1commit 99522ba7ec6963a05c04a156bf20e3ba3605987c 2Author: Damien Miller <djm@mindrot.org> 3Date: Thu Jul 28 08:54:27 2016 +1000 4 5 define _OPENBSD_SOURCE for reallocarray on NetBSD 6 7 Report by and debugged with Hisashi T Fujinaka, dtucker nailed 8 the problem (lack of prototype causing return type confusion). 9 10commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 11Author: Damien Miller <djm@mindrot.org> 12Date: Wed Jul 27 08:25:42 2016 +1000 13 14 KNF 15 16commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331 17Author: Damien Miller <djm@mindrot.org> 18Date: Wed Jul 27 08:25:23 2016 +1000 19 20 Linux auditing also needs packet.h 21 22commit 393bd381a45884b589baa9aed4394f1d250255ca 23Author: Damien Miller <djm@mindrot.org> 24Date: Wed Jul 27 08:18:05 2016 +1000 25 26 fix auditing on Linux 27 28 get_remote_ipaddr() was replaced with ssh_remote_ipaddr() 29 30commit 80e766fb089de4f3c92b1600eb99e9495e37c992 31Author: Damien Miller <djm@mindrot.org> 32Date: Sun Jul 24 21:50:13 2016 +1000 33 34 crank version numbers 35 36commit b1a478792d458f2e938a302e64bab2b520edc1b3 37Author: djm@openbsd.org <djm@openbsd.org> 38Date: Sun Jul 24 11:45:36 2016 +0000 39 40 upstream commit 41 42 openssh-7.3 43 44 Upstream-ID: af106a7eb665f642648cf1993e162c899f358718 45 46commit 353766e0881f069aeca30275ab706cd60a1a8fdd 47Author: Darren Tucker <dtucker@zip.com.au> 48Date: Sat Jul 23 16:14:42 2016 +1000 49 50 Move Cygwin IPPORT_RESERVED overrride to defines.h 51 52 Patch from vinschen at redhat.com. 53 54commit 368dd977ae07afb93f4ecea23615128c95ab2b32 55Author: djm@openbsd.org <djm@openbsd.org> 56Date: Sat Jul 23 02:54:08 2016 +0000 57 58 upstream commit 59 60 fix pledge violation with ssh -f; reported by Valentin 61 Kozamernik ok dtucker@ 62 63 Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa 64 65commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e 66Author: djm@openbsd.org <djm@openbsd.org> 67Date: Fri Jul 22 07:00:46 2016 +0000 68 69 upstream commit 70 71 improve wording; suggested by jmc@ 72 73 Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8 74 75commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8 76Author: dtucker@openbsd.org <dtucker@openbsd.org> 77Date: Fri Jul 22 05:46:11 2016 +0000 78 79 upstream commit 80 81 Lower loglevel for "Authenticated with partial success" 82 message similar to other similar level. bz#2599, patch from cgallek at 83 gmail.com, ok markus@ 84 85 Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd 86 87commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6 88Author: Damien Miller <djm@mindrot.org> 89Date: Fri Jul 22 14:06:36 2016 +1000 90 91 retry waitpid on EINTR failure 92 93 patch from Jakub Jelen on bz#2581; ok dtucker@ 94 95commit da88a70a89c800e74ea8e5661ffa127a3cc79a92 96Author: djm@openbsd.org <djm@openbsd.org> 97Date: Fri Jul 22 03:47:36 2016 +0000 98 99 upstream commit 100 101 constify a few functions' arguments; patch from Jakub 102 Jelen bz#2581 103 104 Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d 105 106commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf 107Author: djm@openbsd.org <djm@openbsd.org> 108Date: Fri Jul 22 03:39:13 2016 +0000 109 110 upstream commit 111 112 move debug("%p", key) to before key is free'd; probable 113 undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 114 115 Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a 116 117commit 286f5a77c3bfec1e8892ca268087ac885ac871bf 118Author: djm@openbsd.org <djm@openbsd.org> 119Date: Fri Jul 22 03:35:11 2016 +0000 120 121 upstream commit 122 123 reverse the order in which -J/JumpHost proxies are visited to 124 be more intuitive and document 125 126 reported by and manpage bits naddy@ 127 128 Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a 129 130commit fcd135c9df440bcd2d5870405ad3311743d78d97 131Author: dtucker@openbsd.org <dtucker@openbsd.org> 132Date: Thu Jul 21 01:39:35 2016 +0000 133 134 upstream commit 135 136 Skip passwords longer than 1k in length so clients can't 137 easily DoS sshd by sending very long passwords, causing it to spend CPU 138 hashing them. feedback djm@, ok markus@. 139 140 Brought to our attention by tomas.kuthan at oracle.com, shilei-c at 141 360.cn and coredump at autistici.org 142 143 Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 144 145commit 324583e8fb3935690be58790425793df619c6d4d 146Author: naddy@openbsd.org <naddy@openbsd.org> 147Date: Wed Jul 20 10:45:27 2016 +0000 148 149 upstream commit 150 151 Do not clobber the global jump_host variables when 152 parsing an inactive configuration. ok djm@ 153 154 Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31 155 156commit 32d921c323b989d28405e78d0a8923d12913d737 157Author: jmc@openbsd.org <jmc@openbsd.org> 158Date: Tue Jul 19 12:59:16 2016 +0000 159 160 upstream commit 161 162 tweak previous; 163 164 Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534 165 166commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025 167Author: dtucker@openbsd.org <dtucker@openbsd.org> 168Date: Tue Jul 19 11:38:53 2016 +0000 169 170 upstream commit 171 172 Allow wildcard for PermitOpen hosts as well as ports. 173 bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok 174 markus@ 175 176 Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2 177 178commit b98a2a8348e907b3d71caafd80f0be8fdd075943 179Author: markus@openbsd.org <markus@openbsd.org> 180Date: Mon Jul 18 11:35:33 2016 +0000 181 182 upstream commit 183 184 Reduce timing attack against obsolete CBC modes by always 185 computing the MAC over a fixed size of data. Reported by Jean Paul 186 Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@ 187 188 Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912 189 190commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc 191Author: Darren Tucker <dtucker@zip.com.au> 192Date: Thu Jul 21 14:17:31 2016 +1000 193 194 Search users for one with a valid salt. 195 196 If the root account is locked (eg password "!!" or "*LK*") keep looking 197 until we find a user with a valid salt to use for crypting passwords of 198 invalid users. ok djm@ 199 200commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782 201Author: Darren Tucker <dtucker@zip.com.au> 202Date: Mon Jul 18 17:22:49 2016 +1000 203 204 Explicitly specify source files for regress tools. 205 206 Since adding $(REGRESSLIBS), $? is wrong because it includes only the 207 changed source files. $< seems like it'd be right however it doesn't 208 seem to work on some non-GNU makes, so do what works everywhere. 209 210commit eac1bbd06872c273f16ac0f9976b0aef026b701b 211Author: Darren Tucker <dtucker@zip.com.au> 212Date: Mon Jul 18 17:12:22 2016 +1000 213 214 Conditionally include err.h. 215 216commit 0a454147568746c503f669e1ba861f76a2e7a585 217Author: Darren Tucker <dtucker@zip.com.au> 218Date: Mon Jul 18 16:26:26 2016 +1000 219 220 Remove local implementation of err, errx. 221 222 We now have a shared implementation in libopenbsd-compat. 223 224commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1 225Author: djm@openbsd.org <djm@openbsd.org> 226Date: Mon Jul 18 06:08:01 2016 +0000 227 228 upstream commit 229 230 Add some unsigned overflow checks for extra_pad. None of 231 these are reachable with the amount of padding that we use internally. 232 bz#2566, pointed out by Torben Hansen. ok markus@ 233 234 Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76 235 236commit c71ba790c304545464bb494de974cdf0f4b5cf1e 237Author: Darren Tucker <dtucker@zip.com.au> 238Date: Mon Jul 18 15:43:25 2016 +1000 239 240 Add dependency on libs for unit tests. 241 242 Makes "./configure && make tests" work again. ok djm@ 243 244commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8 245Author: Darren Tucker <dtucker@zip.com.au> 246Date: Mon Jul 18 13:47:39 2016 +1000 247 248 Correct location for kexfuzz in clean target. 249 250commit 01558b7b07af43da774d3a11a5c51fa9c310849d 251Author: Darren Tucker <dtucker@zip.com.au> 252Date: Mon Jul 18 09:33:25 2016 +1000 253 254 Handle PAM_MAXTRIES from modules. 255 256 bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer 257 password and keyboard-interative authentication methods. Should prevent 258 "sshd ignoring max retries" warnings in the log. ok djm@ 259 260 It probably won't trigger with keyboard-interactive in the default 261 configuration because the retry counter is stored in module-private 262 storage which goes away with the sshd PAM process (see bz#688). On the 263 other hand, those cases probably won't log a warning either. 264 265commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc 266Author: djm@openbsd.org <djm@openbsd.org> 267Date: Sun Jul 17 04:20:16 2016 +0000 268 269 upstream commit 270 271 support UTF-8 characters in ssh(1) banners using 272 schwarze@'s safe fmprintf printer; bz#2058 273 274 feedback schwarze@ ok dtucker@ 275 276 Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7 277 278commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7 279Author: jmc@openbsd.org <jmc@openbsd.org> 280Date: Sat Jul 16 06:57:55 2016 +0000 281 282 upstream commit 283 284 - add proxyjump to the options list - formatting fixes - 285 update usage() 286 287 ok djm 288 289 Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457 290 291commit af1f084857621f14bd9391aba8033d35886c2455 292Author: dtucker@openbsd.org <dtucker@openbsd.org> 293Date: Fri Jul 15 05:01:58 2016 +0000 294 295 upstream commit 296 297 Reduce the syslog level of some relatively common protocol 298 events from LOG_CRIT by replacing fatal() calls with logdie(). Part of 299 bz#2585, ok djm@ 300 301 Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5 302 303commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f 304Author: Damien Miller <djm@mindrot.org> 305Date: Fri Jul 15 19:14:48 2016 +1000 306 307 missing openssl/dh.h 308 309commit 4a984fd342effe5f0aad874a0d538c4322d973c0 310Author: Damien Miller <djm@mindrot.org> 311Date: Fri Jul 15 18:47:07 2016 +1000 312 313 cast to avoid type warning in error message 314 315commit 5abfb15ced985c340359ae7fb65a625ed3692b3e 316Author: Darren Tucker <dtucker@zip.com.au> 317Date: Fri Jul 15 14:48:30 2016 +1000 318 319 Move VA_COPY macro into compat header. 320 321 Some AIX compilers unconditionally undefine va_copy but don't set it back 322 to an internal function, causing link errors. In some compat code we 323 already use VA_COPY instead so move the two existing instances into the 324 shared header and use for sshbuf-getput-basic.c too. Should fix building 325 with at lease some versions of AIX's compiler. bz#2589, ok djm@ 326 327commit 832b7443b7a8e181c95898bc5d73497b7190decd 328Author: Damien Miller <djm@mindrot.org> 329Date: Fri Jul 15 14:45:34 2016 +1000 330 331 disable ciphers not supported by OpenSSL 332 333 bz#2466 ok dtucker@ 334 335commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8 336Author: Damien Miller <djm@mindrot.org> 337Date: Fri Jul 15 13:54:31 2016 +1000 338 339 add a --disable-pkcs11 knob 340 341commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9 342Author: Damien Miller <djm@mindrot.org> 343Date: Fri Jul 15 13:44:38 2016 +1000 344 345 fix newline escaping for unsupported_algorithms 346 347 The hmac-ripemd160 was incorrect and could lead to broken 348 Makefiles on systems that lacked support for it, but I made 349 all the others consistent too. 350 351commit ed877ef653847d056bb433975d731b7a1132a979 352Author: djm@openbsd.org <djm@openbsd.org> 353Date: Fri Jul 15 00:24:30 2016 +0000 354 355 upstream commit 356 357 Add a ProxyJump ssh_config(5) option and corresponding -J 358 ssh(1) command-line flag to allow simplified indirection through a SSH 359 bastion or "jump host". 360 361 These options construct a proxy command that connects to the 362 specified jump host(s) (more than one may be specified) and uses 363 port-forwarding to establish a connection to the next destination. 364 365 This codifies the safest way of indirecting connections through SSH 366 servers and makes it easy to use. 367 368 ok markus@ 369 370 Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397 371 372commit 5c02dd126206a26785379e80f2d3848e4470b711 373Author: Darren Tucker <dtucker@zip.com.au> 374Date: Fri Jul 15 12:56:39 2016 +1000 375 376 Map umac_ctx struct name too. 377 378 Prevents size mismatch linker warnings on Solaris 11. 379 380commit 283b97ff33ea2c641161950849931bd578de6946 381Author: Darren Tucker <dtucker@zip.com.au> 382Date: Fri Jul 15 13:49:44 2016 +1000 383 384 Mitigate timing of disallowed users PAM logins. 385 386 When sshd decides to not allow a login (eg PermitRootLogin=no) and 387 it's using PAM, it sends a fake password to PAM so that the timing for 388 the failure is not noticeably different whether or not the password 389 is correct. This behaviour can be detected by sending a very long 390 password string which is slower to hash than the fake password. 391 392 Mitigate by constructing an invalid password that is the same length 393 as the one from the client and thus takes the same time to hash. 394 Diff from djm@ 395 396commit 9286875a73b2de7736b5e50692739d314cd8d9dc 397Author: Darren Tucker <dtucker@zip.com.au> 398Date: Fri Jul 15 13:32:45 2016 +1000 399 400 Determine appropriate salt for invalid users. 401 402 When sshd is processing a non-PAM login for a non-existent user it uses 403 the string from the fakepw structure as the salt for crypt(3)ing the 404 password supplied by the client. That string has a Blowfish prefix, so on 405 systems that don't understand that crypt will fail fast due to an invalid 406 salt, and even on those that do it may have significantly different timing 407 from the hash methods used for real accounts (eg sha512). This allows 408 user enumeration by, eg, sending large password strings. This was noted 409 by EddieEzra.Harari at verint.com (CVE-2016-6210). 410 411 To mitigate, use the same hash algorithm that root uses for hashing 412 passwords for users that do not exist on the system. ok djm@ 413 414commit a162dd5e58ca5b224d7500abe35e1ef32b5de071 415Author: Darren Tucker <dtucker@zip.com.au> 416Date: Thu Jul 14 21:19:59 2016 +1000 417 418 OpenSSL 1.1.x not currently supported. 419 420commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb 421Author: Darren Tucker <dtucker@zip.com.au> 422Date: Thu Jul 14 12:25:24 2016 +1000 423 424 Check for VIS_ALL. 425 426 If we don't have it, set BROKEN_STRNVIS to activate the compat replacement. 427 428commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0 429Author: dtucker@openbsd.org <dtucker@openbsd.org> 430Date: Thu Jul 14 01:24:21 2016 +0000 431 432 upstream commit 433 434 Correct equal in test. 435 436 Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a 437 438commit 372807c2065c8572fdc6478b25cc5ac363743073 439Author: tb@openbsd.org <tb@openbsd.org> 440Date: Mon Jul 11 21:38:13 2016 +0000 441 442 upstream commit 443 444 Add missing "recvfd" pledge promise: Raf Czlonka reported 445 ssh coredumps when Control* keywords were set in ssh_config. This patch also 446 fixes similar problems with scp and sftp. 447 448 ok deraadt, looks good to millert 449 450 Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b 451 452commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd 453Author: tedu@openbsd.org <tedu@openbsd.org> 454Date: Mon Jul 11 03:19:44 2016 +0000 455 456 upstream commit 457 458 obsolete note about fascistloggin is obsolete. ok djm 459 dtucker 460 461 Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a 462 463commit a2333584170a565adf4f209586772ef8053b10b8 464Author: Darren Tucker <dtucker@zip.com.au> 465Date: Thu Jul 14 10:59:09 2016 +1000 466 467 Add compat code for missing wcwidth. 468 469 If we don't have wcwidth force fallback implementations of nl_langinfo 470 and mbtowc. Based on advice from Ingo Schwarze. 471 472commit 8aaec7050614494014c47510b7e94daf6e644c62 473Author: Damien Miller <djm@mindrot.org> 474Date: Thu Jul 14 09:48:48 2016 +1000 475 476 fix missing include for systems with err.h 477 478commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243 479Author: Darren Tucker <dtucker@zip.com.au> 480Date: Wed Jul 13 14:42:35 2016 +1000 481 482 Move err.h replacements into compat lib. 483 484 Move implementations of err.h replacement functions into their own file 485 in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@ 486 487commit f3f2cc8386868f51440c45210098f65f9787449a 488Author: Darren Tucker <dtucker@zip.com.au> 489Date: Mon Jul 11 17:23:38 2016 +1000 490 491 Check for wchar.h and langinfo.h 492 493 Wrap includes in the appropriate #ifdefs. 494 495commit b9c50614eba9d90939b2b119b6e1b7e03b462278 496Author: Damien Miller <djm@mindrot.org> 497Date: Fri Jul 8 13:59:13 2016 +1000 498 499 whitelist more architectures for seccomp-bpf 500 501 bz#2590 - testing and patch from Jakub Jelen 502 503commit 18813a32b6fd964037e0f5e1893cb4468ac6a758 504Author: guenther@openbsd.org <guenther@openbsd.org> 505Date: Mon Jul 4 18:01:44 2016 +0000 506 507 upstream commit 508 509 DEBUGLIBS has been broken since the gcc4 switch, so delete 510 it. CFLAGS contains -g by default anyway 511 512 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) 513 ok millert@ kettenis@ deraadt@ 514 515 Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542 516 517commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7 518Author: djm@openbsd.org <djm@openbsd.org> 519Date: Fri Jul 8 03:44:42 2016 +0000 520 521 upstream commit 522 523 Improve crypto ordering for Encrypt-then-MAC (EtM) mode 524 MAC algorithms. 525 526 Previously we were computing the MAC, decrypting the packet and then 527 checking the MAC. This gave rise to the possibility of creating a 528 side-channel oracle in the decryption step, though no such oracle has 529 been identified. 530 531 This adds a mac_check() function that computes and checks the MAC in 532 one pass, and uses it to advance MAC checking for EtM algorithms to 533 before payload decryption. 534 535 Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and 536 Martin Albrecht. feedback and ok markus@ 537 538 Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b 539 540commit 71f5598f06941f645a451948c4a5125c83828e1c 541Author: guenther@openbsd.org <guenther@openbsd.org> 542Date: Mon Jul 4 18:01:44 2016 +0000 543 544 upstream commit 545 546 DEBUGLIBS has been broken since the gcc4 switch, so 547 delete it. CFLAGS contains -g by default anyway 548 549 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) 550 ok millert@ kettenis@ deraadt@ 551 552 Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603 553 554commit e683fc6f1c8c7295648dbda679df8307786ec1ce 555Author: dtucker@openbsd.org <dtucker@openbsd.org> 556Date: Thu Jun 30 05:17:05 2016 +0000 557 558 upstream commit 559 560 Explicitly check for 100% completion to avoid potential 561 floating point rounding error, which could cause progressmeter to report 99% 562 on completion. While there invert the test so the 100% case is clearer. with 563 & ok djm@ 564 565 Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d 566 567commit 772e6cec0ed740fc7db618dc30b4134f5a358b43 568Author: jmc@openbsd.org <jmc@openbsd.org> 569Date: Wed Jun 29 17:14:28 2016 +0000 570 571 upstream commit 572 573 sort the -o list; 574 575 Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac 576 577commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af 578Author: djm@openbsd.org <djm@openbsd.org> 579Date: Thu Jun 23 05:17:51 2016 +0000 580 581 upstream commit 582 583 fix AuthenticationMethods during configuration re-parse; 584 reported by Juan Francisco Cantero Hurtado 585 586 Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4 587 588commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e 589Author: djm@openbsd.org <djm@openbsd.org> 590Date: Sun Jun 19 07:48:02 2016 +0000 591 592 upstream commit 593 594 revert 1.34; causes problems loading public keys 595 596 reported by semarie@ 597 598 Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179 599 600commit ad23a75509f4320d43f628c50f0817e3ad12bfa7 601Author: jmc@openbsd.org <jmc@openbsd.org> 602Date: Fri Jun 17 06:33:30 2016 +0000 603 604 upstream commit 605 606 grammar fix; 607 608 Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463 609 610commit 5e28b1a2a3757548b40018cc2493540a17c82e27 611Author: djm@openbsd.org <djm@openbsd.org> 612Date: Fri Jun 17 05:06:23 2016 +0000 613 614 upstream commit 615 616 translate OpenSSL error codes to something more 617 meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ 618 619 Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5 620 621commit b64faeb5eda7eff8210c754d00464f9fe9d23de5 622Author: djm@openbsd.org <djm@openbsd.org> 623Date: Fri Jun 17 05:03:40 2016 +0000 624 625 upstream commit 626 627 ban AuthenticationMethods="" and accept 628 AuthenticationMethods=any for the default behaviour of not requiring multiple 629 authentication 630 631 bz#2398 from Jakub Jelen; ok dtucker@ 632 633 Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27 634 635commit 9816fc5daee5ca924dd5c4781825afbaab728877 636Author: dtucker@openbsd.org <dtucker@openbsd.org> 637Date: Thu Jun 16 11:00:17 2016 +0000 638 639 upstream commit 640 641 Include stdarg.h for va_copy as per man page. 642 643 Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd 644 645commit b6cf84b51bc0f5889db48bf29a0c771954ade283 646Author: jmc@openbsd.org <jmc@openbsd.org> 647Date: Thu Jun 16 06:10:45 2016 +0000 648 649 upstream commit 650 651 keys stored in openssh format can have comments too; diff 652 from yonas yanfa, tweaked a bit; 653 654 ok djm 655 656 Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27 657 658commit aa37768f17d01974b6bfa481e5e83841b6c76f86 659Author: Darren Tucker <dtucker@zip.com.au> 660Date: Mon Jun 20 15:55:34 2016 +1000 661 662 get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX 663 664 Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip 665 change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX. 666 Fixes build on AIX. 667 668commit 009891afc8df37bc2101e15d1e0b6433cfb90549 669Author: Darren Tucker <dtucker@zip.com.au> 670Date: Fri Jun 17 14:34:09 2016 +1000 671 672 Remove duplicate code from PAM. ok djm@ 673 674commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba 675Author: dtucker@openbsd.org <dtucker@openbsd.org> 676Date: Wed Jun 15 00:40:40 2016 +0000 677 678 upstream commit 679 680 Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message 681 about forward and reverse DNS not matching. We haven't supported IP-based 682 auth methods for a very long time so it's now misleading. part of bz#2585, 683 ok markus@ 684 685 Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29 686 687commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd 688Author: Darren Tucker <dtucker@zip.com.au> 689Date: Wed Jun 15 11:22:38 2016 +1000 690 691 Move platform_disable_tracing into its own file. 692 693 Prevents link errors resolving the extern "options" when platform.o 694 gets linked into ssh-agent when building --with-pam. 695 696commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070 697Author: Darren Tucker <dtucker@zip.com.au> 698Date: Tue Jun 14 13:55:12 2016 +1000 699 700 Track skipped upstream commit IDs. 701 702 There are a small number of "upstream" commits that do not correspond to 703 a file in -portable. This file tracks those so that we can reconcile 704 OpenBSD and Portable to ensure that no commits are accidentally missed. 705 706 If you add something to .skipped-commit-ids please also add an upstream 707 ID line in the following format when you commit it. 708 709 Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 710 Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca 711 Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 712 Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 713 Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a 714 Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef 715 Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 716 Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 717 Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae 718 Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee 719 720commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f 721Author: Darren Tucker <dtucker@zip.com.au> 722Date: Tue Jun 14 13:51:01 2016 +1000 723 724 Remove now-defunct .cvsignore files. ok djm 725 726commit 68777faf271efb2713960605c748f6c8a4b26d55 727Author: dtucker@openbsd.org <dtucker@openbsd.org> 728Date: Wed Jun 8 02:13:01 2016 +0000 729 730 upstream commit 731 732 Back out rev 1.28 "Check min and max sizes sent by the 733 client" change. It caused "key_verify failed for server_host_key" in clients 734 that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. 735 ok djm@ 736 737 Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65 738 739commit a86ec4d0737ac5879223e7cd9d68c448df46e169 740Author: Darren Tucker <dtucker@zip.com.au> 741Date: Tue Jun 14 10:48:27 2016 +1000 742 743 Use Solaris setpflags(__PROC_PROTECT, ...). 744 745 Where possible, use Solaris setpflags to disable process tracing on 746 ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee 747 at oracle.com, ok djm. 748 749commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573 750Author: Darren Tucker <dtucker@zip.com.au> 751Date: Tue Jun 14 10:43:53 2016 +1000 752 753 Shorten prctl code a tiny bit. 754 755commit 0fb7f5985351fbbcd2613d8485482c538e5123be 756Author: Darren Tucker <dtucker@zip.com.au> 757Date: Thu Jun 9 16:23:07 2016 +1000 758 759 Move prctl PR_SET_DUMPABLE into platform.c. 760 761 This should make it easier to add additional platform support such as 762 Solaris (bz#2584). 763 764commit e6508898c3cd838324ecfe1abd0eb8cf802e7106 765Author: dtucker@openbsd.org <dtucker@openbsd.org> 766Date: Fri Jun 3 04:10:41 2016 +0000 767 768 upstream commit 769 770 Add a test for ssh(1)'s config file parsing. 771 772 Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601 773 774commit ab0a536066dfa32def0bd7272c096ebb5eb25b11 775Author: dtucker@openbsd.org <dtucker@openbsd.org> 776Date: Fri Jun 3 03:47:59 2016 +0000 777 778 upstream commit 779 780 Add 'sshd' to the test ID as I'm about to add a similar 781 set for ssh. 782 783 Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a 784 785commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb 786Author: schwarze@openbsd.org <schwarze@openbsd.org> 787Date: Mon May 30 12:14:08 2016 +0000 788 789 upstream commit 790 791 stricter malloc.conf(5) options for utf8 tests 792 793 Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6 794 795commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc 796Author: schwarze@openbsd.org <schwarze@openbsd.org> 797Date: Mon May 30 12:05:56 2016 +0000 798 799 upstream commit 800 801 Fix two rare edge cases: 1. If vasprintf() returns < 0, 802 do not access a NULL pointer in snmprintf(), and do not free() the pointer 803 returned from vasprintf() because on some systems other than OpenBSD, it 804 might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" 805 rather than -1 and NULL. 806 807 Besides, free(dst) is pointless after failure (not a bug). 808 809 One half OK martijn@, the other half OK deraadt@; 810 committing quickly before people get hurt. 811 812 Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4 813 814commit 016881eb33a7948028848c90f4c7ac42e3af0e87 815Author: schwarze@openbsd.org <schwarze@openbsd.org> 816Date: Thu May 26 19:14:25 2016 +0000 817 818 upstream commit 819 820 test the new utf8 module 821 822 Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3 823 824commit d4219028bdef448e089376f3afe81ef6079da264 825Author: dtucker@openbsd.org <dtucker@openbsd.org> 826Date: Tue May 3 15:30:46 2016 +0000 827 828 upstream commit 829 830 Set umask to prevent "Bad owner or permissions" errors. 831 832 Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417 833 834commit 07d5608bb237e9b3fe86a2aeaa429392230faebf 835Author: djm@openbsd.org <djm@openbsd.org> 836Date: Tue May 3 14:41:04 2016 +0000 837 838 upstream commit 839 840 support doas 841 842 Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38 843 844commit 01cabf10adc7676cba5f40536a34d3b246edb73f 845Author: djm@openbsd.org <djm@openbsd.org> 846Date: Tue May 3 13:48:33 2016 +0000 847 848 upstream commit 849 850 unit tests for sshbuf_dup_string() 851 852 Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d 853 854commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372 855Author: jmc@openbsd.org <jmc@openbsd.org> 856Date: Fri Jun 3 06:44:12 2016 +0000 857 858 upstream commit 859 860 tweak previous; 861 862 Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698 863 864commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4 865Author: dtucker@openbsd.org <dtucker@openbsd.org> 866Date: Fri Jun 3 04:09:38 2016 +0000 867 868 upstream commit 869 870 Allow ExitOnForwardFailure and ClearAllForwardings to be 871 overridden when using ssh -W (but still default to yes in that case). 872 bz#2577, ok djm@. 873 874 Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4 875 876commit 8543ff3f5020fe659839b15f05b8c522bde6cee5 877Author: dtucker@openbsd.org <dtucker@openbsd.org> 878Date: Fri Jun 3 03:14:41 2016 +0000 879 880 upstream commit 881 882 Move the host and port used by ssh -W into the Options 883 struct. This will make future changes a bit easier. ok djm@ 884 885 Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382 886 887commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368 888Author: dtucker@openbsd.org <dtucker@openbsd.org> 889Date: Wed Jun 1 04:19:49 2016 +0000 890 891 upstream commit 892 893 Check min and max sizes sent by the client against what 894 we support before passing them to the monitor. ok djm@ 895 896 Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece 897 898commit 564cd2a8926ccb1dca43a535073540935b5e0373 899Author: dtucker@openbsd.org <dtucker@openbsd.org> 900Date: Tue May 31 23:46:14 2016 +0000 901 902 upstream commit 903 904 Ensure that the client's proposed DH-GEX max value is at 905 least as big as the minimum the server will accept. ok djm@ 906 907 Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775 908 909commit df820722e40309c9b3f360ea4ed47a584ed74333 910Author: Darren Tucker <dtucker@zip.com.au> 911Date: Mon Jun 6 11:36:13 2016 +1000 912 913 Add compat bits to utf8.c. 914 915commit 05c6574652571becfe9d924226c967a3f4b3f879 916Author: Darren Tucker <dtucker@zip.com.au> 917Date: Mon Jun 6 11:33:43 2016 +1000 918 919 Fix utf->utf8 typo. 920 921commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce 922Author: schwarze@openbsd.org <schwarze@openbsd.org> 923Date: Mon May 30 18:34:41 2016 +0000 924 925 upstream commit 926 927 Backout rev. 1.43 for now. 928 929 The function update_progress_meter() calls refresh_progress_meter() 930 which calls snmprintf() which calls malloc(); but update_progress_meter() 931 acts as the SIGALRM signal handler. 932 933 "malloc(): error: recursive call" reported by sobrado@. 934 935 Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e 936 937commit cd9e1eabeb4137182200035ab6fa4522f8d24044 938Author: schwarze@openbsd.org <schwarze@openbsd.org> 939Date: Mon May 30 12:57:21 2016 +0000 940 941 upstream commit 942 943 Even when only writing an unescaped character, the dst 944 buffer may need to grow, or it would be overrun; issue found by tb@ with 945 malloc.conf(5) 'C'. 946 947 While here, reserve an additional byte for the terminating NUL 948 up front such that we don't have to realloc() later just for that. 949 950 OK tb@ 951 952 Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff 953 954commit ac284a355f8065eaef2a16f446f3c44cdd17371d 955Author: schwarze@openbsd.org <schwarze@openbsd.org> 956Date: Mon May 30 12:05:56 2016 +0000 957 958 upstream commit 959 960 Fix two rare edge cases: 1. If vasprintf() returns < 0, 961 do not access a NULL pointer in snmprintf(), and do not free() the pointer 962 returned from vasprintf() because on some systems other than OpenBSD, it 963 might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" 964 rather than -1 and NULL. 965 966 Besides, free(dst) is pointless after failure (not a bug). 967 968 One half OK martijn@, the other half OK deraadt@; 969 committing quickly before people get hurt. 970 971 Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0 972 973commit 0e059cdf5fd86297546c63fa8607c24059118832 974Author: schwarze@openbsd.org <schwarze@openbsd.org> 975Date: Wed May 25 23:48:45 2016 +0000 976 977 upstream commit 978 979 To prevent screwing up terminal settings when printing to 980 the terminal, for ASCII and UTF-8, escape bytes not forming characters and 981 bytes forming non-printable characters with vis(3) VIS_OCTAL. For other 982 character sets, abort printing of the current string in these cases. In 983 particular, * let scp(1) respect the local user's LC_CTYPE locale(1); * 984 sanitize data received from the remote host; * sanitize filenames, usernames, 985 and similar data even locally; * take character display widths into account 986 for the progressmeter. 987 988 This is believed to be sufficient to keep the local terminal safe 989 on OpenBSD, but bad things can still happen on other systems with 990 state-dependent locales because many places in the code print 991 unencoded ASCII characters into the output stream. 992 993 Using feedback from djm@ and martijn@, 994 various aspects discussed with many others. 995 996 deraadt@ says it should go in now, i probably already hesitated too long 997 998 Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0 999 1000commit 8c02e3639acefe1e447e293dbe23a0917abd3734 1001Author: dtucker@openbsd.org <dtucker@openbsd.org> 1002Date: Tue May 24 04:43:45 2016 +0000 1003 1004 upstream commit 1005 1006 KNF compression proposal and simplify the client side a 1007 little. ok djm@ 1008 1009 Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605 1010 1011commit 7ec4946fb686813eb5f8c57397e465f5485159f4 1012Author: dtucker@openbsd.org <dtucker@openbsd.org> 1013Date: Tue May 24 02:31:57 2016 +0000 1014 1015 upstream commit 1016 1017 Back out 'plug memleak'. 1018 1019 Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0 1020 1021commit 82f24c3ddc52053aeb7beb3332fa94c92014b0c5 1022Author: djm@openbsd.org <djm@openbsd.org> 1023Date: Mon May 23 23:30:50 2016 +0000 1024 1025 upstream commit 1026 1027 prefer agent-hosted keys to keys from PKCS#11; ok markus 1028 1029 Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4 1030 1031commit a0cb7778fbc9b43458f7072eb68dd858766384d1 1032Author: dtucker@openbsd.org <dtucker@openbsd.org> 1033Date: Mon May 23 00:17:27 2016 +0000 1034 1035 upstream commit 1036 1037 Plug mem leak in filter_proposal. ok djm@ 1038 1039 Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34 1040 1041commit ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743 1042Author: Darren Tucker <dtucker@zip.com.au> 1043Date: Fri Jun 3 16:03:44 2016 +1000 1044 1045 Update vis.h and vis.c from OpenBSD. 1046 1047 This will be needed for the upcoming utf8 changes. 1048 1049commit e1d93705f8f48f519433d6ca9fc3d0abe92a1b77 1050Author: Tim Rice <tim@multitalents.net> 1051Date: Tue May 31 11:13:22 2016 -0700 1052 1053 modified: configure.ac 1054 whitspace clean up. No code changes. 1055 1056commit 604a037d84e41e31f0aec9075df0b8740c130200 1057Author: Damien Miller <djm@mindrot.org> 1058Date: Tue May 31 16:45:28 2016 +1000 1059 1060 whitespace at EOL 1061 1062commit 18424200160ff5c923113e0a37ebe21ab7bcd17c 1063Author: Darren Tucker <dtucker@zip.com.au> 1064Date: Mon May 30 19:35:28 2016 +1000 1065 1066 Add missing ssh-host-config --name option 1067 1068 Patch from vinschen@redhat.com. 1069 1070commit 39c0cecaa188a37a2e134795caa68e03f3ced592 1071Author: Darren Tucker <dtucker@zip.com.au> 1072Date: Fri May 20 10:01:58 2016 +1000 1073 1074 Fix comment about sshpam_const and AIX. 1075 1076 From mschwager via github. 1077 1078commit f64062b1f74ad5ee20a8a49aab2732efd0f7ce30 1079Author: Damien Miller <djm@mindrot.org> 1080Date: Fri May 20 09:56:53 2016 +1000 1081 1082 Deny lstat syscalls in seccomp sandbox 1083 1084 Avoids sandbox violations for some krb/gssapi libraries. 1085 1086commit 531c135409b8d8810795b1f3692a4ebfd5c9cae0 1087Author: djm@openbsd.org <djm@openbsd.org> 1088Date: Thu May 19 07:45:32 2016 +0000 1089 1090 upstream commit 1091 1092 fix type of ed25519 values 1093 1094 Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0 1095 1096commit 75e21688f523799c9e0cc6601d76a9c5ca79f787 1097Author: markus@openbsd.org <markus@openbsd.org> 1098Date: Wed May 4 14:32:26 2016 +0000 1099 1100 upstream commit 1101 1102 add IdentityAgent; noticed & ok jmc@ 1103 1104 Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a 1105 1106commit 1a75d14daf4b60db903e6103cf50e74e0cd0a76b 1107Author: markus@openbsd.org <markus@openbsd.org> 1108Date: Wed May 4 14:29:58 2016 +0000 1109 1110 upstream commit 1111 1112 allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@ 1113 1114 Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac 1115 1116commit 0516454151ae722fc8256c3c56115c6baf24c5b0 1117Author: markus@openbsd.org <markus@openbsd.org> 1118Date: Wed May 4 14:22:33 2016 +0000 1119 1120 upstream commit 1121 1122 move SSH_MSG_NONE, so we don't have to include ssh1.h; 1123 ok deraadt@ 1124 1125 Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e 1126 1127commit 332ff3d770631e7513fea38cf0d3689f673f0e3f 1128Author: Damien Miller <djm@mindrot.org> 1129Date: Tue May 10 09:51:06 2016 +1000 1130 1131 initialise salen in binresvport_sa 1132 1133 avoids failures with UsePrivilegedPort=yes 1134 1135 patch from Juan Gallego 1136 1137commit c5c1d5d2f04ce00d2ddd6647e61b32f28be39804 1138Author: markus@openbsd.org <markus@openbsd.org> 1139Date: Wed May 4 14:04:40 2016 +0000 1140 1141 upstream commit 1142 1143 missing const in prototypes (ssh1) 1144 1145 Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05 1146 1147commit 9faae50e2e82ba42eb0cb2726bf6830fe7948f28 1148Author: dtucker@openbsd.org <dtucker@openbsd.org> 1149Date: Wed May 4 14:00:09 2016 +0000 1150 1151 upstream commit 1152 1153 Fix inverted logic for updating StreamLocalBindMask which 1154 would cause the server to set an invalid mask. ok djm@ 1155 1156 Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587 1157 1158commit b02ad1ce9105bfa7394ac7590c0729dd52e26a81 1159Author: markus@openbsd.org <markus@openbsd.org> 1160Date: Wed May 4 12:21:53 2016 +0000 1161 1162 upstream commit 1163 1164 IdentityAgent for specifying specific agent sockets; ok 1165 djm@ 1166 1167 Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1 1168 1169commit 910e59bba09ac309d78ce61e356da35292212935 1170Author: djm@openbsd.org <djm@openbsd.org> 1171Date: Wed May 4 12:16:39 2016 +0000 1172 1173 upstream commit 1174 1175 fix junk characters after quotes 1176 1177 Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578 1178 1179commit 9283884e647b8be50ccd2997537af0065672107d 1180Author: jmc@openbsd.org <jmc@openbsd.org> 1181Date: Tue May 3 18:38:12 2016 +0000 1182 1183 upstream commit 1184 1185 correct article; 1186 1187 Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168 1188 1189commit cfefbcea1057c2623e76c579174a4107a0b6e6cd 1190Author: djm@openbsd.org <djm@openbsd.org> 1191Date: Tue May 3 15:57:39 2016 +0000 1192 1193 upstream commit 1194 1195 fix overriding of StreamLocalBindMask and 1196 StreamLocalBindUnlink in Match blocks; found the hard way Rogan Dawes 1197 1198 Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2 1199 1200commit 771c2f51ffc0c9a2877b7892fada0c77bd1f6549 1201Author: djm@openbsd.org <djm@openbsd.org> 1202Date: Tue May 3 15:25:06 2016 +0000 1203 1204 upstream commit 1205 1206 don't forget to include StreamLocalBindUnlink in the 1207 config dump output 1208 1209 Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb 1210 1211commit cdcd941994dc430f50d0a4e6a712d32b66e6199e 1212Author: djm@openbsd.org <djm@openbsd.org> 1213Date: Tue May 3 14:54:08 2016 +0000 1214 1215 upstream commit 1216 1217 make nethack^wrandomart fingerprint flag more readily 1218 searchable pointed out by Matt Johnston 1219 1220 Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb 1221 1222commit 05855bf2ce7d5cd0a6db18bc0b4214ed5ef7516d 1223Author: djm@openbsd.org <djm@openbsd.org> 1224Date: Tue May 3 13:10:24 2016 +0000 1225 1226 upstream commit 1227 1228 clarify ordering of subkeys; pointed out by ietf-ssh AT 1229 stbuehler.de 1230 1231 Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463 1232 1233commit cca3b4395807bfb7aaeb83d2838f5c062ce30566 1234Author: dtucker@openbsd.org <dtucker@openbsd.org> 1235Date: Tue May 3 12:15:49 2016 +0000 1236 1237 upstream commit 1238 1239 Use a subshell for constructing key types to work around 1240 different sed behaviours for -portable. 1241 1242 Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d 1243 1244commit fa58208c6502dcce3e0daac0ca991ee657daf1f5 1245Author: djm@openbsd.org <djm@openbsd.org> 1246Date: Tue May 3 10:27:59 2016 +0000 1247 1248 upstream commit 1249 1250 correct some typos and remove a long-stale XXX note. 1251 1252 add specification for ed25519 certificates 1253 1254 mention no host certificate options/extensions are currently defined 1255 1256 pointed out by Simon Tatham 1257 1258 Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a 1259 1260commit b466f956c32cbaff4200bfcd5db6739fe4bc7d04 1261Author: djm@openbsd.org <djm@openbsd.org> 1262Date: Tue May 3 10:24:27 2016 +0000 1263 1264 upstream commit 1265 1266 add ed25519 keys that are supported but missing from this 1267 documents; from Peter Moody 1268 1269 Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b 1270 1271commit 7f3d76319a69dab2efe3a520a8fef5b97e923636 1272Author: dtucker@openbsd.org <dtucker@openbsd.org> 1273Date: Tue May 3 09:03:49 2016 +0000 1274 1275 upstream commit 1276 1277 Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch 1278 from Simon Tatham, ok markus@ 1279 1280 Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8 1281 1282commit 31bc01c05d9f51bee3ebe33dc57c4fafb059fb62 1283Author: djm@openbsd.org <djm@openbsd.org> 1284Date: Mon May 2 14:10:58 2016 +0000 1285 1286 upstream commit 1287 1288 unbreak config parsing on reexec from previous commit 1289 1290 Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab 1291 1292commit 67f1459efd2e85bf03d032539283fa8107218936 1293Author: djm@openbsd.org <djm@openbsd.org> 1294Date: Mon May 2 09:52:00 2016 +0000 1295 1296 upstream commit 1297 1298 unit and regress tests for SHA256/512; ok markus 1299 1300 Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6 1301 1302commit 0e8eeec8e75f6d0eaf33317376f773160018a9c7 1303Author: djm@openbsd.org <djm@openbsd.org> 1304Date: Mon May 2 10:26:04 2016 +0000 1305 1306 upstream commit 1307 1308 add support for additional fixed DH groups from 1309 draft-ietf-curdle-ssh-kex-sha2-03 1310 1311 diffie-hellman-group14-sha256 (2K group) 1312 diffie-hellman-group16-sha512 (4K group) 1313 diffie-hellman-group18-sha512 (8K group) 1314 1315 based on patch from Mark D. Baushke and Darren Tucker 1316 ok markus@ 1317 1318 Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f 1319 1320commit 57464e3934ba53ad8590ee3ccd840f693407fc1e 1321Author: djm@openbsd.org <djm@openbsd.org> 1322Date: Mon May 2 09:36:42 2016 +0000 1323 1324 upstream commit 1325 1326 support SHA256 and SHA512 RSA signatures in certificates; 1327 ok markus@ 1328 1329 Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a 1330 1331commit 1a31d02b2411c4718de58ce796dbb7b5e14db93e 1332Author: djm@openbsd.org <djm@openbsd.org> 1333Date: Mon May 2 08:49:03 2016 +0000 1334 1335 upstream commit 1336 1337 fix signed/unsigned errors reported by clang-3.7; add 1338 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with 1339 better safety checking; feedback and ok markus@ 1340 1341 Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820 1342 1343commit d2d6bf864e52af8491a60dd507f85b74361f5da3 1344Author: djm@openbsd.org <djm@openbsd.org> 1345Date: Fri Apr 29 08:07:53 2016 +0000 1346 1347 upstream commit 1348 1349 close ControlPersist background process stderr when not 1350 in debug mode or when logging to a file or syslog. bz#1988 ok dtucker 1351 1352 Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24 1353 1354commit 9ee692fa1146e887e008a2b9a3d3ea81770c9fc8 1355Author: djm@openbsd.org <djm@openbsd.org> 1356Date: Thu Apr 28 14:30:21 2016 +0000 1357 1358 upstream commit 1359 1360 fix comment 1361 1362 Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15 1363 1364commit ee1e0a16ff2ba41a4d203c7670b54644b6c57fa6 1365Author: jmc@openbsd.org <jmc@openbsd.org> 1366Date: Wed Apr 27 13:53:48 2016 +0000 1367 1368 upstream commit 1369 1370 cidr permitted for {allow,deny}users; from lars nooden ok djm 1371 1372 Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11 1373 1374commit b6e0140a5aa883c27b98415bd8aa9f65fc04ee22 1375Author: djm@openbsd.org <djm@openbsd.org> 1376Date: Thu Apr 21 06:08:02 2016 +0000 1377 1378 upstream commit 1379 1380 make argument == NULL tests more consistent 1381 1382 Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d 1383 1384commit 6aaabc2b610e44bae473457ad9556ffb43d90ee3 1385Author: jmc@openbsd.org <jmc@openbsd.org> 1386Date: Sun Apr 17 14:34:46 2016 +0000 1387 1388 upstream commit 1389 1390 tweak previous; 1391 1392 Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f 1393 1394commit 0f839e5969efa3bda615991be8a9d9311554c573 1395Author: djm@openbsd.org <djm@openbsd.org> 1396Date: Fri Apr 15 02:57:10 2016 +0000 1397 1398 upstream commit 1399 1400 missing bit of Include regress 1401 1402 Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f 1403 1404commit 12e4ac46aed681da55c2bba3cd11dfcab23591be 1405Author: djm@openbsd.org <djm@openbsd.org> 1406Date: Fri Apr 15 02:55:53 2016 +0000 1407 1408 upstream commit 1409 1410 remove redundant CLEANFILES section 1411 1412 Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587 1413 1414commit b1d05aa653ae560c44baf8e8a9756e33f98ea75c 1415Author: djm@openbsd.org <djm@openbsd.org> 1416Date: Fri Apr 15 00:48:01 2016 +0000 1417 1418 upstream commit 1419 1420 sync CLEANFILES with portable, sort 1421 1422 Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed 1423 1424commit 35f22dad263cce5c61d933ae439998cb965b8748 1425Author: djm@openbsd.org <djm@openbsd.org> 1426Date: Fri Apr 15 00:31:10 2016 +0000 1427 1428 upstream commit 1429 1430 regression test for ssh_config Include directive 1431 1432 Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e 1433 1434commit 6b8a1a87005818d4700ce8b42faef746e82c1f51 1435Author: djm@openbsd.org <djm@openbsd.org> 1436Date: Thu Apr 14 23:57:17 2016 +0000 1437 1438 upstream commit 1439 1440 unbreak test for recent ssh de-duplicated forwarding 1441 change 1442 1443 Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3 1444 1445commit 076787702418985a2cc6808212dc28ce7afc01f0 1446Author: djm@openbsd.org <djm@openbsd.org> 1447Date: Thu Apr 14 23:21:42 2016 +0000 1448 1449 upstream commit 1450 1451 add test knob and warning for StrictModes 1452 1453 Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682 1454 1455commit dc7990be865450574c7940c9880567f5d2555b37 1456Author: djm@openbsd.org <djm@openbsd.org> 1457Date: Fri Apr 15 00:30:19 2016 +0000 1458 1459 upstream commit 1460 1461 Include directive for ssh_config(5); feedback & ok markus@ 1462 1463 Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff 1464 1465commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755 1466Author: Damien Miller <djm@mindrot.org> 1467Date: Wed Apr 13 10:39:57 2016 +1000 1468 1469 ignore PAM environment vars when UseLogin=yes 1470 1471 If PAM is configured to read user-specified environment variables 1472 and UseLogin=yes in sshd_config, then a hostile local user may 1473 attack /bin/login via LD_PRELOAD or similar environment variables 1474 set via PAM. 1475 1476 CVE-2015-8325, found by Shayan Sadigh, via Colin Watson 1477 1478commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9 1479Author: djm@openbsd.org <djm@openbsd.org> 1480Date: Sat Apr 9 12:39:30 2016 +0000 1481 1482 upstream commit 1483 1484 make private key loading functions consistently handle NULL 1485 key pointer arguments; ok markus@ 1486 1487 Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761 1488 1489commit 5f41f030e2feb5295657285aa8c6602c7810bc4b 1490Author: Darren Tucker <dtucker@zip.com.au> 1491Date: Fri Apr 8 21:14:13 2016 +1000 1492 1493 Remove NO_IPPORT_RESERVED_CONCEPT 1494 1495 Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have 1496 the same effect without causing problems syncing patches with OpenBSD. 1497 Resync the two affected functions with OpenBSD. ok djm, sanity checked 1498 by Corinna. 1499 1500commit 34a01b2cf737d946ddb140618e28c3048ab7a229 1501Author: djm@openbsd.org <djm@openbsd.org> 1502Date: Fri Apr 8 08:19:17 2016 +0000 1503 1504 upstream commit 1505 1506 whitespace at EOL 1507 1508 Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6 1509 1510commit 90ee563fa6b54c59896c6c332c5188f866c5e75f 1511Author: djm@openbsd.org <djm@openbsd.org> 1512Date: Fri Apr 8 06:35:54 2016 +0000 1513 1514 upstream commit 1515 1516 We accidentally send an empty string and a zero uint32 with 1517 every direct-streamlocal@openssh.com channel open, in contravention of our 1518 own spec. 1519 1520 Fixing this is too hard wrt existing versions that expect these 1521 fields to be present and fatal() if they aren't, so document them 1522 as "reserved" fields in the PROTOCOL spec as though we always 1523 intended this and let us never speak of it again. 1524 1525 bz#2529, reported by Ron Frederick 1526 1527 Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7 1528 1529commit 0ccbd5eca0f0dd78e71a4b69c66f03a66908d558 1530Author: djm@openbsd.org <djm@openbsd.org> 1531Date: Wed Apr 6 06:42:17 2016 +0000 1532 1533 upstream commit 1534 1535 don't record duplicate LocalForward and RemoteForward 1536 entries; fixes failure with ExitOnForwardFailure+hostname canonicalisation 1537 where the same forwards are added on the second pass through the 1538 configuration file. bz#2562; ok dtucker@ 1539 1540 Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1 1541 1542commit 574def0eb493cd6efeffd4ff2e9257abcffee0c8 1543Author: krw@openbsd.org <krw@openbsd.org> 1544Date: Sat Apr 2 14:37:42 2016 +0000 1545 1546 upstream commit 1547 1548 Another use for fcntl() and thus of the superfluous 3rd 1549 parameter is when sanitising standard fd's before calling daemon(). 1550 1551 Use a tweaked version of the ssh(1) function in all three places 1552 found using fcntl() this way. 1553 1554 ok jca@ beck@ 1555 1556 Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218 1557 1558commit b3413534aa9d71a941005df2760d1eec2c2b0854 1559Author: Darren Tucker <dtucker@zip.com.au> 1560Date: Mon Apr 4 11:09:21 2016 +1000 1561 1562 Tidy up openssl header test. 1563 1564commit 815bcac0b94bb448de5acdd6ba925b8725240b4f 1565Author: Darren Tucker <dtucker@zip.com.au> 1566Date: Mon Apr 4 11:07:59 2016 +1000 1567 1568 Fix configure-time warnings for openssl test. 1569 1570commit 95687f5831ae680f7959446d8ae4b52452ee05dd 1571Author: djm@openbsd.org <djm@openbsd.org> 1572Date: Fri Apr 1 02:34:10 2016 +0000 1573 1574 upstream commit 1575 1576 whitespace at EOL 1577 1578 Upstream-ID: 40ae2203d07cb14e0a89e1a0d4c6120ee8fd8c3a 1579 1580commit fdfbf4580de09d84a974211715e14f88a5704b8e 1581Author: dtucker@openbsd.org <dtucker@openbsd.org> 1582Date: Thu Mar 31 05:24:06 2016 +0000 1583 1584 upstream commit 1585 1586 Remove fallback from moduli to "primes" file that was 1587 deprecated in 2001 and fix log messages referring to primes file. Based on 1588 patch from xnox at ubuntu.com via bz#2559. "kill it" deraadt@ 1589 1590 Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713 1591 1592commit 0235a5fa67fcac51adb564cba69011a535f86f6b 1593Author: djm@openbsd.org <djm@openbsd.org> 1594Date: Thu Mar 17 17:19:43 2016 +0000 1595 1596 upstream commit 1597 1598 UseDNS affects ssh hostname processing in authorized_keys, 1599 not known_hosts; bz#2554 reported by jjelen AT redhat.com 1600 1601 Upstream-ID: c1c1bb895dde46095fc6d81d8653703928437591 1602 1603commit 8c4739338f5e379d05b19d6e544540114965f07e 1604Author: Darren Tucker <dtucker@zip.com.au> 1605Date: Tue Mar 15 09:24:43 2016 +1100 1606 1607 Don't call Solaris setproject() with UsePAM=yes. 1608 1609 When Solaris Projects are enabled along with PAM setting the project 1610 is PAM's responsiblity. bz#2425, based on patch from 1611 brent.paulson at gmail.com. 1612 1613commit cff26f373c58457a32cb263e212cfff53fca987b 1614Author: Damien Miller <djm@mindrot.org> 1615Date: Tue Mar 15 04:30:21 2016 +1100 1616 1617 remove slogin from *.spec 1618 1619commit c38905ba391434834da86abfc988a2b8b9b62477 1620Author: djm@openbsd.org <djm@openbsd.org> 1621Date: Mon Mar 14 16:20:54 2016 +0000 1622 1623 upstream commit 1624 1625 unbreak authentication using lone certificate keys in 1626 ssh-agent: when attempting pubkey auth with a certificate, if no separate 1627 private key is found among the keys then try with the certificate key itself. 1628 1629 bz#2550 reported by Peter Moody 1630 1631 Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966 1632 1633commit 4b4bfb01cd40b9ddb948e6026ddd287cc303d871 1634Author: djm@openbsd.org <djm@openbsd.org> 1635Date: Thu Mar 10 11:47:57 2016 +0000 1636 1637 upstream commit 1638 1639 sanitise characters destined for xauth reported by 1640 github.com/tintinweb feedback and ok deraadt and markus 1641 1642 Upstream-ID: 18ad8d0d74cbd2ea3306a16595a306ee356aa261 1643 1644commit 732b463d37221722b1206f43aa59563766a6a968 1645Author: Darren Tucker <dtucker@zip.com.au> 1646Date: Mon Mar 14 16:04:23 2016 +1100 1647 1648 Pass supported malloc options to connect-privsep. 1649 1650 This allows us to activate only the supported options during the malloc 1651 option portion of the connect-privsep test. 1652 1653commit d29c5b9b3e9f27394ca97a364ed4bb4a55a59744 1654Author: Darren Tucker <dtucker@zip.com.au> 1655Date: Mon Mar 14 09:30:58 2016 +1100 1656 1657 Remove leftover roaming.h file. 1658 1659 Pointed out by des at des.no. 1660 1661commit 8ff20ec95f4377021ed5e9b2331320f5c5a34cea 1662Author: Darren Tucker <dtucker@zip.com.au> 1663Date: Mon Mar 14 09:24:03 2016 +1100 1664 1665 Quote variables that may contain whitespace. 1666 1667 The variable $L_TMP_ID_FILE needs to be surrounded by quotes in order to 1668 survive paths containing whitespace. bz#2551, from Corinna Vinschen via 1669 Philip Hands. 1670 1671commit 627824480c01f0b24541842c7206ab9009644d02 1672Author: Darren Tucker <dtucker@zip.com.au> 1673Date: Fri Mar 11 14:47:41 2016 +1100 1674 1675 Include priv.h for priv_set_t. 1676 1677 From alex at cooperi.net. 1678 1679commit e960051f9a264f682c4d2fefbeecffcfc66b0ddf 1680Author: Darren Tucker <dtucker@zip.com.au> 1681Date: Wed Mar 9 13:14:18 2016 +1100 1682 1683 Wrap stdint.h inside #ifdef HAVE_STDINT_H. 1684 1685commit 2c48bd344d2c4b5e08dae9aea5ff44fc19a5e363 1686Author: Darren Tucker <dtucker@zip.com.au> 1687Date: Wed Mar 9 12:46:50 2016 +1100 1688 1689 Add compat to monotime_double(). 1690 1691 Apply all of the portability changes in monotime() to monotime() double. 1692 Fixes build on at least older FreeBSD systems. 1693 1694commit 7b40ef6c2eef40c339f6ea8920cb8a44838e10c9 1695Author: Damien Miller <djm@mindrot.org> 1696Date: Tue Mar 8 14:12:58 2016 -0800 1697 1698 make a regress-binaries target 1699 1700 Easier to build all the regression/unit test binaries in one pass 1701 than going through all of ${REGRESS_BINARIES} 1702 1703commit c425494d6b6181beb54a1b3763ef9e944fd3c214 1704Author: Damien Miller <djm@mindrot.org> 1705Date: Tue Mar 8 14:03:54 2016 -0800 1706 1707 unbreak kexfuzz for -Werror without __bounded__ 1708 1709commit 3ed9218c336607846563daea5d5ab4f701f4e042 1710Author: Damien Miller <djm@mindrot.org> 1711Date: Tue Mar 8 14:01:29 2016 -0800 1712 1713 unbreak PAM after canohost refactor 1714 1715commit 885fb2a44ff694f01e4f6470f803629e11f62961 1716Author: Darren Tucker <dtucker@zip.com.au> 1717Date: Tue Mar 8 11:58:43 2016 +1100 1718 1719 auth_get_canonical_hostname in portable code. 1720 1721 "refactor canohost.c" replaced get_canonical_hostname, this makes the 1722 same change to some portable-specific code. 1723 1724commit 95767262caa6692eff1e1565be1f5cb297949a89 1725Author: djm@openbsd.org <djm@openbsd.org> 1726Date: Mon Mar 7 19:02:43 2016 +0000 1727 1728 upstream commit 1729 1730 refactor canohost.c: move functions that cache results closer 1731 to the places that use them (authn and session code). After this, no state is 1732 cached in canohost.c 1733 1734 feedback and ok markus@ 1735 1736 Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e 1737 1738commit af0bb38ffd1f2c4f9f43b0029be2efe922815255 1739Author: Damien Miller <djm@mindrot.org> 1740Date: Fri Mar 4 15:11:55 2016 +1100 1741 1742 hook unittests/misc/kexfuzz into build 1743 1744commit 331b8e07ee5bcbdca12c11cc8f51a7e8de09b248 1745Author: dtucker@openbsd.org <dtucker@openbsd.org> 1746Date: Fri Mar 4 02:48:06 2016 +0000 1747 1748 upstream commit 1749 1750 Filter debug messages out of log before picking the last 1751 two lines. Should prevent problems if any more debug output is added late in 1752 the connection. 1753 1754 Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363 1755 1756commit 0892edaa3ce623381d3a7635544cbc69b31cf9cb 1757Author: djm@openbsd.org <djm@openbsd.org> 1758Date: Fri Mar 4 02:30:36 2016 +0000 1759 1760 upstream commit 1761 1762 add KEX fuzzer harness; ok deraadt@ 1763 1764 Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1 1765 1766commit ae2562c47d41b68dbb00240fd6dd60bed205367a 1767Author: dtucker@openbsd.org <dtucker@openbsd.org> 1768Date: Thu Mar 3 00:46:53 2016 +0000 1769 1770 upstream commit 1771 1772 Look back 3 lines for possible error messages. Changes 1773 to the code mean that "Bad packet length" errors are 3 lines back instead of 1774 the previous two, which meant we didn't skip some offsets that we intended 1775 to. 1776 1777 Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684 1778 1779commit 988e429d903acfb298bfddfd75e7994327adfed0 1780Author: djm@openbsd.org <djm@openbsd.org> 1781Date: Fri Mar 4 03:35:44 2016 +0000 1782 1783 upstream commit 1784 1785 fix ClientAliveInterval when a time-based RekeyLimit is 1786 set; previously keepalive packets were not being sent. bz#2252 report and 1787 analysis by Christian Wittenhorst and Garrett Lee feedback and ok dtucker@ 1788 1789 Upstream-ID: d48f9deadd35fdacdd5106b41bb07630ddd4aa81 1790 1791commit 8ef04d7a94bcdb8b0085fdd2a79a844b7d40792d 1792Author: dtucker@openbsd.org <dtucker@openbsd.org> 1793Date: Wed Mar 2 22:43:52 2016 +0000 1794 1795 upstream commit 1796 1797 Improve accuracy of reported transfer speeds by waiting 1798 for the ack from the other end. Pointed out by mmcc@, ok deraadt@ markus@ 1799 1800 Upstream-ID: 99f1cf15c9a8f161086b814d414d862795ae153d 1801 1802commit b8d4eafe29684fe4f5bb587f7eab948e6ed62723 1803Author: dtucker@openbsd.org <dtucker@openbsd.org> 1804Date: Wed Mar 2 22:42:40 2016 +0000 1805 1806 upstream commit 1807 1808 Improve precision of progressmeter for sftp and scp by 1809 storing sub-second timestamps. Pointed out by mmcc@, ok deraadt@ markus@ 1810 1811 Upstream-ID: 38fd83a3d83dbf81c8ff7b5d1302382fe54970ab 1812 1813commit 18f64b969c70ed00e74b9d8e50359dbe698ce4c0 1814Author: jca@openbsd.org <jca@openbsd.org> 1815Date: Mon Feb 29 20:22:36 2016 +0000 1816 1817 upstream commit 1818 1819 Print ssize_t with %zd; ok deraadt@ mmcc@ 1820 1821 Upstream-ID: 0590313bbb013ff6692298c98f7e0be349d124bd 1822 1823commit 6e7f68ce38130c794ec1fb8d2a6091fbe982628d 1824Author: djm@openbsd.org <djm@openbsd.org> 1825Date: Sun Feb 28 22:27:00 2016 +0000 1826 1827 upstream commit 1828 1829 rearrange DH public value tests to be a little more clear 1830 1831 rearrange DH private value generation to explain rationale more 1832 clearly and include an extra sanity check. 1833 1834 ok deraadt 1835 1836 Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad 1837 1838commit 2ed17aa34008bdfc8db674315adc425a0712be11 1839Author: Darren Tucker <dtucker@zip.com.au> 1840Date: Tue Mar 1 15:24:20 2016 +1100 1841 1842 Import updated moduli file from OpenBSD. 1843 1844 Note that 1.5k bit groups have been removed. 1845 1846commit 72b061d4ba0f909501c595d709ea76e06b01e5c9 1847Author: Darren Tucker <dtucker@zip.com.au> 1848Date: Fri Feb 26 14:40:04 2016 +1100 1849 1850 Add a note about using xlc on AIX. 1851 1852commit fd4e4f2416baa2e6565ea49d52aade296bad3e28 1853Author: Darren Tucker <dtucker@zip.com.au> 1854Date: Wed Feb 24 10:44:25 2016 +1100 1855 1856 Skip PrintLastLog in config dump mode. 1857 1858 When DISABLE_LASTLOG is set, do not try to include PrintLastLog in the 1859 config dump since it'll be reported as UNKNOWN. 1860 1861commit 99135c764fa250801da5ec3b8d06cbd0111caae8 1862Author: Damien Miller <djm@mindrot.org> 1863Date: Tue Feb 23 20:17:23 2016 +1100 1864 1865 update spec/README versions ahead of release 1866 1867commit b86a334aaaa4d1e643eb1fd71f718573d6d948b5 1868Author: Damien Miller <djm@mindrot.org> 1869Date: Tue Feb 23 20:16:53 2016 +1100 1870 1871 put back portable patchlevel to p1 1872 1873commit 555dd35ff176847e3c6bd068ba2e8db4022eb24f 1874Author: djm@openbsd.org <djm@openbsd.org> 1875Date: Tue Feb 23 09:14:34 2016 +0000 1876 1877 upstream commit 1878 1879 openssh-7.2 1880 1881 Upstream-ID: 9db776b26014147fc907ece8460ef2bcb0f11e78 1882 1883commit 1acc058d0a7913838c830ed998a1a1fb5b7864bf 1884Author: Damien Miller <djm@mindrot.org> 1885Date: Tue Feb 23 16:12:13 2016 +1100 1886 1887 Disable tests where fs perms are incorrect 1888 1889 Some tests have strict requirements on the filesystem permissions 1890 for certain files and directories. This adds a regress/check-perm 1891 tool that copies the relevant logic from sshd to exactly test 1892 the paths in question. This lets us skip tests when the local 1893 filesystem doesn't conform to our expectations rather than 1894 continuing and failing the test run. 1895 1896 ok dtucker@ 1897 1898commit 39f303b1f36d934d8410b05625f25c7bcb75db4d 1899Author: Damien Miller <djm@mindrot.org> 1900Date: Tue Feb 23 12:56:59 2016 +1100 1901 1902 fix sandbox on OSX Lion 1903 1904 sshd was failing with: 1905 1906 ssh_sandbox_child: sandbox_init: dlopen(/usr/lib/libsandbox.1.dylib, 261):cw 1907 image not found [preauth] 1908 1909 caused by chroot before sandboxing. Avoid by explicitly linking libsandbox 1910 to sshd. Spotted by Darren. 1911 1912commit 0d1451a32c7436e6d3d482351e776bc5e7824ce4 1913Author: djm@openbsd.org <djm@openbsd.org> 1914Date: Tue Feb 23 01:34:14 2016 +0000 1915 1916 upstream commit 1917 1918 fix spurious error message when incorrect passphrase 1919 entered for keys; reported by espie@ ok deraadt@ 1920 1921 Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899 1922 1923commit 09d87d79741beb85768b5e788d7dfdf4bc3543dc 1924Author: sobrado@openbsd.org <sobrado@openbsd.org> 1925Date: Sat Feb 20 23:06:23 2016 +0000 1926 1927 upstream commit 1928 1929 set ssh(1) protocol version to 2 only. 1930 1931 ok djm@ 1932 1933 Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10 1934 1935commit 9262e07826ba5eebf8423f7ac9e47ec488c47869 1936Author: sobrado@openbsd.org <sobrado@openbsd.org> 1937Date: Sat Feb 20 23:02:39 2016 +0000 1938 1939 upstream commit 1940 1941 add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to 1942 IdentityFile. 1943 1944 ok djm@ 1945 1946 Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf 1947 1948commit c12f0fdce8f985fca8d71829fd64c5b89dc777f5 1949Author: sobrado@openbsd.org <sobrado@openbsd.org> 1950Date: Sat Feb 20 23:01:46 2016 +0000 1951 1952 upstream commit 1953 1954 AddressFamily defaults to any. 1955 1956 ok djm@ 1957 1958 Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c 1959 1960commit 907091acb188b1057d50c2158f74c3ecf1c2302b 1961Author: Darren Tucker <dtucker@zip.com.au> 1962Date: Fri Feb 19 09:05:39 2016 +1100 1963 1964 Make Solaris privs code build on older systems. 1965 1966 Not all systems with Solaris privs have priv_basicset so factor that 1967 out and provide backward compatibility code. Similarly, not all have 1968 PRIV_NET_ACCESS so wrap that in #ifdef. Based on code from 1969 alex at cooperi.net and djm@ with help from carson at taltos.org and 1970 wieland at purdue.edu. 1971 1972commit 292a8dee14e5e67dcd1b49ba5c7b9023e8420d59 1973Author: djm@openbsd.org <djm@openbsd.org> 1974Date: Wed Feb 17 22:20:14 2016 +0000 1975 1976 upstream commit 1977 1978 rekey refactor broke SSH1; spotted by Tom G. Christensen 1979 1980 Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243 1981 1982commit 3a13cb543df9919aec2fc6b75f3dd3802facaeca 1983Author: djm@openbsd.org <djm@openbsd.org> 1984Date: Wed Feb 17 08:57:34 2016 +0000 1985 1986 upstream commit 1987 1988 rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly 1989 in *KeyTypes options yet. Remove them from the lists of algorithms for now. 1990 committing on behalf of markus@ ok djm@ 1991 1992 Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7 1993 1994commit a685ae8d1c24fb7c712c55a4f3280ee76f5f1e4b 1995Author: jmc@openbsd.org <jmc@openbsd.org> 1996Date: Wed Feb 17 07:38:19 2016 +0000 1997 1998 upstream commit 1999 2000 since these pages now clearly tell folks to avoid v1, 2001 normalise the docs from a v2 perspective (i.e. stop pointing out which bits 2002 are v2 only); 2003 2004 ok/tweaks djm ok markus 2005 2006 Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129 2007 2008commit c5c3f3279a0e4044b8de71b70d3570d692d0f29d 2009Author: djm@openbsd.org <djm@openbsd.org> 2010Date: Wed Feb 17 05:29:04 2016 +0000 2011 2012 upstream commit 2013 2014 make sandboxed privilege separation the default, not just 2015 for new installs; "absolutely" deraadt@ 2016 2017 Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b 2018 2019commit eb3f7337a651aa01d5dec019025e6cdc124ed081 2020Author: jmc@openbsd.org <jmc@openbsd.org> 2021Date: Tue Feb 16 07:47:54 2016 +0000 2022 2023 upstream commit 2024 2025 no need to state that protocol 2 is the default twice; 2026 2027 Upstream-ID: b1e4c36b0c2e12e338e5b66e2978f2ac953b95eb 2028 2029commit e7901efa9b24e5b0c7e74f2c5520d47eead4d005 2030Author: djm@openbsd.org <djm@openbsd.org> 2031Date: Tue Feb 16 05:11:04 2016 +0000 2032 2033 upstream commit 2034 2035 Replace list of ciphers and MACs adjacent to -1/-2 flag 2036 descriptions in ssh(1) with a strong recommendation not to use protocol 1. 2037 Add a similar warning to the Protocol option descriptions in ssh_config(5) 2038 and sshd_config(5); 2039 2040 prompted by and ok mmcc@ 2041 2042 Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e 2043 2044commit 5a0fcb77287342e2fc2ba1cee79b6af108973dc2 2045Author: djm@openbsd.org <djm@openbsd.org> 2046Date: Tue Feb 16 03:37:48 2016 +0000 2047 2048 upstream commit 2049 2050 add a "Close session" log entry (at loglevel=verbose) to 2051 correspond to the existing "Starting session" one. Also include the session 2052 id number to make multiplexed sessions more apparent. 2053 2054 feedback and ok dtucker@ 2055 2056 Upstream-ID: e72d2ac080e02774376325136e532cb24c2e617c 2057 2058commit 624fd395b559820705171f460dd33d67743d13d6 2059Author: djm@openbsd.org <djm@openbsd.org> 2060Date: Wed Feb 17 02:24:17 2016 +0000 2061 2062 upstream commit 2063 2064 include bad $SSH_CONNECTION in failure output 2065 2066 Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529 2067 2068commit 60d860e54b4f199e5e89963b1c086981309753cb 2069Author: Darren Tucker <dtucker@zip.com.au> 2070Date: Wed Feb 17 13:37:09 2016 +1100 2071 2072 Rollback addition of va_start. 2073 2074 va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however 2075 it has the wrong number of args and it's not usable in non-variadic 2076 functions anyway so it breaks things (for example Solaris 2.6 as 2077 reported by Tom G. Christensen).i ok djm@ 2078 2079commit 2fee909c3cee2472a98b26eb82696297b81e0d38 2080Author: Darren Tucker <dtucker@zip.com.au> 2081Date: Wed Feb 17 09:48:15 2016 +1100 2082 2083 Look for gethostbyname in libresolv and libnsl. 2084 2085 Should fix build problem on Solaris 2.6 reported by Tom G. Christensen. 2086 2087commit 5ac712d81a84396aab441a272ec429af5b738302 2088Author: Damien Miller <djm@mindrot.org> 2089Date: Tue Feb 16 10:45:02 2016 +1100 2090 2091 make existing ssh_malloc_init only for __OpenBSD__ 2092 2093commit 24c9bded569d9f2449ded73f92fb6d12db7a9eec 2094Author: djm@openbsd.org <djm@openbsd.org> 2095Date: Mon Feb 15 23:32:37 2016 +0000 2096 2097 upstream commit 2098 2099 memleak of algorithm name in mm_answer_sign; reported by 2100 Jakub Jelen 2101 2102 Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08 2103 2104commit ffb1e7e896139a42ceb78676f637658f44612411 2105Author: dtucker@openbsd.org <dtucker@openbsd.org> 2106Date: Mon Feb 15 09:47:49 2016 +0000 2107 2108 upstream commit 2109 2110 Add a function to enable security-related malloc_options. 2111 With and ok deraadt@, something similar has been in the snaps for a while. 2112 2113 Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed 2114 2115commit ef39e8c0497ff0564990a4f9e8b7338b3ba3507c 2116Author: Damien Miller <djm@mindrot.org> 2117Date: Tue Feb 16 10:34:39 2016 +1100 2118 2119 sync ssh-copy-id with upstream 783ef08b0a75 2120 2121commit d2d772f55b19bb0e8d03c2fe1b9bb176d9779efd 2122Author: djm@openbsd.org <djm@openbsd.org> 2123Date: Fri Feb 12 00:20:30 2016 +0000 2124 2125 upstream commit 2126 2127 avoid fatal() for PKCS11 tokens that present empty key IDs 2128 bz#1773, ok markus@ 2129 2130 Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54 2131 2132commit e4c918a6c721410792b287c9fd21356a1bed5805 2133Author: djm@openbsd.org <djm@openbsd.org> 2134Date: Thu Feb 11 02:56:32 2016 +0000 2135 2136 upstream commit 2137 2138 sync crypto algorithm lists in ssh_config(5) and 2139 sshd_config(5) with current reality. bz#2527 2140 2141 Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6 2142 2143commit e30cabfa4ab456a30b3224f7f545f1bdfc4a2517 2144Author: djm@openbsd.org <djm@openbsd.org> 2145Date: Thu Feb 11 02:21:34 2016 +0000 2146 2147 upstream commit 2148 2149 fix regression in openssh-6.8 sftp client: existing 2150 destination directories would incorrectly terminate recursive uploads; 2151 bz#2528 2152 2153 Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18 2154 2155commit 714e367226ded4dc3897078be48b961637350b05 2156Author: djm@openbsd.org <djm@openbsd.org> 2157Date: Tue Feb 9 05:30:04 2016 +0000 2158 2159 upstream commit 2160 2161 turn off more old crypto in the client: hmac-md5, ripemd, 2162 truncated HMACs, RC4, blowfish. ok markus@ dtucker@ 2163 2164 Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e 2165 2166commit 5a622844ff7f78dcb75e223399f9ef0977e8d0a3 2167Author: djm@openbsd.org <djm@openbsd.org> 2168Date: Mon Feb 8 23:40:12 2016 +0000 2169 2170 upstream commit 2171 2172 don't attempt to percent_expand() already-canonicalised 2173 addresses, avoiding unnecessary failures when attempting to connect to scoped 2174 IPv6 addresses (that naturally contain '%' characters) 2175 2176 Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a 2177 2178commit 19bcf2ea2d17413f2d9730dd2a19575ff86b9b6a 2179Author: djm@openbsd.org <djm@openbsd.org> 2180Date: Mon Feb 8 10:57:07 2016 +0000 2181 2182 upstream commit 2183 2184 refactor activation of rekeying 2185 2186 This makes automatic rekeying internal to the packet code (previously 2187 the server and client loops needed to assist). In doing to it makes 2188 application of rekey limits more accurate by accounting for packets 2189 about to be sent as well as packets queued during rekeying events 2190 themselves. 2191 2192 Based on a patch from dtucker@ which was in turn based on a patch 2193 Aleksander Adamowski in bz#2521; ok markus@ 2194 2195 Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8 2196 2197commit 603ba41179e4b53951c7b90ee95b6ef3faa3f15d 2198Author: naddy@openbsd.org <naddy@openbsd.org> 2199Date: Fri Feb 5 13:28:19 2016 +0000 2200 2201 upstream commit 2202 2203 Only check errno if read() has returned an error. EOF is 2204 not an error. This fixes a problem where the mux master would sporadically 2205 fail to notice that the client had exited. ok mikeb@ djm@ 2206 2207 Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53 2208 2209commit 56d7dac790693ce420d225119283bc355cff9185 2210Author: jsg@openbsd.org <jsg@openbsd.org> 2211Date: Fri Feb 5 04:31:21 2016 +0000 2212 2213 upstream commit 2214 2215 avoid an uninitialised value when NumberOfPasswordPrompts 2216 is 0 ok markus@ djm@ 2217 2218 Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b 2219 2220commit deae7d52d59c5019c528f977360d87fdda15d20b 2221Author: djm@openbsd.org <djm@openbsd.org> 2222Date: Fri Feb 5 03:07:06 2016 +0000 2223 2224 upstream commit 2225 2226 mention internal DH-GEX fallback groups; bz#2302 2227 2228 Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e 2229 2230commit cac3b6665f884d46192c0dc98a64112e8b11a766 2231Author: djm@openbsd.org <djm@openbsd.org> 2232Date: Fri Feb 5 02:37:56 2016 +0000 2233 2234 upstream commit 2235 2236 better description for MaxSessions; bz#2531 2237 2238 Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da 2239 2240commit 5ef4b0fdcc7a239577a754829b50022b91ab4712 2241Author: Damien Miller <djm@mindrot.org> 2242Date: Wed Jan 27 17:45:56 2016 +1100 2243 2244 avoid FreeBSD RCS Id in comment 2245 2246 Change old $FreeBSD version string in comment so it doesn't 2247 become an RCS ident downstream; requested by des AT des.no 2248 2249commit 696d12683c90d20a0a9c5f4275fc916b7011fb04 2250Author: djm@openbsd.org <djm@openbsd.org> 2251Date: Thu Feb 4 23:43:48 2016 +0000 2252 2253 upstream commit 2254 2255 printf argument casts to avoid warnings on strict 2256 compilers 2257 2258 Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c 2259 2260commit 5658ef2501e785fbbdf5de2dc33b1ff7a4dca73a 2261Author: millert@openbsd.org <millert@openbsd.org> 2262Date: Mon Feb 1 21:18:17 2016 +0000 2263 2264 upstream commit 2265 2266 Avoid ugly "DISPLAY "(null)" invalid; disabling X11 2267 forwarding" message when DISPLAY is not set. This could also result in a 2268 crash on systems with a printf that doesn't handle NULL. OK djm@ 2269 2270 Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412 2271 2272commit 537f88ec7bcf40bd444ac5584c707c5588c55c43 2273Author: dtucker@openbsd.org <dtucker@openbsd.org> 2274Date: Fri Jan 29 05:18:15 2016 +0000 2275 2276 upstream commit 2277 2278 Add regression test for RekeyLimit parsing of >32bit values 2279 (4G and 8G). 2280 2281 Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328 2282 2283commit 4c6cb8330460f94e6c7ae28a364236d4188156a3 2284Author: dtucker@openbsd.org <dtucker@openbsd.org> 2285Date: Fri Jan 29 23:04:46 2016 +0000 2286 2287 upstream commit 2288 2289 Remove leftover roaming dead code. ok djm markus. 2290 2291 Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be 2292 2293commit 28136471809806d6246ef41e4341467a39fe2f91 2294Author: djm@openbsd.org <djm@openbsd.org> 2295Date: Fri Jan 29 05:46:01 2016 +0000 2296 2297 upstream commit 2298 2299 include packet type of non-data packets in debug3 output; 2300 ok markus dtucker 2301 2302 Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41 2303 2304commit 6fd6e28daccafaa35f02741036abe64534c361a1 2305Author: dtucker@openbsd.org <dtucker@openbsd.org> 2306Date: Fri Jan 29 03:31:03 2016 +0000 2307 2308 upstream commit 2309 2310 Revert "account for packets buffered but not yet 2311 processed" change as it breaks for very small RekeyLimit values due to 2312 continuous rekeying. ok djm@ 2313 2314 Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19 2315 2316commit 921ff00b0ac429666fb361d2d6cb1c8fff0006cb 2317Author: dtucker@openbsd.org <dtucker@openbsd.org> 2318Date: Fri Jan 29 02:54:45 2016 +0000 2319 2320 upstream commit 2321 2322 Allow RekeyLimits in excess of 4G up to 2**63 bits 2323 (limited by the return type of scan_scaled). Part of bz#2521, ok djm. 2324 2325 Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979 2326 2327commit c0060a65296f01d4634f274eee184c0e93ba0f23 2328Author: dtucker@openbsd.org <dtucker@openbsd.org> 2329Date: Fri Jan 29 02:42:46 2016 +0000 2330 2331 upstream commit 2332 2333 Account for packets buffered but not yet processed when 2334 computing whether or not it is time to perform rekeying. bz#2521, based 2335 loosely on a patch from olo at fb.com, ok djm@ 2336 2337 Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c 2338 2339commit 44cf930e670488c85c9efeb373fa5f4b455692ac 2340Author: djm@openbsd.org <djm@openbsd.org> 2341Date: Wed Jan 27 06:44:58 2016 +0000 2342 2343 upstream commit 2344 2345 change old $FreeBSD version string in comment so it doesn't 2346 become an RCS ident downstream; requested by des AT des.no 2347 2348 Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722 2349 2350commit ebacd377769ac07d1bf3c75169644336056b7060 2351Author: djm@openbsd.org <djm@openbsd.org> 2352Date: Wed Jan 27 00:53:12 2016 +0000 2353 2354 upstream commit 2355 2356 make the debug messages a bit more useful here 2357 2358 Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64 2359 2360commit 458abc2934e82034c5c281336d8dc0f910aecad3 2361Author: jsg@openbsd.org <jsg@openbsd.org> 2362Date: Sat Jan 23 05:31:35 2016 +0000 2363 2364 upstream commit 2365 2366 Zero a stack buffer with explicit_bzero() instead of 2367 memset() when returning from client_loop() for consistency with 2368 buffer_free()/sshbuf_free(). 2369 2370 ok dtucker@ deraadt@ djm@ 2371 2372 Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66 2373 2374commit 65a3c0dacbc7dbb75ddb6a70ebe22d8de084d0b0 2375Author: dtucker@openbsd.org <dtucker@openbsd.org> 2376Date: Wed Jan 20 09:22:39 2016 +0000 2377 2378 upstream commit 2379 2380 Include sys/time.h for gettimeofday. From sortie at 2381 maxsi.org. 2382 2383 Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b 2384 2385commit fc77ccdc2ce6d5d06628b8da5048a6a5f6ffca5a 2386Author: markus@openbsd.org <markus@openbsd.org> 2387Date: Thu Jan 14 22:56:56 2016 +0000 2388 2389 upstream commit 2390 2391 fd leaks; report Qualys Security Advisory team; ok 2392 deraadt@ 2393 2394 Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d 2395 2396commit a306863831c57ec5fad918687cc5d289ee8e2635 2397Author: markus@openbsd.org <markus@openbsd.org> 2398Date: Thu Jan 14 16:17:39 2016 +0000 2399 2400 upstream commit 2401 2402 remove roaming support; ok djm@ 2403 2404 Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56 2405 2406commit 6ef49e83e30688504552ac10875feabd5521565f 2407Author: deraadt@openbsd.org <deraadt@openbsd.org> 2408Date: Thu Jan 14 14:34:34 2016 +0000 2409 2410 upstream commit 2411 2412 Disable experimental client-side roaming support. Server 2413 side was disabled/gutted for years already, but this aspect was surprisingly 2414 forgotten. Thanks for report from Qualys 2415 2416 Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df 2417 2418commit 8d7b523b96d3be180572d9d338cedaafc0570f60 2419Author: Damien Miller <djm@mindrot.org> 2420Date: Thu Jan 14 11:08:19 2016 +1100 2421 2422 bump version numbers 2423 2424commit 8c3d512a1fac8b9c83b4d0c9c3f2376290bd84ca 2425Author: Damien Miller <djm@mindrot.org> 2426Date: Thu Jan 14 11:04:04 2016 +1100 2427 2428 openssh-7.1p2 2429 2430commit e6c85f8889c5c9eb04796fdb76d2807636b9eef5 2431Author: Damien Miller <djm@mindrot.org> 2432Date: Fri Jan 15 01:30:36 2016 +1100 2433 2434 forcibly disable roaming support in the client 2435 2436commit ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c 2437Author: djm@openbsd.org <djm@openbsd.org> 2438Date: Wed Jan 13 23:04:47 2016 +0000 2439 2440 upstream commit 2441 2442 eliminate fallback from untrusted X11 forwarding to trusted 2443 forwarding when the X server disables the SECURITY extension; Reported by 2444 Thomas Hoger; ok deraadt@ 2445 2446 Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938 2447 2448commit 9a728cc918fad67c8a9a71201088b1e150340ba4 2449Author: djm@openbsd.org <djm@openbsd.org> 2450Date: Tue Jan 12 23:42:54 2016 +0000 2451 2452 upstream commit 2453 2454 use explicit_bzero() more liberally in the buffer code; ok 2455 deraadt 2456 2457 Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf 2458 2459commit 4626cbaf78767fc8e9c86dd04785386c59ae0839 2460Author: Damien Miller <djm@mindrot.org> 2461Date: Fri Jan 8 14:24:56 2016 +1100 2462 2463 Support Illumos/Solaris fine-grained privileges 2464 2465 Includes a pre-auth privsep sandbox and several pledge() 2466 emulations. bz#2511, patch by Alex Wilson. 2467 2468 ok dtucker@ 2469 2470commit 422d1b3ee977ff4c724b597fb2e437d38fc8de9d 2471Author: djm@openbsd.org <djm@openbsd.org> 2472Date: Thu Dec 31 00:33:52 2015 +0000 2473 2474 upstream commit 2475 2476 fix three bugs in KRL code related to (unused) signature 2477 support: verification length was being incorrectly calculated, multiple 2478 signatures were being incorrectly processed and a NULL dereference that 2479 occurred when signatures were verified. Reported by Carl Jackson 2480 2481 Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b 2482 2483commit 6074c84bf95d00f29cc7d5d3cd3798737851aa1a 2484Author: djm@openbsd.org <djm@openbsd.org> 2485Date: Wed Dec 30 23:46:14 2015 +0000 2486 2487 upstream commit 2488 2489 unused prototype 2490 2491 Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97 2492 2493commit 6213f0e180e54122bb1ba928e11c784e2b4e5380 2494Author: guenther@openbsd.org <guenther@openbsd.org> 2495Date: Sat Dec 26 20:51:35 2015 +0000 2496 2497 upstream commit 2498 2499 Use pread/pwrite instead separate lseek+read/write for 2500 lastlog. Cast to off_t before multiplication to avoid truncation on ILP32 2501 2502 ok kettenis@ mmcc@ 2503 2504 Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf 2505 2506commit d7d2bc95045a43dd56ea696cc1d030ac9d77e81f 2507Author: semarie@openbsd.org <semarie@openbsd.org> 2508Date: Sat Dec 26 07:46:03 2015 +0000 2509 2510 upstream commit 2511 2512 adjust pledge promises for ControlMaster: when using 2513 "ask" or "autoask", the process will use ssh-askpass for asking confirmation. 2514 2515 problem found by halex@ 2516 2517 ok halex@ 2518 2519 Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80 2520 2521commit 271df8185d9689b3fb0523f58514481b858f6843 2522Author: djm@openbsd.org <djm@openbsd.org> 2523Date: Sun Dec 13 22:42:23 2015 +0000 2524 2525 upstream commit 2526 2527 unbreak connections with peers that set 2528 first_kex_follows; fix from Matt Johnston va bz#2515 2529 2530 Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b 2531 2532commit 43849a47c5f8687699eafbcb5604f6b9c395179f 2533Author: doug@openbsd.org <doug@openbsd.org> 2534Date: Fri Dec 11 17:41:37 2015 +0000 2535 2536 upstream commit 2537 2538 Add "id" to ssh-agent pledge for subprocess support. 2539 2540 Found the hard way by Jan Johansson when using ssh-agent with X. Also, 2541 rearranged proc/exec and retval to match other pledge calls in the tree. 2542 2543 ok djm@ 2544 2545 Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db 2546 2547commit 52d7078421844b2f88329f5be3de370b0a938636 2548Author: mmcc@openbsd.org <mmcc@openbsd.org> 2549Date: Fri Dec 11 04:21:11 2015 +0000 2550 2551 upstream commit 2552 2553 Remove NULL-checks before sshbuf_free(). 2554 2555 ok djm@ 2556 2557 Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917 2558 2559commit a4b9e0f4e4a6980a0eb8072f76ea611cab5b77e7 2560Author: djm@openbsd.org <djm@openbsd.org> 2561Date: Fri Dec 11 03:24:25 2015 +0000 2562 2563 upstream commit 2564 2565 include remote port number in a few more messages; makes 2566 tying log messages together into a session a bit easier; bz#2503 ok dtucker@ 2567 2568 Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e 2569 2570commit 6091c362e89079397e68744ae30df121b0a72c07 2571Author: djm@openbsd.org <djm@openbsd.org> 2572Date: Fri Dec 11 03:20:09 2015 +0000 2573 2574 upstream commit 2575 2576 don't try to load SSHv1 private key when compiled without 2577 SSHv1 support. From Iain Morgan bz#2505 2578 2579 Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7 2580 2581commit cce6a36bb95e81fa8bfb46daf22eabcf13afc352 2582Author: djm@openbsd.org <djm@openbsd.org> 2583Date: Fri Dec 11 03:19:09 2015 +0000 2584 2585 upstream commit 2586 2587 use SSH_MAX_PUBKEY_BYTES consistently as buffer size when 2588 reading key files. Increase it to match the size of the buffers already being 2589 used. 2590 2591 Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae 2592 2593commit 89540b6de025b80404a0cb8418c06377f3f98848 2594Author: mmcc@openbsd.org <mmcc@openbsd.org> 2595Date: Fri Dec 11 02:31:47 2015 +0000 2596 2597 upstream commit 2598 2599 Remove NULL-checks before sshkey_free(). 2600 2601 ok djm@ 2602 2603 Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52 2604 2605commit 79394ed6d74572c2d2643d73937dad33727fc240 2606Author: dtucker@openbsd.org <dtucker@openbsd.org> 2607Date: Fri Dec 11 02:29:03 2015 +0000 2608 2609 upstream commit 2610 2611 fflush stdout so that output is seen even when running in 2612 debug mode when output may otherwise not be flushed. Patch from dustin at 2613 null-ptr.net. 2614 2615 Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc 2616 2617commit ee607cccb6636eb543282ba90e0677b0604d8b7a 2618Author: Darren Tucker <dtucker@zip.com.au> 2619Date: Tue Dec 15 15:23:49 2015 +1100 2620 2621 Increase robustness of redhat/openssh.spec 2622 2623 - remove configure --with-rsh, because this option isn't supported anymore 2624 - replace last occurrence of BuildPreReq by BuildRequires 2625 - update grep statement to query the krb5 include directory 2626 2627 Patch from CarstenGrohmann via github, ok djm. 2628 2629commit b5fa0cd73555b991a543145603658d7088ec6b60 2630Author: Darren Tucker <dtucker@zip.com.au> 2631Date: Tue Dec 15 15:10:32 2015 +1100 2632 2633 Allow --without-ssl-engine with --without-openssl 2634 2635 Patch from Mike Frysinger via github. 2636 2637commit c1d7e546f6029024f3257cc25c92f2bddf163125 2638Author: Darren Tucker <dtucker@zip.com.au> 2639Date: Tue Dec 15 14:27:09 2015 +1100 2640 2641 Include openssl crypto.h for SSLeay. 2642 2643 Patch from doughdemon via github. 2644 2645commit c6f5f01651526e88c00d988ce59d71f481ebac62 2646Author: Darren Tucker <dtucker@zip.com.au> 2647Date: Tue Dec 15 13:59:12 2015 +1100 2648 2649 Add sys/time.h for gettimeofday. 2650 2651 Should allow it it compile with MUSL libc. Based on patch from 2652 doughdemon via github. 2653 2654commit 39736be06c7498ef57d6970f2d85cf066ae57c82 2655Author: djm@openbsd.org <djm@openbsd.org> 2656Date: Fri Dec 11 02:20:28 2015 +0000 2657 2658 upstream commit 2659 2660 correct error messages; from Tomas Kuthan bz#2507 2661 2662 Upstream-ID: 7454a0affeab772398052954c79300aa82077093 2663 2664commit 94141b7ade24afceeb6762a3f99e09e47a6c42b6 2665Author: mmcc@openbsd.org <mmcc@openbsd.org> 2666Date: Fri Dec 11 00:20:04 2015 +0000 2667 2668 upstream commit 2669 2670 Pass (char *)NULL rather than (char *)0 to execl and 2671 execlp. 2672 2673 ok dtucker@ 2674 2675 Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492 2676 2677commit d59ce08811bf94111c2f442184cf7d1257ffae24 2678Author: mmcc@openbsd.org <mmcc@openbsd.org> 2679Date: Thu Dec 10 17:08:40 2015 +0000 2680 2681 upstream commit 2682 2683 Remove NULL-checks before free(). 2684 2685 ok dtucker@ 2686 2687 Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8 2688 2689commit 8e56dd46cb37879c73bce2d6032cf5e7f82d5a71 2690Author: mmcc@openbsd.org <mmcc@openbsd.org> 2691Date: Thu Dec 10 07:01:35 2015 +0000 2692 2693 upstream commit 2694 2695 Fix a couple "the the" typos. ok dtucker@ 2696 2697 Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72 2698 2699commit 6262a0522ddc2c0f2e9358dcb68d59b46e9c533e 2700Author: markus@openbsd.org <markus@openbsd.org> 2701Date: Mon Dec 7 20:04:09 2015 +0000 2702 2703 upstream commit 2704 2705 stricter encoding type checks for ssh-rsa; ok djm@ 2706 2707 Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650 2708 2709commit d86a3ba7af160c13496102aed861ae48a4297072 2710Author: Damien Miller <djm@mindrot.org> 2711Date: Wed Dec 9 09:18:45 2015 +1100 2712 2713 Don't set IPV6_V6ONLY on OpenBSD 2714 2715 It isn't necessary and runs afoul of pledge(2) restrictions. 2716 2717commit da98c11d03d819a15429d8fff9688acd7505439f 2718Author: djm@openbsd.org <djm@openbsd.org> 2719Date: Mon Dec 7 02:20:46 2015 +0000 2720 2721 upstream commit 2722 2723 basic unit tests for rsa-sha2-* signature types 2724 2725 Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c 2726 2727commit 3da893fdec9936dd2c23739cdb3c0c9d4c59fca0 2728Author: markus@openbsd.org <markus@openbsd.org> 2729Date: Sat Dec 5 20:53:21 2015 +0000 2730 2731 upstream commit 2732 2733 prefer rsa-sha2-512 over -256 for hostkeys, too; noticed 2734 by naddy@ 2735 2736 Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe 2737 2738commit 8b56e59714d87181505e4678f0d6d39955caf10e 2739Author: tobias@openbsd.org <tobias@openbsd.org> 2740Date: Fri Dec 4 21:51:06 2015 +0000 2741 2742 upstream commit 2743 2744 Properly handle invalid %-format by calling fatal. 2745 2746 ok deraadt, djm 2747 2748 Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac 2749 2750commit 76c9fbbe35aabc1db977fb78e827644345e9442e 2751Author: markus@openbsd.org <markus@openbsd.org> 2752Date: Fri Dec 4 16:41:28 2015 +0000 2753 2754 upstream commit 2755 2756 implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures 2757 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and 2758 draft-ssh-ext-info-04.txt; with & ok djm@ 2759 2760 Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309 2761 2762commit 6064a8b8295cb5a17b5ebcfade53053377714f40 2763Author: djm@openbsd.org <djm@openbsd.org> 2764Date: Fri Dec 4 00:24:55 2015 +0000 2765 2766 upstream commit 2767 2768 clean up agent_fd handling; properly initialise it to -1 2769 and make tests consistent 2770 2771 ok markus@ 2772 2773 Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707 2774 2775commit b91926a97620f3e51761c271ba57aa5db790f48d 2776Author: semarie@openbsd.org <semarie@openbsd.org> 2777Date: Thu Dec 3 17:00:18 2015 +0000 2778 2779 upstream commit 2780 2781 pledges ssh client: - mux client: which is used when 2782 ControlMaster is in use. will end with "stdio proc tty" (proc is to 2783 permit sending SIGWINCH to mux master on window resize) 2784 2785 - client loop: several levels of pledging depending of your used options 2786 2787 ok deraadt@ 2788 2789 Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b 2790 2791commit bcce47466bbc974636f588b5e4a9a18ae386f64a 2792Author: doug@openbsd.org <doug@openbsd.org> 2793Date: Wed Dec 2 08:30:50 2015 +0000 2794 2795 upstream commit 2796 2797 Add "cpath" to the ssh-agent pledge so the cleanup 2798 handler can unlink(). 2799 2800 ok djm@ 2801 2802 Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d 2803 2804commit a90d001543f46716b6590c6dcc681d5f5322f8cf 2805Author: djm@openbsd.org <djm@openbsd.org> 2806Date: Wed Dec 2 08:00:58 2015 +0000 2807 2808 upstream commit 2809 2810 ssh-agent pledge needs proc for askpass; spotted by todd@ 2811 2812 Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a 2813 2814commit d952162b3c158a8f23220587bb6c8fcda75da551 2815Author: djm@openbsd.org <djm@openbsd.org> 2816Date: Tue Dec 1 23:29:24 2015 +0000 2817 2818 upstream commit 2819 2820 basic pledge() for ssh-agent, more refinement needed 2821 2822 Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13 2823 2824commit f0191d7c8e76e30551084b79341886d9bb38e453 2825Author: Damien Miller <djm@mindrot.org> 2826Date: Mon Nov 30 10:53:25 2015 +1100 2827 2828 Revert "stub for pledge(2) for systems that lack it" 2829 2830 This reverts commit 14c887c8393adde2d9fd437d498be30f8c98535c. 2831 2832 dtucker beat me to it :/ 2833 2834commit 6283cc72eb0e49a3470d30e07ca99a1ba9e89676 2835Author: Damien Miller <djm@mindrot.org> 2836Date: Mon Nov 30 10:37:03 2015 +1100 2837 2838 revert 7d4c7513: bring back S/Key prototypes 2839 2840 (but leave RCSID changes) 2841 2842commit 14c887c8393adde2d9fd437d498be30f8c98535c 2843Author: Damien Miller <djm@mindrot.org> 2844Date: Mon Nov 30 09:45:29 2015 +1100 2845 2846 stub for pledge(2) for systems that lack it 2847 2848commit 452c0b6af5d14c37553e30059bf74456012493f3 2849Author: djm@openbsd.org <djm@openbsd.org> 2850Date: Sun Nov 29 22:18:37 2015 +0000 2851 2852 upstream commit 2853 2854 pledge, better fatal() messages; feedback deraadt@ 2855 2856 Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f 2857 2858commit 6da413c085dba37127687b2617a415602505729b 2859Author: deraadt@openbsd.org <deraadt@openbsd.org> 2860Date: Sat Nov 28 06:50:52 2015 +0000 2861 2862 upstream commit 2863 2864 do not leak temp file if there is no known_hosts file 2865 from craig leres, ok djm 2866 2867 Upstream-ID: c820497fd5574844c782e79405c55860f170e426 2868 2869commit 3ddd15e1b63a4d4f06c8ab16fbdd8a5a61764f16 2870Author: Darren Tucker <dtucker@zip.com.au> 2871Date: Mon Nov 30 07:23:53 2015 +1100 2872 2873 Add a null implementation of pledge. 2874 2875 Fixes builds on almost everything. 2876 2877commit b1d6b3971ef256a08692efc409fc9ada719111cc 2878Author: djm@openbsd.org <djm@openbsd.org> 2879Date: Sat Nov 28 06:41:03 2015 +0000 2880 2881 upstream commit 2882 2883 don't include port number in tcpip-forward replies for 2884 requests that don't allocate a port; bz#2509 diagnosed by Ron Frederick ok 2885 markus 2886 2887 Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a 2888 2889commit 9080bd0b9cf10d0f13b1f642f20cb84285cb8d65 2890Author: deraadt@openbsd.org <deraadt@openbsd.org> 2891Date: Fri Nov 27 00:49:31 2015 +0000 2892 2893 upstream commit 2894 2895 pledge "stdio rpath wpath cpath fattr tty proc exec" 2896 except for the -p option (which sadly has insane semantics...) ok semarie 2897 dtucker 2898 2899 Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059 2900 2901commit 4d90625b229cf6b3551d81550a9861897509a65f 2902Author: halex@openbsd.org <halex@openbsd.org> 2903Date: Fri Nov 20 23:04:01 2015 +0000 2904 2905 upstream commit 2906 2907 allow comment change for all supported formats 2908 2909 ok djm@ 2910 2911 Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b 2912 2913commit 8ca915fc761519dd1f7766a550ec597a81db5646 2914Author: djm@openbsd.org <djm@openbsd.org> 2915Date: Fri Nov 20 01:45:29 2015 +0000 2916 2917 upstream commit 2918 2919 add cast to make -Werror clean 2920 2921 Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d 2922 2923commit ac9473580dcd401f8281305af98635cdaae9bf96 2924Author: Damien Miller <djm@mindrot.org> 2925Date: Fri Nov 20 12:35:41 2015 +1100 2926 2927 fix multiple authentication using S/Key w/ privsep 2928 2929 bz#2502, patch from Kevin Korb and feandil_ 2930 2931commit 88b6fcdeb87a2fb76767854d9eb15006662dca57 2932Author: djm@openbsd.org <djm@openbsd.org> 2933Date: Thu Nov 19 08:23:27 2015 +0000 2934 2935 upstream commit 2936 2937 ban ConnectionAttempts=0, it makes no sense and would cause 2938 ssh_connect_direct() to print an uninitialised stack variable; bz#2500 2939 reported by dvw AT phas.ubc.ca 2940 2941 Upstream-ID: 32b5134c608270583a90b93a07b3feb3cbd5f7d5 2942 2943commit 964ab3ee7a8f96bdbc963d5b5a91933d6045ebe7 2944Author: djm@openbsd.org <djm@openbsd.org> 2945Date: Thu Nov 19 01:12:32 2015 +0000 2946 2947 upstream commit 2948 2949 trailing whitespace 2950 2951 Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051 2952 2953commit f96516d052dbe38561f6b92b0e4365d8e24bb686 2954Author: djm@openbsd.org <djm@openbsd.org> 2955Date: Thu Nov 19 01:09:38 2015 +0000 2956 2957 upstream commit 2958 2959 print host certificate contents at debug level 2960 2961 Upstream-ID: 39354cdd8a2b32b308fd03f98645f877f540f00d 2962 2963commit 499cf36fecd6040e30e2912dd25655bc574739a7 2964Author: djm@openbsd.org <djm@openbsd.org> 2965Date: Thu Nov 19 01:08:55 2015 +0000 2966 2967 upstream commit 2968 2969 move the certificate validity formatting code to 2970 sshkey.[ch] 2971 2972 Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523 2973 2974commit bcb7bc77bbb1535d1008c7714085556f3065d99d 2975Author: djm@openbsd.org <djm@openbsd.org> 2976Date: Wed Nov 18 08:37:28 2015 +0000 2977 2978 upstream commit 2979 2980 fix "ssh-keygen -l" of private key, broken in support for 2981 multiple plain keys on stdin 2982 2983 Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d 2984 2985commit 259adb6179e23195c8f6913635ea71040d1ccd63 2986Author: millert@openbsd.org <millert@openbsd.org> 2987Date: Mon Nov 16 23:47:52 2015 +0000 2988 2989 upstream commit 2990 2991 Replace remaining calls to index(3) with strchr(3). OK 2992 jca@ krw@ 2993 2994 Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d 2995 2996commit c56a255162c2166884539c0a1f7511575325b477 2997Author: djm@openbsd.org <djm@openbsd.org> 2998Date: Mon Nov 16 22:53:07 2015 +0000 2999 3000 upstream commit 3001 3002 Allow fingerprinting from standard input "ssh-keygen -lf 3003 -" 3004 3005 Support fingerprinting multiple plain keys in a file and authorized_keys 3006 files too (bz#1319) 3007 3008 ok markus@ 3009 3010 Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77 3011 3012commit 5b4010d9b923cf1b46c9c7b1887c013c2967e204 3013Author: djm@openbsd.org <djm@openbsd.org> 3014Date: Mon Nov 16 22:51:05 2015 +0000 3015 3016 upstream commit 3017 3018 always call privsep_preauth_child() regardless of whether 3019 sshd was started by root; it does important priming before sandboxing and 3020 failing to call it could result in sandbox violations later; ok markus@ 3021 3022 Upstream-ID: c8a6d0d56c42f3faab38460dc917ca0d1705d383 3023 3024commit 3a9f84b58b0534bbb485f1eeab75665e2d03371f 3025Author: djm@openbsd.org <djm@openbsd.org> 3026Date: Mon Nov 16 22:50:01 2015 +0000 3027 3028 upstream commit 3029 3030 improve sshkey_read() semantics; only update *cpp when a 3031 key is successfully read; ok markus@ 3032 3033 Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089 3034 3035commit db6f8dc5dd5655b59368efd074994d4568bc3556 3036Author: logan@openbsd.org <logan@openbsd.org> 3037Date: Mon Nov 16 06:13:04 2015 +0000 3038 3039 upstream commit 3040 3041 1) Use xcalloc() instead of xmalloc() to check for 3042 potential overflow. (Feedback from both mmcc@ and djm@) 2) move set_size 3043 just before the for loop. (suggested by djm@) 3044 3045 OK djm@ 3046 3047 Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213 3048 3049commit 383f10fb84a0fee3c01f9d97594f3e22aa3cd5e0 3050Author: djm@openbsd.org <djm@openbsd.org> 3051Date: Mon Nov 16 00:30:02 2015 +0000 3052 3053 upstream commit 3054 3055 Add a new authorized_keys option "restrict" that 3056 includes all current and future key restrictions (no-*-forwarding, etc). Also 3057 add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty". 3058 This simplifies the task of setting up restricted keys and ensures they are 3059 maximally-restricted, regardless of any permissions we might implement in the 3060 future. 3061 3062 Example: 3063 3064 restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1... 3065 3066 Idea from Jann Horn; ok markus@ 3067 3068 Upstream-ID: 04ceb9d448e46e67e13887a7ae5ea45b4f1719d0 3069 3070commit e41a071f7bda6af1fb3f081bed0151235fa61f15 3071Author: jmc@openbsd.org <jmc@openbsd.org> 3072Date: Sun Nov 15 23:58:04 2015 +0000 3073 3074 upstream commit 3075 3076 correct section number for ssh-agent; 3077 3078 Upstream-ID: 44be72fd8bcc167635c49b357b1beea8d5674bd6 3079 3080commit 1a11670286acddcc19f5eff0966c380831fc4638 3081Author: jmc@openbsd.org <jmc@openbsd.org> 3082Date: Sun Nov 15 23:54:15 2015 +0000 3083 3084 upstream commit 3085 3086 do not confuse mandoc by presenting "Dd"; 3087 3088 Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65 3089 3090commit f361df474c49a097bfcf16d1b7b5c36fcd844b4b 3091Author: jcs@openbsd.org <jcs@openbsd.org> 3092Date: Sun Nov 15 22:26:49 2015 +0000 3093 3094 upstream commit 3095 3096 Add an AddKeysToAgent client option which can be set to 3097 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a 3098 private key that is used during authentication will be added to ssh-agent if 3099 it is running (with confirmation enabled if set to 'confirm'). 3100 3101 Initial version from Joachim Schipper many years ago. 3102 3103 ok markus@ 3104 3105 Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4 3106 3107commit d87063d9baf5479b6e813d47dfb694a97df6f6f5 3108Author: djm@openbsd.org <djm@openbsd.org> 3109Date: Fri Nov 13 04:39:35 2015 +0000 3110 3111 upstream commit 3112 3113 send SSH2_MSG_UNIMPLEMENTED replies to unexpected 3114 messages during KEX; bz#2949, ok dtucker@ 3115 3116 Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786 3117 3118commit 9fd04681a1e9b0af21e08ff82eb674cf0a499bfc 3119Author: djm@openbsd.org <djm@openbsd.org> 3120Date: Fri Nov 13 04:38:06 2015 +0000 3121 3122 upstream commit 3123 3124 Support "none" as an argument for sshd_config 3125 ForceCommand and ChrootDirectory. Useful inside Match blocks to override a 3126 global default. bz#2486 ok dtucker@ 3127 3128 Upstream-ID: 7ef478d6592bc7db5c7376fc33b4443e63dccfa5 3129 3130commit 94bc0b72c29e511cbbc5772190d43282e5acfdfe 3131Author: djm@openbsd.org <djm@openbsd.org> 3132Date: Fri Nov 13 04:34:15 2015 +0000 3133 3134 upstream commit 3135 3136 support multiple certificates (one per line) and 3137 reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@ 3138 3139 Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db 3140 3141commit b6b9108f5b561c83612cb97ece4134eb59fde071 3142Author: djm@openbsd.org <djm@openbsd.org> 3143Date: Fri Nov 13 02:57:46 2015 +0000 3144 3145 upstream commit 3146 3147 list a couple more options usable in Match blocks; 3148 bz#2489 3149 3150 Upstream-ID: e4d03f39d254db4c0cc54101921bb89fbda19879 3151 3152commit a7994b3f5a5a5a33b52b0a6065d08e888f0a99fb 3153Author: djm@openbsd.org <djm@openbsd.org> 3154Date: Wed Nov 11 04:56:39 2015 +0000 3155 3156 upstream commit 3157 3158 improve PEEK/POKE macros: better casts, don't multiply 3159 evaluate arguments; ok deraadt@ 3160 3161 Upstream-ID: 9a1889e19647615ededbbabab89064843ba92d3e 3162 3163commit 7d4c7513a7f209cb303a608ac6e46b3f1dfc11ec 3164Author: djm@openbsd.org <djm@openbsd.org> 3165Date: Wed Nov 11 01:48:01 2015 +0000 3166 3167 upstream commit 3168 3169 remove prototypes for long-gone s/key support; ok 3170 dtucker@ 3171 3172 Upstream-ID: db5bed3c57118af986490ab23d399df807359a79 3173 3174commit 07889c75926c040b8e095949c724e66af26441cb 3175Author: Damien Miller <djm@mindrot.org> 3176Date: Sat Nov 14 18:44:49 2015 +1100 3177 3178 read back from libcrypto RAND when privdropping 3179 3180 makes certain libcrypto implementations cache a /dev/urandom fd 3181 in preparation of sandboxing. Based on patch by Greg Hartman. 3182 3183commit 1560596f44c01bb0cef977816410950ed17b8ecd 3184Author: Darren Tucker <dtucker@zip.com.au> 3185Date: Tue Nov 10 11:14:47 2015 +1100 3186 3187 Fix compiler warnings in the openssl header check. 3188 3189 Noted by Austin English. 3190 3191commit e72a8575ffe1d8adff42c9abe9ca36938acc036b 3192Author: jmc@openbsd.org <jmc@openbsd.org> 3193Date: Sun Nov 8 23:24:03 2015 +0000 3194 3195 upstream commit 3196 3197 -c before -H, in SYNOPSIS and usage(); 3198 3199 Upstream-ID: 25e8c58a69e1f37fcd54ac2cd1699370acb5e404 3200 3201commit 3a424cdd21db08c7b0ded902f97b8f02af5aa485 3202Author: djm@openbsd.org <djm@openbsd.org> 3203Date: Sun Nov 8 22:30:20 2015 +0000 3204 3205 upstream commit 3206 3207 Add "ssh-keyscan -c ..." flag to allow fetching 3208 certificates instead of plain keys; ok markus@ 3209 3210 Upstream-ID: 0947e2177dba92339eced9e49d3c5bf7dda69f82 3211 3212commit 69fead5d7cdaa73bdece9fcba80f8e8e70b90346 3213Author: jmc@openbsd.org <jmc@openbsd.org> 3214Date: Sun Nov 8 22:08:38 2015 +0000 3215 3216 upstream commit 3217 3218 remove slogin links; ok deraadt markus djm 3219 3220 Upstream-ID: 39ba08548acde4c54f2d4520c202c2a863a3c730 3221 3222commit 2fecfd486bdba9f51b3a789277bb0733ca36e1c0 3223Author: djm@openbsd.org <djm@openbsd.org> 3224Date: Sun Nov 8 21:59:11 2015 +0000 3225 3226 upstream commit 3227 3228 fix OOB read in packet code caused by missing return 3229 statement found by Ben Hawkes; ok markus@ deraadt@ 3230 3231 Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62 3232 3233commit 5e288923a303ca672b686908320bc5368ebec6e6 3234Author: mmcc@openbsd.org <mmcc@openbsd.org> 3235Date: Fri Nov 6 00:31:41 2015 +0000 3236 3237 upstream commit 3238 3239 1. rlogin and rsh are long gone 2. protocol version isn't 3240 of core relevance here, and v1 is going away 3241 3242 ok markus@, deraadt@ 3243 3244 Upstream-ID: 8b46bc94cf1ca7c8c1a75b1c958b2bb38d7579c8 3245 3246commit 8b29008bbe97f33381d9b4b93fcfa304168d0286 3247Author: jmc@openbsd.org <jmc@openbsd.org> 3248Date: Thu Nov 5 09:48:05 2015 +0000 3249 3250 upstream commit 3251 3252 "commandline" -> "command line", since there are so few 3253 examples of the former in the pages, so many of the latter, and in some of 3254 these pages we had multiple spellings; 3255 3256 prompted by tj 3257 3258 Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659 3259 3260commit 996b24cebf20077fbe5db07b3a2c20c2d9db736e 3261Author: Darren Tucker <dtucker@zip.com.au> 3262Date: Thu Oct 29 20:57:34 2015 +1100 3263 3264 (re)wrap SYS_sendsyslog in ifdef. 3265 3266 Replace ifdef that went missing in commit 3267 c61b42f2678f21f05653ac2d3d241b48ab5d59ac. Fixes build on older 3268 OpenBSDs. 3269 3270commit b67e2e76fcf1ae7c802eb27ca927e16c91a513ff 3271Author: djm@openbsd.org <djm@openbsd.org> 3272Date: Thu Oct 29 08:05:17 2015 +0000 3273 3274 upstream commit 3275 3276 regress test for "PubkeyAcceptedKeyTypes +..." inside a 3277 Match block 3278 3279 Upstream-Regress-ID: 246c37ed64a2e5704d4c158ccdca1ff700e10647 3280 3281commit abd9dbc3c0d8c8c7561347cfa22166156e78c077 3282Author: dtucker@openbsd.org <dtucker@openbsd.org> 3283Date: Mon Oct 26 02:50:58 2015 +0000 3284 3285 upstream commit 3286 3287 Fix typo certopt->certopts in shell variable. This would 3288 cause the test to hang at a host key prompt if you have an A or CNAME for 3289 "proxy" in your local domain. 3290 3291 Upstream-Regress-ID: 6ea03bcd39443a83c89e2c5606392ceb9585836a 3292 3293commit ed08510d38aef930a061ae30d10f2a9cf233bafa 3294Author: djm@openbsd.org <djm@openbsd.org> 3295Date: Thu Oct 29 08:05:01 2015 +0000 3296 3297 upstream commit 3298 3299 Fix "PubkeyAcceptedKeyTypes +..." inside a Match block; 3300 ok dtucker@ 3301 3302 Upstream-ID: 853662c4036730b966aab77684390c47b9738c69 3303 3304commit a4aef3ed29071719b2af82fdf1ac3c2514f82bc5 3305Author: djm@openbsd.org <djm@openbsd.org> 3306Date: Tue Oct 27 08:54:52 2015 +0000 3307 3308 upstream commit 3309 3310 fix execv arguments in a way less likely to cause grief 3311 for -portable; ok dtucker@ 3312 3313 Upstream-ID: 5902bf0ea0371f39f1300698dc3b8e4105fc0fc5 3314 3315commit 63d188175accea83305e89fafa011136ff3d96ad 3316Author: djm@openbsd.org <djm@openbsd.org> 3317Date: Tue Oct 27 01:44:45 2015 +0000 3318 3319 upstream commit 3320 3321 log certificate serial in verbose() messages to match the 3322 main auth success/fail message; ok dtucker@ 3323 3324 Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288 3325 3326commit 2aaba0cfd560ecfe92aa50c00750e6143842cf1f 3327Author: djm@openbsd.org <djm@openbsd.org> 3328Date: Tue Oct 27 00:49:53 2015 +0000 3329 3330 upstream commit 3331 3332 avoid de-const warning & shrink; ok dtucker@ 3333 3334 Upstream-ID: 69a85ef94832378952a22c172009cbf52aaa11db 3335 3336commit 03239c18312b9bab7d1c3b03062c61e8bbc1ca6e 3337Author: dtucker@openbsd.org <dtucker@openbsd.org> 3338Date: Sun Oct 25 23:42:00 2015 +0000 3339 3340 upstream commit 3341 3342 Expand tildes in filenames passed to -i before checking 3343 whether or not the identity file exists. This means that if the shell 3344 doesn't do the expansion (eg because the option and filename were given as a 3345 single argument) then we'll still add the key. bz#2481, ok markus@ 3346 3347 Upstream-ID: db1757178a14ac519e9a3e1a2dbd21113cb3bfc6 3348 3349commit 97e184e508dd33c37860c732c0eca3fc57698b40 3350Author: dtucker@openbsd.org <dtucker@openbsd.org> 3351Date: Sun Oct 25 23:14:03 2015 +0000 3352 3353 upstream commit 3354 3355 Do not prepend "exec" to the shell command run by "Match 3356 exec" in a config file. It's an unnecessary optimization from repurposed 3357 ProxyCommand code and prevents some things working with some shells. 3358 bz#2471, pointed out by res at qoxp.net. ok markus@ 3359 3360 Upstream-ID: a1ead25ae336bfa15fb58d8c6b5589f85b4c33a3 3361 3362commit 8db134e7f457bcb069ec72bc4ee722e2af557c69 3363Author: Darren Tucker <dtucker@zip.com.au> 3364Date: Thu Oct 29 10:48:23 2015 +1100 3365 3366 Prevent name collisions with system glob (bz#2463) 3367 3368 Move glob.h from includes.h to the only caller (sftp) and override the 3369 names for the symbols. This prevents name collisions with the system glob 3370 in the case where something other than ssh uses it (eg kerberos). With 3371 jjelen at redhat.com, ok djm@ 3372 3373commit 86c10dbbef6a5800d2431a66cf7f41a954bb62b5 3374Author: dtucker@openbsd.org <dtucker@openbsd.org> 3375Date: Fri Oct 23 02:22:01 2015 +0000 3376 3377 upstream commit 3378 3379 Update expected group sizes to match recent code changes. 3380 3381 Upstream-Regress-ID: 0004f0ea93428969fe75bcfff0d521c553977794 3382 3383commit 9ada37d36003a77902e90a3214981e417457cf13 3384Author: djm@openbsd.org <djm@openbsd.org> 3385Date: Sat Oct 24 22:56:19 2015 +0000 3386 3387 upstream commit 3388 3389 fix keyscan output for multiple hosts/addrs on one line 3390 when host hashing or a non standard port is in use; bz#2479 ok dtucker@ 3391 3392 Upstream-ID: 5321dabfaeceba343da3c8a8b5754c6f4a0a307b 3393 3394commit 44fc7cd7dcef6c52c6b7e9ff830dfa32879bd319 3395Author: djm@openbsd.org <djm@openbsd.org> 3396Date: Sat Oct 24 22:52:22 2015 +0000 3397 3398 upstream commit 3399 3400 skip "Could not chdir to home directory" message when 3401 chrooted 3402 3403 patch from Christian Hesse in bz#2485 ok dtucker@ 3404 3405 Upstream-ID: 86783c1953da426dff5b03b03ce46e699d9e5431 3406 3407commit a820a8618ec44735dabc688fab96fba38ad66bb2 3408Author: sthen@openbsd.org <sthen@openbsd.org> 3409Date: Sat Oct 24 08:34:09 2015 +0000 3410 3411 upstream commit 3412 3413 Handle the split of tun(4) "link0" into tap(4) in ssh 3414 tun-forwarding. Adapted from portable (using separate devices for this is the 3415 normal case in most OS). ok djm@ 3416 3417 Upstream-ID: 90facf4c59ce73d6741db1bc926e578ef465cd39 3418 3419commit 66d2e229baa9fe57b868c373b05f7ff3bb20055b 3420Author: gsoares@openbsd.org <gsoares@openbsd.org> 3421Date: Wed Oct 21 11:33:03 2015 +0000 3422 3423 upstream commit 3424 3425 fix memory leak in error path ok djm@ 3426 3427 Upstream-ID: dd2f402b0a0029b755df029fc7f0679e1365ce35 3428 3429commit 7d6c0362039ceacdc1366b5df29ad5d2693c13e5 3430Author: mmcc@openbsd.org <mmcc@openbsd.org> 3431Date: Tue Oct 20 23:24:25 2015 +0000 3432 3433 upstream commit 3434 3435 Compare pointers to NULL rather than 0. 3436 3437 ok djm@ 3438 3439 Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8 3440 3441commit f98a09cacff7baad8748c9aa217afd155a4d493f 3442Author: mmcc@openbsd.org <mmcc@openbsd.org> 3443Date: Tue Oct 20 03:36:35 2015 +0000 3444 3445 upstream commit 3446 3447 Replace a function-local allocation with stack memory. 3448 3449 ok djm@ 3450 3451 Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e 3452 3453commit ac908c1eeacccfa85659594d92428659320fd57e 3454Author: Damien Miller <djm@mindrot.org> 3455Date: Thu Oct 22 09:35:24 2015 +1100 3456 3457 turn off PrintLastLog when --disable-lastlog 3458 3459 bz#2278 from Brent Paulson 3460 3461commit b56deb847f4a0115a8bf488bf6ee8524658162fd 3462Author: djm@openbsd.org <djm@openbsd.org> 3463Date: Fri Oct 16 22:32:22 2015 +0000 3464 3465 upstream commit 3466 3467 increase the minimum modulus that we will send or accept in 3468 diffie-hellman-group-exchange to 2048 bits; ok markus@ 3469 3470 Upstream-ID: 06dce7a24c17b999a0f5fadfe95de1ed6a1a9b6a 3471 3472commit 5ee0063f024bf5b3f3ffb275b8cd20055d62b4b9 3473Author: djm@openbsd.org <djm@openbsd.org> 3474Date: Fri Oct 16 18:40:49 2015 +0000 3475 3476 upstream commit 3477 3478 better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in 3479 hostname canonicalisation - treat them as already canonical and remove the 3480 trailing '.' before matching ssh_config; ok markus@ 3481 3482 Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a 3483 3484commit e92c499a75477ecfe94dd7b4aed89f20b1fac5a7 3485Author: mmcc@openbsd.org <mmcc@openbsd.org> 3486Date: Fri Oct 16 17:07:24 2015 +0000 3487 3488 upstream commit 3489 3490 0 -> NULL when comparing with a char*. 3491 3492 ok dtucker@, djm@. 3493 3494 Upstream-ID: a928e9c21c0a9020727d99738ff64027c1272300 3495 3496commit b1d38a3cc6fe349feb8d16a5f520ef12d1de7cb2 3497Author: djm@openbsd.org <djm@openbsd.org> 3498Date: Thu Oct 15 23:51:40 2015 +0000 3499 3500 upstream commit 3501 3502 fix some signed/unsigned integer type mismatches in 3503 format strings; reported by Nicholas Lemonias 3504 3505 Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c 3506 3507commit 1a2663a15d356bb188196b6414b4c50dc12fd42b 3508Author: djm@openbsd.org <djm@openbsd.org> 3509Date: Thu Oct 15 23:08:23 2015 +0000 3510 3511 upstream commit 3512 3513 argument to sshkey_from_private() and sshkey_demote() 3514 can't be NULL 3515 3516 Upstream-ID: 0111245b1641d387977a9b38da15916820a5fd1f 3517 3518commit 0f754e29dd3760fc0b172c1220f18b753fb0957e 3519Author: Damien Miller <djm@mindrot.org> 3520Date: Fri Oct 16 10:53:14 2015 +1100 3521 3522 need va_copy before va_start 3523 3524 reported by Nicholas Lemonias 3525 3526commit eb6c50d82aa1f0d3fc95f5630ea69761e918bfcd 3527Author: Damien Miller <djm@mindrot.org> 3528Date: Thu Oct 15 15:48:28 2015 -0700 3529 3530 fix compilation on systems without SYMLOOP_MAX 3531 3532commit fafe1d84a210fb3dae7744f268059cc583db8c12 3533Author: Damien Miller <djm@mindrot.org> 3534Date: Wed Oct 14 09:22:15 2015 -0700 3535 3536 s/SANDBOX_TAME/SANDBOX_PLEDGE/g 3537 3538commit 8f22911027ff6c17d7226d232ccd20727f389310 3539Author: Damien Miller <djm@mindrot.org> 3540Date: Wed Oct 14 08:28:19 2015 +1100 3541 3542 upstream commit 3543 3544 revision 1.20 3545 date: 2015/10/13 20:55:37; author: millert; state: Exp; lines: +2 -2; commitid: X39sl5ay1czgFIgp; 3546 In rev 1.15 the sizeof argument was fixed in a strlcat() call but 3547 the truncation check immediately following it was not updated to 3548 match. Not an issue in practice since the buffers are the same 3549 size. OK deraadt@ 3550 3551commit 23fa695bb735f54f04d46123662609edb6c76767 3552Author: Damien Miller <djm@mindrot.org> 3553Date: Wed Oct 14 08:27:51 2015 +1100 3554 3555 upstream commit 3556 3557 revision 1.19 3558 date: 2015/01/16 16:48:51; author: deraadt; state: Exp; lines: +3 -3; commitid: 0DYulI8hhujBHMcR; 3559 Move to the <limits.h> universe. 3560 review by millert, binary checking process with doug, concept with guenther 3561 3562commit c71be375a69af00c2d0a0c24d8752bec12d8fd1b 3563Author: Damien Miller <djm@mindrot.org> 3564Date: Wed Oct 14 08:27:08 2015 +1100 3565 3566 upstream commit 3567 3568 revision 1.18 3569 date: 2014/10/19 03:56:28; author: doug; state: Exp; lines: +9 -9; commitid: U6QxmtbXrGoc02S5; 3570 Revert last commit due to changed semantics found by make release. 3571 3572commit c39ad23b06e9aecc3ff788e92f787a08472905b1 3573Author: Damien Miller <djm@mindrot.org> 3574Date: Wed Oct 14 08:26:24 2015 +1100 3575 3576 upstream commit 3577 3578 revision 1.17 3579 date: 2014/10/18 20:43:52; author: doug; state: Exp; lines: +10 -10; commitid: I74hI1tVZtsspKEt; 3580 Better POSIX compliance in realpath(3). 3581 3582 millert@ made changes to realpath.c based on FreeBSD's version. I merged 3583 Todd's changes into dl_realpath.c. 3584 3585 ok millert@, guenther@ 3586 3587commit e929a43f957dbd1254aca2aaf85c8c00cbfc25f4 3588Author: Damien Miller <djm@mindrot.org> 3589Date: Wed Oct 14 08:25:55 2015 +1100 3590 3591 upstream commit 3592 3593 revision 1.16 3594 date: 2013/04/05 12:59:54; author: kurt; state: Exp; lines: +3 -1; 3595 - Add comments regarding copies of these files also in libexec/ld.so 3596 okay guenther@ 3597 3598commit 5225db68e58a1048cb17f0e36e0d33bc4a8fc410 3599Author: Damien Miller <djm@mindrot.org> 3600Date: Wed Oct 14 08:25:32 2015 +1100 3601 3602 upstream commit 3603 3604 revision 1.15 3605 date: 2012/09/13 15:39:05; author: deraadt; state: Exp; lines: +2 -2; 3606 specify the bounds of the dst to strlcat (both values were static and 3607 equal, but it is more correct) 3608 from Michal Mazurek 3609 3610commit 7365fe5b4859de2305e40ea132da3823830fa710 3611Author: Damien Miller <djm@mindrot.org> 3612Date: Wed Oct 14 08:25:09 2015 +1100 3613 3614 upstream commit 3615 3616 revision 1.14 3617 date: 2011/07/24 21:03:00; author: miod; state: Exp; lines: +35 -13; 3618 Recent Single Unix will malloc memory if the second argument of realpath() 3619 is NULL, and third-party software is starting to rely upon this. 3620 Adapted from FreeBSD via Jona Joachim (jaj ; hcl-club , .lu), with minor 3621 tweaks from nicm@ and yours truly. 3622 3623commit e679c09cd1951f963793aa3d9748d1c3fdcf808f 3624Author: djm@openbsd.org <djm@openbsd.org> 3625Date: Tue Oct 13 16:15:21 2015 +0000 3626 3627 upstream commit 3628 3629 apply PubkeyAcceptedKeyTypes filtering earlier, so all 3630 skipped keys are noted before pubkey authentication starts. ok dtucker@ 3631 3632 Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8 3633 3634commit 179c353f564ec7ada64b87730b25fb41107babd7 3635Author: djm@openbsd.org <djm@openbsd.org> 3636Date: Tue Oct 13 00:21:27 2015 +0000 3637 3638 upstream commit 3639 3640 free the correct IV length, don't assume it's always the 3641 cipher blocksize; ok dtucker@ 3642 3643 Upstream-ID: c260d9e5ec73628d9ff4b067fbb060eff5a7d298 3644 3645commit 2539dce2a049a8f6bb0d44cac51f07ad48e691d3 3646Author: deraadt@openbsd.org <deraadt@openbsd.org> 3647Date: Fri Oct 9 01:37:08 2015 +0000 3648 3649 upstream commit 3650 3651 Change all tame callers to namechange to pledge(2). 3652 3653 Upstream-ID: 17e654fc27ceaf523c60f4ffd9ec7ae4e7efc7f2 3654 3655commit 9846a2f4067383bb76b4e31a9d2303e0a9c13a73 3656Author: Damien Miller <djm@mindrot.org> 3657Date: Thu Oct 8 04:30:48 2015 +1100 3658 3659 hook tame(2) sandbox up to build 3660 3661 OpenBSD only for now 3662 3663commit 0c46bbe68b70bdf0d6d20588e5847e71f3739fe6 3664Author: djm@openbsd.org <djm@openbsd.org> 3665Date: Wed Oct 7 15:59:12 2015 +0000 3666 3667 upstream commit 3668 3669 include PubkeyAcceptedKeyTypes in ssh -G config dump 3670 3671 Upstream-ID: 6c097ce6ffebf6fe393fb7988b5d152a5d6b36bb 3672 3673commit bdcb73fb7641b1cf73c0065d1a0dd57b1e8b778e 3674Author: sobrado@openbsd.org <sobrado@openbsd.org> 3675Date: Wed Oct 7 14:45:30 2015 +0000 3676 3677 upstream commit 3678 3679 UsePrivilegeSeparation defaults to sandbox now. 3680 3681 ok djm@ 3682 3683 Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f 3684 3685commit 2905d6f99c837bb699b6ebc61711b19acd030709 3686Author: djm@openbsd.org <djm@openbsd.org> 3687Date: Wed Oct 7 00:54:06 2015 +0000 3688 3689 upstream commit 3690 3691 don't try to change tun device flags if they are already 3692 what we need; makes it possible to use tun/tap networking as non- root user 3693 if device permissions and interface flags are pre-established; based on patch 3694 by Ossi Herrala 3695 3696 Upstream-ID: 89099ac4634cd477b066865acf54cb230780fd21 3697 3698commit 0dc74512bdb105b048883f07de538b37e5e024d4 3699Author: Damien Miller <djm@mindrot.org> 3700Date: Mon Oct 5 18:33:05 2015 -0700 3701 3702 unbreak merge botch 3703 3704commit fdd020e86439afa7f537e2429d29d4b744c94331 3705Author: djm@openbsd.org <djm@openbsd.org> 3706Date: Tue Oct 6 01:20:59 2015 +0000 3707 3708 upstream commit 3709 3710 adapt to recent sshkey_parse_private_fileblob() API 3711 change 3712 3713 Upstream-Regress-ID: 5c0d818da511e33e0abf6a92a31bd7163b7ad988 3714 3715commit 21ae8ee3b630b0925f973db647a1b9aa5fcdd4c5 3716Author: djm@openbsd.org <djm@openbsd.org> 3717Date: Thu Sep 24 07:15:39 2015 +0000 3718 3719 upstream commit 3720 3721 fix command-line option to match what was actually 3722 committed 3723 3724 Upstream-Regress-ID: 3e8c24a2044e8afd37e7ce17b69002ca817ac699 3725 3726commit e14ac43b75e68f1ffbd3e1a5e44143c8ae578dcd 3727Author: djm@openbsd.org <djm@openbsd.org> 3728Date: Thu Sep 24 06:16:53 2015 +0000 3729 3730 upstream commit 3731 3732 regress test for CertificateFile; patch from Meghana Bhat 3733 via bz#2436 3734 3735 Upstream-Regress-ID: e7a6e980cbe0f8081ba2e83de40d06c17be8bd25 3736 3737commit 905b054ed24e0d5b4ef226ebf2c8bfc02ae6d4ad 3738Author: djm@openbsd.org <djm@openbsd.org> 3739Date: Mon Oct 5 17:11:21 2015 +0000 3740 3741 upstream commit 3742 3743 some more bzero->explicit_bzero, from Michael McConville 3744 3745 Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0 3746 3747commit b007159a0acdbcf65814b3ee05dbe2cf4ea46011 3748Author: deraadt@openbsd.org <deraadt@openbsd.org> 3749Date: Fri Oct 2 15:52:55 2015 +0000 3750 3751 upstream commit 3752 3753 fix email 3754 3755 Upstream-ID: 72150f2d54b94de14ebef1ea054ef974281bf834 3756 3757commit b19e1b4ab11884c4f62aee9f8ab53127a4732658 3758Author: deraadt@openbsd.org <deraadt@openbsd.org> 3759Date: Fri Oct 2 01:39:52 2015 +0000 3760 3761 upstream commit 3762 3763 a sandbox using tame ok djm 3764 3765 Upstream-ID: 4ca24e47895e72f5daaa02f3e3d3e5ca2d820fa3 3766 3767commit c61b42f2678f21f05653ac2d3d241b48ab5d59ac 3768Author: deraadt@openbsd.org <deraadt@openbsd.org> 3769Date: Fri Oct 2 01:39:26 2015 +0000 3770 3771 upstream commit 3772 3773 re-order system calls in order of risk, ok i'll be 3774 honest, ordered this way they look like tame... ok djm 3775 3776 Upstream-ID: 42a1e6d251fd8be13c8262bee026059ae6328813 3777 3778commit c5f7c0843cb6e6074a93c8ac34e49ce33a6f5546 3779Author: jmc@openbsd.org <jmc@openbsd.org> 3780Date: Fri Sep 25 18:19:54 2015 +0000 3781 3782 upstream commit 3783 3784 some certificatefile tweaks; ok djm 3785 3786 Upstream-ID: 0e5a7852c28c05fc193419cc7e50e64c1c535af0 3787 3788commit 4e44a79a07d4b88b6a4e5e8c1bed5f58c841b1b8 3789Author: djm@openbsd.org <djm@openbsd.org> 3790Date: Thu Sep 24 06:15:11 2015 +0000 3791 3792 upstream commit 3793 3794 add ssh_config CertificateFile option to explicitly list 3795 a certificate; patch from Meghana Bhat on bz#2436; ok markus@ 3796 3797 Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8 3798 3799commit e3cbb06ade83c72b640a53728d362bbefa0008e2 3800Author: sobrado@openbsd.org <sobrado@openbsd.org> 3801Date: Tue Sep 22 08:33:23 2015 +0000 3802 3803 upstream commit 3804 3805 fix two typos. 3806 3807 Upstream-ID: 424402c0d8863a11b51749bacd7f8d932083b709 3808 3809commit 8408218c1ca88cb17d15278174a24a94a6f65fe1 3810Author: djm@openbsd.org <djm@openbsd.org> 3811Date: Mon Sep 21 04:31:00 2015 +0000 3812 3813 upstream commit 3814 3815 fix possible hang on closed output; bz#2469 reported by Tomas 3816 Kuthan ok markus@ 3817 3818 Upstream-ID: f7afd41810f8540f524284f1be6b970859f94fe3 3819 3820commit 0097248f90a00865082e8c146b905a6555cc146f 3821Author: djm@openbsd.org <djm@openbsd.org> 3822Date: Fri Sep 11 04:55:01 2015 +0000 3823 3824 upstream commit 3825 3826 skip if running as root; many systems (inc OpenBSD) allow 3827 root to ptrace arbitrary processes 3828 3829 Upstream-Regress-ID: be2b925df89360dff36f972951fa0fa793769038 3830 3831commit 9c06c814aff925e11a5cc592c06929c258a014f6 3832Author: djm@openbsd.org <djm@openbsd.org> 3833Date: Fri Sep 11 03:44:21 2015 +0000 3834 3835 upstream commit 3836 3837 try all supported key types here; bz#2455 reported by 3838 Jakub Jelen 3839 3840 Upstream-Regress-ID: 188cb7d9031cdbac3a0fa58b428b8fa2b2482bba 3841 3842commit 3c019a936b43f3e2773f3edbde7c114d73caaa4c 3843Author: tim@openbsd.org <tim@openbsd.org> 3844Date: Sun Sep 13 14:39:16 2015 +0000 3845 3846 upstream commit 3847 3848 - Fix error message: passphrase needs to be at least 5 3849 characters, not 4. - Remove unused function argument. - Remove two 3850 unnecessary variables. 3851 3852 OK djm@ 3853 3854 Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30 3855 3856commit 2681cdb6e0de7c1af549dac37a9531af202b4434 3857Author: tim@openbsd.org <tim@openbsd.org> 3858Date: Sun Sep 13 13:48:19 2015 +0000 3859 3860 upstream commit 3861 3862 When adding keys to the agent, don't ignore the comment 3863 of keys for which the user is prompted for a passphrase. 3864 3865 Tweak and OK djm@ 3866 3867 Upstream-ID: dc737c620a5a8d282cc4f66e3b9b624e9abefbec 3868 3869commit 14692f7b8251cdda847e648a82735eef8a4d2a33 3870Author: guenther@openbsd.org <guenther@openbsd.org> 3871Date: Fri Sep 11 08:50:04 2015 +0000 3872 3873 upstream commit 3874 3875 Use explicit_bzero() when zeroing before free() 3876 3877 from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) 3878 ok millert@ djm@ 3879 3880 Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50 3881 3882commit 846f6fa4cfa8483a9195971dbdd162220f199d85 3883Author: jmc@openbsd.org <jmc@openbsd.org> 3884Date: Fri Sep 11 06:55:46 2015 +0000 3885 3886 upstream commit 3887 3888 sync -Q in usage() to SYNOPSIS; since it's drastically 3889 shorter, i've reformatted the block to sync with the man (80 cols) and saved 3890 a line; 3891 3892 Upstream-ID: 86e2c65c3989a0777a6258a77e589b9f6f354abd 3893 3894commit 95923e0520a8647417ee6dcdff44694703dfeef0 3895Author: jmc@openbsd.org <jmc@openbsd.org> 3896Date: Fri Sep 11 06:51:39 2015 +0000 3897 3898 upstream commit 3899 3900 tweak previous; 3901 3902 Upstream-ID: f29b3cfcfd9aa31fa140c393e7bd48c1c74139d6 3903 3904commit 86ac462f833b05d8ed9de9c50ccb295d7faa79ff 3905Author: dtucker@openbsd.org <dtucker@openbsd.org> 3906Date: Fri Sep 11 05:27:02 2015 +0000 3907 3908 upstream commit 3909 3910 Update usage to match man page. 3911 3912 Upstream-ID: 9e85aefaecfb6aaf34c7cfd0700cd21783a35675 3913 3914commit 674b3b68c1d36b2562324927cd03857b565e05e8 3915Author: djm@openbsd.org <djm@openbsd.org> 3916Date: Fri Sep 11 03:47:28 2015 +0000 3917 3918 upstream commit 3919 3920 expand %i in ControlPath to UID; bz#2449 3921 3922 patch from Christian Hesse w/ feedback from dtucker@ 3923 3924 Upstream-ID: 2ba8d303e555a84e2f2165ab4b324b41e80ab925 3925 3926commit c0f55db7ee00c8202b05cb4b9ad4ce72cc45df41 3927Author: djm@openbsd.org <djm@openbsd.org> 3928Date: Fri Sep 11 03:42:32 2015 +0000 3929 3930 upstream commit 3931 3932 mention -Q key-plain and -Q key-cert; bz#2455 pointed out 3933 by Jakub Jelen 3934 3935 Upstream-ID: c8f1f8169332e4fa73ac96b0043e3b84e01d4896 3936 3937commit cfffbdb10fdf0f02d3f4232232eef7ec3876c383 3938Author: Darren Tucker <dtucker@zip.com.au> 3939Date: Mon Sep 14 16:24:21 2015 +1000 3940 3941 Use ssh-keygen -A when generating host keys. 3942 3943 Use ssh-keygen -A instead of per-keytype invocations when generating host 3944 keys. Add tests when doing host-key-force since we can't use ssh-keygen -A 3945 since it can't specify alternate locations. bz#2459, ok djm@ 3946 3947commit 366bada1e9e124654aac55b72b6ccf878755b0dc 3948Author: Darren Tucker <dtucker@zip.com.au> 3949Date: Fri Sep 11 13:29:22 2015 +1000 3950 3951 Correct default value for --with-ssh1. 3952 3953 bz#2457, from konto-mindrot.org at walimnieto.com. 3954 3955commit 2bca8a43e7dd9b04d7070824ffebb823c72587b2 3956Author: djm@openbsd.org <djm@openbsd.org> 3957Date: Fri Sep 11 03:13:36 2015 +0000 3958 3959 upstream commit 3960 3961 more clarity on what AuthorizedKeysFile=none does; based 3962 on diff by Thiebaud Weksteen 3963 3964 Upstream-ID: 78ab87f069080f0cc3bc353bb04eddd9e8ad3704 3965 3966commit 61942ea4a01e6db4fdf37ad61de81312ffe310e9 3967Author: djm@openbsd.org <djm@openbsd.org> 3968Date: Wed Sep 9 00:52:44 2015 +0000 3969 3970 upstream commit 3971 3972 openssh_RSA_verify return type is int, so don't make it 3973 size_t within the function itself with only negative numbers or zero assigned 3974 to it. bz#2460 3975 3976 Upstream-ID: b6e794b0c7fc4f9f329509263c8668d35f83ea55 3977 3978commit 4f7cc2f8cc861a21e6dbd7f6c25652afb38b9b96 3979Author: dtucker@openbsd.org <dtucker@openbsd.org> 3980Date: Fri Sep 4 08:21:47 2015 +0000 3981 3982 upstream commit 3983 3984 Plug minor memory leaks when options are used more than 3985 once. bz#2182, patch from Tiago Cunha, ok deraadt djm 3986 3987 Upstream-ID: 5b84d0401e27fe1614c10997010cc55933adb48e 3988 3989commit 7ad8b287c8453a3e61dbc0d34d467632b8b06fc8 3990Author: Darren Tucker <dtucker@zip.com.au> 3991Date: Fri Sep 11 13:11:02 2015 +1000 3992 3993 Force resolution of _res for correct detection. 3994 3995 bz#2259, from sconeu at yahoo.com. 3996 3997commit 26ad18247213ff72b4438abe7fc660c958810fa2 3998Author: Damien Miller <djm@mindrot.org> 3999Date: Thu Sep 10 10:57:41 2015 +1000 4000 4001 allow getrandom syscall; from Felix von Leitner 4002 4003commit 5245bc1e6b129a10a928f73f11c3aa32656c44b4 4004Author: jmc@openbsd.org <jmc@openbsd.org> 4005Date: Fri Sep 4 06:40:45 2015 +0000 4006 4007 upstream commit 4008 4009 full stop belongs outside the brackets, not inside; 4010 4011 Upstream-ID: 99d098287767799ac33d2442a05b5053fa5a551a 4012 4013commit a85768a9321d74b41219eeb3c9be9f1702cbf6a5 4014Author: djm@openbsd.org <djm@openbsd.org> 4015Date: Fri Sep 4 04:56:09 2015 +0000 4016 4017 upstream commit 4018 4019 add a debug2() right before DNS resolution; it's a place 4020 where ssh could previously silently hang for a while. bz#2433 4021 4022 Upstream-ID: 52a1a3e0748db66518e7598352c427145692a6a0 4023 4024commit 46152af8d27aa34d5d26ed1c371dc8aa142d4730 4025Author: djm@openbsd.org <djm@openbsd.org> 4026Date: Fri Sep 4 04:55:24 2015 +0000 4027 4028 upstream commit 4029 4030 correct function name in error messages 4031 4032 Upstream-ID: 92fb2798617ad9561370897f4ab60adef2ff4c0e 4033 4034commit a954cdb799a4d83c2d40fbf3e7b9f187fbfd72fc 4035Author: djm@openbsd.org <djm@openbsd.org> 4036Date: Fri Sep 4 04:47:50 2015 +0000 4037 4038 upstream commit 4039 4040 better document ExitOnForwardFailure; bz#2444, ok 4041 dtucker@ 4042 4043 Upstream-ID: a126209b5a6d9cb3117ac7ab5bc63d284538bfc2 4044 4045commit f54d8ac2474b6fc3afa081cf759b48a6c89d3319 4046Author: djm@openbsd.org <djm@openbsd.org> 4047Date: Fri Sep 4 04:44:08 2015 +0000 4048 4049 upstream commit 4050 4051 don't record hostbased authentication hostkeys as user 4052 keys in test for multiple authentication with the same key 4053 4054 Upstream-ID: 26b368fa2cff481f47f37e01b8da1ae5b57b1adc 4055 4056commit ac3451dd65f27ecf85dc045c46d49e2bbcb8dddd 4057Author: djm@openbsd.org <djm@openbsd.org> 4058Date: Fri Sep 4 03:57:38 2015 +0000 4059 4060 upstream commit 4061 4062 remove extra newline in nethack-mode hostkey; from 4063 Christian Hesse bz#2686 4064 4065 Upstream-ID: 4f56368b1cc47baeea0531912186f66007fd5b92 4066 4067commit 9e3ed9ebb1a7e47c155c28399ddf09b306ea05df 4068Author: djm@openbsd.org <djm@openbsd.org> 4069Date: Fri Sep 4 04:23:10 2015 +0000 4070 4071 upstream commit 4072 4073 trim junk from end of file; bz#2455 from Jakub Jelen 4074 4075 Upstream-Regress-ID: a4e64e8931e40d23874b047074444eff919cdfe6 4076 4077commit f3a3ea180afff080bab82087ee0b60db9fd84f6c 4078Author: jsg@openbsd.org <jsg@openbsd.org> 4079Date: Wed Sep 2 07:51:12 2015 +0000 4080 4081 upstream commit 4082 4083 Fix occurrences of "r = func() != 0" which result in the 4084 wrong error codes being returned due to != having higher precedence than =. 4085 4086 ok deraadt@ markus@ 4087 4088 Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840 4089 4090commit f498a98cf83feeb7ea01c15cd1c98b3111361f3a 4091Author: Damien Miller <djm@mindrot.org> 4092Date: Thu Sep 3 09:11:22 2015 +1000 4093 4094 don't check for yp_match; ok tim@ 4095 4096commit 9690b78b7848b0b376980a61d51b1613e187ddb5 4097Author: djm@openbsd.org <djm@openbsd.org> 4098Date: Fri Aug 21 23:57:48 2015 +0000 4099 4100 upstream commit 4101 4102 Improve printing of KEX offers and decisions 4103 4104 The debug output now labels the client and server offers and the 4105 negotiated options. ok markus@ 4106 4107 Upstream-ID: 8db921b3f92a4565271b1c1fbce6e7f508e1a2cb 4108 4109commit 60a92470e21340e1a3fc10f9c7140d8e1519dc55 4110Author: djm@openbsd.org <djm@openbsd.org> 4111Date: Fri Aug 21 23:53:08 2015 +0000 4112 4113 upstream commit 4114 4115 Fix printing (ssh -G ...) of HostKeyAlgorithms=+... 4116 Reported by Bryan Drewery 4117 4118 Upstream-ID: 19ad20c41bd5971e006289b6f9af829dd46c1293 4119 4120commit 6310f60fffca2d1e464168e7d1f7e3b6b0268897 4121Author: djm@openbsd.org <djm@openbsd.org> 4122Date: Fri Aug 21 23:52:30 2015 +0000 4123 4124 upstream commit 4125 4126 Fix expansion of HostkeyAlgorithms=+... 4127 4128 Reported by Bryan Drewery 4129 4130 Upstream-ID: 70ca1deea39d758ba36d36428ae832e28566f78d 4131 4132commit e774e5ea56237fd626a8161f9005023dff3e76c9 4133Author: deraadt@openbsd.org <deraadt@openbsd.org> 4134Date: Fri Aug 21 23:29:31 2015 +0000 4135 4136 upstream commit 4137 4138 Improve size == 0, count == 0 checking in mm_zalloc, 4139 which is "array" like. Discussed with tedu, millert, otto.... and ok djm 4140 4141 Upstream-ID: 899b021be43b913fad3eca1aef44efe710c53e29 4142 4143commit 189de02d9ad6f3645417c0ddf359b923aae5f926 4144Author: Damien Miller <djm@mindrot.org> 4145Date: Fri Aug 21 15:45:02 2015 +1000 4146 4147 expose POLLHUP and POLLNVAL for netcat.c 4148 4149commit e91346dc2bbf460246df2ab591b7613908c1b0ad 4150Author: Damien Miller <djm@mindrot.org> 4151Date: Fri Aug 21 14:49:03 2015 +1000 4152 4153 we don't use Github for issues/pull-requests 4154 4155commit a4f5b507c708cc3dc2c8dd2d02e4416d7514dc23 4156Author: Damien Miller <djm@mindrot.org> 4157Date: Fri Aug 21 14:43:55 2015 +1000 4158 4159 fix URL for connect.c 4160 4161commit d026a8d3da0f8186598442997c7d0a28e7275414 4162Author: Damien Miller <djm@mindrot.org> 4163Date: Fri Aug 21 13:47:10 2015 +1000 4164 4165 update version numbers for 7.1 4166 4167commit 78f8f589f0ca1c9f41e5a9bae3cda5ce8a6b42ed 4168Author: djm@openbsd.org <djm@openbsd.org> 4169Date: Fri Aug 21 03:45:26 2015 +0000 4170 4171 upstream commit 4172 4173 openssh-7.1 4174 4175 Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f 4176 4177commit 32a181980c62fce94f7f9ffaf6a79d90f0c309cf 4178Author: djm@openbsd.org <djm@openbsd.org> 4179Date: Fri Aug 21 03:42:19 2015 +0000 4180 4181 upstream commit 4182 4183 fix inverted logic that broke PermitRootLogin; reported 4184 by Mantas Mikulenas; ok markus@ 4185 4186 Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5 4187 4188commit ce445b0ed927e45bd5bdce8f836eb353998dd65c 4189Author: deraadt@openbsd.org <deraadt@openbsd.org> 4190Date: Thu Aug 20 22:32:42 2015 +0000 4191 4192 upstream commit 4193 4194 Do not cast result of malloc/calloc/realloc* if stdlib.h 4195 is in scope ok krw millert 4196 4197 Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667 4198 4199commit 05291e5288704d1a98bacda269eb5a0153599146 4200Author: naddy@openbsd.org <naddy@openbsd.org> 4201Date: Thu Aug 20 19:20:06 2015 +0000 4202 4203 upstream commit 4204 4205 In the certificates section, be consistent about using 4206 "host_key" and "user_key" for the respective key types. ok sthen@ deraadt@ 4207 4208 Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb 4209 4210commit 8543d4ef6f2e9f98c3e6b77c894ceec30c5e4ae4 4211Author: djm@openbsd.org <djm@openbsd.org> 4212Date: Wed Aug 19 23:21:42 2015 +0000 4213 4214 upstream commit 4215 4216 Better compat matching for WinSCP, add compat matching 4217 for FuTTY (fork of PuTTY); ok markus@ deraadt@ 4218 4219 Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389 4220 4221commit ec6eda16ebab771aa3dfc90629b41953b999cb1e 4222Author: djm@openbsd.org <djm@openbsd.org> 4223Date: Wed Aug 19 23:19:01 2015 +0000 4224 4225 upstream commit 4226 4227 fix double-free() in error path of DSA key generation 4228 reported by Mateusz Kocielski; ok markus@ 4229 4230 Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c 4231 4232commit 45b0eb752c94954a6de046bfaaf129e518ad4b5b 4233Author: djm@openbsd.org <djm@openbsd.org> 4234Date: Wed Aug 19 23:18:26 2015 +0000 4235 4236 upstream commit 4237 4238 fix free() of uninitialised pointer reported by Mateusz 4239 Kocielski; ok markus@ 4240 4241 Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663 4242 4243commit c837643b93509a3ef538cb6624b678c5fe32ff79 4244Author: djm@openbsd.org <djm@openbsd.org> 4245Date: Wed Aug 19 23:17:51 2015 +0000 4246 4247 upstream commit 4248 4249 fixed unlink([uninitialised memory]) reported by Mateusz 4250 Kocielski; ok markus@ 4251 4252 Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109 4253 4254commit 1f8d3d629cd553031021068eb9c646a5f1e50994 4255Author: jmc@openbsd.org <jmc@openbsd.org> 4256Date: Fri Aug 14 15:32:41 2015 +0000 4257 4258 upstream commit 4259 4260 match myproposal.h order; from brian conway (i snuck in a 4261 tweak while here) 4262 4263 ok dtucker 4264 4265 Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67 4266 4267commit 1dc8d93ce69d6565747eb44446ed117187621b26 4268Author: deraadt@openbsd.org <deraadt@openbsd.org> 4269Date: Thu Aug 6 14:53:21 2015 +0000 4270 4271 upstream commit 4272 4273 add prohibit-password as a synonymn for without-password, 4274 since the without-password is causing too many questions. Harden it to ban 4275 all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from 4276 djm, ok markus 4277 4278 Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a 4279 4280commit 90a95a4745a531b62b81ce3b025e892bdc434de5 4281Author: Damien Miller <djm@mindrot.org> 4282Date: Tue Aug 11 13:53:41 2015 +1000 4283 4284 update version in README 4285 4286commit 318c37743534b58124f1bab37a8a0087a3a9bd2f 4287Author: Damien Miller <djm@mindrot.org> 4288Date: Tue Aug 11 13:53:09 2015 +1000 4289 4290 update versions in *.spec 4291 4292commit 5e75f5198769056089fb06c4d738ab0e5abc66f7 4293Author: Damien Miller <djm@mindrot.org> 4294Date: Tue Aug 11 13:34:12 2015 +1000 4295 4296 set sshpam_ctxt to NULL after free 4297 4298 Avoids use-after-free in monitor when privsep child is compromised. 4299 Reported by Moritz Jodeit; ok dtucker@ 4300 4301commit d4697fe9a28dab7255c60433e4dd23cf7fce8a8b 4302Author: Damien Miller <djm@mindrot.org> 4303Date: Tue Aug 11 13:33:24 2015 +1000 4304 4305 Don't resend username to PAM; it already has it. 4306 4307 Pointed out by Moritz Jodeit; ok dtucker@ 4308 4309commit 88763a6c893bf3dfe951ba9271bf09715e8d91ca 4310Author: Darren Tucker <dtucker@zip.com.au> 4311Date: Mon Jul 27 12:14:25 2015 +1000 4312 4313 Import updated moduli file from OpenBSD. 4314 4315commit 55b263fb7cfeacb81aaf1c2036e0394c881637da 4316Author: Damien Miller <djm@mindrot.org> 4317Date: Mon Aug 10 11:13:44 2015 +1000 4318 4319 let principals-command.sh work for noexec /var/run 4320 4321commit 2651e34cd11b1aac3a0fe23b86d8c2ff35c07897 4322Author: Damien Miller <djm@mindrot.org> 4323Date: Thu Aug 6 11:43:42 2015 +1000 4324 4325 work around echo -n / sed behaviour in tests 4326 4327commit d85dad81778c1aa8106acd46930b25fdf0d15b2a 4328Author: djm@openbsd.org <djm@openbsd.org> 4329Date: Wed Aug 5 05:27:33 2015 +0000 4330 4331 upstream commit 4332 4333 adjust for RSA minimum modulus switch; ok deraadt@ 4334 4335 Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae 4336 4337commit 57e8e229bad5fe6056b5f1199665f5f7008192c6 4338Author: djm@openbsd.org <djm@openbsd.org> 4339Date: Tue Aug 4 05:23:06 2015 +0000 4340 4341 upstream commit 4342 4343 backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this 4344 release; problems spotted by sthen@ ok deraadt@ markus@ 4345 4346 Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822 4347 4348commit f097d0ea1e0889ca0fa2e53a00214e43ab7fa22a 4349Author: djm@openbsd.org <djm@openbsd.org> 4350Date: Sun Aug 2 09:56:42 2015 +0000 4351 4352 upstream commit 4353 4354 openssh 7.0; ok deraadt@ 4355 4356 Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f 4357 4358commit 3d5728a0f6874ce4efb16913a12963595070f3a9 4359Author: chris@openbsd.org <chris@openbsd.org> 4360Date: Fri Jul 31 15:38:09 2015 +0000 4361 4362 upstream commit 4363 4364 Allow PermitRootLogin to be overridden by config 4365 4366 ok markus@ deeradt@ 4367 4368 Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4 4369 4370commit 6f941396b6835ad18018845f515b0c4fe20be21a 4371Author: djm@openbsd.org <djm@openbsd.org> 4372Date: Thu Jul 30 23:09:15 2015 +0000 4373 4374 upstream commit 4375 4376 fix pty permissions; patch from Nikolay Edigaryev; ok 4377 deraadt 4378 4379 Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550 4380 4381commit f4373ed1e8fbc7c8ce3fc4ea97d0ba2e0c1d7ef0 4382Author: deraadt@openbsd.org <deraadt@openbsd.org> 4383Date: Thu Jul 30 19:23:02 2015 +0000 4384 4385 upstream commit 4386 4387 change default: PermitRootLogin without-password matching 4388 install script changes coming as well ok djm markus 4389 4390 Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6 4391 4392commit 0c30ba91f87fcda7e975e6ff8a057f624e87ea1c 4393Author: Damien Miller <djm@mindrot.org> 4394Date: Thu Jul 30 12:31:39 2015 +1000 4395 4396 downgrade OOM adjustment logging: verbose -> debug 4397 4398commit f9eca249d4961f28ae4b09186d7dc91de74b5895 4399Author: djm@openbsd.org <djm@openbsd.org> 4400Date: Thu Jul 30 00:01:34 2015 +0000 4401 4402 upstream commit 4403 4404 Allow ssh_config and sshd_config kex parameters options be 4405 prefixed by a '+' to indicate that the specified items be appended to the 4406 default rather than replacing it. 4407 4408 approach suggested by dtucker@, feedback dlg@, ok markus@ 4409 4410 Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a 4411 4412commit 5cefe769105a2a2e3ca7479d28d9a325d5ef0163 4413Author: djm@openbsd.org <djm@openbsd.org> 4414Date: Wed Jul 29 08:34:54 2015 +0000 4415 4416 upstream commit 4417 4418 fix bug in previous; was printing incorrect string for 4419 failed host key algorithms negotiation 4420 4421 Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e 4422 4423commit f319912b0d0e1675b8bb051ed8213792c788bcb2 4424Author: djm@openbsd.org <djm@openbsd.org> 4425Date: Wed Jul 29 04:43:06 2015 +0000 4426 4427 upstream commit 4428 4429 include the peer's offer when logging a failure to 4430 negotiate a mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@ 4431 4432 Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796 4433 4434commit b6ea0e573042eb85d84defb19227c89eb74cf05a 4435Author: djm@openbsd.org <djm@openbsd.org> 4436Date: Tue Jul 28 23:20:42 2015 +0000 4437 4438 upstream commit 4439 4440 add Cisco to the list of clients that choke on the 4441 hostkeys update extension. Pointed out by Howard Kash 4442 4443 Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84 4444 4445commit 3f628c7b537291c1019ce86af90756fb4e66d0fd 4446Author: guenther@openbsd.org <guenther@openbsd.org> 4447Date: Mon Jul 27 16:29:23 2015 +0000 4448 4449 upstream commit 4450 4451 Permit kbind(2) use in the sandbox now, to ease testing 4452 of ld.so work using it 4453 4454 reminded by miod@, ok deraadt@ 4455 4456 Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413 4457 4458commit ebe27ebe520098bbc0fe58945a87ce8490121edb 4459Author: millert@openbsd.org <millert@openbsd.org> 4460Date: Mon Jul 20 18:44:12 2015 +0000 4461 4462 upstream commit 4463 4464 Move .Pp before .Bl, not after to quiet mandoc -Tlint. 4465 Noticed by jmc@ 4466 4467 Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23 4468 4469commit d5d91d0da819611167782c66ab629159169d94d4 4470Author: millert@openbsd.org <millert@openbsd.org> 4471Date: Mon Jul 20 18:42:35 2015 +0000 4472 4473 upstream commit 4474 4475 Sync usage with SYNOPSIS 4476 4477 Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7 4478 4479commit 79ec2142fbc68dd2ed9688608da355fc0b1ed743 4480Author: millert@openbsd.org <millert@openbsd.org> 4481Date: Mon Jul 20 15:39:52 2015 +0000 4482 4483 upstream commit 4484 4485 Better desciption of Unix domain socket forwarding. 4486 bz#2423; ok jmc@ 4487 4488 Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d 4489 4490commit d56fd1828074a4031b18b8faa0bf949669eb18a0 4491Author: Damien Miller <djm@mindrot.org> 4492Date: Mon Jul 20 11:19:51 2015 +1000 4493 4494 make realpath.c compile -Wsign-compare clean 4495 4496commit c63c9a691dca26bb7648827f5a13668832948929 4497Author: djm@openbsd.org <djm@openbsd.org> 4498Date: Mon Jul 20 00:30:01 2015 +0000 4499 4500 upstream commit 4501 4502 mention that the default of UseDNS=no implies that 4503 hostnames cannot be used for host matching in sshd_config and 4504 authorized_keys; bz#2045, ok dtucker@ 4505 4506 Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1 4507 4508commit 63ebcd0005e9894fcd6871b7b80aeea1fec0ff76 4509Author: djm@openbsd.org <djm@openbsd.org> 4510Date: Sat Jul 18 08:02:17 2015 +0000 4511 4512 upstream commit 4513 4514 don't ignore PKCS#11 hosted keys that return empty 4515 CKA_ID; patch by Jakub Jelen via bz#2429; ok markus 4516 4517 Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485 4518 4519commit b15fd989c8c62074397160147a8d5bc34b3f3c63 4520Author: djm@openbsd.org <djm@openbsd.org> 4521Date: Sat Jul 18 08:00:21 2015 +0000 4522 4523 upstream commit 4524 4525 skip uninitialised PKCS#11 slots; patch from Jakub Jelen 4526 in bz#2427 ok markus@ 4527 4528 Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29 4529 4530commit 5b64f85bb811246c59ebab70aed331f26ba37b18 4531Author: djm@openbsd.org <djm@openbsd.org> 4532Date: Sat Jul 18 07:57:14 2015 +0000 4533 4534 upstream commit 4535 4536 only query each keyboard-interactive device once per 4537 authentication request regardless of how many times it is listed; ok markus@ 4538 4539 Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1 4540 4541commit cd7324d0667794eb5c236d8a4e0f236251babc2d 4542Author: djm@openbsd.org <djm@openbsd.org> 4543Date: Fri Jul 17 03:34:27 2015 +0000 4544 4545 upstream commit 4546 4547 remove -u flag to diff (only used for error output) to make 4548 things easier for -portable 4549 4550 Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548 4551 4552commit deb8d99ecba70b67f4af7880b11ca8768df9ec3a 4553Author: djm@openbsd.org <djm@openbsd.org> 4554Date: Fri Jul 17 03:09:19 2015 +0000 4555 4556 upstream commit 4557 4558 direct-streamlocal@openssh.com Unix domain foward 4559 messages do not contain a "reserved for future use" field and in fact, 4560 serverloop.c checks that there isn't one. Remove erroneous mention from 4561 PROTOCOL description. bz#2421 from Daniel Black 4562 4563 Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac 4564 4565commit 356b61f365405b5257f5b2ab446e5d7bd33a7b52 4566Author: djm@openbsd.org <djm@openbsd.org> 4567Date: Fri Jul 17 03:04:27 2015 +0000 4568 4569 upstream commit 4570 4571 describe magic for setting up Unix domain socket fowards 4572 via the mux channel; bz#2422 patch from Daniel Black 4573 4574 Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861 4575 4576commit d3e2aee41487d55b8d7d40f538b84ff1db7989bc 4577Author: Darren Tucker <dtucker@zip.com.au> 4578Date: Fri Jul 17 12:52:34 2015 +1000 4579 4580 Check if realpath works on nonexistent files. 4581 4582 On some platforms the native realpath doesn't work with non-existent 4583 files (this is actually specified in some versions of POSIX), however 4584 the sftp spec says its realpath with "canonicalize any given path name". 4585 On those platforms, use realpath from the compat library. 4586 4587 In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines 4588 the realpath symbol to the checked version, so redefine ours to 4589 something else so we pick up the compat version we want. 4590 4591 bz#2428, ok djm@ 4592 4593commit 25b14610dab655646a109db5ef8cb4c4bf2a48a0 4594Author: djm@openbsd.org <djm@openbsd.org> 4595Date: Fri Jul 17 02:47:45 2015 +0000 4596 4597 upstream commit 4598 4599 fix incorrect test for SSH1 keys when compiled without SSH1 4600 support 4601 4602 Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451 4603 4604commit df56a8035d429b2184ee94aaa7e580c1ff67f73a 4605Author: djm@openbsd.org <djm@openbsd.org> 4606Date: Wed Jul 15 08:00:11 2015 +0000 4607 4608 upstream commit 4609 4610 fix NULL-deref when SSH1 reenabled 4611 4612 Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295 4613 4614commit 41e38c4d49dd60908484e6703316651333f16b93 4615Author: djm@openbsd.org <djm@openbsd.org> 4616Date: Wed Jul 15 07:19:50 2015 +0000 4617 4618 upstream commit 4619 4620 regen RSA1 test keys; the last batch was missing their 4621 private parts 4622 4623 Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a 4624 4625commit 5bf0933184cb622ca3f96d224bf3299fd2285acc 4626Author: markus@openbsd.org <markus@openbsd.org> 4627Date: Fri Jul 10 06:23:25 2015 +0000 4628 4629 upstream commit 4630 4631 Adapt tests, now that DSA if off by default; use 4632 PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA. 4633 4634 Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c 4635 4636commit 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc 4637Author: markus@openbsd.org <markus@openbsd.org> 4638Date: Tue Jul 7 14:54:16 2015 +0000 4639 4640 upstream commit 4641 4642 regen test data after mktestdata.sh changes 4643 4644 Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4 4645 4646commit 7c8c174c69f681d4910fa41c37646763692b28e2 4647Author: markus@openbsd.org <markus@openbsd.org> 4648Date: Tue Jul 7 14:53:30 2015 +0000 4649 4650 upstream commit 4651 4652 adapt tests to new minimum RSA size and default FP format 4653 4654 Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e 4655 4656commit 6a977a4b68747ade189e43d302f33403fd4a47ac 4657Author: djm@openbsd.org <djm@openbsd.org> 4658Date: Fri Jul 3 04:39:23 2015 +0000 4659 4660 upstream commit 4661 4662 legacy v00 certificates are gone; adapt and don't try to 4663 test them; "sure" markus@ dtucker@ 4664 4665 Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12 4666 4667commit 0c4123ad5e93fb90fee9c6635b13a6cdabaac385 4668Author: djm@openbsd.org <djm@openbsd.org> 4669Date: Wed Jul 1 23:11:18 2015 +0000 4670 4671 upstream commit 4672 4673 don't expect SSH v.1 in unittests 4674 4675 Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397 4676 4677commit 3c099845798a817cdde513c39074ec2063781f18 4678Author: djm@openbsd.org <djm@openbsd.org> 4679Date: Mon Jun 15 06:38:50 2015 +0000 4680 4681 upstream commit 4682 4683 turn SSH1 back on to match src/usr.bin/ssh being tested 4684 4685 Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333 4686 4687commit b1dc2b33689668c75e95f873a42d5aea1f4af1db 4688Author: dtucker@openbsd.org <dtucker@openbsd.org> 4689Date: Mon Jul 13 04:57:14 2015 +0000 4690 4691 upstream commit 4692 4693 Add "PuTTY_Local:" to the clients to which we do not 4694 offer DH-GEX. This was the string that was used for development versions 4695 prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately 4696 there are some extant products based on those versions. bx2424 from Jay 4697 Rouman, ok markus@ djm@ 4698 4699 Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5 4700 4701commit 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9 4702Author: markus@openbsd.org <markus@openbsd.org> 4703Date: Fri Jul 10 06:21:53 2015 +0000 4704 4705 upstream commit 4706 4707 Turn off DSA by default; add HostKeyAlgorithms to the 4708 server and PubkeyAcceptedKeyTypes to the client side, so it still can be 4709 tested or turned back on; feedback and ok djm@ 4710 4711 Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21 4712 4713commit 16db0a7ee9a87945cc594d13863cfcb86038db59 4714Author: markus@openbsd.org <markus@openbsd.org> 4715Date: Thu Jul 9 09:49:46 2015 +0000 4716 4717 upstream commit 4718 4719 re-enable ed25519-certs if compiled w/o openssl; ok djm 4720 4721 Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49 4722 4723commit c355bf306ac33de6545ce9dac22b84a194601e2f 4724Author: markus@openbsd.org <markus@openbsd.org> 4725Date: Wed Jul 8 20:24:02 2015 +0000 4726 4727 upstream commit 4728 4729 no need to include the old buffer/key API 4730 4731 Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b 4732 4733commit a3cc48cdf9853f1e832d78cb29bedfab7adce1ee 4734Author: markus@openbsd.org <markus@openbsd.org> 4735Date: Wed Jul 8 19:09:25 2015 +0000 4736 4737 upstream commit 4738 4739 typedefs for Cipher&CipherContext are unused 4740 4741 Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7 4742 4743commit a635bd06b5c427a57c3ae760d3a2730bb2c863c0 4744Author: markus@openbsd.org <markus@openbsd.org> 4745Date: Wed Jul 8 19:04:21 2015 +0000 4746 4747 upstream commit 4748 4749 xmalloc.h is unused 4750 4751 Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58 4752 4753commit 2521cf0e36c7f3f6b19f206da0af134f535e4a31 4754Author: markus@openbsd.org <markus@openbsd.org> 4755Date: Wed Jul 8 19:01:15 2015 +0000 4756 4757 upstream commit 4758 4759 compress.c is gone 4760 4761 Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced 4762 4763commit c65a7aa6c43aa7a308ee1ab8a96f216169ae9615 4764Author: djm@openbsd.org <djm@openbsd.org> 4765Date: Fri Jul 3 04:05:54 2015 +0000 4766 4767 upstream commit 4768 4769 another SSH_RSA_MINIMUM_MODULUS_SIZE that needed 4770 cranking 4771 4772 Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1 4773 4774commit b1f383da5cd3cb921fc7776f17a14f44b8a31757 4775Author: djm@openbsd.org <djm@openbsd.org> 4776Date: Fri Jul 3 03:56:25 2015 +0000 4777 4778 upstream commit 4779 4780 add an XXX reminder for getting correct key paths from 4781 sshd_config 4782 4783 Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db 4784 4785commit 933935ce8d093996c34d7efa4d59113163080680 4786Author: djm@openbsd.org <djm@openbsd.org> 4787Date: Fri Jul 3 03:49:45 2015 +0000 4788 4789 upstream commit 4790 4791 refuse to generate or accept RSA keys smaller than 1024 4792 bits; feedback and ok dtucker@ 4793 4794 Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba 4795 4796commit bdfd29f60b74f3e678297269dc6247a5699583c1 4797Author: djm@openbsd.org <djm@openbsd.org> 4798Date: Fri Jul 3 03:47:00 2015 +0000 4799 4800 upstream commit 4801 4802 turn off 1024 bit diffie-hellman-group1-sha1 key 4803 exchange method (already off in server, this turns it off in the client by 4804 default too) ok dtucker@ 4805 4806 Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa 4807 4808commit c28fc62d789d860c75e23a9fa9fb250eb2beca57 4809Author: djm@openbsd.org <djm@openbsd.org> 4810Date: Fri Jul 3 03:43:18 2015 +0000 4811 4812 upstream commit 4813 4814 delete support for legacy v00 certificates; "sure" 4815 markus@ dtucker@ 4816 4817 Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f 4818 4819commit 564d63e1b4a9637a209d42a9d49646781fc9caef 4820Author: djm@openbsd.org <djm@openbsd.org> 4821Date: Wed Jul 1 23:10:47 2015 +0000 4822 4823 upstream commit 4824 4825 Compile-time disable SSH v.1 again 4826 4827 Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af 4828 4829commit 868109b650504dd9bcccdb1f51d0906f967c20ff 4830Author: djm@openbsd.org <djm@openbsd.org> 4831Date: Wed Jul 1 02:39:06 2015 +0000 4832 4833 upstream commit 4834 4835 twiddle PermitRootLogin back 4836 4837 Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2 4838 4839commit 7de4b03a6e4071d454b72927ffaf52949fa34545 4840Author: djm@openbsd.org <djm@openbsd.org> 4841Date: Wed Jul 1 02:32:17 2015 +0000 4842 4843 upstream commit 4844 4845 twiddle; (this commit marks the openssh-6.9 release) 4846 4847 Upstream-ID: 78500582819f61dd8adee36ec5cc9b9ac9351234 4848 4849commit 1bf477d3cdf1a864646d59820878783d42357a1d 4850Author: djm@openbsd.org <djm@openbsd.org> 4851Date: Wed Jul 1 02:26:31 2015 +0000 4852 4853 upstream commit 4854 4855 better refuse ForwardX11Trusted=no connections attempted 4856 after ForwardX11Timeout expires; reported by Jann Horn 4857 4858 Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21 4859 4860commit 47aa7a0f8551b471fcae0447c1d78464f6dba869 4861Author: djm@openbsd.org <djm@openbsd.org> 4862Date: Wed Jul 1 01:56:13 2015 +0000 4863 4864 upstream commit 4865 4866 put back default PermitRootLogin=no 4867 4868 Upstream-ID: 7bdedd5cead99c57ed5571f3b6b7840922d5f728 4869 4870commit 984b064fe2a23733733262f88d2e1b2a1a501662 4871Author: djm@openbsd.org <djm@openbsd.org> 4872Date: Wed Jul 1 01:55:13 2015 +0000 4873 4874 upstream commit 4875 4876 openssh-6.9 4877 4878 Upstream-ID: 6cfe8e1904812531080e6ab6e752d7001b5b2d45 4879 4880commit d921082ed670f516652eeba50705e1e9f6325346 4881Author: djm@openbsd.org <djm@openbsd.org> 4882Date: Wed Jul 1 01:55:00 2015 +0000 4883 4884 upstream commit 4885 4886 reset default PermitRootLogin to 'yes' (momentarily, for 4887 release) 4888 4889 Upstream-ID: cad8513527066e65dd7a1c16363d6903e8cefa24 4890 4891commit 66295e0e1ba860e527f191b6325d2d77dec4dbce 4892Author: Damien Miller <djm@mindrot.org> 4893Date: Wed Jul 1 11:49:12 2015 +1000 4894 4895 crank version numbers for release 4896 4897commit 37035c07d4f26bb1fbe000d2acf78efdb008681d 4898Author: Damien Miller <djm@mindrot.org> 4899Date: Wed Jul 1 10:49:37 2015 +1000 4900 4901 s/--with-ssh1/--without-ssh1/ 4902 4903commit 629df770dbadc2accfbe1c81b3f31f876d0acd84 4904Author: djm@openbsd.org <djm@openbsd.org> 4905Date: Tue Jun 30 05:25:07 2015 +0000 4906 4907 upstream commit 4908 4909 fatal() when a remote window update causes the window 4910 value to overflow. Reported by Georg Wicherski, ok markus@ 4911 4912 Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351 4913 4914commit f715afebe735d61df3fd30ad72d9ac1c8bd3b5f2 4915Author: djm@openbsd.org <djm@openbsd.org> 4916Date: Tue Jun 30 05:23:25 2015 +0000 4917 4918 upstream commit 4919 4920 Fix math error in remote window calculations that causes 4921 eventual stalls for datagram channels. Reported by Georg Wicherski, ok 4922 markus@ 4923 4924 Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab 4925 4926commit 52fb6b9b034fcfd24bf88cc7be313e9c31de9889 4927Author: Damien Miller <djm@mindrot.org> 4928Date: Tue Jun 30 16:05:40 2015 +1000 4929 4930 skip IPv6-related portions on hosts without IPv6 4931 4932 with Tim Rice 4933 4934commit 512caddf590857af6aa12218461b5c0441028cf5 4935Author: djm@openbsd.org <djm@openbsd.org> 4936Date: Mon Jun 29 22:35:12 2015 +0000 4937 4938 upstream commit 4939 4940 add getpid to sandbox, reachable by grace_alarm_handler 4941 4942 reported by Jakub Jelen; bz#2419 4943 4944 Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8 4945 4946commit 78c2a4f883ea9aba866358e2acd9793a7f42ca93 4947Author: djm@openbsd.org <djm@openbsd.org> 4948Date: Fri Jun 26 05:13:20 2015 +0000 4949 4950 upstream commit 4951 4952 Fix \-escaping bug that caused forward path parsing to skip 4953 two characters and skip past the end of the string. 4954 4955 Based on patch by Salvador Fandino; ok dtucker@ 4956 4957 Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd 4958 4959commit bc20205c91c9920361d12b15d253d4997dba494a 4960Author: Damien Miller <djm@mindrot.org> 4961Date: Thu Jun 25 09:51:39 2015 +1000 4962 4963 add missing pselect6 4964 4965 patch from Jakub Jelen 4966 4967commit 9d27fb73b4a4e5e99cb880af790d5b1ce44f720a 4968Author: djm@openbsd.org <djm@openbsd.org> 4969Date: Wed Jun 24 23:47:23 2015 +0000 4970 4971 upstream commit 4972 4973 correct test to sshkey_sign(); spotted by Albert S. 4974 4975 Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933 4976 4977commit 7ed01a96a1911d8b4a9ef4f3d064e1923bfad7e3 4978Author: dtucker@openbsd.org <dtucker@openbsd.org> 4979Date: Wed Jun 24 01:49:19 2015 +0000 4980 4981 upstream commit 4982 4983 Revert previous commit. We still want to call setgroups 4984 in the case where there are zero groups to remove any that we might otherwise 4985 inherit (as pointed out by grawity at gmail.com) and since the 2nd argument 4986 to setgroups is always a static global it's always valid to dereference in 4987 this case. ok deraadt@ djm@ 4988 4989 Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01 4990 4991commit 882f8bf94f79528caa65b0ba71c185d705bb7195 4992Author: dtucker@openbsd.org <dtucker@openbsd.org> 4993Date: Wed Jun 24 01:49:19 2015 +0000 4994 4995 upstream commit 4996 4997 Revert previous commit. We still want to call setgroups in 4998 the case where there are zero groups to remove any that we might otherwise 4999 inherit (as pointed out by grawity at gmail.com) and since the 2nd argument 5000 to setgroups is always a static global it's always valid to dereference in 5001 this case. ok deraadt@ djm@ 5002 5003 Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01 5004 5005commit 9488538a726951e82b3a4374f3c558d72c80a89b 5006Author: djm@openbsd.org <djm@openbsd.org> 5007Date: Mon Jun 22 23:42:16 2015 +0000 5008 5009 upstream commit 5010 5011 Don't count successful partial authentication as failures 5012 in monitor; this may have caused the monitor to refuse multiple 5013 authentications that would otherwise have successfully completed; ok markus@ 5014 5015 Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3 5016 5017commit 63b78d003bd8ca111a736e6cea6333da50f5f09b 5018Author: dtucker@openbsd.org <dtucker@openbsd.org> 5019Date: Mon Jun 22 12:29:57 2015 +0000 5020 5021 upstream commit 5022 5023 Don't call setgroups if we have zero groups; there's no 5024 guarantee that it won't try to deref the pointer. Based on a patch from mail 5025 at quitesimple.org, ok djm deraadt 5026 5027 Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1 5028 5029commit 5c15e22c691c79a47747bcf5490126656f97cecd 5030Author: Damien Miller <djm@mindrot.org> 5031Date: Thu Jun 18 15:07:56 2015 +1000 5032 5033 fix syntax error 5034 5035commit 596dbca82f3f567fb3d2d69af4b4e1d3ba1e6403 5036Author: jsing@openbsd.org <jsing@openbsd.org> 5037Date: Mon Jun 15 18:44:22 2015 +0000 5038 5039 upstream commit 5040 5041 If AuthorizedPrincipalsCommand is specified, however 5042 AuthorizedPrincipalsFile is not (or is set to "none"), authentication will 5043 potentially fail due to key_cert_check_authority() failing to locate a 5044 principal that matches the username, even though an authorized principal has 5045 already been matched in the output of the subprocess. Fix this by using the 5046 same logic to determine if pw->pw_name should be passed, as is used to 5047 determine if a authorized principal must be matched earlier on. 5048 5049 ok djm@ 5050 5051 Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d 5052 5053commit aff3e94c0d75d0d0fa84ea392b50ab04f8c57905 5054Author: jsing@openbsd.org <jsing@openbsd.org> 5055Date: Mon Jun 15 18:42:19 2015 +0000 5056 5057 upstream commit 5058 5059 Make the arguments to match_principals_command() similar 5060 to match_principals_file(), by changing the last argument a struct 5061 sshkey_cert * and dereferencing key->cert in the caller. 5062 5063 No functional change. 5064 5065 ok djm@ 5066 5067 Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c 5068 5069commit 97e2e1596c202a4693468378b16b2353fd2d6c5e 5070Author: Damien Miller <djm@mindrot.org> 5071Date: Wed Jun 17 14:36:54 2015 +1000 5072 5073 trivial optimisation for seccomp-bpf 5074 5075 When doing arg inspection and the syscall doesn't match, skip 5076 past the instruction that reloads the syscall into the accumulator, 5077 since the accumulator hasn't been modified at this point. 5078 5079commit 99f33d7304893bd9fa04d227cb6e870171cded19 5080Author: Damien Miller <djm@mindrot.org> 5081Date: Wed Jun 17 10:50:51 2015 +1000 5082 5083 aarch64 support for seccomp-bpf sandbox 5084 5085 Also resort and tidy syscall list. Based on patches by Jakub Jelen 5086 bz#2361; ok dtucker@ 5087 5088commit 4ef702e1244633c1025ec7cfe044b9ab267097bf 5089Author: djm@openbsd.org <djm@openbsd.org> 5090Date: Mon Jun 15 01:32:50 2015 +0000 5091 5092 upstream commit 5093 5094 return failure on RSA signature error; reported by Albert S 5095 5096 Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa 5097 5098commit a170f22baf18af0b1acf2788b8b715605f41a1f9 5099Author: Tim Rice <tim@multitalents.net> 5100Date: Tue Jun 9 22:41:13 2015 -0700 5101 5102 Fix t12 rules for out of tree builds. 5103 5104commit ec04dc4a5515c913121bc04ed261857e68fa5c18 5105Author: millert@openbsd.org <millert@openbsd.org> 5106Date: Fri Jun 5 15:13:13 2015 +0000 5107 5108 upstream commit 5109 5110 For "ssh -L 12345:/tmp/sock" don't fail with "No forward host 5111 name." (we have a path, not a host name). Based on a diff from Jared 5112 Yanovich. OK djm@ 5113 5114 Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f 5115 5116commit 732d61f417a6aea0aa5308b59cb0f563bcd6edd6 5117Author: djm@openbsd.org <djm@openbsd.org> 5118Date: Fri Jun 5 03:44:14 2015 +0000 5119 5120 upstream commit 5121 5122 typo: accidental repetition; bz#2386 5123 5124 Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b 5125 5126commit adfb24c69d1b6f5e758db200866c711e25a2ba73 5127Author: Darren Tucker <dtucker@zip.com.au> 5128Date: Fri Jun 5 14:51:40 2015 +1000 5129 5130 Add Linux powerpc64le and powerpcle entries. 5131 5132 Stopgap to resolve bz#2409 because we are so close to release and will 5133 update config.guess and friends shortly after the release. ok djm@ 5134 5135commit a1195a0fdc9eddddb04d3e9e44c4775431cb77da 5136Merge: 6397eed d2480bc 5137Author: Tim Rice <tim@multitalents.net> 5138Date: Wed Jun 3 21:43:13 2015 -0700 5139 5140 Merge branch 'master' of git.mindrot.org:/var/git/openssh 5141 5142commit 6397eedf953b2b973d2d7cbb504ab501a07f8ddc 5143Author: Tim Rice <tim@multitalents.net> 5144Date: Wed Jun 3 21:41:11 2015 -0700 5145 5146 Remove unneeded backslashes. Patch from Ángel González 5147 5148commit d2480bcac1caf31b03068de877a47d6e1027bf6d 5149Author: Darren Tucker <dtucker@zip.com.au> 5150Date: Thu Jun 4 14:10:55 2015 +1000 5151 5152 Remove redundant include of stdarg.h. bz#2410 5153 5154commit 5e67859a623826ccdf2df284cbb37e2d8e2787eb 5155Author: djm@openbsd.org <djm@openbsd.org> 5156Date: Tue Jun 2 09:10:40 2015 +0000 5157 5158 upstream commit 5159 5160 mention CheckHostIP adding addresses to known_hosts; 5161 bz#1993; ok dtucker@ 5162 5163 Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7 5164 5165commit d7a58bbac6583e33fd5eca8e2c2cc70c57617818 5166Author: Darren Tucker <dtucker@zip.com.au> 5167Date: Tue Jun 2 20:15:26 2015 +1000 5168 5169 Replace strcpy with strlcpy. 5170 5171 ok djm, sanity check by Corinna Vinschen. 5172 5173commit 51a1c2115265c6e80ede8a5c9dccada9aeed7143 5174Author: Damien Miller <djm@mindrot.org> 5175Date: Fri May 29 18:27:21 2015 +1000 5176 5177 skip, rather than fatal when run without SUDO set 5178 5179commit 599f01142a376645b15cbc9349d7e8975e1cf245 5180Author: Damien Miller <djm@mindrot.org> 5181Date: Fri May 29 18:03:15 2015 +1000 5182 5183 fix merge botch that left ",," in KEX algs 5184 5185commit 0c2a81dfc21822f2423edd30751e5ec53467b347 5186Author: Damien Miller <djm@mindrot.org> 5187Date: Fri May 29 17:08:28 2015 +1000 5188 5189 re-enable SSH protocol 1 at compile time 5190 5191commit db438f9285d64282d3ac9e8c0944f59f037c0151 5192Author: djm@openbsd.org <djm@openbsd.org> 5193Date: Fri May 29 03:05:13 2015 +0000 5194 5195 upstream commit 5196 5197 make this work without SUDO set; ok dtucker@ 5198 5199 Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715 5200 5201commit 1d9a2e2849c9864fe75daabf433436341c968e14 5202Author: djm@openbsd.org <djm@openbsd.org> 5203Date: Thu May 28 07:37:31 2015 +0000 5204 5205 upstream commit 5206 5207 wrap all moduli-related code in #ifdef WITH_OPENSSL. 5208 based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@ 5209 5210 Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf 5211 5212commit 496aeb25bc2d6c434171292e4714771b594bd00e 5213Author: dtucker@openbsd.org <dtucker@openbsd.org> 5214Date: Thu May 28 05:41:29 2015 +0000 5215 5216 upstream commit 5217 5218 Increase the allowed length of the known host file name 5219 in the log message to be consistent with other cases. Part of bz#1993, ok 5220 deraadt. 5221 5222 Upstream-ID: a9e97567be49f25daf286721450968251ff78397 5223 5224commit dd2cfeb586c646ff8d70eb93567b2e559ace5b14 5225Author: dtucker@openbsd.org <dtucker@openbsd.org> 5226Date: Thu May 28 05:09:45 2015 +0000 5227 5228 upstream commit 5229 5230 Fix typo (keywork->keyword) 5231 5232 Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534 5233 5234commit 9cc6842493fbf23025ccc1edab064869640d3bec 5235Author: djm@openbsd.org <djm@openbsd.org> 5236Date: Thu May 28 04:50:53 2015 +0000 5237 5238 upstream commit 5239 5240 add error message on ftruncate failure; bz#2176 5241 5242 Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf 5243 5244commit d1958793a0072c22be26d136dbda5ae263e717a0 5245Author: djm@openbsd.org <djm@openbsd.org> 5246Date: Thu May 28 04:40:13 2015 +0000 5247 5248 upstream commit 5249 5250 make ssh-keygen default to ed25519 keys when compiled 5251 without OpenSSL; bz#2388, ok dtucker@ 5252 5253 Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71 5254 5255commit 3ecde664c9fc5fb3667aedf9e6671462600f6496 5256Author: dtucker@openbsd.org <dtucker@openbsd.org> 5257Date: Wed May 27 23:51:10 2015 +0000 5258 5259 upstream commit 5260 5261 Reorder client proposal to prefer 5262 diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1. ok djm@ 5263 5264 Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058 5265 5266commit 40f64292b907afd0a674fdbf3e4c2356d17a7d68 5267Author: dtucker@openbsd.org <dtucker@openbsd.org> 5268Date: Wed May 27 23:39:18 2015 +0000 5269 5270 upstream commit 5271 5272 Add a stronger (4k bit) fallback group that sshd can use 5273 when the moduli file is missing or broken, sourced from RFC3526. bz#2302, ok 5274 markus@ (earlier version), djm@ 5275 5276 Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4 5277 5278commit 5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a 5279Author: Darren Tucker <dtucker@zip.com.au> 5280Date: Thu May 28 10:03:40 2015 +1000 5281 5282 New moduli file from OpenBSD, removing 1k groups. 5283 5284 Remove 1k bit groups. ok deraadt@, markus@ 5285 5286commit a71ba58adf34e599f30cdda6e9b93ae6e3937eea 5287Author: djm@openbsd.org <djm@openbsd.org> 5288Date: Wed May 27 05:15:02 2015 +0000 5289 5290 upstream commit 5291 5292 support PKCS#11 devices with external PIN entry devices 5293 bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@ 5294 5295 Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d 5296 5297commit b282fec1aa05246ed3482270eb70fc3ec5f39a00 5298Author: dtucker@openbsd.org <dtucker@openbsd.org> 5299Date: Tue May 26 23:23:40 2015 +0000 5300 5301 upstream commit 5302 5303 Cap DH-GEX group size at 4kbits for Cisco implementations. 5304 Some of them will choke when asked for preferred sizes >4k instead of 5305 returning the 4k group that they do have. bz#2209, ok djm@ 5306 5307 Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d 5308 5309commit 3e91b4e8b0dc2b4b7e7d42cf6e8994a32e4cb55e 5310Author: djm@openbsd.org <djm@openbsd.org> 5311Date: Sun May 24 23:39:16 2015 +0000 5312 5313 upstream commit 5314 5315 add missing 'c' option to getopt(), case statement was 5316 already there; from Felix Bolte 5317 5318 Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081 5319 5320commit 64a89ec07660abba4d0da7c0095b7371c98bab62 5321Author: jsg@openbsd.org <jsg@openbsd.org> 5322Date: Sat May 23 14:28:37 2015 +0000 5323 5324 upstream commit 5325 5326 fix a memory leak in an error path ok markus@ dtucker@ 5327 5328 Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598 5329 5330commit f948737449257d2cb83ffcfe7275eb79b677fd4a 5331Author: djm@openbsd.org <djm@openbsd.org> 5332Date: Fri May 22 05:28:45 2015 +0000 5333 5334 upstream commit 5335 5336 mention ssh-keygen -E for comparing legacy MD5 5337 fingerprints; bz#2332 5338 5339 Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859 5340 5341commit 0882332616e4f0272c31cc47bf2018f9cb258a4e 5342Author: djm@openbsd.org <djm@openbsd.org> 5343Date: Fri May 22 04:45:52 2015 +0000 5344 5345 upstream commit 5346 5347 Reorder EscapeChar option parsing to avoid a single-byte 5348 out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@ 5349 5350 Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060 5351 5352commit d7c31da4d42c115843edee2074d7d501f8804420 5353Author: djm@openbsd.org <djm@openbsd.org> 5354Date: Fri May 22 03:50:02 2015 +0000 5355 5356 upstream commit 5357 5358 add knob to relax GSSAPI host credential check for 5359 multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker 5360 (kerberos/GSSAPI is not compiled by default on OpenBSD) 5361 5362 Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d 5363 5364commit aa72196a00be6e0b666215edcffbc10af234cb0e 5365Author: Darren Tucker <dtucker@zip.com.au> 5366Date: Fri May 22 17:49:46 2015 +1000 5367 5368 Include signal.h for sig_atomic_t, used by kex.h. 5369 5370 bz#2402, from tomas.kuthan at oracle com. 5371 5372commit 8b02481143d75e91c49d1bfae0876ac1fbf9511a 5373Author: Darren Tucker <dtucker@zip.com.au> 5374Date: Fri May 22 12:47:24 2015 +1000 5375 5376 Import updated moduli file from OpenBSD. 5377 5378commit 4739e8d5e1c0be49624082bd9f6b077e9e758db9 5379Author: djm@openbsd.org <djm@openbsd.org> 5380Date: Thu May 21 12:01:19 2015 +0000 5381 5382 upstream commit 5383 5384 Support "ssh-keygen -lF hostname" to find search known_hosts 5385 and print key hashes. Already advertised by ssh-keygen(1), but not delivered 5386 by code; ok dtucker@ 5387 5388 Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387 5389 5390commit e97201feca10b5196da35819ae516d0b87cf3a50 5391Author: Damien Miller <djm@mindrot.org> 5392Date: Thu May 21 17:55:15 2015 +1000 5393 5394 conditionalise util.h inclusion 5395 5396commit 13640798c7dd011ece0a7d02841fe48e94cfa0e0 5397Author: djm@openbsd.org <djm@openbsd.org> 5398Date: Thu May 21 06:44:25 2015 +0000 5399 5400 upstream commit 5401 5402 regress test for AuthorizedPrincipalsCommand 5403 5404 Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219 5405 5406commit 84452c5d03c21f9bfb28c234e0dc1dc67dd817b1 5407Author: djm@openbsd.org <djm@openbsd.org> 5408Date: Thu May 21 06:40:02 2015 +0000 5409 5410 upstream commit 5411 5412 regress test for AuthorizedKeysCommand arguments 5413 5414 Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12 5415 5416commit bcc50d816187fa9a03907ac1f3a52f04a52e10d1 5417Author: djm@openbsd.org <djm@openbsd.org> 5418Date: Thu May 21 06:43:30 2015 +0000 5419 5420 upstream commit 5421 5422 add AuthorizedPrincipalsCommand that allows getting 5423 authorized_principals from a subprocess rather than a file, which is quite 5424 useful in deployments with large userbases 5425 5426 feedback and ok markus@ 5427 5428 Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6 5429 5430commit 24232a3e5ab467678a86aa67968bbb915caffed4 5431Author: djm@openbsd.org <djm@openbsd.org> 5432Date: Thu May 21 06:38:35 2015 +0000 5433 5434 upstream commit 5435 5436 support arguments to AuthorizedKeysCommand 5437 5438 bz#2081 loosely based on patch by Sami Hartikainen 5439 feedback and ok markus@ 5440 5441 Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7 5442 5443commit d80fbe41a57c72420c87a628444da16d09d66ca7 5444Author: djm@openbsd.org <djm@openbsd.org> 5445Date: Thu May 21 04:55:51 2015 +0000 5446 5447 upstream commit 5448 5449 refactor: split base64 encoding of pubkey into its own 5450 sshkey_to_base64() function and out of sshkey_write(); ok markus@ 5451 5452 Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a 5453 5454commit 7cc44ef74133a473734bbcbd3484f24d6a7328c5 5455Author: deraadt@openbsd.org <deraadt@openbsd.org> 5456Date: Mon May 18 15:06:05 2015 +0000 5457 5458 upstream commit 5459 5460 getentropy() and sendsyslog() have been around long 5461 enough. openssh-portable may want the #ifdef's but not base. discussed with 5462 djm few weeks back 5463 5464 Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926 5465 5466commit 9173d0fbe44de7ebcad8a15618e13a8b8d78902e 5467Author: dtucker@openbsd.org <dtucker@openbsd.org> 5468Date: Fri May 15 05:44:21 2015 +0000 5469 5470 upstream commit 5471 5472 Use a salted hash of the lock passphrase instead of plain 5473 text and do constant-time comparisons of it. Should prevent leaking any 5474 information about it via timing, pointed out by Ryan Castellucci. Add a 0.1s 5475 incrementing delay for each failed unlock attempt up to 10s. ok markus@ 5476 (earlier version), djm@ 5477 5478 Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f 5479 5480commit d028d5d3a697c71b21e4066d8672cacab3caa0a8 5481Author: Damien Miller <djm@mindrot.org> 5482Date: Tue May 5 19:10:58 2015 +1000 5483 5484 upstream commit 5485 5486 - tedu@cvs.openbsd.org 2015/01/12 03:20:04 5487 [bcrypt_pbkdf.c] 5488 rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks, 5489 nor are they the same size. 5490 5491commit f6391d4e59b058984163ab28f4e317e7a72478f1 5492Author: Damien Miller <djm@mindrot.org> 5493Date: Tue May 5 19:10:23 2015 +1000 5494 5495 upstream commit 5496 5497 - deraadt@cvs.openbsd.org 2015/01/08 00:30:07 5498 [bcrypt_pbkdf.c] 5499 declare a local version of MIN(), call it MINIMUM() 5500 5501commit 8ac6b13cc9113eb47cd9e86c97d7b26b4b71b77f 5502Author: Damien Miller <djm@mindrot.org> 5503Date: Tue May 5 19:09:46 2015 +1000 5504 5505 upstream commit 5506 5507 - djm@cvs.openbsd.org 2014/12/30 01:41:43 5508 [bcrypt_pbkdf.c] 5509 typo in comment: ouput => output 5510 5511commit 1f792489d5cf86a4f4e3003e6e9177654033f0f2 5512Author: djm@openbsd.org <djm@openbsd.org> 5513Date: Mon May 4 06:10:48 2015 +0000 5514 5515 upstream commit 5516 5517 Remove pattern length argument from match_pattern_list(), we 5518 only ever use it for strlen(pattern). 5519 5520 Prompted by hanno AT hboeck.de pointing an out-of-bound read 5521 error caused by an incorrect pattern length found using AFL 5522 and his own tools. 5523 5524 ok markus@ 5525 5526commit 639d6bc57b1942393ed12fb48f00bc05d4e093e4 5527Author: djm@openbsd.org <djm@openbsd.org> 5528Date: Fri May 1 07:10:01 2015 +0000 5529 5530 upstream commit 5531 5532 refactor ssh_dispatch_run_fatal() to use sshpkt_fatal() 5533 to better report error conditions. Teach sshpkt_fatal() about ECONNRESET. 5534 5535 Improves error messages on TCP connection resets. bz#2257 5536 5537 ok dtucker@ 5538 5539commit 9559d7de34c572d4d3fd990ca211f8ec99f62c4d 5540Author: djm@openbsd.org <djm@openbsd.org> 5541Date: Fri May 1 07:08:08 2015 +0000 5542 5543 upstream commit 5544 5545 a couple of parse targets were missing activep checks, 5546 causing them to be misapplied in match context; bz#2272 diagnosis and 5547 original patch from Sami Hartikainen ok dtucker@ 5548 5549commit 7e8528cad04b2775c3b7db08abf8fb42e47e6b2a 5550Author: djm@openbsd.org <djm@openbsd.org> 5551Date: Fri May 1 04:17:51 2015 +0000 5552 5553 upstream commit 5554 5555 make handling of AuthorizedPrincipalsFile=none more 5556 consistent with other =none options; bz#2288 from Jakub Jelen; ok dtucker@ 5557 5558commit ca430d4d9cc0f62eca3b1fb1e2928395b7ce80f7 5559Author: djm@openbsd.org <djm@openbsd.org> 5560Date: Fri May 1 04:03:20 2015 +0000 5561 5562 upstream commit 5563 5564 remove failed remote forwards established by muliplexing 5565 from the list of active forwards; bz#2363, patch mostly by Yoann Ricordel; ok 5566 dtucker@ 5567 5568commit 8312cfb8ad88657517b3e23ac8c56c8e38eb9792 5569Author: djm@openbsd.org <djm@openbsd.org> 5570Date: Fri May 1 04:01:58 2015 +0000 5571 5572 upstream commit 5573 5574 reduce stderr spam when using ssh -S /path/mux -O forward 5575 -R 0:... ok dtucker@ 5576 5577commit 179be0f5e62f1f492462571944e45a3da660d82b 5578Author: djm@openbsd.org <djm@openbsd.org> 5579Date: Fri May 1 03:23:51 2015 +0000 5580 5581 upstream commit 5582 5583 prevent authorized_keys options picked up on public key 5584 tests without a corresponding private key authentication being applied to 5585 other authentication methods. Reported by halex@, ok markus@ 5586 5587commit a42d67be65b719a430b7fcaba2a4e4118382723a 5588Author: djm@openbsd.org <djm@openbsd.org> 5589Date: Fri May 1 03:20:54 2015 +0000 5590 5591 upstream commit 5592 5593 Don't make parsing of authorized_keys' environment= 5594 option conditional on PermitUserEnv - always parse it, but only use the 5595 result if the option is enabled. This prevents the syntax of authorized_keys 5596 changing depending on which sshd_config options were enabled. 5597 5598 bz#2329; based on patch from coladict AT gmail.com, ok dtucker@ 5599 5600commit e661a86353e11592c7ed6a847e19a83609f49e77 5601Author: djm@openbsd.org <djm@openbsd.org> 5602Date: Mon May 4 06:10:48 2015 +0000 5603 5604 upstream commit 5605 5606 Remove pattern length argument from match_pattern_list(), we 5607 only ever use it for strlen(pattern). 5608 5609 Prompted by hanno AT hboeck.de pointing an out-of-bound read 5610 error caused by an incorrect pattern length found using AFL 5611 and his own tools. 5612 5613 ok markus@ 5614 5615commit 0ef1de742be2ee4b10381193fe90730925b7f027 5616Author: dtucker@openbsd.org <dtucker@openbsd.org> 5617Date: Thu Apr 23 05:01:19 2015 +0000 5618 5619 upstream commit 5620 5621 Add a simple regression test for sshd's configuration 5622 parser. Right now, all it does is run the output of sshd -T back through 5623 itself and ensure the output is valid and invariant. 5624 5625commit 368f83c793275faa2c52f60eaa9bdac155c4254b 5626Author: djm@openbsd.org <djm@openbsd.org> 5627Date: Wed Apr 22 01:38:36 2015 +0000 5628 5629 upstream commit 5630 5631 use correct key for nested certificate test 5632 5633commit 8d4d1bfddbbd7d21f545dc6997081d1ea1fbc99a 5634Author: djm@openbsd.org <djm@openbsd.org> 5635Date: Fri May 1 07:11:47 2015 +0000 5636 5637 upstream commit 5638 5639 mention that the user's shell from /etc/passwd is used 5640 for commands too; bz#1459 ok dtucker@ 5641 5642commit 5ab283d0016bbc9d4d71e8e5284d011bc5a930cf 5643Author: djm@openbsd.org <djm@openbsd.org> 5644Date: Fri May 8 07:29:00 2015 +0000 5645 5646 upstream commit 5647 5648 whitespace 5649 5650 Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519 5651 5652commit 8377d5008ad260048192e1e56ad7d15a56d103dd 5653Author: djm@openbsd.org <djm@openbsd.org> 5654Date: Fri May 8 07:26:13 2015 +0000 5655 5656 upstream commit 5657 5658 whitespace at EOL 5659 5660 Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554 5661 5662commit c28a3436fa8737709ea88e4437f8f23a6ab50359 5663Author: djm@openbsd.org <djm@openbsd.org> 5664Date: Fri May 8 06:45:13 2015 +0000 5665 5666 upstream commit 5667 5668 moar whitespace at eol 5669 5670 Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515 5671 5672commit 2b64c490468fd4ca35ac8d5cc31c0520dc1508bb 5673Author: djm@openbsd.org <djm@openbsd.org> 5674Date: Fri May 8 06:41:56 2015 +0000 5675 5676 upstream commit 5677 5678 whitespace at EOL 5679 5680 Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c 5681 5682commit 4e636cf201ce6e7e3b9088568218f9d4e2c51712 5683Author: djm@openbsd.org <djm@openbsd.org> 5684Date: Fri May 8 03:56:51 2015 +0000 5685 5686 upstream commit 5687 5688 whitespace at EOL 5689 5690commit 38b8272f823dc1dd4e29dbcee83943ed48bb12fa 5691Author: dtucker@openbsd.org <dtucker@openbsd.org> 5692Date: Mon May 4 01:47:53 2015 +0000 5693 5694 upstream commit 5695 5696 Use diff w/out -u for better portability 5697 5698commit 297060f42d5189a4065ea1b6f0afdf6371fb0507 5699Author: dtucker@openbsd.org <dtucker@openbsd.org> 5700Date: Fri May 8 03:25:07 2015 +0000 5701 5702 upstream commit 5703 5704 Use xcalloc for permitted_adm_opens instead of xmalloc to 5705 ensure it's zeroed. Fixes post-auth crash with permitopen=none. bz#2355, ok 5706 djm@ 5707 5708commit 63ebf019be863b2d90492a85e248cf55a6e87403 5709Author: djm@openbsd.org <djm@openbsd.org> 5710Date: Fri May 8 03:17:49 2015 +0000 5711 5712 upstream commit 5713 5714 don't choke on new-format private keys encrypted with an 5715 AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@ 5716 5717commit f8484dac678ab3098ae522a5f03bb2530f822987 5718Author: dtucker@openbsd.org <dtucker@openbsd.org> 5719Date: Wed May 6 05:45:17 2015 +0000 5720 5721 upstream commit 5722 5723 Clarify pseudo-terminal request behaviour and use 5724 "pseudo-terminal" consistently. bz#1716, ok jmc@ "I like it" deraadt@. 5725 5726commit ea139507bef8bad26e86ed99a42c7233ad115c38 5727Author: dtucker@openbsd.org <dtucker@openbsd.org> 5728Date: Wed May 6 04:07:18 2015 +0000 5729 5730 upstream commit 5731 5732 Blacklist DH-GEX for specific PuTTY versions known to 5733 send non-RFC4419 DH-GEX messages rather than all versions of PuTTY. 5734 According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX 5735 messages. ok djm@ 5736 5737commit b58234f00ee3872eb84f6e9e572a9a34e902e36e 5738Author: dtucker@openbsd.org <dtucker@openbsd.org> 5739Date: Tue May 5 10:17:49 2015 +0000 5740 5741 upstream commit 5742 5743 WinSCP doesn't implement RFC4419 DH-GEX so flag it so we 5744 don't offer that KEX method. ok markus@ 5745 5746commit d5b1507a207253b39e810e91e68f9598691b7a29 5747Author: jsg@openbsd.org <jsg@openbsd.org> 5748Date: Tue May 5 02:48:17 2015 +0000 5749 5750 upstream commit 5751 5752 use the sizeof the struct not the sizeof a pointer to the 5753 struct in ssh_digest_start() 5754 5755 This file is only used if ssh is built with OPENSSL=no 5756 5757 ok markus@ 5758 5759commit a647b9b8e616c231594b2710c925d31b1b8afea3 5760Author: Darren Tucker <dtucker@zip.com.au> 5761Date: Fri May 8 11:07:27 2015 +1000 5762 5763 Put brackets around mblen() compat constant. 5764 5765 This might help with the reported problem cross compiling for Android 5766 ("error: expected identifier or '(' before numeric constant") but 5767 shouldn't hurt in any case. 5768 5769commit d1680d36e17244d9af3843aeb5025cb8e40d6c07 5770Author: Darren Tucker <dtucker@zip.com.au> 5771Date: Thu Apr 30 09:18:11 2015 +1000 5772 5773 xrealloc -> xreallocarray in portable code too. 5774 5775commit 531a57a3893f9fcd4aaaba8c312b612bbbcc021e 5776Author: dtucker@openbsd.org <dtucker@openbsd.org> 5777Date: Wed Apr 29 03:48:56 2015 +0000 5778 5779 upstream commit 5780 5781 Allow ListenAddress, Port and AddressFamily in any 5782 order. bz#68, ok djm@, jmc@ (for the man page bit). 5783 5784commit c1d5bcf1aaf1209af02f79e48ba1cbc76a87b56f 5785Author: jmc@openbsd.org <jmc@openbsd.org> 5786Date: Tue Apr 28 13:47:38 2015 +0000 5787 5788 upstream commit 5789 5790 enviroment -> environment: apologies to darren for not 5791 spotting that first time round... 5792 5793commit 43beea053db191cac47c2cd8d3dc1930158aff1a 5794Author: dtucker@openbsd.org <dtucker@openbsd.org> 5795Date: Tue Apr 28 10:25:15 2015 +0000 5796 5797 upstream commit 5798 5799 Fix typo in previous 5800 5801commit 85b96ef41374f3ddc9139581f87da09b2cd9199e 5802Author: dtucker@openbsd.org <dtucker@openbsd.org> 5803Date: Tue Apr 28 10:17:58 2015 +0000 5804 5805 upstream commit 5806 5807 Document that the TERM environment variable is not 5808 subject to SendEnv and AcceptEnv. bz#2386, based loosely on a patch from 5809 jjelen at redhat, help and ok jmc@ 5810 5811commit 88a7c598a94ff53f76df228eeaae238d2d467565 5812Author: djm@openbsd.org <djm@openbsd.org> 5813Date: Mon Apr 27 21:42:48 2015 +0000 5814 5815 upstream commit 5816 5817 Make sshd default to PermitRootLogin=no; ok deraadt@ 5818 rpe@ 5819 5820commit 734226b4480a6c736096c729fcf6f391400599c7 5821Author: djm@openbsd.org <djm@openbsd.org> 5822Date: Mon Apr 27 01:52:30 2015 +0000 5823 5824 upstream commit 5825 5826 fix compilation with OPENSSL=no; ok dtucker@ 5827 5828commit a4b9d2ce1eb7703eaf0809b0c8a82ded8aa4f1c6 5829Author: dtucker@openbsd.org <dtucker@openbsd.org> 5830Date: Mon Apr 27 00:37:53 2015 +0000 5831 5832 upstream commit 5833 5834 Include stdio.h for FILE (used in sshkey.h) so it 5835 compiles with OPENSSL=no. 5836 5837commit dbcc652f4ca11fe04e5930c7ef18a219318c6cda 5838Author: djm@openbsd.org <djm@openbsd.org> 5839Date: Mon Apr 27 00:21:21 2015 +0000 5840 5841 upstream commit 5842 5843 allow "sshd -f none" to skip reading the config file, 5844 much like "ssh -F none" does. ok dtucker 5845 5846commit b7ca276fca316c952f0b90f5adb1448c8481eedc 5847Author: jmc@openbsd.org <jmc@openbsd.org> 5848Date: Fri Apr 24 06:26:49 2015 +0000 5849 5850 upstream commit 5851 5852 combine -Dd onto one line and update usage(); 5853 5854commit 2ea974630d7017e4c7666d14d9dc939707613e96 5855Author: djm@openbsd.org <djm@openbsd.org> 5856Date: Fri Apr 24 05:26:44 2015 +0000 5857 5858 upstream commit 5859 5860 add ssh-agent -D to leave ssh-agent in foreground 5861 without enabling debug mode; bz#2381 ok dtucker@ 5862 5863commit 8ac2ffd7aa06042f6b924c87139f2fea5c5682f7 5864Author: deraadt@openbsd.org <deraadt@openbsd.org> 5865Date: Fri Apr 24 01:36:24 2015 +0000 5866 5867 upstream commit 5868 5869 2*len -> use xreallocarray() ok djm 5870 5871commit 657a5fbc0d0aff309079ff8fb386f17e964963c2 5872Author: deraadt@openbsd.org <deraadt@openbsd.org> 5873Date: Fri Apr 24 01:36:00 2015 +0000 5874 5875 upstream commit 5876 5877 rename xrealloc() to xreallocarray() since it follows 5878 that form. ok djm 5879 5880commit 1108ae242fdd2c304307b68ddf46aebe43ebffaa 5881Author: dtucker@openbsd.org <dtucker@openbsd.org> 5882Date: Thu Apr 23 04:59:10 2015 +0000 5883 5884 upstream commit 5885 5886 Two small fixes for sshd -T: ListenAddress'es are added 5887 to a list head so reverse the order when printing them to ensure the 5888 behaviour remains the same, and print StreamLocalBindMask as octal with 5889 leading zero. ok deraadt@ 5890 5891commit bd902b8473e1168f19378d5d0ae68d0c203525df 5892Author: dtucker@openbsd.org <dtucker@openbsd.org> 5893Date: Thu Apr 23 04:53:53 2015 +0000 5894 5895 upstream commit 5896 5897 Check for and reject missing arguments for 5898 VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com, 5899 ok djm@ 5900 5901commit ca42c1758575e592239de1d5755140e054b91a0d 5902Author: djm@openbsd.org <djm@openbsd.org> 5903Date: Wed Apr 22 01:24:01 2015 +0000 5904 5905 upstream commit 5906 5907 unknown certificate extensions are non-fatal, so don't 5908 fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok 5909 dtucker@ 5910 5911commit 39bfbf7caad231cc4bda6909fb1af0705bca04d8 5912Author: jsg@openbsd.org <jsg@openbsd.org> 5913Date: Tue Apr 21 07:01:00 2015 +0000 5914 5915 upstream commit 5916 5917 Add back a backslash removed in rev 1.42 so 5918 KEX_SERVER_ENCRYPT will include aes again. 5919 5920 ok deraadt@ 5921 5922commit 6b0d576bb87eca3efd2b309fcfe4edfefc289f9c 5923Author: djm@openbsd.org <djm@openbsd.org> 5924Date: Fri Apr 17 13:32:09 2015 +0000 5925 5926 upstream commit 5927 5928 s/recommended/required/ that private keys be og-r this 5929 wording change was made a while ago but got accidentally reverted 5930 5931commit 44a8e7ce6f3ab4c2eb1ae49115c210b98e53c4df 5932Author: djm@openbsd.org <djm@openbsd.org> 5933Date: Fri Apr 17 13:25:52 2015 +0000 5934 5935 upstream commit 5936 5937 don't try to cleanup NULL KEX proposals in 5938 kex_prop_free(); found by Jukka Taimisto and Markus Hietava 5939 5940commit 3038a191872d2882052306098c1810d14835e704 5941Author: djm@openbsd.org <djm@openbsd.org> 5942Date: Fri Apr 17 13:19:22 2015 +0000 5943 5944 upstream commit 5945 5946 use error/logit/fatal instead of fprintf(stderr, ...) 5947 and exit(0), fix a few errors that were being printed to stdout instead of 5948 stderr and a few non-errors that were going to stderr instead of stdout 5949 bz#2325; ok dtucker 5950 5951commit a58be33cb6cd24441fa7e634db0e5babdd56f07f 5952Author: djm@openbsd.org <djm@openbsd.org> 5953Date: Fri Apr 17 13:16:48 2015 +0000 5954 5955 upstream commit 5956 5957 debug log missing DISPLAY environment when X11 5958 forwarding requested; bz#1682 ok dtucker@ 5959 5960commit 17d4d9d9fbc8fb80e322f94d95eecc604588a474 5961Author: djm@openbsd.org <djm@openbsd.org> 5962Date: Fri Apr 17 04:32:31 2015 +0000 5963 5964 upstream commit 5965 5966 don't call record_login() in monitor when UseLogin is 5967 enabled; bz#278 reported by drk AT sgi.com; ok dtucker 5968 5969commit 40132ff87b6cbc3dc05fb5df2e9d8e3afa06aafd 5970Author: dtucker@openbsd.org <dtucker@openbsd.org> 5971Date: Fri Apr 17 04:12:35 2015 +0000 5972 5973 upstream commit 5974 5975 Add some missing options to sshd -T and fix the output 5976 of VersionAddendum HostCertificate. bz#2346, patch from jjelen at redhat 5977 com, ok djm. 5978 5979commit 6cc7cfa936afde2d829e56ee6528c7ea47a42441 5980Author: dtucker@openbsd.org <dtucker@openbsd.org> 5981Date: Thu Apr 16 23:25:50 2015 +0000 5982 5983 upstream commit 5984 5985 Document "none" for PidFile XAuthLocation 5986 TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@ 5987 5988commit 15fdfc9b1c6808b26bc54d4d61a38b54541763ed 5989Author: dtucker@openbsd.org <dtucker@openbsd.org> 5990Date: Wed Apr 15 23:23:25 2015 +0000 5991 5992 upstream commit 5993 5994 Plug leak of address passed to logging. bz#2373, patch 5995 from jjelen at redhat, ok markus@ 5996 5997commit bb2289e2a47d465eaaaeff3dee2a6b7777b4c291 5998Author: dtucker@openbsd.org <dtucker@openbsd.org> 5999Date: Tue Apr 14 04:17:03 2015 +0000 6000 6001 upstream commit 6002 6003 Output remote username in debug output since with Host 6004 and Match it's not always obvious what it will be. bz#2368, ok djm@ 6005 6006commit 70860b6d07461906730632f9758ff1b7c98c695a 6007Author: Darren Tucker <dtucker@zip.com.au> 6008Date: Fri Apr 17 10:56:13 2015 +1000 6009 6010 Format UsePAM setting when using sshd -T. 6011 6012 Part of bz#2346, patch from jjelen at redhat com. 6013 6014commit ee15d9c9f0720f5a8b0b34e4b10ecf21f9824814 6015Author: Darren Tucker <dtucker@zip.com.au> 6016Date: Fri Apr 17 10:40:23 2015 +1000 6017 6018 Wrap endian.h include inside ifdef (bz#2370). 6019 6020commit 408f4c2ad4a4c41baa7b9b2b7423d875abbfa70b 6021Author: Darren Tucker <dtucker@zip.com.au> 6022Date: Fri Apr 17 09:39:58 2015 +1000 6023 6024 Look for '${host}-ar' before 'ar'. 6025 6026 This changes configure.ac to look for '${host}-ar' as set by 6027 AC_CANONICAL_HOST before looking for the unprefixed 'ar'. 6028 Useful when cross-compiling when all your binutils are prefixed. 6029 6030 Patch from moben at exherbo org via astrand at lysator liu se and 6031 bz#2352. 6032 6033commit 673a1c16ad078d41558247ce739fe812c960acc8 6034Author: Damien Miller <djm@google.com> 6035Date: Thu Apr 16 11:40:20 2015 +1000 6036 6037 remove dependency on arpa/telnet.h 6038 6039commit 202d443eeda1829d336595a3cfc07827e49f45ed 6040Author: Darren Tucker <dtucker@zip.com.au> 6041Date: Wed Apr 15 15:59:49 2015 +1000 6042 6043 Remove duplicate include of pwd.h. bz#2337, patch from Mordy Ovits. 6044 6045commit 597986493412c499f2bc2209420cb195f97b3668 6046Author: Damien Miller <djm@google.com> 6047Date: Thu Apr 9 10:14:48 2015 +1000 6048 6049 platform's with openpty don't need pty_release 6050 6051commit 318be28cda1fd9108f2e6f2f86b0b7589ba2aed0 6052Author: djm@openbsd.org <djm@openbsd.org> 6053Date: Mon Apr 13 02:04:08 2015 +0000 6054 6055 upstream commit 6056 6057 deprecate ancient, pre-RFC4419 and undocumented 6058 SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems 6059 reasonable" dtucker@ 6060 6061commit d8f391caef62378463a0e6b36f940170dadfe605 6062Author: dtucker@openbsd.org <dtucker@openbsd.org> 6063Date: Fri Apr 10 05:16:50 2015 +0000 6064 6065 upstream commit 6066 6067 Don't send hostkey advertisments 6068 (hostkeys-00@openssh.com) to current versions of Tera Term as they can't 6069 handle them. Newer versions should be OK. Patch from Bryan Drewery and 6070 IWAMOTO Kouichi, ok djm@ 6071 6072commit 2c2cfe1a1c97eb9a08cc9817fd0678209680c636 6073Author: djm@openbsd.org <djm@openbsd.org> 6074Date: Fri Apr 10 00:08:55 2015 +0000 6075 6076 upstream commit 6077 6078 include port number if a non-default one has been 6079 specified; based on patch from Michael Handler 6080 6081commit 4492a4f222da4cf1e8eab12689196322e27b08c4 6082Author: djm@openbsd.org <djm@openbsd.org> 6083Date: Tue Apr 7 23:00:42 2015 +0000 6084 6085 upstream commit 6086 6087 treat Protocol=1,2|2,1 as Protocol=2 when compiled 6088 without SSH1 support; ok dtucker@ millert@ 6089 6090commit c265e2e6e932efc6d86f6cc885dea33637a67564 6091Author: miod@openbsd.org <miod@openbsd.org> 6092Date: Sun Apr 5 15:43:43 2015 +0000 6093 6094 upstream commit 6095 6096 Do not use int for sig_atomic_t; spotted by 6097 christos@netbsd; ok markus@ 6098 6099commit e7bf3a5eda6a1b02bef6096fed78527ee11e54cc 6100Author: Darren Tucker <dtucker@zip.com.au> 6101Date: Tue Apr 7 10:48:04 2015 +1000 6102 6103 Use do{}while(0) for no-op functions. 6104 6105 From FreeBSD. 6106 6107commit bb99844abae2b6447272f79e7fa84134802eb4df 6108Author: Darren Tucker <dtucker@zip.com.au> 6109Date: Tue Apr 7 10:47:15 2015 +1000 6110 6111 Wrap blf.h include in ifdef. From FreeBSD. 6112 6113commit d9b9b43656091cf0ad55c122f08fadb07dad0abd 6114Author: Darren Tucker <dtucker@zip.com.au> 6115Date: Tue Apr 7 09:10:00 2015 +1000 6116 6117 Fix misspellings of regress CONFOPTS env variables. 6118 6119 Patch from Bryan Drewery. 6120 6121commit 3f4ea3c9ab1d32d43c9222c4351f58ca11144156 6122Author: djm@openbsd.org <djm@openbsd.org> 6123Date: Fri Apr 3 22:17:27 2015 +0000 6124 6125 upstream commit 6126 6127 correct return value in pubkey parsing, spotted by Ben Hawkes 6128 ok markus@ 6129 6130commit 7da2be0cb9601ed25460c83aa4d44052b967ba0f 6131Author: djm@openbsd.org <djm@openbsd.org> 6132Date: Tue Mar 31 22:59:01 2015 +0000 6133 6134 upstream commit 6135 6136 adapt to recent hostfile.c change: when parsing 6137 known_hosts without fully parsing the keys therein, hostkeys_foreach() will 6138 now correctly identify KEY_RSA1 keys; ok markus@ miod@ 6139 6140commit 9e1777a0d1c706714b055811c12ab8cc21033e4a 6141Author: markus@openbsd.org <markus@openbsd.org> 6142Date: Tue Mar 24 20:19:15 2015 +0000 6143 6144 upstream commit 6145 6146 use ${SSH} for -Q instead of installed ssh 6147 6148commit ce1b358ea414a2cc88e4430cd5a2ea7fecd9de57 6149Author: djm@openbsd.org <djm@openbsd.org> 6150Date: Mon Mar 16 22:46:14 2015 +0000 6151 6152 upstream commit 6153 6154 make CLEANFILES clean up more of the tests' droppings 6155 6156commit 398f9ef192d820b67beba01ec234d66faca65775 6157Author: djm@openbsd.org <djm@openbsd.org> 6158Date: Tue Mar 31 22:57:06 2015 +0000 6159 6160 upstream commit 6161 6162 downgrade error() for known_hosts parse errors to debug() 6163 to quiet warnings from ssh1 keys present when compiled !ssh1. 6164 6165 also identify ssh1 keys when scanning, even when compiled !ssh1 6166 6167 ok markus@ miod@ 6168 6169commit 9a47ab80030a31f2d122b8fd95bd48c408b9fcd9 6170Author: djm@openbsd.org <djm@openbsd.org> 6171Date: Tue Mar 31 22:55:50 2015 +0000 6172 6173 upstream commit 6174 6175 fd leak for !ssh1 case; found by unittests; ok markus@ 6176 6177commit c9a0805a6280681901c270755a7cd630d7c5280e 6178Author: djm@openbsd.org <djm@openbsd.org> 6179Date: Tue Mar 31 22:55:24 2015 +0000 6180 6181 upstream commit 6182 6183 don't fatal when a !ssh1 sshd is reexeced from a w/ssh1 6184 listener; reported by miod@; ok miod@ markus@ 6185 6186commit 704d8c88988cae38fb755a6243b119731d223222 6187Author: tobias@openbsd.org <tobias@openbsd.org> 6188Date: Tue Mar 31 11:06:49 2015 +0000 6189 6190 upstream commit 6191 6192 Comments are only supported for RSA1 keys. If a user 6193 tried to add one and entered his passphrase, explicitly clear it before exit. 6194 This is done in all other error paths, too. 6195 6196 ok djm 6197 6198commit 78de1673c05ea2c33e0d4a4b64ecb5186b6ea2e9 6199Author: jmc@openbsd.org <jmc@openbsd.org> 6200Date: Mon Mar 30 18:28:37 2015 +0000 6201 6202 upstream commit 6203 6204 ssh-askpass(1) is the default, overridden by SSH_ASKPASS; 6205 diff originally from jiri b; 6206 6207commit 26e0bcf766fadb4a44fb6199386fb1dcab65ad00 6208Author: djm@openbsd.org <djm@openbsd.org> 6209Date: Mon Mar 30 00:00:29 2015 +0000 6210 6211 upstream commit 6212 6213 fix uninitialised memory read when parsing a config file 6214 consisting of a single nul byte. Found by hanno AT hboeck.de using AFL; ok 6215 dtucker 6216 6217commit fecede00a76fbb33a349f5121c0b2f9fbc04a777 6218Author: markus@openbsd.org <markus@openbsd.org> 6219Date: Thu Mar 26 19:32:19 2015 +0000 6220 6221 upstream commit 6222 6223 sigp and lenp are not optional in ssh_agent_sign(); ok 6224 djm@ 6225 6226commit 1b0ef3813244c78669e6d4d54c624f600945327d 6227Author: naddy@openbsd.org <naddy@openbsd.org> 6228Date: Thu Mar 26 12:32:38 2015 +0000 6229 6230 upstream commit 6231 6232 don't try to load .ssh/identity by default if SSH1 is 6233 disabled; ok markus@ 6234 6235commit f9b78852379b74a2d14e6fc94fe52af30b7e9c31 6236Author: djm@openbsd.org <djm@openbsd.org> 6237Date: Thu Mar 26 07:00:04 2015 +0000 6238 6239 upstream commit 6240 6241 ban all-zero curve25519 keys as recommended by latest 6242 CFRG curves draft; ok markus 6243 6244commit b8afbe2c1aaf573565e4da775261dfafc8b1ba9c 6245Author: djm@openbsd.org <djm@openbsd.org> 6246Date: Thu Mar 26 06:59:28 2015 +0000 6247 6248 upstream commit 6249 6250 relax bits needed check to allow 6251 diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was 6252 selected as symmetric cipher; ok markus 6253 6254commit 47842f71e31da130555353c1d57a1e5a8937f1c0 6255Author: markus@openbsd.org <markus@openbsd.org> 6256Date: Wed Mar 25 19:29:58 2015 +0000 6257 6258 upstream commit 6259 6260 ignore v1 errors on ssh-add -D; only try v2 keys on 6261 -l/-L (unless WITH_SSH1) ok djm@ 6262 6263commit 5f57e77f91bf2230c09eca96eb5ecec39e5f2da6 6264Author: markus@openbsd.org <markus@openbsd.org> 6265Date: Wed Mar 25 19:21:48 2015 +0000 6266 6267 upstream commit 6268 6269 unbreak ssh_agent_sign (lenp vs *lenp) 6270 6271commit 4daeb67181054f2a377677fac919ee8f9ed3490e 6272Author: markus@openbsd.org <markus@openbsd.org> 6273Date: Tue Mar 24 20:10:08 2015 +0000 6274 6275 upstream commit 6276 6277 don't leak 'setp' on error; noted by Nicholas Lemonias; 6278 ok djm@ 6279 6280commit 7d4f96f9de2a18af0d9fa75ea89a4990de0344f5 6281Author: markus@openbsd.org <markus@openbsd.org> 6282Date: Tue Mar 24 20:09:11 2015 +0000 6283 6284 upstream commit 6285 6286 consistent check for NULL as noted by Nicholas 6287 Lemonias; ok djm@ 6288 6289commit df100be51354e447d9345cf1ec22e6013c0eed50 6290Author: markus@openbsd.org <markus@openbsd.org> 6291Date: Tue Mar 24 20:03:44 2015 +0000 6292 6293 upstream commit 6294 6295 correct fmt-string for size_t as noted by Nicholas 6296 Lemonias; ok djm@ 6297 6298commit a22b9ef21285e81775732436f7c84a27bd3f71e0 6299Author: djm@openbsd.org <djm@openbsd.org> 6300Date: Tue Mar 24 09:17:21 2015 +0000 6301 6302 upstream commit 6303 6304 promote chacha20-poly1305@openssh.com to be the default 6305 cipher; ok markus 6306 6307commit 2aa9da1a3b360cf7b13e96fe1521534b91501fb5 6308Author: djm@openbsd.org <djm@openbsd.org> 6309Date: Tue Mar 24 01:29:19 2015 +0000 6310 6311 upstream commit 6312 6313 Compile-time disable SSH protocol 1. You can turn it 6314 back on using the Makefile.inc knob if you need it to talk to ancient 6315 devices. 6316 6317commit 53097b2022154edf96b4e8526af5666f979503f7 6318Author: djm@openbsd.org <djm@openbsd.org> 6319Date: Tue Mar 24 01:11:12 2015 +0000 6320 6321 upstream commit 6322 6323 fix double-negative error message "ssh1 is not 6324 unsupported" 6325 6326commit 5c27e3b6ec2db711dfcd40e6359c0bcdd0b62ea9 6327Author: djm@openbsd.org <djm@openbsd.org> 6328Date: Mon Mar 23 06:06:38 2015 +0000 6329 6330 upstream commit 6331 6332 for ssh-keygen -A, don't try (and fail) to generate ssh 6333 v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled 6334 without OpenSSL based on patch by Mike Frysinger; bz#2369 6335 6336commit 725fd22a8c41db7de73a638539a5157b7e4424ae 6337Author: djm@openbsd.org <djm@openbsd.org> 6338Date: Wed Mar 18 01:44:21 2015 +0000 6339 6340 upstream commit 6341 6342 KRL support doesn't need OpenSSL anymore, remove #ifdefs 6343 from around call 6344 6345commit b07011c18e0b2e172c5fd09d21fb159a0bf5fcc7 6346Author: djm@openbsd.org <djm@openbsd.org> 6347Date: Mon Mar 16 11:09:52 2015 +0000 6348 6349 upstream commit 6350 6351 #if 0 some more arrays used only for decrypting (we don't 6352 use since we only need encrypt for AES-CTR) 6353 6354commit 1cb3016635898d287e9d58b50c430995652d5358 6355Author: jsg@openbsd.org <jsg@openbsd.org> 6356Date: Wed Mar 11 00:48:39 2015 +0000 6357 6358 upstream commit 6359 6360 add back the changes from rev 1.206, djm reverted this by 6361 mistake in rev 1.207 6362 6363commit 4d24b3b6a4a6383e05e7da26d183b79fa8663697 6364Author: Damien Miller <djm@mindrot.org> 6365Date: Fri Mar 20 09:11:59 2015 +1100 6366 6367 remove error() accidentally inserted for debugging 6368 6369 pointed out by Christian Hesse 6370 6371commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb 6372Author: Tim Rice <tim@multitalents.net> 6373Date: Mon Mar 16 22:49:20 2015 -0700 6374 6375 portability fix: Solaris systems may not have a grep that understands -q 6376 6377commit 8ef691f7d9ef500257a549d0906d78187490668f 6378Author: Damien Miller <djm@google.com> 6379Date: Wed Mar 11 10:35:26 2015 +1100 6380 6381 fix compile with clang 6382 6383commit 4df590cf8dc799e8986268d62019b487a8ed63ad 6384Author: Damien Miller <djm@google.com> 6385Date: Wed Mar 11 10:02:39 2015 +1100 6386 6387 make unit tests work for !OPENSSH_HAS_ECC 6388 6389commit 307bb40277ca2c32e97e61d70d1ed74b571fd6ba 6390Author: djm@openbsd.org <djm@openbsd.org> 6391Date: Sat Mar 7 04:41:48 2015 +0000 6392 6393 upstream commit 6394 6395 unbreak for w/SSH1 (default) case; ok markus@ deraadt@ 6396 6397commit b44ee0c998fb4c5f3c3281f2398af5ce42840b6f 6398Author: Damien Miller <djm@mindrot.org> 6399Date: Thu Mar 5 18:39:20 2015 -0800 6400 6401 unbreak hostkeys test for w/ SSH1 case 6402 6403commit 55e5bdeb519cb60cc18b7ba0545be581fb8598b4 6404Author: djm@openbsd.org <djm@openbsd.org> 6405Date: Fri Mar 6 01:40:56 2015 +0000 6406 6407 upstream commit 6408 6409 fix sshkey_certify() return value for unsupported key types; 6410 ok markus@ deraadt@ 6411 6412commit be8f658e550a434eac04256bfbc4289457a24e99 6413Author: Damien Miller <djm@mindrot.org> 6414Date: Wed Mar 4 15:38:03 2015 -0800 6415 6416 update version numbers to match version.h 6417 6418commit ac5e8acefa253eb5e5ba186e34236c0e8007afdc 6419Author: djm@openbsd.org <djm@openbsd.org> 6420Date: Wed Mar 4 23:22:35 2015 +0000 6421 6422 upstream commit 6423 6424 make these work with !SSH1; ok markus@ deraadt@ 6425 6426commit 2f04af92f036b0c87a23efb259c37da98cd81fe6 6427Author: djm@openbsd.org <djm@openbsd.org> 6428Date: Wed Mar 4 21:12:59 2015 +0000 6429 6430 upstream commit 6431 6432 make ssh-add -D work with !SSH1 agent 6433 6434commit a05adf95d2af6abb2b7826ddaa7a0ec0cdc1726b 6435Author: Damien Miller <djm@mindrot.org> 6436Date: Wed Mar 4 00:55:48 2015 -0800 6437 6438 netcat needs poll.h portability goop 6439 6440commit dad2b1892b4c1b7e58df483a8c5b983c4454e099 6441Author: markus@openbsd.org <markus@openbsd.org> 6442Date: Tue Mar 3 22:35:19 2015 +0000 6443 6444 upstream commit 6445 6446 make it possible to run tests w/o ssh1 support; ok djm@ 6447 6448commit d48a22601bdd3eec054794c535f4ae8d8ae4c6e2 6449Author: djm@openbsd.org <djm@openbsd.org> 6450Date: Wed Mar 4 18:53:53 2015 +0000 6451 6452 upstream commit 6453 6454 crank; ok markus, deraadt 6455 6456commit bbffb23daa0b002dd9f296e396a9ab8a5866b339 6457Author: Damien Miller <djm@mindrot.org> 6458Date: Tue Mar 3 13:50:27 2015 -0800 6459 6460 more --without-ssh1 fixes 6461 6462commit 6c2039286f503e2012a58a1d109e389016e7a99b 6463Author: Damien Miller <djm@mindrot.org> 6464Date: Tue Mar 3 13:48:48 2015 -0800 6465 6466 fix merge both that broke --without-ssh1 compile 6467 6468commit 111dfb225478a76f89ecbcd31e96eaf1311b59d3 6469Author: djm@openbsd.org <djm@openbsd.org> 6470Date: Tue Mar 3 21:21:13 2015 +0000 6471 6472 upstream commit 6473 6474 add SSH1 Makefile knob to make it easier to build without 6475 SSH1 support; ok markus@ 6476 6477commit 3f7f5e6c5d2aa3f6710289c1a30119e534e56c5c 6478Author: djm@openbsd.org <djm@openbsd.org> 6479Date: Tue Mar 3 20:42:49 2015 +0000 6480 6481 upstream commit 6482 6483 expand __unused to full __attribute__ for better portability 6484 6485commit 2fab9b0f8720baf990c931e3f68babb0bf9949c6 6486Author: Damien Miller <djm@mindrot.org> 6487Date: Wed Mar 4 07:41:27 2015 +1100 6488 6489 avoid warning 6490 6491commit d1bc844322461f882b4fd2277ba9a8d4966573d2 6492Author: Damien Miller <djm@mindrot.org> 6493Date: Wed Mar 4 06:31:45 2015 +1100 6494 6495 Revert "define __unused to nothing if not already defined" 6496 6497 This reverts commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908. 6498 6499 Some system headers have objects named __unused 6500 6501commit 00797e86b2d98334d1bb808f65fa1fd47f328ff1 6502Author: Damien Miller <djm@mindrot.org> 6503Date: Wed Mar 4 05:02:45 2015 +1100 6504 6505 check for crypt and DES_crypt in openssl block 6506 6507 fixes builds on systems that use DES_crypt; based on patch 6508 from Roumen Petrov 6509 6510commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908 6511Author: Damien Miller <djm@mindrot.org> 6512Date: Wed Mar 4 04:59:13 2015 +1100 6513 6514 define __unused to nothing if not already defined 6515 6516 fixes builds on BSD/OS 6517 6518commit d608a51daad4f14ad6ab43d7cf74ef4801cc3fe9 6519Author: djm@openbsd.org <djm@openbsd.org> 6520Date: Tue Mar 3 17:53:40 2015 +0000 6521 6522 upstream commit 6523 6524 reorder logic for better portability; patch from Roumen 6525 Petrov 6526 6527commit 68d2dfc464fbcdf8d6387884260f9801f4352393 6528Author: djm@openbsd.org <djm@openbsd.org> 6529Date: Tue Mar 3 06:48:58 2015 +0000 6530 6531 upstream commit 6532 6533 Allow "ssh -Q protocol-version" to list supported SSH 6534 protocol versions. Useful for detecting builds without SSH v.1 support; idea 6535 and ok markus@ 6536 6537commit 39e2f1229562e1195169905607bc12290d21f021 6538Author: millert@openbsd.org <millert@openbsd.org> 6539Date: Sun Mar 1 15:44:40 2015 +0000 6540 6541 upstream commit 6542 6543 Make sure we only call getnameinfo() for AF_INET or AF_INET6 6544 sockets. getpeername() of a Unix domain socket may return without error on 6545 some systems without actually setting ss_family so getnameinfo() was getting 6546 called with ss_family set to AF_UNSPEC. OK djm@ 6547 6548commit e47536ba9692d271b8ad89078abdecf0a1c11707 6549Author: Damien Miller <djm@mindrot.org> 6550Date: Sat Feb 28 08:20:11 2015 -0800 6551 6552 portability fixes for regress/netcat.c 6553 6554 Mostly avoiding "err(1, NULL)" 6555 6556commit 02973ad5f6f49d8420e50a392331432b0396c100 6557Author: Damien Miller <djm@mindrot.org> 6558Date: Sat Feb 28 08:05:27 2015 -0800 6559 6560 twiddle another test for portability 6561 6562 from Tom G. Christensen 6563 6564commit f7f3116abf2a6e2f309ab096b08c58d19613e5d0 6565Author: Damien Miller <djm@mindrot.org> 6566Date: Fri Feb 27 15:52:49 2015 -0800 6567 6568 twiddle test for portability 6569 6570commit 1ad3a77cc9d5568f5437ff99d377aa7a41859b83 6571Author: Damien Miller <djm@mindrot.org> 6572Date: Thu Feb 26 20:33:22 2015 -0800 6573 6574 make regress/netcat.c fd passing (more) portable 6575 6576commit 9e1cfca7e1fe9cf8edb634fc894e43993e4da1ea 6577Author: Damien Miller <djm@mindrot.org> 6578Date: Thu Feb 26 20:32:58 2015 -0800 6579 6580 create OBJ/valgrind-out before running unittests 6581 6582commit bd58853102cee739f0e115e6d4b5334332ab1442 6583Author: Damien Miller <djm@mindrot.org> 6584Date: Wed Feb 25 16:58:22 2015 -0800 6585 6586 valgrind support 6587 6588commit f43d17269194761eded9e89f17456332f4c83824 6589Author: djm@openbsd.org <djm@openbsd.org> 6590Date: Thu Feb 26 20:45:47 2015 +0000 6591 6592 upstream commit 6593 6594 don't printf NULL key comments; reported by Tom Christensen 6595 6596commit 6e6458b476ec854db33e3e68ebf4f489d0ab3df8 6597Author: djm@openbsd.org <djm@openbsd.org> 6598Date: Wed Feb 25 23:05:47 2015 +0000 6599 6600 upstream commit 6601 6602 zero cmsgbuf before use; we initialise the bits we use 6603 but valgrind still spams warning on it 6604 6605commit a63cfa26864b93ab6afefad0b630e5358ed8edfa 6606Author: djm@openbsd.org <djm@openbsd.org> 6607Date: Wed Feb 25 19:54:02 2015 +0000 6608 6609 upstream commit 6610 6611 fix small memory leak when UpdateHostkeys=no 6612 6613commit e6b950341dd75baa8526f1862bca39e52f5b879b 6614Author: Tim Rice <tim@multitalents.net> 6615Date: Wed Feb 25 09:56:48 2015 -0800 6616 6617 Revert "Work around finicky USL linker so netcat will build." 6618 6619 This reverts commit d1db656021d0cd8c001a6692f772f1de29b67c8b. 6620 6621 No longer needed with commit 678e473e2af2e4802f24dd913985864d9ead7fb3 6622 6623commit 6f621603f9cff2a5d6016a404c96cb2f8ac2dec0 6624Author: djm@openbsd.org <djm@openbsd.org> 6625Date: Wed Feb 25 17:29:38 2015 +0000 6626 6627 upstream commit 6628 6629 don't leak validity of user in "too many authentication 6630 failures" disconnect message; reported by Sebastian Reitenbach 6631 6632commit 6288e3a935494df12519164f52ca5c8c65fc3ca5 6633Author: naddy@openbsd.org <naddy@openbsd.org> 6634Date: Tue Feb 24 15:24:05 2015 +0000 6635 6636 upstream commit 6637 6638 add -v (show ASCII art) to -l's synopsis; ok djm@ 6639 6640commit 678e473e2af2e4802f24dd913985864d9ead7fb3 6641Author: Darren Tucker <dtucker@zip.com.au> 6642Date: Thu Feb 26 04:12:58 2015 +1100 6643 6644 Remove dependency on xmalloc. 6645 6646 Remove ssh_get_progname's dependency on xmalloc, which should reduce 6647 link order problems. ok djm@ 6648 6649commit 5d5ec165c5b614b03678afdad881f10e25832e46 6650Author: Darren Tucker <dtucker@zip.com.au> 6651Date: Wed Feb 25 15:32:49 2015 +1100 6652 6653 Restrict ECDSA and ECDH tests. 6654 6655 ifdef out some more ECDSA and ECDH tests when built against an OpenSSL 6656 that does not have eliptic curve functionality. 6657 6658commit 1734e276d99b17e92d4233fac7aef3a3180aaca7 6659Author: Darren Tucker <dtucker@zip.com.au> 6660Date: Wed Feb 25 13:40:45 2015 +1100 6661 6662 Move definition of _NSIG. 6663 6664 _NSIG is only unsed in one file, so move it there prevent redefinition 6665 warnings reported by Kevin Brott. 6666 6667commit a47ead7c95cfbeb72721066c4da2312e5b1b9f3d 6668Author: Darren Tucker <dtucker@zip.com.au> 6669Date: Wed Feb 25 13:17:40 2015 +1100 6670 6671 Add includes.h for compatibility stuff. 6672 6673commit 38806bda6d2e48ad32812b461eebe17672ada771 6674Author: Damien Miller <djm@mindrot.org> 6675Date: Tue Feb 24 16:50:06 2015 -0800 6676 6677 include netdb.h to look for MAXHOSTNAMELEN; ok tim 6678 6679commit d1db656021d0cd8c001a6692f772f1de29b67c8b 6680Author: Tim Rice <tim@multitalents.net> 6681Date: Tue Feb 24 10:42:08 2015 -0800 6682 6683 Work around finicky USL linker so netcat will build. 6684 6685commit cb030ce25f555737e8ba97bdd7883ac43f3ff2a3 6686Author: Damien Miller <djm@mindrot.org> 6687Date: Tue Feb 24 09:23:04 2015 -0800 6688 6689 include includes.h to avoid build failure on AIX 6690 6691commit 13af342458f5064144abbb07e5ac9bbd4eb42567 6692Author: Tim Rice <tim@multitalents.net> 6693Date: Tue Feb 24 07:56:47 2015 -0800 6694 6695 Original portability patch from djm@ for platforms missing err.h. 6696 Fix name space clash on Solaris 10. Still more to do for Solaris 10 6697 to deal with msghdr structure differences. ok djm@ 6698 6699commit 910209203d0cd60c5083901cbcc0b7b44d9f48d2 6700Author: Tim Rice <tim@multitalents.net> 6701Date: Mon Feb 23 22:06:56 2015 -0800 6702 6703 cleaner way fix dispatch.h portion of commit 6704 a88dd1da119052870bb2654c1a32c51971eade16 6705 (some systems have sig_atomic_t in signal.h, some in sys/signal.h) 6706 Sounds good to me djm@ 6707 6708commit 676c38d7cbe65b76bbfff796861bb6615cc6a596 6709Author: Tim Rice <tim@multitalents.net> 6710Date: Mon Feb 23 21:51:33 2015 -0800 6711 6712 portability fix: if we can't dind a better define for HOST_NAME_MAX, use 255 6713 6714commit 1221b22023dce38cbc90ba77eae4c5d78c77a5e6 6715Author: Tim Rice <tim@multitalents.net> 6716Date: Mon Feb 23 21:50:34 2015 -0800 6717 6718 portablity fix: s/__inline__/inline/ 6719 6720commit 4c356308a88d309c796325bb75dce90ca16591d5 6721Author: Darren Tucker <dtucker@zip.com.au> 6722Date: Tue Feb 24 13:49:31 2015 +1100 6723 6724 Wrap stdint.h includes in HAVE_STDINT_H. 6725 6726commit c9c88355c6a27a908e7d1e5003a2b35ea99c1614 6727Author: Darren Tucker <dtucker@zip.com.au> 6728Date: Tue Feb 24 13:43:57 2015 +1100 6729 6730 Add AI_NUMERICSERV to fake-rfc2553. 6731 6732 Our getaddrinfo implementation always returns numeric values already. 6733 6734commit ef342ab1ce6fb9a4b30186c89c309d0ae9d0eeb4 6735Author: Darren Tucker <dtucker@zip.com.au> 6736Date: Tue Feb 24 13:39:57 2015 +1100 6737 6738 Include OpenSSL's objects.h before bn.h. 6739 6740 Prevents compile errors on some platforms (at least old GCCs and AIX's 6741 XLC compilers). 6742 6743commit dcc8997d116f615195aa7c9ec019fb36c28c6228 6744Author: Darren Tucker <dtucker@zip.com.au> 6745Date: Tue Feb 24 12:30:59 2015 +1100 6746 6747 Convert two macros into functions. 6748 6749 Convert packet_send_debug and packet_disconnect from macros to 6750 functions. Some older GCCs (2.7.x, 2.95.x) see to have problems with 6751 variadic macros with only one argument so we convert these two into 6752 functions. ok djm@ 6753 6754commit 2285c30d51b7e2052c6526445abe7e7cc7e170a1 6755Author: djm@openbsd.org <djm@openbsd.org> 6756Date: Mon Feb 23 22:21:21 2015 +0000 6757 6758 upstream commit 6759 6760 further silence spurious error message even when -v is 6761 specified (e.g. to get visual host keys); reported by naddy@ 6762 6763commit 9af21979c00652029e160295e988dea40758ece2 6764Author: Damien Miller <djm@mindrot.org> 6765Date: Tue Feb 24 09:04:32 2015 +1100 6766 6767 don't include stdint.h unless HAVE_STDINT_H set 6768 6769commit 62f678dd51660d6f8aee1da33d3222c5de10a89e 6770Author: Damien Miller <djm@mindrot.org> 6771Date: Tue Feb 24 09:02:54 2015 +1100 6772 6773 nother sys/queue.h -> sys-queue.h fix 6774 6775 spotted by Tom Christensen 6776 6777commit b3c19151cba2c0ed01b27f55de0d723ad07ca98f 6778Author: djm@openbsd.org <djm@openbsd.org> 6779Date: Mon Feb 23 20:32:15 2015 +0000 6780 6781 upstream commit 6782 6783 fix a race condition by using a mux socket rather than an 6784 ineffectual wait statement 6785 6786commit a88dd1da119052870bb2654c1a32c51971eade16 6787Author: Damien Miller <djm@mindrot.org> 6788Date: Tue Feb 24 06:30:29 2015 +1100 6789 6790 various include fixes for portable 6791 6792commit 5248429b5ec524d0a65507cff0cdd6e0cb99effd 6793Author: djm@openbsd.org <djm@openbsd.org> 6794Date: Mon Feb 23 16:55:51 2015 +0000 6795 6796 upstream commit 6797 6798 add an XXX to remind me to improve sshkey_load_public 6799 6800commit e94e4b07ef2eaead38b085a60535df9981cdbcdb 6801Author: djm@openbsd.org <djm@openbsd.org> 6802Date: Mon Feb 23 16:55:31 2015 +0000 6803 6804 upstream commit 6805 6806 silence a spurious error message when listing 6807 fingerprints for known_hosts; bz#2342 6808 6809commit f2293a65392b54ac721f66bc0b44462e8d1d81f8 6810Author: djm@openbsd.org <djm@openbsd.org> 6811Date: Mon Feb 23 16:33:25 2015 +0000 6812 6813 upstream commit 6814 6815 fix setting/clearing of TTY raw mode around 6816 UpdateHostKeys=ask confirmation question; reported by Herb Goldman 6817 6818commit f2004cd1adf34492eae0a44b1ef84e0e31b06088 6819Author: Darren Tucker <dtucker@zip.com.au> 6820Date: Mon Feb 23 05:04:21 2015 +1100 6821 6822 Repair for non-ECC OpenSSL. 6823 6824 Ifdef out the ECC parts when building with an OpenSSL that doesn't have 6825 it. 6826 6827commit 37f9220db8d1a52c75894c3de1e5f2ae5bd71b6f 6828Author: Darren Tucker <dtucker@zip.com.au> 6829Date: Mon Feb 23 03:07:24 2015 +1100 6830 6831 Wrap stdint.h includes in ifdefs. 6832 6833commit f81f1bbc5b892c8614ea740b1f92735652eb43f0 6834Author: Tim Rice <tim@multitalents.net> 6835Date: Sat Feb 21 18:12:10 2015 -0800 6836 6837 out of tree build fix 6838 6839commit 2e13a1e4d22f3b503c3bfc878562cc7386a1d1ae 6840Author: Tim Rice <tim@multitalents.net> 6841Date: Sat Feb 21 18:08:51 2015 -0800 6842 6843 mkdir kex unit test directory so testing out of tree builds works 6844 6845commit 1797f49b1ba31e8700231cd6b1d512d80bb50d2c 6846Author: halex@openbsd.org <halex@openbsd.org> 6847Date: Sat Feb 21 21:46:57 2015 +0000 6848 6849 upstream commit 6850 6851 make "ssh-add -d" properly remove a corresponding 6852 certificate, and also not whine and fail if there is none 6853 6854 ok djm@ 6855 6856commit 7faaa32da83a609059d95dbfcb0649fdb04caaf6 6857Author: Damien Miller <djm@mindrot.org> 6858Date: Sun Feb 22 07:57:27 2015 +1100 6859 6860 mkdir hostkey and bitmap unit test directories 6861 6862commit bd49da2ef197efac5e38f5399263a8b47990c538 6863Author: djm@openbsd.org <djm@openbsd.org> 6864Date: Fri Feb 20 23:46:01 2015 +0000 6865 6866 upstream commit 6867 6868 sort options useable under Match case-insensitively; prodded 6869 jmc@ 6870 6871commit 1a779a0dd6cd8b4a1a40ea33b5415ab8408128ac 6872Author: djm@openbsd.org <djm@openbsd.org> 6873Date: Sat Feb 21 20:51:02 2015 +0000 6874 6875 upstream commit 6876 6877 correct paths to configuration files being written/updated; 6878 they live in $OBJ not cwd; some by Roumen Petrov 6879 6880commit 28ba006c1acddff992ae946d0bc0b500b531ba6b 6881Author: Darren Tucker <dtucker@zip.com.au> 6882Date: Sat Feb 21 15:41:07 2015 +1100 6883 6884 More correct checking of HAVE_DECL_AI_NUMERICSERV. 6885 6886commit e50e8c97a9cecae1f28febccaa6ca5ab3bc10f54 6887Author: Darren Tucker <dtucker@zip.com.au> 6888Date: Sat Feb 21 15:10:33 2015 +1100 6889 6890 Add null declaration of AI_NUMERICINFO. 6891 6892 Some platforms (older FreeBSD and DragonFly versions) do have 6893 getaddrinfo() but do not have AI_NUMERICINFO. so define it to zero 6894 in those cases. 6895 6896commit 18a208d6a460d707a45916db63a571e805f5db46 6897Author: djm@openbsd.org <djm@openbsd.org> 6898Date: Fri Feb 20 22:40:32 2015 +0000 6899 6900 upstream commit 6901 6902 more options that are available under Match; bz#2353 reported 6903 by calestyo AT scientia.net 6904 6905commit 44732de06884238049f285f1455b2181baa7dc82 6906Author: djm@openbsd.org <djm@openbsd.org> 6907Date: Fri Feb 20 22:17:21 2015 +0000 6908 6909 upstream commit 6910 6911 UpdateHostKeys fixes: 6912 6913 I accidentally changed the format of the hostkeys@openssh.com messages 6914 last week without changing the extension name, and this has been causing 6915 connection failures for people who are running -current. First reported 6916 by sthen@ 6917 6918 s/hostkeys@openssh.com/hostkeys-00@openssh.com/ 6919 Change the name of the proof message too, and reorder it a little. 6920 6921 Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY 6922 available to read the response) so disable UpdateHostKeys if it is in 6923 ask mode and ControlPersist is active (and document this) 6924 6925commit 13a39414d25646f93e6d355521d832a03aaaffe2 6926Author: djm@openbsd.org <djm@openbsd.org> 6927Date: Tue Feb 17 00:14:05 2015 +0000 6928 6929 upstream commit 6930 6931 Regression: I broke logging of public key fingerprints in 6932 1.46. Pointed out by Pontus Lundkvist 6933 6934commit 773dda25e828c4c9a52f7bdce6e1e5924157beab 6935Author: Damien Miller <djm@mindrot.org> 6936Date: Fri Jan 30 23:10:17 2015 +1100 6937 6938 repair --without-openssl; broken in refactor 6939 6940commit e89c780886b23600de1e1c8d74aabd1ff61f43f0 6941Author: Damien Miller <djm@google.com> 6942Date: Tue Feb 17 10:04:55 2015 +1100 6943 6944 hook up hostkeys unittest to portable Makefiles 6945 6946commit 0abf41f99aa16ff09b263bead242d6cb2dbbcf99 6947Author: djm@openbsd.org <djm@openbsd.org> 6948Date: Mon Feb 16 22:21:03 2015 +0000 6949 6950 upstream commit 6951 6952 enable hostkeys unit tests 6953 6954commit 68a5d647ccf0fb6782b2f749433a1eee5bc9044b 6955Author: djm@openbsd.org <djm@openbsd.org> 6956Date: Mon Feb 16 22:20:50 2015 +0000 6957 6958 upstream commit 6959 6960 check string/memory compare arguments aren't NULL 6961 6962commit ef575ef20d09f20722e26b45dab80b3620469687 6963Author: djm@openbsd.org <djm@openbsd.org> 6964Date: Mon Feb 16 22:18:34 2015 +0000 6965 6966 upstream commit 6967 6968 unit tests for hostfile.c code, just hostkeys_foreach so 6969 far 6970 6971commit 8ea3365e6aa2759ccf5c76eaea62cbc8a280b0e7 6972Author: markus@openbsd.org <markus@openbsd.org> 6973Date: Sat Feb 14 12:43:16 2015 +0000 6974 6975 upstream commit 6976 6977 test server rekey limit 6978 6979commit ce63c4b063c39b2b22d4ada449c9e3fbde788cb3 6980Author: djm@openbsd.org <djm@openbsd.org> 6981Date: Mon Feb 16 22:30:03 2015 +0000 6982 6983 upstream commit 6984 6985 partial backout of: 6986 6987 revision 1.441 6988 date: 2015/01/31 20:30:05; author: djm; state: Exp; lines: +17 -10; commitid 6989 : x8klYPZMJSrVlt3O; 6990 Let sshd load public host keys even when private keys are missing. 6991 Allows sshd to advertise additional keys for future key rotation. 6992 Also log fingerprint of hostkeys loaded; ok markus@ 6993 6994 hostkey updates now require access to the private key, so we can't 6995 load public keys only. The improved log messages (fingerprints of keys 6996 loaded) are kept. 6997 6998commit 523463a3a2a9bfc6cfc5afa01bae9147f76a37cc 6999Author: djm@openbsd.org <djm@openbsd.org> 7000Date: Mon Feb 16 22:13:32 2015 +0000 7001 7002 upstream commit 7003 7004 Revise hostkeys@openssh.com hostkey learning extension. 7005 7006 The client will not ask the server to prove ownership of the private 7007 halves of any hitherto-unseen hostkeys it offers to the client. 7008 7009 Allow UpdateHostKeys option to take an 'ask' argument to let the 7010 user manually review keys offered. 7011 7012 ok markus@ 7013 7014commit 6c5c949782d86a6e7d58006599c7685bfcd01685 7015Author: djm@openbsd.org <djm@openbsd.org> 7016Date: Mon Feb 16 22:08:57 2015 +0000 7017 7018 upstream commit 7019 7020 Refactor hostkeys_foreach() and dependent code Deal with 7021 IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing 7022 changed ok markus@ as part of larger commit 7023 7024commit 51b082ccbe633dc970df1d1f4c9c0497115fe721 7025Author: miod@openbsd.org <miod@openbsd.org> 7026Date: Mon Feb 16 18:26:26 2015 +0000 7027 7028 upstream commit 7029 7030 Declare ge25519_base as extern, to prevent it from 7031 becoming a common. Gets us rid of ``lignment 4 of symbol 7032 `crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in 7033 mod_ed25519.o'' warnings at link time. 7034 7035commit 02db468bf7e3281a8e3c058ced571b38b6407c34 7036Author: markus@openbsd.org <markus@openbsd.org> 7037Date: Fri Feb 13 18:57:00 2015 +0000 7038 7039 upstream commit 7040 7041 make rekey_limit for sshd w/privsep work; ok djm@ 7042 dtucker@ 7043 7044commit 8ec67d505bd23c8bf9e17b7a364b563a07a58ec8 7045Author: dtucker@openbsd.org <dtucker@openbsd.org> 7046Date: Thu Feb 12 20:34:19 2015 +0000 7047 7048 upstream commit 7049 7050 Prevent sshd spamming syslog with 7051 "ssh_dispatch_run_fatal: disconnected". ok markus@ 7052 7053commit d4c0295d1afc342057ba358237acad6be8af480b 7054Author: djm@openbsd.org <djm@openbsd.org> 7055Date: Wed Feb 11 01:20:38 2015 +0000 7056 7057 upstream commit 7058 7059 Some packet error messages show the address of the peer, 7060 but might be generated after the socket to the peer has suffered a TCP reset. 7061 In these cases, getpeername() won't work so cache the address earlier. 7062 7063 spotted in the wild via deraadt@ and tedu@ 7064 7065commit 4af1709cf774475ce5d1bc3ddcc165f6c222897d 7066Author: jsg@openbsd.org <jsg@openbsd.org> 7067Date: Mon Feb 9 23:22:37 2015 +0000 7068 7069 upstream commit 7070 7071 fix some leaks in error paths ok markus@ 7072 7073commit fd36834871d06a03e1ff8d69e41992efa1bbf85f 7074Author: millert@openbsd.org <millert@openbsd.org> 7075Date: Fri Feb 6 23:21:59 2015 +0000 7076 7077 upstream commit 7078 7079 SIZE_MAX is standard, we should be using it in preference to 7080 the obsolete SIZE_T_MAX. OK miod@ beck@ 7081 7082commit 1910a286d7771eab84c0b047f31c0a17505236fa 7083Author: millert@openbsd.org <millert@openbsd.org> 7084Date: Thu Feb 5 12:59:57 2015 +0000 7085 7086 upstream commit 7087 7088 Include stdint.h, not limits.h to get SIZE_MAX. OK guenther@ 7089 7090commit ce4f59b2405845584f45e0b3214760eb0008c06c 7091Author: deraadt@openbsd.org <deraadt@openbsd.org> 7092Date: Tue Feb 3 08:07:20 2015 +0000 7093 7094 upstream commit 7095 7096 missing ; djm and mlarkin really having great 7097 interactions recently 7098 7099commit 5d34aa94938abb12b877a25be51862757f25d54b 7100Author: halex@openbsd.org <halex@openbsd.org> 7101Date: Tue Feb 3 00:34:14 2015 +0000 7102 7103 upstream commit 7104 7105 slightly extend the passphrase prompt if running with -c 7106 in order to give the user a chance to notice if unintentionally running 7107 without it 7108 7109 wording tweak and ok djm@ 7110 7111commit cb3bde373e80902c7d5d0db429f85068d19b2918 7112Author: djm@openbsd.org <djm@openbsd.org> 7113Date: Mon Feb 2 22:48:53 2015 +0000 7114 7115 upstream commit 7116 7117 handle PKCS#11 C_Login returning 7118 CKR_USER_ALREADY_LOGGED_IN; based on patch from Yuri Samoilenko; ok markus@ 7119 7120commit 15ad750e5ec3cc69765b7eba1ce90060e7083399 7121Author: djm@openbsd.org <djm@openbsd.org> 7122Date: Mon Feb 2 07:41:40 2015 +0000 7123 7124 upstream commit 7125 7126 turn UpdateHostkeys off by default until I figure out 7127 mlarkin@'s warning message; requested by deraadt@ 7128 7129commit 3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9 7130Author: deraadt@openbsd.org <deraadt@openbsd.org> 7131Date: Mon Feb 2 01:57:44 2015 +0000 7132 7133 upstream commit 7134 7135 increasing encounters with difficult DNS setups in 7136 darknets has convinced me UseDNS off by default is better ok djm 7137 7138commit 6049a548a8a68ff0bbe581ab1748ea6a59ecdc38 7139Author: djm@openbsd.org <djm@openbsd.org> 7140Date: Sat Jan 31 20:30:05 2015 +0000 7141 7142 upstream commit 7143 7144 Let sshd load public host keys even when private keys are 7145 missing. Allows sshd to advertise additional keys for future key rotation. 7146 Also log fingerprint of hostkeys loaded; ok markus@ 7147 7148commit 46347ed5968f582661e8a70a45f448e0179ca0ab 7149Author: djm@openbsd.org <djm@openbsd.org> 7150Date: Fri Jan 30 11:43:14 2015 +0000 7151 7152 upstream commit 7153 7154 Add a ssh_config HostbasedKeyType option to control which 7155 host public key types are tried during hostbased authentication. 7156 7157 This may be used to prevent too many keys being sent to the server, 7158 and blowing past its MaxAuthTries limit. 7159 7160 bz#2211 based on patch by Iain Morgan; ok markus@ 7161 7162commit 802660cb70453fa4d230cb0233bc1bbdf8328de1 7163Author: djm@openbsd.org <djm@openbsd.org> 7164Date: Fri Jan 30 10:44:49 2015 +0000 7165 7166 upstream commit 7167 7168 set a timeout to prevent hangs when talking to busted 7169 servers; ok markus@ 7170 7171commit 86936ec245a15c7abe71a0722610998b0a28b194 7172Author: djm@openbsd.org <djm@openbsd.org> 7173Date: Fri Jan 30 01:11:39 2015 +0000 7174 7175 upstream commit 7176 7177 regression test for 'wildcard CA' serial/key ID revocations 7178 7179commit 4509b5d4a4fa645a022635bfa7e86d09b285001f 7180Author: djm@openbsd.org <djm@openbsd.org> 7181Date: Fri Jan 30 01:13:33 2015 +0000 7182 7183 upstream commit 7184 7185 avoid more fatal/exit in the packet.c paths that 7186 ssh-keyscan uses; feedback and "looks good" markus@ 7187 7188commit 669aee994348468af8b4b2ebd29b602cf2860b22 7189Author: djm@openbsd.org <djm@openbsd.org> 7190Date: Fri Jan 30 01:10:33 2015 +0000 7191 7192 upstream commit 7193 7194 permit KRLs that revoke certificates by serial number or 7195 key ID without scoping to a particular CA; ok markus@ 7196 7197commit 7a2c368477e26575d0866247d3313da4256cb2b5 7198Author: djm@openbsd.org <djm@openbsd.org> 7199Date: Fri Jan 30 00:59:19 2015 +0000 7200 7201 upstream commit 7202 7203 missing parentheses after if in do_convert_from() broke 7204 private key conversion from other formats some time in 2010; bz#2345 reported 7205 by jjelen AT redhat.com 7206 7207commit 25f5f78d8bf5c22d9cea8b49de24ebeee648a355 7208Author: djm@openbsd.org <djm@openbsd.org> 7209Date: Fri Jan 30 00:22:25 2015 +0000 7210 7211 upstream commit 7212 7213 fix ssh protocol 1, spotted by miod@ 7214 7215commit 9ce86c926dfa6e0635161b035e3944e611cbccf0 7216Author: djm@openbsd.org <djm@openbsd.org> 7217Date: Wed Jan 28 22:36:00 2015 +0000 7218 7219 upstream commit 7220 7221 update to new API (key_fingerprint => sshkey_fingerprint) 7222 check sshkey_fingerprint return values; ok markus 7223 7224commit 9125525c37bf73ad3ee4025520889d2ce9d10f29 7225Author: djm@openbsd.org <djm@openbsd.org> 7226Date: Wed Jan 28 22:05:31 2015 +0000 7227 7228 upstream commit 7229 7230 avoid fatal() calls in packet code makes ssh-keyscan more 7231 reliable against server failures ok dtucker@ markus@ 7232 7233commit fae7bbe544cba7a9e5e4ab47ff6faa3d978646eb 7234Author: djm@openbsd.org <djm@openbsd.org> 7235Date: Wed Jan 28 21:15:47 2015 +0000 7236 7237 upstream commit 7238 7239 avoid fatal() calls in packet code makes ssh-keyscan more 7240 reliable against server failures ok dtucker@ markus@ 7241 7242commit 1a3d14f6b44a494037c7deab485abe6496bf2c60 7243Author: djm@openbsd.org <djm@openbsd.org> 7244Date: Wed Jan 28 11:07:25 2015 +0000 7245 7246 upstream commit 7247 7248 remove obsolete comment 7249 7250commit 80c25b7bc0a71d75c43a4575d9a1336f589eb639 7251Author: okan@openbsd.org <okan@openbsd.org> 7252Date: Tue Jan 27 12:54:06 2015 +0000 7253 7254 upstream commit 7255 7256 Since r1.2 removed the use of PRI* macros, inttypes.h is 7257 no longer required. 7258 7259 ok djm@ 7260 7261commit 69ff64f69615c2a21c97cb5878a0996c21423257 7262Author: Damien Miller <djm@mindrot.org> 7263Date: Tue Jan 27 23:07:43 2015 +1100 7264 7265 compile on systems without TCP_MD5SIG (e.g. OSX) 7266 7267commit 358964f3082fb90b2ae15bcab07b6105cfad5a43 7268Author: Damien Miller <djm@mindrot.org> 7269Date: Tue Jan 27 23:07:25 2015 +1100 7270 7271 use ssh-keygen under test rather than system's 7272 7273commit a2c95c1bf33ea53038324d1fdd774bc953f98236 7274Author: Damien Miller <djm@mindrot.org> 7275Date: Tue Jan 27 23:06:59 2015 +1100 7276 7277 OSX lacks HOST_NAME_MAX, has _POSIX_HOST_NAME_MAX 7278 7279commit ade31d7b6f608a19b85bee29a7a00b1e636a2919 7280Author: Damien Miller <djm@mindrot.org> 7281Date: Tue Jan 27 23:06:23 2015 +1100 7282 7283 these need active_state defined to link on OSX 7284 7285 temporary measure until active_state goes away entirely 7286 7287commit e56aa87502f22c5844918c10190e8b4f785f067b 7288Author: djm@openbsd.org <djm@openbsd.org> 7289Date: Tue Jan 27 12:01:36 2015 +0000 7290 7291 upstream commit 7292 7293 use printf instead of echo -n to reduce diff against 7294 -portable 7295 7296commit 9f7637f56eddfaf62ce3c0af89c25480f2cf1068 7297Author: jmc@openbsd.org <jmc@openbsd.org> 7298Date: Mon Jan 26 13:55:29 2015 +0000 7299 7300 upstream commit 7301 7302 sort previous; 7303 7304commit 3076ee7d530d5b16842fac7a6229706c7e5acd26 7305Author: djm@openbsd.org <djm@openbsd.org> 7306Date: Mon Jan 26 13:36:53 2015 +0000 7307 7308 upstream commit 7309 7310 properly restore umask 7311 7312commit d411d395556b73ba1b9e451516a0bd6697c4b03d 7313Author: djm@openbsd.org <djm@openbsd.org> 7314Date: Mon Jan 26 06:12:18 2015 +0000 7315 7316 upstream commit 7317 7318 regression test for host key rotation 7319 7320commit fe8a3a51699afbc6407a8fae59b73349d01e49f8 7321Author: djm@openbsd.org <djm@openbsd.org> 7322Date: Mon Jan 26 06:11:28 2015 +0000 7323 7324 upstream commit 7325 7326 adapt to sshkey API tweaks 7327 7328commit 7dd355fb1f0038a3d5cdca57ebab4356c7a5b434 7329Author: miod@openbsd.org <miod@openbsd.org> 7330Date: Sat Jan 24 10:39:21 2015 +0000 7331 7332 upstream commit 7333 7334 Move -lz late in the linker commandline for things to 7335 build on static arches. 7336 7337commit 0dad3b806fddb93c475b30853b9be1a25d673a33 7338Author: miod@openbsd.org <miod@openbsd.org> 7339Date: Fri Jan 23 21:21:23 2015 +0000 7340 7341 upstream commit 7342 7343 -Wpointer-sign is supported by gcc 4 only. 7344 7345commit 2b3b1c1e4bd9577b6e780c255c278542ea66c098 7346Author: djm@openbsd.org <djm@openbsd.org> 7347Date: Tue Jan 20 22:58:57 2015 +0000 7348 7349 upstream commit 7350 7351 use SUBDIR to recuse into unit tests; makes "make obj" 7352 actually work 7353 7354commit 1d1092bff8db27080155541212b420703f8b9c92 7355Author: djm@openbsd.org <djm@openbsd.org> 7356Date: Mon Jan 26 12:16:36 2015 +0000 7357 7358 upstream commit 7359 7360 correct description of UpdateHostKeys in ssh_config.5 and 7361 add it to -o lists for ssh, scp and sftp; pointed out by jmc@ 7362 7363commit 5104db7cbd6cdd9c5971f4358e74414862fc1022 7364Author: djm@openbsd.org <djm@openbsd.org> 7365Date: Mon Jan 26 06:10:03 2015 +0000 7366 7367 upstream commit 7368 7369 correctly match ECDSA subtype (== curve) for 7370 offered/recevied host keys. Fixes connection-killing host key mismatches when 7371 a server offers multiple ECDSA keys with different curve type (an extremely 7372 unlikely configuration). 7373 7374 ok markus, "looks mechanical" deraadt@ 7375 7376commit 8d4f87258f31cb6def9b3b55b6a7321d84728ff2 7377Author: djm@openbsd.org <djm@openbsd.org> 7378Date: Mon Jan 26 03:04:45 2015 +0000 7379 7380 upstream commit 7381 7382 Host key rotation support. 7383 7384 Add a hostkeys@openssh.com protocol extension (global request) for 7385 a server to inform a client of all its available host key after 7386 authentication has completed. The client may record the keys in 7387 known_hosts, allowing it to upgrade to better host key algorithms 7388 and a server to gracefully rotate its keys. 7389 7390 The client side of this is controlled by a UpdateHostkeys config 7391 option (default on). 7392 7393 ok markus@ 7394 7395commit 60b1825262b1f1e24fc72050b907189c92daf18e 7396Author: djm@openbsd.org <djm@openbsd.org> 7397Date: Mon Jan 26 02:59:11 2015 +0000 7398 7399 upstream commit 7400 7401 small refactor and add some convenience functions; ok 7402 markus 7403 7404commit a5a3e3328ddce91e76f71ff479022d53e35c60c9 7405Author: jmc@openbsd.org <jmc@openbsd.org> 7406Date: Thu Jan 22 21:00:42 2015 +0000 7407 7408 upstream commit 7409 7410 heirarchy -> hierarchy; 7411 7412commit dcff5810a11195c57e1b3343c0d6b6f2b9974c11 7413Author: deraadt@openbsd.org <deraadt@openbsd.org> 7414Date: Thu Jan 22 20:24:41 2015 +0000 7415 7416 upstream commit 7417 7418 Provide a warning about chroot misuses (which sadly, seem 7419 to have become quite popular because shiny). sshd cannot detect/manage/do 7420 anything about these cases, best we can do is warn in the right spot in the 7421 man page. ok markus 7422 7423commit 087266ec33c76fc8d54ac5a19efacf2f4a4ca076 7424Author: deraadt@openbsd.org <deraadt@openbsd.org> 7425Date: Tue Jan 20 23:14:00 2015 +0000 7426 7427 upstream commit 7428 7429 Reduce use of <sys/param.h> and transition to <limits.h> 7430 throughout. ok djm markus 7431 7432commit 57e783c8ba2c0797f93977e83b2a8644a03065d8 7433Author: markus@openbsd.org <markus@openbsd.org> 7434Date: Tue Jan 20 20:16:21 2015 +0000 7435 7436 upstream commit 7437 7438 kex_setup errors are fatal() 7439 7440commit 1d6424a6ff94633c221297ae8f42d54e12a20912 7441Author: djm@openbsd.org <djm@openbsd.org> 7442Date: Tue Jan 20 08:02:33 2015 +0000 7443 7444 upstream commit 7445 7446 this test would accidentally delete agent.sh if run without 7447 obj/ 7448 7449commit 12b5f50777203e12575f1b08568281e447249ed3 7450Author: djm@openbsd.org <djm@openbsd.org> 7451Date: Tue Jan 20 07:56:44 2015 +0000 7452 7453 upstream commit 7454 7455 make this compile with KERBEROS5 enabled 7456 7457commit e2cc6bef08941256817d44d146115b3478586ad4 7458Author: djm@openbsd.org <djm@openbsd.org> 7459Date: Tue Jan 20 07:55:33 2015 +0000 7460 7461 upstream commit 7462 7463 fix hostkeys in agent; ok markus@ 7464 7465commit 1ca3e2155aa5d3801a7ae050f85c71f41fcb95b1 7466Author: Damien Miller <djm@mindrot.org> 7467Date: Tue Jan 20 10:11:31 2015 +1100 7468 7469 fix kex test 7470 7471commit c78a578107c7e6dcf5d30a2f34cb6581bef14029 7472Author: markus@openbsd.org <markus@openbsd.org> 7473Date: Mon Jan 19 20:45:25 2015 +0000 7474 7475 upstream commit 7476 7477 finally enable the KEX tests I wrote some years ago... 7478 7479commit 31821d7217e686667d04935aeec99e1fc4a46e7e 7480Author: markus@openbsd.org <markus@openbsd.org> 7481Date: Mon Jan 19 20:42:31 2015 +0000 7482 7483 upstream commit 7484 7485 adapt to new error message (SSH_ERR_MAC_INVALID) 7486 7487commit d3716ca19e510e95d956ae14d5b367e364bff7f1 7488Author: djm@openbsd.org <djm@openbsd.org> 7489Date: Mon Jan 19 17:31:13 2015 +0000 7490 7491 upstream commit 7492 7493 this test was broken in at least two ways, such that it 7494 wasn't checking that a KRL was not excluding valid keys 7495 7496commit 3f797653748e7c2b037dacb57574c01d9ef3b4d3 7497Author: markus@openbsd.org <markus@openbsd.org> 7498Date: Mon Jan 19 20:32:39 2015 +0000 7499 7500 upstream commit 7501 7502 switch ssh-keyscan from setjmp to multiple ssh transport 7503 layer instances ok djm@ 7504 7505commit f582f0e917bb0017b00944783cd5f408bf4b0b5e 7506Author: markus@openbsd.org <markus@openbsd.org> 7507Date: Mon Jan 19 20:30:23 2015 +0000 7508 7509 upstream commit 7510 7511 add experimental api for packet layer; ok djm@ 7512 7513commit 48b3b2ba75181f11fca7f327058a591f4426cade 7514Author: markus@openbsd.org <markus@openbsd.org> 7515Date: Mon Jan 19 20:20:20 2015 +0000 7516 7517 upstream commit 7518 7519 store compat flags in struct ssh; ok djm@ 7520 7521commit 57d10cbe861a235dd269c74fb2fe248469ecee9d 7522Author: markus@openbsd.org <markus@openbsd.org> 7523Date: Mon Jan 19 20:16:15 2015 +0000 7524 7525 upstream commit 7526 7527 adapt kex to sshbuf and struct ssh; ok djm@ 7528 7529commit 3fdc88a0def4f86aa88a5846ac079dc964c0546a 7530Author: markus@openbsd.org <markus@openbsd.org> 7531Date: Mon Jan 19 20:07:45 2015 +0000 7532 7533 upstream commit 7534 7535 move dispatch to struct ssh; ok djm@ 7536 7537commit 091c302829210c41e7f57c3f094c7b9c054306f0 7538Author: markus@openbsd.org <markus@openbsd.org> 7539Date: Mon Jan 19 19:52:16 2015 +0000 7540 7541 upstream commit 7542 7543 update packet.c & isolate, introduce struct ssh a) switch 7544 packet.c to buffer api and isolate per-connection info into struct ssh b) 7545 (de)serialization of the state is moved from monitor to packet.c c) the old 7546 packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and 7547 integrated into packet.c with and ok djm@ 7548 7549commit 4e62cc68ce4ba20245d208b252e74e91d3785b74 7550Author: djm@openbsd.org <djm@openbsd.org> 7551Date: Mon Jan 19 17:35:48 2015 +0000 7552 7553 upstream commit 7554 7555 fix format strings in (disabled) debugging 7556 7557commit d85e06245907d49a2cd0cfa0abf59150ad616f42 7558Author: djm@openbsd.org <djm@openbsd.org> 7559Date: Mon Jan 19 06:01:32 2015 +0000 7560 7561 upstream commit 7562 7563 be a bit more careful in these tests to ensure that 7564 known_hosts is clean 7565 7566commit 7947810eab5fe0ad311f32a48f4d4eb1f71be6cf 7567Author: djm@openbsd.org <djm@openbsd.org> 7568Date: Sun Jan 18 22:00:18 2015 +0000 7569 7570 upstream commit 7571 7572 regression test for known_host file editing using 7573 ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok 7574 markus@ 7575 7576commit 3a2b09d147a565d8a47edf37491e149a02c0d3a3 7577Author: djm@openbsd.org <djm@openbsd.org> 7578Date: Sun Jan 18 19:54:46 2015 +0000 7579 7580 upstream commit 7581 7582 more and better key tests 7583 7584 test signatures and verification 7585 test certificate generation 7586 flesh out nested cert test 7587 7588 removes most of the XXX todo markers 7589 7590commit 589e69fd82724cfc9738f128e4771da2e6405d0d 7591Author: djm@openbsd.org <djm@openbsd.org> 7592Date: Sun Jan 18 19:53:58 2015 +0000 7593 7594 upstream commit 7595 7596 make the signature fuzzing test much more rigorous: 7597 ensure that the fuzzed input cases do not match the original (using new 7598 fuzz_matches_original() function) and check that the verification fails in 7599 each case 7600 7601commit 80603c0daa2538c349c1c152405580b164d5475f 7602Author: djm@openbsd.org <djm@openbsd.org> 7603Date: Sun Jan 18 19:52:44 2015 +0000 7604 7605 upstream commit 7606 7607 add a fuzz_matches_original() function to the fuzzer to 7608 detect fuzz cases that are identical to the original data. Hacky 7609 implementation, but very useful when you need the fuzz to be different, e.g. 7610 when verifying signature 7611 7612commit 87d5495bd337e358ad69c524fcb9495208c0750b 7613Author: djm@openbsd.org <djm@openbsd.org> 7614Date: Sun Jan 18 19:50:55 2015 +0000 7615 7616 upstream commit 7617 7618 better dumps from the fuzzer (shown on errors) - 7619 include the original data as well as the fuzzed copy. 7620 7621commit d59ec478c453a3fff05badbbfd96aa856364f2c2 7622Author: djm@openbsd.org <djm@openbsd.org> 7623Date: Sun Jan 18 19:47:55 2015 +0000 7624 7625 upstream commit 7626 7627 enable hostkey-agent.sh test 7628 7629commit 26b3425170bf840e4b095e1c10bf25a0a3e3a105 7630Author: djm@openbsd.org <djm@openbsd.org> 7631Date: Sat Jan 17 18:54:30 2015 +0000 7632 7633 upstream commit 7634 7635 unit test for hostkeys in ssh-agent 7636 7637commit 9e06a0fb23ec55d9223b26a45bb63c7649e2f2f2 7638Author: markus@openbsd.org <markus@openbsd.org> 7639Date: Thu Jan 15 23:41:29 2015 +0000 7640 7641 upstream commit 7642 7643 add kex unit tests 7644 7645commit d2099dec6da21ae627f6289aedae6bc1d41a22ce 7646Author: deraadt@openbsd.org <deraadt@openbsd.org> 7647Date: Mon Jan 19 00:32:54 2015 +0000 7648 7649 upstream commit 7650 7651 djm, your /usr/include tree is old 7652 7653commit 2b3c3c76c30dc5076fe09d590f5b26880f148a54 7654Author: djm@openbsd.org <djm@openbsd.org> 7655Date: Sun Jan 18 21:51:19 2015 +0000 7656 7657 upstream commit 7658 7659 some feedback from markus@: comment hostkeys_foreach() 7660 context and avoid a member in it. 7661 7662commit cecb30bc2ba6d594366e657d664d5c494b6c8a7f 7663Author: djm@openbsd.org <djm@openbsd.org> 7664Date: Sun Jan 18 21:49:42 2015 +0000 7665 7666 upstream commit 7667 7668 make ssh-keygen use hostkeys_foreach(). Removes some 7669 horrendous code; ok markus@ 7670 7671commit ec3d065df3a9557ea96b02d061fd821a18c1a0b9 7672Author: djm@openbsd.org <djm@openbsd.org> 7673Date: Sun Jan 18 21:48:09 2015 +0000 7674 7675 upstream commit 7676 7677 convert load_hostkeys() (hostkey ordering and 7678 known_host matching) to use the new hostkey_foreach() iterator; ok markus 7679 7680commit c29811cc480a260e42fd88849fc86a80c1e91038 7681Author: djm@openbsd.org <djm@openbsd.org> 7682Date: Sun Jan 18 21:40:23 2015 +0000 7683 7684 upstream commit 7685 7686 introduce hostkeys_foreach() to allow iteration over a 7687 known_hosts file or controlled subset thereof. This will allow us to pull out 7688 some ugly and duplicated code, and will be used to implement hostkey rotation 7689 later. 7690 7691 feedback and ok markus 7692 7693commit f101d8291da01bbbfd6fb8c569cfd0cc61c0d346 7694Author: deraadt@openbsd.org <deraadt@openbsd.org> 7695Date: Sun Jan 18 14:01:00 2015 +0000 7696 7697 upstream commit 7698 7699 string truncation due to sizeof(size) ok djm markus 7700 7701commit 35d6022b55b7969fc10c261cb6aa78cc4a5fcc41 7702Author: djm@openbsd.org <djm@openbsd.org> 7703Date: Sun Jan 18 13:33:34 2015 +0000 7704 7705 upstream commit 7706 7707 avoid trailing ',' in host key algorithms 7708 7709commit 7efb455789a0cb76bdcdee91c6060a3dc8f5c007 7710Author: djm@openbsd.org <djm@openbsd.org> 7711Date: Sun Jan 18 13:22:28 2015 +0000 7712 7713 upstream commit 7714 7715 infer key length correctly when user specified a fully- 7716 qualified key name instead of using the -b bits option; ok markus@ 7717 7718commit 83f8ffa6a55ccd0ce9d8a205e3e7439ec18fedf5 7719Author: djm@openbsd.org <djm@openbsd.org> 7720Date: Sat Jan 17 18:53:34 2015 +0000 7721 7722 upstream commit 7723 7724 fix hostkeys on ssh agent; found by unit test I'm about 7725 to commit 7726 7727commit 369d61f17657b814124268f99c033e4dc6e436c1 7728Author: schwarze@openbsd.org <schwarze@openbsd.org> 7729Date: Fri Jan 16 16:20:23 2015 +0000 7730 7731 upstream commit 7732 7733 garbage collect empty .No macros mandoc warns about 7734 7735commit bb8b442d32dbdb8521d610e10d8b248d938bd747 7736Author: djm@openbsd.org <djm@openbsd.org> 7737Date: Fri Jan 16 15:55:07 2015 +0000 7738 7739 upstream commit 7740 7741 regression: incorrect error message on 7742 otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@ 7743 7744commit 9010902954a40b59d0bf3df3ccbc3140a653e2bc 7745Author: djm@openbsd.org <djm@openbsd.org> 7746Date: Fri Jan 16 07:19:48 2015 +0000 7747 7748 upstream commit 7749 7750 when hostname canonicalisation is enabled, try to parse 7751 hostnames as addresses before looking them up for canonicalisation. fixes 7752 bz#2074 and avoids needless DNS lookups in some cases; ok markus 7753 7754commit 2ae4f337b2a5fb2841b6b0053b49496fef844d1c 7755Author: deraadt@openbsd.org <deraadt@openbsd.org> 7756Date: Fri Jan 16 06:40:12 2015 +0000 7757 7758 upstream commit 7759 7760 Replace <sys/param.h> with <limits.h> and other less 7761 dirty headers where possible. Annotate <sys/param.h> lines with their 7762 current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, 7763 LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of 7764 MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. 7765 These are the files confirmed through binary verification. ok guenther, 7766 millert, doug (helped with the verification protocol) 7767 7768commit 3c4726f4c24118e8f1bb80bf75f1456c76df072c 7769Author: markus@openbsd.org <markus@openbsd.org> 7770Date: Thu Jan 15 21:38:50 2015 +0000 7771 7772 upstream commit 7773 7774 remove xmalloc, switch to sshbuf 7775 7776commit e17ac01f8b763e4b83976b9e521e90a280acc097 7777Author: markus@openbsd.org <markus@openbsd.org> 7778Date: Thu Jan 15 21:37:14 2015 +0000 7779 7780 upstream commit 7781 7782 switch to sshbuf 7783 7784commit ddef9995a1fa6c7a8ff3b38bfe6cf724bebf13d0 7785Author: naddy@openbsd.org <naddy@openbsd.org> 7786Date: Thu Jan 15 18:32:54 2015 +0000 7787 7788 upstream commit 7789 7790 handle UMAC128 initialization like UMAC; ok djm@ markus@ 7791 7792commit f14564c1f7792446bca143580aef0e7ac25dcdae 7793Author: djm@openbsd.org <djm@openbsd.org> 7794Date: Thu Jan 15 11:04:36 2015 +0000 7795 7796 upstream commit 7797 7798 fix regression reported by brad@ for passworded keys without 7799 agent present 7800 7801commit 45c0fd70bb2a88061319dfff20cb12ef7b1bc47e 7802Author: Damien Miller <djm@mindrot.org> 7803Date: Thu Jan 15 22:08:23 2015 +1100 7804 7805 make bitmap test compile 7806 7807commit d333f89abf7179021e5c3f28673f469abe032062 7808Author: djm@openbsd.org <djm@openbsd.org> 7809Date: Thu Jan 15 07:36:28 2015 +0000 7810 7811 upstream commit 7812 7813 unit tests for KRL bitmap 7814 7815commit 7613f828f49c55ff356007ae9645038ab6682556 7816Author: markus@openbsd.org <markus@openbsd.org> 7817Date: Wed Jan 14 09:58:21 2015 +0000 7818 7819 upstream commit 7820 7821 re-add comment about full path 7822 7823commit 6c43b48b307c41cd656b415621a644074579a578 7824Author: markus@openbsd.org <markus@openbsd.org> 7825Date: Wed Jan 14 09:54:38 2015 +0000 7826 7827 upstream commit 7828 7829 don't reset to the installed sshd; connect before 7830 reconfigure, too 7831 7832commit 771bb47a1df8b69061f09462e78aa0b66cd594bf 7833Author: djm@openbsd.org <djm@openbsd.org> 7834Date: Tue Jan 13 14:51:51 2015 +0000 7835 7836 upstream commit 7837 7838 implement a SIGINFO handler so we can discern a stuck 7839 fuzz test from a merely glacial one; prompted by and ok markus 7840 7841commit cfaa57962f8536f3cf0fd7daf4d6a55d6f6de45f 7842Author: djm@openbsd.org <djm@openbsd.org> 7843Date: Tue Jan 13 08:23:26 2015 +0000 7844 7845 upstream commit 7846 7847 use $SSH instead of installed ssh to allow override; 7848 spotted by markus@ 7849 7850commit 0920553d0aee117a596b03ed5b49b280d34a32c5 7851Author: djm@openbsd.org <djm@openbsd.org> 7852Date: Tue Jan 13 07:49:49 2015 +0000 7853 7854 upstream commit 7855 7856 regress test for PubkeyAcceptedKeyTypes; ok markus@ 7857 7858commit 27ca1a5c0095eda151934bca39a77e391f875d17 7859Author: markus@openbsd.org <markus@openbsd.org> 7860Date: Mon Jan 12 20:13:27 2015 +0000 7861 7862 upstream commit 7863 7864 unbreak parsing of pubkey comments; with gerhard; ok 7865 djm/deraadt 7866 7867commit 55358f0b4e0b83bc0df81c5f854c91b11e0bb4dc 7868Author: djm@openbsd.org <djm@openbsd.org> 7869Date: Mon Jan 12 11:46:32 2015 +0000 7870 7871 upstream commit 7872 7873 fatal if soft-PKCS11 library is missing rather (rather 7874 than continue and fail with a more cryptic error) 7875 7876commit c3554cdd2a1a62434b8161017aa76fa09718a003 7877Author: djm@openbsd.org <djm@openbsd.org> 7878Date: Mon Jan 12 11:12:38 2015 +0000 7879 7880 upstream commit 7881 7882 let this test all supporte key types; pointed out/ok 7883 markus@ 7884 7885commit 1129dcfc5a3e508635004bcc05a3574cb7687167 7886Author: djm@openbsd.org <djm@openbsd.org> 7887Date: Thu Jan 15 09:40:00 2015 +0000 7888 7889 upstream commit 7890 7891 sync ssh-keysign, ssh-keygen and some dependencies to the 7892 new buffer/key API; mostly mechanical, ok markus@ 7893 7894commit e4ebf5586452bf512da662ac277aaf6ecf0efe7c 7895Author: djm@openbsd.org <djm@openbsd.org> 7896Date: Thu Jan 15 07:57:08 2015 +0000 7897 7898 upstream commit 7899 7900 remove commented-out test code now that it has moved to a 7901 proper unit test 7902 7903commit e81cba066c1e9eb70aba0f6e7c0ff220611b370f 7904Author: djm@openbsd.org <djm@openbsd.org> 7905Date: Wed Jan 14 20:54:29 2015 +0000 7906 7907 upstream commit 7908 7909 whitespace 7910 7911commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622 7912Author: djm@openbsd.org <djm@openbsd.org> 7913Date: Wed Jan 14 20:05:27 2015 +0000 7914 7915 upstream commit 7916 7917 move authfd.c and its tentacles to the new buffer/key 7918 API; ok markus@ 7919 7920commit 0088c57af302cda278bd26d8c3ae81d5b6f7c289 7921Author: djm@openbsd.org <djm@openbsd.org> 7922Date: Wed Jan 14 19:33:41 2015 +0000 7923 7924 upstream commit 7925 7926 fix small regression: ssh-agent would return a success 7927 message but an empty signature if asked to sign using an unknown key; ok 7928 markus@ 7929 7930commit b03ebe2c22b8166e4f64c37737f4278676e3488d 7931Author: Damien Miller <djm@mindrot.org> 7932Date: Thu Jan 15 03:08:58 2015 +1100 7933 7934 more --without-openssl 7935 7936 fix some regressions caused by upstream merges 7937 7938 enable KRLs now that they no longer require BIGNUMs 7939 7940commit bc42cc6fe784f36df225c44c93b74830027cb5a2 7941Author: Damien Miller <djm@mindrot.org> 7942Date: Thu Jan 15 03:08:29 2015 +1100 7943 7944 kludge around tun API mismatch betterer 7945 7946commit c332110291089b624fa0951fbf2d1ee6de525b9f 7947Author: Damien Miller <djm@mindrot.org> 7948Date: Thu Jan 15 02:59:51 2015 +1100 7949 7950 some systems lack SO_REUSEPORT 7951 7952commit 83b9678a62cbdc74eb2031cf1e1e4ffd58e233ae 7953Author: Damien Miller <djm@mindrot.org> 7954Date: Thu Jan 15 02:35:50 2015 +1100 7955 7956 fix merge botch 7957 7958commit 0cdc5a3eb6fb383569a4da2a30705d9b90428d6b 7959Author: Damien Miller <djm@mindrot.org> 7960Date: Thu Jan 15 02:35:33 2015 +1100 7961 7962 unbreak across API change 7963 7964commit 6e2549ac2b5e7f96cbc2d83a6e0784b120444b47 7965Author: Damien Miller <djm@mindrot.org> 7966Date: Thu Jan 15 02:30:18 2015 +1100 7967 7968 need includes.h for portable OpenSSH 7969 7970commit 72ef7c148c42db7d5632a29f137f8b87b579f2d9 7971Author: Damien Miller <djm@mindrot.org> 7972Date: Thu Jan 15 02:21:31 2015 +1100 7973 7974 support --without-openssl at configure time 7975 7976 Disables and removes dependency on OpenSSL. Many features don't 7977 work and the set of crypto options is greatly restricted. This 7978 will only work on system with native arc4random or /dev/urandom. 7979 7980 Considered highly experimental for now. 7981 7982commit 4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9 7983Author: Damien Miller <djm@mindrot.org> 7984Date: Thu Jan 15 02:28:00 2015 +1100 7985 7986 add files missed in last commit 7987 7988commit a165bab605f7be55940bb8fae977398e8c96a46d 7989Author: djm@openbsd.org <djm@openbsd.org> 7990Date: Wed Jan 14 15:02:39 2015 +0000 7991 7992 upstream commit 7993 7994 avoid BIGNUM in KRL code by using a simple bitmap; 7995 feedback and ok markus 7996 7997commit 7d845f4a0b7ec97887be204c3760e44de8bf1f32 7998Author: djm@openbsd.org <djm@openbsd.org> 7999Date: Wed Jan 14 13:54:13 2015 +0000 8000 8001 upstream commit 8002 8003 update sftp client and server to new buffer API. pretty 8004 much just mechanical changes; with & ok markus 8005 8006commit 139ca81866ec1b219c717d17061e5e7ad1059e2a 8007Author: markus@openbsd.org <markus@openbsd.org> 8008Date: Wed Jan 14 13:09:09 2015 +0000 8009 8010 upstream commit 8011 8012 switch to sshbuf/sshkey; with & ok djm@ 8013 8014commit 81bfbd0bd35683de5d7f2238b985e5f8150a9180 8015Author: Damien Miller <djm@mindrot.org> 8016Date: Wed Jan 14 21:48:18 2015 +1100 8017 8018 support --without-openssl at configure time 8019 8020 Disables and removes dependency on OpenSSL. Many features don't 8021 work and the set of crypto options is greatly restricted. This 8022 will only work on system with native arc4random or /dev/urandom. 8023 8024 Considered highly experimental for now. 8025 8026commit 54924b53af15ccdcbb9f89984512b5efef641a31 8027Author: djm@openbsd.org <djm@openbsd.org> 8028Date: Wed Jan 14 10:46:28 2015 +0000 8029 8030 upstream commit 8031 8032 avoid an warning for the !OPENSSL case 8033 8034commit ae8b463217f7c9b66655bfc3945c050ffdaeb861 8035Author: markus@openbsd.org <markus@openbsd.org> 8036Date: Wed Jan 14 10:30:34 2015 +0000 8037 8038 upstream commit 8039 8040 swith auth-options to new sshbuf/sshkey; ok djm@ 8041 8042commit 540e891191b98b89ee90aacf5b14a4a68635e763 8043Author: djm@openbsd.org <djm@openbsd.org> 8044Date: Wed Jan 14 10:29:45 2015 +0000 8045 8046 upstream commit 8047 8048 make non-OpenSSL aes-ctr work on sshd w/ privsep; ok 8049 markus@ 8050 8051commit 60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53 8052Author: markus@openbsd.org <markus@openbsd.org> 8053Date: Wed Jan 14 10:24:42 2015 +0000 8054 8055 upstream commit 8056 8057 remove unneeded includes, sync my copyright across files 8058 & whitespace; ok djm@ 8059 8060commit 128343bcdb0b60fc826f2733df8cf979ec1627b4 8061Author: markus@openbsd.org <markus@openbsd.org> 8062Date: Tue Jan 13 19:31:40 2015 +0000 8063 8064 upstream commit 8065 8066 adapt mac.c to ssherr.h return codes (de-fatal) and 8067 simplify dependencies ok djm@ 8068 8069commit e7fd952f4ea01f09ceb068721a5431ac2fd416ed 8070Author: djm@openbsd.org <djm@openbsd.org> 8071Date: Tue Jan 13 19:04:35 2015 +0000 8072 8073 upstream commit 8074 8075 sync changes from libopenssh; prepared by markus@ mostly 8076 debug output tweaks, a couple of error return value changes and some other 8077 minor stuff 8078 8079commit 76c0480a85675f03a1376167cb686abed01a3583 8080Author: Damien Miller <djm@mindrot.org> 8081Date: Tue Jan 13 19:38:18 2015 +1100 8082 8083 add --without-ssh1 option to configure 8084 8085 Allows disabling support for SSH protocol 1. 8086 8087commit 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03 8088Author: djm@openbsd.org <djm@openbsd.org> 8089Date: Tue Jan 13 07:39:19 2015 +0000 8090 8091 upstream commit 8092 8093 add sshd_config HostbasedAcceptedKeyTypes and 8094 PubkeyAcceptedKeyTypes options to allow sshd to control what public key types 8095 will be accepted. Currently defaults to all. Feedback & ok markus@ 8096 8097commit 816d1538c24209a93ba0560b27c4fda57c3fff65 8098Author: markus@openbsd.org <markus@openbsd.org> 8099Date: Mon Jan 12 20:13:27 2015 +0000 8100 8101 upstream commit 8102 8103 unbreak parsing of pubkey comments; with gerhard; ok 8104 djm/deraadt 8105 8106commit 0097565f849851812df610b7b6b3c4bd414f6c62 8107Author: markus@openbsd.org <markus@openbsd.org> 8108Date: Mon Jan 12 19:22:46 2015 +0000 8109 8110 upstream commit 8111 8112 missing error assigment on sshbuf_put_string() 8113 8114commit a7f49dcb527dd17877fcb8d5c3a9a6f550e0bba5 8115Author: djm@openbsd.org <djm@openbsd.org> 8116Date: Mon Jan 12 15:18:07 2015 +0000 8117 8118 upstream commit 8119 8120 apparently memcpy(x, NULL, 0) is undefined behaviour 8121 according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls 8122 when length==0; ok markus@ 8123 8124commit 905fe30fca82f38213763616d0d26eb6790bde33 8125Author: markus@openbsd.org <markus@openbsd.org> 8126Date: Mon Jan 12 14:05:19 2015 +0000 8127 8128 upstream commit 8129 8130 free->sshkey_free; ok djm@ 8131 8132commit f067cca2bc20c86b110174c3fef04086a7f57b13 8133Author: markus@openbsd.org <markus@openbsd.org> 8134Date: Mon Jan 12 13:29:27 2015 +0000 8135 8136 upstream commit 8137 8138 allow WITH_OPENSSL w/o WITH_SSH1; ok djm@ 8139 8140commit c4bfafcc2a9300d9cfb3c15e75572d3a7d74670d 8141Author: djm@openbsd.org <djm@openbsd.org> 8142Date: Thu Jan 8 13:10:58 2015 +0000 8143 8144 upstream commit 8145 8146 adjust for sshkey_load_file() API change 8147 8148commit e752c6d547036c602b89e9e704851463bd160e32 8149Author: djm@openbsd.org <djm@openbsd.org> 8150Date: Thu Jan 8 13:44:36 2015 +0000 8151 8152 upstream commit 8153 8154 fix ssh_config FingerprintHash evaluation order; from Petr 8155 Lautrbach 8156 8157commit ab24ab847b0fc94c8d5e419feecff0bcb6d6d1bf 8158Author: djm@openbsd.org <djm@openbsd.org> 8159Date: Thu Jan 8 10:15:45 2015 +0000 8160 8161 upstream commit 8162 8163 reorder hostbased key attempts to better match the 8164 default hostkey algorithms order in myproposal.h; ok markus@ 8165 8166commit 1195f4cb07ef4b0405c839293c38600b3e9bdb46 8167Author: djm@openbsd.org <djm@openbsd.org> 8168Date: Thu Jan 8 10:14:08 2015 +0000 8169 8170 upstream commit 8171 8172 deprecate key_load_private_pem() and 8173 sshkey_load_private_pem() interfaces. Refactor the generic key loading API to 8174 not require pathnames to be specified (they weren't really used). 8175 8176 Fixes a few other things en passant: 8177 8178 Makes ed25519 keys work for hostbased authentication (ssh-keysign 8179 previously used the PEM-only routines). 8180 8181 Fixes key comment regression bz#2306: key pathnames were being lost as 8182 comment fields. 8183 8184 ok markus@ 8185 8186commit febbe09e4e9aff579b0c5cc1623f756862e4757d 8187Author: tedu@openbsd.org <tedu@openbsd.org> 8188Date: Wed Jan 7 18:15:07 2015 +0000 8189 8190 upstream commit 8191 8192 workaround for the Meyer, et al, Bleichenbacher Side 8193 Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm 8194 markus 8195 8196commit 5191df927db282d3123ca2f34a04d8d96153911a 8197Author: djm@openbsd.org <djm@openbsd.org> 8198Date: Tue Dec 23 22:42:48 2014 +0000 8199 8200 upstream commit 8201 8202 KNF and add a little more debug() 8203 8204commit 8abd80315d3419b20e6938f74d37e2e2b547f0b7 8205Author: jmc@openbsd.org <jmc@openbsd.org> 8206Date: Mon Dec 22 09:26:31 2014 +0000 8207 8208 upstream commit 8209 8210 add fingerprinthash to the options list; 8211 8212commit 296ef0560f60980da01d83b9f0e1a5257826536f 8213Author: jmc@openbsd.org <jmc@openbsd.org> 8214Date: Mon Dec 22 09:24:59 2014 +0000 8215 8216 upstream commit 8217 8218 tweak previous; 8219 8220commit 462082eacbd37778a173afb6b84c6f4d898a18b5 8221Author: Damien Miller <djm@google.com> 8222Date: Tue Dec 30 08:16:11 2014 +1100 8223 8224 avoid uninitialised free of ldns_res 8225 8226 If an invalid rdclass was passed to getrrsetbyname() then 8227 this would execute a free on an uninitialised pointer. 8228 OpenSSH only ever calls this with a fixed and valid rdclass. 8229 8230 Reported by Joshua Rogers 8231 8232commit 01b63498801053f131a0740eb9d13faf35d636c8 8233Author: Damien Miller <djm@google.com> 8234Date: Mon Dec 29 18:10:18 2014 +1100 8235 8236 pull updated OpenBSD BCrypt PBKDF implementation 8237 8238 Includes fix for 1 byte output overflow for large key length 8239 requests (not reachable in OpenSSH). 8240 8241 Pointed out by Joshua Rogers 8242 8243commit c528c1b4af2f06712177b3de9b30705752f7cbcb 8244Author: Damien Miller <djm@google.com> 8245Date: Tue Dec 23 15:26:13 2014 +1100 8246 8247 fix variable name for IPv6 case in construct_utmpx 8248 8249 patch from writeonce AT midipix.org via bz#2296 8250 8251commit 293cac52dcda123244b2e594d15592e5e481c55e 8252Author: Damien Miller <djm@google.com> 8253Date: Mon Dec 22 16:30:42 2014 +1100 8254 8255 include and use OpenBSD netcat in regress/ 8256 8257commit 8f6784f0cb56dc4fd00af3e81a10050a5785228d 8258Author: djm@openbsd.org <djm@openbsd.org> 8259Date: Mon Dec 22 09:05:17 2014 +0000 8260 8261 upstream commit 8262 8263 mention ssh -Q feature to list supported { MAC, cipher, 8264 KEX, key } algorithms in more places and include the query string used to 8265 list the relevant information; bz#2288 8266 8267commit 449e11b4d7847079bd0a2daa6e3e7ea03d8ef700 8268Author: jmc@openbsd.org <jmc@openbsd.org> 8269Date: Mon Dec 22 08:24:17 2014 +0000 8270 8271 upstream commit 8272 8273 tweak previous; 8274 8275commit 4bea0ab3290c0b9dd2aa199e932de8e7e18062d6 8276Author: djm@openbsd.org <djm@openbsd.org> 8277Date: Mon Dec 22 08:06:03 2014 +0000 8278 8279 upstream commit 8280 8281 regression test for multiple required pubkey authentication; 8282 ok markus@ 8283 8284commit f1c4d8ec52158b6f57834b8cd839605b0a33e7f2 8285Author: djm@openbsd.org <djm@openbsd.org> 8286Date: Mon Dec 22 08:04:23 2014 +0000 8287 8288 upstream commit 8289 8290 correct description of what will happen when a 8291 AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd 8292 will refuse to start) 8293 8294commit 161cf419f412446635013ac49e8c660cadc36080 8295Author: djm@openbsd.org <djm@openbsd.org> 8296Date: Mon Dec 22 07:55:51 2014 +0000 8297 8298 upstream commit 8299 8300 make internal handling of filename arguments of "none" 8301 more consistent with ssh. "none" arguments are now replaced with NULL when 8302 the configuration is finalised. 8303 8304 Simplifies checking later on (just need to test not-NULL rather than 8305 that + strcmp) and cleans up some inconsistencies. ok markus@ 8306 8307commit f69b69b8625be447b8826b21d87713874dac25a6 8308Author: djm@openbsd.org <djm@openbsd.org> 8309Date: Mon Dec 22 07:51:30 2014 +0000 8310 8311 upstream commit 8312 8313 remember which public keys have been used for 8314 authentication and refuse to accept previously-used keys. 8315 8316 This allows AuthenticationMethods=publickey,publickey to require 8317 that users authenticate using two _different_ pubkeys. 8318 8319 ok markus@ 8320 8321commit 46ac2ed4677968224c4ca825bc98fc68dae183f0 8322Author: djm@openbsd.org <djm@openbsd.org> 8323Date: Mon Dec 22 07:24:11 2014 +0000 8324 8325 upstream commit 8326 8327 fix passing of wildcard forward bind addresses when 8328 connection multiplexing is in use; patch from Sami Hartikainen via bz#2324; 8329 ok dtucker@ 8330 8331commit 0d1b241a262e4d0a6bbfdd595489ab1b853c43a1 8332Author: djm@openbsd.org <djm@openbsd.org> 8333Date: Mon Dec 22 06:14:29 2014 +0000 8334 8335 upstream commit 8336 8337 make this slightly easier to diff against portable 8338 8339commit 0715bcdddbf68953964058f17255bf54734b8737 8340Author: Damien Miller <djm@mindrot.org> 8341Date: Mon Dec 22 13:47:07 2014 +1100 8342 8343 add missing regress output file 8344 8345commit 1e30483c8ad2c2f39445d4a4b6ab20c241e40593 8346Author: djm@openbsd.org <djm@openbsd.org> 8347Date: Mon Dec 22 02:15:52 2014 +0000 8348 8349 upstream commit 8350 8351 adjust for new SHA256 key fingerprints and 8352 slightly-different MD5 hex fingerprint format 8353 8354commit 6b40567ed722df98593ad8e6a2d2448fc2b4b151 8355Author: djm@openbsd.org <djm@openbsd.org> 8356Date: Mon Dec 22 01:14:49 2014 +0000 8357 8358 upstream commit 8359 8360 poll changes to netcat (usr.bin/netcat.c r1.125) broke 8361 this test; fix it by ensuring more stdio fds are sent to devnull 8362 8363commit a5375ccb970f49dddf7d0ef63c9b713ede9e7260 8364Author: jmc@openbsd.org <jmc@openbsd.org> 8365Date: Sun Dec 21 23:35:14 2014 +0000 8366 8367 upstream commit 8368 8369 tweak previous; 8370 8371commit b79efde5c3badf5ce4312fe608d8307eade533c5 8372Author: djm@openbsd.org <djm@openbsd.org> 8373Date: Sun Dec 21 23:12:42 2014 +0000 8374 8375 upstream commit 8376 8377 document FingerprintHash here too 8378 8379commit d16bdd8027dd116afa01324bb071a4016cdc1a75 8380Author: Damien Miller <djm@mindrot.org> 8381Date: Mon Dec 22 10:18:09 2014 +1100 8382 8383 missing include for base64 encoding 8384 8385commit 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994 8386Author: djm@openbsd.org <djm@openbsd.org> 8387Date: Sun Dec 21 22:27:55 2014 +0000 8388 8389 upstream commit 8390 8391 Add FingerprintHash option to control algorithm used for 8392 key fingerprints. Default changes from MD5 to SHA256 and format from hex to 8393 base64. 8394 8395 Feedback and ok naddy@ markus@ 8396 8397commit 058f839fe15c51be8b3a844a76ab9a8db550be4f 8398Author: djm@openbsd.org <djm@openbsd.org> 8399Date: Thu Dec 18 23:58:04 2014 +0000 8400 8401 upstream commit 8402 8403 don't count partial authentication success as a failure 8404 against MaxAuthTries; ok deraadt@ 8405 8406commit c7219f4f54d64d6dde66dbcf7a2699daa782d2a1 8407Author: djm@openbsd.org <djm@openbsd.org> 8408Date: Fri Dec 12 00:02:17 2014 +0000 8409 8410 upstream commit 8411 8412 revert chunk I didn't mean to commit yet; via jmc@ 8413 8414commit 7de5991aa3997e2981440f39c1ea01273a0a2c7b 8415Author: Damien Miller <djm@mindrot.org> 8416Date: Thu Dec 18 11:44:06 2014 +1100 8417 8418 upstream libc change 8419 8420 revision 1.2 8421 date: 2014/12/08 03:45:00; author: bcook; state: Exp; lines: +2 -2; commitid: 7zWEBgJJOCZ2hvTV; 8422 avoid left shift overflow in reallocarray. 8423 8424 Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting 8425 1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with 8426 (size_t)1 so that we get the correct constant size for the platform. 8427 8428 discussed with tedu@ & deraadt@ 8429 8430commit 2048f85a5e6da8bc6e0532efe02ecfd4e63c978c 8431Author: Damien Miller <djm@mindrot.org> 8432Date: Thu Dec 18 10:15:49 2014 +1100 8433 8434 include CFLAGS in gnome askpass targets 8435 8436 from Fedora 8437 8438commit 48b68ce19ca42fa488960028048dec023f7899bb 8439Author: djm@openbsd.org <djm@openbsd.org> 8440Date: Thu Dec 11 08:20:09 2014 +0000 8441 8442 upstream commit 8443 8444 explicitly include sys/param.h in files that use the 8445 howmany() macro; from portable 8446 8447commit d663bea30a294d440fef4398e5cd816317bd4518 8448Author: djm@openbsd.org <djm@openbsd.org> 8449Date: Thu Dec 11 05:25:06 2014 +0000 8450 8451 upstream commit 8452 8453 mention AuthorizedKeysCommandUser must be set for 8454 AuthorizedKeysCommand to be run; bz#2287 8455 8456commit 17bf3d81e00f2abb414a4fd271118cf4913f049f 8457Author: djm@openbsd.org <djm@openbsd.org> 8458Date: Thu Dec 11 05:13:28 2014 +0000 8459 8460 upstream commit 8461 8462 show in debug output which hostkeys are being tried when 8463 attempting hostbased auth; patch from Iain Morgan 8464 8465commit da0277e3717eadf5b15e03379fc29db133487e94 8466Author: djm@openbsd.org <djm@openbsd.org> 8467Date: Thu Dec 11 04:16:14 2014 +0000 8468 8469 upstream commit 8470 8471 Make manual reflect reality: sftp-server's -d option 8472 accepts a "%d" option, not a "%h" one. 8473 8474 bz#2316; reported by Kirk Wolf 8475 8476commit 4cf87f4b81fa9380bce5fcff7b0f8382ae3ad996 8477Author: djm@openbsd.org <djm@openbsd.org> 8478Date: Wed Dec 10 01:24:09 2014 +0000 8479 8480 upstream commit 8481 8482 better error value for invalid signature length 8483 8484commit 4bfad14ca56f8ae04f418997816b4ba84e2cfc3c 8485Author: Darren Tucker <dtucker@zip.com.au> 8486Date: Wed Dec 10 02:12:51 2014 +1100 8487 8488 Resync more with OpenBSD's rijndael.c, in particular "#if 0"-ing out some 8489 unused code. Should fix compile error reported by plautrba at redhat. 8490 8491commit 642652d280499691c8212ec6b79724b50008ce09 8492Author: Darren Tucker <dtucker@zip.com.au> 8493Date: Wed Dec 10 01:32:23 2014 +1100 8494 8495 Add reallocarray to compat library 8496 8497commit 3dfd8d93dfcc69261f5af99df56f3ff598581979 8498Author: djm@openbsd.org <djm@openbsd.org> 8499Date: Thu Dec 4 22:31:50 2014 +0000 8500 8501 upstream commit 8502 8503 add tests for new client RevokedHostKeys option; refactor 8504 to make it a bit more readable 8505 8506commit a31046cad1aed16a0b55171192faa6d02665ccec 8507Author: krw@openbsd.org <krw@openbsd.org> 8508Date: Wed Nov 19 13:35:37 2014 +0000 8509 8510 upstream commit 8511 8512 Nuke yet more obvious #include duplications. 8513 8514 ok deraadt@ 8515 8516commit a7c762e5b2c1093542c0bc1df25ccec0b4cf479f 8517Author: djm@openbsd.org <djm@openbsd.org> 8518Date: Thu Dec 4 20:47:36 2014 +0000 8519 8520 upstream commit 8521 8522 key_in_file() wrapper is no longer used 8523 8524commit 5e39a49930d885aac9c76af3129332b6e772cd75 8525Author: djm@openbsd.org <djm@openbsd.org> 8526Date: Thu Dec 4 02:24:32 2014 +0000 8527 8528 upstream commit 8529 8530 add RevokedHostKeys option for the client 8531 8532 Allow textfile or KRL-based revocation of hostkeys. 8533 8534commit 74de254bb92c684cf53461da97f52d5ba34ded80 8535Author: djm@openbsd.org <djm@openbsd.org> 8536Date: Thu Dec 4 01:49:59 2014 +0000 8537 8538 upstream commit 8539 8540 convert KRL code to new buffer API 8541 8542 ok markus@ 8543 8544commit db995f2eed5fc432598626fa3e30654503bf7151 8545Author: millert@openbsd.org <millert@openbsd.org> 8546Date: Wed Nov 26 18:34:51 2014 +0000 8547 8548 upstream commit 8549 8550 Prefer setvbuf() to setlinebuf() for portability; ok 8551 deraadt@ 8552 8553commit 72bba3d179ced8b425272efe6956a309202a91f3 8554Author: jsg@openbsd.org <jsg@openbsd.org> 8555Date: Mon Nov 24 03:39:22 2014 +0000 8556 8557 upstream commit 8558 8559 Fix crashes in the handling of the sshd config file found 8560 with the afl fuzzer. 8561 8562 ok deraadt@ djm@ 8563 8564commit 867f49c666adcfe92bf539d9c37c1accdea08bf6 8565Author: Damien Miller <djm@mindrot.org> 8566Date: Wed Nov 26 13:22:41 2014 +1100 8567 8568 Avoid Cygwin ssh-host-config reading /etc/group 8569 8570 Patch from Corinna Vinschen 8571 8572commit 8b66f36291a721b1ba7c44f24a07fdf39235593e 8573Author: Damien Miller <djm@mindrot.org> 8574Date: Wed Nov 26 13:20:35 2014 +1100 8575 8576 allow custom service name for sshd on Cygwin 8577 8578 Permits the use of multiple sshd running with different service names. 8579 8580 Patch by Florian Friesdorf via Corinna Vinschen 8581 8582commit 08c0eebf55d70a9ae1964399e609288ae3186a0c 8583Author: jmc@openbsd.org <jmc@openbsd.org> 8584Date: Sat Nov 22 19:21:03 2014 +0000 8585 8586 upstream commit 8587 8588 restore word zapped in previous, and remove some useless 8589 "No" macros; 8590 8591commit a1418a0033fba43f061513e992e1cbcc3343e563 8592Author: deraadt@openbsd.org <deraadt@openbsd.org> 8593Date: Sat Nov 22 18:15:41 2014 +0000 8594 8595 upstream commit 8596 8597 /dev/random has created the same effect as /dev/arandom 8598 (and /dev/urandom) for quite some time. Mop up the last few, by using 8599 /dev/random where we actually want it, or not even mentioning arandom where 8600 it is irrelevant. 8601 8602commit b6de5ac9ed421362f479d1ad4fa433d2e25dad5b 8603Author: djm@openbsd.org <djm@openbsd.org> 8604Date: Fri Nov 21 01:00:38 2014 +0000 8605 8606 upstream commit 8607 8608 fix NULL pointer dereference crash on invalid timestamp 8609 8610 found using Michal Zalewski's afl fuzzer 8611 8612commit a1f8110cd5ed818d59b3a2964fab7de76e92c18e 8613Author: mikeb@openbsd.org <mikeb@openbsd.org> 8614Date: Tue Nov 18 22:38:48 2014 +0000 8615 8616 upstream commit 8617 8618 Sync AES code to the one shipped in OpenSSL/LibreSSL. 8619 8620 This includes a commit made by Andy Polyakov <appro at openssl ! org> 8621 to the OpenSSL source tree on Wed, 28 Jun 2006 with the following 8622 message: "Mitigate cache-collision timing attack on last round." 8623 8624 OK naddy, miod, djm 8625 8626commit 335c83d5f35d8620e16b8aa26592d4f836e09ad2 8627Author: krw@openbsd.org <krw@openbsd.org> 8628Date: Tue Nov 18 20:54:28 2014 +0000 8629 8630 upstream commit 8631 8632 Nuke more obvious #include duplications. 8633 8634 ok deraadt@ millert@ tedu@ 8635 8636commit 51b64e44121194ae4bf153dee391228dada2abcb 8637Author: djm@openbsd.org <djm@openbsd.org> 8638Date: Mon Nov 17 00:21:40 2014 +0000 8639 8640 upstream commit 8641 8642 fix KRL generation when multiple CAs are in use 8643 8644 We would generate an invalid KRL when revoking certs by serial 8645 number for multiple CA keys due to a section being written out 8646 twice. 8647 8648 Also extend the regress test to catch this case by having it 8649 produce a multi-CA KRL. 8650 8651 Reported by peter AT pean.org 8652 8653commit d2d51003a623e21fb2b25567c4878d915e90aa2a 8654Author: djm@openbsd.org <djm@openbsd.org> 8655Date: Tue Nov 18 01:02:25 2014 +0000 8656 8657 upstream commit 8658 8659 fix NULL pointer dereference crash in key loading 8660 8661 found by Michal Zalewski's AFL fuzzer 8662 8663commit 9f9fad0191028edc43d100d0ded39419b6895fdf 8664Author: djm@openbsd.org <djm@openbsd.org> 8665Date: Mon Nov 17 00:21:40 2014 +0000 8666 8667 upstream commit 8668 8669 fix KRL generation when multiple CAs are in use 8670 8671 We would generate an invalid KRL when revoking certs by serial 8672 number for multiple CA keys due to a section being written out 8673 twice. 8674 8675 Also extend the regress test to catch this case by having it 8676 produce a multi-CA KRL. 8677 8678 Reported by peter AT pean.org 8679 8680commit da8af83d3f7ec00099963e455010e0ed1d7d0140 8681Author: bentley@openbsd.org <bentley@openbsd.org> 8682Date: Sat Nov 15 14:41:03 2014 +0000 8683 8684 upstream commit 8685 8686 Reduce instances of `` '' in manuals. 8687 8688 troff displays these as typographic quotes, but nroff implementations 8689 almost always print them literally, which rarely has the intended effect 8690 with modern fonts, even in stock xterm. 8691 8692 These uses of `` '' can be replaced either with more semantic alternatives 8693 or with Dq, which prints typographic quotes in a UTF-8 locale (but will 8694 automatically fall back to `` '' in an ASCII locale). 8695 8696 improvements and ok schwarze@ 8697 8698commit fc302561369483bb755b17f671f70fb894aec01d 8699Author: djm@openbsd.org <djm@openbsd.org> 8700Date: Mon Nov 10 22:25:49 2014 +0000 8701 8702 upstream commit 8703 8704 mux-related manual tweaks 8705 8706 mention ControlPersist=0 is the same as ControlPersist=yes 8707 8708 recommend that ControlPath sockets be placed in a og-w directory 8709 8710commit 0e4cff5f35ed11102fe3783779960ef07e0cd381 8711Author: Damien Miller <djm@google.com> 8712Date: Wed Nov 5 11:01:31 2014 +1100 8713 8714 Prepare scripts for next Cygwin release 8715 8716 Makes the Cygwin-specific ssh-user-config script independent of the 8717 existence of /etc/passwd. The next Cygwin release will allow to 8718 generate passwd and group entries from the Windows account DBs, so the 8719 scripts have to adapt. 8720 8721 from Corinna Vinschen 8722 8723commit 7d0ba5336651731949762eb8877ce9e3b52df436 8724Author: Damien Miller <djm@mindrot.org> 8725Date: Thu Oct 30 10:45:41 2014 +1100 8726 8727 include version number in OpenSSL-too-old error 8728 8729commit 3bcb92e04d9207e9f78d82f7918c6d3422054ce9 8730Author: lteo@openbsd.org <lteo@openbsd.org> 8731Date: Fri Oct 24 02:01:20 2014 +0000 8732 8733 upstream commit 8734 8735 Remove unnecessary include: netinet/in_systm.h is not needed 8736 by these programs. 8737 8738 NB. skipped for portable 8739 8740 ok deraadt@ millert@ 8741 8742commit 6fdcaeb99532e28a69f1a1599fbd540bb15b70a0 8743Author: djm@openbsd.org <djm@openbsd.org> 8744Date: Mon Oct 20 03:43:01 2014 +0000 8745 8746 upstream commit 8747 8748 whitespace 8749 8750commit 165bc8786299e261706ed60342985f9de93a7461 8751Author: daniel@openbsd.org <daniel@openbsd.org> 8752Date: Tue Oct 14 03:09:59 2014 +0000 8753 8754 upstream commit 8755 8756 plug a memory leak; from Maxime Villard. 8757 8758 ok djm@ 8759 8760commit b1ba15f3885947c245c2dbfaad0a04ba050abea0 8761Author: jmc@openbsd.org <jmc@openbsd.org> 8762Date: Thu Oct 9 06:21:31 2014 +0000 8763 8764 upstream commit 8765 8766 tweak previous; 8767 8768commit 259a02ebdf74ad90b41d116ecf70aa823fa4c6e7 8769Author: djm@openbsd.org <djm@openbsd.org> 8770Date: Mon Oct 13 00:38:35 2014 +0000 8771 8772 upstream commit 8773 8774 whitespace 8775 8776commit 957fbceb0f3166e41b76fdb54075ab3b9cc84cba 8777Author: djm@openbsd.org <djm@openbsd.org> 8778Date: Wed Oct 8 22:20:25 2014 +0000 8779 8780 upstream commit 8781 8782 Tweak config reparsing with host canonicalisation 8783 8784 Make the second pass through the config files always run when 8785 hostname canonicalisation is enabled. 8786 8787 Add a "Match canonical" criteria that allows ssh_config Match 8788 blocks to trigger only in the second config pass. 8789 8790 Add a -G option to ssh that causes it to parse its configuration 8791 and dump the result to stdout, similar to "sshd -T" 8792 8793 Allow ssh_config Port options set in the second config parse 8794 phase to be applied (they were being ignored). 8795 8796 bz#2267 bz#2286; ok markus 8797 8798commit 5c0dafd38bf66feeeb45fa0741a5baf5ad8039ba 8799Author: djm@openbsd.org <djm@openbsd.org> 8800Date: Wed Oct 8 22:15:27 2014 +0000 8801 8802 upstream commit 8803 8804 another -Wpointer-sign from clang 8805 8806commit bb005dc815ebda9af3ae4b39ca101c4da918f835 8807Author: djm@openbsd.org <djm@openbsd.org> 8808Date: Wed Oct 8 22:15:06 2014 +0000 8809 8810 upstream commit 8811 8812 fix a few -Wpointer-sign warnings from clang 8813 8814commit 3cc1fbb4fb0e804bfb873fd363cea91b27fc8188 8815Author: djm@openbsd.org <djm@openbsd.org> 8816Date: Wed Oct 8 21:45:48 2014 +0000 8817 8818 upstream commit 8819 8820 parse cert sections using nested buffers to reduce 8821 copies; ok markus 8822 8823commit 4a45922aebf99164e2fc83d34fe55b11ae1866ef 8824Author: djm@openbsd.org <djm@openbsd.org> 8825Date: Mon Oct 6 00:47:15 2014 +0000 8826 8827 upstream commit 8828 8829 correct options in usage(); from mancha1 AT zoho.com 8830 8831commit 48dffd5bebae6fed0556dc5c36cece0370690618 8832Author: djm@openbsd.org <djm@openbsd.org> 8833Date: Tue Sep 9 09:45:36 2014 +0000 8834 8835 upstream commit 8836 8837 mention permissions on tun(4) devices in PermitTunnel 8838 documentation; bz#2273 8839 8840commit a5883d4eccb94b16c355987f58f86a7dee17a0c2 8841Author: djm@openbsd.org <djm@openbsd.org> 8842Date: Wed Sep 3 18:55:07 2014 +0000 8843 8844 upstream commit 8845 8846 tighten permissions on pty when the "tty" group does 8847 not exist; pointed out by Corinna Vinschen; ok markus 8848 8849commit 180bcb406b58bf30723c01a6b010e48ee626dda8 8850Author: sobrado@openbsd.org <sobrado@openbsd.org> 8851Date: Sat Aug 30 16:32:25 2014 +0000 8852 8853 upstream commit 8854 8855 typo. 8856 8857commit f70b22bcdd52f6bf127047b3584371e6e5d45627 8858Author: sobrado@openbsd.org <sobrado@openbsd.org> 8859Date: Sat Aug 30 15:33:50 2014 +0000 8860 8861 upstream commit 8862 8863 improve capitalization for the Ed25519 public-key 8864 signature system. 8865 8866 ok djm@ 8867 8868commit 7df8818409c752cf3f0c3f8044fe9aebed8647bd 8869Author: doug@openbsd.org <doug@openbsd.org> 8870Date: Thu Aug 21 01:08:52 2014 +0000 8871 8872 upstream commit 8873 8874 Free resources on error in mkstemp and fdopen 8875 8876 ok djm@ 8877 8878commit 40ba4c9733aaed08304714faeb61529f18da144b 8879Author: deraadt@openbsd.org <deraadt@openbsd.org> 8880Date: Wed Aug 20 01:28:55 2014 +0000 8881 8882 upstream commit 8883 8884 djm how did you make a typo like that... 8885 8886commit 57d378ec9278ba417a726f615daad67d157de666 8887Author: djm@openbsd.org <djm@openbsd.org> 8888Date: Tue Aug 19 23:58:28 2014 +0000 8889 8890 upstream commit 8891 8892 When dumping the server configuration (sshd -T), print 8893 correct KEX, MAC and cipher defaults. Spotted by Iain Morgan 8894 8895commit 7ff880ede5195d0b17e7f1e3b6cfbc4cb6f85240 8896Author: djm@openbsd.org <djm@openbsd.org> 8897Date: Tue Aug 19 23:57:18 2014 +0000 8898 8899 upstream commit 8900 8901 ~-expand lcd paths 8902 8903commit 4460a7ad0c78d4cd67c467f6e9f4254d0404ed59 8904Author: Damien Miller <djm@mindrot.org> 8905Date: Sun Oct 12 12:35:48 2014 +1100 8906 8907 remove duplicated KEX_DH1 entry 8908 8909commit c9b8426a616138d0d762176c94f51aff3faad5ff 8910Author: Damien Miller <djm@mindrot.org> 8911Date: Thu Oct 9 10:34:06 2014 +1100 8912 8913 remove ChangeLog file 8914 8915 Commit logs will be generated from git at release time. 8916 8917commit 81d18ff7c93a04affbf3903e0963859763219aed 8918Author: Damien Miller <djm@google.com> 8919Date: Tue Oct 7 21:24:25 2014 +1100 8920 8921 delete contrib/caldera directory 8922 8923commit 0ec9e87d3638206456968202f05bb5123670607a 8924Author: Damien Miller <djm@google.com> 8925Date: Tue Oct 7 19:57:27 2014 +1100 8926 8927 test commit 8928 8929commit 8fb65a44568701b779f3d77326bceae63412d28d 8930Author: Damien Miller <djm@mindrot.org> 8931Date: Tue Oct 7 09:21:49 2014 +1100 8932 8933 - (djm) Release OpenSSH-6.7 8934 8935commit e8c9f2602c46f6781df5e52e6cd8413dab4602a3 8936Author: Damien Miller <djm@mindrot.org> 8937Date: Fri Oct 3 09:24:56 2014 +1000 8938 8939 - (djm) [sshd_config.5] typo; from Iain Morgan 8940 8941commit 703b98a26706f5083801d11059486d77491342ae 8942Author: Damien Miller <djm@mindrot.org> 8943Date: Wed Oct 1 09:43:07 2014 +1000 8944 8945 - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c] 8946 [openbsd-compat/openbsd-compat.h] Kludge around bad glibc 8947 _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets; 8948 ok dtucker@ 8949 8950commit 0fa0ed061bbfedb0daa705e220748154a84c3413 8951Author: Damien Miller <djm@mindrot.org> 8952Date: Wed Sep 10 08:15:34 2014 +1000 8953 8954 - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc; 8955 patch from Felix von Leitner; ok dtucker 8956 8957commit ad7d23d461c3b7e1dcb15db13aee5f4b94dc1a95 8958Author: Darren Tucker <dtucker@zip.com.au> 8959Date: Tue Sep 9 12:23:10 2014 +1000 8960 8961 20140908 8962 - (dtucker) [INSTALL] Update info about egd. ok djm@ 8963 8964commit 2a8699f37cc2515e3bc60e0c677ba060f4d48191 8965Author: Damien Miller <djm@mindrot.org> 8966Date: Thu Sep 4 03:46:05 2014 +1000 8967 8968 - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG 8969 8970commit 44988defb1f5e3afe576d86000365e1f07a1b494 8971Author: Damien Miller <djm@mindrot.org> 8972Date: Wed Sep 3 05:35:32 2014 +1000 8973 8974 - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to 8975 permissions/ACLs; from Corinna Vinschen 8976 8977commit 23f269562b7537b2f6f5014e50a25e5dcc55a837 8978Author: Damien Miller <djm@mindrot.org> 8979Date: Wed Sep 3 05:33:25 2014 +1000 8980 8981 - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and 8982 conditionalise to avoid duplicate definition. 8983 8984commit 41c8de2c0031cf59e7cf0c06b5bcfbf4852c1fda 8985Author: Damien Miller <djm@mindrot.org> 8986Date: Sat Aug 30 16:23:06 2014 +1000 8987 8988 - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@ 8989 8990commit d7c81e216a7bd9eed6e239c970d9261bb1651947 8991Author: Damien Miller <djm@mindrot.org> 8992Date: Sat Aug 30 04:18:28 2014 +1000 8993 8994 - (djm) [openbsd-compat/openssl-compat.h] add include guard 8995 8996commit 4687802dda57365b984b897fc3c8e2867ea09b22 8997Author: Damien Miller <djm@mindrot.org> 8998Date: Sat Aug 30 03:29:19 2014 +1000 8999 9000 - (djm) [misc.c] Missing newline between functions 9001 9002commit 51c77e29220dee87c53be2dc47092934acab26fe 9003Author: Damien Miller <djm@mindrot.org> 9004Date: Sat Aug 30 02:30:30 2014 +1000 9005 9006 - (djm) [openbsd-compat/openssl-compat.h] add 9007 OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them 9008 9009commit 3d673d103bad35afaec6e7ef73e5277216ce33a3 9010Author: Damien Miller <djm@mindrot.org> 9011Date: Wed Aug 27 06:32:01 2014 +1000 9012 9013 - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero() 9014 using memset_s() where possible; improve fallback to indirect bzero 9015 via a volatile pointer to give it more of a chance to avoid being 9016 optimised away. 9017 9018commit 146218ac11a1eb0dcade6f793d7acdef163b5ddc 9019Author: Damien Miller <djm@mindrot.org> 9020Date: Wed Aug 27 04:11:55 2014 +1000 9021 9022 - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth 9023 monitor, not preauth; bz#2263 9024 9025commit 1b215c098b3b37e38aa4e4c91bb908eee41183b1 9026Author: Damien Miller <djm@mindrot.org> 9027Date: Wed Aug 27 04:04:40 2014 +1000 9028 9029 - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] 9030 [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] 9031 [regress/unittests/sshkey/common.c] 9032 [regress/unittests/sshkey/test_file.c] 9033 [regress/unittests/sshkey/test_fuzz.c] 9034 [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h 9035 on !ECC OpenSSL systems 9036 9037commit ad013944af0a19e3f612089d0099bb397cf6502d 9038Author: Damien Miller <djm@mindrot.org> 9039Date: Tue Aug 26 09:27:28 2014 +1000 9040 9041 - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL, 9042 update OpenSSL version requirement. 9043 9044commit ed126de8ee04c66640a0ea2697c4aaf36801f100 9045Author: Damien Miller <djm@mindrot.org> 9046Date: Tue Aug 26 08:37:47 2014 +1000 9047 9048 - (djm) [bufec.c] Skip this file on !ECC OpenSSL 9049 9050commit 9c1dede005746864a4fdb36a7cdf6c51296ca909 9051Author: Damien Miller <djm@mindrot.org> 9052Date: Sun Aug 24 03:01:06 2014 +1000 9053 9054 - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not 9055 PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen 9056 9057commit d244a5816fd1312a33404b436e4dd83594f1119e 9058Author: Damien Miller <djm@mindrot.org> 9059Date: Sat Aug 23 17:06:49 2014 +1000 9060 9061 - (djm) [configure.ac] We now require a working vsnprintf everywhere (not 9062 just for systems that lack asprintf); check for it always and extend 9063 test to catch more brokenness. Fixes builds on Solaris <= 9 9064 9065commit 4cec036362a358e398e6a2e6d19d8e5780558634 9066Author: Damien Miller <djm@mindrot.org> 9067Date: Sat Aug 23 03:11:09 2014 +1000 9068 9069 - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on 9070 lastlog writing on platforms with high UIDs; bz#2263 9071 9072commit 394a60f2598d28b670d934b93942a3370b779b39 9073Author: Damien Miller <djm@mindrot.org> 9074Date: Fri Aug 22 18:06:20 2014 +1000 9075 9076 - (djm) [configure.ac] double braces to appease autoconf 9077 9078commit 4d69aeabd6e60afcdc7cca177ca751708ab79a9d 9079Author: Damien Miller <djm@mindrot.org> 9080Date: Fri Aug 22 17:48:27 2014 +1000 9081 9082 - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/ 9083 definition mismatch) and warning for broken/missing snprintf case. 9084 9085commit 0c11f1ac369d2c0aeb0ab0458a7cd04c72fe5e9e 9086Author: Damien Miller <djm@mindrot.org> 9087Date: Fri Aug 22 17:36:56 2014 +1000 9088 9089 - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC 9090 9091commit 6d62784b8973340b251fea6b04890f471adf28db 9092Author: Damien Miller <djm@mindrot.org> 9093Date: Fri Aug 22 17:36:19 2014 +1000 9094 9095 - (djm) [configure.ac] include leading zero characters in OpenSSL version 9096 number; fixes test for unsupported versions 9097 9098commit 4f1ff1ed782117f5d5204d4e91156ed5da07cbb7 9099Author: Damien Miller <djm@mindrot.org> 9100Date: Thu Aug 21 15:54:50 2014 +1000 9101 9102 - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that 9103 don't set __progname. Diagnosed by Tom Christensen. 9104 9105commit 005a64da0f457410045ef0bfa93c863c2450447d 9106Author: Damien Miller <djm@mindrot.org> 9107Date: Thu Aug 21 10:48:41 2014 +1000 9108 9109 - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL 9110 9111commit aa6598ebb3343c7380e918388e10e8ca5852b613 9112Author: Damien Miller <djm@mindrot.org> 9113Date: Thu Aug 21 10:47:54 2014 +1000 9114 9115 - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too. 9116 9117commit 54703e3cf63f0c80d4157e5ad7dbc2b363ee2c56 9118Author: Damien Miller <djm@mindrot.org> 9119Date: Wed Aug 20 11:10:51 2014 +1000 9120 9121 - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna 9122 9123commit f0935698f0461f24d8d1f1107b476ee5fd4db1cb 9124Author: Damien Miller <djm@mindrot.org> 9125Date: Wed Aug 20 11:06:50 2014 +1000 9126 9127 - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC 9128 9129commit c5089ecaec3b2c02f014f4e67518390702a4ba14 9130Author: Damien Miller <djm@mindrot.org> 9131Date: Wed Aug 20 11:06:20 2014 +1000 9132 9133 - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than 9134 -L/-l; fixes linking problems on some platforms 9135 9136commit 2195847e503a382f83ee969b0a8bd3dfe0e55c18 9137Author: Damien Miller <djm@mindrot.org> 9138Date: Wed Aug 20 11:05:03 2014 +1000 9139 9140 - (djm) [configure.ac] Check OpenSSL version is supported at configure time; 9141 suggested by Kevin Brott 9142 9143commit a75aca1bbc989aa9f8b1b08489d37855f3d24d1a 9144Author: Damien Miller <djm@mindrot.org> 9145Date: Tue Aug 19 11:36:07 2014 +1000 9146 9147 - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README] 9148 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions 9149 of TCP wrappers. 9150 9151commit 3f022b5a9477abceeb1bbeab04b055f3cc7ca8f6 9152Author: Damien Miller <djm@mindrot.org> 9153Date: Tue Aug 19 11:32:34 2014 +1000 9154 9155 - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG 9156 9157commit 88137902632aceb923990e98cf5dc923bb3ef2f5 9158Author: Damien Miller <djm@mindrot.org> 9159Date: Tue Aug 19 11:28:11 2014 +1000 9160 9161 - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC. 9162 9163commit 2f3d1e7fb2eabd3cfbfd8d0f7bdd2f9a1888690b 9164Author: Damien Miller <djm@mindrot.org> 9165Date: Tue Aug 19 11:14:36 2014 +1000 9166 9167 - (djm) [myproposal.h] Make curve25519 KEX dependent on 9168 HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC. 9169 9170commit d4e7d59d01a6c7f59e8c1f94a83c086e9a33d8aa 9171Author: Damien Miller <djm@mindrot.org> 9172Date: Tue Aug 19 11:14:17 2014 +1000 9173 9174 - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen 9175 9176commit 9eaeea2cf2b6af5f166cfa9ad3c7a90711a147a9 9177Author: Damien Miller <djm@mindrot.org> 9178Date: Sun Aug 10 11:35:05 2014 +1000 9179 9180 - (djm) [README contrib/caldera/openssh.spec] 9181 [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions 9182 9183commit f8988fbef0c9801d19fa2f8f4f041690412bec37 9184Author: Damien Miller <djm@mindrot.org> 9185Date: Fri Aug 1 13:31:52 2014 +1000 9186 9187 - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate 9188 nc from stdin, it's more portable 9189 9190commit 5b3879fd4b7a4e3d43bab8f40addda39bc1169d0 9191Author: Damien Miller <djm@mindrot.org> 9192Date: Fri Aug 1 12:28:31 2014 +1000 9193 9194 - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin 9195 is closed; avoid regress failures when stdin is /dev/null 9196 9197commit a9c46746d266f8a1b092a72b2150682d1af8ebfc 9198Author: Damien Miller <djm@mindrot.org> 9199Date: Fri Aug 1 12:26:49 2014 +1000 9200 9201 - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need 9202 a better solution, but this will have to do for now. 9203