xref: /freebsd/crypto/openssh/ChangeLog (revision e6bfd18d21b225af6a0ed67ceeaf1293b7b9eba5)
1commit cb30fbdbee869f1ce11f06aa97e1cb8717a0b645
2Author: Damien Miller <djm@mindrot.org>
3Date:   Thu Mar 16 08:28:19 2023 +1100
4
5    depend
6
7commit 1dba63eb10c40b6fda9f5012ed6ae87e2d3d028e
8Author: Damien Miller <djm@mindrot.org>
9Date:   Thu Mar 16 08:27:54 2023 +1100
10
11    crank version
12
13commit ba7532d0dac9aaf0ad7270664c43837fc9f64a5f
14Author: djm@openbsd.org <djm@openbsd.org>
15Date:   Wed Mar 15 21:19:57 2023 +0000
16
17    upstream: openssh-9.3
18
19    OpenBSD-Commit-ID: 8011495f2449c1029bb316bd015eab2e00509848
20
21commit 6fd4daafb949b66bf555f3100f715a9ec64c3390
22Author: dtucker@openbsd.org <dtucker@openbsd.org>
23Date:   Tue Mar 14 07:28:47 2023 +0000
24
25    upstream: Free KRL ptr in addition to its contents.
26
27    From Coverity CID 291841, ok djm@
28
29    OpenBSD-Commit-ID: f146ba08b1b43af4e0d7ad8c4dae3748b4fa31b6
30
31commit 1d270bd303afaf6d94e9098cbbf18e5e539e2088
32Author: dtucker@openbsd.org <dtucker@openbsd.org>
33Date:   Tue Mar 14 07:26:25 2023 +0000
34
35    upstream: Check pointer for NULL before deref.
36
37    None of the existing callers seem to do that, but it's worth checking.
38    From Coverity CID 291834, ok djm@
39
40    OpenBSD-Commit-ID: a0a97113f192a7cb1a2c97b932f677f573cda7a4
41
42commit d95af508e78c0cd3dce56b83853baaa59ae295cf
43Author: dtucker@openbsd.org <dtucker@openbsd.org>
44Date:   Sun Mar 12 10:40:39 2023 +0000
45
46    upstream: Limit number of entries in SSH2_MSG_EXT_INFO
47
48    request. This is already constrained by the maximum SSH packet size but this
49    makes it explicit.  Prompted by Coverity CID 291868, ok djm@ markus@
50
51    OpenBSD-Commit-ID: aea023819aa44a2dcb9dd0fbec10561896fc3a09
52
53commit 8f287ba60d342b3e2f750e7332d2131e3ec7ecd0
54Author: dtucker@openbsd.org <dtucker@openbsd.org>
55Date:   Sun Mar 12 09:41:18 2023 +0000
56
57    upstream: calloc can return NULL but xcalloc can't.
58
59    From Coverity CID 291881, ok djm@
60
61    OpenBSD-Commit-ID: 50204b755f66b2ec7ac3cfe379d07d85ca161d2b
62
63commit 83a56a49fd50f4acf900f934279482e4ef329715
64Author: dtucker@openbsd.org <dtucker@openbsd.org>
65Date:   Fri Mar 10 07:17:08 2023 +0000
66
67    upstream: Explicitly ignore return from fcntl
68
69    (... FD_CLOEXEC) here too.  Coverity CID 291853.
70
71    OpenBSD-Commit-ID: 99d8b3da9d0be1d07ca8dd8e98800a890349e9b5
72
73commit 0fda9d704d3bbf54a5e64ce02a6fecb11fe7f047
74Author: Damien Miller <djm@mindrot.org>
75Date:   Fri Mar 10 15:59:46 2023 +1100
76
77    bounds checking for getrrsetbyname() replacement;
78
79    Spotted by Coverity in CID 405033; ok millert@
80
81commit 89b8df518f21677045599df0ad3e5dd0f39909b5
82Author: dtucker@openbsd.org <dtucker@openbsd.org>
83Date:   Fri Mar 10 04:06:21 2023 +0000
84
85    upstream: Plug mem leak on error path. Coverity CID 405026, ok djm@.
86
87    OpenBSD-Commit-ID: 8212ca05d01966fb5e72205c592b2257708a2aac
88
89commit bf4dae0ad192c3e2f03f7223834b00d88ace3d3e
90Author: Darren Tucker <dtucker@dtucker.net>
91Date:   Fri Mar 10 14:46:57 2023 +1100
92
93    Add prototypes for mkstemp replacements.
94
95    Should prevent warnings due to our wrapper function.
96
97commit 4e04d68d6a33cdc73b831fd4b5e6124175555d3d
98Author: dtucker@openbsd.org <dtucker@openbsd.org>
99Date:   Fri Mar 10 03:01:51 2023 +0000
100
101    upstream: Expliticly ignore return code from fcntl(.. FD_CLOEXEC) since
102
103    there's not much we can do anyway.  From Coverity CID 291857, ok djm@
104
105    OpenBSD-Commit-ID: 051429dd07af8db3fec10d82cdc78d90bb051729
106
107commit d6d38fd77cbe091c59e1bb720c3a494df4990640
108Author: djm@openbsd.org <djm@openbsd.org>
109Date:   Fri Mar 10 02:32:04 2023 +0000
110
111    upstream: Like sshd_config, some ssh_config options are not
112
113    first-match-wins. sshd_config.5 was fixed in r1.348, this is the same for
114    this file
115
116    OpenBSD-Commit-ID: 7be55b9351cde449b136afcc52d07aa4113b215e
117
118commit 7187d3f86bf8f2066cc9941f217d23b0cacae25e
119Author: dtucker@openbsd.org <dtucker@openbsd.org>
120Date:   Fri Mar 10 02:24:56 2023 +0000
121
122    upstream: Remove no-op (int) > INT_MAX checks
123
124    since they can never be true. From Coverity CID 405031, ok djm@
125
126    OpenBSD-Commit-ID: 9df3783b181e056595e2bb9edf7ed41d61cf8e84
127
128commit 77adde4305542ebe3005dd456122624fe2347b01
129Author: Darren Tucker <dtucker@dtucker.net>
130Date:   Fri Mar 10 13:27:29 2023 +1100
131
132    Wrap mkstemp calls with umask set/restore.
133
134    glibc versions 2.06 and earlier did not set a umask on files created by
135    mkstemp created the world-writable.  Wrap mkstemp to set and restore
136    the umask.  From Coverity (CIDs 291826 291886 291891), ok djm@
137
138commit 633d3dc2a1e9e2a013d019a0576a0771c8423713
139Author: jcs@openbsd.org <jcs@openbsd.org>
140Date:   Thu Mar 9 21:06:24 2023 +0000
141
142    upstream: modify parentheses in conditionals to make it clearer what is
143
144    being assigned and what is being checked
145
146    ok djm dtucker
147
148    OpenBSD-Commit-ID: 19c10baa46ae559474409f75a5cb3d0eade7a9b8
149
150commit 733030840c4772f858de95d5940ec0c37663e8b0
151Author: dtucker@openbsd.org <dtucker@openbsd.org>
152Date:   Thu Mar 9 07:11:05 2023 +0000
153
154    upstream: Re-split the merge of the reorder-hostkeys test.
155
156    In the kex_proposal_populate_entries change I merged the the check for
157    reordering hostkeys with the actual reordering, but kex_assemble_names
158    mutates options.hostkeyalgorithms which renders the check ineffective.
159    Put the check back where it was.  Spotted and tested by jsg@, ok djm@
160
161    OpenBSD-Commit-ID: a7469f25a738db5567395d1881e32479a7ffc9de
162
163commit 54ac4ab2b53ce9fcb66b8250dee91c070e4167ed
164Author: djm@openbsd.org <djm@openbsd.org>
165Date:   Thu Mar 9 06:58:26 2023 +0000
166
167    upstream: include destination constraints for smartcard keys too.
168
169    Spotted by Luci Stanescu; ok deraadt@ markus@
170
171    OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f
172
173commit bfd1ad01d974a316b60622759ad17537fa2d92b4
174Author: Darren Tucker <dtucker@dtucker.net>
175Date:   Thu Mar 9 18:24:54 2023 +1100
176
177    Limit the number of PAM environment variables.
178
179    xcalloc has its own limits, but these are specific to PAM.  From
180    Coverity CID 405198, ok djm@
181
182commit a231414970e01a35f45a295d5f93698fa1249b28
183Author: Darren Tucker <dtucker@dtucker.net>
184Date:   Thu Mar 9 18:19:44 2023 +1100
185
186    Limit the number of PAM environment variables.
187
188    From Coverity CID 405194, tweaks and ok djm@
189
190commit 36c6c3eff5e4a669ff414b9daf85f919666e8e03
191Author: dtucker@openbsd.org <dtucker@openbsd.org>
192Date:   Wed Mar 8 06:21:32 2023 +0000
193
194    upstream: Plug mem leak. Coverity CID 405196, ok djm@
195
196    OpenBSD-Commit-ID: 175f09349387c292f626da68f65f334faaa085f2
197
198commit dfb9b736e1ccf9e6b03eea21cd961f4fd0634c98
199Author: tb@openbsd.org <tb@openbsd.org>
200Date:   Wed Mar 8 05:33:53 2023 +0000
201
202    upstream: ssh-pkcs11: synchronize error messages with errors
203
204    A handful of error messages contained incorrect function names or
205    otherwise inaccurate descriptions. Fix them to match reality.
206
207    input/ok djm
208
209    OpenBSD-Commit-ID: 165a15db52f75b31e1804b043480c36af09f3411
210
211commit 51875897b81b5c21b80c256a29597916edbde454
212Author: guenther@openbsd.org <guenther@openbsd.org>
213Date:   Wed Mar 8 04:43:12 2023 +0000
214
215    upstream: Delete obsolete /* ARGSUSED */ lint comments.
216
217    ok miod@ millert@
218
219    OpenBSD-Commit-ID: 7be168a570264d59e96a7d2d22e927d45fee0e4c
220
221commit a76085bda883c2104afb33ab0334eca190927362
222Author: Darren Tucker <dtucker@dtucker.net>
223Date:   Wed Mar 8 17:25:37 2023 +1100
224
225    Extra brackets to prevent warning.
226
227commit 147ae57d4dfa0508109f93b78a7d8b92819e1f83
228Author: djm@openbsd.org <djm@openbsd.org>
229Date:   Wed Mar 8 00:05:58 2023 +0000
230
231    upstream: use RSA/SHA256 when testing usability of private key in
232
233    agent; with/ok dtucker
234
235    OpenBSD-Commit-ID: fe1382e2fdf23fcae631308e72342bad56066a56
236
237commit 27fd251bc906a763e70ce0f27c8abdf8bbd1e416
238Author: djm@openbsd.org <djm@openbsd.org>
239Date:   Wed Mar 8 00:05:37 2023 +0000
240
241    upstream: use RSA/SHA256 when testing usability of private key;
242
243    based on fix in bz3546 by Dmitry Belyavskiy; with/ok dtucker
244
245    OpenBSD-Commit-ID: 0ef414cc363a832f9fab92a5da0234448bce2eba
246
247commit eee9f3fc3d52ae7d2106929bb06b7f291fb0b81a
248Author: djm@openbsd.org <djm@openbsd.org>
249Date:   Tue Mar 7 21:47:42 2023 +0000
250
251    upstream: refactor to be more readable top to bottom. Prompted by
252
253    Coverity CID 405048 which was a false-positive fd leak; ok dtucker@
254
255    OpenBSD-Commit-ID: fc55ec2af622a017defb9b768bf26faefc792c00
256
257commit 42a06b29a4c99272bf690f9b3be520b08b448dc5
258Author: Darren Tucker <dtucker@dtucker.net>
259Date:   Tue Mar 7 18:34:41 2023 +1100
260
261    Add header changes missed in previous.
262
263commit 4710077096edff2e6926dd5b15bf586491d317db
264Author: dtucker@openbsd.org <dtucker@openbsd.org>
265Date:   Tue Mar 7 06:09:14 2023 +0000
266
267    upstream: Fix mem leak in environment setup.
268
269    From jjelen at redhat.com via bz#2687, ok djm@
270
271    OpenBSD-Commit-ID: 9f9e4ba3cac003e6f81da3bcebd1b9ec43e7f353
272
273commit 03acc50d0ccb78fc91d1570de1cd0fdfea646028
274Author: dtucker@openbsd.org <dtucker@openbsd.org>
275Date:   Mon Mar 6 12:15:47 2023 +0000
276
277    upstream: Unit test for kex_proposal_populate_entries.
278
279    OpenBSD-Regress-ID: bdb211d80d572a08bf14b49fe2a58b9ff265c006
280
281commit 3f9231c2e1f374ebb08016ba00ea97b47c0ed20b
282Author: djm@openbsd.org <djm@openbsd.org>
283Date:   Tue Mar 7 05:37:26 2023 +0000
284
285    upstream: fix memory leak in process_read() path; Spotted by James
286
287    Robinson in GHPR363; ok markus@
288
289    OpenBSD-Commit-ID: cdc2d98e6478b7e7f3a36976845adae3820429d8
290
291commit c5e6e890839ec520ab9301a92cba56303749dea2
292Author: djm@openbsd.org <djm@openbsd.org>
293Date:   Tue Mar 7 01:30:52 2023 +0000
294
295    upstream: correct size for array argument when changing
296
297    UMAC_OUTPUT_LEN Coverity CID 291845; ok dtucker@
298
299    OpenBSD-Commit-ID: 2eb017d10705bb623d4418691f961c930eafaec0
300
301commit 9641753e0fd146204d57b2a4165f552a81afade4
302Author: dtucker@openbsd.org <dtucker@openbsd.org>
303Date:   Mon Mar 6 12:14:48 2023 +0000
304
305    upstream: Refactor creation of KEX proposal.
306
307    This adds kex_proposal_populate_entries (and corresponding free) which
308    populates the KEX proposal array with dynamically allocated strings.
309    This replaces the previous mix of static and dynamic that has been the
310    source of previous leaks and bugs.  Remove unused compat functions.
311    With & ok djm@.
312
313    OpenBSD-Commit-ID: f2f99da4aae2233cb18bf9c749320c5e040a9c7b
314
315commit aa59d6a489fb20973fa461d0fdb1110db412947b
316Author: dtucker@openbsd.org <dtucker@openbsd.org>
317Date:   Sun Mar 5 09:24:35 2023 +0000
318
319    upstream: Fix mem and FILE leaks in moduli screening.
320
321    If multiple -Ocheckpoint= options are passed, the earlier ones would
322    be overwritten and leaked.  If we use an input file that wasn't stdin,
323    close that.  From Coverity CIDs 291884 and 291894.
324
325    OpenBSD-Commit-ID: a4d9d15f572926f841788912e2b282485ad09e8b
326
327commit 23b8cb41767af99a1aac24589d1882d9c8c2c205
328Author: dtucker@openbsd.org <dtucker@openbsd.org>
329Date:   Sun Mar 5 08:18:58 2023 +0000
330
331    upstream: Plug mem leak in moduli checkpoint option parsing.
332
333    From Coverity CID 291894.
334
335    OpenBSD-Commit-ID: 9b1aba2d049741ae21c8dc4560a7e29ab17310f4
336
337commit fc7f8f2188d4a4fc8ba77eddbe863c7665666db5
338Author: dtucker@openbsd.org <dtucker@openbsd.org>
339Date:   Sun Mar 5 05:34:09 2023 +0000
340
341    upstream: Remove unused compat.h includes.
342
343    We've previously removed a lot of the really old compatibility code,
344    and with it went the need to include compat.h in most of the files that
345    have it.
346
347    OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
348
349commit 6c165c36246d8004c20e1df5cec4961a5ac422d6
350Author: dtucker@openbsd.org <dtucker@openbsd.org>
351Date:   Sat Mar 4 03:22:59 2023 +0000
352
353    upstream: Use time_t for x11 timeout.
354
355    Use time_t instead of u_int for remaining x11 timeout checks for 64bit
356    time_t safety.  From Coverity CIDs 405197 and 405028, ok djm@
357
358    OpenBSD-Commit-ID: 356685bfa1fc3d81bd95722d3fc47101cc1a4972
359
360commit 4a3918f51bd2d968387e7aa87e33b32c78077fb4
361Author: dtucker@openbsd.org <dtucker@openbsd.org>
362Date:   Fri Mar 3 10:23:42 2023 +0000
363
364    upstream: Ensure ms_remain is always initialized
365
366    similar to what we do in ssh_packet_write_wait.  bz#2687, from jjelen
367    at redhat.com.
368
369    OpenBSD-Commit-ID: a50e0541cf823f8d1c72f71ccde925d3dbe6dfac
370
371commit e44846a4487d2885ac7f2610be09b1e2bf52249b
372Author: dtucker@openbsd.org <dtucker@openbsd.org>
373Date:   Fri Mar 3 09:48:51 2023 +0000
374
375    upstream: Check for non-NULL before string
376
377    comparison. From jjelen at redhat.com via bz#2687.
378
379    OpenBSD-Commit-ID: 0d9b2e0cac88a311b5766b1aef737082583c285f
380
381commit 1842d523fae63b862ce8e60725c9b606cddb86a6
382Author: djm@openbsd.org <djm@openbsd.org>
383Date:   Fri Mar 3 05:00:34 2023 +0000
384
385    upstream: guard against getsockname(-1, ...) from Coverity CID
386
387    291832
388
389    OpenBSD-Commit-ID: e58d5227327917d189229b7f0b37d2780f360d5f
390
391commit 78571a5fe9847d40d7f220c92b707574ae9ec4ce
392Author: djm@openbsd.org <djm@openbsd.org>
393Date:   Fri Mar 3 04:36:20 2023 +0000
394
395    upstream: some options are not first-match-wins. Mention that there
396
397    are exceptions at the start of the manpage and label some of them in the
398    option description.
399
400    OpenBSD-Commit-ID: 3b74728446fa6fc8742769eeb8c3674e233e84c4
401
402commit d1c1b3272e8895a96c4f5889bd6e07a8525bd9f1
403Author: djm@openbsd.org <djm@openbsd.org>
404Date:   Fri Mar 3 04:34:49 2023 +0000
405
406    upstream: actually print "channeltimeout none" in config dump mode;
407
408    spotted via Coverity CID 405022
409
410    OpenBSD-Commit-ID: b074b52bf138b75f08264e8da15880b29c7a630f
411
412commit 8bf61e95610b48192d4e1720cc15d9004617301d
413Author: Darren Tucker <dtucker@dtucker.net>
414Date:   Fri Mar 3 14:50:03 2023 +1100
415
416    Add Coverity badges.
417
418commit 93291bd723959adf462b1df958106cf07a7734dd
419Author: dtucker@openbsd.org <dtucker@openbsd.org>
420Date:   Fri Mar 3 03:12:24 2023 +0000
421
422    upstream: Check return values of dup2. Spotted by Coverity, ok djm@
423
424    OpenBSD-Commit-ID: 19fb1b53072826d00c67df677731d2f6c1dd602b
425
426commit e37261dff33af23f37202cfce0848d36f5c1055c
427Author: dtucker@openbsd.org <dtucker@openbsd.org>
428Date:   Fri Mar 3 02:37:58 2023 +0000
429
430    upstream: Use time_t for x11_refuse_time timeout. We need
431
432    SSH_TIME_T_MAX for this, so move from misc.c to misc.h so it's available.
433    Fixes a Coverity warning for 64bit time_t safety, ok djm@
434
435    OpenBSD-Commit-ID: c69c4c3152cdaab953706db4ccf4d5fd682f7d8d
436
437commit 32755a98c29114b13f4c9d47454bbb265b932ad7
438Author: dtucker@openbsd.org <dtucker@openbsd.org>
439Date:   Fri Mar 3 02:34:29 2023 +0000
440
441    upstream: Check return value from fctnl and warn on failure.
442
443    Spotted by Coverity, ok djm@
444
445    OpenBSD-Commit-ID: 2097c7db3cf657f1e3a6c5077041bacc63143cab
446
447commit 5fc60e8246c36b8255f72a937ebe9787b39648c6
448Author: dtucker@openbsd.org <dtucker@openbsd.org>
449Date:   Thu Mar 2 11:10:27 2023 +0000
450
451    upstream: Remove SUDO in proxy command wrapper. Anything that needs
452
453    sudo is already run by it, and it breaks if root isn't in sudoers.
454
455    OpenBSD-Regress-ID: 6cf22fda32a89c16915f31a6ed9bbdbef2a3bac9
456
457commit 0d514659b23a257247491179cfbb53a6dd64e164
458Author: dtucker@openbsd.org <dtucker@openbsd.org>
459Date:   Thu Mar 2 08:24:41 2023 +0000
460
461    upstream: Fix breakage on dhgex test.
462
463    This was due to the sshd logs being written to the wrong log file.
464    While there, make save_debug_logs less verbose, write the name of the
465    tarball to regress.log and use $SUDO to remove the old symlinks (which
466    shouldn't be needed, but won't hurt).  Initial problem spotted by anton@.
467
468    OpenBSD-Regress-ID: 9c44fb9cd418e6ff31165e7a6c1f9f11a6d19f5b
469
470commit 860201201d4ae655702807966901682cff30a171
471Author: dtucker@openbsd.org <dtucker@openbsd.org>
472Date:   Thu Mar 2 08:14:52 2023 +0000
473
474    upstream: Quote grep and log message better.
475
476    OpenBSD-Regress-ID: 3823d9063127169736aa274b1784cb28e15b64d4
477
478commit 03a03c6002525f5ad9c8fc874a5d5826a35d9858
479Author: dtucker@openbsd.org <dtucker@openbsd.org>
480Date:   Thu Mar 2 06:41:56 2023 +0000
481
482    upstream: Always call fclose on checkpoints.
483
484    In the case of an fprintf failure we would not call fclose which would
485    leak the FILE pointer.  While we're there, try to clean up the temp file
486    on failure.  Spotted by Coverity, ok djm@
487
488    OpenBSD-Commit-ID: 73c7ccc5d4fcc235f54c6b20767a2815408525ef
489
490commit 13fe8f9785e6d90400ce548939a0b0ddc11fcb3c
491Author: dtucker@openbsd.org <dtucker@openbsd.org>
492Date:   Wed Mar 1 21:54:50 2023 +0000
493
494    upstream: Remove old log symlinks
495
496    before creating new ones. In -portable some platforms don't like
497    overwriting existing symlinks.
498
499    OpenBSD-Regress-ID: 7e7ddc0beb73e945e1c4c58d51c8a125b518120f
500
501commit 131fcbcaffd1e3bcf5ab766ec497b5d768955310
502Author: Darren Tucker <dtucker@dtucker.net>
503Date:   Wed Mar 1 23:23:02 2023 +1100
504
505    Adjust test jobs for new log directory.
506
507commit a6f4ac8a2baf77e5361cfa017d0dc250d1409bec
508Author: dtucker@openbsd.org <dtucker@openbsd.org>
509Date:   Wed Mar 1 09:29:32 2023 +0000
510
511    upstream: Rework logging for the regression tests.
512
513    Previously we would log to ssh.log and sshd.log, but that is insufficient
514    for tests that have more than one concurent ssh/sshd.
515
516    Instead, we'll log to separate datestamped files in a $OBJ/log/ and
517    leave a symlink at the previous location pointing at the most recent
518    instance with an entry in regress.log showing which files were created
519    at each point.  This should be sufficient to reconstruct what happened
520    even for tests that use multiple instances of each program.  If the test
521    fails, tar up all of the logs for later analysis.
522
523    This will let us also capture the output from some of the other tools
524    which was previously sent to /dev/null although most of those will be
525    in future commits.
526
527    OpenBSD-Regress-ID: f802aa9e7fa51d1a01225c05fb0412d015c33e24
528
529commit 8ead62ed5e86c7df597d8604f332f49cd1527b85
530Author: dtucker@openbsd.org <dtucker@openbsd.org>
531Date:   Tue Feb 28 21:31:50 2023 +0000
532
533    upstream: fatal out if allocating banner string fails to avoid
534
535    potential null deref later in sscanf.  Spotted by Coverity, ok deraadt@
536
537    OpenBSD-Commit-ID: 74e8d228ac00552e96e9e968dfcccf8dd1f46ad5
538
539commit 44ca56ba0b3f531f1d85730cc701097cd49e6868
540Author: dtucker@openbsd.org <dtucker@openbsd.org>
541Date:   Tue Feb 28 08:45:24 2023 +0000
542
543    upstream: Explicitly ignore return from fchmod
544
545    similar to other calls to prevent warning.
546
547    OpenBSD-Commit-ID: fdc5287dcee0860b5a493186414226c655b0eb0a
548
549commit 803392933a3a6f09f834aa5f0c2aab06a3b382f4
550Author: dtucker@openbsd.org <dtucker@openbsd.org>
551Date:   Mon Feb 27 22:12:40 2023 +0000
552
553    upstream: Plug mem leak on globbed ls error path.
554
555     Spotted by Coverity, ok deraadt@
556
557    OpenBSD-Commit-ID: de28476025db29820a9a2e56e98b964d8a02861c
558
559commit aa33b4d396abf47a2a45f982f28d054fb1dcb5c3
560Author: Darren Tucker <dtucker@dtucker.net>
561Date:   Mon Feb 27 21:04:22 2023 +1100
562
563    Cast time_t's in debug output to long long.
564
565    Should fix Coverity warning about truncation of 64bit time_t.
566
567commit b0fd60a9de62a03189ad57d0c07f0ac51dc00e95
568Author: Darren Tucker <dtucker@dtucker.net>
569Date:   Mon Feb 27 17:28:59 2023 +1100
570
571    Do shadow expiry calcs using "long long".
572
573    Coverity flags these as potentially not 64bit time_t safe so use
574    long long for the calculations and debug output.  ok djm@
575
576commit 01dbeb3084d714bbd001ff9d03b9de542e8cdf58
577Author: Damien Miller <djm@mindrot.org>
578Date:   Mon Feb 27 17:07:52 2023 +1100
579
580    avoid clash between for getopt's struct option
581
582    Since we don't use getopt_long() nothing outside the getopt()
583    implementation itself uses this structure, so move it into the
584    source to remove it from visibility and clashes with libc's
585
586    ok dtucker@
587
588commit eb88d07c43afe407094e7d609248d85a15e148ef
589Author: Darren Tucker <dtucker@dtucker.net>
590Date:   Sat Feb 25 14:45:41 2023 +1100
591
592    Revert explicit chmods on private keys.
593
594    This should no longer be needed on Cygwin test runners due to previous
595    commit.
596
597commit 52b75db61030a6c8baf66b73644380cf3f58e26a
598Author: Darren Tucker <dtucker@dtucker.net>
599Date:   Sat Feb 25 14:43:28 2023 +1100
600
601    Remove extended ACLs from working dirs.
602
603    This should allow umask to work as expected and prevent tests from
604    failing due to excessive permissions on private keys.
605
606commit 0c5d4c843df5605b043a758d69f9a611ef63c479
607Author: Darren Tucker <dtucker@dtucker.net>
608Date:   Fri Feb 24 13:44:13 2023 +1100
609
610    Explicitly set permissions on user and host keys.
611
612    On cygwin, the umask might not be sufficient.  Should fix tests on
613    Github runners.
614
615commit 6c9fc9d7a9f7abf82c3294d74e6d4a25735862ce
616Author: djm@openbsd.org <djm@openbsd.org>
617Date:   Wed Feb 22 03:56:43 2023 +0000
618
619    upstream: fix progressmeter corruption on wide displays; bz3534
620
621    feedback/ok dtucker@
622
623    OpenBSD-Commit-ID: f4affee067cec7c182f3e0b307d758e0472762a3
624
625commit fe0bd3cde9665d364e5eedd2c2c2e60d4cdc3786
626Author: dtucker@openbsd.org <dtucker@openbsd.org>
627Date:   Tue Feb 21 06:48:18 2023 +0000
628
629    upstream: fseek to end of known_hosts before writing to it.
630
631    POSIX and ANSI C require that applications call fseek or similar between
632    read and writing to a RW file.  OpenBSD doesn't enforce this, but some
633    (System V derived) platforms need this to prevent it from writing a
634    spurious extra byte (in this case, a newline).  ok djm@ deraadt@
635
636    OpenBSD-Commit-ID: 33e680dcd8110582a93a40a8491024e961f45137
637
638commit 357fb8ae14c07cd025eeed66e73de91bab569849
639Author: Darren Tucker <dtucker@dtucker.net>
640Date:   Tue Feb 21 17:51:09 2023 +1100
641
642    Also run unit tests on AIX VMs.
643
644    In the past these tests took too long, but these days it only adds
645    about 5 min to the run.
646
647commit 17781aaa5188ee1477f7779b280d105512e3dbed
648Author: Darren Tucker <dtucker@dtucker.net>
649Date:   Tue Feb 21 17:38:55 2023 +1100
650
651    Wrap stdint.h inside ifdef.
652
653commit ef798bad38505f7bf1b5fa5c0843dfc5a2b192b9
654Author: Mayank Sharma <mayank.fit2010@gmail.com>
655Date:   Mon Feb 20 17:37:15 2023 +0530
656
657    Add includes to ptimeout test.
658
659    Fixes test failures on AIX due to type mismatches.
660
661commit ab69dda05d5268454209f529fa80f477e60d846a
662Author: Darren Tucker <dtucker@dtucker.net>
663Date:   Mon Feb 20 18:24:39 2023 +1100
664
665    Always use the openssl binary configure tells us.
666
667    This fixes tests on platforms that do not have the openssl tool
668    installed at all.
669
670commit 2a7e3449908571af601a4c2d12ab140096442e47
671Author: dtucker@openbsd.org <dtucker@openbsd.org>
672Date:   Fri Feb 17 04:22:50 2023 +0000
673
674    upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The code
675
676    to set this was removed in OpenSSH 7.7 when support for SSH implementations
677    dating back to before RFC standardization were removed.  "burn it all" djm@
678
679    OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
680
681commit 0833ccf2c8b7ae08b296c06f17bd53e3ab94b0b0
682Author: dtucker@openbsd.org <dtucker@openbsd.org>
683Date:   Fri Feb 17 03:06:18 2023 +0000
684
685    upstream: Remove now-unused compat bit SSH_BUG_BIGENDIANAES. This
686
687    was previously set for OpenSSH 2.3 (released in 2000) but this check was
688    removed in OpenSSH 7.7 (2018).  ok djm@ deraadt@
689
690    OpenBSD-Commit-ID: 326426ea328707fc9e83305291ab135c87f678af
691
692commit c81c2bea6e828d52b62b448b4ffdd3c163177975
693Author: Damien Miller <djm@mindrot.org>
694Date:   Fri Feb 17 10:12:40 2023 +1100
695
696    whitespace fixes
697
698commit 500f90b39db5f0014e6b0c49ff1f45c994b69293
699Author: Damien Miller <djm@mindrot.org>
700Date:   Fri Feb 17 10:02:08 2023 +1100
701
702    whitespace at EOL
703
704commit 68350152406339170721c15e97afdf827a5e4001
705Author: dtucker@openbsd.org <dtucker@openbsd.org>
706Date:   Thu Feb 16 10:10:00 2023 +0000
707
708    upstream: Remove SSH_BUG_PASSWORDPAD compat bit
709
710    since it's no longer used. ok markus@
711
712    OpenBSD-Commit-ID: b92c21f56fe4b7f9a54790d6a9650725c226820b
713
714commit 537cccd804eaf65f32bdce037cc31db4e0ab0f44
715Author: dtucker@openbsd.org <dtucker@openbsd.org>
716Date:   Thu Feb 16 07:55:15 2023 +0000
717
718    upstream: Remove SSH_BUG_IGNOREMSG compat flag
719
720    since it's only applicable to SSH1 and thus no longer used.  ok markus@
721    "kill it with fire" djm@
722
723    OpenBSD-Commit-ID: ea13318b1937795d9db4790d3ce0a6ed01584dab
724
725commit 285cf6cd4b91a0a0ce33193c358c99085af33e43
726Author: jmc@openbsd.org <jmc@openbsd.org>
727Date:   Fri Feb 10 06:41:53 2023 +0000
728
729    upstream: space between macro and punctuation; sort usage();
730
731    OpenBSD-Commit-ID: 6141610cfca037700730e41f868d1d9124958f8c
732
733commit d39a96f70f81878c77336ed35f5c648c1804b71a
734Author: jmc@openbsd.org <jmc@openbsd.org>
735Date:   Fri Feb 10 06:40:48 2023 +0000
736
737    upstream: space between macro and punctuation;
738
739    OpenBSD-Commit-ID: abc95e550be9e6d9a7ff64b65c104c7be21ab19e
740
741commit 16e82bf53fc34e43e3b948d43b68d5b27a7335e6
742Author: jmc@openbsd.org <jmc@openbsd.org>
743Date:   Fri Feb 10 06:39:27 2023 +0000
744
745    upstream: sort SYNOPSIS;
746
747    OpenBSD-Commit-ID: dacd9da33277d5669a51213d880632599c890c1e
748
749commit d9685121ff6d57b8797411f3cb123884a4b96e30
750Author: Darren Tucker <dtucker@dtucker.net>
751Date:   Sat Feb 11 12:32:19 2023 +1100
752
753    Improve seccomp compat on older systems.
754
755    Check if flags to mmap and madvise are defined before using them.
756    Should fix problems building on older Linux systems that don't have
757    these.  bz#3537, with & ok djm@.
758
759commit 6180b0fa4f7996687678702806257e661fd5931e
760Author: djm@openbsd.org <djm@openbsd.org>
761Date:   Fri Feb 10 05:06:03 2023 +0000
762
763    upstream: test -Ohashalg=... and that the default output contains both
764
765    specified hash algorithms; prompted by dtucker@
766
767    OpenBSD-Regress-ID: 26f309208c8d8b8fa9c5f419767b85f1e9b22f51
768
769commit d651f5c9fe37e61491eee46c49ba9fa03dbc0e6a
770Author: djm@openbsd.org <djm@openbsd.org>
771Date:   Fri Feb 10 04:56:30 2023 +0000
772
773    upstream: let ssh-keygen and ssh-keyscan accept
774
775    -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm
776    selection. bz3493 ok dtucker@
777
778    OpenBSD-Commit-ID: e6e07fe21318a873bd877f333e189eb963a11b3d
779
780commit 18938d11a90b74d63c20b2d3c965d5bd64786ab1
781Author: djm@openbsd.org <djm@openbsd.org>
782Date:   Fri Feb 10 04:47:19 2023 +0000
783
784    upstream: add a `sshd -G` option that parses and prints the
785
786    effective configuration without attempting to load private keys and perform
787    other checks. This allows usage of the option before keys have been
788    generated.
789
790    bz3460 feedback/ok dtucker@
791
792    OpenBSD-Commit-ID: 774504f629023fc25a559ab1d95401adb3a7fb29
793
794commit df7d3dbf7194db8e97730ee0425d4d9d7bdb8b10
795Author: djm@openbsd.org <djm@openbsd.org>
796Date:   Fri Feb 10 04:40:28 2023 +0000
797
798    upstream: make `ssh -Q CASignatureAlgorithms` work as the manpage says
799
800    it should bz3532
801
802    OpenBSD-Commit-ID: 0ddb17b3fcbd99bfb5baea4ac5e449620cbd3adc
803
804commit d3b8d4198b6595f23b5859d43dc8fc701f97429b
805Author: Darren Tucker <dtucker@dtucker.net>
806Date:   Fri Feb 10 14:26:44 2023 +1100
807
808    Add CentOS 7 test targets.
809
810commit 22efb01e355bba4755b730ed417f91c081445bfc
811Author: dtucker@openbsd.org <dtucker@openbsd.org>
812Date:   Thu Feb 9 09:55:33 2023 +0000
813
814    upstream: Test adding terminating newline to known_hosts.
815
816    OpenBSD-Regress-ID: 5fc3010ac450195b3fbdeb68e875564968800365
817
818commit caec6da1a583ed8c32c6ad3b81bbcaab46ac8b61
819Author: dtucker@openbsd.org <dtucker@openbsd.org>
820Date:   Wed Feb 8 08:06:03 2023 +0000
821
822    upstream: ssh-agent doesn't actually take -v,
823
824    so the recently-added ones will result in the test not cleaning up
825    after itself.  Patch from cjwatson at debian.org vi bz#3536.
826
827    OpenBSD-Regress-ID: 1fc8283568f5bf2f918517c2c1e778072cf61b1a
828
829commit 3c379c9a849a635cc7f05cbe49fe473ccf469ef9
830Author: dtucker@openbsd.org <dtucker@openbsd.org>
831Date:   Thu Feb 9 09:54:11 2023 +0000
832
833    upstream: Ensure that there is a terminating newline when adding a new
834
835    entry to known_hosts.  bz#3529, with git+openssh at limpsquid.nl, ok deraadt@
836    markus@
837
838    OpenBSD-Commit-ID: fa8d90698da1886570512b96f051e266eac105e0
839
840commit 95b6bbd2553547260b324b39d602061c88b774bc
841Author: Darren Tucker <dtucker@dtucker.net>
842Date:   Tue Feb 7 08:43:47 2023 +1100
843
844    Replace 9.1 with 9.2 on CI status page.
845
846commit 195313dfe10a23c82e9d56d5fdd2f59beee1bdcf
847Author: Damien Miller <djm@mindrot.org>
848Date:   Fri Feb 3 16:33:09 2023 +1100
849
850    harden Linux seccomp sandbox
851
852    Linux mmap(2) and madvise(2) syscalls support quite a number of funky
853    flags that we don't expect that sshd/libc will ever need. We can
854    exclude this kernel attack surface by filtering the mmap(2) flags
855    and the madvise(2) advice arguments.
856
857    Similarly, the sandboxed process in sshd is a single-threaded program
858    that does not use shared memory for synchronisation or communication.
859    Therefore, there should be no reason for the advanced priority
860    inheritance futex(2) operations to be necessary. These can also be
861    excluded.
862
863    Motivated by Jann Horn pointing out that there have been kernel bugs
864    in nearby Linux kernel code, e.g. CVE-2020-29368, CVE-2020-29374 and
865    CVE-2022-42703.
866
867    Feedback Jann Horn, ok dtucker@
868
869commit 6dfb65de949cdd0a5d198edee9a118f265924f33
870Author: Damien Miller <djm@mindrot.org>
871Date:   Thu Feb 2 23:21:54 2023 +1100
872
873    crank versions in RPM specs
874
875commit d07cfb11a0ca574eb68a3931d8c46fbe862a2021
876Author: Damien Miller <djm@mindrot.org>
877Date:   Thu Feb 2 23:21:45 2023 +1100
878
879    update version in README
880
881commit 9fe207565b4ab0fe5d1ac5bb85e39188d96fb214
882Author: Damien Miller <djm@mindrot.org>
883Date:   Thu Feb 2 23:17:49 2023 +1100
884
885    adapt compat_kex_proposal() test to portable
886
887commit 903c556b938fff2d7bff8da2cc460254430963c5
888Author: djm@openbsd.org <djm@openbsd.org>
889Date:   Thu Feb 2 12:12:52 2023 +0000
890
891    upstream: test compat_kex_proposal(); by dtucker@
892
893    OpenBSD-Regress-ID: 0e404ee264db546f9fdbf53390689ab5f8d38bf2
894
895commit 405fba71962dec8409c0c962408e09049e5624b5
896Author: dtucker@openbsd.org <dtucker@openbsd.org>
897Date:   Thu Jan 19 07:53:45 2023 +0000
898
899    upstream: Check if we can copy sshd or need to use sudo to do so
900
901    during reexec test. Skip test if neither can work.  Patch from anton@, tweaks
902    from me.
903
904    OpenBSD-Regress-ID: 731b96ae74d02d5744e1f1a8e51d09877ffd9b6d
905
906commit b2a2a8f69fd7737ea17dc044353c514f2f962f35
907Author: djm@openbsd.org <djm@openbsd.org>
908Date:   Thu Feb 2 12:10:22 2023 +0000
909
910    upstream: openssh-9.2
911
912    OpenBSD-Commit-ID: f7389f32413c74d6e2055f05cf65e7082de03923
913
914commit 12da7823336434a403f25c7cc0c2c6aed0737a35
915Author: djm@openbsd.org <djm@openbsd.org>
916Date:   Thu Feb 2 12:10:05 2023 +0000
917
918    upstream: fix double-free caused by compat_kex_proposal(); bz3522
919
920    by dtucker@, ok me
921
922    OpenBSD-Commit-ID: 2bfc37cd2d41f67dad64c17a64cf2cd3806a5c80
923
924commit 79efd95ab5ff99f4cb3a955e2d713b3f54fb807e
925Author: Darren Tucker <dtucker@dtucker.net>
926Date:   Wed Feb 1 17:17:26 2023 +1100
927
928    Skip connection-timeout test on minix3.
929
930    Minix 3's Unix domain sockets don't seem to work the way we expect, so
931    skip connection-timeout test on that platform.  While there, group
932    together all similarly skipped tests and explicitly comment.
933
934commit 6b508c4e039619842bcf5a16f8a6b08dd6bec44a
935Author: Damien Miller <djm@mindrot.org>
936Date:   Wed Feb 1 12:12:05 2023 +1100
937
938    fix libfido2 detection without pkg-config
939
940    Place libfido2 before additional libraries (that it may depend upon)
941    and not after. bz3530 from James Zhang; ok dtucker@
942
943commit 358e300fed5e6def233a2c06326e51e20ebed621
944Author: deraadt@openbsd.org <deraadt@openbsd.org>
945Date:   Wed Jan 18 20:56:36 2023 +0000
946
947    upstream: delete useless dependency
948
949    OpenBSD-Commit-ID: e1dc11143f83082e3154d6094f9136d0dc2637ad
950
951commit a4cb9be1b021b511e281ee55c356f964487d9e82
952Author: deraadt@openbsd.org <deraadt@openbsd.org>
953Date:   Wed Jan 18 20:43:15 2023 +0000
954
955    upstream: Create and install sshd random relink kit.
956
957    ../Makefile.inc and Makfile are concatenated for reuse, which hopefully won't
958    be too fragile, we'll see if we need a different approach. The resulting sshd
959    binary is tested with the new sshd -V option before installation.  As the
960    binary layout is now semi-unknown (meaning relative, fixed, and gadget
961    offsets are not precisely known), change the filesystem permissions to 511 to
962    prevent what I call "logged in BROP". I have ideas for improving this further
963    but this is a first step ok djm
964
965    OpenBSD-Commit-ID: 1e0a2692b7e20b126dda60bf04999d1d30d959d8
966
967commit bc7de6f91a9a0ae2f148a9d31a4027d441a51999
968Author: jmc@openbsd.org <jmc@openbsd.org>
969Date:   Wed Jan 18 06:55:32 2023 +0000
970
971    upstream: tweak previous; ok djm
972
973    OpenBSD-Commit-ID: df71ce4180c58202dfdc1d92626cfe900b91b7c3
974
975commit a20b7e999773e6333c8aa9b0a7fa41966e63b037
976Author: Darren Tucker <dtucker@dtucker.net>
977Date:   Tue Jan 31 19:35:44 2023 +1100
978
979    Skip connection-timeout test under Valgrind.
980
981    Valgrind slows things down so much that the timeout test fails.  Skip
982    this test until we figure out if we can make it work.
983
984commit c3ffb54b4fc5e608206037921db6ccbc2f5ab25f
985Author: Darren Tucker <dtucker@dtucker.net>
986Date:   Wed Jan 25 21:58:40 2023 +1100
987
988    Skip connection-timeout when missing FD passing.
989
990    This tests uses multiplexing which uses file descriptor passing, so
991    skip it if we don't have that.  Fixes test failures on Cygwin.
992
993commit 35253af01d8c0ab444c8377402121816e71c71f5
994Author: djm@openbsd.org <djm@openbsd.org>
995Date:   Wed Jan 18 02:00:10 2023 +0000
996
997    upstream: when restoring non-blocking mode to stdio fds, restore
998
999    exactly the flags that ssh started with and don't just clobber them with
1000    zero, as this could also remove the append flag from the set;
1001
1002    bz3523; ok dtucker@
1003
1004    OpenBSD-Commit-ID: 1336b03e881db7564a4b66014eb24c5230e9a0c0
1005
1006commit 7d17ea151c0b2519f023bd9cc7f141128833ac47
1007Author: millert@openbsd.org <millert@openbsd.org>
1008Date:   Wed Jan 18 01:50:21 2023 +0000
1009
1010    upstream: Add a -V (version) option to sshd like the ssh client
1011
1012    has. OK markus@ deraadt@
1013
1014    OpenBSD-Commit-ID: abe990ec3e636fb040132aab8cbbede98f0c413e
1015
1016commit 62360feb7f08f2a4c6fc36f3b3449309203c42c9
1017Author: millert@openbsd.org <millert@openbsd.org>
1018Date:   Tue Jan 17 18:52:44 2023 +0000
1019
1020    upstream: For "ssh -V" always exit 0, there is no need to check opt
1021
1022    again. This was missed when the fallthrough in the switch case above it was
1023    removed.  OK deraadt@
1024
1025    OpenBSD-Commit-ID: 5583e5d8f6d62a8a4215cfa95a69932f344c8120
1026
1027commit 12492c0abf1eb415d08a897cc1d8b9e789888230
1028Author: djm@openbsd.org <djm@openbsd.org>
1029Date:   Tue Jan 17 10:15:10 2023 +0000
1030
1031    upstream: also check that an active session inhibits
1032
1033    UnusedConnectionTimeout idea markus@
1034
1035    OpenBSD-Regress-ID: 55c0fb61f3bf9e092b0a53f9041d3d2012f14003
1036
1037commit cef2593c33ac46a58238ff998818754eabdf64ff
1038Author: djm@openbsd.org <djm@openbsd.org>
1039Date:   Tue Jan 17 10:02:34 2023 +0000
1040
1041    upstream: regression test for UnusedConnectionTimeout
1042
1043    OpenBSD-Regress-ID: 7f29001374a68e71e5e078f69e4520cf4bcca084
1044
1045commit aff9493a89c71d6a080419b49ac64eead9730491
1046Author: djm@openbsd.org <djm@openbsd.org>
1047Date:   Mon Jan 16 04:11:29 2023 +0000
1048
1049    upstream: unbreak test: cannot access shell positional parameters
1050
1051    past $9 without wrapping the position in braces (i.e. need ${10}, etc.)
1052
1053    OpenBSD-Regress-ID: 3750ec98d5d409ce6a93406fedde6f220d2ea2ac
1054
1055commit 0293c19807f83141cdf33b443154459f9ee471f6
1056Author: djm@openbsd.org <djm@openbsd.org>
1057Date:   Tue Jan 17 09:44:48 2023 +0000
1058
1059    upstream: Add a sshd_config UnusedConnectionTimeout option to terminate
1060
1061    client connections that have no open channels for some length of time. This
1062    complements the recently-added ChannelTimeout option that terminates inactive
1063    channels after a timeout.
1064
1065    ok markus@
1066
1067    OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
1068
1069commit 8ec2e3123802d2beeca06c1644b0b647f6d36dab
1070Author: djm@openbsd.org <djm@openbsd.org>
1071Date:   Sun Jan 15 23:35:10 2023 +0000
1072
1073    upstream: adapt to ed25519 changes in src/usr.bin/ssh
1074
1075    OpenBSD-Regress-ID: 4b3e7ba7ee486ae8a0b4790f8112eded2bb7dcd5
1076
1077commit 9fbbfeca1ce4c7ec0001c827bbf4189a3ba0964b
1078Author: djm@openbsd.org <djm@openbsd.org>
1079Date:   Sun Jan 15 23:05:32 2023 +0000
1080
1081    upstream: update OpenSSH's Ed25519 code to the last version of SUPERCOP
1082
1083    (20221122) and change the import approach to the same one we use for
1084    Streamlined NTRUPrime: use a shell script to extract the bits we need from
1085    SUPERCOP, make some minor adjustments and squish them all into a single file.
1086
1087    ok tb@ tobhe@
1088
1089    OpenBSD-Commit-ID: 1bc0fd624cb6af440905b8ba74ac7c03311b8e3b
1090
1091commit 6283f4bd83eee714d0f5fc55802eff836b06fea8
1092Author: Darren Tucker <dtucker@dtucker.net>
1093Date:   Sat Jan 14 22:02:44 2023 +1100
1094
1095    Allow writev is seccomp sandbox.
1096
1097    This seems to be used by recent glibcs at least in some configurations.
1098    From bz#3512, ok djm@
1099
1100commit 923c3f437f439cfca238fba37e97a7041782f615
1101Author: dtucker@openbsd.org <dtucker@openbsd.org>
1102Date:   Sat Jan 14 10:05:54 2023 +0000
1103
1104    upstream: Shell syntax fix. From ren mingshuai vi github PR#369.
1105
1106    OpenBSD-Regress-ID: 6696b2eeefe128099fc3d7ea9f23252cc35156f9
1107
1108commit 4d87a00f704e0365e11c3c38b170c1275ec461fc
1109Author: dtucker@openbsd.org <dtucker@openbsd.org>
1110Date:   Sat Jan 14 09:57:08 2023 +0000
1111
1112    upstream: Instead of skipping the all-tokens test if we don't have
1113
1114    OpenSSL (since we use it to compute the hash), put the hash at the end and
1115    just omit it if we don't have it.  Prompted by bz#3521.
1116
1117    OpenBSD-Regress-ID: c79ecba64250ed3b6417294b6c965e6b12ca5eea
1118
1119commit b05406d6f93b8c8ec11ec8b27e7c76cc7a5a55fb
1120Author: jmc@openbsd.org <jmc@openbsd.org>
1121Date:   Fri Jan 13 07:13:40 2023 +0000
1122
1123    upstream: fix double phrase in previous;
1124
1125    OpenBSD-Commit-ID: 671e6c8dc5e9230518b2bbfa143daaa88adc66c2
1126
1127commit 40564812b659c530eb1f4b62d09e85612aef3107
1128Author: dtucker@openbsd.org <dtucker@openbsd.org>
1129Date:   Fri Jan 13 03:16:29 2023 +0000
1130
1131    upstream: Document "UserKnownHostsFile none". ok djm@
1132
1133    OpenBSD-Commit-ID: f695742d39e34ecdcc3c861c3739a84648a4bce5
1134
1135commit d03e245e034019a37388f6f5f893ce848ab6d2e2
1136Author: Darren Tucker <dtucker@dtucker.net>
1137Date:   Fri Jan 13 23:02:34 2023 +1100
1138
1139    Retry package installation 3 times.
1140
1141    When setting up the CI environment, retry package installation 3 times
1142    before going up.  Should help prevent spurious failures during
1143    infrastructure issues.
1144
1145commit 625f6bc39840167dafb3bf5b6a3e18503ac986e8
1146Author: dtucker@openbsd.org <dtucker@openbsd.org>
1147Date:   Fri Jan 13 04:47:34 2023 +0000
1148
1149    upstream: Move scp path setting to a helper function. The previous
1150
1151    commit to add scp to the test sshd's path causes the t-envpass test to fail
1152    when the test scp is given using a fully qualified path.  Put this in a
1153    helper function and only call it from the scp tests.
1154
1155    OpenBSD-Regress-ID: 7533dc1c4265c1de716abb062957994195b36df4
1156
1157commit 6e6f88647042b3cde54a628545c2f5fb656a9327
1158Author: dtucker@openbsd.org <dtucker@openbsd.org>
1159Date:   Fri Jan 13 04:23:00 2023 +0000
1160
1161    upstream: Add scp's path to test sshd's PATH.
1162
1163    If the scp we're testing is fully qualified (eg it's not in the system
1164    PATH) then add its path to the under-test sshd's PATH so we can find
1165    it. Prompted by bz#3518.
1166
1167    OpenBSD-Regress-ID: 7df4f5a0be3aa135495b7e5a6719d3cbc26cc4c0
1168
1169commit 8a5e99a70fcf9b022a8aa175ebf6a71f58511da3
1170Author: Darren Tucker <dtucker@dtucker.net>
1171Date:   Fri Jan 13 15:49:48 2023 +1100
1172
1173    Remove skipping test when scp not in path.
1174
1175    An upcoming change renders this obsolete by adding scp's path to the
1176    test sshd's PATH, and removing this first will make the subsequent sync
1177    easier.
1178
1179commit 41f36dd896c8fb8337d403fcf476762986976e9d
1180Author: dtucker@openbsd.org <dtucker@openbsd.org>
1181Date:   Fri Jan 13 02:58:20 2023 +0000
1182
1183    upstream: Add a "Host" line to the output of ssh -G showing the
1184
1185    original host arg. Inspired by patch from vincent at bernat.ch via bz#3343,
1186    ok djm@
1187
1188    OpenBSD-Commit-ID: 59c0f60a222113a44d0650cd394376e3beecc883
1189
1190commit f673b49f3be3eb51074fbb8a405beb6cd0f7d93e
1191Author: djm@openbsd.org <djm@openbsd.org>
1192Date:   Fri Jan 13 02:44:02 2023 +0000
1193
1194    upstream: avoid printf("%s", NULL) if using ssh
1195
1196    -oUserKnownHostsFile=none and a hostkey in one of the system known hosts file
1197    changes; ok dtucker@
1198
1199    OpenBSD-Commit-ID: 7ca87614bfc6da491315536a7f2301434a9fe614
1200
1201commit 93fc7c576563e3d88a1dc019dd213f65607784cc
1202Author: djm@openbsd.org <djm@openbsd.org>
1203Date:   Wed Jan 11 05:39:38 2023 +0000
1204
1205    upstream: clamp the minimum buffer lengths and number of inflight
1206
1207    requests too
1208
1209    OpenBSD-Commit-ID: c4965f62fa0ba850940fd66ae3f60cf516bbcd56
1210
1211commit 48bf234322e639d279c5a28435eae50155e9b514
1212Author: djm@openbsd.org <djm@openbsd.org>
1213Date:   Wed Jan 11 05:36:50 2023 +0000
1214
1215    upstream: ignore bogus upload/download buffer lengths in the limits
1216
1217    extension
1218
1219    OpenBSD-Commit-ID: c5b023e0954693ba9a5376e4280c739b5db575f8
1220
1221commit 36b00d31833ca74cb0f7c7d8eda1bde55700f929
1222Author: djm@openbsd.org <djm@openbsd.org>
1223Date:   Wed Jan 11 02:13:52 2023 +0000
1224
1225    upstream: remove whitespace at EOL from code extracted from SUPERCOP
1226
1227    OpenBSD-Commit-ID: 1ec524ff2fbb9387d731601437c82008f35a60f4
1228
1229commit d888de06c5e4d7dbf2f2b85f2b5bf028c570cf78
1230Author: djm@openbsd.org <djm@openbsd.org>
1231Date:   Wed Jan 11 00:51:27 2023 +0000
1232
1233    upstream: rewrite this test to use a multiplexed ssh session so we can
1234
1235    control its lifecycle without risk of race conditions; fixes some of the
1236    Github integration tests for openssh-portable
1237
1238    OpenBSD-Regress-ID: 5451cad59ba0d43ae9eeda48ec80f54405fee969
1239
1240commit 4bcc737a35fdd9cc4af7423d6c23dfd0c7ef4786
1241Author: Damien Miller <djm@mindrot.org>
1242Date:   Wed Jan 11 11:45:17 2023 +1100
1243
1244    remove buffer len workaround for NetBSD 4.x
1245
1246    Switching to from pipes to a socketpair for communicating with the
1247    ssh process avoids the (kernel bug?) problem.
1248
1249commit f5154d2aac3e6a32a1b13dec23a701a087850cdc
1250Author: Damien Miller <djm@mindrot.org>
1251Date:   Wed Jan 11 11:44:19 2023 +1100
1252
1253    add back use of pipes in scp.c under USE_PIPES
1254
1255    This matches sftp.c which prefers socketpair but uses pipes on
1256    some older platforms.
1257
1258commit eec737b59cf13841de46134967a206607000acd4
1259Author: millert@openbsd.org <millert@openbsd.org>
1260Date:   Tue Jan 10 23:22:15 2023 +0000
1261
1262    upstream: Switch scp from using pipes to a socketpair for
1263
1264    communication with it's ssh sub-processes.  We no longer need to reserve two
1265    descriptors to ensure that we don't end up using fd 0-2 unexpectedly, that is
1266    handled by sanitise_stdfd() in main(). Based on an original diff from djm@.
1267    OK deraadt@ djm@
1268
1269    OpenBSD-Commit-ID: b80c372faac462471e955ddeab9480d668a2e48d
1270
1271commit d213d126a4a343abd3a1eb13687d39c1891fe5c8
1272Author: jmc@openbsd.org <jmc@openbsd.org>
1273Date:   Fri Jan 6 08:44:11 2023 +0000
1274
1275    upstream: tweak previous; ok djm
1276
1277    OpenBSD-Commit-ID: 229c493452766d70a78b0f02f6ff9894f9028858
1278
1279commit 4a5590a5ee47b7dfd49773e9fdba48ad3089fe64
1280Author: Damien Miller <djm@mindrot.org>
1281Date:   Mon Jan 9 16:33:56 2023 +1100
1282
1283    try to improve logging for dynamic-forward test
1284
1285    previously the logs from the ssh used to exercise the forwarding
1286    channel would clobber the logs from the ssh actually doing the
1287    forwarding
1288
1289commit 715bc25dcfccf9fb2bee820155fe071d01a618db
1290Author: Darren Tucker <dtucker@dtucker.net>
1291Date:   Sat Jan 7 23:24:50 2023 +1100
1292
1293    Skip dynamic-forward test on minix3.
1294
1295    This test relies on loopback addresses which minix does not have.
1296    Previously the test would not run at all since it also doesn't have
1297    netcat, but now we use our own netcat it tries and fails.
1298
1299commit dd1249bd5c45128a908395c61b26996a70f82205
1300Author: Damien Miller <djm@mindrot.org>
1301Date:   Sun Jan 8 12:08:59 2023 +1100
1302
1303    don't test IPv6 addresses if platform lacks support
1304
1305commit d77fc611a62f2dfee0b654c31a50a814b13310dd
1306Author: dtucker@openbsd.org <dtucker@openbsd.org>
1307Date:   Fri Jan 6 12:33:33 2023 +0000
1308
1309    upstream: When OpenSSL is not available, skip parts of percent test
1310
1311    that require it. Based on github pr#368 from ren mingshuai.
1312
1313    OpenBSD-Regress-ID: 49a375b2cf61ccb95b52e75e2e025cd10988ebb2
1314
1315commit 1cd2aac312af9172f1b5cb06c2e1cd090abb83cf
1316Author: Darren Tucker <dtucker@dtucker.net>
1317Date:   Sat Jan 7 23:01:11 2023 +1100
1318
1319    Use our own netcat for dynamic-forward test.
1320
1321    That way we can be surer about its behaviour rather than trying to
1322    second-guess the behaviour of various netcat implementations.
1323
1324commit 26cab41c05d7b0859d2a1ea5b6ed253d91848a80
1325Author: Darren Tucker <dtucker@dtucker.net>
1326Date:   Sat Jan 7 14:30:43 2023 +1100
1327
1328    Use autoconf to find openssl binary.
1329
1330    It's possible to install an OpenSSL in a path not in the system's
1331    default library search path.  OpenSSH can still use this (eg if you
1332    specify an rpath) but the openssl binary there may not work.  If one is
1333    available on the system path just use that.
1334
1335commit 5532e010a0eeb6aa264396514f9aed7948471538
1336Author: Darren Tucker <dtucker@dtucker.net>
1337Date:   Sat Jan 7 10:34:18 2023 +1100
1338
1339    Check openssl_bin path is executable before using.
1340
1341commit 5d7b16cff48598d5908db970bfdc9ff9326142c8
1342Author: Darren Tucker <dtucker@dtucker.net>
1343Date:   Fri Jan 6 23:19:07 2023 +1100
1344
1345    Set OPENSSL_BIN from OpenSSL directory.
1346
1347commit 344a0e8240eaf08da5d46a5e3a9ecad6e4f64c35
1348Author: dtucker@openbsd.org <dtucker@openbsd.org>
1349Date:   Fri Jan 6 08:50:33 2023 +0000
1350
1351    upstream: Save debug logs from ssh for debugging purposes.
1352
1353    OpenBSD-Regress-ID: 109e40b06de1c006a3b8e0d8745b790b2c5870a0
1354
1355commit e1ef172646f7f49c80807eea90225ef5e0be55a8
1356Author: djm@openbsd.org <djm@openbsd.org>
1357Date:   Fri Jan 6 08:07:39 2023 +0000
1358
1359    upstream: regression test for ChannelTimeout
1360
1361    OpenBSD-Regress-ID: 280bfbefcfa415428ad744e43f69a8dede8ad685
1362
1363commit 2393ea8daf25853459eb07a528d7577688847777
1364Author: djm@openbsd.org <djm@openbsd.org>
1365Date:   Fri Jan 6 07:18:18 2023 +0000
1366
1367    upstream: fix typo in verbose logging
1368
1369    OpenBSD-Regress-ID: 0497cdb66e003b2f50ed77291a9104fba2e017e9
1370
1371commit 161a5378a3cc2e7aa3f9674cb7f4686ae6ce9586
1372Author: djm@openbsd.org <djm@openbsd.org>
1373Date:   Fri Jan 6 02:59:50 2023 +0000
1374
1375    upstream: unit tests for misc.c:ptimeout_* API
1376
1377    OpenBSD-Regress-ID: 01f8fb12d08e5aaadd4bd4e71f456b6588be9a94
1378
1379commit 018d671d78145f03d6f07ae9d64d51321da70325
1380Author: tb@openbsd.org <tb@openbsd.org>
1381Date:   Wed Jan 4 22:48:57 2023 +0000
1382
1383    upstream: Copy bytes from the_banana[] rather than banana()
1384
1385    Fixes test failure due to segfault seen on arm64 with xonly snap.
1386
1387    ok djm
1388
1389    OpenBSD-Regress-ID: 86e2aa4bbd1dff1bc4ebb2969c0d6474485be046
1390
1391commit ab6bb69e251faa8b24f81b25c72ec0120f20cad4
1392Author: Damien Miller <djm@mindrot.org>
1393Date:   Fri Jan 6 19:13:36 2023 +1100
1394
1395    unbreak scp on NetBSD 4.x
1396
1397    e555d5cad5 effectively increased the default copy buffer size for SFTP
1398    transfers. This caused NetBSD 4.x to hang during the "copy local file to
1399    remote file in place" scp.sh regression test.
1400
1401    This puts back the original 32KB copy buffer size until we can properly
1402    figure out why.
1403
1404    lots of debugging assistance from dtucker@
1405
1406commit 2d1ff2b9431393ad99ef496d5e3b9dd0d4f5ac8c
1407Author: djm@openbsd.org <djm@openbsd.org>
1408Date:   Fri Jan 6 02:47:18 2023 +0000
1409
1410    upstream: Implement channel inactivity timeouts
1411
1412    This adds a sshd_config ChannelTimeouts directive that allows channels that
1413    have not seen traffic in a configurable interval to be automatically closed.
1414    Different timeouts may be applied to session, X11, agent and TCP forwarding
1415    channels.
1416
1417    Note: this only affects channels over an opened SSH connection and not
1418    the connection itself. Most clients close the connection when their channels
1419    go away, with a notable exception being ssh(1) in multiplexing mode.
1420
1421    ok markus dtucker
1422
1423    OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
1424
1425commit 0e34348d0bc0b1522f75d6212a53d6d1d1367980
1426Author: djm@openbsd.org <djm@openbsd.org>
1427Date:   Fri Jan 6 02:42:34 2023 +0000
1428
1429    upstream: Add channel_set_xtype()
1430
1431    This sets an "extended" channel type after channel creation (e.g.
1432    "session:subsystem:sftp") that will be used for setting channel inactivity
1433    timeouts.
1434
1435    ok markus dtucker
1436
1437    OpenBSD-Commit-ID: 42564aa92345045b4a74300528f960416a15d4ca
1438
1439commit ceedf09b2977f3a756c759a6e7eb8f8e9db86a18
1440Author: djm@openbsd.org <djm@openbsd.org>
1441Date:   Fri Jan 6 02:41:49 2023 +0000
1442
1443    upstream: tweak channel ctype names
1444
1445    These are now used by sshd_config:ChannelTimeouts to specify timeouts by
1446    channel type, so force them all to use a similar format without whitespace.
1447
1448    ok dtucker markus
1449
1450    OpenBSD-Commit-ID: 66834765bb4ae14f96d2bb981ac98a7dae361b65
1451
1452commit c60438158ad4b2f83d8504257aba1be7d0b0bb4b
1453Author: djm@openbsd.org <djm@openbsd.org>
1454Date:   Fri Jan 6 02:39:59 2023 +0000
1455
1456    upstream: Add channel_force_close()
1457
1458    This will forcibly close an open channel by simulating read/write errors,
1459    draining the IO buffers and calling the detach function.
1460
1461    Previously the detach function was only ever called during channel garbage
1462    collection, but there was no way to signal the user of a channel (e.g.
1463    session.c) that its channel was being closed deliberately (vs. by the
1464    usual state-machine logic). So this adds an extra "force" argument to the
1465    channel cleanup callback to indicate this condition.
1466
1467    ok markus dtucker
1468
1469    OpenBSD-Commit-ID: 23052707a42bdc62fda2508636e624afd466324b
1470
1471commit d478cdc7ad6edd4b1bcd1e86fb2f23194ff33d5a
1472Author: djm@openbsd.org <djm@openbsd.org>
1473Date:   Fri Jan 6 02:38:23 2023 +0000
1474
1475    upstream: replace manual poll/ppoll timeout math with ptimeout API
1476
1477    feedback markus / ok markus dtucker
1478
1479    OpenBSD-Commit-ID: c5ec4f2d52684cdb788cd9cbc1bcf89464014be2
1480
1481commit 4adf3817a24efe99b06e62630577d683c7cd8065
1482Author: djm@openbsd.org <djm@openbsd.org>
1483Date:   Fri Jan 6 02:37:04 2023 +0000
1484
1485    upstream: add ptimeout API for keeping track of poll/ppoll
1486
1487    timeouts; ok dtucker markus
1488
1489    OpenBSD-Commit-ID: 3335268ca135b3ec15a947547d7cfbb8ff929ead
1490
1491commit 8c7c69d32375d2f3ce9da0109c9bffc560842316
1492Author: djm@openbsd.org <djm@openbsd.org>
1493Date:   Thu Jan 5 05:49:13 2023 +0000
1494
1495    upstream: suppress "Connection closed" message when in quiet mode
1496
1497    OpenBSD-Commit-ID: 8a3ab7176764da55f60bfacfeae9b82d84e3908f
1498
1499commit 845ceecea2ac311b0c267f9ecbd34862e1876fc6
1500Author: djm@openbsd.org <djm@openbsd.org>
1501Date:   Mon Jan 2 07:03:57 2023 +0000
1502
1503    upstream: regression test for PermitRemoteOpen
1504
1505    OpenBSD-Regress-ID: 8271aafbf5c21950cd5bf966f08e585cebfe630c
1506
1507commit b3daa8dc582348d6ab8150bc1e571b7aa08c5388
1508Author: djm@openbsd.org <djm@openbsd.org>
1509Date:   Mon Jan 2 07:03:30 2023 +0000
1510
1511    upstream: fix bug in PermitRemoteOpen which caused it to ignore its
1512
1513    first argument unless it was one of the special keywords "any" or "none".
1514
1515    Reported by Georges Chaudy in bz3515; ok dtucker@
1516
1517    OpenBSD-Commit-ID: c5678a39f1ff79993d5ae3cfac5746a4ae148ea5
1518
1519commit 0872663a7be0301bcc3d49acdbc9b740a3d972d4
1520Author: jmc@openbsd.org <jmc@openbsd.org>
1521Date:   Mon Dec 26 19:16:03 2022 +0000
1522
1523    upstream: spelling fixes; from paul tagliamonte amendments to his
1524
1525    diff are noted on tech
1526
1527    OpenBSD-Commit-ID: d776dd03d0b882ca9c83b84f6b384f6f9bd7de4a
1528
1529commit 797da2812a71785b34890bb6eb44767a7d09cd34
1530Author: djm@openbsd.org <djm@openbsd.org>
1531Date:   Fri Dec 16 07:13:22 2022 +0000
1532
1533    upstream: Mention that scp uses the SFTP protocol and remove
1534
1535    reference to legacy flag. Spotted by, feedback and ok jmc@
1536
1537    OpenBSD-Commit-ID: 9dfe04966f52e941966b46c7a2972147f95281b3
1538
1539commit 93f2ce8c050a7a2a628646c00b40b9b53fef93ef
1540Author: djm@openbsd.org <djm@openbsd.org>
1541Date:   Fri Dec 16 06:56:47 2022 +0000
1542
1543    upstream: Clear signal mask early in main(); sshd may have been
1544
1545    started with one or more signals masked (sigprocmask(2) is not cleared
1546    on fork/exec) and this could interfere with various things, e.g. the
1547    login grace timer.
1548
1549    Execution environments that fail to clear the signal mask before running
1550    sshd are clearly broken, but apparently they do exist.
1551
1552    Reported by Sreedhar Balasubramanian; ok dtucker@
1553
1554    OpenBSD-Commit-ID: 77078c0b1c53c780269fc0c416f121d05e3010ae
1555
1556commit 4acfaabfae41badb9d334a2ee88c5c6ad041c0d5
1557Author: jmc@openbsd.org <jmc@openbsd.org>
1558Date:   Fri Dec 16 06:52:48 2022 +0000
1559
1560    upstream: add -X to usage();
1561
1562    OpenBSD-Commit-ID: 1bdc3df7de11d766587b0428318336dbffe4a9d0
1563
1564commit e555d5cad5afae7d5ef2bbc02ca591178fe16fed
1565Author: djm@openbsd.org <djm@openbsd.org>
1566Date:   Fri Dec 16 03:40:03 2022 +0000
1567
1568    upstream: add a -X option to both scp(1) and sftp(1) to allow
1569
1570    control over some SFTP protocol knobs: the copy buffer length and
1571    the number of inflight requests, both of which are used during
1572    upload/download.
1573
1574    Previously these could be controlled in sftp(1) using the -b/-R options.
1575    This makes them available in both SFTP protocol clients using the same
1576    option character sequence.
1577
1578    ok dtucker@
1579
1580    OpenBSD-Commit-ID: 27502bffc589776f5da1f31df8cb51abe9a15f1c
1581
1582commit 5a7a7acab2f466dc1d7467b5d05d35268c3137aa
1583Author: deraadt@openbsd.org <deraadt@openbsd.org>
1584Date:   Thu Dec 15 18:20:39 2022 +0000
1585
1586    upstream: The idiomatic way of coping with signed char vs unsigned
1587
1588    char (which did not come from stdio read functions) in the presence of
1589    ctype macros, is to always cast to (unsigned char).  casting to (int)
1590    for a "macro" which is documented to take int, is weird.  And sadly wrong,
1591    because of the sing extension risk.. same diff from florian
1592
1593    OpenBSD-Commit-ID: 65b9a49a68e22ff3a0ebd593f363e9f22dd73fea
1594
1595commit b0b58222c7cc62efd8212c4fb65a545f58ebb22d
1596Author: Darren Tucker <dtucker@dtucker.net>
1597Date:   Mon Dec 19 18:49:51 2022 +1100
1598
1599    Simply handling of SSH_CONNECTION PAM env var.
1600
1601    Prompted by bz#3508: there's no need to cache the value of
1602    sshpam_conninfo so remove the global.  While there, add check of
1603    return value from pam_putenv.  ok djm@
1604
1605commit ed8444572ae684fdb892f97bae342c6cb6456f04
1606Author: Darren Tucker <dtucker@dtucker.net>
1607Date:   Mon Dec 19 18:42:34 2022 +1100
1608
1609    Add tests for LibreSSL 3.7.0 and OpenSSL 1.1.1s.
1610
1611commit abb9a8aaddfcacbd12641f6e4f203da0fa85a287
1612Author: Darren Tucker <dtucker@dtucker.net>
1613Date:   Sun Dec 18 21:36:25 2022 +1100
1614
1615    Use sudo when resetting perms on directories.
1616
1617commit 2f5664c5908d84697cbe91302d5d5c4d83cb2121
1618Author: Darren Tucker <dtucker@dtucker.net>
1619Date:   Sun Dec 18 21:19:33 2022 +1100
1620
1621    Set group perms on regress dir.
1622
1623    This ensures that the tests don't fail due to StrictMode checks.
1624
1625commit 137196300fc1540affadde880210f02ba6cb4abf
1626Author: Darren Tucker <dtucker@dtucker.net>
1627Date:   Sun Dec 18 21:13:42 2022 +1100
1628
1629    Fetch regress logs from obj dir.
1630
1631commit 5f93c4836527d9fda05de8944a1c7b4a205080c7
1632Author: Darren Tucker <dtucker@dtucker.net>
1633Date:   Tue Dec 13 20:59:54 2022 +1100
1634
1635    obsdsnap test VMs runs-on libvirt too.
1636
1637commit 8386886fb1ab7fda73069fb0db1dbe0e5a52f758
1638Author: Darren Tucker <dtucker@dtucker.net>
1639Date:   Tue Dec 13 20:55:37 2022 +1100
1640
1641    Run upstream obsdsnap tests on ephemeral runners.
1642
1643commit b6e01459b55ece85d7f296b2bc719d1841e1009e
1644Author: Darren Tucker <dtucker@dtucker.net>
1645Date:   Tue Dec 13 20:48:56 2022 +1100
1646
1647    Move obsdsnap test VMs to ephemeral runners.
1648
1649commit ea6fdf9a1aa71a411f7db218a986392c4fb55693
1650Author: Damien Miller <djm@mindrot.org>
1651Date:   Fri Dec 9 18:00:21 2022 +1100
1652
1653    use calloc for allocating arc4random structs
1654
1655    ok dtucker
1656
1657commit 4403b62f5548e91389cb3339d26a9d0c4bb07b34
1658Author: dtucker@openbsd.org <dtucker@openbsd.org>
1659Date:   Fri Dec 9 00:22:29 2022 +0000
1660
1661    upstream: Warn if no host keys for hostbased auth can be loaded.
1662
1663    OpenBSD-Commit-ID: 2a0a13132000cf8d3593133c1b49768aa3c95977
1664
1665commit a6183e25e3f1842e21999fe88bc40bb99b121dc3
1666Author: dtucker@openbsd.org <dtucker@openbsd.org>
1667Date:   Fri Dec 9 00:17:40 2022 +0000
1668
1669    upstream: Add server debugging for hostbased auth.
1670
1671    auth_debug_add queues messages about the auth process which is sent to
1672    the client after successful authentication.  This also sends those to
1673    the server debug log to aid in debugging.  From bz#3507, ok djm@
1674
1675    OpenBSD-Commit-ID: 46ff67518cccf9caf47e06393e2a121ee5aa258a
1676
1677commit b85c3581c16aaf6e83b9a797c80705a56b1f312e
1678Author: cheloha@openbsd.org <cheloha@openbsd.org>
1679Date:   Sun Dec 4 23:50:49 2022 +0000
1680
1681    upstream: remove '?' from getopt(3) loops
1682
1683    userspace: remove vestigial '?' cases from top-level getopt(3) loops
1684
1685    getopt(3) returns '?' when it encounters a flag not present in the in
1686    the optstring or if a flag is missing its option argument.  We can
1687    handle this case with the "default" failure case with no loss of
1688    legibility.  Hence, remove all the redundant "case '?':" lines.
1689
1690    Prompted by dlg@.  With help from dlg@ and millert@.
1691
1692    Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2
1693
1694    ok naddy@ millert@ dlg@
1695
1696    OpenBSD-Commit-ID: b2f89346538ce4f5b33ab8011a23e0626a67e66e
1697
1698commit 9a067e8d28a2249fd73f004961e30c113ee85e5d
1699Author: dtucker@openbsd.org <dtucker@openbsd.org>
1700Date:   Wed Dec 7 11:45:43 2022 +0000
1701
1702    upstream: Fix comment typo.
1703
1704    OpenBSD-Regress-ID: 3b04faced6511bb5e74648c6a4ef4bf2c4decf03
1705
1706commit ce3c3e78ce45d68a82c7c8dc89895f297a67f225
1707Author: Darren Tucker <dtucker@dtucker.net>
1708Date:   Wed Dec 7 18:58:25 2022 +1100
1709
1710    Add SANDBOX_DEBUG to the kitchensink test build.
1711
1712commit bc234605fa3eb10f56bf0d74c8ecb0d91ada9d05
1713Author: Damien Miller <djm@mindrot.org>
1714Date:   Wed Dec 7 18:38:25 2022 +1100
1715
1716    disable SANDBOX_SECCOMP_FILTER_DEBUG
1717
1718    It was mistakenly enabled in 2580916e4872
1719
1720    Reported by Peter sec-openssh-com.22.fichtner AT 0sg.net
1721
1722commit b087c5cfa011b27992e01589314fec830266f99d
1723Author: Rose <83477269+AtariDreams@users.noreply.github.com>
1724Date:   Tue Nov 29 15:12:54 2022 -0500
1725
1726    Update autotools
1727
1728    Regenerate config files using latest autotools
1729
1730commit d63f5494978a185c7421d492b9c2f6f05bb54138
1731Author: Darren Tucker <dtucker@dtucker.net>
1732Date:   Tue Dec 6 12:22:36 2022 +1100
1733
1734    Fix typo in comment.  Spotted by tim@
1735
1736commit 73dcca12115aa12ed0d123b914d473c384e52651
1737Author: dtucker@openbsd.org <dtucker@openbsd.org>
1738Date:   Sun Dec 4 11:03:11 2022 +0000
1739
1740    upstream: Remove duplicate includes.
1741
1742     Patch from AtariDreams via github PR#364.
1743
1744    OpenBSD-Commit-ID: b9186638a05cb8b56ef7c0de521922b6723644ea
1745
1746commit 3cec15543010bc8d6997d896b1717a650afb7e92
1747Author: djm@openbsd.org <djm@openbsd.org>
1748Date:   Fri Dec 2 04:40:27 2022 +0000
1749
1750    upstream: make struct sshbuf private
1751
1752    and remove an unused field; ok dtucker
1753
1754    OpenBSD-Commit-ID: c7a3d77c0b8c153d463398606a8d57569186a0c3
1755
1756commit 5796bf8ca9535f9fa7d01829a540d2550e05c860
1757Author: Darren Tucker <dtucker@dtucker.net>
1758Date:   Fri Dec 2 11:43:36 2022 +1100
1759
1760    Restore ssh-agent permissions on exit.
1761
1762    ...enough that subsequent builds can overwrite ssh-agent if necessary.
1763
1764commit ccf5a13868cbb4659107458cac1e017c98abcbda
1765Author: dtucker@openbsd.org <dtucker@openbsd.org>
1766Date:   Thu Dec 1 02:22:13 2022 +0000
1767
1768    upstream: Clean up ssh-add and ssh-agent logs.
1769
1770    OpenBSD-Regress-ID: 9eda8e4c3714d7f943ab2e73ed58a233bd29cd2c
1771
1772commit 7a8b40cf6a5eda80173140cc6750a6db8412fa87
1773Author: dtucker@openbsd.org <dtucker@openbsd.org>
1774Date:   Thu Dec 1 02:19:29 2022 +0000
1775
1776    upstream: Log output of ssh-agent and ssh-add
1777
1778    This should  make debugging easier.
1779
1780    OpenBSD-Regress-ID: 5974b02651f428d7e1079b41304c498ca7e306c8
1781
1782commit 4a1805d532616233dd6072e5cd273b96dd3062e6
1783Author: dtucker@openbsd.org <dtucker@openbsd.org>
1784Date:   Tue Nov 29 22:41:14 2022 +0000
1785
1786    upstream: Add void to client_repledge args to fix compiler warning. ok djm@
1787
1788    OpenBSD-Commit-ID: 7e964a641ce4a0a0a11f047953b29929d7a4b866
1789
1790commit 815c4704930aa449edf6e812e99d69e9ffd31f01
1791Author: djm@openbsd.org <djm@openbsd.org>
1792Date:   Mon Nov 28 01:38:22 2022 +0000
1793
1794    upstream: tighten pledge(2) after session establishment
1795
1796    feedback, ok & testing in snaps deraadt@
1797
1798    OpenBSD-Commit-ID: aecf4d49d28586dfbcc74328d9333398fef9eb58
1799
1800commit f7cebbbf407d772ed71403d314343766782fe540
1801Author: djm@openbsd.org <djm@openbsd.org>
1802Date:   Mon Nov 28 01:37:36 2022 +0000
1803
1804    upstream: New EnableEscapeCommandline ssh_config(5) option
1805
1806    This option (default "no") controls whether the ~C escape is available.
1807    Turning it off by default means we will soon be able to use a stricter
1808    default pledge(2) in the client.
1809
1810    feedback deraadt@ dtucker@; tested in snaps for a while
1811
1812    OpenBSD-Commit-ID: 7e277595d60acb8263118dcb66554472257b387a
1813
1814commit d323f7ecf52e3d4ec1f4939bf31693e02f891dca
1815Author: mbuhl@openbsd.org <mbuhl@openbsd.org>
1816Date:   Fri Nov 18 19:47:40 2022 +0000
1817
1818    upstream: In channel_request_remote_forwarding the parameters for
1819
1820    permission_set_add are leaked as they are also duplicated in the call. Found
1821    by CodeChecker. ok djm
1822
1823    OpenBSD-Commit-ID: 4aef50fa9be7c0b138188814c8fe3dccc196f61e
1824
1825commit 62cc33e6eed847aafdc29e34aa69e9bd82a0ee16
1826Author: Darren Tucker <dtucker@dtucker.net>
1827Date:   Wed Nov 30 11:23:11 2022 +1100
1828
1829    Use -fzero-call-used-regs=used on clang 15.
1830
1831    clang 15 seems to have a problem with -fzero-call-used-reg=all which
1832    causes spurious "incorrect signature" failures with ED25519.  On those
1833    versions, use -fzero-call-used-regs=used instead.  (We may add exceptions
1834    later if specific versions prove to be OK).  Also move the GCC version
1835    check to match.
1836
1837    Initial investigation by Daniel Pouzzner (douzzer at mega nu), workaround
1838    suggested by Bill Wendling (morbo at google com).  bz#3475, ok djm@
1839
1840commit f84b9cffd52c9c5c359a54a1929f9948e803ab1d
1841Author: Darren Tucker <dtucker@dtucker.net>
1842Date:   Mon Nov 28 21:09:28 2022 +1100
1843
1844    Skip unit tests on slow riscv64 hardware.
1845
1846commit 9f2747e0bed3faca92679eae69aef10c95dc82f5
1847Author: Darren Tucker <dtucker@dtucker.net>
1848Date:   Sun Nov 27 15:26:22 2022 +1100
1849
1850    Rework how selfhosted tests interact with runners.
1851
1852    Previously there was one runner per test target (mostly VMs).  This had
1853    a few limitations:
1854     - multiple tests that ran on the same target (eg multiple build
1855       configs) were serialized on availability or that runner.
1856     - it needed manual balancing of VMs over host machines.
1857
1858    To address this, make VMs that use ephemeral disks (ie most of them)
1859    all use a pool of runners with the "libvirt" label.  This requires that
1860    we distinguish between "host" and "target" for those.  Native runners
1861    and VMs with persistent disks (eg the constantly-updated snapshot ones)
1862    specify the same host and target.
1863
1864    This should improve test throughput.
1865
1866commit d664ddaec87bdc7385be8ef7f1337793e1679d48
1867Author: Darren Tucker <dtucker@dtucker.net>
1868Date:   Sun Nov 27 12:19:37 2022 +1100
1869
1870    Run vmstartup from temp dir.
1871
1872    This will allow us to create ephemeral disk images per-runner.
1873
1874commit 0fa16e952b1fc1c4cf65e3dd138b0e87003e2e45
1875Author: Darren Tucker <dtucker@dtucker.net>
1876Date:   Sun Nov 27 12:14:00 2022 +1100
1877
1878    Make "config" in matrix singular and pass in env.
1879
1880    This will allow the startup scripts to adapt their behaviour based on
1881    the type and config.
1882
1883commit e8857043af54809187be1e8b06749db61112899f
1884Author: Darren Tucker <dtucker@dtucker.net>
1885Date:   Sun Nov 27 11:42:22 2022 +1100
1886
1887    Add "libvirt" label to dfly30.
1888
1889commit 9775473d84902dc37753686cd10ae71fbe67efda
1890Author: Darren Tucker <dtucker@dtucker.net>
1891Date:   Sun Nov 27 09:28:20 2022 +1100
1892
1893    Rename "os" in matrix to "target".
1894
1895    This is in preparation to distinguish this from the host that the runner
1896    runs on in case where they are separate (eg VMs).
1897
1898commit 04fd00ceff39f4544ced6f5342060abe584835d0
1899Author: Darren Tucker <dtucker@dtucker.net>
1900Date:   Sun Nov 27 09:23:04 2022 +1100
1901
1902    Remove unused self-hosted test targets.
1903
1904commit c9d9fcad2a11c1cd1550a541f44091d65f0b5584
1905Author: Darren Tucker <dtucker@dtucker.net>
1906Date:   Sun Nov 27 09:16:15 2022 +1100
1907
1908    Remove explicit "default" test config argument.
1909
1910    Not specifying the test config implicitly selects default args.
1911
1912commit 15a01cf15f396f87c6d221c5a6af98331c818962
1913Author: Darren Tucker <dtucker@dtucker.net>
1914Date:   Wed Nov 23 13:18:54 2022 +1100
1915
1916    Add fallback for old platforms w/out MAP_ANON.
1917
1918commit 6b9bbbfe8b26db6e9a30a7e08c223e85421aed98
1919Author: Darren Tucker <dtucker@dtucker.net>
1920Date:   Wed Nov 23 13:09:11 2022 +1100
1921
1922    If we haven't found it yet, recheck for sys/stat.h.
1923
1924    On some very old platforms, sys/stat.h needs sys/types.h, however
1925    autoconf 2.71's AC_CHECK_INCLUDES_DEFAULT checks for them in the
1926    opposite order, which in combination with modern autoconf's
1927    "present but cannot be compiled" behaviour causes it to not be
1928    detected.
1929
1930commit 8926956f22639132a9f2433fcd25224e01b900f5
1931Author: Darren Tucker <dtucker@dtucker.net>
1932Date:   Fri Nov 11 11:25:37 2022 +1100
1933
1934    Add dfly62 test target.
1935
1936commit 650de7ecd3567b5a5dbf16dd1eb598bd8c20bca8
1937Author: dtucker@openbsd.org <dtucker@openbsd.org>
1938Date:   Thu Nov 10 23:03:10 2022 +0000
1939
1940    upstream: Handle dynamic remote port forwarding in escape commandline's
1941
1942    -R processing. bz#3499, ok djm@
1943
1944    OpenBSD-Commit-ID: 194ee4cfe7ed0e2b8ad0727f493c798a50454208
1945
1946commit 5372db7e7985ba2c00f20fdff8942145ca99e033
1947Author: Darren Tucker <dtucker@dtucker.net>
1948Date:   Thu Nov 10 12:44:51 2022 +1100
1949
1950    Remove seed passing over reexec.
1951
1952    This was added for the benefit of platforms using ssh-rand-helper to
1953    prevent a delay on each connection as sshd reseeded itself.
1954
1955    ssh-random-helper is long gone, and since the re-exec happens before the
1956    chroot the re-execed sshd can reseed itself normally. ok djm@
1957
1958commit ca98d3f8c64cfc51af81e1b01c36a919d5947ec2
1959Author: Darren Tucker <dtucker@dtucker.net>
1960Date:   Wed Nov 9 20:59:20 2022 +1100
1961
1962    Skip reexec test on OpenSSL 1.1.1 specifically.
1963
1964    OpenSSL 1.1.1 has a bug in its RNG that breaks reexec fallback, so skip
1965    that test.  See bz#3483 for details.
1966
1967commit 5ec4ebc2548e5f7f1b55b2a5cef5b67bdca8146f
1968Author: dtucker@openbsd.org <dtucker@openbsd.org>
1969Date:   Wed Nov 9 09:04:12 2022 +0000
1970
1971    upstream: Fix typo in fatal error message.
1972
1973    Patch from vapier at chromium.org.
1974
1975    OpenBSD-Commit-ID: 8a0c164a6a25eef0eedfc30df95bfa27644e35cf
1976
1977commit e6abafe9a6d809422d3432b95b3f9747b0acaa71
1978Author: dtucker@openbsd.org <dtucker@openbsd.org>
1979Date:   Wed Nov 9 09:01:52 2022 +0000
1980
1981    upstream: Remove errant colon and simplify format
1982
1983    string in error messages. Patch from vapier at chromium.org.
1984
1985    OpenBSD-Commit-ID: fc28466ebc7b74e0072331947a89bdd239c160d3
1986
1987commit db2027a687516f87c3fb141e87154bb3d8a7807c
1988Author: djm@openbsd.org <djm@openbsd.org>
1989Date:   Wed Nov 9 01:37:44 2022 +0000
1990
1991    upstream: rename client_global_hostkeys_private_confirm() to
1992
1993    client_global_hostkeys_prove_confirm(), as it handles the
1994    "hostkeys-prove00@openssh.com" message; no functional change
1995
1996    OpenBSD-Commit-ID: 31e09bd3cca6eed26855b88fb8beed18e9bd026d
1997
1998commit 1c2be7c2004cf1abcd172fee9fe3eab57cd4c426
1999Author: djm@openbsd.org <djm@openbsd.org>
2000Date:   Wed Nov 9 00:15:59 2022 +0000
2001
2002    upstream: typo in comment
2003
2004    OpenBSD-Commit-ID: 39c58f41e0f32d1ff31731fa6f5bbbc3ad25084a
2005
2006commit cf1a9852d7fc93e4abc4168aed09529a57427cdc
2007Author: Darren Tucker <dtucker@dtucker.net>
2008Date:   Wed Nov 9 09:23:47 2022 +1100
2009
2010    Defer seed_rng until after closefrom call.
2011
2012    seed_rng will initialize OpenSSL, and some engine providers (eg Intel's
2013    QAT) will open descriptors for their own use.  bz#3483, patch from
2014    joel.d.schuetze at intel.com, ok djm@
2015
2016commit dffa64480163fbf76af7e4fb62c26bb0dd6642aa
2017Author: Darren Tucker <dtucker@dtucker.net>
2018Date:   Wed Nov 9 08:27:47 2022 +1100
2019
2020    Fix comment text.  From emaste at freebsd.org.
2021
2022commit d9df5689c29823ab830ec4f54c83c6cc3c0077ad
2023Author: Pierre Ossman <ossman@cendio.se>
2024Date:   Wed Jul 6 13:52:10 2022 +0200
2025
2026    Avoid assuming layout of fd_set
2027
2028    POSIX doesn't specify the internal layout of the fd_set object, so let's
2029    not assume it is just a bit mask. This increases compatibility with
2030    systems that have a different layout.
2031
2032    The assumption is also worthless as we already refuse to use file
2033    descriptors over FD_SETSIZE anyway. Meaning that the default size of
2034    fd_set is quite sufficient.
2035
2036commit 419aa8a312e8d8f491933ca3d5933e602cb05aae
2037Author: Darren Tucker <dtucker@dtucker.net>
2038Date:   Tue Nov 8 12:42:52 2022 +1100
2039
2040    Shutdown any VM before trying to check out repo.
2041
2042    In the case where the previous run did not clean up, the checkout will
2043    fail as it'll leave a stale mount.
2044
2045commit a32c07cbb78f65d8527642b96474a83b413f8108
2046Author: Darren Tucker <dtucker@dtucker.net>
2047Date:   Tue Nov 8 11:33:25 2022 +1100
2048
2049    Run vm startup and shutdown from runner temp dir.
2050
2051    Should work even if the github workspace dir is on a stale sshfs mount.
2052
2053commit 2b40a7dfcdb8e616155b9504145aa52b271455aa
2054Author: Darren Tucker <dtucker@dtucker.net>
2055Date:   Tue Nov 8 11:03:31 2022 +1100
2056
2057    Add valrind-5 test here too.
2058
2059commit 2ea03d1f6d0a05ee2b63ed2dc0f2d54f1e4655a1
2060Author: Darren Tucker <dtucker@dtucker.net>
2061Date:   Tue Nov 8 09:21:10 2022 +1100
2062
2063    Update checkout and upload actions.
2064
2065    Update actions/checkout and actions/upload-artifact to main branch for
2066    compatibility with node.js v16.
2067
2068commit 4e316ff0f18a118232bb9ac6512ee62773a9e8ea
2069Author: Darren Tucker <dtucker@dtucker.net>
2070Date:   Tue Nov 8 09:17:04 2022 +1100
2071
2072    Split out rekey test since it runs the longest.
2073
2074commit 21625a6424258a92a96a3bb73ae6aabc5ed8a6b4
2075Author: dtucker@openbsd.org <dtucker@openbsd.org>
2076Date:   Mon Nov 7 10:09:28 2022 +0000
2077
2078    upstream: The IdentityFile option in ssh_config can also be used to
2079
2080    specify a public key file, as documented in ssh.1 for the -i option. Document
2081    this also for IdentityFile in ssh_config.5, for documentation completeness.
2082    From laalsaas at systemli.org via portable github PR#352, ok jmc@ djm@
2083
2084    OpenBSD-Commit-ID: 2f943be9f96e60ef81a9a4faa25b009999f9883b
2085
2086commit 747691604d3325ed2b62bad85b6fd8563ad32f6c
2087Author: dtucker@openbsd.org <dtucker@openbsd.org>
2088Date:   Mon Nov 7 10:05:38 2022 +0000
2089
2090    upstream: Remove some set but otherwise unused variables, spotted
2091
2092    in -portable by clang 16's -Wunused-but-set-variable.  ok djm@
2093
2094    OpenBSD-Commit-ID: 3d943ddf2369b38fbf89f5f19728e7dc1daf3982
2095
2096commit 1d78d25653805aefc7a8dd9d86cd7359ada3823c
2097Author: dtucker@openbsd.org <dtucker@openbsd.org>
2098Date:   Mon Nov 7 10:02:59 2022 +0000
2099
2100    upstream: Check for and disallow MaxStartups values less than or
2101
2102    equal to zero during config parsing, rather than faling later at runtime.
2103    bz#3489, ok djm@
2104
2105    OpenBSD-Commit-ID: d79c2b7a8601eb9be493629a91245d761154308b
2106
2107commit a00f59a645072e5f5a8d207af15916a7b23e2642
2108Author: djm@openbsd.org <djm@openbsd.org>
2109Date:   Mon Nov 7 04:04:40 2022 +0000
2110
2111    upstream: fix parsing of hex cert expiry time; was checking whether the
2112
2113    start time began with "0x", not the expiry time.
2114
2115    from Ed Maste
2116
2117    OpenBSD-Commit-ID: 6269242c3e1a130b47c92cfca4d661df15f05739
2118
2119commit f58acaf8c7315483f4ac87d46a1aa2142a713cd8
2120Author: Darren Tucker <dtucker@dtucker.net>
2121Date:   Mon Nov 7 15:10:59 2022 +1100
2122
2123    Fix merge conflict.
2124
2125commit 162e5741020a8d996c0c12b988b118e71ed728e6
2126Author: Darren Tucker <dtucker@dtucker.net>
2127Date:   Mon Nov 7 15:04:33 2022 +1100
2128
2129    Branch-specific links for master status badges.
2130
2131commit e4b7c12ab24579312aa3ed38ce7041a439ec2d56
2132Author: Darren Tucker <dtucker@dtucker.net>
2133Date:   Mon Nov 7 14:46:38 2022 +1100
2134
2135    Add CIFuzz status badge.
2136
2137commit b496b9f831acd1e5bcd875e26e797488beef494a
2138Author: Darren Tucker <dtucker@dtucker.net>
2139Date:   Mon Nov 7 14:45:16 2022 +1100
2140
2141    Do not run CIFuzz on selfhosted tree.
2142
2143    We already run it on the regular tree, no need to double up.
2144
2145commit 2138b1c4ddb300129a41a5104627b0d561184c7b
2146Author: Darren Tucker <dtucker@dtucker.net>
2147Date:   Mon Nov 7 14:41:58 2022 +1100
2148
2149    Whitespace change to trigger CIFuzz workflow.
2150
2151commit 4670b97ef87c7b0f21283c9b07c7191be88dda05
2152Author: Darren Tucker <dtucker@dtucker.net>
2153Date:   Mon Nov 7 14:34:04 2022 +1100
2154
2155    Run cifuzz workflow on the actions as regular CI.
2156
2157commit 79391e66ce851ace1baf3c6a35e83a23f08ec2ba
2158Author: David Korczynski <david@adalogics.com>
2159Date:   Tue Nov 30 11:45:20 2021 +0000
2160
2161    Add CIFuzz integration
2162
2163commit c1893364a0be243270014d7d34362a8101d55112
2164Author: dtucker@openbsd.org <dtucker@openbsd.org>
2165Date:   Mon Nov 7 02:21:22 2022 +0000
2166
2167    upstream: Import regenerated moduli.
2168
2169    OpenBSD-Commit-ID: b0e54ee4d703bd6929bbc624068666a7a42ecb1f
2170
2171commit 5c3f18fb994ef27e685b205ee2351851b80fdbd1
2172Author: dtucker@openbsd.org <dtucker@openbsd.org>
2173Date:   Mon Nov 7 01:53:01 2022 +0000
2174
2175    upstream: Fix typo. From pablomh via -portable github PR#344.
2176
2177    OpenBSD-Commit-ID: d056ee2e73691dc3ecdb44a6de68e6b88cd93827
2178
2179commit e1c6fcc142066417c9832e634463faa3dd5d116c
2180Author: Darren Tucker <dtucker@dtucker.net>
2181Date:   Mon Nov 7 12:46:58 2022 +1100
2182
2183    Link to branch-specific queries for V_9_1 status.
2184
2185commit 4f4a5fad6d8892c3f8ee9cd81ec7de6458210c9f
2186Author: Darren Tucker <dtucker@dtucker.net>
2187Date:   Sun Nov 6 10:55:59 2022 +1100
2188
2189    Use "prohibit-password" in -portable comments.
2190
2191    "without-password" is the deprecated alias for "prohibit-password",
2192    so we should reference the latter. From emaste at freebsd.org.
2193
2194commit 0f7e1eba55259ec037f515000b4c4afbf446230a
2195Author: Darren Tucker <dtucker@dtucker.net>
2196Date:   Sun Nov 6 10:50:01 2022 +1100
2197
2198    Fix tracing disable on FreeBSD.
2199
2200    Some versions of FreeBSD do not support using id 0 to refer to the
2201    current pid for procctl, so pass getpid() explicitly.  From
2202    emaste at freebsd.org.
2203
2204commit 32fddb982fd61b11a2f218a115975a87ab126d43
2205Author: Darren Tucker <dtucker@dtucker.net>
2206Date:   Mon Nov 7 10:39:01 2022 +1100
2207
2208    Fix setres*id checks to work with clang-16.
2209
2210    glibc has the prototypes for setresuid and setresgid behind _GNU_SOURCE,
2211    and clang 16 will error out on implicit function definitions, so add
2212    _GNU_SOURCE and the required headers to the configure checks.  From
2213    sam at @gentoo.org via bz#3497.
2214
2215commit 12af712d116f42164bcfa56db901d06e4fa27199
2216Author: Sam James <sam@gentoo.org>
2217Date:   Sun Nov 6 04:52:38 2022 +0000
2218
2219    configure.ac: Fix -Wstrict-prototypes
2220
2221    Clang 16 now warns on this and it'll be removed in C23, so let's
2222    just be future proof. It also reduces noise when doing general
2223    Clang 16 porting work (which is a big job as it is).  github PR#355.
2224
2225    Signed-off-by: Sam James <sam@gentoo.org>
2226
2227commit 40b0a5eb6e3edfa2886b60c09c7803353b0cc7f5
2228Author: Sam James <sam@gentoo.org>
2229Date:   Sun Nov 6 04:47:35 2022 +0000
2230
2231    configure.ac: Add <pty.h> include for openpty
2232
2233    Another Clang 16ish fix (which makes -Wimplicit-function-declaration
2234    an error by default).  github PR#355.
2235
2236    See: 2efd71da49b9cfeab7987058cf5919e473ff466b
2237    See: be197635329feb839865fdc738e34e24afd1fca8
2238
2239commit 6b17e128879ec6cc32ca2c28b5d894b4aa72e32d
2240Author: Rochdi Nassah <rochdinassah.1998@gmail.com>
2241Date:   Fri Oct 28 01:26:31 2022 +0100
2242
2243    Fix broken zlib link.
2244
2245commit 99500df246ccb736ddbdd04160dcc82165d81a77
2246Author: Darren Tucker <dtucker@dtucker.net>
2247Date:   Fri Nov 4 16:59:26 2022 +1100
2248
2249    Don't run openbsd-compat tests on Cygwin.
2250
2251    Add "compat-tests" to the default TEST_TARGET so we can override as
2252    necessary.  Override TEST_TARGET for Cygwin as the tests don't currently
2253    compile there.
2254
2255commit 3cae9f92a31897409666aa1e6f696f779759332b
2256Author: djm@openbsd.org <djm@openbsd.org>
2257Date:   Thu Nov 3 21:59:20 2022 +0000
2258
2259    upstream: replace recently-added valid_domain() check for hostnames
2260
2261    going to known_hosts with a more relaxed check for bad characters; previous
2262    commit broke address literals. Reported by/feedback from florian@
2263
2264    OpenBSD-Commit-ID: 10b86dc6a4b206adaa0c11b58b6d5933898d43e0
2265
2266commit 9655217231c9056200bea7ae2dffcc9c0c3eb265
2267Author: Darren Tucker <dtucker@dtucker.net>
2268Date:   Thu Nov 3 23:07:50 2022 +1100
2269
2270    Rerun tests on changes to Makefile.in in any dir.
2271
2272commit 3500f0405a3ab16b59a26f3508c4257a3fc3bce6
2273Author: Darren Tucker <dtucker@dtucker.net>
2274Date:   Thu Nov 3 23:04:08 2022 +1100
2275
2276    Link libssh into compat tests.
2277
2278    The cygwin compat code uses xmalloc, so add libssh.a so pick up that.
2279
2280commit ec59effcf65b8a4c85d47ff5a271123259dd0ab8
2281Author: Darren Tucker <dtucker@dtucker.net>
2282Date:   Thu Nov 3 21:44:23 2022 +1100
2283
2284    Fix compat regress to work with non-GNU make.
2285
2286commit 73550a218e7dfbbd599534cbf856309bc924f6fd
2287Author: Darren Tucker <dtucker@dtucker.net>
2288Date:   Thu Nov 3 13:41:16 2022 +1100
2289
2290    Increase selfhosted job timeout.
2291
2292    The default job timeout of 360 (6h) is not enough to complete the
2293    regress tests for some of the slow VMs depending on the load on the host.
2294    Increase to 600 (10h).
2295
2296commit db97d8d0b90c6ce52b94b153d6f8f5f7d3b11777
2297Author: Darren Tucker <dtucker@dtucker.net>
2298Date:   Thu Nov 3 10:00:43 2022 +1100
2299
2300    Only run opensslver tests if built with OpenSSL.
2301
2302commit ba053709638dff2f6603df0c1f340352261d63ea
2303Author: Darren Tucker <dtucker@dtucker.net>
2304Date:   Wed Nov 2 14:16:04 2022 +1100
2305
2306    Add tests for OpenSSL 3.0.7 and LibreSSL 3.6.1.
2307
2308commit edd24101c7e17d1a8f6576e1aaf62233b47ad6f5
2309Author: Darren Tucker <dtucker@dtucker.net>
2310Date:   Thu Nov 3 08:17:39 2022 +1100
2311
2312    Run compat regress tests too.
2313
2314commit fe88d67e7599b0bc73f6e4524add28d743e7f977
2315Author: Darren Tucker <dtucker@dtucker.net>
2316Date:   Thu Nov 3 08:14:05 2022 +1100
2317
2318    Compat tests need libcrypto.
2319
2320    This was moved to CHANNELLIBS during the libs refactor.  Spotted by
2321    rapier at psc.edu.
2322
2323commit 96b519726b7944eee3c23a54eee3d5c031ba1533
2324Author: Darren Tucker <dtucker@dtucker.net>
2325Date:   Thu Nov 3 04:24:39 2022 +1100
2326
2327    Include time.h when defining timegm.
2328
2329    Fixes build on some platforms eg recent AIX.
2330
2331commit da6038bd5cd55eb212eb2aec1fc8ae79bbf76156
2332Author: Darren Tucker <dtucker@dtucker.net>
2333Date:   Tue Nov 1 19:10:30 2022 +1100
2334
2335    Always use compat getentropy.
2336
2337    Have it call native getentropy and fall back as required.  Should fix
2338    issues of platforms where libc has getentropy but it is not implemented
2339    in the kernel.  Based on github PR#354 from simsergey.
2340
2341commit 5ebe18cab6be3247b44c807ac145164010465b82
2342Author: Darren Tucker <dtucker@dtucker.net>
2343Date:   Wed Nov 2 10:51:48 2022 +1100
2344
2345    Check for sockaddr_in.sin_len.
2346
2347    If found, set SOCK_HAS_LEN which is used in addr.c.  Should fix keyscan
2348    tests on platforms with this (eg old NetBSD).
2349
2350commit a1febadf426536612c2734168d409147c392e7cf
2351Author: dtucker@openbsd.org <dtucker@openbsd.org>
2352Date:   Sun Oct 30 18:42:07 2022 +0000
2353
2354    upstream: Use variable for diff options
2355
2356    instead of unconditionally specifying "-rN". This will make life easier
2357    in -portable where not all diff's understand -N.
2358
2359    OpenBSD-Regress-ID: 8b8a407115546be1c6d72d350b1e4f1f960d3cd3
2360
2361commit f6d3ed9a8a9280cbb68d6a499850cfe810e92bd0
2362Author: Darren Tucker <dtucker@dtucker.net>
2363Date:   Mon Oct 31 05:13:02 2022 +1100
2364
2365    OpenSSL dev branch is 302 not 320.
2366
2367    While there, also accept 301 which it shat it was previously.
2368
2369commit 25c8a2bbcc10c493d27faea57c42a6bf13fa51f2
2370Author: djm@openbsd.org <djm@openbsd.org>
2371Date:   Fri Oct 28 02:47:04 2022 +0000
2372
2373    upstream: put sshkey_check_rsa_length() back in sshkey.c to unbreak
2374
2375    OPENSSL=no builds
2376
2377    OpenBSD-Commit-ID: 99eec58abe382ecd14b14043b195ee1babb9cf6e
2378
2379commit 1192588546c29ceec10775125f396555ea71850f
2380Author: djm@openbsd.org <djm@openbsd.org>
2381Date:   Fri Oct 28 02:29:34 2022 +0000
2382
2383    upstream: allow ssh-keyscan(1) to accept CIDR address ranges, e.g.
2384
2385    ssh-keyscan 192.168.0.0/24
2386
2387    If a CIDR range is passed, then it will be expanded to all possible
2388    addresses in the range including the all-0s and all-1s addresses.
2389
2390    bz#976 feedback/ok markus@
2391
2392    OpenBSD-Commit-ID: ce6c5211f936ac0053fd4a2ddb415277931e6c4b
2393
2394commit 64af4209309461c79c39eda2d13f9d77816c6398
2395Author: Damien Miller <djm@mindrot.org>
2396Date:   Fri Oct 28 12:54:35 2022 +1100
2397
2398    fix merge botch
2399
2400commit 27267642699342412964aa785b98afd69d952c88
2401Author: djm@openbsd.org <djm@openbsd.org>
2402Date:   Fri Oct 28 00:44:44 2022 +0000
2403
2404    upstream: refactor sshkey_private_deserialize
2405
2406    feedback/ok markus@
2407
2408    OpenBSD-Commit-ID: f5ca6932fdaf840a5e8250becb38315a29b5fc9f
2409
2410commit 2519a7077a9332f70935e5242ba91ee670ed6b87
2411Author: djm@openbsd.org <djm@openbsd.org>
2412Date:   Fri Oct 28 00:44:17 2022 +0000
2413
2414    upstream: refactor sshkey_private_serialize_opt()
2415
2416    feedback/ok markus@
2417
2418    OpenBSD-Commit-ID: 61e0fe989897901294efe7c3b6d670cefaf44cbd
2419
2420commit 11a768adf98371fe4e43f3b06014024c033385d5
2421Author: djm@openbsd.org <djm@openbsd.org>
2422Date:   Fri Oct 28 00:43:30 2022 +0000
2423
2424    upstream: refactor certify
2425
2426    feedback/ok markus@
2427
2428    OpenBSD-Commit-ID: 35d742992e223eaca3537e6fb3d3002c08eed4f6
2429
2430commit 3fbc58bb249d967cc43ebdc554f6781bb73d4a58
2431Author: djm@openbsd.org <djm@openbsd.org>
2432Date:   Fri Oct 28 00:43:08 2022 +0000
2433
2434    upstream: refactor sshkey_sign() and sshkey_verify()
2435
2436    feedback/ok markus@
2437
2438    OpenBSD-Commit-ID: 368e662c128c99d05cc043b1308d2b6c71a4d3cc
2439
2440commit a1deb6cdbbe6afaab74ecb08fcb62db5739267be
2441Author: djm@openbsd.org <djm@openbsd.org>
2442Date:   Fri Oct 28 00:41:52 2022 +0000
2443
2444    upstream: refactor sshkey_from_blob_internal()
2445
2446    feedback/ok markus@
2447
2448    OpenBSD-Commit-ID: 1f46c0cbb8060ee9666a02749594ad6658c8e283
2449
2450commit 7d00799c935271ce89300494c5677190779f6453
2451Author: djm@openbsd.org <djm@openbsd.org>
2452Date:   Fri Oct 28 00:41:17 2022 +0000
2453
2454    upstream: refactor sshkey_from_private()
2455
2456    feedback/ok markus@
2457
2458    OpenBSD-Commit-ID: e5dbe7a3545930c50f70ee75c867a1e08b382b53
2459
2460commit 262647c2e920492ca57f1b9320d74f4a0f6e482b
2461Author: djm@openbsd.org <djm@openbsd.org>
2462Date:   Fri Oct 28 00:39:29 2022 +0000
2463
2464    upstream: factor out key generation
2465
2466    feedback/ok markus@
2467
2468    OpenBSD-Commit-ID: 5b4211bff4de8d9adb84bc72857a8c42c44e7ceb
2469
2470commit 401c74e7dc15eab60540653d2f94d9306a927bab
2471Author: djm@openbsd.org <djm@openbsd.org>
2472Date:   Fri Oct 28 00:38:58 2022 +0000
2473
2474    upstream: refactor and simplify sshkey_read()
2475
2476    feedback/ok markus@
2477
2478    OpenBSD-Commit-ID: 0d93b7a56e31cd06a8bb0d2191d084ce254b0971
2479
2480commit 591fed94e66a016acf87f4b7cd416ce812f2abe8
2481Author: djm@openbsd.org <djm@openbsd.org>
2482Date:   Fri Oct 28 00:37:24 2022 +0000
2483
2484    upstream: factor out public key serialization
2485
2486    feedback/ok markus@
2487
2488    OpenBSD-Commit-ID: a3570c4b97290c5662890aea7328d87f55939033
2489
2490commit 1e78844ae2b2dc01ba735d5ae740904c57e13685
2491Author: djm@openbsd.org <djm@openbsd.org>
2492Date:   Fri Oct 28 00:36:31 2022 +0000
2493
2494    upstream: factor out sshkey_equal_public()
2495
2496    feedback/ok markus@
2497
2498    OpenBSD-Commit-ID: 1368ba114cb37732fe6ec3d89c7e6d27ea6fdc94
2499
2500commit 25de1c01a8b9a2c8ab9b1da22444a03e89c982de
2501Author: djm@openbsd.org <djm@openbsd.org>
2502Date:   Fri Oct 28 00:35:40 2022 +0000
2503
2504    upstream: begin big refactor of sshkey
2505
2506    Move keytype data and some of the type-specific code (allocation,
2507    cleanup, etc) out into each key type's implementation. Subsequent
2508    commits will move more, with the goal of having each key-*.c file
2509    owning as much of its keytype's implementation as possible.
2510
2511    lots of feedback + ok markus@
2512
2513    OpenBSD-Commit-ID: 0f2b4334f73914344e9e5b3d33522d41762a57ec
2514
2515commit 445363433ba20b8a3e655b113858c836da46a1cb
2516Author: djm@openbsd.org <djm@openbsd.org>
2517Date:   Mon Oct 24 22:43:36 2022 +0000
2518
2519    upstream: Be more paranoid with host/domain names coming from the
2520
2521    never write a name with bad characters to a known_hosts file.
2522
2523    reported by David Leadbeater, ok deraadt@
2524
2525    OpenBSD-Commit-ID: ba9b25fa8b5490b49398471e0c9657b0cbc7a5ad
2526
2527commit 7190154de2c9fe135f0cc1ad349cb2fa45152b89
2528Author: djm@openbsd.org <djm@openbsd.org>
2529Date:   Mon Oct 24 21:52:50 2022 +0000
2530
2531    upstream: regress test for unmatched glob characters; fails before
2532
2533    previous commit but passes now. bz3488; prodded by dtucker@
2534
2535    OpenBSD-Regress-ID: 0cc5cc9ea4a6fd170dc61b9212f15badaafb3bbd
2536
2537commit a4821a592456c3add3cd325db433110cdaaa3e5c
2538Author: djm@openbsd.org <djm@openbsd.org>
2539Date:   Mon Oct 24 21:51:55 2022 +0000
2540
2541    upstream: when scp(1) is using the SFTP protocol for transport (the
2542
2543    default), better match scp/rcp's handling of globs that don't match the
2544    globbed characters but do match literally (e.g. trying to transfer
2545    "foo.[1]").
2546
2547    Previously scp(1) in SFTP mode would not match these pathnames but
2548    legacy scp/rcp mode would.
2549
2550    Reported by Michael Yagliyan in bz3488; ok dtucker@
2551
2552    OpenBSD-Commit-ID: d8a3773f53015ba811fddba7473769a2fd343e11
2553
2554commit 18376847b8043ba967eabbe23692ef74c9a3fddc
2555Author: jsg@openbsd.org <jsg@openbsd.org>
2556Date:   Thu Oct 13 09:09:28 2022 +0000
2557
2558    upstream: use correct type with sizeof ok djm@
2559
2560    OpenBSD-Commit-ID: d6c882c2e8a42ff831a5b3cbc2c961ecb2dd6143
2561
2562commit 4a4883664d6b4e9e4e459a8cdc16bd8d4b735de9
2563Author: jmc@openbsd.org <jmc@openbsd.org>
2564Date:   Fri Oct 7 06:00:58 2022 +0000
2565
2566    upstream: ssh-agent.1: - use Nm not Xr for self-ref - while here,
2567
2568    wrap a long line
2569
2570    ssh-agent.c:
2571    - add -O to usage()
2572
2573    OpenBSD-Commit-ID: 855dac4695cef22e96d69c53436496bc408ca389
2574
2575commit 9fd2441113fce2a83fc7470968c3b27809cc7f10
2576Author: djm@openbsd.org <djm@openbsd.org>
2577Date:   Fri Oct 7 04:06:26 2022 +0000
2578
2579    upstream: document "-O no-restrict-websafe"; spotted by Ross L
2580
2581    Richardson
2582
2583    OpenBSD-Commit-ID: fe9eaa50237693a14ebe5b5614bf32a02145fe8b
2584
2585commit 614252b05d70f798a0929b1cd3d213030ad4d007
2586Author: Darren Tucker <dtucker@dtucker.net>
2587Date:   Tue Oct 18 06:29:16 2022 +1100
2588
2589    OpenSSL dev branch now identifies as 3.2.0.
2590
2591commit 195e5a65fd793a738ea8451ebfdd1919db5aff3e
2592Author: Damien Miller <djm@mindrot.org>
2593Date:   Mon Oct 17 09:41:47 2022 +1100
2594
2595    revert c64b62338b4 and guard POLL* defines instead
2596
2597    c64b62338b4 broke OSX builds, which do have poll.h but lack ppoll(2)
2598    Spotted by dtucker
2599
2600commit bc2e480d99613bd59720edae244d1764636544c4
2601Author: Damien Miller <djm@mindrot.org>
2602Date:   Fri Oct 14 14:52:22 2022 +1100
2603
2604    undef _get{short,long} before redefining
2605
2606commit 5eb796a369c64f18d55a6ae9b1fa9b35eea237fb
2607Author: Harmen Stoppels <harmenstoppels@gmail.com>
2608Date:   Thu Oct 13 16:08:46 2022 +0200
2609
2610    Fix snprintf configure test for clang 15
2611
2612    Clang 15 -Wimplicit-int defaults to an error in C99 mode and above.
2613    A handful of tests have "main(..." and not "int main(..." which caused
2614    the tests to produce incorrect results.
2615
2616commit c64b62338b46ffa08839f05f21ad69fa6234dc17
2617Author: Damien Miller <djm@mindrot.org>
2618Date:   Mon Oct 10 12:32:43 2022 +1100
2619
2620    skip bsd-poll.h if poll.h found; ok dtucker
2621
2622commit 5ee2b8ccfcf4b606f450eb0ff2305e311f68b0be
2623Author: djm@openbsd.org <djm@openbsd.org>
2624Date:   Thu Oct 6 22:42:37 2022 +0000
2625
2626    upstream: honour user's umask if it is more restrictive then the ssh
2627
2628    default (022); based on patch from Alex Henrie, ok dtucker@ deraadt@
2629
2630    OpenBSD-Commit-ID: fe1b9e15fc9a4f49fc338e848ce14d8727abe82d
2631
2632commit a75cffc2700cebd3e2dd9093f7f7388d2be95cb7
2633Author: Darren Tucker <dtucker@dtucker.net>
2634Date:   Fri Oct 7 03:54:56 2022 +1100
2635
2636    Add LibreSSL 3.6.0 to test suite.
2637
2638    While there, bump OpenSSL to latest 1.1.1q release.
2639
2640commit fcc0f0c0e96a30076683fea9a7c9eedc72931742
2641Author: Darren Tucker <dtucker@dtucker.net>
2642Date:   Thu Oct 6 21:18:16 2022 +1100
2643
2644    Add 9.1 branch to CI status page.
2645
2646commit ef211eee63821d894a8bf81f22bfba9f6899d0fe
2647Author: Darren Tucker <dtucker@dtucker.net>
2648Date:   Tue Oct 4 23:20:23 2022 +1100
2649
2650    Test commits to all branches of portable.
2651
2652    Only test OpenBSD upstream on commits to master since that's what it
2653    tracks.
2654
2655commit fe646de03cafb6593ff4e4954bca9ec4b4b753a8
2656Author: Damien Miller <djm@mindrot.org>
2657Date:   Wed Oct 5 03:47:26 2022 +1100
2658
2659    whitespace at EOL
2660
2661commit a6e1852d10c63a830196e82168dadd957aaf28ec
2662Author: Damien Miller <djm@mindrot.org>
2663Date:   Wed Oct 5 03:40:01 2022 +1100
2664
2665    mention libfido2 autodetection
2666
2667commit 7360c2c206f33d309edbaf64036c96fadf74d640
2668Author: Damien Miller <djm@mindrot.org>
2669Date:   Wed Oct 5 03:37:36 2022 +1100
2670
2671    remove mention of --with-security-key-builtin
2672
2673    it is enabled by default when libfido2 is installed
2674
2675commit 0ffb46f2ee2ffcc4daf45ee679e484da8fcf338c
2676Author: Damien Miller <djm@mindrot.org>
2677Date:   Tue Oct 4 01:51:42 2022 +1100
2678
2679    update .depend
2680
2681commit 657e676ff696c7bb787bffb0e249ea1be3b474e1
2682Author: Damien Miller <djm@mindrot.org>
2683Date:   Tue Oct 4 01:45:52 2022 +1100
2684
2685    update release notes URL
2686
2687commit f059da2b29840c0f048448809c317ce2ae014da7
2688Author: Damien Miller <djm@mindrot.org>
2689Date:   Tue Oct 4 01:45:41 2022 +1100
2690
2691    crank versions in RPM spec files
2692
2693commit b51f3f172d87cbdb80ca4eb7b2149e56a7647557
2694Author: djm@openbsd.org <djm@openbsd.org>
2695Date:   Mon Sep 26 22:18:40 2022 +0000
2696
2697    upstream: openssh-9.1
2698
2699    OpenBSD-Commit-ID: 5a467b2ee81da01a86adf1ad93b62b1728494e56
2700
2701commit 4cf8d0c0f3030f594a238bab21a0695735515487
2702Author: dtucker@openbsd.org <dtucker@openbsd.org>
2703Date:   Wed Sep 21 22:26:50 2022 +0000
2704
2705    upstream: Fix typo. From AlexanderStohr via github PR#343.
2706
2707    OpenBSD-Commit-ID: a134c9b4039e48803fc6a87f955b0f4a03181497
2708
2709commit 8179fed3264d5919899900ed8881d5f9bb57ca33
2710Author: djm@openbsd.org <djm@openbsd.org>
2711Date:   Mon Sep 19 21:39:16 2022 +0000
2712
2713    upstream: add RequiredRSASize to the list of keywords accepted by
2714
2715    -o; spotted by jmc@
2716
2717    OpenBSD-Commit-ID: fe871408cf6f9d3699afeda876f8adbac86a035e
2718
2719commit 5f954929e9f173dd1e279e07d0e8b14fa845814d
2720Author: Damien Miller <djm@mindrot.org>
2721Date:   Mon Sep 19 20:59:34 2022 +1000
2722
2723    no need for glob.h here
2724
2725    it also causes portability problems
2726
2727commit 03d94a47207d58b3db37eba4f87eb6ae5a63168a
2728Author: Damien Miller <djm@mindrot.org>
2729Date:   Mon Sep 19 20:59:04 2022 +1000
2730
2731    avoid Wuninitialized false positive in gcc-12ish
2732
2733commit 9d952529113831fb3071ab6e408d2726fd72e771
2734Author: djm@openbsd.org <djm@openbsd.org>
2735Date:   Mon Sep 19 10:46:00 2022 +0000
2736
2737    upstream: use users-groups-by-id@openssh.com sftp-server extension
2738
2739    (when available) to fill in user/group names for directory listings.
2740    Implement a client-side cache of see uid/gid=>user/group names. ok markus@
2741
2742    OpenBSD-Commit-ID: f239aeeadfa925a37ceee36ee8b256b8ccf4466e
2743
2744commit 8ff680368b0bccf88ae85d4c99de69387fbad7a6
2745Author: djm@openbsd.org <djm@openbsd.org>
2746Date:   Mon Sep 19 10:43:12 2022 +0000
2747
2748    upstream: sftp client library support for
2749
2750    users-groups-by-id@openssh.com; ok markus@
2751
2752    OpenBSD-Commit-ID: ddb2f33a2da6349a9a89a8b5bcb9ca7c999394de
2753
2754commit 488f6e1c582212c2374a4bf8cd1b703d2e70fb8b
2755Author: djm@openbsd.org <djm@openbsd.org>
2756Date:   Mon Sep 19 10:41:58 2022 +0000
2757
2758    upstream: extend sftp-common.c:extend ls_file() to support supplied
2759
2760    user/group names; ok markus@
2761
2762    OpenBSD-Commit-ID: c70c70498b1fdcf158531117e405b6245863bfb0
2763
2764commit 74b77f7497dba3a58315c8f308883de448078057
2765Author: djm@openbsd.org <djm@openbsd.org>
2766Date:   Mon Sep 19 10:40:52 2022 +0000
2767
2768    upstream: sftp-server(8): add a "users-groups-by-id@openssh.com"
2769
2770    extension request that allows the client to obtain user/group names that
2771    correspond to a set of uids/gids.
2772
2773    Will be used to make directory listings more useful and consistent
2774    in sftp(1).
2775
2776    ok markus@
2777
2778    OpenBSD-Commit-ID: 7ebabde0bcb95ef949c4840fe89e697e30df47d3
2779
2780commit 231a346c0c67cc7ca098360f9a554fa7d4f1eddb
2781Author: djm@openbsd.org <djm@openbsd.org>
2782Date:   Mon Sep 19 08:49:50 2022 +0000
2783
2784    upstream: better debugging for connect_next()
2785
2786    OpenBSD-Commit-ID: d16a307a0711499c971807f324484ed3a6036640
2787
2788commit 1875042c52a3b950ae5963c9ca3774a4cc7f0380
2789Author: djm@openbsd.org <djm@openbsd.org>
2790Date:   Sat Sep 17 10:34:29 2022 +0000
2791
2792    upstream: Add RequiredRSASize for sshd(8); RSA keys that fall
2793
2794    beneath this limit will be ignored for user and host-based authentication.
2795
2796    Feedback deraadt@ ok markus@
2797
2798    OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
2799
2800commit 54b333d12e55e6560b328c737d514ff3511f1afd
2801Author: djm@openbsd.org <djm@openbsd.org>
2802Date:   Sat Sep 17 10:33:18 2022 +0000
2803
2804    upstream: add a RequiredRSASize for checking RSA key length in
2805
2806    ssh(1). User authentication keys that fall beneath this limit will be
2807    ignored. If a host presents a host key beneath this limit then the connection
2808    will be terminated (unfortunately there are no fallbacks in the protocol for
2809    host authentication).
2810
2811    feedback deraadt, Dmitry Belyavskiy; ok markus@
2812
2813    OpenBSD-Commit-ID: 430e339b2a79fa9ecc63f2837b06fdd88a7da13a
2814
2815commit 07d8771bacfefbcfb37fa8a6dc6103bcc097e0ab
2816Author: djm@openbsd.org <djm@openbsd.org>
2817Date:   Sat Sep 17 10:30:45 2022 +0000
2818
2819    upstream: Add a sshkey_check_rsa_length() call for checking the
2820
2821    length of an RSA key; ok markus@
2822
2823    OpenBSD-Commit-ID: de77cd5b11594297eda82edc594b0d32b8535134
2824
2825commit 3991a0cf947cf3ae0f0373bcec5a90e86a7152f5
2826Author: djm@openbsd.org <djm@openbsd.org>
2827Date:   Sat Sep 17 10:11:29 2022 +0000
2828
2829    upstream: actually hook up restrict_websafe; the command-line flag
2830
2831    was never actually used. Spotted by Matthew Garrett
2832
2833    OpenBSD-Commit-ID: 0b363518ac4c2819dbaa3dfad4028633ab9cdff1
2834
2835commit 30b2a7e4291fb9e357f80a237931ff008d686d3b
2836Author: djm@openbsd.org <djm@openbsd.org>
2837Date:   Fri Sep 16 06:55:37 2022 +0000
2838
2839    upstream: correct error value
2840
2841    OpenBSD-Commit-ID: 780efcbad76281f11f14b2a5ff04eb6db3dfdad4
2842
2843commit ac1ec9545947d9f9657259f55d04cb49d3a94c8a
2844Author: djm@openbsd.org <djm@openbsd.org>
2845Date:   Fri Sep 16 03:33:14 2022 +0000
2846
2847    upstream: sftp: Be a bit more clever about completions
2848
2849    There are commands (e.g. "get" or "put") that accept two
2850    arguments, a local path and a remote path. However, the way
2851    current completion is written doesn't take this distinction into
2852    account and always completes remote or local paths.
2853
2854    By expanding CMD struct and "cmds" array this distinction can be
2855    reflected and with small adjustment to completer code the correct
2856    path can be completed.
2857
2858    By Michal Privoznik, ok dtucker@
2859
2860    OpenBSD-Commit-ID: 1396d921c4eb1befd531f5c4a8ab47e7a74b610b
2861
2862commit 590db83384f9d99fc51c84505792d26d1ef60df9
2863Author: djm@openbsd.org <djm@openbsd.org>
2864Date:   Fri Sep 16 03:13:34 2022 +0000
2865
2866    upstream: sftp: Don't attempt to complete arguments for
2867
2868    non-existent commands
2869
2870    If user entered a non-existent command (e.g. because they made a
2871    typo) there is no point in trying to complete its arguments. Skip
2872    calling complete_match() if that's the case.
2873
2874    From Michal Privoznik
2875
2876    OpenBSD-Commit-ID: cf39c811a68cde2aeb98fc85addea4000ef6b07a
2877
2878commit ff9809fdfd1d9a91067bb14a77d176002edb153c
2879Author: djm@openbsd.org <djm@openbsd.org>
2880Date:   Wed Sep 14 00:14:37 2022 +0000
2881
2882    upstream: sk_enroll: never drop SSH_SK_USER_VERIFICATION_REQD flag
2883
2884    from response
2885
2886    Now that all FIDO signing calls attempt first without PIN and then
2887    fall back to trying PIN only if that attempt fails, we can remove the
2888    hack^wtrick that removed the UV flag from the keys returned during
2889    enroll.
2890
2891    By Corinna Vinschen
2892
2893    OpenBSD-Commit-ID: 684517608c8491503bf80cd175425f0178d91d7f
2894
2895commit 940dc10729cb5a95b7ee82c10184e2b9621c8a1d
2896Author: djm@openbsd.org <djm@openbsd.org>
2897Date:   Wed Sep 14 00:13:13 2022 +0000
2898
2899    upstream: a little extra debugging
2900
2901    OpenBSD-Commit-ID: edf1601c1d0905f6da4c713f4d9cecc7d1c0295a
2902
2903commit 4b5f91cb959358141181b934156513fcb8a6c1e3
2904Author: djm@openbsd.org <djm@openbsd.org>
2905Date:   Wed Sep 14 00:02:03 2022 +0000
2906
2907    upstream: ssh-agent: attempt FIDO key signing without PIN and use
2908
2909    the error to determine whether a PIN is required and prompt only if
2910    necessary. from Corinna Vinschen
2911
2912    OpenBSD-Commit-ID: dd6be6a0b7148608e834ee737c3479b3270b00dd
2913
2914commit 113523bf0bc33600b07ebb083572c8c346b6fdf4
2915Author: jmc@openbsd.org <jmc@openbsd.org>
2916Date:   Sun Sep 11 06:38:11 2022 +0000
2917
2918    upstream: .Li -> .Vt where appropriate; from josiah frentsos,
2919
2920    tweaked by schwarze
2921
2922    ok schwarze
2923
2924    OpenBSD-Commit-ID: 565046e3ce68b46c2f440a93d67c2a92726de8ed
2925
2926commit 86af013b56cecb5ee58ae0bd9d495cd586fc5918
2927Author: jsg@openbsd.org <jsg@openbsd.org>
2928Date:   Sat Sep 10 08:50:53 2022 +0000
2929
2930    upstream: fix repeated words ok miod@ jmc@
2931
2932    OpenBSD-Commit-ID: 6765daefe26a6b648cc15cadbbe337596af709b7
2933
2934commit 0ba39b93b326a7d5dfab776cc9b9d326161a9b16
2935Author: djm@openbsd.org <djm@openbsd.org>
2936Date:   Fri Sep 9 03:31:42 2022 +0000
2937
2938    upstream: notifier_complete(NULL, ...) is a noop, so no need to test
2939
2940    that ctx!=NULL; from Corinna Vinschen
2941
2942    OpenBSD-Commit-ID: ade2f2e9cc519d01a586800c25621d910bce384a
2943
2944commit be197635329feb839865fdc738e34e24afd1fca8
2945Author: Sam James <sam@gentoo.org>
2946Date:   Thu Sep 8 02:49:29 2022 +0100
2947
2948    openbsd-compat/bsd-asprintf: add <stdio.h> include for vsnprintf
2949
2950    Fixes the following build failure with Clang 15 on musl:
2951    ```
2952    bsd-asprintf.c:51:8: error: call to undeclared library function 'vsnprintf' with type 'int (char *, unsigned long, const char *, struct __va_list_tag *)'; ISO C99 and laterclang -O2 -pipe -fdiagnostics-color=always -frecord-gcc-switches -pipe -Wunknown-warning-option -Qunused-arguments -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-result -Wmisleading-indentation -Wbitwise-instead-of-logical -fno-strict-aliasing -mretpoline  -ftrapv -fzero-call-used-regs=all -fno-builtin-memset -fstack-protector-strong -fPIE   -I. -I.  -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -DSSHDIR=\"/etc/ssh\" -D_PATH_SSH_PROGRAM=\"/usr/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/lib/misc/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/lib/misc/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/lib/misc/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/lib/misc/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/lib/misc/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c cipher-aes.c -o cipher-aes.o
2953     do not support
2954          implicit function declarations [-Wimplicit-function-declaration]
2955            ret = vsnprintf(string, INIT_SZ, fmt, ap2);
2956                  ^
2957    bsd-asprintf.c:51:8: note: include the header <stdio.h> or explicitly provide a declaration for 'vsnprintf'
2958    1 error generated.
2959    ```
2960
2961commit 6cb6f660bb35f77a0456dd2581ddf39c29398a5e
2962Author: Darren Tucker <dtucker@dtucker.net>
2963Date:   Fri Sep 2 16:43:27 2022 +1000
2964
2965    Remove DEF_WEAK, it's already in defines.h.
2966
2967commit ce39e7d8b70c4726defde5d3bc4cb7d40d131153
2968Author: Darren Tucker <dtucker@dtucker.net>
2969Date:   Fri Sep 2 14:28:14 2022 +1000
2970
2971    Resync arc4random with OpenBSD.
2972
2973    This brings us up to current, including djm's random-reseeding change,
2974    as prompted by logan at cyberstorm.mu in bz#3467.  It brings the
2975    platform-specific hooks from LibreSSL Portable, simplified to match our
2976    use case.  ok djm@.
2977
2978commit beaddde26f30e2195b8aa4f3193970e140e17305
2979Author: Darren Tucker <dtucker@dtucker.net>
2980Date:   Fri Sep 2 14:20:04 2022 +1000
2981
2982    Move OPENBSD ORIGINAL marker.
2983
2984    Putting this after the copyright statement (which doesn't change)
2985    instead of before the version identifier (which does) prevents merge
2986    conflicts when resyncing changes.
2987
2988commit c83e467ead67a8cb48ef4bec8085d6fb880a2ff4
2989Author: Darren Tucker <dtucker@dtucker.net>
2990Date:   Fri Sep 2 14:17:28 2022 +1000
2991
2992    Remove arc4random_uniform from arc4random.c
2993
2994    This was previously moved into its own file (matching OpenBSD) which
2995    prematurely committed in commit 73541f2.
2996
2997commit 5f45c2395c60865e59fa44152ff1d003a128c5bc
2998Author: djm@openbsd.org <djm@openbsd.org>
2999Date:   Fri Sep 2 04:20:02 2022 +0000
3000
3001    upstream: sk-usbhid: fix key_lookup() on tokens with built-in UV
3002
3003    explicitly test whether the token performs built-in UV (e.g. biometric
3004    tokens) and enable UV in that case. From Pedro Martelletto via GHPR#388
3005
3006    OpenBSD-Commit-ID: 007eb7e387d27cf3029ab06b88224e03eca62ccd
3007
3008commit 03277a4aa49b80af541a3e691f264c0c0d8f9cec
3009Author: Darren Tucker <dtucker@dtucker.net>
3010Date:   Wed Aug 31 20:26:30 2022 +1000
3011
3012    Move sftp from valgrind-2 to 3 to rebalance.
3013
3014commit fcf5365da69c516817321ba89c3a91df98d098df
3015Author: djm@openbsd.org <djm@openbsd.org>
3016Date:   Wed Aug 31 02:56:40 2022 +0000
3017
3018    upstream: whitespace
3019
3020    OpenBSD-Commit-ID: c2bcbf93610d3d62ed206cdf9bf9ff98c6aaf232
3021
3022commit e60136a3d7a223dd8e84ba8a6895bc3142360993
3023Author: Damien Miller <djm@mindrot.org>
3024Date:   Mon Aug 29 13:27:45 2022 +1000
3025
3026    additional keys
3027
3028commit 2b02dcb505288c462d1b5dd1ac04e603d01340eb
3029Author: Damien Miller <djm@mindrot.org>
3030Date:   Mon Aug 29 13:23:43 2022 +1000
3031
3032    cross-sign allowed_signers with PGP key
3033
3034    Provides continuity of trust from legacy PGP release key to
3035    the SSHSIG signing keys that we will use henceforth for git
3036    signing.
3037
3038commit 51b345f177ae981b8755f6bdf8358b1cc5e83d67
3039Author: Darren Tucker <dtucker@dtucker.net>
3040Date:   Sat Aug 27 21:49:27 2022 +1000
3041
3042    Add libcrypt-devel to cygwin-release deps.
3043
3044    Based on feedback from vinschen at redhat.com.
3045
3046commit 9f81736cf16dd8dda1c8942f1973a5f80b8cd78c
3047Author: Darren Tucker <dtucker@dtucker.net>
3048Date:   Sat Aug 27 09:37:40 2022 +1000
3049
3050    Add Windows 2022 test targets.
3051
3052commit 85e1a69243f12be8520438ad6a3cfdc0b7fcbb2d
3053Author: Darren Tucker <dtucker@dtucker.net>
3054Date:   Fri Aug 26 16:26:06 2022 +1000
3055
3056    Add cygwin-release test target.
3057
3058    This also moves the cygwin package install from the workflow file to
3059    setup_ci.sh so that we can install different sets of Cygwin packages
3060    for different test configs.
3061
3062commit 92382dbe8bf9ea1225b16858f9b9b208c15c7e8d
3063Author: djm@openbsd.org <djm@openbsd.org>
3064Date:   Fri Aug 26 08:16:27 2022 +0000
3065
3066    upstream: whitespace
3067
3068    OpenBSD-Commit-ID: a5d015efbfd228dc598ffdef612d2da3a579e5d8
3069
3070commit 70a5de0a50e84d7250eb4e4537f765599f64c4af
3071Author: djm@openbsd.org <djm@openbsd.org>
3072Date:   Fri Aug 26 08:12:56 2022 +0000
3073
3074    upstream: whitespace
3075
3076    OpenBSD-Commit-ID: d297e4387935d4aef091c5e9432578c2e513f538
3077
3078commit 3a683a19fd116ea15ebf8aa13d02646cceb302a9
3079Author: Damien Miller <djm@mindrot.org>
3080Date:   Fri Aug 26 14:23:55 2022 +1000
3081
3082    initial list of allowed signers
3083
3084commit 6851f4b8c3fc1b3e1114c56106e4dc31369c8513
3085Author: Darren Tucker <dtucker@dtucker.net>
3086Date:   Fri Aug 19 17:22:18 2022 +1000
3087
3088    Install Cygwin packages based on OS not config.
3089
3090commit f96480906893ed93665df8cdf9065865c51c1475
3091Author: djm@openbsd.org <djm@openbsd.org>
3092Date:   Fri Aug 19 06:07:47 2022 +0000
3093
3094    upstream: attemp FIDO key signing without PIN and use the error
3095
3096    code returned to fall back only if necessary. Avoids PIN prompts for FIDO
3097    tokens that don't require them; part of GHPR#302
3098
3099    OpenBSD-Commit-ID: 4f752aaf9f2e7c28bcaaf3d4f8fc290131bd038e
3100
3101commit 5453333b5d28e313284cb9aae82899704103f98d
3102Author: djm@openbsd.org <djm@openbsd.org>
3103Date:   Fri Aug 19 05:53:28 2022 +0000
3104
3105    upstream: remove incorrect check that can break enrolling a
3106
3107    resident key (introduced in r1.40)
3108
3109    OpenBSD-Commit-ID: 4cab364d518470e29e624af3d3f9ffa9c92b6f01
3110
3111commit ff89b1bed80721295555bd083b173247a9c0484e
3112Author: dtucker@openbsd.org <dtucker@openbsd.org>
3113Date:   Fri Aug 19 04:02:46 2022 +0000
3114
3115    upstream: Strictly enforce the maximum allowed SSH2 banner size in
3116
3117    ssh-keyscan and prevent a one-byte buffer overflow.  Patch from Qualys, ok
3118    djm@
3119
3120    OpenBSD-Commit-ID: 6ae664f9f4db6e8a0589425f74cd0bbf3aeef4e4
3121
3122commit 1b470b9036639cef4f32fb303bb35ea0b711178d
3123Author: Darren Tucker <dtucker@dtucker.net>
3124Date:   Fri Aug 19 15:18:09 2022 +1000
3125
3126    Fix cygwin conditional steps.
3127
3128commit fd6ee741ab16714b7035d60aca924123ba28135a
3129Author: Darren Tucker <dtucker@dtucker.net>
3130Date:   Fri Aug 19 15:12:57 2022 +1000
3131
3132    Add a bit more debug output.
3133
3134commit a9305c4c739f4d91a3d3a92c0b6d4949404a36c5
3135Author: Darren Tucker <dtucker@dtucker.net>
3136Date:   Fri Aug 12 15:08:47 2022 +1000
3137
3138    Add Cygwin (on windows-2019) test target.
3139
3140    In addition to installing the requisite Cygwin packages, we also need to
3141    explicitly invoke "sh" for steps that run other scripts since the runner
3142    environment doesn't understand #! paths.
3143
3144commit 5062ad48814b06162511c4f5924a33d97b6b2566
3145Author: djm@openbsd.org <djm@openbsd.org>
3146Date:   Fri Aug 19 03:06:30 2022 +0000
3147
3148    upstream: double free() in error path; from Eusgor via GHPR333
3149
3150    OpenBSD-Commit-ID: 39f35e16ba878c8d02b4d01d8826d9b321be26d4
3151
3152commit 5a5c580b48fc6006bdfa731fc2f6d4945c2c0e4e
3153Author: Darren Tucker <dtucker@dtucker.net>
3154Date:   Thu Aug 18 21:36:39 2022 +1000
3155
3156    Check for perms to run agent-getpeereid test.
3157
3158    Ubuntu 22.04 defaults to private home dirs which prevents "nobody"
3159    running ssh-add during the agent-getpeereid test.  Check for this and
3160    add the necessary permissions.
3161
3162commit cd06a76b7ccc706e2bb4f1cc4aa9e9796a28a812
3163Author: Damien Miller <djm@mindrot.org>
3164Date:   Wed Aug 17 16:04:16 2022 +1000
3165
3166    on Cygwin, prefer WinHello FIDO device
3167
3168    If no FIDO device was explictly specified, then prefer the
3169    windows://hello FIDO device. An exception to this is when
3170    probing resident FIDO keys, in which case hardware FIDO
3171    devices are preferred.
3172
3173commit 47f72f534ac5cc2cd3027675a3df7b00a8f77575
3174Author: djm@openbsd.org <djm@openbsd.org>
3175Date:   Wed Aug 17 06:01:57 2022 +0000
3176
3177    upstream: add an extra flag to sk_probe() to indicate whether we're
3178
3179    probing for a FIDO resident key or not. Unused here, but will make like
3180    easier for portable
3181
3182    OpenBSD-Commit-ID: 432c8ff70e270378df9dbceb9bdeaa5b43b5a832
3183
3184commit edb0bcb3c79b16031dc87a8e57aecc3c4a3414f0
3185Author: jmc@openbsd.org <jmc@openbsd.org>
3186Date:   Tue Aug 16 20:24:08 2022 +0000
3187
3188    upstream: use .Cm for "sign"; from josiah frentsos
3189
3190    OpenBSD-Commit-ID: 7f80a53d54857ac6ae49ea6ad93c5bd12231d1e4
3191
3192commit cccb011e130cbbac538b1689d10e4a067298df8b
3193Author: Corinna Vinschen <vinschen@redhat.com>
3194Date:   Thu Aug 11 20:19:35 2022 +0200
3195
3196    Revert "check_sk_options: add temporary WinHello workaround"
3197
3198    Cygwin now comes with libfido2 1.11.0, so this workaround
3199    isn't required anymore.
3200
3201    This reverts commit 242c044ab111a37aad3b0775727c36a4c5f0102c.
3202
3203    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3204
3205commit 9468cd7cf9d989dfa2ac20e2a0268ba6e93bfa5a
3206Author: Corinna Vinschen <vinschen@redhat.com>
3207Date:   Thu Aug 11 20:18:17 2022 +0200
3208
3209    fido_dev_is_winhello: return 0, not "false"
3210
3211    "false" is not used anywhere in OpenSSH, so return 0 like
3212    everywhere else.
3213
3214    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3215
3216commit 730a80609472ee0451c99482d75c9c41f3ebc42d
3217Author: djm@openbsd.org <djm@openbsd.org>
3218Date:   Fri Aug 12 05:20:28 2022 +0000
3219
3220    upstream: sftp-server: support home-directory request
3221
3222    Add support to the sftp-server for the home-directory extension defined
3223    in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the
3224    existing expand-path@openssh.com, but uses a more official protocol name,
3225    and so is a bit more likely to be implemented by non-OpenSSH clients.
3226
3227    From Mike Frysinger, ok dtucker@
3228
3229    OpenBSD-Commit-ID: bfc580d05cc0c817831ae7ecbac4a481c23566ab
3230
3231commit 5e820bf79ce3ce99ef7e98b0ab642b0a0a4f396c
3232Author: Darren Tucker <dtucker@dtucker.net>
3233Date:   Fri Aug 12 14:56:55 2022 +1000
3234
3235    Replace deprecated ubuntu-18.04 runners with 22.04
3236
3237commit 87b0d9c1b789d3ff958ec45df2ac912e24461bae
3238Author: Darren Tucker <dtucker@dtucker.net>
3239Date:   Thu Aug 11 22:48:23 2022 +1000
3240
3241    Add a timegm implementation from Heimdal via Samba.
3242
3243    Fixes build on (at least Solaris 10).
3244
3245commit d0c4fa58594577994921b593f10037c5282597ca
3246Author: Darren Tucker <dtucker@dtucker.net>
3247Date:   Thu Aug 11 14:23:58 2022 +1000
3248
3249    Rerun tests if any .github config file changes.
3250
3251commit 113fe6c77ab43769fc61e953d07cb619fd7ea54b
3252Author: Darren Tucker <dtucker@dtucker.net>
3253Date:   Thu Aug 11 13:33:51 2022 +1000
3254
3255    Skip hostbased during Valgrind tests.
3256
3257    Valgrind doesn't let ssh exec ssh-keysign (because it's setuid) so skip
3258    it during the Valgrind based tests.
3259
3260    See https://bugs.kde.org/show_bug.cgi?id=119404 for a discussion of this
3261    (ironically there the problematic binary was ssh(1) back when it could
3262    still be setuid).
3263
3264commit b98a42afb69d60891eb0488935990df6ee571c4d
3265Author: djm@openbsd.org <djm@openbsd.org>
3266Date:   Thu Aug 11 01:57:50 2022 +0000
3267
3268    upstream: add some tests for parse_absolute_time(), including cases
3269
3270    where it is forced to the UTC timezone. bz3468 ok dtucker
3271
3272    OpenBSD-Regress-ID: ea07ca31c2f3847a38df028ca632763ae44e8759
3273
3274commit ec1ddb72a146fd66d18df9cd423517453a5d8044
3275Author: djm@openbsd.org <djm@openbsd.org>
3276Date:   Thu Aug 11 01:56:51 2022 +0000
3277
3278    upstream: allow certificate validity intervals, sshsig verification
3279
3280    times and authorized_keys expiry-time options to accept dates in the UTC time
3281    zone in addition to the default of interpreting them in the system time zone.
3282    YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if
3283    suffixed with a 'Z' character.
3284
3285    Also allow certificate validity intervals to be specified in raw
3286    seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This
3287    is intended for use by regress tests and other tools that call
3288    ssh-keygen as part of a CA workflow.
3289
3290    bz3468 ok dtucker
3291
3292    OpenBSD-Commit-ID: 454db1cdffa9fa346aea5211223a2ce0588dfe13
3293
3294commit 4df246ec75751da7eb925e1880498300d8bda187
3295Author: Darren Tucker <dtucker@dtucker.net>
3296Date:   Thu Aug 11 10:23:55 2022 +1000
3297
3298    Fix conditional for running hostbased tests.
3299
3300commit 2580916e48721802220c61ce9e0df1297c00bc07
3301Author: Damien Miller <djm@mindrot.org>
3302Date:   Thu Aug 11 08:58:28 2022 +1000
3303
3304    fix SANDBOX_SECCOMP_FILTER_DEBUG
3305
3306commit fdbd5bf507fc271ff813714fab8a72ff2c6cb5ca
3307Author: Darren Tucker <dtucker@dtucker.net>
3308Date:   Wed Aug 10 17:35:52 2022 +1000
3309
3310    Test hostbased auth on github runners.
3311
3312commit 7e2f51940ba48a1c0fae1107801ea643fa83c971
3313Author: Darren Tucker <dtucker@dtucker.net>
3314Date:   Wed Aug 10 17:25:24 2022 +1000
3315
3316    Rename our getentropy to prevent possible loops.
3317
3318    Since arc4random seeds from getentropy, and we use OpenSSL for that
3319    if enabled, there's the possibility that if we build on a system that
3320    does not have getentropy then run on a system that does have it, then
3321    OpenSSL could end up calling our getentropy and getting stuck in a loop.
3322    Pointed out by deraadt@, ok djm@
3323
3324commit 7a01f61be8d0aca0e975e7417f26371495fe7674
3325Author: Darren Tucker <dtucker@dtucker.net>
3326Date:   Mon Aug 8 12:17:04 2022 +1000
3327
3328    Actually put HAVE_STDINT_H around the stdint.h.
3329
3330commit 73541f29f0b50480da6c20dceb7a7191bd8ea7d3
3331Author: Darren Tucker <dtucker@dtucker.net>
3332Date:   Mon Aug 8 10:30:34 2022 +1000
3333
3334    Give unused param a name.
3335
3336    Fixes builds on platforms that do have fido2 but don't have
3337    fido_dev_is_winhello.
3338
3339commit 2a108c0ea960381bd9b14ee0d84e818a23df4482
3340Author: djm@openbsd.org <djm@openbsd.org>
3341Date:   Fri Aug 5 05:01:40 2022 +0000
3342
3343    upstream: don't prompt for FIDO passphrase before attempting to enroll
3344
3345    the credential, just let the enroll operating fail and we'll attempt to get a
3346    PIN anyway. Might avoid some unneccessary PIN prompts.
3347
3348    Part of GHPR#302 from Corinna Vinschen; ok dtucker@
3349
3350    OpenBSD-Commit-ID: bd5342ffc353ee37d39617906867c305564d1ce2
3351
3352commit 2886975c0ad9244e60dc5e4be34fde3aa573a4b5
3353Author: Corinna Vinschen <vinschen@redhat.com>
3354Date:   Fri Feb 11 14:33:41 2022 +0100
3355
3356    sk_sign: set FIDO2 uv attribute explicitely for WinHello
3357
3358    WinHello via libfido2 performs user verification by default.
3359    However, if we stick to that, there's no way to differentiate
3360    between keys created with or without "-O  verify-required".
3361    Set FIDO2 uv attribute explicitely to FIDO_OPT_FALSE, then check
3362    if user verification has been requested.
3363
3364    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3365
3366commit 242c044ab111a37aad3b0775727c36a4c5f0102c
3367Author: Corinna Vinschen <vinschen@redhat.com>
3368Date:   Tue Feb 15 11:28:08 2022 +0100
3369
3370    check_sk_options: add temporary WinHello workaround
3371
3372    Up to libfido 1.10.0, WinHello advertises "clientPin" rather
3373    than "uv" capability.  This is fixed in 1.11.0.  For the time
3374    being, workaround it here.
3375
3376    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3377
3378commit 78774c08cc4b4997382975b0f414a86e06b6780c
3379Author: Corinna Vinschen <vinschen@redhat.com>
3380Date:   Thu Feb 10 18:19:29 2022 +0100
3381
3382    compat code for fido_dev_is_winhello()
3383
3384    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
3385
3386commit 3d3a932a019aedfb891e0779bb4990cd5008a390
3387Author: Darren Tucker <dtucker@dtucker.net>
3388Date:   Fri Aug 5 13:12:27 2022 +1000
3389
3390    Factor out getrnd() and rename to getentropy().
3391
3392    Factor out the arc4random seeding into its own file and change the
3393    interface to match getentropy.  Use native getentropy if available.
3394    This will make it easier to resync OpenBSD changes to arc4random.
3395    Prompted by bz#3467, ok djm@.
3396
3397commit 9385d277b787403be9dfcb229cf372202496d2f3
3398Author: Darren Tucker <dtucker@dtucker.net>
3399Date:   Thu Aug 4 18:55:48 2022 +1000
3400
3401    Include CHANNEL and FIDO2 libs in configure output
3402
3403commit 141535b904b6fba01724444f38193a8599201f82
3404Author: djm@openbsd.org <djm@openbsd.org>
3405Date:   Mon Aug 1 11:09:26 2022 +0000
3406
3407    upstream: avoid double-free in error path introduced in r1.70; report
3408
3409    and fix based on GHPR#332 by v-rzh ok dtucker@
3410
3411    OpenBSD-Commit-ID: 3d21aa127b1f37cfc5bdc21461db369a663a951f
3412
3413commit dba7099ffcba3ca07b3946f017ba6a4c3158d9b1
3414Author: Darren Tucker <dtucker@dtucker.net>
3415Date:   Wed Jul 27 18:40:12 2022 +1000
3416
3417    Remove deprecated MacOS 10.15 runners.
3418
3419commit 722a56439aa5972c830e4a9a724cf52aff4a950a
3420Author: Darren Tucker <dtucker@dtucker.net>
3421Date:   Wed Jul 27 18:31:14 2022 +1000
3422
3423    Move stale-configure check as early as possible.
3424
3425    We added a check in Makefile to catch the case where configure needs to
3426    be rebuilt, however this did not happen until a build was attempted in
3427    which case all of the work done by configure was wasted.  Move this check
3428     to the start of configure to catch it as early as possible.  ok djm@
3429
3430commit 099d6b56288b421ba38531d26dc1bd6bb685e311
3431Author: Darren Tucker <dtucker@dtucker.net>
3432Date:   Fri Jul 22 10:47:19 2022 +1000
3433
3434    Move libcrypto into CHANNELLIBS.
3435
3436    This will result in sftp, sftp-server and scp no longer being linked
3437    against libcrypto.  ok djm@
3438
3439commit 1bdf86725b77733bb5f17c54888b88a10b2f6538
3440Author: Darren Tucker <dtucker@dtucker.net>
3441Date:   Fri Jul 22 10:45:47 2022 +1000
3442
3443    Remove seed_rng calls from scp, sftp, sftp-server.
3444
3445    These binaries don't use OpenSSL's random functions.  The next step
3446    will be to stop linking them against libcrypto.  ok djm@
3447
3448commit d73f77b8cb9b422f1ac4facee7890aa10ff2bc21
3449Author: Darren Tucker <dtucker@dtucker.net>
3450Date:   Fri Jul 22 09:51:51 2022 +1000
3451
3452    Group libcrypto and PRNGD checks together.
3453
3454    They're related more than the libcrypt or libiaf checks which are
3455    currently between them.  ok djm@
3456
3457commit f117e372b3f42f2fbdb0a578d063b2609ab58e1f
3458Author: Darren Tucker <dtucker@dtucker.net>
3459Date:   Fri Jul 22 09:24:45 2022 +1000
3460
3461    Do not link scp, sftp and sftp-server w/ zlib.
3462
3463    Some of our binaries (eg sftp, sftp-server, scp) do not interact with
3464    the channels code and thus do use libraries such as zlib and libcrypto
3465    although they are linked with them.  This adds a CHANNELLIBS and starts
3466    by moving zlib into it, which means the aformentioned binaries are no
3467    longer linked against zlib.  ok djm@
3468
3469commit 800c2483e68db38bd1566ff69677124be974aceb
3470Author: Darren Tucker <dtucker@dtucker.net>
3471Date:   Mon Jul 25 21:49:04 2022 +1000
3472
3473    Remove workarounds for OpenSSL missing AES-CTR.
3474
3475    We have some compatibility hacks that were added to support OpenSSL
3476    versions that do not support AES CTR mode.  Since that time, however,
3477    the minimum OpenSSL version that we support has moved to 1.0.1 which
3478    *does* have CTR, so this is no longer needed.  ok djm@
3479
3480commit b7c56b65c12f51fe0dbae798d19c8f58224a5d95
3481Author: Darren Tucker <dtucker@dtucker.net>
3482Date:   Mon Jul 25 21:43:00 2022 +1000
3483
3484    Remove workarounds for OpenSSL missing AES-GCM.
3485
3486    We have some compatibility hacks that were added to support OpenSSL
3487    versions that do not support AES GCM mode.  Since that time, however,
3488    the minimum OpenSSL version that we support has moved to 1.0.1 which
3489    *does* have GCM, so this is no longer needed.  ok djm@
3490
3491commit 5a4a9f7a968fbf92cc1eac519c65638e79ae9f1f
3492Author: dtucker@openbsd.org <dtucker@openbsd.org>
3493Date:   Mon Jul 25 07:12:45 2022 +0000
3494
3495    upstream: Restore missing "!" in TEST_SSH_ELAPSED_TIMES test.
3496
3497    OpenBSD-Regress-ID: 38783f9676ec348c5a792caecee9a16e354b37b0
3498
3499commit 0ff886be132299386cc29d87c2aa16ff68a1aa08
3500Author: dtucker@openbsd.org <dtucker@openbsd.org>
3501Date:   Sun Jul 24 23:29:10 2022 +0000
3502
3503    upstream: Test TEST_SSH_ELAPSED_TIMES for empty string not
3504
3505    executable.  No-op on most platforms but should prevent warnings in -portable
3506    on systems that don't have 'date %s'.
3507
3508    OpenBSD-Regress-ID: e39d79867b8065e33d0c5926fa1a31f85659d2a4
3509
3510commit f69319ad8ad1dd50f90bbcf5912e11cc8ed3e037
3511Author: Darren Tucker <dtucker@dtucker.net>
3512Date:   Sat Jul 23 14:38:22 2022 +1000
3513
3514    Convert "have_prog" function into "which".
3515
3516    "which" and its behaviour is not standardized, so convert the existing
3517    have_prog function into "which" so we can rely on it being available
3518    and what its semantics are.  Add a have_prog wrapper that maintains the
3519    existing behaviour.
3520
3521commit ea7ecc2c3ae39fdf5c6ad97b7bc0b47a98847f43
3522Author: Darren Tucker <dtucker@dtucker.net>
3523Date:   Sat Jul 23 14:36:38 2022 +1000
3524
3525    Skip scp3 test if there's no scp on remote path.
3526
3527    scp -3 ends up using the scp that's in the remote path and will fail if
3528    one is not available.  Based on a patch from rapier at psc.edu.
3529
3530commit c46f6fed419167c1671e4227459e108036c760f8
3531Author: Damien Miller <djm@mindrot.org>
3532Date:   Wed Jul 20 13:39:14 2022 +1000
3533
3534    crank SSH_SK_VERSION_MAJOR in sk-dummy.so
3535
3536commit f208e3b9ffb5ee76cf9c95df7ff967adc7f51c7d
3537Author: djm@openbsd.org <djm@openbsd.org>
3538Date:   Wed Jul 20 03:33:22 2022 +0000
3539
3540    upstream: ssh-keygen: fix touch prompt, pin retries;
3541
3542    part of GHPR329 from Pedro Martelletto
3543
3544    OpenBSD-Commit-ID: 75d1005bd2ef8f29fa834c90d2684e73556fffe8
3545
3546commit 8638a2ce7e90c8a51d9af3143404282126c524f8
3547Author: djm@openbsd.org <djm@openbsd.org>
3548Date:   Wed Jul 20 03:31:42 2022 +0000
3549
3550    upstream: sk-usbhid: preserve error code returned by key_lookup()
3551
3552    it conveys useful information, such as the supplied pin being wrong.
3553
3554    Part of GHPR329 from Pedro Martelletto
3555
3556    OpenBSD-Commit-ID: c0647eb9290f793add363d81378439b273756c1b
3557
3558commit 9ab929ca2d820520327b41929372bcb9e261534c
3559Author: djm@openbsd.org <djm@openbsd.org>
3560Date:   Wed Jul 20 03:29:14 2022 +0000
3561
3562    upstream: when enrolling a resident key on a security token, check
3563
3564    if a credential with matching application and user ID strings already exists.
3565    if so, prompt the user for confirmation before overwriting the credential.
3566
3567    patch from Pedro Martelletto via GHPR329
3568
3569    NB. cranks SSH_SK_VERSION_MAJOR, so any third-party FIDO middleware
3570    implementations will need to adjust
3571
3572    OpenBSD-Commit-ID: e45e9f1bf2b2f32d9850669e7a8dbd64acc5fca4
3573
3574commit 5bcfc788b38d5b64e4c347bdc04bd9a01bbc36da
3575Author: djm@openbsd.org <djm@openbsd.org>
3576Date:   Wed Jul 20 03:13:04 2022 +0000
3577
3578    upstream: pull passphrase reading and confirmation into a separate
3579
3580    function so it can be used for FIDO2 PINs; no functional change
3581
3582    OpenBSD-Commit-ID: bf34f76b8283cc1d3f54633e0d4f13613d87bb2f
3583
3584commit eb679e2959bdb15454eb94751930eb4c9110da94
3585Author: Darren Tucker <dtucker@dtucker.net>
3586Date:   Fri Jul 15 21:31:48 2022 +1000
3587
3588    Move vmshutdown to first step.
3589
3590    If a previous run on a physical runner has failed to clean up, the next
3591    run will fail because it'll try to check out the code to a broken
3592    directory mount.  Make cleanup the first step.
3593
3594commit 46b91b70ff3cb9c147e2875ef5dc609fd64c0c96
3595Author: Darren Tucker <dtucker@dtucker.net>
3596Date:   Fri Jul 15 20:25:27 2022 +1000
3597
3598    Rename bbone test target to ARM.
3599
3600commit 751d22cdeffed9fe921db78eedc32a29f9e80510
3601Author: Darren Tucker <dtucker@dtucker.net>
3602Date:   Fri Jul 15 13:37:29 2022 +1000
3603
3604    Add AUDIT_ARCH_PPC to supported seccomp arches.
3605
3606    Patch from dries.deschout at dodeco.eu.
3607
3608commit a061792a6e8d235fc40a9b5d4c22a1762bb75a7b
3609Author: Darren Tucker <dtucker@dtucker.net>
3610Date:   Thu Jul 14 19:20:24 2022 +1000
3611
3612    Remove unintended changes.
3613
3614    I inadvertently included a couple of local changes with the OpenSSL
3615    3.0.4 change.  Revert, anything that should be there will be committed
3616    separately.
3617
3618commit 527cb43fa1b4e55df661feabbac51b8e608b6519
3619Author: Darren Tucker <dtucker@dtucker.net>
3620Date:   Thu Jul 14 11:22:08 2022 +1000
3621
3622    Return ERANGE from getcwd() if buffer size is 1.
3623
3624    If getcwd() is supplied a buffer size of exactly 1 and a path of "/", it
3625    could result in a nul byte being written out of array bounds.  POSIX says
3626    it should return ERANGE if the path will not fit in the available buffer
3627    (with terminating nul). 1 byte cannot fit any possible path with its nul,
3628    so immediately return ERANGE in that case.
3629
3630    OpenSSH never uses getcwd() with this buffer size, and all current
3631    (and even quite old) platforms that we are currently known to work
3632    on have a native getcwd() so this code is not used on those anyway.
3633    Reported by Qualys, ok djm@
3634
3635commit 36857fefd8849c4b0e877cfd9d1eb22f79b76650
3636Author: Darren Tucker <dtucker@dtucker.net>
3637Date:   Thu Jul 14 10:02:35 2022 +1000
3638
3639    Split README.platform into its own line.
3640
3641    README.platform has general platform-specific information, having it
3642    following text about FIDO2 on the same line could imply that it only
3643    has information about FIDO2.
3644
3645commit 00a496c6c14f2d41f2a9365714d494dd5f3aac9f
3646Author: Darren Tucker <dtucker@dtucker.net>
3647Date:   Thu Jul 14 09:56:01 2022 +1000
3648
3649    Clarify README.md text.
3650
3651    Clarify the text about the implications of building without OpenSSL, and
3652    prefix the "configure --help" example command with a "./" so it's likely
3653    to work as-is in more shells.  From bz#3461.
3654
3655commit f40b52f21fbc52eb513279168a49d3285c65256c
3656Author: Darren Tucker <dtucker@dtucker.net>
3657Date:   Tue Jul 12 19:48:44 2022 +1000
3658
3659    Remove special casing of crypt().
3660
3661    Configure goes to some lengths to pick crypt() from either libcrypt
3662    or OpenSSL's libcrypto because they can more or less featureful (eg
3663    supporting md5-style passwords).
3664
3665    OpenSSL removed its crypt() interface in 2002:
3666    https://github.com/openssl/openssl/commit/69deec58 so these hijinks
3667    should no longer be necessary.  This also only links sshd with libcrypt
3668    which is the only thing that needs it.  ok djm@
3669
3670commit 76f4e48631d7b09fb243b47d7b393d100d3741b7
3671Author: Darren Tucker <dtucker@dtucker.net>
3672Date:   Wed Jul 13 13:17:47 2022 +1000
3673
3674    Only refuse to use OpenSSL 3.0.4 on x86_64.
3675
3676    The potential RCE only impacts x86_64, so only refuse to use it if we're
3677    targetting a potentially impacted architecture.  ok djm@
3678
3679commit e75bbc1d88491fa85e61b2cc8783d4bbd00cd131
3680Author: Darren Tucker <dtucker@dtucker.net>
3681Date:   Tue Jul 12 14:37:15 2022 +1000
3682
3683    Capture stderr output from configure.
3684
3685commit d9eaea4bea6271bcee6a2b9428f1271faf2d033b
3686Author: Darren Tucker <dtucker@dtucker.net>
3687Date:   Tue Jul 12 12:54:49 2022 +1000
3688
3689    Refuse to use OpenSSL 3.0.4 due to potential RCE.
3690
3691    OpenSSL has a potential RCE in its RSA implementation (CVE-2022-2274)
3692    so refuse to use that specific version.
3693
3694commit fb2f3a61bf3d28fff285524535f7ffcd177c9235
3695Author: Darren Tucker <dtucker@dtucker.net>
3696Date:   Tue Jul 12 12:54:24 2022 +1000
3697
3698    Move unset to before we set anything.
3699
3700commit c483a5c0fb8e8b8915fad85c5f6113386a4341ca
3701Author: Darren Tucker <dtucker@dtucker.net>
3702Date:   Wed Jul 6 11:52:54 2022 +1000
3703
3704    Test against openssl-3.0.5.
3705
3706commit 669a56bcfe73f8b985f2bba476ba834d55253acf
3707Author: Darren Tucker <dtucker@dtucker.net>
3708Date:   Tue Jul 5 18:35:53 2022 +1000
3709
3710    Update sanitizer test targets:
3711
3712     - remove clang-sanitize-memory for now.  It takes so long that the test
3713       times out.
3714     - add gcc sanitize-address and sanitize-undefined test targets.
3715
3716commit 48cc68b69118b3ce8d07fd4f82e00d58667d5379
3717Author: Darren Tucker <dtucker@dtucker.net>
3718Date:   Tue Jul 5 16:23:28 2022 +1000
3719
3720    Add GCC address sanitizer build/test.
3721
3722commit 55c60bdd39b82457e92efa77da8d16cfa6a49391
3723Author: Darren Tucker <dtucker@dtucker.net>
3724Date:   Tue Jul 5 12:02:33 2022 +1000
3725
3726    Move sanitizer logs into regress for collection.
3727
3728commit 35ef2b3b6ef198f8574904a45780487ec2f17858
3729Author: dtucker@openbsd.org <dtucker@openbsd.org>
3730Date:   Mon Jul 4 09:10:31 2022 +0000
3731
3732    upstream: Add TEST_REGRESS_CACHE_DIR.
3733
3734    If set, it is used to cache regress test names that have succeeded and
3735    skip those on a re-run.
3736
3737    OpenBSD-Regress-ID: a7570dd29a58df59f2cca647c3c2ec989b49f247
3738
3739commit 7394ed80c4de8b228a43c8956cf2fa1b9c6b2622
3740Author: Darren Tucker <dtucker@dtucker.net>
3741Date:   Sun Jul 3 21:46:44 2022 +1000
3742
3743    Add clang sanitizer tests.
3744
3745commit bfce0e66b6017a9bfab450b9dc7d4b16f90de817
3746Author: Darren Tucker <dtucker@dtucker.net>
3747Date:   Sun Jul 3 18:14:09 2022 +1000
3748
3749    Skip all rlimit tests when sandboxing disabled.
3750
3751    The rlimit tests can hang when being run with some compiler sanitizers
3752    so skip all of them if sandbox=no.
3753
3754commit 6208d611520f9ea94d5369f9da404b709930029d
3755Author: Darren Tucker <dtucker@dtucker.net>
3756Date:   Sun Jul 3 17:54:49 2022 +1000
3757
3758    Move checks for pollfd.fd and nfds_t.
3759
3760    Move the checks for struct pollfd.fd and nfds_t to before the sandboxing
3761    checks.  This groups all the sandbox checks together so we can skip them
3762    all when sandboxing is disabled.
3763
3764commit 322964f8f2e9c321e77ebae1e4d2cd0ccc5c5a0b
3765Author: dtucker@openbsd.org <dtucker@openbsd.org>
3766Date:   Fri Jul 1 05:08:23 2022 +0000
3767
3768    upstream: Remove leftover line.
3769
3770    Remove extra line leftover from merge conflict. ok djm@
3771
3772    OpenBSD-Commit-ID: 460e2290875d7ae64971a7e669c244b1d1c0ae2e
3773
3774commit 7ec81daad0e03a64e8d91c5590960c48c1a899a3
3775Author: djm@openbsd.org <djm@openbsd.org>
3776Date:   Fri Jul 1 04:45:50 2022 +0000
3777
3778    upstream: use consistent field names (s/char/byte)
3779
3780    in format description
3781
3782    OpenBSD-Commit-ID: 3de33572733ee7fcfd7db33d37db23d2280254f0
3783
3784commit 32e82a392d9f263485effdd606ff5862d289a4a0
3785Author: Darren Tucker <dtucker@dtucker.net>
3786Date:   Fri Jul 1 13:55:19 2022 +1000
3787
3788    Skip select+rlimit check if sandboxing is disabled
3789
3790    It's not needed in that case, and the test can fail when being built
3791    with some compiler memory sanitizer flags.  bz#3441
3792
3793commit 4be7184ebe2a2ccef175983517a35ee06766e1b4
3794Author: djm@openbsd.org <djm@openbsd.org>
3795Date:   Fri Jul 1 03:52:57 2022 +0000
3796
3797    upstream: bump up loglevel from debug to info when unable to open
3798
3799    authorized keys/principals file for errno != ENOENT; bz2042 ok dtucker
3800
3801    OpenBSD-Commit-ID: e79aa550d91ade6a80f081bda689da24c086d66b
3802
3803commit 6c31ba10e97b6953c4f325f526f3e846dfea647a
3804Author: dtucker@openbsd.org <dtucker@openbsd.org>
3805Date:   Fri Jul 1 03:39:44 2022 +0000
3806
3807    upstream: Don't leak the strings allocated by order_hostkeyalgs()
3808
3809    and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
3810    github PR#324 from ZoltanFridrich, ok djm@
3811
3812    This is a roll-forward of the previous rollback now that the required
3813    changes in compat.c have been done.
3814
3815    OpenBSD-Commit-ID: c7cd93730b3b9f53cdad3ae32462922834ef73eb
3816
3817commit 486c4dc3b83b4b67d663fb0fa62bc24138ec3946
3818Author: dtucker@openbsd.org <dtucker@openbsd.org>
3819Date:   Fri Jul 1 03:35:45 2022 +0000
3820
3821    upstream: Always return allocated strings from the kex filtering so
3822
3823    that we can free them later.  Fix one leak in compat_kex_proposal.  Based on
3824    github PR#324 from ZoltanFridrich with some simplications by me. ok djm@
3825
3826    OpenBSD-Commit-ID: 9171616da3307612d0ede086fd511142f91246e4
3827
3828commit 96faa0de6c673a2ce84736eba37fc9fb723d9e5c
3829Author: djm@openbsd.org <djm@openbsd.org>
3830Date:   Fri Jul 1 00:36:30 2022 +0000
3831
3832    upstream: ignore SIGPIPE earlier in main(), specifically before
3833
3834    muxclient() which performs operations that could cause one; Reported by Noam
3835    Lewis via bz3454, ok dtucker@
3836
3837    OpenBSD-Commit-ID: 63d8e13276869eebac6d7a05d5a96307f9026e47
3838
3839commit 33efac790f6b09d54894ba6c3e17dfb08b6fc7e1
3840Author: jmc@openbsd.org <jmc@openbsd.org>
3841Date:   Tue Jun 28 06:09:14 2022 +0000
3842
3843    upstream: reflect the update to -D arg name in usage();
3844
3845    OpenBSD-Commit-ID: abdcde4f92b1ef094ae44210ee99d3b0155aad9c
3846
3847commit c71a1442d02f0a3586109dfe2cb366de36dee08e
3848Author: Darren Tucker <dtucker@dtucker.net>
3849Date:   Wed Jun 29 18:28:47 2022 +1000
3850
3851    Update OpenSSL tests to the most recent releases.
3852
3853commit 2a822f29300b2de7335fbff65f0b187a0c582304
3854Author: djm@openbsd.org <djm@openbsd.org>
3855Date:   Mon Jun 27 21:41:55 2022 +0000
3856
3857    upstream: allow arguments to sftp -D option, e.g. sftp -D
3858
3859    "/usr/libexec/sftp-server -el debug3"
3860
3861    ok markus@
3862
3863    OpenBSD-Commit-ID: 5a002b9f3a7aef2731fc0ffa9c921cf15f38ecce
3864
3865commit 2369a2810187e08f2af5d58b343956062fb96ee8
3866Author: dtucker@openbsd.org <dtucker@openbsd.org>
3867Date:   Fri Jun 24 10:45:06 2022 +0000
3868
3869    upstream: Roll back previous KEX changes as they aren't safe until
3870
3871    compat_pkalg_proposal and friends always allocate their returned strings.
3872    Reported by Qualys.
3873
3874    OpenBSD-Commit-ID: 1c7a88a0d5033f42f88ab9bec58ef1cf72c81ad0
3875
3876commit 646686136c34c2dbf6a01296dfaa9ebee029386d
3877Author: dtucker@openbsd.org <dtucker@openbsd.org>
3878Date:   Fri Jun 24 04:37:00 2022 +0000
3879
3880    upstream: Don't leak the strings allocated by order_hostkeyalgs()
3881
3882    and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
3883    github PR#324 from ZoltanFridrich, ok djm@
3884
3885    OpenBSD-Commit-ID: b2f6e5f60f2bba293b831654328a8a0035ef4a1b
3886
3887commit 193c6d8d905dde836b628fc07a7b9cf2d347e2a3
3888Author: Darren Tucker <dtucker@dtucker.net>
3889Date:   Sat Jun 25 12:16:15 2022 +1000
3890
3891    Zero out LIBFIDO2 when SK support not usable.
3892
3893    Prevents us from trying to link them into ssh-sk-helper and failing to
3894    build.
3895
3896commit 40f5d849d25c60b4ae21261e78484d435f5cfd51
3897Author: Darren Tucker <dtucker@dtucker.net>
3898Date:   Sat Jun 25 11:47:28 2022 +1000
3899
3900    Disable SK support if FIDO libs not found.
3901
3902commit 5fd922ade1b25880fe8a8249f5c0385e413108f9
3903Author: Damien Miller <djm@mindrot.org>
3904Date:   Fri Jun 24 14:43:54 2022 +1000
3905
3906    fix broken case statement in previous
3907
3908commit f51423bdaf0008d46b6af082bcfd7a22a87375f0
3909Author: Damien Miller <djm@mindrot.org>
3910Date:   Fri Jun 24 14:40:42 2022 +1000
3911
3912    request 1.1x API compatibility for OpenSSL >=3.x
3913
3914    idea/patch from Pedro Martelletto via GHPR#322; ok dtucker@
3915
3916commit 455cee8d6c2e4c48c5af9faead3599c49948411e
3917Author: djm@openbsd.org <djm@openbsd.org>
3918Date:   Fri Jun 24 04:27:14 2022 +0000
3919
3920    upstream: make it clear that RekeyLimit applies to both transmitted
3921
3922    and received data. GHPR#328 from Jan Pazdziora
3923
3924    OpenBSD-Commit-ID: d180a905fec9ff418a75c07bb96ea41c9308c3f9
3925
3926commit 17904f05802988d0bb9ed3c8d1d37411e8f459c3
3927Author: tobhe@openbsd.org <tobhe@openbsd.org>
3928Date:   Tue Jun 21 14:52:13 2022 +0000
3929
3930    upstream: Make sure not to fclose() the same fd twice in case of an
3931
3932    error.
3933
3934    ok dtucker@
3935
3936    OpenBSD-Commit-ID: e384c4e05d5521e7866b3d53ca59acd2a86eef99
3937
3938commit f29d6cf98c25bf044079032d22c1a57c63ab9d8e
3939Author: dtucker@openbsd.org <dtucker@openbsd.org>
3940Date:   Sat Jun 18 02:17:16 2022 +0000
3941
3942    upstream: Don't attempt to fprintf a null identity comment. From
3943
3944    Martin Vahlensieck via tech@.
3945
3946    OpenBSD-Commit-ID: 4c54d20a8e8e4e9912c38a7b4ef5bfc5ca2e05c2
3947
3948commit ad1762173bb38716a106e8979806149fd0f2753e
3949Author: dtucker@openbsd.org <dtucker@openbsd.org>
3950Date:   Fri Jun 17 01:00:03 2022 +0000
3951
3952    upstream: Log an error if pipe() fails while accepting a
3953
3954    connection.  bz#3447, from vincent-openssh at vinc17 net, ok djm@
3955
3956    OpenBSD-Commit-ID: 9d59f19872b94900a5c79da2d57850241ac5df94
3957
3958commit 9c59e7486cc8691401228b43b96a3edbb06e0412
3959Author: Damien Miller <djm@mindrot.org>
3960Date:   Fri Jun 24 14:20:43 2022 +1000
3961
3962    automatically enable built-in FIDO support
3963
3964    If libfido2 is found and usable, then enable the built-in
3965    security key support unless --without-security-key-builtin
3966    was requested.
3967
3968    ok dtucker@
3969
3970commit 7d25b37fb2a5ff4dadabcbdac6087a97479434f5
3971Author: Damien Miller <djm@mindrot.org>
3972Date:   Fri Jun 24 13:46:39 2022 +1000
3973
3974    fix possible NULL deref when built without FIDO
3975
3976    Analysis/fix from kircher in bz3443; ok dtucker@
3977
3978commit f5ba85daddfc2da6a8dab6038269e02c0695be44
3979Author: djm@openbsd.org <djm@openbsd.org>
3980Date:   Wed Jun 15 16:08:25 2022 +0000
3981
3982    upstream: make sure that UseDNS hostname lookup happens in the monitor
3983
3984    and not in the pledge(2)'d unprivileged process; fixes regression caused by
3985    recent refactoring spotted by henning@
3986
3987    OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
3988
3989commit acb2059febaddd71ee06c2ebf63dcf211d9ab9f2
3990Author: djm@openbsd.org <djm@openbsd.org>
3991Date:   Fri Jun 3 04:47:21 2022 +0000
3992
3993    upstream: move auth_openprincipals() and auth_openkeyfile() over to
3994
3995    auth2-pubkeyfile.c too; they make more sense there.
3996
3997    OpenBSD-Commit-ID: 9970d99f900e1117fdaab13e9e910a621b7c60ee
3998
3999commit 3d9b0845f34510111cc693bb99a667662ca50cd8
4000Author: djm@openbsd.org <djm@openbsd.org>
4001Date:   Fri Jun 3 04:31:54 2022 +0000
4002
4003    upstream: test setenv in both client and server, test first-match-wins
4004
4005    too
4006
4007    OpenBSD-Regress-ID: 4c8804f9db38a02db480b9923317457b377fe34b
4008
4009commit 22e1a3a71ad6d108ff0c5f07f93c3fcbd30f8b40
4010Author: djm@openbsd.org <djm@openbsd.org>
4011Date:   Fri Jun 3 04:30:46 2022 +0000
4012
4013    upstream: Make SetEnv directives first-match-wins in both
4014
4015    sshd_config and sshd_config; previously if the same name was reused then the
4016    last would win (which is the opposite to how the config is supposed to work).
4017
4018    While there, make the ssh_config parsing more like sshd_config.
4019
4020    bz3438, ok dtucker
4021
4022    OpenBSD-Commit-ID: 797909c1e0262c0d00e09280459d7ab00f18273b
4023
4024commit 38ed6c57e9e592c08e020fa6e82b45b4e1040970
4025Author: dtucker@openbsd.org <dtucker@openbsd.org>
4026Date:   Fri Jun 3 04:00:15 2022 +0000
4027
4028    upstream: Add missing *-sk types to ssh-keyscan manpage. From
4029
4030    skazi0 via github PR#294.
4031
4032    OpenBSD-Commit-ID: fda2c869cdb871f3c90a89fb3f985370bb5d25c0
4033
4034commit ea97ec98c41ec2b755dfab459347db674ff9a5de
4035Author: dtucker@openbsd.org <dtucker@openbsd.org>
4036Date:   Fri Jun 3 03:21:09 2022 +0000
4037
4038    upstream: Add period at end of "not known by any other names"
4039
4040    message.  github PR#320 from jschauma, ok djm@
4041
4042    OpenBSD-Commit-ID: bd60809803c4bfd3ebb7c5c4d918b10e275266f2
4043
4044commit 88e376fcd67478ad1660d94bc73ab348ac9f4527
4045Author: dtucker@openbsd.org <dtucker@openbsd.org>
4046Date:   Fri Jun 3 03:17:42 2022 +0000
4047
4048    upstream: ssh-keygen -A: do not generate DSA keys by default.
4049
4050    Based on github PR#303 from jsegitz with man page text from jmc@, ok markus@
4051    djm@
4052
4053    OpenBSD-Commit-ID: 5c4c57bdd7063ff03381cfb6696659dd3f9f5b9f
4054
4055commit 6b3fb624675082a1e5aa615d1b8479873d8b5731
4056Author: naddy@openbsd.org <naddy@openbsd.org>
4057Date:   Tue May 31 14:05:12 2022 +0000
4058
4059    upstream: ssh-keygen: implement "verify-required" certificate option.
4060
4061    This was already documented when support for user-verified FIDO
4062    keys was added, but the ssh-keygen(1) code was missing.
4063
4064    ok djm@
4065
4066    OpenBSD-Commit-ID: f660f973391b593fea4b7b25913c9a15c3eb8a06
4067
4068commit b7f86ffc301be105bba9a3e0618b6fab3ae379bd
4069Author: jmc@openbsd.org <jmc@openbsd.org>
4070Date:   Sat May 28 05:57:56 2022 +0000
4071
4072    upstream: keywords ref ssh_config.5;
4073
4074    from caspar schutijser
4075
4076    OpenBSD-Commit-ID: f146a19d7d5c9374c3b9c520da43b2732d7d1a4e
4077
4078commit dc7bc52372f2744fa39191577be5306ee57aacd4
4079Author: Damien Miller <djm@mindrot.org>
4080Date:   Mon May 30 09:29:09 2022 +1000
4081
4082    fix some bugs in the fuzzer
4083
4084commit 1781f507c113667613351c19898efaf1e311a865
4085Author: Darren Tucker <dtucker@dtucker.net>
4086Date:   Fri May 27 18:19:48 2022 +1000
4087
4088    Test against OpenSSL 1.1.1o and 3.0.3.
4089
4090commit c53906e0c59e569691b4095d3e8db79cf78fa058
4091Author: Darren Tucker <dtucker@dtucker.net>
4092Date:   Fri May 27 18:18:31 2022 +1000
4093
4094    Test against LibreSSL 3.5.3.
4095
4096commit 9b3ad432ad2f19319bcc089370e356c6315d682f
4097Author: Damien Miller <djm@mindrot.org>
4098Date:   Fri May 27 17:00:43 2022 +1000
4099
4100    fuzzer for authorized_keys parsing
4101
4102    mostly redundant to authopt_fuzz, but it's sensitive code so IMO it
4103    makes sense to test this layer too
4104
4105commit c83d8c4d6f3ccceef84d46de107f6b71cda06359
4106Author: djm@openbsd.org <djm@openbsd.org>
4107Date:   Fri May 27 05:02:46 2022 +0000
4108
4109    upstream: split the low-level file handling functions out from
4110
4111    auth2-pubkey.c
4112
4113    Put them in a new auth2-pubkeyfile.c to make it easier to refer to them
4114    (e.g. in unit/fuzz tests) without having to refer to everything else
4115    pubkey auth brings in.
4116
4117    ok dtucker@
4118
4119    OpenBSD-Commit-ID: 3fdca2c61ad97dc1b8d4a7346816f83dc4ce2217
4120
4121commit 3b0b142d2a0767d8cd838e2f3aefde8a0aaa41e1
4122Author: djm@openbsd.org <djm@openbsd.org>
4123Date:   Fri May 27 05:01:25 2022 +0000
4124
4125    upstream: refactor authorized_keys/principals handling
4126
4127    remove "struct ssh *" from arguments - this was only used to pass the
4128    remote host/address. These can be passed in instead and the resulting
4129    code is less tightly coupled to ssh_api.[ch]
4130
4131    ok dtucker@
4132
4133    OpenBSD-Commit-ID: 9d4373d013edc4cc4b5c21a599e1837ac31dda0d
4134
4135commit 2c334fd36f80cb91cc42e4b978b10aa35e0df236
4136Author: dtucker@openbsd.org <dtucker@openbsd.org>
4137Date:   Fri May 27 04:29:40 2022 +0000
4138
4139    upstream: f sshpkt functions fail, then password is not cleared
4140
4141    with freezero. Unconditionally call freezero to guarantee that password is
4142    removed from RAM.
4143
4144    From tobias@ and c3h2_ctf via github PR#286, ok djm@
4145
4146    OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
4147
4148commit 5d3a77f4c5ae774c6796387266503f52c7cdc7c2
4149Author: dtucker@openbsd.org <dtucker@openbsd.org>
4150Date:   Fri May 27 04:27:49 2022 +0000
4151
4152    upstream: Avoid kill with -1 argument. The out_ctx label can be
4153
4154    reached before fork has been called. If this happens, then kill -1 would be
4155    called, sending SIGTERM to all processes reachable by the current process.
4156
4157    From tobias@ and c3h2_ctf via github PR#286, ok djm@
4158
4159    OpenBSD-Commit-ID: 6277af1207d81202f5daffdccfeeaed4c763b1a8
4160
4161commit 533b31cd08e4b97f455466f91c36915e2924c15a
4162Author: dtucker@openbsd.org <dtucker@openbsd.org>
4163Date:   Fri May 27 04:13:24 2022 +0000
4164
4165    upstream: Note that ProxyJump also accepts the same tokens as
4166
4167    ProxyCommand. From pallxk via github PR#305.
4168
4169    OpenBSD-Commit-ID: 7115ac351b129205f1f1ffa6bbfd62abd76be7c5
4170
4171commit 9d8c80f8a304babe61ca28f2e3fb5eb6dc9c39bf
4172Author: djm@openbsd.org <djm@openbsd.org>
4173Date:   Wed May 25 06:03:44 2022 +0000
4174
4175    upstream: revert previous; it was broken (spotted by Theo)
4176
4177    OpenBSD-Commit-ID: 457c79afaca2f89ec2606405c1059b98b30d8b0d
4178
4179commit 9e0d02ef7ce88b67643bfb1c2272c9f5f04cc680
4180Author: djm@openbsd.org <djm@openbsd.org>
4181Date:   Wed May 25 00:31:13 2022 +0000
4182
4183    upstream: make SSHBUF_DBG/SSHBUF_TELL (off by default and only enabled
4184
4185    via #define) dump to stderr rather than stdout
4186
4187    OpenBSD-Commit-ID: 10298513ee32db8390aecb0397d782d68cb14318
4188
4189commit 2487163630f28be28b7e2396b4bd6511b98f1d3e
4190Author: Tim Rice <tim@multitalents.net>
4191Date:   Tue May 24 10:21:25 2022 -0700
4192
4193    configure.ac: Add missing AC_DEFINE for caph_cache_tzdata test causing
4194    HAVE_CAPH_CACHE_TZDATA to be missing from config.h.in.
4195    Spotted by Bryan Drewery
4196
4197commit bedb93415b60db3dfd704a3d525e82adb14a2481
4198Author: djm@openbsd.org <djm@openbsd.org>
4199Date:   Sun May 15 23:48:07 2022 +0000
4200
4201    upstream: regress test for in-place transfers and clobbering larger
4202
4203    files with smaller ones; would have caught last regression in scp(1)
4204
4205    OpenBSD-Regress-ID: 19de4e88dd3a4f7e5c1618c9be3c32415bd93bc2
4206
4207commit b4f0d719c2548cb74da509fb65f384dada4ebd37
4208Author: anton@openbsd.org <anton@openbsd.org>
4209Date:   Fri Apr 22 05:08:43 2022 +0000
4210
4211    upstream: Only run agent-ptrace.sh if gdb is available as all
4212
4213    architectures do not ship with gdb.
4214
4215    OpenBSD-Regress-ID: ec53e928803e6b87f9ac142d38888ca79a45348d
4216
4217commit 9b73345f80255a7f3048026462f2c0c6a241eeac
4218Author: djm@openbsd.org <djm@openbsd.org>
4219Date:   Sun May 15 23:47:21 2022 +0000
4220
4221    upstream: fix in-place copies; r1.163 incorrectly skipped truncation in
4222
4223    all cases, not just at the start of a transfer. This could cause overwrites
4224    of larger files to leave junk at the end. Spotted by tb@
4225
4226    OpenBSD-Commit-ID: b189f19cd68119548c8e24e39c79f61e115bf92c
4227
4228commit 56a0697fe079ff3e1ba30a2d5c26b5e45f7b71f8
4229Author: djm@openbsd.org <djm@openbsd.org>
4230Date:   Fri May 13 06:31:50 2022 +0000
4231
4232    upstream: arrange for scp, when in sftp mode, to not ftruncate(3) files
4233
4234    early
4235
4236    previous behavious of unconditionally truncating the destination file
4237    would cause "scp ~/foo localhost:" and "scp localhost:foo ~/" to
4238    delete all the contents of their destination.
4239
4240    spotted by solene@ sthen@, also bz3431; ok dtucker@
4241
4242    OpenBSD-Commit-ID: ca39fdd39e0ec1466b9666f15cbcfddea6aaa179
4243
4244commit fbcef70c2832712f027bccea1aa9bc4b4103da93
4245Author: dtucker@openbsd.org <dtucker@openbsd.org>
4246Date:   Mon May 9 08:25:27 2022 +0000
4247
4248    upstream: Remove errant apostrophe. From haruyama at queen-ml org.
4249
4250    OpenBSD-Commit-ID: dc6b294567cb84b384ad6ced9ca469f2bbf0bd10
4251
4252commit 0086a286ea6bbd11ca9b664ac3bb12b27443d6eb
4253Author: djm@openbsd.org <djm@openbsd.org>
4254Date:   Mon May 9 03:09:53 2022 +0000
4255
4256    upstream: Allow existing -U (use agent) flag to work with "-Y sign"
4257
4258    operations, where it will be interpreted to require that the private keys is
4259    hosted in an agent; bz3429, suggested by Adam Szkoda; ok dtucker@
4260
4261    OpenBSD-Commit-ID: a7bc69873b99c32c42c7628ed9ea91565ba08c2f
4262
4263commit cb010744cc98f651b1029bb09efa986eb54e4ccf
4264Author: djm@openbsd.org <djm@openbsd.org>
4265Date:   Sun May 8 22:58:35 2022 +0000
4266
4267    upstream: improve error message when 'ssh-keygen -Y sign' is unable to
4268
4269    load a private key; bz3429, reported by Adam Szkoda ok dtucker@
4270
4271    OpenBSD-Commit-ID: bb57b285e67bea536ef81b1055467be2fc380e74
4272
4273commit aa61fc82c63d309a90c22ca74fb1da6c6f4372fd
4274Author: Tobias Heider <me@tobhe.de>
4275Date:   Mon May 9 02:00:01 2022 +0200
4276
4277    Remove duplicate bcrypt_pbkdf.o from Makefile
4278
4279    bcrypt_pbkdf.o is duplicated in the openbsd-compat Makefile's object
4280    file list.
4281
4282commit deb506d00da8d11fb04c1e7b9b1e1cc379c1705c
4283Author: djm@openbsd.org <djm@openbsd.org>
4284Date:   Sun May 8 22:32:36 2022 +0000
4285
4286    upstream: When performing operations that glob(3) a remote path, ensure
4287
4288    that the implicit working directory used to construct that path escapes
4289    glob(3) characters.
4290
4291    This prevents glob characters from being processed in places they
4292    shouldn't, e.g. "cd /tmp/a*/", "get *.txt" should have the get operation
4293    treat the path "/tmp/a*" literally and not attempt to expand it.
4294
4295    Reported by Lusia Kundel; ok markus@
4296
4297    OpenBSD-Commit-ID: 4f647f58482cbad3d58b1eab7f6a1691433deeef
4298
4299commit f38cf74f20b5da113cfa823afd5bfb5c6ba65f3d
4300Author: Darren Tucker <dtucker@dtucker.net>
4301Date:   Fri May 6 14:50:18 2022 +1000
4302
4303    Also retest OpenBSD upstream on .yml changes.
4304
4305commit f87a132800ba3710ab130d703448a31ef1128d77
4306Author: Darren Tucker <dtucker@dtucker.net>
4307Date:   Fri May 6 14:46:09 2022 +1000
4308
4309    Note that, for now, we need variadic macros.
4310
4311commit 217b518e0f7c52c4b909e935141a55344c61e644
4312Author: Darren Tucker <dtucker@dtucker.net>
4313Date:   Fri May 6 14:39:34 2022 +1000
4314
4315    Add ubsan minimal testcase on OpenBSD.
4316
4317    As suggested by djm@.
4318
4319commit 457dce2cfef6a48f5442591cd8b21c7e8cba13f8
4320Author: djm@openbsd.org <djm@openbsd.org>
4321Date:   Thu May 5 01:04:14 2022 +0000
4322
4323    upstream: sshkey_unshield_private() contains a exact duplicate of
4324
4325    the code in private2_check_padding(). Pull private2_check_padding() up so the
4326    code can be reused. From Martin Vahlensieck, ok deraadt@
4327
4328    OpenBSD-Commit-ID: 876884c3f0e62e8fd8d1594bab06900f971c9c85
4329
4330commit 0e44db4d9cb313e68a59a44d27884af66c02356e
4331Author: djm@openbsd.org <djm@openbsd.org>
4332Date:   Thu May 5 00:56:58 2022 +0000
4333
4334    upstream: channel_new no longer frees remote_name. So update the
4335
4336    comment accordingly.  As remote_name is not modified, it can be const as
4337    well. From Martin Vahlensieck
4338
4339    OpenBSD-Commit-ID: e4e10dc8dc9f40c166ea5a8e991942bedc75a76a
4340
4341commit 37b62fd5caf19c85a48241535277cefff65adace
4342Author: djm@openbsd.org <djm@openbsd.org>
4343Date:   Thu May 5 00:55:11 2022 +0000
4344
4345    upstream: mux.c: mark argument as const; from Martin Vahlensieck
4346
4347    OpenBSD-Commit-ID: 69a1a93a55986c7c2ad9f733c093b46a47184341
4348
4349commit f4e67c0ad259b4cf10177277a5827fa5545bac53
4350Author: markus@openbsd.org <markus@openbsd.org>
4351Date:   Wed May 4 07:31:22 2022 +0000
4352
4353    upstream: make sure stdout is non-blocking; ok djm@
4354
4355    OpenBSD-Commit-ID: 64940fffbd1b882eda2d7c8c7a43c79368309c0d
4356
4357commit e5c036d2092c00bef395e9161dc5ce42d4be9565
4358Author: florian@openbsd.org <florian@openbsd.org>
4359Date:   Tue May 3 07:42:27 2022 +0000
4360
4361    upstream: Add FIDO AUTHENTICATOR section and explain a bit how FIDO
4362
4363    works. The wording came mostly from the 8.2 OpenSSH release notes, addapted
4364    to fit the man page. Then move the -O bits into the new section as is already
4365    done for CERTIFICATES and MODULI GENERATION. Finally we can explain the
4366    trade-offs of resident keys. While here, consistently refer to the FIDO
4367    thingies as "FIDO authenticators", not "FIDO tokens".
4368
4369    input & OK jmc, naddy
4370
4371    OpenBSD-Commit-ID: dd98748d7644df048f78dcf793b3b63db9ab1d25
4372
4373commit 575771bf79bef7127be6aaccddc46031ea15529e
4374Author: jmc@openbsd.org <jmc@openbsd.org>
4375Date:   Mon May 2 05:40:37 2022 +0000
4376
4377    upstream: remove an obsolete rsa1 format example from an example;
4378
4379    from megan batty
4380    ok djm
4381
4382    OpenBSD-Commit-ID: db2c89879c29bf083df996bd830abfb1e70d62bf
4383
4384commit 0bc6b4c8f04e292577bdb44d5dc6b630d3448087
4385Author: djm@openbsd.org <djm@openbsd.org>
4386Date:   Sun May 1 23:20:30 2022 +0000
4387
4388    upstream: fix some integer overflows in sieve_large() that show up when
4389
4390    trying to generate modp groups > 16k bits. Reported via GHPR#306 by Bertram
4391    Felgenhauer, but fixed in a different way. feedback/ok tb@
4392
4393    OpenBSD-Commit-ID: 81cbc6dd3a21c57bd6fadea10e44afe37bca558e
4394
4395commit a45615cb172bc827e21ec76750de39dfb30ecc05
4396Author: djm@openbsd.org <djm@openbsd.org>
4397Date:   Fri Apr 29 04:55:07 2022 +0000
4398
4399    upstream: be stricter in which characters will be accepted in
4400
4401    specifying a mask length; allow only 0-9. From khaleesicodes via GHPR#278; ok
4402    dtucker@
4403
4404    OpenBSD-Commit-ID: e267746c047ea86665cdeccef795a8a56082eeb2
4405
4406commit 4835544d2dd31de6ffc7dba59f92093aea98155b
4407Author: Darren Tucker <dtucker@dtucker.net>
4408Date:   Sat Apr 30 10:56:41 2022 +1000
4409
4410    Add Mac OS X 12 test target.
4411
4412commit 97a6a8b8c1f2da09712d0e72d0ef800e4edd34cd
4413Author: Darren Tucker <dtucker@dtucker.net>
4414Date:   Fri Apr 29 18:27:34 2022 +1000
4415
4416    Only run tests when source files change.
4417
4418    Also run tests on changes to V_9_0 branch.
4419
4420commit 6d0392b9ff4b50a56ac5685d1b9392e2cd432ca3
4421Author: Darren Tucker <dtucker@dtucker.net>
4422Date:   Fri Apr 29 18:22:34 2022 +1000
4423
4424    Remove now-empty int32_minmax.inc.
4425
4426commit af59463553b5ad52d3b42c4455ee3c5600158bb7
4427Author: djm@openbsd.org <djm@openbsd.org>
4428Date:   Fri Apr 29 03:24:30 2022 +0000
4429
4430    upstream: mention that the helpers are used by ssh(1), ssh-agent(1)
4431
4432    and ssh-keygen(1). Previously only ssh(1) was mentioned. From Pedro
4433    Martelletto
4434
4435    OpenBSD-Commit-ID: 30f880f989d4b329589c1c404315685960a5f153
4436
4437commit 3e26b3a6eebcee27be177207cc0846fb844b7a56
4438Author: dtucker@openbsd.org <dtucker@openbsd.org>
4439Date:   Fri Apr 29 03:16:48 2022 +0000
4440
4441    upstream: Don't leak SK device. Patch from Pedro Martelletto via
4442
4443    github PR#316. ok djm@
4444
4445    OpenBSD-Commit-ID: 17d11327545022e727d95fd08b213171c5a4585d
4446
4447commit 247082b5013f0d4fcae8f97453f2a2f01bcda811
4448Author: djm@openbsd.org <djm@openbsd.org>
4449Date:   Fri Apr 29 03:13:32 2022 +0000
4450
4451    upstream: fix memleak on session-bind path; from Pedro Martelletto, ok
4452
4453    dtucker@
4454
4455    OpenBSD-Commit-ID: e85899a26ba402b4c0717b531317e8fc258f0a7e
4456
4457commit e05522008092ceb86a87bdd4ad7878424315db89
4458Author: djm@openbsd.org <djm@openbsd.org>
4459Date:   Thu Apr 28 02:53:31 2022 +0000
4460
4461    upstream: avoid printing hash algorithm twice; from lucas AT sexy.is
4462
4463    OpenBSD-Commit-ID: 9d24671e10a84141b7c504396cabad600e47a941
4464
4465commit 0979e29356915261d69a9517a1e0aaade7c9fc75
4466Author: dtucker@openbsd.org <dtucker@openbsd.org>
4467Date:   Wed Apr 27 11:08:55 2022 +0000
4468
4469    upstream: Add authfd path to debug output. ok markus@
4470
4471    OpenBSD-Commit-ID: f735a17d1a6f2bee63bfc609d76ef8db8c090890
4472
4473commit 67b7c784769c74fd4d6b147d91e17e1ac1a8a96d
4474Author: dtucker@openbsd.org <dtucker@openbsd.org>
4475Date:   Tue Apr 26 07:41:44 2022 +0000
4476
4477    upstream: Check sshauthopt_new() for NULL. bz#3425, from
4478
4479    tessgauthier at microsoft.com.  ok djm@
4480
4481    OpenBSD-Commit-ID: af0315bc3e44aa406daa7e0ae7c2d719a974483f
4482
4483commit d571314d14b919fbd7c84a61f9bf2065fc0a6841
4484Author: millert@openbsd.org <millert@openbsd.org>
4485Date:   Wed Apr 20 16:00:25 2022 +0000
4486
4487    upstream: Remove unnecessary includes: openssl/hmac.h and
4488
4489    openssl/evp.h. From Martin Vahlensieck.
4490
4491    OpenBSD-Commit-ID: a6debb5fb0c8a44e43e8d5ca7cc70ad2f3ea31c3
4492
4493commit da8dddf8cc1f2516ff894b8183e83a7c5ba3ef80
4494Author: millert@openbsd.org <millert@openbsd.org>
4495Date:   Wed Apr 20 15:59:18 2022 +0000
4496
4497    upstream: Add missing includes of stdlib.h and stdint.h. We need
4498
4499    stdlib.h for malloc(3) and stdint.h for SIZE_MAX. Unlike the other xmss
4500    files, ssh-xmss.c does not include xmss_commons.h so ssh-xmss.c must include
4501    those headers itself. From Martin Vahlensieck
4502
4503    OpenBSD-Commit-ID: 70e28a9818cee3da1be2ef6503d4b396dd421e6b
4504
4505commit fe9d87a6800a7a33be08f4d5ab662a758055ced2
4506Author: millert@openbsd.org <millert@openbsd.org>
4507Date:   Wed Apr 20 15:56:49 2022 +0000
4508
4509    upstream: Avoid an unnecessary xstrdup in rm_env() when matching
4510
4511    patterns. Since match_pattern() doesn't modify its arguments (they are
4512    const), there is no need to make an extra copy of the strings in
4513    options->send_env. From Martin Vahlensieck
4514
4515    OpenBSD-Commit-ID: 2c9db31e3f4d3403b49642c64ee048b2a0a39351
4516
4517commit 7bf2eb958fbb551e7d61e75c176bb3200383285d
4518Author: Darren Tucker <dtucker@dtucker.net>
4519Date:   Tue Apr 26 23:30:59 2022 +1000
4520
4521    Add debian-riscv64 test target.
4522
4523commit 3913c935523902482974c4c503bcff20bd850a6a
4524Author: Darren Tucker <dtucker@dtucker.net>
4525Date:   Mon Apr 25 17:20:06 2022 +1000
4526
4527    Update OpenSSL and LibreSSL versions in tests.
4528
4529commit dcd8dca29bcdb193ff6be35b96fc55e6e30d37d9
4530Author: Darren Tucker <dtucker@dtucker.net>
4531Date:   Sat Apr 23 20:40:28 2022 +1000
4532
4533    Include stdlib.h for free() prototype.
4534
4535    ... which is used inside the CUSTOM_SYS_AUTH_GET_LASTLOGIN_MSG block.
4536
4537commit 4cc05de568e1c3edd7834ff3bd9d8214eb34861b
4538Author: Darren Tucker <dtucker@dtucker.net>
4539Date:   Sat Apr 23 20:17:26 2022 +1000
4540
4541    Cache timezone data in capsicum sandbox.
4542
4543    From emaste at freebsd.org, originally part of FreeBSD commit r339216
4544    / fc3c19a9 with autoconf bits added by me.
4545
4546commit c31404426d212e2964ff9e5e58e1d0fce3d83f27
4547Author: dtucker@openbsd.org <dtucker@openbsd.org>
4548Date:   Thu Apr 21 01:36:46 2022 +0000
4549
4550    upstream: It looks like we can't completely avoid
4551
4552    waiting for processes to exit so retrieve the pid via controlmaster and
4553    use that.
4554
4555    OpenBSD-Regress-ID: 8246f00f22b14e49d2ff1744c94897ead33d457b
4556
4557commit d19b21afab5c8e2f3df6bd8aee9766bdad3d8c58
4558Author: dtucker@openbsd.org <dtucker@openbsd.org>
4559Date:   Wed Apr 20 13:25:55 2022 +0000
4560
4561    upstream: Use ssh -f and ControlPersist ..
4562
4563    to start up test forwards and ssh -O stop to shut them down intead of
4564    sleep loops.  This speeds up the test by an order of magnitude.
4565
4566    OpenBSD-Regress-ID: eb3db5f805100919b092a3b2579c611fba3e83e7
4567
4568commit 5f76286a126721fa005de6edf3d1c7a265555f19
4569Author: dtucker@openbsd.org <dtucker@openbsd.org>
4570Date:   Wed Apr 20 05:24:13 2022 +0000
4571
4572    upstream: Simplify forward-control test.
4573
4574    Since we no longer need to support SSH1 we don't need to run shell
4575    commands on the other end of the connection and can use ssh -N instead.
4576    This also makes the test less racy.
4577
4578    OpenBSD-Regress-ID: 32e94ce272820cc398f30b848b2b0f080d10302c
4579
4580commit 687bbf23572d8bdf25cbbcdf8ac583514e1ba710
4581Author: djm@openbsd.org <djm@openbsd.org>
4582Date:   Thu Mar 31 03:07:33 2022 +0000
4583
4584    upstream: regression test for sftp cp command
4585
4586    OpenBSD-Regress-ID: c96bea9edde3a384b254785e7f9b2b24a81cdf82
4587
4588commit f1233f19a6a9fe58f52946f50df4772f5b136761
4589Author: dtucker@openbsd.org <dtucker@openbsd.org>
4590Date:   Wed Apr 20 01:13:47 2022 +0000
4591
4592    upstream: Import regenerated moduli
4593
4594    OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
4595
4596commit fec014785de198b9a325d1b94e324bb958c5fe7b
4597Author: djm@openbsd.org <djm@openbsd.org>
4598Date:   Wed Apr 20 04:19:11 2022 +0000
4599
4600    upstream: Try to continue running local I/O for channels in state
4601
4602    OPEN during SSH transport rekeying. The most visible benefit is that it
4603    should make ~-escapes work in the client (e.g. to exit) if the connection
4604    happened to have stalled during a rekey event. Based work by and ok dtucker@
4605
4606    OpenBSD-Commit-ID: a66e8f254e92edd4ce09c9f750883ec8f1ea5f45
4607
4608commit e68154b0d4f0f5085a050ea896955da1b1be6e30
4609Author: dtucker@openbsd.org <dtucker@openbsd.org>
4610Date:   Wed Apr 20 01:13:47 2022 +0000
4611
4612    upstream: Import regenerated moduli
4613
4614    OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
4615
4616commit 69928b106d8f0fa15b88cf3850d992ed81c44ae0
4617Author: tj@openbsd.org <tj@openbsd.org>
4618Date:   Sat Apr 16 00:22:31 2022 +0000
4619
4620    upstream: list the correct version number
4621
4622    for when usage of the sftp protocol became default and fix a typo
4623    from ed maste
4624
4625    OpenBSD-Commit-ID: 24e1795ed2283fdeacf16413c2f07503bcdebb31
4626
4627commit 21042a05c0b304c16f655efeec97438249d2e2cc
4628Author: dtucker@openbsd.org <dtucker@openbsd.org>
4629Date:   Tue Apr 12 05:09:49 2022 +0000
4630
4631    upstream: Correct path for system known hosts file in description
4632
4633    of IgnoreUserKnownHosts.  Patch from Martin Vahlensieck via tech@
4634
4635    OpenBSD-Commit-ID: 9b7784f054fa5aa4d63cb36bd563889477127215
4636
4637commit 53f4aff60a7c1a08a23917bd47496f8901c471f5
4638Author: Darren Tucker <dtucker@dtucker.net>
4639Date:   Sat Apr 16 14:33:20 2022 +1000
4640
4641    Resync moduli.5 with upstream.
4642
4643    1.18: remove duplicate publication year; carsten dot kunze at arcor dot de
4644    1.19: ssh-keygen's -G/-T have been replaced with -M generate/screen.
4645
4646commit d2b888762b9844eb0d8eb59909cdf5af5159f810
4647Author: Darren Tucker <dtucker@dtucker.net>
4648Date:   Sat Apr 16 14:31:13 2022 +1000
4649
4650    Retire fbsd6 test VM.
4651
4652    It's long since out of support, relatively slow (it's i686) and the
4653    compiler has trouble with PIE.
4654
4655commit cd1f70009860a154b51230d367c55ea5f9a4504e
4656Author: djm@openbsd.org <djm@openbsd.org>
4657Date:   Mon Apr 11 22:52:08 2022 +0000
4658
4659    upstream: clear io_want/io_ready flags at start of poll() cycle;
4660
4661    avoids plausible spin during rekeying if channel io_want flags are reused
4662    across cycles. ok markus@ deraadt@
4663
4664    OpenBSD-Commit-ID: 91034f855b7c73cd2591657c49ac30f10322b967
4665
4666commit aa1920302778273f7f94c2091319aba199068ca0
4667Author: dtucker@openbsd.org <dtucker@openbsd.org>
4668Date:   Fri Apr 8 05:43:39 2022 +0000
4669
4670    upstream: Note that curve25519-sha256 was later published in
4671
4672    RFC8731.  ok djm@
4673
4674    OpenBSD-Commit-ID: 2ac2b5d642d4cf5918eaec8653cad9a4460b2743
4675
4676commit 4673fa8f2be983f2f88d5afd754adb1a2a39ec9e
4677Author: djm@openbsd.org <djm@openbsd.org>
4678Date:   Fri Apr 8 04:40:40 2022 +0000
4679
4680    upstream: two defensive changes from Tobias Stoeckmann via GHPR287
4681
4682    enforce stricter invarient for sshbuf_set_parent() - never allow
4683    a buffer to have a previously-set parent changed.
4684
4685    In sshbuf_reset(), if the reallocation fails, then zero the entire
4686    buffer and not the (potentially smaller) default initial alloc size.
4687
4688    OpenBSD-Commit-ID: 14583203aa5d50ad38d2e209ae10abaf8955e6a9
4689
4690commit 26eef015e2d2254375e13afaaf753b78932b1bf5
4691Author: Damien Miller <djm@mindrot.org>
4692Date:   Mon Apr 11 16:07:09 2022 +1000
4693
4694    Revert "update build-aux files to match autoconf-2.71"
4695
4696    This reverts commit 0a8ca39fac6ad19096b6c263436f8b2dd51606f2.
4697
4698    It turns out that the checked-in copies of these files are actually newer
4699    than autoconf-2.71's copies, so this was effectively a downgrade.
4700    Spotted by Bo Anderson via github
4701
4702commit 0a8ca39fac6ad19096b6c263436f8b2dd51606f2
4703Author: Damien Miller <djm@mindrot.org>
4704Date:   Fri Apr 8 14:48:58 2022 +1000
4705
4706    update build-aux files to match autoconf-2.71
4707
4708    i.e. config.guess, config.sub and install-sh
4709
4710commit 94eb6858efecc1b4f02d8a6bd35e149f55c814c8
4711Author: Damien Miller <djm@mindrot.org>
4712Date:   Wed Apr 6 10:47:48 2022 +1000
4713
4714    update version numbers for release
4715
4716commit 8e4a8eadf4fe74e65e6492f34250f8cf7d67e8da
4717Author: djm@openbsd.org <djm@openbsd.org>
4718Date:   Mon Apr 4 22:45:25 2022 +0000
4719
4720    upstream: openssh-9.0
4721
4722    OpenBSD-Commit-ID: 0dfb461188f4513ec024c1534da8c1ce14c20b64
4723
4724commit a9f23ea2e3227f406880c2634d066f6f50fa5eaa
4725Author: naddy@openbsd.org <naddy@openbsd.org>
4726Date:   Thu Mar 31 17:58:44 2022 +0000
4727
4728    upstream: ssh: document sntrup761x25519-sha512@openssh.com as
4729
4730    default KEX
4731
4732    OpenBSD-Commit-ID: 12545bfa10bcbf552d04d9d9520d0f4e98b0e171
4733
4734commit 9ec2713d122af79d66ebb9c1d6d9ae8621a8945f
4735Author: naddy@openbsd.org <naddy@openbsd.org>
4736Date:   Thu Mar 31 17:27:27 2022 +0000
4737
4738    upstream: man pages: add missing commas between subordinate and
4739
4740    main clauses
4741
4742    jmc@ dislikes a comma before "then" in a conditional, so leave those
4743    untouched.
4744
4745    ok jmc@
4746
4747    OpenBSD-Commit-ID: 9520801729bebcb3c9fe43ad7f9776ab4dd05ea3
4748
4749commit 3741df98ffaaff92b474ee70d8ef276b5882f85a
4750Author: Darren Tucker <dtucker@dtucker.net>
4751Date:   Mon Apr 4 23:52:11 2022 +1000
4752
4753    Disable security key on fbsd6 test host.
4754
4755commit 32c12236f27ae83bfe6d2983b67c9bc67a83a417
4756Author: Darren Tucker <dtucker@dtucker.net>
4757Date:   Mon Apr 4 15:16:51 2022 +1000
4758
4759    Specify TEST_SHELL=bash on AIX.
4760
4761    The system shells cause the agent-restrict test to fail due to some
4762    quoting so explicitly specify bash until we can get configure to
4763    autmatically work around that.
4764
4765commit 90452c8b69d065b7c7c285ff78b81418a75bcd76
4766Author: Darren Tucker <dtucker@dtucker.net>
4767Date:   Fri Apr 1 23:38:44 2022 +1100
4768
4769    Only return events from ppoll that were requested.
4770
4771    If the underlying system's select() returns bits that were not in the
4772    request set, our ppoll() implementation can return revents for events
4773    not requested, which can apparently cause a hang.  Only return revents
4774    for activity in the requested event set.  bz#3416, analysis and fix by
4775    yaroslav.kuzmin at vmssoftware com, ok djm@
4776
4777commit 6c49eb5fabc56f4865164ed818aa5112d09c31a8
4778Author: Darren Tucker <dtucker@dtucker.net>
4779Date:   Fri Apr 1 23:21:40 2022 +1100
4780
4781    Only run regression tests on slow VMs.
4782
4783commit f67e47903977b42cb6abcd5565a61bd7293e4dc3
4784Author: Darren Tucker <dtucker@dtucker.net>
4785Date:   Fri Apr 1 23:21:06 2022 +1100
4786
4787    Increase test timeout to allow slow VMs to finish
4788
4789commit 02488c1b54065ddc4f25835dbd2618b2a2fe21f5
4790Author: Darren Tucker <dtucker@dtucker.net>
4791Date:   Fri Apr 1 16:27:38 2022 +1100
4792
4793    Use bash or ksh if available for SH in Makefile.
4794
4795commit 34c7018c316af4773e432066de28d0ef9d0888cd
4796Author: Darren Tucker <dtucker@dtucker.net>
4797Date:   Fri Apr 1 14:56:54 2022 +1100
4798
4799    Set Makefile SHELL as determined by configure.
4800
4801    This should improve compatibility for users with non-POSIX shells.  If
4802    using Makefile.in directly (eg make -f Makefile.in distprep) then SHELL
4803    will need to be specified on the command line (along with MANFMT in that
4804    particular case).  ok djm@
4805
4806commit 5b054d76402faab38c48377efd112426469553a0
4807Author: Darren Tucker <dtucker@dtucker.net>
4808Date:   Fri Apr 1 13:16:47 2022 +1100
4809
4810    Skip slow tests on (very) slow test targets.
4811
4812commit b275818065b31a865142c48c2acf6a7c1655c542
4813Author: Damien Miller <djm@mindrot.org>
4814Date:   Thu Mar 31 14:11:36 2022 +1100
4815
4816    depend
4817
4818commit 3fa539c3ffaabd6211995512d33e29150f88c5c5
4819Author: djm@openbsd.org <djm@openbsd.org>
4820Date:   Thu Mar 31 03:07:03 2022 +0000
4821
4822    upstream: add a sftp client "cp" command that supports server-side
4823
4824    copying of files. Useful for this task and for testing the copy-data
4825    extension. Patch from Mike Frysinger; ok dtucker@
4826
4827    OpenBSD-Commit-ID: 1bb1b950af0d49f0d5425b1f267e197aa1b57444
4828
4829commit 7988bfc4b701c4b3fe9b36c8561a3d1c5d4c9a74
4830Author: djm@openbsd.org <djm@openbsd.org>
4831Date:   Thu Mar 31 03:05:49 2022 +0000
4832
4833    upstream: add support for the "corp-data" protocol extension to
4834
4835    allow server-side copies to be performed without having to go via the client.
4836    Patch by Mike Frysinger, ok dtucker@
4837
4838    OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5
4839
4840commit 32dc1c29a4ac9c592ddfef0a4895eb36c1f567ba
4841Author: djm@openbsd.org <djm@openbsd.org>
4842Date:   Wed Mar 30 21:13:23 2022 +0000
4843
4844    upstream: select post-quantum KEX
4845
4846    sntrup761x25519-sha512@openssh.com as the default; ok markus@
4847
4848    OpenBSD-Commit-ID: f02d99cbfce22dffec2e2ab1b60905fbddf48fb9
4849
4850commit d6556de1db0822c76ba2745cf5c097d9472adf7c
4851Author: djm@openbsd.org <djm@openbsd.org>
4852Date:   Wed Mar 30 21:10:25 2022 +0000
4853
4854    upstream: fix poll() spin when a channel's output fd closes without
4855
4856    data in the channel buffer. Introduce more exact packing of channel fds into
4857    the pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@
4858
4859    OpenBSD-Commit-ID: 06740737849c9047785622ad5d472cb6a3907d10
4860
4861commit 8a74a96d25ca4d32fbf298f6c0ac5a148501777d
4862Author: djm@openbsd.org <djm@openbsd.org>
4863Date:   Wed Mar 30 04:33:09 2022 +0000
4864
4865    upstream: ssh is almost out of getopt() characters; note the
4866
4867    remaining remaining available ones in a comment
4868
4869    OpenBSD-Commit-ID: 48d38cef59d6bc8e84c6c066f6d601875d3253fd
4870
4871commit 6d4fc51adb9d8a42f67b5474f02f877422379de6
4872Author: djm@openbsd.org <djm@openbsd.org>
4873Date:   Wed Mar 30 04:27:51 2022 +0000
4874
4875    upstream: avoid NULL deref via ssh-keygen -Y find-principals.
4876
4877    bz3409, reported by Mateusz Adamowski
4878
4879    OpenBSD-Commit-ID: a3b2c02438052ee858e0ee18e5a288586b5df2c5
4880
4881commit e937514920335b92b543fd9be79cd6481d1eb0b6
4882Author: Darren Tucker <dtucker@dtucker.net>
4883Date:   Mon Mar 28 17:51:03 2022 +1100
4884
4885    Add AIX 5.1 test target.
4886
4887commit 4bbe815ba974b4fd89cc3fc3e3ef1be847a0befe
4888Author: Darren Tucker <dtucker@dtucker.net>
4889Date:   Sat Mar 26 22:01:31 2022 +1100
4890
4891    Drop leading "v" from release version identifier.
4892
4893    It's present in the git tags but not in the release tarball names.
4894    Also drop extra "/" from URL path.
4895
4896commit f5cdd3b3c275dffaebfca91df782dca29975e9ac
4897Author: Darren Tucker <dtucker@dtucker.net>
4898Date:   Sat Mar 26 16:28:04 2022 +1100
4899
4900    Use tarballs when testing LibreSSL releases.
4901
4902    This means they'll still work when the combination of -portable and
4903    openbsd github repos no longer match.
4904
4905commit 24dc37d198f35a7cf71bf4d5384363c7ef4209d4
4906Author: Darren Tucker <dtucker@dtucker.net>
4907Date:   Sat Mar 26 15:02:45 2022 +1100
4908
4909    Remove now-unused passwd variable.
4910
4911commit 5b467ceef2c356f0a77f5e8ab4eb0fac367e4d24
4912Author: Darren Tucker <dtucker@dtucker.net>
4913Date:   Sat Mar 26 13:15:44 2022 +1100
4914
4915    Missing semicolon.
4916
4917commit 2923d026e55998133c0f6e5186dca2a3c0fa5ff5
4918Author: Darren Tucker <dtucker@dtucker.net>
4919Date:   Sat Mar 26 12:49:50 2022 +1100
4920
4921    Factor out platform-specific locked account check.
4922
4923    Also fixes an incorrect free on platforms with both libiaf and shadow
4924    passwords (probably only Unixware).  Prompted by github PR#284,
4925    originally from @c3h2_ctf and stoeckmann@.
4926
4927commit d23efe4b12886ffe416be10bc0a7da6ca8aa72d1
4928Author: Darren Tucker <dtucker@dtucker.net>
4929Date:   Sat Mar 26 08:13:46 2022 +1100
4930
4931    Add OpenWRT mips and mipsel test targets.
4932
4933commit 16ea8b85838dd7a4dbeba4e51ac4f43fd68b1e5b
4934Author: djm@openbsd.org <djm@openbsd.org>
4935Date:   Sun Mar 20 08:52:17 2022 +0000
4936
4937    upstream: don't leak argument list; bz3404, reported by Balu
4938
4939    Gajjala ok dtucker@
4940
4941    OpenBSD-Commit-ID: fddc32d74e5dd5cff1a49ddd6297b0867eae56a6
4942
4943commit a72bde294fe0518c9a44ba63864093a1ef2425e3
4944Author: djm@openbsd.org <djm@openbsd.org>
4945Date:   Sun Mar 20 08:51:21 2022 +0000
4946
4947    upstream: make addargs() and replacearg() a little more robust and
4948
4949    improve error reporting
4950
4951    make freeargs(NULL) a noop like the other free functions
4952
4953    ok dtucker as part of bz3403
4954
4955    OpenBSD-Commit-ID: 15f86da83176978b4d1d288caa24c766dfa2983d
4956
4957commit 731087d2619fa7f01e675b23f57af10d745e8af2
4958Author: djm@openbsd.org <djm@openbsd.org>
4959Date:   Fri Mar 18 04:04:11 2022 +0000
4960
4961    upstream: don't try to resolve ListenAddress directives in the sshd
4962
4963    re-exec path - we're never going to use the result and if the operation fails
4964    then it can prevent connections from being accepted. Reported by Aaron
4965    Poffenberger; with / ok dtucker@
4966
4967    OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
4968
4969commit 1c83c082128694ddd11ac05fdf31d70312ff1763
4970Author: djm@openbsd.org <djm@openbsd.org>
4971Date:   Fri Mar 18 02:50:21 2022 +0000
4972
4973    upstream: remove blank line
4974
4975    OpenBSD-Commit-ID: d5e0182965b2fbfb03ad5f256d1a1ce5706bcddf
4976
4977commit 807be68684da7a1fe969c399ddce2fafb7997dcb
4978Author: djm@openbsd.org <djm@openbsd.org>
4979Date:   Fri Mar 18 02:32:22 2022 +0000
4980
4981    upstream: helpful comment
4982
4983    OpenBSD-Commit-ID: e3315a45cb04e7feeb614d76ec80a9fe4ca0e8c7
4984
4985commit a0b5816f8f1f645acdf74f7bc11b34455ec30bac
4986Author: djm@openbsd.org <djm@openbsd.org>
4987Date:   Fri Mar 18 02:31:25 2022 +0000
4988
4989    upstream: ssh-keygen -Y check-novalidate requires namespace or SEGV
4990
4991    will ensue. Patch from Mateusz Adamowski via GHPR#307
4992
4993    OpenBSD-Commit-ID: 99e8ec38f9feb38bce6de240335be34aedeba5fd
4994
4995commit 5a252d54a63be30d5ba4be76210942d754a531c0
4996Author: djm@openbsd.org <djm@openbsd.org>
4997Date:   Tue Mar 15 05:27:37 2022 +0000
4998
4999    upstream: improve DEBUG_CHANNEL_POLL debugging message
5000
5001    OpenBSD-Commit-ID: 2275eb7bc4707d019b1a0194b9c92c0b78da848f
5002
5003commit ce324cf58ba2840e31afeb996935800780c8fa4b
5004Author: cheloha@openbsd.org <cheloha@openbsd.org>
5005Date:   Sun Mar 13 23:27:54 2022 +0000
5006
5007    upstream: ssh: xstrdup(): use memcpy(3)
5008
5009    Copying the given string into the buffer with strlcpy(3) confers no
5010    benefit in this context because we have already determined the
5011    string's length with strlen(3) in order to allocate that buffer.
5012
5013    Thread: https://marc.info/?l=openbsd-tech&m=164687525802691&w=2
5014
5015    ok dtucker@ millert@
5016
5017    OpenBSD-Commit-ID: f8bfc082e36e2d2dc4e1feece02fe274155ca11a
5018
5019commit 2893c5e764557f48f9d6a929e224ed49c59545db
5020Author: Darren Tucker <dtucker@dtucker.net>
5021Date:   Fri Mar 11 18:43:58 2022 +1100
5022
5023    Resync fmt_scaled. with OpenBSD.
5024
5025    Fixes underflow reported in bz#3401.
5026
5027commit 5ae31a0fdd27855af29f48ff027491629fff5979
5028Author: Darren Tucker <dtucker@dtucker.net>
5029Date:   Wed Mar 9 09:41:56 2022 +1100
5030
5031    Provide killpg implementation.
5032
5033    Based on github PR#301 for Tandem NonStop.
5034
5035commit c41c84b439f4cd74d4fe44298a4b4037ddd7d2ae
5036Author: Darren Tucker <dtucker@dtucker.net>
5037Date:   Wed Mar 9 09:29:30 2022 +1100
5038
5039    Check for missing ftruncate prototype.
5040
5041    From github PR#301 in conjunction with rsbeckerca.
5042
5043commit 8cf5275452a950869cb90eeac7d220b01f77b12e
5044Author: Darren Tucker <dtucker@dtucker.net>
5045Date:   Tue Mar 8 20:04:06 2022 +1100
5046
5047    Default to not using sandbox when cross compiling.
5048
5049    On most systems poll(2) does not work when the number of FDs is reduced
5050    with setrlimit, so assume it doesn't when cross compiling and we can't
5051    run the test.  bz#3398.
5052
5053commit 379b30120da53d7c84aa8299c26b18c51c2a0dac
5054Author: djm@openbsd.org <djm@openbsd.org>
5055Date:   Tue Mar 1 01:59:19 2022 +0000
5056
5057    upstream: pack pollfd array before server_accept_loop() ppoll()
5058
5059    call, and terminate sshd if ppoll() returns errno==EINVAL
5060
5061    avoids spin in ppoll when MaxStartups > RLIMIT_NOFILE, reported by
5062    Daniel Micay
5063
5064    feedback/ok deraadt
5065
5066    OpenBSD-Commit-ID: dbab1c24993ac977ec24d83283b8b7528f7c2c15
5067
5068commit eceafbe0bdbbd9bd2f3cf024ccb350666a9934dd
5069Author: naddy@openbsd.org <naddy@openbsd.org>
5070Date:   Sun Feb 27 01:33:59 2022 +0000
5071
5072    upstream: include rejected signature algorithm in error message and
5073
5074    not the (useless) key type; ok djm@
5075
5076    OpenBSD-Commit-ID: d0c0f552a4d9161203e07e95d58a76eb602a76ff
5077
5078commit f2f3269423618a83157e18902385e720f9776007
5079Author: dtucker@openbsd.org <dtucker@openbsd.org>
5080Date:   Fri Feb 25 09:46:24 2022 +0000
5081
5082    upstream: Remove the char * casts from arguments to do_lstat,
5083
5084    do_readdir and do_stat paths since the underlying functions now take a const
5085    char *. Patch from vapier at gentoo.org.
5086
5087    OpenBSD-Commit-ID: 9e4d964dbfb0ed683a2a2900711b88e7f1c0297b
5088
5089commit 4a66dac052c5ff5047161853f36904607649e4f9
5090Author: djm@openbsd.org <djm@openbsd.org>
5091Date:   Fri Feb 25 02:09:27 2022 +0000
5092
5093    upstream: save an unneccessary alloc/free, based on patch from
5094
5095    Martin Vahlensieck; ok dtucker@
5096
5097    OpenBSD-Commit-ID: 90ffbf1f837e509742f2c31a1fbf2c0fd376fd5f
5098
5099commit 6f117cb151efe138ac57bdd8e26165f350328f5f
5100Author: Darren Tucker <dtucker@dtucker.net>
5101Date:   Tue Mar 1 09:02:06 2022 +1100
5102
5103    Remove unused ivbits argument from chacha_keysetup
5104
5105commit 15974235dd528aeab0ec67fb92a0a1d733f62be2
5106Author: Darren Tucker <dtucker@dtucker.net>
5107Date:   Tue Mar 1 09:00:20 2022 +1100
5108
5109    Add OPENBSD ORIGINAL marker.
5110
5111commit f2ff669347d320532e7c1b63cdf5c62f46e73150
5112Author: Darren Tucker <dtucker@dtucker.net>
5113Date:   Mon Feb 28 22:21:36 2022 +1100
5114
5115    No unused param warnings for clang-12 and gcc-11.
5116
5117    These have too many false positives in -Werror tests on the github CI
5118    since we often provide empty stub functions for functionality not needed
5119    for particular configurations.
5120
5121commit 96558ecd87adac62efa9a2b5479f686ab86b0be1
5122Author: Darren Tucker <dtucker@dtucker.net>
5123Date:   Sat Feb 26 14:10:41 2022 +1100
5124
5125    Add debian-i386 test target.
5126
5127commit 284b6e5394652d519e31782e3b3cdfd7b21d1a81
5128Author: Darren Tucker <dtucker@dtucker.net>
5129Date:   Sat Feb 26 14:06:14 2022 +1100
5130
5131    Allow ppoll_time64 in seccomp sandbox.
5132
5133    Should fix sandbox violations on (some? at least i386 and armhf) 32bit
5134    Linux platforms.  Patch from chutzpahu at gentoo.org and cjwatson at
5135    debian.org via bz#3396.
5136
5137commit 0132056efabc5edb85c3c7105d2fb6dee41843c6
5138Author: Darren Tucker <dtucker@dtucker.net>
5139Date:   Fri Feb 25 19:47:48 2022 +1100
5140
5141    Improve handling of _getshort and _getlong.
5142
5143    If the system native ones are exactly as required then use them,
5144    otherwise use the local versions mapped to another name to prevent
5145    name collisions.
5146
5147commit 8e206e0dd6b9f757b07979e48f53ad5bf9b7b52b
5148Author: Darren Tucker <dtucker@dtucker.net>
5149Date:   Fri Feb 25 15:14:22 2022 +1100
5150
5151    Constify utimes in compat library to match specs.
5152
5153    Patch from vapier at chromium.org.
5154
5155commit 1b2920e3b63db2eddebeec7330ffe8b723055573
5156Author: Darren Tucker <dtucker@dtucker.net>
5157Date:   Fri Feb 25 13:50:56 2022 +1100
5158
5159    ANSIfy getshort and getlong.
5160
5161    These functions appear to have come from OpenBSD's lib/libc/net/res_comp.c
5162    which made this change in 2005.
5163
5164commit 54a86f4f6e1c43a2ca2be23ef799ab8910d4af70
5165Author: Darren Tucker <dtucker@dtucker.net>
5166Date:   Fri Feb 25 13:23:04 2022 +1100
5167
5168    Use PICFLAG instead of hard coding -fPIC.
5169
5170commit 3016ba47035ac3561aabd48e2be70167fe157d6a
5171Author: Darren Tucker <dtucker@dtucker.net>
5172Date:   Fri Feb 25 11:37:11 2022 +1100
5173
5174    Add tests for latest releases of {Libre,Open}SSL.
5175
5176commit f107467179428a0e3ea9e4aa9738ac12ff02822d
5177Author: Colin Watson <cjwatson@debian.org>
5178Date:   Thu Feb 24 16:04:18 2022 +0000
5179
5180    Improve detection of -fzero-call-used-regs=all support
5181
5182    GCC doesn't tell us whether this option is supported unless it runs into
5183    the situation where it would need to emit corresponding code.
5184
5185commit 3383b2cac0e9275bc93c4b4760e6e048f537e1d6
5186Author: djm@openbsd.org <djm@openbsd.org>
5187Date:   Wed Feb 23 21:21:49 2022 +0000
5188
5189    upstream: free(3) wants stdlib.h
5190
5191    OpenBSD-Commit-ID: 227a8c70a95b4428c49e46863c9ef4bd318a3b8a
5192
5193commit a4537e79ab4ac6db4493c5158744b9ebde5efcb0
5194Author: djm@openbsd.org <djm@openbsd.org>
5195Date:   Wed Feb 23 21:21:16 2022 +0000
5196
5197    upstream: put back the scp manpage changes for SFTP mode too
5198
5199    OpenBSD-Commit-ID: 05dc53921f927e1b5e5694e1f3aa314549f2e768
5200
5201commit 449bcb8403adfb9724805d02a51aea76046de185
5202Author: deraadt@openbsd.org <deraadt@openbsd.org>
5203Date:   Wed Feb 23 19:01:00 2022 +0000
5204
5205    upstream: and we go back to testing sftp-scp after the 8.9
5206
5207    release...
5208
5209    OpenBSD-Commit-ID: a80440168258adca543a4607b871327a279c569c
5210
5211commit 166456cedad3962b83b848b1e9caf80794831f0f
5212Author: Damien Miller <djm@mindrot.org>
5213Date:   Wed Feb 23 22:31:11 2022 +1100
5214
5215    makedepend
5216
5217commit 32ebaa0dbca5d0bb86e384e72bebc153f48413e4
5218Author: djm@openbsd.org <djm@openbsd.org>
5219Date:   Wed Feb 23 11:18:13 2022 +0000
5220
5221    upstream: avoid integer overflow of auth attempts (harmless, caught
5222
5223    by monitor)
5224
5225    OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
5226
5227commit 6e0258c64c901753df695e06498b26f9f4812ea6
5228Author: djm@openbsd.org <djm@openbsd.org>
5229Date:   Wed Feb 23 11:17:10 2022 +0000
5230
5231    upstream: randomise the password used in fakepw
5232
5233    OpenBSD-Commit-ID: 34e159f73b1fbf0a924a9c042d8d61edde293947
5234
5235commit bf114d6f0a9df0b8369823d9a0daa6c72b0c4cc9
5236Author: djm@openbsd.org <djm@openbsd.org>
5237Date:   Wed Feb 23 11:15:57 2022 +0000
5238
5239    upstream: use asprintf to construct .rhosts paths
5240
5241    OpenBSD-Commit-ID: 8286e8d3d2c6ff916ff13d041d1713073f738a8b
5242
5243commit c07e154fbdc7285e9ec54e78d8a31f7325d43537
5244Author: djm@openbsd.org <djm@openbsd.org>
5245Date:   Wed Feb 23 11:07:09 2022 +0000
5246
5247    upstream: openssh-8.9
5248
5249    OpenBSD-Commit-ID: 5c5f791c87c483cdab6d9266b43acdd9ca7bde0e
5250
5251commit bc16667b4a1c3cad7029304853c143a32ae04bd4
5252Author: Darren Tucker <dtucker@dtucker.net>
5253Date:   Tue Feb 22 15:29:22 2022 +1100
5254
5255    Extend select+rlimit sanbox test to include poll.
5256
5257    POSIX specifies that poll() shall fail if "nfds argument is greater
5258    than {OPEN_MAX}".  The setrlimit sandbox sets this to effectively zero
5259    so this causes poll() to fail in the preauth privsep process.
5260
5261    This is likely the underlying cause for the previously observed similar
5262    behaviour of select() on plaforms where it is implement in userspace on
5263    top of poll().
5264
5265commit 6520c488de95366be031d49287ed243620399e23
5266Author: Darren Tucker <dtucker@dtucker.net>
5267Date:   Tue Feb 22 13:08:59 2022 +1100
5268
5269    Add Alpine Linux test VM.
5270
5271commit a4b325a3fc82d11e0f5d61f62e7fde29415f7afb
5272Author: Darren Tucker <dtucker@dtucker.net>
5273Date:   Tue Feb 22 12:27:07 2022 +1100
5274
5275    Include sys/param.h if present.
5276
5277    Needed for howmany() on MUSL systems such as Alpine.
5278
5279commit 5a102e9cb287a43bd7dfe594b775a89a8e94697c
5280Author: Darren Tucker <dtucker@dtucker.net>
5281Date:   Tue Feb 22 12:25:52 2022 +1100
5282
5283    Only include sys/poll.h if we don't have poll.h.
5284
5285    Prevents warnings on MUSL based systems such as Alpine.
5286
5287commit 7c0d4ce911d5c58b6166b2db754a4e91f352adf5
5288Author: Damien Miller <djm@mindrot.org>
5289Date:   Tue Feb 22 11:14:51 2022 +1100
5290
5291    disable agent-restrict test on minix3
5292
5293    Minix seems to have a platform-wide limit on the number of
5294    select(2) syscalls that can be concurrently issued. This test
5295    seems to exceed this limit.
5296
5297    Refer to:
5298
5299    https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L114
5300    https://github.com/Stichting-MINIX-Research-Foundation/minix/blob/R3.3.0/minix/servers/vfs/select.c#L30-L31
5301
5302commit 81d33d8e3cf7ea5ce3a5653c6102b623e019428a
5303Author: Darren Tucker <dtucker@dtucker.net>
5304Date:   Mon Feb 21 21:27:20 2022 +1100
5305
5306    Skip agent-getpeereid when running as root.
5307
5308commit fbd772570a25436a33924d91c164d2b24021f010
5309Author: dtucker@openbsd.org <dtucker@openbsd.org>
5310Date:   Sun Feb 20 03:47:26 2022 +0000
5311
5312    upstream: Aproximate realpath on the expected output by deduping
5313
5314    leading slashes. Fixes test failure when user's home dir is / which is
5315    possible in some portable configurations.
5316
5317    OpenBSD-Regress-ID: 53b8c53734f8893806961475c7106397f98d9f63
5318
5319commit 336685d223a59f893faeedf0a562e053fd84058e
5320Author: Darren Tucker <dtucker@dtucker.net>
5321Date:   Sun Feb 20 13:30:52 2022 +1100
5322
5323    Really move DSA to end of list.
5324
5325    In commit ad16a84e syncing from OpenBSD, RSA was accidentally moved to
5326    the end of the list instead of DSA.  Spotted by andrew at fyfe.gb.net.
5327
5328commit 63bf4f49ed2fdf2da6f97136c9df0c8168546eb3
5329Author: Darren Tucker <dtucker@dtucker.net>
5330Date:   Fri Feb 18 12:12:21 2022 +1100
5331
5332    Add test configs for MUSL C library.
5333
5334commit f7fc6a43f1173e8b2c38770bf6cee485a562d03b
5335Author: Damien Miller <djm@mindrot.org>
5336Date:   Thu Feb 17 22:54:19 2022 +1100
5337
5338    minix needs BROKEN_POLL too; chokes on /dev/null
5339
5340commit 667fec5d4fe4406745750a32f69b5d2e1a75e94b
5341Author: djm@openbsd.org <djm@openbsd.org>
5342Date:   Thu Feb 17 10:58:27 2022 +0000
5343
5344    upstream: check for EINTR/EAGAIN failures in the rfd fast-path; caught
5345
5346    by dtucker's minix3 vm :) ok dtucker@
5347
5348    OpenBSD-Commit-ID: 2e2c895a3e82ef347aa6694394a76a438be91361
5349
5350commit 41417dbda9fb55a0af49a8236e3ef9d50d862644
5351Author: Darren Tucker <dtucker@dtucker.net>
5352Date:   Thu Feb 17 22:05:29 2022 +1100
5353
5354    Comment hurd test, the VM is currently broken.
5355
5356commit b2aee35a1f0dc798339b3fcf96136da71b7e3f6d
5357Author: Damien Miller <djm@mindrot.org>
5358Date:   Thu Feb 17 21:15:16 2022 +1100
5359
5360    find sk-dummy.so when build_dir != src_dir
5361
5362    spotted by Corinna Vinschen; feedback & ok dtucker@
5363
5364commit 62a2d4e50b2e89f2ef04576931895d5139a5d037
5365Author: Damien Miller <djm@mindrot.org>
5366Date:   Wed Feb 16 16:26:17 2022 +1100
5367
5368    update versions in preparation for 8.9 release
5369
5370commit dd6d3dded721ac653ea73c017325e5bfeeec837f
5371Author: djm@openbsd.org <djm@openbsd.org>
5372Date:   Tue Feb 15 05:13:36 2022 +0000
5373
5374    upstream: document the unbound/host-bound options to
5375
5376    PubkeyAuthentication; spotted by HARUYAMA Seigo
5377
5378    OpenBSD-Commit-ID: 298f681b66a9ecd498f0700082c7a6c46e948981
5379
5380commit df93529dd727fdf2fb290700cd4f1adb0c3c084b
5381Author: Darren Tucker <dtucker@dtucker.net>
5382Date:   Mon Feb 14 14:19:40 2022 +1100
5383
5384    Test if sshd accidentally acquires controlling tty
5385
5386    When SSHD_ACQUIRES_CTTY is defined, test for the problematic behaviour
5387    in the STREAMS code before activating the workaround.  ok djm@
5388
5389commit 766176cfdbfd7ec38bb6118dde6e4daa0df34888
5390Author: Darren Tucker <dtucker@dtucker.net>
5391Date:   Sat Feb 12 10:24:56 2022 +1100
5392
5393    Add cygwin-release test config.
5394
5395    This tests the flags used to build the cygwin release binaries.
5396
5397commit b30698662b862f5397116d23688aac0764e0886e
5398Author: Darren Tucker <dtucker@dtucker.net>
5399Date:   Fri Feb 11 21:00:35 2022 +1100
5400
5401    Move SSHD_ACQUIRES_CTTY workaround into compat.
5402
5403    On some (most? all?) SysV based systems with STREAMS based ptys,
5404    sshd could acquire a controlling terminal during pty setup when
5405    it pushed the "ptem" module, due to what is probably a bug in
5406    the STREAMS driver that's old enough to vote.  Because it was the
5407    privileged sshd's controlling terminal, it was not available for
5408    the user's session, which ended up without one.  This is known to
5409    affect at least Solaris <=10, derivatives such as OpenIndiana and
5410    several other SysV systems.  See bz#245 for the backstory.
5411
5412    In the we past worked around that by not calling setsid in the
5413    privileged sshd child, which meant it was not a session or process
5414    group leader.  This solved controlling terminal problem because sshd
5415    was not eligble to acquire one, but had other side effects such as
5416    not cleaning up helper subprocesses in the SIGALRM handler since it
5417    was not PG leader.  Recent cleanups in the signal handler uncovered
5418    this, resulting in the LoginGraceTime timer not cleaning up privsep
5419    unprivileged processes.
5420
5421    This change moves the workaround into the STREAMS pty allocation code,
5422    by allocating a sacrificial pty to act as sshd's controlling terminal
5423    before allocating user ptys, so those are still available for users'
5424    sessions.
5425
5426    On the down side:
5427     - this will waste a pty per ssh connection on affected platforms.
5428
5429    On the up side:
5430     - it makes the process group behaviour consistent between platforms.
5431
5432     - it puts the workaround nearest the code that actually causes the
5433       problem and competely out of the mainline code.
5434
5435     - the workaround is only activated if you use the STREAMS code.  If,
5436       say, Solaris 11 has the bug but also a working openpty() it doesn't
5437       matter that we defined SSHD_ACQUIRES_CTTY.
5438
5439     - the workaround is only activated when the fist pty is allocated,
5440       ie in the post-auth privsep monitor.  This means there's no risk
5441       of fd leaks to the unprivileged processes, and there's no effect on
5442       sessions that do not allocate a pty.
5443
5444    Based on analysis and work by djm@, ok djm@
5445
5446commit cd00b48cf10f3565936a418c1e6d7e48b5c36140
5447Author: Darren Tucker <dtucker@dtucker.net>
5448Date:   Fri Feb 11 20:09:32 2022 +1100
5449
5450    Simplify handling of --with-ssl-dir.
5451
5452    ok djm@
5453
5454commit ea13fc830fc0e0dce2459f1fab2ec5099f73bdf0
5455Author: Darren Tucker <dtucker@dtucker.net>
5456Date:   Fri Feb 11 13:39:29 2022 +1100
5457
5458    Stop testing OpenBSD HEAD on 6.9 and 7.0.
5459
5460    HEAD is not guaranteed to work on previous stable branches, and at the
5461    moment is broken due to libfido API changes.
5462
5463commit 50b9e4a4514697ffb9592200e722de6b427cb9ff
5464Author: dtucker@openbsd.org <dtucker@openbsd.org>
5465Date:   Fri Feb 11 00:43:56 2022 +0000
5466
5467    upstream: Always initialize delim before passing to hpdelim2 which
5468
5469    might not set it. Found by the Valgrind tests on github, ok deraadt@
5470
5471    OpenBSD-Commit-ID: c830c0db185ca43beff3f41c19943c724b4f636d
5472
5473commit 6ee53064f476cf163acd5521da45b11b7c57321b
5474Author: Darren Tucker <dtucker@dtucker.net>
5475Date:   Fri Feb 11 10:03:06 2022 +1100
5476
5477    Fix helper include path and remove excess code.
5478
5479    Looks like test_hpdelim.c was imported twice into the same file.
5480    Spotted by kevin.brott at gmail com and chris at cataclysmal org.
5481
5482commit 9fa63a19f68bc87452d3cf5c577cafad2921b7a4
5483Author: Darren Tucker <dtucker@dtucker.net>
5484Date:   Thu Feb 10 23:27:02 2022 +1100
5485
5486    Put poll.h inside ifdef.
5487
5488commit 3ac00dfeb54b252c15dcbf1971582e9e3b946de6
5489Author: Darren Tucker <dtucker@dtucker.net>
5490Date:   Thu Feb 10 22:17:31 2022 +1100
5491
5492    We now support POLLPRI so actually define it.
5493
5494commit 25bd659cc72268f2858c5415740c442ee950049f
5495Author: dtucker@openbsd.org <dtucker@openbsd.org>
5496Date:   Sun Feb 6 22:58:33 2022 +0000
5497
5498    upstream: Add test for empty hostname with port.
5499
5500    OpenBSD-Regress-ID: e19e89d3c432b68997667efea44cf015bbe2a7e3
5501
5502commit a29af853cff41c0635f0378c00fe91bf9c91dea4
5503Author: dtucker@openbsd.org <dtucker@openbsd.org>
5504Date:   Fri Feb 4 07:53:44 2022 +0000
5505
5506    upstream: Add unit tests for hpdelim.
5507
5508    OpenBSD-Regress-ID: be97b85c19895e6a1ce13c639765a3b48fd95018
5509
5510commit 9699151b039ecc5fad9ac6c6c02e9afdbd26f15f
5511Author: djm@openbsd.org <djm@openbsd.org>
5512Date:   Thu Feb 10 04:12:38 2022 +0000
5513
5514    upstream: revert for imminent OpenSSH release, which wil ship with
5515
5516    scp in RCP mode.
5517
5518    > revision 1.106
5519    > date: 2021/10/15 14:46:46;  author: deraadt;  state: Exp;  lines: +13 -9;  commitid: w5n9B2RE38tFfggl;
5520    > openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
5521    > protocol for copying.  Let's get back to testing the SFTP protocol.
5522
5523    This will be put back once the OpenSSH release is done.
5524
5525    OpenBSD-Commit-ID: 0c725481a78210aceecff1537322c0b2df03e768
5526
5527commit 45279abceb37c3cbfac8ba36dde8b2c8cdd63d32
5528Author: dtucker@openbsd.org <dtucker@openbsd.org>
5529Date:   Tue Feb 8 08:59:12 2022 +0000
5530
5531    upstream: Switch hpdelim interface to accept only ":" as delimiter.
5532
5533    Historicallly, hpdelim accepted ":" or "/" as a port delimiter between
5534    hosts (or addresses) and ports.  These days most of the uses for "/"
5535    are no longer accepted, so there are several places where it checks the
5536    delimiter to disallow it.  Make hpdelim accept only ":" and use hpdelim2
5537    in the other cases.  ok djm@
5538
5539    OpenBSD-Commit-ID: 7e6420bd1be87590b6840973f5ad5305804e3102
5540
5541commit a1bcbf04a7c2d81944141db7ecd0ba292d175a66
5542Author: pedro martelletto <pedro@yubico.com>
5543Date:   Mon Feb 7 09:09:59 2022 +0100
5544
5545    fix typos in previous
5546
5547commit 56192518e329b39f063487bc2dc4d796f791eca0
5548Author: Damien Miller <djm@mindrot.org>
5549Date:   Mon Feb 7 12:53:47 2022 +1100
5550
5551    compat code for fido_assert_set_clientdata()
5552
5553commit d6b5aa08fdcf9b527f8b8f932432941d5b76b7ab
5554Author: djm@openbsd.org <djm@openbsd.org>
5555Date:   Mon Feb 7 01:25:12 2022 +0000
5556
5557    upstream: use libfido2 1.8.0+ fido_assert_set_clientdata() instead
5558
5559    of manually hashing data outselves. Saves a fair bit of code and makes life
5560    easier for some -portable platforms.
5561
5562    OpenBSD-Commit-ID: 351dfaaa5ab1ee928c0e623041fca28078cff0e0
5563
5564commit 86cc93fd3c26b2e0c7663c6394995fb04ebfbf3b
5565Author: jsg@openbsd.org <jsg@openbsd.org>
5566Date:   Sun Feb 6 00:29:03 2022 +0000
5567
5568    upstream: remove please from manual pages ok jmc@ sthen@ millert@
5569
5570    OpenBSD-Commit-ID: 6543acb00f4f38a23472538e1685c013ca1a99aa
5571
5572commit ad16a84e64a8cf1c69c63de3fb9008320a37009c
5573Author: dtucker@openbsd.org <dtucker@openbsd.org>
5574Date:   Fri Feb 4 02:49:17 2022 +0000
5575
5576    upstream: Since they are deprecated, move DSA to the end of the
5577
5578    default list of public keys so that they will be tried last.  From github
5579    PR#295 from "ProBackup-nl", ok djm@
5580
5581    OpenBSD-Commit-ID: 7e5d575cf4971d4e2de92e0b6d6efaba53598bf0
5582
5583commit 253de42753de85dde266e061b6fec12ca6589f7d
5584Author: Damien Miller <djm@mindrot.org>
5585Date:   Wed Feb 2 16:52:07 2022 +1100
5586
5587    portable-specific string array constification
5588
5589    from Mike Frysinger
5590
5591commit dfdcc2220cf359c492d5d34eb723370e8bd8a19e
5592Author: djm@openbsd.org <djm@openbsd.org>
5593Date:   Tue Feb 1 23:37:15 2022 +0000
5594
5595    upstream: test 'ssh-keygen -Y find-principals' with wildcard
5596
5597    principals; from Fabian Stelzer
5598
5599    OpenBSD-Regress-ID: fbe4da5f0032e7ab496527a5bf0010fd700f8f40
5600
5601commit 968e508967ef42480cebad8cf3172465883baa77
5602Author: dtucker@openbsd.org <dtucker@openbsd.org>
5603Date:   Fri Jan 21 02:54:41 2022 +0000
5604
5605    upstream: Enable all supported ciphers and macs in the server
5606
5607    before trying to benchmark them.  Increase the data file size to get more
5608    signal.
5609
5610    OpenBSD-Regress-ID: dc3697d9f7defdfc51c608782c8e750128e46eb6
5611
5612commit 15b7199a1fd37eff4c695e09d573f3db9f4274b7
5613Author: djm@openbsd.org <djm@openbsd.org>
5614Date:   Tue Feb 1 23:34:47 2022 +0000
5615
5616    upstream: allow 'ssh-keygen -Y find-principals' to match wildcard
5617
5618    principals in allowed_signers files; from Fabian Stelzer
5619
5620    OpenBSD-Commit-ID: 1e970b9c025b80717dddff5018fe5e6f470c5098
5621
5622commit 541667fe6dc26d7881e55f0bb3a4baa6f3171645
5623Author: djm@openbsd.org <djm@openbsd.org>
5624Date:   Tue Feb 1 23:32:51 2022 +0000
5625
5626    upstream: mark const string array contents const too, i.e. static
5627
5628    const char *array => static const char * const array from Mike Frysinger
5629
5630    OpenBSD-Commit-ID: a664e31ea6a795d7c81153274a5f47b22bdc9bc1
5631
5632commit 8cfa73f8a2bde4c98773f33f974c650bdb40dd3c
5633Author: djm@openbsd.org <djm@openbsd.org>
5634Date:   Tue Feb 1 23:11:11 2022 +0000
5635
5636    upstream: better match legacy scp behaviour: show un-expanded paths
5637
5638    in error messages. Spotted by and ok tb@
5639
5640    OpenBSD-Commit-ID: 866c8ffac5bd7d38ecbfc3357c8adfa58af637b7
5641
5642commit 4e62c13ab419b4b224c8bc6a761e91fcf048012d
5643Author: dtucker@openbsd.org <dtucker@openbsd.org>
5644Date:   Tue Feb 1 07:57:32 2022 +0000
5645
5646    upstream: Remove explicit kill of privsep preauth child's PID in
5647
5648    SIGALRM handler. It's no longer needed since the child will get terminated by
5649    the SIGTERM to the process group that cleans up any auth helpers, it
5650    simplifies the signal handler and removes the risk of a race when updating
5651    the PID. Based on analysis by HerrSpace in github PR#289, ok djm@
5652
5653    OpenBSD-Commit-ID: 2be1ffa28b4051ad9e33bb4371e2ec8a31d6d663
5654
5655commit 2a7ccd2ec4022917b745af7186f514f365b7ebe9
5656Author: guenther@openbsd.org <guenther@openbsd.org>
5657Date:   Fri Jan 28 06:18:42 2022 +0000
5658
5659    upstream: When it's the possessive of 'it', it's spelled "its",
5660
5661    without the apostrophe.
5662
5663    OpenBSD-Commit-ID: fb6ab9c65bd31de831da1eb4631ddac018c5fae7
5664
5665commit 8a0848cdd3b25c049332cd56034186b7853ae754
5666Author: Alex James <theracermaster@gmail.com>
5667Date:   Sun Jan 30 16:13:36 2022 -0600
5668
5669    sandbox-seccomp-filter: allow gettid
5670
5671    Some allocators (such as Scudo) use gettid while tracing allocations [1].
5672    Allow gettid in preauth to prevent sshd from crashing with Scudo.
5673
5674    [1]: https://github.com/llvm/llvm-project/blob/llvmorg-13.0.0/compiler-rt/lib/gwp_asan/common.cpp#L46
5675
5676commit b30d32159dc3c7052f4bfdf36357996c905af739
5677Author: djm@openbsd.org <djm@openbsd.org>
5678Date:   Sat Jan 22 00:49:34 2022 +0000
5679
5680    upstream: add a ssh_packet_process_read() function that reads from
5681
5682    a fd directly into the transport input buffer.
5683
5684    Use this in the client and server mainloops to avoid unnecessary
5685    copying. It also lets us use a more greedy read size without penalty.
5686
5687    Yields a 2-3% performance gain on cipher-speed.sh (in a fairly
5688    unscientific test tbf)
5689
5690    feedback dtucker@ ok markus@
5691
5692    OpenBSD-Commit-ID: df4112125bf79d8e38e79a77113e1b373078e632
5693
5694commit a1a8efeaaa9cccb15cdc0a2bd7c347a149a3a7e3
5695Author: djm@openbsd.org <djm@openbsd.org>
5696Date:   Sat Jan 22 00:45:31 2022 +0000
5697
5698    upstream: Use sshbuf_read() to read directly into the channel input
5699
5700    buffer rather than into a stack buffer that needs to be copied again;
5701    Improves performance by about 1% on cipher-speed.sh feedback dtucker@ ok
5702    markus@
5703
5704    OpenBSD-Commit-ID: bf5e6e3c821ac3546dc8241d8a94e70d47716572
5705
5706commit 29a76994e21623a1f84d68ebb9dc5a3c909fa3a7
5707Author: Damien Miller <djm@mindrot.org>
5708Date:   Tue Jan 25 11:52:34 2022 +1100
5709
5710    depend
5711
5712commit 754e0d5c7712296a7a3a83ace863812604c7bc4f
5713Author: djm@openbsd.org <djm@openbsd.org>
5714Date:   Sat Jan 22 00:43:43 2022 +0000
5715
5716    upstream: Add a sshbuf_read() that attempts to read(2) directly in
5717
5718    to a sshbuf; ok markus@
5719
5720    OpenBSD-Commit-ID: 2d8f249040a4279f3bc23c018947384de8d4a45b
5721
5722commit c7964fb9829d9ae2ece8b51a76e4a02e8449338d
5723Author: djm@openbsd.org <djm@openbsd.org>
5724Date:   Fri Jan 21 07:04:19 2022 +0000
5725
5726    upstream: add a helper for writing an error message to the
5727
5728    stderr_buf and setting quit_pending; no functional change but saves a bunch
5729    of boilerplate
5730
5731    OpenBSD-Commit-ID: 0747657cad6b9eabd514a6732adad537568e232d
5732
5733commit d23b4f7fdb1bd87e2cd7a9ae7c198ae99d347916
5734Author: djm@openbsd.org <djm@openbsd.org>
5735Date:   Fri Jan 21 06:58:06 2022 +0000
5736
5737    upstream: correct comment and use local variable instead of long
5738
5739    indirection; spotted by dtucker@
5740
5741    OpenBSD-Commit-ID: 5f65f5f69db2b7d80a0a81b08f390a63f8845965
5742
5743commit d069b020a02b6e3935080204ee44d233e8158ebb
5744Author: deraadt@openbsd.org <deraadt@openbsd.org>
5745Date:   Fri Jan 21 00:53:40 2022 +0000
5746
5747    upstream: When poll(2) returns -1, for some error conditions
5748
5749    pfd[].revents is not cleared.  There are subtle errors in various programs.
5750    In this particular case, the program should error out. ok djm millert
5751
5752    OpenBSD-Commit-ID: 00f839b16861f7fb2adcf122e95e8a82fa6a375c
5753
5754commit e204b34337a965feb439826157c191919fd9ecf8
5755Author: Damien Miller <djm@mindrot.org>
5756Date:   Sat Jan 22 11:38:21 2022 +1100
5757
5758    restore tty force-read hack
5759
5760    This portable-specific hack fixes a hang on exit for ttyful sessions
5761    on Linux and some SysVish Unix variants. It was accidentally disabled
5762    in commit 5c79952dfe1a (a precursor to the mainloop poll(2) conversion).
5763
5764    Spotted by John in bz3383
5765
5766commit 68085066b6bad43643b43f5957fcc5fd34782ccd
5767Author: Corinna Vinschen <vinschen@redhat.com>
5768Date:   Fri Jan 21 03:22:56 2022 +1100
5769
5770    Fix signedness bug in Cygwin code
5771
5772    The Cygwin-specific pattern match code has a bug.  It checks
5773    the size_t value returned by mbstowcs for being < 0.  The right
5774    thing to do is to check against (size_t) -1.  Fix that.
5775
5776    Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
5777
5778commit 2e5cfed513e84444483baf1d8b31c40072b05103
5779Author: Darren Tucker <dtucker@dtucker.net>
5780Date:   Thu Jan 20 13:26:27 2022 +1100
5781
5782    Improve compatibility of early exit trap handling.
5783
5784    Dash (as used by the github runners) has some differences in its trap
5785    builtin:
5786     - it doesn't have -p (which is fine, that's not in posix).
5787     - it doesn't work in a subshell (which turns out to be in compliance
5788       with posix, which means bash isn't).
5789     - it doesn't work in a pipeline, ie "trap|cat" produces no output.
5790
5791commit 3fe6800b6027add478e648934cbb29d684e51943
5792Author: Darren Tucker <dtucker@dtucker.net>
5793Date:   Thu Jan 20 00:49:57 2022 +1100
5794
5795    Move more tests out of valgrind-1 runner.
5796
5797commit 20da6ed136dd76e6a0b229ca3036ef9c7c7ef798
5798Author: Darren Tucker <dtucker@dtucker.net>
5799Date:   Wed Jan 19 15:37:39 2022 +1100
5800
5801    Invoke EXIT handler early when using Valgrind.
5802
5803    When using Valgrind, we need to wait for all invoked programs to
5804    complete before checking their valgrind logs.  Some tests, notably
5805    agent-restrict, set an EXIT trap handler to clean up things like
5806    ssh-agent, but those do not get invoked until test-exec.sh exits.
5807    This causes the Valgrind wait to deadlock, so if present invoke
5808    the EXIT handler before checking the Valgrind logs.
5809
5810commit ad2e0580c87b0714cf166bca9d926a95ddeee1c8
5811Author: Darren Tucker <dtucker@dtucker.net>
5812Date:   Tue Jan 18 12:55:21 2022 +1100
5813
5814    Remove line leftover from upstream sync.
5815
5816commit d1051c0f11a6b749027e26bbeb61b07df4b67e15
5817Author: djm@openbsd.org <djm@openbsd.org>
5818Date:   Mon Jan 17 22:56:04 2022 +0000
5819
5820    upstream: when decompressing zlib compressed packets, use
5821
5822    Z_SYNC_FLUSH instead of Z_PARTIAL_FLUSH as the latter is not actually
5823    specified as a valid mode for inflate(). There should be no practical change
5824    in behaviour as the compression side ensures a flush that should make all
5825    data available to the receiver in all cases.
5826
5827    repoted by lamm AT ibm.com via bz3372; ok markus
5828
5829    OpenBSD-Commit-ID: 67cfc1fa8261feae6d2cc0c554711c97867cc81b
5830
5831commit d5981b1883746b1ae178a46229c26b53af99e37a
5832Author: djm@openbsd.org <djm@openbsd.org>
5833Date:   Mon Jan 17 21:41:04 2022 +0000
5834
5835    upstream: make most of the sftp errors more idiomatic, following
5836
5837    the general form of "[local/remote] operation path: error message"; ok markus
5838
5839    OpenBSD-Commit-ID: 61364cd5f3a9fecaf8d63b4c38a42c0c91f8b571
5840
5841commit ac7c9ec894ed0825d04ef69c55babb49bab1d32e
5842Author: djm@openbsd.org <djm@openbsd.org>
5843Date:   Mon Jan 17 21:39:51 2022 +0000
5844
5845    upstream: when transferring multiple files in SFTP mode, create the
5846
5847    destination directory if it doesn't already exist to match olde-scp(1)
5848    behaviour. noticed by deraadt@ ok markus@
5849
5850    OpenBSD-Commit-ID: cf44dfa231d4112f697c24ff39d7ecf2e6311407
5851
5852commit 39d17e189f8e72c34c722579d8d4e701fa5132da
5853Author: djm@openbsd.org <djm@openbsd.org>
5854Date:   Fri Jan 14 03:43:48 2022 +0000
5855
5856    upstream: allow pin-required FIDO keys to be added to ssh-agent(1).
5857
5858    ssh-askpass will be used to request the PIN at authentication time.
5859
5860    From Pedro Martelletto, ok djm
5861
5862    OpenBSD-Commit-ID: de8189fcd35b45f632484864523c1655550e2950
5863
5864commit 52423f64e13db2bdc31a51b32e999cb1bfcf1263
5865Author: djm@openbsd.org <djm@openbsd.org>
5866Date:   Fri Jan 14 03:35:10 2022 +0000
5867
5868    upstream: ssh-sk: free a resident key's user id
5869
5870    From Pedro Martelletto; ok dtucker & me
5871
5872    OpenBSD-Commit-ID: 47be40d602b7a6458c4c71114df9b53d149fc2e9
5873
5874commit 014e2f147a2788bfb3cc58d1b170dcf2bf2ee493
5875Author: djm@openbsd.org <djm@openbsd.org>
5876Date:   Fri Jan 14 03:34:00 2022 +0000
5877
5878    upstream: sshsk_load_resident: don't preallocate resp
5879
5880    resp is allocated by client_converse(), at which point we lose
5881    the original pointer.
5882
5883    From Pedro Martelletto; ok dtucker & me
5884
5885    OpenBSD-Commit-ID: 1f1b5ea3282017d6584dfed4f8370dc1db1f44b1
5886
5887commit c88265f207dfe0e8bdbaf9f0eda63ed6b33781cf
5888Author: djm@openbsd.org <djm@openbsd.org>
5889Date:   Fri Jan 14 03:32:52 2022 +0000
5890
5891    upstream: sshsk_sign: trim call to sshkey_fingerprint()
5892
5893    the resulting fingerprint doesn't appear to be used for anything,
5894    and we end up leaking it.
5895
5896    from Pedro Martelletto; ok dtucker & me
5897
5898    OpenBSD-Commit-ID: 5625cf6c68f082bc2cbbd348e69a3ed731d2f9b7
5899
5900commit 1cd1b2eac39661b849d5a4b4b56363e22bb5f61e
5901Author: djm@openbsd.org <djm@openbsd.org>
5902Date:   Fri Jan 14 03:31:52 2022 +0000
5903
5904    upstream: use status error message to communicate ~user expansion
5905
5906    failures; provides better experience for scp in sftp mode, where ~user paths
5907    are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
5908    markus
5909
5910    (forgot to include this file in previous commit)
5911
5912    OpenBSD-Commit-ID: d37cc4c8c861ce48cd6ea9899e96aaac3476847b
5913
5914commit a1d42a6ce0398da3833bedf374ef2571af7fea50
5915Author: Damien Miller <djm@mindrot.org>
5916Date:   Fri Jan 14 13:49:32 2022 +1100
5917
5918    fix edge case in poll(2) wrapper
5919
5920    Correct handling of select(2) exceptfds. These should only be consulted
5921    for POLLPRI flagged pfds and not unconditionally converted to POLLERR.
5922
5923    with and ok dtucker@
5924
5925commit 976b9588b4b5babcaceec4767a241c11a67a5ccb
5926Author: Darren Tucker <dtucker@dtucker.net>
5927Date:   Fri Jan 14 13:46:35 2022 +1100
5928
5929    Wrap OpenSSL includes in unit tests in ifdef.
5930
5931    Fixes unit test on systems that do not have OpenSSL headers installed.
5932
5933commit c171879374b2e8b07157503f5639ed0bce59ce89
5934Author: Darren Tucker <dtucker@dtucker.net>
5935Date:   Thu Jan 13 15:53:33 2022 +1100
5936
5937    Remove sort wrapper.
5938
5939    agent-restrict now takes care of this itself.
5940
5941commit 9cc2654403f1a686bb26c07a6ac790edf334cef5
5942Author: dtucker@openbsd.org <dtucker@openbsd.org>
5943Date:   Thu Jan 13 04:53:16 2022 +0000
5944
5945    upstream: Set LC_ALL in both local and remote shells so that sorted
5946
5947    output matches regardless of what the user's shell sets it to.  ok djm@
5948
5949    OpenBSD-Regress-ID: 4e97dd69a68b05872033175a4c2315345d01837f
5950
5951commit 7a75f748cb2dd2f771bf70ea72698aa027996ab1
5952Author: dtucker@openbsd.org <dtucker@openbsd.org>
5953Date:   Thu Jan 13 04:22:10 2022 +0000
5954
5955    upstream: Avoid %'s in commands (not used in OpenBSD, but used in
5956
5957    -portable's Valgrind test) being interpretted as printf format strings.
5958
5959    OpenBSD-Regress-ID: dc8655db27ac4acd2c386c4681bf42a10d80b043
5960
5961commit 6c435bd4994d71442192001483a1cdb846e5ffcd
5962Author: Darren Tucker <dtucker@dtucker.net>
5963Date:   Wed Jan 12 16:58:13 2022 +1100
5964
5965    Stop on first test failure to minimize logs.
5966
5967commit 4bc2ba6095620a4484b708ece12842afd8c7685b
5968Author: dtucker@openbsd.org <dtucker@openbsd.org>
5969Date:   Wed Jan 12 07:18:37 2022 +0000
5970
5971    upstream: Use egrep when searching for an anchored string.
5972
5973    OpenBSD-Regress-ID: dd114a2ac27ac4b06f9e4a586d3f6320c54aeeb4
5974
5975commit 6bf2efa2679da1e8e60731f41677b2081dedae2c
5976Author: Darren Tucker <dtucker@dtucker.net>
5977Date:   Wed Jan 12 18:25:06 2022 +1100
5978
5979    Add "rev" command replacement if needed.
5980
5981commit 72bcd7993dadaf967bb3d8564ee31cbf38132b5d
5982Author: dtucker@openbsd.org <dtucker@openbsd.org>
5983Date:   Wed Jan 12 03:30:32 2022 +0000
5984
5985    upstream: Don't log NULL hostname in restricted agent code,
5986
5987    printf("%s", NULL) is not safe on all platforms.  with & ok djm
5988
5989    OpenBSD-Commit-ID: faf10cdae4adde00cdd668cd1f6e05d0a0e32a02
5990
5991commit acabefe3f8fb58c867c99fed9bbf84dfa1771727
5992Author: djm@openbsd.org <djm@openbsd.org>
5993Date:   Tue Jan 11 22:33:16 2022 +0000
5994
5995    upstream: remove hardcoded domain and use window.location.host, so this
5996
5997    can be run anywhere
5998
5999    OpenBSD-Regress-ID: 2ac2ade3b6227d9c547351d3ccdfe671e62b7f92
6000
6001commit 96da0946e44f34adc0397eb7caa6ec35a3e79891
6002Author: dtucker@openbsd.org <dtucker@openbsd.org>
6003Date:   Tue Jan 11 02:56:19 2022 +0000
6004
6005    upstream: "void" functions should not return anything. From Tim Rice
6006
6007    via -portable.
6008
6009    OpenBSD-Commit-ID: ce6616304f4c9881b46413e616b226c306830e2a
6010
6011commit a882a09722c9f086c9edb65d0c4022fd965ec1ed
6012Author: djm@openbsd.org <djm@openbsd.org>
6013Date:   Tue Jan 11 01:26:47 2022 +0000
6014
6015    upstream: suppress "Connection to xxx closed" messages at LogLevel >=
6016
6017    error bz3378; ok dtucker@
6018
6019    OpenBSD-Commit-ID: d5bf457d5d2eb927b81d0663f45248a31028265c
6020
6021commit 61a1a6af22e17fc94999a5d1294f27346e6c4668
6022Author: Damien Miller <djm@mindrot.org>
6023Date:   Wed Jan 12 08:57:49 2022 +1100
6024
6025    OS X poll(2) is broken; use compat replacement
6026
6027    Darwin's poll(2) implementation is broken. For character-special
6028    devices like /dev/null, it returns POLLNVAL when polled with
6029    POLLIN.
6030
6031    Apparently this is Apple bug 3710161, which is AFAIK not public,
6032    but a websearch will find other OSS projects rediscovering it
6033    periodically since it was first identified in 2005 (!!)
6034
6035commit 613a6545fc5a9542753b503cbe5906538a640b60
6036Author: Darren Tucker <dtucker@dtucker.net>
6037Date:   Tue Jan 11 20:56:01 2022 +1100
6038
6039    libhardended_malloc.so moved into out dir.
6040
6041commit 61761340be5e11046556623f8f5412b236cefa95
6042Author: Tim Rice <tim@multitalents.net>
6043Date:   Mon Jan 10 11:07:04 2022 -0800
6044
6045    Make USL compilers happy
6046    UX:acomp: ERROR: "sftp-server.c", line 567: void function cannot return value
6047
6048commit 3ef403f351e80a59b6f7e9d43cb82c181855483c
6049Author: Darren Tucker <dtucker@dtucker.net>
6050Date:   Mon Jan 10 21:07:38 2022 +1100
6051
6052    Add wrapper for "sort" to set LC_ALL=C.
6053
6054    Found by djm, this should make sorts stable and reduce test flakiness.
6055
6056commit bd69e29f5716090181dbe0b8272eb7eab1a383bb
6057Author: dtucker@openbsd.org <dtucker@openbsd.org>
6058Date:   Sat Jan 8 07:55:26 2022 +0000
6059
6060    upstream: Remove errant "set -x" left over from debugging.
6061
6062    OpenBSD-Regress-ID: cd989268e034264cec5df97be7581549032c87dc
6063
6064commit 1a7c88e26fd673813dc5f61c4ac278564845e004
6065Author: dtucker@openbsd.org <dtucker@openbsd.org>
6066Date:   Sat Jan 8 07:01:13 2022 +0000
6067
6068    upstream: Enable all supported hostkey algorithms (but no others).
6069
6070    Allows hostbased test to pass when built without OpenSSL.
6071
6072    OpenBSD-Regress-ID: 5ddd677a68b672517e1e78460dc6ca2ccc0a9562
6073
6074commit 12b457c2a42ff271e7967d9bedd068cebb048db9
6075Author: djm@openbsd.org <djm@openbsd.org>
6076Date:   Sat Jan 8 07:37:32 2022 +0000
6077
6078    upstream: use status error message to communicate ~user expansion
6079
6080    failures; provides better experience for scp in sftp mode, where ~user paths
6081    are more likely to be used; spotted jsg, feedback jsg & deraadt ok jsg &
6082    markus
6083
6084    OpenBSD-Commit-ID: fc610ce00ca0cdc2ecdabbd49ce7cb82033f905f
6085
6086commit 63670d4e9030bcee490d5a9cce561373ac5b3b23
6087Author: djm@openbsd.org <djm@openbsd.org>
6088Date:   Sat Jan 8 07:36:11 2022 +0000
6089
6090    upstream: fix some corner-case bugs in scp sftp-mode handling of
6091
6092    ~-prefixed paths; spotted by jsg; feedback jsg & deraadt, ok jsg & markus
6093
6094    OpenBSD-Commit-ID: d1697dbaaa9f0f5649d69be897eab25c7d37c222
6095
6096commit e14940bbec57fc7d3ce0644dbefa35f5a8ec97d0
6097Author: djm@openbsd.org <djm@openbsd.org>
6098Date:   Sat Jan 8 07:34:57 2022 +0000
6099
6100    upstream: more idiomatic error messages; spotted by jsg & deraadt
6101
6102    ok jsg & markus
6103
6104    OpenBSD-Commit-ID: 43618c692f3951747b4151c477c7df22afe2bcc8
6105
6106commit 9acddcd5918c623f7ebf454520ffe946a8f15e90
6107Author: djm@openbsd.org <djm@openbsd.org>
6108Date:   Sat Jan 8 07:33:54 2022 +0000
6109
6110    upstream: add a variant of send_status() that allows overriding the
6111
6112    default, generic error message. feedback/ok markus & jsg
6113
6114    OpenBSD-Commit-ID: 81f251e975d759994131b717ee7c0b439659c40f
6115
6116commit 961411337719d4cd78f1ab33e4ac549f3fa22f50
6117Author: djm@openbsd.org <djm@openbsd.org>
6118Date:   Sat Jan 8 07:32:45 2022 +0000
6119
6120    upstream: refactor tilde_expand_filename() and make it handle ~user
6121
6122    paths with no trailing slash; feedback/ok markus and jsg
6123
6124    OpenBSD-Commit-ID: a2ab365598a902f0f14ba6a4f8fb2d07a9b5d51d
6125
6126commit dc38236ab6827dec575064cac65c8e7035768773
6127Author: dtucker@openbsd.org <dtucker@openbsd.org>
6128Date:   Thu Jan 6 22:14:25 2022 +0000
6129
6130    upstream: Don't explicitly set HostbasedAuthentication in
6131
6132    sshd_config. It defaults to "no", and not explicitly setting it allows us to
6133    enable it for the (optional) hostbased test.
6134
6135    OpenBSD-Regress-ID: aa8e3548eb5793721641d26e56c29f363b767c0c
6136
6137commit e12d912ddf1c873cb72e5de9a197afbe0b6622d2
6138Author: dtucker@openbsd.org <dtucker@openbsd.org>
6139Date:   Thu Jan 6 21:46:56 2022 +0000
6140
6141    upstream: Add test for hostbased auth. It requires some external
6142
6143    setup (see comments at the top) and thus is disabled unless
6144    TEST_SSH_HOSTBASED_AUTH and SUDO are set.
6145
6146    OpenBSD-Regress-ID: 3ec8ba3750c5b595fc63e7845d13483065a4827a
6147
6148commit a48533a8da6a0f4f05ecd055dc8048047e53569e
6149Author: Damien Miller <djm@mindrot.org>
6150Date:   Fri Jan 7 09:24:26 2022 +1100
6151
6152    depend
6153
6154commit d9dbb5d9a0326e252d3c7bc13beb9c2434f59409
6155Author: djm@openbsd.org <djm@openbsd.org>
6156Date:   Thu Jan 6 22:06:51 2022 +0000
6157
6158    upstream: allow hostbased auth to select RSA keys when only
6159
6160    RSA/SHA2 are configured (this is the default case); ok markus@
6161
6162    OpenBSD-Commit-ID: 411c18c7bde40c60cc6dfb7017968577b4d4a827
6163
6164commit fdb1d58d0d3888b042e5a500f6ce524486aaf782
6165Author: djm@openbsd.org <djm@openbsd.org>
6166Date:   Thu Jan 6 22:05:42 2022 +0000
6167
6168    upstream: add a helper function to match a key type to a list of
6169
6170    signature algorithms. RSA keys can make signatures with multiple algorithms,
6171    so some special handling is required. ok markus@
6172
6173    OpenBSD-Commit-ID: 03b41b2bda06fa4cd9c84cef6095033b9e49b6ff
6174
6175commit 11e8c4309a5086a45fbbbc87d0af5323c6152914
6176Author: djm@openbsd.org <djm@openbsd.org>
6177Date:   Thu Jan 6 22:04:20 2022 +0000
6178
6179    upstream: log some details on hostkeys that ssh loads for
6180
6181    hostbased authn ok markus@
6182
6183    OpenBSD-Commit-ID: da17061fa1f0e58cb31b88478a40643e18233e38
6184
6185commit c6706f661739514a34125aa3136532a958929510
6186Author: djm@openbsd.org <djm@openbsd.org>
6187Date:   Thu Jan 6 22:03:59 2022 +0000
6188
6189    upstream: log signature algorithm during verification by monitor;
6190
6191    ok markus
6192
6193    OpenBSD-Commit-ID: 02b92bb42c4d4bf05a051702a56eb915151d9ecc
6194
6195commit 8832402bd500d1661ccc80a476fd563335ef6cdc
6196Author: djm@openbsd.org <djm@openbsd.org>
6197Date:   Thu Jan 6 22:02:52 2022 +0000
6198
6199    upstream: piece of UpdateHostkeys client strictification: when
6200
6201    updating known_hosts with new keys, ignore NULL keys (forgot to include in
6202    prior commit)
6203
6204    OpenBSD-Commit-ID: 49d2eda6379490e1ceec40c3b670b973f63dea08
6205
6206commit c2d9ced1da0276961d86690b3bd7ebdaca7fdbf7
6207Author: djm@openbsd.org <djm@openbsd.org>
6208Date:   Thu Jan 6 22:01:14 2022 +0000
6209
6210    upstream: include rejected signature algorithm in error message
6211
6212    and not the (useless) key type; ok markus
6213
6214    OpenBSD-Commit-ID: 4180b5ec7ab347b43f84e00b1972515296dab023
6215
6216commit 7aa7b096cf2bafe2777085abdeed5ce00581f641
6217Author: djm@openbsd.org <djm@openbsd.org>
6218Date:   Thu Jan 6 22:00:18 2022 +0000
6219
6220    upstream: make ssh-keysign use the requested signature algorithm
6221
6222    and not the default for the keytype. Part of unbreaking hostbased auth for
6223    RSA/SHA2 keys. ok markus@
6224
6225    OpenBSD-Commit-ID: b5639a14462948970da3a8020dc06f9a80ecccdc
6226
6227commit 291721bc7c840d113a49518f3fca70e86248b8e8
6228Author: djm@openbsd.org <djm@openbsd.org>
6229Date:   Thu Jan 6 21:57:28 2022 +0000
6230
6231    upstream: stricter UpdateHostkey signature verification logic on
6232
6233    the client- side. Require RSA/SHA2 signatures for RSA hostkeys except when
6234    RSA/SHA1 was explicitly negotiated during initial KEX; bz3375
6235
6236    ok markus@
6237
6238    OpenBSD-Commit-ID: 46e75e8dfa2c813781805b842580dcfbd888cf29
6239
6240commit 0fa33683223c76289470a954404047bc762be84c
6241Author: djm@openbsd.org <djm@openbsd.org>
6242Date:   Thu Jan 6 21:55:23 2022 +0000
6243
6244    upstream: Fix signature algorithm selection logic for
6245
6246    UpdateHostkeys on the server side. The previous code tried to prefer RSA/SHA2
6247    for hostkey proofs of RSA keys, but missed some cases. This will use RSA/SHA2
6248    signatures for RSA keys if the client proposed these algorithms in initial
6249    KEX. bz3375
6250
6251    Mostly by Dmitry Belyavskiy with some tweaks by me.
6252
6253    ok markus@
6254
6255    OpenBSD-Commit-ID: c17ba0c3236340d2c6a248158ebed042ac6a8029
6256
6257commit 17877bc81db3846e6e7d4cfb124d966bb9c9296b
6258Author: djm@openbsd.org <djm@openbsd.org>
6259Date:   Thu Jan 6 21:48:38 2022 +0000
6260
6261    upstream: convert ssh, sshd mainloops from select() to poll();
6262
6263    feedback & ok deraadt@ and markus@ has been in snaps for a few months
6264
6265    OpenBSD-Commit-ID: a77e16a667d5b194dcdb3b76308b8bba7fa7239c
6266
6267commit 5c79952dfe1aa36105c93b3f383ce9be04dee384
6268Author: djm@openbsd.org <djm@openbsd.org>
6269Date:   Thu Jan 6 21:46:23 2022 +0000
6270
6271    upstream: prepare for conversion of ssh, sshd mainloop from
6272
6273    select() to poll() by moving FD_SET construction out of channel handlers into
6274    separate functions. ok markus
6275
6276    OpenBSD-Commit-ID: 937fbf2a4de12b19fb9d5168424e206124807027
6277
6278commit 24c5187edfef4651a625b7d5d692c8c7e794f71f
6279Author: djm@openbsd.org <djm@openbsd.org>
6280Date:   Wed Jan 5 21:54:37 2022 +0000
6281
6282    upstream: add a comment so I don't make this mistake again
6283
6284    OpenBSD-Commit-ID: 69c7f2362f9de913bb29b6318580c5a1b52c921e
6285
6286commit 7369900441929058263a17f56aa67e05ff7ec628
6287Author: djm@openbsd.org <djm@openbsd.org>
6288Date:   Wed Jan 5 21:50:00 2022 +0000
6289
6290    upstream: fix cut-and-pasto in error message
6291
6292    OpenBSD-Commit-ID: 4cc5c619e4b456cd2e9bb760d17e3a9c84659198
6293
6294commit 294c11b1c7d56d3fb61e329603a782315ed70c62
6295Author: djm@openbsd.org <djm@openbsd.org>
6296Date:   Wed Jan 5 08:25:05 2022 +0000
6297
6298    upstream: select all RSA hostkey algorithms for UpdateHostkeys tests,
6299
6300    not just RSA-SHA1
6301
6302    OpenBSD-Regress-ID: b40e62b65863f2702a0c10aca583b2fe76772bd8
6303
6304commit 2ea1108c30e3edb6f872dfc1e6da10b041ddf2c0
6305Author: djm@openbsd.org <djm@openbsd.org>
6306Date:   Wed Jan 5 04:56:15 2022 +0000
6307
6308    upstream: regress test both sshsig message hash algorithms, possible
6309
6310    now because the algorithm is controllable via the CLI
6311
6312    OpenBSD-Regress-ID: 0196fa87acc3544b2b4fd98de844a571cb09a39f
6313
6314commit 2327c306b5d4a2b7e71178e5a4d139af9902c2b0
6315Author: djm@openbsd.org <djm@openbsd.org>
6316Date:   Wed Jan 5 04:50:11 2022 +0000
6317
6318    upstream: allow selection of hash at sshsig signing time; code
6319
6320    already supported either sha512 (default) or sha256, but plumbing wasn't
6321    there mostly by Linus Nordberg
6322
6323    OpenBSD-Commit-ID: 1b536404b9da74a84b3a1c8d0b05fd564cdc96cd
6324
6325commit 56e941d0a00d6d8bae88317717d5e1b7395c9529
6326Author: djm@openbsd.org <djm@openbsd.org>
6327Date:   Wed Jan 5 04:27:54 2022 +0000
6328
6329    upstream: add missing -O option to usage() for ssh-keygen -Y sign;
6330
6331    from Linus Nordberg
6332
6333    OpenBSD-Commit-ID: 4e78feb4aa830727ab76bb2e3d940440ae1d7af0
6334
6335commit 141a14ec9b0924709c98df2dd8013bde5d8d12c7
6336Author: djm@openbsd.org <djm@openbsd.org>
6337Date:   Wed Jan 5 04:27:01 2022 +0000
6338
6339    upstream: move sig_process_opts() to before sig_sign(); no
6340
6341    functional code change
6342
6343    OpenBSD-Commit-ID: da02d61f5464f72b4e8b299f83e93c3b657932f9
6344
6345commit 37a14249ec993599a9051731e4fb0ac5e976aec1
6346Author: djm@openbsd.org <djm@openbsd.org>
6347Date:   Wed Jan 5 04:10:39 2022 +0000
6348
6349    upstream: regression test for find-principals NULL deref; from Fabian
6350
6351    Stelzer
6352
6353    OpenBSD-Regress-ID: f845a8632a5a7d5ae26978004c93e796270fd3e5
6354
6355commit eb1f042142fdaba93f6c9560cf6c91ae25f6884a
6356Author: djm@openbsd.org <djm@openbsd.org>
6357Date:   Wed Jan 5 04:02:42 2022 +0000
6358
6359    upstream: NULL deref when using find-principals when matching an
6360
6361    allowed_signers line that contains a namespace restriction, but no
6362    restriction specified on the command-line; report and fix from Fabian Stelzer
6363
6364    OpenBSD-Commit-ID: 4a201b86afb668c908d1a559c6af456a61f4b145
6365
6366commit 8f3b18030579f395eca2181da31a5f945af12a59
6367Author: dtucker@openbsd.org <dtucker@openbsd.org>
6368Date:   Tue Jan 4 08:38:53 2022 +0000
6369
6370    upstream: Log command invocation while debugging.
6371
6372    This will aid in manually reproducing failing commands.
6373
6374    OpenBSD-Regress-ID: b4aba8d5ac5675ceebeeeefa3261ce344e67333a
6375
6376commit bbf285164df535f0d38c36237f007551bbdae27f
6377Author: Darren Tucker <dtucker@dtucker.net>
6378Date:   Sun Dec 26 10:31:15 2021 +1100
6379
6380    Always save config.h as build artifact.
6381
6382    Should allow better comparison between failing and succeeding test
6383    platforms.
6384
6385commit 03bd4ed0db699687c5cd83405d26f81d2dc28d22
6386Author: Darren Tucker <dtucker@dtucker.net>
6387Date:   Sat Dec 25 16:42:51 2021 +1100
6388
6389    Add OpenBSD 7.0 target.  Retire 6.8.
6390
6391commit c45a752f0de611afd87755c2887c8a24816d08ee
6392Author: jsg@openbsd.org <jsg@openbsd.org>
6393Date:   Sat Jan 1 05:55:06 2022 +0000
6394
6395    upstream: spelling
6396
6397    OpenBSD-Commit-ID: c63e43087a64d0727af13409c708938e05147b62
6398
6399commit c672f83a89a756564db0d3af9934ba0e1cf8fa3e
6400Author: djm@openbsd.org <djm@openbsd.org>
6401Date:   Tue Jan 4 07:20:33 2022 +0000
6402
6403    upstream: unbreak test: was picking up system ssh-add instead of the
6404
6405    one supposedly being tested. Spotted by dtucker and using his VM zoo (which
6406    includes some systems old enough to lack ed25519 key support)
6407
6408    OpenBSD-Regress-ID: 7976eb3df11cc2ca3af91030a6a8c0cef1590bb5
6409
6410commit a23698c3082ffe661abed14b020eac9b0c25eb9f
6411Author: djm@openbsd.org <djm@openbsd.org>
6412Date:   Sat Jan 1 04:18:06 2022 +0000
6413
6414    upstream: fix memleak in process_extension(); oss-fuzz issue #42719
6415
6416    OpenBSD-Commit-ID: d8d49f840162fb7b8949e3a5adb8107444b6de1e
6417
6418commit cb885178f36b83d0f14cfe9f345d2068103feed0
6419Author: jsg@openbsd.org <jsg@openbsd.org>
6420Date:   Sat Jan 1 01:55:30 2022 +0000
6421
6422    upstream: spelling ok dtucker@
6423
6424    OpenBSD-Commit-ID: bfc7ba74c22c928de2e257328b3f1274a3dfdf19
6425
6426commit 6b977f8080a32c5b3cbb9edb634b9d5789fb79be
6427Author: djm@openbsd.org <djm@openbsd.org>
6428Date:   Sun Dec 26 23:34:41 2021 +0000
6429
6430    upstream: split method list search functionality from
6431
6432    authmethod_lookup() into a separate authmethod_byname(), for cases where we
6433    don't need to check whether a method is enabled, etc.
6434
6435    use this to fix the "none" authentication method regression reported
6436    by Nam Nguyen via bugs@
6437
6438    ok deraadt@
6439
6440    OpenBSD-Commit-ID: 8cd188dc3a83aa8abe5b7693e762975cd8ea8a17
6441
6442commit 0074aa2c8d605ee7587279a22cdad4270b4ddd07
6443Author: jmc@openbsd.org <jmc@openbsd.org>
6444Date:   Wed Dec 22 06:56:41 2021 +0000
6445
6446    upstream: sort -H and -h in SYNOPSIS/usage(); tweak the -H text;
6447
6448    ok djm
6449
6450    OpenBSD-Commit-ID: 90721643e41e9e09deb5b776aaa0443456ab0965
6451
6452commit 1c9853a68b2319f2e5f929179735e8fbb9988a67
6453Author: Darren Tucker <dtucker@dtucker.net>
6454Date:   Wed Dec 22 19:33:10 2021 +1100
6455
6456    Use SHA.*_HMAC_BLOCK_SIZE if needed.
6457
6458    If the platform has a native SHA2, does not define SHA.*_BLOCK_LENGTH
6459    but does define SHA.*_HMAC_BLOCK_SIZE (eg Solaris) then use the latter.
6460    Should fix --without-openssl build on Solaris.
6461
6462commit 715c892f0a5295b391ae92c26ef4d6a86ea96e8e
6463Author: Damien Miller <djm@mindrot.org>
6464Date:   Wed Dec 22 09:02:50 2021 +1100
6465
6466    remove sys/param.h in -portable, after upstream
6467
6468commit 7a7c69d8b4022b1e5c0afb169c416af8ce70f3e8
6469Author: Damien Miller <djm@mindrot.org>
6470Date:   Mon Dec 20 13:05:20 2021 +1100
6471
6472    add agent-restrict.sh file, missed in last commit
6473
6474commit f539136ca51a4976644db5d0be8158cc1914c72a
6475Author: djm@openbsd.org <djm@openbsd.org>
6476Date:   Sun Dec 19 22:20:12 2021 +0000
6477
6478    upstream: regression test for destination restrictions in ssh-agent
6479
6480    OpenBSD-Regress-ID: 3c799d91e736b1753b4a42d80c42fc40de5ad33d
6481
6482commit 6e4980eb8ef94c04874a79dd380c3f568e8416d6
6483Author: anton@openbsd.org <anton@openbsd.org>
6484Date:   Sat Dec 18 06:53:59 2021 +0000
6485
6486    upstream: Make use of ntests variable, pointed out by clang 13.
6487
6488    OpenBSD-Regress-ID: 4241a3d21bdfa1630ed429b6d4fee51038d1be72
6489
6490commit 3eead8158393b697f663ec4301e3c7b6f24580b1
6491Author: deraadt@openbsd.org <deraadt@openbsd.org>
6492Date:   Tue Dec 14 21:25:27 2021 +0000
6493
6494    upstream: sys/param.h cleanup, mostly using MINIMUM() and
6495
6496    <limits.h> ok dtucker
6497
6498    OpenBSD-Regress-ID: 172a4c45d3bcf92fa6cdf6c4b9db3f1b3abe4db0
6499
6500commit 266678e19eb0e86fdf865b431b6e172e7a95bf48
6501Author: djm@openbsd.org <djm@openbsd.org>
6502Date:   Sun Dec 19 22:15:42 2021 +0000
6503
6504    upstream: document host-bound publickey authentication
6505
6506    OpenBSD-Commit-ID: ea6ed91779a81f06d961e30ecc49316b3d71961b
6507
6508commit 3d00024b3b156aa9bbd05d105f1deb9cb088f6f7
6509Author: djm@openbsd.org <djm@openbsd.org>
6510Date:   Sun Dec 19 22:15:21 2021 +0000
6511
6512    upstream: document agent protocol extensions
6513
6514    OpenBSD-Commit-ID: 09e8bb391bbaf24c409b75a4af44e0cac65405a7
6515
6516commit c385abf76511451bcba78568167b1cd9e90587d5
6517Author: djm@openbsd.org <djm@openbsd.org>
6518Date:   Sun Dec 19 22:14:47 2021 +0000
6519
6520    upstream: PubkeyAuthentication=yes|no|unbound|host-bound
6521
6522    Allow control over which pubkey methods are used. Added out of
6523    concern that some hardware devices may have difficulty signing
6524    the longer pubkey authentication challenges. This provides a
6525    way for them to disable the extension. It's also handy for
6526    testing.
6527
6528    feedback / ok markus@
6529
6530    OpenBSD-Commit-ID: ee52580db95c355cf6d563ba89974c210e603b1a
6531
6532commit 34b1e9cc7654f41cd4c5b1cc290b999dcf6579bb
6533Author: djm@openbsd.org <djm@openbsd.org>
6534Date:   Sun Dec 19 22:14:12 2021 +0000
6535
6536    upstream: document destination-constrained keys
6537
6538    feedback / ok markus@
6539
6540    OpenBSD-Commit-ID: cd8c526c77268f6d91c06adbee66b014d22d672e
6541
6542commit a6d7677c4abcfba268053e5867f2acabe3aa371b
6543Author: djm@openbsd.org <djm@openbsd.org>
6544Date:   Sun Dec 19 22:13:55 2021 +0000
6545
6546    upstream: Use hostkey parsed from hostbound userauth request
6547
6548    Require host-bound userauth requests for forwarded SSH connections.
6549
6550    The hostkey parsed from the host-bound userauth request is now checked
6551    against the most recently bound session ID / hostkey on the agent socket
6552    and the signature refused if they do not match.
6553
6554    ok markus@
6555
6556    OpenBSD-Commit-ID: d69877c9a3bd8d1189a5dbdeceefa432044dae02
6557
6558commit baaff0ff4357cc5a079621ba6e2d7e247b765061
6559Author: djm@openbsd.org <djm@openbsd.org>
6560Date:   Sun Dec 19 22:13:33 2021 +0000
6561
6562    upstream: agent support for parsing hostkey-bound signatures
6563
6564    Allow parse_userauth_request() to work with blobs from
6565    publickey-hostbound-v00@openssh.com userauth attempts.
6566
6567    Extract hostkey from these blobs.
6568
6569    ok markus@
6570
6571    OpenBSD-Commit-ID: 81c064255634c1109477dc65c3e983581d336df8
6572
6573commit 3e16365a79cdeb2d758cf1da6051b1c5266ceed7
6574Author: djm@openbsd.org <djm@openbsd.org>
6575Date:   Sun Dec 19 22:13:12 2021 +0000
6576
6577    upstream: EXT_INFO negotiation of hostbound pubkey auth
6578
6579    the EXT_INFO packet gets a new publickey-hostbound@openssh.com to
6580    advertise the hostbound public key method.
6581
6582    Client side support to parse this feature flag and set the kex->flags
6583    indicator if the expected version is offered (currently "0").
6584
6585    ok markus@
6586
6587    OpenBSD-Commit-ID: 4cdb2ca5017ec1ed7a9d33bda95c1d6a97b583b0
6588
6589commit 94ae0c6f0e35903b695e033bf4beacea1d376bb1
6590Author: djm@openbsd.org <djm@openbsd.org>
6591Date:   Sun Dec 19 22:12:54 2021 +0000
6592
6593    upstream: client side of host-bound pubkey authentication
6594
6595    Add kex->flags member to enable the publickey-hostbound-v00@openssh.com
6596    authentication method.
6597
6598    Use the new hostbound method in client if the kex->flags flag was set,
6599    and include the inital KEX hostkey in the userauth request.
6600
6601    Note: nothing in kex.c actually sets the new flag yet
6602
6603    ok markus@
6604
6605    OpenBSD-Commit-ID: 5a6fce8c6c8a77a80ee1526dc467d91036a5910d
6606
6607commit 288fd0218dbfdcb05d9fbd1885904bed9b6d42e6
6608Author: djm@openbsd.org <djm@openbsd.org>
6609Date:   Sun Dec 19 22:12:30 2021 +0000
6610
6611    upstream: sshd side of hostbound public key auth
6612
6613    This is identical to the standard "publickey" method, but it also includes
6614    the initial server hostkey in the message signed by the client.
6615
6616    feedback / ok markus@
6617
6618    OpenBSD-Commit-ID: 7ea01bb7238a560c1bfb426fda0c10a8aac07862
6619
6620commit dbb339f015c33d63484261d140c84ad875a9e548
6621Author: djm@openbsd.org <djm@openbsd.org>
6622Date:   Sun Dec 19 22:12:07 2021 +0000
6623
6624    upstream: prepare for multiple names for authmethods
6625
6626    allow authentication methods to have one additional name beyond their
6627    primary name.
6628
6629    allow lookup by this synonym
6630
6631    Use primary name for authentication decisions, e.g. for
6632    PermitRootLogin=publickey
6633
6634    Pass actual invoked name to the authmethods, so they can tell whether they
6635    were requested via the their primary name or synonym.
6636
6637    ok markus@
6638
6639    OpenBSD-Commit-ID: 9e613fcb44b8168823195602ed3d09ffd7994559
6640
6641commit 39f00dcf44915f20684160f0a88d3ef8a3278351
6642Author: djm@openbsd.org <djm@openbsd.org>
6643Date:   Sun Dec 19 22:11:39 2021 +0000
6644
6645    upstream: ssh-agent side of destination constraints
6646
6647    Gives ssh-agent the ability to parse restrict-destination-v00@openssh.com
6648    constraints and to apply them to keys.
6649
6650    Check constraints against the hostkeys recorded for a SocketEntry when
6651    attempting a signature, adding, listing or deleting keys. Note that
6652    the "delete all keys" request will remove constrained keys regardless of
6653    location.
6654
6655    feedback Jann Horn & markus@
6656    ok markus@
6657
6658    OpenBSD-Commit-ID: 84a7fb81106c2d609a6ac17469436df16d196319
6659
6660commit ce943912df812c573a33d00bf9e5435b7fcca3f7
6661Author: djm@openbsd.org <djm@openbsd.org>
6662Date:   Sun Dec 19 22:11:06 2021 +0000
6663
6664    upstream: ssh-add side of destination constraints
6665
6666    Have ssh-add accept a list of "destination constraints" that allow
6667    restricting where keys may be used in conjunction with a ssh-agent/ssh
6668    that supports session ID/hostkey binding.
6669
6670    Constraints are specified as either "[user@]host-pattern" or
6671    "host-pattern>[user@]host-pattern".
6672
6673    The first form permits a key to be used to authenticate as the
6674    specified user to the specified host.
6675
6676    The second form permits a key that has previously been permitted
6677    for use at a host to be available via a forwarded agent to an
6678    additional host.
6679
6680    For example, constraining a key with "user1@host_a" and
6681    "host_a>host_b". Would permit authentication as "user1" at
6682    "host_a", and allow the key to be available on an agent forwarded
6683    to "host_a" only for authentication to "host_b". The key would not
6684    be visible on agent forwarded to other hosts or usable for
6685    authentication there.
6686
6687    Internally, destination constraints use host keys to identify hosts.
6688    The host patterns are used to obtain lists of host keys for that
6689    destination that are communicated to the agent. The user/hostkeys are
6690    encoded using a new restrict-destination-v00@openssh.com key
6691    constraint.
6692
6693    host keys are looked up in the default client user/system known_hosts
6694    files. It is possible to override this set on the command-line.
6695
6696    feedback Jann Horn & markus@
6697    ok markus@
6698
6699    OpenBSD-Commit-ID: 6b52cd2b637f3d29ef543f0ce532a2bce6d86af5
6700
6701commit 5e950d765727ee0b20fc3d2cbb0c790b21ac2425
6702Author: djm@openbsd.org <djm@openbsd.org>
6703Date:   Sun Dec 19 22:10:24 2021 +0000
6704
6705    upstream: ssh-add side of destination constraints
6706
6707    Have ssh-add accept a list of "destination constraints" that allow
6708    restricting where keys may be used in conjunction with a ssh-agent/ssh
6709    that supports session ID/hostkey binding.
6710
6711    Constraints are specified as either "[user@]host-pattern" or
6712    "host-pattern>[user@]host-pattern".
6713
6714    The first form permits a key to be used to authenticate as the
6715    specified user to the specified host.
6716
6717    The second form permits a key that has previously been permitted
6718    for use at a host to be available via a forwarded agent to an
6719    additional host.
6720
6721    For example, constraining a key with "user1@host_a" and
6722    "host_a>host_b". Would permit authentication as "user1" at
6723    "host_a", and allow the key to be available on an agent forwarded
6724    to "host_a" only for authentication to "host_b". The key would not
6725    be visible on agent forwarded to other hosts or usable for
6726    authentication there.
6727
6728    Internally, destination constraints use host keys to identify hosts.
6729    The host patterns are used to obtain lists of host keys for that
6730    destination that are communicated to the agent. The user/hostkeys are
6731    encoded using a new restrict-destination-v00@openssh.com key
6732    constraint.
6733
6734    host keys are looked up in the default client user/system known_hosts
6735    files. It is possible to override this set on the command-line.
6736
6737    feedback Jann Horn & markus@
6738    ok markus@
6739
6740    OpenBSD-Commit-ID: ef47fa9ec0e3c2a82e30d37ef616e245df73163e
6741
6742commit 4c1e3ce85e183a9d0c955c88589fed18e4d6a058
6743Author: djm@openbsd.org <djm@openbsd.org>
6744Date:   Sun Dec 19 22:09:23 2021 +0000
6745
6746    upstream: ssh-agent side of binding
6747
6748    record session ID/hostkey/forwarding status for each active socket.
6749
6750    Attempt to parse data-to-be-signed at signature request time and extract
6751    session ID from the blob if it is a pubkey userauth request.
6752
6753    ok markus@
6754
6755    OpenBSD-Commit-ID: a80fd41e292b18b67508362129e9fed549abd318
6756
6757commit e9497ecf73f3c16667288bce48d4e3d7e746fea1
6758Author: djm@openbsd.org <djm@openbsd.org>
6759Date:   Sun Dec 19 22:08:48 2021 +0000
6760
6761    upstream: ssh client side of binding
6762
6763    send session ID, hostkey, signature and a flag indicating whether the
6764    agent connection is being forwarded to ssh agent each time a connection
6765    is opened via a new "session-bind@openssh.com" agent extension.
6766
6767    ok markus@
6768
6769    OpenBSD-Commit-ID: 2f154844fe13167d3ab063f830d7455fcaa99135
6770
6771commit b42c61d6840d16ef392ed0f365e8c000734669aa
6772Author: djm@openbsd.org <djm@openbsd.org>
6773Date:   Sun Dec 19 22:08:06 2021 +0000
6774
6775    upstream: Record session ID, host key and sig at intital KEX
6776
6777    These will be used later for agent session ID / hostkey binding
6778
6779    ok markus@
6780
6781    OpenBSD-Commit-ID: a9af29e33772b18e3e867c6fa8ab35e1694a81fe
6782
6783commit 26ca33d186473d58a32d812e19273ce078b6ffff
6784Author: djm@openbsd.org <djm@openbsd.org>
6785Date:   Tue Dec 7 22:06:45 2021 +0000
6786
6787    upstream: better error message for FIDO keys when we can't match
6788
6789    them to a token
6790
6791    OpenBSD-Commit-ID: 58255c2a1980088f4ed144db67d879ada2607650
6792
6793commit adb0ea006d7668190f0c42aafe3a2864d352e34a
6794Author: Darren Tucker <dtucker@dtucker.net>
6795Date:   Wed Dec 15 10:50:33 2021 +1100
6796
6797    Correct value for IPTOS_DSCP_LE.
6798
6799    It needs to allow for the preceeding two ECN bits.  From daisuke.higashi
6800    at gmail.com via OpenSSH bz#3373, ok claudio@, job@, djm@.
6801
6802commit 3dafd3fe220bd9046f11fcf5191a79ec8800819f
6803Author: Darren Tucker <dtucker@dtucker.net>
6804Date:   Fri Dec 10 11:57:30 2021 +1100
6805
6806    Increase timeout for test step.
6807
6808commit 5aefb05cd5b843e975b191d6ebb7ddf8de35c112
6809Author: Darren Tucker <dtucker@dtucker.net>
6810Date:   Fri Dec 10 10:27:27 2021 +1100
6811
6812    Update the list of tests that don't work on Minix.
6813
6814    While there, remove CC (configure will now find clang) and make the test
6815    list easier to update via cut and paste.
6816
6817commit 1c09bb1b2e207d091cec299c49416c23d24a1b31
6818Author: Darren Tucker <dtucker@dtucker.net>
6819Date:   Fri Dec 10 10:12:57 2021 +1100
6820
6821    Add minix host tuple.
6822
6823    Define SETEUID_BREAKS_SETUID for it which should make privsep work.
6824
6825commit a2188579032cf080213a78255373263466cb90cc
6826Author: jsg@openbsd.org <jsg@openbsd.org>
6827Date:   Sun Dec 5 12:28:27 2021 +0000
6828
6829    upstream: fix unintended sizeof pointer in debug path ok markus@
6830
6831    OpenBSD-Commit-ID: b9c0481ffc0cd801e0840e342e6a282a85aac93c
6832
6833commit da40355234068c82f1a36196f2d18dd2d81aaafd
6834Author: naddy@openbsd.org <naddy@openbsd.org>
6835Date:   Sat Dec 4 00:05:39 2021 +0000
6836
6837    upstream: RSA/SHA-1 is not used by default anymore on the server
6838
6839    OpenBSD-Commit-ID: 64abef6cfc3e53088225f6b8a1dcd86d52dc8353
6840
6841commit e9c71498a083a8b502aa831ea931ce294228eda0
6842Author: djm@openbsd.org <djm@openbsd.org>
6843Date:   Thu Dec 2 23:45:36 2021 +0000
6844
6845    upstream: hash full host:port when asked to hash output, fixes hashes
6846
6847    for non- default ports. bz3367 ok dtucker@
6848
6849    OpenBSD-Commit-ID: 096021cc847da7318ac408742f2d0813ebe9aa73
6850
6851commit b5601202145a03106012c22cb8980bcac2949f0b
6852Author: djm@openbsd.org <djm@openbsd.org>
6853Date:   Thu Dec 2 23:23:13 2021 +0000
6854
6855    upstream: improve the testing of credentials against inserted FIDO
6856
6857    keys a little more: ask the token whether a particular key belongs to it in
6858    cases where the token support on-token user- verification (e.g. biometrics)
6859    rather than just assuming that it will accept it.
6860
6861    Will reduce spurious "Confirm user presence" notifications for key
6862    handles that relate to FIDO keys that are not currently inserted in at
6863    least some cases.
6864
6865    Motivated by bz3366; by Pedro Martelletto
6866
6867    OpenBSD-Commit-ID: ffac7f3215842397800e1ae2e20229671a55a63d
6868
6869commit ca709e27c41c90f4565b17282c48dca7756e083c
6870Author: djm@openbsd.org <djm@openbsd.org>
6871Date:   Thu Dec 2 22:40:05 2021 +0000
6872
6873    upstream: move check_sk_options() up so we can use it earlier
6874
6875    OpenBSD-Commit-ID: 67fe98ba1c846d22035279782c4664c1865763b4
6876
6877commit b711bc01a7ec76bb6a285730990cbce9b8ca5773
6878Author: dtucker@openbsd.org <dtucker@openbsd.org>
6879Date:   Thu Dec 2 22:35:05 2021 +0000
6880
6881    upstream: ssh-rsa is no longer in the default for
6882
6883    PubkeyAcceptedAlgorithms.
6884
6885    OpenBSD-Commit-ID: 34a9e1bc30966fdcc922934ae00f09f2596cd73c
6886
6887commit dc91ceea33cd4a9f05be953e8d8062f732db5c8a
6888Author: djm@openbsd.org <djm@openbsd.org>
6889Date:   Thu Dec 2 02:44:44 2021 +0000
6890
6891    upstream: don't put the tty into raw mode when SessionType=none, avoids
6892
6893    ^c being unable to kill such a session. bz3360; ok dtucker@
6894
6895    OpenBSD-Commit-ID: 83960c433052303b643b4c380ae2f799ac896f65
6896
6897commit e6e7d2654a13ba10141da7b42ea683ea4eeb1f38
6898Author: Damien Miller <djm@mindrot.org>
6899Date:   Mon Nov 29 14:11:03 2021 +1100
6900
6901    previous commit broke bcrypt_pbkdf()
6902
6903    Accidentally reverted part of the conversion to use SHA512 from SUPERCOP
6904    instead of OpenBSD-style libc SHA512.
6905
6906commit c0459588b8d00b73e506c6095958ecfe62a4a7ba
6907Author: Darren Tucker <dtucker@dtucker.net>
6908Date:   Mon Nov 29 14:03:19 2021 +1100
6909
6910    Fix typo in Neils' name.
6911
6912commit 158bf854e2a22cf09064305f4a4e442670562685
6913Author: Damien Miller <djm@mindrot.org>
6914Date:   Mon Nov 29 12:30:22 2021 +1100
6915
6916    sync bcrypt-related files with OpenBSD
6917
6918    The main change is that Niels Provos kindly agreed to rescind the
6919    BSD license advertising clause, shifting them to the 3-term BSD
6920    license.
6921
6922    This was the last thing in OpenSSH that used the advertising clause.
6923
6924commit e8976d92a42883ff6b8991438f07df60c2c0d82d
6925Author: Damien Miller <djm@mindrot.org>
6926Date:   Mon Nov 29 12:29:29 2021 +1100
6927
6928    depend
6929
6930commit 8249afeec013e557fe7491a72ca3285de03e25b1
6931Author: djm@openbsd.org <djm@openbsd.org>
6932Date:   Sun Nov 28 07:21:26 2021 +0000
6933
6934    upstream: sshsig: return "key not found" when searching empty files
6935
6936    rather than "internal error"
6937
6938    OpenBSD-Commit-ID: e2ccae554c78d7a7cd33fc5d217f35be7e2507ed
6939
6940commit 9e3227d4dbb5ad9c9091b4c14982cab4bba87b4d
6941Author: djm@openbsd.org <djm@openbsd.org>
6942Date:   Sun Nov 28 07:15:10 2021 +0000
6943
6944    upstream: ssh-keygen -Y match-principals doesn't accept any -O
6945
6946    options at present, so don't say otherwise in SYNOPSIS; spotted jmc@
6947
6948    OpenBSD-Commit-ID: 9cc43a18f4091010741930b48b3db2f2e4f1d35c
6949
6950commit 56db1f4a4cf5039fc3b42e84c4b16291fdff32b1
6951Author: djm@openbsd.org <djm@openbsd.org>
6952Date:   Sun Nov 28 07:14:29 2021 +0000
6953
6954    upstream: fix indenting in last commit
6955
6956    OpenBSD-Commit-ID: 8b9ba989815d0dec1fdf5427a4a4b58eb9cac4d2
6957
6958commit 50bea24a9a9bdebad327c76e700def3261f5694e
6959Author: djm@openbsd.org <djm@openbsd.org>
6960Date:   Sun Nov 28 07:10:18 2021 +0000
6961
6962    upstream: missing initialisation for oerrno
6963
6964    OpenBSD-Commit-ID: 05d646bba238080259bec821c831a6f0b48d2a95
6965
6966commit 5a0f4619041d09cd29f3a08da41db5040372bdd1
6967Author: Darren Tucker <dtucker@dtucker.net>
6968Date:   Sun Nov 28 15:31:37 2021 +1100
6969
6970    Correct ifdef to activate poll() only if needed.
6971
6972commit d4035c81a71237f690edd7eda32bef7d63fd9528
6973Author: djm@openbsd.org <djm@openbsd.org>
6974Date:   Sat Nov 27 07:23:35 2021 +0000
6975
6976    upstream: whitespac e
6977
6978    OpenBSD-Regress-ID: b9511d41568056bda489e13524390167889908f8
6979
6980commit a443491e6782ef0f5a8bb87a5536c8ee4ff233a1
6981Author: djm@openbsd.org <djm@openbsd.org>
6982Date:   Sat Nov 27 07:20:58 2021 +0000
6983
6984    upstream: regression test for match-principals. Mostly by Fabian
6985
6986    Stelzer
6987
6988    OpenBSD-Regress-ID: ced0bec89af90935103438986bbbc4ad1df9cfa7
6989
6990commit 78230b3ec8cbabc1e7de68732dc5cbd4837c6675
6991Author: djm@openbsd.org <djm@openbsd.org>
6992Date:   Sat Nov 27 07:14:46 2021 +0000
6993
6994    upstream: Add ssh-keygen -Y match-principals operation to perform
6995
6996    matching of principals names against an allowed signers file.
6997
6998    Requested by and mostly written by Fabian Stelzer, towards a TOFU
6999    model for SSH signatures in git. Some tweaks by me.
7000
7001    "doesn't bother me" deraadt@
7002
7003    OpenBSD-Commit-ID: 8d1b71f5a4127bc5e10a880c8ea6053394465247
7004
7005commit 15db86611baaafb24c40632784dabf82e3ddb1a7
7006Author: djm@openbsd.org <djm@openbsd.org>
7007Date:   Thu Nov 25 23:02:24 2021 +0000
7008
7009    upstream: debug("func: ...") -> debug_f("...")
7010
7011    OpenBSD-Commit-ID: d58494dc05c985326a895adfbe16fbd5bcc54347
7012
7013commit b7ffbb17e37f59249c31f1ff59d6c5d80888f689
7014Author: Darren Tucker <dtucker@dtucker.net>
7015Date:   Fri Nov 19 18:53:46 2021 +1100
7016
7017    Allow for fd = -1 in compat ppoll overflow check.
7018
7019    Fixes tests on at least FreeBSD 6, possibly others.
7020
7021commit 04b172da5b96a51b0d55c905b423ababff9f4e0b
7022Author: Darren Tucker <dtucker@dtucker.net>
7023Date:   Fri Nov 19 16:01:51 2021 +1100
7024
7025    Don't auto-enable Capsicum sandbox on FreeBSD 9/10.
7026
7027    Since we changed from select() to ppoll() tests have been failing.
7028    This seems to be because FreeBSD 10 (and presumably 9) do not allow
7029    ppoll() in the privsep process and sshd will fail with "Not permitted in
7030    capability mode".  Setting CAP_EVENT on the FDs doesn't help, but weirdly,
7031    poll() works without that.  Those versions are EOL so this situation is
7032    unlikely to change.
7033
7034commit a823f39986e7b879f26412e64c15630e1cfa0dc5
7035Author: djm@openbsd.org <djm@openbsd.org>
7036Date:   Thu Nov 18 03:53:48 2021 +0000
7037
7038    upstream: regression test for ssh-keygen -Y find-principals fix; from
7039
7040    Fabian Stelzer ok djm markus
7041
7042    OpenBSD-Regress-ID: 34fe4088854c1a2eb4c0c51cc4676ba24096bac4
7043
7044commit 199c4df66c0e39dd5c3333b162af274678c0501d
7045Author: djm@openbsd.org <djm@openbsd.org>
7046Date:   Thu Nov 18 21:32:11 2021 +0000
7047
7048    upstream: less confusing debug message; bz#3365
7049
7050    OpenBSD-Commit-ID: 836268d3642c2cdc84d39b98d65837f5241e4a50
7051
7052commit 97f9b6e61316c97a32dad94b7a37daa9b5f6b836
7053Author: djm@openbsd.org <djm@openbsd.org>
7054Date:   Thu Nov 18 21:11:01 2021 +0000
7055
7056    upstream: avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we
7057
7058    already did this for RSA keys). Avoids fatal errors for PKCS#11 libraries
7059    that return empty keyid, e.g. Microchip ATECC608B "cryptoauthlib"; bz#3364
7060
7061    OpenBSD-Commit-ID: 054d4dc1d6a99a2e6f8eebc48207b534057c154d
7062
7063commit c74aa0eb73bd1edf79947d92d9c618fc3424c4a6
7064Author: djm@openbsd.org <djm@openbsd.org>
7065Date:   Thu Nov 18 03:50:41 2021 +0000
7066
7067    upstream: ssh-keygen -Y find-principals was verifying key validity
7068
7069    when using ca certs but not with simple key lifetimes within the allowed
7070    signers file.
7071
7072    Since it returns the first keys principal it finds this could
7073    result in a principal with an expired key even though a valid
7074    one is just below.
7075
7076    patch from Fabian Stelzer; feedback/ok djm markus
7077
7078    OpenBSD-Commit-ID: b108ed0a76b813226baf683ab468dc1cc79e0905
7079
7080commit d902d728dfd81622454260e23bc09d5e5a9a795e
7081Author: Darren Tucker <dtucker@dtucker.net>
7082Date:   Thu Nov 18 23:44:07 2021 +1100
7083
7084    Correct calculation of tv_nsec in poll().
7085
7086commit 21dd5a9a3fb35e8299a1fbcf8d506f1f6b752b85
7087Author: Darren Tucker <dtucker@dtucker.net>
7088Date:   Thu Nov 18 23:11:37 2021 +1100
7089
7090    Add compat implementation of ppoll using pselect.
7091
7092commit b544ce1ad4afb7ee2b09f714aa63efffc73fa93a
7093Author: Darren Tucker <dtucker@dtucker.net>
7094Date:   Thu Nov 18 23:05:34 2021 +1100
7095
7096    Put poll.h inside ifdef HAVE_POLL_H.
7097
7098commit 875408270c5a7dd69ed5449e5d85bd7120c88f70
7099Author: djm@openbsd.org <djm@openbsd.org>
7100Date:   Thu Nov 18 03:31:44 2021 +0000
7101
7102    upstream: check for POLLHUP wherever we check for POLLIN
7103
7104    OpenBSD-Commit-ID: 6aa6f3ec6b17c3bd9bfec672a917f003a76d93e5
7105
7106commit 36b5e37030d35bbaa18ba56825b1af55971d18a0
7107Author: djm@openbsd.org <djm@openbsd.org>
7108Date:   Thu Nov 18 03:07:59 2021 +0000
7109
7110    upstream: fd leak in sshd listen loop error path; from Gleb
7111
7112    Smirnoff
7113
7114    OpenBSD-Commit-ID: a7a2be27a690a74bf2381bc16cea38e265657412
7115
7116commit b99498d0c93f1edd04857b318308a66b28316bd8
7117Author: djm@openbsd.org <djm@openbsd.org>
7118Date:   Thu Nov 18 03:07:20 2021 +0000
7119
7120    upstream: check for POLLHUP as well as POLLIN in sshd listen loop;
7121
7122    ok deraadt millert
7123
7124    OpenBSD-Commit-ID: a4f1244c5a9c2b08dac4f3b1dc22e9d1dc60c587
7125
7126commit 1f3055d788e8cf80851eb1728b535d57eb0dba6a
7127Author: djm@openbsd.org <djm@openbsd.org>
7128Date:   Thu Nov 18 03:06:03 2021 +0000
7129
7130    upstream: check for POLLHUP as well as POLLIN, handle transient IO
7131
7132    errors as well as half-close on the output side; ok deraadt millert
7133
7134    OpenBSD-Commit-ID: de5c5b9939a37476d256328cbb96305bdecf511e
7135
7136commit 9778a15fa6dbdac6a95bf15865c2688b4bd6944e
7137Author: Damien Miller <djm@mindrot.org>
7138Date:   Thu Nov 18 10:16:55 2021 +1100
7139
7140    adjust seccomp filter for select->poll conversion
7141
7142    Needed to add ppoll syscall but also to relax the fallback rlimit
7143    sandbox. Linux poll() fails with EINVAL if npfds > RLIMIT_NOFILE,
7144    so we have to allow a single fd in the rlimit.
7145
7146commit fcd8d895bbb849c64f0aed934e3303d37f696f5d
7147Author: Damien Miller <djm@mindrot.org>
7148Date:   Thu Nov 18 10:16:44 2021 +1100
7149
7150    update depends
7151
7152commit 76292787a1e93e668f10e36b4bf59ce0ae28e156
7153Author: Damien Miller <djm@mindrot.org>
7154Date:   Thu Nov 18 09:26:20 2021 +1100
7155
7156    compat for timespecsub() and friends
7157
7158commit fd7e7de4ddb4399c7e929b44f2bbfc118eddfcf8
7159Author: djm@openbsd.org <djm@openbsd.org>
7160Date:   Wed Nov 17 21:06:39 2021 +0000
7161
7162    upstream: set num_listen_socks to 0 on close-all instead of -1,
7163
7164    which interferes with the new poll()-based listen loop; spotted and debugged
7165    by anton@+deraadt@
7166
7167    OpenBSD-Commit-ID: f7ab8ab124f615a2e0c45fee14c38d2f2abbabbd
7168
7169commit fd9343579afac30a971f06643a669733d9acb407
7170Author: deraadt@openbsd.org <deraadt@openbsd.org>
7171Date:   Sun Nov 14 18:47:43 2021 +0000
7172
7173    upstream: use ppoll() instead of pselect() with djm
7174
7175    OpenBSD-Commit-ID: 980f87c9564d5d2ad55722b7a6f44f21284cd215
7176
7177commit 092d29b232ef1a19609a5316ed7e4d896bb2e696
7178Author: deraadt@openbsd.org <deraadt@openbsd.org>
7179Date:   Sun Nov 14 06:15:36 2021 +0000
7180
7181    upstream: match .events with .fd better
7182
7183    OpenBSD-Commit-ID: 77eef212ca0add905949532af390164489c5984b
7184
7185commit 8d642c9a90fa4ed5a3effd785fb3591e14de00cd
7186Author: deraadt@openbsd.org <deraadt@openbsd.org>
7187Date:   Sun Nov 14 03:25:10 2021 +0000
7188
7189    upstream: convert select() to poll() ok djm
7190
7191    OpenBSD-Commit-ID: b53e4940ff10dd24f8d16e8db8ef1970015d7ead
7192
7193commit 6582a31c388968f4073af2bd8621880735c3d42b
7194Author: deraadt@openbsd.org <deraadt@openbsd.org>
7195Date:   Sat Nov 13 21:14:13 2021 +0000
7196
7197    upstream: replace select() with ppoll(), including converting
7198
7199    timeval's to timespec's to make things easier. back and forth and ok; djm
7200
7201    OpenBSD-Commit-ID: 89d3b23c60875da919e7820f9de6213286ffbec9
7202
7203commit 7c025c005550c86a40200a2bcdd355d09413d61a
7204Author: deraadt@openbsd.org <deraadt@openbsd.org>
7205Date:   Sat Nov 13 17:26:13 2021 +0000
7206
7207    upstream: It really looks like pledge "stdio dns" is possible
7208
7209    earlier. Discussed with mestre
7210
7211    OpenBSD-Commit-ID: 610873de63a593e0ac7bbbcb7a0f2894d36f4c01
7212
7213commit 06acb04c20ee483fe4757bd12aec870cc4bb1076
7214Author: deraadt@openbsd.org <deraadt@openbsd.org>
7215Date:   Fri Nov 12 05:23:49 2021 +0000
7216
7217    upstream: aggressively pre-fill the pollfd array with fd=-1
7218
7219    OpenBSD-Commit-ID: c2a525de8f83c1a04405bd79122c424140552a5b
7220
7221commit 7eec76793dec06e8f06b6cf71f9473141c69d109
7222Author: deraadt@openbsd.org <deraadt@openbsd.org>
7223Date:   Thu Nov 11 15:32:32 2021 +0000
7224
7225    upstream: Convert from select() to ppoll(). Along the way, I
7226
7227    observed that the select() code was using exceptfds incorrectly.. ok millert
7228
7229    OpenBSD-Commit-ID: 548e05bfc31b2af02319eb3d051286d4128dec96
7230
7231commit e665ed2d0c24fe11d5470ce72fa1e187377d3fc4
7232Author: Darren Tucker <dtucker@dtucker.net>
7233Date:   Fri Nov 12 22:55:27 2021 +1100
7234
7235    Switch from LibreSSL 3.4.0 to 3.4.1.
7236
7237    The LibreSSL 3.4.0 release has an OPENBSD_BRANCH that points to
7238    "master" and that branch no longer has the files LibreSSL expects
7239    and thus it will no longer build, breaking the test.
7240
7241commit 21b6b5a06c8c53c548d25e6074c5240e88e2ef34
7242Author: djm@openbsd.org <djm@openbsd.org>
7243Date:   Wed Nov 10 06:29:25 2021 +0000
7244
7245    upstream: add the sntrup761x25519-sha512@openssh.com hybrid
7246
7247    ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the default
7248    KEXAlgorithms list (after the ECDH methods but before the prime-group DH
7249    ones).
7250
7251    ok markus@
7252
7253    OpenBSD-Commit-ID: 22b77e27a04e497a10e22f138107579652854210
7254
7255commit 239da797cbf07a640d7b1ea02d3f99ace3ef792d
7256Author: djm@openbsd.org <djm@openbsd.org>
7257Date:   Wed Nov 10 06:25:08 2021 +0000
7258
7259    upstream: fix ssh-keysign for KEX algorithms that use SHA384/512
7260
7261    exchange hashes; feedback/ok markus@
7262
7263    OpenBSD-Commit-ID: 09a8fda1c081f5de1e3128df64f28b7bdadee239
7264
7265commit 6997a592ecb1013df0c6d7f8df3e6517827aef11
7266Author: djm@openbsd.org <djm@openbsd.org>
7267Date:   Mon Nov 8 21:32:49 2021 +0000
7268
7269    upstream: improve error message when trying to expand a ~user path
7270
7271    for a user that doesn't exist; better matches what the shell does
7272
7273    ok deraadt@
7274
7275    OpenBSD-Commit-ID: 1ddefa3c3a78b69ce13d1b8f67bc9f2cefd23ad6
7276
7277commit 10b899a15c88eb40eb5f73cd0fa84ef0966f79c9
7278Author: Darren Tucker <dtucker@dtucker.net>
7279Date:   Wed Nov 10 12:34:25 2021 +1100
7280
7281    Don't trust closefrom() on Linux.
7282
7283    glibc's closefrom implementation does not work in a chroot when the kernel
7284    does not have close_range.  It tries to read from /proc/self/fd and when
7285    that fails dies with an assertion of sorts.  Instead, call close_range
7286    ourselves from our compat code and fall back if that fails.  bz#3349,
7287    with william.wilson at canonical.com and fweimer at redhat.com.
7288
7289commit eb1f63195a9a38b519536a5b398d9939261ec081
7290Author: dtucker@openbsd.org <dtucker@openbsd.org>
7291Date:   Sat Nov 6 10:13:39 2021 +0000
7292
7293    upstream: Plug a couple of minor mem leaks. From beldmit at
7294
7295    gmail.com via github PR#283, ok markus@
7296
7297    OpenBSD-Commit-ID: ec1fa7d305d46226861c3ca6fb9c9beb2ada2892
7298
7299commit e4f501bf1d3b53f1cc23d9521fd7c5163307b760
7300Author: djm@openbsd.org <djm@openbsd.org>
7301Date:   Fri Nov 5 03:10:58 2021 +0000
7302
7303    upstream: move cert_filter_principals() to earlier in the file for
7304
7305    reuse; no code change
7306
7307    OpenBSD-Commit-ID: 598fa9528b656b2f38bcc3cf5b6f3869a8c115cf
7308
7309commit 59c60f96fee321c7f38f00372826d37f289534af
7310Author: deraadt@openbsd.org <deraadt@openbsd.org>
7311Date:   Wed Nov 3 22:00:56 2021 +0000
7312
7313    upstream: Many downstreams expect ssh to compile as non-C99...
7314
7315    OpenBSD-Commit-ID: e6aa3e08bda68e5fb838fc8a49b1d2dfc38ee783
7316
7317commit 7a78fe63b0b28ef7231913dfefe9d08f9bc41c61
7318Author: Darren Tucker <dtucker@dtucker.net>
7319Date:   Sat Nov 6 21:07:03 2021 +1100
7320
7321    Skip getline() on HP-UX 10.x.
7322
7323    HP-UX 10.x has a getline() implementation in libc that does not behave
7324    as we expect so don't use it.  With correction from Thorsten Glaser and
7325    typo fix from Larkin Nickle.
7326
7327commit 343ae252ebb35c6ecae26b447bf1551a7666720e
7328Author: Damien Miller <djm@mindrot.org>
7329Date:   Wed Nov 3 12:08:21 2021 +1100
7330
7331    basic SECURITY.md (refers people to the website)
7332
7333commit ed45a0168638319e0a710633f6085b96b9cec656
7334Author: djm@openbsd.org <djm@openbsd.org>
7335Date:   Tue Nov 2 22:57:27 2021 +0000
7336
7337    upstream: crank SSH_SK_VERSION_MAJOR to match recent change in
7338
7339    usr/bin/ssh
7340
7341    OpenBSD-Regress-ID: 113d181c7e3305e138db9b688cdb8b0a0019e552
7342
7343commit f3c34df860c4c1ebddacb973954e58167d9dbade
7344Author: djm@openbsd.org <djm@openbsd.org>
7345Date:   Tue Nov 2 22:56:40 2021 +0000
7346
7347    upstream: Better handle FIDO keys on tokens that provide user
7348
7349    verification (UV) on the device itself, including biometric keys.
7350
7351    Query the token during key creation to determine whether it supports
7352    on-token UV and, if so, clear the SSH_SK_USER_VERIFICATION_REQD flag
7353    in the key so that ssh(1) doesn't automatically prompty for PIN later.
7354
7355    When making signatures with the key, query the token's capabilities
7356    again and check whether the token is able (right now) to perform user-
7357    verification without a PIN. If it is then the PIN prompt is bypassed
7358    and user verification delegated to the token. If not (e.g. the token
7359    is biometric capable, but no biometric are enrolled), then fall back
7360    to user verification via the usual PIN prompt.
7361
7362    Work by Pedro Martelletto; ok myself and markus@
7363
7364    NB. cranks SSH_SK_VERSION_MAJOR
7365
7366    OpenBSD-Commit-ID: e318a8c258d9833a0b7eb0236cdb68b5143b2f27
7367
7368commit 0328a081f38c09d2d4d650e94461a47fb5eef536
7369Author: djm@openbsd.org <djm@openbsd.org>
7370Date:   Fri Oct 29 03:03:06 2021 +0000
7371
7372    upstream: sshsig: add tests for signing key validity and
7373
7374    find-principals
7375
7376    - adds generic find-principals tests (this command had none before)
7377    - tests certs with a timeboxed validity both with and without a
7378     restriced lifetime for the CA
7379    - test for a revoked CA cert
7380
7381    by Fabian Stelzer
7382
7383    OpenBSD-Regress-ID: 9704b2c6df5b8ccfbdf2c06c5431f5f8cad280c9
7384
7385commit ccd358e1e25e25c13f0825996283cbf7a1647a3b
7386Author: djm@openbsd.org <djm@openbsd.org>
7387Date:   Fri Oct 29 02:48:19 2021 +0000
7388
7389    upstream: avoid signedness warning; spotted in -portable
7390
7391    OpenBSD-Regress-ID: 4cacc126086487c0ea7f3d86b42dec458cf0d0c6
7392
7393commit 2741f52beb11490d7033a25e56ed0496f0c78006
7394Author: djm@openbsd.org <djm@openbsd.org>
7395Date:   Fri Oct 29 03:20:46 2021 +0000
7396
7397    upstream: ssh-keygen: make verify-time argument parsing optional
7398
7399    From Fabian Stelzer
7400
7401    OpenBSD-Commit-ID: 1ff35e4c366a45a073663df90381be6a8ef4d370
7402
7403commit a1217d363b88b32cfe54c4f02c6c1cf4bdefdd23
7404Author: Damien Miller <djm@mindrot.org>
7405Date:   Fri Oct 29 13:48:34 2021 +1100
7406
7407    unbreak fuzz harness for recent changes
7408
7409commit 68e522ed8183587c9367fa3842c5b75f64f3d12b
7410Author: Darren Tucker <dtucker@dtucker.net>
7411Date:   Fri Oct 29 13:32:24 2021 +1100
7412
7413    Use -Wbitwise-instead-of-logical if supported.
7414
7415commit be28b23012aa3fa323be7ec84863cf238927c078
7416Author: Damien Miller <djm@mindrot.org>
7417Date:   Thu Oct 28 16:24:53 2021 +1100
7418
7419    use -Wmisleading-indentation cflag if available
7420
7421    ok dtucker@
7422
7423commit 2e6f5f24dd2f9217f4ab8b737ed428d5d5278f91
7424Author: Damien Miller <djm@mindrot.org>
7425Date:   Thu Oct 28 16:24:44 2021 +1100
7426
7427    depend
7428
7429commit a5ab4882348d26addc9830a44e053238dfa2cb58
7430Author: Damien Miller <djm@mindrot.org>
7431Date:   Thu May 6 10:08:30 2021 +1000
7432
7433    remove built-in support for md5crypt()
7434
7435    Users of MD5-hashed password should arrange for ./configure to link
7436    against libxcrypt or similar. Though it would be better to avoid use
7437    of MD5 password hashing entirely, it's arguably worse than DEScrypt.
7438
7439    feedback and ok dtucker@
7440
7441commit c5de1fffa6328b8246b87da28fa9df05813f76a3
7442Author: djm@openbsd.org <djm@openbsd.org>
7443Date:   Thu Oct 28 02:55:30 2021 +0000
7444
7445    upstream: increment SSH_SK_VERSION_MAJOR to match last change
7446
7447    OpenBSD-Regress-ID: 17873814d1cbda97f49c8528d7b5ac9cadf6ddc0
7448
7449commit 0001d04e55802d5bd9d6dece1081a99aa4ba2828
7450Author: djm@openbsd.org <djm@openbsd.org>
7451Date:   Thu Oct 28 02:54:18 2021 +0000
7452
7453    upstream: When downloading resident keys from a FIDO token, pass
7454
7455    back the user ID that was used when the key was created and append it to the
7456    filename the key is written to (if it is not the default).
7457
7458    Avoids keys being clobbered if the user created multiple
7459    resident keys with the same application string but different
7460    user IDs.
7461
7462    feedback Pedro Martelletto; ok markus
7463
7464    NB. increments SSH_SK_VERSION_MAJOR
7465
7466    OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
7467
7468commit d4bed5445646e605c383a4374fa962e23bf9e3a3
7469Author: deraadt@openbsd.org <deraadt@openbsd.org>
7470Date:   Sun Oct 24 21:24:17 2021 +0000
7471
7472    upstream: For open/openat, if the flags parameter does not contain
7473
7474    O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant.  Many developers
7475    in the past have passed mode_t (0, 044, 0644, or such), which might lead
7476    future people to copy this broken idiom, and perhaps even believe this
7477    parameter has some meaning or implication or application. Delete them all.
7478    This comes out of a conversation where tb@ noticed that a strange (but
7479    intentional) pledge behaviour is to always knock-out high-bits from mode_t on
7480    a number of system calls as a safety factor, and his bewilderment that this
7481    appeared to be happening against valid modes (at least visually), but no
7482    sorry, they are all irrelevant junk.  They could all be 0xdeafbeef. ok
7483    millert
7484
7485    OpenBSD-Commit-ID: 503d11633497115688c0c6952686524f01f53121
7486
7487commit d575cf44895104e0fcb0629920fb645207218129
7488Author: Darren Tucker <dtucker@dtucker.net>
7489Date:   Fri Oct 22 23:27:41 2021 +1100
7490
7491    kitchensink test target now needs krb5.
7492
7493commit 4ae39cada214e955bcfd3448ff28f0ed18886706
7494Author: Darren Tucker <dtucker@dtucker.net>
7495Date:   Fri Oct 22 22:54:33 2021 +1100
7496
7497    Test both MIT KRB5 and Heimdal.
7498
7499commit 22b2681d88619e5247dc53c9f112058a7e248d48
7500Author: dtucker@openbsd.org <dtucker@openbsd.org>
7501Date:   Fri Oct 22 10:51:57 2021 +0000
7502
7503    upstream: Plug mem addrinfo mem leaks.
7504
7505    Prevent mem leaks in the (unlikely) event that getaddrinfo returns
7506    no addresses.  ALso, remove an unneeded NULL check in addr_ntop. From
7507    khaleesicodes via github PR#281, ok deraadt@
7508
7509    OpenBSD-Commit-ID: e8a5afc686376637c355c5f7e122dc4b080b9c1a
7510
7511commit 27c8c343b610263f83ac2328735feeb881c6c92f
7512Author: dtucker@openbsd.org <dtucker@openbsd.org>
7513Date:   Fri Oct 22 09:22:04 2021 +0000
7514
7515    upstream: Remove unnecessary semicolons
7516
7517    ... in case statements. From khaleesicodes via github PR#280.
7518
7519    OpenBSD-Commit-ID: e1e89360b65775cff83e77ce040b342015caf4ed
7520
7521commit e7eb73b8d1fe1008d92433ea949491ce654bfaba
7522Author: dtucker@openbsd.org <dtucker@openbsd.org>
7523Date:   Fri Oct 22 09:19:34 2021 +0000
7524
7525    upstream: Fix typos in comments.
7526
7527    From khaleesicodes via github PR#280.
7528
7529    OpenBSD-Commit-ID: 26fdd83652c40f098bf7c685e8ebb9eb72cc45fc
7530
7531commit 052a9d8494175e24312daa6c132665e58c17fe6e
7532Author: deraadt@openbsd.org <deraadt@openbsd.org>
7533Date:   Fri Oct 15 14:46:46 2021 +0000
7534
7535    upstream: switch scp(1) back to sftp protocol.
7536
7537    openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
7538    protocol for copying.  Let's get back to testing the SFTP protocol.
7539
7540    OpenBSD-Commit-ID: 9eaa35d95fd547b78b0a043b3f518e135f151f30
7541
7542commit a07664646bf6d293f5bbd45a5de54f3c36bb85da
7543Author: Darren Tucker <dtucker@dtucker.net>
7544Date:   Fri Oct 22 14:00:05 2021 +1100
7545
7546    Source configs script so setup_ci can use settings
7547
7548commit 34df52c201c6b47e5a46b50c215e4d98a8bf6587
7549Author: Darren Tucker <dtucker@dtucker.net>
7550Date:   Fri Oct 22 09:42:14 2021 +1100
7551
7552    Install libedit and pam based on config flags.
7553
7554commit 8c626cc563e8d21d844d06f9971a9ee01de6aa2a
7555Author: Darren Tucker <dtucker@dtucker.net>
7556Date:   Thu Oct 21 16:53:39 2021 +1100
7557
7558    Don't use 'here string", it's not POSIX.
7559
7560commit 086a4b5977472aefa3de918b88efad0faf83b2b1
7561Author: Darren Tucker <dtucker@dtucker.net>
7562Date:   Thu Oct 21 15:33:27 2021 +1100
7563
7564    Remove -Werror from compiler package to install.
7565
7566commit 5a7a4687507d057f9b5e7497f3d3f82e64753c02
7567Author: Darren Tucker <dtucker@dtucker.net>
7568Date:   Thu Oct 21 15:00:53 2021 +1100
7569
7570    Build with -Werror on most recent gcc and clang.
7571
7572commit 4d2cbdb525d673acf941d48a7044fcf03125611a
7573Author: Darren Tucker <dtucker@dtucker.net>
7574Date:   Fri Oct 15 12:59:06 2021 +1100
7575
7576    Include string.h and stdio.h for strerror.
7577
7578commit fff13aaa262b7b3ec83ed21e29674cbf331780a7
7579Author: Darren Tucker <dtucker@dtucker.net>
7580Date:   Fri Oct 15 12:43:36 2021 +1100
7581
7582    Include error reason if trace disabling fails.
7583
7584commit d4b38144c02f3faa5271e5fb35df93507e06f1b4
7585Author: Darren Tucker <dtucker@dtucker.net>
7586Date:   Tue Oct 12 22:55:51 2021 +1100
7587
7588    Add tcmalloc test target.
7589
7590commit 002d65b0a30063c6e49bf8a53e709d8d5a0d45c1
7591Author: dtucker@openbsd.org <dtucker@openbsd.org>
7592Date:   Sat Oct 9 10:52:42 2021 +0000
7593
7594    upstream: Document that CASignatureAlgorithms, ExposeAuthInfo and
7595
7596    PubkeyAuthOptions can be used in a Match block.  Patch from eehakkin via
7597    github PR#277.
7598
7599    OpenBSD-Commit-ID: c0a63f5f52e918645967ac022b28392da4b866aa
7600
7601commit 40bd3709dddaae3a1b6113748bec3faa6a607531
7602Author: Darren Tucker <dtucker@dtucker.net>
7603Date:   Thu Oct 7 15:55:49 2021 +1100
7604
7605    Skip SK unit tests when built without security-key
7606
7607commit 482f73be10f10b93f818df19fcc8a912c0c371fc
7608Author: Darren Tucker <dtucker@dtucker.net>
7609Date:   Thu Oct 7 15:55:04 2021 +1100
7610
7611    Include relevant env vars on command line.
7612
7613    Makes it easier to reproduce a build by cut/pasting the configure line.
7614
7615commit ef5916b8acd9b1d2f39fad4951dae03b00dbe390
7616Author: Darren Tucker <dtucker@dtucker.net>
7617Date:   Thu Oct 7 14:28:02 2021 +1100
7618
7619    Only enable sk-* key types if ENABLE_SK is defined
7620
7621commit 52d4232b493a9858fe616e28a8bbcc89afa2ad4d
7622Author: Darren Tucker <dtucker@dtucker.net>
7623Date:   Wed Oct 6 18:14:37 2021 +1100
7624
7625    Disable security key on minix3.
7626
7627    The test doesn't work so disable.
7628
7629commit 7cd062c3a29669b8d7dc2a97e6575f4dcb7d35a2
7630Author: Darren Tucker <dtucker@dtucker.net>
7631Date:   Wed Oct 6 17:45:28 2021 +1100
7632
7633    Add USE_LIBC_SHA2 for (at least) NetBSD 9.
7634
7635commit 639c440f6c3c2a8216a5eb9455ef13bf4204089c
7636Author: Darren Tucker <dtucker@dtucker.net>
7637Date:   Wed Oct 6 17:09:31 2021 +1100
7638
7639    Define OPENSSL_NO_SHA including OpenSSL from test.
7640
7641    We don't use SHA256 from OpenSSL in the sk-dummy module and the
7642    definitions can conflict with system sha2.h (eg on NetBSD) so define
7643    OPENSSL_NO_SHA so we don't attempt to redefine them.
7644
7645commit 8f4be526a338d06624f146fa26007bb9dd3a4f7b
7646Author: Darren Tucker <dtucker@dtucker.net>
7647Date:   Wed Oct 6 15:40:58 2021 +1100
7648
7649    Disable security key on NetBSD4 test.
7650
7651    sk-dummy used for the security key test includes both sha2.h and OpenSSL
7652    causing the definitions conflict so disable security key support on this
7653    platform.
7654
7655commit 3b353ae58aa07a1cbbeb1da3ace21fc0dcccd66a
7656Author: Damien Miller <djm@mindrot.org>
7657Date:   Wed Oct 6 15:07:01 2021 +1100
7658
7659    clean regress/misc/sk-dummy in cleandir target
7660
7661commit 57680a2ab43518c5ccbd8242c40482106cde6ac1
7662Author: dtucker@openbsd.org <dtucker@openbsd.org>
7663Date:   Sat Oct 2 03:17:01 2021 +0000
7664
7665    upstream: Dynamically allocate encoded HashKnownHosts and free as
7666
7667    appropriate. Saves 1k of static storage and prevents snprintf "possible
7668    truncation" warnings from newer compilers (although in this case it's false
7669    positive since the actual sizes are limited by the output size of the SHA1).
7670    ok djm@
7671
7672    OpenBSD-Commit-ID: e254ae723f7e3dce352c7d5abc4b6d87faf61bf4
7673
7674commit e3e62deb549fde215b777d95276c304f84bf00c6
7675Author: djm@openbsd.org <djm@openbsd.org>
7676Date:   Wed Oct 6 03:35:13 2021 +0000
7677
7678    upstream: use libc SHA256 functions; make this work when compiled
7679
7680    !WITH_OPENSSL
7681
7682    OpenBSD-Regress-ID: fda0764c1097cd42f979ace29b07eb3481259890
7683
7684commit 12937d867019469ebce83c2ff614cdc6688fc2d8
7685Author: dtucker@openbsd.org <dtucker@openbsd.org>
7686Date:   Fri Oct 1 05:20:20 2021 +0000
7687
7688    upstream: Add test for ssh hashed known_hosts handling.
7689
7690    OpenBSD-Regress-ID: bcef3b3cd5a1ad9899327b4b2183de2541aaf9cf
7691
7692commit 5a37cc118f464416d08cd0291a9b1611d8de9943
7693Author: Damien Miller <djm@mindrot.org>
7694Date:   Wed Oct 6 13:16:21 2021 +1100
7695
7696    fix broken OPENSSL_HAS_ECC test
7697
7698    spotted by dtucker
7699
7700commit 16a25414f303cd6790eb967aeb962040e32c9c7a
7701Author: Damien Miller <djm@mindrot.org>
7702Date:   Fri Oct 1 22:40:06 2021 +1000
7703
7704    make sk-dummy.so work without libcrypto installed
7705
7706commit dee22129bbc61e25b1003adfa2bc584c5406ef2d
7707Author: Damien Miller <djm@mindrot.org>
7708Date:   Fri Oct 1 16:35:49 2021 +1000
7709
7710    make OPENSSL_HAS_ECC checks more thorough
7711
7712    ok dtucker
7713
7714commit 872595572b6c9a584ed754165e8b7c4c9e7e1d61
7715Author: Damien Miller <djm@mindrot.org>
7716Date:   Fri Oct 1 16:35:05 2021 +1000
7717
7718    fix FIDO key support for !OPENSSL_HAS_ECC case
7719
7720    ok dtucker
7721
7722commit 489741dc68366940d369ac670b210b4834a6c272
7723Author: Damien Miller <djm@mindrot.org>
7724Date:   Fri Oct 1 14:51:37 2021 +1000
7725
7726    enable security key support for --without-openssl
7727
7728commit c978565c8589acfe4ea37ab5099d39c84158c713
7729Author: Damien Miller <djm@mindrot.org>
7730Date:   Fri Oct 1 13:27:50 2021 +1000
7731
7732    need stdlib.h for free(3)
7733
7734commit 76a398edfb51951b2d65d522d7b02c72304db300
7735Author: dtucker@openbsd.org <dtucker@openbsd.org>
7736Date:   Thu Sep 30 05:26:26 2021 +0000
7737
7738    upstream: Fix up whitespace left by previous
7739
7740    change removing privsep.  No other changes.
7741
7742    OpenBSD-Regress-ID: 87adec225d8afaee4d6a91b2b71203f52bf14b15
7743
7744commit ddcb53b7a7b29be65d57562302b2d5f41733e8dd
7745Author: dtucker@openbsd.org <dtucker@openbsd.org>
7746Date:   Thu Sep 30 05:20:08 2021 +0000
7747
7748    upstream: Remove references to privsep.
7749
7750    This removes several do..while loops but does not change the
7751    indentation of the now-shallower loops, which will be done in a separate
7752    whitespace-only commit to keep changes of style and substance separate.
7753
7754    OpenBSD-Regress-ID: 4bed1a0249df7b4a87c965066ce689e79472a8f7
7755
7756commit ece2fbe486164860de8df3f8b943cccca3085eff
7757Author: dtucker@openbsd.org <dtucker@openbsd.org>
7758Date:   Thu Sep 30 04:22:50 2021 +0000
7759
7760    upstream: Use "skip" instead of "fatal"
7761
7762    if SUDO isn't set for the *-command tests. This means running "make tests"
7763    without SUDO set will perform all of the tests that it can instead of
7764    failing on the ones it cannot run.
7765
7766    OpenBSD-Regress-ID: bd4dbbb02f34b2e8c890558ad4a696248def763a
7767
7768commit bb754b470c360e787a99fb4e88e2668198e97b41
7769Author: djm@openbsd.org <djm@openbsd.org>
7770Date:   Fri Oct 1 04:50:36 2021 +0000
7771
7772    upstream: unbreak FIDO sk-ed25519 key enrollment for OPENSSL=no builds;
7773
7774    ok dtucker@
7775
7776    OpenBSD-Commit-ID: 6323a5241728626cbb2bf0452cf6a5bcbd7ff709
7777
7778commit 207648d7a6415dc915260ca75850404dbf9f0a0b
7779Author: Darren Tucker <dtucker@dtucker.net>
7780Date:   Wed Sep 29 20:03:58 2021 +1000
7781
7782    Include stdlib.h for arc4random_uniform prototype.
7783
7784commit 696aadc854582c164d5fc04933d2f3e212dc0e06
7785Author: Darren Tucker <dtucker@dtucker.net>
7786Date:   Wed Sep 29 20:00:30 2021 +1000
7787
7788    Look for clang after cc and gcc.
7789
7790commit a3c6375555026d85dbf811fab566b9f76f196144
7791Author: Darren Tucker <dtucker@dtucker.net>
7792Date:   Wed Sep 29 19:30:59 2021 +1000
7793
7794    Use backticks instead of $(..) for portability.
7795
7796    Older shells (eg /bin/sh on Solaris 10) don't support $() syntax.
7797
7798commit 958aaa0387133d51f84fe9c8f30bca03025f2867
7799Author: Darren Tucker <dtucker@dtucker.net>
7800Date:   Wed Sep 29 18:53:32 2021 +1000
7801
7802    Skip file-based tests by default on Mac OS.
7803
7804    The file-based tests need OpenSSL so skip them.
7805
7806commit 55c8bdf6e9afb0f9fa8e4f10c25c7f0081b48fd0
7807Author: Darren Tucker <dtucker@dtucker.net>
7808Date:   Wed Sep 29 18:42:47 2021 +1000
7809
7810    Build without OpenSSL on Mac OS.
7811
7812    Modern versions don't ship enough libcrypto to build against.
7813
7814commit c9172193ea975415facf0afb356d87df21535f88
7815Author: Darren Tucker <dtucker@dtucker.net>
7816Date:   Wed Sep 29 18:33:38 2021 +1000
7817
7818    Remove TEST_SSH_ECC.
7819
7820    Convert the only remaining user of it to runtime detection using ssh -Q.
7821
7822commit 5e6d28b7874b0deae95d2c68947c45212d32e599
7823Author: Darren Tucker <dtucker@dtucker.net>
7824Date:   Wed Sep 29 17:48:09 2021 +1000
7825
7826    Split c89 test openssl setting out.
7827
7828commit c4ac7f98e230e83c015678dc958b1ffe828564ad
7829Author: Darren Tucker <dtucker@dtucker.net>
7830Date:   Wed Sep 29 17:40:50 2021 +1000
7831
7832    Expand TEST_SHELL consistently with other vars.
7833
7834commit cfe5f7b0eb7621bfb0a756222de0431315c2ab8b
7835Author: Darren Tucker <dtucker@dtucker.net>
7836Date:   Wed Sep 29 17:26:50 2021 +1000
7837
7838    Replace `pwd` with make variable in regress cmd.
7839
7840commit 899be59da5fbc3372444bd0fbe74af48313bed33
7841Author: Darren Tucker <dtucker@dtucker.net>
7842Date:   Wed Sep 29 17:14:33 2021 +1000
7843
7844    Get BUILDDIR from autoconf.
7845
7846    Use this to replace `pwd`s in regress test command line.
7847
7848commit c8d92d3d4f7d560146f2f936156ec4dac3fc5811
7849Author: Darren Tucker <dtucker@dtucker.net>
7850Date:   Wed Sep 29 13:28:56 2021 +1000
7851
7852    Add make clean step to tests.
7853
7854commit 360fb41ef8359619ab90b0d131c914494e55d3dd
7855Author: Darren Tucker <dtucker@dtucker.net>
7856Date:   Wed Sep 29 11:36:13 2021 +1000
7857
7858    Test all available clang and gcc versions.
7859
7860commit 4fb49899d7da22952d35a4bc4c9bdb2311087893
7861Author: djm@openbsd.org <djm@openbsd.org>
7862Date:   Wed Sep 29 01:32:21 2021 +0000
7863
7864    upstream: Test certificate hostkeys held in ssh-agent too. Would have
7865
7866    caught regression fixed in sshd r1.575
7867
7868    ok markus@
7869
7870    OpenBSD-Regress-ID: 1f164d7bd89f83762db823eec4ddf2d2556145ed
7871
7872commit ce4854e12e749a05646e5775e9deb8cfaf49a755
7873Author: djm@openbsd.org <djm@openbsd.org>
7874Date:   Wed Sep 29 01:33:32 2021 +0000
7875
7876    upstream: add some debug output showing how many key file/command lines
7877
7878    were processed. Useful to see whether a file or command actually has keys
7879    present
7880
7881    OpenBSD-Commit-ID: 0bd9ff94e84e03a22df8e6c12f6074a95d27f23c
7882
7883commit 15abdd523501c349b703d9a27e2bb4252ad921ef
7884Author: dtucker@openbsd.org <dtucker@openbsd.org>
7885Date:   Tue Sep 28 11:14:50 2021 +0000
7886
7887    upstream: Make prototype for rijndaelEncrypt match function
7888
7889    including the bounds. Fixes error in portable where GCC>=11 takes notice of
7890    the bounds. ok deraadt@
7891
7892    OpenBSD-Commit-ID: cdd2f05fd1549e1786a70871e513cf9e9cf099a6
7893
7894commit d1d29ea1d1ef1a1a54b209f062ec1dcc8399cf03
7895Author: dtucker@openbsd.org <dtucker@openbsd.org>
7896Date:   Tue Sep 28 11:10:05 2021 +0000
7897
7898    upstream: Import regenerated moduli.
7899
7900    OpenBSD-Commit-ID: 4bec5db13b736b64b06a0fca704cbecc2874c8e1
7901
7902commit 39f2111b1d5f00206446257377dcce58cc72369f
7903Author: Darren Tucker <dtucker@dtucker.net>
7904Date:   Wed Sep 29 10:53:55 2021 +1000
7905
7906    Add new compiler hardening flags.
7907
7908    Add -fzero-call-used-regs and -ftrivial-auto-var-init to the list of
7909    compiler hardening flags that configure checks for.  These are supported
7910    by clang and gcc, and make ROP gadgets less useful and mitigate
7911    stack-based infoleaks respectively.  ok djm@
7912
7913commit bf944e3794eff5413f2df1ef37cddf96918c6bde
7914Author: Damien Miller <djm@mindrot.org>
7915Date:   Mon Sep 27 00:03:19 2021 +1000
7916
7917    initgroups needs grp.h
7918
7919commit 8c5b5655149bd76ea21026d7fe73ab387dbc3bc7
7920Author: djm@openbsd.org <djm@openbsd.org>
7921Date:   Sun Sep 26 14:01:11 2021 +0000
7922
7923    upstream: openssh-8.8
7924
7925    OpenBSD-Commit-ID: 12357794602ac979eb7312a1fb190c453f492ec4
7926
7927commit f3cbe43e28fe71427d41cfe3a17125b972710455
7928Author: djm@openbsd.org <djm@openbsd.org>
7929Date:   Sun Sep 26 14:01:03 2021 +0000
7930
7931    upstream: need initgroups() before setresgid(); reported by anton@,
7932
7933    ok deraadt@
7934
7935    OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce
7936
7937commit 8acaff41f7518be40774c626334157b1b1c5583c
7938Author: Damien Miller <djm@mindrot.org>
7939Date:   Sun Sep 26 22:16:36 2021 +1000
7940
7941    update version numbers for release
7942
7943commit d39039ddc0010baa91c70a0fa0753a2699bbf435
7944Author: kn@openbsd.org <kn@openbsd.org>
7945Date:   Sat Sep 25 09:40:33 2021 +0000
7946
7947    upstream: RSA/SHA-1 is not used by default anymore
7948
7949    OK dtucker deraadt djm
7950
7951    OpenBSD-Commit-ID: 055c51a221c3f099dd75c95362f902da1b8678c6
7952
7953commit 9b2ee74e3aa8c461eb5552a6ebf260449bb06f7e
7954Author: Darren Tucker <dtucker@dtucker.net>
7955Date:   Fri Sep 24 11:08:03 2021 +1000
7956
7957    Move the fgrep replacement to hostkey-rotate.sh.
7958
7959    The fgrep replacement for buggy greps doesn't work in the sftp-glob test
7960    so move it to just where we know it's needed.
7961
7962commit f7039541570d4b66d76e6f574544db176d8d5c02
7963Author: Darren Tucker <dtucker@dtucker.net>
7964Date:   Fri Sep 24 08:04:14 2021 +1000
7965
7966    Replacement function for buggy fgrep.
7967
7968    GNU (f)grep <=2.18, as shipped by FreeBSD<=12 and NetBSD<=9 will
7969    occasionally fail to find ssh host keys in the hostkey-rotate test.
7970    If we have those versions, use awk instead.
7971
7972commit f6a660e5bf28a01962af87568e118a2d2e79eaa0
7973Author: David Manouchehri <david.manouchehri@riseup.net>
7974Date:   Thu Sep 23 17:03:18 2021 -0400
7975
7976    Don't prompt for yes/no questions.
7977
7978commit 7ed1a3117c09f8c3f1add35aad77d3ebe1b85b4d
7979Author: djm@openbsd.org <djm@openbsd.org>
7980Date:   Mon Sep 20 06:53:56 2021 +0000
7981
7982    upstream: fix missing -s in SYNOPSYS and usage() as well as a
7983
7984    capitalisation mistake; spotted by jmc@
7985
7986    OpenBSD-Commit-ID: 0ed8ee085c7503c60578941d8b45f3a61d4c9710
7987
7988commit 8c07170135dde82a26886b600a8bf6fb290b633d
7989Author: dtucker@openbsd.org <dtucker@openbsd.org>
7990Date:   Mon Sep 20 04:02:13 2021 +0000
7991
7992    upstream: Fix "Allocated port" debug message
7993
7994    for unix domain sockets. From peder.stray at gmail.com via github PR#272,
7995    ok deraadt@
7996
7997    OpenBSD-Commit-ID: 8d5ef3fbdcdd29ebb0792b5022a4942db03f017e
7998
7999commit 277d3c6adfb128b4129db08e3d65195d94b55fe7
8000Author: djm@openbsd.org <djm@openbsd.org>
8001Date:   Mon Sep 20 01:55:42 2021 +0000
8002
8003    upstream: Switch scp back to use the old protocol by default, ahead of
8004
8005    release. We'll wait a little longer for people to pick up sftp-server(8) that
8006    supports the extension that scp needs for ~user paths to continue working in
8007    SFTP protocol mode. Discussed with deraadt@
8008
8009    OpenBSD-Commit-ID: f281f603a705fba317ff076e7b11bcf2df941871
8010
8011commit ace19b34cc15bea3482be90450c1ed0cd0dd0669
8012Author: djm@openbsd.org <djm@openbsd.org>
8013Date:   Sat Sep 18 02:03:25 2021 +0000
8014
8015    upstream: better error message for ~user failures when the
8016
8017    sftp-server lacks the expand-path extension; ok deraadt@
8018
8019    OpenBSD-Commit-ID: 9c1d965d389411f7e86f0a445158bf09b8f9e4bc
8020
8021commit 6b1238ba971ee722a310d95037b498ede5539c03
8022Author: djm@openbsd.org <djm@openbsd.org>
8023Date:   Thu Sep 16 15:22:22 2021 +0000
8024
8025    upstream: make some more scp-in-SFTP mode better match Unix idioms
8026
8027    suggested by deraadt@
8028
8029    OpenBSD-Commit-ID: 0f2439404ed4cf0b0be8bf49a1ee734836e1ac87
8030
8031commit e694f8ac4409931e67d08ac44ed251b20b10a957
8032Author: djm@openbsd.org <djm@openbsd.org>
8033Date:   Thu Sep 16 15:11:19 2021 +0000
8034
8035    upstream: allow log_stderr==2 to prefix log messages with argv[0]
8036
8037    use this to make scp's SFTP mode error messages more scp-like
8038
8039    prompted by and ok deraadt@
8040
8041    OpenBSD-Commit-ID: 0e821dbde423fc2280e47414bdc22aaa5b4e0733
8042
8043commit 8a7a06ee505cb833e613f74a07392e9296286c30
8044Author: Darren Tucker <dtucker@dtucker.net>
8045Date:   Fri Sep 17 13:03:31 2021 +1000
8046
8047    Test against LibreSSL 3.2.6, 3.3.4, 3.4.0.
8048
8049commit c25c84074a47f700dd6534995b4af4b456927150
8050Author: djm@openbsd.org <djm@openbsd.org>
8051Date:   Thu Sep 16 05:36:03 2021 +0000
8052
8053    upstream: missing space character in ssh -G output broke the
8054
8055    t-sshcfgparse regression test; spotted by anton@
8056
8057    OpenBSD-Commit-ID: bcc36fae2f233caac4baa8e58482da4aa350eed0
8058
8059commit a4bee1934bf5e5575fea486628f4123d6a29dff8
8060Author: djm@openbsd.org <djm@openbsd.org>
8061Date:   Wed Sep 15 06:56:01 2021 +0000
8062
8063    upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok
8064
8065    markus@
8066
8067    OpenBSD-Commit-ID: 668a82ba8e56d731b26ffc5703213bfe071df623
8068
8069commit d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd
8070Author: mbuhl@openbsd.org <mbuhl@openbsd.org>
8071Date:   Tue Sep 14 11:04:21 2021 +0000
8072
8073    upstream: put back the mux_ctx memleak fix for SSH_CHANNEL_MUX_CLIENT
8074
8075    OK mfriedl@
8076
8077    OpenBSD-Commit-ID: 1aba1da828956cacaadb81a637338734697d9798
8078
8079commit 19b3d846f06697c85957ab79a63454f57f8e22d6
8080Author: schwarze@openbsd.org <schwarze@openbsd.org>
8081Date:   Sat Sep 11 09:05:50 2021 +0000
8082
8083    upstream: Do not ignore SIGINT while waiting for input if editline(3)
8084
8085    is not used. Instead, in non-interactive mode, exit sftp(1), like for other
8086    serious errors. As pointed out by dtucker@, when compiled without editline(3)
8087    support in portable OpenSSH, the el == NULL branch is also used for
8088    interactive mode. In that case, discard the input line and provide a fresh
8089    prompt to the user just like in the case where editline(3) is used. OK djm@
8090
8091    OpenBSD-Commit-ID: 7d06f4d3ebba62115527fafacf38370d09dfb393
8092
8093commit ba61123eef9c6356d438c90c1199a57a0d7bcb0a
8094Author: djm@openbsd.org <djm@openbsd.org>
8095Date:   Sat Sep 11 00:40:24 2021 +0000
8096
8097    upstream: when using SFTP protocol, continue transferring files after a
8098
8099    transfer error occurs. This matches original scp/rcp behaviour. ok dtucker@
8100
8101    OpenBSD-Commit-ID: dfe4558d71dd09707e9b5d6e7d2e53b793da69fa
8102
8103commit b0ec59a708b493c6f3940336b1a537bcb64dd2a7
8104Author: dtucker@openbsd.org <dtucker@openbsd.org>
8105Date:   Fri Sep 10 11:38:38 2021 +0000
8106
8107    upstream: Document that non-interactive commands are run via the user's
8108
8109    shell using the -c flag.  ok jmc@
8110
8111    OpenBSD-Commit-ID: 4f0d912077732eead10423afd1acf4fc0ceec477
8112
8113commit 66a658b5d9e009ea11f8a0ca6e69c7feb2d851ea
8114Author: dtucker@openbsd.org <dtucker@openbsd.org>
8115Date:   Fri Sep 10 10:26:02 2021 +0000
8116
8117    upstream: Document behaviour of arguments following non-interactive
8118
8119    commands. Prompted by github PR#139 from EvanTheB, feedback & ok djm@ jmc@
8120
8121    OpenBSD-Commit-ID: fc758d1fe0471dfab4304fcad6cd4ecc3d79162a
8122
8123commit 1d47e28e407d1f95fdf8f799be23f48dcfa5206b
8124Author: dtucker@openbsd.org <dtucker@openbsd.org>
8125Date:   Fri Sep 10 07:11:11 2021 +0000
8126
8127    upstream: Clarify which file's attributes -p preserves, and that
8128
8129    it's specifically the file mode bits. bz#3340 from calestyo at scientia.net,
8130    ok djm@ jmc@
8131
8132    OpenBSD-Commit-ID: f09e6098ed1c4be00c730873049825f8ee7cb884
8133
8134commit b344db7a413478e4c21e4cadba4a970ad3e6128a
8135Author: djm@openbsd.org <djm@openbsd.org>
8136Date:   Fri Sep 10 05:46:09 2021 +0000
8137
8138    upstream: openssh-7.4 was incorrectly listed twice; spotted by
8139
8140    Dmitry Belyavskiy, ok dtucker@
8141
8142    OpenBSD-Commit-ID: 4b823ae448f6e899927ce7b04225ac9e489f58ef
8143
8144commit 9136d6239ad7a4a293e0418a49b69e70c76d58b8
8145Author: jmc@openbsd.org <jmc@openbsd.org>
8146Date:   Thu Sep 9 06:17:39 2021 +0000
8147
8148    upstream: - move CAVEATS to its correct order - use the term
8149
8150    "legacy" protocol rather than "original", as the latter made the text
8151    misleading - uppercase SCP
8152
8153    ok djm
8154
8155    OpenBSD-Commit-ID: 8479255746d5fa76a358ee59e7340fecf4245ff0
8156
8157commit 2d678c5e3bdc2f5c99f7af5122e9d054925d560d
8158Author: David Carlier <devnexen@gmail.com>
8159Date:   Wed Sep 8 19:49:54 2021 +0100
8160
8161    Disable tracing on FreeBSD using procctl.
8162
8163    Placed at the start of platform_disable_tracing() to prevent declaration
8164    after code errors from strict C89 compilers (in the unlikely event that
8165    more than one method is enabled).
8166
8167commit 73050fa38fb36ae3326d768b574806352b97002d
8168Author: djm@openbsd.org <djm@openbsd.org>
8169Date:   Wed Sep 8 23:31:39 2021 +0000
8170
8171    upstream: Use the SFTP protocol by default. The original scp/rcp
8172
8173    protocol remains available via the -O flag.
8174
8175    Note that ~user/ prefixed paths in SFTP mode require a protocol extension
8176    that was first shipped in OpenSSH 8.7.
8177
8178    ok deraadt, after baking in snaps for a while without incident
8179
8180    OpenBSD-Commit-ID: 23588976e28c281ff5988da0848cb821fec9213c
8181
8182commit c4565e69ffa2485cff715aa842ea7a350296bfb6
8183Author: Darren Tucker <dtucker@dtucker.net>
8184Date:   Wed Sep 8 21:09:49 2021 +1000
8185
8186    Really fix test on OpenSSL 1.1.1 stable.
8187
8188commit 79f1bb5f56cef3ae9276207316345b8309248478
8189Author: Darren Tucker <dtucker@dtucker.net>
8190Date:   Wed Sep 8 18:51:39 2021 +1000
8191
8192    Correct OpenSSL 1.1.1 stable identifier.
8193
8194commit b6255593ed5ccbe5e7d3d4b26b2ad31ad4afc232
8195Author: Darren Tucker <dtucker@dtucker.net>
8196Date:   Wed Sep 8 18:39:44 2021 +1000
8197
8198    Increment nfds when coming from startup_pipe.
8199
8200    If we have to increase nfds because startup_pipe[0] is above any of the
8201    descriptors passed in the fd_sets, we also need to add 1 to nfds since
8202    select takes highest FD number plus one.  bz#3345 from yaroslav.kuzmin
8203    at vmssoftware.com.
8204
8205commit a3e92a6794817df6012ac8546aea19652cc91b61
8206Author: Darren Tucker <dtucker@dtucker.net>
8207Date:   Wed Sep 8 13:45:10 2021 +1000
8208
8209    Tests for OpenSSL 3.0.0 release & 1.1.1 branch.
8210
8211commit 4afe431da98ec1cf6a2933fe5658f4fd68dee9e2
8212Author: djm@openbsd.org <djm@openbsd.org>
8213Date:   Wed Sep 8 03:23:44 2021 +0000
8214
8215    upstream: correct my mistake in previous fix; spotted by halex
8216
8217    OpenBSD-Commit-ID: 3cc62d92e3f70006bf02468fc146bfc36fffa183
8218
8219commit ca0e455b9331213ff9505a21b94c38e34faa2bba
8220Author: djm@openbsd.org <djm@openbsd.org>
8221Date:   Tue Sep 7 06:03:51 2021 +0000
8222
8223    upstream: avoid NULL deref in -Y find-principals. Report and fix
8224
8225    from Carlo Marcelo Arenas Belón
8226    MIME-Version: 1.0
8227    Content-Type: text/plain; charset=UTF-8
8228    Content-Transfer-Encoding: 8bit
8229
8230    OpenBSD-Commit-ID: 6238486f8ecc888d6ccafcd9ad99e621bb41f1e0
8231
8232commit 37616807f150fb46610bbd5031c31af4857ad1e9
8233Author: millert@openbsd.org <millert@openbsd.org>
8234Date:   Mon Sep 6 00:36:01 2021 +0000
8235
8236    upstream: revision 1.381 neglected to remove
8237
8238    sChallengeResponseAuthentication from the enum.  Noticed by
8239    christos@zoulas.com.  OK dtucker@
8240
8241    OpenBSD-Commit-ID: b533283a4dd6d04a867da411a4c7a8fbc90e34ff
8242
8243commit 7acb3578cdfec0b3d34501408071f7a96c1684ea
8244Author: Darren Tucker <dtucker@dtucker.net>
8245Date:   Sun Sep 5 20:45:42 2021 +1000
8246
8247    Correct version_num for OpenSSL dev branch.
8248
8249commit 65bb01111320dfd0d25e21e1fd4d3f2b77532669
8250Author: Darren Tucker <dtucker@dtucker.net>
8251Date:   Sun Sep 5 19:37:39 2021 +1000
8252
8253    Test against OpenSSL 3 branch as well as dev.
8254
8255    Now that OpenSSL development has moved to 3.1, test against the most
8256    recent version of the openssl-3.0 branch too.
8257
8258commit 864ed0d5e04a503b97202c776b7cf3f163f3eeaa
8259Author: Darren Tucker <dtucker@dtucker.net>
8260Date:   Sun Sep 5 19:33:22 2021 +1000
8261
8262    OpenSSL development is now 3.1.*
8263
8264commit a60209a586a928f92ab323bf23bd07f57093342e
8265Author: dtucker@openbsd.org <dtucker@openbsd.org>
8266Date:   Fri Sep 3 07:43:23 2021 +0000
8267
8268    upstream: Use .Cm instead of .Dq in StrictHostKeyChecking list for
8269
8270    consistency. Patch from scop via github PR#257, ok jmc@
8271
8272    OpenBSD-Commit-ID: 3652a91564570779431802c31224fb4a9cf39872
8273
8274commit 8d1d9eb6de37331e872700e9e399a3190cca1242
8275Author: dtucker@openbsd.org <dtucker@openbsd.org>
8276Date:   Fri Sep 3 07:27:03 2021 +0000
8277
8278    upstream: Mention using ssh -i for specifying the public key file
8279
8280    in the case where the private key is loaded into ssh-agent but is not present
8281    locally.  Based on patch from rafork via github PR#215, ok jmc@
8282
8283    OpenBSD-Commit-ID: 2282e83b0ff78d2efbe705883b67240745fa5bb2
8284
8285commit eb4362e5e3aa7ac26138b11e44d8c191910aff64
8286Author: dtucker@openbsd.org <dtucker@openbsd.org>
8287Date:   Fri Sep 3 05:25:50 2021 +0000
8288
8289    upstream: Refer to KEX "algorithms" instead of "methods" to match
8290
8291    other references and improve consistency.  Patch from scop via github PR#241,
8292    ok djm@
8293
8294    OpenBSD-Commit-ID: 840bc94ff6861b28d8603c8e8c16499bfb65e32c
8295
8296commit b3318946ce5725da43c4bf7eeea1b73129c47d2a
8297Author: dtucker@openbsd.org <dtucker@openbsd.org>
8298Date:   Fri Sep 3 05:12:25 2021 +0000
8299
8300    upstream: Remove redundant attrib_clear in upload_dir_internal.
8301
8302    The subsequent call to stat_to_attrib clears the struct as its first step
8303    anyway. From pmeinhardt via github PR#220, ok djm@
8304
8305    OpenBSD-Commit-ID: f5234fc6d7425b607e179acb3383f21716f3029e
8306
8307commit 7cc3fe28896e653956a6a2eed0a25d551b83a029
8308Author: dtucker@openbsd.org <dtucker@openbsd.org>
8309Date:   Fri Sep 3 04:11:13 2021 +0000
8310
8311    upstream: Add test for client termination status on signal.
8312
8313    Based on patch from Alexxz via github PR#235 with some tweaks, to
8314    match patch in bz#3281.
8315
8316    OpenBSD-Regress-ID: d87c7446fb8b5f8b45894fbbd6875df326e729e2
8317
8318commit 5428b0d239f6b516c81d1dd15aa9fe9e60af75d4
8319Author: deraadt@openbsd.org <deraadt@openbsd.org>
8320Date:   Thu Sep 2 21:03:54 2021 +0000
8321
8322    upstream: sys/param.h is not needed for any visible reason
8323
8324    OpenBSD-Commit-ID: 8bdea2d0c75692e4c5777670ac039d4b01c1f368
8325
8326commit 1ff38f34b4c4545eb28106629cafa1e0496bc726
8327Author: Shchelkunov Artem <a.shchelkunov@ideco.ru>
8328Date:   Wed Aug 11 18:07:58 2021 +0500
8329
8330    Fix memory leak in error path.
8331
8332    *info is allocated via xstrdup but was leaked in the PAM_AUTH_ERR path.
8333    From github PR#266.
8334
8335commit cb37e2f0c0ca4fef844ed7edc5d0e3b7d0e83f6a
8336Author: dtucker@openbsd.org <dtucker@openbsd.org>
8337Date:   Wed Sep 1 03:16:06 2021 +0000
8338
8339    upstream: Fix ssh-rsa fallback for old PuTTY interop tests.
8340
8341    OpenBSD-Regress-ID: a19ac929da604843a5b5f0f48d2c0eb6e0773d37
8342
8343commit 8b02ef0f28dc24cda8cbcd8b7eb02bda8f8bbe59
8344Author: dtucker@openbsd.org <dtucker@openbsd.org>
8345Date:   Wed Sep 1 00:50:27 2021 +0000
8346
8347    upstream: Add a function to skip remaining tests.
8348
8349    Many tests skip tests for various reasons but not in a consistent way and
8350    don't always clean up, so add that and switch the tests that do that over.
8351
8352    OpenBSD-Regress-ID: 72d2ec90a3ee8849486956a808811734281af735
8353
8354commit d486845c07324c04240f1674ac513985bd356f66
8355Author: dtucker@openbsd.org <dtucker@openbsd.org>
8356Date:   Tue Aug 31 07:13:59 2021 +0000
8357
8358    upstream: Specify path to PuTTY keys.
8359
8360    Portable needs this and it makes no difference on OpenBSD, so resync
8361    them.  (Id sync only, Portable already had this.)
8362
8363    OpenBSD-Regress-ID: 33f6f66744455886d148527af8368811e4264162
8364
8365commit d22b299115e27606e846b23490746f69fdd4fb38
8366Author: dtucker@openbsd.org <dtucker@openbsd.org>
8367Date:   Tue Aug 31 06:13:23 2021 +0000
8368
8369    upstream: Better compat tests with old PuTTY.
8370
8371    When running PuTTY interop tests and using a PuTTY version older than
8372    0.76, re-enable the ssh-rsa host key algorithm (the 256 and 512 variants
8373    of RSA were added some time between 0.73 and 0.76).
8374
8375    OpenBSD-Regress-ID: e6138d6987aa705fa1e4f216db0bb386e1ff38e1
8376
8377commit 87ad70d605c3e39c9b8aa275db27120d7cc09b77
8378Author: Darren Tucker <dtucker@dtucker.net>
8379Date:   Tue Aug 31 17:04:50 2021 +1000
8380
8381    Resync PuTTY interop tests.
8382
8383    Resync behaviour when REGRESS_INTEROP_PUTTY is not set with OpenBSD.
8384
8385commit e47b82a7bf51021afac218bf59a3be121827653d
8386Author: dtucker@openbsd.org <dtucker@openbsd.org>
8387Date:   Tue Aug 31 01:25:27 2021 +0000
8388
8389    upstream: Specify hostkeyalgorithms in SSHFP test.
8390
8391    Specify host key algorithms in sshd's default set for the SSHFP test,
8392    from djm@.  Make the reason for when the test is skipped a bit clearer.
8393
8394    OpenBSD-Regress-ID: 4f923dfc761480d5411de17ea6f0b30de3e32cea
8395
8396commit 7db3e0a9e8477c018757b59ee955f7372c0b55fb
8397Author: djm@openbsd.org <djm@openbsd.org>
8398Date:   Mon Aug 30 01:15:45 2021 +0000
8399
8400    upstream: adapt to RSA/SHA1 deprectation
8401
8402    OpenBSD-Regress-ID: 952397c39a22722880e4de9d1c50bb1a14f907bb
8403
8404commit 2344750250247111a6c3c6a4fe84ed583a61cc11
8405Author: djm@openbsd.org <djm@openbsd.org>
8406Date:   Sun Aug 29 23:53:10 2021 +0000
8407
8408    upstream: After years of forewarning, disable the RSA/SHA-1
8409
8410    signature algorithm by default. It is feasible to create colliding SHA1
8411    hashes, so we need to deprecate its use.
8412
8413    RSA/SHA-256/512 remains available and will be transparently selected
8414    instead of RSA/SHA1 for most SSH servers released in the last five+
8415    years. There is no need to regenerate RSA keys.
8416
8417    The use of RSA/SHA1 can be re-enabled by adding "ssh-rsa" to the
8418    PubkeyAcceptedAlgorithms directives on the client and server.
8419
8420    ok dtucker deraadt
8421
8422    OpenBSD-Commit-ID: 189bcc4789c7254e09e23734bdd5def8354ff1d5
8423
8424commit 56c4455d3b54b7d481c77c82115c830b9c8ce328
8425Author: djm@openbsd.org <djm@openbsd.org>
8426Date:   Sun Aug 29 23:44:07 2021 +0000
8427
8428    upstream: wrap at 80 columns
8429
8430    OpenBSD-Commit-ID: 47ca2286d6b52a9747f34da16d742879e1a37bf0
8431
8432commit 95401eea8503943449f712e5f3de52fc0bc612c5
8433Author: Darren Tucker <dtucker@dtucker.net>
8434Date:   Fri Aug 20 18:14:13 2021 +1000
8435
8436    Replace shell function with ssh-keygen -A.
8437
8438    Prevents the init script in the SysV package from trying (and failing)
8439    to generate unsupported key types.  Remove now-unused COMMENT_OUT_ECC.
8440    ok tim@
8441
8442commit d83ec9ed995a76ed1d5c65cf10b447222ec86131
8443Author: Darren Tucker <dtucker@dtucker.net>
8444Date:   Fri Aug 20 15:39:05 2021 +1000
8445
8446    Remove obsolete Redhat PAM config and init script.
8447
8448commit e1a596186c81e65a34ce13076449712d3bf97eb4
8449Author: Damien Miller <djm@mindrot.org>
8450Date:   Fri Aug 20 14:03:49 2021 +1000
8451
8452    depend
8453
8454commit 5450606c8f7f7a0d70211cea78bc2dab74ab35d1
8455Author: Damien Miller <djm@mindrot.org>
8456Date:   Fri Aug 20 13:59:43 2021 +1000
8457
8458    update version numbers
8459
8460commit feee2384ab8d694c770b7750cfa76a512bdf8246
8461Author: djm@openbsd.org <djm@openbsd.org>
8462Date:   Fri Aug 20 03:22:55 2021 +0000
8463
8464    upstream: openssh-8.7
8465
8466    OpenBSD-Commit-ID: 8769dff0fd76ae3193d77bf83b439adee0f300cd
8467
8468commit 9a2ed62173cc551b2b5f479460bb015b19499de8
8469Author: Darren Tucker <dtucker@dtucker.net>
8470Date:   Fri Aug 20 10:48:13 2021 +1000
8471
8472    Also check pid in pselect_notify_setup.
8473
8474    Spotted by djm@.
8475
8476commit deaadcb93ca15d4f38aa38fb340156077792ce87
8477Author: Darren Tucker <dtucker@dtucker.net>
8478Date:   Fri Aug 20 08:39:33 2021 +1000
8479
8480    Prefix pselect functions to clarify debug messages
8481
8482commit 10e45654cff221ca60fd35ee069df67208fcf415
8483Author: Darren Tucker <dtucker@dtucker.net>
8484Date:   Fri Aug 20 08:30:42 2021 +1000
8485
8486    Fix race in pselect replacement code.
8487
8488    On the second and subsequent calls to pselect the notify_pipe was not
8489    added to the select readset, opening up a race that om G. Christensen
8490    discovered on multiprocessor Solaris <=9 systems.
8491
8492    Also reinitialize notify_pipe if the pid changes.  This will prevent a
8493    parent and child from using the same FD, although this is not an issue
8494    in the current structure it might be in future.
8495
8496commit 464ba22f1e38d25402e5ec79a9b8d34a32df5a3f
8497Author: Darren Tucker <dtucker@dtucker.net>
8498Date:   Wed Aug 18 12:51:30 2021 +1000
8499
8500    Check compiler for c99 declarations after code.
8501
8502    The sntrup761 reference code contains c99-style declarations after code
8503    so don't try to build that if the compiler doesn't support it.
8504
8505commit 7d878679a4b155a359d32104ff473f789501748d
8506Author: Darren Tucker <dtucker@dtucker.net>
8507Date:   Tue Aug 17 15:12:04 2021 +1000
8508
8509    Remove trailing backslash on regress-unit-binaries
8510
8511commit b71b2508f17c68c5d9dbbe537686d81cedb9a781
8512Author: Darren Tucker <dtucker@dtucker.net>
8513Date:   Tue Aug 17 07:59:27 2021 +1000
8514
8515    Put stdint.h inside HAVE_STDINT_H.
8516
8517    From Tom G. Christensen.
8518
8519commit 6a24567a29bd7b4ab64e1afad859ea845cbc6b8c
8520Author: Darren Tucker <dtucker@dtucker.net>
8521Date:   Mon Aug 16 14:13:02 2021 +1000
8522
8523    Improve github test driver script.
8524
8525     - use a trap to always output any failed regress logs (since the script
8526       sets -e, the existing log output is never invoked).
8527     - pass LTESTS and SKIP_LTESTS when re-running with sshd options (eg.
8528       UsePAM).
8529
8530commit b467cf13705f59ed348b620722ac098fe31879b7
8531Author: Darren Tucker <dtucker@dtucker.net>
8532Date:   Mon Aug 16 11:32:23 2021 +1000
8533
8534    Remove deprecated ubuntu-16.04 test targets.
8535
8536    Github has deprecated ubuntu-16.04 and it will be removed on 20
8537    September.
8538
8539commit 20e6eefcdf78394f05e453d456c1212ffaa6b6a4
8540Author: Darren Tucker <dtucker@dtucker.net>
8541Date:   Sun Aug 15 23:25:26 2021 +1000
8542
8543    Skip agent ptrace test on hurd.
8544
8545commit 7c9115bbbf958fbf85259a061c1122e2d046aabf
8546Author: Darren Tucker <dtucker@dtucker.net>
8547Date:   Sun Aug 15 19:37:22 2021 +1000
8548
8549    Add hurd test target.
8550
8551commit 7909a566f6c6a78fcd30708dc49f4e4f9bb80ce3
8552Author: Darren Tucker <dtucker@dtucker.net>
8553Date:   Sun Aug 15 12:45:10 2021 +1000
8554
8555    Skip scp3 tests on all dfly58 and 60 configs.
8556
8557commit e65198e52cb03534e8c846d1bca74c310b1526de
8558Author: Tim Rice <tim@multitalents.net>
8559Date:   Sat Aug 14 13:08:07 2021 -0700
8560
8561    openbsd-compat/openbsd-compat.h: put bsd-signal.h before bsd-misc.h
8562    to get sigset_t from signal.h needed for the pselect replacement.
8563
8564commit e50635640f79920d9375e0155cb3f4adb870eee5
8565Author: Darren Tucker <dtucker@dtucker.net>
8566Date:   Fri Aug 13 13:21:00 2021 +1000
8567
8568    Test OpenSSH from OpenBSD head on 6.8 and 6.9.
8569
8570commit e0ba38861c490c680117b7fe0a1d61a181cd00e7
8571Author: Darren Tucker <dtucker@dtucker.net>
8572Date:   Fri Aug 13 13:00:14 2021 +1000
8573
8574    Skip scp3 test on dragonfly 58 and 60.
8575
8576    The tests hang, so skip until we figure them out.
8577
8578commit dcce2a2bcf007bf817a2fb0dce3db83fa9201e92
8579Author: djm@openbsd.org <djm@openbsd.org>
8580Date:   Thu Aug 12 23:59:25 2021 +0000
8581
8582    upstream: mention that CASignatureAlgorithms accepts +/- similarly to
8583
8584    the other algorithm list directives; ok jmc bz#3335
8585
8586    OpenBSD-Commit-ID: 0d46b53995817052c78e2dce9dbd133963b073d9
8587
8588commit 090a82486e5d7a8f7f16613d67e66a673a40367f
8589Author: schwarze@openbsd.org <schwarze@openbsd.org>
8590Date:   Thu Aug 12 09:59:00 2021 +0000
8591
8592    upstream: In the editline(3) branch of the sftp(1) event loop,
8593
8594    handle SIGINT rather than ignoring it, such that the user can use Ctrl-C to
8595    discard the currently edited command line and get a fresh prompt, just like
8596    in ftp(1), bc(1), and in shells.
8597
8598    It is critical to not use ssl_signal() for this particular case
8599    because that function unconditionally sets SA_RESTART, but here we
8600    need the signal to interrupt the read(2) in the el_gets(3) event loop.
8601
8602    OK dtucker@ deraadt@
8603
8604    OpenBSD-Commit-ID: 8025115a773f52e9bb562eaab37ea2e021cc7299
8605
8606commit e1371e4f58404d6411d9f95eb774b444cea06a26
8607Author: naddy@openbsd.org <naddy@openbsd.org>
8608Date:   Wed Aug 11 14:07:54 2021 +0000
8609
8610    upstream: scp: tweak man page and error message for -3 by default
8611
8612    Now that the -3 option is enabled by default, flip the documentation
8613    and error message logic from "requires -3" to "blocked by -R".
8614
8615    ok djm@
8616
8617    OpenBSD-Commit-ID: a872592118444fb3acda5267b2a8c3d4c4252020
8618
8619commit 49f46f6d77328a3d10a758522b670a3e8c2235e7
8620Author: naddy@openbsd.org <naddy@openbsd.org>
8621Date:   Wed Aug 11 14:05:19 2021 +0000
8622
8623    upstream: scp: do not spawn ssh with two -s flags for
8624
8625    remote-to-remote copies
8626
8627    Do not add another "-s" to the argument vector every time an SFTP
8628    connection is initiated.  Instead, introduce a subsystem flag to
8629    do_cmd() and add "-s" when the flag is set.
8630
8631    ok djm@
8632
8633    OpenBSD-Commit-ID: 25df69759f323661d31b2e1e790faa22e27966c1
8634
8635commit 2a2cd00783e1da45ee730b7f453408af1358ef5b
8636Author: djm@openbsd.org <djm@openbsd.org>
8637Date:   Wed Aug 11 08:55:04 2021 +0000
8638
8639    upstream: test -Oprint-pubkey
8640
8641    OpenBSD-Regress-ID: 3d51afb6d1f287975fb6fddd7a2c00a3bc5094e0
8642
8643commit b9f4635ea5bc33ed5ebbacf332d79bae463b0f54
8644Author: djm@openbsd.org <djm@openbsd.org>
8645Date:   Wed Aug 11 08:54:17 2021 +0000
8646
8647    upstream: when verifying sshsig signatures, support an option
8648
8649    (-Oprint-pubkey) to dump the full public key to stdout; based on patch from
8650    Fabian Stelzer; ok markus@
8651
8652    OpenBSD-Commit-ID: 0598000e5b9adfb45d42afa76ff80daaa12fc3e2
8653
8654commit 750c1a45ba4e8ad63793d49418a0780e77947b9b
8655Author: djm@openbsd.org <djm@openbsd.org>
8656Date:   Wed Aug 11 05:21:32 2021 +0000
8657
8658    upstream: oops, missed one more %p
8659
8660    OpenBSD-Commit-ID: e7e62818d1564cc5cd9086eaf7a51cbd1a9701eb
8661
8662commit b5aa27b69ab2e1c13ac2b5ad3f8f7d389bad7489
8663Author: djm@openbsd.org <djm@openbsd.org>
8664Date:   Wed Aug 11 05:20:17 2021 +0000
8665
8666    upstream: remove a bunch of %p in format strings; leftovers of
8667
8668    debuggings past. prompted by Michael Forney, ok dtucker@
8669
8670    OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
8671
8672commit 419aa01123db5ff5dbc68b2376ef23b222862338
8673Author: Darren Tucker <dtucker@dtucker.net>
8674Date:   Wed Aug 11 09:21:09 2021 +1000
8675
8676    Add includes.h to compat tests.
8677
8678    On platforms where closefrom returns void (eg glibc>=2.34) the prototype
8679    for closefrom in its compat tests would cause compile errors.  Remove
8680    this and have the tests pull in the compat headers in the same way as
8681    the main code.  bz#3336.
8682
8683commit 931f592f26239154eea3eb35a086585897b1a185
8684Author: djm@openbsd.org <djm@openbsd.org>
8685Date:   Tue Aug 10 03:35:45 2021 +0000
8686
8687    upstream: adapt to scp -M flag change; make scp3.sh test SFTP mode too
8688
8689    OpenBSD-Regress-ID: 43fea26704a0f0b962b53c1fabcb68179638f9c0
8690
8691commit 391ca67fb978252c48d20c910553f803f988bd37
8692Author: djm@openbsd.org <djm@openbsd.org>
8693Date:   Tue Aug 10 03:33:34 2021 +0000
8694
8695    upstream: Prepare for a future where scp(1) uses the SFTP protocol by
8696
8697    default. Replace recently added -M option to select the protocol with -O
8698    (olde) and -s (SFTP) flags, and label the -s flag with a clear warning that
8699    it will be removed in the near future (so no, don't use it in scripts!).
8700
8701    prompted by/feedback from deraadt@
8702
8703    OpenBSD-Commit-ID: 92ad72cc6f0023c9be9e316d8b30eb6d8d749cfc
8704
8705commit bfdd4b722f124a4fa9173d20dd64dd0fc69856be
8706Author: djm@openbsd.org <djm@openbsd.org>
8707Date:   Mon Aug 9 23:56:36 2021 +0000
8708
8709    upstream: make scp -3 the default for remote-to-remote copies. It
8710
8711    provides a much better and more intuitive user experience and doesn't require
8712    exposing credentials to the source host.
8713
8714    thanks naddy@ for catching the missing argument in usage()
8715
8716    "Yes please!" - markus@
8717    "makes a lot of sense" - deraadt@
8718    "the right thing to do" - dtucker@
8719
8720    OpenBSD-Commit-ID: d0d2af5f0965c5192ba5b2fa461c9f9b130e5dd9
8721
8722commit 2f7a3b51cef689ad9e93d0c6c17db5a194eb5555
8723Author: djm@openbsd.org <djm@openbsd.org>
8724Date:   Mon Aug 9 23:49:31 2021 +0000
8725
8726    upstream: make scp in SFTP mode try to use relative paths as much
8727
8728    as possible. Previosuly, it would try to make relative and ~/-rooted paths
8729    absolute before requesting transfers.
8730
8731    prompted by and much discussion deraadt@
8732    ok markus@
8733
8734    OpenBSD-Commit-ID: 46639d382ea99546a4914b545fa7b00fa1be5566
8735
8736commit 2ab864010e0a93c5dd95116fb5ceaf430e2fc23c
8737Author: djm@openbsd.org <djm@openbsd.org>
8738Date:   Mon Aug 9 23:47:44 2021 +0000
8739
8740    upstream: SFTP protocol extension to allow the server to expand
8741
8742    ~-prefixed paths, in particular ~user ones. Allows scp in sftp mode to accept
8743    these paths, like scp in rcp mode does.
8744
8745    prompted by and much discussion deraadt@
8746    ok markus@
8747
8748    OpenBSD-Commit-ID: 7d794def9e4de348e1e777f6030fc9bafdfff392
8749
8750commit 41b019ac067f1d1f7d99914d0ffee4d2a547c3d8
8751Author: djm@openbsd.org <djm@openbsd.org>
8752Date:   Mon Aug 9 23:44:32 2021 +0000
8753
8754    upstream: when scp is in SFTP mode, try to deal better with ~
8755
8756    prefixed paths. ~user paths aren't supported, but ~/ paths will be accepted
8757    and prefixed with the SFTP server starting directory (more to come)
8758
8759    prompted by and discussed with deraadt@
8760    ok markus@
8761
8762    OpenBSD-Commit-ID: 263a071f14555c045fd03132a8fb6cbd983df00d
8763
8764commit b4b3f3da6cdceb3fd168b5fab69d11fba73bd0ae
8765Author: djm@openbsd.org <djm@openbsd.org>
8766Date:   Mon Aug 9 07:21:01 2021 +0000
8767
8768    upstream: on fatal errors, make scp wait for ssh connection before
8769
8770    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
8771    after scp has returned exited and control has returned to the shell; ok
8772    markus@
8773
8774    (this was originally committed as r1.223 along with unrelated stuff that
8775    I rolled back in r1.224)
8776
8777    OpenBSD-Commit-ID: 1261fd667ad918484889ed3d7aec074f3956a74b
8778
8779commit 2ae7771749e0b4cecb107f9d4860bec16c3f4245
8780Author: djm@openbsd.org <djm@openbsd.org>
8781Date:   Mon Aug 9 07:19:12 2021 +0000
8782
8783    upstream: rever r1.223 - I accidentally committed unrelated changes
8784
8785    OpenBSD-Commit-ID: fb73f3865b2647a27dd94db73d6589506a9625f9
8786
8787commit 986abe94d481a1e82a01747360bd767b96b41eda
8788Author: djm@openbsd.org <djm@openbsd.org>
8789Date:   Mon Aug 9 07:16:09 2021 +0000
8790
8791    upstream: show only the final path component in the progress meter;
8792
8793    more useful with long paths (that may truncate) and better matches
8794    traditional scp behaviour; spotted by naddy@ ok deraadt@
8795
8796    OpenBSD-Commit-ID: 26b544d0074f03ebb8a3ebce42317d8d7ee291a3
8797
8798commit 2b67932bb3176dee4fd447af4368789e04a82b93
8799Author: djm@openbsd.org <djm@openbsd.org>
8800Date:   Mon Aug 9 07:13:54 2021 +0000
8801
8802    upstream: on fatal errors, make scp wait for ssh connection before
8803
8804    exiting avoids LogLevel=verbose (or greater) messages from ssh appearing
8805    after scp has returned exited and control has returned to the shell; ok
8806    markus@
8807
8808    OpenBSD-Commit-ID: ef9dab5ef5ae54a6a4c3b15d380568e94263456c
8809
8810commit 724eb900ace30661d45db2ba01d0f924d95ecccb
8811Author: dtucker@openbsd.org <dtucker@openbsd.org>
8812Date:   Sun Aug 8 08:49:09 2021 +0000
8813
8814    upstream: xstrdup environment variable used by ForwardAgent. bz#3328
8815
8816    from goetze at dovetail.com, ok djm@ deraadt@
8817
8818    OpenBSD-Commit-ID: 760320dac1c3b26904284ba417a7d63fccc5e742
8819
8820commit 86b4cb3a884846b358305aad17a6ef53045fa41f
8821Author: dtucker@openbsd.org <dtucker@openbsd.org>
8822Date:   Sun Aug 8 08:27:28 2021 +0000
8823
8824    upstream: Although it's POSIX, not all shells used in Portable support
8825
8826    the implicit 'in "$@"' after 'for i'.
8827
8828    OpenBSD-Regress-ID: 3c9aec6bca4868f85d2742b6ba5223fce110bdbc
8829
8830commit f2ccf6c9f395923695f22345e626dfd691227aaf
8831Author: Darren Tucker <dtucker@dtucker.net>
8832Date:   Sun Aug 8 17:39:56 2021 +1000
8833
8834    Move portable specific settings down.
8835
8836    This brings the top hunk of the file back in sync with OpenBSD
8837    so patches to the CVS Id should apply instead of always being
8838    rejected.
8839
8840commit 71b0eb997e220b0fc9331635af409ad84979f2af
8841Author: dtucker@openbsd.org <dtucker@openbsd.org>
8842Date:   Sun Aug 8 07:27:52 2021 +0000
8843
8844    upstream: Move setting of USER further down the startup In portable
8845
8846    we have to change this and having it in the same hunk as the CVS Id string
8847    means applying changes fails every. single. time.
8848
8849    OpenBSD-Regress-ID: 87cd603eb6db58c9b430bf90adacb7f90864429b
8850
8851commit f0aca2706c710a0da1a4be705f825a807cd15400
8852Author: dtucker@openbsd.org <dtucker@openbsd.org>
8853Date:   Sun Aug 8 06:38:33 2021 +0000
8854
8855    upstream: Drop -q in ssh-log-wrapper.sh to preserve logs.
8856
8857    scp and sftp like to add -q to the command line passed to ssh which
8858    overrides the LogLevel we set in the config files and suppresses output
8859    to the debug logs so drop any "-q" from the invoked ssh.  In the one
8860    case where we actually want to use -q in the banner test, call the ssh
8861    binary directly bypassing the logging wrapper.
8862
8863    OpenBSD-Regress-ID: e2c97d3c964bda33a751374c56f65cdb29755b75
8864
8865commit cf27810a649c5cfae60f8ce66eeb25caa53b13bc
8866Author: dtucker@openbsd.org <dtucker@openbsd.org>
8867Date:   Sat Aug 7 01:57:08 2021 +0000
8868
8869    upstream: Fix prototype mismatch for do_cmd. ok djm@
8870
8871    OpenBSD-Commit-ID: 1c1598bb5237a7ae0be99152f185e0071163714d
8872
8873commit 85de69f64665245786e28c81ab01fe18b0e2a149
8874Author: djm@openbsd.org <djm@openbsd.org>
8875Date:   Sat Aug 7 01:55:01 2021 +0000
8876
8877    upstream: sftp-client.c needs poll.h
8878
8879    remove unused variable
8880
8881    OpenBSD-Commit-ID: 233ac6c012cd23af62f237167a661db391055a16
8882
8883commit 397c4d72e50023af5fe3aee5cc2ad407a6eb1073
8884Author: Darren Tucker <dtucker@dtucker.net>
8885Date:   Sat Aug 7 11:30:57 2021 +1000
8886
8887    Include poll.h and friends for struct pollfd.
8888
8889commit a9e2c533195f28627f205682482d9da384c4c52e
8890Author: djm@openbsd.org <djm@openbsd.org>
8891Date:   Sat Aug 7 00:14:17 2021 +0000
8892
8893    upstream: do_upload() used a near-identical structure for
8894
8895    tracking expected status replies from the server to what do_download() was
8896    using.
8897
8898    Refactor it to use the same structure and factor out some common
8899    code into helper functions.
8900
8901    OpenBSD-Commit-ID: 0c167df8ab6df4a5292c32421922b0cf379e9054
8902
8903commit 7b1cbcb7599d9f6a3bbad79d412604aa1203b5ee
8904Author: djm@openbsd.org <djm@openbsd.org>
8905Date:   Sat Aug 7 00:12:09 2021 +0000
8906
8907    upstream: make scp(1) in SFTP mode follow symlinks like
8908
8909    traditional scp(1) ok markus@
8910
8911    OpenBSD-Commit-ID: 97255e55be37e8e26605e4ba1e69f9781765d231
8912
8913commit 133b44e500422df68c9c25c3b6de35c0263132f1
8914Author: djm@openbsd.org <djm@openbsd.org>
8915Date:   Sat Aug 7 00:10:49 2021 +0000
8916
8917    upstream: fix incorrect directory permissions on scp -3
8918
8919    transfers; ok markus@
8920
8921    OpenBSD-Commit-ID: 64b2abaa5635a2be65ee2e77688ad9bcebf576c2
8922
8923commit 98b59244ca10e62ff67a420856770cb700164f59
8924Author: djm@openbsd.org <djm@openbsd.org>
8925Date:   Sat Aug 7 00:09:57 2021 +0000
8926
8927    upstream: a bit more debugging of file attributes being
8928
8929    sent/received over the wire
8930
8931    OpenBSD-Commit-ID: f68c4e207b08ef95200a8b2de499d422808e089b
8932
8933commit c677e65365d6f460c084e41e0c4807bb8a9cf601
8934Author: djm@openbsd.org <djm@openbsd.org>
8935Date:   Sat Aug 7 00:08:52 2021 +0000
8936
8937    upstream: make scp(1) in SFTP mode output better match original
8938
8939    scp(1) by suppressing "Retrieving [path]" lines that were emitted to support
8940    the interactive sftp(1) client. ok markus@
8941
8942    OpenBSD-Commit-ID: 06be293df5f156a18f366079be2f33fa68001acc
8943
8944commit 48cd39b7a4e5e7c25101c6d1179f98fe544835cd
8945Author: djm@openbsd.org <djm@openbsd.org>
8946Date:   Sat Aug 7 00:07:18 2021 +0000
8947
8948    upstream: factor out a structure duplicated between downloading
8949
8950    and crossloading; ok markus@
8951
8952    OpenBSD-Commit-ID: 96eede24d520569232086a129febe342e4765d39
8953
8954commit 318c06bb04ee21a0cfa6b6022a201eacaa53f388
8955Author: djm@openbsd.org <djm@openbsd.org>
8956Date:   Sat Aug 7 00:06:30 2021 +0000
8957
8958    upstream: use sftp_client crossloading to implement scp -3
8959
8960    feedback/ok markus@
8961
8962    OpenBSD-Commit-ID: 7db4c0086cfc12afc9cfb71d4c2fd3c7e9416ee9
8963
8964commit de7115b373ba0be3861c65de9b606a3e0e9d29a3
8965Author: djm@openbsd.org <djm@openbsd.org>
8966Date:   Sat Aug 7 00:02:41 2021 +0000
8967
8968    upstream: support for "cross"-loading files/directories, i.e.
8969
8970    downloading from one SFTP server while simultaneously uploading to another.
8971
8972    feedback & ok markus@
8973
8974    OpenBSD-Commit-ID: 3982878e29d8df0fa4ddc502f5ff6126ac714235
8975
8976commit a50bd0367ff2063bbc70a387740a2aa6914de094
8977Author: djm@openbsd.org <djm@openbsd.org>
8978Date:   Sat Aug 7 00:01:29 2021 +0000
8979
8980    upstream: factor our SSH2_FXP_OPEN calls into their own function;
8981
8982    "looks fine" markus@
8983
8984    OpenBSD-Commit-ID: d3dea2153f08855c6d9dacc01973248944adeffb
8985
8986commit e3c0ba05873cf3d3f7d19d595667a251026b2d84
8987Author: djm@openbsd.org <djm@openbsd.org>
8988Date:   Sat Aug 7 00:00:33 2021 +0000
8989
8990    upstream: prepare for scp -3 implemented via sftp
8991
8992    OpenBSD-Commit-ID: 194aac0dd87cb175334b71c2a30623a5ad55bb44
8993
8994commit 395d8fbdb094497211e1461cf0e2f80af5617e0a
8995Author: dtucker@openbsd.org <dtucker@openbsd.org>
8996Date:   Fri Aug 6 09:00:18 2021 +0000
8997
8998    upstream: Make diff invocation more portable.
8999
9000    POSIX does not require diff to have -N, so compare in both directions
9001    with just -r, which should catch missing files in either directory.
9002
9003    OpenBSD-Regress-ID: 0e2ec8594556a6f369ed5a0a90c6806419b845f7
9004
9005commit d247a73ce27b460138599648d9c637c6f2b77605
9006Author: djm@openbsd.org <djm@openbsd.org>
9007Date:   Wed Aug 4 21:28:00 2021 +0000
9008
9009    upstream: regression test for scp -3
9010
9011    OpenBSD-Regress-ID: b44375d125c827754a1f722ec6b6b75b634de05d
9012
9013commit 35c8e41a6f6d8ad76f8d1cd81ac2ea23d0d993b2
9014Author: dtucker@openbsd.org <dtucker@openbsd.org>
9015Date:   Fri Aug 6 05:04:42 2021 +0000
9016
9017    upstream: Document "ProxyJump none". bz#3334.
9018
9019    OpenBSD-Commit-ID: f78cc6f55731f2cd35c3a41d5352ac1ee419eba7
9020
9021commit 911ec6411821bda535d09778df7503b92f0eafab
9022Author: dtucker@openbsd.org <dtucker@openbsd.org>
9023Date:   Wed Aug 4 01:34:55 2021 +0000
9024
9025    upstream: Allow for different (but POSIX compliant) behaviour of
9026
9027    basename(3) and prevent a use-after-free in that case in the new sftp-compat
9028    code.
9029
9030    POSIX allows basename(3) to either return a pointer to static storage
9031    or modify the passed string and return a pointer to that.  OpenBSD does
9032    the former and works as is, but on other platforms "filename" points
9033    into "tmp" which was just freed.  This makes the freeing of tmp
9034    consistent with the other variable in the loop.
9035
9036    Pinpointed by the -portable Valgrind regress test.  ok djm@ deraadt@
9037
9038    OpenBSD-Commit-ID: 750f3c19bd4440e4210e30dd5d7367386e833374
9039
9040commit 6df1fecb5d3e51f3a8027a74885c3a44f6cbfcbd
9041Author: Damien Miller <djm@mindrot.org>
9042Date:   Wed Aug 4 11:05:11 2021 +1000
9043
9044    use openbsd-compat glob.h is required
9045
9046commit 9ebd1828881dfc9014a344587934a5ce7db6fa1b
9047Author: Darren Tucker <dtucker@dtucker.net>
9048Date:   Tue Aug 3 21:03:23 2021 +1000
9049
9050    Missing space between macro arg and punctuation.
9051
9052    From jmc@
9053
9054commit 0fd3f62eddc7cf54dcc9053be6f58998f3eb926a
9055Author: Darren Tucker <dtucker@dtucker.net>
9056Date:   Tue Aug 3 21:02:33 2021 +1000
9057
9058    Avoid lines >80 chars.  From jmc@
9059
9060commit af5d8094d8b755e1daaf2e20ff1dc252800b4c9b
9061Author: djm@openbsd.org <djm@openbsd.org>
9062Date:   Tue Aug 3 01:05:24 2021 +0000
9063
9064    upstream: regression tests for scp SFTP protocol support; mostly by
9065
9066    Jakub Jelen in GHPR#194 ok markus
9067
9068    OpenBSD-Regress-ID: 36f1458525bcb111741ec8547eaf58b13cddc715
9069
9070commit e4673b7f67ae7740131a4ecea29a846593049a91
9071Author: anton@openbsd.org <anton@openbsd.org>
9072Date:   Thu Jul 29 15:34:09 2021 +0000
9073
9074    upstream: Treat doas with arguments as a valid SUDO variable.
9075
9076    Allows one to specify SUDO="doas -n" which I do while running make regress.
9077
9078    ok dtucker@
9079
9080    OpenBSD-Regress-ID: 4fe5814b5010dbf0885500d703bea06048d11005
9081
9082commit 197e29f1cca190d767c4b2b63a662f9a9e5da0b3
9083Author: djm@openbsd.org <djm@openbsd.org>
9084Date:   Mon Aug 2 23:38:27 2021 +0000
9085
9086    upstream: support for using the SFTP protocol for file transfers in
9087
9088    scp, via a new "-M sftp" option. Marked as experimental for now.
9089
9090    Some corner-cases exist, in particular there is no attempt to
9091    provide bug-compatibility with scp's weird "double shell" quoting
9092    rules.
9093
9094    Mostly by Jakub Jelen in GHPR#194 with some tweaks by me. ok markus@
9095    Thanks jmc@ for improving the scp.1 bits.
9096
9097    OpenBSD-Commit-ID: 6ce4c9157ff17b650ace571c9f7793d92874051c
9098
9099commit dd533c7ab79d61a7796b77b64bd81b098e0d7f9f
9100Author: jmc@openbsd.org <jmc@openbsd.org>
9101Date:   Fri Jul 30 14:28:13 2021 +0000
9102
9103    upstream: fix a formatting error and add some Xr; from debian at
9104
9105    helgefjell de
9106
9107    removed references to rlogin etc. as no longer relevant;
9108    suggested by djm
9109
9110    ok djm dtucker
9111
9112    OpenBSD-Commit-ID: 3c431c303068d3aec5bb18573a0bd5e0cd77c5ae
9113
9114commit c7cd347a8823819411222c1e10a0d26747d0fd5c
9115Author: jmc@openbsd.org <jmc@openbsd.org>
9116Date:   Fri Jul 30 14:25:01 2021 +0000
9117
9118    upstream: fix a formatting error and mark up known_hosts
9119
9120    consistently; issues reported by debian at helgefjell de
9121
9122    ok djm dtucker
9123
9124    OpenBSD-Commit-ID: a1fd8d21dc77f507685443832df0c9700481b0ce
9125
9126commit 4455aec2e4fc90f64ae4fc47e78ebc9c18721738
9127Author: jmc@openbsd.org <jmc@openbsd.org>
9128Date:   Wed Jul 28 05:57:42 2021 +0000
9129
9130    upstream: no need to talk about version 2 with the -Q option, so
9131
9132    rewrite the text to read better;
9133
9134    issue reported by debian at helgefjell de
9135    ok djm dtucker
9136
9137    OpenBSD-Commit-ID: 59fe2e8219c37906740ad062e0fdaea487dbe9cf
9138
9139commit bec429338e9b30d2c7668060e82608286a8a4777
9140Author: jmc@openbsd.org <jmc@openbsd.org>
9141Date:   Tue Jul 27 14:28:46 2021 +0000
9142
9143    upstream: word fix; reported by debian at helgefjell de
9144
9145    OpenBSD-Commit-ID: 0c6fd22142422a25343c5bd1a618f31618f41ece
9146
9147commit efad4deb5a1f1cf79ebefd63c6625059060bfbe1
9148Author: jmc@openbsd.org <jmc@openbsd.org>
9149Date:   Tue Jul 27 14:14:25 2021 +0000
9150
9151    upstream: standardise the grammar in the options list; issue
9152
9153    reported by debian at helgefjell de
9154
9155    ok dtucker djm
9156
9157    OpenBSD-Commit-ID: 7ac15575045d82f4b205a42cc7d5207fe4c3f8e6
9158
9159commit 1e11fb24066f3fc259ee30db3dbb2a3127e05956
9160Author: Darren Tucker <dtucker@dtucker.net>
9161Date:   Mon Aug 2 18:56:29 2021 +1000
9162
9163    Check for RLIMIT_NOFILE before trying to use it.
9164
9165commit 0f494236b49fb48c1ef33669f14822ca4f3ce2f4
9166Author: Darren Tucker <dtucker@dtucker.net>
9167Date:   Tue Jul 27 17:45:34 2021 +1000
9168
9169    lastenv is only used in setenv.
9170
9171    Prevents an unused variable warning on platforms that have setenv but
9172    not unsetenv.
9173
9174commit a1f78e08bdb3eaa88603ba3c6e01de7c8671e28a
9175Author: Darren Tucker <dtucker@dtucker.net>
9176Date:   Mon Jul 26 12:45:30 2021 +1000
9177
9178    Move SUDO to "make test" command line.
9179
9180    Environment variables don't get passed by vmrun, so move to command
9181    line.
9182
9183commit 02e624273b9c78a49a01239159b8c09b8409b1a0
9184Author: Darren Tucker <dtucker@dtucker.net>
9185Date:   Sun Jul 25 23:26:36 2021 +1000
9186
9187    Set SUDO for tests and cleanup.
9188
9189commit 460ae5d93051bab70239ad823dd784822d58baad
9190Author: Darren Tucker <dtucker@dtucker.net>
9191Date:   Sun Jul 25 22:37:55 2021 +1000
9192
9193    Pass OPENSSL=no to make tests too.
9194
9195commit b398f499c68d74ebe3298b73757cf3f36e14e0cb
9196Author: dtucker@openbsd.org <dtucker@openbsd.org>
9197Date:   Sun Jul 25 12:27:37 2021 +0000
9198
9199    upstream: Skip unit and makefile-based key conversion tests when
9200
9201    we're building with OPENSSL=no.
9202
9203    OpenBSD-Regress-ID: 20455ed9a977c93f846059d1fcb48e29e2c8d732
9204
9205commit 727ce36c8c5941bde99216d27109405907caae4f
9206Author: dtucker@openbsd.org <dtucker@openbsd.org>
9207Date:   Sun Jul 25 12:13:03 2021 +0000
9208
9209    upstream: Replace OPENSSL as the variable that points to the
9210
9211    openssl binary with OPENSSL_BIN.  This will allow us to use the OPENSSL
9212    variable from mk.conf or the make(1) command line indicating if we're
9213    building with our without OpenSSL, and ultimately get the regress tests
9214    working in the OPENSSL=no configuration.
9215
9216    OpenBSD-Regress-ID: 2d788fade3264d7803e5b54cae8875963f688c4e
9217
9218commit 55e17101a9075f6a63af724261c5744809dcb95c
9219Author: dtucker@openbsd.org <dtucker@openbsd.org>
9220Date:   Sat Jul 24 02:57:28 2021 +0000
9221
9222    upstream: Skip RFC4716 format import and export tests when built
9223
9224    without OpenSSL.
9225
9226    OpenBSD-Regress-ID: d2c2d5d38c1acc2b88cc99cfe00a2eb8bb39dfa4
9227
9228commit f5ccb5895d39cd627ad9e7b2c671d2587616100d
9229Author: dtucker@openbsd.org <dtucker@openbsd.org>
9230Date:   Sat Jul 24 02:51:14 2021 +0000
9231
9232    upstream: Don't omit ssh-keygen -y from usage when built without
9233
9234    OpenSSL.  It is actually available, albeit only for ed25519 keys.
9235
9236    OpenBSD-Commit-ID: 7a254c33d0e6a55c30c6b016a8d298d3cb7a7674
9237
9238commit 819d57ac23469f1f03baa8feb38ddefbada90fdc
9239Author: dtucker@openbsd.org <dtucker@openbsd.org>
9240Date:   Sat Jul 24 02:08:13 2021 +0000
9241
9242    upstream: Exclude key conversion options from usage when built
9243
9244    without OpenSSL since those are not available, similar to what we currently
9245    do with the moduli screening options.  We can also use this to skip the
9246    conversion regression tests in this case.
9247
9248    OpenBSD-Commit-ID: 3c82caa398cf99cd4518c23bba5a2fc66b16bafe
9249
9250commit b6673b1d2ee90b4690ee84f634efe40225423c38
9251Author: Darren Tucker <dtucker@dtucker.net>
9252Date:   Sat Jul 24 13:02:51 2021 +1000
9253
9254    Test OpenBSD upstream with and without OpenSSL.
9255
9256commit 9d38074b5453c1abbdf888e80828c278d3b886ac
9257Author: djm@openbsd.org <djm@openbsd.org>
9258Date:   Sat Jul 24 01:54:23 2021 +0000
9259
9260    upstream: test for first-match-wins in authorized_keys environment=
9261
9262    options
9263
9264    OpenBSD-Regress-ID: 1517c90276fe84b5dc5821c59f88877fcc34c0e8
9265
9266commit 2b76f1dd19787e784711ea297ad8fc938b4484fd
9267Author: dtucker@openbsd.org <dtucker@openbsd.org>
9268Date:   Fri Jul 23 05:53:02 2021 +0000
9269
9270    upstream: Simplify keygen-convert by using $SSH_KEYTYPES directly.
9271
9272    OpenBSD-Regress-ID: cdbe408ec3671ea9ee9b55651ee551370d2a4108
9273
9274commit 7d64a9fb587ba9592f027f7a2264226c713d6579
9275Author: djm@openbsd.org <djm@openbsd.org>
9276Date:   Sat Jul 24 01:55:19 2021 +0000
9277
9278    upstream: don't leak environment= variable when it is not the first
9279
9280    match
9281
9282    OpenBSD-Commit-ID: 7fbdc3dfe0032deaf003fd937eeb4d434ee4efe0
9283
9284commit db2130e2340bf923e41c791aa9cd27b9e926042c
9285Author: jmc@openbsd.org <jmc@openbsd.org>
9286Date:   Fri Jul 23 06:01:17 2021 +0000
9287
9288    upstream: punctuation;
9289
9290    OpenBSD-Commit-ID: 64be152e378c45975073ab1c07e0db7eddd15806
9291
9292commit 03190d10980c6fc9124e988cb2df13101f266507
9293Author: djm@openbsd.org <djm@openbsd.org>
9294Date:   Fri Jul 23 05:56:47 2021 +0000
9295
9296    upstream: mention in comment that read_passphrase(..., RP_ALLOW_STDIN)
9297
9298    will try to use askpass first. bz3314
9299
9300    convert a couple of debug() -> debug_f() while here
9301
9302    OpenBSD-Commit-ID: c7e812aebc28fcc5db06d4710e0f73613dee545c
9303
9304commit 1653ece6832b2b304d46866b262d5f69880a9ec7
9305Author: dtucker@openbsd.org <dtucker@openbsd.org>
9306Date:   Fri Jul 23 05:07:16 2021 +0000
9307
9308    upstream: Test conversion of ed25519 and ecdsa keys too.
9309
9310    OpenBSD-Regress-ID: 3676d2d00e58e0d6d37f2878f108cc2b83bbe4bb
9311
9312commit 8b7af02dcf9d2b738787efd27da7ffda9859bed2
9313Author: dtucker@openbsd.org <dtucker@openbsd.org>
9314Date:   Fri Jul 23 04:56:21 2021 +0000
9315
9316    upstream: Add test for exporting pubkey from a passphrase-protected
9317
9318    private key.
9319
9320    OpenBSD-Regress-ID: da99d93e7b235fbd5b5aaa01efc411225e6ba8ac
9321
9322commit 441095d4a3e5048fe3c87a6c5db5bc3383d767fb
9323Author: djm@openbsd.org <djm@openbsd.org>
9324Date:   Fri Jul 23 03:54:55 2021 +0000
9325
9326    upstream: regression test for time-limited signature keys
9327
9328    OpenBSD-Regress-ID: 2a6f3bd900dbee0a3c96f1ff23e032c93ab392bc
9329
9330commit 9e1882ef6489a7dd16b6d7794af96629cae61a53
9331Author: djm@openbsd.org <djm@openbsd.org>
9332Date:   Fri Jul 23 05:24:02 2021 +0000
9333
9334    upstream: note successful authentication method in final "Authenticated
9335
9336    to ..." message and partial auth success messages (all at LogLevel=verbose)
9337    ok dtucker@
9338
9339    OpenBSD-Commit-ID: 06834b89ceb89f8f16c5321d368a66c08f441984
9340
9341commit a917e973a1b90b40ff1e950df083364b48fc6c78
9342Author: djm@openbsd.org <djm@openbsd.org>
9343Date:   Fri Jul 23 04:04:52 2021 +0000
9344
9345    upstream: Add a ForkAfterAuthentication ssh_config(5) counterpart
9346
9347    to the ssh(1) -f flag. Last part of GHPR231 from Volker Diels-Grabsch. ok
9348    dtucker
9349
9350    OpenBSD-Commit-ID: b18aeda12efdebe2093d55263c90fe4ea0bce0d3
9351
9352commit e0c5088f1c96a145eb6ea1dee438010da78f9ef5
9353Author: djm@openbsd.org <djm@openbsd.org>
9354Date:   Fri Jul 23 04:00:59 2021 +0000
9355
9356    upstream: Add a StdinNull directive to ssh_config(5) that allows
9357
9358    the config file to do the same thing as -n does on the ssh(1) commandline.
9359    Patch from Volker Diels-Grabsch via GHPR231; ok dtucker
9360
9361    OpenBSD-Commit-ID: 66ddf3f15c76796d4dcd22ff464aed1edd62468e
9362
9363commit e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea
9364Author: djm@openbsd.org <djm@openbsd.org>
9365Date:   Fri Jul 23 03:57:20 2021 +0000
9366
9367    upstream: make authorized_keys environment="..." directives
9368
9369    first-match-wins and more strictly limit their maximum number; prompted by
9370    OOM reported by OSS-fuzz (35470).
9371
9372    feedback and ok dtucker@
9373
9374    OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121
9375
9376commit d0bb1ce731762c55acb95817df4d5fab526c7ecd
9377Author: djm@openbsd.org <djm@openbsd.org>
9378Date:   Fri Jul 23 03:37:52 2021 +0000
9379
9380    upstream: Let allowed signers files used by ssh-keygen(1)
9381
9382    signatures support key lifetimes, and allow the verification mode to specify
9383    a signature time to check at. This is intended for use by git to support
9384    signing objects using ssh keys. ok dtucker@
9385
9386    OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31
9387
9388commit 44142068dc7ef783d135e91ff954e754d2ed432e
9389Author: dtucker@openbsd.org <dtucker@openbsd.org>
9390Date:   Mon Jul 19 08:48:33 2021 +0000
9391
9392    upstream: Use SUDO when setting up hostkey.
9393
9394    OpenBSD-Regress-ID: 990cf4481cab8dad62e90818a9b4b36c533851a7
9395
9396commit 6b67f3f1d1d187597e54a139cc7785c0acebd9a2
9397Author: dtucker@openbsd.org <dtucker@openbsd.org>
9398Date:   Mon Jul 19 05:08:54 2021 +0000
9399
9400    upstream: Increase time margin for rekey tests. Should help
9401
9402    reliability on very heavily loaded hosts.
9403
9404    OpenBSD-Regress-ID: 4c28a0fce3ea89ebde441d7091464176e9730533
9405
9406commit 7953e1bfce9e76bec41c1331a29bc6cff9d416b8
9407Author: Darren Tucker <dtucker@dtucker.net>
9408Date:   Mon Jul 19 13:47:51 2021 +1000
9409
9410    Add sshfp-connect.sh file missed in previous.
9411
9412commit b75a80fa8369864916d4c93a50576155cad4df03
9413Author: dtucker@openbsd.org <dtucker@openbsd.org>
9414Date:   Mon Jul 19 03:13:28 2021 +0000
9415
9416    upstream: Ensure that all returned SSHFP records for the specified host
9417
9418    name and hostkey type match instead of only one.  While there, simplify the
9419    code somewhat and add some debugging.  Based on discussion in bz#3322, ok
9420    djm@.
9421
9422    OpenBSD-Commit-ID: 0a6a0a476eb7f9dfe8fe2c05a1a395e3e9b22ee4
9423
9424commit 1cc1fd095393663cd72ddac927d82c6384c622ba
9425Author: dtucker@openbsd.org <dtucker@openbsd.org>
9426Date:   Mon Jul 19 02:21:50 2021 +0000
9427
9428    upstream: Id sync only, -portable already has this.
9429
9430    Put dh_set_moduli_file call inside ifdef WITH_OPENSSL. Fixes
9431    build with OPENSSL=no.
9432
9433    OpenBSD-Commit-ID: af54abbebfb12bcde6219a44d544e18204defb15
9434
9435commit 33abbe2f4153f5ca5c874582f6a7cc91ae167485
9436Author: dtucker@openbsd.org <dtucker@openbsd.org>
9437Date:   Mon Jul 19 02:46:34 2021 +0000
9438
9439    upstream: Add test for host key verification via SSHFP records. This
9440
9441    requires some external setup to operate so is disabled by default (see
9442    comments in sshfp-connect.sh).
9443
9444    OpenBSD-Regress-ID: c52c461bd1df3a803d17498917d156ef64512fd9
9445
9446commit f0cd000d8e3afeb0416dce1c711c3d7c28d89bdd
9447Author: dtucker@openbsd.org <dtucker@openbsd.org>
9448Date:   Mon Jul 19 02:29:28 2021 +0000
9449
9450    upstream: Add ed25519 key and test SSHFP export of it. Only test
9451
9452    RSA SSHFP export if we have RSA functionality compiled in.
9453
9454    OpenBSD-Regress-ID: b4ff5181b8c9a5862e7f0ecdd96108622333a9af
9455
9456commit 0075511e27e5394faa28edca02bfbf13b9a6693e
9457Author: dtucker@openbsd.org <dtucker@openbsd.org>
9458Date:   Mon Jul 19 00:16:26 2021 +0000
9459
9460    upstream: Group keygen tests together.
9461
9462    OpenBSD-Regress-ID: 07e2d25c527bb44f03b7c329d893a1f2d6c5c40c
9463
9464commit 034828820c7e62652e7c48f9ee6b67fb7ba6fa26
9465Author: dtucker@openbsd.org <dtucker@openbsd.org>
9466Date:   Sun Jul 18 23:10:10 2021 +0000
9467
9468    upstream: Add test for ssh-keygen printing of SSHFP records.
9469
9470    OpenBSD-Regress-ID: fde9566b56eeb980e149bbe157a884838507c46b
9471
9472commit 52c3b6985ef1d5dadb4c4fe212f8b3a78ca96812
9473Author: djm@openbsd.org <djm@openbsd.org>
9474Date:   Sat Jul 17 00:38:11 2021 +0000
9475
9476    upstream: wrap some long lines
9477
9478    OpenBSD-Commit-ID: 4f5186b1466656762dae37d3e569438d900c350d
9479
9480commit 43ec991a782791d0b3f42898cd789f99a07bfaa4
9481Author: djm@openbsd.org <djm@openbsd.org>
9482Date:   Sat Jul 17 00:36:53 2021 +0000
9483
9484    upstream: fix sftp on ControlPersist connections, broken by recent
9485
9486    SessionType change; spotted by sthen@
9487
9488    OpenBSD-Commit-ID: 4c5ddc5698790ae6ff50d2a4f8f832f0eeeaa234
9489
9490commit 073f45c236550f158c9a94003e4611c07dea5279
9491Author: djm@openbsd.org <djm@openbsd.org>
9492Date:   Fri Jul 16 09:00:23 2021 +0000
9493
9494    upstream: Explicitly check for and start time-based rekeying in the
9495
9496    client and server mainloops.
9497
9498    Previously the rekey timeout could expire but rekeying would not start
9499    until a packet was sent or received. This could cause us to spin in
9500    select() on the rekey timeout if the connection was quiet.
9501
9502    ok markus@
9503
9504    OpenBSD-Commit-ID: 4356cf50d7900f3df0a8f2117d9e07c91b9ff987
9505
9506commit ef7c4e52d5d840607f9ca3a302a4cbb81053eccf
9507Author: jmc@openbsd.org <jmc@openbsd.org>
9508Date:   Wed Jul 14 06:46:38 2021 +0000
9509
9510    upstream: reorder SessionType; ok djm
9511
9512    OpenBSD-Commit-ID: c7dd0b39e942b1caf4976a0b1cf0fed33d05418c
9513
9514commit 8aa2f9aeb56506dca996d68ab90ab9c0bebd7ec3
9515Author: Darren Tucker <dtucker@dtucker.net>
9516Date:   Wed Jul 14 11:26:50 2021 +1000
9517
9518    Make whitespace consistent.
9519
9520commit 4f4297ee9b8a39f4dfd243a74c5f51f9e7a05723
9521Author: Darren Tucker <dtucker@dtucker.net>
9522Date:   Wed Jul 14 11:26:12 2021 +1000
9523
9524    Add ARM64 Linux self-hosted runner.
9525
9526commit eda8909d1b0a85b9c3804a04d03ec6738fd9dc7f
9527Author: djm@openbsd.org <djm@openbsd.org>
9528Date:   Tue Jul 13 23:48:36 2021 +0000
9529
9530    upstream: add a SessionType directive to ssh_config, allowing the
9531
9532    configuration file to offer equivalent control to the -N (no session) and -s
9533    (subsystem) command-line flags.
9534
9535    Part of GHPR#231 by Volker Diels-Grabsch with some minor tweaks;
9536    feedback and ok dtucker@
9537
9538    OpenBSD-Commit-ID: 726ee931dd4c5cc7f1d7a187b26f41257f9a2d12
9539
9540commit 7ae69f2628e338ba6e0eae7ee8a63bcf8fea7538
9541Author: djm@openbsd.org <djm@openbsd.org>
9542Date:   Mon Jul 12 02:12:22 2021 +0000
9543
9544    upstream: fix some broken tests; clean up output
9545
9546    OpenBSD-Regress-ID: 1d5038edb511dc4ce1622344c1e724626a253566
9547
9548commit f5fc6a4c3404bbf65c21ca6361853b33d78aa87e
9549Author: Darren Tucker <dtucker@dtucker.net>
9550Date:   Mon Jul 12 18:00:05 2021 +1000
9551
9552    Add configure-time detection for SSH_TIME_T_MAX.
9553
9554    Should fix printing cert times exceeding INT_MAX (bz#3329) on platforms
9555    were time_t is a long long.  The limit used is for the signed type, so if
9556    some system has a 32bit unsigned time_t then the lower limit will still
9557    be imposed and we would need to add some way to detect this.  Anyone using
9558    an unsigned 64bit can let us know when it starts being a problem.
9559
9560commit fd2d06ae4442820429d634c0a8bae11c8e40c174
9561Author: dtucker@openbsd.org <dtucker@openbsd.org>
9562Date:   Mon Jul 12 06:22:57 2021 +0000
9563
9564    upstream: Make limit for time_t test unconditional in the
9565
9566    format_absolute_time fix for bz#3329 that allows printing of timestamps past
9567    INT_MAX. This was incorrectly included with the previous commit.   Based on
9568    discussion with djm@.
9569
9570    OpenBSD-Commit-ID: 835936f6837c86504b07cabb596b613600cf0f6e
9571
9572commit 6c29b387cd64a57b0ec8ae7d2c8d02789d88fcc3
9573Author: dtucker@openbsd.org <dtucker@openbsd.org>
9574Date:   Mon Jul 12 06:08:57 2021 +0000
9575
9576    upstream: Use existing format_absolute_time() function when
9577
9578    printing cert validity instead of doing it inline.  Part of bz#3329.
9579
9580    OpenBSD-Commit-ID: a13d4e3c4f59644c23745eb02a09b2a4e717c00c
9581
9582commit 99981d5f8bfa383791afea03f6bce8454e96e323
9583Author: djm@openbsd.org <djm@openbsd.org>
9584Date:   Fri Jul 9 09:55:56 2021 +0000
9585
9586    upstream: silence redundant error message; reported by Fabian Stelzer
9587
9588    OpenBSD-Commit-ID: 9349a703016579a60557dafd03af2fe1d44e6aa2
9589
9590commit e86097813419b49d5bff5c4b51d1c3a5d4d2d804
9591Author: John Ericson <John.Ericson@Obsidian.Systems>
9592Date:   Sat Dec 26 11:40:49 2020 -0500
9593
9594    Re-indent krb5 section after pkg-config addition.
9595
9596commit 32dd2daa56c294e40ff7efea482c9eac536d8cbb
9597Author: John Ericson <John.Ericson@Obsidian.Systems>
9598Date:   Sat Dec 26 11:40:49 2020 -0500
9599
9600    Support finding Kerberos via pkg-config
9601
9602    This makes cross compilation easier.
9603
9604commit def7a72234d7e4f684d72d33a0f7229f9eee0aa4
9605Author: Darren Tucker <dtucker@dtucker.net>
9606Date:   Fri Jul 9 14:34:06 2021 +1000
9607
9608    Update comments about EGD to include prngd.
9609
9610commit b5d23150b4e3368f4983fd169d432c07afeee45a
9611Author: dtucker@openbsd.org <dtucker@openbsd.org>
9612Date:   Mon Jul 5 01:21:07 2021 +0000
9613
9614    upstream: Fix a couple of whitespace things. Portable already has
9615
9616    these so this removes two diffs between the two.
9617
9618    OpenBSD-Commit-ID: 769f017ebafd8e741e337b3e9e89eb5ac73c9c56
9619
9620commit 8f57be9f279b8e905f9883066aa633c7e67b31cf
9621Author: dtucker@openbsd.org <dtucker@openbsd.org>
9622Date:   Mon Jul 5 01:16:46 2021 +0000
9623
9624    upstream: Order includes as per style(9). Portable already has
9625
9626    these so this removes a handful of diffs between the two.
9627
9628    OpenBSD-Commit-ID: 8bd7452d809b199c19bfc49511a798f414eb4a77
9629
9630commit b75624f8733b3ed9e240f86cac5d4a39dae11848
9631Author: dtucker@openbsd.org <dtucker@openbsd.org>
9632Date:   Mon Jul 5 00:50:25 2021 +0000
9633
9634    upstream: Remove comment referencing now-removed
9635
9636    RhostsRSAAuthentication.  ok djm@
9637
9638    OpenBSD-Commit-ID: 3d864bfbd99a1d4429a58e301688f3be464827a9
9639
9640commit b67eb12f013c5441bb4f0893a97533582ad4eb13
9641Author: djm@openbsd.org <djm@openbsd.org>
9642Date:   Mon Jul 5 00:25:42 2021 +0000
9643
9644    upstream: allow spaces to appear in usernames for local to remote,
9645
9646    and scp -3 remote to remote copies. with & ok dtucker bz#1164
9647
9648    OpenBSD-Commit-ID: e9b550f3a85ffbb079b6720833da31317901d6dd
9649
9650commit 8c4ef0943e574f614fc7c6c7e427fd81ee64ab87
9651Author: dtucker@openbsd.org <dtucker@openbsd.org>
9652Date:   Fri Jul 2 07:20:44 2021 +0000
9653
9654    upstream: Remove obsolete comments about SSHv1 auth methods. ok
9655
9656    djm@
9657
9658    OpenBSD-Commit-ID: 6060f70966f362d8eb4bec3da2f6c4712fbfb98f
9659
9660commit 88908c9b61bcb99f16e8d398fc41e2b3b4be2003
9661Author: Darren Tucker <dtucker@dtucker.net>
9662Date:   Sat Jul 3 23:00:19 2021 +1000
9663
9664    Remove reference to ChallengeResponse.
9665
9666    challenge_response_authentication was removed from the struct, keeping
9667    kbd_interactive_authentication.
9668
9669commit 321874416d610ad2158ce6112f094a4862c2e37f
9670Author: Darren Tucker <dtucker@dtucker.net>
9671Date:   Sat Jul 3 20:38:09 2021 +1000
9672
9673    Move signal.h up include order to match upstream.
9674
9675commit 4fa83e2d0e32c2dd758653e0359984bbf1334f32
9676Author: Darren Tucker <dtucker@dtucker.net>
9677Date:   Sat Jul 3 20:36:06 2021 +1000
9678
9679    Remove old OpenBSD version marker.
9680
9681    Looks like an accidental leftover from a sync.
9682
9683commit 9d5e31f55d5f3899b72645bac41a932d298ad73b
9684Author: Darren Tucker <dtucker@dtucker.net>
9685Date:   Sat Jul 3 20:34:19 2021 +1000
9686
9687    Remove duplicate error on error path.
9688
9689    There's an extra error() call on the listen error path, it looks like
9690    its removal was missed during an upstream sync.
9691
9692commit 888c459925c7478ce22ff206c9ac1fb812a40caf
9693Author: Darren Tucker <dtucker@dtucker.net>
9694Date:   Sat Jul 3 20:32:46 2021 +1000
9695
9696    Remove some whitespace not in upstream.
9697
9698    Reduces diff vs OpenBSD by a small amount.
9699
9700commit 4d2d4d47a18d93f3e0a91a241a6fdb545bbf7dc2
9701Author: Darren Tucker <dtucker@dtucker.net>
9702Date:   Sat Jul 3 19:27:43 2021 +1000
9703
9704    Replace remaining references to ChallengeResponse.
9705
9706    Portable had a few additional references to ChallengeResponse related to
9707    UsePAM, replaces these with equivalent keyboard-interactive ones.
9708
9709commit 53237ac789183946dac6dcb8838bc3b6b9b43be1
9710Author: Darren Tucker <dtucker@dtucker.net>
9711Date:   Sat Jul 3 19:23:28 2021 +1000
9712
9713    Sync remaining ChallengeResponse removal.
9714
9715    These were omitted from commit 88868fd131.
9716
9717commit 2c9e4b319f7e98744b188b0f58859d431def343b
9718Author: Darren Tucker <dtucker@dtucker.net>
9719Date:   Sat Jul 3 19:17:31 2021 +1000
9720
9721    Disable rocky84 to figure out why agent test fails
9722
9723commit bfe19197a92b7916f64a121fbd3c179abf15e218
9724Author: Darren Tucker <dtucker@dtucker.net>
9725Date:   Fri Jul 2 15:43:28 2021 +1000
9726
9727    Remove now-unused SSHv1 enums.
9728
9729    sRhostsRSAAuthentication and sRSAAuthentication are protocol 1 options
9730    and are no longer used.
9731
9732commit c73b02d92d72458a5312bd098f32ce88868fd131
9733Author: dtucker@openbsd.org <dtucker@openbsd.org>
9734Date:   Fri Jul 2 05:11:20 2021 +0000
9735
9736    upstream: Remove references to ChallengeResponseAuthentication in
9737
9738    favour of KbdInteractiveAuthentication.  The former is what was in SSHv1, the
9739    latter is what is in SSHv2 (RFC4256) and they were treated as somewhat but
9740    not entirely equivalent.  We retain the old name as deprecated alias so
9741    config files continue to work and a reference in the man page for people
9742    looking for it.
9743
9744    Prompted by bz#3303 which pointed out the discrepancy between the two
9745    when used with Match.  Man page help & ok jmc@, with & ok djm@
9746
9747    OpenBSD-Commit-ID: 2c1bff8e5c9852cfcdab1f3ea94dfef5a22f3b7e
9748
9749commit f841fc9c8c7568a3b5d84a4cc0cefacb7dbc16b9
9750Author: Darren Tucker <dtucker@dtucker.net>
9751Date:   Fri Jul 2 15:20:32 2021 +1000
9752
9753    Fix ifdefs around get_random_bytes_prngd.
9754
9755    get_random_bytes_prngd() is used if either of PRNGD_PORT or PRNGD_SOCKET
9756    are defined, so adjust ifdef accordingly.
9757
9758commit 0767627cf66574484b9c0834500b42ea04fe528a
9759Author: Damien Miller <djm@mindrot.org>
9760Date:   Fri Jul 2 14:30:23 2021 +1000
9761
9762    wrap get_random_bytes_prngd() in ifdef
9763
9764    avoid unused static function warning
9765
9766commit f93fdc4de158386efe1116bd44c5b3f4a7a82c25
9767Author: Darren Tucker <dtucker@dtucker.net>
9768Date:   Mon Jun 28 13:06:37 2021 +1000
9769
9770    Add rocky84 test target.
9771
9772commit d443006c0ddfa7f6a5bd9c0ae92036f3d5f2fa3b
9773Author: djm@openbsd.org <djm@openbsd.org>
9774Date:   Fri Jun 25 06:30:22 2021 +0000
9775
9776    upstream: fix decoding of X.509 subject name; from Leif Thuresson
9777
9778    via bz3327 ok markus@
9779
9780    OpenBSD-Commit-ID: 0ea2e28f39750dd388b7e317bc43dd997a217ae8
9781
9782commit 2a5704ec142202d387fda2d6872fd4715ab81347
9783Author: dtucker@openbsd.org <dtucker@openbsd.org>
9784Date:   Fri Jun 25 06:20:39 2021 +0000
9785
9786    upstream: Use better language to refer to the user. From l1ving
9787
9788    via github PR#250, ok jmc@
9789
9790    OpenBSD-Commit-ID: 07ca3526626996613e128aeddf7748c93c4d6bbf
9791
9792commit 4bdf7a04797a0ea1c431a9d54588417c29177d19
9793Author: dtucker@openbsd.org <dtucker@openbsd.org>
9794Date:   Fri Jun 25 03:38:17 2021 +0000
9795
9796    upstream: Replace SIGCHLD/notify_pipe kludge with pselect.
9797
9798    Previously sshd's SIGCHLD handler would wake up select() by writing a
9799    byte to notify_pipe.  We can remove this by blocking SIGCHLD, checking
9800    for child terminations then passing the original signal mask through
9801    to pselect.  This ensures that the pselect will immediately wake up if
9802    a child terminates between wait()ing on them and the pselect.
9803
9804    In -portable, for platforms that do not have pselect the kludge is still
9805    there but is hidden behind a pselect interface.
9806
9807    Based on other changes for bz#2158, ok djm@
9808
9809    OpenBSD-Commit-ID: 202c85de0b3bdf1744fe53529a05404c5480d813
9810
9811commit c9f7bba2e6f70b7ac1f5ea190d890cb5162ce127
9812Author: Darren Tucker <dtucker@dtucker.net>
9813Date:   Fri Jun 25 15:08:18 2021 +1000
9814
9815    Move closefrom() to before first malloc.
9816
9817    When built against tcmalloc, tcmalloc allocates a descriptor for its
9818    internal use, so calling closefrom() afterward causes the descriptor
9819    number to be reused resulting in a corrupted connection.  Moving the
9820    closefrom a little earlier should resolve this.  From kircherlike at
9821    outlook.com via bz#3321, ok djm@
9822
9823commit 7ebfe4e439853b88997c9cfc2ff703408a1cca92
9824Author: Darren Tucker <dtucker@dtucker.net>
9825Date:   Fri Jun 18 20:41:45 2021 +1000
9826
9827    Put second -lssh in link line for sftp-server.
9828
9829    When building --without-openssl the recent port-prngd.c change adds
9830    a dependency on atomicio, but since nothing else in sftp-server uses
9831    it, the linker may not find it.  Add a second -lssh similar to other
9832    binaries.
9833
9834commit e409d7966785cfd9f5970e66a820685c42169717
9835Author: Darren Tucker <dtucker@dtucker.net>
9836Date:   Fri Jun 18 18:34:08 2021 +1000
9837
9838    Try EGD/PRNGD if random device fails.
9839
9840    When built --without-openssl, try EGD/PRGGD (if configured) as a last
9841    resort before failing.
9842
9843commit e43a898043faa3a965dbaa1193cc60e0b479033d
9844Author: Darren Tucker <dtucker@dtucker.net>
9845Date:   Fri Jun 18 18:32:51 2021 +1000
9846
9847    Split EGD/PRNGD interface into its own file.
9848
9849    This will allow us to use it when building --without-openssl.
9850
9851commit acb2887a769a1b1912cfd7067f3ce04fad240260
9852Author: Darren Tucker <dtucker@dtucker.net>
9853Date:   Thu Jun 17 21:03:19 2021 +1000
9854
9855    Handle GIDs > 2^31 in getgrouplist.
9856
9857    When compiled in 32bit mode, the getgrouplist implementation may fail
9858    for GIDs greater than LONG_MAX.  Analysis and change from ralf.winkel
9859    at tui.com.
9860
9861commit 31fac20c941126281b527605b73bff30a8f02edd
9862Author: dtucker@openbsd.org <dtucker@openbsd.org>
9863Date:   Thu Jun 10 09:46:28 2021 +0000
9864
9865    upstream: Use $SUDO when reading sshd's pidfile here too.
9866
9867    OpenBSD-Regress-ID: 6bfb0d455d493f24839034a629c5306f84dbd409
9868
9869commit a3a58acffc8cc527f8fc6729486d34e4c3d27643
9870Author: dtucker@openbsd.org <dtucker@openbsd.org>
9871Date:   Thu Jun 10 09:43:51 2021 +0000
9872
9873    upstream: Use $SUDO when reading sshd's pidfile in case it was
9874
9875    created with a very restrictive umask.  This resyncs with -portable.
9876
9877    OpenBSD-Regress-ID: 07fd2af06df759d4f64b82c59094accca1076a5d
9878
9879commit 249ad4ae51cd3bc235e75a4846eccdf8b1416611
9880Author: dtucker@openbsd.org <dtucker@openbsd.org>
9881Date:   Thu Jun 10 09:37:59 2021 +0000
9882
9883    upstream: Set umask when creating hostkeys to prevent excessive
9884
9885    permissions warning.
9886
9887    OpenBSD-Regress-ID: 382841db0ee28dfef7f7bffbd511803e1b8ab0ef
9888
9889commit 9d0892153c005cc65897e9372b01fa66fcbe2842
9890Author: dtucker@openbsd.org <dtucker@openbsd.org>
9891Date:   Thu Jun 10 03:45:31 2021 +0000
9892
9893    upstream: Add regress test for SIGHUP restart
9894
9895    while handling active and unauthenticated clients.  Should catch anything
9896    similar to the pselect bug just fixed in sshd.c.
9897
9898    OpenBSD-Regress-ID: 3b3c19b5e75e43af1ebcb9586875b3ae3a4cac73
9899
9900commit 73f6f191f44440ca3049b9d3c8e5401d10b55097
9901Author: dtucker@openbsd.org <dtucker@openbsd.org>
9902Date:   Thu Jun 10 03:14:14 2021 +0000
9903
9904    upstream: Continue accept loop when pselect
9905
9906    returns -1, eg if it was interrupted by a signal.  This should prevent
9907    the hang discovered by sthen@ wherein sshd receives a SIGHUP while it has
9908    an unauthenticated child and goes on to a blocking read on a notify_pipe.
9909    feedback deraadt@, ok djm@
9910
9911    OpenBSD-Commit-ID: 0243c1c5544fca0974dae92cd4079543a3fceaa0
9912
9913commit c785c0ae134a8e8b5c82b2193f64c632a98159e4
9914Author: djm@openbsd.org <djm@openbsd.org>
9915Date:   Tue Jun 8 22:30:27 2021 +0000
9916
9917    upstream: test that UserKnownHostsFile correctly accepts multiple
9918
9919    arguments; would have caught readconf.c r1.356 regression
9920
9921    OpenBSD-Regress-ID: 71ca54e66c2a0211b04999263e56390b1f323a6a
9922
9923commit 1a6f6b08e62c78906a3032e8d9a83e721c84574e
9924Author: djm@openbsd.org <djm@openbsd.org>
9925Date:   Tue Jun 8 22:06:12 2021 +0000
9926
9927    upstream: fix regression in r1.356: for ssh_config options that
9928
9929    accepted multiple string arguments, ssh was only recording the first.
9930    Reported by Lucas via bugs@
9931
9932    OpenBSD-Commit-ID: 7cbf182f7449bf1cb7c5b4452667dc2b41170d6d
9933
9934commit 78e30af3e2b2dd540a341cc827c6b98dd8b0a6de
9935Author: djm@openbsd.org <djm@openbsd.org>
9936Date:   Tue Jun 8 07:40:12 2021 +0000
9937
9938    upstream: test argv_split() optional termination on comments
9939
9940    OpenBSD-Regress-ID: 9fd1c4a27a409897437c010cfd79c54b639a059c
9941
9942commit a023138957ea2becf1c7f93fcc42b0aaac6f2b03
9943Author: dtucker@openbsd.org <dtucker@openbsd.org>
9944Date:   Tue Jun 8 07:05:27 2021 +0000
9945
9946    upstream: Add testcases from bz#3319 for IPQoS and TunnelDevice
9947
9948    being overridden on the command line.
9949
9950    OpenBSD-Regress-ID: 801674d5d2d02abd58274a78cab2711f11de14a8
9951
9952commit 660cea10b2cdc11f13ba99c89b1bbb368a4d9ff2
9953Author: djm@openbsd.org <djm@openbsd.org>
9954Date:   Tue Jun 8 06:52:43 2021 +0000
9955
9956    upstream: sprinkle some "# comment" at end of configuration lines
9957
9958    to test comment handling
9959
9960    OpenBSD-Regress-ID: cb82fbf40bda5c257a9f742c63b1798e5a8fdda7
9961
9962commit acc9c32dcb6def6c7d3688bceb4c0e59bd26b411
9963Author: djm@openbsd.org <djm@openbsd.org>
9964Date:   Tue Jun 8 06:51:47 2021 +0000
9965
9966    upstream: more descriptive failure message
9967
9968    OpenBSD-Regress-ID: 5300f6faf1d9e99c0cd10827b51756c5510e3509
9969
9970commit ce04dd4eae23d1c9cf7c424a702f48ee78573bc1
9971Author: djm@openbsd.org <djm@openbsd.org>
9972Date:   Mon Jun 7 01:16:34 2021 +0000
9973
9974    upstream: test AuthenticationMethods inside a Match block as well
9975
9976    as in the main config section
9977
9978    OpenBSD-Regress-ID: ebe0a686621b7cb8bb003ac520975279c28747f7
9979
9980commit 9018bd821fca17e26e92f7a7e51d9b24cd62f2db
9981Author: djm@openbsd.org <djm@openbsd.org>
9982Date:   Mon Jun 7 00:00:50 2021 +0000
9983
9984    upstream: prepare for stricter sshd_config parsing that will refuse
9985
9986    a config that has {Allow,Deny}{Users,Groups} on a line with no subsequent
9987    arguments. Such lines are permitted but are nonsensical noops ATM
9988
9989    OpenBSD-Regress-ID: ef65463fcbc0bd044e27f3fe400ea56eb4b8f650
9990
9991commit a10f929d1ce80640129fc5b6bc1acd9bf689169e
9992Author: djm@openbsd.org <djm@openbsd.org>
9993Date:   Tue Jun 8 07:09:42 2021 +0000
9994
9995    upstream: switch sshd_config parsing to argv_split()
9996
9997    similar to the previous commit, this switches sshd_config parsing to
9998    the newer tokeniser. Config parsing will be a little stricter wrt
9999    quote correctness and directives appearing without arguments.
10000
10001    feedback and ok markus@
10002
10003    tested in snaps for the last five or so days - thanks Theo and those who
10004    caught bugs
10005
10006    OpenBSD-Commit-ID: 9c4305631d20c2d194661504ce11e1f68b20d93e
10007
10008commit ea9e45c89a4822d74a9d97fef8480707d584da4d
10009Author: djm@openbsd.org <djm@openbsd.org>
10010Date:   Tue Jun 8 07:07:15 2021 +0000
10011
10012    upstream: Switch ssh_config parsing to use argv_split()
10013
10014    This fixes a couple of problems with the previous tokeniser,
10015    strdelim()
10016
10017    1. strdelim() is permissive wrt accepting '=' characters. This is
10018      intended to allow it to tokenise "Option=value" but because it
10019      cannot keep state, it will incorrectly split "Opt=val=val2".
10020    2. strdelim() has rudimentry handling of quoted strings, but it
10021      is incomplete and inconsistent. E.g. it doesn't handle escaped
10022      quotes inside a quoted string.
10023    3. It has no support for stopping on a (unquoted) comment. Because
10024      of this readconf.c r1.343 added chopping of lines at '#', but
10025      this caused a regression because these characters may legitimately
10026      appear inside quoted strings.
10027
10028    The new tokeniser is stricter is a number of cases, including #1 above
10029    but previously it was also possible for some directives to appear
10030    without arguments. AFAIK these were nonsensical in all cases, and the
10031    new tokeniser refuses to accept them.
10032
10033    The new code handles quotes much better, permitting quoted space as
10034    well as escaped closing quotes. Finally, comment handling should be
10035    fixed - the tokeniser will terminate only on unquoted # characters.
10036
10037    feedback & ok markus@
10038
10039    tested in snaps for the last five or so days - thanks Theo and those who
10040    caught bugs
10041
10042    OpenBSD-Commit-ID: dc72fd12af9d5398f4d9e159d671f9269c5b14d5
10043
10044commit d786424986c04d1d375f231fda177c8408e05c3e
10045Author: dtucker@openbsd.org <dtucker@openbsd.org>
10046Date:   Tue Jun 8 07:02:46 2021 +0000
10047
10048    upstream: Check if IPQoS or TunnelDevice are already set before
10049
10050    overriding. Prevents values in config files from overriding values supplied
10051    on the command line.  bz#3319, ok markus.
10052
10053    OpenBSD-Commit-ID: f3b08b898c324debb9195e6865d8999406938f74
10054
10055commit aae4b4d3585b9f944d7dbd3c9e5ba0006c55e457
10056Author: djm@openbsd.org <djm@openbsd.org>
10057Date:   Tue Jun 8 06:54:40 2021 +0000
10058
10059    upstream: Allow argv_split() to optionally terminate tokenisation
10060
10061    when it encounters an unquoted comment.
10062
10063    Add some additional utility function for working with argument
10064    vectors, since we'll be switching to using them to parse
10065    ssh/sshd_config shortly.
10066
10067    ok markus@ as part of a larger diff; tested in snaps
10068
10069    OpenBSD-Commit-ID: fd9c108cef2f713f24e3bc5848861d221bb3a1ac
10070
10071commit da9f9acaac5bab95dca642b48e0c8182b246ab69
10072Author: Darren Tucker <dtucker@dtucker.net>
10073Date:   Mon Jun 7 19:19:23 2021 +1000
10074
10075    Save logs on failure for upstream test
10076
10077commit 76883c60161e5f3808787085a27a8c37f8cc4e08
10078Author: Darren Tucker <dtucker@dtucker.net>
10079Date:   Mon Jun 7 14:36:32 2021 +1000
10080
10081    Add obsdsnap-i386 upstream test target.
10082
10083commit d45b9c63f947ec5ec314696e70281f6afddc0ac3
10084Author: djm@openbsd.org <djm@openbsd.org>
10085Date:   Mon Jun 7 03:38:38 2021 +0000
10086
10087    upstream: fix debug message when finding a private key to match a
10088
10089    certificate being attempted for user authentication. Previously it would
10090    print the certificate's path, whereas it was supposed to be showing the
10091    private key's path. Patch from Alex Sherwin via GHPR247
10092
10093    OpenBSD-Commit-ID: d5af3be66d0f22c371dc1fe6195e774a18b2327b
10094
10095commit 530739d42f6102668aecd699be0ce59815c1eceb
10096Author: djm@openbsd.org <djm@openbsd.org>
10097Date:   Sun Jun 6 11:34:16 2021 +0000
10098
10099    upstream: Match host certificates against host public keys, not private
10100
10101    keys. Allows use of certificates with private keys held in a ssh-agent.
10102    Reported by Miles Zhou in bz3524; ok dtucker@
10103
10104    OpenBSD-Commit-ID: 25f5bf70003126d19162862d9eb380bf34bac22a
10105
10106commit 4265215d7300901fd7097061c7517688ade82f8e
10107Author: djm@openbsd.org <djm@openbsd.org>
10108Date:   Sun Jun 6 03:40:39 2021 +0000
10109
10110    upstream: Client-side workaround for a bug in OpenSSH 7.4: this release
10111
10112    allows RSA/SHA2 signatures for public key authentication but fails to
10113    advertise this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
10114    server to incorrectly match PubkeyAcceptedAlgorithms and potentially refuse
10115    to offer valid keys.
10116
10117    Reported by and based on patch from Gordon Messmer via bz3213, thanks
10118    also for additional analysis by Jakub Jelen. ok dtucker
10119
10120    OpenBSD-Commit-ID: d6d0b7351d5d44c45f3daaa26efac65847a564f7
10121
10122commit bda270d7fb8522d43c21a79a4b02a052d7c64de8
10123Author: djm@openbsd.org <djm@openbsd.org>
10124Date:   Sun Jun 6 03:17:02 2021 +0000
10125
10126    upstream: degrade gracefully if a sftp-server offers the
10127
10128    limits@openssh.com extension but fails when the client tries to invoke it.
10129    Reported by Hector Martin via bz3318
10130
10131    OpenBSD-Commit-ID: bd9d1839c41811616ede4da467e25746fcd9b967
10132
10133commit d345d5811afdc2d6923019b653cdd93c4cc95f76
10134Author: djm@openbsd.org <djm@openbsd.org>
10135Date:   Sun Jun 6 03:15:39 2021 +0000
10136
10137    upstream: the limits@openssh.com extension was incorrectly marked
10138
10139    as an operation that writes to the filesystem, which made it unavailable in
10140    sftp-server read-only mode. Spotted by Hector Martin via bz3318
10141
10142    OpenBSD-Commit-ID: f054465230787e37516c4b57098fc7975e00f067
10143
10144commit 2b71010d9b43d7b8c9ec1bf010beb00d98fa765a
10145Author: naddy@openbsd.org <naddy@openbsd.org>
10146Date:   Sat Jun 5 13:47:00 2021 +0000
10147
10148    upstream: PROTOCOL.certkeys: update reference from IETF draft to
10149
10150    RFC
10151
10152    Also fix some typos.
10153    ok djm@
10154
10155    OpenBSD-Commit-ID: 5e855b6c5a22b5b13f8ffa3897a868e40d349b44
10156
10157commit aa99b2d9a3e45b943196914e8d8bf086646fdb54
10158Author: Darren Tucker <dtucker@dtucker.net>
10159Date:   Fri Jun 4 23:41:29 2021 +1000
10160
10161    Clear notify_pipe from readset if present.
10162
10163    Prevents leaking an implementation detail to the caller.
10164
10165commit 6de8dadf6b4d0627d35bca0667ca44b1d61c2c6b
10166Author: Darren Tucker <dtucker@dtucker.net>
10167Date:   Fri Jun 4 23:24:25 2021 +1000
10168
10169    space->tabs.
10170
10171commit c8677065070ee34c05c7582a9c2f58d8642e552d
10172Author: Darren Tucker <dtucker@dtucker.net>
10173Date:   Fri Jun 4 18:39:48 2021 +1000
10174
10175    Add pselect implementation for platforms without.
10176
10177    This is basically the existing notify_pipe kludge from serverloop.c
10178    moved behind a pselect interface.  It works by installing a signal
10179    handler that writes to a pipe that the select is watching, then calls
10180    the original handler.
10181
10182    The select call in serverloop will become pselect soon, at which point the
10183    kludge will be removed from thereand will only exist in the compat layer.
10184    Original code by markus, help from djm.
10185
10186commit 7cd7f302d3a072748299f362f9e241d81fcecd26
10187Author: Vincent Brillault <vincent.brillault@cern.ch>
10188Date:   Sun May 24 09:15:06 2020 +0200
10189
10190    auth_log: dont log partial successes as failures
10191
10192    By design, 'partial' logins are successful logins, so initially with
10193    authenticated set to 1, for which another authentication is required. As
10194    a result, authenticated is always reset to 0 when partial is set to 1.
10195    However, even if authenticated is 0, those are not failed login
10196    attempts, similarly to attempts with authctxt->postponed set to 1.
10197
10198commit e7606919180661edc7f698e6a1b4ef2cfb363ebf
10199Author: djm@openbsd.org <djm@openbsd.org>
10200Date:   Fri Jun 4 06:19:07 2021 +0000
10201
10202    upstream: The RB_GENERATE_STATIC(3) macro expands to a series of
10203
10204    function definitions and not a statement, so there should be no semicolon
10205    following them. Patch from Michael Forney
10206
10207    OpenBSD-Commit-ID: c975dd180580f0bdc0a4d5b7d41ab1f5e9b7bedd
10208
10209commit c298c4da574ab92df2f051561aeb3e106b0ec954
10210Author: djm@openbsd.org <djm@openbsd.org>
10211Date:   Fri Jun 4 05:59:18 2021 +0000
10212
10213    upstream: rework authorized_keys example section, removing irrelevant
10214
10215    stuff, de-wrapping the example lines and better aligning the examples with
10216    common usage and FAQs; ok jmc
10217
10218    OpenBSD-Commit-ID: d59f1c9281f828148e2a2e49eb9629266803b75c
10219
10220commit d9cb35bbec5f623589d7c58fc094817b33030f35
10221Author: djm@openbsd.org <djm@openbsd.org>
10222Date:   Fri Jun 4 05:10:03 2021 +0000
10223
10224    upstream: adjust SetEnv description to clarify $TERM handling
10225
10226    OpenBSD-Commit-ID: 8b8cc0124856bc1094949d55615e5c44390bcb22
10227
10228commit 771f57a8626709f2ad207058efd68fbf30d31553
10229Author: dtucker@openbsd.org <dtucker@openbsd.org>
10230Date:   Fri Jun 4 05:09:08 2021 +0000
10231
10232    upstream: Switch the listening select loop from select() to
10233
10234    pselect() and mask signals while checking signal flags, umasking for pselect
10235    and restoring afterwards. Also restore signals before sighup_restart so they
10236    don't remain blocked after restart.
10237
10238    This prevents a race where a SIGTERM or SIGHUP can arrive between
10239    checking the flag and calling select (eg if sshd is processing a
10240    new connection) resulting in sshd not shutting down until the next
10241    time it receives a new connection.  bz#2158, with & ok djm@
10242
10243    OpenBSD-Commit-ID: bf85bf880fd78e00d7478657644fcda97b9a936f
10244
10245commit f64f8c00d158acc1359b8a096835849b23aa2e86
10246Author: djm@openbsd.org <djm@openbsd.org>
10247Date:   Fri Jun 4 05:02:40 2021 +0000
10248
10249    upstream: allow ssh_config SetEnv to override $TERM, which is otherwise
10250
10251    handled specially by the protocol. Useful in ~/.ssh/config to set TERM to
10252    something generic (e.g. "xterm" instead of "xterm-256color") for destinations
10253    that lack terminfo entries. feedback and ok dtucker@
10254
10255    OpenBSD-Commit-ID: 38b1ef4d5bc159c7d9d589d05e3017433e2d5758
10256
10257commit 60107677dc0ce1e93c61f23c433ad54687fcd9f5
10258Author: djm@openbsd.org <djm@openbsd.org>
10259Date:   Fri Jun 4 04:02:21 2021 +0000
10260
10261    upstream: correct extension name "no-presence-required" =>
10262
10263    "no-touch-required"
10264
10265    document "verify-required" option
10266
10267    OpenBSD-Commit-ID: 1879ff4062cf61d79b515e433aff0bf49a6c55c5
10268
10269commit ecc186e46e3e30f27539b4311366dfda502f0a08
10270Author: Darren Tucker <dtucker@dtucker.net>
10271Date:   Wed Jun 2 13:54:11 2021 +1000
10272
10273    Retire fbsd7 test target.
10274
10275    It's the slowest of the selfhosted targets (since it's 32bit but has
10276    most of the crypto algos). We still have coverage for 32bit i386.
10277
10278commit 5de0867b822ec48b5eec9abde0f5f95d1d646546
10279Author: Darren Tucker <dtucker@dtucker.net>
10280Date:   Wed Jun 2 11:21:40 2021 +1000
10281
10282    Check for $OPENSSL in md5 fallback too.
10283
10284commit 1db69d1b6542f8419c04cee7fd523a4a11004be2
10285Author: Darren Tucker <dtucker@dtucker.net>
10286Date:   Wed Jun 2 11:17:54 2021 +1000
10287
10288    Add dfly60 target.
10289
10290commit a3f2dd955f1c19cad387a139f0e719af346ca6ef
10291Author: dtucker@openbsd.org <dtucker@openbsd.org>
10292Date:   Wed Jun 2 00:17:45 2021 +0000
10293
10294    upstream: Merge back shell portability changes
10295
10296    bringing it back in sync with -portable.
10297
10298    OpenBSD-Regress-ID: c07905ba931e66ad7d849b87b7d19648007175d1
10299
10300commit 9d482295c9f073e84d75af46b720a1c0f7ec2867
10301Author: dtucker@openbsd.org <dtucker@openbsd.org>
10302Date:   Tue Jun 1 23:56:20 2021 +0000
10303
10304    upstream: Use a default value for $OPENSSL,
10305
10306    allowing it to be overridden. Do the same in the PuTTY tests since it's
10307    needed there and not exported by test-exec.sh.
10308
10309    OpenBSD-Regress-ID: c49dcd6aa7602a8606b7afa192196ca1fa65de16
10310
10311commit 07660b3c99f8ea74ddf4a440e55c16c9f7fb3dd1
10312Author: dtucker@openbsd.org <dtucker@openbsd.org>
10313Date:   Mon May 24 10:25:18 2021 +0000
10314
10315    upstream: Find openssl binary via environment variable. This
10316
10317    allows overriding if necessary (eg in -portable where we're testing against a
10318    specific version of OpenSSL).
10319
10320    OpenBSD-Regress-ID: 491f39cae9e762c71aa4bf045803d077139815c5
10321
10322commit 1a4d1da9188d7c88f646b61f0d6a3b34f47c5439
10323Author: djm@openbsd.org <djm@openbsd.org>
10324Date:   Fri May 21 04:03:47 2021 +0000
10325
10326    upstream: fix memleak in test
10327
10328    OpenBSD-Regress-ID: 5e529d0982aa04666604936df43242e97a7a6f81
10329
10330commit 60455a5d98065a73ec9a1f303345856bbd49aecc
10331Author: djm@openbsd.org <djm@openbsd.org>
10332Date:   Fri May 21 03:59:01 2021 +0000
10333
10334    upstream: also check contents of remaining string
10335
10336    OpenBSD-Regress-ID: d526fa07253f4eebbc7d6205a0ab3d491ec71a28
10337
10338commit 39f6cd207851d7b67ca46903bfce4a9f615b5b1c
10339Author: djm@openbsd.org <djm@openbsd.org>
10340Date:   Fri May 21 03:48:07 2021 +0000
10341
10342    upstream: unit test for misc.c:strdelim() that mostly servces to
10343
10344    highlight its inconsistencies
10345
10346    OpenBSD-Regress-ID: 8d2bf970fcc01ccc6e36a5065f89b9c7fa934195
10347
10348commit 7a3a1dd2c7d4461962acbcc0ebee9445ba892be0
10349Author: Darren Tucker <dtucker@dtucker.net>
10350Date:   Thu May 27 21:23:15 2021 +1000
10351
10352    Put minix3 config in the host-specific block.
10353
10354commit 59a194825f12fff8a7f75d91bf751ea17645711b
10355Author: djm@openbsd.org <djm@openbsd.org>
10356Date:   Mon May 31 06:48:42 2021 +0000
10357
10358    upstream: Hash challenge supplied by client during FIDO key enrollment
10359
10360    prior to passing it to libfido2, which does expect a hash.
10361
10362    There is no effect for users who are simply generating FIDO keys using
10363    ssh-keygen - by default we generate a random 256 bit challenge, but
10364    people building attestation workflows around our tools should now have
10365    a more consistent experience (esp. fewer failures when they fail to
10366    guess the magic 32-byte challenge length requirement).
10367
10368    ok markus@
10369
10370    OpenBSD-Commit-ID: b8d5363a6a7ca3b23dc28f3ca69470472959f2b5
10371
10372commit eb68e669bc8ab968d4cca5bf1357baca7136a826
10373Author: Darren Tucker <dtucker@dtucker.net>
10374Date:   Thu May 27 21:14:15 2021 +1000
10375
10376    Include login_cap.h for login_getpwclass override.
10377
10378    On minix3, login_getpwclass is __RENAME'ed to __login_getpwclass50 so
10379    without this the include overriding login_getpwclass causes a compile
10380    error.
10381
10382commit 2063af71422501b65c7a92a5e14c0e6a3799ed89
10383Author: Darren Tucker <dtucker@dtucker.net>
10384Date:   Thu May 27 21:13:38 2021 +1000
10385
10386    Add minix3 test target.
10387
10388commit 2e1efcfd9f94352ca5f4b6958af8a454f8cf48cd
10389Author: djm@openbsd.org <djm@openbsd.org>
10390Date:   Wed May 26 01:47:24 2021 +0000
10391
10392    upstream: fix SEGV in UpdateHostkeys debug() message, triggered
10393
10394    when the update removed more host keys than remain present. Fix tested by
10395    reporter James Cook, via bugs@
10396
10397    OpenBSD-Commit-ID: 44f641f6ee02bb957f0c1d150495b60cf7b869d3
10398
10399commit 9acd76e6e4d2b519773e7119c33cf77f09534909
10400Author: naddy@openbsd.org <naddy@openbsd.org>
10401Date:   Sun May 23 18:22:57 2021 +0000
10402
10403    upstream: ssh: The client configuration keyword is
10404
10405    "hostbasedacceptedalgorithms"
10406
10407    This fixes a mistake that slipped in when "HostbasedKeyTypes" was
10408    renamed to "HostbasedAcceptedAlgorithms".
10409
10410    Bug report by zack@philomathiclife.com
10411
10412    OpenBSD-Commit-ID: d745a7e8e50b2589fc56877f322ea204bc784f38
10413
10414commit 078a0e60c92700da4c536c93c007257828ccd05b
10415Author: Darren Tucker <dtucker@dtucker.net>
10416Date:   Tue May 25 11:40:47 2021 +1000
10417
10418    Rename README.md to ci-status.md.
10419
10420    The original intent was to provide a status page for the CIs configured
10421    in that directory, but it had the side effect of replacing the top-level
10422    README.md.
10423
10424commit 7be4ac813662f68e89f23c50de058a49aa32f7e4
10425Author: djm@openbsd.org <djm@openbsd.org>
10426Date:   Wed May 19 01:24:05 2021 +0000
10427
10428    upstream: restore blocking status on stdio fds before close
10429
10430    ssh(1) needs to set file descriptors to non-blocking mode to operate
10431    but it was not restoring the original state on exit. This could cause
10432    problems with fds shared with other programs via the shell, e.g.
10433
10434    > $ cat > test.sh << _EOF
10435    > #!/bin/sh
10436    > {
10437    >         ssh -Fnone -oLogLevel=verbose ::1 hostname
10438    >         cat /usr/share/dict/words
10439    > } | sleep 10
10440    > _EOF
10441    > $ ./test.sh
10442    > Authenticated to ::1 ([::1]:22).
10443    > Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
10444    > Bytes per second: sent 44338.9, received 55197.4
10445    > cat: stdout: Resource temporarily unavailable
10446
10447    This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
10448    abandons/closes them.
10449
10450    This was reported as bz3280 and GHPR246; ok dtucker@
10451
10452    OpenBSD-Commit-ID: 8cc67346f05aa85a598bddf2383fcfcc3aae61ce
10453
10454commit c4902e1a653c67fea850ec99c7537f358904c0af
10455Author: djm@openbsd.org <djm@openbsd.org>
10456Date:   Mon May 17 11:43:16 2021 +0000
10457
10458    upstream: fix breakage of -W forwaring introduced in 1.554; reported by
10459
10460    naddy@ and sthen@, ok sthen@
10461
10462    OpenBSD-Commit-ID: f72558e643a26dc4150cff6e5097b5502f6c85fd
10463
10464commit afea01381ad1fcea1543b133040f75f7542257e6
10465Author: dtucker@openbsd.org <dtucker@openbsd.org>
10466Date:   Mon May 17 07:22:45 2021 +0000
10467
10468    upstream: Regenerate moduli.
10469
10470    OpenBSD-Commit-ID: 83c93a2a07c584c347ac6114d6329b18ce515557
10471
10472commit be2866d6207b090615ff083c9ef212b603816a56
10473Author: Damien Miller <djm@mindrot.org>
10474Date:   Mon May 17 09:40:23 2021 +1000
10475
10476    Handle Android libc returning NULL pw->pw_passwd
10477
10478    Reported by Luke Dashjr
10479
10480commit 5953c143008259d87342fb5155bd0b8835ba88e5
10481Author: djm@openbsd.org <djm@openbsd.org>
10482Date:   Fri May 14 05:20:32 2021 +0000
10483
10484    upstream: fix previous: test saved no_shell_flag, not the one that just
10485
10486    got clobbered
10487
10488    OpenBSD-Commit-ID: b8deace085d9d941b2d02f810243b9c302e5355d
10489
10490commit 1e9fa55f4dc4b334651d569d3448aaa3841f736f
10491Author: djm@openbsd.org <djm@openbsd.org>
10492Date:   Fri May 14 03:09:48 2021 +0000
10493
10494    upstream: Fix ssh started with ControlPersist incorrectly executing a
10495
10496    shell when the -N (no shell) option was specified. bz3290 reported by Richard
10497    Schwab; patch from markus@ ok me
10498
10499    OpenBSD-Commit-ID: ea1ea4af16a95687302f7690bdbe36a6aabf87e1
10500
10501commit d1320c492f655d8f5baef8c93899d79dded217a5
10502Author: dtucker@openbsd.org <dtucker@openbsd.org>
10503Date:   Wed May 12 11:34:30 2021 +0000
10504
10505    upstream: Clarify language about moduli. While both ends of the
10506
10507    connection do need to use the same parameters (ie groups), the DH-GEX
10508    protocol takes care of that and both ends do not need the same contents in
10509    the moduli file, which is what the previous text suggested.  ok djm@ jmc@
10510
10511    OpenBSD-Commit-ID: f0c18cc8e79c2fbf537a432a9070ed94e96a622a
10512
10513commit d3cc4d650ce3e59f3e370b101778b0e8f1c02c4d
10514Author: djm@openbsd.org <djm@openbsd.org>
10515Date:   Fri May 7 04:11:51 2021 +0000
10516
10517    upstream: include pid in LogVerbose spam
10518
10519    OpenBSD-Commit-ID: aacb86f96ee90c7cb84ec27452374285f89a7f00
10520
10521commit e3c032333be5fdbbaf2751f6f478e044922b4ec4
10522Author: djm@openbsd.org <djm@openbsd.org>
10523Date:   Fri May 7 03:09:38 2021 +0000
10524
10525    upstream: don't sigdie() in signal handler in privsep child process;
10526
10527    this can end up causing sandbox violations per bz3286; ok dtucker@
10528
10529    OpenBSD-Commit-ID: a7f40b2141dca4287920da68ede812bff7ccfdda
10530
10531commit a4039724a3f2abac810735fc95cf9114a3856049
10532Author: dtucker@openbsd.org <dtucker@openbsd.org>
10533Date:   Fri May 7 09:23:40 2021 +0000
10534
10535    upstream: Increase ConnectionAttempts from 4 to 10 as the tests
10536
10537    occasionally time out on heavily loaded hosts.
10538
10539    OpenBSD-Regress-ID: 29a8cdef354fc9da471a301f7f65184770434f3a
10540
10541commit c0d7e36e979fa3cdb60f5dcb6ac9ad3fd018543b
10542Author: djm@openbsd.org <djm@openbsd.org>
10543Date:   Fri May 7 02:26:55 2021 +0000
10544
10545    upstream: dump out a usable private key string too; inspired by Tyson
10546
10547    Whitehead
10548
10549    OpenBSD-Regress-ID: 65572d5333801cb2f650ebc778cbdc955e372058
10550
10551commit 24fee8973abdf1c521cd2c0047d89e86d9c3fc38
10552Author: djm@openbsd.org <djm@openbsd.org>
10553Date:   Fri May 7 02:29:40 2021 +0000
10554
10555    upstream: correct mistake in spec - the private key blobs are encoded
10556
10557    verbatim and not as strings (i.e. no 4-byte length header)
10558
10559    OpenBSD-Commit-ID: 3606b5d443d72118c5b76c4af6dd87a5d5a4f837
10560
10561commit f43859159cc62396ad5d080f0b1f2635a67dac02
10562Author: dtucker@openbsd.org <dtucker@openbsd.org>
10563Date:   Tue May 4 22:53:52 2021 +0000
10564
10565    upstream: Don't pass NULL as a string in debugging as it does not work
10566
10567    on some platforms in -portable.  ok djm@
10568
10569    OpenBSD-Commit-ID: 937c892c99aa3c9c272a8ed78fa7c2aba3a44fc9
10570
10571commit ac31aa3c6341905935e75f0539cf4a61bbe99779
10572Author: djm@openbsd.org <djm@openbsd.org>
10573Date:   Mon May 3 00:16:45 2021 +0000
10574
10575    upstream: more debugging for UpdateHostKeys signature failures
10576
10577    OpenBSD-Commit-ID: 1ee95f03875e1725df15d5e4bea3e73493d57d36
10578
10579commit 8e32e97e788e0676ce83018a742203614df6a2b3
10580Author: Darren Tucker <dtucker@dtucker.net>
10581Date:   Sat May 1 20:07:47 2021 +1000
10582
10583    Add obsd69 test target.
10584
10585commit f06893063597c5bb9d9e93f851c4070e77d2fba9
10586Author: djm@openbsd.org <djm@openbsd.org>
10587Date:   Fri Apr 30 04:29:53 2021 +0000
10588
10589    upstream: a little debugging in the main mux process for status
10590
10591    confirmation failures in multiplexed sessions
10592
10593    OpenBSD-Commit-ID: 6e27b87c95176107597035424e1439c3232bcb49
10594
10595commit e65cf00da6bc31e5f54603b7feb7252dc018c033
10596Author: dtucker@openbsd.org <dtucker@openbsd.org>
10597Date:   Fri Apr 30 04:02:52 2021 +0000
10598
10599    upstream: Remove now-unused skey function prototypes leftover from
10600
10601    skey removal.
10602
10603    OpenBSD-Commit-ID: 2fc36d519fd37c6f10ce74854c628561555a94c3
10604
10605commit ae5f9b0d5c8126214244ee6b35aae29c21028133
10606Author: Darren Tucker <dtucker@dtucker.net>
10607Date:   Thu Apr 29 13:01:50 2021 +1000
10608
10609    Wrap sntrup761x25519 inside ifdef.
10610
10611    From balu.gajjala at gmail.com via bz#3306.
10612
10613commit 70a8dc138a6480f85065cdb239915ad4b7f928cf
10614Author: Darren Tucker <dtucker@dtucker.net>
10615Date:   Wed Apr 28 14:44:07 2021 +1000
10616
10617    Add status badges for Actions-based tests.
10618
10619commit 40b59024cc3365815381474cdf4fe423102e391b
10620Author: Darren Tucker <dtucker@dtucker.net>
10621Date:   Wed Apr 28 12:22:11 2021 +1000
10622
10623    Add obsdsnap (OpenBSD snapshot) test target.
10624
10625commit e627067ec8ef9ae8e7a638f4dbac91d52dee3e6d
10626Author: Darren Tucker <dtucker@dtucker.net>
10627Date:   Wed Apr 28 11:35:28 2021 +1000
10628
10629    Add test building upstream OpenBSD source.
10630
10631commit 1b8108ebd12fc4ed0fb39ef94c5ba122558ac373
10632Author: Darren Tucker <dtucker@dtucker.net>
10633Date:   Tue Apr 27 14:22:20 2021 +1000
10634
10635    Test against OpenSSL 1.1.0h instead of 1.1.0g.
10636
10637    1.1.0g requires a perl glob module that's not installed by default.
10638
10639commit 9bc20efd39ce8525be33df3ee009f5a4564224f1
10640Author: Darren Tucker <dtucker@dtucker.net>
10641Date:   Tue Apr 27 12:37:59 2021 +1000
10642
10643    Use the default VM type for libcrypto ver tests.
10644
10645commit 9f79e80dc40965c2e73164531250b83b176c1eea
10646Author: Darren Tucker <dtucker@dtucker.net>
10647Date:   Tue Apr 27 12:24:10 2021 +1000
10648
10649    Always build OpenSSL shared.
10650
10651    This is the default for current versions but we need it to test against
10652    earlier versions.
10653
10654commit b3cc9fbdff2782eca79e33e02ac22450dc63bce9
10655Author: Darren Tucker <dtucker@dtucker.net>
10656Date:   Tue Apr 27 09:18:02 2021 +1000
10657
10658    Fix custom OpenSSL tests.
10659
10660    Check out specified OpenSSL version.  Install custom libcrypto where
10661    configure expects to find it.  Remove unneeded OpenSSL config time
10662    options.  Older OpenSSL versions were not make -j safe so remove it.
10663
10664commit 77532609874a99a19e3e2eb2d1b7fa93aef963bb
10665Author: Darren Tucker <dtucker@dtucker.net>
10666Date:   Mon Apr 26 17:18:25 2021 +1000
10667
10668    Export CC and CFLAGS for c89 test.
10669
10670commit 33f62dfbe865f4de77980ab88774bf1eb5e4e040
10671Author: Darren Tucker <dtucker@dtucker.net>
10672Date:   Mon Apr 26 17:13:44 2021 +1000
10673
10674    Add c89 here too.
10675
10676commit da9d59f526fce58e11cba49cd8eb011dc0bf5677
10677Author: Darren Tucker <dtucker@dtucker.net>
10678Date:   Mon Apr 26 15:34:23 2021 +1000
10679
10680    Add test against OpenSSL w/out ECC.
10681
10682commit 29e194a752359ebf85bf7fce100f23a0477fc4de
10683Author: Darren Tucker <dtucker@dtucker.net>
10684Date:   Mon Apr 26 14:49:59 2021 +1000
10685
10686    Ensure we can still build with C89.
10687
10688commit a38016d369d21df5d35f761f2b67e175e132ba22
10689Author: Darren Tucker <dtucker@dtucker.net>
10690Date:   Mon Apr 26 14:29:03 2021 +1000
10691
10692    Interop test agains PuTTY.
10693
10694commit 095b0307a77be8803768857cc6c0963fa52ed85b
10695Author: Darren Tucker <dtucker@dtucker.net>
10696Date:   Mon Apr 26 14:02:03 2021 +1000
10697
10698    Support testing against arbitary libcrytpo vers.
10699
10700    Add tests against various LibreSSL and OpenSSL versions.
10701
10702commit b16082aa110fa7128ece2a9037ff420c4a285317
10703Author: Darren Tucker <dtucker@dtucker.net>
10704Date:   Mon Apr 26 13:35:44 2021 +1000
10705
10706    Add fbsd10 test target.
10707
10708commit 2c805f16b24ea37cc051c6018fcb05defab6e57a
10709Author: Darren Tucker <dtucker@dtucker.net>
10710Date:   Sun Apr 25 14:15:02 2021 +1000
10711
10712    Disable compiler hardening on nbsd4.
10713
10714    The system compiler supports -fstack-protector-all, but using it will
10715    result in an internal compiler error on some files.
10716
10717commit 6a5d39305649da5dff1934ee54292ee0cebd579d
10718Author: Darren Tucker <dtucker@dtucker.net>
10719Date:   Sun Apr 25 13:01:34 2021 +1000
10720
10721    Add nbsd3, nbsd4 and nbsd9 test targets.
10722
10723commit d1aed05bd2e4ae70f359a394dc60a2d96b88f78c
10724Author: Darren Tucker <dtucker@dtucker.net>
10725Date:   Sat Apr 24 22:03:46 2021 +1000
10726
10727    Comment out nbsd2 test target for now.
10728
10729commit a6b4ec94e5bd5a8a18cd2c9942d829d2e5698837
10730Author: Darren Tucker <dtucker@dtucker.net>
10731Date:   Sat Apr 24 17:52:24 2021 +1000
10732
10733    Add OPENBSD ORIGINAL marker.
10734
10735commit 3737c9f66ee590255546c4b637b6d2be669a11eb
10736Author: Darren Tucker <dtucker@dtucker.net>
10737Date:   Fri Apr 23 19:49:46 2021 +1000
10738
10739    Replace "==" (a bashism) with "=".
10740
10741commit a116b6f5be17a1dd345b7d54bf8aa3779a28a0df
10742Author: Darren Tucker <dtucker@dtucker.net>
10743Date:   Fri Apr 23 16:34:48 2021 +1000
10744
10745    Add nbsd2 test target.
10746
10747commit 196bf2a9bb771f45d9b0429cee7d325962233c44
10748Author: Darren Tucker <dtucker@dtucker.net>
10749Date:   Fri Apr 23 14:54:10 2021 +1000
10750
10751    Add obsd68 test target.
10752
10753commit e3ba6574ed69e8b7af725cf5e8a9edaac04ff077
10754Author: Darren Tucker <dtucker@dtucker.net>
10755Date:   Fri Apr 23 14:53:32 2021 +1000
10756
10757    Remove dependency on bash.
10758
10759commit db1f9ab8feb838aee9f5b99c6fd3f211355dfdcf
10760Author: Darren Tucker <dtucker@dtucker.net>
10761Date:   Fri Apr 23 14:41:13 2021 +1000
10762
10763    Add obsd67 test target.
10764
10765commit c039a6bf79192fe1daa9ddcc7c87dd98e258ae7c
10766Author: Darren Tucker <dtucker@dtucker.net>
10767Date:   Fri Apr 23 11:08:23 2021 +1000
10768
10769    Re-add macos-11.0 test target.
10770
10771commit a6db3a47b56adb76870d59225ffb90a65bc4daf2
10772Author: Darren Tucker <dtucker@dtucker.net>
10773Date:   Fri Apr 23 10:28:28 2021 +1000
10774
10775    Add openindiana test target.
10776
10777commit 3fe7e73b025c07eda46d78049f1da8ed7dfc0c69
10778Author: Darren Tucker <dtucker@dtucker.net>
10779Date:   Fri Apr 23 10:26:35 2021 +1000
10780
10781    Test krb5 on Solaris 11 too.
10782
10783commit f57fbfe5eb02df1a91f1a237c4d27165afd87c13
10784Author: Darren Tucker <dtucker@dtucker.net>
10785Date:   Thu Apr 22 22:27:26 2021 +1000
10786
10787    Don't always set SUDO.
10788
10789    Rely on sourcing configs to set as appropriate.
10790
10791commit e428f29402fb6ac140b52f8f12e06ece7bb104a0
10792Author: Darren Tucker <dtucker@dtucker.net>
10793Date:   Thu Apr 22 22:26:08 2021 +1000
10794
10795    Remove now-unused 2nd arg to configs.
10796
10797commit cb4ff640d79b3c736879582139778f016bbb2cd7
10798Author: Darren Tucker <dtucker@dtucker.net>
10799Date:   Wed Apr 21 01:08:04 2021 +1000
10800
10801    Add win10 test target.
10802
10803commit 4457837238072836b2fa3107d603aac809624983
10804Author: Darren Tucker <dtucker@dtucker.net>
10805Date:   Tue Apr 20 23:31:29 2021 +1000
10806
10807    Add nbsd8 test target.
10808
10809commit bd4fba22e14da2fa196009010aabec5a8ba9dd42
10810Author: Darren Tucker <dtucker@dtucker.net>
10811Date:   Sat Apr 17 09:55:47 2021 +1000
10812
10813    Add obsd51 target.
10814
10815commit 9403d0e805c77a5741ea8c3281bbe92558c2f125
10816Author: Darren Tucker <dtucker@dtucker.net>
10817Date:   Fri Apr 16 18:14:25 2021 +1000
10818
10819    Add fbsd13 target.
10820
10821commit e86968280e358e62649d268d41f698d64d0dc9fa
10822Author: Damien Miller <djm@mindrot.org>
10823Date:   Fri Apr 16 13:55:25 2021 +1000
10824
10825    depend
10826
10827commit 2fb25ca11e8b281363a2a2a4dec4c497a1475d9a
10828Author: Damien Miller <djm@mindrot.org>
10829Date:   Fri Apr 16 13:53:02 2021 +1000
10830
10831    crank version in README and RPM spec files
10832
10833commit b2b60ebab0cb77b5bc02d364d72e13db882f33ae
10834Author: djm@openbsd.org <djm@openbsd.org>
10835Date:   Fri Apr 16 03:42:00 2021 +0000
10836
10837    upstream: openssh-8.6
10838
10839    OpenBSD-Commit-ID: b5f3e133c846127ec114812248bc17eff07c3e19
10840
10841commit faf2b86a46c9281d237bcdec18c99e94a4eb820a
10842Author: markus@openbsd.org <markus@openbsd.org>
10843Date:   Thu Apr 15 16:24:31 2021 +0000
10844
10845    upstream: do not pass file/func to monitor; noted by Ilja van Sprundel;
10846
10847    ok djm@
10848
10849    OpenBSD-Commit-ID: 85ae5c063845c410283cbdce685515dcd19479fa
10850
10851commit 2dc328023f60212cd29504fc05d849133ae47355
10852Author: Damien Miller <djm@mindrot.org>
10853Date:   Wed Apr 14 11:42:55 2021 +1000
10854
10855    sshd don't exit on transient read errors
10856
10857    openssh-8.5 introduced a regression that would cause sshd to exit
10858    because of transient read errors on the network socket (e.g. EINTR,
10859    EAGAIN). Reported by balu.gajjala AT gmail.com via bz3297
10860
10861commit d5d6b7d76d171a2e6861609dcd92e714ee62ad88
10862Author: Damien Miller <djm@mindrot.org>
10863Date:   Sat Apr 10 18:45:00 2021 +1000
10864
10865    perform report_failed_grab() inline
10866
10867commit ea996ce2d023aa3c6d31125e2c3ebda1cb42db8c
10868Author: Damien Miller <djm@mindrot.org>
10869Date:   Sat Apr 10 18:22:57 2021 +1000
10870
10871    dedicated gnome-ssk-askpass3 source
10872
10873    Compatibility with Wayland requires that we use the gdk_seat_grab()
10874    API for grabbing mouse/keyboard, however these API don't exist in
10875    Gtk+2.
10876
10877    This branches gnome-ssk-askpass2.c => gnome-ssk-askpass3.c and
10878    makes the changes to use the gdk_seat_grab() instead of grabbing
10879    mouse/focus separately via GDK.
10880
10881    In the future, we can also use the branched file to avoid some
10882    API that has been soft-deprecated in GTK+3, e.g. gtk_widget_modify_fg
10883
10884commit bfa5405da05d906ffd58216eb77c4375b62d64c2
10885Author: Darren Tucker <dtucker@dtucker.net>
10886Date:   Thu Apr 8 15:18:15 2021 +1000
10887
10888    Ensure valgrind-out exists.
10889
10890    Normally the regress tests would create it, but running the unit tests
10891    on their own would fail because the directory did not exist.
10892
10893commit 1f189181f3ea09a9b08aa866f78843fec800874f
10894Author: Darren Tucker <dtucker@dtucker.net>
10895Date:   Thu Apr 8 15:17:19 2021 +1000
10896
10897    Pass OBJ to unit test make invocation.
10898
10899    At least the Valgrind unit tests uses $OBJ.
10900
10901commit f42b550c281d28bd19e9dd6ce65069164f3482b0
10902Author: Darren Tucker <dtucker@dtucker.net>
10903Date:   Thu Apr 8 14:20:12 2021 +1000
10904
10905    Add pattern for valgrind-unit.
10906
10907commit 19e534462710e98737478fd9c44768b50c27c4c6
10908Author: Darren Tucker <dtucker@dtucker.net>
10909Date:   Thu Apr 8 13:31:08 2021 +1000
10910
10911    Run unit tests under valgrind.
10912
10913    Run a separate build for the unit tests under Valgrind.  They take long
10914    enough that running in parallel with the other Valgrind tests helps.
10915
10916commit 80032102d05e866dc2a48a5caf760cf42c2e090e
10917Author: Darren Tucker <dtucker@dtucker.net>
10918Date:   Thu Apr 8 13:25:57 2021 +1000
10919
10920    ifdef out MIN and MAX.
10921
10922    In -portable, defines.h ensures that these are defined, so redefining
10923    potentially causes a warning.  We don't just delete it to make any
10924    future code syncs a little but easier.  bz#3293.
10925
10926commit d1bd184046bc310c405f45da3614a1dc5b3e521a
10927Author: Darren Tucker <dtucker@dtucker.net>
10928Date:   Wed Apr 7 10:23:51 2021 +1000
10929
10930    Remove only use of warn().
10931
10932    The warn() function is only used in one place in portable and does not
10933    exist upstream.  Upgrade the only instance it's used to fail()
10934    (the privsep/sandbox+proxyconnect, from back when that was new) and
10935    remove the now-unused function.
10936
10937commit fea8f4b1aa85026ad5aee5ad8e1599a8d5141fe0
10938Author: Darren Tucker <dtucker@dtucker.net>
10939Date:   Wed Apr 7 10:18:32 2021 +1000
10940
10941    Move make_tmpdir() into portable-specific area.
10942
10943    Reduces diff vs OpenBSD and makes it more likely diffs will apply
10944    cleanly.
10945
10946commit 13e5fa2acffd26e754c6ee1d070d0afd035d4cb7
10947Author: dtucker@openbsd.org <dtucker@openbsd.org>
10948Date:   Tue Apr 6 23:57:56 2021 +0000
10949
10950    upstream: Add TEST_SSH_ELAPSED_TIMES environment variable to print the
10951
10952    elapsed time in seconds of each test.  This depends on "date +%s" which is
10953    not specified by POSIX but is commonly implemented.
10954
10955    OpenBSD-Regress-ID: ec3c8c19ff49b2192116a0a646ee7c9b944e8a9c
10956
10957commit ef4f46ab4387bb863b471bad124d46e8d911a79a
10958Author: Darren Tucker <dtucker@dtucker.net>
10959Date:   Wed Apr 7 09:59:15 2021 +1000
10960
10961    Move the TEST_SSH_PORT section down a bit.
10962
10963    This groups the portable-specific changes together and makes it a
10964    little more likely that patches will apply cleanly.
10965
10966commit 3674e33fa70dfa1fe69b345bf576113af7b7be11
10967Author: Darren Tucker <dtucker@dtucker.net>
10968Date:   Wed Apr 7 10:05:10 2021 +1000
10969
10970    Further split Valgrind tests.
10971
10972    Even split in two, the Valgrind tests take by far the longest to run,
10973    so split them four ways to further increase parallelism.
10974
10975commit 961af266b861e30fce1e26170ee0dbb5bf591f29
10976Author: djm@openbsd.org <djm@openbsd.org>
10977Date:   Tue Apr 6 23:24:30 2021 +0000
10978
10979    upstream: include "ssherr.h" not <ssherr.h>; from Balu Gajjala via
10980
10981    bz#3292
10982
10983    OpenBSD-Commit-ID: e9535cd9966eb2e69e73d1ede1f44905c30310bd
10984
10985commit e7d0a285dbdd65d8df16123ad90f15e91862f959
10986Author: Damien Miller <djm@mindrot.org>
10987Date:   Wed Apr 7 08:50:38 2021 +1000
10988
10989    wrap struct rlimit in HAVE_GETRLIMIT too
10990
10991commit f283a6c2e0a9bd9369e18462acd00be56fbe5b0d
10992Author: Damien Miller <djm@mindrot.org>
10993Date:   Wed Apr 7 08:20:35 2021 +1000
10994
10995    wrap getrlimit call in HAVE_GETRLIMIT; bz3291
10996
10997commit 679bdc4a5c9244f427a7aee9c14b0a0ed086da1f
10998Author: dtucker@openbsd.org <dtucker@openbsd.org>
10999Date:   Tue Apr 6 09:07:33 2021 +0000
11000
11001    upstream: Don't check return value of unsetenv(). It's part of the
11002
11003    environment setup and not part of the actual test, and some platforms
11004    -portable runs on declare it as returning void, which prevents the test from
11005    compiling.
11006
11007    OpenBSD-Regress-ID: 24f08543ee3cdebc404f2951f3e388cc82b844a1
11008
11009commit 320af2f3de6333aa123f1b088eca146a245e968a
11010Author: jmc@openbsd.org <jmc@openbsd.org>
11011Date:   Sun Apr 4 11:36:56 2021 +0000
11012
11013    upstream: remove stray inserts; from matthias schmidt
11014
11015    OpenBSD-Commit-ID: 2c36ebdc54e14bbf1daad70c6a05479a073d5c63
11016
11017commit 801f710953b24dd2f21939171c622eac77c7484d
11018Author: jmc@openbsd.org <jmc@openbsd.org>
11019Date:   Sun Apr 4 06:11:24 2021 +0000
11020
11021    upstream: missing comma; from kawashima james
11022
11023    OpenBSD-Commit-ID: 31cec6bf26c6db4ffefc8a070715ebef274e68ea
11024
11025commit b3ca08cb174266884d44ec710a84cd64c12414ea
11026Author: Darren Tucker <dtucker@dtucker.net>
11027Date:   Mon Apr 5 23:46:42 2021 +1000
11028
11029    Install libcbor with libfido2.
11030
11031commit f3ca8af87a4c32ada660da12ae95cf03d190c083
11032Author: Damien Miller <djm@mindrot.org>
11033Date:   Sat Apr 3 18:21:08 2021 +1100
11034
11035    enable authopt and misc unit tests
11036
11037    Neither were wired into the build, both required some build
11038    adaptations for -portable
11039
11040commit dc1b45841fb97e3d7f655ddbcfef3839735cae5f
11041Author: djm@openbsd.org <djm@openbsd.org>
11042Date:   Sat Apr 3 06:58:30 2021 +0000
11043
11044    upstream: typos in comments; GHPR#180 from Vill
11045
11046    =?UTF-8?q?e=20Skytt=C3=A4?=
11047    MIME-Version: 1.0
11048    Content-Type: text/plain; charset=UTF-8
11049    Content-Transfer-Encoding: 8bit
11050
11051    OpenBSD-Commit-ID: 93c732381ae0e2b680c79e67c40c1814b7ceed2c
11052
11053commit 53ea05e09b04fd7b6dea66b42b34d65fe61b9636
11054Author: djm@openbsd.org <djm@openbsd.org>
11055Date:   Sat Apr 3 06:55:52 2021 +0000
11056
11057    upstream: sync CASignatureAlgorithms lists with reality. GHPR#174 from
11058
11059    Matt Hazinski
11060
11061    OpenBSD-Commit-ID: f05e4ca54d7e67b90fe58fe1bdb1d2a37e0e2696
11062
11063commit 57ed647ee07bb883a2f2264231bcd1df6a5b9392
11064Author: Damien Miller <djm@mindrot.org>
11065Date:   Sat Apr 3 17:47:37 2021 +1100
11066
11067    polish whitespace for portable files
11068
11069commit 31d8d231eb9377df474746a822d380c5d68d7ad6
11070Author: djm@openbsd.org <djm@openbsd.org>
11071Date:   Sat Apr 3 06:18:40 2021 +0000
11072
11073    upstream: highly polished whitespace, mostly fixing spaces-for-tab
11074
11075    and bad indentation on continuation lines. Prompted by GHPR#185
11076
11077    OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
11078
11079commit 34afde5c73b5570d6f8cce9b49993b23b77bfb86
11080Author: djm@openbsd.org <djm@openbsd.org>
11081Date:   Sat Apr 3 05:54:14 2021 +0000
11082
11083    upstream: whitespace (tab after space)
11084
11085    OpenBSD-Commit-ID: 0e2b3f7674e985d3f7c27ff5028e690ba1c2efd4
11086
11087commit 7cd262c1c5a08cc7f4f30e3cab108ef089d0a57b
11088Author: Darren Tucker <dtucker@dtucker.net>
11089Date:   Sat Apr 3 16:59:10 2021 +1100
11090
11091    Save config.h and config.log on failure too.
11092
11093commit 460aee9298f365357e9fd26851c22e0dca51fd6a
11094Author: djm@openbsd.org <djm@openbsd.org>
11095Date:   Sat Apr 3 05:46:41 2021 +0000
11096
11097    upstream: fix incorrect plural; from Ville Skyt
11098
11099    =?UTF-8?q?t=C3=A4=20via=20GHPR#181?=
11100    MIME-Version: 1.0
11101    Content-Type: text/plain; charset=UTF-8
11102    Content-Transfer-Encoding: 8bit
11103
11104    OpenBSD-Commit-ID: 92f31754c6296d8f403d7c293e09dc27292d22c9
11105
11106commit 082804c14e548cada75c81003a3c68ee098138ee
11107Author: djm@openbsd.org <djm@openbsd.org>
11108Date:   Sat Apr 3 05:40:39 2021 +0000
11109
11110    upstream: ensure that pkcs11_del_provider() is called before exit -
11111
11112    some PKCS#11 providers get upset if C_Initialize is not matched with
11113    C_Finalize.
11114
11115    From Adithya Baglody via GHPR#234; ok markus
11116
11117    OpenBSD-Commit-ID: f8e770e03b416ee9a58f9762e162add900f832b6
11118
11119commit 464ebc82aa926dd132ec75a0b064574ef375675e
11120Author: djm@openbsd.org <djm@openbsd.org>
11121Date:   Sat Apr 3 05:28:43 2021 +0000
11122
11123    upstream: unused variable
11124
11125    OpenBSD-Commit-ID: 85f6a394c8e0f60d15ecddda75176f112007b205
11126
11127commit dc3c0be8208c488e64a8bcb7d9efad98514e0ffb
11128Author: djm@openbsd.org <djm@openbsd.org>
11129Date:   Sat Apr 3 05:21:46 2021 +0000
11130
11131    upstream: Fix two problems in string->argv conversion: 1) multiple
11132
11133    backslashes were not being dequoted correctly and 2) quoted space in the
11134    middle of a string was being incorrectly split.
11135    MIME-Version: 1.0
11136    Content-Type: text/plain; charset=UTF-8
11137    Content-Transfer-Encoding: 8bit
11138
11139    A unit test for these cases has already been committed
11140
11141    prompted by and based on GHPR#223 by Eero Häkkinen; ok markus@
11142
11143    OpenBSD-Commit-ID: d7ef27abb4eeeaf6e167e9312e4abe9e89faf1e4
11144
11145commit f75bcbba58a08c670727ece5e3f8812125969799
11146Author: Damien Miller <djm@mindrot.org>
11147Date:   Sat Apr 3 16:22:48 2021 +1100
11148
11149    missing bits from 259d648e
11150
11151commit 4cbc4a722873d9b68cb5496304dc050d7168df78
11152Author: djm@openbsd.org <djm@openbsd.org>
11153Date:   Wed Mar 31 21:59:26 2021 +0000
11154
11155    upstream: cannot effectively test posix-rename extension after
11156
11157    changes in feature advertisment.
11158
11159    OpenBSD-Regress-ID: 5e390bf88d379162aaa81b60ed86b34cb0c54d29
11160
11161commit 259d648e63e82ade4fe2c2c73c8b67fe57d9d049
11162Author: djm@openbsd.org <djm@openbsd.org>
11163Date:   Fri Mar 19 04:23:50 2021 +0000
11164
11165    upstream: add a test for misc.c:argv_split(), currently fails
11166
11167    OpenBSD-Regress-ID: ad6b96d6ebeb9643b698b3575bdd6f78bb144200
11168
11169commit 473ddfc2d6b602cb2d1d897e0e5c204de145cd9a
11170Author: djm@openbsd.org <djm@openbsd.org>
11171Date:   Fri Mar 19 03:25:01 2021 +0000
11172
11173    upstream: split
11174
11175    OpenBSD-Regress-ID: f6c03c0e4c58b3b9e04b161757b8c10dc8378c34
11176
11177commit 1339800fef8d0dfbfeabff71b34670105bcfddd2
11178Author: djm@openbsd.org <djm@openbsd.org>
11179Date:   Wed Mar 31 22:16:34 2021 +0000
11180
11181    upstream: Use new limits@openssh.com protocol extension to let the
11182
11183    client select good limits based on what the server supports. Split the
11184    download and upload buffer sizes to allow them to be chosen independently.
11185
11186    In practice (and assuming upgraded sftp/sftp-server at each end), this
11187    increases the download buffer 32->64KiB and the upload buffer
11188    32->255KiB.
11189
11190    Patches from Mike Frysinger; ok dtucker@
11191
11192    OpenBSD-Commit-ID: ebd61c80d85b951b794164acc4b2f2fd8e88606c
11193
11194commit 6653c61202d104e59c8e741329fcc567f7bc36b8
11195Author: djm@openbsd.org <djm@openbsd.org>
11196Date:   Wed Mar 31 21:58:07 2021 +0000
11197
11198    upstream: do not advertise protocol extensions that have been
11199
11200    disallowed by the command-line options (e.g. -p/-P/-R); ok dtucker@
11201
11202    OpenBSD-Commit-ID: 3a8a76b3f5131741aca4b41bfab8d101c9926205
11203
11204commit 71241fc05db4bbb11bb29340b44b92e2575373d8
11205Author: Damien Miller <djm@mindrot.org>
11206Date:   Mon Mar 29 15:14:25 2021 +1100
11207
11208    gnome-ssh-askpass3 is a valid target here
11209
11210commit 8a9520836e71830f4fccca066dba73fea3d16bda
11211Author: djm@openbsd.org <djm@openbsd.org>
11212Date:   Fri Mar 19 02:22:34 2021 +0000
11213
11214    upstream: return non-zero exit status when killed by signal; bz#3281 ok
11215
11216    dtucker@
11217
11218    OpenBSD-Commit-ID: 117b31cf3c807993077b596bd730c24da9e9b816
11219
11220commit 1269b8a686bf1254b03cd38af78167a04aa6ec88
11221Author: djm@openbsd.org <djm@openbsd.org>
11222Date:   Fri Mar 19 02:18:28 2021 +0000
11223
11224    upstream: increase maximum SSH2_FXP_READ to match the maximum
11225
11226    packet size. Also handle zero-length reads that are borderline nonsensical
11227    but not explicitly banned by the spec. Based on patch from Mike Frysinger,
11228    feedback deraadt@ ok dtucker@
11229
11230    OpenBSD-Commit-ID: 4e67d60d81bde7b84a742b4ee5a34001bdf80d9c
11231
11232commit 860b67604416640e8db14f365adc3f840aebcb1f
11233Author: djm@openbsd.org <djm@openbsd.org>
11234Date:   Tue Mar 16 06:15:43 2021 +0000
11235
11236    upstream: don't let logging clobber errno before use
11237
11238    OpenBSD-Commit-ID: ce6cca370005c270c277c51c111bb6911e1680ec
11239