git: 1323ec571215 - main - ssh: update to OpenSSH v8.9p1
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 13 Apr 2022 20:49:00 UTC
The branch main has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=1323ec571215a77ddd21294f0871979d5ad6b992
commit 1323ec571215a77ddd21294f0871979d5ad6b992
Merge: 595ac4a11893 85d1f2d49355
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-04-13 20:00:56 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-04-13 20:00:56 +0000
ssh: update to OpenSSH v8.9p1
Release notes are available at https://www.openssh.com/txt/release-8.9
Some highlights:
* ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
restricting forwarding and use of keys added to ssh-agent(1)
* ssh(1), sshd(8): add the sntrup761x25519-sha512@openssh.com hybrid
ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the
default KEXAlgorithms list (after the ECDH methods but before the
prime-group DH ones). The next release of OpenSSH is likely to
make this key exchange the default method.
* sshd(8), portable OpenSSH only: this release removes in-built
support for MD5-hashed passwords. If you require these on your
system then we recommend linking against libxcrypt or similar.
Future deprecation notice
=========================
A near-future release of OpenSSH will switch scp(1) from using the
legacy scp/rcp protocol to using SFTP by default.
Legacy scp/rcp performs wildcard expansion of remote filenames (e.g.
"scp host:* .") through the remote shell. This has the side effect of
requiring double quoting of shell meta-characters in file names
included on scp(1) command-lines, otherwise they could be interpreted
as shell commands on the remote side.
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
crypto/openssh/.depend | 11 +-
crypto/openssh/.github/configs | 76 +-
crypto/openssh/.github/configure.sh | 17 +-
crypto/openssh/.github/setup_ci.sh | 41 +-
crypto/openssh/.github/workflows/c-cpp.yml | 24 +-
crypto/openssh/.github/workflows/selfhosted.yml | 14 +-
crypto/openssh/.github/workflows/upstream.yml | 3 +-
crypto/openssh/.skipped-commit-ids | 1 +
crypto/openssh/ChangeLog | 17378 +++++++++----------
crypto/openssh/INSTALL | 5 -
crypto/openssh/LICENCE | 21 +-
crypto/openssh/Makefile.in | 55 +-
crypto/openssh/PROTOCOL | 69 +-
crypto/openssh/PROTOCOL.agent | 85 +-
crypto/openssh/PROTOCOL.mux | 6 +-
crypto/openssh/README | 2 +-
crypto/openssh/SECURITY.md | 5 +
crypto/openssh/addr.c | 30 +-
crypto/openssh/atomicio.c | 1 -
crypto/openssh/auth-options.c | 4 +-
crypto/openssh/auth-rhosts.c | 38 +-
crypto/openssh/auth.c | 16 +-
crypto/openssh/auth.h | 5 +-
crypto/openssh/auth2-gss.c | 5 +-
crypto/openssh/auth2-hostbased.c | 11 +-
crypto/openssh/auth2-kbdint.c | 5 +-
crypto/openssh/auth2-none.c | 5 +-
crypto/openssh/auth2-passwd.c | 5 +-
crypto/openssh/auth2-pubkey.c | 49 +-
crypto/openssh/auth2.c | 70 +-
crypto/openssh/authfd.c | 116 +-
crypto/openssh/authfd.h | 35 +-
crypto/openssh/authfile.c | 4 +-
crypto/openssh/channels.c | 554 +-
crypto/openssh/channels.h | 31 +-
crypto/openssh/clientloop.c | 236 +-
crypto/openssh/config.h | 36 +-
crypto/openssh/configure.ac | 126 +-
crypto/openssh/contrib/redhat/openssh.spec | 10 +-
crypto/openssh/contrib/suse/openssh.spec | 2 +-
crypto/openssh/defines.h | 39 +-
crypto/openssh/digest-libc.c | 10 +
crypto/openssh/dns.c | 4 +-
crypto/openssh/gss-genr.c | 1 +
crypto/openssh/hostfile.c | 22 +-
crypto/openssh/includes.h | 1 -
crypto/openssh/kex.c | 48 +-
crypto/openssh/kex.h | 13 +-
crypto/openssh/kexgen.c | 35 +-
crypto/openssh/kexgexc.c | 24 +-
crypto/openssh/kexgexs.c | 14 +-
crypto/openssh/kexsntrup761x25519.c | 4 +-
crypto/openssh/loginrec.c | 3 +-
crypto/openssh/md5crypt.c | 165 -
crypto/openssh/md5crypt.h | 22 -
crypto/openssh/misc.c | 90 +-
crypto/openssh/misc.h | 4 +-
crypto/openssh/moduli | 831 +-
crypto/openssh/monitor.c | 31 +-
crypto/openssh/mux.c | 4 +-
crypto/openssh/myproposal.h | 3 +-
crypto/openssh/nchan.c | 10 +-
crypto/openssh/openbsd-compat/arc4random.c | 8 +-
crypto/openssh/openbsd-compat/base64.c | 1 -
crypto/openssh/openbsd-compat/bcrypt_pbkdf.c | 41 +-
crypto/openssh/openbsd-compat/bindresvport.c | 1 +
crypto/openssh/openbsd-compat/blf.h | 7 +-
crypto/openssh/openbsd-compat/blowfish.c | 7 +-
crypto/openssh/openbsd-compat/bsd-closefrom.c | 8 +-
crypto/openssh/openbsd-compat/bsd-cygwin_util.c | 4 +-
crypto/openssh/openbsd-compat/bsd-getline.c | 2 +-
crypto/openssh/openbsd-compat/bsd-openpty.c | 76 +-
crypto/openssh/openbsd-compat/bsd-poll.c | 68 +-
crypto/openssh/openbsd-compat/bsd-poll.h | 26 +-
crypto/openssh/openbsd-compat/bsd-statvfs.c | 1 -
crypto/openssh/openbsd-compat/dirname.c | 1 -
crypto/openssh/openbsd-compat/getcwd.c | 1 -
crypto/openssh/openbsd-compat/inet_aton.c | 1 -
crypto/openssh/openbsd-compat/inet_ntop.c | 1 -
crypto/openssh/openbsd-compat/openbsd-compat.h | 4 +-
crypto/openssh/openbsd-compat/port-solaris.c | 1 -
crypto/openssh/openbsd-compat/xcrypt.c | 17 +-
crypto/openssh/packet.c | 103 +-
crypto/openssh/packet.h | 3 +-
crypto/openssh/platform-tracing.c | 13 +-
crypto/openssh/readconf.c | 27 +-
crypto/openssh/readconf.h | 7 +-
crypto/openssh/regress/Makefile | 14 +-
crypto/openssh/regress/agent-getpeereid.sh | 3 +
crypto/openssh/regress/agent-restrict.sh | 495 +
crypto/openssh/regress/cert-hostkey.sh | 86 +-
crypto/openssh/regress/cert-userkey.sh | 326 +-
crypto/openssh/regress/cipher-speed.sh | 10 +
crypto/openssh/regress/hostbased.sh | 66 +
crypto/openssh/regress/hostkey-agent.sh | 84 +-
crypto/openssh/regress/hostkey-rotate.sh | 17 +-
crypto/openssh/regress/keys-command.sh | 6 +-
crypto/openssh/regress/knownhosts.sh | 17 +
crypto/openssh/regress/login-timeout.sh | 4 +-
crypto/openssh/regress/misc/fuzz-harness/Makefile | 2 +-
.../openssh/regress/misc/fuzz-harness/kex_fuzz.cc | 3 +-
.../regress/misc/fuzz-harness/ssh-sk-null.cc | 3 +-
crypto/openssh/regress/misc/sk-dummy/sk-dummy.c | 55 +-
crypto/openssh/regress/percent.sh | 5 +-
crypto/openssh/regress/principals-command.sh | 220 +-
crypto/openssh/regress/sshd-log-wrapper.sh | 3 +-
crypto/openssh/regress/sshsig.sh | 256 +-
crypto/openssh/regress/test-exec.sh | 30 +-
crypto/openssh/regress/unittests/authopt/tests.c | 3 +-
crypto/openssh/regress/unittests/bitmap/tests.c | 3 +-
.../openssh/regress/unittests/conversion/tests.c | 3 +-
.../regress/unittests/hostkeys/test_iterate.c | 3 +-
crypto/openssh/regress/unittests/kex/test_kex.c | 3 +-
crypto/openssh/regress/unittests/match/tests.c | 3 +-
crypto/openssh/regress/unittests/misc/test_argv.c | 3 +-
.../openssh/regress/unittests/misc/test_convtime.c | 4 +-
.../openssh/regress/unittests/misc/test_expand.c | 3 +-
.../openssh/regress/unittests/misc/test_hpdelim.c | 82 +
crypto/openssh/regress/unittests/misc/test_parse.c | 3 +-
.../openssh/regress/unittests/misc/test_strdelim.c | 3 +-
crypto/openssh/regress/unittests/misc/tests.c | 5 +-
.../openssh/regress/unittests/sshbuf/test_sshbuf.c | 7 +-
.../regress/unittests/sshbuf/test_sshbuf_fixed.c | 3 +-
.../regress/unittests/sshbuf/test_sshbuf_fuzz.c | 5 +-
.../unittests/sshbuf/test_sshbuf_getput_basic.c | 3 +-
.../unittests/sshbuf/test_sshbuf_getput_crypto.c | 3 +-
.../unittests/sshbuf/test_sshbuf_getput_fuzz.c | 5 +-
.../regress/unittests/sshbuf/test_sshbuf_misc.c | 3 +-
crypto/openssh/regress/unittests/sshkey/common.c | 3 +-
.../openssh/regress/unittests/sshkey/test_file.c | 5 +-
.../openssh/regress/unittests/sshkey/test_fuzz.c | 5 +-
.../openssh/regress/unittests/sshkey/test_sshkey.c | 5 +-
crypto/openssh/regress/unittests/sshsig/tests.c | 7 +-
.../openssh/regress/unittests/sshsig/webauthn.html | 6 +-
.../regress/unittests/test_helper/test_helper.c | 11 +-
crypto/openssh/rijndael.h | 5 +-
crypto/openssh/sandbox-capsicum.c | 1 -
crypto/openssh/sandbox-seccomp-filter.c | 14 +-
crypto/openssh/scp.1 | 4 +-
crypto/openssh/scp.c | 85 +-
crypto/openssh/servconf.c | 21 +-
crypto/openssh/serverloop.c | 157 +-
crypto/openssh/session.c | 5 +-
crypto/openssh/sftp-client.c | 200 +-
crypto/openssh/sftp-client.h | 4 +-
crypto/openssh/sftp-server.c | 85 +-
crypto/openssh/sftp.c | 1 -
crypto/openssh/sk-api.h | 7 +-
crypto/openssh/sk-usbhid.c | 225 +-
crypto/openssh/sk_config.h | 2 +
crypto/openssh/ssh-add.1 | 88 +-
crypto/openssh/ssh-add.c | 218 +-
crypto/openssh/ssh-agent.c | 716 +-
crypto/openssh/ssh-keygen.1 | 37 +-
crypto/openssh/ssh-keygen.c | 246 +-
crypto/openssh/ssh-keyscan.c | 70 +-
crypto/openssh/ssh-keysign.c | 42 +-
crypto/openssh/ssh-pkcs11-client.c | 16 +-
crypto/openssh/ssh-pkcs11-helper.c | 4 +-
crypto/openssh/ssh-pkcs11.c | 35 +-
crypto/openssh/ssh-sk-client.c | 98 +-
crypto/openssh/ssh-sk-helper.c | 33 +-
crypto/openssh/ssh-sk.c | 106 +-
crypto/openssh/ssh-sk.h | 14 +-
crypto/openssh/ssh.1 | 10 +-
crypto/openssh/ssh.c | 20 +-
crypto/openssh/ssh_config | 2 +-
crypto/openssh/ssh_config.5 | 22 +-
crypto/openssh/ssh_namespace.h | 40 +-
crypto/openssh/sshbuf-misc.c | 39 +-
crypto/openssh/sshbuf.h | 8 +-
crypto/openssh/sshconnect.c | 4 +-
crypto/openssh/sshconnect2.c | 79 +-
crypto/openssh/sshd.c | 76 +-
crypto/openssh/sshd_config | 2 +-
crypto/openssh/sshd_config.5 | 8 +-
crypto/openssh/sshkey.c | 31 +-
crypto/openssh/sshkey.h | 6 +-
crypto/openssh/sshsig.c | 284 +-
crypto/openssh/sshsig.h | 6 +-
crypto/openssh/umac.c | 4 +-
crypto/openssh/umac.h | 4 +-
crypto/openssh/version.h | 6 +-
lib/libpam/modules/pam_ssh/pam_ssh.c | 2 +-
secure/usr.sbin/sshd/Makefile | 2 +-
185 files changed, 13876 insertions(+), 12229 deletions(-)
diff --cc crypto/openssh/INSTALL
index 8ab8a403a4e2,000000000000..114d15314243
mode 100644,000000..100644
--- a/crypto/openssh/INSTALL
+++ b/crypto/openssh/INSTALL
@@@ -1,301 -1,0 +1,296 @@@
+1. Prerequisites
+----------------
+
+A C compiler. Any C89 or better compiler should work. Where supported,
+configure will attempt to enable the compiler's run-time integrity checking
+options. Some notes about specific compilers:
+ - clang: -ftrapv and -sanitize=integer require the compiler-rt runtime
+ (CC=clang LDFLAGS=--rtlib=compiler-rt ./configure)
+
+To support Privilege Separation (which is now required) you will need
+to create the user, group and directory used by sshd for privilege
+separation. See README.privsep for details.
+
+
+The remaining items are optional.
+
+A working installation of zlib:
+Zlib 1.1.4 or 1.2.1.2 or greater (earlier 1.2.x versions have problems):
+http://www.gzip.org/zlib/
+
+libcrypto from either of LibreSSL or OpenSSL. Building without libcrypto
+is supported but severely restricts the available ciphers and algorithms.
+ - LibreSSL (https://www.libressl.org/)
+ - OpenSSL (https://www.openssl.org) with any of the following versions:
+ - 1.0.x >= 1.0.1 or 1.1.0 >= 1.1.0g or any 1.1.1
+
+Note that due to a bug in EVP_CipherInit OpenSSL 1.1 versions prior to
+1.1.0g can't be used.
+
+LibreSSL/OpenSSL should be compiled as a position-independent library
+(i.e. -fPIC, eg by configuring OpenSSL as "./config [options] -fPIC"
+or LibreSSL as "CFLAGS=-fPIC ./configure") otherwise OpenSSH will not
+be able to link with it. If you must use a non-position-independent
+libcrypto, then you may need to configure OpenSSH --without-pie.
+
+If you build either from source, running the OpenSSL self-test ("make
+tests") or the LibreSSL equivalent ("make check") and ensuring that all
+tests pass is strongly recommended.
+
+NB. If you operating system supports /dev/random, you should configure
+libcrypto (LibreSSL/OpenSSL) to use it. OpenSSH relies on libcrypto's
+direct support of /dev/random, or failing that, either prngd or egd.
+
+PRNGD:
+
+If your system lacks kernel-based random collection, the use of Lutz
+Jaenicke's PRNGd is recommended. It requires that libcrypto be configured
+to support it.
+
+http://prngd.sourceforge.net/
+
+EGD:
+
+The Entropy Gathering Daemon (EGD) supports the same interface as prngd.
+It also supported only if libcrypto is configured to support it.
+
+http://egd.sourceforge.net/
+
+PAM:
+
+OpenSSH can utilise Pluggable Authentication Modules (PAM) if your
+system supports it. PAM is standard most Linux distributions, Solaris,
+HP-UX 11, AIX >= 5.2, FreeBSD, NetBSD and Mac OS X.
+
+Information about the various PAM implementations are available:
+
+Solaris PAM: http://www.sun.com/software/solaris/pam/
+Linux PAM: http://www.kernel.org/pub/linux/libs/pam/
+OpenPAM: http://www.openpam.org/
+
+If you wish to build the GNOME passphrase requester, you will need the GNOME
+libraries and headers.
+
+GNOME:
+http://www.gnome.org/
+
+Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11
+passphrase requester. This is maintained separately at:
+
+http://www.jmknoble.net/software/x11-ssh-askpass/
+
+TCP Wrappers:
+
+If you wish to use the TCP wrappers functionality you will need at least
+tcpd.h and libwrap.a, either in the standard include and library paths,
+or in the directory specified by --with-tcp-wrappers. Version 7.6 is
+known to work.
+
+http://ftp.porcupine.org/pub/security/index.html
+
+LibEdit:
+
+sftp supports command-line editing via NetBSD's libedit. If your platform
+has it available natively you can use that, alternatively you might try
+these multi-platform ports:
+
+http://www.thrysoee.dk/editline/
+http://sourceforge.net/projects/libedit/
+
+LDNS:
+
+LDNS is a DNS BSD-licensed resolver library which supports DNSSEC.
+
+http://nlnetlabs.nl/projects/ldns/
+
+Autoconf:
+
+If you modify configure.ac or configure doesn't exist (eg if you checked
+the code out of git yourself) then you will need autoconf-2.69 and
+automake-1.16.1 to rebuild the automatically generated files by running
+"autoreconf". Earlier versions may also work but this is not guaranteed.
+
+http://www.gnu.org/software/autoconf/
+http://www.gnu.org/software/automake/
+
+Basic Security Module (BSM):
+
+Native BSM support is known to exist in Solaris from at least 2.5.1,
+FreeBSD 6.1 and OS X. Alternatively, you may use the OpenBSM
+implementation (http://www.openbsm.org).
+
+makedepend:
+
+https://www.x.org/archive/individual/util/
+
+If you are making significant changes to the code you may need to rebuild
+the dependency (.depend) file using "make depend", which requires the
+"makedepend" tool from the X11 distribution.
+
+libfido2:
+
+libfido2 allows the use of hardware security keys over USB. libfido2
+in turn depends on libcbor. libfido2 >= 1.5.0 is strongly recommended.
+Limited functionality is possible with earlier libfido2 versions.
+
+https://github.com/Yubico/libfido2
+https://github.com/pjk/libcbor
+
+
+2. Building / Installation
+--------------------------
+
+To install OpenSSH with default options:
+
+./configure
+make
+make install
+
+This will install the OpenSSH binaries in /usr/local/bin, configuration files
+in /usr/local/etc, the server in /usr/local/sbin, etc. To specify a different
+installation prefix, use the --prefix option to configure:
+
+./configure --prefix=/opt
+make
+make install
+
+Will install OpenSSH in /opt/{bin,etc,lib,sbin}. You can also override
+specific paths, for example:
+
+./configure --prefix=/opt --sysconfdir=/etc/ssh
+make
+make install
+
+This will install the binaries in /opt/{bin,lib,sbin}, but will place the
+configuration files in /etc/ssh.
+
+If you are using PAM, you may need to manually install a PAM control
+file as "/etc/pam.d/sshd" (or wherever your system prefers to keep
+them). Note that the service name used to start PAM is __progname,
+which is the basename of the path of your sshd (e.g., the service name
+for /usr/sbin/osshd will be osshd). If you have renamed your sshd
+executable, your PAM configuration may need to be modified.
+
+A generic PAM configuration is included as "contrib/sshd.pam.generic",
+you may need to edit it before using it on your system. If you are
+using a recent version of Red Hat Linux, the config file in
+contrib/redhat/sshd.pam should be more useful. Failure to install a
+valid PAM file may result in an inability to use password
+authentication. On HP-UX 11 and Solaris, the standard /etc/pam.conf
+configuration will work with sshd (sshd will match the other service
+name).
+
+There are a few other options to the configure script:
+
+--with-audit=[module] enable additional auditing via the specified module.
+Currently, drivers for "debug" (additional info via syslog) and "bsm"
+(Sun's Basic Security Module) are supported.
+
+--with-pam enables PAM support. If PAM support is compiled in, it must
+also be enabled in sshd_config (refer to the UsePAM directive).
+
+--with-prngd-socket=/some/file allows you to enable EGD or PRNGD
+support and to specify a PRNGd socket. Use this if your Unix lacks
+/dev/random.
+
+--with-prngd-port=portnum allows you to enable EGD or PRNGD support
+and to specify a EGD localhost TCP port. Use this if your Unix lacks
+/dev/random.
+
+--with-lastlog=FILE will specify the location of the lastlog file.
+./configure searches a few locations for lastlog, but may not find
+it if lastlog is installed in a different place.
+
+--without-lastlog will disable lastlog support entirely.
+
+--with-osfsia, --without-osfsia will enable or disable OSF1's Security
+Integration Architecture. The default for OSF1 machines is enable.
+
+--with-tcp-wrappers will enable TCP Wrappers (/etc/hosts.allow|deny)
+support.
+
- --with-md5-passwords will enable the use of MD5 passwords. Enable this
- if your operating system uses MD5 passwords and the system crypt() does
- not support them directly (see the crypt(3/3c) man page). If enabled, the
- resulting binary will support both MD5 and traditional crypt passwords.
-
+--with-utmpx enables utmpx support. utmpx support is automatic for
+some platforms.
+
+--without-shadow disables shadow password support.
+
+--with-ipaddr-display forces the use of a numeric IP address in the
+$DISPLAY environment variable. Some broken systems need this.
+
+--with-default-path=PATH allows you to specify a default $PATH for sessions
+started by sshd. This replaces the standard path entirely.
+
+--with-pid-dir=PATH specifies the directory in which the sshd.pid file is
+created.
+
+--with-xauth=PATH specifies the location of the xauth binary
+
+--with-ssl-dir=DIR allows you to specify where your Libre/OpenSSL
+libraries are installed.
+
+--with-ssl-engine enables Libre/OpenSSL's (hardware) ENGINE support
+
+--without-openssl builds without using OpenSSL. Only a subset of ciphers
+and algorithms are supported in this configuration.
+
+--without-zlib builds without zlib. This disables the Compression option.
+
+--with-4in6 Check for IPv4 in IPv6 mapped addresses and convert them to
+real (AF_INET) IPv4 addresses. Works around some quirks on Linux.
+
+If you need to pass special options to the compiler or linker, you
+can specify these as environment variables before running ./configure.
+For example:
+
+CC="/usr/foo/cc" CFLAGS="-O" LDFLAGS="-s" LIBS="-lrubbish" ./configure
+
+3. Configuration
+----------------
+
+The runtime configuration files are installed by in ${prefix}/etc or
+whatever you specified as your --sysconfdir (/usr/local/etc by default).
+
+The default configuration should be instantly usable, though you should
+review it to ensure that it matches your security requirements.
+
+To generate a host key, run "make host-key". Alternately you can do so
+manually using the following commands:
+
+ ssh-keygen -t [type] -f /etc/ssh/ssh_host_key -N ""
+
+for each of the types you wish to generate (rsa, dsa or ecdsa) or
+
+ ssh-keygen -A
+
+to generate keys for all supported types.
+
+Replacing /etc/ssh with the correct path to the configuration directory.
+(${prefix}/etc or whatever you specified with --sysconfdir during
+configuration).
+
+If you have configured OpenSSH with EGD/prngd support, ensure that EGD or
+prngd is running and has collected some entropy first.
+
+For more information on configuration, please refer to the manual pages
+for sshd, ssh and ssh-agent.
+
+4. (Optional) Send survey
+-------------------------
+
+$ make survey
+[check the contents of the file "survey" to ensure there's no information
+that you consider sensitive]
+$ make send-survey
+
+This will send configuration information for the currently configured
+host to a survey address. This will help determine which configurations
+are actually in use, and what valid combinations of configure options
+exist. The raw data is available only to the OpenSSH developers, however
+summary data may be published.
+
+5. Problems?
+------------
+
+If you experience problems compiling, installing or running OpenSSH,
+please refer to the "reporting bugs" section of the webpage at
+https://www.openssh.com/
diff --cc crypto/openssh/SECURITY.md
index 000000000000,ba436c4f176d..ba436c4f176d
mode 000000,100644..100644
--- a/crypto/openssh/SECURITY.md
+++ b/crypto/openssh/SECURITY.md
diff --cc crypto/openssh/auth.c
index 581d8dce2792,000000000000..faa1a4d3c666
mode 100644,000000..100644
--- a/crypto/openssh/auth.c
+++ b/crypto/openssh/auth.c
@@@ -1,1065 -1,0 +1,1075 @@@
- /* $OpenBSD: auth.c,v 1.153 2021/07/05 00:50:25 dtucker Exp $ */
++/* $OpenBSD: auth.c,v 1.154 2022/02/23 11:17:10 djm Exp $ */
+/*
+ * Copyright (c) 2000 Markus Friedl. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "includes.h"
+__RCSID("$FreeBSD$");
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+
+#include <netinet/in.h>
+
+#include <stdlib.h>
+#include <errno.h>
+#include <fcntl.h>
+#ifdef HAVE_PATHS_H
+# include <paths.h>
+#endif
+#include <pwd.h>
+#ifdef HAVE_LOGIN_H
+#include <login.h>
+#endif
+#ifdef USE_SHADOW
+#include <shadow.h>
+#endif
+#include <stdarg.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <limits.h>
+#include <netdb.h>
+#include <time.h>
+
+#include "xmalloc.h"
+#include "match.h"
+#include "groupaccess.h"
+#include "log.h"
+#include "sshbuf.h"
+#include "misc.h"
+#include "servconf.h"
+#include "sshkey.h"
+#include "hostfile.h"
+#include "auth.h"
+#include "auth-options.h"
+#include "canohost.h"
+#include "uidswap.h"
+#include "packet.h"
+#include "loginrec.h"
+#ifdef GSSAPI
+#include "ssh-gss.h"
+#endif
+#include "authfile.h"
+#include "monitor_wrap.h"
+#include "ssherr.h"
+#include "compat.h"
+#include "channels.h"
+#include "blacklist_client.h"
+
+/* import */
+extern ServerOptions options;
+extern struct include_list includes;
+extern int use_privsep;
+extern struct sshbuf *loginmsg;
+extern struct passwd *privsep_pw;
+extern struct sshauthopt *auth_opts;
+
+/* Debugging messages */
+static struct sshbuf *auth_debug;
+
+/*
+ * Check if the user is allowed to log in via ssh. If user is listed
+ * in DenyUsers or one of user's groups is listed in DenyGroups, false
+ * will be returned. If AllowUsers isn't empty and user isn't listed
+ * there, or if AllowGroups isn't empty and one of user's groups isn't
+ * listed there, false will be returned.
+ * If the user's shell is not executable, false will be returned.
+ * Otherwise true is returned.
+ */
+int
+allowed_user(struct ssh *ssh, struct passwd * pw)
+{
+ struct stat st;
+ const char *hostname = NULL, *ipaddr = NULL, *passwd = NULL;
+ u_int i;
+ int r;
+#ifdef USE_SHADOW
+ struct spwd *spw = NULL;
+#endif
+
+ /* Shouldn't be called if pw is NULL, but better safe than sorry... */
+ if (!pw || !pw->pw_name)
+ return 0;
+
+#ifdef USE_SHADOW
+ if (!options.use_pam)
+ spw = getspnam(pw->pw_name);
+#ifdef HAS_SHADOW_EXPIRE
+ if (!options.use_pam && spw != NULL && auth_shadow_acctexpired(spw))
+ return 0;
+#endif /* HAS_SHADOW_EXPIRE */
+#endif /* USE_SHADOW */
+
+ /* grab passwd field for locked account check */
+ passwd = pw->pw_passwd;
+#ifdef USE_SHADOW
+ if (spw != NULL)
+#ifdef USE_LIBIAF
+ passwd = get_iaf_password(pw);
+#else
+ passwd = spw->sp_pwdp;
+#endif /* USE_LIBIAF */
+#endif
+
+ /* check for locked account */
+ if (!options.use_pam && passwd && *passwd) {
+ int locked = 0;
+
+#ifdef LOCKED_PASSWD_STRING
+ if (strcmp(passwd, LOCKED_PASSWD_STRING) == 0)
+ locked = 1;
+#endif
+#ifdef LOCKED_PASSWD_PREFIX
+ if (strncmp(passwd, LOCKED_PASSWD_PREFIX,
+ strlen(LOCKED_PASSWD_PREFIX)) == 0)
+ locked = 1;
+#endif
+#ifdef LOCKED_PASSWD_SUBSTR
+ if (strstr(passwd, LOCKED_PASSWD_SUBSTR))
+ locked = 1;
+#endif
+#ifdef USE_LIBIAF
+ free((void *) passwd);
+#endif /* USE_LIBIAF */
+ if (locked) {
+ logit("User %.100s not allowed because account is locked",
+ pw->pw_name);
+ return 0;
+ }
+ }
+
+ /*
+ * Deny if shell does not exist or is not executable unless we
+ * are chrooting.
+ */
+ if (options.chroot_directory == NULL ||
+ strcasecmp(options.chroot_directory, "none") == 0) {
+ char *shell = xstrdup((pw->pw_shell[0] == '\0') ?
+ _PATH_BSHELL : pw->pw_shell); /* empty = /bin/sh */
+
+ if (stat(shell, &st) == -1) {
+ logit("User %.100s not allowed because shell %.100s "
+ "does not exist", pw->pw_name, shell);
+ free(shell);
+ return 0;
+ }
+ if (S_ISREG(st.st_mode) == 0 ||
+ (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) {
+ logit("User %.100s not allowed because shell %.100s "
+ "is not executable", pw->pw_name, shell);
+ free(shell);
+ return 0;
+ }
+ free(shell);
+ }
+
+ if (options.num_deny_users > 0 || options.num_allow_users > 0 ||
+ options.num_deny_groups > 0 || options.num_allow_groups > 0) {
+ hostname = auth_get_canonical_hostname(ssh, options.use_dns);
+ ipaddr = ssh_remote_ipaddr(ssh);
+ }
+
+ /* Return false if user is listed in DenyUsers */
+ if (options.num_deny_users > 0) {
+ for (i = 0; i < options.num_deny_users; i++) {
+ r = match_user(pw->pw_name, hostname, ipaddr,
+ options.deny_users[i]);
+ if (r < 0) {
+ fatal("Invalid DenyUsers pattern \"%.100s\"",
+ options.deny_users[i]);
+ } else if (r != 0) {
+ logit("User %.100s from %.100s not allowed "
+ "because listed in DenyUsers",
+ pw->pw_name, hostname);
+ return 0;
+ }
+ }
+ }
+ /* Return false if AllowUsers isn't empty and user isn't listed there */
+ if (options.num_allow_users > 0) {
+ for (i = 0; i < options.num_allow_users; i++) {
+ r = match_user(pw->pw_name, hostname, ipaddr,
+ options.allow_users[i]);
+ if (r < 0) {
+ fatal("Invalid AllowUsers pattern \"%.100s\"",
+ options.allow_users[i]);
+ } else if (r == 1)
+ break;
+ }
+ /* i < options.num_allow_users iff we break for loop */
+ if (i >= options.num_allow_users) {
+ logit("User %.100s from %.100s not allowed because "
+ "not listed in AllowUsers", pw->pw_name, hostname);
+ return 0;
+ }
+ }
+ if (options.num_deny_groups > 0 || options.num_allow_groups > 0) {
+ /* Get the user's group access list (primary and supplementary) */
+ if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
+ logit("User %.100s from %.100s not allowed because "
+ "not in any group", pw->pw_name, hostname);
+ return 0;
+ }
+
+ /* Return false if one of user's groups is listed in DenyGroups */
+ if (options.num_deny_groups > 0)
+ if (ga_match(options.deny_groups,
+ options.num_deny_groups)) {
+ ga_free();
+ logit("User %.100s from %.100s not allowed "
+ "because a group is listed in DenyGroups",
+ pw->pw_name, hostname);
+ return 0;
+ }
+ /*
+ * Return false if AllowGroups isn't empty and one of user's groups
+ * isn't listed there
+ */
+ if (options.num_allow_groups > 0)
+ if (!ga_match(options.allow_groups,
+ options.num_allow_groups)) {
+ ga_free();
+ logit("User %.100s from %.100s not allowed "
+ "because none of user's groups are listed "
+ "in AllowGroups", pw->pw_name, hostname);
+ return 0;
+ }
+ ga_free();
+ }
+
+#ifdef CUSTOM_SYS_AUTH_ALLOWED_USER
+ if (!sys_auth_allowed_user(pw, loginmsg))
+ return 0;
+#endif
+
+ /* We found no reason not to let this user try to log on... */
+ return 1;
+}
+
+/*
+ * Formats any key left in authctxt->auth_method_key for inclusion in
+ * auth_log()'s message. Also includes authxtct->auth_method_info if present.
+ */
+static char *
+format_method_key(Authctxt *authctxt)
+{
+ const struct sshkey *key = authctxt->auth_method_key;
+ const char *methinfo = authctxt->auth_method_info;
+ char *fp, *cafp, *ret = NULL;
+
+ if (key == NULL)
+ return NULL;
+
+ if (sshkey_is_cert(key)) {
+ fp = sshkey_fingerprint(key,
+ options.fingerprint_hash, SSH_FP_DEFAULT);
+ cafp = sshkey_fingerprint(key->cert->signature_key,
+ options.fingerprint_hash, SSH_FP_DEFAULT);
+ xasprintf(&ret, "%s %s ID %s (serial %llu) CA %s %s%s%s",
+ sshkey_type(key), fp == NULL ? "(null)" : fp,
+ key->cert->key_id,
+ (unsigned long long)key->cert->serial,
+ sshkey_type(key->cert->signature_key),
+ cafp == NULL ? "(null)" : cafp,
+ methinfo == NULL ? "" : ", ",
+ methinfo == NULL ? "" : methinfo);
+ free(fp);
+ free(cafp);
+ } else {
+ fp = sshkey_fingerprint(key, options.fingerprint_hash,
+ SSH_FP_DEFAULT);
+ xasprintf(&ret, "%s %s%s%s", sshkey_type(key),
+ fp == NULL ? "(null)" : fp,
+ methinfo == NULL ? "" : ", ",
+ methinfo == NULL ? "" : methinfo);
+ free(fp);
+ }
+ return ret;
+}
+
+void
+auth_log(struct ssh *ssh, int authenticated, int partial,
+ const char *method, const char *submethod)
+{
+ Authctxt *authctxt = (Authctxt *)ssh->authctxt;
+ int level = SYSLOG_LEVEL_VERBOSE;
+ const char *authmsg;
+ char *extra = NULL;
+
+ if (use_privsep && !mm_is_monitor() && !authctxt->postponed)
+ return;
+
+ /* Raise logging level */
+ if (authenticated == 1 ||
+ !authctxt->valid ||
+ authctxt->failures >= options.max_authtries / 2 ||
+ strcmp(method, "password") == 0)
+ level = SYSLOG_LEVEL_INFO;
+
+ if (authctxt->postponed)
+ authmsg = "Postponed";
+ else if (partial)
+ authmsg = "Partial";
+ else {
+ authmsg = authenticated ? "Accepted" : "Failed";
+ if (authenticated)
+ BLACKLIST_NOTIFY(ssh, BLACKLIST_AUTH_OK, "ssh");
+ }
+
+ if ((extra = format_method_key(authctxt)) == NULL) {
+ if (authctxt->auth_method_info != NULL)
+ extra = xstrdup(authctxt->auth_method_info);
+ }
+
+ do_log2(level, "%s %s%s%s for %s%.100s from %.200s port %d ssh2%s%s",
+ authmsg,
+ method,
+ submethod != NULL ? "/" : "", submethod == NULL ? "" : submethod,
+ authctxt->valid ? "" : "invalid user ",
+ authctxt->user,
+ ssh_remote_ipaddr(ssh),
+ ssh_remote_port(ssh),
+ extra != NULL ? ": " : "",
+ extra != NULL ? extra : "");
+
+ free(extra);
+
+#if defined(CUSTOM_FAILED_LOGIN) || defined(SSH_AUDIT_EVENTS)
+ if (authenticated == 0 && !(authctxt->postponed || partial)) {
+ /* Log failed login attempt */
+# ifdef CUSTOM_FAILED_LOGIN
+ if (strcmp(method, "password") == 0 ||
+ strncmp(method, "keyboard-interactive", 20) == 0 ||
+ strcmp(method, "challenge-response") == 0)
+ record_failed_login(ssh, authctxt->user,
+ auth_get_canonical_hostname(ssh, options.use_dns), "ssh");
+# endif
+# ifdef SSH_AUDIT_EVENTS
+ audit_event(ssh, audit_classify_auth(method));
+# endif
+ }
+#endif
+#if defined(CUSTOM_FAILED_LOGIN) && defined(WITH_AIXAUTHENTICATE)
+ if (authenticated)
+ sys_auth_record_login(authctxt->user,
+ auth_get_canonical_hostname(ssh, options.use_dns), "ssh",
+ loginmsg);
+#endif
+}
+
+void
+auth_maxtries_exceeded(struct ssh *ssh)
+{
+ Authctxt *authctxt = (Authctxt *)ssh->authctxt;
+
+ error("maximum authentication attempts exceeded for "
+ "%s%.100s from %.200s port %d ssh2",
+ authctxt->valid ? "" : "invalid user ",
+ authctxt->user,
+ ssh_remote_ipaddr(ssh),
+ ssh_remote_port(ssh));
+ ssh_packet_disconnect(ssh, "Too many authentication failures");
+ /* NOTREACHED */
+}
+
+/*
+ * Check whether root logins are disallowed.
+ */
+int
+auth_root_allowed(struct ssh *ssh, const char *method)
+{
+ switch (options.permit_root_login) {
+ case PERMIT_YES:
+ return 1;
+ case PERMIT_NO_PASSWD:
+ if (strcmp(method, "publickey") == 0 ||
+ strcmp(method, "hostbased") == 0 ||
+ strcmp(method, "gssapi-with-mic") == 0)
+ return 1;
+ break;
+ case PERMIT_FORCED_ONLY:
+ if (auth_opts->force_command != NULL) {
+ logit("Root login accepted for forced command.");
+ return 1;
+ }
+ break;
+ }
+ logit("ROOT LOGIN REFUSED FROM %.200s port %d",
+ ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
+ return 0;
+}
+
+
+/*
+ * Given a template and a passwd structure, build a filename
+ * by substituting % tokenised options. Currently, %% becomes '%',
+ * %h becomes the home directory and %u the username.
+ *
+ * This returns a buffer allocated by xmalloc.
+ */
+char *
+expand_authorized_keys(const char *filename, struct passwd *pw)
+{
*** 16890 LINES SKIPPED ***