1commit 6ebc4dd77a479892d5ca0cd2a567a651f70aad82 2Author: Damien Miller <djm@mindrot.org> 3Date: Tue Feb 18 19:03:42 2025 +1100 4 5 openssh-9.9p2 6 7commit 38df39ecf278a7ab5794fb03c01286f2cfe82c0d 8Author: djm@openbsd.org <djm@openbsd.org> 9Date: Tue Feb 18 08:02:48 2025 +0000 10 11 upstream: Fix cases where error codes were not correctly set 12 13 Reported by the Qualys Security Advisory team. ok markus@ 14 15 OpenBSD-Commit-ID: 7bcd4ffe0fa1e27ff98d451fb9c22f5fae6e610d 16 17commit 5e07dee272c34e193362fba8eda0e3c453f3c773 18Author: djm@openbsd.org <djm@openbsd.org> 19Date: Tue Feb 18 08:02:12 2025 +0000 20 21 upstream: Don't reply to PING in preauth phase or during KEX 22 23 Reported by the Qualys Security Advisory team. ok markus@ 24 25 OpenBSD-Commit-ID: c656ac4abd1504389d1733d85152044b15830217 26 27commit fb071011fb843142282b8b8a69cbb15e9b0b9485 28Author: djm@openbsd.org <djm@openbsd.org> 29Date: Mon Feb 10 23:00:29 2025 +0000 30 31 upstream: fix "Match invalid-user" from incorrectly being activated 32 33 in initial configuration pass when no other predicates were present on the 34 match line 35 36 OpenBSD-Commit-ID: 02703b4bd207fafd03788bc4e7774bf80be6c9a8 37 38commit 729a26a978dd39db60d4625bdfb5405baa629e59 39Author: Damien Miller <djm@mindrot.org> 40Date: Wed Oct 30 14:25:14 2024 +1100 41 42 fix uint64_t types; reported by Tom G. Christensen 43 44commit 33c5f384ae03a5d1a0bd46ca0fac3c62e4eaf784 45Author: Damien Miller <djm@mindrot.org> 46Date: Sun Oct 27 13:28:11 2024 +1100 47 48 htole64() etc for systems without endian.h 49 50commit fe8d28a7ebbaa35cfc04a21263627f05c237e460 51Author: djm@openbsd.org <djm@openbsd.org> 52Date: Sun Oct 27 02:06:59 2024 +0000 53 54 upstream: explicitly include endian.h 55 56 OpenBSD-Commit-ID: 13511fdef7535bdbc35b644c90090013da43a318 57 58commit 11f348196b3fb51c3d8d1f4f36db9d73f03149ed 59Author: djm@openbsd.org <djm@openbsd.org> 60Date: Sun Oct 27 02:06:01 2024 +0000 61 62 upstream: fix ML-KEM768x25519 KEX on big-endian systems; spotted by 63 64 jsg@ feedback/ok deraadt@ 65 66 OpenBSD-Commit-ID: 26d81a430811672bc762687166986cad40d28cc0 67 68commit 19bcb2d90c6caf14abf386b644fb24eb7afab889 69Author: djm@openbsd.org <djm@openbsd.org> 70Date: Thu Sep 26 23:55:08 2024 +0000 71 72 upstream: fix previous change to ssh_config Match, which broken on 73 74 negated Matches; spotted by phessler@ ok deraadt@ 75 76 OpenBSD-Commit-ID: b1c6acec66cd5bd1252feff1d02ad7129ced37c7 77 78commit 66878e12a207fa9746dee3e2bdcca29b704cf035 79Author: djm@openbsd.org <djm@openbsd.org> 80Date: Wed Sep 25 01:24:04 2024 +0000 81 82 upstream: fix regression introduced when I switched the "Match" 83 84 criteria tokeniser to a more shell-like one. Apparently the old tokeniser 85 (accidentally?) allowed "Match criteria=argument" as well as the "Match 86 criteria argument" syntax that we tested for. 87 88 People were using this syntax so this adds back support for 89 "Match criteria=argument" 90 91 bz3739 ok dtucker 92 93 OpenBSD-Commit-ID: d1eebedb8c902002b75b75debfe1eeea1801f58a 94 95commit ff2cd1dd5711ff88efdf26662d6189d980439a1f 96Author: Damien Miller <djm@mindrot.org> 97Date: Wed Sep 25 11:15:45 2024 +1000 98 99 gss-serv.c needs sys/param.h 100 101 From Void Linux 102 103commit 2c12ae8cf9b0b7549ae097c4123abeda0ee63e5b 104Author: Damien Miller <djm@mindrot.org> 105Date: Wed Sep 25 11:13:05 2024 +1000 106 107 build construct_utmp() when USE_BTMP is set 108 109 Fixes compile error on Void Linux/Musl 110 111commit c7fda601186ff28128cfe3eab9c9c0622de096e1 112Author: Christoph Ostarek <christoph@zededa.com> 113Date: Wed Jul 3 12:46:59 2024 +0200 114 115 fix utmpx ifdef 116 117 02e16ad95fb1f56ab004b01a10aab89f7103c55d did a copy-paste for 118 utmpx, but forgot to change the ifdef appropriately 119 120commit 7cf4dc414de689c467e58e49fb83f6609c3ed36b 121Author: Darren Tucker <dtucker@dtucker.net> 122Date: Mon Sep 23 20:54:26 2024 +1000 123 124 Remove non-9.9 branch statuses. 125 126commit 8513f4d30ae85d17b3b08da6bc3be76f8c73123c 127Author: Darren Tucker <dtucker@dtucker.net> 128Date: Mon Sep 23 20:52:31 2024 +1000 129 130 Add 9.9 branch to CI status console. 131 132commit 53a80baaebda180f46e6e8571f3ff800e1f5c496 133Author: Damien Miller <djm@mindrot.org> 134Date: Fri Sep 20 08:20:48 2024 +1000 135 136 autogenerated files for release 137 138commit 46d1fb16b20e971b9ac15e86a3d3e350b49c9ad6 139Author: Damien Miller <djm@mindrot.org> 140Date: Fri Sep 20 08:20:13 2024 +1000 141 142 update version numbers 143 144commit 0bdca1f218971b38728a0a129f482476baff0968 145Author: djm@openbsd.org <djm@openbsd.org> 146Date: Thu Sep 19 22:17:44 2024 +0000 147 148 upstream: openssh-9.9 149 150 OpenBSD-Commit-ID: 303417285f1a73b9cb7a2ae78d3f493bbbe31f98 151 152commit ef2d7f2d3e1b4c9ae71bacf963e76a92ab8be543 153Author: Damien Miller <djm@mindrot.org> 154Date: Wed Sep 18 16:03:23 2024 +1000 155 156 include openbsd-compat/base64.c license in LICENSE 157 158commit 7ef362b989c8d1f7596f557f22e5924b9c08f0ea 159Author: Damien Miller <djm@mindrot.org> 160Date: Wed Sep 18 09:01:23 2024 +1000 161 162 conditionally include mman.h in arc4random code 163 164commit 5fb2b5ad0e748732a27fd8cc16a7ca3c21770806 165Author: Damien Miller <djm@mindrot.org> 166Date: Tue Sep 17 11:53:24 2024 +1000 167 168 fix bug in recently-added sntrup761 fuzzer 169 170 key values need to be static to persist across invocations; 171 spotted by the Qualys Security Advisory team. 172 173commit 0ca128c9ee894f1b0067abd473bfb33171df67f8 174Author: djm@openbsd.org <djm@openbsd.org> 175Date: Mon Sep 16 05:37:05 2024 +0000 176 177 upstream: use 64 bit math to avoid signed underflow. upstream code 178 179 relies on using -fwrapv to provide defined over/underflow behaviour, but we 180 use -ftrapv to catch integer errors and abort the program. ok dtucker@ 181 182 OpenBSD-Commit-ID: 8933369b33c17b5f02479503d0a92d87bc3a574b 183 184commit f82e5e22cad88c81d8a117de74241328c7b101c3 185Author: jmc@openbsd.org <jmc@openbsd.org> 186Date: Sun Sep 15 08:27:38 2024 +0000 187 188 upstream: minor grammar/sort fixes for refuseconnection; ok djm 189 190 OpenBSD-Commit-ID: 1c81f37b138b8b66abba811fec836388a0f3e6da 191 192commit 0c1165fc78e8fe69b5df71f81a8f944554a68b53 193Author: Damien Miller <djm@mindrot.org> 194Date: Sun Sep 15 13:30:13 2024 +1000 195 196 avoid gcc warning in fuzz test 197 198commit ce171d0718104b643854b53443ff72f7283d33f2 199Author: djm@openbsd.org <djm@openbsd.org> 200Date: Sun Sep 15 03:09:44 2024 +0000 201 202 upstream: bad whitespace in config dump output 203 204 OpenBSD-Commit-ID: d899c13b0e8061d209298eaf58fe53e3643e967c 205 206commit 671c440786a5a66216922f15d0007b60f1e6733f 207Author: Damien Miller <djm@mindrot.org> 208Date: Sun Sep 15 12:53:59 2024 +1000 209 210 use construct_utmp to construct btmp records 211 212 Simpler and removes some code with the old-style BSD license. 213 214commit 930cb02b6113df72fbc732b9feb8e4f490952a81 215Author: djm@openbsd.org <djm@openbsd.org> 216Date: Sun Sep 15 02:20:51 2024 +0000 217 218 upstream: update the Streamlined NTRU Prime code from the "ref" 219 220 implementation in SUPERCOP 20201130 to the "compact" implementation in 221 SUPERCOP 20240808. The new version is substantially faster. Thanks to Daniel 222 J Bernstein for pointing out the new implementation (and of course for 223 writing it). 224 225 tested in snaps/ok deraadt@ 226 227 OpenBSD-Commit-ID: bf1a77924c125ecdbf03e2f3df8ad13bd3dafdcb 228 229commit 9306d6017e0ce5dea6824c29ca5ba5673c2923ad 230Author: djm@openbsd.org <djm@openbsd.org> 231Date: Sun Sep 15 01:19:56 2024 +0000 232 233 upstream: document Match invalid-user 234 235 OpenBSD-Commit-ID: 2c84a9b517283e9711e2812c1f268081dcb02081 236 237commit 0118a4da21147a88a56dc8b90bbc2849fefd5c1e 238Author: djm@openbsd.org <djm@openbsd.org> 239Date: Sun Sep 15 01:18:26 2024 +0000 240 241 upstream: add a "Match invalid-user" predicate to sshd_config Match 242 243 options. 244 245 This allows writing Match conditions that trigger for invalid username. 246 E.g. 247 248 PerSourcePenalties refuseconnection:90s 249 Match invalid-user 250 RefuseConnection yes 251 252 Will effectively penalise bots try to guess passwords for bogus accounts, 253 at the cost of implicitly revealing which accounts are invalid. 254 255 feedback markus@ 256 257 OpenBSD-Commit-ID: 93d3a46ca04bbd9d84a94d1e1d9d3a21073fbb07 258 259commit 7875975136f275619427604900cb0ffd7020e845 260Author: djm@openbsd.org <djm@openbsd.org> 261Date: Sun Sep 15 01:11:26 2024 +0000 262 263 upstream: Add a "refuseconnection" penalty class to sshd_config 264 265 PerSourcePenalties 266 267 This allows penalising connection sources that have had connections 268 dropped by the RefuseConnection option. ok markus@ 269 270 OpenBSD-Commit-ID: 3c8443c427470bb3eac1880aa075cb4864463cb6 271 272commit 8d21713b669b8516ca6d43424a356fccc37212bb 273Author: djm@openbsd.org <djm@openbsd.org> 274Date: Sun Sep 15 01:09:40 2024 +0000 275 276 upstream: Add a sshd_config "RefuseConnection" option 277 278 If set, this will terminate the connection at the first authentication 279 request (this is the earliest we can evaluate sshd_config Match blocks) 280 281 ok markus@ 282 283 OpenBSD-Commit-ID: 43cc2533984074c44d0d2f92eb93f661e7a0b09c 284 285commit acad117e66018fe1fa5caf41b36e6dfbd61f76a1 286Author: djm@openbsd.org <djm@openbsd.org> 287Date: Sun Sep 15 00:58:01 2024 +0000 288 289 upstream: switch sshd_config Match processing to the argv tokeniser 290 291 too; ok markus@ 292 293 OpenBSD-Commit-ID: b74b5b0385f2e0379670e2b869318a65b0bc3923 294 295commit baec3f7f4c60cd5aa1bb9adbeb6dfa4a172502a8 296Author: djm@openbsd.org <djm@openbsd.org> 297Date: Sun Sep 15 00:57:36 2024 +0000 298 299 upstream: switch "Match" directive processing over to the argv 300 301 string tokeniser, making it possible to use shell-like quoting in Match 302 directives, particularly "Match exec". ok markus@ 303 304 OpenBSD-Commit-ID: 0877309650b76f624b2194c35dbacaf065e769a5 305 306commit dd424d7c382c2074ab70f1b8ad4f169a10f60ee7 307Author: djm@openbsd.org <djm@openbsd.org> 308Date: Sun Sep 15 00:47:01 2024 +0000 309 310 upstream: include pathname in some of the ssh-keygen passphrase 311 312 prompts. Helps the user know what's going on when ssh-keygen is invoked via 313 other tools. Requested in GHPR503 314 315 OpenBSD-Commit-ID: 613b0bb6cf845b7e787d69a5b314057ceda6a8b6 316 317commit 62bbf8f825cc390ecb0523752ddac1435006f206 318Author: djm@openbsd.org <djm@openbsd.org> 319Date: Sun Sep 15 00:41:18 2024 +0000 320 321 upstream: Do not apply authorized_keys options when signature 322 323 verification fails. Prevents restrictive key options being incorrectly 324 applied to subsequent keys in authorized_keys. bz3733, ok markus@ 325 326 OpenBSD-Commit-ID: ba3776d9da4642443c19dbc015a1333622eb5a4e 327 328commit 49f325fd47af4e53fcd7aafdbcc280e53f5aa5ce 329Author: Wu Weixin <wuweixin@gmail.com> 330Date: Fri Aug 2 22:16:40 2024 +0800 331 332 Fix without_openssl always being set to 1 333 334 In Fedora systems, %{?rhel} is empty. In RHEL systems, %{?fedora} is 335 empty. Therefore, the original code always sets without_openssl to 1. 336 337commit c21c3a2419bbc1c59cb1a16ea356e703e99a90d9 338Author: djm@openbsd.org <djm@openbsd.org> 339Date: Thu Sep 12 00:36:27 2024 +0000 340 341 upstream: Relax absolute path requirement back to what it was prior to 342 343 OpenSSH 9.8, which incorrectly required that sshd was started with an 344 absolute path in inetd mode. bz3717, patch from Colin Wilson 345 346 OpenBSD-Commit-ID: 25c57f22764897242d942853f8cccc5e991ea058 347 348commit 1bc426f51b0a5cfdcfbd205218f0b6839ffe91e9 349Author: naddy@openbsd.org <naddy@openbsd.org> 350Date: Mon Sep 9 14:41:21 2024 +0000 351 352 upstream: document the mlkem768x25519-sha256 key exchange algorithm 353 354 OpenBSD-Commit-ID: fa18dccdd9753dd287e62ecab189b3de45672521 355 356commit 0a2db61a5ffc64d2e2961c52964f933879952fc7 357Author: Darren Tucker <dtucker@dtucker.net> 358Date: Tue Sep 10 21:11:14 2024 +1000 359 360 Spell omnios test host correctly. 361 362commit 059ed698a47c9af541a49cf754fd09f984ac5a21 363Author: Darren Tucker <dtucker@dtucker.net> 364Date: Tue Sep 10 18:52:02 2024 +1000 365 366 Add omnios test target. 367 368commit f4ff91575a448b19176ceaa8fd6843a25f39d572 369Author: Darren Tucker <dtucker@dtucker.net> 370Date: Tue Sep 10 18:45:55 2024 +1000 371 372 Wrap stdint.h in ifdef. 373 374commit ff714f001d20a9c843ee1fd9d92a16d40567d264 375Author: Darren Tucker <dtucker@dtucker.net> 376Date: Mon Sep 9 19:31:54 2024 +1000 377 378 Also test PAM on dfly64. 379 380commit 509b757c052ea969b3a41fc36818b44801caf1cf 381Author: Damien Miller <djm@mindrot.org> 382Date: Mon Sep 9 21:50:14 2024 +1000 383 384 stubs for ML-KEM KEX functions 385 386 used for C89 compilers 387 388commit 273581210c99ce7275b8efdefbb9f89e1c22e341 389Author: Damien Miller <djm@mindrot.org> 390Date: Mon Sep 9 17:30:38 2024 +1000 391 392 declare defeat trying to detect C89 compilers 393 394 I can't find a reliable way to detect the features the ML-KEM code 395 requires in configure. Give up for now and use VLA support (that we 396 can detect) as a proxy for "old compiler" and turn off ML-KEM if 397 it isn't supported. 398 399commit e8a0f19b56dfa20f98ea9876d7171ec315fb338a 400Author: Damien Miller <djm@mindrot.org> 401Date: Mon Sep 9 16:46:40 2024 +1000 402 403 fix previous; check for C99 compound literals 404 405 The previous commit was incorrect (or at least insufficient), the 406 ML-KEM code is actually using compound literals, so test for them. 407 408commit 7c07bec1446978bebe0780ed822c8fedfb377ae8 409Author: Damien Miller <djm@mindrot.org> 410Date: Mon Sep 9 16:06:21 2024 +1000 411 412 test for compiler feature needed for ML-KEM 413 414 The ML-KEM implementation we uses need the compiler to support 415 C99-style named struct initialisers (e.g foo = {.bar = 1}). We 416 still support (barely) building OpenSSH with older compilers, so 417 add a configure test for this. 418 419commit d469d5f348772058789d35332d1ccb0b109c28ef 420Author: djm@openbsd.org <djm@openbsd.org> 421Date: Mon Sep 9 03:13:39 2024 +0000 422 423 upstream: test mlkem768x25519-sha256 424 425 OpenBSD-Regress-ID: 7baf6bc39ae55648db1a2bfdc55a624954847611 426 427commit 62fb2b51bb7f6863c3ab697f397b2068da1c993f 428Author: djm@openbsd.org <djm@openbsd.org> 429Date: Mon Sep 9 02:39:57 2024 +0000 430 431 upstream: pull post-quantum ML-KEM/x25519 key exchange out from 432 433 compile-time flag now than an IANA codepoint has been assigned for the 434 algorithm. 435 436 Add mlkem768x25519-sha256 in 2nd KexAlgorithms preference slot. 437 438 ok markus@ 439 440 OpenBSD-Commit-ID: 9f50a0fae7d7ae8b27fcca11f8dc6f979207451a 441 442commit a8ad7a2952111c6ce32949a775df94286550af6b 443Author: djm@openbsd.org <djm@openbsd.org> 444Date: Fri Sep 6 02:30:44 2024 +0000 445 446 upstream: make parsing user@host consistently look for the last '@' in 447 448 the string rather than the first. This makes it possible to use usernames 449 that contain '@' characters. 450 MIME-Version: 1.0 451 Content-Type: text/plain; charset=UTF-8 452 Content-Transfer-Encoding: 8bit 453 454 Prompted by Max Zettlmeißl; feedback/ok millert@ 455 456 OpenBSD-Commit-ID: 0b16eec246cda15469ebdcf3b1e2479810e394c5 457 458commit 13cc78d016b67a74a67f1c97c7c348084cd9212c 459Author: djm@openbsd.org <djm@openbsd.org> 460Date: Wed Sep 4 05:33:34 2024 +0000 461 462 upstream: be more strict in parsing key type names. Only allow 463 464 shortnames (e.g "rsa") in user-interface code and require full SSH protocol 465 names (e.g. "ssh-rsa") everywhere else. 466 467 Prompted by bz3725; ok markus@ 468 469 OpenBSD-Commit-ID: b3d8de9dac37992eab78adbf84fab2fe0d84b187 470 471commit ef8472309a68e319018def6f8ea47aeb40d806f5 472Author: djm@openbsd.org <djm@openbsd.org> 473Date: Wed Sep 4 05:11:33 2024 +0000 474 475 upstream: fix RCSID in output 476 477 OpenBSD-Commit-ID: 889ae07f2d2193ddc4351711919134664951dd76 478 479commit ba2ef20c75c5268d4d1257adfc2ac11c930d31e1 480Author: jmc@openbsd.org <jmc@openbsd.org> 481Date: Tue Sep 3 06:17:48 2024 +0000 482 483 upstream: envrionment -> environment; 484 485 OpenBSD-Commit-ID: b719f39c20e8c671ec6135c832d6cc67a595af9c 486 487commit e66c0c5673a4304a3a9fbf8305c6a19f8653740f 488Author: Damien Miller <djm@mindrot.org> 489Date: Wed Sep 4 15:35:29 2024 +1000 490 491 add basic fuzzers for our import of sntrup761 492 493commit d19dea6330ecd4eb403fef2423bd7e127f4c9828 494Author: djm@openbsd.org <djm@openbsd.org> 495Date: Tue Sep 3 05:58:56 2024 +0000 496 497 upstream: regression test for Include variable expansion 498 499 OpenBSD-Regress-ID: 35477da3ba1abd9ca64bc49080c50a9c1350c6ca 500 501commit 8c4d6a628051e318bae2f283e8dc38b896400862 502Author: djm@openbsd.org <djm@openbsd.org> 503Date: Tue Sep 3 05:29:55 2024 +0000 504 505 upstream: allow the "Include" directive to expand the same set of 506 507 %-tokens that "Match Exec" and environment variables. 508 509 ok dtucker@ 510 511 OpenBSD-Commit-ID: 12ef521eaa966a9241e684258564f52f1f3c5d37 512 513commit 51b82648b6827675fc0cde21175fd1ed8e89aab2 514Author: djm@openbsd.org <djm@openbsd.org> 515Date: Mon Sep 2 12:18:35 2024 +0000 516 517 upstream: missing ifdef 518 519 OpenBSD-Commit-ID: 85f09da957dd39fd0abe08fe5ee19393f25c2021 520 521commit f68312eb593943127b39ba79a4d7fa438c34c153 522Author: djm@openbsd.org <djm@openbsd.org> 523Date: Mon Sep 2 12:13:56 2024 +0000 524 525 upstream: Add experimental support for hybrid post-quantum key exchange 526 527 ML-KEM768 with ECDH/X25519 from the Internet-draft: 528 https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 529 530 This is based on previous patches from markus@ but adapted to use the 531 final FIPS203 standard ML-KEM using a formally-verified implementation 532 from libcrux. 533 534 Note this key exchange method is still a draft and thus subject to 535 change. It is therefore disabled by default; set MLKEM=yes to build it. 536 We're making it available now to make it easy for other SSH 537 implementations to test against it. 538 539 ok markus@ deraadt@ 540 541 OpenBSD-Commit-ID: 02a8730a570b63fa8acd9913ec66353735dea42c 542 543commit 05f2b141cfcc60c7cdedf9450d2b9d390c19eaad 544Author: Antonio Larrosa <alarrosa@suse.com> 545Date: Fri Aug 23 12:21:06 2024 +0200 546 547 Don't skip audit before exitting cleanup_exit 548 549 This fixes an issue where the SSH_CONNECTION_ABANDON event is not 550 audited because cleanup_exit overrides the regular _exit too soon and 551 as a result, failed auth attempts are not logged correctly. 552 553 The problem was introduced in 81c1099d22b81ebfd20a334ce986c4f753b0db29 554 where the code from upstream was merged before the audit_event call when 555 it should have been merged right before the _exit call in order to honor 556 the comment that just mentions an override of the exit value. 557 558commit 16eaf9d401e70996f89f3f417738a8db421aa959 559Author: djm@openbsd.org <djm@openbsd.org> 560Date: Wed Aug 28 12:08:26 2024 +0000 561 562 upstream: fix test: -F is the argument to specify a non-default 563 564 ssh_config, not -f (this is sadly not a new bug) 565 566 OpenBSD-Regress-ID: 45a7bda4cf33f2cea218507d8b6a55cddbcfb322 567 568commit 10ccf611ab8ecba9ce6b0548c5ccd8c1220baf92 569Author: deraadt@openbsd.org <deraadt@openbsd.org> 570Date: Fri Aug 23 04:51:00 2024 +0000 571 572 upstream: As defined in the RFC, the SSH protocol has negotiable 573 574 compression support (which is requested as the name "zlib"). Compression 575 starts very early in the session. Relative early in OpenSSH lifetime, privsep 576 was added to sshd, and this required a shared-memory hack so the two 577 processes could see what was going on in the dataflow. This shared-memory 578 hack was soon recognized as a tremendous complexity risk, because it put libz 579 (which very much trusts it's memory) in a dangerous place, and a new option 580 ("zlib@openssh.com") was added begins compression after authentication (aka 581 delayed-compression). That change also permitted removal of the 582 shared-memory hack. Despite removal from the server, the old "zlib" support 583 remained in the client, to allow negotiation with non-OpenSSH daemons which 584 lack the delayed-compression option. This commit deletes support for the 585 older "zlib" option in the client. It reduces our featureset in a small way, 586 and encourages other servers to move to a better design. The SSH protocol is 587 different enough that compressed-key-material attacks like BEAST are 588 unlikely, but who wants to take the chance? We encourage other ssh servers 589 who care about optional compression support to add delayed-zlib support. 590 (Some already do "zlib@openssh.com") ok djm markus 591 592 OpenBSD-Commit-ID: 6df986f38e4ab389f795a6e39e7c6857a763ba72 593 594commit aee54878255d71bf93aa6e91bbd4eb1825c0d1b9 595Author: djm@openbsd.org <djm@openbsd.org> 596Date: Thu Aug 22 23:11:30 2024 +0000 597 598 upstream: sntrup761x25519-sha512 now has an IANA codepoint assigned, so 599 600 we can make the algorithm available without the @openssh.com suffix too. ok 601 markus@ deraadt@ 602 603 OpenBSD-Commit-ID: eeed8fcde688143a737729d3d56d20ab4353770f 604 605commit a76a6b85108e3032c8175611ecc5746e7131f876 606Author: Darren Tucker <dtucker@dtucker.net> 607Date: Thu Aug 22 20:36:12 2024 +1000 608 609 Move rekey test into valgrind-2. 610 611 Now that the rekey test has been optimized it's fast enough to not be in 612 its own valgrind test, so move it into valgrind-2, which is currently 613 the quickest of the others, bringing all of them to roughly the same 614 runtime of ~1.1 hours. 615 616commit 7e75e3f57c41b9a6e6401e7674d7c2ff5c33975b 617Author: dtucker@openbsd.org <dtucker@openbsd.org> 618Date: Thu Aug 22 10:21:02 2024 +0000 619 620 upstream: Use aes128-ctr for MAC tests since default has implicit MAC. 621 622 Also verify that the Cipher or MAC we intended to use is actually the one 623 selected during the test. 624 625 OpenBSD-Regress-ID: ff43fed30552afe23d1364526fe8cf88cbfafe1d 626 627commit ebc890b8b4ba08c84cd1066b7b94b2b11f6c4cb4 628Author: Damien Miller <djm@mindrot.org> 629Date: Thu Aug 22 09:45:49 2024 +1000 630 631 fix incorrect default for PasswordAuthentication 632 633 merge botch spotted by gsgleason 634 635commit 15ace435ea1c2fab2a1cc7d9c3157fe20c776b80 636Author: dtucker@openbsd.org <dtucker@openbsd.org> 637Date: Wed Aug 21 10:33:27 2024 +0000 638 639 upstream: Some awks won't match on the \r so delete it instead. Fixes 640 641 regress in portable on, eg Solaris. 642 643 OpenBSD-Regress-ID: 44a96d6d2f8341d89b7d5fff777502b92ac9e9ba 644 645commit 51c96b6ed627779a04493a8fe25747996a37f3c2 646Author: dtucker@openbsd.org <dtucker@openbsd.org> 647Date: Wed Aug 21 07:06:27 2024 +0000 648 649 upstream: Import regenerated moduli. 650 651 OpenBSD-Commit-ID: 5db7049ad5558dee5b2079d3422e8ddab187c1cc 652 653commit 25c52f37a82c4da48ec537de37d7c168982b8d6d 654Author: dtucker@openbsd.org <dtucker@openbsd.org> 655Date: Wed Aug 21 06:59:08 2024 +0000 656 657 upstream: Use curve25519-sha256 kex where possible. 658 659 Except where we're explicitly testing a different kex, use 660 curve25519-sha256 since it's faster than the default and supported even 661 when configured without OpenSSL. Add a check to ensure that the kex we 662 intended to test is the one we actually tested. Speeds test up by ~5%. 663 664 OpenBSD-Regress-ID: 3b27fcc2ae953cb08fd82a0d3155c498b226d6e0 665 666commit 3eb62b7ba49483c309b483eb9002a679014f3887 667Author: dtucker@openbsd.org <dtucker@openbsd.org> 668Date: Tue Aug 20 12:36:59 2024 +0000 669 670 upstream: Send only as much data as needed to trigger rekeying. Speeds 671 672 up tests by about 10% in the common case, hopefully more when instrumented 673 with something like valgrind. 674 675 OpenBSD-Regress-ID: 7bf9292b4803357efcf0baf7cfbdc8521f212da1 676 677commit cbd3f034bbf7853618fac99d7d868a2250154ea7 678Author: Damien Miller <djm@mindrot.org> 679Date: Wed Aug 21 09:18:29 2024 +1000 680 681 simplify sshkey_prekey_alloc(); always use mmap 682 683commit 4442bbc2fc661277a6dabfedb756a7e15ee8b8b8 684Author: dtucker@openbsd.org <dtucker@openbsd.org> 685Date: Tue Aug 20 09:15:49 2024 +0000 686 687 upstream: Merge AEAD test into main test loop. 688 689 Removes 3 duplicate tests and speeds overall test up by about 1%. 690 691 OpenBSD-Regress-ID: 5e5c9ff3f7588091ed369e34ac28520490ad2619 692 693commit 829976a63fd1efae3a4c3e7c16fded59d92edb67 694Author: dtucker@openbsd.org <dtucker@openbsd.org> 695Date: Tue Aug 20 09:02:45 2024 +0000 696 697 upstream: Set a default RekeyLimit of 256k. 698 699 Used unless overridden by a command-line flag, which simplifies some of 700 the ssh command lines. 701 702 OpenBSD-Regress-ID: e7cffa57027088e10336e412b34113969f88cb87 703 704commit 57d02c9ea36aebad4e7146d46e041b6b2e582f7f 705Author: dtucker@openbsd.org <dtucker@openbsd.org> 706Date: Tue Aug 20 07:52:43 2024 +0000 707 708 upstream: Add Compression=no to default ssh_config. 709 710 All of the rekey tests use it (otherwise the encrypted byte counts would 711 not match) so this lets us simplify the command lines. 712 713 OpenBSD-Regress-ID: dab7ce10f4cf6c68827eb8658141272aab3ea262 714 715commit 7254eb26f7c0772c4b47c3b32f6d1b15855cdd8c 716Author: dtucker@openbsd.org <dtucker@openbsd.org> 717Date: Tue Aug 20 07:41:35 2024 +0000 718 719 upstream: Remove duplicate curve25519-sha256 kex. 720 721 curve25519-sha256@libssh.org is the pre-standardization name for the same 722 thing, so remove it as a duplicate. Speeds up test by a tiny amount. 723 724 OpenBSD-Regress-ID: 5a5ee5fa1595a6e140b1cc16040bedf5996a5715 725 726commit 749896b874928c2785256cae4d75161dc3bfcc7d 727Author: dtucker@openbsd.org <dtucker@openbsd.org> 728Date: Tue Aug 20 07:27:25 2024 +0000 729 730 upstream: Unnest rekey param parsing test and use ssh not sshd. 731 732 ssh uses the same parsing code, now has "-G" to dump its config and is 733 slightly faster to start up. This speeds up the test slightly (~5%) in the 734 common case but should help more during instrumented tests, eg under 735 valgrind, where startup costs are magnified. 736 737 OpenBSD-Regress-ID: 07c3acaf4c728e641033071f4441afc88141b0d0 738 739commit 2b1762115481ff2b7a60fd4db2ae69b725437462 740Author: djm@openbsd.org <djm@openbsd.org> 741Date: Tue Aug 20 11:10:04 2024 +0000 742 743 upstream: actually use the length parameter that was passed in rather 744 745 than a constant (this makes no difference in practice because the length is 746 always the same); reported by martin AT nmkd.net 747 748 OpenBSD-Commit-ID: 4aecce232c2fe9b16e9217ff6bcb3c848d853e7e 749 750commit d922762ca16a7381131b242f49d7376c41fabcb5 751Author: Damien Miller <djm@mindrot.org> 752Date: Tue Aug 20 13:55:30 2024 +1000 753 754 private key coredump protection for Linux/FreeBSD 755 756 platforms not supporting coredump exclusion using mmap/madvise flags 757 fall back to plain old malloc(3). 758 759commit cc048ca536d6bed6f2285b07040b0d57cd559ba5 760Author: djm@openbsd.org <djm@openbsd.org> 761Date: Tue Aug 20 03:48:30 2024 +0000 762 763 upstream: place shielded keys (i.e. keys at rest in RAM) into memory 764 765 allocated using mmap(3) with MAP_CONCEAL set. This prevents exposure of the 766 key material in coredumps, etc (this is in addition to other measures we take 767 in this area). 768 769 ok deraadt@ 770 771 OpenBSD-Commit-ID: cbbae59f337a00c9858d6358bc65f74e62261369 772 773commit a0b35c791cad1f85481b23ba46373060292e1c80 774Author: djm@openbsd.org <djm@openbsd.org> 775Date: Sat Aug 17 08:35:04 2024 +0000 776 777 upstream: mention that ed25519 is the default key type generated and 778 779 clarify that rsa-sha2-512 is the default signature scheme when RSA is in use. 780 Based on GHPR505 from SebastianRzk 781 782 OpenBSD-Commit-ID: 1d90df71636a04601685d2a10a8233bcc8d4f4c5 783 784commit 127a50f2c80572ed1a021feb11ecf941e92cbbef 785Author: djm@openbsd.org <djm@openbsd.org> 786Date: Sat Aug 17 08:23:04 2024 +0000 787 788 upstream: fix minor memory leak in Subsystem option parsing; from 789 790 Antonio Larrosa via GHPR515 791 792 OpenBSD-Commit-ID: fff3bbefd1b2c45c98cbe45c6b857b15d8a2d364 793 794commit 171427261d2079941eb1041079dbae875da37cbc 795Author: djm@openbsd.org <djm@openbsd.org> 796Date: Sat Aug 17 08:09:50 2024 +0000 797 798 upstream: fix swapping of source and destination addresses in some sshd 799 800 log messages 801 802 OpenBSD-Commit-ID: 24d4cbb86325275df1f037545aa3b91456e52d25 803 804commit 2a50a8f1fa57857a5e124a2280bcf61cc63c77f7 805Author: Darren Tucker <dtucker@dtucker.net> 806Date: Sat Aug 17 11:10:19 2024 +1000 807 808 Add compat functions for EVP_Digest{Sign,Verify}. 809 810 This should make LibreSSL 3.1.x through 3.3.x work again. Code from 811 tb@, ok djm@. Restore the test configs covering those. 812 813commit 1c3a7145260e03037cc18715b883880836fd122d 814Author: Philip Hands <phil@hands.com> 815Date: Thu Aug 8 13:03:51 2024 +0200 816 817 make sure that usage & man page match 818 819 SSH-Copy-ID-Upstream: da5b1abe55b72a16e0430e7598e1573da01779c0 820 821commit cd0d681645b9adcf2467e7838bfd9d5142de4c4e 822Author: Philip Hands <phil@hands.com> 823Date: Thu Aug 8 13:01:47 2024 +0200 824 825 update copyright notices 826 827 Bump the year to 2024, but also reflect the fact that hands.com Ltd. has 828 been wound up in the UK, and its assets (including this copyright) have 829 now reverted to its owner, Philip Hands. 830 831 SSH-Copy-ID-Upstream: 0e4c4d072747a6568b11a790c29dd1b4ce663d7f 832 833commit 7fc9ccdce18841ebd0a97e31e43258512ab32a32 834Author: Philip Hands <phil@hands.com> 835Date: Sun Aug 4 20:45:00 2024 +0200 836 837 restore optionality of -i's argument 838 839 SSH-Copy-ID-Upstream: f70e3abb510e4eeb040b47894e41828246c1b720 840 841commit c37aa7012b1a3c2c322fd19e71310aadc90fc674 842Author: Philip Hands <phil@hands.com> 843Date: Fri Aug 2 15:52:07 2024 +0200 844 845 avoid exploring .ssh/id*.pub subdirectories 846 847 SSH-Copy-ID-Upstream: 0b9e08b7707ad16de3c8e6a0410d9f42fbd56997 848 849commit 777dce9e2e0d12f7e81e162f77749f30899869fe 850Author: Philip Hands <phil@hands.com> 851Date: Fri Aug 2 10:07:11 2024 +0200 852 853 ensure that we're always told the source of keys 854 855 SSH-Copy-ID-Upstream: 1bee96f4793e8ec3fab9f9361204ae58f5cc7cae 856 857commit fb94fd2339848e40cad6c9bb42b822244cc1a7bc 858Author: Philip Hands <phil@hands.com> 859Date: Wed Jul 31 23:19:51 2024 +0200 860 861 add $HOME to ERROR if one cannot write to ~/.ssh 862 863 SSH-Copy-ID-Upstream: ebef3e9c06e0447bff06e9d84b33023cf592e0ba 864 865commit eb5aafa1ffaeee75799141ec5ded406a65ec7d18 866Author: Philip Hands <phil@hands.com> 867Date: Wed Jul 31 23:19:03 2024 +0200 868 869 assert that SCRATCH_DIR is a writable directory 870 871 SSH-Copy-ID-Upstream: ecb2b9d10883b9a16df56c83896c9bb47a80cde2 872 873commit abcc460a2af46f0d812f8433d97a8eae1d80724c 874Author: Philip Hands <phil@hands.com> 875Date: Wed Jul 31 23:17:54 2024 +0200 876 877 quote to avoid potential for word splitting 878 879 SSH-Copy-ID-Upstream: f379adbe06ac2ef1daf0f130752234c7f8b97e3c 880 881commit b3f91411fd1473605f74c40c1a91a024c7171e27 882Author: Philip Hands <phil@hands.com> 883Date: Wed Jul 31 23:15:11 2024 +0200 884 885 ensure ERROR output goes to STDERR 886 887 SSH-Copy-ID-Upstream: ac394b05eead3b91feb7c2ae4129a3e9b892f1e2 888 889commit 674b8f30f0dbacd787eb1e4e7e1ece34b5543d8f 890Author: Philip Hands <phil@hands.com> 891Date: Thu Aug 1 14:03:06 2024 +0200 892 893 avoid extra space when no arg given to -i option 894 895 SSH-Copy-ID-Upstream: feca9e67e6e37c5653445d1c733569d7abb1770e 896 897commit 0efa0e1c41427c0c6ba839a18c72c1afcd7b7cc0 898Author: Philip Hands <phil@hands.com> 899Date: Wed Jul 31 23:28:36 2024 +0200 900 901 put the -i before -[pP] (matching man pages) 902 903 The man pages (ssh, sftp & ssh-copy-id) all list -i before the port 904 setting, so make the output match that order, which also seems more 905 natural with the port being next to the server. 906 907 SSH-Copy-ID-Upstream: 34d5d614172c78f9a42249466c4b81975b8883a1 908 909commit 87831345e9745f2d13bd7a4a7972809f6788f331 910Author: Shreyas Mahangade <smahanga@redhat.com> 911Date: Mon Jul 29 15:26:05 2024 +0000 912 913 Minor space issue fixed 914 915 SSH-Copy-ID-Upstream: 335e44d7be78b03962a54c3a5c99a2ff45294a54 916 917commit 2f3010f4736b4b3f5c10a4be97a24e90ff04c5e7 918Author: Shreyas Mahangade <smahanga@redhat.com> 919Date: Mon Jul 29 16:55:28 2024 +0530 920 921 Show identity file in 'ssh' command 922 923 - Previously no identity file is shown in "ssh" command output on the line "Now try logging into the..." 924 - This commit makes sure whenever "ssh-copy-id" with "-i" is invoked, it also reflects in "ssh" command 925 926 SSH-Copy-ID-Upstream: 58e022ec26cb2315eb3be581d01e0ba787082428 927 928commit a13856374b894397a7682b32257ed0bf67cfede9 929Author: Damien Miller <djm@mindrot.org> 930Date: Fri Aug 16 08:30:20 2024 +1000 931 932 more OPENSSL_HAS_ECC 933 934commit 4da2a1a7f648979bea6eaf3b17f5f250faed4afc 935Author: Damien Miller <djm@mindrot.org> 936Date: Thu Aug 15 23:35:54 2024 +1000 937 938 fix merge botch that broke !OPENSSL_HAS_ECC 939 940commit 2c53d2f32b8e3992b61682c909ae5bc5122b6e5d 941Author: Damien Miller <djm@mindrot.org> 942Date: Thu Aug 15 15:09:45 2024 +1000 943 944 missed OPENSSL_HAS_ECC case 945 946commit 342dd7a219f39119b8b686b5aaa99c8e15ede368 947Author: Damien Miller <djm@mindrot.org> 948Date: Thu Aug 15 15:06:55 2024 +1000 949 950 retire testing aginst older LibreSSL versions 951 952 libressl prior to 3.4.x lack support for the EVP_DigestSign and 953 EVP_DigestVerify APIs that we need now that sshkey is converted 954 to EVP_PKEY. 955 956 If someone makes a good case for why we should support these versions 957 then we could bring back support with wrappers. 958 959commit a7c6ea8eebe0f179141ec5dbf0c9e5354417930f 960Author: Damien Miller <djm@mindrot.org> 961Date: Thu Aug 15 12:44:17 2024 +1000 962 963 sync TEST_MALLOC_OPTIONS for OpenBSD 964 965commit 60c2cf22e8f64f35d8b1175e4671257313f2e4d3 966Author: Damien Miller <djm@mindrot.org> 967Date: Thu Aug 15 12:43:47 2024 +1000 968 969 remove gratuitious difference from OpenBSD 970 971commit 339c4fc60a6250429d41fa8713f783d82aad4551 972Author: djm@openbsd.org <djm@openbsd.org> 973Date: Thu Aug 15 00:52:23 2024 +0000 974 975 upstream: adapt to EVP_PKEY conversion 976 977 OpenBSD-Regress-ID: 0e2d4efb0ed0e392e23cd8fda183fe56531ac446 978 979commit 63a94f99b9d7c8a48182a40192e45879d1ba8791 980Author: djm@openbsd.org <djm@openbsd.org> 981Date: Fri Jul 19 04:33:36 2024 +0000 982 983 upstream: test transfers in mux proxy mode too 984 985 OpenBSD-Regress-ID: 2edfc980628cfef3550649cab8d69fa23b5cd6c4 986 987commit 7bdfc20516e288b58c8c847958059c7b141eeff9 988Author: djm@openbsd.org <djm@openbsd.org> 989Date: Thu Aug 15 00:51:51 2024 +0000 990 991 upstream: Convert RSA and ECDSA key to the libcrypto EVP_PKEY API. 992 993 DSA remains unconverted as it will be removed within six months. 994 995 Based on patches originally from Dmitry Belyavskiy, but significantly 996 reworked based on feedback from Bob Beck, Joel Sing and especially 997 Theo Buehler (apologies to anyone I've missed). 998 999 ok tb@ 1000 1001 OpenBSD-Commit-ID: d098744e89f1dc7e5952a6817bef234eced648b5 1002 1003commit 0af06e2c5b898992a18c74333e75a0136506acc6 1004Author: tobias@openbsd.org <tobias@openbsd.org> 1005Date: Wed Aug 14 15:42:18 2024 +0000 1006 1007 upstream: Reorder calloc arguments 1008 1009 The first argument should be the amount, the second argument should be the 1010 element size. Fixing this also silences some gcc compiler warnings for 1011 portable. 1012 1013 Spotted with Benny Baumann (BenBE at geshi dot org). 1014 1015 ok djm@ 1016 1017 OpenBSD-Commit-ID: 711ad6f7bd7fb48bf52208f2cf9f108cddb6d41a 1018 1019commit 56ce0aa3c6cf28d9fcbce3207457abeac91b5050 1020Author: tobias@openbsd.org <tobias@openbsd.org> 1021Date: Wed Aug 14 15:40:30 2024 +0000 1022 1023 upstream: Extend sshbuf validation 1024 1025 Multiple sshbuf structs can be linked through a parent/child relationship. 1026 Make sure that a single sshbuf cannot be its own parent. If this would ever 1027 happen, it would result in reference counting issues. 1028 1029 This is a cheap way of testing this with very little overhead. It does not 1030 detect A->B->A linkages though for performance reason and the fact that it 1031 takes a programming error for this to occur anyway. 1032 1033 Authored with Benny Baumann (BenBE at geshi dot org). 1034 1035 ok djm@ 1036 1037 OpenBSD-Commit-ID: fb3fa9ee2cad3c7e842ebadfd7f5db220c4aaf16 1038 1039commit fc48ddf6998188517af42dce807e2088b6a0c0be 1040Author: tobias@openbsd.org <tobias@openbsd.org> 1041Date: Wed Aug 14 15:37:11 2024 +0000 1042 1043 upstream: Use freezero for better readability 1044 1045 It has the same meaning as the current pair of calling explicit_bzero 1046 and free. Spotted with Benny Baumann (BenBE at geshi dot org). 1047 1048 ok djm@ 1049 1050 OpenBSD-Commit-ID: 939fbe9ccf52d0d48c5fa53694d6f3bb9927970c 1051 1052commit 1ff6907ec26dac6ac59fe9fe232899a63b4c14d8 1053Author: tobias@openbsd.org <tobias@openbsd.org> 1054Date: Wed Aug 14 15:35:23 2024 +0000 1055 1056 upstream: Fix typo in comment 1057 1058 Spotted with Benny Baumann (BenBE at geshi dot org). 1059 1060 ok djm@ 1061 1062 OpenBSD-Commit-ID: 829160ac8ef3ad3409695ce3a3ade835061cae57 1063 1064commit 487faaed8f3bb9ffb19e8f807a3da72895b16421 1065Author: dlg@openbsd.org <dlg@openbsd.org> 1066Date: Wed Jul 31 12:00:18 2024 +0000 1067 1068 upstream: add a random amount of time (up to 4 seconds) to the 1069 1070 grace login time. 1071 1072 ok deraadt@ djm@ 1073 1074 OpenBSD-Commit-ID: abd3c57aaa5861517529b322df79b6be35ee67f4 1075 1076commit 2865f5b7520bed3e74fbbb5f8d7a44193d7a4314 1077Author: naddy@openbsd.org <naddy@openbsd.org> 1078Date: Fri Jul 26 15:24:49 2024 +0000 1079 1080 upstream: document the reduced logingrace penalty 1081 1082 OpenBSD-Commit-ID: 9b63e0e3599d524ddc10edc4f978081382c3548b 1083 1084commit 1ec0a64c5dc57b8a2053a93b5ef0d02ff8598e5c 1085Author: Darren Tucker <dtucker@dtucker.net> 1086Date: Sun Jul 28 21:26:51 2024 +1000 1087 1088 Explicitly install libssl-devel cygwin. 1089 1090 Should fix CI tests for cygwin default config. 1091 1092commit 0bf6e5bb750b66b25c20a1c5a471f91850de3748 1093Author: djm@openbsd.org <djm@openbsd.org> 1094Date: Thu Jul 25 23:44:01 2024 +0000 1095 1096 upstream: reduce logingrace penalty. 1097 1098 A single forgotton login that times out should be below the penalty 1099 threshold. 1100 1101 ok deraadt/claudio 1102 1103 OpenBSD-Commit-ID: cee1f7d17597c97bff8e5092af5d136fdb08f81d 1104 1105commit 29fb6f6d46b67770084b4f12bcf8a01bd535041b 1106Author: djm@openbsd.org <djm@openbsd.org> 1107Date: Thu Jul 25 22:40:08 2024 +0000 1108 1109 upstream: Fix proxy multiplexing (-O proxy) bug 1110 1111 If a mux started with ControlPersist then later has a forwarding added using 1112 mux proxy connection and the forwarding was used, then when the mux proxy 1113 session terminates, the mux master process will send a channel close to the 1114 server with a bad channel ID and crash the connection. 1115 1116 This was caused by my stupidly reusing c->remote_id for mux channel 1117 associations when I should have just added another member to struct channel. 1118 1119 ok markus@ 1120 1121 OpenBSD-Commit-ID: c9f474e0124e3fe456c5e43749b97d75e65b82b2 1122 1123commit 53d1d307438517805989c7d5616d752739a97e03 1124Author: djm@openbsd.org <djm@openbsd.org> 1125Date: Thu Jul 18 01:47:27 2024 +0000 1126 1127 upstream: mention mux proxy mode 1128 1129 OpenBSD-Commit-ID: fd77a77779f06d316a314e4540dc57c93fc3369a 1130 1131commit a9b90859d252c2f5a24142f985d38610ac74685f 1132Author: jsg@openbsd.org <jsg@openbsd.org> 1133Date: Sun Jul 14 10:19:23 2024 +0000 1134 1135 upstream: fix double word; ok dtucker@ 1136 1137 OpenBSD-Commit-ID: e6aff005914fa350b896d2be030be3d3b56ec0e8 1138 1139commit b05fda224bbcd2f641254534ed2175c42487f3c8 1140Author: Darren Tucker <dtucker@dtucker.net> 1141Date: Thu Jul 25 17:59:35 2024 +1000 1142 1143 Check for SA_RESTART before using it. 1144 1145 ok djm@ 1146 1147commit c276672fc0e99f0c4389988d54a84c203ce325b6 1148Author: Yuichiro Naito <naito.yuichiro@gmail.com> 1149Date: Wed Sep 1 10:19:32 2021 +0900 1150 1151 Class-imposed login restrictions 1152 1153 If the following functions are available, 1154 add an additional check if users are allowed to login imposed by login class. 1155 1156 * auth_hostok(3) 1157 * auth_timeok(3) 1158 1159 These functions are implemented on FreeBSD. 1160 1161commit 7717b9e9155209916cc6b4b4b54f4e8fa578e889 1162Author: djm@openbsd.org <djm@openbsd.org> 1163Date: Wed Jul 10 21:58:34 2024 +0000 1164 1165 upstream: correct keyword; from Yatao Su via GHPR509 1166 1167 OpenBSD-Commit-ID: 81c778c76dea7ef407603caa157eb0c381c52ad2 1168 1169commit f2b78bb8f149d6b4d1f62c21aa1f06995dccf4ce 1170Author: djm@openbsd.org <djm@openbsd.org> 1171Date: Mon Jul 8 03:04:34 2024 +0000 1172 1173 upstream: don't need return at end of void function 1174 1175 OpenBSD-Commit-ID: 42d322d37f13aa075ae7b1ad9eef591e20b89717 1176 1177commit a395d37a813c0177cb5bfc4bebf5a52badb73cf0 1178Author: djm@openbsd.org <djm@openbsd.org> 1179Date: Thu Jul 4 22:53:59 2024 +0000 1180 1181 upstream: fix grammar: "a pattern lists" -> "one or more pattern 1182 1183 lists" 1184 1185 OpenBSD-Commit-ID: f3c844763398faa9800687e8ff6621225498202a 1186 1187commit 8b664df75966e5aed8dabea00b8838303d3488b8 1188Author: Darren Tucker <dtucker@dtucker.net> 1189Date: Sun Jul 7 18:46:19 2024 +1000 1190 1191 Cast to sockaddr * in systemd interface. 1192 1193 Fixes build with musl libx. bz#3707. 1194 1195commit 30c8c81da2169e78357d08dbb0ddd823b60e93bc 1196Author: Darren Tucker <dtucker@dtucker.net> 1197Date: Thu Jul 4 20:12:26 2024 +1000 1198 1199 Add 9.8 branch to ci-status page. 1200 1201commit ee6b9e661633fcefd29dba0c811cecbc4d027f6f 1202Author: Samuel Thibault <samuel.thibault@ens-lyon.org> 1203Date: Tue Mar 26 22:15:08 2024 +0100 1204 1205 Fix detection of setres*id on GNU/Hurd 1206 1207 Like Linux, proper _SOURCE macros need to be set to get declarations of 1208 various standard functions, notably setres*id. Now that Debian is using 1209 -Werror=implicit-function-declaration this is really required. While at 1210 it, define other _SOURCE macros like on GNU/Linux, since GNU/Hurd uses 1211 the same glibc. 1212 1213commit fa41f6592ff1b6ead4a652ac75af31eabb05b912 1214Author: Damien Miller <djm@mindrot.org> 1215Date: Mon Jul 1 14:33:26 2024 +1000 1216 1217 version numbers 1218 1219commit bfebb8a5130a792c5356bd06e1ddef72a0a0449f 1220Author: djm@openbsd.org <djm@openbsd.org> 1221Date: Mon Jul 1 04:31:59 2024 +0000 1222 1223 upstream: openssh-9.8 1224 1225 OpenBSD-Commit-ID: 5f8b89e38a4c5f7c6d52ffa19f796d49f36fab19 1226 1227commit 146c420d29d055cc75c8606327a1cf8439fe3a08 1228Author: djm@openbsd.org <djm@openbsd.org> 1229Date: Mon Jul 1 04:31:17 2024 +0000 1230 1231 upstream: when sending ObscureKeystrokeTiming chaff packets, we 1232 1233 can't rely on channel_did_enqueue to tell that there is data to send. This 1234 flag indicates that the channels code enqueued a packet on _this_ ppoll() 1235 iteration, not that data was enqueued in _any_ ppoll() iteration in the 1236 timeslice. ok markus@ 1237 1238 OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136 1239 1240commit 637e4dfea4ed81264e264b6200172ce319c64ead 1241Author: djm@openbsd.org <djm@openbsd.org> 1242Date: Mon Jul 1 03:10:19 2024 +0000 1243 1244 upstream: use "lcd" to change directory before "lls" rather then "cd", 1245 1246 since the directory we're trying to list is local. Spotted by Corinna 1247 Vinschen 1248 1249 OpenBSD-Regress-ID: 821feca4a4bebe491944e624c8f7f2990b891415 1250 1251commit c8cfe258cee0b8466ea84597bf15e1fcff3bc328 1252Author: djm@openbsd.org <djm@openbsd.org> 1253Date: Thu Jun 27 23:01:15 2024 +0000 1254 1255 upstream: delete obsolete comment 1256 1257 OpenBSD-Commit-ID: 5fb04f298ed155053f3fbfdf0c6fe7cdf84bbfa2 1258 1259commit 94b9d37100f6fa536aaa1d1a0e4926fe44fbf04d 1260Author: djm@openbsd.org <djm@openbsd.org> 1261Date: Thu Jun 27 22:36:44 2024 +0000 1262 1263 upstream: retire unused API 1264 1265 OpenBSD-Commit-ID: 3e30d7b0615e2707f6bbe70f61b1c2f72f78161b 1266 1267commit 268c3a7f5783e731ed60f4e28da66ee3743581d3 1268Author: jmc@openbsd.org <jmc@openbsd.org> 1269Date: Thu Jun 27 21:02:16 2024 +0000 1270 1271 upstream: ssl(8) no longer contains a HISTORY section; 1272 1273 OpenBSD-Commit-ID: 83b7ff34433d79595e9c2a5d2a561a6660251245 1274 1275commit 12b6cc09ce6c430681f03af2a8069e37a664690b 1276Author: djm@openbsd.org <djm@openbsd.org> 1277Date: Wed Jun 26 23:47:46 2024 +0000 1278 1279 upstream: move child process waitpid() loop out of SIGCHLD handler; 1280 1281 ok deraadt 1282 1283 OpenBSD-Commit-ID: 65815a39564e431414aed7c5ace8076f4e9ca741 1284 1285commit d6bcd13297c2ab8b528df5a6898f994734849031 1286Author: deraadt@openbsd.org <deraadt@openbsd.org> 1287Date: Wed Jun 26 23:16:52 2024 +0000 1288 1289 upstream: Instead of using possibly complex ssh_signal(), write all 1290 1291 the parts of the grace_alarm_handler() using the exact things allowed by the 1292 signal-safe rules. This is a good rule of thumb: Handlers should be written 1293 to either set a global volatile sig_atomic_t inspected from outside, and/or 1294 directly perform only safe operations listed in our sigaction(2) manual page. 1295 ok djm markus 1296 1297 OpenBSD-Commit-ID: 14168ae8368aab76e4ed79e17a667cb46f404ecd 1298 1299commit b8793e2b0851f7d71b97554fa5260b23796d6277 1300Author: deraadt@openbsd.org <deraadt@openbsd.org> 1301Date: Wed Jun 26 23:14:14 2024 +0000 1302 1303 upstream: save_errno wrappers inside two small signal handlers that 1304 1305 perform system calls, for systems with libc that do perform libc sigtramps. 1306 ok djm markus 1307 1308 OpenBSD-Commit-ID: 7749b56419a7c9dcfe4c6c04811e429813346c62 1309 1310commit f23e9332c4c8df37465c4a4f38275ea98980ed7e 1311Author: jmc@openbsd.org <jmc@openbsd.org> 1312Date: Mon Jun 24 06:59:39 2024 +0000 1313 1314 upstream: - uppercase start of sentence - correct sentence grammar 1315 1316 ok djm 1317 1318 OpenBSD-Commit-ID: 1ec4b0fdb633a43667f2c8fff1d600bd647dde25 1319 1320commit 1839e3eb71a759aa795602c1e4196300f4ac2615 1321Author: djm@openbsd.org <djm@openbsd.org> 1322Date: Mon Jun 24 04:05:11 2024 +0000 1323 1324 upstream: mention SshdSessionPath option 1325 1326 OpenBSD-Commit-ID: c29734d36c21003973b15c1c9965c35f36cef30c 1327 1328commit 603193e32aef5db7d60c58066d5de89806e79312 1329Author: Darren Tucker <dtucker@dtucker.net> 1330Date: Thu Jun 20 18:45:14 2024 +1000 1331 1332 Rerun upstream tests on .sh file changes too. 1333 1334commit dbbf9337c19381786a8e5a8a49152fe6b80c780d 1335Author: dtucker@openbsd.org <dtucker@openbsd.org> 1336Date: Thu Jun 20 08:23:18 2024 +0000 1337 1338 upstream: Work around dbclient cipher/mac query bug. 1339 1340 Unlike earlier versions, recent Dropbear (at least v2024.85) requires 1341 a host arg when querying supported ciphers and macs via "-c/-m 1342 help". Earlier versions accept but do not require it, so always 1343 provide it. If these queries fail, skip the test with a warning. 1344 1345 OpenBSD-Regress-ID: 98eb863a3f0363416922efb273885e6b3c7f68d4 1346 1347commit 8de2c8cebc46bbdb94b7a2c120fcadfb66a3cccc 1348Author: dtucker@openbsd.org <dtucker@openbsd.org> 1349Date: Thu Jun 20 08:18:34 2024 +0000 1350 1351 upstream: Remove dropbear key types not supported 1352 1353 by current OpenSSH. Allows subsequent test runs to work if OpenSSH is 1354 rebuilt w/out OpenSSL. 1355 1356 OpenBSD-Regress-ID: e0129eb2b1d31771105903a8055216fbba20a770 1357 1358commit e9b6471c59b21e5d9ef1b3832d4bf727338add85 1359Author: djm@openbsd.org <djm@openbsd.org> 1360Date: Thu Jun 20 00:18:05 2024 +0000 1361 1362 upstream: stricter check for overfull tables in penalty record path 1363 1364 OpenBSD-Commit-ID: 7df01e648a0723418c554e64a9f2b6d38db060a6 1365 1366commit d9336d344eb2a1e898c5e66147b3f108c7214694 1367Author: djm@openbsd.org <djm@openbsd.org> 1368Date: Wed Jun 19 23:24:47 2024 +0000 1369 1370 upstream: put back reaping of preauth child process when writes 1371 1372 from the monitor fail. Not sure how this got lost in the avalanche of 1373 patches. 1374 1375 OpenBSD-Commit-ID: eb7eb36371e1ac01050b32b70fb2b3e5d98e72f5 1376 1377commit 579d9adb70ec0206a788eb5c63804c31a67e9310 1378Author: naddy@openbsd.org <naddy@openbsd.org> 1379Date: Mon Jun 17 13:50:18 2024 +0000 1380 1381 upstream: remove one more mention of DSA 1382 1383 OpenBSD-Commit-ID: 8515f55a15f02836ba657df341415f63c60526ca 1384 1385commit 7089b5f8436ef0b8d3d3ad9ce01045fb9e7aab15 1386Author: Darren Tucker <dtucker@dtucker.net> 1387Date: Wed Jun 19 23:09:05 2024 +1000 1388 1389 Move -f to the place needed to restart sshd. 1390 1391commit d5f83cfd852b14a25f347f082ab539a9454702ad 1392Author: Darren Tucker <dtucker@dtucker.net> 1393Date: Wed Jun 19 21:04:01 2024 +1000 1394 1395 Need to supply "-f" to restart sshd. 1396 1397commit fad34b4ca25c0ef31e5aa841d461b6f21da5b8c1 1398Author: dtucker@openbsd.org <dtucker@openbsd.org> 1399Date: Wed Jun 19 10:15:51 2024 +0000 1400 1401 upstream: Provide defaults for ciphers and macs 1402 1403 if querying for them fails since on some versions of Dropbear (at least 1404 v2024.85) "-m help" doesn't seem to work. Enable all supported pubkey 1405 algorithms in the server. 1406 1407 OpenBSD-Regress-ID: 4f95556a49ee9f621789f25217c367a33d2745ca 1408 1409commit 5521060e35ada9f957cecdddc06d0524e75409ef 1410Author: dtucker@openbsd.org <dtucker@openbsd.org> 1411Date: Wed Jun 19 10:10:46 2024 +0000 1412 1413 upstream: Use ed25519 keys for kex tests 1414 1415 since that's supported by OpenSSH even when built without OpenSSL. 1416 Only test diffie-hellman kex if OpenSSH is compiled with support for it. 1417 1418 OpenBSD-Regress-ID: a5d09ef9bbd171f9e4ec73ed0d9eeb49a8878e97 1419 1420commit dbd3b833f6e3815e58f2dc6e14f61a51bcd4d6bd 1421Author: dtucker@openbsd.org <dtucker@openbsd.org> 1422Date: Wed Jun 19 10:08:34 2024 +0000 1423 1424 upstream: Rework dropbear key setup 1425 1426 to always generate ed25519 keys, other types only if OpenSSH has support 1427 for the corresponding key type. 1428 1429 OpenBSD-Regress-ID: 8f91f12604cddb9f8d93aa34f3f93a3f6074395d 1430 1431commit d6218504e11ae9148adf410fc69b0710a052be36 1432Author: Darren Tucker <dtucker@dtucker.net> 1433Date: Wed Jun 19 20:20:24 2024 +1000 1434 1435 Restart sshd after installing it for testing. 1436 1437 When installing an sshd built without OpenSSL the mismatch between 1438 the running sshd and newly installed sshd-session will cause the 1439 remainder of the test to fail. 1440 1441commit 786a4465b6bb702daf4fb17b7c3bcb42b52f0b46 1442Author: Darren Tucker <dtucker@dtucker.net> 1443Date: Tue Jun 18 19:59:59 2024 +1000 1444 1445 Remove macos-11 runner. 1446 1447 Github is retiring them soon. 1448 1449commit df1c72a55edbebac14363b57de66ac6a147ecc67 1450Author: Damien Miller <djm@mindrot.org> 1451Date: Wed Jun 19 09:34:34 2024 +1000 1452 1453 PAMServiceName may appear in a Match block 1454 1455commit de1c2e70e5a5dc3c8d2fe04b24cc93d8ef6930e7 1456Author: dtucker@openbsd.org <dtucker@openbsd.org> 1457Date: Tue Jun 18 08:11:48 2024 +0000 1458 1459 upstream: Re-enable ssh-dss tests 1460 1461 ... if ssh is compiled with DSA support 1462 1463 OpenBSD-Regress-ID: bbfaf8c17f2b50a2d46ac35cb97af99b990c990d 1464 1465commit dabc2c7cf3c141e8e5d5a1a60d6c1d2d2422cf43 1466Author: anton@openbsd.org <anton@openbsd.org> 1467Date: Tue Jun 18 06:14:27 2024 +0000 1468 1469 upstream: Stop using DSA in dropbear interop tests. 1470 1471 OpenBSD-Regress-ID: abfd4457d99d8cc1417fd22ca2c570270f74c1cf 1472 1473commit 761438012710169445acc179e3870c53c862bda0 1474Author: Damien Miller <djm@mindrot.org> 1475Date: Tue Jun 18 12:29:45 2024 +1000 1476 1477 missed a bit of DSA in the fuzzer 1478 1479commit 3f9cc47da588e8de520720e59f98438043fdaf93 1480Author: Damien Miller <djm@mindrot.org> 1481Date: Tue Jun 18 09:35:53 2024 +1000 1482 1483 DSA support is disabled, so remove from fuzzers 1484 1485commit 00eb95957dea5484b2c7c043f7d2bbc87301bef2 1486Author: djm@openbsd.org <djm@openbsd.org> 1487Date: Mon Jun 17 08:30:29 2024 +0000 1488 1489 upstream: disable the DSA signature algorithm by default; ok 1490 1491 markus@ 1492 1493 (yes, I know this expands to "the Digitial Signature Algorithm 1494 signature algorithm) 1495 1496 OpenBSD-Commit-ID: 961ef594e46dd2dcade8dd5721fa565cee79ffed 1497 1498commit 5603befe11c9464ea26fe77cbacc95a7cc0b1ea7 1499Author: djm@openbsd.org <djm@openbsd.org> 1500Date: Mon Jun 17 08:28:31 2024 +0000 1501 1502 upstream: promote connection-closed messages from verbose to info 1503 1504 log level; they could be the only record of the connection terminating if the 1505 client doesn't send a SSH2_MSG_DISCONNECT message. ok dtucker@ 1506 1507 OpenBSD-Commit-ID: 0c8bfaf5e9fdff945cee09ac21e641f6c5d65d3c 1508 1509commit b00331402fe5c60d577f3ffcc35e49286cdc6b47 1510Author: Damien Miller <djm@mindrot.org> 1511Date: Mon Jun 17 17:02:18 2024 +1000 1512 1513 propagate PAM crashes to PerSourcePenalties 1514 1515 If the PAM subprocess crashes, exit with a crash status that will be 1516 picked up by the sshd(8) listener process where it can be used by 1517 PerSourcePenalties to block the client. This is similar handling to 1518 the privsep preauth process. 1519 1520commit 1c207f456ace38987deda047758d13fbf857f948 1521Author: Damien Miller <djm@mindrot.org> 1522Date: Mon Jun 17 15:06:01 2024 +1000 1523 1524 minix doesn't have loopback, so skip penalty tests 1525 1526 pointed out by dtucker@ 1527 1528commit 48443d202eaec52d4d39defdd709a4499a7140c6 1529Author: djm@openbsd.org <djm@openbsd.org> 1530Date: Sun Jun 16 11:54:49 2024 +0000 1531 1532 upstream: same treatment for this test 1533 1534 OpenBSD-Regress-ID: d0cc9efca7833e673ea7b0cb3a679a3acee8d4c7 1535 1536commit 45562a95ea11d328c22d97bf39401cd29684fb1f 1537Author: djm@openbsd.org <djm@openbsd.org> 1538Date: Sun Jun 16 08:18:06 2024 +0000 1539 1540 upstream: penalty test is still a bit racy 1541 1542 OpenBSD-Regress-ID: 90c9ac224db454637baf1ebee5857e007321e824 1543 1544commit 8d0f7eb147ef72d18acb16c0b18672d44941a8ca 1545Author: djm@openbsd.org <djm@openbsd.org> 1546Date: Sat Jun 15 03:59:10 2024 +0000 1547 1548 upstream: crank up penalty timeouts so this should work on even the 1549 1550 slowest of test builders 1551 1552 OpenBSD-Regress-ID: 70bda39c83e3fc9d0f3c1fad4542ed33e173d468 1553 1554commit 93c75471a1202ab3e29db6938648d4e2602c0475 1555Author: jmc@openbsd.org <jmc@openbsd.org> 1556Date: Fri Jun 14 05:20:34 2024 +0000 1557 1558 upstream: sort -q in the options list; 1559 1560 OpenBSD-Commit-ID: 6839b38378f38f754de638a5e988c13b4164cc7c 1561 1562commit dd7807bbe80a93ffb4616f2bd5cf83ad5a5595fb 1563Author: djm@openbsd.org <djm@openbsd.org> 1564Date: Fri Jun 14 05:01:22 2024 +0000 1565 1566 upstream: clarify KEXAlgorithms supported vs available. Inspired by 1567 1568 bz3701 from Colin Watson. 1569 1570 OpenBSD-Commit-ID: e698e69bea19bd52971d253f2b1094490c4701f7 1571 1572commit d172ad56df85b68316dbadbedad16761a1265874 1573Author: djm@openbsd.org <djm@openbsd.org> 1574Date: Fri Jun 14 05:00:42 2024 +0000 1575 1576 upstream: ssh-keyscan -q man bits 1577 1578 OpenBSD-Commit-ID: ba28d0e1ac609a4c99c453e57e86560c79079db1 1579 1580commit 092e4ff9ccaacbe035f286feb1b56ed499604743 1581Author: Damien Miller <djm@mindrot.org> 1582Date: Fri Jun 14 14:46:35 2024 +1000 1583 1584 skip penalty-expire test in valgrind test env 1585 1586commit 2866ad08a9c50d7b67ce9424ca990532b806a21a 1587Author: djm@openbsd.org <djm@openbsd.org> 1588Date: Fri Jun 14 04:43:11 2024 +0000 1589 1590 upstream: split the PerSourcePenalties test in two: one tests penalty 1591 1592 enforcement but not penalty expiry, the other tests penalty expiry. 1593 1594 This lets us disable the expiry testing in certain CI test environments. 1595 1596 OpenBSD-Regress-ID: f56811064f3e3cb52ee73a206b8c2a06af1c8791 1597 1598commit b2c64bc170d75823622a37cab3ca1804ca87ad16 1599Author: Damien Miller <djm@mindrot.org> 1600Date: Fri Jun 14 14:19:23 2024 +1000 1601 1602 add a sshd_config PamServiceName option 1603 1604 Allows selecting which PAM service name to use when UsePAM is 1605 enabled. Defaults to "sshd" unless overridden at compile time 1606 by defining SSHD_PAM_SERVICE. 1607 1608 bz2102, ok dtucker@ 1609 1610commit 9f032a4dd17bf0ae6066223d82aa5e784285d987 1611Author: djm@openbsd.org <djm@openbsd.org> 1612Date: Fri Jun 14 00:26:12 2024 +0000 1613 1614 upstream: don't redirect stderr for ssh-keyscan we expect to succeed 1615 1616 OpenBSD-Regress-ID: 8878b8eb4e070ed2e343166d3eb86db4a08a216c 1617 1618commit 1e84d0cf40e94ae3a77d6a7ca8c036d8e3d55a40 1619Author: djm@openbsd.org <djm@openbsd.org> 1620Date: Fri Jun 14 00:25:25 2024 +0000 1621 1622 upstream: make host/banner comments go to stderr instead of stdout, 1623 1624 so they are useful as comments without extra shell redirection and so they 1625 don't clutter actual errors on stderr. 1626 1627 Add a -q flag to shut them up. 1628 1629 ok dtucker@ 1630 1631 OpenBSD-Commit-ID: bec813de56a71adb5c1a76adcf49621130d24264 1632 1633commit 3e806d011855d6bd648ec95b9df630ebbd11c3bf 1634Author: naddy@openbsd.org <naddy@openbsd.org> 1635Date: Thu Jun 13 15:06:33 2024 +0000 1636 1637 upstream: separate keywords with comma 1638 1639 OpenBSD-Commit-ID: d65a99666202a8188c4991c18d14374a229f7be5 1640 1641commit abfd1f7a3cbd0a92581a0febba254b2f6649c0d9 1642Author: djm@openbsd.org <djm@openbsd.org> 1643Date: Fri Jun 14 00:23:55 2024 +0000 1644 1645 upstream: specify an algorithm for ssh-keyscan, otherwise it will make 1646 1647 multiple attempts simultaneously and confuse the test 1648 1649 OpenBSD-Regress-ID: 6e910f3315c4345053db1bf5cbf61826b194d0b9 1650 1651commit a8fbe2f7d0d96d299ee8e69769e3b51067978748 1652Author: Damien Miller <djm@mindrot.org> 1653Date: Thu Jun 13 16:41:29 2024 +1000 1654 1655 sshd: don't use argv[0] as PAM service name 1656 1657 sshd would implicitly use argv[0] as the PAM service name to 1658 allow people to select different PAM service names by making 1659 differently-named copies/links to the sshd binary. 1660 1661 Splitting sshd into sshd/sshd-session broke this, as the process 1662 that starts PAM is always sshd-session and the user has no control 1663 over this. 1664 1665 Hardcode "sshd" as the default PAM service name unless/until we 1666 figure out a better way. Should unbreak OSX integration tests. 1667 1668commit bf204bd05c3ae650f87e2b96527688579f59774c 1669Author: Damien Miller <djm@mindrot.org> 1670Date: Thu Jun 13 15:00:28 2024 +1000 1671 1672 prepare for checking in autogenerated files 1673 1674 We plan to check in automatically generated files (config.h.in, etc) on 1675 release branches. These files are normally ignored by .gitignore, but 1676 this shuffles the contents of this file to make it easy to un-ignore 1677 them. 1678 1679commit 425f79a837489904c343b349ef00e09aeaa4e752 1680Author: Damien Miller <djm@mindrot.org> 1681Date: Thu Jun 13 14:41:33 2024 +1000 1682 1683 typo in comment 1684 1685commit afe10313c1fa8d478af399ee7d54c8f85503013b 1686Author: Damien Miller <djm@mindrot.org> 1687Date: Thu Jun 13 14:35:25 2024 +1000 1688 1689 fix PTY allocation on Cygwin, broken by sshd split 1690 1691 Cygwin doesn't support FD passing and so used to disable post-auth 1692 privilege separation entirely because privsep requires PTY allocation 1693 to happen in the privileged monitor process with the PTY file 1694 descriptors being passed back to the unprivileged process. 1695 1696 This brings back a minimal version of the previous special treatment 1697 for Cygwin (and any other platform that sets DISABLE_FD_PASSING): 1698 privilege separation remains enabled, but PTY allocation happens in 1699 the post-auth user process rather than the monitor. 1700 1701 This either requires PTY allocation to not need privilege to begin 1702 with (this appears to be the case on Cygwin), or the post-auth 1703 privsep process retain privilege (other platforms that set the 1704 DISABLE_FD_PASSING option). 1705 1706 Keeping privileges here is bad, but the non-Cygwin systems that set 1707 DISABLE_FD_PASSING are so deeply legacy that this is likely to be the 1708 least of their problems. 1709 1710commit f66d4df5749551380a8c4ae642347675a0b6a2e9 1711Author: Damien Miller <djm@mindrot.org> 1712Date: Thu Jun 13 11:33:09 2024 +1000 1713 1714 delay lookup of privsep user until config loaded 1715 1716 sshd-session attempting to use options.kerberos_authentication to 1717 decide whether it needed to lookup the privsep user before the 1718 configuration was loaded. This caused it to get a placeholder value 1719 that caused it always to try to lookup the privsep user, breaking at 1720 least one test environment. 1721 1722commit f1c42858b94f5d9b58867b34dce3afb39c6b56a8 1723Author: Damien Miller <djm@mindrot.org> 1724Date: Thu Jun 13 11:16:57 2024 +1000 1725 1726 missing file for PerSourcePenalties regress test 1727 1728commit 4de80ff4e6fab5a6bb0028e7d57c6c23d1485adb 1729Author: djm@openbsd.org <djm@openbsd.org> 1730Date: Wed Jun 12 22:36:00 2024 +0000 1731 1732 upstream: split PerSourcePenalties address tracking. Previously it 1733 1734 used one shared table and overflow policy for IPv4 and IPv6 addresses, now it 1735 will use separate tables and optionally different overflow policies. 1736 1737 This prevents misbehaviour from IPv6 addresses (which are vastly easier 1738 to obtain many of) from affecting IPv4 connections and may allow for 1739 stricter overflow policies. 1740 1741 ok deraadt@ 1742 1743 OpenBSD-Commit-ID: 12637ed0aa4d5f1f3e702da42ea967cbd8bfdfd9 1744 1745commit 06ab4c6931b0aaa4334db2faaa7e1069e76d0df6 1746Author: jmc@openbsd.org <jmc@openbsd.org> 1747Date: Tue Jun 11 05:24:39 2024 +0000 1748 1749 upstream: do not mark up "(default: 20ms)"; 1750 1751 OpenBSD-Commit-ID: 54151ecdecfa1b67dcdda4fd24826ef6e2148ad4 1752 1753commit cfe243cd9fde148ed060637876e27bb55ac78be9 1754Author: djm@openbsd.org <djm@openbsd.org> 1755Date: Tue Jun 11 02:54:51 2024 +0000 1756 1757 upstream: reap preauth net child if it hangs up during privsep message 1758 1759 send, not just message receive 1760 1761 OpenBSD-Commit-ID: 02a093f4ab4f8f83f0cd1ea2bb35b9ca420448f0 1762 1763commit b0a711c00b9c64afd1c9d6fb538275c6604a2676 1764Author: djm@openbsd.org <djm@openbsd.org> 1765Date: Tue Jun 11 01:58:27 2024 +0000 1766 1767 upstream: fix PIDFILE handling, broken for SUDO=doas in last commit 1768 1769 here 1770 1771 OpenBSD-Regress-ID: 96fec579af228f87a036e94801eb294af9074625 1772 1773commit 90fb801e2d9241be50a2a7ff79428386442a041f 1774Author: djm@openbsd.org <djm@openbsd.org> 1775Date: Tue Jun 11 02:00:30 2024 +0000 1776 1777 upstream: reap the pre-auth [net] child if it hangs up during privsep 1778 1779 message sending, not just receiving 1780 1781 OpenBSD-Commit-ID: f7341605bf08c4c15830910446e6775323f2f8cb 1782 1783commit ef878d58798f6688c7f4d4e417dc0c29023ea831 1784Author: djm@openbsd.org <djm@openbsd.org> 1785Date: Tue Jun 11 01:23:25 2024 +0000 1786 1787 upstream: a little more RB_TREE paranoia 1788 1789 OpenBSD-Commit-ID: 8dc2fd21eebd8830c4a4d25461ac4fe228e11156 1790 1791commit fc4e96b2174d6a894d2033421699d091679baced 1792Author: djm@openbsd.org <djm@openbsd.org> 1793Date: Tue Jun 11 01:22:25 2024 +0000 1794 1795 upstream: fix off-by-one comparison for PerSourcePenalty 1796 1797 OpenBSD-Commit-ID: af4f5d01c41ef870b23e55655bfbf73474a6c02b 1798 1799commit 82c836df4ff41145553cd7adb11c5b985aeaa06f 1800Author: djm@openbsd.org <djm@openbsd.org> 1801Date: Tue Jun 11 01:21:41 2024 +0000 1802 1803 upstream: move tree init before possible early return 1804 1805 OpenBSD-Commit-ID: 72e2c5b69f151c08a7c5bf5ad929b97a92c273df 1806 1807commit a2300f015cc4939c4d9c564b58b74e71202dc978 1808Author: djm@openbsd.org <djm@openbsd.org> 1809Date: Tue Jun 11 01:07:35 2024 +0000 1810 1811 upstream: update to mention that PerSourcePenalties default to 1812 1813 being enabled and document the default values for each parameter. 1814 1815 OpenBSD-Commit-ID: b981288bddfb097aad269f62df4081c688ce0034 1816 1817commit 41987efd356d3fc30139aeab4b09374acf8f91a0 1818Author: djm@openbsd.org <djm@openbsd.org> 1819Date: Tue Jun 11 00:44:52 2024 +0000 1820 1821 upstream: reap the [net] child if it hangs up while writing privsep 1822 1823 message payloads, not just the message header 1824 1825 OpenBSD-Commit-ID: 24dbd400aa381ac96be7ed2dd49018487dfef6ce 1826 1827commit 6211aa085fa91155a24922e5329576ac9a8f3175 1828Author: djm@openbsd.org <djm@openbsd.org> 1829Date: Tue Jun 11 00:40:21 2024 +0000 1830 1831 upstream: log waitpid() status for abnormal exits 1832 1833 OpenBSD-Commit-ID: b317930e06b51819c1a2bc6a4359764fecfb1c2d 1834 1835commit a59634c7adb9ae988748d99963dfafb3070d8d41 1836Author: djm@openbsd.org <djm@openbsd.org> 1837Date: Tue Jun 11 00:36:20 2024 +0000 1838 1839 upstream: correct error message 1840 1841 OpenBSD-Commit-ID: 581f60f73099083392887206860229ab104620ed 1842 1843commit fa7d7a667f2ee031e72873e36de2d2a36bca973b 1844Author: deraadt@openbsd.org <deraadt@openbsd.org> 1845Date: Fri Jun 7 13:23:30 2024 +0000 1846 1847 upstream: avoid shadowing issues which some compilers won't accept 1848 1849 ok djm 1850 1851 OpenBSD-Commit-ID: 1e89572397dda83433d58c4fa6333a08f51170d4 1852 1853commit 3ad4cd9eeca5c9bc6706db44b6de88e2e4513fd6 1854Author: jmc@openbsd.org <jmc@openbsd.org> 1855Date: Thu Jun 6 21:14:49 2024 +0000 1856 1857 upstream: escape the final dot at eol in "e.g." to avoid double 1858 1859 spacing; 1860 1861 OpenBSD-Commit-ID: 0a9fb10bc9f7d577afe2da3f498a08bc431115b9 1862 1863commit 0e0c69761a4c33ccd4a256560f522784a753d1a8 1864Author: djm@openbsd.org <djm@openbsd.org> 1865Date: Thu Jun 6 20:25:48 2024 +0000 1866 1867 upstream: enable PerSourcePenalties by default. 1868 1869 ok markus 1870 1871 NB. if you run a sshd that accepts connections from behind large NAT 1872 blocks, proxies or anything else that aggregates many possible users 1873 behind few IP addresses, then this change may cause legitimate traffic 1874 to be denied. 1875 1876 Please read the PerSourcePenalties, PerSourcePenaltyExemptList and 1877 PerSourceNetBlockSize options in sshd_config(5) for how to tune your 1878 sshd(8) for your specific circumstances. 1879 1880 OpenBSD-Commit-ID: 24a0e5c23d37e5a63e16d2c6da3920a51078f6ce 1881 1882commit bd1f74741daabeaf20939a85cd8cec08c76d0bec 1883Author: djm@openbsd.org <djm@openbsd.org> 1884Date: Thu Jun 6 20:20:42 2024 +0000 1885 1886 upstream: mention that PerSourcePenalties don't affect concurrent 1887 1888 in-progress connections. 1889 1890 OpenBSD-Commit-ID: 20389da6264f2c97ac3463edfaa1182c212d420c 1891 1892commit 9774b938578327d88a651f4c63c504809717590a 1893Author: djm@openbsd.org <djm@openbsd.org> 1894Date: Thu Jun 6 19:49:25 2024 +0000 1895 1896 upstream: regress test for PerSourcePenalties 1897 1898 OpenBSD-Regress-ID: a1af13d411b25a727742644459d26480b9a1b0f1 1899 1900commit b8ebd86cefe9812204a10c028dc90de29918667d 1901Author: djm@openbsd.org <djm@openbsd.org> 1902Date: Thu Jun 6 19:48:40 2024 +0000 1903 1904 upstream: make sure logs are saved from sshd run via start_sshd 1905 1906 OpenBSD-Regress-ID: de4ef0e32e3ab85ff3a6c36eb08d1909c0dd1b4a 1907 1908commit d7b2070bdaa4ebbfafb9975c1d5a62b73289d31f 1909Author: djm@openbsd.org <djm@openbsd.org> 1910Date: Thu Jun 6 19:47:48 2024 +0000 1911 1912 upstream: simplify 1913 1914 OpenBSD-Regress-ID: 50316e0d1ae0c0a057a45af042253e54ce23d11c 1915 1916commit e6ea3d224513b6bfb93818809d4c7397f5995ba2 1917Author: djm@openbsd.org <djm@openbsd.org> 1918Date: Thu Jun 6 18:48:13 2024 +0000 1919 1920 upstream: prepare for PerSourcePenalties being enabled by default 1921 1922 in future 1923 1924 OpenBSD-Regress-ID: 5236c6d1c823997aac5a35e2915da30f1903bec7 1925 1926commit c0cb3b8c837761816a60a3cdb54062668df09652 1927Author: djm@openbsd.org <djm@openbsd.org> 1928Date: Thu Jun 6 19:50:01 2024 +0000 1929 1930 upstream: disable stderr redirection before closing fds 1931 1932 OpenBSD-Commit-ID: d42cb895ee4542098050367fc35321c9303f003a 1933 1934commit 81c1099d22b81ebfd20a334ce986c4f753b0db29 1935Author: djm@openbsd.org <djm@openbsd.org> 1936Date: Thu Jun 6 17:15:25 2024 +0000 1937 1938 upstream: Add a facility to sshd(8) to penalise particular 1939 1940 problematic client behaviours, controlled by two new sshd_config(5) options: 1941 PerSourcePenalties and PerSourcePenaltyExemptList. 1942 1943 When PerSourcePenalties are enabled, sshd(8) will monitor the exit 1944 status of its child pre-auth session processes. Through the exit 1945 status, it can observe situations where the session did not 1946 authenticate as expected. These conditions include when the client 1947 repeatedly attempted authentication unsucessfully (possibly indicating 1948 an attack against one or more accounts, e.g. password guessing), or 1949 when client behaviour caused sshd to crash (possibly indicating 1950 attempts to exploit sshd). 1951 1952 When such a condition is observed, sshd will record a penalty of some 1953 duration (e.g. 30 seconds) against the client's address. If this time 1954 is above a minimum threshold specified by the PerSourcePenalties, then 1955 connections from the client address will be refused (along with any 1956 others in the same PerSourceNetBlockSize CIDR range). 1957 1958 Repeated offenses by the same client address will accrue greater 1959 penalties, up to a configurable maximum. A PerSourcePenaltyExemptList 1960 option allows certain address ranges to be exempt from all penalties. 1961 1962 We hope these options will make it significantly more difficult for 1963 attackers to find accounts with weak/guessable passwords or exploit 1964 bugs in sshd(8) itself. 1965 1966 PerSourcePenalties is off by default, but we expect to enable it 1967 automatically in the near future. 1968 1969 much feedback markus@ and others, ok markus@ 1970 1971 OpenBSD-Commit-ID: 89ded70eccb2b4926ef0366a4d58a693de366cca 1972 1973commit 916b0b6174e203cf2c5ec9bcf409472eb7ffbf43 1974Author: Damien Miller <djm@mindrot.org> 1975Date: Fri Jun 7 03:31:02 2024 +1000 1976 1977 whitespace 1978 1979commit 49b55e44182b8294419aa580cbf043d5b9e3d953 1980Author: deraadt@openbsd.org <deraadt@openbsd.org> 1981Date: Tue Jun 4 15:14:45 2024 +0000 1982 1983 upstream: enable -fret-clean on amd64, for libc libcrypto ld.so 1984 1985 kernel, and all the ssh tools. The dynamic objects are entirely ret-clean, 1986 static binaries will contain a blend of cleaning and non-cleaning callers. 1987 1988 OpenBSD-Commit-ID: 112aacedd3b61cc5c34b1fa6d9fb759214179172 1989 1990commit cc80d51d034bcb24fd0f2564a4bdf1612000a2a2 1991Author: Damien Miller <djm@mindrot.org> 1992Date: Wed Jun 5 02:21:30 2024 +1000 1993 1994 remove PRIVSEP macros for osx 1995 1996commit 8785491123d4d722b310c20f383570be758f8263 1997Author: djm@openbsd.org <djm@openbsd.org> 1998Date: Sat Jun 1 07:03:37 2024 +0000 1999 2000 upstream: be really strict with fds reserved for communication with the 2001 2002 separate sshd-session process - reserve them early and fatal if we can't 2003 dup2(2) them later. The pre-split fallback to re-reading the configuration 2004 files is not possible, so sshd-session absolutely requires the fd the 2005 configuration is passed over to be in order. 2006 2007 ok deraadt@ 2008 2009 OpenBSD-Commit-ID: 308a98ef3c8a6665ebf92c7c9a0fc9600ccd7065 2010 2011commit f1c8918cb98459910fb159373baea053ba4108c0 2012Author: Damien Miller <djm@mindrot.org> 2013Date: Fri May 31 19:12:26 2024 +1000 2014 2015 depend 2016 2017commit 94b4866cb1f4b0ed29a9f367047b30f81002316f 2018Author: Damien Miller <djm@mindrot.org> 2019Date: Fri May 31 19:11:14 2024 +1000 2020 2021 rename need_privsep to need_chroot 2022 2023 privsep is mandatory, chroot is optional (disabled when running 2024 sshd as non-root) 2025 2026commit e68a95142e5024b144f8eeccd5ffdee42c34f44c 2027Author: Damien Miller <djm@mindrot.org> 2028Date: Fri May 31 19:05:34 2024 +1000 2029 2030 remove remaining use_privsep mention 2031 2032commit b21d271f651d2536dca819cc6d74032fe98634db 2033Author: djm@openbsd.org <djm@openbsd.org> 2034Date: Fri May 31 09:01:08 2024 +0000 2035 2036 upstream: warn when -r (deprecated option to disable re-exec) is 2037 2038 passed 2039 2040 OpenBSD-Commit-ID: 73145ef5150edbe3ce7889f0844ed8fa6155f551 2041 2042commit a4b5bc246cbca476deeeb4462aa31746a56e3021 2043Author: djm@openbsd.org <djm@openbsd.org> 2044Date: Fri May 31 08:49:35 2024 +0000 2045 2046 upstream: typos 2047 2048 OpenBSD-Commit-ID: edfa72eb06bfa65da30fabf7d2fe76d2d33f77bf 2049 2050commit 8054b906983ceaed01fabd8188d3dac24c05ba39 2051Author: djm@openbsd.org <djm@openbsd.org> 2052Date: Mon May 27 01:52:26 2024 +0000 2053 2054 upstream: don't need sys/queue.h here 2055 2056 OpenBSD-Commit-ID: dd137396828171eb19e4911581812ca58de6c578 2057 2058commit 210d4239733da6180ce853538aeb9413d5c62ad5 2059Author: naddy@openbsd.org <naddy@openbsd.org> 2060Date: Sun May 26 20:35:12 2024 +0000 2061 2062 upstream: remove references to SSH1 and DSA server keys 2063 2064 OpenBSD-Commit-ID: 57cc1c98d4f998981473734f144b904af7d178a2 2065 2066commit f0b9261d7fdd0ef86806b49fe76344bd16770cd0 2067Author: jsg@openbsd.org <jsg@openbsd.org> 2068Date: Thu May 23 23:47:16 2024 +0000 2069 2070 upstream: remove unused struct fwd_perm_list, no decl with complete 2071 2072 type ok djm@ 2073 2074 OpenBSD-Commit-ID: 416fb3970b7e73c76d2963c4f00cf96f2b2ee2fb 2075 2076commit 2477a98c3ef78e63b11a1393656e00288f52ae97 2077Author: naddy@openbsd.org <naddy@openbsd.org> 2078Date: Wed May 22 15:24:55 2024 +0000 2079 2080 upstream: Do not pass -Werror twice when building with clang. 2081 2082 OpenBSD-Commit-ID: 5f378c38ad8976d507786dc4db9283a879ec8cd0 2083 2084commit 435844f5675245b4271f8581f15e6d1f34fde3bc 2085Author: miod@openbsd.org <miod@openbsd.org> 2086Date: Wed May 22 11:49:36 2024 +0000 2087 2088 upstream: Do not pass -Werror if building with gcc 3, for asn1.h 2089 2090 and bio.h cause (admittedly bogus) warnings with gcc 3. 2091 2092 OpenBSD-Commit-ID: fb39324748824cb0387e9d67c41d1bef945c54ea 2093 2094commit fc5dc092830de23767c6ef67baa18310a64ee533 2095Author: djm@openbsd.org <djm@openbsd.org> 2096Date: Wed May 22 04:20:00 2024 +0000 2097 2098 upstream: this test has been broken since 2014, and has been 2099 2100 testing the same key exchange algorithm repeatedly instead of testing all of 2101 them. Spotted by nreilly AT blackberry.com in bz3692 2102 2103 Who broke the test? me. 2104 2105 OpenBSD-Regress-ID: 48f4f5946276f975667141957d25441b3c9a50e2 2106 2107commit fd4816791beaed2fdae7eea3e1494d1972b2a39d 2108Author: anton@openbsd.org <anton@openbsd.org> 2109Date: Sun May 19 19:10:01 2024 +0000 2110 2111 upstream: Add missing kex-names.c source file required since the 2112 2113 ssh split. 2114 2115 OpenBSD-Regress-ID: ca666223f828fc4b069cb9016bff1eb50faf9fbb 2116 2117commit beccb7319c5449f6454889013403c336446d622e 2118Author: naddy@openbsd.org <naddy@openbsd.org> 2119Date: Fri May 17 14:42:00 2024 +0000 2120 2121 upstream: remove duplicate copy of relink kit for sshd-session 2122 2123 OpenBSD-Commit-ID: 6d2ded4cd91d4d727c2b26e099b91ea935bed504 2124 2125commit dcd79fa141311c287e0595ede684b7116122fae0 2126Author: jsg@openbsd.org <jsg@openbsd.org> 2127Date: Fri May 17 06:42:04 2024 +0000 2128 2129 upstream: remove prototypes with no matching function; ok djm@ 2130 2131 OpenBSD-Commit-ID: 6d9065dadea5f14a01bece0dbfe2fba1be31c693 2132 2133commit 6454a05e7c6574d70adf17efe505a8581a86ca4f 2134Author: jsg@openbsd.org <jsg@openbsd.org> 2135Date: Fri May 17 06:38:00 2024 +0000 2136 2137 upstream: remove externs for removed vars; ok djm@ 2138 2139 OpenBSD-Commit-ID: f51ea791d45c15d4927eb4ae7d877ccc1e5a2aab 2140 2141commit f3e4db4601ef7d2feb1d6f7447e432aaf353a616 2142Author: deraadt@openbsd.org <deraadt@openbsd.org> 2143Date: Fri May 17 06:11:17 2024 +0000 2144 2145 upstream: -Werror was turned on (probably just for development), 2146 2147 and this is a simple way to satisfy older gcc. 2148 2149 OpenBSD-Commit-ID: 7f698df54384b437ce33ab7405f0b86c87019e86 2150 2151commit 24a1f3e5ad6f4a49377d4c74c36637e9a239efd0 2152Author: Damien Miller <djm@mindrot.org> 2153Date: Fri May 17 14:50:43 2024 +1000 2154 2155 attempt at updating RPM specs for sshd-session 2156 2157commit 17b566eeb7a0c6acc9c48b35c08885901186f861 2158Author: djm@openbsd.org <djm@openbsd.org> 2159Date: Fri May 17 04:42:13 2024 +0000 2160 2161 upstream: g/c unused variable 2162 2163 OpenBSD-Commit-ID: aa6ef0778a1f1bde0d73efba72a777c48d2bd010 2164 2165commit 01fb82eb2aa0a4eaf5c394ea8bb37ea4c26f8a3f 2166Author: jsg@openbsd.org <jsg@openbsd.org> 2167Date: Fri May 17 02:39:11 2024 +0000 2168 2169 upstream: spelling; ok djm@ 2170 2171 OpenBSD-Commit-ID: bdea29bb3ed2a5a7782999c4c663b219d2270483 2172 2173commit b88b690e99145a021fc1a1a116a11e0bce0594e7 2174Author: djm@openbsd.org <djm@openbsd.org> 2175Date: Fri May 17 01:45:22 2024 +0000 2176 2177 upstream: allow overriding the sshd-session binary path 2178 2179 OpenBSD-Regress-ID: 5058cd1c4b6ca1a15474e33546142931d9f964da 2180 2181commit a68f80f2511f0e0c5cef737a8284cc2dfabad818 2182Author: anton@openbsd.org <anton@openbsd.org> 2183Date: Wed Apr 3 06:01:11 2024 +0000 2184 2185 upstream: Since ssh-agent(1) is only readable by root by now, use 2186 2187 ssh(1) while generating data in tests. 2188 2189 OpenBSD-Regress-ID: 24eb40de2e6b0ace185caaba35e2d470331ffe68 2190 2191commit 92e55890314ce2b0be21a43ebcbc043b4abc232f 2192Author: djm@openbsd.org <djm@openbsd.org> 2193Date: Fri May 17 01:17:40 2024 +0000 2194 2195 upstream: fix incorrect debug option name introduce in previous 2196 2197 commit 2198 2199 OpenBSD-Commit-ID: 66d69e22b1c072c694a7267c847f212284614ed3 2200 2201commit 4ad72878af7b6ec28da6e230e36a91650ebe84c1 2202Author: deraadt@openbsd.org <deraadt@openbsd.org> 2203Date: Fri May 17 00:33:25 2024 +0000 2204 2205 upstream: construct and install a relink-kit for sshd-session ok 2206 2207 djm 2208 2209 OpenBSD-Commit-ID: 8b3820adb4da4e139c4b3cffbcc0bde9f08bf0c6 2210 2211commit 02e679a2cb3f6df8e9dbb1519ed578226485157f 2212Author: Damien Miller <djm@mindrot.org> 2213Date: Fri May 17 12:21:27 2024 +1000 2214 2215 Makefile support for sshd-session 2216 2217commit c0416035c5eaf70a8450d11c8833c5f7068ee7ad 2218Author: djm@openbsd.org <djm@openbsd.org> 2219Date: Fri May 17 00:32:32 2024 +0000 2220 2221 upstream: missing files from previous 2222 2223 OpenBSD-Commit-ID: 4b7be4434d8799f02365552b641a7a70a7ebeb2f 2224 2225commit 03e3de416ed7c34faeb692967737be4a7bbe2eb5 2226Author: djm@openbsd.org <djm@openbsd.org> 2227Date: Fri May 17 00:30:23 2024 +0000 2228 2229 upstream: Start the process of splitting sshd into separate 2230 2231 binaries. This step splits sshd into a listener and a session binary. More 2232 splits are planned. 2233 2234 After this changes, the listener binary will validate the configuration, 2235 load the hostkeys, listen on port 22 and manage MaxStartups only. All 2236 session handling will be performed by a new sshd-session binary that the 2237 listener fork+execs. 2238 2239 This reduces the listener process to the minimum necessary and sets us 2240 up for future work on the sshd-session binary. 2241 2242 feedback/ok markus@ deraadt@ 2243 2244 NB. if you're updating via source, please restart sshd after installing, 2245 otherwise you run the risk of locking yourself out. 2246 2247 OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934 2248 2249commit 1c0d81357921f8d3bab06841df649edac515ae5b 2250Author: djm@openbsd.org <djm@openbsd.org> 2251Date: Thu May 9 09:46:47 2024 +0000 2252 2253 upstream: simplify exit message handling, which was more complicated 2254 2255 than it needed to be because of unexpunged ssh1 remnants. ok markus@ 2256 2257 OpenBSD-Commit-ID: 8b0cd2c0dee75fb053718f442aa89510b684610b 2258 2259commit cbbbf76aa6cd54fce32eacce1300e7abcf9461d4 2260Author: tobias@openbsd.org <tobias@openbsd.org> 2261Date: Mon May 6 19:26:17 2024 +0000 2262 2263 upstream: remove SSH1 leftovers 2264 2265 Authored with Space Meyer <git at the-space dot agency> 2266 2267 ok djm 2268 2269 OpenBSD-Commit-ID: 81db602e4cb407baae472689db1c222ed7b2afa3 2270 2271commit bc5dcb8ab9a4e8af54a724883732af378f42ea78 2272Author: tobias@openbsd.org <tobias@openbsd.org> 2273Date: Tue Apr 30 15:40:43 2024 +0000 2274 2275 upstream: never close stdin 2276 2277 The sanitise_stdfd call makes sure that standard file descriptors are 2278 open (if they were closed, they are connected with /dev/null). 2279 2280 Do not close stdin in any case to prevent error messages when stdin is 2281 read multiple times and to prevent later usage of fd 0 for connections, 2282 e.g. 2283 2284 echo localhost | ssh-keyscan -f - -f - 2285 2286 While at it, make stdin-related error messages nicer. 2287 2288 Authored with Max Kunzelmann <maxdev at posteo dot de> 2289 2290 ok djm 2291 2292 OpenBSD-Commit-ID: 48e9b7938e2fa2f9bd47e6de6df66a31e0b375d3 2293 2294commit 6a42b70e56bef1aacdcdf06352396e837883e84f 2295Author: Damien Miller <djm@mindrot.org> 2296Date: Wed May 8 09:43:59 2024 +1000 2297 2298 sync getrrsetbyname.c with recent upstream changes 2299 2300commit 385ecb31e147dfea59c1c488a1d2011d3867e60e 2301Author: djm@openbsd.org <djm@openbsd.org> 2302Date: Tue Apr 30 06:23:51 2024 +0000 2303 2304 upstream: fix home-directory extension implementation, it always 2305 2306 returned the current user's home directory contrary to the spec. 2307 2308 Patch from Jakub Jelen via GHPR477 2309 2310 OpenBSD-Commit-ID: 5afd775eab7f9cbe222d7fbae4c793de6c3b3d28 2311 2312commit 14e2b16bc67ffcc188906f65008667e22f73d103 2313Author: djm@openbsd.org <djm@openbsd.org> 2314Date: Tue Apr 30 06:16:55 2024 +0000 2315 2316 upstream: flush stdout after writing "sftp>" prompt when not using 2317 2318 editline. 2319 2320 From Alpine Linux via GHPR480 2321 2322 OpenBSD-Commit-ID: 80bdc7ffe0358dc090eb9b93e6dedb2b087b24cd 2323 2324commit 2e69a724051488e3fb3cd11531c4b5bc1764945b 2325Author: djm@openbsd.org <djm@openbsd.org> 2326Date: Tue Apr 30 05:53:03 2024 +0000 2327 2328 upstream: stricter validation of messaging socket fd number; disallow 2329 2330 usage of stderr. Based on GHPR492 by RealHurrison 2331 2332 OpenBSD-Commit-ID: 73dbbe82ea16f73ce1d044d3232bc869ae2f2ce8 2333 2334commit da757b022bf18c6f7d04e685a10cd96ed00f83da 2335Author: djm@openbsd.org <djm@openbsd.org> 2336Date: Tue Apr 30 05:45:56 2024 +0000 2337 2338 upstream: add missing reserved fields to key constraint protocol 2339 2340 documentation. 2341 2342 from Wiktor Kwapisiewicz via GHPR487 2343 2344 OpenBSD-Commit-ID: 0dfb69998cfdb3fa00cbb0e7809e7d2f6126e3df 2345 2346commit 16d0b82fa08038f35f1b3630c70116979f49784f 2347Author: Damien Miller <djm@mindrot.org> 2348Date: Tue Apr 30 12:39:34 2024 +1000 2349 2350 depend 2351 2352commit 66aaa678dbe59aa21d0d9d89a3596ecedde0254b 2353Author: djm@openbsd.org <djm@openbsd.org> 2354Date: Tue Apr 30 02:14:10 2024 +0000 2355 2356 upstream: correctly restore sigprocmask around ppoll() reported 2357 2358 by Tõivo Leedjärv; ok deraadt@ 2359 2360 OpenBSD-Commit-ID: c0c0f89de5294a166578f071eade2501929c4686 2361 2362commit 80fb0eb21551aed3aebb009ab20aeffeb01e44e0 2363Author: djm@openbsd.org <djm@openbsd.org> 2364Date: Tue Apr 30 02:10:49 2024 +0000 2365 2366 upstream: add explict check for server hostkey type against 2367 2368 HostkeyAlgorithms. Allows HostkeyAlgorithms to disable implicit fallback from 2369 certificate keys to plain keys. ok markus@ 2370 2371 OpenBSD-Commit-ID: 364087e4a395ff9b2f42bf3aefdb2090bb23643a 2372 2373commit 5b28096d31ff7d80748fc845553a4aef5bb05d86 2374Author: jsg@openbsd.org <jsg@openbsd.org> 2375Date: Tue Apr 23 13:34:50 2024 +0000 2376 2377 upstream: correct indentation; no functional change ok tb@ 2378 2379 OpenBSD-Commit-ID: dd9702fd43de546bc6a3f4f025c74d6f3692a0d4 2380 2381commit fd3cb8a82784e05f621dea5b56ac6f89bc53c067 2382Author: semarie@openbsd.org <semarie@openbsd.org> 2383Date: Thu Apr 4 16:00:51 2024 +0000 2384 2385 upstream: set right mode on ssh-agent at boot-time 2386 2387 which sthen@ 2388 ok deraadt@ 2389 2390 OpenBSD-Commit-ID: 662b5056a2c6171563e1626f9c69f27862b5e7af 2391 2392commit 54343a260e3aa4bceca1852dde31cd08e2abd82b 2393Author: deraadt@openbsd.org <deraadt@openbsd.org> 2394Date: Tue Apr 2 12:22:38 2024 +0000 2395 2396 upstream: Oops, incorrect hex conversion spotted by claudio. 2397 2398 While here try to improve how it reads a bit better. Surprising the 2399 regression tests didn't spot this error, maybe it fails to roundtrip the 2400 values. 2401 2402 OpenBSD-Commit-ID: 866cfcc1955aef8f3fc32da0b70c353a1b859f2e 2403 2404commit ec78c31409590ad74efc194f886273ed080a545a 2405Author: deraadt@openbsd.org <deraadt@openbsd.org> 2406Date: Tue Apr 2 10:02:08 2024 +0000 2407 2408 upstream: for parse_ipqos(), use strtonum() instead of mostly 2409 2410 idiomatic strtoul(), but wow it's so gross. ok djm 2411 2412 OpenBSD-Commit-ID: cec14a76af2eb7b225300c80fc0e21052be67b05 2413 2414commit 8176e1a6c2e6da9361a7abb6fbf6c23c299f495b 2415Author: deraadt@openbsd.org <deraadt@openbsd.org> 2416Date: Tue Apr 2 09:56:58 2024 +0000 2417 2418 upstream: can shortcut by returning strtonum() value directly; ok 2419 2420 djm 2421 2422 OpenBSD-Commit-ID: 7bb2dd3d6d1f288dac14247d1de446e3d7ba8b8e 2423 2424commit 9f543d7022a781f80bb696f9d73f1d1c6f9e31d6 2425Author: deraadt@openbsd.org <deraadt@openbsd.org> 2426Date: Tue Apr 2 09:52:14 2024 +0000 2427 2428 upstream: rewrite convtime() to use a isdigit-scanner and 2429 2430 strtonum() instead of strange strtoul can might be fooled by garage 2431 characters. passes regress/usr.bin/ssh/unittests/misc ok djm 2432 2433 OpenBSD-Commit-ID: 4b1ef826bb16047aea3f3bdcb385b72ffd450abc 2434 2435commit 8673137f780d8d9e4cda3c4605cb5d88d5cea271 2436Author: claudio@openbsd.org <claudio@openbsd.org> 2437Date: Tue Apr 2 09:48:24 2024 +0000 2438 2439 upstream: Remove unused ptr[3] char array in pkcs11_decode_hex. 2440 2441 OK deraadt@ 2442 2443 OpenBSD-Commit-ID: 3d14433e39fd558f662d3b0431c4c555ef920481 2444 2445commit c7fec708f331f108343d69e4d74c9a5d86d6cfe7 2446Author: deraadt@openbsd.org <deraadt@openbsd.org> 2447Date: Tue Apr 2 09:32:28 2024 +0000 2448 2449 upstream: Replace non-idiomatic strtoul(, 16) to parse a region 2450 2451 of 2-character hex sequences with a low-level replacement designed just for 2452 the task. ok djm 2453 2454 OpenBSD-Commit-ID: 67bab8b8a4329a19a0add5085eacd6f4cc215e85 2455 2456commit 019a5f483b0f588da6270ec401d0b4bb35032f3f 2457Author: deraadt@openbsd.org <deraadt@openbsd.org> 2458Date: Tue Apr 2 09:29:31 2024 +0000 2459 2460 upstream: Use strtonum() instead of severely non-idomatic 2461 2462 strtoul() In particular this will now reject trailing garbage, ie. 2463 '12garbage'. ok djm 2464 2465 OpenBSD-Commit-ID: c82d95e3ccbfedfc91a8041c2f8bf0cf987d1501 2466 2467commit 8231ca046fa39ea4eb99b79e0a6e09dec50ac952 2468Author: deraadt@openbsd.org <deraadt@openbsd.org> 2469Date: Mon Apr 1 15:50:17 2024 +0000 2470 2471 upstream: also create a relink kit for ssh-agent, since it is a 2472 2473 long-running setgid program carrying keys with some (not very powerful) 2474 communication channels. solution for testing the binary from dtucker. 2475 agreement from djm. Will add it into /etc/rc in a few days. 2476 2477 OpenBSD-Commit-ID: 2fe8d707ae35ba23c7916adcb818bb5b66837ba0 2478 2479commit bf7bf50bd6a14e49c9c243cb8f4de31e555a5a2e 2480Author: deraadt@openbsd.org <deraadt@openbsd.org> 2481Date: Mon Apr 1 15:48:16 2024 +0000 2482 2483 upstream: new-style relink kit for sshd. The old scheme created 2484 2485 a Makefile by concatenating two Makefiles and was incredibly fragile. In the 2486 new way a narrow-purposed install.sh script is created and shipped with the 2487 objects. A recently commited /etc/rc script understands these files. 2488 2489 OpenBSD-Commit-ID: ef9341d5a50f0d33e3a6fbe995e92964bc7ef2d3 2490 2491commit 00e63688920905e326d8667cb47f17a156b6dc8f 2492Author: renmingshuai <renmingshuai@huawei.com> 2493Date: Fri Apr 12 10:20:49 2024 +0800 2494 2495 Shell syntax fix (leftover from a sync). 2496 2497 Signed-off-by: renmingshuai <renmingshuai@huawei.com> 2498 2499commit 2eded551ba96e66bc3afbbcc883812c2eac02bd7 2500Author: Darren Tucker <dtucker@dtucker.net> 2501Date: Thu Apr 25 13:20:19 2024 +1000 2502 2503 Merge flags for OpenSSL 3.x versions. 2504 2505 OpenSSL has moved to 3.4 which we don't currently accept. Based on 2506 the OpenSSL versioning policy[0] it looks like all of the 3.x versions 2507 should work with OpenSSH, so remove the distinction in configure and 2508 accept all of them. 2509 2510 [0] https://openssl.org/policies/general/versioning-policy.html 2511 2512commit 8673245918081c6d1dc7fb3733c8eb2c5a902c5e 2513Author: Darren Tucker <dtucker@dtucker.net> 2514Date: Thu Apr 25 13:19:03 2024 +1000 2515 2516 Remove 9.6 branch from status page. 2517 2518commit 70d43049747fa3c66cf876d52271859407cec2fa 2519Author: Darren Tucker <dtucker@dtucker.net> 2520Date: Thu Apr 25 13:16:58 2024 +1000 2521 2522 Update LibreSSL and OpenSSL versions tested. 2523 2524 Update LibreSSL versions to current releases (3.8.4 & 3.9.1). 2525 Add newly-released OpenSSL 3.3.0, and add tests against the 3.1 and 2526 3.3 branches. 2527 2528commit 88351eca17dcc55189991ba60e50819b6d4193c1 2529Author: 90 <hi@90.gripe> 2530Date: Fri Apr 5 19:36:06 2024 +0100 2531 2532 Fix missing header for systemd notification 2533 2534commit 08f579231cd38a1c657aaa6ddeb8ab57a1fd4f5c 2535Author: Damien Miller <djm@mindrot.org> 2536Date: Wed Apr 3 14:40:32 2024 +1100 2537 2538 notify systemd on listen and reload 2539 2540 Standalone implementation that does not depend on libsystemd. 2541 With assistance from Luca Boccassi, and feedback/testing from Colin 2542 Watson. bz2641 2543 2544commit 43e7c1c07cf6aae7f4394ca8ae91a3efc46514e2 2545Author: Darren Tucker <dtucker@dtucker.net> 2546Date: Sun Mar 31 21:51:57 2024 +1100 2547 2548 Port changes from selfhosted to upstream tests. 2549 2550 Should get them working again. 2551 2552commit 281ea25a44bff53eefb4af7bab7aa670b1f8b6b2 2553Author: Darren Tucker <dtucker@dtucker.net> 2554Date: Sat Mar 30 18:20:16 2024 +1100 2555 2556 Check if OpenSSL implementation supports DSA. 2557 2558 If --enable/disable-dsa-keys is not specified, set based on what OpenSSL 2559 supports. If specified as enabled, but not supported by OpenSSL error 2560 out. ok djm@ 2561 2562commit 2d2c068de8d696fe3246f390b146197f51ea1e83 2563Author: djm@openbsd.org <djm@openbsd.org> 2564Date: Sat Mar 30 05:56:22 2024 +0000 2565 2566 upstream: in OpenSSH private key format, correct type for subsequent 2567 2568 private keys in blob. From Jakub Jelen via GHPR430 2569 2570 OpenBSD-Commit-ID: d17dbf47554de2d752061592f95b5d772baab50b 2571 2572commit c2c0bdd3e96b3ef66d77fccb85ff4962dc76caf0 2573Author: Eero Häkkinen <Eero+git@xn--Hkkinen-5wa.fi> 2574Date: Sat Sep 16 00:55:08 2023 +0300 2575 2576 Expose SSH_AUTH_INFO_0 always to PAM auth modules. 2577 2578 This changes SSH_AUTH_INFO_0 to be exposed to PAM auth modules also 2579 when a password authentication method is in use and not only 2580 when a keyboard-interactive authentication method is in use. 2581 2582commit 02c5ad23124ae801cf248d99ea5068fc4331ca01 2583Author: Darren Tucker <dtucker@dtucker.net> 2584Date: Wed Mar 27 17:42:58 2024 +1100 2585 2586 Rearrange selfhosted VM scheduling. 2587 2588 Instead of trying to infer the type of the self hosted tests in each of 2589 the driver scripts (inconsistently...), set one of the following 2590 variables to "true" in the workflow: 2591 2592 VM: tests run in a virtual machine. 2593 EPHEMERAL: tests run on an ephemeral virtual machine. 2594 PERSISTENT: tests run on a persistent virtual machine 2595 REMOTE: tests run on a physical remote host. 2596 2597 EPHEMERAL VMs can have multiple instances of any given VM can exist 2598 simultaneously and are run by a runner pool. The other types have a 2599 dedicated runner instance and can only run a single test at a time. 2600 2601 Other settings: 2602 SSHFS: We need to sshfs mount over the repo so the workflow can collect 2603 build artifacts. This also implies the tests must be run over ssh. 2604 DEBUG_ACTIONS: enable "set -x" in scripts for debugging. 2605 2606commit cd8a72707c02615365d0851ac51063ab6bfe258f 2607Author: Damien Miller <djm@mindrot.org> 2608Date: Sat Mar 30 16:05:59 2024 +1100 2609 2610 add new token-based signing key for dtucker@ 2611 2612 Verified in person and via signature with old key. 2613 Will remove old key in a bit. 2614 2615commit 8d0e46c1ddb5b7f0992591b0dc5d8aaa77cc9dba 2616Author: Alkaid <zgf574564920@gmail.com> 2617Date: Tue Mar 12 03:59:12 2024 -0700 2618 2619 Fix OpenSSL ED25519 support detection 2620 2621 Wrong function signature in configure.ac prevents openssh from enabling 2622 the recently new support for ED25519 priv keys in PEM PKCS8 format. 2623 2624commit 697359be9c23ee43618243cdbcc9c7981e766752 2625Author: djm@openbsd.org <djm@openbsd.org> 2626Date: Sat Mar 30 04:27:44 2024 +0000 2627 2628 upstream: allow WAYLAND_DISPLAY to enable SSH_ASKPASS 2629 2630 From dkg via GHPR479; ok dtucker@ 2631 2632 OpenBSD-Commit-ID: 1ac1f9c45da44eabbae89375393c662349239257 2633 2634commit 7844705b0364574cc70b941be72036c2c2966363 2635Author: dtucker@openbsd.org <dtucker@openbsd.org> 2636Date: Fri Mar 29 10:40:07 2024 +0000 2637 2638 upstream: Use egrep instead of grep -E. 2639 2640 Some plaforms don't have the latter so this makes things easier 2641 in -portable. 2642 2643 OpenBSD-Regress-ID: ff82260eb0db1f11130200b25d820cf73753bbe3 2644 2645commit 22b2b6c555334bffdf357a2e4aa74308b03b83c3 2646Author: dtucker@openbsd.org <dtucker@openbsd.org> 2647Date: Tue Mar 26 08:09:16 2024 +0000 2648 2649 upstream: test -h is the POSIXly way of testing for a symlink. Reduces 2650 2651 diff vs Portable. 2652 2653 OpenBSD-Regress-ID: 6f31cd6e231e3b8c5c2ca0307573ccb7484bff7d 2654 2655commit edcff77f82c2bb2b5653b36f1e47274c5ef3e8be 2656Author: Darren Tucker <dtucker@dtucker.net> 2657Date: Tue Mar 26 18:58:58 2024 +1100 2658 2659 Fix name of OpenBSD upstream CI jobs. 2660 2661commit 861b084429940e024f1b6e9c2779eac95d7a45db 2662Author: Darren Tucker <dtucker@dtucker.net> 2663Date: Tue Mar 26 18:55:33 2024 +1100 2664 2665 Resync with upstream: ${} around DATAFILE. 2666 2667commit 63f248c7693e7f0a3b9a13d2980ac9a7e37f2aea 2668Author: djm@openbsd.org <djm@openbsd.org> 2669Date: Mon Mar 25 19:28:09 2024 +0000 2670 2671 upstream: optional debugging 2672 2673 OpenBSD-Regress-ID: b4852bf97ac8fb2e3530f2d5f999edd66058d7bc 2674 2675commit 16e2ebe06a62f09d4877b769876d92d6008a896f 2676Author: dtucker@openbsd.org <dtucker@openbsd.org> 2677Date: Mon Mar 25 06:05:42 2024 +0000 2678 2679 upstream: Verify string returned from local shell command. 2680 2681 OpenBSD-Regress-ID: 5039bde24d33d809aebfa8d3ad7fe9053224e6f8 2682 2683commit b326f7a1f39ff31324cc3fe2735178fb474c04a4 2684Author: dtucker@openbsd.org <dtucker@openbsd.org> 2685Date: Mon Mar 25 03:30:31 2024 +0000 2686 2687 upstream: Improve shell portability: grep -q is not portable so 2688 2689 redirect stdout, and use printf instead of relying on echo to do \n 2690 substitution. Reduces diff vs Portable. 2691 2692 Also resync somewhat with upstream. 2693 2694 OpenBSD-Regress-ID: 9ae876a8ec4c4725f1e9820a0667360ee2398337 2695 2696commit dbf2e319f0c582613fa45a735ea3c242ce56946b 2697Author: dtucker@openbsd.org <dtucker@openbsd.org> 2698Date: Mon Mar 25 02:07:08 2024 +0000 2699 2700 upstream: Save error code from SSH for use inside case statement, 2701 2702 from portable. In some shells, "case" will reset the value of $?, so save it 2703 first. 2704 2705 OpenBSD-Regress-ID: da32e5be19299cb4f0f7de7f29c11257a62d6949 2706 2707commit d2c8c4fa7def4fb057ed05b3db57b62c810a26f6 2708Author: dtucker@openbsd.org <dtucker@openbsd.org> 2709Date: Mon Mar 25 01:40:47 2024 +0000 2710 2711 upstream: Increase timeout. Resyncs with portable where some of 2712 2713 the test VMs are slow enough for this to matter. 2714 2715 OpenBSD-Regress-ID: 6a83a693602eb0312f06a4ad2cd6f40d99d24b26 2716 2717commit 83621b63514a84791623db3efb59d38bc4bf9563 2718Author: dtucker@openbsd.org <dtucker@openbsd.org> 2719Date: Mon Mar 25 01:28:29 2024 +0000 2720 2721 upstream: In PuTTY interop test, don't assume the PuTTY major 2722 2723 version is 0. Patch from cjwatson at debian.org via bz#3671. 2724 2725 OpenBSD-Regress-ID: 835ed03c1b04ad46be82e674495521f11b840191 2726 2727commit 8a421b927700f3834b4d985778e252b8e3299f83 2728Author: Darren Tucker <dtucker@dtucker.net> 2729Date: Tue Mar 26 18:38:14 2024 +1100 2730 2731 Really mkdir /usr/local/etc in CI tests. 2732 2733commit 2946ed522c47ce045314533d426b4e379f745e59 2734Author: Darren Tucker <dtucker@dtucker.net> 2735Date: Tue Mar 26 17:19:09 2024 +1100 2736 2737 Better short name for OpenBSD upstream CI jobs too. 2738 2739commit 18dbe8eff647aacb82d7e86b4ce63d5beee11f25 2740Author: Darren Tucker <dtucker@dtucker.net> 2741Date: Tue Mar 26 17:13:52 2024 +1100 2742 2743 Ensure /usr/local/etc exists before using in tests. 2744 2745commit 5fc1085128e3348bb1b5ee4d955cc767b019b3ad 2746Author: Darren Tucker <dtucker@dtucker.net> 2747Date: Tue Mar 26 16:50:46 2024 +1100 2748 2749 Be more specific about when to rerun workflows. 2750 2751commit 5516923e8ae3da0823fea0d7d28aa813627142c0 2752Author: Darren Tucker <dtucker@dtucker.net> 2753Date: Tue Mar 26 16:35:27 2024 +1100 2754 2755 Add short names for test jobs on github CI. 2756 2757commit dc37d2d2470b4a9cedcee9ac926b7362214e3305 2758Author: Darren Tucker <dtucker@dtucker.net> 2759Date: Tue Mar 26 16:26:14 2024 +1100 2760 2761 If we're using xpg4's id, remember to pass args. 2762 2763commit fe169487937780392b23d3ff3c00e5898c10f784 2764Author: dtucker@openbsd.org <dtucker@openbsd.org> 2765Date: Tue Mar 26 01:23:11 2024 +0000 2766 2767 upstream: Import regenerated moduli. 2768 2769 OpenBSD-Commit-ID: ad3d1486d105b008c93e952d158e5af4d9d4c531 2770 2771commit 151146f03b490d19145cd421763aa7d42f5c50e2 2772Author: job@openbsd.org <job@openbsd.org> 2773Date: Thu Mar 14 06:23:14 2024 +0000 2774 2775 upstream: Clarify how literal IPv6 addresses can be used in -J mode 2776 2777 OK djm@ 2778 2779 OpenBSD-Commit-ID: 524ddae97746b3563ad4a887dfd0a6e6ba114c50 2780 2781commit 0d5bdc87a675271862b67eb6a9fb13a202fb4894 2782Author: Darren Tucker <dtucker@dtucker.net> 2783Date: Mon Mar 25 16:14:21 2024 +1100 2784 2785 Add Mac OS X 14 test targets. 2786 2787commit 2d7964a03e1f50a48040ec6912c0a956df909d21 2788Author: Darren Tucker <dtucker@dtucker.net> 2789Date: Mon Mar 25 14:05:40 2024 +1100 2790 2791 Move xpg4 'id' handling into test-exec.sh. 2792 2793 Handle replacement of 'id' the same way as we do other Portable specific 2794 replacements in test-exec.sh. This brings percent.sh back into sync 2795 with upstream. 2796 2797commit 75d1d49ed10d978171cdafad28bdbffdbd48f41e 2798Author: Darren Tucker <dtucker@dtucker.net> 2799Date: Mon Mar 25 10:38:03 2024 +1100 2800 2801 Update branches shown on ci-status to 9.7 and 9.6. 2802 2803commit f9193f03db0029fc9c31fbdb5c66a2737446bd8f 2804Author: Darren Tucker <dtucker@dtucker.net> 2805Date: Mon Mar 25 09:28:02 2024 +1100 2806 2807 Improve detection of -fzero-call-used-regs=used. 2808 2809 Should better detect problems with gcc 13 on m68k. bz#3673 from Colin 2810 Watson via bz#3673 and https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110934 2811 2812 Signed-off-by: Darren Tucker <dtucker@dtucker.net> 2813 2814commit 86bdd3853f4d32c85e295e6216a2fe0953ad93f0 2815Author: Damien Miller <djm@mindrot.org> 2816Date: Mon Mar 11 16:20:49 2024 +1100 2817 2818 version number in README 2819 2820commit 282721418e6465bc39ccfd39bb0133e670ee4423 2821Author: Damien Miller <djm@mindrot.org> 2822Date: Mon Mar 11 16:20:08 2024 +1100 2823 2824 crank RPM spec versions 2825 2826commit 3876a3bbd2ca84d23ba20f8b69ba83270c04ce3a 2827Author: djm@openbsd.org <djm@openbsd.org> 2828Date: Mon Mar 11 04:59:47 2024 +0000 2829 2830 upstream: openssh-9.7 2831 2832 OpenBSD-Commit-ID: 618ececf58b8cdae016b149787af06240f7b0cbc 2833 2834commit 8fc109cc614954a8eb2738c48c0db36a62af9a06 2835Author: Darren Tucker <dtucker@dtucker.net> 2836Date: Mon Mar 11 12:59:26 2024 +1100 2837 2838 Test against current OpenSSL and LibreSSL releases. 2839 2840 Add LibreSSL 3.9.0, bump older branches to their respective current 2841 releases. 2842 2843commit 26b09b45fec7b88ba09042c09be4157e58e231e2 2844Author: Damien Miller <djm@mindrot.org> 2845Date: Sun Mar 10 16:24:57 2024 +1100 2846 2847 quote regexes used to test for algorithm support 2848 2849 Fixes test failures on Solaris 8 reported by Tom G. Christensen 2850 2851commit a6a740a4948d10a622b505135bb485c10f21db5e 2852Author: djm@openbsd.org <djm@openbsd.org> 2853Date: Sat Mar 9 05:12:13 2024 +0000 2854 2855 upstream: avoid logging in signal handler by converting mainloop to 2856 2857 ppoll() bz3670, reported by Ben Hamilton; ok dtucker@ 2858 2859 OpenBSD-Commit-ID: e58f18042b86425405ca09e6e9d7dfa1df9f5f7f 2860 2861commit cd82f7526e0481720567ae41db7849ab1c27e27b 2862Author: djm@openbsd.org <djm@openbsd.org> 2863Date: Fri Mar 8 22:16:32 2024 +0000 2864 2865 upstream: skip more whitespace, fixes find-principals on 2866 2867 allowed_signers files with blank lines; reported by Wiktor Kwapisiewicz 2868 2869 OpenBSD-Commit-ID: b3a22a2afd753d70766f34bc7f309c03706b5298 2870 2871commit 2f9d2af5cb19905d87f37d1e11c9f035ac5daf3b 2872Author: dtucker@openbsd.org <dtucker@openbsd.org> 2873Date: Fri Mar 8 11:34:10 2024 +0000 2874 2875 upstream: Invoke ProxyCommand that uses stderr redirection via 2876 2877 $TEST_SHELL. Fixes test when run by a user whose login shell is tcsh. 2878 Found by vinschen at redhat.com. 2879 2880 OpenBSD-Regress-ID: f68d79e7f00caa8d216ebe00ee5f0adbb944062a 2881 2882commit 9b3f0beb4007a7e01dfedabb429097fb593deae6 2883Author: Darren Tucker <dtucker@dtucker.net> 2884Date: Thu Mar 7 17:18:14 2024 +1100 2885 2886 Prefer openssl binary from --with-ssl-dir directory. 2887 2888 Use openssl in the directory specified by --with-ssl-dir as long 2889 as it's functional. Reported by The Doctor. 2890 2891commit c47e1c9c7911f38b2fc2fb01b1f6ae3a3121a838 2892Author: djm@openbsd.org <djm@openbsd.org> 2893Date: Wed Mar 6 02:59:59 2024 +0000 2894 2895 upstream: fix memory leak in mux proxy mode when requesting forwarding. 2896 2897 found by RASU JSC, reported by Maks Mishin in GHPR#467 2898 2899 OpenBSD-Commit-ID: 97d96a166b1ad4b8d229864a553e3e56d3116860 2900 2901commit 242742827fea4508e68097c128e802edc79addb5 2902Author: djm@openbsd.org <djm@openbsd.org> 2903Date: Wed Mar 6 00:31:04 2024 +0000 2904 2905 upstream: wrap a few PKCS#11-specific bits in ENABLE_PKCS11 2906 2907 OpenBSD-Commit-ID: 463e4a69eef3426a43a2b922c4e7b2011885d923 2908 2909commit d52b6509210e2043f33e5a1de58dd4a0d5d48c2a 2910Author: Damien Miller <djm@mindrot.org> 2911Date: Wed Mar 6 11:31:36 2024 +1100 2912 2913 disable RSA tests when algorithm is not supported 2914 2915 Unbreaks "make test" when compiled --without-openssl. 2916 2917 Similar treatment to how we do DSA and ECDSA. 2918 2919commit 668d270a6c77e8b5a1da26ecad2e6de9f62c8fe4 2920Author: Damien Miller <djm@mindrot.org> 2921Date: Wed Mar 6 10:33:20 2024 +1100 2922 2923 add a --without-retpoline configure option 2924 2925 discussed with deraadt and dtucker a while ago 2926 2927commit 3deb501f86fc47e175ef6a3eaba9b9846a80d444 2928Author: djm@openbsd.org <djm@openbsd.org> 2929Date: Mon Mar 4 04:13:18 2024 +0000 2930 2931 upstream: fix leak of CanonicalizePermittedCNAMEs on error path; 2932 2933 spotted by Coverity (CID 438039) 2934 2935 OpenBSD-Commit-ID: 208839699939721f452a4418afc028a9f9d3d8af 2936 2937commit 65a44a8a4f7d902a64d4e60eda84384b2e2a24a2 2938Author: djm@openbsd.org <djm@openbsd.org> 2939Date: Mon Mar 4 02:16:11 2024 +0000 2940 2941 upstream: Separate parsing of string array options from applying them 2942 2943 to the active configuration. This fixes the config parser from erroneously 2944 rejecting cases like: 2945 2946 AuthenticationMethods password 2947 Match User ivy 2948 AuthenticationMethods any 2949 2950 bz3657 ok markus@ 2951 2952 OpenBSD-Commit-ID: 7f196cba634c2a3dba115f3fac3c4635a2199491 2953 2954commit 6886e1b1f55c90942e4e6deed930f8ac32e0f938 2955Author: Darren Tucker <dtucker@dtucker.net> 2956Date: Thu Feb 22 17:59:35 2024 +1100 2957 2958 Add nbsd10 test target. 2959 2960commit d86bf8a3f6ea4fa7887406c2aa9959db71fa41be 2961Author: Damien Miller <djm@mindrot.org> 2962Date: Thu Feb 22 12:06:10 2024 +1100 2963 2964 more descriptive configure test name 2965 2966commit 9ee335aacc9f5bdc4cc2c19fafb45e27be7d234e 2967Author: djm@openbsd.org <djm@openbsd.org> 2968Date: Wed Feb 21 06:17:29 2024 +0000 2969 2970 upstream: explain arguments of internal-sftp GHPR#454 from Niklas 2971 2972 Hambüchen 2973 MIME-Version: 1.0 2974 Content-Type: text/plain; charset=UTF-8 2975 Content-Transfer-Encoding: 8bit 2976 2977 OpenBSD-Commit-ID: 0335d641ae6b5b6201b9ffd5dd06345ebbd0a3f3 2978 2979commit d1164cb1001dd208fee88aaa9b43d5e6fd917274 2980Author: djm@openbsd.org <djm@openbsd.org> 2981Date: Wed Feb 21 06:06:43 2024 +0000 2982 2983 upstream: clarify permissions requirements for ChrootDirectory Part 2984 2985 of GHPR#454 from Niklas Hambüchen 2986 MIME-Version: 1.0 2987 Content-Type: text/plain; charset=UTF-8 2988 Content-Transfer-Encoding: 8bit 2989 2990 OpenBSD-Commit-ID: d37bc8786317a11649c62ff5e2936441186ef7a0 2991 2992commit d410e17d186552d0717f18217d0d049486754365 2993Author: djm@openbsd.org <djm@openbsd.org> 2994Date: Wed Feb 21 06:05:06 2024 +0000 2995 2996 upstream: .Cm for a keyword. Part of GHPR#454 from Niklas Hambüchen 2997 2998 OpenBSD-Commit-ID: d59c52559f926fa82859035d79749fbb4a3ce18a 2999 3000commit ab73f9678ebf06b32d6361b88b50b42775e0565b 3001Author: djm@openbsd.org <djm@openbsd.org> 3002Date: Wed Feb 21 06:01:13 2024 +0000 3003 3004 upstream: fix typo in match directive predicate (s/tagged/tag) GHPR#462 3005 3006 from Tobias Manske 3007 3008 OpenBSD-Commit-ID: 05b23b772677d48aa82eefd7ebebd369ae758908 3009 3010commit 9844aa2521ccfb1a2d73745680327b79e0574445 3011Author: djm@openbsd.org <djm@openbsd.org> 3012Date: Wed Feb 21 05:57:34 2024 +0000 3013 3014 upstream: fix proxy multiplexing mode, broken when keystroke timing 3015 3016 obfuscation was added. GHPR#463 from montag451 3017 3018 OpenBSD-Commit-ID: 4e412d59b3f557d431f1d81c715a3bc0491cc677 3019 3020commit ee6d932acb532f80b11bb7cf161668c70ec8a117 3021Author: djm@openbsd.org <djm@openbsd.org> 3022Date: Tue Feb 20 04:10:03 2024 +0000 3023 3024 upstream: don't append a gratuitous space to the end of subsystem 3025 3026 arguments; bz3667 3027 3028 OpenBSD-Commit-ID: e11023aeb3f30b77a674e37b8292c862926d5dc6 3029 3030commit e27f032aa8fcbae9b2e7c451baaf4b8ac6fa3d45 3031Author: dtucker@openbsd.org <dtucker@openbsd.org> 3032Date: Mon Feb 19 09:25:52 2024 +0000 3033 3034 upstream: Always define puttysetup function. 3035 3036 OpenBSD-Regress-ID: b4c0ccfa4006a1bc5dfd99ccf21c854d3ce2aee0 3037 3038commit 84046f9991abef5f46b040b10cf3d494f933a17b 3039Author: dtucker@openbsd.org <dtucker@openbsd.org> 3040Date: Fri Feb 9 08:56:59 2024 +0000 3041 3042 upstream: Exapnd PuTTY test coverage. 3043 3044 Expand the set of ciphers, MACs and KEX methods in the PuTTY interop 3045 tests. 3046 3047 OpenBSD-Regress-ID: dd28d97d48efe7329a396d0d505ee2907bf7fc57 3048 3049commit bbf541ee2afe07b08a8b56fa0dc6f38fcfceef2a 3050Author: dtucker@openbsd.org <dtucker@openbsd.org> 3051Date: Fri Feb 9 08:47:42 2024 +0000 3052 3053 upstream: Factor out PuTTY setup. 3054 3055 Factor out PuTTY and call only when needed. 3056 3057 This allows us to avoid PuTTY key setup when it's not needed, which 3058 speeds up the overall test run by a couple of percent. 3059 3060 OpenBSD-Regress-ID: c25eaccc3c91bc874400f7c85ce40e9032358c1c 3061 3062commit d31c21c57fb4245271680a1e5043cf6470a96766 3063Author: naddy@openbsd.org <naddy@openbsd.org> 3064Date: Sat Feb 10 11:28:52 2024 +0000 3065 3066 upstream: clean sshd random relinking kit; ok miod@ 3067 3068 OpenBSD-Commit-ID: 509bb19bb9762a4b3b589af98bac2e730541b6d4 3069 3070commit 4dbc5a363ff53a2fcecf6bc3bcc038badc12f118 3071Author: djm@openbsd.org <djm@openbsd.org> 3072Date: Fri Feb 2 00:13:34 2024 +0000 3073 3074 upstream: whitespace 3075 3076 OpenBSD-Commit-ID: b24680bc755b621ea801ff8edf6f0f02b68edae1 3077 3078commit efde85dda2130272af24cc346f6c3cd326182ff1 3079Author: Darren Tucker <dtucker@dtucker.net> 3080Date: Mon Feb 19 17:29:31 2024 +1100 3081 3082 Improve error message for OpenSSL header check. 3083 3084 bz#3668, ok djm@ 3085 3086commit cbbdf868bce431a59e2fa36ca244d5739429408d 3087Author: Darren Tucker <dtucker@dtucker.net> 3088Date: Wed Feb 7 13:45:02 2024 +1100 3089 3090 Interop test against PuTTY snapshot and releases. 3091 3092commit 91898bf786b0f149f962c4c96c08a46f29888c10 3093Author: Darren Tucker <dtucker@dtucker.net> 3094Date: Tue Feb 6 16:21:05 2024 +1100 3095 3096 Put privsep dir on OS X on /usr/local. 3097 3098 On some runners we can't create /var/empty, so put it some place we can 3099 write. Should fix test breakage on Max OS X 11. 3100 3101commit be5ed8ebed8388c5056bfde4688308cc873c18b9 3102Author: Darren Tucker <dtucker@dtucker.net> 3103Date: Tue Feb 6 11:19:42 2024 +1100 3104 3105 Add --disable-fd-passing option. 3106 3107 .. and enable for the minix3 test VM. This will cause it to more reliably 3108 skip tests that need FD passing and should fix the current test breakage. 3109 3110commit 0f6a8a0d0a518fd78c4cbebfdac990a57a1c4e41 3111Author: Darren Tucker <dtucker@dtucker.net> 3112Date: Tue Feb 6 11:18:44 2024 +1100 3113 3114 Use "skip" function instead doing it ourselves. 3115 3116commit 3ad669f81aabbd2ba9fbd472903f680f598e1e99 3117Author: Damien Miller <djm@mindrot.org> 3118Date: Thu Feb 1 14:01:18 2024 +1100 3119 3120 ignore some vim droppings 3121 3122commit c283f29d23611a06bbee06bcf458f2fffad721d9 3123Author: djm@openbsd.org <djm@openbsd.org> 3124Date: Thu Feb 1 02:37:33 2024 +0000 3125 3126 upstream: whitespace 3127 3128 OpenBSD-Commit-ID: bf9e4a1049562ee4322684fbdce07142f04fdbb7 3129 3130commit 0d96b1506b2f4757fefa5d1f884d49e96a6fd4c3 3131Author: Damien Miller <djm@mindrot.org> 3132Date: Tue Jan 16 14:40:18 2024 +1100 3133 3134 skip tests that use multiplexing on Windows 3135 3136 Some tests here use multiplexing, skip these if DISABLE_FD_PASSING 3137 is set. Should unbreak tests on Windows. 3138 3139commit 50080fa42f5f744b798ee29400c0710f1b59f50e 3140Author: djm@openbsd.org <djm@openbsd.org> 3141Date: Thu Jan 11 04:50:28 2024 +0000 3142 3143 upstream: don't disable RSA test when DSA is disabled; bug introduced 3144 3145 in last commit 3146 3147 OpenBSD-Regress-ID: 8780a7250bf742b33010e9336359a1c516f2d7b5 3148 3149commit 415c94ce17288e0cdcb9e58cc91fba78d33c8457 3150Author: djm@openbsd.org <djm@openbsd.org> 3151Date: Thu Jan 11 01:45:58 2024 +0000 3152 3153 upstream: make DSA testing optional, defaulting to on 3154 3155 ok markus 3156 3157 OpenBSD-Regress-ID: dfc27b5574e3f19dc4043395594cea5f90b8572a 3158 3159commit f9311e8921d92c5efca767227a497ab63280ac39 3160Author: djm@openbsd.org <djm@openbsd.org> 3161Date: Thu Jan 11 01:51:16 2024 +0000 3162 3163 upstream: ensure key_fd is filled when DSA is disabled; spotted by 3164 3165 tb@ 3166 3167 OpenBSD-Commit-ID: 9dd417b6eec3cf67e870f147464a8d93f076dce7 3168 3169commit 4e838120a759d187b036036610402cbda33f3203 3170Author: djm@openbsd.org <djm@openbsd.org> 3171Date: Thu Jan 11 01:45:36 2024 +0000 3172 3173 upstream: make DSA key support compile-time optional, defaulting to 3174 3175 on 3176 3177 ok markus@ 3178 3179 OpenBSD-Commit-ID: 4f8e98fc1fd6de399d0921d5b31b3127a03f581d 3180 3181commit afcc9028bfc411bc26d20bba803b83f90cb84e26 3182Author: jmc@openbsd.org <jmc@openbsd.org> 3183Date: Wed Jan 10 06:33:13 2024 +0000 3184 3185 upstream: fix incorrect capitalisation; 3186 3187 OpenBSD-Commit-ID: cb07eb06e15fa2334660ac73e98f29b6a1931984 3188 3189commit 9707c8170c0c1baeb1e06e5a53f604498193885f 3190Author: djm@openbsd.org <djm@openbsd.org> 3191Date: Tue Jan 9 22:19:36 2024 +0000 3192 3193 upstream: extend ChannelTimeout regression test to exercise multiplexed 3194 3195 connections and the new "global" timeout type. ok dtucker@ 3196 3197 OpenBSD-Regress-ID: f10d19f697024e9941acad7c2057f73d6eacb8a2 3198 3199commit b31b12d28de96e1d43581d32f34da8db27e11c03 3200Author: djm@openbsd.org <djm@openbsd.org> 3201Date: Tue Jan 9 22:19:00 2024 +0000 3202 3203 upstream: add a "global" ChannelTimeout type to ssh(1) and sshd(8) 3204 3205 that watches all open channels and will close all open channels if there is 3206 no traffic on any of them for the specified interval. This is in addition to 3207 the existing per-channel timeouts added a few releases ago. 3208 3209 This supports use-cases like having a session + x11 forwarding channel 3210 open where one may be idle for an extended period but the other is 3211 actively used. The global timeout would allow closing both channels when 3212 both have been idle for too long. 3213 3214 ok dtucker@ 3215 3216 OpenBSD-Commit-ID: 0054157d24d2eaa5dc1a9a9859afefc13d1d7eb3 3217 3218commit 602f4beeeda5bb0eca181f8753d923a2997d0a51 3219Author: djm@openbsd.org <djm@openbsd.org> 3220Date: Tue Jan 9 21:39:14 2024 +0000 3221 3222 upstream: adapt ssh_api.c code for kex-strict 3223 3224 from markus@ ok me 3225 3226 OpenBSD-Commit-ID: 4d9f256852af2a5b882b12cae9447f8f00f933ac 3227 3228commit 42ba34aba8708cf96583ff52975d95a8b47d990d 3229Author: Damien Miller <djm@mindrot.org> 3230Date: Mon Jan 8 16:26:37 2024 +1100 3231 3232 nite that recent OSX tun/tap is unsupported 3233 3234commit 690bc125f9a3b20e47745fa8f5b5e1fd5820247f 3235Author: Sevan Janiyan <venture37@geeklan.co.uk> 3236Date: Wed Dec 27 04:57:49 2023 +0000 3237 3238 README.platform: update tuntap url 3239 3240commit 6b8be2ccd7dd091808f86af52066b0c2ec30483a 3241Author: Rose <83477269+AtariDreams@users.noreply.github.com> 3242Date: Tue Dec 19 11:48:20 2023 -0500 3243 3244 Fix compilation error in ssh-pcks11-client.c 3245 3246 Compilation fails becaus of an undefined reference to helper_by_ec, 3247 because we forgot the preprocessor conditional that excludes that function 3248 from being called in unsupported configurations. 3249 3250commit 219c8134157744886ee6ac5b8c1650abcd981f4c 3251Author: djm@openbsd.org <djm@openbsd.org> 3252Date: Mon Jan 8 05:11:18 2024 +0000 3253 3254 upstream: Remove outdated note from PROTOCOL.mux 3255 3256 Port forward close by control master is already implemented 3257 by `mux_master_process_close_fwd` in `mux.c` 3258 3259 GHPR442 from bigb4ng 3260 3261 OpenBSD-Commit-ID: ad0734fe5916d2dc7dd02b588906cea4df0482fb 3262 3263commit 4c3cf362631ccc4ffd422e572f075d5d594feace 3264Author: djm@openbsd.org <djm@openbsd.org> 3265Date: Mon Jan 8 05:05:15 2024 +0000 3266 3267 upstream: fix missing field in users-groups-by-id@openssh.com reply 3268 3269 documentation 3270 3271 GHPR441 from TJ Saunders 3272 3273 OpenBSD-Commit-ID: ff5733ff6ef4cd24e0758ebeed557aa91184c674 3274 3275commit f64cede2a3c298b50a2659a8b53eb3ab2c0b8d23 3276Author: djm@openbsd.org <djm@openbsd.org> 3277Date: Mon Jan 8 04:10:03 2024 +0000 3278 3279 upstream: make kex-strict section more explicit about its intent: 3280 3281 banning all messages not strictly required in KEX 3282 3283 OpenBSD-Commit-ID: fc33a2d7f3b7013a7fb7500bdbaa8254ebc88116 3284 3285commit 698fe6fd61cbcb8e3e0e874a561d4335a49fbde5 3286Author: Damien Miller <djm@mindrot.org> 3287Date: Mon Jan 8 14:46:19 2024 +1100 3288 3289 update fuzzer example makefile to clang16 3290 3291commit fc332cb2d602c60983a8ec9f89412754ace06425 3292Author: Damien Miller <djm@mindrot.org> 3293Date: Mon Jan 8 14:45:49 2024 +1100 3294 3295 unbreak fuzzers - missing pkcs11_make_cert() 3296 3297 provide stub for use in fuzzer harness 3298 3299commit 9ea0a4524ae3276546248a926b6641b2fbc8421b 3300Author: Damien Miller <djm@mindrot.org> 3301Date: Mon Jan 8 14:45:14 2024 +1100 3302 3303 unbreak fuzzers for clang16 3304 3305 getopt() needs a throw() attribute to compile, so supply one when compiling 3306 things with C++ 3307 3308commit a72833d00788ef91100c643536ac08ada46440e1 3309Author: djm@openbsd.org <djm@openbsd.org> 3310Date: Mon Jan 8 00:34:33 2024 +0000 3311 3312 upstream: remove ext-info-* in the kex.c code, not in callers; 3313 3314 with/ok markus@ 3315 3316 OpenBSD-Commit-ID: c06fe2d3a0605c517ff7d65e38ec7b2d1b0b2799 3317 3318commit 86f9e96d9bcfd1f5cd4bf8fb57a9b4c242df67df 3319Author: djm@openbsd.org <djm@openbsd.org> 3320Date: Mon Jan 8 00:30:39 2024 +0000 3321 3322 upstream: fix typo; spotted by Albert Chin 3323 3324 OpenBSD-Commit-ID: 77140b520a43375b886e535eb8bd842a268f9368 3325 3326commit f0cbd26ec91bd49719fb3eea7ca44d2380318b9a 3327Author: dtucker@openbsd.org <dtucker@openbsd.org> 3328Date: Thu Jan 4 09:51:49 2024 +0000 3329 3330 upstream: Import regenerated moduli. 3331 3332 OpenBSD-Commit-ID: 5a636f6ca7f25bfe775df4952f7aac90a7fcbbee 3333 3334commit 64ddf776531ca4933832beecc8b7ebe1b937e081 3335Author: jsg@openbsd.org <jsg@openbsd.org> 3336Date: Wed Dec 20 00:06:25 2023 +0000 3337 3338 upstream: spelling; ok markus@ 3339 3340 OpenBSD-Commit-ID: 9d01f2e9d59a999d5d42fc3b3efcf8dfb892e31b 3341 3342commit 503fbe9ea238a4637e8778208bde8c09bcf78475 3343Author: jmc@openbsd.org <jmc@openbsd.org> 3344Date: Tue Dec 19 06:57:34 2023 +0000 3345 3346 upstream: sort -C, and add to usage(); ok djm 3347 3348 OpenBSD-Commit-ID: 80141b2a5d60c8593e3c65ca3c53c431262c812f 3349 3350commit 5413b1c7ff5a19c6a7d44bd98c5a83eb47819ba6 3351Author: djm@openbsd.org <djm@openbsd.org> 3352Date: Tue Dec 19 06:41:14 2023 +0000 3353 3354 upstream: correct section numbers; from Ed Maste 3355 3356 OpenBSD-Commit-ID: e289576ee5651528404cb2fb68945556052cf83f 3357 3358commit 430ef864645cff83a4022f5b050174c840e275da 3359Author: djm@openbsd.org <djm@openbsd.org> 3360Date: Mon Dec 18 15:58:56 2023 +0000 3361 3362 upstream: match flag type (s/int/u_int) 3363 3364 OpenBSD-Commit-ID: 9422289747c35ccb7b31d0e1888ccd5e74ad566a 3365 3366commit 1036d77b34a5fa15e56f516b81b9928006848cbd 3367Author: Damien Miller <djm@mindrot.org> 3368Date: Fri Dec 22 17:56:26 2023 +1100 3369 3370 better detection of broken -fzero-call-used-regs 3371 3372 gcc 13.2.0 on ppc64le refuses to compile some function, including 3373 cipher.c:compression_alg_list() with an error: 3374 3375 > sorry, unimplemented: argument ‘used’ is not supportedcw 3376 > for ‘-fzero-call-used-regs’ on this target 3377 3378 This extends the autoconf will-it-work test with a similarly- 3379 structured function that seems to catch this. 3380 3381 Spotted/tested by Colin Watson; bz3645 3382 3383commit 8241b9c0529228b4b86d88b1a6076fb9f97e4a99 3384Author: Damien Miller <djm@mindrot.org> 3385Date: Tue Dec 19 01:59:50 2023 +1100 3386 3387 crank versions 3388 3389commit 2f2c65cb5f1518a9c556d3e8efa27ea0ca305c6b 3390Author: Damien Miller <djm@mindrot.org> 3391Date: Tue Dec 19 01:59:06 2023 +1100 3392 3393 depend 3394 3395commit e48cdee8e19059203b1aeeabec2350b8375fa61f 3396Author: djm@openbsd.org <djm@openbsd.org> 3397Date: Mon Dec 18 14:50:08 2023 +0000 3398 3399 upstream: regress test for agent PKCS#11-backed certificates 3400 3401 OpenBSD-Regress-ID: 38f681777cb944a8cc3bf9d0ad62959a16764df9 3402 3403commit 2f512f862df1d5f456f82a0334c9e8cc7208a2a1 3404Author: djm@openbsd.org <djm@openbsd.org> 3405Date: Mon Dec 18 14:49:39 2023 +0000 3406 3407 upstream: regress test for constrained PKCS#11 keys 3408 3409 OpenBSD-Regress-ID: b2f26ae95d609d12257b43aef7cd7714c82618ff 3410 3411commit cdddd66412ca5920ed4d3ebbfa6ace12dbd9b82f 3412Author: djm@openbsd.org <djm@openbsd.org> 3413Date: Mon Dec 18 14:48:44 2023 +0000 3414 3415 upstream: openssh-9.6 3416 3417 OpenBSD-Commit-ID: 21759837cf0e0092d9a2079f8fb562071c11016b 3418 3419commit 6d51feab157cedf1e7ef5b3f8781ca8ff9c4ab1b 3420Author: djm@openbsd.org <djm@openbsd.org> 3421Date: Mon Dec 18 14:48:08 2023 +0000 3422 3423 upstream: ssh-agent: record failed session-bind attempts 3424 3425 Record failed attempts to session-bind a connection and refuse signing 3426 operations on that connection henceforth. 3427 3428 Prevents a future situation where we add a new hostkey type that is not 3429 recognised by an older ssh-agent, that consequently causes session-bind 3430 to fail (this situation is only likely to arise when people mix ssh(1) 3431 and ssh-agent(1) of different versions on the same host). Previously, 3432 after such a failure the agent socket would be considered unbound and 3433 not subject to restriction. 3434 3435 Spotted by Jann Horn 3436 3437 OpenBSD-Commit-ID: b0fdd023e920aa4831413f640de4c5307b53552e 3438 3439commit 7ef3787c84b6b524501211b11a26c742f829af1a 3440Author: djm@openbsd.org <djm@openbsd.org> 3441Date: Mon Dec 18 14:47:44 2023 +0000 3442 3443 upstream: ban user/hostnames with most shell metacharacters 3444 3445 This makes ssh(1) refuse user or host names provided on the 3446 commandline that contain most shell metacharacters. 3447 3448 Some programs that invoke ssh(1) using untrusted data do not filter 3449 metacharacters in arguments they supply. This could create 3450 interactions with user-specified ProxyCommand and other directives 3451 that allow shell injection attacks to occur. 3452 3453 It's a mistake to invoke ssh(1) with arbitrary untrusted arguments, 3454 but getting this stuff right can be tricky, so this should prevent 3455 most obvious ways of creating risky situations. It however is not 3456 and cannot be perfect: ssh(1) has no practical way of interpreting 3457 what shell quoting rules are in use and how they interact with the 3458 user's specified ProxyCommand. 3459 3460 To allow configurations that use strange user or hostnames to 3461 continue to work, this strictness is applied only to names coming 3462 from the commandline. Names specified using User or Hostname 3463 directives in ssh_config(5) are not affected. 3464 3465 feedback/ok millert@ markus@ dtucker@ deraadt@ 3466 3467 OpenBSD-Commit-ID: 3b487348b5964f3e77b6b4d3da4c3b439e94b2d9 3468 3469commit 0cb50eefdd29f0fec31d0e71cc4b004a5f704e67 3470Author: djm@openbsd.org <djm@openbsd.org> 3471Date: Mon Dec 18 14:47:20 2023 +0000 3472 3473 upstream: stricter handling of channel window limits 3474 3475 This makes ssh/sshd more strict in handling non-compliant peers that 3476 send more data than the advertised channel window allows. Previously 3477 the additional data would be silently discarded. This change will 3478 cause ssh/sshd to terminate the connection if the channel window is 3479 exceeded by more than a small grace allowance. 3480 3481 ok markus@ 3482 3483 OpenBSD-Commit-ID: 811e21b41831eba3dd7f67b3d409a438f20d3037 3484 3485commit 4448a2938abc76e6bd33ba09b2ec17a216dfb491 3486Author: djm@openbsd.org <djm@openbsd.org> 3487Date: Mon Dec 18 14:46:56 2023 +0000 3488 3489 upstream: Make it possible to load certs from PKCS#11 tokens 3490 3491 Adds a protocol extension to allow grafting certificates supplied by 3492 ssh-add to keys loaded from PKCS#11 tokens in the agent. 3493 3494 feedback/ok markus@ 3495 3496 OpenBSD-Commit-ID: bb5433cd28ede2bc910996eb3c0b53e20f86037f 3497 3498commit 881d9c6af9da4257c69c327c4e2f1508b2fa754b 3499Author: djm@openbsd.org <djm@openbsd.org> 3500Date: Mon Dec 18 14:46:12 2023 +0000 3501 3502 upstream: apply destination constraints to all p11 keys 3503 3504 Previously applied only to the first key returned from each token. 3505 3506 ok markus@ 3507 3508 OpenBSD-Commit-ID: 36df3afb8eb94eec6b2541f063d0d164ef8b488d 3509 3510commit a7ed931caeb68947d30af8a795f4108b6efad761 3511Author: djm@openbsd.org <djm@openbsd.org> 3512Date: Mon Dec 18 14:45:49 2023 +0000 3513 3514 upstream: add "ext-info-in-auth@openssh.com" extension 3515 3516 This adds another transport protocol extension to allow a sshd to send 3517 SSH2_MSG_EXT_INFO during user authentication, after the server has 3518 learned the username that is being logged in to. 3519 3520 This lets sshd to update the acceptable signature algoritms for public 3521 key authentication, and allows these to be varied via sshd_config(5) 3522 "Match" directives, which are evaluated after the server learns the 3523 username being authenticated. 3524 3525 Full details in the PROTOCOL file 3526 3527 OpenBSD-Commit-ID: 1de7da7f2b6c32a46043d75fcd49b0cbb7db7779 3528 3529commit 1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 3530Author: djm@openbsd.org <djm@openbsd.org> 3531Date: Mon Dec 18 14:45:17 2023 +0000 3532 3533 upstream: implement "strict key exchange" in ssh and sshd 3534 3535 This adds a protocol extension to improve the integrity of the SSH 3536 transport protocol, particular in and around the initial key exchange 3537 (KEX) phase. 3538 3539 Full details of the extension are in the PROTOCOL file. 3540 3541 with markus@ 3542 3543 OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14 3544 3545commit 59d691b886c79e70b1d1c4ab744e81fd176222fd 3546Author: Damien Miller <djm@mindrot.org> 3547Date: Mon Dec 18 14:49:11 2023 +1100 3548 3549 better detection of broken -fzero-call-used-regs 3550 3551 Use OSSH_CHECK_CFLAG_LINK() for detection of these flags and extend 3552 test program to exercise varargs, which seems to catch more stuff. 3553 3554 ok dtucker@ 3555 3556commit aa7b21708511a6d4aed3839fc9f6e82e849dd4a1 3557Author: djm@openbsd.org <djm@openbsd.org> 3558Date: Wed Dec 13 03:28:19 2023 +0000 3559 3560 upstream: when invoking KnownHostsCommand to determine the order of 3561 3562 host key algorithms to request, ensure that the hostname passed to the 3563 command is decorated with the port number for ports other than 22. 3564 3565 This matches the behaviour of KnownHostsCommand when invoked to look 3566 up the actual host key. 3567 3568 bz3643, ok dtucker@ 3569 3570 OpenBSD-Commit-ID: 5cfabc0b7c6c7ab473666df314f377b1f15420b1 3571 3572commit 4086bd6652c0badccc020218a62190a7798fb72c 3573Author: markus@openbsd.org <markus@openbsd.org> 3574Date: Fri Dec 8 09:18:39 2023 +0000 3575 3576 upstream: prevent leak in sshsig_match_principals; ok djm@ 3577 3578 OpenBSD-Commit-ID: 594f61ad4819ff5c72dfe99ba666a17f0e1030ae 3579 3580commit 19d3ee2f3adf7d9a606ff015c1e153744702c4c9 3581Author: djm@openbsd.org <djm@openbsd.org> 3582Date: Wed Dec 6 21:06:48 2023 +0000 3583 3584 upstream: short circuit debug log processing early if we're not going 3585 3586 to log anything. From Kobe Housen 3587 3588 OpenBSD-Commit-ID: 2bcddd695872a1bef137cfff7823044dcded90ea 3589 3590commit 947affad4831df015c498c00c6351ea6f13895d5 3591Author: Darren Tucker <dtucker@dtucker.net> 3592Date: Mon Nov 27 09:37:28 2023 +1100 3593 3594 Add tests for OpenSSL 3.2.0 and 3.2 stable branch. 3595 3596commit 747dce36206675ca6b885010a835733df469351b 3597Author: Darren Tucker <dtucker@dtucker.net> 3598Date: Sat Nov 25 09:03:38 2023 +1100 3599 3600 Use non-zero arg in compiler test program. 3601 3602 Now that we're running the test program, passing zero to the test function 3603 can cause divide-by-zero exceptions which might show up in logs. 3604 3605commit 3d44a5c56585d1c351dbc006240a591b6da502b1 3606Author: dtucker@openbsd.org <dtucker@openbsd.org> 3607Date: Fri Nov 24 00:31:30 2023 +0000 3608 3609 upstream: Plug mem leak of msg when processing a quit message. 3610 3611 Coverity CID#427852, ok djm@ 3612 3613 OpenBSD-Commit-ID: bf85362addbe2134c3d8c4b80f16601fbff823b7 3614 3615commit 1d7f9b6e297877bd00973e6dc5c0642dbefc3b5f 3616Author: dtucker@openbsd.org <dtucker@openbsd.org> 3617Date: Thu Nov 23 03:37:05 2023 +0000 3618 3619 upstream: Include existing mux path in debug message. 3620 3621 OpenBSD-Commit-ID: 1c3641be10c2f4fbad2a1b088a441d072e18bf16 3622 3623commit f29934066bd0e561a2e516b7e584fb92d2eedee0 3624Author: Darren Tucker <dtucker@dtucker.net> 3625Date: Thu Nov 23 19:41:27 2023 +1100 3626 3627 Add an Ubuntu 22.04 test VM. 3628 3629 This is the same version as Github's runners so most of the testing on 3630 it is over there, but having a local VM makes debugging much easier. 3631 3632commit a93284a780cd3972afe5f89086b75d564ba157f3 3633Author: Darren Tucker <dtucker@dtucker.net> 3634Date: Thu Nov 23 19:36:22 2023 +1100 3635 3636 Add gcc-12 -Werror test on Ubuntu 22.04. 3637 3638 Explictly specify gcc-11 on Ubuntu 22.04 (it's the system compiler). 3639 3640commit 670f5a647e98b6fd95ad64f789f87ee3274b481b 3641Author: Darren Tucker <dtucker@dtucker.net> 3642Date: Thu Nov 23 19:34:57 2023 +1100 3643 3644 Check return value from write to prevent warning. 3645 3646 ... and since we're testing for flags with -Werror, this caused 3647 configure to mis-detect compiler flags. 3648 3649commit cea007d691cfedfa07a5b8599f97ce0511f53fc9 3650Author: Darren Tucker <dtucker@dtucker.net> 3651Date: Wed Nov 22 21:18:55 2023 +1100 3652 3653 Run compiler test program when compiling natively. 3654 3655 ok djm@ 3656 3657commit ee0d305828f13536c0a416bbf9c3e81039d9ea55 3658Author: Darren Tucker <dtucker@dtucker.net> 3659Date: Wed Nov 22 21:18:07 2023 +1100 3660 3661 Factor out compiler test program into a macro. 3662 3663 ok djm@ 3664 3665commit de304c76316b029df460673725a9104224b9959b 3666Author: Darren Tucker <dtucker@dtucker.net> 3667Date: Wed Nov 22 08:55:36 2023 +1100 3668 3669 Add fbsd14 VM to test pool. 3670 3671commit 99a2df5e1994cdcb44ba2187b5f34d0e9190be91 3672Author: Darren Tucker <dtucker@dtucker.net> 3673Date: Tue Nov 21 16:19:29 2023 +1100 3674 3675 Expand -fzero-call-used-regs test to cover gcc 11. 3676 3677 It turns out that gcc also has some problems with -fzero-call-used-regs, 3678 at least v11 on mips. Previously the test in OSSH_CHECK_CFLAG_COMPILE 3679 was sufficient to catch it with "=all", but not sufficient for "=used". 3680 Expand the testcase and include it in the other tests for good measure. 3681 See bz#3629. ok djm@. 3682 3683commit ff220d4010717f7bfbbc02a2400666fb9d24f250 3684Author: Darren Tucker <dtucker@dtucker.net> 3685Date: Tue Nov 21 14:04:34 2023 +1100 3686 3687 Stop using -fzero-call-used-regs=all 3688 3689 ... since it seems to be problematic with several different versions of 3690 clang. Only use -fzero-call-used-regs=used which is less 3691 problematic, except with Apple's clang where we don't use it at all. 3692 bz#3629, ok djm@ 3693 3694commit 2a19e02f36b16f0f6cc915f7d1e60ead5e36303b 3695Author: Darren Tucker <dtucker@dtucker.net> 3696Date: Tue Nov 21 14:02:18 2023 +1100 3697 3698 Allow for vendor prefix on clang version numbers. 3699 3700 Correctly detects the version of OpenBSD's native clang, as well as 3701 Apple's. Spotted tb@, ok djm@. 3702 3703commit c52db0114826d73eff6cdbf205e9c1fa4f7ca6c6 3704Author: djm@openbsd.org <djm@openbsd.org> 3705Date: Mon Nov 20 02:50:00 2023 +0000 3706 3707 upstream: set errno=EAFNOSUPPORT when filtering addresses that don't 3708 3709 match AddressFamily; yields slightly better error message if no address 3710 matches. bz#3526 3711 3712 OpenBSD-Commit-ID: 29cea900ddd8b04a4d1968da5c4a893be2ebd9e6 3713 3714commit 26f3f3bbc69196d908cad6558c8c7dc5beb8d74a 3715Author: djm@openbsd.org <djm@openbsd.org> 3716Date: Wed Nov 15 23:03:38 2023 +0000 3717 3718 upstream: when connecting via socket (the default case), filter 3719 3720 addresses by AddressFamily if one was specified. Fixes the case where, if 3721 CanonicalizeHostname is enabled, ssh may ignore AddressFamily. bz5326; ok 3722 dtucker 3723 3724 OpenBSD-Commit-ID: 6c7d7751f6cd055126b2b268a7b64dcafa447439 3725 3726commit 050c335c8da43741ed0df2570ebfbd5d1dfd0a31 3727Author: djm@openbsd.org <djm@openbsd.org> 3728Date: Wed Nov 15 22:51:49 2023 +0000 3729 3730 upstream: when deciding whether to enable keystroke timing 3731 3732 obfuscation, only consider enabling it when a channel with a tty is open. 3733 3734 Avoids turning on the obfucation when X11 forwarding only is in use, 3735 which slows it right down. Reported by Roger Marsh 3736 3737 OpenBSD-Commit-ID: c292f738db410f729190f92de100c39ec931a4f1 3738 3739commit 676377ce67807a24e08a54cd60ec832946cc6cae 3740Author: tobhe@openbsd.org <tobhe@openbsd.org> 3741Date: Mon Nov 13 09:18:19 2023 +0000 3742 3743 upstream: Make sure sftp_get_limits() only returns 0 if 'limits' 3744 3745 was initialized. This fixes a potential uninitialized use of 'limits' in 3746 sftp_init() if sftp_get_limits() returned early because of an unexpected 3747 message type. 3748 3749 ok djm@ 3750 3751 OpenBSD-Commit-ID: 1c177d7c3becc1d71bc8763eecf61873a1d3884c 3752 3753commit 64e0600f23c6dec36c3875392ac95b8a9100c2d6 3754Author: Darren Tucker <dtucker@dtucker.net> 3755Date: Mon Nov 13 20:03:31 2023 +1100 3756 3757 Test current releases of LibreSSL and OpenSSL. 3758 3759 Retire some of the older releases. 3760 3761commit c8ed7cc545879ac15f6ce428be4b29c35598bb2a 3762Author: dtucker@openbsd.org <dtucker@openbsd.org> 3763Date: Wed Nov 1 02:08:38 2023 +0000 3764 3765 upstream: Specify ssh binary to use 3766 3767 ... instead of relying on installed one. Fixes test failures in -portable 3768 when running tests prior to installation. 3769 3770 OpenBSD-Regress-ID: b6d6ba71c23209c616efc805a60d9a445d53a685 3771 3772commit e9fc2c48121cada1b4dcc5dadea5d447fe0093c3 3773Author: Darren Tucker <dtucker@dtucker.net> 3774Date: Wed Nov 1 13:11:31 2023 +1100 3775 3776 Put long-running test targets on hipri runners. 3777 3778 Some of the selfhosted test targets take a long time to run for various 3779 reasons, so label them for "libvirt-hipri" runners so that they can 3780 start immediately. This should reduce the time to complete all tests. 3781 3782commit 7ddf27668f0e21233f08c0ab2fe9ee3fdd6ab1e2 3783Author: djm@openbsd.org <djm@openbsd.org> 3784Date: Wed Nov 1 00:29:46 2023 +0000 3785 3786 upstream: add some tests of forced commands overriding Subsystem 3787 3788 directives 3789 3790 OpenBSD-Regress-ID: eb48610282f6371672bdf2a8b5d2aa33cfbd322b 3791 3792commit fb06f9b5a065dfbbef5916fc4accc03c0bf026dd 3793Author: dtucker@openbsd.org <dtucker@openbsd.org> 3794Date: Tue Oct 31 04:15:40 2023 +0000 3795 3796 upstream: Don't try to use sudo inside sshd log wrapper. 3797 3798 We still need to check if we're using sudo since we don't want to chown 3799 unecessarily, as on some platforms this causes an error which pollutes 3800 stderr. We also don't want to unnecessarily invoke sudo, since it's 3801 running in the context of the proxycommand, on *other* platforms it 3802 may not be able to authenticate, and if we're using SUDO then it should 3803 already be privileged. 3804 3805 OpenBSD-Regress-ID: 70d58df7503db699de579a9479300e5f3735f4ee 3806 3807commit fc3cc33e88c242c704781c6c48087838f1dcfa2a 3808Author: dtucker@openbsd.org <dtucker@openbsd.org> 3809Date: Tue Oct 31 02:58:45 2023 +0000 3810 3811 upstream: Only try to chmod logfile if we have sudo. If we don't have 3812 3813 sudo then we won't need to chmod. 3814 3815 OpenBSD-Regress-ID: dbad2f5ece839658ef8af3376cb1fb1cabe2e324 3816 3817commit 3a506598fddd3f18f9095af3fe917f24cbdd32e0 3818Author: djm@openbsd.org <djm@openbsd.org> 3819Date: Mon Oct 30 23:00:25 2023 +0000 3820 3821 upstream: move PKCS#11 setup code to test-exec.sh so it can be reused 3822 3823 elsewhere 3824 3825 OpenBSD-Regress-ID: 1d29e6be40f994419795d9e660a8d07f538f0acb 3826 3827commit f82fa227a52661c37404a6d33bbabf14fed05db0 3828Author: djm@openbsd.org <djm@openbsd.org> 3829Date: Mon Oct 30 17:32:00 2023 +0000 3830 3831 upstream: tidy and refactor PKCS#11 setup code 3832 3833 Replace the use of a perl script to delete the controlling TTY with a 3834 SSH_ASKPASS script to directly load the PIN. 3835 3836 Move PKCS#11 setup code to functions in anticipation of it being used 3837 elsewhere in additional tests. 3838 3839 Reduce stdout spam 3840 3841 OpenBSD-Regress-ID: 07705c31de30bab9601a95daf1ee6bef821dd262 3842 3843commit 3cf698c6d4ffa9be1da55672a3519e2135a6366a 3844Author: Darren Tucker <dtucker@dtucker.net> 3845Date: Mon Oct 30 21:35:03 2023 +1100 3846 3847 Add obsd74 test VM and retire obsd69 and obsd70. 3848 3849commit 3e21d58a09894acb38dc69ed615d101131f473d0 3850Author: Darren Tucker <dtucker@dtucker.net> 3851Date: Mon Oct 30 18:34:12 2023 +1100 3852 3853 Add OpenSSL 3.3.0 as a known dev version. 3854 3855commit 917ba181c2cbdb250a443589ec732aa36fd51ffa 3856Author: Darren Tucker <dtucker@dtucker.net> 3857Date: Mon Oct 30 13:32:03 2023 +1100 3858 3859 Restore nopasswd sudo rule on Mac OS X. 3860 3861 This seems to be missing from some (but not all) github runners, so 3862 restore it if it seems to be missing. 3863 3864commit c5698abad6d4ec98ca20bcaaabaeacd5e1ec3f4f 3865Author: Darren Tucker <dtucker@dtucker.net> 3866Date: Mon Oct 30 13:26:52 2023 +1100 3867 3868 Don't exit early when setting up on Mac OS X. 3869 3870 We probably need some of the other bits in there (specifically, setting 3871 the perms on the home directory) so make it less of a special snowflake. 3872 3873commit 1d6a878ceba60b9dc14037dddc8f036070c0065f 3874Author: dtucker@openbsd.org <dtucker@openbsd.org> 3875Date: Sun Oct 29 06:22:07 2023 +0000 3876 3877 upstream: Only try to chown logfiles that exist to prevent spurious 3878 3879 errors. 3880 3881 OpenBSD-Regress-ID: f1b20a476734e885078c481f1324c9ea03af991e 3882 3883commit e612376427a66f835e284f6b426d16d7c85301bc 3884Author: anton@openbsd.org <anton@openbsd.org> 3885Date: Thu Oct 26 18:52:45 2023 +0000 3886 3887 upstream: make use of bsd.regress.mk in extra and interop targets; ok 3888 3889 dtucker@ 3890 3891 OpenBSD-Regress-ID: 7ea21b5f6fc4506165093b2123d88d20ff13a4f0 3892 3893commit ea0039173957d0edcd6469b9614dcedb44dcb4f9 3894Author: dtucker@openbsd.org <dtucker@openbsd.org> 3895Date: Thu Oct 26 12:44:07 2023 +0000 3896 3897 upstream: Skip conch interop tests when not enabled instead of fatal. 3898 3899 OpenBSD-Regress-ID: b0abf81c24ac6c21f367233663228ba16fa96a46 3900 3901commit d220b9ed5494252b26b95f05be118472bc3ab5c0 3902Author: dtucker@openbsd.org <dtucker@openbsd.org> 3903Date: Wed Oct 25 05:38:08 2023 +0000 3904 3905 upstream: Import regenerated moduli. 3906 3907 OpenBSD-Commit-ID: 95f5dd6107e8902b87dc5b005ef2b53f1ff378b8 3908 3909commit a611e4db4009447a0151f31a44e235ca32ed4429 3910Author: anton@openbsd.org <anton@openbsd.org> 3911Date: Wed Oct 25 08:01:59 2023 +0000 3912 3913 upstream: ssh conch interop tests requires a controlling terminal; 3914 3915 ok dtucker@ 3916 3917 OpenBSD-Regress-ID: cbf2701bc347c2f19d907f113779c666f1ecae4a 3918 3919commit da951b5e08c167acb5d6e2eec6f146502f5d6ed8 3920Author: anton@openbsd.org <anton@openbsd.org> 3921Date: Mon Oct 23 11:30:49 2023 +0000 3922 3923 upstream: Use private key that is allowed by sshd defaults in conch 3924 3925 interop tests. 3926 3927 ok dtucker@ 3928 3929 OpenBSD-Regress-ID: 3b7f65c8f409c328bcd4b704f60cb3d31746f045 3930 3931commit 1ca166dbb3c0ce632b98869cd955f69320aa6fe8 3932Author: Darren Tucker <dtucker@dtucker.net> 3933Date: Fri Oct 20 20:43:00 2023 +1100 3934 3935 Install Dropbear for interop testing. 3936 3937commit f993bb58351c5cb71e61aede63805a34a6d4daea 3938Author: Darren Tucker <dtucker@dtucker.net> 3939Date: Fri Oct 20 20:39:03 2023 +1100 3940 3941 Resync PuTTY and Conch path handling with upstream. 3942 3943 Now that configure finds these for us we can remove these -portable 3944 specific changes. 3945 3946commit ff85becd5f5f06a76efa45d30fb204a3c5e5215c 3947Author: Darren Tucker <dtucker@dtucker.net> 3948Date: Fri Oct 20 20:35:46 2023 +1100 3949 3950 Have configure find PuTTY and Conch binaries. 3951 3952 This will let us remove some -portable specific changes from 3953 test-exec.sh. 3954 3955commit c54a50359b9cecddbf3ffcdc26efcb3cd6071ec1 3956Author: dtucker@openbsd.org <dtucker@openbsd.org> 3957Date: Fri Oct 20 07:37:07 2023 +0000 3958 3959 upstream: Allow overriding the locations of the Dropbear binaries 3960 3961 similar to what we do for the PuTTY ones. 3962 3963 OpenBSD-Regress-ID: 7de0e00518fb0c8fdc5f243b7f82f523c936049c 3964 3965commit fbaa707d455a61d0aef8ae65e02a25bac5351e5c 3966Author: dtucker@openbsd.org <dtucker@openbsd.org> 3967Date: Fri Oct 20 06:56:45 2023 +0000 3968 3969 upstream: Add interop test with Dropbear. 3970 3971 Right now this is only dbclient not the Dropbear server since it won't 3972 currently run as a ProxyCommand. 3973 3974 OpenBSD-Regress-ID: 8cb898c414fcdb252ca6328896b0687acdaee496 3975 3976commit c2003d0dbdcdb61ca336c3f90c5c2b4a09c8e73f 3977Author: Fabio Pedretti <pedretti.fabio@gmail.com> 3978Date: Mon Oct 16 11:59:53 2023 +0200 3979 3980 Update openssl-devel dependency in RPM spec. 3981 3982 Since openssh 9.4p1, openssl >= 1.1.1 is required, so 3983 build with --without-openssl elsewhere. 3984 According to https://repology.org/project/openssl/versions 3985 openssl 1.1.1 is available on fedora >= 29 and rhel >= 8. 3986 Successfully build tested, installed and run on rhel 6 3987 3988commit 064e09cd632721c7e6889904e07767443ee23821 3989Author: Fabio Pedretti <pedretti.fabio@gmail.com> 3990Date: Mon Oct 16 10:13:06 2023 +0200 3991 3992 Remove reference of dropped sshd.pam.old file 3993 3994 The file was removed in openssh 8.8 3995 3996commit 62db354b696b378a164b6e478cb6b0171dcb0c3d 3997Author: dtucker@openbsd.org <dtucker@openbsd.org> 3998Date: Mon Oct 16 08:40:00 2023 +0000 3999 4000 upstream: Move declaration of "len" into the block where it's used. 4001 4002 This lets us compile Portable with -Werror with when OpenSSL doesn't have 4003 Ed25519 support. 4004 4005 OpenBSD-Commit-ID: e02e4b4af351946562a7caee905da60eff16ba29 4006 4007commit 6eee8c972d5901d10e80634a006b4e346b2c8c19 4008Author: Damien Miller <djm@mindrot.org> 4009Date: Fri Oct 13 15:15:05 2023 +1100 4010 4011 run t-extra regress tests 4012 4013 This exposes the t-extra regress tests (including agent-pkcs11.sh) as 4014 a new extra-tests target in the top level Makefile and runs them by 4015 default. ok dtucker@ 4016 4017commit 637624dbbac13f2bc3c8ec5b15c9d627d07f2935 4018Author: Darren Tucker <dtucker@dtucker.net> 4019Date: Thu Oct 12 22:01:23 2023 +1100 4020 4021 Don't use make -j2. 4022 4023 While we have 2 cores available on github runners, not using it means 4024 that the most recent log message is the actual failure, rather than 4025 having to search back through the log for it. 4026 4027commit 971e0cfcfd52ef1d73cf5244074c306a60006e89 4028Author: Darren Tucker <dtucker@dtucker.net> 4029Date: Thu Oct 12 16:23:05 2023 +1100 4030 4031 Correct arg order for ED255519 AC_LINK_IFELSE test. 4032 4033commit c616e64688b2a0c1b4daad69b056099be998d121 4034Author: djm@openbsd.org <djm@openbsd.org> 4035Date: Thu Oct 12 03:51:08 2023 +0000 4036 4037 upstream: typos and extra debug trace calls 4038 4039 OpenBSD-Regress-ID: 98a2a6b9333743274359e3c0f0e65cf919a591d1 4040 4041commit c49a3fbf10162128c67c59562348de2041188974 4042Author: djm@openbsd.org <djm@openbsd.org> 4043Date: Thu Oct 12 03:48:53 2023 +0000 4044 4045 upstream: ensure logs are owned by correct user; feedback/ok 4046 4047 dtucker@ 4048 4049 OpenBSD-Regress-ID: c3297af8f07717f1d400a5d34529962f1a76b5a3 4050 4051commit 5ec0ed79ac074c3437b25f6cba8b8cf21c8d4587 4052Author: djm@openbsd.org <djm@openbsd.org> 4053Date: Thu Oct 12 03:36:32 2023 +0000 4054 4055 upstream: 64 %-expansion keys ought to be enough for anybody; ok 4056 4057 dtucker (we just hit the previous limit in some cases) 4058 4059 OpenBSD-Commit-ID: 84070f8001ec22ff5d669f836b62f206e08c5787 4060 4061commit f59a94e22e46db2c23eddeb871aa9e8d93ab0016 4062Author: djm@openbsd.org <djm@openbsd.org> 4063Date: Thu Oct 12 02:48:43 2023 +0000 4064 4065 upstream: don't dereference NULL pointer when hashing jumphost 4066 4067 OpenBSD-Commit-ID: 251c0263e1759a921341c7efe7f1d4c73e1c70f4 4068 4069commit 281c79168edcc303abfd5bca983616eaa24c5f32 4070Author: Damien Miller <djm@mindrot.org> 4071Date: Thu Oct 12 13:20:01 2023 +1100 4072 4073 Solaris: prefer PRIV_XPOLICY to PRIV_LIMIT 4074 4075 If the system support PRIV_XPOLICY and one is set, then don't 4076 modify PRIV_LIMIT. bz2833, patch from Ron Jordan, ok dtucker@ 4077 4078commit 98fc34df837f3a3b79d2a111b96fe8a39adcab55 4079Author: djm@openbsd.org <djm@openbsd.org> 4080Date: Thu Oct 12 02:18:18 2023 +0000 4081 4082 upstream: add %j token that expands to the configured ProxyJump 4083 4084 hostname (or the empty string if this option is not being used). bz3610, ok 4085 dtucker 4086 4087 OpenBSD-Commit-ID: ce9983f7efe6a178db90dc5c1698df025df5e339 4088 4089commit 7f3180be8a85320b5d3221714b40c16e66881249 4090Author: djm@openbsd.org <djm@openbsd.org> 4091Date: Thu Oct 12 02:15:53 2023 +0000 4092 4093 upstream: release GSS OIDs only at end of authentication; bz2982, 4094 4095 ok dtucker@ 4096 4097 OpenBSD-Commit-ID: 0daa41e0525ae63cae4483519ecaa37ac485d94c 4098 4099commit a612b93de5d86e955bfb6e24278f621118eea500 4100Author: djm@openbsd.org <djm@openbsd.org> 4101Date: Thu Oct 12 02:12:53 2023 +0000 4102 4103 upstream: mask SIGINT/TERM/QUIT/HUP before checking quit_pending 4104 4105 and use ppoll() to unmask them in the mainloop. Avoids race condition between 4106 signaling ssh to exit and polling. bz3531; ok dtucker 4107 4108 OpenBSD-Commit-ID: 5c14e1aabcddedb95cdf972283d9c0d5083229e7 4109 4110commit 531b27a006116fe7aff325510aaa576f24844452 4111Author: djm@openbsd.org <djm@openbsd.org> 4112Date: Wed Oct 11 23:23:58 2023 +0000 4113 4114 upstream: sync usage() with ssh.1; spotted by kn@ 4115 4116 OpenBSD-Commit-ID: 191a85639477dcb5fa1616d270d93b7c8d5c1dfd 4117 4118commit 64f7ca881b19be754425dca60d1590d306c9d1d0 4119Author: djm@openbsd.org <djm@openbsd.org> 4120Date: Wed Oct 11 23:14:33 2023 +0000 4121 4122 upstream: ssh -Q does not make sense with other command-line options, 4123 4124 so give it its own line in the manpage 4125 4126 OpenBSD-Commit-ID: 00a747f0655c12122bbb77c2796be0013c105361 4127 4128commit a752a6c0e1001f93696d7025f0c867f0376e2ecf 4129Author: djm@openbsd.org <djm@openbsd.org> 4130Date: Wed Oct 11 22:42:26 2023 +0000 4131 4132 upstream: add ChannelTimeout support to the client, mirroring the 4133 4134 same option in the server. ok markus@ 4135 4136 OpenBSD-Commit-ID: 55630b26f390ac063980cfe7ad8c54b03284ef02 4137 4138commit 76e91e7238cdc5662bc818e2a48d466283840d23 4139Author: djm@openbsd.org <djm@openbsd.org> 4140Date: Wed Oct 11 22:41:05 2023 +0000 4141 4142 upstream: add support for reading ED25519 private keys in PEM PKCS8 4143 4144 format; ok markus@ tb@ 4145 4146 OpenBSD-Commit-ID: 01b85c91757e6b057e9b23b8a23f96415c3c7174 4147 4148commit fc77c8e352c0f44125425c05265e3a00c183d78a 4149Author: djm@openbsd.org <djm@openbsd.org> 4150Date: Wed Oct 11 06:40:54 2023 +0000 4151 4152 upstream: mention "none" is a valid argument to IdentityFile; bz3080 4153 4154 OpenBSD-Commit-ID: 1b4fb590ef731099349a7d468b77f02b240ac926 4155 4156commit c97520d23d1fe53d30725a2af25d2dddd6f2faff 4157Author: djm@openbsd.org <djm@openbsd.org> 4158Date: Wed Oct 11 05:42:08 2023 +0000 4159 4160 upstream: in olde rcp/scp protocol mode, when rejecting a path from the 4161 4162 server as not matching the glob that the client sent, log (at debug level) 4163 the received pathname as well as the list of possible expected paths expanded 4164 from the glob. bz2966 4165 4166 OpenBSD-Commit-ID: 0bd8db8a595334ca86bca8f36e23fc0395315765 4167 4168commit 208c2b719879805983398160791d6a1ef9c2c3fc 4169Author: djm@openbsd.org <djm@openbsd.org> 4170Date: Wed Oct 11 04:46:29 2023 +0000 4171 4172 upstream: s/%.100s/%s/ in SSH- banner construction as there's no 4173 4174 reason to limit its size: the version string bring included is a compile time 4175 constant going into an allocated banner string. 4176 4177 OpenBSD-Commit-ID: 0ef73304b9bf3e534c60900cd84ab699f859ebcd 4178 4179commit 0354790826b97c41bbd171a965574e159b58d83e 4180Author: tb@openbsd.org <tb@openbsd.org> 4181Date: Tue Oct 10 06:49:54 2023 +0000 4182 4183 upstream: Garbage collect cipher_get_keyiv_len() 4184 4185 This is a compat20 leftover, unused since 2017. 4186 4187 ok djm 4188 4189 OpenBSD-Commit-ID: 91fa5497c9dc6883064624ac27813a567883fdce 4190 4191commit 8d29ee4115001a02641386ae394992c65ed279e0 4192Author: djm@openbsd.org <djm@openbsd.org> 4193Date: Tue Oct 10 03:57:45 2023 +0000 4194 4195 upstream: Reserve a range of "local extension" message numbers that 4196 4197 OpenSSH promises not to use (comment change only) 4198 4199 OpenBSD-Commit-ID: e61795b453d4892d2c99ce1039112c4a00250e03 4200 4201commit 90b0d73d63a706e85f6431f05a62d2ce1b476472 4202Author: djm@openbsd.org <djm@openbsd.org> 4203Date: Fri Oct 6 03:32:15 2023 +0000 4204 4205 upstream: typo in error message 4206 4207 OpenBSD-Regress-ID: 6a8edf0dc39941298e3780b147b10c0a600b4fee 4208 4209commit e84517f51532ec913d8fb01a8aab7307134774bb 4210Author: djm@openbsd.org <djm@openbsd.org> 4211Date: Fri Oct 6 03:25:14 2023 +0000 4212 4213 upstream: Perform the softhsm2 setup as discrete steps rather than 4214 4215 as a long shell pipeline. Makes it easier to figure out what has happened 4216 when it breaks. 4217 4218 OpenBSD-Regress-ID: b3f1292115fed65765d0a95414df16e27772d81c 4219 4220commit cb54becff4d776238e0e9072943ba0872260535d 4221Author: claudio@openbsd.org <claudio@openbsd.org> 4222Date: Sun Sep 24 08:14:13 2023 +0000 4223 4224 upstream: REGRESS_FAIL_EARLY defaults to yes now. So no need to 4225 4226 overload the value here anymore. OK tb@ bluhm@ 4227 4228 OpenBSD-Regress-ID: f063330f1bebbcd373100afccebc91a965b14496 4229 4230commit f01f5137ceba65baf34ceac5a298c12ac01b1fef 4231Author: jmc@openbsd.org <jmc@openbsd.org> 4232Date: Wed Oct 4 05:42:10 2023 +0000 4233 4234 upstream: spelling fix; 4235 4236 OpenBSD-Commit-ID: 493f95121567e5ab0d9dd1150f873b5535ca0195 4237 4238commit 80a2f64b8c1d27383cc83d182b73920d1e6a91f1 4239Author: Damien Miller <djm@mindrot.org> 4240Date: Wed Oct 4 15:34:10 2023 +1100 4241 4242 crank version numbers 4243 4244commit f65f187b105d9b5c12fd750a211397d08c17c6d4 4245Author: djm@openbsd.org <djm@openbsd.org> 4246Date: Wed Oct 4 04:04:09 2023 +0000 4247 4248 upstream: openssh-9.5 4249 4250 OpenBSD-Commit-ID: 5e0af680480bd3b6f5560cf840ad032d48fd6b16 4251 4252commit ffe27e54a4bb18d5d3bbd3f4cc93a41b8d94dfd2 4253Author: djm@openbsd.org <djm@openbsd.org> 4254Date: Wed Oct 4 04:03:50 2023 +0000 4255 4256 upstream: add some cautionary text about % token expansion and 4257 4258 shell metacharacters; based on report from vinci AT protonmail.ch 4259 4260 OpenBSD-Commit-ID: aa1450a54fcee2f153ef70368d90edb1e7019113 4261 4262commit 60ec3d54fd1ebfe2dda75893fa1e870b8dffbb0d 4263Author: djm@openbsd.org <djm@openbsd.org> 4264Date: Tue Oct 3 23:56:10 2023 +0000 4265 4266 upstream: fix link to agent draft; spotted by Jann Horn 4267 4268 OpenBSD-Commit-ID: ff5bda21a83ec013db683e282256a85201d2dc4b 4269 4270commit 12e2d4b13f6f63ce2de13cbfcc9e4d0d4b4ab231 4271Author: Damien Miller <djm@mindrot.org> 4272Date: Wed Oct 4 10:54:04 2023 +1100 4273 4274 use portable provider allowlist path in manpage 4275 4276 spotted by Jann Horn 4277 4278commit 6c2c6ffde75df95fd838039850d3dd3d84956d87 4279Author: deraadt@openbsd.org <deraadt@openbsd.org> 4280Date: Tue Sep 19 20:37:07 2023 +0000 4281 4282 upstream: typo; from Jim Spath 4283 4284 OpenBSD-Commit-ID: 2f5fba917b5d4fcf93d9e0b0756c7f63189e228e 4285 4286commit b6b49130a0089b297245ee39e769231d7c763014 4287Author: djm@openbsd.org <djm@openbsd.org> 4288Date: Sun Sep 10 23:12:32 2023 +0000 4289 4290 upstream: rename remote_glob() -> sftp_glob() to match other API 4291 4292 OpenBSD-Commit-ID: d9dfb3708d824ec02970a84d96cf5937e0887229 4293 4294commit 21b79af6c8d2357c822c84cef3fbdb8001ed263b 4295Author: djm@openbsd.org <djm@openbsd.org> 4296Date: Sun Sep 10 03:51:55 2023 +0000 4297 4298 upstream: typo in comment 4299 4300 OpenBSD-Commit-ID: 69285e0ce962a7c6b0ab5f17a293c60a0a360a18 4301 4302commit 41232d25532b4d2ef6c5db62efc0cf50a79d26ca 4303Author: Darren Tucker <dtucker@dtucker.net> 4304Date: Sun Sep 10 15:45:38 2023 +1000 4305 4306 Use zero-call-used-regs=used with Apple compilers. 4307 4308 Apple's versions of clang have version numbers that do not match the 4309 corresponding upstream clang versions. Unfortunately, they do still 4310 have the clang-15 zero-call-used-regs=all bug, so for now use the value 4311 that doesn't result in segfaults. We could allowlist future versions 4312 that are known to work. bz#3584 (and probably also our github CI 4313 failures). 4314 4315commit 90ccc5918ea505bf156c31148b6b59a1bf5d6dc6 4316Author: djm@openbsd.org <djm@openbsd.org> 4317Date: Sun Sep 10 03:25:53 2023 +0000 4318 4319 upstream: randomise keystroke obfuscation intervals and average 4320 4321 interval rate. ok dtucker@ 4322 4323 OpenBSD-Commit-ID: 05f61d051ab418fcfc4857ff306e420037502382 4324 4325commit bd1b9e52f5fa94d87223c90905c5fdc1a7c32aa6 4326Author: djm@openbsd.org <djm@openbsd.org> 4327Date: Fri Sep 8 06:34:24 2023 +0000 4328 4329 upstream: fix sizeof(*ptr) instead sizeof(ptr) in realloc (pointer here 4330 4331 is char**, so harmless); spotted in CID 416964 4332 4333 OpenBSD-Commit-ID: c61caa4a5a667ee20bb1042098861e6c72c69002 4334 4335commit c4f966482983e18601eec70a1563115de836616f 4336Author: djm@openbsd.org <djm@openbsd.org> 4337Date: Fri Sep 8 06:10:57 2023 +0000 4338 4339 upstream: regress test recursive remote-remote directories copies where 4340 4341 the directory contains a symlink to another directory. 4342 4343 also remove errant `set -x` that snuck in at some point 4344 4345 OpenBSD-Regress-ID: 1c94a48bdbd633ef2285954ee257725cd7bc456f 4346 4347commit 5e1dfe5014ebc194641678303e22ab3bba15f4e5 4348Author: djm@openbsd.org <djm@openbsd.org> 4349Date: Fri Sep 8 06:10:02 2023 +0000 4350 4351 upstream: fix recursive remote-remote copies of directories that 4352 4353 contain symlinks to other directories (similar to bz3611) 4354 4355 OpenBSD-Commit-ID: 7e19d2ae09b4f941bf8eecc3955c9120171da37f 4356 4357commit 7c0ce2bf98b303b6ad91493ee3247d96c18ba1f6 4358Author: djm@openbsd.org <djm@openbsd.org> 4359Date: Fri Sep 8 05:50:57 2023 +0000 4360 4361 upstream: regress test for recursive copies of directories containing 4362 4363 symlinks to other directories. bz3611, ok dtucker@ 4364 4365 OpenBSD-Regress-ID: eaa4c29cc5cddff4e72a16bcce14aeb1ecfc94b9 4366 4367commit 2de990142a83bf60ef694378b8598706bc654b08 4368Author: djm@openbsd.org <djm@openbsd.org> 4369Date: Fri Sep 8 05:56:13 2023 +0000 4370 4371 upstream: the sftp code was one of my first contributions to 4372 4373 OpenSSH and it shows - the function names are terrible. 4374 4375 Rename do_blah() to sftp_blah() to make them less so. 4376 4377 Completely mechanical except for sftp_stat() and sftp_lstat() which 4378 change from returning a pointer to a static variable (error-prone) to 4379 taking a pointer to a caller-provided receiver. 4380 4381 OpenBSD-Commit-ID: eb54d6a72d0bbba4d623e2175cf5cc4c75dc2ba4 4382 4383commit 249d8bd0472b53e3a2a0e138b4c030a31e83346a 4384Author: djm@openbsd.org <djm@openbsd.org> 4385Date: Fri Sep 8 05:50:12 2023 +0000 4386 4387 upstream: fix scp in SFTP mode recursive upload and download of 4388 4389 directories that contain symlinks to other directories. In scp mode, the 4390 links would be followed, but in SFTP mode they were not. bz3611, ok dtucker@ 4391 4392 OpenBSD-Commit-ID: 9760fda668eaa94a992250d7670dfbc62a45197c 4393 4394commit 0e1f4401c466fa4fdaea81b6dadc8dd1fc4cf0af 4395Author: djm@openbsd.org <djm@openbsd.org> 4396Date: Wed Sep 6 23:36:09 2023 +0000 4397 4398 upstream: regression test for override of subsystem in match blocks 4399 4400 OpenBSD-Regress-ID: 5f8135da3bfda71067084c048d717b0e8793e87c 4401 4402commit 8a1450c62035e834d8a79a5d0d1c904236f9dcfe 4403Author: djm@openbsd.org <djm@openbsd.org> 4404Date: Wed Sep 6 23:35:35 2023 +0000 4405 4406 upstream: allow override of Sybsystem directives in sshd Match 4407 4408 blocks 4409 4410 OpenBSD-Commit-ID: 3911d18a826a2d2fe7e4519075cf3e57af439722 4411 4412commit 6e52826e2a74d077147a82ead8d4fbd5b54f4e3b 4413Author: djm@openbsd.org <djm@openbsd.org> 4414Date: Wed Sep 6 23:26:37 2023 +0000 4415 4416 upstream: allocate the subsystems array as necessary and remove the 4417 4418 fixed limit of subsystems. Saves a few kb of memory in the server and makes 4419 it more like the other options. 4420 4421 OpenBSD-Commit-ID: e683dfca6bdcbc3cc339bb6c6517c0c4736a547f 4422 4423commit e19069c9fac4c111d6496b19c7f7db43b4f07b4f 4424Author: djm@openbsd.org <djm@openbsd.org> 4425Date: Wed Sep 6 23:23:53 2023 +0000 4426 4427 upstream: preserve quoting of Subsystem commands and arguments. 4428 4429 This may change behaviour of exotic configurations, but the most common 4430 subsystem configuration (sftp-server) is unlikely to be affected. 4431 4432 OpenBSD-Commit-ID: 8ffa296aeca981de5b0945242ce75aa6dee479bf 4433 4434commit 52dfe3c72d98503d8b7c6f64fc7e19d685636c0b 4435Author: djm@openbsd.org <djm@openbsd.org> 4436Date: Wed Sep 6 23:21:36 2023 +0000 4437 4438 upstream: downgrade duplicate Subsystem directives from being a 4439 4440 fatal error to being a debug message to match behaviour with just about all 4441 other directives. 4442 4443 OpenBSD-Commit-ID: fc90ed2cc0c18d4eb8e33d2c5e98d25f282588ce 4444 4445commit 1ee0a16e07b6f0847ff463d7b5221c4bf1876e25 4446Author: djm@openbsd.org <djm@openbsd.org> 4447Date: Wed Sep 6 23:18:15 2023 +0000 4448 4449 upstream: handle cr+lf (instead of just cr) in sshsig signature 4450 4451 files 4452 4453 OpenBSD-Commit-ID: 647460a212b916540016d066568816507375fd7f 4454 4455commit e1c284d60a928bcdd60bc575c6f9604663502770 4456Author: job@openbsd.org <job@openbsd.org> 4457Date: Mon Sep 4 10:29:58 2023 +0000 4458 4459 upstream: Generate Ed25519 keys when invoked without arguments 4460 4461 Ed25519 public keys are very convenient due to their small size. 4462 OpenSSH has supported Ed25519 since version 6.5 (January 2014). 4463 4464 OK djm@ markus@ sthen@ deraadt@ 4465 4466 OpenBSD-Commit-ID: f498beaad19c8cdcc357381a60df4a9c69858b3f 4467 4468commit 694150ad92765574ff82a18f4e86322bd3231e68 4469Author: djm@openbsd.org <djm@openbsd.org> 4470Date: Mon Sep 4 00:08:14 2023 +0000 4471 4472 upstream: trigger keystroke timing obfucation only if the channels 4473 4474 layer enqueud some data in the last poll() cycle; this avoids triggering the 4475 obfuscatior for non-channels data like ClientAlive probes and also fixes a 4476 related problem were the obfucations would be triggered on fully quiescent 4477 connections. 4478 4479 Based on / tested by naddy@ 4480 4481 OpenBSD-Commit-ID: d98f32dc62d7663ff4660e4556e184032a0db123 4482 4483commit b5fd97896b59a3a46245cf438cc8b16c795d9f74 4484Author: djm@openbsd.org <djm@openbsd.org> 4485Date: Mon Sep 4 00:04:02 2023 +0000 4486 4487 upstream: avoid bogus "obfuscate_keystroke_timing: stopping ..." 4488 4489 debug messages when keystroke timing obfuscation was never started; spotted 4490 by naddy@ 4491 4492 OpenBSD-Commit-ID: 5c270d35f7d2974db5c1646e9c64188f9393be31 4493 4494commit ccf7d913db34e49b7a6db1b8331bd402004c840d 4495Author: djm@openbsd.org <djm@openbsd.org> 4496Date: Mon Sep 4 00:01:46 2023 +0000 4497 4498 upstream: make channel_output_poll() return a flag indicating 4499 4500 whether channel data was enqueued. Will be used to improve keystroke timing 4501 obfuscation. Problem spotted by / tested by naddy@ 4502 4503 OpenBSD-Commit-ID: f9776c7b0065ba7c3bbe50431fd3b629f44314d0 4504 4505commit 43254b326ac6e2131dbd750f9464dc62c14bd5a7 4506Author: djm@openbsd.org <djm@openbsd.org> 4507Date: Sun Sep 3 23:59:32 2023 +0000 4508 4509 upstream: set interactive mode for ControlPersist sessions if they 4510 4511 originally requested a tty; enables keystroke timing obfuscation for most 4512 ControlPersist sessions. Spotted by naddy@ 4513 4514 OpenBSD-Commit-ID: 72783a26254202e2f3f41a2818a19956fe49a772 4515 4516commit ff3eda68ceb2e2bb8f48e3faceb96076c3e85c20 4517Author: Darren Tucker <dtucker@dtucker.net> 4518Date: Thu Aug 31 23:02:35 2023 +1000 4519 4520 Set LLONG_MAX for C89 test. 4521 4522 If we don't have LLONG_MAX, configure will figure out that it can get it 4523 by setting -std=gnu99, at which point we won't be testing C89 any more. 4524 To avoid this, feed it in via CFLAGS. 4525 4526commit f98031773db361424d59e3301aa92aacf423d920 4527Author: djm@openbsd.org <djm@openbsd.org> 4528Date: Tue Aug 29 02:50:10 2023 +0000 4529 4530 upstream: make PerSourceMaxStartups first-match-wins; ok dtucker@ 4531 4532 OpenBSD-Commit-ID: dac0c24cb709e3c595b8b4f422a0355dc5a3b4e7 4533 4534commit cfa66857db90cd908de131e0041a50ffc17c7df8 4535Author: djm@openbsd.org <djm@openbsd.org> 4536Date: Mon Aug 28 09:52:09 2023 +0000 4537 4538 upstream: descriptive text shouldn't be under .Cm 4539 4540 OpenBSD-Commit-ID: b1afaeb456a52bc8a58f4f9f8b2f9fa8f6bf651b 4541 4542commit 01dbf3d46651b7d6ddf5e45d233839bbfffaeaec 4543Author: djm@openbsd.org <djm@openbsd.org> 4544Date: Mon Aug 28 09:48:11 2023 +0000 4545 4546 upstream: limit artificial login delay to a reasonable maximum (5s) 4547 4548 and don't delay at all for the "none" authentication mechanism. Patch by 4549 Dmitry Belyavskiy in bz3602 with polish/ok dtucker@ 4550 4551 OpenBSD-Commit-ID: 85b364676dd84cf1de0e98fc2fbdcb1a844ce515 4552 4553commit 528da5b9d7c5da01ed7a73ff21c722e1b5326006 4554Author: jmc@openbsd.org <jmc@openbsd.org> 4555Date: Mon Aug 28 05:32:28 2023 +0000 4556 4557 upstream: add spacing for punctuation when macro args; 4558 4559 OpenBSD-Commit-ID: e80343c16ce0420b2aec98701527cf90371bd0db 4560 4561commit 3867361ca691d0956ef7d5fb8181cf554a91d84a 4562Author: djm@openbsd.org <djm@openbsd.org> 4563Date: Mon Aug 28 04:06:52 2023 +0000 4564 4565 upstream: explicit long long type in timing calculations (doesn't 4566 4567 matter, since the range is pre-clamped) 4568 4569 OpenBSD-Commit-ID: f786ed902d04a5b8ecc581d068fea1a79aa772de 4570 4571commit 7603ba71264e7fa938325c37eca993e2fa61272f 4572Author: djm@openbsd.org <djm@openbsd.org> 4573Date: Mon Aug 28 03:31:16 2023 +0000 4574 4575 upstream: Add keystroke timing obfuscation to the client. 4576 4577 This attempts to hide inter-keystroke timings by sending interactive 4578 traffic at fixed intervals (default: every 20ms) when there is only a 4579 small amount of data being sent. It also sends fake "chaff" keystrokes 4580 for a random interval after the last real keystroke. These are 4581 controlled by a new ssh_config ObscureKeystrokeTiming keyword/ 4582 4583 feedback/ok markus@ 4584 4585 OpenBSD-Commit-ID: 02231ddd4f442212820976068c34a36e3c1b15be 4586 4587commit dce6d80d2ed3cad2c516082682d5f6ca877ef714 4588Author: djm@openbsd.org <djm@openbsd.org> 4589Date: Mon Aug 28 03:28:43 2023 +0000 4590 4591 upstream: Introduce a transport-level ping facility 4592 4593 This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG 4594 to implement a ping capability. These messages use numbers in the "local 4595 extensions" number space and are advertised using a "ping@openssh.com" 4596 ext-info message with a string version number of "0". 4597 4598 ok markus@ 4599 4600 OpenBSD-Commit-ID: b6b3c4cb2084c62f85a8dc67cf74954015eb547f 4601 4602commit d2d247938b38b928f8a6e1a47a330c5584d3a358 4603Author: tobhe@openbsd.org <tobhe@openbsd.org> 4604Date: Mon Aug 21 21:16:18 2023 +0000 4605 4606 upstream: Log errors in kex_exchange_identification() with level 4607 4608 verbose instead of error to reduce preauth log spam. All of those get logged 4609 with a more generic error message by sshpkt_fatal(). 4610 4611 feedback from sthen@ 4612 ok djm@ 4613 4614 OpenBSD-Commit-ID: bd47dab4695b134a44c379f0e9a39eed33047809 4615 4616commit 9d7193a8359639801193ad661a59d1ae4dc3d302 4617Author: djm@openbsd.org <djm@openbsd.org> 4618Date: Mon Aug 21 04:59:54 2023 +0000 4619 4620 upstream: correct math for ClientAliveInterval that caused the 4621 4622 probes to be sent less frequently than configured; from Dawid Majchrzak 4623 4624 OpenBSD-Commit-ID: 641153e7c05117436ddfc58267aa267ca8b80038 4625 4626commit 3c6ab63b383b0b7630da175941e01de9db32a256 4627Author: Darren Tucker <dtucker@dtucker.net> 4628Date: Fri Aug 25 14:48:02 2023 +1000 4629 4630 Include Portable version in sshd version string. 4631 4632 bz#3608, ok djm@ 4633 4634commit 17fa6cd10a26e193bb6f65d21264d2fe553bcd87 4635Author: Darren Tucker <dtucker@dtucker.net> 4636Date: Mon Aug 21 19:47:58 2023 +1000 4637 4638 obsd-arm64 host is real hardware... 4639 4640 so put in the correct config location. 4641 4642commit 598ca75c85acaaacee5ef954251e489cc20d7be9 4643Author: Darren Tucker <dtucker@dtucker.net> 4644Date: Mon Aug 21 18:38:36 2023 +1000 4645 4646 Add OpenBSD ARM64 test host. 4647 4648commit 1acac79bfbe207e8db639e8043524962037c8feb 4649Author: Darren Tucker <dtucker@dtucker.net> 4650Date: Mon Aug 21 18:05:26 2023 +1000 4651 4652 Add test for zlib development branch. 4653 4654commit 84efebf352fc700e9040c8065707c63caedd36a3 4655Author: djm@openbsd.org <djm@openbsd.org> 4656Date: Mon Aug 21 04:36:46 2023 +0000 4657 4658 upstream: want stdlib.h for free(3) 4659 4660 OpenBSD-Commit-ID: 743af3c6e3ce5e6cecd051668f0327a01f44af29 4661 4662commit cb4ed12ffc332d1f72d054ed92655b5f1c38f621 4663Author: Darren Tucker <dtucker@dtucker.net> 4664Date: Sat Aug 19 07:39:08 2023 +1000 4665 4666 Fix zlib version check for 1.3 and future version. 4667 4668 bz#3604. 4669 4670commit 25b75e21f16bccdaa472ea1889b293c9bd51a87b 4671Author: Darren Tucker <dtucker@dtucker.net> 4672Date: Mon Aug 14 11:10:08 2023 +1000 4673 4674 Add 9.4 branch to CI status page. 4675 4676commit 803e22eabd3ba75485eedd8b7b44d6ace79f2052 4677Author: djm@openbsd.org <djm@openbsd.org> 4678Date: Fri Aug 18 01:37:41 2023 +0000 4679 4680 upstream: fix regression in OpenSSH 9.4 (mux.c r1.99) that caused 4681 4682 multiplexed sessions to ignore SIGINT under some circumstances. Reported by / 4683 feedback naddy@, ok dtucker@ 4684 4685 OpenBSD-Commit-ID: 4d5c6c894664f50149153fd4764f21f43e7d7e5a 4686 4687commit e706bca324a70f68dadfd0ec69edfdd486eed23a 4688Author: djm@openbsd.org <djm@openbsd.org> 4689Date: Wed Aug 16 16:14:11 2023 +0000 4690 4691 upstream: defence-in-depth MaxAuthTries check in monitor; ok markus 4692 4693 OpenBSD-Commit-ID: 65a4225dc708e2dae71315adf93677edace46c21 4694 4695commit d1ab7eb90474df656d5e9935bae6df0bd000d343 4696Author: djm@openbsd.org <djm@openbsd.org> 4697Date: Mon Aug 14 03:37:00 2023 +0000 4698 4699 upstream: add message number of SSH2_MSG_NEWCOMPRESS defined in RFC8308 4700 4701 OpenBSD-Commit-ID: 6c984171c96ed67effd7b5092f3d3975d55d6028 4702 4703commit fa8da52934cb7dff6f660a143276bdb28bb9bbe1 4704Author: Darren Tucker <dtucker@dtucker.net> 4705Date: Sun Aug 13 15:01:27 2023 +1000 4706 4707 Add obsd72 and obsd73 test targets. 4708 4709commit f9f18006678d2eac8b0c5a5dddf17ab7c50d1e9f 4710Author: djm@openbsd.org <djm@openbsd.org> 4711Date: Thu Aug 10 23:05:48 2023 +0000 4712 4713 upstream: better debug logging of sessions' exit status 4714 4715 OpenBSD-Commit-ID: 82237567fcd4098797cbdd17efa6ade08e1a36b0 4716 4717commit a8c57bcb077f0cfdffcf9f23866bf73bb93e185c 4718Author: naddy@openbsd.org <naddy@openbsd.org> 4719Date: Thu Aug 10 14:37:32 2023 +0000 4720 4721 upstream: drop a wayward comma, ok jmc@ 4722 4723 OpenBSD-Commit-ID: 5c11fbb9592a29b37bbf36f66df50db9d38182c6 4724 4725commit e962f9b318a238db1becc53c2bf79dd3a49095b4 4726Author: Damien Miller <djm@mindrot.org> 4727Date: Thu Aug 10 11:10:22 2023 +1000 4728 4729 depend 4730 4731commit 0fcb60bf83130dfa428bc4422b3a3ac20fb528af 4732Author: Damien Miller <djm@mindrot.org> 4733Date: Thu Aug 10 11:05:42 2023 +1000 4734 4735 update versions in RPM specs 4736 4737commit d0cee4298491314f09afa1c4383a66d913150b26 4738Author: Damien Miller <djm@mindrot.org> 4739Date: Thu Aug 10 11:05:14 2023 +1000 4740 4741 update version in README 4742 4743commit 78b4dc6684f4d35943b46b24ee645edfdb9974f5 4744Author: djm@openbsd.org <djm@openbsd.org> 4745Date: Thu Aug 10 01:01:07 2023 +0000 4746 4747 upstream: openssh-9.4 4748 4749 OpenBSD-Commit-ID: 71fc1e01a4c4ea061b252bd399cda7be757e6e35 4750 4751commit 58ca4f0aa8c4306ac0a629c9a85fb1efaf4ff092 4752Author: Darren Tucker <dtucker@dtucker.net> 4753Date: Thu Aug 10 11:30:24 2023 +1000 4754 4755 Only include unistd.h once. 4756 4757commit 3961ed02dc578517a9d2535128cff5c3a5460d28 4758Author: Damien Miller <djm@mindrot.org> 4759Date: Thu Aug 10 09:08:49 2023 +1000 4760 4761 wrap poll.h include in HAVE_POLL_H 4762 4763commit e535fbe2af893046c28adfcd787c1fdbae36a24a 4764Author: dtucker@openbsd.org <dtucker@openbsd.org> 4765Date: Fri Aug 4 06:32:40 2023 +0000 4766 4767 upstream: Apply ConnectTimeout to multiplexing local socket 4768 4769 connections. If the multiplex socket exists but the connection times out, 4770 ssh will fall back to a direct connection the same way it would if the socket 4771 did not exist at all. ok djm@ 4772 4773 OpenBSD-Commit-ID: 2fbe1a36d4a24b98531b2d298a6557c8285dc1b4 4774 4775commit 9d92e7b24848fcc605945f7c2e3460c7c31832ce 4776Author: Darren Tucker <dtucker@dtucker.net> 4777Date: Thu Aug 3 19:35:33 2023 +1000 4778 4779 Fix RNG seeding for OpenSSL w/out self seeding. 4780 4781 When sshd is built with an OpenSSL that does not self-seed, it would 4782 fail in the preauth privsep process while handling a new connection. 4783 Sanity checked by djm@ 4784 4785commit f70010d9b0b3e7e95de8aa0b961e1d74362cfb5d 4786Author: djm@openbsd.org <djm@openbsd.org> 4787Date: Wed Aug 2 23:04:38 2023 +0000 4788 4789 upstream: CheckHostIP has defaulted to 'no' for a while; make the 4790 4791 commented- out config option match. From Ed Maste 4792 4793 OpenBSD-Commit-ID: e66e934c45a9077cb1d51fc4f8d3df4505db58d9 4794 4795commit c88a8788f9865d02b986d00405b9f0be65ad0b5a 4796Author: dtucker@openbsd.org <dtucker@openbsd.org> 4797Date: Tue Aug 1 08:15:04 2023 +0000 4798 4799 upstream: remove unnecessary if statement. 4800 4801 github PR#422 from eyalasulin999, ok djm@ 4802 4803 OpenBSD-Commit-ID: 2b6b0dde4407e039f58f86c8d2ff584a8205ea55 4804 4805commit 77b8b865cd5a8c79a47605c0c5b2bacf4692c4d5 4806Author: jmc@openbsd.org <jmc@openbsd.org> 4807Date: Fri Jul 28 05:42:36 2023 +0000 4808 4809 upstream: %C is a callable macro in mdoc(7) 4810 4811 so, as we do for %D, escape it; 4812 4813 OpenBSD-Commit-ID: 538cfcddbbb59dc3a8739604319491dcb8e0c0c9 4814 4815commit e0f91aa9c2fbfc951e9ced7e1305455fc614d3f2 4816Author: djm@openbsd.org <djm@openbsd.org> 4817Date: Fri Jul 28 05:33:15 2023 +0000 4818 4819 upstream: don't need to start a command here; use ssh -N instead. 4820 4821 Fixes failure on cygwin spotted by Darren 4822 4823 OpenBSD-Regress-ID: ff678a8cc69160a3b862733d935ec4a383f93cfb 4824 4825commit f446a44f30bc680e0d026a4204844b02646c1c2d 4826Author: djm@openbsd.org <djm@openbsd.org> 4827Date: Wed May 17 05:52:01 2023 +0000 4828 4829 upstream: add LTESTS_FROM variable to allow skipping of tests up to 4830 4831 a specific point. e.g. "make LTESTS_FROM=t-sftp" will only run the sftp.sh 4832 test and subsequent ones. ok dtucker@ 4833 4834 OpenBSD-Regress-ID: 07f653de731def074b29293db946042706fcead3 4835 4836commit 8eb8899d612440a9b608bee7f916081d3d0b7812 4837Author: djm@openbsd.org <djm@openbsd.org> 4838Date: Fri May 12 06:37:42 2023 +0000 4839 4840 upstream: test ChrootDirectory in Match block 4841 4842 OpenBSD-Regress-ID: a6150262f39065939f025e546af2a346ffe674c1 4843 4844commit e43f43d3f19516222e9a143468ea0dc1b3ab67b6 4845Author: djm@openbsd.org <djm@openbsd.org> 4846Date: Fri May 12 06:36:27 2023 +0000 4847 4848 upstream: better error messages 4849 4850 OpenBSD-Regress-ID: 55e4186604e80259496d841e690ea2090981bc7a 4851 4852commit 6958f00acf3b9e0b3730f7287e69996bcf3ceda4 4853Author: djm@openbsd.org <djm@openbsd.org> 4854Date: Thu Jul 27 22:26:49 2023 +0000 4855 4856 upstream: don't incorrectly truncate logged strings retrieved from 4857 4858 PKCS#11 modules; based on GHPR406 by Jakub Jelen; ok markus 4859 4860 OpenBSD-Commit-ID: 7ed1082f23a13b38c373008f856fd301d50012f9 4861 4862commit d1ffde6b55170cd4b9a72bfd9a3f17508e6cf714 4863Author: djm@openbsd.org <djm@openbsd.org> 4864Date: Thu Jul 27 22:25:17 2023 +0000 4865 4866 upstream: make sshd_config AuthorizedPrincipalsCommand and 4867 4868 AuthorizedKeysCommand accept the %D (routing domain) and a new %C (connection 4869 address/port 4-tuple) as expansion sequences; ok markus 4870 4871 OpenBSD-Commit-ID: ee9a48bf1a74c4ace71b69de69cfdaa2a7388565 4872 4873commit 999a2886ca1844a7a74b905e5f2c8c701f9838cd 4874Author: djm@openbsd.org <djm@openbsd.org> 4875Date: Thu Jul 27 22:23:05 2023 +0000 4876 4877 upstream: increase default KDF work-factor for OpenSSH format 4878 4879 private keys from 16 to 24; { feedback ok } x { deraadt markus } 4880 4881 OpenBSD-Commit-ID: a3afb1383f8ff0a49613d449f02395d9e8d4a9ec 4882 4883commit 0fa803a1dd1c7b546c166000e23a869cf6c4ec10 4884Author: Darren Tucker <dtucker@dtucker.net> 4885Date: Thu Jul 27 02:25:09 2023 +1000 4886 4887 Prefer OpenSSL's SHA256 in sk-dummy.so 4888 4889 Previously sk-dummy.so used libc's (or compat's) SHA256 since it may be 4890 built without OpenSSL. In many cases, however, including both libc's 4891 and OpenSSL's headers together caused conflicting definitions. 4892 4893 We tried working around this (on OpenSSL <1.1 you could define 4894 OPENSSL_NO_SHA, NetBSD had USE_LIBC_SHA2, various #define hacks) with 4895 varying levels of success. Since OpenSSL >=1.1 removed OPENSSL_NO_SHA 4896 and including most OpenSSL headers would bring sha.h in, even if it 4897 wasn't used directly this was a constant hassle. 4898 4899 Admit defeat and use OpenSSL's SHA256 unless we aren't using OpenSSL at 4900 all. ok djm@ 4901 4902commit 36cdb5dbf55c99c0faad06066f56a7c341258c1f 4903Author: Darren Tucker <dtucker@dtucker.net> 4904Date: Thu Jul 27 10:29:44 2023 +1000 4905 4906 Retire dfly58 test VM. Add dfly64. 4907 4908commit 2d34205dab08ede9b0676efa57647fc49e6decbe 4909Author: djm@openbsd.org <djm@openbsd.org> 4910Date: Wed Jul 26 23:06:00 2023 +0000 4911 4912 upstream: make ssh -f (fork after authentication) work properly in 4913 4914 multiplexed cases (inc. ControlPersist). bz3589 bz3589 Based on patches by 4915 Peter Chubb; ok dtucker@ 4916 4917 OpenBSD-Commit-ID: a7a2976a54b93e6767dc846b85647e6ec26969ac 4918 4919commit 076aeda86a7ee9be8fd2f0181ec7b9729a6ceb37 4920Author: naddy@openbsd.org <naddy@openbsd.org> 4921Date: Sun Jul 23 20:04:45 2023 +0000 4922 4923 upstream: man page typos; ok jmc@ 4924 4925 OpenBSD-Commit-ID: e6ddfef94b0eb867ad88abe07cedc8ed581c07f0 4926 4927commit 135e7d5fe31f700e6dfc61ce914970c5ee7175ba 4928Author: jmc@openbsd.org <jmc@openbsd.org> 4929Date: Thu Jul 20 05:43:39 2023 +0000 4930 4931 upstream: tweak the allow-remote-pkcs11 text; 4932 4933 OpenBSD-Commit-ID: bc965460a89edf76865b7279b45cf9cbdebd558a 4934 4935commit 5f83342b61d1f76c141de608ed2bd293990416bd 4936Author: Darren Tucker <dtucker@dtucker.net> 4937Date: Tue Jul 25 13:00:22 2023 +1000 4938 4939 Handle a couple more OpenSSL no-ecc cases. 4940 4941 ok djm@ 4942 4943commit edc2ef4e418e514c99701451fae4428ec04ce538 4944Author: Damien Miller <djm@mindrot.org> 4945Date: Thu Jul 20 12:53:44 2023 +1000 4946 4947 depend 4948 4949commit 51fda734e0d3c2df256fc03e8b060c4305be6e59 4950Author: Damien Miller <djm@mindrot.org> 4951Date: Thu Jul 20 12:53:21 2023 +1000 4952 4953 Bring back OPENSSL_HAS_ECC to ssh-pkcs11-client 4954 4955commit 099cdf59ce1e72f55d421c8445bf6321b3004755 4956Author: djm@openbsd.org <djm@openbsd.org> 4957Date: Wed Jul 19 14:03:45 2023 +0000 4958 4959 upstream: Separate ssh-pkcs11-helpers for each p11 module 4960 4961 Make ssh-pkcs11-client start an independent helper for each provider, 4962 providing better isolation between modules and reliability if a single 4963 module misbehaves. 4964 4965 This also implements reference counting of PKCS#11-hosted keys, 4966 allowing ssh-pkcs11-helper subprocesses to be automatically reaped 4967 when no remaining keys reference them. This fixes some bugs we have 4968 that make PKCS11 keys unusable after they have been deleted, e.g. 4969 https://bugzilla.mindrot.org/show_bug.cgi?id=3125 4970 4971 ok markus@ 4972 4973 OpenBSD-Commit-ID: 0ce188b14fe271ab0568f4500070d96c5657244e 4974 4975commit 29ef8a04866ca14688d5b7fed7b8b9deab851f77 4976Author: djm@openbsd.org <djm@openbsd.org> 4977Date: Wed Jul 19 14:02:27 2023 +0000 4978 4979 upstream: Ensure FIDO/PKCS11 libraries contain expected symbols 4980 4981 This checks via nlist(3) that candidate provider libraries contain one 4982 of the symbols that we will require prior to dlopen(), which can cause 4983 a number of side effects, including execution of constructors. 4984 4985 Feedback deraadt; ok markus 4986 4987 OpenBSD-Commit-ID: 1508a5fbd74e329e69a55b56c453c292029aefbe 4988 4989commit 1f2731f5d7a8f8a8385c6031667ed29072c0d92a 4990Author: djm@openbsd.org <djm@openbsd.org> 4991Date: Wed Jul 19 13:56:33 2023 +0000 4992 4993 upstream: Disallow remote addition of FIDO/PKCS11 provider 4994 4995 libraries to ssh-agent by default. 4996 4997 The old behaviour of allowing remote clients from loading providers 4998 can be restored using `ssh-agent -O allow-remote-pkcs11`. 4999 5000 Detection of local/remote clients requires a ssh(1) that supports 5001 the `session-bind@openssh.com` extension. Forwarding access to a 5002 ssh-agent socket using non-OpenSSH tools may circumvent this control. 5003 5004 ok markus@ 5005 5006 OpenBSD-Commit-ID: 4c2bdf79b214ae7e60cc8c39a45501344fa7bd7c 5007 5008commit 892506b13654301f69f9545f48213fc210e5c5cc 5009Author: djm@openbsd.org <djm@openbsd.org> 5010Date: Wed Jul 19 13:55:53 2023 +0000 5011 5012 upstream: terminate process if requested to load a PKCS#11 provider 5013 5014 that isn't a PKCS#11 provider; from / ok markus@ 5015 5016 OpenBSD-Commit-ID: 39532cf18b115881bb4cfaee32084497aadfa05c 5017 5018commit f3f56df8ec476b2de6cbdbdfdb77a2a61087829d 5019Author: Damien Miller <djm@mindrot.org> 5020Date: Wed Jul 19 12:07:18 2023 +1000 5021 5022 agent_fuzz doesn't want stdint.h conditionalised 5023 5024commit 750911fd31d307a767cc86e3bfa90bbbb77b1a25 5025Author: Damien Miller <djm@mindrot.org> 5026Date: Tue Jul 18 15:41:12 2023 +1000 5027 5028 conditionalise stdint.h inclusion on HAVE_STDINT_H 5029 5030 fixes build on AIX5 at least 5031 5032commit ff047504fa6e008c4092f8929881816b8993bea0 5033Author: Damien Miller <djm@mindrot.org> 5034Date: Tue Jul 18 15:30:45 2023 +1000 5035 5036 conditionalise match localnetwork on ifaddrs.h 5037 5038 Fixes build breakage on platforms that lack getifaddrs() 5039 5040commit b87b03282e466ca2927954ce93f5dbf0bfdc68f6 5041Author: djm@openbsd.org <djm@openbsd.org> 5042Date: Mon Jul 17 06:16:33 2023 +0000 5043 5044 upstream: missing match localnetwork negation check 5045 5046 OpenBSD-Commit-ID: 9a08ed8dae27d3f38cf280f1b28d4e0ff41a737a 5047 5048commit 6d6e185ba29ef4274164b77eab4dc763907f8821 5049Author: jmc@openbsd.org <jmc@openbsd.org> 5050Date: Mon Jul 17 05:41:53 2023 +0000 5051 5052 upstream: - add -P to usage() - sync the arg name to -J in usage() 5053 5054 with that in ssh.1 - reformat usage() to match what "man ssh" does on 80width 5055 5056 OpenBSD-Commit-ID: 5235dd7aa42e5bf90ae54579d519f92fc107036e 5057 5058commit f1a9898283a0638667b587ee4a950afd61ab51b0 5059Author: jmc@openbsd.org <jmc@openbsd.org> 5060Date: Mon Jul 17 05:38:10 2023 +0000 5061 5062 upstream: -P before -p in SYNOPSIS; 5063 5064 OpenBSD-Commit-ID: 535f5257c779e26c6a662a038d241b017f8cab7c 5065 5066commit eef4d7e873568e1c84c36bb4034e2c3378250a61 5067Author: jsg@openbsd.org <jsg@openbsd.org> 5068Date: Mon Jul 17 05:36:14 2023 +0000 5069 5070 upstream: configuation -> configuration 5071 5072 OpenBSD-Commit-ID: 4776ced33b780f1db0b2902faec99312f26a726b 5073 5074commit dc1dbe94cf6532bd546a3373ad436404f8850e5f 5075Author: djm@openbsd.org <djm@openbsd.org> 5076Date: Mon Jul 17 05:26:38 2023 +0000 5077 5078 upstream: move other RCSIDs to before their respective license blocks 5079 5080 too no code change 5081 5082 OpenBSD-Commit-ID: ef5bf46b57726e4260a63b032b0b5ac3b4fe9cd4 5083 5084commit ebe11044681caff78834ca6b78311ad19c1860b8 5085Author: djm@openbsd.org <djm@openbsd.org> 5086Date: Mon Jul 17 05:22:30 2023 +0000 5087 5088 upstream: Move RCSID to before license block and away from #includes, 5089 5090 where it caused merge conflict in -portable for each commit :( 5091 5092 OpenBSD-Commit-ID: 756ebac963df3245258b962e88150ebab9d5fc20 5093 5094commit 05c08e5f628de3ecf6f7ea20947735bcfa3201e0 5095Author: djm@openbsd.org <djm@openbsd.org> 5096Date: Mon Jul 17 05:20:15 2023 +0000 5097 5098 upstream: return SSH_ERR_KRL_BAD_MAGIC when a KRL doesn't contain a 5099 5100 valid magic number and not SSH_ERR_MESSAGE_INCOMPLETE; the former is needed 5101 to fall back to text revocation lists in some cases; fixes t-cert-hostkey. 5102 5103 OpenBSD-Commit-ID: 5c670a6c0f027e99b7774ef29f18ba088549c7e1 5104 5105commit c6fad2c3d19b74f0bd0af1ef040fc74f3a1d9ebb 5106Author: Damien Miller <djm@mindrot.org> 5107Date: Mon Jul 17 14:56:14 2023 +1000 5108 5109 avoid AF_LINK on platforms that don't define it 5110 5111commit 919bc3d3b712c920de1ae6be5ac6561c98886d7e 5112Author: djm@openbsd.org <djm@openbsd.org> 5113Date: Mon Jul 17 04:08:31 2023 +0000 5114 5115 upstream: Add support for configuration tags to ssh(1). 5116 5117 This adds a ssh_config(5) "Tag" directive and corresponding 5118 "Match tag" predicate that may be used to select blocks of 5119 configuration similar to the pf.conf(5) keywords of the same 5120 name. 5121 5122 ok markus 5123 5124 OpenBSD-Commit-ID: dc08358e70e702b59ac3e591827e5a96141b06a3 5125 5126commit 3071d85a47061c1bdaf11a0ac233b501ecba862c 5127Author: djm@openbsd.org <djm@openbsd.org> 5128Date: Mon Jul 17 04:04:36 2023 +0000 5129 5130 upstream: add a "match localnetwork" predicate. 5131 5132 This allows matching on the addresses of available network interfaces 5133 and may be used to vary the effective client configuration based on 5134 network location (e.g. to use a ProxyJump when not on a particular 5135 network). 5136 5137 ok markus@ 5138 5139 OpenBSD-Commit-ID: cffb6ff9a3803abfc52b5cad0aa190c5e424c139 5140 5141commit beec17bb311365b75a0a5941418d4b96df7d7888 5142Author: djm@openbsd.org <djm@openbsd.org> 5143Date: Mon Jul 17 04:01:10 2023 +0000 5144 5145 upstream: remove vestigal support for KRL signatures 5146 5147 When the KRL format was originally defined, it included support for 5148 signing of KRL objects. However, the code to sign KRLs and verify KRL 5149 signatues was never completed in OpenSSH. 5150 5151 Now, some years later, we have SSHSIG support in ssh-keygen that is 5152 more general, well tested and actually works. So this removes the 5153 semi-finished KRL signing/verification support from OpenSSH and 5154 refactors the remaining code to realise the benefit - primarily, we 5155 no longer need to perform multiple parsing passes over KRL objects. 5156 5157 ok markus@ 5158 5159 OpenBSD-Commit-ID: 517437bab3d8180f695c775410c052340e038804 5160 5161commit 449566f64c21b4578d5c0c431badd0328adc53ed 5162Author: djm@openbsd.org <djm@openbsd.org> 5163Date: Mon Jul 17 03:57:21 2023 +0000 5164 5165 upstream: Support for KRL extensions. 5166 5167 This defines wire formats for optional KRL extensions and implements 5168 parsing of the new submessages. No actual extensions are supported at 5169 this point. 5170 5171 ok markus 5172 5173 OpenBSD-Commit-ID: ae2fcde9a22a9ba7f765bd4f36b3f5901d8c3fa7 5174 5175commit 18ea857770e84825a3a6238bb37f54864487b59f 5176Author: dtucker@openbsd.org <dtucker@openbsd.org> 5177Date: Fri Jul 14 07:44:21 2023 +0000 5178 5179 upstream: Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build. 5180 5181 OpenBSD-Commit-ID: e7c31034a5434f2ead3579b13a7892960651e6b0 5182 5183commit 20b768fcd13effe0f2d3619661b6c8592c773553 5184Author: Darren Tucker <dtucker@dtucker.net> 5185Date: Fri Jul 14 17:07:32 2023 +1000 5186 5187 Fix typo in declaration of nmesg. 5188 5189commit 4b94d09542e36ebde2eb9ad89bc68431609932de 5190Author: Damien Miller <djm@mindrot.org> 5191Date: Fri Jul 14 15:34:47 2023 +1000 5192 5193 portable-specific int overflow defence-in-depth 5194 5195 These too are unreachable, but we want the code to be safe regardless of 5196 context. Reported by Yair Mizrahi @ JFrog 5197 5198commit 2ee48adb9fc8692e8d6ac679dcc9f35e89ad68f0 5199Author: djm@openbsd.org <djm@openbsd.org> 5200Date: Fri Jul 14 05:31:44 2023 +0000 5201 5202 upstream: add defence-in-depth checks for some unreachable integer 5203 5204 overflows reported by Yair Mizrahi @ JFrog; feedback/ok millert@ 5205 5206 OpenBSD-Commit-ID: 52af085f4e7ef9f9d8423d8c1840a6a88bda90bd 5207 5208commit 4b43bc358ae6f6b19a973679246dc5172f6ac41b 5209Author: djm@openbsd.org <djm@openbsd.org> 5210Date: Mon Jul 10 04:51:26 2023 +0000 5211 5212 upstream: misplaced debug message 5213 5214 OpenBSD-Commit-ID: d0f12af0a5067a756aa707bc39a83fa6f58bf7e5 5215 5216commit 8c7203bcee4c4f98a22487b4631fe068b992099b 5217Author: Damien Miller <djm@mindrot.org> 5218Date: Wed Jul 12 11:41:19 2023 +1000 5219 5220 replace deprecate selinux matchpathcon function 5221 5222 This function is apparently deprecated. Documentation on what is the 5223 supposed replacement is is non-existent, so this follows the approach 5224 glibc used https://sourceware.org/git/?p=glibc.git;a=patch;h=f278835f59 5225 5226 ok dtucker@ 5227 5228commit 7e8800f5d701efffa39ccb63ca1e095ea777c31a 5229Author: dtucker@openbsd.org <dtucker@openbsd.org> 5230Date: Thu Jul 6 22:17:59 2023 +0000 5231 5232 upstream: minleft and maxsign are u_int so cast appropriately. Prompted 5233 5234 by github PR#410, ok deraadt. 5235 5236 OpenBSD-Commit-ID: 0514cd51db3ec60239966622a0d3495b15406ddd 5237 5238commit 94842bfe9b09fc93189c6ed0dc9bbebc1d44a426 5239Author: dlg@openbsd.org <dlg@openbsd.org> 5240Date: Tue Jul 4 03:59:21 2023 +0000 5241 5242 upstream: add support for unix domain sockets to ssh -W 5243 5244 ok djm@ dtucker@ 5245 5246 OpenBSD-Commit-ID: 3e6d47567b895c7c28855c7bd614e106c987a6d8 5247 5248commit a95fc5eed09a0238fb127b6c50e8498432b79dae 5249Author: David Seifert <soap@gentoo.org> 5250Date: Fri May 12 14:06:01 2023 +0200 5251 5252 gss-serv.c: `MAXHOSTNAMELEN` -> `HOST_NAME_MAX` 5253 5254 `MAXHOSTNAMELEN` is not defined in POSIX, which breaks on musl: 5255 https://pubs.opengroup.org/onlinepubs/9699919799/functions/gethostname.html 5256 5257 Bug: https://bugs.gentoo.org/834044 5258 5259commit 8a6cd08850f576e7527c52a1b086cae82fab290e 5260Author: Darren Tucker <dtucker@dtucker.net> 5261Date: Fri Jun 23 09:49:02 2023 +1000 5262 5263 Update runner OS version for hardenedmalloc test. 5264 5265 Hardenedmalloc dropped support for "legacy glibc" versions in their 5266 64dad0a69 so use a newer Ubuntu version for the runner for that test. 5267 5268commit cfca6f17e64baed6822bb927ed9f372ce64d9c5b 5269Author: Damien Miller <djm@mindrot.org> 5270Date: Thu Jun 22 15:04:03 2023 +1000 5271 5272 handle sysconf(SC_OPEN_MAX) returning > INT_MAX; 5273 5274 bz3581; ok dtucker 5275 5276commit c1c2ca1365b3f7b626683690bd2c68265f6d8ffd 5277Author: djm@openbsd.org <djm@openbsd.org> 5278Date: Wed Jun 21 05:10:26 2023 +0000 5279 5280 upstream: better validate CASignatureAlgorithms in ssh_config and 5281 5282 sshd_config. 5283 5284 Previously this directive would accept certificate algorithm names, but 5285 these were unusable in practice as OpenSSH does not support CA chains. 5286 5287 part of bz3577; ok dtucker@ 5288 5289 OpenBSD-Commit-ID: a992d410c8a78ec982701bc3f91043dbdb359912 5290 5291commit 4e73cd0f4ab3e5b576c56cac9732da62c8fc0565 5292Author: djm@openbsd.org <djm@openbsd.org> 5293Date: Wed Jun 21 05:08:32 2023 +0000 5294 5295 upstream: make `ssh -Q CASignatureAlgorithms` only list signature 5296 5297 algorithms that are valid for CA signing. Previous behaviour was to list all 5298 signing algorithms, including certificate algorithms (OpenSSH certificates do 5299 not support CA chains). part of bz3577; ok dtucker@ 5300 5301 OpenBSD-Commit-ID: 99c2b072dbac0f44fd1f2269e3ff6c1b5d7d3e59 5302 5303commit a69062f1695ac9c3c3dea29d3044c72aaa6af0ea 5304Author: djm@openbsd.org <djm@openbsd.org> 5305Date: Wed Jun 21 05:06:04 2023 +0000 5306 5307 upstream: handle rlimits > INT_MAX (rlim_t is u64); ok dtucker 5308 5309 bz3581 5310 5311 OpenBSD-Commit-ID: 31cf59c041becc0e5ccb0a77106f812c4cd1cd74 5312 5313commit 8d33f2aa6bb895a7f85a47189913639086347b75 5314Author: djm@openbsd.org <djm@openbsd.org> 5315Date: Tue Jun 20 23:59:33 2023 +0000 5316 5317 upstream: prepare for support for connecting to unix domain sockets 5318 5319 using ssh -W by explicitly decoding PORT_STREAMLOCAL (a negative number) from 5320 the u32 that's passed over the multiplexing socket; previously code would 5321 just cast, which is UB. 5322 5323 OpenBSD-Commit-ID: e5ac5f40d354096c51e8c118a5c1b2d2b7a31384 5324 5325commit b4ac435b4e67f8eb5932d8f59eb5b3cf7dc38df0 5326Author: djm@openbsd.org <djm@openbsd.org> 5327Date: Tue Jun 20 00:05:09 2023 +0000 5328 5329 upstream: reset comment=NULL for each key in do_fingerprint(); 5330 5331 fixes "no comment" not showing on when running `ssh-keygen -l` on multiple 5332 keys where one has a comment and other following keys do not. Patch from 5333 Markus Kuhn via GHPR407, bz3580 5334 5335 OpenBSD-Commit-ID: 3cce84456fdcd67dc6b84e369f92c6686d111d9b 5336 5337commit b53a809a549dcd4fbde554c6aa283e597b15ea33 5338Author: millert@openbsd.org <millert@openbsd.org> 5339Date: Mon Jun 5 13:24:36 2023 +0000 5340 5341 upstream: Store timeouts as int, not u_int as they are limited to 5342 5343 INT_MAX. Fixes sign compare warnings systems with 32-bit time_t due to type 5344 promotion. OK djm@ 5345 5346 OpenBSD-Commit-ID: 48081e9ad35705c5f1705711704a4c2ff94e87b7 5347 5348commit 2709809fd616a0991dc18e3a58dea10fb383c3f0 5349Author: Philip Hands <phil@hands.com> 5350Date: Wed May 24 19:41:14 2023 +0200 5351 5352 fixup! if -s & -p specified, mention 'sftp -P' on 5353 5354 success 5355 5356 SSH-Copy-ID-Upstream: 32686e7c65b4fa2846e474d3315102dfa0f043b0 5357 5358commit 204e0bf05161b7641500d7ab266c21217412379f 5359Author: Darren Tucker <dtucker@dtucker.net> 5360Date: Tue Aug 3 21:25:48 2021 +1000 5361 5362 Make ssh-copy-id(1) consistent with OpenSSH. 5363 5364 This makes the ssh-copy-id man page more consistent with the rest of the 5365 OpenSSH man pages: 5366 - new sentence, new line 5367 - no sentences >80 5368 - N.B. -> NB 5369 - zap unused .Pp 5370 - zap trailing whitespace 5371 5372 Report from Debian via mindrot bz#3331, diff from jmc at openbsd.org. 5373 5374 SSH-Copy-ID-Upstream: d8974cfb6242316460ed22a1ccc662800a50c5d3 5375 5376commit 9de79df66d1430d290fab670bb4b18612875e518 5377Author: Philip Hands <phil@hands.com> 5378Date: Wed May 24 11:45:43 2023 +0200 5379 5380 if -s & -p specified, mention 'sftp -P' on success 5381 5382 This was inspired by this: 5383 https://github.com/openssh/openssh-portable/pull/321 5384 but I thought that it was better to not do the sed patching. 5385 5386 BTW the reason one can get away with using $SSH_OPTS throughout, despite 5387 the lowercase -p in there, even if sftp is in use, is that the sftp call 5388 is using the already-established ssh master connection, so the port was 5389 passed to the earlier ssh. 5390 5391 SSH-Copy-ID-Upstream: 1c124d9bfafdbe28a00b683367ebf5750ce12eb2 5392 5393commit 801cda54c00e0f4e7d89345a90874c8d05dc233a 5394Author: Philip Hands <phil@hands.com> 5395Date: Tue May 23 23:07:11 2023 +0200 5396 5397 drop whitespace 5398 5399 SSH-Copy-ID-Upstream: e604fae1cdee35c18055d35dcec530cf12ef00ad 5400 5401commit 288482f53613f3e74544eb92deeb24f7c7f1f371 5402Author: Philip Hands <phil@hands.com> 5403Date: Tue May 23 20:52:13 2023 +0200 5404 5405 make -x also apply to the target script 5406 5407 SSH-Copy-ID-Upstream: 3c4214704f427bd0654adf9b0fc079253db21cf4 5408 5409commit b79e7b88ed44f0e4339f0ff35c96c78a92175a8d 5410Author: Philip Hands <phil@hands.com> 5411Date: Tue May 23 16:46:42 2023 +0200 5412 5413 add -t option to specify the target path 5414 5415 Allow the default target path (.ssh/authorized_files) to be over-riden 5416 5417 This was inspired by this MR from Panagiotis Cheilaris <philaris@cs.ntua.gr> 5418 5419 https://gitlab.com/phil_hands/ssh-copy-id/-/merge_requests/8 5420 5421 SSH-Copy-ID-Upstream: a942a0e076874adb6d8b2f0fb76d6c7918190fcd 5422 5423commit 914f4ad138714c471ba72fb6d5496b6235320edd 5424Author: Carlos Rodríguez Gili <carlos.rodriguez-gili@upc.edu> 5425Date: Tue Apr 20 19:23:57 2021 +0200 5426 5427 Fix test error for /bin/sh on Solaris 10 and older 5428 5429 On Solaris 10 and older targets /bin/sh is not POSIX-compliant. 5430 Test -z `...` fails with error 'sh: test: argument expected'. 5431 Using quotes around backticks fixes this and doesn't break 5432 POSIX compatibility. 5433 5434 SSH-Copy-ID-Upstream: 98394072a3f985b2650c1e8eab2fef84e38cc065 5435 5436commit bd382dca316c721aed1e45edcf4c4e0f6374afb0 5437Author: Jakub Jelen <jjelen@redhat.com> 5438Date: Tue Mar 2 21:34:05 2021 +0000 5439 5440 Remove outdated comment 5441 5442 The commit b068122 removed the code dropping the trailing colon, but the comment stayed leaving the code confusing for future readers 5443 5444 SSH-Copy-ID-Upstream: 930d39f238117cd53810240ec989d0356aa1c1f6 5445 5446commit bdcaf7939029433635d63aade8f9ac762aca2bbe 5447Author: Darren Tucker <dtucker@dtucker.net> 5448Date: Wed May 10 18:50:46 2023 +1000 5449 5450 Special case OpenWrt instead of Dropbear. 5451 5452 OpenWrt overrides the location of authorized_keys for root. Currently we 5453 assume that all Dropbear installations behave this way, which is not the 5454 case. Check for OpenWrt and root user before using that location instead 5455 of assuming that for all Dropbear servers. Prompted by Github PR#250. 5456 5457 SSH-Copy-ID-Upstream: 0e1f5d443a9967483c33945793107ae3f3e4af2d 5458 5459commit cf84498f67abe93f813a296167b406a0db7b288e 5460Author: Philip Hands <phil@hands.com> 5461Date: Thu May 18 18:20:55 2023 +0200 5462 5463 ssh-copy-id: add -x option (for debugging) 5464 5465 This option causes the ssh-copy-id to run with set -x 5466 5467 SSH-Copy-ID-Upstream: a0ee367ea8c0a29c8b4515245e408d2d349e7844 5468 5469commit b4a1efdcb88f03394c08e7f68ed4e11676830002 5470Author: Philip Hands <phil@hands.com> 5471Date: Thu May 18 17:14:41 2023 +0200 5472 5473 update copyright notices 5474 5475 SSH-Copy-ID-Upstream: c284ed33b361814ea48ff68cbd01ca525b2bf117 5476 5477commit fcd78e31cdd45a7e69ccfe6d8a3b1037dc1de290 5478Author: djm@openbsd.org <djm@openbsd.org> 5479Date: Wed May 24 23:01:06 2023 +0000 5480 5481 upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand 5482 5483 appears previously in configuration. Reported by John Meyers in bz3574 ok 5484 dtucker@ 5485 5486 OpenBSD-Commit-ID: 1c92e4517284386703936e1d3abaa36cfacf1951 5487 5488commit 5ec5504f1d328d5bfa64280cd617c3efec4f78f3 5489Author: dtucker@openbsd.org <dtucker@openbsd.org> 5490Date: Wed May 10 10:04:20 2023 +0000 5491 5492 upstream: Remove unused prototypes for ssh1 RSA functions. 5493 5494 From lengyijun via github PR#396. 5495 5496 OpenBSD-Commit-ID: 379a5afa8b7a0f3cba0c8a9bcceb4e5e33a5c1ef 5497 5498commit fbf362b3891ae4b36052d1b39f37fc618b41c476 5499Author: Darren Tucker <dtucker@dtucker.net> 5500Date: Tue May 9 19:26:56 2023 +1000 5501 5502 main(void) to prevent unused variable warning. 5503 5504commit baf854c8bb0a6d0af5c696c801e631a48dabbaba 5505Author: Darren Tucker <dtucker@dtucker.net> 5506Date: Tue May 9 19:25:45 2023 +1000 5507 5508 Remove warning pragma since clang doesn't like it. 5509 5510commit 5fbb7a1349fbbb48ccb1b8cafff2c1854370d87d 5511Author: Darren Tucker <dtucker@dtucker.net> 5512Date: Tue May 9 17:13:33 2023 +1000 5513 5514 Suppress warning for snprintf truncation test. 5515 5516commit 47742c513e4e045ecc985c6483fc5c8b050acda2 5517Author: Darren Tucker <dtucker@dtucker.net> 5518Date: Tue May 9 17:12:50 2023 +1000 5519 5520 Update OpenSSL compat test for 3.x. 5521 5522commit 86ad25d455a2313126125540e61e0f9314283f88 5523Author: Darren Tucker <dtucker@dtucker.net> 5524Date: Mon May 8 20:23:08 2023 +1000 5525 5526 Add macos13 PAM test target. 5527 5528commit 77cca2c4b13bc6e5f389565583b6202b0d1bccc2 5529Author: Darren Tucker <dtucker@dtucker.net> 5530Date: Mon May 8 20:14:46 2023 +1000 5531 5532 Skip agent-peereid test on macos13. 5533 5534 sudo -S nobody doesn't work on the github runners (probably a 5535 permission issue) so skip that test. 5536 5537commit b356b8e91678ea295bcf44df5248c3fbf499fdcf 5538Author: Darren Tucker <dtucker@dtucker.net> 5539Date: Mon May 8 20:14:28 2023 +1000 5540 5541 Include config.guess in debug output. 5542 5543commit b7afd8a4ecaca8afd3179b55e9db79c0ff210237 5544Author: Darren Tucker <dtucker@dtucker.net> 5545Date: Mon May 8 20:12:59 2023 +1000 5546 5547 Handle OpenSSL >=3 ABI compatibility. 5548 5549 Beyond OpenSSL 3.0, the ABI compatibility guarantees are wider (only 5550 major must match instead of major and minor in earlier versions). 5551 bz#3548, ok djm@ 5552 5553commit 0e9e2663eb2c6e9c3e10d15d70418312ae67e542 5554Author: dtucker@openbsd.org <dtucker@openbsd.org> 5555Date: Mon May 1 08:57:29 2023 +0000 5556 5557 upstream: Import regenerated moduli. 5558 5559 OpenBSD-Commit-ID: 3d5f811cfcaed8cc4a97e1db49ac61bdf118113c 5560 5561commit d9687f49682e1e93383fc15ab2018850b2ef38c3 5562Author: Darren Tucker <dtucker@dtucker.net> 5563Date: Mon May 1 11:45:14 2023 +1000 5564 5565 Add macos-13 test target. 5566 5567 Also flatten OS list for clarity. 5568 5569commit aacfd6767497b8fa6d41ecdd3f8e265d1e9ef1f6 5570Author: djm@openbsd.org <djm@openbsd.org> 5571Date: Sun Apr 30 22:54:22 2023 +0000 5572 5573 upstream: adjust ftruncate() logic to handle servers that reorder 5574 5575 requests. 5576 5577 sftp/scp will ftruncate the destination file after a transfer completes, 5578 to deal with the case where a longer destination file already existed. 5579 We tracked the highest contiguous block transferred to deal with this 5580 case, but our naive tracking doesn't deal with servers that reorder 5581 requests - a misfeature strictly permitted by the protocol but seldom 5582 implemented. 5583 5584 Adjust the logic to ftruncate() at the highest absolute block received 5585 when the transfer is successful. feedback deraadt@ ok markus@ 5586 5587 prompted by https://github.com/openssh/openssh-portable/commit/9b733#commitcomment-110679778 5588 5589 OpenBSD-Commit-ID: 4af7fac75958ad8507b4fea58706f3ff0cfddb1b 5590 5591commit c8eb3941758615c8284a48fff47872db926da63c 5592Author: djm@openbsd.org <djm@openbsd.org> 5593Date: Wed Apr 26 01:36:03 2023 +0000 5594 5595 upstream: Check for ProxyJump=none in CanonicalizeHostname logic. 5596 5597 Previously ssh would incorrectly refuse to canonicalise the hostname 5598 if ProxyJump was explicitly set to "none" when CanonicalizeHostname=yes 5599 5600 bz3567; ok dtucker 5601 5602 OpenBSD-Commit-ID: 80a58e43c3a32f97361282f756ec8d3f37989efd 5603 5604commit ac383f3a5c6f529a2e8a5bc44af79a08c7da294e 5605Author: jsg@openbsd.org <jsg@openbsd.org> 5606Date: Wed Apr 12 14:22:04 2023 +0000 5607 5608 upstream: remove duplicate signal.h include 5609 5610 OpenBSD-Commit-ID: 30c0a34d74d91ddd0e6992525da70d3293392f70 5611 5612commit 740dafa20f3f3d325f6f5d44e990b8c8a6d3d816 5613Author: jsg@openbsd.org <jsg@openbsd.org> 5614Date: Wed Apr 12 08:53:54 2023 +0000 5615 5616 upstream: fix double words ok dtucker@ 5617 5618 OpenBSD-Commit-ID: 44d3223902fbce5276422bdc8063ab72a4078489 5619 5620commit 6452f89577ec4f22440c31b8e19b061d1a7c4b2a 5621Author: Darren Tucker <dtucker@dtucker.net> 5622Date: Tue Apr 11 16:49:19 2023 +1000 5623 5624 Test against LibreSSL 3.7.2. 5625 5626commit 2138f6be595ca106fe4805a1e3ab9c4d8acc697b 5627Author: Damien Miller <djm@mindrot.org> 5628Date: Thu Apr 6 14:33:10 2023 +1000 5629 5630 remove unused upper-case const strings in fmtfp 5631 5632 no float format that uses upper-case is supported nor are hex floats. 5633 ok dtucker 5634 5635commit 484c5e6168fdb22cbcd73c4ff987cf9ca47989ca 5636Author: djm@openbsd.org <djm@openbsd.org> 5637Date: Thu Apr 6 03:56:02 2023 +0000 5638 5639 upstream: simplify sshsig_find_principals() similar to what happened to 5640 5641 sshsig_check_allowed_keys() in r1.31, removing some dead code 5642 5643 OpenBSD-Commit-ID: a493e628d4d6c08f878c276d998f4313ba61702d 5644 5645commit 3a7b110fbc7e096423f8f7b459deffe4c65d70f4 5646Author: djm@openbsd.org <djm@openbsd.org> 5647Date: Thu Apr 6 03:21:31 2023 +0000 5648 5649 upstream: remove redundant ssh!=NULL check; we'd already 5650 5651 dereferenced it 5652 5653 OpenBSD-Commit-ID: 852bf12591ec5a9fb12dcbde9b1fd3945ad0df3c 5654 5655commit 2519110659a1efac6c976895a86659d1b341c91b 5656Author: djm@openbsd.org <djm@openbsd.org> 5657Date: Thu Apr 6 03:19:32 2023 +0000 5658 5659 upstream: match_user() shouldn't be called with user==NULL unless 5660 5661 host and ipaddr are also NULL 5662 5663 OpenBSD-Commit-ID: fa3518346c21483e9e01a2e4b9436ae501daf8ea 5664 5665commit 3b9ceaad7ad63c1c03c2a89e148340ad3a62a482 5666Author: djm@openbsd.org <djm@openbsd.org> 5667Date: Thu Apr 6 03:12:32 2023 +0000 5668 5669 upstream: don't care about glob() return value here. 5670 5671 OpenBSD-Commit-ID: 85bb82fea90478a482e9f65a1bec0aa24227fd66 5672 5673commit 09d8da0849e2791b2500267cda333cd238f38754 5674Author: dtucker@openbsd.org <dtucker@openbsd.org> 5675Date: Mon Apr 3 08:10:54 2023 +0000 5676 5677 upstream: Move up null check and simplify process_escapes. 5678 5679 Based on Coverity CID 291863 which points out we check the channel 5680 pointer for NULLness after dereferencing it. Move this to the start 5681 of the function, and while there simplify initialization of efc a bit. 5682 ok djm@ 5683 5684 OpenBSD-Commit-ID: de36e5ad6fde0fe263ca134e986b9095dc59380a 5685 5686commit b36b162be5e6206f12b734222b7bc517c13a6bc8 5687Author: Damien Miller <djm@mindrot.org> 5688Date: Fri Mar 31 14:51:20 2023 +1100 5689 5690 need va_end() after va_copy(); ok dtucker 5691 5692 spotted by Coverity 5693 5694commit f703757234a5c585553e72bba279b255a272750a 5695Author: dtucker@openbsd.org <dtucker@openbsd.org> 5696Date: Fri Mar 31 05:56:36 2023 +0000 5697 5698 upstream: Explicitly ignore return from waitpid here too. 5699 5700 OpenBSD-Commit-ID: eef2403df083c61028969fc679ee370373eacacb 5701 5702commit 6b73aa29035991d1448a1a76f63ac152a6bf931c 5703Author: dtucker@openbsd.org <dtucker@openbsd.org> 5704Date: Fri Mar 31 04:45:08 2023 +0000 5705 5706 upstream: Explictly ignore return codes 5707 5708 where we don't check them. 5709 5710 OpenBSD-Commit-ID: 1ffb03038ba1b6b72667be50cf5e5e396b5f2740 5711 5712commit 6f0308a3e717ebe68eeb3f95253612fab5dbf20e 5713Author: dtucker@openbsd.org <dtucker@openbsd.org> 5714Date: Fri Mar 31 04:42:29 2023 +0000 5715 5716 upstream: Return immediately from get_sock_port 5717 5718 if sock <0 so we don't call getsockname on a negative FD. From Coverity 5719 CID 291840, ok djm@ 5720 5721 OpenBSD-Commit-ID: de1c1130646230c2eda559831fc6bfd1b61d9618 5722 5723commit 1c1124dc901fca1ea2cb762044b8f1a5793a2bed 5724Author: djm@openbsd.org <djm@openbsd.org> 5725Date: Fri Mar 31 04:23:02 2023 +0000 5726 5727 upstream: don't leak arg2 on parse_pubkey_algos error path; ok 5728 5729 dtucker@ 5730 5731 OpenBSD-Commit-ID: 7d0270ad3dd102412ca76add2b3760518abdef75 5732 5733commit 8ba2d4764bb6a4701cd447d8b52604622ffe65f4 5734Author: djm@openbsd.org <djm@openbsd.org> 5735Date: Fri Mar 31 04:22:27 2023 +0000 5736 5737 upstream: clamp max number of GSSAPI mechanisms to 2048; ok dtucker 5738 5739 OpenBSD-Commit-ID: ce66db603a913d3dd57063e330cb5494d70722c4 5740 5741commit 1883841fc13d0eada8743cac5d3abe142ee2efa7 5742Author: djm@openbsd.org <djm@openbsd.org> 5743Date: Fri Mar 31 04:21:56 2023 +0000 5744 5745 upstream: don't print key if printing hostname failed; with/ok 5746 5747 dtucker@ 5748 5749 OpenBSD-Commit-ID: ad42971a6ee5a46feab2d79f7f656f8cf4b119f3 5750 5751commit c6011129cafe4c411f6ef670a4cf271314708eb8 5752Author: djm@openbsd.org <djm@openbsd.org> 5753Date: Fri Mar 31 04:04:15 2023 +0000 5754 5755 upstream: remove redundant test 5756 5757 OpenBSD-Commit-ID: 6a0b719f9b1ae9d42ad8c5b144c7962c93792f7c 5758 5759commit 4fb29eeafb40a2076c0dbe54e46b687c318f87aa 5760Author: djm@openbsd.org <djm@openbsd.org> 5761Date: Fri Mar 31 04:00:37 2023 +0000 5762 5763 upstream: don't attempt to decode a ridiculous number of 5764 5765 attributes; harmless because of bounds elsewhere, but better to be explicit 5766 5767 OpenBSD-Commit-ID: 1a34f4b6896155b80327d15dc7ccf294b538a9f2 5768 5769commit fc437c154ef724621a4af236de9bc7e51a8381ae 5770Author: djm@openbsd.org <djm@openbsd.org> 5771Date: Fri Mar 31 03:22:49 2023 +0000 5772 5773 upstream: remove unused variable; prompted by Coverity CID 291879 5774 5775 OpenBSD-Commit-ID: 4c7d20ef776887b0ba1aabcfc1b14690e4ad0a40 5776 5777commit 0eb8131e4a53b33a8fc9b9ab694e6b6778b87ade 5778Author: dtucker@openbsd.org <dtucker@openbsd.org> 5779Date: Fri Mar 31 00:44:29 2023 +0000 5780 5781 upstream: Check fd against >=0 instead of >0 in error path. The 5782 5783 dup could in theory return fd 0 although currently it doesn't in practice. 5784 From Dmitry Belyavskiy vi github PR#238. 5785 5786 OpenBSD-Commit-ID: 4a95f3f7330394dffee5c749d52713cbf3b54846 5787 5788commit 7174ba6f8a431ca4257767a260fc50e204068242 5789Author: dtucker@openbsd.org <dtucker@openbsd.org> 5790Date: Thu Mar 30 07:19:50 2023 +0000 5791 5792 upstream: Ignore return value from muxclient(). It normally loops 5793 5794 without returning, but it if returns on failure we immediately exit. 5795 Coverity CID 405050. 5796 5797 OpenBSD-Commit-ID: ab3fde6da384ea588226037c38635a6b2e015295 5798 5799commit a4c1c2513e36f111eeaa1322c510067930e5e51e 5800Author: Damien Miller <djm@mindrot.org> 5801Date: Fri Mar 31 14:17:22 2023 +1100 5802 5803 don't call connect() on negative socket 5804 5805 Coverity CID 405037 5806 5807commit 34ee842cdd981a759fe8f0d4a37521f9a1c63170 5808Author: djm@openbsd.org <djm@openbsd.org> 5809Date: Thu Mar 30 03:05:01 2023 +0000 5810 5811 upstream: return SSH_ERR_KEY_NOT_FOUND if the allowed_signers file 5812 5813 is empty, not SSH_ERR_INTERNAL_ERROR. Also remove some dead code spotted 5814 by Coverity; with/ok dtucker@ 5815 5816 OpenBSD-Commit-ID: 898a1e817cda9869554b1f586a434f67bcc3b650 5817 5818commit f108e77a9dc9852e72215af1bf27731c48434557 5819Author: dtucker@openbsd.org <dtucker@openbsd.org> 5820Date: Thu Mar 30 00:49:37 2023 +0000 5821 5822 upstream: Remove dead code from inside if block. 5823 5824 The only way the if statement can be true is if both dup()s fail, and 5825 in that case the tmp2 can never be set. Coverity CID 291805, ok djm@ 5826 5827 OpenBSD-Commit-ID: c0d6089b3fb725015462040cd94e23237449f0c8 5828 5829commit 05b8e88ebe23db690abbfb1a91111abea09cde08 5830Author: Darren Tucker <dtucker@dtucker.net> 5831Date: Thu Mar 30 13:53:29 2023 +1100 5832 5833 child_set_eng: verify both env pointer and count. 5834 5835 If child_set env was called with a NULL env pointer and a non-zero count 5836 it would end up in a null deref, although we don't currently do this. 5837 Prompted by Coverity CID 291850, tweak & ok djm@ 5838 5839commit 28f1b8ef9b84b8cd2f6c9889a0c60aa4a90dadfa 5840Author: dtucker@openbsd.org <dtucker@openbsd.org> 5841Date: Wed Mar 29 01:07:48 2023 +0000 5842 5843 upstream: Ignore return from sshpkt_disconnect 5844 5845 since we set our own return value for the function. Coverity CID 291797, 5846 ok djm@ 5847 5848 OpenBSD-Commit-ID: 710b57ba954c139240895e23feea41f203201f04 5849 5850commit c3da05d95922f5550bcc7815e799474d6a160175 5851Author: dtucker@openbsd.org <dtucker@openbsd.org> 5852Date: Wed Mar 29 00:59:08 2023 +0000 5853 5854 upstream: Plug potential mem leak in process_put. 5855 5856 It allocates abs_dst inside a loop but only frees it on exit, so free 5857 inside the loop if necessary. Coverity CID 291837, ok djm@ 5858 5859 OpenBSD-Commit-ID: a01616503a185519b16f00dde25d34ceaf4ae1a3 5860 5861commit 13ae327eae598b1043e5ec30e4b170edb3c898a5 5862Author: djm@openbsd.org <djm@openbsd.org> 5863Date: Wed Mar 29 00:18:35 2023 +0000 5864 5865 upstream: fix memory leak; Coverity CID 291848 5866 5867 with/ok dtucker@ 5868 5869 OpenBSD-Commit-ID: 37f80cb5d075ead5a00ad1b74175684ab1156ff8 5870 5871commit 9ffa76e1284c85bf459c3dcb8e995733a8967e1b 5872Author: dtucker@openbsd.org <dtucker@openbsd.org> 5873Date: Tue Mar 28 07:44:32 2023 +0000 5874 5875 upstream: Plug more mem leaks in sftp by making 5876 5877 make_absolute_pwd_glob work in the same way as make_absolute: you 5878 pass it a dynamically allocated string and it either returns it, or 5879 frees it and allocates a new one. Patch from emaste at freebsd.org and 5880 https://reviews.freebsd.org/D37253 ok djm@ 5881 5882 OpenBSD-Commit-ID: 85f7404e9d47fd28b222fbc412678f3361d2dffc 5883 5884commit 82b2b8326962b1a98af279bc5bbbbbcab15b3e45 5885Author: dtucker@openbsd.org <dtucker@openbsd.org> 5886Date: Tue Mar 28 06:12:38 2023 +0000 5887 5888 upstream: Remove compat code for OpenSSL < 1.1.* 5889 5890 since -portable no longer supports them. 5891 5892 OpenBSD-Commit-ID: ea2893783331947cd29a67612b4e56f818f185ff 5893 5894commit b500afcf00ae1b6b73b2ccf171111dfbfeaef74d 5895Author: dtucker@openbsd.org <dtucker@openbsd.org> 5896Date: Mon Mar 27 23:56:54 2023 +0000 5897 5898 upstream: Remove compat code for OpenSSL 1.0.* 5899 5900 versions now that -portable has dropped support for those versions. 5901 5902 OpenBSD-Regress-ID: 82a8eacd87aec28e4aa19f17246ddde9d5ce7fe7 5903 5904commit 727560e6011efcb36d2f3ac6910444bc775abaa1 5905Author: Darren Tucker <dtucker@dtucker.net> 5906Date: Tue Mar 28 18:06:42 2023 +1100 5907 5908 Prevent conflicts between Solaris SHA2 and OpenSSL. 5909 5910 We used to prevent conflicts between native SHA2 headers and OpenSSL's 5911 by setting OPENSSL_NO_SHA but that was removed prior to OpenSSL 1.1.0 5912 5913commit 46db8e14b7f186d32173dcdecd5b785334429b8b 5914Author: Darren Tucker <dtucker@dtucker.net> 5915Date: Tue Mar 28 12:44:03 2023 +1100 5916 5917 Remove HEADER_SHA_H from previous... 5918 5919 since it causes more problems than it solves. 5920 5921commit 72bd68d37387aa5f81da928f6e82f1c88ed8f674 5922Author: Darren Tucker <dtucker@dtucker.net> 5923Date: Tue Mar 28 10:35:18 2023 +1100 5924 5925 Replace OPENSSL_NO_SHA with HEADER_SHA_H. 5926 5927 Since this test doesn't use OpenSSL's SHA2 and may cause conflicts we 5928 don't want to include it, but OPENSSL_NO_SHA was removed beginning in 5929 OpenSSL's 1.1 series. 5930 5931commit 99668f2e6e0deb833e46cfab56db59ff0fc28c7e 5932Author: Darren Tucker <dtucker@dtucker.net> 5933Date: Tue Mar 28 09:50:06 2023 +1100 5934 5935 Configure with --target instead of deprecated form. 5936 5937commit f751d9306c62cd1061f966e6a7483d9bab9c379b 5938Author: Darren Tucker <dtucker@dtucker.net> 5939Date: Mon Mar 27 22:05:29 2023 +1100 5940 5941 Pass rpath when building 64bit Solaris. 5942 5943commit a64b935cd450ee8d04c26c9cd728629cf9ca5c91 5944Author: Darren Tucker <dtucker@dtucker.net> 5945Date: Mon Mar 27 19:21:19 2023 +1100 5946 5947 Explicitly disable OpenSSL on AIX test VM. 5948 5949commit 7ebc6f060fc2f70495a56e16d210baae6424cd96 5950Author: dtucker@openbsd.org <dtucker@openbsd.org> 5951Date: Mon Mar 27 03:56:50 2023 +0000 5952 5953 upstream: Add RevokedHostKeys to percent expansion test. 5954 5955 OpenBSD-Regress-ID: c077fd12a38005dd53d878c5b944154dec88d2ff 5956 5957commit f1a17de150f8d309d0c52f9abfaebf11c51a8537 5958Author: dtucker@openbsd.org <dtucker@openbsd.org> 5959Date: Mon Mar 27 03:56:11 2023 +0000 5960 5961 upstream: Add tilde and environment variable expansion to 5962 5963 RevokedHostKeys. bz#3552, ok djm@ 5964 5965 OpenBSD-Commit-ID: ce5d8e0219b63cded594c17d4c2958c06918ec0d 5966 5967commit 009eb4cb48a9708ab9174684dcbcc0f942907abe 5968Author: djm@openbsd.org <djm@openbsd.org> 5969Date: Mon Mar 27 03:31:05 2023 +0000 5970 5971 upstream: fix test: getnameinfo returns a non-zero value on error, not 5972 5973 (neccessarily) -1. From GHPR#384 5974 5975 OpenBSD-Commit-ID: d35e2b71268f66f5543a7ea68751972b3ae22b25 5976 5977commit 4f0a676486700f10a4788f7e9426e94e39c1c89e 5978Author: djm@openbsd.org <djm@openbsd.org> 5979Date: Mon Mar 27 03:25:08 2023 +0000 5980 5981 upstream: scp: when copying local->remote, check that source file 5982 5983 exists before opening SFTP connection to the server. Based on GHPR#370 ok 5984 dtucker, markus 5985 5986 OpenBSD-Commit-ID: b4dd68e15bfe22ce4fac9960a1066a2b721e54fb 5987 5988commit 154d8baf631327163571760c2c524bc93c37567c 5989Author: Darren Tucker <dtucker@dtucker.net> 5990Date: Mon Mar 27 12:22:30 2023 +1100 5991 5992 Also look for gdb error message from OpenIndiana. 5993 5994commit fbd3811ddb2b6ce2e6dba91fde7352c8978e5412 5995Author: Darren Tucker <dtucker@dtucker.net> 5996Date: Mon Mar 27 11:08:00 2023 +1100 5997 5998 Explicitly disable security key test on aix51 VM. 5999 6000 We don't know how to build the shared objects required for the security 6001 key tests so skip them. 6002 6003commit 4922ac3be8a996780ef3dc220411da2e27c29d9c 6004Author: Darren Tucker <dtucker@dtucker.net> 6005Date: Sun Mar 26 14:49:43 2023 +1100 6006 6007 Split libcrypto and other config flags. 6008 6009 This should allow the automatic OpenSSL version selection in the tests 6010 to work better. 6011 6012commit 4a948b1469f185e871160a2d70e2a0fce2858f9e 6013Author: Darren Tucker <dtucker@dtucker.net> 6014Date: Sun Mar 26 14:39:45 2023 +1100 6015 6016 Specify test target if we build without OpenSSL. 6017 6018 When we decide we can't use the versions of OpenSSL available, also 6019 restrict the tests we run to avoid the ones that need OpenSSL. 6020 6021commit b308c636f5b5d89eecb98be00b3d56306a005a09 6022Author: Darren Tucker <dtucker@dtucker.net> 6023Date: Sun Mar 26 14:22:53 2023 +1100 6024 6025 Find suitable OpenSSL version. 6026 6027 Check the installed OpenSSL versions for a suitable one, and if there 6028 isn't (and we don't have a specific version configured) then build 6029 without OpenSSL. 6030 6031commit 021ea5c2860f133f44790970968e0e73208b3a87 6032Author: Damien Miller <djm@mindrot.org> 6033Date: Fri Mar 24 15:02:52 2023 +1100 6034 6035 Github testing support for BoringSSL 6036 6037commit 9a97cd106466a2a9bda2bfaa4c48c4f1b2cc9c1b 6038Author: Damien Miller <djm@mindrot.org> 6039Date: Fri Mar 24 15:34:29 2023 +1100 6040 6041 BoringSSL doesn't support EC_POINT_point2bn() 6042 6043 so don't invoke it in unittest 6044 6045commit cc5969c033a032d126ff78e5d95cf20abbede4c7 6046Author: Damien Miller <djm@mindrot.org> 6047Date: Fri Mar 24 15:34:05 2023 +1100 6048 6049 another ERR_load_CRYPTO_strings() vestige 6050 6051commit 4974293899a068133e976f81d6693670d2b576ca 6052Author: Damien Miller <djm@mindrot.org> 6053Date: Fri Mar 24 15:24:05 2023 +1100 6054 6055 don't use obsolete ERR_load_CRYPTO_strings() 6056 6057 OpenSSL (and elsewhere in OpenSSH) uses ERR_load_crypto_strings() 6058 6059commit 3c527d55f906e6970d17c4cab6db90ae9e013235 6060Author: Damien Miller <djm@mindrot.org> 6061Date: Fri Mar 24 15:23:05 2023 +1100 6062 6063 Allow building with BoringSSL 6064 6065commit b7e27cfd7f163fc16b4c5d041cc28ee488a5eeec 6066Author: Damien Miller <djm@mindrot.org> 6067Date: Fri Mar 24 15:21:18 2023 +1100 6068 6069 put back SSLeay_version compat in configure test 6070 6071 Needed to detect old versions and give good "your version is bad" 6072 messages at configure time; spotted by dtucker@ 6073 6074commit 7280401bdd77ca54be6867a154cc01e0d72612e0 6075Author: Damien Miller <djm@mindrot.org> 6076Date: Fri Mar 24 13:56:25 2023 +1100 6077 6078 remove support for old libcrypto 6079 6080 OpenSSH now requires LibreSSL 3.1.0 or greater or 6081 OpenSSL 1.1.1 or greater 6082 6083 with/ok dtucker@ 6084 6085commit abda22fb48302f2142233f71d27c74040288c518 6086Author: Darren Tucker <dtucker@dtucker.net> 6087Date: Sun Mar 19 15:36:13 2023 +1100 6088 6089 Test latest OpenSSL 1.1, 3.0 and LibreSSL 3.7. 6090 6091commit 610ac1cb077cd5a1ebfc21612154bfa13d2ec825 6092Author: Darren Tucker <dtucker@dtucker.net> 6093Date: Thu Mar 16 21:38:04 2023 +1100 6094 6095 Show 9.3 branch instead of 9.2. 6096 6097commit cb30fbdbee869f1ce11f06aa97e1cb8717a0b645 6098Author: Damien Miller <djm@mindrot.org> 6099Date: Thu Mar 16 08:28:19 2023 +1100 6100 6101 depend 6102 6103commit 1dba63eb10c40b6fda9f5012ed6ae87e2d3d028e 6104Author: Damien Miller <djm@mindrot.org> 6105Date: Thu Mar 16 08:27:54 2023 +1100 6106 6107 crank version 6108 6109commit ba7532d0dac9aaf0ad7270664c43837fc9f64a5f 6110Author: djm@openbsd.org <djm@openbsd.org> 6111Date: Wed Mar 15 21:19:57 2023 +0000 6112 6113 upstream: openssh-9.3 6114 6115 OpenBSD-Commit-ID: 8011495f2449c1029bb316bd015eab2e00509848 6116 6117commit 6fd4daafb949b66bf555f3100f715a9ec64c3390 6118Author: dtucker@openbsd.org <dtucker@openbsd.org> 6119Date: Tue Mar 14 07:28:47 2023 +0000 6120 6121 upstream: Free KRL ptr in addition to its contents. 6122 6123 From Coverity CID 291841, ok djm@ 6124 6125 OpenBSD-Commit-ID: f146ba08b1b43af4e0d7ad8c4dae3748b4fa31b6 6126 6127commit 1d270bd303afaf6d94e9098cbbf18e5e539e2088 6128Author: dtucker@openbsd.org <dtucker@openbsd.org> 6129Date: Tue Mar 14 07:26:25 2023 +0000 6130 6131 upstream: Check pointer for NULL before deref. 6132 6133 None of the existing callers seem to do that, but it's worth checking. 6134 From Coverity CID 291834, ok djm@ 6135 6136 OpenBSD-Commit-ID: a0a97113f192a7cb1a2c97b932f677f573cda7a4 6137 6138commit d95af508e78c0cd3dce56b83853baaa59ae295cf 6139Author: dtucker@openbsd.org <dtucker@openbsd.org> 6140Date: Sun Mar 12 10:40:39 2023 +0000 6141 6142 upstream: Limit number of entries in SSH2_MSG_EXT_INFO 6143 6144 request. This is already constrained by the maximum SSH packet size but this 6145 makes it explicit. Prompted by Coverity CID 291868, ok djm@ markus@ 6146 6147 OpenBSD-Commit-ID: aea023819aa44a2dcb9dd0fbec10561896fc3a09 6148 6149commit 8f287ba60d342b3e2f750e7332d2131e3ec7ecd0 6150Author: dtucker@openbsd.org <dtucker@openbsd.org> 6151Date: Sun Mar 12 09:41:18 2023 +0000 6152 6153 upstream: calloc can return NULL but xcalloc can't. 6154 6155 From Coverity CID 291881, ok djm@ 6156 6157 OpenBSD-Commit-ID: 50204b755f66b2ec7ac3cfe379d07d85ca161d2b 6158 6159commit 83a56a49fd50f4acf900f934279482e4ef329715 6160Author: dtucker@openbsd.org <dtucker@openbsd.org> 6161Date: Fri Mar 10 07:17:08 2023 +0000 6162 6163 upstream: Explicitly ignore return from fcntl 6164 6165 (... FD_CLOEXEC) here too. Coverity CID 291853. 6166 6167 OpenBSD-Commit-ID: 99d8b3da9d0be1d07ca8dd8e98800a890349e9b5 6168 6169commit 0fda9d704d3bbf54a5e64ce02a6fecb11fe7f047 6170Author: Damien Miller <djm@mindrot.org> 6171Date: Fri Mar 10 15:59:46 2023 +1100 6172 6173 bounds checking for getrrsetbyname() replacement; 6174 6175 Spotted by Coverity in CID 405033; ok millert@ 6176 6177commit 89b8df518f21677045599df0ad3e5dd0f39909b5 6178Author: dtucker@openbsd.org <dtucker@openbsd.org> 6179Date: Fri Mar 10 04:06:21 2023 +0000 6180 6181 upstream: Plug mem leak on error path. Coverity CID 405026, ok djm@. 6182 6183 OpenBSD-Commit-ID: 8212ca05d01966fb5e72205c592b2257708a2aac 6184 6185commit bf4dae0ad192c3e2f03f7223834b00d88ace3d3e 6186Author: Darren Tucker <dtucker@dtucker.net> 6187Date: Fri Mar 10 14:46:57 2023 +1100 6188 6189 Add prototypes for mkstemp replacements. 6190 6191 Should prevent warnings due to our wrapper function. 6192 6193commit 4e04d68d6a33cdc73b831fd4b5e6124175555d3d 6194Author: dtucker@openbsd.org <dtucker@openbsd.org> 6195Date: Fri Mar 10 03:01:51 2023 +0000 6196 6197 upstream: Expliticly ignore return code from fcntl(.. FD_CLOEXEC) since 6198 6199 there's not much we can do anyway. From Coverity CID 291857, ok djm@ 6200 6201 OpenBSD-Commit-ID: 051429dd07af8db3fec10d82cdc78d90bb051729 6202 6203commit d6d38fd77cbe091c59e1bb720c3a494df4990640 6204Author: djm@openbsd.org <djm@openbsd.org> 6205Date: Fri Mar 10 02:32:04 2023 +0000 6206 6207 upstream: Like sshd_config, some ssh_config options are not 6208 6209 first-match-wins. sshd_config.5 was fixed in r1.348, this is the same for 6210 this file 6211 6212 OpenBSD-Commit-ID: 7be55b9351cde449b136afcc52d07aa4113b215e 6213 6214commit 7187d3f86bf8f2066cc9941f217d23b0cacae25e 6215Author: dtucker@openbsd.org <dtucker@openbsd.org> 6216Date: Fri Mar 10 02:24:56 2023 +0000 6217 6218 upstream: Remove no-op (int) > INT_MAX checks 6219 6220 since they can never be true. From Coverity CID 405031, ok djm@ 6221 6222 OpenBSD-Commit-ID: 9df3783b181e056595e2bb9edf7ed41d61cf8e84 6223 6224commit 77adde4305542ebe3005dd456122624fe2347b01 6225Author: Darren Tucker <dtucker@dtucker.net> 6226Date: Fri Mar 10 13:27:29 2023 +1100 6227 6228 Wrap mkstemp calls with umask set/restore. 6229 6230 glibc versions 2.06 and earlier did not set a umask on files created by 6231 mkstemp created the world-writable. Wrap mkstemp to set and restore 6232 the umask. From Coverity (CIDs 291826 291886 291891), ok djm@ 6233 6234commit 633d3dc2a1e9e2a013d019a0576a0771c8423713 6235Author: jcs@openbsd.org <jcs@openbsd.org> 6236Date: Thu Mar 9 21:06:24 2023 +0000 6237 6238 upstream: modify parentheses in conditionals to make it clearer what is 6239 6240 being assigned and what is being checked 6241 6242 ok djm dtucker 6243 6244 OpenBSD-Commit-ID: 19c10baa46ae559474409f75a5cb3d0eade7a9b8 6245 6246commit 733030840c4772f858de95d5940ec0c37663e8b0 6247Author: dtucker@openbsd.org <dtucker@openbsd.org> 6248Date: Thu Mar 9 07:11:05 2023 +0000 6249 6250 upstream: Re-split the merge of the reorder-hostkeys test. 6251 6252 In the kex_proposal_populate_entries change I merged the the check for 6253 reordering hostkeys with the actual reordering, but kex_assemble_names 6254 mutates options.hostkeyalgorithms which renders the check ineffective. 6255 Put the check back where it was. Spotted and tested by jsg@, ok djm@ 6256 6257 OpenBSD-Commit-ID: a7469f25a738db5567395d1881e32479a7ffc9de 6258 6259commit 54ac4ab2b53ce9fcb66b8250dee91c070e4167ed 6260Author: djm@openbsd.org <djm@openbsd.org> 6261Date: Thu Mar 9 06:58:26 2023 +0000 6262 6263 upstream: include destination constraints for smartcard keys too. 6264 6265 Spotted by Luci Stanescu; ok deraadt@ markus@ 6266 6267 OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f 6268 6269commit bfd1ad01d974a316b60622759ad17537fa2d92b4 6270Author: Darren Tucker <dtucker@dtucker.net> 6271Date: Thu Mar 9 18:24:54 2023 +1100 6272 6273 Limit the number of PAM environment variables. 6274 6275 xcalloc has its own limits, but these are specific to PAM. From 6276 Coverity CID 405198, ok djm@ 6277 6278commit a231414970e01a35f45a295d5f93698fa1249b28 6279Author: Darren Tucker <dtucker@dtucker.net> 6280Date: Thu Mar 9 18:19:44 2023 +1100 6281 6282 Limit the number of PAM environment variables. 6283 6284 From Coverity CID 405194, tweaks and ok djm@ 6285 6286commit 36c6c3eff5e4a669ff414b9daf85f919666e8e03 6287Author: dtucker@openbsd.org <dtucker@openbsd.org> 6288Date: Wed Mar 8 06:21:32 2023 +0000 6289 6290 upstream: Plug mem leak. Coverity CID 405196, ok djm@ 6291 6292 OpenBSD-Commit-ID: 175f09349387c292f626da68f65f334faaa085f2 6293 6294commit dfb9b736e1ccf9e6b03eea21cd961f4fd0634c98 6295Author: tb@openbsd.org <tb@openbsd.org> 6296Date: Wed Mar 8 05:33:53 2023 +0000 6297 6298 upstream: ssh-pkcs11: synchronize error messages with errors 6299 6300 A handful of error messages contained incorrect function names or 6301 otherwise inaccurate descriptions. Fix them to match reality. 6302 6303 input/ok djm 6304 6305 OpenBSD-Commit-ID: 165a15db52f75b31e1804b043480c36af09f3411 6306 6307commit 51875897b81b5c21b80c256a29597916edbde454 6308Author: guenther@openbsd.org <guenther@openbsd.org> 6309Date: Wed Mar 8 04:43:12 2023 +0000 6310 6311 upstream: Delete obsolete /* ARGSUSED */ lint comments. 6312 6313 ok miod@ millert@ 6314 6315 OpenBSD-Commit-ID: 7be168a570264d59e96a7d2d22e927d45fee0e4c 6316 6317commit a76085bda883c2104afb33ab0334eca190927362 6318Author: Darren Tucker <dtucker@dtucker.net> 6319Date: Wed Mar 8 17:25:37 2023 +1100 6320 6321 Extra brackets to prevent warning. 6322 6323commit 147ae57d4dfa0508109f93b78a7d8b92819e1f83 6324Author: djm@openbsd.org <djm@openbsd.org> 6325Date: Wed Mar 8 00:05:58 2023 +0000 6326 6327 upstream: use RSA/SHA256 when testing usability of private key in 6328 6329 agent; with/ok dtucker 6330 6331 OpenBSD-Commit-ID: fe1382e2fdf23fcae631308e72342bad56066a56 6332 6333commit 27fd251bc906a763e70ce0f27c8abdf8bbd1e416 6334Author: djm@openbsd.org <djm@openbsd.org> 6335Date: Wed Mar 8 00:05:37 2023 +0000 6336 6337 upstream: use RSA/SHA256 when testing usability of private key; 6338 6339 based on fix in bz3546 by Dmitry Belyavskiy; with/ok dtucker 6340 6341 OpenBSD-Commit-ID: 0ef414cc363a832f9fab92a5da0234448bce2eba 6342 6343commit eee9f3fc3d52ae7d2106929bb06b7f291fb0b81a 6344Author: djm@openbsd.org <djm@openbsd.org> 6345Date: Tue Mar 7 21:47:42 2023 +0000 6346 6347 upstream: refactor to be more readable top to bottom. Prompted by 6348 6349 Coverity CID 405048 which was a false-positive fd leak; ok dtucker@ 6350 6351 OpenBSD-Commit-ID: fc55ec2af622a017defb9b768bf26faefc792c00 6352 6353commit 42a06b29a4c99272bf690f9b3be520b08b448dc5 6354Author: Darren Tucker <dtucker@dtucker.net> 6355Date: Tue Mar 7 18:34:41 2023 +1100 6356 6357 Add header changes missed in previous. 6358 6359commit 4710077096edff2e6926dd5b15bf586491d317db 6360Author: dtucker@openbsd.org <dtucker@openbsd.org> 6361Date: Tue Mar 7 06:09:14 2023 +0000 6362 6363 upstream: Fix mem leak in environment setup. 6364 6365 From jjelen at redhat.com via bz#2687, ok djm@ 6366 6367 OpenBSD-Commit-ID: 9f9e4ba3cac003e6f81da3bcebd1b9ec43e7f353 6368 6369commit 03acc50d0ccb78fc91d1570de1cd0fdfea646028 6370Author: dtucker@openbsd.org <dtucker@openbsd.org> 6371Date: Mon Mar 6 12:15:47 2023 +0000 6372 6373 upstream: Unit test for kex_proposal_populate_entries. 6374 6375 OpenBSD-Regress-ID: bdb211d80d572a08bf14b49fe2a58b9ff265c006 6376 6377commit 3f9231c2e1f374ebb08016ba00ea97b47c0ed20b 6378Author: djm@openbsd.org <djm@openbsd.org> 6379Date: Tue Mar 7 05:37:26 2023 +0000 6380 6381 upstream: fix memory leak in process_read() path; Spotted by James 6382 6383 Robinson in GHPR363; ok markus@ 6384 6385 OpenBSD-Commit-ID: cdc2d98e6478b7e7f3a36976845adae3820429d8 6386 6387commit c5e6e890839ec520ab9301a92cba56303749dea2 6388Author: djm@openbsd.org <djm@openbsd.org> 6389Date: Tue Mar 7 01:30:52 2023 +0000 6390 6391 upstream: correct size for array argument when changing 6392 6393 UMAC_OUTPUT_LEN Coverity CID 291845; ok dtucker@ 6394 6395 OpenBSD-Commit-ID: 2eb017d10705bb623d4418691f961c930eafaec0 6396 6397commit 9641753e0fd146204d57b2a4165f552a81afade4 6398Author: dtucker@openbsd.org <dtucker@openbsd.org> 6399Date: Mon Mar 6 12:14:48 2023 +0000 6400 6401 upstream: Refactor creation of KEX proposal. 6402 6403 This adds kex_proposal_populate_entries (and corresponding free) which 6404 populates the KEX proposal array with dynamically allocated strings. 6405 This replaces the previous mix of static and dynamic that has been the 6406 source of previous leaks and bugs. Remove unused compat functions. 6407 With & ok djm@. 6408 6409 OpenBSD-Commit-ID: f2f99da4aae2233cb18bf9c749320c5e040a9c7b 6410 6411commit aa59d6a489fb20973fa461d0fdb1110db412947b 6412Author: dtucker@openbsd.org <dtucker@openbsd.org> 6413Date: Sun Mar 5 09:24:35 2023 +0000 6414 6415 upstream: Fix mem and FILE leaks in moduli screening. 6416 6417 If multiple -Ocheckpoint= options are passed, the earlier ones would 6418 be overwritten and leaked. If we use an input file that wasn't stdin, 6419 close that. From Coverity CIDs 291884 and 291894. 6420 6421 OpenBSD-Commit-ID: a4d9d15f572926f841788912e2b282485ad09e8b 6422 6423commit 23b8cb41767af99a1aac24589d1882d9c8c2c205 6424Author: dtucker@openbsd.org <dtucker@openbsd.org> 6425Date: Sun Mar 5 08:18:58 2023 +0000 6426 6427 upstream: Plug mem leak in moduli checkpoint option parsing. 6428 6429 From Coverity CID 291894. 6430 6431 OpenBSD-Commit-ID: 9b1aba2d049741ae21c8dc4560a7e29ab17310f4 6432 6433commit fc7f8f2188d4a4fc8ba77eddbe863c7665666db5 6434Author: dtucker@openbsd.org <dtucker@openbsd.org> 6435Date: Sun Mar 5 05:34:09 2023 +0000 6436 6437 upstream: Remove unused compat.h includes. 6438 6439 We've previously removed a lot of the really old compatibility code, 6440 and with it went the need to include compat.h in most of the files that 6441 have it. 6442 6443 OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4 6444 6445commit 6c165c36246d8004c20e1df5cec4961a5ac422d6 6446Author: dtucker@openbsd.org <dtucker@openbsd.org> 6447Date: Sat Mar 4 03:22:59 2023 +0000 6448 6449 upstream: Use time_t for x11 timeout. 6450 6451 Use time_t instead of u_int for remaining x11 timeout checks for 64bit 6452 time_t safety. From Coverity CIDs 405197 and 405028, ok djm@ 6453 6454 OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972 6455 6456commit 4a3918f51bd2d968387e7aa87e33b32c78077fb4 6457Author: dtucker@openbsd.org <dtucker@openbsd.org> 6458Date: Fri Mar 3 10:23:42 2023 +0000 6459 6460 upstream: Ensure ms_remain is always initialized 6461 6462 similar to what we do in ssh_packet_write_wait. bz#2687, from jjelen 6463 at redhat.com. 6464 6465 OpenBSD-Commit-ID: a50e0541cf823f8d1c72f71ccde925d3dbe6dfac 6466 6467commit e44846a4487d2885ac7f2610be09b1e2bf52249b 6468Author: dtucker@openbsd.org <dtucker@openbsd.org> 6469Date: Fri Mar 3 09:48:51 2023 +0000 6470 6471 upstream: Check for non-NULL before string 6472 6473 comparison. From jjelen at redhat.com via bz#2687. 6474 6475 OpenBSD-Commit-ID: 0d9b2e0cac88a311b5766b1aef737082583c285f 6476 6477commit 1842d523fae63b862ce8e60725c9b606cddb86a6 6478Author: djm@openbsd.org <djm@openbsd.org> 6479Date: Fri Mar 3 05:00:34 2023 +0000 6480 6481 upstream: guard against getsockname(-1, ...) from Coverity CID 6482 6483 291832 6484 6485 OpenBSD-Commit-ID: e58d5227327917d189229b7f0b37d2780f360d5f 6486 6487commit 78571a5fe9847d40d7f220c92b707574ae9ec4ce 6488Author: djm@openbsd.org <djm@openbsd.org> 6489Date: Fri Mar 3 04:36:20 2023 +0000 6490 6491 upstream: some options are not first-match-wins. Mention that there 6492 6493 are exceptions at the start of the manpage and label some of them in the 6494 option description. 6495 6496 OpenBSD-Commit-ID: 3b74728446fa6fc8742769eeb8c3674e233e84c4 6497 6498commit d1c1b3272e8895a96c4f5889bd6e07a8525bd9f1 6499Author: djm@openbsd.org <djm@openbsd.org> 6500Date: Fri Mar 3 04:34:49 2023 +0000 6501 6502 upstream: actually print "channeltimeout none" in config dump mode; 6503 6504 spotted via Coverity CID 405022 6505 6506 OpenBSD-Commit-ID: b074b52bf138b75f08264e8da15880b29c7a630f 6507 6508commit 8bf61e95610b48192d4e1720cc15d9004617301d 6509Author: Darren Tucker <dtucker@dtucker.net> 6510Date: Fri Mar 3 14:50:03 2023 +1100 6511 6512 Add Coverity badges. 6513 6514commit 93291bd723959adf462b1df958106cf07a7734dd 6515Author: dtucker@openbsd.org <dtucker@openbsd.org> 6516Date: Fri Mar 3 03:12:24 2023 +0000 6517 6518 upstream: Check return values of dup2. Spotted by Coverity, ok djm@ 6519 6520 OpenBSD-Commit-ID: 19fb1b53072826d00c67df677731d2f6c1dd602b 6521 6522commit e37261dff33af23f37202cfce0848d36f5c1055c 6523Author: dtucker@openbsd.org <dtucker@openbsd.org> 6524Date: Fri Mar 3 02:37:58 2023 +0000 6525 6526 upstream: Use time_t for x11_refuse_time timeout. We need 6527 6528 SSH_TIME_T_MAX for this, so move from misc.c to misc.h so it's available. 6529 Fixes a Coverity warning for 64bit time_t safety, ok djm@ 6530 6531 OpenBSD-Commit-ID: c69c4c3152cdaab953706db4ccf4d5fd682f7d8d 6532 6533commit 32755a98c29114b13f4c9d47454bbb265b932ad7 6534Author: dtucker@openbsd.org <dtucker@openbsd.org> 6535Date: Fri Mar 3 02:34:29 2023 +0000 6536 6537 upstream: Check return value from fctnl and warn on failure. 6538 6539 Spotted by Coverity, ok djm@ 6540 6541 OpenBSD-Commit-ID: 2097c7db3cf657f1e3a6c5077041bacc63143cab 6542 6543commit 5fc60e8246c36b8255f72a937ebe9787b39648c6 6544Author: dtucker@openbsd.org <dtucker@openbsd.org> 6545Date: Thu Mar 2 11:10:27 2023 +0000 6546 6547 upstream: Remove SUDO in proxy command wrapper. Anything that needs 6548 6549 sudo is already run by it, and it breaks if root isn't in sudoers. 6550 6551 OpenBSD-Regress-ID: 6cf22fda32a89c16915f31a6ed9bbdbef2a3bac9 6552 6553commit 0d514659b23a257247491179cfbb53a6dd64e164 6554Author: dtucker@openbsd.org <dtucker@openbsd.org> 6555Date: Thu Mar 2 08:24:41 2023 +0000 6556 6557 upstream: Fix breakage on dhgex test. 6558 6559 This was due to the sshd logs being written to the wrong log file. 6560 While there, make save_debug_logs less verbose, write the name of the 6561 tarball to regress.log and use $SUDO to remove the old symlinks (which 6562 shouldn't be needed, but won't hurt). Initial problem spotted by anton@. 6563 6564 OpenBSD-Regress-ID: 9c44fb9cd418e6ff31165e7a6c1f9f11a6d19f5b 6565 6566commit 860201201d4ae655702807966901682cff30a171 6567Author: dtucker@openbsd.org <dtucker@openbsd.org> 6568Date: Thu Mar 2 08:14:52 2023 +0000 6569 6570 upstream: Quote grep and log message better. 6571 6572 OpenBSD-Regress-ID: 3823d9063127169736aa274b1784cb28e15b64d4 6573 6574commit 03a03c6002525f5ad9c8fc874a5d5826a35d9858 6575Author: dtucker@openbsd.org <dtucker@openbsd.org> 6576Date: Thu Mar 2 06:41:56 2023 +0000 6577 6578 upstream: Always call fclose on checkpoints. 6579 6580 In the case of an fprintf failure we would not call fclose which would 6581 leak the FILE pointer. While we're there, try to clean up the temp file 6582 on failure. Spotted by Coverity, ok djm@ 6583 6584 OpenBSD-Commit-ID: 73c7ccc5d4fcc235f54c6b20767a2815408525ef 6585 6586commit 13fe8f9785e6d90400ce548939a0b0ddc11fcb3c 6587Author: dtucker@openbsd.org <dtucker@openbsd.org> 6588Date: Wed Mar 1 21:54:50 2023 +0000 6589 6590 upstream: Remove old log symlinks 6591 6592 before creating new ones. In -portable some platforms don't like 6593 overwriting existing symlinks. 6594 6595 OpenBSD-Regress-ID: 7e7ddc0beb73e945e1c4c58d51c8a125b518120f 6596 6597commit 131fcbcaffd1e3bcf5ab766ec497b5d768955310 6598Author: Darren Tucker <dtucker@dtucker.net> 6599Date: Wed Mar 1 23:23:02 2023 +1100 6600 6601 Adjust test jobs for new log directory. 6602 6603commit a6f4ac8a2baf77e5361cfa017d0dc250d1409bec 6604Author: dtucker@openbsd.org <dtucker@openbsd.org> 6605Date: Wed Mar 1 09:29:32 2023 +0000 6606 6607 upstream: Rework logging for the regression tests. 6608 6609 Previously we would log to ssh.log and sshd.log, but that is insufficient 6610 for tests that have more than one concurent ssh/sshd. 6611 6612 Instead, we'll log to separate datestamped files in a $OBJ/log/ and 6613 leave a symlink at the previous location pointing at the most recent 6614 instance with an entry in regress.log showing which files were created 6615 at each point. This should be sufficient to reconstruct what happened 6616 even for tests that use multiple instances of each program. If the test 6617 fails, tar up all of the logs for later analysis. 6618 6619 This will let us also capture the output from some of the other tools 6620 which was previously sent to /dev/null although most of those will be 6621 in future commits. 6622 6623 OpenBSD-Regress-ID: f802aa9e7fa51d1a01225c05fb0412d015c33e24 6624 6625commit 8ead62ed5e86c7df597d8604f332f49cd1527b85 6626Author: dtucker@openbsd.org <dtucker@openbsd.org> 6627Date: Tue Feb 28 21:31:50 2023 +0000 6628 6629 upstream: fatal out if allocating banner string fails to avoid 6630 6631 potential null deref later in sscanf. Spotted by Coverity, ok deraadt@ 6632 6633 OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5 6634 6635commit 44ca56ba0b3f531f1d85730cc701097cd49e6868 6636Author: dtucker@openbsd.org <dtucker@openbsd.org> 6637Date: Tue Feb 28 08:45:24 2023 +0000 6638 6639 upstream: Explicitly ignore return from fchmod 6640 6641 similar to other calls to prevent warning. 6642 6643 OpenBSD-Commit-ID: fdc5287dcee0860b5a493186414226c655b0eb0a 6644 6645commit 803392933a3a6f09f834aa5f0c2aab06a3b382f4 6646Author: dtucker@openbsd.org <dtucker@openbsd.org> 6647Date: Mon Feb 27 22:12:40 2023 +0000 6648 6649 upstream: Plug mem leak on globbed ls error path. 6650 6651 Spotted by Coverity, ok deraadt@ 6652 6653 OpenBSD-Commit-ID: de28476025db29820a9a2e56e98b964d8a02861c 6654 6655commit aa33b4d396abf47a2a45f982f28d054fb1dcb5c3 6656Author: Darren Tucker <dtucker@dtucker.net> 6657Date: Mon Feb 27 21:04:22 2023 +1100 6658 6659 Cast time_t's in debug output to long long. 6660 6661 Should fix Coverity warning about truncation of 64bit time_t. 6662 6663commit b0fd60a9de62a03189ad57d0c07f0ac51dc00e95 6664Author: Darren Tucker <dtucker@dtucker.net> 6665Date: Mon Feb 27 17:28:59 2023 +1100 6666 6667 Do shadow expiry calcs using "long long". 6668 6669 Coverity flags these as potentially not 64bit time_t safe so use 6670 long long for the calculations and debug output. ok djm@ 6671 6672commit 01dbeb3084d714bbd001ff9d03b9de542e8cdf58 6673Author: Damien Miller <djm@mindrot.org> 6674Date: Mon Feb 27 17:07:52 2023 +1100 6675 6676 avoid clash between for getopt's struct option 6677 6678 Since we don't use getopt_long() nothing outside the getopt() 6679 implementation itself uses this structure, so move it into the 6680 source to remove it from visibility and clashes with libc's 6681 6682 ok dtucker@ 6683 6684commit eb88d07c43afe407094e7d609248d85a15e148ef 6685Author: Darren Tucker <dtucker@dtucker.net> 6686Date: Sat Feb 25 14:45:41 2023 +1100 6687 6688 Revert explicit chmods on private keys. 6689 6690 This should no longer be needed on Cygwin test runners due to previous 6691 commit. 6692 6693commit 52b75db61030a6c8baf66b73644380cf3f58e26a 6694Author: Darren Tucker <dtucker@dtucker.net> 6695Date: Sat Feb 25 14:43:28 2023 +1100 6696 6697 Remove extended ACLs from working dirs. 6698 6699 This should allow umask to work as expected and prevent tests from 6700 failing due to excessive permissions on private keys. 6701 6702commit 0c5d4c843df5605b043a758d69f9a611ef63c479 6703Author: Darren Tucker <dtucker@dtucker.net> 6704Date: Fri Feb 24 13:44:13 2023 +1100 6705 6706 Explicitly set permissions on user and host keys. 6707 6708 On cygwin, the umask might not be sufficient. Should fix tests on 6709 Github runners. 6710 6711commit 6c9fc9d7a9f7abf82c3294d74e6d4a25735862ce 6712Author: djm@openbsd.org <djm@openbsd.org> 6713Date: Wed Feb 22 03:56:43 2023 +0000 6714 6715 upstream: fix progressmeter corruption on wide displays; bz3534 6716 6717 feedback/ok dtucker@ 6718 6719 OpenBSD-Commit-ID: f4affee067cec7c182f3e0b307d758e0472762a3 6720 6721commit fe0bd3cde9665d364e5eedd2c2c2e60d4cdc3786 6722Author: dtucker@openbsd.org <dtucker@openbsd.org> 6723Date: Tue Feb 21 06:48:18 2023 +0000 6724 6725 upstream: fseek to end of known_hosts before writing to it. 6726 6727 POSIX and ANSI C require that applications call fseek or similar between 6728 read and writing to a RW file. OpenBSD doesn't enforce this, but some 6729 (System V derived) platforms need this to prevent it from writing a 6730 spurious extra byte (in this case, a newline). ok djm@ deraadt@ 6731 6732 OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137 6733 6734commit 357fb8ae14c07cd025eeed66e73de91bab569849 6735Author: Darren Tucker <dtucker@dtucker.net> 6736Date: Tue Feb 21 17:51:09 2023 +1100 6737 6738 Also run unit tests on AIX VMs. 6739 6740 In the past these tests took too long, but these days it only adds 6741 about 5 min to the run. 6742 6743commit 17781aaa5188ee1477f7779b280d105512e3dbed 6744Author: Darren Tucker <dtucker@dtucker.net> 6745Date: Tue Feb 21 17:38:55 2023 +1100 6746 6747 Wrap stdint.h inside ifdef. 6748 6749commit ef798bad38505f7bf1b5fa5c0843dfc5a2b192b9 6750Author: Mayank Sharma <mayank.fit2010@gmail.com> 6751Date: Mon Feb 20 17:37:15 2023 +0530 6752 6753 Add includes to ptimeout test. 6754 6755 Fixes test failures on AIX due to type mismatches. 6756 6757commit ab69dda05d5268454209f529fa80f477e60d846a 6758Author: Darren Tucker <dtucker@dtucker.net> 6759Date: Mon Feb 20 18:24:39 2023 +1100 6760 6761 Always use the openssl binary configure tells us. 6762 6763 This fixes tests on platforms that do not have the openssl tool 6764 installed at all. 6765