IABSD.fr/src/usr.bin/ssh

Branch :


Log

Author Commit Date CI Message
aadb1b15 2025-04-30 05:26:15 make writing known_hosts lines more atomic, by writing the entire line in one operation and using unbuffered stdio. Usually writes to this file are serialised on the "Are you sure you want to continue connecting?" prompt, but if host key checking is disabled and connections were being made with high concurrency then interleaved writes might have been possible. feedback/ok deraadt@ millert@
332698a8 2025-04-30 05:23:15 fix a out-of-bounds read if the known_hosts file is truncated after the hostname. Reported by the OpenAI Security Research Team ok deraadt@
35b2ae8d 2025-04-15 09:22:25 Cast signalled_keydrop to int when logging to prevent warning on platforms where sig_atomic_t is not the same as int. bz#3811, patch from jlduran at gmail com.
c52cbb89 2025-04-14 05:41:42 rework the text for -3 to make it clearer what default behaviour is, and adjust the text for -R to make them more consistent; issue raised by mikhail mp39590; behaviour explained by naddy ok djm
b3131ce4 2025-04-09 07:00:21 openssh-10.0
d31ec640 2025-04-09 07:00:03 Fix logic error in DisableForwarding option. This option was documented as disabling X11 and agent forwarding but it failed to do so. Spotted by Tim Rice.
3676974c 2025-04-09 01:24:40 oops, I accidentally backed out the typo fix
9660cd6f 2025-04-09 01:23:47 typo
b621926a 2025-04-08 23:10:08 typo
2921ca64 2025-04-07 08:12:22 Include time.h for time(). Fixes warning on some platforms when building without openssl.
63e4e247 2025-04-02 04:28:03 Wrap #include <openssl/dsa.h> in #ifdef WITH_DSA ok djm
351a734b 2025-04-01 23:23:20 remove ability to enable DSA support. Actual code will be g/c'd separately. ok deraadt@
225f073a 2025-03-28 06:04:07 Pass "ControlMaster no" to ssh when invoked by scp & sftp. If you have ControlMaster auto (or yes) in your config, and the first connection you make is via scp or sftp, then you may get a few unexpected options applied to it (eg ForwardX11 no), since sftp and sftp explicitly disable those for reasons. These effects will persist beyond the initial scp or sftp command. This explicitly disables persistent session *creation* by scp and sftp. It will not prevent them from using an existing session if one has already been created. From Github PR#557, ok djm@ kn@
d2098498 2025-03-19 06:11:15 Prevent theoretical NULL deref in throughlocal_sftp. Coverity CID 405019, although at the moment it's not reachable. ok djm@
204931f6 2025-03-18 04:53:14 fix NULL dereference for Match conditions missing arguments, e.g. "Match user". Spotted by Coverity (CID 477813)
20413e83 2025-03-14 09:49:49 Fix EVP_CIPHER_CTX_ctrl() return checks While this API tries to translate negative return values (i.e. -1) to 0 in BoringSSL and LibreSSL, it is still possible for it to return negative values in prinicple. We even incorrectly document that -1 can be returned while Boring and OpenSSL plead the Fifth. In OpenSSL 3 there are now code paths that explicitly return -1 and they started shifting their return checks to <= 0 - of course they do this in inconsistent and sometimes incorrect manner. While these paths aren't reachable from ssh right now, who can really tell what happens in the two hundred lines of inscrutable bloated mess this has become. So error check with <= 0 to ensure that we don't accidentally translate an error to success. ok markus schwarze
dd809e4c 2025-03-12 22:43:44 remove assumption that the sshd_config and any configs included from it can fit in a (possibly enlarged) socket buffer, by having the sshd listener mainloop actively manage sending the configuration to the sshd-session subprocess. work by markus@ w/ a little feedback from me; ok me and committing on his behalf
b35ac0e5 2025-03-11 07:48:51 Set highwater when resuming a "put". Prevents bogus "server reordered acks" debug message. ok djm@
fc3c799b 2025-03-03 06:53:09 Add %-token and environment variable expansion to SetEnv. feedback deraadt@ jmc@, nits and ok djm@
486b5143 2025-03-02 22:44:00 fix PerSourcePenalty incorrectly using "crash" penalty when LoginGraceTime was exceeded. Reported by irwin AT princeton.edu via bz3797
f4bed82d 2025-03-02 11:03:13 whitespace
fc0fb6e0 2025-03-02 07:02:49 Make a copy of the user when handling ssh -l, so that later during User token expansion we don't end up freeing a member of argv. Spotted by anton@'s regress tests.
c5a3c23c 2025-03-01 06:11:26 Allow %-token and environment variable expansion in User, with the exception of %r and %C which are self-referential. Requested in bz#3477, ok djm@, man page improvements jmc@
ce3b4e4d 2025-02-25 06:25:30 ressurect fix for "match invalid-user" that got clobbered by 1.423
3bb389ec 2025-02-21 18:22:41 Also prohibit , (comma) in hostnames, proposed by David Leadbeater ok djm millert
38e2999e 2025-02-18 08:02:48 Fix cases where error codes were not correctly set Reported by the Qualys Security Advisory team. ok markus@
ba5306b9 2025-02-18 08:02:12 Don't reply to PING in preauth phase or during KEX Reported by the Qualys Security Advisory team. ok markus@
ecbcc43a 2025-02-15 06:48:56 - use \& when contructs like "e.g." end a line, to avoid double spacing - macro is Qq not Oq
3b0301ee 2025-02-15 01:52:07 add "Match version" support to ssh_config. Allows matching on the local version of OpenSSH, e.g. "Match version OpenSSH_10.*" ok markus@
ecd65cd4 2025-02-15 01:50:47 Add support for "Match sessiontype" to ssh_config. Allows matching on the type of session requested, either "shell" for interactive sessions, "exec" for command execution sessions, "subsystem" for subsystem requests, such as sftp, or "none" for transport/forwarding-only sessions. ok markus@
b568ccc6 2025-02-15 01:48:30 "Match command ..." support for ssh_config to allow matching on the remote command specified on the commandline. Also relaxes matching rules for `Match tagged` to allow `Match tagged ""` to match an empty tag value. This also works for command. ok markus@
d288aa1f 2025-02-10 23:19:26 include arguments the command was invoked with, and operating system name, version and architecture in startup debugging output; ok dtucker
c6789490 2025-02-10 23:16:51 include line number in Match debug messages, makes it a little easier to see what's going on
c7df606a 2025-02-10 23:00:29 fix "Match invalid-user" from incorrectly being activated in initial configuration pass when no other predicates were present on the match line
275cd30c 2025-02-09 18:24:08 In a section 1 manual, use the plain English words "standard output" rather than the overly technical abbreviation "stdout" - we are not talking about a device file or a FILE * object here. Issue reported by <onf at disroot dot org> on the groff mailing list.
cfdd7e4a 2025-01-17 00:09:41 Fix debug logging of user specific delay. Patch from Achim Leitner (fjl5) via github PR#552.
874e263e 2025-01-16 06:37:10 Call log_init in sshd-auth and sshd-session immediately after parsing the config file so that any log settings set in the config file take effect immediately. Move version banners to immediately after that, and make them distinct per binary. ok djm@
9ce49056 2025-01-15 22:23:13 Use strprefix helper when processing sshd -C test args instead of counting bytes by hand. ok djm@
feb3ea43 2024-12-12 09:09:09 Plug leak on error path, spotted by Coverity. ok djm@
84a23681 2024-12-07 10:12:19 replace bespoke logging of MaxSessions enforcement with new ratelimited logging infrastructure. Add ratelimits to logging of connections dropped by PerSourcePenalties ok dtucker
cc7fda5d 2024-12-07 10:05:36 add infrastructure for ratelimited logging; feedback/ok dtucker
747ebeda 2024-12-06 16:24:27 allow glob(3) patterns for sshd_config AuthorizedKeysFile and AuthorizedPrincipalsFile directives; bz2755 ok dtucker
5b6bbb3d 2024-12-06 16:21:48 support VersionAddendum in the client, mirroring the option of the same name in the server; bz2745 ok dtucker@
581c1d79 2024-12-06 16:02:12 clarify encoding of options/extensions; bz2389
976a9bf1 2024-12-06 15:17:15 ignore SIGPIPE here; some downstreams have had this for years...
31527a04 2024-12-06 15:12:56 sync -o option lists with ssh.1; requested jmc@
c05259c4 2024-12-06 06:55:28 Change "login again" to "log in again" in password change message. From ThinLinc-Zeijlon via github PR#532.
b56918e3 2024-12-05 22:45:03 catch up documentation: AES-GCM is preferred to AES-CTR
14d17660 2024-12-05 06:49:26 De-magic the x11 base port number into a define. ok djm@
0a9ac282 2024-12-05 06:47:00 Prevent integer overflow in x11 port handling. These are theoretically possible if the admin misconfigures X11DisplayOffset or the user misconfigures their own $DISPLAY, but don't happen in normal operation. From Suhov Roman via bz#3730, ok djm@
8823bb00 2024-12-04 14:37:55 sync the list of options accepted by -o with ssh_config.5 prompted by bz3455
e2c061ec 2024-12-04 14:24:20 don't screw up ssh-keygen -l output when the file contains CR characters; GHPR236 bz3385, fix from Dmitry Belyavskiy
3bb7d5b0 2024-12-03 22:30:03 spelling; ok djm@
8aa1e807 2024-12-03 16:27:53 Remove fallback to compiled-in gropup for dhgex when the moduli file exists, but does not contain moduli within the client-requested range. The fallback behaviour remains for the case where the moduli file does not exist (typically, running tests prior to installing). From bz#2793, based in part on patch from Joe Testa, ok djm@
773a7280 2024-12-03 15:53:51 Remove redundant field of definition check This will allow us to get rid of EC_GROUP_method_of() in the near future. ok djm
b67e94d2 2024-12-03 14:12:47 Improve description of KbdInteractiveAuthentication. Based on bz#3658, fixes jmc@ ok markus@ djm@.
71e7e711 2024-12-03 08:31:49 support FIDO tokens that return no attestation data, e.g. recent WinHello. From Michael Braun via GHPR542
eac0e5c0 2024-12-02 14:06:42 unbreak
08d45e79 2024-12-02 13:37:18 prefer AES-GCM to AES-CTR; ok deraadt markus
f651b06a 2024-11-29 00:13:36 Import regenerated moduli.
049e6dd2 2024-11-27 16:07:08 fix argument of "Compression" directive in ssh -G config dump, which used to work but broke in 9.8
f6e19f51 2024-11-27 13:27:34 new name/link for agent I-D
0d94c36d 2024-11-27 13:00:23 mention that biometrics may be used for FIDO key user verification as well as PIN. Prompted by Zack Newman, ok jmc@
bae7b9e3 2024-11-26 22:05:51 g/c outdated XXX comments
0b696230 2024-11-26 22:01:37 Explicitly specify the signature algorithm when signing hostkeys-prove requests. Fixes a corner-case triggered by UpdateHostKeys with one or more unknown host keys stored in ssh-agent where sshd refuses to accept the signature coming back from the agent. Report/fix from Maxime Rey
72de6406 2024-11-26 21:23:35 when using RSA keys to sign messages, select the signature algorithm based on the requested hash algorithm ("-Ohashalg=xxx"). This allows using something other than rsa-sha2-512, which may not be supported on all signing backends, e.g. some smartcards only support SHA256. Patch from Morten Linderud; ok markus@
74d99a43 2024-11-24 23:47:50 turn off CDIAGFLAGS and turn back on INSTALL_STRIP accidentally changed in last commit
91f7c846 2024-11-06 22:51:26 ssh-agent implemented an all-or-nothing allow-list of FIDO application IDs for security key-backed keys, to prevent web key handles from being used remotely as this would likely lead to unpleasant surprises. By default, only application IDs that start with "ssh:*" are allowed. This adds a -Owebsafe-allow=... argument that can override the default list with a more or less restrictive one. The default remains unchanged. ok markus@
2119819d 2024-11-04 21:59:15 Ignore extra groups that don't fit in the buffer passed to getgrouplist(3) Our kernel supports 16 groups (NGROUPS_MAX), but nothing prevents an admin from adding a user to more groups. With that tweak we'll keep on ignoring them instead of potentially reading past the buffer passed to getgrouplist(3). That behavior is explicitely described in initgroups(3). ok millert@ gilles@
c42fee07 2024-10-27 02:06:59 explicitly include endian.h
66207d7b 2024-10-27 02:06:01 fix ML-KEM768x25519 KEX on big-endian systems; spotted by jsg@ feedback/ok deraadt@
92f9af84 2024-10-25 21:53:24 mlkem768x25519-sha256 has been promoted to default key exchange
e683af90 2024-10-25 01:34:18 promote mlkem768x25519-sha256 to be the default key exchange; ok markus@
52e3983c 2024-10-24 03:15:47 amake ssh-agent drop all keys when it receives SIGUSR1; let's users zap keys without access to $SSH_AUTH_SOCK ok deraadt@
0df51ef7 2024-10-24 03:14:37 relax valid_domain() checks to allow an underscore as the first character. ok deraadt@
c3e5d14c 2024-10-22 06:16:26 Add a sshd debug wrapper to run all of the subprograms from the build directory while developing and debugging. Should help prevent accidentally testing against unchanged installed sshd-auth and sshd-session binaries. ok djm@
9732f479 2024-10-22 06:13:00 Make debug call printf("%s", NULL) safe. Prevents problems on platforms where this isn't safe (which it's not required to be). ok djm@
52c025e2 2024-10-18 05:53:26 mention that LocalForward and RemoteForward can accept Unix domain socket paths; GHPR115
6e669df1 2024-10-18 05:45:40 remove duplicate check; GHPR392 from Pedro Martelletto
6bcd49f7 2024-10-18 05:37:24 allow "-" as output file for moduli screening based on GHPR393
28a658e2 2024-10-18 05:32:51 ssh-keyscan doesn't need it's own sshfatal() definition, it can use the shared one from fatal.c based on GHPR401 from lengyijun
559366d6 2024-10-18 05:14:51 in _ssh_order_hostkeyalgs() consider ECDSA curve type when arranging the hostkey algorithms. AFAIK this code is unused in OpenSSH, but I guess others are using it based on GHPR387 from Pawel Jakub Dawidek
d47e98a9 2024-10-18 05:03:34 require control-escape character sequences passed via the '-e ^x' commandline to be exactly two characters long. Avoids one by OOB read if ssh is invoked as "ssh -e^ ..." Spotted by Maciej Domanski in GHPR368
632d59bf 2024-10-18 04:30:09 remove addr.[ch] functions that are unused and visbility-restrict ones that are unused outside the implementation itself; based on GHPR#282 by tobias@
e34b69e8 2024-10-18 04:14:59 unreachable POLLERR case; from ya0guang via GHPR485
cd684251 2024-10-18 04:11:54 s/Sx/Cm/ for external references; from Domen Puncer Kugler via GHPR501
47f6b40a 2024-10-14 23:53:34 mention SshdAuthPath option; ok djm@
856b6ee8 2024-10-14 01:57:50 Split per-connection sshd-session binary This splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. This will be executed by sshd-session to complete the user authentication phase of the protocol only. Splitting this code into a separate binary ensures that the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection. It also yields a small runtime memory saving as the authentication code will be unloaded after thhe authentication phase completes. Joint work with markus@ feedback deraadt@ Tested in snaps since last week
030ab344 2024-10-13 22:20:06 don't start the ObscureKeystrokeTiming mitigations if there has been traffic on a X11 forwarding channel recently. Should fix X11 forwarding performance problems when this setting is enabled. Patch from Antonio Larrosa via bz3655
7579df68 2024-10-12 10:50:37 remove duplicate misc.h include ok dtucker@
b5f73b3b 2024-10-06 23:37:17 Turn off finite field (a.k.a modp) Diffie-Hellman key exchange in sshd by default. Specifically, this removes the diffie-hellman-group* and diffie-hellman-group-exchange-* methods. The client is unchanged and continues to support these methods by default. Finite field Diffie Hellman is slow and computationally expensive for the same security level as Elliptic Curve DH or PQ key agreement while offering no redeeming advantages. ECDH has been specified for the SSH protocol for 15 years and some form of ECDH has been the default key exchange in OpenSSH for the last 14 years. ok markus@
e0447839 2024-09-26 23:55:08 fix previous change to ssh_config Match, which broken on negated Matches; spotted by phessler@ ok deraadt@
e5757882 2024-09-25 23:01:39 remove some unused defines; ok djm@
e9d1bb1d 2024-09-25 06:13:01 remove some unneeded Xo/Xc calls; from evan silberman the original diff had a couple of errors, which i've fixed
c2ff6de8 2024-09-25 01:24:04 fix regression introduced when I switched the "Match" criteria tokeniser to a more shell-like one. Apparently the old tokeniser (accidentally?) allowed "Match criteria=argument" as well as the "Match criteria argument" syntax that we tested for. People were using this syntax so this adds back support for "Match criteria=argument" bz3739 ok dtucker
5a7e332e 2024-09-24 02:28:17 some extra paranoia, reminded by jsg@
3a06db87 2024-09-22 12:56:21 remove some unused defines; ok djm@
479c151d 2024-09-20 02:00:46 remove unneeded semicolons; checked by millert@
179e43bc 2024-09-19 22:17:44 openssh-9.9
91055178 2024-09-16 05:37:05 use 64 bit math to avoid signed underflow. upstream code relies on using -fwrapv to provide defined over/underflow behaviour, but we use -ftrapv to catch integer errors and abort the program. ok dtucker@