History log of /openssh-portable/sshd.c (Results 1 - 25 of 1124)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# fc173aeb 13-Nov-2019 dtucker@openbsd.org

upstream: When clients get denied by MaxStartups, send a

noification prior to the SSH2 protocol banner according to RFC4253 section
4.2. ok djm@ deraadt@ markus@

OpenBSD-Commit

upstream: When clients get denied by MaxStartups, send a

noification prior to the SSH2 protocol banner according to RFC4253 section
4.2. ok djm@ deraadt@ markus@

OpenBSD-Commit-ID: e5dabcb722d54dea18eafb336d50b733af4f9c63

show more ...


# 9a14c64c 31-Oct-2019 djm@openbsd.org

upstream: Refactor signing - use sshkey_sign for everything,

including the new U2F signatures.

Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign()

upstream: Refactor signing - use sshkey_sign for everything,

including the new U2F signatures.

Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.

Suggested by / ok markus@

OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c

show more ...


# 2046ed16 29-Oct-2019 dtucker@openbsd.org

upstream: Signal handler cleanup: remove leftover support for

unreliable signals and now-unneeded save and restore of errno. ok deraadt@
markus@

OpenBSD-Commit-ID: 01dd8a1ebdd9

upstream: Signal handler cleanup: remove leftover support for

unreliable signals and now-unneeded save and restore of errno. ok deraadt@
markus@

OpenBSD-Commit-ID: 01dd8a1ebdd991c8629ba1f5237283341a93cd88

show more ...


Revision tags: V_8_1_P1
# 4d28fa78 28-Jun-2019 deraadt@openbsd.org

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this be

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075

show more ...


# 4f7a56d5 21-Jun-2019 djm@openbsd.org

upstream: Add protection for private keys at rest in RAM against

speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer
and Rambleed. This change encrypts private k

upstream: Add protection for private keys at rest in RAM against

speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer
and Rambleed. This change encrypts private keys when they are not in use with
a symmetic key that is derived from a relatively large "prekey" consisting of
random data (currently 16KB).

Attackers must recover the entire prekey with high accuracy before
they can attempt to decrypt the shielded private key, but the current
generation of attacks have bit error rates that, when applied
cumulatively to the entire prekey, make this unlikely.

Implementation-wise, keys are encrypted "shielded" when loaded and then
automatically and transparently unshielded when used for signatures or
when being saved/serialised.

Hopefully we can remove this in a few years time when computer
architecture has become less unsafe.

been in snaps for a bit already; thanks deraadt@

ok dtucker@ deraadt@

OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4

show more ...


# 0323d9b6 06-Jun-2019 otto@openbsd.org

upstream: Replace calls to ssh_malloc_init() by a static init of

malloc_options. Prepares for changes in the way malloc is initialized. ok
guenther@ dtucker@

OpenBSD-Commit-ID:

upstream: Replace calls to ssh_malloc_init() by a static init of

malloc_options. Prepares for changes in the way malloc is initialized. ok
guenther@ dtucker@

OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b

show more ...


# e826bbca 18-Apr-2019 dtucker@openbsd.org

upstream: When running sshd -T, assume any attibute not provided by

-C does not match, which allows it to work when sshd_config contains a Match
directive with or without -C. bz#2858, o

upstream: When running sshd -T, assume any attibute not provided by

-C does not match, which allows it to work when sshd_config contains a Match
directive with or without -C. bz#2858, ok djm@

OpenBSD-Commit-ID: 1a701f0a33e3bc96753cfda2fe0b0378520b82eb

show more ...


Revision tags: V_8_0_P1
# 76a24b3f 28-Feb-2019 djm@openbsd.org

upstream: Fix two race conditions in sshd relating to SIGHUP:

1. Recently-forked child processes will briefly remain listening to
listen_socks. If the main server sshd process complete

upstream: Fix two race conditions in sshd relating to SIGHUP:

1. Recently-forked child processes will briefly remain listening to
listen_socks. If the main server sshd process completes its restart
via execv() before these sockets are closed by the child processes
then it can fail to listen at the desired addresses/ports and/or
fail to restart.

2. When a SIGHUP is received, there may be forked child processes that
are awaiting their reexecution state. If the main server sshd
process restarts before passing this state, these child processes
will yield errors and use a fallback path of reading the current
sshd_config from the filesystem rather than use the one that sshd
was started with.

To fix both of these cases, we reuse the startup_pipes that are shared
between the main server sshd and forked children. Previously this was
used solely to implement tracking of pre-auth child processes for
MaxStartups, but this extends the messaging over these pipes to include
a child->parent message that the parent process is safe to restart. This
message is sent from the child after it has completed its preliminaries:
closing listen_socks and receiving its reexec state.

bz#2953, reported by Michal Koutný; ok markus@ dtucker@

OpenBSD-Commit-ID: 7df09eacfa3ce13e9a7b1e9f17276ecc924d65ab

show more ...


# aaca72d6 21-Jan-2019 djm@openbsd.org

upstream: rename kex->kem_client_pub -> kex->client_pub now that

KEM has been renamed to kexgen

from markus@ ok djm@

OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8

upstream: rename kex->kem_client_pub -> kex->client_pub now that

KEM has been renamed to kexgen

from markus@ ok djm@

OpenBSD-Commit-ID: fac6da5dc63530ad0da537db022a9a4cfbe8bed8

show more ...


# 92dda34e 21-Jan-2019 djm@openbsd.org

upstream: use KEM API for vanilla ECDH

from markus@ ok djm@

OpenBSD-Commit-ID: 6fbff96339a929835536b5730585d1d6057a352c


# 9c9c97e1 21-Jan-2019 djm@openbsd.org

upstream: use KEM API for vanilla DH KEX

from markus@ ok djm@

OpenBSD-Commit-ID: af56466426b08a8be275412ae2743319e3d277c9


# 2f6a9ddb 21-Jan-2019 djm@openbsd.org

upstream: use KEM API for vanilla c25519 KEX

OpenBSD-Commit-ID: 38d937b85ff770886379dd66a8f32ab0c1c35c1f


# dfd59161 21-Jan-2019 djm@openbsd.org

upstream: Add support for a PQC KEX/KEM:

sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss.

upstream: Add support for a PQC KEX/KEM:

sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime
4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not
enabled by default.

introduce KEM API; a simplified framework for DH-ish KEX methods.

from markus@ feedback & ok djm@

OpenBSD-Commit-ID: d687f76cffd3561dd73eb302d17a1c3bf321d1a7

show more ...


# 9b655dc9 19-Jan-2019 Damien Miller

last bits of old packet API / active_state global


# 04c091fc 19-Jan-2019 djm@openbsd.org

upstream: remove last references to active_state

with & ok markus@

OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2


# ec00f918 19-Jan-2019 djm@openbsd.org

upstream: convert monitor.c to new packet API

with & ok markus@

OpenBSD-Commit-ID: 61ecd154bd9804461a0cf5f495a29d919e0014d5


# 6350e031 19-Jan-2019 djm@openbsd.org

upstream: convert sshd.c to new packet API

with & ok markus@

OpenBSD-Commit-ID: ea569d3eaf9b5cf1bad52779fbfa5fa0b28af891


# 5ebce136 19-Jan-2019 Damien Miller

upstream: convert auth2.c to new packet API

OpenBSD-Commit-ID: ed831bb95ad228c6791bc18b60ce7a2edef2c999


# 172a592a 19-Jan-2019 djm@openbsd.org

upstream: convert servconf.c to new packet API

with & ok markus@

OpenBSD-Commit-ID: 126553aecca302c9e02fd77e333b9cb217e623b4


# 0fa174eb 19-Jan-2019 djm@openbsd.org

upstream: begin landing remaining refactoring of packet parsing

API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes

upstream: begin landing remaining refactoring of packet parsing

API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.

with & ok markus@

OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4

show more ...


# dbb4dec6 16-Jan-2019 djm@openbsd.org

upstream: many of the global variables in this file can be made static;

patch from Markus Schmidt

OpenBSD-Commit-ID: f3db619f67beb53257b21bac0e92b4fb7d5d5737


# 0a843d9a 26-Dec-2018 djm@openbsd.org

upstream: move client/server SSH-* banners to buffers under

ssh->kex and factor out the banner exchange. This eliminates some common code
from the client and server.

Also be mor

upstream: move client/server SSH-* banners to buffers under

ssh->kex and factor out the banner exchange. This eliminates some common code
from the client and server.

Also be more strict about handling \r characters - these should only
be accepted immediately before \n (pointed out by Jann Horn).

Inspired by a patch from Markus Schmidt.
(lots of) feedback and ok markus@

OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b

show more ...


# 42c5ec4b 22-Nov-2018 Damien Miller

refactor libcrypto initialisation

Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
supports it.

Move all libcrypto initialisation to a single function, and call t

refactor libcrypto initialisation

Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually
supports it.

Move all libcrypto initialisation to a single function, and call that
from seed_rng() that is called early in each tool's main().

Prompted by patch from Rosen Penev

show more ...


# 928f1231 18-Nov-2018 djm@openbsd.org

upstream: silence (to log level debug2) failure messages when

loading the default hostkeys. Hostkeys explicitly specified in the
configuration or on the command-line are still reported a

upstream: silence (to log level debug2) failure messages when

loading the default hostkeys. Hostkeys explicitly specified in the
configuration or on the command-line are still reported as errors, and
failure to load at least one host key remains a fatal error.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Based on patch from Dag-Erling Smørgrav via
https://github.com/openssh/openssh-portable/pull/103

ok markus@

OpenBSD-Commit-ID: ffc2e35a75d1008effaf05a5e27425041c27b684

show more ...


# 2a35862e 15-Nov-2018 djm@openbsd.org

upstream: use path_absolute() for pathname checks; from Manoj Ampalam

OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925


12345678910>>...45