xref: /freebsd/crypto/openssh/ChangeLog (revision 642870485c089b57000fe538d3485e272b038d59)
1commit 99522ba7ec6963a05c04a156bf20e3ba3605987c
2Author: Damien Miller <djm@mindrot.org>
3Date:   Thu Jul 28 08:54:27 2016 +1000
4
5    define _OPENBSD_SOURCE for reallocarray on NetBSD
6
7    Report by and debugged with Hisashi T Fujinaka, dtucker nailed
8    the problem (lack of prototype causing return type confusion).
9
10commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187
11Author: Damien Miller <djm@mindrot.org>
12Date:   Wed Jul 27 08:25:42 2016 +1000
13
14    KNF
15
16commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331
17Author: Damien Miller <djm@mindrot.org>
18Date:   Wed Jul 27 08:25:23 2016 +1000
19
20    Linux auditing also needs packet.h
21
22commit 393bd381a45884b589baa9aed4394f1d250255ca
23Author: Damien Miller <djm@mindrot.org>
24Date:   Wed Jul 27 08:18:05 2016 +1000
25
26    fix auditing on Linux
27
28    get_remote_ipaddr() was replaced with ssh_remote_ipaddr()
29
30commit 80e766fb089de4f3c92b1600eb99e9495e37c992
31Author: Damien Miller <djm@mindrot.org>
32Date:   Sun Jul 24 21:50:13 2016 +1000
33
34    crank version numbers
35
36commit b1a478792d458f2e938a302e64bab2b520edc1b3
37Author: djm@openbsd.org <djm@openbsd.org>
38Date:   Sun Jul 24 11:45:36 2016 +0000
39
40    upstream commit
41
42    openssh-7.3
43
44    Upstream-ID: af106a7eb665f642648cf1993e162c899f358718
45
46commit 353766e0881f069aeca30275ab706cd60a1a8fdd
47Author: Darren Tucker <dtucker@zip.com.au>
48Date:   Sat Jul 23 16:14:42 2016 +1000
49
50    Move Cygwin IPPORT_RESERVED overrride to defines.h
51
52    Patch from vinschen at redhat.com.
53
54commit 368dd977ae07afb93f4ecea23615128c95ab2b32
55Author: djm@openbsd.org <djm@openbsd.org>
56Date:   Sat Jul 23 02:54:08 2016 +0000
57
58    upstream commit
59
60    fix pledge violation with ssh -f; reported by Valentin
61    Kozamernik ok dtucker@
62
63    Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
64
65commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e
66Author: djm@openbsd.org <djm@openbsd.org>
67Date:   Fri Jul 22 07:00:46 2016 +0000
68
69    upstream commit
70
71    improve wording; suggested by jmc@
72
73    Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8
74
75commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8
76Author: dtucker@openbsd.org <dtucker@openbsd.org>
77Date:   Fri Jul 22 05:46:11 2016 +0000
78
79    upstream commit
80
81    Lower loglevel for "Authenticated with partial success"
82    message similar to other similar level.  bz#2599, patch from cgallek at
83    gmail.com, ok markus@
84
85    Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
86
87commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6
88Author: Damien Miller <djm@mindrot.org>
89Date:   Fri Jul 22 14:06:36 2016 +1000
90
91    retry waitpid on EINTR failure
92
93    patch from Jakub Jelen on bz#2581; ok dtucker@
94
95commit da88a70a89c800e74ea8e5661ffa127a3cc79a92
96Author: djm@openbsd.org <djm@openbsd.org>
97Date:   Fri Jul 22 03:47:36 2016 +0000
98
99    upstream commit
100
101    constify a few functions' arguments; patch from Jakub
102    Jelen bz#2581
103
104    Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d
105
106commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf
107Author: djm@openbsd.org <djm@openbsd.org>
108Date:   Fri Jul 22 03:39:13 2016 +0000
109
110    upstream commit
111
112    move debug("%p", key) to before key is free'd; probable
113    undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581
114
115    Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
116
117commit 286f5a77c3bfec1e8892ca268087ac885ac871bf
118Author: djm@openbsd.org <djm@openbsd.org>
119Date:   Fri Jul 22 03:35:11 2016 +0000
120
121    upstream commit
122
123    reverse the order in which -J/JumpHost proxies are visited to
124    be more intuitive and document
125
126    reported by and manpage bits naddy@
127
128    Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a
129
130commit fcd135c9df440bcd2d5870405ad3311743d78d97
131Author: dtucker@openbsd.org <dtucker@openbsd.org>
132Date:   Thu Jul 21 01:39:35 2016 +0000
133
134    upstream commit
135
136    Skip passwords longer than 1k in length so clients can't
137    easily DoS sshd by sending very long passwords, causing it to spend CPU
138    hashing them. feedback djm@, ok markus@.
139
140    Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
141    360.cn and coredump at autistici.org
142
143    Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
144
145commit 324583e8fb3935690be58790425793df619c6d4d
146Author: naddy@openbsd.org <naddy@openbsd.org>
147Date:   Wed Jul 20 10:45:27 2016 +0000
148
149    upstream commit
150
151    Do not clobber the global jump_host variables when
152    parsing an inactive configuration.  ok djm@
153
154    Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31
155
156commit 32d921c323b989d28405e78d0a8923d12913d737
157Author: jmc@openbsd.org <jmc@openbsd.org>
158Date:   Tue Jul 19 12:59:16 2016 +0000
159
160    upstream commit
161
162    tweak previous;
163
164    Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534
165
166commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025
167Author: dtucker@openbsd.org <dtucker@openbsd.org>
168Date:   Tue Jul 19 11:38:53 2016 +0000
169
170    upstream commit
171
172    Allow wildcard for PermitOpen hosts as well as ports.
173    bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com.  ok
174    markus@
175
176    Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
177
178commit b98a2a8348e907b3d71caafd80f0be8fdd075943
179Author: markus@openbsd.org <markus@openbsd.org>
180Date:   Mon Jul 18 11:35:33 2016 +0000
181
182    upstream commit
183
184    Reduce timing attack against obsolete CBC modes by always
185    computing the MAC over a fixed size of data. Reported by Jean Paul
186    Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@
187
188    Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912
189
190commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc
191Author: Darren Tucker <dtucker@zip.com.au>
192Date:   Thu Jul 21 14:17:31 2016 +1000
193
194    Search users for one with a valid salt.
195
196    If the root account is locked (eg password "!!" or "*LK*") keep looking
197    until we find a user with a valid salt to use for crypting passwords of
198    invalid users.  ok djm@
199
200commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782
201Author: Darren Tucker <dtucker@zip.com.au>
202Date:   Mon Jul 18 17:22:49 2016 +1000
203
204    Explicitly specify source files for regress tools.
205
206    Since adding $(REGRESSLIBS), $? is wrong because it includes only the
207    changed source files.  $< seems like it'd be right however it doesn't
208    seem to work on some non-GNU makes, so do what works everywhere.
209
210commit eac1bbd06872c273f16ac0f9976b0aef026b701b
211Author: Darren Tucker <dtucker@zip.com.au>
212Date:   Mon Jul 18 17:12:22 2016 +1000
213
214    Conditionally include err.h.
215
216commit 0a454147568746c503f669e1ba861f76a2e7a585
217Author: Darren Tucker <dtucker@zip.com.au>
218Date:   Mon Jul 18 16:26:26 2016 +1000
219
220    Remove local implementation of err, errx.
221
222    We now have a shared implementation in libopenbsd-compat.
223
224commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1
225Author: djm@openbsd.org <djm@openbsd.org>
226Date:   Mon Jul 18 06:08:01 2016 +0000
227
228    upstream commit
229
230    Add some unsigned overflow checks for extra_pad. None of
231    these are reachable with the amount of padding that we use internally.
232    bz#2566, pointed out by Torben Hansen. ok markus@
233
234    Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76
235
236commit c71ba790c304545464bb494de974cdf0f4b5cf1e
237Author: Darren Tucker <dtucker@zip.com.au>
238Date:   Mon Jul 18 15:43:25 2016 +1000
239
240    Add dependency on libs for unit tests.
241
242    Makes "./configure && make tests" work again.  ok djm@
243
244commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8
245Author: Darren Tucker <dtucker@zip.com.au>
246Date:   Mon Jul 18 13:47:39 2016 +1000
247
248    Correct location for kexfuzz in clean target.
249
250commit 01558b7b07af43da774d3a11a5c51fa9c310849d
251Author: Darren Tucker <dtucker@zip.com.au>
252Date:   Mon Jul 18 09:33:25 2016 +1000
253
254    Handle PAM_MAXTRIES from modules.
255
256    bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer
257    password and keyboard-interative authentication methods.  Should prevent
258    "sshd ignoring max retries" warnings in the log.  ok djm@
259
260    It probably won't trigger with keyboard-interactive in the default
261    configuration because the retry counter is stored in module-private
262    storage which goes away with the sshd PAM process (see bz#688).  On the
263    other hand, those cases probably won't log a warning either.
264
265commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc
266Author: djm@openbsd.org <djm@openbsd.org>
267Date:   Sun Jul 17 04:20:16 2016 +0000
268
269    upstream commit
270
271    support UTF-8 characters in ssh(1) banners using
272    schwarze@'s safe fmprintf printer; bz#2058
273
274    feedback schwarze@ ok dtucker@
275
276    Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
277
278commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7
279Author: jmc@openbsd.org <jmc@openbsd.org>
280Date:   Sat Jul 16 06:57:55 2016 +0000
281
282    upstream commit
283
284    - add proxyjump to the options list - formatting fixes -
285    update usage()
286
287    ok djm
288
289    Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
290
291commit af1f084857621f14bd9391aba8033d35886c2455
292Author: dtucker@openbsd.org <dtucker@openbsd.org>
293Date:   Fri Jul 15 05:01:58 2016 +0000
294
295    upstream commit
296
297    Reduce the syslog level of some relatively common protocol
298    events from LOG_CRIT by replacing fatal() calls with logdie().  Part of
299    bz#2585, ok djm@
300
301    Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5
302
303commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f
304Author: Damien Miller <djm@mindrot.org>
305Date:   Fri Jul 15 19:14:48 2016 +1000
306
307    missing openssl/dh.h
308
309commit 4a984fd342effe5f0aad874a0d538c4322d973c0
310Author: Damien Miller <djm@mindrot.org>
311Date:   Fri Jul 15 18:47:07 2016 +1000
312
313    cast to avoid type warning in error message
314
315commit 5abfb15ced985c340359ae7fb65a625ed3692b3e
316Author: Darren Tucker <dtucker@zip.com.au>
317Date:   Fri Jul 15 14:48:30 2016 +1000
318
319    Move VA_COPY macro into compat header.
320
321    Some AIX compilers unconditionally undefine va_copy but don't set it back
322    to an internal function, causing link errors.  In some compat code we
323    already use VA_COPY instead so move the two existing instances into the
324    shared header and use for sshbuf-getput-basic.c too.  Should fix building
325    with at lease some versions of AIX's compiler.  bz#2589, ok djm@
326
327commit 832b7443b7a8e181c95898bc5d73497b7190decd
328Author: Damien Miller <djm@mindrot.org>
329Date:   Fri Jul 15 14:45:34 2016 +1000
330
331    disable ciphers not supported by OpenSSL
332
333    bz#2466 ok dtucker@
334
335commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8
336Author: Damien Miller <djm@mindrot.org>
337Date:   Fri Jul 15 13:54:31 2016 +1000
338
339    add a --disable-pkcs11 knob
340
341commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9
342Author: Damien Miller <djm@mindrot.org>
343Date:   Fri Jul 15 13:44:38 2016 +1000
344
345    fix newline escaping for unsupported_algorithms
346
347    The hmac-ripemd160 was incorrect and could lead to broken
348    Makefiles on systems that lacked support for it, but I made
349    all the others consistent too.
350
351commit ed877ef653847d056bb433975d731b7a1132a979
352Author: djm@openbsd.org <djm@openbsd.org>
353Date:   Fri Jul 15 00:24:30 2016 +0000
354
355    upstream commit
356
357    Add a ProxyJump ssh_config(5) option and corresponding -J
358    ssh(1) command-line flag to allow simplified indirection through a SSH
359    bastion or "jump host".
360
361    These options construct a proxy command that connects to the
362    specified jump host(s) (more than one may be specified) and uses
363    port-forwarding to establish a connection to the next destination.
364
365    This codifies the safest way of indirecting connections through SSH
366    servers and makes it easy to use.
367
368    ok markus@
369
370    Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
371
372commit 5c02dd126206a26785379e80f2d3848e4470b711
373Author: Darren Tucker <dtucker@zip.com.au>
374Date:   Fri Jul 15 12:56:39 2016 +1000
375
376    Map umac_ctx struct name too.
377
378    Prevents size mismatch linker warnings on Solaris 11.
379
380commit 283b97ff33ea2c641161950849931bd578de6946
381Author: Darren Tucker <dtucker@zip.com.au>
382Date:   Fri Jul 15 13:49:44 2016 +1000
383
384    Mitigate timing of disallowed users PAM logins.
385
386    When sshd decides to not allow a login (eg PermitRootLogin=no) and
387    it's using PAM, it sends a fake password to PAM so that the timing for
388    the failure is not noticeably different whether or not the password
389    is correct.  This behaviour can be detected by sending a very long
390    password string which is slower to hash than the fake password.
391
392    Mitigate by constructing an invalid password that is the same length
393    as the one from the client and thus takes the same time to hash.
394    Diff from djm@
395
396commit 9286875a73b2de7736b5e50692739d314cd8d9dc
397Author: Darren Tucker <dtucker@zip.com.au>
398Date:   Fri Jul 15 13:32:45 2016 +1000
399
400    Determine appropriate salt for invalid users.
401
402    When sshd is processing a non-PAM login for a non-existent user it uses
403    the string from the fakepw structure as the salt for crypt(3)ing the
404    password supplied by the client.  That string has a Blowfish prefix, so on
405    systems that don't understand that crypt will fail fast due to an invalid
406    salt, and even on those that do it may have significantly different timing
407    from the hash methods used for real accounts (eg sha512).  This allows
408    user enumeration by, eg, sending large password strings.  This was noted
409    by EddieEzra.Harari at verint.com (CVE-2016-6210).
410
411    To mitigate, use the same hash algorithm that root uses for hashing
412    passwords for users that do not exist on the system.  ok djm@
413
414commit a162dd5e58ca5b224d7500abe35e1ef32b5de071
415Author: Darren Tucker <dtucker@zip.com.au>
416Date:   Thu Jul 14 21:19:59 2016 +1000
417
418    OpenSSL 1.1.x not currently supported.
419
420commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb
421Author: Darren Tucker <dtucker@zip.com.au>
422Date:   Thu Jul 14 12:25:24 2016 +1000
423
424    Check for VIS_ALL.
425
426    If we don't have it, set BROKEN_STRNVIS to activate the compat replacement.
427
428commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0
429Author: dtucker@openbsd.org <dtucker@openbsd.org>
430Date:   Thu Jul 14 01:24:21 2016 +0000
431
432    upstream commit
433
434    Correct equal in test.
435
436    Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a
437
438commit 372807c2065c8572fdc6478b25cc5ac363743073
439Author: tb@openbsd.org <tb@openbsd.org>
440Date:   Mon Jul 11 21:38:13 2016 +0000
441
442    upstream commit
443
444    Add missing "recvfd" pledge promise: Raf Czlonka reported
445    ssh coredumps when Control* keywords were set in ssh_config. This patch also
446    fixes similar problems with scp and sftp.
447
448    ok deraadt, looks good to millert
449
450    Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b
451
452commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd
453Author: tedu@openbsd.org <tedu@openbsd.org>
454Date:   Mon Jul 11 03:19:44 2016 +0000
455
456    upstream commit
457
458    obsolete note about fascistloggin is obsolete. ok djm
459    dtucker
460
461    Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a
462
463commit a2333584170a565adf4f209586772ef8053b10b8
464Author: Darren Tucker <dtucker@zip.com.au>
465Date:   Thu Jul 14 10:59:09 2016 +1000
466
467    Add compat code for missing wcwidth.
468
469    If we don't have wcwidth force fallback implementations of nl_langinfo
470    and mbtowc.  Based on advice from Ingo Schwarze.
471
472commit 8aaec7050614494014c47510b7e94daf6e644c62
473Author: Damien Miller <djm@mindrot.org>
474Date:   Thu Jul 14 09:48:48 2016 +1000
475
476    fix missing include for systems with err.h
477
478commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243
479Author: Darren Tucker <dtucker@zip.com.au>
480Date:   Wed Jul 13 14:42:35 2016 +1000
481
482    Move err.h replacements into compat lib.
483
484    Move implementations of err.h replacement functions into their own file
485    in the libopenbsd-compat so we can use them in kexfuzz.c too.  ok djm@
486
487commit f3f2cc8386868f51440c45210098f65f9787449a
488Author: Darren Tucker <dtucker@zip.com.au>
489Date:   Mon Jul 11 17:23:38 2016 +1000
490
491    Check for wchar.h and langinfo.h
492
493    Wrap includes in the appropriate #ifdefs.
494
495commit b9c50614eba9d90939b2b119b6e1b7e03b462278
496Author: Damien Miller <djm@mindrot.org>
497Date:   Fri Jul 8 13:59:13 2016 +1000
498
499    whitelist more architectures for seccomp-bpf
500
501    bz#2590 - testing and patch from Jakub Jelen
502
503commit 18813a32b6fd964037e0f5e1893cb4468ac6a758
504Author: guenther@openbsd.org <guenther@openbsd.org>
505Date:   Mon Jul 4 18:01:44 2016 +0000
506
507    upstream commit
508
509    DEBUGLIBS has been broken since the gcc4 switch, so delete
510    it.  CFLAGS contains -g by default anyway
511
512    problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
513    ok millert@ kettenis@ deraadt@
514
515    Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542
516
517commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7
518Author: djm@openbsd.org <djm@openbsd.org>
519Date:   Fri Jul 8 03:44:42 2016 +0000
520
521    upstream commit
522
523    Improve crypto ordering for Encrypt-then-MAC (EtM) mode
524    MAC algorithms.
525
526    Previously we were computing the MAC, decrypting the packet and then
527    checking the MAC. This gave rise to the possibility of creating a
528    side-channel oracle in the decryption step, though no such oracle has
529    been identified.
530
531    This adds a mac_check() function that computes and checks the MAC in
532    one pass, and uses it to advance MAC checking for EtM algorithms to
533    before payload decryption.
534
535    Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and
536    Martin Albrecht. feedback and ok markus@
537
538    Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b
539
540commit 71f5598f06941f645a451948c4a5125c83828e1c
541Author: guenther@openbsd.org <guenther@openbsd.org>
542Date:   Mon Jul 4 18:01:44 2016 +0000
543
544    upstream commit
545
546    DEBUGLIBS has been broken since the gcc4 switch, so
547    delete it.  CFLAGS contains -g by default anyway
548
549    problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
550    ok millert@ kettenis@ deraadt@
551
552    Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603
553
554commit e683fc6f1c8c7295648dbda679df8307786ec1ce
555Author: dtucker@openbsd.org <dtucker@openbsd.org>
556Date:   Thu Jun 30 05:17:05 2016 +0000
557
558    upstream commit
559
560    Explicitly check for 100% completion to avoid potential
561    floating point rounding error, which could cause progressmeter to report 99%
562    on completion. While there invert the test so the 100% case is clearer.  with
563    & ok djm@
564
565    Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d
566
567commit 772e6cec0ed740fc7db618dc30b4134f5a358b43
568Author: jmc@openbsd.org <jmc@openbsd.org>
569Date:   Wed Jun 29 17:14:28 2016 +0000
570
571    upstream commit
572
573    sort the -o list;
574
575    Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac
576
577commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af
578Author: djm@openbsd.org <djm@openbsd.org>
579Date:   Thu Jun 23 05:17:51 2016 +0000
580
581    upstream commit
582
583    fix AuthenticationMethods during configuration re-parse;
584    reported by Juan Francisco Cantero Hurtado
585
586    Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4
587
588commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e
589Author: djm@openbsd.org <djm@openbsd.org>
590Date:   Sun Jun 19 07:48:02 2016 +0000
591
592    upstream commit
593
594    revert 1.34; causes problems loading public keys
595
596    reported by semarie@
597
598    Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179
599
600commit ad23a75509f4320d43f628c50f0817e3ad12bfa7
601Author: jmc@openbsd.org <jmc@openbsd.org>
602Date:   Fri Jun 17 06:33:30 2016 +0000
603
604    upstream commit
605
606    grammar fix;
607
608    Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463
609
610commit 5e28b1a2a3757548b40018cc2493540a17c82e27
611Author: djm@openbsd.org <djm@openbsd.org>
612Date:   Fri Jun 17 05:06:23 2016 +0000
613
614    upstream commit
615
616    translate OpenSSL error codes to something more
617    meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@
618
619    Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5
620
621commit b64faeb5eda7eff8210c754d00464f9fe9d23de5
622Author: djm@openbsd.org <djm@openbsd.org>
623Date:   Fri Jun 17 05:03:40 2016 +0000
624
625    upstream commit
626
627    ban AuthenticationMethods="" and accept
628    AuthenticationMethods=any for the default behaviour of not requiring multiple
629    authentication
630
631    bz#2398 from Jakub Jelen; ok dtucker@
632
633    Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27
634
635commit 9816fc5daee5ca924dd5c4781825afbaab728877
636Author: dtucker@openbsd.org <dtucker@openbsd.org>
637Date:   Thu Jun 16 11:00:17 2016 +0000
638
639    upstream commit
640
641    Include stdarg.h for va_copy as per man page.
642
643    Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd
644
645commit b6cf84b51bc0f5889db48bf29a0c771954ade283
646Author: jmc@openbsd.org <jmc@openbsd.org>
647Date:   Thu Jun 16 06:10:45 2016 +0000
648
649    upstream commit
650
651    keys stored in openssh format can have comments too; diff
652    from yonas yanfa, tweaked a bit;
653
654    ok djm
655
656    Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27
657
658commit aa37768f17d01974b6bfa481e5e83841b6c76f86
659Author: Darren Tucker <dtucker@zip.com.au>
660Date:   Mon Jun 20 15:55:34 2016 +1000
661
662    get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX
663
664    Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip
665    change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX.
666    Fixes build on AIX.
667
668commit 009891afc8df37bc2101e15d1e0b6433cfb90549
669Author: Darren Tucker <dtucker@zip.com.au>
670Date:   Fri Jun 17 14:34:09 2016 +1000
671
672    Remove duplicate code from PAM.  ok djm@
673
674commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba
675Author: dtucker@openbsd.org <dtucker@openbsd.org>
676Date:   Wed Jun 15 00:40:40 2016 +0000
677
678    upstream commit
679
680    Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message
681    about forward and reverse DNS not matching.  We haven't supported IP-based
682    auth methods for a very long time so it's now misleading.  part of bz#2585,
683    ok markus@
684
685    Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29
686
687commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd
688Author: Darren Tucker <dtucker@zip.com.au>
689Date:   Wed Jun 15 11:22:38 2016 +1000
690
691    Move platform_disable_tracing into its own file.
692
693    Prevents link errors resolving the extern "options" when platform.o
694    gets linked into ssh-agent when building --with-pam.
695
696commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070
697Author: Darren Tucker <dtucker@zip.com.au>
698Date:   Tue Jun 14 13:55:12 2016 +1000
699
700    Track skipped upstream commit IDs.
701
702    There are a small number of "upstream" commits that do not correspond to
703    a file in -portable.  This file tracks those so that we can reconcile
704    OpenBSD and Portable to ensure that no commits are accidentally missed.
705
706    If you add something to .skipped-commit-ids please also add an upstream
707    ID line in the following format when you commit it.
708
709        Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35
710        Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca
711        Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7
712        Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120
713        Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a
714        Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef
715        Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2
716        Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660
717        Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae
718        Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee
719
720commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f
721Author: Darren Tucker <dtucker@zip.com.au>
722Date:   Tue Jun 14 13:51:01 2016 +1000
723
724    Remove now-defunct .cvsignore files. ok djm
725
726commit 68777faf271efb2713960605c748f6c8a4b26d55
727Author: dtucker@openbsd.org <dtucker@openbsd.org>
728Date:   Wed Jun 8 02:13:01 2016 +0000
729
730    upstream commit
731
732    Back out rev 1.28 "Check min and max sizes sent by the
733    client" change. It caused "key_verify failed for server_host_key" in clients
734    that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY.
735    ok djm@
736
737    Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65
738
739commit a86ec4d0737ac5879223e7cd9d68c448df46e169
740Author: Darren Tucker <dtucker@zip.com.au>
741Date:   Tue Jun 14 10:48:27 2016 +1000
742
743    Use Solaris setpflags(__PROC_PROTECT, ...).
744
745    Where possible, use Solaris setpflags to disable process tracing on
746    ssh-agent and sftp-server.  bz#2584, based on a patch from huieying.lee
747    at oracle.com, ok djm.
748
749commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573
750Author: Darren Tucker <dtucker@zip.com.au>
751Date:   Tue Jun 14 10:43:53 2016 +1000
752
753    Shorten prctl code a tiny bit.
754
755commit 0fb7f5985351fbbcd2613d8485482c538e5123be
756Author: Darren Tucker <dtucker@zip.com.au>
757Date:   Thu Jun 9 16:23:07 2016 +1000
758
759    Move prctl PR_SET_DUMPABLE into platform.c.
760
761    This should make it easier to add additional platform support such as
762    Solaris (bz#2584).
763
764commit e6508898c3cd838324ecfe1abd0eb8cf802e7106
765Author: dtucker@openbsd.org <dtucker@openbsd.org>
766Date:   Fri Jun 3 04:10:41 2016 +0000
767
768    upstream commit
769
770    Add a test for ssh(1)'s config file parsing.
771
772    Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601
773
774commit ab0a536066dfa32def0bd7272c096ebb5eb25b11
775Author: dtucker@openbsd.org <dtucker@openbsd.org>
776Date:   Fri Jun 3 03:47:59 2016 +0000
777
778    upstream commit
779
780    Add 'sshd' to the test ID as I'm about to add a similar
781     set for ssh.
782
783    Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a
784
785commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb
786Author: schwarze@openbsd.org <schwarze@openbsd.org>
787Date:   Mon May 30 12:14:08 2016 +0000
788
789    upstream commit
790
791    stricter malloc.conf(5) options for utf8 tests
792
793    Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6
794
795commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc
796Author: schwarze@openbsd.org <schwarze@openbsd.org>
797Date:   Mon May 30 12:05:56 2016 +0000
798
799    upstream commit
800
801    Fix two rare edge cases: 1. If vasprintf() returns < 0,
802     do not access a NULL pointer in snmprintf(), and do not free() the pointer
803     returned from vasprintf() because on some systems other than OpenBSD, it
804     might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
805     rather than -1 and NULL.
806
807    Besides, free(dst) is pointless after failure (not a bug).
808
809    One half OK martijn@, the other half OK deraadt@;
810    committing quickly before people get hurt.
811
812    Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4
813
814commit 016881eb33a7948028848c90f4c7ac42e3af0e87
815Author: schwarze@openbsd.org <schwarze@openbsd.org>
816Date:   Thu May 26 19:14:25 2016 +0000
817
818    upstream commit
819
820    test the new utf8 module
821
822    Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3
823
824commit d4219028bdef448e089376f3afe81ef6079da264
825Author: dtucker@openbsd.org <dtucker@openbsd.org>
826Date:   Tue May 3 15:30:46 2016 +0000
827
828    upstream commit
829
830    Set umask to prevent "Bad owner or permissions" errors.
831
832    Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417
833
834commit 07d5608bb237e9b3fe86a2aeaa429392230faebf
835Author: djm@openbsd.org <djm@openbsd.org>
836Date:   Tue May 3 14:41:04 2016 +0000
837
838    upstream commit
839
840    support doas
841
842    Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38
843
844commit 01cabf10adc7676cba5f40536a34d3b246edb73f
845Author: djm@openbsd.org <djm@openbsd.org>
846Date:   Tue May 3 13:48:33 2016 +0000
847
848    upstream commit
849
850    unit tests for sshbuf_dup_string()
851
852    Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d
853
854commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372
855Author: jmc@openbsd.org <jmc@openbsd.org>
856Date:   Fri Jun 3 06:44:12 2016 +0000
857
858    upstream commit
859
860    tweak previous;
861
862    Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698
863
864commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4
865Author: dtucker@openbsd.org <dtucker@openbsd.org>
866Date:   Fri Jun 3 04:09:38 2016 +0000
867
868    upstream commit
869
870    Allow ExitOnForwardFailure and ClearAllForwardings to be
871     overridden when using ssh -W (but still default to yes in that case).
872     bz#2577, ok djm@.
873
874    Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4
875
876commit 8543ff3f5020fe659839b15f05b8c522bde6cee5
877Author: dtucker@openbsd.org <dtucker@openbsd.org>
878Date:   Fri Jun 3 03:14:41 2016 +0000
879
880    upstream commit
881
882    Move the host and port used by ssh -W into the Options
883     struct. This will make future changes a bit easier.  ok djm@
884
885    Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382
886
887commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368
888Author: dtucker@openbsd.org <dtucker@openbsd.org>
889Date:   Wed Jun 1 04:19:49 2016 +0000
890
891    upstream commit
892
893    Check min and max sizes sent by the client against what
894     we support before passing them to the monitor.  ok djm@
895
896    Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece
897
898commit 564cd2a8926ccb1dca43a535073540935b5e0373
899Author: dtucker@openbsd.org <dtucker@openbsd.org>
900Date:   Tue May 31 23:46:14 2016 +0000
901
902    upstream commit
903
904    Ensure that the client's proposed DH-GEX max value is at
905     least as big as the minimum the server will accept.  ok djm@
906
907    Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775
908
909commit df820722e40309c9b3f360ea4ed47a584ed74333
910Author: Darren Tucker <dtucker@zip.com.au>
911Date:   Mon Jun 6 11:36:13 2016 +1000
912
913    Add compat bits to utf8.c.
914
915commit 05c6574652571becfe9d924226c967a3f4b3f879
916Author: Darren Tucker <dtucker@zip.com.au>
917Date:   Mon Jun 6 11:33:43 2016 +1000
918
919    Fix utf->utf8 typo.
920
921commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce
922Author: schwarze@openbsd.org <schwarze@openbsd.org>
923Date:   Mon May 30 18:34:41 2016 +0000
924
925    upstream commit
926
927    Backout rev. 1.43 for now.
928
929    The function update_progress_meter() calls refresh_progress_meter()
930    which calls snmprintf() which calls malloc(); but update_progress_meter()
931    acts as the SIGALRM signal handler.
932
933    "malloc(): error: recursive call" reported by sobrado@.
934
935    Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
936
937commit cd9e1eabeb4137182200035ab6fa4522f8d24044
938Author: schwarze@openbsd.org <schwarze@openbsd.org>
939Date:   Mon May 30 12:57:21 2016 +0000
940
941    upstream commit
942
943    Even when only writing an unescaped character, the dst
944     buffer may need to grow, or it would be overrun; issue found by tb@ with
945     malloc.conf(5) 'C'.
946
947    While here, reserve an additional byte for the terminating NUL
948    up front such that we don't have to realloc() later just for that.
949
950    OK tb@
951
952    Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
953
954commit ac284a355f8065eaef2a16f446f3c44cdd17371d
955Author: schwarze@openbsd.org <schwarze@openbsd.org>
956Date:   Mon May 30 12:05:56 2016 +0000
957
958    upstream commit
959
960    Fix two rare edge cases: 1. If vasprintf() returns < 0,
961     do not access a NULL pointer in snmprintf(), and do not free() the pointer
962     returned from vasprintf() because on some systems other than OpenBSD, it
963     might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and ""
964     rather than -1 and NULL.
965
966    Besides, free(dst) is pointless after failure (not a bug).
967
968    One half OK martijn@, the other half OK deraadt@;
969    committing quickly before people get hurt.
970
971    Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
972
973commit 0e059cdf5fd86297546c63fa8607c24059118832
974Author: schwarze@openbsd.org <schwarze@openbsd.org>
975Date:   Wed May 25 23:48:45 2016 +0000
976
977    upstream commit
978
979    To prevent screwing up terminal settings when printing to
980     the terminal, for ASCII and UTF-8, escape bytes not forming characters and
981     bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
982     character sets, abort printing of the current string in these cases.  In
983     particular, * let scp(1) respect the local user's LC_CTYPE locale(1); *
984     sanitize data received from the remote host; * sanitize filenames, usernames,
985     and similar data even locally; * take character display widths into account
986     for the progressmeter.
987
988    This is believed to be sufficient to keep the local terminal safe
989    on OpenBSD, but bad things can still happen on other systems with
990    state-dependent locales because many places in the code print
991    unencoded ASCII characters into the output stream.
992
993    Using feedback from djm@ and martijn@,
994    various aspects discussed with many others.
995
996    deraadt@ says it should go in now, i probably already hesitated too long
997
998    Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
999
1000commit 8c02e3639acefe1e447e293dbe23a0917abd3734
1001Author: dtucker@openbsd.org <dtucker@openbsd.org>
1002Date:   Tue May 24 04:43:45 2016 +0000
1003
1004    upstream commit
1005
1006    KNF compression proposal and simplify the client side a
1007     little.  ok djm@
1008
1009    Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
1010
1011commit 7ec4946fb686813eb5f8c57397e465f5485159f4
1012Author: dtucker@openbsd.org <dtucker@openbsd.org>
1013Date:   Tue May 24 02:31:57 2016 +0000
1014
1015    upstream commit
1016
1017    Back out 'plug memleak'.
1018
1019    Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
1020
1021commit 82f24c3ddc52053aeb7beb3332fa94c92014b0c5
1022Author: djm@openbsd.org <djm@openbsd.org>
1023Date:   Mon May 23 23:30:50 2016 +0000
1024
1025    upstream commit
1026
1027    prefer agent-hosted keys to keys from PKCS#11; ok markus
1028
1029    Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
1030
1031commit a0cb7778fbc9b43458f7072eb68dd858766384d1
1032Author: dtucker@openbsd.org <dtucker@openbsd.org>
1033Date:   Mon May 23 00:17:27 2016 +0000
1034
1035    upstream commit
1036
1037    Plug mem leak in filter_proposal.  ok djm@
1038
1039    Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
1040
1041commit ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743
1042Author: Darren Tucker <dtucker@zip.com.au>
1043Date:   Fri Jun 3 16:03:44 2016 +1000
1044
1045    Update vis.h and vis.c from OpenBSD.
1046
1047    This will be needed for the upcoming utf8 changes.
1048
1049commit e1d93705f8f48f519433d6ca9fc3d0abe92a1b77
1050Author: Tim Rice <tim@multitalents.net>
1051Date:   Tue May 31 11:13:22 2016 -0700
1052
1053    modified:   configure.ac
1054    whitspace clean up. No code changes.
1055
1056commit 604a037d84e41e31f0aec9075df0b8740c130200
1057Author: Damien Miller <djm@mindrot.org>
1058Date:   Tue May 31 16:45:28 2016 +1000
1059
1060    whitespace at EOL
1061
1062commit 18424200160ff5c923113e0a37ebe21ab7bcd17c
1063Author: Darren Tucker <dtucker@zip.com.au>
1064Date:   Mon May 30 19:35:28 2016 +1000
1065
1066    Add missing ssh-host-config --name option
1067
1068    Patch from vinschen@redhat.com.
1069
1070commit 39c0cecaa188a37a2e134795caa68e03f3ced592
1071Author: Darren Tucker <dtucker@zip.com.au>
1072Date:   Fri May 20 10:01:58 2016 +1000
1073
1074    Fix comment about sshpam_const and AIX.
1075
1076    From mschwager via github.
1077
1078commit f64062b1f74ad5ee20a8a49aab2732efd0f7ce30
1079Author: Damien Miller <djm@mindrot.org>
1080Date:   Fri May 20 09:56:53 2016 +1000
1081
1082    Deny lstat syscalls in seccomp sandbox
1083
1084    Avoids sandbox violations for some krb/gssapi libraries.
1085
1086commit 531c135409b8d8810795b1f3692a4ebfd5c9cae0
1087Author: djm@openbsd.org <djm@openbsd.org>
1088Date:   Thu May 19 07:45:32 2016 +0000
1089
1090    upstream commit
1091
1092    fix type of ed25519 values
1093
1094    Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
1095
1096commit 75e21688f523799c9e0cc6601d76a9c5ca79f787
1097Author: markus@openbsd.org <markus@openbsd.org>
1098Date:   Wed May 4 14:32:26 2016 +0000
1099
1100    upstream commit
1101
1102    add IdentityAgent; noticed & ok jmc@
1103
1104    Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
1105
1106commit 1a75d14daf4b60db903e6103cf50e74e0cd0a76b
1107Author: markus@openbsd.org <markus@openbsd.org>
1108Date:   Wed May 4 14:29:58 2016 +0000
1109
1110    upstream commit
1111
1112    allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@
1113
1114    Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
1115
1116commit 0516454151ae722fc8256c3c56115c6baf24c5b0
1117Author: markus@openbsd.org <markus@openbsd.org>
1118Date:   Wed May 4 14:22:33 2016 +0000
1119
1120    upstream commit
1121
1122    move SSH_MSG_NONE, so we don't have to include ssh1.h;
1123     ok deraadt@
1124
1125    Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
1126
1127commit 332ff3d770631e7513fea38cf0d3689f673f0e3f
1128Author: Damien Miller <djm@mindrot.org>
1129Date:   Tue May 10 09:51:06 2016 +1000
1130
1131    initialise salen in binresvport_sa
1132
1133    avoids failures with UsePrivilegedPort=yes
1134
1135    patch from Juan Gallego
1136
1137commit c5c1d5d2f04ce00d2ddd6647e61b32f28be39804
1138Author: markus@openbsd.org <markus@openbsd.org>
1139Date:   Wed May 4 14:04:40 2016 +0000
1140
1141    upstream commit
1142
1143    missing const in prototypes (ssh1)
1144
1145    Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
1146
1147commit 9faae50e2e82ba42eb0cb2726bf6830fe7948f28
1148Author: dtucker@openbsd.org <dtucker@openbsd.org>
1149Date:   Wed May 4 14:00:09 2016 +0000
1150
1151    upstream commit
1152
1153    Fix inverted logic for updating StreamLocalBindMask which
1154     would cause the server to set an invalid mask. ok djm@
1155
1156    Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
1157
1158commit b02ad1ce9105bfa7394ac7590c0729dd52e26a81
1159Author: markus@openbsd.org <markus@openbsd.org>
1160Date:   Wed May 4 12:21:53 2016 +0000
1161
1162    upstream commit
1163
1164    IdentityAgent for specifying specific agent sockets; ok
1165     djm@
1166
1167    Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1
1168
1169commit 910e59bba09ac309d78ce61e356da35292212935
1170Author: djm@openbsd.org <djm@openbsd.org>
1171Date:   Wed May 4 12:16:39 2016 +0000
1172
1173    upstream commit
1174
1175    fix junk characters after quotes
1176
1177    Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578
1178
1179commit 9283884e647b8be50ccd2997537af0065672107d
1180Author: jmc@openbsd.org <jmc@openbsd.org>
1181Date:   Tue May 3 18:38:12 2016 +0000
1182
1183    upstream commit
1184
1185    correct article;
1186
1187    Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168
1188
1189commit cfefbcea1057c2623e76c579174a4107a0b6e6cd
1190Author: djm@openbsd.org <djm@openbsd.org>
1191Date:   Tue May 3 15:57:39 2016 +0000
1192
1193    upstream commit
1194
1195    fix overriding of StreamLocalBindMask and
1196     StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes
1197
1198    Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
1199
1200commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549
1201Author: djm@openbsd.org <djm@openbsd.org>
1202Date:   Tue May 3 15:25:06 2016 +0000
1203
1204    upstream commit
1205
1206    don't forget to include StreamLocalBindUnlink in the
1207     config dump output
1208
1209    Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
1210
1211commit cdcd941994dc430f50d0a4e6a712d32b66e6199e
1212Author: djm@openbsd.org <djm@openbsd.org>
1213Date:   Tue May 3 14:54:08 2016 +0000
1214
1215    upstream commit
1216
1217    make nethack^wrandomart fingerprint flag more readily
1218     searchable pointed out by Matt Johnston
1219
1220    Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb
1221
1222commit 05855bf2ce7d5cd0a6db18bc0b4214ed5ef7516d
1223Author: djm@openbsd.org <djm@openbsd.org>
1224Date:   Tue May 3 13:10:24 2016 +0000
1225
1226    upstream commit
1227
1228    clarify ordering of subkeys; pointed out by ietf-ssh AT
1229     stbuehler.de
1230
1231    Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463
1232
1233commit cca3b4395807bfb7aaeb83d2838f5c062ce30566
1234Author: dtucker@openbsd.org <dtucker@openbsd.org>
1235Date:   Tue May 3 12:15:49 2016 +0000
1236
1237    upstream commit
1238
1239    Use a subshell for constructing key types to work around
1240     different sed behaviours for -portable.
1241
1242    Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
1243
1244commit fa58208c6502dcce3e0daac0ca991ee657daf1f5
1245Author: djm@openbsd.org <djm@openbsd.org>
1246Date:   Tue May 3 10:27:59 2016 +0000
1247
1248    upstream commit
1249
1250    correct some typos and remove a long-stale XXX note.
1251
1252    add specification for ed25519 certificates
1253
1254    mention no host certificate options/extensions are currently defined
1255
1256    pointed out by Simon Tatham
1257
1258    Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
1259
1260commit b466f956c32cbaff4200bfcd5db6739fe4bc7d04
1261Author: djm@openbsd.org <djm@openbsd.org>
1262Date:   Tue May 3 10:24:27 2016 +0000
1263
1264    upstream commit
1265
1266    add ed25519 keys that are supported but missing from this
1267     documents; from Peter Moody
1268
1269    Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b
1270
1271commit 7f3d76319a69dab2efe3a520a8fef5b97e923636
1272Author: dtucker@openbsd.org <dtucker@openbsd.org>
1273Date:   Tue May 3 09:03:49 2016 +0000
1274
1275    upstream commit
1276
1277    Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00.  Patch
1278     from Simon Tatham, ok markus@
1279
1280    Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8
1281
1282commit 31bc01c05d9f51bee3ebe33dc57c4fafb059fb62
1283Author: djm@openbsd.org <djm@openbsd.org>
1284Date:   Mon May 2 14:10:58 2016 +0000
1285
1286    upstream commit
1287
1288    unbreak config parsing on reexec from previous commit
1289
1290    Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab
1291
1292commit 67f1459efd2e85bf03d032539283fa8107218936
1293Author: djm@openbsd.org <djm@openbsd.org>
1294Date:   Mon May 2 09:52:00 2016 +0000
1295
1296    upstream commit
1297
1298    unit and regress tests for SHA256/512; ok markus
1299
1300    Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
1301
1302commit 0e8eeec8e75f6d0eaf33317376f773160018a9c7
1303Author: djm@openbsd.org <djm@openbsd.org>
1304Date:   Mon May 2 10:26:04 2016 +0000
1305
1306    upstream commit
1307
1308    add support for additional fixed DH groups from
1309     draft-ietf-curdle-ssh-kex-sha2-03
1310
1311    diffie-hellman-group14-sha256 (2K group)
1312    diffie-hellman-group16-sha512 (4K group)
1313    diffie-hellman-group18-sha512 (8K group)
1314
1315    based on patch from Mark D. Baushke and Darren Tucker
1316    ok markus@
1317
1318    Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
1319
1320commit 57464e3934ba53ad8590ee3ccd840f693407fc1e
1321Author: djm@openbsd.org <djm@openbsd.org>
1322Date:   Mon May 2 09:36:42 2016 +0000
1323
1324    upstream commit
1325
1326    support SHA256 and SHA512 RSA signatures in certificates;
1327     ok markus@
1328
1329    Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
1330
1331commit 1a31d02b2411c4718de58ce796dbb7b5e14db93e
1332Author: djm@openbsd.org <djm@openbsd.org>
1333Date:   Mon May 2 08:49:03 2016 +0000
1334
1335    upstream commit
1336
1337    fix signed/unsigned errors reported by clang-3.7; add
1338     sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
1339     better safety checking; feedback and ok markus@
1340
1341    Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
1342
1343commit d2d6bf864e52af8491a60dd507f85b74361f5da3
1344Author: djm@openbsd.org <djm@openbsd.org>
1345Date:   Fri Apr 29 08:07:53 2016 +0000
1346
1347    upstream commit
1348
1349    close ControlPersist background process stderr when not
1350     in debug mode or when logging to a file or syslog. bz#1988 ok dtucker
1351
1352    Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24
1353
1354commit 9ee692fa1146e887e008a2b9a3d3ea81770c9fc8
1355Author: djm@openbsd.org <djm@openbsd.org>
1356Date:   Thu Apr 28 14:30:21 2016 +0000
1357
1358    upstream commit
1359
1360    fix comment
1361
1362    Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
1363
1364commit ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6
1365Author: jmc@openbsd.org <jmc@openbsd.org>
1366Date:   Wed Apr 27 13:53:48 2016 +0000
1367
1368    upstream commit
1369
1370    cidr permitted for {allow,deny}users; from lars nooden ok djm
1371
1372    Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
1373
1374commit b6e0140a5aa883c27b98415bd8aa9f65fc04ee22
1375Author: djm@openbsd.org <djm@openbsd.org>
1376Date:   Thu Apr 21 06:08:02 2016 +0000
1377
1378    upstream commit
1379
1380    make argument == NULL tests more consistent
1381
1382    Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d
1383
1384commit 6aaabc2b610e44bae473457ad9556ffb43d90ee3
1385Author: jmc@openbsd.org <jmc@openbsd.org>
1386Date:   Sun Apr 17 14:34:46 2016 +0000
1387
1388    upstream commit
1389
1390    tweak previous;
1391
1392    Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f
1393
1394commit 0f839e5969efa3bda615991be8a9d9311554c573
1395Author: djm@openbsd.org <djm@openbsd.org>
1396Date:   Fri Apr 15 02:57:10 2016 +0000
1397
1398    upstream commit
1399
1400    missing bit of Include regress
1401
1402    Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
1403
1404commit 12e4ac46aed681da55c2bba3cd11dfcab23591be
1405Author: djm@openbsd.org <djm@openbsd.org>
1406Date:   Fri Apr 15 02:55:53 2016 +0000
1407
1408    upstream commit
1409
1410    remove redundant CLEANFILES section
1411
1412    Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
1413
1414commit b1d05aa653ae560c44baf8e8a9756e33f98ea75c
1415Author: djm@openbsd.org <djm@openbsd.org>
1416Date:   Fri Apr 15 00:48:01 2016 +0000
1417
1418    upstream commit
1419
1420    sync CLEANFILES with portable, sort
1421
1422    Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
1423
1424commit 35f22dad263cce5c61d933ae439998cb965b8748
1425Author: djm@openbsd.org <djm@openbsd.org>
1426Date:   Fri Apr 15 00:31:10 2016 +0000
1427
1428    upstream commit
1429
1430    regression test for ssh_config Include directive
1431
1432    Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
1433
1434commit 6b8a1a87005818d4700ce8b42faef746e82c1f51
1435Author: djm@openbsd.org <djm@openbsd.org>
1436Date:   Thu Apr 14 23:57:17 2016 +0000
1437
1438    upstream commit
1439
1440    unbreak test for recent ssh de-duplicated forwarding
1441     change
1442
1443    Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
1444
1445commit 076787702418985a2cc6808212dc28ce7afc01f0
1446Author: djm@openbsd.org <djm@openbsd.org>
1447Date:   Thu Apr 14 23:21:42 2016 +0000
1448
1449    upstream commit
1450
1451    add test knob and warning for StrictModes
1452
1453    Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682
1454
1455commit dc7990be865450574c7940c9880567f5d2555b37
1456Author: djm@openbsd.org <djm@openbsd.org>
1457Date:   Fri Apr 15 00:30:19 2016 +0000
1458
1459    upstream commit
1460
1461    Include directive for ssh_config(5); feedback & ok markus@
1462
1463    Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff
1464
1465commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755
1466Author: Damien Miller <djm@mindrot.org>
1467Date:   Wed Apr 13 10:39:57 2016 +1000
1468
1469    ignore PAM environment vars when UseLogin=yes
1470
1471    If PAM is configured to read user-specified environment variables
1472    and UseLogin=yes in sshd_config, then a hostile local user may
1473    attack /bin/login via LD_PRELOAD or similar environment variables
1474    set via PAM.
1475
1476    CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
1477
1478commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9
1479Author: djm@openbsd.org <djm@openbsd.org>
1480Date:   Sat Apr 9 12:39:30 2016 +0000
1481
1482    upstream commit
1483
1484    make private key loading functions consistently handle NULL
1485     key pointer arguments; ok markus@
1486
1487    Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
1488
1489commit 5f41f030e2feb5295657285aa8c6602c7810bc4b
1490Author: Darren Tucker <dtucker@zip.com.au>
1491Date:   Fri Apr 8 21:14:13 2016 +1000
1492
1493    Remove NO_IPPORT_RESERVED_CONCEPT
1494
1495    Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
1496    the same effect without causing problems syncing patches with OpenBSD.
1497    Resync the two affected functions with OpenBSD.  ok djm, sanity checked
1498    by Corinna.
1499
1500commit 34a01b2cf737d946ddb140618e28c3048ab7a229
1501Author: djm@openbsd.org <djm@openbsd.org>
1502Date:   Fri Apr 8 08:19:17 2016 +0000
1503
1504    upstream commit
1505
1506    whitespace at EOL
1507
1508    Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6
1509
1510commit 90ee563fa6b54c59896c6c332c5188f866c5e75f
1511Author: djm@openbsd.org <djm@openbsd.org>
1512Date:   Fri Apr 8 06:35:54 2016 +0000
1513
1514    upstream commit
1515
1516    We accidentally send an empty string and a zero uint32 with
1517     every direct-streamlocal@openssh.com channel open, in contravention of our
1518     own spec.
1519
1520    Fixing this is too hard wrt existing versions that expect these
1521    fields to be present and fatal() if they aren't, so document them
1522    as "reserved" fields in the PROTOCOL spec as though we always
1523    intended this and let us never speak of it again.
1524
1525    bz#2529, reported by Ron Frederick
1526
1527    Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7
1528
1529commit 0ccbd5eca0f0dd78e71a4b69c66f03a66908d558
1530Author: djm@openbsd.org <djm@openbsd.org>
1531Date:   Wed Apr 6 06:42:17 2016 +0000
1532
1533    upstream commit
1534
1535    don't record duplicate LocalForward and RemoteForward
1536     entries; fixes failure with ExitOnForwardFailure+hostname canonicalisation
1537     where the same forwards are added on the second pass through the
1538     configuration file. bz#2562; ok dtucker@
1539
1540    Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1
1541
1542commit 574def0eb493cd6efeffd4ff2e9257abcffee0c8
1543Author: krw@openbsd.org <krw@openbsd.org>
1544Date:   Sat Apr 2 14:37:42 2016 +0000
1545
1546    upstream commit
1547
1548    Another use for fcntl() and thus of the superfluous 3rd
1549     parameter is when sanitising standard fd's before calling daemon().
1550
1551    Use a tweaked version of the ssh(1) function in all three places
1552    found using fcntl() this way.
1553
1554    ok jca@ beck@
1555
1556    Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218
1557
1558commit b3413534aa9d71a941005df2760d1eec2c2b0854
1559Author: Darren Tucker <dtucker@zip.com.au>
1560Date:   Mon Apr 4 11:09:21 2016 +1000
1561
1562    Tidy up openssl header test.
1563
1564commit 815bcac0b94bb448de5acdd6ba925b8725240b4f
1565Author: Darren Tucker <dtucker@zip.com.au>
1566Date:   Mon Apr 4 11:07:59 2016 +1000
1567
1568    Fix configure-time warnings for openssl test.
1569
1570commit 95687f5831ae680f7959446d8ae4b52452ee05dd
1571Author: djm@openbsd.org <djm@openbsd.org>
1572Date:   Fri Apr 1 02:34:10 2016 +0000
1573
1574    upstream commit
1575
1576    whitespace at EOL
1577
1578    Upstream-ID: 40ae2203d07cb14e0a89e1a0d4c6120ee8fd8c3a
1579
1580commit fdfbf4580de09d84a974211715e14f88a5704b8e
1581Author: dtucker@openbsd.org <dtucker@openbsd.org>
1582Date:   Thu Mar 31 05:24:06 2016 +0000
1583
1584    upstream commit
1585
1586    Remove fallback from moduli to "primes" file that was
1587     deprecated in 2001 and fix log messages referring to primes file.  Based on
1588     patch from xnox at ubuntu.com via bz#2559.  "kill it" deraadt@
1589
1590    Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713
1591
1592commit 0235a5fa67fcac51adb564cba69011a535f86f6b
1593Author: djm@openbsd.org <djm@openbsd.org>
1594Date:   Thu Mar 17 17:19:43 2016 +0000
1595
1596    upstream commit
1597
1598    UseDNS affects ssh hostname processing in authorized_keys,
1599     not known_hosts; bz#2554 reported by jjelen AT redhat.com
1600
1601    Upstream-ID: c1c1bb895dde46095fc6d81d8653703928437591
1602
1603commit 8c4739338f5e379d05b19d6e544540114965f07e
1604Author: Darren Tucker <dtucker@zip.com.au>
1605Date:   Tue Mar 15 09:24:43 2016 +1100
1606
1607    Don't call Solaris setproject() with UsePAM=yes.
1608
1609    When Solaris Projects are enabled along with PAM setting the project
1610    is PAM's responsiblity.  bz#2425, based on patch from
1611    brent.paulson at gmail.com.
1612
1613commit cff26f373c58457a32cb263e212cfff53fca987b
1614Author: Damien Miller <djm@mindrot.org>
1615Date:   Tue Mar 15 04:30:21 2016 +1100
1616
1617    remove slogin from *.spec
1618
1619commit c38905ba391434834da86abfc988a2b8b9b62477
1620Author: djm@openbsd.org <djm@openbsd.org>
1621Date:   Mon Mar 14 16:20:54 2016 +0000
1622
1623    upstream commit
1624
1625    unbreak authentication using lone certificate keys in
1626     ssh-agent: when attempting pubkey auth with a certificate, if no separate
1627     private key is found among the keys then try with the certificate key itself.
1628
1629    bz#2550 reported by Peter Moody
1630
1631    Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966
1632
1633commit 4b4bfb01cd40b9ddb948e6026ddd287cc303d871
1634Author: djm@openbsd.org <djm@openbsd.org>
1635Date:   Thu Mar 10 11:47:57 2016 +0000
1636
1637    upstream commit
1638
1639    sanitise characters destined for xauth reported by
1640     github.com/tintinweb feedback and ok deraadt and markus
1641
1642    Upstream-ID: 18ad8d0d74cbd2ea3306a16595a306ee356aa261
1643
1644commit 732b463d37221722b1206f43aa59563766a6a968
1645Author: Darren Tucker <dtucker@zip.com.au>
1646Date:   Mon Mar 14 16:04:23 2016 +1100
1647
1648    Pass supported malloc options to connect-privsep.
1649
1650    This allows us to activate only the supported options during the malloc
1651    option portion of the connect-privsep test.
1652
1653commit d29c5b9b3e9f27394ca97a364ed4bb4a55a59744
1654Author: Darren Tucker <dtucker@zip.com.au>
1655Date:   Mon Mar 14 09:30:58 2016 +1100
1656
1657    Remove leftover roaming.h file.
1658
1659    Pointed out by des at des.no.
1660
1661commit 8ff20ec95f4377021ed5e9b2331320f5c5a34cea
1662Author: Darren Tucker <dtucker@zip.com.au>
1663Date:   Mon Mar 14 09:24:03 2016 +1100
1664
1665    Quote variables that may contain whitespace.
1666
1667    The variable $L_TMP_ID_FILE needs to be surrounded by quotes in order to
1668    survive paths containing whitespace.  bz#2551, from Corinna Vinschen via
1669    Philip Hands.
1670
1671commit 627824480c01f0b24541842c7206ab9009644d02
1672Author: Darren Tucker <dtucker@zip.com.au>
1673Date:   Fri Mar 11 14:47:41 2016 +1100
1674
1675    Include priv.h for priv_set_t.
1676
1677    From alex at cooperi.net.
1678
1679commit e960051f9a264f682c4d2fefbeecffcfc66b0ddf
1680Author: Darren Tucker <dtucker@zip.com.au>
1681Date:   Wed Mar 9 13:14:18 2016 +1100
1682
1683    Wrap stdint.h inside #ifdef HAVE_STDINT_H.
1684
1685commit 2c48bd344d2c4b5e08dae9aea5ff44fc19a5e363
1686Author: Darren Tucker <dtucker@zip.com.au>
1687Date:   Wed Mar 9 12:46:50 2016 +1100
1688
1689    Add compat to monotime_double().
1690
1691    Apply all of the portability changes in monotime() to monotime() double.
1692    Fixes build on at least older FreeBSD systems.
1693
1694commit 7b40ef6c2eef40c339f6ea8920cb8a44838e10c9
1695Author: Damien Miller <djm@mindrot.org>
1696Date:   Tue Mar 8 14:12:58 2016 -0800
1697
1698    make a regress-binaries target
1699
1700    Easier to build all the regression/unit test binaries in one pass
1701    than going through all of ${REGRESS_BINARIES}
1702
1703commit c425494d6b6181beb54a1b3763ef9e944fd3c214
1704Author: Damien Miller <djm@mindrot.org>
1705Date:   Tue Mar 8 14:03:54 2016 -0800
1706
1707    unbreak kexfuzz for -Werror without __bounded__
1708
1709commit 3ed9218c336607846563daea5d5ab4f701f4e042
1710Author: Damien Miller <djm@mindrot.org>
1711Date:   Tue Mar 8 14:01:29 2016 -0800
1712
1713    unbreak PAM after canohost refactor
1714
1715commit 885fb2a44ff694f01e4f6470f803629e11f62961
1716Author: Darren Tucker <dtucker@zip.com.au>
1717Date:   Tue Mar 8 11:58:43 2016 +1100
1718
1719    auth_get_canonical_hostname in portable code.
1720
1721    "refactor canohost.c" replaced get_canonical_hostname, this makes the
1722    same change to some portable-specific code.
1723
1724commit 95767262caa6692eff1e1565be1f5cb297949a89
1725Author: djm@openbsd.org <djm@openbsd.org>
1726Date:   Mon Mar 7 19:02:43 2016 +0000
1727
1728    upstream commit
1729
1730    refactor canohost.c: move functions that cache results closer
1731     to the places that use them (authn and session code). After this, no state is
1732     cached in canohost.c
1733
1734    feedback and ok markus@
1735
1736    Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e
1737
1738commit af0bb38ffd1f2c4f9f43b0029be2efe922815255
1739Author: Damien Miller <djm@mindrot.org>
1740Date:   Fri Mar 4 15:11:55 2016 +1100
1741
1742    hook unittests/misc/kexfuzz into build
1743
1744commit 331b8e07ee5bcbdca12c11cc8f51a7e8de09b248
1745Author: dtucker@openbsd.org <dtucker@openbsd.org>
1746Date:   Fri Mar 4 02:48:06 2016 +0000
1747
1748    upstream commit
1749
1750    Filter debug messages out of log before picking the last
1751     two lines. Should prevent problems if any more debug output is added late in
1752     the connection.
1753
1754    Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363
1755
1756commit 0892edaa3ce623381d3a7635544cbc69b31cf9cb
1757Author: djm@openbsd.org <djm@openbsd.org>
1758Date:   Fri Mar 4 02:30:36 2016 +0000
1759
1760    upstream commit
1761
1762    add KEX fuzzer harness; ok deraadt@
1763
1764    Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1
1765
1766commit ae2562c47d41b68dbb00240fd6dd60bed205367a
1767Author: dtucker@openbsd.org <dtucker@openbsd.org>
1768Date:   Thu Mar 3 00:46:53 2016 +0000
1769
1770    upstream commit
1771
1772    Look back 3 lines for possible error messages.  Changes
1773     to the code mean that "Bad packet length" errors are 3 lines back instead of
1774     the previous two, which meant we didn't skip some offsets that we intended
1775     to.
1776
1777    Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684
1778
1779commit 988e429d903acfb298bfddfd75e7994327adfed0
1780Author: djm@openbsd.org <djm@openbsd.org>
1781Date:   Fri Mar 4 03:35:44 2016 +0000
1782
1783    upstream commit
1784
1785    fix ClientAliveInterval when a time-based RekeyLimit is
1786     set; previously keepalive packets were not being sent. bz#2252 report and
1787     analysis by Christian Wittenhorst and Garrett Lee feedback and ok dtucker@
1788
1789    Upstream-ID: d48f9deadd35fdacdd5106b41bb07630ddd4aa81
1790
1791commit 8ef04d7a94bcdb8b0085fdd2a79a844b7d40792d
1792Author: dtucker@openbsd.org <dtucker@openbsd.org>
1793Date:   Wed Mar 2 22:43:52 2016 +0000
1794
1795    upstream commit
1796
1797    Improve accuracy of reported transfer speeds by waiting
1798     for the ack from the other end.  Pointed out by mmcc@, ok deraadt@ markus@
1799
1800    Upstream-ID: 99f1cf15c9a8f161086b814d414d862795ae153d
1801
1802commit b8d4eafe29684fe4f5bb587f7eab948e6ed62723
1803Author: dtucker@openbsd.org <dtucker@openbsd.org>
1804Date:   Wed Mar 2 22:42:40 2016 +0000
1805
1806    upstream commit
1807
1808    Improve precision of progressmeter for sftp and scp by
1809     storing sub-second timestamps.  Pointed out by mmcc@, ok deraadt@ markus@
1810
1811    Upstream-ID: 38fd83a3d83dbf81c8ff7b5d1302382fe54970ab
1812
1813commit 18f64b969c70ed00e74b9d8e50359dbe698ce4c0
1814Author: jca@openbsd.org <jca@openbsd.org>
1815Date:   Mon Feb 29 20:22:36 2016 +0000
1816
1817    upstream commit
1818
1819    Print ssize_t with %zd; ok deraadt@ mmcc@
1820
1821    Upstream-ID: 0590313bbb013ff6692298c98f7e0be349d124bd
1822
1823commit 6e7f68ce38130c794ec1fb8d2a6091fbe982628d
1824Author: djm@openbsd.org <djm@openbsd.org>
1825Date:   Sun Feb 28 22:27:00 2016 +0000
1826
1827    upstream commit
1828
1829    rearrange DH public value tests to be a little more clear
1830
1831    rearrange DH private value generation to explain rationale more
1832    clearly and include an extra sanity check.
1833
1834    ok deraadt
1835
1836    Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad
1837
1838commit 2ed17aa34008bdfc8db674315adc425a0712be11
1839Author: Darren Tucker <dtucker@zip.com.au>
1840Date:   Tue Mar 1 15:24:20 2016 +1100
1841
1842    Import updated moduli file from OpenBSD.
1843
1844    Note that 1.5k bit groups have been removed.
1845
1846commit 72b061d4ba0f909501c595d709ea76e06b01e5c9
1847Author: Darren Tucker <dtucker@zip.com.au>
1848Date:   Fri Feb 26 14:40:04 2016 +1100
1849
1850    Add a note about using xlc on AIX.
1851
1852commit fd4e4f2416baa2e6565ea49d52aade296bad3e28
1853Author: Darren Tucker <dtucker@zip.com.au>
1854Date:   Wed Feb 24 10:44:25 2016 +1100
1855
1856    Skip PrintLastLog in config dump mode.
1857
1858    When DISABLE_LASTLOG is set, do not try to include PrintLastLog in the
1859    config dump since it'll be reported as UNKNOWN.
1860
1861commit 99135c764fa250801da5ec3b8d06cbd0111caae8
1862Author: Damien Miller <djm@mindrot.org>
1863Date:   Tue Feb 23 20:17:23 2016 +1100
1864
1865    update spec/README versions ahead of release
1866
1867commit b86a334aaaa4d1e643eb1fd71f718573d6d948b5
1868Author: Damien Miller <djm@mindrot.org>
1869Date:   Tue Feb 23 20:16:53 2016 +1100
1870
1871    put back portable patchlevel to p1
1872
1873commit 555dd35ff176847e3c6bd068ba2e8db4022eb24f
1874Author: djm@openbsd.org <djm@openbsd.org>
1875Date:   Tue Feb 23 09:14:34 2016 +0000
1876
1877    upstream commit
1878
1879    openssh-7.2
1880
1881    Upstream-ID: 9db776b26014147fc907ece8460ef2bcb0f11e78
1882
1883commit 1acc058d0a7913838c830ed998a1a1fb5b7864bf
1884Author: Damien Miller <djm@mindrot.org>
1885Date:   Tue Feb 23 16:12:13 2016 +1100
1886
1887    Disable tests where fs perms are incorrect
1888
1889    Some tests have strict requirements on the filesystem permissions
1890    for certain files and directories. This adds a regress/check-perm
1891    tool that copies the relevant logic from sshd to exactly test
1892    the paths in question. This lets us skip tests when the local
1893    filesystem doesn't conform to our expectations rather than
1894    continuing and failing the test run.
1895
1896    ok dtucker@
1897
1898commit 39f303b1f36d934d8410b05625f25c7bcb75db4d
1899Author: Damien Miller <djm@mindrot.org>
1900Date:   Tue Feb 23 12:56:59 2016 +1100
1901
1902    fix sandbox on OSX Lion
1903
1904    sshd was failing with:
1905
1906    ssh_sandbox_child: sandbox_init: dlopen(/usr/lib/libsandbox.1.dylib, 261):cw
1907      image not found [preauth]
1908
1909    caused by chroot before sandboxing. Avoid by explicitly linking libsandbox
1910    to sshd. Spotted by Darren.
1911
1912commit 0d1451a32c7436e6d3d482351e776bc5e7824ce4
1913Author: djm@openbsd.org <djm@openbsd.org>
1914Date:   Tue Feb 23 01:34:14 2016 +0000
1915
1916    upstream commit
1917
1918    fix spurious error message when incorrect passphrase
1919     entered for keys; reported by espie@ ok deraadt@
1920
1921    Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899
1922
1923commit 09d87d79741beb85768b5e788d7dfdf4bc3543dc
1924Author: sobrado@openbsd.org <sobrado@openbsd.org>
1925Date:   Sat Feb 20 23:06:23 2016 +0000
1926
1927    upstream commit
1928
1929    set ssh(1) protocol version to 2 only.
1930
1931    ok djm@
1932
1933    Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10
1934
1935commit 9262e07826ba5eebf8423f7ac9e47ec488c47869
1936Author: sobrado@openbsd.org <sobrado@openbsd.org>
1937Date:   Sat Feb 20 23:02:39 2016 +0000
1938
1939    upstream commit
1940
1941    add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to
1942     IdentityFile.
1943
1944    ok djm@
1945
1946    Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf
1947
1948commit c12f0fdce8f985fca8d71829fd64c5b89dc777f5
1949Author: sobrado@openbsd.org <sobrado@openbsd.org>
1950Date:   Sat Feb 20 23:01:46 2016 +0000
1951
1952    upstream commit
1953
1954    AddressFamily defaults to any.
1955
1956    ok djm@
1957
1958    Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c
1959
1960commit 907091acb188b1057d50c2158f74c3ecf1c2302b
1961Author: Darren Tucker <dtucker@zip.com.au>
1962Date:   Fri Feb 19 09:05:39 2016 +1100
1963
1964    Make Solaris privs code build on older systems.
1965
1966    Not all systems with Solaris privs have priv_basicset so factor that
1967    out and provide backward compatibility code.  Similarly, not all have
1968    PRIV_NET_ACCESS so wrap that in #ifdef.  Based on code from
1969    alex at cooperi.net and djm@ with help from carson at taltos.org and
1970    wieland at purdue.edu.
1971
1972commit 292a8dee14e5e67dcd1b49ba5c7b9023e8420d59
1973Author: djm@openbsd.org <djm@openbsd.org>
1974Date:   Wed Feb 17 22:20:14 2016 +0000
1975
1976    upstream commit
1977
1978    rekey refactor broke SSH1; spotted by Tom G. Christensen
1979
1980    Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243
1981
1982commit 3a13cb543df9919aec2fc6b75f3dd3802facaeca
1983Author: djm@openbsd.org <djm@openbsd.org>
1984Date:   Wed Feb 17 08:57:34 2016 +0000
1985
1986    upstream commit
1987
1988    rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly
1989     in *KeyTypes options yet. Remove them from the lists of algorithms for now.
1990     committing on behalf of markus@ ok djm@
1991
1992    Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7
1993
1994commit a685ae8d1c24fb7c712c55a4f3280ee76f5f1e4b
1995Author: jmc@openbsd.org <jmc@openbsd.org>
1996Date:   Wed Feb 17 07:38:19 2016 +0000
1997
1998    upstream commit
1999
2000    since these pages now clearly tell folks to avoid v1,
2001     normalise the docs from a v2 perspective (i.e. stop pointing out which bits
2002     are v2 only);
2003
2004    ok/tweaks djm ok markus
2005
2006    Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129
2007
2008commit c5c3f3279a0e4044b8de71b70d3570d692d0f29d
2009Author: djm@openbsd.org <djm@openbsd.org>
2010Date:   Wed Feb 17 05:29:04 2016 +0000
2011
2012    upstream commit
2013
2014    make sandboxed privilege separation the default, not just
2015     for new installs; "absolutely" deraadt@
2016
2017    Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b
2018
2019commit eb3f7337a651aa01d5dec019025e6cdc124ed081
2020Author: jmc@openbsd.org <jmc@openbsd.org>
2021Date:   Tue Feb 16 07:47:54 2016 +0000
2022
2023    upstream commit
2024
2025    no need to state that protocol 2 is the default twice;
2026
2027    Upstream-ID: b1e4c36b0c2e12e338e5b66e2978f2ac953b95eb
2028
2029commit e7901efa9b24e5b0c7e74f2c5520d47eead4d005
2030Author: djm@openbsd.org <djm@openbsd.org>
2031Date:   Tue Feb 16 05:11:04 2016 +0000
2032
2033    upstream commit
2034
2035    Replace list of ciphers and MACs adjacent to -1/-2 flag
2036     descriptions in ssh(1) with a strong recommendation not to use protocol 1.
2037     Add a similar warning to the Protocol option descriptions in ssh_config(5)
2038     and sshd_config(5);
2039
2040    prompted by and ok mmcc@
2041
2042    Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e
2043
2044commit 5a0fcb77287342e2fc2ba1cee79b6af108973dc2
2045Author: djm@openbsd.org <djm@openbsd.org>
2046Date:   Tue Feb 16 03:37:48 2016 +0000
2047
2048    upstream commit
2049
2050    add a "Close session" log entry (at loglevel=verbose) to
2051     correspond to the existing "Starting session" one. Also include the session
2052     id number to make multiplexed sessions more apparent.
2053
2054    feedback and ok dtucker@
2055
2056    Upstream-ID: e72d2ac080e02774376325136e532cb24c2e617c
2057
2058commit 624fd395b559820705171f460dd33d67743d13d6
2059Author: djm@openbsd.org <djm@openbsd.org>
2060Date:   Wed Feb 17 02:24:17 2016 +0000
2061
2062    upstream commit
2063
2064    include bad $SSH_CONNECTION in failure output
2065
2066    Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529
2067
2068commit 60d860e54b4f199e5e89963b1c086981309753cb
2069Author: Darren Tucker <dtucker@zip.com.au>
2070Date:   Wed Feb 17 13:37:09 2016 +1100
2071
2072    Rollback addition of va_start.
2073
2074    va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however
2075    it has the wrong number of args and it's not usable in non-variadic
2076    functions anyway so it breaks things (for example Solaris 2.6 as
2077    reported by Tom G. Christensen).i  ok djm@
2078
2079commit 2fee909c3cee2472a98b26eb82696297b81e0d38
2080Author: Darren Tucker <dtucker@zip.com.au>
2081Date:   Wed Feb 17 09:48:15 2016 +1100
2082
2083    Look for gethostbyname in libresolv and libnsl.
2084
2085    Should fix build problem on Solaris 2.6 reported by Tom G. Christensen.
2086
2087commit 5ac712d81a84396aab441a272ec429af5b738302
2088Author: Damien Miller <djm@mindrot.org>
2089Date:   Tue Feb 16 10:45:02 2016 +1100
2090
2091    make existing ssh_malloc_init only for __OpenBSD__
2092
2093commit 24c9bded569d9f2449ded73f92fb6d12db7a9eec
2094Author: djm@openbsd.org <djm@openbsd.org>
2095Date:   Mon Feb 15 23:32:37 2016 +0000
2096
2097    upstream commit
2098
2099    memleak of algorithm name in mm_answer_sign; reported by
2100     Jakub Jelen
2101
2102    Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
2103
2104commit ffb1e7e896139a42ceb78676f637658f44612411
2105Author: dtucker@openbsd.org <dtucker@openbsd.org>
2106Date:   Mon Feb 15 09:47:49 2016 +0000
2107
2108    upstream commit
2109
2110    Add a function to enable security-related malloc_options.
2111      With and ok deraadt@, something similar has been in the snaps for a while.
2112
2113    Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
2114
2115commit ef39e8c0497ff0564990a4f9e8b7338b3ba3507c
2116Author: Damien Miller <djm@mindrot.org>
2117Date:   Tue Feb 16 10:34:39 2016 +1100
2118
2119    sync ssh-copy-id with upstream 783ef08b0a75
2120
2121commit d2d772f55b19bb0e8d03c2fe1b9bb176d9779efd
2122Author: djm@openbsd.org <djm@openbsd.org>
2123Date:   Fri Feb 12 00:20:30 2016 +0000
2124
2125    upstream commit
2126
2127    avoid fatal() for PKCS11 tokens that present empty key IDs
2128     bz#1773, ok markus@
2129
2130    Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54
2131
2132commit e4c918a6c721410792b287c9fd21356a1bed5805
2133Author: djm@openbsd.org <djm@openbsd.org>
2134Date:   Thu Feb 11 02:56:32 2016 +0000
2135
2136    upstream commit
2137
2138    sync crypto algorithm lists in ssh_config(5) and
2139     sshd_config(5) with current reality. bz#2527
2140
2141    Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6
2142
2143commit e30cabfa4ab456a30b3224f7f545f1bdfc4a2517
2144Author: djm@openbsd.org <djm@openbsd.org>
2145Date:   Thu Feb 11 02:21:34 2016 +0000
2146
2147    upstream commit
2148
2149    fix regression in openssh-6.8 sftp client: existing
2150     destination directories would incorrectly terminate recursive uploads;
2151     bz#2528
2152
2153    Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
2154
2155commit 714e367226ded4dc3897078be48b961637350b05
2156Author: djm@openbsd.org <djm@openbsd.org>
2157Date:   Tue Feb 9 05:30:04 2016 +0000
2158
2159    upstream commit
2160
2161    turn off more old crypto in the client: hmac-md5, ripemd,
2162     truncated HMACs, RC4, blowfish. ok markus@ dtucker@
2163
2164    Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e
2165
2166commit 5a622844ff7f78dcb75e223399f9ef0977e8d0a3
2167Author: djm@openbsd.org <djm@openbsd.org>
2168Date:   Mon Feb 8 23:40:12 2016 +0000
2169
2170    upstream commit
2171
2172    don't attempt to percent_expand() already-canonicalised
2173     addresses, avoiding unnecessary failures when attempting to connect to scoped
2174     IPv6 addresses (that naturally contain '%' characters)
2175
2176    Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a
2177
2178commit 19bcf2ea2d17413f2d9730dd2a19575ff86b9b6a
2179Author: djm@openbsd.org <djm@openbsd.org>
2180Date:   Mon Feb 8 10:57:07 2016 +0000
2181
2182    upstream commit
2183
2184    refactor activation of rekeying
2185
2186    This makes automatic rekeying internal to the packet code (previously
2187    the server and client loops needed to assist). In doing to it makes
2188    application of rekey limits more accurate by accounting for packets
2189    about to be sent as well as packets queued during rekeying events
2190    themselves.
2191
2192    Based on a patch from dtucker@ which was in turn based on a patch
2193    Aleksander Adamowski in bz#2521; ok markus@
2194
2195    Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8
2196
2197commit 603ba41179e4b53951c7b90ee95b6ef3faa3f15d
2198Author: naddy@openbsd.org <naddy@openbsd.org>
2199Date:   Fri Feb 5 13:28:19 2016 +0000
2200
2201    upstream commit
2202
2203    Only check errno if read() has returned an error.  EOF is
2204     not an error. This fixes a problem where the mux master would sporadically
2205     fail to notice that the client had exited. ok mikeb@ djm@
2206
2207    Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53
2208
2209commit 56d7dac790693ce420d225119283bc355cff9185
2210Author: jsg@openbsd.org <jsg@openbsd.org>
2211Date:   Fri Feb 5 04:31:21 2016 +0000
2212
2213    upstream commit
2214
2215    avoid an uninitialised value when NumberOfPasswordPrompts
2216     is 0 ok markus@ djm@
2217
2218    Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
2219
2220commit deae7d52d59c5019c528f977360d87fdda15d20b
2221Author: djm@openbsd.org <djm@openbsd.org>
2222Date:   Fri Feb 5 03:07:06 2016 +0000
2223
2224    upstream commit
2225
2226    mention internal DH-GEX fallback groups; bz#2302
2227
2228    Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e
2229
2230commit cac3b6665f884d46192c0dc98a64112e8b11a766
2231Author: djm@openbsd.org <djm@openbsd.org>
2232Date:   Fri Feb 5 02:37:56 2016 +0000
2233
2234    upstream commit
2235
2236    better description for MaxSessions; bz#2531
2237
2238    Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da
2239
2240commit 5ef4b0fdcc7a239577a754829b50022b91ab4712
2241Author: Damien Miller <djm@mindrot.org>
2242Date:   Wed Jan 27 17:45:56 2016 +1100
2243
2244    avoid FreeBSD RCS Id in comment
2245
2246    Change old $FreeBSD version string in comment so it doesn't
2247    become an RCS ident downstream; requested by des AT des.no
2248
2249commit 696d12683c90d20a0a9c5f4275fc916b7011fb04
2250Author: djm@openbsd.org <djm@openbsd.org>
2251Date:   Thu Feb 4 23:43:48 2016 +0000
2252
2253    upstream commit
2254
2255    printf argument casts to avoid warnings on strict
2256     compilers
2257
2258    Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c
2259
2260commit 5658ef2501e785fbbdf5de2dc33b1ff7a4dca73a
2261Author: millert@openbsd.org <millert@openbsd.org>
2262Date:   Mon Feb 1 21:18:17 2016 +0000
2263
2264    upstream commit
2265
2266    Avoid ugly "DISPLAY "(null)" invalid; disabling X11
2267     forwarding" message when DISPLAY is not set.  This could also result in a
2268     crash on systems with a printf that doesn't handle NULL.  OK djm@
2269
2270    Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412
2271
2272commit 537f88ec7bcf40bd444ac5584c707c5588c55c43
2273Author: dtucker@openbsd.org <dtucker@openbsd.org>
2274Date:   Fri Jan 29 05:18:15 2016 +0000
2275
2276    upstream commit
2277
2278    Add regression test for RekeyLimit parsing of >32bit values
2279     (4G and 8G).
2280
2281    Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328
2282
2283commit 4c6cb8330460f94e6c7ae28a364236d4188156a3
2284Author: dtucker@openbsd.org <dtucker@openbsd.org>
2285Date:   Fri Jan 29 23:04:46 2016 +0000
2286
2287    upstream commit
2288
2289    Remove leftover roaming dead code.  ok djm markus.
2290
2291    Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be
2292
2293commit 28136471809806d6246ef41e4341467a39fe2f91
2294Author: djm@openbsd.org <djm@openbsd.org>
2295Date:   Fri Jan 29 05:46:01 2016 +0000
2296
2297    upstream commit
2298
2299    include packet type of non-data packets in debug3 output;
2300     ok markus dtucker
2301
2302    Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41
2303
2304commit 6fd6e28daccafaa35f02741036abe64534c361a1
2305Author: dtucker@openbsd.org <dtucker@openbsd.org>
2306Date:   Fri Jan 29 03:31:03 2016 +0000
2307
2308    upstream commit
2309
2310    Revert "account for packets buffered but not yet
2311     processed" change as it breaks for very small RekeyLimit values due to
2312     continuous rekeying.  ok djm@
2313
2314    Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19
2315
2316commit 921ff00b0ac429666fb361d2d6cb1c8fff0006cb
2317Author: dtucker@openbsd.org <dtucker@openbsd.org>
2318Date:   Fri Jan 29 02:54:45 2016 +0000
2319
2320    upstream commit
2321
2322    Allow RekeyLimits in excess of 4G up to 2**63 bits
2323     (limited by the return type of scan_scaled).  Part of bz#2521, ok djm.
2324
2325    Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979
2326
2327commit c0060a65296f01d4634f274eee184c0e93ba0f23
2328Author: dtucker@openbsd.org <dtucker@openbsd.org>
2329Date:   Fri Jan 29 02:42:46 2016 +0000
2330
2331    upstream commit
2332
2333    Account for packets buffered but not yet processed when
2334     computing whether or not it is time to perform rekeying.  bz#2521, based
2335     loosely on a patch from olo at fb.com, ok djm@
2336
2337    Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c
2338
2339commit 44cf930e670488c85c9efeb373fa5f4b455692ac
2340Author: djm@openbsd.org <djm@openbsd.org>
2341Date:   Wed Jan 27 06:44:58 2016 +0000
2342
2343    upstream commit
2344
2345    change old $FreeBSD version string in comment so it doesn't
2346     become an RCS ident downstream; requested by des AT des.no
2347
2348    Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722
2349
2350commit ebacd377769ac07d1bf3c75169644336056b7060
2351Author: djm@openbsd.org <djm@openbsd.org>
2352Date:   Wed Jan 27 00:53:12 2016 +0000
2353
2354    upstream commit
2355
2356    make the debug messages a bit more useful here
2357
2358    Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
2359
2360commit 458abc2934e82034c5c281336d8dc0f910aecad3
2361Author: jsg@openbsd.org <jsg@openbsd.org>
2362Date:   Sat Jan 23 05:31:35 2016 +0000
2363
2364    upstream commit
2365
2366    Zero a stack buffer with explicit_bzero() instead of
2367     memset() when returning from client_loop() for consistency with
2368     buffer_free()/sshbuf_free().
2369
2370    ok dtucker@ deraadt@ djm@
2371
2372    Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66
2373
2374commit 65a3c0dacbc7dbb75ddb6a70ebe22d8de084d0b0
2375Author: dtucker@openbsd.org <dtucker@openbsd.org>
2376Date:   Wed Jan 20 09:22:39 2016 +0000
2377
2378    upstream commit
2379
2380    Include sys/time.h for gettimeofday.  From sortie at
2381     maxsi.org.
2382
2383    Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b
2384
2385commit fc77ccdc2ce6d5d06628b8da5048a6a5f6ffca5a
2386Author: markus@openbsd.org <markus@openbsd.org>
2387Date:   Thu Jan 14 22:56:56 2016 +0000
2388
2389    upstream commit
2390
2391    fd leaks; report Qualys Security Advisory team; ok
2392     deraadt@
2393
2394    Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
2395
2396commit a306863831c57ec5fad918687cc5d289ee8e2635
2397Author: markus@openbsd.org <markus@openbsd.org>
2398Date:   Thu Jan 14 16:17:39 2016 +0000
2399
2400    upstream commit
2401
2402    remove roaming support; ok djm@
2403
2404    Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
2405
2406commit 6ef49e83e30688504552ac10875feabd5521565f
2407Author: deraadt@openbsd.org <deraadt@openbsd.org>
2408Date:   Thu Jan 14 14:34:34 2016 +0000
2409
2410    upstream commit
2411
2412    Disable experimental client-side roaming support.  Server
2413     side was disabled/gutted for years already, but this aspect was surprisingly
2414     forgotten. Thanks for report from Qualys
2415
2416    Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
2417
2418commit 8d7b523b96d3be180572d9d338cedaafc0570f60
2419Author: Damien Miller <djm@mindrot.org>
2420Date:   Thu Jan 14 11:08:19 2016 +1100
2421
2422    bump version numbers
2423
2424commit 8c3d512a1fac8b9c83b4d0c9c3f2376290bd84ca
2425Author: Damien Miller <djm@mindrot.org>
2426Date:   Thu Jan 14 11:04:04 2016 +1100
2427
2428    openssh-7.1p2
2429
2430commit e6c85f8889c5c9eb04796fdb76d2807636b9eef5
2431Author: Damien Miller <djm@mindrot.org>
2432Date:   Fri Jan 15 01:30:36 2016 +1100
2433
2434    forcibly disable roaming support in the client
2435
2436commit ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
2437Author: djm@openbsd.org <djm@openbsd.org>
2438Date:   Wed Jan 13 23:04:47 2016 +0000
2439
2440    upstream commit
2441
2442    eliminate fallback from untrusted X11 forwarding to trusted
2443     forwarding when the X server disables the SECURITY extension; Reported by
2444     Thomas Hoger; ok deraadt@
2445
2446    Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
2447
2448commit 9a728cc918fad67c8a9a71201088b1e150340ba4
2449Author: djm@openbsd.org <djm@openbsd.org>
2450Date:   Tue Jan 12 23:42:54 2016 +0000
2451
2452    upstream commit
2453
2454    use explicit_bzero() more liberally in the buffer code; ok
2455     deraadt
2456
2457    Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
2458
2459commit 4626cbaf78767fc8e9c86dd04785386c59ae0839
2460Author: Damien Miller <djm@mindrot.org>
2461Date:   Fri Jan 8 14:24:56 2016 +1100
2462
2463    Support Illumos/Solaris fine-grained privileges
2464
2465    Includes a pre-auth privsep sandbox and several pledge()
2466    emulations. bz#2511, patch by Alex Wilson.
2467
2468    ok dtucker@
2469
2470commit 422d1b3ee977ff4c724b597fb2e437d38fc8de9d
2471Author: djm@openbsd.org <djm@openbsd.org>
2472Date:   Thu Dec 31 00:33:52 2015 +0000
2473
2474    upstream commit
2475
2476    fix three bugs in KRL code related to (unused) signature
2477     support: verification length was being incorrectly calculated, multiple
2478     signatures were being incorrectly processed and a NULL dereference that
2479     occurred when signatures were verified. Reported by Carl Jackson
2480
2481    Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
2482
2483commit 6074c84bf95d00f29cc7d5d3cd3798737851aa1a
2484Author: djm@openbsd.org <djm@openbsd.org>
2485Date:   Wed Dec 30 23:46:14 2015 +0000
2486
2487    upstream commit
2488
2489    unused prototype
2490
2491    Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
2492
2493commit 6213f0e180e54122bb1ba928e11c784e2b4e5380
2494Author: guenther@openbsd.org <guenther@openbsd.org>
2495Date:   Sat Dec 26 20:51:35 2015 +0000
2496
2497    upstream commit
2498
2499    Use pread/pwrite instead separate lseek+read/write for
2500     lastlog. Cast to off_t before multiplication to avoid truncation on ILP32
2501
2502    ok kettenis@ mmcc@
2503
2504    Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf
2505
2506commit d7d2bc95045a43dd56ea696cc1d030ac9d77e81f
2507Author: semarie@openbsd.org <semarie@openbsd.org>
2508Date:   Sat Dec 26 07:46:03 2015 +0000
2509
2510    upstream commit
2511
2512    adjust pledge promises for ControlMaster: when using
2513     "ask" or "autoask", the process will use ssh-askpass for asking confirmation.
2514
2515    problem found by halex@
2516
2517    ok halex@
2518
2519    Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
2520
2521commit 271df8185d9689b3fb0523f58514481b858f6843
2522Author: djm@openbsd.org <djm@openbsd.org>
2523Date:   Sun Dec 13 22:42:23 2015 +0000
2524
2525    upstream commit
2526
2527    unbreak connections with peers that set
2528     first_kex_follows; fix from Matt Johnston va bz#2515
2529
2530    Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
2531
2532commit 43849a47c5f8687699eafbcb5604f6b9c395179f
2533Author: doug@openbsd.org <doug@openbsd.org>
2534Date:   Fri Dec 11 17:41:37 2015 +0000
2535
2536    upstream commit
2537
2538    Add "id" to ssh-agent pledge for subprocess support.
2539
2540    Found the hard way by Jan Johansson when using ssh-agent with X.  Also,
2541    rearranged proc/exec and retval to match other pledge calls in the tree.
2542
2543    ok djm@
2544
2545    Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
2546
2547commit 52d7078421844b2f88329f5be3de370b0a938636
2548Author: mmcc@openbsd.org <mmcc@openbsd.org>
2549Date:   Fri Dec 11 04:21:11 2015 +0000
2550
2551    upstream commit
2552
2553    Remove NULL-checks before sshbuf_free().
2554
2555    ok djm@
2556
2557    Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
2558
2559commit a4b9e0f4e4a6980a0eb8072f76ea611cab5b77e7
2560Author: djm@openbsd.org <djm@openbsd.org>
2561Date:   Fri Dec 11 03:24:25 2015 +0000
2562
2563    upstream commit
2564
2565    include remote port number in a few more messages; makes
2566     tying log messages together into a session a bit easier; bz#2503 ok dtucker@
2567
2568    Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e
2569
2570commit 6091c362e89079397e68744ae30df121b0a72c07
2571Author: djm@openbsd.org <djm@openbsd.org>
2572Date:   Fri Dec 11 03:20:09 2015 +0000
2573
2574    upstream commit
2575
2576    don't try to load SSHv1 private key when compiled without
2577     SSHv1 support. From Iain Morgan bz#2505
2578
2579    Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7
2580
2581commit cce6a36bb95e81fa8bfb46daf22eabcf13afc352
2582Author: djm@openbsd.org <djm@openbsd.org>
2583Date:   Fri Dec 11 03:19:09 2015 +0000
2584
2585    upstream commit
2586
2587    use SSH_MAX_PUBKEY_BYTES consistently as buffer size when
2588     reading key files. Increase it to match the size of the buffers already being
2589     used.
2590
2591    Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
2592
2593commit 89540b6de025b80404a0cb8418c06377f3f98848
2594Author: mmcc@openbsd.org <mmcc@openbsd.org>
2595Date:   Fri Dec 11 02:31:47 2015 +0000
2596
2597    upstream commit
2598
2599    Remove NULL-checks before sshkey_free().
2600
2601    ok djm@
2602
2603    Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
2604
2605commit 79394ed6d74572c2d2643d73937dad33727fc240
2606Author: dtucker@openbsd.org <dtucker@openbsd.org>
2607Date:   Fri Dec 11 02:29:03 2015 +0000
2608
2609    upstream commit
2610
2611    fflush stdout so that output is seen even when running in
2612     debug mode when output may otherwise not be flushed.  Patch from dustin at
2613     null-ptr.net.
2614
2615    Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc
2616
2617commit ee607cccb6636eb543282ba90e0677b0604d8b7a
2618Author: Darren Tucker <dtucker@zip.com.au>
2619Date:   Tue Dec 15 15:23:49 2015 +1100
2620
2621    Increase robustness of redhat/openssh.spec
2622
2623     - remove configure --with-rsh, because this option isn't supported anymore
2624     - replace last occurrence of BuildPreReq by BuildRequires
2625     - update grep statement to query the krb5 include directory
2626
2627    Patch from CarstenGrohmann via github, ok djm.
2628
2629commit b5fa0cd73555b991a543145603658d7088ec6b60
2630Author: Darren Tucker <dtucker@zip.com.au>
2631Date:   Tue Dec 15 15:10:32 2015 +1100
2632
2633    Allow --without-ssl-engine with --without-openssl
2634
2635    Patch from Mike Frysinger via github.
2636
2637commit c1d7e546f6029024f3257cc25c92f2bddf163125
2638Author: Darren Tucker <dtucker@zip.com.au>
2639Date:   Tue Dec 15 14:27:09 2015 +1100
2640
2641    Include openssl crypto.h for SSLeay.
2642
2643    Patch from doughdemon via github.
2644
2645commit c6f5f01651526e88c00d988ce59d71f481ebac62
2646Author: Darren Tucker <dtucker@zip.com.au>
2647Date:   Tue Dec 15 13:59:12 2015 +1100
2648
2649    Add sys/time.h for gettimeofday.
2650
2651    Should allow it it compile with MUSL libc.  Based on patch from
2652    doughdemon via github.
2653
2654commit 39736be06c7498ef57d6970f2d85cf066ae57c82
2655Author: djm@openbsd.org <djm@openbsd.org>
2656Date:   Fri Dec 11 02:20:28 2015 +0000
2657
2658    upstream commit
2659
2660    correct error messages; from Tomas Kuthan bz#2507
2661
2662    Upstream-ID: 7454a0affeab772398052954c79300aa82077093
2663
2664commit 94141b7ade24afceeb6762a3f99e09e47a6c42b6
2665Author: mmcc@openbsd.org <mmcc@openbsd.org>
2666Date:   Fri Dec 11 00:20:04 2015 +0000
2667
2668    upstream commit
2669
2670    Pass (char *)NULL rather than (char *)0 to execl and
2671     execlp.
2672
2673    ok dtucker@
2674
2675    Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492
2676
2677commit d59ce08811bf94111c2f442184cf7d1257ffae24
2678Author: mmcc@openbsd.org <mmcc@openbsd.org>
2679Date:   Thu Dec 10 17:08:40 2015 +0000
2680
2681    upstream commit
2682
2683    Remove NULL-checks before free().
2684
2685    ok dtucker@
2686
2687    Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
2688
2689commit 8e56dd46cb37879c73bce2d6032cf5e7f82d5a71
2690Author: mmcc@openbsd.org <mmcc@openbsd.org>
2691Date:   Thu Dec 10 07:01:35 2015 +0000
2692
2693    upstream commit
2694
2695    Fix a couple "the the" typos. ok dtucker@
2696
2697    Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72
2698
2699commit 6262a0522ddc2c0f2e9358dcb68d59b46e9c533e
2700Author: markus@openbsd.org <markus@openbsd.org>
2701Date:   Mon Dec 7 20:04:09 2015 +0000
2702
2703    upstream commit
2704
2705    stricter encoding type checks for ssh-rsa; ok djm@
2706
2707    Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650
2708
2709commit d86a3ba7af160c13496102aed861ae48a4297072
2710Author: Damien Miller <djm@mindrot.org>
2711Date:   Wed Dec 9 09:18:45 2015 +1100
2712
2713    Don't set IPV6_V6ONLY on OpenBSD
2714
2715    It isn't necessary and runs afoul of pledge(2) restrictions.
2716
2717commit da98c11d03d819a15429d8fff9688acd7505439f
2718Author: djm@openbsd.org <djm@openbsd.org>
2719Date:   Mon Dec 7 02:20:46 2015 +0000
2720
2721    upstream commit
2722
2723    basic unit tests for rsa-sha2-* signature types
2724
2725    Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
2726
2727commit 3da893fdec9936dd2c23739cdb3c0c9d4c59fca0
2728Author: markus@openbsd.org <markus@openbsd.org>
2729Date:   Sat Dec 5 20:53:21 2015 +0000
2730
2731    upstream commit
2732
2733    prefer rsa-sha2-512 over -256 for hostkeys, too; noticed
2734     by naddy@
2735
2736    Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe
2737
2738commit 8b56e59714d87181505e4678f0d6d39955caf10e
2739Author: tobias@openbsd.org <tobias@openbsd.org>
2740Date:   Fri Dec 4 21:51:06 2015 +0000
2741
2742    upstream commit
2743
2744    Properly handle invalid %-format by calling fatal.
2745
2746    ok deraadt, djm
2747
2748    Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
2749
2750commit 76c9fbbe35aabc1db977fb78e827644345e9442e
2751Author: markus@openbsd.org <markus@openbsd.org>
2752Date:   Fri Dec 4 16:41:28 2015 +0000
2753
2754    upstream commit
2755
2756    implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
2757     (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
2758     draft-ssh-ext-info-04.txt; with & ok djm@
2759
2760    Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
2761
2762commit 6064a8b8295cb5a17b5ebcfade53053377714f40
2763Author: djm@openbsd.org <djm@openbsd.org>
2764Date:   Fri Dec 4 00:24:55 2015 +0000
2765
2766    upstream commit
2767
2768    clean up agent_fd handling; properly initialise it to -1
2769     and make tests consistent
2770
2771    ok markus@
2772
2773    Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
2774
2775commit b91926a97620f3e51761c271ba57aa5db790f48d
2776Author: semarie@openbsd.org <semarie@openbsd.org>
2777Date:   Thu Dec 3 17:00:18 2015 +0000
2778
2779    upstream commit
2780
2781    pledges ssh client:   - mux client: which is used when
2782     ControlMaster is in use.     will end with "stdio proc tty" (proc is to
2783     permit sending SIGWINCH to mux master on window resize)
2784
2785      - client loop: several levels of pledging depending of your used options
2786
2787    ok deraadt@
2788
2789    Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
2790
2791commit bcce47466bbc974636f588b5e4a9a18ae386f64a
2792Author: doug@openbsd.org <doug@openbsd.org>
2793Date:   Wed Dec 2 08:30:50 2015 +0000
2794
2795    upstream commit
2796
2797    Add "cpath" to the ssh-agent pledge so the cleanup
2798     handler can unlink().
2799
2800    ok djm@
2801
2802    Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
2803
2804commit a90d001543f46716b6590c6dcc681d5f5322f8cf
2805Author: djm@openbsd.org <djm@openbsd.org>
2806Date:   Wed Dec 2 08:00:58 2015 +0000
2807
2808    upstream commit
2809
2810    ssh-agent pledge needs proc for askpass; spotted by todd@
2811
2812    Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
2813
2814commit d952162b3c158a8f23220587bb6c8fcda75da551
2815Author: djm@openbsd.org <djm@openbsd.org>
2816Date:   Tue Dec 1 23:29:24 2015 +0000
2817
2818    upstream commit
2819
2820    basic pledge() for ssh-agent, more refinement needed
2821
2822    Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
2823
2824commit f0191d7c8e76e30551084b79341886d9bb38e453
2825Author: Damien Miller <djm@mindrot.org>
2826Date:   Mon Nov 30 10:53:25 2015 +1100
2827
2828    Revert "stub for pledge(2) for systems that lack it"
2829
2830    This reverts commit 14c887c8393adde2d9fd437d498be30f8c98535c.
2831
2832    dtucker beat me to it :/
2833
2834commit 6283cc72eb0e49a3470d30e07ca99a1ba9e89676
2835Author: Damien Miller <djm@mindrot.org>
2836Date:   Mon Nov 30 10:37:03 2015 +1100
2837
2838    revert 7d4c7513: bring back S/Key prototypes
2839
2840    (but leave RCSID changes)
2841
2842commit 14c887c8393adde2d9fd437d498be30f8c98535c
2843Author: Damien Miller <djm@mindrot.org>
2844Date:   Mon Nov 30 09:45:29 2015 +1100
2845
2846    stub for pledge(2) for systems that lack it
2847
2848commit 452c0b6af5d14c37553e30059bf74456012493f3
2849Author: djm@openbsd.org <djm@openbsd.org>
2850Date:   Sun Nov 29 22:18:37 2015 +0000
2851
2852    upstream commit
2853
2854    pledge, better fatal() messages; feedback deraadt@
2855
2856    Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
2857
2858commit 6da413c085dba37127687b2617a415602505729b
2859Author: deraadt@openbsd.org <deraadt@openbsd.org>
2860Date:   Sat Nov 28 06:50:52 2015 +0000
2861
2862    upstream commit
2863
2864    do not leak temp file if there is no known_hosts file
2865     from craig leres, ok djm
2866
2867    Upstream-ID: c820497fd5574844c782e79405c55860f170e426
2868
2869commit 3ddd15e1b63a4d4f06c8ab16fbdd8a5a61764f16
2870Author: Darren Tucker <dtucker@zip.com.au>
2871Date:   Mon Nov 30 07:23:53 2015 +1100
2872
2873    Add a null implementation of pledge.
2874
2875    Fixes builds on almost everything.
2876
2877commit b1d6b3971ef256a08692efc409fc9ada719111cc
2878Author: djm@openbsd.org <djm@openbsd.org>
2879Date:   Sat Nov 28 06:41:03 2015 +0000
2880
2881    upstream commit
2882
2883    don't include port number in tcpip-forward replies for
2884     requests that don't allocate a port; bz#2509 diagnosed by Ron Frederick ok
2885     markus
2886
2887    Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a
2888
2889commit 9080bd0b9cf10d0f13b1f642f20cb84285cb8d65
2890Author: deraadt@openbsd.org <deraadt@openbsd.org>
2891Date:   Fri Nov 27 00:49:31 2015 +0000
2892
2893    upstream commit
2894
2895    pledge "stdio rpath wpath cpath fattr tty proc exec"
2896     except for the -p option (which sadly has insane semantics...) ok semarie
2897     dtucker
2898
2899    Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059
2900
2901commit 4d90625b229cf6b3551d81550a9861897509a65f
2902Author: halex@openbsd.org <halex@openbsd.org>
2903Date:   Fri Nov 20 23:04:01 2015 +0000
2904
2905    upstream commit
2906
2907    allow comment change for all supported formats
2908
2909    ok djm@
2910
2911    Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
2912
2913commit 8ca915fc761519dd1f7766a550ec597a81db5646
2914Author: djm@openbsd.org <djm@openbsd.org>
2915Date:   Fri Nov 20 01:45:29 2015 +0000
2916
2917    upstream commit
2918
2919    add cast to make -Werror clean
2920
2921    Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d
2922
2923commit ac9473580dcd401f8281305af98635cdaae9bf96
2924Author: Damien Miller <djm@mindrot.org>
2925Date:   Fri Nov 20 12:35:41 2015 +1100
2926
2927    fix multiple authentication using S/Key w/ privsep
2928
2929    bz#2502, patch from Kevin Korb and feandil_
2930
2931commit 88b6fcdeb87a2fb76767854d9eb15006662dca57
2932Author: djm@openbsd.org <djm@openbsd.org>
2933Date:   Thu Nov 19 08:23:27 2015 +0000
2934
2935    upstream commit
2936
2937    ban ConnectionAttempts=0, it makes no sense and would cause
2938     ssh_connect_direct() to print an uninitialised stack variable; bz#2500
2939     reported by dvw AT phas.ubc.ca
2940
2941    Upstream-ID: 32b5134c608270583a90b93a07b3feb3cbd5f7d5
2942
2943commit 964ab3ee7a8f96bdbc963d5b5a91933d6045ebe7
2944Author: djm@openbsd.org <djm@openbsd.org>
2945Date:   Thu Nov 19 01:12:32 2015 +0000
2946
2947    upstream commit
2948
2949    trailing whitespace
2950
2951    Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
2952
2953commit f96516d052dbe38561f6b92b0e4365d8e24bb686
2954Author: djm@openbsd.org <djm@openbsd.org>
2955Date:   Thu Nov 19 01:09:38 2015 +0000
2956
2957    upstream commit
2958
2959    print host certificate contents at debug level
2960
2961    Upstream-ID: 39354cdd8a2b32b308fd03f98645f877f540f00d
2962
2963commit 499cf36fecd6040e30e2912dd25655bc574739a7
2964Author: djm@openbsd.org <djm@openbsd.org>
2965Date:   Thu Nov 19 01:08:55 2015 +0000
2966
2967    upstream commit
2968
2969    move the certificate validity formatting code to
2970     sshkey.[ch]
2971
2972    Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
2973
2974commit bcb7bc77bbb1535d1008c7714085556f3065d99d
2975Author: djm@openbsd.org <djm@openbsd.org>
2976Date:   Wed Nov 18 08:37:28 2015 +0000
2977
2978    upstream commit
2979
2980    fix "ssh-keygen -l" of private key, broken in support for
2981     multiple plain keys on stdin
2982
2983    Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d
2984
2985commit 259adb6179e23195c8f6913635ea71040d1ccd63
2986Author: millert@openbsd.org <millert@openbsd.org>
2987Date:   Mon Nov 16 23:47:52 2015 +0000
2988
2989    upstream commit
2990
2991    Replace remaining calls to index(3) with strchr(3).  OK
2992     jca@ krw@
2993
2994    Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d
2995
2996commit c56a255162c2166884539c0a1f7511575325b477
2997Author: djm@openbsd.org <djm@openbsd.org>
2998Date:   Mon Nov 16 22:53:07 2015 +0000
2999
3000    upstream commit
3001
3002    Allow fingerprinting from standard input "ssh-keygen -lf
3003     -"
3004
3005    Support fingerprinting multiple plain keys in a file and authorized_keys
3006    files too (bz#1319)
3007
3008    ok markus@
3009
3010    Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77
3011
3012commit 5b4010d9b923cf1b46c9c7b1887c013c2967e204
3013Author: djm@openbsd.org <djm@openbsd.org>
3014Date:   Mon Nov 16 22:51:05 2015 +0000
3015
3016    upstream commit
3017
3018    always call privsep_preauth_child() regardless of whether
3019     sshd was started by root; it does important priming before sandboxing and
3020     failing to call it could result in sandbox violations later; ok markus@
3021
3022    Upstream-ID: c8a6d0d56c42f3faab38460dc917ca0d1705d383
3023
3024commit 3a9f84b58b0534bbb485f1eeab75665e2d03371f
3025Author: djm@openbsd.org <djm@openbsd.org>
3026Date:   Mon Nov 16 22:50:01 2015 +0000
3027
3028    upstream commit
3029
3030    improve sshkey_read() semantics; only update *cpp when a
3031     key is successfully read; ok markus@
3032
3033    Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089
3034
3035commit db6f8dc5dd5655b59368efd074994d4568bc3556
3036Author: logan@openbsd.org <logan@openbsd.org>
3037Date:   Mon Nov 16 06:13:04 2015 +0000
3038
3039    upstream commit
3040
3041    1) Use xcalloc() instead of xmalloc() to check for
3042     potential overflow.    (Feedback from both mmcc@ and djm@) 2) move set_size
3043     just before the for loop. (suggested by djm@)
3044
3045    OK djm@
3046
3047    Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213
3048
3049commit 383f10fb84a0fee3c01f9d97594f3e22aa3cd5e0
3050Author: djm@openbsd.org <djm@openbsd.org>
3051Date:   Mon Nov 16 00:30:02 2015 +0000
3052
3053    upstream commit
3054
3055    Add a new authorized_keys option "restrict" that
3056     includes all current and future key restrictions (no-*-forwarding, etc). Also
3057     add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty".
3058     This simplifies the task of setting up restricted keys and ensures they are
3059     maximally-restricted, regardless of any permissions we might implement in the
3060     future.
3061
3062    Example:
3063
3064    restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1...
3065
3066    Idea from Jann Horn; ok markus@
3067
3068    Upstream-ID: 04ceb9d448e46e67e13887a7ae5ea45b4f1719d0
3069
3070commit e41a071f7bda6af1fb3f081bed0151235fa61f15
3071Author: jmc@openbsd.org <jmc@openbsd.org>
3072Date:   Sun Nov 15 23:58:04 2015 +0000
3073
3074    upstream commit
3075
3076    correct section number for ssh-agent;
3077
3078    Upstream-ID: 44be72fd8bcc167635c49b357b1beea8d5674bd6
3079
3080commit 1a11670286acddcc19f5eff0966c380831fc4638
3081Author: jmc@openbsd.org <jmc@openbsd.org>
3082Date:   Sun Nov 15 23:54:15 2015 +0000
3083
3084    upstream commit
3085
3086    do not confuse mandoc by presenting "Dd";
3087
3088    Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65
3089
3090commit f361df474c49a097bfcf16d1b7b5c36fcd844b4b
3091Author: jcs@openbsd.org <jcs@openbsd.org>
3092Date:   Sun Nov 15 22:26:49 2015 +0000
3093
3094    upstream commit
3095
3096    Add an AddKeysToAgent client option which can be set to
3097     'yes', 'no', 'ask', or 'confirm', and defaults to 'no'.  When enabled, a
3098     private key that is used during authentication will be added to ssh-agent if
3099     it is running (with confirmation enabled if set to 'confirm').
3100
3101    Initial version from Joachim Schipper many years ago.
3102
3103    ok markus@
3104
3105    Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
3106
3107commit d87063d9baf5479b6e813d47dfb694a97df6f6f5
3108Author: djm@openbsd.org <djm@openbsd.org>
3109Date:   Fri Nov 13 04:39:35 2015 +0000
3110
3111    upstream commit
3112
3113    send SSH2_MSG_UNIMPLEMENTED replies to unexpected
3114     messages during KEX; bz#2949, ok dtucker@
3115
3116    Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786
3117
3118commit 9fd04681a1e9b0af21e08ff82eb674cf0a499bfc
3119Author: djm@openbsd.org <djm@openbsd.org>
3120Date:   Fri Nov 13 04:38:06 2015 +0000
3121
3122    upstream commit
3123
3124    Support "none" as an argument for sshd_config
3125     ForceCommand and ChrootDirectory. Useful inside Match blocks to override a
3126     global default. bz#2486 ok dtucker@
3127
3128    Upstream-ID: 7ef478d6592bc7db5c7376fc33b4443e63dccfa5
3129
3130commit 94bc0b72c29e511cbbc5772190d43282e5acfdfe
3131Author: djm@openbsd.org <djm@openbsd.org>
3132Date:   Fri Nov 13 04:34:15 2015 +0000
3133
3134    upstream commit
3135
3136    support multiple certificates (one per line) and
3137     reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@
3138
3139    Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db
3140
3141commit b6b9108f5b561c83612cb97ece4134eb59fde071
3142Author: djm@openbsd.org <djm@openbsd.org>
3143Date:   Fri Nov 13 02:57:46 2015 +0000
3144
3145    upstream commit
3146
3147    list a couple more options usable in Match blocks;
3148     bz#2489
3149
3150    Upstream-ID: e4d03f39d254db4c0cc54101921bb89fbda19879
3151
3152commit a7994b3f5a5a5a33b52b0a6065d08e888f0a99fb
3153Author: djm@openbsd.org <djm@openbsd.org>
3154Date:   Wed Nov 11 04:56:39 2015 +0000
3155
3156    upstream commit
3157
3158    improve PEEK/POKE macros: better casts, don't multiply
3159     evaluate arguments; ok deraadt@
3160
3161    Upstream-ID: 9a1889e19647615ededbbabab89064843ba92d3e
3162
3163commit 7d4c7513a7f209cb303a608ac6e46b3f1dfc11ec
3164Author: djm@openbsd.org <djm@openbsd.org>
3165Date:   Wed Nov 11 01:48:01 2015 +0000
3166
3167    upstream commit
3168
3169    remove prototypes for long-gone s/key support; ok
3170     dtucker@
3171
3172    Upstream-ID: db5bed3c57118af986490ab23d399df807359a79
3173
3174commit 07889c75926c040b8e095949c724e66af26441cb
3175Author: Damien Miller <djm@mindrot.org>
3176Date:   Sat Nov 14 18:44:49 2015 +1100
3177
3178    read back from libcrypto RAND when privdropping
3179
3180    makes certain libcrypto implementations cache a /dev/urandom fd
3181    in preparation of sandboxing. Based on patch by Greg Hartman.
3182
3183commit 1560596f44c01bb0cef977816410950ed17b8ecd
3184Author: Darren Tucker <dtucker@zip.com.au>
3185Date:   Tue Nov 10 11:14:47 2015 +1100
3186
3187    Fix compiler warnings in the openssl header check.
3188
3189    Noted by Austin English.
3190
3191commit e72a8575ffe1d8adff42c9abe9ca36938acc036b
3192Author: jmc@openbsd.org <jmc@openbsd.org>
3193Date:   Sun Nov 8 23:24:03 2015 +0000
3194
3195    upstream commit
3196
3197    -c before -H, in SYNOPSIS and usage();
3198
3199    Upstream-ID: 25e8c58a69e1f37fcd54ac2cd1699370acb5e404
3200
3201commit 3a424cdd21db08c7b0ded902f97b8f02af5aa485
3202Author: djm@openbsd.org <djm@openbsd.org>
3203Date:   Sun Nov 8 22:30:20 2015 +0000
3204
3205    upstream commit
3206
3207    Add "ssh-keyscan -c ..." flag to allow fetching
3208     certificates instead of plain keys; ok markus@
3209
3210    Upstream-ID: 0947e2177dba92339eced9e49d3c5bf7dda69f82
3211
3212commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346
3213Author: jmc@openbsd.org <jmc@openbsd.org>
3214Date:   Sun Nov 8 22:08:38 2015 +0000
3215
3216    upstream commit
3217
3218    remove slogin links; ok deraadt markus djm
3219
3220    Upstream-ID: 39ba08548acde4c54f2d4520c202c2a863a3c730
3221
3222commit 2fecfd486bdba9f51b3a789277bb0733ca36e1c0
3223Author: djm@openbsd.org <djm@openbsd.org>
3224Date:   Sun Nov 8 21:59:11 2015 +0000
3225
3226    upstream commit
3227
3228    fix OOB read in packet code caused by missing return
3229     statement found by Ben Hawkes; ok markus@ deraadt@
3230
3231    Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62
3232
3233commit 5e288923a303ca672b686908320bc5368ebec6e6
3234Author: mmcc@openbsd.org <mmcc@openbsd.org>
3235Date:   Fri Nov 6 00:31:41 2015 +0000
3236
3237    upstream commit
3238
3239    1. rlogin and rsh are long gone 2. protocol version isn't
3240     of core relevance here, and v1 is going away
3241
3242    ok markus@, deraadt@
3243
3244    Upstream-ID: 8b46bc94cf1ca7c8c1a75b1c958b2bb38d7579c8
3245
3246commit 8b29008bbe97f33381d9b4b93fcfa304168d0286
3247Author: jmc@openbsd.org <jmc@openbsd.org>
3248Date:   Thu Nov 5 09:48:05 2015 +0000
3249
3250    upstream commit
3251
3252    "commandline" -> "command line", since there are so few
3253     examples of the former in the pages, so many of the latter, and in some of
3254     these pages we had multiple spellings;
3255
3256    prompted by tj
3257
3258    Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659
3259
3260commit 996b24cebf20077fbe5db07b3a2c20c2d9db736e
3261Author: Darren Tucker <dtucker@zip.com.au>
3262Date:   Thu Oct 29 20:57:34 2015 +1100
3263
3264    (re)wrap SYS_sendsyslog in ifdef.
3265
3266    Replace ifdef that went missing in commit
3267    c61b42f2678f21f05653ac2d3d241b48ab5d59ac.  Fixes build on older
3268    OpenBSDs.
3269
3270commit b67e2e76fcf1ae7c802eb27ca927e16c91a513ff
3271Author: djm@openbsd.org <djm@openbsd.org>
3272Date:   Thu Oct 29 08:05:17 2015 +0000
3273
3274    upstream commit
3275
3276    regress test for "PubkeyAcceptedKeyTypes +..." inside a
3277     Match block
3278
3279    Upstream-Regress-ID: 246c37ed64a2e5704d4c158ccdca1ff700e10647
3280
3281commit abd9dbc3c0d8c8c7561347cfa22166156e78c077
3282Author: dtucker@openbsd.org <dtucker@openbsd.org>
3283Date:   Mon Oct 26 02:50:58 2015 +0000
3284
3285    upstream commit
3286
3287    Fix typo certopt->certopts in shell variable.  This would
3288     cause the test to hang at a host key prompt if you have an A or CNAME for
3289     "proxy" in your local domain.
3290
3291    Upstream-Regress-ID: 6ea03bcd39443a83c89e2c5606392ceb9585836a
3292
3293commit ed08510d38aef930a061ae30d10f2a9cf233bafa
3294Author: djm@openbsd.org <djm@openbsd.org>
3295Date:   Thu Oct 29 08:05:01 2015 +0000
3296
3297    upstream commit
3298
3299    Fix "PubkeyAcceptedKeyTypes +..." inside a Match block;
3300     ok dtucker@
3301
3302    Upstream-ID: 853662c4036730b966aab77684390c47b9738c69
3303
3304commit a4aef3ed29071719b2af82fdf1ac3c2514f82bc5
3305Author: djm@openbsd.org <djm@openbsd.org>
3306Date:   Tue Oct 27 08:54:52 2015 +0000
3307
3308    upstream commit
3309
3310    fix execv arguments in a way less likely to cause grief
3311     for -portable; ok dtucker@
3312
3313    Upstream-ID: 5902bf0ea0371f39f1300698dc3b8e4105fc0fc5
3314
3315commit 63d188175accea83305e89fafa011136ff3d96ad
3316Author: djm@openbsd.org <djm@openbsd.org>
3317Date:   Tue Oct 27 01:44:45 2015 +0000
3318
3319    upstream commit
3320
3321    log certificate serial in verbose() messages to match the
3322     main auth success/fail message; ok dtucker@
3323
3324    Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288
3325
3326commit 2aaba0cfd560ecfe92aa50c00750e6143842cf1f
3327Author: djm@openbsd.org <djm@openbsd.org>
3328Date:   Tue Oct 27 00:49:53 2015 +0000
3329
3330    upstream commit
3331
3332    avoid de-const warning & shrink; ok dtucker@
3333
3334    Upstream-ID: 69a85ef94832378952a22c172009cbf52aaa11db
3335
3336commit 03239c18312b9bab7d1c3b03062c61e8bbc1ca6e
3337Author: dtucker@openbsd.org <dtucker@openbsd.org>
3338Date:   Sun Oct 25 23:42:00 2015 +0000
3339
3340    upstream commit
3341
3342    Expand tildes in filenames passed to -i before checking
3343     whether or not the identity file exists.  This means that if the shell
3344     doesn't do the expansion (eg because the option and filename were given as a
3345     single argument) then we'll still add the key.  bz#2481, ok markus@
3346
3347    Upstream-ID: db1757178a14ac519e9a3e1a2dbd21113cb3bfc6
3348
3349commit 97e184e508dd33c37860c732c0eca3fc57698b40
3350Author: dtucker@openbsd.org <dtucker@openbsd.org>
3351Date:   Sun Oct 25 23:14:03 2015 +0000
3352
3353    upstream commit
3354
3355    Do not prepend "exec" to the shell command run by "Match
3356     exec" in a config file.  It's an unnecessary optimization from repurposed
3357     ProxyCommand code and prevents some things working with some shells.
3358     bz#2471, pointed out by res at qoxp.net.  ok markus@
3359
3360    Upstream-ID: a1ead25ae336bfa15fb58d8c6b5589f85b4c33a3
3361
3362commit 8db134e7f457bcb069ec72bc4ee722e2af557c69
3363Author: Darren Tucker <dtucker@zip.com.au>
3364Date:   Thu Oct 29 10:48:23 2015 +1100
3365
3366    Prevent name collisions with system glob (bz#2463)
3367
3368    Move glob.h from includes.h to the only caller (sftp) and override the
3369    names for the symbols.  This prevents name collisions with the system glob
3370    in the case where something other than ssh uses it (eg kerberos).  With
3371    jjelen at redhat.com, ok djm@
3372
3373commit 86c10dbbef6a5800d2431a66cf7f41a954bb62b5
3374Author: dtucker@openbsd.org <dtucker@openbsd.org>
3375Date:   Fri Oct 23 02:22:01 2015 +0000
3376
3377    upstream commit
3378
3379    Update expected group sizes to match recent code changes.
3380
3381    Upstream-Regress-ID: 0004f0ea93428969fe75bcfff0d521c553977794
3382
3383commit 9ada37d36003a77902e90a3214981e417457cf13
3384Author: djm@openbsd.org <djm@openbsd.org>
3385Date:   Sat Oct 24 22:56:19 2015 +0000
3386
3387    upstream commit
3388
3389    fix keyscan output for multiple hosts/addrs on one line
3390     when host hashing or a non standard port is in use; bz#2479 ok dtucker@
3391
3392    Upstream-ID: 5321dabfaeceba343da3c8a8b5754c6f4a0a307b
3393
3394commit 44fc7cd7dcef6c52c6b7e9ff830dfa32879bd319
3395Author: djm@openbsd.org <djm@openbsd.org>
3396Date:   Sat Oct 24 22:52:22 2015 +0000
3397
3398    upstream commit
3399
3400    skip "Could not chdir to home directory" message when
3401     chrooted
3402
3403    patch from Christian Hesse in bz#2485 ok dtucker@
3404
3405    Upstream-ID: 86783c1953da426dff5b03b03ce46e699d9e5431
3406
3407commit a820a8618ec44735dabc688fab96fba38ad66bb2
3408Author: sthen@openbsd.org <sthen@openbsd.org>
3409Date:   Sat Oct 24 08:34:09 2015 +0000
3410
3411    upstream commit
3412
3413    Handle the split of tun(4) "link0" into tap(4) in ssh
3414     tun-forwarding. Adapted from portable (using separate devices for this is the
3415     normal case in most OS). ok djm@
3416
3417    Upstream-ID: 90facf4c59ce73d6741db1bc926e578ef465cd39
3418
3419commit 66d2e229baa9fe57b868c373b05f7ff3bb20055b
3420Author: gsoares@openbsd.org <gsoares@openbsd.org>
3421Date:   Wed Oct 21 11:33:03 2015 +0000
3422
3423    upstream commit
3424
3425    fix memory leak in error path ok djm@
3426
3427    Upstream-ID: dd2f402b0a0029b755df029fc7f0679e1365ce35
3428
3429commit 7d6c0362039ceacdc1366b5df29ad5d2693c13e5
3430Author: mmcc@openbsd.org <mmcc@openbsd.org>
3431Date:   Tue Oct 20 23:24:25 2015 +0000
3432
3433    upstream commit
3434
3435    Compare pointers to NULL rather than 0.
3436
3437    ok djm@
3438
3439    Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8
3440
3441commit f98a09cacff7baad8748c9aa217afd155a4d493f
3442Author: mmcc@openbsd.org <mmcc@openbsd.org>
3443Date:   Tue Oct 20 03:36:35 2015 +0000
3444
3445    upstream commit
3446
3447    Replace a function-local allocation with stack memory.
3448
3449    ok djm@
3450
3451    Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e
3452
3453commit ac908c1eeacccfa85659594d92428659320fd57e
3454Author: Damien Miller <djm@mindrot.org>
3455Date:   Thu Oct 22 09:35:24 2015 +1100
3456
3457    turn off PrintLastLog when --disable-lastlog
3458
3459    bz#2278 from Brent Paulson
3460
3461commit b56deb847f4a0115a8bf488bf6ee8524658162fd
3462Author: djm@openbsd.org <djm@openbsd.org>
3463Date:   Fri Oct 16 22:32:22 2015 +0000
3464
3465    upstream commit
3466
3467    increase the minimum modulus that we will send or accept in
3468     diffie-hellman-group-exchange to 2048 bits; ok markus@
3469
3470    Upstream-ID: 06dce7a24c17b999a0f5fadfe95de1ed6a1a9b6a
3471
3472commit 5ee0063f024bf5b3f3ffb275b8cd20055d62b4b9
3473Author: djm@openbsd.org <djm@openbsd.org>
3474Date:   Fri Oct 16 18:40:49 2015 +0000
3475
3476    upstream commit
3477
3478    better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in
3479     hostname canonicalisation - treat them as already canonical and remove the
3480     trailing '.' before matching ssh_config; ok markus@
3481
3482    Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a
3483
3484commit e92c499a75477ecfe94dd7b4aed89f20b1fac5a7
3485Author: mmcc@openbsd.org <mmcc@openbsd.org>
3486Date:   Fri Oct 16 17:07:24 2015 +0000
3487
3488    upstream commit
3489
3490    0 -> NULL when comparing with a char*.
3491
3492    ok dtucker@, djm@.
3493
3494    Upstream-ID: a928e9c21c0a9020727d99738ff64027c1272300
3495
3496commit b1d38a3cc6fe349feb8d16a5f520ef12d1de7cb2
3497Author: djm@openbsd.org <djm@openbsd.org>
3498Date:   Thu Oct 15 23:51:40 2015 +0000
3499
3500    upstream commit
3501
3502    fix some signed/unsigned integer type mismatches in
3503     format strings; reported by Nicholas Lemonias
3504
3505    Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c
3506
3507commit 1a2663a15d356bb188196b6414b4c50dc12fd42b
3508Author: djm@openbsd.org <djm@openbsd.org>
3509Date:   Thu Oct 15 23:08:23 2015 +0000
3510
3511    upstream commit
3512
3513    argument to sshkey_from_private() and sshkey_demote()
3514     can't be NULL
3515
3516    Upstream-ID: 0111245b1641d387977a9b38da15916820a5fd1f
3517
3518commit 0f754e29dd3760fc0b172c1220f18b753fb0957e
3519Author: Damien Miller <djm@mindrot.org>
3520Date:   Fri Oct 16 10:53:14 2015 +1100
3521
3522    need va_copy before va_start
3523
3524    reported by Nicholas Lemonias
3525
3526commit eb6c50d82aa1f0d3fc95f5630ea69761e918bfcd
3527Author: Damien Miller <djm@mindrot.org>
3528Date:   Thu Oct 15 15:48:28 2015 -0700
3529
3530    fix compilation on systems without SYMLOOP_MAX
3531
3532commit fafe1d84a210fb3dae7744f268059cc583db8c12
3533Author: Damien Miller <djm@mindrot.org>
3534Date:   Wed Oct 14 09:22:15 2015 -0700
3535
3536    s/SANDBOX_TAME/SANDBOX_PLEDGE/g
3537
3538commit 8f22911027ff6c17d7226d232ccd20727f389310
3539Author: Damien Miller <djm@mindrot.org>
3540Date:   Wed Oct 14 08:28:19 2015 +1100
3541
3542    upstream commit
3543
3544    revision 1.20
3545    date: 2015/10/13 20:55:37;  author: millert;  state: Exp;  lines: +2 -2;  commitid: X39sl5ay1czgFIgp;
3546    In rev 1.15 the sizeof argument was fixed in a strlcat() call but
3547    the truncation check immediately following it was not updated to
3548    match.  Not an issue in practice since the buffers are the same
3549    size.  OK deraadt@
3550
3551commit 23fa695bb735f54f04d46123662609edb6c76767
3552Author: Damien Miller <djm@mindrot.org>
3553Date:   Wed Oct 14 08:27:51 2015 +1100
3554
3555    upstream commit
3556
3557    revision 1.19
3558    date: 2015/01/16 16:48:51;  author: deraadt;  state: Exp;  lines: +3 -3;  commitid: 0DYulI8hhujBHMcR;
3559    Move to the <limits.h> universe.
3560    review by millert, binary checking process with doug, concept with guenther
3561
3562commit c71be375a69af00c2d0a0c24d8752bec12d8fd1b
3563Author: Damien Miller <djm@mindrot.org>
3564Date:   Wed Oct 14 08:27:08 2015 +1100
3565
3566    upstream commit
3567
3568    revision 1.18
3569    date: 2014/10/19 03:56:28;  author: doug;  state: Exp;  lines: +9 -9;  commitid: U6QxmtbXrGoc02S5;
3570    Revert last commit due to changed semantics found by make release.
3571
3572commit c39ad23b06e9aecc3ff788e92f787a08472905b1
3573Author: Damien Miller <djm@mindrot.org>
3574Date:   Wed Oct 14 08:26:24 2015 +1100
3575
3576    upstream commit
3577
3578    revision 1.17
3579    date: 2014/10/18 20:43:52;  author: doug;  state: Exp;  lines: +10 -10;  commitid: I74hI1tVZtsspKEt;
3580    Better POSIX compliance in realpath(3).
3581
3582    millert@ made changes to realpath.c based on FreeBSD's version.  I merged
3583    Todd's changes into dl_realpath.c.
3584
3585    ok millert@, guenther@
3586
3587commit e929a43f957dbd1254aca2aaf85c8c00cbfc25f4
3588Author: Damien Miller <djm@mindrot.org>
3589Date:   Wed Oct 14 08:25:55 2015 +1100
3590
3591    upstream commit
3592
3593    revision 1.16
3594    date: 2013/04/05 12:59:54;  author: kurt;  state: Exp;  lines: +3 -1;
3595    - Add comments regarding copies of these files also in libexec/ld.so
3596    okay guenther@
3597
3598commit 5225db68e58a1048cb17f0e36e0d33bc4a8fc410
3599Author: Damien Miller <djm@mindrot.org>
3600Date:   Wed Oct 14 08:25:32 2015 +1100
3601
3602    upstream commit
3603
3604    revision 1.15
3605    date: 2012/09/13 15:39:05;  author: deraadt;  state: Exp;  lines: +2 -2;
3606    specify the bounds of the dst to strlcat (both values were static and
3607    equal, but it is more correct)
3608    from Michal Mazurek
3609
3610commit 7365fe5b4859de2305e40ea132da3823830fa710
3611Author: Damien Miller <djm@mindrot.org>
3612Date:   Wed Oct 14 08:25:09 2015 +1100
3613
3614    upstream commit
3615
3616    revision 1.14
3617    date: 2011/07/24 21:03:00;  author: miod;  state: Exp;  lines: +35 -13;
3618    Recent Single Unix will malloc memory if the second argument of realpath()
3619    is NULL, and third-party software is starting to rely upon this.
3620    Adapted from FreeBSD via Jona Joachim (jaj ; hcl-club , .lu), with minor
3621    tweaks from nicm@ and yours truly.
3622
3623commit e679c09cd1951f963793aa3d9748d1c3fdcf808f
3624Author: djm@openbsd.org <djm@openbsd.org>
3625Date:   Tue Oct 13 16:15:21 2015 +0000
3626
3627    upstream commit
3628
3629    apply PubkeyAcceptedKeyTypes filtering earlier, so all
3630     skipped keys are noted before pubkey authentication starts. ok dtucker@
3631
3632    Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8
3633
3634commit 179c353f564ec7ada64b87730b25fb41107babd7
3635Author: djm@openbsd.org <djm@openbsd.org>
3636Date:   Tue Oct 13 00:21:27 2015 +0000
3637
3638    upstream commit
3639
3640    free the correct IV length, don't assume it's always the
3641     cipher blocksize; ok dtucker@
3642
3643    Upstream-ID: c260d9e5ec73628d9ff4b067fbb060eff5a7d298
3644
3645commit 2539dce2a049a8f6bb0d44cac51f07ad48e691d3
3646Author: deraadt@openbsd.org <deraadt@openbsd.org>
3647Date:   Fri Oct 9 01:37:08 2015 +0000
3648
3649    upstream commit
3650
3651    Change all tame callers to namechange to pledge(2).
3652
3653    Upstream-ID: 17e654fc27ceaf523c60f4ffd9ec7ae4e7efc7f2
3654
3655commit 9846a2f4067383bb76b4e31a9d2303e0a9c13a73
3656Author: Damien Miller <djm@mindrot.org>
3657Date:   Thu Oct 8 04:30:48 2015 +1100
3658
3659    hook tame(2) sandbox up to build
3660
3661    OpenBSD only for now
3662
3663commit 0c46bbe68b70bdf0d6d20588e5847e71f3739fe6
3664Author: djm@openbsd.org <djm@openbsd.org>
3665Date:   Wed Oct 7 15:59:12 2015 +0000
3666
3667    upstream commit
3668
3669    include PubkeyAcceptedKeyTypes in ssh -G config dump
3670
3671    Upstream-ID: 6c097ce6ffebf6fe393fb7988b5d152a5d6b36bb
3672
3673commit bdcb73fb7641b1cf73c0065d1a0dd57b1e8b778e
3674Author: sobrado@openbsd.org <sobrado@openbsd.org>
3675Date:   Wed Oct 7 14:45:30 2015 +0000
3676
3677    upstream commit
3678
3679    UsePrivilegeSeparation defaults to sandbox now.
3680
3681    ok djm@
3682
3683    Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f
3684
3685commit 2905d6f99c837bb699b6ebc61711b19acd030709
3686Author: djm@openbsd.org <djm@openbsd.org>
3687Date:   Wed Oct 7 00:54:06 2015 +0000
3688
3689    upstream commit
3690
3691    don't try to change tun device flags if they are already
3692     what we need; makes it possible to use tun/tap networking as non- root user
3693     if device permissions and interface flags are pre-established; based on patch
3694     by Ossi Herrala
3695
3696    Upstream-ID: 89099ac4634cd477b066865acf54cb230780fd21
3697
3698commit 0dc74512bdb105b048883f07de538b37e5e024d4
3699Author: Damien Miller <djm@mindrot.org>
3700Date:   Mon Oct 5 18:33:05 2015 -0700
3701
3702    unbreak merge botch
3703
3704commit fdd020e86439afa7f537e2429d29d4b744c94331
3705Author: djm@openbsd.org <djm@openbsd.org>
3706Date:   Tue Oct 6 01:20:59 2015 +0000
3707
3708    upstream commit
3709
3710    adapt to recent sshkey_parse_private_fileblob() API
3711     change
3712
3713    Upstream-Regress-ID: 5c0d818da511e33e0abf6a92a31bd7163b7ad988
3714
3715commit 21ae8ee3b630b0925f973db647a1b9aa5fcdd4c5
3716Author: djm@openbsd.org <djm@openbsd.org>
3717Date:   Thu Sep 24 07:15:39 2015 +0000
3718
3719    upstream commit
3720
3721    fix command-line option to match what was actually
3722     committed
3723
3724    Upstream-Regress-ID: 3e8c24a2044e8afd37e7ce17b69002ca817ac699
3725
3726commit e14ac43b75e68f1ffbd3e1a5e44143c8ae578dcd
3727Author: djm@openbsd.org <djm@openbsd.org>
3728Date:   Thu Sep 24 06:16:53 2015 +0000
3729
3730    upstream commit
3731
3732    regress test for CertificateFile; patch from Meghana Bhat
3733     via bz#2436
3734
3735    Upstream-Regress-ID: e7a6e980cbe0f8081ba2e83de40d06c17be8bd25
3736
3737commit 905b054ed24e0d5b4ef226ebf2c8bfc02ae6d4ad
3738Author: djm@openbsd.org <djm@openbsd.org>
3739Date:   Mon Oct 5 17:11:21 2015 +0000
3740
3741    upstream commit
3742
3743    some more bzero->explicit_bzero, from Michael McConville
3744
3745    Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0
3746
3747commit b007159a0acdbcf65814b3ee05dbe2cf4ea46011
3748Author: deraadt@openbsd.org <deraadt@openbsd.org>
3749Date:   Fri Oct 2 15:52:55 2015 +0000
3750
3751    upstream commit
3752
3753    fix email
3754
3755    Upstream-ID: 72150f2d54b94de14ebef1ea054ef974281bf834
3756
3757commit b19e1b4ab11884c4f62aee9f8ab53127a4732658
3758Author: deraadt@openbsd.org <deraadt@openbsd.org>
3759Date:   Fri Oct 2 01:39:52 2015 +0000
3760
3761    upstream commit
3762
3763    a sandbox using tame ok djm
3764
3765    Upstream-ID: 4ca24e47895e72f5daaa02f3e3d3e5ca2d820fa3
3766
3767commit c61b42f2678f21f05653ac2d3d241b48ab5d59ac
3768Author: deraadt@openbsd.org <deraadt@openbsd.org>
3769Date:   Fri Oct 2 01:39:26 2015 +0000
3770
3771    upstream commit
3772
3773    re-order system calls in order of risk, ok i'll be
3774     honest, ordered this way they look like tame... ok djm
3775
3776    Upstream-ID: 42a1e6d251fd8be13c8262bee026059ae6328813
3777
3778commit c5f7c0843cb6e6074a93c8ac34e49ce33a6f5546
3779Author: jmc@openbsd.org <jmc@openbsd.org>
3780Date:   Fri Sep 25 18:19:54 2015 +0000
3781
3782    upstream commit
3783
3784    some certificatefile tweaks; ok djm
3785
3786    Upstream-ID: 0e5a7852c28c05fc193419cc7e50e64c1c535af0
3787
3788commit 4e44a79a07d4b88b6a4e5e8c1bed5f58c841b1b8
3789Author: djm@openbsd.org <djm@openbsd.org>
3790Date:   Thu Sep 24 06:15:11 2015 +0000
3791
3792    upstream commit
3793
3794    add ssh_config CertificateFile option to explicitly list
3795     a certificate; patch from Meghana Bhat on bz#2436; ok markus@
3796
3797    Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8
3798
3799commit e3cbb06ade83c72b640a53728d362bbefa0008e2
3800Author: sobrado@openbsd.org <sobrado@openbsd.org>
3801Date:   Tue Sep 22 08:33:23 2015 +0000
3802
3803    upstream commit
3804
3805    fix two typos.
3806
3807    Upstream-ID: 424402c0d8863a11b51749bacd7f8d932083b709
3808
3809commit 8408218c1ca88cb17d15278174a24a94a6f65fe1
3810Author: djm@openbsd.org <djm@openbsd.org>
3811Date:   Mon Sep 21 04:31:00 2015 +0000
3812
3813    upstream commit
3814
3815    fix possible hang on closed output; bz#2469 reported by Tomas
3816     Kuthan ok markus@
3817
3818    Upstream-ID: f7afd41810f8540f524284f1be6b970859f94fe3
3819
3820commit 0097248f90a00865082e8c146b905a6555cc146f
3821Author: djm@openbsd.org <djm@openbsd.org>
3822Date:   Fri Sep 11 04:55:01 2015 +0000
3823
3824    upstream commit
3825
3826    skip if running as root; many systems (inc OpenBSD) allow
3827     root to ptrace arbitrary processes
3828
3829    Upstream-Regress-ID: be2b925df89360dff36f972951fa0fa793769038
3830
3831commit 9c06c814aff925e11a5cc592c06929c258a014f6
3832Author: djm@openbsd.org <djm@openbsd.org>
3833Date:   Fri Sep 11 03:44:21 2015 +0000
3834
3835    upstream commit
3836
3837    try all supported key types here; bz#2455 reported by
3838     Jakub Jelen
3839
3840    Upstream-Regress-ID: 188cb7d9031cdbac3a0fa58b428b8fa2b2482bba
3841
3842commit 3c019a936b43f3e2773f3edbde7c114d73caaa4c
3843Author: tim@openbsd.org <tim@openbsd.org>
3844Date:   Sun Sep 13 14:39:16 2015 +0000
3845
3846    upstream commit
3847
3848    - Fix error message: passphrase needs to be at least 5
3849     characters, not 4. - Remove unused function argument. - Remove two
3850     unnecessary variables.
3851
3852    OK djm@
3853
3854    Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
3855
3856commit 2681cdb6e0de7c1af549dac37a9531af202b4434
3857Author: tim@openbsd.org <tim@openbsd.org>
3858Date:   Sun Sep 13 13:48:19 2015 +0000
3859
3860    upstream commit
3861
3862    When adding keys to the agent, don't ignore the comment
3863     of keys for which the user is prompted for a passphrase.
3864
3865    Tweak and OK djm@
3866
3867    Upstream-ID: dc737c620a5a8d282cc4f66e3b9b624e9abefbec
3868
3869commit 14692f7b8251cdda847e648a82735eef8a4d2a33
3870Author: guenther@openbsd.org <guenther@openbsd.org>
3871Date:   Fri Sep 11 08:50:04 2015 +0000
3872
3873    upstream commit
3874
3875    Use explicit_bzero() when zeroing before free()
3876
3877    from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu)
3878    ok millert@ djm@
3879
3880    Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50
3881
3882commit 846f6fa4cfa8483a9195971dbdd162220f199d85
3883Author: jmc@openbsd.org <jmc@openbsd.org>
3884Date:   Fri Sep 11 06:55:46 2015 +0000
3885
3886    upstream commit
3887
3888    sync -Q in usage() to SYNOPSIS; since it's drastically
3889     shorter, i've reformatted the block to sync with the man (80 cols) and saved
3890     a line;
3891
3892    Upstream-ID: 86e2c65c3989a0777a6258a77e589b9f6f354abd
3893
3894commit 95923e0520a8647417ee6dcdff44694703dfeef0
3895Author: jmc@openbsd.org <jmc@openbsd.org>
3896Date:   Fri Sep 11 06:51:39 2015 +0000
3897
3898    upstream commit
3899
3900    tweak previous;
3901
3902    Upstream-ID: f29b3cfcfd9aa31fa140c393e7bd48c1c74139d6
3903
3904commit 86ac462f833b05d8ed9de9c50ccb295d7faa79ff
3905Author: dtucker@openbsd.org <dtucker@openbsd.org>
3906Date:   Fri Sep 11 05:27:02 2015 +0000
3907
3908    upstream commit
3909
3910    Update usage to match man page.
3911
3912    Upstream-ID: 9e85aefaecfb6aaf34c7cfd0700cd21783a35675
3913
3914commit 674b3b68c1d36b2562324927cd03857b565e05e8
3915Author: djm@openbsd.org <djm@openbsd.org>
3916Date:   Fri Sep 11 03:47:28 2015 +0000
3917
3918    upstream commit
3919
3920    expand %i in ControlPath to UID; bz#2449
3921
3922    patch from Christian Hesse w/ feedback from dtucker@
3923
3924    Upstream-ID: 2ba8d303e555a84e2f2165ab4b324b41e80ab925
3925
3926commit c0f55db7ee00c8202b05cb4b9ad4ce72cc45df41
3927Author: djm@openbsd.org <djm@openbsd.org>
3928Date:   Fri Sep 11 03:42:32 2015 +0000
3929
3930    upstream commit
3931
3932    mention -Q key-plain and -Q key-cert; bz#2455 pointed out
3933     by Jakub Jelen
3934
3935    Upstream-ID: c8f1f8169332e4fa73ac96b0043e3b84e01d4896
3936
3937commit cfffbdb10fdf0f02d3f4232232eef7ec3876c383
3938Author: Darren Tucker <dtucker@zip.com.au>
3939Date:   Mon Sep 14 16:24:21 2015 +1000
3940
3941    Use ssh-keygen -A when generating host keys.
3942
3943    Use ssh-keygen -A instead of per-keytype invocations when generating host
3944    keys.  Add tests when doing host-key-force since we can't use ssh-keygen -A
3945    since it can't specify alternate locations.  bz#2459, ok djm@
3946
3947commit 366bada1e9e124654aac55b72b6ccf878755b0dc
3948Author: Darren Tucker <dtucker@zip.com.au>
3949Date:   Fri Sep 11 13:29:22 2015 +1000
3950
3951    Correct default value for --with-ssh1.
3952
3953    bz#2457, from konto-mindrot.org at walimnieto.com.
3954
3955commit 2bca8a43e7dd9b04d7070824ffebb823c72587b2
3956Author: djm@openbsd.org <djm@openbsd.org>
3957Date:   Fri Sep 11 03:13:36 2015 +0000
3958
3959    upstream commit
3960
3961    more clarity on what AuthorizedKeysFile=none does; based
3962     on diff by Thiebaud Weksteen
3963
3964    Upstream-ID: 78ab87f069080f0cc3bc353bb04eddd9e8ad3704
3965
3966commit 61942ea4a01e6db4fdf37ad61de81312ffe310e9
3967Author: djm@openbsd.org <djm@openbsd.org>
3968Date:   Wed Sep 9 00:52:44 2015 +0000
3969
3970    upstream commit
3971
3972    openssh_RSA_verify return type is int, so don't make it
3973     size_t within the function itself with only negative numbers or zero assigned
3974     to it. bz#2460
3975
3976    Upstream-ID: b6e794b0c7fc4f9f329509263c8668d35f83ea55
3977
3978commit 4f7cc2f8cc861a21e6dbd7f6c25652afb38b9b96
3979Author: dtucker@openbsd.org <dtucker@openbsd.org>
3980Date:   Fri Sep 4 08:21:47 2015 +0000
3981
3982    upstream commit
3983
3984    Plug minor memory leaks when options are used more than
3985     once.  bz#2182, patch from Tiago Cunha, ok deraadt djm
3986
3987    Upstream-ID: 5b84d0401e27fe1614c10997010cc55933adb48e
3988
3989commit 7ad8b287c8453a3e61dbc0d34d467632b8b06fc8
3990Author: Darren Tucker <dtucker@zip.com.au>
3991Date:   Fri Sep 11 13:11:02 2015 +1000
3992
3993    Force resolution of _res for correct detection.
3994
3995    bz#2259, from sconeu at yahoo.com.
3996
3997commit 26ad18247213ff72b4438abe7fc660c958810fa2
3998Author: Damien Miller <djm@mindrot.org>
3999Date:   Thu Sep 10 10:57:41 2015 +1000
4000
4001    allow getrandom syscall; from Felix von Leitner
4002
4003commit 5245bc1e6b129a10a928f73f11c3aa32656c44b4
4004Author: jmc@openbsd.org <jmc@openbsd.org>
4005Date:   Fri Sep 4 06:40:45 2015 +0000
4006
4007    upstream commit
4008
4009    full stop belongs outside the brackets, not inside;
4010
4011    Upstream-ID: 99d098287767799ac33d2442a05b5053fa5a551a
4012
4013commit a85768a9321d74b41219eeb3c9be9f1702cbf6a5
4014Author: djm@openbsd.org <djm@openbsd.org>
4015Date:   Fri Sep 4 04:56:09 2015 +0000
4016
4017    upstream commit
4018
4019    add a debug2() right before DNS resolution; it's a place
4020     where ssh could previously silently hang for a while. bz#2433
4021
4022    Upstream-ID: 52a1a3e0748db66518e7598352c427145692a6a0
4023
4024commit 46152af8d27aa34d5d26ed1c371dc8aa142d4730
4025Author: djm@openbsd.org <djm@openbsd.org>
4026Date:   Fri Sep 4 04:55:24 2015 +0000
4027
4028    upstream commit
4029
4030    correct function name in error messages
4031
4032    Upstream-ID: 92fb2798617ad9561370897f4ab60adef2ff4c0e
4033
4034commit a954cdb799a4d83c2d40fbf3e7b9f187fbfd72fc
4035Author: djm@openbsd.org <djm@openbsd.org>
4036Date:   Fri Sep 4 04:47:50 2015 +0000
4037
4038    upstream commit
4039
4040    better document ExitOnForwardFailure; bz#2444, ok
4041     dtucker@
4042
4043    Upstream-ID: a126209b5a6d9cb3117ac7ab5bc63d284538bfc2
4044
4045commit f54d8ac2474b6fc3afa081cf759b48a6c89d3319
4046Author: djm@openbsd.org <djm@openbsd.org>
4047Date:   Fri Sep 4 04:44:08 2015 +0000
4048
4049    upstream commit
4050
4051    don't record hostbased authentication hostkeys as user
4052     keys in test for multiple authentication with the same key
4053
4054    Upstream-ID: 26b368fa2cff481f47f37e01b8da1ae5b57b1adc
4055
4056commit ac3451dd65f27ecf85dc045c46d49e2bbcb8dddd
4057Author: djm@openbsd.org <djm@openbsd.org>
4058Date:   Fri Sep 4 03:57:38 2015 +0000
4059
4060    upstream commit
4061
4062    remove extra newline in nethack-mode hostkey; from
4063     Christian Hesse bz#2686
4064
4065    Upstream-ID: 4f56368b1cc47baeea0531912186f66007fd5b92
4066
4067commit 9e3ed9ebb1a7e47c155c28399ddf09b306ea05df
4068Author: djm@openbsd.org <djm@openbsd.org>
4069Date:   Fri Sep 4 04:23:10 2015 +0000
4070
4071    upstream commit
4072
4073    trim junk from end of file; bz#2455 from Jakub Jelen
4074
4075    Upstream-Regress-ID: a4e64e8931e40d23874b047074444eff919cdfe6
4076
4077commit f3a3ea180afff080bab82087ee0b60db9fd84f6c
4078Author: jsg@openbsd.org <jsg@openbsd.org>
4079Date:   Wed Sep 2 07:51:12 2015 +0000
4080
4081    upstream commit
4082
4083    Fix occurrences of "r = func() != 0" which result in the
4084     wrong error codes being returned due to != having higher precedence than =.
4085
4086    ok deraadt@ markus@
4087
4088    Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
4089
4090commit f498a98cf83feeb7ea01c15cd1c98b3111361f3a
4091Author: Damien Miller <djm@mindrot.org>
4092Date:   Thu Sep 3 09:11:22 2015 +1000
4093
4094    don't check for yp_match; ok tim@
4095
4096commit 9690b78b7848b0b376980a61d51b1613e187ddb5
4097Author: djm@openbsd.org <djm@openbsd.org>
4098Date:   Fri Aug 21 23:57:48 2015 +0000
4099
4100    upstream commit
4101
4102    Improve printing of KEX offers and decisions
4103
4104    The debug output now labels the client and server offers and the
4105    negotiated options. ok markus@
4106
4107    Upstream-ID: 8db921b3f92a4565271b1c1fbce6e7f508e1a2cb
4108
4109commit 60a92470e21340e1a3fc10f9c7140d8e1519dc55
4110Author: djm@openbsd.org <djm@openbsd.org>
4111Date:   Fri Aug 21 23:53:08 2015 +0000
4112
4113    upstream commit
4114
4115    Fix printing (ssh -G ...) of HostKeyAlgorithms=+...
4116     Reported by Bryan Drewery
4117
4118    Upstream-ID: 19ad20c41bd5971e006289b6f9af829dd46c1293
4119
4120commit 6310f60fffca2d1e464168e7d1f7e3b6b0268897
4121Author: djm@openbsd.org <djm@openbsd.org>
4122Date:   Fri Aug 21 23:52:30 2015 +0000
4123
4124    upstream commit
4125
4126    Fix expansion of HostkeyAlgorithms=+...
4127
4128    Reported by Bryan Drewery
4129
4130    Upstream-ID: 70ca1deea39d758ba36d36428ae832e28566f78d
4131
4132commit e774e5ea56237fd626a8161f9005023dff3e76c9
4133Author: deraadt@openbsd.org <deraadt@openbsd.org>
4134Date:   Fri Aug 21 23:29:31 2015 +0000
4135
4136    upstream commit
4137
4138    Improve size == 0, count == 0 checking in mm_zalloc,
4139     which is "array" like. Discussed with tedu, millert, otto.... and ok djm
4140
4141    Upstream-ID: 899b021be43b913fad3eca1aef44efe710c53e29
4142
4143commit 189de02d9ad6f3645417c0ddf359b923aae5f926
4144Author: Damien Miller <djm@mindrot.org>
4145Date:   Fri Aug 21 15:45:02 2015 +1000
4146
4147    expose POLLHUP and POLLNVAL for netcat.c
4148
4149commit e91346dc2bbf460246df2ab591b7613908c1b0ad
4150Author: Damien Miller <djm@mindrot.org>
4151Date:   Fri Aug 21 14:49:03 2015 +1000
4152
4153    we don't use Github for issues/pull-requests
4154
4155commit a4f5b507c708cc3dc2c8dd2d02e4416d7514dc23
4156Author: Damien Miller <djm@mindrot.org>
4157Date:   Fri Aug 21 14:43:55 2015 +1000
4158
4159    fix URL for connect.c
4160
4161commit d026a8d3da0f8186598442997c7d0a28e7275414
4162Author: Damien Miller <djm@mindrot.org>
4163Date:   Fri Aug 21 13:47:10 2015 +1000
4164
4165    update version numbers for 7.1
4166
4167commit 78f8f589f0ca1c9f41e5a9bae3cda5ce8a6b42ed
4168Author: djm@openbsd.org <djm@openbsd.org>
4169Date:   Fri Aug 21 03:45:26 2015 +0000
4170
4171    upstream commit
4172
4173    openssh-7.1
4174
4175    Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f
4176
4177commit 32a181980c62fce94f7f9ffaf6a79d90f0c309cf
4178Author: djm@openbsd.org <djm@openbsd.org>
4179Date:   Fri Aug 21 03:42:19 2015 +0000
4180
4181    upstream commit
4182
4183    fix inverted logic that broke PermitRootLogin; reported
4184     by Mantas Mikulenas; ok markus@
4185
4186    Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5
4187
4188commit ce445b0ed927e45bd5bdce8f836eb353998dd65c
4189Author: deraadt@openbsd.org <deraadt@openbsd.org>
4190Date:   Thu Aug 20 22:32:42 2015 +0000
4191
4192    upstream commit
4193
4194    Do not cast result of malloc/calloc/realloc* if stdlib.h
4195     is in scope ok krw millert
4196
4197    Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667
4198
4199commit 05291e5288704d1a98bacda269eb5a0153599146
4200Author: naddy@openbsd.org <naddy@openbsd.org>
4201Date:   Thu Aug 20 19:20:06 2015 +0000
4202
4203    upstream commit
4204
4205    In the certificates section, be consistent about using
4206     "host_key" and "user_key" for the respective key types.  ok sthen@ deraadt@
4207
4208    Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb
4209
4210commit 8543d4ef6f2e9f98c3e6b77c894ceec30c5e4ae4
4211Author: djm@openbsd.org <djm@openbsd.org>
4212Date:   Wed Aug 19 23:21:42 2015 +0000
4213
4214    upstream commit
4215
4216    Better compat matching for WinSCP, add compat matching
4217     for FuTTY (fork of PuTTY); ok markus@ deraadt@
4218
4219    Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389
4220
4221commit ec6eda16ebab771aa3dfc90629b41953b999cb1e
4222Author: djm@openbsd.org <djm@openbsd.org>
4223Date:   Wed Aug 19 23:19:01 2015 +0000
4224
4225    upstream commit
4226
4227    fix double-free() in error path of DSA key generation
4228     reported by Mateusz Kocielski; ok markus@
4229
4230    Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c
4231
4232commit 45b0eb752c94954a6de046bfaaf129e518ad4b5b
4233Author: djm@openbsd.org <djm@openbsd.org>
4234Date:   Wed Aug 19 23:18:26 2015 +0000
4235
4236    upstream commit
4237
4238    fix free() of uninitialised pointer reported by Mateusz
4239     Kocielski; ok markus@
4240
4241    Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663
4242
4243commit c837643b93509a3ef538cb6624b678c5fe32ff79
4244Author: djm@openbsd.org <djm@openbsd.org>
4245Date:   Wed Aug 19 23:17:51 2015 +0000
4246
4247    upstream commit
4248
4249    fixed unlink([uninitialised memory]) reported by Mateusz
4250     Kocielski; ok markus@
4251
4252    Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109
4253
4254commit 1f8d3d629cd553031021068eb9c646a5f1e50994
4255Author: jmc@openbsd.org <jmc@openbsd.org>
4256Date:   Fri Aug 14 15:32:41 2015 +0000
4257
4258    upstream commit
4259
4260    match myproposal.h order; from brian conway (i snuck in a
4261     tweak while here)
4262
4263    ok dtucker
4264
4265    Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67
4266
4267commit 1dc8d93ce69d6565747eb44446ed117187621b26
4268Author: deraadt@openbsd.org <deraadt@openbsd.org>
4269Date:   Thu Aug 6 14:53:21 2015 +0000
4270
4271    upstream commit
4272
4273    add prohibit-password as a synonymn for without-password,
4274     since the without-password is causing too many questions.  Harden it to ban
4275     all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from
4276     djm, ok markus
4277
4278    Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a
4279
4280commit 90a95a4745a531b62b81ce3b025e892bdc434de5
4281Author: Damien Miller <djm@mindrot.org>
4282Date:   Tue Aug 11 13:53:41 2015 +1000
4283
4284    update version in README
4285
4286commit 318c37743534b58124f1bab37a8a0087a3a9bd2f
4287Author: Damien Miller <djm@mindrot.org>
4288Date:   Tue Aug 11 13:53:09 2015 +1000
4289
4290    update versions in *.spec
4291
4292commit 5e75f5198769056089fb06c4d738ab0e5abc66f7
4293Author: Damien Miller <djm@mindrot.org>
4294Date:   Tue Aug 11 13:34:12 2015 +1000
4295
4296    set sshpam_ctxt to NULL after free
4297
4298    Avoids use-after-free in monitor when privsep child is compromised.
4299    Reported by Moritz Jodeit; ok dtucker@
4300
4301commit d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
4302Author: Damien Miller <djm@mindrot.org>
4303Date:   Tue Aug 11 13:33:24 2015 +1000
4304
4305    Don't resend username to PAM; it already has it.
4306
4307    Pointed out by Moritz Jodeit; ok dtucker@
4308
4309commit 88763a6c893bf3dfe951ba9271bf09715e8d91ca
4310Author: Darren Tucker <dtucker@zip.com.au>
4311Date:   Mon Jul 27 12:14:25 2015 +1000
4312
4313    Import updated moduli file from OpenBSD.
4314
4315commit 55b263fb7cfeacb81aaf1c2036e0394c881637da
4316Author: Damien Miller <djm@mindrot.org>
4317Date:   Mon Aug 10 11:13:44 2015 +1000
4318
4319    let principals-command.sh work for noexec /var/run
4320
4321commit 2651e34cd11b1aac3a0fe23b86d8c2ff35c07897
4322Author: Damien Miller <djm@mindrot.org>
4323Date:   Thu Aug 6 11:43:42 2015 +1000
4324
4325    work around echo -n / sed behaviour in tests
4326
4327commit d85dad81778c1aa8106acd46930b25fdf0d15b2a
4328Author: djm@openbsd.org <djm@openbsd.org>
4329Date:   Wed Aug 5 05:27:33 2015 +0000
4330
4331    upstream commit
4332
4333    adjust for RSA minimum modulus switch; ok deraadt@
4334
4335    Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae
4336
4337commit 57e8e229bad5fe6056b5f1199665f5f7008192c6
4338Author: djm@openbsd.org <djm@openbsd.org>
4339Date:   Tue Aug 4 05:23:06 2015 +0000
4340
4341    upstream commit
4342
4343    backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this
4344     release; problems spotted by sthen@ ok deraadt@ markus@
4345
4346    Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822
4347
4348commit f097d0ea1e0889ca0fa2e53a00214e43ab7fa22a
4349Author: djm@openbsd.org <djm@openbsd.org>
4350Date:   Sun Aug 2 09:56:42 2015 +0000
4351
4352    upstream commit
4353
4354    openssh 7.0; ok deraadt@
4355
4356    Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f
4357
4358commit 3d5728a0f6874ce4efb16913a12963595070f3a9
4359Author: chris@openbsd.org <chris@openbsd.org>
4360Date:   Fri Jul 31 15:38:09 2015 +0000
4361
4362    upstream commit
4363
4364    Allow PermitRootLogin to be overridden by config
4365
4366    ok markus@ deeradt@
4367
4368    Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4
4369
4370commit 6f941396b6835ad18018845f515b0c4fe20be21a
4371Author: djm@openbsd.org <djm@openbsd.org>
4372Date:   Thu Jul 30 23:09:15 2015 +0000
4373
4374    upstream commit
4375
4376    fix pty permissions; patch from Nikolay Edigaryev; ok
4377     deraadt
4378
4379    Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550
4380
4381commit f4373ed1e8fbc7c8ce3fc4ea97d0ba2e0c1d7ef0
4382Author: deraadt@openbsd.org <deraadt@openbsd.org>
4383Date:   Thu Jul 30 19:23:02 2015 +0000
4384
4385    upstream commit
4386
4387    change default: PermitRootLogin without-password matching
4388     install script changes coming as well ok djm markus
4389
4390    Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6
4391
4392commit 0c30ba91f87fcda7e975e6ff8a057f624e87ea1c
4393Author: Damien Miller <djm@mindrot.org>
4394Date:   Thu Jul 30 12:31:39 2015 +1000
4395
4396    downgrade OOM adjustment logging: verbose -> debug
4397
4398commit f9eca249d4961f28ae4b09186d7dc91de74b5895
4399Author: djm@openbsd.org <djm@openbsd.org>
4400Date:   Thu Jul 30 00:01:34 2015 +0000
4401
4402    upstream commit
4403
4404    Allow ssh_config and sshd_config kex parameters options be
4405     prefixed by a '+' to indicate that the specified items be appended to the
4406     default rather than replacing it.
4407
4408    approach suggested by dtucker@, feedback dlg@, ok markus@
4409
4410    Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
4411
4412commit 5cefe769105a2a2e3ca7479d28d9a325d5ef0163
4413Author: djm@openbsd.org <djm@openbsd.org>
4414Date:   Wed Jul 29 08:34:54 2015 +0000
4415
4416    upstream commit
4417
4418    fix bug in previous; was printing incorrect string for
4419     failed host key algorithms negotiation
4420
4421    Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e
4422
4423commit f319912b0d0e1675b8bb051ed8213792c788bcb2
4424Author: djm@openbsd.org <djm@openbsd.org>
4425Date:   Wed Jul 29 04:43:06 2015 +0000
4426
4427    upstream commit
4428
4429    include the peer's offer when logging a failure to
4430     negotiate a mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@
4431
4432    Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796
4433
4434commit b6ea0e573042eb85d84defb19227c89eb74cf05a
4435Author: djm@openbsd.org <djm@openbsd.org>
4436Date:   Tue Jul 28 23:20:42 2015 +0000
4437
4438    upstream commit
4439
4440    add Cisco to the list of clients that choke on the
4441     hostkeys update extension. Pointed out by Howard Kash
4442
4443    Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84
4444
4445commit 3f628c7b537291c1019ce86af90756fb4e66d0fd
4446Author: guenther@openbsd.org <guenther@openbsd.org>
4447Date:   Mon Jul 27 16:29:23 2015 +0000
4448
4449    upstream commit
4450
4451    Permit kbind(2) use in the sandbox now, to ease testing
4452     of ld.so work using it
4453
4454    reminded by miod@, ok deraadt@
4455
4456    Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413
4457
4458commit ebe27ebe520098bbc0fe58945a87ce8490121edb
4459Author: millert@openbsd.org <millert@openbsd.org>
4460Date:   Mon Jul 20 18:44:12 2015 +0000
4461
4462    upstream commit
4463
4464    Move .Pp before .Bl, not after to quiet mandoc -Tlint.
4465     Noticed by jmc@
4466
4467    Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23
4468
4469commit d5d91d0da819611167782c66ab629159169d94d4
4470Author: millert@openbsd.org <millert@openbsd.org>
4471Date:   Mon Jul 20 18:42:35 2015 +0000
4472
4473    upstream commit
4474
4475    Sync usage with SYNOPSIS
4476
4477    Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7
4478
4479commit 79ec2142fbc68dd2ed9688608da355fc0b1ed743
4480Author: millert@openbsd.org <millert@openbsd.org>
4481Date:   Mon Jul 20 15:39:52 2015 +0000
4482
4483    upstream commit
4484
4485    Better desciption of Unix domain socket forwarding.
4486     bz#2423; ok jmc@
4487
4488    Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d
4489
4490commit d56fd1828074a4031b18b8faa0bf949669eb18a0
4491Author: Damien Miller <djm@mindrot.org>
4492Date:   Mon Jul 20 11:19:51 2015 +1000
4493
4494    make realpath.c compile -Wsign-compare clean
4495
4496commit c63c9a691dca26bb7648827f5a13668832948929
4497Author: djm@openbsd.org <djm@openbsd.org>
4498Date:   Mon Jul 20 00:30:01 2015 +0000
4499
4500    upstream commit
4501
4502    mention that the default of UseDNS=no implies that
4503     hostnames cannot be used for host matching in sshd_config and
4504     authorized_keys; bz#2045, ok dtucker@
4505
4506    Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1
4507
4508commit 63ebcd0005e9894fcd6871b7b80aeea1fec0ff76
4509Author: djm@openbsd.org <djm@openbsd.org>
4510Date:   Sat Jul 18 08:02:17 2015 +0000
4511
4512    upstream commit
4513
4514    don't ignore PKCS#11 hosted keys that return empty
4515     CKA_ID; patch by Jakub Jelen via bz#2429; ok markus
4516
4517    Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485
4518
4519commit b15fd989c8c62074397160147a8d5bc34b3f3c63
4520Author: djm@openbsd.org <djm@openbsd.org>
4521Date:   Sat Jul 18 08:00:21 2015 +0000
4522
4523    upstream commit
4524
4525    skip uninitialised PKCS#11 slots; patch from Jakub Jelen
4526     in bz#2427 ok markus@
4527
4528    Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29
4529
4530commit 5b64f85bb811246c59ebab70aed331f26ba37b18
4531Author: djm@openbsd.org <djm@openbsd.org>
4532Date:   Sat Jul 18 07:57:14 2015 +0000
4533
4534    upstream commit
4535
4536    only query each keyboard-interactive device once per
4537     authentication request regardless of how many times it is listed; ok markus@
4538
4539    Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
4540
4541commit cd7324d0667794eb5c236d8a4e0f236251babc2d
4542Author: djm@openbsd.org <djm@openbsd.org>
4543Date:   Fri Jul 17 03:34:27 2015 +0000
4544
4545    upstream commit
4546
4547    remove -u flag to diff (only used for error output) to make
4548     things easier for -portable
4549
4550    Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548
4551
4552commit deb8d99ecba70b67f4af7880b11ca8768df9ec3a
4553Author: djm@openbsd.org <djm@openbsd.org>
4554Date:   Fri Jul 17 03:09:19 2015 +0000
4555
4556    upstream commit
4557
4558    direct-streamlocal@openssh.com Unix domain foward
4559     messages do not contain a "reserved for future use" field and in fact,
4560     serverloop.c checks that there isn't one. Remove erroneous mention from
4561     PROTOCOL description. bz#2421 from Daniel Black
4562
4563    Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac
4564
4565commit 356b61f365405b5257f5b2ab446e5d7bd33a7b52
4566Author: djm@openbsd.org <djm@openbsd.org>
4567Date:   Fri Jul 17 03:04:27 2015 +0000
4568
4569    upstream commit
4570
4571    describe magic for setting up Unix domain socket fowards
4572     via the mux channel; bz#2422 patch from Daniel Black
4573
4574    Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861
4575
4576commit d3e2aee41487d55b8d7d40f538b84ff1db7989bc
4577Author: Darren Tucker <dtucker@zip.com.au>
4578Date:   Fri Jul 17 12:52:34 2015 +1000
4579
4580    Check if realpath works on nonexistent files.
4581
4582    On some platforms the native realpath doesn't work with non-existent
4583    files (this is actually specified in some versions of POSIX), however
4584    the sftp spec says its realpath with "canonicalize any given path name".
4585    On those platforms, use realpath from the compat library.
4586
4587    In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines
4588    the realpath symbol to the checked version, so redefine ours to
4589    something else so we pick up the compat version we want.
4590
4591    bz#2428, ok djm@
4592
4593commit 25b14610dab655646a109db5ef8cb4c4bf2a48a0
4594Author: djm@openbsd.org <djm@openbsd.org>
4595Date:   Fri Jul 17 02:47:45 2015 +0000
4596
4597    upstream commit
4598
4599    fix incorrect test for SSH1 keys when compiled without SSH1
4600     support
4601
4602    Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451
4603
4604commit df56a8035d429b2184ee94aaa7e580c1ff67f73a
4605Author: djm@openbsd.org <djm@openbsd.org>
4606Date:   Wed Jul 15 08:00:11 2015 +0000
4607
4608    upstream commit
4609
4610    fix NULL-deref when SSH1 reenabled
4611
4612    Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295
4613
4614commit 41e38c4d49dd60908484e6703316651333f16b93
4615Author: djm@openbsd.org <djm@openbsd.org>
4616Date:   Wed Jul 15 07:19:50 2015 +0000
4617
4618    upstream commit
4619
4620    regen RSA1 test keys; the last batch was missing their
4621     private parts
4622
4623    Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a
4624
4625commit 5bf0933184cb622ca3f96d224bf3299fd2285acc
4626Author: markus@openbsd.org <markus@openbsd.org>
4627Date:   Fri Jul 10 06:23:25 2015 +0000
4628
4629    upstream commit
4630
4631    Adapt tests, now that DSA if off by default; use
4632     PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
4633
4634    Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
4635
4636commit 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc
4637Author: markus@openbsd.org <markus@openbsd.org>
4638Date:   Tue Jul 7 14:54:16 2015 +0000
4639
4640    upstream commit
4641
4642    regen test data after mktestdata.sh changes
4643
4644    Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4
4645
4646commit 7c8c174c69f681d4910fa41c37646763692b28e2
4647Author: markus@openbsd.org <markus@openbsd.org>
4648Date:   Tue Jul 7 14:53:30 2015 +0000
4649
4650    upstream commit
4651
4652    adapt tests to new minimum RSA size and default FP format
4653
4654    Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e
4655
4656commit 6a977a4b68747ade189e43d302f33403fd4a47ac
4657Author: djm@openbsd.org <djm@openbsd.org>
4658Date:   Fri Jul 3 04:39:23 2015 +0000
4659
4660    upstream commit
4661
4662    legacy v00 certificates are gone; adapt and don't try to
4663     test them; "sure" markus@ dtucker@
4664
4665    Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12
4666
4667commit 0c4123ad5e93fb90fee9c6635b13a6cdabaac385
4668Author: djm@openbsd.org <djm@openbsd.org>
4669Date:   Wed Jul 1 23:11:18 2015 +0000
4670
4671    upstream commit
4672
4673    don't expect SSH v.1 in unittests
4674
4675    Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397
4676
4677commit 3c099845798a817cdde513c39074ec2063781f18
4678Author: djm@openbsd.org <djm@openbsd.org>
4679Date:   Mon Jun 15 06:38:50 2015 +0000
4680
4681    upstream commit
4682
4683    turn SSH1 back on to match src/usr.bin/ssh being tested
4684
4685    Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333
4686
4687commit b1dc2b33689668c75e95f873a42d5aea1f4af1db
4688Author: dtucker@openbsd.org <dtucker@openbsd.org>
4689Date:   Mon Jul 13 04:57:14 2015 +0000
4690
4691    upstream commit
4692
4693    Add "PuTTY_Local:" to the clients to which we do not
4694     offer DH-GEX. This was the string that was used for development versions
4695     prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately
4696     there are some extant products based on those versions.  bx2424 from Jay
4697     Rouman, ok markus@ djm@
4698
4699    Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5
4700
4701commit 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9
4702Author: markus@openbsd.org <markus@openbsd.org>
4703Date:   Fri Jul 10 06:21:53 2015 +0000
4704
4705    upstream commit
4706
4707    Turn off DSA by default; add HostKeyAlgorithms to the
4708     server and PubkeyAcceptedKeyTypes to the client side, so it still can be
4709     tested or turned back on; feedback and ok djm@
4710
4711    Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
4712
4713commit 16db0a7ee9a87945cc594d13863cfcb86038db59
4714Author: markus@openbsd.org <markus@openbsd.org>
4715Date:   Thu Jul 9 09:49:46 2015 +0000
4716
4717    upstream commit
4718
4719    re-enable ed25519-certs if compiled w/o openssl; ok djm
4720
4721    Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49
4722
4723commit c355bf306ac33de6545ce9dac22b84a194601e2f
4724Author: markus@openbsd.org <markus@openbsd.org>
4725Date:   Wed Jul 8 20:24:02 2015 +0000
4726
4727    upstream commit
4728
4729    no need to include the old buffer/key API
4730
4731    Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b
4732
4733commit a3cc48cdf9853f1e832d78cb29bedfab7adce1ee
4734Author: markus@openbsd.org <markus@openbsd.org>
4735Date:   Wed Jul 8 19:09:25 2015 +0000
4736
4737    upstream commit
4738
4739    typedefs for Cipher&CipherContext are unused
4740
4741    Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7
4742
4743commit a635bd06b5c427a57c3ae760d3a2730bb2c863c0
4744Author: markus@openbsd.org <markus@openbsd.org>
4745Date:   Wed Jul 8 19:04:21 2015 +0000
4746
4747    upstream commit
4748
4749    xmalloc.h is unused
4750
4751    Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58
4752
4753commit 2521cf0e36c7f3f6b19f206da0af134f535e4a31
4754Author: markus@openbsd.org <markus@openbsd.org>
4755Date:   Wed Jul 8 19:01:15 2015 +0000
4756
4757    upstream commit
4758
4759    compress.c is gone
4760
4761    Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced
4762
4763commit c65a7aa6c43aa7a308ee1ab8a96f216169ae9615
4764Author: djm@openbsd.org <djm@openbsd.org>
4765Date:   Fri Jul 3 04:05:54 2015 +0000
4766
4767    upstream commit
4768
4769    another SSH_RSA_MINIMUM_MODULUS_SIZE that needed
4770     cranking
4771
4772    Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1
4773
4774commit b1f383da5cd3cb921fc7776f17a14f44b8a31757
4775Author: djm@openbsd.org <djm@openbsd.org>
4776Date:   Fri Jul 3 03:56:25 2015 +0000
4777
4778    upstream commit
4779
4780    add an XXX reminder for getting correct key paths from
4781     sshd_config
4782
4783    Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db
4784
4785commit 933935ce8d093996c34d7efa4d59113163080680
4786Author: djm@openbsd.org <djm@openbsd.org>
4787Date:   Fri Jul 3 03:49:45 2015 +0000
4788
4789    upstream commit
4790
4791    refuse to generate or accept RSA keys smaller than 1024
4792     bits; feedback and ok dtucker@
4793
4794    Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
4795
4796commit bdfd29f60b74f3e678297269dc6247a5699583c1
4797Author: djm@openbsd.org <djm@openbsd.org>
4798Date:   Fri Jul 3 03:47:00 2015 +0000
4799
4800    upstream commit
4801
4802    turn off 1024 bit diffie-hellman-group1-sha1 key
4803     exchange method (already off in server, this turns it off in the client by
4804     default too) ok dtucker@
4805
4806    Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa
4807
4808commit c28fc62d789d860c75e23a9fa9fb250eb2beca57
4809Author: djm@openbsd.org <djm@openbsd.org>
4810Date:   Fri Jul 3 03:43:18 2015 +0000
4811
4812    upstream commit
4813
4814    delete support for legacy v00 certificates; "sure"
4815     markus@ dtucker@
4816
4817    Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
4818
4819commit 564d63e1b4a9637a209d42a9d49646781fc9caef
4820Author: djm@openbsd.org <djm@openbsd.org>
4821Date:   Wed Jul 1 23:10:47 2015 +0000
4822
4823    upstream commit
4824
4825    Compile-time disable SSH v.1 again
4826
4827    Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af
4828
4829commit 868109b650504dd9bcccdb1f51d0906f967c20ff
4830Author: djm@openbsd.org <djm@openbsd.org>
4831Date:   Wed Jul 1 02:39:06 2015 +0000
4832
4833    upstream commit
4834
4835    twiddle PermitRootLogin back
4836
4837    Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2
4838
4839commit 7de4b03a6e4071d454b72927ffaf52949fa34545
4840Author: djm@openbsd.org <djm@openbsd.org>
4841Date:   Wed Jul 1 02:32:17 2015 +0000
4842
4843    upstream commit
4844
4845    twiddle; (this commit marks the openssh-6.9 release)
4846
4847    Upstream-ID: 78500582819f61dd8adee36ec5cc9b9ac9351234
4848
4849commit 1bf477d3cdf1a864646d59820878783d42357a1d
4850Author: djm@openbsd.org <djm@openbsd.org>
4851Date:   Wed Jul 1 02:26:31 2015 +0000
4852
4853    upstream commit
4854
4855    better refuse ForwardX11Trusted=no connections attempted
4856     after ForwardX11Timeout expires; reported by Jann Horn
4857
4858    Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21
4859
4860commit 47aa7a0f8551b471fcae0447c1d78464f6dba869
4861Author: djm@openbsd.org <djm@openbsd.org>
4862Date:   Wed Jul 1 01:56:13 2015 +0000
4863
4864    upstream commit
4865
4866    put back default PermitRootLogin=no
4867
4868    Upstream-ID: 7bdedd5cead99c57ed5571f3b6b7840922d5f728
4869
4870commit 984b064fe2a23733733262f88d2e1b2a1a501662
4871Author: djm@openbsd.org <djm@openbsd.org>
4872Date:   Wed Jul 1 01:55:13 2015 +0000
4873
4874    upstream commit
4875
4876    openssh-6.9
4877
4878    Upstream-ID: 6cfe8e1904812531080e6ab6e752d7001b5b2d45
4879
4880commit d921082ed670f516652eeba50705e1e9f6325346
4881Author: djm@openbsd.org <djm@openbsd.org>
4882Date:   Wed Jul 1 01:55:00 2015 +0000
4883
4884    upstream commit
4885
4886    reset default PermitRootLogin to 'yes' (momentarily, for
4887     release)
4888
4889    Upstream-ID: cad8513527066e65dd7a1c16363d6903e8cefa24
4890
4891commit 66295e0e1ba860e527f191b6325d2d77dec4dbce
4892Author: Damien Miller <djm@mindrot.org>
4893Date:   Wed Jul 1 11:49:12 2015 +1000
4894
4895    crank version numbers for release
4896
4897commit 37035c07d4f26bb1fbe000d2acf78efdb008681d
4898Author: Damien Miller <djm@mindrot.org>
4899Date:   Wed Jul 1 10:49:37 2015 +1000
4900
4901    s/--with-ssh1/--without-ssh1/
4902
4903commit 629df770dbadc2accfbe1c81b3f31f876d0acd84
4904Author: djm@openbsd.org <djm@openbsd.org>
4905Date:   Tue Jun 30 05:25:07 2015 +0000
4906
4907    upstream commit
4908
4909    fatal() when a remote window update causes the window
4910     value to overflow. Reported by Georg Wicherski, ok markus@
4911
4912    Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351
4913
4914commit f715afebe735d61df3fd30ad72d9ac1c8bd3b5f2
4915Author: djm@openbsd.org <djm@openbsd.org>
4916Date:   Tue Jun 30 05:23:25 2015 +0000
4917
4918    upstream commit
4919
4920    Fix math error in remote window calculations that causes
4921     eventual stalls for datagram channels. Reported by Georg Wicherski, ok
4922     markus@
4923
4924    Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab
4925
4926commit 52fb6b9b034fcfd24bf88cc7be313e9c31de9889
4927Author: Damien Miller <djm@mindrot.org>
4928Date:   Tue Jun 30 16:05:40 2015 +1000
4929
4930    skip IPv6-related portions on hosts without IPv6
4931
4932    with Tim Rice
4933
4934commit 512caddf590857af6aa12218461b5c0441028cf5
4935Author: djm@openbsd.org <djm@openbsd.org>
4936Date:   Mon Jun 29 22:35:12 2015 +0000
4937
4938    upstream commit
4939
4940    add getpid to sandbox, reachable by grace_alarm_handler
4941
4942    reported by Jakub Jelen; bz#2419
4943
4944    Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8
4945
4946commit 78c2a4f883ea9aba866358e2acd9793a7f42ca93
4947Author: djm@openbsd.org <djm@openbsd.org>
4948Date:   Fri Jun 26 05:13:20 2015 +0000
4949
4950    upstream commit
4951
4952    Fix \-escaping bug that caused forward path parsing to skip
4953     two characters and skip past the end of the string.
4954
4955    Based on patch by Salvador Fandino; ok dtucker@
4956
4957    Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd
4958
4959commit bc20205c91c9920361d12b15d253d4997dba494a
4960Author: Damien Miller <djm@mindrot.org>
4961Date:   Thu Jun 25 09:51:39 2015 +1000
4962
4963    add missing pselect6
4964
4965    patch from Jakub Jelen
4966
4967commit 9d27fb73b4a4e5e99cb880af790d5b1ce44f720a
4968Author: djm@openbsd.org <djm@openbsd.org>
4969Date:   Wed Jun 24 23:47:23 2015 +0000
4970
4971    upstream commit
4972
4973    correct test to sshkey_sign(); spotted by Albert S.
4974
4975    Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933
4976
4977commit 7ed01a96a1911d8b4a9ef4f3d064e1923bfad7e3
4978Author: dtucker@openbsd.org <dtucker@openbsd.org>
4979Date:   Wed Jun 24 01:49:19 2015 +0000
4980
4981    upstream commit
4982
4983    Revert previous commit.  We still want to call setgroups
4984     in the case where there are zero groups to remove any that we might otherwise
4985     inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
4986     to setgroups is always a static global it's always valid to dereference in
4987     this case.  ok deraadt@ djm@
4988
4989    Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
4990
4991commit 882f8bf94f79528caa65b0ba71c185d705bb7195
4992Author: dtucker@openbsd.org <dtucker@openbsd.org>
4993Date:   Wed Jun 24 01:49:19 2015 +0000
4994
4995    upstream commit
4996
4997    Revert previous commit.  We still want to call setgroups in
4998     the case where there are zero groups to remove any that we might otherwise
4999     inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
5000     to setgroups is always a static global it's always valid to dereference in
5001     this case.  ok deraadt@ djm@
5002
5003    Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
5004
5005commit 9488538a726951e82b3a4374f3c558d72c80a89b
5006Author: djm@openbsd.org <djm@openbsd.org>
5007Date:   Mon Jun 22 23:42:16 2015 +0000
5008
5009    upstream commit
5010
5011    Don't count successful partial authentication as failures
5012     in monitor; this may have caused the monitor to refuse multiple
5013     authentications that would otherwise have successfully completed; ok markus@
5014
5015    Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3
5016
5017commit 63b78d003bd8ca111a736e6cea6333da50f5f09b
5018Author: dtucker@openbsd.org <dtucker@openbsd.org>
5019Date:   Mon Jun 22 12:29:57 2015 +0000
5020
5021    upstream commit
5022
5023    Don't call setgroups if we have zero groups; there's no
5024     guarantee that it won't try to deref the pointer.  Based on a patch from mail
5025     at quitesimple.org, ok djm deraadt
5026
5027    Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1
5028
5029commit 5c15e22c691c79a47747bcf5490126656f97cecd
5030Author: Damien Miller <djm@mindrot.org>
5031Date:   Thu Jun 18 15:07:56 2015 +1000
5032
5033    fix syntax error
5034
5035commit 596dbca82f3f567fb3d2d69af4b4e1d3ba1e6403
5036Author: jsing@openbsd.org <jsing@openbsd.org>
5037Date:   Mon Jun 15 18:44:22 2015 +0000
5038
5039    upstream commit
5040
5041    If AuthorizedPrincipalsCommand is specified, however
5042     AuthorizedPrincipalsFile is not (or is set to "none"), authentication will
5043     potentially fail due to key_cert_check_authority() failing to locate a
5044     principal that matches the username, even though an authorized principal has
5045     already been matched in the output of the subprocess. Fix this by using the
5046     same logic to determine if pw->pw_name should be passed, as is used to
5047     determine if a authorized principal must be matched earlier on.
5048
5049    ok djm@
5050
5051    Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d
5052
5053commit aff3e94c0d75d0d0fa84ea392b50ab04f8c57905
5054Author: jsing@openbsd.org <jsing@openbsd.org>
5055Date:   Mon Jun 15 18:42:19 2015 +0000
5056
5057    upstream commit
5058
5059    Make the arguments to match_principals_command() similar
5060     to match_principals_file(), by changing the last argument a struct
5061     sshkey_cert * and dereferencing key->cert in the caller.
5062
5063    No functional change.
5064
5065    ok djm@
5066
5067    Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c
5068
5069commit 97e2e1596c202a4693468378b16b2353fd2d6c5e
5070Author: Damien Miller <djm@mindrot.org>
5071Date:   Wed Jun 17 14:36:54 2015 +1000
5072
5073    trivial optimisation for seccomp-bpf
5074
5075    When doing arg inspection and the syscall doesn't match, skip
5076    past the instruction that reloads the syscall into the accumulator,
5077    since the accumulator hasn't been modified at this point.
5078
5079commit 99f33d7304893bd9fa04d227cb6e870171cded19
5080Author: Damien Miller <djm@mindrot.org>
5081Date:   Wed Jun 17 10:50:51 2015 +1000
5082
5083    aarch64 support for seccomp-bpf sandbox
5084
5085    Also resort and tidy syscall list. Based on patches by Jakub Jelen
5086    bz#2361; ok dtucker@
5087
5088commit 4ef702e1244633c1025ec7cfe044b9ab267097bf
5089Author: djm@openbsd.org <djm@openbsd.org>
5090Date:   Mon Jun 15 01:32:50 2015 +0000
5091
5092    upstream commit
5093
5094    return failure on RSA signature error; reported by Albert S
5095
5096    Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa
5097
5098commit a170f22baf18af0b1acf2788b8b715605f41a1f9
5099Author: Tim Rice <tim@multitalents.net>
5100Date:   Tue Jun 9 22:41:13 2015 -0700
5101
5102    Fix t12 rules for out of tree builds.
5103
5104commit ec04dc4a5515c913121bc04ed261857e68fa5c18
5105Author: millert@openbsd.org <millert@openbsd.org>
5106Date:   Fri Jun 5 15:13:13 2015 +0000
5107
5108    upstream commit
5109
5110    For "ssh -L 12345:/tmp/sock" don't fail with "No forward host
5111     name." (we have a path, not a host name).  Based on a diff from Jared
5112     Yanovich. OK djm@
5113
5114    Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f
5115
5116commit 732d61f417a6aea0aa5308b59cb0f563bcd6edd6
5117Author: djm@openbsd.org <djm@openbsd.org>
5118Date:   Fri Jun 5 03:44:14 2015 +0000
5119
5120    upstream commit
5121
5122    typo: accidental repetition; bz#2386
5123
5124    Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b
5125
5126commit adfb24c69d1b6f5e758db200866c711e25a2ba73
5127Author: Darren Tucker <dtucker@zip.com.au>
5128Date:   Fri Jun 5 14:51:40 2015 +1000
5129
5130    Add Linux powerpc64le and powerpcle entries.
5131
5132    Stopgap to resolve bz#2409 because we are so close to release and will
5133    update config.guess and friends shortly after the release.  ok djm@
5134
5135commit a1195a0fdc9eddddb04d3e9e44c4775431cb77da
5136Merge: 6397eed d2480bc
5137Author: Tim Rice <tim@multitalents.net>
5138Date:   Wed Jun 3 21:43:13 2015 -0700
5139
5140    Merge branch 'master' of git.mindrot.org:/var/git/openssh
5141
5142commit 6397eedf953b2b973d2d7cbb504ab501a07f8ddc
5143Author: Tim Rice <tim@multitalents.net>
5144Date:   Wed Jun 3 21:41:11 2015 -0700
5145
5146    Remove unneeded backslashes. Patch from Ángel González
5147
5148commit d2480bcac1caf31b03068de877a47d6e1027bf6d
5149Author: Darren Tucker <dtucker@zip.com.au>
5150Date:   Thu Jun 4 14:10:55 2015 +1000
5151
5152    Remove redundant include of stdarg.h.  bz#2410
5153
5154commit 5e67859a623826ccdf2df284cbb37e2d8e2787eb
5155Author: djm@openbsd.org <djm@openbsd.org>
5156Date:   Tue Jun 2 09:10:40 2015 +0000
5157
5158    upstream commit
5159
5160    mention CheckHostIP adding addresses to known_hosts;
5161     bz#1993; ok dtucker@
5162
5163    Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7
5164
5165commit d7a58bbac6583e33fd5eca8e2c2cc70c57617818
5166Author: Darren Tucker <dtucker@zip.com.au>
5167Date:   Tue Jun 2 20:15:26 2015 +1000
5168
5169    Replace strcpy with strlcpy.
5170
5171    ok djm, sanity check by Corinna Vinschen.
5172
5173commit 51a1c2115265c6e80ede8a5c9dccada9aeed7143
5174Author: Damien Miller <djm@mindrot.org>
5175Date:   Fri May 29 18:27:21 2015 +1000
5176
5177    skip, rather than fatal when run without SUDO set
5178
5179commit 599f01142a376645b15cbc9349d7e8975e1cf245
5180Author: Damien Miller <djm@mindrot.org>
5181Date:   Fri May 29 18:03:15 2015 +1000
5182
5183    fix merge botch that left ",," in KEX algs
5184
5185commit 0c2a81dfc21822f2423edd30751e5ec53467b347
5186Author: Damien Miller <djm@mindrot.org>
5187Date:   Fri May 29 17:08:28 2015 +1000
5188
5189    re-enable SSH protocol 1 at compile time
5190
5191commit db438f9285d64282d3ac9e8c0944f59f037c0151
5192Author: djm@openbsd.org <djm@openbsd.org>
5193Date:   Fri May 29 03:05:13 2015 +0000
5194
5195    upstream commit
5196
5197    make this work without SUDO set; ok dtucker@
5198
5199    Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715
5200
5201commit 1d9a2e2849c9864fe75daabf433436341c968e14
5202Author: djm@openbsd.org <djm@openbsd.org>
5203Date:   Thu May 28 07:37:31 2015 +0000
5204
5205    upstream commit
5206
5207    wrap all moduli-related code in #ifdef WITH_OPENSSL.
5208     based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@
5209
5210    Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
5211
5212commit 496aeb25bc2d6c434171292e4714771b594bd00e
5213Author: dtucker@openbsd.org <dtucker@openbsd.org>
5214Date:   Thu May 28 05:41:29 2015 +0000
5215
5216    upstream commit
5217
5218    Increase the allowed length of the known host file name
5219     in the log message to be consistent with other cases.  Part of bz#1993, ok
5220     deraadt.
5221
5222    Upstream-ID: a9e97567be49f25daf286721450968251ff78397
5223
5224commit dd2cfeb586c646ff8d70eb93567b2e559ace5b14
5225Author: dtucker@openbsd.org <dtucker@openbsd.org>
5226Date:   Thu May 28 05:09:45 2015 +0000
5227
5228    upstream commit
5229
5230    Fix typo (keywork->keyword)
5231
5232    Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534
5233
5234commit 9cc6842493fbf23025ccc1edab064869640d3bec
5235Author: djm@openbsd.org <djm@openbsd.org>
5236Date:   Thu May 28 04:50:53 2015 +0000
5237
5238    upstream commit
5239
5240    add error message on ftruncate failure; bz#2176
5241
5242    Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf
5243
5244commit d1958793a0072c22be26d136dbda5ae263e717a0
5245Author: djm@openbsd.org <djm@openbsd.org>
5246Date:   Thu May 28 04:40:13 2015 +0000
5247
5248    upstream commit
5249
5250    make ssh-keygen default to ed25519 keys when compiled
5251     without OpenSSL; bz#2388, ok dtucker@
5252
5253    Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71
5254
5255commit 3ecde664c9fc5fb3667aedf9e6671462600f6496
5256Author: dtucker@openbsd.org <dtucker@openbsd.org>
5257Date:   Wed May 27 23:51:10 2015 +0000
5258
5259    upstream commit
5260
5261    Reorder client proposal to prefer
5262     diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1.  ok djm@
5263
5264    Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058
5265
5266commit 40f64292b907afd0a674fdbf3e4c2356d17a7d68
5267Author: dtucker@openbsd.org <dtucker@openbsd.org>
5268Date:   Wed May 27 23:39:18 2015 +0000
5269
5270    upstream commit
5271
5272    Add a stronger (4k bit) fallback group that sshd can use
5273     when the moduli file is missing or broken, sourced from RFC3526.  bz#2302, ok
5274     markus@ (earlier version), djm@
5275
5276    Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4
5277
5278commit 5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a
5279Author: Darren Tucker <dtucker@zip.com.au>
5280Date:   Thu May 28 10:03:40 2015 +1000
5281
5282    New moduli file from OpenBSD, removing 1k groups.
5283
5284    Remove 1k bit groups.  ok deraadt@, markus@
5285
5286commit a71ba58adf34e599f30cdda6e9b93ae6e3937eea
5287Author: djm@openbsd.org <djm@openbsd.org>
5288Date:   Wed May 27 05:15:02 2015 +0000
5289
5290    upstream commit
5291
5292    support PKCS#11 devices with external PIN entry devices
5293     bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@
5294
5295    Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d
5296
5297commit b282fec1aa05246ed3482270eb70fc3ec5f39a00
5298Author: dtucker@openbsd.org <dtucker@openbsd.org>
5299Date:   Tue May 26 23:23:40 2015 +0000
5300
5301    upstream commit
5302
5303    Cap DH-GEX group size at 4kbits for Cisco implementations.
5304     Some of them will choke when asked for preferred sizes >4k instead of
5305     returning the 4k group that they do have.  bz#2209, ok djm@
5306
5307    Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d
5308
5309commit 3e91b4e8b0dc2b4b7e7d42cf6e8994a32e4cb55e
5310Author: djm@openbsd.org <djm@openbsd.org>
5311Date:   Sun May 24 23:39:16 2015 +0000
5312
5313    upstream commit
5314
5315    add missing 'c' option to getopt(), case statement was
5316     already there; from Felix Bolte
5317
5318    Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081
5319
5320commit 64a89ec07660abba4d0da7c0095b7371c98bab62
5321Author: jsg@openbsd.org <jsg@openbsd.org>
5322Date:   Sat May 23 14:28:37 2015 +0000
5323
5324    upstream commit
5325
5326    fix a memory leak in an error path ok markus@ dtucker@
5327
5328    Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598
5329
5330commit f948737449257d2cb83ffcfe7275eb79b677fd4a
5331Author: djm@openbsd.org <djm@openbsd.org>
5332Date:   Fri May 22 05:28:45 2015 +0000
5333
5334    upstream commit
5335
5336    mention ssh-keygen -E for comparing legacy MD5
5337     fingerprints; bz#2332
5338
5339    Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859
5340
5341commit 0882332616e4f0272c31cc47bf2018f9cb258a4e
5342Author: djm@openbsd.org <djm@openbsd.org>
5343Date:   Fri May 22 04:45:52 2015 +0000
5344
5345    upstream commit
5346
5347    Reorder EscapeChar option parsing to avoid a single-byte
5348     out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@
5349
5350    Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060
5351
5352commit d7c31da4d42c115843edee2074d7d501f8804420
5353Author: djm@openbsd.org <djm@openbsd.org>
5354Date:   Fri May 22 03:50:02 2015 +0000
5355
5356    upstream commit
5357
5358    add knob to relax GSSAPI host credential check for
5359     multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker
5360     (kerberos/GSSAPI is not compiled by default on OpenBSD)
5361
5362    Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d
5363
5364commit aa72196a00be6e0b666215edcffbc10af234cb0e
5365Author: Darren Tucker <dtucker@zip.com.au>
5366Date:   Fri May 22 17:49:46 2015 +1000
5367
5368    Include signal.h for sig_atomic_t, used by kex.h.
5369
5370    bz#2402, from tomas.kuthan at oracle com.
5371
5372commit 8b02481143d75e91c49d1bfae0876ac1fbf9511a
5373Author: Darren Tucker <dtucker@zip.com.au>
5374Date:   Fri May 22 12:47:24 2015 +1000
5375
5376    Import updated moduli file from OpenBSD.
5377
5378commit 4739e8d5e1c0be49624082bd9f6b077e9e758db9
5379Author: djm@openbsd.org <djm@openbsd.org>
5380Date:   Thu May 21 12:01:19 2015 +0000
5381
5382    upstream commit
5383
5384    Support "ssh-keygen -lF hostname" to find search known_hosts
5385     and print key hashes. Already advertised by ssh-keygen(1), but not delivered
5386     by code; ok dtucker@
5387
5388    Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387
5389
5390commit e97201feca10b5196da35819ae516d0b87cf3a50
5391Author: Damien Miller <djm@mindrot.org>
5392Date:   Thu May 21 17:55:15 2015 +1000
5393
5394    conditionalise util.h inclusion
5395
5396commit 13640798c7dd011ece0a7d02841fe48e94cfa0e0
5397Author: djm@openbsd.org <djm@openbsd.org>
5398Date:   Thu May 21 06:44:25 2015 +0000
5399
5400    upstream commit
5401
5402    regress test for AuthorizedPrincipalsCommand
5403
5404    Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219
5405
5406commit 84452c5d03c21f9bfb28c234e0dc1dc67dd817b1
5407Author: djm@openbsd.org <djm@openbsd.org>
5408Date:   Thu May 21 06:40:02 2015 +0000
5409
5410    upstream commit
5411
5412    regress test for AuthorizedKeysCommand arguments
5413
5414    Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12
5415
5416commit bcc50d816187fa9a03907ac1f3a52f04a52e10d1
5417Author: djm@openbsd.org <djm@openbsd.org>
5418Date:   Thu May 21 06:43:30 2015 +0000
5419
5420    upstream commit
5421
5422    add AuthorizedPrincipalsCommand that allows getting
5423     authorized_principals from a subprocess rather than a file, which is quite
5424     useful in deployments with large userbases
5425
5426    feedback and ok markus@
5427
5428    Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
5429
5430commit 24232a3e5ab467678a86aa67968bbb915caffed4
5431Author: djm@openbsd.org <djm@openbsd.org>
5432Date:   Thu May 21 06:38:35 2015 +0000
5433
5434    upstream commit
5435
5436    support arguments to AuthorizedKeysCommand
5437
5438    bz#2081 loosely based on patch by Sami Hartikainen
5439    feedback and ok markus@
5440
5441    Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
5442
5443commit d80fbe41a57c72420c87a628444da16d09d66ca7
5444Author: djm@openbsd.org <djm@openbsd.org>
5445Date:   Thu May 21 04:55:51 2015 +0000
5446
5447    upstream commit
5448
5449    refactor: split base64 encoding of pubkey into its own
5450     sshkey_to_base64() function and out of sshkey_write(); ok markus@
5451
5452    Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a
5453
5454commit 7cc44ef74133a473734bbcbd3484f24d6a7328c5
5455Author: deraadt@openbsd.org <deraadt@openbsd.org>
5456Date:   Mon May 18 15:06:05 2015 +0000
5457
5458    upstream commit
5459
5460    getentropy() and sendsyslog() have been around long
5461     enough. openssh-portable may want the #ifdef's but not base. discussed with
5462     djm few weeks back
5463
5464    Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926
5465
5466commit 9173d0fbe44de7ebcad8a15618e13a8b8d78902e
5467Author: dtucker@openbsd.org <dtucker@openbsd.org>
5468Date:   Fri May 15 05:44:21 2015 +0000
5469
5470    upstream commit
5471
5472    Use a salted hash of the lock passphrase instead of plain
5473     text and do constant-time comparisons of it. Should prevent leaking any
5474     information about it via timing, pointed out by Ryan Castellucci.  Add a 0.1s
5475     incrementing delay for each failed unlock attempt up to 10s.  ok markus@
5476     (earlier version), djm@
5477
5478    Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f
5479
5480commit d028d5d3a697c71b21e4066d8672cacab3caa0a8
5481Author: Damien Miller <djm@mindrot.org>
5482Date:   Tue May 5 19:10:58 2015 +1000
5483
5484    upstream commit
5485
5486       - tedu@cvs.openbsd.org 2015/01/12 03:20:04
5487         [bcrypt_pbkdf.c]
5488         rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,
5489         nor are they the same size.
5490
5491commit f6391d4e59b058984163ab28f4e317e7a72478f1
5492Author: Damien Miller <djm@mindrot.org>
5493Date:   Tue May 5 19:10:23 2015 +1000
5494
5495    upstream commit
5496
5497       - deraadt@cvs.openbsd.org 2015/01/08 00:30:07
5498         [bcrypt_pbkdf.c]
5499         declare a local version of MIN(), call it MINIMUM()
5500
5501commit 8ac6b13cc9113eb47cd9e86c97d7b26b4b71b77f
5502Author: Damien Miller <djm@mindrot.org>
5503Date:   Tue May 5 19:09:46 2015 +1000
5504
5505    upstream commit
5506
5507       - djm@cvs.openbsd.org 2014/12/30 01:41:43
5508         [bcrypt_pbkdf.c]
5509         typo in comment: ouput => output
5510
5511commit 1f792489d5cf86a4f4e3003e6e9177654033f0f2
5512Author: djm@openbsd.org <djm@openbsd.org>
5513Date:   Mon May 4 06:10:48 2015 +0000
5514
5515    upstream commit
5516
5517    Remove pattern length argument from match_pattern_list(), we
5518     only ever use it for strlen(pattern).
5519
5520    Prompted by hanno AT hboeck.de pointing an out-of-bound read
5521    error caused by an incorrect pattern length found using AFL
5522    and his own tools.
5523
5524    ok markus@
5525
5526commit 639d6bc57b1942393ed12fb48f00bc05d4e093e4
5527Author: djm@openbsd.org <djm@openbsd.org>
5528Date:   Fri May 1 07:10:01 2015 +0000
5529
5530    upstream commit
5531
5532    refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
5533     to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
5534
5535    Improves error messages on TCP connection resets. bz#2257
5536
5537    ok dtucker@
5538
5539commit 9559d7de34c572d4d3fd990ca211f8ec99f62c4d
5540Author: djm@openbsd.org <djm@openbsd.org>
5541Date:   Fri May 1 07:08:08 2015 +0000
5542
5543    upstream commit
5544
5545    a couple of parse targets were missing activep checks,
5546     causing them to be misapplied in match context; bz#2272 diagnosis and
5547     original patch from Sami Hartikainen ok dtucker@
5548
5549commit 7e8528cad04b2775c3b7db08abf8fb42e47e6b2a
5550Author: djm@openbsd.org <djm@openbsd.org>
5551Date:   Fri May 1 04:17:51 2015 +0000
5552
5553    upstream commit
5554
5555    make handling of AuthorizedPrincipalsFile=none more
5556     consistent with other =none options; bz#2288 from Jakub Jelen; ok dtucker@
5557
5558commit ca430d4d9cc0f62eca3b1fb1e2928395b7ce80f7
5559Author: djm@openbsd.org <djm@openbsd.org>
5560Date:   Fri May 1 04:03:20 2015 +0000
5561
5562    upstream commit
5563
5564    remove failed remote forwards established by muliplexing
5565     from the list of active forwards; bz#2363, patch mostly by Yoann Ricordel; ok
5566     dtucker@
5567
5568commit 8312cfb8ad88657517b3e23ac8c56c8e38eb9792
5569Author: djm@openbsd.org <djm@openbsd.org>
5570Date:   Fri May 1 04:01:58 2015 +0000
5571
5572    upstream commit
5573
5574    reduce stderr spam when using ssh -S /path/mux -O forward
5575     -R 0:... ok dtucker@
5576
5577commit 179be0f5e62f1f492462571944e45a3da660d82b
5578Author: djm@openbsd.org <djm@openbsd.org>
5579Date:   Fri May 1 03:23:51 2015 +0000
5580
5581    upstream commit
5582
5583    prevent authorized_keys options picked up on public key
5584     tests without a corresponding private key authentication being applied to
5585     other authentication methods. Reported by halex@, ok markus@
5586
5587commit a42d67be65b719a430b7fcaba2a4e4118382723a
5588Author: djm@openbsd.org <djm@openbsd.org>
5589Date:   Fri May 1 03:20:54 2015 +0000
5590
5591    upstream commit
5592
5593    Don't make parsing of authorized_keys' environment=
5594     option conditional on PermitUserEnv - always parse it, but only use the
5595     result if the option is enabled. This prevents the syntax of authorized_keys
5596     changing depending on which sshd_config options were enabled.
5597
5598    bz#2329; based on patch from coladict AT gmail.com, ok dtucker@
5599
5600commit e661a86353e11592c7ed6a847e19a83609f49e77
5601Author: djm@openbsd.org <djm@openbsd.org>
5602Date:   Mon May 4 06:10:48 2015 +0000
5603
5604    upstream commit
5605
5606    Remove pattern length argument from match_pattern_list(), we
5607     only ever use it for strlen(pattern).
5608
5609    Prompted by hanno AT hboeck.de pointing an out-of-bound read
5610    error caused by an incorrect pattern length found using AFL
5611    and his own tools.
5612
5613    ok markus@
5614
5615commit 0ef1de742be2ee4b10381193fe90730925b7f027
5616Author: dtucker@openbsd.org <dtucker@openbsd.org>
5617Date:   Thu Apr 23 05:01:19 2015 +0000
5618
5619    upstream commit
5620
5621    Add a simple regression test for sshd's configuration
5622     parser.  Right now, all it does is run the output of sshd -T back through
5623     itself and ensure the output is valid and invariant.
5624
5625commit 368f83c793275faa2c52f60eaa9bdac155c4254b
5626Author: djm@openbsd.org <djm@openbsd.org>
5627Date:   Wed Apr 22 01:38:36 2015 +0000
5628
5629    upstream commit
5630
5631    use correct key for nested certificate test
5632
5633commit 8d4d1bfddbbd7d21f545dc6997081d1ea1fbc99a
5634Author: djm@openbsd.org <djm@openbsd.org>
5635Date:   Fri May 1 07:11:47 2015 +0000
5636
5637    upstream commit
5638
5639    mention that the user's shell from /etc/passwd is used
5640     for commands too; bz#1459 ok dtucker@
5641
5642commit 5ab283d0016bbc9d4d71e8e5284d011bc5a930cf
5643Author: djm@openbsd.org <djm@openbsd.org>
5644Date:   Fri May 8 07:29:00 2015 +0000
5645
5646    upstream commit
5647
5648    whitespace
5649
5650    Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519
5651
5652commit 8377d5008ad260048192e1e56ad7d15a56d103dd
5653Author: djm@openbsd.org <djm@openbsd.org>
5654Date:   Fri May 8 07:26:13 2015 +0000
5655
5656    upstream commit
5657
5658    whitespace at EOL
5659
5660    Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554
5661
5662commit c28a3436fa8737709ea88e4437f8f23a6ab50359
5663Author: djm@openbsd.org <djm@openbsd.org>
5664Date:   Fri May 8 06:45:13 2015 +0000
5665
5666    upstream commit
5667
5668    moar whitespace at eol
5669
5670    Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515
5671
5672commit 2b64c490468fd4ca35ac8d5cc31c0520dc1508bb
5673Author: djm@openbsd.org <djm@openbsd.org>
5674Date:   Fri May 8 06:41:56 2015 +0000
5675
5676    upstream commit
5677
5678    whitespace at EOL
5679
5680    Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c
5681
5682commit 4e636cf201ce6e7e3b9088568218f9d4e2c51712
5683Author: djm@openbsd.org <djm@openbsd.org>
5684Date:   Fri May 8 03:56:51 2015 +0000
5685
5686    upstream commit
5687
5688    whitespace at EOL
5689
5690commit 38b8272f823dc1dd4e29dbcee83943ed48bb12fa
5691Author: dtucker@openbsd.org <dtucker@openbsd.org>
5692Date:   Mon May 4 01:47:53 2015 +0000
5693
5694    upstream commit
5695
5696    Use diff w/out -u for better portability
5697
5698commit 297060f42d5189a4065ea1b6f0afdf6371fb0507
5699Author: dtucker@openbsd.org <dtucker@openbsd.org>
5700Date:   Fri May 8 03:25:07 2015 +0000
5701
5702    upstream commit
5703
5704    Use xcalloc for permitted_adm_opens instead of xmalloc to
5705     ensure it's zeroed. Fixes post-auth crash with permitopen=none.  bz#2355, ok
5706     djm@
5707
5708commit 63ebf019be863b2d90492a85e248cf55a6e87403
5709Author: djm@openbsd.org <djm@openbsd.org>
5710Date:   Fri May 8 03:17:49 2015 +0000
5711
5712    upstream commit
5713
5714    don't choke on new-format private keys encrypted with an
5715     AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@
5716
5717commit f8484dac678ab3098ae522a5f03bb2530f822987
5718Author: dtucker@openbsd.org <dtucker@openbsd.org>
5719Date:   Wed May 6 05:45:17 2015 +0000
5720
5721    upstream commit
5722
5723    Clarify pseudo-terminal request behaviour and use
5724     "pseudo-terminal" consistently.  bz#1716, ok jmc@ "I like it" deraadt@.
5725
5726commit ea139507bef8bad26e86ed99a42c7233ad115c38
5727Author: dtucker@openbsd.org <dtucker@openbsd.org>
5728Date:   Wed May 6 04:07:18 2015 +0000
5729
5730    upstream commit
5731
5732    Blacklist DH-GEX for specific PuTTY versions known to
5733     send non-RFC4419 DH-GEX messages rather than all versions of PuTTY.
5734     According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX
5735     messages.  ok djm@
5736
5737commit b58234f00ee3872eb84f6e9e572a9a34e902e36e
5738Author: dtucker@openbsd.org <dtucker@openbsd.org>
5739Date:   Tue May 5 10:17:49 2015 +0000
5740
5741    upstream commit
5742
5743    WinSCP doesn't implement RFC4419 DH-GEX so flag it so we
5744     don't offer that KEX method.  ok markus@
5745
5746commit d5b1507a207253b39e810e91e68f9598691b7a29
5747Author: jsg@openbsd.org <jsg@openbsd.org>
5748Date:   Tue May 5 02:48:17 2015 +0000
5749
5750    upstream commit
5751
5752    use the sizeof the struct not the sizeof a pointer to the
5753     struct in ssh_digest_start()
5754
5755    This file is only used if ssh is built with OPENSSL=no
5756
5757    ok markus@
5758
5759commit a647b9b8e616c231594b2710c925d31b1b8afea3
5760Author: Darren Tucker <dtucker@zip.com.au>
5761Date:   Fri May 8 11:07:27 2015 +1000
5762
5763    Put brackets around mblen() compat constant.
5764
5765    This might help with the reported problem cross compiling for Android
5766    ("error: expected identifier or '(' before numeric constant") but
5767    shouldn't hurt in any case.
5768
5769commit d1680d36e17244d9af3843aeb5025cb8e40d6c07
5770Author: Darren Tucker <dtucker@zip.com.au>
5771Date:   Thu Apr 30 09:18:11 2015 +1000
5772
5773    xrealloc -> xreallocarray in portable code too.
5774
5775commit 531a57a3893f9fcd4aaaba8c312b612bbbcc021e
5776Author: dtucker@openbsd.org <dtucker@openbsd.org>
5777Date:   Wed Apr 29 03:48:56 2015 +0000
5778
5779    upstream commit
5780
5781    Allow ListenAddress, Port and AddressFamily in any
5782     order.  bz#68, ok djm@, jmc@ (for the man page bit).
5783
5784commit c1d5bcf1aaf1209af02f79e48ba1cbc76a87b56f
5785Author: jmc@openbsd.org <jmc@openbsd.org>
5786Date:   Tue Apr 28 13:47:38 2015 +0000
5787
5788    upstream commit
5789
5790    enviroment -> environment: apologies to darren for not
5791     spotting that first time round...
5792
5793commit 43beea053db191cac47c2cd8d3dc1930158aff1a
5794Author: dtucker@openbsd.org <dtucker@openbsd.org>
5795Date:   Tue Apr 28 10:25:15 2015 +0000
5796
5797    upstream commit
5798
5799    Fix typo in previous
5800
5801commit 85b96ef41374f3ddc9139581f87da09b2cd9199e
5802Author: dtucker@openbsd.org <dtucker@openbsd.org>
5803Date:   Tue Apr 28 10:17:58 2015 +0000
5804
5805    upstream commit
5806
5807    Document that the TERM environment variable is not
5808     subject to SendEnv and AcceptEnv.  bz#2386, based loosely on a patch from
5809     jjelen at redhat, help and ok jmc@
5810
5811commit 88a7c598a94ff53f76df228eeaae238d2d467565
5812Author: djm@openbsd.org <djm@openbsd.org>
5813Date:   Mon Apr 27 21:42:48 2015 +0000
5814
5815    upstream commit
5816
5817    Make sshd default to PermitRootLogin=no; ok deraadt@
5818     rpe@
5819
5820commit 734226b4480a6c736096c729fcf6f391400599c7
5821Author: djm@openbsd.org <djm@openbsd.org>
5822Date:   Mon Apr 27 01:52:30 2015 +0000
5823
5824    upstream commit
5825
5826    fix compilation with OPENSSL=no; ok dtucker@
5827
5828commit a4b9d2ce1eb7703eaf0809b0c8a82ded8aa4f1c6
5829Author: dtucker@openbsd.org <dtucker@openbsd.org>
5830Date:   Mon Apr 27 00:37:53 2015 +0000
5831
5832    upstream commit
5833
5834    Include stdio.h for FILE (used in sshkey.h) so it
5835     compiles with OPENSSL=no.
5836
5837commit dbcc652f4ca11fe04e5930c7ef18a219318c6cda
5838Author: djm@openbsd.org <djm@openbsd.org>
5839Date:   Mon Apr 27 00:21:21 2015 +0000
5840
5841    upstream commit
5842
5843    allow "sshd -f none" to skip reading the config file,
5844     much like "ssh -F none" does. ok dtucker
5845
5846commit b7ca276fca316c952f0b90f5adb1448c8481eedc
5847Author: jmc@openbsd.org <jmc@openbsd.org>
5848Date:   Fri Apr 24 06:26:49 2015 +0000
5849
5850    upstream commit
5851
5852    combine -Dd onto one line and update usage();
5853
5854commit 2ea974630d7017e4c7666d14d9dc939707613e96
5855Author: djm@openbsd.org <djm@openbsd.org>
5856Date:   Fri Apr 24 05:26:44 2015 +0000
5857
5858    upstream commit
5859
5860    add ssh-agent -D to leave ssh-agent in foreground
5861     without enabling debug mode; bz#2381 ok dtucker@
5862
5863commit 8ac2ffd7aa06042f6b924c87139f2fea5c5682f7
5864Author: deraadt@openbsd.org <deraadt@openbsd.org>
5865Date:   Fri Apr 24 01:36:24 2015 +0000
5866
5867    upstream commit
5868
5869    2*len -> use xreallocarray() ok djm
5870
5871commit 657a5fbc0d0aff309079ff8fb386f17e964963c2
5872Author: deraadt@openbsd.org <deraadt@openbsd.org>
5873Date:   Fri Apr 24 01:36:00 2015 +0000
5874
5875    upstream commit
5876
5877    rename xrealloc() to xreallocarray() since it follows
5878     that form. ok djm
5879
5880commit 1108ae242fdd2c304307b68ddf46aebe43ebffaa
5881Author: dtucker@openbsd.org <dtucker@openbsd.org>
5882Date:   Thu Apr 23 04:59:10 2015 +0000
5883
5884    upstream commit
5885
5886    Two small fixes for sshd -T: ListenAddress'es are added
5887     to a list head so reverse the order when printing them to ensure the
5888     behaviour remains the same, and print StreamLocalBindMask as octal with
5889     leading zero.  ok deraadt@
5890
5891commit bd902b8473e1168f19378d5d0ae68d0c203525df
5892Author: dtucker@openbsd.org <dtucker@openbsd.org>
5893Date:   Thu Apr 23 04:53:53 2015 +0000
5894
5895    upstream commit
5896
5897    Check for and reject missing arguments for
5898     VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com,
5899     ok djm@
5900
5901commit ca42c1758575e592239de1d5755140e054b91a0d
5902Author: djm@openbsd.org <djm@openbsd.org>
5903Date:   Wed Apr 22 01:24:01 2015 +0000
5904
5905    upstream commit
5906
5907    unknown certificate extensions are non-fatal, so don't
5908     fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok
5909     dtucker@
5910
5911commit 39bfbf7caad231cc4bda6909fb1af0705bca04d8
5912Author: jsg@openbsd.org <jsg@openbsd.org>
5913Date:   Tue Apr 21 07:01:00 2015 +0000
5914
5915    upstream commit
5916
5917    Add back a backslash removed in rev 1.42 so
5918     KEX_SERVER_ENCRYPT will include aes again.
5919
5920    ok deraadt@
5921
5922commit 6b0d576bb87eca3efd2b309fcfe4edfefc289f9c
5923Author: djm@openbsd.org <djm@openbsd.org>
5924Date:   Fri Apr 17 13:32:09 2015 +0000
5925
5926    upstream commit
5927
5928    s/recommended/required/ that private keys be og-r this
5929     wording change was made a while ago but got accidentally reverted
5930
5931commit 44a8e7ce6f3ab4c2eb1ae49115c210b98e53c4df
5932Author: djm@openbsd.org <djm@openbsd.org>
5933Date:   Fri Apr 17 13:25:52 2015 +0000
5934
5935    upstream commit
5936
5937    don't try to cleanup NULL KEX proposals in
5938     kex_prop_free(); found by Jukka Taimisto and Markus Hietava
5939
5940commit 3038a191872d2882052306098c1810d14835e704
5941Author: djm@openbsd.org <djm@openbsd.org>
5942Date:   Fri Apr 17 13:19:22 2015 +0000
5943
5944    upstream commit
5945
5946    use error/logit/fatal instead of fprintf(stderr, ...)
5947     and exit(0), fix a few errors that were being printed to stdout instead of
5948     stderr and a few non-errors that were going to stderr instead of stdout
5949     bz#2325; ok dtucker
5950
5951commit a58be33cb6cd24441fa7e634db0e5babdd56f07f
5952Author: djm@openbsd.org <djm@openbsd.org>
5953Date:   Fri Apr 17 13:16:48 2015 +0000
5954
5955    upstream commit
5956
5957    debug log missing DISPLAY environment when X11
5958     forwarding requested; bz#1682 ok dtucker@
5959
5960commit 17d4d9d9fbc8fb80e322f94d95eecc604588a474
5961Author: djm@openbsd.org <djm@openbsd.org>
5962Date:   Fri Apr 17 04:32:31 2015 +0000
5963
5964    upstream commit
5965
5966    don't call record_login() in monitor when UseLogin is
5967     enabled; bz#278 reported by drk AT sgi.com; ok dtucker
5968
5969commit 40132ff87b6cbc3dc05fb5df2e9d8e3afa06aafd
5970Author: dtucker@openbsd.org <dtucker@openbsd.org>
5971Date:   Fri Apr 17 04:12:35 2015 +0000
5972
5973    upstream commit
5974
5975    Add some missing options to sshd -T and fix the output
5976     of VersionAddendum HostCertificate.  bz#2346, patch from jjelen at redhat
5977     com, ok djm.
5978
5979commit 6cc7cfa936afde2d829e56ee6528c7ea47a42441
5980Author: dtucker@openbsd.org <dtucker@openbsd.org>
5981Date:   Thu Apr 16 23:25:50 2015 +0000
5982
5983    upstream commit
5984
5985    Document "none" for PidFile XAuthLocation
5986     TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@
5987
5988commit 15fdfc9b1c6808b26bc54d4d61a38b54541763ed
5989Author: dtucker@openbsd.org <dtucker@openbsd.org>
5990Date:   Wed Apr 15 23:23:25 2015 +0000
5991
5992    upstream commit
5993
5994    Plug leak of address passed to logging.  bz#2373, patch
5995     from jjelen at redhat, ok markus@
5996
5997commit bb2289e2a47d465eaaaeff3dee2a6b7777b4c291
5998Author: dtucker@openbsd.org <dtucker@openbsd.org>
5999Date:   Tue Apr 14 04:17:03 2015 +0000
6000
6001    upstream commit
6002
6003    Output remote username in debug output since with Host
6004     and Match it's not always obvious what it will be.  bz#2368, ok djm@
6005
6006commit 70860b6d07461906730632f9758ff1b7c98c695a
6007Author: Darren Tucker <dtucker@zip.com.au>
6008Date:   Fri Apr 17 10:56:13 2015 +1000
6009
6010    Format UsePAM setting when using sshd -T.
6011
6012    Part of bz#2346, patch from jjelen at redhat com.
6013
6014commit ee15d9c9f0720f5a8b0b34e4b10ecf21f9824814
6015Author: Darren Tucker <dtucker@zip.com.au>
6016Date:   Fri Apr 17 10:40:23 2015 +1000
6017
6018    Wrap endian.h include inside ifdef (bz#2370).
6019
6020commit 408f4c2ad4a4c41baa7b9b2b7423d875abbfa70b
6021Author: Darren Tucker <dtucker@zip.com.au>
6022Date:   Fri Apr 17 09:39:58 2015 +1000
6023
6024    Look for '${host}-ar' before 'ar'.
6025
6026    This changes configure.ac to look for '${host}-ar' as set by
6027    AC_CANONICAL_HOST before looking for the unprefixed 'ar'.
6028    Useful when cross-compiling when all your binutils are prefixed.
6029
6030    Patch from moben at exherbo org via astrand at lysator liu se and
6031    bz#2352.
6032
6033commit 673a1c16ad078d41558247ce739fe812c960acc8
6034Author: Damien Miller <djm@google.com>
6035Date:   Thu Apr 16 11:40:20 2015 +1000
6036
6037    remove dependency on arpa/telnet.h
6038
6039commit 202d443eeda1829d336595a3cfc07827e49f45ed
6040Author: Darren Tucker <dtucker@zip.com.au>
6041Date:   Wed Apr 15 15:59:49 2015 +1000
6042
6043    Remove duplicate include of pwd.h.  bz#2337, patch from Mordy Ovits.
6044
6045commit 597986493412c499f2bc2209420cb195f97b3668
6046Author: Damien Miller <djm@google.com>
6047Date:   Thu Apr 9 10:14:48 2015 +1000
6048
6049    platform's with openpty don't need pty_release
6050
6051commit 318be28cda1fd9108f2e6f2f86b0b7589ba2aed0
6052Author: djm@openbsd.org <djm@openbsd.org>
6053Date:   Mon Apr 13 02:04:08 2015 +0000
6054
6055    upstream commit
6056
6057    deprecate ancient, pre-RFC4419 and undocumented
6058     SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems
6059     reasonable" dtucker@
6060
6061commit d8f391caef62378463a0e6b36f940170dadfe605
6062Author: dtucker@openbsd.org <dtucker@openbsd.org>
6063Date:   Fri Apr 10 05:16:50 2015 +0000
6064
6065    upstream commit
6066
6067    Don't send hostkey advertisments
6068     (hostkeys-00@openssh.com) to current versions of Tera Term as they can't
6069     handle them.  Newer versions should be OK.  Patch from Bryan Drewery and
6070     IWAMOTO Kouichi, ok djm@
6071
6072commit 2c2cfe1a1c97eb9a08cc9817fd0678209680c636
6073Author: djm@openbsd.org <djm@openbsd.org>
6074Date:   Fri Apr 10 00:08:55 2015 +0000
6075
6076    upstream commit
6077
6078    include port number if a non-default one has been
6079     specified; based on patch from Michael Handler
6080
6081commit 4492a4f222da4cf1e8eab12689196322e27b08c4
6082Author: djm@openbsd.org <djm@openbsd.org>
6083Date:   Tue Apr 7 23:00:42 2015 +0000
6084
6085    upstream commit
6086
6087    treat Protocol=1,2|2,1 as Protocol=2 when compiled
6088     without SSH1 support; ok dtucker@ millert@
6089
6090commit c265e2e6e932efc6d86f6cc885dea33637a67564
6091Author: miod@openbsd.org <miod@openbsd.org>
6092Date:   Sun Apr 5 15:43:43 2015 +0000
6093
6094    upstream commit
6095
6096    Do not use int for sig_atomic_t; spotted by
6097     christos@netbsd; ok markus@
6098
6099commit e7bf3a5eda6a1b02bef6096fed78527ee11e54cc
6100Author: Darren Tucker <dtucker@zip.com.au>
6101Date:   Tue Apr 7 10:48:04 2015 +1000
6102
6103    Use do{}while(0) for no-op functions.
6104
6105    From FreeBSD.
6106
6107commit bb99844abae2b6447272f79e7fa84134802eb4df
6108Author: Darren Tucker <dtucker@zip.com.au>
6109Date:   Tue Apr 7 10:47:15 2015 +1000
6110
6111    Wrap blf.h include in ifdef.  From FreeBSD.
6112
6113commit d9b9b43656091cf0ad55c122f08fadb07dad0abd
6114Author: Darren Tucker <dtucker@zip.com.au>
6115Date:   Tue Apr 7 09:10:00 2015 +1000
6116
6117    Fix misspellings of regress CONFOPTS env variables.
6118
6119    Patch from Bryan Drewery.
6120
6121commit 3f4ea3c9ab1d32d43c9222c4351f58ca11144156
6122Author: djm@openbsd.org <djm@openbsd.org>
6123Date:   Fri Apr 3 22:17:27 2015 +0000
6124
6125    upstream commit
6126
6127    correct return value in pubkey parsing, spotted by Ben Hawkes
6128     ok markus@
6129
6130commit 7da2be0cb9601ed25460c83aa4d44052b967ba0f
6131Author: djm@openbsd.org <djm@openbsd.org>
6132Date:   Tue Mar 31 22:59:01 2015 +0000
6133
6134    upstream commit
6135
6136    adapt to recent hostfile.c change: when parsing
6137     known_hosts without fully parsing the keys therein, hostkeys_foreach() will
6138     now correctly identify KEY_RSA1 keys; ok markus@ miod@
6139
6140commit 9e1777a0d1c706714b055811c12ab8cc21033e4a
6141Author: markus@openbsd.org <markus@openbsd.org>
6142Date:   Tue Mar 24 20:19:15 2015 +0000
6143
6144    upstream commit
6145
6146    use ${SSH} for -Q instead of installed ssh
6147
6148commit ce1b358ea414a2cc88e4430cd5a2ea7fecd9de57
6149Author: djm@openbsd.org <djm@openbsd.org>
6150Date:   Mon Mar 16 22:46:14 2015 +0000
6151
6152    upstream commit
6153
6154    make CLEANFILES clean up more of the tests' droppings
6155
6156commit 398f9ef192d820b67beba01ec234d66faca65775
6157Author: djm@openbsd.org <djm@openbsd.org>
6158Date:   Tue Mar 31 22:57:06 2015 +0000
6159
6160    upstream commit
6161
6162    downgrade error() for known_hosts parse errors to debug()
6163     to quiet warnings from ssh1 keys present when compiled !ssh1.
6164
6165    also identify ssh1 keys when scanning, even when compiled !ssh1
6166
6167    ok markus@ miod@
6168
6169commit 9a47ab80030a31f2d122b8fd95bd48c408b9fcd9
6170Author: djm@openbsd.org <djm@openbsd.org>
6171Date:   Tue Mar 31 22:55:50 2015 +0000
6172
6173    upstream commit
6174
6175    fd leak for !ssh1 case; found by unittests; ok markus@
6176
6177commit c9a0805a6280681901c270755a7cd630d7c5280e
6178Author: djm@openbsd.org <djm@openbsd.org>
6179Date:   Tue Mar 31 22:55:24 2015 +0000
6180
6181    upstream commit
6182
6183    don't fatal when a !ssh1 sshd is reexeced from a w/ssh1
6184     listener; reported by miod@; ok miod@ markus@
6185
6186commit 704d8c88988cae38fb755a6243b119731d223222
6187Author: tobias@openbsd.org <tobias@openbsd.org>
6188Date:   Tue Mar 31 11:06:49 2015 +0000
6189
6190    upstream commit
6191
6192    Comments are only supported for RSA1 keys. If a user
6193     tried to add one and entered his passphrase, explicitly clear it before exit.
6194     This is done in all other error paths, too.
6195
6196    ok djm
6197
6198commit 78de1673c05ea2c33e0d4a4b64ecb5186b6ea2e9
6199Author: jmc@openbsd.org <jmc@openbsd.org>
6200Date:   Mon Mar 30 18:28:37 2015 +0000
6201
6202    upstream commit
6203
6204    ssh-askpass(1) is the default, overridden by SSH_ASKPASS;
6205     diff originally from jiri b;
6206
6207commit 26e0bcf766fadb4a44fb6199386fb1dcab65ad00
6208Author: djm@openbsd.org <djm@openbsd.org>
6209Date:   Mon Mar 30 00:00:29 2015 +0000
6210
6211    upstream commit
6212
6213    fix uninitialised memory read when parsing a config file
6214     consisting of a single nul byte. Found by hanno AT hboeck.de using AFL; ok
6215     dtucker
6216
6217commit fecede00a76fbb33a349f5121c0b2f9fbc04a777
6218Author: markus@openbsd.org <markus@openbsd.org>
6219Date:   Thu Mar 26 19:32:19 2015 +0000
6220
6221    upstream commit
6222
6223    sigp and lenp are not optional in ssh_agent_sign(); ok
6224     djm@
6225
6226commit 1b0ef3813244c78669e6d4d54c624f600945327d
6227Author: naddy@openbsd.org <naddy@openbsd.org>
6228Date:   Thu Mar 26 12:32:38 2015 +0000
6229
6230    upstream commit
6231
6232    don't try to load .ssh/identity by default if SSH1 is
6233     disabled; ok markus@
6234
6235commit f9b78852379b74a2d14e6fc94fe52af30b7e9c31
6236Author: djm@openbsd.org <djm@openbsd.org>
6237Date:   Thu Mar 26 07:00:04 2015 +0000
6238
6239    upstream commit
6240
6241    ban all-zero curve25519 keys as recommended by latest
6242     CFRG curves draft; ok markus
6243
6244commit b8afbe2c1aaf573565e4da775261dfafc8b1ba9c
6245Author: djm@openbsd.org <djm@openbsd.org>
6246Date:   Thu Mar 26 06:59:28 2015 +0000
6247
6248    upstream commit
6249
6250    relax bits needed check to allow
6251     diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was
6252     selected as symmetric cipher; ok markus
6253
6254commit 47842f71e31da130555353c1d57a1e5a8937f1c0
6255Author: markus@openbsd.org <markus@openbsd.org>
6256Date:   Wed Mar 25 19:29:58 2015 +0000
6257
6258    upstream commit
6259
6260    ignore v1 errors on ssh-add -D; only try v2 keys on
6261     -l/-L (unless WITH_SSH1) ok djm@
6262
6263commit 5f57e77f91bf2230c09eca96eb5ecec39e5f2da6
6264Author: markus@openbsd.org <markus@openbsd.org>
6265Date:   Wed Mar 25 19:21:48 2015 +0000
6266
6267    upstream commit
6268
6269    unbreak ssh_agent_sign (lenp vs *lenp)
6270
6271commit 4daeb67181054f2a377677fac919ee8f9ed3490e
6272Author: markus@openbsd.org <markus@openbsd.org>
6273Date:   Tue Mar 24 20:10:08 2015 +0000
6274
6275    upstream commit
6276
6277    don't leak 'setp' on error; noted by Nicholas Lemonias;
6278     ok djm@
6279
6280commit 7d4f96f9de2a18af0d9fa75ea89a4990de0344f5
6281Author: markus@openbsd.org <markus@openbsd.org>
6282Date:   Tue Mar 24 20:09:11 2015 +0000
6283
6284    upstream commit
6285
6286    consistent check for NULL as noted by Nicholas
6287     Lemonias; ok djm@
6288
6289commit df100be51354e447d9345cf1ec22e6013c0eed50
6290Author: markus@openbsd.org <markus@openbsd.org>
6291Date:   Tue Mar 24 20:03:44 2015 +0000
6292
6293    upstream commit
6294
6295    correct fmt-string for size_t as noted by Nicholas
6296     Lemonias; ok djm@
6297
6298commit a22b9ef21285e81775732436f7c84a27bd3f71e0
6299Author: djm@openbsd.org <djm@openbsd.org>
6300Date:   Tue Mar 24 09:17:21 2015 +0000
6301
6302    upstream commit
6303
6304    promote chacha20-poly1305@openssh.com to be the default
6305     cipher; ok markus
6306
6307commit 2aa9da1a3b360cf7b13e96fe1521534b91501fb5
6308Author: djm@openbsd.org <djm@openbsd.org>
6309Date:   Tue Mar 24 01:29:19 2015 +0000
6310
6311    upstream commit
6312
6313    Compile-time disable SSH protocol 1. You can turn it
6314     back on using the Makefile.inc knob if you need it to talk to ancient
6315     devices.
6316
6317commit 53097b2022154edf96b4e8526af5666f979503f7
6318Author: djm@openbsd.org <djm@openbsd.org>
6319Date:   Tue Mar 24 01:11:12 2015 +0000
6320
6321    upstream commit
6322
6323    fix double-negative error message "ssh1 is not
6324     unsupported"
6325
6326commit 5c27e3b6ec2db711dfcd40e6359c0bcdd0b62ea9
6327Author: djm@openbsd.org <djm@openbsd.org>
6328Date:   Mon Mar 23 06:06:38 2015 +0000
6329
6330    upstream commit
6331
6332    for ssh-keygen -A, don't try (and fail) to generate ssh
6333     v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled
6334     without OpenSSL based on patch by Mike Frysinger; bz#2369
6335
6336commit 725fd22a8c41db7de73a638539a5157b7e4424ae
6337Author: djm@openbsd.org <djm@openbsd.org>
6338Date:   Wed Mar 18 01:44:21 2015 +0000
6339
6340    upstream commit
6341
6342    KRL support doesn't need OpenSSL anymore, remove #ifdefs
6343     from around call
6344
6345commit b07011c18e0b2e172c5fd09d21fb159a0bf5fcc7
6346Author: djm@openbsd.org <djm@openbsd.org>
6347Date:   Mon Mar 16 11:09:52 2015 +0000
6348
6349    upstream commit
6350
6351    #if 0 some more arrays used only for decrypting (we don't
6352     use since we only need encrypt for AES-CTR)
6353
6354commit 1cb3016635898d287e9d58b50c430995652d5358
6355Author: jsg@openbsd.org <jsg@openbsd.org>
6356Date:   Wed Mar 11 00:48:39 2015 +0000
6357
6358    upstream commit
6359
6360    add back the changes from rev 1.206, djm reverted this by
6361     mistake in rev 1.207
6362
6363commit 4d24b3b6a4a6383e05e7da26d183b79fa8663697
6364Author: Damien Miller <djm@mindrot.org>
6365Date:   Fri Mar 20 09:11:59 2015 +1100
6366
6367    remove error() accidentally inserted for debugging
6368
6369    pointed out by Christian Hesse
6370
6371commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb
6372Author: Tim Rice <tim@multitalents.net>
6373Date:   Mon Mar 16 22:49:20 2015 -0700
6374
6375    portability fix: Solaris systems may not have a grep that understands -q
6376
6377commit 8ef691f7d9ef500257a549d0906d78187490668f
6378Author: Damien Miller <djm@google.com>
6379Date:   Wed Mar 11 10:35:26 2015 +1100
6380
6381    fix compile with clang
6382
6383commit 4df590cf8dc799e8986268d62019b487a8ed63ad
6384Author: Damien Miller <djm@google.com>
6385Date:   Wed Mar 11 10:02:39 2015 +1100
6386
6387    make unit tests work for !OPENSSH_HAS_ECC
6388
6389commit 307bb40277ca2c32e97e61d70d1ed74b571fd6ba
6390Author: djm@openbsd.org <djm@openbsd.org>
6391Date:   Sat Mar 7 04:41:48 2015 +0000
6392
6393    upstream commit
6394
6395    unbreak for w/SSH1 (default) case; ok markus@ deraadt@
6396
6397commit b44ee0c998fb4c5f3c3281f2398af5ce42840b6f
6398Author: Damien Miller <djm@mindrot.org>
6399Date:   Thu Mar 5 18:39:20 2015 -0800
6400
6401    unbreak hostkeys test for w/ SSH1 case
6402
6403commit 55e5bdeb519cb60cc18b7ba0545be581fb8598b4
6404Author: djm@openbsd.org <djm@openbsd.org>
6405Date:   Fri Mar 6 01:40:56 2015 +0000
6406
6407    upstream commit
6408
6409    fix sshkey_certify() return value for unsupported key types;
6410     ok markus@ deraadt@
6411
6412commit be8f658e550a434eac04256bfbc4289457a24e99
6413Author: Damien Miller <djm@mindrot.org>
6414Date:   Wed Mar 4 15:38:03 2015 -0800
6415
6416    update version numbers to match version.h
6417
6418commit ac5e8acefa253eb5e5ba186e34236c0e8007afdc
6419Author: djm@openbsd.org <djm@openbsd.org>
6420Date:   Wed Mar 4 23:22:35 2015 +0000
6421
6422    upstream commit
6423
6424    make these work with !SSH1; ok markus@ deraadt@
6425
6426commit 2f04af92f036b0c87a23efb259c37da98cd81fe6
6427Author: djm@openbsd.org <djm@openbsd.org>
6428Date:   Wed Mar 4 21:12:59 2015 +0000
6429
6430    upstream commit
6431
6432    make ssh-add -D work with !SSH1 agent
6433
6434commit a05adf95d2af6abb2b7826ddaa7a0ec0cdc1726b
6435Author: Damien Miller <djm@mindrot.org>
6436Date:   Wed Mar 4 00:55:48 2015 -0800
6437
6438    netcat needs poll.h portability goop
6439
6440commit dad2b1892b4c1b7e58df483a8c5b983c4454e099
6441Author: markus@openbsd.org <markus@openbsd.org>
6442Date:   Tue Mar 3 22:35:19 2015 +0000
6443
6444    upstream commit
6445
6446    make it possible to run tests w/o ssh1 support; ok djm@
6447
6448commit d48a22601bdd3eec054794c535f4ae8d8ae4c6e2
6449Author: djm@openbsd.org <djm@openbsd.org>
6450Date:   Wed Mar 4 18:53:53 2015 +0000
6451
6452    upstream commit
6453
6454    crank; ok markus, deraadt
6455
6456commit bbffb23daa0b002dd9f296e396a9ab8a5866b339
6457Author: Damien Miller <djm@mindrot.org>
6458Date:   Tue Mar 3 13:50:27 2015 -0800
6459
6460    more --without-ssh1 fixes
6461
6462commit 6c2039286f503e2012a58a1d109e389016e7a99b
6463Author: Damien Miller <djm@mindrot.org>
6464Date:   Tue Mar 3 13:48:48 2015 -0800
6465
6466    fix merge both that broke --without-ssh1 compile
6467
6468commit 111dfb225478a76f89ecbcd31e96eaf1311b59d3
6469Author: djm@openbsd.org <djm@openbsd.org>
6470Date:   Tue Mar 3 21:21:13 2015 +0000
6471
6472    upstream commit
6473
6474    add SSH1 Makefile knob to make it easier to build without
6475     SSH1 support; ok markus@
6476
6477commit 3f7f5e6c5d2aa3f6710289c1a30119e534e56c5c
6478Author: djm@openbsd.org <djm@openbsd.org>
6479Date:   Tue Mar 3 20:42:49 2015 +0000
6480
6481    upstream commit
6482
6483    expand __unused to full __attribute__ for better portability
6484
6485commit 2fab9b0f8720baf990c931e3f68babb0bf9949c6
6486Author: Damien Miller <djm@mindrot.org>
6487Date:   Wed Mar 4 07:41:27 2015 +1100
6488
6489    avoid warning
6490
6491commit d1bc844322461f882b4fd2277ba9a8d4966573d2
6492Author: Damien Miller <djm@mindrot.org>
6493Date:   Wed Mar 4 06:31:45 2015 +1100
6494
6495    Revert "define __unused to nothing if not already defined"
6496
6497    This reverts commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908.
6498
6499    Some system headers have objects named __unused
6500
6501commit 00797e86b2d98334d1bb808f65fa1fd47f328ff1
6502Author: Damien Miller <djm@mindrot.org>
6503Date:   Wed Mar 4 05:02:45 2015 +1100
6504
6505    check for crypt and DES_crypt in openssl block
6506
6507    fixes builds on systems that use DES_crypt; based on patch
6508    from Roumen Petrov
6509
6510commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908
6511Author: Damien Miller <djm@mindrot.org>
6512Date:   Wed Mar 4 04:59:13 2015 +1100
6513
6514    define __unused to nothing if not already defined
6515
6516    fixes builds on BSD/OS
6517
6518commit d608a51daad4f14ad6ab43d7cf74ef4801cc3fe9
6519Author: djm@openbsd.org <djm@openbsd.org>
6520Date:   Tue Mar 3 17:53:40 2015 +0000
6521
6522    upstream commit
6523
6524    reorder logic for better portability; patch from Roumen
6525     Petrov
6526
6527commit 68d2dfc464fbcdf8d6387884260f9801f4352393
6528Author: djm@openbsd.org <djm@openbsd.org>
6529Date:   Tue Mar 3 06:48:58 2015 +0000
6530
6531    upstream commit
6532
6533    Allow "ssh -Q protocol-version" to list supported SSH
6534     protocol versions. Useful for detecting builds without SSH v.1 support; idea
6535     and ok markus@
6536
6537commit 39e2f1229562e1195169905607bc12290d21f021
6538Author: millert@openbsd.org <millert@openbsd.org>
6539Date:   Sun Mar 1 15:44:40 2015 +0000
6540
6541    upstream commit
6542
6543    Make sure we only call getnameinfo() for AF_INET or AF_INET6
6544     sockets. getpeername() of a Unix domain socket may return without error on
6545     some systems without actually setting ss_family so getnameinfo() was getting
6546     called with ss_family set to AF_UNSPEC.  OK djm@
6547
6548commit e47536ba9692d271b8ad89078abdecf0a1c11707
6549Author: Damien Miller <djm@mindrot.org>
6550Date:   Sat Feb 28 08:20:11 2015 -0800
6551
6552    portability fixes for regress/netcat.c
6553
6554    Mostly avoiding "err(1, NULL)"
6555
6556commit 02973ad5f6f49d8420e50a392331432b0396c100
6557Author: Damien Miller <djm@mindrot.org>
6558Date:   Sat Feb 28 08:05:27 2015 -0800
6559
6560    twiddle another test for portability
6561
6562    from Tom G. Christensen
6563
6564commit f7f3116abf2a6e2f309ab096b08c58d19613e5d0
6565Author: Damien Miller <djm@mindrot.org>
6566Date:   Fri Feb 27 15:52:49 2015 -0800
6567
6568    twiddle test for portability
6569
6570commit 1ad3a77cc9d5568f5437ff99d377aa7a41859b83
6571Author: Damien Miller <djm@mindrot.org>
6572Date:   Thu Feb 26 20:33:22 2015 -0800
6573
6574    make regress/netcat.c fd passing (more) portable
6575
6576commit 9e1cfca7e1fe9cf8edb634fc894e43993e4da1ea
6577Author: Damien Miller <djm@mindrot.org>
6578Date:   Thu Feb 26 20:32:58 2015 -0800
6579
6580    create OBJ/valgrind-out before running unittests
6581
6582commit bd58853102cee739f0e115e6d4b5334332ab1442
6583Author: Damien Miller <djm@mindrot.org>
6584Date:   Wed Feb 25 16:58:22 2015 -0800
6585
6586    valgrind support
6587
6588commit f43d17269194761eded9e89f17456332f4c83824
6589Author: djm@openbsd.org <djm@openbsd.org>
6590Date:   Thu Feb 26 20:45:47 2015 +0000
6591
6592    upstream commit
6593
6594    don't printf NULL key comments; reported by Tom Christensen
6595
6596commit 6e6458b476ec854db33e3e68ebf4f489d0ab3df8
6597Author: djm@openbsd.org <djm@openbsd.org>
6598Date:   Wed Feb 25 23:05:47 2015 +0000
6599
6600    upstream commit
6601
6602    zero cmsgbuf before use; we initialise the bits we use
6603     but valgrind still spams warning on it
6604
6605commit a63cfa26864b93ab6afefad0b630e5358ed8edfa
6606Author: djm@openbsd.org <djm@openbsd.org>
6607Date:   Wed Feb 25 19:54:02 2015 +0000
6608
6609    upstream commit
6610
6611    fix small memory leak when UpdateHostkeys=no
6612
6613commit e6b950341dd75baa8526f1862bca39e52f5b879b
6614Author: Tim Rice <tim@multitalents.net>
6615Date:   Wed Feb 25 09:56:48 2015 -0800
6616
6617    Revert "Work around finicky USL linker so netcat will build."
6618
6619    This reverts commit d1db656021d0cd8c001a6692f772f1de29b67c8b.
6620
6621    No longer needed with commit 678e473e2af2e4802f24dd913985864d9ead7fb3
6622
6623commit 6f621603f9cff2a5d6016a404c96cb2f8ac2dec0
6624Author: djm@openbsd.org <djm@openbsd.org>
6625Date:   Wed Feb 25 17:29:38 2015 +0000
6626
6627    upstream commit
6628
6629    don't leak validity of user in "too many authentication
6630     failures" disconnect message; reported by Sebastian Reitenbach
6631
6632commit 6288e3a935494df12519164f52ca5c8c65fc3ca5
6633Author: naddy@openbsd.org <naddy@openbsd.org>
6634Date:   Tue Feb 24 15:24:05 2015 +0000
6635
6636    upstream commit
6637
6638    add -v (show ASCII art) to -l's synopsis; ok djm@
6639
6640commit 678e473e2af2e4802f24dd913985864d9ead7fb3
6641Author: Darren Tucker <dtucker@zip.com.au>
6642Date:   Thu Feb 26 04:12:58 2015 +1100
6643
6644    Remove dependency on xmalloc.
6645
6646    Remove ssh_get_progname's dependency on xmalloc, which should reduce
6647    link order problems.  ok djm@
6648
6649commit 5d5ec165c5b614b03678afdad881f10e25832e46
6650Author: Darren Tucker <dtucker@zip.com.au>
6651Date:   Wed Feb 25 15:32:49 2015 +1100
6652
6653    Restrict ECDSA and ECDH tests.
6654
6655    ifdef out some more ECDSA and ECDH tests when built against an OpenSSL
6656    that does not have eliptic curve functionality.
6657
6658commit 1734e276d99b17e92d4233fac7aef3a3180aaca7
6659Author: Darren Tucker <dtucker@zip.com.au>
6660Date:   Wed Feb 25 13:40:45 2015 +1100
6661
6662    Move definition of _NSIG.
6663
6664    _NSIG is only unsed in one file, so move it there prevent redefinition
6665    warnings reported by Kevin Brott.
6666
6667commit a47ead7c95cfbeb72721066c4da2312e5b1b9f3d
6668Author: Darren Tucker <dtucker@zip.com.au>
6669Date:   Wed Feb 25 13:17:40 2015 +1100
6670
6671    Add includes.h for compatibility stuff.
6672
6673commit 38806bda6d2e48ad32812b461eebe17672ada771
6674Author: Damien Miller <djm@mindrot.org>
6675Date:   Tue Feb 24 16:50:06 2015 -0800
6676
6677    include netdb.h to look for MAXHOSTNAMELEN; ok tim
6678
6679commit d1db656021d0cd8c001a6692f772f1de29b67c8b
6680Author: Tim Rice <tim@multitalents.net>
6681Date:   Tue Feb 24 10:42:08 2015 -0800
6682
6683    Work around finicky USL linker so netcat will build.
6684
6685commit cb030ce25f555737e8ba97bdd7883ac43f3ff2a3
6686Author: Damien Miller <djm@mindrot.org>
6687Date:   Tue Feb 24 09:23:04 2015 -0800
6688
6689    include includes.h to avoid build failure on AIX
6690
6691commit 13af342458f5064144abbb07e5ac9bbd4eb42567
6692Author: Tim Rice <tim@multitalents.net>
6693Date:   Tue Feb 24 07:56:47 2015 -0800
6694
6695    Original portability patch from djm@ for platforms missing err.h.
6696    Fix name space clash on Solaris 10. Still more to do for Solaris 10
6697    to deal with msghdr structure differences. ok djm@
6698
6699commit 910209203d0cd60c5083901cbcc0b7b44d9f48d2
6700Author: Tim Rice <tim@multitalents.net>
6701Date:   Mon Feb 23 22:06:56 2015 -0800
6702
6703    cleaner way fix dispatch.h portion of commit
6704    a88dd1da119052870bb2654c1a32c51971eade16
6705    (some systems have sig_atomic_t in signal.h, some in sys/signal.h)
6706    Sounds good to me djm@
6707
6708commit 676c38d7cbe65b76bbfff796861bb6615cc6a596
6709Author: Tim Rice <tim@multitalents.net>
6710Date:   Mon Feb 23 21:51:33 2015 -0800
6711
6712    portability fix: if we can't dind a better define for HOST_NAME_MAX, use 255
6713
6714commit 1221b22023dce38cbc90ba77eae4c5d78c77a5e6
6715Author: Tim Rice <tim@multitalents.net>
6716Date:   Mon Feb 23 21:50:34 2015 -0800
6717
6718    portablity fix: s/__inline__/inline/
6719
6720commit 4c356308a88d309c796325bb75dce90ca16591d5
6721Author: Darren Tucker <dtucker@zip.com.au>
6722Date:   Tue Feb 24 13:49:31 2015 +1100
6723
6724    Wrap stdint.h includes in HAVE_STDINT_H.
6725
6726commit c9c88355c6a27a908e7d1e5003a2b35ea99c1614
6727Author: Darren Tucker <dtucker@zip.com.au>
6728Date:   Tue Feb 24 13:43:57 2015 +1100
6729
6730    Add AI_NUMERICSERV to fake-rfc2553.
6731
6732    Our getaddrinfo implementation always returns numeric values already.
6733
6734commit ef342ab1ce6fb9a4b30186c89c309d0ae9d0eeb4
6735Author: Darren Tucker <dtucker@zip.com.au>
6736Date:   Tue Feb 24 13:39:57 2015 +1100
6737
6738    Include OpenSSL's objects.h before bn.h.
6739
6740    Prevents compile errors on some platforms (at least old GCCs and AIX's
6741    XLC compilers).
6742
6743commit dcc8997d116f615195aa7c9ec019fb36c28c6228
6744Author: Darren Tucker <dtucker@zip.com.au>
6745Date:   Tue Feb 24 12:30:59 2015 +1100
6746
6747    Convert two macros into functions.
6748
6749    Convert packet_send_debug and packet_disconnect from macros to
6750    functions.  Some older GCCs (2.7.x, 2.95.x) see to have problems with
6751    variadic macros with only one argument so we convert these two into
6752    functions.  ok djm@
6753
6754commit 2285c30d51b7e2052c6526445abe7e7cc7e170a1
6755Author: djm@openbsd.org <djm@openbsd.org>
6756Date:   Mon Feb 23 22:21:21 2015 +0000
6757
6758    upstream commit
6759
6760    further silence spurious error message even when -v is
6761     specified (e.g. to get visual host keys); reported by naddy@
6762
6763commit 9af21979c00652029e160295e988dea40758ece2
6764Author: Damien Miller <djm@mindrot.org>
6765Date:   Tue Feb 24 09:04:32 2015 +1100
6766
6767    don't include stdint.h unless HAVE_STDINT_H set
6768
6769commit 62f678dd51660d6f8aee1da33d3222c5de10a89e
6770Author: Damien Miller <djm@mindrot.org>
6771Date:   Tue Feb 24 09:02:54 2015 +1100
6772
6773    nother sys/queue.h -> sys-queue.h fix
6774
6775    spotted by Tom Christensen
6776
6777commit b3c19151cba2c0ed01b27f55de0d723ad07ca98f
6778Author: djm@openbsd.org <djm@openbsd.org>
6779Date:   Mon Feb 23 20:32:15 2015 +0000
6780
6781    upstream commit
6782
6783    fix a race condition by using a mux socket rather than an
6784     ineffectual wait statement
6785
6786commit a88dd1da119052870bb2654c1a32c51971eade16
6787Author: Damien Miller <djm@mindrot.org>
6788Date:   Tue Feb 24 06:30:29 2015 +1100
6789
6790    various include fixes for portable
6791
6792commit 5248429b5ec524d0a65507cff0cdd6e0cb99effd
6793Author: djm@openbsd.org <djm@openbsd.org>
6794Date:   Mon Feb 23 16:55:51 2015 +0000
6795
6796    upstream commit
6797
6798    add an XXX to remind me to improve sshkey_load_public
6799
6800commit e94e4b07ef2eaead38b085a60535df9981cdbcdb
6801Author: djm@openbsd.org <djm@openbsd.org>
6802Date:   Mon Feb 23 16:55:31 2015 +0000
6803
6804    upstream commit
6805
6806    silence a spurious error message when listing
6807     fingerprints for known_hosts; bz#2342
6808
6809commit f2293a65392b54ac721f66bc0b44462e8d1d81f8
6810Author: djm@openbsd.org <djm@openbsd.org>
6811Date:   Mon Feb 23 16:33:25 2015 +0000
6812
6813    upstream commit
6814
6815    fix setting/clearing of TTY raw mode around
6816     UpdateHostKeys=ask confirmation question; reported by Herb Goldman
6817
6818commit f2004cd1adf34492eae0a44b1ef84e0e31b06088
6819Author: Darren Tucker <dtucker@zip.com.au>
6820Date:   Mon Feb 23 05:04:21 2015 +1100
6821
6822    Repair for non-ECC OpenSSL.
6823
6824    Ifdef out the ECC parts when building with an OpenSSL that doesn't have
6825    it.
6826
6827commit 37f9220db8d1a52c75894c3de1e5f2ae5bd71b6f
6828Author: Darren Tucker <dtucker@zip.com.au>
6829Date:   Mon Feb 23 03:07:24 2015 +1100
6830
6831    Wrap stdint.h includes in ifdefs.
6832
6833commit f81f1bbc5b892c8614ea740b1f92735652eb43f0
6834Author: Tim Rice <tim@multitalents.net>
6835Date:   Sat Feb 21 18:12:10 2015 -0800
6836
6837    out of tree build fix
6838
6839commit 2e13a1e4d22f3b503c3bfc878562cc7386a1d1ae
6840Author: Tim Rice <tim@multitalents.net>
6841Date:   Sat Feb 21 18:08:51 2015 -0800
6842
6843    mkdir kex unit test directory so testing out of tree builds works
6844
6845commit 1797f49b1ba31e8700231cd6b1d512d80bb50d2c
6846Author: halex@openbsd.org <halex@openbsd.org>
6847Date:   Sat Feb 21 21:46:57 2015 +0000
6848
6849    upstream commit
6850
6851    make "ssh-add -d" properly remove a corresponding
6852     certificate, and also not whine and fail if there is none
6853
6854    ok djm@
6855
6856commit 7faaa32da83a609059d95dbfcb0649fdb04caaf6
6857Author: Damien Miller <djm@mindrot.org>
6858Date:   Sun Feb 22 07:57:27 2015 +1100
6859
6860    mkdir hostkey and bitmap unit test directories
6861
6862commit bd49da2ef197efac5e38f5399263a8b47990c538
6863Author: djm@openbsd.org <djm@openbsd.org>
6864Date:   Fri Feb 20 23:46:01 2015 +0000
6865
6866    upstream commit
6867
6868    sort options useable under Match case-insensitively; prodded
6869     jmc@
6870
6871commit 1a779a0dd6cd8b4a1a40ea33b5415ab8408128ac
6872Author: djm@openbsd.org <djm@openbsd.org>
6873Date:   Sat Feb 21 20:51:02 2015 +0000
6874
6875    upstream commit
6876
6877    correct paths to configuration files being written/updated;
6878     they live in $OBJ not cwd; some by Roumen Petrov
6879
6880commit 28ba006c1acddff992ae946d0bc0b500b531ba6b
6881Author: Darren Tucker <dtucker@zip.com.au>
6882Date:   Sat Feb 21 15:41:07 2015 +1100
6883
6884    More correct checking of HAVE_DECL_AI_NUMERICSERV.
6885
6886commit e50e8c97a9cecae1f28febccaa6ca5ab3bc10f54
6887Author: Darren Tucker <dtucker@zip.com.au>
6888Date:   Sat Feb 21 15:10:33 2015 +1100
6889
6890    Add null declaration of AI_NUMERICINFO.
6891
6892    Some platforms (older FreeBSD and DragonFly versions) do have
6893    getaddrinfo() but do not have AI_NUMERICINFO. so define it to zero
6894    in those cases.
6895
6896commit 18a208d6a460d707a45916db63a571e805f5db46
6897Author: djm@openbsd.org <djm@openbsd.org>
6898Date:   Fri Feb 20 22:40:32 2015 +0000
6899
6900    upstream commit
6901
6902    more options that are available under Match; bz#2353 reported
6903     by calestyo AT scientia.net
6904
6905commit 44732de06884238049f285f1455b2181baa7dc82
6906Author: djm@openbsd.org <djm@openbsd.org>
6907Date:   Fri Feb 20 22:17:21 2015 +0000
6908
6909    upstream commit
6910
6911    UpdateHostKeys fixes:
6912
6913    I accidentally changed the format of the hostkeys@openssh.com messages
6914    last week without changing the extension name, and this has been causing
6915    connection failures for people who are running -current. First reported
6916    by sthen@
6917
6918    s/hostkeys@openssh.com/hostkeys-00@openssh.com/
6919    Change the name of the proof message too, and reorder it a little.
6920
6921    Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
6922    available to read the response) so disable UpdateHostKeys if it is in
6923    ask mode and ControlPersist is active (and document this)
6924
6925commit 13a39414d25646f93e6d355521d832a03aaaffe2
6926Author: djm@openbsd.org <djm@openbsd.org>
6927Date:   Tue Feb 17 00:14:05 2015 +0000
6928
6929    upstream commit
6930
6931    Regression: I broke logging of public key fingerprints in
6932     1.46. Pointed out by Pontus Lundkvist
6933
6934commit 773dda25e828c4c9a52f7bdce6e1e5924157beab
6935Author: Damien Miller <djm@mindrot.org>
6936Date:   Fri Jan 30 23:10:17 2015 +1100
6937
6938    repair --without-openssl; broken in refactor
6939
6940commit e89c780886b23600de1e1c8d74aabd1ff61f43f0
6941Author: Damien Miller <djm@google.com>
6942Date:   Tue Feb 17 10:04:55 2015 +1100
6943
6944    hook up hostkeys unittest to portable Makefiles
6945
6946commit 0abf41f99aa16ff09b263bead242d6cb2dbbcf99
6947Author: djm@openbsd.org <djm@openbsd.org>
6948Date:   Mon Feb 16 22:21:03 2015 +0000
6949
6950    upstream commit
6951
6952    enable hostkeys unit tests
6953
6954commit 68a5d647ccf0fb6782b2f749433a1eee5bc9044b
6955Author: djm@openbsd.org <djm@openbsd.org>
6956Date:   Mon Feb 16 22:20:50 2015 +0000
6957
6958    upstream commit
6959
6960    check string/memory compare arguments aren't NULL
6961
6962commit ef575ef20d09f20722e26b45dab80b3620469687
6963Author: djm@openbsd.org <djm@openbsd.org>
6964Date:   Mon Feb 16 22:18:34 2015 +0000
6965
6966    upstream commit
6967
6968    unit tests for hostfile.c code, just hostkeys_foreach so
6969     far
6970
6971commit 8ea3365e6aa2759ccf5c76eaea62cbc8a280b0e7
6972Author: markus@openbsd.org <markus@openbsd.org>
6973Date:   Sat Feb 14 12:43:16 2015 +0000
6974
6975    upstream commit
6976
6977    test server rekey limit
6978
6979commit ce63c4b063c39b2b22d4ada449c9e3fbde788cb3
6980Author: djm@openbsd.org <djm@openbsd.org>
6981Date:   Mon Feb 16 22:30:03 2015 +0000
6982
6983    upstream commit
6984
6985    partial backout of:
6986
6987    revision 1.441
6988    date: 2015/01/31 20:30:05;  author: djm;  state: Exp;  lines: +17 -10;  commitid
6989    : x8klYPZMJSrVlt3O;
6990    Let sshd load public host keys even when private keys are missing.
6991    Allows sshd to advertise additional keys for future key rotation.
6992    Also log fingerprint of hostkeys loaded; ok markus@
6993
6994    hostkey updates now require access to the private key, so we can't
6995    load public keys only. The improved log messages (fingerprints of keys
6996    loaded) are kept.
6997
6998commit 523463a3a2a9bfc6cfc5afa01bae9147f76a37cc
6999Author: djm@openbsd.org <djm@openbsd.org>
7000Date:   Mon Feb 16 22:13:32 2015 +0000
7001
7002    upstream commit
7003
7004    Revise hostkeys@openssh.com hostkey learning extension.
7005
7006    The client will not ask the server to prove ownership of the private
7007    halves of any hitherto-unseen hostkeys it offers to the client.
7008
7009    Allow UpdateHostKeys option to take an 'ask' argument to let the
7010    user manually review keys offered.
7011
7012    ok markus@
7013
7014commit 6c5c949782d86a6e7d58006599c7685bfcd01685
7015Author: djm@openbsd.org <djm@openbsd.org>
7016Date:   Mon Feb 16 22:08:57 2015 +0000
7017
7018    upstream commit
7019
7020    Refactor hostkeys_foreach() and dependent code Deal with
7021     IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing
7022     changed ok markus@ as part of larger commit
7023
7024commit 51b082ccbe633dc970df1d1f4c9c0497115fe721
7025Author: miod@openbsd.org <miod@openbsd.org>
7026Date:   Mon Feb 16 18:26:26 2015 +0000
7027
7028    upstream commit
7029
7030    Declare ge25519_base as extern, to prevent it from
7031     becoming a common. Gets us rid of ``lignment 4 of symbol
7032     `crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in
7033     mod_ed25519.o'' warnings at link time.
7034
7035commit 02db468bf7e3281a8e3c058ced571b38b6407c34
7036Author: markus@openbsd.org <markus@openbsd.org>
7037Date:   Fri Feb 13 18:57:00 2015 +0000
7038
7039    upstream commit
7040
7041    make rekey_limit for sshd w/privsep work; ok djm@
7042     dtucker@
7043
7044commit 8ec67d505bd23c8bf9e17b7a364b563a07a58ec8
7045Author: dtucker@openbsd.org <dtucker@openbsd.org>
7046Date:   Thu Feb 12 20:34:19 2015 +0000
7047
7048    upstream commit
7049
7050    Prevent sshd spamming syslog with
7051     "ssh_dispatch_run_fatal: disconnected". ok markus@
7052
7053commit d4c0295d1afc342057ba358237acad6be8af480b
7054Author: djm@openbsd.org <djm@openbsd.org>
7055Date:   Wed Feb 11 01:20:38 2015 +0000
7056
7057    upstream commit
7058
7059    Some packet error messages show the address of the peer,
7060     but might be generated after the socket to the peer has suffered a TCP reset.
7061     In these cases, getpeername() won't work so cache the address earlier.
7062
7063    spotted in the wild via deraadt@ and tedu@
7064
7065commit 4af1709cf774475ce5d1bc3ddcc165f6c222897d
7066Author: jsg@openbsd.org <jsg@openbsd.org>
7067Date:   Mon Feb 9 23:22:37 2015 +0000
7068
7069    upstream commit
7070
7071    fix some leaks in error paths ok markus@
7072
7073commit fd36834871d06a03e1ff8d69e41992efa1bbf85f
7074Author: millert@openbsd.org <millert@openbsd.org>
7075Date:   Fri Feb 6 23:21:59 2015 +0000
7076
7077    upstream commit
7078
7079    SIZE_MAX is standard, we should be using it in preference to
7080     the obsolete SIZE_T_MAX.  OK miod@ beck@
7081
7082commit 1910a286d7771eab84c0b047f31c0a17505236fa
7083Author: millert@openbsd.org <millert@openbsd.org>
7084Date:   Thu Feb 5 12:59:57 2015 +0000
7085
7086    upstream commit
7087
7088    Include stdint.h, not limits.h to get SIZE_MAX.  OK guenther@
7089
7090commit ce4f59b2405845584f45e0b3214760eb0008c06c
7091Author: deraadt@openbsd.org <deraadt@openbsd.org>
7092Date:   Tue Feb 3 08:07:20 2015 +0000
7093
7094    upstream commit
7095
7096    missing ; djm and mlarkin really having great
7097     interactions recently
7098
7099commit 5d34aa94938abb12b877a25be51862757f25d54b
7100Author: halex@openbsd.org <halex@openbsd.org>
7101Date:   Tue Feb 3 00:34:14 2015 +0000
7102
7103    upstream commit
7104
7105    slightly extend the passphrase prompt if running with -c
7106     in order to give the user a chance to notice if unintentionally running
7107     without it
7108
7109    wording tweak and ok djm@
7110
7111commit cb3bde373e80902c7d5d0db429f85068d19b2918
7112Author: djm@openbsd.org <djm@openbsd.org>
7113Date:   Mon Feb 2 22:48:53 2015 +0000
7114
7115    upstream commit
7116
7117    handle PKCS#11 C_Login returning
7118     CKR_USER_ALREADY_LOGGED_IN; based on patch from Yuri Samoilenko; ok markus@
7119
7120commit 15ad750e5ec3cc69765b7eba1ce90060e7083399
7121Author: djm@openbsd.org <djm@openbsd.org>
7122Date:   Mon Feb 2 07:41:40 2015 +0000
7123
7124    upstream commit
7125
7126    turn UpdateHostkeys off by default until I figure out
7127     mlarkin@'s warning message; requested by deraadt@
7128
7129commit 3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9
7130Author: deraadt@openbsd.org <deraadt@openbsd.org>
7131Date:   Mon Feb 2 01:57:44 2015 +0000
7132
7133    upstream commit
7134
7135    increasing encounters with difficult DNS setups in
7136     darknets has convinced me UseDNS off by default is better ok djm
7137
7138commit 6049a548a8a68ff0bbe581ab1748ea6a59ecdc38
7139Author: djm@openbsd.org <djm@openbsd.org>
7140Date:   Sat Jan 31 20:30:05 2015 +0000
7141
7142    upstream commit
7143
7144    Let sshd load public host keys even when private keys are
7145     missing. Allows sshd to advertise additional keys for future key rotation.
7146     Also log fingerprint of hostkeys loaded; ok markus@
7147
7148commit 46347ed5968f582661e8a70a45f448e0179ca0ab
7149Author: djm@openbsd.org <djm@openbsd.org>
7150Date:   Fri Jan 30 11:43:14 2015 +0000
7151
7152    upstream commit
7153
7154    Add a ssh_config HostbasedKeyType option to control which
7155     host public key types are tried during hostbased authentication.
7156
7157    This may be used to prevent too many keys being sent to the server,
7158    and blowing past its MaxAuthTries limit.
7159
7160    bz#2211 based on patch by Iain Morgan; ok markus@
7161
7162commit 802660cb70453fa4d230cb0233bc1bbdf8328de1
7163Author: djm@openbsd.org <djm@openbsd.org>
7164Date:   Fri Jan 30 10:44:49 2015 +0000
7165
7166    upstream commit
7167
7168    set a timeout to prevent hangs when talking to busted
7169     servers; ok markus@
7170
7171commit 86936ec245a15c7abe71a0722610998b0a28b194
7172Author: djm@openbsd.org <djm@openbsd.org>
7173Date:   Fri Jan 30 01:11:39 2015 +0000
7174
7175    upstream commit
7176
7177    regression test for 'wildcard CA' serial/key ID revocations
7178
7179commit 4509b5d4a4fa645a022635bfa7e86d09b285001f
7180Author: djm@openbsd.org <djm@openbsd.org>
7181Date:   Fri Jan 30 01:13:33 2015 +0000
7182
7183    upstream commit
7184
7185    avoid more fatal/exit in the packet.c paths that
7186     ssh-keyscan uses; feedback and "looks good" markus@
7187
7188commit 669aee994348468af8b4b2ebd29b602cf2860b22
7189Author: djm@openbsd.org <djm@openbsd.org>
7190Date:   Fri Jan 30 01:10:33 2015 +0000
7191
7192    upstream commit
7193
7194    permit KRLs that revoke certificates by serial number or
7195     key ID without scoping to a particular CA; ok markus@
7196
7197commit 7a2c368477e26575d0866247d3313da4256cb2b5
7198Author: djm@openbsd.org <djm@openbsd.org>
7199Date:   Fri Jan 30 00:59:19 2015 +0000
7200
7201    upstream commit
7202
7203    missing parentheses after if in do_convert_from() broke
7204     private key conversion from other formats some time in 2010; bz#2345 reported
7205     by jjelen AT redhat.com
7206
7207commit 25f5f78d8bf5c22d9cea8b49de24ebeee648a355
7208Author: djm@openbsd.org <djm@openbsd.org>
7209Date:   Fri Jan 30 00:22:25 2015 +0000
7210
7211    upstream commit
7212
7213    fix ssh protocol 1, spotted by miod@
7214
7215commit 9ce86c926dfa6e0635161b035e3944e611cbccf0
7216Author: djm@openbsd.org <djm@openbsd.org>
7217Date:   Wed Jan 28 22:36:00 2015 +0000
7218
7219    upstream commit
7220
7221    update to new API (key_fingerprint => sshkey_fingerprint)
7222     check sshkey_fingerprint return values; ok markus
7223
7224commit 9125525c37bf73ad3ee4025520889d2ce9d10f29
7225Author: djm@openbsd.org <djm@openbsd.org>
7226Date:   Wed Jan 28 22:05:31 2015 +0000
7227
7228    upstream commit
7229
7230    avoid fatal() calls in packet code makes ssh-keyscan more
7231     reliable against server failures ok dtucker@ markus@
7232
7233commit fae7bbe544cba7a9e5e4ab47ff6faa3d978646eb
7234Author: djm@openbsd.org <djm@openbsd.org>
7235Date:   Wed Jan 28 21:15:47 2015 +0000
7236
7237    upstream commit
7238
7239    avoid fatal() calls in packet code makes ssh-keyscan more
7240     reliable against server failures ok dtucker@ markus@
7241
7242commit 1a3d14f6b44a494037c7deab485abe6496bf2c60
7243Author: djm@openbsd.org <djm@openbsd.org>
7244Date:   Wed Jan 28 11:07:25 2015 +0000
7245
7246    upstream commit
7247
7248    remove obsolete comment
7249
7250commit 80c25b7bc0a71d75c43a4575d9a1336f589eb639
7251Author: okan@openbsd.org <okan@openbsd.org>
7252Date:   Tue Jan 27 12:54:06 2015 +0000
7253
7254    upstream commit
7255
7256    Since r1.2 removed the use of PRI* macros, inttypes.h is
7257     no longer required.
7258
7259    ok djm@
7260
7261commit 69ff64f69615c2a21c97cb5878a0996c21423257
7262Author: Damien Miller <djm@mindrot.org>
7263Date:   Tue Jan 27 23:07:43 2015 +1100
7264
7265    compile on systems without TCP_MD5SIG (e.g. OSX)
7266
7267commit 358964f3082fb90b2ae15bcab07b6105cfad5a43
7268Author: Damien Miller <djm@mindrot.org>
7269Date:   Tue Jan 27 23:07:25 2015 +1100
7270
7271    use ssh-keygen under test rather than system's
7272
7273commit a2c95c1bf33ea53038324d1fdd774bc953f98236
7274Author: Damien Miller <djm@mindrot.org>
7275Date:   Tue Jan 27 23:06:59 2015 +1100
7276
7277    OSX lacks HOST_NAME_MAX, has _POSIX_HOST_NAME_MAX
7278
7279commit ade31d7b6f608a19b85bee29a7a00b1e636a2919
7280Author: Damien Miller <djm@mindrot.org>
7281Date:   Tue Jan 27 23:06:23 2015 +1100
7282
7283    these need active_state defined to link on OSX
7284
7285    temporary measure until active_state goes away entirely
7286
7287commit e56aa87502f22c5844918c10190e8b4f785f067b
7288Author: djm@openbsd.org <djm@openbsd.org>
7289Date:   Tue Jan 27 12:01:36 2015 +0000
7290
7291    upstream commit
7292
7293    use printf instead of echo -n to reduce diff against
7294     -portable
7295
7296commit 9f7637f56eddfaf62ce3c0af89c25480f2cf1068
7297Author: jmc@openbsd.org <jmc@openbsd.org>
7298Date:   Mon Jan 26 13:55:29 2015 +0000
7299
7300    upstream commit
7301
7302    sort previous;
7303
7304commit 3076ee7d530d5b16842fac7a6229706c7e5acd26
7305Author: djm@openbsd.org <djm@openbsd.org>
7306Date:   Mon Jan 26 13:36:53 2015 +0000
7307
7308    upstream commit
7309
7310    properly restore umask
7311
7312commit d411d395556b73ba1b9e451516a0bd6697c4b03d
7313Author: djm@openbsd.org <djm@openbsd.org>
7314Date:   Mon Jan 26 06:12:18 2015 +0000
7315
7316    upstream commit
7317
7318    regression test for host key rotation
7319
7320commit fe8a3a51699afbc6407a8fae59b73349d01e49f8
7321Author: djm@openbsd.org <djm@openbsd.org>
7322Date:   Mon Jan 26 06:11:28 2015 +0000
7323
7324    upstream commit
7325
7326    adapt to sshkey API tweaks
7327
7328commit 7dd355fb1f0038a3d5cdca57ebab4356c7a5b434
7329Author: miod@openbsd.org <miod@openbsd.org>
7330Date:   Sat Jan 24 10:39:21 2015 +0000
7331
7332    upstream commit
7333
7334    Move -lz late in the linker commandline for things to
7335     build on static arches.
7336
7337commit 0dad3b806fddb93c475b30853b9be1a25d673a33
7338Author: miod@openbsd.org <miod@openbsd.org>
7339Date:   Fri Jan 23 21:21:23 2015 +0000
7340
7341    upstream commit
7342
7343    -Wpointer-sign is supported by gcc 4 only.
7344
7345commit 2b3b1c1e4bd9577b6e780c255c278542ea66c098
7346Author: djm@openbsd.org <djm@openbsd.org>
7347Date:   Tue Jan 20 22:58:57 2015 +0000
7348
7349    upstream commit
7350
7351    use SUBDIR to recuse into unit tests; makes "make obj"
7352     actually work
7353
7354commit 1d1092bff8db27080155541212b420703f8b9c92
7355Author: djm@openbsd.org <djm@openbsd.org>
7356Date:   Mon Jan 26 12:16:36 2015 +0000
7357
7358    upstream commit
7359
7360    correct description of UpdateHostKeys in ssh_config.5 and
7361     add it to -o lists for ssh, scp and sftp; pointed out by jmc@
7362
7363commit 5104db7cbd6cdd9c5971f4358e74414862fc1022
7364Author: djm@openbsd.org <djm@openbsd.org>
7365Date:   Mon Jan 26 06:10:03 2015 +0000
7366
7367    upstream commit
7368
7369    correctly match ECDSA subtype (== curve) for
7370     offered/recevied host keys. Fixes connection-killing host key mismatches when
7371     a server offers multiple ECDSA keys with different curve type (an extremely
7372     unlikely configuration).
7373
7374    ok markus, "looks mechanical" deraadt@
7375
7376commit 8d4f87258f31cb6def9b3b55b6a7321d84728ff2
7377Author: djm@openbsd.org <djm@openbsd.org>
7378Date:   Mon Jan 26 03:04:45 2015 +0000
7379
7380    upstream commit
7381
7382    Host key rotation support.
7383
7384    Add a hostkeys@openssh.com protocol extension (global request) for
7385    a server to inform a client of all its available host key after
7386    authentication has completed. The client may record the keys in
7387    known_hosts, allowing it to upgrade to better host key algorithms
7388    and a server to gracefully rotate its keys.
7389
7390    The client side of this is controlled by a UpdateHostkeys config
7391    option (default on).
7392
7393    ok markus@
7394
7395commit 60b1825262b1f1e24fc72050b907189c92daf18e
7396Author: djm@openbsd.org <djm@openbsd.org>
7397Date:   Mon Jan 26 02:59:11 2015 +0000
7398
7399    upstream commit
7400
7401    small refactor and add some convenience functions; ok
7402     markus
7403
7404commit a5a3e3328ddce91e76f71ff479022d53e35c60c9
7405Author: jmc@openbsd.org <jmc@openbsd.org>
7406Date:   Thu Jan 22 21:00:42 2015 +0000
7407
7408    upstream commit
7409
7410    heirarchy -> hierarchy;
7411
7412commit dcff5810a11195c57e1b3343c0d6b6f2b9974c11
7413Author: deraadt@openbsd.org <deraadt@openbsd.org>
7414Date:   Thu Jan 22 20:24:41 2015 +0000
7415
7416    upstream commit
7417
7418    Provide a warning about chroot misuses (which sadly, seem
7419     to have become quite popular because shiny).  sshd cannot detect/manage/do
7420     anything about these cases, best we can do is warn in the right spot in the
7421     man page. ok markus
7422
7423commit 087266ec33c76fc8d54ac5a19efacf2f4a4ca076
7424Author: deraadt@openbsd.org <deraadt@openbsd.org>
7425Date:   Tue Jan 20 23:14:00 2015 +0000
7426
7427    upstream commit
7428
7429    Reduce use of <sys/param.h> and transition to <limits.h>
7430     throughout. ok djm markus
7431
7432commit 57e783c8ba2c0797f93977e83b2a8644a03065d8
7433Author: markus@openbsd.org <markus@openbsd.org>
7434Date:   Tue Jan 20 20:16:21 2015 +0000
7435
7436    upstream commit
7437
7438    kex_setup errors are fatal()
7439
7440commit 1d6424a6ff94633c221297ae8f42d54e12a20912
7441Author: djm@openbsd.org <djm@openbsd.org>
7442Date:   Tue Jan 20 08:02:33 2015 +0000
7443
7444    upstream commit
7445
7446    this test would accidentally delete agent.sh if run without
7447     obj/
7448
7449commit 12b5f50777203e12575f1b08568281e447249ed3
7450Author: djm@openbsd.org <djm@openbsd.org>
7451Date:   Tue Jan 20 07:56:44 2015 +0000
7452
7453    upstream commit
7454
7455    make this compile with KERBEROS5 enabled
7456
7457commit e2cc6bef08941256817d44d146115b3478586ad4
7458Author: djm@openbsd.org <djm@openbsd.org>
7459Date:   Tue Jan 20 07:55:33 2015 +0000
7460
7461    upstream commit
7462
7463    fix hostkeys in agent; ok markus@
7464
7465commit 1ca3e2155aa5d3801a7ae050f85c71f41fcb95b1
7466Author: Damien Miller <djm@mindrot.org>
7467Date:   Tue Jan 20 10:11:31 2015 +1100
7468
7469    fix kex test
7470
7471commit c78a578107c7e6dcf5d30a2f34cb6581bef14029
7472Author: markus@openbsd.org <markus@openbsd.org>
7473Date:   Mon Jan 19 20:45:25 2015 +0000
7474
7475    upstream commit
7476
7477    finally enable the KEX tests I wrote some years ago...
7478
7479commit 31821d7217e686667d04935aeec99e1fc4a46e7e
7480Author: markus@openbsd.org <markus@openbsd.org>
7481Date:   Mon Jan 19 20:42:31 2015 +0000
7482
7483    upstream commit
7484
7485    adapt to new error message (SSH_ERR_MAC_INVALID)
7486
7487commit d3716ca19e510e95d956ae14d5b367e364bff7f1
7488Author: djm@openbsd.org <djm@openbsd.org>
7489Date:   Mon Jan 19 17:31:13 2015 +0000
7490
7491    upstream commit
7492
7493    this test was broken in at least two ways, such that it
7494     wasn't checking that a KRL was not excluding valid keys
7495
7496commit 3f797653748e7c2b037dacb57574c01d9ef3b4d3
7497Author: markus@openbsd.org <markus@openbsd.org>
7498Date:   Mon Jan 19 20:32:39 2015 +0000
7499
7500    upstream commit
7501
7502    switch ssh-keyscan from setjmp to multiple ssh transport
7503     layer instances ok djm@
7504
7505commit f582f0e917bb0017b00944783cd5f408bf4b0b5e
7506Author: markus@openbsd.org <markus@openbsd.org>
7507Date:   Mon Jan 19 20:30:23 2015 +0000
7508
7509    upstream commit
7510
7511    add experimental api for packet layer; ok djm@
7512
7513commit 48b3b2ba75181f11fca7f327058a591f4426cade
7514Author: markus@openbsd.org <markus@openbsd.org>
7515Date:   Mon Jan 19 20:20:20 2015 +0000
7516
7517    upstream commit
7518
7519    store compat flags in struct ssh; ok djm@
7520
7521commit 57d10cbe861a235dd269c74fb2fe248469ecee9d
7522Author: markus@openbsd.org <markus@openbsd.org>
7523Date:   Mon Jan 19 20:16:15 2015 +0000
7524
7525    upstream commit
7526
7527    adapt kex to sshbuf and struct ssh; ok djm@
7528
7529commit 3fdc88a0def4f86aa88a5846ac079dc964c0546a
7530Author: markus@openbsd.org <markus@openbsd.org>
7531Date:   Mon Jan 19 20:07:45 2015 +0000
7532
7533    upstream commit
7534
7535    move dispatch to struct ssh; ok djm@
7536
7537commit 091c302829210c41e7f57c3f094c7b9c054306f0
7538Author: markus@openbsd.org <markus@openbsd.org>
7539Date:   Mon Jan 19 19:52:16 2015 +0000
7540
7541    upstream commit
7542
7543    update packet.c & isolate, introduce struct ssh a) switch
7544     packet.c to buffer api and isolate per-connection info into struct ssh b)
7545     (de)serialization of the state is moved from monitor to packet.c c) the old
7546     packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and
7547     integrated into packet.c with and ok djm@
7548
7549commit 4e62cc68ce4ba20245d208b252e74e91d3785b74
7550Author: djm@openbsd.org <djm@openbsd.org>
7551Date:   Mon Jan 19 17:35:48 2015 +0000
7552
7553    upstream commit
7554
7555    fix format strings in (disabled) debugging
7556
7557commit d85e06245907d49a2cd0cfa0abf59150ad616f42
7558Author: djm@openbsd.org <djm@openbsd.org>
7559Date:   Mon Jan 19 06:01:32 2015 +0000
7560
7561    upstream commit
7562
7563    be a bit more careful in these tests to ensure that
7564     known_hosts is clean
7565
7566commit 7947810eab5fe0ad311f32a48f4d4eb1f71be6cf
7567Author: djm@openbsd.org <djm@openbsd.org>
7568Date:   Sun Jan 18 22:00:18 2015 +0000
7569
7570    upstream commit
7571
7572    regression test for known_host file editing using
7573     ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok
7574     markus@
7575
7576commit 3a2b09d147a565d8a47edf37491e149a02c0d3a3
7577Author: djm@openbsd.org <djm@openbsd.org>
7578Date:   Sun Jan 18 19:54:46 2015 +0000
7579
7580    upstream commit
7581
7582    more and better key tests
7583
7584    test signatures and verification
7585    test certificate generation
7586    flesh out nested cert test
7587
7588    removes most of the XXX todo markers
7589
7590commit 589e69fd82724cfc9738f128e4771da2e6405d0d
7591Author: djm@openbsd.org <djm@openbsd.org>
7592Date:   Sun Jan 18 19:53:58 2015 +0000
7593
7594    upstream commit
7595
7596    make the signature fuzzing test much more rigorous:
7597     ensure that the fuzzed input cases do not match the original (using new
7598     fuzz_matches_original() function) and check that the verification fails in
7599     each case
7600
7601commit 80603c0daa2538c349c1c152405580b164d5475f
7602Author: djm@openbsd.org <djm@openbsd.org>
7603Date:   Sun Jan 18 19:52:44 2015 +0000
7604
7605    upstream commit
7606
7607    add a fuzz_matches_original() function to the fuzzer to
7608     detect fuzz cases that are identical to the original data. Hacky
7609     implementation, but very useful when you need the fuzz to be different, e.g.
7610     when verifying signature
7611
7612commit 87d5495bd337e358ad69c524fcb9495208c0750b
7613Author: djm@openbsd.org <djm@openbsd.org>
7614Date:   Sun Jan 18 19:50:55 2015 +0000
7615
7616    upstream commit
7617
7618    better dumps from the fuzzer (shown on errors) -
7619     include the original data as well as the fuzzed copy.
7620
7621commit d59ec478c453a3fff05badbbfd96aa856364f2c2
7622Author: djm@openbsd.org <djm@openbsd.org>
7623Date:   Sun Jan 18 19:47:55 2015 +0000
7624
7625    upstream commit
7626
7627    enable hostkey-agent.sh test
7628
7629commit 26b3425170bf840e4b095e1c10bf25a0a3e3a105
7630Author: djm@openbsd.org <djm@openbsd.org>
7631Date:   Sat Jan 17 18:54:30 2015 +0000
7632
7633    upstream commit
7634
7635    unit test for hostkeys in ssh-agent
7636
7637commit 9e06a0fb23ec55d9223b26a45bb63c7649e2f2f2
7638Author: markus@openbsd.org <markus@openbsd.org>
7639Date:   Thu Jan 15 23:41:29 2015 +0000
7640
7641    upstream commit
7642
7643    add kex unit tests
7644
7645commit d2099dec6da21ae627f6289aedae6bc1d41a22ce
7646Author: deraadt@openbsd.org <deraadt@openbsd.org>
7647Date:   Mon Jan 19 00:32:54 2015 +0000
7648
7649    upstream commit
7650
7651    djm, your /usr/include tree is old
7652
7653commit 2b3c3c76c30dc5076fe09d590f5b26880f148a54
7654Author: djm@openbsd.org <djm@openbsd.org>
7655Date:   Sun Jan 18 21:51:19 2015 +0000
7656
7657    upstream commit
7658
7659    some feedback from markus@: comment hostkeys_foreach()
7660     context and avoid a member in it.
7661
7662commit cecb30bc2ba6d594366e657d664d5c494b6c8a7f
7663Author: djm@openbsd.org <djm@openbsd.org>
7664Date:   Sun Jan 18 21:49:42 2015 +0000
7665
7666    upstream commit
7667
7668    make ssh-keygen use hostkeys_foreach(). Removes some
7669     horrendous code; ok markus@
7670
7671commit ec3d065df3a9557ea96b02d061fd821a18c1a0b9
7672Author: djm@openbsd.org <djm@openbsd.org>
7673Date:   Sun Jan 18 21:48:09 2015 +0000
7674
7675    upstream commit
7676
7677    convert load_hostkeys() (hostkey ordering and
7678     known_host matching) to use the new hostkey_foreach() iterator; ok markus
7679
7680commit c29811cc480a260e42fd88849fc86a80c1e91038
7681Author: djm@openbsd.org <djm@openbsd.org>
7682Date:   Sun Jan 18 21:40:23 2015 +0000
7683
7684    upstream commit
7685
7686    introduce hostkeys_foreach() to allow iteration over a
7687     known_hosts file or controlled subset thereof. This will allow us to pull out
7688     some ugly and duplicated code, and will be used to implement hostkey rotation
7689     later.
7690
7691    feedback and ok markus
7692
7693commit f101d8291da01bbbfd6fb8c569cfd0cc61c0d346
7694Author: deraadt@openbsd.org <deraadt@openbsd.org>
7695Date:   Sun Jan 18 14:01:00 2015 +0000
7696
7697    upstream commit
7698
7699    string truncation due to sizeof(size) ok djm markus
7700
7701commit 35d6022b55b7969fc10c261cb6aa78cc4a5fcc41
7702Author: djm@openbsd.org <djm@openbsd.org>
7703Date:   Sun Jan 18 13:33:34 2015 +0000
7704
7705    upstream commit
7706
7707    avoid trailing ',' in host key algorithms
7708
7709commit 7efb455789a0cb76bdcdee91c6060a3dc8f5c007
7710Author: djm@openbsd.org <djm@openbsd.org>
7711Date:   Sun Jan 18 13:22:28 2015 +0000
7712
7713    upstream commit
7714
7715    infer key length correctly when user specified a fully-
7716     qualified key name instead of using the -b bits option; ok markus@
7717
7718commit 83f8ffa6a55ccd0ce9d8a205e3e7439ec18fedf5
7719Author: djm@openbsd.org <djm@openbsd.org>
7720Date:   Sat Jan 17 18:53:34 2015 +0000
7721
7722    upstream commit
7723
7724    fix hostkeys on ssh agent; found by unit test I'm about
7725     to commit
7726
7727commit 369d61f17657b814124268f99c033e4dc6e436c1
7728Author: schwarze@openbsd.org <schwarze@openbsd.org>
7729Date:   Fri Jan 16 16:20:23 2015 +0000
7730
7731    upstream commit
7732
7733    garbage collect empty .No macros mandoc warns about
7734
7735commit bb8b442d32dbdb8521d610e10d8b248d938bd747
7736Author: djm@openbsd.org <djm@openbsd.org>
7737Date:   Fri Jan 16 15:55:07 2015 +0000
7738
7739    upstream commit
7740
7741    regression: incorrect error message on
7742     otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@
7743
7744commit 9010902954a40b59d0bf3df3ccbc3140a653e2bc
7745Author: djm@openbsd.org <djm@openbsd.org>
7746Date:   Fri Jan 16 07:19:48 2015 +0000
7747
7748    upstream commit
7749
7750    when hostname canonicalisation is enabled, try to parse
7751     hostnames as addresses before looking them up for canonicalisation. fixes
7752     bz#2074 and avoids needless DNS lookups in some cases; ok markus
7753
7754commit 2ae4f337b2a5fb2841b6b0053b49496fef844d1c
7755Author: deraadt@openbsd.org <deraadt@openbsd.org>
7756Date:   Fri Jan 16 06:40:12 2015 +0000
7757
7758    upstream commit
7759
7760    Replace <sys/param.h> with <limits.h> and other less
7761     dirty headers where possible.  Annotate <sys/param.h> lines with their
7762     current reasons.  Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1,
7763     LOGIN_NAME_MAX, etc.  Change MIN() and MAX() to local definitions of
7764     MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution.
7765     These are the files confirmed through binary verification. ok guenther,
7766     millert, doug (helped with the verification protocol)
7767
7768commit 3c4726f4c24118e8f1bb80bf75f1456c76df072c
7769Author: markus@openbsd.org <markus@openbsd.org>
7770Date:   Thu Jan 15 21:38:50 2015 +0000
7771
7772    upstream commit
7773
7774    remove xmalloc, switch to sshbuf
7775
7776commit e17ac01f8b763e4b83976b9e521e90a280acc097
7777Author: markus@openbsd.org <markus@openbsd.org>
7778Date:   Thu Jan 15 21:37:14 2015 +0000
7779
7780    upstream commit
7781
7782    switch to sshbuf
7783
7784commit ddef9995a1fa6c7a8ff3b38bfe6cf724bebf13d0
7785Author: naddy@openbsd.org <naddy@openbsd.org>
7786Date:   Thu Jan 15 18:32:54 2015 +0000
7787
7788    upstream commit
7789
7790    handle UMAC128 initialization like UMAC; ok djm@ markus@
7791
7792commit f14564c1f7792446bca143580aef0e7ac25dcdae
7793Author: djm@openbsd.org <djm@openbsd.org>
7794Date:   Thu Jan 15 11:04:36 2015 +0000
7795
7796    upstream commit
7797
7798    fix regression reported by brad@ for passworded keys without
7799     agent present
7800
7801commit 45c0fd70bb2a88061319dfff20cb12ef7b1bc47e
7802Author: Damien Miller <djm@mindrot.org>
7803Date:   Thu Jan 15 22:08:23 2015 +1100
7804
7805    make bitmap test compile
7806
7807commit d333f89abf7179021e5c3f28673f469abe032062
7808Author: djm@openbsd.org <djm@openbsd.org>
7809Date:   Thu Jan 15 07:36:28 2015 +0000
7810
7811    upstream commit
7812
7813    unit tests for KRL bitmap
7814
7815commit 7613f828f49c55ff356007ae9645038ab6682556
7816Author: markus@openbsd.org <markus@openbsd.org>
7817Date:   Wed Jan 14 09:58:21 2015 +0000
7818
7819    upstream commit
7820
7821    re-add comment about full path
7822
7823commit 6c43b48b307c41cd656b415621a644074579a578
7824Author: markus@openbsd.org <markus@openbsd.org>
7825Date:   Wed Jan 14 09:54:38 2015 +0000
7826
7827    upstream commit
7828
7829    don't reset  to the installed sshd; connect before
7830     reconfigure, too
7831
7832commit 771bb47a1df8b69061f09462e78aa0b66cd594bf
7833Author: djm@openbsd.org <djm@openbsd.org>
7834Date:   Tue Jan 13 14:51:51 2015 +0000
7835
7836    upstream commit
7837
7838    implement a SIGINFO handler so we can discern a stuck
7839     fuzz test from a merely glacial one; prompted by and ok markus
7840
7841commit cfaa57962f8536f3cf0fd7daf4d6a55d6f6de45f
7842Author: djm@openbsd.org <djm@openbsd.org>
7843Date:   Tue Jan 13 08:23:26 2015 +0000
7844
7845    upstream commit
7846
7847    use $SSH instead of installed ssh to allow override;
7848     spotted by markus@
7849
7850commit 0920553d0aee117a596b03ed5b49b280d34a32c5
7851Author: djm@openbsd.org <djm@openbsd.org>
7852Date:   Tue Jan 13 07:49:49 2015 +0000
7853
7854    upstream commit
7855
7856    regress test for PubkeyAcceptedKeyTypes; ok markus@
7857
7858commit 27ca1a5c0095eda151934bca39a77e391f875d17
7859Author: markus@openbsd.org <markus@openbsd.org>
7860Date:   Mon Jan 12 20:13:27 2015 +0000
7861
7862    upstream commit
7863
7864    unbreak parsing of pubkey comments; with gerhard; ok
7865     djm/deraadt
7866
7867commit 55358f0b4e0b83bc0df81c5f854c91b11e0bb4dc
7868Author: djm@openbsd.org <djm@openbsd.org>
7869Date:   Mon Jan 12 11:46:32 2015 +0000
7870
7871    upstream commit
7872
7873    fatal if soft-PKCS11 library is missing rather (rather
7874     than continue and fail with a more cryptic error)
7875
7876commit c3554cdd2a1a62434b8161017aa76fa09718a003
7877Author: djm@openbsd.org <djm@openbsd.org>
7878Date:   Mon Jan 12 11:12:38 2015 +0000
7879
7880    upstream commit
7881
7882    let this test all supporte key types; pointed out/ok
7883     markus@
7884
7885commit 1129dcfc5a3e508635004bcc05a3574cb7687167
7886Author: djm@openbsd.org <djm@openbsd.org>
7887Date:   Thu Jan 15 09:40:00 2015 +0000
7888
7889    upstream commit
7890
7891    sync ssh-keysign, ssh-keygen and some dependencies to the
7892     new buffer/key API; mostly mechanical, ok markus@
7893
7894commit e4ebf5586452bf512da662ac277aaf6ecf0efe7c
7895Author: djm@openbsd.org <djm@openbsd.org>
7896Date:   Thu Jan 15 07:57:08 2015 +0000
7897
7898    upstream commit
7899
7900    remove commented-out test code now that it has moved to a
7901     proper unit test
7902
7903commit e81cba066c1e9eb70aba0f6e7c0ff220611b370f
7904Author: djm@openbsd.org <djm@openbsd.org>
7905Date:   Wed Jan 14 20:54:29 2015 +0000
7906
7907    upstream commit
7908
7909    whitespace
7910
7911commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622
7912Author: djm@openbsd.org <djm@openbsd.org>
7913Date:   Wed Jan 14 20:05:27 2015 +0000
7914
7915    upstream commit
7916
7917    move authfd.c and its tentacles to the new buffer/key
7918     API; ok markus@
7919
7920commit 0088c57af302cda278bd26d8c3ae81d5b6f7c289
7921Author: djm@openbsd.org <djm@openbsd.org>
7922Date:   Wed Jan 14 19:33:41 2015 +0000
7923
7924    upstream commit
7925
7926    fix small regression: ssh-agent would return a success
7927     message but an empty signature if asked to sign using an unknown key; ok
7928     markus@
7929
7930commit b03ebe2c22b8166e4f64c37737f4278676e3488d
7931Author: Damien Miller <djm@mindrot.org>
7932Date:   Thu Jan 15 03:08:58 2015 +1100
7933
7934    more --without-openssl
7935
7936    fix some regressions caused by upstream merges
7937
7938    enable KRLs now that they no longer require BIGNUMs
7939
7940commit bc42cc6fe784f36df225c44c93b74830027cb5a2
7941Author: Damien Miller <djm@mindrot.org>
7942Date:   Thu Jan 15 03:08:29 2015 +1100
7943
7944    kludge around tun API mismatch betterer
7945
7946commit c332110291089b624fa0951fbf2d1ee6de525b9f
7947Author: Damien Miller <djm@mindrot.org>
7948Date:   Thu Jan 15 02:59:51 2015 +1100
7949
7950    some systems lack SO_REUSEPORT
7951
7952commit 83b9678a62cbdc74eb2031cf1e1e4ffd58e233ae
7953Author: Damien Miller <djm@mindrot.org>
7954Date:   Thu Jan 15 02:35:50 2015 +1100
7955
7956    fix merge botch
7957
7958commit 0cdc5a3eb6fb383569a4da2a30705d9b90428d6b
7959Author: Damien Miller <djm@mindrot.org>
7960Date:   Thu Jan 15 02:35:33 2015 +1100
7961
7962    unbreak across API change
7963
7964commit 6e2549ac2b5e7f96cbc2d83a6e0784b120444b47
7965Author: Damien Miller <djm@mindrot.org>
7966Date:   Thu Jan 15 02:30:18 2015 +1100
7967
7968    need includes.h for portable OpenSSH
7969
7970commit 72ef7c148c42db7d5632a29f137f8b87b579f2d9
7971Author: Damien Miller <djm@mindrot.org>
7972Date:   Thu Jan 15 02:21:31 2015 +1100
7973
7974    support --without-openssl at configure time
7975
7976    Disables and removes dependency on OpenSSL. Many features don't
7977    work and the set of crypto options is greatly restricted. This
7978    will only work on system with native arc4random or /dev/urandom.
7979
7980    Considered highly experimental for now.
7981
7982commit 4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9
7983Author: Damien Miller <djm@mindrot.org>
7984Date:   Thu Jan 15 02:28:00 2015 +1100
7985
7986    add files missed in last commit
7987
7988commit a165bab605f7be55940bb8fae977398e8c96a46d
7989Author: djm@openbsd.org <djm@openbsd.org>
7990Date:   Wed Jan 14 15:02:39 2015 +0000
7991
7992    upstream commit
7993
7994    avoid BIGNUM in KRL code by using a simple bitmap;
7995     feedback and ok markus
7996
7997commit 7d845f4a0b7ec97887be204c3760e44de8bf1f32
7998Author: djm@openbsd.org <djm@openbsd.org>
7999Date:   Wed Jan 14 13:54:13 2015 +0000
8000
8001    upstream commit
8002
8003    update sftp client and server to new buffer API. pretty
8004     much just mechanical changes; with & ok markus
8005
8006commit 139ca81866ec1b219c717d17061e5e7ad1059e2a
8007Author: markus@openbsd.org <markus@openbsd.org>
8008Date:   Wed Jan 14 13:09:09 2015 +0000
8009
8010    upstream commit
8011
8012    switch to sshbuf/sshkey; with & ok djm@
8013
8014commit 81bfbd0bd35683de5d7f2238b985e5f8150a9180
8015Author: Damien Miller <djm@mindrot.org>
8016Date:   Wed Jan 14 21:48:18 2015 +1100
8017
8018    support --without-openssl at configure time
8019
8020    Disables and removes dependency on OpenSSL. Many features don't
8021    work and the set of crypto options is greatly restricted. This
8022    will only work on system with native arc4random or /dev/urandom.
8023
8024    Considered highly experimental for now.
8025
8026commit 54924b53af15ccdcbb9f89984512b5efef641a31
8027Author: djm@openbsd.org <djm@openbsd.org>
8028Date:   Wed Jan 14 10:46:28 2015 +0000
8029
8030    upstream commit
8031
8032    avoid an warning for the !OPENSSL case
8033
8034commit ae8b463217f7c9b66655bfc3945c050ffdaeb861
8035Author: markus@openbsd.org <markus@openbsd.org>
8036Date:   Wed Jan 14 10:30:34 2015 +0000
8037
8038    upstream commit
8039
8040    swith auth-options to new sshbuf/sshkey; ok djm@
8041
8042commit 540e891191b98b89ee90aacf5b14a4a68635e763
8043Author: djm@openbsd.org <djm@openbsd.org>
8044Date:   Wed Jan 14 10:29:45 2015 +0000
8045
8046    upstream commit
8047
8048    make non-OpenSSL aes-ctr work on sshd w/ privsep; ok
8049     markus@
8050
8051commit 60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53
8052Author: markus@openbsd.org <markus@openbsd.org>
8053Date:   Wed Jan 14 10:24:42 2015 +0000
8054
8055    upstream commit
8056
8057    remove unneeded includes, sync my copyright across files
8058     & whitespace; ok djm@
8059
8060commit 128343bcdb0b60fc826f2733df8cf979ec1627b4
8061Author: markus@openbsd.org <markus@openbsd.org>
8062Date:   Tue Jan 13 19:31:40 2015 +0000
8063
8064    upstream commit
8065
8066    adapt mac.c to ssherr.h return codes (de-fatal) and
8067     simplify dependencies ok djm@
8068
8069commit e7fd952f4ea01f09ceb068721a5431ac2fd416ed
8070Author: djm@openbsd.org <djm@openbsd.org>
8071Date:   Tue Jan 13 19:04:35 2015 +0000
8072
8073    upstream commit
8074
8075    sync changes from libopenssh; prepared by markus@ mostly
8076     debug output tweaks, a couple of error return value changes and some other
8077     minor stuff
8078
8079commit 76c0480a85675f03a1376167cb686abed01a3583
8080Author: Damien Miller <djm@mindrot.org>
8081Date:   Tue Jan 13 19:38:18 2015 +1100
8082
8083    add --without-ssh1 option to configure
8084
8085    Allows disabling support for SSH protocol 1.
8086
8087commit 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03
8088Author: djm@openbsd.org <djm@openbsd.org>
8089Date:   Tue Jan 13 07:39:19 2015 +0000
8090
8091    upstream commit
8092
8093    add sshd_config HostbasedAcceptedKeyTypes and
8094     PubkeyAcceptedKeyTypes options to allow sshd to control what public key types
8095     will be accepted. Currently defaults to all. Feedback & ok markus@
8096
8097commit 816d1538c24209a93ba0560b27c4fda57c3fff65
8098Author: markus@openbsd.org <markus@openbsd.org>
8099Date:   Mon Jan 12 20:13:27 2015 +0000
8100
8101    upstream commit
8102
8103    unbreak parsing of pubkey comments; with gerhard; ok
8104     djm/deraadt
8105
8106commit 0097565f849851812df610b7b6b3c4bd414f6c62
8107Author: markus@openbsd.org <markus@openbsd.org>
8108Date:   Mon Jan 12 19:22:46 2015 +0000
8109
8110    upstream commit
8111
8112    missing error assigment on sshbuf_put_string()
8113
8114commit a7f49dcb527dd17877fcb8d5c3a9a6f550e0bba5
8115Author: djm@openbsd.org <djm@openbsd.org>
8116Date:   Mon Jan 12 15:18:07 2015 +0000
8117
8118    upstream commit
8119
8120    apparently memcpy(x, NULL, 0) is undefined behaviour
8121     according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls
8122     when length==0; ok markus@
8123
8124commit 905fe30fca82f38213763616d0d26eb6790bde33
8125Author: markus@openbsd.org <markus@openbsd.org>
8126Date:   Mon Jan 12 14:05:19 2015 +0000
8127
8128    upstream commit
8129
8130    free->sshkey_free; ok djm@
8131
8132commit f067cca2bc20c86b110174c3fef04086a7f57b13
8133Author: markus@openbsd.org <markus@openbsd.org>
8134Date:   Mon Jan 12 13:29:27 2015 +0000
8135
8136    upstream commit
8137
8138    allow WITH_OPENSSL w/o WITH_SSH1; ok djm@
8139
8140commit c4bfafcc2a9300d9cfb3c15e75572d3a7d74670d
8141Author: djm@openbsd.org <djm@openbsd.org>
8142Date:   Thu Jan 8 13:10:58 2015 +0000
8143
8144    upstream commit
8145
8146    adjust for sshkey_load_file() API change
8147
8148commit e752c6d547036c602b89e9e704851463bd160e32
8149Author: djm@openbsd.org <djm@openbsd.org>
8150Date:   Thu Jan 8 13:44:36 2015 +0000
8151
8152    upstream commit
8153
8154    fix ssh_config FingerprintHash evaluation order; from Petr
8155     Lautrbach
8156
8157commit ab24ab847b0fc94c8d5e419feecff0bcb6d6d1bf
8158Author: djm@openbsd.org <djm@openbsd.org>
8159Date:   Thu Jan 8 10:15:45 2015 +0000
8160
8161    upstream commit
8162
8163    reorder hostbased key attempts to better match the
8164     default hostkey algorithms order in myproposal.h; ok markus@
8165
8166commit 1195f4cb07ef4b0405c839293c38600b3e9bdb46
8167Author: djm@openbsd.org <djm@openbsd.org>
8168Date:   Thu Jan 8 10:14:08 2015 +0000
8169
8170    upstream commit
8171
8172    deprecate key_load_private_pem() and
8173     sshkey_load_private_pem() interfaces. Refactor the generic key loading API to
8174     not require pathnames to be specified (they weren't really used).
8175
8176    Fixes a few other things en passant:
8177
8178    Makes ed25519 keys work for hostbased authentication (ssh-keysign
8179    previously used the PEM-only routines).
8180
8181    Fixes key comment regression bz#2306: key pathnames were being lost as
8182    comment fields.
8183
8184    ok markus@
8185
8186commit febbe09e4e9aff579b0c5cc1623f756862e4757d
8187Author: tedu@openbsd.org <tedu@openbsd.org>
8188Date:   Wed Jan 7 18:15:07 2015 +0000
8189
8190    upstream commit
8191
8192    workaround for the Meyer, et al, Bleichenbacher Side
8193     Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm
8194     markus
8195
8196commit 5191df927db282d3123ca2f34a04d8d96153911a
8197Author: djm@openbsd.org <djm@openbsd.org>
8198Date:   Tue Dec 23 22:42:48 2014 +0000
8199
8200    upstream commit
8201
8202    KNF and add a little more debug()
8203
8204commit 8abd80315d3419b20e6938f74d37e2e2b547f0b7
8205Author: jmc@openbsd.org <jmc@openbsd.org>
8206Date:   Mon Dec 22 09:26:31 2014 +0000
8207
8208    upstream commit
8209
8210    add fingerprinthash to the options list;
8211
8212commit 296ef0560f60980da01d83b9f0e1a5257826536f
8213Author: jmc@openbsd.org <jmc@openbsd.org>
8214Date:   Mon Dec 22 09:24:59 2014 +0000
8215
8216    upstream commit
8217
8218    tweak previous;
8219
8220commit 462082eacbd37778a173afb6b84c6f4d898a18b5
8221Author: Damien Miller <djm@google.com>
8222Date:   Tue Dec 30 08:16:11 2014 +1100
8223
8224    avoid uninitialised free of ldns_res
8225
8226    If an invalid rdclass was passed to getrrsetbyname() then
8227    this would execute a free on an uninitialised pointer.
8228    OpenSSH only ever calls this with a fixed and valid rdclass.
8229
8230    Reported by Joshua Rogers
8231
8232commit 01b63498801053f131a0740eb9d13faf35d636c8
8233Author: Damien Miller <djm@google.com>
8234Date:   Mon Dec 29 18:10:18 2014 +1100
8235
8236    pull updated OpenBSD BCrypt PBKDF implementation
8237
8238    Includes fix for 1 byte output overflow for large key length
8239    requests (not reachable in OpenSSH).
8240
8241    Pointed out by Joshua Rogers
8242
8243commit c528c1b4af2f06712177b3de9b30705752f7cbcb
8244Author: Damien Miller <djm@google.com>
8245Date:   Tue Dec 23 15:26:13 2014 +1100
8246
8247    fix variable name for IPv6 case in construct_utmpx
8248
8249    patch from writeonce AT midipix.org via bz#2296
8250
8251commit 293cac52dcda123244b2e594d15592e5e481c55e
8252Author: Damien Miller <djm@google.com>
8253Date:   Mon Dec 22 16:30:42 2014 +1100
8254
8255    include and use OpenBSD netcat in regress/
8256
8257commit 8f6784f0cb56dc4fd00af3e81a10050a5785228d
8258Author: djm@openbsd.org <djm@openbsd.org>
8259Date:   Mon Dec 22 09:05:17 2014 +0000
8260
8261    upstream commit
8262
8263    mention ssh -Q feature to list supported { MAC, cipher,
8264     KEX, key } algorithms in more places and include the query string used to
8265     list the relevant information; bz#2288
8266
8267commit 449e11b4d7847079bd0a2daa6e3e7ea03d8ef700
8268Author: jmc@openbsd.org <jmc@openbsd.org>
8269Date:   Mon Dec 22 08:24:17 2014 +0000
8270
8271    upstream commit
8272
8273    tweak previous;
8274
8275commit 4bea0ab3290c0b9dd2aa199e932de8e7e18062d6
8276Author: djm@openbsd.org <djm@openbsd.org>
8277Date:   Mon Dec 22 08:06:03 2014 +0000
8278
8279    upstream commit
8280
8281    regression test for multiple required pubkey authentication;
8282     ok markus@
8283
8284commit f1c4d8ec52158b6f57834b8cd839605b0a33e7f2
8285Author: djm@openbsd.org <djm@openbsd.org>
8286Date:   Mon Dec 22 08:04:23 2014 +0000
8287
8288    upstream commit
8289
8290    correct description of what will happen when a
8291     AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd
8292     will refuse to start)
8293
8294commit 161cf419f412446635013ac49e8c660cadc36080
8295Author: djm@openbsd.org <djm@openbsd.org>
8296Date:   Mon Dec 22 07:55:51 2014 +0000
8297
8298    upstream commit
8299
8300    make internal handling of filename arguments of "none"
8301     more consistent with ssh. "none" arguments are now replaced with NULL when
8302     the configuration is finalised.
8303
8304    Simplifies checking later on (just need to test not-NULL rather than
8305    that + strcmp) and cleans up some inconsistencies. ok markus@
8306
8307commit f69b69b8625be447b8826b21d87713874dac25a6
8308Author: djm@openbsd.org <djm@openbsd.org>
8309Date:   Mon Dec 22 07:51:30 2014 +0000
8310
8311    upstream commit
8312
8313    remember which public keys have been used for
8314     authentication and refuse to accept previously-used keys.
8315
8316    This allows AuthenticationMethods=publickey,publickey to require
8317    that users authenticate using two _different_ pubkeys.
8318
8319    ok markus@
8320
8321commit 46ac2ed4677968224c4ca825bc98fc68dae183f0
8322Author: djm@openbsd.org <djm@openbsd.org>
8323Date:   Mon Dec 22 07:24:11 2014 +0000
8324
8325    upstream commit
8326
8327    fix passing of wildcard forward bind addresses when
8328     connection multiplexing is in use; patch from Sami Hartikainen via bz#2324;
8329     ok dtucker@
8330
8331commit 0d1b241a262e4d0a6bbfdd595489ab1b853c43a1
8332Author: djm@openbsd.org <djm@openbsd.org>
8333Date:   Mon Dec 22 06:14:29 2014 +0000
8334
8335    upstream commit
8336
8337    make this slightly easier to diff against portable
8338
8339commit 0715bcdddbf68953964058f17255bf54734b8737
8340Author: Damien Miller <djm@mindrot.org>
8341Date:   Mon Dec 22 13:47:07 2014 +1100
8342
8343    add missing regress output file
8344
8345commit 1e30483c8ad2c2f39445d4a4b6ab20c241e40593
8346Author: djm@openbsd.org <djm@openbsd.org>
8347Date:   Mon Dec 22 02:15:52 2014 +0000
8348
8349    upstream commit
8350
8351    adjust for new SHA256 key fingerprints and
8352     slightly-different MD5 hex fingerprint format
8353
8354commit 6b40567ed722df98593ad8e6a2d2448fc2b4b151
8355Author: djm@openbsd.org <djm@openbsd.org>
8356Date:   Mon Dec 22 01:14:49 2014 +0000
8357
8358    upstream commit
8359
8360    poll changes to netcat (usr.bin/netcat.c r1.125) broke
8361     this test; fix it by ensuring more stdio fds are sent to devnull
8362
8363commit a5375ccb970f49dddf7d0ef63c9b713ede9e7260
8364Author: jmc@openbsd.org <jmc@openbsd.org>
8365Date:   Sun Dec 21 23:35:14 2014 +0000
8366
8367    upstream commit
8368
8369    tweak previous;
8370
8371commit b79efde5c3badf5ce4312fe608d8307eade533c5
8372Author: djm@openbsd.org <djm@openbsd.org>
8373Date:   Sun Dec 21 23:12:42 2014 +0000
8374
8375    upstream commit
8376
8377    document FingerprintHash here too
8378
8379commit d16bdd8027dd116afa01324bb071a4016cdc1a75
8380Author: Damien Miller <djm@mindrot.org>
8381Date:   Mon Dec 22 10:18:09 2014 +1100
8382
8383    missing include for base64 encoding
8384
8385commit 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994
8386Author: djm@openbsd.org <djm@openbsd.org>
8387Date:   Sun Dec 21 22:27:55 2014 +0000
8388
8389    upstream commit
8390
8391    Add FingerprintHash option to control algorithm used for
8392     key fingerprints. Default changes from MD5 to SHA256 and format from hex to
8393     base64.
8394
8395    Feedback and ok naddy@ markus@
8396
8397commit 058f839fe15c51be8b3a844a76ab9a8db550be4f
8398Author: djm@openbsd.org <djm@openbsd.org>
8399Date:   Thu Dec 18 23:58:04 2014 +0000
8400
8401    upstream commit
8402
8403    don't count partial authentication success as a failure
8404     against MaxAuthTries; ok deraadt@
8405
8406commit c7219f4f54d64d6dde66dbcf7a2699daa782d2a1
8407Author: djm@openbsd.org <djm@openbsd.org>
8408Date:   Fri Dec 12 00:02:17 2014 +0000
8409
8410    upstream commit
8411
8412    revert chunk I didn't mean to commit yet; via jmc@
8413
8414commit 7de5991aa3997e2981440f39c1ea01273a0a2c7b
8415Author: Damien Miller <djm@mindrot.org>
8416Date:   Thu Dec 18 11:44:06 2014 +1100
8417
8418    upstream libc change
8419
8420    revision 1.2
8421    date: 2014/12/08 03:45:00;  author: bcook;  state: Exp;  lines: +2 -2;  commitid: 7zWEBgJJOCZ2hvTV;
8422    avoid left shift overflow in reallocarray.
8423
8424    Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting
8425    1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with
8426    (size_t)1 so that we get the correct constant size for the platform.
8427
8428    discussed with tedu@ & deraadt@
8429
8430commit 2048f85a5e6da8bc6e0532efe02ecfd4e63c978c
8431Author: Damien Miller <djm@mindrot.org>
8432Date:   Thu Dec 18 10:15:49 2014 +1100
8433
8434    include CFLAGS in gnome askpass targets
8435
8436    from Fedora
8437
8438commit 48b68ce19ca42fa488960028048dec023f7899bb
8439Author: djm@openbsd.org <djm@openbsd.org>
8440Date:   Thu Dec 11 08:20:09 2014 +0000
8441
8442    upstream commit
8443
8444    explicitly include sys/param.h in files that use the
8445     howmany() macro; from portable
8446
8447commit d663bea30a294d440fef4398e5cd816317bd4518
8448Author: djm@openbsd.org <djm@openbsd.org>
8449Date:   Thu Dec 11 05:25:06 2014 +0000
8450
8451    upstream commit
8452
8453    mention AuthorizedKeysCommandUser must be set for
8454     AuthorizedKeysCommand to be run; bz#2287
8455
8456commit 17bf3d81e00f2abb414a4fd271118cf4913f049f
8457Author: djm@openbsd.org <djm@openbsd.org>
8458Date:   Thu Dec 11 05:13:28 2014 +0000
8459
8460    upstream commit
8461
8462    show in debug output which hostkeys are being tried when
8463     attempting hostbased auth; patch from Iain Morgan
8464
8465commit da0277e3717eadf5b15e03379fc29db133487e94
8466Author: djm@openbsd.org <djm@openbsd.org>
8467Date:   Thu Dec 11 04:16:14 2014 +0000
8468
8469    upstream commit
8470
8471    Make manual reflect reality: sftp-server's -d option
8472     accepts a "%d" option, not a "%h" one.
8473
8474    bz#2316; reported by Kirk Wolf
8475
8476commit 4cf87f4b81fa9380bce5fcff7b0f8382ae3ad996
8477Author: djm@openbsd.org <djm@openbsd.org>
8478Date:   Wed Dec 10 01:24:09 2014 +0000
8479
8480    upstream commit
8481
8482    better error value for invalid signature length
8483
8484commit 4bfad14ca56f8ae04f418997816b4ba84e2cfc3c
8485Author: Darren Tucker <dtucker@zip.com.au>
8486Date:   Wed Dec 10 02:12:51 2014 +1100
8487
8488    Resync more with OpenBSD's rijndael.c, in particular "#if 0"-ing out some
8489    unused code.  Should fix compile error reported by plautrba at redhat.
8490
8491commit 642652d280499691c8212ec6b79724b50008ce09
8492Author: Darren Tucker <dtucker@zip.com.au>
8493Date:   Wed Dec 10 01:32:23 2014 +1100
8494
8495    Add reallocarray to compat library
8496
8497commit 3dfd8d93dfcc69261f5af99df56f3ff598581979
8498Author: djm@openbsd.org <djm@openbsd.org>
8499Date:   Thu Dec 4 22:31:50 2014 +0000
8500
8501    upstream commit
8502
8503    add tests for new client RevokedHostKeys option; refactor
8504     to make it a bit more readable
8505
8506commit a31046cad1aed16a0b55171192faa6d02665ccec
8507Author: krw@openbsd.org <krw@openbsd.org>
8508Date:   Wed Nov 19 13:35:37 2014 +0000
8509
8510    upstream commit
8511
8512    Nuke yet more obvious #include duplications.
8513
8514    ok deraadt@
8515
8516commit a7c762e5b2c1093542c0bc1df25ccec0b4cf479f
8517Author: djm@openbsd.org <djm@openbsd.org>
8518Date:   Thu Dec 4 20:47:36 2014 +0000
8519
8520    upstream commit
8521
8522    key_in_file() wrapper is no longer used
8523
8524commit 5e39a49930d885aac9c76af3129332b6e772cd75
8525Author: djm@openbsd.org <djm@openbsd.org>
8526Date:   Thu Dec 4 02:24:32 2014 +0000
8527
8528    upstream commit
8529
8530    add RevokedHostKeys option for the client
8531
8532    Allow textfile or KRL-based revocation of hostkeys.
8533
8534commit 74de254bb92c684cf53461da97f52d5ba34ded80
8535Author: djm@openbsd.org <djm@openbsd.org>
8536Date:   Thu Dec 4 01:49:59 2014 +0000
8537
8538    upstream commit
8539
8540    convert KRL code to new buffer API
8541
8542    ok markus@
8543
8544commit db995f2eed5fc432598626fa3e30654503bf7151
8545Author: millert@openbsd.org <millert@openbsd.org>
8546Date:   Wed Nov 26 18:34:51 2014 +0000
8547
8548    upstream commit
8549
8550    Prefer setvbuf() to setlinebuf() for portability; ok
8551     deraadt@
8552
8553commit 72bba3d179ced8b425272efe6956a309202a91f3
8554Author: jsg@openbsd.org <jsg@openbsd.org>
8555Date:   Mon Nov 24 03:39:22 2014 +0000
8556
8557    upstream commit
8558
8559    Fix crashes in the handling of the sshd config file found
8560     with the afl fuzzer.
8561
8562    ok deraadt@ djm@
8563
8564commit 867f49c666adcfe92bf539d9c37c1accdea08bf6
8565Author: Damien Miller <djm@mindrot.org>
8566Date:   Wed Nov 26 13:22:41 2014 +1100
8567
8568    Avoid Cygwin ssh-host-config reading /etc/group
8569
8570    Patch from Corinna Vinschen
8571
8572commit 8b66f36291a721b1ba7c44f24a07fdf39235593e
8573Author: Damien Miller <djm@mindrot.org>
8574Date:   Wed Nov 26 13:20:35 2014 +1100
8575
8576    allow custom service name for sshd on Cygwin
8577
8578    Permits the use of multiple sshd running with different service names.
8579
8580    Patch by Florian Friesdorf via Corinna Vinschen
8581
8582commit 08c0eebf55d70a9ae1964399e609288ae3186a0c
8583Author: jmc@openbsd.org <jmc@openbsd.org>
8584Date:   Sat Nov 22 19:21:03 2014 +0000
8585
8586    upstream commit
8587
8588    restore word zapped in previous, and remove some useless
8589     "No" macros;
8590
8591commit a1418a0033fba43f061513e992e1cbcc3343e563
8592Author: deraadt@openbsd.org <deraadt@openbsd.org>
8593Date:   Sat Nov 22 18:15:41 2014 +0000
8594
8595    upstream commit
8596
8597    /dev/random has created the same effect as /dev/arandom
8598     (and /dev/urandom) for quite some time.  Mop up the last few, by using
8599     /dev/random where we actually want it, or not even mentioning arandom where
8600     it is irrelevant.
8601
8602commit b6de5ac9ed421362f479d1ad4fa433d2e25dad5b
8603Author: djm@openbsd.org <djm@openbsd.org>
8604Date:   Fri Nov 21 01:00:38 2014 +0000
8605
8606    upstream commit
8607
8608    fix NULL pointer dereference crash on invalid timestamp
8609
8610    found using Michal Zalewski's afl fuzzer
8611
8612commit a1f8110cd5ed818d59b3a2964fab7de76e92c18e
8613Author: mikeb@openbsd.org <mikeb@openbsd.org>
8614Date:   Tue Nov 18 22:38:48 2014 +0000
8615
8616    upstream commit
8617
8618    Sync AES code to the one shipped in OpenSSL/LibreSSL.
8619
8620    This includes a commit made by Andy Polyakov <appro at openssl ! org>
8621    to the OpenSSL source tree on Wed, 28 Jun 2006 with the following
8622    message: "Mitigate cache-collision timing attack on last round."
8623
8624    OK naddy, miod, djm
8625
8626commit 335c83d5f35d8620e16b8aa26592d4f836e09ad2
8627Author: krw@openbsd.org <krw@openbsd.org>
8628Date:   Tue Nov 18 20:54:28 2014 +0000
8629
8630    upstream commit
8631
8632    Nuke more obvious #include duplications.
8633
8634    ok deraadt@ millert@ tedu@
8635
8636commit 51b64e44121194ae4bf153dee391228dada2abcb
8637Author: djm@openbsd.org <djm@openbsd.org>
8638Date:   Mon Nov 17 00:21:40 2014 +0000
8639
8640    upstream commit
8641
8642    fix KRL generation when multiple CAs are in use
8643
8644    We would generate an invalid KRL when revoking certs by serial
8645    number for multiple CA keys due to a section being written out
8646    twice.
8647
8648    Also extend the regress test to catch this case by having it
8649    produce a multi-CA KRL.
8650
8651    Reported by peter AT pean.org
8652
8653commit d2d51003a623e21fb2b25567c4878d915e90aa2a
8654Author: djm@openbsd.org <djm@openbsd.org>
8655Date:   Tue Nov 18 01:02:25 2014 +0000
8656
8657    upstream commit
8658
8659    fix NULL pointer dereference crash in key loading
8660
8661    found by Michal Zalewski's AFL fuzzer
8662
8663commit 9f9fad0191028edc43d100d0ded39419b6895fdf
8664Author: djm@openbsd.org <djm@openbsd.org>
8665Date:   Mon Nov 17 00:21:40 2014 +0000
8666
8667    upstream commit
8668
8669    fix KRL generation when multiple CAs are in use
8670
8671    We would generate an invalid KRL when revoking certs by serial
8672    number for multiple CA keys due to a section being written out
8673    twice.
8674
8675    Also extend the regress test to catch this case by having it
8676    produce a multi-CA KRL.
8677
8678    Reported by peter AT pean.org
8679
8680commit da8af83d3f7ec00099963e455010e0ed1d7d0140
8681Author: bentley@openbsd.org <bentley@openbsd.org>
8682Date:   Sat Nov 15 14:41:03 2014 +0000
8683
8684    upstream commit
8685
8686    Reduce instances of `` '' in manuals.
8687
8688    troff displays these as typographic quotes, but nroff implementations
8689    almost always print them literally, which rarely has the intended effect
8690    with modern fonts, even in stock xterm.
8691
8692    These uses of `` '' can be replaced either with more semantic alternatives
8693    or with Dq, which prints typographic quotes in a UTF-8 locale (but will
8694    automatically fall back to `` '' in an ASCII locale).
8695
8696    improvements and ok schwarze@
8697
8698commit fc302561369483bb755b17f671f70fb894aec01d
8699Author: djm@openbsd.org <djm@openbsd.org>
8700Date:   Mon Nov 10 22:25:49 2014 +0000
8701
8702    upstream commit
8703
8704    mux-related manual tweaks
8705
8706    mention ControlPersist=0 is the same as ControlPersist=yes
8707
8708    recommend that ControlPath sockets be placed in a og-w directory
8709
8710commit 0e4cff5f35ed11102fe3783779960ef07e0cd381
8711Author: Damien Miller <djm@google.com>
8712Date:   Wed Nov 5 11:01:31 2014 +1100
8713
8714    Prepare scripts for next Cygwin release
8715
8716    Makes the Cygwin-specific ssh-user-config script independent of the
8717    existence of /etc/passwd.  The next Cygwin release will allow to
8718    generate passwd and group entries from the Windows account DBs, so the
8719    scripts have to adapt.
8720
8721    from Corinna Vinschen
8722
8723commit 7d0ba5336651731949762eb8877ce9e3b52df436
8724Author: Damien Miller <djm@mindrot.org>
8725Date:   Thu Oct 30 10:45:41 2014 +1100
8726
8727    include version number in OpenSSL-too-old error
8728
8729commit 3bcb92e04d9207e9f78d82f7918c6d3422054ce9
8730Author: lteo@openbsd.org <lteo@openbsd.org>
8731Date:   Fri Oct 24 02:01:20 2014 +0000
8732
8733    upstream commit
8734
8735    Remove unnecessary include: netinet/in_systm.h is not needed
8736     by these programs.
8737
8738    NB. skipped for portable
8739
8740    ok deraadt@ millert@
8741
8742commit 6fdcaeb99532e28a69f1a1599fbd540bb15b70a0
8743Author: djm@openbsd.org <djm@openbsd.org>
8744Date:   Mon Oct 20 03:43:01 2014 +0000
8745
8746    upstream commit
8747
8748    whitespace
8749
8750commit 165bc8786299e261706ed60342985f9de93a7461
8751Author: daniel@openbsd.org <daniel@openbsd.org>
8752Date:   Tue Oct 14 03:09:59 2014 +0000
8753
8754    upstream commit
8755
8756    plug a memory leak; from Maxime Villard.
8757
8758    ok djm@
8759
8760commit b1ba15f3885947c245c2dbfaad0a04ba050abea0
8761Author: jmc@openbsd.org <jmc@openbsd.org>
8762Date:   Thu Oct 9 06:21:31 2014 +0000
8763
8764    upstream commit
8765
8766    tweak previous;
8767
8768commit 259a02ebdf74ad90b41d116ecf70aa823fa4c6e7
8769Author: djm@openbsd.org <djm@openbsd.org>
8770Date:   Mon Oct 13 00:38:35 2014 +0000
8771
8772    upstream commit
8773
8774    whitespace
8775
8776commit 957fbceb0f3166e41b76fdb54075ab3b9cc84cba
8777Author: djm@openbsd.org <djm@openbsd.org>
8778Date:   Wed Oct 8 22:20:25 2014 +0000
8779
8780    upstream commit
8781
8782    Tweak config reparsing with host canonicalisation
8783
8784    Make the second pass through the config files always run when
8785    hostname canonicalisation is enabled.
8786
8787    Add a "Match canonical" criteria that allows ssh_config Match
8788    blocks to trigger only in the second config pass.
8789
8790    Add a -G option to ssh that causes it to parse its configuration
8791    and dump the result to stdout, similar to "sshd -T"
8792
8793    Allow ssh_config Port options set in the second config parse
8794    phase to be applied (they were being ignored).
8795
8796    bz#2267 bz#2286; ok markus
8797
8798commit 5c0dafd38bf66feeeb45fa0741a5baf5ad8039ba
8799Author: djm@openbsd.org <djm@openbsd.org>
8800Date:   Wed Oct 8 22:15:27 2014 +0000
8801
8802    upstream commit
8803
8804    another -Wpointer-sign from clang
8805
8806commit bb005dc815ebda9af3ae4b39ca101c4da918f835
8807Author: djm@openbsd.org <djm@openbsd.org>
8808Date:   Wed Oct 8 22:15:06 2014 +0000
8809
8810    upstream commit
8811
8812    fix a few -Wpointer-sign warnings from clang
8813
8814commit 3cc1fbb4fb0e804bfb873fd363cea91b27fc8188
8815Author: djm@openbsd.org <djm@openbsd.org>
8816Date:   Wed Oct 8 21:45:48 2014 +0000
8817
8818    upstream commit
8819
8820    parse cert sections using nested buffers to reduce
8821     copies; ok markus
8822
8823commit 4a45922aebf99164e2fc83d34fe55b11ae1866ef
8824Author: djm@openbsd.org <djm@openbsd.org>
8825Date:   Mon Oct 6 00:47:15 2014 +0000
8826
8827    upstream commit
8828
8829    correct options in usage(); from mancha1 AT zoho.com
8830
8831commit 48dffd5bebae6fed0556dc5c36cece0370690618
8832Author: djm@openbsd.org <djm@openbsd.org>
8833Date:   Tue Sep 9 09:45:36 2014 +0000
8834
8835    upstream commit
8836
8837    mention permissions on tun(4) devices in PermitTunnel
8838     documentation; bz#2273
8839
8840commit a5883d4eccb94b16c355987f58f86a7dee17a0c2
8841Author: djm@openbsd.org <djm@openbsd.org>
8842Date:   Wed Sep 3 18:55:07 2014 +0000
8843
8844    upstream commit
8845
8846    tighten permissions on pty when the "tty" group does
8847     not exist; pointed out by Corinna Vinschen; ok markus
8848
8849commit 180bcb406b58bf30723c01a6b010e48ee626dda8
8850Author: sobrado@openbsd.org <sobrado@openbsd.org>
8851Date:   Sat Aug 30 16:32:25 2014 +0000
8852
8853    upstream commit
8854
8855    typo.
8856
8857commit f70b22bcdd52f6bf127047b3584371e6e5d45627
8858Author: sobrado@openbsd.org <sobrado@openbsd.org>
8859Date:   Sat Aug 30 15:33:50 2014 +0000
8860
8861    upstream commit
8862
8863    improve capitalization for the Ed25519 public-key
8864     signature system.
8865
8866    ok djm@
8867
8868commit 7df8818409c752cf3f0c3f8044fe9aebed8647bd
8869Author: doug@openbsd.org <doug@openbsd.org>
8870Date:   Thu Aug 21 01:08:52 2014 +0000
8871
8872    upstream commit
8873
8874    Free resources on error in mkstemp and fdopen
8875
8876    ok djm@
8877
8878commit 40ba4c9733aaed08304714faeb61529f18da144b
8879Author: deraadt@openbsd.org <deraadt@openbsd.org>
8880Date:   Wed Aug 20 01:28:55 2014 +0000
8881
8882    upstream commit
8883
8884    djm how did you make a typo like that...
8885
8886commit 57d378ec9278ba417a726f615daad67d157de666
8887Author: djm@openbsd.org <djm@openbsd.org>
8888Date:   Tue Aug 19 23:58:28 2014 +0000
8889
8890    upstream commit
8891
8892    When dumping the server configuration (sshd -T), print
8893     correct KEX, MAC and cipher defaults. Spotted by Iain Morgan
8894
8895commit 7ff880ede5195d0b17e7f1e3b6cfbc4cb6f85240
8896Author: djm@openbsd.org <djm@openbsd.org>
8897Date:   Tue Aug 19 23:57:18 2014 +0000
8898
8899    upstream commit
8900
8901    ~-expand lcd paths
8902
8903commit 4460a7ad0c78d4cd67c467f6e9f4254d0404ed59
8904Author: Damien Miller <djm@mindrot.org>
8905Date:   Sun Oct 12 12:35:48 2014 +1100
8906
8907    remove duplicated KEX_DH1 entry
8908
8909commit c9b8426a616138d0d762176c94f51aff3faad5ff
8910Author: Damien Miller <djm@mindrot.org>
8911Date:   Thu Oct 9 10:34:06 2014 +1100
8912
8913    remove ChangeLog file
8914
8915    Commit logs will be generated from git at release time.
8916
8917commit 81d18ff7c93a04affbf3903e0963859763219aed
8918Author: Damien Miller <djm@google.com>
8919Date:   Tue Oct 7 21:24:25 2014 +1100
8920
8921    delete contrib/caldera directory
8922
8923commit 0ec9e87d3638206456968202f05bb5123670607a
8924Author: Damien Miller <djm@google.com>
8925Date:   Tue Oct 7 19:57:27 2014 +1100
8926
8927    test commit
8928
8929commit 8fb65a44568701b779f3d77326bceae63412d28d
8930Author: Damien Miller <djm@mindrot.org>
8931Date:   Tue Oct 7 09:21:49 2014 +1100
8932
8933     - (djm) Release OpenSSH-6.7
8934
8935commit e8c9f2602c46f6781df5e52e6cd8413dab4602a3
8936Author: Damien Miller <djm@mindrot.org>
8937Date:   Fri Oct 3 09:24:56 2014 +1000
8938
8939     - (djm) [sshd_config.5] typo; from Iain Morgan
8940
8941commit 703b98a26706f5083801d11059486d77491342ae
8942Author: Damien Miller <djm@mindrot.org>
8943Date:   Wed Oct 1 09:43:07 2014 +1000
8944
8945     - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]
8946       [openbsd-compat/openbsd-compat.h] Kludge around bad glibc
8947       _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets;
8948       ok dtucker@
8949
8950commit 0fa0ed061bbfedb0daa705e220748154a84c3413
8951Author: Damien Miller <djm@mindrot.org>
8952Date:   Wed Sep 10 08:15:34 2014 +1000
8953
8954     - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;
8955       patch from Felix von Leitner; ok dtucker
8956
8957commit ad7d23d461c3b7e1dcb15db13aee5f4b94dc1a95
8958Author: Darren Tucker <dtucker@zip.com.au>
8959Date:   Tue Sep 9 12:23:10 2014 +1000
8960
8961    20140908
8962     - (dtucker) [INSTALL] Update info about egd.  ok djm@
8963
8964commit 2a8699f37cc2515e3bc60e0c677ba060f4d48191
8965Author: Damien Miller <djm@mindrot.org>
8966Date:   Thu Sep 4 03:46:05 2014 +1000
8967
8968     - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
8969
8970commit 44988defb1f5e3afe576d86000365e1f07a1b494
8971Author: Damien Miller <djm@mindrot.org>
8972Date:   Wed Sep 3 05:35:32 2014 +1000
8973
8974     - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to
8975       permissions/ACLs; from Corinna Vinschen
8976
8977commit 23f269562b7537b2f6f5014e50a25e5dcc55a837
8978Author: Damien Miller <djm@mindrot.org>
8979Date:   Wed Sep 3 05:33:25 2014 +1000
8980
8981     - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
8982       conditionalise to avoid duplicate definition.
8983
8984commit 41c8de2c0031cf59e7cf0c06b5bcfbf4852c1fda
8985Author: Damien Miller <djm@mindrot.org>
8986Date:   Sat Aug 30 16:23:06 2014 +1000
8987
8988     - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@
8989
8990commit d7c81e216a7bd9eed6e239c970d9261bb1651947
8991Author: Damien Miller <djm@mindrot.org>
8992Date:   Sat Aug 30 04:18:28 2014 +1000
8993
8994     - (djm) [openbsd-compat/openssl-compat.h] add include guard
8995
8996commit 4687802dda57365b984b897fc3c8e2867ea09b22
8997Author: Damien Miller <djm@mindrot.org>
8998Date:   Sat Aug 30 03:29:19 2014 +1000
8999
9000     - (djm) [misc.c] Missing newline between functions
9001
9002commit 51c77e29220dee87c53be2dc47092934acab26fe
9003Author: Damien Miller <djm@mindrot.org>
9004Date:   Sat Aug 30 02:30:30 2014 +1000
9005
9006     - (djm) [openbsd-compat/openssl-compat.h] add
9007       OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
9008
9009commit 3d673d103bad35afaec6e7ef73e5277216ce33a3
9010Author: Damien Miller <djm@mindrot.org>
9011Date:   Wed Aug 27 06:32:01 2014 +1000
9012
9013     - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
9014       using memset_s() where possible; improve fallback to indirect bzero
9015       via a volatile pointer to give it more of a chance to avoid being
9016       optimised away.
9017
9018commit 146218ac11a1eb0dcade6f793d7acdef163b5ddc
9019Author: Damien Miller <djm@mindrot.org>
9020Date:   Wed Aug 27 04:11:55 2014 +1000
9021
9022     - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
9023       monitor, not preauth; bz#2263
9024
9025commit 1b215c098b3b37e38aa4e4c91bb908eee41183b1
9026Author: Damien Miller <djm@mindrot.org>
9027Date:   Wed Aug 27 04:04:40 2014 +1000
9028
9029     - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
9030       [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
9031       [regress/unittests/sshkey/common.c]
9032       [regress/unittests/sshkey/test_file.c]
9033       [regress/unittests/sshkey/test_fuzz.c]
9034       [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
9035       on !ECC OpenSSL systems
9036
9037commit ad013944af0a19e3f612089d0099bb397cf6502d
9038Author: Damien Miller <djm@mindrot.org>
9039Date:   Tue Aug 26 09:27:28 2014 +1000
9040
9041     - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,
9042       update OpenSSL version requirement.
9043
9044commit ed126de8ee04c66640a0ea2697c4aaf36801f100
9045Author: Damien Miller <djm@mindrot.org>
9046Date:   Tue Aug 26 08:37:47 2014 +1000
9047
9048     - (djm) [bufec.c] Skip this file on !ECC OpenSSL
9049
9050commit 9c1dede005746864a4fdb36a7cdf6c51296ca909
9051Author: Damien Miller <djm@mindrot.org>
9052Date:   Sun Aug 24 03:01:06 2014 +1000
9053
9054     - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not
9055       PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
9056
9057commit d244a5816fd1312a33404b436e4dd83594f1119e
9058Author: Damien Miller <djm@mindrot.org>
9059Date:   Sat Aug 23 17:06:49 2014 +1000
9060
9061     - (djm) [configure.ac] We now require a working vsnprintf everywhere (not
9062       just for systems that lack asprintf); check for it always and extend
9063       test to catch more brokenness. Fixes builds on Solaris <= 9
9064
9065commit 4cec036362a358e398e6a2e6d19d8e5780558634
9066Author: Damien Miller <djm@mindrot.org>
9067Date:   Sat Aug 23 03:11:09 2014 +1000
9068
9069     - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on
9070       lastlog writing on platforms with high UIDs; bz#2263
9071
9072commit 394a60f2598d28b670d934b93942a3370b779b39
9073Author: Damien Miller <djm@mindrot.org>
9074Date:   Fri Aug 22 18:06:20 2014 +1000
9075
9076     - (djm) [configure.ac] double braces to appease autoconf
9077
9078commit 4d69aeabd6e60afcdc7cca177ca751708ab79a9d
9079Author: Damien Miller <djm@mindrot.org>
9080Date:   Fri Aug 22 17:48:27 2014 +1000
9081
9082     - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/
9083       definition mismatch) and warning for broken/missing snprintf case.
9084
9085commit 0c11f1ac369d2c0aeb0ab0458a7cd04c72fe5e9e
9086Author: Damien Miller <djm@mindrot.org>
9087Date:   Fri Aug 22 17:36:56 2014 +1000
9088
9089     - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC
9090
9091commit 6d62784b8973340b251fea6b04890f471adf28db
9092Author: Damien Miller <djm@mindrot.org>
9093Date:   Fri Aug 22 17:36:19 2014 +1000
9094
9095     - (djm) [configure.ac] include leading zero characters in OpenSSL version
9096       number; fixes test for unsupported versions
9097
9098commit 4f1ff1ed782117f5d5204d4e91156ed5da07cbb7
9099Author: Damien Miller <djm@mindrot.org>
9100Date:   Thu Aug 21 15:54:50 2014 +1000
9101
9102     - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
9103       don't set __progname. Diagnosed by Tom Christensen.
9104
9105commit 005a64da0f457410045ef0bfa93c863c2450447d
9106Author: Damien Miller <djm@mindrot.org>
9107Date:   Thu Aug 21 10:48:41 2014 +1000
9108
9109     - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL
9110
9111commit aa6598ebb3343c7380e918388e10e8ca5852b613
9112Author: Damien Miller <djm@mindrot.org>
9113Date:   Thu Aug 21 10:47:54 2014 +1000
9114
9115     - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.
9116
9117commit 54703e3cf63f0c80d4157e5ad7dbc2b363ee2c56
9118Author: Damien Miller <djm@mindrot.org>
9119Date:   Wed Aug 20 11:10:51 2014 +1000
9120
9121     - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna
9122
9123commit f0935698f0461f24d8d1f1107b476ee5fd4db1cb
9124Author: Damien Miller <djm@mindrot.org>
9125Date:   Wed Aug 20 11:06:50 2014 +1000
9126
9127     - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC
9128
9129commit c5089ecaec3b2c02f014f4e67518390702a4ba14
9130Author: Damien Miller <djm@mindrot.org>
9131Date:   Wed Aug 20 11:06:20 2014 +1000
9132
9133     - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than
9134       -L/-l; fixes linking problems on some platforms
9135
9136commit 2195847e503a382f83ee969b0a8bd3dfe0e55c18
9137Author: Damien Miller <djm@mindrot.org>
9138Date:   Wed Aug 20 11:05:03 2014 +1000
9139
9140     - (djm) [configure.ac] Check OpenSSL version is supported at configure time;
9141       suggested by Kevin Brott
9142
9143commit a75aca1bbc989aa9f8b1b08489d37855f3d24d1a
9144Author: Damien Miller <djm@mindrot.org>
9145Date:   Tue Aug 19 11:36:07 2014 +1000
9146
9147     - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]
9148       [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions
9149       of TCP wrappers.
9150
9151commit 3f022b5a9477abceeb1bbeab04b055f3cc7ca8f6
9152Author: Damien Miller <djm@mindrot.org>
9153Date:   Tue Aug 19 11:32:34 2014 +1000
9154
9155     - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG
9156
9157commit 88137902632aceb923990e98cf5dc923bb3ef2f5
9158Author: Damien Miller <djm@mindrot.org>
9159Date:   Tue Aug 19 11:28:11 2014 +1000
9160
9161     - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.
9162
9163commit 2f3d1e7fb2eabd3cfbfd8d0f7bdd2f9a1888690b
9164Author: Damien Miller <djm@mindrot.org>
9165Date:   Tue Aug 19 11:14:36 2014 +1000
9166
9167     - (djm) [myproposal.h] Make curve25519 KEX dependent on
9168       HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
9169
9170commit d4e7d59d01a6c7f59e8c1f94a83c086e9a33d8aa
9171Author: Damien Miller <djm@mindrot.org>
9172Date:   Tue Aug 19 11:14:17 2014 +1000
9173
9174     - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen
9175
9176commit 9eaeea2cf2b6af5f166cfa9ad3c7a90711a147a9
9177Author: Damien Miller <djm@mindrot.org>
9178Date:   Sun Aug 10 11:35:05 2014 +1000
9179
9180     - (djm) [README contrib/caldera/openssh.spec]
9181       [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
9182
9183commit f8988fbef0c9801d19fa2f8f4f041690412bec37
9184Author: Damien Miller <djm@mindrot.org>
9185Date:   Fri Aug 1 13:31:52 2014 +1000
9186
9187     - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
9188       nc from stdin, it's more portable
9189
9190commit 5b3879fd4b7a4e3d43bab8f40addda39bc1169d0
9191Author: Damien Miller <djm@mindrot.org>
9192Date:   Fri Aug 1 12:28:31 2014 +1000
9193
9194     - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
9195       is closed; avoid regress failures when stdin is /dev/null
9196
9197commit a9c46746d266f8a1b092a72b2150682d1af8ebfc
9198Author: Damien Miller <djm@mindrot.org>
9199Date:   Fri Aug 1 12:26:49 2014 +1000
9200
9201     - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
9202       a better solution, but this will have to do for now.
9203