djm [Thu, 27 Mar 2008 00:26:56 +0000 (00:26 +0000)]
- djm@cvs.openbsd.org 2008/03/24 21:46:54
[regress/sftp-badcmds.sh]
disable no-replace rename test now that we prefer a POSIX rename; spotted
by dkrause@
djm [Thu, 27 Mar 2008 00:02:02 +0000 (00:02 +0000)]
- djm@cvs.openbsd.org 2008/03/25 11:58:02
[session.c sshd_config.5]
ignore ~/.ssh/rc if a sshd_config ForceCommand is specified;
from dtucker@ ok deraadt@ djm@
djm [Thu, 27 Mar 2008 00:01:15 +0000 (00:01 +0000)]
- deraadt@cvs.openbsd.org 2008/03/24 16:11:07
[monitor_fdpass.c]
msg_controllen has to be CMSG_SPACE so that the kernel can account for
each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This
works now that kernel fd passing has been fixed to accept a bit of
sloppiness because of this ABI repair.
lots of discussion with kettenis
djm [Wed, 26 Mar 2008 23:59:57 +0000 (23:59 +0000)]
- djm@cvs.openbsd.org 2008/03/23 12:54:01
[sftp-client.c]
prefer POSIX-style file renaming over filexfer rename behaviour if the
server supports the posix-rename@openssh.com extension.
Note that the old (filexfer) behaviour would refuse to clobber an
existing file. Users who depended on this should adjust their sftp(1)
usage.
ok deraadt@ markus@
djm [Wed, 26 Mar 2008 23:54:44 +0000 (23:54 +0000)]
- deraadt@cvs.openbsd.org 2008/03/15 16:19:02
[monitor_fdpass.c]
Repair the simple cases for msg_controllen where it should just be
CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
of alignment; ok kettenis hshoexer
djm [Wed, 26 Mar 2008 23:53:23 +0000 (23:53 +0000)]
- deraadt@cvs.openbsd.org 2008/03/13 01:49:53
[monitor_fdpass.c]
Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to
an extensive discussion with otto, kettenis, millert, and hshoexer
djm [Wed, 26 Mar 2008 23:50:21 +0000 (23:50 +0000)]
- jmc@cvs.openbsd.org 2008/02/11 07:58:28
[ssh.1 sshd.8 sshd_config.5]
bump Mdocdate for pages committed in "febuary", necessary because
of a typo in rcs.c;
dtucker [Wed, 26 Mar 2008 20:27:20 +0000 (20:27 +0000)]
- (dtucker) Cache selinux status earlier so we know if it's enabled after a
chroot. Allows ChrootDirectory to work with selinux support compiled in
but not enabled. Using it with selinux enabled will require some selinux
support inside the chroot. "looks sane" djm@
djm [Fri, 14 Mar 2008 22:25:54 +0000 (22:25 +0000)]
- (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
empty; report and patch from Peter Stuge
- (djm) [regress/test-exec.sh] Silence noise from detection of putty
commands; report from Peter Stuge
tim [Fri, 14 Mar 2008 17:39:17 +0000 (17:39 +0000)]
- (tim) [regress/sftp-cmds.sh] s/cd/lcd/ in lls test. Reported by
vinschen at redhat.com. Add () to put echo commands in subshell for lls test
I mistakenly left out of last commit.
djm [Wed, 12 Mar 2008 13:17:00 +0000 (13:17 +0000)]
- djm@cvs.openbsd.org 2007/12/21 04:13:53
[regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh]
[regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh]
basic (crypto, kex and transfer) interop regression tests against putty
To run these, install putty and run "make interop-tests" from the build
directory - the tests aren't run by default yet.
djm [Wed, 12 Mar 2008 12:59:43 +0000 (12:59 +0000)]
- djm@cvs.openbsd.org 2007/12/12 05:04:03
[regress/sftp-cmds.sh]
unbreak lls command and add a regress test that would have caught the
breakage; spotted by mouring@
NB. sftp code change already committed.
djm [Wed, 12 Mar 2008 12:58:55 +0000 (12:58 +0000)]
- jmc@cvs.openbsd.org 2007/11/25 15:35:09
[regress/agent-getpeereid.sh regress/agent.sh]
more existant -> existent, from Martynas Venckus;
pfctl changes: ok henning
ssh changes: ok deraadt
dtucker [Tue, 11 Mar 2008 11:58:25 +0000 (11:58 +0000)]
- (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move
pam_open_session and pam_close_session into the privsep monitor, which
will ensure that pam_session_close is called as root. Patch from Tomas
Mraz.
dtucker [Sun, 9 Mar 2008 11:50:50 +0000 (11:50 +0000)]
- (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch
platforms where gcc understands the option but it's not supported (and
thus generates a warning).
dtucker [Sun, 9 Mar 2008 06:10:09 +0000 (06:10 +0000)]
- (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's
equivalent of LLONG_MAX for the compat regression tests, which makes them
run on AIX and HP-UX. Patch from David Leonard.
dtucker [Sun, 9 Mar 2008 05:36:55 +0000 (05:36 +0000)]
- (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups
implementation. It's not needed to fix bug #1081 and breaks the build
on some AIX configurations.
dtucker [Sun, 9 Mar 2008 00:34:23 +0000 (00:34 +0000)]
- (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't
always work for all platforms and versions, so test what we can and
add a configure flag to turn it of if needed. ok djm@
djm [Fri, 7 Mar 2008 07:35:26 +0000 (07:35 +0000)]
- deraadt@cvs.openbsd.org 2008/03/02 18:19:35
[monitor_fdpass.c]
use a union to ensure alignment of the cmsg (pay attention: various other
parts of the tree need this treatment too); ok djm
djm [Fri, 7 Mar 2008 07:33:53 +0000 (07:33 +0000)]
- djm@cvs.openbsd.org 2008/02/27 20:21:15
[sftp-server.c]
add an extension method "posix-rename@openssh.com" to perform POSIX atomic
rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
ok dtucker@ markus@
djm [Fri, 7 Mar 2008 07:33:30 +0000 (07:33 +0000)]
- dtucker@cvs.openbsd.org 2008/02/22 20:44:02
[clientloop.c packet.c packet.h serverloop.c]
Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
keepalive timer (bz #1307). ok markus@
djm [Fri, 7 Mar 2008 07:33:12 +0000 (07:33 +0000)]
- djm@cvs.openbsd.org 2008/02/22 05:58:56
[session.c]
closefrom() call was too early, delay it until just before we execute
the user's rc files (if any).
djm [Fri, 7 Mar 2008 07:31:47 +0000 (07:31 +0000)]
- mbalmer@cvs.openbsd.org 2008/02/14 13:10:31
[sshd.c]
When started in configuration test mode (-t) do not check that sshd is
being started with an absolute path.
ok djm
djm [Fri, 7 Mar 2008 07:27:58 +0000 (07:27 +0000)]
- jmc@cvs.openbsd.org 2008/02/11 07:58:28
[ssh.1 sshd.8 sshd_config.5]
bump Mdocdate for pages committed in "febuary", necessary because
of a typo in rcs.c;
dtucker [Fri, 29 Feb 2008 02:57:47 +0000 (02:57 +0000)]
- (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in
configure (and there's not much point, as openssh won't work without it)
so HAVE_SELECT is not defined and the poll(2) compat code doesn't get
built in. Remove HAVE_SELECT so we can build on platforms without poll.
dtucker [Thu, 28 Feb 2008 12:16:04 +0000 (12:16 +0000)]
- (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081: Implement
getgrouplist via getgrset on AIX, rather than iterating over getgrent.
This allows, eg, Match and AllowGroups directives to work with NIS and
LDAP groups.
dtucker [Thu, 28 Feb 2008 08:13:52 +0000 (08:13 +0000)]
- (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
header to after OpenSSL headers, since some versions of OpenSSL have
SSLeay_add_all_algorithms as a macro already.
dtucker [Mon, 25 Feb 2008 10:05:04 +0000 (10:05 +0000)]
- (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a local implementation
of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD). Help and testing from csjp at FreeBSD org, vgiffin at apple com. ok djm@
dtucker [Mon, 25 Feb 2008 09:21:20 +0000 (09:21 +0000)]
- (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack
since it now conflicts with the helper function in misc.c. From
vinschen AT redhat.com.
dtucker [Mon, 25 Feb 2008 09:18:31 +0000 (09:18 +0000)]
20080224
- (tim) [contrib/cygwin/ssh-host-config]
Grammar changes on SYSCONFDIR LOCALSTATEDIR messages.
Check more thoroughly that it's possible to create the /var/empty directory.
Patch by vinschen AT redhat.com
tim [Sat, 23 Feb 2008 22:47:37 +0000 (22:47 +0000)]
[contrib/cygwin/ssh-host-config]
Grammar changes on SYSCONFDIR LOCALSTATEDIR messages.
Check more thoroughly that it's possible to create the /var/empty directory.
Patch by vinschen AT redhat.com
djm [Sun, 10 Feb 2008 11:48:55 +0000 (11:48 +0000)]
- djm@cvs.openbsd.org 2008/02/10 10:54:29
[servconf.c session.c]
delay ~ expansion for ChrootDirectory so it expands to the logged-in user's
home, rather than the user who starts sshd (probably root)
djm [Sun, 10 Feb 2008 11:44:20 +0000 (11:44 +0000)]
- djm@cvs.openbsd.org 2008/02/08 23:24:07
[servconf.c servconf.h session.c sftp-server.c sftp.h sshd_config]
[sshd_config.5]
add sshd_config ChrootDirectory option to chroot(2) users to a directory
and tweak internal sftp server to work with it (no special files in chroot
required). ok markus@
djm [Sun, 10 Feb 2008 11:40:12 +0000 (11:40 +0000)]
- djm@cvs.openbsd.org 2008/02/08 23:24:07
[servconf.c servconf.h session.c sftp-server.c sftp.h sshd_config]
[sshd_config.5]
add sshd_config ChrootDirectory option to chroot(2) users to a directory
and tweak internal sftp server to work with it (no special files in
chroot required). ok markus@
djm [Sun, 10 Feb 2008 11:27:47 +0000 (11:27 +0000)]
- dtucker@cvs.openbsd.org 2008/01/23 01:56:54
[clientloop.c packet.c serverloop.c]
Revert the change for bz #1307 as it causes connection aborts if an IGNORE
packet arrives while we're waiting in packet_read_expect (and possibly
elsewhere).
djm [Sun, 10 Feb 2008 11:27:24 +0000 (11:27 +0000)]
- djm@cvs.openbsd.org 2008/01/21 19:20:17
[sftp-client.c]
when a remote write error occurs during an upload, ensure that ACKs for
all issued requests are properly drained. patch from t8m AT centrum.cz
djm [Sun, 10 Feb 2008 11:26:51 +0000 (11:26 +0000)]
- djm@cvs.openbsd.org 2008/01/21 17:24:30
[sftp-server.c]
Remove the fixed 100 handle limit in sftp-server and allocate as many
as we have available file descriptors. Patch from miklos AT szeredi.hu;
ok dtucker@ markus@
djm [Sun, 10 Feb 2008 11:26:24 +0000 (11:26 +0000)]
- djm@cvs.openbsd.org 2008/01/20 00:38:30
[sftp.c]
When uploading, correctly handle the case of an unquoted filename with
glob metacharacters that match a file exactly but not as a glob, e.g. a
file called "[abcd]". report and test cases from duncan2nd AT gmx.de
djm [Sun, 10 Feb 2008 11:25:52 +0000 (11:25 +0000)]
- djm@cvs.openbsd.org 2008/01/19 23:09:49
[readconf.c readconf.h sshconnect2.c]
promote rekeylimit to a int64 so it can hold the maximum useful limit
of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
djm [Sun, 10 Feb 2008 11:25:24 +0000 (11:25 +0000)]
- djm@cvs.openbsd.org 2008/01/19 23:02:40
[channels.c]
When we added support for specified bind addresses for port forwards, we
added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of
this for -L port forwards that causes the client to listen on both v4
and v6 addresses when connected to a server with this quirk, despite
having set 0.0.0.0 as a bind_address.
report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
djm [Sun, 10 Feb 2008 11:24:30 +0000 (11:24 +0000)]
- djm@cvs.openbsd.org 2008/01/19 22:22:58
[ssh-keygen.c]
when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
hash just the specified hostname and not the entire hostspec from the
keyfile. It may be of the form "hostname,ipaddr", which would lead to
a hash that never matches. report and fix from jp AT devnull.cz
djm [Sun, 10 Feb 2008 11:23:41 +0000 (11:23 +0000)]
- djm@cvs.openbsd.org 2008/01/19 22:04:57
[sftp-client.c]
fix remote handle leak in do_download() local file open error path;
report and fix from sworley AT chkno.net
djm [Sun, 10 Feb 2008 11:23:18 +0000 (11:23 +0000)]
- djm@cvs.openbsd.org 2008/01/19 20:51:26
[ssh.c]
ignore SIGPIPE in multiplex client mode - we can receive this if the
server runs out of fds on us midway. Report and patch from
gregory_shively AT fanniemae.com
djm [Sun, 10 Feb 2008 11:22:53 +0000 (11:22 +0000)]
- djm@cvs.openbsd.org 2008/01/19 20:48:53
[clientloop.c]
fd leak on session multiplexing error path. Report and patch from
gregory_shively AT fanniemae.com
djm [Sun, 10 Feb 2008 11:21:28 +0000 (11:21 +0000)]
- djm@cvs.openbsd.org 2008/01/19 19:13:28
[ssh.1]
satisfy the pedants: -q does not suppress all diagnostic messages (e.g.
some commandline parsing warnings go unconditionally to stdout).
djm [Sun, 10 Feb 2008 11:20:44 +0000 (11:20 +0000)]
- chl@cvs.openbsd.org 2008/01/11 07:22:28
[sftp-client.c sftp-client.h]
disable unused functions
initially from tobias@, but disabled them by placing them in
"#ifdef notyet" which was asked by djm@
ok djm@ tobias@
dtucker [Tue, 1 Jan 2008 09:36:56 +0000 (09:36 +0000)]
- dtucker@cvs.openbsd.org 2008/01/01 09:27:33
[sshd_config.5 servconf.c]
Allow PermitRootLogin in a Match block. Allows for, eg, permitting root
only from the local network. ok markus@, man page bit ok jmc@
dtucker [Tue, 1 Jan 2008 09:33:57 +0000 (09:33 +0000)]
- dtucker@cvs.openbsd.org 2008/01/01 09:06:39
[scp.c]
If scp -p encounters a pre-epoch timestamp, use the epoch which is
as close as we can get given that it's used unsigned. Add a little
debugging while there. bz #828, ok djm@
dtucker [Tue, 1 Jan 2008 09:33:09 +0000 (09:33 +0000)]
- dtucker@cvs.openbsd.org 2007/12/31 15:27:04
[sshd.c]
When in inetd mode, have sshd generate a Protocol 1 ephemeral server
key only for connections where the client chooses Protocol 1 as opposed
to when it's enabled in the server's config. Speeds up Protocol 2
connections to inetd-mode servers that also allow Protocol 1. bz #440,
based on a patch from bruno at wolff.to, ok markus@
dtucker [Mon, 31 Dec 2007 10:29:26 +0000 (10:29 +0000)]
- (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of
builtin glob implementation on Mac OS X. Based on a patch from
vgiffin at apple.
dtucker [Fri, 28 Dec 2007 22:37:10 +0000 (22:37 +0000)]
- dtucker@cvs.openbsd.org 2007/12/28 22:34:47
[clientloop.c]
Use the correct packet maximum sizes for remote port and agent forwarding.
Prevents the server from killing the connection if too much data is queued
and an excessively large packet gets sent. bz #1360, ok djm@.
dtucker [Fri, 28 Dec 2007 15:45:07 +0000 (15:45 +0000)]
- dtucker@cvs.openbsd.org 2007/12/28 15:32:24
[clientloop.c serverloop.c packet.c]
Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
ServerAlive and ClientAlive timers. Prevents dropping a connection
when these are enabled but the peer does not support our keepalives.
bz #1307, ok djm@.
dtucker [Fri, 28 Dec 2007 15:43:51 +0000 (15:43 +0000)]
- dtucker@cvs.openbsd.org 2007/12/27 14:22:08
[servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c
sshd.c]
Add a small helper function to consistently handle the EAI_SYSTEM error
code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417.
ok markus@ stevesk@