xref: /freebsd/crypto/openssh/ChangeLog (revision 7ef62cebc2f965b0f640263e179276928885e33d)
1commit 9795c4016ae35162072144df032c8b262433b462
2Author: Damien Miller <djm@mindrot.org>
3Date:   Wed Jul 19 16:27:12 2023 +1000
4
5    OpenSSH 9.3p2
6
7commit bde3635f3c9324bad132cf9ed917813d6abb599e
8Author: Damien Miller <djm@mindrot.org>
9Date:   Wed Jul 19 16:31:09 2023 +1000
10
11    update version in README
12
13commit f673f2f3e5f67099018fc281a6b5fb918142472e
14Author: Damien Miller <djm@mindrot.org>
15Date:   Wed Jul 19 16:31:00 2023 +1000
16
17    update RPM spec versions
18
19commit d7790cdce72a1b6982795baa2b4d6f0bdbb0100d
20Author: Damien Miller <djm@mindrot.org>
21Date:   Fri Jul 7 13:30:15 2023 +1000
22
23    disallow remote addition of FIDO/PKCS11 keys
24
25    Depends on the local client performing the session-bind@openssh.com
26    operation, so non-OpenSSH local client may circumvent this.
27
28commit b23fe83f06ee7e721033769cfa03ae840476d280
29Author: Damien Miller <djm@mindrot.org>
30Date:   Thu Jul 13 12:09:34 2023 +1000
31
32    terminate pkcs11 process for bad libraries
33
34commit cb30fbdbee869f1ce11f06aa97e1cb8717a0b645
35Author: Damien Miller <djm@mindrot.org>
36Date:   Thu Mar 16 08:28:19 2023 +1100
37
38    depend
39
40commit 1dba63eb10c40b6fda9f5012ed6ae87e2d3d028e
41Author: Damien Miller <djm@mindrot.org>
42Date:   Thu Mar 16 08:27:54 2023 +1100
43
44    crank version
45
46commit ba7532d0dac9aaf0ad7270664c43837fc9f64a5f
47Author: djm@openbsd.org <djm@openbsd.org>
48Date:   Wed Mar 15 21:19:57 2023 +0000
49
50    upstream: openssh-9.3
51
52    OpenBSD-Commit-ID: 8011495f2449c1029bb316bd015eab2e00509848
53
54commit 6fd4daafb949b66bf555f3100f715a9ec64c3390
55Author: dtucker@openbsd.org <dtucker@openbsd.org>
56Date:   Tue Mar 14 07:28:47 2023 +0000
57
58    upstream: Free KRL ptr in addition to its contents.
59
60    From Coverity CID 291841, ok djm@
61
62    OpenBSD-Commit-ID: f146ba08b1b43af4e0d7ad8c4dae3748b4fa31b6
63
64commit 1d270bd303afaf6d94e9098cbbf18e5e539e2088
65Author: dtucker@openbsd.org <dtucker@openbsd.org>
66Date:   Tue Mar 14 07:26:25 2023 +0000
67
68    upstream: Check pointer for NULL before deref.
69
70    None of the existing callers seem to do that, but it's worth checking.
71    From Coverity CID 291834, ok djm@
72
73    OpenBSD-Commit-ID: a0a97113f192a7cb1a2c97b932f677f573cda7a4
74
75commit d95af508e78c0cd3dce56b83853baaa59ae295cf
76Author: dtucker@openbsd.org <dtucker@openbsd.org>
77Date:   Sun Mar 12 10:40:39 2023 +0000
78
79    upstream: Limit number of entries in SSH2_MSG_EXT_INFO
80
81    request. This is already constrained by the maximum SSH packet size but this
82    makes it explicit.  Prompted by Coverity CID 291868, ok djm@ markus@
83
84    OpenBSD-Commit-ID: aea023819aa44a2dcb9dd0fbec10561896fc3a09
85
86commit 8f287ba60d342b3e2f750e7332d2131e3ec7ecd0
87Author: dtucker@openbsd.org <dtucker@openbsd.org>
88Date:   Sun Mar 12 09:41:18 2023 +0000
89
90    upstream: calloc can return NULL but xcalloc can't.
91
92    From Coverity CID 291881, ok djm@
93
94    OpenBSD-Commit-ID: 50204b755f66b2ec7ac3cfe379d07d85ca161d2b
95
96commit 83a56a49fd50f4acf900f934279482e4ef329715
97Author: dtucker@openbsd.org <dtucker@openbsd.org>
98Date:   Fri Mar 10 07:17:08 2023 +0000
99
100    upstream: Explicitly ignore return from fcntl
101
102    (... FD_CLOEXEC) here too.  Coverity CID 291853.
103
104    OpenBSD-Commit-ID: 99d8b3da9d0be1d07ca8dd8e98800a890349e9b5
105
106commit 0fda9d704d3bbf54a5e64ce02a6fecb11fe7f047
107Author: Damien Miller <djm@mindrot.org>
108Date:   Fri Mar 10 15:59:46 2023 +1100
109
110    bounds checking for getrrsetbyname() replacement;
111
112    Spotted by Coverity in CID 405033; ok millert@
113
114commit 89b8df518f21677045599df0ad3e5dd0f39909b5
115Author: dtucker@openbsd.org <dtucker@openbsd.org>
116Date:   Fri Mar 10 04:06:21 2023 +0000
117
118    upstream: Plug mem leak on error path. Coverity CID 405026, ok djm@.
119
120    OpenBSD-Commit-ID: 8212ca05d01966fb5e72205c592b2257708a2aac
121
122commit bf4dae0ad192c3e2f03f7223834b00d88ace3d3e
123Author: Darren Tucker <dtucker@dtucker.net>
124Date:   Fri Mar 10 14:46:57 2023 +1100
125
126    Add prototypes for mkstemp replacements.
127
128    Should prevent warnings due to our wrapper function.
129
130commit 4e04d68d6a33cdc73b831fd4b5e6124175555d3d
131Author: dtucker@openbsd.org <dtucker@openbsd.org>
132Date:   Fri Mar 10 03:01:51 2023 +0000
133
134    upstream: Expliticly ignore return code from fcntl(.. FD_CLOEXEC) since
135
136    there's not much we can do anyway.  From Coverity CID 291857, ok djm@
137
138    OpenBSD-Commit-ID: 051429dd07af8db3fec10d82cdc78d90bb051729
139
140commit d6d38fd77cbe091c59e1bb720c3a494df4990640
141Author: djm@openbsd.org <djm@openbsd.org>
142Date:   Fri Mar 10 02:32:04 2023 +0000
143
144    upstream: Like sshd_config, some ssh_config options are not
145
146    first-match-wins. sshd_config.5 was fixed in r1.348, this is the same for
147    this file
148
149    OpenBSD-Commit-ID: 7be55b9351cde449b136afcc52d07aa4113b215e
150
151commit 7187d3f86bf8f2066cc9941f217d23b0cacae25e
152Author: dtucker@openbsd.org <dtucker@openbsd.org>
153Date:   Fri Mar 10 02:24:56 2023 +0000
154
155    upstream: Remove no-op (int) > INT_MAX checks
156
157    since they can never be true. From Coverity CID 405031, ok djm@
158
159    OpenBSD-Commit-ID: 9df3783b181e056595e2bb9edf7ed41d61cf8e84
160
161commit 77adde4305542ebe3005dd456122624fe2347b01
162Author: Darren Tucker <dtucker@dtucker.net>
163Date:   Fri Mar 10 13:27:29 2023 +1100
164
165    Wrap mkstemp calls with umask set/restore.
166
167    glibc versions 2.06 and earlier did not set a umask on files created by
168    mkstemp created the world-writable.  Wrap mkstemp to set and restore
169    the umask.  From Coverity (CIDs 291826 291886 291891), ok djm@
170
171commit 633d3dc2a1e9e2a013d019a0576a0771c8423713
172Author: jcs@openbsd.org <jcs@openbsd.org>
173Date:   Thu Mar 9 21:06:24 2023 +0000
174
175    upstream: modify parentheses in conditionals to make it clearer what is
176
177    being assigned and what is being checked
178
179    ok djm dtucker
180
181    OpenBSD-Commit-ID: 19c10baa46ae559474409f75a5cb3d0eade7a9b8
182
183commit 733030840c4772f858de95d5940ec0c37663e8b0
184Author: dtucker@openbsd.org <dtucker@openbsd.org>
185Date:   Thu Mar 9 07:11:05 2023 +0000
186
187    upstream: Re-split the merge of the reorder-hostkeys test.
188
189    In the kex_proposal_populate_entries change I merged the the check for
190    reordering hostkeys with the actual reordering, but kex_assemble_names
191    mutates options.hostkeyalgorithms which renders the check ineffective.
192    Put the check back where it was.  Spotted and tested by jsg@, ok djm@
193
194    OpenBSD-Commit-ID: a7469f25a738db5567395d1881e32479a7ffc9de
195
196commit 54ac4ab2b53ce9fcb66b8250dee91c070e4167ed
197Author: djm@openbsd.org <djm@openbsd.org>
198Date:   Thu Mar 9 06:58:26 2023 +0000
199
200    upstream: include destination constraints for smartcard keys too.
201
202    Spotted by Luci Stanescu; ok deraadt@ markus@
203
204    OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f
205
206commit bfd1ad01d974a316b60622759ad17537fa2d92b4
207Author: Darren Tucker <dtucker@dtucker.net>
208Date:   Thu Mar 9 18:24:54 2023 +1100
209
210    Limit the number of PAM environment variables.
211
212    xcalloc has its own limits, but these are specific to PAM.  From
213    Coverity CID 405198, ok djm@
214
215commit a231414970e01a35f45a295d5f93698fa1249b28
216Author: Darren Tucker <dtucker@dtucker.net>
217Date:   Thu Mar 9 18:19:44 2023 +1100
218
219    Limit the number of PAM environment variables.
220
221    From Coverity CID 405194, tweaks and ok djm@
222
223commit 36c6c3eff5e4a669ff414b9daf85f919666e8e03
224Author: dtucker@openbsd.org <dtucker@openbsd.org>
225Date:   Wed Mar 8 06:21:32 2023 +0000
226
227    upstream: Plug mem leak. Coverity CID 405196, ok djm@
228
229    OpenBSD-Commit-ID: 175f09349387c292f626da68f65f334faaa085f2
230
231commit dfb9b736e1ccf9e6b03eea21cd961f4fd0634c98
232Author: tb@openbsd.org <tb@openbsd.org>
233Date:   Wed Mar 8 05:33:53 2023 +0000
234
235    upstream: ssh-pkcs11: synchronize error messages with errors
236
237    A handful of error messages contained incorrect function names or
238    otherwise inaccurate descriptions. Fix them to match reality.
239
240    input/ok djm
241
242    OpenBSD-Commit-ID: 165a15db52f75b31e1804b043480c36af09f3411
243
244commit 51875897b81b5c21b80c256a29597916edbde454
245Author: guenther@openbsd.org <guenther@openbsd.org>
246Date:   Wed Mar 8 04:43:12 2023 +0000
247
248    upstream: Delete obsolete /* ARGSUSED */ lint comments.
249
250    ok miod@ millert@
251
252    OpenBSD-Commit-ID: 7be168a570264d59e96a7d2d22e927d45fee0e4c
253
254commit a76085bda883c2104afb33ab0334eca190927362
255Author: Darren Tucker <dtucker@dtucker.net>
256Date:   Wed Mar 8 17:25:37 2023 +1100
257
258    Extra brackets to prevent warning.
259
260commit 147ae57d4dfa0508109f93b78a7d8b92819e1f83
261Author: djm@openbsd.org <djm@openbsd.org>
262Date:   Wed Mar 8 00:05:58 2023 +0000
263
264    upstream: use RSA/SHA256 when testing usability of private key in
265
266    agent; with/ok dtucker
267
268    OpenBSD-Commit-ID: fe1382e2fdf23fcae631308e72342bad56066a56
269
270commit 27fd251bc906a763e70ce0f27c8abdf8bbd1e416
271Author: djm@openbsd.org <djm@openbsd.org>
272Date:   Wed Mar 8 00:05:37 2023 +0000
273
274    upstream: use RSA/SHA256 when testing usability of private key;
275
276    based on fix in bz3546 by Dmitry Belyavskiy; with/ok dtucker
277
278    OpenBSD-Commit-ID: 0ef414cc363a832f9fab92a5da0234448bce2eba
279
280commit eee9f3fc3d52ae7d2106929bb06b7f291fb0b81a
281Author: djm@openbsd.org <djm@openbsd.org>
282Date:   Tue Mar 7 21:47:42 2023 +0000
283
284    upstream: refactor to be more readable top to bottom. Prompted by
285
286    Coverity CID 405048 which was a false-positive fd leak; ok dtucker@
287
288    OpenBSD-Commit-ID: fc55ec2af622a017defb9b768bf26faefc792c00
289
290commit 42a06b29a4c99272bf690f9b3be520b08b448dc5
291Author: Darren Tucker <dtucker@dtucker.net>
292Date:   Tue Mar 7 18:34:41 2023 +1100
293
294    Add header changes missed in previous.
295
296commit 4710077096edff2e6926dd5b15bf586491d317db
297Author: dtucker@openbsd.org <dtucker@openbsd.org>
298Date:   Tue Mar 7 06:09:14 2023 +0000
299
300    upstream: Fix mem leak in environment setup.
301
302    From jjelen at redhat.com via bz#2687, ok djm@
303
304    OpenBSD-Commit-ID: 9f9e4ba3cac003e6f81da3bcebd1b9ec43e7f353
305
306commit 03acc50d0ccb78fc91d1570de1cd0fdfea646028
307Author: dtucker@openbsd.org <dtucker@openbsd.org>
308Date:   Mon Mar 6 12:15:47 2023 +0000
309
310    upstream: Unit test for kex_proposal_populate_entries.
311
312    OpenBSD-Regress-ID: bdb211d80d572a08bf14b49fe2a58b9ff265c006
313
314commit 3f9231c2e1f374ebb08016ba00ea97b47c0ed20b
315Author: djm@openbsd.org <djm@openbsd.org>
316Date:   Tue Mar 7 05:37:26 2023 +0000
317
318    upstream: fix memory leak in process_read() path; Spotted by James
319
320    Robinson in GHPR363; ok markus@
321
322    OpenBSD-Commit-ID: cdc2d98e6478b7e7f3a36976845adae3820429d8
323
324commit c5e6e890839ec520ab9301a92cba56303749dea2
325Author: djm@openbsd.org <djm@openbsd.org>
326Date:   Tue Mar 7 01:30:52 2023 +0000
327
328    upstream: correct size for array argument when changing
329
330    UMAC_OUTPUT_LEN Coverity CID 291845; ok dtucker@
331
332    OpenBSD-Commit-ID: 2eb017d10705bb623d4418691f961c930eafaec0
333
334commit 9641753e0fd146204d57b2a4165f552a81afade4
335Author: dtucker@openbsd.org <dtucker@openbsd.org>
336Date:   Mon Mar 6 12:14:48 2023 +0000
337
338    upstream: Refactor creation of KEX proposal.
339
340    This adds kex_proposal_populate_entries (and corresponding free) which
341    populates the KEX proposal array with dynamically allocated strings.
342    This replaces the previous mix of static and dynamic that has been the
343    source of previous leaks and bugs.  Remove unused compat functions.
344    With & ok djm@.
345
346    OpenBSD-Commit-ID: f2f99da4aae2233cb18bf9c749320c5e040a9c7b
347
348commit aa59d6a489fb20973fa461d0fdb1110db412947b
349Author: dtucker@openbsd.org <dtucker@openbsd.org>
350Date:   Sun Mar 5 09:24:35 2023 +0000
351
352    upstream: Fix mem and FILE leaks in moduli screening.
353
354    If multiple -Ocheckpoint= options are passed, the earlier ones would
355    be overwritten and leaked.  If we use an input file that wasn't stdin,
356    close that.  From Coverity CIDs 291884 and 291894.
357
358    OpenBSD-Commit-ID: a4d9d15f572926f841788912e2b282485ad09e8b
359
360commit 23b8cb41767af99a1aac24589d1882d9c8c2c205
361Author: dtucker@openbsd.org <dtucker@openbsd.org>
362Date:   Sun Mar 5 08:18:58 2023 +0000
363
364    upstream: Plug mem leak in moduli checkpoint option parsing.
365
366    From Coverity CID 291894.
367
368    OpenBSD-Commit-ID: 9b1aba2d049741ae21c8dc4560a7e29ab17310f4
369
370commit fc7f8f2188d4a4fc8ba77eddbe863c7665666db5
371Author: dtucker@openbsd.org <dtucker@openbsd.org>
372Date:   Sun Mar 5 05:34:09 2023 +0000
373
374    upstream: Remove unused compat.h includes.
375
376    We've previously removed a lot of the really old compatibility code,
377    and with it went the need to include compat.h in most of the files that
378    have it.
379
380    OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
381
382commit 6c165c36246d8004c20e1df5cec4961a5ac422d6
383Author: dtucker@openbsd.org <dtucker@openbsd.org>
384Date:   Sat Mar 4 03:22:59 2023 +0000
385
386    upstream: Use time_t for x11 timeout.
387
388    Use time_t instead of u_int for remaining x11 timeout checks for 64bit
389    time_t safety.  From Coverity CIDs 405197 and 405028, ok djm@
390
391    OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972
392
393commit 4a3918f51bd2d968387e7aa87e33b32c78077fb4
394Author: dtucker@openbsd.org <dtucker@openbsd.org>
395Date:   Fri Mar 3 10:23:42 2023 +0000
396
397    upstream: Ensure ms_remain is always initialized
398
399    similar to what we do in ssh_packet_write_wait.  bz#2687, from jjelen
400    at redhat.com.
401
402    OpenBSD-Commit-ID: a50e0541cf823f8d1c72f71ccde925d3dbe6dfac
403
404commit e44846a4487d2885ac7f2610be09b1e2bf52249b
405Author: dtucker@openbsd.org <dtucker@openbsd.org>
406Date:   Fri Mar 3 09:48:51 2023 +0000
407
408    upstream: Check for non-NULL before string
409
410    comparison. From jjelen at redhat.com via bz#2687.
411
412    OpenBSD-Commit-ID: 0d9b2e0cac88a311b5766b1aef737082583c285f
413
414commit 1842d523fae63b862ce8e60725c9b606cddb86a6
415Author: djm@openbsd.org <djm@openbsd.org>
416Date:   Fri Mar 3 05:00:34 2023 +0000
417
418    upstream: guard against getsockname(-1, ...) from Coverity CID
419
420    291832
421
422    OpenBSD-Commit-ID: e58d5227327917d189229b7f0b37d2780f360d5f
423
424commit 78571a5fe9847d40d7f220c92b707574ae9ec4ce
425Author: djm@openbsd.org <djm@openbsd.org>
426Date:   Fri Mar 3 04:36:20 2023 +0000
427
428    upstream: some options are not first-match-wins. Mention that there
429
430    are exceptions at the start of the manpage and label some of them in the
431    option description.
432
433    OpenBSD-Commit-ID: 3b74728446fa6fc8742769eeb8c3674e233e84c4
434
435commit d1c1b3272e8895a96c4f5889bd6e07a8525bd9f1
436Author: djm@openbsd.org <djm@openbsd.org>
437Date:   Fri Mar 3 04:34:49 2023 +0000
438
439    upstream: actually print "channeltimeout none" in config dump mode;
440
441    spotted via Coverity CID 405022
442
443    OpenBSD-Commit-ID: b074b52bf138b75f08264e8da15880b29c7a630f
444
445commit 8bf61e95610b48192d4e1720cc15d9004617301d
446Author: Darren Tucker <dtucker@dtucker.net>
447Date:   Fri Mar 3 14:50:03 2023 +1100
448
449    Add Coverity badges.
450
451commit 93291bd723959adf462b1df958106cf07a7734dd
452Author: dtucker@openbsd.org <dtucker@openbsd.org>
453Date:   Fri Mar 3 03:12:24 2023 +0000
454
455    upstream: Check return values of dup2. Spotted by Coverity, ok djm@
456
457    OpenBSD-Commit-ID: 19fb1b53072826d00c67df677731d2f6c1dd602b
458
459commit e37261dff33af23f37202cfce0848d36f5c1055c
460Author: dtucker@openbsd.org <dtucker@openbsd.org>
461Date:   Fri Mar 3 02:37:58 2023 +0000
462
463    upstream: Use time_t for x11_refuse_time timeout. We need
464
465    SSH_TIME_T_MAX for this, so move from misc.c to misc.h so it's available.
466    Fixes a Coverity warning for 64bit time_t safety, ok djm@
467
468    OpenBSD-Commit-ID: c69c4c3152cdaab953706db4ccf4d5fd682f7d8d
469
470commit 32755a98c29114b13f4c9d47454bbb265b932ad7
471Author: dtucker@openbsd.org <dtucker@openbsd.org>
472Date:   Fri Mar 3 02:34:29 2023 +0000
473
474    upstream: Check return value from fctnl and warn on failure.
475
476    Spotted by Coverity, ok djm@
477
478    OpenBSD-Commit-ID: 2097c7db3cf657f1e3a6c5077041bacc63143cab
479
480commit 5fc60e8246c36b8255f72a937ebe9787b39648c6
481Author: dtucker@openbsd.org <dtucker@openbsd.org>
482Date:   Thu Mar 2 11:10:27 2023 +0000
483
484    upstream: Remove SUDO in proxy command wrapper. Anything that needs
485
486    sudo is already run by it, and it breaks if root isn't in sudoers.
487
488    OpenBSD-Regress-ID: 6cf22fda32a89c16915f31a6ed9bbdbef2a3bac9
489
490commit 0d514659b23a257247491179cfbb53a6dd64e164
491Author: dtucker@openbsd.org <dtucker@openbsd.org>
492Date:   Thu Mar 2 08:24:41 2023 +0000
493
494    upstream: Fix breakage on dhgex test.
495
496    This was due to the sshd logs being written to the wrong log file.
497    While there, make save_debug_logs less verbose, write the name of the
498    tarball to regress.log and use $SUDO to remove the old symlinks (which
499    shouldn't be needed, but won't hurt).  Initial problem spotted by anton@.
500
501    OpenBSD-Regress-ID: 9c44fb9cd418e6ff31165e7a6c1f9f11a6d19f5b
502
503commit 860201201d4ae655702807966901682cff30a171
504Author: dtucker@openbsd.org <dtucker@openbsd.org>
505Date:   Thu Mar 2 08:14:52 2023 +0000
506
507    upstream: Quote grep and log message better.
508
509    OpenBSD-Regress-ID: 3823d9063127169736aa274b1784cb28e15b64d4
510
511commit 03a03c6002525f5ad9c8fc874a5d5826a35d9858
512Author: dtucker@openbsd.org <dtucker@openbsd.org>
513Date:   Thu Mar 2 06:41:56 2023 +0000
514
515    upstream: Always call fclose on checkpoints.
516
517    In the case of an fprintf failure we would not call fclose which would
518    leak the FILE pointer.  While we're there, try to clean up the temp file
519    on failure.  Spotted by Coverity, ok djm@
520
521    OpenBSD-Commit-ID: 73c7ccc5d4fcc235f54c6b20767a2815408525ef
522
523commit 13fe8f9785e6d90400ce548939a0b0ddc11fcb3c
524Author: dtucker@openbsd.org <dtucker@openbsd.org>
525Date:   Wed Mar 1 21:54:50 2023 +0000
526
527    upstream: Remove old log symlinks
528
529    before creating new ones. In -portable some platforms don't like
530    overwriting existing symlinks.
531
532    OpenBSD-Regress-ID: 7e7ddc0beb73e945e1c4c58d51c8a125b518120f
533
534commit 131fcbcaffd1e3bcf5ab766ec497b5d768955310
535Author: Darren Tucker <dtucker@dtucker.net>
536Date:   Wed Mar 1 23:23:02 2023 +1100
537
538    Adjust test jobs for new log directory.
539
540commit a6f4ac8a2baf77e5361cfa017d0dc250d1409bec
541Author: dtucker@openbsd.org <dtucker@openbsd.org>
542Date:   Wed Mar 1 09:29:32 2023 +0000
543
544    upstream: Rework logging for the regression tests.
545
546    Previously we would log to ssh.log and sshd.log, but that is insufficient
547    for tests that have more than one concurent ssh/sshd.
548
549    Instead, we'll log to separate datestamped files in a $OBJ/log/ and
550    leave a symlink at the previous location pointing at the most recent
551    instance with an entry in regress.log showing which files were created
552    at each point.  This should be sufficient to reconstruct what happened
553    even for tests that use multiple instances of each program.  If the test
554    fails, tar up all of the logs for later analysis.
555
556    This will let us also capture the output from some of the other tools
557    which was previously sent to /dev/null although most of those will be
558    in future commits.
559
560    OpenBSD-Regress-ID: f802aa9e7fa51d1a01225c05fb0412d015c33e24
561
562commit 8ead62ed5e86c7df597d8604f332f49cd1527b85
563Author: dtucker@openbsd.org <dtucker@openbsd.org>
564Date:   Tue Feb 28 21:31:50 2023 +0000
565
566    upstream: fatal out if allocating banner string fails to avoid
567
568    potential null deref later in sscanf.  Spotted by Coverity, ok deraadt@
569
570    OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5
571
572commit 44ca56ba0b3f531f1d85730cc701097cd49e6868
573Author: dtucker@openbsd.org <dtucker@openbsd.org>
574Date:   Tue Feb 28 08:45:24 2023 +0000
575
576    upstream: Explicitly ignore return from fchmod
577
578    similar to other calls to prevent warning.
579
580    OpenBSD-Commit-ID: fdc5287dcee0860b5a493186414226c655b0eb0a
581
582commit 803392933a3a6f09f834aa5f0c2aab06a3b382f4
583Author: dtucker@openbsd.org <dtucker@openbsd.org>
584Date:   Mon Feb 27 22:12:40 2023 +0000
585
586    upstream: Plug mem leak on globbed ls error path.
587
588     Spotted by Coverity, ok deraadt@
589
590    OpenBSD-Commit-ID: de28476025db29820a9a2e56e98b964d8a02861c
591
592commit aa33b4d396abf47a2a45f982f28d054fb1dcb5c3
593Author: Darren Tucker <dtucker@dtucker.net>
594Date:   Mon Feb 27 21:04:22 2023 +1100
595
596    Cast time_t's in debug output to long long.
597
598    Should fix Coverity warning about truncation of 64bit time_t.
599
600commit b0fd60a9de62a03189ad57d0c07f0ac51dc00e95
601Author: Darren Tucker <dtucker@dtucker.net>
602Date:   Mon Feb 27 17:28:59 2023 +1100
603
604    Do shadow expiry calcs using "long long".
605
606    Coverity flags these as potentially not 64bit time_t safe so use
607    long long for the calculations and debug output.  ok djm@
608
609commit 01dbeb3084d714bbd001ff9d03b9de542e8cdf58
610Author: Damien Miller <djm@mindrot.org>
611Date:   Mon Feb 27 17:07:52 2023 +1100
612
613    avoid clash between for getopt's struct option
614
615    Since we don't use getopt_long() nothing outside the getopt()
616    implementation itself uses this structure, so move it into the
617    source to remove it from visibility and clashes with libc's
618
619    ok dtucker@
620
621commit eb88d07c43afe407094e7d609248d85a15e148ef
622Author: Darren Tucker <dtucker@dtucker.net>
623Date:   Sat Feb 25 14:45:41 2023 +1100
624
625    Revert explicit chmods on private keys.
626
627    This should no longer be needed on Cygwin test runners due to previous
628    commit.
629
630commit 52b75db61030a6c8baf66b73644380cf3f58e26a
631Author: Darren Tucker <dtucker@dtucker.net>
632Date:   Sat Feb 25 14:43:28 2023 +1100
633
634    Remove extended ACLs from working dirs.
635
636    This should allow umask to work as expected and prevent tests from
637    failing due to excessive permissions on private keys.
638
639commit 0c5d4c843df5605b043a758d69f9a611ef63c479
640Author: Darren Tucker <dtucker@dtucker.net>
641Date:   Fri Feb 24 13:44:13 2023 +1100
642
643    Explicitly set permissions on user and host keys.
644
645    On cygwin, the umask might not be sufficient.  Should fix tests on
646    Github runners.
647
648commit 6c9fc9d7a9f7abf82c3294d74e6d4a25735862ce
649Author: djm@openbsd.org <djm@openbsd.org>
650Date:   Wed Feb 22 03:56:43 2023 +0000
651
652    upstream: fix progressmeter corruption on wide displays; bz3534
653
654    feedback/ok dtucker@
655
656    OpenBSD-Commit-ID: f4affee067cec7c182f3e0b307d758e0472762a3
657
658commit fe0bd3cde9665d364e5eedd2c2c2e60d4cdc3786
659Author: dtucker@openbsd.org <dtucker@openbsd.org>
660Date:   Tue Feb 21 06:48:18 2023 +0000
661
662    upstream: fseek to end of known_hosts before writing to it.
663
664    POSIX and ANSI C require that applications call fseek or similar between
665    read and writing to a RW file.  OpenBSD doesn't enforce this, but some
666    (System V derived) platforms need this to prevent it from writing a
667    spurious extra byte (in this case, a newline).  ok djm@ deraadt@
668
669    OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
670
671commit 357fb8ae14c07cd025eeed66e73de91bab569849
672Author: Darren Tucker <dtucker@dtucker.net>
673Date:   Tue Feb 21 17:51:09 2023 +1100
674
675    Also run unit tests on AIX VMs.
676
677    In the past these tests took too long, but these days it only adds
678    about 5 min to the run.
679
680commit 17781aaa5188ee1477f7779b280d105512e3dbed
681Author: Darren Tucker <dtucker@dtucker.net>
682Date:   Tue Feb 21 17:38:55 2023 +1100
683
684    Wrap stdint.h inside ifdef.
685
686commit ef798bad38505f7bf1b5fa5c0843dfc5a2b192b9
687Author: Mayank Sharma <mayank.fit2010@gmail.com>
688Date:   Mon Feb 20 17:37:15 2023 +0530
689
690    Add includes to ptimeout test.
691
692    Fixes test failures on AIX due to type mismatches.
693
694commit ab69dda05d5268454209f529fa80f477e60d846a
695Author: Darren Tucker <dtucker@dtucker.net>
696Date:   Mon Feb 20 18:24:39 2023 +1100
697
698    Always use the openssl binary configure tells us.
699
700    This fixes tests on platforms that do not have the openssl tool
701    installed at all.
702
703commit 2a7e3449908571af601a4c2d12ab140096442e47
704Author: dtucker@openbsd.org <dtucker@openbsd.org>
705Date:   Fri Feb 17 04:22:50 2023 +0000
706
707    upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The code
708
709    to set this was removed in OpenSSH 7.7 when support for SSH implementations
710    dating back to before RFC standardization were removed.  "burn it all" djm@
711
712    OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
713
714commit 0833ccf2c8b7ae08b296c06f17bd53e3ab94b0b0
715Author: dtucker@openbsd.org <dtucker@openbsd.org>
716Date:   Fri Feb 17 03:06:18 2023 +0000
717
718    upstream: Remove now-unused compat bit SSH_BUG_BIGENDIANAES. This
719
720    was previously set for OpenSSH 2.3 (released in 2000) but this check was
721    removed in OpenSSH 7.7 (2018).  ok djm@ deraadt@
722
723    OpenBSD-Commit-ID: 326426ea328707fc9e83305291ab135c87f678af
724
725commit c81c2bea6e828d52b62b448b4ffdd3c163177975
726Author: Damien Miller <djm@mindrot.org>
727Date:   Fri Feb 17 10:12:40 2023 +1100
728
729    whitespace fixes
730
731commit 500f90b39db5f0014e6b0c49ff1f45c994b69293
732Author: Damien Miller <djm@mindrot.org>
733Date:   Fri Feb 17 10:02:08 2023 +1100
734
735    whitespace at EOL
736
737commit 68350152406339170721c15e97afdf827a5e4001
738Author: dtucker@openbsd.org <dtucker@openbsd.org>
739Date:   Thu Feb 16 10:10:00 2023 +0000
740
741    upstream: Remove SSH_BUG_PASSWORDPAD compat bit
742
743    since it's no longer used. ok markus@
744
745    OpenBSD-Commit-ID: b92c21f56fe4b7f9a54790d6a9650725c226820b
746
747commit 537cccd804eaf65f32bdce037cc31db4e0ab0f44
748Author: dtucker@openbsd.org <dtucker@openbsd.org>
749Date:   Thu Feb 16 07:55:15 2023 +0000
750
751    upstream: Remove SSH_BUG_IGNOREMSG compat flag
752
753    since it's only applicable to SSH1 and thus no longer used.  ok markus@
754    "kill it with fire" djm@
755
756    OpenBSD-Commit-ID: ea13318b1937795d9db4790d3ce0a6ed01584dab
757
758commit 285cf6cd4b91a0a0ce33193c358c99085af33e43
759Author: jmc@openbsd.org <jmc@openbsd.org>
760Date:   Fri Feb 10 06:41:53 2023 +0000
761
762    upstream: space between macro and punctuation; sort usage();
763
764    OpenBSD-Commit-ID: 6141610cfca037700730e41f868d1d9124958f8c
765
766commit d39a96f70f81878c77336ed35f5c648c1804b71a
767Author: jmc@openbsd.org <jmc@openbsd.org>
768Date:   Fri Feb 10 06:40:48 2023 +0000
769
770    upstream: space between macro and punctuation;
771
772    OpenBSD-Commit-ID: abc95e550be9e6d9a7ff64b65c104c7be21ab19e
773
774commit 16e82bf53fc34e43e3b948d43b68d5b27a7335e6
775Author: jmc@openbsd.org <jmc@openbsd.org>
776Date:   Fri Feb 10 06:39:27 2023 +0000
777
778    upstream: sort SYNOPSIS;
779
780    OpenBSD-Commit-ID: dacd9da33277d5669a51213d880632599c890c1e
781
782commit d9685121ff6d57b8797411f3cb123884a4b96e30
783Author: Darren Tucker <dtucker@dtucker.net>
784Date:   Sat Feb 11 12:32:19 2023 +1100
785
786    Improve seccomp compat on older systems.
787
788    Check if flags to mmap and madvise are defined before using them.
789    Should fix problems building on older Linux systems that don't have
790    these.  bz#3537, with & ok djm@.
791
792commit 6180b0fa4f7996687678702806257e661fd5931e
793Author: djm@openbsd.org <djm@openbsd.org>
794Date:   Fri Feb 10 05:06:03 2023 +0000
795
796    upstream: test -Ohashalg=... and that the default output contains both
797
798    specified hash algorithms; prompted by dtucker@
799
800    OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
801
802commit d651f5c9fe37e61491eee46c49ba9fa03dbc0e6a
803Author: djm@openbsd.org <djm@openbsd.org>
804Date:   Fri Feb 10 04:56:30 2023 +0000
805
806    upstream: let ssh-keygen and ssh-keyscan accept
807
808    -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm
809    selection. bz3493 ok dtucker@
810
811    OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
812
813commit 18938d11a90b74d63c20b2d3c965d5bd64786ab1
814Author: djm@openbsd.org <djm@openbsd.org>
815Date:   Fri Feb 10 04:47:19 2023 +0000
816
817    upstream: add a `sshd -G` option that parses and prints the
818
819    effective configuration without attempting to load private keys and perform
820    other checks. This allows usage of the option before keys have been
821    generated.
822
823    bz3460 feedback/ok dtucker@
824
825    OpenBSD-Commit-ID: 774504f629023fc25a559ab1d95401adb3a7fb29
826
827commit df7d3dbf7194db8e97730ee0425d4d9d7bdb8b10
828Author: djm@openbsd.org <djm@openbsd.org>
829Date:   Fri Feb 10 04:40:28 2023 +0000
830
831    upstream: make `ssh -Q CASignatureAlgorithms` work as the manpage says
832
833    it should bz3532
834
835    OpenBSD-Commit-ID: 0ddb17b3fcbd99bfb5baea4ac5e449620cbd3adc
836
837commit d3b8d4198b6595f23b5859d43dc8fc701f97429b
838Author: Darren Tucker <dtucker@dtucker.net>
839Date:   Fri Feb 10 14:26:44 2023 +1100
840
841    Add CentOS 7 test targets.
842
843commit 22efb01e355bba4755b730ed417f91c081445bfc
844Author: dtucker@openbsd.org <dtucker@openbsd.org>
845Date:   Thu Feb 9 09:55:33 2023 +0000
846
847    upstream: Test adding terminating newline to known_hosts.
848
849    OpenBSD-Regress-ID: 5fc3010ac450195b3fbdeb68e875564968800365
850
851commit caec6da1a583ed8c32c6ad3b81bbcaab46ac8b61
852Author: dtucker@openbsd.org <dtucker@openbsd.org>
853Date:   Wed Feb 8 08:06:03 2023 +0000
854
855    upstream: ssh-agent doesn't actually take -v,
856
857    so the recently-added ones will result in the test not cleaning up
858    after itself.  Patch from cjwatson at debian.org vi bz#3536.
859
860    OpenBSD-Regress-ID: 1fc8283568f5bf2f918517c2c1e778072cf61b1a
861
862commit 3c379c9a849a635cc7f05cbe49fe473ccf469ef9
863Author: dtucker@openbsd.org <dtucker@openbsd.org>
864Date:   Thu Feb 9 09:54:11 2023 +0000
865
866    upstream: Ensure that there is a terminating newline when adding a new
867
868    entry to known_hosts.  bz#3529, with git+openssh at limpsquid.nl, ok deraadt@
869    markus@
870
871    OpenBSD-Commit-ID: fa8d90698da1886570512b96f051e266eac105e0
872
873commit 95b6bbd2553547260b324b39d602061c88b774bc
874Author: Darren Tucker <dtucker@dtucker.net>
875Date:   Tue Feb 7 08:43:47 2023 +1100
876
877    Replace 9.1 with 9.2 on CI status page.
878
879commit 195313dfe10a23c82e9d56d5fdd2f59beee1bdcf
880Author: Damien Miller <djm@mindrot.org>
881Date:   Fri Feb 3 16:33:09 2023 +1100
882
883    harden Linux seccomp sandbox
884
885    Linux mmap(2) and madvise(2) syscalls support quite a number of funky
886    flags that we don't expect that sshd/libc will ever need. We can
887    exclude this kernel attack surface by filtering the mmap(2) flags
888    and the madvise(2) advice arguments.
889
890    Similarly, the sandboxed process in sshd is a single-threaded program
891    that does not use shared memory for synchronisation or communication.
892    Therefore, there should be no reason for the advanced priority
893    inheritance futex(2) operations to be necessary. These can also be
894    excluded.
895
896    Motivated by Jann Horn pointing out that there have been kernel bugs
897    in nearby Linux kernel code, e.g. CVE-2020-29368, CVE-2020-29374 and
898    CVE-2022-42703.
899
900    Feedback Jann Horn, ok dtucker@
901
902commit 6dfb65de949cdd0a5d198edee9a118f265924f33
903Author: Damien Miller <djm@mindrot.org>
904Date:   Thu Feb 2 23:21:54 2023 +1100
905
906    crank versions in RPM specs
907
908commit d07cfb11a0ca574eb68a3931d8c46fbe862a2021
909Author: Damien Miller <djm@mindrot.org>
910Date:   Thu Feb 2 23:21:45 2023 +1100
911
912    update version in README
913
914commit 9fe207565b4ab0fe5d1ac5bb85e39188d96fb214
915Author: Damien Miller <djm@mindrot.org>
916Date:   Thu Feb 2 23:17:49 2023 +1100
917
918    adapt compat_kex_proposal() test to portable
919
920commit 903c556b938fff2d7bff8da2cc460254430963c5
921Author: djm@openbsd.org <djm@openbsd.org>
922Date:   Thu Feb 2 12:12:52 2023 +0000
923
924    upstream: test compat_kex_proposal(); by dtucker@
925
926    OpenBSD-Regress-ID: 0e404ee264db546f9fdbf53390689ab5f8d38bf2
927
928commit 405fba71962dec8409c0c962408e09049e5624b5
929Author: dtucker@openbsd.org <dtucker@openbsd.org>
930Date:   Thu Jan 19 07:53:45 2023 +0000
931
932    upstream: Check if we can copy sshd or need to use sudo to do so
933
934    during reexec test. Skip test if neither can work.  Patch from anton@, tweaks
935    from me.
936
937    OpenBSD-Regress-ID: 731b96ae74d02d5744e1f1a8e51d09877ffd9b6d
938
939commit b2a2a8f69fd7737ea17dc044353c514f2f962f35
940Author: djm@openbsd.org <djm@openbsd.org>
941Date:   Thu Feb 2 12:10:22 2023 +0000
942
943    upstream: openssh-9.2
944
945    OpenBSD-Commit-ID: f7389f32413c74d6e2055f05cf65e7082de03923
946
947commit 12da7823336434a403f25c7cc0c2c6aed0737a35
948Author: djm@openbsd.org <djm@openbsd.org>
949Date:   Thu Feb 2 12:10:05 2023 +0000
950
951    upstream: fix double-free caused by compat_kex_proposal(); bz3522
952
953    by dtucker@, ok me
954
955    OpenBSD-Commit-ID: 2bfc37cd2d41f67dad64c17a64cf2cd3806a5c80
956
957commit 79efd95ab5ff99f4cb3a955e2d713b3f54fb807e
958Author: Darren Tucker <dtucker@dtucker.net>
959Date:   Wed Feb 1 17:17:26 2023 +1100
960
961    Skip connection-timeout test on minix3.
962
963    Minix 3's Unix domain sockets don't seem to work the way we expect, so
964    skip connection-timeout test on that platform.  While there, group
965    together all similarly skipped tests and explicitly comment.
966
967commit 6b508c4e039619842bcf5a16f8a6b08dd6bec44a
968Author: Damien Miller <djm@mindrot.org>
969Date:   Wed Feb 1 12:12:05 2023 +1100
970
971    fix libfido2 detection without pkg-config
972
973    Place libfido2 before additional libraries (that it may depend upon)
974    and not after. bz3530 from James Zhang; ok dtucker@
975
976commit 358e300fed5e6def233a2c06326e51e20ebed621
977Author: deraadt@openbsd.org <deraadt@openbsd.org>
978Date:   Wed Jan 18 20:56:36 2023 +0000
979
980    upstream: delete useless dependency
981
982    OpenBSD-Commit-ID: e1dc11143f83082e3154d6094f9136d0dc2637ad
983
984commit a4cb9be1b021b511e281ee55c356f964487d9e82
985Author: deraadt@openbsd.org <deraadt@openbsd.org>
986Date:   Wed Jan 18 20:43:15 2023 +0000
987
988    upstream: Create and install sshd random relink kit.
989
990    ../Makefile.inc and Makfile are concatenated for reuse, which hopefully won't
991    be too fragile, we'll see if we need a different approach. The resulting sshd
992    binary is tested with the new sshd -V option before installation.  As the
993    binary layout is now semi-unknown (meaning relative, fixed, and gadget
994    offsets are not precisely known), change the filesystem permissions to 511 to
995    prevent what I call "logged in BROP". I have ideas for improving this further
996    but this is a first step ok djm
997
998    OpenBSD-Commit-ID: 1e0a2692b7e20b126dda60bf04999d1d30d959d8
999
1000commit bc7de6f91a9a0ae2f148a9d31a4027d441a51999
1001Author: jmc@openbsd.org <jmc@openbsd.org>
1002Date:   Wed Jan 18 06:55:32 2023 +0000
1003
1004    upstream: tweak previous; ok djm
1005
1006    OpenBSD-Commit-ID: df71ce4180c58202dfdc1d92626cfe900b91b7c3
1007
1008commit a20b7e999773e6333c8aa9b0a7fa41966e63b037
1009Author: Darren Tucker <dtucker@dtucker.net>
1010Date:   Tue Jan 31 19:35:44 2023 +1100
1011
1012    Skip connection-timeout test under Valgrind.
1013
1014    Valgrind slows things down so much that the timeout test fails.  Skip
1015    this test until we figure out if we can make it work.
1016
1017commit c3ffb54b4fc5e608206037921db6ccbc2f5ab25f
1018Author: Darren Tucker <dtucker@dtucker.net>
1019Date:   Wed Jan 25 21:58:40 2023 +1100
1020
1021    Skip connection-timeout when missing FD passing.
1022
1023    This tests uses multiplexing which uses file descriptor passing, so
1024    skip it if we don't have that.  Fixes test failures on Cygwin.
1025
1026commit 35253af01d8c0ab444c8377402121816e71c71f5
1027Author: djm@openbsd.org <djm@openbsd.org>
1028Date:   Wed Jan 18 02:00:10 2023 +0000
1029
1030    upstream: when restoring non-blocking mode to stdio fds, restore
1031
1032    exactly the flags that ssh started with and don't just clobber them with
1033    zero, as this could also remove the append flag from the set;
1034
1035    bz3523; ok dtucker@
1036
1037    OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
1038
1039commit 7d17ea151c0b2519f023bd9cc7f141128833ac47
1040Author: millert@openbsd.org <millert@openbsd.org>
1041Date:   Wed Jan 18 01:50:21 2023 +0000
1042
1043    upstream: Add a -V (version) option to sshd like the ssh client
1044
1045    has. OK markus@ deraadt@
1046
1047    OpenBSD-Commit-ID: abe990ec3e636fb040132aab8cbbede98f0c413e
1048
1049commit 62360feb7f08f2a4c6fc36f3b3449309203c42c9
1050Author: millert@openbsd.org <millert@openbsd.org>
1051Date:   Tue Jan 17 18:52:44 2023 +0000
1052
1053    upstream: For "ssh -V" always exit 0, there is no need to check opt
1054
1055    again. This was missed when the fallthrough in the switch case above it was
1056    removed.  OK deraadt@
1057
1058    OpenBSD-Commit-ID: 5583e5d8f6d62a8a4215cfa95a69932f344c8120
1059
1060commit 12492c0abf1eb415d08a897cc1d8b9e789888230
1061Author: djm@openbsd.org <djm@openbsd.org>
1062Date:   Tue Jan 17 10:15:10 2023 +0000
1063
1064    upstream: also check that an active session inhibits
1065
1066    UnusedConnectionTimeout idea markus@
1067
1068    OpenBSD-Regress-ID: 55c0fb61f3bf9e092b0a53f9041d3d2012f14003
1069
1070commit cef2593c33ac46a58238ff998818754eabdf64ff
1071Author: djm@openbsd.org <djm@openbsd.org>
1072Date:   Tue Jan 17 10:02:34 2023 +0000
1073
1074    upstream: regression test for UnusedConnectionTimeout
1075
1076    OpenBSD-Regress-ID: 7f29001374a68e71e5e078f69e4520cf4bcca084
1077
1078commit aff9493a89c71d6a080419b49ac64eead9730491
1079Author: djm@openbsd.org <djm@openbsd.org>
1080Date:   Mon Jan 16 04:11:29 2023 +0000
1081
1082    upstream: unbreak test: cannot access shell positional parameters
1083
1084    past $9 without wrapping the position in braces (i.e. need ${10}, etc.)
1085
1086    OpenBSD-Regress-ID: 3750ec98d5d409ce6a93406fedde6f220d2ea2ac
1087
1088commit 0293c19807f83141cdf33b443154459f9ee471f6
1089Author: djm@openbsd.org <djm@openbsd.org>
1090Date:   Tue Jan 17 09:44:48 2023 +0000
1091
1092    upstream: Add a sshd_config UnusedConnectionTimeout option to terminate
1093
1094    client connections that have no open channels for some length of time. This
1095    complements the recently-added ChannelTimeout option that terminates inactive
1096    channels after a timeout.
1097
1098    ok markus@
1099
1100    OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
1101
1102commit 8ec2e3123802d2beeca06c1644b0b647f6d36dab
1103Author: djm@openbsd.org <djm@openbsd.org>
1104Date:   Sun Jan 15 23:35:10 2023 +0000
1105
1106    upstream: adapt to ed25519 changes in src/usr.bin/ssh
1107
1108    OpenBSD-Regress-ID: 4b3e7ba7ee486ae8a0b4790f8112eded2bb7dcd5
1109
1110commit 9fbbfeca1ce4c7ec0001c827bbf4189a3ba0964b
1111Author: djm@openbsd.org <djm@openbsd.org>
1112Date:   Sun Jan 15 23:05:32 2023 +0000
1113
1114    upstream: update OpenSSH's Ed25519 code to the last version of SUPERCOP
1115
1116    (20221122) and change the import approach to the same one we use for
1117    Streamlined NTRUPrime: use a shell script to extract the bits we need from
1118    SUPERCOP, make some minor adjustments and squish them all into a single file.
1119
1120    ok tb@ tobhe@
1121
1122    OpenBSD-Commit-ID: 1bc0fd624cb6af440905b8ba74ac7c03311b8e3b
1123
1124commit 6283f4bd83eee714d0f5fc55802eff836b06fea8
1125Author: Darren Tucker <dtucker@dtucker.net>
1126Date:   Sat Jan 14 22:02:44 2023 +1100
1127
1128    Allow writev is seccomp sandbox.
1129
1130    This seems to be used by recent glibcs at least in some configurations.
1131    From bz#3512, ok djm@
1132
1133commit 923c3f437f439cfca238fba37e97a7041782f615
1134Author: dtucker@openbsd.org <dtucker@openbsd.org>
1135Date:   Sat Jan 14 10:05:54 2023 +0000
1136
1137    upstream: Shell syntax fix. From ren mingshuai vi github PR#369.
1138
1139    OpenBSD-Regress-ID: 6696b2eeefe128099fc3d7ea9f23252cc35156f9
1140
1141commit 4d87a00f704e0365e11c3c38b170c1275ec461fc
1142Author: dtucker@openbsd.org <dtucker@openbsd.org>
1143Date:   Sat Jan 14 09:57:08 2023 +0000
1144
1145    upstream: Instead of skipping the all-tokens test if we don't have
1146
1147    OpenSSL (since we use it to compute the hash), put the hash at the end and
1148    just omit it if we don't have it.  Prompted by bz#3521.
1149
1150    OpenBSD-Regress-ID: c79ecba64250ed3b6417294b6c965e6b12ca5eea
1151
1152commit b05406d6f93b8c8ec11ec8b27e7c76cc7a5a55fb
1153Author: jmc@openbsd.org <jmc@openbsd.org>
1154Date:   Fri Jan 13 07:13:40 2023 +0000
1155
1156    upstream: fix double phrase in previous;
1157
1158    OpenBSD-Commit-ID: 671e6c8dc5e9230518b2bbfa143daaa88adc66c2
1159
1160commit 40564812b659c530eb1f4b62d09e85612aef3107
1161Author: dtucker@openbsd.org <dtucker@openbsd.org>
1162Date:   Fri Jan 13 03:16:29 2023 +0000
1163
1164    upstream: Document "UserKnownHostsFile none". ok djm@
1165
1166    OpenBSD-Commit-ID: f695742d39e34ecdcc3c861c3739a84648a4bce5
1167
1168commit d03e245e034019a37388f6f5f893ce848ab6d2e2
1169Author: Darren Tucker <dtucker@dtucker.net>
1170Date:   Fri Jan 13 23:02:34 2023 +1100
1171
1172    Retry package installation 3 times.
1173
1174    When setting up the CI environment, retry package installation 3 times
1175    before going up.  Should help prevent spurious failures during
1176    infrastructure issues.
1177
1178commit 625f6bc39840167dafb3bf5b6a3e18503ac986e8
1179Author: dtucker@openbsd.org <dtucker@openbsd.org>
1180Date:   Fri Jan 13 04:47:34 2023 +0000
1181
1182    upstream: Move scp path setting to a helper function. The previous
1183
1184    commit to add scp to the test sshd's path causes the t-envpass test to fail
1185    when the test scp is given using a fully qualified path.  Put this in a
1186    helper function and only call it from the scp tests.
1187
1188    OpenBSD-Regress-ID: 7533dc1c4265c1de716abb062957994195b36df4
1189
1190commit 6e6f88647042b3cde54a628545c2f5fb656a9327
1191Author: dtucker@openbsd.org <dtucker@openbsd.org>
1192Date:   Fri Jan 13 04:23:00 2023 +0000
1193
1194    upstream: Add scp's path to test sshd's PATH.
1195
1196    If the scp we're testing is fully qualified (eg it's not in the system
1197    PATH) then add its path to the under-test sshd's PATH so we can find
1198    it. Prompted by bz#3518.
1199
1200    OpenBSD-Regress-ID: 7df4f5a0be3aa135495b7e5a6719d3cbc26cc4c0
1201
1202commit 8a5e99a70fcf9b022a8aa175ebf6a71f58511da3
1203Author: Darren Tucker <dtucker@dtucker.net>
1204Date:   Fri Jan 13 15:49:48 2023 +1100
1205
1206    Remove skipping test when scp not in path.
1207
1208    An upcoming change renders this obsolete by adding scp's path to the
1209    test sshd's PATH, and removing this first will make the subsequent sync
1210    easier.
1211
1212commit 41f36dd896c8fb8337d403fcf476762986976e9d
1213Author: dtucker@openbsd.org <dtucker@openbsd.org>
1214Date:   Fri Jan 13 02:58:20 2023 +0000
1215
1216    upstream: Add a "Host" line to the output of ssh -G showing the
1217
1218    original host arg. Inspired by patch from vincent at bernat.ch via bz#3343,
1219    ok djm@
1220
1221    OpenBSD-Commit-ID: 59c0f60a222113a44d0650cd394376e3beecc883
1222
1223commit f673b49f3be3eb51074fbb8a405beb6cd0f7d93e
1224Author: djm@openbsd.org <djm@openbsd.org>
1225Date:   Fri Jan 13 02:44:02 2023 +0000
1226
1227    upstream: avoid printf("%s", NULL) if using ssh
1228
1229    -oUserKnownHostsFile=none and a hostkey in one of the system known hosts file
1230    changes; ok dtucker@
1231
1232    OpenBSD-Commit-ID: 7ca87614bfc6da491315536a7f2301434a9fe614
1233
1234commit 93fc7c576563e3d88a1dc019dd213f65607784cc
1235Author: djm@openbsd.org <djm@openbsd.org>
1236Date:   Wed Jan 11 05:39:38 2023 +0000
1237
1238    upstream: clamp the minimum buffer lengths and number of inflight
1239
1240    requests too
1241
1242    OpenBSD-Commit-ID: c4965f62fa0ba850940fd66ae3f60cf516bbcd56
1243
1244commit 48bf234322e639d279c5a28435eae50155e9b514
1245Author: djm@openbsd.org <djm@openbsd.org>
1246Date:   Wed Jan 11 05:36:50 2023 +0000
1247
1248    upstream: ignore bogus upload/download buffer lengths in the limits
1249
1250    extension
1251
1252    OpenBSD-Commit-ID: c5b023e0954693ba9a5376e4280c739b5db575f8
1253
1254commit 36b00d31833ca74cb0f7c7d8eda1bde55700f929
1255Author: djm@openbsd.org <djm@openbsd.org>
1256Date:   Wed Jan 11 02:13:52 2023 +0000
1257
1258    upstream: remove whitespace at EOL from code extracted from SUPERCOP
1259
1260    OpenBSD-Commit-ID: 1ec524ff2fbb9387d731601437c82008f35a60f4
1261
1262commit d888de06c5e4d7dbf2f2b85f2b5bf028c570cf78
1263Author: djm@openbsd.org <djm@openbsd.org>
1264Date:   Wed Jan 11 00:51:27 2023 +0000
1265
1266    upstream: rewrite this test to use a multiplexed ssh session so we can
1267
1268    control its lifecycle without risk of race conditions; fixes some of the
1269    Github integration tests for openssh-portable
1270
1271    OpenBSD-Regress-ID: 5451cad59ba0d43ae9eeda48ec80f54405fee969
1272
1273commit 4bcc737a35fdd9cc4af7423d6c23dfd0c7ef4786
1274Author: Damien Miller <djm@mindrot.org>
1275Date:   Wed Jan 11 11:45:17 2023 +1100
1276
1277    remove buffer len workaround for NetBSD 4.x
1278
1279    Switching to from pipes to a socketpair for communicating with the
1280    ssh process avoids the (kernel bug?) problem.
1281
1282commit f5154d2aac3e6a32a1b13dec23a701a087850cdc
1283Author: Damien Miller <djm@mindrot.org>
1284Date:   Wed Jan 11 11:44:19 2023 +1100
1285
1286    add back use of pipes in scp.c under USE_PIPES
1287
1288    This matches sftp.c which prefers socketpair but uses pipes on
1289    some older platforms.
1290
1291commit eec737b59cf13841de46134967a206607000acd4
1292Author: millert@openbsd.org <millert@openbsd.org>
1293Date:   Tue Jan 10 23:22:15 2023 +0000
1294
1295    upstream: Switch scp from using pipes to a socketpair for
1296
1297    communication with it's ssh sub-processes.  We no longer need to reserve two
1298    descriptors to ensure that we don't end up using fd 0-2 unexpectedly, that is
1299    handled by sanitise_stdfd() in main(). Based on an original diff from djm@.
1300    OK deraadt@ djm@
1301
1302    OpenBSD-Commit-ID: b80c372faac462471e955ddeab9480d668a2e48d
1303
1304commit d213d126a4a343abd3a1eb13687d39c1891fe5c8
1305Author: jmc@openbsd.org <jmc@openbsd.org>
1306Date:   Fri Jan 6 08:44:11 2023 +0000
1307
1308    upstream: tweak previous; ok djm
1309
1310    OpenBSD-Commit-ID: 229c493452766d70a78b0f02f6ff9894f9028858
1311
1312commit 4a5590a5ee47b7dfd49773e9fdba48ad3089fe64
1313Author: Damien Miller <djm@mindrot.org>
1314Date:   Mon Jan 9 16:33:56 2023 +1100
1315
1316    try to improve logging for dynamic-forward test
1317
1318    previously the logs from the ssh used to exercise the forwarding
1319    channel would clobber the logs from the ssh actually doing the
1320    forwarding
1321
1322commit 715bc25dcfccf9fb2bee820155fe071d01a618db
1323Author: Darren Tucker <dtucker@dtucker.net>
1324Date:   Sat Jan 7 23:24:50 2023 +1100
1325
1326    Skip dynamic-forward test on minix3.
1327
1328    This test relies on loopback addresses which minix does not have.
1329    Previously the test would not run at all since it also doesn't have
1330    netcat, but now we use our own netcat it tries and fails.
1331
1332commit dd1249bd5c45128a908395c61b26996a70f82205
1333Author: Damien Miller <djm@mindrot.org>
1334Date:   Sun Jan 8 12:08:59 2023 +1100
1335
1336    don't test IPv6 addresses if platform lacks support
1337
1338commit d77fc611a62f2dfee0b654c31a50a814b13310dd
1339Author: dtucker@openbsd.org <dtucker@openbsd.org>
1340Date:   Fri Jan 6 12:33:33 2023 +0000
1341
1342    upstream: When OpenSSL is not available, skip parts of percent test
1343
1344    that require it. Based on github pr#368 from ren mingshuai.
1345
1346    OpenBSD-Regress-ID: 49a375b2cf61ccb95b52e75e2e025cd10988ebb2
1347
1348commit 1cd2aac312af9172f1b5cb06c2e1cd090abb83cf
1349Author: Darren Tucker <dtucker@dtucker.net>
1350Date:   Sat Jan 7 23:01:11 2023 +1100
1351
1352    Use our own netcat for dynamic-forward test.
1353
1354    That way we can be surer about its behaviour rather than trying to
1355    second-guess the behaviour of various netcat implementations.
1356
1357commit 26cab41c05d7b0859d2a1ea5b6ed253d91848a80
1358Author: Darren Tucker <dtucker@dtucker.net>
1359Date:   Sat Jan 7 14:30:43 2023 +1100
1360
1361    Use autoconf to find openssl binary.
1362
1363    It's possible to install an OpenSSL in a path not in the system's
1364    default library search path.  OpenSSH can still use this (eg if you
1365    specify an rpath) but the openssl binary there may not work.  If one is
1366    available on the system path just use that.
1367
1368commit 5532e010a0eeb6aa264396514f9aed7948471538
1369Author: Darren Tucker <dtucker@dtucker.net>
1370Date:   Sat Jan 7 10:34:18 2023 +1100
1371
1372    Check openssl_bin path is executable before using.
1373
1374commit 5d7b16cff48598d5908db970bfdc9ff9326142c8
1375Author: Darren Tucker <dtucker@dtucker.net>
1376Date:   Fri Jan 6 23:19:07 2023 +1100
1377
1378    Set OPENSSL_BIN from OpenSSL directory.
1379
1380commit 344a0e8240eaf08da5d46a5e3a9ecad6e4f64c35
1381Author: dtucker@openbsd.org <dtucker@openbsd.org>
1382Date:   Fri Jan 6 08:50:33 2023 +0000
1383
1384    upstream: Save debug logs from ssh for debugging purposes.
1385
1386    OpenBSD-Regress-ID: 109e40b06de1c006a3b8e0d8745b790b2c5870a0
1387
1388commit e1ef172646f7f49c80807eea90225ef5e0be55a8
1389Author: djm@openbsd.org <djm@openbsd.org>
1390Date:   Fri Jan 6 08:07:39 2023 +0000
1391
1392    upstream: regression test for ChannelTimeout
1393
1394    OpenBSD-Regress-ID: 280bfbefcfa415428ad744e43f69a8dede8ad685
1395
1396commit 2393ea8daf25853459eb07a528d7577688847777
1397Author: djm@openbsd.org <djm@openbsd.org>
1398Date:   Fri Jan 6 07:18:18 2023 +0000
1399
1400    upstream: fix typo in verbose logging
1401
1402    OpenBSD-Regress-ID: 0497cdb66e003b2f50ed77291a9104fba2e017e9
1403
1404commit 161a5378a3cc2e7aa3f9674cb7f4686ae6ce9586
1405Author: djm@openbsd.org <djm@openbsd.org>
1406Date:   Fri Jan 6 02:59:50 2023 +0000
1407
1408    upstream: unit tests for misc.c:ptimeout_* API
1409
1410    OpenBSD-Regress-ID: 01f8fb12d08e5aaadd4bd4e71f456b6588be9a94
1411
1412commit 018d671d78145f03d6f07ae9d64d51321da70325
1413Author: tb@openbsd.org <tb@openbsd.org>
1414Date:   Wed Jan 4 22:48:57 2023 +0000
1415
1416    upstream: Copy bytes from the_banana[] rather than banana()
1417
1418    Fixes test failure due to segfault seen on arm64 with xonly snap.
1419
1420    ok djm
1421
1422    OpenBSD-Regress-ID: 86e2aa4bbd1dff1bc4ebb2969c0d6474485be046
1423
1424commit ab6bb69e251faa8b24f81b25c72ec0120f20cad4
1425Author: Damien Miller <djm@mindrot.org>
1426Date:   Fri Jan 6 19:13:36 2023 +1100
1427
1428    unbreak scp on NetBSD 4.x
1429
1430    e555d5cad5 effectively increased the default copy buffer size for SFTP
1431    transfers. This caused NetBSD 4.x to hang during the "copy local file to
1432    remote file in place" scp.sh regression test.
1433
1434    This puts back the original 32KB copy buffer size until we can properly
1435    figure out why.
1436
1437    lots of debugging assistance from dtucker@
1438
1439commit 2d1ff2b9431393ad99ef496d5e3b9dd0d4f5ac8c
1440Author: djm@openbsd.org <djm@openbsd.org>
1441Date:   Fri Jan 6 02:47:18 2023 +0000
1442
1443    upstream: Implement channel inactivity timeouts
1444
1445    This adds a sshd_config ChannelTimeouts directive that allows channels that
1446    have not seen traffic in a configurable interval to be automatically closed.
1447    Different timeouts may be applied to session, X11, agent and TCP forwarding
1448    channels.
1449
1450    Note: this only affects channels over an opened SSH connection and not
1451    the connection itself. Most clients close the connection when their channels
1452    go away, with a notable exception being ssh(1) in multiplexing mode.
1453
1454    ok markus dtucker
1455
1456    OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
1457
1458commit 0e34348d0bc0b1522f75d6212a53d6d1d1367980
1459Author: djm@openbsd.org <djm@openbsd.org>
1460Date:   Fri Jan 6 02:42:34 2023 +0000
1461
1462    upstream: Add channel_set_xtype()
1463
1464    This sets an "extended" channel type after channel creation (e.g.
1465    "session:subsystem:sftp") that will be used for setting channel inactivity
1466    timeouts.
1467
1468    ok markus dtucker
1469
1470    OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
1471
1472commit ceedf09b2977f3a756c759a6e7eb8f8e9db86a18
1473Author: djm@openbsd.org <djm@openbsd.org>
1474Date:   Fri Jan 6 02:41:49 2023 +0000
1475
1476    upstream: tweak channel ctype names
1477
1478    These are now used by sshd_config:ChannelTimeouts to specify timeouts by
1479    channel type, so force them all to use a similar format without whitespace.
1480
1481    ok dtucker markus
1482
1483    OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
1484
1485commit c60438158ad4b2f83d8504257aba1be7d0b0bb4b
1486Author: djm@openbsd.org <djm@openbsd.org>
1487Date:   Fri Jan 6 02:39:59 2023 +0000
1488
1489    upstream: Add channel_force_close()
1490
1491    This will forcibly close an open channel by simulating read/write errors,
1492    draining the IO buffers and calling the detach function.
1493
1494    Previously the detach function was only ever called during channel garbage
1495    collection, but there was no way to signal the user of a channel (e.g.
1496    session.c) that its channel was being closed deliberately (vs. by the
1497    usual state-machine logic). So this adds an extra "force" argument to the
1498    channel cleanup callback to indicate this condition.
1499
1500    ok markus dtucker
1501
1502    OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
1503
1504commit d478cdc7ad6edd4b1bcd1e86fb2f23194ff33d5a
1505Author: djm@openbsd.org <djm@openbsd.org>
1506Date:   Fri Jan 6 02:38:23 2023 +0000
1507
1508    upstream: replace manual poll/ppoll timeout math with ptimeout API
1509
1510    feedback markus / ok markus dtucker
1511
1512    OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
1513
1514commit 4adf3817a24efe99b06e62630577d683c7cd8065
1515Author: djm@openbsd.org <djm@openbsd.org>
1516Date:   Fri Jan 6 02:37:04 2023 +0000
1517
1518    upstream: add ptimeout API for keeping track of poll/ppoll
1519
1520    timeouts; ok dtucker markus
1521
1522    OpenBSD-Commit-ID: 3335268ca135b3ec15a947547d7cfbb8ff929ead
1523
1524commit 8c7c69d32375d2f3ce9da0109c9bffc560842316
1525Author: djm@openbsd.org <djm@openbsd.org>
1526Date:   Thu Jan 5 05:49:13 2023 +0000
1527
1528    upstream: suppress "Connection closed" message when in quiet mode
1529
1530    OpenBSD-Commit-ID: 8a3ab7176764da55f60bfacfeae9b82d84e3908f
1531
1532commit 845ceecea2ac311b0c267f9ecbd34862e1876fc6
1533Author: djm@openbsd.org <djm@openbsd.org>
1534Date:   Mon Jan 2 07:03:57 2023 +0000
1535
1536    upstream: regression test for PermitRemoteOpen
1537
1538    OpenBSD-Regress-ID: 8271aafbf5c21950cd5bf966f08e585cebfe630c
1539
1540commit b3daa8dc582348d6ab8150bc1e571b7aa08c5388
1541Author: djm@openbsd.org <djm@openbsd.org>
1542Date:   Mon Jan 2 07:03:30 2023 +0000
1543
1544    upstream: fix bug in PermitRemoteOpen which caused it to ignore its
1545
1546    first argument unless it was one of the special keywords "any" or "none".
1547
1548    Reported by Georges Chaudy in bz3515; ok dtucker@
1549
1550    OpenBSD-Commit-ID: c5678a39f1ff79993d5ae3cfac5746a4ae148ea5
1551
1552commit 0872663a7be0301bcc3d49acdbc9b740a3d972d4
1553Author: jmc@openbsd.org <jmc@openbsd.org>
1554Date:   Mon Dec 26 19:16:03 2022 +0000
1555
1556    upstream: spelling fixes; from paul tagliamonte amendments to his
1557
1558    diff are noted on tech
1559
1560    OpenBSD-Commit-ID: d776dd03d0b882ca9c83b84f6b384f6f9bd7de4a
1561
1562commit 797da2812a71785b34890bb6eb44767a7d09cd34
1563Author: djm@openbsd.org <djm@openbsd.org>
1564Date:   Fri Dec 16 07:13:22 2022 +0000
1565
1566    upstream: Mention that scp uses the SFTP protocol and remove
1567
1568    reference to legacy flag. Spotted by, feedback and ok jmc@
1569
1570    OpenBSD-Commit-ID: 9dfe04966f52e941966b46c7a2972147f95281b3
1571
1572commit 93f2ce8c050a7a2a628646c00b40b9b53fef93ef
1573Author: djm@openbsd.org <djm@openbsd.org>
1574Date:   Fri Dec 16 06:56:47 2022 +0000
1575
1576    upstream: Clear signal mask early in main(); sshd may have been
1577
1578    started with one or more signals masked (sigprocmask(2) is not cleared
1579    on fork/exec) and this could interfere with various things, e.g. the
1580    login grace timer.
1581
1582    Execution environments that fail to clear the signal mask before running
1583    sshd are clearly broken, but apparently they do exist.
1584
1585    Reported by Sreedhar Balasubramanian; ok dtucker@
1586
1587    OpenBSD-Commit-ID: 77078c0b1c53c780269fc0c416f121d05e3010ae
1588
1589commit 4acfaabfae41badb9d334a2ee88c5c6ad041c0d5
1590Author: jmc@openbsd.org <jmc@openbsd.org>
1591Date:   Fri Dec 16 06:52:48 2022 +0000
1592
1593    upstream: add -X to usage();
1594
1595    OpenBSD-Commit-ID: 1bdc3df7de11d766587b0428318336dbffe4a9d0
1596
1597commit e555d5cad5afae7d5ef2bbc02ca591178fe16fed
1598Author: djm@openbsd.org <djm@openbsd.org>
1599Date:   Fri Dec 16 03:40:03 2022 +0000
1600
1601    upstream: add a -X option to both scp(1) and sftp(1) to allow
1602
1603    control over some SFTP protocol knobs: the copy buffer length and
1604    the number of inflight requests, both of which are used during
1605    upload/download.
1606
1607    Previously these could be controlled in sftp(1) using the -b/-R options.
1608    This makes them available in both SFTP protocol clients using the same
1609    option character sequence.
1610
1611    ok dtucker@
1612
1613    OpenBSD-Commit-ID: 27502bffc589776f5da1f31df8cb51abe9a15f1c
1614
1615commit 5a7a7acab2f466dc1d7467b5d05d35268c3137aa
1616Author: deraadt@openbsd.org <deraadt@openbsd.org>
1617Date:   Thu Dec 15 18:20:39 2022 +0000
1618
1619    upstream: The idiomatic way of coping with signed char vs unsigned
1620
1621    char (which did not come from stdio read functions) in the presence of
1622    ctype macros, is to always cast to (unsigned char).  casting to (int)
1623    for a "macro" which is documented to take int, is weird.  And sadly wrong,
1624    because of the sing extension risk.. same diff from florian
1625
1626    OpenBSD-Commit-ID: 65b9a49a68e22ff3a0ebd593f363e9f22dd73fea
1627
1628commit b0b58222c7cc62efd8212c4fb65a545f58ebb22d
1629Author: Darren Tucker <dtucker@dtucker.net>
1630Date:   Mon Dec 19 18:49:51 2022 +1100
1631
1632    Simply handling of SSH_CONNECTION PAM env var.
1633
1634    Prompted by bz#3508: there's no need to cache the value of
1635    sshpam_conninfo so remove the global.  While there, add check of
1636    return value from pam_putenv.  ok djm@
1637
1638commit ed8444572ae684fdb892f97bae342c6cb6456f04
1639Author: Darren Tucker <dtucker@dtucker.net>
1640Date:   Mon Dec 19 18:42:34 2022 +1100
1641
1642    Add tests for LibreSSL 3.7.0 and OpenSSL 1.1.1s.
1643
1644commit abb9a8aaddfcacbd12641f6e4f203da0fa85a287
1645Author: Darren Tucker <dtucker@dtucker.net>
1646Date:   Sun Dec 18 21:36:25 2022 +1100
1647
1648    Use sudo when resetting perms on directories.
1649
1650commit 2f5664c5908d84697cbe91302d5d5c4d83cb2121
1651Author: Darren Tucker <dtucker@dtucker.net>
1652Date:   Sun Dec 18 21:19:33 2022 +1100
1653
1654    Set group perms on regress dir.
1655
1656    This ensures that the tests don't fail due to StrictMode checks.
1657
1658commit 137196300fc1540affadde880210f02ba6cb4abf
1659Author: Darren Tucker <dtucker@dtucker.net>
1660Date:   Sun Dec 18 21:13:42 2022 +1100
1661
1662    Fetch regress logs from obj dir.
1663
1664commit 5f93c4836527d9fda05de8944a1c7b4a205080c7
1665Author: Darren Tucker <dtucker@dtucker.net>
1666Date:   Tue Dec 13 20:59:54 2022 +1100
1667
1668    obsdsnap test VMs runs-on libvirt too.
1669
1670commit 8386886fb1ab7fda73069fb0db1dbe0e5a52f758
1671Author: Darren Tucker <dtucker@dtucker.net>
1672Date:   Tue Dec 13 20:55:37 2022 +1100
1673
1674    Run upstream obsdsnap tests on ephemeral runners.
1675
1676commit b6e01459b55ece85d7f296b2bc719d1841e1009e
1677Author: Darren Tucker <dtucker@dtucker.net>
1678Date:   Tue Dec 13 20:48:56 2022 +1100
1679
1680    Move obsdsnap test VMs to ephemeral runners.
1681
1682commit ea6fdf9a1aa71a411f7db218a986392c4fb55693
1683Author: Damien Miller <djm@mindrot.org>
1684Date:   Fri Dec 9 18:00:21 2022 +1100
1685
1686    use calloc for allocating arc4random structs
1687
1688    ok dtucker
1689
1690commit 4403b62f5548e91389cb3339d26a9d0c4bb07b34
1691Author: dtucker@openbsd.org <dtucker@openbsd.org>
1692Date:   Fri Dec 9 00:22:29 2022 +0000
1693
1694    upstream: Warn if no host keys for hostbased auth can be loaded.
1695
1696    OpenBSD-Commit-ID: 2a0a13132000cf8d3593133c1b49768aa3c95977
1697
1698commit a6183e25e3f1842e21999fe88bc40bb99b121dc3
1699Author: dtucker@openbsd.org <dtucker@openbsd.org>
1700Date:   Fri Dec 9 00:17:40 2022 +0000
1701
1702    upstream: Add server debugging for hostbased auth.
1703
1704    auth_debug_add queues messages about the auth process which is sent to
1705    the client after successful authentication.  This also sends those to
1706    the server debug log to aid in debugging.  From bz#3507, ok djm@
1707
1708    OpenBSD-Commit-ID: 46ff67518cccf9caf47e06393e2a121ee5aa258a
1709
1710commit b85c3581c16aaf6e83b9a797c80705a56b1f312e
1711Author: cheloha@openbsd.org <cheloha@openbsd.org>
1712Date:   Sun Dec 4 23:50:49 2022 +0000
1713
1714    upstream: remove '?' from getopt(3) loops
1715
1716    userspace: remove vestigial '?' cases from top-level getopt(3) loops
1717
1718    getopt(3) returns '?' when it encounters a flag not present in the in
1719    the optstring or if a flag is missing its option argument.  We can
1720    handle this case with the "default" failure case with no loss of
1721    legibility.  Hence, remove all the redundant "case '?':" lines.
1722
1723    Prompted by dlg@.  With help from dlg@ and millert@.
1724
1725    Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2
1726
1727    ok naddy@ millert@ dlg@
1728
1729    OpenBSD-Commit-ID: b2f89346538ce4f5b33ab8011a23e0626a67e66e
1730
1731commit 9a067e8d28a2249fd73f004961e30c113ee85e5d
1732Author: dtucker@openbsd.org <dtucker@openbsd.org>
1733Date:   Wed Dec 7 11:45:43 2022 +0000
1734
1735    upstream: Fix comment typo.
1736
1737    OpenBSD-Regress-ID: 3b04faced6511bb5e74648c6a4ef4bf2c4decf03
1738
1739commit ce3c3e78ce45d68a82c7c8dc89895f297a67f225
1740Author: Darren Tucker <dtucker@dtucker.net>
1741Date:   Wed Dec 7 18:58:25 2022 +1100
1742
1743    Add SANDBOX_DEBUG to the kitchensink test build.
1744
1745commit bc234605fa3eb10f56bf0d74c8ecb0d91ada9d05
1746Author: Damien Miller <djm@mindrot.org>
1747Date:   Wed Dec 7 18:38:25 2022 +1100
1748
1749    disable SANDBOX_SECCOMP_FILTER_DEBUG
1750
1751    It was mistakenly enabled in 2580916e4872
1752
1753    Reported by Peter sec-openssh-com.22.fichtner AT 0sg.net
1754
1755commit b087c5cfa011b27992e01589314fec830266f99d
1756Author: Rose <83477269+AtariDreams@users.noreply.github.com>
1757Date:   Tue Nov 29 15:12:54 2022 -0500
1758
1759    Update autotools
1760
1761    Regenerate config files using latest autotools
1762
1763commit d63f5494978a185c7421d492b9c2f6f05bb54138
1764Author: Darren Tucker <dtucker@dtucker.net>
1765Date:   Tue Dec 6 12:22:36 2022 +1100
1766
1767    Fix typo in comment.  Spotted by tim@
1768
1769commit 73dcca12115aa12ed0d123b914d473c384e52651
1770Author: dtucker@openbsd.org <dtucker@openbsd.org>
1771Date:   Sun Dec 4 11:03:11 2022 +0000
1772
1773    upstream: Remove duplicate includes.
1774
1775     Patch from AtariDreams via github PR#364.
1776
1777    OpenBSD-Commit-ID: b9186638a05cb8b56ef7c0de521922b6723644ea
1778
1779commit 3cec15543010bc8d6997d896b1717a650afb7e92
1780Author: djm@openbsd.org <djm@openbsd.org>
1781Date:   Fri Dec 2 04:40:27 2022 +0000
1782
1783    upstream: make struct sshbuf private
1784
1785    and remove an unused field; ok dtucker
1786
1787    OpenBSD-Commit-ID: c7a3d77c0b8c153d463398606a8d57569186a0c3
1788
1789commit 5796bf8ca9535f9fa7d01829a540d2550e05c860
1790Author: Darren Tucker <dtucker@dtucker.net>
1791Date:   Fri Dec 2 11:43:36 2022 +1100
1792
1793    Restore ssh-agent permissions on exit.
1794
1795    ...enough that subsequent builds can overwrite ssh-agent if necessary.
1796
1797commit ccf5a13868cbb4659107458cac1e017c98abcbda
1798Author: dtucker@openbsd.org <dtucker@openbsd.org>
1799Date:   Thu Dec 1 02:22:13 2022 +0000
1800
1801    upstream: Clean up ssh-add and ssh-agent logs.
1802
1803    OpenBSD-Regress-ID: 9eda8e4c3714d7f943ab2e73ed58a233bd29cd2c
1804
1805commit 7a8b40cf6a5eda80173140cc6750a6db8412fa87
1806Author: dtucker@openbsd.org <dtucker@openbsd.org>
1807Date:   Thu Dec 1 02:19:29 2022 +0000
1808
1809    upstream: Log output of ssh-agent and ssh-add
1810
1811    This should  make debugging easier.
1812
1813    OpenBSD-Regress-ID: 5974b02651f428d7e1079b41304c498ca7e306c8
1814
1815commit 4a1805d532616233dd6072e5cd273b96dd3062e6
1816Author: dtucker@openbsd.org <dtucker@openbsd.org>
1817Date:   Tue Nov 29 22:41:14 2022 +0000
1818
1819    upstream: Add void to client_repledge args to fix compiler warning. ok djm@
1820
1821    OpenBSD-Commit-ID: 7e964a641ce4a0a0a11f047953b29929d7a4b866
1822
1823commit 815c4704930aa449edf6e812e99d69e9ffd31f01
1824Author: djm@openbsd.org <djm@openbsd.org>
1825Date:   Mon Nov 28 01:38:22 2022 +0000
1826
1827    upstream: tighten pledge(2) after session establishment
1828
1829    feedback, ok & testing in snaps deraadt@
1830
1831    OpenBSD-Commit-ID: aecf4d49d28586dfbcc74328d9333398fef9eb58
1832
1833commit f7cebbbf407d772ed71403d314343766782fe540
1834Author: djm@openbsd.org <djm@openbsd.org>
1835Date:   Mon Nov 28 01:37:36 2022 +0000
1836
1837    upstream: New EnableEscapeCommandline ssh_config(5) option
1838
1839    This option (default "no") controls whether the ~C escape is available.
1840    Turning it off by default means we will soon be able to use a stricter
1841    default pledge(2) in the client.
1842
1843    feedback deraadt@ dtucker@; tested in snaps for a while
1844
1845    OpenBSD-Commit-ID: 7e277595d60acb8263118dcb66554472257b387a
1846
1847commit d323f7ecf52e3d4ec1f4939bf31693e02f891dca
1848Author: mbuhl@openbsd.org <mbuhl@openbsd.org>
1849Date:   Fri Nov 18 19:47:40 2022 +0000
1850
1851    upstream: In channel_request_remote_forwarding the parameters for
1852
1853    permission_set_add are leaked as they are also duplicated in the call. Found
1854    by CodeChecker. ok djm
1855
1856    OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
1857
1858commit 62cc33e6eed847aafdc29e34aa69e9bd82a0ee16
1859Author: Darren Tucker <dtucker@dtucker.net>
1860Date:   Wed Nov 30 11:23:11 2022 +1100
1861
1862    Use -fzero-call-used-regs=used on clang 15.
1863
1864    clang 15 seems to have a problem with -fzero-call-used-reg=all which
1865    causes spurious "incorrect signature" failures with ED25519.  On those
1866    versions, use -fzero-call-used-regs=used instead.  (We may add exceptions
1867    later if specific versions prove to be OK).  Also move the GCC version
1868    check to match.
1869
1870    Initial investigation by Daniel Pouzzner (douzzer at mega nu), workaround
1871    suggested by Bill Wendling (morbo at google com).  bz#3475, ok djm@
1872
1873commit f84b9cffd52c9c5c359a54a1929f9948e803ab1d
1874Author: Darren Tucker <dtucker@dtucker.net>
1875Date:   Mon Nov 28 21:09:28 2022 +1100
1876
1877    Skip unit tests on slow riscv64 hardware.
1878
1879commit 9f2747e0bed3faca92679eae69aef10c95dc82f5
1880Author: Darren Tucker <dtucker@dtucker.net>
1881Date:   Sun Nov 27 15:26:22 2022 +1100
1882
1883    Rework how selfhosted tests interact with runners.
1884
1885    Previously there was one runner per test target (mostly VMs).  This had
1886    a few limitations:
1887     - multiple tests that ran on the same target (eg multiple build
1888       configs) were serialized on availability or that runner.
1889     - it needed manual balancing of VMs over host machines.
1890
1891    To address this, make VMs that use ephemeral disks (ie most of them)
1892    all use a pool of runners with the "libvirt" label.  This requires that
1893    we distinguish between "host" and "target" for those.  Native runners
1894    and VMs with persistent disks (eg the constantly-updated snapshot ones)
1895    specify the same host and target.
1896
1897    This should improve test throughput.
1898
1899commit d664ddaec87bdc7385be8ef7f1337793e1679d48
1900Author: Darren Tucker <dtucker@dtucker.net>
1901Date:   Sun Nov 27 12:19:37 2022 +1100
1902
1903    Run vmstartup from temp dir.
1904
1905    This will allow us to create ephemeral disk images per-runner.
1906
1907commit 0fa16e952b1fc1c4cf65e3dd138b0e87003e2e45
1908Author: Darren Tucker <dtucker@dtucker.net>
1909Date:   Sun Nov 27 12:14:00 2022 +1100
1910
1911    Make "config" in matrix singular and pass in env.
1912
1913    This will allow the startup scripts to adapt their behaviour based on
1914    the type and config.
1915
1916commit e8857043af54809187be1e8b06749db61112899f
1917Author: Darren Tucker <dtucker@dtucker.net>
1918Date:   Sun Nov 27 11:42:22 2022 +1100
1919
1920    Add "libvirt" label to dfly30.
1921
1922commit 9775473d84902dc37753686cd10ae71fbe67efda
1923Author: Darren Tucker <dtucker@dtucker.net>
1924Date:   Sun Nov 27 09:28:20 2022 +1100
1925
1926    Rename "os" in matrix to "target".
1927
1928    This is in preparation to distinguish this from the host that the runner
1929    runs on in case where they are separate (eg VMs).
1930
1931commit 04fd00ceff39f4544ced6f5342060abe584835d0
1932Author: Darren Tucker <dtucker@dtucker.net>
1933Date:   Sun Nov 27 09:23:04 2022 +1100
1934
1935    Remove unused self-hosted test targets.
1936
1937commit c9d9fcad2a11c1cd1550a541f44091d65f0b5584
1938Author: Darren Tucker <dtucker@dtucker.net>
1939Date:   Sun Nov 27 09:16:15 2022 +1100
1940
1941    Remove explicit "default" test config argument.
1942
1943    Not specifying the test config implicitly selects default args.
1944
1945commit 15a01cf15f396f87c6d221c5a6af98331c818962
1946Author: Darren Tucker <dtucker@dtucker.net>
1947Date:   Wed Nov 23 13:18:54 2022 +1100
1948
1949    Add fallback for old platforms w/out MAP_ANON.
1950
1951commit 6b9bbbfe8b26db6e9a30a7e08c223e85421aed98
1952Author: Darren Tucker <dtucker@dtucker.net>
1953Date:   Wed Nov 23 13:09:11 2022 +1100
1954
1955    If we haven't found it yet, recheck for sys/stat.h.
1956
1957    On some very old platforms, sys/stat.h needs sys/types.h, however
1958    autoconf 2.71's AC_CHECK_INCLUDES_DEFAULT checks for them in the
1959    opposite order, which in combination with modern autoconf's
1960    "present but cannot be compiled" behaviour causes it to not be
1961    detected.
1962
1963commit 8926956f22639132a9f2433fcd25224e01b900f5
1964Author: Darren Tucker <dtucker@dtucker.net>
1965Date:   Fri Nov 11 11:25:37 2022 +1100
1966
1967    Add dfly62 test target.
1968
1969commit 650de7ecd3567b5a5dbf16dd1eb598bd8c20bca8
1970Author: dtucker@openbsd.org <dtucker@openbsd.org>
1971Date:   Thu Nov 10 23:03:10 2022 +0000
1972
1973    upstream: Handle dynamic remote port forwarding in escape commandline's
1974
1975    -R processing. bz#3499, ok djm@
1976
1977    OpenBSD-Commit-ID: 194ee4cfe7ed0e2b8ad0727f493c798a50454208
1978
1979commit 5372db7e7985ba2c00f20fdff8942145ca99e033
1980Author: Darren Tucker <dtucker@dtucker.net>
1981Date:   Thu Nov 10 12:44:51 2022 +1100
1982
1983    Remove seed passing over reexec.
1984
1985    This was added for the benefit of platforms using ssh-rand-helper to
1986    prevent a delay on each connection as sshd reseeded itself.
1987
1988    ssh-random-helper is long gone, and since the re-exec happens before the
1989    chroot the re-execed sshd can reseed itself normally. ok djm@
1990
1991commit ca98d3f8c64cfc51af81e1b01c36a919d5947ec2
1992Author: Darren Tucker <dtucker@dtucker.net>
1993Date:   Wed Nov 9 20:59:20 2022 +1100
1994
1995    Skip reexec test on OpenSSL 1.1.1 specifically.
1996
1997    OpenSSL 1.1.1 has a bug in its RNG that breaks reexec fallback, so skip
1998    that test.  See bz#3483 for details.
1999
2000commit 5ec4ebc2548e5f7f1b55b2a5cef5b67bdca8146f
2001Author: dtucker@openbsd.org <dtucker@openbsd.org>
2002Date:   Wed Nov 9 09:04:12 2022 +0000
2003
2004    upstream: Fix typo in fatal error message.
2005
2006    Patch from vapier at chromium.org.
2007
2008    OpenBSD-Commit-ID: 8a0c164a6a25eef0eedfc30df95bfa27644e35cf
2009
2010commit e6abafe9a6d809422d3432b95b3f9747b0acaa71
2011Author: dtucker@openbsd.org <dtucker@openbsd.org>
2012Date:   Wed Nov 9 09:01:52 2022 +0000
2013
2014    upstream: Remove errant colon and simplify format
2015
2016    string in error messages. Patch from vapier at chromium.org.
2017
2018    OpenBSD-Commit-ID: fc28466ebc7b74e0072331947a89bdd239c160d3
2019
2020commit db2027a687516f87c3fb141e87154bb3d8a7807c
2021Author: djm@openbsd.org <djm@openbsd.org>
2022Date:   Wed Nov 9 01:37:44 2022 +0000
2023
2024    upstream: rename client_global_hostkeys_private_confirm() to
2025
2026    client_global_hostkeys_prove_confirm(), as it handles the
2027    "hostkeys-prove00@openssh.com" message; no functional change
2028
2029    OpenBSD-Commit-ID: 31e09bd3cca6eed26855b88fb8beed18e9bd026d
2030
2031commit 1c2be7c2004cf1abcd172fee9fe3eab57cd4c426
2032Author: djm@openbsd.org <djm@openbsd.org>
2033Date:   Wed Nov 9 00:15:59 2022 +0000
2034
2035    upstream: typo in comment
2036
2037    OpenBSD-Commit-ID: 39c58f41e0f32d1ff31731fa6f5bbbc3ad25084a
2038
2039commit cf1a9852d7fc93e4abc4168aed09529a57427cdc
2040Author: Darren Tucker <dtucker@dtucker.net>
2041Date:   Wed Nov 9 09:23:47 2022 +1100
2042
2043    Defer seed_rng until after closefrom call.
2044
2045    seed_rng will initialize OpenSSL, and some engine providers (eg Intel's
2046    QAT) will open descriptors for their own use.  bz#3483, patch from
2047    joel.d.schuetze at intel.com, ok djm@
2048
2049commit dffa64480163fbf76af7e4fb62c26bb0dd6642aa
2050Author: Darren Tucker <dtucker@dtucker.net>
2051Date:   Wed Nov 9 08:27:47 2022 +1100
2052
2053    Fix comment text.  From emaste at freebsd.org.
2054
2055commit d9df5689c29823ab830ec4f54c83c6cc3c0077ad
2056Author: Pierre Ossman <ossman@cendio.se>
2057Date:   Wed Jul 6 13:52:10 2022 +0200
2058
2059    Avoid assuming layout of fd_set
2060
2061    POSIX doesn't specify the internal layout of the fd_set object, so let's
2062    not assume it is just a bit mask. This increases compatibility with
2063    systems that have a different layout.
2064
2065    The assumption is also worthless as we already refuse to use file
2066    descriptors over FD_SETSIZE anyway. Meaning that the default size of
2067    fd_set is quite sufficient.
2068
2069commit 419aa8a312e8d8f491933ca3d5933e602cb05aae
2070Author: Darren Tucker <dtucker@dtucker.net>
2071Date:   Tue Nov 8 12:42:52 2022 +1100
2072
2073    Shutdown any VM before trying to check out repo.
2074
2075    In the case where the previous run did not clean up, the checkout will
2076    fail as it'll leave a stale mount.
2077
2078commit a32c07cbb78f65d8527642b96474a83b413f8108
2079Author: Darren Tucker <dtucker@dtucker.net>
2080Date:   Tue Nov 8 11:33:25 2022 +1100
2081
2082    Run vm startup and shutdown from runner temp dir.
2083
2084    Should work even if the github workspace dir is on a stale sshfs mount.
2085
2086commit 2b40a7dfcdb8e616155b9504145aa52b271455aa
2087Author: Darren Tucker <dtucker@dtucker.net>
2088Date:   Tue Nov 8 11:03:31 2022 +1100
2089
2090    Add valrind-5 test here too.
2091
2092commit 2ea03d1f6d0a05ee2b63ed2dc0f2d54f1e4655a1
2093Author: Darren Tucker <dtucker@dtucker.net>
2094Date:   Tue Nov 8 09:21:10 2022 +1100
2095
2096    Update checkout and upload actions.
2097
2098    Update actions/checkout and actions/upload-artifact to main branch for
2099    compatibility with node.js v16.
2100
2101commit 4e316ff0f18a118232bb9ac6512ee62773a9e8ea
2102Author: Darren Tucker <dtucker@dtucker.net>
2103Date:   Tue Nov 8 09:17:04 2022 +1100
2104
2105    Split out rekey test since it runs the longest.
2106
2107commit 21625a6424258a92a96a3bb73ae6aabc5ed8a6b4
2108Author: dtucker@openbsd.org <dtucker@openbsd.org>
2109Date:   Mon Nov 7 10:09:28 2022 +0000
2110
2111    upstream: The IdentityFile option in ssh_config can also be used to
2112
2113    specify a public key file, as documented in ssh.1 for the -i option. Document
2114    this also for IdentityFile in ssh_config.5, for documentation completeness.
2115    From laalsaas at systemli.org via portable github PR#352, ok jmc@ djm@
2116
2117    OpenBSD-Commit-ID: 2f943be9f96e60ef81a9a4faa25b009999f9883b
2118
2119commit 747691604d3325ed2b62bad85b6fd8563ad32f6c
2120Author: dtucker@openbsd.org <dtucker@openbsd.org>
2121Date:   Mon Nov 7 10:05:38 2022 +0000
2122
2123    upstream: Remove some set but otherwise unused variables, spotted
2124
2125    in -portable by clang 16's -Wunused-but-set-variable.  ok djm@
2126
2127    OpenBSD-Commit-ID: 3d943ddf2369b38fbf89f5f19728e7dc1daf3982
2128
2129commit 1d78d25653805aefc7a8dd9d86cd7359ada3823c
2130Author: dtucker@openbsd.org <dtucker@openbsd.org>
2131Date:   Mon Nov 7 10:02:59 2022 +0000
2132
2133    upstream: Check for and disallow MaxStartups values less than or
2134
2135    equal to zero during config parsing, rather than faling later at runtime.
2136    bz#3489, ok djm@
2137
2138    OpenBSD-Commit-ID: d79c2b7a8601eb9be493629a91245d761154308b
2139
2140commit a00f59a645072e5f5a8d207af15916a7b23e2642
2141Author: djm@openbsd.org <djm@openbsd.org>
2142Date:   Mon Nov 7 04:04:40 2022 +0000
2143
2144    upstream: fix parsing of hex cert expiry time; was checking whether the
2145
2146    start time began with "0x", not the expiry time.
2147
2148    from Ed Maste
2149
2150    OpenBSD-Commit-ID: 6269242c3e1a130b47c92cfca4d661df15f05739
2151
2152commit f58acaf8c7315483f4ac87d46a1aa2142a713cd8
2153Author: Darren Tucker <dtucker@dtucker.net>
2154Date:   Mon Nov 7 15:10:59 2022 +1100
2155
2156    Fix merge conflict.
2157
2158commit 162e5741020a8d996c0c12b988b118e71ed728e6
2159Author: Darren Tucker <dtucker@dtucker.net>
2160Date:   Mon Nov 7 15:04:33 2022 +1100
2161
2162    Branch-specific links for master status badges.
2163
2164commit e4b7c12ab24579312aa3ed38ce7041a439ec2d56
2165Author: Darren Tucker <dtucker@dtucker.net>
2166Date:   Mon Nov 7 14:46:38 2022 +1100
2167
2168    Add CIFuzz status badge.
2169
2170commit b496b9f831acd1e5bcd875e26e797488beef494a
2171Author: Darren Tucker <dtucker@dtucker.net>
2172Date:   Mon Nov 7 14:45:16 2022 +1100
2173
2174    Do not run CIFuzz on selfhosted tree.
2175
2176    We already run it on the regular tree, no need to double up.
2177
2178commit 2138b1c4ddb300129a41a5104627b0d561184c7b
2179Author: Darren Tucker <dtucker@dtucker.net>
2180Date:   Mon Nov 7 14:41:58 2022 +1100
2181
2182    Whitespace change to trigger CIFuzz workflow.
2183
2184commit 4670b97ef87c7b0f21283c9b07c7191be88dda05
2185Author: Darren Tucker <dtucker@dtucker.net>
2186Date:   Mon Nov 7 14:34:04 2022 +1100
2187
2188    Run cifuzz workflow on the actions as regular CI.
2189
2190commit 79391e66ce851ace1baf3c6a35e83a23f08ec2ba
2191Author: David Korczynski <david@adalogics.com>
2192Date:   Tue Nov 30 11:45:20 2021 +0000
2193
2194    Add CIFuzz integration
2195
2196commit c1893364a0be243270014d7d34362a8101d55112
2197Author: dtucker@openbsd.org <dtucker@openbsd.org>
2198Date:   Mon Nov 7 02:21:22 2022 +0000
2199
2200    upstream: Import regenerated moduli.
2201
2202    OpenBSD-Commit-ID: b0e54ee4d703bd6929bbc624068666a7a42ecb1f
2203
2204commit 5c3f18fb994ef27e685b205ee2351851b80fdbd1
2205Author: dtucker@openbsd.org <dtucker@openbsd.org>
2206Date:   Mon Nov 7 01:53:01 2022 +0000
2207
2208    upstream: Fix typo. From pablomh via -portable github PR#344.
2209
2210    OpenBSD-Commit-ID: d056ee2e73691dc3ecdb44a6de68e6b88cd93827
2211
2212commit e1c6fcc142066417c9832e634463faa3dd5d116c
2213Author: Darren Tucker <dtucker@dtucker.net>
2214Date:   Mon Nov 7 12:46:58 2022 +1100
2215
2216    Link to branch-specific queries for V_9_1 status.
2217
2218commit 4f4a5fad6d8892c3f8ee9cd81ec7de6458210c9f
2219Author: Darren Tucker <dtucker@dtucker.net>
2220Date:   Sun Nov 6 10:55:59 2022 +1100
2221
2222    Use "prohibit-password" in -portable comments.
2223
2224    "without-password" is the deprecated alias for "prohibit-password",
2225    so we should reference the latter. From emaste at freebsd.org.
2226
2227commit 0f7e1eba55259ec037f515000b4c4afbf446230a
2228Author: Darren Tucker <dtucker@dtucker.net>
2229Date:   Sun Nov 6 10:50:01 2022 +1100
2230
2231    Fix tracing disable on FreeBSD.
2232
2233    Some versions of FreeBSD do not support using id 0 to refer to the
2234    current pid for procctl, so pass getpid() explicitly.  From
2235    emaste at freebsd.org.
2236
2237commit 32fddb982fd61b11a2f218a115975a87ab126d43
2238Author: Darren Tucker <dtucker@dtucker.net>
2239Date:   Mon Nov 7 10:39:01 2022 +1100
2240
2241    Fix setres*id checks to work with clang-16.
2242
2243    glibc has the prototypes for setresuid and setresgid behind _GNU_SOURCE,
2244    and clang 16 will error out on implicit function definitions, so add
2245    _GNU_SOURCE and the required headers to the configure checks.  From
2246    sam at @gentoo.org via bz#3497.
2247
2248commit 12af712d116f42164bcfa56db901d06e4fa27199
2249Author: Sam James <sam@gentoo.org>
2250Date:   Sun Nov 6 04:52:38 2022 +0000
2251
2252    configure.ac: Fix -Wstrict-prototypes
2253
2254    Clang 16 now warns on this and it'll be removed in C23, so let's
2255    just be future proof. It also reduces noise when doing general
2256    Clang 16 porting work (which is a big job as it is).  github PR#355.
2257
2258    Signed-off-by: Sam James <sam@gentoo.org>
2259
2260commit 40b0a5eb6e3edfa2886b60c09c7803353b0cc7f5
2261Author: Sam James <sam@gentoo.org>
2262Date:   Sun Nov 6 04:47:35 2022 +0000
2263
2264    configure.ac: Add <pty.h> include for openpty
2265
2266    Another Clang 16ish fix (which makes -Wimplicit-function-declaration
2267    an error by default).  github PR#355.
2268
2269    See: 2efd71da49b9cfeab7987058cf5919e473ff466b
2270    See: be197635329feb839865fdc738e34e24afd1fca8
2271
2272commit 6b17e128879ec6cc32ca2c28b5d894b4aa72e32d
2273Author: Rochdi Nassah <rochdinassah.1998@gmail.com>
2274Date:   Fri Oct 28 01:26:31 2022 +0100
2275
2276    Fix broken zlib link.
2277
2278commit 99500df246ccb736ddbdd04160dcc82165d81a77
2279Author: Darren Tucker <dtucker@dtucker.net>
2280Date:   Fri Nov 4 16:59:26 2022 +1100
2281
2282    Don't run openbsd-compat tests on Cygwin.
2283
2284    Add "compat-tests" to the default TEST_TARGET so we can override as
2285    necessary.  Override TEST_TARGET for Cygwin as the tests don't currently
2286    compile there.
2287
2288commit 3cae9f92a31897409666aa1e6f696f779759332b
2289Author: djm@openbsd.org <djm@openbsd.org>
2290Date:   Thu Nov 3 21:59:20 2022 +0000
2291
2292    upstream: replace recently-added valid_domain() check for hostnames
2293
2294    going to known_hosts with a more relaxed check for bad characters; previous
2295    commit broke address literals. Reported by/feedback from florian@
2296
2297    OpenBSD-Commit-ID: 10b86dc6a4b206adaa0c11b58b6d5933898d43e0
2298
2299commit 9655217231c9056200bea7ae2dffcc9c0c3eb265
2300Author: Darren Tucker <dtucker@dtucker.net>
2301Date:   Thu Nov 3 23:07:50 2022 +1100
2302
2303    Rerun tests on changes to Makefile.in in any dir.
2304
2305commit 3500f0405a3ab16b59a26f3508c4257a3fc3bce6
2306Author: Darren Tucker <dtucker@dtucker.net>
2307Date:   Thu Nov 3 23:04:08 2022 +1100
2308
2309    Link libssh into compat tests.
2310
2311    The cygwin compat code uses xmalloc, so add libssh.a so pick up that.
2312
2313commit ec59effcf65b8a4c85d47ff5a271123259dd0ab8
2314Author: Darren Tucker <dtucker@dtucker.net>
2315Date:   Thu Nov 3 21:44:23 2022 +1100
2316
2317    Fix compat regress to work with non-GNU make.
2318
2319commit 73550a218e7dfbbd599534cbf856309bc924f6fd
2320Author: Darren Tucker <dtucker@dtucker.net>
2321Date:   Thu Nov 3 13:41:16 2022 +1100
2322
2323    Increase selfhosted job timeout.
2324
2325    The default job timeout of 360 (6h) is not enough to complete the
2326    regress tests for some of the slow VMs depending on the load on the host.
2327    Increase to 600 (10h).
2328
2329commit db97d8d0b90c6ce52b94b153d6f8f5f7d3b11777
2330Author: Darren Tucker <dtucker@dtucker.net>
2331Date:   Thu Nov 3 10:00:43 2022 +1100
2332
2333    Only run opensslver tests if built with OpenSSL.
2334
2335commit ba053709638dff2f6603df0c1f340352261d63ea
2336Author: Darren Tucker <dtucker@dtucker.net>
2337Date:   Wed Nov 2 14:16:04 2022 +1100
2338
2339    Add tests for OpenSSL 3.0.7 and LibreSSL 3.6.1.
2340
2341commit edd24101c7e17d1a8f6576e1aaf62233b47ad6f5
2342Author: Darren Tucker <dtucker@dtucker.net>
2343Date:   Thu Nov 3 08:17:39 2022 +1100
2344
2345    Run compat regress tests too.
2346
2347commit fe88d67e7599b0bc73f6e4524add28d743e7f977
2348Author: Darren Tucker <dtucker@dtucker.net>
2349Date:   Thu Nov 3 08:14:05 2022 +1100
2350
2351    Compat tests need libcrypto.
2352
2353    This was moved to CHANNELLIBS during the libs refactor.  Spotted by
2354    rapier at psc.edu.
2355
2356commit 96b519726b7944eee3c23a54eee3d5c031ba1533
2357Author: Darren Tucker <dtucker@dtucker.net>
2358Date:   Thu Nov 3 04:24:39 2022 +1100
2359
2360    Include time.h when defining timegm.
2361
2362    Fixes build on some platforms eg recent AIX.
2363
2364commit da6038bd5cd55eb212eb2aec1fc8ae79bbf76156
2365Author: Darren Tucker <dtucker@dtucker.net>
2366Date:   Tue Nov 1 19:10:30 2022 +1100
2367
2368    Always use compat getentropy.
2369
2370    Have it call native getentropy and fall back as required.  Should fix
2371    issues of platforms where libc has getentropy but it is not implemented
2372    in the kernel.  Based on github PR#354 from simsergey.
2373
2374commit 5ebe18cab6be3247b44c807ac145164010465b82
2375Author: Darren Tucker <dtucker@dtucker.net>
2376Date:   Wed Nov 2 10:51:48 2022 +1100
2377
2378    Check for sockaddr_in.sin_len.
2379
2380    If found, set SOCK_HAS_LEN which is used in addr.c.  Should fix keyscan
2381    tests on platforms with this (eg old NetBSD).
2382
2383commit a1febadf426536612c2734168d409147c392e7cf
2384Author: dtucker@openbsd.org <dtucker@openbsd.org>
2385Date:   Sun Oct 30 18:42:07 2022 +0000
2386
2387    upstream: Use variable for diff options
2388
2389    instead of unconditionally specifying "-rN". This will make life easier
2390    in -portable where not all diff's understand -N.
2391
2392    OpenBSD-Regress-ID: 8b8a407115546be1c6d72d350b1e4f1f960d3cd3
2393
2394commit f6d3ed9a8a9280cbb68d6a499850cfe810e92bd0
2395Author: Darren Tucker <dtucker@dtucker.net>
2396Date:   Mon Oct 31 05:13:02 2022 +1100
2397
2398    OpenSSL dev branch is 302 not 320.
2399
2400    While there, also accept 301 which it shat it was previously.
2401
2402commit 25c8a2bbcc10c493d27faea57c42a6bf13fa51f2
2403Author: djm@openbsd.org <djm@openbsd.org>
2404Date:   Fri Oct 28 02:47:04 2022 +0000
2405
2406    upstream: put sshkey_check_rsa_length() back in sshkey.c to unbreak
2407
2408    OPENSSL=no builds
2409
2410    OpenBSD-Commit-ID: 99eec58abe382ecd14b14043b195ee1babb9cf6e
2411
2412commit 1192588546c29ceec10775125f396555ea71850f
2413Author: djm@openbsd.org <djm@openbsd.org>
2414Date:   Fri Oct 28 02:29:34 2022 +0000
2415
2416    upstream: allow ssh-keyscan(1) to accept CIDR address ranges, e.g.
2417
2418    ssh-keyscan 192.168.0.0/24
2419
2420    If a CIDR range is passed, then it will be expanded to all possible
2421    addresses in the range including the all-0s and all-1s addresses.
2422
2423    bz#976 feedback/ok markus@
2424
2425    OpenBSD-Commit-ID: ce6c5211f936ac0053fd4a2ddb415277931e6c4b
2426
2427commit 64af4209309461c79c39eda2d13f9d77816c6398
2428Author: Damien Miller <djm@mindrot.org>
2429Date:   Fri Oct 28 12:54:35 2022 +1100
2430
2431    fix merge botch
2432
2433commit 27267642699342412964aa785b98afd69d952c88
2434Author: djm@openbsd.org <djm@openbsd.org>
2435Date:   Fri Oct 28 00:44:44 2022 +0000
2436
2437    upstream: refactor sshkey_private_deserialize
2438
2439    feedback/ok markus@
2440
2441    OpenBSD-Commit-ID: f5ca6932fdaf840a5e8250becb38315a29b5fc9f
2442
2443commit 2519a7077a9332f70935e5242ba91ee670ed6b87
2444Author: djm@openbsd.org <djm@openbsd.org>
2445Date:   Fri Oct 28 00:44:17 2022 +0000
2446
2447    upstream: refactor sshkey_private_serialize_opt()
2448
2449    feedback/ok markus@
2450
2451    OpenBSD-Commit-ID: 61e0fe989897901294efe7c3b6d670cefaf44cbd
2452
2453commit 11a768adf98371fe4e43f3b06014024c033385d5
2454Author: djm@openbsd.org <djm@openbsd.org>
2455Date:   Fri Oct 28 00:43:30 2022 +0000
2456
2457    upstream: refactor certify
2458
2459    feedback/ok markus@
2460
2461    OpenBSD-Commit-ID: 35d742992e223eaca3537e6fb3d3002c08eed4f6
2462
2463commit 3fbc58bb249d967cc43ebdc554f6781bb73d4a58
2464Author: djm@openbsd.org <djm@openbsd.org>
2465Date:   Fri Oct 28 00:43:08 2022 +0000
2466
2467    upstream: refactor sshkey_sign() and sshkey_verify()
2468
2469    feedback/ok markus@
2470
2471    OpenBSD-Commit-ID: 368e662c128c99d05cc043b1308d2b6c71a4d3cc
2472
2473commit a1deb6cdbbe6afaab74ecb08fcb62db5739267be
2474Author: djm@openbsd.org <djm@openbsd.org>
2475Date:   Fri Oct 28 00:41:52 2022 +0000
2476
2477    upstream: refactor sshkey_from_blob_internal()
2478
2479    feedback/ok markus@
2480
2481    OpenBSD-Commit-ID: 1f46c0cbb8060ee9666a02749594ad6658c8e283
2482
2483commit 7d00799c935271ce89300494c5677190779f6453
2484Author: djm@openbsd.org <djm@openbsd.org>
2485Date:   Fri Oct 28 00:41:17 2022 +0000
2486
2487    upstream: refactor sshkey_from_private()
2488
2489    feedback/ok markus@
2490
2491    OpenBSD-Commit-ID: e5dbe7a3545930c50f70ee75c867a1e08b382b53
2492
2493commit 262647c2e920492ca57f1b9320d74f4a0f6e482b
2494Author: djm@openbsd.org <djm@openbsd.org>
2495Date:   Fri Oct 28 00:39:29 2022 +0000
2496
2497    upstream: factor out key generation
2498
2499    feedback/ok markus@
2500
2501    OpenBSD-Commit-ID: 5b4211bff4de8d9adb84bc72857a8c42c44e7ceb
2502
2503commit 401c74e7dc15eab60540653d2f94d9306a927bab
2504Author: djm@openbsd.org <djm@openbsd.org>
2505Date:   Fri Oct 28 00:38:58 2022 +0000
2506
2507    upstream: refactor and simplify sshkey_read()
2508
2509    feedback/ok markus@
2510
2511    OpenBSD-Commit-ID: 0d93b7a56e31cd06a8bb0d2191d084ce254b0971
2512
2513commit 591fed94e66a016acf87f4b7cd416ce812f2abe8
2514Author: djm@openbsd.org <djm@openbsd.org>
2515Date:   Fri Oct 28 00:37:24 2022 +0000
2516
2517    upstream: factor out public key serialization
2518
2519    feedback/ok markus@
2520
2521    OpenBSD-Commit-ID: a3570c4b97290c5662890aea7328d87f55939033
2522
2523commit 1e78844ae2b2dc01ba735d5ae740904c57e13685
2524Author: djm@openbsd.org <djm@openbsd.org>
2525Date:   Fri Oct 28 00:36:31 2022 +0000
2526
2527    upstream: factor out sshkey_equal_public()
2528
2529    feedback/ok markus@
2530
2531    OpenBSD-Commit-ID: 1368ba114cb37732fe6ec3d89c7e6d27ea6fdc94
2532
2533commit 25de1c01a8b9a2c8ab9b1da22444a03e89c982de
2534Author: djm@openbsd.org <djm@openbsd.org>
2535Date:   Fri Oct 28 00:35:40 2022 +0000
2536
2537    upstream: begin big refactor of sshkey
2538
2539    Move keytype data and some of the type-specific code (allocation,
2540    cleanup, etc) out into each key type's implementation. Subsequent
2541    commits will move more, with the goal of having each key-*.c file
2542    owning as much of its keytype's implementation as possible.
2543
2544    lots of feedback + ok markus@
2545
2546    OpenBSD-Commit-ID: 0f2b4334f73914344e9e5b3d33522d41762a57ec
2547
2548commit 445363433ba20b8a3e655b113858c836da46a1cb
2549Author: djm@openbsd.org <djm@openbsd.org>
2550Date:   Mon Oct 24 22:43:36 2022 +0000
2551
2552    upstream: Be more paranoid with host/domain names coming from the
2553
2554    never write a name with bad characters to a known_hosts file.
2555
2556    reported by David Leadbeater, ok deraadt@
2557
2558    OpenBSD-Commit-ID: ba9b25fa8b5490b49398471e0c9657b0cbc7a5ad
2559
2560commit 7190154de2c9fe135f0cc1ad349cb2fa45152b89
2561Author: djm@openbsd.org <djm@openbsd.org>
2562Date:   Mon Oct 24 21:52:50 2022 +0000
2563
2564    upstream: regress test for unmatched glob characters; fails before
2565
2566    previous commit but passes now. bz3488; prodded by dtucker@
2567
2568    OpenBSD-Regress-ID: 0cc5cc9ea4a6fd170dc61b9212f15badaafb3bbd
2569
2570commit a4821a592456c3add3cd325db433110cdaaa3e5c
2571Author: djm@openbsd.org <djm@openbsd.org>
2572Date:   Mon Oct 24 21:51:55 2022 +0000
2573
2574    upstream: when scp(1) is using the SFTP protocol for transport (the
2575
2576    default), better match scp/rcp's handling of globs that don't match the
2577    globbed characters but do match literally (e.g. trying to transfer
2578    "foo.[1]").
2579
2580    Previously scp(1) in SFTP mode would not match these pathnames but
2581    legacy scp/rcp mode would.
2582
2583    Reported by Michael Yagliyan in bz3488; ok dtucker@
2584
2585    OpenBSD-Commit-ID: d8a3773f53015ba811fddba7473769a2fd343e11
2586
2587commit 18376847b8043ba967eabbe23692ef74c9a3fddc
2588Author: jsg@openbsd.org <jsg@openbsd.org>
2589Date:   Thu Oct 13 09:09:28 2022 +0000
2590
2591    upstream: use correct type with sizeof ok djm@
2592
2593    OpenBSD-Commit-ID: d6c882c2e8a42ff831a5b3cbc2c961ecb2dd6143
2594
2595commit 4a4883664d6b4e9e4e459a8cdc16bd8d4b735de9
2596Author: jmc@openbsd.org <jmc@openbsd.org>
2597Date:   Fri Oct 7 06:00:58 2022 +0000
2598
2599    upstream: ssh-agent.1: - use Nm not Xr for self-ref - while here,
2600
2601    wrap a long line
2602
2603    ssh-agent.c:
2604    - add -O to usage()
2605
2606    OpenBSD-Commit-ID: 855dac4695cef22e96d69c53436496bc408ca389
2607
2608commit 9fd2441113fce2a83fc7470968c3b27809cc7f10
2609Author: djm@openbsd.org <djm@openbsd.org>
2610Date:   Fri Oct 7 04:06:26 2022 +0000
2611
2612    upstream: document "-O no-restrict-websafe"; spotted by Ross L
2613
2614    Richardson
2615
2616    OpenBSD-Commit-ID: fe9eaa50237693a14ebe5b5614bf32a02145fe8b
2617
2618commit 614252b05d70f798a0929b1cd3d213030ad4d007
2619Author: Darren Tucker <dtucker@dtucker.net>
2620Date:   Tue Oct 18 06:29:16 2022 +1100
2621
2622    OpenSSL dev branch now identifies as 3.2.0.
2623
2624commit 195e5a65fd793a738ea8451ebfdd1919db5aff3e
2625Author: Damien Miller <djm@mindrot.org>
2626Date:   Mon Oct 17 09:41:47 2022 +1100
2627
2628    revert c64b62338b4 and guard POLL* defines instead
2629
2630    c64b62338b4 broke OSX builds, which do have poll.h but lack ppoll(2)
2631    Spotted by dtucker
2632
2633commit bc2e480d99613bd59720edae244d1764636544c4
2634Author: Damien Miller <djm@mindrot.org>
2635Date:   Fri Oct 14 14:52:22 2022 +1100
2636
2637    undef _get{short,long} before redefining
2638
2639commit 5eb796a369c64f18d55a6ae9b1fa9b35eea237fb
2640Author: Harmen Stoppels <harmenstoppels@gmail.com>
2641Date:   Thu Oct 13 16:08:46 2022 +0200
2642
2643    Fix snprintf configure test for clang 15
2644
2645    Clang 15 -Wimplicit-int defaults to an error in C99 mode and above.
2646    A handful of tests have "main(..." and not "int main(..." which caused
2647    the tests to produce incorrect results.
2648
2649commit c64b62338b46ffa08839f05f21ad69fa6234dc17
2650Author: Damien Miller <djm@mindrot.org>
2651Date:   Mon Oct 10 12:32:43 2022 +1100
2652
2653    skip bsd-poll.h if poll.h found; ok dtucker
2654
2655commit 5ee2b8ccfcf4b606f450eb0ff2305e311f68b0be
2656Author: djm@openbsd.org <djm@openbsd.org>
2657Date:   Thu Oct 6 22:42:37 2022 +0000
2658
2659    upstream: honour user's umask if it is more restrictive then the ssh
2660
2661    default (022); based on patch from Alex Henrie, ok dtucker@ deraadt@
2662
2663    OpenBSD-Commit-ID: fe1b9e15fc9a4f49fc338e848ce14d8727abe82d
2664
2665commit a75cffc2700cebd3e2dd9093f7f7388d2be95cb7
2666Author: Darren Tucker <dtucker@dtucker.net>
2667Date:   Fri Oct 7 03:54:56 2022 +1100
2668
2669    Add LibreSSL 3.6.0 to test suite.
2670
2671    While there, bump OpenSSL to latest 1.1.1q release.
2672
2673commit fcc0f0c0e96a30076683fea9a7c9eedc72931742
2674Author: Darren Tucker <dtucker@dtucker.net>
2675Date:   Thu Oct 6 21:18:16 2022 +1100
2676
2677    Add 9.1 branch to CI status page.
2678
2679commit ef211eee63821d894a8bf81f22bfba9f6899d0fe
2680Author: Darren Tucker <dtucker@dtucker.net>
2681Date:   Tue Oct 4 23:20:23 2022 +1100
2682
2683    Test commits to all branches of portable.
2684
2685    Only test OpenBSD upstream on commits to master since that's what it
2686    tracks.
2687
2688commit fe646de03cafb6593ff4e4954bca9ec4b4b753a8
2689Author: Damien Miller <djm@mindrot.org>
2690Date:   Wed Oct 5 03:47:26 2022 +1100
2691
2692    whitespace at EOL
2693
2694commit a6e1852d10c63a830196e82168dadd957aaf28ec
2695Author: Damien Miller <djm@mindrot.org>
2696Date:   Wed Oct 5 03:40:01 2022 +1100
2697
2698    mention libfido2 autodetection
2699
2700commit 7360c2c206f33d309edbaf64036c96fadf74d640
2701Author: Damien Miller <djm@mindrot.org>
2702Date:   Wed Oct 5 03:37:36 2022 +1100
2703
2704    remove mention of --with-security-key-builtin
2705
2706    it is enabled by default when libfido2 is installed
2707
2708commit 0ffb46f2ee2ffcc4daf45ee679e484da8fcf338c
2709Author: Damien Miller <djm@mindrot.org>
2710Date:   Tue Oct 4 01:51:42 2022 +1100
2711
2712    update .depend
2713
2714commit 657e676ff696c7bb787bffb0e249ea1be3b474e1
2715Author: Damien Miller <djm@mindrot.org>
2716Date:   Tue Oct 4 01:45:52 2022 +1100
2717
2718    update release notes URL
2719
2720commit f059da2b29840c0f048448809c317ce2ae014da7
2721Author: Damien Miller <djm@mindrot.org>
2722Date:   Tue Oct 4 01:45:41 2022 +1100
2723
2724    crank versions in RPM spec files
2725
2726commit b51f3f172d87cbdb80ca4eb7b2149e56a7647557
2727Author: djm@openbsd.org <djm@openbsd.org>
2728Date:   Mon Sep 26 22:18:40 2022 +0000
2729
2730    upstream: openssh-9.1
2731
2732    OpenBSD-Commit-ID: 5a467b2ee81da01a86adf1ad93b62b1728494e56
2733
2734commit 4cf8d0c0f3030f594a238bab21a0695735515487
2735Author: dtucker@openbsd.org <dtucker@openbsd.org>
2736Date:   Wed Sep 21 22:26:50 2022 +0000
2737
2738    upstream: Fix typo. From AlexanderStohr via github PR#343.
2739
2740    OpenBSD-Commit-ID: a134c9b4039e48803fc6a87f955b0f4a03181497
2741
2742commit 8179fed3264d5919899900ed8881d5f9bb57ca33
2743Author: djm@openbsd.org <djm@openbsd.org>
2744Date:   Mon Sep 19 21:39:16 2022 +0000
2745
2746    upstream: add RequiredRSASize to the list of keywords accepted by
2747
2748    -o; spotted by jmc@
2749
2750    OpenBSD-Commit-ID: fe871408cf6f9d3699afeda876f8adbac86a035e
2751
2752commit 5f954929e9f173dd1e279e07d0e8b14fa845814d
2753Author: Damien Miller <djm@mindrot.org>
2754Date:   Mon Sep 19 20:59:34 2022 +1000
2755
2756    no need for glob.h here
2757
2758    it also causes portability problems
2759
2760commit 03d94a47207d58b3db37eba4f87eb6ae5a63168a
2761Author: Damien Miller <djm@mindrot.org>
2762Date:   Mon Sep 19 20:59:04 2022 +1000
2763
2764    avoid Wuninitialized false positive in gcc-12ish
2765
2766commit 9d952529113831fb3071ab6e408d2726fd72e771
2767Author: djm@openbsd.org <djm@openbsd.org>
2768Date:   Mon Sep 19 10:46:00 2022 +0000
2769
2770    upstream: use users-groups-by-id@openssh.com sftp-server extension
2771
2772    (when available) to fill in user/group names for directory listings.
2773    Implement a client-side cache of see uid/gid=>user/group names. ok markus@
2774
2775    OpenBSD-Commit-ID: f239aeeadfa925a37ceee36ee8b256b8ccf4466e
2776
2777commit 8ff680368b0bccf88ae85d4c99de69387fbad7a6
2778Author: djm@openbsd.org <djm@openbsd.org>
2779Date:   Mon Sep 19 10:43:12 2022 +0000
2780
2781    upstream: sftp client library support for
2782
2783    users-groups-by-id@openssh.com; ok markus@
2784
2785    OpenBSD-Commit-ID: ddb2f33a2da6349a9a89a8b5bcb9ca7c999394de
2786
2787commit 488f6e1c582212c2374a4bf8cd1b703d2e70fb8b
2788Author: djm@openbsd.org <djm@openbsd.org>
2789Date:   Mon Sep 19 10:41:58 2022 +0000
2790
2791    upstream: extend sftp-common.c:extend ls_file() to support supplied
2792
2793    user/group names; ok markus@
2794
2795    OpenBSD-Commit-ID: c70c70498b1fdcf158531117e405b6245863bfb0
2796
2797commit 74b77f7497dba3a58315c8f308883de448078057
2798Author: djm@openbsd.org <djm@openbsd.org>
2799Date:   Mon Sep 19 10:40:52 2022 +0000
2800
2801    upstream: sftp-server(8): add a "users-groups-by-id@openssh.com"
2802
2803    extension request that allows the client to obtain user/group names that
2804    correspond to a set of uids/gids.
2805
2806    Will be used to make directory listings more useful and consistent
2807    in sftp(1).
2808
2809    ok markus@
2810
2811    OpenBSD-Commit-ID: 7ebabde0bcb95ef949c4840fe89e697e30df47d3
2812
2813commit 231a346c0c67cc7ca098360f9a554fa7d4f1eddb
2814Author: djm@openbsd.org <djm@openbsd.org>
2815Date:   Mon Sep 19 08:49:50 2022 +0000
2816
2817    upstream: better debugging for connect_next()
2818
2819    OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
2820
2821commit 1875042c52a3b950ae5963c9ca3774a4cc7f0380
2822Author: djm@openbsd.org <djm@openbsd.org>
2823Date:   Sat Sep 17 10:34:29 2022 +0000
2824
2825    upstream: Add RequiredRSASize for sshd(8); RSA keys that fall
2826
2827    beneath this limit will be ignored for user and host-based authentication.
2828
2829    Feedback deraadt@ ok markus@
2830
2831    OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
2832
2833commit 54b333d12e55e6560b328c737d514ff3511f1afd
2834Author: djm@openbsd.org <djm@openbsd.org>
2835Date:   Sat Sep 17 10:33:18 2022 +0000
2836
2837    upstream: add a RequiredRSASize for checking RSA key length in
2838
2839    ssh(1). User authentication keys that fall beneath this limit will be
2840    ignored. If a host presents a host key beneath this limit then the connection
2841    will be terminated (unfortunately there are no fallbacks in the protocol for
2842    host authentication).
2843
2844    feedback deraadt, Dmitry Belyavskiy; ok markus@
2845
2846    OpenBSD-Commit-ID: 430e339b2a79fa9ecc63f2837b06fdd88a7da13a
2847
2848commit 07d8771bacfefbcfb37fa8a6dc6103bcc097e0ab
2849Author: djm@openbsd.org <djm@openbsd.org>
2850Date:   Sat Sep 17 10:30:45 2022 +0000
2851
2852    upstream: Add a sshkey_check_rsa_length() call for checking the
2853
2854    length of an RSA key; ok markus@
2855
2856    OpenBSD-Commit-ID: de77cd5b11594297eda82edc594b0d32b8535134
2857
2858commit 3991a0cf947cf3ae0f0373bcec5a90e86a7152f5
2859Author: djm@openbsd.org <djm@openbsd.org>
2860Date:   Sat Sep 17 10:11:29 2022 +0000
2861
2862    upstream: actually hook up restrict_websafe; the command-line flag
2863
2864    was never actually used. Spotted by Matthew Garrett
2865
2866    OpenBSD-Commit-ID: 0b363518ac4c2819dbaa3dfad4028633ab9cdff1
2867
2868commit 30b2a7e4291fb9e357f80a237931ff008d686d3b
2869Author: djm@openbsd.org <djm@openbsd.org>
2870Date:   Fri Sep 16 06:55:37 2022 +0000
2871
2872    upstream: correct error value
2873
2874    OpenBSD-Commit-ID: 780efcbad76281f11f14b2a5ff04eb6db3dfdad4
2875
2876commit ac1ec9545947d9f9657259f55d04cb49d3a94c8a
2877Author: djm@openbsd.org <djm@openbsd.org>
2878Date:   Fri Sep 16 03:33:14 2022 +0000
2879
2880    upstream: sftp: Be a bit more clever about completions
2881
2882    There are commands (e.g. "get" or "put") that accept two
2883    arguments, a local path and a remote path. However, the way
2884    current completion is written doesn't take this distinction into
2885    account and always completes remote or local paths.
2886
2887    By expanding CMD struct and "cmds" array this distinction can be
2888    reflected and with small adjustment to completer code the correct
2889    path can be completed.
2890
2891    By Michal Privoznik, ok dtucker@
2892
2893    OpenBSD-Commit-ID: 1396d921c4eb1befd531f5c4a8ab47e7a74b610b
2894
2895commit 590db83384f9d99fc51c84505792d26d1ef60df9
2896Author: djm@openbsd.org <djm@openbsd.org>
2897Date:   Fri Sep 16 03:13:34 2022 +0000
2898
2899    upstream: sftp: Don't attempt to complete arguments for
2900
2901    non-existent commands
2902
2903    If user entered a non-existent command (e.g. because they made a
2904    typo) there is no point in trying to complete its arguments. Skip
2905    calling complete_match() if that's the case.
2906
2907    From Michal Privoznik
2908
2909    OpenBSD-Commit-ID: cf39c811a68cde2aeb98fc85addea4000ef6b07a
2910
2911commit ff9809fdfd1d9a91067bb14a77d176002edb153c
2912Author: djm@openbsd.org <djm@openbsd.org>
2913Date:   Wed Sep 14 00:14:37 2022 +0000
2914
2915    upstream: sk_enroll: never drop SSH_SK_USER_VERIFICATION_REQD flag
2916
2917    from response
2918
2919    Now that all FIDO signing calls attempt first without PIN and then
2920    fall back to trying PIN only if that attempt fails, we can remove the
2921    hack^wtrick that removed the UV flag from the keys returned during
2922    enroll.
2923
2924    By Corinna Vinschen
2925
2926    OpenBSD-Commit-ID: 684517608c8491503bf80cd175425f0178d91d7f
2927
2928commit 940dc10729cb5a95b7ee82c10184e2b9621c8a1d
2929Author: djm@openbsd.org <djm@openbsd.org>
2930Date:   Wed Sep 14 00:13:13 2022 +0000
2931
2932    upstream: a little extra debugging
2933
2934    OpenBSD-Commit-ID: edf1601c1d0905f6da4c713f4d9cecc7d1c0295a
2935
2936commit 4b5f91cb959358141181b934156513fcb8a6c1e3
2937Author: djm@openbsd.org <djm@openbsd.org>
2938Date:   Wed Sep 14 00:02:03 2022 +0000
2939
2940    upstream: ssh-agent: attempt FIDO key signing without PIN and use
2941
2942    the error to determine whether a PIN is required and prompt only if
2943    necessary. from Corinna Vinschen
2944
2945    OpenBSD-Commit-ID: dd6be6a0b7148608e834ee737c3479b3270b00dd
2946
2947commit 113523bf0bc33600b07ebb083572c8c346b6fdf4
2948Author: jmc@openbsd.org <jmc@openbsd.org>
2949Date:   Sun Sep 11 06:38:11 2022 +0000
2950
2951    upstream: .Li -> .Vt where appropriate; from josiah frentsos,
2952
2953    tweaked by schwarze
2954
2955    ok schwarze
2956
2957    OpenBSD-Commit-ID: 565046e3ce68b46c2f440a93d67c2a92726de8ed
2958
2959commit 86af013b56cecb5ee58ae0bd9d495cd586fc5918
2960Author: jsg@openbsd.org <jsg@openbsd.org>
2961Date:   Sat Sep 10 08:50:53 2022 +0000
2962
2963    upstream: fix repeated words ok miod@ jmc@
2964
2965    OpenBSD-Commit-ID: 6765daefe26a6b648cc15cadbbe337596af709b7
2966
2967commit 0ba39b93b326a7d5dfab776cc9b9d326161a9b16
2968Author: djm@openbsd.org <djm@openbsd.org>
2969Date:   Fri Sep 9 03:31:42 2022 +0000
2970
2971    upstream: notifier_complete(NULL, ...) is a noop, so no need to test
2972
2973    that ctx!=NULL; from Corinna Vinschen
2974
2975    OpenBSD-Commit-ID: ade2f2e9cc519d01a586800c25621d910bce384a
2976
2977commit be197635329feb839865fdc738e34e24afd1fca8
2978Author: Sam James <sam@gentoo.org>
2979Date:   Thu Sep 8 02:49:29 2022 +0100
2980
2981    openbsd-compat/bsd-asprintf: add <stdio.h> include for vsnprintf
2982
2983    Fixes the following build failure with Clang 15 on musl:
2984    ```
2985    bsd-asprintf.c:51:8: error: call to undeclared library function 'vsnprintf' with type 'int (char *, unsigned long, const char *, struct __va_list_tag *)'; ISO C99 and laterclang -O2 -pipe -fdiagnostics-color=always -frecord-gcc-switches -pipe -Wunknown-warning-option -Qunused-arguments -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -Wmisleading-indentation -Wbitwise-instead-of-logical -fno-strict-aliasing -mretpoline  -ftrapv -fzero-call-used-regs=all -fno-builtin-memset -fstack-protector-strong -fPIE   -I. -I.  -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -DSSHDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/lib/misc/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/lib/misc/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/lib/misc/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/lib/misc/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/lib/misc/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c cipher-aes.c -o cipher-aes.o
2986     do not support
2987          implicit function declarations [-Wimplicit-function-declaration]
2988            ret = vsnprintf(string, INIT_SZ, fmt, ap2);
2989                  ^
2990    bsd-asprintf.c:51:8: note: include the header <stdio.h> or explicitly provide a declaration for 'vsnprintf'
2991    1 error generated.
2992    ```
2993
2994commit 6cb6f660bb35f77a0456dd2581ddf39c29398a5e
2995Author: Darren Tucker <dtucker@dtucker.net>
2996Date:   Fri Sep 2 16:43:27 2022 +1000
2997
2998    Remove DEF_WEAK, it's already in defines.h.
2999
3000commit ce39e7d8b70c4726defde5d3bc4cb7d40d131153
3001Author: Darren Tucker <dtucker@dtucker.net>
3002Date:   Fri Sep 2 14:28:14 2022 +1000
3003
3004    Resync arc4random with OpenBSD.
3005
3006    This brings us up to current, including djm's random-reseeding change,
3007    as prompted by logan at cyberstorm.mu in bz#3467.  It brings the
3008    platform-specific hooks from LibreSSL Portable, simplified to match our
3009    use case.  ok djm@.
3010
3011commit beaddde26f30e2195b8aa4f3193970e140e17305
3012Author: Darren Tucker <dtucker@dtucker.net>
3013Date:   Fri Sep 2 14:20:04 2022 +1000
3014
3015    Move OPENBSD ORIGINAL marker.
3016
3017    Putting this after the copyright statement (which doesn't change)
3018    instead of before the version identifier (which does) prevents merge
3019    conflicts when resyncing changes.
3020
3021commit c83e467ead67a8cb48ef4bec8085d6fb880a2ff4
3022Author: Darren Tucker <dtucker@dtucker.net>
3023Date:   Fri Sep 2 14:17:28 2022 +1000
3024
3025    Remove arc4random_uniform from arc4random.c
3026
3027    This was previously moved into its own file (matching OpenBSD) which
3028    prematurely committed in commit 73541f2.
3029
3030commit 5f45c2395c60865e59fa44152ff1d003a128c5bc
3031Author: djm@openbsd.org <djm@openbsd.org>
3032Date:   Fri Sep 2 04:20:02 2022 +0000
3033
3034    upstream: sk-usbhid: fix key_lookup() on tokens with built-in UV
3035
3036    explicitly test whether the token performs built-in UV (e.g. biometric
3037    tokens) and enable UV in that case. From Pedro Martelletto via GHPR#388
3038
3039    OpenBSD-Commit-ID: 007eb7e387d27cf3029ab06b88224e03eca62ccd
3040
3041commit 03277a4aa49b80af541a3e691f264c0c0d8f9cec
3042Author: Darren Tucker <dtucker@dtucker.net>
3043Date:   Wed Aug 31 20:26:30 2022 +1000
3044
3045    Move sftp from valgrind-2 to 3 to rebalance.
3046
3047commit fcf5365da69c516817321ba89c3a91df98d098df
3048Author: djm@openbsd.org <djm@openbsd.org>
3049Date:   Wed Aug 31 02:56:40 2022 +0000
3050
3051    upstream: whitespace
3052
3053    OpenBSD-Commit-ID: c2bcbf93610d3d62ed206cdf9bf9ff98c6aaf232
3054
3055commit e60136a3d7a223dd8e84ba8a6895bc3142360993
3056Author: Damien Miller <djm@mindrot.org>
3057Date:   Mon Aug 29 13:27:45 2022 +1000
3058
3059    additional keys
3060
3061commit 2b02dcb505288c462d1b5dd1ac04e603d01340eb
3062Author: Damien Miller <djm@mindrot.org>
3063Date:   Mon Aug 29 13:23:43 2022 +1000
3064
3065    cross-sign allowed_signers with PGP key
3066
3067    Provides continuity of trust from legacy PGP release key to
3068    the SSHSIG signing keys that we will use henceforth for git
3069    signing.
3070
3071commit 51b345f177ae981b8755f6bdf8358b1cc5e83d67
3072Author: Darren Tucker <dtucker@dtucker.net>
3073Date:   Sat Aug 27 21:49:27 2022 +1000
3074
3075    Add libcrypt-devel to cygwin-release deps.
3076
3077    Based on feedback from vinschen at redhat.com.
3078
3079commit 9f81736cf16dd8dda1c8942f1973a5f80b8cd78c
3080Author: Darren Tucker <dtucker@dtucker.net>
3081Date:   Sat Aug 27 09:37:40 2022 +1000
3082
3083    Add Windows 2022 test targets.
3084
3085commit 85e1a69243f12be8520438ad6a3cfdc0b7fcbb2d
3086Author: Darren Tucker <dtucker@dtucker.net>
3087Date:   Fri Aug 26 16:26:06 2022 +1000
3088
3089    Add cygwin-release test target.
3090
3091    This also moves the cygwin package install from the workflow file to
3092    setup_ci.sh so that we can install different sets of Cygwin packages
3093    for different test configs.
3094
3095commit 92382dbe8bf9ea1225b16858f9b9b208c15c7e8d
3096Author: djm@openbsd.org <djm@openbsd.org>
3097Date:   Fri Aug 26 08:16:27 2022 +0000
3098
3099    upstream: whitespace
3100
3101    OpenBSD-Commit-ID: a5d015efbfd228dc598ffdef612d2da3a579e5d8
3102
3103commit 70a5de0a50e84d7250eb4e4537f765599f64c4af
3104Author: djm@openbsd.org <djm@openbsd.org>
3105Date:   Fri Aug 26 08:12:56 2022 +0000
3106
3107    upstream: whitespace
3108
3109    OpenBSD-Commit-ID: d297e4387935d4aef091c5e9432578c2e513f538
3110
3111commit 3a683a19fd116ea15ebf8aa13d02646cceb302a9
3112Author: Damien Miller <djm@mindrot.org>
3113Date:   Fri Aug 26 14:23:55 2022 +1000
3114
3115    initial list of allowed signers
3116
3117commit 6851f4b8c3fc1b3e1114c56106e4dc31369c8513
3118Author: Darren Tucker <dtucker@dtucker.net>
3119Date:   Fri Aug 19 17:22:18 2022 +1000
3120
3121    Install Cygwin packages based on OS not config.
3122
3123commit f96480906893ed93665df8cdf9065865c51c1475
3124Author: djm@openbsd.org <djm@openbsd.org>
3125Date:   Fri Aug 19 06:07:47 2022 +0000
3126
3127    upstream: attemp FIDO key signing without PIN and use the error
3128
3129    code returned to fall back only if necessary. Avoids PIN prompts for FIDO
3130    tokens that don't require them; part of GHPR#302
3131
3132    OpenBSD-Commit-ID: 4f752aaf9f2e7c28bcaaf3d4f8fc290131bd038e
3133
3134commit 5453333b5d28e313284cb9aae82899704103f98d
3135Author: djm@openbsd.org <djm@openbsd.org>
3136Date:   Fri Aug 19 05:53:28 2022 +0000
3137
3138    upstream: remove incorrect check that can break enrolling a
3139
3140    resident key (introduced in r1.40)
3141
3142    OpenBSD-Commit-ID: 4cab364d518470e29e624af3d3f9ffa9c92b6f01
3143
3144commit ff89b1bed80721295555bd083b173247a9c0484e
3145Author: dtucker@openbsd.org <dtucker@openbsd.org>
3146Date:   Fri Aug 19 04:02:46 2022 +0000
3147
3148    upstream: Strictly enforce the maximum allowed SSH2 banner size in
3149
3150    ssh-keyscan and prevent a one-byte buffer overflow.  Patch from Qualys, ok
3151    djm@
3152
3153    OpenBSD-Commit-ID: 6ae664f9f4db6e8a0589425f74cd0bbf3aeef4e4
3154
3155commit 1b470b9036639cef4f32fb303bb35ea0b711178d
3156Author: Darren Tucker <dtucker@dtucker.net>
3157Date:   Fri Aug 19 15:18:09 2022 +1000
3158
3159    Fix cygwin conditional steps.
3160
3161commit fd6ee741ab16714b7035d60aca924123ba28135a
3162Author: Darren Tucker <dtucker@dtucker.net>
3163Date:   Fri Aug 19 15:12:57 2022 +1000
3164
3165    Add a bit more debug output.
3166
3167commit a9305c4c739f4d91a3d3a92c0b6d4949404a36c5
3168Author: Darren Tucker <dtucker@dtucker.net>
3169Date:   Fri Aug 12 15:08:47 2022 +1000
3170
3171    Add Cygwin (on windows-2019) test target.
3172
3173    In addition to installing the requisite Cygwin packages, we also need to
3174    explicitly invoke "sh" for steps that run other scripts since the runner
3175    environment doesn't understand #! paths.
3176
3177commit 5062ad48814b06162511c4f5924a33d97b6b2566
3178Author: djm@openbsd.org <djm@openbsd.org>
3179Date:   Fri Aug 19 03:06:30 2022 +0000
3180
3181    upstream: double free() in error path; from Eusgor via GHPR333
3182
3183    OpenBSD-Commit-ID: 39f35e16ba878c8d02b4d01d8826d9b321be26d4
3184
3185commit 5a5c580b48fc6006bdfa731fc2f6d4945c2c0e4e
3186Author: Darren Tucker <dtucker@dtucker.net>
3187Date:   Thu Aug 18 21:36:39 2022 +1000
3188
3189    Check for perms to run agent-getpeereid test.
3190
3191    Ubuntu 22.04 defaults to private home dirs which prevents "nobody"
3192    running ssh-add during the agent-getpeereid test.  Check for this and
3193    add the necessary permissions.
3194
3195commit cd06a76b7ccc706e2bb4f1cc4aa9e9796a28a812
3196Author: Damien Miller <djm@mindrot.org>
3197Date:   Wed Aug 17 16:04:16 2022 +1000
3198
3199    on Cygwin, prefer WinHello FIDO device
3200
3201    If no FIDO device was explictly specified, then prefer the
3202    windows://hello FIDO device. An exception to this is when
3203    probing resident FIDO keys, in which case hardware FIDO
3204    devices are preferred.
3205
3206commit 47f72f534ac5cc2cd3027675a3df7b00a8f77575
3207Author: djm@openbsd.org <djm@openbsd.org>
3208Date:   Wed Aug 17 06:01:57 2022 +0000
3209
3210    upstream: add an extra flag to sk_probe() to indicate whether we're
3211
3212    probing for a FIDO resident key or not. Unused here, but will make like
3213    easier for portable
3214
3215    OpenBSD-Commit-ID: 432c8ff70e270378df9dbceb9bdeaa5b43b5a832
3216
3217commit edb0bcb3c79b16031dc87a8e57aecc3c4a3414f0
3218Author: jmc@openbsd.org <jmc@openbsd.org>
3219Date:   Tue Aug 16 20:24:08 2022 +0000
3220
3221    upstream: use .Cm for "sign"; from josiah frentsos
3222
3223    OpenBSD-Commit-ID: 7f80a53d54857ac6ae49ea6ad93c5bd12231d1e4
3224
3225commit cccb011e130cbbac538b1689d10e4a067298df8b
3226Author: Corinna Vinschen <vinschen@redhat.com>
3227Date:   Thu Aug 11 20:19:35 2022 +0200
3228
3229    Revert "check_sk_options: add temporary WinHello workaround"
3230
3231    Cygwin now comes with libfido2 1.11.0, so this workaround
3232    isn't required anymore.
3233
3234    This reverts commit 242c044ab111a37aad3b0775727c36a4c5f0102c.
3235
3236    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3237
3238commit 9468cd7cf9d989dfa2ac20e2a0268ba6e93bfa5a
3239Author: Corinna Vinschen <vinschen@redhat.com>
3240Date:   Thu Aug 11 20:18:17 2022 +0200
3241
3242    fido_dev_is_winhello: return 0, not "false"
3243
3244    "false" is not used anywhere in OpenSSH, so return 0 like
3245    everywhere else.
3246
3247    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3248
3249commit 730a80609472ee0451c99482d75c9c41f3ebc42d
3250Author: djm@openbsd.org <djm@openbsd.org>
3251Date:   Fri Aug 12 05:20:28 2022 +0000
3252
3253    upstream: sftp-server: support home-directory request
3254
3255    Add support to the sftp-server for the home-directory extension defined
3256    in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the
3257    existing expand-path@openssh.com, but uses a more official protocol name,
3258    and so is a bit more likely to be implemented by non-OpenSSH clients.
3259
3260    From Mike Frysinger, ok dtucker@
3261
3262    OpenBSD-Commit-ID: bfc580d05cc0c817831ae7ecbac4a481c23566ab
3263
3264commit 5e820bf79ce3ce99ef7e98b0ab642b0a0a4f396c
3265Author: Darren Tucker <dtucker@dtucker.net>
3266Date:   Fri Aug 12 14:56:55 2022 +1000
3267
3268    Replace deprecated ubuntu-18.04 runners with 22.04
3269
3270commit 87b0d9c1b789d3ff958ec45df2ac912e24461bae
3271Author: Darren Tucker <dtucker@dtucker.net>
3272Date:   Thu Aug 11 22:48:23 2022 +1000
3273
3274    Add a timegm implementation from Heimdal via Samba.
3275
3276    Fixes build on (at least Solaris 10).
3277
3278commit d0c4fa58594577994921b593f10037c5282597ca
3279Author: Darren Tucker <dtucker@dtucker.net>
3280Date:   Thu Aug 11 14:23:58 2022 +1000
3281
3282    Rerun tests if any .github config file changes.
3283
3284commit 113fe6c77ab43769fc61e953d07cb619fd7ea54b
3285Author: Darren Tucker <dtucker@dtucker.net>
3286Date:   Thu Aug 11 13:33:51 2022 +1000
3287
3288    Skip hostbased during Valgrind tests.
3289
3290    Valgrind doesn't let ssh exec ssh-keysign (because it's setuid) so skip
3291    it during the Valgrind based tests.
3292
3293    See https://bugs.kde.org/show_bug.cgi?id=119404 for a discussion of this
3294    (ironically there the problematic binary was ssh(1) back when it could
3295    still be setuid).
3296
3297commit b98a42afb69d60891eb0488935990df6ee571c4d
3298Author: djm@openbsd.org <djm@openbsd.org>
3299Date:   Thu Aug 11 01:57:50 2022 +0000
3300
3301    upstream: add some tests for parse_absolute_time(), including cases
3302
3303    where it is forced to the UTC timezone. bz3468 ok dtucker
3304
3305    OpenBSD-Regress-ID: ea07ca31c2f3847a38df028ca632763ae44e8759
3306
3307commit ec1ddb72a146fd66d18df9cd423517453a5d8044
3308Author: djm@openbsd.org <djm@openbsd.org>
3309Date:   Thu Aug 11 01:56:51 2022 +0000
3310
3311    upstream: allow certificate validity intervals, sshsig verification
3312
3313    times and authorized_keys expiry-time options to accept dates in the UTC time
3314    zone in addition to the default of interpreting them in the system time zone.
3315    YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if
3316    suffixed with a 'Z' character.
3317
3318    Also allow certificate validity intervals to be specified in raw
3319    seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
3320    is intended for use by regress tests and other tools that call
3321    ssh-keygen as part of a CA workflow.
3322
3323    bz3468 ok dtucker
3324
3325    OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13
3326
3327commit 4df246ec75751da7eb925e1880498300d8bda187
3328Author: Darren Tucker <dtucker@dtucker.net>
3329Date:   Thu Aug 11 10:23:55 2022 +1000
3330
3331    Fix conditional for running hostbased tests.
3332
3333commit 2580916e48721802220c61ce9e0df1297c00bc07
3334Author: Damien Miller <djm@mindrot.org>
3335Date:   Thu Aug 11 08:58:28 2022 +1000
3336
3337    fix SANDBOX_SECCOMP_FILTER_DEBUG
3338
3339commit fdbd5bf507fc271ff813714fab8a72ff2c6cb5ca
3340Author: Darren Tucker <dtucker@dtucker.net>
3341Date:   Wed Aug 10 17:35:52 2022 +1000
3342
3343    Test hostbased auth on github runners.
3344
3345commit 7e2f51940ba48a1c0fae1107801ea643fa83c971
3346Author: Darren Tucker <dtucker@dtucker.net>
3347Date:   Wed Aug 10 17:25:24 2022 +1000
3348
3349    Rename our getentropy to prevent possible loops.
3350
3351    Since arc4random seeds from getentropy, and we use OpenSSL for that
3352    if enabled, there's the possibility that if we build on a system that
3353    does not have getentropy then run on a system that does have it, then
3354    OpenSSL could end up calling our getentropy and getting stuck in a loop.
3355    Pointed out by deraadt@, ok djm@
3356
3357commit 7a01f61be8d0aca0e975e7417f26371495fe7674
3358Author: Darren Tucker <dtucker@dtucker.net>
3359Date:   Mon Aug 8 12:17:04 2022 +1000
3360
3361    Actually put HAVE_STDINT_H around the stdint.h.
3362
3363commit 73541f29f0b50480da6c20dceb7a7191bd8ea7d3
3364Author: Darren Tucker <dtucker@dtucker.net>
3365Date:   Mon Aug 8 10:30:34 2022 +1000
3366
3367    Give unused param a name.
3368
3369    Fixes builds on platforms that do have fido2 but don't have
3370    fido_dev_is_winhello.
3371
3372commit 2a108c0ea960381bd9b14ee0d84e818a23df4482
3373Author: djm@openbsd.org <djm@openbsd.org>
3374Date:   Fri Aug 5 05:01:40 2022 +0000
3375
3376    upstream: don't prompt for FIDO passphrase before attempting to enroll
3377
3378    the credential, just let the enroll operating fail and we'll attempt to get a
3379    PIN anyway. Might avoid some unneccessary PIN prompts.
3380
3381    Part of GHPR#302 from Corinna Vinschen; ok dtucker@
3382
3383    OpenBSD-Commit-ID: bd5342ffc353ee37d39617906867c305564d1ce2
3384
3385commit 2886975c0ad9244e60dc5e4be34fde3aa573a4b5
3386Author: Corinna Vinschen <vinschen@redhat.com>
3387Date:   Fri Feb 11 14:33:41 2022 +0100
3388
3389    sk_sign: set FIDO2 uv attribute explicitely for WinHello
3390
3391    WinHello via libfido2 performs user verification by default.
3392    However, if we stick to that, there's no way to differentiate
3393    between keys created with or without "-O  verify-required".
3394    Set FIDO2 uv attribute explicitely to FIDO_OPT_FALSE, then check
3395    if user verification has been requested.
3396
3397    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3398
3399commit 242c044ab111a37aad3b0775727c36a4c5f0102c
3400Author: Corinna Vinschen <vinschen@redhat.com>
3401Date:   Tue Feb 15 11:28:08 2022 +0100
3402
3403    check_sk_options: add temporary WinHello workaround
3404
3405    Up to libfido 1.10.0, WinHello advertises "clientPin" rather
3406    than "uv" capability.  This is fixed in 1.11.0.  For the time
3407    being, workaround it here.
3408
3409    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3410
3411commit 78774c08cc4b4997382975b0f414a86e06b6780c
3412Author: Corinna Vinschen <vinschen@redhat.com>
3413Date:   Thu Feb 10 18:19:29 2022 +0100
3414
3415    compat code for fido_dev_is_winhello()
3416
3417    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3418
3419commit 3d3a932a019aedfb891e0779bb4990cd5008a390
3420Author: Darren Tucker <dtucker@dtucker.net>
3421Date:   Fri Aug 5 13:12:27 2022 +1000
3422
3423    Factor out getrnd() and rename to getentropy().
3424
3425    Factor out the arc4random seeding into its own file and change the
3426    interface to match getentropy.  Use native getentropy if available.
3427    This will make it easier to resync OpenBSD changes to arc4random.
3428    Prompted by bz#3467, ok djm@.
3429
3430commit 9385d277b787403be9dfcb229cf372202496d2f3
3431Author: Darren Tucker <dtucker@dtucker.net>
3432Date:   Thu Aug 4 18:55:48 2022 +1000
3433
3434    Include CHANNEL and FIDO2 libs in configure output
3435
3436commit 141535b904b6fba01724444f38193a8599201f82
3437Author: djm@openbsd.org <djm@openbsd.org>
3438Date:   Mon Aug 1 11:09:26 2022 +0000
3439
3440    upstream: avoid double-free in error path introduced in r1.70; report
3441
3442    and fix based on GHPR#332 by v-rzh ok dtucker@
3443
3444    OpenBSD-Commit-ID: 3d21aa127b1f37cfc5bdc21461db369a663a951f
3445
3446commit dba7099ffcba3ca07b3946f017ba6a4c3158d9b1
3447Author: Darren Tucker <dtucker@dtucker.net>
3448Date:   Wed Jul 27 18:40:12 2022 +1000
3449
3450    Remove deprecated MacOS 10.15 runners.
3451
3452commit 722a56439aa5972c830e4a9a724cf52aff4a950a
3453Author: Darren Tucker <dtucker@dtucker.net>
3454Date:   Wed Jul 27 18:31:14 2022 +1000
3455
3456    Move stale-configure check as early as possible.
3457
3458    We added a check in Makefile to catch the case where configure needs to
3459    be rebuilt, however this did not happen until a build was attempted in
3460    which case all of the work done by configure was wasted.  Move this check
3461     to the start of configure to catch it as early as possible.  ok djm@
3462
3463commit 099d6b56288b421ba38531d26dc1bd6bb685e311
3464Author: Darren Tucker <dtucker@dtucker.net>
3465Date:   Fri Jul 22 10:47:19 2022 +1000
3466
3467    Move libcrypto into CHANNELLIBS.
3468
3469    This will result in sftp, sftp-server and scp no longer being linked
3470    against libcrypto.  ok djm@
3471
3472commit 1bdf86725b77733bb5f17c54888b88a10b2f6538
3473Author: Darren Tucker <dtucker@dtucker.net>
3474Date:   Fri Jul 22 10:45:47 2022 +1000
3475
3476    Remove seed_rng calls from scp, sftp, sftp-server.
3477
3478    These binaries don't use OpenSSL's random functions.  The next step
3479    will be to stop linking them against libcrypto.  ok djm@
3480
3481commit d73f77b8cb9b422f1ac4facee7890aa10ff2bc21
3482Author: Darren Tucker <dtucker@dtucker.net>
3483Date:   Fri Jul 22 09:51:51 2022 +1000
3484
3485    Group libcrypto and PRNGD checks together.
3486
3487    They're related more than the libcrypt or libiaf checks which are
3488    currently between them.  ok djm@
3489
3490commit f117e372b3f42f2fbdb0a578d063b2609ab58e1f
3491Author: Darren Tucker <dtucker@dtucker.net>
3492Date:   Fri Jul 22 09:24:45 2022 +1000
3493
3494    Do not link scp, sftp and sftp-server w/ zlib.
3495
3496    Some of our binaries (eg sftp, sftp-server, scp) do not interact with
3497    the channels code and thus do use libraries such as zlib and libcrypto
3498    although they are linked with them.  This adds a CHANNELLIBS and starts
3499    by moving zlib into it, which means the aformentioned binaries are no
3500    longer linked against zlib.  ok djm@
3501
3502commit 800c2483e68db38bd1566ff69677124be974aceb
3503Author: Darren Tucker <dtucker@dtucker.net>
3504Date:   Mon Jul 25 21:49:04 2022 +1000
3505
3506    Remove workarounds for OpenSSL missing AES-CTR.
3507
3508    We have some compatibility hacks that were added to support OpenSSL
3509    versions that do not support AES CTR mode.  Since that time, however,
3510    the minimum OpenSSL version that we support has moved to 1.0.1 which
3511    *does* have CTR, so this is no longer needed.  ok djm@
3512
3513commit b7c56b65c12f51fe0dbae798d19c8f58224a5d95
3514Author: Darren Tucker <dtucker@dtucker.net>
3515Date:   Mon Jul 25 21:43:00 2022 +1000
3516
3517    Remove workarounds for OpenSSL missing AES-GCM.
3518
3519    We have some compatibility hacks that were added to support OpenSSL
3520    versions that do not support AES GCM mode.  Since that time, however,
3521    the minimum OpenSSL version that we support has moved to 1.0.1 which
3522    *does* have GCM, so this is no longer needed.  ok djm@
3523
3524commit 5a4a9f7a968fbf92cc1eac519c65638e79ae9f1f
3525Author: dtucker@openbsd.org <dtucker@openbsd.org>
3526Date:   Mon Jul 25 07:12:45 2022 +0000
3527
3528    upstream: Restore missing "!" in TEST_SSH_ELAPSED_TIMES test.
3529
3530    OpenBSD-Regress-ID: 38783f9676ec348c5a792caecee9a16e354b37b0
3531
3532commit 0ff886be132299386cc29d87c2aa16ff68a1aa08
3533Author: dtucker@openbsd.org <dtucker@openbsd.org>
3534Date:   Sun Jul 24 23:29:10 2022 +0000
3535
3536    upstream: Test TEST_SSH_ELAPSED_TIMES for empty string not
3537
3538    executable.  No-op on most platforms but should prevent warnings in -portable
3539    on systems that don't have 'date %s'.
3540
3541    OpenBSD-Regress-ID: e39d79867b8065e33d0c5926fa1a31f85659d2a4
3542
3543commit f69319ad8ad1dd50f90bbcf5912e11cc8ed3e037
3544Author: Darren Tucker <dtucker@dtucker.net>
3545Date:   Sat Jul 23 14:38:22 2022 +1000
3546
3547    Convert "have_prog" function into "which".
3548
3549    "which" and its behaviour is not standardized, so convert the existing
3550    have_prog function into "which" so we can rely on it being available
3551    and what its semantics are.  Add a have_prog wrapper that maintains the
3552    existing behaviour.
3553
3554commit ea7ecc2c3ae39fdf5c6ad97b7bc0b47a98847f43
3555Author: Darren Tucker <dtucker@dtucker.net>
3556Date:   Sat Jul 23 14:36:38 2022 +1000
3557
3558    Skip scp3 test if there's no scp on remote path.
3559
3560    scp -3 ends up using the scp that's in the remote path and will fail if
3561    one is not available.  Based on a patch from rapier at psc.edu.
3562
3563commit c46f6fed419167c1671e4227459e108036c760f8
3564Author: Damien Miller <djm@mindrot.org>
3565Date:   Wed Jul 20 13:39:14 2022 +1000
3566
3567    crank SSH_SK_VERSION_MAJOR in sk-dummy.so
3568
3569commit f208e3b9ffb5ee76cf9c95df7ff967adc7f51c7d
3570Author: djm@openbsd.org <djm@openbsd.org>
3571Date:   Wed Jul 20 03:33:22 2022 +0000
3572
3573    upstream: ssh-keygen: fix touch prompt, pin retries;
3574
3575    part of GHPR329 from Pedro Martelletto
3576
3577    OpenBSD-Commit-ID: 75d1005bd2ef8f29fa834c90d2684e73556fffe8
3578
3579commit 8638a2ce7e90c8a51d9af3143404282126c524f8
3580Author: djm@openbsd.org <djm@openbsd.org>
3581Date:   Wed Jul 20 03:31:42 2022 +0000
3582
3583    upstream: sk-usbhid: preserve error code returned by key_lookup()
3584
3585    it conveys useful information, such as the supplied pin being wrong.
3586
3587    Part of GHPR329 from Pedro Martelletto
3588
3589    OpenBSD-Commit-ID: c0647eb9290f793add363d81378439b273756c1b
3590
3591commit 9ab929ca2d820520327b41929372bcb9e261534c
3592Author: djm@openbsd.org <djm@openbsd.org>
3593Date:   Wed Jul 20 03:29:14 2022 +0000
3594
3595    upstream: when enrolling a resident key on a security token, check
3596
3597    if a credential with matching application and user ID strings already exists.
3598    if so, prompt the user for confirmation before overwriting the credential.
3599
3600    patch from Pedro Martelletto via GHPR329
3601
3602    NB. cranks SSH_SK_VERSION_MAJOR, so any third-party FIDO middleware
3603    implementations will need to adjust
3604
3605    OpenBSD-Commit-ID: e45e9f1bf2b2f32d9850669e7a8dbd64acc5fca4
3606
3607commit 5bcfc788b38d5b64e4c347bdc04bd9a01bbc36da
3608Author: djm@openbsd.org <djm@openbsd.org>
3609Date:   Wed Jul 20 03:13:04 2022 +0000
3610
3611    upstream: pull passphrase reading and confirmation into a separate
3612
3613    function so it can be used for FIDO2 PINs; no functional change
3614
3615    OpenBSD-Commit-ID: bf34f76b8283cc1d3f54633e0d4f13613d87bb2f
3616
3617commit eb679e2959bdb15454eb94751930eb4c9110da94
3618Author: Darren Tucker <dtucker@dtucker.net>
3619Date:   Fri Jul 15 21:31:48 2022 +1000
3620
3621    Move vmshutdown to first step.
3622
3623    If a previous run on a physical runner has failed to clean up, the next
3624    run will fail because it'll try to check out the code to a broken
3625    directory mount.  Make cleanup the first step.
3626
3627commit 46b91b70ff3cb9c147e2875ef5dc609fd64c0c96
3628Author: Darren Tucker <dtucker@dtucker.net>
3629Date:   Fri Jul 15 20:25:27 2022 +1000
3630
3631    Rename bbone test target to ARM.
3632
3633commit 751d22cdeffed9fe921db78eedc32a29f9e80510
3634Author: Darren Tucker <dtucker@dtucker.net>
3635Date:   Fri Jul 15 13:37:29 2022 +1000
3636
3637    Add AUDIT_ARCH_PPC to supported seccomp arches.
3638
3639    Patch from dries.deschout at dodeco.eu.
3640
3641commit a061792a6e8d235fc40a9b5d4c22a1762bb75a7b
3642Author: Darren Tucker <dtucker@dtucker.net>
3643Date:   Thu Jul 14 19:20:24 2022 +1000
3644
3645    Remove unintended changes.
3646
3647    I inadvertently included a couple of local changes with the OpenSSL
3648    3.0.4 change.  Revert, anything that should be there will be committed
3649    separately.
3650
3651commit 527cb43fa1b4e55df661feabbac51b8e608b6519
3652Author: Darren Tucker <dtucker@dtucker.net>
3653Date:   Thu Jul 14 11:22:08 2022 +1000
3654
3655    Return ERANGE from getcwd() if buffer size is 1.
3656
3657    If getcwd() is supplied a buffer size of exactly 1 and a path of "/", it
3658    could result in a nul byte being written out of array bounds.  POSIX says
3659    it should return ERANGE if the path will not fit in the available buffer
3660    (with terminating nul). 1 byte cannot fit any possible path with its nul,
3661    so immediately return ERANGE in that case.
3662
3663    OpenSSH never uses getcwd() with this buffer size, and all current
3664    (and even quite old) platforms that we are currently known to work
3665    on have a native getcwd() so this code is not used on those anyway.
3666    Reported by Qualys, ok djm@
3667
3668commit 36857fefd8849c4b0e877cfd9d1eb22f79b76650
3669Author: Darren Tucker <dtucker@dtucker.net>
3670Date:   Thu Jul 14 10:02:35 2022 +1000
3671
3672    Split README.platform into its own line.
3673
3674    README.platform has general platform-specific information, having it
3675    following text about FIDO2 on the same line could imply that it only
3676    has information about FIDO2.
3677
3678commit 00a496c6c14f2d41f2a9365714d494dd5f3aac9f
3679Author: Darren Tucker <dtucker@dtucker.net>
3680Date:   Thu Jul 14 09:56:01 2022 +1000
3681
3682    Clarify README.md text.
3683
3684    Clarify the text about the implications of building without OpenSSL, and
3685    prefix the "configure --help" example command with a "./" so it's likely
3686    to work as-is in more shells.  From bz#3461.
3687
3688commit f40b52f21fbc52eb513279168a49d3285c65256c
3689Author: Darren Tucker <dtucker@dtucker.net>
3690Date:   Tue Jul 12 19:48:44 2022 +1000
3691
3692    Remove special casing of crypt().
3693
3694    Configure goes to some lengths to pick crypt() from either libcrypt
3695    or OpenSSL's libcrypto because they can more or less featureful (eg
3696    supporting md5-style passwords).
3697
3698    OpenSSL removed its crypt() interface in 2002:
3699    https://github.com/openssl/openssl/commit/69deec58 so these hijinks
3700    should no longer be necessary.  This also only links sshd with libcrypt
3701    which is the only thing that needs it.  ok djm@
3702
3703commit 76f4e48631d7b09fb243b47d7b393d100d3741b7
3704Author: Darren Tucker <dtucker@dtucker.net>
3705Date:   Wed Jul 13 13:17:47 2022 +1000
3706
3707    Only refuse to use OpenSSL 3.0.4 on x86_64.
3708
3709    The potential RCE only impacts x86_64, so only refuse to use it if we're
3710    targetting a potentially impacted architecture.  ok djm@
3711
3712commit e75bbc1d88491fa85e61b2cc8783d4bbd00cd131
3713Author: Darren Tucker <dtucker@dtucker.net>
3714Date:   Tue Jul 12 14:37:15 2022 +1000
3715
3716    Capture stderr output from configure.
3717
3718commit d9eaea4bea6271bcee6a2b9428f1271faf2d033b
3719Author: Darren Tucker <dtucker@dtucker.net>
3720Date:   Tue Jul 12 12:54:49 2022 +1000
3721
3722    Refuse to use OpenSSL 3.0.4 due to potential RCE.
3723
3724    OpenSSL has a potential RCE in its RSA implementation (CVE-2022-2274)
3725    so refuse to use that specific version.
3726
3727commit fb2f3a61bf3d28fff285524535f7ffcd177c9235
3728Author: Darren Tucker <dtucker@dtucker.net>
3729Date:   Tue Jul 12 12:54:24 2022 +1000
3730
3731    Move unset to before we set anything.
3732
3733commit c483a5c0fb8e8b8915fad85c5f6113386a4341ca
3734Author: Darren Tucker <dtucker@dtucker.net>
3735Date:   Wed Jul 6 11:52:54 2022 +1000
3736
3737    Test against openssl-3.0.5.
3738
3739commit 669a56bcfe73f8b985f2bba476ba834d55253acf
3740Author: Darren Tucker <dtucker@dtucker.net>
3741Date:   Tue Jul 5 18:35:53 2022 +1000
3742
3743    Update sanitizer test targets:
3744
3745     - remove clang-sanitize-memory for now.  It takes so long that the test
3746       times out.
3747     - add gcc sanitize-address and sanitize-undefined test targets.
3748
3749commit 48cc68b69118b3ce8d07fd4f82e00d58667d5379
3750Author: Darren Tucker <dtucker@dtucker.net>
3751Date:   Tue Jul 5 16:23:28 2022 +1000
3752
3753    Add GCC address sanitizer build/test.
3754
3755commit 55c60bdd39b82457e92efa77da8d16cfa6a49391
3756Author: Darren Tucker <dtucker@dtucker.net>
3757Date:   Tue Jul 5 12:02:33 2022 +1000
3758
3759    Move sanitizer logs into regress for collection.
3760
3761commit 35ef2b3b6ef198f8574904a45780487ec2f17858
3762Author: dtucker@openbsd.org <dtucker@openbsd.org>
3763Date:   Mon Jul 4 09:10:31 2022 +0000
3764
3765    upstream: Add TEST_REGRESS_CACHE_DIR.
3766
3767    If set, it is used to cache regress test names that have succeeded and
3768    skip those on a re-run.
3769
3770    OpenBSD-Regress-ID: a7570dd29a58df59f2cca647c3c2ec989b49f247
3771
3772commit 7394ed80c4de8b228a43c8956cf2fa1b9c6b2622
3773Author: Darren Tucker <dtucker@dtucker.net>
3774Date:   Sun Jul 3 21:46:44 2022 +1000
3775
3776    Add clang sanitizer tests.
3777
3778commit bfce0e66b6017a9bfab450b9dc7d4b16f90de817
3779Author: Darren Tucker <dtucker@dtucker.net>
3780Date:   Sun Jul 3 18:14:09 2022 +1000
3781
3782    Skip all rlimit tests when sandboxing disabled.
3783
3784    The rlimit tests can hang when being run with some compiler sanitizers
3785    so skip all of them if sandbox=no.
3786
3787commit 6208d611520f9ea94d5369f9da404b709930029d
3788Author: Darren Tucker <dtucker@dtucker.net>
3789Date:   Sun Jul 3 17:54:49 2022 +1000
3790
3791    Move checks for pollfd.fd and nfds_t.
3792
3793    Move the checks for struct pollfd.fd and nfds_t to before the sandboxing
3794    checks.  This groups all the sandbox checks together so we can skip them
3795    all when sandboxing is disabled.
3796
3797commit 322964f8f2e9c321e77ebae1e4d2cd0ccc5c5a0b
3798Author: dtucker@openbsd.org <dtucker@openbsd.org>
3799Date:   Fri Jul 1 05:08:23 2022 +0000
3800
3801    upstream: Remove leftover line.
3802
3803    Remove extra line leftover from merge conflict. ok djm@
3804
3805    OpenBSD-Commit-ID: 460e2290875d7ae64971a7e669c244b1d1c0ae2e
3806
3807commit 7ec81daad0e03a64e8d91c5590960c48c1a899a3
3808Author: djm@openbsd.org <djm@openbsd.org>
3809Date:   Fri Jul 1 04:45:50 2022 +0000
3810
3811    upstream: use consistent field names (s/char/byte)
3812
3813    in format description
3814
3815    OpenBSD-Commit-ID: 3de33572733ee7fcfd7db33d37db23d2280254f0
3816
3817commit 32e82a392d9f263485effdd606ff5862d289a4a0
3818Author: Darren Tucker <dtucker@dtucker.net>
3819Date:   Fri Jul 1 13:55:19 2022 +1000
3820
3821    Skip select+rlimit check if sandboxing is disabled
3822
3823    It's not needed in that case, and the test can fail when being built
3824    with some compiler memory sanitizer flags.  bz#3441
3825
3826commit 4be7184ebe2a2ccef175983517a35ee06766e1b4
3827Author: djm@openbsd.org <djm@openbsd.org>
3828Date:   Fri Jul 1 03:52:57 2022 +0000
3829
3830    upstream: bump up loglevel from debug to info when unable to open
3831
3832    authorized keys/principals file for errno != ENOENT; bz2042 ok dtucker
3833
3834    OpenBSD-Commit-ID: e79aa550d91ade6a80f081bda689da24c086d66b
3835
3836commit 6c31ba10e97b6953c4f325f526f3e846dfea647a
3837Author: dtucker@openbsd.org <dtucker@openbsd.org>
3838Date:   Fri Jul 1 03:39:44 2022 +0000
3839
3840    upstream: Don't leak the strings allocated by order_hostkeyalgs()
3841
3842    and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
3843    github PR#324 from ZoltanFridrich, ok djm@
3844
3845    This is a roll-forward of the previous rollback now that the required
3846    changes in compat.c have been done.
3847
3848    OpenBSD-Commit-ID: c7cd93730b3b9f53cdad3ae32462922834ef73eb
3849
3850commit 486c4dc3b83b4b67d663fb0fa62bc24138ec3946
3851Author: dtucker@openbsd.org <dtucker@openbsd.org>
3852Date:   Fri Jul 1 03:35:45 2022 +0000
3853
3854    upstream: Always return allocated strings from the kex filtering so
3855
3856    that we can free them later.  Fix one leak in compat_kex_proposal.  Based on
3857    github PR#324 from ZoltanFridrich with some simplications by me. ok djm@
3858
3859    OpenBSD-Commit-ID: 9171616da3307612d0ede086fd511142f91246e4
3860
3861commit 96faa0de6c673a2ce84736eba37fc9fb723d9e5c
3862Author: djm@openbsd.org <djm@openbsd.org>
3863Date:   Fri Jul 1 00:36:30 2022 +0000
3864
3865    upstream: ignore SIGPIPE earlier in main(), specifically before
3866
3867    muxclient() which performs operations that could cause one; Reported by Noam
3868    Lewis via bz3454, ok dtucker@
3869
3870    OpenBSD-Commit-ID: 63d8e13276869eebac6d7a05d5a96307f9026e47
3871
3872commit 33efac790f6b09d54894ba6c3e17dfb08b6fc7e1
3873Author: jmc@openbsd.org <jmc@openbsd.org>
3874Date:   Tue Jun 28 06:09:14 2022 +0000
3875
3876    upstream: reflect the update to -D arg name in usage();
3877
3878    OpenBSD-Commit-ID: abdcde4f92b1ef094ae44210ee99d3b0155aad9c
3879
3880commit c71a1442d02f0a3586109dfe2cb366de36dee08e
3881Author: Darren Tucker <dtucker@dtucker.net>
3882Date:   Wed Jun 29 18:28:47 2022 +1000
3883
3884    Update OpenSSL tests to the most recent releases.
3885
3886commit 2a822f29300b2de7335fbff65f0b187a0c582304
3887Author: djm@openbsd.org <djm@openbsd.org>
3888Date:   Mon Jun 27 21:41:55 2022 +0000
3889
3890    upstream: allow arguments to sftp -D option, e.g. sftp -D
3891
3892    "/usr/libexec/sftp-server -el debug3"
3893
3894    ok markus@
3895
3896    OpenBSD-Commit-ID: 5a002b9f3a7aef2731fc0ffa9c921cf15f38ecce
3897
3898commit 2369a2810187e08f2af5d58b343956062fb96ee8
3899Author: dtucker@openbsd.org <dtucker@openbsd.org>
3900Date:   Fri Jun 24 10:45:06 2022 +0000
3901
3902    upstream: Roll back previous KEX changes as they aren't safe until
3903
3904    compat_pkalg_proposal and friends always allocate their returned strings.
3905    Reported by Qualys.
3906
3907    OpenBSD-Commit-ID: 1c7a88a0d5033f42f88ab9bec58ef1cf72c81ad0
3908
3909commit 646686136c34c2dbf6a01296dfaa9ebee029386d
3910Author: dtucker@openbsd.org <dtucker@openbsd.org>
3911Date:   Fri Jun 24 04:37:00 2022 +0000
3912
3913    upstream: Don't leak the strings allocated by order_hostkeyalgs()
3914
3915    and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
3916    github PR#324 from ZoltanFridrich, ok djm@
3917
3918    OpenBSD-Commit-ID: b2f6e5f60f2bba293b831654328a8a0035ef4a1b
3919
3920commit 193c6d8d905dde836b628fc07a7b9cf2d347e2a3
3921Author: Darren Tucker <dtucker@dtucker.net>
3922Date:   Sat Jun 25 12:16:15 2022 +1000
3923
3924    Zero out LIBFIDO2 when SK support not usable.
3925
3926    Prevents us from trying to link them into ssh-sk-helper and failing to
3927    build.
3928
3929commit 40f5d849d25c60b4ae21261e78484d435f5cfd51
3930Author: Darren Tucker <dtucker@dtucker.net>
3931Date:   Sat Jun 25 11:47:28 2022 +1000
3932
3933    Disable SK support if FIDO libs not found.
3934
3935commit 5fd922ade1b25880fe8a8249f5c0385e413108f9
3936Author: Damien Miller <djm@mindrot.org>
3937Date:   Fri Jun 24 14:43:54 2022 +1000
3938
3939    fix broken case statement in previous
3940
3941commit f51423bdaf0008d46b6af082bcfd7a22a87375f0
3942Author: Damien Miller <djm@mindrot.org>
3943Date:   Fri Jun 24 14:40:42 2022 +1000
3944
3945    request 1.1x API compatibility for OpenSSL >=3.x
3946
3947    idea/patch from Pedro Martelletto via GHPR#322; ok dtucker@
3948
3949commit 455cee8d6c2e4c48c5af9faead3599c49948411e
3950Author: djm@openbsd.org <djm@openbsd.org>
3951Date:   Fri Jun 24 04:27:14 2022 +0000
3952
3953    upstream: make it clear that RekeyLimit applies to both transmitted
3954
3955    and received data. GHPR#328 from Jan Pazdziora
3956
3957    OpenBSD-Commit-ID: d180a905fec9ff418a75c07bb96ea41c9308c3f9
3958
3959commit 17904f05802988d0bb9ed3c8d1d37411e8f459c3
3960Author: tobhe@openbsd.org <tobhe@openbsd.org>
3961Date:   Tue Jun 21 14:52:13 2022 +0000
3962
3963    upstream: Make sure not to fclose() the same fd twice in case of an
3964
3965    error.
3966
3967    ok dtucker@
3968
3969    OpenBSD-Commit-ID: e384c4e05d5521e7866b3d53ca59acd2a86eef99
3970
3971commit f29d6cf98c25bf044079032d22c1a57c63ab9d8e
3972Author: dtucker@openbsd.org <dtucker@openbsd.org>
3973Date:   Sat Jun 18 02:17:16 2022 +0000
3974
3975    upstream: Don't attempt to fprintf a null identity comment. From
3976
3977    Martin Vahlensieck via tech@.
3978
3979    OpenBSD-Commit-ID: 4c54d20a8e8e4e9912c38a7b4ef5bfc5ca2e05c2
3980
3981commit ad1762173bb38716a106e8979806149fd0f2753e
3982Author: dtucker@openbsd.org <dtucker@openbsd.org>
3983Date:   Fri Jun 17 01:00:03 2022 +0000
3984
3985    upstream: Log an error if pipe() fails while accepting a
3986
3987    connection.  bz#3447, from vincent-openssh at vinc17 net, ok djm@
3988
3989    OpenBSD-Commit-ID: 9d59f19872b94900a5c79da2d57850241ac5df94
3990
3991commit 9c59e7486cc8691401228b43b96a3edbb06e0412
3992Author: Damien Miller <djm@mindrot.org>
3993Date:   Fri Jun 24 14:20:43 2022 +1000
3994
3995    automatically enable built-in FIDO support
3996
3997    If libfido2 is found and usable, then enable the built-in
3998    security key support unless --without-security-key-builtin
3999    was requested.
4000
4001    ok dtucker@
4002
4003commit 7d25b37fb2a5ff4dadabcbdac6087a97479434f5
4004Author: Damien Miller <djm@mindrot.org>
4005Date:   Fri Jun 24 13:46:39 2022 +1000
4006
4007    fix possible NULL deref when built without FIDO
4008
4009    Analysis/fix from kircher in bz3443; ok dtucker@
4010
4011commit f5ba85daddfc2da6a8dab6038269e02c0695be44
4012Author: djm@openbsd.org <djm@openbsd.org>
4013Date:   Wed Jun 15 16:08:25 2022 +0000
4014
4015    upstream: make sure that UseDNS hostname lookup happens in the monitor
4016
4017    and not in the pledge(2)'d unprivileged process; fixes regression caused by
4018    recent refactoring spotted by henning@
4019
4020    OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
4021
4022commit acb2059febaddd71ee06c2ebf63dcf211d9ab9f2
4023Author: djm@openbsd.org <djm@openbsd.org>
4024Date:   Fri Jun 3 04:47:21 2022 +0000
4025
4026    upstream: move auth_openprincipals() and auth_openkeyfile() over to
4027
4028    auth2-pubkeyfile.c too; they make more sense there.
4029
4030    OpenBSD-Commit-ID: 9970d99f900e1117fdaab13e9e910a621b7c60ee
4031
4032commit 3d9b0845f34510111cc693bb99a667662ca50cd8
4033Author: djm@openbsd.org <djm@openbsd.org>
4034Date:   Fri Jun 3 04:31:54 2022 +0000
4035
4036    upstream: test setenv in both client and server, test first-match-wins
4037
4038    too
4039
4040    OpenBSD-Regress-ID: 4c8804f9db38a02db480b9923317457b377fe34b
4041
4042commit 22e1a3a71ad6d108ff0c5f07f93c3fcbd30f8b40
4043Author: djm@openbsd.org <djm@openbsd.org>
4044Date:   Fri Jun 3 04:30:46 2022 +0000
4045
4046    upstream: Make SetEnv directives first-match-wins in both
4047
4048    sshd_config and sshd_config; previously if the same name was reused then the
4049    last would win (which is the opposite to how the config is supposed to work).
4050
4051    While there, make the ssh_config parsing more like sshd_config.
4052
4053    bz3438, ok dtucker
4054
4055    OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
4056
4057commit 38ed6c57e9e592c08e020fa6e82b45b4e1040970
4058Author: dtucker@openbsd.org <dtucker@openbsd.org>
4059Date:   Fri Jun 3 04:00:15 2022 +0000
4060
4061    upstream: Add missing *-sk types to ssh-keyscan manpage. From
4062
4063    skazi0 via github PR#294.
4064
4065    OpenBSD-Commit-ID: fda2c869cdb871f3c90a89fb3f985370bb5d25c0
4066
4067commit ea97ec98c41ec2b755dfab459347db674ff9a5de
4068Author: dtucker@openbsd.org <dtucker@openbsd.org>
4069Date:   Fri Jun 3 03:21:09 2022 +0000
4070
4071    upstream: Add period at end of "not known by any other names"
4072
4073    message.  github PR#320 from jschauma, ok djm@
4074
4075    OpenBSD-Commit-ID: bd60809803c4bfd3ebb7c5c4d918b10e275266f2
4076
4077commit 88e376fcd67478ad1660d94bc73ab348ac9f4527
4078Author: dtucker@openbsd.org <dtucker@openbsd.org>
4079Date:   Fri Jun 3 03:17:42 2022 +0000
4080
4081    upstream: ssh-keygen -A: do not generate DSA keys by default.
4082
4083    Based on github PR#303 from jsegitz with man page text from jmc@, ok markus@
4084    djm@
4085
4086    OpenBSD-Commit-ID: 5c4c57bdd7063ff03381cfb6696659dd3f9f5b9f
4087
4088commit 6b3fb624675082a1e5aa615d1b8479873d8b5731
4089Author: naddy@openbsd.org <naddy@openbsd.org>
4090Date:   Tue May 31 14:05:12 2022 +0000
4091
4092    upstream: ssh-keygen: implement "verify-required" certificate option.
4093
4094    This was already documented when support for user-verified FIDO
4095    keys was added, but the ssh-keygen(1) code was missing.
4096
4097    ok djm@
4098
4099    OpenBSD-Commit-ID: f660f973391b593fea4b7b25913c9a15c3eb8a06
4100
4101commit b7f86ffc301be105bba9a3e0618b6fab3ae379bd
4102Author: jmc@openbsd.org <jmc@openbsd.org>
4103Date:   Sat May 28 05:57:56 2022 +0000
4104
4105    upstream: keywords ref ssh_config.5;
4106
4107    from caspar schutijser
4108
4109    OpenBSD-Commit-ID: f146a19d7d5c9374c3b9c520da43b2732d7d1a4e
4110
4111commit dc7bc52372f2744fa39191577be5306ee57aacd4
4112Author: Damien Miller <djm@mindrot.org>
4113Date:   Mon May 30 09:29:09 2022 +1000
4114
4115    fix some bugs in the fuzzer
4116
4117commit 1781f507c113667613351c19898efaf1e311a865
4118Author: Darren Tucker <dtucker@dtucker.net>
4119Date:   Fri May 27 18:19:48 2022 +1000
4120
4121    Test against OpenSSL 1.1.1o and 3.0.3.
4122
4123commit c53906e0c59e569691b4095d3e8db79cf78fa058
4124Author: Darren Tucker <dtucker@dtucker.net>
4125Date:   Fri May 27 18:18:31 2022 +1000
4126
4127    Test against LibreSSL 3.5.3.
4128
4129commit 9b3ad432ad2f19319bcc089370e356c6315d682f
4130Author: Damien Miller <djm@mindrot.org>
4131Date:   Fri May 27 17:00:43 2022 +1000
4132
4133    fuzzer for authorized_keys parsing
4134
4135    mostly redundant to authopt_fuzz, but it's sensitive code so IMO it
4136    makes sense to test this layer too
4137
4138commit c83d8c4d6f3ccceef84d46de107f6b71cda06359
4139Author: djm@openbsd.org <djm@openbsd.org>
4140Date:   Fri May 27 05:02:46 2022 +0000
4141
4142    upstream: split the low-level file handling functions out from
4143
4144    auth2-pubkey.c
4145
4146    Put them in a new auth2-pubkeyfile.c to make it easier to refer to them
4147    (e.g. in unit/fuzz tests) without having to refer to everything else
4148    pubkey auth brings in.
4149
4150    ok dtucker@
4151
4152    OpenBSD-Commit-ID: 3fdca2c61ad97dc1b8d4a7346816f83dc4ce2217
4153
4154commit 3b0b142d2a0767d8cd838e2f3aefde8a0aaa41e1
4155Author: djm@openbsd.org <djm@openbsd.org>
4156Date:   Fri May 27 05:01:25 2022 +0000
4157
4158    upstream: refactor authorized_keys/principals handling
4159
4160    remove "struct ssh *" from arguments - this was only used to pass the
4161    remote host/address. These can be passed in instead and the resulting
4162    code is less tightly coupled to ssh_api.[ch]
4163
4164    ok dtucker@
4165
4166    OpenBSD-Commit-ID: 9d4373d013edc4cc4b5c21a599e1837ac31dda0d
4167
4168commit 2c334fd36f80cb91cc42e4b978b10aa35e0df236
4169Author: dtucker@openbsd.org <dtucker@openbsd.org>
4170Date:   Fri May 27 04:29:40 2022 +0000
4171
4172    upstream: f sshpkt functions fail, then password is not cleared
4173
4174    with freezero. Unconditionally call freezero to guarantee that password is
4175    removed from RAM.
4176
4177    From tobias@ and c3h2_ctf via github PR#286, ok djm@
4178
4179    OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
4180
4181commit 5d3a77f4c5ae774c6796387266503f52c7cdc7c2
4182Author: dtucker@openbsd.org <dtucker@openbsd.org>
4183Date:   Fri May 27 04:27:49 2022 +0000
4184
4185    upstream: Avoid kill with -1 argument. The out_ctx label can be
4186
4187    reached before fork has been called. If this happens, then kill -1 would be
4188    called, sending SIGTERM to all processes reachable by the current process.
4189
4190    From tobias@ and c3h2_ctf via github PR#286, ok djm@
4191
4192    OpenBSD-Commit-ID: 6277af1207d81202f5daffdccfeeaed4c763b1a8
4193
4194commit 533b31cd08e4b97f455466f91c36915e2924c15a
4195Author: dtucker@openbsd.org <dtucker@openbsd.org>
4196Date:   Fri May 27 04:13:24 2022 +0000
4197
4198    upstream: Note that ProxyJump also accepts the same tokens as
4199
4200    ProxyCommand. From pallxk via github PR#305.
4201
4202    OpenBSD-Commit-ID: 7115ac351b129205f1f1ffa6bbfd62abd76be7c5
4203
4204commit 9d8c80f8a304babe61ca28f2e3fb5eb6dc9c39bf
4205Author: djm@openbsd.org <djm@openbsd.org>
4206Date:   Wed May 25 06:03:44 2022 +0000
4207
4208    upstream: revert previous; it was broken (spotted by Theo)
4209
4210    OpenBSD-Commit-ID: 457c79afaca2f89ec2606405c1059b98b30d8b0d
4211
4212commit 9e0d02ef7ce88b67643bfb1c2272c9f5f04cc680
4213Author: djm@openbsd.org <djm@openbsd.org>
4214Date:   Wed May 25 00:31:13 2022 +0000
4215
4216    upstream: make SSHBUF_DBG/SSHBUF_TELL (off by default and only enabled
4217
4218    via #define) dump to stderr rather than stdout
4219
4220    OpenBSD-Commit-ID: 10298513ee32db8390aecb0397d782d68cb14318
4221
4222commit 2487163630f28be28b7e2396b4bd6511b98f1d3e
4223Author: Tim Rice <tim@multitalents.net>
4224Date:   Tue May 24 10:21:25 2022 -0700
4225
4226    configure.ac: Add missing AC_DEFINE for caph_cache_tzdata test causing
4227    HAVE_CAPH_CACHE_TZDATA to be missing from config.h.in.
4228    Spotted by Bryan Drewery
4229
4230commit bedb93415b60db3dfd704a3d525e82adb14a2481
4231Author: djm@openbsd.org <djm@openbsd.org>
4232Date:   Sun May 15 23:48:07 2022 +0000
4233
4234    upstream: regress test for in-place transfers and clobbering larger
4235
4236    files with smaller ones; would have caught last regression in scp(1)
4237
4238    OpenBSD-Regress-ID: 19de4e88dd3a4f7e5c1618c9be3c32415bd93bc2
4239
4240commit b4f0d719c2548cb74da509fb65f384dada4ebd37
4241Author: anton@openbsd.org <anton@openbsd.org>
4242Date:   Fri Apr 22 05:08:43 2022 +0000
4243
4244    upstream: Only run agent-ptrace.sh if gdb is available as all
4245
4246    architectures do not ship with gdb.
4247
4248    OpenBSD-Regress-ID: ec53e928803e6b87f9ac142d38888ca79a45348d
4249
4250commit 9b73345f80255a7f3048026462f2c0c6a241eeac
4251Author: djm@openbsd.org <djm@openbsd.org>
4252Date:   Sun May 15 23:47:21 2022 +0000
4253
4254    upstream: fix in-place copies; r1.163 incorrectly skipped truncation in
4255
4256    all cases, not just at the start of a transfer. This could cause overwrites
4257    of larger files to leave junk at the end. Spotted by tb@
4258
4259    OpenBSD-Commit-ID: b189f19cd68119548c8e24e39c79f61e115bf92c
4260
4261commit 56a0697fe079ff3e1ba30a2d5c26b5e45f7b71f8
4262Author: djm@openbsd.org <djm@openbsd.org>
4263Date:   Fri May 13 06:31:50 2022 +0000
4264
4265    upstream: arrange for scp, when in sftp mode, to not ftruncate(3) files
4266
4267    early
4268
4269    previous behavious of unconditionally truncating the destination file
4270    would cause "scp ~/foo localhost:" and "scp localhost:foo ~/" to
4271    delete all the contents of their destination.
4272
4273    spotted by solene@ sthen@, also bz3431; ok dtucker@
4274
4275    OpenBSD-Commit-ID: ca39fdd39e0ec1466b9666f15cbcfddea6aaa179
4276
4277commit fbcef70c2832712f027bccea1aa9bc4b4103da93
4278Author: dtucker@openbsd.org <dtucker@openbsd.org>
4279Date:   Mon May 9 08:25:27 2022 +0000
4280
4281    upstream: Remove errant apostrophe. From haruyama at queen-ml org.
4282
4283    OpenBSD-Commit-ID: dc6b294567cb84b384ad6ced9ca469f2bbf0bd10
4284
4285commit 0086a286ea6bbd11ca9b664ac3bb12b27443d6eb
4286Author: djm@openbsd.org <djm@openbsd.org>
4287Date:   Mon May 9 03:09:53 2022 +0000
4288
4289    upstream: Allow existing -U (use agent) flag to work with "-Y sign"
4290
4291    operations, where it will be interpreted to require that the private keys is
4292    hosted in an agent; bz3429, suggested by Adam Szkoda; ok dtucker@
4293
4294    OpenBSD-Commit-ID: a7bc69873b99c32c42c7628ed9ea91565ba08c2f
4295
4296commit cb010744cc98f651b1029bb09efa986eb54e4ccf
4297Author: djm@openbsd.org <djm@openbsd.org>
4298Date:   Sun May 8 22:58:35 2022 +0000
4299
4300    upstream: improve error message when 'ssh-keygen -Y sign' is unable to
4301
4302    load a private key; bz3429, reported by Adam Szkoda ok dtucker@
4303
4304    OpenBSD-Commit-ID: bb57b285e67bea536ef81b1055467be2fc380e74
4305
4306commit aa61fc82c63d309a90c22ca74fb1da6c6f4372fd
4307Author: Tobias Heider <me@tobhe.de>
4308Date:   Mon May 9 02:00:01 2022 +0200
4309
4310    Remove duplicate bcrypt_pbkdf.o from Makefile
4311
4312    bcrypt_pbkdf.o is duplicated in the openbsd-compat Makefile's object
4313    file list.
4314
4315commit deb506d00da8d11fb04c1e7b9b1e1cc379c1705c
4316Author: djm@openbsd.org <djm@openbsd.org>
4317Date:   Sun May 8 22:32:36 2022 +0000
4318
4319    upstream: When performing operations that glob(3) a remote path, ensure
4320
4321    that the implicit working directory used to construct that path escapes
4322    glob(3) characters.
4323
4324    This prevents glob characters from being processed in places they
4325    shouldn't, e.g. "cd /tmp/a*/", "get *.txt" should have the get operation
4326    treat the path "/tmp/a*" literally and not attempt to expand it.
4327
4328    Reported by Lusia Kundel; ok markus@
4329
4330    OpenBSD-Commit-ID: 4f647f58482cbad3d58b1eab7f6a1691433deeef
4331
4332commit f38cf74f20b5da113cfa823afd5bfb5c6ba65f3d
4333Author: Darren Tucker <dtucker@dtucker.net>
4334Date:   Fri May 6 14:50:18 2022 +1000
4335
4336    Also retest OpenBSD upstream on .yml changes.
4337
4338commit f87a132800ba3710ab130d703448a31ef1128d77
4339Author: Darren Tucker <dtucker@dtucker.net>
4340Date:   Fri May 6 14:46:09 2022 +1000
4341
4342    Note that, for now, we need variadic macros.
4343
4344commit 217b518e0f7c52c4b909e935141a55344c61e644
4345Author: Darren Tucker <dtucker@dtucker.net>
4346Date:   Fri May 6 14:39:34 2022 +1000
4347
4348    Add ubsan minimal testcase on OpenBSD.
4349
4350    As suggested by djm@.
4351
4352commit 457dce2cfef6a48f5442591cd8b21c7e8cba13f8
4353Author: djm@openbsd.org <djm@openbsd.org>
4354Date:   Thu May 5 01:04:14 2022 +0000
4355
4356    upstream: sshkey_unshield_private() contains a exact duplicate of
4357
4358    the code in private2_check_padding(). Pull private2_check_padding() up so the
4359    code can be reused. From Martin Vahlensieck, ok deraadt@
4360
4361    OpenBSD-Commit-ID: 876884c3f0e62e8fd8d1594bab06900f971c9c85
4362
4363commit 0e44db4d9cb313e68a59a44d27884af66c02356e
4364Author: djm@openbsd.org <djm@openbsd.org>
4365Date:   Thu May 5 00:56:58 2022 +0000
4366
4367    upstream: channel_new no longer frees remote_name. So update the
4368
4369    comment accordingly.  As remote_name is not modified, it can be const as
4370    well. From Martin Vahlensieck
4371
4372    OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
4373
4374commit 37b62fd5caf19c85a48241535277cefff65adace
4375Author: djm@openbsd.org <djm@openbsd.org>
4376Date:   Thu May 5 00:55:11 2022 +0000
4377
4378    upstream: mux.c: mark argument as const; from Martin Vahlensieck
4379
4380    OpenBSD-Commit-ID: 69a1a93a55986c7c2ad9f733c093b46a47184341
4381
4382commit f4e67c0ad259b4cf10177277a5827fa5545bac53
4383Author: markus@openbsd.org <markus@openbsd.org>
4384Date:   Wed May 4 07:31:22 2022 +0000
4385
4386    upstream: make sure stdout is non-blocking; ok djm@
4387
4388    OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
4389
4390commit e5c036d2092c00bef395e9161dc5ce42d4be9565
4391Author: florian@openbsd.org <florian@openbsd.org>
4392Date:   Tue May 3 07:42:27 2022 +0000
4393
4394    upstream: Add FIDO AUTHENTICATOR section and explain a bit how FIDO
4395
4396    works. The wording came mostly from the 8.2 OpenSSH release notes, addapted
4397    to fit the man page. Then move the -O bits into the new section as is already
4398    done for CERTIFICATES and MODULI GENERATION. Finally we can explain the
4399    trade-offs of resident keys. While here, consistently refer to the FIDO
4400    thingies as "FIDO authenticators", not "FIDO tokens".
4401
4402    input & OK jmc, naddy
4403
4404    OpenBSD-Commit-ID: dd98748d7644df048f78dcf793b3b63db9ab1d25
4405
4406commit 575771bf79bef7127be6aaccddc46031ea15529e
4407Author: jmc@openbsd.org <jmc@openbsd.org>
4408Date:   Mon May 2 05:40:37 2022 +0000
4409
4410    upstream: remove an obsolete rsa1 format example from an example;
4411
4412    from megan batty
4413    ok djm
4414
4415    OpenBSD-Commit-ID: db2c89879c29bf083df996bd830abfb1e70d62bf
4416
4417commit 0bc6b4c8f04e292577bdb44d5dc6b630d3448087
4418Author: djm@openbsd.org <djm@openbsd.org>
4419Date:   Sun May 1 23:20:30 2022 +0000
4420
4421    upstream: fix some integer overflows in sieve_large() that show up when
4422
4423    trying to generate modp groups > 16k bits. Reported via GHPR#306 by Bertram
4424    Felgenhauer, but fixed in a different way. feedback/ok tb@
4425
4426    OpenBSD-Commit-ID: 81cbc6dd3a21c57bd6fadea10e44afe37bca558e
4427
4428commit a45615cb172bc827e21ec76750de39dfb30ecc05
4429Author: djm@openbsd.org <djm@openbsd.org>
4430Date:   Fri Apr 29 04:55:07 2022 +0000
4431
4432    upstream: be stricter in which characters will be accepted in
4433
4434    specifying a mask length; allow only 0-9. From khaleesicodes via GHPR#278; ok
4435    dtucker@
4436
4437    OpenBSD-Commit-ID: e267746c047ea86665cdeccef795a8a56082eeb2
4438
4439commit 4835544d2dd31de6ffc7dba59f92093aea98155b
4440Author: Darren Tucker <dtucker@dtucker.net>
4441Date:   Sat Apr 30 10:56:41 2022 +1000
4442
4443    Add Mac OS X 12 test target.
4444
4445commit 97a6a8b8c1f2da09712d0e72d0ef800e4edd34cd
4446Author: Darren Tucker <dtucker@dtucker.net>
4447Date:   Fri Apr 29 18:27:34 2022 +1000
4448
4449    Only run tests when source files change.
4450
4451    Also run tests on changes to V_9_0 branch.
4452
4453commit 6d0392b9ff4b50a56ac5685d1b9392e2cd432ca3
4454Author: Darren Tucker <dtucker@dtucker.net>
4455Date:   Fri Apr 29 18:22:34 2022 +1000
4456
4457    Remove now-empty int32_minmax.inc.
4458
4459commit af59463553b5ad52d3b42c4455ee3c5600158bb7
4460Author: djm@openbsd.org <djm@openbsd.org>
4461Date:   Fri Apr 29 03:24:30 2022 +0000
4462
4463    upstream: mention that the helpers are used by ssh(1), ssh-agent(1)
4464
4465    and ssh-keygen(1). Previously only ssh(1) was mentioned. From Pedro
4466    Martelletto
4467
4468    OpenBSD-Commit-ID: 30f880f989d4b329589c1c404315685960a5f153
4469
4470commit 3e26b3a6eebcee27be177207cc0846fb844b7a56
4471Author: dtucker@openbsd.org <dtucker@openbsd.org>
4472Date:   Fri Apr 29 03:16:48 2022 +0000
4473
4474    upstream: Don't leak SK device. Patch from Pedro Martelletto via
4475
4476    github PR#316. ok djm@
4477
4478    OpenBSD-Commit-ID: 17d11327545022e727d95fd08b213171c5a4585d
4479
4480commit 247082b5013f0d4fcae8f97453f2a2f01bcda811
4481Author: djm@openbsd.org <djm@openbsd.org>
4482Date:   Fri Apr 29 03:13:32 2022 +0000
4483
4484    upstream: fix memleak on session-bind path; from Pedro Martelletto, ok
4485
4486    dtucker@
4487
4488    OpenBSD-Commit-ID: e85899a26ba402b4c0717b531317e8fc258f0a7e
4489
4490commit e05522008092ceb86a87bdd4ad7878424315db89
4491Author: djm@openbsd.org <djm@openbsd.org>
4492Date:   Thu Apr 28 02:53:31 2022 +0000
4493
4494    upstream: avoid printing hash algorithm twice; from lucas AT sexy.is
4495
4496    OpenBSD-Commit-ID: 9d24671e10a84141b7c504396cabad600e47a941
4497
4498commit 0979e29356915261d69a9517a1e0aaade7c9fc75
4499Author: dtucker@openbsd.org <dtucker@openbsd.org>
4500Date:   Wed Apr 27 11:08:55 2022 +0000
4501
4502    upstream: Add authfd path to debug output. ok markus@
4503
4504    OpenBSD-Commit-ID: f735a17d1a6f2bee63bfc609d76ef8db8c090890
4505
4506commit 67b7c784769c74fd4d6b147d91e17e1ac1a8a96d
4507Author: dtucker@openbsd.org <dtucker@openbsd.org>
4508Date:   Tue Apr 26 07:41:44 2022 +0000
4509
4510    upstream: Check sshauthopt_new() for NULL. bz#3425, from
4511
4512    tessgauthier at microsoft.com.  ok djm@
4513
4514    OpenBSD-Commit-ID: af0315bc3e44aa406daa7e0ae7c2d719a974483f
4515
4516commit d571314d14b919fbd7c84a61f9bf2065fc0a6841
4517Author: millert@openbsd.org <millert@openbsd.org>
4518Date:   Wed Apr 20 16:00:25 2022 +0000
4519
4520    upstream: Remove unnecessary includes: openssl/hmac.h and
4521
4522    openssl/evp.h. From Martin Vahlensieck.
4523
4524    OpenBSD-Commit-ID: a6debb5fb0c8a44e43e8d5ca7cc70ad2f3ea31c3
4525
4526commit da8dddf8cc1f2516ff894b8183e83a7c5ba3ef80
4527Author: millert@openbsd.org <millert@openbsd.org>
4528Date:   Wed Apr 20 15:59:18 2022 +0000
4529
4530    upstream: Add missing includes of stdlib.h and stdint.h. We need
4531
4532    stdlib.h for malloc(3) and stdint.h for SIZE_MAX. Unlike the other xmss
4533    files, ssh-xmss.c does not include xmss_commons.h so ssh-xmss.c must include
4534    those headers itself. From Martin Vahlensieck
4535
4536    OpenBSD-Commit-ID: 70e28a9818cee3da1be2ef6503d4b396dd421e6b
4537
4538commit fe9d87a6800a7a33be08f4d5ab662a758055ced2
4539Author: millert@openbsd.org <millert@openbsd.org>
4540Date:   Wed Apr 20 15:56:49 2022 +0000
4541
4542    upstream: Avoid an unnecessary xstrdup in rm_env() when matching
4543
4544    patterns. Since match_pattern() doesn't modify its arguments (they are
4545    const), there is no need to make an extra copy of the strings in
4546    options->send_env. From Martin Vahlensieck
4547
4548    OpenBSD-Commit-ID: 2c9db31e3f4d3403b49642c64ee048b2a0a39351
4549
4550commit 7bf2eb958fbb551e7d61e75c176bb3200383285d
4551Author: Darren Tucker <dtucker@dtucker.net>
4552Date:   Tue Apr 26 23:30:59 2022 +1000
4553
4554    Add debian-riscv64 test target.
4555
4556commit 3913c935523902482974c4c503bcff20bd850a6a
4557Author: Darren Tucker <dtucker@dtucker.net>
4558Date:   Mon Apr 25 17:20:06 2022 +1000
4559
4560    Update OpenSSL and LibreSSL versions in tests.
4561
4562commit dcd8dca29bcdb193ff6be35b96fc55e6e30d37d9
4563Author: Darren Tucker <dtucker@dtucker.net>
4564Date:   Sat Apr 23 20:40:28 2022 +1000
4565
4566    Include stdlib.h for free() prototype.
4567
4568    ... which is used inside the CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG block.
4569
4570commit 4cc05de568e1c3edd7834ff3bd9d8214eb34861b
4571Author: Darren Tucker <dtucker@dtucker.net>
4572Date:   Sat Apr 23 20:17:26 2022 +1000
4573
4574    Cache timezone data in capsicum sandbox.
4575
4576    From emaste at freebsd.org, originally part of FreeBSD commit r339216
4577    / fc3c19a9 with autoconf bits added by me.
4578
4579commit c31404426d212e2964ff9e5e58e1d0fce3d83f27
4580Author: dtucker@openbsd.org <dtucker@openbsd.org>
4581Date:   Thu Apr 21 01:36:46 2022 +0000
4582
4583    upstream: It looks like we can't completely avoid
4584
4585    waiting for processes to exit so retrieve the pid via controlmaster and
4586    use that.
4587
4588    OpenBSD-Regress-ID: 8246f00f22b14e49d2ff1744c94897ead33d457b
4589
4590commit d19b21afab5c8e2f3df6bd8aee9766bdad3d8c58
4591Author: dtucker@openbsd.org <dtucker@openbsd.org>
4592Date:   Wed Apr 20 13:25:55 2022 +0000
4593
4594    upstream: Use ssh -f and ControlPersist ..
4595
4596    to start up test forwards and ssh -O stop to shut them down intead of
4597    sleep loops.  This speeds up the test by an order of magnitude.
4598
4599    OpenBSD-Regress-ID: eb3db5f805100919b092a3b2579c611fba3e83e7
4600
4601commit 5f76286a126721fa005de6edf3d1c7a265555f19
4602Author: dtucker@openbsd.org <dtucker@openbsd.org>
4603Date:   Wed Apr 20 05:24:13 2022 +0000
4604
4605    upstream: Simplify forward-control test.
4606
4607    Since we no longer need to support SSH1 we don't need to run shell
4608    commands on the other end of the connection and can use ssh -N instead.
4609    This also makes the test less racy.
4610
4611    OpenBSD-Regress-ID: 32e94ce272820cc398f30b848b2b0f080d10302c
4612
4613commit 687bbf23572d8bdf25cbbcdf8ac583514e1ba710
4614Author: djm@openbsd.org <djm@openbsd.org>
4615Date:   Thu Mar 31 03:07:33 2022 +0000
4616
4617    upstream: regression test for sftp cp command
4618
4619    OpenBSD-Regress-ID: c96bea9edde3a384b254785e7f9b2b24a81cdf82
4620
4621commit f1233f19a6a9fe58f52946f50df4772f5b136761
4622Author: dtucker@openbsd.org <dtucker@openbsd.org>
4623Date:   Wed Apr 20 01:13:47 2022 +0000
4624
4625    upstream: Import regenerated moduli
4626
4627    OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
4628
4629commit fec014785de198b9a325d1b94e324bb958c5fe7b
4630Author: djm@openbsd.org <djm@openbsd.org>
4631Date:   Wed Apr 20 04:19:11 2022 +0000
4632
4633    upstream: Try to continue running local I/O for channels in state
4634
4635    OPEN during SSH transport rekeying. The most visible benefit is that it
4636    should make ~-escapes work in the client (e.g. to exit) if the connection
4637    happened to have stalled during a rekey event. Based work by and ok dtucker@
4638
4639    OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
4640
4641commit e68154b0d4f0f5085a050ea896955da1b1be6e30
4642Author: dtucker@openbsd.org <dtucker@openbsd.org>
4643Date:   Wed Apr 20 01:13:47 2022 +0000
4644
4645    upstream: Import regenerated moduli
4646
4647    OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
4648
4649commit 69928b106d8f0fa15b88cf3850d992ed81c44ae0
4650Author: tj@openbsd.org <tj@openbsd.org>
4651Date:   Sat Apr 16 00:22:31 2022 +0000
4652
4653    upstream: list the correct version number
4654
4655    for when usage of the sftp protocol became default and fix a typo
4656    from ed maste
4657
4658    OpenBSD-Commit-ID: 24e1795ed2283fdeacf16413c2f07503bcdebb31
4659
4660commit 21042a05c0b304c16f655efeec97438249d2e2cc
4661Author: dtucker@openbsd.org <dtucker@openbsd.org>
4662Date:   Tue Apr 12 05:09:49 2022 +0000
4663
4664    upstream: Correct path for system known hosts file in description
4665
4666    of IgnoreUserKnownHosts.  Patch from Martin Vahlensieck via tech@
4667
4668    OpenBSD-Commit-ID: 9b7784f054fa5aa4d63cb36bd563889477127215
4669
4670commit 53f4aff60a7c1a08a23917bd47496f8901c471f5
4671Author: Darren Tucker <dtucker@dtucker.net>
4672Date:   Sat Apr 16 14:33:20 2022 +1000
4673
4674    Resync moduli.5 with upstream.
4675
4676    1.18: remove duplicate publication year; carsten dot kunze at arcor dot de
4677    1.19: ssh-keygen's -G/-T have been replaced with -M generate/screen.
4678
4679commit d2b888762b9844eb0d8eb59909cdf5af5159f810
4680Author: Darren Tucker <dtucker@dtucker.net>
4681Date:   Sat Apr 16 14:31:13 2022 +1000
4682
4683    Retire fbsd6 test VM.
4684
4685    It's long since out of support, relatively slow (it's i686) and the
4686    compiler has trouble with PIE.
4687
4688commit cd1f70009860a154b51230d367c55ea5f9a4504e
4689Author: djm@openbsd.org <djm@openbsd.org>
4690Date:   Mon Apr 11 22:52:08 2022 +0000
4691
4692    upstream: clear io_want/io_ready flags at start of poll() cycle;
4693
4694    avoids plausible spin during rekeying if channel io_want flags are reused
4695    across cycles. ok markus@ deraadt@
4696
4697    OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
4698
4699commit aa1920302778273f7f94c2091319aba199068ca0
4700Author: dtucker@openbsd.org <dtucker@openbsd.org>
4701Date:   Fri Apr 8 05:43:39 2022 +0000
4702
4703    upstream: Note that curve25519-sha256 was later published in
4704
4705    RFC8731.  ok djm@
4706
4707    OpenBSD-Commit-ID: 2ac2b5d642d4cf5918eaec8653cad9a4460b2743
4708
4709commit 4673fa8f2be983f2f88d5afd754adb1a2a39ec9e
4710Author: djm@openbsd.org <djm@openbsd.org>
4711Date:   Fri Apr 8 04:40:40 2022 +0000
4712
4713    upstream: two defensive changes from Tobias Stoeckmann via GHPR287
4714
4715    enforce stricter invarient for sshbuf_set_parent() - never allow
4716    a buffer to have a previously-set parent changed.
4717
4718    In sshbuf_reset(), if the reallocation fails, then zero the entire
4719    buffer and not the (potentially smaller) default initial alloc size.
4720
4721    OpenBSD-Commit-ID: 14583203aa5d50ad38d2e209ae10abaf8955e6a9
4722
4723commit 26eef015e2d2254375e13afaaf753b78932b1bf5
4724Author: Damien Miller <djm@mindrot.org>
4725Date:   Mon Apr 11 16:07:09 2022 +1000
4726
4727    Revert "update build-aux files to match autoconf-2.71"
4728
4729    This reverts commit 0a8ca39fac6ad19096b6c263436f8b2dd51606f2.
4730
4731    It turns out that the checked-in copies of these files are actually newer
4732    than autoconf-2.71's copies, so this was effectively a downgrade.
4733    Spotted by Bo Anderson via github
4734
4735commit 0a8ca39fac6ad19096b6c263436f8b2dd51606f2
4736Author: Damien Miller <djm@mindrot.org>
4737Date:   Fri Apr 8 14:48:58 2022 +1000
4738
4739    update build-aux files to match autoconf-2.71
4740
4741    i.e. config.guess, config.sub and install-sh
4742
4743commit 94eb6858efecc1b4f02d8a6bd35e149f55c814c8
4744Author: Damien Miller <djm@mindrot.org>
4745Date:   Wed Apr 6 10:47:48 2022 +1000
4746
4747    update version numbers for release
4748
4749commit 8e4a8eadf4fe74e65e6492f34250f8cf7d67e8da
4750Author: djm@openbsd.org <djm@openbsd.org>
4751Date:   Mon Apr 4 22:45:25 2022 +0000
4752
4753    upstream: openssh-9.0
4754
4755    OpenBSD-Commit-ID: 0dfb461188f4513ec024c1534da8c1ce14c20b64
4756
4757commit a9f23ea2e3227f406880c2634d066f6f50fa5eaa
4758Author: naddy@openbsd.org <naddy@openbsd.org>
4759Date:   Thu Mar 31 17:58:44 2022 +0000
4760
4761    upstream: ssh: document sntrup761x25519-sha512@openssh.com as
4762
4763    default KEX
4764
4765    OpenBSD-Commit-ID: 12545bfa10bcbf552d04d9d9520d0f4e98b0e171
4766
4767commit 9ec2713d122af79d66ebb9c1d6d9ae8621a8945f
4768Author: naddy@openbsd.org <naddy@openbsd.org>
4769Date:   Thu Mar 31 17:27:27 2022 +0000
4770
4771    upstream: man pages: add missing commas between subordinate and
4772
4773    main clauses
4774
4775    jmc@ dislikes a comma before "then" in a conditional, so leave those
4776    untouched.
4777
4778    ok jmc@
4779
4780    OpenBSD-Commit-ID: 9520801729bebcb3c9fe43ad7f9776ab4dd05ea3
4781
4782commit 3741df98ffaaff92b474ee70d8ef276b5882f85a
4783Author: Darren Tucker <dtucker@dtucker.net>
4784Date:   Mon Apr 4 23:52:11 2022 +1000
4785
4786    Disable security key on fbsd6 test host.
4787
4788commit 32c12236f27ae83bfe6d2983b67c9bc67a83a417
4789Author: Darren Tucker <dtucker@dtucker.net>
4790Date:   Mon Apr 4 15:16:51 2022 +1000
4791
4792    Specify TEST_SHELL=bash on AIX.
4793
4794    The system shells cause the agent-restrict test to fail due to some
4795    quoting so explicitly specify bash until we can get configure to
4796    autmatically work around that.
4797
4798commit 90452c8b69d065b7c7c285ff78b81418a75bcd76
4799Author: Darren Tucker <dtucker@dtucker.net>
4800Date:   Fri Apr 1 23:38:44 2022 +1100
4801
4802    Only return events from ppoll that were requested.
4803
4804    If the underlying system's select() returns bits that were not in the
4805    request set, our ppoll() implementation can return revents for events
4806    not requested, which can apparently cause a hang.  Only return revents
4807    for activity in the requested event set.  bz#3416, analysis and fix by
4808    yaroslav.kuzmin at vmssoftware com, ok djm@
4809
4810commit 6c49eb5fabc56f4865164ed818aa5112d09c31a8
4811Author: Darren Tucker <dtucker@dtucker.net>
4812Date:   Fri Apr 1 23:21:40 2022 +1100
4813
4814    Only run regression tests on slow VMs.
4815
4816commit f67e47903977b42cb6abcd5565a61bd7293e4dc3
4817Author: Darren Tucker <dtucker@dtucker.net>
4818Date:   Fri Apr 1 23:21:06 2022 +1100
4819
4820    Increase test timeout to allow slow VMs to finish
4821
4822commit 02488c1b54065ddc4f25835dbd2618b2a2fe21f5
4823Author: Darren Tucker <dtucker@dtucker.net>
4824Date:   Fri Apr 1 16:27:38 2022 +1100
4825
4826    Use bash or ksh if available for SH in Makefile.
4827
4828commit 34c7018c316af4773e432066de28d0ef9d0888cd
4829Author: Darren Tucker <dtucker@dtucker.net>
4830Date:   Fri Apr 1 14:56:54 2022 +1100
4831
4832    Set Makefile SHELL as determined by configure.
4833
4834    This should improve compatibility for users with non-POSIX shells.  If
4835    using Makefile.in directly (eg make -f Makefile.in distprep) then SHELL
4836    will need to be specified on the command line (along with MANFMT in that
4837    particular case).  ok djm@
4838
4839commit 5b054d76402faab38c48377efd112426469553a0
4840Author: Darren Tucker <dtucker@dtucker.net>
4841Date:   Fri Apr 1 13:16:47 2022 +1100
4842
4843    Skip slow tests on (very) slow test targets.
4844
4845commit b275818065b31a865142c48c2acf6a7c1655c542
4846Author: Damien Miller <djm@mindrot.org>
4847Date:   Thu Mar 31 14:11:36 2022 +1100
4848
4849    depend
4850
4851commit 3fa539c3ffaabd6211995512d33e29150f88c5c5
4852Author: djm@openbsd.org <djm@openbsd.org>
4853Date:   Thu Mar 31 03:07:03 2022 +0000
4854
4855    upstream: add a sftp client "cp" command that supports server-side
4856
4857    copying of files. Useful for this task and for testing the copy-data
4858    extension. Patch from Mike Frysinger; ok dtucker@
4859
4860    OpenBSD-Commit-ID: 1bb1b950af0d49f0d5425b1f267e197aa1b57444
4861
4862commit 7988bfc4b701c4b3fe9b36c8561a3d1c5d4c9a74
4863Author: djm@openbsd.org <djm@openbsd.org>
4864Date:   Thu Mar 31 03:05:49 2022 +0000
4865
4866    upstream: add support for the "corp-data" protocol extension to
4867
4868    allow server-side copies to be performed without having to go via the client.
4869    Patch by Mike Frysinger, ok dtucker@
4870
4871    OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5
4872
4873commit 32dc1c29a4ac9c592ddfef0a4895eb36c1f567ba
4874Author: djm@openbsd.org <djm@openbsd.org>
4875Date:   Wed Mar 30 21:13:23 2022 +0000
4876
4877    upstream: select post-quantum KEX
4878
4879    sntrup761x25519-sha512@openssh.com as the default; ok markus@
4880
4881    OpenBSD-Commit-ID: f02d99cbfce22dffec2e2ab1b60905fbddf48fb9
4882
4883commit d6556de1db0822c76ba2745cf5c097d9472adf7c
4884Author: djm@openbsd.org <djm@openbsd.org>
4885Date:   Wed Mar 30 21:10:25 2022 +0000
4886
4887    upstream: fix poll() spin when a channel's output fd closes without
4888
4889    data in the channel buffer. Introduce more exact packing of channel fds into
4890    the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@
4891
4892    OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
4893
4894commit 8a74a96d25ca4d32fbf298f6c0ac5a148501777d
4895Author: djm@openbsd.org <djm@openbsd.org>
4896Date:   Wed Mar 30 04:33:09 2022 +0000
4897
4898    upstream: ssh is almost out of getopt() characters; note the
4899
4900    remaining remaining available ones in a comment
4901
4902    OpenBSD-Commit-ID: 48d38cef59d6bc8e84c6c066f6d601875d3253fd
4903
4904commit 6d4fc51adb9d8a42f67b5474f02f877422379de6
4905Author: djm@openbsd.org <djm@openbsd.org>
4906Date:   Wed Mar 30 04:27:51 2022 +0000
4907
4908    upstream: avoid NULL deref via ssh-keygen -Y find-principals.
4909
4910    bz3409, reported by Mateusz Adamowski
4911
4912    OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5
4913
4914commit e937514920335b92b543fd9be79cd6481d1eb0b6
4915Author: Darren Tucker <dtucker@dtucker.net>
4916Date:   Mon Mar 28 17:51:03 2022 +1100
4917
4918    Add AIX 5.1 test target.
4919
4920commit 4bbe815ba974b4fd89cc3fc3e3ef1be847a0befe
4921Author: Darren Tucker <dtucker@dtucker.net>
4922Date:   Sat Mar 26 22:01:31 2022 +1100
4923
4924    Drop leading "v" from release version identifier.
4925
4926    It's present in the git tags but not in the release tarball names.
4927    Also drop extra "/" from URL path.
4928
4929commit f5cdd3b3c275dffaebfca91df782dca29975e9ac
4930Author: Darren Tucker <dtucker@dtucker.net>
4931Date:   Sat Mar 26 16:28:04 2022 +1100
4932
4933    Use tarballs when testing LibreSSL releases.
4934
4935    This means they'll still work when the combination of -portable and
4936    openbsd github repos no longer match.
4937
4938commit 24dc37d198f35a7cf71bf4d5384363c7ef4209d4
4939Author: Darren Tucker <dtucker@dtucker.net>
4940Date:   Sat Mar 26 15:02:45 2022 +1100
4941
4942    Remove now-unused passwd variable.
4943
4944commit 5b467ceef2c356f0a77f5e8ab4eb0fac367e4d24
4945Author: Darren Tucker <dtucker@dtucker.net>
4946Date:   Sat Mar 26 13:15:44 2022 +1100
4947
4948    Missing semicolon.
4949
4950commit 2923d026e55998133c0f6e5186dca2a3c0fa5ff5
4951Author: Darren Tucker <dtucker@dtucker.net>
4952Date:   Sat Mar 26 12:49:50 2022 +1100
4953
4954    Factor out platform-specific locked account check.
4955
4956    Also fixes an incorrect free on platforms with both libiaf and shadow
4957    passwords (probably only Unixware).  Prompted by github PR#284,
4958    originally from @c3h2_ctf and stoeckmann@.
4959
4960commit d23efe4b12886ffe416be10bc0a7da6ca8aa72d1
4961Author: Darren Tucker <dtucker@dtucker.net>
4962Date:   Sat Mar 26 08:13:46 2022 +1100
4963
4964    Add OpenWRT mips and mipsel test targets.
4965
4966commit 16ea8b85838dd7a4dbeba4e51ac4f43fd68b1e5b
4967Author: djm@openbsd.org <djm@openbsd.org>
4968Date:   Sun Mar 20 08:52:17 2022 +0000
4969
4970    upstream: don't leak argument list; bz3404, reported by Balu
4971
4972    Gajjala ok dtucker@
4973
4974    OpenBSD-Commit-ID: fddc32d74e5dd5cff1a49ddd6297b0867eae56a6
4975
4976commit a72bde294fe0518c9a44ba63864093a1ef2425e3
4977Author: djm@openbsd.org <djm@openbsd.org>
4978Date:   Sun Mar 20 08:51:21 2022 +0000
4979
4980    upstream: make addargs() and replacearg() a little more robust and
4981
4982    improve error reporting
4983
4984    make freeargs(NULL) a noop like the other free functions
4985
4986    ok dtucker as part of bz3403
4987
4988    OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d
4989
4990commit 731087d2619fa7f01e675b23f57af10d745e8af2
4991Author: djm@openbsd.org <djm@openbsd.org>
4992Date:   Fri Mar 18 04:04:11 2022 +0000
4993
4994    upstream: don't try to resolve ListenAddress directives in the sshd
4995
4996    re-exec path - we're never going to use the result and if the operation fails
4997    then it can prevent connections from being accepted. Reported by Aaron
4998    Poffenberger; with / ok dtucker@
4999
5000    OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
5001
5002commit 1c83c082128694ddd11ac05fdf31d70312ff1763
5003Author: djm@openbsd.org <djm@openbsd.org>
5004Date:   Fri Mar 18 02:50:21 2022 +0000
5005
5006    upstream: remove blank line
5007
5008    OpenBSD-Commit-ID: d5e0182965b2fbfb03ad5f256d1a1ce5706bcddf
5009
5010commit 807be68684da7a1fe969c399ddce2fafb7997dcb
5011Author: djm@openbsd.org <djm@openbsd.org>
5012Date:   Fri Mar 18 02:32:22 2022 +0000
5013
5014    upstream: helpful comment
5015
5016    OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7
5017
5018commit a0b5816f8f1f645acdf74f7bc11b34455ec30bac
5019Author: djm@openbsd.org <djm@openbsd.org>
5020Date:   Fri Mar 18 02:31:25 2022 +0000
5021
5022    upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV
5023
5024    will ensue. Patch from Mateusz Adamowski via GHPR#307
5025
5026    OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
5027
5028commit 5a252d54a63be30d5ba4be76210942d754a531c0
5029Author: djm@openbsd.org <djm@openbsd.org>
5030Date:   Tue Mar 15 05:27:37 2022 +0000
5031
5032    upstream: improve DEBUG_CHANNEL_POLL debugging message
5033
5034    OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
5035
5036commit ce324cf58ba2840e31afeb996935800780c8fa4b
5037Author: cheloha@openbsd.org <cheloha@openbsd.org>
5038Date:   Sun Mar 13 23:27:54 2022 +0000
5039
5040    upstream: ssh: xstrdup(): use memcpy(3)
5041
5042    Copying the given string into the buffer with strlcpy(3) confers no
5043    benefit in this context because we have already determined the
5044    string's length with strlen(3) in order to allocate that buffer.
5045
5046    Thread: https://marc.info/?l=openbsd-tech&m=164687525802691&w=2
5047
5048    ok dtucker@ millert@
5049
5050    OpenBSD-Commit-ID: f8bfc082e36e2d2dc4e1feece02fe274155ca11a
5051
5052commit 2893c5e764557f48f9d6a929e224ed49c59545db
5053Author: Darren Tucker <dtucker@dtucker.net>
5054Date:   Fri Mar 11 18:43:58 2022 +1100
5055
5056    Resync fmt_scaled. with OpenBSD.
5057
5058    Fixes underflow reported in bz#3401.
5059
5060commit 5ae31a0fdd27855af29f48ff027491629fff5979
5061Author: Darren Tucker <dtucker@dtucker.net>
5062Date:   Wed Mar 9 09:41:56 2022 +1100
5063
5064    Provide killpg implementation.
5065
5066    Based on github PR#301 for Tandem NonStop.
5067
5068commit c41c84b439f4cd74d4fe44298a4b4037ddd7d2ae
5069Author: Darren Tucker <dtucker@dtucker.net>
5070Date:   Wed Mar 9 09:29:30 2022 +1100
5071
5072    Check for missing ftruncate prototype.
5073
5074    From github PR#301 in conjunction with rsbeckerca.
5075
5076commit 8cf5275452a950869cb90eeac7d220b01f77b12e
5077Author: Darren Tucker <dtucker@dtucker.net>
5078Date:   Tue Mar 8 20:04:06 2022 +1100
5079
5080    Default to not using sandbox when cross compiling.
5081
5082    On most systems poll(2) does not work when the number of FDs is reduced
5083    with setrlimit, so assume it doesn't when cross compiling and we can't
5084    run the test.  bz#3398.
5085
5086commit 379b30120da53d7c84aa8299c26b18c51c2a0dac
5087Author: djm@openbsd.org <djm@openbsd.org>
5088Date:   Tue Mar 1 01:59:19 2022 +0000
5089
5090    upstream: pack pollfd array before server_accept_loop() ppoll()
5091
5092    call, and terminate sshd if ppoll() returns errno==EINVAL
5093
5094    avoids spin in ppoll when MaxStartups > RLIMIT_NOFILE, reported by
5095    Daniel Micay
5096
5097    feedback/ok deraadt
5098
5099    OpenBSD-Commit-ID: dbab1c24993ac977ec24d83283b8b7528f7c2c15
5100
5101commit eceafbe0bdbbd9bd2f3cf024ccb350666a9934dd
5102Author: naddy@openbsd.org <naddy@openbsd.org>
5103Date:   Sun Feb 27 01:33:59 2022 +0000
5104
5105    upstream: include rejected signature algorithm in error message and
5106
5107    not the (useless) key type; ok djm@
5108
5109    OpenBSD-Commit-ID: d0c0f552a4d9161203e07e95d58a76eb602a76ff
5110
5111commit f2f3269423618a83157e18902385e720f9776007
5112Author: dtucker@openbsd.org <dtucker@openbsd.org>
5113Date:   Fri Feb 25 09:46:24 2022 +0000
5114
5115    upstream: Remove the char * casts from arguments to do_lstat,
5116
5117    do_readdir and do_stat paths since the underlying functions now take a const
5118    char *. Patch from vapier at gentoo.org.
5119
5120    OpenBSD-Commit-ID: 9e4d964dbfb0ed683a2a2900711b88e7f1c0297b
5121
5122commit 4a66dac052c5ff5047161853f36904607649e4f9
5123Author: djm@openbsd.org <djm@openbsd.org>
5124Date:   Fri Feb 25 02:09:27 2022 +0000
5125
5126    upstream: save an unneccessary alloc/free, based on patch from
5127
5128    Martin Vahlensieck; ok dtucker@
5129
5130    OpenBSD-Commit-ID: 90ffbf1f837e509742f2c31a1fbf2c0fd376fd5f
5131
5132commit 6f117cb151efe138ac57bdd8e26165f350328f5f
5133Author: Darren Tucker <dtucker@dtucker.net>
5134Date:   Tue Mar 1 09:02:06 2022 +1100
5135
5136    Remove unused ivbits argument from chacha_keysetup
5137
5138commit 15974235dd528aeab0ec67fb92a0a1d733f62be2
5139Author: Darren Tucker <dtucker@dtucker.net>
5140Date:   Tue Mar 1 09:00:20 2022 +1100
5141
5142    Add OPENBSD ORIGINAL marker.
5143
5144commit f2ff669347d320532e7c1b63cdf5c62f46e73150
5145Author: Darren Tucker <dtucker@dtucker.net>
5146Date:   Mon Feb 28 22:21:36 2022 +1100
5147
5148    No unused param warnings for clang-12 and gcc-11.
5149
5150    These have too many false positives in -Werror tests on the github CI
5151    since we often provide empty stub functions for functionality not needed
5152    for particular configurations.
5153
5154commit 96558ecd87adac62efa9a2b5479f686ab86b0be1
5155Author: Darren Tucker <dtucker@dtucker.net>
5156Date:   Sat Feb 26 14:10:41 2022 +1100
5157
5158    Add debian-i386 test target.
5159
5160commit 284b6e5394652d519e31782e3b3cdfd7b21d1a81
5161Author: Darren Tucker <dtucker@dtucker.net>
5162Date:   Sat Feb 26 14:06:14 2022 +1100
5163
5164    Allow ppoll_time64 in seccomp sandbox.
5165
5166    Should fix sandbox violations on (some? at least i386 and armhf) 32bit
5167    Linux platforms.  Patch from chutzpahu at gentoo.org and cjwatson at
5168    debian.org via bz#3396.
5169
5170commit 0132056efabc5edb85c3c7105d2fb6dee41843c6
5171Author: Darren Tucker <dtucker@dtucker.net>
5172Date:   Fri Feb 25 19:47:48 2022 +1100
5173
5174    Improve handling of _getshort and _getlong.
5175
5176    If the system native ones are exactly as required then use them,
5177    otherwise use the local versions mapped to another name to prevent
5178    name collisions.
5179
5180commit 8e206e0dd6b9f757b07979e48f53ad5bf9b7b52b
5181Author: Darren Tucker <dtucker@dtucker.net>
5182Date:   Fri Feb 25 15:14:22 2022 +1100
5183
5184    Constify utimes in compat library to match specs.
5185
5186    Patch from vapier at chromium.org.
5187
5188commit 1b2920e3b63db2eddebeec7330ffe8b723055573
5189Author: Darren Tucker <dtucker@dtucker.net>
5190Date:   Fri Feb 25 13:50:56 2022 +1100
5191
5192    ANSIfy getshort and getlong.
5193
5194    These functions appear to have come from OpenBSD's lib/libc/net/res_comp.c
5195    which made this change in 2005.
5196
5197commit 54a86f4f6e1c43a2ca2be23ef799ab8910d4af70
5198Author: Darren Tucker <dtucker@dtucker.net>
5199Date:   Fri Feb 25 13:23:04 2022 +1100
5200
5201    Use PICFLAG instead of hard coding -fPIC.
5202
5203commit 3016ba47035ac3561aabd48e2be70167fe157d6a
5204Author: Darren Tucker <dtucker@dtucker.net>
5205Date:   Fri Feb 25 11:37:11 2022 +1100
5206
5207    Add tests for latest releases of {Libre,Open}SSL.
5208
5209commit f107467179428a0e3ea9e4aa9738ac12ff02822d
5210Author: Colin Watson <cjwatson@debian.org>
5211Date:   Thu Feb 24 16:04:18 2022 +0000
5212
5213    Improve detection of -fzero-call-used-regs=all support
5214
5215    GCC doesn't tell us whether this option is supported unless it runs into
5216    the situation where it would need to emit corresponding code.
5217
5218commit 3383b2cac0e9275bc93c4b4760e6e048f537e1d6
5219Author: djm@openbsd.org <djm@openbsd.org>
5220Date:   Wed Feb 23 21:21:49 2022 +0000
5221
5222    upstream: free(3) wants stdlib.h
5223
5224    OpenBSD-Commit-ID: 227a8c70a95b4428c49e46863c9ef4bd318a3b8a
5225
5226commit a4537e79ab4ac6db4493c5158744b9ebde5efcb0
5227Author: djm@openbsd.org <djm@openbsd.org>
5228Date:   Wed Feb 23 21:21:16 2022 +0000
5229
5230    upstream: put back the scp manpage changes for SFTP mode too
5231
5232    OpenBSD-Commit-ID: 05dc53921f927e1b5e5694e1f3aa314549f2e768
5233
5234commit 449bcb8403adfb9724805d02a51aea76046de185
5235Author: deraadt@openbsd.org <deraadt@openbsd.org>
5236Date:   Wed Feb 23 19:01:00 2022 +0000
5237
5238    upstream: and we go back to testing sftp-scp after the 8.9
5239
5240    release...
5241
5242    OpenBSD-Commit-ID: a80440168258adca543a4607b871327a279c569c
5243
5244commit 166456cedad3962b83b848b1e9caf80794831f0f
5245Author: Damien Miller <djm@mindrot.org>
5246Date:   Wed Feb 23 22:31:11 2022 +1100
5247
5248    makedepend
5249
5250commit 32ebaa0dbca5d0bb86e384e72bebc153f48413e4
5251Author: djm@openbsd.org <djm@openbsd.org>
5252Date:   Wed Feb 23 11:18:13 2022 +0000
5253
5254    upstream: avoid integer overflow of auth attempts (harmless, caught
5255
5256    by monitor)
5257
5258    OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
5259
5260commit 6e0258c64c901753df695e06498b26f9f4812ea6
5261Author: djm@openbsd.org <djm@openbsd.org>
5262Date:   Wed Feb 23 11:17:10 2022 +0000
5263
5264    upstream: randomise the password used in fakepw
5265
5266    OpenBSD-Commit-ID: 34e159f73b1fbf0a924a9c042d8d61edde293947
5267
5268commit bf114d6f0a9df0b8369823d9a0daa6c72b0c4cc9
5269Author: djm@openbsd.org <djm@openbsd.org>
5270Date:   Wed Feb 23 11:15:57 2022 +0000
5271
5272    upstream: use asprintf to construct .rhosts paths
5273
5274    OpenBSD-Commit-ID: 8286e8d3d2c6ff916ff13d041d1713073f738a8b
5275
5276commit c07e154fbdc7285e9ec54e78d8a31f7325d43537
5277Author: djm@openbsd.org <djm@openbsd.org>
5278Date:   Wed Feb 23 11:07:09 2022 +0000
5279
5280    upstream: openssh-8.9
5281
5282    OpenBSD-Commit-ID: 5c5f791c87c483cdab6d9266b43acdd9ca7bde0e
5283
5284commit bc16667b4a1c3cad7029304853c143a32ae04bd4
5285Author: Darren Tucker <dtucker@dtucker.net>
5286Date:   Tue Feb 22 15:29:22 2022 +1100
5287
5288    Extend select+rlimit sanbox test to include poll.
5289
5290    POSIX specifies that poll() shall fail if "nfds argument is greater
5291    than {OPEN_MAX}".  The setrlimit sandbox sets this to effectively zero
5292    so this causes poll() to fail in the preauth privsep process.
5293
5294    This is likely the underlying cause for the previously observed similar
5295    behaviour of select() on plaforms where it is implement in userspace on
5296    top of poll().
5297
5298commit 6520c488de95366be031d49287ed243620399e23
5299Author: Darren Tucker <dtucker@dtucker.net>
5300Date:   Tue Feb 22 13:08:59 2022 +1100
5301
5302    Add Alpine Linux test VM.
5303
5304commit a4b325a3fc82d11e0f5d61f62e7fde29415f7afb
5305Author: Darren Tucker <dtucker@dtucker.net>
5306Date:   Tue Feb 22 12:27:07 2022 +1100
5307
5308    Include sys/param.h if present.
5309
5310    Needed for howmany() on MUSL systems such as Alpine.
5311
5312commit 5a102e9cb287a43bd7dfe594b775a89a8e94697c
5313Author: Darren Tucker <dtucker@dtucker.net>
5314Date:   Tue Feb 22 12:25:52 2022 +1100
5315
5316    Only include sys/poll.h if we don't have poll.h.
5317
5318    Prevents warnings on MUSL based systems such as Alpine.
5319
5320commit 7c0d4ce911d5c58b6166b2db754a4e91f352adf5
5321Author: Damien Miller <djm@mindrot.org>
5322Date:   Tue Feb 22 11:14:51 2022 +1100
5323
5324    disable agent-restrict test on minix3
5325
5326    Minix seems to have a platform-wide limit on the number of
5327    select(2) syscalls that can be concurrently issued. This test
5328    seems to exceed this limit.
5329
5330    Refer to:
5331
5332    https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L114
5333    https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L30-L31
5334
5335commit 81d33d8e3cf7ea5ce3a5653c6102b623e019428a
5336Author: Darren Tucker <dtucker@dtucker.net>
5337Date:   Mon Feb 21 21:27:20 2022 +1100
5338
5339    Skip agent-getpeereid when running as root.
5340
5341commit fbd772570a25436a33924d91c164d2b24021f010
5342Author: dtucker@openbsd.org <dtucker@openbsd.org>
5343Date:   Sun Feb 20 03:47:26 2022 +0000
5344
5345    upstream: Aproximate realpath on the expected output by deduping
5346
5347    leading slashes. Fixes test failure when user's home dir is / which is
5348    possible in some portable configurations.
5349
5350    OpenBSD-Regress-ID: 53b8c53734f8893806961475c7106397f98d9f63
5351
5352commit 336685d223a59f893faeedf0a562e053fd84058e
5353Author: Darren Tucker <dtucker@dtucker.net>
5354Date:   Sun Feb 20 13:30:52 2022 +1100
5355
5356    Really move DSA to end of list.
5357
5358    In commit ad16a84e syncing from OpenBSD, RSA was accidentally moved to
5359    the end of the list instead of DSA.  Spotted by andrew at fyfe.gb.net.
5360
5361commit 63bf4f49ed2fdf2da6f97136c9df0c8168546eb3
5362Author: Darren Tucker <dtucker@dtucker.net>
5363Date:   Fri Feb 18 12:12:21 2022 +1100
5364
5365    Add test configs for MUSL C library.
5366
5367commit f7fc6a43f1173e8b2c38770bf6cee485a562d03b
5368Author: Damien Miller <djm@mindrot.org>
5369Date:   Thu Feb 17 22:54:19 2022 +1100
5370
5371    minix needs BROKEN_POLL too; chokes on /dev/null
5372
5373commit 667fec5d4fe4406745750a32f69b5d2e1a75e94b
5374Author: djm@openbsd.org <djm@openbsd.org>
5375Date:   Thu Feb 17 10:58:27 2022 +0000
5376
5377    upstream: check for EINTR/EAGAIN failures in the rfd fast-path; caught
5378
5379    by dtucker's minix3 vm :) ok dtucker@
5380
5381    OpenBSD-Commit-ID: 2e2c895a3e82ef347aa6694394a76a438be91361
5382
5383commit 41417dbda9fb55a0af49a8236e3ef9d50d862644
5384Author: Darren Tucker <dtucker@dtucker.net>
5385Date:   Thu Feb 17 22:05:29 2022 +1100
5386
5387    Comment hurd test, the VM is currently broken.
5388
5389commit b2aee35a1f0dc798339b3fcf96136da71b7e3f6d
5390Author: Damien Miller <djm@mindrot.org>
5391Date:   Thu Feb 17 21:15:16 2022 +1100
5392
5393    find sk-dummy.so when build_dir != src_dir
5394
5395    spotted by Corinna Vinschen; feedback & ok dtucker@
5396
5397commit 62a2d4e50b2e89f2ef04576931895d5139a5d037
5398Author: Damien Miller <djm@mindrot.org>
5399Date:   Wed Feb 16 16:26:17 2022 +1100
5400
5401    update versions in preparation for 8.9 release
5402
5403commit dd6d3dded721ac653ea73c017325e5bfeeec837f
5404Author: djm@openbsd.org <djm@openbsd.org>
5405Date:   Tue Feb 15 05:13:36 2022 +0000
5406
5407    upstream: document the unbound/host-bound options to
5408
5409    PubkeyAuthentication; spotted by HARUYAMA Seigo
5410
5411    OpenBSD-Commit-ID: 298f681b66a9ecd498f0700082c7a6c46e948981
5412
5413commit df93529dd727fdf2fb290700cd4f1adb0c3c084b
5414Author: Darren Tucker <dtucker@dtucker.net>
5415Date:   Mon Feb 14 14:19:40 2022 +1100
5416
5417    Test if sshd accidentally acquires controlling tty
5418
5419    When SSHD_ACQUIRES_CTTY is defined, test for the problematic behaviour
5420    in the STREAMS code before activating the workaround.  ok djm@
5421
5422commit 766176cfdbfd7ec38bb6118dde6e4daa0df34888
5423Author: Darren Tucker <dtucker@dtucker.net>
5424Date:   Sat Feb 12 10:24:56 2022 +1100
5425
5426    Add cygwin-release test config.
5427
5428    This tests the flags used to build the cygwin release binaries.
5429
5430commit b30698662b862f5397116d23688aac0764e0886e
5431Author: Darren Tucker <dtucker@dtucker.net>
5432Date:   Fri Feb 11 21:00:35 2022 +1100
5433
5434    Move SSHD_ACQUIRES_CTTY workaround into compat.
5435
5436    On some (most? all?) SysV based systems with STREAMS based ptys,
5437    sshd could acquire a controlling terminal during pty setup when
5438    it pushed the "ptem" module, due to what is probably a bug in
5439    the STREAMS driver that's old enough to vote.  Because it was the
5440    privileged sshd's controlling terminal, it was not available for
5441    the user's session, which ended up without one.  This is known to
5442    affect at least Solaris <=10, derivatives such as OpenIndiana and
5443    several other SysV systems.  See bz#245 for the backstory.
5444
5445    In the we past worked around that by not calling setsid in the
5446    privileged sshd child, which meant it was not a session or process
5447    group leader.  This solved controlling terminal problem because sshd
5448    was not eligble to acquire one, but had other side effects such as
5449    not cleaning up helper subprocesses in the SIGALRM handler since it
5450    was not PG leader.  Recent cleanups in the signal handler uncovered
5451    this, resulting in the LoginGraceTime timer not cleaning up privsep
5452    unprivileged processes.
5453
5454    This change moves the workaround into the STREAMS pty allocation code,
5455    by allocating a sacrificial pty to act as sshd's controlling terminal
5456    before allocating user ptys, so those are still available for users'
5457    sessions.
5458
5459    On the down side:
5460     - this will waste a pty per ssh connection on affected platforms.
5461
5462    On the up side:
5463     - it makes the process group behaviour consistent between platforms.
5464
5465     - it puts the workaround nearest the code that actually causes the
5466       problem and competely out of the mainline code.
5467
5468     - the workaround is only activated if you use the STREAMS code.  If,
5469       say, Solaris 11 has the bug but also a working openpty() it doesn't
5470       matter that we defined SSHD_ACQUIRES_CTTY.
5471
5472     - the workaround is only activated when the fist pty is allocated,
5473       ie in the post-auth privsep monitor.  This means there's no risk
5474       of fd leaks to the unprivileged processes, and there's no effect on
5475       sessions that do not allocate a pty.
5476
5477    Based on analysis and work by djm@, ok djm@
5478
5479commit cd00b48cf10f3565936a418c1e6d7e48b5c36140
5480Author: Darren Tucker <dtucker@dtucker.net>
5481Date:   Fri Feb 11 20:09:32 2022 +1100
5482
5483    Simplify handling of --with-ssl-dir.
5484
5485    ok djm@
5486
5487commit ea13fc830fc0e0dce2459f1fab2ec5099f73bdf0
5488Author: Darren Tucker <dtucker@dtucker.net>
5489Date:   Fri Feb 11 13:39:29 2022 +1100
5490
5491    Stop testing OpenBSD HEAD on 6.9 and 7.0.
5492
5493    HEAD is not guaranteed to work on previous stable branches, and at the
5494    moment is broken due to libfido API changes.
5495
5496commit 50b9e4a4514697ffb9592200e722de6b427cb9ff
5497Author: dtucker@openbsd.org <dtucker@openbsd.org>
5498Date:   Fri Feb 11 00:43:56 2022 +0000
5499
5500    upstream: Always initialize delim before passing to hpdelim2 which
5501
5502    might not set it. Found by the Valgrind tests on github, ok deraadt@
5503
5504    OpenBSD-Commit-ID: c830c0db185ca43beff3f41c19943c724b4f636d
5505
5506commit 6ee53064f476cf163acd5521da45b11b7c57321b
5507Author: Darren Tucker <dtucker@dtucker.net>
5508Date:   Fri Feb 11 10:03:06 2022 +1100
5509
5510    Fix helper include path and remove excess code.
5511
5512    Looks like test_hpdelim.c was imported twice into the same file.
5513    Spotted by kevin.brott at gmail com and chris at cataclysmal org.
5514
5515commit 9fa63a19f68bc87452d3cf5c577cafad2921b7a4
5516Author: Darren Tucker <dtucker@dtucker.net>
5517Date:   Thu Feb 10 23:27:02 2022 +1100
5518
5519    Put poll.h inside ifdef.
5520
5521commit 3ac00dfeb54b252c15dcbf1971582e9e3b946de6
5522Author: Darren Tucker <dtucker@dtucker.net>
5523Date:   Thu Feb 10 22:17:31 2022 +1100
5524
5525    We now support POLLPRI so actually define it.
5526
5527commit 25bd659cc72268f2858c5415740c442ee950049f
5528Author: dtucker@openbsd.org <dtucker@openbsd.org>
5529Date:   Sun Feb 6 22:58:33 2022 +0000
5530
5531    upstream: Add test for empty hostname with port.
5532
5533    OpenBSD-Regress-ID: e19e89d3c432b68997667efea44cf015bbe2a7e3
5534
5535commit a29af853cff41c0635f0378c00fe91bf9c91dea4
5536Author: dtucker@openbsd.org <dtucker@openbsd.org>
5537Date:   Fri Feb 4 07:53:44 2022 +0000
5538
5539    upstream: Add unit tests for hpdelim.
5540
5541    OpenBSD-Regress-ID: be97b85c19895e6a1ce13c639765a3b48fd95018
5542
5543commit 9699151b039ecc5fad9ac6c6c02e9afdbd26f15f
5544Author: djm@openbsd.org <djm@openbsd.org>
5545Date:   Thu Feb 10 04:12:38 2022 +0000
5546
5547    upstream: revert for imminent OpenSSH release, which wil ship with
5548
5549    scp in RCP mode.
5550
5551    > revision 1.106
5552    > date: 2021/10/15 14:46:46;  author: deraadt;  state: Exp;  lines: +13 -9;  commitid: w5n9B2RE38tFfggl;
5553    > openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
5554    > protocol for copying.  Let's get back to testing the SFTP protocol.
5555
5556    This will be put back once the OpenSSH release is done.
5557
5558    OpenBSD-Commit-ID: 0c725481a78210aceecff1537322c0b2df03e768
5559
5560commit 45279abceb37c3cbfac8ba36dde8b2c8cdd63d32
5561Author: dtucker@openbsd.org <dtucker@openbsd.org>
5562Date:   Tue Feb 8 08:59:12 2022 +0000
5563
5564    upstream: Switch hpdelim interface to accept only ":" as delimiter.
5565
5566    Historicallly, hpdelim accepted ":" or "/" as a port delimiter between
5567    hosts (or addresses) and ports.  These days most of the uses for "/"
5568    are no longer accepted, so there are several places where it checks the
5569    delimiter to disallow it.  Make hpdelim accept only ":" and use hpdelim2
5570    in the other cases.  ok djm@
5571
5572    OpenBSD-Commit-ID: 7e6420bd1be87590b6840973f5ad5305804e3102
5573
5574commit a1bcbf04a7c2d81944141db7ecd0ba292d175a66
5575Author: pedro martelletto <pedro@yubico.com>
5576Date:   Mon Feb 7 09:09:59 2022 +0100
5577
5578    fix typos in previous
5579
5580commit 56192518e329b39f063487bc2dc4d796f791eca0
5581Author: Damien Miller <djm@mindrot.org>
5582Date:   Mon Feb 7 12:53:47 2022 +1100
5583
5584    compat code for fido_assert_set_clientdata()
5585
5586commit d6b5aa08fdcf9b527f8b8f932432941d5b76b7ab
5587Author: djm@openbsd.org <djm@openbsd.org>
5588Date:   Mon Feb 7 01:25:12 2022 +0000
5589
5590    upstream: use libfido2 1.8.0+ fido_assert_set_clientdata() instead
5591
5592    of manually hashing data outselves. Saves a fair bit of code and makes life
5593    easier for some -portable platforms.
5594
5595    OpenBSD-Commit-ID: 351dfaaa5ab1ee928c0e623041fca28078cff0e0
5596
5597commit 86cc93fd3c26b2e0c7663c6394995fb04ebfbf3b
5598Author: jsg@openbsd.org <jsg@openbsd.org>
5599Date:   Sun Feb 6 00:29:03 2022 +0000
5600
5601    upstream: remove please from manual pages ok jmc@ sthen@ millert@
5602
5603    OpenBSD-Commit-ID: 6543acb00f4f38a23472538e1685c013ca1a99aa
5604
5605commit ad16a84e64a8cf1c69c63de3fb9008320a37009c
5606Author: dtucker@openbsd.org <dtucker@openbsd.org>
5607Date:   Fri Feb 4 02:49:17 2022 +0000
5608
5609    upstream: Since they are deprecated, move DSA to the end of the
5610
5611    default list of public keys so that they will be tried last.  From github
5612    PR#295 from "ProBackup-nl", ok djm@
5613
5614    OpenBSD-Commit-ID: 7e5d575cf4971d4e2de92e0b6d6efaba53598bf0
5615
5616commit 253de42753de85dde266e061b6fec12ca6589f7d
5617Author: Damien Miller <djm@mindrot.org>
5618Date:   Wed Feb 2 16:52:07 2022 +1100
5619
5620    portable-specific string array constification
5621
5622    from Mike Frysinger
5623
5624commit dfdcc2220cf359c492d5d34eb723370e8bd8a19e
5625Author: djm@openbsd.org <djm@openbsd.org>
5626Date:   Tue Feb 1 23:37:15 2022 +0000
5627
5628    upstream: test 'ssh-keygen -Y find-principals' with wildcard
5629
5630    principals; from Fabian Stelzer
5631
5632    OpenBSD-Regress-ID: fbe4da5f0032e7ab496527a5bf0010fd700f8f40
5633
5634commit 968e508967ef42480cebad8cf3172465883baa77
5635Author: dtucker@openbsd.org <dtucker@openbsd.org>
5636Date:   Fri Jan 21 02:54:41 2022 +0000
5637
5638    upstream: Enable all supported ciphers and macs in the server
5639
5640    before trying to benchmark them.  Increase the data file size to get more
5641    signal.
5642
5643    OpenBSD-Regress-ID: dc3697d9f7defdfc51c608782c8e750128e46eb6
5644
5645commit 15b7199a1fd37eff4c695e09d573f3db9f4274b7
5646Author: djm@openbsd.org <djm@openbsd.org>
5647Date:   Tue Feb 1 23:34:47 2022 +0000
5648
5649    upstream: allow 'ssh-keygen -Y find-principals' to match wildcard
5650
5651    principals in allowed_signers files; from Fabian Stelzer
5652
5653    OpenBSD-Commit-ID: 1e970b9c025b80717dddff5018fe5e6f470c5098
5654
5655commit 541667fe6dc26d7881e55f0bb3a4baa6f3171645
5656Author: djm@openbsd.org <djm@openbsd.org>
5657Date:   Tue Feb 1 23:32:51 2022 +0000
5658
5659    upstream: mark const string array contents const too, i.e. static
5660
5661    const char *array => static const char * const array from Mike Frysinger
5662
5663    OpenBSD-Commit-ID: a664e31ea6a795d7c81153274a5f47b22bdc9bc1
5664
5665commit 8cfa73f8a2bde4c98773f33f974c650bdb40dd3c
5666Author: djm@openbsd.org <djm@openbsd.org>
5667Date:   Tue Feb 1 23:11:11 2022 +0000
5668
5669    upstream: better match legacy scp behaviour: show un-expanded paths
5670
5671    in error messages. Spotted by and ok tb@
5672
5673    OpenBSD-Commit-ID: 866c8ffac5bd7d38ecbfc3357c8adfa58af637b7
5674
5675commit 4e62c13ab419b4b224c8bc6a761e91fcf048012d
5676Author: dtucker@openbsd.org <dtucker@openbsd.org>
5677Date:   Tue Feb 1 07:57:32 2022 +0000
5678
5679    upstream: Remove explicit kill of privsep preauth child's PID in
5680
5681    SIGALRM handler. It's no longer needed since the child will get terminated by
5682    the SIGTERM to the process group that cleans up any auth helpers, it
5683    simplifies the signal handler and removes the risk of a race when updating
5684    the PID. Based on analysis by HerrSpace in github PR#289, ok djm@
5685
5686    OpenBSD-Commit-ID: 2be1ffa28b4051ad9e33bb4371e2ec8a31d6d663
5687
5688commit 2a7ccd2ec4022917b745af7186f514f365b7ebe9
5689Author: guenther@openbsd.org <guenther@openbsd.org>
5690Date:   Fri Jan 28 06:18:42 2022 +0000
5691
5692    upstream: When it's the possessive of 'it', it's spelled "its",
5693
5694    without the apostrophe.
5695
5696    OpenBSD-Commit-ID: fb6ab9c65bd31de831da1eb4631ddac018c5fae7
5697
5698commit 8a0848cdd3b25c049332cd56034186b7853ae754
5699Author: Alex James <theracermaster@gmail.com>
5700Date:   Sun Jan 30 16:13:36 2022 -0600
5701
5702    sandbox-seccomp-filter: allow gettid
5703
5704    Some allocators (such as Scudo) use gettid while tracing allocations [1].
5705    Allow gettid in preauth to prevent sshd from crashing with Scudo.
5706
5707    [1]: https://github.com/llvm/llvm-project/blob/llvmorg-13.0.0/compiler-rt/lib/gwp_asan/common.cpp#L46
5708
5709commit b30d32159dc3c7052f4bfdf36357996c905af739
5710Author: djm@openbsd.org <djm@openbsd.org>
5711Date:   Sat Jan 22 00:49:34 2022 +0000
5712
5713    upstream: add a ssh_packet_process_read() function that reads from
5714
5715    a fd directly into the transport input buffer.
5716
5717    Use this in the client and server mainloops to avoid unnecessary
5718    copying. It also lets us use a more greedy read size without penalty.
5719
5720    Yields a 2-3% performance gain on cipher-speed.sh (in a fairly
5721    unscientific test tbf)
5722
5723    feedback dtucker@ ok markus@
5724
5725    OpenBSD-Commit-ID: df4112125bf79d8e38e79a77113e1b373078e632
5726
5727commit a1a8efeaaa9cccb15cdc0a2bd7c347a149a3a7e3
5728Author: djm@openbsd.org <djm@openbsd.org>
5729Date:   Sat Jan 22 00:45:31 2022 +0000
5730
5731    upstream: Use sshbuf_read() to read directly into the channel input
5732
5733    buffer rather than into a stack buffer that needs to be copied again;
5734    Improves performance by about 1% on cipher-speed.sh feedback dtucker@ ok
5735    markus@
5736
5737    OpenBSD-Commit-ID: bf5e6e3c821ac3546dc8241d8a94e70d47716572
5738
5739commit 29a76994e21623a1f84d68ebb9dc5a3c909fa3a7
5740Author: Damien Miller <djm@mindrot.org>
5741Date:   Tue Jan 25 11:52:34 2022 +1100
5742
5743    depend
5744
5745commit 754e0d5c7712296a7a3a83ace863812604c7bc4f
5746Author: djm@openbsd.org <djm@openbsd.org>
5747Date:   Sat Jan 22 00:43:43 2022 +0000
5748
5749    upstream: Add a sshbuf_read() that attempts to read(2) directly in
5750
5751    to a sshbuf; ok markus@
5752
5753    OpenBSD-Commit-ID: 2d8f249040a4279f3bc23c018947384de8d4a45b
5754
5755commit c7964fb9829d9ae2ece8b51a76e4a02e8449338d
5756Author: djm@openbsd.org <djm@openbsd.org>
5757Date:   Fri Jan 21 07:04:19 2022 +0000
5758
5759    upstream: add a helper for writing an error message to the
5760
5761    stderr_buf and setting quit_pending; no functional change but saves a bunch
5762    of boilerplate
5763
5764    OpenBSD-Commit-ID: 0747657cad6b9eabd514a6732adad537568e232d
5765
5766commit d23b4f7fdb1bd87e2cd7a9ae7c198ae99d347916
5767Author: djm@openbsd.org <djm@openbsd.org>
5768Date:   Fri Jan 21 06:58:06 2022 +0000
5769
5770    upstream: correct comment and use local variable instead of long
5771
5772    indirection; spotted by dtucker@
5773
5774    OpenBSD-Commit-ID: 5f65f5f69db2b7d80a0a81b08f390a63f8845965
5775
5776commit d069b020a02b6e3935080204ee44d233e8158ebb
5777Author: deraadt@openbsd.org <deraadt@openbsd.org>
5778Date:   Fri Jan 21 00:53:40 2022 +0000
5779
5780    upstream: When poll(2) returns -1, for some error conditions
5781
5782    pfd[].revents is not cleared.  There are subtle errors in various programs.
5783    In this particular case, the program should error out. ok djm millert
5784
5785    OpenBSD-Commit-ID: 00f839b16861f7fb2adcf122e95e8a82fa6a375c
5786
5787commit e204b34337a965feb439826157c191919fd9ecf8
5788Author: Damien Miller <djm@mindrot.org>
5789Date:   Sat Jan 22 11:38:21 2022 +1100
5790
5791    restore tty force-read hack
5792
5793    This portable-specific hack fixes a hang on exit for ttyful sessions
5794    on Linux and some SysVish Unix variants. It was accidentally disabled
5795    in commit 5c79952dfe1a (a precursor to the mainloop poll(2) conversion).
5796
5797    Spotted by John in bz3383
5798
5799commit 68085066b6bad43643b43f5957fcc5fd34782ccd
5800Author: Corinna Vinschen <vinschen@redhat.com>
5801Date:   Fri Jan 21 03:22:56 2022 +1100
5802
5803    Fix signedness bug in Cygwin code
5804
5805    The Cygwin-specific pattern match code has a bug.  It checks
5806    the size_t value returned by mbstowcs for being < 0.  The right
5807    thing to do is to check against (size_t) -1.  Fix that.
5808
5809    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
5810
5811commit 2e5cfed513e84444483baf1d8b31c40072b05103
5812Author: Darren Tucker <dtucker@dtucker.net>
5813Date:   Thu Jan 20 13:26:27 2022 +1100
5814
5815    Improve compatibility of early exit trap handling.
5816
5817    Dash (as used by the github runners) has some differences in its trap
5818    builtin:
5819     - it doesn't have -p (which is fine, that's not in posix).
5820     - it doesn't work in a subshell (which turns out to be in compliance
5821       with posix, which means bash isn't).
5822     - it doesn't work in a pipeline, ie "trap|cat" produces no output.
5823
5824commit 3fe6800b6027add478e648934cbb29d684e51943
5825Author: Darren Tucker <dtucker@dtucker.net>
5826Date:   Thu Jan 20 00:49:57 2022 +1100
5827
5828    Move more tests out of valgrind-1 runner.
5829
5830commit 20da6ed136dd76e6a0b229ca3036ef9c7c7ef798
5831Author: Darren Tucker <dtucker@dtucker.net>
5832Date:   Wed Jan 19 15:37:39 2022 +1100
5833
5834    Invoke EXIT handler early when using Valgrind.
5835
5836    When using Valgrind, we need to wait for all invoked programs to
5837    complete before checking their valgrind logs.  Some tests, notably
5838    agent-restrict, set an EXIT trap handler to clean up things like
5839    ssh-agent, but those do not get invoked until test-exec.sh exits.
5840    This causes the Valgrind wait to deadlock, so if present invoke
5841    the EXIT handler before checking the Valgrind logs.
5842
5843commit ad2e0580c87b0714cf166bca9d926a95ddeee1c8
5844Author: Darren Tucker <dtucker@dtucker.net>
5845Date:   Tue Jan 18 12:55:21 2022 +1100
5846
5847    Remove line leftover from upstream sync.
5848
5849commit d1051c0f11a6b749027e26bbeb61b07df4b67e15
5850Author: djm@openbsd.org <djm@openbsd.org>
5851Date:   Mon Jan 17 22:56:04 2022 +0000
5852
5853    upstream: when decompressing zlib compressed packets, use
5854
5855    Z_SYNC_FLUSH instead of Z_PARTIAL_FLUSH as the latter is not actually
5856    specified as a valid mode for inflate(). There should be no practical change
5857    in behaviour as the compression side ensures a flush that should make all
5858    data available to the receiver in all cases.
5859
5860    repoted by lamm AT ibm.com via bz3372; ok markus
5861
5862    OpenBSD-Commit-ID: 67cfc1fa8261feae6d2cc0c554711c97867cc81b
5863
5864commit d5981b1883746b1ae178a46229c26b53af99e37a
5865Author: djm@openbsd.org <djm@openbsd.org>
5866Date:   Mon Jan 17 21:41:04 2022 +0000
5867
5868    upstream: make most of the sftp errors more idiomatic, following
5869
5870    the general form of "[local/remote] operation path: error message"; ok markus
5871
5872    OpenBSD-Commit-ID: 61364cd5f3a9fecaf8d63b4c38a42c0c91f8b571
5873
5874commit ac7c9ec894ed0825d04ef69c55babb49bab1d32e
5875Author: djm@openbsd.org <djm@openbsd.org>
5876Date:   Mon Jan 17 21:39:51 2022 +0000
5877
5878    upstream: when transferring multiple files in SFTP mode, create the
5879
5880    destination directory if it doesn't already exist to match olde-scp(1)
5881    behaviour. noticed by deraadt@ ok markus@
5882
5883    OpenBSD-Commit-ID: cf44dfa231d4112f697c24ff39d7ecf2e6311407
5884
5885commit 39d17e189f8e72c34c722579d8d4e701fa5132da
5886Author: djm@openbsd.org <djm@openbsd.org>
5887Date:   Fri Jan 14 03:43:48 2022 +0000
5888
5889    upstream: allow pin-required FIDO keys to be added to ssh-agent(1).
5890
5891    ssh-askpass will be used to request the PIN at authentication time.
5892
5893    From Pedro Martelletto, ok djm
5894
5895    OpenBSD-Commit-ID: de8189fcd35b45f632484864523c1655550e2950
5896
5897commit 52423f64e13db2bdc31a51b32e999cb1bfcf1263
5898Author: djm@openbsd.org <djm@openbsd.org>
5899Date:   Fri Jan 14 03:35:10 2022 +0000
5900
5901    upstream: ssh-sk: free a resident key's user id
5902
5903    From Pedro Martelletto; ok dtucker & me
5904
5905    OpenBSD-Commit-ID: 47be40d602b7a6458c4c71114df9b53d149fc2e9
5906
5907commit 014e2f147a2788bfb3cc58d1b170dcf2bf2ee493
5908Author: djm@openbsd.org <djm@openbsd.org>
5909Date:   Fri Jan 14 03:34:00 2022 +0000
5910
5911    upstream: sshsk_load_resident: don't preallocate resp
5912
5913    resp is allocated by client_converse(), at which point we lose
5914    the original pointer.
5915
5916    From Pedro Martelletto; ok dtucker & me
5917
5918    OpenBSD-Commit-ID: 1f1b5ea3282017d6584dfed4f8370dc1db1f44b1
5919
5920commit c88265f207dfe0e8bdbaf9f0eda63ed6b33781cf
5921Author: djm@openbsd.org <djm@openbsd.org>
5922Date:   Fri Jan 14 03:32:52 2022 +0000
5923
5924    upstream: sshsk_sign: trim call to sshkey_fingerprint()
5925
5926    the resulting fingerprint doesn't appear to be used for anything,
5927    and we end up leaking it.
5928
5929    from Pedro Martelletto; ok dtucker & me
5930
5931    OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
5932
5933commit 1cd1b2eac39661b849d5a4b4b56363e22bb5f61e
5934Author: djm@openbsd.org <djm@openbsd.org>
5935Date:   Fri Jan 14 03:31:52 2022 +0000
5936
5937    upstream: use status error message to communicate ~user expansion
5938
5939    failures; provides better experience for scp in sftp mode, where ~user paths
5940    are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
5941    markus
5942
5943    (forgot to include this file in previous commit)
5944
5945    OpenBSD-Commit-ID: d37cc4c8c861ce48cd6ea9899e96aaac3476847b
5946
5947commit a1d42a6ce0398da3833bedf374ef2571af7fea50
5948Author: Damien Miller <djm@mindrot.org>
5949Date:   Fri Jan 14 13:49:32 2022 +1100
5950
5951    fix edge case in poll(2) wrapper
5952
5953    Correct handling of select(2) exceptfds. These should only be consulted
5954    for POLLPRI flagged pfds and not unconditionally converted to POLLERR.
5955
5956    with and ok dtucker@
5957
5958commit 976b9588b4b5babcaceec4767a241c11a67a5ccb
5959Author: Darren Tucker <dtucker@dtucker.net>
5960Date:   Fri Jan 14 13:46:35 2022 +1100
5961
5962    Wrap OpenSSL includes in unit tests in ifdef.
5963
5964    Fixes unit test on systems that do not have OpenSSL headers installed.
5965
5966commit c171879374b2e8b07157503f5639ed0bce59ce89
5967Author: Darren Tucker <dtucker@dtucker.net>
5968Date:   Thu Jan 13 15:53:33 2022 +1100
5969
5970    Remove sort wrapper.
5971
5972    agent-restrict now takes care of this itself.
5973
5974commit 9cc2654403f1a686bb26c07a6ac790edf334cef5
5975Author: dtucker@openbsd.org <dtucker@openbsd.org>
5976Date:   Thu Jan 13 04:53:16 2022 +0000
5977
5978    upstream: Set LC_ALL in both local and remote shells so that sorted
5979
5980    output matches regardless of what the user's shell sets it to.  ok djm@
5981
5982    OpenBSD-Regress-ID: 4e97dd69a68b05872033175a4c2315345d01837f
5983
5984commit 7a75f748cb2dd2f771bf70ea72698aa027996ab1
5985Author: dtucker@openbsd.org <dtucker@openbsd.org>
5986Date:   Thu Jan 13 04:22:10 2022 +0000
5987
5988    upstream: Avoid %'s in commands (not used in OpenBSD, but used in
5989
5990    -portable's Valgrind test) being interpretted as printf format strings.
5991
5992    OpenBSD-Regress-ID: dc8655db27ac4acd2c386c4681bf42a10d80b043
5993
5994commit 6c435bd4994d71442192001483a1cdb846e5ffcd
5995Author: Darren Tucker <dtucker@dtucker.net>
5996Date:   Wed Jan 12 16:58:13 2022 +1100
5997
5998    Stop on first test failure to minimize logs.
5999
6000commit 4bc2ba6095620a4484b708ece12842afd8c7685b
6001Author: dtucker@openbsd.org <dtucker@openbsd.org>
6002Date:   Wed Jan 12 07:18:37 2022 +0000
6003
6004    upstream: Use egrep when searching for an anchored string.
6005
6006    OpenBSD-Regress-ID: dd114a2ac27ac4b06f9e4a586d3f6320c54aeeb4
6007
6008commit 6bf2efa2679da1e8e60731f41677b2081dedae2c
6009Author: Darren Tucker <dtucker@dtucker.net>
6010Date:   Wed Jan 12 18:25:06 2022 +1100
6011
6012    Add "rev" command replacement if needed.
6013
6014commit 72bcd7993dadaf967bb3d8564ee31cbf38132b5d
6015Author: dtucker@openbsd.org <dtucker@openbsd.org>
6016Date:   Wed Jan 12 03:30:32 2022 +0000
6017
6018    upstream: Don't log NULL hostname in restricted agent code,
6019
6020    printf("%s", NULL) is not safe on all platforms.  with & ok djm
6021
6022    OpenBSD-Commit-ID: faf10cdae4adde00cdd668cd1f6e05d0a0e32a02
6023
6024commit acabefe3f8fb58c867c99fed9bbf84dfa1771727
6025Author: djm@openbsd.org <djm@openbsd.org>
6026Date:   Tue Jan 11 22:33:16 2022 +0000
6027
6028    upstream: remove hardcoded domain and use window.location.host, so this
6029
6030    can be run anywhere
6031
6032    OpenBSD-Regress-ID: 2ac2ade3b6227d9c547351d3ccdfe671e62b7f92
6033
6034commit 96da0946e44f34adc0397eb7caa6ec35a3e79891
6035Author: dtucker@openbsd.org <dtucker@openbsd.org>
6036Date:   Tue Jan 11 02:56:19 2022 +0000
6037
6038    upstream: "void" functions should not return anything. From Tim Rice
6039
6040    via -portable.
6041
6042    OpenBSD-Commit-ID: ce6616304f4c9881b46413e616b226c306830e2a
6043
6044commit a882a09722c9f086c9edb65d0c4022fd965ec1ed
6045Author: djm@openbsd.org <djm@openbsd.org>
6046Date:   Tue Jan 11 01:26:47 2022 +0000
6047
6048    upstream: suppress "Connection to xxx closed" messages at LogLevel >=
6049
6050    error bz3378; ok dtucker@
6051
6052    OpenBSD-Commit-ID: d5bf457d5d2eb927b81d0663f45248a31028265c
6053
6054commit 61a1a6af22e17fc94999a5d1294f27346e6c4668
6055Author: Damien Miller <djm@mindrot.org>
6056Date:   Wed Jan 12 08:57:49 2022 +1100
6057
6058    OS X poll(2) is broken; use compat replacement
6059
6060    Darwin's poll(2) implementation is broken. For character-special
6061    devices like /dev/null, it returns POLLNVAL when polled with
6062    POLLIN.
6063
6064    Apparently this is Apple bug 3710161, which is AFAIK not public,
6065    but a websearch will find other OSS projects rediscovering it
6066    periodically since it was first identified in 2005 (!!)
6067
6068commit 613a6545fc5a9542753b503cbe5906538a640b60
6069Author: Darren Tucker <dtucker@dtucker.net>
6070Date:   Tue Jan 11 20:56:01 2022 +1100
6071
6072    libhardended_malloc.so moved into out dir.
6073
6074commit 61761340be5e11046556623f8f5412b236cefa95
6075Author: Tim Rice <tim@multitalents.net>
6076Date:   Mon Jan 10 11:07:04 2022 -0800
6077
6078    Make USL compilers happy
6079    UX:acomp: ERROR: "sftp-server.c", line 567: void function cannot return value
6080
6081commit 3ef403f351e80a59b6f7e9d43cb82c181855483c
6082Author: Darren Tucker <dtucker@dtucker.net>
6083Date:   Mon Jan 10 21:07:38 2022 +1100
6084
6085    Add wrapper for "sort" to set LC_ALL=C.
6086
6087    Found by djm, this should make sorts stable and reduce test flakiness.
6088
6089commit bd69e29f5716090181dbe0b8272eb7eab1a383bb
6090Author: dtucker@openbsd.org <dtucker@openbsd.org>
6091Date:   Sat Jan 8 07:55:26 2022 +0000
6092
6093    upstream: Remove errant "set -x" left over from debugging.
6094
6095    OpenBSD-Regress-ID: cd989268e034264cec5df97be7581549032c87dc
6096
6097commit 1a7c88e26fd673813dc5f61c4ac278564845e004
6098Author: dtucker@openbsd.org <dtucker@openbsd.org>
6099Date:   Sat Jan 8 07:01:13 2022 +0000
6100
6101    upstream: Enable all supported hostkey algorithms (but no others).
6102
6103    Allows hostbased test to pass when built without OpenSSL.
6104
6105    OpenBSD-Regress-ID: 5ddd677a68b672517e1e78460dc6ca2ccc0a9562
6106
6107commit 12b457c2a42ff271e7967d9bedd068cebb048db9
6108Author: djm@openbsd.org <djm@openbsd.org>
6109Date:   Sat Jan 8 07:37:32 2022 +0000
6110
6111    upstream: use status error message to communicate ~user expansion
6112
6113    failures; provides better experience for scp in sftp mode, where ~user paths
6114    are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
6115    markus
6116
6117    OpenBSD-Commit-ID: fc610ce00ca0cdc2ecdabbd49ce7cb82033f905f
6118
6119commit 63670d4e9030bcee490d5a9cce561373ac5b3b23
6120Author: djm@openbsd.org <djm@openbsd.org>
6121Date:   Sat Jan 8 07:36:11 2022 +0000
6122
6123    upstream: fix some corner-case bugs in scp sftp-mode handling of
6124
6125    ~-prefixed paths; spotted by jsg; feedback jsg & deraadt, ok jsg & markus
6126
6127    OpenBSD-Commit-ID: d1697dbaaa9f0f5649d69be897eab25c7d37c222
6128
6129commit e14940bbec57fc7d3ce0644dbefa35f5a8ec97d0
6130Author: djm@openbsd.org <djm@openbsd.org>
6131Date:   Sat Jan 8 07:34:57 2022 +0000
6132
6133    upstream: more idiomatic error messages; spotted by jsg & deraadt
6134
6135    ok jsg & markus
6136
6137    OpenBSD-Commit-ID: 43618c692f3951747b4151c477c7df22afe2bcc8
6138
6139commit 9acddcd5918c623f7ebf454520ffe946a8f15e90
6140Author: djm@openbsd.org <djm@openbsd.org>
6141Date:   Sat Jan 8 07:33:54 2022 +0000
6142
6143    upstream: add a variant of send_status() that allows overriding the
6144
6145    default, generic error message. feedback/ok markus & jsg
6146
6147    OpenBSD-Commit-ID: 81f251e975d759994131b717ee7c0b439659c40f
6148
6149commit 961411337719d4cd78f1ab33e4ac549f3fa22f50
6150Author: djm@openbsd.org <djm@openbsd.org>
6151Date:   Sat Jan 8 07:32:45 2022 +0000
6152
6153    upstream: refactor tilde_expand_filename() and make it handle ~user
6154
6155    paths with no trailing slash; feedback/ok markus and jsg
6156
6157    OpenBSD-Commit-ID: a2ab365598a902f0f14ba6a4f8fb2d07a9b5d51d
6158
6159commit dc38236ab6827dec575064cac65c8e7035768773
6160Author: dtucker@openbsd.org <dtucker@openbsd.org>
6161Date:   Thu Jan 6 22:14:25 2022 +0000
6162
6163    upstream: Don't explicitly set HostbasedAuthentication in
6164
6165    sshd_config. It defaults to "no", and not explicitly setting it allows us to
6166    enable it for the (optional) hostbased test.
6167
6168    OpenBSD-Regress-ID: aa8e3548eb5793721641d26e56c29f363b767c0c
6169
6170commit e12d912ddf1c873cb72e5de9a197afbe0b6622d2
6171Author: dtucker@openbsd.org <dtucker@openbsd.org>
6172Date:   Thu Jan 6 21:46:56 2022 +0000
6173
6174    upstream: Add test for hostbased auth. It requires some external
6175
6176    setup (see comments at the top) and thus is disabled unless
6177    TEST_SSH_HOSTBASED_AUTH and SUDO are set.
6178
6179    OpenBSD-Regress-ID: 3ec8ba3750c5b595fc63e7845d13483065a4827a
6180
6181commit a48533a8da6a0f4f05ecd055dc8048047e53569e
6182Author: Damien Miller <djm@mindrot.org>
6183Date:   Fri Jan 7 09:24:26 2022 +1100
6184
6185    depend
6186
6187commit d9dbb5d9a0326e252d3c7bc13beb9c2434f59409
6188Author: djm@openbsd.org <djm@openbsd.org>
6189Date:   Thu Jan 6 22:06:51 2022 +0000
6190
6191    upstream: allow hostbased auth to select RSA keys when only
6192
6193    RSA/SHA2 are configured (this is the default case); ok markus@
6194
6195    OpenBSD-Commit-ID: 411c18c7bde40c60cc6dfb7017968577b4d4a827
6196
6197commit fdb1d58d0d3888b042e5a500f6ce524486aaf782
6198Author: djm@openbsd.org <djm@openbsd.org>
6199Date:   Thu Jan 6 22:05:42 2022 +0000
6200
6201    upstream: add a helper function to match a key type to a list of
6202
6203    signature algorithms. RSA keys can make signatures with multiple algorithms,
6204    so some special handling is required. ok markus@
6205
6206    OpenBSD-Commit-ID: 03b41b2bda06fa4cd9c84cef6095033b9e49b6ff
6207
6208commit 11e8c4309a5086a45fbbbc87d0af5323c6152914
6209Author: djm@openbsd.org <djm@openbsd.org>
6210Date:   Thu Jan 6 22:04:20 2022 +0000
6211
6212    upstream: log some details on hostkeys that ssh loads for
6213
6214    hostbased authn ok markus@
6215
6216    OpenBSD-Commit-ID: da17061fa1f0e58cb31b88478a40643e18233e38
6217
6218commit c6706f661739514a34125aa3136532a958929510
6219Author: djm@openbsd.org <djm@openbsd.org>
6220Date:   Thu Jan 6 22:03:59 2022 +0000
6221
6222    upstream: log signature algorithm during verification by monitor;
6223
6224    ok markus
6225
6226    OpenBSD-Commit-ID: 02b92bb42c4d4bf05a051702a56eb915151d9ecc
6227
6228commit 8832402bd500d1661ccc80a476fd563335ef6cdc
6229Author: djm@openbsd.org <djm@openbsd.org>
6230Date:   Thu Jan 6 22:02:52 2022 +0000
6231
6232    upstream: piece of UpdateHostkeys client strictification: when
6233
6234    updating known_hosts with new keys, ignore NULL keys (forgot to include in
6235    prior commit)
6236
6237    OpenBSD-Commit-ID: 49d2eda6379490e1ceec40c3b670b973f63dea08
6238
6239commit c2d9ced1da0276961d86690b3bd7ebdaca7fdbf7
6240Author: djm@openbsd.org <djm@openbsd.org>
6241Date:   Thu Jan 6 22:01:14 2022 +0000
6242
6243    upstream: include rejected signature algorithm in error message
6244
6245    and not the (useless) key type; ok markus
6246
6247    OpenBSD-Commit-ID: 4180b5ec7ab347b43f84e00b1972515296dab023
6248
6249commit 7aa7b096cf2bafe2777085abdeed5ce00581f641
6250Author: djm@openbsd.org <djm@openbsd.org>
6251Date:   Thu Jan 6 22:00:18 2022 +0000
6252
6253    upstream: make ssh-keysign use the requested signature algorithm
6254
6255    and not the default for the keytype. Part of unbreaking hostbased auth for
6256    RSA/SHA2 keys. ok markus@
6257
6258    OpenBSD-Commit-ID: b5639a14462948970da3a8020dc06f9a80ecccdc
6259
6260commit 291721bc7c840d113a49518f3fca70e86248b8e8
6261Author: djm@openbsd.org <djm@openbsd.org>
6262Date:   Thu Jan 6 21:57:28 2022 +0000
6263
6264    upstream: stricter UpdateHostkey signature verification logic on
6265
6266    the client- side. Require RSA/SHA2 signatures for RSA hostkeys except when
6267    RSA/SHA1 was explicitly negotiated during initial KEX; bz3375
6268
6269    ok markus@
6270
6271    OpenBSD-Commit-ID: 46e75e8dfa2c813781805b842580dcfbd888cf29
6272
6273commit 0fa33683223c76289470a954404047bc762be84c
6274Author: djm@openbsd.org <djm@openbsd.org>
6275Date:   Thu Jan 6 21:55:23 2022 +0000
6276
6277    upstream: Fix signature algorithm selection logic for
6278
6279    UpdateHostkeys on the server side. The previous code tried to prefer RSA/SHA2
6280    for hostkey proofs of RSA keys, but missed some cases. This will use RSA/SHA2
6281    signatures for RSA keys if the client proposed these algorithms in initial
6282    KEX. bz3375
6283
6284    Mostly by Dmitry Belyavskiy with some tweaks by me.
6285
6286    ok markus@
6287
6288    OpenBSD-Commit-ID: c17ba0c3236340d2c6a248158ebed042ac6a8029
6289
6290commit 17877bc81db3846e6e7d4cfb124d966bb9c9296b
6291Author: djm@openbsd.org <djm@openbsd.org>
6292Date:   Thu Jan 6 21:48:38 2022 +0000
6293
6294    upstream: convert ssh, sshd mainloops from select() to poll();
6295
6296    feedback & ok deraadt@ and markus@ has been in snaps for a few months
6297
6298    OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
6299
6300commit 5c79952dfe1aa36105c93b3f383ce9be04dee384
6301Author: djm@openbsd.org <djm@openbsd.org>
6302Date:   Thu Jan 6 21:46:23 2022 +0000
6303
6304    upstream: prepare for conversion of ssh, sshd mainloop from
6305
6306    select() to poll() by moving FD_SET construction out of channel handlers into
6307    separate functions. ok markus
6308
6309    OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
6310
6311commit 24c5187edfef4651a625b7d5d692c8c7e794f71f
6312Author: djm@openbsd.org <djm@openbsd.org>
6313Date:   Wed Jan 5 21:54:37 2022 +0000
6314
6315    upstream: add a comment so I don't make this mistake again
6316
6317    OpenBSD-Commit-ID: 69c7f2362f9de913bb29b6318580c5a1b52c921e
6318
6319commit 7369900441929058263a17f56aa67e05ff7ec628
6320Author: djm@openbsd.org <djm@openbsd.org>
6321Date:   Wed Jan 5 21:50:00 2022 +0000
6322
6323    upstream: fix cut-and-pasto in error message
6324
6325    OpenBSD-Commit-ID: 4cc5c619e4b456cd2e9bb760d17e3a9c84659198
6326
6327commit 294c11b1c7d56d3fb61e329603a782315ed70c62
6328Author: djm@openbsd.org <djm@openbsd.org>
6329Date:   Wed Jan 5 08:25:05 2022 +0000
6330
6331    upstream: select all RSA hostkey algorithms for UpdateHostkeys tests,
6332
6333    not just RSA-SHA1
6334
6335    OpenBSD-Regress-ID: b40e62b65863f2702a0c10aca583b2fe76772bd8
6336
6337commit 2ea1108c30e3edb6f872dfc1e6da10b041ddf2c0
6338Author: djm@openbsd.org <djm@openbsd.org>
6339Date:   Wed Jan 5 04:56:15 2022 +0000
6340
6341    upstream: regress test both sshsig message hash algorithms, possible
6342
6343    now because the algorithm is controllable via the CLI
6344
6345    OpenBSD-Regress-ID: 0196fa87acc3544b2b4fd98de844a571cb09a39f
6346
6347commit 2327c306b5d4a2b7e71178e5a4d139af9902c2b0
6348Author: djm@openbsd.org <djm@openbsd.org>
6349Date:   Wed Jan 5 04:50:11 2022 +0000
6350
6351    upstream: allow selection of hash at sshsig signing time; code
6352
6353    already supported either sha512 (default) or sha256, but plumbing wasn't
6354    there mostly by Linus Nordberg
6355
6356    OpenBSD-Commit-ID: 1b536404b9da74a84b3a1c8d0b05fd564cdc96cd
6357
6358commit 56e941d0a00d6d8bae88317717d5e1b7395c9529
6359Author: djm@openbsd.org <djm@openbsd.org>
6360Date:   Wed Jan 5 04:27:54 2022 +0000
6361
6362    upstream: add missing -O option to usage() for ssh-keygen -Y sign;
6363
6364    from Linus Nordberg
6365
6366    OpenBSD-Commit-ID: 4e78feb4aa830727ab76bb2e3d940440ae1d7af0
6367
6368commit 141a14ec9b0924709c98df2dd8013bde5d8d12c7
6369Author: djm@openbsd.org <djm@openbsd.org>
6370Date:   Wed Jan 5 04:27:01 2022 +0000
6371
6372    upstream: move sig_process_opts() to before sig_sign(); no
6373
6374    functional code change
6375
6376    OpenBSD-Commit-ID: da02d61f5464f72b4e8b299f83e93c3b657932f9
6377
6378commit 37a14249ec993599a9051731e4fb0ac5e976aec1
6379Author: djm@openbsd.org <djm@openbsd.org>
6380Date:   Wed Jan 5 04:10:39 2022 +0000
6381
6382    upstream: regression test for find-principals NULL deref; from Fabian
6383
6384    Stelzer
6385
6386    OpenBSD-Regress-ID: f845a8632a5a7d5ae26978004c93e796270fd3e5
6387
6388commit eb1f042142fdaba93f6c9560cf6c91ae25f6884a
6389Author: djm@openbsd.org <djm@openbsd.org>
6390Date:   Wed Jan 5 04:02:42 2022 +0000
6391
6392    upstream: NULL deref when using find-principals when matching an
6393
6394    allowed_signers line that contains a namespace restriction, but no
6395    restriction specified on the command-line; report and fix from Fabian Stelzer
6396
6397    OpenBSD-Commit-ID: 4a201b86afb668c908d1a559c6af456a61f4b145
6398
6399commit 8f3b18030579f395eca2181da31a5f945af12a59
6400Author: dtucker@openbsd.org <dtucker@openbsd.org>
6401Date:   Tue Jan 4 08:38:53 2022 +0000
6402
6403    upstream: Log command invocation while debugging.
6404
6405    This will aid in manually reproducing failing commands.
6406
6407    OpenBSD-Regress-ID: b4aba8d5ac5675ceebeeeefa3261ce344e67333a
6408
6409commit bbf285164df535f0d38c36237f007551bbdae27f
6410Author: Darren Tucker <dtucker@dtucker.net>
6411Date:   Sun Dec 26 10:31:15 2021 +1100
6412
6413    Always save config.h as build artifact.
6414
6415    Should allow better comparison between failing and succeeding test
6416    platforms.
6417
6418commit 03bd4ed0db699687c5cd83405d26f81d2dc28d22
6419Author: Darren Tucker <dtucker@dtucker.net>
6420Date:   Sat Dec 25 16:42:51 2021 +1100
6421
6422    Add OpenBSD 7.0 target.  Retire 6.8.
6423
6424commit c45a752f0de611afd87755c2887c8a24816d08ee
6425Author: jsg@openbsd.org <jsg@openbsd.org>
6426Date:   Sat Jan 1 05:55:06 2022 +0000
6427
6428    upstream: spelling
6429
6430    OpenBSD-Commit-ID: c63e43087a64d0727af13409c708938e05147b62
6431
6432commit c672f83a89a756564db0d3af9934ba0e1cf8fa3e
6433Author: djm@openbsd.org <djm@openbsd.org>
6434Date:   Tue Jan 4 07:20:33 2022 +0000
6435
6436    upstream: unbreak test: was picking up system ssh-add instead of the
6437
6438    one supposedly being tested. Spotted by dtucker and using his VM zoo (which
6439    includes some systems old enough to lack ed25519 key support)
6440
6441    OpenBSD-Regress-ID: 7976eb3df11cc2ca3af91030a6a8c0cef1590bb5
6442
6443commit a23698c3082ffe661abed14b020eac9b0c25eb9f
6444Author: djm@openbsd.org <djm@openbsd.org>
6445Date:   Sat Jan 1 04:18:06 2022 +0000
6446
6447    upstream: fix memleak in process_extension(); oss-fuzz issue #42719
6448
6449    OpenBSD-Commit-ID: d8d49f840162fb7b8949e3a5adb8107444b6de1e
6450
6451commit cb885178f36b83d0f14cfe9f345d2068103feed0
6452Author: jsg@openbsd.org <jsg@openbsd.org>
6453Date:   Sat Jan 1 01:55:30 2022 +0000
6454
6455    upstream: spelling ok dtucker@
6456
6457    OpenBSD-Commit-ID: bfc7ba74c22c928de2e257328b3f1274a3dfdf19
6458
6459commit 6b977f8080a32c5b3cbb9edb634b9d5789fb79be
6460Author: djm@openbsd.org <djm@openbsd.org>
6461Date:   Sun Dec 26 23:34:41 2021 +0000
6462
6463    upstream: split method list search functionality from
6464
6465    authmethod_lookup() into a separate authmethod_byname(), for cases where we
6466    don't need to check whether a method is enabled, etc.
6467
6468    use this to fix the "none" authentication method regression reported
6469    by Nam Nguyen via bugs@
6470
6471    ok deraadt@
6472
6473    OpenBSD-Commit-ID: 8cd188dc3a83aa8abe5b7693e762975cd8ea8a17
6474
6475commit 0074aa2c8d605ee7587279a22cdad4270b4ddd07
6476Author: jmc@openbsd.org <jmc@openbsd.org>
6477Date:   Wed Dec 22 06:56:41 2021 +0000
6478
6479    upstream: sort -H and -h in SYNOPSIS/usage(); tweak the -H text;
6480
6481    ok djm
6482
6483    OpenBSD-Commit-ID: 90721643e41e9e09deb5b776aaa0443456ab0965
6484
6485commit 1c9853a68b2319f2e5f929179735e8fbb9988a67
6486Author: Darren Tucker <dtucker@dtucker.net>
6487Date:   Wed Dec 22 19:33:10 2021 +1100
6488
6489    Use SHA.*_HMAC_BLOCK_SIZE if needed.
6490
6491    If the platform has a native SHA2, does not define SHA.*_BLOCK_LENGTH
6492    but does define SHA.*_HMAC_BLOCK_SIZE (eg Solaris) then use the latter.
6493    Should fix --without-openssl build on Solaris.
6494
6495commit 715c892f0a5295b391ae92c26ef4d6a86ea96e8e
6496Author: Damien Miller <djm@mindrot.org>
6497Date:   Wed Dec 22 09:02:50 2021 +1100
6498
6499    remove sys/param.h in -portable, after upstream
6500
6501commit 7a7c69d8b4022b1e5c0afb169c416af8ce70f3e8
6502Author: Damien Miller <djm@mindrot.org>
6503Date:   Mon Dec 20 13:05:20 2021 +1100
6504
6505    add agent-restrict.sh file, missed in last commit
6506
6507commit f539136ca51a4976644db5d0be8158cc1914c72a
6508Author: djm@openbsd.org <djm@openbsd.org>
6509Date:   Sun Dec 19 22:20:12 2021 +0000
6510
6511    upstream: regression test for destination restrictions in ssh-agent
6512
6513    OpenBSD-Regress-ID: 3c799d91e736b1753b4a42d80c42fc40de5ad33d
6514
6515commit 6e4980eb8ef94c04874a79dd380c3f568e8416d6
6516Author: anton@openbsd.org <anton@openbsd.org>
6517Date:   Sat Dec 18 06:53:59 2021 +0000
6518
6519    upstream: Make use of ntests variable, pointed out by clang 13.
6520
6521    OpenBSD-Regress-ID: 4241a3d21bdfa1630ed429b6d4fee51038d1be72
6522
6523commit 3eead8158393b697f663ec4301e3c7b6f24580b1
6524Author: deraadt@openbsd.org <deraadt@openbsd.org>
6525Date:   Tue Dec 14 21:25:27 2021 +0000
6526
6527    upstream: sys/param.h cleanup, mostly using MINIMUM() and
6528
6529    <limits.h> ok dtucker
6530
6531    OpenBSD-Regress-ID: 172a4c45d3bcf92fa6cdf6c4b9db3f1b3abe4db0
6532
6533commit 266678e19eb0e86fdf865b431b6e172e7a95bf48
6534Author: djm@openbsd.org <djm@openbsd.org>
6535Date:   Sun Dec 19 22:15:42 2021 +0000
6536
6537    upstream: document host-bound publickey authentication
6538
6539    OpenBSD-Commit-ID: ea6ed91779a81f06d961e30ecc49316b3d71961b
6540
6541commit 3d00024b3b156aa9bbd05d105f1deb9cb088f6f7
6542Author: djm@openbsd.org <djm@openbsd.org>
6543Date:   Sun Dec 19 22:15:21 2021 +0000
6544
6545    upstream: document agent protocol extensions
6546
6547    OpenBSD-Commit-ID: 09e8bb391bbaf24c409b75a4af44e0cac65405a7
6548
6549commit c385abf76511451bcba78568167b1cd9e90587d5
6550Author: djm@openbsd.org <djm@openbsd.org>
6551Date:   Sun Dec 19 22:14:47 2021 +0000
6552
6553    upstream: PubkeyAuthentication=yes|no|unbound|host-bound
6554
6555    Allow control over which pubkey methods are used. Added out of
6556    concern that some hardware devices may have difficulty signing
6557    the longer pubkey authentication challenges. This provides a
6558    way for them to disable the extension. It's also handy for
6559    testing.
6560
6561    feedback / ok markus@
6562
6563    OpenBSD-Commit-ID: ee52580db95c355cf6d563ba89974c210e603b1a
6564
6565commit 34b1e9cc7654f41cd4c5b1cc290b999dcf6579bb
6566Author: djm@openbsd.org <djm@openbsd.org>
6567Date:   Sun Dec 19 22:14:12 2021 +0000
6568
6569    upstream: document destination-constrained keys
6570
6571    feedback / ok markus@
6572
6573    OpenBSD-Commit-ID: cd8c526c77268f6d91c06adbee66b014d22d672e
6574
6575commit a6d7677c4abcfba268053e5867f2acabe3aa371b
6576Author: djm@openbsd.org <djm@openbsd.org>
6577Date:   Sun Dec 19 22:13:55 2021 +0000
6578
6579    upstream: Use hostkey parsed from hostbound userauth request
6580
6581    Require host-bound userauth requests for forwarded SSH connections.
6582
6583    The hostkey parsed from the host-bound userauth request is now checked
6584    against the most recently bound session ID / hostkey on the agent socket
6585    and the signature refused if they do not match.
6586
6587    ok markus@
6588
6589    OpenBSD-Commit-ID: d69877c9a3bd8d1189a5dbdeceefa432044dae02
6590
6591commit baaff0ff4357cc5a079621ba6e2d7e247b765061
6592Author: djm@openbsd.org <djm@openbsd.org>
6593Date:   Sun Dec 19 22:13:33 2021 +0000
6594
6595    upstream: agent support for parsing hostkey-bound signatures
6596
6597    Allow parse_userauth_request() to work with blobs from
6598    publickey-hostbound-v00@openssh.com userauth attempts.
6599
6600    Extract hostkey from these blobs.
6601
6602    ok markus@
6603
6604    OpenBSD-Commit-ID: 81c064255634c1109477dc65c3e983581d336df8
6605
6606commit 3e16365a79cdeb2d758cf1da6051b1c5266ceed7
6607Author: djm@openbsd.org <djm@openbsd.org>
6608Date:   Sun Dec 19 22:13:12 2021 +0000
6609
6610    upstream: EXT_INFO negotiation of hostbound pubkey auth
6611
6612    the EXT_INFO packet gets a new publickey-hostbound@openssh.com to
6613    advertise the hostbound public key method.
6614
6615    Client side support to parse this feature flag and set the kex->flags
6616    indicator if the expected version is offered (currently "0").
6617
6618    ok markus@
6619
6620    OpenBSD-Commit-ID: 4cdb2ca5017ec1ed7a9d33bda95c1d6a97b583b0
6621
6622commit 94ae0c6f0e35903b695e033bf4beacea1d376bb1
6623Author: djm@openbsd.org <djm@openbsd.org>
6624Date:   Sun Dec 19 22:12:54 2021 +0000
6625
6626    upstream: client side of host-bound pubkey authentication
6627
6628    Add kex->flags member to enable the publickey-hostbound-v00@openssh.com
6629    authentication method.
6630
6631    Use the new hostbound method in client if the kex->flags flag was set,
6632    and include the inital KEX hostkey in the userauth request.
6633
6634    Note: nothing in kex.c actually sets the new flag yet
6635
6636    ok markus@
6637
6638    OpenBSD-Commit-ID: 5a6fce8c6c8a77a80ee1526dc467d91036a5910d
6639
6640commit 288fd0218dbfdcb05d9fbd1885904bed9b6d42e6
6641Author: djm@openbsd.org <djm@openbsd.org>
6642Date:   Sun Dec 19 22:12:30 2021 +0000
6643
6644    upstream: sshd side of hostbound public key auth
6645
6646    This is identical to the standard "publickey" method, but it also includes
6647    the initial server hostkey in the message signed by the client.
6648
6649    feedback / ok markus@
6650
6651    OpenBSD-Commit-ID: 7ea01bb7238a560c1bfb426fda0c10a8aac07862
6652
6653commit dbb339f015c33d63484261d140c84ad875a9e548
6654Author: djm@openbsd.org <djm@openbsd.org>
6655Date:   Sun Dec 19 22:12:07 2021 +0000
6656
6657    upstream: prepare for multiple names for authmethods
6658
6659    allow authentication methods to have one additional name beyond their
6660    primary name.
6661
6662    allow lookup by this synonym
6663
6664    Use primary name for authentication decisions, e.g. for
6665    PermitRootLogin=publickey
6666
6667    Pass actual invoked name to the authmethods, so they can tell whether they
6668    were requested via the their primary name or synonym.
6669
6670    ok markus@
6671
6672    OpenBSD-Commit-ID: 9e613fcb44b8168823195602ed3d09ffd7994559
6673
6674commit 39f00dcf44915f20684160f0a88d3ef8a3278351
6675Author: djm@openbsd.org <djm@openbsd.org>
6676Date:   Sun Dec 19 22:11:39 2021 +0000
6677
6678    upstream: ssh-agent side of destination constraints
6679
6680    Gives ssh-agent the ability to parse restrict-destination-v00@openssh.com
6681    constraints and to apply them to keys.
6682
6683    Check constraints against the hostkeys recorded for a SocketEntry when
6684    attempting a signature, adding, listing or deleting keys. Note that
6685    the "delete all keys" request will remove constrained keys regardless of
6686    location.
6687
6688    feedback Jann Horn & markus@
6689    ok markus@
6690
6691    OpenBSD-Commit-ID: 84a7fb81106c2d609a6ac17469436df16d196319
6692
6693commit ce943912df812c573a33d00bf9e5435b7fcca3f7
6694Author: djm@openbsd.org <djm@openbsd.org>
6695Date:   Sun Dec 19 22:11:06 2021 +0000
6696
6697    upstream: ssh-add side of destination constraints
6698
6699    Have ssh-add accept a list of "destination constraints" that allow
6700    restricting where keys may be used in conjunction with a ssh-agent/ssh
6701    that supports session ID/hostkey binding.
6702
6703    Constraints are specified as either "[user@]host-pattern" or
6704    "host-pattern>[user@]host-pattern".
6705
6706    The first form permits a key to be used to authenticate as the
6707    specified user to the specified host.
6708
6709    The second form permits a key that has previously been permitted
6710    for use at a host to be available via a forwarded agent to an
6711    additional host.
6712
6713    For example, constraining a key with "user1@host_a" and
6714    "host_a>host_b". Would permit authentication as "user1" at
6715    "host_a", and allow the key to be available on an agent forwarded
6716    to "host_a" only for authentication to "host_b". The key would not
6717    be visible on agent forwarded to other hosts or usable for
6718    authentication there.
6719
6720    Internally, destination constraints use host keys to identify hosts.
6721    The host patterns are used to obtain lists of host keys for that
6722    destination that are communicated to the agent. The user/hostkeys are
6723    encoded using a new restrict-destination-v00@openssh.com key
6724    constraint.
6725
6726    host keys are looked up in the default client user/system known_hosts
6727    files. It is possible to override this set on the command-line.
6728
6729    feedback Jann Horn & markus@
6730    ok markus@
6731
6732    OpenBSD-Commit-ID: 6b52cd2b637f3d29ef543f0ce532a2bce6d86af5
6733
6734commit 5e950d765727ee0b20fc3d2cbb0c790b21ac2425
6735Author: djm@openbsd.org <djm@openbsd.org>
6736Date:   Sun Dec 19 22:10:24 2021 +0000
6737
6738    upstream: ssh-add side of destination constraints
6739
6740    Have ssh-add accept a list of "destination constraints" that allow
6741    restricting where keys may be used in conjunction with a ssh-agent/ssh
6742    that supports session ID/hostkey binding.
6743
6744    Constraints are specified as either "[user@]host-pattern" or
6745    "host-pattern>[user@]host-pattern".
6746
6747    The first form permits a key to be used to authenticate as the
6748    specified user to the specified host.
6749
6750    The second form permits a key that has previously been permitted
6751    for use at a host to be available via a forwarded agent to an
6752    additional host.
6753
6754    For example, constraining a key with "user1@host_a" and
6755    "host_a>host_b". Would permit authentication as "user1" at
6756    "host_a", and allow the key to be available on an agent forwarded
6757    to "host_a" only for authentication to "host_b". The key would not
6758    be visible on agent forwarded to other hosts or usable for
6759    authentication there.
6760
6761    Internally, destination constraints use host keys to identify hosts.
6762    The host patterns are used to obtain lists of host keys for that
6763    destination that are communicated to the agent. The user/hostkeys are
6764    encoded using a new restrict-destination-v00@openssh.com key
6765    constraint.
6766
6767    host keys are looked up in the default client user/system known_hosts
6768    files. It is possible to override this set on the command-line.
6769
6770    feedback Jann Horn & markus@
6771    ok markus@
6772
6773    OpenBSD-Commit-ID: ef47fa9ec0e3c2a82e30d37ef616e245df73163e
6774
6775commit 4c1e3ce85e183a9d0c955c88589fed18e4d6a058
6776Author: djm@openbsd.org <djm@openbsd.org>
6777Date:   Sun Dec 19 22:09:23 2021 +0000
6778
6779    upstream: ssh-agent side of binding
6780
6781    record session ID/hostkey/forwarding status for each active socket.
6782
6783    Attempt to parse data-to-be-signed at signature request time and extract
6784    session ID from the blob if it is a pubkey userauth request.
6785
6786    ok markus@
6787
6788    OpenBSD-Commit-ID: a80fd41e292b18b67508362129e9fed549abd318
6789
6790commit e9497ecf73f3c16667288bce48d4e3d7e746fea1
6791Author: djm@openbsd.org <djm@openbsd.org>
6792Date:   Sun Dec 19 22:08:48 2021 +0000
6793
6794    upstream: ssh client side of binding
6795
6796    send session ID, hostkey, signature and a flag indicating whether the
6797    agent connection is being forwarded to ssh agent each time a connection
6798    is opened via a new "session-bind@openssh.com" agent extension.
6799
6800    ok markus@
6801
6802    OpenBSD-Commit-ID: 2f154844fe13167d3ab063f830d7455fcaa99135
6803
6804commit b42c61d6840d16ef392ed0f365e8c000734669aa
6805Author: djm@openbsd.org <djm@openbsd.org>
6806Date:   Sun Dec 19 22:08:06 2021 +0000
6807
6808    upstream: Record session ID, host key and sig at intital KEX
6809
6810    These will be used later for agent session ID / hostkey binding
6811
6812    ok markus@
6813
6814    OpenBSD-Commit-ID: a9af29e33772b18e3e867c6fa8ab35e1694a81fe
6815
6816commit 26ca33d186473d58a32d812e19273ce078b6ffff
6817Author: djm@openbsd.org <djm@openbsd.org>
6818Date:   Tue Dec 7 22:06:45 2021 +0000
6819
6820    upstream: better error message for FIDO keys when we can't match
6821
6822    them to a token
6823
6824    OpenBSD-Commit-ID: 58255c2a1980088f4ed144db67d879ada2607650
6825
6826commit adb0ea006d7668190f0c42aafe3a2864d352e34a
6827Author: Darren Tucker <dtucker@dtucker.net>
6828Date:   Wed Dec 15 10:50:33 2021 +1100
6829
6830    Correct value for IPTOS_DSCP_LE.
6831
6832    It needs to allow for the preceeding two ECN bits.  From daisuke.higashi
6833    at gmail.com via OpenSSH bz#3373, ok claudio@, job@, djm@.
6834
6835commit 3dafd3fe220bd9046f11fcf5191a79ec8800819f
6836Author: Darren Tucker <dtucker@dtucker.net>
6837Date:   Fri Dec 10 11:57:30 2021 +1100
6838
6839    Increase timeout for test step.
6840
6841commit 5aefb05cd5b843e975b191d6ebb7ddf8de35c112
6842Author: Darren Tucker <dtucker@dtucker.net>
6843Date:   Fri Dec 10 10:27:27 2021 +1100
6844
6845    Update the list of tests that don't work on Minix.
6846
6847    While there, remove CC (configure will now find clang) and make the test
6848    list easier to update via cut and paste.
6849
6850commit 1c09bb1b2e207d091cec299c49416c23d24a1b31
6851Author: Darren Tucker <dtucker@dtucker.net>
6852Date:   Fri Dec 10 10:12:57 2021 +1100
6853
6854    Add minix host tuple.
6855
6856    Define SETEUID_BREAKS_SETUID for it which should make privsep work.
6857
6858commit a2188579032cf080213a78255373263466cb90cc
6859Author: jsg@openbsd.org <jsg@openbsd.org>
6860Date:   Sun Dec 5 12:28:27 2021 +0000
6861
6862    upstream: fix unintended sizeof pointer in debug path ok markus@
6863
6864    OpenBSD-Commit-ID: b9c0481ffc0cd801e0840e342e6a282a85aac93c
6865
6866commit da40355234068c82f1a36196f2d18dd2d81aaafd
6867Author: naddy@openbsd.org <naddy@openbsd.org>
6868Date:   Sat Dec 4 00:05:39 2021 +0000
6869
6870    upstream: RSA/SHA-1 is not used by default anymore on the server
6871
6872    OpenBSD-Commit-ID: 64abef6cfc3e53088225f6b8a1dcd86d52dc8353
6873
6874commit e9c71498a083a8b502aa831ea931ce294228eda0
6875Author: djm@openbsd.org <djm@openbsd.org>
6876Date:   Thu Dec 2 23:45:36 2021 +0000
6877
6878    upstream: hash full host:port when asked to hash output, fixes hashes
6879
6880    for non- default ports. bz3367 ok dtucker@
6881
6882    OpenBSD-Commit-ID: 096021cc847da7318ac408742f2d0813ebe9aa73
6883
6884commit b5601202145a03106012c22cb8980bcac2949f0b
6885Author: djm@openbsd.org <djm@openbsd.org>
6886Date:   Thu Dec 2 23:23:13 2021 +0000
6887
6888    upstream: improve the testing of credentials against inserted FIDO
6889
6890    keys a little more: ask the token whether a particular key belongs to it in
6891    cases where the token support on-token user- verification (e.g. biometrics)
6892    rather than just assuming that it will accept it.
6893
6894    Will reduce spurious "Confirm user presence" notifications for key
6895    handles that relate to FIDO keys that are not currently inserted in at
6896    least some cases.
6897
6898    Motivated by bz3366; by Pedro Martelletto
6899
6900    OpenBSD-Commit-ID: ffac7f3215842397800e1ae2e20229671a55a63d
6901
6902commit ca709e27c41c90f4565b17282c48dca7756e083c
6903Author: djm@openbsd.org <djm@openbsd.org>
6904Date:   Thu Dec 2 22:40:05 2021 +0000
6905
6906    upstream: move check_sk_options() up so we can use it earlier
6907
6908    OpenBSD-Commit-ID: 67fe98ba1c846d22035279782c4664c1865763b4
6909
6910commit b711bc01a7ec76bb6a285730990cbce9b8ca5773
6911Author: dtucker@openbsd.org <dtucker@openbsd.org>
6912Date:   Thu Dec 2 22:35:05 2021 +0000
6913
6914    upstream: ssh-rsa is no longer in the default for
6915
6916    PubkeyAcceptedAlgorithms.
6917
6918    OpenBSD-Commit-ID: 34a9e1bc30966fdcc922934ae00f09f2596cd73c
6919
6920commit dc91ceea33cd4a9f05be953e8d8062f732db5c8a
6921Author: djm@openbsd.org <djm@openbsd.org>
6922Date:   Thu Dec 2 02:44:44 2021 +0000
6923
6924    upstream: don't put the tty into raw mode when SessionType=none, avoids
6925
6926    ^c being unable to kill such a session. bz3360; ok dtucker@
6927
6928    OpenBSD-Commit-ID: 83960c433052303b643b4c380ae2f799ac896f65
6929
6930commit e6e7d2654a13ba10141da7b42ea683ea4eeb1f38
6931Author: Damien Miller <djm@mindrot.org>
6932Date:   Mon Nov 29 14:11:03 2021 +1100
6933
6934    previous commit broke bcrypt_pbkdf()
6935
6936    Accidentally reverted part of the conversion to use SHA512 from SUPERCOP
6937    instead of OpenBSD-style libc SHA512.
6938
6939commit c0459588b8d00b73e506c6095958ecfe62a4a7ba
6940Author: Darren Tucker <dtucker@dtucker.net>
6941Date:   Mon Nov 29 14:03:19 2021 +1100
6942
6943    Fix typo in Neils' name.
6944
6945commit 158bf854e2a22cf09064305f4a4e442670562685
6946Author: Damien Miller <djm@mindrot.org>
6947Date:   Mon Nov 29 12:30:22 2021 +1100
6948
6949    sync bcrypt-related files with OpenBSD
6950
6951    The main change is that Niels Provos kindly agreed to rescind the
6952    BSD license advertising clause, shifting them to the 3-term BSD
6953    license.
6954
6955    This was the last thing in OpenSSH that used the advertising clause.
6956
6957commit e8976d92a42883ff6b8991438f07df60c2c0d82d
6958Author: Damien Miller <djm@mindrot.org>
6959Date:   Mon Nov 29 12:29:29 2021 +1100
6960
6961    depend
6962
6963commit 8249afeec013e557fe7491a72ca3285de03e25b1
6964Author: djm@openbsd.org <djm@openbsd.org>
6965Date:   Sun Nov 28 07:21:26 2021 +0000
6966
6967    upstream: sshsig: return "key not found" when searching empty files
6968
6969    rather than "internal error"
6970
6971    OpenBSD-Commit-ID: e2ccae554c78d7a7cd33fc5d217f35be7e2507ed
6972
6973commit 9e3227d4dbb5ad9c9091b4c14982cab4bba87b4d
6974Author: djm@openbsd.org <djm@openbsd.org>
6975Date:   Sun Nov 28 07:15:10 2021 +0000
6976
6977    upstream: ssh-keygen -Y match-principals doesn't accept any -O
6978
6979    options at present, so don't say otherwise in SYNOPSIS; spotted jmc@
6980
6981    OpenBSD-Commit-ID: 9cc43a18f4091010741930b48b3db2f2e4f1d35c
6982
6983commit 56db1f4a4cf5039fc3b42e84c4b16291fdff32b1
6984Author: djm@openbsd.org <djm@openbsd.org>
6985Date:   Sun Nov 28 07:14:29 2021 +0000
6986
6987    upstream: fix indenting in last commit
6988
6989    OpenBSD-Commit-ID: 8b9ba989815d0dec1fdf5427a4a4b58eb9cac4d2
6990
6991commit 50bea24a9a9bdebad327c76e700def3261f5694e
6992Author: djm@openbsd.org <djm@openbsd.org>
6993Date:   Sun Nov 28 07:10:18 2021 +0000
6994
6995    upstream: missing initialisation for oerrno
6996
6997    OpenBSD-Commit-ID: 05d646bba238080259bec821c831a6f0b48d2a95
6998
6999commit 5a0f4619041d09cd29f3a08da41db5040372bdd1
7000Author: Darren Tucker <dtucker@dtucker.net>
7001Date:   Sun Nov 28 15:31:37 2021 +1100
7002
7003    Correct ifdef to activate poll() only if needed.
7004
7005commit d4035c81a71237f690edd7eda32bef7d63fd9528
7006Author: djm@openbsd.org <djm@openbsd.org>
7007Date:   Sat Nov 27 07:23:35 2021 +0000
7008
7009    upstream: whitespac e
7010
7011    OpenBSD-Regress-ID: b9511d41568056bda489e13524390167889908f8
7012
7013commit a443491e6782ef0f5a8bb87a5536c8ee4ff233a1
7014Author: djm@openbsd.org <djm@openbsd.org>
7015Date:   Sat Nov 27 07:20:58 2021 +0000
7016
7017    upstream: regression test for match-principals. Mostly by Fabian
7018
7019    Stelzer
7020
7021    OpenBSD-Regress-ID: ced0bec89af90935103438986bbbc4ad1df9cfa7
7022
7023commit 78230b3ec8cbabc1e7de68732dc5cbd4837c6675
7024Author: djm@openbsd.org <djm@openbsd.org>
7025Date:   Sat Nov 27 07:14:46 2021 +0000
7026
7027    upstream: Add ssh-keygen -Y match-principals operation to perform
7028
7029    matching of principals names against an allowed signers file.
7030
7031    Requested by and mostly written by Fabian Stelzer, towards a TOFU
7032    model for SSH signatures in git. Some tweaks by me.
7033
7034    "doesn't bother me" deraadt@
7035
7036    OpenBSD-Commit-ID: 8d1b71f5a4127bc5e10a880c8ea6053394465247
7037
7038commit 15db86611baaafb24c40632784dabf82e3ddb1a7
7039Author: djm@openbsd.org <djm@openbsd.org>
7040Date:   Thu Nov 25 23:02:24 2021 +0000
7041
7042    upstream: debug("func: ...") -> debug_f("...")
7043
7044    OpenBSD-Commit-ID: d58494dc05c985326a895adfbe16fbd5bcc54347
7045
7046commit b7ffbb17e37f59249c31f1ff59d6c5d80888f689
7047Author: Darren Tucker <dtucker@dtucker.net>
7048Date:   Fri Nov 19 18:53:46 2021 +1100
7049
7050    Allow for fd = -1 in compat ppoll overflow check.
7051
7052    Fixes tests on at least FreeBSD 6, possibly others.
7053
7054commit 04b172da5b96a51b0d55c905b423ababff9f4e0b
7055Author: Darren Tucker <dtucker@dtucker.net>
7056Date:   Fri Nov 19 16:01:51 2021 +1100
7057
7058    Don't auto-enable Capsicum sandbox on FreeBSD 9/10.
7059
7060    Since we changed from select() to ppoll() tests have been failing.
7061    This seems to be because FreeBSD 10 (and presumably 9) do not allow
7062    ppoll() in the privsep process and sshd will fail with "Not permitted in
7063    capability mode".  Setting CAP_EVENT on the FDs doesn't help, but weirdly,
7064    poll() works without that.  Those versions are EOL so this situation is
7065    unlikely to change.
7066
7067commit a823f39986e7b879f26412e64c15630e1cfa0dc5
7068Author: djm@openbsd.org <djm@openbsd.org>
7069Date:   Thu Nov 18 03:53:48 2021 +0000
7070
7071    upstream: regression test for ssh-keygen -Y find-principals fix; from
7072
7073    Fabian Stelzer ok djm markus
7074
7075    OpenBSD-Regress-ID: 34fe4088854c1a2eb4c0c51cc4676ba24096bac4
7076
7077commit 199c4df66c0e39dd5c3333b162af274678c0501d
7078Author: djm@openbsd.org <djm@openbsd.org>
7079Date:   Thu Nov 18 21:32:11 2021 +0000
7080
7081    upstream: less confusing debug message; bz#3365
7082
7083    OpenBSD-Commit-ID: 836268d3642c2cdc84d39b98d65837f5241e4a50
7084
7085commit 97f9b6e61316c97a32dad94b7a37daa9b5f6b836
7086Author: djm@openbsd.org <djm@openbsd.org>
7087Date:   Thu Nov 18 21:11:01 2021 +0000
7088
7089    upstream: avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we
7090
7091    already did this for RSA keys). Avoids fatal errors for PKCS#11 libraries
7092    that return empty keyid, e.g. Microchip ATECC608B "cryptoauthlib"; bz#3364
7093
7094    OpenBSD-Commit-ID: 054d4dc1d6a99a2e6f8eebc48207b534057c154d
7095
7096commit c74aa0eb73bd1edf79947d92d9c618fc3424c4a6
7097Author: djm@openbsd.org <djm@openbsd.org>
7098Date:   Thu Nov 18 03:50:41 2021 +0000
7099
7100    upstream: ssh-keygen -Y find-principals was verifying key validity
7101
7102    when using ca certs but not with simple key lifetimes within the allowed
7103    signers file.
7104
7105    Since it returns the first keys principal it finds this could
7106    result in a principal with an expired key even though a valid
7107    one is just below.
7108
7109    patch from Fabian Stelzer; feedback/ok djm markus
7110
7111    OpenBSD-Commit-ID: b108ed0a76b813226baf683ab468dc1cc79e0905
7112
7113commit d902d728dfd81622454260e23bc09d5e5a9a795e
7114Author: Darren Tucker <dtucker@dtucker.net>
7115Date:   Thu Nov 18 23:44:07 2021 +1100
7116
7117    Correct calculation of tv_nsec in poll().
7118
7119commit 21dd5a9a3fb35e8299a1fbcf8d506f1f6b752b85
7120Author: Darren Tucker <dtucker@dtucker.net>
7121Date:   Thu Nov 18 23:11:37 2021 +1100
7122
7123    Add compat implementation of ppoll using pselect.
7124
7125commit b544ce1ad4afb7ee2b09f714aa63efffc73fa93a
7126Author: Darren Tucker <dtucker@dtucker.net>
7127Date:   Thu Nov 18 23:05:34 2021 +1100
7128
7129    Put poll.h inside ifdef HAVE_POLL_H.
7130
7131commit 875408270c5a7dd69ed5449e5d85bd7120c88f70
7132Author: djm@openbsd.org <djm@openbsd.org>
7133Date:   Thu Nov 18 03:31:44 2021 +0000
7134
7135    upstream: check for POLLHUP wherever we check for POLLIN
7136
7137    OpenBSD-Commit-ID: 6aa6f3ec6b17c3bd9bfec672a917f003a76d93e5
7138
7139commit 36b5e37030d35bbaa18ba56825b1af55971d18a0
7140Author: djm@openbsd.org <djm@openbsd.org>
7141Date:   Thu Nov 18 03:07:59 2021 +0000
7142
7143    upstream: fd leak in sshd listen loop error path; from Gleb
7144
7145    Smirnoff
7146
7147    OpenBSD-Commit-ID: a7a2be27a690a74bf2381bc16cea38e265657412
7148
7149commit b99498d0c93f1edd04857b318308a66b28316bd8
7150Author: djm@openbsd.org <djm@openbsd.org>
7151Date:   Thu Nov 18 03:07:20 2021 +0000
7152
7153    upstream: check for POLLHUP as well as POLLIN in sshd listen loop;
7154
7155    ok deraadt millert
7156
7157    OpenBSD-Commit-ID: a4f1244c5a9c2b08dac4f3b1dc22e9d1dc60c587
7158
7159commit 1f3055d788e8cf80851eb1728b535d57eb0dba6a
7160Author: djm@openbsd.org <djm@openbsd.org>
7161Date:   Thu Nov 18 03:06:03 2021 +0000
7162
7163    upstream: check for POLLHUP as well as POLLIN, handle transient IO
7164
7165    errors as well as half-close on the output side; ok deraadt millert
7166
7167    OpenBSD-Commit-ID: de5c5b9939a37476d256328cbb96305bdecf511e
7168
7169commit 9778a15fa6dbdac6a95bf15865c2688b4bd6944e
7170Author: Damien Miller <djm@mindrot.org>
7171Date:   Thu Nov 18 10:16:55 2021 +1100
7172
7173    adjust seccomp filter for select->poll conversion
7174
7175    Needed to add ppoll syscall but also to relax the fallback rlimit
7176    sandbox. Linux poll() fails with EINVAL if npfds > RLIMIT_NOFILE,
7177    so we have to allow a single fd in the rlimit.
7178
7179commit fcd8d895bbb849c64f0aed934e3303d37f696f5d
7180Author: Damien Miller <djm@mindrot.org>
7181Date:   Thu Nov 18 10:16:44 2021 +1100
7182
7183    update depends
7184
7185commit 76292787a1e93e668f10e36b4bf59ce0ae28e156
7186Author: Damien Miller <djm@mindrot.org>
7187Date:   Thu Nov 18 09:26:20 2021 +1100
7188
7189    compat for timespecsub() and friends
7190
7191commit fd7e7de4ddb4399c7e929b44f2bbfc118eddfcf8
7192Author: djm@openbsd.org <djm@openbsd.org>
7193Date:   Wed Nov 17 21:06:39 2021 +0000
7194
7195    upstream: set num_listen_socks to 0 on close-all instead of -1,
7196
7197    which interferes with the new poll()-based listen loop; spotted and debugged
7198    by anton@+deraadt@
7199
7200    OpenBSD-Commit-ID: f7ab8ab124f615a2e0c45fee14c38d2f2abbabbd
7201
7202commit fd9343579afac30a971f06643a669733d9acb407
7203Author: deraadt@openbsd.org <deraadt@openbsd.org>
7204Date:   Sun Nov 14 18:47:43 2021 +0000
7205
7206    upstream: use ppoll() instead of pselect() with djm
7207
7208    OpenBSD-Commit-ID: 980f87c9564d5d2ad55722b7a6f44f21284cd215
7209
7210commit 092d29b232ef1a19609a5316ed7e4d896bb2e696
7211Author: deraadt@openbsd.org <deraadt@openbsd.org>
7212Date:   Sun Nov 14 06:15:36 2021 +0000
7213
7214    upstream: match .events with .fd better
7215
7216    OpenBSD-Commit-ID: 77eef212ca0add905949532af390164489c5984b
7217
7218commit 8d642c9a90fa4ed5a3effd785fb3591e14de00cd
7219Author: deraadt@openbsd.org <deraadt@openbsd.org>
7220Date:   Sun Nov 14 03:25:10 2021 +0000
7221
7222    upstream: convert select() to poll() ok djm
7223
7224    OpenBSD-Commit-ID: b53e4940ff10dd24f8d16e8db8ef1970015d7ead
7225
7226commit 6582a31c388968f4073af2bd8621880735c3d42b
7227Author: deraadt@openbsd.org <deraadt@openbsd.org>
7228Date:   Sat Nov 13 21:14:13 2021 +0000
7229
7230    upstream: replace select() with ppoll(), including converting
7231
7232    timeval's to timespec's to make things easier. back and forth and ok; djm
7233
7234    OpenBSD-Commit-ID: 89d3b23c60875da919e7820f9de6213286ffbec9
7235
7236commit 7c025c005550c86a40200a2bcdd355d09413d61a
7237Author: deraadt@openbsd.org <deraadt@openbsd.org>
7238Date:   Sat Nov 13 17:26:13 2021 +0000
7239
7240    upstream: It really looks like pledge "stdio dns" is possible
7241
7242    earlier. Discussed with mestre
7243
7244    OpenBSD-Commit-ID: 610873de63a593e0ac7bbbcb7a0f2894d36f4c01
7245
7246commit 06acb04c20ee483fe4757bd12aec870cc4bb1076
7247Author: deraadt@openbsd.org <deraadt@openbsd.org>
7248Date:   Fri Nov 12 05:23:49 2021 +0000
7249
7250    upstream: aggressively pre-fill the pollfd array with fd=-1
7251
7252    OpenBSD-Commit-ID: c2a525de8f83c1a04405bd79122c424140552a5b
7253
7254commit 7eec76793dec06e8f06b6cf71f9473141c69d109
7255Author: deraadt@openbsd.org <deraadt@openbsd.org>
7256Date:   Thu Nov 11 15:32:32 2021 +0000
7257
7258    upstream: Convert from select() to ppoll(). Along the way, I
7259
7260    observed that the select() code was using exceptfds incorrectly.. ok millert
7261
7262    OpenBSD-Commit-ID: 548e05bfc31b2af02319eb3d051286d4128dec96
7263
7264commit e665ed2d0c24fe11d5470ce72fa1e187377d3fc4
7265Author: Darren Tucker <dtucker@dtucker.net>
7266Date:   Fri Nov 12 22:55:27 2021 +1100
7267
7268    Switch from LibreSSL 3.4.0 to 3.4.1.
7269
7270    The LibreSSL 3.4.0 release has an OPENBSD_BRANCH that points to
7271    "master" and that branch no longer has the files LibreSSL expects
7272    and thus it will no longer build, breaking the test.
7273
7274commit 21b6b5a06c8c53c548d25e6074c5240e88e2ef34
7275Author: djm@openbsd.org <djm@openbsd.org>
7276Date:   Wed Nov 10 06:29:25 2021 +0000
7277
7278    upstream: add the sntrup761x25519-sha512@openssh.com hybrid
7279
7280    ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default
7281    KEXAlgorithms list (after the ECDH methods but before the prime-group DH
7282    ones).
7283
7284    ok markus@
7285
7286    OpenBSD-Commit-ID: 22b77e27a04e497a10e22f138107579652854210
7287
7288commit 239da797cbf07a640d7b1ea02d3f99ace3ef792d
7289Author: djm@openbsd.org <djm@openbsd.org>
7290Date:   Wed Nov 10 06:25:08 2021 +0000
7291
7292    upstream: fix ssh-keysign for KEX algorithms that use SHA384/512
7293
7294    exchange hashes; feedback/ok markus@
7295
7296    OpenBSD-Commit-ID: 09a8fda1c081f5de1e3128df64f28b7bdadee239
7297
7298commit 6997a592ecb1013df0c6d7f8df3e6517827aef11
7299Author: djm@openbsd.org <djm@openbsd.org>
7300Date:   Mon Nov 8 21:32:49 2021 +0000
7301
7302    upstream: improve error message when trying to expand a ~user path
7303
7304    for a user that doesn't exist; better matches what the shell does
7305
7306    ok deraadt@
7307
7308    OpenBSD-Commit-ID: 1ddefa3c3a78b69ce13d1b8f67bc9f2cefd23ad6
7309
7310commit 10b899a15c88eb40eb5f73cd0fa84ef0966f79c9
7311Author: Darren Tucker <dtucker@dtucker.net>
7312Date:   Wed Nov 10 12:34:25 2021 +1100
7313
7314    Don't trust closefrom() on Linux.
7315
7316    glibc's closefrom implementation does not work in a chroot when the kernel
7317    does not have close_range.  It tries to read from /proc/self/fd and when
7318    that fails dies with an assertion of sorts.  Instead, call close_range
7319    ourselves from our compat code and fall back if that fails.  bz#3349,
7320    with william.wilson at canonical.com and fweimer at redhat.com.
7321
7322commit eb1f63195a9a38b519536a5b398d9939261ec081
7323Author: dtucker@openbsd.org <dtucker@openbsd.org>
7324Date:   Sat Nov 6 10:13:39 2021 +0000
7325
7326    upstream: Plug a couple of minor mem leaks. From beldmit at
7327
7328    gmail.com via github PR#283, ok markus@
7329
7330    OpenBSD-Commit-ID: ec1fa7d305d46226861c3ca6fb9c9beb2ada2892
7331
7332commit e4f501bf1d3b53f1cc23d9521fd7c5163307b760
7333Author: djm@openbsd.org <djm@openbsd.org>
7334Date:   Fri Nov 5 03:10:58 2021 +0000
7335
7336    upstream: move cert_filter_principals() to earlier in the file for
7337
7338    reuse; no code change
7339
7340    OpenBSD-Commit-ID: 598fa9528b656b2f38bcc3cf5b6f3869a8c115cf
7341
7342commit 59c60f96fee321c7f38f00372826d37f289534af
7343Author: deraadt@openbsd.org <deraadt@openbsd.org>
7344Date:   Wed Nov 3 22:00:56 2021 +0000
7345
7346    upstream: Many downstreams expect ssh to compile as non-C99...
7347
7348    OpenBSD-Commit-ID: e6aa3e08bda68e5fb838fc8a49b1d2dfc38ee783
7349
7350commit 7a78fe63b0b28ef7231913dfefe9d08f9bc41c61
7351Author: Darren Tucker <dtucker@dtucker.net>
7352Date:   Sat Nov 6 21:07:03 2021 +1100
7353
7354    Skip getline() on HP-UX 10.x.
7355
7356    HP-UX 10.x has a getline() implementation in libc that does not behave
7357    as we expect so don't use it.  With correction from Thorsten Glaser and
7358    typo fix from Larkin Nickle.
7359
7360commit 343ae252ebb35c6ecae26b447bf1551a7666720e
7361Author: Damien Miller <djm@mindrot.org>
7362Date:   Wed Nov 3 12:08:21 2021 +1100
7363
7364    basic SECURITY.md (refers people to the website)
7365
7366commit ed45a0168638319e0a710633f6085b96b9cec656
7367Author: djm@openbsd.org <djm@openbsd.org>
7368Date:   Tue Nov 2 22:57:27 2021 +0000
7369
7370    upstream: crank SSH_SK_VERSION_MAJOR to match recent change in
7371
7372    usr/bin/ssh
7373
7374    OpenBSD-Regress-ID: 113d181c7e3305e138db9b688cdb8b0a0019e552
7375
7376commit f3c34df860c4c1ebddacb973954e58167d9dbade
7377Author: djm@openbsd.org <djm@openbsd.org>
7378Date:   Tue Nov 2 22:56:40 2021 +0000
7379
7380    upstream: Better handle FIDO keys on tokens that provide user
7381
7382    verification (UV) on the device itself, including biometric keys.
7383
7384    Query the token during key creation to determine whether it supports
7385    on-token UV and, if so, clear the SSH_SK_USER_VERIFICATION_REQD flag
7386    in the key so that ssh(1) doesn't automatically prompty for PIN later.
7387
7388    When making signatures with the key, query the token's capabilities
7389    again and check whether the token is able (right now) to perform user-
7390    verification without a PIN. If it is then the PIN prompt is bypassed
7391    and user verification delegated to the token. If not (e.g. the token
7392    is biometric capable, but no biometric are enrolled), then fall back
7393    to user verification via the usual PIN prompt.
7394
7395    Work by Pedro Martelletto; ok myself and markus@
7396
7397    NB. cranks SSH_SK_VERSION_MAJOR
7398
7399    OpenBSD-Commit-ID: e318a8c258d9833a0b7eb0236cdb68b5143b2f27
7400
7401commit 0328a081f38c09d2d4d650e94461a47fb5eef536
7402Author: djm@openbsd.org <djm@openbsd.org>
7403Date:   Fri Oct 29 03:03:06 2021 +0000
7404
7405    upstream: sshsig: add tests for signing key validity and
7406
7407    find-principals
7408
7409    - adds generic find-principals tests (this command had none before)
7410    - tests certs with a timeboxed validity both with and without a
7411     restriced lifetime for the CA
7412    - test for a revoked CA cert
7413
7414    by Fabian Stelzer
7415
7416    OpenBSD-Regress-ID: 9704b2c6df5b8ccfbdf2c06c5431f5f8cad280c9
7417
7418commit ccd358e1e25e25c13f0825996283cbf7a1647a3b
7419Author: djm@openbsd.org <djm@openbsd.org>
7420Date:   Fri Oct 29 02:48:19 2021 +0000
7421
7422    upstream: avoid signedness warning; spotted in -portable
7423
7424    OpenBSD-Regress-ID: 4cacc126086487c0ea7f3d86b42dec458cf0d0c6
7425
7426commit 2741f52beb11490d7033a25e56ed0496f0c78006
7427Author: djm@openbsd.org <djm@openbsd.org>
7428Date:   Fri Oct 29 03:20:46 2021 +0000
7429
7430    upstream: ssh-keygen: make verify-time argument parsing optional
7431
7432    From Fabian Stelzer
7433
7434    OpenBSD-Commit-ID: 1ff35e4c366a45a073663df90381be6a8ef4d370
7435
7436commit a1217d363b88b32cfe54c4f02c6c1cf4bdefdd23
7437Author: Damien Miller <djm@mindrot.org>
7438Date:   Fri Oct 29 13:48:34 2021 +1100
7439
7440    unbreak fuzz harness for recent changes
7441
7442commit 68e522ed8183587c9367fa3842c5b75f64f3d12b
7443Author: Darren Tucker <dtucker@dtucker.net>
7444Date:   Fri Oct 29 13:32:24 2021 +1100
7445
7446    Use -Wbitwise-instead-of-logical if supported.
7447
7448commit be28b23012aa3fa323be7ec84863cf238927c078
7449Author: Damien Miller <djm@mindrot.org>
7450Date:   Thu Oct 28 16:24:53 2021 +1100
7451
7452    use -Wmisleading-indentation cflag if available
7453
7454    ok dtucker@
7455
7456commit 2e6f5f24dd2f9217f4ab8b737ed428d5d5278f91
7457Author: Damien Miller <djm@mindrot.org>
7458Date:   Thu Oct 28 16:24:44 2021 +1100
7459
7460    depend
7461
7462commit a5ab4882348d26addc9830a44e053238dfa2cb58
7463Author: Damien Miller <djm@mindrot.org>
7464Date:   Thu May 6 10:08:30 2021 +1000
7465
7466    remove built-in support for md5crypt()
7467
7468    Users of MD5-hashed password should arrange for ./configure to link
7469    against libxcrypt or similar. Though it would be better to avoid use
7470    of MD5 password hashing entirely, it's arguably worse than DEScrypt.
7471
7472    feedback and ok dtucker@
7473
7474commit c5de1fffa6328b8246b87da28fa9df05813f76a3
7475Author: djm@openbsd.org <djm@openbsd.org>
7476Date:   Thu Oct 28 02:55:30 2021 +0000
7477
7478    upstream: increment SSH_SK_VERSION_MAJOR to match last change
7479
7480    OpenBSD-Regress-ID: 17873814d1cbda97f49c8528d7b5ac9cadf6ddc0
7481
7482commit 0001d04e55802d5bd9d6dece1081a99aa4ba2828
7483Author: djm@openbsd.org <djm@openbsd.org>
7484Date:   Thu Oct 28 02:54:18 2021 +0000
7485
7486    upstream: When downloading resident keys from a FIDO token, pass
7487
7488    back the user ID that was used when the key was created and append it to the
7489    filename the key is written to (if it is not the default).
7490
7491    Avoids keys being clobbered if the user created multiple
7492    resident keys with the same application string but different
7493    user IDs.
7494
7495    feedback Pedro Martelletto; ok markus
7496
7497    NB. increments SSH_SK_VERSION_MAJOR
7498
7499    OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
7500
7501commit d4bed5445646e605c383a4374fa962e23bf9e3a3
7502Author: deraadt@openbsd.org <deraadt@openbsd.org>
7503Date:   Sun Oct 24 21:24:17 2021 +0000
7504
7505    upstream: For open/openat, if the flags parameter does not contain
7506
7507    O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant.  Many developers
7508    in the past have passed mode_t (0, 044, 0644, or such), which might lead
7509    future people to copy this broken idiom, and perhaps even believe this
7510    parameter has some meaning or implication or application. Delete them all.
7511    This comes out of a conversation where tb@ noticed that a strange (but
7512    intentional) pledge behaviour is to always knock-out high-bits from mode_t on
7513    a number of system calls as a safety factor, and his bewilderment that this
7514    appeared to be happening against valid modes (at least visually), but no
7515    sorry, they are all irrelevant junk.  They could all be 0xdeafbeef. ok
7516    millert
7517
7518    OpenBSD-Commit-ID: 503d11633497115688c0c6952686524f01f53121
7519
7520commit d575cf44895104e0fcb0629920fb645207218129
7521Author: Darren Tucker <dtucker@dtucker.net>
7522Date:   Fri Oct 22 23:27:41 2021 +1100
7523
7524    kitchensink test target now needs krb5.
7525
7526commit 4ae39cada214e955bcfd3448ff28f0ed18886706
7527Author: Darren Tucker <dtucker@dtucker.net>
7528Date:   Fri Oct 22 22:54:33 2021 +1100
7529
7530    Test both MIT KRB5 and Heimdal.
7531
7532commit 22b2681d88619e5247dc53c9f112058a7e248d48
7533Author: dtucker@openbsd.org <dtucker@openbsd.org>
7534Date:   Fri Oct 22 10:51:57 2021 +0000
7535
7536    upstream: Plug mem addrinfo mem leaks.
7537
7538    Prevent mem leaks in the (unlikely) event that getaddrinfo returns
7539    no addresses.  ALso, remove an unneeded NULL check in addr_ntop. From
7540    khaleesicodes via github PR#281, ok deraadt@
7541
7542    OpenBSD-Commit-ID: e8a5afc686376637c355c5f7e122dc4b080b9c1a
7543
7544commit 27c8c343b610263f83ac2328735feeb881c6c92f
7545Author: dtucker@openbsd.org <dtucker@openbsd.org>
7546Date:   Fri Oct 22 09:22:04 2021 +0000
7547
7548    upstream: Remove unnecessary semicolons
7549
7550    ... in case statements. From khaleesicodes via github PR#280.
7551
7552    OpenBSD-Commit-ID: e1e89360b65775cff83e77ce040b342015caf4ed
7553
7554commit e7eb73b8d1fe1008d92433ea949491ce654bfaba
7555Author: dtucker@openbsd.org <dtucker@openbsd.org>
7556Date:   Fri Oct 22 09:19:34 2021 +0000
7557
7558    upstream: Fix typos in comments.
7559
7560    From khaleesicodes via github PR#280.
7561
7562    OpenBSD-Commit-ID: 26fdd83652c40f098bf7c685e8ebb9eb72cc45fc
7563
7564commit 052a9d8494175e24312daa6c132665e58c17fe6e
7565Author: deraadt@openbsd.org <deraadt@openbsd.org>
7566Date:   Fri Oct 15 14:46:46 2021 +0000
7567
7568    upstream: switch scp(1) back to sftp protocol.
7569
7570    openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
7571    protocol for copying.  Let's get back to testing the SFTP protocol.
7572
7573    OpenBSD-Commit-ID: 9eaa35d95fd547b78b0a043b3f518e135f151f30
7574
7575commit a07664646bf6d293f5bbd45a5de54f3c36bb85da
7576Author: Darren Tucker <dtucker@dtucker.net>
7577Date:   Fri Oct 22 14:00:05 2021 +1100
7578
7579    Source configs script so setup_ci can use settings
7580
7581commit 34df52c201c6b47e5a46b50c215e4d98a8bf6587
7582Author: Darren Tucker <dtucker@dtucker.net>
7583Date:   Fri Oct 22 09:42:14 2021 +1100
7584
7585    Install libedit and pam based on config flags.
7586
7587commit 8c626cc563e8d21d844d06f9971a9ee01de6aa2a
7588Author: Darren Tucker <dtucker@dtucker.net>
7589Date:   Thu Oct 21 16:53:39 2021 +1100
7590
7591    Don't use 'here string", it's not POSIX.
7592
7593commit 086a4b5977472aefa3de918b88efad0faf83b2b1
7594Author: Darren Tucker <dtucker@dtucker.net>
7595Date:   Thu Oct 21 15:33:27 2021 +1100
7596
7597    Remove -Werror from compiler package to install.
7598
7599commit 5a7a4687507d057f9b5e7497f3d3f82e64753c02
7600Author: Darren Tucker <dtucker@dtucker.net>
7601Date:   Thu Oct 21 15:00:53 2021 +1100
7602
7603    Build with -Werror on most recent gcc and clang.
7604
7605commit 4d2cbdb525d673acf941d48a7044fcf03125611a
7606Author: Darren Tucker <dtucker@dtucker.net>
7607Date:   Fri Oct 15 12:59:06 2021 +1100
7608
7609    Include string.h and stdio.h for strerror.
7610
7611commit fff13aaa262b7b3ec83ed21e29674cbf331780a7
7612Author: Darren Tucker <dtucker@dtucker.net>
7613Date:   Fri Oct 15 12:43:36 2021 +1100
7614
7615    Include error reason if trace disabling fails.
7616
7617commit d4b38144c02f3faa5271e5fb35df93507e06f1b4
7618Author: Darren Tucker <dtucker@dtucker.net>
7619Date:   Tue Oct 12 22:55:51 2021 +1100
7620
7621    Add tcmalloc test target.
7622
7623commit 002d65b0a30063c6e49bf8a53e709d8d5a0d45c1
7624Author: dtucker@openbsd.org <dtucker@openbsd.org>
7625Date:   Sat Oct 9 10:52:42 2021 +0000
7626
7627    upstream: Document that CASignatureAlgorithms, ExposeAuthInfo and
7628
7629    PubkeyAuthOptions can be used in a Match block.  Patch from eehakkin via
7630    github PR#277.
7631
7632    OpenBSD-Commit-ID: c0a63f5f52e918645967ac022b28392da4b866aa
7633
7634commit 40bd3709dddaae3a1b6113748bec3faa6a607531
7635Author: Darren Tucker <dtucker@dtucker.net>
7636Date:   Thu Oct 7 15:55:49 2021 +1100
7637
7638    Skip SK unit tests when built without security-key
7639
7640commit 482f73be10f10b93f818df19fcc8a912c0c371fc
7641Author: Darren Tucker <dtucker@dtucker.net>
7642Date:   Thu Oct 7 15:55:04 2021 +1100
7643
7644    Include relevant env vars on command line.
7645
7646    Makes it easier to reproduce a build by cut/pasting the configure line.
7647
7648commit ef5916b8acd9b1d2f39fad4951dae03b00dbe390
7649Author: Darren Tucker <dtucker@dtucker.net>
7650Date:   Thu Oct 7 14:28:02 2021 +1100
7651
7652    Only enable sk-* key types if ENABLE_SK is defined
7653
7654commit 52d4232b493a9858fe616e28a8bbcc89afa2ad4d
7655Author: Darren Tucker <dtucker@dtucker.net>
7656Date:   Wed Oct 6 18:14:37 2021 +1100
7657
7658    Disable security key on minix3.
7659
7660    The test doesn't work so disable.
7661
7662commit 7cd062c3a29669b8d7dc2a97e6575f4dcb7d35a2
7663Author: Darren Tucker <dtucker@dtucker.net>
7664Date:   Wed Oct 6 17:45:28 2021 +1100
7665
7666    Add USE_LIBC_SHA2 for (at least) NetBSD 9.
7667
7668commit 639c440f6c3c2a8216a5eb9455ef13bf4204089c
7669Author: Darren Tucker <dtucker@dtucker.net>
7670Date:   Wed Oct 6 17:09:31 2021 +1100
7671
7672    Define OPENSSL_NO_SHA including OpenSSL from test.
7673
7674    We don't use SHA256 from OpenSSL in the sk-dummy module and the
7675    definitions can conflict with system sha2.h (eg on NetBSD) so define
7676    OPENSSL_NO_SHA so we don't attempt to redefine them.
7677
7678commit 8f4be526a338d06624f146fa26007bb9dd3a4f7b
7679Author: Darren Tucker <dtucker@dtucker.net>
7680Date:   Wed Oct 6 15:40:58 2021 +1100
7681
7682    Disable security key on NetBSD4 test.
7683
7684    sk-dummy used for the security key test includes both sha2.h and OpenSSL
7685    causing the definitions conflict so disable security key support on this
7686    platform.
7687
7688commit 3b353ae58aa07a1cbbeb1da3ace21fc0dcccd66a
7689Author: Damien Miller <djm@mindrot.org>
7690Date:   Wed Oct 6 15:07:01 2021 +1100
7691
7692    clean regress/misc/sk-dummy in cleandir target
7693
7694commit 57680a2ab43518c5ccbd8242c40482106cde6ac1
7695Author: dtucker@openbsd.org <dtucker@openbsd.org>
7696Date:   Sat Oct 2 03:17:01 2021 +0000
7697
7698    upstream: Dynamically allocate encoded HashKnownHosts and free as
7699
7700    appropriate. Saves 1k of static storage and prevents snprintf "possible
7701    truncation" warnings from newer compilers (although in this case it's false
7702    positive since the actual sizes are limited by the output size of the SHA1).
7703    ok djm@
7704
7705    OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
7706
7707commit e3e62deb549fde215b777d95276c304f84bf00c6
7708Author: djm@openbsd.org <djm@openbsd.org>
7709Date:   Wed Oct 6 03:35:13 2021 +0000
7710
7711    upstream: use libc SHA256 functions; make this work when compiled
7712
7713    !WITH_OPENSSL
7714
7715    OpenBSD-Regress-ID: fda0764c1097cd42f979ace29b07eb3481259890
7716
7717commit 12937d867019469ebce83c2ff614cdc6688fc2d8
7718Author: dtucker@openbsd.org <dtucker@openbsd.org>
7719Date:   Fri Oct 1 05:20:20 2021 +0000
7720
7721    upstream: Add test for ssh hashed known_hosts handling.
7722
7723    OpenBSD-Regress-ID: bcef3b3cd5a1ad9899327b4b2183de2541aaf9cf
7724
7725commit 5a37cc118f464416d08cd0291a9b1611d8de9943
7726Author: Damien Miller <djm@mindrot.org>
7727Date:   Wed Oct 6 13:16:21 2021 +1100
7728
7729    fix broken OPENSSL_HAS_ECC test
7730
7731    spotted by dtucker
7732
7733commit 16a25414f303cd6790eb967aeb962040e32c9c7a
7734Author: Damien Miller <djm@mindrot.org>
7735Date:   Fri Oct 1 22:40:06 2021 +1000
7736
7737    make sk-dummy.so work without libcrypto installed
7738
7739commit dee22129bbc61e25b1003adfa2bc584c5406ef2d
7740Author: Damien Miller <djm@mindrot.org>
7741Date:   Fri Oct 1 16:35:49 2021 +1000
7742
7743    make OPENSSL_HAS_ECC checks more thorough
7744
7745    ok dtucker
7746
7747commit 872595572b6c9a584ed754165e8b7c4c9e7e1d61
7748Author: Damien Miller <djm@mindrot.org>
7749Date:   Fri Oct 1 16:35:05 2021 +1000
7750
7751    fix FIDO key support for !OPENSSL_HAS_ECC case
7752
7753    ok dtucker
7754
7755commit 489741dc68366940d369ac670b210b4834a6c272
7756Author: Damien Miller <djm@mindrot.org>
7757Date:   Fri Oct 1 14:51:37 2021 +1000
7758
7759    enable security key support for --without-openssl
7760
7761commit c978565c8589acfe4ea37ab5099d39c84158c713
7762Author: Damien Miller <djm@mindrot.org>
7763Date:   Fri Oct 1 13:27:50 2021 +1000
7764
7765    need stdlib.h for free(3)
7766
7767commit 76a398edfb51951b2d65d522d7b02c72304db300
7768Author: dtucker@openbsd.org <dtucker@openbsd.org>
7769Date:   Thu Sep 30 05:26:26 2021 +0000
7770
7771    upstream: Fix up whitespace left by previous
7772
7773    change removing privsep.  No other changes.
7774
7775    OpenBSD-Regress-ID: 87adec225d8afaee4d6a91b2b71203f52bf14b15
7776
7777commit ddcb53b7a7b29be65d57562302b2d5f41733e8dd
7778Author: dtucker@openbsd.org <dtucker@openbsd.org>
7779Date:   Thu Sep 30 05:20:08 2021 +0000
7780
7781    upstream: Remove references to privsep.
7782
7783    This removes several do..while loops but does not change the
7784    indentation of the now-shallower loops, which will be done in a separate
7785    whitespace-only commit to keep changes of style and substance separate.
7786
7787    OpenBSD-Regress-ID: 4bed1a0249df7b4a87c965066ce689e79472a8f7
7788
7789commit ece2fbe486164860de8df3f8b943cccca3085eff
7790Author: dtucker@openbsd.org <dtucker@openbsd.org>
7791Date:   Thu Sep 30 04:22:50 2021 +0000
7792
7793    upstream: Use "skip" instead of "fatal"
7794
7795    if SUDO isn't set for the *-command tests. This means running "make tests"
7796    without SUDO set will perform all of the tests that it can instead of
7797    failing on the ones it cannot run.
7798
7799    OpenBSD-Regress-ID: bd4dbbb02f34b2e8c890558ad4a696248def763a
7800
7801commit bb754b470c360e787a99fb4e88e2668198e97b41
7802Author: djm@openbsd.org <djm@openbsd.org>
7803Date:   Fri Oct 1 04:50:36 2021 +0000
7804
7805    upstream: unbreak FIDO sk-ed25519 key enrollment for OPENSSL=no builds;
7806
7807    ok dtucker@
7808
7809    OpenBSD-Commit-ID: 6323a5241728626cbb2bf0452cf6a5bcbd7ff709
7810
7811commit 207648d7a6415dc915260ca75850404dbf9f0a0b
7812Author: Darren Tucker <dtucker@dtucker.net>
7813Date:   Wed Sep 29 20:03:58 2021 +1000
7814
7815    Include stdlib.h for arc4random_uniform prototype.
7816
7817commit 696aadc854582c164d5fc04933d2f3e212dc0e06
7818Author: Darren Tucker <dtucker@dtucker.net>
7819Date:   Wed Sep 29 20:00:30 2021 +1000
7820
7821    Look for clang after cc and gcc.
7822
7823commit a3c6375555026d85dbf811fab566b9f76f196144
7824Author: Darren Tucker <dtucker@dtucker.net>
7825Date:   Wed Sep 29 19:30:59 2021 +1000
7826
7827    Use backticks instead of $(..) for portability.
7828
7829    Older shells (eg /bin/sh on Solaris 10) don't support $() syntax.
7830
7831commit 958aaa0387133d51f84fe9c8f30bca03025f2867
7832Author: Darren Tucker <dtucker@dtucker.net>
7833Date:   Wed Sep 29 18:53:32 2021 +1000
7834
7835    Skip file-based tests by default on Mac OS.
7836
7837    The file-based tests need OpenSSL so skip them.
7838
7839commit 55c8bdf6e9afb0f9fa8e4f10c25c7f0081b48fd0
7840Author: Darren Tucker <dtucker@dtucker.net>
7841Date:   Wed Sep 29 18:42:47 2021 +1000
7842
7843    Build without OpenSSL on Mac OS.
7844
7845    Modern versions don't ship enough libcrypto to build against.
7846
7847commit c9172193ea975415facf0afb356d87df21535f88
7848Author: Darren Tucker <dtucker@dtucker.net>
7849Date:   Wed Sep 29 18:33:38 2021 +1000
7850
7851    Remove TEST_SSH_ECC.
7852
7853    Convert the only remaining user of it to runtime detection using ssh -Q.
7854
7855commit 5e6d28b7874b0deae95d2c68947c45212d32e599
7856Author: Darren Tucker <dtucker@dtucker.net>
7857Date:   Wed Sep 29 17:48:09 2021 +1000
7858
7859    Split c89 test openssl setting out.
7860
7861commit c4ac7f98e230e83c015678dc958b1ffe828564ad
7862Author: Darren Tucker <dtucker@dtucker.net>
7863Date:   Wed Sep 29 17:40:50 2021 +1000
7864
7865    Expand TEST_SHELL consistently with other vars.
7866
7867commit cfe5f7b0eb7621bfb0a756222de0431315c2ab8b
7868Author: Darren Tucker <dtucker@dtucker.net>
7869Date:   Wed Sep 29 17:26:50 2021 +1000
7870
7871    Replace `pwd` with make variable in regress cmd.
7872
7873commit 899be59da5fbc3372444bd0fbe74af48313bed33
7874Author: Darren Tucker <dtucker@dtucker.net>
7875Date:   Wed Sep 29 17:14:33 2021 +1000
7876
7877    Get BUILDDIR from autoconf.
7878
7879    Use this to replace `pwd`s in regress test command line.
7880
7881commit c8d92d3d4f7d560146f2f936156ec4dac3fc5811
7882Author: Darren Tucker <dtucker@dtucker.net>
7883Date:   Wed Sep 29 13:28:56 2021 +1000
7884
7885    Add make clean step to tests.
7886
7887commit 360fb41ef8359619ab90b0d131c914494e55d3dd
7888Author: Darren Tucker <dtucker@dtucker.net>
7889Date:   Wed Sep 29 11:36:13 2021 +1000
7890
7891    Test all available clang and gcc versions.
7892
7893commit 4fb49899d7da22952d35a4bc4c9bdb2311087893
7894Author: djm@openbsd.org <djm@openbsd.org>
7895Date:   Wed Sep 29 01:32:21 2021 +0000
7896
7897    upstream: Test certificate hostkeys held in ssh-agent too. Would have
7898
7899    caught regression fixed in sshd r1.575
7900
7901    ok markus@
7902
7903    OpenBSD-Regress-ID: 1f164d7bd89f83762db823eec4ddf2d2556145ed
7904
7905commit ce4854e12e749a05646e5775e9deb8cfaf49a755
7906Author: djm@openbsd.org <djm@openbsd.org>
7907Date:   Wed Sep 29 01:33:32 2021 +0000
7908
7909    upstream: add some debug output showing how many key file/command lines
7910
7911    were processed. Useful to see whether a file or command actually has keys
7912    present
7913
7914    OpenBSD-Commit-ID: 0bd9ff94e84e03a22df8e6c12f6074a95d27f23c
7915
7916commit 15abdd523501c349b703d9a27e2bb4252ad921ef
7917Author: dtucker@openbsd.org <dtucker@openbsd.org>
7918Date:   Tue Sep 28 11:14:50 2021 +0000
7919
7920    upstream: Make prototype for rijndaelEncrypt match function
7921
7922    including the bounds. Fixes error in portable where GCC>=11 takes notice of
7923    the bounds. ok deraadt@
7924
7925    OpenBSD-Commit-ID: cdd2f05fd1549e1786a70871e513cf9e9cf099a6
7926
7927commit d1d29ea1d1ef1a1a54b209f062ec1dcc8399cf03
7928Author: dtucker@openbsd.org <dtucker@openbsd.org>
7929Date:   Tue Sep 28 11:10:05 2021 +0000
7930
7931    upstream: Import regenerated moduli.
7932
7933    OpenBSD-Commit-ID: 4bec5db13b736b64b06a0fca704cbecc2874c8e1
7934
7935commit 39f2111b1d5f00206446257377dcce58cc72369f
7936Author: Darren Tucker <dtucker@dtucker.net>
7937Date:   Wed Sep 29 10:53:55 2021 +1000
7938
7939    Add new compiler hardening flags.
7940
7941    Add -fzero-call-used-regs and -ftrivial-auto-var-init to the list of
7942    compiler hardening flags that configure checks for.  These are supported
7943    by clang and gcc, and make ROP gadgets less useful and mitigate
7944    stack-based infoleaks respectively.  ok djm@
7945
7946commit bf944e3794eff5413f2df1ef37cddf96918c6bde
7947Author: Damien Miller <djm@mindrot.org>
7948Date:   Mon Sep 27 00:03:19 2021 +1000
7949
7950    initgroups needs grp.h
7951
7952commit 8c5b5655149bd76ea21026d7fe73ab387dbc3bc7
7953Author: djm@openbsd.org <djm@openbsd.org>
7954Date:   Sun Sep 26 14:01:11 2021 +0000
7955
7956    upstream: openssh-8.8
7957
7958    OpenBSD-Commit-ID: 12357794602ac979eb7312a1fb190c453f492ec4
7959
7960commit f3cbe43e28fe71427d41cfe3a17125b972710455
7961Author: djm@openbsd.org <djm@openbsd.org>
7962Date:   Sun Sep 26 14:01:03 2021 +0000
7963
7964    upstream: need initgroups() before setresgid(); reported by anton@,
7965
7966    ok deraadt@
7967
7968    OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
7969
7970commit 8acaff41f7518be40774c626334157b1b1c5583c
7971Author: Damien Miller <djm@mindrot.org>
7972Date:   Sun Sep 26 22:16:36 2021 +1000
7973
7974    update version numbers for release
7975
7976commit d39039ddc0010baa91c70a0fa0753a2699bbf435
7977Author: kn@openbsd.org <kn@openbsd.org>
7978Date:   Sat Sep 25 09:40:33 2021 +0000
7979
7980    upstream: RSA/SHA-1 is not used by default anymore
7981
7982    OK dtucker deraadt djm
7983
7984    OpenBSD-Commit-ID: 055c51a221c3f099dd75c95362f902da1b8678c6
7985
7986commit 9b2ee74e3aa8c461eb5552a6ebf260449bb06f7e
7987Author: Darren Tucker <dtucker@dtucker.net>
7988Date:   Fri Sep 24 11:08:03 2021 +1000
7989
7990    Move the fgrep replacement to hostkey-rotate.sh.
7991
7992    The fgrep replacement for buggy greps doesn't work in the sftp-glob test
7993    so move it to just where we know it's needed.
7994
7995commit f7039541570d4b66d76e6f574544db176d8d5c02
7996Author: Darren Tucker <dtucker@dtucker.net>
7997Date:   Fri Sep 24 08:04:14 2021 +1000
7998
7999    Replacement function for buggy fgrep.
8000
8001    GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will
8002    occasionally fail to find ssh host keys in the hostkey-rotate test.
8003    If we have those versions, use awk instead.
8004
8005commit f6a660e5bf28a01962af87568e118a2d2e79eaa0
8006Author: David Manouchehri <david.manouchehri@riseup.net>
8007Date:   Thu Sep 23 17:03:18 2021 -0400
8008
8009    Don't prompt for yes/no questions.
8010
8011commit 7ed1a3117c09f8c3f1add35aad77d3ebe1b85b4d
8012Author: djm@openbsd.org <djm@openbsd.org>
8013Date:   Mon Sep 20 06:53:56 2021 +0000
8014
8015    upstream: fix missing -s in SYNOPSYS and usage() as well as a
8016
8017    capitalisation mistake; spotted by jmc@
8018
8019    OpenBSD-Commit-ID: 0ed8ee085c7503c60578941d8b45f3a61d4c9710
8020
8021commit 8c07170135dde82a26886b600a8bf6fb290b633d
8022Author: dtucker@openbsd.org <dtucker@openbsd.org>
8023Date:   Mon Sep 20 04:02:13 2021 +0000
8024
8025    upstream: Fix "Allocated port" debug message
8026
8027    for unix domain sockets. From peder.stray at gmail.com via github PR#272,
8028    ok deraadt@
8029
8030    OpenBSD-Commit-ID: 8d5ef3fbdcdd29ebb0792b5022a4942db03f017e
8031
8032commit 277d3c6adfb128b4129db08e3d65195d94b55fe7
8033Author: djm@openbsd.org <djm@openbsd.org>
8034Date:   Mon Sep 20 01:55:42 2021 +0000
8035
8036    upstream: Switch scp back to use the old protocol by default, ahead of
8037
8038    release. We'll wait a little longer for people to pick up sftp-server(8) that
8039    supports the extension that scp needs for ~user paths to continue working in
8040    SFTP protocol mode. Discussed with deraadt@
8041
8042    OpenBSD-Commit-ID: f281f603a705fba317ff076e7b11bcf2df941871
8043
8044commit ace19b34cc15bea3482be90450c1ed0cd0dd0669
8045Author: djm@openbsd.org <djm@openbsd.org>
8046Date:   Sat Sep 18 02:03:25 2021 +0000
8047
8048    upstream: better error message for ~user failures when the
8049
8050    sftp-server lacks the expand-path extension; ok deraadt@
8051
8052    OpenBSD-Commit-ID: 9c1d965d389411f7e86f0a445158bf09b8f9e4bc
8053
8054commit 6b1238ba971ee722a310d95037b498ede5539c03
8055Author: djm@openbsd.org <djm@openbsd.org>
8056Date:   Thu Sep 16 15:22:22 2021 +0000
8057
8058    upstream: make some more scp-in-SFTP mode better match Unix idioms
8059
8060    suggested by deraadt@
8061
8062    OpenBSD-Commit-ID: 0f2439404ed4cf0b0be8bf49a1ee734836e1ac87
8063
8064commit e694f8ac4409931e67d08ac44ed251b20b10a957
8065Author: djm@openbsd.org <djm@openbsd.org>
8066Date:   Thu Sep 16 15:11:19 2021 +0000
8067
8068    upstream: allow log_stderr==2 to prefix log messages with argv[0]
8069
8070    use this to make scp's SFTP mode error messages more scp-like
8071
8072    prompted by and ok deraadt@
8073
8074    OpenBSD-Commit-ID: 0e821dbde423fc2280e47414bdc22aaa5b4e0733
8075
8076commit 8a7a06ee505cb833e613f74a07392e9296286c30
8077Author: Darren Tucker <dtucker@dtucker.net>
8078Date:   Fri Sep 17 13:03:31 2021 +1000
8079
8080    Test against LibreSSL 3.2.6, 3.3.4, 3.4.0.
8081
8082commit c25c84074a47f700dd6534995b4af4b456927150
8083Author: djm@openbsd.org <djm@openbsd.org>
8084Date:   Thu Sep 16 05:36:03 2021 +0000
8085
8086    upstream: missing space character in ssh -G output broke the
8087
8088    t-sshcfgparse regression test; spotted by anton@
8089
8090    OpenBSD-Commit-ID: bcc36fae2f233caac4baa8e58482da4aa350eed0
8091
8092commit a4bee1934bf5e5575fea486628f4123d6a29dff8
8093Author: djm@openbsd.org <djm@openbsd.org>
8094Date:   Wed Sep 15 06:56:01 2021 +0000
8095
8096    upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok
8097
8098    markus@
8099
8100    OpenBSD-Commit-ID: 668a82ba8e56d731b26ffc5703213bfe071df623
8101
8102commit d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd
8103Author: mbuhl@openbsd.org <mbuhl@openbsd.org>
8104Date:   Tue Sep 14 11:04:21 2021 +0000
8105
8106    upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT
8107
8108    OK mfriedl@
8109
8110    OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
8111
8112commit 19b3d846f06697c85957ab79a63454f57f8e22d6
8113Author: schwarze@openbsd.org <schwarze@openbsd.org>
8114Date:   Sat Sep 11 09:05:50 2021 +0000
8115
8116    upstream: Do not ignore SIGINT while waiting for input if editline(3)
8117
8118    is not used. Instead, in non-interactive mode, exit sftp(1), like for other
8119    serious errors. As pointed out by dtucker@, when compiled without editline(3)
8120    support in portable OpenSSH, the el == NULL branch is also used for
8121    interactive mode. In that case, discard the input line and provide a fresh
8122    prompt to the user just like in the case where editline(3) is used. OK djm@
8123
8124    OpenBSD-Commit-ID: 7d06f4d3ebba62115527fafacf38370d09dfb393
8125
8126commit ba61123eef9c6356d438c90c1199a57a0d7bcb0a
8127Author: djm@openbsd.org <djm@openbsd.org>
8128Date:   Sat Sep 11 00:40:24 2021 +0000
8129
8130    upstream: when using SFTP protocol, continue transferring files after a
8131
8132    transfer error occurs. This matches original scp/rcp behaviour. ok dtucker@
8133
8134    OpenBSD-Commit-ID: dfe4558d71dd09707e9b5d6e7d2e53b793da69fa
8135
8136commit b0ec59a708b493c6f3940336b1a537bcb64dd2a7
8137Author: dtucker@openbsd.org <dtucker@openbsd.org>
8138Date:   Fri Sep 10 11:38:38 2021 +0000
8139
8140    upstream: Document that non-interactive commands are run via the user's
8141
8142    shell using the -c flag.  ok jmc@
8143
8144    OpenBSD-Commit-ID: 4f0d912077732eead10423afd1acf4fc0ceec477
8145
8146commit 66a658b5d9e009ea11f8a0ca6e69c7feb2d851ea
8147Author: dtucker@openbsd.org <dtucker@openbsd.org>
8148Date:   Fri Sep 10 10:26:02 2021 +0000
8149
8150    upstream: Document behaviour of arguments following non-interactive
8151
8152    commands. Prompted by github PR#139 from EvanTheB, feedback & ok djm@ jmc@
8153
8154    OpenBSD-Commit-ID: fc758d1fe0471dfab4304fcad6cd4ecc3d79162a
8155
8156commit 1d47e28e407d1f95fdf8f799be23f48dcfa5206b
8157Author: dtucker@openbsd.org <dtucker@openbsd.org>
8158Date:   Fri Sep 10 07:11:11 2021 +0000
8159
8160    upstream: Clarify which file's attributes -p preserves, and that
8161
8162    it's specifically the file mode bits. bz#3340 from calestyo at scientia.net,
8163    ok djm@ jmc@
8164
8165    OpenBSD-Commit-ID: f09e6098ed1c4be00c730873049825f8ee7cb884
8166
8167commit b344db7a413478e4c21e4cadba4a970ad3e6128a
8168Author: djm@openbsd.org <djm@openbsd.org>
8169Date:   Fri Sep 10 05:46:09 2021 +0000
8170
8171    upstream: openssh-7.4 was incorrectly listed twice; spotted by
8172
8173    Dmitry Belyavskiy, ok dtucker@
8174
8175    OpenBSD-Commit-ID: 4b823ae448f6e899927ce7b04225ac9e489f58ef
8176
8177commit 9136d6239ad7a4a293e0418a49b69e70c76d58b8
8178Author: jmc@openbsd.org <jmc@openbsd.org>
8179Date:   Thu Sep 9 06:17:39 2021 +0000
8180
8181    upstream: - move CAVEATS to its correct order - use the term
8182
8183    "legacy" protocol rather than "original", as the latter made the text
8184    misleading - uppercase SCP
8185
8186    ok djm
8187
8188    OpenBSD-Commit-ID: 8479255746d5fa76a358ee59e7340fecf4245ff0
8189
8190commit 2d678c5e3bdc2f5c99f7af5122e9d054925d560d
8191Author: David Carlier <devnexen@gmail.com>
8192Date:   Wed Sep 8 19:49:54 2021 +0100
8193
8194    Disable tracing on FreeBSD using procctl.
8195
8196    Placed at the start of platform_disable_tracing() to prevent declaration
8197    after code errors from strict C89 compilers (in the unlikely event that
8198    more than one method is enabled).
8199
8200commit 73050fa38fb36ae3326d768b574806352b97002d
8201Author: djm@openbsd.org <djm@openbsd.org>
8202Date:   Wed Sep 8 23:31:39 2021 +0000
8203
8204    upstream: Use the SFTP protocol by default. The original scp/rcp
8205
8206    protocol remains available via the -O flag.
8207
8208    Note that ~user/ prefixed paths in SFTP mode require a protocol extension
8209    that was first shipped in OpenSSH 8.7.
8210
8211    ok deraadt, after baking in snaps for a while without incident
8212
8213    OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c
8214
8215commit c4565e69ffa2485cff715aa842ea7a350296bfb6
8216Author: Darren Tucker <dtucker@dtucker.net>
8217Date:   Wed Sep 8 21:09:49 2021 +1000
8218
8219    Really fix test on OpenSSL 1.1.1 stable.
8220
8221commit 79f1bb5f56cef3ae9276207316345b8309248478
8222Author: Darren Tucker <dtucker@dtucker.net>
8223Date:   Wed Sep 8 18:51:39 2021 +1000
8224
8225    Correct OpenSSL 1.1.1 stable identifier.
8226
8227commit b6255593ed5ccbe5e7d3d4b26b2ad31ad4afc232
8228Author: Darren Tucker <dtucker@dtucker.net>
8229Date:   Wed Sep 8 18:39:44 2021 +1000
8230
8231    Increment nfds when coming from startup_pipe.
8232
8233    If we have to increase nfds because startup_pipe[0] is above any of the
8234    descriptors passed in the fd_sets, we also need to add 1 to nfds since
8235    select takes highest FD number plus one.  bz#3345 from yaroslav.kuzmin
8236    at vmssoftware.com.
8237
8238commit a3e92a6794817df6012ac8546aea19652cc91b61
8239Author: Darren Tucker <dtucker@dtucker.net>
8240Date:   Wed Sep 8 13:45:10 2021 +1000
8241
8242    Tests for OpenSSL 3.0.0 release & 1.1.1 branch.
8243
8244commit 4afe431da98ec1cf6a2933fe5658f4fd68dee9e2
8245Author: djm@openbsd.org <djm@openbsd.org>
8246Date:   Wed Sep 8 03:23:44 2021 +0000
8247
8248    upstream: correct my mistake in previous fix; spotted by halex
8249
8250    OpenBSD-Commit-ID: 3cc62d92e3f70006bf02468fc146bfc36fffa183
8251
8252commit ca0e455b9331213ff9505a21b94c38e34faa2bba
8253Author: djm@openbsd.org <djm@openbsd.org>
8254Date:   Tue Sep 7 06:03:51 2021 +0000
8255
8256    upstream: avoid NULL deref in -Y find-principals. Report and fix
8257
8258    from Carlo Marcelo Arenas Belón
8259    MIME-Version: 1.0
8260    Content-Type: text/plain; charset=UTF-8
8261    Content-Transfer-Encoding: 8bit
8262
8263    OpenBSD-Commit-ID: 6238486f8ecc888d6ccafcd9ad99e621bb41f1e0
8264
8265commit 37616807f150fb46610bbd5031c31af4857ad1e9
8266Author: millert@openbsd.org <millert@openbsd.org>
8267Date:   Mon Sep 6 00:36:01 2021 +0000
8268
8269    upstream: revision 1.381 neglected to remove
8270
8271    sChallengeResponseAuthentication from the enum.  Noticed by
8272    christos@zoulas.com.  OK dtucker@
8273
8274    OpenBSD-Commit-ID: b533283a4dd6d04a867da411a4c7a8fbc90e34ff
8275
8276commit 7acb3578cdfec0b3d34501408071f7a96c1684ea
8277Author: Darren Tucker <dtucker@dtucker.net>
8278Date:   Sun Sep 5 20:45:42 2021 +1000
8279
8280    Correct version_num for OpenSSL dev branch.
8281
8282commit 65bb01111320dfd0d25e21e1fd4d3f2b77532669
8283Author: Darren Tucker <dtucker@dtucker.net>
8284Date:   Sun Sep 5 19:37:39 2021 +1000
8285
8286    Test against OpenSSL 3 branch as well as dev.
8287
8288    Now that OpenSSL development has moved to 3.1, test against the most
8289    recent version of the openssl-3.0 branch too.
8290
8291commit 864ed0d5e04a503b97202c776b7cf3f163f3eeaa
8292Author: Darren Tucker <dtucker@dtucker.net>
8293Date:   Sun Sep 5 19:33:22 2021 +1000
8294
8295    OpenSSL development is now 3.1.*
8296
8297commit a60209a586a928f92ab323bf23bd07f57093342e
8298Author: dtucker@openbsd.org <dtucker@openbsd.org>
8299Date:   Fri Sep 3 07:43:23 2021 +0000
8300
8301    upstream: Use .Cm instead of .Dq in StrictHostKeyChecking list for
8302
8303    consistency. Patch from scop via github PR#257, ok jmc@
8304
8305    OpenBSD-Commit-ID: 3652a91564570779431802c31224fb4a9cf39872
8306
8307commit 8d1d9eb6de37331e872700e9e399a3190cca1242
8308Author: dtucker@openbsd.org <dtucker@openbsd.org>
8309Date:   Fri Sep 3 07:27:03 2021 +0000
8310
8311    upstream: Mention using ssh -i for specifying the public key file
8312
8313    in the case where the private key is loaded into ssh-agent but is not present
8314    locally.  Based on patch from rafork via github PR#215, ok jmc@
8315
8316    OpenBSD-Commit-ID: 2282e83b0ff78d2efbe705883b67240745fa5bb2
8317
8318commit eb4362e5e3aa7ac26138b11e44d8c191910aff64
8319Author: dtucker@openbsd.org <dtucker@openbsd.org>
8320Date:   Fri Sep 3 05:25:50 2021 +0000
8321
8322    upstream: Refer to KEX "algorithms" instead of "methods" to match
8323
8324    other references and improve consistency.  Patch from scop via github PR#241,
8325    ok djm@
8326
8327    OpenBSD-Commit-ID: 840bc94ff6861b28d8603c8e8c16499bfb65e32c
8328
8329commit b3318946ce5725da43c4bf7eeea1b73129c47d2a
8330Author: dtucker@openbsd.org <dtucker@openbsd.org>
8331Date:   Fri Sep 3 05:12:25 2021 +0000
8332
8333    upstream: Remove redundant attrib_clear in upload_dir_internal.
8334
8335    The subsequent call to stat_to_attrib clears the struct as its first step
8336    anyway. From pmeinhardt via github PR#220, ok djm@
8337
8338    OpenBSD-Commit-ID: f5234fc6d7425b607e179acb3383f21716f3029e
8339
8340commit 7cc3fe28896e653956a6a2eed0a25d551b83a029
8341Author: dtucker@openbsd.org <dtucker@openbsd.org>
8342Date:   Fri Sep 3 04:11:13 2021 +0000
8343
8344    upstream: Add test for client termination status on signal.
8345
8346    Based on patch from Alexxz via github PR#235 with some tweaks, to
8347    match patch in bz#3281.
8348
8349    OpenBSD-Regress-ID: d87c7446fb8b5f8b45894fbbd6875df326e729e2
8350
8351commit 5428b0d239f6b516c81d1dd15aa9fe9e60af75d4
8352Author: deraadt@openbsd.org <deraadt@openbsd.org>
8353Date:   Thu Sep 2 21:03:54 2021 +0000
8354
8355    upstream: sys/param.h is not needed for any visible reason
8356
8357    OpenBSD-Commit-ID: 8bdea2d0c75692e4c5777670ac039d4b01c1f368
8358
8359commit 1ff38f34b4c4545eb28106629cafa1e0496bc726
8360Author: Shchelkunov Artem <a.shchelkunov@ideco.ru>
8361Date:   Wed Aug 11 18:07:58 2021 +0500
8362
8363    Fix memory leak in error path.
8364
8365    *info is allocated via xstrdup but was leaked in the PAM_AUTH_ERR path.
8366    From github PR#266.
8367
8368commit cb37e2f0c0ca4fef844ed7edc5d0e3b7d0e83f6a
8369Author: dtucker@openbsd.org <dtucker@openbsd.org>
8370Date:   Wed Sep 1 03:16:06 2021 +0000
8371
8372    upstream: Fix ssh-rsa fallback for old PuTTY interop tests.
8373
8374    OpenBSD-Regress-ID: a19ac929da604843a5b5f0f48d2c0eb6e0773d37
8375
8376commit 8b02ef0f28dc24cda8cbcd8b7eb02bda8f8bbe59
8377Author: dtucker@openbsd.org <dtucker@openbsd.org>
8378Date:   Wed Sep 1 00:50:27 2021 +0000
8379
8380    upstream: Add a function to skip remaining tests.
8381
8382    Many tests skip tests for various reasons but not in a consistent way and
8383    don't always clean up, so add that and switch the tests that do that over.
8384
8385    OpenBSD-Regress-ID: 72d2ec90a3ee8849486956a808811734281af735
8386
8387commit d486845c07324c04240f1674ac513985bd356f66
8388Author: dtucker@openbsd.org <dtucker@openbsd.org>
8389Date:   Tue Aug 31 07:13:59 2021 +0000
8390
8391    upstream: Specify path to PuTTY keys.
8392
8393    Portable needs this and it makes no difference on OpenBSD, so resync
8394    them.  (Id sync only, Portable already had this.)
8395
8396    OpenBSD-Regress-ID: 33f6f66744455886d148527af8368811e4264162
8397
8398commit d22b299115e27606e846b23490746f69fdd4fb38
8399Author: dtucker@openbsd.org <dtucker@openbsd.org>
8400Date:   Tue Aug 31 06:13:23 2021 +0000
8401
8402    upstream: Better compat tests with old PuTTY.
8403
8404    When running PuTTY interop tests and using a PuTTY version older than
8405    0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants
8406    of RSA were added some time between 0.73 and 0.76).
8407
8408    OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1
8409
8410commit 87ad70d605c3e39c9b8aa275db27120d7cc09b77
8411Author: Darren Tucker <dtucker@dtucker.net>
8412Date:   Tue Aug 31 17:04:50 2021 +1000
8413
8414    Resync PuTTY interop tests.
8415
8416    Resync behaviour when REGRESS_INTEROP_PUTTY is not set with OpenBSD.
8417
8418commit e47b82a7bf51021afac218bf59a3be121827653d
8419Author: dtucker@openbsd.org <dtucker@openbsd.org>
8420Date:   Tue Aug 31 01:25:27 2021 +0000
8421
8422    upstream: Specify hostkeyalgorithms in SSHFP test.
8423
8424    Specify host key algorithms in sshd's default set for the SSHFP test,
8425    from djm@.  Make the reason for when the test is skipped a bit clearer.
8426
8427    OpenBSD-Regress-ID: 4f923dfc761480d5411de17ea6f0b30de3e32cea
8428
8429commit 7db3e0a9e8477c018757b59ee955f7372c0b55fb
8430Author: djm@openbsd.org <djm@openbsd.org>
8431Date:   Mon Aug 30 01:15:45 2021 +0000
8432
8433    upstream: adapt to RSA/SHA1 deprectation
8434
8435    OpenBSD-Regress-ID: 952397c39a22722880e4de9d1c50bb1a14f907bb
8436
8437commit 2344750250247111a6c3c6a4fe84ed583a61cc11
8438Author: djm@openbsd.org <djm@openbsd.org>
8439Date:   Sun Aug 29 23:53:10 2021 +0000
8440
8441    upstream: After years of forewarning, disable the RSA/SHA-1
8442
8443    signature algorithm by default. It is feasible to create colliding SHA1
8444    hashes, so we need to deprecate its use.
8445
8446    RSA/SHA-256/512 remains available and will be transparently selected
8447    instead of RSA/SHA1 for most SSH servers released in the last five+
8448    years. There is no need to regenerate RSA keys.
8449
8450    The use of RSA/SHA1 can be re-enabled by adding "ssh-rsa" to the
8451    PubkeyAcceptedAlgorithms directives on the client and server.
8452
8453    ok dtucker deraadt
8454
8455    OpenBSD-Commit-ID: 189bcc4789c7254e09e23734bdd5def8354ff1d5
8456
8457commit 56c4455d3b54b7d481c77c82115c830b9c8ce328
8458Author: djm@openbsd.org <djm@openbsd.org>
8459Date:   Sun Aug 29 23:44:07 2021 +0000
8460
8461    upstream: wrap at 80 columns
8462
8463    OpenBSD-Commit-ID: 47ca2286d6b52a9747f34da16d742879e1a37bf0
8464
8465commit 95401eea8503943449f712e5f3de52fc0bc612c5
8466Author: Darren Tucker <dtucker@dtucker.net>
8467Date:   Fri Aug 20 18:14:13 2021 +1000
8468
8469    Replace shell function with ssh-keygen -A.
8470
8471    Prevents the init script in the SysV package from trying (and failing)
8472    to generate unsupported key types.  Remove now-unused COMMENT_OUT_ECC.
8473    ok tim@
8474
8475commit d83ec9ed995a76ed1d5c65cf10b447222ec86131
8476Author: Darren Tucker <dtucker@dtucker.net>
8477Date:   Fri Aug 20 15:39:05 2021 +1000
8478
8479    Remove obsolete Redhat PAM config and init script.
8480
8481commit e1a596186c81e65a34ce13076449712d3bf97eb4
8482Author: Damien Miller <djm@mindrot.org>
8483Date:   Fri Aug 20 14:03:49 2021 +1000
8484
8485    depend
8486
8487commit 5450606c8f7f7a0d70211cea78bc2dab74ab35d1
8488Author: Damien Miller <djm@mindrot.org>
8489Date:   Fri Aug 20 13:59:43 2021 +1000
8490
8491    update version numbers
8492
8493commit feee2384ab8d694c770b7750cfa76a512bdf8246
8494Author: djm@openbsd.org <djm@openbsd.org>
8495Date:   Fri Aug 20 03:22:55 2021 +0000
8496
8497    upstream: openssh-8.7
8498
8499    OpenBSD-Commit-ID: 8769dff0fd76ae3193d77bf83b439adee0f300cd
8500
8501commit 9a2ed62173cc551b2b5f479460bb015b19499de8
8502Author: Darren Tucker <dtucker@dtucker.net>
8503Date:   Fri Aug 20 10:48:13 2021 +1000
8504
8505    Also check pid in pselect_notify_setup.
8506
8507    Spotted by djm@.
8508
8509commit deaadcb93ca15d4f38aa38fb340156077792ce87
8510Author: Darren Tucker <dtucker@dtucker.net>
8511Date:   Fri Aug 20 08:39:33 2021 +1000
8512
8513    Prefix pselect functions to clarify debug messages
8514
8515commit 10e45654cff221ca60fd35ee069df67208fcf415
8516Author: Darren Tucker <dtucker@dtucker.net>
8517Date:   Fri Aug 20 08:30:42 2021 +1000
8518
8519    Fix race in pselect replacement code.
8520
8521    On the second and subsequent calls to pselect the notify_pipe was not
8522    added to the select readset, opening up a race that om G. Christensen
8523    discovered on multiprocessor Solaris <=9 systems.
8524
8525    Also reinitialize notify_pipe if the pid changes.  This will prevent a
8526    parent and child from using the same FD, although this is not an issue
8527    in the current structure it might be in future.
8528
8529commit 464ba22f1e38d25402e5ec79a9b8d34a32df5a3f
8530Author: Darren Tucker <dtucker@dtucker.net>
8531Date:   Wed Aug 18 12:51:30 2021 +1000
8532
8533    Check compiler for c99 declarations after code.
8534
8535    The sntrup761 reference code contains c99-style declarations after code
8536    so don't try to build that if the compiler doesn't support it.
8537
8538commit 7d878679a4b155a359d32104ff473f789501748d
8539Author: Darren Tucker <dtucker@dtucker.net>
8540Date:   Tue Aug 17 15:12:04 2021 +1000
8541
8542    Remove trailing backslash on regress-unit-binaries
8543
8544commit b71b2508f17c68c5d9dbbe537686d81cedb9a781
8545Author: Darren Tucker <dtucker@dtucker.net>
8546Date:   Tue Aug 17 07:59:27 2021 +1000
8547
8548    Put stdint.h inside HAVE_STDINT_H.
8549
8550    From Tom G. Christensen.
8551
8552commit 6a24567a29bd7b4ab64e1afad859ea845cbc6b8c
8553Author: Darren Tucker <dtucker@dtucker.net>
8554Date:   Mon Aug 16 14:13:02 2021 +1000
8555
8556    Improve github test driver script.
8557
8558     - use a trap to always output any failed regress logs (since the script
8559       sets -e, the existing log output is never invoked).
8560     - pass LTESTS and SKIP_LTESTS when re-running with sshd options (eg.
8561       UsePAM).
8562
8563commit b467cf13705f59ed348b620722ac098fe31879b7
8564Author: Darren Tucker <dtucker@dtucker.net>
8565Date:   Mon Aug 16 11:32:23 2021 +1000
8566
8567    Remove deprecated ubuntu-16.04 test targets.
8568
8569    Github has deprecated ubuntu-16.04 and it will be removed on 20
8570    September.
8571
8572commit 20e6eefcdf78394f05e453d456c1212ffaa6b6a4
8573Author: Darren Tucker <dtucker@dtucker.net>
8574Date:   Sun Aug 15 23:25:26 2021 +1000
8575
8576    Skip agent ptrace test on hurd.
8577
8578commit 7c9115bbbf958fbf85259a061c1122e2d046aabf
8579Author: Darren Tucker <dtucker@dtucker.net>
8580Date:   Sun Aug 15 19:37:22 2021 +1000
8581
8582    Add hurd test target.
8583
8584commit 7909a566f6c6a78fcd30708dc49f4e4f9bb80ce3
8585Author: Darren Tucker <dtucker@dtucker.net>
8586Date:   Sun Aug 15 12:45:10 2021 +1000
8587
8588    Skip scp3 tests on all dfly58 and 60 configs.
8589
8590commit e65198e52cb03534e8c846d1bca74c310b1526de
8591Author: Tim Rice <tim@multitalents.net>
8592Date:   Sat Aug 14 13:08:07 2021 -0700
8593
8594    openbsd-compat/openbsd-compat.h: put bsd-signal.h before bsd-misc.h
8595    to get sigset_t from signal.h needed for the pselect replacement.
8596
8597commit e50635640f79920d9375e0155cb3f4adb870eee5
8598Author: Darren Tucker <dtucker@dtucker.net>
8599Date:   Fri Aug 13 13:21:00 2021 +1000
8600
8601    Test OpenSSH from OpenBSD head on 6.8 and 6.9.
8602
8603commit e0ba38861c490c680117b7fe0a1d61a181cd00e7
8604Author: Darren Tucker <dtucker@dtucker.net>
8605Date:   Fri Aug 13 13:00:14 2021 +1000
8606
8607    Skip scp3 test on dragonfly 58 and 60.
8608
8609    The tests hang, so skip until we figure them out.
8610
8611commit dcce2a2bcf007bf817a2fb0dce3db83fa9201e92
8612Author: djm@openbsd.org <djm@openbsd.org>
8613Date:   Thu Aug 12 23:59:25 2021 +0000
8614
8615    upstream: mention that CASignatureAlgorithms accepts +/- similarly to
8616
8617    the other algorithm list directives; ok jmc bz#3335
8618
8619    OpenBSD-Commit-ID: 0d46b53995817052c78e2dce9dbd133963b073d9
8620
8621commit 090a82486e5d7a8f7f16613d67e66a673a40367f
8622Author: schwarze@openbsd.org <schwarze@openbsd.org>
8623Date:   Thu Aug 12 09:59:00 2021 +0000
8624
8625    upstream: In the editline(3) branch of the sftp(1) event loop,
8626
8627    handle SIGINT rather than ignoring it, such that the user can use Ctrl-C to
8628    discard the currently edited command line and get a fresh prompt, just like
8629    in ftp(1), bc(1), and in shells.
8630
8631    It is critical to not use ssl_signal() for this particular case
8632    because that function unconditionally sets SA_RESTART, but here we
8633    need the signal to interrupt the read(2) in the el_gets(3) event loop.
8634
8635    OK dtucker@ deraadt@
8636
8637    OpenBSD-Commit-ID: 8025115a773f52e9bb562eaab37ea2e021cc7299
8638
8639commit e1371e4f58404d6411d9f95eb774b444cea06a26
8640Author: naddy@openbsd.org <naddy@openbsd.org>
8641Date:   Wed Aug 11 14:07:54 2021 +0000
8642
8643    upstream: scp: tweak man page and error message for -3 by default
8644
8645    Now that the -3 option is enabled by default, flip the documentation
8646    and error message logic from "requires -3" to "blocked by -R".
8647
8648    ok djm@
8649
8650    OpenBSD-Commit-ID: a872592118444fb3acda5267b2a8c3d4c4252020
8651
8652commit 49f46f6d77328a3d10a758522b670a3e8c2235e7
8653Author: naddy@openbsd.org <naddy@openbsd.org>
8654Date:   Wed Aug 11 14:05:19 2021 +0000
8655
8656    upstream: scp: do not spawn ssh with two -s flags for
8657
8658    remote-to-remote copies
8659
8660    Do not add another "-s" to the argument vector every time an SFTP
8661    connection is initiated.  Instead, introduce a subsystem flag to
8662    do_cmd() and add "-s" when the flag is set.
8663
8664    ok djm@
8665
8666    OpenBSD-Commit-ID: 25df69759f323661d31b2e1e790faa22e27966c1
8667
8668commit 2a2cd00783e1da45ee730b7f453408af1358ef5b
8669Author: djm@openbsd.org <djm@openbsd.org>
8670Date:   Wed Aug 11 08:55:04 2021 +0000
8671
8672    upstream: test -Oprint-pubkey
8673
8674    OpenBSD-Regress-ID: 3d51afb6d1f287975fb6fddd7a2c00a3bc5094e0
8675
8676commit b9f4635ea5bc33ed5ebbacf332d79bae463b0f54
8677Author: djm@openbsd.org <djm@openbsd.org>
8678Date:   Wed Aug 11 08:54:17 2021 +0000
8679
8680    upstream: when verifying sshsig signatures, support an option
8681
8682    (-Oprint-pubkey) to dump the full public key to stdout; based on patch from
8683    Fabian Stelzer; ok markus@
8684
8685    OpenBSD-Commit-ID: 0598000e5b9adfb45d42afa76ff80daaa12fc3e2
8686
8687commit 750c1a45ba4e8ad63793d49418a0780e77947b9b
8688Author: djm@openbsd.org <djm@openbsd.org>
8689Date:   Wed Aug 11 05:21:32 2021 +0000
8690
8691    upstream: oops, missed one more %p
8692
8693    OpenBSD-Commit-ID: e7e62818d1564cc5cd9086eaf7a51cbd1a9701eb
8694
8695commit b5aa27b69ab2e1c13ac2b5ad3f8f7d389bad7489
8696Author: djm@openbsd.org <djm@openbsd.org>
8697Date:   Wed Aug 11 05:20:17 2021 +0000
8698
8699    upstream: remove a bunch of %p in format strings; leftovers of
8700
8701    debuggings past. prompted by Michael Forney, ok dtucker@
8702
8703    OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
8704
8705commit 419aa01123db5ff5dbc68b2376ef23b222862338
8706Author: Darren Tucker <dtucker@dtucker.net>
8707Date:   Wed Aug 11 09:21:09 2021 +1000
8708
8709    Add includes.h to compat tests.
8710
8711    On platforms where closefrom returns void (eg glibc>=2.34) the prototype
8712    for closefrom in its compat tests would cause compile errors.  Remove
8713    this and have the tests pull in the compat headers in the same way as
8714    the main code.  bz#3336.
8715
8716commit 931f592f26239154eea3eb35a086585897b1a185
8717Author: djm@openbsd.org <djm@openbsd.org>
8718Date:   Tue Aug 10 03:35:45 2021 +0000
8719
8720    upstream: adapt to scp -M flag change; make scp3.sh test SFTP mode too
8721
8722    OpenBSD-Regress-ID: 43fea26704a0f0b962b53c1fabcb68179638f9c0
8723
8724commit 391ca67fb978252c48d20c910553f803f988bd37
8725Author: djm@openbsd.org <djm@openbsd.org>
8726Date:   Tue Aug 10 03:33:34 2021 +0000
8727
8728    upstream: Prepare for a future where scp(1) uses the SFTP protocol by
8729
8730    default. Replace recently added -M option to select the protocol with -O
8731    (olde) and -s (SFTP) flags, and label the -s flag with a clear warning that
8732    it will be removed in the near future (so no, don't use it in scripts!).
8733
8734    prompted by/feedback from deraadt@
8735
8736    OpenBSD-Commit-ID: 92ad72cc6f0023c9be9e316d8b30eb6d8d749cfc
8737
8738commit bfdd4b722f124a4fa9173d20dd64dd0fc69856be
8739Author: djm@openbsd.org <djm@openbsd.org>
8740Date:   Mon Aug 9 23:56:36 2021 +0000
8741
8742    upstream: make scp -3 the default for remote-to-remote copies. It
8743
8744    provides a much better and more intuitive user experience and doesn't require
8745    exposing credentials to the source host.
8746
8747    thanks naddy@ for catching the missing argument in usage()
8748
8749    "Yes please!" - markus@
8750    "makes a lot of sense" - deraadt@
8751    "the right thing to do" - dtucker@
8752
8753    OpenBSD-Commit-ID: d0d2af5f0965c5192ba5b2fa461c9f9b130e5dd9
8754
8755commit 2f7a3b51cef689ad9e93d0c6c17db5a194eb5555
8756Author: djm@openbsd.org <djm@openbsd.org>
8757Date:   Mon Aug 9 23:49:31 2021 +0000
8758
8759    upstream: make scp in SFTP mode try to use relative paths as much
8760
8761    as possible. Previosuly, it would try to make relative and ~/-rooted paths
8762    absolute before requesting transfers.
8763
8764    prompted by and much discussion deraadt@
8765    ok markus@
8766
8767    OpenBSD-Commit-ID: 46639d382ea99546a4914b545fa7b00fa1be5566
8768
8769commit 2ab864010e0a93c5dd95116fb5ceaf430e2fc23c
8770Author: djm@openbsd.org <djm@openbsd.org>
8771Date:   Mon Aug 9 23:47:44 2021 +0000
8772
8773    upstream: SFTP protocol extension to allow the server to expand
8774
8775    ~-prefixed paths, in particular ~user ones. Allows scp in sftp mode to accept
8776    these paths, like scp in rcp mode does.
8777
8778    prompted by and much discussion deraadt@
8779    ok markus@
8780
8781    OpenBSD-Commit-ID: 7d794def9e4de348e1e777f6030fc9bafdfff392
8782
8783commit 41b019ac067f1d1f7d99914d0ffee4d2a547c3d8
8784Author: djm@openbsd.org <djm@openbsd.org>
8785Date:   Mon Aug 9 23:44:32 2021 +0000
8786
8787    upstream: when scp is in SFTP mode, try to deal better with ~
8788
8789    prefixed paths. ~user paths aren't supported, but ~/ paths will be accepted
8790    and prefixed with the SFTP server starting directory (more to come)
8791
8792    prompted by and discussed with deraadt@
8793    ok markus@
8794
8795    OpenBSD-Commit-ID: 263a071f14555c045fd03132a8fb6cbd983df00d
8796
8797commit b4b3f3da6cdceb3fd168b5fab69d11fba73bd0ae
8798Author: djm@openbsd.org <djm@openbsd.org>
8799Date:   Mon Aug 9 07:21:01 2021 +0000
8800
8801    upstream: on fatal errors, make scp wait for ssh connection before
8802
8803    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
8804    after scp has returned exited and control has returned to the shell; ok
8805    markus@
8806
8807    (this was originally committed as r1.223 along with unrelated stuff that
8808    I rolled back in r1.224)
8809
8810    OpenBSD-Commit-ID: 1261fd667ad918484889ed3d7aec074f3956a74b
8811
8812commit 2ae7771749e0b4cecb107f9d4860bec16c3f4245
8813Author: djm@openbsd.org <djm@openbsd.org>
8814Date:   Mon Aug 9 07:19:12 2021 +0000
8815
8816    upstream: rever r1.223 - I accidentally committed unrelated changes
8817
8818    OpenBSD-Commit-ID: fb73f3865b2647a27dd94db73d6589506a9625f9
8819
8820commit 986abe94d481a1e82a01747360bd767b96b41eda
8821Author: djm@openbsd.org <djm@openbsd.org>
8822Date:   Mon Aug 9 07:16:09 2021 +0000
8823
8824    upstream: show only the final path component in the progress meter;
8825
8826    more useful with long paths (that may truncate) and better matches
8827    traditional scp behaviour; spotted by naddy@ ok deraadt@
8828
8829    OpenBSD-Commit-ID: 26b544d0074f03ebb8a3ebce42317d8d7ee291a3
8830
8831commit 2b67932bb3176dee4fd447af4368789e04a82b93
8832Author: djm@openbsd.org <djm@openbsd.org>
8833Date:   Mon Aug 9 07:13:54 2021 +0000
8834
8835    upstream: on fatal errors, make scp wait for ssh connection before
8836
8837    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
8838    after scp has returned exited and control has returned to the shell; ok
8839    markus@
8840
8841    OpenBSD-Commit-ID: ef9dab5ef5ae54a6a4c3b15d380568e94263456c
8842
8843commit 724eb900ace30661d45db2ba01d0f924d95ecccb
8844Author: dtucker@openbsd.org <dtucker@openbsd.org>
8845Date:   Sun Aug 8 08:49:09 2021 +0000
8846
8847    upstream: xstrdup environment variable used by ForwardAgent. bz#3328
8848
8849    from goetze at dovetail.com, ok djm@ deraadt@
8850
8851    OpenBSD-Commit-ID: 760320dac1c3b26904284ba417a7d63fccc5e742
8852
8853commit 86b4cb3a884846b358305aad17a6ef53045fa41f
8854Author: dtucker@openbsd.org <dtucker@openbsd.org>
8855Date:   Sun Aug 8 08:27:28 2021 +0000
8856
8857    upstream: Although it's POSIX, not all shells used in Portable support
8858
8859    the implicit 'in "$@"' after 'for i'.
8860
8861    OpenBSD-Regress-ID: 3c9aec6bca4868f85d2742b6ba5223fce110bdbc
8862
8863commit f2ccf6c9f395923695f22345e626dfd691227aaf
8864Author: Darren Tucker <dtucker@dtucker.net>
8865Date:   Sun Aug 8 17:39:56 2021 +1000
8866
8867    Move portable specific settings down.
8868
8869    This brings the top hunk of the file back in sync with OpenBSD
8870    so patches to the CVS Id should apply instead of always being
8871    rejected.
8872
8873commit 71b0eb997e220b0fc9331635af409ad84979f2af
8874Author: dtucker@openbsd.org <dtucker@openbsd.org>
8875Date:   Sun Aug 8 07:27:52 2021 +0000
8876
8877    upstream: Move setting of USER further down the startup In portable
8878
8879    we have to change this and having it in the same hunk as the CVS Id string
8880    means applying changes fails every. single. time.
8881
8882    OpenBSD-Regress-ID: 87cd603eb6db58c9b430bf90adacb7f90864429b
8883
8884commit f0aca2706c710a0da1a4be705f825a807cd15400
8885Author: dtucker@openbsd.org <dtucker@openbsd.org>
8886Date:   Sun Aug 8 06:38:33 2021 +0000
8887
8888    upstream: Drop -q in ssh-log-wrapper.sh to preserve logs.
8889
8890    scp and sftp like to add -q to the command line passed to ssh which
8891    overrides the LogLevel we set in the config files and suppresses output
8892    to the debug logs so drop any "-q" from the invoked ssh.  In the one
8893    case where we actually want to use -q in the banner test, call the ssh
8894    binary directly bypassing the logging wrapper.
8895
8896    OpenBSD-Regress-ID: e2c97d3c964bda33a751374c56f65cdb29755b75
8897
8898commit cf27810a649c5cfae60f8ce66eeb25caa53b13bc
8899Author: dtucker@openbsd.org <dtucker@openbsd.org>
8900Date:   Sat Aug 7 01:57:08 2021 +0000
8901
8902    upstream: Fix prototype mismatch for do_cmd. ok djm@
8903
8904    OpenBSD-Commit-ID: 1c1598bb5237a7ae0be99152f185e0071163714d
8905
8906commit 85de69f64665245786e28c81ab01fe18b0e2a149
8907Author: djm@openbsd.org <djm@openbsd.org>
8908Date:   Sat Aug 7 01:55:01 2021 +0000
8909
8910    upstream: sftp-client.c needs poll.h
8911
8912    remove unused variable
8913
8914    OpenBSD-Commit-ID: 233ac6c012cd23af62f237167a661db391055a16
8915
8916commit 397c4d72e50023af5fe3aee5cc2ad407a6eb1073
8917Author: Darren Tucker <dtucker@dtucker.net>
8918Date:   Sat Aug 7 11:30:57 2021 +1000
8919
8920    Include poll.h and friends for struct pollfd.
8921
8922commit a9e2c533195f28627f205682482d9da384c4c52e
8923Author: djm@openbsd.org <djm@openbsd.org>
8924Date:   Sat Aug 7 00:14:17 2021 +0000
8925
8926    upstream: do_upload() used a near-identical structure for
8927
8928    tracking expected status replies from the server to what do_download() was
8929    using.
8930
8931    Refactor it to use the same structure and factor out some common
8932    code into helper functions.
8933
8934    OpenBSD-Commit-ID: 0c167df8ab6df4a5292c32421922b0cf379e9054
8935
8936commit 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee
8937Author: djm@openbsd.org <djm@openbsd.org>
8938Date:   Sat Aug 7 00:12:09 2021 +0000
8939
8940    upstream: make scp(1) in SFTP mode follow symlinks like
8941
8942    traditional scp(1) ok markus@
8943
8944    OpenBSD-Commit-ID: 97255e55be37e8e26605e4ba1e69f9781765d231
8945
8946commit 133b44e500422df68c9c25c3b6de35c0263132f1
8947Author: djm@openbsd.org <djm@openbsd.org>
8948Date:   Sat Aug 7 00:10:49 2021 +0000
8949
8950    upstream: fix incorrect directory permissions on scp -3
8951
8952    transfers; ok markus@
8953
8954    OpenBSD-Commit-ID: 64b2abaa5635a2be65ee2e77688ad9bcebf576c2
8955
8956commit 98b59244ca10e62ff67a420856770cb700164f59
8957Author: djm@openbsd.org <djm@openbsd.org>
8958Date:   Sat Aug 7 00:09:57 2021 +0000
8959
8960    upstream: a bit more debugging of file attributes being
8961
8962    sent/received over the wire
8963
8964    OpenBSD-Commit-ID: f68c4e207b08ef95200a8b2de499d422808e089b
8965
8966commit c677e65365d6f460c084e41e0c4807bb8a9cf601
8967Author: djm@openbsd.org <djm@openbsd.org>
8968Date:   Sat Aug 7 00:08:52 2021 +0000
8969
8970    upstream: make scp(1) in SFTP mode output better match original
8971
8972    scp(1) by suppressing "Retrieving [path]" lines that were emitted to support
8973    the interactive sftp(1) client. ok markus@
8974
8975    OpenBSD-Commit-ID: 06be293df5f156a18f366079be2f33fa68001acc
8976
8977commit 48cd39b7a4e5e7c25101c6d1179f98fe544835cd
8978Author: djm@openbsd.org <djm@openbsd.org>
8979Date:   Sat Aug 7 00:07:18 2021 +0000
8980
8981    upstream: factor out a structure duplicated between downloading
8982
8983    and crossloading; ok markus@
8984
8985    OpenBSD-Commit-ID: 96eede24d520569232086a129febe342e4765d39
8986
8987commit 318c06bb04ee21a0cfa6b6022a201eacaa53f388
8988Author: djm@openbsd.org <djm@openbsd.org>
8989Date:   Sat Aug 7 00:06:30 2021 +0000
8990
8991    upstream: use sftp_client crossloading to implement scp -3
8992
8993    feedback/ok markus@
8994
8995    OpenBSD-Commit-ID: 7db4c0086cfc12afc9cfb71d4c2fd3c7e9416ee9
8996
8997commit de7115b373ba0be3861c65de9b606a3e0e9d29a3
8998Author: djm@openbsd.org <djm@openbsd.org>
8999Date:   Sat Aug 7 00:02:41 2021 +0000
9000
9001    upstream: support for "cross"-loading files/directories, i.e.
9002
9003    downloading from one SFTP server while simultaneously uploading to another.
9004
9005    feedback & ok markus@
9006
9007    OpenBSD-Commit-ID: 3982878e29d8df0fa4ddc502f5ff6126ac714235
9008
9009commit a50bd0367ff2063bbc70a387740a2aa6914de094
9010Author: djm@openbsd.org <djm@openbsd.org>
9011Date:   Sat Aug 7 00:01:29 2021 +0000
9012
9013    upstream: factor our SSH2_FXP_OPEN calls into their own function;
9014
9015    "looks fine" markus@
9016
9017    OpenBSD-Commit-ID: d3dea2153f08855c6d9dacc01973248944adeffb
9018
9019commit e3c0ba05873cf3d3f7d19d595667a251026b2d84
9020Author: djm@openbsd.org <djm@openbsd.org>
9021Date:   Sat Aug 7 00:00:33 2021 +0000
9022
9023    upstream: prepare for scp -3 implemented via sftp
9024
9025    OpenBSD-Commit-ID: 194aac0dd87cb175334b71c2a30623a5ad55bb44
9026
9027commit 395d8fbdb094497211e1461cf0e2f80af5617e0a
9028Author: dtucker@openbsd.org <dtucker@openbsd.org>
9029Date:   Fri Aug 6 09:00:18 2021 +0000
9030
9031    upstream: Make diff invocation more portable.
9032
9033    POSIX does not require diff to have -N, so compare in both directions
9034    with just -r, which should catch missing files in either directory.
9035
9036    OpenBSD-Regress-ID: 0e2ec8594556a6f369ed5a0a90c6806419b845f7
9037
9038commit d247a73ce27b460138599648d9c637c6f2b77605
9039Author: djm@openbsd.org <djm@openbsd.org>
9040Date:   Wed Aug 4 21:28:00 2021 +0000
9041
9042    upstream: regression test for scp -3
9043
9044    OpenBSD-Regress-ID: b44375d125c827754a1f722ec6b6b75b634de05d
9045
9046commit 35c8e41a6f6d8ad76f8d1cd81ac2ea23d0d993b2
9047Author: dtucker@openbsd.org <dtucker@openbsd.org>
9048Date:   Fri Aug 6 05:04:42 2021 +0000
9049
9050    upstream: Document "ProxyJump none". bz#3334.
9051
9052    OpenBSD-Commit-ID: f78cc6f55731f2cd35c3a41d5352ac1ee419eba7
9053
9054commit 911ec6411821bda535d09778df7503b92f0eafab
9055Author: dtucker@openbsd.org <dtucker@openbsd.org>
9056Date:   Wed Aug 4 01:34:55 2021 +0000
9057
9058    upstream: Allow for different (but POSIX compliant) behaviour of
9059
9060    basename(3) and prevent a use-after-free in that case in the new sftp-compat
9061    code.
9062
9063    POSIX allows basename(3) to either return a pointer to static storage
9064    or modify the passed string and return a pointer to that.  OpenBSD does
9065    the former and works as is, but on other platforms "filename" points
9066    into "tmp" which was just freed.  This makes the freeing of tmp
9067    consistent with the other variable in the loop.
9068
9069    Pinpointed by the -portable Valgrind regress test.  ok djm@ deraadt@
9070
9071    OpenBSD-Commit-ID: 750f3c19bd4440e4210e30dd5d7367386e833374
9072
9073commit 6df1fecb5d3e51f3a8027a74885c3a44f6cbfcbd
9074Author: Damien Miller <djm@mindrot.org>
9075Date:   Wed Aug 4 11:05:11 2021 +1000
9076
9077    use openbsd-compat glob.h is required
9078
9079commit 9ebd1828881dfc9014a344587934a5ce7db6fa1b
9080Author: Darren Tucker <dtucker@dtucker.net>
9081Date:   Tue Aug 3 21:03:23 2021 +1000
9082
9083    Missing space between macro arg and punctuation.
9084
9085    From jmc@
9086
9087commit 0fd3f62eddc7cf54dcc9053be6f58998f3eb926a
9088Author: Darren Tucker <dtucker@dtucker.net>
9089Date:   Tue Aug 3 21:02:33 2021 +1000
9090
9091    Avoid lines >80 chars.  From jmc@
9092
9093commit af5d8094d8b755e1daaf2e20ff1dc252800b4c9b
9094Author: djm@openbsd.org <djm@openbsd.org>
9095Date:   Tue Aug 3 01:05:24 2021 +0000
9096
9097    upstream: regression tests for scp SFTP protocol support; mostly by
9098
9099    Jakub Jelen in GHPR#194 ok markus
9100
9101    OpenBSD-Regress-ID: 36f1458525bcb111741ec8547eaf58b13cddc715
9102
9103commit e4673b7f67ae7740131a4ecea29a846593049a91
9104Author: anton@openbsd.org <anton@openbsd.org>
9105Date:   Thu Jul 29 15:34:09 2021 +0000
9106
9107    upstream: Treat doas with arguments as a valid SUDO variable.
9108
9109    Allows one to specify SUDO="doas -n" which I do while running make regress.
9110
9111    ok dtucker@
9112
9113    OpenBSD-Regress-ID: 4fe5814b5010dbf0885500d703bea06048d11005
9114
9115commit 197e29f1cca190d767c4b2b63a662f9a9e5da0b3
9116Author: djm@openbsd.org <djm@openbsd.org>
9117Date:   Mon Aug 2 23:38:27 2021 +0000
9118
9119    upstream: support for using the SFTP protocol for file transfers in
9120
9121    scp, via a new "-M sftp" option. Marked as experimental for now.
9122
9123    Some corner-cases exist, in particular there is no attempt to
9124    provide bug-compatibility with scp's weird "double shell" quoting
9125    rules.
9126
9127    Mostly by Jakub Jelen in GHPR#194 with some tweaks by me. ok markus@
9128    Thanks jmc@ for improving the scp.1 bits.
9129
9130    OpenBSD-Commit-ID: 6ce4c9157ff17b650ace571c9f7793d92874051c
9131
9132commit dd533c7ab79d61a7796b77b64bd81b098e0d7f9f
9133Author: jmc@openbsd.org <jmc@openbsd.org>
9134Date:   Fri Jul 30 14:28:13 2021 +0000
9135
9136    upstream: fix a formatting error and add some Xr; from debian at
9137
9138    helgefjell de
9139
9140    removed references to rlogin etc. as no longer relevant;
9141    suggested by djm
9142
9143    ok djm dtucker
9144
9145    OpenBSD-Commit-ID: 3c431c303068d3aec5bb18573a0bd5e0cd77c5ae
9146
9147commit c7cd347a8823819411222c1e10a0d26747d0fd5c
9148Author: jmc@openbsd.org <jmc@openbsd.org>
9149Date:   Fri Jul 30 14:25:01 2021 +0000
9150
9151    upstream: fix a formatting error and mark up known_hosts
9152
9153    consistently; issues reported by debian at helgefjell de
9154
9155    ok djm dtucker
9156
9157    OpenBSD-Commit-ID: a1fd8d21dc77f507685443832df0c9700481b0ce
9158
9159commit 4455aec2e4fc90f64ae4fc47e78ebc9c18721738
9160Author: jmc@openbsd.org <jmc@openbsd.org>
9161Date:   Wed Jul 28 05:57:42 2021 +0000
9162
9163    upstream: no need to talk about version 2 with the -Q option, so
9164
9165    rewrite the text to read better;
9166
9167    issue reported by debian at helgefjell de
9168    ok djm dtucker
9169
9170    OpenBSD-Commit-ID: 59fe2e8219c37906740ad062e0fdaea487dbe9cf
9171
9172commit bec429338e9b30d2c7668060e82608286a8a4777
9173Author: jmc@openbsd.org <jmc@openbsd.org>
9174Date:   Tue Jul 27 14:28:46 2021 +0000
9175
9176    upstream: word fix; reported by debian at helgefjell de
9177
9178    OpenBSD-Commit-ID: 0c6fd22142422a25343c5bd1a618f31618f41ece
9179
9180commit efad4deb5a1f1cf79ebefd63c6625059060bfbe1
9181Author: jmc@openbsd.org <jmc@openbsd.org>
9182Date:   Tue Jul 27 14:14:25 2021 +0000
9183
9184    upstream: standardise the grammar in the options list; issue
9185
9186    reported by debian at helgefjell de
9187
9188    ok dtucker djm
9189
9190    OpenBSD-Commit-ID: 7ac15575045d82f4b205a42cc7d5207fe4c3f8e6
9191
9192commit 1e11fb24066f3fc259ee30db3dbb2a3127e05956
9193Author: Darren Tucker <dtucker@dtucker.net>
9194Date:   Mon Aug 2 18:56:29 2021 +1000
9195
9196    Check for RLIMIT_NOFILE before trying to use it.
9197
9198commit 0f494236b49fb48c1ef33669f14822ca4f3ce2f4
9199Author: Darren Tucker <dtucker@dtucker.net>
9200Date:   Tue Jul 27 17:45:34 2021 +1000
9201
9202    lastenv is only used in setenv.
9203
9204    Prevents an unused variable warning on platforms that have setenv but
9205    not unsetenv.
9206
9207commit a1f78e08bdb3eaa88603ba3c6e01de7c8671e28a
9208Author: Darren Tucker <dtucker@dtucker.net>
9209Date:   Mon Jul 26 12:45:30 2021 +1000
9210
9211    Move SUDO to "make test" command line.
9212
9213    Environment variables don't get passed by vmrun, so move to command
9214    line.
9215
9216commit 02e624273b9c78a49a01239159b8c09b8409b1a0
9217Author: Darren Tucker <dtucker@dtucker.net>
9218Date:   Sun Jul 25 23:26:36 2021 +1000
9219
9220    Set SUDO for tests and cleanup.
9221
9222commit 460ae5d93051bab70239ad823dd784822d58baad
9223Author: Darren Tucker <dtucker@dtucker.net>
9224Date:   Sun Jul 25 22:37:55 2021 +1000
9225
9226    Pass OPENSSL=no to make tests too.
9227
9228commit b398f499c68d74ebe3298b73757cf3f36e14e0cb
9229Author: dtucker@openbsd.org <dtucker@openbsd.org>
9230Date:   Sun Jul 25 12:27:37 2021 +0000
9231
9232    upstream: Skip unit and makefile-based key conversion tests when
9233
9234    we're building with OPENSSL=no.
9235
9236    OpenBSD-Regress-ID: 20455ed9a977c93f846059d1fcb48e29e2c8d732
9237
9238commit 727ce36c8c5941bde99216d27109405907caae4f
9239Author: dtucker@openbsd.org <dtucker@openbsd.org>
9240Date:   Sun Jul 25 12:13:03 2021 +0000
9241
9242    upstream: Replace OPENSSL as the variable that points to the
9243
9244    openssl binary with OPENSSL_BIN.  This will allow us to use the OPENSSL
9245    variable from mk.conf or the make(1) command line indicating if we're
9246    building with our without OpenSSL, and ultimately get the regress tests
9247    working in the OPENSSL=no configuration.
9248
9249    OpenBSD-Regress-ID: 2d788fade3264d7803e5b54cae8875963f688c4e
9250
9251commit 55e17101a9075f6a63af724261c5744809dcb95c
9252Author: dtucker@openbsd.org <dtucker@openbsd.org>
9253Date:   Sat Jul 24 02:57:28 2021 +0000
9254
9255    upstream: Skip RFC4716 format import and export tests when built
9256
9257    without OpenSSL.
9258
9259    OpenBSD-Regress-ID: d2c2d5d38c1acc2b88cc99cfe00a2eb8bb39dfa4
9260
9261commit f5ccb5895d39cd627ad9e7b2c671d2587616100d
9262Author: dtucker@openbsd.org <dtucker@openbsd.org>
9263Date:   Sat Jul 24 02:51:14 2021 +0000
9264
9265    upstream: Don't omit ssh-keygen -y from usage when built without
9266
9267    OpenSSL.  It is actually available, albeit only for ed25519 keys.
9268
9269    OpenBSD-Commit-ID: 7a254c33d0e6a55c30c6b016a8d298d3cb7a7674
9270
9271commit 819d57ac23469f1f03baa8feb38ddefbada90fdc
9272Author: dtucker@openbsd.org <dtucker@openbsd.org>
9273Date:   Sat Jul 24 02:08:13 2021 +0000
9274
9275    upstream: Exclude key conversion options from usage when built
9276
9277    without OpenSSL since those are not available, similar to what we currently
9278    do with the moduli screening options.  We can also use this to skip the
9279    conversion regression tests in this case.
9280
9281    OpenBSD-Commit-ID: 3c82caa398cf99cd4518c23bba5a2fc66b16bafe
9282
9283commit b6673b1d2ee90b4690ee84f634efe40225423c38
9284Author: Darren Tucker <dtucker@dtucker.net>
9285Date:   Sat Jul 24 13:02:51 2021 +1000
9286
9287    Test OpenBSD upstream with and without OpenSSL.
9288
9289commit 9d38074b5453c1abbdf888e80828c278d3b886ac
9290Author: djm@openbsd.org <djm@openbsd.org>
9291Date:   Sat Jul 24 01:54:23 2021 +0000
9292
9293    upstream: test for first-match-wins in authorized_keys environment=
9294
9295    options
9296
9297    OpenBSD-Regress-ID: 1517c90276fe84b5dc5821c59f88877fcc34c0e8
9298
9299commit 2b76f1dd19787e784711ea297ad8fc938b4484fd
9300Author: dtucker@openbsd.org <dtucker@openbsd.org>
9301Date:   Fri Jul 23 05:53:02 2021 +0000
9302
9303    upstream: Simplify keygen-convert by using $SSH_KEYTYPES directly.
9304
9305    OpenBSD-Regress-ID: cdbe408ec3671ea9ee9b55651ee551370d2a4108
9306
9307commit 7d64a9fb587ba9592f027f7a2264226c713d6579
9308Author: djm@openbsd.org <djm@openbsd.org>
9309Date:   Sat Jul 24 01:55:19 2021 +0000
9310
9311    upstream: don't leak environment= variable when it is not the first
9312
9313    match
9314
9315    OpenBSD-Commit-ID: 7fbdc3dfe0032deaf003fd937eeb4d434ee4efe0
9316
9317commit db2130e2340bf923e41c791aa9cd27b9e926042c
9318Author: jmc@openbsd.org <jmc@openbsd.org>
9319Date:   Fri Jul 23 06:01:17 2021 +0000
9320
9321    upstream: punctuation;
9322
9323    OpenBSD-Commit-ID: 64be152e378c45975073ab1c07e0db7eddd15806
9324
9325commit 03190d10980c6fc9124e988cb2df13101f266507
9326Author: djm@openbsd.org <djm@openbsd.org>
9327Date:   Fri Jul 23 05:56:47 2021 +0000
9328
9329    upstream: mention in comment that read_passphrase(..., RP_ALLOW_STDIN)
9330
9331    will try to use askpass first. bz3314
9332
9333    convert a couple of debug() -> debug_f() while here
9334
9335    OpenBSD-Commit-ID: c7e812aebc28fcc5db06d4710e0f73613dee545c
9336
9337commit 1653ece6832b2b304d46866b262d5f69880a9ec7
9338Author: dtucker@openbsd.org <dtucker@openbsd.org>
9339Date:   Fri Jul 23 05:07:16 2021 +0000
9340
9341    upstream: Test conversion of ed25519 and ecdsa keys too.
9342
9343    OpenBSD-Regress-ID: 3676d2d00e58e0d6d37f2878f108cc2b83bbe4bb
9344
9345commit 8b7af02dcf9d2b738787efd27da7ffda9859bed2
9346Author: dtucker@openbsd.org <dtucker@openbsd.org>
9347Date:   Fri Jul 23 04:56:21 2021 +0000
9348
9349    upstream: Add test for exporting pubkey from a passphrase-protected
9350
9351    private key.
9352
9353    OpenBSD-Regress-ID: da99d93e7b235fbd5b5aaa01efc411225e6ba8ac
9354
9355commit 441095d4a3e5048fe3c87a6c5db5bc3383d767fb
9356Author: djm@openbsd.org <djm@openbsd.org>
9357Date:   Fri Jul 23 03:54:55 2021 +0000
9358
9359    upstream: regression test for time-limited signature keys
9360
9361    OpenBSD-Regress-ID: 2a6f3bd900dbee0a3c96f1ff23e032c93ab392bc
9362
9363commit 9e1882ef6489a7dd16b6d7794af96629cae61a53
9364Author: djm@openbsd.org <djm@openbsd.org>
9365Date:   Fri Jul 23 05:24:02 2021 +0000
9366
9367    upstream: note successful authentication method in final "Authenticated
9368
9369    to ..." message and partial auth success messages (all at LogLevel=verbose)
9370    ok dtucker@
9371
9372    OpenBSD-Commit-ID: 06834b89ceb89f8f16c5321d368a66c08f441984
9373
9374commit a917e973a1b90b40ff1e950df083364b48fc6c78
9375Author: djm@openbsd.org <djm@openbsd.org>
9376Date:   Fri Jul 23 04:04:52 2021 +0000
9377
9378    upstream: Add a ForkAfterAuthentication ssh_config(5) counterpart
9379
9380    to the ssh(1) -f flag. Last part of GHPR231 from Volker Diels-Grabsch. ok
9381    dtucker
9382
9383    OpenBSD-Commit-ID: b18aeda12efdebe2093d55263c90fe4ea0bce0d3
9384
9385commit e0c5088f1c96a145eb6ea1dee438010da78f9ef5
9386Author: djm@openbsd.org <djm@openbsd.org>
9387Date:   Fri Jul 23 04:00:59 2021 +0000
9388
9389    upstream: Add a StdinNull directive to ssh_config(5) that allows
9390
9391    the config file to do the same thing as -n does on the ssh(1) commandline.
9392    Patch from Volker Diels-Grabsch via GHPR231; ok dtucker
9393
9394    OpenBSD-Commit-ID: 66ddf3f15c76796d4dcd22ff464aed1edd62468e
9395
9396commit e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea
9397Author: djm@openbsd.org <djm@openbsd.org>
9398Date:   Fri Jul 23 03:57:20 2021 +0000
9399
9400    upstream: make authorized_keys environment="..." directives
9401
9402    first-match-wins and more strictly limit their maximum number; prompted by
9403    OOM reported by OSS-fuzz (35470).
9404
9405    feedback and ok dtucker@
9406
9407    OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121
9408
9409commit d0bb1ce731762c55acb95817df4d5fab526c7ecd
9410Author: djm@openbsd.org <djm@openbsd.org>
9411Date:   Fri Jul 23 03:37:52 2021 +0000
9412
9413    upstream: Let allowed signers files used by ssh-keygen(1)
9414
9415    signatures support key lifetimes, and allow the verification mode to specify
9416    a signature time to check at. This is intended for use by git to support
9417    signing objects using ssh keys. ok dtucker@
9418
9419    OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31
9420
9421commit 44142068dc7ef783d135e91ff954e754d2ed432e
9422Author: dtucker@openbsd.org <dtucker@openbsd.org>
9423Date:   Mon Jul 19 08:48:33 2021 +0000
9424
9425    upstream: Use SUDO when setting up hostkey.
9426
9427    OpenBSD-Regress-ID: 990cf4481cab8dad62e90818a9b4b36c533851a7
9428
9429commit 6b67f3f1d1d187597e54a139cc7785c0acebd9a2
9430Author: dtucker@openbsd.org <dtucker@openbsd.org>
9431Date:   Mon Jul 19 05:08:54 2021 +0000
9432
9433    upstream: Increase time margin for rekey tests. Should help
9434
9435    reliability on very heavily loaded hosts.
9436
9437    OpenBSD-Regress-ID: 4c28a0fce3ea89ebde441d7091464176e9730533
9438