120140313 2 - (djm) Release OpenSSH 6.6 3 420140304 5 - OpenBSD CVS Sync 6 - djm@cvs.openbsd.org 2014/03/03 22:22:30 7 [session.c] 8 ignore enviornment variables with embedded '=' or '\0' characters; 9 spotted by Jann Horn; ok deraadt@ 10 1120140301 12 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when 13 no moduli file exists at the expected location. 14 1520140228 16 - OpenBSD CVS Sync 17 - djm@cvs.openbsd.org 2014/02/27 00:41:49 18 [bufbn.c] 19 fix unsigned overflow that could lead to reading a short ssh protocol 20 1 bignum value; found by Ben Hawkes; ok deraadt@ 21 - djm@cvs.openbsd.org 2014/02/27 08:25:09 22 [bufbn.c] 23 off by one in range check 24 - djm@cvs.openbsd.org 2014/02/27 22:47:07 25 [sshd_config.5] 26 bz#2184 clarify behaviour of a keyword that appears in multiple 27 matching Match blocks; ok dtucker@ 28 - djm@cvs.openbsd.org 2014/02/27 22:57:40 29 [version.h] 30 openssh-6.6 31 - dtucker@cvs.openbsd.org 2014/01/19 23:43:02 32 [regress/sftp-chroot.sh] 33 Don't use -q on sftp as it suppresses logging, instead redirect the 34 output to the regress logfile. 35 - dtucker@cvs.openbsd.org 2014/01/20 00:00:30 36 [sregress/ftp-chroot.sh] 37 append to rather than truncating the log file 38 - dtucker@cvs.openbsd.org 2014/01/25 04:35:32 39 [regress/Makefile regress/dhgex.sh] 40 Add a test for DH GEX sizes 41 - djm@cvs.openbsd.org 2014/01/26 10:22:10 42 [regress/cert-hostkey.sh] 43 automatically generate revoked keys from listed keys rather than 44 manually specifying each type; from portable 45 (Id sync only) 46 - djm@cvs.openbsd.org 2014/01/26 10:49:17 47 [scp-ssh-wrapper.sh scp.sh] 48 make sure $SCP is tested on the remote end rather than whichever one 49 happens to be in $PATH; from portable 50 (Id sync only) 51 - djm@cvs.openbsd.org 2014/02/27 20:04:16 52 [login-timeout.sh] 53 remove any existing LoginGraceTime from sshd_config before adding 54 a specific one for the test back in 55 - djm@cvs.openbsd.org 2014/02/27 21:21:25 56 [agent-ptrace.sh agent.sh] 57 keep return values that are printed in error messages; 58 from portable 59 (Id sync only) 60 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 61 [contrib/suse/openssh.spec] Crank version numbers 62 - (djm) [regress/host-expand.sh] Add RCS Id 63 6420140227 65 - OpenBSD CVS Sync 66 - djm@cvs.openbsd.org 2014/02/26 20:18:37 67 [ssh.c] 68 bz#2205: avoid early hostname lookups unless canonicalisation is enabled; 69 ok dtucker@ markus@ 70 - djm@cvs.openbsd.org 2014/02/26 20:28:44 71 [auth2-gss.c gss-serv.c ssh-gss.h sshd.c] 72 bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep 73 sandboxing, as running this code in the sandbox can cause violations; 74 ok markus@ 75 - djm@cvs.openbsd.org 2014/02/26 20:29:29 76 [channels.c] 77 don't assume that the socks4 username is \0 terminated; 78 spotted by Ben Hawkes; ok markus@ 79 - markus@cvs.openbsd.org 2014/02/26 21:53:37 80 [sshd.c] 81 ssh_gssapi_prepare_supported_oids needs GSSAPI 82 8320140224 84 - OpenBSD CVS Sync 85 - djm@cvs.openbsd.org 2014/02/07 06:55:54 86 [cipher.c mac.c] 87 remove some logging that makes ssh debugging output very verbose; 88 ok markus 89 - djm@cvs.openbsd.org 2014/02/15 23:05:36 90 [channels.c] 91 avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; 92 bz#2200, debian#738692 via Colin Watson; ok dtucker@ 93 - djm@cvs.openbsd.org 2014/02/22 01:32:19 94 [readconf.c] 95 when processing Match blocks, skip 'exec' clauses if previous predicates 96 failed to match; ok markus@ 97 - djm@cvs.openbsd.org 2014/02/23 20:03:42 98 [ssh-ed25519.c] 99 check for unsigned overflow; not reachable in OpenSSH but others might 100 copy our code... 101 - djm@cvs.openbsd.org 2014/02/23 20:11:36 102 [readconf.c readconf.h ssh.c ssh_config.5] 103 reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes 104 the hostname. This allows users to write configurations that always 105 refer to canonical hostnames, e.g. 106 107 CanonicalizeHostname yes 108 CanonicalDomains int.example.org example.org 109 CanonicalizeFallbackLocal no 110 111 Host *.int.example.org 112 Compression off 113 Host *.example.org 114 User djm 115 116 ok markus@ 117 11820140213 119 - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat 120 code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex. 121 12220140207 123 - OpenBSD CVS Sync 124 - naddy@cvs.openbsd.org 2014/02/05 20:13:25 125 [ssh-keygen.1 ssh-keygen.c] 126 tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@ 127 while here, fix ordering in usage(); requested by jmc@ 128 - djm@cvs.openbsd.org 2014/02/06 22:21:01 129 [sshconnect.c] 130 in ssh_create_socket(), only do the getaddrinfo for BindAddress when 131 BindAddress is actually specified. Fixes regression in 6.5 for 132 UsePrivilegedPort=yes; patch from Corinna Vinschen 133 13420140206 135 - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL 136 before freeing since free(NULL) is a no-op. ok djm. 137 - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define 138 __NR_shutdown; some go via the socketcall(2) multiplexer. 139 14020140205 141 - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by 142 headers/libc but not supported by the kernel. Patch from Loganaden 143 Velvindron @ AfriNIC 144 14520140204 146 - OpenBSD CVS Sync 147 - markus@cvs.openbsd.org 2014/01/27 18:58:14 148 [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] 149 replace openssl HMAC with an implementation based on our ssh_digest_* 150 ok and feedback djm@ 151 - markus@cvs.openbsd.org 2014/01/27 19:18:54 152 [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c] 153 replace openssl MD5 with our ssh_digest_*; ok djm@ 154 - markus@cvs.openbsd.org 2014/01/27 20:13:46 155 [digest.c digest-openssl.c digest-libc.c Makefile.in] 156 rename digest.c to digest-openssl.c and add libc variant; ok djm@ 157 - jmc@cvs.openbsd.org 2014/01/28 14:13:39 158 [ssh-keyscan.1] 159 kill some bad Pa; 160 From: Jan Stary 161 - djm@cvs.openbsd.org 2014/01/29 00:19:26 162 [sshd.c] 163 use kill(0, ...) instead of killpg(0, ...); on most operating systems 164 they are equivalent, but SUSv2 describes the latter as having undefined 165 behaviour; from portable; ok dtucker 166 (Id sync only; change is already in portable) 167 - djm@cvs.openbsd.org 2014/01/29 06:18:35 168 [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] 169 [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] 170 [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] 171 remove experimental, never-enabled JPAKE code; ok markus@ 172 - jmc@cvs.openbsd.org 2014/01/29 14:04:51 173 [sshd_config.5] 174 document kbdinteractiveauthentication; 175 requested From: Ross L Richardson 176 177 dtucker/markus helped explain its workings; 178 - djm@cvs.openbsd.org 2014/01/30 22:26:14 179 [sandbox-systrace.c] 180 allow shutdown(2) syscall in sandbox - it may be called by packet_close() 181 from portable 182 (Id sync only; change is already in portable) 183 - tedu@cvs.openbsd.org 2014/01/31 16:39:19 184 [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c] 185 [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c] 186 [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c] 187 [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c] 188 [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h] 189 replace most bzero with explicit_bzero, except a few that cna be memset 190 ok djm dtucker 191 - djm@cvs.openbsd.org 2014/02/02 03:44:32 192 [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] 193 [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] 194 [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] 195 [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] 196 [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] 197 [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] 198 [sshd.c] 199 convert memset of potentially-private data to explicit_bzero() 200 - djm@cvs.openbsd.org 2014/02/03 23:28:00 201 [ssh-ecdsa.c] 202 fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike 203 DSA_SIG_new. Reported by Batz Spear; ok markus@ 204 - djm@cvs.openbsd.org 2014/02/02 03:44:31 205 [digest-libc.c digest-openssl.c] 206 convert memset of potentially-private data to explicit_bzero() 207 - djm@cvs.openbsd.org 2014/02/04 00:24:29 208 [ssh.c] 209 delay lowercasing of hostname until right before hostname 210 canonicalisation to unbreak case-sensitive matching of ssh_config; 211 reported by Ike Devolder; ok markus@ 212 - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o 213 - (djm) [regress/setuid-allowed.c] Missing string.h for strerror() 214 21520140131 216 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) 217 syscall from sandboxes; it may be called by packet_close. 218 - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros. Fixes 219 build with HP-UX's compiler. Patch from Kevin Brott. 220 - (tim) [Makefile.in] build regress/setuid-allow. 221 22220140130 223 - (djm) [configure.ac] Only check for width-specified integer types 224 in headers that actually exist. patch from Tom G. Christensen; 225 ok dtucker@ 226 - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering 227 different symbols for 'read' when various compiler flags are 228 in use, causing atomicio.c comparisons against it to break and 229 read/write operations to hang; ok dtucker 230 - (djm) Release openssh-6.5p1 231 23220140129 233 - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from 234 Tom G. Christensen 235 23620140128 237 - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl; 238 ok dtucker 239 - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the 240 latter being specified to have undefined behaviour in SUSv3; 241 ok dtucker 242 - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable 243 when used as an error message inside an if statement so we display the 244 correct into. agent.sh patch from Petr Lautrbach. 245 24620140127 247 - (dtucker) [Makefile.in] Remove trailing backslash which some make 248 implementations (eg older Solaris) do not cope with. 249 25020140126 251 - OpenBSD CVS Sync 252 - dtucker@cvs.openbsd.org 2014/01/25 10:12:50 253 [cipher.c cipher.h kex.c kex.h kexgexc.c] 254 Add a special case for the DH group size for 3des-cbc, which has an 255 effective strength much lower than the key size. This causes problems 256 with some cryptlib implementations, which don't support group sizes larger 257 than 4k but also don't use the largest group size it does support as 258 specified in the RFC. Based on a patch from Petr Lautrbach at Redhat, 259 reduced by me with input from Markus. ok djm@ markus@ 260 - markus@cvs.openbsd.org 2014/01/25 20:35:37 261 [kex.c] 262 dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len) 263 ok dtucker@, noted by mancha 264 - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable 265 RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations, 266 libc will attempt to open additional file descriptors for crypto 267 offload and crash if they cannot be opened. 268 - (djm) [configure.ac] correct AC_DEFINE for previous. 269 27020140125 271 - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD 272 - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless 273 sys/capability.h exists and cap_rights_limit is in libc. Fixes 274 build on FreeBSD9x which provides the header but not the libc 275 support. 276 - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test 277 against the correct thing. 278 27920140124 280 - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make 281 the scp regress test actually test the built scp rather than the one 282 in $PATH. ok dtucker@ 283 28420140123 285 - (tim) [session.c] Improve error reporting on set_id(). 286 - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously 287 incompatible with OpenBSD's despite post-dating it by more than a decade. 288 Declare it as broken, and document FreeBSD's as the same. ok djm@ 289 29020140122 291 - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a 292 platform that is expected to use the reuse-argv style setproctitle 293 hack surprises us by providing a setproctitle in libc; ok dtucker 294 - (djm) [configure.ac] Unless specifically requested, only attempt 295 to build Position Independent Executables on gcc >= 4.x; ok dtucker 296 - (djm) [configure.ac aclocal.m4] More tests to detect fallout from 297 platform hardening options: include some long long int arithmatic 298 to detect missing support functions for -ftrapv in libgcc and 299 equivalents, actually test linking when -ftrapv is supplied and 300 set either both -pie/-fPIE or neither. feedback and ok dtucker@ 301 30220140121 303 - (dtucker) [configure.ac] Make PIE a configure-time option which defaults 304 to on platforms where it's known to be reliably detected and off elsewhere. 305 Works around platforms such as FreeBSD 9.1 where it does not interop with 306 -ftrapv (it seems to work but fails when trying to link ssh). ok djm@ 307 - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time 308 tests in the configure output. ok djm. 309 - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced 310 with sftp chroot support. Move set_id call after chroot. 311 - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE 312 and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of 313 detecting toolchain-related problems; ok dtucker 314 31520140120 316 - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos 317 implementation does not have krb5_cc_new_unique, similar to what we do 318 in auth-krb5.c. 319 - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that 320 skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@ 321 - (djm) OpenBSD CVS Sync 322 - djm@cvs.openbsd.org 2014/01/20 00:08:48 323 [digest.c] 324 memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@ 325 32620140119 327 - (dtucker) OpenBSD CVS Sync 328 - dtucker@cvs.openbsd.org 2014/01/17 06:23:24 329 [sftp-server.c] 330 fix log message statvfs. ok djm 331 - dtucker@cvs.openbsd.org 2014/01/18 09:36:26 332 [session.c] 333 explicitly define USE_PIPES to 1 to prevent redefinition warnings in 334 portable on platforms that use pipes for everything. From vinschen at 335 redhat. 336 - dtucker@cvs.openbsd.org 2014/01/19 04:17:29 337 [canohost.c addrmatch.c] 338 Cast socklen_t when comparing to size_t and use socklen_t to iterate over 339 the ip options, both to prevent signed/unsigned comparison warnings. 340 Patch from vinschen at redhat via portable openssh, begrudging ok deraadt. 341 - djm@cvs.openbsd.org 2014/01/19 04:48:08 342 [ssh_config.5] 343 fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal 344 - dtucker@cvs.openbsd.org 2014/01/19 11:21:51 345 [addrmatch.c] 346 Cast the sizeof to socklen_t so it'll work even if the supplied len is 347 negative. Suggested by and ok djm, ok deraadt. 348 34920140118 350 - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin. Patch 351 from vinschen at redhat.com 352 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function 353 declarations that stopped being included when we stopped including 354 <windows.h> from openbsd-compat/bsd-cygwin_util.h. Patch from vinschen at 355 redhat.com. 356 - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs, 357 optind) are defined in getopt.h already. Unfortunately they are defined as 358 "declspec(dllimport)" for historical reasons, because the GNU linker didn't 359 allow auto-import on PE/COFF targets way back when. The problem is the 360 dllexport attributes collide with the definitions in the various source 361 files in OpenSSH, which obviousy define the variables without 362 declspec(dllimport). The least intrusive way to get rid of these warnings 363 is to disable warnings for GCC compiler attributes when building on Cygwin. 364 Patch from vinschen at redhat.com. 365 - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the 366 return value check for cap_enter() consistent with the other uses in 367 FreeBSD. From by Loganaden Velvindron @ AfriNIC via bz#2140. 368 36920140117 370 - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain 371 hardening flags including -fstack-protector-strong. These default to on 372 if the toolchain supports them, but there is a configure-time knob 373 (--without-hardening) to disable them if necessary. ok djm@ 374 - (djm) [sftp-client.c] signed/unsigned comparison fix 375 - (dtucker) [loginrec.c] Cast to the types specfied in the format 376 specification to prevent warnings. 377 - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. 378 - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H. 379 - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include 380 includes.h to pull in all of the compatibility stuff. 381 - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside 382 #ifdef HAVE_STDINT_H. 383 - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that 384 don't have them. 385 - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into 386 separate lines and alphabetize for easier diffing of changes. 387 - (dtucker) OpenBSD CVS Sync 388 - djm@cvs.openbsd.org 2014/01/17 00:21:06 389 [sftp-client.c] 390 signed/unsigned comparison warning fix; from portable (Id sync only) 391 - dtucker@cvs.openbsd.org 2014/01/17 05:26:41 392 [digest.c] 393 remove unused includes. ok djm@ 394 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] 395 [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] 396 [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing 397 using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling 398 Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@ 399 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c 400 openbsd-compat/openssl-compat.h] Add compatibility layer for older 401 openssl versions. ok djm@ 402 - (dtucker) Fix typo in #ifndef. 403 - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c 404 openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs 405 to be useful (and for the regression tests to pass) on platforms that 406 have statfs and fstatfs. ok djm@ 407 - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we 408 need them to cut down on the name collisions. 409 - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types. 410 - (dtucker) [configure.ac] Have --without-hardening not turn off 411 stack-protector since that has a separate flag that's been around a while. 412 - (dtucker) [readconf.c] Wrap paths.h inside an ifdef. Allows building on 413 Solaris. 414 - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after 415 they're defined if we have to define them ourselves. Fixes builds on old 416 AIX. 417 41820140118 419 - (djm) OpenBSD CVS Sync 420 - djm@cvs.openbsd.org 2014/01/16 07:31:09 421 [sftp-client.c] 422 needless and incorrect cast to size_t can break resumption of 423 large download; patch from tobias@ 424 - djm@cvs.openbsd.org 2014/01/16 07:32:00 425 [version.h] 426 openssh-6.5 427 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 428 [contrib/suse/openssh.spec] Crank RPM spec version numbers. 429 - (djm) [README] update release notes URL. 430 43120140112 432 - (djm) OpenBSD CVS Sync 433 - djm@cvs.openbsd.org 2014/01/10 05:59:19 434 [sshd_config] 435 the /etc/ssh/ssh_host_ed25519_key is loaded by default too 436 - djm@cvs.openbsd.org 2014/01/12 08:13:13 437 [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c] 438 [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c] 439 avoid use of OpenSSL BIGNUM type and functions for KEX with 440 Curve25519 by adding a buffer_put_bignum2_from_string() that stores 441 a string using the bignum encoding rules. Will make it easier to 442 build a reduced-feature OpenSSH without OpenSSL in the future; 443 ok markus@ 444 44520140110 446 - (djm) OpenBSD CVS Sync 447 - tedu@cvs.openbsd.org 2014/01/04 17:50:55 448 [mac.c monitor_mm.c monitor_mm.h xmalloc.c] 449 use standard types and formats for size_t like variables. ok dtucker 450 - guenther@cvs.openbsd.org 2014/01/09 03:26:00 451 [sftp-common.c] 452 When formating the time for "ls -l"-style output, show dates in the future 453 with the year, and rearrange a comparison to avoid a potentional signed 454 arithmetic overflow that would give the wrong result. 455 ok djm@ 456 - djm@cvs.openbsd.org 2014/01/09 23:20:00 457 [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] 458 [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] 459 [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] 460 [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] 461 Introduce digest API and use it to perform all hashing operations 462 rather than calling OpenSSL EVP_Digest* directly. Will make it easier 463 to build a reduced-feature OpenSSH without OpenSSL in future; 464 feedback, ok markus@ 465 - djm@cvs.openbsd.org 2014/01/09 23:26:48 466 [sshconnect.c sshd.c] 467 ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient, 468 deranged and might make some attacks on KEX easier; ok markus@ 469 47020140108 471 - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@ 472 47320131231 474 - (djm) OpenBSD CVS Sync 475 - djm@cvs.openbsd.org 2013/12/30 23:52:28 476 [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c] 477 [sshconnect.c sshconnect2.c sshd.c] 478 refuse RSA keys from old proprietary clients/servers that use the 479 obsolete RSA+MD5 signature scheme. it will still be possible to connect 480 with these clients/servers but only DSA keys will be accepted, and we'll 481 deprecate them entirely in a future release. ok markus@ 482 48320131229 484 - (djm) [loginrec.c] Check for username truncation when looking up lastlog 485 entries 486 - (djm) [regress/Makefile] Add some generated files for cleaning 487 - (djm) OpenBSD CVS Sync 488 - djm@cvs.openbsd.org 2013/12/19 00:10:30 489 [ssh-add.c] 490 skip requesting smartcard PIN when removing keys from agent; bz#2187 491 patch from jay AT slushpupie.com; ok dtucker 492 - dtucker@cvs.openbsd.org 2013/12/19 00:19:12 493 [serverloop.c] 494 Cast client_alive_interval to u_int64_t before assinging to 495 max_time_milliseconds to avoid potential integer overflow in the timeout. 496 bz#2170, patch from Loganaden Velvindron, ok djm@ 497 - djm@cvs.openbsd.org 2013/12/19 00:27:57 498 [auth-options.c] 499 simplify freeing of source-address certificate restriction 500 - djm@cvs.openbsd.org 2013/12/19 01:04:36 501 [channels.c] 502 bz#2147: fix multiple remote forwardings with dynamically assigned 503 listen ports. In the s->c message to open the channel we were sending 504 zero (the magic number to request a dynamic port) instead of the actual 505 listen port. The client therefore had no way of discriminating between 506 them. 507 508 Diagnosis and fix by ronf AT timeheart.net 509 - djm@cvs.openbsd.org 2013/12/19 01:19:41 510 [ssh-agent.c] 511 bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent 512 that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com; 513 ok dtucker 514 - djm@cvs.openbsd.org 2013/12/19 22:57:13 515 [poly1305.c poly1305.h] 516 use full name for author, with his permission 517 - tedu@cvs.openbsd.org 2013/12/21 07:10:47 518 [ssh-keygen.1] 519 small typo 520 - djm@cvs.openbsd.org 2013/12/27 22:30:17 521 [ssh-dss.c ssh-ecdsa.c ssh-rsa.c] 522 make the original RSA and DSA signing/verification code look more like 523 the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type 524 rather than tediously listing all variants, use __func__ for debug/ 525 error messages 526 - djm@cvs.openbsd.org 2013/12/27 22:37:18 527 [ssh-rsa.c] 528 correct comment 529 - djm@cvs.openbsd.org 2013/12/29 02:28:10 530 [key.c] 531 allow ed25519 keys to appear as certificate authorities 532 - djm@cvs.openbsd.org 2013/12/29 02:37:04 533 [key.c] 534 correct comment for key_to_certified() 535 - djm@cvs.openbsd.org 2013/12/29 02:49:52 536 [key.c] 537 correct comment for key_drop_cert() 538 - djm@cvs.openbsd.org 2013/12/29 04:20:04 539 [key.c] 540 to make sure we don't omit any key types as valid CA keys again, 541 factor the valid key type check into a key_type_is_valid_ca() 542 function 543 - djm@cvs.openbsd.org 2013/12/29 04:29:25 544 [authfd.c] 545 allow deletion of ed25519 keys from the agent 546 - djm@cvs.openbsd.org 2013/12/29 04:35:50 547 [authfile.c] 548 don't refuse to load Ed25519 certificates 549 - djm@cvs.openbsd.org 2013/12/29 05:42:16 550 [ssh.c] 551 don't forget to load Ed25519 certs too 552 - djm@cvs.openbsd.org 2013/12/29 05:57:02 553 [sshconnect.c] 554 when showing other hostkeys, don't forget Ed25519 keys 555 55620131221 557 - (dtucker) [regress/keytype.sh] Actually test ecdsa key types. 558 55920131219 560 - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions 561 greater than 11 either rather than just 11. Patch from Tomas Kuthan. 562 - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item(). 563 Patch from Loganaden Velvindron. 564 56520131218 566 - (djm) OpenBSD CVS Sync 567 - djm@cvs.openbsd.org 2013/12/07 08:08:26 568 [ssh-keygen.1] 569 document -a and -o wrt new key format 570 - naddy@cvs.openbsd.org 2013/12/07 11:58:46 571 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1] 572 [ssh_config.5 sshd.8 sshd_config.5] 573 add missing mentions of ed25519; ok djm@ 574 - dtucker@cvs.openbsd.org 2013/12/08 09:53:27 575 [sshd_config.5] 576 Use a literal for the default value of KEXAlgorithms. ok deraadt jmc 577 - markus@cvs.openbsd.org 2013/12/09 11:03:45 578 [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] 579 [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] 580 Add Authors for the public domain ed25519/nacl code. 581 see also http://nacl.cr.yp.to/features.html 582 All of the NaCl software is in the public domain. 583 and http://ed25519.cr.yp.to/software.html 584 The Ed25519 software is in the public domain. 585 - markus@cvs.openbsd.org 2013/12/09 11:08:17 586 [crypto_api.h] 587 remove unused defines 588 - pascal@cvs.openbsd.org 2013/12/15 18:17:26 589 [ssh-add.c] 590 Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page. 591 ok markus@ 592 - djm@cvs.openbsd.org 2013/12/15 21:42:35 593 [cipher-chachapoly.c] 594 add some comments and constify a constant 595 - markus@cvs.openbsd.org 2013/12/17 10:36:38 596 [crypto_api.h] 597 I've assempled the header file by cut&pasting from generated headers 598 and the source files. 599 60020131208 601 - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna 602 Vinschen 603 - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh] 604 [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid 605 filesystem before running agent-ptrace.sh; ok dtucker 606 60720131207 608 - (djm) OpenBSD CVS Sync 609 - djm@cvs.openbsd.org 2013/12/05 22:59:45 610 [sftp-client.c] 611 fix memory leak in error path in do_readdir(); pointed out by 612 Loganaden Velvindron @ AfriNIC in bz#2163 613 - djm@cvs.openbsd.org 2013/12/06 03:40:51 614 [ssh-keygen.c] 615 remove duplicated character ('g') in getopt() string; 616 document the (few) remaining option characters so we don't have to 617 rummage next time. 618 - markus@cvs.openbsd.org 2013/12/06 13:30:08 619 [authfd.c key.c key.h ssh-agent.c] 620 move private key (de)serialization to key.c; ok djm 621 - markus@cvs.openbsd.org 2013/12/06 13:34:54 622 [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c] 623 [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by 624 default; details in PROTOCOL.key; feedback and lots help from djm; 625 ok djm@ 626 - markus@cvs.openbsd.org 2013/12/06 13:39:49 627 [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c] 628 [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c] 629 [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c] 630 [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c] 631 [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c] 632 support ed25519 keys (hostkeys and user identities) using the public 633 domain ed25519 reference code from SUPERCOP, see 634 http://ed25519.cr.yp.to/software.html 635 feedback, help & ok djm@ 636 - jmc@cvs.openbsd.org 2013/12/06 15:29:07 637 [sshd.8] 638 missing comma; 639 - djm@cvs.openbsd.org 2013/12/07 00:19:15 640 [key.c] 641 set k->cert = NULL after freeing it 642 - markus@cvs.openbsd.org 2013/12/06 13:52:46 643 [regress/Makefile regress/agent.sh regress/cert-hostkey.sh] 644 [regress/cert-userkey.sh regress/keytype.sh] 645 test ed25519 support; from djm@ 646 - (djm) [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h] 647 [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents 648 - (djm) [Makefile.in] Add ed25519 sources 649 - (djm) [authfile.c] Conditionalise inclusion of util.h 650 - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] 651 [openbsd-compat/blf.h openbsd-compat/blowfish.c] 652 [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in 653 portable. 654 - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in] 655 [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on 656 Linux 657 - (djm) [regress/cert-hostkey.sh] Fix merge botch 658 - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from 659 Loganaden Velvindron @ AfriNIC in bz#2179 660 66120131205 662 - (djm) OpenBSD CVS Sync 663 - jmc@cvs.openbsd.org 2013/11/21 08:05:09 664 [ssh_config.5 sshd_config.5] 665 no need for .Pp before displays; 666 - deraadt@cvs.openbsd.org 2013/11/25 18:04:21 667 [ssh.1 ssh.c] 668 improve -Q usage and such. One usage change is that the option is now 669 case-sensitive 670 ok dtucker markus djm 671 - jmc@cvs.openbsd.org 2013/11/26 12:14:54 672 [ssh.1 ssh.c] 673 - put -Q in the right place 674 - Ar was a poor choice for the arguments to -Q. i've chosen an 675 admittedly equally poor Cm, at least consistent with the rest 676 of the docs. also no need for multiple instances 677 - zap a now redundant Nm 678 - usage() sync 679 - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 680 [pkcs11.h] 681 cleanup 1 << 31 idioms. Resurrection of this issue pointed out by 682 Eitan Adler ok markus for ssh, implies same change in kerberosV 683 - djm@cvs.openbsd.org 2013/12/01 23:19:05 684 [PROTOCOL] 685 mention curve25519-sha256@libssh.org key exchange algorithm 686 - djm@cvs.openbsd.org 2013/12/02 02:50:27 687 [PROTOCOL.chacha20poly1305] 688 typo; from Jon Cave 689 - djm@cvs.openbsd.org 2013/12/02 02:56:17 690 [ssh-pkcs11-helper.c] 691 use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC 692 - djm@cvs.openbsd.org 2013/12/02 03:09:22 693 [key.c] 694 make key_to_blob() return a NULL blob on failure; part of 695 bz#2175 from Loganaden Velvindron @ AfriNIC 696 - djm@cvs.openbsd.org 2013/12/02 03:13:14 697 [cipher.c] 698 correct bzero of chacha20+poly1305 key context. bz#2177 from 699 Loganaden Velvindron @ AfriNIC 700 701 Also make it a memset for consistency with the rest of cipher.c 702 - djm@cvs.openbsd.org 2013/12/04 04:20:01 703 [sftp-client.c] 704 bz#2171: don't leak local_fd on error; from Loganaden Velvindron @ 705 AfriNIC 706 - djm@cvs.openbsd.org 2013/12/05 01:16:41 707 [servconf.c servconf.h] 708 bz#2161 - fix AuthorizedKeysCommand inside a Match block and 709 rearrange things so the same error is harder to make next time; 710 with and ok dtucker@ 711 - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct 712 -L location for libedit. Patch from Serge van den Boom. 713 71420131121 715 - (djm) OpenBSD CVS Sync 716 - dtucker@cvs.openbsd.org 2013/11/08 11:15:19 717 [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c] 718 [uidswap.c] Include stdlib.h for free() as per the man page. 719 - markus@cvs.openbsd.org 2013/11/13 13:48:20 720 [ssh-pkcs11.c] 721 add missing braces found by pedro 722 - djm@cvs.openbsd.org 2013/11/20 02:19:01 723 [sshd.c] 724 delay closure of in/out fds until after "Bad protocol version 725 identification..." message, as get_remote_ipaddr/get_remote_port 726 require them open. 727 - deraadt@cvs.openbsd.org 2013/11/20 20:53:10 728 [scp.c] 729 unsigned casts for ctype macros where neccessary 730 ok guenther millert markus 731 - deraadt@cvs.openbsd.org 2013/11/20 20:54:10 732 [canohost.c clientloop.c match.c readconf.c sftp.c] 733 unsigned casts for ctype macros where neccessary 734 ok guenther millert markus 735 - djm@cvs.openbsd.org 2013/11/21 00:45:44 736 [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] 737 [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] 738 [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] 739 [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport 740 cipher "chacha20-poly1305@openssh.com" that combines Daniel 741 Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an 742 authenticated encryption mode. 743 744 Inspired by and similar to Adam Langley's proposal for TLS: 745 http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 746 but differs in layout used for the MAC calculation and the use of a 747 second ChaCha20 instance to separately encrypt packet lengths. 748 Details are in the PROTOCOL.chacha20poly1305 file. 749 750 Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC 751 ok markus@ naddy@ 752 - naddy@cvs.openbsd.org 2013/11/18 05:09:32 753 [regress/forward-control.sh] 754 bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164) 755 to successfully run this; ok djm@ 756 - djm@cvs.openbsd.org 2013/11/21 03:15:46 757 [regress/krl.sh] 758 add some reminders for additional tests that I'd like to implement 759 - djm@cvs.openbsd.org 2013/11/21 03:16:47 760 [regress/modpipe.c] 761 use unsigned long long instead of u_int64_t here to avoid warnings 762 on some systems portable OpenSSH is built on. 763 - djm@cvs.openbsd.org 2013/11/21 03:18:51 764 [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh] 765 [regress/try-ciphers.sh] 766 use new "ssh -Q cipher-auth" query to obtain lists of authenticated 767 encryption ciphers instead of specifying them manually; ensures that 768 the new chacha20poly1305@openssh.com mode is tested; 769 770 ok markus@ and naddy@ as part of the diff to add 771 chacha20poly1305@openssh.com 772 77320131110 774 - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by 775 querying the ones that are compiled in. 776 77720131109 778 - (dtucker) OpenBSD CVS Sync 779 - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 780 [regress/test-exec.sh regress/rekey.sh] 781 Use smaller test data files to speed up tests. Grow test datafiles 782 where necessary for a specific test. 783 - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of 784 NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the 785 latter actually works before using it. Fedora (at least) has NID_secp521r1 786 that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897). 787 - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test. 788 - (dtucker) [configure.ac] Add missing "test". 789 - (dtucker) [key.c] Check for the correct defines for NID_secp521r1. 790 79120131108 792 - (dtucker) OpenBSD CVS Sync 793 - dtucker@cvs.openbsd.org 2013/11/08 01:06:14 794 [regress/rekey.sh] 795 Rekey less frequently during tests to speed them up 796 - (djm) OpenBSD CVS Sync 797 - dtucker@cvs.openbsd.org 2013/11/07 11:58:27 798 [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c] 799 Output the effective values of Ciphers, MACs and KexAlgorithms when 800 the default has not been overridden. ok markus@ 801 - djm@cvs.openbsd.org 2013/11/08 00:39:15 802 [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c] 803 [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c] 804 [sftp-client.c sftp-glob.c] 805 use calloc for all structure allocations; from markus@ 806 - djm@cvs.openbsd.org 2013/11/08 01:38:11 807 [version.h] 808 openssh-6.4 809 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 810 [contrib/suse/openssh.spec] Update version numbers following release. 811 - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of 812 arc4random_stir for platforms that have arc4random but don't have 813 arc4random_stir (right now this is only OpenBSD -current). 814 - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have 815 EVP_sha256. 816 - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256. 817 - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile 818 warnings. 819 - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform 820 and pass in TEST_ENV. use stderr to get polluted 821 and the stderr-data test to fail. 822 - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation: 823 rather than testing and generating each key, call ssh-keygen -A. 824 Patch from vinschen at redhat.com. 825 - (dtucker) OpenBSD CVS Sync 826 - dtucker@cvs.openbsd.org 2013/11/09 05:41:34 827 [regress/test-exec.sh regress/rekey.sh] 828 Use smaller test data files to speed up tests. Grow test datafiles 829 where necessary for a specific test. 830 83120131107 832 - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5) 833 that got lost in recent merge. 834 - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff 835 - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these 836 - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms 837 that lack it but have arc4random_uniform() 838 - (djm) OpenBSD CVS Sync 839 - markus@cvs.openbsd.org 2013/11/04 11:51:16 840 [monitor.c] 841 fix rekeying for KEX_C25519_SHA256; noted by dtucker@ 842 RCSID sync only; I thought this was a merge botch and fixed it already 843 - markus@cvs.openbsd.org 2013/11/06 16:52:11 844 [monitor_wrap.c] 845 fix rekeying for AES-GCM modes; ok deraadt 846 - djm@cvs.openbsd.org 2013/11/06 23:05:59 847 [ssh-pkcs11.c] 848 from portable: s/true/true_val/ to avoid name collisions on dump platforms 849 RCSID sync only 850 - (dtucker) OpenBSD CVS Sync 851 - djm@cvs.openbsd.org 2013/10/09 23:44:14 852 [regress/Makefile] (ID sync only) 853 regression test for sftp request white/blacklisting and readonly mode. 854 - markus@cvs.openbsd.org 2013/11/02 22:39:53 855 [regress/kextype.sh] 856 add curve25519-sha256@libssh.org 857 - dtucker@cvs.openbsd.org 2013/11/04 12:27:42 858 [regress/rekey.sh] 859 Test rekeying with all KexAlgorithms. 860 - dtucker@cvs.openbsd.org 2013/11/07 00:12:05 861 [regress/rekey.sh] 862 Test rekeying for every Cipher, MAC and KEX, plus test every KEX with 863 the GCM ciphers. 864 - dtucker@cvs.openbsd.org 2013/11/07 01:12:51 865 [regress/rekey.sh] 866 Factor out the data transfer rekey tests 867 - dtucker@cvs.openbsd.org 2013/11/07 02:48:38 868 [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh] 869 Use ssh -Q instead of hardcoding lists of ciphers or MACs. 870 - dtucker@cvs.openbsd.org 2013/11/07 03:55:41 871 [regress/kextype.sh] 872 Use ssh -Q to get kex types instead of a static list. 873 - dtucker@cvs.openbsd.org 2013/11/07 04:26:56 874 [regress/kextype.sh] 875 trailing space 876 - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment 877 variable. It's no longer used now that we get the supported MACs from 878 ssh -Q. 879 88020131104 881 - (djm) OpenBSD CVS Sync 882 - markus@cvs.openbsd.org 2013/11/02 20:03:54 883 [ssh-pkcs11.c] 884 support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys; 885 fixes bz#1908; based on patch from Laurent Barbe; ok djm 886 - markus@cvs.openbsd.org 2013/11/02 21:59:15 887 [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] 888 use curve25519 for default key exchange (curve25519-sha256@libssh.org); 889 initial patch from Aris Adamantiadis; ok djm@ 890 - markus@cvs.openbsd.org 2013/11/02 22:10:15 891 [kexdhs.c kexecdhs.c] 892 no need to include monitor_wrap.h 893 - markus@cvs.openbsd.org 2013/11/02 22:24:24 894 [kexdhs.c kexecdhs.c] 895 no need to include ssh-gss.h 896 - markus@cvs.openbsd.org 2013/11/02 22:34:01 897 [auth-options.c] 898 no need to include monitor_wrap.h and ssh-gss.h 899 - markus@cvs.openbsd.org 2013/11/02 22:39:19 900 [ssh_config.5 sshd_config.5] 901 the default kex is now curve25519-sha256@libssh.org 902 - djm@cvs.openbsd.org 2013/11/03 10:37:19 903 [roaming_common.c] 904 fix a couple of function definitions foo() -> foo(void) 905 (-Wold-style-definition) 906 - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from 907 KEX/curve25519 change 908 90920131103 910 - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep. 911 From OpenSMTPD where it prevents "implicit declaration" warnings (it's 912 a no-op in OpenSSH). From chl at openbsd. 913 - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd 914 vsnprintf. From eric at openbsd via chl@. 915 - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t 916 for platforms that don't have them. 917 91820131030 919 - (djm) OpenBSD CVS Sync 920 - djm@cvs.openbsd.org 2013/10/29 09:42:11 921 [key.c key.h] 922 fix potential stack exhaustion caused by nested certificates; 923 report by Mateusz Kocielski; ok dtucker@ markus@ 924 - djm@cvs.openbsd.org 2013/10/29 09:48:02 925 [servconf.c servconf.h session.c sshd_config sshd_config.5] 926 shd_config PermitTTY to disallow TTY allocation, mirroring the 927 longstanding no-pty authorized_keys option; 928 bz#2070, patch from Teran McKinney; ok markus@ 929 - jmc@cvs.openbsd.org 2013/10/29 18:49:32 930 [sshd_config.5] 931 pty(4), not pty(7); 932 93320131026 934 - (djm) OpenBSD CVS Sync 935 - djm@cvs.openbsd.org 2013/10/25 23:04:51 936 [ssh.c] 937 fix crash when using ProxyCommand caused by previous commit - was calling 938 freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@ 939 94020131025 941 - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove 942 unnecessary arc4random_stir() calls. The only ones left are to ensure 943 that the PRNG gets a different state after fork() for platforms that 944 have broken the API. 945 94620131024 947 - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check 948 rather than full client name which may be of form user@REALM; 949 patch from Miguel Sanders; ok dtucker@ 950 - (djm) OpenBSD CVS Sync 951 - dtucker@cvs.openbsd.org 2013/10/23 05:40:58 952 [servconf.c] 953 fix comment 954 - djm@cvs.openbsd.org 2013/10/23 23:35:32 955 [sshd.c] 956 include local address and port in "Connection from ..." message (only 957 shown at loglevel>=verbose) 958 - dtucker@cvs.openbsd.org 2013/10/24 00:49:49 959 [moduli.c] 960 Periodically print progress and, if possible, expected time to completion 961 when screening moduli for DH groups. ok deraadt djm 962 - dtucker@cvs.openbsd.org 2013/10/24 00:51:48 963 [readconf.c servconf.c ssh_config.5 sshd_config.5] 964 Disallow empty Match statements and add "Match all" which matches 965 everything. ok djm, man page help jmc@ 966 - djm@cvs.openbsd.org 2013/10/24 08:19:36 967 [ssh.c] 968 fix bug introduced in hostname canonicalisation commit: don't try to 969 resolve hostnames when a ProxyCommand is set unless the user has forced 970 canonicalisation; spotted by Iain Morgan 971 - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd" 972 97320131023 974 - (djm) OpenBSD CVS Sync 975 - djm@cvs.openbsd.org 2013/10/20 04:39:28 976 [ssh_config.5] 977 document % expansions performed by "Match command ..." 978 - djm@cvs.openbsd.org 2013/10/20 06:19:28 979 [readconf.c ssh_config.5] 980 rename "command" subclause of the recently-added "Match" keyword to 981 "exec"; it's shorter, clearer in intent and we might want to add the 982 ability to match against the command being executed at the remote end in 983 the future. 984 - djm@cvs.openbsd.org 2013/10/20 09:51:26 985 [scp.1 sftp.1] 986 add canonicalisation options to -o lists 987 - jmc@cvs.openbsd.org 2013/10/20 18:00:13 988 [ssh_config.5] 989 tweak the "exec" description, as worded by djm; 990 - djm@cvs.openbsd.org 2013/10/23 03:03:07 991 [readconf.c] 992 Hostname may have %h sequences that should be expanded prior to Match 993 evaluation; spotted by Iain Morgan 994 - djm@cvs.openbsd.org 2013/10/23 03:05:19 995 [readconf.c ssh.c] 996 comment 997 - djm@cvs.openbsd.org 2013/10/23 04:16:22 998 [ssh-keygen.c] 999 Make code match documentation: relative-specified certificate expiry time 1000 should be relative to current time and not the validity start time. 1001 Reported by Petr Lautrbach; ok deraadt@ 1002 100320131018 1004 - (djm) OpenBSD CVS Sync 1005 - djm@cvs.openbsd.org 2013/10/09 23:44:14 1006 [regress/Makefile regress/sftp-perm.sh] 1007 regression test for sftp request white/blacklisting and readonly mode. 1008 - jmc@cvs.openbsd.org 2013/10/17 07:35:48 1009 [sftp.1 sftp.c] 1010 tweak previous; 1011 - djm@cvs.openbsd.org 2013/10/17 22:08:04 1012 [sshd.c] 1013 include remote port in bad banner message; bz#2162 1014 101520131017 1016 - (djm) OpenBSD CVS Sync 1017 - jmc@cvs.openbsd.org 2013/10/15 14:10:25 1018 [ssh.1 ssh_config.5] 1019 tweak previous; 1020 - djm@cvs.openbsd.org 2013/10/16 02:31:47 1021 [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5] 1022 [sshconnect.c sshconnect.h] 1023 Implement client-side hostname canonicalisation to allow an explicit 1024 search path of domain suffixes to use to convert unqualified host names 1025 to fully-qualified ones for host key matching. 1026 This is particularly useful for host certificates, which would otherwise 1027 need to list unqualified names alongside fully-qualified ones (and this 1028 causes a number of problems). 1029 "looks fine" markus@ 1030 - jmc@cvs.openbsd.org 2013/10/16 06:42:25 1031 [ssh_config.5] 1032 tweak previous; 1033 - djm@cvs.openbsd.org 2013/10/16 22:49:39 1034 [readconf.c readconf.h ssh.1 ssh.c ssh_config.5] 1035 s/canonicalise/canonicalize/ for consistency with existing spelling, 1036 e.g. authorized_keys; pointed out by naddy@ 1037 - djm@cvs.openbsd.org 2013/10/16 22:58:01 1038 [ssh.c ssh_config.5] 1039 one I missed in previous: s/isation/ization/ 1040 - djm@cvs.openbsd.org 2013/10/17 00:30:13 1041 [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c] 1042 fsync@openssh.com protocol extension for sftp-server 1043 client support to allow calling fsync() faster successful transfer 1044 patch mostly by imorgan AT nas.nasa.gov; bz#1798 1045 "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@ 1046 - djm@cvs.openbsd.org 2013/10/17 00:46:49 1047 [ssh.c] 1048 rearrange check to reduce diff against -portable 1049 (Id sync only) 1050 105120131015 1052 - (djm) OpenBSD CVS Sync 1053 - djm@cvs.openbsd.org 2013/10/09 23:42:17 1054 [sftp-server.8 sftp-server.c] 1055 Add ability to whitelist and/or blacklist sftp protocol requests by name. 1056 Refactor dispatch loop and consolidate read-only mode checks. 1057 Make global variables static, since sftp-server is linked into sshd(8). 1058 ok dtucker@ 1059 - djm@cvs.openbsd.org 2013/10/10 00:53:25 1060 [sftp-server.c] 1061 add -Q, -P and -p to usage() before jmc@ catches me 1062 - djm@cvs.openbsd.org 2013/10/10 01:43:03 1063 [sshd.c] 1064 bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly 1065 updated; ok dtucker@ 1066 - djm@cvs.openbsd.org 2013/10/11 02:45:36 1067 [sftp-client.c] 1068 rename flag arguments to be more clear and consistent. 1069 reorder some internal function arguments to make adding additional flags 1070 easier. 1071 no functional change 1072 - djm@cvs.openbsd.org 2013/10/11 02:52:23 1073 [sftp-client.c] 1074 missed one arg reorder 1075 - djm@cvs.openbsd.org 2013/10/11 02:53:45 1076 [sftp-client.h] 1077 obsolete comment 1078 - jmc@cvs.openbsd.org 2013/10/14 14:18:56 1079 [sftp-server.8 sftp-server.c] 1080 tweak previous; 1081 ok djm 1082 - djm@cvs.openbsd.org 2013/10/14 21:20:52 1083 [session.c session.h] 1084 Add logging of session starts in a useful format; ok markus@ feedback and 1085 ok dtucker@ 1086 - djm@cvs.openbsd.org 2013/10/14 22:22:05 1087 [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5] 1088 add a "Match" keyword to ssh_config that allows matching on hostname, 1089 user and result of arbitrary commands. "nice work" markus@ 1090 - djm@cvs.openbsd.org 2013/10/14 23:28:23 1091 [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c] 1092 refactor client config code a little: 1093 add multistate option partsing to readconf.c, similar to servconf.c's 1094 existing code. 1095 move checking of options that accept "none" as an argument to readconf.c 1096 add a lowercase() function and use it instead of explicit tolower() in 1097 loops 1098 part of a larger diff that was ok markus@ 1099 - djm@cvs.openbsd.org 2013/10/14 23:31:01 1100 [ssh.c] 1101 whitespace at EOL; pointed out by markus@ 1102 - [ssh.c] g/c unused variable. 1103 110420131010 1105 - (dtucker) OpenBSD CVS Sync 1106 - sthen@cvs.openbsd.org 2013/09/16 11:35:43 1107 [ssh_config] 1108 Remove gssapi config parts from ssh_config, as was already done for 1109 sshd_config. Req by/ok ajacoutot@ 1110 ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular 1111 - djm@cvs.openbsd.org 2013/09/19 00:24:52 1112 [progressmeter.c] 1113 store the initial file offset so the progress meter doesn't freak out 1114 when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@` 1115 - djm@cvs.openbsd.org 2013/09/19 00:49:12 1116 [sftp-client.c] 1117 fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan 1118 - djm@cvs.openbsd.org 2013/09/19 01:24:46 1119 [channels.c] 1120 bz#1297 - tell the client (via packet_send_debug) when their preferred 1121 listen address has been overridden by the server's GatewayPorts; 1122 ok dtucker@ 1123 - djm@cvs.openbsd.org 2013/09/19 01:26:29 1124 [sshconnect.c] 1125 bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from 1126 swp AT swp.pp.ru; ok dtucker@ 1127 - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 1128 [dh.c dh.h] 1129 Increase the size of the Diffie-Hellman groups requested for a each 1130 symmetric key size. New values from NIST Special Publication 800-57 with 1131 the upper limit specified by RFC4419. Pointed out by Peter Backes, ok 1132 djm@. 1133 113420131009 1135 - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull 1136 in OpenBSD implementation of arc4random, shortly to replace the existing 1137 bsd-arc4random.c 1138 - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c] 1139 [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random 1140 implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@, 1141 tested tim@ 1142 114320130922 1144 - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj 1145 setting when handling SIGHUP to maintain behaviour over retart. Patch 1146 from Matthew Ife. 1147 114820130918 1149 - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu. 1150 115120130914 1152 - (djm) OpenBSD CVS Sync 1153 - djm@cvs.openbsd.org 2013/08/22 19:02:21 1154 [sshd.c] 1155 Stir PRNG after post-accept fork. The child gets a different PRNG state 1156 anyway via rexec and explicit privsep reseeds, but it's good to be sure. 1157 ok markus@ 1158 - mikeb@cvs.openbsd.org 2013/08/28 12:34:27 1159 [ssh-keygen.c] 1160 improve batch processing a bit by making use of the quite flag a bit 1161 more often and exit with a non zero code if asked to find a hostname 1162 in a known_hosts file and it wasn't there; 1163 originally from reyk@, ok djm 1164 - djm@cvs.openbsd.org 2013/08/31 00:13:54 1165 [sftp.c] 1166 make ^w match ksh behaviour (delete previous word instead of entire line) 1167 - deraadt@cvs.openbsd.org 2013/09/02 22:00:34 1168 [ssh-keygen.c sshconnect1.c sshd.c] 1169 All the instances of arc4random_stir() are bogus, since arc4random() 1170 does this itself, inside itself, and has for a very long time.. Actually, 1171 this was probably reducing the entropy available. 1172 ok djm 1173 ID SYNC ONLY for portable; we don't trust other arc4random implementations 1174 to do this right. 1175 - sthen@cvs.openbsd.org 2013/09/07 13:53:11 1176 [sshd_config] 1177 Remove commented-out kerberos/gssapi config options from sample config, 1178 kerberos support is currently not enabled in ssh in OpenBSD. Discussed with 1179 various people; ok deraadt@ 1180 ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular 1181 - djm@cvs.openbsd.org 2013/09/12 01:41:12 1182 [clientloop.c] 1183 fix connection crash when sending break (~B) on ControlPersist'd session; 1184 ok dtucker@ 1185 - djm@cvs.openbsd.org 2013/09/13 06:54:34 1186 [channels.c] 1187 avoid unaligned access in code that reused a buffer to send a 1188 struct in_addr in a reply; simpler just use use buffer_put_int(); 1189 from portable; spotted by and ok dtucker@ 1190 119120130828 1192 - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the 1193 'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we 1194 start to use them in the future. 1195 - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits 1196 until we have configure support. 1197 119820130821 1199 - (djm) OpenBSD CVS Sync 1200 - djm@cvs.openbsd.org 2013/08/06 23:03:49 1201 [sftp.c] 1202 fix some whitespace at EOL 1203 make list of commands an enum rather than a long list of defines 1204 add -a to usage() 1205 - djm@cvs.openbsd.org 2013/08/06 23:05:01 1206 [sftp.1] 1207 document top-level -a option (the -a option to 'get' was already 1208 documented) 1209 - djm@cvs.openbsd.org 2013/08/06 23:06:01 1210 [servconf.c] 1211 add cast to avoid format warning; from portable 1212 - jmc@cvs.openbsd.org 2013/08/07 06:24:51 1213 [sftp.1 sftp.c] 1214 sort -a; 1215 - djm@cvs.openbsd.org 2013/08/08 04:52:04 1216 [sftp.c] 1217 fix two year old regression: symlinking a file would incorrectly 1218 canonicalise the target path. bz#2129 report from delphij AT freebsd.org 1219 - djm@cvs.openbsd.org 2013/08/08 05:04:03 1220 [sftp-client.c sftp-client.h sftp.c] 1221 add a "-l" flag for the rename command to force it to use the silly 1222 standard SSH_FXP_RENAME command instead of the POSIX-rename- like 1223 posix-rename@openssh.com extension. 1224 1225 intended for use in regress tests, so no documentation. 1226 - djm@cvs.openbsd.org 2013/08/09 03:37:25 1227 [sftp.c] 1228 do getopt parsing for all sftp commands (with an empty optstring for 1229 commands without arguments) to ensure consistent behaviour 1230 - djm@cvs.openbsd.org 2013/08/09 03:39:13 1231 [sftp-client.c] 1232 two problems found by a to-be-committed regress test: 1) msg_id was not 1233 being initialised so was starting at a random value from the heap 1234 (harmless, but confusing). 2) some error conditions were not being 1235 propagated back to the caller 1236 - djm@cvs.openbsd.org 2013/08/09 03:56:42 1237 [sftp.c] 1238 enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word; 1239 matching ksh's relatively recent change. 1240 - djm@cvs.openbsd.org 2013/08/13 18:32:08 1241 [ssh-keygen.c] 1242 typo in error message; from Stephan Rickauer 1243 - djm@cvs.openbsd.org 2013/08/13 18:33:08 1244 [ssh-keygen.c] 1245 another of the same typo 1246 - jmc@cvs.openbsd.org 2013/08/14 08:39:27 1247 [scp.1 ssh.1] 1248 some Bx/Ox conversion; 1249 From: Jan Stary 1250 - djm@cvs.openbsd.org 2013/08/20 00:11:38 1251 [readconf.c readconf.h ssh_config.5 sshconnect.c] 1252 Add a ssh_config ProxyUseFDPass option that supports the use of 1253 ProxyCommands that establish a connection and then pass a connected 1254 file descriptor back to ssh(1). This allows the ProxyCommand to exit 1255 rather than have to shuffle data back and forth and enables ssh to use 1256 getpeername, etc. to obtain address information just like it does with 1257 regular directly-connected sockets. ok markus@ 1258 - jmc@cvs.openbsd.org 2013/08/20 06:56:07 1259 [ssh.1 ssh_config.5] 1260 some proxyusefdpass tweaks; 1261 126220130808 1263 - (dtucker) [regress/Makefile regress/test-exec.sh] Don't try to use test -nt 1264 since some platforms (eg really old FreeBSD) don't have it. Instead, 1265 run "make clean" before a complete regress run. ok djm. 1266 - (dtucker) [misc.c] Fall back to time(2) at runtime if clock_gettime( 1267 CLOCK_MONOTONIC...) fails. Some older versions of RHEL have the 1268 CLOCK_MONOTONIC define but don't actually support it. Found and tested 1269 by Kevin Brott, ok djm. 1270 - (dtucker) [misc.c] Remove define added for fallback testing that was 1271 mistakenly included in the previous commit. 1272 - (dtucker) [regress/Makefile regress/test-exec.sh] Roll back the -nt 1273 removal. The "make clean" removes modpipe which is built by the top-level 1274 directory before running the tests. Spotted by tim@ 1275 - (djm) Release 6.3p1 1276 127720130804 1278 - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support 1279 for building with older Heimdal versions. ok djm. 1280 128120130801 1282 - (djm) [channels.c channels.h] bz#2135: On Solaris, isatty() on a non- 1283 blocking connecting socket will clear any stored errno that might 1284 otherwise have been retrievable via getsockopt(). A hack to limit writes 1285 to TTYs on AIX was triggering this. Since only AIX needs the hack, wrap 1286 it in an #ifdef. Diagnosis and patch from Ivo Raisr. 1287 - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134 1288 128920130725 1290 - (djm) OpenBSD CVS Sync 1291 - djm@cvs.openbsd.org 2013/07/20 22:20:42 1292 [krl.c] 1293 fix verification error in (as-yet usused) KRL signature checking path 1294 - djm@cvs.openbsd.org 2013/07/22 05:00:17 1295 [umac.c] 1296 make MAC key, data to be hashed and nonce for final hash const; 1297 checked with -Wcast-qual 1298 - djm@cvs.openbsd.org 2013/07/22 12:20:02 1299 [umac.h] 1300 oops, forgot to commit corresponding header change; 1301 spotted by jsg and jasper 1302 - djm@cvs.openbsd.org 2013/07/25 00:29:10 1303 [ssh.c] 1304 daemonise backgrounded (ControlPersist'ed) multiplexing master to ensure 1305 it is fully detached from its controlling terminal. based on debugging 1306 - djm@cvs.openbsd.org 2013/07/25 00:56:52 1307 [sftp-client.c sftp-client.h sftp.1 sftp.c] 1308 sftp support for resuming partial downloads; patch mostly by Loganaden 1309 Velvindron/AfriNIC with some tweaks by me; feedback and ok dtucker@ 1310 "Just be careful" deraadt@ 1311 - djm@cvs.openbsd.org 2013/07/25 00:57:37 1312 [version.h] 1313 openssh-6.3 for release 1314 - dtucker@cvs.openbsd.org 2013/05/30 20:12:32 1315 [regress/test-exec.sh] 1316 use ssh and sshd as testdata since it needs to be >256k for the rekey test 1317 - dtucker@cvs.openbsd.org 2013/06/10 21:56:43 1318 [regress/forwarding.sh] 1319 Add test for forward config parsing 1320 - djm@cvs.openbsd.org 2013/06/21 02:26:26 1321 [regress/sftp-cmds.sh regress/test-exec.sh] 1322 unbreak sftp-cmds for renamed test data (s/ls/data/) 1323 - (tim) [sftp-client.c] Use of a gcc extension trips up native compilers on 1324 Solaris and UnixWare. Feedback and OK djm@ 1325 - (tim) [regress/forwarding.sh] Fix for building outside source tree. 1326 132720130720 1328 - (djm) OpenBSD CVS Sync 1329 - markus@cvs.openbsd.org 2013/07/19 07:37:48 1330 [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] 1331 [servconf.h session.c sshd.c sshd_config.5] 1332 add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, 1333 or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 1334 ok djm@ 1335 - djm@cvs.openbsd.org 2013/07/20 01:43:46 1336 [umac.c] 1337 use a union to ensure correct alignment; ok deraadt 1338 - djm@cvs.openbsd.org 2013/07/20 01:44:37 1339 [ssh-keygen.c ssh.c] 1340 More useful error message on missing current user in /etc/passwd 1341 - djm@cvs.openbsd.org 2013/07/20 01:50:20 1342 [ssh-agent.c] 1343 call cleanup_handler on SIGINT when in debug mode to ensure sockets 1344 are cleaned up on manual exit; bz#2120 1345 - djm@cvs.openbsd.org 2013/07/20 01:55:13 1346 [auth-krb5.c gss-serv-krb5.c gss-serv.c] 1347 fix kerberos/GSSAPI deprecation warnings and linking; "looks okay" millert@ 1348 134920130718 1350 - (djm) OpenBSD CVS Sync 1351 - dtucker@cvs.openbsd.org 2013/06/10 19:19:44 1352 [readconf.c] 1353 revert 1.203 while we investigate crashes reported by okan@ 1354 - guenther@cvs.openbsd.org 2013/06/17 04:48:42 1355 [scp.c] 1356 Handle time_t values as long long's when formatting them and when 1357 parsing them from remote servers. 1358 Improve error checking in parsing of 'T' lines. 1359 ok dtucker@ deraadt@ 1360 - markus@cvs.openbsd.org 2013/06/20 19:15:06 1361 [krl.c] 1362 don't leak the rdata blob on errors; ok djm@ 1363 - djm@cvs.openbsd.org 2013/06/21 00:34:49 1364 [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c] 1365 for hostbased authentication, print the client host and user on 1366 the auth success/failure line; bz#2064, ok dtucker@ 1367 - djm@cvs.openbsd.org 2013/06/21 00:37:49 1368 [ssh_config.5] 1369 explicitly mention that IdentitiesOnly can be used with IdentityFile 1370 to control which keys are offered from an agent. 1371 - djm@cvs.openbsd.org 2013/06/21 05:42:32 1372 [dh.c] 1373 sprinkle in some error() to explain moduli(5) parse failures 1374 - djm@cvs.openbsd.org 2013/06/21 05:43:10 1375 [scp.c] 1376 make this -Wsign-compare clean after time_t conversion 1377 - djm@cvs.openbsd.org 2013/06/22 06:31:57 1378 [scp.c] 1379 improved time_t overflow check suggested by guenther@ 1380 - jmc@cvs.openbsd.org 2013/06/27 14:05:37 1381 [ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] 1382 do not use Sx for sections outwith the man page - ingo informs me that 1383 stuff like html will render with broken links; 1384 issue reported by Eric S. Raymond, via djm 1385 - markus@cvs.openbsd.org 2013/07/02 12:31:43 1386 [dh.c] 1387 remove extra whitespace 1388 - djm@cvs.openbsd.org 2013/07/12 00:19:59 1389 [auth-options.c auth-rsa.c bufaux.c buffer.h channels.c hostfile.c] 1390 [hostfile.h mux.c packet.c packet.h roaming_common.c serverloop.c] 1391 fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ 1392 - djm@cvs.openbsd.org 2013/07/12 00:20:00 1393 [sftp.c ssh-keygen.c ssh-pkcs11.c] 1394 fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@ 1395 - djm@cvs.openbsd.org 2013/07/12 00:43:50 1396 [misc.c] 1397 in ssh_gai_strerror() don't fallback to strerror for EAI_SYSTEM when 1398 errno == 0. Avoids confusing error message in some broken resolver 1399 cases. bz#2122 patch from plautrba AT redhat.com; ok dtucker 1400 - djm@cvs.openbsd.org 2013/07/12 05:42:03 1401 [ssh-keygen.c] 1402 do_print_resource_record() can never be called with a NULL filename, so 1403 don't attempt (and bungle) asking for one if it has not been specified 1404 bz#2127 ok dtucker@ 1405 - djm@cvs.openbsd.org 2013/07/12 05:48:55 1406 [ssh.c] 1407 set TCP nodelay for connections started with -N; bz#2124 ok dtucker@ 1408 - schwarze@cvs.openbsd.org 2013/07/16 00:07:52 1409 [scp.1 sftp-server.8 ssh-keyscan.1 ssh-keysign.8 ssh-pkcs11-helper.8] 1410 use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@ 1411 - djm@cvs.openbsd.org 2013/07/18 01:12:26 1412 [ssh.1] 1413 be more exact wrt perms for ~/.ssh/config; bz#2078 1414 141520130702 1416 - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config 1417 contrib/cygwin/ssh-user-config] Modernizes and improve readability of 1418 the Cygwin README file (which hasn't been updated for ages), drop 1419 unsupported OSes from the ssh-host-config help text, and drop an 1420 unneeded option from ssh-user-config. Patch from vinschen at redhat com. 1421 142220130610 1423 - (djm) OpenBSD CVS Sync 1424 - dtucker@cvs.openbsd.org 2013/06/07 15:37:52 1425 [channels.c channels.h clientloop.c] 1426 Add an "ABANDONED" channel state and use for mux sessions that are 1427 disconnected via the ~. escape sequence. Channels in this state will 1428 be able to close if the server responds, but do not count as active channels. 1429 This means that if you ~. all of the mux clients when using ControlPersist 1430 on a broken network, the backgrounded mux master will exit when the 1431 Control Persist time expires rather than hanging around indefinitely. 1432 bz#1917, also reported and tested by tedu@. ok djm@ markus@. 1433 - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported 1434 algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages. 1435 - (dtucker) [myproposal.h] Do not advertise AES GSM ciphers if we don't have 1436 the required OpenSSL support. Patch from naddy at freebsd. 1437 - (dtucker) [myproposal.h] Make the conditional algorithm support consistent 1438 and add some comments so it's clear what goes where. 1439 144020130605 1441 - (dtucker) [myproposal.h] Enable sha256 kex methods based on the presence of 1442 the necessary functions, not from the openssl version. 1443 - (dtucker) [contrib/ssh-copy-id] bz#2117: Use portable operator in test. 1444 Patch from cjwatson at debian. 1445 - (dtucker) [regress/forwarding.sh] For (as yet unknown) reason, the 1446 forwarding test is extremely slow copying data on some machines so switch 1447 back to copying the much smaller ls binary until we can figure out why 1448 this is. 1449 - (dtucker) [Makefile.in] append $CFLAGS to compiler options when building 1450 modpipe in case there's anything in there we need. 1451 - (dtucker) OpenBSD CVS Sync 1452 - dtucker@cvs.openbsd.org 2013/06/02 21:01:51 1453 [channels.h] 1454 typo in comment 1455 - dtucker@cvs.openbsd.org 2013/06/02 23:36:29 1456 [clientloop.h clientloop.c mux.c] 1457 No need for the mux cleanup callback to be visible so restore it to static 1458 and call it through the detach_user function pointer. ok djm@ 1459 - dtucker@cvs.openbsd.org 2013/06/03 00:03:18 1460 [mac.c] 1461 force the MAC output to be 64-bit aligned so umac won't see unaligned 1462 accesses on strict-alignment architectures. bz#2101, patch from 1463 tomas.kuthan at oracle.com, ok djm@ 1464 - dtucker@cvs.openbsd.org 2013/06/04 19:12:23 1465 [scp.c] 1466 use MAXPATHLEN for buffer size instead of fixed value. ok markus 1467 - dtucker@cvs.openbsd.org 2013/06/04 20:42:36 1468 [sftp.c] 1469 Make sftp's libedit interface marginally multibyte aware by building up 1470 the quoted string by character instead of by byte. Prevents failures 1471 when linked against a libedit built with wide character support (bz#1990). 1472 "looks ok" djm 1473 - dtucker@cvs.openbsd.org 2013/06/05 02:07:29 1474 [mux.c] 1475 fix leaks in mux error paths, from Zhenbo Xu, found by Melton. bz#1967, 1476 ok djm 1477 - dtucker@cvs.openbsd.org 2013/06/05 02:27:50 1478 [sshd.c] 1479 When running sshd -D, close stderr unless we have explicitly requesting 1480 logging to stderr. From james.hunt at ubuntu.com via bz#1976, djm's patch 1481 so, err, ok dtucker. 1482 - dtucker@cvs.openbsd.org 2013/06/05 12:52:38 1483 [sshconnect2.c] 1484 Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djm 1485 - dtucker@cvs.openbsd.org 2013/06/05 22:00:28 1486 [readconf.c] 1487 plug another memleak. bz#1967, from Zhenbo Xu, detected by Melton, ok djm 1488 - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for 1489 platforms that don't have multibyte character support (specifically, 1490 mblen). 1491 149220130602 1493 - (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy 1494 linking regress/modpipe. 1495 - (dtucker) OpenBSD CVS Sync 1496 - dtucker@cvs.openbsd.org 2013/06/02 13:33:05 1497 [progressmeter.c] 1498 Add misc.h for monotime prototype. (ID sync only). 1499 - dtucker@cvs.openbsd.org 2013/06/02 13:35:58 1500 [ssh-agent.c] 1501 Make parent_alive_interval time_t to avoid signed/unsigned comparison 1502 - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms 1503 to prevent noise from configure. Patch from Nathan Osman. (bz#2114). 1504 - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android. 1505 Patch from Nathan Osman. 1506 - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we 1507 need a shell that can handle "[ file1 -nt file2 ]". Rather than keep 1508 dealing with shell portability issues in regression tests, we let 1509 configure find us a capable shell on those platforms with an old /bin/sh. 1510 - (tim) [aclocal.m4] Enhance OSSH_CHECK_CFLAG_COMPILE to check stderr. 1511 feedback and ok dtucker 1512 - (tim) [regress/sftp-chroot.sh] skip if no sudo. ok dtucker 1513 - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h. 1514 - (dtucker) [configure.ac] Some other platforms need sys/types.h before 1515 sys/socket.h. 1516 151720130601 1518 - (dtucker) [configure.ac openbsd-compat/xcrypt.c] bz#2112: fall back to 1519 using openssl's DES_crypt function on platorms that don't have a native 1520 one, eg Android. Based on a patch from Nathan Osman. 1521 - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS 1522 rather than trying to enumerate the plaforms that don't have them. 1523 Based on a patch from Nathan Osman, with help from tim@. 1524 - (dtucker) OpenBSD CVS Sync 1525 - djm@cvs.openbsd.org 2013/05/17 00:13:13 1526 [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c 1527 ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c 1528 gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c 1529 auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c 1530 servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c 1531 auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c 1532 sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c 1533 kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c 1534 kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c 1535 monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c 1536 ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c 1537 sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c 1538 ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c 1539 dns.c packet.c readpass.c authfd.c moduli.c] 1540 bye, bye xfree(); ok markus@ 1541 - djm@cvs.openbsd.org 2013/05/19 02:38:28 1542 [auth2-pubkey.c] 1543 fix failure to recognise cert-authority keys if a key of a different type 1544 appeared in authorized_keys before it; ok markus@ 1545 - djm@cvs.openbsd.org 2013/05/19 02:42:42 1546 [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] 1547 Standardise logging of supplemental information during userauth. Keys 1548 and ruser is now logged in the auth success/failure message alongside 1549 the local username, remote host/port and protocol in use. Certificates 1550 contents and CA are logged too. 1551 Pushing all logging onto a single line simplifies log analysis as it is 1552 no longer necessary to relate information scattered across multiple log 1553 entries. "I like it" markus@ 1554 - dtucker@cvs.openbsd.org 2013/05/31 12:28:10 1555 [ssh-agent.c] 1556 Use time_t where appropriate. ok djm 1557 - dtucker@cvs.openbsd.org 2013/06/01 13:15:52 1558 [ssh-agent.c clientloop.c misc.h packet.c progressmeter.c misc.c 1559 channels.c sandbox-systrace.c] 1560 Use clock_gettime(CLOCK_MONOTONIC ...) for ssh timers so that things like 1561 keepalives and rekeying will work properly over clock steps. Suggested by 1562 markus@, "looks good" djm@. 1563 - dtucker@cvs.openbsd.org 2013/06/01 20:59:25 1564 [scp.c sftp-client.c] 1565 Replace S_IWRITE, which isn't standardized, with S_IWUSR, which is. Patch 1566 from Nathan Osman via bz#2085. ok deraadt. 1567 - dtucker@cvs.openbsd.org 2013/06/01 22:34:50 1568 [sftp-client.c] 1569 Update progressmeter when data is acked, not when it's sent. bz#2108, from 1570 Debian via Colin Watson, ok djm@ 1571 - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c 1572 groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c 1573 sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c 1574 openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c 1575 openbsd-compat/port-linux.c] Replace portable-specific instances of xfree 1576 with the equivalent calls to free. 1577 - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall 1578 back to time(NULL) if we can't find it anywhere. 1579 - (dtucker) [sandbox-seccomp-filter.c] Allow clock_gettimeofday. 1580 158120130529 1582 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a null 1583 implementation of endgrent for platforms that don't have it (eg Android). 1584 Loosely based on a patch from Nathan Osman, ok djm 1585 1586 20130517 1587 - (dtucker) OpenBSD CVS Sync 1588 - djm@cvs.openbsd.org 2013/03/07 00:20:34 1589 [regress/proxy-connect.sh] 1590 repeat test with a style appended to the username 1591 - dtucker@cvs.openbsd.org 2013/03/23 11:09:43 1592 [regress/test-exec.sh] 1593 Only regenerate host keys if they don't exist or if ssh-keygen has changed 1594 since they were. Reduces test runtime by 5-30% depending on machine 1595 speed. 1596 - dtucker@cvs.openbsd.org 2013/04/06 06:00:22 1597 [regress/rekey.sh regress/test-exec.sh regress/integrity.sh 1598 regress/multiplex.sh Makefile regress/cfgmatch.sh] 1599 Split the regress log into 3 parts: the debug output from ssh, the debug 1600 log from sshd and the output from the client command (ssh, scp or sftp). 1601 Somewhat functional now, will become more useful when ssh/sshd -E is added. 1602 - dtucker@cvs.openbsd.org 2013/04/07 02:16:03 1603 [regress/Makefile regress/rekey.sh regress/integrity.sh 1604 regress/sshd-log-wrapper.sh regress/forwarding.sh regress/test-exec.sh] 1605 use -E option for ssh and sshd to write debuging logs to ssh{,d}.log and 1606 save the output from any failing tests. If a test fails the debug output 1607 from ssh and sshd for the failing tests (and only the failing tests) should 1608 be available in failed-ssh{,d}.log. 1609 - djm@cvs.openbsd.org 2013/04/18 02:46:12 1610 [regress/Makefile regress/sftp-chroot.sh] 1611 test sshd ChrootDirectory+internal-sftp; feedback & ok dtucker@ 1612 - dtucker@cvs.openbsd.org 2013/04/22 07:23:08 1613 [regress/multiplex.sh] 1614 Write mux master logs to regress.log instead of ssh.log to keep separate 1615 - djm@cvs.openbsd.org 2013/05/10 03:46:14 1616 [regress/modpipe.c] 1617 sync some portability changes from portable OpenSSH (id sync only) 1618 - dtucker@cvs.openbsd.org 2013/05/16 02:10:35 1619 [regress/rekey.sh] 1620 Add test for time-based rekeying 1621 - dtucker@cvs.openbsd.org 2013/05/16 03:33:30 1622 [regress/rekey.sh] 1623 test rekeying when there's no data being transferred 1624 - dtucker@cvs.openbsd.org 2013/05/16 04:26:10 1625 [regress/rekey.sh] 1626 add server-side rekey test 1627 - dtucker@cvs.openbsd.org 2013/05/16 05:48:31 1628 [regress/rekey.sh] 1629 add tests for RekeyLimit parsing 1630 - dtucker@cvs.openbsd.org 2013/05/17 00:37:40 1631 [regress/agent.sh regress/keytype.sh regress/cfgmatch.sh 1632 regress/forcecommand.sh regress/proto-version.sh regress/test-exec.sh 1633 regress/cipher-speed.sh regress/cert-hostkey.sh regress/cert-userkey.sh 1634 regress/ssh-com.sh] 1635 replace 'echo -n' with 'printf' since it's more portable 1636 also remove "echon" hack. 1637 - dtucker@cvs.openbsd.org 2013/05/17 01:16:09 1638 [regress/agent-timeout.sh] 1639 Pull back some portability changes from -portable: 1640 - TIMEOUT is a read-only variable in some shells 1641 - not all greps have -q so redirect to /dev/null instead. 1642 (ID sync only) 1643 - dtucker@cvs.openbsd.org 2013/05/17 01:32:11 1644 [regress/integrity.sh] 1645 don't print output from ssh before getting it (it's available in ssh.log) 1646 - dtucker@cvs.openbsd.org 2013/05/17 04:29:14 1647 [regress/sftp.sh regress/putty-ciphers.sh regress/cipher-speed.sh 1648 regress/test-exec.sh regress/sftp-batch.sh regress/dynamic-forward.sh 1649 regress/putty-transfer.sh regress/conch-ciphers.sh regress/sftp-cmds.sh 1650 regress/scp.sh regress/ssh-com-sftp.sh regress/rekey.sh 1651 regress/putty-kex.sh regress/stderr-data.sh regress/stderr-after-eof.sh 1652 regress/sftp-badcmds.sh regress/reexec.sh regress/ssh-com-client.sh 1653 regress/sftp-chroot.sh regress/forwarding.sh regress/transfer.sh 1654 regress/multiplex.sh] 1655 Move the setting of DATA and COPY into test-exec.sh 1656 - dtucker@cvs.openbsd.org 2013/05/17 10:16:26 1657 [regress/try-ciphers.sh] 1658 use expr for math to keep diffs vs portable down 1659 (id sync only) 1660 - dtucker@cvs.openbsd.org 2013/05/17 10:23:52 1661 [regress/login-timeout.sh regress/reexec.sh regress/test-exec.sh] 1662 Use SUDO when cat'ing pid files and running the sshd log wrapper so that 1663 it works with a restrictive umask and the pid files are not world readable. 1664 Changes from -portable. (id sync only) 1665 - dtucker@cvs.openbsd.org 2013/05/17 10:24:48 1666 [regress/localcommand.sh] 1667 use backticks for portability. (id sync only) 1668 - dtucker@cvs.openbsd.org 2013/05/17 10:26:26 1669 [regress/sftp-badcmds.sh] 1670 remove unused BATCH variable. (id sync only) 1671 - dtucker@cvs.openbsd.org 2013/05/17 10:28:11 1672 [regress/sftp.sh] 1673 only compare copied data if sftp succeeds. from portable (id sync only) 1674 - dtucker@cvs.openbsd.org 2013/05/17 10:30:07 1675 [regress/test-exec.sh] 1676 wait a bit longer for startup and use case for absolute path. 1677 from portable (id sync only) 1678 - dtucker@cvs.openbsd.org 2013/05/17 10:33:09 1679 [regress/agent-getpeereid.sh] 1680 don't redirect stdout from sudo. from portable (id sync only) 1681 - dtucker@cvs.openbsd.org 2013/05/17 10:34:30 1682 [regress/portnum.sh] 1683 use a more portable negated if structure. from portable (id sync only) 1684 - dtucker@cvs.openbsd.org 2013/05/17 10:35:43 1685 [regress/scp.sh] 1686 use a file extention that's not special on some platforms. from portable 1687 (id sync only) 1688 - (dtucker) [regress/bsd.regress.mk] Remove unused file. We've never used it 1689 in portable and it's long gone in openbsd. 1690 - (dtucker) [regress/integrity.sh]. Force fixed Diffie-Hellman key exchange 1691 methods. When the openssl version doesn't support ECDH then next one on 1692 the list is DH group exchange, but that causes a bit more traffic which can 1693 mean that the tests flip bits in the initial exchange rather than the MACed 1694 traffic and we get different errors to what the tests look for. 1695 - (dtucker) [openbsd-compat/getopt.h] Remove unneeded bits. 1696 - (dtucker) [regress/cfgmatch.sh] Resync config file setup with openbsd. 1697 - (dtucker) [regress/agent-getpeereid.sh] Resync spaces with openbsd. 1698 - (dtucker) [regress/integrity.sh regress/krl.sh regress/test-exec.sh] 1699 Move the jot helper function to portable-specific part of test-exec.sh. 1700 - (dtucker) [regress/test-exec.sh] Move the portable-specific functions 1701 together and add a couple of missing lines from openbsd. 1702 - (dtucker) [regress/stderr-after-eof.sh regress/test-exec.sh] Move the md5 1703 helper function to the portable part of test-exec.sh. 1704 - (dtucker) [regress/runtests.sh] Remove obsolete test driver script. 1705 - (dtucker) [regress/cfgmatch.sh] Remove unneeded sleep renderd obsolete by 1706 rev 1.6 which calls wait. 1707 170820130516 1709 - (djm) [contrib/ssh-copy-id] Fix bug that could cause "rm *" to be 1710 executed if mktemp failed; bz#2105 ok dtucker@ 1711 - (dtucker) OpenBSD CVS Sync 1712 - tedu@cvs.openbsd.org 2013/04/23 17:49:45 1713 [misc.c] 1714 use xasprintf instead of a series of strlcats and strdup. ok djm 1715 - tedu@cvs.openbsd.org 2013/04/24 16:01:46 1716 [misc.c] 1717 remove extra parens noticed by nicm 1718 - dtucker@cvs.openbsd.org 2013/05/06 07:35:12 1719 [sftp-server.8] 1720 Reference the version of the sftp draft we actually implement. ok djm@ 1721 - djm@cvs.openbsd.org 2013/05/10 03:40:07 1722 [sshconnect2.c] 1723 fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 from 1724 Colin Watson 1725 - djm@cvs.openbsd.org 2013/05/10 04:08:01 1726 [key.c] 1727 memleak in cert_free(), wasn't actually freeing the struct; 1728 bz#2096 from shm AT digitalsun.pl 1729 - dtucker@cvs.openbsd.org 2013/05/10 10:13:50 1730 [ssh-pkcs11-helper.c] 1731 remove unused extern optarg. ok markus@ 1732 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34 1733 [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c 1734 ssh_config.5 packet.h] 1735 Add an optional second argument to RekeyLimit in the client to allow 1736 rekeying based on elapsed time in addition to amount of traffic. 1737 with djm@ jmc@, ok djm 1738 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 1739 [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config 1740 sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing 1741 rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man 1742 page. 1743 - djm@cvs.openbsd.org 2013/05/16 04:27:50 1744 [ssh_config.5 readconf.h readconf.c] 1745 add the ability to ignore specific unrecognised ssh_config options; 1746 bz#866; ok markus@ 1747 - jmc@cvs.openbsd.org 2013/05/16 06:28:45 1748 [ssh_config.5] 1749 put IgnoreUnknown in the right place; 1750 - jmc@cvs.openbsd.org 2013/05/16 06:30:06 1751 [sshd_config.5] 1752 oops! avoid Xr to self; 1753 - dtucker@cvs.openbsd.org 2013/05/16 09:08:41 1754 [log.c scp.c sshd.c serverloop.c schnorr.c sftp.c] 1755 Fix some "unused result" warnings found via clang and -portable. 1756 ok markus@ 1757 - dtucker@cvs.openbsd.org 2013/05/16 09:12:31 1758 [readconf.c servconf.c] 1759 switch RekeyLimit traffic volume parsing to scan_scaled. ok djm@ 1760 - dtucker@cvs.openbsd.org 2013/05/16 10:43:34 1761 [servconf.c readconf.c] 1762 remove now-unused variables 1763 - dtucker@cvs.openbsd.org 2013/05/16 10:44:06 1764 [servconf.c] 1765 remove another now-unused variable 1766 - (dtucker) [configure.ac readconf.c servconf.c 1767 openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled. 1768 176920130510 1770 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compiler 1771 supports it. Mentioned by Colin Watson in bz#2100, ok djm. 1772 - (dtucker) [openbsd-compat/getopt.c] Factor out portibility changes to 1773 getopt.c. Preprocessed source is identical other than line numbers. 1774 - (dtucker) [openbsd-compat/getopt_long.c] Import from OpenBSD. No 1775 portability changes yet. 1776 - (dtucker) [openbsd-compat/Makefile.in openbsd-compat/getopt.c 1777 openbsd-compat/getopt_long.c regress/modpipe.c] Remove getopt.c, add 1778 portability code to getopt_long.c and switch over Makefile and the ugly 1779 hack in modpipe.c. Fixes bz#1448. 1780 - (dtucker) [openbsd-compat/getopt.h openbsd-compat/getopt_long.c 1781 openbsd-compat/openbsd-compat.h] pull in getopt.h from openbsd and plumb 1782 in to use it when we're using our own getopt. 1783 - (dtucker) [kex.c] Only include sha256 and ECC key exchange methods when the 1784 underlying libraries support them. 1785 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test so 1786 we don't get a warning on compilers that *don't* support it. Add 1787 -Wno-unknown-warning-option. Move both to the start of the list for 1788 maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9. 1789 179020130423 1791 - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] Support 1792 platforms, such as Android, that lack struct passwd.pw_gecos. Report 1793 and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@ 1794 - (djm) OpenBSD CVS Sync 1795 - markus@cvs.openbsd.org 2013/03/05 20:16:09 1796 [sshconnect2.c] 1797 reset pubkey order on partial success; ok djm@ 1798 - djm@cvs.openbsd.org 2013/03/06 23:35:23 1799 [session.c] 1800 fatal() when ChrootDirectory specified by running without root privileges; 1801 ok markus@ 1802 - djm@cvs.openbsd.org 2013/03/06 23:36:53 1803 [readconf.c] 1804 g/c unused variable (-Wunused) 1805 - djm@cvs.openbsd.org 2013/03/07 00:19:59 1806 [auth2-pubkey.c monitor.c] 1807 reconstruct the original username that was sent by the client, which may 1808 have included a style (e.g. "root:skey") when checking public key 1809 signatures. Fixes public key and hostbased auth when the client specified 1810 a style; ok markus@ 1811 - markus@cvs.openbsd.org 2013/03/07 19:27:25 1812 [auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] 1813 add submethod support to AuthenticationMethods; ok and freedback djm@ 1814 - djm@cvs.openbsd.org 2013/03/08 06:32:58 1815 [ssh.c] 1816 allow "ssh -f none ..." ok markus@ 1817 - djm@cvs.openbsd.org 2013/04/05 00:14:00 1818 [auth2-gss.c krl.c sshconnect2.c] 1819 hush some {unused, printf type} warnings 1820 - djm@cvs.openbsd.org 2013/04/05 00:31:49 1821 [pathnames.h] 1822 use the existing _PATH_SSH_USER_RC define to construct the other 1823 pathnames; bz#2077, ok dtucker@ (no binary change) 1824 - djm@cvs.openbsd.org 2013/04/05 00:58:51 1825 [mux.c] 1826 cleanup mux-created channels that are in SSH_CHANNEL_OPENING state too 1827 (in addition to ones already in OPEN); bz#2079, ok dtucker@ 1828 - markus@cvs.openbsd.org 2013/04/06 16:07:00 1829 [channels.c sshd.c] 1830 handle ECONNABORTED for accept(); ok deraadt some time ago... 1831 - dtucker@cvs.openbsd.org 2013/04/07 02:10:33 1832 [log.c log.h ssh.1 ssh.c sshd.8 sshd.c] 1833 Add -E option to ssh and sshd to append debugging logs to a specified file 1834 instead of stderr or syslog. ok markus@, man page help jmc@ 1835 - dtucker@cvs.openbsd.org 2013/04/07 09:40:27 1836 [sshd.8] 1837 clarify -e text. suggested by & ok jmc@ 1838 - djm@cvs.openbsd.org 2013/04/11 02:27:50 1839 [packet.c] 1840 quiet disconnect notifications on the server from error() back to logit() 1841 if it is a normal client closure; bz#2057 ok+feedback dtucker@ 1842 - dtucker@cvs.openbsd.org 2013/04/17 09:04:09 1843 [session.c] 1844 revert rev 1.262; it fails because uid is already set here. ok djm@ 1845 - djm@cvs.openbsd.org 2013/04/18 02:16:07 1846 [sftp.c] 1847 make "sftp -q" do what it says on the sticker: hush everything but errors; 1848 ok dtucker@ 1849 - djm@cvs.openbsd.org 2013/04/19 01:00:10 1850 [sshd_config.5] 1851 document the requirment that the AuthorizedKeysCommand be owned by root; 1852 ok dtucker@ markus@ 1853 - djm@cvs.openbsd.org 2013/04/19 01:01:00 1854 [ssh-keygen.c] 1855 fix some memory leaks; bz#2088 ok dtucker@ 1856 - djm@cvs.openbsd.org 2013/04/19 01:03:01 1857 [session.c] 1858 reintroduce 1.262 without the connection-killing bug: 1859 fatal() when ChrootDirectory specified by running without root privileges; 1860 ok markus@ 1861 - djm@cvs.openbsd.org 2013/04/19 01:06:50 1862 [authfile.c cipher.c cipher.h kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c] 1863 [key.c key.h mac.c mac.h packet.c ssh.1 ssh.c] 1864 add the ability to query supported ciphers, MACs, key type and KEX 1865 algorithms to ssh. Includes some refactoring of KEX and key type handling 1866 to be table-driven; ok markus@ 1867 - djm@cvs.openbsd.org 2013/04/19 11:10:18 1868 [ssh.c] 1869 add -Q to usage; reminded by jmc@ 1870 - djm@cvs.openbsd.org 2013/04/19 12:07:08 1871 [kex.c] 1872 remove duplicated list entry pointed out by naddy@ 1873 - dtucker@cvs.openbsd.org 2013/04/22 01:17:18 1874 [mux.c] 1875 typo in debug output: evitval->exitval 1876 187720130418 1878 - (djm) [config.guess config.sub] Update to last versions before they switch 1879 to GPL3. ok dtucker@ 1880 - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings from 1881 unused argument warnings (in particular, -fno-builtin-memset) from clang. 1882 188320130404 1884 - (dtucker) OpenBSD CVS Sync 1885 - dtucker@cvs.openbsd.org 2013/02/17 23:16:57 1886 [readconf.c ssh.c readconf.h sshconnect2.c] 1887 Keep track of which IndentityFile options were manually supplied and which 1888 were default options, and don't warn if the latter are missing. 1889 ok markus@ 1890 - dtucker@cvs.openbsd.org 2013/02/19 02:12:47 1891 [krl.c] 1892 Remove bogus include. ok djm 1893 - dtucker@cvs.openbsd.org 2013/02/22 04:45:09 1894 [ssh.c readconf.c readconf.h] 1895 Don't complain if IdentityFiles specified in system-wide configs are 1896 missing. ok djm, deraadt. 1897 - markus@cvs.openbsd.org 2013/02/22 19:13:56 1898 [sshconnect.c] 1899 support ProxyCommand=- (stdin/out already point to the proxy); ok djm@ 1900 - djm@cvs.openbsd.org 2013/02/22 22:09:01 1901 [ssh.c] 1902 Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier 1903 version) 1904 190520130401 1906 - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h 1907 to avoid conflicting definitions of __int64, adding the required bits. 1908 Patch from Corinna Vinschen. 1909 191020130323 1911 - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit. 1912 191320130322 1914 - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil 1915 Hands' greatly revised version. 1916 - (djm) Release 6.2p1 1917 - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype. 1918 - (dtucker) [includes.h] Check if _GNU_SOURCE is already defined before 1919 defining it again. Prevents warnings if someone, eg, sets it in CFLAGS. 1920 192120130318 1922 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c] 1923 [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's 1924 so mark it as broken. Patch from des AT des.no 1925 192620130317 1927 - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none 1928 of the bits the configure test looks for. 1929 193020130316 1931 - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform 1932 is unable to successfully compile them. Based on patch from des AT 1933 des.no 1934 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] 1935 Add a usleep replacement for platforms that lack it; ok dtucker 1936 - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to 1937 occur after UID switch; patch from John Marshall via des AT des.no; 1938 ok dtucker@ 1939 194020130312 1941 - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh] 1942 Improve portability of cipher-speed test, based mostly on a patch from 1943 Iain Morgan. 1944 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin") 1945 in addition to root as an owner of system directories on AIX and HP-UX. 1946 ok djm@ 1947 194820130307 1949 - (dtucker) [INSTALL] Bump documented autoconf version to what we're 1950 currently using. 1951 - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it 1952 was removed in configure.ac rev 1.481 as it was redundant. 1953 - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days 1954 ago. 1955 - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a 1956 chance to complete on broken systems; ok dtucker@ 1957 195820130306 1959 - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding 1960 connection to start so that the test works on slower machines. 1961 - (dtucker) [configure.ac] test that we can set number of file descriptors 1962 to zero with setrlimit before enabling the rlimit sandbox. This affects 1963 (at least) HPUX 11.11. 1964 196520130305 1966 - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for 1967 HP/UX. Spotted by Kevin Brott 1968 - (dtucker) [configure.ac] use "=" for shell test and not "==". Spotted by 1969 Amit Kulkarni and Kevin Brott. 1970 - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure 1971 build breakage on (at least) HP-UX 11.11. Found by Amit Kulkarni and Kevin 1972 Brott. 1973 - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov. 1974 197520130227 1976 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 1977 [contrib/suse/openssh.spec] Crank version numbers 1978 - (tim) [regress/forward-control.sh] use sh in case login shell is csh. 1979 - (tim) [regress/integrity.sh] shell portability fix. 1980 - (tim) [regress/integrity.sh] keep old solaris awk from hanging. 1981 - (tim) [regress/krl.sh] keep old solaris awk from hanging. 1982 198320130226 1984 - OpenBSD CVS Sync 1985 - djm@cvs.openbsd.org 2013/02/20 08:27:50 1986 [integrity.sh] 1987 Add an option to modpipe that warns if the modification offset it not 1988 reached in it's stream and turn it on for t-integrity. This should catch 1989 cases where the session is not fuzzed for being too short (cf. my last 1990 "oops" commit) 1991 - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage 1992 for UsePAM=yes configuration 1993 199420130225 1995 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed 1996 to use Solaris native GSS libs. Patch from Pierre Ossman. 1997 199820130223 1999 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer 2000 bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu. 2001 ok tim 2002 200320130222 2004 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to 2005 ssh(1) since they're not needed. Patch from Pierre Ossman, ok djm. 2006 - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named 2007 libgss too. Patch from Pierre Ossman, ok djm. 2008 - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux 2009 seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com; 2010 ok dtucker 2011 201220130221 2013 - (tim) [regress/forward-control.sh] shell portability fix. 2014 201520130220 2016 - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix. 2017 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded 2018 err.h include from krl.c. Additional portability fixes for modpipe. OK djm 2019 - OpenBSD CVS Sync 2020 - djm@cvs.openbsd.org 2013/02/20 08:27:50 2021 [regress/integrity.sh regress/modpipe.c] 2022 Add an option to modpipe that warns if the modification offset it not 2023 reached in it's stream and turn it on for t-integrity. This should catch 2024 cases where the session is not fuzzed for being too short (cf. my last 2025 "oops" commit) 2026 - djm@cvs.openbsd.org 2013/02/20 08:29:27 2027 [regress/modpipe.c] 2028 s/Id/OpenBSD/ in RCS tag 2029 203020130219 2031 - OpenBSD CVS Sync 2032 - djm@cvs.openbsd.org 2013/02/18 22:26:47 2033 [integrity.sh] 2034 crank the offset yet again; it was still fuzzing KEX one of Darren's 2035 portable test hosts at 2800 2036 - djm@cvs.openbsd.org 2013/02/19 02:14:09 2037 [integrity.sh] 2038 oops, forgot to increase the output of the ssh command to ensure that 2039 we actually reach $offset 2040 - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that 2041 lack support for SHA2. 2042 - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms 2043 that do not have them. 2044 204520130217 2046 - OpenBSD CVS Sync 2047 - djm@cvs.openbsd.org 2013/02/17 23:16:55 2048 [integrity.sh] 2049 make the ssh command generates some output to ensure that there are at 2050 least offset+tries bytes in the stream. 2051 205220130216 2053 - OpenBSD CVS Sync 2054 - djm@cvs.openbsd.org 2013/02/16 06:08:45 2055 [integrity.sh] 2056 make sure the fuzz offset is actually past the end of KEX for all KEX 2057 types. diffie-hellman-group-exchange-sha256 requires an offset around 2058 2700. Noticed via test failures in portable OpenSSH on platforms that 2059 lack ECC and this the more byte-frugal ECDH KEX algorithms. 2060 206120130215 2062 - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from 2063 Iain Morgan 2064 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] 2065 Use getpgrp() if we don't have getpgid() (old BSDs, maybe others). 2066 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c 2067 openbsd-compat/openbsd-compat.h] Add strtoull to compat library for 2068 platforms that don't have it. 2069 - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul, 2070 group strto* function prototypes together. 2071 - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes 2072 an argument. Pointed out by djm. 2073 - (djm) OpenBSD CVS Sync 2074 - djm@cvs.openbsd.org 2013/02/14 21:35:59 2075 [auth2-pubkey.c] 2076 Correct error message that had a typo and was logging the wrong thing; 2077 patch from Petr Lautrbach 2078 - dtucker@cvs.openbsd.org 2013/02/15 00:21:01 2079 [sshconnect2.c] 2080 Warn more loudly if an IdentityFile provided by the user cannot be read. 2081 bz #1981, ok djm@ 2082 208320130214 2084 - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC. 2085 - (djm) [regress/krl.sh] typo; found by Iain Morgan 2086 - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead 2087 of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by 2088 Iain Morgan 2089 209020130212 2091 - (djm) OpenBSD CVS Sync 2092 - djm@cvs.openbsd.org 2013/01/24 21:45:37 2093 [krl.c] 2094 fix handling of (unused) KRL signatures; skip string in correct buffer 2095 - djm@cvs.openbsd.org 2013/01/24 22:08:56 2096 [krl.c] 2097 skip serial lookup when cert's serial number is zero 2098 - krw@cvs.openbsd.org 2013/01/25 05:00:27 2099 [krl.c] 2100 Revert last. Breaks due to likely typo. Let djm@ fix later. 2101 ok djm@ via dlg@ 2102 - djm@cvs.openbsd.org 2013/01/25 10:22:19 2103 [krl.c] 2104 redo last commit without the vi-vomit that snuck in: 2105 skip serial lookup when cert's serial number is zero 2106 (now with 100% better comment) 2107 - djm@cvs.openbsd.org 2013/01/26 06:11:05 2108 [Makefile.in acss.c acss.h cipher-acss.c cipher.c] 2109 [openbsd-compat/openssl-compat.h] 2110 remove ACSS, now that it is gone from libcrypto too 2111 - djm@cvs.openbsd.org 2013/01/27 10:06:12 2112 [krl.c] 2113 actually use the xrealloc() return value; spotted by xi.wang AT gmail.com 2114 - dtucker@cvs.openbsd.org 2013/02/06 00:20:42 2115 [servconf.c sshd_config sshd_config.5] 2116 Change default of MaxStartups to 10:30:100 to start doing random early 2117 drop at 10 connections up to 100 connections. This will make it harder 2118 to DoS as CPUs have come a long way since the original value was set 2119 back in 2000. Prompted by nion at debian org, ok markus@ 2120 - dtucker@cvs.openbsd.org 2013/02/06 00:22:21 2121 [auth.c] 2122 Fix comment, from jfree.e1 at gmail 2123 - djm@cvs.openbsd.org 2013/02/08 00:41:12 2124 [sftp.c] 2125 fix NULL deref when built without libedit and control characters 2126 entered as command; debugging and patch from Iain Morgan an 2127 Loganaden Velvindron in bz#1956 2128 - markus@cvs.openbsd.org 2013/02/10 21:19:34 2129 [version.h] 2130 openssh 6.2 2131 - djm@cvs.openbsd.org 2013/02/10 23:32:10 2132 [ssh-keygen.c] 2133 append to moduli file when screening candidates rather than overwriting. 2134 allows resumption of interrupted screen; patch from Christophe Garault 2135 in bz#1957; ok dtucker@ 2136 - djm@cvs.openbsd.org 2013/02/10 23:35:24 2137 [packet.c] 2138 record "Received disconnect" messages at ERROR rather than INFO priority, 2139 since they are abnormal and result in a non-zero ssh exit status; patch 2140 from Iain Morgan in bz#2057; ok dtucker@ 2141 - dtucker@cvs.openbsd.org 2013/02/11 21:21:58 2142 [sshd.c] 2143 Add openssl version to debug output similar to the client. ok markus@ 2144 - djm@cvs.openbsd.org 2013/02/11 23:58:51 2145 [regress/try-ciphers.sh] 2146 remove acss here too 2147 - (djm) [regress/try-ciphers.sh] clean up CVS merge botch 2148 214920130211 2150 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old 2151 libcrypto that lacks EVP_CIPHER_CTX_ctrl 2152 215320130208 2154 - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer; 2155 patch from Iain Morgan in bz#2059 2156 - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows 2157 __attribute__ on return values and work around if necessary. ok djm@ 2158 215920130207 2160 - (djm) [configure.ac] Don't probe seccomp capability of running kernel 2161 at configure time; the seccomp sandbox will fall back to rlimit at 2162 runtime anyway. Patch from plautrba AT redhat.com in bz#2011 2163 216420130120 2165 - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h] 2166 Move prototypes for replacement ciphers to openssl-compat.h; fix EVP 2167 prototypes for openssl-1.0.0-fips. 2168 - (djm) OpenBSD CVS Sync 2169 - jmc@cvs.openbsd.org 2013/01/18 07:57:47 2170 [ssh-keygen.1] 2171 tweak previous; 2172 - jmc@cvs.openbsd.org 2013/01/18 07:59:46 2173 [ssh-keygen.c] 2174 -u before -V in usage(); 2175 - jmc@cvs.openbsd.org 2013/01/18 08:00:49 2176 [sshd_config.5] 2177 tweak previous; 2178 - jmc@cvs.openbsd.org 2013/01/18 08:39:04 2179 [ssh-keygen.1] 2180 add -Q to the options list; ok djm 2181 - jmc@cvs.openbsd.org 2013/01/18 21:48:43 2182 [ssh-keygen.1] 2183 command-line (adj.) -> command line (n.); 2184 - jmc@cvs.openbsd.org 2013/01/19 07:13:25 2185 [ssh-keygen.1] 2186 fix some formatting; ok djm 2187 - markus@cvs.openbsd.org 2013/01/19 12:34:55 2188 [krl.c] 2189 RB_INSERT does not remove existing elments; ok djm@ 2190 - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer 2191 version. 2192 - (djm) [regress/krl.sh] replacement for jot; most platforms lack it 2193 219420130118 2195 - (djm) OpenBSD CVS Sync 2196 - djm@cvs.openbsd.org 2013/01/17 23:00:01 2197 [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] 2198 [krl.c krl.h PROTOCOL.krl] 2199 add support for Key Revocation Lists (KRLs). These are a compact way to 2200 represent lists of revoked keys and certificates, taking as little as 2201 a single bit of incremental cost to revoke a certificate by serial number. 2202 KRLs are loaded via the existing RevokedKeys sshd_config option. 2203 feedback and ok markus@ 2204 - djm@cvs.openbsd.org 2013/01/18 00:45:29 2205 [regress/Makefile regress/cert-userkey.sh regress/krl.sh] 2206 Tests for Key Revocation Lists (KRLs) 2207 - djm@cvs.openbsd.org 2013/01/18 03:00:32 2208 [krl.c] 2209 fix KRL generation bug for list sections 2210 221120130117 2212 - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] 2213 check for GCM support before testing GCM ciphers. 2214 221520130112 2216 - (djm) OpenBSD CVS Sync 2217 - djm@cvs.openbsd.org 2013/01/12 11:22:04 2218 [cipher.c] 2219 improve error message for integrity failure in AES-GCM modes; ok markus@ 2220 - djm@cvs.openbsd.org 2013/01/12 11:23:53 2221 [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] 2222 test AES-GCM modes; feedback markus@ 2223 - (djm) [regress/integrity.sh] repair botched merge 2224 222520130109 2226 - (djm) OpenBSD CVS Sync 2227 - dtucker@cvs.openbsd.org 2012/12/14 05:26:43 2228 [auth.c] 2229 use correct string in error message; from rustybsd at gmx.fr 2230 - djm@cvs.openbsd.org 2013/01/02 00:32:07 2231 [clientloop.c mux.c] 2232 channel_setup_local_fwd_listener() returns 0 on failure, not -ve 2233 bz#2055 reported by mathieu.lacage AT gmail.com 2234 - djm@cvs.openbsd.org 2013/01/02 00:33:49 2235 [PROTOCOL.agent] 2236 correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 2237 bz#2051 from david AT lechnology.com 2238 - djm@cvs.openbsd.org 2013/01/03 05:49:36 2239 [servconf.h] 2240 add a couple of ServerOptions members that should be copied to the privsep 2241 child (for consistency, in this case they happen only to be accessed in 2242 the monitor); ok dtucker@ 2243 - djm@cvs.openbsd.org 2013/01/03 12:49:01 2244 [PROTOCOL] 2245 fix description of MAC calculation for EtM modes; ok markus@ 2246 - djm@cvs.openbsd.org 2013/01/03 12:54:49 2247 [sftp-server.8 sftp-server.c] 2248 allow specification of an alternate start directory for sftp-server(8) 2249 "I like this" markus@ 2250 - djm@cvs.openbsd.org 2013/01/03 23:22:58 2251 [ssh-keygen.c] 2252 allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ... 2253 ok markus@ 2254 - jmc@cvs.openbsd.org 2013/01/04 19:26:38 2255 [sftp-server.8 sftp-server.c] 2256 sftp-server.8: add argument name to -d 2257 sftp-server.c: add -d to usage() 2258 ok djm 2259 - markus@cvs.openbsd.org 2013/01/08 18:49:04 2260 [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] 2261 [myproposal.h packet.c ssh_config.5 sshd_config.5] 2262 support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) 2263 ok and feedback djm@ 2264 - djm@cvs.openbsd.org 2013/01/09 05:40:17 2265 [ssh-keygen.c] 2266 correctly initialise fingerprint type for fingerprinting PKCS#11 keys 2267 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h] 2268 Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little 2269 cipher compat code to openssl-compat.h 2270 227120121217 2272 - (dtucker) [Makefile.in] Add some scaffolding so that the new regress 2273 tests will work with VPATH directories. 2274 227520121213 2276 - (djm) OpenBSD CVS Sync 2277 - markus@cvs.openbsd.org 2012/12/12 16:45:52 2278 [packet.c] 2279 reset incoming_packet buffer for each new packet in EtM-case, too; 2280 this happens if packets are parsed only parially (e.g. ignore 2281 messages sent when su/sudo turn off echo); noted by sthen/millert 2282 - naddy@cvs.openbsd.org 2012/12/12 16:46:10 2283 [cipher.c] 2284 use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled 2285 counter mode code; ok djm@ 2286 - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our 2287 compat code for older OpenSSL 2288 - (djm) [cipher.c] Fix missing prototype for compat code 2289 229020121212 2291 - (djm) OpenBSD CVS Sync 2292 - markus@cvs.openbsd.org 2012/12/11 22:16:21 2293 [monitor.c] 2294 drain the log messages after receiving the keystate from the unpriv 2295 child. otherwise it might block while sending. ok djm@ 2296 - markus@cvs.openbsd.org 2012/12/11 22:31:18 2297 [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h] 2298 [packet.c ssh_config.5 sshd_config.5] 2299 add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms 2300 that change the packet format and compute the MAC over the encrypted 2301 message (including the packet size) instead of the plaintext data; 2302 these EtM modes are considered more secure and used by default. 2303 feedback and ok djm@ 2304 - sthen@cvs.openbsd.org 2012/12/11 22:51:45 2305 [mac.c] 2306 fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@ 2307 - markus@cvs.openbsd.org 2012/12/11 22:32:56 2308 [regress/try-ciphers.sh] 2309 add etm modes 2310 - markus@cvs.openbsd.org 2012/12/11 22:42:11 2311 [regress/Makefile regress/modpipe.c regress/integrity.sh] 2312 test the integrity of the packets; with djm@ 2313 - markus@cvs.openbsd.org 2012/12/11 23:12:13 2314 [try-ciphers.sh] 2315 add hmac-ripemd160-etm@openssh.com 2316 - (djm) [mac.c] fix merge botch 2317 - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test 2318 work on platforms without 'jot' 2319 - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip 2320 - (djm) [regress/Makefile] fix t-exec rule 2321 232220121207 2323 - (dtucker) OpenBSD CVS Sync 2324 - dtucker@cvs.openbsd.org 2012/12/06 06:06:54 2325 [regress/keys-command.sh] 2326 Fix some problems with the keys-command test: 2327 - use string comparison rather than numeric comparison 2328 - check for existing KEY_COMMAND file and don't clobber if it exists 2329 - clean up KEY_COMMAND file if we do create it. 2330 - check that KEY_COMMAND is executable (which it won't be if eg /var/run 2331 is mounted noexec). 2332 ok djm. 2333 - jmc@cvs.openbsd.org 2012/12/03 08:33:03 2334 [ssh-add.1 sshd_config.5] 2335 tweak previous; 2336 - markus@cvs.openbsd.org 2012/12/05 15:42:52 2337 [ssh-add.c] 2338 prevent double-free of comment; ok djm@ 2339 - dtucker@cvs.openbsd.org 2012/12/07 01:51:35 2340 [serverloop.c] 2341 Cast signal to int for logging. A no-op on openbsd (they're always ints) 2342 but will prevent warnings in portable. ok djm@ 2343 234420121205 2345 - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@. 2346 234720121203 2348 - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get 2349 TAILQ_FOREACH_SAFE needed for upcoming changes. 2350 - (djm) OpenBSD CVS Sync 2351 - djm@cvs.openbsd.org 2012/12/02 20:26:11 2352 [ssh_config.5 sshconnect2.c] 2353 Make IdentitiesOnly apply to keys obtained from a PKCS11Provider. 2354 This allows control of which keys are offered from tokens using 2355 IdentityFile. ok markus@ 2356 - djm@cvs.openbsd.org 2012/12/02 20:42:15 2357 [ssh-add.1 ssh-add.c] 2358 make deleting explicit keys "ssh-add -d" symmetric with adding keys - 2359 try to delete the corresponding certificate too and respect the -k option 2360 to allow deleting of the key only; feedback and ok markus@ 2361 - djm@cvs.openbsd.org 2012/12/02 20:46:11 2362 [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c] 2363 [sshd_config.5] 2364 make AllowTcpForwarding accept "local" and "remote" in addition to its 2365 current "yes"/"no" to allow the server to specify whether just local or 2366 remote TCP forwarding is enabled. ok markus@ 2367 - dtucker@cvs.openbsd.org 2012/10/05 02:20:48 2368 [regress/cipher-speed.sh regress/try-ciphers.sh] 2369 Add umac-128@openssh.com to the list of MACs to be tested 2370 - djm@cvs.openbsd.org 2012/10/19 05:10:42 2371 [regress/cert-userkey.sh] 2372 include a serial number when generating certs 2373 - djm@cvs.openbsd.org 2012/11/22 22:49:30 2374 [regress/Makefile regress/keys-command.sh] 2375 regress for AuthorizedKeysCommand; hints from markus@ 2376 - djm@cvs.openbsd.org 2012/12/02 20:47:48 2377 [Makefile regress/forward-control.sh] 2378 regress for AllowTcpForwarding local/remote; ok markus@ 2379 - djm@cvs.openbsd.org 2012/12/03 00:14:06 2380 [auth2-chall.c ssh-keygen.c] 2381 Fix compilation with -Wall -Werror (trivial type fixes) 2382 - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation 2383 debugging. ok dtucker@ 2384 - (djm) [configure.ac] Revert previous. configure.ac already does this 2385 for us. 2386 238720121114 2388 - (djm) OpenBSD CVS Sync 2389 - djm@cvs.openbsd.org 2012/11/14 02:24:27 2390 [auth2-pubkey.c] 2391 fix username passed to helper program 2392 prepare stdio fds before closefrom() 2393 spotted by landry@ 2394 - djm@cvs.openbsd.org 2012/11/14 02:32:15 2395 [ssh-keygen.c] 2396 allow the full range of unsigned serial numbers; 'fine' deraadt@ 2397 - djm@cvs.openbsd.org 2012/12/02 20:34:10 2398 [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c] 2399 [monitor.c monitor.h] 2400 Fixes logging of partial authentication when privsep is enabled 2401 Previously, we recorded "Failed xxx" since we reset authenticated before 2402 calling auth_log() in auth2.c. This adds an explcit "Partial" state. 2403 2404 Add a "submethod" to auth_log() to report which submethod is used 2405 for keyboard-interactive. 2406 2407 Fix multiple authentication when one of the methods is 2408 keyboard-interactive. 2409 2410 ok markus@ 2411 - dtucker@cvs.openbsd.org 2012/10/05 02:05:30 2412 [regress/multiplex.sh] 2413 Use 'kill -0' to test for the presence of a pid since it's more portable 2414 241520121107 2416 - (djm) OpenBSD CVS Sync 2417 - eric@cvs.openbsd.org 2011/11/28 08:46:27 2418 [moduli.5] 2419 fix formula 2420 ok djm@ 2421 - jmc@cvs.openbsd.org 2012/09/26 17:34:38 2422 [moduli.5] 2423 last stage of rfc changes, using consistent Rs/Re blocks, and moving the 2424 references into a STANDARDS section; 2425 242620121105 2427 - (dtucker) [uidswap.c openbsd-compat/Makefile.in 2428 openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h 2429 openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids 2430 and gids from uidswap.c to the compat library, which allows it to work with 2431 the new setresuid calls in auth2-pubkey. with tim@, ok djm@ 2432 - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that 2433 don't have it. Spotted by tim@. 2434 243520121104 2436 - (djm) OpenBSD CVS Sync 2437 - jmc@cvs.openbsd.org 2012/10/31 08:04:50 2438 [sshd_config.5] 2439 tweak previous; 2440 - djm@cvs.openbsd.org 2012/11/04 10:38:43 2441 [auth2-pubkey.c sshd.c sshd_config.5] 2442 Remove default of AuthorizedCommandUser. Administrators are now expected 2443 to explicitly specify a user. feedback and ok markus@ 2444 - djm@cvs.openbsd.org 2012/11/04 11:09:15 2445 [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] 2446 [sshd_config.5] 2447 Support multiple required authentication via an AuthenticationMethods 2448 option. This option lists one or more comma-separated lists of 2449 authentication method names. Successful completion of all the methods in 2450 any list is required for authentication to complete; 2451 feedback and ok markus@ 2452 245320121030 2454 - (djm) OpenBSD CVS Sync 2455 - markus@cvs.openbsd.org 2012/10/05 12:34:39 2456 [sftp.c] 2457 fix signed vs unsigned warning; feedback & ok: djm@ 2458 - djm@cvs.openbsd.org 2012/10/30 21:29:55 2459 [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] 2460 [sshd.c sshd_config sshd_config.5] 2461 new sshd_config option AuthorizedKeysCommand to support fetching 2462 authorized_keys from a command in addition to (or instead of) from 2463 the filesystem. The command is run as the target server user unless 2464 another specified via a new AuthorizedKeysCommandUser option. 2465 2466 patch originally by jchadima AT redhat.com, reworked by me; feedback 2467 and ok markus@ 2468 246920121019 2470 - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in 2471 the generated file as intended. 2472 247320121005 2474 - (dtucker) OpenBSD CVS Sync 2475 - djm@cvs.openbsd.org 2012/09/17 09:54:44 2476 [sftp.c] 2477 an XXX for later 2478 - markus@cvs.openbsd.org 2012/09/17 13:04:11 2479 [packet.c] 2480 clear old keys on rekeing; ok djm 2481 - dtucker@cvs.openbsd.org 2012/09/18 10:36:12 2482 [sftp.c] 2483 Add bounds check on sftp tab-completion. Part of a patch from from 2484 Jean-Marc Robert via tech@, ok djm 2485 - dtucker@cvs.openbsd.org 2012/09/21 10:53:07 2486 [sftp.c] 2487 Fix improper handling of absolute paths when PWD is part of the completed 2488 path. Patch from Jean-Marc Robert via tech@, ok djm. 2489 - dtucker@cvs.openbsd.org 2012/09/21 10:55:04 2490 [sftp.c] 2491 Fix handling of filenames containing escaped globbing characters and 2492 escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm. 2493 - jmc@cvs.openbsd.org 2012/09/26 16:12:13 2494 [ssh.1] 2495 last stage of rfc changes, using consistent Rs/Re blocks, and moving the 2496 references into a STANDARDS section; 2497 - naddy@cvs.openbsd.org 2012/10/01 13:59:51 2498 [monitor_wrap.c] 2499 pasto; ok djm@ 2500 - djm@cvs.openbsd.org 2012/10/02 07:07:45 2501 [ssh-keygen.c] 2502 fix -z option, broken in revision 1.215 2503 - markus@cvs.openbsd.org 2012/10/04 13:21:50 2504 [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c] 2505 add umac128 variant; ok djm@ at n2k12 2506 - dtucker@cvs.openbsd.org 2012/09/06 04:11:07 2507 [regress/try-ciphers.sh] 2508 Restore missing space. (Id sync only). 2509 - dtucker@cvs.openbsd.org 2012/09/09 11:51:25 2510 [regress/multiplex.sh] 2511 Add test for ssh -Ostop 2512 - dtucker@cvs.openbsd.org 2012/09/10 00:49:21 2513 [regress/multiplex.sh] 2514 Log -O cmd output to the log file and make logging consistent with the 2515 other tests. Test clean shutdown of an existing channel when testing 2516 "stop". 2517 - dtucker@cvs.openbsd.org 2012/09/10 01:51:19 2518 [regress/multiplex.sh] 2519 use -Ocheck and waiting for completions by PID to make multiplexing test 2520 less racy and (hopefully) more reliable on slow hardware. 2521 - [Makefile umac.c] Add special-case target to build umac128.o. 2522 - [umac.c] Enforce allowed umac output sizes. From djm@. 2523 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom". 2524 252520120917 2526 - (dtucker) OpenBSD CVS Sync 2527 - dtucker@cvs.openbsd.org 2012/09/13 23:37:36 2528 [servconf.c] 2529 Fix comment line length 2530 - markus@cvs.openbsd.org 2012/09/14 16:51:34 2531 [sshconnect.c] 2532 remove unused variable 2533 253420120907 2535 - (dtucker) OpenBSD CVS Sync 2536 - dtucker@cvs.openbsd.org 2012/09/06 09:50:13 2537 [clientloop.c] 2538 Make the escape command help (~?) context sensitive so that only commands 2539 that will work in the current session are shown. ok markus@ 2540 - jmc@cvs.openbsd.org 2012/09/06 13:57:42 2541 [ssh.1] 2542 missing letter in previous; 2543 - dtucker@cvs.openbsd.org 2012/09/07 00:30:19 2544 [clientloop.c] 2545 Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@ 2546 - dtucker@cvs.openbsd.org 2012/09/07 01:10:21 2547 [clientloop.c] 2548 Merge escape help text for ~v and ~V; ok djm@ 2549 - dtucker@cvs.openbsd.org 2012/09/07 06:34:21 2550 [clientloop.c] 2551 when muxmaster is run with -N, make it shut down gracefully when a client 2552 sends it "-O stop" rather than hanging around (bz#1985). ok djm@ 2553 255420120906 2555 - (dtucker) OpenBSD CVS Sync 2556 - jmc@cvs.openbsd.org 2012/08/15 18:25:50 2557 [ssh-keygen.1] 2558 a little more info on certificate validity; 2559 requested by Ross L Richardson, and provided by djm 2560 - dtucker@cvs.openbsd.org 2012/08/17 00:45:45 2561 [clientloop.c clientloop.h mux.c] 2562 Force a clean shutdown of ControlMaster client sessions when the ~. escape 2563 sequence is used. This means that ~. should now work in mux clients even 2564 if the server is no longer responding. Found by tedu, ok djm. 2565 - djm@cvs.openbsd.org 2012/08/17 01:22:56 2566 [kex.c] 2567 add some comments about better handling first-KEX-follows notifications 2568 from the server. Nothing uses these right now. No binary change 2569 - djm@cvs.openbsd.org 2012/08/17 01:25:58 2570 [ssh-keygen.c] 2571 print details of which host lines were deleted when using 2572 "ssh-keygen -R host"; ok markus@ 2573 - djm@cvs.openbsd.org 2012/08/17 01:30:00 2574 [compat.c sshconnect.c] 2575 Send client banner immediately, rather than waiting for the server to 2576 move first for SSH protocol 2 connections (the default). Patch based on 2577 one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@ 2578 - dtucker@cvs.openbsd.org 2012/09/06 04:37:39 2579 [clientloop.c log.c ssh.1 log.h] 2580 Add ~v and ~V escape sequences to raise and lower the logging level 2581 respectively. Man page help from jmc, ok deraadt jmc 2582 258320120830 2584 - (dtucker) [moduli] Import new moduli file. 2585 258620120828 2587 - (djm) Release openssh-6.1 2588 258920120828 2590 - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN 2591 for compatibility with future mingw-w64 headers. Patch from vinschen at 2592 redhat com. 2593 259420120822 2595 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 2596 [contrib/suse/openssh.spec] Update version numbers 2597 259820120731 2599 - (djm) OpenBSD CVS Sync 2600 - jmc@cvs.openbsd.org 2012/07/06 06:38:03 2601 [ssh-keygen.c] 2602 missing full stop in usage(); 2603 - djm@cvs.openbsd.org 2012/07/10 02:19:15 2604 [servconf.c servconf.h sshd.c sshd_config] 2605 Turn on systrace sandboxing of pre-auth sshd by default for new installs 2606 by shipping a config that overrides the current UsePrivilegeSeparation=yes 2607 default. Make it easier to flip the default in the future by adding too. 2608 prodded markus@ feedback dtucker@ "get it in" deraadt@ 2609 - dtucker@cvs.openbsd.org 2012/07/13 01:35:21 2610 [servconf.c] 2611 handle long comments in config files better. bz#2025, ok markus 2612 - markus@cvs.openbsd.org 2012/07/22 18:19:21 2613 [version.h] 2614 openssh 6.1 2615 261620120720 2617 - (dtucker) Import regened moduli file. 2618 261920120706 2620 - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is 2621 not available. Allows use of sshd compiled on host with a filter-capable 2622 kernel on hosts that lack the support. bz#2011 ok dtucker@ 2623 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no 2624 unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT 2625 esperi.org.uk; ok dtucker@ 2626- (djm) OpenBSD CVS Sync 2627 - dtucker@cvs.openbsd.org 2012/07/06 00:41:59 2628 [moduli.c ssh-keygen.1 ssh-keygen.c] 2629 Add options to specify starting line number and number of lines to process 2630 when screening moduli candidates. This allows processing of different 2631 parts of a candidate moduli file in parallel. man page help jmc@, ok djm@ 2632 - djm@cvs.openbsd.org 2012/07/06 01:37:21 2633 [mux.c] 2634 fix memory leak of passed-in environment variables and connection 2635 context when new session message is malformed; bz#2003 from Bert.Wesarg 2636 AT googlemail.com 2637 - djm@cvs.openbsd.org 2012/07/06 01:47:38 2638 [ssh.c] 2639 move setting of tty_flag to after config parsing so RequestTTY options 2640 are correctly picked up. bz#1995 patch from przemoc AT gmail.com; 2641 ok dtucker@ 2642 264320120704 2644 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for 2645 platforms that don't have it. "looks good" tim@ 2646 264720120703 2648 - (dtucker) [configure.ac] Detect platforms that can't use select(2) with 2649 setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those. 2650 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not 2651 setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its 2652 benefit is minor, so it's not worth disabling the sandbox if it doesn't 2653 work. 2654 265520120702 2656- (dtucker) OpenBSD CVS Sync 2657 - naddy@cvs.openbsd.org 2012/06/29 13:57:25 2658 [ssh_config.5 sshd_config.5] 2659 match the documented MAC order of preference to the actual one; 2660 ok dtucker@ 2661 - markus@cvs.openbsd.org 2012/06/30 14:35:09 2662 [sandbox-systrace.c sshd.c] 2663 fix a during the load of the sandbox policies (child can still make 2664 the read-syscall and wait forever for systrace-answers) by replacing 2665 the read/write synchronisation with SIGSTOP/SIGCONT; 2666 report and help hshoexer@; ok djm@, dtucker@ 2667 - dtucker@cvs.openbsd.org 2012/07/02 08:50:03 2668 [ssh.c] 2669 set interactive ToS for forwarded X11 sessions. ok djm@ 2670 - dtucker@cvs.openbsd.org 2012/07/02 12:13:26 2671 [ssh-pkcs11-helper.c sftp-client.c] 2672 fix a couple of "assigned but not used" warnings. ok markus@ 2673 - dtucker@cvs.openbsd.org 2012/07/02 14:37:06 2674 [regress/connect-privsep.sh] 2675 remove exit from end of test since it prevents reporting failure 2676 - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh] 2677 Move cygwin detection to test-exec and use to skip reexec test on cygwin. 2678 - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k. 2679 268020120629 2681 - OpenBSD CVS Sync 2682 - dtucker@cvs.openbsd.org 2012/06/21 00:16:07 2683 [addrmatch.c] 2684 fix strlcpy truncation check. from carsten at debian org, ok markus 2685 - dtucker@cvs.openbsd.org 2012/06/22 12:30:26 2686 [monitor.c sshconnect2.c] 2687 remove dead code following 'for (;;)' loops. 2688 From Steve.McClellan at radisys com, ok markus@ 2689 - dtucker@cvs.openbsd.org 2012/06/22 14:36:33 2690 [sftp.c] 2691 Remove unused variable leftover from tab-completion changes. 2692 From Steve.McClellan at radisys com, ok markus@ 2693 - dtucker@cvs.openbsd.org 2012/06/26 11:02:30 2694 [sandbox-systrace.c] 2695 Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation 2696 sandbox" since malloc now uses it. From johnw.mail at gmail com. 2697 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 2698 [mac.c myproposal.h ssh_config.5 sshd_config.5] 2699 Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed 2700 from draft6 of the spec and will not be in the RFC when published. Patch 2701 from mdb at juniper net via bz#2023, ok markus. 2702 - naddy@cvs.openbsd.org 2012/06/29 13:57:25 2703 [ssh_config.5 sshd_config.5] 2704 match the documented MAC order of preference to the actual one; ok dtucker@ 2705 - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 2706 [regress/addrmatch.sh] 2707 Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests 2708 to match. Feedback and ok djm@ markus@. 2709 - djm@cvs.openbsd.org 2012/06/01 00:47:35 2710 [regress/multiplex.sh regress/forwarding.sh] 2711 append to rather than truncate test log; bz#2013 from openssh AT 2712 roumenpetrov.info 2713 - djm@cvs.openbsd.org 2012/06/01 00:52:52 2714 [regress/sftp-cmds.sh] 2715 don't delete .* on cleanup due to unintended env expansion; pointed out in 2716 bz#2014 by openssh AT roumenpetrov.info 2717 - dtucker@cvs.openbsd.org 2012/06/26 12:06:59 2718 [regress/connect-privsep.sh] 2719 test sandbox with every malloc option 2720 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 2721 [regress/try-ciphers.sh regress/cipher-speed.sh] 2722 Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed 2723 from draft6 of the spec and will not be in the RFC when published. Patch 2724 from mdb at juniper net via bz#2023, ok markus. 2725 - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error. 2726 - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have 2727 the required functions in libcrypto. 2728 272920120628 2730 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null 2731 pointer deref in the client when built with LDNS and using DNSSEC with a 2732 CNAME. Patch from gregdlg+mr at hochet info. 2733 273420120622 2735 - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as 2736 can logon as a service. Patch from vinschen at redhat com. 2737 273820120620 2739 - (djm) OpenBSD CVS Sync 2740 - djm@cvs.openbsd.org 2011/12/02 00:41:56 2741 [mux.c] 2742 fix bz#1948: ssh -f doesn't fork for multiplexed connection. 2743 ok dtucker@ 2744 - djm@cvs.openbsd.org 2011/12/04 23:16:12 2745 [mux.c] 2746 revert: 2747 > revision 1.32 2748 > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 2749 > fix bz#1948: ssh -f doesn't fork for multiplexed connection. 2750 > ok dtucker@ 2751 it interacts badly with ControlPersist 2752 - djm@cvs.openbsd.org 2012/01/07 21:11:36 2753 [mux.c] 2754 fix double-free in new session handler 2755 NB. Id sync only 2756 - djm@cvs.openbsd.org 2012/05/23 03:28:28 2757 [dns.c dns.h key.c key.h ssh-keygen.c] 2758 add support for RFC6594 SSHFP DNS records for ECDSA key types. 2759 patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@ 2760 (Original authors Ondřej Surý, Ondřej Caletka and Daniel Black) 2761 - djm@cvs.openbsd.org 2012/06/01 00:49:35 2762 [PROTOCOL.mux] 2763 correct types of port numbers (integers, not strings); bz#2004 from 2764 bert.wesarg AT googlemail.com 2765 - djm@cvs.openbsd.org 2012/06/01 01:01:22 2766 [mux.c] 2767 fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg 2768 AT googlemail.com 2769 - dtucker@cvs.openbsd.org 2012/06/18 11:43:53 2770 [jpake.c] 2771 correct sizeof usage. patch from saw at online.de, ok deraadt 2772 - dtucker@cvs.openbsd.org 2012/06/18 11:49:58 2773 [ssh_config.5] 2774 RSA instead of DSA twice. From Steve.McClellan at radisys com 2775 - dtucker@cvs.openbsd.org 2012/06/18 12:07:07 2776 [ssh.1 sshd.8] 2777 Remove mention of 'three' key files since there are now four. From 2778 Steve.McClellan at radisys com. 2779 - dtucker@cvs.openbsd.org 2012/06/18 12:17:18 2780 [ssh.1] 2781 Clarify description of -W. Noted by Steve.McClellan at radisys com, 2782 ok jmc 2783 - markus@cvs.openbsd.org 2012/06/19 18:25:28 2784 [servconf.c servconf.h sshd_config.5] 2785 sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups} 2786 this allows 'Match LocalPort 1022' combined with 'AllowUser bauer' 2787 ok djm@ (back in March) 2788 - jmc@cvs.openbsd.org 2012/06/19 21:35:54 2789 [sshd_config.5] 2790 tweak previous; ok markus 2791 - djm@cvs.openbsd.org 2012/06/20 04:42:58 2792 [clientloop.c serverloop.c] 2793 initialise accept() backoff timer to avoid EINVAL from select(2) in 2794 rekeying 2795 279620120519 2797 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch 2798 from cjwatson at debian org. 2799 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find 2800 pkg-config so it does the right thing when cross-compiling. Patch from 2801 cjwatson at debian org. 2802- (dtucker) OpenBSD CVS Sync 2803 - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 2804 [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] 2805 Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests 2806 to match. Feedback and ok djm@ markus@. 2807 - dtucker@cvs.openbsd.org 2012/05/19 06:30:30 2808 [sshd_config.5] 2809 Document PermitOpen none. bz#2001, patch from Loganaden Velvindron 2810 281120120504 2812 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h> 2813 to fix building on some plaforms. Fom bowman at math utah edu and 2814 des at des no. 2815 281620120427 2817 - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6 2818 platform rather than exiting early, so that we still clean up and return 2819 success or failure to test-exec.sh 2820 282120120426 2822 - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters 2823 via Niels 2824 - (djm) [auth-krb5.c] Save errno across calls that might modify it; 2825 ok dtucker@ 2826 282720120423 2828 - OpenBSD CVS Sync 2829 - djm@cvs.openbsd.org 2012/04/23 08:18:17 2830 [channels.c] 2831 fix function proto/source mismatch 2832 283320120422 2834 - OpenBSD CVS Sync 2835 - djm@cvs.openbsd.org 2012/02/29 11:21:26 2836 [ssh-keygen.c] 2837 allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ 2838 - guenther@cvs.openbsd.org 2012/03/15 03:10:27 2839 [session.c] 2840 root should always be excluded from the test for /etc/nologin instead 2841 of having it always enforced even when marked as ignorenologin. This 2842 regressed when the logic was incompletely flipped around in rev 1.251 2843 ok halex@ millert@ 2844 - djm@cvs.openbsd.org 2012/03/28 07:23:22 2845 [PROTOCOL.certkeys] 2846 explain certificate extensions/crit split rationale. Mention requirement 2847 that each appear at most once per cert. 2848 - dtucker@cvs.openbsd.org 2012/03/29 23:54:36 2849 [channels.c channels.h servconf.c] 2850 Add PermitOpen none option based on patch from Loganaden Velvindron 2851 (bz #1949). ok djm@ 2852 - djm@cvs.openbsd.org 2012/04/11 13:16:19 2853 [channels.c channels.h clientloop.c serverloop.c] 2854 don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a 2855 while; ok deraadt@ markus@ 2856 - djm@cvs.openbsd.org 2012/04/11 13:17:54 2857 [auth.c] 2858 Support "none" as an argument for AuthorizedPrincipalsFile to indicate 2859 no file should be read. 2860 - djm@cvs.openbsd.org 2012/04/11 13:26:40 2861 [sshd.c] 2862 don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a 2863 while; ok deraadt@ markus@ 2864 - djm@cvs.openbsd.org 2012/04/11 13:34:17 2865 [ssh-keyscan.1 ssh-keyscan.c] 2866 now that sshd defaults to offering ECDSA keys, ssh-keyscan should also 2867 look for them by default; bz#1971 2868 - djm@cvs.openbsd.org 2012/04/12 02:42:32 2869 [servconf.c servconf.h sshd.c sshd_config sshd_config.5] 2870 VersionAddendum option to allow server operators to append some arbitrary 2871 text to the SSH-... banner; ok deraadt@ "don't care" markus@ 2872 - djm@cvs.openbsd.org 2012/04/12 02:43:55 2873 [sshd_config sshd_config.5] 2874 mention AuthorizedPrincipalsFile=none default 2875 - djm@cvs.openbsd.org 2012/04/20 03:24:23 2876 [sftp.c] 2877 setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...) 2878 - jmc@cvs.openbsd.org 2012/04/20 16:26:22 2879 [ssh.1] 2880 use "brackets" instead of "braces", for consistency; 2881 288220120420 2883 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 2884 [contrib/suse/openssh.spec] Update for release 6.0 2885 - (djm) [README] Update URL to release notes. 2886 - (djm) Release openssh-6.0 2887 2888