| #
ec610c87 |
| 11-Oct-2016 |
djm <djm@openbsd.org> |
Add a per-packet input hook that is called with the decrypted packet
contents. This will be used for fuzzing; ok markus@
|
| #
e5d05752 |
| 30-Sep-2016 |
markus <markus@openbsd.org> |
ssh proxy mux mode (-O proxy; idea from Simon Tatham):
- mux client speaks the ssh-packet protocol directly over unix-domain socket.
- mux server acts as a proxy, translates channel IDs and relays to
ssh proxy mux mode (-O proxy; idea from Simon Tatham):
- mux client speaks the ssh-packet protocol directly over unix-domain socket.
- mux server acts as a proxy, translates channel IDs and relays to the server.
- no filedescriptor passing necessary.
- combined with unix-domain forwarding it's even possible to run mux client
and server on different machines.
feedback & ok djm@
show more ...
|
| #
3095060f |
| 28-Sep-2016 |
djm <djm@openbsd.org> |
Remove support for pre-authentication compression. Doing compression
early in the protocol probably seemed reasonable in the 1990s, but
today it's clearly a bad idea in terms of both cryptography (cf
Remove support for pre-authentication compression. Doing compression
early in the protocol probably seemed reasonable in the 1990s, but
today it's clearly a bad idea in terms of both cryptography (cf.
multiple compression oracle attacks in TLS) and attack surface.
Moreover, to support it across privilege-separation zlib needed
the assistance of a complex shared-memory manager that made the
required attack surface considerably larger.
Prompted by Guido Vranken pointing out a compiler-elided security
check in the shared memory manager found by Stack
(http://css.csail.mit.edu/stack/); ok deraadt@ markus@
NB. pre-auth authentication has been disabled by default in sshd
for >10 years.
show more ...
|
| #
1667b834 |
| 07-Mar-2016 |
djm <djm@openbsd.org> |
refactor canohost.c: move functions that cache results closer to the
places that use them (authn and session code). After this, no state is
cached in canohost.c
feedback and ok markus@
|
| #
5dce5bc0 |
| 08-Feb-2016 |
djm <djm@openbsd.org> |
refactor activation of rekeying
This makes automatic rekeying internal to the packet code (previously
the server and client loops needed to assist). In doing to it makes
application of rekey limits
refactor activation of rekeying
This makes automatic rekeying internal to the packet code (previously
the server and client loops needed to assist). In doing to it makes
application of rekey limits more accurate by accounting for packets
about to be sent as well as packets queued during rekeying events
themselves.
Based on a patch from dtucker@ which was in turn based on a patch
Aleksander Adamowski in bz#2521; ok markus@
show more ...
|
| #
f4a3b94f |
| 29-Jan-2016 |
dtucker <dtucker@openbsd.org> |
Allow RekeyLimits in excess of 4G up to 2**63 bits (limited by the return
type of scan_scaled). Part of bz#2521, ok djm.
|
| #
9068ae8f |
| 14-Jan-2016 |
markus <markus@openbsd.org> |
remove roaming support; ok djm@
|
| #
244854f5 |
| 11-Dec-2015 |
djm <djm@openbsd.org> |
include remote port number in a few more messages; makes tying log
messages together into a session a bit easier; bz#2503 ok dtucker@
|
| #
7b0d3b43 |
| 30-Jan-2015 |
djm <djm@openbsd.org> |
avoid more fatal/exit in the packet.c paths that ssh-keyscan
uses; feedback and "looks good" markus@
|
| #
42dab86d |
| 28-Jan-2015 |
djm <djm@openbsd.org> |
avoid fatal() calls in packet code
makes ssh-keyscan more reliable against server failures
ok dtucker@ markus@
|
| #
d9c3c4c1 |
| 19-Jan-2015 |
markus <markus@openbsd.org> |
add experimental api for packet layer; ok djm@
|
| #
b4c826f7 |
| 19-Jan-2015 |
markus <markus@openbsd.org> |
move dispatch to struct ssh; ok djm@
|
| #
8eeb9388 |
| 19-Jan-2015 |
markus <markus@openbsd.org> |
update packet.c & isolate, introduce struct ssh
a) switch packet.c to buffer api and isolate per-connection info into struct ssh
b) (de)serialization of the state is moved from monitor to packet.c
c)
update packet.c & isolate, introduce struct ssh
a) switch packet.c to buffer api and isolate per-connection info into struct ssh
b) (de)serialization of the state is moved from monitor to packet.c
c) the old packet.c API is implemented in opacket.[ch]
d) compress.c/h is removed and integrated into packet.c
with and ok djm@
show more ...
|
| #
87f0df62 |
| 03-May-2014 |
markus <markus@openbsd.org> |
unbreak compression, by re-init-ing the compression code in the
post-auth child. the new buffer code is more strict, and requires
buffer_init() while the old code was happy after a bzero();
originall
unbreak compression, by re-init-ing the compression code in the
post-auth child. the new buffer code is more strict, and requires
buffer_init() while the old code was happy after a bzero();
originally from djm@
show more ...
|
| #
a06cba94 |
| 28-Apr-2014 |
djm <djm@openbsd.org> |
buffer_get_string_ptr's return should be const to remind
callers that futzing with it will futz with the actual buffer
contents
|
| #
2d917344 |
| 12-Jul-2013 |
djm <djm@openbsd.org> |
fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
|
| #
522a5c19 |
| 16-May-2013 |
dtucker <dtucker@openbsd.org> |
Add an optional second argument to RekeyLimit in the client to allow
rekeying based on elapsed time in addition to amount of traffic.
with djm@ jmc@, ok djm
|
| #
de0b1e28 |
| 25-Jan-2012 |
markus <markus@openbsd.org> |
packet_read_poll() is not used anymore.
|
| #
d89dcbf3 |
| 06-May-2011 |
djm <djm@openbsd.org> |
set traffic class for IPv6 traffic as we do for IPv4 TOS;
patch from lionel AT mamane.lu via Colin Watson in bz#1855;
ok markus@
|
| #
86c6b382 |
| 13-Nov-2010 |
djm <djm@openbsd.org> |
allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
hardcoding lowdelay/throughput.
bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
|
| #
f6c05033 |
| 31-Aug-2010 |
djm <djm@openbsd.org> |
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
better performance than plain DH and DSA at the same equiv
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
better performance than plain DH and DSA at the same equivalent symmetric
key length, as well as much shorter keys.
Only the mandatory sections of RFC5656 are implemented, specifically the
three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
ECDSA. Point compression (optional in RFC5656 is NOT implemented).
Certificate host and user keys using the new ECDSA key types are supported.
Note that this code has not been tested for interoperability and may be
subject to change.
feedback and ok markus@
show more ...
|
| #
867f0cff |
| 31-Aug-2010 |
djm <djm@openbsd.org> |
Add buffer_get_cstring() and related functions that verify that the
string extracted from the buffer contains no embedded \0 characters*
This prevents random (possibly malicious) crap from being appe
Add buffer_get_cstring() and related functions that verify that the
string extracted from the buffer contains no embedded \0 characters*
This prevents random (possibly malicious) crap from being appended to
strings where it would not be noticed if the string is used with
a string(3) function.
Use the new API in a few sensitive places.
* actually, we allow a single one at the end of the string for now because
we don't know how many deployed implementations get this wrong, but don't
count on this to remain indefinitely.
show more ...
|
| #
16fb6186 |
| 27-Jun-2009 |
andreas <andreas@openbsd.org> |
packet_bacup_state() and packet_restore_state() will be used to
temporarily save the current state ren resuming a suspended connection.
ok markus@
|
| #
baf8b2e2 |
| 27-May-2009 |
andreas <andreas@openbsd.org> |
Add packet_put_int64() and packet_get_int64(), part of a larger change
from Martin Forssen.
ok markus@
|
| #
bd3c5045 |
| 25-May-2009 |
andreas <andreas@openbsd.org> |
Put the globals in packet.c into a struct and don't access it directly
from other files. No functional changes.
ok markus@ djm@
|