dtucker [Thu, 14 Jun 2007 13:47:31 +0000 (13:47 +0000)]
- (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definition
of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the
subsequent <0.9.7 test.
dtucker [Thu, 14 Jun 2007 13:21:32 +0000 (13:21 +0000)]
- (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the
USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be
shared with umac.c. Allows building with OpenSSL 0.9.5 again including
umac support. With tim@ djm@, ok djm.
dtucker [Tue, 12 Jun 2007 14:02:07 +0000 (14:02 +0000)]
- dtucker@cvs.openbsd.org 2007/06/12 13:54:28
[scp.c]
Encode filename with strnvis if the name contains a newline (which can't
be represented in the scp protocol), from bz #891. ok markus@
dtucker [Tue, 12 Jun 2007 13:44:36 +0000 (13:44 +0000)]
- dtucker@cvs.openbsd.org 2007/06/12 11:56:15
[gss-genr.c]
Pass GSS OID to gss_display_status to provide better information in
error messages. Patch from Simon Wilkinson via bz 1220. ok djm@
dtucker [Tue, 12 Jun 2007 13:43:16 +0000 (13:43 +0000)]
- djm@cvs.openbsd.org 2007/06/12 11:15:17
[ssh.c ssh.1]
Add "-K" flag for ssh to set GSSAPIAuthentication=yes and
GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI)
and is useful for hosts with /home on Kerberised NFS; bz #1312
patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@
dtucker [Tue, 12 Jun 2007 13:41:33 +0000 (13:41 +0000)]
- djm@cvs.openbsd.org 2007/06/12 11:11:08
[ssh.c]
fix slave exit value when a control master goes away without passing the
full exit status by ensuring that the slave reads a full int. bz#1261
reported by frekko AT gmail.com; ok markus@ dtucker@
dtucker [Tue, 12 Jun 2007 13:41:06 +0000 (13:41 +0000)]
- djm@cvs.openbsd.org 2007/06/12 08:24:20
[scp.c]
make scp try to skip FIFOs rather than blocking when nothing is listening.
depends on the platform supporting sane O_NONBLOCK semantics for open
on FIFOs (apparently POSIX does not mandate this), which OpenBSD does.
bz #856; report by cjwatson AT debian.org; ok markus@
dtucker [Tue, 12 Jun 2007 13:40:39 +0000 (13:40 +0000)]
- djm@cvs.openbsd.org 2007/06/12 08:20:00
[ssh-gss.h gss-serv.c gss-genr.c]
relocate server-only GSSAPI code from libssh to server; bz #1225
patch from simon AT sxw.org.uk; ok markus@ dtucker@
dtucker [Tue, 12 Jun 2007 13:39:52 +0000 (13:39 +0000)]
- djm@cvs.openbsd.org 2007/06/12 07:41:00
[ssh-add.1]
better document ssh-add's -d option (delete identies from agent), bz#1224
new text based on some provided by andrewmc-debian AT celt.dias.ie;
ok dtucker@
djm [Mon, 11 Jun 2007 08:33:15 +0000 (08:33 +0000)]
- markus@cvs.openbsd.org 2007/06/11 08:04:44
[channels.c]
send 'window adjust' messages every tree packets and do not wait
until 50% of the window is consumed. ok djm dtucker
dtucker [Mon, 11 Jun 2007 04:44:02 +0000 (04:44 +0000)]
- (dtucker) [includes.h] Bug #1243: HAVE_PATHS -> HAVE_PATHS_H. Should
prevent warnings about redefinitions of various things in paths.h.
Spotted by cartmanltd at hotmail.com.
dtucker [Mon, 11 Jun 2007 04:34:53 +0000 (04:34 +0000)]
- (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder"
argument to nanosleep may be NULL. Currently this never happens in OpenSSH,
but check anyway in case this changes or the code gets used elsewhere.
djm [Mon, 11 Jun 2007 04:07:12 +0000 (04:07 +0000)]
- jmc@cvs.openbsd.org 2007/06/08 07:48:09
[sshd_config.5]
oops, here too: put the MAC list into a display, like we do for
ciphers, since groff has trouble with wide lines;
djm [Mon, 11 Jun 2007 04:06:32 +0000 (04:06 +0000)]
- jmc@cvs.openbsd.org 2007/06/08 07:43:46
[ssh_config.5]
put the MAC list into a display, like we do for ciphers,
since groff has trouble handling wide lines;
djm [Mon, 11 Jun 2007 04:04:42 +0000 (04:04 +0000)]
- pvalchev@cvs.openbsd.org 2007/06/08 04:40:40
[ssh_config]
Add a "MACs" line after "Ciphers" with the default MAC algorithms,
to ease people who want to tweak both (eg. for performance reasons).
ok deraadt@ djm@ dtucker@
djm [Mon, 11 Jun 2007 04:01:42 +0000 (04:01 +0000)]
- pvalchev@cvs.openbsd.org 2007/06/07 19:37:34
[kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
Add a new MAC algorithm for data integrity, UMAC-64 (not default yet,
must specify umac-64@openssh.com). Provides about 20% end-to-end speedup
compared to hmac-md5. Represents a different approach to message
authentication to that of HMAC that may be beneficial if HMAC based on
one of its underlying hash algorithms is found to be vulnerable to a
new attack. http://www.ietf.org/rfc/rfc4418.txt
in conjunction with and OK djm@
dtucker [Tue, 5 Jun 2007 08:30:18 +0000 (08:30 +0000)]
- djm@cvs.openbsd.org 2007/06/05 06:52:37
[kex.c monitor_wrap.c packet.c mac.h kex.h mac.c]
Preserve MAC ctx between packets, saving 2xhash calls per-packet.
Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5
patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm
committing at his request)
dtucker [Tue, 5 Jun 2007 08:27:13 +0000 (08:27 +0000)]
- jmc@cvs.openbsd.org 2007/05/31 19:20:16
[scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
convert to new .Dd format;
(We will need to teach mdoc2man.awk to understand this too.)
dtucker [Sun, 20 May 2007 05:10:16 +0000 (05:10 +0000)]
- djm@cvs.openbsd.org 2007/05/17 20:52:13
[monitor.c]
pass received SIGINT from monitor to postauth child so it can clean
up properly. bz#1196, patch from senthilkumar_sen AT hotpop.com;
ok markus@
dtucker [Sun, 20 May 2007 05:09:42 +0000 (05:09 +0000)]
- djm@cvs.openbsd.org 2007/05/17 20:48:13
[sshconnect2.c]
fall back to gethostname() when the outgoing connection is not
on a socket, such as is the case when ProxyCommand is used.
Gives hostbased auth an opportunity to work; bz#616, report
and feedback stuart AT kaloram.com; ok markus@
dtucker [Sun, 20 May 2007 05:09:04 +0000 (05:09 +0000)]
- djm@cvs.openbsd.org 2007/05/17 07:55:29
[sftp-server.c]
bz#1286 stop reading and processing commands when input or output buffer
is nearly full, otherwise sftp-server would happily try to grow the
input/output buffers past the maximum supported by the buffer API and
promptly fatal()
based on patch from Thue Janus Kristensen; feedback & ok dtucker@
dtucker [Sun, 20 May 2007 04:59:32 +0000 (04:59 +0000)]
- stevesk@cvs.openbsd.org 2007/04/18 01:12:43
[sftp-server.c]
cast "%llu" format spec to (unsigned long long); do not assume a
u_int64_t arg is the same as 'unsigned long long'.
from Dmitry V. Levin <ldv@altlinux.org>
ok markus@ 'Yes, that looks correct' millert@
- (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1299: Use the
platform's _res if it has one. Should fix problem of DNSSEC record lookups
on NetBSD as reported by Curt Sampson.
tim [Mon, 26 Mar 2007 16:35:28 +0000 (16:35 +0000)]
20070326
- (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c
openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines
to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@
dtucker [Sun, 25 Mar 2007 08:26:01 +0000 (08:26 +0000)]
- (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX,
LIBWRAP and LIBPAM variables in Makefile with the general-purpose
SSHDLIBS. "I like" djm@
dtucker [Wed, 21 Mar 2007 10:39:57 +0000 (10:39 +0000)]
- (dtucker) [configure.ac openbsd-compat/bsd-getpeereid.c] Bug #1287: Use
getpeerucred to implement getpeereid (currently only Solaris 10 and up).
Patch by Jan.Pechanec at Sun.
dtucker [Wed, 21 Mar 2007 09:45:06 +0000 (09:45 +0000)]
- dtucker@cvs.openbsd.org 2007/03/19 12:16:42
[ssh-agent.c]
Remove the signal handler that checks if the agent's parent process
has gone away, instead check when the select loop returns. Record when
the next key will expire when scanning for expired keys. Set the select
timeout to whichever of these two things happens next. With djm@, with &
ok deraadt@ markus@
dtucker [Wed, 21 Mar 2007 09:42:24 +0000 (09:42 +0000)]
- djm@cvs.openbsd.org 2007/03/19 01:01:29
[sshd_config]
Disable the legacy SSH protocol 1 for new installations via
a configuration override. In the future, we will change the
server's default itself so users who need the legacy protocol
will need to turn it on explicitly
dtucker [Wed, 21 Mar 2007 09:38:53 +0000 (09:38 +0000)]
- dtucker@cvs.openbsd.org 2007/03/09 05:20:06
[servconf.c sshd.c]
Move C/R -> kbdint special case to after the defaults have been
loaded, which makes ChallengeResponse default to yes again. This
was broken by the Match changes and not fixed properly subsequently.
Found by okan at demirmen.com, ok djm@ "please do it" deraadt@
dtucker [Tue, 13 Mar 2007 07:50:04 +0000 (07:50 +0000)]
- (dtucker) [cipher-3des1.c cipher-bf1.c] The OpenSSL 0.9.8e problem in
bug #1291 also affects Protocol 1 3des. While at it, use compat-openssl.h
in cipher-bf1.c. Patch from Juan Gallego.
dtucker [Mon, 5 Mar 2007 07:25:20 +0000 (07:25 +0000)]
- (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291: Work around a
bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256
ciphers from working correctly (disconnects with "Bad packet length"
errors) as found by Ben Harris. ok djm@
djm [Mon, 5 Mar 2007 00:51:27 +0000 (00:51 +0000)]
- (djm) [configure.ac] add a --without-openssl-header-check option to
configure, as some platforms (OS X) ship OpenSSL headers whose version
does not match that of the shipping library. ok dtucker@
dtucker [Fri, 2 Mar 2007 06:50:03 +0000 (06:50 +0000)]
- (dtucker) [configure.ac] For Cygwin, read files in textmode (which allows
CRLF as well as LF lineendings) and write in binary mode. Patch from
vinschen at redhat.com.
dtucker [Thu, 1 Mar 2007 10:31:28 +0000 (10:31 +0000)]
- dtucker@cvs.openbsd.org 2007/03/01 10:28:02
[auth2.c sshd_config.5 servconf.c]
Remove ChallengeResponseAuthentication support inside a Match
block as its interaction with KbdInteractive makes it difficult to
support. Also, relocate the CR/kbdint option special-case code into
servconf. "please commit" djm@, ok markus@ for the relocation.
dtucker [Wed, 28 Feb 2007 10:19:58 +0000 (10:19 +0000)]
- dtucker@cvs.openbsd.org 2007/02/28 00:55:30
[ssh-agent.c]
Remove expired keys periodically so they don't remain in memory when
the agent is entirely idle, as noted by David R. Piegdon. This is the
simple fix, a more efficient one will be done later. With markus,
deraadt, with & ok djm.
dtucker [Sun, 25 Feb 2007 09:38:55 +0000 (09:38 +0000)]
- ray@cvs.openbsd.org 2007/02/24 03:30:11
[moduli.c]
- strlen returns size_t, not int.
- Pass full buffer size to fgets.
OK djm@, millert@, and moritz@.
dtucker [Sun, 25 Feb 2007 09:37:21 +0000 (09:37 +0000)]
- dtucker@cvs.openbsd.org 2007/02/21 11:00:05
[sshd.c]
Clear alarm() before restarting sshd on SIGHUP. Without this, if there's
a SIGALRM pending (for SSH1 key regeneration) when sshd is SIGHUP'ed, the
newly exec'ed sshd will get the SIGALRM and not have a handler for it,
and the default action will terminate the listening sshd. Analysis and
patch from andrew at gaul.org.
dtucker [Sun, 25 Feb 2007 09:36:49 +0000 (09:36 +0000)]
- djm@cvs.openbsd.org 2007/02/20 10:25:14
[clientloop.c]
set maximum packet and window sizes the same for multiplexed clients
as normal connections; ok markus@
dtucker [Mon, 19 Feb 2007 11:56:55 +0000 (11:56 +0000)]
- (dtucker) [openbsd-compat/getrrsetbyname.c] Don't attempt to calloc
an array for signatures when there are none since "calloc(0, n) returns
NULL on some platforms (eg Tru64), which is explicitly permitted by
POSIX. Diagnosis and patch by svallet genoscope.cns.fr.
dtucker [Mon, 19 Feb 2007 11:25:37 +0000 (11:25 +0000)]
- dtucker@cvs.openbsd.org 2007/02/19 10:45:58
[monitor_wrap.c servconf.c servconf.h monitor.c sshd_config.5]
Teach Match how handle config directives that are used before
authentication. This allows configurations such as permitting password
authentication from the local net only while requiring pubkey from
offsite. ok djm@, man page bits ok jmc@
dtucker [Mon, 19 Feb 2007 11:14:11 +0000 (11:14 +0000)]
- djm@cvs.openbsd.org 2007/01/22 13:06:21
[scp.c]
fix detection of whether we should show progress meter or not: scp
tested isatty(stderr) but wrote the progress meter to stdout. This patch
makes it test stdout. bz#1265 reported by junkmail AT bitsculpture.com;
of dtucker@
dtucker [Mon, 19 Feb 2007 11:13:39 +0000 (11:13 +0000)]
- djm@cvs.openbsd.org 2007/01/22 11:32:50
[sftp-client.c]
return error from do_upload() when a write fails. fixes bz#1252: zero
exit status from sftp when uploading to a full device. report from
jirkat AT atlas.cz; ok dtucker@
dtucker [Mon, 19 Feb 2007 11:09:45 +0000 (11:09 +0000)]
- dtucker@cvs.openbsd.org 2007/01/17 23:22:52
[readconf.c]
Honour activep for times (eg ServerAliveInterval) while parsing
ssh_config and ~/.ssh/config so they work properly with Host directives.
From mario.lorenz@wincor-nixdorf.com via bz #1275. ok markus@
dtucker [Mon, 19 Feb 2007 11:08:17 +0000 (11:08 +0000)]
- jmc@cvs.openbsd.org 2007/01/10 13:23:22
[ssh_config.5]
do not use a list for SYNOPSIS;
this is actually part of a larger report sent by eric s. raymond
and forwarded by brad, but i only read half of it. spotted by brad.
djm [Sun, 28 Jan 2007 23:16:28 +0000 (23:16 +0000)]
- (djm) [channels.c serverloop.c] Fix so-called "hang on exit" (bz #52)
when closing a tty session when a background process still holds tty
fds open. Great detective work and patch by Marc Aurele La France,
slightly tweaked by me; ok dtucker@
dtucker [Tue, 23 Jan 2007 13:07:29 +0000 (13:07 +0000)]
- (dtucker) [openbsd-compat/bsd-snprintf.c] Static declarations for public
library interfaces aren't very helpful. Fix up the DOPR_OUTCH macro
so it works properly and modify its callers so that they don't pre or
post decrement arguments that are conditionally evaluated. While there,
put SNPRINTF_CONST back as it prevents build failures in some
configurations. ok djm@ (for most of it)
dtucker [Wed, 17 Jan 2007 00:00:13 +0000 (00:00 +0000)]
- (dtucker) [packet.c] Re-remove in_systm.h since it's already in includes.h
and multiple including it causes problems on old IRIXes. (It snuck back
in during a sync.) Found (again) by Georg Schwarz.