diff options
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 3783 |
1 files changed, 1863 insertions, 1920 deletions
diff --git a/ChangeLog b/ChangeLog index bb729917c333d..6d7a7d265eb83 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,1866 @@ +commit 71508e06fab14bc415a79a08f5535ad7bffa93d9 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 23 15:41:42 2018 +1000 + + shorten temporary SSH_REGRESS_TMP path + + Previous path was exceeding max socket length on at least one platform (OSX) + +commit 26739cf5bdc9030a583b41ae5261dedd862060f0 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 23 13:06:02 2018 +1000 + + rebuild dependencies + +commit ff729025c7463cf5d0a8d1ca1823306e48c6d4cf +Author: Damien Miller <djm@mindrot.org> +Date: Thu Aug 23 13:03:32 2018 +1000 + + fix path in distclean target + + Patch from Jakub Jelen + +commit 7fef173c28f7462dcd8ee017fdf12b5073f54c02 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Aug 23 03:01:08 2018 +0000 + + upstream: memleak introduced in r1.83; from Colin Watson + + OpenBSD-Commit-ID: 5c019104c280cbd549a264a7217b67665e5732dc + +commit b8ae02a2896778b8984c7f51566c7f0f56fa8b56 +Author: schwarze@openbsd.org <schwarze@openbsd.org> +Date: Tue Aug 21 13:56:27 2018 +0000 + + upstream: AIX reports the CODESET as "ISO8859-1" in the POSIX locale. + + Treating that as a safe encoding is OK because even when other systems return + that string for real ISO8859-1, it is still safe in the sense that it is + ASCII-compatible and stateless. + + Issue reported by Val dot Baranov at duke dot edu. Additional + information provided by Michael dot Felt at felt dot demon dot nl. + Tested by Michael Felt on AIX 6.1 and by Val Baranov on AIX 7.1. + Tweak and OK djm@. + + OpenBSD-Commit-ID: 36f1210e0b229817d10eb490d6038f507b8256a7 + +commit bc44ee088ad269d232e514f037c87ada4c2fd3f0 +Author: Tim Rice <tim@multitalents.net> +Date: Tue Aug 21 08:57:24 2018 -0700 + + modified: openbsd-compat/port-uw.c + remove obsolete and un-needed include + +commit 829fc28a9c54e3f812ee7248c7a3e31eeb4f0b3a +Author: Damien Miller <djm@mindrot.org> +Date: Mon Aug 20 15:57:29 2018 +1000 + + Missing unistd.h for regress/mkdtemp.c + +commit c8313e492355a368a91799131520d92743d8d16c +Author: Damien Miller <djm@mindrot.org> +Date: Fri Aug 17 05:45:20 2018 +1000 + + update version numbers in anticipation of release + +commit 477b49a34b89f506f4794b35e3c70b3e2e83cd38 +Author: Corinna Vinschen <vinschen@redhat.com> +Date: Mon Aug 13 17:08:51 2018 +0200 + + configure: work around GCC shortcoming on Cygwin + + Cygwin's latest 7.x GCC allows to specify -mfunction-return=thunk + as well as -mindirect-branch=thunk on the command line, albeit + producing invalid code, leading to an error at link stage. + + The check in configure.ac only checks if the option is present, + but not if it produces valid code. + + This patch fixes it by special-casing Cygwin. Another solution + may be to change these to linker checks. + + Signed-off-by: Corinna Vinschen <vinschen@redhat.com> + +commit b0917945efa374be7648d67dbbaaff323ab39edc +Author: Corinna Vinschen <vinschen@redhat.com> +Date: Mon Aug 13 17:05:05 2018 +0200 + + cygwin: add missing stdarg.h include + + Further header file standarization in Cygwin uncovered a lazy + indirect include in bsd-cygwin_util.c + + Signed-off-by: Corinna Vinschen <vinschen@redhat.com> + +commit c3903c38b0fd168ab3d925c2b129d1a599593426 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Aug 13 02:41:05 2018 +0000 + + upstream: revert compat.[ch] section of the following change. It + + causes double-free under some circumstances. + + -- + + date: 2018/07/31 03:07:24; author: djm; state: Exp; lines: +33 -18; commitid: f7g4UI8eeOXReTPh; + fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366 + feedback and ok dtucker@ + + OpenBSD-Commit-ID: 1e77547f60fdb5e2ffe23e2e4733c54d8d2d1137 + +commit 1b9dd4aa15208100fbc3650f33ea052255578282 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Aug 12 20:19:13 2018 +0000 + + upstream: better diagnosics on alg list assembly errors; ok + + deraadt@ markus@ + + OpenBSD-Commit-ID: 5a557e74b839daf13cc105924d2af06a1560faee + +commit e36a5f61b0f5bebf6d49c215d228cd99dfe86e28 +Author: Damien Miller <djm@mindrot.org> +Date: Sat Aug 11 18:08:45 2018 -0700 + + Some AIX fixes; report from Michael Felt + +commit 2f4766ceefe6657c5ad5fe92d13c411872acae0e +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Aug 10 01:35:49 2018 +0000 + + upstream: The script that cooks up PuTTY format host keys does not + + understand the new key format so convert back to old format to create the + PuTTY key and remove it once done. + + OpenBSD-Regress-ID: 2a449a18846c3a144bc645135b551ba6177e38d3 + +commit e1b26ce504662a5d5b991091228984ccfd25f280 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Aug 10 00:44:01 2018 +0000 + + upstream: improve + + OpenBSD-Commit-ID: 40d839db0977b4e7ac8b647b16d5411d4faf2f60 + +commit 7c712966a3139622f7fb55045368d05de4e6782c +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Aug 10 00:42:29 2018 +0000 + + upstream: Describe pubkey format, prompted by bz#2853 + + While I'm here, describe and link to the remaining local PROTOCOL.* + docs that weren't already mentioned (PROTOCOL.key, PROTOCOL.krl and + PROTOCOL.mux) + + OpenBSD-Commit-ID: 2a900f9b994ba4d53e7aeb467d44d75829fd1231 + +commit ef100a2c5a8ed83afac0b8f36520815803da227a +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Aug 10 00:27:15 2018 +0000 + + upstream: fix numbering + + OpenBSD-Commit-ID: bc7a1764dff23fa4c5ff0e3379c9c4d5b63c9596 + +commit ed7bd5d93fe14c7bd90febd29b858ea985d14d45 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Aug 8 01:16:01 2018 +0000 + + upstream: Use new private key format by default. This format is + + suported by OpenSSH >= 6.5 (released January 2014), so it should be supported + by most OpenSSH versions in active use. + + It is possible to convert new-format private keys to the older + format using "ssh-keygen -f /path/key -pm PEM". + + ok deraadt dtucker + + OpenBSD-Commit-ID: e3bd4f2509a2103bfa2f710733426af3ad6d8ab8 + +commit 967226a1bdde59ea137e8f0df871854ff7b91366 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Aug 4 00:55:06 2018 +0000 + + upstream: invalidate dh->priv_key after freeing it in error path; + + avoids unlikely double-free later. Reported by Viktor Dukhovni via + https://github.com/openssh/openssh-portable/pull/96 feedback jsing@ tb@ + + OpenBSD-Commit-ID: e317eb17c3e05500ae851f279ef6486f0457c805 + +commit 74287f5df9966a0648b4a68417451dd18f079ab8 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 31 03:10:27 2018 +0000 + + upstream: delay bailout for invalid authentic + + =?UTF-8?q?ating=20user=20until=20after=20the=20packet=20containing=20the?= + =?UTF-8?q?=20request=20has=20been=20fully=20parsed.=20Reported=20by=20Dar?= + =?UTF-8?q?iusz=20Tytko=20and=20Micha=C5=82=20Sajdak;=20ok=20deraadt?= + MIME-Version: 1.0 + Content-Type: text/plain; charset=UTF-8 + Content-Transfer-Encoding: 8bit + + OpenBSD-Commit-ID: b4891882fbe413f230fe8ac8a37349b03bd0b70d + +commit 1a66079c0669813306cc69e5776a4acd9fb49015 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 31 03:07:24 2018 +0000 + + upstream: fix some memory leaks spotted by Coverity via Jakub Jelen + + in bz#2366 feedback and ok dtucker@ + + OpenBSD-Commit-ID: 8402bbae67d578bedbadb0ce68ff7c5a136ef563 + +commit 87f08be054b7eeadbb9cdeb3fb4872be79ccf218 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 20 13:18:28 2018 +1000 + + Remove support for S/Key + + Most people will 1) be using modern multi-factor authentication methods + like TOTP/OATH etc and 2) be getting support for multi-factor + authentication via PAM or BSD Auth. + +commit 5d14019ba2ff54acbfd20a6b9b96bb860a8c7c31 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Fri Jul 27 12:03:17 2018 +0000 + + upstream: avoid expensive channel_open_message() calls; ok djm@ + + OpenBSD-Commit-ID: aea3b5512ad681cd8710367d743e8a753d4425d9 + +commit e655ee04a3cb7999dbf9641b25192353e2b69418 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Jul 27 05:34:42 2018 +0000 + + upstream: Now that ssh can't be setuid, remove the + + original_real_uid and original_effective_uid globals and replace with calls + to plain getuid(). ok djm@ + + OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c + +commit 73ddb25bae4c33a0db361ac13f2e3a60d7c6c4a5 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Jul 27 05:13:02 2018 +0000 + + upstream: Remove uid checks from low port binds. Now that ssh + + cannot be setuid and sshd always has privsep on, we can remove the uid checks + for low port binds and just let the system do the check. We leave a sanity + check for the !privsep case so long as the code is stil there. with & ok + djm@ + + OpenBSD-Commit-ID: 9535cfdbd1cd54486fdbedfaee44ce4367ec7ca0 + +commit c12033e102760d043bc5c98e6c8180e4d331b0df +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Jul 27 03:55:22 2018 +0000 + + upstream: ssh(1) no longer supports being setuid root. Remove reference + + to crc32 which went with protocol 1. Pointed out by deraadt@. + + OpenBSD-Commit-ID: f8763c25fd96ed91dd1abdab5667fd2e27e377b6 + +commit 4492e2ec4e1956a277ef507f51d66e5c2aafaaf8 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 27 14:15:28 2018 +1000 + + correct snprintf truncation check in closefrom() + + Truncation cannot happen unless the system has set PATH_MAX to some + nonsensically low value. + + bz#2862, patch from Daniel Le + +commit 149cab325a8599a003364ed833f878449c15f259 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Jul 27 13:46:06 2018 +1000 + + Include stdarg.h in mkdtemp for va_list. + +commit 6728f31bdfdc864d192773c32465b1860e23f556 +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Wed Jul 25 17:12:35 2018 +0000 + + upstream: Don't redefine Makefile choices which come correct from + + bsd.*.mk ok markus + + OpenBSD-Commit-ID: 814b2f670df75759e1581ecef530980b2b3d7e0f + +commit 21fd477a855753c1a8e450963669e28e39c3b5d2 +Author: deraadt@openbsd.org <deraadt@openbsd.org> +Date: Wed Jul 25 13:56:23 2018 +0000 + + upstream: fix indent; Clemens Goessnitzer + + OpenBSD-Commit-ID: b5149a6d92b264d35f879d24608087b254857a83 + +commit 8e433c2083db8664c41499ee146448ea7ebe7dbf +Author: beck@openbsd.org <beck@openbsd.org> +Date: Wed Jul 25 13:10:56 2018 +0000 + + upstream: Use the caller provided (copied) pwent struct in + + load_public_identity_files instead of calling getpwuid() again and discarding + the argument. This prevents a client crash where tilde_expand_filename calls + getpwuid() again before the pwent pointer is used. Issue noticed and reported + by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@ + + OpenBSD-Commit-ID: a067d74b5b098763736c94cc1368de8ea3f0b157 + +commit e2127abb105ae72b6fda64fff150e6b24b3f1317 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Mon Jul 23 19:53:55 2018 +0000 + + upstream: oops, failed to notice that SEE ALSO got messed up; + + OpenBSD-Commit-ID: 61c1306542cefdc6e59ac331751afe961557427d + +commit ddf1b797c2d26bbbc9d410aa4f484cbe94673587 +Author: kn@openbsd.org <kn@openbsd.org> +Date: Mon Jul 23 19:02:49 2018 +0000 + + upstream: Point to glob in section 7 for the actual list of special + + characters instead the C API in section 3. + + OK millert jmc nicm, "the right idea" deraadt + + OpenBSD-Commit-ID: a74fd215488c382809e4d041613aeba4a4b1ffc6 + +commit 01c98d9661d0ed6156e8602b650f72eed9fc4d12 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Sun Jul 22 12:16:59 2018 +0000 + + upstream: Switch authorized_keys example from ssh-dss to ssh-rsa + + since the former is no longer enabled by default. Pointed out by Daniel A. + Maierhofer, ok jmc + + OpenBSD-Commit-ID: 6a196cef53d7524e0c9b58cdbc1b5609debaf8c7 + +commit 472269f8fe19343971c2d08f504ab5cbb8234b33 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jul 20 05:01:10 2018 +0000 + + upstream: slightly-clearer description for AuthenticationMethods - the + + lists have comma-separated elements; bz#2663 from Hans Meier + + OpenBSD-Commit-ID: 931c983d0fde4764d0942fb2c2b5017635993b5a + +commit c59aca8adbdf7f5597084ad360a19bedb3f80970 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 20 14:53:42 2018 +1000 + + Create control sockets in clean temp directories + + Adds a regress/mkdtemp tool and uses it to create empty temp + directories for tests needing control sockets. + + Patch from Colin Watson via bz#2660; ok dtucker + +commit 6ad8648e83e4f4ace37b742a05c2a6b6b872514e +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jul 20 03:46:34 2018 +0000 + + upstream: remove unused zlib.h + + OpenBSD-Commit-ID: 8d274a9b467c7958df12668b49144056819f79f1 + +commit 3ba6e6883527fe517b6e4a824876e2fe62af22fc +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Thu Jul 19 23:03:16 2018 +0000 + + upstream: Fix typo in comment. From Alexandru Iacob via github. + + OpenBSD-Commit-ID: eff4ec07c6c8c5483533da43a4dda37d72ef7f1d + +commit c77bc73c91bc656e343a1961756e09dd1b170820 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Jul 20 13:48:51 2018 +1000 + + Explicitly include openssl before zlib. + + Some versions of OpenSSL have "free_func" in their headers, which zlib + typedefs. Including openssl after zlib (eg via sshkey.h) results in + "syntax error before `free_func'", which this fixes. + +commit 95d41e90eafcd1286a901e8e361e4a37b98aeb52 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Thu Jul 19 10:28:47 2018 +0000 + + upstream: Deprecate UsePrivilegedPort now that support for running + + ssh(1) setuid has been removed, remove supporting code and clean up + references to it in the man pages + + We have not shipped ssh(1) the setuid bit since 2002. If ayone + really needs to make connections from a low port number this can + be implemented via a small setuid ProxyCommand. + + ok markus@ jmc@ djm@ + + OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e + +commit 258dc8bb07dfb35a46e52b0822a2c5b7027df60a +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Wed Jul 18 11:34:04 2018 +0000 + + upstream: Remove support for running ssh(1) setuid and fatal if + + attempted. Do not link uidwap.c into ssh any more. Neuters + UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@ + djm@ + + OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42 + +commit ac590760b251506b0a152551abbf8e8d6dc2f527 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Mon Jul 16 22:25:01 2018 +0000 + + upstream: Slot 0 in the hostbased key array was previously RSA1, + + but that is now gone and the slot is unused so remove it. Remove two + now-unused macros, and add an array bounds check to the two remaining ones + (array is statically sized, so mostly a safety check on future changes). ok + markus@ + + OpenBSD-Commit-ID: 2e4c0ca6cc1d8daeccead2aa56192a3f9d5e1e7a + +commit 26efc2f5df0e3bcf6a6bbdd0506fd682d60c2145 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Mon Jul 16 11:05:41 2018 +0000 + + upstream: Remove support for loading HostBasedAuthentication keys + + directly in ssh(1) and always use ssh-keysign. This removes one of the few + remaining reasons why ssh(1) might be setuid. ok markus@ + + OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d + +commit 3eb7f1038d17af7aea3c2c62d1e30cd545607640 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jul 16 07:06:50 2018 +0000 + + upstream: keep options.identity_file_userprovided array in sync when we + + load keys, fixing some spurious error messages; ok markus + + OpenBSD-Commit-ID: c63e3d5200ee2cf9e35bda98de847302566c6a00 + +commit 2f131e1b34502aa19f345e89cabf6fa3fc097f09 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jul 16 03:09:59 2018 +0000 + + upstream: memleak in unittest; found by valgrind + + OpenBSD-Regress-ID: 168c23b0fb09fc3d0b438628990d3fd9260a8a5e + +commit de2997a4cf22ca0a524f0e5b451693c583e2fd89 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jul 16 03:09:13 2018 +0000 + + upstream: memleaks; found by valgrind + + OpenBSD-Commit-ID: 6c3ba22be53e753c899545f771e8399fc93cd844 + +commit 61cc0003eb37fa07603c969c12b7c795caa498f3 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Sat Jul 14 16:49:01 2018 +1000 + + Undef a few new macros in sys-queue.h. + + Prevents macro redefinition warnings on OSX. + +commit 30a2c213877a54a44dfdffb6ca8db70be5b457e0 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Jul 13 13:40:20 2018 +1000 + + Include unistd.h for geteuid declaration. + +commit 1dd32c23f2a85714dfafe2a9cc516971d187caa4 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Jul 13 13:38:10 2018 +1000 + + Fallout from buffer conversion in AUDIT_EVENTS. + + Supply missing "int r" and fix error path for sshbuf_new(). + +commit 7449c178e943e5c4f6c8416a4e41d93b70c11c9e +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jul 13 02:13:50 2018 +0000 + + upstream: make this use ssh_proxy rather than starting/stopping a + + daemon for each testcase + + OpenBSD-Regress-ID: 608b7655ea65b1ba8fff5a13ce9caa60ef0c8166 + +commit dbab02f9208d9baa134cec1d007054ec82b96ca9 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jul 13 02:13:19 2018 +0000 + + upstream: fix leaks in unit test; with this, all unit tests are + + leak free (as far as valgrind can spot anyway) + + OpenBSD-Regress-ID: b824d8b27998365379963440e5d18b95ca03aa17 + +commit 2f6accff5085eb79b0dbe262d8b85ed017d1a51c +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 13 11:39:25 2018 +1000 + + Enable leak checks for unit tests with valgrind + + Leave the leak checking on unconditionally when running with valgrind. + The unit tests are leak-free and I want them to stay that way. + +commit e46cfbd9db5e907b821bf4fd0184d4dab99815ee +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 13 11:38:59 2018 +1000 + + increase timeout to match cfgmatch.sh + + lets test pass under valgrind (on my workstation at least) + +commit 6aa1bf475cf3e7a2149acc5a1e80e904749f064c +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 12 14:54:18 2018 +1000 + + rm regress/misc/kexfuzz/*.o in distclean target + +commit eef1447ddb559c03725a23d4aa6d03f40e8b0049 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 12 14:49:26 2018 +1000 + + repair !WITH_OPENSSL build + +commit 4d3b2f36fd831941d1627ac587faae37b6d3570f +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 12 14:49:14 2018 +1000 + + missing headers + +commit 3f420a692b293921216549c1099c2e46ff284eae +Author: Darren Tucker <dtucker@dtucker.net> +Date: Thu Jul 12 14:57:46 2018 +1000 + + Remove key.h from portable files too. + + Commit 5467fbcb removed key.h so stop including it in portable files + too. Fixes builds on lots of platforms. + +commit e2c4af311543093f16005c10044f7e06af0426f0 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jul 12 04:35:25 2018 +0000 + + upstream: remove prototype to long-gone function + + OpenBSD-Commit-ID: 0414642ac7ce01d176b9f359091a66a8bbb640bd + +commit 394a842e60674bf8ee5130b9f15b01452a0b0285 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jul 11 18:55:11 2018 +0000 + + upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@ + + OpenBSD-Commit-ID: f88ba43c9d54ed2d911218aa8d3f6285430629c3 + +commit 5467fbcb09528ecdcb914f4f2452216c24796790 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jul 11 18:53:29 2018 +0000 + + upstream: remove legacy key emulation layer; ok djm@ + + OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d + +commit 5dc4c59d5441a19c99e7945779f7ec9051126c25 +Author: martijn@openbsd.org <martijn@openbsd.org> +Date: Wed Jul 11 08:19:35 2018 +0000 + + upstream: s/wuth/with/ in comment + + OpenBSD-Commit-ID: 9de41468afd75f54a7f47809d2ad664aa577902c + +commit 1c688801e9dd7f9889fb2a29bc2b6fbfbc35a11f +Author: Darren Tucker <dtucker@dtucker.net> +Date: Wed Jul 11 12:12:38 2018 +1000 + + Include stdlib.h for declaration of free. + + Fixes build with -Werror on at least Fedora and probably others. + +commit fccfa239def497615f92ed28acc57cfe63da3666 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 11 10:19:56 2018 +1000 + + VALGRIND_CHECK_LEAKS logic was backwards :( + +commit 416287d45fcde0a8e66eee8b99aa73bd58607588 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Wed Jul 11 10:10:26 2018 +1000 + + Fix sshbuf_new error path in skey. + +commit 7aab109b8b90a353c1af780524f1ac0d3af47bab +Author: Darren Tucker <dtucker@dtucker.net> +Date: Wed Jul 11 10:06:18 2018 +1000 + + Supply missing third arg in skey. + + During the change to the new buffer api the third arg to + sshbuf_get_cstring was ommitted. Fixes build when configured with skey. + +commit 380320bb72cc353a901790ab04b6287fd335dc4a +Author: Darren Tucker <dtucker@dtucker.net> +Date: Wed Jul 11 10:03:34 2018 +1000 + + Supply some more missing "int r" in skey + +commit d20720d373d8563ee737d1a45dc5e0804d622dbc +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 11 09:56:36 2018 +1000 + + disable valgrind memleak checking by default + + Add VALGRIND_CHECK_LEAKS knob to turn it back on. + +commit 79c9d35018f3a5e30ae437880b669aa8636cd3cd +Author: Darren Tucker <dtucker@dtucker.net> +Date: Wed Jul 11 09:54:00 2018 +1000 + + Supply missing "int r" in skey code. + +commit 984bacfaacbbe31c35191b828fb5b5b2f0362c36 +Author: sf@openbsd.org <sf@openbsd.org> +Date: Tue Jul 10 09:36:58 2018 +0000 + + upstream: re-remove some pre-auth compression bits + + This time, make sure to not remove things that are necessary for + pre-auth compression on the client. Add a comment that pre-auth + compression is still supported in the client. + + ok markus@ + + OpenBSD-Commit-ID: 282c6fec7201f18a5c333bbb68d9339734d2f784 + +commit 120a1ec74e8d9d29f4eb9a27972ddd22351ddef9 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jul 10 19:39:52 2018 +1000 + + Adapt portable to legacy buffer API removal + +commit 0f3958c1e6ffb8ea4ba27e2a97a00326fce23246 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 10 09:13:30 2018 +0000 + + upstream: kerberos/gssapi fixes for buffer removal + + OpenBSD-Commit-ID: 1cdf56fec95801e4563c47f21696f04cd8b60c4c + +commit c74ae8e7c45f325f3387abd48fa7dfef07a08069 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 10 06:45:29 2018 +0000 + + upstream: buffer.[ch] and bufaux.c are no more + + OpenBSD-Commit-ID: d1a1852284e554f39525eb4d4891b207cfb3d3a0 + +commit a881e5a133d661eca923fb0633a03152ab2b70b2 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 10 06:43:52 2018 +0000 + + upstream: one mention of Buffer that almost got away :) + + OpenBSD-Commit-ID: 30d7c27a90b4544ad5dfacf654595710cd499f02 + +commit 49f47e656b60bcd1d1db98d88105295f4b4e600d +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:59:10 2018 +0000 + + upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@ + + OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29 + +commit cb30cd47041edb03476be1c8ef7bc1f4b69d1555 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:56:06 2018 +0000 + + upstream: remove legacy buffer API emulation layer; ok djm@ + + OpenBSD-Commit-ID: 2dd5dc17cbc23195be4299fa93be2707a0e08ad9 + +commit 235c7c4e3bf046982c2d8242f30aacffa01073d1 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:53:45 2018 +0000 + + upstream: sshd: switch monitor to sshbuf API; lots of help & ok + + djm@ + + OpenBSD-Commit-ID: d89bd02d33974fd35ca0b8940d88572227b34a48 + +commit b8d9214d969775e409e1408ecdf0d58fad99b344 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:37:55 2018 +0000 + + upstream: sshd: switch GSSAPI to sshbuf API; ok djm@ + + OpenBSD-Commit-ID: e48449ab4be3f006f7ba33c66241b7d652973e30 + +commit c7d39ac8dc3587c5f05bdd5bcd098eb5c201c0c8 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:35:50 2018 +0000 + + upstream: sshd: switch authentication to sshbuf API; ok djm@ + + OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641 + +commit c3cb7790e9efb14ba74b2d9f543ad593b3d55b31 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:29:36 2018 +0000 + + upstream: sshd: switch config to sshbuf API; ok djm@ + + OpenBSD-Commit-ID: 72b02017bac7feac48c9dceff8355056bea300bd + +commit 2808d18ca47ad3d251836c555f0e22aaca03d15c +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:26:02 2018 +0000 + + upstream: sshd: switch loginmsg to sshbuf API; ok djm@ + + OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42 + +commit 89dd615b8b531979be63f05f9d5624367c9b28e6 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:20:26 2018 +0000 + + upstream: ttymodes: switch to sshbuf API; ok djm@ + + OpenBSD-Commit-ID: 5df340c5965e822c9da21e19579d08dea3cbe429 + +commit f4608a7065480516ab46214f554e5f853fb7870f +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:18:10 2018 +0000 + + upstream: client: switch mux to sshbuf API; with & ok djm@ + + OpenBSD-Commit-ID: 5948fb98d704f9c4e075b92edda64e0290b5feb2 + +commit cecee2d607099a7bba0a84803e2325d15be4277b +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 21:03:30 2018 +0000 + + upstream: client: switch to sshbuf API; ok djm@ + + OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05 + +commit ff55f4ad898137d4703e7a2bcc81167dfe8e9324 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Mon Jul 9 20:39:28 2018 +0000 + + upstream: pkcs11: switch to sshbuf API; ok djm@ + + OpenBSD-Commit-ID: 98cc4e800f1617c51caf59a6cb3006f14492db79 + +commit 168b46f405d6736960ba7930389eecb9b6710b7e +Author: sf@openbsd.org <sf@openbsd.org> +Date: Mon Jul 9 13:37:10 2018 +0000 + + upstream: Revert previous two commits + + It turns out we still support pre-auth compression on the client. + Therefore revert the previous two commits: + + date: 2018/07/06 09:06:14; author: sf; commitid: yZVYKIRtUZWD9CmE; + Rename COMP_DELAYED to COMP_ZLIB + + Only delayed compression is supported nowadays. + + ok markus@ + + date: 2018/07/06 09:05:01; author: sf; commitid: rEGuT5UgI9f6kddP; + Remove leftovers from pre-authentication compression + + Support for this has been removed in 2016. + COMP_DELAYED will be renamed in a later commit. + + ok markus@ + + OpenBSD-Commit-ID: cdfef526357e4e1483c86cf599491b2dafb77772 + +commit ab39267fa1243d02b6c330615539fc4b21e17dc4 +Author: sf@openbsd.org <sf@openbsd.org> +Date: Fri Jul 6 09:06:14 2018 +0000 + + upstream: Rename COMP_DELAYED to COMP_ZLIB + + Only delayed compression is supported nowadays. + + ok markus@ + + OpenBSD-Commit-ID: 5b1dbaf3d9a4085aaa10fec0b7a4364396561821 + +commit 95db395d2e56a6f868193aead6cadb2493f036c6 +Author: sf@openbsd.org <sf@openbsd.org> +Date: Fri Jul 6 09:05:01 2018 +0000 + + upstream: Remove leftovers from pre-authentication compression + + Support for this has been removed in 2016. + COMP_DELAYED will be renamed in a later commit. + + ok markus@ + + OpenBSD-Commit-ID: 6a99616c832627157113fcb0cf5a752daf2e6b58 + +commit f28a4d5cd24c4aa177e96b4f96957991e552cb70 +Author: sf@openbsd.org <sf@openbsd.org> +Date: Fri Jul 6 09:03:02 2018 +0000 + + upstream: Remove unused ssh_packet_start_compression() + + ok markus@ + + OpenBSD-Commit-ID: 9d34cf2f59aca5422021ae2857190578187dc2b4 + +commit 872517ddbb72deaff31d4760f28f2b0a1c16358f +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Jul 6 13:32:02 2018 +1000 + + Defer setting bufsiz in getdelim. + + Do not write to bufsiz until we are sure the malloc has succeeded, + in case any callers rely on it (which they shouldn't). ok djm@ + +commit 3deb56f7190a414dc264e21e087a934fa1847283 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Thu Jul 5 13:32:01 2018 +1000 + + Fix other callers of read_environment_file. + + read_environment_file recently gained an extra argument Some platform + specific code also calls it so add the argument to those too. Fixes + build on Solaris and AIX. + +commit 314908f451e6b2d4ccf6212ad246fa4619c721d3 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jul 4 13:51:45 2018 +0000 + + upstream: deal with API rename: match_filter_list() => + + match_filter_blacklist() + + OpenBSD-Regress-ID: 2da342be913efeb51806351af906fab01ba4367f + +commit 89f54cdf6b9cf1cf5528fd33897f1443913ddfb4 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jul 4 13:51:12 2018 +0000 + + upstream: exercise new expansion behaviour of + + PubkeyAcceptedKeyTypes and, by proxy, test kex_assemble_names() + + ok markus@ + + OpenBSD-Regress-ID: 292978902e14d5729aa87e492dd166c842f72736 + +commit 187633f24c71564e970681c8906df5a6017dcccf +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 3 13:53:26 2018 +0000 + + upstream: add a comment that could have saved me 45 minutes of wild + + goose chasing + + OpenBSD-Regress-ID: d469b29ffadd3402c090e21b792d627d46fa5297 + +commit 312d2f2861a2598ed08587cb6c45c0e98a85408f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jul 4 13:49:31 2018 +0000 + + upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA + + signature work - returns ability to add/remove/specify algorithms by + wildcard. + + Algorithm lists are now fully expanded when the server/client configs + are finalised, so errors are reported early and the config dumps + (e.g. "ssh -G ...") now list the actual algorithms selected. + + Clarify that, while wildcards are accepted in algorithm lists, they + aren't full pattern-lists that support negation. + + (lots of) feedback, ok markus@ + + OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207 + +commit 303af5803bd74bf05d375c04e1a83b40c30b2be5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 3 11:43:49 2018 +0000 + + upstream: some magic for RSA-SHA2 checks + + OpenBSD-Regress-ID: e5a9b11368ff6d86e7b25ad10ebe43359b471cd4 + +commit 7d68e262944c1fff1574600fe0e5e92ec8b398f5 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Jul 3 23:27:11 2018 +1000 + + depend + +commit b4d4eda633af433d20232cbf7e855ceac8b83fe5 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 3 13:20:25 2018 +0000 + + upstream: some finesse to fix RSA-SHA2 certificate authentication + + for certs hosted in ssh-agent + + OpenBSD-Commit-ID: e5fd5edd726137dda2d020e1cdebc464110a010f + +commit d78b75df4a57e0f92295f24298e5f2930e71c172 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 3 13:07:58 2018 +0000 + + upstream: check correct variable; unbreak agent keys + + OpenBSD-Commit-ID: c36981fdf1f3ce04966d3310826a3e1e6233d93e + +commit 2f30300c5e15929d0e34013f38d73e857f445e12 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 3 11:42:12 2018 +0000 + + upstream: crank version number to 7.8; needed for new compat flag + + for prior version; part of RSA-SHA2 strictification, ok markus@ + + OpenBSD-Commit-ID: 84a11fc0efd2674c050712336b5093f5d408e32b + +commit 4ba0d54794814ec0de1ec87987d0c3b89379b436 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 3 11:39:54 2018 +0000 + + upstream: Improve strictness and control over RSA-SHA2 signature + + In ssh, when an agent fails to return a RSA-SHA2 signature when + requested and falls back to RSA-SHA1 instead, retry the signature to + ensure that the public key algorithm sent in the SSH_MSG_USERAUTH + matches the one in the signature itself. + + In sshd, strictly enforce that the public key algorithm sent in the + SSH_MSG_USERAUTH message matches what appears in the signature. + + Make the sshd_config PubkeyAcceptedKeyTypes and + HostbasedAcceptedKeyTypes options control accepted signature algorithms + (previously they selected supported key types). This allows these + options to ban RSA-SHA1 in favour of RSA-SHA2. + + Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and + "rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures + with certificate keys. + + feedback and ok markus@ + + OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde + +commit 95344c257412b51199ead18d54eaed5bafb75617 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jul 3 10:59:35 2018 +0000 + + upstream: allow sshd_config PermitUserEnvironment to accept a + + pattern-list of whitelisted environment variable names in addition to yes|no. + + bz#1800, feedback and ok markus@ + + OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24 + +commit 6f56fe4b9578b0627667f8bce69d4d938a88324c +Author: millert@openbsd.org <millert@openbsd.org> +Date: Tue Jun 26 11:23:59 2018 +0000 + + upstream: Fix "WARNING: line 6 disappeared in /etc/moduli, giving up" + + when choosing a prime. An extra increment of linenum snuck in as part of the + conversion to getline(). OK djm@ markus@ + + OpenBSD-Commit-ID: 0019225cb52ed621b71cd9f19ee2e78e57e3dd38 + +commit 1eee79a11c1b3594f055b01e387c49c9a6e80005 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Mon Jul 2 14:13:30 2018 +0000 + + upstream: One ampersand is enough to backgroud an process. OpenBSD + + doesn't seem to mind, but some platforms in -portable object to the second. + + OpenBSD-Regress-ID: d6c3e404871764343761dc25c3bbe29c2621ff74 + +commit 6301e6c787d4e26bfae1119ab4f747bbcaa94e44 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Mon Jul 2 21:16:58 2018 +1000 + + Add implementation of getline. + + Add getline for the benefit of platforms that don't have it. Sourced + from NetBSD (OpenBSD's implementation is a little too chummy with the + internals of FILE). + +commit 84623e0037628f9992839063151f7a9f5f13099a +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jun 26 02:02:36 2018 +0000 + + upstream: whitespace + + OpenBSD-Commit-ID: 9276951caf4daf555f6d262e95720e7f79244572 + +commit 90e51d672711c19a36573be1785caf35019ae7a8 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Jun 25 22:28:33 2018 +0000 + + upstream: fix NULL dereference in open_listen_match_tcpip() + + OpenBSD-Commit-ID: c968c1d29e392352383c0f9681fcc1e93620c4a9 + +commit f535ff922a67d9fcc5ee69d060d1b21c8bb01d14 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Tue Jun 19 05:36:57 2018 +0000 + + upstream: spelling; + + OpenBSD-Commit-ID: db542918185243bea17202383a581851736553cc + +commit 80e199d6175904152aafc5c297096c3e18297691 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jun 19 03:02:17 2018 +0000 + + upstream: test PermitListen with bare port numbers + + OpenBSD-Regress-ID: 4b50a02dfb0ccaca08247f3877c444126ba901b3 + +commit 87ddd676da0f3abd08b778b12b53b91b670dc93c +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Jun 19 02:59:41 2018 +0000 + + upstream: allow bare port numbers to appear in PermitListen directives, + + e.g. + + PermitListen 2222 8080 + + is equivalent to: + + PermitListen *:2222 *:8080 + + Some bonus manpage improvements, mostly from markus@ + + "looks fine" markus@ + + OpenBSD-Commit-ID: 6546b0cc5aab7f53d65ad0a348ca0ae591d6dd24 + +commit 26f96ca10ad0ec5da9b05b99de1e1ccea15a11be +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 15 07:01:11 2018 +0000 + + upstream: invalidate supplemental group cache used by + + temporarily_use_uid() when the target uid differs; could cause failure to + read authorized_keys under some configurations. patch by Jakub Jelen via + bz2873; ok dtucker, markus + + OpenBSD-Commit-ID: 48a345f0ee90f6c465a078eb5e89566b23abd8a1 + +commit 89a85d724765b6b82e0135ee5a1181fdcccea9c6 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sun Jun 10 23:45:41 2018 +0000 + + upstream: unbreak SendEnv; patch from tb@ + + OpenBSD-Commit-ID: fc808daced813242563b80976e1478de95940056 + +commit acf4260f0951f89c64e1ebbc4c92f451768871ad +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Sat Jun 9 06:36:31 2018 +0000 + + upstream: sort previous; + + OpenBSD-Commit-ID: 27d80d8b8ca99bc33971dee905e8ffd0053ec411 + +commit 1678d4236451060b735cb242d2e26e1ac99f0947 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Jun 9 03:18:11 2018 +0000 + + upstream: slightly better wording re handing of $TERM, from Jakub + + Jelen via bz2386 + + OpenBSD-Commit-ID: 14bea3f069a93c8be66a7b97794255a91fece964 + +commit 28013759f09ed3ebf7e8335e83a62936bd7a7f47 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Jun 9 03:03:10 2018 +0000 + + upstream: add a SetEnv directive for sshd_config to allow an + + administrator to explicitly specify environment variables set in sessions + started by sshd. These override the default environment and any variables set + by user configuration (PermitUserEnvironment, etc), but not the SSH_* + variables set by sshd itself. + + ok markus@ + + OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0 + +commit 7082bb58a2eb878d23ec674587c742e5e9673c36 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Jun 9 03:01:12 2018 +0000 + + upstream: add a SetEnv directive to ssh_config that allows setting + + environment variables for the remote session (subject to the server accepting + them) + + refactor SendEnv to remove the arbitrary limit of variable names. + + ok markus@ + + OpenBSD-Commit-ID: cfbb00d9b0e10c1ffff1d83424351fd961d1f2be + +commit 3b9798bda15bd3f598f5ef07595d64e23504da91 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Jun 9 02:58:02 2018 +0000 + + upstream: reorder child environment preparation so that variables + + read from ~/.ssh/environment (if enabled) do not override SSH_* variables set + by the server. + + OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a + +commit 0368889f82f63c82ff8db9f8c944d89e7c657db4 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 8 03:35:36 2018 +0000 + + upstream: fix incorrect expansion of %i in + + load_public_identity_files(); reported by Roumen Petrov + + OpenBSD-Commit-ID: a827289e77149b5e0850d72a350c8b0300e7ef25 + +commit 027607fc2db6a0475a3380f8d95c635482714cb0 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 8 01:55:40 2018 +0000 + + upstream: fix some over-long lines and __func__ up some debug + + messages + + OpenBSD-Commit-ID: c70a60b4c8207d9f242fc2351941ba50916bb267 + +commit 6ff6fda705bc204456a5fa12518dde6e8790bb02 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Thu Jun 7 11:26:14 2018 +0000 + + upstream: tweak previous; + + OpenBSD-Commit-ID: f98f16af10b28e24bcecb806cb71ea994b648fd6 + +commit f2c06ab8dd90582030991f631a2715216bf45e5a +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Jun 8 17:43:36 2018 +1000 + + Remove ability to override $LD. + + Since autoconf always uses $CC to link C programs, allowing users to + override LD caused mismatches between what LD_LINK_IFELSE thought worked + and what ld thought worked. If you do need to do this kind of thing you + need to set a compiler flag such as gcc's -fuse-ld in LDFLAGS. + +commit e1542a80797b4ea40a91d2896efdcc76a57056d2 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Jun 8 13:55:59 2018 +1000 + + Better detection of unsupported compiler options. + + Should prevent "unsupported -Wl,-z,retpoline" warnings during linking. + ok djm@ + +commit 57379dbd013ad32ee3f9989bf5f5741065428360 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jun 7 14:29:43 2018 +0000 + + upstream: test the correct configuration option name + + OpenBSD-Regress-ID: 492279ea9f65657f97a970e0e7c7fd0b339fee23 + +commit 6d41815e202fbd6182c79780b6cc90e1ec1c9981 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jun 7 09:26:42 2018 +0000 + + upstream: some permitlisten fixes from markus@ that I missed in my + + insomnia-fueled commits last night + + OpenBSD-Commit-ID: 26f23622e928996086e85b1419cc1c0f136e359c + +commit 4319f7a868d86d435fa07112fcb6153895d03a7f +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jun 7 04:46:34 2018 +0000 + + upstream: permitlisten/PermitListen unit test from Markus + + OpenBSD-Regress-ID: ab12eb42f0e14926980441cf7c058a6d1d832ea5 + +commit fa09076410ffc2d34d454145af23c790d728921e +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Jun 7 04:31:51 2018 +0000 + + upstream: fix regression caused by recent permitlisten option commit: + + authorized_keys lines that contained permitopen/permitlisten were being + treated as invalid. + + OpenBSD-Commit-ID: 7ef41d63a5a477b405d142dc925b67d9e7aaa31b + +commit 7f90635216851f6cb4bf3999e98b825f85d604f8 +Author: markus@openbsd.org <markus@openbsd.org> +Date: Wed Jun 6 18:29:18 2018 +0000 + + upstream: switch config file parsing to getline(3) as this avoids + + static limits noted by gerhard@; ok dtucker@, djm@ + + OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c + +commit 392db2bc83215986a91c0b65feb0e40e7619ce7e +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jun 6 18:25:33 2018 +0000 + + upstream: regress test for PermitOpen + + OpenBSD-Regress-ID: ce8b5f28fc039f09bb297fc4a92319e65982ddaf + +commit 803d896ef30758135e2f438bdd1a0be27989e018 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jun 6 18:24:15 2018 +0000 + + upstream: man bits for permitlisten authorized_keys option + + OpenBSD-Commit-ID: 86910af8f781a4ac5980fea125442eb25466dd78 + +commit 04df43208b5b460d7360e1598f876b92a32f5922 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jun 6 18:24:00 2018 +0000 + + upstream: man bits for PermitListen + + OpenBSD-Commit-ID: 35b200cba4e46a16a4db6a80ef11838ab0fad67c + +commit 93c06ab6b77514e0447fe4f1d822afcbb2a9be08 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jun 6 18:23:32 2018 +0000 + + upstream: permitlisten option for authorized_keys; ok markus@ + + OpenBSD-Commit-ID: 8650883018d7aa893173d703379e4456a222c672 + +commit 115063a6647007286cc8ca70abfd2a7585f26ccc +Author: djm@openbsd.org <djm@openbsd.org> +Date: Wed Jun 6 18:22:41 2018 +0000 + + upstream: Add a PermitListen directive to control which server-side + + addresses may be listened on when the client requests remote forwarding (ssh + -R). + + This is the converse of the existing PermitOpen directive and this + includes some refactoring to share much of its implementation. + + feedback and ok markus@ + + OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f + +commit 7703ae5f5d42eb302ded51705166ff6e19c92892 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Wed Jun 6 16:04:29 2018 +1000 + + Use ssh-keygen -A to generate missing host keys. + + Instead of testing for each specific key type, use ssh-keygen -A to + generate any missing host key types. + +commit e8d59fef1098e24f408248dc64e5c8efa5d01f3c +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Fri Jun 1 06:23:10 2018 +0000 + + upstream: add missing punctuation after %i in ssh_config.5, and + + make the grammatical format in sshd_config.5 match that in ssh_config.5; + + OpenBSD-Commit-ID: e325663b9342f3d556e223e5306e0d5fa1a74fa0 + +commit a1f737d6a99314e291a87856122cb4dbaf64c641 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Fri Jun 1 05:52:26 2018 +0000 + + upstream: oops - further adjustment to text neccessary; + + OpenBSD-Commit-ID: 23585576c807743112ab956be0fb3c786bdef025 + +commit 294028493471e0bd0c7ffe55dc0c0a67cba6ec41 +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Fri Jun 1 05:50:18 2018 +0000 + + upstream: %U needs to be escaped; tweak text; + + OpenBSD-Commit-ID: 30887b73ece257273fb619ab6f4e86dc92ddc15e + +commit e5019da3c5a31e6e729a565f2b886a80c4be96cc +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Jun 1 04:31:48 2018 +0000 + + upstream: Apply umask to all incoming files and directories not + + just files. This makes sure it gets applied to directories too, and prevents + a race where files get chmodded after creation. bz#2839, ok djm@ + + OpenBSD-Commit-ID: 3168ee6c7c39093adac4fd71039600cfa296203b + +commit a1dcafc41c376332493b9385ee39f9754dc145ec +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 1 03:52:37 2018 +0000 + + upstream: Adapt to extra default verboisity from ssh-keygen when + + searching for and hashing known_hosts entries in a single operation + (ssh-keygen -HF ...) Patch from Anton Kremenetsky + + OpenBSD-Regress-ID: 519585a4de35c4611285bd6a7272766c229b19dd + +commit 76f314c75dffd4a55839d50ee23622edad52c168 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue May 22 00:22:49 2018 +0000 + + upstream: Add TEST_SSH_FAIL_FATAL variable, to force all failures + + to instantly abort the test. Useful in capturing clean logs for individual + failure cases. + + OpenBSD-Regress-ID: feba18cf338c2328b9601bd4093cabdd9baa3af1 + +commit 065c8c055df8d83ae7c92e5e524a579d87668aab +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri May 11 03:51:06 2018 +0000 + + upstream: Clean up comment. + + OpenBSD-Regress-ID: 6adb35f384d447e7dcb9f170d4f0d546d3973e10 + +commit 01b048c8eba3b021701bd0ab26257fc82903cba8 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 1 04:21:29 2018 +0000 + + upstream: whitespace + + OpenBSD-Commit-ID: e5edb5e843ddc9b73a8e46518899be41d5709add + +commit 854ae209f992465a276de0b5f10ef770510c2418 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 1 04:05:29 2018 +0000 + + upstream: make ssh_remote_ipaddr() capable of being called after + + the ssh->state has been torn down; bz#2773 + + OpenBSD-Commit-ID: 167f12523613ca3d16d7716a690e7afa307dc7eb + +commit 3e088aaf236ef35beeef3c9be93fd53700df5861 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 1 03:51:34 2018 +0000 + + upstream: return correct exit code when searching for and hashing + + known_hosts entries in a single operation (ssh-keygen -HF hostname); bz2772 + Report and fix from Anton Kremenetsky + + OpenBSD-Commit-ID: ac10ca13eb9bb0bc50fcd42ad11c56c317437b58 + +commit 9c935dd9bf05628826ad2495d3e8bdf3d3271c21 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 1 03:33:53 2018 +0000 + + upstream: make UID available as a %-expansion everywhere that the + + username is available currently. In the client this is via %i, in the server + %U (since %i was already used in the client in some places for this, but used + for something different in the server); bz#2870, ok dtucker@ + + OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95 + +commit d8748b91d1d6c108c0c260ed41fa55f37b9ef34b +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Jun 1 03:11:49 2018 +0000 + + upstream: prefer argv0 to "ssh" when re-executing ssh for ProxyJump + + directive; bz2831, feedback and ok dtucker@ + + OpenBSD-Commit-ID: 3cec709a131499fbb0c1ea8a0a9e0b0915ce769e + +commit fbb4b5fd4f8e0bb89732670a01954e18b69e15ba +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri May 25 07:11:01 2018 +0000 + + upstream: Do not ban PTY allocation when a sshd session is restricted + + because the user password is expired as it breaks password change dialog. + + regression in openssh-7.7 reported by Daniel Wagner + + OpenBSD-Commit-ID: 9fc09c584c6f1964b00595e3abe7f83db4d90d73 + +commit f6a59a22b0c157c4c4e5fd7232f868138223be64 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri May 25 04:25:46 2018 +0000 + + upstream: Fix return value confusion in several functions (readdir, + + download and fsync). These should return -1 on error, not a sftp status code. + + patch from Petr Cerny in bz#2871 + + OpenBSD-Commit-ID: 651aa0220ad23c9167d9297a436162d741f97a09 + +commit 1da5934b860ac0378d52d3035b22b6670f6a967e +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri May 25 03:20:59 2018 +0000 + + upstream: If select() fails in ssh_packet_read_seqnr go directly to + + the error path instead of trying to read from the socket on the way out, + which resets errno and causes the true error to be misreported. ok djm@ + + OpenBSD-Commit-ID: 2614edaadbd05a957aa977728aa7a030af7c6f0a + +commit 4ef75926ef517d539f2c7aac3188b09f315c86a7 +Author: Damien Miller <djm@mindrot.org> +Date: Fri May 25 13:36:58 2018 +1000 + + Permit getuid()/geteuid() syscalls. + + Requested for Linux/s390; patch from Eduardo Barretto via bz#2752; + ok dtucker + +commit 4b22fd8ecefd059a66140be67f352eb6145a9d88 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue May 22 00:13:26 2018 +0000 + + upstream: support ProxyJump=none to disable ProxyJump + + functionality; bz#2869 ok dtucker@ + + OpenBSD-Commit-ID: 1c06ee08eb78451b5837fcfd8cbebc5ff3a67a01 + +commit f41bcd70f55b4f0fc4d8e1039cb361ac922b23fb +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Tue May 15 05:40:11 2018 +0000 + + upstream: correct keyowrd name (permitemptypasswords); from brendan + + macdonell + + OpenBSD-Commit-ID: ef1bdbc936b2ea693ee37a4c20a94d4d43f5fda3 + +commit f18bc97151340127859634d20d79fd39ec8a7f39 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri May 11 04:01:11 2018 +0000 + + upstream: Emphasise that -w implicitly sets Tunnel=point-to-point + + and that users should specify an explicit Tunnel directive if they don't want + this. bz#2365. + + OpenBSD-Commit-ID: 1a8d9c67ae213ead180481900dbbb3e04864560d + +commit 32e4e94e1511fe0020fbfbb62399d31b2d22a801 +Author: Damien Miller <djm@mindrot.org> +Date: Mon May 14 14:40:08 2018 +1000 + + sync fmt_scaled.c + + revision 1.17 + date: 2018/05/14 04:39:04; author: djm; state: Exp; lines: +5 -2; + commitid: 53zY8GjViUBnWo8Z; + constrain fractional part to [0-9] (less confusing to static analysis); ok ian@ + +commit 54268d589e85ecc43d3eba8d83f327bdada9d696 +Author: Damien Miller <djm@mindrot.org> +Date: Fri May 11 14:04:40 2018 +1000 + + fix key-options.sh on platforms without openpty(3) + + Skip the pty tests if the platform lacks openpty(3) and has to chown(2) + the pty device explicitly. This typically requires root permissions that + this test lacks. + + bz#2856 ok dtucker@ + +commit b2140a739be4c3b43cc1dc08322dca39a1e39d20 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri May 11 03:38:51 2018 +0000 + + upstream: implement EMFILE mitigation for ssh-agent: remember the + + fd rlimit and stop accepting new connections when it is exceeded (with some + grace). Accept is resumed when enough connections are closed. + + bz#2576. feedback deraadt; ok dtucker@ + + OpenBSD-Commit-ID: 6a85d9cec7b85741961e7116a49f8dae777911ea + +commit fdba503fdfc647ee8a244002f1581e869c1f3d90 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri May 11 03:22:55 2018 +0000 + + upstream: Explicit cast when snprintf'ing an uint64. Prevents + + warnings on platforms where int64 is long not long long. ok djm@ + + OpenBSD-Commit-ID: 9c5359e2fbfce11dea2d93f7bc257e84419bd001 + +commit e7751aa4094d51a9bc00778aa8d07e22934c55ee +Author: bluhm@openbsd.org <bluhm@openbsd.org> +Date: Thu Apr 26 14:47:03 2018 +0000 + + upstream: Since the previous commit, ssh regress test sftp-chroot was + + failing. The sftp program terminated with the wrong exit code as sftp called + fatal() instad of exit(0). So when the sigchld handler waits for the child, + remember that it was found. Then don't expect that main() can wait again. OK + dtucker@ + + OpenBSD-Commit-ID: bfafd940c0de5297940c71ddf362053db0232266 + +commit 7c15301841e2e9d37cae732400de63ae9c0961d6 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Sun Apr 29 17:54:12 2018 +1000 + + Use includes.h instead of config.h. + + This ensures it picks up the definition of DEF_WEAK, the lack of which + can cause compile errors in some cases (eg modern AIX). From + michael at felt.demon.nl. + +commit cec338967a666b7c8ad8b88175f2faeddf268116 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Thu Apr 19 09:53:14 2018 +1000 + + Omit 3des-cbc if OpenSSL built without DES. + + Patch from hongxu.jia at windriver.com, ok djm@ + +commit a575ddd58835759393d2dddd16ebe5abdb56485e +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Apr 16 22:50:44 2018 +0000 + + upstream: Disable SSH2_MSG_DEBUG messages for Twisted Conch clients + + without version numbers since they choke on them under some circumstances. + https://twistedmatrix.com/trac/ticket/9422 via Colin Watson + + Newer Conch versions have a version number in their ident string and + handle debug messages okay. https://twistedmatrix.com/trac/ticket/9424 + + OpenBSD-Commit-ID: 6cf7be262af0419c58ddae11324d9c0dc1577539 + +commit 390c7000a8946db565b66eab9e52fb11948711fa +Author: djm@openbsd.org <djm@openbsd.org> +Date: Sat Apr 14 21:50:41 2018 +0000 + + upstream: don't free the %C expansion, it's used later for + + LocalCommand + + OpenBSD-Commit-ID: 857b5cb37b2d856bfdfce61289a415257a487fb1 + +commit 3455f1e7c48e2e549192998d330214975b9b1dc7 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Apr 13 05:04:12 2018 +0000 + + upstream: notify user immediately when underlying ssh process dies; + + patch from Thomas Kuthan in bz2719; ok dtucker@ + + OpenBSD-Commit-ID: 78fac88c2f08054d1fc5162c43c24162b131cf78 + +commit 1c5b4bc827f4abc3e65888cda061ad5edf1b8c7c +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Apr 13 16:23:57 2018 +1000 + + Allow nanosleep in preauth privsep child. + + The new timing attack mitigation code uses nanosleep in the preauth + codepath, allow in systrace andbox too. + +commit 0e73428038d5ecfa5d2a28cff26661502a7aff4e +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Apr 13 16:06:29 2018 +1000 + + Allow nanosleep in preauth privsep child. + + The new timing attack mitigation code uses nanosleep in the preauth + codepath, allow in sandbox. + +commit e9d910b0289c820852f7afa67f584cef1c05fe95 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Apr 13 03:57:26 2018 +0000 + + upstream: Defend against user enumeration timing attacks. This + + establishes a minimum time for each failed authentication attempt (5ms) and + adds a per-user constant derived from a host secret (0-4ms). Based on work + by joona.kannisto at tut.fi, ok markus@ djm@. + + OpenBSD-Commit-ID: b7845b355bb7381703339c8fb0e57e81a20ae5ca + +commit d97874cbd909eb706886cd0cdd418f812c119ef9 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Apr 13 13:43:55 2018 +1000 + + Using "==" in shell tests is not portable. + + Patch from rsbecker at nexbridge.com. + +commit cfb1d9bc76734681e3dea532a1504fcd466fbe91 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Apr 13 13:38:06 2018 +1000 + + Fix tunnel forwarding broken in 7.7p1 + + bz2855, ok dtucker@ + +commit afa6e79b76fb52a0c09a29688b5c0d125eb08302 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Apr 13 13:31:42 2018 +1000 + + prefer to use getrandom() for PRNG seeding + + Only applies when built --without-openssl. Thanks Jann Horn for + reminder. + +commit 575fac34a97f69bc217b235f81de9f8f433eceed +Author: Darren Tucker <dtucker@dtucker.net> +Date: Fri Apr 13 13:13:33 2018 +1000 + + Revert $REGRESSTMP changes. + + Revert 3fd2d229 and subsequent changes as they turned out to be a + portability hassle. + +commit 10479cc2a4acd6faaf643eb305233b49d70c31c1 +Author: Damien Miller <djm@mindrot.org> +Date: Tue Apr 10 10:19:02 2018 +1000 + + Many typo fixes from Karsten Weiss + + Spotted using https://github.com/lucasdemarchi/codespell + +commit 907da2f88519b34189fd03fac96de0c52d448233 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Apr 10 00:14:10 2018 +0000 + + upstream: more typos spotted by Karsten Weiss using codespell + + OpenBSD-Regress-ID: d906a2aea0663810a658b7d0bc61a1d2907d4d69 + +commit 37e5f4a7ab9a8026e5fc2f47dafb0f1b123d39e9 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Apr 10 00:13:27 2018 +0000 + + upstream: make this a bit more portable-friendly + + OpenBSD-Regress-ID: 62f7b9e055e8dfaab92b3825f158beeb4ca3f963 + +commit 001aa55484852370488786bd40e9fdad4b465811 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Tue Apr 10 00:10:49 2018 +0000 + + upstream: lots of typos in comments/docs. Patch from Karsten Weiss + + after checking with codespell tool + (https://github.com/lucasdemarchi/codespell) + + OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528 + +commit 260ede2787fe80b18b8d5920455b4fb268519c7d +Author: djm@openbsd.org <djm@openbsd.org> +Date: Mon Apr 9 23:54:49 2018 +0000 + + upstream: don't kill ssh-agent's listening socket entriely if we + + fail to accept a connection; bz#2837, patch from Lukas Kuster + + OpenBSD-Commit-ID: 52413f5069179bebf30d38f524afe1a2133c738f + +commit ebc8b4656f9b0f834a642a9fb3c9fbca86a61838 +Author: tj@openbsd.org <tj@openbsd.org> +Date: Mon Apr 9 20:41:22 2018 +0000 + + upstream: the UseLogin option was removed, so remove it here too. + + ok dtucker + + OpenBSD-Commit-ID: 7080be73a64d68e21f22f5408a67a0ba8b1b6b06 + +commit 3e36f281851fc8e9c996b33f108b2ae167314fbe +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Sun Apr 8 07:36:02 2018 +0000 + + upstream: tweak previous; + + OpenBSD-Commit-ID: 2b9c23022ea7b9dddb62864de4e906000f9d7474 + +commit 8368571efd6693c5c57f850e23a2372acf3f865f +Author: jmc@openbsd.org <jmc@openbsd.org> +Date: Sat Apr 7 13:50:10 2018 +0000 + + upstream: tweak previous; + + OpenBSD-Commit-ID: 38e347b6f8e888f5e0700d01abb1eba7caa154f9 + +commit 555294a7279914ae6795b71bedf4e6011b7636df +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Apr 6 13:02:39 2018 +0000 + + upstream: Allow "SendEnv -PATTERN" to clear environment variables + + previously labeled for sendind. bz#1285 ok dtucker@ + + OpenBSD-Commit-ID: f6fec9e3d0f366f15903094fbe1754cb359a0df9 + +commit 40f5f03544a07ebd2003b443d42e85cb51d94d59 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Apr 6 04:15:45 2018 +0000 + + upstream: relax checking of authorized_keys environment="..." + + options to allow underscores in variable names (regression introduced in + 7.7). bz2851, ok deraadt@ + + OpenBSD-Commit-ID: 69690ffe0c97ff393f2c76d25b4b3d2ed4e4ac9c + +commit 30fd7f9af0f553aaa2eeda5a1f53f26cfc222b5e +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Apr 6 03:51:27 2018 +0000 + + upstream: add a couple of missed options to the config dump; patch + + from Jakub Jelen via bz2835 + + OpenBSD-Commit-ID: 5970adadf6ef206bee0dddfc75d24c2019861446 + +commit 8d6829be324452d2acd282d5f8ceb0adaa89a4de +Author: djm@openbsd.org <djm@openbsd.org> +Date: Fri Apr 6 03:34:27 2018 +0000 + + upstream: ssh does not accept -oInclude=... on the commandline, the + + Include keyword is for configuration files only. bz#2840, patch from Jakub + Jelen + + OpenBSD-Commit-ID: 32d052b4a7a7f22df35fe3f71c368c02b02cacb0 + +commit 00c5222ddc0c8edcaa4ea45ac03befdc8013d137 +Author: djm@openbsd.org <djm@openbsd.org> +Date: Thu Apr 5 22:54:28 2018 +0000 + + upstream: We don't offer CBC cipher by default any more. Spotted by + + Renaud Allard (via otto@) + + OpenBSD-Commit-ID: a559b1eef741557dd959ae378b665a2977d92dca + +commit 5ee8448ad7c306f05a9f56769f95336a8269f379 +Author: job@openbsd.org <job@openbsd.org> +Date: Wed Apr 4 15:12:17 2018 +0000 + + upstream: Update default IPQoS in ssh(1), sshd(8) to DSCP AF21 for + + interactive and CS1 for bulk + + AF21 was selected as this is the highest priority within the low-latency + service class (and it is higher than what we have today). SSH is elastic + and time-sensitive data, where a user is waiting for a response via the + network in order to continue with a task at hand. As such, these flows + should be considered foreground traffic, with delays or drops to such + traffic directly impacting user-productivity. + + For bulk SSH traffic, the CS1 "Lower Effort" marker was chosen to enable + networks implementing a scavanger/lower-than-best effort class to + discriminate scp(1) below normal activities, such as web surfing. In + general this type of bulk SSH traffic is a background activity. + + An advantage of using "AF21" for interactive SSH and "CS1" for bulk SSH + is that they are recognisable values on all common platforms (IANA + https://www.iana.org/assignments/dscp-registry/dscp-registry.xml), and + for AF21 specifically a definition of the intended behavior exists + https://tools.ietf.org/html/rfc4594#section-4.7 in addition to the definition + of the Assured Forwarding PHB group https://tools.ietf.org/html/rfc2597, and + for CS1 (Lower Effort) there is https://tools.ietf.org/html/rfc3662 + + The first three bits of "AF21" map to the equivalent IEEEE 802.1D PCP, IEEE + 802.11e, MPLS EXP/CoS and IP Precedence value of 2 (also known as "Immediate", + or "AC_BE"), and CS1's first 3 bits map to IEEEE 802.1D PCP, IEEE 802.11e, + MPLS/CoS and IP Precedence value 1 ("Background" or "AC_BK"). + + OK deraadt@, "no objection" djm@ + + OpenBSD-Commit-ID: d11d2a4484f461524ef0c20870523dfcdeb52181 + +commit 424b544fbda963f973da80f884717c3e0a513288 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Tue Apr 3 02:14:08 2018 +0000 + + upstream: Import regenerated moduli file. + + OpenBSD-Commit-ID: 1de0e85522051eb2ffa00437e1885e9d7b3e0c2e + +commit 323f66ce934df2da551f256f37d69822428e1ca1 +Author: dtucker@openbsd.org <dtucker@openbsd.org> +Date: Fri Apr 6 04:18:35 2018 +0000 + + upstream: Add test for username options parsing order, prompted by + + bz#2849. + + OpenBSD-Regress-ID: 6985cd32f38596882a3ac172ff8c510693b65283 + +commit e8f474554e3bda102a797a2fbab0594ccc66f097 +Author: Damien Miller <djm@mindrot.org> +Date: Fri Apr 6 14:11:44 2018 +1000 + + Expose SSH_AUTH_INFO_0 to PAM auth modules + + bz#2408, patch from Radoslaw Ejsmont; ok dtucker@ + +commit 014ba209cf4c6a159baa30ecebbaddfa97da7100 +Author: Darren Tucker <dtucker@dtucker.net> +Date: Tue Apr 3 12:18:00 2018 +1000 + + Import regenerated moduli file. + commit a0349a1cc4a18967ad1dbff5389bcdf9da098814 Author: Damien Miller <djm@mindrot.org> Date: Mon Apr 2 15:38:28 2018 +1000 @@ -7876,1923 +9739,3 @@ Date: Tue Aug 23 08:17:42 2016 +0000 in addr_match_list() Upstream-ID: 07c3d53e357214153d9d08f234411e0d1a3d6f5c - -commit a39627134f6d90e7009eeb14e9582ecbc7a99192 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Aug 23 06:36:23 2016 +0000 - - upstream commit - - remove Protocol directive from client/server configs that - causes spammy deprecation warnings - - hardcode SSH_PROTOCOLS=2, since that's all we support on the server - now (the client still may support both, so it could get confused) - - Upstream-Regress-ID: c16662c631af51633f9fd06aca552a70535de181 - -commit 6ee4f1c01ee31e65245881d49d4bccf014956066 -Author: Damien Miller <djm@mindrot.org> -Date: Tue Aug 23 16:33:48 2016 +1000 - - hook match and utf8 unittests up to Makefile - -commit 114efe2bc0dd2842d997940a833f115e6fc04854 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Aug 19 06:44:13 2016 +0000 - - upstream commit - - add tests for matching functions - - Upstream-Regress-ID: 0869d4f5c5d627c583c6a929d69c17d5dd65882c - -commit 857568d2ac81c14bcfd625b27536c1e28c992b3c -Author: Damien Miller <djm@mindrot.org> -Date: Tue Aug 23 14:32:37 2016 +1000 - - removing UseLogin bits from configure.ac - -commit cc182d01cef8ca35a1d25ea9bf4e2ff72e588208 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Aug 23 03:24:10 2016 +0000 - - upstream commit - - fix negated address matching where the address list - consists of a single negated match, e.g. "Match addr !192.20.0.1" - - Report and patch from Jakub Jelen. bz#2397 ok dtucker@ - - Upstream-ID: 01dcac3f3e6ca47518cf293e31c73597a4bb40d8 - -commit 4067ec8a4c64ccf16250c35ff577b4422767da64 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Aug 23 03:22:49 2016 +0000 - - upstream commit - - fix matching for pattern lists that contain a single - negated match, e.g. "Host !example" - - report and patch from Robin Becker. bz#1918 ok dtucker@ - - Upstream-ID: 05a0cb323ea4bc20e98db099b42c067bfb9ea1ea - -commit 83b581862a1dbb06fc859959f829dde2654aef3c -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Aug 19 03:18:06 2016 +0000 - - upstream commit - - remove UseLogin option and support for having /bin/login - manage login sessions; ok deraadt markus dtucker - - Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712 - -commit ffe6549c2f7a999cc5264b873a60322e91862581 -Author: naddy@openbsd.org <naddy@openbsd.org> -Date: Mon Aug 15 12:32:04 2016 +0000 - - upstream commit - - Catch up with the SSH1 code removal and delete all - mention of protocol 1 particularities, key files and formats, command line - options, and configuration keywords from the server documentation and - examples. ok jmc@ - - Upstream-ID: 850328854675b4b6a0d4a90f0b4a9dd9ca4e905f - -commit c38ea634893a1975dbbec798fb968c9488013f4a -Author: naddy@openbsd.org <naddy@openbsd.org> -Date: Mon Aug 15 12:27:56 2016 +0000 - - upstream commit - - Remove more SSH1 server code: * Drop sshd's -k option. * - Retire configuration keywords that only apply to protocol 1, as well as the - "protocol" keyword. * Remove some related vestiges of protocol 1 support. - - ok markus@ - - Upstream-ID: 9402f82886de917779db12f8ee3f03d4decc244d - -commit 33ba55d9e358c07f069e579bfab80eccaaad52cb -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Aug 17 16:26:04 2016 +1000 - - Only check for prctl once. - -commit 976ba8a8fd66a969bf658280c1e5adf694cc2fc6 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Aug 17 15:33:10 2016 +1000 - - Fix typo. - -commit 9abf84c25ff4448891edcde60533a6e7b2870de1 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Aug 17 14:25:43 2016 +1000 - - Correct LDFLAGS for clang example. - - --with-ldflags isn't used until after the -ftrapv test, so mention - LDFLAGS instead for now. - -commit 1e8013a17ff11e3c6bd0012fb1fc8d5f1330eb21 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Aug 17 14:08:42 2016 +1000 - - Remove obsolete CVS $Id from source files. - - Since -portable switched to git the CVS $Id tags are no longer being - updated and are becoming increasingly misleading. Remove them. - -commit adab758242121181700e48b4f6c60d6b660411fe -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Aug 17 13:40:58 2016 +1000 - - Remove now-obsolete CVS $Id tags from text files. - - Since -portable switched to git, the CVS $Id tags are no longer being - updated and are becoming increasingly misleading. Remove them. - -commit 560c0068541315002ec4c1c00a560bbd30f2d671 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Aug 17 13:38:30 2016 +1000 - - Add a section for compiler specifics. - - Add a section for compiler specifics and document the runtime requirements - for clang's integer sanitization. - -commit a8fc0f42e1eda2fa3393d1ea5e61322d5e07a9cd -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Aug 17 13:35:43 2016 +1000 - - Test multiplying two long long ints. - - When using clang with -ftrapv or -sanitize=integer the tests would pass - but linking would fail with "undefined reference to __mulodi4". - Explicitly test for this before enabling -trapv. - -commit a1cc637e7e11778eb727559634a6ef1c19c619f6 -Author: Damien Miller <djm@mindrot.org> -Date: Tue Aug 16 14:47:34 2016 +1000 - - add a --with-login-program configure argument - - Saves messing around with LOGIN_PROGRAM env var, which come - packaging environments make hard to do during configure phase. - -commit 8bd81e1596ab1bab355146cb65e82fb96ade3b23 -Author: Damien Miller <djm@mindrot.org> -Date: Tue Aug 16 13:30:56 2016 +1000 - - add --with-pam-service to specify PAM service name - - Saves messing around with CFLAGS to do it. - -commit 74433a19bb6f4cef607680fa4d1d7d81ca3826aa -Author: Damien Miller <djm@mindrot.org> -Date: Tue Aug 16 13:28:23 2016 +1000 - - fix false positives when compiled with msan - - Our explicit_bzero successfully confused clang -fsanitize-memory - in to thinking that memset is never called to initialise memory. - Ensure that it is called in a way that the compiler recognises. - -commit 6cb6dcffe1a2204ba9006de20f73255c268fcb6b -Author: markus@openbsd.org <markus@openbsd.org> -Date: Sat Aug 13 17:47:40 2016 +0000 - - upstream commit - - remove ssh1 server code; ok djm@ - - Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534 - -commit 42d47adc5ad1187f22c726cbc52e71d6b1767ca2 -Author: jca@openbsd.org <jca@openbsd.org> -Date: Fri Aug 12 19:19:04 2016 +0000 - - upstream commit - - Use 2001:db8::/32, the official IPv6 subnet for - configuration examples. - - This makes the IPv6 example consistent with IPv4, and removes a dubious - mention of a 6bone subnet. - - ok sthen@ millert@ - - Upstream-ID: b027f3d0e0073419a132fd1bf002e8089b233634 - -commit b61f53c0c3b43c28e013d3b3696d64d1c0204821 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Aug 11 01:42:11 2016 +0000 - - upstream commit - - Update moduli file. - - Upstream-ID: 6da9a37f74aef9f9cc639004345ad893cad582d8 - -commit f217d9bd42d306f69f56335231036b44502d8191 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Aug 11 11:42:48 2016 +1000 - - Import updated moduli. - -commit 67dca60fbb4923b7a11c1645b90a5ca57c03d8be -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Aug 8 22:40:57 2016 +0000 - - upstream commit - - Improve error message for overlong ControlPath. ok markus@ - djm@ - - Upstream-ID: aed374e2e88dd3eb41390003e5303d0089861eb5 - -commit 4706c1d8c15cd5565b59512853c2da9bd4ca26c9 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Aug 3 05:41:57 2016 +0000 - - upstream commit - - small refactor of cipher.c: make ciphercontext opaque to - callers feedback and ok markus@ - - Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f - -commit e600348a7afd6325cc5cd783cb424065cbc20434 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed Aug 3 04:23:55 2016 +0000 - - upstream commit - - Fix bug introduced in rev 1.467 which causes - "buffer_get_bignum_ret: incomplete message" errors when built with WITH_SSH1 - and run such that no Protocol 1 ephemeral host key is generated (eg "Protocol - 2", no SSH1 host key supplied). Reported by rainer.laatsch at t-online.de, - ok deraadt@ - - Upstream-ID: aa6b132da5c325523aed7989cc5a320497c919dc - -commit d7e7348e72f9b203189e3fffb75605afecba4fda -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Jul 27 23:18:12 2016 +0000 - - upstream commit - - better bounds check on iovcnt (we only ever use fixed, - positive values) - - Upstream-ID: 9baa6eb5cd6e30c9dc7398e5fe853721a3a5bdee - -commit 5faa52d295f764562ed6dd75c4a4ce9134ae71e3 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Aug 2 15:22:40 2016 +1000 - - Use tabs consistently inside "case $host". - -commit 20e5e8ba9c5d868d897896190542213a60fffbd2 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Aug 2 12:16:34 2016 +1000 - - Explicitly test for broken strnvis. - - NetBSD added an strnvis and unfortunately made it incompatible with the - existing one in OpenBSD and Linux's libbsd (the former having existed - for over ten years). Despite this incompatibility being reported during - development (see http://gnats.netbsd.org/44977) they still shipped it. - Even more unfortunately FreeBSD and later MacOS picked up this incompatible - implementation. Try to detect this mess, and assume the only safe option - if we're cross compiling. - - OpenBSD 2.9 (2001): strnvis(char *dst, const char *src, size_t dlen, int flag); - NetBSD 6.0 (2012): strnvis(char *dst, size_t dlen, const char *src, int flag); - - ok djm@ - -commit b0b48beab1b74100b61ecbadb9140c9ab4c2ea8c -Author: Damien Miller <djm@mindrot.org> -Date: Tue Aug 2 11:06:23 2016 +1000 - - update recommended autoconf version - -commit 23902e31dfd18c6d7bb41ccd73de3b5358a377da -Author: Damien Miller <djm@mindrot.org> -Date: Tue Aug 2 10:48:04 2016 +1000 - - update config.guess and config.sub to current - - upstream commit 562f3512b3911ba0c77a7f68214881d1f241f46e - -commit dd1031b78b83083615b68d7163c44f4408635be2 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Aug 2 10:01:52 2016 +1000 - - Replace spaces with tabs. - - Mechanically replace spaces with tabs in compat files not synced with - OpenBSD. - -commit c20dccb5614c5714f4155dda01bcdebf97cfae7e -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Aug 2 09:44:25 2016 +1000 - - Strip trailing whitespace. - - Mechanically strip trailing whitespace on files not synced with OpenBSD - (or in the case of bsd-snprint.c, rsync). - -commit 30f9bd1c0963c23bfba8468dfd26aa17609ba42f -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Aug 2 09:06:27 2016 +1000 - - Repair $OpenBSD markers. - -commit 9715d4ad4b53877ec23dc8681dd7a405de9419a6 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Aug 2 09:02:42 2016 +1000 - - Repair $OpenBSD marker. - -commit cf3e0be7f5828a5e5f6c296a607d20be2f07d60c -Author: Tim Rice <tim@multitalents.net> -Date: Mon Aug 1 14:31:52 2016 -0700 - - modified: configure.ac opensshd.init.in - Skip generating missing RSA1 key on startup unless ssh1 support is enabled. - Spotted by Jean-Pierre Radley - -commit 99522ba7ec6963a05c04a156bf20e3ba3605987c -Author: Damien Miller <djm@mindrot.org> -Date: Thu Jul 28 08:54:27 2016 +1000 - - define _OPENBSD_SOURCE for reallocarray on NetBSD - - Report by and debugged with Hisashi T Fujinaka, dtucker nailed - the problem (lack of prototype causing return type confusion). - -commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 -Author: Damien Miller <djm@mindrot.org> -Date: Wed Jul 27 08:25:42 2016 +1000 - - KNF - -commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331 -Author: Damien Miller <djm@mindrot.org> -Date: Wed Jul 27 08:25:23 2016 +1000 - - Linux auditing also needs packet.h - -commit 393bd381a45884b589baa9aed4394f1d250255ca -Author: Damien Miller <djm@mindrot.org> -Date: Wed Jul 27 08:18:05 2016 +1000 - - fix auditing on Linux - - get_remote_ipaddr() was replaced with ssh_remote_ipaddr() - -commit 80e766fb089de4f3c92b1600eb99e9495e37c992 -Author: Damien Miller <djm@mindrot.org> -Date: Sun Jul 24 21:50:13 2016 +1000 - - crank version numbers - -commit b1a478792d458f2e938a302e64bab2b520edc1b3 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Jul 24 11:45:36 2016 +0000 - - upstream commit - - openssh-7.3 - - Upstream-ID: af106a7eb665f642648cf1993e162c899f358718 - -commit 353766e0881f069aeca30275ab706cd60a1a8fdd -Author: Darren Tucker <dtucker@zip.com.au> -Date: Sat Jul 23 16:14:42 2016 +1000 - - Move Cygwin IPPORT_RESERVED overrride to defines.h - - Patch from vinschen at redhat.com. - -commit 368dd977ae07afb93f4ecea23615128c95ab2b32 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Jul 23 02:54:08 2016 +0000 - - upstream commit - - fix pledge violation with ssh -f; reported by Valentin - Kozamernik ok dtucker@ - - Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa - -commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 22 07:00:46 2016 +0000 - - upstream commit - - improve wording; suggested by jmc@ - - Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8 - -commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jul 22 05:46:11 2016 +0000 - - upstream commit - - Lower loglevel for "Authenticated with partial success" - message similar to other similar level. bz#2599, patch from cgallek at - gmail.com, ok markus@ - - Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd - -commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6 -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 22 14:06:36 2016 +1000 - - retry waitpid on EINTR failure - - patch from Jakub Jelen on bz#2581; ok dtucker@ - -commit da88a70a89c800e74ea8e5661ffa127a3cc79a92 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 22 03:47:36 2016 +0000 - - upstream commit - - constify a few functions' arguments; patch from Jakub - Jelen bz#2581 - - Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d - -commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 22 03:39:13 2016 +0000 - - upstream commit - - move debug("%p", key) to before key is free'd; probable - undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 - - Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a - -commit 286f5a77c3bfec1e8892ca268087ac885ac871bf -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 22 03:35:11 2016 +0000 - - upstream commit - - reverse the order in which -J/JumpHost proxies are visited to - be more intuitive and document - - reported by and manpage bits naddy@ - - Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a - -commit fcd135c9df440bcd2d5870405ad3311743d78d97 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jul 21 01:39:35 2016 +0000 - - upstream commit - - Skip passwords longer than 1k in length so clients can't - easily DoS sshd by sending very long passwords, causing it to spend CPU - hashing them. feedback djm@, ok markus@. - - Brought to our attention by tomas.kuthan at oracle.com, shilei-c at - 360.cn and coredump at autistici.org - - Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 - -commit 324583e8fb3935690be58790425793df619c6d4d -Author: naddy@openbsd.org <naddy@openbsd.org> -Date: Wed Jul 20 10:45:27 2016 +0000 - - upstream commit - - Do not clobber the global jump_host variables when - parsing an inactive configuration. ok djm@ - - Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31 - -commit 32d921c323b989d28405e78d0a8923d12913d737 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Tue Jul 19 12:59:16 2016 +0000 - - upstream commit - - tweak previous; - - Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534 - -commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue Jul 19 11:38:53 2016 +0000 - - upstream commit - - Allow wildcard for PermitOpen hosts as well as ports. - bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok - markus@ - - Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2 - -commit b98a2a8348e907b3d71caafd80f0be8fdd075943 -Author: markus@openbsd.org <markus@openbsd.org> -Date: Mon Jul 18 11:35:33 2016 +0000 - - upstream commit - - Reduce timing attack against obsolete CBC modes by always - computing the MAC over a fixed size of data. Reported by Jean Paul - Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@ - - Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912 - -commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Jul 21 14:17:31 2016 +1000 - - Search users for one with a valid salt. - - If the root account is locked (eg password "!!" or "*LK*") keep looking - until we find a user with a valid salt to use for crypting passwords of - invalid users. ok djm@ - -commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jul 18 17:22:49 2016 +1000 - - Explicitly specify source files for regress tools. - - Since adding $(REGRESSLIBS), $? is wrong because it includes only the - changed source files. $< seems like it'd be right however it doesn't - seem to work on some non-GNU makes, so do what works everywhere. - -commit eac1bbd06872c273f16ac0f9976b0aef026b701b -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jul 18 17:12:22 2016 +1000 - - Conditionally include err.h. - -commit 0a454147568746c503f669e1ba861f76a2e7a585 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jul 18 16:26:26 2016 +1000 - - Remove local implementation of err, errx. - - We now have a shared implementation in libopenbsd-compat. - -commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Jul 18 06:08:01 2016 +0000 - - upstream commit - - Add some unsigned overflow checks for extra_pad. None of - these are reachable with the amount of padding that we use internally. - bz#2566, pointed out by Torben Hansen. ok markus@ - - Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76 - -commit c71ba790c304545464bb494de974cdf0f4b5cf1e -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jul 18 15:43:25 2016 +1000 - - Add dependency on libs for unit tests. - - Makes "./configure && make tests" work again. ok djm@ - -commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jul 18 13:47:39 2016 +1000 - - Correct location for kexfuzz in clean target. - -commit 01558b7b07af43da774d3a11a5c51fa9c310849d -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jul 18 09:33:25 2016 +1000 - - Handle PAM_MAXTRIES from modules. - - bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer - password and keyboard-interative authentication methods. Should prevent - "sshd ignoring max retries" warnings in the log. ok djm@ - - It probably won't trigger with keyboard-interactive in the default - configuration because the retry counter is stored in module-private - storage which goes away with the sshd PAM process (see bz#688). On the - other hand, those cases probably won't log a warning either. - -commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Jul 17 04:20:16 2016 +0000 - - upstream commit - - support UTF-8 characters in ssh(1) banners using - schwarze@'s safe fmprintf printer; bz#2058 - - feedback schwarze@ ok dtucker@ - - Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7 - -commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Sat Jul 16 06:57:55 2016 +0000 - - upstream commit - - - add proxyjump to the options list - formatting fixes - - update usage() - - ok djm - - Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457 - -commit af1f084857621f14bd9391aba8033d35886c2455 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jul 15 05:01:58 2016 +0000 - - upstream commit - - Reduce the syslog level of some relatively common protocol - events from LOG_CRIT by replacing fatal() calls with logdie(). Part of - bz#2585, ok djm@ - - Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5 - -commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 15 19:14:48 2016 +1000 - - missing openssl/dh.h - -commit 4a984fd342effe5f0aad874a0d538c4322d973c0 -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 15 18:47:07 2016 +1000 - - cast to avoid type warning in error message - -commit 5abfb15ced985c340359ae7fb65a625ed3692b3e -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri Jul 15 14:48:30 2016 +1000 - - Move VA_COPY macro into compat header. - - Some AIX compilers unconditionally undefine va_copy but don't set it back - to an internal function, causing link errors. In some compat code we - already use VA_COPY instead so move the two existing instances into the - shared header and use for sshbuf-getput-basic.c too. Should fix building - with at lease some versions of AIX's compiler. bz#2589, ok djm@ - -commit 832b7443b7a8e181c95898bc5d73497b7190decd -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 15 14:45:34 2016 +1000 - - disable ciphers not supported by OpenSSL - - bz#2466 ok dtucker@ - -commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8 -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 15 13:54:31 2016 +1000 - - add a --disable-pkcs11 knob - -commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9 -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 15 13:44:38 2016 +1000 - - fix newline escaping for unsupported_algorithms - - The hmac-ripemd160 was incorrect and could lead to broken - Makefiles on systems that lacked support for it, but I made - all the others consistent too. - -commit ed877ef653847d056bb433975d731b7a1132a979 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 15 00:24:30 2016 +0000 - - upstream commit - - Add a ProxyJump ssh_config(5) option and corresponding -J - ssh(1) command-line flag to allow simplified indirection through a SSH - bastion or "jump host". - - These options construct a proxy command that connects to the - specified jump host(s) (more than one may be specified) and uses - port-forwarding to establish a connection to the next destination. - - This codifies the safest way of indirecting connections through SSH - servers and makes it easy to use. - - ok markus@ - - Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397 - -commit 5c02dd126206a26785379e80f2d3848e4470b711 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri Jul 15 12:56:39 2016 +1000 - - Map umac_ctx struct name too. - - Prevents size mismatch linker warnings on Solaris 11. - -commit 283b97ff33ea2c641161950849931bd578de6946 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri Jul 15 13:49:44 2016 +1000 - - Mitigate timing of disallowed users PAM logins. - - When sshd decides to not allow a login (eg PermitRootLogin=no) and - it's using PAM, it sends a fake password to PAM so that the timing for - the failure is not noticeably different whether or not the password - is correct. This behaviour can be detected by sending a very long - password string which is slower to hash than the fake password. - - Mitigate by constructing an invalid password that is the same length - as the one from the client and thus takes the same time to hash. - Diff from djm@ - -commit 9286875a73b2de7736b5e50692739d314cd8d9dc -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri Jul 15 13:32:45 2016 +1000 - - Determine appropriate salt for invalid users. - - When sshd is processing a non-PAM login for a non-existent user it uses - the string from the fakepw structure as the salt for crypt(3)ing the - password supplied by the client. That string has a Blowfish prefix, so on - systems that don't understand that crypt will fail fast due to an invalid - salt, and even on those that do it may have significantly different timing - from the hash methods used for real accounts (eg sha512). This allows - user enumeration by, eg, sending large password strings. This was noted - by EddieEzra.Harari at verint.com (CVE-2016-6210). - - To mitigate, use the same hash algorithm that root uses for hashing - passwords for users that do not exist on the system. ok djm@ - -commit a162dd5e58ca5b224d7500abe35e1ef32b5de071 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Jul 14 21:19:59 2016 +1000 - - OpenSSL 1.1.x not currently supported. - -commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Jul 14 12:25:24 2016 +1000 - - Check for VIS_ALL. - - If we don't have it, set BROKEN_STRNVIS to activate the compat replacement. - -commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jul 14 01:24:21 2016 +0000 - - upstream commit - - Correct equal in test. - - Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a - -commit 372807c2065c8572fdc6478b25cc5ac363743073 -Author: tb@openbsd.org <tb@openbsd.org> -Date: Mon Jul 11 21:38:13 2016 +0000 - - upstream commit - - Add missing "recvfd" pledge promise: Raf Czlonka reported - ssh coredumps when Control* keywords were set in ssh_config. This patch also - fixes similar problems with scp and sftp. - - ok deraadt, looks good to millert - - Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b - -commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd -Author: tedu@openbsd.org <tedu@openbsd.org> -Date: Mon Jul 11 03:19:44 2016 +0000 - - upstream commit - - obsolete note about fascistloggin is obsolete. ok djm - dtucker - - Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a - -commit a2333584170a565adf4f209586772ef8053b10b8 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Jul 14 10:59:09 2016 +1000 - - Add compat code for missing wcwidth. - - If we don't have wcwidth force fallback implementations of nl_langinfo - and mbtowc. Based on advice from Ingo Schwarze. - -commit 8aaec7050614494014c47510b7e94daf6e644c62 -Author: Damien Miller <djm@mindrot.org> -Date: Thu Jul 14 09:48:48 2016 +1000 - - fix missing include for systems with err.h - -commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Jul 13 14:42:35 2016 +1000 - - Move err.h replacements into compat lib. - - Move implementations of err.h replacement functions into their own file - in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@ - -commit f3f2cc8386868f51440c45210098f65f9787449a -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jul 11 17:23:38 2016 +1000 - - Check for wchar.h and langinfo.h - - Wrap includes in the appropriate #ifdefs. - -commit b9c50614eba9d90939b2b119b6e1b7e03b462278 -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 8 13:59:13 2016 +1000 - - whitelist more architectures for seccomp-bpf - - bz#2590 - testing and patch from Jakub Jelen - -commit 18813a32b6fd964037e0f5e1893cb4468ac6a758 -Author: guenther@openbsd.org <guenther@openbsd.org> -Date: Mon Jul 4 18:01:44 2016 +0000 - - upstream commit - - DEBUGLIBS has been broken since the gcc4 switch, so delete - it. CFLAGS contains -g by default anyway - - problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) - ok millert@ kettenis@ deraadt@ - - Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542 - -commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 8 03:44:42 2016 +0000 - - upstream commit - - Improve crypto ordering for Encrypt-then-MAC (EtM) mode - MAC algorithms. - - Previously we were computing the MAC, decrypting the packet and then - checking the MAC. This gave rise to the possibility of creating a - side-channel oracle in the decryption step, though no such oracle has - been identified. - - This adds a mac_check() function that computes and checks the MAC in - one pass, and uses it to advance MAC checking for EtM algorithms to - before payload decryption. - - Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and - Martin Albrecht. feedback and ok markus@ - - Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b - -commit 71f5598f06941f645a451948c4a5125c83828e1c -Author: guenther@openbsd.org <guenther@openbsd.org> -Date: Mon Jul 4 18:01:44 2016 +0000 - - upstream commit - - DEBUGLIBS has been broken since the gcc4 switch, so - delete it. CFLAGS contains -g by default anyway - - problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) - ok millert@ kettenis@ deraadt@ - - Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603 - -commit e683fc6f1c8c7295648dbda679df8307786ec1ce -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jun 30 05:17:05 2016 +0000 - - upstream commit - - Explicitly check for 100% completion to avoid potential - floating point rounding error, which could cause progressmeter to report 99% - on completion. While there invert the test so the 100% case is clearer. with - & ok djm@ - - Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d - -commit 772e6cec0ed740fc7db618dc30b4134f5a358b43 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Wed Jun 29 17:14:28 2016 +0000 - - upstream commit - - sort the -o list; - - Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac - -commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Jun 23 05:17:51 2016 +0000 - - upstream commit - - fix AuthenticationMethods during configuration re-parse; - reported by Juan Francisco Cantero Hurtado - - Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4 - -commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Jun 19 07:48:02 2016 +0000 - - upstream commit - - revert 1.34; causes problems loading public keys - - reported by semarie@ - - Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179 - -commit ad23a75509f4320d43f628c50f0817e3ad12bfa7 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Fri Jun 17 06:33:30 2016 +0000 - - upstream commit - - grammar fix; - - Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463 - -commit 5e28b1a2a3757548b40018cc2493540a17c82e27 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 17 05:06:23 2016 +0000 - - upstream commit - - translate OpenSSL error codes to something more - meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ - - Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5 - -commit b64faeb5eda7eff8210c754d00464f9fe9d23de5 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 17 05:03:40 2016 +0000 - - upstream commit - - ban AuthenticationMethods="" and accept - AuthenticationMethods=any for the default behaviour of not requiring multiple - authentication - - bz#2398 from Jakub Jelen; ok dtucker@ - - Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27 - -commit 9816fc5daee5ca924dd5c4781825afbaab728877 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jun 16 11:00:17 2016 +0000 - - upstream commit - - Include stdarg.h for va_copy as per man page. - - Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd - -commit b6cf84b51bc0f5889db48bf29a0c771954ade283 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Thu Jun 16 06:10:45 2016 +0000 - - upstream commit - - keys stored in openssh format can have comments too; diff - from yonas yanfa, tweaked a bit; - - ok djm - - Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27 - -commit aa37768f17d01974b6bfa481e5e83841b6c76f86 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jun 20 15:55:34 2016 +1000 - - get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX - - Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip - change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX. - Fixes build on AIX. - -commit 009891afc8df37bc2101e15d1e0b6433cfb90549 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri Jun 17 14:34:09 2016 +1000 - - Remove duplicate code from PAM. ok djm@ - -commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed Jun 15 00:40:40 2016 +0000 - - upstream commit - - Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message - about forward and reverse DNS not matching. We haven't supported IP-based - auth methods for a very long time so it's now misleading. part of bz#2585, - ok markus@ - - Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29 - -commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd -Author: Darren Tucker <dtucker@zip.com.au> -Date: Wed Jun 15 11:22:38 2016 +1000 - - Move platform_disable_tracing into its own file. - - Prevents link errors resolving the extern "options" when platform.o - gets linked into ssh-agent when building --with-pam. - -commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Jun 14 13:55:12 2016 +1000 - - Track skipped upstream commit IDs. - - There are a small number of "upstream" commits that do not correspond to - a file in -portable. This file tracks those so that we can reconcile - OpenBSD and Portable to ensure that no commits are accidentally missed. - - If you add something to .skipped-commit-ids please also add an upstream - ID line in the following format when you commit it. - - Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 - Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca - Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 - Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 - Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a - Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef - Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 - Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 - Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae - Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee - -commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Jun 14 13:51:01 2016 +1000 - - Remove now-defunct .cvsignore files. ok djm - -commit 68777faf271efb2713960605c748f6c8a4b26d55 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed Jun 8 02:13:01 2016 +0000 - - upstream commit - - Back out rev 1.28 "Check min and max sizes sent by the - client" change. It caused "key_verify failed for server_host_key" in clients - that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. - ok djm@ - - Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65 - -commit a86ec4d0737ac5879223e7cd9d68c448df46e169 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Jun 14 10:48:27 2016 +1000 - - Use Solaris setpflags(__PROC_PROTECT, ...). - - Where possible, use Solaris setpflags to disable process tracing on - ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee - at oracle.com, ok djm. - -commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Tue Jun 14 10:43:53 2016 +1000 - - Shorten prctl code a tiny bit. - -commit 0fb7f5985351fbbcd2613d8485482c538e5123be -Author: Darren Tucker <dtucker@zip.com.au> -Date: Thu Jun 9 16:23:07 2016 +1000 - - Move prctl PR_SET_DUMPABLE into platform.c. - - This should make it easier to add additional platform support such as - Solaris (bz#2584). - -commit e6508898c3cd838324ecfe1abd0eb8cf802e7106 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jun 3 04:10:41 2016 +0000 - - upstream commit - - Add a test for ssh(1)'s config file parsing. - - Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601 - -commit ab0a536066dfa32def0bd7272c096ebb5eb25b11 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jun 3 03:47:59 2016 +0000 - - upstream commit - - Add 'sshd' to the test ID as I'm about to add a similar - set for ssh. - - Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a - -commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb -Author: schwarze@openbsd.org <schwarze@openbsd.org> -Date: Mon May 30 12:14:08 2016 +0000 - - upstream commit - - stricter malloc.conf(5) options for utf8 tests - - Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6 - -commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc -Author: schwarze@openbsd.org <schwarze@openbsd.org> -Date: Mon May 30 12:05:56 2016 +0000 - - upstream commit - - Fix two rare edge cases: 1. If vasprintf() returns < 0, - do not access a NULL pointer in snmprintf(), and do not free() the pointer - returned from vasprintf() because on some systems other than OpenBSD, it - might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" - rather than -1 and NULL. - - Besides, free(dst) is pointless after failure (not a bug). - - One half OK martijn@, the other half OK deraadt@; - committing quickly before people get hurt. - - Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4 - -commit 016881eb33a7948028848c90f4c7ac42e3af0e87 -Author: schwarze@openbsd.org <schwarze@openbsd.org> -Date: Thu May 26 19:14:25 2016 +0000 - - upstream commit - - test the new utf8 module - - Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3 - -commit d4219028bdef448e089376f3afe81ef6079da264 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue May 3 15:30:46 2016 +0000 - - upstream commit - - Set umask to prevent "Bad owner or permissions" errors. - - Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417 - -commit 07d5608bb237e9b3fe86a2aeaa429392230faebf -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 14:41:04 2016 +0000 - - upstream commit - - support doas - - Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38 - -commit 01cabf10adc7676cba5f40536a34d3b246edb73f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 13:48:33 2016 +0000 - - upstream commit - - unit tests for sshbuf_dup_string() - - Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d - -commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Fri Jun 3 06:44:12 2016 +0000 - - upstream commit - - tweak previous; - - Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698 - -commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jun 3 04:09:38 2016 +0000 - - upstream commit - - Allow ExitOnForwardFailure and ClearAllForwardings to be - overridden when using ssh -W (but still default to yes in that case). - bz#2577, ok djm@. - - Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4 - -commit 8543ff3f5020fe659839b15f05b8c522bde6cee5 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jun 3 03:14:41 2016 +0000 - - upstream commit - - Move the host and port used by ssh -W into the Options - struct. This will make future changes a bit easier. ok djm@ - - Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382 - -commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed Jun 1 04:19:49 2016 +0000 - - upstream commit - - Check min and max sizes sent by the client against what - we support before passing them to the monitor. ok djm@ - - Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece - -commit 564cd2a8926ccb1dca43a535073540935b5e0373 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue May 31 23:46:14 2016 +0000 - - upstream commit - - Ensure that the client's proposed DH-GEX max value is at - least as big as the minimum the server will accept. ok djm@ - - Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775 - -commit df820722e40309c9b3f360ea4ed47a584ed74333 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jun 6 11:36:13 2016 +1000 - - Add compat bits to utf8.c. - -commit 05c6574652571becfe9d924226c967a3f4b3f879 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Jun 6 11:33:43 2016 +1000 - - Fix utf->utf8 typo. - -commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce -Author: schwarze@openbsd.org <schwarze@openbsd.org> -Date: Mon May 30 18:34:41 2016 +0000 - - upstream commit - - Backout rev. 1.43 for now. - - The function update_progress_meter() calls refresh_progress_meter() - which calls snmprintf() which calls malloc(); but update_progress_meter() - acts as the SIGALRM signal handler. - - "malloc(): error: recursive call" reported by sobrado@. - - Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e - -commit cd9e1eabeb4137182200035ab6fa4522f8d24044 -Author: schwarze@openbsd.org <schwarze@openbsd.org> -Date: Mon May 30 12:57:21 2016 +0000 - - upstream commit - - Even when only writing an unescaped character, the dst - buffer may need to grow, or it would be overrun; issue found by tb@ with - malloc.conf(5) 'C'. - - While here, reserve an additional byte for the terminating NUL - up front such that we don't have to realloc() later just for that. - - OK tb@ - - Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff - -commit ac284a355f8065eaef2a16f446f3c44cdd17371d -Author: schwarze@openbsd.org <schwarze@openbsd.org> -Date: Mon May 30 12:05:56 2016 +0000 - - upstream commit - - Fix two rare edge cases: 1. If vasprintf() returns < 0, - do not access a NULL pointer in snmprintf(), and do not free() the pointer - returned from vasprintf() because on some systems other than OpenBSD, it - might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" - rather than -1 and NULL. - - Besides, free(dst) is pointless after failure (not a bug). - - One half OK martijn@, the other half OK deraadt@; - committing quickly before people get hurt. - - Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0 - -commit 0e059cdf5fd86297546c63fa8607c24059118832 -Author: schwarze@openbsd.org <schwarze@openbsd.org> -Date: Wed May 25 23:48:45 2016 +0000 - - upstream commit - - To prevent screwing up terminal settings when printing to - the terminal, for ASCII and UTF-8, escape bytes not forming characters and - bytes forming non-printable characters with vis(3) VIS_OCTAL. For other - character sets, abort printing of the current string in these cases. In - particular, * let scp(1) respect the local user's LC_CTYPE locale(1); * - sanitize data received from the remote host; * sanitize filenames, usernames, - and similar data even locally; * take character display widths into account - for the progressmeter. - - This is believed to be sufficient to keep the local terminal safe - on OpenBSD, but bad things can still happen on other systems with - state-dependent locales because many places in the code print - unencoded ASCII characters into the output stream. - - Using feedback from djm@ and martijn@, - various aspects discussed with many others. - - deraadt@ says it should go in now, i probably already hesitated too long - - Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0 - -commit 8c02e3639acefe1e447e293dbe23a0917abd3734 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue May 24 04:43:45 2016 +0000 - - upstream commit - - KNF compression proposal and simplify the client side a - little. ok djm@ - - Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605 - -commit 7ec4946fb686813eb5f8c57397e465f5485159f4 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue May 24 02:31:57 2016 +0000 - - upstream commit - - Back out 'plug memleak'. - - Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0 - -commit 82f24c3ddc52053aeb7beb3332fa94c92014b0c5 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 23 23:30:50 2016 +0000 - - upstream commit - - prefer agent-hosted keys to keys from PKCS#11; ok markus - - Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4 - -commit a0cb7778fbc9b43458f7072eb68dd858766384d1 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon May 23 00:17:27 2016 +0000 - - upstream commit - - Plug mem leak in filter_proposal. ok djm@ - - Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34 - -commit ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri Jun 3 16:03:44 2016 +1000 - - Update vis.h and vis.c from OpenBSD. - - This will be needed for the upcoming utf8 changes. - -commit e1d93705f8f48f519433d6ca9fc3d0abe92a1b77 -Author: Tim Rice <tim@multitalents.net> -Date: Tue May 31 11:13:22 2016 -0700 - - modified: configure.ac - whitspace clean up. No code changes. - -commit 604a037d84e41e31f0aec9075df0b8740c130200 -Author: Damien Miller <djm@mindrot.org> -Date: Tue May 31 16:45:28 2016 +1000 - - whitespace at EOL - -commit 18424200160ff5c923113e0a37ebe21ab7bcd17c -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon May 30 19:35:28 2016 +1000 - - Add missing ssh-host-config --name option - - Patch from vinschen@redhat.com. - -commit 39c0cecaa188a37a2e134795caa68e03f3ced592 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri May 20 10:01:58 2016 +1000 - - Fix comment about sshpam_const and AIX. - - From mschwager via github. - -commit f64062b1f74ad5ee20a8a49aab2732efd0f7ce30 -Author: Damien Miller <djm@mindrot.org> -Date: Fri May 20 09:56:53 2016 +1000 - - Deny lstat syscalls in seccomp sandbox - - Avoids sandbox violations for some krb/gssapi libraries. - -commit 531c135409b8d8810795b1f3692a4ebfd5c9cae0 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu May 19 07:45:32 2016 +0000 - - upstream commit - - fix type of ed25519 values - - Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0 - -commit 75e21688f523799c9e0cc6601d76a9c5ca79f787 -Author: markus@openbsd.org <markus@openbsd.org> -Date: Wed May 4 14:32:26 2016 +0000 - - upstream commit - - add IdentityAgent; noticed & ok jmc@ - - Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a - -commit 1a75d14daf4b60db903e6103cf50e74e0cd0a76b -Author: markus@openbsd.org <markus@openbsd.org> -Date: Wed May 4 14:29:58 2016 +0000 - - upstream commit - - allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@ - - Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac - -commit 0516454151ae722fc8256c3c56115c6baf24c5b0 -Author: markus@openbsd.org <markus@openbsd.org> -Date: Wed May 4 14:22:33 2016 +0000 - - upstream commit - - move SSH_MSG_NONE, so we don't have to include ssh1.h; - ok deraadt@ - - Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e - -commit 332ff3d770631e7513fea38cf0d3689f673f0e3f -Author: Damien Miller <djm@mindrot.org> -Date: Tue May 10 09:51:06 2016 +1000 - - initialise salen in binresvport_sa - - avoids failures with UsePrivilegedPort=yes - - patch from Juan Gallego - -commit c5c1d5d2f04ce00d2ddd6647e61b32f28be39804 -Author: markus@openbsd.org <markus@openbsd.org> -Date: Wed May 4 14:04:40 2016 +0000 - - upstream commit - - missing const in prototypes (ssh1) - - Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05 - -commit 9faae50e2e82ba42eb0cb2726bf6830fe7948f28 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed May 4 14:00:09 2016 +0000 - - upstream commit - - Fix inverted logic for updating StreamLocalBindMask which - would cause the server to set an invalid mask. ok djm@ - - Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587 - -commit b02ad1ce9105bfa7394ac7590c0729dd52e26a81 -Author: markus@openbsd.org <markus@openbsd.org> -Date: Wed May 4 12:21:53 2016 +0000 - - upstream commit - - IdentityAgent for specifying specific agent sockets; ok - djm@ - - Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1 - -commit 910e59bba09ac309d78ce61e356da35292212935 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed May 4 12:16:39 2016 +0000 - - upstream commit - - fix junk characters after quotes - - Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578 - -commit 9283884e647b8be50ccd2997537af0065672107d -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Tue May 3 18:38:12 2016 +0000 - - upstream commit - - correct article; - - Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168 - -commit cfefbcea1057c2623e76c579174a4107a0b6e6cd -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 15:57:39 2016 +0000 - - upstream commit - - fix overriding of StreamLocalBindMask and - StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes - - Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2 - -commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 15:25:06 2016 +0000 - - upstream commit - - don't forget to include StreamLocalBindUnlink in the - config dump output - - Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb - -commit cdcd941994dc430f50d0a4e6a712d32b66e6199e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 14:54:08 2016 +0000 - - upstream commit - - make nethack^wrandomart fingerprint flag more readily - searchable pointed out by Matt Johnston - - Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb - -commit 05855bf2ce7d5cd0a6db18bc0b4214ed5ef7516d -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 13:10:24 2016 +0000 - - upstream commit - - clarify ordering of subkeys; pointed out by ietf-ssh AT - stbuehler.de - - Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463 - -commit cca3b4395807bfb7aaeb83d2838f5c062ce30566 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue May 3 12:15:49 2016 +0000 - - upstream commit - - Use a subshell for constructing key types to work around - different sed behaviours for -portable. - - Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d - -commit fa58208c6502dcce3e0daac0ca991ee657daf1f5 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 10:27:59 2016 +0000 - - upstream commit - - correct some typos and remove a long-stale XXX note. - - add specification for ed25519 certificates - - mention no host certificate options/extensions are currently defined - - pointed out by Simon Tatham - - Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a - -commit b466f956c32cbaff4200bfcd5db6739fe4bc7d04 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue May 3 10:24:27 2016 +0000 - - upstream commit - - add ed25519 keys that are supported but missing from this - documents; from Peter Moody - - Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b - -commit 7f3d76319a69dab2efe3a520a8fef5b97e923636 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue May 3 09:03:49 2016 +0000 - - upstream commit - - Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch - from Simon Tatham, ok markus@ - - Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8 - -commit 31bc01c05d9f51bee3ebe33dc57c4fafb059fb62 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 2 14:10:58 2016 +0000 - - upstream commit - - unbreak config parsing on reexec from previous commit - - Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab - -commit 67f1459efd2e85bf03d032539283fa8107218936 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 2 09:52:00 2016 +0000 - - upstream commit - - unit and regress tests for SHA256/512; ok markus - - Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6 - -commit 0e8eeec8e75f6d0eaf33317376f773160018a9c7 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 2 10:26:04 2016 +0000 - - upstream commit - - add support for additional fixed DH groups from - draft-ietf-curdle-ssh-kex-sha2-03 - - diffie-hellman-group14-sha256 (2K group) - diffie-hellman-group16-sha512 (4K group) - diffie-hellman-group18-sha512 (8K group) - - based on patch from Mark D. Baushke and Darren Tucker - ok markus@ - - Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f - -commit 57464e3934ba53ad8590ee3ccd840f693407fc1e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 2 09:36:42 2016 +0000 - - upstream commit - - support SHA256 and SHA512 RSA signatures in certificates; - ok markus@ - - Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a - -commit 1a31d02b2411c4718de58ce796dbb7b5e14db93e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 2 08:49:03 2016 +0000 - - upstream commit - - fix signed/unsigned errors reported by clang-3.7; add - sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with - better safety checking; feedback and ok markus@ - - Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820 - -commit d2d6bf864e52af8491a60dd507f85b74361f5da3 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 29 08:07:53 2016 +0000 - - upstream commit - - close ControlPersist background process stderr when not - in debug mode or when logging to a file or syslog. bz#1988 ok dtucker - - Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24 - -commit 9ee692fa1146e887e008a2b9a3d3ea81770c9fc8 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Apr 28 14:30:21 2016 +0000 - - upstream commit - - fix comment - - Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15 - -commit ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Wed Apr 27 13:53:48 2016 +0000 - - upstream commit - - cidr permitted for {allow,deny}users; from lars nooden ok djm - - Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11 - -commit b6e0140a5aa883c27b98415bd8aa9f65fc04ee22 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Apr 21 06:08:02 2016 +0000 - - upstream commit - - make argument == NULL tests more consistent - - Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d - -commit 6aaabc2b610e44bae473457ad9556ffb43d90ee3 -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Sun Apr 17 14:34:46 2016 +0000 - - upstream commit - - tweak previous; - - Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f - -commit 0f839e5969efa3bda615991be8a9d9311554c573 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 15 02:57:10 2016 +0000 - - upstream commit - - missing bit of Include regress - - Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f - -commit 12e4ac46aed681da55c2bba3cd11dfcab23591be -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 15 02:55:53 2016 +0000 - - upstream commit - - remove redundant CLEANFILES section - - Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587 - -commit b1d05aa653ae560c44baf8e8a9756e33f98ea75c -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 15 00:48:01 2016 +0000 - - upstream commit - - sync CLEANFILES with portable, sort - - Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed - -commit 35f22dad263cce5c61d933ae439998cb965b8748 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 15 00:31:10 2016 +0000 - - upstream commit - - regression test for ssh_config Include directive - - Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e - -commit 6b8a1a87005818d4700ce8b42faef746e82c1f51 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Apr 14 23:57:17 2016 +0000 - - upstream commit - - unbreak test for recent ssh de-duplicated forwarding - change - - Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3 - -commit 076787702418985a2cc6808212dc28ce7afc01f0 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Thu Apr 14 23:21:42 2016 +0000 - - upstream commit - - add test knob and warning for StrictModes - - Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682 - -commit dc7990be865450574c7940c9880567f5d2555b37 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 15 00:30:19 2016 +0000 - - upstream commit - - Include directive for ssh_config(5); feedback & ok markus@ - - Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff - -commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755 -Author: Damien Miller <djm@mindrot.org> -Date: Wed Apr 13 10:39:57 2016 +1000 - - ignore PAM environment vars when UseLogin=yes - - If PAM is configured to read user-specified environment variables - and UseLogin=yes in sshd_config, then a hostile local user may - attack /bin/login via LD_PRELOAD or similar environment variables - set via PAM. - - CVE-2015-8325, found by Shayan Sadigh, via Colin Watson - -commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 9 12:39:30 2016 +0000 - - upstream commit - - make private key loading functions consistently handle NULL - key pointer arguments; ok markus@ - - Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761 - -commit 5f41f030e2feb5295657285aa8c6602c7810bc4b -Author: Darren Tucker <dtucker@zip.com.au> -Date: Fri Apr 8 21:14:13 2016 +1000 - - Remove NO_IPPORT_RESERVED_CONCEPT - - Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have - the same effect without causing problems syncing patches with OpenBSD. - Resync the two affected functions with OpenBSD. ok djm, sanity checked - by Corinna. - -commit 34a01b2cf737d946ddb140618e28c3048ab7a229 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 8 08:19:17 2016 +0000 - - upstream commit - - whitespace at EOL - - Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6 - -commit 90ee563fa6b54c59896c6c332c5188f866c5e75f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 8 06:35:54 2016 +0000 - - upstream commit - - We accidentally send an empty string and a zero uint32 with - every direct-streamlocal@openssh.com channel open, in contravention of our - own spec. - - Fixing this is too hard wrt existing versions that expect these - fields to be present and fatal() if they aren't, so document them - as "reserved" fields in the PROTOCOL spec as though we always - intended this and let us never speak of it again. - - bz#2529, reported by Ron Frederick - - Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7 - -commit 0ccbd5eca0f0dd78e71a4b69c66f03a66908d558 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Apr 6 06:42:17 2016 +0000 - - upstream commit - - don't record duplicate LocalForward and RemoteForward - entries; fixes failure with ExitOnForwardFailure+hostname canonicalisation - where the same forwards are added on the second pass through the - configuration file. bz#2562; ok dtucker@ - - Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1 - -commit 574def0eb493cd6efeffd4ff2e9257abcffee0c8 -Author: krw@openbsd.org <krw@openbsd.org> -Date: Sat Apr 2 14:37:42 2016 +0000 - - upstream commit - - Another use for fcntl() and thus of the superfluous 3rd - parameter is when sanitising standard fd's before calling daemon(). - - Use a tweaked version of the ssh(1) function in all three places - found using fcntl() this way. - - ok jca@ beck@ - - Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218 - -commit b3413534aa9d71a941005df2760d1eec2c2b0854 -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Apr 4 11:09:21 2016 +1000 - - Tidy up openssl header test. - -commit 815bcac0b94bb448de5acdd6ba925b8725240b4f -Author: Darren Tucker <dtucker@zip.com.au> -Date: Mon Apr 4 11:07:59 2016 +1000 - - Fix configure-time warnings for openssl test. |