ChangeLog revision 295367
1commit c88ac102f0eb89f2eaa314cb2e2e0ca3c890c443 2Author: Damien Miller <djm@mindrot.org> 3Date: Thu Jan 14 11:08:19 2016 +1100 4 5 bump version numbers 6 7commit 302bc21e6fadacb04b665868cd69b625ef69df90 8Author: Damien Miller <djm@mindrot.org> 9Date: Thu Jan 14 11:04:04 2016 +1100 10 11 openssh-7.1p2 12 13commit 6b33763242c063e4e0593877e835eeb1fd1b60aa 14Author: Damien Miller <djm@mindrot.org> 15Date: Thu Jan 14 11:02:58 2016 +1100 16 17 forcibly disable roaming support in the client 18 19commit 34d364f0d2e1e30a444009f0e04299bb7c94ba13 20Author: djm@openbsd.org <djm@openbsd.org> 21Date: Mon Oct 5 17:11:21 2015 +0000 22 23 upstream commit 24 25 some more bzero->explicit_bzero, from Michael McConville 26 27 Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0 28 29commit 8f5b93026797b9f7fba90d0c717570421ccebbd3 30Author: guenther@openbsd.org <guenther@openbsd.org> 31Date: Fri Sep 11 08:50:04 2015 +0000 32 33 upstream commit 34 35 Use explicit_bzero() when zeroing before free() 36 37 from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) 38 ok millert@ djm@ 39 40 Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50 41 42commit d77148e3a3ef6c29b26ec74331455394581aa257 43Author: djm@openbsd.org <djm@openbsd.org> 44Date: Sun Nov 8 21:59:11 2015 +0000 45 46 upstream commit 47 48 fix OOB read in packet code caused by missing return 49 statement found by Ben Hawkes; ok markus@ deraadt@ 50 51 Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62 52 53commit 076d849e17ab12603627f87b301e2dca71bae518 54Author: Damien Miller <djm@mindrot.org> 55Date: Sat Nov 14 18:44:49 2015 +1100 56 57 read back from libcrypto RAND when privdropping 58 59 makes certain libcrypto implementations cache a /dev/urandom fd 60 in preparation of sandboxing. Based on patch by Greg Hartman. 61 62commit f72adc0150011a28f177617a8456e1f83733099d 63Author: djm@openbsd.org <djm@openbsd.org> 64Date: Sun Dec 13 22:42:23 2015 +0000 65 66 upstream commit 67 68 unbreak connections with peers that set 69 first_kex_follows; fix from Matt Johnston va bz#2515 70 71 Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b 72 73commit 04bd8d019ccd906cac1a2b362517b8505f3759e6 74Author: djm@openbsd.org <djm@openbsd.org> 75Date: Tue Jan 12 23:42:54 2016 +0000 76 77 upstream commit 78 79 use explicit_bzero() more liberally in the buffer code; ok 80 deraadt 81 82 Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf 83 84commit e91346dc2bbf460246df2ab591b7613908c1b0ad 85Author: Damien Miller <djm@mindrot.org> 86Date: Fri Aug 21 14:49:03 2015 +1000 87 88 we don't use Github for issues/pull-requests 89 90commit a4f5b507c708cc3dc2c8dd2d02e4416d7514dc23 91Author: Damien Miller <djm@mindrot.org> 92Date: Fri Aug 21 14:43:55 2015 +1000 93 94 fix URL for connect.c 95 96commit d026a8d3da0f8186598442997c7d0a28e7275414 97Author: Damien Miller <djm@mindrot.org> 98Date: Fri Aug 21 13:47:10 2015 +1000 99 100 update version numbers for 7.1 101 102commit 78f8f589f0ca1c9f41e5a9bae3cda5ce8a6b42ed 103Author: djm@openbsd.org <djm@openbsd.org> 104Date: Fri Aug 21 03:45:26 2015 +0000 105 106 upstream commit 107 108 openssh-7.1 109 110 Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f 111 112commit 32a181980c62fce94f7f9ffaf6a79d90f0c309cf 113Author: djm@openbsd.org <djm@openbsd.org> 114Date: Fri Aug 21 03:42:19 2015 +0000 115 116 upstream commit 117 118 fix inverted logic that broke PermitRootLogin; reported 119 by Mantas Mikulenas; ok markus@ 120 121 Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5 122 123commit ce445b0ed927e45bd5bdce8f836eb353998dd65c 124Author: deraadt@openbsd.org <deraadt@openbsd.org> 125Date: Thu Aug 20 22:32:42 2015 +0000 126 127 upstream commit 128 129 Do not cast result of malloc/calloc/realloc* if stdlib.h 130 is in scope ok krw millert 131 132 Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667 133 134commit 05291e5288704d1a98bacda269eb5a0153599146 135Author: naddy@openbsd.org <naddy@openbsd.org> 136Date: Thu Aug 20 19:20:06 2015 +0000 137 138 upstream commit 139 140 In the certificates section, be consistent about using 141 "host_key" and "user_key" for the respective key types. ok sthen@ deraadt@ 142 143 Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb 144 145commit 8543d4ef6f2e9f98c3e6b77c894ceec30c5e4ae4 146Author: djm@openbsd.org <djm@openbsd.org> 147Date: Wed Aug 19 23:21:42 2015 +0000 148 149 upstream commit 150 151 Better compat matching for WinSCP, add compat matching 152 for FuTTY (fork of PuTTY); ok markus@ deraadt@ 153 154 Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389 155 156commit ec6eda16ebab771aa3dfc90629b41953b999cb1e 157Author: djm@openbsd.org <djm@openbsd.org> 158Date: Wed Aug 19 23:19:01 2015 +0000 159 160 upstream commit 161 162 fix double-free() in error path of DSA key generation 163 reported by Mateusz Kocielski; ok markus@ 164 165 Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c 166 167commit 45b0eb752c94954a6de046bfaaf129e518ad4b5b 168Author: djm@openbsd.org <djm@openbsd.org> 169Date: Wed Aug 19 23:18:26 2015 +0000 170 171 upstream commit 172 173 fix free() of uninitialised pointer reported by Mateusz 174 Kocielski; ok markus@ 175 176 Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663 177 178commit c837643b93509a3ef538cb6624b678c5fe32ff79 179Author: djm@openbsd.org <djm@openbsd.org> 180Date: Wed Aug 19 23:17:51 2015 +0000 181 182 upstream commit 183 184 fixed unlink([uninitialised memory]) reported by Mateusz 185 Kocielski; ok markus@ 186 187 Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109 188 189commit 1f8d3d629cd553031021068eb9c646a5f1e50994 190Author: jmc@openbsd.org <jmc@openbsd.org> 191Date: Fri Aug 14 15:32:41 2015 +0000 192 193 upstream commit 194 195 match myproposal.h order; from brian conway (i snuck in a 196 tweak while here) 197 198 ok dtucker 199 200 Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67 201 202commit 1dc8d93ce69d6565747eb44446ed117187621b26 203Author: deraadt@openbsd.org <deraadt@openbsd.org> 204Date: Thu Aug 6 14:53:21 2015 +0000 205 206 upstream commit 207 208 add prohibit-password as a synonymn for without-password, 209 since the without-password is causing too many questions. Harden it to ban 210 all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from 211 djm, ok markus 212 213 Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a 214 215commit 90a95a4745a531b62b81ce3b025e892bdc434de5 216Author: Damien Miller <djm@mindrot.org> 217Date: Tue Aug 11 13:53:41 2015 +1000 218 219 update version in README 220 221commit 318c37743534b58124f1bab37a8a0087a3a9bd2f 222Author: Damien Miller <djm@mindrot.org> 223Date: Tue Aug 11 13:53:09 2015 +1000 224 225 update versions in *.spec 226 227commit 5e75f5198769056089fb06c4d738ab0e5abc66f7 228Author: Damien Miller <djm@mindrot.org> 229Date: Tue Aug 11 13:34:12 2015 +1000 230 231 set sshpam_ctxt to NULL after free 232 233 Avoids use-after-free in monitor when privsep child is compromised. 234 Reported by Moritz Jodeit; ok dtucker@ 235 236commit d4697fe9a28dab7255c60433e4dd23cf7fce8a8b 237Author: Damien Miller <djm@mindrot.org> 238Date: Tue Aug 11 13:33:24 2015 +1000 239 240 Don't resend username to PAM; it already has it. 241 242 Pointed out by Moritz Jodeit; ok dtucker@ 243 244commit 88763a6c893bf3dfe951ba9271bf09715e8d91ca 245Author: Darren Tucker <dtucker@zip.com.au> 246Date: Mon Jul 27 12:14:25 2015 +1000 247 248 Import updated moduli file from OpenBSD. 249 250commit 55b263fb7cfeacb81aaf1c2036e0394c881637da 251Author: Damien Miller <djm@mindrot.org> 252Date: Mon Aug 10 11:13:44 2015 +1000 253 254 let principals-command.sh work for noexec /var/run 255 256commit 2651e34cd11b1aac3a0fe23b86d8c2ff35c07897 257Author: Damien Miller <djm@mindrot.org> 258Date: Thu Aug 6 11:43:42 2015 +1000 259 260 work around echo -n / sed behaviour in tests 261 262commit d85dad81778c1aa8106acd46930b25fdf0d15b2a 263Author: djm@openbsd.org <djm@openbsd.org> 264Date: Wed Aug 5 05:27:33 2015 +0000 265 266 upstream commit 267 268 adjust for RSA minimum modulus switch; ok deraadt@ 269 270 Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae 271 272commit 57e8e229bad5fe6056b5f1199665f5f7008192c6 273Author: djm@openbsd.org <djm@openbsd.org> 274Date: Tue Aug 4 05:23:06 2015 +0000 275 276 upstream commit 277 278 backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this 279 release; problems spotted by sthen@ ok deraadt@ markus@ 280 281 Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822 282 283commit f097d0ea1e0889ca0fa2e53a00214e43ab7fa22a 284Author: djm@openbsd.org <djm@openbsd.org> 285Date: Sun Aug 2 09:56:42 2015 +0000 286 287 upstream commit 288 289 openssh 7.0; ok deraadt@ 290 291 Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f 292 293commit 3d5728a0f6874ce4efb16913a12963595070f3a9 294Author: chris@openbsd.org <chris@openbsd.org> 295Date: Fri Jul 31 15:38:09 2015 +0000 296 297 upstream commit 298 299 Allow PermitRootLogin to be overridden by config 300 301 ok markus@ deeradt@ 302 303 Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4 304 305commit 6f941396b6835ad18018845f515b0c4fe20be21a 306Author: djm@openbsd.org <djm@openbsd.org> 307Date: Thu Jul 30 23:09:15 2015 +0000 308 309 upstream commit 310 311 fix pty permissions; patch from Nikolay Edigaryev; ok 312 deraadt 313 314 Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550 315 316commit f4373ed1e8fbc7c8ce3fc4ea97d0ba2e0c1d7ef0 317Author: deraadt@openbsd.org <deraadt@openbsd.org> 318Date: Thu Jul 30 19:23:02 2015 +0000 319 320 upstream commit 321 322 change default: PermitRootLogin without-password matching 323 install script changes coming as well ok djm markus 324 325 Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6 326 327commit 0c30ba91f87fcda7e975e6ff8a057f624e87ea1c 328Author: Damien Miller <djm@mindrot.org> 329Date: Thu Jul 30 12:31:39 2015 +1000 330 331 downgrade OOM adjustment logging: verbose -> debug 332 333commit f9eca249d4961f28ae4b09186d7dc91de74b5895 334Author: djm@openbsd.org <djm@openbsd.org> 335Date: Thu Jul 30 00:01:34 2015 +0000 336 337 upstream commit 338 339 Allow ssh_config and sshd_config kex parameters options be 340 prefixed by a '+' to indicate that the specified items be appended to the 341 default rather than replacing it. 342 343 approach suggested by dtucker@, feedback dlg@, ok markus@ 344 345 Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a 346 347commit 5cefe769105a2a2e3ca7479d28d9a325d5ef0163 348Author: djm@openbsd.org <djm@openbsd.org> 349Date: Wed Jul 29 08:34:54 2015 +0000 350 351 upstream commit 352 353 fix bug in previous; was printing incorrect string for 354 failed host key algorithms negotiation 355 356 Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e 357 358commit f319912b0d0e1675b8bb051ed8213792c788bcb2 359Author: djm@openbsd.org <djm@openbsd.org> 360Date: Wed Jul 29 04:43:06 2015 +0000 361 362 upstream commit 363 364 include the peer's offer when logging a failure to 365 negotiate a mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@ 366 367 Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796 368 369commit b6ea0e573042eb85d84defb19227c89eb74cf05a 370Author: djm@openbsd.org <djm@openbsd.org> 371Date: Tue Jul 28 23:20:42 2015 +0000 372 373 upstream commit 374 375 add Cisco to the list of clients that choke on the 376 hostkeys update extension. Pointed out by Howard Kash 377 378 Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84 379 380commit 3f628c7b537291c1019ce86af90756fb4e66d0fd 381Author: guenther@openbsd.org <guenther@openbsd.org> 382Date: Mon Jul 27 16:29:23 2015 +0000 383 384 upstream commit 385 386 Permit kbind(2) use in the sandbox now, to ease testing 387 of ld.so work using it 388 389 reminded by miod@, ok deraadt@ 390 391 Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413 392 393commit ebe27ebe520098bbc0fe58945a87ce8490121edb 394Author: millert@openbsd.org <millert@openbsd.org> 395Date: Mon Jul 20 18:44:12 2015 +0000 396 397 upstream commit 398 399 Move .Pp before .Bl, not after to quiet mandoc -Tlint. 400 Noticed by jmc@ 401 402 Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23 403 404commit d5d91d0da819611167782c66ab629159169d94d4 405Author: millert@openbsd.org <millert@openbsd.org> 406Date: Mon Jul 20 18:42:35 2015 +0000 407 408 upstream commit 409 410 Sync usage with SYNOPSIS 411 412 Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7 413 414commit 79ec2142fbc68dd2ed9688608da355fc0b1ed743 415Author: millert@openbsd.org <millert@openbsd.org> 416Date: Mon Jul 20 15:39:52 2015 +0000 417 418 upstream commit 419 420 Better desciption of Unix domain socket forwarding. 421 bz#2423; ok jmc@ 422 423 Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d 424 425commit d56fd1828074a4031b18b8faa0bf949669eb18a0 426Author: Damien Miller <djm@mindrot.org> 427Date: Mon Jul 20 11:19:51 2015 +1000 428 429 make realpath.c compile -Wsign-compare clean 430 431commit c63c9a691dca26bb7648827f5a13668832948929 432Author: djm@openbsd.org <djm@openbsd.org> 433Date: Mon Jul 20 00:30:01 2015 +0000 434 435 upstream commit 436 437 mention that the default of UseDNS=no implies that 438 hostnames cannot be used for host matching in sshd_config and 439 authorized_keys; bz#2045, ok dtucker@ 440 441 Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1 442 443commit 63ebcd0005e9894fcd6871b7b80aeea1fec0ff76 444Author: djm@openbsd.org <djm@openbsd.org> 445Date: Sat Jul 18 08:02:17 2015 +0000 446 447 upstream commit 448 449 don't ignore PKCS#11 hosted keys that return empty 450 CKA_ID; patch by Jakub Jelen via bz#2429; ok markus 451 452 Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485 453 454commit b15fd989c8c62074397160147a8d5bc34b3f3c63 455Author: djm@openbsd.org <djm@openbsd.org> 456Date: Sat Jul 18 08:00:21 2015 +0000 457 458 upstream commit 459 460 skip uninitialised PKCS#11 slots; patch from Jakub Jelen 461 in bz#2427 ok markus@ 462 463 Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29 464 465commit 5b64f85bb811246c59ebab70aed331f26ba37b18 466Author: djm@openbsd.org <djm@openbsd.org> 467Date: Sat Jul 18 07:57:14 2015 +0000 468 469 upstream commit 470 471 only query each keyboard-interactive device once per 472 authentication request regardless of how many times it is listed; ok markus@ 473 474 Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1 475 476commit cd7324d0667794eb5c236d8a4e0f236251babc2d 477Author: djm@openbsd.org <djm@openbsd.org> 478Date: Fri Jul 17 03:34:27 2015 +0000 479 480 upstream commit 481 482 remove -u flag to diff (only used for error output) to make 483 things easier for -portable 484 485 Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548 486 487commit deb8d99ecba70b67f4af7880b11ca8768df9ec3a 488Author: djm@openbsd.org <djm@openbsd.org> 489Date: Fri Jul 17 03:09:19 2015 +0000 490 491 upstream commit 492 493 direct-streamlocal@openssh.com Unix domain foward 494 messages do not contain a "reserved for future use" field and in fact, 495 serverloop.c checks that there isn't one. Remove erroneous mention from 496 PROTOCOL description. bz#2421 from Daniel Black 497 498 Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac 499 500commit 356b61f365405b5257f5b2ab446e5d7bd33a7b52 501Author: djm@openbsd.org <djm@openbsd.org> 502Date: Fri Jul 17 03:04:27 2015 +0000 503 504 upstream commit 505 506 describe magic for setting up Unix domain socket fowards 507 via the mux channel; bz#2422 patch from Daniel Black 508 509 Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861 510 511commit d3e2aee41487d55b8d7d40f538b84ff1db7989bc 512Author: Darren Tucker <dtucker@zip.com.au> 513Date: Fri Jul 17 12:52:34 2015 +1000 514 515 Check if realpath works on nonexistent files. 516 517 On some platforms the native realpath doesn't work with non-existent 518 files (this is actually specified in some versions of POSIX), however 519 the sftp spec says its realpath with "canonicalize any given path name". 520 On those platforms, use realpath from the compat library. 521 522 In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines 523 the realpath symbol to the checked version, so redefine ours to 524 something else so we pick up the compat version we want. 525 526 bz#2428, ok djm@ 527 528commit 25b14610dab655646a109db5ef8cb4c4bf2a48a0 529Author: djm@openbsd.org <djm@openbsd.org> 530Date: Fri Jul 17 02:47:45 2015 +0000 531 532 upstream commit 533 534 fix incorrect test for SSH1 keys when compiled without SSH1 535 support 536 537 Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451 538 539commit df56a8035d429b2184ee94aaa7e580c1ff67f73a 540Author: djm@openbsd.org <djm@openbsd.org> 541Date: Wed Jul 15 08:00:11 2015 +0000 542 543 upstream commit 544 545 fix NULL-deref when SSH1 reenabled 546 547 Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295 548 549commit 41e38c4d49dd60908484e6703316651333f16b93 550Author: djm@openbsd.org <djm@openbsd.org> 551Date: Wed Jul 15 07:19:50 2015 +0000 552 553 upstream commit 554 555 regen RSA1 test keys; the last batch was missing their 556 private parts 557 558 Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a 559 560commit 5bf0933184cb622ca3f96d224bf3299fd2285acc 561Author: markus@openbsd.org <markus@openbsd.org> 562Date: Fri Jul 10 06:23:25 2015 +0000 563 564 upstream commit 565 566 Adapt tests, now that DSA if off by default; use 567 PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA. 568 569 Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c 570 571commit 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc 572Author: markus@openbsd.org <markus@openbsd.org> 573Date: Tue Jul 7 14:54:16 2015 +0000 574 575 upstream commit 576 577 regen test data after mktestdata.sh changes 578 579 Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4 580 581commit 7c8c174c69f681d4910fa41c37646763692b28e2 582Author: markus@openbsd.org <markus@openbsd.org> 583Date: Tue Jul 7 14:53:30 2015 +0000 584 585 upstream commit 586 587 adapt tests to new minimum RSA size and default FP format 588 589 Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e 590 591commit 6a977a4b68747ade189e43d302f33403fd4a47ac 592Author: djm@openbsd.org <djm@openbsd.org> 593Date: Fri Jul 3 04:39:23 2015 +0000 594 595 upstream commit 596 597 legacy v00 certificates are gone; adapt and don't try to 598 test them; "sure" markus@ dtucker@ 599 600 Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12 601 602commit 0c4123ad5e93fb90fee9c6635b13a6cdabaac385 603Author: djm@openbsd.org <djm@openbsd.org> 604Date: Wed Jul 1 23:11:18 2015 +0000 605 606 upstream commit 607 608 don't expect SSH v.1 in unittests 609 610 Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397 611 612commit 3c099845798a817cdde513c39074ec2063781f18 613Author: djm@openbsd.org <djm@openbsd.org> 614Date: Mon Jun 15 06:38:50 2015 +0000 615 616 upstream commit 617 618 turn SSH1 back on to match src/usr.bin/ssh being tested 619 620 Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333 621 622commit b1dc2b33689668c75e95f873a42d5aea1f4af1db 623Author: dtucker@openbsd.org <dtucker@openbsd.org> 624Date: Mon Jul 13 04:57:14 2015 +0000 625 626 upstream commit 627 628 Add "PuTTY_Local:" to the clients to which we do not 629 offer DH-GEX. This was the string that was used for development versions 630 prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately 631 there are some extant products based on those versions. bx2424 from Jay 632 Rouman, ok markus@ djm@ 633 634 Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5 635 636commit 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9 637Author: markus@openbsd.org <markus@openbsd.org> 638Date: Fri Jul 10 06:21:53 2015 +0000 639 640 upstream commit 641 642 Turn off DSA by default; add HostKeyAlgorithms to the 643 server and PubkeyAcceptedKeyTypes to the client side, so it still can be 644 tested or turned back on; feedback and ok djm@ 645 646 Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21 647 648commit 16db0a7ee9a87945cc594d13863cfcb86038db59 649Author: markus@openbsd.org <markus@openbsd.org> 650Date: Thu Jul 9 09:49:46 2015 +0000 651 652 upstream commit 653 654 re-enable ed25519-certs if compiled w/o openssl; ok djm 655 656 Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49 657 658commit c355bf306ac33de6545ce9dac22b84a194601e2f 659Author: markus@openbsd.org <markus@openbsd.org> 660Date: Wed Jul 8 20:24:02 2015 +0000 661 662 upstream commit 663 664 no need to include the old buffer/key API 665 666 Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b 667 668commit a3cc48cdf9853f1e832d78cb29bedfab7adce1ee 669Author: markus@openbsd.org <markus@openbsd.org> 670Date: Wed Jul 8 19:09:25 2015 +0000 671 672 upstream commit 673 674 typedefs for Cipher&CipherContext are unused 675 676 Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7 677 678commit a635bd06b5c427a57c3ae760d3a2730bb2c863c0 679Author: markus@openbsd.org <markus@openbsd.org> 680Date: Wed Jul 8 19:04:21 2015 +0000 681 682 upstream commit 683 684 xmalloc.h is unused 685 686 Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58 687 688commit 2521cf0e36c7f3f6b19f206da0af134f535e4a31 689Author: markus@openbsd.org <markus@openbsd.org> 690Date: Wed Jul 8 19:01:15 2015 +0000 691 692 upstream commit 693 694 compress.c is gone 695 696 Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced 697 698commit c65a7aa6c43aa7a308ee1ab8a96f216169ae9615 699Author: djm@openbsd.org <djm@openbsd.org> 700Date: Fri Jul 3 04:05:54 2015 +0000 701 702 upstream commit 703 704 another SSH_RSA_MINIMUM_MODULUS_SIZE that needed 705 cranking 706 707 Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1 708 709commit b1f383da5cd3cb921fc7776f17a14f44b8a31757 710Author: djm@openbsd.org <djm@openbsd.org> 711Date: Fri Jul 3 03:56:25 2015 +0000 712 713 upstream commit 714 715 add an XXX reminder for getting correct key paths from 716 sshd_config 717 718 Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db 719 720commit 933935ce8d093996c34d7efa4d59113163080680 721Author: djm@openbsd.org <djm@openbsd.org> 722Date: Fri Jul 3 03:49:45 2015 +0000 723 724 upstream commit 725 726 refuse to generate or accept RSA keys smaller than 1024 727 bits; feedback and ok dtucker@ 728 729 Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba 730 731commit bdfd29f60b74f3e678297269dc6247a5699583c1 732Author: djm@openbsd.org <djm@openbsd.org> 733Date: Fri Jul 3 03:47:00 2015 +0000 734 735 upstream commit 736 737 turn off 1024 bit diffie-hellman-group1-sha1 key 738 exchange method (already off in server, this turns it off in the client by 739 default too) ok dtucker@ 740 741 Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa 742 743commit c28fc62d789d860c75e23a9fa9fb250eb2beca57 744Author: djm@openbsd.org <djm@openbsd.org> 745Date: Fri Jul 3 03:43:18 2015 +0000 746 747 upstream commit 748 749 delete support for legacy v00 certificates; "sure" 750 markus@ dtucker@ 751 752 Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f 753 754commit 564d63e1b4a9637a209d42a9d49646781fc9caef 755Author: djm@openbsd.org <djm@openbsd.org> 756Date: Wed Jul 1 23:10:47 2015 +0000 757 758 upstream commit 759 760 Compile-time disable SSH v.1 again 761 762 Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af 763 764commit 868109b650504dd9bcccdb1f51d0906f967c20ff 765Author: djm@openbsd.org <djm@openbsd.org> 766Date: Wed Jul 1 02:39:06 2015 +0000 767 768 upstream commit 769 770 twiddle PermitRootLogin back 771 772 Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2 773 774commit 7de4b03a6e4071d454b72927ffaf52949fa34545 775Author: djm@openbsd.org <djm@openbsd.org> 776Date: Wed Jul 1 02:32:17 2015 +0000 777 778 upstream commit 779 780 twiddle; (this commit marks the openssh-6.9 release) 781 782 Upstream-ID: 78500582819f61dd8adee36ec5cc9b9ac9351234 783 784commit 1bf477d3cdf1a864646d59820878783d42357a1d 785Author: djm@openbsd.org <djm@openbsd.org> 786Date: Wed Jul 1 02:26:31 2015 +0000 787 788 upstream commit 789 790 better refuse ForwardX11Trusted=no connections attempted 791 after ForwardX11Timeout expires; reported by Jann Horn 792 793 Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21 794 795commit 47aa7a0f8551b471fcae0447c1d78464f6dba869 796Author: djm@openbsd.org <djm@openbsd.org> 797Date: Wed Jul 1 01:56:13 2015 +0000 798 799 upstream commit 800 801 put back default PermitRootLogin=no 802 803 Upstream-ID: 7bdedd5cead99c57ed5571f3b6b7840922d5f728 804 805commit 984b064fe2a23733733262f88d2e1b2a1a501662 806Author: djm@openbsd.org <djm@openbsd.org> 807Date: Wed Jul 1 01:55:13 2015 +0000 808 809 upstream commit 810 811 openssh-6.9 812 813 Upstream-ID: 6cfe8e1904812531080e6ab6e752d7001b5b2d45 814 815commit d921082ed670f516652eeba50705e1e9f6325346 816Author: djm@openbsd.org <djm@openbsd.org> 817Date: Wed Jul 1 01:55:00 2015 +0000 818 819 upstream commit 820 821 reset default PermitRootLogin to 'yes' (momentarily, for 822 release) 823 824 Upstream-ID: cad8513527066e65dd7a1c16363d6903e8cefa24 825 826commit 66295e0e1ba860e527f191b6325d2d77dec4dbce 827Author: Damien Miller <djm@mindrot.org> 828Date: Wed Jul 1 11:49:12 2015 +1000 829 830 crank version numbers for release 831 832commit 37035c07d4f26bb1fbe000d2acf78efdb008681d 833Author: Damien Miller <djm@mindrot.org> 834Date: Wed Jul 1 10:49:37 2015 +1000 835 836 s/--with-ssh1/--without-ssh1/ 837 838commit 629df770dbadc2accfbe1c81b3f31f876d0acd84 839Author: djm@openbsd.org <djm@openbsd.org> 840Date: Tue Jun 30 05:25:07 2015 +0000 841 842 upstream commit 843 844 fatal() when a remote window update causes the window 845 value to overflow. Reported by Georg Wicherski, ok markus@ 846 847 Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351 848 849commit f715afebe735d61df3fd30ad72d9ac1c8bd3b5f2 850Author: djm@openbsd.org <djm@openbsd.org> 851Date: Tue Jun 30 05:23:25 2015 +0000 852 853 upstream commit 854 855 Fix math error in remote window calculations that causes 856 eventual stalls for datagram channels. Reported by Georg Wicherski, ok 857 markus@ 858 859 Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab 860 861commit 52fb6b9b034fcfd24bf88cc7be313e9c31de9889 862Author: Damien Miller <djm@mindrot.org> 863Date: Tue Jun 30 16:05:40 2015 +1000 864 865 skip IPv6-related portions on hosts without IPv6 866 867 with Tim Rice 868 869commit 512caddf590857af6aa12218461b5c0441028cf5 870Author: djm@openbsd.org <djm@openbsd.org> 871Date: Mon Jun 29 22:35:12 2015 +0000 872 873 upstream commit 874 875 add getpid to sandbox, reachable by grace_alarm_handler 876 877 reported by Jakub Jelen; bz#2419 878 879 Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8 880 881commit 78c2a4f883ea9aba866358e2acd9793a7f42ca93 882Author: djm@openbsd.org <djm@openbsd.org> 883Date: Fri Jun 26 05:13:20 2015 +0000 884 885 upstream commit 886 887 Fix \-escaping bug that caused forward path parsing to skip 888 two characters and skip past the end of the string. 889 890 Based on patch by Salvador Fandino; ok dtucker@ 891 892 Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd 893 894commit bc20205c91c9920361d12b15d253d4997dba494a 895Author: Damien Miller <djm@mindrot.org> 896Date: Thu Jun 25 09:51:39 2015 +1000 897 898 add missing pselect6 899 900 patch from Jakub Jelen 901 902commit 9d27fb73b4a4e5e99cb880af790d5b1ce44f720a 903Author: djm@openbsd.org <djm@openbsd.org> 904Date: Wed Jun 24 23:47:23 2015 +0000 905 906 upstream commit 907 908 correct test to sshkey_sign(); spotted by Albert S. 909 910 Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933 911 912commit 7ed01a96a1911d8b4a9ef4f3d064e1923bfad7e3 913Author: dtucker@openbsd.org <dtucker@openbsd.org> 914Date: Wed Jun 24 01:49:19 2015 +0000 915 916 upstream commit 917 918 Revert previous commit. We still want to call setgroups 919 in the case where there are zero groups to remove any that we might otherwise 920 inherit (as pointed out by grawity at gmail.com) and since the 2nd argument 921 to setgroups is always a static global it's always valid to dereference in 922 this case. ok deraadt@ djm@ 923 924 Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01 925 926commit 882f8bf94f79528caa65b0ba71c185d705bb7195 927Author: dtucker@openbsd.org <dtucker@openbsd.org> 928Date: Wed Jun 24 01:49:19 2015 +0000 929 930 upstream commit 931 932 Revert previous commit. We still want to call setgroups in 933 the case where there are zero groups to remove any that we might otherwise 934 inherit (as pointed out by grawity at gmail.com) and since the 2nd argument 935 to setgroups is always a static global it's always valid to dereference in 936 this case. ok deraadt@ djm@ 937 938 Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01 939 940commit 9488538a726951e82b3a4374f3c558d72c80a89b 941Author: djm@openbsd.org <djm@openbsd.org> 942Date: Mon Jun 22 23:42:16 2015 +0000 943 944 upstream commit 945 946 Don't count successful partial authentication as failures 947 in monitor; this may have caused the monitor to refuse multiple 948 authentications that would otherwise have successfully completed; ok markus@ 949 950 Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3 951 952commit 63b78d003bd8ca111a736e6cea6333da50f5f09b 953Author: dtucker@openbsd.org <dtucker@openbsd.org> 954Date: Mon Jun 22 12:29:57 2015 +0000 955 956 upstream commit 957 958 Don't call setgroups if we have zero groups; there's no 959 guarantee that it won't try to deref the pointer. Based on a patch from mail 960 at quitesimple.org, ok djm deraadt 961 962 Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1 963 964commit 5c15e22c691c79a47747bcf5490126656f97cecd 965Author: Damien Miller <djm@mindrot.org> 966Date: Thu Jun 18 15:07:56 2015 +1000 967 968 fix syntax error 969 970commit 596dbca82f3f567fb3d2d69af4b4e1d3ba1e6403 971Author: jsing@openbsd.org <jsing@openbsd.org> 972Date: Mon Jun 15 18:44:22 2015 +0000 973 974 upstream commit 975 976 If AuthorizedPrincipalsCommand is specified, however 977 AuthorizedPrincipalsFile is not (or is set to "none"), authentication will 978 potentially fail due to key_cert_check_authority() failing to locate a 979 principal that matches the username, even though an authorized principal has 980 already been matched in the output of the subprocess. Fix this by using the 981 same logic to determine if pw->pw_name should be passed, as is used to 982 determine if a authorized principal must be matched earlier on. 983 984 ok djm@ 985 986 Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d 987 988commit aff3e94c0d75d0d0fa84ea392b50ab04f8c57905 989Author: jsing@openbsd.org <jsing@openbsd.org> 990Date: Mon Jun 15 18:42:19 2015 +0000 991 992 upstream commit 993 994 Make the arguments to match_principals_command() similar 995 to match_principals_file(), by changing the last argument a struct 996 sshkey_cert * and dereferencing key->cert in the caller. 997 998 No functional change. 999 1000 ok djm@ 1001 1002 Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c 1003 1004commit 97e2e1596c202a4693468378b16b2353fd2d6c5e 1005Author: Damien Miller <djm@mindrot.org> 1006Date: Wed Jun 17 14:36:54 2015 +1000 1007 1008 trivial optimisation for seccomp-bpf 1009 1010 When doing arg inspection and the syscall doesn't match, skip 1011 past the instruction that reloads the syscall into the accumulator, 1012 since the accumulator hasn't been modified at this point. 1013 1014commit 99f33d7304893bd9fa04d227cb6e870171cded19 1015Author: Damien Miller <djm@mindrot.org> 1016Date: Wed Jun 17 10:50:51 2015 +1000 1017 1018 aarch64 support for seccomp-bpf sandbox 1019 1020 Also resort and tidy syscall list. Based on patches by Jakub Jelen 1021 bz#2361; ok dtucker@ 1022 1023commit 4ef702e1244633c1025ec7cfe044b9ab267097bf 1024Author: djm@openbsd.org <djm@openbsd.org> 1025Date: Mon Jun 15 01:32:50 2015 +0000 1026 1027 upstream commit 1028 1029 return failure on RSA signature error; reported by Albert S 1030 1031 Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa 1032 1033commit a170f22baf18af0b1acf2788b8b715605f41a1f9 1034Author: Tim Rice <tim@multitalents.net> 1035Date: Tue Jun 9 22:41:13 2015 -0700 1036 1037 Fix t12 rules for out of tree builds. 1038 1039commit ec04dc4a5515c913121bc04ed261857e68fa5c18 1040Author: millert@openbsd.org <millert@openbsd.org> 1041Date: Fri Jun 5 15:13:13 2015 +0000 1042 1043 upstream commit 1044 1045 For "ssh -L 12345:/tmp/sock" don't fail with "No forward host 1046 name." (we have a path, not a host name). Based on a diff from Jared 1047 Yanovich. OK djm@ 1048 1049 Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f 1050 1051commit 732d61f417a6aea0aa5308b59cb0f563bcd6edd6 1052Author: djm@openbsd.org <djm@openbsd.org> 1053Date: Fri Jun 5 03:44:14 2015 +0000 1054 1055 upstream commit 1056 1057 typo: accidental repetition; bz#2386 1058 1059 Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b 1060 1061commit adfb24c69d1b6f5e758db200866c711e25a2ba73 1062Author: Darren Tucker <dtucker@zip.com.au> 1063Date: Fri Jun 5 14:51:40 2015 +1000 1064 1065 Add Linux powerpc64le and powerpcle entries. 1066 1067 Stopgap to resolve bz#2409 because we are so close to release and will 1068 update config.guess and friends shortly after the release. ok djm@ 1069 1070commit a1195a0fdc9eddddb04d3e9e44c4775431cb77da 1071Merge: 6397eed d2480bc 1072Author: Tim Rice <tim@multitalents.net> 1073Date: Wed Jun 3 21:43:13 2015 -0700 1074 1075 Merge branch 'master' of git.mindrot.org:/var/git/openssh 1076 1077commit 6397eedf953b2b973d2d7cbb504ab501a07f8ddc 1078Author: Tim Rice <tim@multitalents.net> 1079Date: Wed Jun 3 21:41:11 2015 -0700 1080 1081 Remove unneeded backslashes. Patch from ��ngel Gonz��lez 1082 1083commit d2480bcac1caf31b03068de877a47d6e1027bf6d 1084Author: Darren Tucker <dtucker@zip.com.au> 1085Date: Thu Jun 4 14:10:55 2015 +1000 1086 1087 Remove redundant include of stdarg.h. bz#2410 1088 1089commit 5e67859a623826ccdf2df284cbb37e2d8e2787eb 1090Author: djm@openbsd.org <djm@openbsd.org> 1091Date: Tue Jun 2 09:10:40 2015 +0000 1092 1093 upstream commit 1094 1095 mention CheckHostIP adding addresses to known_hosts; 1096 bz#1993; ok dtucker@ 1097 1098 Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7 1099 1100commit d7a58bbac6583e33fd5eca8e2c2cc70c57617818 1101Author: Darren Tucker <dtucker@zip.com.au> 1102Date: Tue Jun 2 20:15:26 2015 +1000 1103 1104 Replace strcpy with strlcpy. 1105 1106 ok djm, sanity check by Corinna Vinschen. 1107 1108commit 51a1c2115265c6e80ede8a5c9dccada9aeed7143 1109Author: Damien Miller <djm@mindrot.org> 1110Date: Fri May 29 18:27:21 2015 +1000 1111 1112 skip, rather than fatal when run without SUDO set 1113 1114commit 599f01142a376645b15cbc9349d7e8975e1cf245 1115Author: Damien Miller <djm@mindrot.org> 1116Date: Fri May 29 18:03:15 2015 +1000 1117 1118 fix merge botch that left ",," in KEX algs 1119 1120commit 0c2a81dfc21822f2423edd30751e5ec53467b347 1121Author: Damien Miller <djm@mindrot.org> 1122Date: Fri May 29 17:08:28 2015 +1000 1123 1124 re-enable SSH protocol 1 at compile time 1125 1126commit db438f9285d64282d3ac9e8c0944f59f037c0151 1127Author: djm@openbsd.org <djm@openbsd.org> 1128Date: Fri May 29 03:05:13 2015 +0000 1129 1130 upstream commit 1131 1132 make this work without SUDO set; ok dtucker@ 1133 1134 Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715 1135 1136commit 1d9a2e2849c9864fe75daabf433436341c968e14 1137Author: djm@openbsd.org <djm@openbsd.org> 1138Date: Thu May 28 07:37:31 2015 +0000 1139 1140 upstream commit 1141 1142 wrap all moduli-related code in #ifdef WITH_OPENSSL. 1143 based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@ 1144 1145 Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf 1146 1147commit 496aeb25bc2d6c434171292e4714771b594bd00e 1148Author: dtucker@openbsd.org <dtucker@openbsd.org> 1149Date: Thu May 28 05:41:29 2015 +0000 1150 1151 upstream commit 1152 1153 Increase the allowed length of the known host file name 1154 in the log message to be consistent with other cases. Part of bz#1993, ok 1155 deraadt. 1156 1157 Upstream-ID: a9e97567be49f25daf286721450968251ff78397 1158 1159commit dd2cfeb586c646ff8d70eb93567b2e559ace5b14 1160Author: dtucker@openbsd.org <dtucker@openbsd.org> 1161Date: Thu May 28 05:09:45 2015 +0000 1162 1163 upstream commit 1164 1165 Fix typo (keywork->keyword) 1166 1167 Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534 1168 1169commit 9cc6842493fbf23025ccc1edab064869640d3bec 1170Author: djm@openbsd.org <djm@openbsd.org> 1171Date: Thu May 28 04:50:53 2015 +0000 1172 1173 upstream commit 1174 1175 add error message on ftruncate failure; bz#2176 1176 1177 Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf 1178 1179commit d1958793a0072c22be26d136dbda5ae263e717a0 1180Author: djm@openbsd.org <djm@openbsd.org> 1181Date: Thu May 28 04:40:13 2015 +0000 1182 1183 upstream commit 1184 1185 make ssh-keygen default to ed25519 keys when compiled 1186 without OpenSSL; bz#2388, ok dtucker@ 1187 1188 Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71 1189 1190commit 3ecde664c9fc5fb3667aedf9e6671462600f6496 1191Author: dtucker@openbsd.org <dtucker@openbsd.org> 1192Date: Wed May 27 23:51:10 2015 +0000 1193 1194 upstream commit 1195 1196 Reorder client proposal to prefer 1197 diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1. ok djm@ 1198 1199 Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058 1200 1201commit 40f64292b907afd0a674fdbf3e4c2356d17a7d68 1202Author: dtucker@openbsd.org <dtucker@openbsd.org> 1203Date: Wed May 27 23:39:18 2015 +0000 1204 1205 upstream commit 1206 1207 Add a stronger (4k bit) fallback group that sshd can use 1208 when the moduli file is missing or broken, sourced from RFC3526. bz#2302, ok 1209 markus@ (earlier version), djm@ 1210 1211 Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4 1212 1213commit 5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a 1214Author: Darren Tucker <dtucker@zip.com.au> 1215Date: Thu May 28 10:03:40 2015 +1000 1216 1217 New moduli file from OpenBSD, removing 1k groups. 1218 1219 Remove 1k bit groups. ok deraadt@, markus@ 1220 1221commit a71ba58adf34e599f30cdda6e9b93ae6e3937eea 1222Author: djm@openbsd.org <djm@openbsd.org> 1223Date: Wed May 27 05:15:02 2015 +0000 1224 1225 upstream commit 1226 1227 support PKCS#11 devices with external PIN entry devices 1228 bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@ 1229 1230 Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d 1231 1232commit b282fec1aa05246ed3482270eb70fc3ec5f39a00 1233Author: dtucker@openbsd.org <dtucker@openbsd.org> 1234Date: Tue May 26 23:23:40 2015 +0000 1235 1236 upstream commit 1237 1238 Cap DH-GEX group size at 4kbits for Cisco implementations. 1239 Some of them will choke when asked for preferred sizes >4k instead of 1240 returning the 4k group that they do have. bz#2209, ok djm@ 1241 1242 Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d 1243 1244commit 3e91b4e8b0dc2b4b7e7d42cf6e8994a32e4cb55e 1245Author: djm@openbsd.org <djm@openbsd.org> 1246Date: Sun May 24 23:39:16 2015 +0000 1247 1248 upstream commit 1249 1250 add missing 'c' option to getopt(), case statement was 1251 already there; from Felix Bolte 1252 1253 Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081 1254 1255commit 64a89ec07660abba4d0da7c0095b7371c98bab62 1256Author: jsg@openbsd.org <jsg@openbsd.org> 1257Date: Sat May 23 14:28:37 2015 +0000 1258 1259 upstream commit 1260 1261 fix a memory leak in an error path ok markus@ dtucker@ 1262 1263 Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598 1264 1265commit f948737449257d2cb83ffcfe7275eb79b677fd4a 1266Author: djm@openbsd.org <djm@openbsd.org> 1267Date: Fri May 22 05:28:45 2015 +0000 1268 1269 upstream commit 1270 1271 mention ssh-keygen -E for comparing legacy MD5 1272 fingerprints; bz#2332 1273 1274 Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859 1275 1276commit 0882332616e4f0272c31cc47bf2018f9cb258a4e 1277Author: djm@openbsd.org <djm@openbsd.org> 1278Date: Fri May 22 04:45:52 2015 +0000 1279 1280 upstream commit 1281 1282 Reorder EscapeChar option parsing to avoid a single-byte 1283 out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@ 1284 1285 Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060 1286 1287commit d7c31da4d42c115843edee2074d7d501f8804420 1288Author: djm@openbsd.org <djm@openbsd.org> 1289Date: Fri May 22 03:50:02 2015 +0000 1290 1291 upstream commit 1292 1293 add knob to relax GSSAPI host credential check for 1294 multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker 1295 (kerberos/GSSAPI is not compiled by default on OpenBSD) 1296 1297 Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d 1298 1299commit aa72196a00be6e0b666215edcffbc10af234cb0e 1300Author: Darren Tucker <dtucker@zip.com.au> 1301Date: Fri May 22 17:49:46 2015 +1000 1302 1303 Include signal.h for sig_atomic_t, used by kex.h. 1304 1305 bz#2402, from tomas.kuthan at oracle com. 1306 1307commit 8b02481143d75e91c49d1bfae0876ac1fbf9511a 1308Author: Darren Tucker <dtucker@zip.com.au> 1309Date: Fri May 22 12:47:24 2015 +1000 1310 1311 Import updated moduli file from OpenBSD. 1312 1313commit 4739e8d5e1c0be49624082bd9f6b077e9e758db9 1314Author: djm@openbsd.org <djm@openbsd.org> 1315Date: Thu May 21 12:01:19 2015 +0000 1316 1317 upstream commit 1318 1319 Support "ssh-keygen -lF hostname" to find search known_hosts 1320 and print key hashes. Already advertised by ssh-keygen(1), but not delivered 1321 by code; ok dtucker@ 1322 1323 Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387 1324 1325commit e97201feca10b5196da35819ae516d0b87cf3a50 1326Author: Damien Miller <djm@mindrot.org> 1327Date: Thu May 21 17:55:15 2015 +1000 1328 1329 conditionalise util.h inclusion 1330 1331commit 13640798c7dd011ece0a7d02841fe48e94cfa0e0 1332Author: djm@openbsd.org <djm@openbsd.org> 1333Date: Thu May 21 06:44:25 2015 +0000 1334 1335 upstream commit 1336 1337 regress test for AuthorizedPrincipalsCommand 1338 1339 Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219 1340 1341commit 84452c5d03c21f9bfb28c234e0dc1dc67dd817b1 1342Author: djm@openbsd.org <djm@openbsd.org> 1343Date: Thu May 21 06:40:02 2015 +0000 1344 1345 upstream commit 1346 1347 regress test for AuthorizedKeysCommand arguments 1348 1349 Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12 1350 1351commit bcc50d816187fa9a03907ac1f3a52f04a52e10d1 1352Author: djm@openbsd.org <djm@openbsd.org> 1353Date: Thu May 21 06:43:30 2015 +0000 1354 1355 upstream commit 1356 1357 add AuthorizedPrincipalsCommand that allows getting 1358 authorized_principals from a subprocess rather than a file, which is quite 1359 useful in deployments with large userbases 1360 1361 feedback and ok markus@ 1362 1363 Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6 1364 1365commit 24232a3e5ab467678a86aa67968bbb915caffed4 1366Author: djm@openbsd.org <djm@openbsd.org> 1367Date: Thu May 21 06:38:35 2015 +0000 1368 1369 upstream commit 1370 1371 support arguments to AuthorizedKeysCommand 1372 1373 bz#2081 loosely based on patch by Sami Hartikainen 1374 feedback and ok markus@ 1375 1376 Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7 1377 1378commit d80fbe41a57c72420c87a628444da16d09d66ca7 1379Author: djm@openbsd.org <djm@openbsd.org> 1380Date: Thu May 21 04:55:51 2015 +0000 1381 1382 upstream commit 1383 1384 refactor: split base64 encoding of pubkey into its own 1385 sshkey_to_base64() function and out of sshkey_write(); ok markus@ 1386 1387 Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a 1388 1389commit 7cc44ef74133a473734bbcbd3484f24d6a7328c5 1390Author: deraadt@openbsd.org <deraadt@openbsd.org> 1391Date: Mon May 18 15:06:05 2015 +0000 1392 1393 upstream commit 1394 1395 getentropy() and sendsyslog() have been around long 1396 enough. openssh-portable may want the #ifdef's but not base. discussed with 1397 djm few weeks back 1398 1399 Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926 1400 1401commit 9173d0fbe44de7ebcad8a15618e13a8b8d78902e 1402Author: dtucker@openbsd.org <dtucker@openbsd.org> 1403Date: Fri May 15 05:44:21 2015 +0000 1404 1405 upstream commit 1406 1407 Use a salted hash of the lock passphrase instead of plain 1408 text and do constant-time comparisons of it. Should prevent leaking any 1409 information about it via timing, pointed out by Ryan Castellucci. Add a 0.1s 1410 incrementing delay for each failed unlock attempt up to 10s. ok markus@ 1411 (earlier version), djm@ 1412 1413 Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f 1414 1415commit d028d5d3a697c71b21e4066d8672cacab3caa0a8 1416Author: Damien Miller <djm@mindrot.org> 1417Date: Tue May 5 19:10:58 2015 +1000 1418 1419 upstream commit 1420 1421 - tedu@cvs.openbsd.org 2015/01/12 03:20:04 1422 [bcrypt_pbkdf.c] 1423 rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks, 1424 nor are they the same size. 1425 1426commit f6391d4e59b058984163ab28f4e317e7a72478f1 1427Author: Damien Miller <djm@mindrot.org> 1428Date: Tue May 5 19:10:23 2015 +1000 1429 1430 upstream commit 1431 1432 - deraadt@cvs.openbsd.org 2015/01/08 00:30:07 1433 [bcrypt_pbkdf.c] 1434 declare a local version of MIN(), call it MINIMUM() 1435 1436commit 8ac6b13cc9113eb47cd9e86c97d7b26b4b71b77f 1437Author: Damien Miller <djm@mindrot.org> 1438Date: Tue May 5 19:09:46 2015 +1000 1439 1440 upstream commit 1441 1442 - djm@cvs.openbsd.org 2014/12/30 01:41:43 1443 [bcrypt_pbkdf.c] 1444 typo in comment: ouput => output 1445 1446commit 1f792489d5cf86a4f4e3003e6e9177654033f0f2 1447Author: djm@openbsd.org <djm@openbsd.org> 1448Date: Mon May 4 06:10:48 2015 +0000 1449 1450 upstream commit 1451 1452 Remove pattern length argument from match_pattern_list(), we 1453 only ever use it for strlen(pattern). 1454 1455 Prompted by hanno AT hboeck.de pointing an out-of-bound read 1456 error caused by an incorrect pattern length found using AFL 1457 and his own tools. 1458 1459 ok markus@ 1460 1461commit 639d6bc57b1942393ed12fb48f00bc05d4e093e4 1462Author: djm@openbsd.org <djm@openbsd.org> 1463Date: Fri May 1 07:10:01 2015 +0000 1464 1465 upstream commit 1466 1467 refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() 1468 to better report error conditions. Teach sshpkt_fatal() about ECONNRESET. 1469 1470 Improves error messages on TCP connection resets. bz#2257 1471 1472 ok dtucker@ 1473 1474commit 9559d7de34c572d4d3fd990ca211f8ec99f62c4d 1475Author: djm@openbsd.org <djm@openbsd.org> 1476Date: Fri May 1 07:08:08 2015 +0000 1477 1478 upstream commit 1479 1480 a couple of parse targets were missing activep checks, 1481 causing them to be misapplied in match context; bz#2272 diagnosis and 1482 original patch from Sami Hartikainen ok dtucker@ 1483 1484commit 7e8528cad04b2775c3b7db08abf8fb42e47e6b2a 1485Author: djm@openbsd.org <djm@openbsd.org> 1486Date: Fri May 1 04:17:51 2015 +0000 1487 1488 upstream commit 1489 1490 make handling of AuthorizedPrincipalsFile=none more 1491 consistent with other =none options; bz#2288 from Jakub Jelen; ok dtucker@ 1492 1493commit ca430d4d9cc0f62eca3b1fb1e2928395b7ce80f7 1494Author: djm@openbsd.org <djm@openbsd.org> 1495Date: Fri May 1 04:03:20 2015 +0000 1496 1497 upstream commit 1498 1499 remove failed remote forwards established by muliplexing 1500 from the list of active forwards; bz#2363, patch mostly by Yoann Ricordel; ok 1501 dtucker@ 1502 1503commit 8312cfb8ad88657517b3e23ac8c56c8e38eb9792 1504Author: djm@openbsd.org <djm@openbsd.org> 1505Date: Fri May 1 04:01:58 2015 +0000 1506 1507 upstream commit 1508 1509 reduce stderr spam when using ssh -S /path/mux -O forward 1510 -R 0:... ok dtucker@ 1511 1512commit 179be0f5e62f1f492462571944e45a3da660d82b 1513Author: djm@openbsd.org <djm@openbsd.org> 1514Date: Fri May 1 03:23:51 2015 +0000 1515 1516 upstream commit 1517 1518 prevent authorized_keys options picked up on public key 1519 tests without a corresponding private key authentication being applied to 1520 other authentication methods. Reported by halex@, ok markus@ 1521 1522commit a42d67be65b719a430b7fcaba2a4e4118382723a 1523Author: djm@openbsd.org <djm@openbsd.org> 1524Date: Fri May 1 03:20:54 2015 +0000 1525 1526 upstream commit 1527 1528 Don't make parsing of authorized_keys' environment= 1529 option conditional on PermitUserEnv - always parse it, but only use the 1530 result if the option is enabled. This prevents the syntax of authorized_keys 1531 changing depending on which sshd_config options were enabled. 1532 1533 bz#2329; based on patch from coladict AT gmail.com, ok dtucker@ 1534 1535commit e661a86353e11592c7ed6a847e19a83609f49e77 1536Author: djm@openbsd.org <djm@openbsd.org> 1537Date: Mon May 4 06:10:48 2015 +0000 1538 1539 upstream commit 1540 1541 Remove pattern length argument from match_pattern_list(), we 1542 only ever use it for strlen(pattern). 1543 1544 Prompted by hanno AT hboeck.de pointing an out-of-bound read 1545 error caused by an incorrect pattern length found using AFL 1546 and his own tools. 1547 1548 ok markus@ 1549 1550commit 0ef1de742be2ee4b10381193fe90730925b7f027 1551Author: dtucker@openbsd.org <dtucker@openbsd.org> 1552Date: Thu Apr 23 05:01:19 2015 +0000 1553 1554 upstream commit 1555 1556 Add a simple regression test for sshd's configuration 1557 parser. Right now, all it does is run the output of sshd -T back through 1558 itself and ensure the output is valid and invariant. 1559 1560commit 368f83c793275faa2c52f60eaa9bdac155c4254b 1561Author: djm@openbsd.org <djm@openbsd.org> 1562Date: Wed Apr 22 01:38:36 2015 +0000 1563 1564 upstream commit 1565 1566 use correct key for nested certificate test 1567 1568commit 8d4d1bfddbbd7d21f545dc6997081d1ea1fbc99a 1569Author: djm@openbsd.org <djm@openbsd.org> 1570Date: Fri May 1 07:11:47 2015 +0000 1571 1572 upstream commit 1573 1574 mention that the user's shell from /etc/passwd is used 1575 for commands too; bz#1459 ok dtucker@ 1576 1577commit 5ab283d0016bbc9d4d71e8e5284d011bc5a930cf 1578Author: djm@openbsd.org <djm@openbsd.org> 1579Date: Fri May 8 07:29:00 2015 +0000 1580 1581 upstream commit 1582 1583 whitespace 1584 1585 Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519 1586 1587commit 8377d5008ad260048192e1e56ad7d15a56d103dd 1588Author: djm@openbsd.org <djm@openbsd.org> 1589Date: Fri May 8 07:26:13 2015 +0000 1590 1591 upstream commit 1592 1593 whitespace at EOL 1594 1595 Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554 1596 1597commit c28a3436fa8737709ea88e4437f8f23a6ab50359 1598Author: djm@openbsd.org <djm@openbsd.org> 1599Date: Fri May 8 06:45:13 2015 +0000 1600 1601 upstream commit 1602 1603 moar whitespace at eol 1604 1605 Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515 1606 1607commit 2b64c490468fd4ca35ac8d5cc31c0520dc1508bb 1608Author: djm@openbsd.org <djm@openbsd.org> 1609Date: Fri May 8 06:41:56 2015 +0000 1610 1611 upstream commit 1612 1613 whitespace at EOL 1614 1615 Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c 1616 1617commit 4e636cf201ce6e7e3b9088568218f9d4e2c51712 1618Author: djm@openbsd.org <djm@openbsd.org> 1619Date: Fri May 8 03:56:51 2015 +0000 1620 1621 upstream commit 1622 1623 whitespace at EOL 1624 1625commit 38b8272f823dc1dd4e29dbcee83943ed48bb12fa 1626Author: dtucker@openbsd.org <dtucker@openbsd.org> 1627Date: Mon May 4 01:47:53 2015 +0000 1628 1629 upstream commit 1630 1631 Use diff w/out -u for better portability 1632 1633commit 297060f42d5189a4065ea1b6f0afdf6371fb0507 1634Author: dtucker@openbsd.org <dtucker@openbsd.org> 1635Date: Fri May 8 03:25:07 2015 +0000 1636 1637 upstream commit 1638 1639 Use xcalloc for permitted_adm_opens instead of xmalloc to 1640 ensure it's zeroed. Fixes post-auth crash with permitopen=none. bz#2355, ok 1641 djm@ 1642 1643commit 63ebf019be863b2d90492a85e248cf55a6e87403 1644Author: djm@openbsd.org <djm@openbsd.org> 1645Date: Fri May 8 03:17:49 2015 +0000 1646 1647 upstream commit 1648 1649 don't choke on new-format private keys encrypted with an 1650 AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@ 1651 1652commit f8484dac678ab3098ae522a5f03bb2530f822987 1653Author: dtucker@openbsd.org <dtucker@openbsd.org> 1654Date: Wed May 6 05:45:17 2015 +0000 1655 1656 upstream commit 1657 1658 Clarify pseudo-terminal request behaviour and use 1659 "pseudo-terminal" consistently. bz#1716, ok jmc@ "I like it" deraadt@. 1660 1661commit ea139507bef8bad26e86ed99a42c7233ad115c38 1662Author: dtucker@openbsd.org <dtucker@openbsd.org> 1663Date: Wed May 6 04:07:18 2015 +0000 1664 1665 upstream commit 1666 1667 Blacklist DH-GEX for specific PuTTY versions known to 1668 send non-RFC4419 DH-GEX messages rather than all versions of PuTTY. 1669 According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX 1670 messages. ok djm@ 1671 1672commit b58234f00ee3872eb84f6e9e572a9a34e902e36e 1673Author: dtucker@openbsd.org <dtucker@openbsd.org> 1674Date: Tue May 5 10:17:49 2015 +0000 1675 1676 upstream commit 1677 1678 WinSCP doesn't implement RFC4419 DH-GEX so flag it so we 1679 don't offer that KEX method. ok markus@ 1680 1681commit d5b1507a207253b39e810e91e68f9598691b7a29 1682Author: jsg@openbsd.org <jsg@openbsd.org> 1683Date: Tue May 5 02:48:17 2015 +0000 1684 1685 upstream commit 1686 1687 use the sizeof the struct not the sizeof a pointer to the 1688 struct in ssh_digest_start() 1689 1690 This file is only used if ssh is built with OPENSSL=no 1691 1692 ok markus@ 1693 1694commit a647b9b8e616c231594b2710c925d31b1b8afea3 1695Author: Darren Tucker <dtucker@zip.com.au> 1696Date: Fri May 8 11:07:27 2015 +1000 1697 1698 Put brackets around mblen() compat constant. 1699 1700 This might help with the reported problem cross compiling for Android 1701 ("error: expected identifier or '(' before numeric constant") but 1702 shouldn't hurt in any case. 1703 1704commit d1680d36e17244d9af3843aeb5025cb8e40d6c07 1705Author: Darren Tucker <dtucker@zip.com.au> 1706Date: Thu Apr 30 09:18:11 2015 +1000 1707 1708 xrealloc -> xreallocarray in portable code too. 1709 1710commit 531a57a3893f9fcd4aaaba8c312b612bbbcc021e 1711Author: dtucker@openbsd.org <dtucker@openbsd.org> 1712Date: Wed Apr 29 03:48:56 2015 +0000 1713 1714 upstream commit 1715 1716 Allow ListenAddress, Port and AddressFamily in any 1717 order. bz#68, ok djm@, jmc@ (for the man page bit). 1718 1719commit c1d5bcf1aaf1209af02f79e48ba1cbc76a87b56f 1720Author: jmc@openbsd.org <jmc@openbsd.org> 1721Date: Tue Apr 28 13:47:38 2015 +0000 1722 1723 upstream commit 1724 1725 enviroment -> environment: apologies to darren for not 1726 spotting that first time round... 1727 1728commit 43beea053db191cac47c2cd8d3dc1930158aff1a 1729Author: dtucker@openbsd.org <dtucker@openbsd.org> 1730Date: Tue Apr 28 10:25:15 2015 +0000 1731 1732 upstream commit 1733 1734 Fix typo in previous 1735 1736commit 85b96ef41374f3ddc9139581f87da09b2cd9199e 1737Author: dtucker@openbsd.org <dtucker@openbsd.org> 1738Date: Tue Apr 28 10:17:58 2015 +0000 1739 1740 upstream commit 1741 1742 Document that the TERM environment variable is not 1743 subject to SendEnv and AcceptEnv. bz#2386, based loosely on a patch from 1744 jjelen at redhat, help and ok jmc@ 1745 1746commit 88a7c598a94ff53f76df228eeaae238d2d467565 1747Author: djm@openbsd.org <djm@openbsd.org> 1748Date: Mon Apr 27 21:42:48 2015 +0000 1749 1750 upstream commit 1751 1752 Make sshd default to PermitRootLogin=no; ok deraadt@ 1753 rpe@ 1754 1755commit 734226b4480a6c736096c729fcf6f391400599c7 1756Author: djm@openbsd.org <djm@openbsd.org> 1757Date: Mon Apr 27 01:52:30 2015 +0000 1758 1759 upstream commit 1760 1761 fix compilation with OPENSSL=no; ok dtucker@ 1762 1763commit a4b9d2ce1eb7703eaf0809b0c8a82ded8aa4f1c6 1764Author: dtucker@openbsd.org <dtucker@openbsd.org> 1765Date: Mon Apr 27 00:37:53 2015 +0000 1766 1767 upstream commit 1768 1769 Include stdio.h for FILE (used in sshkey.h) so it 1770 compiles with OPENSSL=no. 1771 1772commit dbcc652f4ca11fe04e5930c7ef18a219318c6cda 1773Author: djm@openbsd.org <djm@openbsd.org> 1774Date: Mon Apr 27 00:21:21 2015 +0000 1775 1776 upstream commit 1777 1778 allow "sshd -f none" to skip reading the config file, 1779 much like "ssh -F none" does. ok dtucker 1780 1781commit b7ca276fca316c952f0b90f5adb1448c8481eedc 1782Author: jmc@openbsd.org <jmc@openbsd.org> 1783Date: Fri Apr 24 06:26:49 2015 +0000 1784 1785 upstream commit 1786 1787 combine -Dd onto one line and update usage(); 1788 1789commit 2ea974630d7017e4c7666d14d9dc939707613e96 1790Author: djm@openbsd.org <djm@openbsd.org> 1791Date: Fri Apr 24 05:26:44 2015 +0000 1792 1793 upstream commit 1794 1795 add ssh-agent -D to leave ssh-agent in foreground 1796 without enabling debug mode; bz#2381 ok dtucker@ 1797 1798commit 8ac2ffd7aa06042f6b924c87139f2fea5c5682f7 1799Author: deraadt@openbsd.org <deraadt@openbsd.org> 1800Date: Fri Apr 24 01:36:24 2015 +0000 1801 1802 upstream commit 1803 1804 2*len -> use xreallocarray() ok djm 1805 1806commit 657a5fbc0d0aff309079ff8fb386f17e964963c2 1807Author: deraadt@openbsd.org <deraadt@openbsd.org> 1808Date: Fri Apr 24 01:36:00 2015 +0000 1809 1810 upstream commit 1811 1812 rename xrealloc() to xreallocarray() since it follows 1813 that form. ok djm 1814 1815commit 1108ae242fdd2c304307b68ddf46aebe43ebffaa 1816Author: dtucker@openbsd.org <dtucker@openbsd.org> 1817Date: Thu Apr 23 04:59:10 2015 +0000 1818 1819 upstream commit 1820 1821 Two small fixes for sshd -T: ListenAddress'es are added 1822 to a list head so reverse the order when printing them to ensure the 1823 behaviour remains the same, and print StreamLocalBindMask as octal with 1824 leading zero. ok deraadt@ 1825 1826commit bd902b8473e1168f19378d5d0ae68d0c203525df 1827Author: dtucker@openbsd.org <dtucker@openbsd.org> 1828Date: Thu Apr 23 04:53:53 2015 +0000 1829 1830 upstream commit 1831 1832 Check for and reject missing arguments for 1833 VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com, 1834 ok djm@ 1835 1836commit ca42c1758575e592239de1d5755140e054b91a0d 1837Author: djm@openbsd.org <djm@openbsd.org> 1838Date: Wed Apr 22 01:24:01 2015 +0000 1839 1840 upstream commit 1841 1842 unknown certificate extensions are non-fatal, so don't 1843 fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok 1844 dtucker@ 1845 1846commit 39bfbf7caad231cc4bda6909fb1af0705bca04d8 1847Author: jsg@openbsd.org <jsg@openbsd.org> 1848Date: Tue Apr 21 07:01:00 2015 +0000 1849 1850 upstream commit 1851 1852 Add back a backslash removed in rev 1.42 so 1853 KEX_SERVER_ENCRYPT will include aes again. 1854 1855 ok deraadt@ 1856 1857commit 6b0d576bb87eca3efd2b309fcfe4edfefc289f9c 1858Author: djm@openbsd.org <djm@openbsd.org> 1859Date: Fri Apr 17 13:32:09 2015 +0000 1860 1861 upstream commit 1862 1863 s/recommended/required/ that private keys be og-r this 1864 wording change was made a while ago but got accidentally reverted 1865 1866commit 44a8e7ce6f3ab4c2eb1ae49115c210b98e53c4df 1867Author: djm@openbsd.org <djm@openbsd.org> 1868Date: Fri Apr 17 13:25:52 2015 +0000 1869 1870 upstream commit 1871 1872 don't try to cleanup NULL KEX proposals in 1873 kex_prop_free(); found by Jukka Taimisto and Markus Hietava 1874 1875commit 3038a191872d2882052306098c1810d14835e704 1876Author: djm@openbsd.org <djm@openbsd.org> 1877Date: Fri Apr 17 13:19:22 2015 +0000 1878 1879 upstream commit 1880 1881 use error/logit/fatal instead of fprintf(stderr, ...) 1882 and exit(0), fix a few errors that were being printed to stdout instead of 1883 stderr and a few non-errors that were going to stderr instead of stdout 1884 bz#2325; ok dtucker 1885 1886commit a58be33cb6cd24441fa7e634db0e5babdd56f07f 1887Author: djm@openbsd.org <djm@openbsd.org> 1888Date: Fri Apr 17 13:16:48 2015 +0000 1889 1890 upstream commit 1891 1892 debug log missing DISPLAY environment when X11 1893 forwarding requested; bz#1682 ok dtucker@ 1894 1895commit 17d4d9d9fbc8fb80e322f94d95eecc604588a474 1896Author: djm@openbsd.org <djm@openbsd.org> 1897Date: Fri Apr 17 04:32:31 2015 +0000 1898 1899 upstream commit 1900 1901 don't call record_login() in monitor when UseLogin is 1902 enabled; bz#278 reported by drk AT sgi.com; ok dtucker 1903 1904commit 40132ff87b6cbc3dc05fb5df2e9d8e3afa06aafd 1905Author: dtucker@openbsd.org <dtucker@openbsd.org> 1906Date: Fri Apr 17 04:12:35 2015 +0000 1907 1908 upstream commit 1909 1910 Add some missing options to sshd -T and fix the output 1911 of VersionAddendum HostCertificate. bz#2346, patch from jjelen at redhat 1912 com, ok djm. 1913 1914commit 6cc7cfa936afde2d829e56ee6528c7ea47a42441 1915Author: dtucker@openbsd.org <dtucker@openbsd.org> 1916Date: Thu Apr 16 23:25:50 2015 +0000 1917 1918 upstream commit 1919 1920 Document "none" for PidFile XAuthLocation 1921 TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@ 1922 1923commit 15fdfc9b1c6808b26bc54d4d61a38b54541763ed 1924Author: dtucker@openbsd.org <dtucker@openbsd.org> 1925Date: Wed Apr 15 23:23:25 2015 +0000 1926 1927 upstream commit 1928 1929 Plug leak of address passed to logging. bz#2373, patch 1930 from jjelen at redhat, ok markus@ 1931 1932commit bb2289e2a47d465eaaaeff3dee2a6b7777b4c291 1933Author: dtucker@openbsd.org <dtucker@openbsd.org> 1934Date: Tue Apr 14 04:17:03 2015 +0000 1935 1936 upstream commit 1937 1938 Output remote username in debug output since with Host 1939 and Match it's not always obvious what it will be. bz#2368, ok djm@ 1940 1941commit 70860b6d07461906730632f9758ff1b7c98c695a 1942Author: Darren Tucker <dtucker@zip.com.au> 1943Date: Fri Apr 17 10:56:13 2015 +1000 1944 1945 Format UsePAM setting when using sshd -T. 1946 1947 Part of bz#2346, patch from jjelen at redhat com. 1948 1949commit ee15d9c9f0720f5a8b0b34e4b10ecf21f9824814 1950Author: Darren Tucker <dtucker@zip.com.au> 1951Date: Fri Apr 17 10:40:23 2015 +1000 1952 1953 Wrap endian.h include inside ifdef (bz#2370). 1954 1955commit 408f4c2ad4a4c41baa7b9b2b7423d875abbfa70b 1956Author: Darren Tucker <dtucker@zip.com.au> 1957Date: Fri Apr 17 09:39:58 2015 +1000 1958 1959 Look for '${host}-ar' before 'ar'. 1960 1961 This changes configure.ac to look for '${host}-ar' as set by 1962 AC_CANONICAL_HOST before looking for the unprefixed 'ar'. 1963 Useful when cross-compiling when all your binutils are prefixed. 1964 1965 Patch from moben at exherbo org via astrand at lysator liu se and 1966 bz#2352. 1967 1968commit 673a1c16ad078d41558247ce739fe812c960acc8 1969Author: Damien Miller <djm@google.com> 1970Date: Thu Apr 16 11:40:20 2015 +1000 1971 1972 remove dependency on arpa/telnet.h 1973 1974commit 202d443eeda1829d336595a3cfc07827e49f45ed 1975Author: Darren Tucker <dtucker@zip.com.au> 1976Date: Wed Apr 15 15:59:49 2015 +1000 1977 1978 Remove duplicate include of pwd.h. bz#2337, patch from Mordy Ovits. 1979 1980commit 597986493412c499f2bc2209420cb195f97b3668 1981Author: Damien Miller <djm@google.com> 1982Date: Thu Apr 9 10:14:48 2015 +1000 1983 1984 platform's with openpty don't need pty_release 1985 1986commit 318be28cda1fd9108f2e6f2f86b0b7589ba2aed0 1987Author: djm@openbsd.org <djm@openbsd.org> 1988Date: Mon Apr 13 02:04:08 2015 +0000 1989 1990 upstream commit 1991 1992 deprecate ancient, pre-RFC4419 and undocumented 1993 SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems 1994 reasonable" dtucker@ 1995 1996commit d8f391caef62378463a0e6b36f940170dadfe605 1997Author: dtucker@openbsd.org <dtucker@openbsd.org> 1998Date: Fri Apr 10 05:16:50 2015 +0000 1999 2000 upstream commit 2001 2002 Don't send hostkey advertisments 2003 (hostkeys-00@openssh.com) to current versions of Tera Term as they can't 2004 handle them. Newer versions should be OK. Patch from Bryan Drewery and 2005 IWAMOTO Kouichi, ok djm@ 2006 2007commit 2c2cfe1a1c97eb9a08cc9817fd0678209680c636 2008Author: djm@openbsd.org <djm@openbsd.org> 2009Date: Fri Apr 10 00:08:55 2015 +0000 2010 2011 upstream commit 2012 2013 include port number if a non-default one has been 2014 specified; based on patch from Michael Handler 2015 2016commit 4492a4f222da4cf1e8eab12689196322e27b08c4 2017Author: djm@openbsd.org <djm@openbsd.org> 2018Date: Tue Apr 7 23:00:42 2015 +0000 2019 2020 upstream commit 2021 2022 treat Protocol=1,2|2,1 as Protocol=2 when compiled 2023 without SSH1 support; ok dtucker@ millert@ 2024 2025commit c265e2e6e932efc6d86f6cc885dea33637a67564 2026Author: miod@openbsd.org <miod@openbsd.org> 2027Date: Sun Apr 5 15:43:43 2015 +0000 2028 2029 upstream commit 2030 2031 Do not use int for sig_atomic_t; spotted by 2032 christos@netbsd; ok markus@ 2033 2034commit e7bf3a5eda6a1b02bef6096fed78527ee11e54cc 2035Author: Darren Tucker <dtucker@zip.com.au> 2036Date: Tue Apr 7 10:48:04 2015 +1000 2037 2038 Use do{}while(0) for no-op functions. 2039 2040 From FreeBSD. 2041 2042commit bb99844abae2b6447272f79e7fa84134802eb4df 2043Author: Darren Tucker <dtucker@zip.com.au> 2044Date: Tue Apr 7 10:47:15 2015 +1000 2045 2046 Wrap blf.h include in ifdef. From FreeBSD. 2047 2048commit d9b9b43656091cf0ad55c122f08fadb07dad0abd 2049Author: Darren Tucker <dtucker@zip.com.au> 2050Date: Tue Apr 7 09:10:00 2015 +1000 2051 2052 Fix misspellings of regress CONFOPTS env variables. 2053 2054 Patch from Bryan Drewery. 2055 2056commit 3f4ea3c9ab1d32d43c9222c4351f58ca11144156 2057Author: djm@openbsd.org <djm@openbsd.org> 2058Date: Fri Apr 3 22:17:27 2015 +0000 2059 2060 upstream commit 2061 2062 correct return value in pubkey parsing, spotted by Ben Hawkes 2063 ok markus@ 2064 2065commit 7da2be0cb9601ed25460c83aa4d44052b967ba0f 2066Author: djm@openbsd.org <djm@openbsd.org> 2067Date: Tue Mar 31 22:59:01 2015 +0000 2068 2069 upstream commit 2070 2071 adapt to recent hostfile.c change: when parsing 2072 known_hosts without fully parsing the keys therein, hostkeys_foreach() will 2073 now correctly identify KEY_RSA1 keys; ok markus@ miod@ 2074 2075commit 9e1777a0d1c706714b055811c12ab8cc21033e4a 2076Author: markus@openbsd.org <markus@openbsd.org> 2077Date: Tue Mar 24 20:19:15 2015 +0000 2078 2079 upstream commit 2080 2081 use ${SSH} for -Q instead of installed ssh 2082 2083commit ce1b358ea414a2cc88e4430cd5a2ea7fecd9de57 2084Author: djm@openbsd.org <djm@openbsd.org> 2085Date: Mon Mar 16 22:46:14 2015 +0000 2086 2087 upstream commit 2088 2089 make CLEANFILES clean up more of the tests' droppings 2090 2091commit 398f9ef192d820b67beba01ec234d66faca65775 2092Author: djm@openbsd.org <djm@openbsd.org> 2093Date: Tue Mar 31 22:57:06 2015 +0000 2094 2095 upstream commit 2096 2097 downgrade error() for known_hosts parse errors to debug() 2098 to quiet warnings from ssh1 keys present when compiled !ssh1. 2099 2100 also identify ssh1 keys when scanning, even when compiled !ssh1 2101 2102 ok markus@ miod@ 2103 2104commit 9a47ab80030a31f2d122b8fd95bd48c408b9fcd9 2105Author: djm@openbsd.org <djm@openbsd.org> 2106Date: Tue Mar 31 22:55:50 2015 +0000 2107 2108 upstream commit 2109 2110 fd leak for !ssh1 case; found by unittests; ok markus@ 2111 2112commit c9a0805a6280681901c270755a7cd630d7c5280e 2113Author: djm@openbsd.org <djm@openbsd.org> 2114Date: Tue Mar 31 22:55:24 2015 +0000 2115 2116 upstream commit 2117 2118 don't fatal when a !ssh1 sshd is reexeced from a w/ssh1 2119 listener; reported by miod@; ok miod@ markus@ 2120 2121commit 704d8c88988cae38fb755a6243b119731d223222 2122Author: tobias@openbsd.org <tobias@openbsd.org> 2123Date: Tue Mar 31 11:06:49 2015 +0000 2124 2125 upstream commit 2126 2127 Comments are only supported for RSA1 keys. If a user 2128 tried to add one and entered his passphrase, explicitly clear it before exit. 2129 This is done in all other error paths, too. 2130 2131 ok djm 2132 2133commit 78de1673c05ea2c33e0d4a4b64ecb5186b6ea2e9 2134Author: jmc@openbsd.org <jmc@openbsd.org> 2135Date: Mon Mar 30 18:28:37 2015 +0000 2136 2137 upstream commit 2138 2139 ssh-askpass(1) is the default, overridden by SSH_ASKPASS; 2140 diff originally from jiri b; 2141 2142commit 26e0bcf766fadb4a44fb6199386fb1dcab65ad00 2143Author: djm@openbsd.org <djm@openbsd.org> 2144Date: Mon Mar 30 00:00:29 2015 +0000 2145 2146 upstream commit 2147 2148 fix uninitialised memory read when parsing a config file 2149 consisting of a single nul byte. Found by hanno AT hboeck.de using AFL; ok 2150 dtucker 2151 2152commit fecede00a76fbb33a349f5121c0b2f9fbc04a777 2153Author: markus@openbsd.org <markus@openbsd.org> 2154Date: Thu Mar 26 19:32:19 2015 +0000 2155 2156 upstream commit 2157 2158 sigp and lenp are not optional in ssh_agent_sign(); ok 2159 djm@ 2160 2161commit 1b0ef3813244c78669e6d4d54c624f600945327d 2162Author: naddy@openbsd.org <naddy@openbsd.org> 2163Date: Thu Mar 26 12:32:38 2015 +0000 2164 2165 upstream commit 2166 2167 don't try to load .ssh/identity by default if SSH1 is 2168 disabled; ok markus@ 2169 2170commit f9b78852379b74a2d14e6fc94fe52af30b7e9c31 2171Author: djm@openbsd.org <djm@openbsd.org> 2172Date: Thu Mar 26 07:00:04 2015 +0000 2173 2174 upstream commit 2175 2176 ban all-zero curve25519 keys as recommended by latest 2177 CFRG curves draft; ok markus 2178 2179commit b8afbe2c1aaf573565e4da775261dfafc8b1ba9c 2180Author: djm@openbsd.org <djm@openbsd.org> 2181Date: Thu Mar 26 06:59:28 2015 +0000 2182 2183 upstream commit 2184 2185 relax bits needed check to allow 2186 diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was 2187 selected as symmetric cipher; ok markus 2188 2189commit 47842f71e31da130555353c1d57a1e5a8937f1c0 2190Author: markus@openbsd.org <markus@openbsd.org> 2191Date: Wed Mar 25 19:29:58 2015 +0000 2192 2193 upstream commit 2194 2195 ignore v1 errors on ssh-add -D; only try v2 keys on 2196 -l/-L (unless WITH_SSH1) ok djm@ 2197 2198commit 5f57e77f91bf2230c09eca96eb5ecec39e5f2da6 2199Author: markus@openbsd.org <markus@openbsd.org> 2200Date: Wed Mar 25 19:21:48 2015 +0000 2201 2202 upstream commit 2203 2204 unbreak ssh_agent_sign (lenp vs *lenp) 2205 2206commit 4daeb67181054f2a377677fac919ee8f9ed3490e 2207Author: markus@openbsd.org <markus@openbsd.org> 2208Date: Tue Mar 24 20:10:08 2015 +0000 2209 2210 upstream commit 2211 2212 don't leak 'setp' on error; noted by Nicholas Lemonias; 2213 ok djm@ 2214 2215commit 7d4f96f9de2a18af0d9fa75ea89a4990de0344f5 2216Author: markus@openbsd.org <markus@openbsd.org> 2217Date: Tue Mar 24 20:09:11 2015 +0000 2218 2219 upstream commit 2220 2221 consistent check for NULL as noted by Nicholas 2222 Lemonias; ok djm@ 2223 2224commit df100be51354e447d9345cf1ec22e6013c0eed50 2225Author: markus@openbsd.org <markus@openbsd.org> 2226Date: Tue Mar 24 20:03:44 2015 +0000 2227 2228 upstream commit 2229 2230 correct fmt-string for size_t as noted by Nicholas 2231 Lemonias; ok djm@ 2232 2233commit a22b9ef21285e81775732436f7c84a27bd3f71e0 2234Author: djm@openbsd.org <djm@openbsd.org> 2235Date: Tue Mar 24 09:17:21 2015 +0000 2236 2237 upstream commit 2238 2239 promote chacha20-poly1305@openssh.com to be the default 2240 cipher; ok markus 2241 2242commit 2aa9da1a3b360cf7b13e96fe1521534b91501fb5 2243Author: djm@openbsd.org <djm@openbsd.org> 2244Date: Tue Mar 24 01:29:19 2015 +0000 2245 2246 upstream commit 2247 2248 Compile-time disable SSH protocol 1. You can turn it 2249 back on using the Makefile.inc knob if you need it to talk to ancient 2250 devices. 2251 2252commit 53097b2022154edf96b4e8526af5666f979503f7 2253Author: djm@openbsd.org <djm@openbsd.org> 2254Date: Tue Mar 24 01:11:12 2015 +0000 2255 2256 upstream commit 2257 2258 fix double-negative error message "ssh1 is not 2259 unsupported" 2260 2261commit 5c27e3b6ec2db711dfcd40e6359c0bcdd0b62ea9 2262Author: djm@openbsd.org <djm@openbsd.org> 2263Date: Mon Mar 23 06:06:38 2015 +0000 2264 2265 upstream commit 2266 2267 for ssh-keygen -A, don't try (and fail) to generate ssh 2268 v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled 2269 without OpenSSL based on patch by Mike Frysinger; bz#2369 2270 2271commit 725fd22a8c41db7de73a638539a5157b7e4424ae 2272Author: djm@openbsd.org <djm@openbsd.org> 2273Date: Wed Mar 18 01:44:21 2015 +0000 2274 2275 upstream commit 2276 2277 KRL support doesn't need OpenSSL anymore, remove #ifdefs 2278 from around call 2279 2280commit b07011c18e0b2e172c5fd09d21fb159a0bf5fcc7 2281Author: djm@openbsd.org <djm@openbsd.org> 2282Date: Mon Mar 16 11:09:52 2015 +0000 2283 2284 upstream commit 2285 2286 #if 0 some more arrays used only for decrypting (we don't 2287 use since we only need encrypt for AES-CTR) 2288 2289commit 1cb3016635898d287e9d58b50c430995652d5358 2290Author: jsg@openbsd.org <jsg@openbsd.org> 2291Date: Wed Mar 11 00:48:39 2015 +0000 2292 2293 upstream commit 2294 2295 add back the changes from rev 1.206, djm reverted this by 2296 mistake in rev 1.207 2297 2298commit 4d24b3b6a4a6383e05e7da26d183b79fa8663697 2299Author: Damien Miller <djm@mindrot.org> 2300Date: Fri Mar 20 09:11:59 2015 +1100 2301 2302 remove error() accidentally inserted for debugging 2303 2304 pointed out by Christian Hesse 2305 2306commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb 2307Author: Tim Rice <tim@multitalents.net> 2308Date: Mon Mar 16 22:49:20 2015 -0700 2309 2310 portability fix: Solaris systems may not have a grep that understands -q 2311 2312commit 8ef691f7d9ef500257a549d0906d78187490668f 2313Author: Damien Miller <djm@google.com> 2314Date: Wed Mar 11 10:35:26 2015 +1100 2315 2316 fix compile with clang 2317 2318commit 4df590cf8dc799e8986268d62019b487a8ed63ad 2319Author: Damien Miller <djm@google.com> 2320Date: Wed Mar 11 10:02:39 2015 +1100 2321 2322 make unit tests work for !OPENSSH_HAS_ECC 2323 2324commit 307bb40277ca2c32e97e61d70d1ed74b571fd6ba 2325Author: djm@openbsd.org <djm@openbsd.org> 2326Date: Sat Mar 7 04:41:48 2015 +0000 2327 2328 upstream commit 2329 2330 unbreak for w/SSH1 (default) case; ok markus@ deraadt@ 2331 2332commit b44ee0c998fb4c5f3c3281f2398af5ce42840b6f 2333Author: Damien Miller <djm@mindrot.org> 2334Date: Thu Mar 5 18:39:20 2015 -0800 2335 2336 unbreak hostkeys test for w/ SSH1 case 2337 2338commit 55e5bdeb519cb60cc18b7ba0545be581fb8598b4 2339Author: djm@openbsd.org <djm@openbsd.org> 2340Date: Fri Mar 6 01:40:56 2015 +0000 2341 2342 upstream commit 2343 2344 fix sshkey_certify() return value for unsupported key types; 2345 ok markus@ deraadt@ 2346 2347commit be8f658e550a434eac04256bfbc4289457a24e99 2348Author: Damien Miller <djm@mindrot.org> 2349Date: Wed Mar 4 15:38:03 2015 -0800 2350 2351 update version numbers to match version.h 2352 2353commit ac5e8acefa253eb5e5ba186e34236c0e8007afdc 2354Author: djm@openbsd.org <djm@openbsd.org> 2355Date: Wed Mar 4 23:22:35 2015 +0000 2356 2357 upstream commit 2358 2359 make these work with !SSH1; ok markus@ deraadt@ 2360 2361commit 2f04af92f036b0c87a23efb259c37da98cd81fe6 2362Author: djm@openbsd.org <djm@openbsd.org> 2363Date: Wed Mar 4 21:12:59 2015 +0000 2364 2365 upstream commit 2366 2367 make ssh-add -D work with !SSH1 agent 2368 2369commit a05adf95d2af6abb2b7826ddaa7a0ec0cdc1726b 2370Author: Damien Miller <djm@mindrot.org> 2371Date: Wed Mar 4 00:55:48 2015 -0800 2372 2373 netcat needs poll.h portability goop 2374 2375commit dad2b1892b4c1b7e58df483a8c5b983c4454e099 2376Author: markus@openbsd.org <markus@openbsd.org> 2377Date: Tue Mar 3 22:35:19 2015 +0000 2378 2379 upstream commit 2380 2381 make it possible to run tests w/o ssh1 support; ok djm@ 2382 2383commit d48a22601bdd3eec054794c535f4ae8d8ae4c6e2 2384Author: djm@openbsd.org <djm@openbsd.org> 2385Date: Wed Mar 4 18:53:53 2015 +0000 2386 2387 upstream commit 2388 2389 crank; ok markus, deraadt 2390 2391commit bbffb23daa0b002dd9f296e396a9ab8a5866b339 2392Author: Damien Miller <djm@mindrot.org> 2393Date: Tue Mar 3 13:50:27 2015 -0800 2394 2395 more --without-ssh1 fixes 2396 2397commit 6c2039286f503e2012a58a1d109e389016e7a99b 2398Author: Damien Miller <djm@mindrot.org> 2399Date: Tue Mar 3 13:48:48 2015 -0800 2400 2401 fix merge both that broke --without-ssh1 compile 2402 2403commit 111dfb225478a76f89ecbcd31e96eaf1311b59d3 2404Author: djm@openbsd.org <djm@openbsd.org> 2405Date: Tue Mar 3 21:21:13 2015 +0000 2406 2407 upstream commit 2408 2409 add SSH1 Makefile knob to make it easier to build without 2410 SSH1 support; ok markus@ 2411 2412commit 3f7f5e6c5d2aa3f6710289c1a30119e534e56c5c 2413Author: djm@openbsd.org <djm@openbsd.org> 2414Date: Tue Mar 3 20:42:49 2015 +0000 2415 2416 upstream commit 2417 2418 expand __unused to full __attribute__ for better portability 2419 2420commit 2fab9b0f8720baf990c931e3f68babb0bf9949c6 2421Author: Damien Miller <djm@mindrot.org> 2422Date: Wed Mar 4 07:41:27 2015 +1100 2423 2424 avoid warning 2425 2426commit d1bc844322461f882b4fd2277ba9a8d4966573d2 2427Author: Damien Miller <djm@mindrot.org> 2428Date: Wed Mar 4 06:31:45 2015 +1100 2429 2430 Revert "define __unused to nothing if not already defined" 2431 2432 This reverts commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908. 2433 2434 Some system headers have objects named __unused 2435 2436commit 00797e86b2d98334d1bb808f65fa1fd47f328ff1 2437Author: Damien Miller <djm@mindrot.org> 2438Date: Wed Mar 4 05:02:45 2015 +1100 2439 2440 check for crypt and DES_crypt in openssl block 2441 2442 fixes builds on systems that use DES_crypt; based on patch 2443 from Roumen Petrov 2444 2445commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908 2446Author: Damien Miller <djm@mindrot.org> 2447Date: Wed Mar 4 04:59:13 2015 +1100 2448 2449 define __unused to nothing if not already defined 2450 2451 fixes builds on BSD/OS 2452 2453commit d608a51daad4f14ad6ab43d7cf74ef4801cc3fe9 2454Author: djm@openbsd.org <djm@openbsd.org> 2455Date: Tue Mar 3 17:53:40 2015 +0000 2456 2457 upstream commit 2458 2459 reorder logic for better portability; patch from Roumen 2460 Petrov 2461 2462commit 68d2dfc464fbcdf8d6387884260f9801f4352393 2463Author: djm@openbsd.org <djm@openbsd.org> 2464Date: Tue Mar 3 06:48:58 2015 +0000 2465 2466 upstream commit 2467 2468 Allow "ssh -Q protocol-version" to list supported SSH 2469 protocol versions. Useful for detecting builds without SSH v.1 support; idea 2470 and ok markus@ 2471 2472commit 39e2f1229562e1195169905607bc12290d21f021 2473Author: millert@openbsd.org <millert@openbsd.org> 2474Date: Sun Mar 1 15:44:40 2015 +0000 2475 2476 upstream commit 2477 2478 Make sure we only call getnameinfo() for AF_INET or AF_INET6 2479 sockets. getpeername() of a Unix domain socket may return without error on 2480 some systems without actually setting ss_family so getnameinfo() was getting 2481 called with ss_family set to AF_UNSPEC. OK djm@ 2482 2483commit e47536ba9692d271b8ad89078abdecf0a1c11707 2484Author: Damien Miller <djm@mindrot.org> 2485Date: Sat Feb 28 08:20:11 2015 -0800 2486 2487 portability fixes for regress/netcat.c 2488 2489 Mostly avoiding "err(1, NULL)" 2490 2491commit 02973ad5f6f49d8420e50a392331432b0396c100 2492Author: Damien Miller <djm@mindrot.org> 2493Date: Sat Feb 28 08:05:27 2015 -0800 2494 2495 twiddle another test for portability 2496 2497 from Tom G. Christensen 2498 2499commit f7f3116abf2a6e2f309ab096b08c58d19613e5d0 2500Author: Damien Miller <djm@mindrot.org> 2501Date: Fri Feb 27 15:52:49 2015 -0800 2502 2503 twiddle test for portability 2504 2505commit 1ad3a77cc9d5568f5437ff99d377aa7a41859b83 2506Author: Damien Miller <djm@mindrot.org> 2507Date: Thu Feb 26 20:33:22 2015 -0800 2508 2509 make regress/netcat.c fd passing (more) portable 2510 2511commit 9e1cfca7e1fe9cf8edb634fc894e43993e4da1ea 2512Author: Damien Miller <djm@mindrot.org> 2513Date: Thu Feb 26 20:32:58 2015 -0800 2514 2515 create OBJ/valgrind-out before running unittests 2516 2517commit bd58853102cee739f0e115e6d4b5334332ab1442 2518Author: Damien Miller <djm@mindrot.org> 2519Date: Wed Feb 25 16:58:22 2015 -0800 2520 2521 valgrind support 2522 2523commit f43d17269194761eded9e89f17456332f4c83824 2524Author: djm@openbsd.org <djm@openbsd.org> 2525Date: Thu Feb 26 20:45:47 2015 +0000 2526 2527 upstream commit 2528 2529 don't printf NULL key comments; reported by Tom Christensen 2530 2531commit 6e6458b476ec854db33e3e68ebf4f489d0ab3df8 2532Author: djm@openbsd.org <djm@openbsd.org> 2533Date: Wed Feb 25 23:05:47 2015 +0000 2534 2535 upstream commit 2536 2537 zero cmsgbuf before use; we initialise the bits we use 2538 but valgrind still spams warning on it 2539 2540commit a63cfa26864b93ab6afefad0b630e5358ed8edfa 2541Author: djm@openbsd.org <djm@openbsd.org> 2542Date: Wed Feb 25 19:54:02 2015 +0000 2543 2544 upstream commit 2545 2546 fix small memory leak when UpdateHostkeys=no 2547 2548commit e6b950341dd75baa8526f1862bca39e52f5b879b 2549Author: Tim Rice <tim@multitalents.net> 2550Date: Wed Feb 25 09:56:48 2015 -0800 2551 2552 Revert "Work around finicky USL linker so netcat will build." 2553 2554 This reverts commit d1db656021d0cd8c001a6692f772f1de29b67c8b. 2555 2556 No longer needed with commit 678e473e2af2e4802f24dd913985864d9ead7fb3 2557 2558commit 6f621603f9cff2a5d6016a404c96cb2f8ac2dec0 2559Author: djm@openbsd.org <djm@openbsd.org> 2560Date: Wed Feb 25 17:29:38 2015 +0000 2561 2562 upstream commit 2563 2564 don't leak validity of user in "too many authentication 2565 failures" disconnect message; reported by Sebastian Reitenbach 2566 2567commit 6288e3a935494df12519164f52ca5c8c65fc3ca5 2568Author: naddy@openbsd.org <naddy@openbsd.org> 2569Date: Tue Feb 24 15:24:05 2015 +0000 2570 2571 upstream commit 2572 2573 add -v (show ASCII art) to -l's synopsis; ok djm@ 2574 2575commit 678e473e2af2e4802f24dd913985864d9ead7fb3 2576Author: Darren Tucker <dtucker@zip.com.au> 2577Date: Thu Feb 26 04:12:58 2015 +1100 2578 2579 Remove dependency on xmalloc. 2580 2581 Remove ssh_get_progname's dependency on xmalloc, which should reduce 2582 link order problems. ok djm@ 2583 2584commit 5d5ec165c5b614b03678afdad881f10e25832e46 2585Author: Darren Tucker <dtucker@zip.com.au> 2586Date: Wed Feb 25 15:32:49 2015 +1100 2587 2588 Restrict ECDSA and ECDH tests. 2589 2590 ifdef out some more ECDSA and ECDH tests when built against an OpenSSL 2591 that does not have eliptic curve functionality. 2592 2593commit 1734e276d99b17e92d4233fac7aef3a3180aaca7 2594Author: Darren Tucker <dtucker@zip.com.au> 2595Date: Wed Feb 25 13:40:45 2015 +1100 2596 2597 Move definition of _NSIG. 2598 2599 _NSIG is only unsed in one file, so move it there prevent redefinition 2600 warnings reported by Kevin Brott. 2601 2602commit a47ead7c95cfbeb72721066c4da2312e5b1b9f3d 2603Author: Darren Tucker <dtucker@zip.com.au> 2604Date: Wed Feb 25 13:17:40 2015 +1100 2605 2606 Add includes.h for compatibility stuff. 2607 2608commit 38806bda6d2e48ad32812b461eebe17672ada771 2609Author: Damien Miller <djm@mindrot.org> 2610Date: Tue Feb 24 16:50:06 2015 -0800 2611 2612 include netdb.h to look for MAXHOSTNAMELEN; ok tim 2613 2614commit d1db656021d0cd8c001a6692f772f1de29b67c8b 2615Author: Tim Rice <tim@multitalents.net> 2616Date: Tue Feb 24 10:42:08 2015 -0800 2617 2618 Work around finicky USL linker so netcat will build. 2619 2620commit cb030ce25f555737e8ba97bdd7883ac43f3ff2a3 2621Author: Damien Miller <djm@mindrot.org> 2622Date: Tue Feb 24 09:23:04 2015 -0800 2623 2624 include includes.h to avoid build failure on AIX 2625 2626commit 13af342458f5064144abbb07e5ac9bbd4eb42567 2627Author: Tim Rice <tim@multitalents.net> 2628Date: Tue Feb 24 07:56:47 2015 -0800 2629 2630 Original portability patch from djm@ for platforms missing err.h. 2631 Fix name space clash on Solaris 10. Still more to do for Solaris 10 2632 to deal with msghdr structure differences. ok djm@ 2633 2634commit 910209203d0cd60c5083901cbcc0b7b44d9f48d2 2635Author: Tim Rice <tim@multitalents.net> 2636Date: Mon Feb 23 22:06:56 2015 -0800 2637 2638 cleaner way fix dispatch.h portion of commit 2639 a88dd1da119052870bb2654c1a32c51971eade16 2640 (some systems have sig_atomic_t in signal.h, some in sys/signal.h) 2641 Sounds good to me djm@ 2642 2643commit 676c38d7cbe65b76bbfff796861bb6615cc6a596 2644Author: Tim Rice <tim@multitalents.net> 2645Date: Mon Feb 23 21:51:33 2015 -0800 2646 2647 portability fix: if we can't dind a better define for HOST_NAME_MAX, use 255 2648 2649commit 1221b22023dce38cbc90ba77eae4c5d78c77a5e6 2650Author: Tim Rice <tim@multitalents.net> 2651Date: Mon Feb 23 21:50:34 2015 -0800 2652 2653 portablity fix: s/__inline__/inline/ 2654 2655commit 4c356308a88d309c796325bb75dce90ca16591d5 2656Author: Darren Tucker <dtucker@zip.com.au> 2657Date: Tue Feb 24 13:49:31 2015 +1100 2658 2659 Wrap stdint.h includes in HAVE_STDINT_H. 2660 2661commit c9c88355c6a27a908e7d1e5003a2b35ea99c1614 2662Author: Darren Tucker <dtucker@zip.com.au> 2663Date: Tue Feb 24 13:43:57 2015 +1100 2664 2665 Add AI_NUMERICSERV to fake-rfc2553. 2666 2667 Our getaddrinfo implementation always returns numeric values already. 2668 2669commit ef342ab1ce6fb9a4b30186c89c309d0ae9d0eeb4 2670Author: Darren Tucker <dtucker@zip.com.au> 2671Date: Tue Feb 24 13:39:57 2015 +1100 2672 2673 Include OpenSSL's objects.h before bn.h. 2674 2675 Prevents compile errors on some platforms (at least old GCCs and AIX's 2676 XLC compilers). 2677 2678commit dcc8997d116f615195aa7c9ec019fb36c28c6228 2679Author: Darren Tucker <dtucker@zip.com.au> 2680Date: Tue Feb 24 12:30:59 2015 +1100 2681 2682 Convert two macros into functions. 2683 2684 Convert packet_send_debug and packet_disconnect from macros to 2685 functions. Some older GCCs (2.7.x, 2.95.x) see to have problems with 2686 variadic macros with only one argument so we convert these two into 2687 functions. ok djm@ 2688 2689commit 2285c30d51b7e2052c6526445abe7e7cc7e170a1 2690Author: djm@openbsd.org <djm@openbsd.org> 2691Date: Mon Feb 23 22:21:21 2015 +0000 2692 2693 upstream commit 2694 2695 further silence spurious error message even when -v is 2696 specified (e.g. to get visual host keys); reported by naddy@ 2697 2698commit 9af21979c00652029e160295e988dea40758ece2 2699Author: Damien Miller <djm@mindrot.org> 2700Date: Tue Feb 24 09:04:32 2015 +1100 2701 2702 don't include stdint.h unless HAVE_STDINT_H set 2703 2704commit 62f678dd51660d6f8aee1da33d3222c5de10a89e 2705Author: Damien Miller <djm@mindrot.org> 2706Date: Tue Feb 24 09:02:54 2015 +1100 2707 2708 nother sys/queue.h -> sys-queue.h fix 2709 2710 spotted by Tom Christensen 2711 2712commit b3c19151cba2c0ed01b27f55de0d723ad07ca98f 2713Author: djm@openbsd.org <djm@openbsd.org> 2714Date: Mon Feb 23 20:32:15 2015 +0000 2715 2716 upstream commit 2717 2718 fix a race condition by using a mux socket rather than an 2719 ineffectual wait statement 2720 2721commit a88dd1da119052870bb2654c1a32c51971eade16 2722Author: Damien Miller <djm@mindrot.org> 2723Date: Tue Feb 24 06:30:29 2015 +1100 2724 2725 various include fixes for portable 2726 2727commit 5248429b5ec524d0a65507cff0cdd6e0cb99effd 2728Author: djm@openbsd.org <djm@openbsd.org> 2729Date: Mon Feb 23 16:55:51 2015 +0000 2730 2731 upstream commit 2732 2733 add an XXX to remind me to improve sshkey_load_public 2734 2735commit e94e4b07ef2eaead38b085a60535df9981cdbcdb 2736Author: djm@openbsd.org <djm@openbsd.org> 2737Date: Mon Feb 23 16:55:31 2015 +0000 2738 2739 upstream commit 2740 2741 silence a spurious error message when listing 2742 fingerprints for known_hosts; bz#2342 2743 2744commit f2293a65392b54ac721f66bc0b44462e8d1d81f8 2745Author: djm@openbsd.org <djm@openbsd.org> 2746Date: Mon Feb 23 16:33:25 2015 +0000 2747 2748 upstream commit 2749 2750 fix setting/clearing of TTY raw mode around 2751 UpdateHostKeys=ask confirmation question; reported by Herb Goldman 2752 2753commit f2004cd1adf34492eae0a44b1ef84e0e31b06088 2754Author: Darren Tucker <dtucker@zip.com.au> 2755Date: Mon Feb 23 05:04:21 2015 +1100 2756 2757 Repair for non-ECC OpenSSL. 2758 2759 Ifdef out the ECC parts when building with an OpenSSL that doesn't have 2760 it. 2761 2762commit 37f9220db8d1a52c75894c3de1e5f2ae5bd71b6f 2763Author: Darren Tucker <dtucker@zip.com.au> 2764Date: Mon Feb 23 03:07:24 2015 +1100 2765 2766 Wrap stdint.h includes in ifdefs. 2767 2768commit f81f1bbc5b892c8614ea740b1f92735652eb43f0 2769Author: Tim Rice <tim@multitalents.net> 2770Date: Sat Feb 21 18:12:10 2015 -0800 2771 2772 out of tree build fix 2773 2774commit 2e13a1e4d22f3b503c3bfc878562cc7386a1d1ae 2775Author: Tim Rice <tim@multitalents.net> 2776Date: Sat Feb 21 18:08:51 2015 -0800 2777 2778 mkdir kex unit test directory so testing out of tree builds works 2779 2780commit 1797f49b1ba31e8700231cd6b1d512d80bb50d2c 2781Author: halex@openbsd.org <halex@openbsd.org> 2782Date: Sat Feb 21 21:46:57 2015 +0000 2783 2784 upstream commit 2785 2786 make "ssh-add -d" properly remove a corresponding 2787 certificate, and also not whine and fail if there is none 2788 2789 ok djm@ 2790 2791commit 7faaa32da83a609059d95dbfcb0649fdb04caaf6 2792Author: Damien Miller <djm@mindrot.org> 2793Date: Sun Feb 22 07:57:27 2015 +1100 2794 2795 mkdir hostkey and bitmap unit test directories 2796 2797commit bd49da2ef197efac5e38f5399263a8b47990c538 2798Author: djm@openbsd.org <djm@openbsd.org> 2799Date: Fri Feb 20 23:46:01 2015 +0000 2800 2801 upstream commit 2802 2803 sort options useable under Match case-insensitively; prodded 2804 jmc@ 2805 2806commit 1a779a0dd6cd8b4a1a40ea33b5415ab8408128ac 2807Author: djm@openbsd.org <djm@openbsd.org> 2808Date: Sat Feb 21 20:51:02 2015 +0000 2809 2810 upstream commit 2811 2812 correct paths to configuration files being written/updated; 2813 they live in $OBJ not cwd; some by Roumen Petrov 2814 2815commit 28ba006c1acddff992ae946d0bc0b500b531ba6b 2816Author: Darren Tucker <dtucker@zip.com.au> 2817Date: Sat Feb 21 15:41:07 2015 +1100 2818 2819 More correct checking of HAVE_DECL_AI_NUMERICSERV. 2820 2821commit e50e8c97a9cecae1f28febccaa6ca5ab3bc10f54 2822Author: Darren Tucker <dtucker@zip.com.au> 2823Date: Sat Feb 21 15:10:33 2015 +1100 2824 2825 Add null declaration of AI_NUMERICINFO. 2826 2827 Some platforms (older FreeBSD and DragonFly versions) do have 2828 getaddrinfo() but do not have AI_NUMERICINFO. so define it to zero 2829 in those cases. 2830 2831commit 18a208d6a460d707a45916db63a571e805f5db46 2832Author: djm@openbsd.org <djm@openbsd.org> 2833Date: Fri Feb 20 22:40:32 2015 +0000 2834 2835 upstream commit 2836 2837 more options that are available under Match; bz#2353 reported 2838 by calestyo AT scientia.net 2839 2840commit 44732de06884238049f285f1455b2181baa7dc82 2841Author: djm@openbsd.org <djm@openbsd.org> 2842Date: Fri Feb 20 22:17:21 2015 +0000 2843 2844 upstream commit 2845 2846 UpdateHostKeys fixes: 2847 2848 I accidentally changed the format of the hostkeys@openssh.com messages 2849 last week without changing the extension name, and this has been causing 2850 connection failures for people who are running -current. First reported 2851 by sthen@ 2852 2853 s/hostkeys@openssh.com/hostkeys-00@openssh.com/ 2854 Change the name of the proof message too, and reorder it a little. 2855 2856 Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY 2857 available to read the response) so disable UpdateHostKeys if it is in 2858 ask mode and ControlPersist is active (and document this) 2859 2860commit 13a39414d25646f93e6d355521d832a03aaaffe2 2861Author: djm@openbsd.org <djm@openbsd.org> 2862Date: Tue Feb 17 00:14:05 2015 +0000 2863 2864 upstream commit 2865 2866 Regression: I broke logging of public key fingerprints in 2867 1.46. Pointed out by Pontus Lundkvist 2868 2869commit 773dda25e828c4c9a52f7bdce6e1e5924157beab 2870Author: Damien Miller <djm@mindrot.org> 2871Date: Fri Jan 30 23:10:17 2015 +1100 2872 2873 repair --without-openssl; broken in refactor 2874 2875commit e89c780886b23600de1e1c8d74aabd1ff61f43f0 2876Author: Damien Miller <djm@google.com> 2877Date: Tue Feb 17 10:04:55 2015 +1100 2878 2879 hook up hostkeys unittest to portable Makefiles 2880 2881commit 0abf41f99aa16ff09b263bead242d6cb2dbbcf99 2882Author: djm@openbsd.org <djm@openbsd.org> 2883Date: Mon Feb 16 22:21:03 2015 +0000 2884 2885 upstream commit 2886 2887 enable hostkeys unit tests 2888 2889commit 68a5d647ccf0fb6782b2f749433a1eee5bc9044b 2890Author: djm@openbsd.org <djm@openbsd.org> 2891Date: Mon Feb 16 22:20:50 2015 +0000 2892 2893 upstream commit 2894 2895 check string/memory compare arguments aren't NULL 2896 2897commit ef575ef20d09f20722e26b45dab80b3620469687 2898Author: djm@openbsd.org <djm@openbsd.org> 2899Date: Mon Feb 16 22:18:34 2015 +0000 2900 2901 upstream commit 2902 2903 unit tests for hostfile.c code, just hostkeys_foreach so 2904 far 2905 2906commit 8ea3365e6aa2759ccf5c76eaea62cbc8a280b0e7 2907Author: markus@openbsd.org <markus@openbsd.org> 2908Date: Sat Feb 14 12:43:16 2015 +0000 2909 2910 upstream commit 2911 2912 test server rekey limit 2913 2914commit ce63c4b063c39b2b22d4ada449c9e3fbde788cb3 2915Author: djm@openbsd.org <djm@openbsd.org> 2916Date: Mon Feb 16 22:30:03 2015 +0000 2917 2918 upstream commit 2919 2920 partial backout of: 2921 2922 revision 1.441 2923 date: 2015/01/31 20:30:05; author: djm; state: Exp; lines: +17 -10; commitid 2924 : x8klYPZMJSrVlt3O; 2925 Let sshd load public host keys even when private keys are missing. 2926 Allows sshd to advertise additional keys for future key rotation. 2927 Also log fingerprint of hostkeys loaded; ok markus@ 2928 2929 hostkey updates now require access to the private key, so we can't 2930 load public keys only. The improved log messages (fingerprints of keys 2931 loaded) are kept. 2932 2933commit 523463a3a2a9bfc6cfc5afa01bae9147f76a37cc 2934Author: djm@openbsd.org <djm@openbsd.org> 2935Date: Mon Feb 16 22:13:32 2015 +0000 2936 2937 upstream commit 2938 2939 Revise hostkeys@openssh.com hostkey learning extension. 2940 2941 The client will not ask the server to prove ownership of the private 2942 halves of any hitherto-unseen hostkeys it offers to the client. 2943 2944 Allow UpdateHostKeys option to take an 'ask' argument to let the 2945 user manually review keys offered. 2946 2947 ok markus@ 2948 2949commit 6c5c949782d86a6e7d58006599c7685bfcd01685 2950Author: djm@openbsd.org <djm@openbsd.org> 2951Date: Mon Feb 16 22:08:57 2015 +0000 2952 2953 upstream commit 2954 2955 Refactor hostkeys_foreach() and dependent code Deal with 2956 IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing 2957 changed ok markus@ as part of larger commit 2958 2959commit 51b082ccbe633dc970df1d1f4c9c0497115fe721 2960Author: miod@openbsd.org <miod@openbsd.org> 2961Date: Mon Feb 16 18:26:26 2015 +0000 2962 2963 upstream commit 2964 2965 Declare ge25519_base as extern, to prevent it from 2966 becoming a common. Gets us rid of ``lignment 4 of symbol 2967 `crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in 2968 mod_ed25519.o'' warnings at link time. 2969 2970commit 02db468bf7e3281a8e3c058ced571b38b6407c34 2971Author: markus@openbsd.org <markus@openbsd.org> 2972Date: Fri Feb 13 18:57:00 2015 +0000 2973 2974 upstream commit 2975 2976 make rekey_limit for sshd w/privsep work; ok djm@ 2977 dtucker@ 2978 2979commit 8ec67d505bd23c8bf9e17b7a364b563a07a58ec8 2980Author: dtucker@openbsd.org <dtucker@openbsd.org> 2981Date: Thu Feb 12 20:34:19 2015 +0000 2982 2983 upstream commit 2984 2985 Prevent sshd spamming syslog with 2986 "ssh_dispatch_run_fatal: disconnected". ok markus@ 2987 2988commit d4c0295d1afc342057ba358237acad6be8af480b 2989Author: djm@openbsd.org <djm@openbsd.org> 2990Date: Wed Feb 11 01:20:38 2015 +0000 2991 2992 upstream commit 2993 2994 Some packet error messages show the address of the peer, 2995 but might be generated after the socket to the peer has suffered a TCP reset. 2996 In these cases, getpeername() won't work so cache the address earlier. 2997 2998 spotted in the wild via deraadt@ and tedu@ 2999 3000commit 4af1709cf774475ce5d1bc3ddcc165f6c222897d 3001Author: jsg@openbsd.org <jsg@openbsd.org> 3002Date: Mon Feb 9 23:22:37 2015 +0000 3003 3004 upstream commit 3005 3006 fix some leaks in error paths ok markus@ 3007 3008commit fd36834871d06a03e1ff8d69e41992efa1bbf85f 3009Author: millert@openbsd.org <millert@openbsd.org> 3010Date: Fri Feb 6 23:21:59 2015 +0000 3011 3012 upstream commit 3013 3014 SIZE_MAX is standard, we should be using it in preference to 3015 the obsolete SIZE_T_MAX. OK miod@ beck@ 3016 3017commit 1910a286d7771eab84c0b047f31c0a17505236fa 3018Author: millert@openbsd.org <millert@openbsd.org> 3019Date: Thu Feb 5 12:59:57 2015 +0000 3020 3021 upstream commit 3022 3023 Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@ 3024 3025commit ce4f59b2405845584f45e0b3214760eb0008c06c 3026Author: deraadt@openbsd.org <deraadt@openbsd.org> 3027Date: Tue Feb 3 08:07:20 2015 +0000 3028 3029 upstream commit 3030 3031 missing ; djm and mlarkin really having great 3032 interactions recently 3033 3034commit 5d34aa94938abb12b877a25be51862757f25d54b 3035Author: halex@openbsd.org <halex@openbsd.org> 3036Date: Tue Feb 3 00:34:14 2015 +0000 3037 3038 upstream commit 3039 3040 slightly extend the passphrase prompt if running with -c 3041 in order to give the user a chance to notice if unintentionally running 3042 without it 3043 3044 wording tweak and ok djm@ 3045 3046commit cb3bde373e80902c7d5d0db429f85068d19b2918 3047Author: djm@openbsd.org <djm@openbsd.org> 3048Date: Mon Feb 2 22:48:53 2015 +0000 3049 3050 upstream commit 3051 3052 handle PKCS#11 C_Login returning 3053 CKR_USER_ALREADY_LOGGED_IN; based on patch from Yuri Samoilenko; ok markus@ 3054 3055commit 15ad750e5ec3cc69765b7eba1ce90060e7083399 3056Author: djm@openbsd.org <djm@openbsd.org> 3057Date: Mon Feb 2 07:41:40 2015 +0000 3058 3059 upstream commit 3060 3061 turn UpdateHostkeys off by default until I figure out 3062 mlarkin@'s warning message; requested by deraadt@ 3063 3064commit 3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9 3065Author: deraadt@openbsd.org <deraadt@openbsd.org> 3066Date: Mon Feb 2 01:57:44 2015 +0000 3067 3068 upstream commit 3069 3070 increasing encounters with difficult DNS setups in 3071 darknets has convinced me UseDNS off by default is better ok djm 3072 3073commit 6049a548a8a68ff0bbe581ab1748ea6a59ecdc38 3074Author: djm@openbsd.org <djm@openbsd.org> 3075Date: Sat Jan 31 20:30:05 2015 +0000 3076 3077 upstream commit 3078 3079 Let sshd load public host keys even when private keys are 3080 missing. Allows sshd to advertise additional keys for future key rotation. 3081 Also log fingerprint of hostkeys loaded; ok markus@ 3082 3083commit 46347ed5968f582661e8a70a45f448e0179ca0ab 3084Author: djm@openbsd.org <djm@openbsd.org> 3085Date: Fri Jan 30 11:43:14 2015 +0000 3086 3087 upstream commit 3088 3089 Add a ssh_config HostbasedKeyType option to control which 3090 host public key types are tried during hostbased authentication. 3091 3092 This may be used to prevent too many keys being sent to the server, 3093 and blowing past its MaxAuthTries limit. 3094 3095 bz#2211 based on patch by Iain Morgan; ok markus@ 3096 3097commit 802660cb70453fa4d230cb0233bc1bbdf8328de1 3098Author: djm@openbsd.org <djm@openbsd.org> 3099Date: Fri Jan 30 10:44:49 2015 +0000 3100 3101 upstream commit 3102 3103 set a timeout to prevent hangs when talking to busted 3104 servers; ok markus@ 3105 3106commit 86936ec245a15c7abe71a0722610998b0a28b194 3107Author: djm@openbsd.org <djm@openbsd.org> 3108Date: Fri Jan 30 01:11:39 2015 +0000 3109 3110 upstream commit 3111 3112 regression test for 'wildcard CA' serial/key ID revocations 3113 3114commit 4509b5d4a4fa645a022635bfa7e86d09b285001f 3115Author: djm@openbsd.org <djm@openbsd.org> 3116Date: Fri Jan 30 01:13:33 2015 +0000 3117 3118 upstream commit 3119 3120 avoid more fatal/exit in the packet.c paths that 3121 ssh-keyscan uses; feedback and "looks good" markus@ 3122 3123commit 669aee994348468af8b4b2ebd29b602cf2860b22 3124Author: djm@openbsd.org <djm@openbsd.org> 3125Date: Fri Jan 30 01:10:33 2015 +0000 3126 3127 upstream commit 3128 3129 permit KRLs that revoke certificates by serial number or 3130 key ID without scoping to a particular CA; ok markus@ 3131 3132commit 7a2c368477e26575d0866247d3313da4256cb2b5 3133Author: djm@openbsd.org <djm@openbsd.org> 3134Date: Fri Jan 30 00:59:19 2015 +0000 3135 3136 upstream commit 3137 3138 missing parentheses after if in do_convert_from() broke 3139 private key conversion from other formats some time in 2010; bz#2345 reported 3140 by jjelen AT redhat.com 3141 3142commit 25f5f78d8bf5c22d9cea8b49de24ebeee648a355 3143Author: djm@openbsd.org <djm@openbsd.org> 3144Date: Fri Jan 30 00:22:25 2015 +0000 3145 3146 upstream commit 3147 3148 fix ssh protocol 1, spotted by miod@ 3149 3150commit 9ce86c926dfa6e0635161b035e3944e611cbccf0 3151Author: djm@openbsd.org <djm@openbsd.org> 3152Date: Wed Jan 28 22:36:00 2015 +0000 3153 3154 upstream commit 3155 3156 update to new API (key_fingerprint => sshkey_fingerprint) 3157 check sshkey_fingerprint return values; ok markus 3158 3159commit 9125525c37bf73ad3ee4025520889d2ce9d10f29 3160Author: djm@openbsd.org <djm@openbsd.org> 3161Date: Wed Jan 28 22:05:31 2015 +0000 3162 3163 upstream commit 3164 3165 avoid fatal() calls in packet code makes ssh-keyscan more 3166 reliable against server failures ok dtucker@ markus@ 3167 3168commit fae7bbe544cba7a9e5e4ab47ff6faa3d978646eb 3169Author: djm@openbsd.org <djm@openbsd.org> 3170Date: Wed Jan 28 21:15:47 2015 +0000 3171 3172 upstream commit 3173 3174 avoid fatal() calls in packet code makes ssh-keyscan more 3175 reliable against server failures ok dtucker@ markus@ 3176 3177commit 1a3d14f6b44a494037c7deab485abe6496bf2c60 3178Author: djm@openbsd.org <djm@openbsd.org> 3179Date: Wed Jan 28 11:07:25 2015 +0000 3180 3181 upstream commit 3182 3183 remove obsolete comment 3184 3185commit 80c25b7bc0a71d75c43a4575d9a1336f589eb639 3186Author: okan@openbsd.org <okan@openbsd.org> 3187Date: Tue Jan 27 12:54:06 2015 +0000 3188 3189 upstream commit 3190 3191 Since r1.2 removed the use of PRI* macros, inttypes.h is 3192 no longer required. 3193 3194 ok djm@ 3195 3196commit 69ff64f69615c2a21c97cb5878a0996c21423257 3197Author: Damien Miller <djm@mindrot.org> 3198Date: Tue Jan 27 23:07:43 2015 +1100 3199 3200 compile on systems without TCP_MD5SIG (e.g. OSX) 3201 3202commit 358964f3082fb90b2ae15bcab07b6105cfad5a43 3203Author: Damien Miller <djm@mindrot.org> 3204Date: Tue Jan 27 23:07:25 2015 +1100 3205 3206 use ssh-keygen under test rather than system's 3207 3208commit a2c95c1bf33ea53038324d1fdd774bc953f98236 3209Author: Damien Miller <djm@mindrot.org> 3210Date: Tue Jan 27 23:06:59 2015 +1100 3211 3212 OSX lacks HOST_NAME_MAX, has _POSIX_HOST_NAME_MAX 3213 3214commit ade31d7b6f608a19b85bee29a7a00b1e636a2919 3215Author: Damien Miller <djm@mindrot.org> 3216Date: Tue Jan 27 23:06:23 2015 +1100 3217 3218 these need active_state defined to link on OSX 3219 3220 temporary measure until active_state goes away entirely 3221 3222commit e56aa87502f22c5844918c10190e8b4f785f067b 3223Author: djm@openbsd.org <djm@openbsd.org> 3224Date: Tue Jan 27 12:01:36 2015 +0000 3225 3226 upstream commit 3227 3228 use printf instead of echo -n to reduce diff against 3229 -portable 3230 3231commit 9f7637f56eddfaf62ce3c0af89c25480f2cf1068 3232Author: jmc@openbsd.org <jmc@openbsd.org> 3233Date: Mon Jan 26 13:55:29 2015 +0000 3234 3235 upstream commit 3236 3237 sort previous; 3238 3239commit 3076ee7d530d5b16842fac7a6229706c7e5acd26 3240Author: djm@openbsd.org <djm@openbsd.org> 3241Date: Mon Jan 26 13:36:53 2015 +0000 3242 3243 upstream commit 3244 3245 properly restore umask 3246 3247commit d411d395556b73ba1b9e451516a0bd6697c4b03d 3248Author: djm@openbsd.org <djm@openbsd.org> 3249Date: Mon Jan 26 06:12:18 2015 +0000 3250 3251 upstream commit 3252 3253 regression test for host key rotation 3254 3255commit fe8a3a51699afbc6407a8fae59b73349d01e49f8 3256Author: djm@openbsd.org <djm@openbsd.org> 3257Date: Mon Jan 26 06:11:28 2015 +0000 3258 3259 upstream commit 3260 3261 adapt to sshkey API tweaks 3262 3263commit 7dd355fb1f0038a3d5cdca57ebab4356c7a5b434 3264Author: miod@openbsd.org <miod@openbsd.org> 3265Date: Sat Jan 24 10:39:21 2015 +0000 3266 3267 upstream commit 3268 3269 Move -lz late in the linker commandline for things to 3270 build on static arches. 3271 3272commit 0dad3b806fddb93c475b30853b9be1a25d673a33 3273Author: miod@openbsd.org <miod@openbsd.org> 3274Date: Fri Jan 23 21:21:23 2015 +0000 3275 3276 upstream commit 3277 3278 -Wpointer-sign is supported by gcc 4 only. 3279 3280commit 2b3b1c1e4bd9577b6e780c255c278542ea66c098 3281Author: djm@openbsd.org <djm@openbsd.org> 3282Date: Tue Jan 20 22:58:57 2015 +0000 3283 3284 upstream commit 3285 3286 use SUBDIR to recuse into unit tests; makes "make obj" 3287 actually work 3288 3289commit 1d1092bff8db27080155541212b420703f8b9c92 3290Author: djm@openbsd.org <djm@openbsd.org> 3291Date: Mon Jan 26 12:16:36 2015 +0000 3292 3293 upstream commit 3294 3295 correct description of UpdateHostKeys in ssh_config.5 and 3296 add it to -o lists for ssh, scp and sftp; pointed out by jmc@ 3297 3298commit 5104db7cbd6cdd9c5971f4358e74414862fc1022 3299Author: djm@openbsd.org <djm@openbsd.org> 3300Date: Mon Jan 26 06:10:03 2015 +0000 3301 3302 upstream commit 3303 3304 correctly match ECDSA subtype (== curve) for 3305 offered/recevied host keys. Fixes connection-killing host key mismatches when 3306 a server offers multiple ECDSA keys with different curve type (an extremely 3307 unlikely configuration). 3308 3309 ok markus, "looks mechanical" deraadt@ 3310 3311commit 8d4f87258f31cb6def9b3b55b6a7321d84728ff2 3312Author: djm@openbsd.org <djm@openbsd.org> 3313Date: Mon Jan 26 03:04:45 2015 +0000 3314 3315 upstream commit 3316 3317 Host key rotation support. 3318 3319 Add a hostkeys@openssh.com protocol extension (global request) for 3320 a server to inform a client of all its available host key after 3321 authentication has completed. The client may record the keys in 3322 known_hosts, allowing it to upgrade to better host key algorithms 3323 and a server to gracefully rotate its keys. 3324 3325 The client side of this is controlled by a UpdateHostkeys config 3326 option (default on). 3327 3328 ok markus@ 3329 3330commit 60b1825262b1f1e24fc72050b907189c92daf18e 3331Author: djm@openbsd.org <djm@openbsd.org> 3332Date: Mon Jan 26 02:59:11 2015 +0000 3333 3334 upstream commit 3335 3336 small refactor and add some convenience functions; ok 3337 markus 3338 3339commit a5a3e3328ddce91e76f71ff479022d53e35c60c9 3340Author: jmc@openbsd.org <jmc@openbsd.org> 3341Date: Thu Jan 22 21:00:42 2015 +0000 3342 3343 upstream commit 3344 3345 heirarchy -> hierarchy; 3346 3347commit dcff5810a11195c57e1b3343c0d6b6f2b9974c11 3348Author: deraadt@openbsd.org <deraadt@openbsd.org> 3349Date: Thu Jan 22 20:24:41 2015 +0000 3350 3351 upstream commit 3352 3353 Provide a warning about chroot misuses (which sadly, seem 3354 to have become quite popular because shiny). sshd cannot detect/manage/do 3355 anything about these cases, best we can do is warn in the right spot in the 3356 man page. ok markus 3357 3358commit 087266ec33c76fc8d54ac5a19efacf2f4a4ca076 3359Author: deraadt@openbsd.org <deraadt@openbsd.org> 3360Date: Tue Jan 20 23:14:00 2015 +0000 3361 3362 upstream commit 3363 3364 Reduce use of <sys/param.h> and transition to <limits.h> 3365 throughout. ok djm markus 3366 3367commit 57e783c8ba2c0797f93977e83b2a8644a03065d8 3368Author: markus@openbsd.org <markus@openbsd.org> 3369Date: Tue Jan 20 20:16:21 2015 +0000 3370 3371 upstream commit 3372 3373 kex_setup errors are fatal() 3374 3375commit 1d6424a6ff94633c221297ae8f42d54e12a20912 3376Author: djm@openbsd.org <djm@openbsd.org> 3377Date: Tue Jan 20 08:02:33 2015 +0000 3378 3379 upstream commit 3380 3381 this test would accidentally delete agent.sh if run without 3382 obj/ 3383 3384commit 12b5f50777203e12575f1b08568281e447249ed3 3385Author: djm@openbsd.org <djm@openbsd.org> 3386Date: Tue Jan 20 07:56:44 2015 +0000 3387 3388 upstream commit 3389 3390 make this compile with KERBEROS5 enabled 3391 3392commit e2cc6bef08941256817d44d146115b3478586ad4 3393Author: djm@openbsd.org <djm@openbsd.org> 3394Date: Tue Jan 20 07:55:33 2015 +0000 3395 3396 upstream commit 3397 3398 fix hostkeys in agent; ok markus@ 3399 3400commit 1ca3e2155aa5d3801a7ae050f85c71f41fcb95b1 3401Author: Damien Miller <djm@mindrot.org> 3402Date: Tue Jan 20 10:11:31 2015 +1100 3403 3404 fix kex test 3405 3406commit c78a578107c7e6dcf5d30a2f34cb6581bef14029 3407Author: markus@openbsd.org <markus@openbsd.org> 3408Date: Mon Jan 19 20:45:25 2015 +0000 3409 3410 upstream commit 3411 3412 finally enable the KEX tests I wrote some years ago... 3413 3414commit 31821d7217e686667d04935aeec99e1fc4a46e7e 3415Author: markus@openbsd.org <markus@openbsd.org> 3416Date: Mon Jan 19 20:42:31 2015 +0000 3417 3418 upstream commit 3419 3420 adapt to new error message (SSH_ERR_MAC_INVALID) 3421 3422commit d3716ca19e510e95d956ae14d5b367e364bff7f1 3423Author: djm@openbsd.org <djm@openbsd.org> 3424Date: Mon Jan 19 17:31:13 2015 +0000 3425 3426 upstream commit 3427 3428 this test was broken in at least two ways, such that it 3429 wasn't checking that a KRL was not excluding valid keys 3430 3431commit 3f797653748e7c2b037dacb57574c01d9ef3b4d3 3432Author: markus@openbsd.org <markus@openbsd.org> 3433Date: Mon Jan 19 20:32:39 2015 +0000 3434 3435 upstream commit 3436 3437 switch ssh-keyscan from setjmp to multiple ssh transport 3438 layer instances ok djm@ 3439 3440commit f582f0e917bb0017b00944783cd5f408bf4b0b5e 3441Author: markus@openbsd.org <markus@openbsd.org> 3442Date: Mon Jan 19 20:30:23 2015 +0000 3443 3444 upstream commit 3445 3446 add experimental api for packet layer; ok djm@ 3447 3448commit 48b3b2ba75181f11fca7f327058a591f4426cade 3449Author: markus@openbsd.org <markus@openbsd.org> 3450Date: Mon Jan 19 20:20:20 2015 +0000 3451 3452 upstream commit 3453 3454 store compat flags in struct ssh; ok djm@ 3455 3456commit 57d10cbe861a235dd269c74fb2fe248469ecee9d 3457Author: markus@openbsd.org <markus@openbsd.org> 3458Date: Mon Jan 19 20:16:15 2015 +0000 3459 3460 upstream commit 3461 3462 adapt kex to sshbuf and struct ssh; ok djm@ 3463 3464commit 3fdc88a0def4f86aa88a5846ac079dc964c0546a 3465Author: markus@openbsd.org <markus@openbsd.org> 3466Date: Mon Jan 19 20:07:45 2015 +0000 3467 3468 upstream commit 3469 3470 move dispatch to struct ssh; ok djm@ 3471 3472commit 091c302829210c41e7f57c3f094c7b9c054306f0 3473Author: markus@openbsd.org <markus@openbsd.org> 3474Date: Mon Jan 19 19:52:16 2015 +0000 3475 3476 upstream commit 3477 3478 update packet.c & isolate, introduce struct ssh a) switch 3479 packet.c to buffer api and isolate per-connection info into struct ssh b) 3480 (de)serialization of the state is moved from monitor to packet.c c) the old 3481 packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and 3482 integrated into packet.c with and ok djm@ 3483 3484commit 4e62cc68ce4ba20245d208b252e74e91d3785b74 3485Author: djm@openbsd.org <djm@openbsd.org> 3486Date: Mon Jan 19 17:35:48 2015 +0000 3487 3488 upstream commit 3489 3490 fix format strings in (disabled) debugging 3491 3492commit d85e06245907d49a2cd0cfa0abf59150ad616f42 3493Author: djm@openbsd.org <djm@openbsd.org> 3494Date: Mon Jan 19 06:01:32 2015 +0000 3495 3496 upstream commit 3497 3498 be a bit more careful in these tests to ensure that 3499 known_hosts is clean 3500 3501commit 7947810eab5fe0ad311f32a48f4d4eb1f71be6cf 3502Author: djm@openbsd.org <djm@openbsd.org> 3503Date: Sun Jan 18 22:00:18 2015 +0000 3504 3505 upstream commit 3506 3507 regression test for known_host file editing using 3508 ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok 3509 markus@ 3510 3511commit 3a2b09d147a565d8a47edf37491e149a02c0d3a3 3512Author: djm@openbsd.org <djm@openbsd.org> 3513Date: Sun Jan 18 19:54:46 2015 +0000 3514 3515 upstream commit 3516 3517 more and better key tests 3518 3519 test signatures and verification 3520 test certificate generation 3521 flesh out nested cert test 3522 3523 removes most of the XXX todo markers 3524 3525commit 589e69fd82724cfc9738f128e4771da2e6405d0d 3526Author: djm@openbsd.org <djm@openbsd.org> 3527Date: Sun Jan 18 19:53:58 2015 +0000 3528 3529 upstream commit 3530 3531 make the signature fuzzing test much more rigorous: 3532 ensure that the fuzzed input cases do not match the original (using new 3533 fuzz_matches_original() function) and check that the verification fails in 3534 each case 3535 3536commit 80603c0daa2538c349c1c152405580b164d5475f 3537Author: djm@openbsd.org <djm@openbsd.org> 3538Date: Sun Jan 18 19:52:44 2015 +0000 3539 3540 upstream commit 3541 3542 add a fuzz_matches_original() function to the fuzzer to 3543 detect fuzz cases that are identical to the original data. Hacky 3544 implementation, but very useful when you need the fuzz to be different, e.g. 3545 when verifying signature 3546 3547commit 87d5495bd337e358ad69c524fcb9495208c0750b 3548Author: djm@openbsd.org <djm@openbsd.org> 3549Date: Sun Jan 18 19:50:55 2015 +0000 3550 3551 upstream commit 3552 3553 better dumps from the fuzzer (shown on errors) - 3554 include the original data as well as the fuzzed copy. 3555 3556commit d59ec478c453a3fff05badbbfd96aa856364f2c2 3557Author: djm@openbsd.org <djm@openbsd.org> 3558Date: Sun Jan 18 19:47:55 2015 +0000 3559 3560 upstream commit 3561 3562 enable hostkey-agent.sh test 3563 3564commit 26b3425170bf840e4b095e1c10bf25a0a3e3a105 3565Author: djm@openbsd.org <djm@openbsd.org> 3566Date: Sat Jan 17 18:54:30 2015 +0000 3567 3568 upstream commit 3569 3570 unit test for hostkeys in ssh-agent 3571 3572commit 9e06a0fb23ec55d9223b26a45bb63c7649e2f2f2 3573Author: markus@openbsd.org <markus@openbsd.org> 3574Date: Thu Jan 15 23:41:29 2015 +0000 3575 3576 upstream commit 3577 3578 add kex unit tests 3579 3580commit d2099dec6da21ae627f6289aedae6bc1d41a22ce 3581Author: deraadt@openbsd.org <deraadt@openbsd.org> 3582Date: Mon Jan 19 00:32:54 2015 +0000 3583 3584 upstream commit 3585 3586 djm, your /usr/include tree is old 3587 3588commit 2b3c3c76c30dc5076fe09d590f5b26880f148a54 3589Author: djm@openbsd.org <djm@openbsd.org> 3590Date: Sun Jan 18 21:51:19 2015 +0000 3591 3592 upstream commit 3593 3594 some feedback from markus@: comment hostkeys_foreach() 3595 context and avoid a member in it. 3596 3597commit cecb30bc2ba6d594366e657d664d5c494b6c8a7f 3598Author: djm@openbsd.org <djm@openbsd.org> 3599Date: Sun Jan 18 21:49:42 2015 +0000 3600 3601 upstream commit 3602 3603 make ssh-keygen use hostkeys_foreach(). Removes some 3604 horrendous code; ok markus@ 3605 3606commit ec3d065df3a9557ea96b02d061fd821a18c1a0b9 3607Author: djm@openbsd.org <djm@openbsd.org> 3608Date: Sun Jan 18 21:48:09 2015 +0000 3609 3610 upstream commit 3611 3612 convert load_hostkeys() (hostkey ordering and 3613 known_host matching) to use the new hostkey_foreach() iterator; ok markus 3614 3615commit c29811cc480a260e42fd88849fc86a80c1e91038 3616Author: djm@openbsd.org <djm@openbsd.org> 3617Date: Sun Jan 18 21:40:23 2015 +0000 3618 3619 upstream commit 3620 3621 introduce hostkeys_foreach() to allow iteration over a 3622 known_hosts file or controlled subset thereof. This will allow us to pull out 3623 some ugly and duplicated code, and will be used to implement hostkey rotation 3624 later. 3625 3626 feedback and ok markus 3627 3628commit f101d8291da01bbbfd6fb8c569cfd0cc61c0d346 3629Author: deraadt@openbsd.org <deraadt@openbsd.org> 3630Date: Sun Jan 18 14:01:00 2015 +0000 3631 3632 upstream commit 3633 3634 string truncation due to sizeof(size) ok djm markus 3635 3636commit 35d6022b55b7969fc10c261cb6aa78cc4a5fcc41 3637Author: djm@openbsd.org <djm@openbsd.org> 3638Date: Sun Jan 18 13:33:34 2015 +0000 3639 3640 upstream commit 3641 3642 avoid trailing ',' in host key algorithms 3643 3644commit 7efb455789a0cb76bdcdee91c6060a3dc8f5c007 3645Author: djm@openbsd.org <djm@openbsd.org> 3646Date: Sun Jan 18 13:22:28 2015 +0000 3647 3648 upstream commit 3649 3650 infer key length correctly when user specified a fully- 3651 qualified key name instead of using the -b bits option; ok markus@ 3652 3653commit 83f8ffa6a55ccd0ce9d8a205e3e7439ec18fedf5 3654Author: djm@openbsd.org <djm@openbsd.org> 3655Date: Sat Jan 17 18:53:34 2015 +0000 3656 3657 upstream commit 3658 3659 fix hostkeys on ssh agent; found by unit test I'm about 3660 to commit 3661 3662commit 369d61f17657b814124268f99c033e4dc6e436c1 3663Author: schwarze@openbsd.org <schwarze@openbsd.org> 3664Date: Fri Jan 16 16:20:23 2015 +0000 3665 3666 upstream commit 3667 3668 garbage collect empty .No macros mandoc warns about 3669 3670commit bb8b442d32dbdb8521d610e10d8b248d938bd747 3671Author: djm@openbsd.org <djm@openbsd.org> 3672Date: Fri Jan 16 15:55:07 2015 +0000 3673 3674 upstream commit 3675 3676 regression: incorrect error message on 3677 otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@ 3678 3679commit 9010902954a40b59d0bf3df3ccbc3140a653e2bc 3680Author: djm@openbsd.org <djm@openbsd.org> 3681Date: Fri Jan 16 07:19:48 2015 +0000 3682 3683 upstream commit 3684 3685 when hostname canonicalisation is enabled, try to parse 3686 hostnames as addresses before looking them up for canonicalisation. fixes 3687 bz#2074 and avoids needless DNS lookups in some cases; ok markus 3688 3689commit 2ae4f337b2a5fb2841b6b0053b49496fef844d1c 3690Author: deraadt@openbsd.org <deraadt@openbsd.org> 3691Date: Fri Jan 16 06:40:12 2015 +0000 3692 3693 upstream commit 3694 3695 Replace <sys/param.h> with <limits.h> and other less 3696 dirty headers where possible. Annotate <sys/param.h> lines with their 3697 current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, 3698 LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of 3699 MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. 3700 These are the files confirmed through binary verification. ok guenther, 3701 millert, doug (helped with the verification protocol) 3702 3703commit 3c4726f4c24118e8f1bb80bf75f1456c76df072c 3704Author: markus@openbsd.org <markus@openbsd.org> 3705Date: Thu Jan 15 21:38:50 2015 +0000 3706 3707 upstream commit 3708 3709 remove xmalloc, switch to sshbuf 3710 3711commit e17ac01f8b763e4b83976b9e521e90a280acc097 3712Author: markus@openbsd.org <markus@openbsd.org> 3713Date: Thu Jan 15 21:37:14 2015 +0000 3714 3715 upstream commit 3716 3717 switch to sshbuf 3718 3719commit ddef9995a1fa6c7a8ff3b38bfe6cf724bebf13d0 3720Author: naddy@openbsd.org <naddy@openbsd.org> 3721Date: Thu Jan 15 18:32:54 2015 +0000 3722 3723 upstream commit 3724 3725 handle UMAC128 initialization like UMAC; ok djm@ markus@ 3726 3727commit f14564c1f7792446bca143580aef0e7ac25dcdae 3728Author: djm@openbsd.org <djm@openbsd.org> 3729Date: Thu Jan 15 11:04:36 2015 +0000 3730 3731 upstream commit 3732 3733 fix regression reported by brad@ for passworded keys without 3734 agent present 3735 3736commit 45c0fd70bb2a88061319dfff20cb12ef7b1bc47e 3737Author: Damien Miller <djm@mindrot.org> 3738Date: Thu Jan 15 22:08:23 2015 +1100 3739 3740 make bitmap test compile 3741 3742commit d333f89abf7179021e5c3f28673f469abe032062 3743Author: djm@openbsd.org <djm@openbsd.org> 3744Date: Thu Jan 15 07:36:28 2015 +0000 3745 3746 upstream commit 3747 3748 unit tests for KRL bitmap 3749 3750commit 7613f828f49c55ff356007ae9645038ab6682556 3751Author: markus@openbsd.org <markus@openbsd.org> 3752Date: Wed Jan 14 09:58:21 2015 +0000 3753 3754 upstream commit 3755 3756 re-add comment about full path 3757 3758commit 6c43b48b307c41cd656b415621a644074579a578 3759Author: markus@openbsd.org <markus@openbsd.org> 3760Date: Wed Jan 14 09:54:38 2015 +0000 3761 3762 upstream commit 3763 3764 don't reset to the installed sshd; connect before 3765 reconfigure, too 3766 3767commit 771bb47a1df8b69061f09462e78aa0b66cd594bf 3768Author: djm@openbsd.org <djm@openbsd.org> 3769Date: Tue Jan 13 14:51:51 2015 +0000 3770 3771 upstream commit 3772 3773 implement a SIGINFO handler so we can discern a stuck 3774 fuzz test from a merely glacial one; prompted by and ok markus 3775 3776commit cfaa57962f8536f3cf0fd7daf4d6a55d6f6de45f 3777Author: djm@openbsd.org <djm@openbsd.org> 3778Date: Tue Jan 13 08:23:26 2015 +0000 3779 3780 upstream commit 3781 3782 use $SSH instead of installed ssh to allow override; 3783 spotted by markus@ 3784 3785commit 0920553d0aee117a596b03ed5b49b280d34a32c5 3786Author: djm@openbsd.org <djm@openbsd.org> 3787Date: Tue Jan 13 07:49:49 2015 +0000 3788 3789 upstream commit 3790 3791 regress test for PubkeyAcceptedKeyTypes; ok markus@ 3792 3793commit 27ca1a5c0095eda151934bca39a77e391f875d17 3794Author: markus@openbsd.org <markus@openbsd.org> 3795Date: Mon Jan 12 20:13:27 2015 +0000 3796 3797 upstream commit 3798 3799 unbreak parsing of pubkey comments; with gerhard; ok 3800 djm/deraadt 3801 3802commit 55358f0b4e0b83bc0df81c5f854c91b11e0bb4dc 3803Author: djm@openbsd.org <djm@openbsd.org> 3804Date: Mon Jan 12 11:46:32 2015 +0000 3805 3806 upstream commit 3807 3808 fatal if soft-PKCS11 library is missing rather (rather 3809 than continue and fail with a more cryptic error) 3810 3811commit c3554cdd2a1a62434b8161017aa76fa09718a003 3812Author: djm@openbsd.org <djm@openbsd.org> 3813Date: Mon Jan 12 11:12:38 2015 +0000 3814 3815 upstream commit 3816 3817 let this test all supporte key types; pointed out/ok 3818 markus@ 3819 3820commit 1129dcfc5a3e508635004bcc05a3574cb7687167 3821Author: djm@openbsd.org <djm@openbsd.org> 3822Date: Thu Jan 15 09:40:00 2015 +0000 3823 3824 upstream commit 3825 3826 sync ssh-keysign, ssh-keygen and some dependencies to the 3827 new buffer/key API; mostly mechanical, ok markus@ 3828 3829commit e4ebf5586452bf512da662ac277aaf6ecf0efe7c 3830Author: djm@openbsd.org <djm@openbsd.org> 3831Date: Thu Jan 15 07:57:08 2015 +0000 3832 3833 upstream commit 3834 3835 remove commented-out test code now that it has moved to a 3836 proper unit test 3837 3838commit e81cba066c1e9eb70aba0f6e7c0ff220611b370f 3839Author: djm@openbsd.org <djm@openbsd.org> 3840Date: Wed Jan 14 20:54:29 2015 +0000 3841 3842 upstream commit 3843 3844 whitespace 3845 3846commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622 3847Author: djm@openbsd.org <djm@openbsd.org> 3848Date: Wed Jan 14 20:05:27 2015 +0000 3849 3850 upstream commit 3851 3852 move authfd.c and its tentacles to the new buffer/key 3853 API; ok markus@ 3854 3855commit 0088c57af302cda278bd26d8c3ae81d5b6f7c289 3856Author: djm@openbsd.org <djm@openbsd.org> 3857Date: Wed Jan 14 19:33:41 2015 +0000 3858 3859 upstream commit 3860 3861 fix small regression: ssh-agent would return a success 3862 message but an empty signature if asked to sign using an unknown key; ok 3863 markus@ 3864 3865commit b03ebe2c22b8166e4f64c37737f4278676e3488d 3866Author: Damien Miller <djm@mindrot.org> 3867Date: Thu Jan 15 03:08:58 2015 +1100 3868 3869 more --without-openssl 3870 3871 fix some regressions caused by upstream merges 3872 3873 enable KRLs now that they no longer require BIGNUMs 3874 3875commit bc42cc6fe784f36df225c44c93b74830027cb5a2 3876Author: Damien Miller <djm@mindrot.org> 3877Date: Thu Jan 15 03:08:29 2015 +1100 3878 3879 kludge around tun API mismatch betterer 3880 3881commit c332110291089b624fa0951fbf2d1ee6de525b9f 3882Author: Damien Miller <djm@mindrot.org> 3883Date: Thu Jan 15 02:59:51 2015 +1100 3884 3885 some systems lack SO_REUSEPORT 3886 3887commit 83b9678a62cbdc74eb2031cf1e1e4ffd58e233ae 3888Author: Damien Miller <djm@mindrot.org> 3889Date: Thu Jan 15 02:35:50 2015 +1100 3890 3891 fix merge botch 3892 3893commit 0cdc5a3eb6fb383569a4da2a30705d9b90428d6b 3894Author: Damien Miller <djm@mindrot.org> 3895Date: Thu Jan 15 02:35:33 2015 +1100 3896 3897 unbreak across API change 3898 3899commit 6e2549ac2b5e7f96cbc2d83a6e0784b120444b47 3900Author: Damien Miller <djm@mindrot.org> 3901Date: Thu Jan 15 02:30:18 2015 +1100 3902 3903 need includes.h for portable OpenSSH 3904 3905commit 72ef7c148c42db7d5632a29f137f8b87b579f2d9 3906Author: Damien Miller <djm@mindrot.org> 3907Date: Thu Jan 15 02:21:31 2015 +1100 3908 3909 support --without-openssl at configure time 3910 3911 Disables and removes dependency on OpenSSL. Many features don't 3912 work and the set of crypto options is greatly restricted. This 3913 will only work on system with native arc4random or /dev/urandom. 3914 3915 Considered highly experimental for now. 3916 3917commit 4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9 3918Author: Damien Miller <djm@mindrot.org> 3919Date: Thu Jan 15 02:28:00 2015 +1100 3920 3921 add files missed in last commit 3922 3923commit a165bab605f7be55940bb8fae977398e8c96a46d 3924Author: djm@openbsd.org <djm@openbsd.org> 3925Date: Wed Jan 14 15:02:39 2015 +0000 3926 3927 upstream commit 3928 3929 avoid BIGNUM in KRL code by using a simple bitmap; 3930 feedback and ok markus 3931 3932commit 7d845f4a0b7ec97887be204c3760e44de8bf1f32 3933Author: djm@openbsd.org <djm@openbsd.org> 3934Date: Wed Jan 14 13:54:13 2015 +0000 3935 3936 upstream commit 3937 3938 update sftp client and server to new buffer API. pretty 3939 much just mechanical changes; with & ok markus 3940 3941commit 139ca81866ec1b219c717d17061e5e7ad1059e2a 3942Author: markus@openbsd.org <markus@openbsd.org> 3943Date: Wed Jan 14 13:09:09 2015 +0000 3944 3945 upstream commit 3946 3947 switch to sshbuf/sshkey; with & ok djm@ 3948 3949commit 81bfbd0bd35683de5d7f2238b985e5f8150a9180 3950Author: Damien Miller <djm@mindrot.org> 3951Date: Wed Jan 14 21:48:18 2015 +1100 3952 3953 support --without-openssl at configure time 3954 3955 Disables and removes dependency on OpenSSL. Many features don't 3956 work and the set of crypto options is greatly restricted. This 3957 will only work on system with native arc4random or /dev/urandom. 3958 3959 Considered highly experimental for now. 3960 3961commit 54924b53af15ccdcbb9f89984512b5efef641a31 3962Author: djm@openbsd.org <djm@openbsd.org> 3963Date: Wed Jan 14 10:46:28 2015 +0000 3964 3965 upstream commit 3966 3967 avoid an warning for the !OPENSSL case 3968 3969commit ae8b463217f7c9b66655bfc3945c050ffdaeb861 3970Author: markus@openbsd.org <markus@openbsd.org> 3971Date: Wed Jan 14 10:30:34 2015 +0000 3972 3973 upstream commit 3974 3975 swith auth-options to new sshbuf/sshkey; ok djm@ 3976 3977commit 540e891191b98b89ee90aacf5b14a4a68635e763 3978Author: djm@openbsd.org <djm@openbsd.org> 3979Date: Wed Jan 14 10:29:45 2015 +0000 3980 3981 upstream commit 3982 3983 make non-OpenSSL aes-ctr work on sshd w/ privsep; ok 3984 markus@ 3985 3986commit 60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53 3987Author: markus@openbsd.org <markus@openbsd.org> 3988Date: Wed Jan 14 10:24:42 2015 +0000 3989 3990 upstream commit 3991 3992 remove unneeded includes, sync my copyright across files 3993 & whitespace; ok djm@ 3994 3995commit 128343bcdb0b60fc826f2733df8cf979ec1627b4 3996Author: markus@openbsd.org <markus@openbsd.org> 3997Date: Tue Jan 13 19:31:40 2015 +0000 3998 3999 upstream commit 4000 4001 adapt mac.c to ssherr.h return codes (de-fatal) and 4002 simplify dependencies ok djm@ 4003 4004commit e7fd952f4ea01f09ceb068721a5431ac2fd416ed 4005Author: djm@openbsd.org <djm@openbsd.org> 4006Date: Tue Jan 13 19:04:35 2015 +0000 4007 4008 upstream commit 4009 4010 sync changes from libopenssh; prepared by markus@ mostly 4011 debug output tweaks, a couple of error return value changes and some other 4012 minor stuff 4013 4014commit 76c0480a85675f03a1376167cb686abed01a3583 4015Author: Damien Miller <djm@mindrot.org> 4016Date: Tue Jan 13 19:38:18 2015 +1100 4017 4018 add --without-ssh1 option to configure 4019 4020 Allows disabling support for SSH protocol 1. 4021 4022commit 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03 4023Author: djm@openbsd.org <djm@openbsd.org> 4024Date: Tue Jan 13 07:39:19 2015 +0000 4025 4026 upstream commit 4027 4028 add sshd_config HostbasedAcceptedKeyTypes and 4029 PubkeyAcceptedKeyTypes options to allow sshd to control what public key types 4030 will be accepted. Currently defaults to all. Feedback & ok markus@ 4031 4032commit 816d1538c24209a93ba0560b27c4fda57c3fff65 4033Author: markus@openbsd.org <markus@openbsd.org> 4034Date: Mon Jan 12 20:13:27 2015 +0000 4035 4036 upstream commit 4037 4038 unbreak parsing of pubkey comments; with gerhard; ok 4039 djm/deraadt 4040 4041commit 0097565f849851812df610b7b6b3c4bd414f6c62 4042Author: markus@openbsd.org <markus@openbsd.org> 4043Date: Mon Jan 12 19:22:46 2015 +0000 4044 4045 upstream commit 4046 4047 missing error assigment on sshbuf_put_string() 4048 4049commit a7f49dcb527dd17877fcb8d5c3a9a6f550e0bba5 4050Author: djm@openbsd.org <djm@openbsd.org> 4051Date: Mon Jan 12 15:18:07 2015 +0000 4052 4053 upstream commit 4054 4055 apparently memcpy(x, NULL, 0) is undefined behaviour 4056 according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls 4057 when length==0; ok markus@ 4058 4059commit 905fe30fca82f38213763616d0d26eb6790bde33 4060Author: markus@openbsd.org <markus@openbsd.org> 4061Date: Mon Jan 12 14:05:19 2015 +0000 4062 4063 upstream commit 4064 4065 free->sshkey_free; ok djm@ 4066 4067commit f067cca2bc20c86b110174c3fef04086a7f57b13 4068Author: markus@openbsd.org <markus@openbsd.org> 4069Date: Mon Jan 12 13:29:27 2015 +0000 4070 4071 upstream commit 4072 4073 allow WITH_OPENSSL w/o WITH_SSH1; ok djm@ 4074 4075commit c4bfafcc2a9300d9cfb3c15e75572d3a7d74670d 4076Author: djm@openbsd.org <djm@openbsd.org> 4077Date: Thu Jan 8 13:10:58 2015 +0000 4078 4079 upstream commit 4080 4081 adjust for sshkey_load_file() API change 4082 4083commit e752c6d547036c602b89e9e704851463bd160e32 4084Author: djm@openbsd.org <djm@openbsd.org> 4085Date: Thu Jan 8 13:44:36 2015 +0000 4086 4087 upstream commit 4088 4089 fix ssh_config FingerprintHash evaluation order; from Petr 4090 Lautrbach 4091 4092commit ab24ab847b0fc94c8d5e419feecff0bcb6d6d1bf 4093Author: djm@openbsd.org <djm@openbsd.org> 4094Date: Thu Jan 8 10:15:45 2015 +0000 4095 4096 upstream commit 4097 4098 reorder hostbased key attempts to better match the 4099 default hostkey algorithms order in myproposal.h; ok markus@ 4100 4101commit 1195f4cb07ef4b0405c839293c38600b3e9bdb46 4102Author: djm@openbsd.org <djm@openbsd.org> 4103Date: Thu Jan 8 10:14:08 2015 +0000 4104 4105 upstream commit 4106 4107 deprecate key_load_private_pem() and 4108 sshkey_load_private_pem() interfaces. Refactor the generic key loading API to 4109 not require pathnames to be specified (they weren't really used). 4110 4111 Fixes a few other things en passant: 4112 4113 Makes ed25519 keys work for hostbased authentication (ssh-keysign 4114 previously used the PEM-only routines). 4115 4116 Fixes key comment regression bz#2306: key pathnames were being lost as 4117 comment fields. 4118 4119 ok markus@ 4120 4121commit febbe09e4e9aff579b0c5cc1623f756862e4757d 4122Author: tedu@openbsd.org <tedu@openbsd.org> 4123Date: Wed Jan 7 18:15:07 2015 +0000 4124 4125 upstream commit 4126 4127 workaround for the Meyer, et al, Bleichenbacher Side 4128 Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm 4129 markus 4130 4131commit 5191df927db282d3123ca2f34a04d8d96153911a 4132Author: djm@openbsd.org <djm@openbsd.org> 4133Date: Tue Dec 23 22:42:48 2014 +0000 4134 4135 upstream commit 4136 4137 KNF and add a little more debug() 4138 4139commit 8abd80315d3419b20e6938f74d37e2e2b547f0b7 4140Author: jmc@openbsd.org <jmc@openbsd.org> 4141Date: Mon Dec 22 09:26:31 2014 +0000 4142 4143 upstream commit 4144 4145 add fingerprinthash to the options list; 4146 4147commit 296ef0560f60980da01d83b9f0e1a5257826536f 4148Author: jmc@openbsd.org <jmc@openbsd.org> 4149Date: Mon Dec 22 09:24:59 2014 +0000 4150 4151 upstream commit 4152 4153 tweak previous; 4154 4155commit 462082eacbd37778a173afb6b84c6f4d898a18b5 4156Author: Damien Miller <djm@google.com> 4157Date: Tue Dec 30 08:16:11 2014 +1100 4158 4159 avoid uninitialised free of ldns_res 4160 4161 If an invalid rdclass was passed to getrrsetbyname() then 4162 this would execute a free on an uninitialised pointer. 4163 OpenSSH only ever calls this with a fixed and valid rdclass. 4164 4165 Reported by Joshua Rogers 4166 4167commit 01b63498801053f131a0740eb9d13faf35d636c8 4168Author: Damien Miller <djm@google.com> 4169Date: Mon Dec 29 18:10:18 2014 +1100 4170 4171 pull updated OpenBSD BCrypt PBKDF implementation 4172 4173 Includes fix for 1 byte output overflow for large key length 4174 requests (not reachable in OpenSSH). 4175 4176 Pointed out by Joshua Rogers 4177 4178commit c528c1b4af2f06712177b3de9b30705752f7cbcb 4179Author: Damien Miller <djm@google.com> 4180Date: Tue Dec 23 15:26:13 2014 +1100 4181 4182 fix variable name for IPv6 case in construct_utmpx 4183 4184 patch from writeonce AT midipix.org via bz#2296 4185 4186commit 293cac52dcda123244b2e594d15592e5e481c55e 4187Author: Damien Miller <djm@google.com> 4188Date: Mon Dec 22 16:30:42 2014 +1100 4189 4190 include and use OpenBSD netcat in regress/ 4191 4192commit 8f6784f0cb56dc4fd00af3e81a10050a5785228d 4193Author: djm@openbsd.org <djm@openbsd.org> 4194Date: Mon Dec 22 09:05:17 2014 +0000 4195 4196 upstream commit 4197 4198 mention ssh -Q feature to list supported { MAC, cipher, 4199 KEX, key } algorithms in more places and include the query string used to 4200 list the relevant information; bz#2288 4201 4202commit 449e11b4d7847079bd0a2daa6e3e7ea03d8ef700 4203Author: jmc@openbsd.org <jmc@openbsd.org> 4204Date: Mon Dec 22 08:24:17 2014 +0000 4205 4206 upstream commit 4207 4208 tweak previous; 4209 4210commit 4bea0ab3290c0b9dd2aa199e932de8e7e18062d6 4211Author: djm@openbsd.org <djm@openbsd.org> 4212Date: Mon Dec 22 08:06:03 2014 +0000 4213 4214 upstream commit 4215 4216 regression test for multiple required pubkey authentication; 4217 ok markus@ 4218 4219commit f1c4d8ec52158b6f57834b8cd839605b0a33e7f2 4220Author: djm@openbsd.org <djm@openbsd.org> 4221Date: Mon Dec 22 08:04:23 2014 +0000 4222 4223 upstream commit 4224 4225 correct description of what will happen when a 4226 AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd 4227 will refuse to start) 4228 4229commit 161cf419f412446635013ac49e8c660cadc36080 4230Author: djm@openbsd.org <djm@openbsd.org> 4231Date: Mon Dec 22 07:55:51 2014 +0000 4232 4233 upstream commit 4234 4235 make internal handling of filename arguments of "none" 4236 more consistent with ssh. "none" arguments are now replaced with NULL when 4237 the configuration is finalised. 4238 4239 Simplifies checking later on (just need to test not-NULL rather than 4240 that + strcmp) and cleans up some inconsistencies. ok markus@ 4241 4242commit f69b69b8625be447b8826b21d87713874dac25a6 4243Author: djm@openbsd.org <djm@openbsd.org> 4244Date: Mon Dec 22 07:51:30 2014 +0000 4245 4246 upstream commit 4247 4248 remember which public keys have been used for 4249 authentication and refuse to accept previously-used keys. 4250 4251 This allows AuthenticationMethods=publickey,publickey to require 4252 that users authenticate using two _different_ pubkeys. 4253 4254 ok markus@ 4255 4256commit 46ac2ed4677968224c4ca825bc98fc68dae183f0 4257Author: djm@openbsd.org <djm@openbsd.org> 4258Date: Mon Dec 22 07:24:11 2014 +0000 4259 4260 upstream commit 4261 4262 fix passing of wildcard forward bind addresses when 4263 connection multiplexing is in use; patch from Sami Hartikainen via bz#2324; 4264 ok dtucker@ 4265 4266commit 0d1b241a262e4d0a6bbfdd595489ab1b853c43a1 4267Author: djm@openbsd.org <djm@openbsd.org> 4268Date: Mon Dec 22 06:14:29 2014 +0000 4269 4270 upstream commit 4271 4272 make this slightly easier to diff against portable 4273 4274commit 0715bcdddbf68953964058f17255bf54734b8737 4275Author: Damien Miller <djm@mindrot.org> 4276Date: Mon Dec 22 13:47:07 2014 +1100 4277 4278 add missing regress output file 4279 4280commit 1e30483c8ad2c2f39445d4a4b6ab20c241e40593 4281Author: djm@openbsd.org <djm@openbsd.org> 4282Date: Mon Dec 22 02:15:52 2014 +0000 4283 4284 upstream commit 4285 4286 adjust for new SHA256 key fingerprints and 4287 slightly-different MD5 hex fingerprint format 4288 4289commit 6b40567ed722df98593ad8e6a2d2448fc2b4b151 4290Author: djm@openbsd.org <djm@openbsd.org> 4291Date: Mon Dec 22 01:14:49 2014 +0000 4292 4293 upstream commit 4294 4295 poll changes to netcat (usr.bin/netcat.c r1.125) broke 4296 this test; fix it by ensuring more stdio fds are sent to devnull 4297 4298commit a5375ccb970f49dddf7d0ef63c9b713ede9e7260 4299Author: jmc@openbsd.org <jmc@openbsd.org> 4300Date: Sun Dec 21 23:35:14 2014 +0000 4301 4302 upstream commit 4303 4304 tweak previous; 4305 4306commit b79efde5c3badf5ce4312fe608d8307eade533c5 4307Author: djm@openbsd.org <djm@openbsd.org> 4308Date: Sun Dec 21 23:12:42 2014 +0000 4309 4310 upstream commit 4311 4312 document FingerprintHash here too 4313 4314commit d16bdd8027dd116afa01324bb071a4016cdc1a75 4315Author: Damien Miller <djm@mindrot.org> 4316Date: Mon Dec 22 10:18:09 2014 +1100 4317 4318 missing include for base64 encoding 4319 4320commit 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994 4321Author: djm@openbsd.org <djm@openbsd.org> 4322Date: Sun Dec 21 22:27:55 2014 +0000 4323 4324 upstream commit 4325 4326 Add FingerprintHash option to control algorithm used for 4327 key fingerprints. Default changes from MD5 to SHA256 and format from hex to 4328 base64. 4329 4330 Feedback and ok naddy@ markus@ 4331 4332commit 058f839fe15c51be8b3a844a76ab9a8db550be4f 4333Author: djm@openbsd.org <djm@openbsd.org> 4334Date: Thu Dec 18 23:58:04 2014 +0000 4335 4336 upstream commit 4337 4338 don't count partial authentication success as a failure 4339 against MaxAuthTries; ok deraadt@ 4340 4341commit c7219f4f54d64d6dde66dbcf7a2699daa782d2a1 4342Author: djm@openbsd.org <djm@openbsd.org> 4343Date: Fri Dec 12 00:02:17 2014 +0000 4344 4345 upstream commit 4346 4347 revert chunk I didn't mean to commit yet; via jmc@ 4348 4349commit 7de5991aa3997e2981440f39c1ea01273a0a2c7b 4350Author: Damien Miller <djm@mindrot.org> 4351Date: Thu Dec 18 11:44:06 2014 +1100 4352 4353 upstream libc change 4354 4355 revision 1.2 4356 date: 2014/12/08 03:45:00; author: bcook; state: Exp; lines: +2 -2; commitid: 7zWEBgJJOCZ2hvTV; 4357 avoid left shift overflow in reallocarray. 4358 4359 Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting 4360 1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with 4361 (size_t)1 so that we get the correct constant size for the platform. 4362 4363 discussed with tedu@ & deraadt@ 4364 4365commit 2048f85a5e6da8bc6e0532efe02ecfd4e63c978c 4366Author: Damien Miller <djm@mindrot.org> 4367Date: Thu Dec 18 10:15:49 2014 +1100 4368 4369 include CFLAGS in gnome askpass targets 4370 4371 from Fedora 4372 4373commit 48b68ce19ca42fa488960028048dec023f7899bb 4374Author: djm@openbsd.org <djm@openbsd.org> 4375Date: Thu Dec 11 08:20:09 2014 +0000 4376 4377 upstream commit 4378 4379 explicitly include sys/param.h in files that use the 4380 howmany() macro; from portable 4381 4382commit d663bea30a294d440fef4398e5cd816317bd4518 4383Author: djm@openbsd.org <djm@openbsd.org> 4384Date: Thu Dec 11 05:25:06 2014 +0000 4385 4386 upstream commit 4387 4388 mention AuthorizedKeysCommandUser must be set for 4389 AuthorizedKeysCommand to be run; bz#2287 4390 4391commit 17bf3d81e00f2abb414a4fd271118cf4913f049f 4392Author: djm@openbsd.org <djm@openbsd.org> 4393Date: Thu Dec 11 05:13:28 2014 +0000 4394 4395 upstream commit 4396 4397 show in debug output which hostkeys are being tried when 4398 attempting hostbased auth; patch from Iain Morgan 4399 4400commit da0277e3717eadf5b15e03379fc29db133487e94 4401Author: djm@openbsd.org <djm@openbsd.org> 4402Date: Thu Dec 11 04:16:14 2014 +0000 4403 4404 upstream commit 4405 4406 Make manual reflect reality: sftp-server's -d option 4407 accepts a "%d" option, not a "%h" one. 4408 4409 bz#2316; reported by Kirk Wolf 4410 4411commit 4cf87f4b81fa9380bce5fcff7b0f8382ae3ad996 4412Author: djm@openbsd.org <djm@openbsd.org> 4413Date: Wed Dec 10 01:24:09 2014 +0000 4414 4415 upstream commit 4416 4417 better error value for invalid signature length 4418 4419commit 4bfad14ca56f8ae04f418997816b4ba84e2cfc3c 4420Author: Darren Tucker <dtucker@zip.com.au> 4421Date: Wed Dec 10 02:12:51 2014 +1100 4422 4423 Resync more with OpenBSD's rijndael.c, in particular "#if 0"-ing out some 4424 unused code. Should fix compile error reported by plautrba at redhat. 4425 4426commit 642652d280499691c8212ec6b79724b50008ce09 4427Author: Darren Tucker <dtucker@zip.com.au> 4428Date: Wed Dec 10 01:32:23 2014 +1100 4429 4430 Add reallocarray to compat library 4431 4432commit 3dfd8d93dfcc69261f5af99df56f3ff598581979 4433Author: djm@openbsd.org <djm@openbsd.org> 4434Date: Thu Dec 4 22:31:50 2014 +0000 4435 4436 upstream commit 4437 4438 add tests for new client RevokedHostKeys option; refactor 4439 to make it a bit more readable 4440 4441commit a31046cad1aed16a0b55171192faa6d02665ccec 4442Author: krw@openbsd.org <krw@openbsd.org> 4443Date: Wed Nov 19 13:35:37 2014 +0000 4444 4445 upstream commit 4446 4447 Nuke yet more obvious #include duplications. 4448 4449 ok deraadt@ 4450 4451commit a7c762e5b2c1093542c0bc1df25ccec0b4cf479f 4452Author: djm@openbsd.org <djm@openbsd.org> 4453Date: Thu Dec 4 20:47:36 2014 +0000 4454 4455 upstream commit 4456 4457 key_in_file() wrapper is no longer used 4458 4459commit 5e39a49930d885aac9c76af3129332b6e772cd75 4460Author: djm@openbsd.org <djm@openbsd.org> 4461Date: Thu Dec 4 02:24:32 2014 +0000 4462 4463 upstream commit 4464 4465 add RevokedHostKeys option for the client 4466 4467 Allow textfile or KRL-based revocation of hostkeys. 4468 4469commit 74de254bb92c684cf53461da97f52d5ba34ded80 4470Author: djm@openbsd.org <djm@openbsd.org> 4471Date: Thu Dec 4 01:49:59 2014 +0000 4472 4473 upstream commit 4474 4475 convert KRL code to new buffer API 4476 4477 ok markus@ 4478 4479commit db995f2eed5fc432598626fa3e30654503bf7151 4480Author: millert@openbsd.org <millert@openbsd.org> 4481Date: Wed Nov 26 18:34:51 2014 +0000 4482 4483 upstream commit 4484 4485 Prefer setvbuf() to setlinebuf() for portability; ok 4486 deraadt@ 4487 4488commit 72bba3d179ced8b425272efe6956a309202a91f3 4489Author: jsg@openbsd.org <jsg@openbsd.org> 4490Date: Mon Nov 24 03:39:22 2014 +0000 4491 4492 upstream commit 4493 4494 Fix crashes in the handling of the sshd config file found 4495 with the afl fuzzer. 4496 4497 ok deraadt@ djm@ 4498 4499commit 867f49c666adcfe92bf539d9c37c1accdea08bf6 4500Author: Damien Miller <djm@mindrot.org> 4501Date: Wed Nov 26 13:22:41 2014 +1100 4502 4503 Avoid Cygwin ssh-host-config reading /etc/group 4504 4505 Patch from Corinna Vinschen 4506 4507commit 8b66f36291a721b1ba7c44f24a07fdf39235593e 4508Author: Damien Miller <djm@mindrot.org> 4509Date: Wed Nov 26 13:20:35 2014 +1100 4510 4511 allow custom service name for sshd on Cygwin 4512 4513 Permits the use of multiple sshd running with different service names. 4514 4515 Patch by Florian Friesdorf via Corinna Vinschen 4516 4517commit 08c0eebf55d70a9ae1964399e609288ae3186a0c 4518Author: jmc@openbsd.org <jmc@openbsd.org> 4519Date: Sat Nov 22 19:21:03 2014 +0000 4520 4521 upstream commit 4522 4523 restore word zapped in previous, and remove some useless 4524 "No" macros; 4525 4526commit a1418a0033fba43f061513e992e1cbcc3343e563 4527Author: deraadt@openbsd.org <deraadt@openbsd.org> 4528Date: Sat Nov 22 18:15:41 2014 +0000 4529 4530 upstream commit 4531 4532 /dev/random has created the same effect as /dev/arandom 4533 (and /dev/urandom) for quite some time. Mop up the last few, by using 4534 /dev/random where we actually want it, or not even mentioning arandom where 4535 it is irrelevant. 4536 4537commit b6de5ac9ed421362f479d1ad4fa433d2e25dad5b 4538Author: djm@openbsd.org <djm@openbsd.org> 4539Date: Fri Nov 21 01:00:38 2014 +0000 4540 4541 upstream commit 4542 4543 fix NULL pointer dereference crash on invalid timestamp 4544 4545 found using Michal Zalewski's afl fuzzer 4546 4547commit a1f8110cd5ed818d59b3a2964fab7de76e92c18e 4548Author: mikeb@openbsd.org <mikeb@openbsd.org> 4549Date: Tue Nov 18 22:38:48 2014 +0000 4550 4551 upstream commit 4552 4553 Sync AES code to the one shipped in OpenSSL/LibreSSL. 4554 4555 This includes a commit made by Andy Polyakov <appro at openssl ! org> 4556 to the OpenSSL source tree on Wed, 28 Jun 2006 with the following 4557 message: "Mitigate cache-collision timing attack on last round." 4558 4559 OK naddy, miod, djm 4560 4561commit 335c83d5f35d8620e16b8aa26592d4f836e09ad2 4562Author: krw@openbsd.org <krw@openbsd.org> 4563Date: Tue Nov 18 20:54:28 2014 +0000 4564 4565 upstream commit 4566 4567 Nuke more obvious #include duplications. 4568 4569 ok deraadt@ millert@ tedu@ 4570 4571commit 51b64e44121194ae4bf153dee391228dada2abcb 4572Author: djm@openbsd.org <djm@openbsd.org> 4573Date: Mon Nov 17 00:21:40 2014 +0000 4574 4575 upstream commit 4576 4577 fix KRL generation when multiple CAs are in use 4578 4579 We would generate an invalid KRL when revoking certs by serial 4580 number for multiple CA keys due to a section being written out 4581 twice. 4582 4583 Also extend the regress test to catch this case by having it 4584 produce a multi-CA KRL. 4585 4586 Reported by peter AT pean.org 4587 4588commit d2d51003a623e21fb2b25567c4878d915e90aa2a 4589Author: djm@openbsd.org <djm@openbsd.org> 4590Date: Tue Nov 18 01:02:25 2014 +0000 4591 4592 upstream commit 4593 4594 fix NULL pointer dereference crash in key loading 4595 4596 found by Michal Zalewski's AFL fuzzer 4597 4598commit 9f9fad0191028edc43d100d0ded39419b6895fdf 4599Author: djm@openbsd.org <djm@openbsd.org> 4600Date: Mon Nov 17 00:21:40 2014 +0000 4601 4602 upstream commit 4603 4604 fix KRL generation when multiple CAs are in use 4605 4606 We would generate an invalid KRL when revoking certs by serial 4607 number for multiple CA keys due to a section being written out 4608 twice. 4609 4610 Also extend the regress test to catch this case by having it 4611 produce a multi-CA KRL. 4612 4613 Reported by peter AT pean.org 4614 4615commit da8af83d3f7ec00099963e455010e0ed1d7d0140 4616Author: bentley@openbsd.org <bentley@openbsd.org> 4617Date: Sat Nov 15 14:41:03 2014 +0000 4618 4619 upstream commit 4620 4621 Reduce instances of `` '' in manuals. 4622 4623 troff displays these as typographic quotes, but nroff implementations 4624 almost always print them literally, which rarely has the intended effect 4625 with modern fonts, even in stock xterm. 4626 4627 These uses of `` '' can be replaced either with more semantic alternatives 4628 or with Dq, which prints typographic quotes in a UTF-8 locale (but will 4629 automatically fall back to `` '' in an ASCII locale). 4630 4631 improvements and ok schwarze@ 4632 4633commit fc302561369483bb755b17f671f70fb894aec01d 4634Author: djm@openbsd.org <djm@openbsd.org> 4635Date: Mon Nov 10 22:25:49 2014 +0000 4636 4637 upstream commit 4638 4639 mux-related manual tweaks 4640 4641 mention ControlPersist=0 is the same as ControlPersist=yes 4642 4643 recommend that ControlPath sockets be placed in a og-w directory 4644 4645commit 0e4cff5f35ed11102fe3783779960ef07e0cd381 4646Author: Damien Miller <djm@google.com> 4647Date: Wed Nov 5 11:01:31 2014 +1100 4648 4649 Prepare scripts for next Cygwin release 4650 4651 Makes the Cygwin-specific ssh-user-config script independent of the 4652 existence of /etc/passwd. The next Cygwin release will allow to 4653 generate passwd and group entries from the Windows account DBs, so the 4654 scripts have to adapt. 4655 4656 from Corinna Vinschen 4657 4658commit 7d0ba5336651731949762eb8877ce9e3b52df436 4659Author: Damien Miller <djm@mindrot.org> 4660Date: Thu Oct 30 10:45:41 2014 +1100 4661 4662 include version number in OpenSSL-too-old error 4663 4664commit 3bcb92e04d9207e9f78d82f7918c6d3422054ce9 4665Author: lteo@openbsd.org <lteo@openbsd.org> 4666Date: Fri Oct 24 02:01:20 2014 +0000 4667 4668 upstream commit 4669 4670 Remove unnecessary include: netinet/in_systm.h is not needed 4671 by these programs. 4672 4673 NB. skipped for portable 4674 4675 ok deraadt@ millert@ 4676 4677commit 6fdcaeb99532e28a69f1a1599fbd540bb15b70a0 4678Author: djm@openbsd.org <djm@openbsd.org> 4679Date: Mon Oct 20 03:43:01 2014 +0000 4680 4681 upstream commit 4682 4683 whitespace 4684 4685commit 165bc8786299e261706ed60342985f9de93a7461 4686Author: daniel@openbsd.org <daniel@openbsd.org> 4687Date: Tue Oct 14 03:09:59 2014 +0000 4688 4689 upstream commit 4690 4691 plug a memory leak; from Maxime Villard. 4692 4693 ok djm@ 4694 4695commit b1ba15f3885947c245c2dbfaad0a04ba050abea0 4696Author: jmc@openbsd.org <jmc@openbsd.org> 4697Date: Thu Oct 9 06:21:31 2014 +0000 4698 4699 upstream commit 4700 4701 tweak previous; 4702 4703commit 259a02ebdf74ad90b41d116ecf70aa823fa4c6e7 4704Author: djm@openbsd.org <djm@openbsd.org> 4705Date: Mon Oct 13 00:38:35 2014 +0000 4706 4707 upstream commit 4708 4709 whitespace 4710 4711commit 957fbceb0f3166e41b76fdb54075ab3b9cc84cba 4712Author: djm@openbsd.org <djm@openbsd.org> 4713Date: Wed Oct 8 22:20:25 2014 +0000 4714 4715 upstream commit 4716 4717 Tweak config reparsing with host canonicalisation 4718 4719 Make the second pass through the config files always run when 4720 hostname canonicalisation is enabled. 4721 4722 Add a "Match canonical" criteria that allows ssh_config Match 4723 blocks to trigger only in the second config pass. 4724 4725 Add a -G option to ssh that causes it to parse its configuration 4726 and dump the result to stdout, similar to "sshd -T" 4727 4728 Allow ssh_config Port options set in the second config parse 4729 phase to be applied (they were being ignored). 4730 4731 bz#2267 bz#2286; ok markus 4732 4733commit 5c0dafd38bf66feeeb45fa0741a5baf5ad8039ba 4734Author: djm@openbsd.org <djm@openbsd.org> 4735Date: Wed Oct 8 22:15:27 2014 +0000 4736 4737 upstream commit 4738 4739 another -Wpointer-sign from clang 4740 4741commit bb005dc815ebda9af3ae4b39ca101c4da918f835 4742Author: djm@openbsd.org <djm@openbsd.org> 4743Date: Wed Oct 8 22:15:06 2014 +0000 4744 4745 upstream commit 4746 4747 fix a few -Wpointer-sign warnings from clang 4748 4749commit 3cc1fbb4fb0e804bfb873fd363cea91b27fc8188 4750Author: djm@openbsd.org <djm@openbsd.org> 4751Date: Wed Oct 8 21:45:48 2014 +0000 4752 4753 upstream commit 4754 4755 parse cert sections using nested buffers to reduce 4756 copies; ok markus 4757 4758commit 4a45922aebf99164e2fc83d34fe55b11ae1866ef 4759Author: djm@openbsd.org <djm@openbsd.org> 4760Date: Mon Oct 6 00:47:15 2014 +0000 4761 4762 upstream commit 4763 4764 correct options in usage(); from mancha1 AT zoho.com 4765 4766commit 48dffd5bebae6fed0556dc5c36cece0370690618 4767Author: djm@openbsd.org <djm@openbsd.org> 4768Date: Tue Sep 9 09:45:36 2014 +0000 4769 4770 upstream commit 4771 4772 mention permissions on tun(4) devices in PermitTunnel 4773 documentation; bz#2273 4774 4775commit a5883d4eccb94b16c355987f58f86a7dee17a0c2 4776Author: djm@openbsd.org <djm@openbsd.org> 4777Date: Wed Sep 3 18:55:07 2014 +0000 4778 4779 upstream commit 4780 4781 tighten permissions on pty when the "tty" group does 4782 not exist; pointed out by Corinna Vinschen; ok markus 4783 4784commit 180bcb406b58bf30723c01a6b010e48ee626dda8 4785Author: sobrado@openbsd.org <sobrado@openbsd.org> 4786Date: Sat Aug 30 16:32:25 2014 +0000 4787 4788 upstream commit 4789 4790 typo. 4791 4792commit f70b22bcdd52f6bf127047b3584371e6e5d45627 4793Author: sobrado@openbsd.org <sobrado@openbsd.org> 4794Date: Sat Aug 30 15:33:50 2014 +0000 4795 4796 upstream commit 4797 4798 improve capitalization for the Ed25519 public-key 4799 signature system. 4800 4801 ok djm@ 4802 4803commit 7df8818409c752cf3f0c3f8044fe9aebed8647bd 4804Author: doug@openbsd.org <doug@openbsd.org> 4805Date: Thu Aug 21 01:08:52 2014 +0000 4806 4807 upstream commit 4808 4809 Free resources on error in mkstemp and fdopen 4810 4811 ok djm@ 4812 4813commit 40ba4c9733aaed08304714faeb61529f18da144b 4814Author: deraadt@openbsd.org <deraadt@openbsd.org> 4815Date: Wed Aug 20 01:28:55 2014 +0000 4816 4817 upstream commit 4818 4819 djm how did you make a typo like that... 4820 4821commit 57d378ec9278ba417a726f615daad67d157de666 4822Author: djm@openbsd.org <djm@openbsd.org> 4823Date: Tue Aug 19 23:58:28 2014 +0000 4824 4825 upstream commit 4826 4827 When dumping the server configuration (sshd -T), print 4828 correct KEX, MAC and cipher defaults. Spotted by Iain Morgan 4829 4830commit 7ff880ede5195d0b17e7f1e3b6cfbc4cb6f85240 4831Author: djm@openbsd.org <djm@openbsd.org> 4832Date: Tue Aug 19 23:57:18 2014 +0000 4833 4834 upstream commit 4835 4836 ~-expand lcd paths 4837 4838commit 4460a7ad0c78d4cd67c467f6e9f4254d0404ed59 4839Author: Damien Miller <djm@mindrot.org> 4840Date: Sun Oct 12 12:35:48 2014 +1100 4841 4842 remove duplicated KEX_DH1 entry 4843 4844commit c9b8426a616138d0d762176c94f51aff3faad5ff 4845Author: Damien Miller <djm@mindrot.org> 4846Date: Thu Oct 9 10:34:06 2014 +1100 4847 4848 remove ChangeLog file 4849 4850 Commit logs will be generated from git at release time. 4851 4852commit 81d18ff7c93a04affbf3903e0963859763219aed 4853Author: Damien Miller <djm@google.com> 4854Date: Tue Oct 7 21:24:25 2014 +1100 4855 4856 delete contrib/caldera directory 4857 4858commit 0ec9e87d3638206456968202f05bb5123670607a 4859Author: Damien Miller <djm@google.com> 4860Date: Tue Oct 7 19:57:27 2014 +1100 4861 4862 test commit 4863 4864commit 8fb65a44568701b779f3d77326bceae63412d28d 4865Author: Damien Miller <djm@mindrot.org> 4866Date: Tue Oct 7 09:21:49 2014 +1100 4867 4868 - (djm) Release OpenSSH-6.7 4869 4870commit e8c9f2602c46f6781df5e52e6cd8413dab4602a3 4871Author: Damien Miller <djm@mindrot.org> 4872Date: Fri Oct 3 09:24:56 2014 +1000 4873 4874 - (djm) [sshd_config.5] typo; from Iain Morgan 4875 4876commit 703b98a26706f5083801d11059486d77491342ae 4877Author: Damien Miller <djm@mindrot.org> 4878Date: Wed Oct 1 09:43:07 2014 +1000 4879 4880 - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c] 4881 [openbsd-compat/openbsd-compat.h] Kludge around bad glibc 4882 _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; 4883 ok dtucker@ 4884 4885commit 0fa0ed061bbfedb0daa705e220748154a84c3413 4886Author: Damien Miller <djm@mindrot.org> 4887Date: Wed Sep 10 08:15:34 2014 +1000 4888 4889 - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc; 4890 patch from Felix von Leitner; ok dtucker 4891 4892commit ad7d23d461c3b7e1dcb15db13aee5f4b94dc1a95 4893Author: Darren Tucker <dtucker@zip.com.au> 4894Date: Tue Sep 9 12:23:10 2014 +1000 4895 4896 20140908 4897 - (dtucker) [INSTALL] Update info about egd. ok djm@ 4898 4899commit 2a8699f37cc2515e3bc60e0c677ba060f4d48191 4900Author: Damien Miller <djm@mindrot.org> 4901Date: Thu Sep 4 03:46:05 2014 +1000 4902 4903 - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG 4904 4905commit 44988defb1f5e3afe576d86000365e1f07a1b494 4906Author: Damien Miller <djm@mindrot.org> 4907Date: Wed Sep 3 05:35:32 2014 +1000 4908 4909 - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to 4910 permissions/ACLs; from Corinna Vinschen 4911 4912commit 23f269562b7537b2f6f5014e50a25e5dcc55a837 4913Author: Damien Miller <djm@mindrot.org> 4914Date: Wed Sep 3 05:33:25 2014 +1000 4915 4916 - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and 4917 conditionalise to avoid duplicate definition. 4918 4919commit 41c8de2c0031cf59e7cf0c06b5bcfbf4852c1fda 4920Author: Damien Miller <djm@mindrot.org> 4921Date: Sat Aug 30 16:23:06 2014 +1000 4922 4923 - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@ 4924 4925commit d7c81e216a7bd9eed6e239c970d9261bb1651947 4926Author: Damien Miller <djm@mindrot.org> 4927Date: Sat Aug 30 04:18:28 2014 +1000 4928 4929 - (djm) [openbsd-compat/openssl-compat.h] add include guard 4930 4931commit 4687802dda57365b984b897fc3c8e2867ea09b22 4932Author: Damien Miller <djm@mindrot.org> 4933Date: Sat Aug 30 03:29:19 2014 +1000 4934 4935 - (djm) [misc.c] Missing newline between functions 4936 4937commit 51c77e29220dee87c53be2dc47092934acab26fe 4938Author: Damien Miller <djm@mindrot.org> 4939Date: Sat Aug 30 02:30:30 2014 +1000 4940 4941 - (djm) [openbsd-compat/openssl-compat.h] add 4942 OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them 4943 4944commit 3d673d103bad35afaec6e7ef73e5277216ce33a3 4945Author: Damien Miller <djm@mindrot.org> 4946Date: Wed Aug 27 06:32:01 2014 +1000 4947 4948 - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero() 4949 using memset_s() where possible; improve fallback to indirect bzero 4950 via a volatile pointer to give it more of a chance to avoid being 4951 optimised away. 4952 4953commit 146218ac11a1eb0dcade6f793d7acdef163b5ddc 4954Author: Damien Miller <djm@mindrot.org> 4955Date: Wed Aug 27 04:11:55 2014 +1000 4956 4957 - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth 4958 monitor, not preauth; bz#2263 4959 4960commit 1b215c098b3b37e38aa4e4c91bb908eee41183b1 4961Author: Damien Miller <djm@mindrot.org> 4962Date: Wed Aug 27 04:04:40 2014 +1000 4963 4964 - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] 4965 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] 4966 [regress/unittests/sshkey/common.c] 4967 [regress/unittests/sshkey/test_file.c] 4968 [regress/unittests/sshkey/test_fuzz.c] 4969 [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h 4970 on !ECC OpenSSL systems 4971 4972commit ad013944af0a19e3f612089d0099bb397cf6502d 4973Author: Damien Miller <djm@mindrot.org> 4974Date: Tue Aug 26 09:27:28 2014 +1000 4975 4976 - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL, 4977 update OpenSSL version requirement. 4978 4979commit ed126de8ee04c66640a0ea2697c4aaf36801f100 4980Author: Damien Miller <djm@mindrot.org> 4981Date: Tue Aug 26 08:37:47 2014 +1000 4982 4983 - (djm) [bufec.c] Skip this file on !ECC OpenSSL 4984 4985commit 9c1dede005746864a4fdb36a7cdf6c51296ca909 4986Author: Damien Miller <djm@mindrot.org> 4987Date: Sun Aug 24 03:01:06 2014 +1000 4988 4989 - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not 4990 PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen 4991 4992commit d244a5816fd1312a33404b436e4dd83594f1119e 4993Author: Damien Miller <djm@mindrot.org> 4994Date: Sat Aug 23 17:06:49 2014 +1000 4995 4996 - (djm) [configure.ac] We now require a working vsnprintf everywhere (not 4997 just for systems that lack asprintf); check for it always and extend 4998 test to catch more brokenness. Fixes builds on Solaris <= 9 4999 5000commit 4cec036362a358e398e6a2e6d19d8e5780558634 5001Author: Damien Miller <djm@mindrot.org> 5002Date: Sat Aug 23 03:11:09 2014 +1000 5003 5004 - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on 5005 lastlog writing on platforms with high UIDs; bz#2263 5006 5007commit 394a60f2598d28b670d934b93942a3370b779b39 5008Author: Damien Miller <djm@mindrot.org> 5009Date: Fri Aug 22 18:06:20 2014 +1000 5010 5011 - (djm) [configure.ac] double braces to appease autoconf 5012 5013commit 4d69aeabd6e60afcdc7cca177ca751708ab79a9d 5014Author: Damien Miller <djm@mindrot.org> 5015Date: Fri Aug 22 17:48:27 2014 +1000 5016 5017 - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/ 5018 definition mismatch) and warning for broken/missing snprintf case. 5019 5020commit 0c11f1ac369d2c0aeb0ab0458a7cd04c72fe5e9e 5021Author: Damien Miller <djm@mindrot.org> 5022Date: Fri Aug 22 17:36:56 2014 +1000 5023 5024 - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC 5025 5026commit 6d62784b8973340b251fea6b04890f471adf28db 5027Author: Damien Miller <djm@mindrot.org> 5028Date: Fri Aug 22 17:36:19 2014 +1000 5029 5030 - (djm) [configure.ac] include leading zero characters in OpenSSL version 5031 number; fixes test for unsupported versions 5032 5033commit 4f1ff1ed782117f5d5204d4e91156ed5da07cbb7 5034Author: Damien Miller <djm@mindrot.org> 5035Date: Thu Aug 21 15:54:50 2014 +1000 5036 5037 - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that 5038 don't set __progname. Diagnosed by Tom Christensen. 5039 5040commit 005a64da0f457410045ef0bfa93c863c2450447d 5041Author: Damien Miller <djm@mindrot.org> 5042Date: Thu Aug 21 10:48:41 2014 +1000 5043 5044 - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL 5045 5046commit aa6598ebb3343c7380e918388e10e8ca5852b613 5047Author: Damien Miller <djm@mindrot.org> 5048Date: Thu Aug 21 10:47:54 2014 +1000 5049 5050 - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too. 5051 5052commit 54703e3cf63f0c80d4157e5ad7dbc2b363ee2c56 5053Author: Damien Miller <djm@mindrot.org> 5054Date: Wed Aug 20 11:10:51 2014 +1000 5055 5056 - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna 5057 5058commit f0935698f0461f24d8d1f1107b476ee5fd4db1cb 5059Author: Damien Miller <djm@mindrot.org> 5060Date: Wed Aug 20 11:06:50 2014 +1000 5061 5062 - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC 5063 5064commit c5089ecaec3b2c02f014f4e67518390702a4ba14 5065Author: Damien Miller <djm@mindrot.org> 5066Date: Wed Aug 20 11:06:20 2014 +1000 5067 5068 - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than 5069 -L/-l; fixes linking problems on some platforms 5070 5071commit 2195847e503a382f83ee969b0a8bd3dfe0e55c18 5072Author: Damien Miller <djm@mindrot.org> 5073Date: Wed Aug 20 11:05:03 2014 +1000 5074 5075 - (djm) [configure.ac] Check OpenSSL version is supported at configure time; 5076 suggested by Kevin Brott 5077 5078commit a75aca1bbc989aa9f8b1b08489d37855f3d24d1a 5079Author: Damien Miller <djm@mindrot.org> 5080Date: Tue Aug 19 11:36:07 2014 +1000 5081 5082 - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README] 5083 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions 5084 of TCP wrappers. 5085 5086commit 3f022b5a9477abceeb1bbeab04b055f3cc7ca8f6 5087Author: Damien Miller <djm@mindrot.org> 5088Date: Tue Aug 19 11:32:34 2014 +1000 5089 5090 - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG 5091 5092commit 88137902632aceb923990e98cf5dc923bb3ef2f5 5093Author: Damien Miller <djm@mindrot.org> 5094Date: Tue Aug 19 11:28:11 2014 +1000 5095 5096 - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC. 5097 5098commit 2f3d1e7fb2eabd3cfbfd8d0f7bdd2f9a1888690b 5099Author: Damien Miller <djm@mindrot.org> 5100Date: Tue Aug 19 11:14:36 2014 +1000 5101 5102 - (djm) [myproposal.h] Make curve25519 KEX dependent on 5103 HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC. 5104 5105commit d4e7d59d01a6c7f59e8c1f94a83c086e9a33d8aa 5106Author: Damien Miller <djm@mindrot.org> 5107Date: Tue Aug 19 11:14:17 2014 +1000 5108 5109 - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen 5110 5111commit 9eaeea2cf2b6af5f166cfa9ad3c7a90711a147a9 5112Author: Damien Miller <djm@mindrot.org> 5113Date: Sun Aug 10 11:35:05 2014 +1000 5114 5115 - (djm) [README contrib/caldera/openssh.spec] 5116 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions 5117 5118commit f8988fbef0c9801d19fa2f8f4f041690412bec37 5119Author: Damien Miller <djm@mindrot.org> 5120Date: Fri Aug 1 13:31:52 2014 +1000 5121 5122 - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate 5123 nc from stdin, it's more portable 5124 5125commit 5b3879fd4b7a4e3d43bab8f40addda39bc1169d0 5126Author: Damien Miller <djm@mindrot.org> 5127Date: Fri Aug 1 12:28:31 2014 +1000 5128 5129 - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin 5130 is closed; avoid regress failures when stdin is /dev/null 5131 5132commit a9c46746d266f8a1b092a72b2150682d1af8ebfc 5133Author: Damien Miller <djm@mindrot.org> 5134Date: Fri Aug 1 12:26:49 2014 +1000 5135 5136 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need 5137 a better solution, but this will have to do for now. 5138 5139commit 426117b2e965e43f47015942b5be8dd88fe74b88 5140Author: Damien Miller <djm@mindrot.org> 5141Date: Wed Jul 30 12:33:20 2014 +1000 5142 5143 - schwarze@cvs.openbsd.org 2014/07/28 15:40:08 5144 [sftp-server.8 sshd_config.5] 5145 some systems no longer need /dev/log; 5146 issue noticed by jirib; 5147 ok deraadt 5148 5149commit f497794b6962eaf802ab4ac2a7b22ae591cca1d5 5150Author: Damien Miller <djm@mindrot.org> 5151Date: Wed Jul 30 12:32:46 2014 +1000 5152 5153 - dtucker@cvs.openbsd.org 2014/07/25 21:22:03 5154 [ssh-agent.c] 5155 Clear buffer used for handling messages. This prevents keys being 5156 left in memory after they have been expired or deleted in some cases 5157 (but note that ssh-agent is setgid so you would still need root to 5158 access them). Pointed out by Kevin Burns, ok deraadt 5159 5160commit a8a0f65c57c8ecba94d65948e9090da54014dfef 5161Author: Damien Miller <djm@mindrot.org> 5162Date: Wed Jul 30 12:32:28 2014 +1000 5163 5164 - OpenBSD CVS Sync 5165 - millert@cvs.openbsd.org 2014/07/24 22:57:10 5166 [ssh.1] 5167 Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@ 5168 5169commit 56b840f2b81e14a2f95c203403633a72566736f8 5170Author: Damien Miller <djm@mindrot.org> 5171Date: Fri Jul 25 08:11:30 2014 +1000 5172 5173 - (djm) [regress/multiplex.sh] restore incorrectly deleted line; 5174 pointed out by Christian Hesse 5175 5176commit dd417b60d5ca220565d1014e92b7f8f43dc081eb 5177Author: Darren Tucker <dtucker@zip.com.au> 5178Date: Wed Jul 23 10:41:21 2014 +1000 5179 5180 - dtucker@cvs.openbsd.org 2014/07/22 23:35:38 5181 [regress/unittests/sshkey/testdata/*] 5182 Regenerate test keys with certs signed with ed25519 instead of ecdsa. 5183 These can be used in -portable on platforms that don't support ECDSA. 5184 5185commit 40e50211896369dba8f64f3b5e5fd58b76f5ac3f 5186Author: Darren Tucker <dtucker@zip.com.au> 5187Date: Wed Jul 23 10:35:45 2014 +1000 5188 5189 - dtucker@cvs.openbsd.org 2014/07/22 23:57:40 5190 [regress/unittests/sshkey/mktestdata.sh] 5191 Add $OpenBSD tag to make syncs easier 5192 5193commit 07e644251e809b1d4c062cf85bd1146a7e3f5a8a 5194Author: Darren Tucker <dtucker@zip.com.au> 5195Date: Wed Jul 23 10:34:26 2014 +1000 5196 5197 - dtucker@cvs.openbsd.org 2014/07/22 23:23:22 5198 [regress/unittests/sshkey/mktestdata.sh] 5199 Sign test certs with ed25519 instead of ecdsa so that they'll work in 5200 -portable on platforms that don't have ECDSA in their OpenSSL. ok djm 5201 5202commit cea099a7c4eaecb01b001e5453bb4e5c25006c22 5203Author: Darren Tucker <dtucker@zip.com.au> 5204Date: Wed Jul 23 10:04:02 2014 +1000 5205 5206 - djm@cvs.openbsd.org 2014/07/22 01:32:12 5207 [regress/multiplex.sh] 5208 change the test for still-open Unix domain sockets to be robust against 5209 nc implementations that produce error messages. from -portable 5210 (Id sync only) 5211 5212commit 31eb78078d349b32ea41952ecc944b3ad6cb0d45 5213Author: Darren Tucker <dtucker@zip.com.au> 5214Date: Wed Jul 23 09:43:42 2014 +1000 5215 5216 - guenther@cvs.openbsd.org 2014/07/22 07:13:42 5217 [umac.c] 5218 Convert from <sys/endian.h> to the shiney new <endian.h> 5219 ok dtucker@, who also confirmed that -portable handles this already 5220 (ID sync only, includes.h pulls in endian.h if available.) 5221 5222commit 820763efef2d19d965602533036c2b4badc9d465 5223Author: Darren Tucker <dtucker@zip.com.au> 5224Date: Wed Jul 23 09:40:46 2014 +1000 5225 5226 - dtucker@cvs.openbsd.org 2014/07/22 01:18:50 5227 [key.c] 5228 Prevent spam from key_load_private_pem during hostbased auth. ok djm@ 5229 5230commit c4ee219a66f3190fa96cbd45b4d11015685c6306 5231Author: Darren Tucker <dtucker@zip.com.au> 5232Date: Wed Jul 23 04:27:50 2014 +1000 5233 5234 - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa- 5235 specific tests inside OPENSSL_HAS_ECC. 5236 5237commit 04f4824940ea3edd60835416ececbae16438968a 5238Author: Damien Miller <djm@mindrot.org> 5239Date: Tue Jul 22 11:31:47 2014 +1000 5240 5241 - (djm) [regress/multiplex.sh] change the test for still-open Unix 5242 domain sockets to be robust against nc implementations that produce 5243 error messages. 5244 5245commit 5ea4fe00d55453aaa44007330bb4c3181bd9b796 5246Author: Damien Miller <djm@mindrot.org> 5247Date: Tue Jul 22 09:39:19 2014 +1000 5248 5249 - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow; 5250 put it back 5251 5252commit 948a1774a79a85f9deba6d74db95f402dee32c69 5253Author: Darren Tucker <dtucker@zip.com.au> 5254Date: Tue Jul 22 01:07:11 2014 +1000 5255 5256 - (dtucker) [sshkey.c] ifdef out unused variable when compiling without 5257 OPENSSL_HAS_ECC. 5258 5259commit c8f610f6cc57ae129758052439d9baf13699097b 5260Author: Damien Miller <djm@mindrot.org> 5261Date: Mon Jul 21 10:23:27 2014 +1000 5262 5263 - (djm) [regress/multiplex.sh] Not all netcat accept the -N option. 5264 5265commit 0e4e95566cd95c887f69272499b8f3880b3ec0f5 5266Author: Damien Miller <djm@mindrot.org> 5267Date: Mon Jul 21 09:52:54 2014 +1000 5268 5269 - millert@cvs.openbsd.org 2014/07/15 15:54:15 5270 [forwarding.sh multiplex.sh] 5271 Add support for Unix domain socket forwarding. A remote TCP port 5272 may be forwarded to a local Unix domain socket and vice versa or 5273 both ends may be a Unix domain socket. This is a reimplementation 5274 of the streamlocal patches by William Ahern from: 5275 http://www.25thandclement.com/~william/projects/streamlocal.html 5276 OK djm@ markus@ 5277 5278commit 93a87ab27ecdc709169fb24411133998f81e2761 5279Author: Darren Tucker <dtucker@zip.com.au> 5280Date: Mon Jul 21 06:30:25 2014 +1000 5281 5282 - (dtucker) [regress/unittests/sshkey/ 5283 {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in 5284 ifdefs. 5285 5286commit 5573171352ea23df2dc6d2fe0324d023b7ba697c 5287Author: Darren Tucker <dtucker@zip.com.au> 5288Date: Mon Jul 21 02:24:59 2014 +1000 5289 5290 - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits 5291 needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm 5292 5293commit 74e28682711d005026c7c8f15f96aea9d3c8b5a3 5294Author: Tim Rice <tim@multitalents.net> 5295Date: Fri Jul 18 20:00:11 2014 -0700 5296 5297 - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used 5298 in servconf.h. 5299 5300commit d1a0421f8e5e933fee6fb58ee6b9a22c63c8a613 5301Author: Darren Tucker <dtucker@zip.com.au> 5302Date: Sat Jul 19 07:23:55 2014 +1000 5303 5304 - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC. 5305 5306commit f0fe9ea1be62227c130b317769de3d1e736b6dc1 5307Author: Darren Tucker <dtucker@zip.com.au> 5308Date: Sat Jul 19 06:33:12 2014 +1000 5309 5310 - (dtucker) [Makefile.in] Add a t-exec target to run just the executable 5311 tests. 5312 5313commit 450bc1180d4b061434a4b733c5c8814fa30b022b 5314Author: Darren Tucker <dtucker@zip.com.au> 5315Date: Sat Jul 19 06:23:18 2014 +1000 5316 5317 - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used 5318 in servconf.h. 5319 5320commit ab2ec586baad122ed169285c31927ccf58bc7b28 5321Author: Damien Miller <djm@mindrot.org> 5322Date: Fri Jul 18 15:04:47 2014 +1000 5323 5324 - djm@cvs.openbsd.org 2014/07/18 02:46:01 5325 [ssh-agent.c] 5326 restore umask around listener socket creation (dropped in streamlocal patch 5327 merge) 5328 5329commit 357610d15946381ae90c271837dcdd0cdce7145f 5330Author: Damien Miller <djm@mindrot.org> 5331Date: Fri Jul 18 15:04:10 2014 +1000 5332 5333 - djm@cvs.openbsd.org 2014/07/17 07:22:19 5334 [mux.c ssh.c] 5335 reflect stdio-forward ("ssh -W host:port ...") failures in exit status. 5336 previously we were always returning 0. bz#2255 reported by Brendan 5337 Germain; ok dtucker 5338 5339commit dad9a4a0b7c2b5d78605f8df28718f116524134e 5340Author: Damien Miller <djm@mindrot.org> 5341Date: Fri Jul 18 15:03:49 2014 +1000 5342 5343 - djm@cvs.openbsd.org 2014/07/17 00:12:03 5344 [key.c] 5345 silence "incorrect passphrase" error spam; reported and ok dtucker@ 5346 5347commit f42f7684ecbeec6ce50e0310f80b3d6da2aaf533 5348Author: Damien Miller <djm@mindrot.org> 5349Date: Fri Jul 18 15:03:27 2014 +1000 5350 5351 - djm@cvs.openbsd.org 2014/07/17 00:10:18 5352 [mux.c] 5353 preserve errno across syscall 5354 5355commit 1b83320628cb0733e3688b85bfe4d388a7c51909 5356Author: Damien Miller <djm@mindrot.org> 5357Date: Fri Jul 18 15:03:02 2014 +1000 5358 5359 - djm@cvs.openbsd.org 2014/07/17 00:10:56 5360 [sandbox-systrace.c] 5361 ifdef SYS_sendsyslog so this will compile without patching on -stable 5362 5363commit 6d57656331bcd754d912950e4a18ad259d596e61 5364Author: Damien Miller <djm@mindrot.org> 5365Date: Fri Jul 18 15:02:06 2014 +1000 5366 5367 - jmc@cvs.openbsd.org 2014/07/16 14:48:57 5368 [ssh.1] 5369 add the streamlocal* options to ssh's -o list; millert says they're 5370 irrelevant for scp/sftp; 5371 5372 ok markus millert 5373 5374commit 7acefbbcbeab725420ea07397ae35992f505f702 5375Author: Damien Miller <djm@mindrot.org> 5376Date: Fri Jul 18 14:11:24 2014 +1000 5377 5378 - millert@cvs.openbsd.org 2014/07/15 15:54:14 5379 [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] 5380 [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] 5381 [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] 5382 [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] 5383 [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] 5384 [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] 5385 [sshd_config.5 sshlogin.c] 5386 Add support for Unix domain socket forwarding. A remote TCP port 5387 may be forwarded to a local Unix domain socket and vice versa or 5388 both ends may be a Unix domain socket. This is a reimplementation 5389 of the streamlocal patches by William Ahern from: 5390 http://www.25thandclement.com/~william/projects/streamlocal.html 5391 OK djm@ markus@ 5392 5393commit 6262d760e00714523633bd989d62e273a3dca99a 5394Author: Damien Miller <djm@mindrot.org> 5395Date: Thu Jul 17 09:52:07 2014 +1000 5396 5397 - tedu@cvs.openbsd.org 2014/07/11 13:54:34 5398 [myproposal.h] 5399 by popular demand, add back hamc-sha1 to server proposal for better compat 5400 with many clients still in use. ok deraadt 5401 5402commit 9d69d937b46ecba17f16d923e538ceda7b705c7a 5403Author: Damien Miller <djm@mindrot.org> 5404Date: Thu Jul 17 09:49:37 2014 +1000 5405 5406 - deraadt@cvs.openbsd.org 2014/07/11 08:09:54 5407 [sandbox-systrace.c] 5408 Permit use of SYS_sendsyslog from inside the sandbox. Clock is ticking, 5409 update your kernels and sshd soon.. libc will start using sendsyslog() 5410 in about 4 days. 5411 5412commit f6293a0b4129826fc2e37e4062f96825df43c326 5413Author: Damien Miller <djm@mindrot.org> 5414Date: Thu Jul 17 09:01:25 2014 +1000 5415 5416 - (djm) [digest-openssl.c] Preserve array order when disabling digests. 5417 Reported by Petr Lautrbach. 5418 5419commit 00f9cd230709c04399ef5ff80492d70a55230694 5420Author: Damien Miller <djm@mindrot.org> 5421Date: Tue Jul 15 10:41:38 2014 +1000 5422 5423 - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto 5424 has been located; fixes builds agains libressl-portable 5425 5426commit 1d0df3249c87019556b83306c28d4769375c2edc 5427Author: Damien Miller <djm@mindrot.org> 5428Date: Fri Jul 11 09:19:04 2014 +1000 5429 5430 - OpenBSD CVS Sync 5431 - benno@cvs.openbsd.org 2014/07/09 14:15:56 5432 [ssh-add.c] 5433 fix ssh-add crash while loading more than one key 5434 ok markus@ 5435 5436commit 7a57eb3d105aa4ced15fb47001092c58811e6d9d 5437Author: Damien Miller <djm@mindrot.org> 5438Date: Wed Jul 9 13:22:31 2014 +1000 5439 5440 - djm@cvs.openbsd.org 2014/07/07 08:15:26 5441 [multiplex.sh] 5442 remove forced-fatal that I stuck in there to test the new cleanup 5443 logic and forgot to remove... 5444 5445commit 612f965239a30fe536b11ece1834d9f470aeb029 5446Author: Damien Miller <djm@mindrot.org> 5447Date: Wed Jul 9 13:22:03 2014 +1000 5448 5449 - djm@cvs.openbsd.org 2014/07/06 07:42:03 5450 [multiplex.sh test-exec.sh] 5451 add a hook to the cleanup() function to kill $SSH_PID if it is set 5452 5453 use it to kill the mux master started in multiplex.sh (it was being left 5454 around on fatal failures) 5455 5456commit d0bb950485ba121e43a77caf434115ed6417b46f 5457Author: Damien Miller <djm@mindrot.org> 5458Date: Wed Jul 9 13:07:28 2014 +1000 5459 5460 - djm@cvs.openbsd.org 2014/07/09 03:02:15 5461 [key.c] 5462 downgrade more error() to debug() to better match what old authfile.c 5463 did; suppresses spurious errors with hostbased authentication enabled 5464 5465commit 0070776a038655c57f57e70cd05e4c38a5de9d84 5466Author: Damien Miller <djm@mindrot.org> 5467Date: Wed Jul 9 13:07:06 2014 +1000 5468 5469 - djm@cvs.openbsd.org 2014/07/09 01:45:10 5470 [sftp.c] 5471 more useful error message when GLOB_NOSPACE occurs; 5472 bz#2254, patch from Orion Poplawski 5473 5474commit 079bac2a43c74ef7cf56850afbab3b1932534c50 5475Author: Damien Miller <djm@mindrot.org> 5476Date: Wed Jul 9 13:06:25 2014 +1000 5477 5478 - djm@cvs.openbsd.org 2014/07/07 08:19:12 5479 [ssh_config.5] 5480 mention that ProxyCommand is executed using shell "exec" to avoid 5481 a lingering process; bz#1977 5482 5483commit 3a48cc090096cf99b9de592deb5f90e444edebfb 5484Author: Damien Miller <djm@mindrot.org> 5485Date: Sun Jul 6 09:32:49 2014 +1000 5486 5487 - djm@cvs.openbsd.org 2014/07/05 23:11:48 5488 [channels.c] 5489 fix remote-forward cancel regression; ok markus@ 5490 5491commit 48bae3a38cb578713e676708164f6e7151cc64fa 5492Author: Damien Miller <djm@mindrot.org> 5493Date: Sun Jul 6 09:27:06 2014 +1000 5494 5495 - djm@cvs.openbsd.org 2014/07/03 23:18:35 5496 [authfile.h] 5497 remove leakmalloc droppings 5498 5499commit 72e6b5c9ed5e72ca3a6ccc3177941b7c487a0826 5500Author: Damien Miller <djm@mindrot.org> 5501Date: Fri Jul 4 09:00:04 2014 +1000 5502 5503 - djm@cvs.openbsd.org 2014/07/03 22:40:43 5504 [servconf.c servconf.h session.c sshd.8 sshd_config.5] 5505 Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is 5506 executed, mirroring the no-user-rc authorized_keys option; 5507 bz#2160; ok markus@ 5508 5509commit 602943d1179a08dfa70af94f62296ea5e3d6ebb8 5510Author: Damien Miller <djm@mindrot.org> 5511Date: Fri Jul 4 08:59:41 2014 +1000 5512 5513 - djm@cvs.openbsd.org 2014/07/03 22:33:41 5514 [channels.c] 5515 allow explicit ::1 and 127.0.0.1 forwarding bind addresses when 5516 GatewayPorts=no; allows client to choose address family; 5517 bz#2222 ok markus@ 5518 5519commit 6b37fbb7921d156b31e2c8f39d9e1b6746c34983 5520Author: Damien Miller <djm@mindrot.org> 5521Date: Fri Jul 4 08:59:24 2014 +1000 5522 5523 - djm@cvs.openbsd.org 2014/07/03 22:23:46 5524 [sshconnect.c] 5525 when rekeying, skip file/DNS lookup if it is the same as the key sent 5526 during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@ 5527 5528commit d2c3cd5f2e47ee24cf7093ce8e948c2e79dfc3fd 5529Author: Damien Miller <djm@mindrot.org> 5530Date: Fri Jul 4 08:59:01 2014 +1000 5531 5532 - jsing@cvs.openbsd.org 2014/07/03 12:42:16 5533 [cipher-chachapoly.c] 5534 Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this 5535 makes it easier to verify that chacha_encrypt_bytes() is only called once 5536 per chacha_ivsetup() call. 5537 ok djm@ 5538 5539commit 686feb560ec43a06ba04da82b50f3c183c947309 5540Author: Damien Miller <djm@mindrot.org> 5541Date: Thu Jul 3 21:29:38 2014 +1000 5542 5543 - djm@cvs.openbsd.org 2014/07/03 11:16:55 5544 [auth.c auth.h auth1.c auth2.c] 5545 make the "Too many authentication failures" message include the 5546 user, source address, port and protocol in a format similar to the 5547 authentication success / failure messages; bz#2199, ok dtucker 5548 5549commit 0f12341402e18fd9996ec23189b9418d2722453f 5550Author: Damien Miller <djm@mindrot.org> 5551Date: Thu Jul 3 21:28:09 2014 +1000 5552 5553 - jmc@cvs.openbsd.org 2014/07/03 07:45:27 5554 [ssh_config.5] 5555 escape %C since groff thinks it part of an Rs/Re block; 5556 5557commit 9c38643c5cd47a19db2cc28279dcc28abadc22b3 5558Author: Damien Miller <djm@mindrot.org> 5559Date: Thu Jul 3 21:27:46 2014 +1000 5560 5561 - djm@cvs.openbsd.org 2014/07/03 06:39:19 5562 [ssh.c ssh_config.5] 5563 Add a %C escape sequence for LocalCommand and ControlPath that expands 5564 to a unique identifer based on a has of the tuple of (local host, 5565 remote user, hostname, port). 5566 5567 Helps avoid exceeding sockaddr_un's miserly pathname limits for mux 5568 control paths. 5569 5570 bz#2220, based on patch from mancha1 AT zoho.com; ok markus@ 5571 5572commit 49d9bfe2b2f3e90cc158a215dffa7675e57e7830 5573Author: Damien Miller <djm@mindrot.org> 5574Date: Thu Jul 3 21:26:42 2014 +1000 5575 5576 - djm@cvs.openbsd.org 2014/07/03 05:38:17 5577 [ssh.1] 5578 document that -g will only work in the multiplexed case if applied to 5579 the mux master 5580 5581commit ef9f13ba4c58057b2166d1f2e790535da402fbe5 5582Author: Damien Miller <djm@mindrot.org> 5583Date: Thu Jul 3 21:26:21 2014 +1000 5584 5585 - djm@cvs.openbsd.org 2014/07/03 05:32:36 5586 [ssh_config.5] 5587 mention '%%' escape sequence in HostName directives and how it may 5588 be used to specify IPv6 link-local addresses 5589 5590commit e6a407789e5432dd2e53336fb73476cc69048c54 5591Author: Damien Miller <djm@mindrot.org> 5592Date: Thu Jul 3 21:25:03 2014 +1000 5593 5594 - djm@cvs.openbsd.org 2014/07/03 04:36:45 5595 [digest.h] 5596 forward-declare struct sshbuf so consumers don't need to include sshbuf.h 5597 5598commit 4a1d3d50f02d0a8a4ef95ea4749293cbfb89f919 5599Author: Damien Miller <djm@mindrot.org> 5600Date: Thu Jul 3 21:24:40 2014 +1000 5601 5602 - djm@cvs.openbsd.org 2014/07/03 03:47:27 5603 [ssh-keygen.c] 5604 When hashing or removing hosts using ssh-keygen, don't choke on 5605 @revoked markers and don't remove @cert-authority markers; 5606 bz#2241, reported by mlindgren AT runelind.net 5607 5608commit e5c0d52ceb575c3db8c313e0b1aa3845943d7ba8 5609Author: Damien Miller <djm@mindrot.org> 5610Date: Thu Jul 3 21:24:19 2014 +1000 5611 5612 - djm@cvs.openbsd.org 2014/07/03 03:34:09 5613 [gss-serv.c session.c ssh-keygen.c] 5614 standardise on NI_MAXHOST for gethostname() string lengths; about 5615 1/2 the cases were using it already. Fixes bz#2239 en passant 5616 5617commit c174a3b7c14e0d178c61219de2aa1110e209950c 5618Author: Damien Miller <djm@mindrot.org> 5619Date: Thu Jul 3 21:23:24 2014 +1000 5620 5621 - djm@cvs.openbsd.org 2014/07/03 03:26:43 5622 [digest-openssl.c] 5623 use EVP_Digest() for one-shot hash instead of creating, updating, 5624 finalising and destroying a context. 5625 bz#2231, based on patch from Timo Teras 5626 5627commit d7ca2cd31ecc4d63a055e2dcc4bf35c13f2db4c5 5628Author: Damien Miller <djm@mindrot.org> 5629Date: Thu Jul 3 21:23:01 2014 +1000 5630 5631 - djm@cvs.openbsd.org 2014/07/03 03:15:01 5632 [ssh-add.c] 5633 make stdout line-buffered; saves partial output getting lost when 5634 ssh-add fatal()s part-way through (e.g. when listing keys from an 5635 agent that supports key types that ssh-add doesn't); 5636 bz#2234, reported by Phil Pennock 5637 5638commit b1e967c8d7c7578dd0c172d85b3046cf54ea42ba 5639Author: Damien Miller <djm@mindrot.org> 5640Date: Thu Jul 3 21:22:40 2014 +1000 5641 5642 - djm@cvs.openbsd.org 2014/07/03 03:11:03 5643 [ssh-agent.c] 5644 Only cleanup agent socket in the main agent process and not in any 5645 subprocesses it may have started (e.g. forked askpass). Fixes 5646 agent sockets being zapped when askpass processes fatal(); 5647 bz#2236 patch from Dmitry V. Levin 5648 5649commit 61e28e55c3438d796b02ef878bcd28620d452670 5650Author: Damien Miller <djm@mindrot.org> 5651Date: Thu Jul 3 21:22:22 2014 +1000 5652 5653 - djm@cvs.openbsd.org 2014/07/03 01:45:38 5654 [sshkey.c] 5655 make Ed25519 keys' title fit properly in the randomart border; bz#2247 5656 based on patch from Christian Hesse 5657 5658commit 9eb4cd9a32c32d40d36450b68ed93badc6a94c68 5659Author: Damien Miller <djm@mindrot.org> 5660Date: Thu Jul 3 13:29:50 2014 +1000 5661 5662 - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist; 5663 bz#2237 5664 5665commit 8da0fa24934501909408327298097b1629b89eaa 5666Author: Damien Miller <djm@mindrot.org> 5667Date: Thu Jul 3 11:54:19 2014 +1000 5668 5669 - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto 5670 doesn't support it. 5671 5672commit 81309c857dd0dbc0a1245a16d621c490ad48cfbb 5673Author: Damien Miller <djm@mindrot.org> 5674Date: Wed Jul 2 17:45:55 2014 +1000 5675 5676 - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test 5677 5678commit 82b2482ce68654815ee049b9bf021bb362a35ff2 5679Author: Damien Miller <djm@mindrot.org> 5680Date: Wed Jul 2 17:43:41 2014 +1000 5681 5682 - (djm) [sshkey.c] Conditionalise inclusion of util.h 5683 5684commit dd8b1dd7933eb6f5652641b0cdced34a387f2e80 5685Author: Damien Miller <djm@mindrot.org> 5686Date: Wed Jul 2 17:38:31 2014 +1000 5687 5688 - djm@cvs.openbsd.org 2014/06/24 01:14:17 5689 [Makefile.in regress/Makefile regress/unittests/Makefile] 5690 [regress/unittests/sshkey/Makefile] 5691 [regress/unittests/sshkey/common.c] 5692 [regress/unittests/sshkey/common.h] 5693 [regress/unittests/sshkey/mktestdata.sh] 5694 [regress/unittests/sshkey/test_file.c] 5695 [regress/unittests/sshkey/test_fuzz.c] 5696 [regress/unittests/sshkey/test_sshkey.c] 5697 [regress/unittests/sshkey/tests.c] 5698 [regress/unittests/sshkey/testdata/dsa_1] 5699 [regress/unittests/sshkey/testdata/dsa_1-cert.fp] 5700 [regress/unittests/sshkey/testdata/dsa_1-cert.pub] 5701 [regress/unittests/sshkey/testdata/dsa_1.fp] 5702 [regress/unittests/sshkey/testdata/dsa_1.fp.bb] 5703 [regress/unittests/sshkey/testdata/dsa_1.param.g] 5704 [regress/unittests/sshkey/testdata/dsa_1.param.priv] 5705 [regress/unittests/sshkey/testdata/dsa_1.param.pub] 5706 [regress/unittests/sshkey/testdata/dsa_1.pub] 5707 [regress/unittests/sshkey/testdata/dsa_1_pw] 5708 [regress/unittests/sshkey/testdata/dsa_2] 5709 [regress/unittests/sshkey/testdata/dsa_2.fp] 5710 [regress/unittests/sshkey/testdata/dsa_2.fp.bb] 5711 [regress/unittests/sshkey/testdata/dsa_2.pub] 5712 [regress/unittests/sshkey/testdata/dsa_n] 5713 [regress/unittests/sshkey/testdata/dsa_n_pw] 5714 [regress/unittests/sshkey/testdata/ecdsa_1] 5715 [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp] 5716 [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub] 5717 [regress/unittests/sshkey/testdata/ecdsa_1.fp] 5718 [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb] 5719 [regress/unittests/sshkey/testdata/ecdsa_1.param.curve] 5720 [regress/unittests/sshkey/testdata/ecdsa_1.param.priv] 5721 [regress/unittests/sshkey/testdata/ecdsa_1.param.pub] 5722 [regress/unittests/sshkey/testdata/ecdsa_1.pub] 5723 [regress/unittests/sshkey/testdata/ecdsa_1_pw] 5724 [regress/unittests/sshkey/testdata/ecdsa_2] 5725 [regress/unittests/sshkey/testdata/ecdsa_2.fp] 5726 [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb] 5727 [regress/unittests/sshkey/testdata/ecdsa_2.param.curve] 5728 [regress/unittests/sshkey/testdata/ecdsa_2.param.priv] 5729 [regress/unittests/sshkey/testdata/ecdsa_2.param.pub] 5730 [regress/unittests/sshkey/testdata/ecdsa_2.pub] 5731 [regress/unittests/sshkey/testdata/ecdsa_n] 5732 [regress/unittests/sshkey/testdata/ecdsa_n_pw] 5733 [regress/unittests/sshkey/testdata/ed25519_1] 5734 [regress/unittests/sshkey/testdata/ed25519_1-cert.fp] 5735 [regress/unittests/sshkey/testdata/ed25519_1-cert.pub] 5736 [regress/unittests/sshkey/testdata/ed25519_1.fp] 5737 [regress/unittests/sshkey/testdata/ed25519_1.fp.bb] 5738 [regress/unittests/sshkey/testdata/ed25519_1.pub] 5739 [regress/unittests/sshkey/testdata/ed25519_1_pw] 5740 [regress/unittests/sshkey/testdata/ed25519_2] 5741 [regress/unittests/sshkey/testdata/ed25519_2.fp] 5742 [regress/unittests/sshkey/testdata/ed25519_2.fp.bb] 5743 [regress/unittests/sshkey/testdata/ed25519_2.pub] 5744 [regress/unittests/sshkey/testdata/pw] 5745 [regress/unittests/sshkey/testdata/rsa1_1] 5746 [regress/unittests/sshkey/testdata/rsa1_1.fp] 5747 [regress/unittests/sshkey/testdata/rsa1_1.fp.bb] 5748 [regress/unittests/sshkey/testdata/rsa1_1.param.n] 5749 [regress/unittests/sshkey/testdata/rsa1_1.pub] 5750 [regress/unittests/sshkey/testdata/rsa1_1_pw] 5751 [regress/unittests/sshkey/testdata/rsa1_2] 5752 [regress/unittests/sshkey/testdata/rsa1_2.fp] 5753 [regress/unittests/sshkey/testdata/rsa1_2.fp.bb] 5754 [regress/unittests/sshkey/testdata/rsa1_2.param.n] 5755 [regress/unittests/sshkey/testdata/rsa1_2.pub] 5756 [regress/unittests/sshkey/testdata/rsa_1] 5757 [regress/unittests/sshkey/testdata/rsa_1-cert.fp] 5758 [regress/unittests/sshkey/testdata/rsa_1-cert.pub] 5759 [regress/unittests/sshkey/testdata/rsa_1.fp] 5760 [regress/unittests/sshkey/testdata/rsa_1.fp.bb] 5761 [regress/unittests/sshkey/testdata/rsa_1.param.n] 5762 [regress/unittests/sshkey/testdata/rsa_1.param.p] 5763 [regress/unittests/sshkey/testdata/rsa_1.param.q] 5764 [regress/unittests/sshkey/testdata/rsa_1.pub] 5765 [regress/unittests/sshkey/testdata/rsa_1_pw] 5766 [regress/unittests/sshkey/testdata/rsa_2] 5767 [regress/unittests/sshkey/testdata/rsa_2.fp] 5768 [regress/unittests/sshkey/testdata/rsa_2.fp.bb] 5769 [regress/unittests/sshkey/testdata/rsa_2.param.n] 5770 [regress/unittests/sshkey/testdata/rsa_2.param.p] 5771 [regress/unittests/sshkey/testdata/rsa_2.param.q] 5772 [regress/unittests/sshkey/testdata/rsa_2.pub] 5773 [regress/unittests/sshkey/testdata/rsa_n] 5774 [regress/unittests/sshkey/testdata/rsa_n_pw] 5775 unit and fuzz tests for new key API 5776 5777commit c1dc24b71f087f385b92652b9673f52af64e0428 5778Author: Damien Miller <djm@mindrot.org> 5779Date: Wed Jul 2 17:02:03 2014 +1000 5780 5781 - djm@cvs.openbsd.org 2014/06/24 01:04:43 5782 [regress/krl.sh] 5783 regress test for broken consecutive revoked serial number ranges 5784 5785commit 43d3ed2dd3feca6d0326c7dc82588d2faa115e92 5786Author: Damien Miller <djm@mindrot.org> 5787Date: Wed Jul 2 17:01:08 2014 +1000 5788 5789 - djm@cvs.openbsd.org 2014/05/21 07:04:21 5790 [regress/integrity.sh] 5791 when failing because of unexpected output, show the offending output 5792 5793commit 5a96707ffc8d227c2e7d94fa6b0317f8a152cf4e 5794Author: Damien Miller <djm@mindrot.org> 5795Date: Wed Jul 2 15:38:05 2014 +1000 5796 5797 - djm@cvs.openbsd.org 2014/04/30 05:32:00 5798 [regress/Makefile] 5799 unit tests for new buffer API; including basic fuzz testing 5800 NB. Id sync only. 5801 5802commit 3ff92ba756aee48e4ae3e0aeff7293517b3dd185 5803Author: Damien Miller <djm@mindrot.org> 5804Date: Wed Jul 2 15:33:09 2014 +1000 5805 5806 - djm@cvs.openbsd.org 2014/06/30 12:54:39 5807 [key.c] 5808 suppress spurious error message when loading key with a passphrase; 5809 reported by kettenis@ ok markus@ 5810 - djm@cvs.openbsd.org 2014/07/02 04:59:06 5811 [cipher-3des1.c] 5812 fix ssh protocol 1 on the server that regressed with the sshkey change 5813 (sometimes fatal() after auth completed), make file return useful status 5814 codes. 5815 NB. Id sync only for these two. They were bundled into the sshkey merge 5816 above, since it was easier to sync the entire file and then apply 5817 portable-specific changed atop it. 5818 5819commit ec3d0e24a1e46873d80507f5cd8ee6d0d03ac5dc 5820Author: Damien Miller <djm@mindrot.org> 5821Date: Wed Jul 2 15:30:00 2014 +1000 5822 5823 - markus@cvs.openbsd.org 2014/06/27 18:50:39 5824 [ssh-add.c] 5825 fix loading of private keys 5826 5827commit 4b3ed647d5b328cf68e6a8ffbee490d8e0683e82 5828Author: Damien Miller <djm@mindrot.org> 5829Date: Wed Jul 2 15:29:40 2014 +1000 5830 5831 - markus@cvs.openbsd.org 2014/06/27 16:41:56 5832 [channels.c channels.h clientloop.c ssh.c] 5833 fix remote fwding with same listen port but different listen address 5834 with gerhard@, ok djm@ 5835 5836commit 9e01ff28664921ce9b6500681333e42fb133b4d0 5837Author: Damien Miller <djm@mindrot.org> 5838Date: Wed Jul 2 15:29:21 2014 +1000 5839 5840 - deraadt@cvs.openbsd.org 2014/06/25 14:16:09 5841 [sshbuf.c] 5842 unblock SIGSEGV before raising it 5843 ok djm 5844 5845commit 1845fe6bda0729e52f4c645137f4fc3070b5438a 5846Author: Damien Miller <djm@mindrot.org> 5847Date: Wed Jul 2 15:29:01 2014 +1000 5848 5849 - djm@cvs.openbsd.org 2014/06/24 02:21:01 5850 [scp.c] 5851 when copying local->remote fails during read, don't send uninitialised 5852 heap to the remote end. Reported by Jann Horn 5853 5854commit 19439e9a2a0ac0b4b3b1210e89695418beb1c883 5855Author: Damien Miller <djm@mindrot.org> 5856Date: Wed Jul 2 15:28:40 2014 +1000 5857 5858 - djm@cvs.openbsd.org 2014/06/24 02:19:48 5859 [ssh.c] 5860 don't fatal() when hostname canonicalisation fails with a 5861 ProxyCommand in use; continue and allow the ProxyCommand to 5862 connect anyway (e.g. to a host with a name outside the DNS 5863 behind a bastion) 5864 5865commit 8668706d0f52654fe64c0ca41a96113aeab8d2b8 5866Author: Damien Miller <djm@mindrot.org> 5867Date: Wed Jul 2 15:28:02 2014 +1000 5868 5869 - djm@cvs.openbsd.org 2014/06/24 01:13:21 5870 [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c 5871 [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c 5872 [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h 5873 [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h 5874 [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h 5875 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c 5876 [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c 5877 [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c 5878 [sshconnect2.c sshd.c sshkey.c sshkey.h 5879 [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] 5880 New key API: refactor key-related functions to be more library-like, 5881 existing API is offered as a set of wrappers. 5882 5883 with and ok markus@ 5884 5885 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew 5886 Dempsky and Ron Bowes for a detailed review a few months ago. 5887 5888 NB. This commit also removes portable OpenSSH support for OpenSSL 5889 <0.9.8e. 5890 5891commit 2cd7929250cf9e9f658d70dcd452f529ba08c942 5892Author: Damien Miller <djm@mindrot.org> 5893Date: Wed Jul 2 12:48:30 2014 +1000 5894 5895 - djm@cvs.openbsd.org 2014/06/24 00:52:02 5896 [krl.c] 5897 fix bug in KRL generation: multiple consecutive revoked certificate 5898 serial number ranges could be serialised to an invalid format. 5899 5900 Readers of a broken KRL caused by this bug will fail closed, so no 5901 should-have-been-revoked key will be accepted. 5902 5903commit 99db840ee8dbbd2b3fbc6c45d0ee2f6a65e96898 5904Author: Damien Miller <djm@mindrot.org> 5905Date: Wed Jul 2 12:48:04 2014 +1000 5906 5907 - naddy@cvs.openbsd.org 2014/06/18 15:42:09 5908 [sshbuf-getput-crypto.c] 5909 The ssh_get_bignum functions must accept the same range of bignums 5910 the corresponding ssh_put_bignum functions create. This fixes the 5911 use of 16384-bit RSA keys (bug reported by Eivind Evensen). 5912 ok djm@ 5913 5914commit 84a89161a9629239b64171ef3e22ef6a3e462d51 5915Author: Damien Miller <djm@mindrot.org> 5916Date: Wed Jul 2 12:47:48 2014 +1000 5917 5918 - matthew@cvs.openbsd.org 2014/06/18 02:59:13 5919 [sandbox-systrace.c] 5920 Now that we have a dedicated getentropy(2) system call for 5921 arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace 5922 sandbox. 5923 5924 ok djm 5925 5926commit 51504ceec627c0ad57b9f75585c7b3d277f326be 5927Author: Damien Miller <djm@mindrot.org> 5928Date: Wed Jul 2 12:47:25 2014 +1000 5929 5930 - deraadt@cvs.openbsd.org 2014/06/13 08:26:29 5931 [sandbox-systrace.c] 5932 permit SYS_getentropy 5933 from matthew 5934 5935commit a261b8df59117f7dc52abb3a34b35a40c2c9fa88 5936Author: Tim Rice <tim@multitalents.net> 5937Date: Wed Jun 18 16:17:28 2014 -0700 5938 5939 - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare 5940 5941commit 316fac6f18f87262a315c79bcf68b9f92c9337e4 5942Author: Darren Tucker <dtucker@zip.com.au> 5943Date: Tue Jun 17 23:06:07 2014 +1000 5944 5945 - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h} 5946 openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}] 5947 Move the OpenSSL header/library version test into its own function and add 5948 tests for it. Fix it to allow fix version upgrades (but not downgrades). 5949 Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150). 5950 ok djm@ chl@ 5951 5952commit af665bb7b092a59104db1e65577851cf35b86e32 5953Author: Darren Tucker <dtucker@zip.com.au> 5954Date: Mon Jun 16 22:50:55 2014 +1000 5955 5956 - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR. From rak at debian via 5957 OpenSMTPD and chl@ 5958 5959commit f9696566fb41320820f3b257ab564fa321bb3751 5960Author: Darren Tucker <dtucker@zip.com.au> 5961Date: Fri Jun 13 11:06:04 2014 +1000 5962 5963 - (dtucker) [configure.ac] Remove tcpwrappers support, support has already 5964 been removed from sshd.c. 5965 5966commit 5e2b8894b0b24af4ad0a2f7aa33ebf255df7a8bc 5967Author: Tim Rice <tim@multitalents.net> 5968Date: Wed Jun 11 18:31:10 2014 -0700 5969 5970 - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for 5971 u_intXX_t types. 5972 5973commit 985ee2cbc3e43bc65827c3c0d4df3faa99160c37 5974Author: Darren Tucker <dtucker@zip.com.au> 5975Date: Thu Jun 12 05:32:29 2014 +1000 5976 5977 - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*] 5978 Wrap stdlib.h include an ifdef for platforms that don't have it. 5979 5980commit cf5392c2db2bb1dbef9818511d34056404436109 5981Author: Darren Tucker <dtucker@zip.com.au> 5982Date: Thu Jun 12 05:22:49 2014 +1000 5983 5984 - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from 5985 openbsd-compat/bsd-asprintf.c. 5986 5987commit 58538d795e0b662f2f4e5a7193f1204bbe992ddd 5988Author: Darren Tucker <dtucker@zip.com.au> 5989Date: Wed Jun 11 13:39:24 2014 +1000 5990 5991 - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for 5992 compat stuff, specifically whether or not OpenSSL has ECC. 5993 5994commit eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08 5995Author: Darren Tucker <dtucker@zip.com.au> 5996Date: Wed Jun 11 13:10:00 2014 +1000 5997 5998 - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an 5999 assigment that might get optimized out. ok djm@ 6000 6001commit b9609fd86c623d6d440e630f5f9a63295f7aea20 6002Author: Darren Tucker <dtucker@zip.com.au> 6003Date: Wed Jun 11 08:04:02 2014 +1000 6004 6005 - (dtucker) [sshbuf.h] Only declare ECC functions if building without 6006 OpenSSL or if OpenSSL has ECC. 6007 6008commit a54a040f66944c6e8913df8635a01a2327219be9 6009Author: Darren Tucker <dtucker@zip.com.au> 6010Date: Wed Jun 11 07:58:35 2014 +1000 6011 6012 - dtucker@cvs.openbsd.org 2014/06/10 21:46:11 6013 [sshbuf.h] 6014 Group ECC functions together to make things a little easier in -portable. 6015 "doesn't bother me" deraadt@ 6016 6017commit 9f92c53bad04a89067756be8198d4ec2d8a08875 6018Author: Darren Tucker <dtucker@zip.com.au> 6019Date: Wed Jun 11 07:57:58 2014 +1000 6020 6021 - djm@cvs.openbsd.org 2014/06/05 22:17:50 6022 [sshconnect2.c] 6023 fix inverted test that caused PKCS#11 keys that were explicitly listed 6024 not to be preferred. Reported by Dirk-Willem van Gulik 6025 6026commit 15c254a25394f96643da2ad0f674acdc51e89856 6027Author: Darren Tucker <dtucker@zip.com.au> 6028Date: Wed Jun 11 07:38:49 2014 +1000 6029 6030 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef 6031 ECC variable too. 6032 6033commit d7af0cc5bf273eeed0897a99420bc26841d07d8f 6034Author: Darren Tucker <dtucker@zip.com.au> 6035Date: Wed Jun 11 07:37:25 2014 +1000 6036 6037 - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in 6038 the proposal if the version of OpenSSL we're using doesn't support ECC. 6039 6040commit 67508ac2563c33d582be181a3e777c65f549d22f 6041Author: Darren Tucker <dtucker@zip.com.au> 6042Date: Wed Jun 11 06:27:16 2014 +1000 6043 6044 - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c 6045 regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256 6046 curve tests if OpenSSL has them. 6047 6048commit 6482d90a65459a88c18c925368525855832272b3 6049Author: Damien Miller <djm@mindrot.org> 6050Date: Tue May 27 14:34:42 2014 +1000 6051 6052 - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c] 6053 [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege 6054 separation user at runtime, since it may need to be a domain account. 6055 Patch from Corinna Vinschen. 6056 6057commit f9eb5e0734f7a7f6e975809eb54684d2a06a7ffc 6058Author: Damien Miller <djm@mindrot.org> 6059Date: Tue May 27 14:31:58 2014 +1000 6060 6061 - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config 6062 from Corinna Vinschen, fixing a number of bugs and preparing for 6063 Cygwin 1.7.30. 6064 6065commit eae88744662e6b149f43ef071657727f1a157d95 6066Author: Damien Miller <djm@mindrot.org> 6067Date: Tue May 27 14:27:02 2014 +1000 6068 6069 - (djm) [cipher.c] Fix merge botch. 6070 6071commit 564b5e253c1d95c26a00e8288f0089a2571661c3 6072Author: Damien Miller <djm@mindrot.org> 6073Date: Thu May 22 08:23:59 2014 +1000 6074 6075 - (djm) [Makefile.in] typo in path 6076 6077commit e84d10302aeaf7a1acb05c451f8718143656856a 6078Author: Damien Miller <djm@mindrot.org> 6079Date: Wed May 21 17:13:36 2014 +1000 6080 6081 revert a diff I didn't mean to commit 6082 6083commit 795b86313f1f1aab9691666c4f2d5dae6e4acd50 6084Author: Damien Miller <djm@mindrot.org> 6085Date: Wed May 21 17:12:53 2014 +1000 6086 6087 - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC 6088 when it is available. It takes into account time spent suspended, 6089 thereby ensuring timeouts (e.g. for expiring agent keys) fire 6090 correctly. bz#2228 reported by John Haxby 6091 6092commit 18912775cb97c0b1e75e838d3c7d4b56648137b5 6093Author: Damien Miller <djm@mindrot.org> 6094Date: Wed May 21 17:06:46 2014 +1000 6095 6096 - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use 6097 vhangup on Linux. It doens't work for non-root users, and for them 6098 it just messes up the tty settings. 6099 6100commit 7f1c264d3049cd95234e91970ccb5406e1d15b27 6101Author: Damien Miller <djm@mindrot.org> 6102Date: Thu May 15 18:01:52 2014 +1000 6103 6104 - (djm) [sshbuf.c] need __predict_false 6105 6106commit e7429f2be8643e1100380a8a7389d85cc286c8fe 6107Author: Damien Miller <djm@mindrot.org> 6108Date: Thu May 15 18:01:01 2014 +1000 6109 6110 - (djm) [regress/Makefile Makefile.in] 6111 [regress/unittests/sshbuf/test_sshbuf.c 6112 [regress/unittests/sshbuf/test_sshbuf_fixed.c] 6113 [regress/unittests/sshbuf/test_sshbuf_fuzz.c] 6114 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] 6115 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] 6116 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] 6117 [regress/unittests/sshbuf/test_sshbuf_misc.c] 6118 [regress/unittests/sshbuf/tests.c] 6119 [regress/unittests/test_helper/fuzz.c] 6120 [regress/unittests/test_helper/test_helper.c] 6121 Hook new unit tests into the build and "make tests" 6122 6123commit def1de086707b0e6b046fe7e115c60aca0227a99 6124Author: Damien Miller <djm@mindrot.org> 6125Date: Thu May 15 15:17:15 2014 +1000 6126 6127 - (djm) [regress/unittests/Makefile] 6128 [regress/unittests/Makefile.inc] 6129 [regress/unittests/sshbuf/Makefile] 6130 [regress/unittests/sshbuf/test_sshbuf.c] 6131 [regress/unittests/sshbuf/test_sshbuf_fixed.c] 6132 [regress/unittests/sshbuf/test_sshbuf_fuzz.c] 6133 [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] 6134 [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] 6135 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] 6136 [regress/unittests/sshbuf/test_sshbuf_misc.c] 6137 [regress/unittests/sshbuf/tests.c] 6138 [regress/unittests/test_helper/Makefile] 6139 [regress/unittests/test_helper/fuzz.c] 6140 [regress/unittests/test_helper/test_helper.c] 6141 [regress/unittests/test_helper/test_helper.h] 6142 Import new unit tests from OpenBSD; not yet hooked up to build. 6143 6144commit 167685756fde8bc213a8df2c8e1848e312db0f46 6145Author: Damien Miller <djm@mindrot.org> 6146Date: Thu May 15 15:08:40 2014 +1000 6147 6148 - logan@cvs.openbsd.org 2014/05/04 10:40:59 6149 [connect-privsep.sh] 6150 Remove the Z flag from the list of malloc options as it 6151 was removed from malloc.c 10 days ago. 6152 6153 OK from miod@ 6154 6155commit d0b69fe90466920d69c96069312e24b581771bd7 6156Author: Damien Miller <djm@mindrot.org> 6157Date: Thu May 15 15:08:19 2014 +1000 6158 6159 - dtucker@cvs.openbsd.org 2014/05/03 18:46:14 6160 [proxy-connect.sh] 6161 Add tests for with and without compression, with and without privsep. 6162 6163commit edb1af50441d19fb2dd9ccb4d75bf14473fca584 6164Author: Damien Miller <djm@mindrot.org> 6165Date: Thu May 15 15:07:53 2014 +1000 6166 6167 - djm@cvs.openbsd.org 2014/04/21 22:15:37 6168 [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh] 6169 repair regress tests broken by server-side default cipher/kex/mac changes 6170 by ensuring that the option under test is included in the server's 6171 algorithm list 6172 6173commit 54343e95c70994695f8842fb22836321350198d3 6174Author: Damien Miller <djm@mindrot.org> 6175Date: Thu May 15 15:07:33 2014 +1000 6176 6177 - djm@cvs.openbsd.org 2014/03/13 20:44:49 6178 [login-timeout.sh] 6179 this test is a sorry mess of race conditions; add another sleep 6180 to avoid a failure on slow machines (at least until I find a 6181 better way) 6182 6183commit e5b9f0f2ee6e133894307e44e862b66426990733 6184Author: Damien Miller <djm@mindrot.org> 6185Date: Thu May 15 14:58:07 2014 +1000 6186 6187 - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c] 6188 [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes 6189 6190commit b9c566788a9ebd6a9d466f47a532124f111f0542 6191Author: Damien Miller <djm@mindrot.org> 6192Date: Thu May 15 14:43:37 2014 +1000 6193 6194 - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write 6195 portability glue to support building without libcrypto 6196 6197commit 3dc27178b42234b653a32f7a87292d7994045ee3 6198Author: Damien Miller <djm@mindrot.org> 6199Date: Thu May 15 14:37:59 2014 +1000 6200 6201 - logan@cvs.openbsd.org 2014/05/05 07:02:30 6202 [sftp.c] 6203 Zap extra whitespace. 6204 6205 OK from djm@ and dtucker@ 6206 6207commit c31a0cd5b31961f01c5b731f62a6cb9d4f767472 6208Author: Damien Miller <djm@mindrot.org> 6209Date: Thu May 15 14:37:39 2014 +1000 6210 6211 - markus@cvs.openbsd.org 2014/05/03 17:20:34 6212 [monitor.c packet.c packet.h] 6213 unbreak compression, by re-init-ing the compression code in the 6214 post-auth child. the new buffer code is more strict, and requires 6215 buffer_init() while the old code was happy after a bzero(); 6216 originally from djm@ 6217 6218commit 686c7d9ee6f44b2be4128d7860b6b37adaeba733 6219Author: Damien Miller <djm@mindrot.org> 6220Date: Thu May 15 14:37:03 2014 +1000 6221 6222 - djm@cvs.openbsd.org 2014/05/02 03:27:54 6223 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c] 6224 [misc.h poly1305.h ssh-pkcs11.c defines.h] 6225 revert __bounded change; it causes way more problems for portable than 6226 it solves; pointed out by dtucker@ 6227 6228commit 294c58a007cfb2f3bddc4fc3217e255857ffb9bf 6229Author: Damien Miller <djm@mindrot.org> 6230Date: Thu May 15 14:35:03 2014 +1000 6231 6232 - naddy@cvs.openbsd.org 2014/04/30 19:07:48 6233 [mac.c myproposal.h umac.c] 6234 UMAC can use our local fallback implementation of AES when OpenSSL isn't 6235 available. Glue code straight from Ted Krovetz's original umac.c. 6236 ok markus@ 6237 6238commit 05e82c3b963c33048128baf72a6f6b3a1c10b4c1 6239Author: Damien Miller <djm@mindrot.org> 6240Date: Thu May 15 14:33:43 2014 +1000 6241 6242 - djm@cvs.openbsd.org 2014/04/30 05:29:56 6243 [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c] 6244 [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c] 6245 [ssherr.h] 6246 New buffer API; the first installment of the conversion/replacement 6247 of OpenSSH's internals to make them usable as a standalone library. 6248 6249 This includes a set of wrappers to make it compatible with the 6250 existing buffer API so replacement can occur incrementally. 6251 6252 With and ok markus@ 6253 6254 Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew 6255 Dempsky and Ron Bowes for a detailed review. 6256 6257commit 380948180f847a26f2d0c85b4dad3dca2ed2fd8b 6258Author: Damien Miller <djm@mindrot.org> 6259Date: Thu May 15 14:25:18 2014 +1000 6260 6261 - dtucker@cvs.openbsd.org 2014/04/29 20:36:51 6262 [sftp.c] 6263 Don't attempt to append a nul quote char to the filename. Should prevent 6264 fatal'ing with "el_insertstr failed" when there's a single quote char 6265 somewhere in the string. bz#2238, ok markus@ 6266 6267commit d7fd8bedd4619a2ec7fd02aae4c4e1db4431ad9f 6268Author: Damien Miller <djm@mindrot.org> 6269Date: Thu May 15 14:24:59 2014 +1000 6270 6271 - dtucker@cvs.openbsd.org 2014/04/29 19:58:50 6272 [sftp.c] 6273 Move nulling of variable next to where it's freed. ok markus@ 6274 6275commit 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14 6276Author: Damien Miller <djm@mindrot.org> 6277Date: Thu May 15 14:24:09 2014 +1000 6278 6279 - markus@cvs.openbsd.org 2014/04/29 18:01:49 6280 [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c] 6281 [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c] 6282 [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] 6283 [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c] 6284 make compiling against OpenSSL optional (make OPENSSL=no); 6285 reduces algorithms to curve25519, aes-ctr, chacha, ed25519; 6286 allows us to explore further options; with and ok djm 6287 6288commit c5893785564498cea73cb60d2cf199490483e080 6289Author: Damien Miller <djm@mindrot.org> 6290Date: Thu May 15 13:48:49 2014 +1000 6291 6292 - djm@cvs.openbsd.org 2014/04/29 13:10:30 6293 [clientloop.c serverloop.c] 6294 bz#1818 - don't send channel success/failre replies on channels that 6295 have sent a close already; analysis and patch from Simon Tatham; 6296 ok markus@ 6297 6298commit 633de33b192d808d87537834c316dc8b75fe1880 6299Author: Damien Miller <djm@mindrot.org> 6300Date: Thu May 15 13:48:26 2014 +1000 6301 6302 - djm@cvs.openbsd.org 2014/04/28 03:09:18 6303 [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h] 6304 [ssh-keygen.c] 6305 buffer_get_string_ptr's return should be const to remind 6306 callers that futzing with it will futz with the actual buffer 6307 contents 6308 6309commit 15271907843e4ae50dcfc83b3594014cf5e9607b 6310Author: Damien Miller <djm@mindrot.org> 6311Date: Thu May 15 13:47:56 2014 +1000 6312 6313 - djm@cvs.openbsd.org 2014/04/23 12:42:34 6314 [readconf.c] 6315 don't record duplicate IdentityFiles 6316 6317commit 798a02568b13a2e46efebd81f08c8f4bb33a6dc7 6318Author: Damien Miller <djm@mindrot.org> 6319Date: Thu May 15 13:47:37 2014 +1000 6320 6321 - jmc@cvs.openbsd.org 2014/04/22 14:16:30 6322 [sftp.1] 6323 zap eol whitespace; 6324 6325commit d875ff78d2b8436807381051de112f0ebf9b9ae1 6326Author: Damien Miller <djm@mindrot.org> 6327Date: Thu May 15 13:47:15 2014 +1000 6328 6329 - logan@cvs.openbsd.org 2014/04/22 12:42:04 6330 [sftp.1] 6331 Document sftp upload resume. 6332 OK from djm@, with feedback from okan@. 6333 6334commit b15cd7bb097fd80dc99520f45290ef775da1ef19 6335Author: Damien Miller <djm@mindrot.org> 6336Date: Thu May 15 13:46:52 2014 +1000 6337 6338 - logan@cvs.openbsd.org 2014/04/22 10:07:12 6339 [sftp.c] 6340 Sort the sftp command list. 6341 OK from djm@ 6342 6343commit d8accc0aa72656ba63d50937165c5ae49db1dcd6 6344Author: Damien Miller <djm@mindrot.org> 6345Date: Thu May 15 13:46:25 2014 +1000 6346 6347 - logan@cvs.openbsd.org 2014/04/21 14:36:16 6348 [sftp-client.c sftp-client.h sftp.c] 6349 Implement sftp upload resume support. 6350 OK from djm@, with input from guenther@, mlarkin@ and 6351 okan@ 6352 6353commit 16cd3928a87d20c77b13592a74b60b08621d3ce6 6354Author: Damien Miller <djm@mindrot.org> 6355Date: Thu May 15 13:45:58 2014 +1000 6356 6357 - logan@cvs.openbsd.org 2014/04/20 09:24:26 6358 [dns.c dns.h ssh-keygen.c] 6359 Add support for SSHFP DNS records for ED25519 key types. 6360 OK from djm@ 6361 6362commit ec0b67eb3b4e12f296ced1fafa01860c374f7eea 6363Author: Damien Miller <djm@mindrot.org> 6364Date: Thu May 15 13:45:26 2014 +1000 6365 6366 - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine 6367 OpenBSD 6368 6369commit f028460d0b2e5a584355321015cde69bf6fd933e 6370Author: Darren Tucker <dtucker@zip.com.au> 6371Date: Thu May 1 02:24:35 2014 +1000 6372 6373 - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already 6374 have it. Only attempt to use __attribute__(__bounded__) for gcc. 6375 6376commit b628cc4c3e4a842bab5e4584d18c2bc5fa4d0edf 6377Author: Damien Miller <djm@mindrot.org> 6378Date: Sun Apr 20 13:33:58 2014 +1000 6379 6380 - djm@cvs.openbsd.org 2014/04/20 02:49:32 6381 [compat.c] 6382 add a canonical 6.6 + curve25519 bignum fix fake version that I can 6383 recommend people use ahead of the openssh-6.7 release 6384 6385commit 888566913933a802f3a329ace123ebcb7154cf78 6386Author: Damien Miller <djm@mindrot.org> 6387Date: Sun Apr 20 13:33:19 2014 +1000 6388 6389 - djm@cvs.openbsd.org 2014/04/20 02:30:25 6390 [misc.c misc.h umac.c] 6391 use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on 6392 strict-alignment architectures; reported by and ok stsp@ 6393 6394commit 16f85cbc7e5139950e6a38317e7c8b368beafa5d 6395Author: Damien Miller <djm@mindrot.org> 6396Date: Sun Apr 20 13:29:28 2014 +1000 6397 6398 - tedu@cvs.openbsd.org 2014/04/19 18:42:19 6399 [ssh.1] 6400 delete .xr to hosts.equiv. there's still an unfortunate amount of 6401 documentation referring to rhosts equivalency in here. 6402 6403commit 69cb24b7356ec3f0fc5ff04a68f98f2c55c766f4 6404Author: Damien Miller <djm@mindrot.org> 6405Date: Sun Apr 20 13:29:06 2014 +1000 6406 6407 - tedu@cvs.openbsd.org 2014/04/19 18:15:16 6408 [sshd.8] 6409 remove some really old rsh references 6410 6411commit 84c1e7bca8c4ceaccf4d5557e39a833585a3c77e 6412Author: Damien Miller <djm@mindrot.org> 6413Date: Sun Apr 20 13:27:53 2014 +1000 6414 6415 - tedu@cvs.openbsd.org 2014/04/19 14:53:48 6416 [ssh-keysign.c sshd.c] 6417 Delete futile calls to RAND_seed. ok djm 6418 NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon 6419 6420commit 0e6b67423b8662f9ca4c92750309e144fd637ef1 6421Author: Damien Miller <djm@mindrot.org> 6422Date: Sun Apr 20 13:27:01 2014 +1000 6423 6424 - djm@cvs.openbsd.org 2014/04/19 05:54:59 6425 [compat.c] 6426 missing wildcard; pointed out by naddy@ 6427 6428commit 9395b28223334826837c15e8c1bb4dfb3b0d2ca5 6429Author: Damien Miller <djm@mindrot.org> 6430Date: Sun Apr 20 13:25:30 2014 +1000 6431 6432 - djm@cvs.openbsd.org 2014/04/18 23:52:25 6433 [compat.c compat.h sshconnect2.c sshd.c version.h] 6434 OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections 6435 using the curve25519-sha256@libssh.org KEX exchange method to fail 6436 when connecting with something that implements the spec properly. 6437 6438 Disable this KEX method when speaking to one of the affected 6439 versions. 6440 6441 reported by Aris Adamantiadis; ok markus@ 6442 6443commit 8c492da58f8ceb85cf5f7066f23e26fb813a963d 6444Author: Damien Miller <djm@mindrot.org> 6445Date: Sun Apr 20 13:25:09 2014 +1000 6446 6447 - djm@cvs.openbsd.org 2014/04/16 23:28:12 6448 [ssh-agent.1] 6449 remove the identity files from this manpage - ssh-agent doesn't deal 6450 with them at all and the same information is duplicated in ssh-add.1 6451 (which does deal with them); prodded by deraadt@ 6452 6453commit adbfdbbdccc70c9bd70d81ae096db115445c6e26 6454Author: Damien Miller <djm@mindrot.org> 6455Date: Sun Apr 20 13:24:49 2014 +1000 6456 6457 - djm@cvs.openbsd.org 2014/04/16 23:22:45 6458 [bufaux.c] 6459 skip leading zero bytes in buffer_put_bignum2_from_string(); 6460 reported by jan AT mojzis.com; ok markus@ 6461 6462commit 75c62728dc87af6805696eeb520b9748faa136c8 6463Author: Damien Miller <djm@mindrot.org> 6464Date: Sun Apr 20 13:24:31 2014 +1000 6465 6466 - djm@cvs.openbsd.org 2014/04/12 04:55:53 6467 [sshd.c] 6468 avoid crash at exit: check that pmonitor!=NULL before dereferencing; 6469 bz#2225, patch from kavi AT juniper.net 6470 6471commit 2a328437fb1b0976f2f4522d8645803d5a5d0967 6472Author: Damien Miller <djm@mindrot.org> 6473Date: Sun Apr 20 13:24:01 2014 +1000 6474 6475 - djm@cvs.openbsd.org 2014/04/01 05:32:57 6476 [packet.c] 6477 demote a debug3 to PACKET_DEBUG; ok markus@ 6478 6479commit 7d6a9fb660c808882d064e152d6070ffc3844c3f 6480Author: Damien Miller <djm@mindrot.org> 6481Date: Sun Apr 20 13:23:43 2014 +1000 6482 6483 - djm@cvs.openbsd.org 2014/04/01 03:34:10 6484 [sshconnect.c] 6485 When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any 6486 certificate keys to plain keys and attempt SSHFP resolution. 6487 6488 Prevents a server from skipping SSHFP lookup and forcing a new-hostkey 6489 dialog by offering only certificate keys. 6490 6491 Reported by mcv21 AT cam.ac.uk 6492 6493commit fcd62c0b66b8415405ed0af29c236329eb88cc0f 6494Author: Damien Miller <djm@mindrot.org> 6495Date: Sun Apr 20 13:23:21 2014 +1000 6496 6497 - djm@cvs.openbsd.org 2014/04/01 02:05:27 6498 [ssh-keysign.c] 6499 include fingerprint of key not found 6500 use arc4random_buf() instead of loop+arc4random() 6501 6502commit 43b156cf72f900f88065b0a1c1ebd09ab733ca46 6503Author: Damien Miller <djm@mindrot.org> 6504Date: Sun Apr 20 13:23:03 2014 +1000 6505 6506 - jmc@cvs.openbsd.org 2014/03/31 13:39:34 6507 [ssh-keygen.1] 6508 the text for the -K option was inserted in the wrong place in -r1.108; 6509 fix From: Matthew Clarke 6510 6511commit c1621c84f2dc1279065ab9fde2aa9327af418900 6512Author: Damien Miller <djm@mindrot.org> 6513Date: Sun Apr 20 13:22:46 2014 +1000 6514 6515 - naddy@cvs.openbsd.org 2014/03/28 05:17:11 6516 [ssh_config.5 sshd_config.5] 6517 sync available and default algorithms, improve algorithm list formatting 6518 help from jmc@ and schwarze@, ok deraadt@ 6519 6520commit f2719b7c2b8a3b14d778d8a6d8dc729b5174b054 6521Author: Damien Miller <djm@mindrot.org> 6522Date: Sun Apr 20 13:22:18 2014 +1000 6523 6524 - tedu@cvs.openbsd.org 2014/03/26 19:58:37 6525 [sshd.8 sshd.c] 6526 remove libwrap support. ok deraadt djm mfriedl 6527 6528commit 4f40209aa4060b9c066a2f0d9332ace7b8dfb391 6529Author: Damien Miller <djm@mindrot.org> 6530Date: Sun Apr 20 13:21:22 2014 +1000 6531 6532 - djm@cvs.openbsd.org 2014/03/26 04:55:35 6533 [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c 6534 [misc.h poly1305.h ssh-pkcs11.c] 6535 use __bounded(...) attribute recently added to sys/cdefs.h instead of 6536 longform __attribute__(__bounded(...)); 6537 6538 for brevity and a warning free compilation with llvm/clang 6539 6540commit 9235a030ad1b16903fb495d81544e0f7c7449523 6541Author: Damien Miller <djm@mindrot.org> 6542Date: Sun Apr 20 13:17:20 2014 +1000 6543 6544 Three commits in one (since they touch the same heavily-diverged file 6545 repeatedly): 6546 6547 - markus@cvs.openbsd.org 2014/03/25 09:40:03 6548 [myproposal.h] 6549 trimm default proposals. 6550 6551 This commit removes the weaker pre-SHA2 hashes, the broken ciphers 6552 (arcfour), and the broken modes (CBC) from the default configuration 6553 (the patch only changes the default, all the modes are still available 6554 for the config files). 6555 6556 ok djm@, reminded by tedu@ & naddy@ and discussed with many 6557 - deraadt@cvs.openbsd.org 2014/03/26 17:16:26 6558 [myproposal.h] 6559 The current sharing of myproposal[] between both client and server code 6560 makes the previous diff highly unpallatable. We want to go in that 6561 direction for the server, but not for the client. Sigh. 6562 Brought up by naddy. 6563 - markus@cvs.openbsd.org 2014/03/27 23:01:27 6564 [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] 6565 disable weak proposals in sshd, but keep them in ssh; ok djm@ 6566 6567commit 6e1777f592f15f4559728c78204617537b1ac076 6568Author: Damien Miller <djm@mindrot.org> 6569Date: Sun Apr 20 13:02:58 2014 +1000 6570 6571 - tedu@cvs.openbsd.org 2014/03/19 14:42:44 6572 [scp.1] 6573 there is no need for rcp anymore 6574 ok deraadt millert 6575 6576commit eb1b7c514d2a7b1802ccee8cd50e565a4d419887 6577Author: Damien Miller <djm@mindrot.org> 6578Date: Sun Apr 20 13:02:26 2014 +1000 6579 6580 - tedu@cvs.openbsd.org 2014/03/17 19:44:10 6581 [ssh.1] 6582 old descriptions of des and blowfish are old. maybe ok deraadt 6583 6584commit f0858de6e1324ec730752387074b111b8551081e 6585Author: Damien Miller <djm@mindrot.org> 6586Date: Sun Apr 20 13:01:30 2014 +1000 6587 6588 - deraadt@cvs.openbsd.org 2014/03/15 17:28:26 6589 [ssh-agent.c ssh-keygen.1 ssh-keygen.c] 6590 Improve usage() and documentation towards the standard form. 6591 In particular, this line saves a lot of man page reading time. 6592 usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] 6593 [-N new_passphrase] [-C comment] [-f output_keyfile] 6594 ok schwarze jmc 6595 6596commit 94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa 6597Author: Damien Miller <djm@mindrot.org> 6598Date: Sun Apr 20 13:00:51 2014 +1000 6599 6600 - naddy@cvs.openbsd.org 2014/03/12 13:06:59 6601 [ssh-keyscan.1] 6602 scan for Ed25519 keys by default too 6603 6604commit 3819519288b2b3928c6882f5883b0f55148f4fc0 6605Author: Damien Miller <djm@mindrot.org> 6606Date: Sun Apr 20 13:00:28 2014 +1000 6607 6608 - djm@cvs.openbsd.org 2014/03/12 04:51:12 6609 [authfile.c] 6610 correct test that kdf name is not "none" or "bcrypt" 6611 6612commit 8f9cd709c7cf0655d414306a0ed28306b33802be 6613Author: Damien Miller <djm@mindrot.org> 6614Date: Sun Apr 20 13:00:11 2014 +1000 6615 6616 - djm@cvs.openbsd.org 2014/03/12 04:50:32 6617 [auth-bsdauth.c ssh-keygen.c] 6618 don't count on things that accept arguments by reference to clear 6619 things for us on error; most things do, but it's unsafe form. 6620 6621commit 1c7ef4be83f6dec84509a312518b9df00ab491d9 6622Author: Damien Miller <djm@mindrot.org> 6623Date: Sun Apr 20 12:59:46 2014 +1000 6624 6625 - djm@cvs.openbsd.org 2014/03/12 04:44:58 6626 [ssh-keyscan.c] 6627 scan for Ed25519 keys by default too 6628 6629commit c10bf4d051c97939b30a1616c0499310057d07da 6630Author: Damien Miller <djm@mindrot.org> 6631Date: Sun Apr 20 12:58:04 2014 +1000 6632 6633 - djm@cvs.openbsd.org 2014/03/03 22:22:30 6634 [session.c] 6635 ignore enviornment variables with embedded '=' or '\0' characters; 6636 spotted by Jann Horn; ok deraadt@ 6637 Id sync only - portable already has this. 6638 6639commit c2e49062faccbcd7135c40d1c78c5c329c58fc2e 6640Author: Damien Miller <djm@mindrot.org> 6641Date: Tue Apr 1 14:42:46 2014 +1100 6642 6643 - (djm) Use full release (e.g. 6.5p1) in debug output rather than just 6644 version. From des@des.no 6645 6646commit 14928b7492abec82afa4c2b778fc03f78cd419b6 6647Author: Damien Miller <djm@mindrot.org> 6648Date: Tue Apr 1 14:38:07 2014 +1100 6649 6650 - (djm) On platforms that support it, use prctl() to prevent sftp-server 6651 from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net 6652 6653commit 48abc47e60048461fe9117e108a7e99ea1ac2bb8 6654Author: Damien Miller <djm@mindrot.org> 6655Date: Mon Mar 17 14:45:56 2014 +1100 6656 6657 - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to 6658 remind myself to add sandbox violation logging via the log socket. 6659 6660commit 9c36698ca2f554ec221dc7ef29c7a89e97c88705 6661Author: Tim Rice <tim@multitalents.net> 6662Date: Fri Mar 14 12:45:01 2014 -0700 6663 6664 20140314 6665 - (tim) [opensshd.init.in] Add support for ed25519 6666 6667commit 19158b2447e35838d69b2b735fb640d1e86061ea 6668Author: Damien Miller <djm@mindrot.org> 6669Date: Thu Mar 13 13:14:21 2014 +1100 6670 6671 - (djm) Release OpenSSH 6.6 6672 6673commit 8569eba5d7f7348ce3955eeeb399f66f25c52ece 6674Author: Damien Miller <djm@mindrot.org> 6675Date: Tue Mar 4 09:35:17 2014 +1100 6676 6677 - djm@cvs.openbsd.org 2014/03/03 22:22:30 6678 [session.c] 6679 ignore enviornment variables with embedded '=' or '\0' characters; 6680 spotted by Jann Horn; ok deraadt@ 6681 6682commit 2476c31b96e89aec7d4e73cb6fbfb9a4290de3a7 6683Author: Damien Miller <djm@mindrot.org> 6684Date: Sun Mar 2 04:01:00 2014 +1100 6685 6686 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when 6687 no moduli file exists at the expected location. 6688 6689commit c83fdf30e9db865575b2521b1fe46315cf4c70ae 6690Author: Damien Miller <djm@mindrot.org> 6691Date: Fri Feb 28 10:34:03 2014 +1100 6692 6693 - (djm) [regress/host-expand.sh] Add RCS Id 6694 6695commit 834aeac3555e53f7d29a6fcf3db010dfb99681c7 6696Author: Damien Miller <djm@mindrot.org> 6697Date: Fri Feb 28 10:25:16 2014 +1100 6698 6699 - djm@cvs.openbsd.org 2014/02/27 21:21:25 6700 [agent-ptrace.sh agent.sh] 6701 keep return values that are printed in error messages; 6702 from portable 6703 (Id sync only) 6704 6705commit 4f7f1a9a0de24410c30952c7e16d433240422182 6706Author: Damien Miller <djm@mindrot.org> 6707Date: Fri Feb 28 10:24:11 2014 +1100 6708 6709 - djm@cvs.openbsd.org 2014/02/27 20:04:16 6710 [login-timeout.sh] 6711 remove any existing LoginGraceTime from sshd_config before adding 6712 a specific one for the test back in 6713 6714commit d705d987c27f68080c8798eeb5262adbdd6b4ffd 6715Author: Damien Miller <djm@mindrot.org> 6716Date: Fri Feb 28 10:23:26 2014 +1100 6717 6718 - djm@cvs.openbsd.org 2014/01/26 10:49:17 6719 [scp-ssh-wrapper.sh scp.sh] 6720 make sure $SCP is tested on the remote end rather than whichever one 6721 happens to be in $PATH; from portable 6722 (Id sync only) 6723 6724commit 624a3ca376e3955a4b9d936c9e899e241b65d357 6725Author: Damien Miller <djm@mindrot.org> 6726Date: Fri Feb 28 10:22:37 2014 +1100 6727 6728 - djm@cvs.openbsd.org 2014/01/26 10:22:10 6729 [regress/cert-hostkey.sh] 6730 automatically generate revoked keys from listed keys rather than 6731 manually specifying each type; from portable 6732 (Id sync only) 6733 6734commit b84392328425e4b9a71f8bde5fe6a4a4c48d3ec4 6735Author: Damien Miller <djm@mindrot.org> 6736Date: Fri Feb 28 10:21:26 2014 +1100 6737 6738 - dtucker@cvs.openbsd.org 2014/01/25 04:35:32 6739 [regress/Makefile regress/dhgex.sh] 6740 Add a test for DH GEX sizes 6741 6742commit 1e2aa3d90472293ea19008f02336d6d68aa05793 6743Author: Damien Miller <djm@mindrot.org> 6744Date: Fri Feb 28 10:19:51 2014 +1100 6745 6746 - dtucker@cvs.openbsd.org 2014/01/20 00:00:30 6747 [sftp-chroot.sh] 6748 append to rather than truncating the log file 6749 6750commit f483cc16fe7314e24a37aa3a4422b03c013c3213 6751Author: Damien Miller <djm@mindrot.org> 6752Date: Fri Feb 28 10:19:11 2014 +1100 6753 6754 - dtucker@cvs.openbsd.org 2014/01/19 23:43:02 6755 [regress/sftp-chroot.sh] 6756 Don't use -q on sftp as it suppresses logging, instead redirect the 6757 output to the regress logfile. 6758 6759commit 6486f16f1c0ebd6f39286f6ab5e08286d90a994a 6760Author: Damien Miller <djm@mindrot.org> 6761Date: Fri Feb 28 10:03:52 2014 +1100 6762 6763 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 6764 [contrib/suse/openssh.spec] Crank version numbers 6765 6766commit 92cf5adea194140380e6af6ec32751f9ad540794 6767Author: Damien Miller <djm@mindrot.org> 6768Date: Fri Feb 28 10:01:53 2014 +1100 6769 6770 - djm@cvs.openbsd.org 2014/02/27 22:57:40 6771 [version.h] 6772 openssh-6.6 6773 6774commit fc5d6759aba71eb205b296b5f148010ffc828583 6775Author: Damien Miller <djm@mindrot.org> 6776Date: Fri Feb 28 10:01:28 2014 +1100 6777 6778 - djm@cvs.openbsd.org 2014/02/27 22:47:07 6779 [sshd_config.5] 6780 bz#2184 clarify behaviour of a keyword that appears in multiple 6781 matching Match blocks; ok dtucker@ 6782 6783commit 172ec7e0af1a5f1d682f6a2dca335c6c186153d5 6784Author: Damien Miller <djm@mindrot.org> 6785Date: Fri Feb 28 10:00:57 2014 +1100 6786 6787 - djm@cvs.openbsd.org 2014/02/27 08:25:09 6788 [bufbn.c] 6789 off by one in range check 6790 6791commit f9a9aaba437c2787e40cf7cc928281950e161678 6792Author: Damien Miller <djm@mindrot.org> 6793Date: Fri Feb 28 10:00:27 2014 +1100 6794 6795 - djm@cvs.openbsd.org 2014/02/27 00:41:49 6796 [bufbn.c] 6797 fix unsigned overflow that could lead to reading a short ssh protocol 6798 1 bignum value; found by Ben Hawkes; ok deraadt@ 6799 6800commit fb3423b612713d9cde67c8a75f6f51188d6a3de3 6801Author: Damien Miller <djm@mindrot.org> 6802Date: Thu Feb 27 10:20:07 2014 +1100 6803 6804 - markus@cvs.openbsd.org 2014/02/26 21:53:37 6805 [sshd.c] 6806 ssh_gssapi_prepare_supported_oids needs GSSAPI 6807 6808commit 1348129a34f0f7728c34d86c100a32dcc8d1f922 6809Author: Damien Miller <djm@mindrot.org> 6810Date: Thu Feb 27 10:18:32 2014 +1100 6811 6812 - djm@cvs.openbsd.org 2014/02/26 20:29:29 6813 [channels.c] 6814 don't assume that the socks4 username is \0 terminated; 6815 spotted by Ben Hawkes; ok markus@ 6816 6817commit e6a74aeeacd01d885262ff8e50eb28faee8c8039 6818Author: Damien Miller <djm@mindrot.org> 6819Date: Thu Feb 27 10:17:49 2014 +1100 6820 6821 - djm@cvs.openbsd.org 2014/02/26 20:28:44 6822 [auth2-gss.c gss-serv.c ssh-gss.h sshd.c] 6823 bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep 6824 sandboxing, as running this code in the sandbox can cause violations; 6825 ok markus@ 6826 6827commit 08b57c67f3609340ff703fe2782d7058acf2529e 6828Author: Damien Miller <djm@mindrot.org> 6829Date: Thu Feb 27 10:17:13 2014 +1100 6830 6831 - djm@cvs.openbsd.org 2014/02/26 20:18:37 6832 [ssh.c] 6833 bz#2205: avoid early hostname lookups unless canonicalisation is enabled; 6834 ok dtucker@ markus@ 6835 6836commit 13f97b2286142fd0b8eab94e4ce84fe124eeb752 6837Author: Damien Miller <djm@mindrot.org> 6838Date: Mon Feb 24 15:57:55 2014 +1100 6839 6840 - djm@cvs.openbsd.org 2014/02/23 20:11:36 6841 [readconf.c readconf.h ssh.c ssh_config.5] 6842 reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes 6843 the hostname. This allows users to write configurations that always 6844 refer to canonical hostnames, e.g. 6845 6846 CanonicalizeHostname yes 6847 CanonicalDomains int.example.org example.org 6848 CanonicalizeFallbackLocal no 6849 6850 Host *.int.example.org 6851 Compression off 6852 Host *.example.org 6853 User djm 6854 6855 ok markus@ 6856 6857commit bee3a234f3d1ad4244952bcff1b4b7c525330dc2 6858Author: Damien Miller <djm@mindrot.org> 6859Date: Mon Feb 24 15:57:22 2014 +1100 6860 6861 - djm@cvs.openbsd.org 2014/02/23 20:03:42 6862 [ssh-ed25519.c] 6863 check for unsigned overflow; not reachable in OpenSSH but others might 6864 copy our code... 6865 6866commit 0628780abe61e7e50cba48cdafb1837f49ff23b2 6867Author: Damien Miller <djm@mindrot.org> 6868Date: Mon Feb 24 15:56:45 2014 +1100 6869 6870 - djm@cvs.openbsd.org 2014/02/22 01:32:19 6871 [readconf.c] 6872 when processing Match blocks, skip 'exec' clauses if previous predicates 6873 failed to match; ok markus@ 6874 6875commit 0890dc8191bb201eb01c3429feec0300a9d3a930 6876Author: Damien Miller <djm@mindrot.org> 6877Date: Mon Feb 24 15:56:07 2014 +1100 6878 6879 - djm@cvs.openbsd.org 2014/02/15 23:05:36 6880 [channels.c] 6881 avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; 6882 bz#2200, debian#738692 via Colin Watson; ok dtucker@ 6883 6884commit d3cf67e1117c25d151d0f86396e77ee3a827045a 6885Author: Damien Miller <djm@mindrot.org> 6886Date: Mon Feb 24 15:55:36 2014 +1100 6887 6888 - djm@cvs.openbsd.org 2014/02/07 06:55:54 6889 [cipher.c mac.c] 6890 remove some logging that makes ssh debugging output very verbose; 6891 ok markus 6892 6893commit 03ae081aeaa118361c81ece76eb7cc1aaa2b40c5 6894Author: Tim Rice <tim@multitalents.net> 6895Date: Fri Feb 21 09:09:34 2014 -0800 6896 6897 20140221 6898 - (tim) [configure.ac] Fix cut-and-paste error. Patch from Bryan Drewery. 6899 6900commit 4a20959d2e3c90e9d66897c0b4032c785672d815 6901Author: Darren Tucker <dtucker@zip.com.au> 6902Date: Thu Feb 13 16:38:32 2014 +1100 6903 6904 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat 6905 code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex. 6906 6907commit d1a7a9c0fd1ac2e3314cceb2891959fd2cd9eabb 6908Author: Damien Miller <djm@mindrot.org> 6909Date: Fri Feb 7 09:24:33 2014 +1100 6910 6911 - djm@cvs.openbsd.org 2014/02/06 22:21:01 6912 [sshconnect.c] 6913 in ssh_create_socket(), only do the getaddrinfo for BindAddress when 6914 BindAddress is actually specified. Fixes regression in 6.5 for 6915 UsePrivilegedPort=yes; patch from Corinna Vinschen 6916 6917commit 6ce35b6cc4ead1bf98abec34cb2e2d6ca0abb15e 6918Author: Damien Miller <djm@mindrot.org> 6919Date: Fri Feb 7 09:24:14 2014 +1100 6920 6921 - naddy@cvs.openbsd.org 2014/02/05 20:13:25 6922 [ssh-keygen.1 ssh-keygen.c] 6923 tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@ 6924 while here, fix ordering in usage(); requested by jmc@ 6925 6926commit 6434cb2cfbbf0a46375d2d22f2ff9927feb5e478 6927Author: Damien Miller <djm@mindrot.org> 6928Date: Thu Feb 6 11:17:50 2014 +1100 6929 6930 - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define 6931 __NR_shutdown; some go via the socketcall(2) multiplexer. 6932 6933commit 8d36f9ac71eff2e9f5770c0518b73d875f270647 6934Author: Darren Tucker <dtucker@zip.com.au> 6935Date: Thu Feb 6 10:44:13 2014 +1100 6936 6937 - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL 6938 before freeing since free(NULL) is a no-op. ok djm. 6939 6940commit a0959da3680b4ce8cf911caf3293a6d90f88eeb7 6941Author: Damien Miller <djm@mindrot.org> 6942Date: Wed Feb 5 10:33:45 2014 +1100 6943 6944 - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by 6945 headers/libc but not supported by the kernel. Patch from Loganaden 6946 Velvindron @ AfriNIC 6947 6948commit 9c449bc183b256c84d8f740727b0bc54d247b15e 6949Author: Damien Miller <djm@mindrot.org> 6950Date: Tue Feb 4 11:38:28 2014 +1100 6951 6952 - (djm) [regress/setuid-allowed.c] Missing string.h for strerror() 6953 6954commit bf7e0f03be661b6f5b3bfe325135ce19391f9c4d 6955Author: Damien Miller <djm@mindrot.org> 6956Date: Tue Feb 4 11:37:50 2014 +1100 6957 6958 - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o 6959 6960commit eb6d870a0ea8661299bb2ea8f013d3ace04e2024 6961Author: Damien Miller <djm@mindrot.org> 6962Date: Tue Feb 4 11:26:34 2014 +1100 6963 6964 - djm@cvs.openbsd.org 2014/02/04 00:24:29 6965 [ssh.c] 6966 delay lowercasing of hostname until right before hostname 6967 canonicalisation to unbreak case-sensitive matching of ssh_config; 6968 reported by Ike Devolder; ok markus@ 6969 6970commit d56b44d2dfa093883a5c4e91be3f72d99946b170 6971Author: Damien Miller <djm@mindrot.org> 6972Date: Tue Feb 4 11:26:04 2014 +1100 6973 6974 - djm@cvs.openbsd.org 2014/02/04 00:24:29 6975 [ssh.c] 6976 delay lowercasing of hostname until right before hostname 6977 canonicalisation to unbreak case-sensitive matching of ssh_config; 6978 reported by Ike Devolder; ok markus@ 6979 6980commit db3c595ea74ea9ccd5aa644d7e1f8dc675710731 6981Author: Damien Miller <djm@mindrot.org> 6982Date: Tue Feb 4 11:25:45 2014 +1100 6983 6984 - djm@cvs.openbsd.org 2014/02/02 03:44:31 6985 [digest-libc.c digest-openssl.c] 6986 convert memset of potentially-private data to explicit_bzero() 6987 6988commit aae07e2e2000dd318418fd7fd4597760904cae32 6989Author: Damien Miller <djm@mindrot.org> 6990Date: Tue Feb 4 11:20:40 2014 +1100 6991 6992 - djm@cvs.openbsd.org 2014/02/03 23:28:00 6993 [ssh-ecdsa.c] 6994 fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike 6995 DSA_SIG_new. Reported by Batz Spear; ok markus@ 6996 6997commit a5103f413bde6f31bff85d6e1fd29799c647d765 6998Author: Damien Miller <djm@mindrot.org> 6999Date: Tue Feb 4 11:20:14 2014 +1100 7000 7001 - djm@cvs.openbsd.org 2014/02/02 03:44:32 7002 [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] 7003 [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] 7004 [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] 7005 [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] 7006 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] 7007 [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] 7008 [sshd.c] 7009 convert memset of potentially-private data to explicit_bzero() 7010 7011commit 1d2c4564265ee827147af246a16f3777741411ed 7012Author: Damien Miller <djm@mindrot.org> 7013Date: Tue Feb 4 11:18:20 2014 +1100 7014 7015 - tedu@cvs.openbsd.org 2014/01/31 16:39:19 7016 [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] 7017 [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] 7018 [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] 7019 [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] 7020 [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] 7021 replace most bzero with explicit_bzero, except a few that cna be memset 7022 ok djm dtucker 7023 7024commit 3928de067c286683a95fbdbdb5fdb3c78a0e5efd 7025Author: Damien Miller <djm@mindrot.org> 7026Date: Tue Feb 4 11:13:54 2014 +1100 7027 7028 - djm@cvs.openbsd.org 2014/01/30 22:26:14 7029 [sandbox-systrace.c] 7030 allow shutdown(2) syscall in sandbox - it may be called by packet_close() 7031 from portable 7032 (Id sync only; change is already in portable) 7033 7034commit e1e480aee8a9af6cfbe7188667b7b940d6b57f9f 7035Author: Damien Miller <djm@mindrot.org> 7036Date: Tue Feb 4 11:13:17 2014 +1100 7037 7038 - jmc@cvs.openbsd.org 2014/01/29 14:04:51 7039 [sshd_config.5] 7040 document kbdinteractiveauthentication; 7041 requested From: Ross L Richardson 7042 7043 dtucker/markus helped explain its workings; 7044 7045commit 7cc194f70d4a5ec9a82d19422eaf18db4a6624c6 7046Author: Damien Miller <djm@mindrot.org> 7047Date: Tue Feb 4 11:12:56 2014 +1100 7048 7049 - djm@cvs.openbsd.org 2014/01/29 06:18:35 7050 [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] 7051 [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] 7052 [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] 7053 remove experimental, never-enabled JPAKE code; ok markus@ 7054 7055commit b0f26544cf6f4feeb1a4f6db09fca834f5c9867d 7056Author: Damien Miller <djm@mindrot.org> 7057Date: Tue Feb 4 11:10:01 2014 +1100 7058 7059 - djm@cvs.openbsd.org 2014/01/29 00:19:26 7060 [sshd.c] 7061 use kill(0, ...) instead of killpg(0, ...); on most operating systems 7062 they are equivalent, but SUSv2 describes the latter as having undefined 7063 behaviour; from portable; ok dtucker 7064 (Id sync only; change is already in portable) 7065 7066commit f8f35bc471500348bb262039fb1fc43175d251b0 7067Author: Damien Miller <djm@mindrot.org> 7068Date: Tue Feb 4 11:09:12 2014 +1100 7069 7070 - jmc@cvs.openbsd.org 2014/01/28 14:13:39 7071 [ssh-keyscan.1] 7072 kill some bad Pa; 7073 From: Jan Stary 7074 7075commit 0ba85d696ae9daf66002c2e4ab0d6bb111e1a787 7076Author: Damien Miller <djm@mindrot.org> 7077Date: Tue Feb 4 11:08:38 2014 +1100 7078 7079 ignore a few more regress droppings 7080 7081commit ec93d15170b7a6ddf63fd654bd0f6a752acc19dd 7082Author: Damien Miller <djm@mindrot.org> 7083Date: Tue Feb 4 11:07:13 2014 +1100 7084 7085 - markus@cvs.openbsd.org 2014/01/27 20:13:46 7086 [digest.c digest-openssl.c digest-libc.c Makefile.in] 7087 rename digest.c to digest-openssl.c and add libc variant; ok djm@ 7088 7089commit 4a1c7aa640fb97d3472d51b215b6a0ec0fd025c7 7090Author: Damien Miller <djm@mindrot.org> 7091Date: Tue Feb 4 11:03:36 2014 +1100 7092 7093 - markus@cvs.openbsd.org 2014/01/27 19:18:54 7094 [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] 7095 replace openssl MD5 with our ssh_digest_*; ok djm@ 7096 7097commit 4e8d937af79ce4e253f77ec93489d098b25becc3 7098Author: Damien Miller <djm@mindrot.org> 7099Date: Tue Feb 4 11:02:42 2014 +1100 7100 7101 - markus@cvs.openbsd.org 2014/01/27 18:58:14 7102 [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] 7103 replace openssl HMAC with an implementation based on our ssh_digest_* 7104 ok and feedback djm@ 7105 7106commit 69d0d09f76bab5aec86fbf78489169f63bd16475 7107Author: Tim Rice <tim@multitalents.net> 7108Date: Fri Jan 31 14:25:18 2014 -0800 7109 7110 - (tim) [Makefile.in] build regress/setuid-allow. 7111 7112commit 0eeafcd76b972a3d159f3118227c149a4d7817fe 7113Author: Darren Tucker <dtucker@zip.com.au> 7114Date: Fri Jan 31 14:18:51 2014 +1100 7115 7116 - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes 7117 build with HP-UX's compiler. Patch from Kevin Brott. 7118 7119commit 7e5cec6070673e9f9785ffc749837ada22fbe99f 7120Author: Damien Miller <djm@mindrot.org> 7121Date: Fri Jan 31 09:25:34 2014 +1100 7122 7123 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) 7124 syscall from sandboxes; it may be called by packet_close. 7125 7126commit cdb6c90811caa5df2df856be9b0b16db020fe31d 7127Author: Damien Miller <djm@mindrot.org> 7128Date: Thu Jan 30 12:50:17 2014 +1100 7129 7130 - (djm) Release openssh-6.5p1 7131 7132commit 996ea80b1884b676a901439f1f2681eb6ff68501 7133Author: Damien Miller <djm@mindrot.org> 7134Date: Thu Jan 30 12:49:55 2014 +1100 7135 7136 trim entries prior to openssh-6.0p1 7137 7138commit f5bbd3b657b6340551c8a95f74a70857ff8fac79 7139Author: Damien Miller <djm@mindrot.org> 7140Date: Thu Jan 30 11:26:46 2014 +1100 7141 7142 - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering 7143 different symbols for 'read' when various compiler flags are 7144 in use, causing atomicio.c comparisons against it to break and 7145 read/write operations to hang; ok dtucker 7146 7147commit c2868192ddc4e1420a50389e18c05db20b0b1f32 7148Author: Damien Miller <djm@mindrot.org> 7149Date: Thu Jan 30 10:21:19 2014 +1100 7150 7151 - (djm) [configure.ac] Only check for width-specified integer types 7152 in headers that actually exist. patch from Tom G. Christensen; 7153 ok dtucker@ 7154 7155commit c161fc90fc86e2035710570238a9e1ca7a68d2a5 7156Author: Damien Miller <djm@mindrot.org> 7157Date: Wed Jan 29 21:01:33 2014 +1100 7158 7159 - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from 7160 Tom G. Christensen 7161 7162commit 6f917ad376481995ab7d29fb53b08ec8d507eb9e 7163Author: Tim Rice <tim@multitalents.net> 7164Date: Tue Jan 28 10:26:25 2014 -0800 7165 7166 - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable 7167 when used as an error message inside an if statement so we display the 7168 correct into. agent.sh patch from Petr Lautrbach. 7169 7170commit ab16ef4152914d44ce6f76e48167d26d22f66a06 7171Author: Damien Miller <djm@mindrot.org> 7172Date: Tue Jan 28 15:08:12 2014 +1100 7173 7174 - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the 7175 latter being specified to have undefined behaviour in SUSv3; 7176 ok dtucker 7177 7178commit ab0394905884dc6e58c3721211c6b38fb8fc2ca8 7179Author: Damien Miller <djm@mindrot.org> 7180Date: Tue Jan 28 15:07:10 2014 +1100 7181 7182 - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl; 7183 ok dtucker 7184 7185commit 4ab20a82d4d4168d62318923f62382f6ef242fcd 7186Author: Darren Tucker <dtucker@zip.com.au> 7187Date: Mon Jan 27 17:35:04 2014 +1100 7188 7189 - (dtucker) [Makefile.in] Remove trailing backslash which some make 7190 implementations (eg older Solaris) do not cope with. 7191 7192commit e7e8b3cfe9f8665faaf0e68b33df5bbb431bd129 7193Author: Darren Tucker <dtucker@zip.com.au> 7194Date: Mon Jan 27 17:32:50 2014 +1100 7195 7196 Welcome to 2014 7197 7198commit 5b447c0aac0dd444251e276f6bb3bbbe1c05331c 7199Author: Damien Miller <djm@mindrot.org> 7200Date: Sun Jan 26 09:46:53 2014 +1100 7201 7202 - (djm) [configure.ac] correct AC_DEFINE for previous. 7203 7204commit 2035b2236d3b1f76c749c642a43e03c85eae76e6 7205Author: Damien Miller <djm@mindrot.org> 7206Date: Sun Jan 26 09:39:53 2014 +1100 7207 7208 - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable 7209 RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations, 7210 libc will attempt to open additional file descriptors for crypto 7211 offload and crash if they cannot be opened. 7212 7213commit a92ac7410475fbb00383c7402aa954dc0a75ae19 7214Author: Damien Miller <djm@mindrot.org> 7215Date: Sun Jan 26 09:38:03 2014 +1100 7216 7217 - markus@cvs.openbsd.org 2014/01/25 20:35:37 7218 [kex.c] 7219 dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) 7220 ok dtucker@, noted by mancha 7221 7222commit 76eea4ab4e658670ca6e76dd1e6d17f262208b57 7223Author: Damien Miller <djm@mindrot.org> 7224Date: Sun Jan 26 09:37:25 2014 +1100 7225 7226 - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 7227 [cipher.c cipher.h kex.c kex.h kexgexc.c] 7228 Add a special case for the DH group size for 3des-cbc, which has an 7229 effective strength much lower than the key size. This causes problems 7230 with some cryptlib implementations, which don't support group sizes larger 7231 than 4k but also don't use the largest group size it does support as 7232 specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, 7233 reduced by me with input from Markus. ok djm@ markus@ 7234 7235commit 603b8f47f1cd9ed95a2017447db8e60ca6704594 7236Author: Damien Miller <djm@mindrot.org> 7237Date: Sat Jan 25 13:16:59 2014 +1100 7238 7239 - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test 7240 against the correct thing. 7241 7242commit c96d85376d779b6ac61525b5440010d344d2f23f 7243Author: Damien Miller <djm@mindrot.org> 7244Date: Sat Jan 25 13:12:28 2014 +1100 7245 7246 - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless 7247 sys/capability.h exists and cap_rights_limit is in libc. Fixes 7248 build on FreeBSD9x which provides the header but not the libc 7249 support. 7250 7251commit f62ecef9939cb3dbeb10602fd705d4db3976d822 7252Author: Damien Miller <djm@mindrot.org> 7253Date: Sat Jan 25 12:34:38 2014 +1100 7254 7255 - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD 7256 7257commit b0e0f760b861676a3fe5c40133b270713d5321a9 7258Author: Damien Miller <djm@mindrot.org> 7259Date: Fri Jan 24 14:27:04 2014 +1100 7260 7261 - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make 7262 the scp regress test actually test the built scp rather than the one 7263 in $PATH. ok dtucker@ 7264 7265commit 42a092530159637da9cb7f9e1b5f4679e34a85e6 7266Author: Darren Tucker <dtucker@zip.com.au> 7267Date: Thu Jan 23 23:14:39 2014 +1100 7268 7269 - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously 7270 incompatible with OpenBSD's despite post-dating it by more than a decade. 7271 Declare it as broken, and document FreeBSD's as the same. ok djm@ 7272 7273commit 617da33c20cb59f9ea6c99c881d92493371ef7b8 7274Author: Tim Rice <tim@multitalents.net> 7275Date: Wed Jan 22 19:16:10 2014 -0800 7276 7277 - (tim) [session.c] Improve error reporting on set_id(). 7278 7279commit 5c2ff5e31f57d303ebb414d84a934c02728fa568 7280Author: Damien Miller <djm@mindrot.org> 7281Date: Wed Jan 22 21:30:12 2014 +1100 7282 7283 - (djm) [configure.ac aclocal.m4] More tests to detect fallout from 7284 platform hardening options: include some long long int arithmatic 7285 to detect missing support functions for -ftrapv in libgcc and 7286 equivalents, actually test linking when -ftrapv is supplied and 7287 set either both -pie/-fPIE or neither. feedback and ok dtucker@ 7288 7289commit 852472a54b8a0dc3e53786b313baaa86850a4273 7290Author: Damien Miller <djm@mindrot.org> 7291Date: Wed Jan 22 16:31:18 2014 +1100 7292 7293 - (djm) [configure.ac] Unless specifically requested, only attempt 7294 to build Position Independent Executables on gcc >= 4.x; ok dtucker 7295 7296commit ee87838786cef0194db36ae0675b3e7c4e8ec661 7297Author: Damien Miller <djm@mindrot.org> 7298Date: Wed Jan 22 16:30:15 2014 +1100 7299 7300 - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a 7301 platform that is expected to use the reuse-argv style setproctitle 7302 hack surprises us by providing a setproctitle in libc; ok dtucker 7303 7304commit 5c96a154c7940fa67b1f11c421e390dbbc159f27 7305Author: Damien Miller <djm@mindrot.org> 7306Date: Tue Jan 21 13:10:26 2014 +1100 7307 7308 - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE 7309 and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of 7310 detecting toolchain-related problems; ok dtucker 7311 7312commit 9464ba6fb34bb42eb3501ec3c5143662e75674bf 7313Author: Tim Rice <tim@multitalents.net> 7314Date: Mon Jan 20 17:59:28 2014 -0800 7315 7316 - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced 7317 with sftp chroot support. Move set_id call after chroot. 7318 7319commit a6d573caa14d490e6c42fb991bcb5c6860ec704b 7320Author: Darren Tucker <dtucker@zip.com.au> 7321Date: Tue Jan 21 12:50:46 2014 +1100 7322 7323 - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time 7324 tests in the configure output. ok djm. 7325 7326commit 096118dc73ab14810b3c12785c0b5acb01ad6123 7327Author: Darren Tucker <dtucker@zip.com.au> 7328Date: Tue Jan 21 12:48:51 2014 +1100 7329 7330 - (dtucker) [configure.ac] Make PIE a configure-time option which defaults 7331 to on platforms where it's known to be reliably detected and off elsewhere. 7332 Works around platforms such as FreeBSD 9.1 where it does not interop with 7333 -ftrapv (it seems to work but fails when trying to link ssh). ok djm@ 7334 7335commit f9df7f6f477792254eab33cdef71a6d66488cb88 7336Author: Damien Miller <djm@mindrot.org> 7337Date: Mon Jan 20 20:07:15 2014 +1100 7338 7339 - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that 7340 skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@ 7341 7342commit c74e70eb52ccc0082bd5a70b5798bb01c114d138 7343Author: Darren Tucker <dtucker@zip.com.au> 7344Date: Mon Jan 20 13:18:09 2014 +1100 7345 7346 - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos 7347 implementation does not have krb5_cc_new_unique, similar to what we do 7348 in auth-krb5.c. 7349 7350commit 3510979e83b6a18ec8773c64c3fa04aa08b2e783 7351Author: Damien Miller <djm@mindrot.org> 7352Date: Mon Jan 20 12:41:53 2014 +1100 7353 7354 - djm@cvs.openbsd.org 2014/01/20 00:08:48 7355 [digest.c] 7356 memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@ 7357 7358commit 7eee358d7a6580479bee5cd7e52810ebfd03e5b2 7359Author: Darren Tucker <dtucker@zip.com.au> 7360Date: Sun Jan 19 22:37:02 2014 +1100 7361 7362 - dtucker@cvs.openbsd.org 2014/01/19 11:21:51 7363 [addrmatch.c] 7364 Cast the sizeof to socklen_t so it'll work even if the supplied len is 7365 negative. Suggested by and ok djm, ok deraadt. 7366 7367commit b7e01c09b56ab26e8fac56bbce0fd25e36d12bb0 7368Author: Darren Tucker <dtucker@zip.com.au> 7369Date: Sun Jan 19 22:36:13 2014 +1100 7370 7371 - djm@cvs.openbsd.org 2014/01/19 04:48:08 7372 [ssh_config.5] 7373 fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal 7374 7375commit 7b1ded04adce42efa25ada7c3a39818d3109b724 7376Author: Darren Tucker <dtucker@zip.com.au> 7377Date: Sun Jan 19 15:30:02 2014 +1100 7378 7379 - dtucker@cvs.openbsd.org 2014/01/19 04:17:29 7380 [canohost.c addrmatch.c] 7381 Cast socklen_t when comparing to size_t and use socklen_t to iterate over 7382 the ip options, both to prevent signed/unsigned comparison warnings. 7383 Patch from vinschen at redhat via portable openssh, begrudging ok deraadt. 7384 7385commit 293ee3c9f0796d99ebb033735f0e315f2e0180bf 7386Author: Darren Tucker <dtucker@zip.com.au> 7387Date: Sun Jan 19 15:28:01 2014 +1100 7388 7389 - dtucker@cvs.openbsd.org 2014/01/18 09:36:26 7390 [session.c] 7391 explicitly define USE_PIPES to 1 to prevent redefinition warnings in 7392 portable on platforms that use pipes for everything. From redhat @ 7393 redhat. 7394 7395commit 2aca159d05f9e7880d1d8f1ce49a218840057f53 7396Author: Darren Tucker <dtucker@zip.com.au> 7397Date: Sun Jan 19 15:25:34 2014 +1100 7398 7399 - dtucker@cvs.openbsd.org 2014/01/17 06:23:24 7400 [sftp-server.c] 7401 fix log message statvfs. ok djm 7402 7403commit 841f7da89ae8b367bb502d61c5c41916c6e7ae4c 7404Author: Darren Tucker <dtucker@zip.com.au> 7405Date: Sat Jan 18 22:12:15 2014 +1100 7406 7407 - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the 7408 return value check for cap_enter() consistent with the other uses in 7409 FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140. 7410 7411commit fdce3731660699b2429e93e822f2ccbaccd163ae 7412Author: Darren Tucker <dtucker@zip.com.au> 7413Date: Sat Jan 18 21:12:42 2014 +1100 7414 7415 - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs, 7416 optind) are defined in getopt.h already. Unfortunately they are defined as 7417 "declspec(dllimport)" for historical reasons, because the GNU linker didn't 7418 allow auto-import on PE/COFF targets way back when. The problem is the 7419 dllexport attributes collide with the definitions in the various source 7420 files in OpenSSH, which obviousy define the variables without 7421 declspec(dllimport). The least intrusive way to get rid of these warnings 7422 is to disable warnings for GCC compiler attributes when building on Cygwin. 7423 Patch from vinschen at redhat.com. 7424 7425commit 1411c9263f46e1ee49d0d302bf7258ebe69ce827 7426Author: Darren Tucker <dtucker@zip.com.au> 7427Date: Sat Jan 18 21:03:59 2014 +1100 7428 7429 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function 7430 declarations that stopped being included when we stopped including 7431 <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at 7432 redhat.com. 7433 7434commit 89c532d843c95a085777c66365067d64d1937eb9 7435Author: Darren Tucker <dtucker@zip.com.au> 7436Date: Sat Jan 18 20:43:49 2014 +1100 7437 7438 - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch 7439 from vinschen at redhat.com 7440 7441commit 355f861022be7b23d3009fae8f3c9f6f7fc685f7 7442Author: Darren Tucker <dtucker@zip.com.au> 7443Date: Sat Jan 18 00:12:38 2014 +1100 7444 7445 - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after 7446 they're defined if we have to define them ourselves. Fixes builds on old 7447 AIX. 7448 7449commit a3357661ee1d5d553294f36e4940e8285c7f1332 7450Author: Darren Tucker <dtucker@zip.com.au> 7451Date: Sat Jan 18 00:03:57 2014 +1100 7452 7453 - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on 7454 Solaris. 7455 7456commit 9edcbff46ff01c8d5dee9c1aa843f09e9ad8a80e 7457Author: Darren Tucker <dtucker@zip.com.au> 7458Date: Fri Jan 17 21:54:32 2014 +1100 7459 7460 - (dtucker) [configure.ac] Have --without-toolchain-hardening not turn off 7461 stack-protector since that has a separate flag that's been around a while. 7462 7463commit 6d725687c490d4ba957a1bbc0ba0a2956c09fa69 7464Author: Darren Tucker <dtucker@zip.com.au> 7465Date: Fri Jan 17 19:17:34 2014 +1100 7466 7467 - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types. 7468 7469commit 5055699c7f7c7ef21703a443ec73117da392f6ae 7470Author: Darren Tucker <dtucker@zip.com.au> 7471Date: Fri Jan 17 18:48:22 2014 +1100 7472 7473 - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we 7474 need them to cut down on the name collisions. 7475 7476commit a5cf1e220def07290260e4125e74f41ac75cf88d 7477Author: Darren Tucker <dtucker@zip.com.au> 7478Date: Fri Jan 17 18:10:58 2014 +1100 7479 7480 - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c 7481 openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs 7482 to be useful (and for the regression tests to pass) on platforms that 7483 have statfs and fstatfs. ok djm@ 7484 7485commit 1357d71d7b6d269969520aaa3e84d312ec971d5b 7486Author: Darren Tucker <dtucker@zip.com.au> 7487Date: Fri Jan 17 18:00:40 2014 +1100 7488 7489 - (dtucker) Fix typo in #ifndef. 7490 7491commit d23a91ffb289d3553a58b7a60cec39fba9f0f506 7492Author: Darren Tucker <dtucker@zip.com.au> 7493Date: Fri Jan 17 17:32:30 2014 +1100 7494 7495 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c 7496 openbsd-compat/openssl-compat.h] Add compatibility layer for older 7497 openssl versions. ok djm@ 7498 7499commit 868ea1ea1c1bfdbee5dbad78f81999c5983ecf31 7500Author: Damien Miller <djm@mindrot.org> 7501Date: Fri Jan 17 16:47:04 2014 +1100 7502 7503 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] 7504 [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] 7505 [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing 7506 using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling 7507 Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@ 7508 7509commit a9d186a8b50d18869a10e9203abf71c83ddb1f79 7510Author: Darren Tucker <dtucker@zip.com.au> 7511Date: Fri Jan 17 16:30:49 2014 +1100 7512 7513 - dtucker@cvs.openbsd.org 2014/01/17 05:26:41 7514 [digest.c] 7515 remove unused includes. ok djm@ 7516 7517commit 5f1c57a7a7eb39c0e4fee3367712337dbcaef024 7518Author: Darren Tucker <dtucker@zip.com.au> 7519Date: Fri Jan 17 16:29:45 2014 +1100 7520 7521 - djm@cvs.openbsd.org 2014/01/17 00:21:06 7522 [sftp-client.c] 7523 signed/unsigned comparison warning fix; from portable (Id sync only) 7524 7525commit c548722361d89fb12c108528f96b306a26477b18 7526Author: Darren Tucker <dtucker@zip.com.au> 7527Date: Fri Jan 17 15:12:16 2014 +1100 7528 7529 - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into 7530 separate lines and alphabetize for easier diffing of changes. 7531 7532commit acad351a5b1c37de9130c9c1710445cc45a7f6b9 7533Author: Darren Tucker <dtucker@zip.com.au> 7534Date: Fri Jan 17 14:20:05 2014 +1100 7535 7536 - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that 7537 don't have them. 7538 7539commit c3ed065ce8417aaa46490836648c173a5010f226 7540Author: Darren Tucker <dtucker@zip.com.au> 7541Date: Fri Jan 17 14:18:45 2014 +1100 7542 7543 - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside 7544 #ifdef HAVE_STDINT_H. 7545 7546commit f45f78ae437062c7d9506c5f475b7215f486be44 7547Author: Darren Tucker <dtucker@zip.com.au> 7548Date: Fri Jan 17 12:43:43 2014 +1100 7549 7550 - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include 7551 includes.h to pull in all of the compatibility stuff. 7552 7553commit 99df369d0340caac145d57f700d830147ff18b87 7554Author: Darren Tucker <dtucker@zip.com.au> 7555Date: Fri Jan 17 12:42:17 2014 +1100 7556 7557 - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. 7558 7559commit ac413b62ea1957e80c711acbe0c11b908273fc01 7560Author: Darren Tucker <dtucker@zip.com.au> 7561Date: Fri Jan 17 12:31:33 2014 +1100 7562 7563 - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. 7564 7565commit 1c4a011e9c939e74815346a560843e1862c300b8 7566Author: Darren Tucker <dtucker@zip.com.au> 7567Date: Fri Jan 17 12:23:23 2014 +1100 7568 7569 - (dtucker) [loginrec.c] Cast to the types specfied in the format 7570 specification to prevent warnings. 7571 7572commit c3d483f9a8275be1113535a1e0d0e384f605f3c4 7573Author: Damien Miller <djm@mindrot.org> 7574Date: Fri Jan 17 11:20:26 2014 +1100 7575 7576 - (djm) [sftp-client.c] signed/unsigned comparison fix 7577 7578commit fd994379dd972417d0491767f7cd9b5bf23f4975 7579Author: Darren Tucker <dtucker@zip.com.au> 7580Date: Fri Jan 17 09:53:24 2014 +1100 7581 7582 - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain 7583 hardening flags including -fstack-protector-strong. These default to on 7584 if the toolchain supports them, but there is a configure-time knob 7585 (--without-hardening) to disable them if necessary. ok djm@ 7586 7587commit 366224d21768ee8ec28cfbcc5fbade1b32582d58 7588Author: Damien Miller <djm@mindrot.org> 7589Date: Thu Jan 16 18:51:44 2014 +1100 7590 7591 - (djm) [README] update release notes URL. 7592 7593commit 2ae77e64f8fa82cbf25c9755e8e847709b978b40 7594Author: Damien Miller <djm@mindrot.org> 7595Date: Thu Jan 16 18:51:07 2014 +1100 7596 7597 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 7598 [contrib/suse/openssh.spec] Crank RPM spec version numbers. 7599 7600commit 0fa29e6d777c73a1b4ddd3b996b06ee20022ae8a 7601Author: Damien Miller <djm@mindrot.org> 7602Date: Thu Jan 16 18:42:31 2014 +1100 7603 7604 - djm@cvs.openbsd.org 2014/01/16 07:32:00 7605 [version.h] 7606 openssh-6.5 7607 7608commit 52c371cd6d2598cc73d4e633811b3012119c47e2 7609Author: Damien Miller <djm@mindrot.org> 7610Date: Thu Jan 16 18:42:10 2014 +1100 7611 7612 - djm@cvs.openbsd.org 2014/01/16 07:31:09 7613 [sftp-client.c] 7614 needless and incorrect cast to size_t can break resumption of 7615 large download; patch from tobias@ 7616