
/* Read the public key from the buffer. */
|
||||
(void) buffer_get_int(blob);
|
||||
(void) buffer_get_int(©);
|
||||
prv = key_new_private(KEY_RSA1);
|
||||
|
||||
buffer_get_bignum(blob, prv->rsa->n);
|
||||
buffer_get_bignum(blob, prv->rsa->e);
|
||||
buffer_get_bignum(©, prv->rsa->n);
|
||||
buffer_get_bignum(©, prv->rsa->e);
|
||||
if (commentp)
|
||||
*commentp = buffer_get_string(blob, NULL);
|
||||
*commentp = buffer_get_string(©, NULL);
|
||||
else
|
||||
(void)buffer_get_string_ptr(blob, NULL);
|
||||
(void)buffer_get_string_ptr(©, NULL);
|
||||
|
||||
/* Check that it is a supported cipher. */
|
||||
cipher = cipher_by_number(cipher_type);
|
||||
if (cipher == NULL) {
|
||||
debug("Unsupported RSA1 cipher %d", cipher_type);
|
||||
buffer_free(©);
|
||||
goto fail;
|
||||
}
|
||||
/* Initialize space for decrypted data. */
|
||||
buffer_init(&decrypted);
|
||||
cp = buffer_append_space(&decrypted, buffer_len(blob));
|
||||
cp = buffer_append_space(&decrypted, buffer_len(©));
|
||||
|
||||
/* Rest of the buffer is encrypted. Decrypt it using the passphrase. */
|
||||
cipher_set_key_string(&ciphercontext, cipher, passphrase,
|
||||
CIPHER_DECRYPT);
|
||||
cipher_crypt(&ciphercontext, cp,
|
||||
buffer_ptr(blob), buffer_len(blob));
|
||||
buffer_ptr(©), buffer_len(©));
|
||||
cipher_cleanup(&ciphercontext);
|
||||
memset(&ciphercontext, 0, sizeof(ciphercontext));
|
||||
buffer_clear(blob);
|
||||
buffer_free(©);
|
||||
|
||||
check1 = buffer_get_char(&decrypted);
|
||||
check2 = buffer_get_char(&decrypted);
|
||||
@ -606,7 +630,7 @@ key_perm_ok(int fd, const char *filename)
|
||||
error("@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@");
|
||||
error("Permissions 0%3.3o for '%s' are too open.",
|
||||
(u_int)st.st_mode & 0777, filename);
|
||||
error("It is recommended that your private key files are NOT accessible by others.");
|
||||
error("It is required that your private key files are NOT accessible by others.");
|
||||
error("This private key will be ignored.");
|
||||
return 0;
|
||||
}
|
||||
@ -626,6 +650,7 @@ key_parse_private_type(Buffer *blob, int type, const char *passphrase,
|
||||
case KEY_UNSPEC:
|
||||
return key_parse_private_pem(blob, type, passphrase, commentp);
|
||||
default:
|
||||
error("%s: cannot parse key type %d", __func__, type);
|
||||
break;
|
||||
}
|
||||
return NULL;
|
||||
@ -669,12 +694,35 @@ key_load_private_type(int type, const char *filename, const char *passphrase,
|
||||
return ret;
|
||||
}
|
||||
|
||||
Key *
|
||||
key_parse_private(Buffer *buffer, const char *filename,
|
||||
const char *passphrase, char **commentp)
|
||||
{
|
||||
Key *pub, *prv;
|
||||
|
||||
/* it's a SSH v1 key if the public key part is readable */
|
||||
pub = key_parse_public_rsa1(buffer, commentp);
|
||||
if (pub == NULL) {
|
||||
prv = key_parse_private_type(buffer, KEY_UNSPEC,
|
||||
passphrase, NULL);
|
||||
/* use the filename as a comment for PEM */
|
||||
if (commentp && prv)
|
||||
*commentp = xstrdup(filename);
|
||||
} else {
|
||||
key_free(pub);
|
||||
/* key_parse_public_rsa1() has already loaded the comment */
|
||||
prv = key_parse_private_type(buffer, KEY_RSA1, passphrase,
|
||||
NULL);
|
||||
}
|
||||
return prv;
|
||||
}
|
||||
|
||||
Key *
|
||||
key_load_private(const char *filename, const char *passphrase,
|
||||
char **commentp)
|
||||
{
|
||||
Key *pub, *prv;
|
||||
Buffer buffer, pubcopy;
|
||||
Key *prv;
|
||||
Buffer buffer;
|
||||
int fd;
|
||||
|
||||
fd = open(filename, O_RDONLY);
|
||||
@ -697,23 +745,7 @@ key_load_private(const char *filename, const char *passphrase,
|
||||
}
|
||||
close(fd);
|
||||
|
||||
buffer_init(&pubcopy);
|
||||
buffer_append(&pubcopy, buffer_ptr(&buffer), buffer_len(&buffer));
|
||||
/* it's a SSH v1 key if the public key part is readable */
|
||||
pub = key_parse_public_rsa1(&pubcopy, commentp);
|
||||
buffer_free(&pubcopy);
|
||||
if (pub == NULL) {
|
||||
prv = key_parse_private_type(&buffer, KEY_UNSPEC,
|
||||
passphrase, NULL);
|
||||
/* use the filename as a comment for PEM */
|
||||
if (commentp && prv)
|
||||
*commentp = xstrdup(filename);
|
||||
} else {
|
||||
key_free(pub);
|
||||
/* key_parse_public_rsa1() has already loaded the comment */
|
||||
prv = key_parse_private_type(&buffer, KEY_RSA1, passphrase,
|
||||
NULL);
|
||||
}
|
||||
prv = key_parse_private(&buffer, filename, passphrase, commentp);
|
||||
buffer_free(&buffer);
|
||||
return prv;
|
||||
}
|
||||
@ -737,13 +769,19 @@ key_try_load_public(Key *k, const char *filename, char **commentp)
|
||||
case '\0':
|
||||
continue;
|
||||
}
|
||||
/* Abort loading if this looks like a private key */
|
||||
if (strncmp(cp, "-----BEGIN", 10) == 0)
|
||||
break;
|
||||
/* Skip leading whitespace. */
|
||||
for (; *cp && (*cp == ' ' || *cp == '\t'); cp++)
|
||||
;
|
||||
if (*cp) {
|
||||
if (key_read(k, &cp) == 1) {
|
||||
if (commentp)
|
||||
*commentp=xstrdup(filename);
|
||||
cp[strcspn(cp, "\r\n")] = '\0';
|
||||
if (commentp) {
|
||||
*commentp = xstrdup(*cp ?
|
||||
cp : filename);
|
||||
}
|
||||
fclose(f);
|
||||
return 1;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: authfile.h,v 1.15 2010/08/04 05:42:47 djm Exp $ */
|
||||
/* $OpenBSD: authfile.h,v 1.16 2011/05/04 21:15:29 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -16,9 +16,11 @@
|
||||
#define AUTHFILE_H
|
||||
|
||||
int key_save_private(Key *, const char *, const char *, const char *);
|
||||
int key_load_file(int, const char *, Buffer *);
|
||||
Key *key_load_cert(const char *);
|
||||
Key *key_load_public(const char *, char **);
|
||||
Key *key_load_public_type(int, const char *, char **);
|
||||
Key *key_parse_private(Buffer *, const char *, const char *, char **);
|
||||
Key *key_load_private(const char *, const char *, char **);
|
||||
Key *key_load_private_cert(int, const char *, const char *, int *);
|
||||
Key *key_load_private_type(int, const char *, const char *, char **, int *);
|
||||
|
@ -229,8 +229,6 @@ perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
|
||||
# We don't want to overwrite config files on multiple installs
|
||||
mv $FAKE_ROOT${sysconfdir}/ssh_config $FAKE_ROOT${sysconfdir}/ssh_config.default
|
||||
mv $FAKE_ROOT${sysconfdir}/sshd_config $FAKE_ROOT${sysconfdir}/sshd_config.default
|
||||
[ -f $FAKE_ROOT${sysconfdir}/ssh_prng_cmds ] && \
|
||||
mv $FAKE_ROOT${sysconfdir}/ssh_prng_cmds $FAKE_ROOT${sysconfdir}/ssh_prng_cmds.default
|
||||
|
||||
# local tweeks here
|
||||
[ -s "${POST_MAKE_INSTALL_FIXES}" ] && . ${POST_MAKE_INSTALL_FIXES}
|
||||
@ -317,11 +315,6 @@ cat > postinstall << _EOF
|
||||
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ] || \\
|
||||
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
|
||||
\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
|
||||
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ] && {
|
||||
[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ] || \\
|
||||
cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
|
||||
\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
|
||||
}
|
||||
|
||||
# make rc?.d dirs only if we are doing a test install
|
||||
[ -n "${TEST_DIR}" ] && [ $DO_SMF -ne 1 ] && {
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: channels.c,v 1.310 2010/11/24 01:24:14 djm Exp $ */
|
||||
/* $OpenBSD: channels.c,v 1.311 2011/06/22 22:08:42 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -3562,7 +3562,7 @@ deny_input_open(int type, u_int32_t seq, void *ctxt)
|
||||
*/
|
||||
void
|
||||
x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
|
||||
const char *proto, const char *data)
|
||||
const char *proto, const char *data, int want_reply)
|
||||
{
|
||||
u_int data_len = (u_int) strlen(data) / 2;
|
||||
u_int i, value;
|
||||
@ -3615,7 +3615,7 @@ x11_request_forwarding_with_spoofing(int client_session_id, const char *disp,
|
||||
|
||||
/* Send the request packet. */
|
||||
if (compat20) {
|
||||
channel_request_start(client_session_id, "x11-req", 0);
|
||||
channel_request_start(client_session_id, "x11-req", want_reply);
|
||||
packet_put_char(0); /* XXX bool single connection */
|
||||
} else {
|
||||
packet_start(SSH_CMSG_X11_REQUEST_FORWARDING);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: channels.h,v 1.104 2010/05/14 23:29:23 djm Exp $ */
|
||||
/* $OpenBSD: channels.h,v 1.105 2011/06/22 22:08:42 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -271,7 +271,7 @@ int x11_connect_display(void);
|
||||
int x11_create_display_inet(int, int, int, u_int *, int **);
|
||||
void x11_input_open(int, u_int32_t, void *);
|
||||
void x11_request_forwarding_with_spoofing(int, const char *, const char *,
|
||||
const char *);
|
||||
const char *, int);
|
||||
void deny_input_open(int, u_int32_t, void *);
|
||||
|
||||
/* agent forwarding */
|
||||
|
110
clientloop.c
110
clientloop.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: clientloop.c,v 1.231 2011/01/16 12:05:59 djm Exp $ */
|
||||
/* $OpenBSD: clientloop.c,v 1.236 2011/06/22 22:08:42 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -130,9 +130,6 @@ extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */
|
||||
*/
|
||||
extern char *host;
|
||||
|
||||
/* Force TTY allocation */
|
||||
extern int force_tty_flag;
|
||||
|
||||
/*
|
||||
* Flag to indicate that we have received a window change signal which has
|
||||
* not yet been processed. This will cause a message indicating the new
|
||||
@ -179,7 +176,8 @@ struct escape_filter_ctx {
|
||||
/* Context for channel confirmation replies */
|
||||
struct channel_reply_ctx {
|
||||
const char *request_type;
|
||||
int id, do_close;
|
||||
int id;
|
||||
enum confirm_action action;
|
||||
};
|
||||
|
||||
/* Global request success/failure callbacks */
|
||||
@ -265,10 +263,10 @@ static void
|
||||
set_control_persist_exit_time(void)
|
||||
{
|
||||
if (muxserver_sock == -1 || !options.control_persist
|
||||
|| options.control_persist_timeout == 0)
|
||||
|| options.control_persist_timeout == 0) {
|
||||
/* not using a ControlPersist timeout */
|
||||
control_persist_exit_time = 0;
|
||||
else if (channel_still_open()) {
|
||||
} else if (channel_still_open()) {
|
||||
/* some client connections are still open */
|
||||
if (control_persist_exit_time > 0)
|
||||
debug2("%s: cancel scheduled exit", __func__);
|
||||
@ -662,7 +660,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
|
||||
atomicio(vwrite, fileno(stderr), buffer_ptr(berr),
|
||||
buffer_len(berr));
|
||||
|
||||
leave_raw_mode(force_tty_flag);
|
||||
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
|
||||
/*
|
||||
* Free (and clear) the buffer to reduce the amount of data that gets
|
||||
@ -683,7 +681,7 @@ client_suspend_self(Buffer *bin, Buffer *bout, Buffer *berr)
|
||||
buffer_init(bout);
|
||||
buffer_init(berr);
|
||||
|
||||
enter_raw_mode(force_tty_flag);
|
||||
enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
}
|
||||
|
||||
static void
|
||||
@ -742,6 +740,15 @@ client_status_confirm(int type, Channel *c, void *ctx)
|
||||
char errmsg[256];
|
||||
int tochan;
|
||||
|
||||
/*
|
||||
* If a TTY was explicitly requested, then a failure to allocate
|
||||
* one is fatal.
|
||||
*/
|
||||
if (cr->action == CONFIRM_TTY &&
|
||||
(options.request_tty == REQUEST_TTY_FORCE ||
|
||||
options.request_tty == REQUEST_TTY_YES))
|
||||
cr->action = CONFIRM_CLOSE;
|
||||
|
||||
/* XXX supress on mux _client_ quietmode */
|
||||
tochan = options.log_level >= SYSLOG_LEVEL_ERROR &&
|
||||
c->ctl_chan != -1 && c->extended_usage == CHAN_EXTENDED_WRITE;
|
||||
@ -759,14 +766,27 @@ client_status_confirm(int type, Channel *c, void *ctx)
|
||||
cr->request_type, c->self);
|
||||
}
|
||||
/* If error occurred on primary session channel, then exit */
|
||||
if (cr->do_close && c->self == session_ident)
|
||||
if (cr->action == CONFIRM_CLOSE && c->self == session_ident)
|
||||
fatal("%s", errmsg);
|
||||
/* If error occurred on mux client, append to their stderr */
|
||||
if (tochan)
|
||||
buffer_append(&c->extended, errmsg, strlen(errmsg));
|
||||
else
|
||||
/*
|
||||
* If error occurred on mux client, append to
|
||||
* their stderr.
|
||||
*/
|
||||
if (tochan) {
|
||||
buffer_append(&c->extended, errmsg,
|
||||
strlen(errmsg));
|
||||
} else
|
||||
error("%s", errmsg);
|
||||
if (cr->do_close) {
|
||||
if (cr->action == CONFIRM_TTY) {
|
||||
/*
|
||||
* If a TTY allocation error occurred, then arrange
|
||||
* for the correct TTY to leave raw mode.
|
||||
*/
|
||||
if (c->self == session_ident)
|
||||
leave_raw_mode(0);
|
||||
else
|
||||
mux_tty_alloc_failed(c);
|
||||
} else if (cr->action == CONFIRM_CLOSE) {
|
||||
chan_read_failed(c);
|
||||
chan_write_failed(c);
|
||||
}
|
||||
@ -780,13 +800,14 @@ client_abandon_status_confirm(Channel *c, void *ctx)
|
||||
xfree(ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
client_expect_confirm(int id, const char *request, int do_close)
|
||||
void
|
||||
client_expect_confirm(int id, const char *request,
|
||||
enum confirm_action action)
|
||||
{
|
||||
struct channel_reply_ctx *cr = xmalloc(sizeof(*cr));
|
||||
|
||||
cr->request_type = request;
|
||||
cr->do_close = do_close;
|
||||
cr->action = action;
|
||||
|
||||
channel_register_status_confirm(id, client_status_confirm,
|
||||
client_abandon_status_confirm, cr);
|
||||
@ -826,7 +847,7 @@ process_cmdline(void)
|
||||
bzero(&fwd, sizeof(fwd));
|
||||
fwd.listen_host = fwd.connect_host = NULL;
|
||||
|
||||
leave_raw_mode(force_tty_flag);
|
||||
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
handler = signal(SIGINT, SIG_IGN);
|
||||
cmd = s = read_passphrase("\r\nssh> ", RP_ECHO);
|
||||
if (s == NULL)
|
||||
@ -930,7 +951,7 @@ process_cmdline(void)
|
||||
|
||||
out:
|
||||
signal(SIGINT, handler);
|
||||
enter_raw_mode(force_tty_flag);
|
||||
enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
if (cmd)
|
||||
xfree(cmd);
|
||||
if (fwd.listen_host != NULL)
|
||||
@ -1049,7 +1070,8 @@ process_escapes(Channel *c, Buffer *bin, Buffer *bout, Buffer *berr,
|
||||
* more new connections).
|
||||
*/
|
||||
/* Restore tty modes. */
|
||||
leave_raw_mode(force_tty_flag);
|
||||
leave_raw_mode(
|
||||
options.request_tty == REQUEST_TTY_FORCE);
|
||||
|
||||
/* Stop listening for new connections. */
|
||||
channel_stop_listening();
|
||||
@ -1344,7 +1366,7 @@ client_channel_closed(int id, void *arg)
|
||||
{
|
||||
channel_cancel_cleanup(id);
|
||||
session_closed = 1;
|
||||
leave_raw_mode(force_tty_flag);
|
||||
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1415,18 +1437,21 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
|
||||
signal(SIGWINCH, window_change_handler);
|
||||
|
||||
if (have_pty)
|
||||
enter_raw_mode(force_tty_flag);
|
||||
enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
|
||||
if (compat20) {
|
||||
session_ident = ssh2_chan_id;
|
||||
if (escape_char_arg != SSH_ESCAPECHAR_NONE)
|
||||
channel_register_filter(session_ident,
|
||||
client_simple_escape_filter, NULL,
|
||||
client_filter_cleanup,
|
||||
client_new_escape_filter_ctx(escape_char_arg));
|
||||
if (session_ident != -1)
|
||||
if (session_ident != -1) {
|
||||
if (escape_char_arg != SSH_ESCAPECHAR_NONE) {
|
||||
channel_register_filter(session_ident,
|
||||
client_simple_escape_filter, NULL,
|
||||
client_filter_cleanup,
|
||||
client_new_escape_filter_ctx(
|
||||
escape_char_arg));
|
||||
}
|
||||
channel_register_cleanup(session_ident,
|
||||
client_channel_closed, 0);
|
||||
}
|
||||
} else {
|
||||
/* Check if we should immediately send eof on stdin. */
|
||||
client_check_initial_eof_on_stdin();
|
||||
@ -1556,7 +1581,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
|
||||
channel_free_all();
|
||||
|
||||
if (have_pty)
|
||||
leave_raw_mode(force_tty_flag);
|
||||
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
|
||||
/* restore blocking io */
|
||||
if (!isatty(fileno(stdin)))
|
||||
@ -1982,7 +2007,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
|
||||
memset(&ws, 0, sizeof(ws));
|
||||
|
||||
channel_request_start(id, "pty-req", 1);
|
||||
client_expect_confirm(id, "PTY allocation", 1);
|
||||
client_expect_confirm(id, "PTY allocation", CONFIRM_TTY);
|
||||
packet_put_cstring(term != NULL ? term : "");
|
||||
packet_put_int((u_int)ws.ws_col);
|
||||
packet_put_int((u_int)ws.ws_row);
|
||||
@ -2041,18 +2066,18 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
|
||||
debug("Sending subsystem: %.*s",
|
||||
len, (u_char*)buffer_ptr(cmd));
|
||||
channel_request_start(id, "subsystem", 1);
|
||||
client_expect_confirm(id, "subsystem", 1);
|
||||
client_expect_confirm(id, "subsystem", CONFIRM_CLOSE);
|
||||
} else {
|
||||
debug("Sending command: %.*s",
|
||||
len, (u_char*)buffer_ptr(cmd));
|
||||
channel_request_start(id, "exec", 1);
|
||||
client_expect_confirm(id, "exec", 1);
|
||||
client_expect_confirm(id, "exec", CONFIRM_CLOSE);
|
||||
}
|
||||
packet_put_string(buffer_ptr(cmd), buffer_len(cmd));
|
||||
packet_send();
|
||||
} else {
|
||||
channel_request_start(id, "shell", 1);
|
||||
client_expect_confirm(id, "shell", 1);
|
||||
client_expect_confirm(id, "shell", CONFIRM_CLOSE);
|
||||
packet_send();
|
||||
}
|
||||
}
|
||||
@ -2122,11 +2147,26 @@ client_init_dispatch(void)
|
||||
client_init_dispatch_15();
|
||||
}
|
||||
|
||||
void
|
||||
client_stop_mux(void)
|
||||
{
|
||||
if (options.control_path != NULL && muxserver_sock != -1)
|
||||
unlink(options.control_path);
|
||||
/*
|
||||
* If we are in persist mode, signal that we should close when all
|
||||
* active channels are closed.
|
||||
*/
|
||||
if (options.control_persist) {
|
||||
session_closed = 1;
|
||||
setproctitle("[stopped mux]");
|
||||
}
|
||||
}
|
||||
|
||||
/* client specific fatal cleanup */
|
||||
void
|
||||
cleanup_exit(int i)
|
||||
{
|
||||
leave_raw_mode(force_tty_flag);
|
||||
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
leave_non_blocking();
|
||||
if (options.control_path != NULL && muxserver_sock != -1)
|
||||
unlink(options.control_path);
|
||||
|
10
clientloop.h
10
clientloop.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: clientloop.h,v 1.25 2010/06/25 23:15:36 djm Exp $ */
|
||||
/* $OpenBSD: clientloop.h,v 1.28 2011/06/22 22:08:42 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -45,6 +45,7 @@ void client_global_request_reply_fwd(int, u_int32_t, void *);
|
||||
void client_session2_setup(int, int, int, const char *, struct termios *,
|
||||
int, Buffer *, char **);
|
||||
int client_request_tun_fwd(int, int, int);
|
||||
void client_stop_mux(void);
|
||||
|
||||
/* Escape filter for protocol 2 sessions */
|
||||
void *client_new_escape_filter_ctx(int);
|
||||
@ -55,6 +56,10 @@ int client_simple_escape_filter(Channel *, char *, int);
|
||||
typedef void global_confirm_cb(int, u_int32_t seq, void *);
|
||||
void client_register_global_confirm(global_confirm_cb *, void *);
|
||||
|
||||
/* Channel request confirmation callbacks */
|
||||
enum confirm_action { CONFIRM_WARN = 0, CONFIRM_CLOSE, CONFIRM_TTY };
|
||||
void client_expect_confirm(int, const char *, enum confirm_action);
|
||||
|
||||
/* Multiplexing protocol version */
|
||||
#define SSHMUX_VER 4
|
||||
|
||||
@ -64,7 +69,10 @@ void client_register_global_confirm(global_confirm_cb *, void *);
|
||||
#define SSHMUX_COMMAND_TERMINATE 3 /* Ask master to exit */
|
||||
#define SSHMUX_COMMAND_STDIO_FWD 4 /* Open stdio fwd (ssh -W) */
|
||||
#define SSHMUX_COMMAND_FORWARD 5 /* Forward only, no command */
|
||||
#define SSHMUX_COMMAND_STOP 6 /* Disable mux but not conn */
|
||||
|
||||
void muxserver_listen(void);
|
||||
void muxclient(const char *);
|
||||
void mux_exit_message(Channel *, int);
|
||||
void mux_tty_alloc_failed(Channel *);
|
||||
|
||||
|
21
config.guess
vendored
21
config.guess
vendored
@ -1,10 +1,10 @@
|
||||
#! /bin/sh
|
||||
# Attempt to guess a canonical system name.
|
||||
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
|
||||
# Free Software Foundation, Inc.
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
|
||||
# 2011 Free Software Foundation, Inc.
|
||||
|
||||
timestamp='2009-12-30'
|
||||
timestamp='2011-01-23'
|
||||
|
||||
# This file is free software; you can redistribute it and/or modify it
|
||||
# under the terms of the GNU General Public License as published by
|
||||
@ -57,7 +57,7 @@ GNU config.guess ($timestamp)
|
||||
|
||||
Originally written by Per Bothner.
|
||||
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free
|
||||
2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free
|
||||
Software Foundation, Inc.
|
||||
|
||||
This is free software; see the source for copying conditions. There is NO
|
||||
@ -270,7 +270,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
|
||||
# A Xn.n version is an unreleased experimental baselevel.
|
||||
# 1.2 uses "1.2" for uname -r.
|
||||
echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
|
||||
exit ;;
|
||||
# Reset EXIT trap before exiting to avoid spurious non-zero exit code.
|
||||
exitcode=$?
|
||||
trap '' 0
|
||||
exit $exitcode ;;
|
||||
Alpha\ *:Windows_NT*:*)
|
||||
# How do we know it's Interix rather than the generic POSIX subsystem?
|
||||
# Should we change UNAME_MACHINE based on the output of uname instead
|
||||
@ -552,7 +555,7 @@ EOF
|
||||
echo rs6000-ibm-aix3.2
|
||||
fi
|
||||
exit ;;
|
||||
*:AIX:*:[456])
|
||||
*:AIX:*:[4567])
|
||||
IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
|
||||
if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
|
||||
IBM_ARCH=rs6000
|
||||
@ -968,6 +971,9 @@ EOF
|
||||
sparc:Linux:*:* | sparc64:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-unknown-linux-gnu
|
||||
exit ;;
|
||||
tile*:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-tilera-linux-gnu
|
||||
exit ;;
|
||||
vax:Linux:*:*)
|
||||
echo ${UNAME_MACHINE}-dec-linux-gnu
|
||||
exit ;;
|
||||
@ -1231,6 +1237,9 @@ EOF
|
||||
*:QNX:*:4*)
|
||||
echo i386-pc-qnx
|
||||
exit ;;
|
||||
NEO-?:NONSTOP_KERNEL:*:*)
|
||||
echo neo-tandem-nsk${UNAME_RELEASE}
|
||||
exit ;;
|
||||
NSE-?:NONSTOP_KERNEL:*:*)
|
||||
echo nse-tandem-nsk${UNAME_RELEASE}
|
||||
exit ;;
|
||||
|
50
config.h.in
50
config.h.in
@ -1,5 +1,8 @@
|
||||
/* config.h.in. Generated from configure.ac by autoheader. */
|
||||
|
||||
/* Define if building universal (internal helper macro) */
|
||||
#undef AC_APPLE_UNIVERSAL_BUILD
|
||||
|
||||
/* Define if you have a getaddrinfo that fails for the all-zeros IPv6 address
|
||||
*/
|
||||
#undef AIX_GETNAMEINFO_HACK
|
||||
@ -122,9 +125,6 @@
|
||||
/* Enable for PKCS#11 support */
|
||||
#undef ENABLE_PKCS11
|
||||
|
||||
/* Builtin PRNG command timeout */
|
||||
#undef ENTROPY_TIMEOUT_MSEC
|
||||
|
||||
/* File names may not contain backslash characters */
|
||||
#undef FILESYSTEM_NO_BACKSLASH
|
||||
|
||||
@ -750,6 +750,9 @@
|
||||
/* Define to 1 if you have the `recvmsg' function. */
|
||||
#undef HAVE_RECVMSG
|
||||
|
||||
/* sys/resource.h has RLIMIT_NPROC */
|
||||
#undef HAVE_RLIMIT_NPROC
|
||||
|
||||
/* Define to 1 if you have the <rpc/types.h> header file. */
|
||||
#undef HAVE_RPC_TYPES_H
|
||||
|
||||
@ -762,6 +765,12 @@
|
||||
/* Define to 1 if you have the `RSA_get_default_method' function. */
|
||||
#undef HAVE_RSA_GET_DEFAULT_METHOD
|
||||
|
||||
/* Define to 1 if you have the <sandbox.h> header file. */
|
||||
#undef HAVE_SANDBOX_H
|
||||
|
||||
/* Define to 1 if you have the `sandbox_init' function. */
|
||||
#undef HAVE_SANDBOX_INIT
|
||||
|
||||
/* define if you have sa_family_t data type */
|
||||
#undef HAVE_SA_FAMILY_T
|
||||
|
||||
@ -948,13 +957,13 @@
|
||||
/* define if you have struct sockaddr_in6 data type */
|
||||
#undef HAVE_STRUCT_SOCKADDR_IN6
|
||||
|
||||
/* Define to 1 if `sin6_scope_id' is member of `struct sockaddr_in6'. */
|
||||
/* Define to 1 if `sin6_scope_id' is a member of `struct sockaddr_in6'. */
|
||||
#undef HAVE_STRUCT_SOCKADDR_IN6_SIN6_SCOPE_ID
|
||||
|
||||
/* define if you have struct sockaddr_storage data type */
|
||||
#undef HAVE_STRUCT_SOCKADDR_STORAGE
|
||||
|
||||
/* Define to 1 if `st_blksize' is member of `struct stat'. */
|
||||
/* Define to 1 if `st_blksize' is a member of `struct stat'. */
|
||||
#undef HAVE_STRUCT_STAT_ST_BLKSIZE
|
||||
|
||||
/* Define to 1 if the system has the type `struct timespec'. */
|
||||
@ -1259,7 +1268,7 @@
|
||||
from environment and PATH */
|
||||
#undef LOGIN_PROGRAM_FALLBACK
|
||||
|
||||
/* Set this to your mail directory if you don't have maillock.h */
|
||||
/* Set this to your mail directory if you do not have _PATH_MAILDIR */
|
||||
#undef MAIL_DIRECTORY
|
||||
|
||||
/* Define on *nto-qnx systems */
|
||||
@ -1307,6 +1316,9 @@
|
||||
/* Define to the one symbol short name of this package. */
|
||||
#undef PACKAGE_TARNAME
|
||||
|
||||
/* Define to the home page for this package. */
|
||||
#undef PACKAGE_URL
|
||||
|
||||
/* Define to the version of this package. */
|
||||
#undef PACKAGE_VERSION
|
||||
|
||||
@ -1329,6 +1341,18 @@
|
||||
/* read(1) can return 0 for a non-closed fd */
|
||||
#undef PTY_ZEROREAD
|
||||
|
||||
/* Sandbox using Darwin sandbox_init(3) */
|
||||
#undef SANDBOX_DARWIN
|
||||
|
||||
/* no privsep sandboxing */
|
||||
#undef SANDBOX_NULL
|
||||
|
||||
/* Sandbox using setrlimit(2) */
|
||||
#undef SANDBOX_RLIMIT
|
||||
|
||||
/* Sandbox using systrace(4) */
|
||||
#undef SANDBOX_SYSTRACE
|
||||
|
||||
/* Define if your platform breaks doing a seteuid before a setuid */
|
||||
#undef SETEUID_BREAKS_SETUID
|
||||
|
||||
@ -1460,9 +1484,17 @@
|
||||
/* Define if you want SELinux support. */
|
||||
#undef WITH_SELINUX
|
||||
|
||||
/* Define to 1 if your processor stores words with the most significant byte
|
||||
first (like Motorola and SPARC, unlike Intel and VAX). */
|
||||
#undef WORDS_BIGENDIAN
|
||||
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
|
||||
significant byte first (like Motorola and SPARC, unlike Intel). */
|
||||
#if defined AC_APPLE_UNIVERSAL_BUILD
|
||||
# if defined __BIG_ENDIAN__
|
||||
# define WORDS_BIGENDIAN 1
|
||||
# endif
|
||||
#else
|
||||
# ifndef WORDS_BIGENDIAN
|
||||
# undef WORDS_BIGENDIAN
|
||||
# endif
|
||||
#endif
|
||||
|
||||
/* Define if xauth is found in your path */
|
||||
#undef XAUTH_PATH
|
||||
|
67
config.sub
vendored
67
config.sub
vendored
@ -1,10 +1,10 @@
|
||||
#! /bin/sh
|
||||
# Configuration validation subroutine script.
|
||||
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010
|
||||
# Free Software Foundation, Inc.
|
||||
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
|
||||
# 2011 Free Software Foundation, Inc.
|
||||
|
||||
timestamp='2010-01-22'
|
||||
timestamp='2011-01-01'
|
||||
|
||||
# This file is (in principle) common to ALL GNU software.
|
||||
# The presence of a machine in this file suggests that SOME GNU software
|
||||
@ -124,8 +124,9 @@ esac
|
||||
# Here we must recognize all the valid KERNEL-OS combinations.
|
||||
maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
|
||||
case $maybe_os in
|
||||
nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
|
||||
uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
|
||||
nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \
|
||||
linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \
|
||||
knetbsd*-gnu* | netbsd*-gnu* | \
|
||||
kopensolaris*-gnu* | \
|
||||
storm-chaos* | os2-emx* | rtmk-nova*)
|
||||
os=-$maybe_os
|
||||
@ -282,6 +283,7 @@ case $basic_machine in
|
||||
| moxie \
|
||||
| mt \
|
||||
| msp430 \
|
||||
| nds32 | nds32le | nds32be \
|
||||
| nios | nios2 \
|
||||
| ns16k | ns32k \
|
||||
| or32 \
|
||||
@ -295,7 +297,7 @@ case $basic_machine in
|
||||
| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
|
||||
| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
|
||||
| spu | strongarm \
|
||||
| tahoe | thumb | tic4x | tic80 | tron \
|
||||
| tahoe | thumb | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
|
||||
| ubicom32 \
|
||||
| v850 | v850e \
|
||||
| we32k \
|
||||
@ -303,6 +305,15 @@ case $basic_machine in
|
||||
| z8k | z80)
|
||||
basic_machine=$basic_machine-unknown
|
||||
;;
|
||||
c54x)
|
||||
basic_machine=tic54x-unknown
|
||||
;;
|
||||
c55x)
|
||||
basic_machine=tic55x-unknown
|
||||
;;
|
||||
c6x)
|
||||
basic_machine=tic6x-unknown
|
||||
;;
|
||||
m6811 | m68hc11 | m6812 | m68hc12 | picochip)
|
||||
# Motorola 68HC11/12.
|
||||
basic_machine=$basic_machine-unknown
|
||||
@ -334,7 +345,7 @@ case $basic_machine in
|
||||
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
|
||||
| avr-* | avr32-* \
|
||||
| bfin-* | bs2000-* \
|
||||
| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
|
||||
| c[123]* | c30-* | [cjt]90-* | c4x-* \
|
||||
| clipper-* | craynv-* | cydra-* \
|
||||
| d10v-* | d30v-* | dlx-* \
|
||||
| elxsi-* \
|
||||
@ -368,6 +379,7 @@ case $basic_machine in
|
||||
| mmix-* \
|
||||
| mt-* \
|
||||
| msp430-* \
|
||||
| nds32-* | nds32le-* | nds32be-* \
|
||||
| nios-* | nios2-* \
|
||||
| none-* | np1-* | ns16k-* | ns32k-* \
|
||||
| orion-* \
|
||||
@ -482,6 +494,15 @@ case $basic_machine in
|
||||
basic_machine=powerpc-ibm
|
||||
os=-cnk
|
||||
;;
|
||||
c54x-*)
|
||||
basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
;;
|
||||
c55x-*)
|
||||
basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
;;
|
||||
c6x-*)
|
||||
basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'`
|
||||
;;
|
||||
c90)
|
||||
basic_machine=c90-cray
|
||||
os=-unicos
|
||||
@ -518,7 +539,7 @@ case $basic_machine in
|
||||
basic_machine=craynv-cray
|
||||
os=-unicosmp
|
||||
;;
|
||||
cr16)
|
||||
cr16 | cr16-*)
|
||||
basic_machine=cr16-unknown
|
||||
os=-elf
|
||||
;;
|
||||
@ -841,6 +862,12 @@ case $basic_machine in
|
||||
np1)
|
||||
basic_machine=np1-gould
|
||||
;;
|
||||
neo-tandem)
|
||||
basic_machine=neo-tandem
|
||||
;;
|
||||
nse-tandem)
|
||||
basic_machine=nse-tandem
|
||||
;;
|
||||
nsr-tandem)
|
||||
basic_machine=nsr-tandem
|
||||
;;
|
||||
@ -1075,18 +1102,6 @@ case $basic_machine in
|
||||
basic_machine=t90-cray
|
||||
os=-unicos
|
||||
;;
|
||||
tic54x | c54x*)
|
||||
basic_machine=tic54x-unknown
|
||||
os=-coff
|
||||
;;
|
||||
tic55x | c55x*)
|
||||
basic_machine=tic55x-unknown
|
||||
os=-coff
|
||||
;;
|
||||
tic6x | c6x*)
|
||||
basic_machine=tic6x-unknown
|
||||
os=-coff
|
||||
;;
|
||||
# This must be matched before tile*.
|
||||
tilegx*)
|
||||
basic_machine=tilegx-unknown
|
||||
@ -1301,7 +1316,8 @@ case $os in
|
||||
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
|
||||
| -chorusos* | -chorusrdb* | -cegcc* \
|
||||
| -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
|
||||
| -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
|
||||
| -mingw32* | -linux-gnu* | -linux-android* \
|
||||
| -linux-newlib* | -linux-uclibc* \
|
||||
| -uxpv* | -beos* | -mpeix* | -udk* \
|
||||
| -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
|
||||
| -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
|
||||
@ -1484,6 +1500,15 @@ case $basic_machine in
|
||||
c4x-* | tic4x-*)
|
||||
os=-coff
|
||||
;;
|
||||
tic54x-*)
|
||||
os=-coff
|
||||
;;
|
||||
tic55x-*)
|
||||
os=-coff
|
||||
;;
|
||||
tic6x-*)
|
||||
os=-coff
|
||||
;;
|
||||
# This must come before the *-dec entry.
|
||||
pdp10-*)
|
||||
os=-tops20
|
||||
|
2874
configure.ac
2874
configure.ac
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# buildbff.sh: Create AIX SMIT-installable OpenSSH packages
|
||||
# $Id: buildbff.sh,v 1.12 2010/04/18 03:35:00 dtucker Exp $
|
||||
# $Id: buildbff.sh,v 1.13 2011/05/05 03:48:41 djm Exp $
|
||||
#
|
||||
# Author: Darren Tucker (dtucker at zip dot com dot au)
|
||||
# This file is placed in the public domain and comes with absolutely
|
||||
@ -156,13 +156,6 @@ do
|
||||
mv $FAKE_ROOT/$sysconfdir/$cfgfile $FAKE_ROOT/$sysconfdir/$cfgfile.default
|
||||
done
|
||||
|
||||
# AIX 5.3 and newer have /dev/random and don't create ssh_prng_cmds
|
||||
if [ -f $FAKE_ROOT/$sysconfdir/ssh_prng_cmds ]
|
||||
then
|
||||
mv $FAKE_ROOT/$sysconfdir/ssh_prng_cmds \
|
||||
$FAKE_ROOT/$sysconfdir/ssh_prng_cmds.default
|
||||
fi
|
||||
|
||||
#
|
||||
# Generate lpp control files.
|
||||
# working dir is $FAKE_ROOT but files are generated in dir above
|
||||
@ -197,7 +190,7 @@ cat <<EOF >>../openssh.post_i
|
||||
#!/bin/sh
|
||||
|
||||
echo Creating configs from defaults if necessary.
|
||||
for cfgfile in ssh_config sshd_config ssh_prng_cmds
|
||||
for cfgfile in ssh_config sshd_config
|
||||
do
|
||||
if [ ! -f $sysconfdir/\$cfgfile ]
|
||||
then
|
||||
|
@ -16,7 +16,7 @@
|
||||
|
||||
#old cvs stuff. please update before use. may be deprecated.
|
||||
%define use_stable 1
|
||||
%define version 5.8p2
|
||||
%define version 5.9p1
|
||||
%if %{use_stable}
|
||||
%define cvs %{nil}
|
||||
%define release 1
|
||||
@ -363,4 +363,4 @@ fi
|
||||
* Mon Jan 01 1998 ...
|
||||
Template Version: 1.31
|
||||
|
||||
$Id: openssh.spec,v 1.73.4.2 2011/05/03 00:04:23 djm Exp $
|
||||
$Id: openssh.spec,v 1.75.2.1 2011/09/05 00:28:11 djm Exp $
|
||||
|
@ -1,4 +1,4 @@
|
||||
%define ver 5.8p2
|
||||
%define ver 5.9p1
|
||||
%define rel 1
|
||||
|
||||
# OpenSSH privilege separation requires a user & group ID
|
||||
@ -84,24 +84,24 @@ Obsoletes: ssh
|
||||
%if %{build6x}
|
||||
PreReq: initscripts >= 5.00
|
||||
%else
|
||||
PreReq: initscripts >= 5.20
|
||||
Requires: initscripts >= 5.20
|
||||
%endif
|
||||
BuildPreReq: perl, openssl-devel, tcp_wrappers
|
||||
BuildPreReq: /bin/login
|
||||
BuildRequires: perl, openssl-devel, tcp_wrappers
|
||||
BuildRequires: /bin/login
|
||||
%if ! %{build6x}
|
||||
BuildPreReq: glibc-devel, pam
|
||||
%else
|
||||
BuildPreReq: /usr/include/security/pam_appl.h
|
||||
BuildRequires: /usr/include/security/pam_appl.h
|
||||
%endif
|
||||
%if ! %{no_x11_askpass}
|
||||
BuildPreReq: /usr/include/X11/Xlib.h
|
||||
BuildRequires: /usr/include/X11/Xlib.h
|
||||
%endif
|
||||
%if ! %{no_gnome_askpass}
|
||||
BuildPreReq: pkgconfig
|
||||
BuildRequires: pkgconfig
|
||||
%endif
|
||||
%if %{kerberos5}
|
||||
BuildPreReq: krb5-devel
|
||||
BuildPreReq: krb5-libs
|
||||
BuildRequires: krb5-devel
|
||||
BuildRequires: krb5-libs
|
||||
%endif
|
||||
|
||||
%package clients
|
||||
@ -114,7 +114,7 @@ Obsoletes: ssh-clients
|
||||
Summary: The OpenSSH server daemon.
|
||||
Group: System Environment/Daemons
|
||||
Obsoletes: ssh-server
|
||||
PreReq: openssh = %{version}-%{release}, chkconfig >= 0.9
|
||||
Requires: openssh = %{version}-%{release}, chkconfig >= 0.9
|
||||
%if ! %{build6x}
|
||||
Requires: /etc/pam.d/system-auth
|
||||
%endif
|
||||
@ -712,7 +712,7 @@ fi
|
||||
it generates.
|
||||
|
||||
* Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always
|
||||
- Add BuildRequires on /usr/include/security/pam_appl.h to be sure we always
|
||||
build PAM authentication in.
|
||||
- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.
|
||||
- Clean out no-longer-used patches.
|
||||
@ -721,7 +721,7 @@ fi
|
||||
|
||||
* Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com>
|
||||
- Update x11-askpass to 1.0.2. (#17835)
|
||||
- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will
|
||||
- Add BuildRequiress for /bin/login and /usr/bin/rsh so that configure will
|
||||
always find them in the right place. (#17909)
|
||||
- Set the default path to be the same as the one supplied by /bin/login, but
|
||||
add /usr/X11R6/bin. (#17909)
|
||||
|
@ -22,70 +22,9 @@ RETVAL=0
|
||||
prog="sshd"
|
||||
|
||||
# Some functions to make the below more readable
|
||||
KEYGEN=/usr/bin/ssh-keygen
|
||||
SSHD=/usr/sbin/sshd
|
||||
RSA1_KEY=/etc/ssh/ssh_host_key
|
||||
RSA_KEY=/etc/ssh/ssh_host_rsa_key
|
||||
DSA_KEY=/etc/ssh/ssh_host_dsa_key
|
||||
PID_FILE=/var/run/sshd.pid
|
||||
|
||||
do_rsa1_keygen() {
|
||||
if [ ! -s $RSA1_KEY ]; then
|
||||
echo -n $"Generating SSH1 RSA host key: "
|
||||
if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
|
||||
chmod 600 $RSA1_KEY
|
||||
chmod 644 $RSA1_KEY.pub
|
||||
if [ -x /sbin/restorecon ]; then
|
||||
/sbin/restorecon $RSA1_KEY.pub
|
||||
fi
|
||||
success $"RSA1 key generation"
|
||||
echo
|
||||
else
|
||||
failure $"RSA1 key generation"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
do_rsa_keygen() {
|
||||
if [ ! -s $RSA_KEY ]; then
|
||||
echo -n $"Generating SSH2 RSA host key: "
|
||||
if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then
|
||||
chmod 600 $RSA_KEY
|
||||
chmod 644 $RSA_KEY.pub
|
||||
if [ -x /sbin/restorecon ]; then
|
||||
/sbin/restorecon $RSA_KEY.pub
|
||||
fi
|
||||
success $"RSA key generation"
|
||||
echo
|
||||
else
|
||||
failure $"RSA key generation"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
do_dsa_keygen() {
|
||||
if [ ! -s $DSA_KEY ]; then
|
||||
echo -n $"Generating SSH2 DSA host key: "
|
||||
if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then
|
||||
chmod 600 $DSA_KEY
|
||||
chmod 644 $DSA_KEY.pub
|
||||
if [ -x /sbin/restorecon ]; then
|
||||
/sbin/restorecon $DSA_KEY.pub
|
||||
fi
|
||||
success $"DSA key generation"
|
||||
echo
|
||||
else
|
||||
failure $"DSA key generation"
|
||||
echo
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
do_restart_sanity_check()
|
||||
{
|
||||
$SSHD -t
|
||||
@ -99,9 +38,13 @@ do_restart_sanity_check()
|
||||
start()
|
||||
{
|
||||
# Create keys if necessary
|
||||
do_rsa1_keygen
|
||||
do_rsa_keygen
|
||||
do_dsa_keygen
|
||||
/usr/bin/ssh-keygen -A
|
||||
if [ -x /sbin/restorecon ]; then
|
||||
/sbin/restorecon /etc/ssh/ssh_host_key.pub
|
||||
/sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub
|
||||
/sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub
|
||||
/sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub
|
||||
fi
|
||||
|
||||
echo -n $"Starting $prog:"
|
||||
$SSHD $OPTIONS && success || failure
|
||||
|
@ -25,7 +25,7 @@ else
|
||||
fi
|
||||
|
||||
if [ -z "`eval $GET_ID`" ] && [ -r "${ID_FILE}" ] ; then
|
||||
GET_ID="cat ${ID_FILE}"
|
||||
GET_ID="cat \"${ID_FILE}\""
|
||||
fi
|
||||
|
||||
if [ -z "`eval $GET_ID`" ]; then
|
||||
|
@ -13,7 +13,7 @@
|
||||
|
||||
Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
|
||||
Name: openssh
|
||||
Version: 5.8p2
|
||||
Version: 5.9p1
|
||||
URL: http://www.openssh.com/
|
||||
Release: 1
|
||||
Source0: openssh-%{version}.tar.gz
|
||||
@ -28,11 +28,12 @@ Provides: ssh
|
||||
# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
|
||||
# building prerequisites -- stuff for
|
||||
# OpenSSL (openssl-devel),
|
||||
# TCP Wrappers (nkitb),
|
||||
# TCP Wrappers (tcpd-devel),
|
||||
# and Gnome (glibdev, gtkdev, and gnlibsd)
|
||||
#
|
||||
BuildPrereq: openssl
|
||||
BuildPrereq: nkitb
|
||||
BuildPrereq: tcpd-devel
|
||||
BuildPrereq: zlib-devel
|
||||
#BuildPrereq: glibdev
|
||||
#BuildPrereq: gtkdev
|
||||
#BuildPrereq: gnlibsd
|
||||
@ -177,15 +178,8 @@ rm -rf $RPM_BUILD_ROOT
|
||||
/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
|
||||
|
||||
%post
|
||||
if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
|
||||
echo "Generating SSH RSA host key..."
|
||||
/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' >&2
|
||||
fi
|
||||
if [ ! -f /etc/ssh/ssh_host_dsa_key -o ! -s /etc/ssh/ssh_host_dsa_key ]; then
|
||||
echo "Generating SSH DSA host key..."
|
||||
/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' >&2
|
||||
fi
|
||||
%{fillup_and_insserv -n -s -y ssh sshd START_SSHD}
|
||||
/usr/bin/ssh-keygen -A
|
||||
%{fillup_and_insserv -n -y ssh sshd}
|
||||
%run_permissions
|
||||
|
||||
%verifyscript
|
||||
|
@ -43,20 +43,8 @@ rc_reset
|
||||
|
||||
case "$1" in
|
||||
start)
|
||||
if ! test -f /etc/ssh/ssh_host_key ; then
|
||||
echo Generating /etc/ssh/ssh_host_key.
|
||||
ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N ''
|
||||
fi
|
||||
if ! test -f /etc/ssh/ssh_host_dsa_key ; then
|
||||
echo Generating /etc/ssh/ssh_host_dsa_key.
|
||||
|
||||
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
|
||||
fi
|
||||
if ! test -f /etc/ssh/ssh_host_rsa_key ; then
|
||||
echo Generating /etc/ssh/ssh_host_rsa_key.
|
||||
|
||||
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
|
||||
fi
|
||||
# Generate any missing host keys
|
||||
ssh-keygen -A
|
||||
echo -n "Starting SSH daemon"
|
||||
## Start daemon with startproc(8). If this fails
|
||||
## the echo return value is set appropriate.
|
||||
|
21
defines.h
21
defines.h
@ -25,7 +25,7 @@
|
||||
#ifndef _DEFINES_H
|
||||
#define _DEFINES_H
|
||||
|
||||
/* $Id: defines.h,v 1.165 2011/05/05 01:19:15 djm Exp $ */
|
||||
/* $Id: defines.h,v 1.167 2011/06/03 01:17:49 tim Exp $ */
|
||||
|
||||
|
||||
/* Constants */
|
||||
@ -131,6 +131,10 @@ enum
|
||||
# define O_NONBLOCK 00004 /* Non Blocking Open */
|
||||
#endif
|
||||
|
||||
#ifndef S_IFSOCK
|
||||
# define S_IFSOCK 0
|
||||
#endif /* S_IFSOCK */
|
||||
|
||||
#ifndef S_ISDIR
|
||||
# define S_ISDIR(mode) (((mode) & (_S_IFMT)) == (_S_IFDIR))
|
||||
#endif /* S_ISDIR */
|
||||
@ -385,18 +389,15 @@ struct winsize {
|
||||
# define _PATH_DEVNULL "/dev/null"
|
||||
#endif
|
||||
|
||||
#ifndef MAIL_DIRECTORY
|
||||
# define MAIL_DIRECTORY "/var/spool/mail"
|
||||
#endif
|
||||
/* user may have set a different path */
|
||||
#if defined(_PATH_MAILDIR) && defined(MAIL_DIRECTORY)
|
||||
# undef _PATH_MAILDIR MAILDIR
|
||||
#endif /* defined(_PATH_MAILDIR) && defined(MAIL_DIRECTORY) */
|
||||
|
||||
#ifndef MAILDIR
|
||||
# define MAILDIR MAIL_DIRECTORY
|
||||
#ifdef MAIL_DIRECTORY
|
||||
# define _PATH_MAILDIR MAIL_DIRECTORY
|
||||
#endif
|
||||
|
||||
#if !defined(_PATH_MAILDIR) && defined(MAILDIR)
|
||||
# define _PATH_MAILDIR MAILDIR
|
||||
#endif /* !defined(_PATH_MAILDIR) && defined(MAILDIR) */
|
||||
|
||||
#ifndef _PATH_NOLOGIN
|
||||
# define _PATH_NOLOGIN "/etc/nologin"
|
||||
#endif
|
||||
|
235
entropy.c
235
entropy.c
@ -25,19 +25,19 @@
|
||||
#include "includes.h"
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/wait.h>
|
||||
|
||||
#ifdef HAVE_SYS_STAT_H
|
||||
# include <sys/stat.h>
|
||||
#include <sys/socket.h>
|
||||
#ifdef HAVE_SYS_UN_H
|
||||
# include <sys/un.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_FCNTL_H
|
||||
# include <fcntl.h>
|
||||
#endif
|
||||
#include <stdarg.h>
|
||||
#include <string.h>
|
||||
#include <netinet/in.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <signal.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <stddef.h> /* for offsetof */
|
||||
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/crypto.h>
|
||||
@ -54,119 +54,128 @@
|
||||
/*
|
||||
* Portable OpenSSH PRNG seeding:
|
||||
* If OpenSSL has not "internally seeded" itself (e.g. pulled data from
|
||||
* /dev/random), then we execute a "ssh-rand-helper" program which
|
||||
* collects entropy and writes it to stdout. The child program must
|
||||
* write at least RANDOM_SEED_SIZE bytes. The child is run with stderr
|
||||
* attached, so error/debugging output should be visible.
|
||||
*
|
||||
* XXX: we should tell the child how many bytes we need.
|
||||
* /dev/random), then collect RANDOM_SEED_SIZE bytes of randomness from
|
||||
* PRNGd.
|
||||
*/
|
||||
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
|
||||
#define RANDOM_SEED_SIZE 48
|
||||
static uid_t original_uid, original_euid;
|
||||
#endif
|
||||
|
||||
void
|
||||
seed_rng(void)
|
||||
/*
|
||||
* Collect 'len' bytes of entropy into 'buf' from PRNGD/EGD daemon
|
||||
* listening either on 'tcp_port', or via Unix domain socket at *
|
||||
* 'socket_path'.
|
||||
* Either a non-zero tcp_port or a non-null socket_path must be
|
||||
* supplied.
|
||||
* Returns 0 on success, -1 on error
|
||||
*/
|
||||
int
|
||||
get_random_bytes_prngd(unsigned char *buf, int len,
|
||||
unsigned short tcp_port, char *socket_path)
|
||||
{
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
int devnull;
|
||||
int p[2];
|
||||
pid_t pid;
|
||||
int ret;
|
||||
unsigned char buf[RANDOM_SEED_SIZE];
|
||||
mysig_t old_sigchld;
|
||||
int fd, addr_len, rval, errors;
|
||||
u_char msg[2];
|
||||
struct sockaddr_storage addr;
|
||||
struct sockaddr_in *addr_in = (struct sockaddr_in *)&addr;
|
||||
struct sockaddr_un *addr_un = (struct sockaddr_un *)&addr;
|
||||
mysig_t old_sigpipe;
|
||||
|
||||
if (RAND_status() == 1) {
|
||||
debug3("RNG is ready, skipping seeding");
|
||||
return;
|
||||
/* Sanity checks */
|
||||
if (socket_path == NULL && tcp_port == 0)
|
||||
fatal("You must specify a port or a socket");
|
||||
if (socket_path != NULL &&
|
||||
strlen(socket_path) >= sizeof(addr_un->sun_path))
|
||||
fatal("Random pool path is too long");
|
||||
if (len <= 0 || len > 255)
|
||||
fatal("Too many bytes (%d) to read from PRNGD", len);
|
||||
|
||||
memset(&addr, '\0', sizeof(addr));
|
||||
|
||||
if (tcp_port != 0) {
|
||||
addr_in->sin_family = AF_INET;
|
||||
addr_in->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
|
||||
addr_in->sin_port = htons(tcp_port);
|
||||
addr_len = sizeof(*addr_in);
|
||||
} else {
|
||||
addr_un->sun_family = AF_UNIX;
|
||||
strlcpy(addr_un->sun_path, socket_path,
|
||||
sizeof(addr_un->sun_path));
|
||||
addr_len = offsetof(struct sockaddr_un, sun_path) +
|
||||
strlen(socket_path) + 1;
|
||||
}
|
||||
|
||||
debug3("Seeding PRNG from %s", SSH_RAND_HELPER);
|
||||
old_sigpipe = mysignal(SIGPIPE, SIG_IGN);
|
||||
|
||||
if ((devnull = open("/dev/null", O_RDWR)) == -1)
|
||||
fatal("Couldn't open /dev/null: %s", strerror(errno));
|
||||
if (pipe(p) == -1)
|
||||
fatal("pipe: %s", strerror(errno));
|
||||
errors = 0;
|
||||
rval = -1;
|
||||
reopen:
|
||||
fd = socket(addr.ss_family, SOCK_STREAM, 0);
|
||||
if (fd == -1) {
|
||||
error("Couldn't create socket: %s", strerror(errno));
|
||||
goto done;
|
||||
}
|
||||
|
||||
old_sigchld = signal(SIGCHLD, SIG_DFL);
|
||||
if ((pid = fork()) == -1)
|
||||
fatal("Couldn't fork: %s", strerror(errno));
|
||||
if (pid == 0) {
|
||||
dup2(devnull, STDIN_FILENO);
|
||||
dup2(p[1], STDOUT_FILENO);
|
||||
/* Keep stderr open for errors */
|
||||
close(p[0]);
|
||||
close(p[1]);
|
||||
close(devnull);
|
||||
closefrom(STDERR_FILENO + 1);
|
||||
|
||||
if (original_uid != original_euid &&
|
||||
( seteuid(getuid()) == -1 ||
|
||||
setuid(original_uid) == -1) ) {
|
||||
fprintf(stderr, "(rand child) setuid(%li): %s\n",
|
||||
(long int)original_uid, strerror(errno));
|
||||
_exit(1);
|
||||
if (connect(fd, (struct sockaddr*)&addr, addr_len) == -1) {
|
||||
if (tcp_port != 0) {
|
||||
error("Couldn't connect to PRNGD port %d: %s",
|
||||
tcp_port, strerror(errno));
|
||||
} else {
|
||||
error("Couldn't connect to PRNGD socket \"%s\": %s",
|
||||
addr_un->sun_path, strerror(errno));
|
||||
}
|
||||
|
||||
execl(SSH_RAND_HELPER, "ssh-rand-helper", NULL);
|
||||
fprintf(stderr, "(rand child) Couldn't exec '%s': %s\n",
|
||||
SSH_RAND_HELPER, strerror(errno));
|
||||
_exit(1);
|
||||
goto done;
|
||||
}
|
||||
|
||||
close(devnull);
|
||||
close(p[1]);
|
||||
/* Send blocking read request to PRNGD */
|
||||
msg[0] = 0x02;
|
||||
msg[1] = len;
|
||||
|
||||
memset(buf, '\0', sizeof(buf));
|
||||
ret = atomicio(read, p[0], buf, sizeof(buf));
|
||||
if (ret == -1)
|
||||
fatal("Couldn't read from ssh-rand-helper: %s",
|
||||
if (atomicio(vwrite, fd, msg, sizeof(msg)) != sizeof(msg)) {
|
||||
if (errno == EPIPE && errors < 10) {
|
||||
close(fd);
|
||||
errors++;
|
||||
goto reopen;
|
||||
}
|
||||
error("Couldn't write to PRNGD socket: %s",
|
||||
strerror(errno));
|
||||
if (ret != sizeof(buf))
|
||||
fatal("ssh-rand-helper child produced insufficient data");
|
||||
goto done;
|
||||
}
|
||||
|
||||
close(p[0]);
|
||||
|
||||
if (waitpid(pid, &ret, 0) == -1)
|
||||
fatal("Couldn't wait for ssh-rand-helper completion: %s",
|
||||
if (atomicio(read, fd, buf, len) != (size_t)len) {
|
||||
if (errno == EPIPE && errors < 10) {
|
||||
close(fd);
|
||||
errors++;
|
||||
goto reopen;
|
||||
}
|
||||
error("Couldn't read from PRNGD socket: %s",
|
||||
strerror(errno));
|
||||
signal(SIGCHLD, old_sigchld);
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* We don't mind if the child exits upon a SIGPIPE */
|
||||
if (!WIFEXITED(ret) &&
|
||||
(!WIFSIGNALED(ret) || WTERMSIG(ret) != SIGPIPE))
|
||||
fatal("ssh-rand-helper terminated abnormally");
|
||||
if (WEXITSTATUS(ret) != 0)
|
||||
fatal("ssh-rand-helper exit with exit status %d", ret);
|
||||
|
||||
RAND_add(buf, sizeof(buf), sizeof(buf));
|
||||
memset(buf, '\0', sizeof(buf));
|
||||
|
||||
#endif /* OPENSSL_PRNG_ONLY */
|
||||
if (RAND_status() != 1)
|
||||
fatal("PRNG is not seeded");
|
||||
rval = 0;
|
||||
done:
|
||||
mysignal(SIGPIPE, old_sigpipe);
|
||||
if (fd != -1)
|
||||
close(fd);
|
||||
return rval;
|
||||
}
|
||||
|
||||
void
|
||||
init_rng(void)
|
||||
static int
|
||||
seed_from_prngd(unsigned char *buf, size_t bytes)
|
||||
{
|
||||
/*
|
||||
* OpenSSL version numbers: MNNFFPPS: major minor fix patch status
|
||||
* We match major, minor, fix and status (not patch)
|
||||
*/
|
||||
if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L)
|
||||
fatal("OpenSSL version mismatch. Built against %lx, you "
|
||||
"have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
|
||||
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
original_uid = getuid();
|
||||
original_euid = geteuid();
|
||||
#ifdef PRNGD_PORT
|
||||
debug("trying egd/prngd port %d", PRNGD_PORT);
|
||||
if (get_random_bytes_prngd(buf, bytes, PRNGD_PORT, NULL) == 0)
|
||||
return 0;
|
||||
#endif
|
||||
#ifdef PRNGD_SOCKET
|
||||
debug("trying egd/prngd socket %s", PRNGD_SOCKET);
|
||||
if (get_random_bytes_prngd(buf, bytes, 0, PRNGD_SOCKET) == 0)
|
||||
return 0;
|
||||
#endif
|
||||
return -1;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
void
|
||||
rexec_send_rng_seed(Buffer *m)
|
||||
{
|
||||
@ -192,4 +201,34 @@ rexec_recv_rng_seed(Buffer *m)
|
||||
RAND_add(buf, len, len);
|
||||
}
|
||||
}
|
||||
#endif /* OPENSSL_PRNG_ONLY */
|
||||
|
||||
void
|
||||
seed_rng(void)
|
||||
{
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
unsigned char buf[RANDOM_SEED_SIZE];
|
||||
#endif
|
||||
/*
|
||||
* OpenSSL version numbers: MNNFFPPS: major minor fix patch status
|
||||
* We match major, minor, fix and status (not patch)
|
||||
*/
|
||||
if ((SSLeay() ^ OPENSSL_VERSION_NUMBER) & ~0xff0L)
|
||||
fatal("OpenSSL version mismatch. Built against %lx, you "
|
||||
"have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay());
|
||||
|
||||
#ifndef OPENSSL_PRNG_ONLY
|
||||
if (RAND_status() == 1) {
|
||||
debug3("RNG is ready, skipping seeding");
|
||||
return;
|
||||
}
|
||||
|
||||
if (seed_from_prngd(buf, sizeof(buf)) == -1)
|
||||
fatal("Could not obtain seed from PRNGd");
|
||||
RAND_add(buf, sizeof(buf), sizeof(buf));
|
||||
memset(buf, '\0', sizeof(buf));
|
||||
|
||||
#endif /* OPENSSL_PRNG_ONLY */
|
||||
if (RAND_status() != 1)
|
||||
fatal("PRNG is not seeded");
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: gss-serv.c,v 1.22 2008/05/08 12:02:23 djm Exp $ */
|
||||
/* $OpenBSD: gss-serv.c,v 1.23 2011/08/01 19:18:15 markus Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved.
|
||||
@ -229,6 +229,8 @@ ssh_gssapi_parse_ename(Gssctxt *ctx, gss_buffer_t ename, gss_buffer_t name)
|
||||
name->length = get_u32(tok+offset);
|
||||
offset += 4;
|
||||
|
||||
if (UINT_MAX - offset < name->length)
|
||||
return GSS_S_FAILURE;
|
||||
if (ename->length < offset+name->length)
|
||||
return GSS_S_FAILURE;
|
||||
|
||||
|
5
key.c
5
key.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: key.c,v 1.96 2011/02/04 00:44:21 djm Exp $ */
|
||||
/* $OpenBSD: key.c,v 1.97 2011/05/17 07:13:31 djm Exp $ */
|
||||
/*
|
||||
* read_bignum():
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -1817,6 +1817,9 @@ key_to_certified(Key *k, int legacy)
|
||||
k->type = legacy ? KEY_DSA_CERT_V00 : KEY_DSA_CERT;
|
||||
return 0;
|
||||
case KEY_ECDSA:
|
||||
if (legacy)
|
||||
fatal("%s: legacy ECDSA certificates are not supported",
|
||||
__func__);
|
||||
k->cert = cert_new();
|
||||
k->type = KEY_ECDSA_CERT;
|
||||
return 0;
|
||||
|
35
log.c
35
log.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: log.c,v 1.41 2008/06/10 04:50:25 dtucker Exp $ */
|
||||
/* $OpenBSD: log.c,v 1.42 2011/06/17 21:44:30 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -56,6 +56,8 @@ static LogLevel log_level = SYSLOG_LEVEL_INFO;
|
||||
static int log_on_stderr = 1;
|
||||
static int log_facility = LOG_AUTH;
|
||||
static char *argv0;
|
||||
static log_handler_fn *log_handler;
|
||||
static void *log_handler_ctx;
|
||||
|
||||
extern char *__progname;
|
||||
|
||||
@ -260,6 +262,9 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
|
||||
exit(1);
|
||||
}
|
||||
|
||||
log_handler = NULL;
|
||||
log_handler_ctx = NULL;
|
||||
|
||||
log_on_stderr = on_stderr;
|
||||
if (on_stderr)
|
||||
return;
|
||||
@ -326,6 +331,23 @@ log_init(char *av0, LogLevel level, SyslogFacility facility, int on_stderr)
|
||||
|
||||
#define MSGBUFSIZ 1024
|
||||
|
||||
void
|
||||
set_log_handler(log_handler_fn *handler, void *ctx)
|
||||
{
|
||||
log_handler = handler;
|
||||
log_handler_ctx = ctx;
|
||||
}
|
||||
|
||||
void
|
||||
do_log2(LogLevel level, const char *fmt,...)
|
||||
{
|
||||
va_list args;
|
||||
|
||||
va_start(args, fmt);
|
||||
do_log(level, fmt, args);
|
||||
va_end(args);
|
||||
}
|
||||
|
||||
void
|
||||
do_log(LogLevel level, const char *fmt, va_list args)
|
||||
{
|
||||
@ -337,6 +359,7 @@ do_log(LogLevel level, const char *fmt, va_list args)
|
||||
char *txt = NULL;
|
||||
int pri = LOG_INFO;
|
||||
int saved_errno = errno;
|
||||
log_handler_fn *tmp_handler;
|
||||
|
||||
if (level > log_level)
|
||||
return;
|
||||
@ -375,7 +398,7 @@ do_log(LogLevel level, const char *fmt, va_list args)
|
||||
pri = LOG_ERR;
|
||||
break;
|
||||
}
|
||||
if (txt != NULL) {
|
||||
if (txt != NULL && log_handler == NULL) {
|
||||
snprintf(fmtbuf, sizeof(fmtbuf), "%s: %s", txt, fmt);
|
||||
vsnprintf(msgbuf, sizeof(msgbuf), fmtbuf, args);
|
||||
} else {
|
||||
@ -383,7 +406,13 @@ do_log(LogLevel level, const char *fmt, va_list args)
|
||||
}
|
||||
strnvis(fmtbuf, msgbuf, sizeof(fmtbuf),
|
||||
log_on_stderr ? LOG_STDERR_VIS : LOG_SYSLOG_VIS);
|
||||
if (log_on_stderr) {
|
||||
if (log_handler != NULL) {
|
||||
/* Avoid recursion */
|
||||
tmp_handler = log_handler;
|
||||
log_handler = NULL;
|
||||
tmp_handler(level, fmtbuf, log_handler_ctx);
|
||||
log_handler = tmp_handler;
|
||||
} else if (log_on_stderr) {
|
||||
snprintf(msgbuf, sizeof msgbuf, "%s\r\n", fmtbuf);
|
||||
write(STDERR_FILENO, msgbuf, strlen(msgbuf));
|
||||
} else {
|
||||
|
8
log.h
8
log.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: log.h,v 1.17 2008/06/13 00:12:02 dtucker Exp $ */
|
||||
/* $OpenBSD: log.h,v 1.18 2011/06/17 21:44:30 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -46,6 +46,8 @@ typedef enum {
|
||||
SYSLOG_LEVEL_NOT_SET = -1
|
||||
} LogLevel;
|
||||
|
||||
typedef void (log_handler_fn)(LogLevel, const char *, void *);
|
||||
|
||||
void log_init(char *, LogLevel, SyslogFacility, int);
|
||||
|
||||
SyslogFacility log_facility_number(char *);
|
||||
@ -64,6 +66,10 @@ void debug(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
void debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
void debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
|
||||
|
||||
|
||||
void set_log_handler(log_handler_fn *, void *);
|
||||
void do_log2(LogLevel, const char *, ...)
|
||||
__attribute__((format(printf, 2, 3)));
|
||||
void do_log(LogLevel, const char *, va_list);
|
||||
void cleanup_exit(int) __attribute__((noreturn));
|
||||
#endif
|
||||
|
8
mac.c
8
mac.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: mac.c,v 1.15 2008/06/13 00:51:47 dtucker Exp $ */
|
||||
/* $OpenBSD: mac.c,v 1.16 2011/08/02 01:22:11 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2001 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@ -57,6 +57,12 @@ struct {
|
||||
} macs[] = {
|
||||
{ "hmac-sha1", SSH_EVP, EVP_sha1, 0, -1, -1 },
|
||||
{ "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 },
|
||||
#ifdef HAVE_EVP_SHA256
|
||||
{ "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, -1, -1 },
|
||||
{ "hmac-sha2-256-96", SSH_EVP, EVP_sha256, 96, -1, -1 },
|
||||
{ "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, -1, -1 },
|
||||
{ "hmac-sha2-512-96", SSH_EVP, EVP_sha512, 96, -1, -1 },
|
||||
#endif
|
||||
{ "hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 },
|
||||
{ "hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 },
|
||||
{ "hmac-ripemd160", SSH_EVP, EVP_ripemd160, 0, -1, -1 },
|
||||
|
15
misc.c
15
misc.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: misc.c,v 1.84 2010/11/21 01:01:13 djm Exp $ */
|
||||
/* $OpenBSD: misc.c,v 1.85 2011/03/29 18:54:17 stevesk Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
|
||||
@ -985,6 +985,19 @@ parse_ipqos(const char *cp)
|
||||
return val;
|
||||
}
|
||||
|
||||
const char *
|
||||
iptos2str(int iptos)
|
||||
{
|
||||
int i;
|
||||
static char iptos_str[sizeof "0xff"];
|
||||
|
||||
for (i = 0; ipqos[i].name != NULL; i++) {
|
||||
if (ipqos[i].value == iptos)
|
||||
return ipqos[i].name;
|
||||
}
|
||||
snprintf(iptos_str, sizeof iptos_str, "0x%02x", iptos);
|
||||
return iptos_str;
|
||||
}
|
||||
void
|
||||
sock_set_v6only(int s)
|
||||
{
|
||||
|
3
misc.h
3
misc.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: misc.h,v 1.47 2010/11/21 01:01:13 djm Exp $ */
|
||||
/* $OpenBSD: misc.h,v 1.48 2011/03/29 18:54:17 stevesk Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -89,6 +89,7 @@ void bandwidth_limit_init(struct bwlimit *, u_int64_t, size_t);
|
||||
void bandwidth_limit(struct bwlimit *, size_t);
|
||||
|
||||
int parse_ipqos(const char *);
|
||||
const char *iptos2str(int);
|
||||
void mktemp_proto(char *, size_t);
|
||||
|
||||
/* readpass.c */
|
||||
|
30
moduli.0
30
moduli.0
@ -1,7 +1,7 @@
|
||||
MODULI(5) OpenBSD Programmer's Manual MODULI(5)
|
||||
|
||||
NAME
|
||||
moduli - Diffie Hellman moduli
|
||||
moduli - Diffie-Hellman moduli
|
||||
|
||||
DESCRIPTION
|
||||
The /etc/moduli file contains prime numbers and generators for use by
|
||||
@ -10,12 +10,12 @@ DESCRIPTION
|
||||
New moduli may be generated with ssh-keygen(1) using a two-step process.
|
||||
An initial candidate generation pass, using ssh-keygen -G, calculates
|
||||
numbers that are likely to be useful. A second primality testing pass,
|
||||
using ssh-keygen -T provides a high degree of assurance that the numbers
|
||||
are prime and are safe for use in Diffie Hellman operations by sshd(8).
|
||||
using ssh-keygen -T, provides a high degree of assurance that the numbers
|
||||
are prime and are safe for use in Diffie-Hellman operations by sshd(8).
|
||||
This moduli format is used as the output from each pass.
|
||||
|
||||
The file consists of newline-separated records, one per modulus,
|
||||
containing seven space separated fields. These fields are as follows:
|
||||
containing seven space-separated fields. These fields are as follows:
|
||||
|
||||
timestamp The time that the modulus was last processed as
|
||||
YYYYMMDDHHMMSS.
|
||||
@ -23,12 +23,12 @@ DESCRIPTION
|
||||
type Decimal number specifying the internal structure of
|
||||
the prime modulus. Supported types are:
|
||||
|
||||
0 Unknown, not tested
|
||||
0 Unknown, not tested.
|
||||
2 "Safe" prime; (p-1)/2 is also prime.
|
||||
4 Sophie Germain; (p+1)*2 is also prime.
|
||||
|
||||
Moduli candidates initially produced by ssh-keygen(1)
|
||||
are Sophie Germain primes (type 4). Futher primality
|
||||
are Sophie Germain primes (type 4). Further primality
|
||||
testing with ssh-keygen(1) produces safe prime moduli
|
||||
(type 2) that are ready for use in sshd(8). Other
|
||||
types are not used by OpenSSH.
|
||||
@ -37,18 +37,18 @@ DESCRIPTION
|
||||
that the number has been subjected to represented as a
|
||||
bitmask of the following values:
|
||||
|
||||
0x00 Not tested
|
||||
0x00 Not tested.
|
||||
0x01 Composite number - not prime.
|
||||
0x02 Sieve of Eratosthenes
|
||||
0x04 Probabalistic Miller-Rabin primality tests.
|
||||
0x02 Sieve of Eratosthenes.
|
||||
0x04 Probabilistic Miller-Rabin primality tests.
|
||||
|
||||
The ssh-keygen(1) moduli candidate generation uses the
|
||||
Sieve of Eratosthenes (flag 0x02). Subsequent
|
||||
ssh-keygen(1) primality tests are Miller-Rabin tests
|
||||
(flag 0x04).
|
||||
|
||||
trials Decimal number indicating of primaility trials that
|
||||
have been performed on the modulus.
|
||||
trials Decimal number indicating the number of primality
|
||||
trials that have been performed on the modulus.
|
||||
|
||||
size Decimal number indicating the size of the prime in
|
||||
bits.
|
||||
@ -58,15 +58,15 @@ DESCRIPTION
|
||||
|
||||
modulus The modulus itself in hexadecimal.
|
||||
|
||||
When performing Diffie Hellman Group Exchange, sshd(8) first estimates
|
||||
the size of the modulus required to produce enough Diffie Hellman output
|
||||
When performing Diffie-Hellman Group Exchange, sshd(8) first estimates
|
||||
the size of the modulus required to produce enough Diffie-Hellman output
|
||||
to sufficiently key the selected symmetric cipher. sshd(8) then randomly
|
||||
selects a modulus from /etc/moduli that best meets the size requirement.
|
||||
|
||||
SEE ALSO
|
||||
ssh-keygen(1), sshd(8),
|
||||
ssh-keygen(1), sshd(8)
|
||||
|
||||
Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer
|
||||
Protocol, RFC 4419, 2006.
|
||||
|
||||
OpenBSD 4.9 June 26, 2008 OpenBSD 4.9
|
||||
OpenBSD 5.0 October 14, 2010 OpenBSD 5.0
|
||||
|
40
moduli.5
40
moduli.5
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: moduli.5,v 1.12 2008/06/26 05:57:54 djm Exp $
|
||||
.\" $OpenBSD: moduli.5,v 1.15 2010/10/14 20:41:28 jmc Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2008 Damien Miller <djm@mindrot.org>
|
||||
.\"
|
||||
@ -13,16 +13,16 @@
|
||||
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
.Dd $Mdocdate: June 26 2008 $
|
||||
.Dd $Mdocdate: October 14 2010 $
|
||||
.Dt MODULI 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm moduli
|
||||
.Nd Diffie Hellman moduli
|
||||
.Nd Diffie-Hellman moduli
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Pa /etc/moduli
|
||||
file contains prime numbers and generators for use by
|
||||
file contains prime numbers and generators for use by
|
||||
.Xr sshd 8
|
||||
in the Diffie-Hellman Group Exchange key exchange method.
|
||||
.Pp
|
||||
@ -31,24 +31,23 @@ New moduli may be generated with
|
||||
using a two-step process.
|
||||
An initial
|
||||
.Em candidate generation
|
||||
pass, using
|
||||
pass, using
|
||||
.Ic ssh-keygen -G ,
|
||||
calculates numbers that are likely to be useful.
|
||||
A second
|
||||
.Em primality testing
|
||||
pass, using
|
||||
.Ic ssh-keygen -T
|
||||
.Ic ssh-keygen -T ,
|
||||
provides a high degree of assurance that the numbers are prime and are
|
||||
safe for use in Diffie Hellman operations by
|
||||
safe for use in Diffie-Hellman operations by
|
||||
.Xr sshd 8 .
|
||||
This
|
||||
.Nm
|
||||
format is used as the output from each pass.
|
||||
.Pp
|
||||
The file consists of newline-separated records, one per modulus,
|
||||
containing seven space separated fields.
|
||||
containing seven space-separated fields.
|
||||
These fields are as follows:
|
||||
.Pp
|
||||
.Bl -tag -width Description -offset indent
|
||||
.It timestamp
|
||||
The time that the modulus was last processed as YYYYMMDDHHMMSS.
|
||||
@ -58,7 +57,7 @@ Supported types are:
|
||||
.Pp
|
||||
.Bl -tag -width 0x00 -compact
|
||||
.It 0
|
||||
Unknown, not tested
|
||||
Unknown, not tested.
|
||||
.It 2
|
||||
"Safe" prime; (p-1)/2 is also prime.
|
||||
.It 4
|
||||
@ -68,7 +67,7 @@ Sophie Germain; (p+1)*2 is also prime.
|
||||
Moduli candidates initially produced by
|
||||
.Xr ssh-keygen 1
|
||||
are Sophie Germain primes (type 4).
|
||||
Futher primality testing with
|
||||
Further primality testing with
|
||||
.Xr ssh-keygen 1
|
||||
produces safe prime moduli (type 2) that are ready for use in
|
||||
.Xr sshd 8 .
|
||||
@ -79,13 +78,13 @@ has been subjected to represented as a bitmask of the following values:
|
||||
.Pp
|
||||
.Bl -tag -width 0x00 -compact
|
||||
.It 0x00
|
||||
Not tested
|
||||
Not tested.
|
||||
.It 0x01
|
||||
Composite number - not prime.
|
||||
Composite number \(en not prime.
|
||||
.It 0x02
|
||||
Sieve of Eratosthenes
|
||||
Sieve of Eratosthenes.
|
||||
.It 0x04
|
||||
Probabalistic Miller-Rabin primality tests.
|
||||
Probabilistic Miller-Rabin primality tests.
|
||||
.El
|
||||
.Pp
|
||||
The
|
||||
@ -95,8 +94,8 @@ Subsequent
|
||||
.Xr ssh-keygen 1
|
||||
primality tests are Miller-Rabin tests (flag 0x04).
|
||||
.It trials
|
||||
Decimal number indicating of primaility trials that have been performed
|
||||
on the modulus.
|
||||
Decimal number indicating the number of primality trials
|
||||
that have been performed on the modulus.
|
||||
.It size
|
||||
Decimal number indicating the size of the prime in bits.
|
||||
.It generator
|
||||
@ -105,18 +104,17 @@ The recommended generator for use with this modulus (hexadecimal).
|
||||
The modulus itself in hexadecimal.
|
||||
.El
|
||||
.Pp
|
||||
When performing Diffie Hellman Group Exchange,
|
||||
When performing Diffie-Hellman Group Exchange,
|
||||
.Xr sshd 8
|
||||
first estimates the size of the modulus required to produce enough
|
||||
Diffie Hellman output to sufficiently key the selected symmetric cipher.
|
||||
Diffie-Hellman output to sufficiently key the selected symmetric cipher.
|
||||
.Xr sshd 8
|
||||
then randomly selects a modulus from
|
||||
.Fa /etc/moduli
|
||||
that best meets the size requirement.
|
||||
.Pp
|
||||
.Sh SEE ALSO
|
||||
.Xr ssh-keygen 1 ,
|
||||
.Xr sshd 8 ,
|
||||
.Xr sshd 8
|
||||
.Rs
|
||||
.%R RFC 4419
|
||||
.%T "Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol"
|
||||
|
156
monitor.c
156
monitor.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: monitor.c,v 1.110 2010/09/09 10:45:45 djm Exp $ */
|
||||
/* $OpenBSD: monitor.c,v 1.115 2011/06/23 23:35:42 djm Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||
@ -44,6 +44,13 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#ifdef HAVE_POLL_H
|
||||
#include <poll.h>
|
||||
#else
|
||||
# ifdef HAVE_SYS_POLL_H
|
||||
# include <sys/poll.h>
|
||||
# endif
|
||||
#endif
|
||||
|
||||
#ifdef SKEY
|
||||
#include <skey.h>
|
||||
@ -52,6 +59,7 @@
|
||||
#include <openssl/dh.h>
|
||||
|
||||
#include "openbsd-compat/sys-queue.h"
|
||||
#include "atomicio.h"
|
||||
#include "xmalloc.h"
|
||||
#include "ssh.h"
|
||||
#include "key.h"
|
||||
@ -179,6 +187,8 @@ int mm_answer_audit_event(int, Buffer *);
|
||||
int mm_answer_audit_command(int, Buffer *);
|
||||
#endif
|
||||
|
||||
static int monitor_read_log(struct monitor *);
|
||||
|
||||
static Authctxt *authctxt;
|
||||
static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */
|
||||
|
||||
@ -346,6 +356,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
|
||||
|
||||
debug3("preauth child monitor started");
|
||||
|
||||
close(pmonitor->m_recvfd);
|
||||
close(pmonitor->m_log_sendfd);
|
||||
pmonitor->m_log_sendfd = pmonitor->m_recvfd = -1;
|
||||
|
||||
authctxt = _authctxt;
|
||||
memset(authctxt, 0, sizeof(*authctxt));
|
||||
|
||||
@ -405,6 +419,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
|
||||
#endif
|
||||
}
|
||||
|
||||
/* Drain any buffered messages from the child */
|
||||
while (pmonitor->m_log_recvfd != -1 && monitor_read_log(pmonitor) == 0)
|
||||
;
|
||||
|
||||
if (!authctxt->valid)
|
||||
fatal("%s: authenticated invalid user", __func__);
|
||||
if (strcmp(auth_method, "unknown") == 0)
|
||||
@ -414,6 +432,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor)
|
||||
__func__, authctxt->user);
|
||||
|
||||
mm_get_keystate(pmonitor);
|
||||
|
||||
close(pmonitor->m_sendfd);
|
||||
close(pmonitor->m_log_recvfd);
|
||||
pmonitor->m_sendfd = pmonitor->m_log_recvfd = -1;
|
||||
}
|
||||
|
||||
static void
|
||||
@ -431,6 +453,9 @@ monitor_child_handler(int sig)
|
||||
void
|
||||
monitor_child_postauth(struct monitor *pmonitor)
|
||||
{
|
||||
close(pmonitor->m_recvfd);
|
||||
pmonitor->m_recvfd = -1;
|
||||
|
||||
monitor_set_child_handler(pmonitor->m_pid);
|
||||
signal(SIGHUP, &monitor_child_handler);
|
||||
signal(SIGTERM, &monitor_child_handler);
|
||||
@ -454,6 +479,9 @@ monitor_child_postauth(struct monitor *pmonitor)
|
||||
|
||||
for (;;)
|
||||
monitor_read(pmonitor, mon_dispatch, NULL);
|
||||
|
||||
close(pmonitor->m_sendfd);
|
||||
pmonitor->m_sendfd = -1;
|
||||
}
|
||||
|
||||
void
|
||||
@ -465,6 +493,52 @@ monitor_sync(struct monitor *pmonitor)
|
||||
}
|
||||
}
|
||||
|
||||
static int
|
||||
monitor_read_log(struct monitor *pmonitor)
|
||||
{
|
||||
Buffer logmsg;
|
||||
u_int len, level;
|
||||
char *msg;
|
||||
|
||||
buffer_init(&logmsg);
|
||||
|
||||
/* Read length */
|
||||
buffer_append_space(&logmsg, 4);
|
||||
if (atomicio(read, pmonitor->m_log_recvfd,
|
||||
buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg)) {
|
||||
if (errno == EPIPE) {
|
||||
debug("%s: child log fd closed", __func__);
|
||||
close(pmonitor->m_log_recvfd);
|
||||
pmonitor->m_log_recvfd = -1;
|
||||
return -1;
|
||||
}
|
||||
fatal("%s: log fd read: %s", __func__, strerror(errno));
|
||||
}
|
||||
len = buffer_get_int(&logmsg);
|
||||
if (len <= 4 || len > 8192)
|
||||
fatal("%s: invalid log message length %u", __func__, len);
|
||||
|
||||
/* Read severity, message */
|
||||
buffer_clear(&logmsg);
|
||||
buffer_append_space(&logmsg, len);
|
||||
if (atomicio(read, pmonitor->m_log_recvfd,
|
||||
buffer_ptr(&logmsg), buffer_len(&logmsg)) != buffer_len(&logmsg))
|
||||
fatal("%s: log fd read: %s", __func__, strerror(errno));
|
||||
|
||||
/* Log it */
|
||||
level = buffer_get_int(&logmsg);
|
||||
msg = buffer_get_string(&logmsg, NULL);
|
||||
if (log_level_name(level) == NULL)
|
||||
fatal("%s: invalid log level %u (corrupted message?)",
|
||||
__func__, level);
|
||||
do_log2(level, "%s [preauth]", msg);
|
||||
|
||||
buffer_free(&logmsg);
|
||||
xfree(msg);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
monitor_read(struct monitor *pmonitor, struct mon_table *ent,
|
||||
struct mon_table **pent)
|
||||
@ -472,6 +546,30 @@ monitor_read(struct monitor *pmonitor, struct mon_table *ent,
|
||||
Buffer m;
|
||||
int ret;
|
||||
u_char type;
|
||||
struct pollfd pfd[2];
|
||||
|
||||
for (;;) {
|
||||
bzero(&pfd, sizeof(pfd));
|
||||
pfd[0].fd = pmonitor->m_sendfd;
|
||||
pfd[0].events = POLLIN;
|
||||
pfd[1].fd = pmonitor->m_log_recvfd;
|
||||
pfd[1].events = pfd[1].fd == -1 ? 0 : POLLIN;
|
||||
if (poll(pfd, pfd[1].fd == -1 ? 1 : 2, -1) == -1) {
|
||||
if (errno == EINTR || errno == EAGAIN)
|
||||
continue;
|
||||
fatal("%s: poll: %s", __func__, strerror(errno));
|
||||
}
|
||||
if (pfd[1].revents) {
|
||||
/*
|
||||
* Drain all log messages before processing next
|
||||
* monitor request.
|
||||
*/
|
||||
monitor_read_log(pmonitor);
|
||||
continue;
|
||||
}
|
||||
if (pfd[0].revents)
|
||||
break; /* Continues below */
|
||||
}
|
||||
|
||||
buffer_init(&m);
|
||||
|
||||
@ -632,6 +730,7 @@ mm_answer_pwnamallow(int sock, Buffer *m)
|
||||
char *username;
|
||||
struct passwd *pwent;
|
||||
int allowed = 0;
|
||||
u_int i;
|
||||
|
||||
debug3("%s", __func__);
|
||||
|
||||
@ -671,8 +770,20 @@ mm_answer_pwnamallow(int sock, Buffer *m)
|
||||
|
||||
out:
|
||||
buffer_put_string(m, &options, sizeof(options));
|
||||
if (options.banner != NULL)
|
||||
buffer_put_cstring(m, options.banner);
|
||||
|
||||
#define M_CP_STROPT(x) do { \
|
||||
if (options.x != NULL) \
|
||||
buffer_put_cstring(m, options.x); \
|
||||
} while (0)
|
||||
#define M_CP_STRARRAYOPT(x, nx) do { \
|
||||
for (i = 0; i < options.nx; i++) \
|
||||
buffer_put_cstring(m, options.x[i]); \
|
||||
} while (0)
|
||||
/* See comment in servconf.h */
|
||||
COPY_MATCH_STRING_OPTS();
|
||||
#undef M_CP_STROPT
|
||||
#undef M_CP_STRARRAYOPT
|
||||
|
||||
debug3("%s: sending MONITOR_ANS_PWNAM: %d", __func__, allowed);
|
||||
mm_request_send(sock, MONITOR_ANS_PWNAM, m);
|
||||
|
||||
@ -684,7 +795,6 @@ mm_answer_pwnamallow(int sock, Buffer *m)
|
||||
monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1);
|
||||
monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1);
|
||||
}
|
||||
|
||||
#ifdef USE_PAM
|
||||
if (options.use_pam)
|
||||
monitor_permit(mon_dispatch, MONITOR_REQ_PAM_START, 1);
|
||||
@ -1834,22 +1944,31 @@ mm_init_compression(struct mm_master *mm)
|
||||
/* XXX */
|
||||
|
||||
#define FD_CLOSEONEXEC(x) do { \
|
||||
if (fcntl(x, F_SETFD, 1) == -1) \
|
||||
if (fcntl(x, F_SETFD, FD_CLOEXEC) == -1) \
|
||||
fatal("fcntl(%d, F_SETFD)", x); \
|
||||
} while (0)
|
||||
|
||||
static void
|
||||
monitor_socketpair(int *pair)
|
||||
monitor_openfds(struct monitor *mon, int do_logfds)
|
||||
{
|
||||
#ifdef HAVE_SOCKETPAIR
|
||||
int pair[2];
|
||||
|
||||
if (socketpair(AF_UNIX, SOCK_STREAM, 0, pair) == -1)
|
||||
fatal("%s: socketpair", __func__);
|
||||
#else
|
||||
fatal("%s: UsePrivilegeSeparation=yes not supported",
|
||||
__func__);
|
||||
#endif
|
||||
fatal("%s: socketpair: %s", __func__, strerror(errno));
|
||||
FD_CLOSEONEXEC(pair[0]);
|
||||
FD_CLOSEONEXEC(pair[1]);
|
||||
mon->m_recvfd = pair[0];
|
||||
mon->m_sendfd = pair[1];
|
||||
|
||||
if (do_logfds) {
|
||||
if (pipe(pair) == -1)
|
||||
fatal("%s: pipe: %s", __func__, strerror(errno));
|
||||
FD_CLOSEONEXEC(pair[0]);
|
||||
FD_CLOSEONEXEC(pair[1]);
|
||||
mon->m_log_recvfd = pair[0];
|
||||
mon->m_log_sendfd = pair[1];
|
||||
} else
|
||||
mon->m_log_recvfd = mon->m_log_sendfd = -1;
|
||||
}
|
||||
|
||||
#define MM_MEMSIZE 65536
|
||||
@ -1858,14 +1977,10 @@ struct monitor *
|
||||
monitor_init(void)
|
||||
{
|
||||
struct monitor *mon;
|
||||
int pair[2];
|
||||
|
||||
mon = xcalloc(1, sizeof(*mon));
|
||||
|
||||
monitor_socketpair(pair);
|
||||
|
||||
mon->m_recvfd = pair[0];
|
||||
mon->m_sendfd = pair[1];
|
||||
monitor_openfds(mon, 1);
|
||||
|
||||
/* Used to share zlib space across processes */
|
||||
if (options.compression) {
|
||||
@ -1882,12 +1997,7 @@ monitor_init(void)
|
||||
void
|
||||
monitor_reinit(struct monitor *mon)
|
||||
{
|
||||
int pair[2];
|
||||
|
||||
monitor_socketpair(pair);
|
||||
|
||||
mon->m_recvfd = pair[0];
|
||||
mon->m_sendfd = pair[1];
|
||||
monitor_openfds(mon, 0);
|
||||
}
|
||||
|
||||
#ifdef GSSAPI
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: monitor.h,v 1.15 2008/11/04 08:22:13 djm Exp $ */
|
||||
/* $OpenBSD: monitor.h,v 1.16 2011/06/17 21:44:31 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
@ -72,6 +72,8 @@ struct mm_master;
|
||||
struct monitor {
|
||||
int m_recvfd;
|
||||
int m_sendfd;
|
||||
int m_log_recvfd;
|
||||
int m_log_sendfd;
|
||||
struct mm_master *m_zback;
|
||||
struct mm_master *m_zlib;
|
||||
struct Kex **m_pkex;
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: monitor_wrap.c,v 1.70 2010/08/31 11:54:45 djm Exp $ */
|
||||
/* $OpenBSD: monitor_wrap.c,v 1.73 2011/06/17 21:44:31 djm Exp $ */
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
* Copyright 2002 Markus Friedl <markus@openbsd.org>
|
||||
@ -88,6 +88,32 @@ extern struct monitor *pmonitor;
|
||||
extern Buffer loginmsg;
|
||||
extern ServerOptions options;
|
||||
|
||||
void
|
||||
mm_log_handler(LogLevel level, const char *msg, void *ctx)
|
||||
{
|
||||
Buffer log_msg;
|
||||
struct monitor *mon = (struct monitor *)ctx;
|
||||
|
||||
if (mon->m_log_sendfd == -1)
|
||||
fatal("%s: no log channel", __func__);
|
||||
|
||||
buffer_init(&log_msg);
|
||||
/*
|
||||
* Placeholder for packet length. Will be filled in with the actual
|
||||
* packet length once the packet has been constucted. This saves
|
||||
* fragile math.
|
||||
*/
|
||||
buffer_put_int(&log_msg, 0);
|
||||
|
||||
buffer_put_int(&log_msg, level);
|
||||
buffer_put_cstring(&log_msg, msg);
|
||||
put_u32(buffer_ptr(&log_msg), buffer_len(&log_msg) - 4);
|
||||
if (atomicio(vwrite, mon->m_log_sendfd, buffer_ptr(&log_msg),
|
||||
buffer_len(&log_msg)) != buffer_len(&log_msg))
|
||||
fatal("%s: write: %s", __func__, strerror(errno));
|
||||
buffer_free(&log_msg);
|
||||
}
|
||||
|
||||
int
|
||||
mm_is_monitor(void)
|
||||
{
|
||||
@ -211,7 +237,7 @@ mm_getpwnamallow(const char *username)
|
||||
{
|
||||
Buffer m;
|
||||
struct passwd *pw;
|
||||
u_int len;
|
||||
u_int len, i;
|
||||
ServerOptions *newopts;
|
||||
|
||||
debug3("%s entering", __func__);
|
||||
@ -245,8 +271,20 @@ mm_getpwnamallow(const char *username)
|
||||
newopts = buffer_get_string(&m, &len);
|
||||
if (len != sizeof(*newopts))
|
||||
fatal("%s: option block size mismatch", __func__);
|
||||
if (newopts->banner != NULL)
|
||||
newopts->banner = buffer_get_string(&m, NULL);
|
||||
|
||||
#define M_CP_STROPT(x) do { \
|
||||
if (newopts->x != NULL) \
|
||||
newopts->x = buffer_get_string(&m, NULL); \
|
||||
} while (0)
|
||||
#define M_CP_STRARRAYOPT(x, nx) do { \
|
||||
for (i = 0; i < newopts->nx; i++) \
|
||||
newopts->x[i] = buffer_get_string(&m, NULL); \
|
||||
} while (0)
|
||||
/* See comment in servconf.h */
|
||||
COPY_MATCH_STRING_OPTS();
|
||||
#undef M_CP_STROPT
|
||||
#undef M_CP_STRARRAYOPT
|
||||
|
||||
copy_set_server_options(&options, newopts, 1);
|
||||
xfree(newopts);
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: monitor_wrap.h,v 1.22 2009/03/05 07:18:19 djm Exp $ */
|
||||
/* $OpenBSD: monitor_wrap.h,v 1.23 2011/06/17 21:44:31 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
|
||||
@ -37,6 +37,7 @@ struct monitor;
|
||||
struct mm_master;
|
||||
struct Authctxt;
|
||||
|
||||
void mm_log_handler(LogLevel, const char *, void *);
|
||||
int mm_is_monitor(void);
|
||||
DH *mm_choose_dh(int, int, int);
|
||||
int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int);
|
||||
|
167
mux.c
167
mux.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: mux.c,v 1.24 2011/01/13 21:54:53 djm Exp $ */
|
||||
/* $OpenBSD: mux.c,v 1.29 2011/06/22 22:08:42 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
|
||||
*
|
||||
@ -87,7 +87,6 @@
|
||||
|
||||
/* from ssh.c */
|
||||
extern int tty_flag;
|
||||
extern int force_tty_flag;
|
||||
extern Options options;
|
||||
extern int stdin_null_flag;
|
||||
extern char *host;
|
||||
@ -146,6 +145,7 @@ struct mux_master_state {
|
||||
#define MUX_C_OPEN_FWD 0x10000006
|
||||
#define MUX_C_CLOSE_FWD 0x10000007
|
||||
#define MUX_C_NEW_STDIO_FWD 0x10000008
|
||||
#define MUX_C_STOP_LISTENING 0x10000009
|
||||
#define MUX_S_OK 0x80000001
|
||||
#define MUX_S_PERMISSION_DENIED 0x80000002
|
||||
#define MUX_S_FAILURE 0x80000003
|
||||
@ -153,6 +153,7 @@ struct mux_master_state {
|
||||
#define MUX_S_ALIVE 0x80000005
|
||||
#define MUX_S_SESSION_OPENED 0x80000006
|
||||
#define MUX_S_REMOTE_PORT 0x80000007
|
||||
#define MUX_S_TTY_ALLOC_FAIL 0x80000008
|
||||
|
||||
/* type codes for MUX_C_OPEN_FWD and MUX_C_CLOSE_FWD */
|
||||
#define MUX_FWD_LOCAL 1
|
||||
@ -168,6 +169,7 @@ static int process_mux_terminate(u_int, Channel *, Buffer *, Buffer *);
|
||||
static int process_mux_open_fwd(u_int, Channel *, Buffer *, Buffer *);
|
||||
static int process_mux_close_fwd(u_int, Channel *, Buffer *, Buffer *);
|
||||
static int process_mux_stdio_fwd(u_int, Channel *, Buffer *, Buffer *);
|
||||
static int process_mux_stop_listening(u_int, Channel *, Buffer *, Buffer *);
|
||||
|
||||
static const struct {
|
||||
u_int type;
|
||||
@ -180,6 +182,7 @@ static const struct {
|
||||
{ MUX_C_OPEN_FWD, process_mux_open_fwd },
|
||||
{ MUX_C_CLOSE_FWD, process_mux_close_fwd },
|
||||
{ MUX_C_NEW_STDIO_FWD, process_mux_stdio_fwd },
|
||||
{ MUX_C_STOP_LISTENING, process_mux_stop_listening },
|
||||
{ 0, NULL }
|
||||
};
|
||||
|
||||
@ -915,6 +918,39 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
process_mux_stop_listening(u_int rid, Channel *c, Buffer *m, Buffer *r)
|
||||
{
|
||||
debug("%s: channel %d: stop listening", __func__, c->self);
|
||||
|
||||
if (options.control_master == SSHCTL_MASTER_ASK ||
|
||||
options.control_master == SSHCTL_MASTER_AUTO_ASK) {
|
||||
if (!ask_permission("Disable further multiplexing on shared "
|
||||
"connection to %s? ", host)) {
|
||||
debug2("%s: stop listen refused by user", __func__);
|
||||
buffer_put_int(r, MUX_S_PERMISSION_DENIED);
|
||||
buffer_put_int(r, rid);
|
||||
buffer_put_cstring(r, "Permission denied");
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
if (mux_listener_channel != NULL) {
|
||||
channel_free(mux_listener_channel);
|
||||
client_stop_mux();
|
||||
xfree(options.control_path);
|
||||
options.control_path = NULL;
|
||||
mux_listener_channel = NULL;
|
||||
muxserver_sock = -1;
|
||||
}
|
||||
|
||||
/* prepare reply */
|
||||
buffer_put_int(r, MUX_S_OK);
|
||||
buffer_put_int(r, rid);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Channel callbacks fired on read/write from mux slave fd */
|
||||
static int
|
||||
mux_master_read_cb(Channel *c)
|
||||
@ -1019,6 +1055,27 @@ mux_exit_message(Channel *c, int exitval)
|
||||
buffer_free(&m);
|
||||
}
|
||||
|
||||
void
|
||||
mux_tty_alloc_failed(Channel *c)
|
||||
{
|
||||
Buffer m;
|
||||
Channel *mux_chan;
|
||||
|
||||
debug3("%s: channel %d: TTY alloc failed", __func__, c->self);
|
||||
|
||||
if ((mux_chan = channel_by_id(c->ctl_chan)) == NULL)
|
||||
fatal("%s: channel %d missing mux channel %d",
|
||||
__func__, c->self, c->ctl_chan);
|
||||
|
||||
/* Append exit message packet to control socket output queue */
|
||||
buffer_init(&m);
|
||||
buffer_put_int(&m, MUX_S_TTY_ALLOC_FAIL);
|
||||
buffer_put_int(&m, c->self);
|
||||
|
||||
buffer_put_string(&mux_chan->output, buffer_ptr(&m), buffer_len(&m));
|
||||
buffer_free(&m);
|
||||
}
|
||||
|
||||
/* Prepare a mux master to listen on a Unix domain socket. */
|
||||
void
|
||||
muxserver_listen(void)
|
||||
@ -1059,21 +1116,25 @@ muxserver_listen(void)
|
||||
strlen(options.control_path) + 1;
|
||||
|
||||
if (strlcpy(addr.sun_path, options.control_path,
|
||||
sizeof(addr.sun_path)) >= sizeof(addr.sun_path))
|
||||
fatal("ControlPath too long");
|
||||
sizeof(addr.sun_path)) >= sizeof(addr.sun_path)) {
|
||||
error("ControlPath \"%s\" too long for Unix domain socket",
|
||||
options.control_path);
|
||||
goto disable_mux_master;
|
||||
}
|
||||
|
||||
if ((muxserver_sock = socket(PF_UNIX, SOCK_STREAM, 0)) < 0)
|
||||
fatal("%s socket(): %s", __func__, strerror(errno));
|
||||
|
||||
old_umask = umask(0177);
|
||||
if (bind(muxserver_sock, (struct sockaddr *)&addr, sun_len) == -1) {
|
||||
muxserver_sock = -1;
|
||||
if (errno == EINVAL || errno == EADDRINUSE) {
|
||||
error("ControlSocket %s already exists, "
|
||||
"disabling multiplexing", options.control_path);
|
||||
disable_mux_master:
|
||||
close(muxserver_sock);
|
||||
muxserver_sock = -1;
|
||||
if (muxserver_sock != -1) {
|
||||
close(muxserver_sock);
|
||||
muxserver_sock = -1;
|
||||
}
|
||||
xfree(options.control_path);
|
||||
options.control_path = NULL;
|
||||
options.control_master = SSHCTL_MASTER_NO;
|
||||
@ -1153,8 +1214,10 @@ mux_session_confirm(int id, int success, void *arg)
|
||||
/* Request forwarding with authentication spoofing. */
|
||||
debug("Requesting X11 forwarding with authentication "
|
||||
"spoofing.");
|
||||
x11_request_forwarding_with_spoofing(id, display, proto, data);
|
||||
/* XXX wait for reply */
|
||||
x11_request_forwarding_with_spoofing(id, display, proto,
|
||||
data, 1);
|
||||
client_expect_confirm(id, "X11 forwarding", CONFIRM_WARN);
|
||||
/* XXX exit_on_forward_failure */
|
||||
}
|
||||
|
||||
if (cctx->want_agent_fwd && options.forward_agent) {
|
||||
@ -1573,7 +1636,7 @@ mux_client_request_session(int fd)
|
||||
char *e, *term;
|
||||
u_int i, rid, sid, esid, exitval, type, exitval_seen;
|
||||
extern char **environ;
|
||||
int devnull;
|
||||
int devnull, rawmode;
|
||||
|
||||
debug3("%s: entering", __func__);
|
||||
|
||||
@ -1669,8 +1732,9 @@ mux_client_request_session(int fd)
|
||||
signal(SIGTERM, control_client_sighandler);
|
||||
signal(SIGWINCH, control_client_sigrelay);
|
||||
|
||||
rawmode = tty_flag;
|
||||
if (tty_flag)
|
||||
enter_raw_mode(force_tty_flag);
|
||||
enter_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
|
||||
/*
|
||||
* Stick around until the controlee closes the client_fd.
|
||||
@ -1684,22 +1748,35 @@ mux_client_request_session(int fd)
|
||||
if (mux_client_read_packet(fd, &m) != 0)
|
||||
break;
|
||||
type = buffer_get_int(&m);
|
||||
if (type != MUX_S_EXIT_MESSAGE) {
|
||||
switch (type) {
|
||||
case MUX_S_TTY_ALLOC_FAIL:
|
||||
if ((esid = buffer_get_int(&m)) != sid)
|
||||
fatal("%s: tty alloc fail on unknown session: "
|
||||
"my id %u theirs %u",
|
||||
__func__, sid, esid);
|
||||
leave_raw_mode(options.request_tty ==
|
||||
REQUEST_TTY_FORCE);
|
||||
rawmode = 0;
|
||||
continue;
|
||||
case MUX_S_EXIT_MESSAGE:
|
||||
if ((esid = buffer_get_int(&m)) != sid)
|
||||
fatal("%s: exit on unknown session: "
|
||||
"my id %u theirs %u",
|
||||
__func__, sid, esid);
|
||||
if (exitval_seen)
|
||||
fatal("%s: exitval sent twice", __func__);
|
||||
exitval = buffer_get_int(&m);
|
||||
exitval_seen = 1;
|
||||
continue;
|
||||
default:
|
||||
e = buffer_get_string(&m, NULL);
|
||||
fatal("%s: master returned error: %s", __func__, e);
|
||||
}
|
||||
if ((esid = buffer_get_int(&m)) != sid)
|
||||
fatal("%s: exit on unknown session: my id %u theirs %u",
|
||||
__func__, sid, esid);
|
||||
debug("%s: master session id: %u", __func__, sid);
|
||||
if (exitval_seen)
|
||||
fatal("%s: exitval sent twice", __func__);
|
||||
exitval = buffer_get_int(&m);
|
||||
exitval_seen = 1;
|
||||
}
|
||||
|
||||
close(fd);
|
||||
leave_raw_mode(force_tty_flag);
|
||||
if (rawmode)
|
||||
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
||||
|
||||
if (muxclient_terminate) {
|
||||
debug2("Exiting on signal %d", muxclient_terminate);
|
||||
@ -1813,6 +1890,50 @@ mux_client_request_stdio_fwd(int fd)
|
||||
fatal("%s: master returned unexpected message %u", __func__, type);
|
||||
}
|
||||
|
||||
static void
|
||||
mux_client_request_stop_listening(int fd)
|
||||
{
|
||||
Buffer m;
|
||||
char *e;
|
||||
u_int type, rid;
|
||||
|
||||
debug3("%s: entering", __func__);
|
||||
|
||||
buffer_init(&m);
|
||||
buffer_put_int(&m, MUX_C_STOP_LISTENING);
|
||||
buffer_put_int(&m, muxclient_request_id);
|
||||
|
||||
if (mux_client_write_packet(fd, &m) != 0)
|
||||
fatal("%s: write packet: %s", __func__, strerror(errno));
|
||||
|
||||
buffer_clear(&m);
|
||||
|
||||
/* Read their reply */
|
||||
if (mux_client_read_packet(fd, &m) != 0)
|
||||
fatal("%s: read from master failed: %s",
|
||||
__func__, strerror(errno));
|
||||
|
||||
type = buffer_get_int(&m);
|
||||
if ((rid = buffer_get_int(&m)) != muxclient_request_id)
|
||||
fatal("%s: out of sequence reply: my id %u theirs %u",
|
||||
__func__, muxclient_request_id, rid);
|
||||
switch (type) {
|
||||
case MUX_S_OK:
|
||||
break;
|
||||
case MUX_S_PERMISSION_DENIED:
|
||||
e = buffer_get_string(&m, NULL);
|
||||
fatal("Master refused stop listening request: %s", e);
|
||||
case MUX_S_FAILURE:
|
||||
e = buffer_get_string(&m, NULL);
|
||||
fatal("%s: stop listening request failed: %s", __func__, e);
|
||||
default:
|
||||
fatal("%s: unexpected response from master 0x%08x",
|
||||
__func__, type);
|
||||
}
|
||||
buffer_free(&m);
|
||||
muxclient_request_id++;
|
||||
}
|
||||
|
||||
/* Multiplex client main loop. */
|
||||
void
|
||||
muxclient(const char *path)
|
||||
@ -1906,6 +2027,10 @@ muxclient(const char *path)
|
||||
case SSHMUX_COMMAND_STDIO_FWD:
|
||||
mux_client_request_stdio_fwd(sock);
|
||||
exit(0);
|
||||
case SSHMUX_COMMAND_STOP:
|
||||
mux_client_request_stop_listening(sock);
|
||||
fprintf(stderr, "Stop listening request sent.\r\n");
|
||||
exit(0);
|
||||
default:
|
||||
fatal("unrecognised muxclient_command %d", muxclient_command);
|
||||
}
|
||||
|
21
myproposal.h
21
myproposal.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: myproposal.h,v 1.27 2010/09/01 22:42:13 djm Exp $ */
|
||||
/* $OpenBSD: myproposal.h,v 1.28 2011/08/02 01:22:11 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
@ -75,10 +75,25 @@
|
||||
"arcfour256,arcfour128," \
|
||||
"aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \
|
||||
"aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se"
|
||||
#ifdef HAVE_EVP_SHA256
|
||||
#define SHA2_HMAC_MODES \
|
||||
"hmac-sha2-256," \
|
||||
"hmac-sha2-256-96," \
|
||||
"hmac-sha2-512," \
|
||||
"hmac-sha2-512-96,"
|
||||
#else
|
||||
# define SHA2_HMAC_MODES
|
||||
#endif
|
||||
#define KEX_DEFAULT_MAC \
|
||||
"hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160," \
|
||||
"hmac-md5," \
|
||||
"hmac-sha1," \
|
||||
"umac-64@openssh.com," \
|
||||
SHA2_HMAC_MODES \
|
||||
"hmac-ripemd160," \
|
||||
"hmac-ripemd160@openssh.com," \
|
||||
"hmac-sha1-96,hmac-md5-96"
|
||||
"hmac-sha1-96," \
|
||||
"hmac-md5-96"
|
||||
|
||||
#define KEX_DEFAULT_COMP "none,zlib@openssh.com,zlib"
|
||||
#define KEX_DEFAULT_LANG ""
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
|
||||
* Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -34,9 +34,6 @@
|
||||
#if defined(open) && open == binary_open
|
||||
# undef open
|
||||
#endif
|
||||
#if defined(pipe) && open == binary_pipe
|
||||
# undef pipe
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
@ -59,18 +56,6 @@ binary_open(const char *filename, int flags, ...)
|
||||
return (open(filename, flags | O_BINARY, mode));
|
||||
}
|
||||
|
||||
int
|
||||
binary_pipe(int fd[2])
|
||||
{
|
||||
int ret = pipe(fd);
|
||||
|
||||
if (!ret) {
|
||||
setmode(fd[0], O_BINARY);
|
||||
setmode(fd[1], O_BINARY);
|
||||
}
|
||||
return (ret);
|
||||
}
|
||||
|
||||
int
|
||||
check_ntsec(const char *filename)
|
||||
{
|
||||
|
@ -1,7 +1,7 @@
|
||||
/* $Id: bsd-cygwin_util.h,v 1.12 2009/03/08 00:40:28 dtucker Exp $ */
|
||||
/* $Id: bsd-cygwin_util.h,v 1.13 2011/08/17 01:31:09 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com>
|
||||
* Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com>
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
@ -41,13 +41,11 @@
|
||||
#include <io.h>
|
||||
|
||||
int binary_open(const char *, int , ...);
|
||||
int binary_pipe(int fd[2]);
|
||||
int check_ntsec(const char *);
|
||||
char **fetch_windows_environment(void);
|
||||
void free_windows_environment(char **);
|
||||
|
||||
#define open binary_open
|
||||
#define pipe binary_pipe
|
||||
|
||||
#endif /* HAVE_CYGWIN */
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $Id: openssl-compat.c,v 1.13 2011/01/21 22:37:06 dtucker Exp $ */
|
||||
/* $Id: openssl-compat.c,v 1.14 2011/05/10 01:13:38 dtucker Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
|
||||
@ -134,9 +134,9 @@ RSA_get_default_method(void)
|
||||
|
||||
#ifdef USE_OPENSSL_ENGINE
|
||||
void
|
||||
ssh_SSLeay_add_all_algorithms(void)
|
||||
ssh_OpenSSL_add_all_algorithms(void)
|
||||
{
|
||||
SSLeay_add_all_algorithms();
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
||||
/* Enable use of crypto hardware */
|
||||
ENGINE_load_builtin_engines();
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $Id: openssl-compat.h,v 1.18 2011/01/21 22:37:06 dtucker Exp $ */
|
||||
/* $Id: openssl-compat.h,v 1.19 2011/05/10 01:13:38 dtucker Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
|
||||
@ -106,10 +106,10 @@ RSA_METHOD *RSA_get_default_method(void);
|
||||
# endif
|
||||
|
||||
# ifdef USE_OPENSSL_ENGINE
|
||||
# ifdef SSLeay_add_all_algorithms
|
||||
# undef SSLeay_add_all_algorithms
|
||||
# ifdef OpenSSL_add_all_algorithms
|
||||
# undef OpenSSL_add_all_algorithms
|
||||
# endif
|
||||
# define SSLeay_add_all_algorithms() ssh_SSLeay_add_all_algorithms()
|
||||
# define OpenSSL_add_all_algorithms() ssh_OpenSSL_add_all_algorithms()
|
||||
# endif
|
||||
|
||||
# ifndef HAVE_BN_IS_PRIME_EX
|
||||
@ -129,6 +129,6 @@ int ssh_EVP_CipherInit(EVP_CIPHER_CTX *, const EVP_CIPHER *, unsigned char *,
|
||||
unsigned char *, int);
|
||||
int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
|
||||
int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
|
||||
void ssh_SSLeay_add_all_algorithms(void);
|
||||
void ssh_OpenSSL_add_all_algorithms(void);
|
||||
#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $Id: port-linux.c,v 1.11.4.3 2011/02/06 02:24:17 dtucker Exp $ */
|
||||
/* $Id: port-linux.c,v 1.16 2011/08/29 06:09:57 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com>
|
||||
@ -38,6 +38,10 @@
|
||||
#include <selinux/flask.h>
|
||||
#include <selinux/get_context_list.h>
|
||||
|
||||
#ifndef SSH_SELINUX_UNCONFINED_TYPE
|
||||
# define SSH_SELINUX_UNCONFINED_TYPE ":unconfined_t:"
|
||||
#endif
|
||||
|
||||
/* Wrapper around is_selinux_enabled() to log its return value once only */
|
||||
int
|
||||
ssh_selinux_enabled(void)
|
||||
@ -177,12 +181,13 @@ ssh_selinux_change_context(const char *newname)
|
||||
{
|
||||
int len, newlen;
|
||||
char *oldctx, *newctx, *cx;
|
||||
void (*switchlog) (const char *fmt,...) = logit;
|
||||
|
||||
if (!ssh_selinux_enabled())
|
||||
return;
|
||||
|
||||
if (getcon((security_context_t *)&oldctx) < 0) {
|
||||
logit("%s: getcon failed with %s", __func__, strerror (errno));
|
||||
logit("%s: getcon failed with %s", __func__, strerror(errno));
|
||||
return;
|
||||
}
|
||||
if ((cx = index(oldctx, ':')) == NULL || (cx = index(cx + 1, ':')) ==
|
||||
@ -191,6 +196,14 @@ ssh_selinux_change_context(const char *newname)
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
* Check whether we are attempting to switch away from an unconfined
|
||||
* security context.
|
||||
*/
|
||||
if (strncmp(cx, SSH_SELINUX_UNCONFINED_TYPE,
|
||||
sizeof(SSH_SELINUX_UNCONFINED_TYPE) - 1) == 0)
|
||||
switchlog = debug3;
|
||||
|
||||
newlen = strlen(oldctx) + strlen(newname) + 1;
|
||||
newctx = xmalloc(newlen);
|
||||
len = cx - oldctx + 1;
|
||||
@ -198,10 +211,11 @@ ssh_selinux_change_context(const char *newname)
|
||||
strlcpy(newctx + len, newname, newlen - len);
|
||||
if ((cx = index(cx + 1, ':')))
|
||||
strlcat(newctx, cx, newlen);
|
||||
debug3("%s: setting context from '%s' to '%s'", __func__, oldctx,
|
||||
newctx);
|
||||
debug3("%s: setting context from '%s' to '%s'", __func__,
|
||||
oldctx, newctx);
|
||||
if (setcon(newctx) < 0)
|
||||
logit("%s: setcon failed with %s", __func__, strerror (errno));
|
||||
switchlog("%s: setcon %s from %s failed with %s", __func__,
|
||||
newctx, oldctx, strerror(errno));
|
||||
xfree(oldctx);
|
||||
xfree(newctx);
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $Id: port-linux.h,v 1.4.10.1 2011/02/04 00:42:21 djm Exp $ */
|
||||
/* $Id: port-linux.h,v 1.5 2011/01/25 01:16:18 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 2006 Damien Miller <djm@openbsd.org>
|
||||
|
@ -24,6 +24,8 @@
|
||||
|
||||
#define NUM_OPENS 10
|
||||
|
||||
int closefrom(int);
|
||||
|
||||
void
|
||||
fail(char *msg)
|
||||
{
|
||||
|
44
packet.c
44
packet.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: packet.c,v 1.172 2010/11/13 23:27:50 djm Exp $ */
|
||||
/* $OpenBSD: packet.c,v 1.173 2011/05/06 21:14:05 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -422,10 +422,8 @@ packet_set_state(int mode, u_int32_t seqnr, u_int64_t blocks, u_int32_t packets,
|
||||
state->bytes = bytes;
|
||||
}
|
||||
|
||||
/* returns 1 if connection is via ipv4 */
|
||||
|
||||
int
|
||||
packet_connection_is_ipv4(void)
|
||||
static int
|
||||
packet_connection_af(void)
|
||||
{
|
||||
struct sockaddr_storage to;
|
||||
socklen_t tolen = sizeof(to);
|
||||
@ -439,9 +437,9 @@ packet_connection_is_ipv4(void)
|
||||
#ifdef IPV4_IN_IPV6
|
||||
if (to.ss_family == AF_INET6 &&
|
||||
IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)&to)->sin6_addr))
|
||||
return 1;
|
||||
return AF_INET;
|
||||
#endif
|
||||
return 0;
|
||||
return to.ss_family;
|
||||
}
|
||||
|
||||
/* Sets the connection into non-blocking mode. */
|
||||
@ -1752,16 +1750,30 @@ packet_not_very_much_data_to_write(void)
|
||||
static void
|
||||
packet_set_tos(int tos)
|
||||
{
|
||||
#if defined(IP_TOS) && !defined(IP_TOS_IS_BROKEN)
|
||||
if (!packet_connection_is_on_socket() ||
|
||||
!packet_connection_is_ipv4())
|
||||
#ifndef IP_TOS_IS_BROKEN
|
||||
if (!packet_connection_is_on_socket())
|
||||
return;
|
||||
debug3("%s: set IP_TOS 0x%02x", __func__, tos);
|
||||
if (setsockopt(active_state->connection_in, IPPROTO_IP, IP_TOS, &tos,
|
||||
sizeof(tos)) < 0)
|
||||
error("setsockopt IP_TOS %d: %.100s:",
|
||||
tos, strerror(errno));
|
||||
#endif
|
||||
switch (packet_connection_af()) {
|
||||
# ifdef IP_TOS
|
||||
case AF_INET:
|
||||
debug3("%s: set IP_TOS 0x%02x", __func__, tos);
|
||||
if (setsockopt(active_state->connection_in,
|
||||
IPPROTO_IP, IP_TOS, &tos, sizeof(tos)) < 0)
|
||||
error("setsockopt IP_TOS %d: %.100s:",
|
||||
tos, strerror(errno));
|
||||
break;
|
||||
# endif /* IP_TOS */
|
||||
# ifdef IPV6_TCLASS
|
||||
case AF_INET6:
|
||||
debug3("%s: set IPV6_TCLASS 0x%02x", __func__, tos);
|
||||
if (setsockopt(active_state->connection_in,
|
||||
IPPROTO_IPV6, IPV6_TCLASS, &tos, sizeof(tos)) < 0)
|
||||
error("setsockopt IPV6_TCLASS %d: %.100s:",
|
||||
tos, strerror(errno));
|
||||
break;
|
||||
# endif /* IPV6_TCLASS */
|
||||
}
|
||||
#endif /* IP_TOS_IS_BROKEN */
|
||||
}
|
||||
|
||||
/* Informs that the current session is interactive. Sets IP flags for that. */
|
||||
|
3
packet.h
3
packet.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: packet.h,v 1.55 2010/11/13 23:27:50 djm Exp $ */
|
||||
/* $OpenBSD: packet.h,v 1.56 2011/05/06 21:14:05 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -92,7 +92,6 @@ int packet_have_data_to_write(void);
|
||||
int packet_not_very_much_data_to_write(void);
|
||||
|
||||
int packet_connection_is_on_socket(void);
|
||||
int packet_connection_is_ipv4(void);
|
||||
int packet_remaining(void);
|
||||
void packet_send_ignore(int);
|
||||
void packet_add_padding(u_char);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: pathnames.h,v 1.20 2010/08/31 11:54:45 djm Exp $ */
|
||||
/* $OpenBSD: pathnames.h,v 1.22 2011/05/23 03:30:07 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
119
readconf.c
119
readconf.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: readconf.c,v 1.190 2010/11/13 23:27:50 djm Exp $ */
|
||||
/* $OpenBSD: readconf.c,v 1.193 2011/05/24 07:15:47 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -134,7 +134,7 @@ typedef enum {
|
||||
oHashKnownHosts,
|
||||
oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
|
||||
oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
|
||||
oKexAlgorithms, oIPQoS,
|
||||
oKexAlgorithms, oIPQoS, oRequestTTY,
|
||||
oDeprecated, oUnsupported
|
||||
} OpCodes;
|
||||
|
||||
@ -193,9 +193,9 @@ static struct {
|
||||
{ "host", oHost },
|
||||
{ "escapechar", oEscapeChar },
|
||||
{ "globalknownhostsfile", oGlobalKnownHostsFile },
|
||||
{ "globalknownhostsfile2", oGlobalKnownHostsFile2 }, /* obsolete */
|
||||
{ "globalknownhostsfile2", oDeprecated },
|
||||
{ "userknownhostsfile", oUserKnownHostsFile },
|
||||
{ "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */
|
||||
{ "userknownhostsfile2", oDeprecated },
|
||||
{ "connectionattempts", oConnectionAttempts },
|
||||
{ "batchmode", oBatchMode },
|
||||
{ "checkhostip", oCheckHostIP },
|
||||
@ -245,6 +245,7 @@ static struct {
|
||||
#endif
|
||||
{ "kexalgorithms", oKexAlgorithms },
|
||||
{ "ipqos", oIPQoS },
|
||||
{ "requesttty", oRequestTTY },
|
||||
|
||||
{ NULL, oBadOption }
|
||||
};
|
||||
@ -353,8 +354,10 @@ process_config_line(Options *options, const char *host,
|
||||
char *line, const char *filename, int linenum,
|
||||
int *activep)
|
||||
{
|
||||
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256];
|
||||
int opcode, *intptr, value, value2, scale;
|
||||
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
|
||||
char **cpptr, fwdarg[256];
|
||||
u_int *uintptr, max_entries = 0;
|
||||
int negated, opcode, *intptr, value, value2, scale;
|
||||
LogLevel *log_level_ptr;
|
||||
long long orig, val64;
|
||||
size_t len;
|
||||
@ -597,26 +600,33 @@ process_config_line(Options *options, const char *host,
|
||||
parse_string:
|
||||
arg = strdelim(&s);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%.200s line %d: Missing argument.", filename, linenum);
|
||||
fatal("%.200s line %d: Missing argument.",
|
||||
filename, linenum);
|
||||
if (*activep && *charptr == NULL)
|
||||
*charptr = xstrdup(arg);
|
||||
break;
|
||||
|
||||
case oGlobalKnownHostsFile:
|
||||
charptr = &options->system_hostfile;
|
||||
goto parse_string;
|
||||
cpptr = (char **)&options->system_hostfiles;
|
||||
uintptr = &options->num_system_hostfiles;
|
||||
max_entries = SSH_MAX_HOSTS_FILES;
|
||||
parse_char_array:
|
||||
if (*activep && *uintptr == 0) {
|
||||
while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
|
||||
if ((*uintptr) >= max_entries)
|
||||
fatal("%s line %d: "
|
||||
"too many authorized keys files.",
|
||||
filename, linenum);
|
||||
cpptr[(*uintptr)++] = xstrdup(arg);
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
|
||||
case oUserKnownHostsFile:
|
||||
charptr = &options->user_hostfile;
|
||||
goto parse_string;
|
||||
|
||||
case oGlobalKnownHostsFile2:
|
||||
charptr = &options->system_hostfile2;
|
||||
goto parse_string;
|
||||
|
||||
case oUserKnownHostsFile2:
|
||||
charptr = &options->user_hostfile2;
|
||||
goto parse_string;
|
||||
cpptr = (char **)&options->user_hostfiles;
|
||||
uintptr = &options->num_user_hostfiles;
|
||||
max_entries = SSH_MAX_HOSTS_FILES;
|
||||
goto parse_char_array;
|
||||
|
||||
case oHostName:
|
||||
charptr = &options->hostname;
|
||||
@ -793,12 +803,28 @@ process_config_line(Options *options, const char *host,
|
||||
|
||||
case oHost:
|
||||
*activep = 0;
|
||||
while ((arg = strdelim(&s)) != NULL && *arg != '\0')
|
||||
arg2 = NULL;
|
||||
while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
|
||||
negated = *arg == '!';
|
||||
if (negated)
|
||||
arg++;
|
||||
if (match_pattern(host, arg)) {
|
||||
debug("Applying options for %.100s", arg);
|
||||
if (negated) {
|
||||
debug("%.200s line %d: Skipping Host "
|
||||
"block because of negated match "
|
||||
"for %.100s", filename, linenum,
|
||||
arg);
|
||||
*activep = 0;
|
||||
break;
|
||||
}
|
||||
if (!*activep)
|
||||
arg2 = arg; /* logged below */
|
||||
*activep = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (*activep)
|
||||
debug("%.200s line %d: Applying options for %.100s",
|
||||
filename, linenum, arg2);
|
||||
/* Avoid garbage check below, as strdelim is done. */
|
||||
return 0;
|
||||
|
||||
@ -997,6 +1023,26 @@ process_config_line(Options *options, const char *host,
|
||||
intptr = &options->use_roaming;
|
||||
goto parse_flag;
|
||||
|
||||
case oRequestTTY:
|
||||
arg = strdelim(&s);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: missing argument.",
|
||||
filename, linenum);
|
||||
intptr = &options->request_tty;
|
||||
if (strcasecmp(arg, "yes") == 0)
|
||||
value = REQUEST_TTY_YES;
|
||||
else if (strcasecmp(arg, "no") == 0)
|
||||
value = REQUEST_TTY_NO;
|
||||
else if (strcasecmp(arg, "force") == 0)
|
||||
value = REQUEST_TTY_FORCE;
|
||||
else if (strcasecmp(arg, "auto") == 0)
|
||||
value = REQUEST_TTY_AUTO;
|
||||
else
|
||||
fatal("Unsupported RequestTTY \"%s\"", arg);
|
||||
if (*activep && *intptr == -1)
|
||||
*intptr = value;
|
||||
break;
|
||||
|
||||
case oDeprecated:
|
||||
debug("%s line %d: Deprecated option \"%s\"",
|
||||
filename, linenum, keyword);
|
||||
@ -1121,10 +1167,8 @@ initialize_options(Options * options)
|
||||
options->proxy_command = NULL;
|
||||
options->user = NULL;
|
||||
options->escape_char = -1;
|
||||
options->system_hostfile = NULL;
|
||||
options->user_hostfile = NULL;
|
||||
options->system_hostfile2 = NULL;
|
||||
options->user_hostfile2 = NULL;
|
||||
options->num_system_hostfiles = 0;
|
||||
options->num_user_hostfiles = 0;
|
||||
options->local_forwards = NULL;
|
||||
options->num_local_forwards = 0;
|
||||
options->remote_forwards = NULL;
|
||||
@ -1157,6 +1201,7 @@ initialize_options(Options * options)
|
||||
options->zero_knowledge_password_authentication = -1;
|
||||
options->ip_qos_interactive = -1;
|
||||
options->ip_qos_bulk = -1;
|
||||
options->request_tty = -1;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1263,14 +1308,18 @@ fill_default_options(Options * options)
|
||||
}
|
||||
if (options->escape_char == -1)
|
||||
options->escape_char = '~';
|
||||
if (options->system_hostfile == NULL)
|
||||
options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
|
||||
if (options->user_hostfile == NULL)
|
||||
options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
|
||||
if (options->system_hostfile2 == NULL)
|
||||
options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
|
||||
if (options->user_hostfile2 == NULL)
|
||||
options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
|
||||
if (options->num_system_hostfiles == 0) {
|
||||
options->system_hostfiles[options->num_system_hostfiles++] =
|
||||
xstrdup(_PATH_SSH_SYSTEM_HOSTFILE);
|
||||
options->system_hostfiles[options->num_system_hostfiles++] =
|
||||
xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2);
|
||||
}
|
||||
if (options->num_user_hostfiles == 0) {
|
||||
options->user_hostfiles[options->num_user_hostfiles++] =
|
||||
xstrdup(_PATH_SSH_USER_HOSTFILE);
|
||||
options->user_hostfiles[options->num_user_hostfiles++] =
|
||||
xstrdup(_PATH_SSH_USER_HOSTFILE2);
|
||||
}
|
||||
if (options->log_level == SYSLOG_LEVEL_NOT_SET)
|
||||
options->log_level = SYSLOG_LEVEL_INFO;
|
||||
if (options->clear_forwardings == 1)
|
||||
@ -1315,6 +1364,8 @@ fill_default_options(Options * options)
|
||||
options->ip_qos_interactive = IPTOS_LOWDELAY;
|
||||
if (options->ip_qos_bulk == -1)
|
||||
options->ip_qos_bulk = IPTOS_THROUGHPUT;
|
||||
if (options->request_tty == -1)
|
||||
options->request_tty = REQUEST_TTY_AUTO;
|
||||
/* options->local_command should not be set by default */
|
||||
/* options->proxy_command should not be set by default */
|
||||
/* options->user will be set in the main program if appropriate */
|
||||
|
19
readconf.h
19
readconf.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: readconf.h,v 1.88 2010/11/13 23:27:50 djm Exp $ */
|
||||
/* $OpenBSD: readconf.h,v 1.90 2011/05/24 07:15:47 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -27,7 +27,8 @@ typedef struct {
|
||||
} Forward;
|
||||
/* Data structure for representing option data. */
|
||||
|
||||
#define MAX_SEND_ENV 256
|
||||
#define MAX_SEND_ENV 256
|
||||
#define SSH_MAX_HOSTS_FILES 256
|
||||
|
||||
typedef struct {
|
||||
int forward_agent; /* Forward authentication agent. */
|
||||
@ -83,10 +84,10 @@ typedef struct {
|
||||
char *user; /* User to log in as. */
|
||||
int escape_char; /* Escape character; -2 = none */
|
||||
|
||||
char *system_hostfile;/* Path for /etc/ssh/ssh_known_hosts. */
|
||||
char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */
|
||||
char *system_hostfile2;
|
||||
char *user_hostfile2;
|
||||
u_int num_system_hostfiles; /* Paths for /etc/ssh/ssh_known_hosts */
|
||||
char *system_hostfiles[SSH_MAX_HOSTS_FILES];
|
||||
u_int num_user_hostfiles; /* Path for $HOME/.ssh/known_hosts */
|
||||
char *user_hostfiles[SSH_MAX_HOSTS_FILES];
|
||||
char *preferred_authentications;
|
||||
char *bind_address; /* local socket address for connection to sshd */
|
||||
char *pkcs11_provider; /* PKCS#11 provider */
|
||||
@ -132,6 +133,7 @@ typedef struct {
|
||||
|
||||
int use_roaming;
|
||||
|
||||
int request_tty;
|
||||
} Options;
|
||||
|
||||
#define SSHCTL_MASTER_NO 0
|
||||
@ -140,6 +142,11 @@ typedef struct {
|
||||
#define SSHCTL_MASTER_ASK 3
|
||||
#define SSHCTL_MASTER_AUTO_ASK 4
|
||||
|
||||
#define REQUEST_TTY_AUTO 0
|
||||
#define REQUEST_TTY_NO 1
|
||||
#define REQUEST_TTY_YES 2
|
||||
#define REQUEST_TTY_FORCE 3
|
||||
|
||||
void initialize_options(Options *);
|
||||
void fill_default_options(Options *);
|
||||
int read_config_file(const char *, const char *, Options *, int);
|
||||
|
@ -93,10 +93,6 @@ Failed tests can be difficult to diagnose. Suggestions:
|
||||
|
||||
Known Issues.
|
||||
|
||||
- If your build requires ssh-rand-helper regress tests will fail
|
||||
unless ssh-rand-helper is in pre-installed (the path to
|
||||
ssh-rand-helper is hard coded).
|
||||
|
||||
- Similarly, if you do not have "scp" in your system's $PATH then the
|
||||
multiplex scp tests will fail (since the system's shell startup scripts
|
||||
will determine where the shell started by sshd will look for scp).
|
||||
@ -105,4 +101,4 @@ Known Issues.
|
||||
test to fail. The old behaviour can be restored by setting (and
|
||||
exporting) _POSIX2_VERSION=199209 before running the tests.
|
||||
|
||||
$Id: README.regress,v 1.11 2010/08/16 21:04:29 djm Exp $
|
||||
$Id: README.regress,v 1.12 2011/05/05 03:48:42 djm Exp $
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cert-hostkey.sh,v 1.5 2010/08/31 12:24:09 djm Exp $
|
||||
# $OpenBSD: cert-hostkey.sh,v 1.6 2011/05/20 02:43:36 djm Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="certified host keys"
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cert-userkey.sh,v 1.7 2010/08/31 12:24:09 djm Exp $
|
||||
# $OpenBSD: cert-userkey.sh,v 1.8 2011/05/17 07:13:31 djm Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="certified user keys"
|
||||
@ -27,7 +27,7 @@ for ktype in rsa dsa $ecdsa ; do
|
||||
-n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} ||
|
||||
fail "couldn't sign cert_user_key_${ktype}"
|
||||
# v00 ecdsa certs do not exist
|
||||
test "{ktype}" = "ecdsa" && continue
|
||||
test "${ktype}" = "ecdsa" && continue
|
||||
cp $OBJ/cert_user_key_${ktype} $OBJ/cert_user_key_${ktype}_v00
|
||||
cp $OBJ/cert_user_key_${ktype}.pub $OBJ/cert_user_key_${ktype}_v00.pub
|
||||
${SSHKEYGEN} -q -t v00 -s $OBJ/user_ca_key -I \
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cfgmatch.sh,v 1.4 2006/12/13 08:36:36 dtucker Exp $
|
||||
# $OpenBSD: cfgmatch.sh,v 1.6 2011/06/03 05:35:10 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="sshd_config match"
|
||||
@ -7,6 +7,28 @@ pidfile=$OBJ/remote_pid
|
||||
fwdport=3301
|
||||
fwd="-L $fwdport:127.0.0.1:$PORT"
|
||||
|
||||
echo "ExitOnForwardFailure=yes" >> $OBJ/ssh_config
|
||||
echo "ExitOnForwardFailure=yes" >> $OBJ/ssh_proxy
|
||||
|
||||
start_client()
|
||||
{
|
||||
rm -f $pidfile
|
||||
${SSH} -q -$p $fwd "$@" somehost \
|
||||
exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' \
|
||||
>>$TEST_SSH_LOGFILE 2>&1 &
|
||||
client_pid=$!
|
||||
# Wait for remote end
|
||||
n=0
|
||||
while test ! -f $pidfile ; do
|
||||
sleep 1
|
||||
n=`expr $n + 1`
|
||||
if test $n -gt 60; then
|
||||
kill $client_pid
|
||||
fatal "timeout waiting for background ssh"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
stop_client()
|
||||
{
|
||||
pid=`cat $pidfile`
|
||||
@ -14,11 +36,15 @@ stop_client()
|
||||
kill $pid
|
||||
sleep 1
|
||||
fi
|
||||
wait
|
||||
}
|
||||
|
||||
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak
|
||||
|
||||
grep -v AuthorizedKeysFile $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
|
||||
echo "AuthorizedKeysFile /dev/null" >>$OBJ/sshd_proxy
|
||||
echo "PermitOpen 127.0.0.1:1" >>$OBJ/sshd_config
|
||||
echo "Match user $USER" >>$OBJ/sshd_proxy
|
||||
echo "AuthorizedKeysFile /dev/null $OBJ/authorized_keys_%u" >>$OBJ/sshd_proxy
|
||||
echo "Match Address 127.0.0.1" >>$OBJ/sshd_config
|
||||
echo "PermitOpen 127.0.0.1:$PORT" >>$OBJ/sshd_config
|
||||
|
||||
@ -32,12 +58,8 @@ start_sshd
|
||||
|
||||
# Test Match + PermitOpen in sshd_config. This should be permitted
|
||||
for p in 1 2; do
|
||||
rm -f $pidfile
|
||||
trace "match permitopen localhost proto $p"
|
||||
${SSH} -$p $fwd -F $OBJ/ssh_config -f somehost \
|
||||
exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' >>$TEST_SSH_LOGFILE 2>&1 ||\
|
||||
fail "match permitopen proto $p sshd failed"
|
||||
sleep 1;
|
||||
start_client -F $OBJ/ssh_config
|
||||
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
|
||||
fail "match permitopen permit proto $p"
|
||||
stop_client
|
||||
@ -45,12 +67,8 @@ done
|
||||
|
||||
# Same but from different source. This should not be permitted
|
||||
for p in 1 2; do
|
||||
rm -f $pidfile
|
||||
trace "match permitopen proxy proto $p"
|
||||
${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \
|
||||
exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' >>$TEST_SSH_LOGFILE 2>&1 ||\
|
||||
fail "match permitopen proxy proto $p sshd failed"
|
||||
sleep 1;
|
||||
start_client -F $OBJ/ssh_proxy
|
||||
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
|
||||
fail "match permitopen deny proto $p"
|
||||
stop_client
|
||||
@ -62,12 +80,8 @@ cat $OBJ/rsa.pub >> $OBJ/authorized_keys_$USER
|
||||
echon 'permitopen="127.0.0.1:'$PORT'" ' >>$OBJ/authorized_keys_$USER
|
||||
cat $OBJ/rsa1.pub >> $OBJ/authorized_keys_$USER
|
||||
for p in 1 2; do
|
||||
rm -f $pidfile
|
||||
trace "match permitopen proxy w/key opts proto $p"
|
||||
${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \
|
||||
exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' >>$TEST_SSH_LOGFILE 2>&1 ||\
|
||||
fail "match permitopen w/key opt proto $p sshd failed"
|
||||
sleep 1;
|
||||
start_client -F $OBJ/ssh_proxy
|
||||
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
|
||||
fail "match permitopen deny w/key opt proto $p"
|
||||
stop_client
|
||||
@ -76,12 +90,8 @@ done
|
||||
# Test both sshd_config and key options permitting the same dst/port pair.
|
||||
# Should be permitted.
|
||||
for p in 1 2; do
|
||||
rm -f $pidfile
|
||||
trace "match permitopen localhost proto $p"
|
||||
${SSH} -$p $fwd -F $OBJ/ssh_config -f somehost \
|
||||
exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' >>$TEST_SSH_LOGFILE 2>&1 ||\
|
||||
fail "match permitopen proto $p sshd failed"
|
||||
sleep 1;
|
||||
start_client -F $OBJ/ssh_config
|
||||
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
|
||||
fail "match permitopen permit proto $p"
|
||||
stop_client
|
||||
@ -94,12 +104,8 @@ echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy
|
||||
|
||||
# Test that a Match overrides a PermitOpen in the global section
|
||||
for p in 1 2; do
|
||||
rm -f $pidfile
|
||||
trace "match permitopen proxy w/key opts proto $p"
|
||||
${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \
|
||||
exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' >>$TEST_SSH_LOGFILE 2>&1 ||\
|
||||
fail "match override permitopen proto $p sshd failed"
|
||||
sleep 1;
|
||||
start_client -F $OBJ/ssh_proxy
|
||||
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true && \
|
||||
fail "match override permitopen proto $p"
|
||||
stop_client
|
||||
@ -113,12 +119,8 @@ echo "PermitOpen 127.0.0.1:1 127.0.0.1:2" >>$OBJ/sshd_proxy
|
||||
# Test that a rule that doesn't match doesn't override, plus test a
|
||||
# PermitOpen entry that's not at the start of the list
|
||||
for p in 1 2; do
|
||||
rm -f $pidfile
|
||||
trace "nomatch permitopen proxy w/key opts proto $p"
|
||||
${SSH} -q -$p $fwd -F $OBJ/ssh_proxy -f somehost \
|
||||
exec sh -c \'"echo \$\$ > $pidfile; exec sleep 100"\' >>$TEST_SSH_LOGFILE 2>&1 ||\
|
||||
fail "nomatch override permitopen proto $p sshd failed"
|
||||
sleep 1;
|
||||
start_client -F $OBJ/ssh_proxy
|
||||
${SSH} -q -$p -p $fwdport -F $OBJ/ssh_config somehost true || \
|
||||
fail "nomatch override permitopen proto $p"
|
||||
stop_client
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: cipher-speed.sh,v 1.3 2007/06/07 19:41:46 pvalchev Exp $
|
||||
# $OpenBSD: cipher-speed.sh,v 1.4 2011/08/02 01:23:41 djm Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="cipher speed"
|
||||
@ -12,9 +12,13 @@ tries="1 2"
|
||||
DATA=/bin/ls
|
||||
DATA=/bsd
|
||||
|
||||
macs="hmac-sha1 hmac-md5 umac-64@openssh.com hmac-sha1-96 hmac-md5-96"
|
||||
ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
|
||||
arcfour128 arcfour256 arcfour aes192-cbc aes256-cbc aes128-ctr"
|
||||
arcfour128 arcfour256 arcfour
|
||||
aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se
|
||||
aes128-ctr aes192-ctr aes256-ctr"
|
||||
macs="hmac-sha1 hmac-md5 umac-64@openssh.com hmac-sha1-96 hmac-md5-96"
|
||||
config_defined HAVE_EVP_SHA256 &&
|
||||
macs="$macs hmac-sha2-256 hmac-sha2-256-96 hmac-sha2-512 hmac-sha2-512-96"
|
||||
|
||||
for c in $ciphers; do for m in $macs; do
|
||||
trace "proto 2 cipher $c mac $m"
|
||||
|
@ -1,8 +1,9 @@
|
||||
# $OpenBSD: connect-privsep.sh,v 1.1 2002/03/21 21:45:07 markus Exp $
|
||||
# $OpenBSD: connect-privsep.sh,v 1.2 2011/06/30 22:44:43 markus Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="proxy connect with privsep"
|
||||
|
||||
cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig
|
||||
echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy
|
||||
|
||||
for p in 1 2; do
|
||||
@ -11,3 +12,14 @@ for p in 1 2; do
|
||||
fail "ssh privsep+proxyconnect protocol $p failed"
|
||||
fi
|
||||
done
|
||||
|
||||
cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy
|
||||
echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy
|
||||
|
||||
for p in 1 2; do
|
||||
${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true
|
||||
if [ $? -ne 0 ]; then
|
||||
# XXX replace this with fail once sandbox has stabilised
|
||||
warn "ssh privsep/sandbox+proxyconnect protocol $p failed"
|
||||
fi
|
||||
done
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: dynamic-forward.sh,v 1.4 2004/06/22 22:55:56 dtucker Exp $
|
||||
# $OpenBSD: dynamic-forward.sh,v 1.9 2011/06/03 00:29:52 dtucker Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="dynamic forwarding"
|
||||
@ -20,9 +20,23 @@ trace "will use ProxyCommand $proxycmd"
|
||||
start_sshd
|
||||
|
||||
for p in 1 2; do
|
||||
n=0
|
||||
error="1"
|
||||
trace "start dynamic forwarding, fork to background"
|
||||
${SSH} -$p -F $OBJ/ssh_config -f -D $FWDPORT -q somehost \
|
||||
exec sh -c \'"echo \$\$ > $OBJ/remote_pid; exec sleep 444"\'
|
||||
while [ "$error" -ne 0 -a "$n" -lt 3 ]; do
|
||||
n=`expr $n + 1`
|
||||
${SSH} -$p -F $OBJ/ssh_config -f -D $FWDPORT -q \
|
||||
-oExitOnForwardFailure=yes somehost exec sh -c \
|
||||
\'"echo \$\$ > $OBJ/remote_pid; exec sleep 444"\'
|
||||
error=$?
|
||||
if [ "$error" -ne 0 ]; then
|
||||
trace "forward failed proto $p attempt $n err $error"
|
||||
sleep $n
|
||||
fi
|
||||
done
|
||||
if [ "$error" -ne 0 ]; then
|
||||
fatal "failed to start dynamic forwarding proto $p"
|
||||
fi
|
||||
|
||||
for s in 4 5; do
|
||||
for h in 127.0.0.1 localhost; do
|
||||
@ -44,7 +58,4 @@ for p in 1 2; do
|
||||
else
|
||||
fail "no pid file: $OBJ/remote_pid"
|
||||
fi
|
||||
|
||||
# Must allow time for connection tear-down
|
||||
sleep 2
|
||||
done
|
||||
|
@ -204,6 +204,11 @@ verbose ()
|
||||
fi
|
||||
}
|
||||
|
||||
warn ()
|
||||
{
|
||||
echo "WARNING: $@" >>$TEST_SSH_LOGFILE
|
||||
echo "WARNING: $@"
|
||||
}
|
||||
|
||||
fail ()
|
||||
{
|
||||
|
@ -1,4 +1,4 @@
|
||||
# $OpenBSD: try-ciphers.sh,v 1.11 2007/06/07 19:41:46 pvalchev Exp $
|
||||
# $OpenBSD: try-ciphers.sh,v 1.12 2011/08/02 01:23:41 djm Exp $
|
||||
# Placed in the Public Domain.
|
||||
|
||||
tid="try ciphers"
|
||||
@ -8,6 +8,8 @@ ciphers="aes128-cbc 3des-cbc blowfish-cbc cast128-cbc
|
||||
aes192-cbc aes256-cbc rijndael-cbc@lysator.liu.se
|
||||
aes128-ctr aes192-ctr aes256-ctr"
|
||||
macs="hmac-sha1 hmac-md5 umac-64@openssh.com hmac-sha1-96 hmac-md5-96"
|
||||
config_defined HAVE_EVP_SHA256 &&
|
||||
macs="$macs hmac-sha2-256 hmac-sha2-256-96 hmac-sha2-512 hmac-sha2-512-96"
|
||||
|
||||
for c in $ciphers; do
|
||||
for m in $macs; do
|
||||
|
98
sandbox-darwin.c
Normal file
98
sandbox-darwin.c
Normal file
@ -0,0 +1,98 @@
|
||||
/*
|
||||
* Copyright (c) 2011 Damien Miller <djm@mindrot.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifdef SANDBOX_DARWIN
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <sandbox.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "log.h"
|
||||
#include "sandbox.h"
|
||||
#include "xmalloc.h"
|
||||
|
||||
/* Darwin/OS X sandbox */
|
||||
|
||||
struct ssh_sandbox {
|
||||
pid_t child_pid;
|
||||
};
|
||||
|
||||
struct ssh_sandbox *
|
||||
ssh_sandbox_init(void)
|
||||
{
|
||||
struct ssh_sandbox *box;
|
||||
|
||||
/*
|
||||
* Strictly, we don't need to maintain any state here but we need
|
||||
* to return non-NULL to satisfy the API.
|
||||
*/
|
||||
debug3("%s: preparing Darwin sandbox", __func__);
|
||||
box = xcalloc(1, sizeof(*box));
|
||||
box->child_pid = 0;
|
||||
|
||||
return box;
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_child(struct ssh_sandbox *box)
|
||||
{
|
||||
char *errmsg;
|
||||
struct rlimit rl_zero;
|
||||
|
||||
debug3("%s: starting Darwin sandbox", __func__);
|
||||
if (sandbox_init(kSBXProfilePureComputation, SANDBOX_NAMED,
|
||||
&errmsg) == -1)
|
||||
fatal("%s: sandbox_init: %s", __func__, errmsg);
|
||||
|
||||
/*
|
||||
* The kSBXProfilePureComputation still allows sockets, so
|
||||
* we must disable these using rlimit.
|
||||
*/
|
||||
rl_zero.rlim_cur = rl_zero.rlim_max = 0;
|
||||
if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)
|
||||
fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s",
|
||||
__func__, strerror(errno));
|
||||
if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1)
|
||||
fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s",
|
||||
__func__, strerror(errno));
|
||||
if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1)
|
||||
fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s",
|
||||
__func__, strerror(errno));
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_finish(struct ssh_sandbox *box)
|
||||
{
|
||||
free(box);
|
||||
debug3("%s: finished", __func__);
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
|
||||
{
|
||||
box->child_pid = child_pid;
|
||||
}
|
||||
|
||||
#endif /* SANDBOX_DARWIN */
|
72
sandbox-null.c
Normal file
72
sandbox-null.c
Normal file
@ -0,0 +1,72 @@
|
||||
/* $OpenBSD$ */
|
||||
/*
|
||||
* Copyright (c) 2011 Damien Miller <djm@mindrot.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifdef SANDBOX_NULL
|
||||
|
||||
#include <sys/types.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "log.h"
|
||||
#include "ssh-sandbox.h"
|
||||
#include "xmalloc.h"
|
||||
|
||||
/* dummy sandbox */
|
||||
|
||||
struct ssh_sandbox {
|
||||
int junk;
|
||||
};
|
||||
|
||||
struct ssh_sandbox *
|
||||
ssh_sandbox_init(void)
|
||||
{
|
||||
struct ssh_sandbox *box;
|
||||
|
||||
/*
|
||||
* Strictly, we don't need to maintain any state here but we need
|
||||
* to return non-NULL to satisfy the API.
|
||||
*/
|
||||
box = xcalloc(1, sizeof(*box));
|
||||
return box;
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_child(struct ssh_sandbox *box)
|
||||
{
|
||||
/* Nothing to do here */
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_finish(struct ssh_sandbox *box)
|
||||
{
|
||||
free(box);
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
|
||||
{
|
||||
/* Nothing to do here */
|
||||
}
|
||||
|
||||
#endif /* SANDBOX_NULL */
|
93
sandbox-rlimit.c
Normal file
93
sandbox-rlimit.c
Normal file
@ -0,0 +1,93 @@
|
||||
/* $OpenBSD: sandbox-rlimit.c,v 1.3 2011/06/23 09:34:13 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2011 Damien Miller <djm@mindrot.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifdef SANDBOX_RLIMIT
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/param.h>
|
||||
#include <sys/time.h>
|
||||
#include <sys/resource.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "log.h"
|
||||
#include "ssh-sandbox.h"
|
||||
#include "xmalloc.h"
|
||||
|
||||
/* Minimal sandbox that sets zero nfiles, nprocs and filesize rlimits */
|
||||
|
||||
struct ssh_sandbox {
|
||||
pid_t child_pid;
|
||||
};
|
||||
|
||||
struct ssh_sandbox *
|
||||
ssh_sandbox_init(void)
|
||||
{
|
||||
struct ssh_sandbox *box;
|
||||
|
||||
/*
|
||||
* Strictly, we don't need to maintain any state here but we need
|
||||
* to return non-NULL to satisfy the API.
|
||||
*/
|
||||
debug3("%s: preparing rlimit sandbox", __func__);
|
||||
box = xcalloc(1, sizeof(*box));
|
||||
box->child_pid = 0;
|
||||
|
||||
return box;
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_child(struct ssh_sandbox *box)
|
||||
{
|
||||
struct rlimit rl_zero;
|
||||
|
||||
rl_zero.rlim_cur = rl_zero.rlim_max = 0;
|
||||
|
||||
if (setrlimit(RLIMIT_FSIZE, &rl_zero) == -1)
|
||||
fatal("%s: setrlimit(RLIMIT_FSIZE, { 0, 0 }): %s",
|
||||
__func__, strerror(errno));
|
||||
if (setrlimit(RLIMIT_NOFILE, &rl_zero) == -1)
|
||||
fatal("%s: setrlimit(RLIMIT_NOFILE, { 0, 0 }): %s",
|
||||
__func__, strerror(errno));
|
||||
#ifdef HAVE_RLIMIT_NPROC
|
||||
if (setrlimit(RLIMIT_NPROC, &rl_zero) == -1)
|
||||
fatal("%s: setrlimit(RLIMIT_NPROC, { 0, 0 }): %s",
|
||||
__func__, strerror(errno));
|
||||
#endif
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_finish(struct ssh_sandbox *box)
|
||||
{
|
||||
free(box);
|
||||
debug3("%s: finished", __func__);
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
|
||||
{
|
||||
box->child_pid = child_pid;
|
||||
}
|
||||
|
||||
#endif /* SANDBOX_RLIMIT */
|
198
sandbox-systrace.c
Normal file
198
sandbox-systrace.c
Normal file
@ -0,0 +1,198 @@
|
||||
/* $OpenBSD: sandbox-systrace.c,v 1.4 2011/07/29 14:42:45 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2011 Damien Miller <djm@mindrot.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
|
||||
#ifdef SANDBOX_SYSTRACE
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <sys/param.h>
|
||||
#include <sys/ioctl.h>
|
||||
#include <sys/syscall.h>
|
||||
#include <sys/socket.h>
|
||||
|
||||
#include <dev/systrace.h>
|
||||
|
||||
#include <errno.h>
|
||||
#include <fcntl.h>
|
||||
#include <limits.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "atomicio.h"
|
||||
#include "log.h"
|
||||
#include "ssh-sandbox.h"
|
||||
#include "xmalloc.h"
|
||||
|
||||
struct sandbox_policy {
|
||||
int syscall;
|
||||
int action;
|
||||
};
|
||||
|
||||
/* Permitted syscalls in preauth. Unlisted syscalls get SYSTR_POLICY_KILL */
|
||||
static const struct sandbox_policy preauth_policy[] = {
|
||||
{ SYS_open, SYSTR_POLICY_NEVER },
|
||||
|
||||
{ SYS___sysctl, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_close, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_exit, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_getpid, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_gettimeofday, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_madvise, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_mmap, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_mprotect, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_poll, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_munmap, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_read, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_select, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_sigprocmask, SYSTR_POLICY_PERMIT },
|
||||
{ SYS_write, SYSTR_POLICY_PERMIT },
|
||||
{ -1, -1 }
|
||||
};
|
||||
|
||||
struct ssh_sandbox {
|
||||
int child_sock;
|
||||
int parent_sock;
|
||||
int systrace_fd;
|
||||
pid_t child_pid;
|
||||
};
|
||||
|
||||
struct ssh_sandbox *
|
||||
ssh_sandbox_init(void)
|
||||
{
|
||||
struct ssh_sandbox *box;
|
||||
int s[2];
|
||||
|
||||
debug3("%s: preparing systrace sandbox", __func__);
|
||||
box = xcalloc(1, sizeof(*box));
|
||||
if (socketpair(AF_UNIX, SOCK_STREAM, 0, s) == -1)
|
||||
fatal("%s: socketpair: %s", __func__, strerror(errno));
|
||||
box->child_sock = s[0];
|
||||
box->parent_sock = s[1];
|
||||
box->systrace_fd = -1;
|
||||
box->child_pid = 0;
|
||||
|
||||
return box;
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_child(struct ssh_sandbox *box)
|
||||
{
|
||||
char whatever = 0;
|
||||
|
||||
close(box->parent_sock);
|
||||
/* Signal parent that we are ready */
|
||||
debug3("%s: ready", __func__);
|
||||
if (atomicio(vwrite, box->child_sock, &whatever, 1) != 1)
|
||||
fatal("%s: write: %s", __func__, strerror(errno));
|
||||
/* Wait for parent to signal for us to go */
|
||||
if (atomicio(read, box->child_sock, &whatever, 1) != 1)
|
||||
fatal("%s: read: %s", __func__, strerror(errno));
|
||||
debug3("%s: started", __func__);
|
||||
close(box->child_sock);
|
||||
}
|
||||
|
||||
static void
|
||||
ssh_sandbox_parent(struct ssh_sandbox *box, pid_t child_pid,
|
||||
const struct sandbox_policy *allowed_syscalls)
|
||||
{
|
||||
int dev_systrace, i, j, found;
|
||||
char whatever = 0;
|
||||
struct systrace_policy policy;
|
||||
|
||||
debug3("%s: wait for child %ld", __func__, (long)child_pid);
|
||||
box->child_pid = child_pid;
|
||||
close(box->child_sock);
|
||||
/* Wait for child to signal that it is ready */
|
||||
if (atomicio(read, box->parent_sock, &whatever, 1) != 1)
|
||||
fatal("%s: read: %s", __func__, strerror(errno));
|
||||
debug3("%s: child %ld ready", __func__, (long)child_pid);
|
||||
|
||||
/* Set up systracing of child */
|
||||
if ((dev_systrace = open("/dev/systrace", O_RDONLY)) == -1)
|
||||
fatal("%s: open(\"/dev/systrace\"): %s", __func__,
|
||||
strerror(errno));
|
||||
if (ioctl(dev_systrace, STRIOCCLONE, &box->systrace_fd) == -1)
|
||||
fatal("%s: ioctl(STRIOCCLONE, %d): %s", __func__,
|
||||
dev_systrace, strerror(errno));
|
||||
close(dev_systrace);
|
||||
debug3("%s: systrace attach, fd=%d", __func__, box->systrace_fd);
|
||||
if (ioctl(box->systrace_fd, STRIOCATTACH, &child_pid) == -1)
|
||||
fatal("%s: ioctl(%d, STRIOCATTACH, %d): %s", __func__,
|
||||
box->systrace_fd, child_pid, strerror(errno));
|
||||
|
||||
/* Allocate and assign policy */
|
||||
bzero(&policy, sizeof(policy));
|
||||
policy.strp_op = SYSTR_POLICY_NEW;
|
||||
policy.strp_maxents = SYS_MAXSYSCALL;
|
||||
if (ioctl(box->systrace_fd, STRIOCPOLICY, &policy) == -1)
|
||||
fatal("%s: ioctl(%d, STRIOCPOLICY (new)): %s", __func__,
|
||||
box->systrace_fd, strerror(errno));
|
||||
|
||||
policy.strp_op = SYSTR_POLICY_ASSIGN;
|
||||
policy.strp_pid = box->child_pid;
|
||||
if (ioctl(box->systrace_fd, STRIOCPOLICY, &policy) == -1)
|
||||
fatal("%s: ioctl(%d, STRIOCPOLICY (assign)): %s",
|
||||
__func__, box->systrace_fd, strerror(errno));
|
||||
|
||||
/* Set per-syscall policy */
|
||||
for (i = 0; i < SYS_MAXSYSCALL; i++) {
|
||||
found = 0;
|
||||
for (j = 0; allowed_syscalls[j].syscall != -1; j++) {
|
||||
if (allowed_syscalls[j].syscall == i) {
|
||||
found = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
policy.strp_op = SYSTR_POLICY_MODIFY;
|
||||
policy.strp_code = i;
|
||||
policy.strp_policy = found ?
|
||||
allowed_syscalls[j].action : SYSTR_POLICY_KILL;
|
||||
if (found)
|
||||
debug3("%s: policy: enable syscall %d", __func__, i);
|
||||
if (ioctl(box->systrace_fd, STRIOCPOLICY, &policy) == -1)
|
||||
fatal("%s: ioctl(%d, STRIOCPOLICY (modify)): %s",
|
||||
__func__, box->systrace_fd, strerror(errno));
|
||||
}
|
||||
|
||||
/* Signal the child to start running */
|
||||
debug3("%s: start child %ld", __func__, (long)child_pid);
|
||||
if (atomicio(vwrite, box->parent_sock, &whatever, 1) != 1)
|
||||
fatal("%s: write: %s", __func__, strerror(errno));
|
||||
close(box->parent_sock);
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_finish(struct ssh_sandbox *box)
|
||||
{
|
||||
/* Closing this before the child exits will terminate it */
|
||||
close(box->systrace_fd);
|
||||
|
||||
free(box);
|
||||
debug3("%s: finished", __func__);
|
||||
}
|
||||
|
||||
void
|
||||
ssh_sandbox_parent_preauth(struct ssh_sandbox *box, pid_t child_pid)
|
||||
{
|
||||
ssh_sandbox_parent(box, child_pid, preauth_policy);
|
||||
}
|
||||
|
||||
#endif /* SANDBOX_SYSTRACE */
|
2
scp.0
2
scp.0
@ -153,4 +153,4 @@ AUTHORS
|
||||
Timo Rinne <tri@iki.fi>
|
||||
Tatu Ylonen <ylo@cs.hut.fi>
|
||||
|
||||
OpenBSD 4.9 December 9, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 December 9, 2010 OpenBSD 5.0
|
||||
|
289
servconf.c
289
servconf.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: servconf.c,v 1.213 2010/11/13 23:27:50 djm Exp $ */
|
||||
/* $OpenBSD: servconf.c,v 1.222 2011/06/22 21:57:01 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
* All rights reserved
|
||||
@ -126,8 +126,7 @@ initialize_server_options(ServerOptions *options)
|
||||
options->use_dns = -1;
|
||||
options->client_alive_interval = -1;
|
||||
options->client_alive_count_max = -1;
|
||||
options->authorized_keys_file = NULL;
|
||||
options->authorized_keys_file2 = NULL;
|
||||
options->num_authkeys_files = 0;
|
||||
options->num_accept_env = 0;
|
||||
options->permit_tun = -1;
|
||||
options->num_permitted_opens = -1;
|
||||
@ -264,15 +263,12 @@ fill_default_server_options(ServerOptions *options)
|
||||
options->client_alive_interval = 0;
|
||||
if (options->client_alive_count_max == -1)
|
||||
options->client_alive_count_max = 3;
|
||||
if (options->authorized_keys_file2 == NULL) {
|
||||
/* authorized_keys_file2 falls back to authorized_keys_file */
|
||||
if (options->authorized_keys_file != NULL)
|
||||
options->authorized_keys_file2 = xstrdup(options->authorized_keys_file);
|
||||
else
|
||||
options->authorized_keys_file2 = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2);
|
||||
if (options->num_authkeys_files == 0) {
|
||||
options->authorized_keys_files[options->num_authkeys_files++] =
|
||||
xstrdup(_PATH_SSH_USER_PERMITTED_KEYS);
|
||||
options->authorized_keys_files[options->num_authkeys_files++] =
|
||||
xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2);
|
||||
}
|
||||
if (options->authorized_keys_file == NULL)
|
||||
options->authorized_keys_file = xstrdup(_PATH_SSH_USER_PERMITTED_KEYS);
|
||||
if (options->permit_tun == -1)
|
||||
options->permit_tun = SSH_TUNMODE_NO;
|
||||
if (options->zero_knowledge_password_authentication == -1)
|
||||
@ -284,7 +280,7 @@ fill_default_server_options(ServerOptions *options)
|
||||
|
||||
/* Turn privilege separation on by default */
|
||||
if (use_privsep == -1)
|
||||
use_privsep = 1;
|
||||
use_privsep = PRIVSEP_ON;
|
||||
|
||||
#ifndef HAVE_MMAP
|
||||
if (use_privsep && options->compression == 1) {
|
||||
@ -321,7 +317,7 @@ typedef enum {
|
||||
sMaxStartups, sMaxAuthTries, sMaxSessions,
|
||||
sBanner, sUseDNS, sHostbasedAuthentication,
|
||||
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
|
||||
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
|
||||
sClientAliveCountMax, sAuthorizedKeysFile,
|
||||
sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
|
||||
sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
|
||||
sUsePrivilegeSeparation, sAllowAgentForwarding,
|
||||
@ -438,7 +434,7 @@ static struct {
|
||||
{ "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
|
||||
{ "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
|
||||
{ "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
|
||||
{ "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_ALL },
|
||||
{ "authorizedkeysfile2", sDeprecated, SSHCFG_ALL },
|
||||
{ "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
|
||||
{ "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
|
||||
{ "permittunnel", sPermitTunnel, SSHCFG_ALL },
|
||||
@ -675,6 +671,43 @@ match_cfg_line(char **condition, int line, const char *user, const char *host,
|
||||
|
||||
#define WHITESPACE " \t\r\n"
|
||||
|
||||
/* Multistate option parsing */
|
||||
struct multistate {
|
||||
char *key;
|
||||
int value;
|
||||
};
|
||||
static const struct multistate multistate_addressfamily[] = {
|
||||
{ "inet", AF_INET },
|
||||
{ "inet6", AF_INET6 },
|
||||
{ "any", AF_UNSPEC },
|
||||
{ NULL, -1 }
|
||||
};
|
||||
static const struct multistate multistate_permitrootlogin[] = {
|
||||
{ "without-password", PERMIT_NO_PASSWD },
|
||||
{ "forced-commands-only", PERMIT_FORCED_ONLY },
|
||||
{ "yes", PERMIT_YES },
|
||||
{ "no", PERMIT_NO },
|
||||
{ NULL, -1 }
|
||||
};
|
||||
static const struct multistate multistate_compression[] = {
|
||||
{ "delayed", COMP_DELAYED },
|
||||
{ "yes", COMP_ZLIB },
|
||||
{ "no", COMP_NONE },
|
||||
{ NULL, -1 }
|
||||
};
|
||||
static const struct multistate multistate_gatewayports[] = {
|
||||
{ "clientspecified", 2 },
|
||||
{ "yes", 1 },
|
||||
{ "no", 0 },
|
||||
{ NULL, -1 }
|
||||
};
|
||||
static const struct multistate multistate_privsep[] = {
|
||||
{ "sandbox", PRIVSEP_SANDBOX },
|
||||
{ "yes", PRIVSEP_ON },
|
||||
{ "no", PRIVSEP_OFF },
|
||||
{ NULL, -1 }
|
||||
};
|
||||
|
||||
int
|
||||
process_server_config_line(ServerOptions *options, char *line,
|
||||
const char *filename, int linenum, int *activep, const char *user,
|
||||
@ -688,6 +721,7 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||
int port;
|
||||
u_int i, flags = 0;
|
||||
size_t len;
|
||||
const struct multistate *multistate_ptr;
|
||||
|
||||
cp = line;
|
||||
if ((arg = strdelim(&cp)) == NULL)
|
||||
@ -803,24 +837,27 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||
break;
|
||||
|
||||
case sAddressFamily:
|
||||
intptr = &options->address_family;
|
||||
multistate_ptr = multistate_addressfamily;
|
||||
if (options->listen_addrs != NULL)
|
||||
fatal("%s line %d: address family must be specified "
|
||||
"before ListenAddress.", filename, linenum);
|
||||
parse_multistate:
|
||||
arg = strdelim(&cp);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: missing address family.",
|
||||
fatal("%s line %d: missing argument.",
|
||||
filename, linenum);
|
||||
intptr = &options->address_family;
|
||||
if (options->listen_addrs != NULL)
|
||||
fatal("%s line %d: address family must be specified before "
|
||||
"ListenAddress.", filename, linenum);
|
||||
if (strcasecmp(arg, "inet") == 0)
|
||||
value = AF_INET;
|
||||
else if (strcasecmp(arg, "inet6") == 0)
|
||||
value = AF_INET6;
|
||||
else if (strcasecmp(arg, "any") == 0)
|
||||
value = AF_UNSPEC;
|
||||
else
|
||||
fatal("%s line %d: unsupported address family \"%s\".",
|
||||
value = -1;
|
||||
for (i = 0; multistate_ptr[i].key != NULL; i++) {
|
||||
if (strcasecmp(arg, multistate_ptr[i].key) == 0) {
|
||||
value = multistate_ptr[i].value;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (value == -1)
|
||||
fatal("%s line %d: unsupported option \"%s\".",
|
||||
filename, linenum, arg);
|
||||
if (*intptr == -1)
|
||||
if (*activep && *intptr == -1)
|
||||
*intptr = value;
|
||||
break;
|
||||
|
||||
@ -859,27 +896,8 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||
|
||||
case sPermitRootLogin:
|
||||
intptr = &options->permit_root_login;
|
||||
arg = strdelim(&cp);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: missing yes/"
|
||||
"without-password/forced-commands-only/no "
|
||||
"argument.", filename, linenum);
|
||||
value = 0; /* silence compiler */
|
||||
if (strcmp(arg, "without-password") == 0)
|
||||
value = PERMIT_NO_PASSWD;
|
||||
else if (strcmp(arg, "forced-commands-only") == 0)
|
||||
value = PERMIT_FORCED_ONLY;
|
||||
else if (strcmp(arg, "yes") == 0)
|
||||
value = PERMIT_YES;
|
||||
else if (strcmp(arg, "no") == 0)
|
||||
value = PERMIT_NO;
|
||||
else
|
||||
fatal("%s line %d: Bad yes/"
|
||||
"without-password/forced-commands-only/no "
|
||||
"argument: %s", filename, linenum, arg);
|
||||
if (*activep && *intptr == -1)
|
||||
*intptr = value;
|
||||
break;
|
||||
multistate_ptr = multistate_permitrootlogin;
|
||||
goto parse_multistate;
|
||||
|
||||
case sIgnoreRhosts:
|
||||
intptr = &options->ignore_rhosts;
|
||||
@ -1010,43 +1028,13 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||
|
||||
case sCompression:
|
||||
intptr = &options->compression;
|
||||
arg = strdelim(&cp);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: missing yes/no/delayed "
|
||||
"argument.", filename, linenum);
|
||||
value = 0; /* silence compiler */
|
||||
if (strcmp(arg, "delayed") == 0)
|
||||
value = COMP_DELAYED;
|
||||
else if (strcmp(arg, "yes") == 0)
|
||||
value = COMP_ZLIB;
|
||||
else if (strcmp(arg, "no") == 0)
|
||||
value = COMP_NONE;
|
||||
else
|
||||
fatal("%s line %d: Bad yes/no/delayed "
|
||||
"argument: %s", filename, linenum, arg);
|
||||
if (*intptr == -1)
|
||||
*intptr = value;
|
||||
break;
|
||||
multistate_ptr = multistate_compression;
|
||||
goto parse_multistate;
|
||||
|
||||
case sGatewayPorts:
|
||||
intptr = &options->gateway_ports;
|
||||
arg = strdelim(&cp);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: missing yes/no/clientspecified "
|
||||
"argument.", filename, linenum);
|
||||
value = 0; /* silence compiler */
|
||||
if (strcmp(arg, "clientspecified") == 0)
|
||||
value = 2;
|
||||
else if (strcmp(arg, "yes") == 0)
|
||||
value = 1;
|
||||
else if (strcmp(arg, "no") == 0)
|
||||
value = 0;
|
||||
else
|
||||
fatal("%s line %d: Bad yes/no/clientspecified "
|
||||
"argument: %s", filename, linenum, arg);
|
||||
if (*activep && *intptr == -1)
|
||||
*intptr = value;
|
||||
break;
|
||||
multistate_ptr = multistate_gatewayports;
|
||||
goto parse_multistate;
|
||||
|
||||
case sUseDNS:
|
||||
intptr = &options->use_dns;
|
||||
@ -1084,7 +1072,8 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||
|
||||
case sUsePrivilegeSeparation:
|
||||
intptr = &use_privsep;
|
||||
goto parse_flag;
|
||||
multistate_ptr = multistate_privsep;
|
||||
goto parse_multistate;
|
||||
|
||||
case sAllowUsers:
|
||||
while ((arg = strdelim(&cp)) && *arg != '\0') {
|
||||
@ -1250,14 +1239,22 @@ process_server_config_line(ServerOptions *options, char *line,
|
||||
* AuthorizedKeysFile /etc/ssh_keys/%u
|
||||
*/
|
||||
case sAuthorizedKeysFile:
|
||||
charptr = &options->authorized_keys_file;
|
||||
goto parse_tilde_filename;
|
||||
case sAuthorizedKeysFile2:
|
||||
charptr = &options->authorized_keys_file2;
|
||||
goto parse_tilde_filename;
|
||||
if (*activep && options->num_authkeys_files == 0) {
|
||||
while ((arg = strdelim(&cp)) && *arg != '\0') {
|
||||
if (options->num_authkeys_files >=
|
||||
MAX_AUTHKEYS_FILES)
|
||||
fatal("%s line %d: "
|
||||
"too many authorized keys files.",
|
||||
filename, linenum);
|
||||
options->authorized_keys_files[
|
||||
options->num_authkeys_files++] =
|
||||
tilde_expand_filename(arg, getuid());
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
|
||||
case sAuthorizedPrincipalsFile:
|
||||
charptr = &options->authorized_principals_file;
|
||||
parse_tilde_filename:
|
||||
arg = strdelim(&cp);
|
||||
if (!arg || *arg == '\0')
|
||||
fatal("%s line %d: missing file name.",
|
||||
@ -1476,6 +1473,12 @@ parse_server_match_config(ServerOptions *options, const char *user,
|
||||
dst->n = src->n; \
|
||||
} \
|
||||
} while(0)
|
||||
#define M_CP_STRARRAYOPT(n, num_n) do {\
|
||||
if (src->num_n != 0) { \
|
||||
for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \
|
||||
dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \
|
||||
} \
|
||||
} while(0)
|
||||
|
||||
/*
|
||||
* Copy any supported values that are set.
|
||||
@ -1511,20 +1514,23 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
|
||||
M_CP_INTOPT(ip_qos_interactive);
|
||||
M_CP_INTOPT(ip_qos_bulk);
|
||||
|
||||
M_CP_STROPT(banner);
|
||||
/* See comment in servconf.h */
|
||||
COPY_MATCH_STRING_OPTS();
|
||||
|
||||
/*
|
||||
* The only things that should be below this point are string options
|
||||
* which are only used after authentication.
|
||||
*/
|
||||
if (preauth)
|
||||
return;
|
||||
|
||||
M_CP_STROPT(adm_forced_command);
|
||||
M_CP_STROPT(chroot_directory);
|
||||
M_CP_STROPT(trusted_user_ca_keys);
|
||||
M_CP_STROPT(revoked_keys_file);
|
||||
M_CP_STROPT(authorized_keys_file);
|
||||
M_CP_STROPT(authorized_keys_file2);
|
||||
M_CP_STROPT(authorized_principals_file);
|
||||
}
|
||||
|
||||
#undef M_CP_INTOPT
|
||||
#undef M_CP_STROPT
|
||||
#undef M_CP_STRARRAYOPT
|
||||
|
||||
void
|
||||
parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
|
||||
@ -1549,32 +1555,35 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
|
||||
filename, bad_options);
|
||||
}
|
||||
|
||||
static const char *
|
||||
fmt_multistate_int(int val, const struct multistate *m)
|
||||
{
|
||||
u_int i;
|
||||
|
||||
for (i = 0; m[i].key != NULL; i++) {
|
||||
if (m[i].value == val)
|
||||
return m[i].key;
|
||||
}
|
||||
return "UNKNOWN";
|
||||
}
|
||||
|
||||
static const char *
|
||||
fmt_intarg(ServerOpCodes code, int val)
|
||||
{
|
||||
if (code == sAddressFamily) {
|
||||
switch (val) {
|
||||
case AF_INET:
|
||||
return "inet";
|
||||
case AF_INET6:
|
||||
return "inet6";
|
||||
case AF_UNSPEC:
|
||||
return "any";
|
||||
default:
|
||||
return "UNKNOWN";
|
||||
}
|
||||
}
|
||||
if (code == sPermitRootLogin) {
|
||||
switch (val) {
|
||||
case PERMIT_NO_PASSWD:
|
||||
return "without-password";
|
||||
case PERMIT_FORCED_ONLY:
|
||||
return "forced-commands-only";
|
||||
case PERMIT_YES:
|
||||
return "yes";
|
||||
}
|
||||
}
|
||||
if (code == sProtocol) {
|
||||
if (val == -1)
|
||||
return "unset";
|
||||
switch (code) {
|
||||
case sAddressFamily:
|
||||
return fmt_multistate_int(val, multistate_addressfamily);
|
||||
case sPermitRootLogin:
|
||||
return fmt_multistate_int(val, multistate_permitrootlogin);
|
||||
case sGatewayPorts:
|
||||
return fmt_multistate_int(val, multistate_gatewayports);
|
||||
case sCompression:
|
||||
return fmt_multistate_int(val, multistate_compression);
|
||||
case sUsePrivilegeSeparation:
|
||||
return fmt_multistate_int(val, multistate_privsep);
|
||||
case sProtocol:
|
||||
switch (val) {
|
||||
case SSH_PROTO_1:
|
||||
return "1";
|
||||
@ -1585,20 +1594,16 @@ fmt_intarg(ServerOpCodes code, int val)
|
||||
default:
|
||||
return "UNKNOWN";
|
||||
}
|
||||
default:
|
||||
switch (val) {
|
||||
case 0:
|
||||
return "no";
|
||||
case 1:
|
||||
return "yes";
|
||||
default:
|
||||
return "UNKNOWN";
|
||||
}
|
||||
}
|
||||
if (code == sGatewayPorts && val == 2)
|
||||
return "clientspecified";
|
||||
if (code == sCompression && val == COMP_DELAYED)
|
||||
return "delayed";
|
||||
switch (val) {
|
||||
case -1:
|
||||
return "unset";
|
||||
case 0:
|
||||
return "no";
|
||||
case 1:
|
||||
return "yes";
|
||||
}
|
||||
return "UNKNOWN";
|
||||
}
|
||||
|
||||
static const char *
|
||||
@ -1638,7 +1643,18 @@ dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)
|
||||
u_int i;
|
||||
|
||||
for (i = 0; i < count; i++)
|
||||
printf("%s %s\n", lookup_opcode_name(code), vals[i]);
|
||||
printf("%s %s\n", lookup_opcode_name(code), vals[i]);
|
||||
}
|
||||
|
||||
static void
|
||||
dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals)
|
||||
{
|
||||
u_int i;
|
||||
|
||||
printf("%s", lookup_opcode_name(code));
|
||||
for (i = 0; i < count; i++)
|
||||
printf(" %s", vals[i]);
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
void
|
||||
@ -1736,8 +1752,6 @@ dump_config(ServerOptions *o)
|
||||
dump_cfg_string(sCiphers, o->ciphers);
|
||||
dump_cfg_string(sMacs, o->macs);
|
||||
dump_cfg_string(sBanner, o->banner);
|
||||
dump_cfg_string(sAuthorizedKeysFile, o->authorized_keys_file);
|
||||
dump_cfg_string(sAuthorizedKeysFile2, o->authorized_keys_file2);
|
||||
dump_cfg_string(sForceCommand, o->adm_forced_command);
|
||||
dump_cfg_string(sChrootDirectory, o->chroot_directory);
|
||||
dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
|
||||
@ -1750,6 +1764,8 @@ dump_config(ServerOptions *o)
|
||||
dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
|
||||
|
||||
/* string array arguments */
|
||||
dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files,
|
||||
o->authorized_keys_files);
|
||||
dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
|
||||
o->host_key_files);
|
||||
dump_cfg_strarray(sHostKeyFile, o->num_host_cert_files,
|
||||
@ -1775,7 +1791,8 @@ dump_config(ServerOptions *o)
|
||||
}
|
||||
dump_cfg_string(sPermitTunnel, s);
|
||||
|
||||
printf("ipqos 0x%02x 0x%02x\n", o->ip_qos_interactive, o->ip_qos_bulk);
|
||||
printf("ipqos %s ", iptos2str(o->ip_qos_interactive));
|
||||
printf("%s\n", iptos2str(o->ip_qos_bulk));
|
||||
|
||||
channel_print_adm_permitted_opens();
|
||||
}
|
||||
|
26
servconf.h
26
servconf.h
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: servconf.h,v 1.95 2010/11/13 23:27:50 djm Exp $ */
|
||||
/* $OpenBSD: servconf.h,v 1.99 2011/06/22 21:57:01 djm Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -27,6 +27,7 @@
|
||||
#define MAX_HOSTCERTS 256 /* Max # host certificates. */
|
||||
#define MAX_ACCEPT_ENV 256 /* Max # of env vars. */
|
||||
#define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */
|
||||
#define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */
|
||||
|
||||
/* permit_root_login */
|
||||
#define PERMIT_NOT_SET -1
|
||||
@ -35,6 +36,11 @@
|
||||
#define PERMIT_NO_PASSWD 2
|
||||
#define PERMIT_YES 3
|
||||
|
||||
/* use_privsep */
|
||||
#define PRIVSEP_OFF 0
|
||||
#define PRIVSEP_ON 1
|
||||
#define PRIVSEP_SANDBOX 2
|
||||
|
||||
#define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */
|
||||
#define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */
|
||||
|
||||
@ -145,8 +151,8 @@ typedef struct {
|
||||
* disconnect the session
|
||||
*/
|
||||
|
||||
char *authorized_keys_file; /* File containing public keys */
|
||||
char *authorized_keys_file2;
|
||||
u_int num_authkeys_files; /* Files containing public keys */
|
||||
char *authorized_keys_files[MAX_AUTHKEYS_FILES];
|
||||
|
||||
char *adm_forced_command;
|
||||
|
||||
@ -162,6 +168,20 @@ typedef struct {
|
||||
char *authorized_principals_file;
|
||||
} ServerOptions;
|
||||
|
||||
/*
|
||||
* These are string config options that must be copied between the
|
||||
* Match sub-config and the main config, and must be sent from the
|
||||
* privsep slave to the privsep master. We use a macro to ensure all
|
||||
* the options are copied and the copies are done in the correct order.
|
||||
*/
|
||||
#define COPY_MATCH_STRING_OPTS() do { \
|
||||
M_CP_STROPT(banner); \
|
||||
M_CP_STROPT(trusted_user_ca_keys); \
|
||||
M_CP_STROPT(revoked_keys_file); \
|
||||
M_CP_STROPT(authorized_principals_file); \
|
||||
M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
|
||||
} while (0)
|
||||
|
||||
void initialize_server_options(ServerOptions *);
|
||||
void fill_default_server_options(ServerOptions *);
|
||||
int process_server_config_line(ServerOptions *, char *, const char *, int,
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: serverloop.c,v 1.159 2009/05/28 16:50:16 andreas Exp $ */
|
||||
/* $OpenBSD: serverloop.c,v 1.160 2011/05/15 08:09:01 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -131,8 +131,8 @@ notify_setup(void)
|
||||
{
|
||||
if (pipe(notify_pipe) < 0) {
|
||||
error("pipe(notify_pipe) failed %s", strerror(errno));
|
||||
} else if ((fcntl(notify_pipe[0], F_SETFD, 1) == -1) ||
|
||||
(fcntl(notify_pipe[1], F_SETFD, 1) == -1)) {
|
||||
} else if ((fcntl(notify_pipe[0], F_SETFD, FD_CLOEXEC) == -1) ||
|
||||
(fcntl(notify_pipe[1], F_SETFD, FD_CLOEXEC) == -1)) {
|
||||
error("fcntl(notify_pipe, F_SETFD) failed %s", strerror(errno));
|
||||
close(notify_pipe[0]);
|
||||
close(notify_pipe[1]);
|
||||
|
@ -96,6 +96,10 @@
|
||||
#include <kafs.h>
|
||||
#endif
|
||||
|
||||
#ifdef WITH_SELINUX
|
||||
#include <selinux/selinux.h>
|
||||
#endif
|
||||
|
||||
#define IS_INTERNAL_SFTP(c) \
|
||||
(!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \
|
||||
(c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \
|
||||
@ -1531,6 +1535,9 @@ do_pwchange(Session *s)
|
||||
if (s->ttyfd != -1) {
|
||||
fprintf(stderr,
|
||||
"You must change your password now and login again!\n");
|
||||
#ifdef WITH_SELINUX
|
||||
setexeccon(NULL);
|
||||
#endif
|
||||
#ifdef PASSWD_NEEDS_USERNAME
|
||||
execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name,
|
||||
(char *)NULL);
|
||||
|
@ -61,4 +61,4 @@ HISTORY
|
||||
AUTHORS
|
||||
Markus Friedl <markus@openbsd.org>
|
||||
|
||||
OpenBSD 4.9 January 9, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 January 9, 2010 OpenBSD 5.0
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: sftp-server.c,v 1.93 2010/12/04 00:18:01 djm Exp $ */
|
||||
/* $OpenBSD: sftp-server.c,v 1.94 2011/06/17 21:46:16 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@ -68,7 +68,7 @@ Buffer iqueue;
|
||||
Buffer oqueue;
|
||||
|
||||
/* Version of client */
|
||||
int version;
|
||||
u_int version;
|
||||
|
||||
/* Disable writes */
|
||||
int readonly;
|
||||
@ -522,7 +522,7 @@ process_init(void)
|
||||
Buffer msg;
|
||||
|
||||
version = get_int();
|
||||
verbose("received client version %d", version);
|
||||
verbose("received client version %u", version);
|
||||
buffer_init(&msg);
|
||||
buffer_put_char(&msg, SSH2_FXP_VERSION);
|
||||
buffer_put_int(&msg, SSH2_FILEXFER_VERSION);
|
||||
|
12
sftp.0
12
sftp.0
@ -28,7 +28,13 @@ DESCRIPTION
|
||||
The final usage format allows for automated sessions using the -b option.
|
||||
In such cases, it is necessary to configure non-interactive
|
||||
authentication to obviate the need to enter a password at connection time
|
||||
(see sshd(8) and ssh-keygen(1) for details). The options are as follows:
|
||||
(see sshd(8) and ssh-keygen(1) for details).
|
||||
|
||||
Since some usage formats use colon characters to delimit host names from
|
||||
path names, IPv6 addresses must be enclosed in square brackets to avoid
|
||||
ambiguity.
|
||||
|
||||
The options are as follows:
|
||||
|
||||
-1 Specify the use of protocol version 1.
|
||||
|
||||
@ -287,7 +293,7 @@ INTERACTIVE COMMANDS
|
||||
remote-path is specified, then remote-path must specify a
|
||||
directory.
|
||||
|
||||
If ether the -P or -p flag is specified, then full file
|
||||
If either the -P or -p flag is specified, then full file
|
||||
permissions and access times are copied too.
|
||||
|
||||
If the -r flag is specified then directories will be copied
|
||||
@ -328,4 +334,4 @@ SEE ALSO
|
||||
draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress
|
||||
material.
|
||||
|
||||
OpenBSD 4.9 December 4, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 August 7, 2011 OpenBSD 5.0
|
||||
|
10
sftp.1
10
sftp.1
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: sftp.1,v 1.88 2010/12/04 00:18:01 djm Exp $
|
||||
.\" $OpenBSD: sftp.1,v 1.90 2011/08/07 12:55:30 dtucker Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2001 Damien Miller. All rights reserved.
|
||||
.\"
|
||||
@ -22,7 +22,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: December 4 2010 $
|
||||
.Dd $Mdocdate: August 7 2011 $
|
||||
.Dt SFTP 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -89,6 +89,10 @@ to obviate the need to enter a password at connection time (see
|
||||
and
|
||||
.Xr ssh-keygen 1
|
||||
for details).
|
||||
.Pp
|
||||
Since some usage formats use colon characters to delimit host names from path
|
||||
names, IPv6 addresses must be enclosed in square brackets to avoid ambiguity.
|
||||
.Pp
|
||||
The options are as follows:
|
||||
.Bl -tag -width Ds
|
||||
.It Fl 1
|
||||
@ -479,7 +483,7 @@ is specified, then
|
||||
.Ar remote-path
|
||||
must specify a directory.
|
||||
.Pp
|
||||
If ether the
|
||||
If either the
|
||||
.Fl P
|
||||
or
|
||||
.Fl p
|
||||
|
@ -112,4 +112,4 @@ AUTHORS
|
||||
created OpenSSH. Markus Friedl contributed the support for SSH protocol
|
||||
versions 1.5 and 2.0.
|
||||
|
||||
OpenBSD 4.9 October 28, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 October 28, 2010 OpenBSD 5.0
|
||||
|
34
ssh-add.c
34
ssh-add.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssh-add.c,v 1.100 2010/08/31 12:33:38 djm Exp $ */
|
||||
/* $OpenBSD: ssh-add.c,v 1.101 2011/05/04 21:15:29 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -145,8 +145,12 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
||||
char *comment = NULL;
|
||||
char msg[1024], *certpath;
|
||||
int fd, perms_ok, ret = -1;
|
||||
Buffer keyblob;
|
||||
|
||||
if ((fd = open(filename, O_RDONLY)) < 0) {
|
||||
if (strcmp(filename, "-") == 0) {
|
||||
fd = STDIN_FILENO;
|
||||
filename = "(stdin)";
|
||||
} else if ((fd = open(filename, O_RDONLY)) < 0) {
|
||||
perror(filename);
|
||||
return -1;
|
||||
}
|
||||
@ -155,18 +159,28 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
||||
* Since we'll try to load a keyfile multiple times, permission errors
|
||||
* will occur multiple times, so check perms first and bail if wrong.
|
||||
*/
|
||||
perms_ok = key_perm_ok(fd, filename);
|
||||
close(fd);
|
||||
if (!perms_ok)
|
||||
if (fd != STDIN_FILENO) {
|
||||
perms_ok = key_perm_ok(fd, filename);
|
||||
if (!perms_ok) {
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
buffer_init(&keyblob);
|
||||
if (!key_load_file(fd, filename, &keyblob)) {
|
||||
buffer_free(&keyblob);
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
close(fd);
|
||||
|
||||
/* At first, try empty passphrase */
|
||||
private = key_load_private(filename, "", &comment);
|
||||
private = key_parse_private(&keyblob, filename, "", &comment);
|
||||
if (comment == NULL)
|
||||
comment = xstrdup(filename);
|
||||
/* try last */
|
||||
if (private == NULL && pass != NULL)
|
||||
private = key_load_private(filename, pass, NULL);
|
||||
private = key_parse_private(&keyblob, filename, pass, NULL);
|
||||
if (private == NULL) {
|
||||
/* clear passphrase since it did not work */
|
||||
clear_pass();
|
||||
@ -177,9 +191,11 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
||||
if (strcmp(pass, "") == 0) {
|
||||
clear_pass();
|
||||
xfree(comment);
|
||||
buffer_free(&keyblob);
|
||||
return -1;
|
||||
}
|
||||
private = key_load_private(filename, pass, &comment);
|
||||
private = key_parse_private(&keyblob, filename, pass,
|
||||
&comment);
|
||||
if (private != NULL)
|
||||
break;
|
||||
clear_pass();
|
||||
@ -187,6 +203,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
||||
"Bad passphrase, try again for %.200s: ", comment);
|
||||
}
|
||||
}
|
||||
buffer_free(&keyblob);
|
||||
|
||||
if (ssh_add_identity_constrained(ac, private, comment, lifetime,
|
||||
confirm)) {
|
||||
@ -372,7 +389,6 @@ main(int argc, char **argv)
|
||||
sanitise_stdfd();
|
||||
|
||||
__progname = ssh_get_progname(argv[0]);
|
||||
init_rng();
|
||||
seed_rng();
|
||||
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
@ -120,4 +120,4 @@ AUTHORS
|
||||
created OpenSSH. Markus Friedl contributed the support for SSH protocol
|
||||
versions 1.5 and 2.0.
|
||||
|
||||
OpenBSD 4.9 November 21, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 November 21, 2010 OpenBSD 5.0
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssh-agent.c,v 1.171 2010/11/21 01:01:13 djm Exp $ */
|
||||
/* $OpenBSD: ssh-agent.c,v 1.172 2011/06/03 01:37:40 dtucker Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -1097,7 +1097,11 @@ cleanup_handler(int sig)
|
||||
static void
|
||||
check_parent_exists(void)
|
||||
{
|
||||
if (parent_pid != -1 && kill(parent_pid, 0) < 0) {
|
||||
/*
|
||||
* If our parent has exited then getppid() will return (pid_t)1,
|
||||
* so testing for that should be safe.
|
||||
*/
|
||||
if (parent_pid != -1 && getppid() != parent_pid) {
|
||||
/* printf("Parent has died - Authentication agent exiting.\n"); */
|
||||
cleanup_socket();
|
||||
_exit(2);
|
||||
@ -1154,7 +1158,6 @@ main(int ac, char **av)
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
||||
__progname = ssh_get_progname(av[0]);
|
||||
init_rng();
|
||||
seed_rng();
|
||||
|
||||
while ((ch = getopt(ac, av, "cdksa:t:")) != -1) {
|
||||
|
21
ssh-keygen.0
21
ssh-keygen.0
@ -24,6 +24,7 @@ SYNOPSIS
|
||||
ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]
|
||||
[-O option] [-V validity_interval] [-z serial_number] file ...
|
||||
ssh-keygen -L [-f input_keyfile]
|
||||
ssh-keygen -A
|
||||
|
||||
DESCRIPTION
|
||||
ssh-keygen generates, manages and converts authentication keys for
|
||||
@ -57,8 +58,8 @@ DESCRIPTION
|
||||
the -p option.
|
||||
|
||||
There is no way to recover a lost passphrase. If the passphrase is lost
|
||||
or forgotten, a new key must be generated and copied to the corresponding
|
||||
public key to other machines.
|
||||
or forgotten, a new key must be generated and the corresponding public
|
||||
key copied to other machines.
|
||||
|
||||
For RSA1 keys, there is also a comment field in the key file that is only
|
||||
for convenience to the user to help identify the key. The comment can
|
||||
@ -71,6 +72,12 @@ DESCRIPTION
|
||||
|
||||
The options are as follows:
|
||||
|
||||
-A For each of the key types (rsa1, rsa, dsa and ecdsa) for which
|
||||
host keys do not exist, generate the host keys with the default
|
||||
key file path, an empty passphrase, default bits for the key
|
||||
type, and default comment. This is used by /etc/rc to generate
|
||||
new host keys.
|
||||
|
||||
-a trials
|
||||
Specifies the number of primality tests to perform when screening
|
||||
DH-GEX candidates using the -T command.
|
||||
@ -82,7 +89,11 @@ DESCRIPTION
|
||||
Specifies the number of bits in the key to create. For RSA keys,
|
||||
the minimum size is 768 bits and the default is 2048 bits.
|
||||
Generally, 2048 bits is considered sufficient. DSA keys must be
|
||||
exactly 1024 bits as specified by FIPS 186-2.
|
||||
exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys,
|
||||
the -b flag determines they key length by selecting from one of
|
||||
three elliptic curve sizes: 256, 384 or 521 bits. Attempting to
|
||||
use bit lengths other than these three values for ECDSA keys will
|
||||
fail.
|
||||
|
||||
-C comment
|
||||
Provides a new comment.
|
||||
@ -231,7 +242,7 @@ DESCRIPTION
|
||||
containing the private key, for the old passphrase, and twice for
|
||||
the new passphrase.
|
||||
|
||||
-q Silence ssh-keygen. Used by /etc/rc when creating a new key.
|
||||
-q Silence ssh-keygen.
|
||||
|
||||
-R hostname
|
||||
Removes all keys belonging to hostname from a known_hosts file.
|
||||
@ -440,4 +451,4 @@ AUTHORS
|
||||
created OpenSSH. Markus Friedl contributed the support for SSH protocol
|
||||
versions 1.5 and 2.0.
|
||||
|
||||
OpenBSD 4.9 October 28, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 April 13, 2011 OpenBSD 5.0
|
||||
|
27
ssh-keygen.1
27
ssh-keygen.1
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: ssh-keygen.1,v 1.101 2010/10/28 18:33:28 jmc Exp $
|
||||
.\" $OpenBSD: ssh-keygen.1,v 1.106 2011/04/13 04:09:37 djm Exp $
|
||||
.\"
|
||||
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -35,7 +35,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: October 28 2010 $
|
||||
.Dd $Mdocdate: April 13 2011 $
|
||||
.Dt SSH-KEYGEN 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -117,6 +117,8 @@
|
||||
.Nm ssh-keygen
|
||||
.Fl L
|
||||
.Op Fl f Ar input_keyfile
|
||||
.Nm ssh-keygen
|
||||
.Fl A
|
||||
.Ek
|
||||
.Sh DESCRIPTION
|
||||
.Nm
|
||||
@ -173,9 +175,8 @@ The passphrase can be changed later by using the
|
||||
option.
|
||||
.Pp
|
||||
There is no way to recover a lost passphrase.
|
||||
If the passphrase is
|
||||
lost or forgotten, a new key must be generated and copied to the
|
||||
corresponding public key to other machines.
|
||||
If the passphrase is lost or forgotten, a new key must be generated
|
||||
and the corresponding public key copied to other machines.
|
||||
.Pp
|
||||
For RSA1 keys,
|
||||
there is also a comment field in the key file that is only for
|
||||
@ -192,6 +193,13 @@ should be placed to be activated.
|
||||
.Pp
|
||||
The options are as follows:
|
||||
.Bl -tag -width Ds
|
||||
.It Fl A
|
||||
For each of the key types (rsa1, rsa, dsa and ecdsa) for which host keys
|
||||
do not exist, generate the host keys with the default key file path,
|
||||
an empty passphrase, default bits for the key type, and default comment.
|
||||
This is used by
|
||||
.Pa /etc/rc
|
||||
to generate new host keys.
|
||||
.It Fl a Ar trials
|
||||
Specifies the number of primality tests to perform when screening DH-GEX
|
||||
candidates using the
|
||||
@ -204,6 +212,12 @@ Specifies the number of bits in the key to create.
|
||||
For RSA keys, the minimum size is 768 bits and the default is 2048 bits.
|
||||
Generally, 2048 bits is considered sufficient.
|
||||
DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
|
||||
For ECDSA keys, the
|
||||
.Fl b
|
||||
flag determines they key length by selecting from one of three elliptic
|
||||
curve sizes: 256, 384 or 521 bits.
|
||||
Attempting to use bit lengths other than these three values for ECDSA keys
|
||||
will fail.
|
||||
.It Fl C Ar comment
|
||||
Provides a new comment.
|
||||
.It Fl c
|
||||
@ -393,9 +407,6 @@ new passphrase.
|
||||
.It Fl q
|
||||
Silence
|
||||
.Nm ssh-keygen .
|
||||
Used by
|
||||
.Pa /etc/rc
|
||||
when creating a new key.
|
||||
.It Fl R Ar hostname
|
||||
Removes all keys belonging to
|
||||
.Ar hostname
|
||||
|
181
ssh-keygen.c
181
ssh-keygen.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssh-keygen.c,v 1.205 2011/01/11 06:13:10 djm Exp $ */
|
||||
/* $OpenBSD: ssh-keygen.c,v 1.210 2011/04/18 00:46:05 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
@ -49,10 +49,7 @@
|
||||
#include "hostfile.h"
|
||||
#include "dns.h"
|
||||
#include "ssh2.h"
|
||||
|
||||
#ifdef ENABLE_PKCS11
|
||||
#include "ssh-pkcs11.h"
|
||||
#endif
|
||||
|
||||
/* Number of bits in the RSA/DSA key. This value can be set on the command line. */
|
||||
#define DEFAULT_BITS 2048
|
||||
@ -159,6 +156,38 @@ char hostname[MAXHOSTNAMELEN];
|
||||
int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
|
||||
int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
|
||||
|
||||
static void
|
||||
type_bits_valid(int type, u_int32_t *bitsp)
|
||||
{
|
||||
u_int maxbits;
|
||||
|
||||
if (type == KEY_UNSPEC) {
|
||||
fprintf(stderr, "unknown key type %s\n", key_type_name);
|
||||
exit(1);
|
||||
}
|
||||
if (*bitsp == 0) {
|
||||
if (type == KEY_DSA)
|
||||
*bitsp = DEFAULT_BITS_DSA;
|
||||
else if (type == KEY_ECDSA)
|
||||
*bitsp = DEFAULT_BITS_ECDSA;
|
||||
else
|
||||
*bitsp = DEFAULT_BITS;
|
||||
}
|
||||
maxbits = (type == KEY_DSA) ?
|
||||
OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
|
||||
if (*bitsp > maxbits) {
|
||||
fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
|
||||
exit(1);
|
||||
}
|
||||
if (type == KEY_DSA && *bitsp != 1024)
|
||||
fatal("DSA keys must be 1024 bits");
|
||||
else if (type != KEY_ECDSA && *bitsp < 768)
|
||||
fatal("Key must at least be 768 bits");
|
||||
else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1)
|
||||
fatal("Invalid ECDSA key length - valid lengths are "
|
||||
"256, 384 or 521 bits");
|
||||
}
|
||||
|
||||
static void
|
||||
ask_filename(struct passwd *pw, const char *prompt)
|
||||
{
|
||||
@ -817,6 +846,98 @@ do_fingerprint(struct passwd *pw)
|
||||
exit(0);
|
||||
}
|
||||
|
||||
static void
|
||||
do_gen_all_hostkeys(struct passwd *pw)
|
||||
{
|
||||
struct {
|
||||
char *key_type;
|
||||
char *key_type_display;
|
||||
char *path;
|
||||
} key_types[] = {
|
||||
{ "rsa1", "RSA1", _PATH_HOST_KEY_FILE },
|
||||
{ "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE },
|
||||
{ "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE },
|
||||
{ "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE },
|
||||
{ NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
int first = 0;
|
||||
struct stat st;
|
||||
Key *private, *public;
|
||||
char comment[1024];
|
||||
int i, type, fd;
|
||||
FILE *f;
|
||||
|
||||
for (i = 0; key_types[i].key_type; i++) {
|
||||
if (stat(key_types[i].path, &st) == 0)
|
||||
continue;
|
||||
if (errno != ENOENT) {
|
||||
printf("Could not stat %s: %s", key_types[i].path,
|
||||
strerror(errno));
|
||||
first = 0;
|
||||
continue;
|
||||
}
|
||||
|
||||
if (first == 0) {
|
||||
first = 1;
|
||||
printf("%s: generating new host keys: ", __progname);
|
||||
}
|
||||
printf("%s ", key_types[i].key_type_display);
|
||||
fflush(stdout);
|
||||
arc4random_stir();
|
||||
type = key_type_from_name(key_types[i].key_type);
|
||||
strlcpy(identity_file, key_types[i].path, sizeof(identity_file));
|
||||
bits = 0;
|
||||
type_bits_valid(type, &bits);
|
||||
private = key_generate(type, bits);
|
||||
if (private == NULL) {
|
||||
fprintf(stderr, "key_generate failed\n");
|
||||
first = 0;
|
||||
continue;
|
||||
}
|
||||
public = key_from_private(private);
|
||||
snprintf(comment, sizeof comment, "%s@%s", pw->pw_name,
|
||||
hostname);
|
||||
if (!key_save_private(private, identity_file, "", comment)) {
|
||||
printf("Saving the key failed: %s.\n", identity_file);
|
||||
key_free(private);
|
||||
key_free(public);
|
||||
first = 0;
|
||||
continue;
|
||||
}
|
||||
key_free(private);
|
||||
arc4random_stir();
|
||||
strlcat(identity_file, ".pub", sizeof(identity_file));
|
||||
fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
|
||||
if (fd == -1) {
|
||||
printf("Could not save your public key in %s\n",
|
||||
identity_file);
|
||||
key_free(public);
|
||||
first = 0;
|
||||
continue;
|
||||
}
|
||||
f = fdopen(fd, "w");
|
||||
if (f == NULL) {
|
||||
printf("fdopen %s failed\n", identity_file);
|
||||
key_free(public);
|
||||
first = 0;
|
||||
continue;
|
||||
}
|
||||
if (!key_write(public, f)) {
|
||||
fprintf(stderr, "write key failed\n");
|
||||
key_free(public);
|
||||
first = 0;
|
||||
continue;
|
||||
}
|
||||
fprintf(f, " %s\n", comment);
|
||||
fclose(f);
|
||||
key_free(public);
|
||||
|
||||
}
|
||||
if (first != 0)
|
||||
printf("\n");
|
||||
}
|
||||
|
||||
static void
|
||||
printhost(FILE *f, const char *name, Key *public, int ca, int hash)
|
||||
{
|
||||
@ -1329,6 +1450,9 @@ prepare_options_buf(Buffer *c, int which)
|
||||
if ((which & OPTIONS_CRITICAL) != 0 &&
|
||||
certflags_command != NULL)
|
||||
add_string_option(c, "force-command", certflags_command);
|
||||
if ((which & OPTIONS_EXTENSIONS) != 0 &&
|
||||
(certflags_flags & CERTOPT_X_FWD) != 0)
|
||||
add_flag_option(c, "permit-X11-forwarding");
|
||||
if ((which & OPTIONS_EXTENSIONS) != 0 &&
|
||||
(certflags_flags & CERTOPT_AGENT_FWD) != 0)
|
||||
add_flag_option(c, "permit-agent-forwarding");
|
||||
@ -1341,9 +1465,6 @@ prepare_options_buf(Buffer *c, int which)
|
||||
if ((which & OPTIONS_EXTENSIONS) != 0 &&
|
||||
(certflags_flags & CERTOPT_USER_RC) != 0)
|
||||
add_flag_option(c, "permit-user-rc");
|
||||
if ((which & OPTIONS_EXTENSIONS) != 0 &&
|
||||
(certflags_flags & CERTOPT_X_FWD) != 0)
|
||||
add_flag_option(c, "permit-X11-forwarding");
|
||||
if ((which & OPTIONS_CRITICAL) != 0 &&
|
||||
certflags_src_addr != NULL)
|
||||
add_string_option(c, "source-address", certflags_src_addr);
|
||||
@ -1593,7 +1714,7 @@ add_cert_option(char *opt)
|
||||
{
|
||||
char *val;
|
||||
|
||||
if (strcmp(opt, "clear") == 0)
|
||||
if (strcasecmp(opt, "clear") == 0)
|
||||
certflags_flags = 0;
|
||||
else if (strcasecmp(opt, "no-x11-forwarding") == 0)
|
||||
certflags_flags &= ~CERTOPT_X_FWD;
|
||||
@ -1745,6 +1866,7 @@ usage(void)
|
||||
{
|
||||
fprintf(stderr, "usage: %s [options]\n", __progname);
|
||||
fprintf(stderr, "Options:\n");
|
||||
fprintf(stderr, " -A Generate non-existent host keys for all key types.\n");
|
||||
fprintf(stderr, " -a trials Number of trials for screening DH-GEX moduli.\n");
|
||||
fprintf(stderr, " -B Show bubblebabble digest of key file.\n");
|
||||
fprintf(stderr, " -b bits Number of bits in the key to create.\n");
|
||||
@ -1799,9 +1921,9 @@ main(int argc, char **argv)
|
||||
struct passwd *pw;
|
||||
struct stat st;
|
||||
int opt, type, fd;
|
||||
u_int maxbits;
|
||||
u_int32_t memory = 0, generator_wanted = 0, trials = 100;
|
||||
int do_gen_candidates = 0, do_screen_candidates = 0;
|
||||
int gen_all_hostkeys = 0;
|
||||
BIGNUM *start = NULL;
|
||||
FILE *f;
|
||||
const char *errstr;
|
||||
@ -1817,7 +1939,6 @@ main(int argc, char **argv)
|
||||
OpenSSL_add_all_algorithms();
|
||||
log_init(argv[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
|
||||
|
||||
init_rng();
|
||||
seed_rng();
|
||||
|
||||
/* we need this for the home * directory. */
|
||||
@ -1831,9 +1952,12 @@ main(int argc, char **argv)
|
||||
exit(1);
|
||||
}
|
||||
|
||||
while ((opt = getopt(argc, argv, "degiqpclBHLhvxXyF:b:f:t:D:I:P:m:N:n:"
|
||||
while ((opt = getopt(argc, argv, "AegiqpclBHLhvxXyF:b:f:t:D:I:P:m:N:n:"
|
||||
"O:C:r:g:R:T:G:M:S:s:a:V:W:z:")) != -1) {
|
||||
switch (opt) {
|
||||
case 'A':
|
||||
gen_all_hostkeys = 1;
|
||||
break;
|
||||
case 'b':
|
||||
bits = (u_int32_t)strtonum(optarg, 256, 32768, &errstr);
|
||||
if (errstr)
|
||||
@ -1928,9 +2052,6 @@ main(int argc, char **argv)
|
||||
case 'y':
|
||||
print_public = 1;
|
||||
break;
|
||||
case 'd':
|
||||
key_type_name = "dsa";
|
||||
break;
|
||||
case 's':
|
||||
ca_key_path = optarg;
|
||||
break;
|
||||
@ -2109,37 +2230,19 @@ main(int argc, char **argv)
|
||||
return (0);
|
||||
}
|
||||
|
||||
if (gen_all_hostkeys) {
|
||||
do_gen_all_hostkeys(pw);
|
||||
return (0);
|
||||
}
|
||||
|
||||
arc4random_stir();
|
||||
|
||||
if (key_type_name == NULL)
|
||||
key_type_name = "rsa";
|
||||
|
||||
type = key_type_from_name(key_type_name);
|
||||
if (type == KEY_UNSPEC) {
|
||||
fprintf(stderr, "unknown key type %s\n", key_type_name);
|
||||
exit(1);
|
||||
}
|
||||
if (bits == 0) {
|
||||
if (type == KEY_DSA)
|
||||
bits = DEFAULT_BITS_DSA;
|
||||
else if (type == KEY_ECDSA)
|
||||
bits = DEFAULT_BITS_ECDSA;
|
||||
else
|
||||
bits = DEFAULT_BITS;
|
||||
}
|
||||
maxbits = (type == KEY_DSA) ?
|
||||
OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
|
||||
if (bits > maxbits) {
|
||||
fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
|
||||
exit(1);
|
||||
}
|
||||
if (type == KEY_DSA && bits != 1024)
|
||||
fatal("DSA keys must be 1024 bits");
|
||||
else if (type != KEY_ECDSA && bits < 768)
|
||||
fatal("Key must at least be 768 bits");
|
||||
else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(bits) == -1)
|
||||
fatal("Invalid ECDSA key length - valid lengths are "
|
||||
"256, 384 or 521 bits");
|
||||
type_bits_valid(type, &bits);
|
||||
|
||||
if (!quiet)
|
||||
printf("Generating public/private %s key pair.\n", key_type_name);
|
||||
private = key_generate(type, bits);
|
||||
|
@ -106,4 +106,4 @@ BUGS
|
||||
This is because it opens a connection to the ssh port, reads the public
|
||||
key, and drops the connection as soon as it gets the key.
|
||||
|
||||
OpenBSD 4.9 August 31, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 August 31, 2010 OpenBSD 5.0
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssh-keyscan.c,v 1.84 2011/01/04 20:44:13 otto Exp $ */
|
||||
/* $OpenBSD: ssh-keyscan.c,v 1.85 2011/03/15 10:36:02 okan Exp $ */
|
||||
/*
|
||||
* Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
|
||||
*
|
||||
@ -535,7 +535,7 @@ conloop(void)
|
||||
seltime.tv_sec--;
|
||||
}
|
||||
} else
|
||||
seltime.tv_sec = seltime.tv_usec = 0;
|
||||
timerclear(&seltime);
|
||||
|
||||
r = xcalloc(read_wait_nfdset, sizeof(fd_mask));
|
||||
e = xcalloc(read_wait_nfdset, sizeof(fd_mask));
|
||||
@ -620,7 +620,6 @@ main(int argc, char **argv)
|
||||
extern char *optarg;
|
||||
|
||||
__progname = ssh_get_progname(argv[0]);
|
||||
init_rng();
|
||||
seed_rng();
|
||||
TAILQ_INIT(&tq);
|
||||
|
||||
|
@ -48,4 +48,4 @@ HISTORY
|
||||
AUTHORS
|
||||
Markus Friedl <markus@openbsd.org>
|
||||
|
||||
OpenBSD 4.9 August 31, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 August 31, 2010 OpenBSD 5.0
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: ssh-keysign.c,v 1.35 2010/08/31 12:33:38 djm Exp $ */
|
||||
/* $OpenBSD: ssh-keysign.c,v 1.36 2011/02/16 00:31:14 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2002 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@ -150,9 +150,10 @@ main(int argc, char **argv)
|
||||
{
|
||||
Buffer b;
|
||||
Options options;
|
||||
Key *keys[2], *key = NULL;
|
||||
#define NUM_KEYTYPES 3
|
||||
Key *keys[NUM_KEYTYPES], *key = NULL;
|
||||
struct passwd *pw;
|
||||
int key_fd[2], i, found, version = 2, fd;
|
||||
int key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
|
||||
u_char *signature, *data;
|
||||
char *host;
|
||||
u_int slen, dlen;
|
||||
@ -165,8 +166,10 @@ main(int argc, char **argv)
|
||||
if (fd > 2)
|
||||
close(fd);
|
||||
|
||||
key_fd[0] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
|
||||
key_fd[1] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
|
||||
i = 0;
|
||||
key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
|
||||
key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);
|
||||
key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
|
||||
|
||||
original_real_uid = getuid(); /* XXX readconf.c needs this */
|
||||
if ((pw = getpwuid(original_real_uid)) == NULL)
|
||||
@ -175,7 +178,6 @@ main(int argc, char **argv)
|
||||
|
||||
permanently_set_uid(pw);
|
||||
|
||||
init_rng();
|
||||
seed_rng();
|
||||
arc4random_stir();
|
||||
|
||||
@ -191,7 +193,11 @@ main(int argc, char **argv)
|
||||
fatal("ssh-keysign not enabled in %s",
|
||||
_PATH_HOST_CONFIG_FILE);
|
||||
|
||||
if (key_fd[0] == -1 && key_fd[1] == -1)
|
||||
for (i = found = 0; i < NUM_KEYTYPES; i++) {
|
||||
if (key_fd[i] != -1)
|
||||
found = 1;
|
||||
}
|
||||
if (found == 0)
|
||||
fatal("could not open any host key");
|
||||
|
||||
OpenSSL_add_all_algorithms();
|
||||
@ -200,7 +206,7 @@ main(int argc, char **argv)
|
||||
RAND_seed(rnd, sizeof(rnd));
|
||||
|
||||
found = 0;
|
||||
for (i = 0; i < 2; i++) {
|
||||
for (i = 0; i < NUM_KEYTYPES; i++) {
|
||||
keys[i] = NULL;
|
||||
if (key_fd[i] == -1)
|
||||
continue;
|
||||
@ -230,7 +236,7 @@ main(int argc, char **argv)
|
||||
xfree(host);
|
||||
|
||||
found = 0;
|
||||
for (i = 0; i < 2; i++) {
|
||||
for (i = 0; i < NUM_KEYTYPES; i++) {
|
||||
if (keys[i] != NULL &&
|
||||
key_equal_public(key, keys[i])) {
|
||||
found = 1;
|
||||
|
@ -22,4 +22,4 @@ HISTORY
|
||||
AUTHORS
|
||||
Markus Friedl <markus@openbsd.org>
|
||||
|
||||
OpenBSD 4.9 February 10, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 February 10, 2010 OpenBSD 5.0
|
||||
|
@ -280,7 +280,6 @@ main(int argc, char **argv)
|
||||
TAILQ_INIT(&pkcs11_keylist);
|
||||
pkcs11_init(0);
|
||||
|
||||
init_rng();
|
||||
seed_rng();
|
||||
__progname = ssh_get_progname(argv[0]);
|
||||
|
||||
|
14
ssh-pkcs11.c
14
ssh-pkcs11.c
@ -590,4 +590,18 @@ pkcs11_add_provider(char *provider_id, char *pin, Key ***keyp)
|
||||
return (-1);
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
int
|
||||
pkcs11_init(int interactive)
|
||||
{
|
||||
return (0);
|
||||
}
|
||||
|
||||
void
|
||||
pkcs11_terminate(void)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
#endif /* ENABLE_PKCS11 */
|
||||
|
23
ssh-sandbox.h
Normal file
23
ssh-sandbox.h
Normal file
@ -0,0 +1,23 @@
|
||||
/* $OpenBSD: ssh-sandbox.h,v 1.1 2011/06/23 09:34:13 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2011 Damien Miller <djm@mindrot.org>
|
||||
*
|
||||
* Permission to use, copy, modify, and distribute this software for any
|
||||
* purpose with or without fee is hereby granted, provided that the above
|
||||
* copyright notice and this permission notice appear in all copies.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*/
|
||||
|
||||
struct ssh_sandbox;
|
||||
|
||||
struct ssh_sandbox *ssh_sandbox_init(void);
|
||||
void ssh_sandbox_child(struct ssh_sandbox *);
|
||||
void ssh_sandbox_parent_finish(struct ssh_sandbox *);
|
||||
void ssh_sandbox_parent_preauth(struct ssh_sandbox *, pid_t);
|
13
ssh.0
13
ssh.0
@ -202,8 +202,9 @@ DESCRIPTION
|
||||
the -O option is specified, the ctl_cmd argument is interpreted
|
||||
and passed to the master process. Valid commands are: ``check''
|
||||
(check that the master process is running), ``forward'' (request
|
||||
forwardings without command execution) and ``exit'' (request the
|
||||
master to exit).
|
||||
forwardings without command execution), ``exit'' (request the
|
||||
master to exit), and ``stop'' (request the master to stop
|
||||
accepting further multiplexing requests).
|
||||
|
||||
-o option
|
||||
Can be used to give options in the format used in the
|
||||
@ -263,6 +264,7 @@ DESCRIPTION
|
||||
PubkeyAuthentication
|
||||
RekeyLimit
|
||||
RemoteForward
|
||||
RequestTTY
|
||||
RhostsRSAAuthentication
|
||||
RSAAuthentication
|
||||
SendEnv
|
||||
@ -389,8 +391,9 @@ AUTHENTICATION
|
||||
support similar authentication methods, but protocol 2 is the default
|
||||
since it provides additional mechanisms for confidentiality (the traffic
|
||||
is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and
|
||||
integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160). Protocol 1
|
||||
lacks a strong mechanism for ensuring the integrity of the connection.
|
||||
integrity (hmac-md5, hmac-sha1, hmac-sha2-256, hmac-sha2-512, umac-64,
|
||||
hmac-ripemd160). Protocol 1 lacks a strong mechanism for ensuring the
|
||||
integrity of the connection.
|
||||
|
||||
The methods available for authentication are: GSSAPI-based
|
||||
authentication, host-based authentication, public key authentication,
|
||||
@ -895,4 +898,4 @@ AUTHORS
|
||||
created OpenSSH. Markus Friedl contributed the support for SSH protocol
|
||||
versions 1.5 and 2.0.
|
||||
|
||||
OpenBSD 4.9 November 18, 2010 OpenBSD 4.9
|
||||
OpenBSD 5.0 August 2, 2011 OpenBSD 5.0
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user