diff options
| author | Ed Maste <emaste@FreeBSD.org> | 2023-07-19 15:49:33 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2023-07-19 15:49:33 +0000 |
| commit | e524ba4db420aa72d11792aa317da381eb32fcce (patch) | |
| tree | 3db015e39b6ff5738f63f952a0d253645643cf20 | |
| parent | 36b354d74be5adbb73d7dcd2ceb49b5105145d02 (diff) | |
| download | src-vendor/openssh/9.3p2.tar.gz src-vendor/openssh/9.3p2.zip | |
Vendor import of OpenSSH 9.3p2vendor/openssh/9.3p2
| -rw-r--r-- | ChangeLog | 1867 | ||||
| -rw-r--r-- | README | 2 | ||||
| -rw-r--r-- | contrib/redhat/openssh.spec | 2 | ||||
| -rw-r--r-- | contrib/suse/openssh.spec | 2 | ||||
| -rw-r--r-- | moduli.0 | 2 | ||||
| -rw-r--r-- | scp.0 | 2 | ||||
| -rw-r--r-- | sftp-server.0 | 2 | ||||
| -rw-r--r-- | sftp.0 | 2 | ||||
| -rw-r--r-- | ssh-add.0 | 2 | ||||
| -rw-r--r-- | ssh-agent.0 | 30 | ||||
| -rw-r--r-- | ssh-agent.1 | 22 | ||||
| -rw-r--r-- | ssh-agent.c | 21 | ||||
| -rw-r--r-- | ssh-keygen.0 | 2 | ||||
| -rw-r--r-- | ssh-keyscan.0 | 2 | ||||
| -rw-r--r-- | ssh-keysign.0 | 2 | ||||
| -rw-r--r-- | ssh-pkcs11-helper.0 | 2 | ||||
| -rw-r--r-- | ssh-pkcs11.c | 6 | ||||
| -rw-r--r-- | ssh.0 | 2 | ||||
| -rw-r--r-- | ssh_config.0 | 2 | ||||
| -rw-r--r-- | sshd.0 | 2 | ||||
| -rw-r--r-- | sshd_config.0 | 2 | ||||
| -rw-r--r-- | version.h | 2 |
22 files changed, 111 insertions, 1869 deletions
diff --git a/ChangeLog b/ChangeLog index f1d1b37d583c..40ca976a61b3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,36 @@ +commit 9795c4016ae35162072144df032c8b262433b462 +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 19 16:27:12 2023 +1000 + + OpenSSH 9.3p2 + +commit bde3635f3c9324bad132cf9ed917813d6abb599e +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 19 16:31:09 2023 +1000 + + update version in README + +commit f673f2f3e5f67099018fc281a6b5fb918142472e +Author: Damien Miller <djm@mindrot.org> +Date: Wed Jul 19 16:31:00 2023 +1000 + + update RPM spec versions + +commit d7790cdce72a1b6982795baa2b4d6f0bdbb0100d +Author: Damien Miller <djm@mindrot.org> +Date: Fri Jul 7 13:30:15 2023 +1000 + + disallow remote addition of FIDO/PKCS11 keys + + Depends on the local client performing the session-bind@openssh.com + operation, so non-OpenSSH local client may circumvent this. + +commit b23fe83f06ee7e721033769cfa03ae840476d280 +Author: Damien Miller <djm@mindrot.org> +Date: Thu Jul 13 12:09:34 2023 +1000 + + terminate pkcs11 process for bad libraries + commit cb30fbdbee869f1ce11f06aa97e1cb8717a0b645 Author: Damien Miller <djm@mindrot.org> Date: Thu Mar 16 08:28:19 2023 +1100 @@ -9402,1837 +9435,3 @@ Date: Mon Jul 19 05:08:54 2021 +0000 reliability on very heavily loaded hosts. OpenBSD-Regress-ID: 4c28a0fce3ea89ebde441d7091464176e9730533 - -commit 7953e1bfce9e76bec41c1331a29bc6cff9d416b8 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Jul 19 13:47:51 2021 +1000 - - Add sshfp-connect.sh file missed in previous. - -commit b75a80fa8369864916d4c93a50576155cad4df03 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 19 03:13:28 2021 +0000 - - upstream: Ensure that all returned SSHFP records for the specified host - - name and hostkey type match instead of only one. While there, simplify the - code somewhat and add some debugging. Based on discussion in bz#3322, ok - djm@. - - OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4 - -commit 1cc1fd095393663cd72ddac927d82c6384c622ba -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 19 02:21:50 2021 +0000 - - upstream: Id sync only, -portable already has this. - - Put dh_set_moduli_file call inside ifdef WITH_OPENSSL. Fixes - build with OPENSSL=no. - - OpenBSD-Commit-ID: af54abbebfb12bcde6219a44d544e18204defb15 - -commit 33abbe2f4153f5ca5c874582f6a7cc91ae167485 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 19 02:46:34 2021 +0000 - - upstream: Add test for host key verification via SSHFP records. This - - requires some external setup to operate so is disabled by default (see - comments in sshfp-connect.sh). - - OpenBSD-Regress-ID: c52c461bd1df3a803d17498917d156ef64512fd9 - -commit f0cd000d8e3afeb0416dce1c711c3d7c28d89bdd -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 19 02:29:28 2021 +0000 - - upstream: Add ed25519 key and test SSHFP export of it. Only test - - RSA SSHFP export if we have RSA functionality compiled in. - - OpenBSD-Regress-ID: b4ff5181b8c9a5862e7f0ecdd96108622333a9af - -commit 0075511e27e5394faa28edca02bfbf13b9a6693e -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 19 00:16:26 2021 +0000 - - upstream: Group keygen tests together. - - OpenBSD-Regress-ID: 07e2d25c527bb44f03b7c329d893a1f2d6c5c40c - -commit 034828820c7e62652e7c48f9ee6b67fb7ba6fa26 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Sun Jul 18 23:10:10 2021 +0000 - - upstream: Add test for ssh-keygen printing of SSHFP records. - - OpenBSD-Regress-ID: fde9566b56eeb980e149bbe157a884838507c46b - -commit 52c3b6985ef1d5dadb4c4fe212f8b3a78ca96812 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Jul 17 00:38:11 2021 +0000 - - upstream: wrap some long lines - - OpenBSD-Commit-ID: 4f5186b1466656762dae37d3e569438d900c350d - -commit 43ec991a782791d0b3f42898cd789f99a07bfaa4 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Jul 17 00:36:53 2021 +0000 - - upstream: fix sftp on ControlPersist connections, broken by recent - - SessionType change; spotted by sthen@ - - OpenBSD-Commit-ID: 4c5ddc5698790ae6ff50d2a4f8f832f0eeeaa234 - -commit 073f45c236550f158c9a94003e4611c07dea5279 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 16 09:00:23 2021 +0000 - - upstream: Explicitly check for and start time-based rekeying in the - - client and server mainloops. - - Previously the rekey timeout could expire but rekeying would not start - until a packet was sent or received. This could cause us to spin in - select() on the rekey timeout if the connection was quiet. - - ok markus@ - - OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987 - -commit ef7c4e52d5d840607f9ca3a302a4cbb81053eccf -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Wed Jul 14 06:46:38 2021 +0000 - - upstream: reorder SessionType; ok djm - - OpenBSD-Commit-ID: c7dd0b39e942b1caf4976a0b1cf0fed33d05418c - -commit 8aa2f9aeb56506dca996d68ab90ab9c0bebd7ec3 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Jul 14 11:26:50 2021 +1000 - - Make whitespace consistent. - -commit 4f4297ee9b8a39f4dfd243a74c5f51f9e7a05723 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Jul 14 11:26:12 2021 +1000 - - Add ARM64 Linux self-hosted runner. - -commit eda8909d1b0a85b9c3804a04d03ec6738fd9dc7f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jul 13 23:48:36 2021 +0000 - - upstream: add a SessionType directive to ssh_config, allowing the - - configuration file to offer equivalent control to the -N (no session) and -s - (subsystem) command-line flags. - - Part of GHPR#231 by Volker Diels-Grabsch with some minor tweaks; - feedback and ok dtucker@ - - OpenBSD-Commit-ID: 726ee931dd4c5cc7f1d7a187b26f41257f9a2d12 - -commit 7ae69f2628e338ba6e0eae7ee8a63bcf8fea7538 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Jul 12 02:12:22 2021 +0000 - - upstream: fix some broken tests; clean up output - - OpenBSD-Regress-ID: 1d5038edb511dc4ce1622344c1e724626a253566 - -commit f5fc6a4c3404bbf65c21ca6361853b33d78aa87e -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Jul 12 18:00:05 2021 +1000 - - Add configure-time detection for SSH_TIME_T_MAX. - - Should fix printing cert times exceeding INT_MAX (bz#3329) on platforms - were time_t is a long long. The limit used is for the signed type, so if - some system has a 32bit unsigned time_t then the lower limit will still - be imposed and we would need to add some way to detect this. Anyone using - an unsigned 64bit can let us know when it starts being a problem. - -commit fd2d06ae4442820429d634c0a8bae11c8e40c174 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 12 06:22:57 2021 +0000 - - upstream: Make limit for time_t test unconditional in the - - format_absolute_time fix for bz#3329 that allows printing of timestamps past - INT_MAX. This was incorrectly included with the previous commit. Based on - discussion with djm@. - - OpenBSD-Commit-ID: 835936f6837c86504b07cabb596b613600cf0f6e - -commit 6c29b387cd64a57b0ec8ae7d2c8d02789d88fcc3 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 12 06:08:57 2021 +0000 - - upstream: Use existing format_absolute_time() function when - - printing cert validity instead of doing it inline. Part of bz#3329. - - OpenBSD-Commit-ID: a13d4e3c4f59644c23745eb02a09b2a4e717c00c - -commit 99981d5f8bfa383791afea03f6bce8454e96e323 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jul 9 09:55:56 2021 +0000 - - upstream: silence redundant error message; reported by Fabian Stelzer - - OpenBSD-Commit-ID: 9349a703016579a60557dafd03af2fe1d44e6aa2 - -commit e86097813419b49d5bff5c4b51d1c3a5d4d2d804 -Author: John Ericson <John.Ericson@Obsidian.Systems> -Date: Sat Dec 26 11:40:49 2020 -0500 - - Re-indent krb5 section after pkg-config addition. - -commit 32dd2daa56c294e40ff7efea482c9eac536d8cbb -Author: John Ericson <John.Ericson@Obsidian.Systems> -Date: Sat Dec 26 11:40:49 2020 -0500 - - Support finding Kerberos via pkg-config - - This makes cross compilation easier. - -commit def7a72234d7e4f684d72d33a0f7229f9eee0aa4 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jul 9 14:34:06 2021 +1000 - - Update comments about EGD to include prngd. - -commit b5d23150b4e3368f4983fd169d432c07afeee45a -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 5 01:21:07 2021 +0000 - - upstream: Fix a couple of whitespace things. Portable already has - - these so this removes two diffs between the two. - - OpenBSD-Commit-ID: 769f017ebafd8e741e337b3e9e89eb5ac73c9c56 - -commit 8f57be9f279b8e905f9883066aa633c7e67b31cf -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 5 01:16:46 2021 +0000 - - upstream: Order includes as per style(9). Portable already has - - these so this removes a handful of diffs between the two. - - OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77 - -commit b75624f8733b3ed9e240f86cac5d4a39dae11848 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon Jul 5 00:50:25 2021 +0000 - - upstream: Remove comment referencing now-removed - - RhostsRSAAuthentication. ok djm@ - - OpenBSD-Commit-ID: 3d864bfbd99a1d4429a58e301688f3be464827a9 - -commit b67eb12f013c5441bb4f0893a97533582ad4eb13 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Jul 5 00:25:42 2021 +0000 - - upstream: allow spaces to appear in usernames for local to remote, - - and scp -3 remote to remote copies. with & ok dtucker bz#1164 - - OpenBSD-Commit-ID: e9b550f3a85ffbb079b6720833da31317901d6dd - -commit 8c4ef0943e574f614fc7c6c7e427fd81ee64ab87 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jul 2 07:20:44 2021 +0000 - - upstream: Remove obsolete comments about SSHv1 auth methods. ok - - djm@ - - OpenBSD-Commit-ID: 6060f70966f362d8eb4bec3da2f6c4712fbfb98f - -commit 88908c9b61bcb99f16e8d398fc41e2b3b4be2003 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 23:00:19 2021 +1000 - - Remove reference to ChallengeResponse. - - challenge_response_authentication was removed from the struct, keeping - kbd_interactive_authentication. - -commit 321874416d610ad2158ce6112f094a4862c2e37f -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 20:38:09 2021 +1000 - - Move signal.h up include order to match upstream. - -commit 4fa83e2d0e32c2dd758653e0359984bbf1334f32 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 20:36:06 2021 +1000 - - Remove old OpenBSD version marker. - - Looks like an accidental leftover from a sync. - -commit 9d5e31f55d5f3899b72645bac41a932d298ad73b -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 20:34:19 2021 +1000 - - Remove duplicate error on error path. - - There's an extra error() call on the listen error path, it looks like - its removal was missed during an upstream sync. - -commit 888c459925c7478ce22ff206c9ac1fb812a40caf -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 20:32:46 2021 +1000 - - Remove some whitespace not in upstream. - - Reduces diff vs OpenBSD by a small amount. - -commit 4d2d4d47a18d93f3e0a91a241a6fdb545bbf7dc2 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 19:27:43 2021 +1000 - - Replace remaining references to ChallengeResponse. - - Portable had a few additional references to ChallengeResponse related to - UsePAM, replaces these with equivalent keyboard-interactive ones. - -commit 53237ac789183946dac6dcb8838bc3b6b9b43be1 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 19:23:28 2021 +1000 - - Sync remaining ChallengeResponse removal. - - These were omitted from commit 88868fd131. - -commit 2c9e4b319f7e98744b188b0f58859d431def343b -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Jul 3 19:17:31 2021 +1000 - - Disable rocky84 to figure out why agent test fails - -commit bfe19197a92b7916f64a121fbd3c179abf15e218 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jul 2 15:43:28 2021 +1000 - - Remove now-unused SSHv1 enums. - - sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options - and are no longer used. - -commit c73b02d92d72458a5312bd098f32ce88868fd131 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jul 2 05:11:20 2021 +0000 - - upstream: Remove references to ChallengeResponseAuthentication in - - favour of KbdInteractiveAuthentication. The former is what was in SSHv1, the - latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but - not entirely equivalent. We retain the old name as deprecated alias so - config files continue to work and a reference in the man page for people - looking for it. - - Prompted by bz#3303 which pointed out the discrepancy between the two - when used with Match. Man page help & ok jmc@, with & ok djm@ - - OpenBSD-Commit-ID: 2c1bff8e5c9852cfcdab1f3ea94dfef5a22f3b7e - -commit f841fc9c8c7568a3b5d84a4cc0cefacb7dbc16b9 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jul 2 15:20:32 2021 +1000 - - Fix ifdefs around get_random_bytes_prngd. - - get_random_bytes_prngd() is used if either of PRNGD_PORT or PRNGD_SOCKET - are defined, so adjust ifdef accordingly. - -commit 0767627cf66574484b9c0834500b42ea04fe528a -Author: Damien Miller <djm@mindrot.org> -Date: Fri Jul 2 14:30:23 2021 +1000 - - wrap get_random_bytes_prngd() in ifdef - - avoid unused static function warning - -commit f93fdc4de158386efe1116bd44c5b3f4a7a82c25 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Jun 28 13:06:37 2021 +1000 - - Add rocky84 test target. - -commit d443006c0ddfa7f6a5bd9c0ae92036f3d5f2fa3b -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 25 06:30:22 2021 +0000 - - upstream: fix decoding of X.509 subject name; from Leif Thuresson - - via bz3327 ok markus@ - - OpenBSD-Commit-ID: 0ea2e28f39750dd388b7e317bc43dd997a217ae8 - -commit 2a5704ec142202d387fda2d6872fd4715ab81347 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jun 25 06:20:39 2021 +0000 - - upstream: Use better language to refer to the user. From l1ving - - via github PR#250, ok jmc@ - - OpenBSD-Commit-ID: 07ca3526626996613e128aeddf7748c93c4d6bbf - -commit 4bdf7a04797a0ea1c431a9d54588417c29177d19 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jun 25 03:38:17 2021 +0000 - - upstream: Replace SIGCHLD/notify_pipe kludge with pselect. - - Previously sshd's SIGCHLD handler would wake up select() by writing a - byte to notify_pipe. We can remove this by blocking SIGCHLD, checking - for child terminations then passing the original signal mask through - to pselect. This ensures that the pselect will immediately wake up if - a child terminates between wait()ing on them and the pselect. - - In -portable, for platforms that do not have pselect the kludge is still - there but is hidden behind a pselect interface. - - Based on other changes for bz#2158, ok djm@ - - OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813 - -commit c9f7bba2e6f70b7ac1f5ea190d890cb5162ce127 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jun 25 15:08:18 2021 +1000 - - Move closefrom() to before first malloc. - - When built against tcmalloc, tcmalloc allocates a descriptor for its - internal use, so calling closefrom() afterward causes the descriptor - number to be reused resulting in a corrupted connection. Moving the - closefrom a little earlier should resolve this. From kircherlike at - outlook.com via bz#3321, ok djm@ - -commit 7ebfe4e439853b88997c9cfc2ff703408a1cca92 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jun 18 20:41:45 2021 +1000 - - Put second -lssh in link line for sftp-server. - - When building --without-openssl the recent port-prngd.c change adds - a dependency on atomicio, but since nothing else in sftp-server uses - it, the linker may not find it. Add a second -lssh similar to other - binaries. - -commit e409d7966785cfd9f5970e66a820685c42169717 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jun 18 18:34:08 2021 +1000 - - Try EGD/PRNGD if random device fails. - - When built --without-openssl, try EGD/PRGGD (if configured) as a last - resort before failing. - -commit e43a898043faa3a965dbaa1193cc60e0b479033d -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jun 18 18:32:51 2021 +1000 - - Split EGD/PRNGD interface into its own file. - - This will allow us to use it when building --without-openssl. - -commit acb2887a769a1b1912cfd7067f3ce04fad240260 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Jun 17 21:03:19 2021 +1000 - - Handle GIDs > 2^31 in getgrouplist. - - When compiled in 32bit mode, the getgrouplist implementation may fail - for GIDs greater than LONG_MAX. Analysis and change from ralf.winkel - at tui.com. - -commit 31fac20c941126281b527605b73bff30a8f02edd -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jun 10 09:46:28 2021 +0000 - - upstream: Use $SUDO when reading sshd's pidfile here too. - - OpenBSD-Regress-ID: 6bfb0d455d493f24839034a629c5306f84dbd409 - -commit a3a58acffc8cc527f8fc6729486d34e4c3d27643 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jun 10 09:43:51 2021 +0000 - - upstream: Use $SUDO when reading sshd's pidfile in case it was - - created with a very restrictive umask. This resyncs with -portable. - - OpenBSD-Regress-ID: 07fd2af06df759d4f64b82c59094accca1076a5d - -commit 249ad4ae51cd3bc235e75a4846eccdf8b1416611 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jun 10 09:37:59 2021 +0000 - - upstream: Set umask when creating hostkeys to prevent excessive - - permissions warning. - - OpenBSD-Regress-ID: 382841db0ee28dfef7f7bffbd511803e1b8ab0ef - -commit 9d0892153c005cc65897e9372b01fa66fcbe2842 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jun 10 03:45:31 2021 +0000 - - upstream: Add regress test for SIGHUP restart - - while handling active and unauthenticated clients. Should catch anything - similar to the pselect bug just fixed in sshd.c. - - OpenBSD-Regress-ID: 3b3c19b5e75e43af1ebcb9586875b3ae3a4cac73 - -commit 73f6f191f44440ca3049b9d3c8e5401d10b55097 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Thu Jun 10 03:14:14 2021 +0000 - - upstream: Continue accept loop when pselect - - returns -1, eg if it was interrupted by a signal. This should prevent - the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has - an unauthenticated child and goes on to a blocking read on a notify_pipe. - feedback deraadt@, ok djm@ - - OpenBSD-Commit-ID: 0243c1c5544fca0974dae92cd4079543a3fceaa0 - -commit c785c0ae134a8e8b5c82b2193f64c632a98159e4 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 22:30:27 2021 +0000 - - upstream: test that UserKnownHostsFile correctly accepts multiple - - arguments; would have caught readconf.c r1.356 regression - - OpenBSD-Regress-ID: 71ca54e66c2a0211b04999263e56390b1f323a6a - -commit 1a6f6b08e62c78906a3032e8d9a83e721c84574e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 22:06:12 2021 +0000 - - upstream: fix regression in r1.356: for ssh_config options that - - accepted multiple string arguments, ssh was only recording the first. - Reported by Lucas via bugs@ - - OpenBSD-Commit-ID: 7cbf182f7449bf1cb7c5b4452667dc2b41170d6d - -commit 78e30af3e2b2dd540a341cc827c6b98dd8b0a6de -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 07:40:12 2021 +0000 - - upstream: test argv_split() optional termination on comments - - OpenBSD-Regress-ID: 9fd1c4a27a409897437c010cfd79c54b639a059c - -commit a023138957ea2becf1c7f93fcc42b0aaac6f2b03 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue Jun 8 07:05:27 2021 +0000 - - upstream: Add testcases from bz#3319 for IPQoS and TunnelDevice - - being overridden on the command line. - - OpenBSD-Regress-ID: 801674d5d2d02abd58274a78cab2711f11de14a8 - -commit 660cea10b2cdc11f13ba99c89b1bbb368a4d9ff2 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 06:52:43 2021 +0000 - - upstream: sprinkle some "# comment" at end of configuration lines - - to test comment handling - - OpenBSD-Regress-ID: cb82fbf40bda5c257a9f742c63b1798e5a8fdda7 - -commit acc9c32dcb6def6c7d3688bceb4c0e59bd26b411 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 06:51:47 2021 +0000 - - upstream: more descriptive failure message - - OpenBSD-Regress-ID: 5300f6faf1d9e99c0cd10827b51756c5510e3509 - -commit ce04dd4eae23d1c9cf7c424a702f48ee78573bc1 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Jun 7 01:16:34 2021 +0000 - - upstream: test AuthenticationMethods inside a Match block as well - - as in the main config section - - OpenBSD-Regress-ID: ebe0a686621b7cb8bb003ac520975279c28747f7 - -commit 9018bd821fca17e26e92f7a7e51d9b24cd62f2db -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Jun 7 00:00:50 2021 +0000 - - upstream: prepare for stricter sshd_config parsing that will refuse - - a config that has {Allow,Deny}{Users,Groups} on a line with no subsequent - arguments. Such lines are permitted but are nonsensical noops ATM - - OpenBSD-Regress-ID: ef65463fcbc0bd044e27f3fe400ea56eb4b8f650 - -commit a10f929d1ce80640129fc5b6bc1acd9bf689169e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 07:09:42 2021 +0000 - - upstream: switch sshd_config parsing to argv_split() - - similar to the previous commit, this switches sshd_config parsing to - the newer tokeniser. Config parsing will be a little stricter wrt - quote correctness and directives appearing without arguments. - - feedback and ok markus@ - - tested in snaps for the last five or so days - thanks Theo and those who - caught bugs - - OpenBSD-Commit-ID: 9c4305631d20c2d194661504ce11e1f68b20d93e - -commit ea9e45c89a4822d74a9d97fef8480707d584da4d -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 07:07:15 2021 +0000 - - upstream: Switch ssh_config parsing to use argv_split() - - This fixes a couple of problems with the previous tokeniser, - strdelim() - - 1. strdelim() is permissive wrt accepting '=' characters. This is - intended to allow it to tokenise "Option=value" but because it - cannot keep state, it will incorrectly split "Opt=val=val2". - 2. strdelim() has rudimentry handling of quoted strings, but it - is incomplete and inconsistent. E.g. it doesn't handle escaped - quotes inside a quoted string. - 3. It has no support for stopping on a (unquoted) comment. Because - of this readconf.c r1.343 added chopping of lines at '#', but - this caused a regression because these characters may legitimately - appear inside quoted strings. - - The new tokeniser is stricter is a number of cases, including #1 above - but previously it was also possible for some directives to appear - without arguments. AFAIK these were nonsensical in all cases, and the - new tokeniser refuses to accept them. - - The new code handles quotes much better, permitting quoted space as - well as escaped closing quotes. Finally, comment handling should be - fixed - the tokeniser will terminate only on unquoted # characters. - - feedback & ok markus@ - - tested in snaps for the last five or so days - thanks Theo and those who - caught bugs - - OpenBSD-Commit-ID: dc72fd12af9d5398f4d9e159d671f9269c5b14d5 - -commit d786424986c04d1d375f231fda177c8408e05c3e -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue Jun 8 07:02:46 2021 +0000 - - upstream: Check if IPQoS or TunnelDevice are already set before - - overriding. Prevents values in config files from overriding values supplied - on the command line. bz#3319, ok markus. - - OpenBSD-Commit-ID: f3b08b898c324debb9195e6865d8999406938f74 - -commit aae4b4d3585b9f944d7dbd3c9e5ba0006c55e457 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Jun 8 06:54:40 2021 +0000 - - upstream: Allow argv_split() to optionally terminate tokenisation - - when it encounters an unquoted comment. - - Add some additional utility function for working with argument - vectors, since we'll be switching to using them to parse - ssh/sshd_config shortly. - - ok markus@ as part of a larger diff; tested in snaps - - OpenBSD-Commit-ID: fd9c108cef2f713f24e3bc5848861d221bb3a1ac - -commit da9f9acaac5bab95dca642b48e0c8182b246ab69 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Jun 7 19:19:23 2021 +1000 - - Save logs on failure for upstream test - -commit 76883c60161e5f3808787085a27a8c37f8cc4e08 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Jun 7 14:36:32 2021 +1000 - - Add obsdsnap-i386 upstream test target. - -commit d45b9c63f947ec5ec314696e70281f6afddc0ac3 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon Jun 7 03:38:38 2021 +0000 - - upstream: fix debug message when finding a private key to match a - - certificate being attempted for user authentication. Previously it would - print the certificate's path, whereas it was supposed to be showing the - private key's path. Patch from Alex Sherwin via GHPR247 - - OpenBSD-Commit-ID: d5af3be66d0f22c371dc1fe6195e774a18b2327b - -commit 530739d42f6102668aecd699be0ce59815c1eceb -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Jun 6 11:34:16 2021 +0000 - - upstream: Match host certificates against host public keys, not private - - keys. Allows use of certificates with private keys held in a ssh-agent. - Reported by Miles Zhou in bz3524; ok dtucker@ - - OpenBSD-Commit-ID: 25f5bf70003126d19162862d9eb380bf34bac22a - -commit 4265215d7300901fd7097061c7517688ade82f8e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Jun 6 03:40:39 2021 +0000 - - upstream: Client-side workaround for a bug in OpenSSH 7.4: this release - - allows RSA/SHA2 signatures for public key authentication but fails to - advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these - server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse - to offer valid keys. - - Reported by and based on patch from Gordon Messmer via bz3213, thanks - also for additional analysis by Jakub Jelen. ok dtucker - - OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7 - -commit bda270d7fb8522d43c21a79a4b02a052d7c64de8 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Jun 6 03:17:02 2021 +0000 - - upstream: degrade gracefully if a sftp-server offers the - - limits@openssh.com extension but fails when the client tries to invoke it. - Reported by Hector Martin via bz3318 - - OpenBSD-Commit-ID: bd9d1839c41811616ede4da467e25746fcd9b967 - -commit d345d5811afdc2d6923019b653cdd93c4cc95f76 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sun Jun 6 03:15:39 2021 +0000 - - upstream: the limits@openssh.com extension was incorrectly marked - - as an operation that writes to the filesystem, which made it unavailable in - sftp-server read-only mode. Spotted by Hector Martin via bz3318 - - OpenBSD-Commit-ID: f054465230787e37516c4b57098fc7975e00f067 - -commit 2b71010d9b43d7b8c9ec1bf010beb00d98fa765a -Author: naddy@openbsd.org <naddy@openbsd.org> -Date: Sat Jun 5 13:47:00 2021 +0000 - - upstream: PROTOCOL.certkeys: update reference from IETF draft to - - RFC - - Also fix some typos. - ok djm@ - - OpenBSD-Commit-ID: 5e855b6c5a22b5b13f8ffa3897a868e40d349b44 - -commit aa99b2d9a3e45b943196914e8d8bf086646fdb54 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jun 4 23:41:29 2021 +1000 - - Clear notify_pipe from readset if present. - - Prevents leaking an implementation detail to the caller. - -commit 6de8dadf6b4d0627d35bca0667ca44b1d61c2c6b -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jun 4 23:24:25 2021 +1000 - - space->tabs. - -commit c8677065070ee34c05c7582a9c2f58d8642e552d -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Jun 4 18:39:48 2021 +1000 - - Add pselect implementation for platforms without. - - This is basically the existing notify_pipe kludge from serverloop.c - moved behind a pselect interface. It works by installing a signal - handler that writes to a pipe that the select is watching, then calls - the original handler. - - The select call in serverloop will become pselect soon, at which point the - kludge will be removed from thereand will only exist in the compat layer. - Original code by markus, help from djm. - -commit 7cd7f302d3a072748299f362f9e241d81fcecd26 -Author: Vincent Brillault <vincent.brillault@cern.ch> -Date: Sun May 24 09:15:06 2020 +0200 - - auth_log: dont log partial successes as failures - - By design, 'partial' logins are successful logins, so initially with - authenticated set to 1, for which another authentication is required. As - a result, authenticated is always reset to 0 when partial is set to 1. - However, even if authenticated is 0, those are not failed login - attempts, similarly to attempts with authctxt->postponed set to 1. - -commit e7606919180661edc7f698e6a1b4ef2cfb363ebf -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 4 06:19:07 2021 +0000 - - upstream: The RB_GENERATE_STATIC(3) macro expands to a series of - - function definitions and not a statement, so there should be no semicolon - following them. Patch from Michael Forney - - OpenBSD-Commit-ID: c975dd180580f0bdc0a4d5b7d41ab1f5e9b7bedd - -commit c298c4da574ab92df2f051561aeb3e106b0ec954 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 4 05:59:18 2021 +0000 - - upstream: rework authorized_keys example section, removing irrelevant - - stuff, de-wrapping the example lines and better aligning the examples with - common usage and FAQs; ok jmc - - OpenBSD-Commit-ID: d59f1c9281f828148e2a2e49eb9629266803b75c - -commit d9cb35bbec5f623589d7c58fc094817b33030f35 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 4 05:10:03 2021 +0000 - - upstream: adjust SetEnv description to clarify $TERM handling - - OpenBSD-Commit-ID: 8b8cc0124856bc1094949d55615e5c44390bcb22 - -commit 771f57a8626709f2ad207058efd68fbf30d31553 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Jun 4 05:09:08 2021 +0000 - - upstream: Switch the listening select loop from select() to - - pselect() and mask signals while checking signal flags, umasking for pselect - and restoring afterwards. Also restore signals before sighup_restart so they - don't remain blocked after restart. - - This prevents a race where a SIGTERM or SIGHUP can arrive between - checking the flag and calling select (eg if sshd is processing a - new connection) resulting in sshd not shutting down until the next - time it receives a new connection. bz#2158, with & ok djm@ - - OpenBSD-Commit-ID: bf85bf880fd78e00d7478657644fcda97b9a936f - -commit f64f8c00d158acc1359b8a096835849b23aa2e86 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 4 05:02:40 2021 +0000 - - upstream: allow ssh_config SetEnv to override $TERM, which is otherwise - - handled specially by the protocol. Useful in ~/.ssh/config to set TERM to - something generic (e.g. "xterm" instead of "xterm-256color") for destinations - that lack terminfo entries. feedback and ok dtucker@ - - OpenBSD-Commit-ID: 38b1ef4d5bc159c7d9d589d05e3017433e2d5758 - -commit 60107677dc0ce1e93c61f23c433ad54687fcd9f5 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Jun 4 04:02:21 2021 +0000 - - upstream: correct extension name "no-presence-required" => - - "no-touch-required" - - document "verify-required" option - - OpenBSD-Commit-ID: 1879ff4062cf61d79b515e433aff0bf49a6c55c5 - -commit ecc186e46e3e30f27539b4311366dfda502f0a08 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Jun 2 13:54:11 2021 +1000 - - Retire fbsd7 test target. - - It's the slowest of the selfhosted targets (since it's 32bit but has - most of the crypto algos). We still have coverage for 32bit i386. - -commit 5de0867b822ec48b5eec9abde0f5f95d1d646546 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Jun 2 11:21:40 2021 +1000 - - Check for $OPENSSL in md5 fallback too. - -commit 1db69d1b6542f8419c04cee7fd523a4a11004be2 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Jun 2 11:17:54 2021 +1000 - - Add dfly60 target. - -commit a3f2dd955f1c19cad387a139f0e719af346ca6ef -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed Jun 2 00:17:45 2021 +0000 - - upstream: Merge back shell portability changes - - bringing it back in sync with -portable. - - OpenBSD-Regress-ID: c07905ba931e66ad7d849b87b7d19648007175d1 - -commit 9d482295c9f073e84d75af46b720a1c0f7ec2867 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue Jun 1 23:56:20 2021 +0000 - - upstream: Use a default value for $OPENSSL, - - allowing it to be overridden. Do the same in the PuTTY tests since it's - needed there and not exported by test-exec.sh. - - OpenBSD-Regress-ID: c49dcd6aa7602a8606b7afa192196ca1fa65de16 - -commit 07660b3c99f8ea74ddf4a440e55c16c9f7fb3dd1 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon May 24 10:25:18 2021 +0000 - - upstream: Find openssl binary via environment variable. This - - allows overriding if necessary (eg in -portable where we're testing against a - specific version of OpenSSL). - - OpenBSD-Regress-ID: 491f39cae9e762c71aa4bf045803d077139815c5 - -commit 1a4d1da9188d7c88f646b61f0d6a3b34f47c5439 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 21 04:03:47 2021 +0000 - - upstream: fix memleak in test - - OpenBSD-Regress-ID: 5e529d0982aa04666604936df43242e97a7a6f81 - -commit 60455a5d98065a73ec9a1f303345856bbd49aecc -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 21 03:59:01 2021 +0000 - - upstream: also check contents of remaining string - - OpenBSD-Regress-ID: d526fa07253f4eebbc7d6205a0ab3d491ec71a28 - -commit 39f6cd207851d7b67ca46903bfce4a9f615b5b1c -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 21 03:48:07 2021 +0000 - - upstream: unit test for misc.c:strdelim() that mostly servces to - - highlight its inconsistencies - - OpenBSD-Regress-ID: 8d2bf970fcc01ccc6e36a5065f89b9c7fa934195 - -commit 7a3a1dd2c7d4461962acbcc0ebee9445ba892be0 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu May 27 21:23:15 2021 +1000 - - Put minix3 config in the host-specific block. - -commit 59a194825f12fff8a7f75d91bf751ea17645711b -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 31 06:48:42 2021 +0000 - - upstream: Hash challenge supplied by client during FIDO key enrollment - - prior to passing it to libfido2, which does expect a hash. - - There is no effect for users who are simply generating FIDO keys using - ssh-keygen - by default we generate a random 256 bit challenge, but - people building attestation workflows around our tools should now have - a more consistent experience (esp. fewer failures when they fail to - guess the magic 32-byte challenge length requirement). - - ok markus@ - - OpenBSD-Commit-ID: b8d5363a6a7ca3b23dc28f3ca69470472959f2b5 - -commit eb68e669bc8ab968d4cca5bf1357baca7136a826 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu May 27 21:14:15 2021 +1000 - - Include login_cap.h for login_getpwclass override. - - On minix3, login_getpwclass is __RENAME'ed to __login_getpwclass50 so - without this the include overriding login_getpwclass causes a compile - error. - -commit 2063af71422501b65c7a92a5e14c0e6a3799ed89 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu May 27 21:13:38 2021 +1000 - - Add minix3 test target. - -commit 2e1efcfd9f94352ca5f4b6958af8a454f8cf48cd -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed May 26 01:47:24 2021 +0000 - - upstream: fix SEGV in UpdateHostkeys debug() message, triggered - - when the update removed more host keys than remain present. Fix tested by - reporter James Cook, via bugs@ - - OpenBSD-Commit-ID: 44f641f6ee02bb957f0c1d150495b60cf7b869d3 - -commit 9acd76e6e4d2b519773e7119c33cf77f09534909 -Author: naddy@openbsd.org <naddy@openbsd.org> -Date: Sun May 23 18:22:57 2021 +0000 - - upstream: ssh: The client configuration keyword is - - "hostbasedacceptedalgorithms" - - This fixes a mistake that slipped in when "HostbasedKeyTypes" was - renamed to "HostbasedAcceptedAlgorithms". - - Bug report by zack@philomathiclife.com - - OpenBSD-Commit-ID: d745a7e8e50b2589fc56877f322ea204bc784f38 - -commit 078a0e60c92700da4c536c93c007257828ccd05b -Author: Darren Tucker <dtucker@dtucker.net> -Date: Tue May 25 11:40:47 2021 +1000 - - Rename README.md to ci-status.md. - - The original intent was to provide a status page for the CIs configured - in that directory, but it had the side effect of replacing the top-level - README.md. - -commit 7be4ac813662f68e89f23c50de058a49aa32f7e4 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed May 19 01:24:05 2021 +0000 - - upstream: restore blocking status on stdio fds before close - - ssh(1) needs to set file descriptors to non-blocking mode to operate - but it was not restoring the original state on exit. This could cause - problems with fds shared with other programs via the shell, e.g. - - > $ cat > test.sh << _EOF - > #!/bin/sh - > { - > ssh -Fnone -oLogLevel=verbose ::1 hostname - > cat /usr/share/dict/words - > } | sleep 10 - > _EOF - > $ ./test.sh - > Authenticated to ::1 ([::1]:22). - > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds - > Bytes per second: sent 44338.9, received 55197.4 - > cat: stdout: Resource temporarily unavailable - - This restores the blocking status for fds 0,1,2 (stdio) before ssh(1) - abandons/closes them. - - This was reported as bz3280 and GHPR246; ok dtucker@ - - OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce - -commit c4902e1a653c67fea850ec99c7537f358904c0af -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 17 11:43:16 2021 +0000 - - upstream: fix breakage of -W forwaring introduced in 1.554; reported by - - naddy@ and sthen@, ok sthen@ - - OpenBSD-Commit-ID: f72558e643a26dc4150cff6e5097b5502f6c85fd - -commit afea01381ad1fcea1543b133040f75f7542257e6 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Mon May 17 07:22:45 2021 +0000 - - upstream: Regenerate moduli. - - OpenBSD-Commit-ID: 83c93a2a07c584c347ac6114d6329b18ce515557 - -commit be2866d6207b090615ff083c9ef212b603816a56 -Author: Damien Miller <djm@mindrot.org> -Date: Mon May 17 09:40:23 2021 +1000 - - Handle Android libc returning NULL pw->pw_passwd - - Reported by Luke Dashjr - -commit 5953c143008259d87342fb5155bd0b8835ba88e5 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 14 05:20:32 2021 +0000 - - upstream: fix previous: test saved no_shell_flag, not the one that just - - got clobbered - - OpenBSD-Commit-ID: b8deace085d9d941b2d02f810243b9c302e5355d - -commit 1e9fa55f4dc4b334651d569d3448aaa3841f736f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 14 03:09:48 2021 +0000 - - upstream: Fix ssh started with ControlPersist incorrectly executing a - - shell when the -N (no shell) option was specified. bz3290 reported by Richard - Schwab; patch from markus@ ok me - - OpenBSD-Commit-ID: ea1ea4af16a95687302f7690bdbe36a6aabf87e1 - -commit d1320c492f655d8f5baef8c93899d79dded217a5 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Wed May 12 11:34:30 2021 +0000 - - upstream: Clarify language about moduli. While both ends of the - - connection do need to use the same parameters (ie groups), the DH-GEX - protocol takes care of that and both ends do not need the same contents in - the moduli file, which is what the previous text suggested. ok djm@ jmc@ - - OpenBSD-Commit-ID: f0c18cc8e79c2fbf537a432a9070ed94e96a622a - -commit d3cc4d650ce3e59f3e370b101778b0e8f1c02c4d -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 7 04:11:51 2021 +0000 - - upstream: include pid in LogVerbose spam - - OpenBSD-Commit-ID: aacb86f96ee90c7cb84ec27452374285f89a7f00 - -commit e3c032333be5fdbbaf2751f6f478e044922b4ec4 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 7 03:09:38 2021 +0000 - - upstream: don't sigdie() in signal handler in privsep child process; - - this can end up causing sandbox violations per bz3286; ok dtucker@ - - OpenBSD-Commit-ID: a7f40b2141dca4287920da68ede812bff7ccfdda - -commit a4039724a3f2abac810735fc95cf9114a3856049 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri May 7 09:23:40 2021 +0000 - - upstream: Increase ConnectionAttempts from 4 to 10 as the tests - - occasionally time out on heavily loaded hosts. - - OpenBSD-Regress-ID: 29a8cdef354fc9da471a301f7f65184770434f3a - -commit c0d7e36e979fa3cdb60f5dcb6ac9ad3fd018543b -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 7 02:26:55 2021 +0000 - - upstream: dump out a usable private key string too; inspired by Tyson - - Whitehead - - OpenBSD-Regress-ID: 65572d5333801cb2f650ebc778cbdc955e372058 - -commit 24fee8973abdf1c521cd2c0047d89e86d9c3fc38 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri May 7 02:29:40 2021 +0000 - - upstream: correct mistake in spec - the private key blobs are encoded - - verbatim and not as strings (i.e. no 4-byte length header) - - OpenBSD-Commit-ID: 3606b5d443d72118c5b76c4af6dd87a5d5a4f837 - -commit f43859159cc62396ad5d080f0b1f2635a67dac02 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue May 4 22:53:52 2021 +0000 - - upstream: Don't pass NULL as a string in debugging as it does not work - - on some platforms in -portable. ok djm@ - - OpenBSD-Commit-ID: 937c892c99aa3c9c272a8ed78fa7c2aba3a44fc9 - -commit ac31aa3c6341905935e75f0539cf4a61bbe99779 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Mon May 3 00:16:45 2021 +0000 - - upstream: more debugging for UpdateHostKeys signature failures - - OpenBSD-Commit-ID: 1ee95f03875e1725df15d5e4bea3e73493d57d36 - -commit 8e32e97e788e0676ce83018a742203614df6a2b3 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat May 1 20:07:47 2021 +1000 - - Add obsd69 test target. - -commit f06893063597c5bb9d9e93f851c4070e77d2fba9 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 30 04:29:53 2021 +0000 - - upstream: a little debugging in the main mux process for status - - confirmation failures in multiplexed sessions - - OpenBSD-Commit-ID: 6e27b87c95176107597035424e1439c3232bcb49 - -commit e65cf00da6bc31e5f54603b7feb7252dc018c033 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Fri Apr 30 04:02:52 2021 +0000 - - upstream: Remove now-unused skey function prototypes leftover from - - skey removal. - - OpenBSD-Commit-ID: 2fc36d519fd37c6f10ce74854c628561555a94c3 - -commit ae5f9b0d5c8126214244ee6b35aae29c21028133 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 29 13:01:50 2021 +1000 - - Wrap sntrup761x25519 inside ifdef. - - From balu.gajjala at gmail.com via bz#3306. - -commit 70a8dc138a6480f85065cdb239915ad4b7f928cf -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 28 14:44:07 2021 +1000 - - Add status badges for Actions-based tests. - -commit 40b59024cc3365815381474cdf4fe423102e391b -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 28 12:22:11 2021 +1000 - - Add obsdsnap (OpenBSD snapshot) test target. - -commit e627067ec8ef9ae8e7a638f4dbac91d52dee3e6d -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 28 11:35:28 2021 +1000 - - Add test building upstream OpenBSD source. - -commit 1b8108ebd12fc4ed0fb39ef94c5ba122558ac373 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Tue Apr 27 14:22:20 2021 +1000 - - Test against OpenSSL 1.1.0h instead of 1.1.0g. - - 1.1.0g requires a perl glob module that's not installed by default. - -commit 9bc20efd39ce8525be33df3ee009f5a4564224f1 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Tue Apr 27 12:37:59 2021 +1000 - - Use the default VM type for libcrypto ver tests. - -commit 9f79e80dc40965c2e73164531250b83b176c1eea -Author: Darren Tucker <dtucker@dtucker.net> -Date: Tue Apr 27 12:24:10 2021 +1000 - - Always build OpenSSL shared. - - This is the default for current versions but we need it to test against - earlier versions. - -commit b3cc9fbdff2782eca79e33e02ac22450dc63bce9 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Tue Apr 27 09:18:02 2021 +1000 - - Fix custom OpenSSL tests. - - Check out specified OpenSSL version. Install custom libcrypto where - configure expects to find it. Remove unneeded OpenSSL config time - options. Older OpenSSL versions were not make -j safe so remove it. - -commit 77532609874a99a19e3e2eb2d1b7fa93aef963bb -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 26 17:18:25 2021 +1000 - - Export CC and CFLAGS for c89 test. - -commit 33f62dfbe865f4de77980ab88774bf1eb5e4e040 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 26 17:13:44 2021 +1000 - - Add c89 here too. - -commit da9d59f526fce58e11cba49cd8eb011dc0bf5677 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 26 15:34:23 2021 +1000 - - Add test against OpenSSL w/out ECC. - -commit 29e194a752359ebf85bf7fce100f23a0477fc4de -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 26 14:49:59 2021 +1000 - - Ensure we can still build with C89. - -commit a38016d369d21df5d35f761f2b67e175e132ba22 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 26 14:29:03 2021 +1000 - - Interop test agains PuTTY. - -commit 095b0307a77be8803768857cc6c0963fa52ed85b -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 26 14:02:03 2021 +1000 - - Support testing against arbitary libcrytpo vers. - - Add tests against various LibreSSL and OpenSSL versions. - -commit b16082aa110fa7128ece2a9037ff420c4a285317 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 26 13:35:44 2021 +1000 - - Add fbsd10 test target. - -commit 2c805f16b24ea37cc051c6018fcb05defab6e57a -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sun Apr 25 14:15:02 2021 +1000 - - Disable compiler hardening on nbsd4. - - The system compiler supports -fstack-protector-all, but using it will - result in an internal compiler error on some files. - -commit 6a5d39305649da5dff1934ee54292ee0cebd579d -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sun Apr 25 13:01:34 2021 +1000 - - Add nbsd3, nbsd4 and nbsd9 test targets. - -commit d1aed05bd2e4ae70f359a394dc60a2d96b88f78c -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Apr 24 22:03:46 2021 +1000 - - Comment out nbsd2 test target for now. - -commit a6b4ec94e5bd5a8a18cd2c9942d829d2e5698837 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Apr 24 17:52:24 2021 +1000 - - Add OPENBSD ORIGINAL marker. - -commit 3737c9f66ee590255546c4b637b6d2be669a11eb -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 19:49:46 2021 +1000 - - Replace "==" (a bashism) with "=". - -commit a116b6f5be17a1dd345b7d54bf8aa3779a28a0df -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 16:34:48 2021 +1000 - - Add nbsd2 test target. - -commit 196bf2a9bb771f45d9b0429cee7d325962233c44 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 14:54:10 2021 +1000 - - Add obsd68 test target. - -commit e3ba6574ed69e8b7af725cf5e8a9edaac04ff077 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 14:53:32 2021 +1000 - - Remove dependency on bash. - -commit db1f9ab8feb838aee9f5b99c6fd3f211355dfdcf -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 14:41:13 2021 +1000 - - Add obsd67 test target. - -commit c039a6bf79192fe1daa9ddcc7c87dd98e258ae7c -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 11:08:23 2021 +1000 - - Re-add macos-11.0 test target. - -commit a6db3a47b56adb76870d59225ffb90a65bc4daf2 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 10:28:28 2021 +1000 - - Add openindiana test target. - -commit 3fe7e73b025c07eda46d78049f1da8ed7dfc0c69 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 23 10:26:35 2021 +1000 - - Test krb5 on Solaris 11 too. - -commit f57fbfe5eb02df1a91f1a237c4d27165afd87c13 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 22 22:27:26 2021 +1000 - - Don't always set SUDO. - - Rely on sourcing configs to set as appropriate. - -commit e428f29402fb6ac140b52f8f12e06ece7bb104a0 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 22 22:26:08 2021 +1000 - - Remove now-unused 2nd arg to configs. - -commit cb4ff640d79b3c736879582139778f016bbb2cd7 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 21 01:08:04 2021 +1000 - - Add win10 test target. - -commit 4457837238072836b2fa3107d603aac809624983 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Tue Apr 20 23:31:29 2021 +1000 - - Add nbsd8 test target. - -commit bd4fba22e14da2fa196009010aabec5a8ba9dd42 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Apr 17 09:55:47 2021 +1000 - - Add obsd51 target. - -commit 9403d0e805c77a5741ea8c3281bbe92558c2f125 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Fri Apr 16 18:14:25 2021 +1000 - - Add fbsd13 target. - -commit e86968280e358e62649d268d41f698d64d0dc9fa -Author: Damien Miller <djm@mindrot.org> -Date: Fri Apr 16 13:55:25 2021 +1000 - - depend - -commit 2fb25ca11e8b281363a2a2a4dec4c497a1475d9a -Author: Damien Miller <djm@mindrot.org> -Date: Fri Apr 16 13:53:02 2021 +1000 - - crank version in README and RPM spec files - -commit b2b60ebab0cb77b5bc02d364d72e13db882f33ae -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Apr 16 03:42:00 2021 +0000 - - upstream: openssh-8.6 - - OpenBSD-Commit-ID: b5f3e133c846127ec114812248bc17eff07c3e19 - -commit faf2b86a46c9281d237bcdec18c99e94a4eb820a -Author: markus@openbsd.org <markus@openbsd.org> -Date: Thu Apr 15 16:24:31 2021 +0000 - - upstream: do not pass file/func to monitor; noted by Ilja van Sprundel; - - ok djm@ - - OpenBSD-Commit-ID: 85ae5c063845c410283cbdce685515dcd19479fa - -commit 2dc328023f60212cd29504fc05d849133ae47355 -Author: Damien Miller <djm@mindrot.org> -Date: Wed Apr 14 11:42:55 2021 +1000 - - sshd don't exit on transient read errors - - openssh-8.5 introduced a regression that would cause sshd to exit - because of transient read errors on the network socket (e.g. EINTR, - EAGAIN). Reported by balu.gajjala AT gmail.com via bz3297 - -commit d5d6b7d76d171a2e6861609dcd92e714ee62ad88 -Author: Damien Miller <djm@mindrot.org> -Date: Sat Apr 10 18:45:00 2021 +1000 - - perform report_failed_grab() inline - -commit ea996ce2d023aa3c6d31125e2c3ebda1cb42db8c -Author: Damien Miller <djm@mindrot.org> -Date: Sat Apr 10 18:22:57 2021 +1000 - - dedicated gnome-ssk-askpass3 source - - Compatibility with Wayland requires that we use the gdk_seat_grab() - API for grabbing mouse/keyboard, however these API don't exist in - Gtk+2. - - This branches gnome-ssk-askpass2.c => gnome-ssk-askpass3.c and - makes the changes to use the gdk_seat_grab() instead of grabbing - mouse/focus separately via GDK. - - In the future, we can also use the branched file to avoid some - API that has been soft-deprecated in GTK+3, e.g. gtk_widget_modify_fg - -commit bfa5405da05d906ffd58216eb77c4375b62d64c2 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 8 15:18:15 2021 +1000 - - Ensure valgrind-out exists. - - Normally the regress tests would create it, but running the unit tests - on their own would fail because the directory did not exist. - -commit 1f189181f3ea09a9b08aa866f78843fec800874f -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 8 15:17:19 2021 +1000 - - Pass OBJ to unit test make invocation. - - At least the Valgrind unit tests uses $OBJ. - -commit f42b550c281d28bd19e9dd6ce65069164f3482b0 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 8 14:20:12 2021 +1000 - - Add pattern for valgrind-unit. - -commit 19e534462710e98737478fd9c44768b50c27c4c6 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 8 13:31:08 2021 +1000 - - Run unit tests under valgrind. - - Run a separate build for the unit tests under Valgrind. They take long - enough that running in parallel with the other Valgrind tests helps. - -commit 80032102d05e866dc2a48a5caf760cf42c2e090e -Author: Darren Tucker <dtucker@dtucker.net> -Date: Thu Apr 8 13:25:57 2021 +1000 - - ifdef out MIN and MAX. - - In -portable, defines.h ensures that these are defined, so redefining - potentially causes a warning. We don't just delete it to make any - future code syncs a little but easier. bz#3293. - -commit d1bd184046bc310c405f45da3614a1dc5b3e521a -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 7 10:23:51 2021 +1000 - - Remove only use of warn(). - - The warn() function is only used in one place in portable and does not - exist upstream. Upgrade the only instance it's used to fail() - (the privsep/sandbox+proxyconnect, from back when that was new) and - remove the now-unused function. - -commit fea8f4b1aa85026ad5aee5ad8e1599a8d5141fe0 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 7 10:18:32 2021 +1000 - - Move make_tmpdir() into portable-specific area. - - Reduces diff vs OpenBSD and makes it more likely diffs will apply - cleanly. - -commit 13e5fa2acffd26e754c6ee1d070d0afd035d4cb7 -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue Apr 6 23:57:56 2021 +0000 - - upstream: Add TEST_SSH_ELAPSED_TIMES environment variable to print the - - elapsed time in seconds of each test. This depends on "date +%s" which is - not specified by POSIX but is commonly implemented. - - OpenBSD-Regress-ID: ec3c8c19ff49b2192116a0a646ee7c9b944e8a9c - -commit ef4f46ab4387bb863b471bad124d46e8d911a79a -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 7 09:59:15 2021 +1000 - - Move the TEST_SSH_PORT section down a bit. - - This groups the portable-specific changes together and makes it a - little more likely that patches will apply cleanly. - -commit 3674e33fa70dfa1fe69b345bf576113af7b7be11 -Author: Darren Tucker <dtucker@dtucker.net> -Date: Wed Apr 7 10:05:10 2021 +1000 - - Further split Valgrind tests. - - Even split in two, the Valgrind tests take by far the longest to run, - so split them four ways to further increase parallelism. - -commit 961af266b861e30fce1e26170ee0dbb5bf591f29 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Apr 6 23:24:30 2021 +0000 - - upstream: include "ssherr.h" not <ssherr.h>; from Balu Gajjala via - - bz#3292 - - OpenBSD-Commit-ID: e9535cd9966eb2e69e73d1ede1f44905c30310bd - -commit e7d0a285dbdd65d8df16123ad90f15e91862f959 -Author: Damien Miller <djm@mindrot.org> -Date: Wed Apr 7 08:50:38 2021 +1000 - - wrap struct rlimit in HAVE_GETRLIMIT too - -commit f283a6c2e0a9bd9369e18462acd00be56fbe5b0d -Author: Damien Miller <djm@mindrot.org> -Date: Wed Apr 7 08:20:35 2021 +1000 - - wrap getrlimit call in HAVE_GETRLIMIT; bz3291 - -commit 679bdc4a5c9244f427a7aee9c14b0a0ed086da1f -Author: dtucker@openbsd.org <dtucker@openbsd.org> -Date: Tue Apr 6 09:07:33 2021 +0000 - - upstream: Don't check return value of unsetenv(). It's part of the - - environment setup and not part of the actual test, and some platforms - -portable runs on declare it as returning void, which prevents the test from - compiling. - - OpenBSD-Regress-ID: 24f08543ee3cdebc404f2951f3e388cc82b844a1 - -commit 320af2f3de6333aa123f1b088eca146a245e968a -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Sun Apr 4 11:36:56 2021 +0000 - - upstream: remove stray inserts; from matthias schmidt - - OpenBSD-Commit-ID: 2c36ebdc54e14bbf1daad70c6a05479a073d5c63 - -commit 801f710953b24dd2f21939171c622eac77c7484d -Author: jmc@openbsd.org <jmc@openbsd.org> -Date: Sun Apr 4 06:11:24 2021 +0000 - - upstream: missing comma; from kawashima james - - OpenBSD-Commit-ID: 31cec6bf26c6db4ffefc8a070715ebef274e68ea - -commit b3ca08cb174266884d44ec710a84cd64c12414ea -Author: Darren Tucker <dtucker@dtucker.net> -Date: Mon Apr 5 23:46:42 2021 +1000 - - Install libcbor with libfido2. - -commit f3ca8af87a4c32ada660da12ae95cf03d190c083 -Author: Damien Miller <djm@mindrot.org> -Date: Sat Apr 3 18:21:08 2021 +1100 - - enable authopt and misc unit tests - - Neither were wired into the build, both required some build - adaptations for -portable - -commit dc1b45841fb97e3d7f655ddbcfef3839735cae5f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 06:58:30 2021 +0000 - - upstream: typos in comments; GHPR#180 from Vill - - =?UTF-8?q?e=20Skytt=C3=A4?= - MIME-Version: 1.0 - Content-Type: text/plain; charset=UTF-8 - Content-Transfer-Encoding: 8bit - - OpenBSD-Commit-ID: 93c732381ae0e2b680c79e67c40c1814b7ceed2c - -commit 53ea05e09b04fd7b6dea66b42b34d65fe61b9636 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 06:55:52 2021 +0000 - - upstream: sync CASignatureAlgorithms lists with reality. GHPR#174 from - - Matt Hazinski - - OpenBSD-Commit-ID: f05e4ca54d7e67b90fe58fe1bdb1d2a37e0e2696 - -commit 57ed647ee07bb883a2f2264231bcd1df6a5b9392 -Author: Damien Miller <djm@mindrot.org> -Date: Sat Apr 3 17:47:37 2021 +1100 - - polish whitespace for portable files - -commit 31d8d231eb9377df474746a822d380c5d68d7ad6 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 06:18:40 2021 +0000 - - upstream: highly polished whitespace, mostly fixing spaces-for-tab - - and bad indentation on continuation lines. Prompted by GHPR#185 - - OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9 - -commit 34afde5c73b5570d6f8cce9b49993b23b77bfb86 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 05:54:14 2021 +0000 - - upstream: whitespace (tab after space) - - OpenBSD-Commit-ID: 0e2b3f7674e985d3f7c27ff5028e690ba1c2efd4 - -commit 7cd262c1c5a08cc7f4f30e3cab108ef089d0a57b -Author: Darren Tucker <dtucker@dtucker.net> -Date: Sat Apr 3 16:59:10 2021 +1100 - - Save config.h and config.log on failure too. - -commit 460aee9298f365357e9fd26851c22e0dca51fd6a -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 05:46:41 2021 +0000 - - upstream: fix incorrect plural; from Ville Skyt - - =?UTF-8?q?t=C3=A4=20via=20GHPR#181?= - MIME-Version: 1.0 - Content-Type: text/plain; charset=UTF-8 - Content-Transfer-Encoding: 8bit - - OpenBSD-Commit-ID: 92f31754c6296d8f403d7c293e09dc27292d22c9 - -commit 082804c14e548cada75c81003a3c68ee098138ee -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 05:40:39 2021 +0000 - - upstream: ensure that pkcs11_del_provider() is called before exit - - - some PKCS#11 providers get upset if C_Initialize is not matched with - C_Finalize. - - From Adithya Baglody via GHPR#234; ok markus - - OpenBSD-Commit-ID: f8e770e03b416ee9a58f9762e162add900f832b6 - -commit 464ebc82aa926dd132ec75a0b064574ef375675e -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 05:28:43 2021 +0000 - - upstream: unused variable - - OpenBSD-Commit-ID: 85f6a394c8e0f60d15ecddda75176f112007b205 - -commit dc3c0be8208c488e64a8bcb7d9efad98514e0ffb -Author: djm@openbsd.org <djm@openbsd.org> -Date: Sat Apr 3 05:21:46 2021 +0000 - - upstream: Fix two problems in string->argv conversion: 1) multiple - - backslashes were not being dequoted correctly and 2) quoted space in the - middle of a string was being incorrectly split. - MIME-Version: 1.0 - Content-Type: text/plain; charset=UTF-8 - Content-Transfer-Encoding: 8bit - - A unit test for these cases has already been committed - - prompted by and based on GHPR#223 by Eero Häkkinen; ok markus@ - - OpenBSD-Commit-ID: d7ef27abb4eeeaf6e167e9312e4abe9e89faf1e4 - -commit f75bcbba58a08c670727ece5e3f8812125969799 -Author: Damien Miller <djm@mindrot.org> -Date: Sat Apr 3 16:22:48 2021 +1100 - - missing bits from 259d648e - -commit 4cbc4a722873d9b68cb5496304dc050d7168df78 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Mar 31 21:59:26 2021 +0000 - - upstream: cannot effectively test posix-rename extension after - - changes in feature advertisment. - - OpenBSD-Regress-ID: 5e390bf88d379162aaa81b60ed86b34cb0c54d29 - -commit 259d648e63e82ade4fe2c2c73c8b67fe57d9d049 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Mar 19 04:23:50 2021 +0000 - - upstream: add a test for misc.c:argv_split(), currently fails - - OpenBSD-Regress-ID: ad6b96d6ebeb9643b698b3575bdd6f78bb144200 - -commit 473ddfc2d6b602cb2d1d897e0e5c204de145cd9a -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Mar 19 03:25:01 2021 +0000 - - upstream: split - - OpenBSD-Regress-ID: f6c03c0e4c58b3b9e04b161757b8c10dc8378c34 - -commit 1339800fef8d0dfbfeabff71b34670105bcfddd2 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Mar 31 22:16:34 2021 +0000 - - upstream: Use new limits@openssh.com protocol extension to let the - - client select good limits based on what the server supports. Split the - download and upload buffer sizes to allow them to be chosen independently. - - In practice (and assuming upgraded sftp/sftp-server at each end), this - increases the download buffer 32->64KiB and the upload buffer - 32->255KiB. - - Patches from Mike Frysinger; ok dtucker@ - - OpenBSD-Commit-ID: ebd61c80d85b951b794164acc4b2f2fd8e88606c - -commit 6653c61202d104e59c8e741329fcc567f7bc36b8 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Wed Mar 31 21:58:07 2021 +0000 - - upstream: do not advertise protocol extensions that have been - - disallowed by the command-line options (e.g. -p/-P/-R); ok dtucker@ - - OpenBSD-Commit-ID: 3a8a76b3f5131741aca4b41bfab8d101c9926205 - -commit 71241fc05db4bbb11bb29340b44b92e2575373d8 -Author: Damien Miller <djm@mindrot.org> -Date: Mon Mar 29 15:14:25 2021 +1100 - - gnome-ssh-askpass3 is a valid target here - -commit 8a9520836e71830f4fccca066dba73fea3d16bda -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Mar 19 02:22:34 2021 +0000 - - upstream: return non-zero exit status when killed by signal; bz#3281 ok - - dtucker@ - - OpenBSD-Commit-ID: 117b31cf3c807993077b596bd730c24da9e9b816 - -commit 1269b8a686bf1254b03cd38af78167a04aa6ec88 -Author: djm@openbsd.org <djm@openbsd.org> -Date: Fri Mar 19 02:18:28 2021 +0000 - - upstream: increase maximum SSH2_FXP_READ to match the maximum - - packet size. Also handle zero-length reads that are borderline nonsensical - but not explicitly banned by the spec. Based on patch from Mike Frysinger, - feedback deraadt@ ok dtucker@ - - OpenBSD-Commit-ID: 4e67d60d81bde7b84a742b4ee5a34001bdf80d9c - -commit 860b67604416640e8db14f365adc3f840aebcb1f -Author: djm@openbsd.org <djm@openbsd.org> -Date: Tue Mar 16 06:15:43 2021 +0000 - - upstream: don't let logging clobber errno before use - - OpenBSD-Commit-ID: ce6cca370005c270c277c51c111bb6911e1680ec @@ -1,4 +1,4 @@ -See https://www.openssh.com/releasenotes.html#9.3p1 for the release +See https://www.openssh.com/releasenotes.html#9.3p2 for the release notes. Please read https://www.openssh.com/report.html for bug reporting diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index a665aa20bc1f..de60b5c4fb60 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -1,4 +1,4 @@ -%global ver 9.3p1 +%global ver 9.3p2 %global rel 1%{?dist} # OpenSSH privilege separation requires a user & group ID diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 406b7c0b8606..c68c85da0348 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec @@ -13,7 +13,7 @@ Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation Name: openssh -Version: 9.3p1 +Version: 9.3p2 URL: https://www.openssh.com/ Release: 1 Source0: openssh-%{version}.tar.gz @@ -71,4 +71,4 @@ STANDARDS M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006. -OpenBSD 7.2 April 16, 2022 OpenBSD 7.2 +OpenBSD 7.3 April 16, 2022 OpenBSD 7.3 @@ -229,4 +229,4 @@ CAVEATS requires careful quoting of any characters that have special meaning to the remote shell, such as quote characters. -OpenBSD 7.2 December 16, 2022 OpenBSD 7.2 +OpenBSD 7.3 December 16, 2022 OpenBSD 7.3 diff --git a/sftp-server.0 b/sftp-server.0 index b530c5e3f26a..22c307f7980b 100644 --- a/sftp-server.0 +++ b/sftp-server.0 @@ -95,4 +95,4 @@ HISTORY AUTHORS Markus Friedl <markus@openbsd.org> -OpenBSD 7.2 July 27, 2021 OpenBSD 7.2 +OpenBSD 7.3 July 27, 2021 OpenBSD 7.3 @@ -435,4 +435,4 @@ SEE ALSO T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- filexfer-00.txt, January 2001, work in progress material. -OpenBSD 7.2 December 16, 2022 OpenBSD 7.2 +OpenBSD 7.3 December 16, 2022 OpenBSD 7.3 diff --git a/ssh-add.0 b/ssh-add.0 index ac7d079b3bbf..cdd0feb71bf9 100644 --- a/ssh-add.0 +++ b/ssh-add.0 @@ -200,4 +200,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 7.2 February 4, 2022 OpenBSD 7.2 +OpenBSD 7.3 February 4, 2022 OpenBSD 7.3 diff --git a/ssh-agent.0 b/ssh-agent.0 index 2c7b86034725..f56cb4f85081 100644 --- a/ssh-agent.0 +++ b/ssh-agent.0 @@ -40,16 +40,24 @@ DESCRIPTION variable). -O option - Specify an option when starting ssh-agent. Currently only one - option is supported: no-restrict-websafe. This instructs - ssh-agent to permit signatures using FIDO keys that might be web - authentication requests. By default, ssh-agent refuses signature - requests for FIDO keys where the key application string does not - start with M-bM-^@M-^\ssh:M-bM-^@M-^] and when the data to be signed does not appear - to be a ssh(1) user authentication request or a ssh-keygen(1) - signature. The default behaviour prevents forwarded access to a - FIDO key from also implicitly forwarding the ability to - authenticate to websites. + Specify an option when starting ssh-agent. Currently two options + are supported: allow-remote-pkcs11 and no-restrict-websafe. + + The allow-remote-pkcs11 option allows clients of a forwarded + ssh-agent to load PKCS#11 or FIDO provider libraries. By default + only local clients may perform this operation. Note that + signalling that a ssh-agent client remote is performed by ssh(1), + and use of other tools to forward access to the agent socket may + circumvent this restriction. + + The no-restrict-websafe, instructs ssh-agent to permit signatures + using FIDO keys that might be web authentication requests. By + default, ssh-agent refuses signature requests for FIDO keys where + the key application string does not start with M-bM-^@M-^\ssh:M-bM-^@M-^] and when + the data to be signed does not appear to be a ssh(1) user + authentication request or a ssh-keygen(1) signature. The default + behaviour prevents forwarded access to a FIDO key from also + implicitly forwarding the ability to authenticate to websites. -P allowed_providers Specify a pattern-list of acceptable paths for PKCS#11 provider @@ -128,4 +136,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 7.2 October 7, 2022 OpenBSD 7.2 +OpenBSD 7.3 October 7, 2022 OpenBSD 7.3 diff --git a/ssh-agent.1 b/ssh-agent.1 index b0bf65da88ef..97f4cab04d2b 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -107,9 +107,27 @@ environment variable). .It Fl O Ar option Specify an option when starting .Nm . -Currently only one option is supported: +Currently two options are supported: +.Cm allow-remote-pkcs11 +and .Cm no-restrict-websafe . -This instructs +.Pp +The +.Cm allow-remote-pkcs11 +option allows clients of a forwarded +.Nm +to load PKCS#11 or FIDO provider libraries. +By default only local clients may perform this operation. +Note that signalling that a +.Nm +client remote is performed by +.Xr ssh 1 , +and use of other tools to forward access to the agent socket may circumvent +this restriction. +.Pp +The +.Cm no-restrict-websafe , +instructs .Nm to permit signatures using FIDO keys that might be web authentication requests. diff --git a/ssh-agent.c b/ssh-agent.c index 618bb198190e..8ea831f48166 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -169,6 +169,12 @@ char socket_dir[PATH_MAX]; /* Pattern-list of allowed PKCS#11/Security key paths */ static char *allowed_providers; +/* + * Allows PKCS11 providers or SK keys that use non-internal providers to + * be added over a remote connection (identified by session-bind@openssh.com). + */ +static int remote_add_provider; + /* locking */ #define LOCK_SIZE 32 #define LOCK_SALT_SIZE 16 @@ -1228,6 +1234,12 @@ process_add_identity(SocketEntry *e) if (strcasecmp(sk_provider, "internal") == 0) { debug_f("internal provider"); } else { + if (e->nsession_ids != 0 && !remote_add_provider) { + verbose("failed add of SK provider \"%.100s\": " + "remote addition of providers is disabled", + sk_provider); + goto out; + } if (realpath(sk_provider, canonical_provider) == NULL) { verbose("failed provider \"%.100s\": " "realpath: %s", sk_provider, @@ -1391,6 +1403,11 @@ process_add_smartcard_key(SocketEntry *e) error_f("failed to parse constraints"); goto send; } + if (e->nsession_ids != 0 && !remote_add_provider) { + verbose("failed PKCS#11 add of \"%.100s\": remote addition of " + "providers is disabled", provider); + goto send; + } if (realpath(provider, canonical_provider) == NULL) { verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", provider, strerror(errno)); @@ -2050,7 +2067,9 @@ main(int ac, char **av) break; case 'O': if (strcmp(optarg, "no-restrict-websafe") == 0) - restrict_websafe = 0; + restrict_websafe = 0; + else if (strcmp(optarg, "allow-remote-pkcs11") == 0) + remote_add_provider = 1; else fatal("Unknown -O option"); break; diff --git a/ssh-keygen.0 b/ssh-keygen.0 index 86cb91b204dd..4e3d56727b14 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 @@ -907,4 +907,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 7.2 February 10, 2023 OpenBSD 7.2 +OpenBSD 7.3 February 10, 2023 OpenBSD 7.3 diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 index b95235eee86a..ee737884eda7 100644 --- a/ssh-keyscan.0 +++ b/ssh-keyscan.0 @@ -118,4 +118,4 @@ AUTHORS Davison <wayned@users.sourceforge.net> added support for protocol version 2. -OpenBSD 7.2 February 10, 2023 OpenBSD 7.2 +OpenBSD 7.3 February 10, 2023 OpenBSD 7.3 diff --git a/ssh-keysign.0 b/ssh-keysign.0 index f75f12fdfced..71fa63b729a6 100644 --- a/ssh-keysign.0 +++ b/ssh-keysign.0 @@ -49,4 +49,4 @@ HISTORY AUTHORS Markus Friedl <markus@openbsd.org> -OpenBSD 7.2 March 31, 2022 OpenBSD 7.2 +OpenBSD 7.3 March 31, 2022 OpenBSD 7.3 diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0 index 46b357ccb0fb..07f7d666146f 100644 --- a/ssh-pkcs11-helper.0 +++ b/ssh-pkcs11-helper.0 @@ -32,4 +32,4 @@ HISTORY AUTHORS Markus Friedl <markus@openbsd.org> -OpenBSD 7.2 April 29, 2022 OpenBSD 7.2 +OpenBSD 7.3 April 29, 2022 OpenBSD 7.3 diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c index 6be647ec443c..ebddf6c3a250 100644 --- a/ssh-pkcs11.c +++ b/ssh-pkcs11.c @@ -1537,10 +1537,8 @@ pkcs11_register_provider(char *provider_id, char *pin, error("dlopen %s failed: %s", provider_id, dlerror()); goto fail; } - if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) { - error("dlsym(C_GetFunctionList) failed: %s", dlerror()); - goto fail; - } + if ((getfunctionlist = dlsym(handle, "C_GetFunctionList")) == NULL) + fatal("dlsym(C_GetFunctionList) failed: %s", dlerror()); p = xcalloc(1, sizeof(*p)); p->name = xstrdup(provider_id); p->handle = handle; @@ -1015,4 +1015,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 7.2 November 28, 2022 OpenBSD 7.2 +OpenBSD 7.3 November 28, 2022 OpenBSD 7.3 diff --git a/ssh_config.0 b/ssh_config.0 index 9bf5bd00da3a..ef8338d55358 100644 --- a/ssh_config.0 +++ b/ssh_config.0 @@ -1323,4 +1323,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 7.2 March 10, 2023 OpenBSD 7.2 +OpenBSD 7.3 March 10, 2023 OpenBSD 7.3 @@ -683,4 +683,4 @@ AUTHORS versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -OpenBSD 7.2 February 10, 2023 OpenBSD 7.2 +OpenBSD 7.3 February 10, 2023 OpenBSD 7.3 diff --git a/sshd_config.0 b/sshd_config.0 index b2003109309e..51594874f5cc 100644 --- a/sshd_config.0 +++ b/sshd_config.0 @@ -1283,4 +1283,4 @@ AUTHORS versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support for privilege separation. -OpenBSD 7.2 March 3, 2023 OpenBSD 7.2 +OpenBSD 7.3 March 3, 2023 OpenBSD 7.3 diff --git a/version.h b/version.h index 69e76e6344fa..23dae0661d11 100644 --- a/version.h +++ b/version.h @@ -2,5 +2,5 @@ #define SSH_VERSION "OpenSSH_9.3" -#define SSH_PORTABLE "p1" +#define SSH_PORTABLE "p2" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE |