summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog29
-rw-r--r--auth-rsa.c13
-rw-r--r--auth2.c8
-rw-r--r--cipher.c6
-rw-r--r--compat.c21
-rw-r--r--compat.h4
-rw-r--r--scp.c8
-rw-r--r--servconf.c13
-rw-r--r--servconf.h3
-rw-r--r--serverloop.c4
-rw-r--r--session.c8
-rw-r--r--sftp-server.816
-rw-r--r--ssh.15
-rw-r--r--sshconnect2.c10
-rw-r--r--sshd.88
-rw-r--r--version.h2
16 files changed, 111 insertions, 47 deletions
diff --git a/ChangeLog b/ChangeLog
index 552bcfca..74eee27b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,32 @@
+20001016
+ - (djm) Sync with OpenBSD:
+ - markus@cvs.openbsd.org 2000/10/14 04:01:15
+ [cipher.c]
+ debug3
+ - markus@cvs.openbsd.org 2000/10/14 04:07:23
+ [scp.c]
+ remove spaces from arguments; from djm@mindrot.org
+ - markus@cvs.openbsd.org 2000/10/14 06:09:46
+ [ssh.1]
+ Cipher is for SSH-1 only
+ - markus@cvs.openbsd.org 2000/10/14 06:12:09
+ [servconf.c servconf.h serverloop.c session.c sshd.8]
+ AllowTcpForwarding; from naddy@
+ - markus@cvs.openbsd.org 2000/10/14 06:16:56
+ [auth2.c compat.c compat.h sshconnect2.c version.h]
+ OpenSSH_2.3; note that is is not complete, but the version number
+ needs to be changed for interoperability reasons
+ - markus@cvs.openbsd.org 2000/10/14 06:19:45
+ [auth-rsa.c]
+ do not send RSA challenge if key is not allowed by key-options; from
+ eivind@ThinkSec.com
+ - markus@cvs.openbsd.org 2000/10/15 08:14:01
+ [rijndael.c session.c]
+ typos; from stevesk@sweden.hp.com
+ - markus@cvs.openbsd.org 2000/10/15 08:18:31
+ [rijndael.c]
+ typo
+
20001015
- (djm) Fix ssh2 hang on background processes at logout.
diff --git a/auth-rsa.c b/auth-rsa.c
index 522f01f8..e8bfa165 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -14,7 +14,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth-rsa.c,v 1.31 2000/10/11 19:59:52 markus Exp $");
+RCSID("$OpenBSD: auth-rsa.c,v 1.32 2000/10/14 12:19:45 markus Exp $");
#include "rsa.h"
#include "packet.h"
@@ -231,6 +231,12 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
}
} else
options = NULL;
+ /*
+ * If our options do not allow this key to be used,
+ * do not send challenge.
+ */
+ if (!auth_parse_options(pw, options, linenum))
+ continue;
/* Parse the key from the line. */
if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) {
@@ -269,9 +275,8 @@ auth_rsa(struct passwd *pw, BIGNUM *client_n)
* Break out of the loop if authentication was successful;
* otherwise continue searching.
*/
- authenticated = auth_parse_options(pw, options, linenum);
- if (authenticated)
- break;
+ authenticated = 1;
+ break;
}
/* Restore the privileged uid. */
diff --git a/auth2.c b/auth2.c
index f34b586d..60f8f98e 100644
--- a/auth2.c
+++ b/auth2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: auth2.c,v 1.19 2000/10/11 20:27:23 markus Exp $");
+RCSID("$OpenBSD: auth2.c,v 1.20 2000/10/14 12:16:56 markus Exp $");
#ifdef HAVE_OSF_SIA
# include <sia.h>
@@ -442,10 +442,10 @@ userauth_pubkey(Authctxt *authctxt)
sig = packet_get_string(&slen);
packet_done();
buffer_init(&b);
- if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) {
- buffer_put_string(&b, session_id2, session_id2_len);
- } else {
+ if (datafellows & SSH_OLD_SESSIONID) {
buffer_append(&b, session_id2, session_id2_len);
+ } else {
+ buffer_put_string(&b, session_id2, session_id2_len);
}
/* reconstruct packet */
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
diff --git a/cipher.c b/cipher.c
index 226e4256..b9c1b28a 100644
--- a/cipher.c
+++ b/cipher.c
@@ -35,7 +35,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: cipher.c,v 1.35 2000/10/13 18:59:13 markus Exp $");
+RCSID("$OpenBSD: cipher.c,v 1.36 2000/10/14 10:01:15 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -488,10 +488,10 @@ ciphers_valid(const char *names)
xfree(ciphers);
return 0;
} else {
- debug("cipher ok: %s [%s]", p, names);
+ debug3("cipher ok: %s [%s]", p, names);
}
}
- debug("ciphers ok: [%s]", names);
+ debug3("ciphers ok: [%s]", names);
xfree(ciphers);
return 1;
}
diff --git a/compat.c b/compat.c
index 71d12010..0e12b77c 100644
--- a/compat.c
+++ b/compat.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: compat.c,v 1.24 2000/10/10 20:20:45 markus Exp $");
+RCSID("$OpenBSD: compat.c,v 1.25 2000/10/14 12:16:56 markus Exp $");
#include "ssh.h"
#include "packet.h"
@@ -62,13 +62,18 @@ compat_datafellows(const char *version)
char *pat;
int bugs;
} check[] = {
- {"^.*MindTerm", 0},
- {"^2\\.1\\.0 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC},
- {"^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|SSH_BUG_PUBKEYAUTH|SSH_BUG_X11FWD},
- {"^2\\.[23]\\.0 ", SSH_BUG_HMAC|SSH_COMPAT_SESSIONID_ENCODING},
- {"^2\\.[2-9]\\.", SSH_COMPAT_SESSIONID_ENCODING},
- {"^2\\.", SSH_BUG_HMAC|SSH_COMPAT_SESSIONID_ENCODING},
- {NULL, 0}
+ { "^OpenSSH-2\\.[01]", SSH_OLD_SESSIONID },
+ { "^OpenSSH_2\\.2", SSH_OLD_SESSIONID },
+ { "MindTerm", 0 },
+ { "^2\\.1\\.0 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
+ SSH_OLD_SESSIONID },
+ { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
+ SSH_OLD_SESSIONID|
+ SSH_BUG_PUBKEYAUTH|SSH_BUG_X11FWD },
+ { "^2\\.[23]\\.0 ", SSH_BUG_HMAC},
+ { "^2\\.[2-9]\\.", 0 },
+ { "^2\\.", SSH_BUG_HMAC}, /* XXX fallback */
+ { NULL, 0 }
};
/* process table, return first match */
for (i = 0; check[i].pat; i++) {
diff --git a/compat.h b/compat.h
index 5be188b7..f14efafa 100644
--- a/compat.h
+++ b/compat.h
@@ -21,7 +21,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* RCSID("$OpenBSD: compat.h,v 1.10 2000/09/07 20:27:50 deraadt Exp $"); */
+/* RCSID("$OpenBSD: compat.h,v 1.11 2000/10/14 12:16:56 markus Exp $"); */
#ifndef COMPAT_H
#define COMPAT_H
@@ -35,7 +35,7 @@
#define SSH_BUG_PUBKEYAUTH 0x02
#define SSH_BUG_HMAC 0x04
#define SSH_BUG_X11FWD 0x08
-#define SSH_COMPAT_SESSIONID_ENCODING 0x10
+#define SSH_OLD_SESSIONID 0x10
void enable_compat13(void);
void enable_compat20(void);
diff --git a/scp.c b/scp.c
index 8d5a251b..75e50ce2 100644
--- a/scp.c
+++ b/scp.c
@@ -75,7 +75,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.41 2000/10/11 20:03:27 markus Exp $");
+RCSID("$OpenBSD: scp.c,v 1.42 2000/10/14 10:07:21 markus Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -266,13 +266,13 @@ main(argc, argv)
case 'o':
case 'c':
case 'i':
- addargs("-%c %s", ch, optarg);
+ addargs("-%c%s", ch, optarg);
break;
case 'P':
- addargs("-p %s", optarg);
+ addargs("-p%s", optarg);
break;
case 'B':
- addargs("-o Batchmode yes");
+ addargs("-oBatchmode yes");
break;
case 'p':
pflag = 1;
diff --git a/servconf.c b/servconf.c
index e90defe6..76702a83 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.52 2000/10/11 20:14:39 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.53 2000/10/14 12:12:09 markus Exp $");
#include "ssh.h"
#include "servconf.h"
@@ -67,6 +67,7 @@ initialize_server_options(ServerOptions *options)
#endif
options->permit_empty_passwd = -1;
options->use_login = -1;
+ options->allow_tcp_forwarding = -1;
options->num_allow_users = 0;
options->num_deny_users = 0;
options->num_allow_groups = 0;
@@ -159,6 +160,8 @@ fill_default_server_options(ServerOptions *options)
options->permit_empty_passwd = 0;
if (options->use_login == -1)
options->use_login = 0;
+ if (options->allow_tcp_forwarding == -1)
+ options->allow_tcp_forwarding = 1;
if (options->protocol == SSH_PROTO_UNKNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2;
if (options->gateway_ports == -1)
@@ -189,7 +192,8 @@ typedef enum {
sPasswordAuthentication, sKbdInteractiveAuthentication, sListenAddress,
sPrintMotd, sIgnoreRhosts, sX11Forwarding, sX11DisplayOffset,
sStrictModes, sEmptyPasswd, sRandomSeedFile, sKeepAlives, sCheckMail,
- sUseLogin, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
+ sUseLogin, sAllowTcpForwarding,
+ sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
sIgnoreUserKnownHosts, sHostDSAKeyFile, sCiphers, sProtocol, sPidFile,
sGatewayPorts, sDSAAuthentication, sXAuthLocation, sSubsystem, sMaxStartups
} ServerOpCodes;
@@ -240,6 +244,7 @@ static struct {
{ "uselogin", sUseLogin },
{ "randomseed", sRandomSeedFile },
{ "keepalive", sKeepAlives },
+ { "allowtcpforwarding", sAllowTcpForwarding },
{ "allowusers", sAllowUsers },
{ "denyusers", sDenyUsers },
{ "allowgroups", sAllowGroups },
@@ -573,6 +578,10 @@ parse_flag:
*intptr = (LogLevel) value;
break;
+ case sAllowTcpForwarding:
+ intptr = &options->allow_tcp_forwarding;
+ goto parse_flag;
+
case sAllowUsers:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_allow_users >= MAX_ALLOW_USERS)
diff --git a/servconf.h b/servconf.h
index ef0790c7..0188b9b8 100644
--- a/servconf.h
+++ b/servconf.h
@@ -11,7 +11,7 @@
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: servconf.h,v 1.29 2000/10/11 20:14:39 markus Exp $"); */
+/* RCSID("$OpenBSD: servconf.h,v 1.30 2000/10/14 12:12:09 markus Exp $"); */
#ifndef SERVCONF_H
#define SERVCONF_H
@@ -86,6 +86,7 @@ typedef struct {
int permit_empty_passwd; /* If false, do not permit empty
* passwords. */
int use_login; /* If true, login(1) is used */
+ int allow_tcp_forwarding;
unsigned int num_allow_users;
char *allow_users[MAX_ALLOW_USERS];
unsigned int num_deny_users;
diff --git a/serverloop.c b/serverloop.c
index 0c07a282..d98d74c2 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -49,6 +49,8 @@
#include "dispatch.h"
#include "auth-options.h"
+extern ServerOptions options;
+
static Buffer stdin_buffer; /* Buffer for stdin data. */
static Buffer stdout_buffer; /* Buffer for stdout data. */
static Buffer stderr_buffer; /* Buffer for stderr data. */
@@ -749,7 +751,7 @@ input_direct_tcpip(void)
originator, originator_port, target, target_port);
/* XXX check permission */
- if (no_port_forwarding_flag) {
+ if (no_port_forwarding_flag || !options.allow_tcp_forwarding) {
xfree(target);
xfree(originator);
return -1;
diff --git a/session.c b/session.c
index 9a213923..4325ed3a 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.38 2000/10/11 20:27:23 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.40 2000/10/15 14:14:01 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -236,7 +236,7 @@ do_authenticated(struct passwd * pw)
* by the client telling us, so we can equally well trust the client
* not to request anything bogus.)
*/
- if (!no_port_forwarding_flag)
+ if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
channel_permit_all_opens();
s = session_new();
@@ -388,6 +388,10 @@ do_authenticated(struct passwd * pw)
debug("Port forwarding not permitted for this authentication.");
break;
}
+ if (!options.allow_tcp_forwarding) {
+ debug("Port forwarding not permitted.");
+ break;
+ }
debug("Received TCP/IP port forwarding request.");
channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);
success = 1;
diff --git a/sftp-server.8 b/sftp-server.8
index 2a7ba258..fb4706c4 100644
--- a/sftp-server.8
+++ b/sftp-server.8
@@ -36,20 +36,20 @@ is a program that speaks the server side of SFTP protocol
to stdout and expects client requests from stdin.
.Nm
is not intended to be called directly, but from
-.Xr sshd 8
+.Xr sshd 8
using the
.Cm Subsystem
option.
See
-.Xr sshd 8
+.Xr sshd 8
for more information.
-.Sh HISTORY
-.Nm
-first appeared in OpenBSD 2.8.
-.Sh AUTHOR
-Markus Friedl <markus@openbsd.org>
.Sh SEE ALSO
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-keygen 1 ,
-.Xr sshd 8 ,
+.Xr sshd 8
+.Sh AUTHOR
+Markus Friedl <markus@openbsd.org>
+.Sh HISTORY
+.Nm
+first appeared in OpenBSD 2.8 .
diff --git a/ssh.1 b/ssh.1
index a73a07c6..dac24a43 100644
--- a/ssh.1
+++ b/ssh.1
@@ -627,7 +627,8 @@ If the option is set to
.Dq no ,
the check will not be executed.
.It Cm Cipher
-Specifies the cipher to use for encrypting the session.
+Specifies the cipher to use for encrypting the session
+in protocol version 1
Currently,
.Dq blowfish ,
and
@@ -640,7 +641,7 @@ Specifies the ciphers allowed for protocol version 2
in order of preference.
Multiple ciphers must be comma-separated.
The default is
-.Dq 3des-cbc,blowfish-cbc,arcfour,cast128-cbc .
+.Dq 3des-cbc,blowfish-cbc,cast128-cbc,arcfour .
.It Cm Compression
Specifies whether to use compression.
The argument must be
diff --git a/sshconnect2.c b/sshconnect2.c
index ca459f62..1f3b5a26 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect2.c,v 1.25 2000/10/12 09:59:19 markus Exp $");
+RCSID("$OpenBSD: sshconnect2.c,v 1.26 2000/10/14 12:16:56 markus Exp $");
#include <openssl/bn.h>
#include <openssl/rsa.h>
@@ -657,12 +657,12 @@ sign_and_send_pubkey(Authctxt *authctxt, Key *k, sign_cb_fn *sign_callback)
/* data to be signed */
buffer_init(&b);
- if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) {
- buffer_put_string(&b, session_id2, session_id2_len);
- skip = buffer_len(&b);
- } else {
+ if (datafellows & SSH_OLD_SESSIONID) {
buffer_append(&b, session_id2, session_id2_len);
skip = session_id2_len;
+ } else {
+ buffer_put_string(&b, session_id2, session_id2_len);
+ skip = buffer_len(&b);
}
buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST);
buffer_put_cstring(&b, authctxt->server_user);
diff --git a/sshd.8 b/sshd.8
index 29ad2144..a474d2fd 100644
--- a/sshd.8
+++ b/sshd.8
@@ -303,6 +303,14 @@ wildcards in the patterns.
Only group names are valid; a numerical group ID isn't recognized.
By default login is allowed regardless of the primary group.
.Pp
+.It Cm AllowTcpForwarding
+Specifies whether TCP forwarding is permitted.
+The default is
+.Dq yes .
+Note that disabling TCP forwarding does not improve security unless
+users are also denied shell access, as they can always install their
+own forwarders.
+.Pp
.It Cm AllowUsers
This keyword can be followed by a number of user names, separated
by spaces.
diff --git a/version.h b/version.h
index f015025f..3522a327 100644
--- a/version.h
+++ b/version.h
@@ -1 +1 @@
-#define SSH_VERSION "OpenSSH_2.2.0p2"
+#define SSH_VERSION "OpenSSH_2.3.0p1"