xref: /freebsd/crypto/openssh/ChangeLog (revision eccfee6ebc28c335f2a2b9db7736dc1961131b04)
1commit 1dc8d93ce69d6565747eb44446ed117187621b26
2Author: deraadt@openbsd.org <deraadt@openbsd.org>
3Date:   Thu Aug 6 14:53:21 2015 +0000
4
5    upstream commit
6
7    add prohibit-password as a synonymn for without-password,
8     since the without-password is causing too many questions.  Harden it to ban
9     all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from
10     djm, ok markus
11
12    Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a
13
14commit 90a95a4745a531b62b81ce3b025e892bdc434de5
15Author: Damien Miller <djm@mindrot.org>
16Date:   Tue Aug 11 13:53:41 2015 +1000
17
18    update version in README
19
20commit 318c37743534b58124f1bab37a8a0087a3a9bd2f
21Author: Damien Miller <djm@mindrot.org>
22Date:   Tue Aug 11 13:53:09 2015 +1000
23
24    update versions in *.spec
25
26commit 5e75f5198769056089fb06c4d738ab0e5abc66f7
27Author: Damien Miller <djm@mindrot.org>
28Date:   Tue Aug 11 13:34:12 2015 +1000
29
30    set sshpam_ctxt to NULL after free
31
32    Avoids use-after-free in monitor when privsep child is compromised.
33    Reported by Moritz Jodeit; ok dtucker@
34
35commit d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
36Author: Damien Miller <djm@mindrot.org>
37Date:   Tue Aug 11 13:33:24 2015 +1000
38
39    Don't resend username to PAM; it already has it.
40
41    Pointed out by Moritz Jodeit; ok dtucker@
42
43commit 88763a6c893bf3dfe951ba9271bf09715e8d91ca
44Author: Darren Tucker <dtucker@zip.com.au>
45Date:   Mon Jul 27 12:14:25 2015 +1000
46
47    Import updated moduli file from OpenBSD.
48
49commit 55b263fb7cfeacb81aaf1c2036e0394c881637da
50Author: Damien Miller <djm@mindrot.org>
51Date:   Mon Aug 10 11:13:44 2015 +1000
52
53    let principals-command.sh work for noexec /var/run
54
55commit 2651e34cd11b1aac3a0fe23b86d8c2ff35c07897
56Author: Damien Miller <djm@mindrot.org>
57Date:   Thu Aug 6 11:43:42 2015 +1000
58
59    work around echo -n / sed behaviour in tests
60
61commit d85dad81778c1aa8106acd46930b25fdf0d15b2a
62Author: djm@openbsd.org <djm@openbsd.org>
63Date:   Wed Aug 5 05:27:33 2015 +0000
64
65    upstream commit
66
67    adjust for RSA minimum modulus switch; ok deraadt@
68
69    Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae
70
71commit 57e8e229bad5fe6056b5f1199665f5f7008192c6
72Author: djm@openbsd.org <djm@openbsd.org>
73Date:   Tue Aug 4 05:23:06 2015 +0000
74
75    upstream commit
76
77    backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this
78     release; problems spotted by sthen@ ok deraadt@ markus@
79
80    Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822
81
82commit f097d0ea1e0889ca0fa2e53a00214e43ab7fa22a
83Author: djm@openbsd.org <djm@openbsd.org>
84Date:   Sun Aug 2 09:56:42 2015 +0000
85
86    upstream commit
87
88    openssh 7.0; ok deraadt@
89
90    Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f
91
92commit 3d5728a0f6874ce4efb16913a12963595070f3a9
93Author: chris@openbsd.org <chris@openbsd.org>
94Date:   Fri Jul 31 15:38:09 2015 +0000
95
96    upstream commit
97
98    Allow PermitRootLogin to be overridden by config
99
100    ok markus@ deeradt@
101
102    Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4
103
104commit 6f941396b6835ad18018845f515b0c4fe20be21a
105Author: djm@openbsd.org <djm@openbsd.org>
106Date:   Thu Jul 30 23:09:15 2015 +0000
107
108    upstream commit
109
110    fix pty permissions; patch from Nikolay Edigaryev; ok
111     deraadt
112
113    Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550
114
115commit f4373ed1e8fbc7c8ce3fc4ea97d0ba2e0c1d7ef0
116Author: deraadt@openbsd.org <deraadt@openbsd.org>
117Date:   Thu Jul 30 19:23:02 2015 +0000
118
119    upstream commit
120
121    change default: PermitRootLogin without-password matching
122     install script changes coming as well ok djm markus
123
124    Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6
125
126commit 0c30ba91f87fcda7e975e6ff8a057f624e87ea1c
127Author: Damien Miller <djm@mindrot.org>
128Date:   Thu Jul 30 12:31:39 2015 +1000
129
130    downgrade OOM adjustment logging: verbose -> debug
131
132commit f9eca249d4961f28ae4b09186d7dc91de74b5895
133Author: djm@openbsd.org <djm@openbsd.org>
134Date:   Thu Jul 30 00:01:34 2015 +0000
135
136    upstream commit
137
138    Allow ssh_config and sshd_config kex parameters options be
139     prefixed by a '+' to indicate that the specified items be appended to the
140     default rather than replacing it.
141
142    approach suggested by dtucker@, feedback dlg@, ok markus@
143
144    Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
145
146commit 5cefe769105a2a2e3ca7479d28d9a325d5ef0163
147Author: djm@openbsd.org <djm@openbsd.org>
148Date:   Wed Jul 29 08:34:54 2015 +0000
149
150    upstream commit
151
152    fix bug in previous; was printing incorrect string for
153     failed host key algorithms negotiation
154
155    Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e
156
157commit f319912b0d0e1675b8bb051ed8213792c788bcb2
158Author: djm@openbsd.org <djm@openbsd.org>
159Date:   Wed Jul 29 04:43:06 2015 +0000
160
161    upstream commit
162
163    include the peer's offer when logging a failure to
164     negotiate a mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@
165
166    Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796
167
168commit b6ea0e573042eb85d84defb19227c89eb74cf05a
169Author: djm@openbsd.org <djm@openbsd.org>
170Date:   Tue Jul 28 23:20:42 2015 +0000
171
172    upstream commit
173
174    add Cisco to the list of clients that choke on the
175     hostkeys update extension. Pointed out by Howard Kash
176
177    Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84
178
179commit 3f628c7b537291c1019ce86af90756fb4e66d0fd
180Author: guenther@openbsd.org <guenther@openbsd.org>
181Date:   Mon Jul 27 16:29:23 2015 +0000
182
183    upstream commit
184
185    Permit kbind(2) use in the sandbox now, to ease testing
186     of ld.so work using it
187
188    reminded by miod@, ok deraadt@
189
190    Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413
191
192commit ebe27ebe520098bbc0fe58945a87ce8490121edb
193Author: millert@openbsd.org <millert@openbsd.org>
194Date:   Mon Jul 20 18:44:12 2015 +0000
195
196    upstream commit
197
198    Move .Pp before .Bl, not after to quiet mandoc -Tlint.
199     Noticed by jmc@
200
201    Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23
202
203commit d5d91d0da819611167782c66ab629159169d94d4
204Author: millert@openbsd.org <millert@openbsd.org>
205Date:   Mon Jul 20 18:42:35 2015 +0000
206
207    upstream commit
208
209    Sync usage with SYNOPSIS
210
211    Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7
212
213commit 79ec2142fbc68dd2ed9688608da355fc0b1ed743
214Author: millert@openbsd.org <millert@openbsd.org>
215Date:   Mon Jul 20 15:39:52 2015 +0000
216
217    upstream commit
218
219    Better desciption of Unix domain socket forwarding.
220     bz#2423; ok jmc@
221
222    Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d
223
224commit d56fd1828074a4031b18b8faa0bf949669eb18a0
225Author: Damien Miller <djm@mindrot.org>
226Date:   Mon Jul 20 11:19:51 2015 +1000
227
228    make realpath.c compile -Wsign-compare clean
229
230commit c63c9a691dca26bb7648827f5a13668832948929
231Author: djm@openbsd.org <djm@openbsd.org>
232Date:   Mon Jul 20 00:30:01 2015 +0000
233
234    upstream commit
235
236    mention that the default of UseDNS=no implies that
237     hostnames cannot be used for host matching in sshd_config and
238     authorized_keys; bz#2045, ok dtucker@
239
240    Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1
241
242commit 63ebcd0005e9894fcd6871b7b80aeea1fec0ff76
243Author: djm@openbsd.org <djm@openbsd.org>
244Date:   Sat Jul 18 08:02:17 2015 +0000
245
246    upstream commit
247
248    don't ignore PKCS#11 hosted keys that return empty
249     CKA_ID; patch by Jakub Jelen via bz#2429; ok markus
250
251    Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485
252
253commit b15fd989c8c62074397160147a8d5bc34b3f3c63
254Author: djm@openbsd.org <djm@openbsd.org>
255Date:   Sat Jul 18 08:00:21 2015 +0000
256
257    upstream commit
258
259    skip uninitialised PKCS#11 slots; patch from Jakub Jelen
260     in bz#2427 ok markus@
261
262    Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29
263
264commit 5b64f85bb811246c59ebab70aed331f26ba37b18
265Author: djm@openbsd.org <djm@openbsd.org>
266Date:   Sat Jul 18 07:57:14 2015 +0000
267
268    upstream commit
269
270    only query each keyboard-interactive device once per
271     authentication request regardless of how many times it is listed; ok markus@
272
273    Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
274
275commit cd7324d0667794eb5c236d8a4e0f236251babc2d
276Author: djm@openbsd.org <djm@openbsd.org>
277Date:   Fri Jul 17 03:34:27 2015 +0000
278
279    upstream commit
280
281    remove -u flag to diff (only used for error output) to make
282     things easier for -portable
283
284    Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548
285
286commit deb8d99ecba70b67f4af7880b11ca8768df9ec3a
287Author: djm@openbsd.org <djm@openbsd.org>
288Date:   Fri Jul 17 03:09:19 2015 +0000
289
290    upstream commit
291
292    direct-streamlocal@openssh.com Unix domain foward
293     messages do not contain a "reserved for future use" field and in fact,
294     serverloop.c checks that there isn't one. Remove erroneous mention from
295     PROTOCOL description. bz#2421 from Daniel Black
296
297    Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac
298
299commit 356b61f365405b5257f5b2ab446e5d7bd33a7b52
300Author: djm@openbsd.org <djm@openbsd.org>
301Date:   Fri Jul 17 03:04:27 2015 +0000
302
303    upstream commit
304
305    describe magic for setting up Unix domain socket fowards
306     via the mux channel; bz#2422 patch from Daniel Black
307
308    Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861
309
310commit d3e2aee41487d55b8d7d40f538b84ff1db7989bc
311Author: Darren Tucker <dtucker@zip.com.au>
312Date:   Fri Jul 17 12:52:34 2015 +1000
313
314    Check if realpath works on nonexistent files.
315
316    On some platforms the native realpath doesn't work with non-existent
317    files (this is actually specified in some versions of POSIX), however
318    the sftp spec says its realpath with "canonicalize any given path name".
319    On those platforms, use realpath from the compat library.
320
321    In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines
322    the realpath symbol to the checked version, so redefine ours to
323    something else so we pick up the compat version we want.
324
325    bz#2428, ok djm@
326
327commit 25b14610dab655646a109db5ef8cb4c4bf2a48a0
328Author: djm@openbsd.org <djm@openbsd.org>
329Date:   Fri Jul 17 02:47:45 2015 +0000
330
331    upstream commit
332
333    fix incorrect test for SSH1 keys when compiled without SSH1
334     support
335
336    Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451
337
338commit df56a8035d429b2184ee94aaa7e580c1ff67f73a
339Author: djm@openbsd.org <djm@openbsd.org>
340Date:   Wed Jul 15 08:00:11 2015 +0000
341
342    upstream commit
343
344    fix NULL-deref when SSH1 reenabled
345
346    Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295
347
348commit 41e38c4d49dd60908484e6703316651333f16b93
349Author: djm@openbsd.org <djm@openbsd.org>
350Date:   Wed Jul 15 07:19:50 2015 +0000
351
352    upstream commit
353
354    regen RSA1 test keys; the last batch was missing their
355     private parts
356
357    Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a
358
359commit 5bf0933184cb622ca3f96d224bf3299fd2285acc
360Author: markus@openbsd.org <markus@openbsd.org>
361Date:   Fri Jul 10 06:23:25 2015 +0000
362
363    upstream commit
364
365    Adapt tests, now that DSA if off by default; use
366     PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
367
368    Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
369
370commit 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc
371Author: markus@openbsd.org <markus@openbsd.org>
372Date:   Tue Jul 7 14:54:16 2015 +0000
373
374    upstream commit
375
376    regen test data after mktestdata.sh changes
377
378    Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4
379
380commit 7c8c174c69f681d4910fa41c37646763692b28e2
381Author: markus@openbsd.org <markus@openbsd.org>
382Date:   Tue Jul 7 14:53:30 2015 +0000
383
384    upstream commit
385
386    adapt tests to new minimum RSA size and default FP format
387
388    Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e
389
390commit 6a977a4b68747ade189e43d302f33403fd4a47ac
391Author: djm@openbsd.org <djm@openbsd.org>
392Date:   Fri Jul 3 04:39:23 2015 +0000
393
394    upstream commit
395
396    legacy v00 certificates are gone; adapt and don't try to
397     test them; "sure" markus@ dtucker@
398
399    Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12
400
401commit 0c4123ad5e93fb90fee9c6635b13a6cdabaac385
402Author: djm@openbsd.org <djm@openbsd.org>
403Date:   Wed Jul 1 23:11:18 2015 +0000
404
405    upstream commit
406
407    don't expect SSH v.1 in unittests
408
409    Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397
410
411commit 3c099845798a817cdde513c39074ec2063781f18
412Author: djm@openbsd.org <djm@openbsd.org>
413Date:   Mon Jun 15 06:38:50 2015 +0000
414
415    upstream commit
416
417    turn SSH1 back on to match src/usr.bin/ssh being tested
418
419    Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333
420
421commit b1dc2b33689668c75e95f873a42d5aea1f4af1db
422Author: dtucker@openbsd.org <dtucker@openbsd.org>
423Date:   Mon Jul 13 04:57:14 2015 +0000
424
425    upstream commit
426
427    Add "PuTTY_Local:" to the clients to which we do not
428     offer DH-GEX. This was the string that was used for development versions
429     prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately
430     there are some extant products based on those versions.  bx2424 from Jay
431     Rouman, ok markus@ djm@
432
433    Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5
434
435commit 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9
436Author: markus@openbsd.org <markus@openbsd.org>
437Date:   Fri Jul 10 06:21:53 2015 +0000
438
439    upstream commit
440
441    Turn off DSA by default; add HostKeyAlgorithms to the
442     server and PubkeyAcceptedKeyTypes to the client side, so it still can be
443     tested or turned back on; feedback and ok djm@
444
445    Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
446
447commit 16db0a7ee9a87945cc594d13863cfcb86038db59
448Author: markus@openbsd.org <markus@openbsd.org>
449Date:   Thu Jul 9 09:49:46 2015 +0000
450
451    upstream commit
452
453    re-enable ed25519-certs if compiled w/o openssl; ok djm
454
455    Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49
456
457commit c355bf306ac33de6545ce9dac22b84a194601e2f
458Author: markus@openbsd.org <markus@openbsd.org>
459Date:   Wed Jul 8 20:24:02 2015 +0000
460
461    upstream commit
462
463    no need to include the old buffer/key API
464
465    Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b
466
467commit a3cc48cdf9853f1e832d78cb29bedfab7adce1ee
468Author: markus@openbsd.org <markus@openbsd.org>
469Date:   Wed Jul 8 19:09:25 2015 +0000
470
471    upstream commit
472
473    typedefs for Cipher&CipherContext are unused
474
475    Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7
476
477commit a635bd06b5c427a57c3ae760d3a2730bb2c863c0
478Author: markus@openbsd.org <markus@openbsd.org>
479Date:   Wed Jul 8 19:04:21 2015 +0000
480
481    upstream commit
482
483    xmalloc.h is unused
484
485    Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58
486
487commit 2521cf0e36c7f3f6b19f206da0af134f535e4a31
488Author: markus@openbsd.org <markus@openbsd.org>
489Date:   Wed Jul 8 19:01:15 2015 +0000
490
491    upstream commit
492
493    compress.c is gone
494
495    Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced
496
497commit c65a7aa6c43aa7a308ee1ab8a96f216169ae9615
498Author: djm@openbsd.org <djm@openbsd.org>
499Date:   Fri Jul 3 04:05:54 2015 +0000
500
501    upstream commit
502
503    another SSH_RSA_MINIMUM_MODULUS_SIZE that needed
504     cranking
505
506    Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1
507
508commit b1f383da5cd3cb921fc7776f17a14f44b8a31757
509Author: djm@openbsd.org <djm@openbsd.org>
510Date:   Fri Jul 3 03:56:25 2015 +0000
511
512    upstream commit
513
514    add an XXX reminder for getting correct key paths from
515     sshd_config
516
517    Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db
518
519commit 933935ce8d093996c34d7efa4d59113163080680
520Author: djm@openbsd.org <djm@openbsd.org>
521Date:   Fri Jul 3 03:49:45 2015 +0000
522
523    upstream commit
524
525    refuse to generate or accept RSA keys smaller than 1024
526     bits; feedback and ok dtucker@
527
528    Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
529
530commit bdfd29f60b74f3e678297269dc6247a5699583c1
531Author: djm@openbsd.org <djm@openbsd.org>
532Date:   Fri Jul 3 03:47:00 2015 +0000
533
534    upstream commit
535
536    turn off 1024 bit diffie-hellman-group1-sha1 key
537     exchange method (already off in server, this turns it off in the client by
538     default too) ok dtucker@
539
540    Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa
541
542commit c28fc62d789d860c75e23a9fa9fb250eb2beca57
543Author: djm@openbsd.org <djm@openbsd.org>
544Date:   Fri Jul 3 03:43:18 2015 +0000
545
546    upstream commit
547
548    delete support for legacy v00 certificates; "sure"
549     markus@ dtucker@
550
551    Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
552
553commit 564d63e1b4a9637a209d42a9d49646781fc9caef
554Author: djm@openbsd.org <djm@openbsd.org>
555Date:   Wed Jul 1 23:10:47 2015 +0000
556
557    upstream commit
558
559    Compile-time disable SSH v.1 again
560
561    Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af
562
563commit 868109b650504dd9bcccdb1f51d0906f967c20ff
564Author: djm@openbsd.org <djm@openbsd.org>
565Date:   Wed Jul 1 02:39:06 2015 +0000
566
567    upstream commit
568
569    twiddle PermitRootLogin back
570
571    Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2
572
573commit 7de4b03a6e4071d454b72927ffaf52949fa34545
574Author: djm@openbsd.org <djm@openbsd.org>
575Date:   Wed Jul 1 02:32:17 2015 +0000
576
577    upstream commit
578
579    twiddle; (this commit marks the openssh-6.9 release)
580
581    Upstream-ID: 78500582819f61dd8adee36ec5cc9b9ac9351234
582
583commit 1bf477d3cdf1a864646d59820878783d42357a1d
584Author: djm@openbsd.org <djm@openbsd.org>
585Date:   Wed Jul 1 02:26:31 2015 +0000
586
587    upstream commit
588
589    better refuse ForwardX11Trusted=no connections attempted
590     after ForwardX11Timeout expires; reported by Jann Horn
591
592    Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21
593
594commit 47aa7a0f8551b471fcae0447c1d78464f6dba869
595Author: djm@openbsd.org <djm@openbsd.org>
596Date:   Wed Jul 1 01:56:13 2015 +0000
597
598    upstream commit
599
600    put back default PermitRootLogin=no
601
602    Upstream-ID: 7bdedd5cead99c57ed5571f3b6b7840922d5f728
603
604commit 984b064fe2a23733733262f88d2e1b2a1a501662
605Author: djm@openbsd.org <djm@openbsd.org>
606Date:   Wed Jul 1 01:55:13 2015 +0000
607
608    upstream commit
609
610    openssh-6.9
611
612    Upstream-ID: 6cfe8e1904812531080e6ab6e752d7001b5b2d45
613
614commit d921082ed670f516652eeba50705e1e9f6325346
615Author: djm@openbsd.org <djm@openbsd.org>
616Date:   Wed Jul 1 01:55:00 2015 +0000
617
618    upstream commit
619
620    reset default PermitRootLogin to 'yes' (momentarily, for
621     release)
622
623    Upstream-ID: cad8513527066e65dd7a1c16363d6903e8cefa24
624
625commit 66295e0e1ba860e527f191b6325d2d77dec4dbce
626Author: Damien Miller <djm@mindrot.org>
627Date:   Wed Jul 1 11:49:12 2015 +1000
628
629    crank version numbers for release
630
631commit 37035c07d4f26bb1fbe000d2acf78efdb008681d
632Author: Damien Miller <djm@mindrot.org>
633Date:   Wed Jul 1 10:49:37 2015 +1000
634
635    s/--with-ssh1/--without-ssh1/
636
637commit 629df770dbadc2accfbe1c81b3f31f876d0acd84
638Author: djm@openbsd.org <djm@openbsd.org>
639Date:   Tue Jun 30 05:25:07 2015 +0000
640
641    upstream commit
642
643    fatal() when a remote window update causes the window
644     value to overflow. Reported by Georg Wicherski, ok markus@
645
646    Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351
647
648commit f715afebe735d61df3fd30ad72d9ac1c8bd3b5f2
649Author: djm@openbsd.org <djm@openbsd.org>
650Date:   Tue Jun 30 05:23:25 2015 +0000
651
652    upstream commit
653
654    Fix math error in remote window calculations that causes
655     eventual stalls for datagram channels. Reported by Georg Wicherski, ok
656     markus@
657
658    Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab
659
660commit 52fb6b9b034fcfd24bf88cc7be313e9c31de9889
661Author: Damien Miller <djm@mindrot.org>
662Date:   Tue Jun 30 16:05:40 2015 +1000
663
664    skip IPv6-related portions on hosts without IPv6
665
666    with Tim Rice
667
668commit 512caddf590857af6aa12218461b5c0441028cf5
669Author: djm@openbsd.org <djm@openbsd.org>
670Date:   Mon Jun 29 22:35:12 2015 +0000
671
672    upstream commit
673
674    add getpid to sandbox, reachable by grace_alarm_handler
675
676    reported by Jakub Jelen; bz#2419
677
678    Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8
679
680commit 78c2a4f883ea9aba866358e2acd9793a7f42ca93
681Author: djm@openbsd.org <djm@openbsd.org>
682Date:   Fri Jun 26 05:13:20 2015 +0000
683
684    upstream commit
685
686    Fix \-escaping bug that caused forward path parsing to skip
687     two characters and skip past the end of the string.
688
689    Based on patch by Salvador Fandino; ok dtucker@
690
691    Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd
692
693commit bc20205c91c9920361d12b15d253d4997dba494a
694Author: Damien Miller <djm@mindrot.org>
695Date:   Thu Jun 25 09:51:39 2015 +1000
696
697    add missing pselect6
698
699    patch from Jakub Jelen
700
701commit 9d27fb73b4a4e5e99cb880af790d5b1ce44f720a
702Author: djm@openbsd.org <djm@openbsd.org>
703Date:   Wed Jun 24 23:47:23 2015 +0000
704
705    upstream commit
706
707    correct test to sshkey_sign(); spotted by Albert S.
708
709    Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933
710
711commit 7ed01a96a1911d8b4a9ef4f3d064e1923bfad7e3
712Author: dtucker@openbsd.org <dtucker@openbsd.org>
713Date:   Wed Jun 24 01:49:19 2015 +0000
714
715    upstream commit
716
717    Revert previous commit.  We still want to call setgroups
718     in the case where there are zero groups to remove any that we might otherwise
719     inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
720     to setgroups is always a static global it's always valid to dereference in
721     this case.  ok deraadt@ djm@
722
723    Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
724
725commit 882f8bf94f79528caa65b0ba71c185d705bb7195
726Author: dtucker@openbsd.org <dtucker@openbsd.org>
727Date:   Wed Jun 24 01:49:19 2015 +0000
728
729    upstream commit
730
731    Revert previous commit.  We still want to call setgroups in
732     the case where there are zero groups to remove any that we might otherwise
733     inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
734     to setgroups is always a static global it's always valid to dereference in
735     this case.  ok deraadt@ djm@
736
737    Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
738
739commit 9488538a726951e82b3a4374f3c558d72c80a89b
740Author: djm@openbsd.org <djm@openbsd.org>
741Date:   Mon Jun 22 23:42:16 2015 +0000
742
743    upstream commit
744
745    Don't count successful partial authentication as failures
746     in monitor; this may have caused the monitor to refuse multiple
747     authentications that would otherwise have successfully completed; ok markus@
748
749    Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3
750
751commit 63b78d003bd8ca111a736e6cea6333da50f5f09b
752Author: dtucker@openbsd.org <dtucker@openbsd.org>
753Date:   Mon Jun 22 12:29:57 2015 +0000
754
755    upstream commit
756
757    Don't call setgroups if we have zero groups; there's no
758     guarantee that it won't try to deref the pointer.  Based on a patch from mail
759     at quitesimple.org, ok djm deraadt
760
761    Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1
762
763commit 5c15e22c691c79a47747bcf5490126656f97cecd
764Author: Damien Miller <djm@mindrot.org>
765Date:   Thu Jun 18 15:07:56 2015 +1000
766
767    fix syntax error
768
769commit 596dbca82f3f567fb3d2d69af4b4e1d3ba1e6403
770Author: jsing@openbsd.org <jsing@openbsd.org>
771Date:   Mon Jun 15 18:44:22 2015 +0000
772
773    upstream commit
774
775    If AuthorizedPrincipalsCommand is specified, however
776     AuthorizedPrincipalsFile is not (or is set to "none"), authentication will
777     potentially fail due to key_cert_check_authority() failing to locate a
778     principal that matches the username, even though an authorized principal has
779     already been matched in the output of the subprocess. Fix this by using the
780     same logic to determine if pw->pw_name should be passed, as is used to
781     determine if a authorized principal must be matched earlier on.
782
783    ok djm@
784
785    Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d
786
787commit aff3e94c0d75d0d0fa84ea392b50ab04f8c57905
788Author: jsing@openbsd.org <jsing@openbsd.org>
789Date:   Mon Jun 15 18:42:19 2015 +0000
790
791    upstream commit
792
793    Make the arguments to match_principals_command() similar
794     to match_principals_file(), by changing the last argument a struct
795     sshkey_cert * and dereferencing key->cert in the caller.
796
797    No functional change.
798
799    ok djm@
800
801    Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c
802
803commit 97e2e1596c202a4693468378b16b2353fd2d6c5e
804Author: Damien Miller <djm@mindrot.org>
805Date:   Wed Jun 17 14:36:54 2015 +1000
806
807    trivial optimisation for seccomp-bpf
808
809    When doing arg inspection and the syscall doesn't match, skip
810    past the instruction that reloads the syscall into the accumulator,
811    since the accumulator hasn't been modified at this point.
812
813commit 99f33d7304893bd9fa04d227cb6e870171cded19
814Author: Damien Miller <djm@mindrot.org>
815Date:   Wed Jun 17 10:50:51 2015 +1000
816
817    aarch64 support for seccomp-bpf sandbox
818
819    Also resort and tidy syscall list. Based on patches by Jakub Jelen
820    bz#2361; ok dtucker@
821
822commit 4ef702e1244633c1025ec7cfe044b9ab267097bf
823Author: djm@openbsd.org <djm@openbsd.org>
824Date:   Mon Jun 15 01:32:50 2015 +0000
825
826    upstream commit
827
828    return failure on RSA signature error; reported by Albert S
829
830    Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa
831
832commit a170f22baf18af0b1acf2788b8b715605f41a1f9
833Author: Tim Rice <tim@multitalents.net>
834Date:   Tue Jun 9 22:41:13 2015 -0700
835
836    Fix t12 rules for out of tree builds.
837
838commit ec04dc4a5515c913121bc04ed261857e68fa5c18
839Author: millert@openbsd.org <millert@openbsd.org>
840Date:   Fri Jun 5 15:13:13 2015 +0000
841
842    upstream commit
843
844    For "ssh -L 12345:/tmp/sock" don't fail with "No forward host
845     name." (we have a path, not a host name).  Based on a diff from Jared
846     Yanovich. OK djm@
847
848    Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f
849
850commit 732d61f417a6aea0aa5308b59cb0f563bcd6edd6
851Author: djm@openbsd.org <djm@openbsd.org>
852Date:   Fri Jun 5 03:44:14 2015 +0000
853
854    upstream commit
855
856    typo: accidental repetition; bz#2386
857
858    Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b
859
860commit adfb24c69d1b6f5e758db200866c711e25a2ba73
861Author: Darren Tucker <dtucker@zip.com.au>
862Date:   Fri Jun 5 14:51:40 2015 +1000
863
864    Add Linux powerpc64le and powerpcle entries.
865
866    Stopgap to resolve bz#2409 because we are so close to release and will
867    update config.guess and friends shortly after the release.  ok djm@
868
869commit a1195a0fdc9eddddb04d3e9e44c4775431cb77da
870Merge: 6397eed d2480bc
871Author: Tim Rice <tim@multitalents.net>
872Date:   Wed Jun 3 21:43:13 2015 -0700
873
874    Merge branch 'master' of git.mindrot.org:/var/git/openssh
875
876commit 6397eedf953b2b973d2d7cbb504ab501a07f8ddc
877Author: Tim Rice <tim@multitalents.net>
878Date:   Wed Jun 3 21:41:11 2015 -0700
879
880    Remove unneeded backslashes. Patch from Ángel González
881
882commit d2480bcac1caf31b03068de877a47d6e1027bf6d
883Author: Darren Tucker <dtucker@zip.com.au>
884Date:   Thu Jun 4 14:10:55 2015 +1000
885
886    Remove redundant include of stdarg.h.  bz#2410
887
888commit 5e67859a623826ccdf2df284cbb37e2d8e2787eb
889Author: djm@openbsd.org <djm@openbsd.org>
890Date:   Tue Jun 2 09:10:40 2015 +0000
891
892    upstream commit
893
894    mention CheckHostIP adding addresses to known_hosts;
895     bz#1993; ok dtucker@
896
897    Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7
898
899commit d7a58bbac6583e33fd5eca8e2c2cc70c57617818
900Author: Darren Tucker <dtucker@zip.com.au>
901Date:   Tue Jun 2 20:15:26 2015 +1000
902
903    Replace strcpy with strlcpy.
904
905    ok djm, sanity check by Corinna Vinschen.
906
907commit 51a1c2115265c6e80ede8a5c9dccada9aeed7143
908Author: Damien Miller <djm@mindrot.org>
909Date:   Fri May 29 18:27:21 2015 +1000
910
911    skip, rather than fatal when run without SUDO set
912
913commit 599f01142a376645b15cbc9349d7e8975e1cf245
914Author: Damien Miller <djm@mindrot.org>
915Date:   Fri May 29 18:03:15 2015 +1000
916
917    fix merge botch that left ",," in KEX algs
918
919commit 0c2a81dfc21822f2423edd30751e5ec53467b347
920Author: Damien Miller <djm@mindrot.org>
921Date:   Fri May 29 17:08:28 2015 +1000
922
923    re-enable SSH protocol 1 at compile time
924
925commit db438f9285d64282d3ac9e8c0944f59f037c0151
926Author: djm@openbsd.org <djm@openbsd.org>
927Date:   Fri May 29 03:05:13 2015 +0000
928
929    upstream commit
930
931    make this work without SUDO set; ok dtucker@
932
933    Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715
934
935commit 1d9a2e2849c9864fe75daabf433436341c968e14
936Author: djm@openbsd.org <djm@openbsd.org>
937Date:   Thu May 28 07:37:31 2015 +0000
938
939    upstream commit
940
941    wrap all moduli-related code in #ifdef WITH_OPENSSL.
942     based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@
943
944    Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
945
946commit 496aeb25bc2d6c434171292e4714771b594bd00e
947Author: dtucker@openbsd.org <dtucker@openbsd.org>
948Date:   Thu May 28 05:41:29 2015 +0000
949
950    upstream commit
951
952    Increase the allowed length of the known host file name
953     in the log message to be consistent with other cases.  Part of bz#1993, ok
954     deraadt.
955
956    Upstream-ID: a9e97567be49f25daf286721450968251ff78397
957
958commit dd2cfeb586c646ff8d70eb93567b2e559ace5b14
959Author: dtucker@openbsd.org <dtucker@openbsd.org>
960Date:   Thu May 28 05:09:45 2015 +0000
961
962    upstream commit
963
964    Fix typo (keywork->keyword)
965
966    Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534
967
968commit 9cc6842493fbf23025ccc1edab064869640d3bec
969Author: djm@openbsd.org <djm@openbsd.org>
970Date:   Thu May 28 04:50:53 2015 +0000
971
972    upstream commit
973
974    add error message on ftruncate failure; bz#2176
975
976    Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf
977
978commit d1958793a0072c22be26d136dbda5ae263e717a0
979Author: djm@openbsd.org <djm@openbsd.org>
980Date:   Thu May 28 04:40:13 2015 +0000
981
982    upstream commit
983
984    make ssh-keygen default to ed25519 keys when compiled
985     without OpenSSL; bz#2388, ok dtucker@
986
987    Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71
988
989commit 3ecde664c9fc5fb3667aedf9e6671462600f6496
990Author: dtucker@openbsd.org <dtucker@openbsd.org>
991Date:   Wed May 27 23:51:10 2015 +0000
992
993    upstream commit
994
995    Reorder client proposal to prefer
996     diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1.  ok djm@
997
998    Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058
999
1000commit 40f64292b907afd0a674fdbf3e4c2356d17a7d68
1001Author: dtucker@openbsd.org <dtucker@openbsd.org>
1002Date:   Wed May 27 23:39:18 2015 +0000
1003
1004    upstream commit
1005
1006    Add a stronger (4k bit) fallback group that sshd can use
1007     when the moduli file is missing or broken, sourced from RFC3526.  bz#2302, ok
1008     markus@ (earlier version), djm@
1009
1010    Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4
1011
1012commit 5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a
1013Author: Darren Tucker <dtucker@zip.com.au>
1014Date:   Thu May 28 10:03:40 2015 +1000
1015
1016    New moduli file from OpenBSD, removing 1k groups.
1017
1018    Remove 1k bit groups.  ok deraadt@, markus@
1019
1020commit a71ba58adf34e599f30cdda6e9b93ae6e3937eea
1021Author: djm@openbsd.org <djm@openbsd.org>
1022Date:   Wed May 27 05:15:02 2015 +0000
1023
1024    upstream commit
1025
1026    support PKCS#11 devices with external PIN entry devices
1027     bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@
1028
1029    Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d
1030
1031commit b282fec1aa05246ed3482270eb70fc3ec5f39a00
1032Author: dtucker@openbsd.org <dtucker@openbsd.org>
1033Date:   Tue May 26 23:23:40 2015 +0000
1034
1035    upstream commit
1036
1037    Cap DH-GEX group size at 4kbits for Cisco implementations.
1038     Some of them will choke when asked for preferred sizes >4k instead of
1039     returning the 4k group that they do have.  bz#2209, ok djm@
1040
1041    Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d
1042
1043commit 3e91b4e8b0dc2b4b7e7d42cf6e8994a32e4cb55e
1044Author: djm@openbsd.org <djm@openbsd.org>
1045Date:   Sun May 24 23:39:16 2015 +0000
1046
1047    upstream commit
1048
1049    add missing 'c' option to getopt(), case statement was
1050     already there; from Felix Bolte
1051
1052    Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081
1053
1054commit 64a89ec07660abba4d0da7c0095b7371c98bab62
1055Author: jsg@openbsd.org <jsg@openbsd.org>
1056Date:   Sat May 23 14:28:37 2015 +0000
1057
1058    upstream commit
1059
1060    fix a memory leak in an error path ok markus@ dtucker@
1061
1062    Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598
1063
1064commit f948737449257d2cb83ffcfe7275eb79b677fd4a
1065Author: djm@openbsd.org <djm@openbsd.org>
1066Date:   Fri May 22 05:28:45 2015 +0000
1067
1068    upstream commit
1069
1070    mention ssh-keygen -E for comparing legacy MD5
1071     fingerprints; bz#2332
1072
1073    Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859
1074
1075commit 0882332616e4f0272c31cc47bf2018f9cb258a4e
1076Author: djm@openbsd.org <djm@openbsd.org>
1077Date:   Fri May 22 04:45:52 2015 +0000
1078
1079    upstream commit
1080
1081    Reorder EscapeChar option parsing to avoid a single-byte
1082     out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@
1083
1084    Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060
1085
1086commit d7c31da4d42c115843edee2074d7d501f8804420
1087Author: djm@openbsd.org <djm@openbsd.org>
1088Date:   Fri May 22 03:50:02 2015 +0000
1089
1090    upstream commit
1091
1092    add knob to relax GSSAPI host credential check for
1093     multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker
1094     (kerberos/GSSAPI is not compiled by default on OpenBSD)
1095
1096    Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d
1097
1098commit aa72196a00be6e0b666215edcffbc10af234cb0e
1099Author: Darren Tucker <dtucker@zip.com.au>
1100Date:   Fri May 22 17:49:46 2015 +1000
1101
1102    Include signal.h for sig_atomic_t, used by kex.h.
1103
1104    bz#2402, from tomas.kuthan at oracle com.
1105
1106commit 8b02481143d75e91c49d1bfae0876ac1fbf9511a
1107Author: Darren Tucker <dtucker@zip.com.au>
1108Date:   Fri May 22 12:47:24 2015 +1000
1109
1110    Import updated moduli file from OpenBSD.
1111
1112commit 4739e8d5e1c0be49624082bd9f6b077e9e758db9
1113Author: djm@openbsd.org <djm@openbsd.org>
1114Date:   Thu May 21 12:01:19 2015 +0000
1115
1116    upstream commit
1117
1118    Support "ssh-keygen -lF hostname" to find search known_hosts
1119     and print key hashes. Already advertised by ssh-keygen(1), but not delivered
1120     by code; ok dtucker@
1121
1122    Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387
1123
1124commit e97201feca10b5196da35819ae516d0b87cf3a50
1125Author: Damien Miller <djm@mindrot.org>
1126Date:   Thu May 21 17:55:15 2015 +1000
1127
1128    conditionalise util.h inclusion
1129
1130commit 13640798c7dd011ece0a7d02841fe48e94cfa0e0
1131Author: djm@openbsd.org <djm@openbsd.org>
1132Date:   Thu May 21 06:44:25 2015 +0000
1133
1134    upstream commit
1135
1136    regress test for AuthorizedPrincipalsCommand
1137
1138    Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219
1139
1140commit 84452c5d03c21f9bfb28c234e0dc1dc67dd817b1
1141Author: djm@openbsd.org <djm@openbsd.org>
1142Date:   Thu May 21 06:40:02 2015 +0000
1143
1144    upstream commit
1145
1146    regress test for AuthorizedKeysCommand arguments
1147
1148    Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12
1149
1150commit bcc50d816187fa9a03907ac1f3a52f04a52e10d1
1151Author: djm@openbsd.org <djm@openbsd.org>
1152Date:   Thu May 21 06:43:30 2015 +0000
1153
1154    upstream commit
1155
1156    add AuthorizedPrincipalsCommand that allows getting
1157     authorized_principals from a subprocess rather than a file, which is quite
1158     useful in deployments with large userbases
1159
1160    feedback and ok markus@
1161
1162    Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
1163
1164commit 24232a3e5ab467678a86aa67968bbb915caffed4
1165Author: djm@openbsd.org <djm@openbsd.org>
1166Date:   Thu May 21 06:38:35 2015 +0000
1167
1168    upstream commit
1169
1170    support arguments to AuthorizedKeysCommand
1171
1172    bz#2081 loosely based on patch by Sami Hartikainen
1173    feedback and ok markus@
1174
1175    Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
1176
1177commit d80fbe41a57c72420c87a628444da16d09d66ca7
1178Author: djm@openbsd.org <djm@openbsd.org>
1179Date:   Thu May 21 04:55:51 2015 +0000
1180
1181    upstream commit
1182
1183    refactor: split base64 encoding of pubkey into its own
1184     sshkey_to_base64() function and out of sshkey_write(); ok markus@
1185
1186    Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a
1187
1188commit 7cc44ef74133a473734bbcbd3484f24d6a7328c5
1189Author: deraadt@openbsd.org <deraadt@openbsd.org>
1190Date:   Mon May 18 15:06:05 2015 +0000
1191
1192    upstream commit
1193
1194    getentropy() and sendsyslog() have been around long
1195     enough. openssh-portable may want the #ifdef's but not base. discussed with
1196     djm few weeks back
1197
1198    Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926
1199
1200commit 9173d0fbe44de7ebcad8a15618e13a8b8d78902e
1201Author: dtucker@openbsd.org <dtucker@openbsd.org>
1202Date:   Fri May 15 05:44:21 2015 +0000
1203
1204    upstream commit
1205
1206    Use a salted hash of the lock passphrase instead of plain
1207     text and do constant-time comparisons of it. Should prevent leaking any
1208     information about it via timing, pointed out by Ryan Castellucci.  Add a 0.1s
1209     incrementing delay for each failed unlock attempt up to 10s.  ok markus@
1210     (earlier version), djm@
1211
1212    Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f
1213
1214commit d028d5d3a697c71b21e4066d8672cacab3caa0a8
1215Author: Damien Miller <djm@mindrot.org>
1216Date:   Tue May 5 19:10:58 2015 +1000
1217
1218    upstream commit
1219
1220       - tedu@cvs.openbsd.org 2015/01/12 03:20:04
1221         [bcrypt_pbkdf.c]
1222         rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,
1223         nor are they the same size.
1224
1225commit f6391d4e59b058984163ab28f4e317e7a72478f1
1226Author: Damien Miller <djm@mindrot.org>
1227Date:   Tue May 5 19:10:23 2015 +1000
1228
1229    upstream commit
1230
1231       - deraadt@cvs.openbsd.org 2015/01/08 00:30:07
1232         [bcrypt_pbkdf.c]
1233         declare a local version of MIN(), call it MINIMUM()
1234
1235commit 8ac6b13cc9113eb47cd9e86c97d7b26b4b71b77f
1236Author: Damien Miller <djm@mindrot.org>
1237Date:   Tue May 5 19:09:46 2015 +1000
1238
1239    upstream commit
1240
1241       - djm@cvs.openbsd.org 2014/12/30 01:41:43
1242         [bcrypt_pbkdf.c]
1243         typo in comment: ouput => output
1244
1245commit 1f792489d5cf86a4f4e3003e6e9177654033f0f2
1246Author: djm@openbsd.org <djm@openbsd.org>
1247Date:   Mon May 4 06:10:48 2015 +0000
1248
1249    upstream commit
1250
1251    Remove pattern length argument from match_pattern_list(), we
1252     only ever use it for strlen(pattern).
1253
1254    Prompted by hanno AT hboeck.de pointing an out-of-bound read
1255    error caused by an incorrect pattern length found using AFL
1256    and his own tools.
1257
1258    ok markus@
1259
1260commit 639d6bc57b1942393ed12fb48f00bc05d4e093e4
1261Author: djm@openbsd.org <djm@openbsd.org>
1262Date:   Fri May 1 07:10:01 2015 +0000
1263
1264    upstream commit
1265
1266    refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
1267     to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
1268
1269    Improves error messages on TCP connection resets. bz#2257
1270
1271    ok dtucker@
1272
1273commit 9559d7de34c572d4d3fd990ca211f8ec99f62c4d
1274Author: djm@openbsd.org <djm@openbsd.org>
1275Date:   Fri May 1 07:08:08 2015 +0000
1276
1277    upstream commit
1278
1279    a couple of parse targets were missing activep checks,
1280     causing them to be misapplied in match context; bz#2272 diagnosis and
1281     original patch from Sami Hartikainen ok dtucker@
1282
1283commit 7e8528cad04b2775c3b7db08abf8fb42e47e6b2a
1284Author: djm@openbsd.org <djm@openbsd.org>
1285Date:   Fri May 1 04:17:51 2015 +0000
1286
1287    upstream commit
1288
1289    make handling of AuthorizedPrincipalsFile=none more
1290     consistent with other =none options; bz#2288 from Jakub Jelen; ok dtucker@
1291
1292commit ca430d4d9cc0f62eca3b1fb1e2928395b7ce80f7
1293Author: djm@openbsd.org <djm@openbsd.org>
1294Date:   Fri May 1 04:03:20 2015 +0000
1295
1296    upstream commit
1297
1298    remove failed remote forwards established by muliplexing
1299     from the list of active forwards; bz#2363, patch mostly by Yoann Ricordel; ok
1300     dtucker@
1301
1302commit 8312cfb8ad88657517b3e23ac8c56c8e38eb9792
1303Author: djm@openbsd.org <djm@openbsd.org>
1304Date:   Fri May 1 04:01:58 2015 +0000
1305
1306    upstream commit
1307
1308    reduce stderr spam when using ssh -S /path/mux -O forward
1309     -R 0:... ok dtucker@
1310
1311commit 179be0f5e62f1f492462571944e45a3da660d82b
1312Author: djm@openbsd.org <djm@openbsd.org>
1313Date:   Fri May 1 03:23:51 2015 +0000
1314
1315    upstream commit
1316
1317    prevent authorized_keys options picked up on public key
1318     tests without a corresponding private key authentication being applied to
1319     other authentication methods. Reported by halex@, ok markus@
1320
1321commit a42d67be65b719a430b7fcaba2a4e4118382723a
1322Author: djm@openbsd.org <djm@openbsd.org>
1323Date:   Fri May 1 03:20:54 2015 +0000
1324
1325    upstream commit
1326
1327    Don't make parsing of authorized_keys' environment=
1328     option conditional on PermitUserEnv - always parse it, but only use the
1329     result if the option is enabled. This prevents the syntax of authorized_keys
1330     changing depending on which sshd_config options were enabled.
1331
1332    bz#2329; based on patch from coladict AT gmail.com, ok dtucker@
1333
1334commit e661a86353e11592c7ed6a847e19a83609f49e77
1335Author: djm@openbsd.org <djm@openbsd.org>
1336Date:   Mon May 4 06:10:48 2015 +0000
1337
1338    upstream commit
1339
1340    Remove pattern length argument from match_pattern_list(), we
1341     only ever use it for strlen(pattern).
1342
1343    Prompted by hanno AT hboeck.de pointing an out-of-bound read
1344    error caused by an incorrect pattern length found using AFL
1345    and his own tools.
1346
1347    ok markus@
1348
1349commit 0ef1de742be2ee4b10381193fe90730925b7f027
1350Author: dtucker@openbsd.org <dtucker@openbsd.org>
1351Date:   Thu Apr 23 05:01:19 2015 +0000
1352
1353    upstream commit
1354
1355    Add a simple regression test for sshd's configuration
1356     parser.  Right now, all it does is run the output of sshd -T back through
1357     itself and ensure the output is valid and invariant.
1358
1359commit 368f83c793275faa2c52f60eaa9bdac155c4254b
1360Author: djm@openbsd.org <djm@openbsd.org>
1361Date:   Wed Apr 22 01:38:36 2015 +0000
1362
1363    upstream commit
1364
1365    use correct key for nested certificate test
1366
1367commit 8d4d1bfddbbd7d21f545dc6997081d1ea1fbc99a
1368Author: djm@openbsd.org <djm@openbsd.org>
1369Date:   Fri May 1 07:11:47 2015 +0000
1370
1371    upstream commit
1372
1373    mention that the user's shell from /etc/passwd is used
1374     for commands too; bz#1459 ok dtucker@
1375
1376commit 5ab283d0016bbc9d4d71e8e5284d011bc5a930cf
1377Author: djm@openbsd.org <djm@openbsd.org>
1378Date:   Fri May 8 07:29:00 2015 +0000
1379
1380    upstream commit
1381
1382    whitespace
1383
1384    Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519
1385
1386commit 8377d5008ad260048192e1e56ad7d15a56d103dd
1387Author: djm@openbsd.org <djm@openbsd.org>
1388Date:   Fri May 8 07:26:13 2015 +0000
1389
1390    upstream commit
1391
1392    whitespace at EOL
1393
1394    Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554
1395
1396commit c28a3436fa8737709ea88e4437f8f23a6ab50359
1397Author: djm@openbsd.org <djm@openbsd.org>
1398Date:   Fri May 8 06:45:13 2015 +0000
1399
1400    upstream commit
1401
1402    moar whitespace at eol
1403
1404    Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515
1405
1406commit 2b64c490468fd4ca35ac8d5cc31c0520dc1508bb
1407Author: djm@openbsd.org <djm@openbsd.org>
1408Date:   Fri May 8 06:41:56 2015 +0000
1409
1410    upstream commit
1411
1412    whitespace at EOL
1413
1414    Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c
1415
1416commit 4e636cf201ce6e7e3b9088568218f9d4e2c51712
1417Author: djm@openbsd.org <djm@openbsd.org>
1418Date:   Fri May 8 03:56:51 2015 +0000
1419
1420    upstream commit
1421
1422    whitespace at EOL
1423
1424commit 38b8272f823dc1dd4e29dbcee83943ed48bb12fa
1425Author: dtucker@openbsd.org <dtucker@openbsd.org>
1426Date:   Mon May 4 01:47:53 2015 +0000
1427
1428    upstream commit
1429
1430    Use diff w/out -u for better portability
1431
1432commit 297060f42d5189a4065ea1b6f0afdf6371fb0507
1433Author: dtucker@openbsd.org <dtucker@openbsd.org>
1434Date:   Fri May 8 03:25:07 2015 +0000
1435
1436    upstream commit
1437
1438    Use xcalloc for permitted_adm_opens instead of xmalloc to
1439     ensure it's zeroed. Fixes post-auth crash with permitopen=none.  bz#2355, ok
1440     djm@
1441
1442commit 63ebf019be863b2d90492a85e248cf55a6e87403
1443Author: djm@openbsd.org <djm@openbsd.org>
1444Date:   Fri May 8 03:17:49 2015 +0000
1445
1446    upstream commit
1447
1448    don't choke on new-format private keys encrypted with an
1449     AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@
1450
1451commit f8484dac678ab3098ae522a5f03bb2530f822987
1452Author: dtucker@openbsd.org <dtucker@openbsd.org>
1453Date:   Wed May 6 05:45:17 2015 +0000
1454
1455    upstream commit
1456
1457    Clarify pseudo-terminal request behaviour and use
1458     "pseudo-terminal" consistently.  bz#1716, ok jmc@ "I like it" deraadt@.
1459
1460commit ea139507bef8bad26e86ed99a42c7233ad115c38
1461Author: dtucker@openbsd.org <dtucker@openbsd.org>
1462Date:   Wed May 6 04:07:18 2015 +0000
1463
1464    upstream commit
1465
1466    Blacklist DH-GEX for specific PuTTY versions known to
1467     send non-RFC4419 DH-GEX messages rather than all versions of PuTTY.
1468     According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX
1469     messages.  ok djm@
1470
1471commit b58234f00ee3872eb84f6e9e572a9a34e902e36e
1472Author: dtucker@openbsd.org <dtucker@openbsd.org>
1473Date:   Tue May 5 10:17:49 2015 +0000
1474
1475    upstream commit
1476
1477    WinSCP doesn't implement RFC4419 DH-GEX so flag it so we
1478     don't offer that KEX method.  ok markus@
1479
1480commit d5b1507a207253b39e810e91e68f9598691b7a29
1481Author: jsg@openbsd.org <jsg@openbsd.org>
1482Date:   Tue May 5 02:48:17 2015 +0000
1483
1484    upstream commit
1485
1486    use the sizeof the struct not the sizeof a pointer to the
1487     struct in ssh_digest_start()
1488
1489    This file is only used if ssh is built with OPENSSL=no
1490
1491    ok markus@
1492
1493commit a647b9b8e616c231594b2710c925d31b1b8afea3
1494Author: Darren Tucker <dtucker@zip.com.au>
1495Date:   Fri May 8 11:07:27 2015 +1000
1496
1497    Put brackets around mblen() compat constant.
1498
1499    This might help with the reported problem cross compiling for Android
1500    ("error: expected identifier or '(' before numeric constant") but
1501    shouldn't hurt in any case.
1502
1503commit d1680d36e17244d9af3843aeb5025cb8e40d6c07
1504Author: Darren Tucker <dtucker@zip.com.au>
1505Date:   Thu Apr 30 09:18:11 2015 +1000
1506
1507    xrealloc -> xreallocarray in portable code too.
1508
1509commit 531a57a3893f9fcd4aaaba8c312b612bbbcc021e
1510Author: dtucker@openbsd.org <dtucker@openbsd.org>
1511Date:   Wed Apr 29 03:48:56 2015 +0000
1512
1513    upstream commit
1514
1515    Allow ListenAddress, Port and AddressFamily in any
1516     order.  bz#68, ok djm@, jmc@ (for the man page bit).
1517
1518commit c1d5bcf1aaf1209af02f79e48ba1cbc76a87b56f
1519Author: jmc@openbsd.org <jmc@openbsd.org>
1520Date:   Tue Apr 28 13:47:38 2015 +0000
1521
1522    upstream commit
1523
1524    enviroment -> environment: apologies to darren for not
1525     spotting that first time round...
1526
1527commit 43beea053db191cac47c2cd8d3dc1930158aff1a
1528Author: dtucker@openbsd.org <dtucker@openbsd.org>
1529Date:   Tue Apr 28 10:25:15 2015 +0000
1530
1531    upstream commit
1532
1533    Fix typo in previous
1534
1535commit 85b96ef41374f3ddc9139581f87da09b2cd9199e
1536Author: dtucker@openbsd.org <dtucker@openbsd.org>
1537Date:   Tue Apr 28 10:17:58 2015 +0000
1538
1539    upstream commit
1540
1541    Document that the TERM environment variable is not
1542     subject to SendEnv and AcceptEnv.  bz#2386, based loosely on a patch from
1543     jjelen at redhat, help and ok jmc@
1544
1545commit 88a7c598a94ff53f76df228eeaae238d2d467565
1546Author: djm@openbsd.org <djm@openbsd.org>
1547Date:   Mon Apr 27 21:42:48 2015 +0000
1548
1549    upstream commit
1550
1551    Make sshd default to PermitRootLogin=no; ok deraadt@
1552     rpe@
1553
1554commit 734226b4480a6c736096c729fcf6f391400599c7
1555Author: djm@openbsd.org <djm@openbsd.org>
1556Date:   Mon Apr 27 01:52:30 2015 +0000
1557
1558    upstream commit
1559
1560    fix compilation with OPENSSL=no; ok dtucker@
1561
1562commit a4b9d2ce1eb7703eaf0809b0c8a82ded8aa4f1c6
1563Author: dtucker@openbsd.org <dtucker@openbsd.org>
1564Date:   Mon Apr 27 00:37:53 2015 +0000
1565
1566    upstream commit
1567
1568    Include stdio.h for FILE (used in sshkey.h) so it
1569     compiles with OPENSSL=no.
1570
1571commit dbcc652f4ca11fe04e5930c7ef18a219318c6cda
1572Author: djm@openbsd.org <djm@openbsd.org>
1573Date:   Mon Apr 27 00:21:21 2015 +0000
1574
1575    upstream commit
1576
1577    allow "sshd -f none" to skip reading the config file,
1578     much like "ssh -F none" does. ok dtucker
1579
1580commit b7ca276fca316c952f0b90f5adb1448c8481eedc
1581Author: jmc@openbsd.org <jmc@openbsd.org>
1582Date:   Fri Apr 24 06:26:49 2015 +0000
1583
1584    upstream commit
1585
1586    combine -Dd onto one line and update usage();
1587
1588commit 2ea974630d7017e4c7666d14d9dc939707613e96
1589Author: djm@openbsd.org <djm@openbsd.org>
1590Date:   Fri Apr 24 05:26:44 2015 +0000
1591
1592    upstream commit
1593
1594    add ssh-agent -D to leave ssh-agent in foreground
1595     without enabling debug mode; bz#2381 ok dtucker@
1596
1597commit 8ac2ffd7aa06042f6b924c87139f2fea5c5682f7
1598Author: deraadt@openbsd.org <deraadt@openbsd.org>
1599Date:   Fri Apr 24 01:36:24 2015 +0000
1600
1601    upstream commit
1602
1603    2*len -> use xreallocarray() ok djm
1604
1605commit 657a5fbc0d0aff309079ff8fb386f17e964963c2
1606Author: deraadt@openbsd.org <deraadt@openbsd.org>
1607Date:   Fri Apr 24 01:36:00 2015 +0000
1608
1609    upstream commit
1610
1611    rename xrealloc() to xreallocarray() since it follows
1612     that form. ok djm
1613
1614commit 1108ae242fdd2c304307b68ddf46aebe43ebffaa
1615Author: dtucker@openbsd.org <dtucker@openbsd.org>
1616Date:   Thu Apr 23 04:59:10 2015 +0000
1617
1618    upstream commit
1619
1620    Two small fixes for sshd -T: ListenAddress'es are added
1621     to a list head so reverse the order when printing them to ensure the
1622     behaviour remains the same, and print StreamLocalBindMask as octal with
1623     leading zero.  ok deraadt@
1624
1625commit bd902b8473e1168f19378d5d0ae68d0c203525df
1626Author: dtucker@openbsd.org <dtucker@openbsd.org>
1627Date:   Thu Apr 23 04:53:53 2015 +0000
1628
1629    upstream commit
1630
1631    Check for and reject missing arguments for
1632     VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com,
1633     ok djm@
1634
1635commit ca42c1758575e592239de1d5755140e054b91a0d
1636Author: djm@openbsd.org <djm@openbsd.org>
1637Date:   Wed Apr 22 01:24:01 2015 +0000
1638
1639    upstream commit
1640
1641    unknown certificate extensions are non-fatal, so don't
1642     fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok
1643     dtucker@
1644
1645commit 39bfbf7caad231cc4bda6909fb1af0705bca04d8
1646Author: jsg@openbsd.org <jsg@openbsd.org>
1647Date:   Tue Apr 21 07:01:00 2015 +0000
1648
1649    upstream commit
1650
1651    Add back a backslash removed in rev 1.42 so
1652     KEX_SERVER_ENCRYPT will include aes again.
1653
1654    ok deraadt@
1655
1656commit 6b0d576bb87eca3efd2b309fcfe4edfefc289f9c
1657Author: djm@openbsd.org <djm@openbsd.org>
1658Date:   Fri Apr 17 13:32:09 2015 +0000
1659
1660    upstream commit
1661
1662    s/recommended/required/ that private keys be og-r this
1663     wording change was made a while ago but got accidentally reverted
1664
1665commit 44a8e7ce6f3ab4c2eb1ae49115c210b98e53c4df
1666Author: djm@openbsd.org <djm@openbsd.org>
1667Date:   Fri Apr 17 13:25:52 2015 +0000
1668
1669    upstream commit
1670
1671    don't try to cleanup NULL KEX proposals in
1672     kex_prop_free(); found by Jukka Taimisto and Markus Hietava
1673
1674commit 3038a191872d2882052306098c1810d14835e704
1675Author: djm@openbsd.org <djm@openbsd.org>
1676Date:   Fri Apr 17 13:19:22 2015 +0000
1677
1678    upstream commit
1679
1680    use error/logit/fatal instead of fprintf(stderr, ...)
1681     and exit(0), fix a few errors that were being printed to stdout instead of
1682     stderr and a few non-errors that were going to stderr instead of stdout
1683     bz#2325; ok dtucker
1684
1685commit a58be33cb6cd24441fa7e634db0e5babdd56f07f
1686Author: djm@openbsd.org <djm@openbsd.org>
1687Date:   Fri Apr 17 13:16:48 2015 +0000
1688
1689    upstream commit
1690
1691    debug log missing DISPLAY environment when X11
1692     forwarding requested; bz#1682 ok dtucker@
1693
1694commit 17d4d9d9fbc8fb80e322f94d95eecc604588a474
1695Author: djm@openbsd.org <djm@openbsd.org>
1696Date:   Fri Apr 17 04:32:31 2015 +0000
1697
1698    upstream commit
1699
1700    don't call record_login() in monitor when UseLogin is
1701     enabled; bz#278 reported by drk AT sgi.com; ok dtucker
1702
1703commit 40132ff87b6cbc3dc05fb5df2e9d8e3afa06aafd
1704Author: dtucker@openbsd.org <dtucker@openbsd.org>
1705Date:   Fri Apr 17 04:12:35 2015 +0000
1706
1707    upstream commit
1708
1709    Add some missing options to sshd -T and fix the output
1710     of VersionAddendum HostCertificate.  bz#2346, patch from jjelen at redhat
1711     com, ok djm.
1712
1713commit 6cc7cfa936afde2d829e56ee6528c7ea47a42441
1714Author: dtucker@openbsd.org <dtucker@openbsd.org>
1715Date:   Thu Apr 16 23:25:50 2015 +0000
1716
1717    upstream commit
1718
1719    Document "none" for PidFile XAuthLocation
1720     TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@
1721
1722commit 15fdfc9b1c6808b26bc54d4d61a38b54541763ed
1723Author: dtucker@openbsd.org <dtucker@openbsd.org>
1724Date:   Wed Apr 15 23:23:25 2015 +0000
1725
1726    upstream commit
1727
1728    Plug leak of address passed to logging.  bz#2373, patch
1729     from jjelen at redhat, ok markus@
1730
1731commit bb2289e2a47d465eaaaeff3dee2a6b7777b4c291
1732Author: dtucker@openbsd.org <dtucker@openbsd.org>
1733Date:   Tue Apr 14 04:17:03 2015 +0000
1734
1735    upstream commit
1736
1737    Output remote username in debug output since with Host
1738     and Match it's not always obvious what it will be.  bz#2368, ok djm@
1739
1740commit 70860b6d07461906730632f9758ff1b7c98c695a
1741Author: Darren Tucker <dtucker@zip.com.au>
1742Date:   Fri Apr 17 10:56:13 2015 +1000
1743
1744    Format UsePAM setting when using sshd -T.
1745
1746    Part of bz#2346, patch from jjelen at redhat com.
1747
1748commit ee15d9c9f0720f5a8b0b34e4b10ecf21f9824814
1749Author: Darren Tucker <dtucker@zip.com.au>
1750Date:   Fri Apr 17 10:40:23 2015 +1000
1751
1752    Wrap endian.h include inside ifdef (bz#2370).
1753
1754commit 408f4c2ad4a4c41baa7b9b2b7423d875abbfa70b
1755Author: Darren Tucker <dtucker@zip.com.au>
1756Date:   Fri Apr 17 09:39:58 2015 +1000
1757
1758    Look for '${host}-ar' before 'ar'.
1759
1760    This changes configure.ac to look for '${host}-ar' as set by
1761    AC_CANONICAL_HOST before looking for the unprefixed 'ar'.
1762    Useful when cross-compiling when all your binutils are prefixed.
1763
1764    Patch from moben at exherbo org via astrand at lysator liu se and
1765    bz#2352.
1766
1767commit 673a1c16ad078d41558247ce739fe812c960acc8
1768Author: Damien Miller <djm@google.com>
1769Date:   Thu Apr 16 11:40:20 2015 +1000
1770
1771    remove dependency on arpa/telnet.h
1772
1773commit 202d443eeda1829d336595a3cfc07827e49f45ed
1774Author: Darren Tucker <dtucker@zip.com.au>
1775Date:   Wed Apr 15 15:59:49 2015 +1000
1776
1777    Remove duplicate include of pwd.h.  bz#2337, patch from Mordy Ovits.
1778
1779commit 597986493412c499f2bc2209420cb195f97b3668
1780Author: Damien Miller <djm@google.com>
1781Date:   Thu Apr 9 10:14:48 2015 +1000
1782
1783    platform's with openpty don't need pty_release
1784
1785commit 318be28cda1fd9108f2e6f2f86b0b7589ba2aed0
1786Author: djm@openbsd.org <djm@openbsd.org>
1787Date:   Mon Apr 13 02:04:08 2015 +0000
1788
1789    upstream commit
1790
1791    deprecate ancient, pre-RFC4419 and undocumented
1792     SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems
1793     reasonable" dtucker@
1794
1795commit d8f391caef62378463a0e6b36f940170dadfe605
1796Author: dtucker@openbsd.org <dtucker@openbsd.org>
1797Date:   Fri Apr 10 05:16:50 2015 +0000
1798
1799    upstream commit
1800
1801    Don't send hostkey advertisments
1802     (hostkeys-00@openssh.com) to current versions of Tera Term as they can't
1803     handle them.  Newer versions should be OK.  Patch from Bryan Drewery and
1804     IWAMOTO Kouichi, ok djm@
1805
1806commit 2c2cfe1a1c97eb9a08cc9817fd0678209680c636
1807Author: djm@openbsd.org <djm@openbsd.org>
1808Date:   Fri Apr 10 00:08:55 2015 +0000
1809
1810    upstream commit
1811
1812    include port number if a non-default one has been
1813     specified; based on patch from Michael Handler
1814
1815commit 4492a4f222da4cf1e8eab12689196322e27b08c4
1816Author: djm@openbsd.org <djm@openbsd.org>
1817Date:   Tue Apr 7 23:00:42 2015 +0000
1818
1819    upstream commit
1820
1821    treat Protocol=1,2|2,1 as Protocol=2 when compiled
1822     without SSH1 support; ok dtucker@ millert@
1823
1824commit c265e2e6e932efc6d86f6cc885dea33637a67564
1825Author: miod@openbsd.org <miod@openbsd.org>
1826Date:   Sun Apr 5 15:43:43 2015 +0000
1827
1828    upstream commit
1829
1830    Do not use int for sig_atomic_t; spotted by
1831     christos@netbsd; ok markus@
1832
1833commit e7bf3a5eda6a1b02bef6096fed78527ee11e54cc
1834Author: Darren Tucker <dtucker@zip.com.au>
1835Date:   Tue Apr 7 10:48:04 2015 +1000
1836
1837    Use do{}while(0) for no-op functions.
1838
1839    From FreeBSD.
1840
1841commit bb99844abae2b6447272f79e7fa84134802eb4df
1842Author: Darren Tucker <dtucker@zip.com.au>
1843Date:   Tue Apr 7 10:47:15 2015 +1000
1844
1845    Wrap blf.h include in ifdef.  From FreeBSD.
1846
1847commit d9b9b43656091cf0ad55c122f08fadb07dad0abd
1848Author: Darren Tucker <dtucker@zip.com.au>
1849Date:   Tue Apr 7 09:10:00 2015 +1000
1850
1851    Fix misspellings of regress CONFOPTS env variables.
1852
1853    Patch from Bryan Drewery.
1854
1855commit 3f4ea3c9ab1d32d43c9222c4351f58ca11144156
1856Author: djm@openbsd.org <djm@openbsd.org>
1857Date:   Fri Apr 3 22:17:27 2015 +0000
1858
1859    upstream commit
1860
1861    correct return value in pubkey parsing, spotted by Ben Hawkes
1862     ok markus@
1863
1864commit 7da2be0cb9601ed25460c83aa4d44052b967ba0f
1865Author: djm@openbsd.org <djm@openbsd.org>
1866Date:   Tue Mar 31 22:59:01 2015 +0000
1867
1868    upstream commit
1869
1870    adapt to recent hostfile.c change: when parsing
1871     known_hosts without fully parsing the keys therein, hostkeys_foreach() will
1872     now correctly identify KEY_RSA1 keys; ok markus@ miod@
1873
1874commit 9e1777a0d1c706714b055811c12ab8cc21033e4a
1875Author: markus@openbsd.org <markus@openbsd.org>
1876Date:   Tue Mar 24 20:19:15 2015 +0000
1877
1878    upstream commit
1879
1880    use ${SSH} for -Q instead of installed ssh
1881
1882commit ce1b358ea414a2cc88e4430cd5a2ea7fecd9de57
1883Author: djm@openbsd.org <djm@openbsd.org>
1884Date:   Mon Mar 16 22:46:14 2015 +0000
1885
1886    upstream commit
1887
1888    make CLEANFILES clean up more of the tests' droppings
1889
1890commit 398f9ef192d820b67beba01ec234d66faca65775
1891Author: djm@openbsd.org <djm@openbsd.org>
1892Date:   Tue Mar 31 22:57:06 2015 +0000
1893
1894    upstream commit
1895
1896    downgrade error() for known_hosts parse errors to debug()
1897     to quiet warnings from ssh1 keys present when compiled !ssh1.
1898
1899    also identify ssh1 keys when scanning, even when compiled !ssh1
1900
1901    ok markus@ miod@
1902
1903commit 9a47ab80030a31f2d122b8fd95bd48c408b9fcd9
1904Author: djm@openbsd.org <djm@openbsd.org>
1905Date:   Tue Mar 31 22:55:50 2015 +0000
1906
1907    upstream commit
1908
1909    fd leak for !ssh1 case; found by unittests; ok markus@
1910
1911commit c9a0805a6280681901c270755a7cd630d7c5280e
1912Author: djm@openbsd.org <djm@openbsd.org>
1913Date:   Tue Mar 31 22:55:24 2015 +0000
1914
1915    upstream commit
1916
1917    don't fatal when a !ssh1 sshd is reexeced from a w/ssh1
1918     listener; reported by miod@; ok miod@ markus@
1919
1920commit 704d8c88988cae38fb755a6243b119731d223222
1921Author: tobias@openbsd.org <tobias@openbsd.org>
1922Date:   Tue Mar 31 11:06:49 2015 +0000
1923
1924    upstream commit
1925
1926    Comments are only supported for RSA1 keys. If a user
1927     tried to add one and entered his passphrase, explicitly clear it before exit.
1928     This is done in all other error paths, too.
1929
1930    ok djm
1931
1932commit 78de1673c05ea2c33e0d4a4b64ecb5186b6ea2e9
1933Author: jmc@openbsd.org <jmc@openbsd.org>
1934Date:   Mon Mar 30 18:28:37 2015 +0000
1935
1936    upstream commit
1937
1938    ssh-askpass(1) is the default, overridden by SSH_ASKPASS;
1939     diff originally from jiri b;
1940
1941commit 26e0bcf766fadb4a44fb6199386fb1dcab65ad00
1942Author: djm@openbsd.org <djm@openbsd.org>
1943Date:   Mon Mar 30 00:00:29 2015 +0000
1944
1945    upstream commit
1946
1947    fix uninitialised memory read when parsing a config file
1948     consisting of a single nul byte. Found by hanno AT hboeck.de using AFL; ok
1949     dtucker
1950
1951commit fecede00a76fbb33a349f5121c0b2f9fbc04a777
1952Author: markus@openbsd.org <markus@openbsd.org>
1953Date:   Thu Mar 26 19:32:19 2015 +0000
1954
1955    upstream commit
1956
1957    sigp and lenp are not optional in ssh_agent_sign(); ok
1958     djm@
1959
1960commit 1b0ef3813244c78669e6d4d54c624f600945327d
1961Author: naddy@openbsd.org <naddy@openbsd.org>
1962Date:   Thu Mar 26 12:32:38 2015 +0000
1963
1964    upstream commit
1965
1966    don't try to load .ssh/identity by default if SSH1 is
1967     disabled; ok markus@
1968
1969commit f9b78852379b74a2d14e6fc94fe52af30b7e9c31
1970Author: djm@openbsd.org <djm@openbsd.org>
1971Date:   Thu Mar 26 07:00:04 2015 +0000
1972
1973    upstream commit
1974
1975    ban all-zero curve25519 keys as recommended by latest
1976     CFRG curves draft; ok markus
1977
1978commit b8afbe2c1aaf573565e4da775261dfafc8b1ba9c
1979Author: djm@openbsd.org <djm@openbsd.org>
1980Date:   Thu Mar 26 06:59:28 2015 +0000
1981
1982    upstream commit
1983
1984    relax bits needed check to allow
1985     diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was
1986     selected as symmetric cipher; ok markus
1987
1988commit 47842f71e31da130555353c1d57a1e5a8937f1c0
1989Author: markus@openbsd.org <markus@openbsd.org>
1990Date:   Wed Mar 25 19:29:58 2015 +0000
1991
1992    upstream commit
1993
1994    ignore v1 errors on ssh-add -D; only try v2 keys on
1995     -l/-L (unless WITH_SSH1) ok djm@
1996
1997commit 5f57e77f91bf2230c09eca96eb5ecec39e5f2da6
1998Author: markus@openbsd.org <markus@openbsd.org>
1999Date:   Wed Mar 25 19:21:48 2015 +0000
2000
2001    upstream commit
2002
2003    unbreak ssh_agent_sign (lenp vs *lenp)
2004
2005commit 4daeb67181054f2a377677fac919ee8f9ed3490e
2006Author: markus@openbsd.org <markus@openbsd.org>
2007Date:   Tue Mar 24 20:10:08 2015 +0000
2008
2009    upstream commit
2010
2011    don't leak 'setp' on error; noted by Nicholas Lemonias;
2012     ok djm@
2013
2014commit 7d4f96f9de2a18af0d9fa75ea89a4990de0344f5
2015Author: markus@openbsd.org <markus@openbsd.org>
2016Date:   Tue Mar 24 20:09:11 2015 +0000
2017
2018    upstream commit
2019
2020    consistent check for NULL as noted by Nicholas
2021     Lemonias; ok djm@
2022
2023commit df100be51354e447d9345cf1ec22e6013c0eed50
2024Author: markus@openbsd.org <markus@openbsd.org>
2025Date:   Tue Mar 24 20:03:44 2015 +0000
2026
2027    upstream commit
2028
2029    correct fmt-string for size_t as noted by Nicholas
2030     Lemonias; ok djm@
2031
2032commit a22b9ef21285e81775732436f7c84a27bd3f71e0
2033Author: djm@openbsd.org <djm@openbsd.org>
2034Date:   Tue Mar 24 09:17:21 2015 +0000
2035
2036    upstream commit
2037
2038    promote chacha20-poly1305@openssh.com to be the default
2039     cipher; ok markus
2040
2041commit 2aa9da1a3b360cf7b13e96fe1521534b91501fb5
2042Author: djm@openbsd.org <djm@openbsd.org>
2043Date:   Tue Mar 24 01:29:19 2015 +0000
2044
2045    upstream commit
2046
2047    Compile-time disable SSH protocol 1. You can turn it
2048     back on using the Makefile.inc knob if you need it to talk to ancient
2049     devices.
2050
2051commit 53097b2022154edf96b4e8526af5666f979503f7
2052Author: djm@openbsd.org <djm@openbsd.org>
2053Date:   Tue Mar 24 01:11:12 2015 +0000
2054
2055    upstream commit
2056
2057    fix double-negative error message "ssh1 is not
2058     unsupported"
2059
2060commit 5c27e3b6ec2db711dfcd40e6359c0bcdd0b62ea9
2061Author: djm@openbsd.org <djm@openbsd.org>
2062Date:   Mon Mar 23 06:06:38 2015 +0000
2063
2064    upstream commit
2065
2066    for ssh-keygen -A, don't try (and fail) to generate ssh
2067     v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled
2068     without OpenSSL based on patch by Mike Frysinger; bz#2369
2069
2070commit 725fd22a8c41db7de73a638539a5157b7e4424ae
2071Author: djm@openbsd.org <djm@openbsd.org>
2072Date:   Wed Mar 18 01:44:21 2015 +0000
2073
2074    upstream commit
2075
2076    KRL support doesn't need OpenSSL anymore, remove #ifdefs
2077     from around call
2078
2079commit b07011c18e0b2e172c5fd09d21fb159a0bf5fcc7
2080Author: djm@openbsd.org <djm@openbsd.org>
2081Date:   Mon Mar 16 11:09:52 2015 +0000
2082
2083    upstream commit
2084
2085    #if 0 some more arrays used only for decrypting (we don't
2086     use since we only need encrypt for AES-CTR)
2087
2088commit 1cb3016635898d287e9d58b50c430995652d5358
2089Author: jsg@openbsd.org <jsg@openbsd.org>
2090Date:   Wed Mar 11 00:48:39 2015 +0000
2091
2092    upstream commit
2093
2094    add back the changes from rev 1.206, djm reverted this by
2095     mistake in rev 1.207
2096
2097commit 4d24b3b6a4a6383e05e7da26d183b79fa8663697
2098Author: Damien Miller <djm@mindrot.org>
2099Date:   Fri Mar 20 09:11:59 2015 +1100
2100
2101    remove error() accidentally inserted for debugging
2102
2103    pointed out by Christian Hesse
2104
2105commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb
2106Author: Tim Rice <tim@multitalents.net>
2107Date:   Mon Mar 16 22:49:20 2015 -0700
2108
2109    portability fix: Solaris systems may not have a grep that understands -q
2110
2111commit 8ef691f7d9ef500257a549d0906d78187490668f
2112Author: Damien Miller <djm@google.com>
2113Date:   Wed Mar 11 10:35:26 2015 +1100
2114
2115    fix compile with clang
2116
2117commit 4df590cf8dc799e8986268d62019b487a8ed63ad
2118Author: Damien Miller <djm@google.com>
2119Date:   Wed Mar 11 10:02:39 2015 +1100
2120
2121    make unit tests work for !OPENSSH_HAS_ECC
2122
2123commit 307bb40277ca2c32e97e61d70d1ed74b571fd6ba
2124Author: djm@openbsd.org <djm@openbsd.org>
2125Date:   Sat Mar 7 04:41:48 2015 +0000
2126
2127    upstream commit
2128
2129    unbreak for w/SSH1 (default) case; ok markus@ deraadt@
2130
2131commit b44ee0c998fb4c5f3c3281f2398af5ce42840b6f
2132Author: Damien Miller <djm@mindrot.org>
2133Date:   Thu Mar 5 18:39:20 2015 -0800
2134
2135    unbreak hostkeys test for w/ SSH1 case
2136
2137commit 55e5bdeb519cb60cc18b7ba0545be581fb8598b4
2138Author: djm@openbsd.org <djm@openbsd.org>
2139Date:   Fri Mar 6 01:40:56 2015 +0000
2140
2141    upstream commit
2142
2143    fix sshkey_certify() return value for unsupported key types;
2144     ok markus@ deraadt@
2145
2146commit be8f658e550a434eac04256bfbc4289457a24e99
2147Author: Damien Miller <djm@mindrot.org>
2148Date:   Wed Mar 4 15:38:03 2015 -0800
2149
2150    update version numbers to match version.h
2151
2152commit ac5e8acefa253eb5e5ba186e34236c0e8007afdc
2153Author: djm@openbsd.org <djm@openbsd.org>
2154Date:   Wed Mar 4 23:22:35 2015 +0000
2155
2156    upstream commit
2157
2158    make these work with !SSH1; ok markus@ deraadt@
2159
2160commit 2f04af92f036b0c87a23efb259c37da98cd81fe6
2161Author: djm@openbsd.org <djm@openbsd.org>
2162Date:   Wed Mar 4 21:12:59 2015 +0000
2163
2164    upstream commit
2165
2166    make ssh-add -D work with !SSH1 agent
2167
2168commit a05adf95d2af6abb2b7826ddaa7a0ec0cdc1726b
2169Author: Damien Miller <djm@mindrot.org>
2170Date:   Wed Mar 4 00:55:48 2015 -0800
2171
2172    netcat needs poll.h portability goop
2173
2174commit dad2b1892b4c1b7e58df483a8c5b983c4454e099
2175Author: markus@openbsd.org <markus@openbsd.org>
2176Date:   Tue Mar 3 22:35:19 2015 +0000
2177
2178    upstream commit
2179
2180    make it possible to run tests w/o ssh1 support; ok djm@
2181
2182commit d48a22601bdd3eec054794c535f4ae8d8ae4c6e2
2183Author: djm@openbsd.org <djm@openbsd.org>
2184Date:   Wed Mar 4 18:53:53 2015 +0000
2185
2186    upstream commit
2187
2188    crank; ok markus, deraadt
2189
2190commit bbffb23daa0b002dd9f296e396a9ab8a5866b339
2191Author: Damien Miller <djm@mindrot.org>
2192Date:   Tue Mar 3 13:50:27 2015 -0800
2193
2194    more --without-ssh1 fixes
2195
2196commit 6c2039286f503e2012a58a1d109e389016e7a99b
2197Author: Damien Miller <djm@mindrot.org>
2198Date:   Tue Mar 3 13:48:48 2015 -0800
2199
2200    fix merge both that broke --without-ssh1 compile
2201
2202commit 111dfb225478a76f89ecbcd31e96eaf1311b59d3
2203Author: djm@openbsd.org <djm@openbsd.org>
2204Date:   Tue Mar 3 21:21:13 2015 +0000
2205
2206    upstream commit
2207
2208    add SSH1 Makefile knob to make it easier to build without
2209     SSH1 support; ok markus@
2210
2211commit 3f7f5e6c5d2aa3f6710289c1a30119e534e56c5c
2212Author: djm@openbsd.org <djm@openbsd.org>
2213Date:   Tue Mar 3 20:42:49 2015 +0000
2214
2215    upstream commit
2216
2217    expand __unused to full __attribute__ for better portability
2218
2219commit 2fab9b0f8720baf990c931e3f68babb0bf9949c6
2220Author: Damien Miller <djm@mindrot.org>
2221Date:   Wed Mar 4 07:41:27 2015 +1100
2222
2223    avoid warning
2224
2225commit d1bc844322461f882b4fd2277ba9a8d4966573d2
2226Author: Damien Miller <djm@mindrot.org>
2227Date:   Wed Mar 4 06:31:45 2015 +1100
2228
2229    Revert "define __unused to nothing if not already defined"
2230
2231    This reverts commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908.
2232
2233    Some system headers have objects named __unused
2234
2235commit 00797e86b2d98334d1bb808f65fa1fd47f328ff1
2236Author: Damien Miller <djm@mindrot.org>
2237Date:   Wed Mar 4 05:02:45 2015 +1100
2238
2239    check for crypt and DES_crypt in openssl block
2240
2241    fixes builds on systems that use DES_crypt; based on patch
2242    from Roumen Petrov
2243
2244commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908
2245Author: Damien Miller <djm@mindrot.org>
2246Date:   Wed Mar 4 04:59:13 2015 +1100
2247
2248    define __unused to nothing if not already defined
2249
2250    fixes builds on BSD/OS
2251
2252commit d608a51daad4f14ad6ab43d7cf74ef4801cc3fe9
2253Author: djm@openbsd.org <djm@openbsd.org>
2254Date:   Tue Mar 3 17:53:40 2015 +0000
2255
2256    upstream commit
2257
2258    reorder logic for better portability; patch from Roumen
2259     Petrov
2260
2261commit 68d2dfc464fbcdf8d6387884260f9801f4352393
2262Author: djm@openbsd.org <djm@openbsd.org>
2263Date:   Tue Mar 3 06:48:58 2015 +0000
2264
2265    upstream commit
2266
2267    Allow "ssh -Q protocol-version" to list supported SSH
2268     protocol versions. Useful for detecting builds without SSH v.1 support; idea
2269     and ok markus@
2270
2271commit 39e2f1229562e1195169905607bc12290d21f021
2272Author: millert@openbsd.org <millert@openbsd.org>
2273Date:   Sun Mar 1 15:44:40 2015 +0000
2274
2275    upstream commit
2276
2277    Make sure we only call getnameinfo() for AF_INET or AF_INET6
2278     sockets. getpeername() of a Unix domain socket may return without error on
2279     some systems without actually setting ss_family so getnameinfo() was getting
2280     called with ss_family set to AF_UNSPEC.  OK djm@
2281
2282commit e47536ba9692d271b8ad89078abdecf0a1c11707
2283Author: Damien Miller <djm@mindrot.org>
2284Date:   Sat Feb 28 08:20:11 2015 -0800
2285
2286    portability fixes for regress/netcat.c
2287
2288    Mostly avoiding "err(1, NULL)"
2289
2290commit 02973ad5f6f49d8420e50a392331432b0396c100
2291Author: Damien Miller <djm@mindrot.org>
2292Date:   Sat Feb 28 08:05:27 2015 -0800
2293
2294    twiddle another test for portability
2295
2296    from Tom G. Christensen
2297
2298commit f7f3116abf2a6e2f309ab096b08c58d19613e5d0
2299Author: Damien Miller <djm@mindrot.org>
2300Date:   Fri Feb 27 15:52:49 2015 -0800
2301
2302    twiddle test for portability
2303
2304commit 1ad3a77cc9d5568f5437ff99d377aa7a41859b83
2305Author: Damien Miller <djm@mindrot.org>
2306Date:   Thu Feb 26 20:33:22 2015 -0800
2307
2308    make regress/netcat.c fd passing (more) portable
2309
2310commit 9e1cfca7e1fe9cf8edb634fc894e43993e4da1ea
2311Author: Damien Miller <djm@mindrot.org>
2312Date:   Thu Feb 26 20:32:58 2015 -0800
2313
2314    create OBJ/valgrind-out before running unittests
2315
2316commit bd58853102cee739f0e115e6d4b5334332ab1442
2317Author: Damien Miller <djm@mindrot.org>
2318Date:   Wed Feb 25 16:58:22 2015 -0800
2319
2320    valgrind support
2321
2322commit f43d17269194761eded9e89f17456332f4c83824
2323Author: djm@openbsd.org <djm@openbsd.org>
2324Date:   Thu Feb 26 20:45:47 2015 +0000
2325
2326    upstream commit
2327
2328    don't printf NULL key comments; reported by Tom Christensen
2329
2330commit 6e6458b476ec854db33e3e68ebf4f489d0ab3df8
2331Author: djm@openbsd.org <djm@openbsd.org>
2332Date:   Wed Feb 25 23:05:47 2015 +0000
2333
2334    upstream commit
2335
2336    zero cmsgbuf before use; we initialise the bits we use
2337     but valgrind still spams warning on it
2338
2339commit a63cfa26864b93ab6afefad0b630e5358ed8edfa
2340Author: djm@openbsd.org <djm@openbsd.org>
2341Date:   Wed Feb 25 19:54:02 2015 +0000
2342
2343    upstream commit
2344
2345    fix small memory leak when UpdateHostkeys=no
2346
2347commit e6b950341dd75baa8526f1862bca39e52f5b879b
2348Author: Tim Rice <tim@multitalents.net>
2349Date:   Wed Feb 25 09:56:48 2015 -0800
2350
2351    Revert "Work around finicky USL linker so netcat will build."
2352
2353    This reverts commit d1db656021d0cd8c001a6692f772f1de29b67c8b.
2354
2355    No longer needed with commit 678e473e2af2e4802f24dd913985864d9ead7fb3
2356
2357commit 6f621603f9cff2a5d6016a404c96cb2f8ac2dec0
2358Author: djm@openbsd.org <djm@openbsd.org>
2359Date:   Wed Feb 25 17:29:38 2015 +0000
2360
2361    upstream commit
2362
2363    don't leak validity of user in "too many authentication
2364     failures" disconnect message; reported by Sebastian Reitenbach
2365
2366commit 6288e3a935494df12519164f52ca5c8c65fc3ca5
2367Author: naddy@openbsd.org <naddy@openbsd.org>
2368Date:   Tue Feb 24 15:24:05 2015 +0000
2369
2370    upstream commit
2371
2372    add -v (show ASCII art) to -l's synopsis; ok djm@
2373
2374commit 678e473e2af2e4802f24dd913985864d9ead7fb3
2375Author: Darren Tucker <dtucker@zip.com.au>
2376Date:   Thu Feb 26 04:12:58 2015 +1100
2377
2378    Remove dependency on xmalloc.
2379
2380    Remove ssh_get_progname's dependency on xmalloc, which should reduce
2381    link order problems.  ok djm@
2382
2383commit 5d5ec165c5b614b03678afdad881f10e25832e46
2384Author: Darren Tucker <dtucker@zip.com.au>
2385Date:   Wed Feb 25 15:32:49 2015 +1100
2386
2387    Restrict ECDSA and ECDH tests.
2388
2389    ifdef out some more ECDSA and ECDH tests when built against an OpenSSL
2390    that does not have eliptic curve functionality.
2391
2392commit 1734e276d99b17e92d4233fac7aef3a3180aaca7
2393Author: Darren Tucker <dtucker@zip.com.au>
2394Date:   Wed Feb 25 13:40:45 2015 +1100
2395
2396    Move definition of _NSIG.
2397
2398    _NSIG is only unsed in one file, so move it there prevent redefinition
2399    warnings reported by Kevin Brott.
2400
2401commit a47ead7c95cfbeb72721066c4da2312e5b1b9f3d
2402Author: Darren Tucker <dtucker@zip.com.au>
2403Date:   Wed Feb 25 13:17:40 2015 +1100
2404
2405    Add includes.h for compatibility stuff.
2406
2407commit 38806bda6d2e48ad32812b461eebe17672ada771
2408Author: Damien Miller <djm@mindrot.org>
2409Date:   Tue Feb 24 16:50:06 2015 -0800
2410
2411    include netdb.h to look for MAXHOSTNAMELEN; ok tim
2412
2413commit d1db656021d0cd8c001a6692f772f1de29b67c8b
2414Author: Tim Rice <tim@multitalents.net>
2415Date:   Tue Feb 24 10:42:08 2015 -0800
2416
2417    Work around finicky USL linker so netcat will build.
2418
2419commit cb030ce25f555737e8ba97bdd7883ac43f3ff2a3
2420Author: Damien Miller <djm@mindrot.org>
2421Date:   Tue Feb 24 09:23:04 2015 -0800
2422
2423    include includes.h to avoid build failure on AIX
2424
2425commit 13af342458f5064144abbb07e5ac9bbd4eb42567
2426Author: Tim Rice <tim@multitalents.net>
2427Date:   Tue Feb 24 07:56:47 2015 -0800
2428
2429    Original portability patch from djm@ for platforms missing err.h.
2430    Fix name space clash on Solaris 10. Still more to do for Solaris 10
2431    to deal with msghdr structure differences. ok djm@
2432
2433commit 910209203d0cd60c5083901cbcc0b7b44d9f48d2
2434Author: Tim Rice <tim@multitalents.net>
2435Date:   Mon Feb 23 22:06:56 2015 -0800
2436
2437    cleaner way fix dispatch.h portion of commit
2438    a88dd1da119052870bb2654c1a32c51971eade16
2439    (some systems have sig_atomic_t in signal.h, some in sys/signal.h)
2440    Sounds good to me djm@
2441
2442commit 676c38d7cbe65b76bbfff796861bb6615cc6a596
2443Author: Tim Rice <tim@multitalents.net>
2444Date:   Mon Feb 23 21:51:33 2015 -0800
2445
2446    portability fix: if we can't dind a better define for HOST_NAME_MAX, use 255
2447
2448commit 1221b22023dce38cbc90ba77eae4c5d78c77a5e6
2449Author: Tim Rice <tim@multitalents.net>
2450Date:   Mon Feb 23 21:50:34 2015 -0800
2451
2452    portablity fix: s/__inline__/inline/
2453
2454commit 4c356308a88d309c796325bb75dce90ca16591d5
2455Author: Darren Tucker <dtucker@zip.com.au>
2456Date:   Tue Feb 24 13:49:31 2015 +1100
2457
2458    Wrap stdint.h includes in HAVE_STDINT_H.
2459
2460commit c9c88355c6a27a908e7d1e5003a2b35ea99c1614
2461Author: Darren Tucker <dtucker@zip.com.au>
2462Date:   Tue Feb 24 13:43:57 2015 +1100
2463
2464    Add AI_NUMERICSERV to fake-rfc2553.
2465
2466    Our getaddrinfo implementation always returns numeric values already.
2467
2468commit ef342ab1ce6fb9a4b30186c89c309d0ae9d0eeb4
2469Author: Darren Tucker <dtucker@zip.com.au>
2470Date:   Tue Feb 24 13:39:57 2015 +1100
2471
2472    Include OpenSSL's objects.h before bn.h.
2473
2474    Prevents compile errors on some platforms (at least old GCCs and AIX's
2475    XLC compilers).
2476
2477commit dcc8997d116f615195aa7c9ec019fb36c28c6228
2478Author: Darren Tucker <dtucker@zip.com.au>
2479Date:   Tue Feb 24 12:30:59 2015 +1100
2480
2481    Convert two macros into functions.
2482
2483    Convert packet_send_debug and packet_disconnect from macros to
2484    functions.  Some older GCCs (2.7.x, 2.95.x) see to have problems with
2485    variadic macros with only one argument so we convert these two into
2486    functions.  ok djm@
2487
2488commit 2285c30d51b7e2052c6526445abe7e7cc7e170a1
2489Author: djm@openbsd.org <djm@openbsd.org>
2490Date:   Mon Feb 23 22:21:21 2015 +0000
2491
2492    upstream commit
2493
2494    further silence spurious error message even when -v is
2495     specified (e.g. to get visual host keys); reported by naddy@
2496
2497commit 9af21979c00652029e160295e988dea40758ece2
2498Author: Damien Miller <djm@mindrot.org>
2499Date:   Tue Feb 24 09:04:32 2015 +1100
2500
2501    don't include stdint.h unless HAVE_STDINT_H set
2502
2503commit 62f678dd51660d6f8aee1da33d3222c5de10a89e
2504Author: Damien Miller <djm@mindrot.org>
2505Date:   Tue Feb 24 09:02:54 2015 +1100
2506
2507    nother sys/queue.h -> sys-queue.h fix
2508
2509    spotted by Tom Christensen
2510
2511commit b3c19151cba2c0ed01b27f55de0d723ad07ca98f
2512Author: djm@openbsd.org <djm@openbsd.org>
2513Date:   Mon Feb 23 20:32:15 2015 +0000
2514
2515    upstream commit
2516
2517    fix a race condition by using a mux socket rather than an
2518     ineffectual wait statement
2519
2520commit a88dd1da119052870bb2654c1a32c51971eade16
2521Author: Damien Miller <djm@mindrot.org>
2522Date:   Tue Feb 24 06:30:29 2015 +1100
2523
2524    various include fixes for portable
2525
2526commit 5248429b5ec524d0a65507cff0cdd6e0cb99effd
2527Author: djm@openbsd.org <djm@openbsd.org>
2528Date:   Mon Feb 23 16:55:51 2015 +0000
2529
2530    upstream commit
2531
2532    add an XXX to remind me to improve sshkey_load_public
2533
2534commit e94e4b07ef2eaead38b085a60535df9981cdbcdb
2535Author: djm@openbsd.org <djm@openbsd.org>
2536Date:   Mon Feb 23 16:55:31 2015 +0000
2537
2538    upstream commit
2539
2540    silence a spurious error message when listing
2541     fingerprints for known_hosts; bz#2342
2542
2543commit f2293a65392b54ac721f66bc0b44462e8d1d81f8
2544Author: djm@openbsd.org <djm@openbsd.org>
2545Date:   Mon Feb 23 16:33:25 2015 +0000
2546
2547    upstream commit
2548
2549    fix setting/clearing of TTY raw mode around
2550     UpdateHostKeys=ask confirmation question; reported by Herb Goldman
2551
2552commit f2004cd1adf34492eae0a44b1ef84e0e31b06088
2553Author: Darren Tucker <dtucker@zip.com.au>
2554Date:   Mon Feb 23 05:04:21 2015 +1100
2555
2556    Repair for non-ECC OpenSSL.
2557
2558    Ifdef out the ECC parts when building with an OpenSSL that doesn't have
2559    it.
2560
2561commit 37f9220db8d1a52c75894c3de1e5f2ae5bd71b6f
2562Author: Darren Tucker <dtucker@zip.com.au>
2563Date:   Mon Feb 23 03:07:24 2015 +1100
2564
2565    Wrap stdint.h includes in ifdefs.
2566
2567commit f81f1bbc5b892c8614ea740b1f92735652eb43f0
2568Author: Tim Rice <tim@multitalents.net>
2569Date:   Sat Feb 21 18:12:10 2015 -0800
2570
2571    out of tree build fix
2572
2573commit 2e13a1e4d22f3b503c3bfc878562cc7386a1d1ae
2574Author: Tim Rice <tim@multitalents.net>
2575Date:   Sat Feb 21 18:08:51 2015 -0800
2576
2577    mkdir kex unit test directory so testing out of tree builds works
2578
2579commit 1797f49b1ba31e8700231cd6b1d512d80bb50d2c
2580Author: halex@openbsd.org <halex@openbsd.org>
2581Date:   Sat Feb 21 21:46:57 2015 +0000
2582
2583    upstream commit
2584
2585    make "ssh-add -d" properly remove a corresponding
2586     certificate, and also not whine and fail if there is none
2587
2588    ok djm@
2589
2590commit 7faaa32da83a609059d95dbfcb0649fdb04caaf6
2591Author: Damien Miller <djm@mindrot.org>
2592Date:   Sun Feb 22 07:57:27 2015 +1100
2593
2594    mkdir hostkey and bitmap unit test directories
2595
2596commit bd49da2ef197efac5e38f5399263a8b47990c538
2597Author: djm@openbsd.org <djm@openbsd.org>
2598Date:   Fri Feb 20 23:46:01 2015 +0000
2599
2600    upstream commit
2601
2602    sort options useable under Match case-insensitively; prodded
2603     jmc@
2604
2605commit 1a779a0dd6cd8b4a1a40ea33b5415ab8408128ac
2606Author: djm@openbsd.org <djm@openbsd.org>
2607Date:   Sat Feb 21 20:51:02 2015 +0000
2608
2609    upstream commit
2610
2611    correct paths to configuration files being written/updated;
2612     they live in $OBJ not cwd; some by Roumen Petrov
2613
2614commit 28ba006c1acddff992ae946d0bc0b500b531ba6b
2615Author: Darren Tucker <dtucker@zip.com.au>
2616Date:   Sat Feb 21 15:41:07 2015 +1100
2617
2618    More correct checking of HAVE_DECL_AI_NUMERICSERV.
2619
2620commit e50e8c97a9cecae1f28febccaa6ca5ab3bc10f54
2621Author: Darren Tucker <dtucker@zip.com.au>
2622Date:   Sat Feb 21 15:10:33 2015 +1100
2623
2624    Add null declaration of AI_NUMERICINFO.
2625
2626    Some platforms (older FreeBSD and DragonFly versions) do have
2627    getaddrinfo() but do not have AI_NUMERICINFO. so define it to zero
2628    in those cases.
2629
2630commit 18a208d6a460d707a45916db63a571e805f5db46
2631Author: djm@openbsd.org <djm@openbsd.org>
2632Date:   Fri Feb 20 22:40:32 2015 +0000
2633
2634    upstream commit
2635
2636    more options that are available under Match; bz#2353 reported
2637     by calestyo AT scientia.net
2638
2639commit 44732de06884238049f285f1455b2181baa7dc82
2640Author: djm@openbsd.org <djm@openbsd.org>
2641Date:   Fri Feb 20 22:17:21 2015 +0000
2642
2643    upstream commit
2644
2645    UpdateHostKeys fixes:
2646
2647    I accidentally changed the format of the hostkeys@openssh.com messages
2648    last week without changing the extension name, and this has been causing
2649    connection failures for people who are running -current. First reported
2650    by sthen@
2651
2652    s/hostkeys@openssh.com/hostkeys-00@openssh.com/
2653    Change the name of the proof message too, and reorder it a little.
2654
2655    Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
2656    available to read the response) so disable UpdateHostKeys if it is in
2657    ask mode and ControlPersist is active (and document this)
2658
2659commit 13a39414d25646f93e6d355521d832a03aaaffe2
2660Author: djm@openbsd.org <djm@openbsd.org>
2661Date:   Tue Feb 17 00:14:05 2015 +0000
2662
2663    upstream commit
2664
2665    Regression: I broke logging of public key fingerprints in
2666     1.46. Pointed out by Pontus Lundkvist
2667
2668commit 773dda25e828c4c9a52f7bdce6e1e5924157beab
2669Author: Damien Miller <djm@mindrot.org>
2670Date:   Fri Jan 30 23:10:17 2015 +1100
2671
2672    repair --without-openssl; broken in refactor
2673
2674commit e89c780886b23600de1e1c8d74aabd1ff61f43f0
2675Author: Damien Miller <djm@google.com>
2676Date:   Tue Feb 17 10:04:55 2015 +1100
2677
2678    hook up hostkeys unittest to portable Makefiles
2679
2680commit 0abf41f99aa16ff09b263bead242d6cb2dbbcf99
2681Author: djm@openbsd.org <djm@openbsd.org>
2682Date:   Mon Feb 16 22:21:03 2015 +0000
2683
2684    upstream commit
2685
2686    enable hostkeys unit tests
2687
2688commit 68a5d647ccf0fb6782b2f749433a1eee5bc9044b
2689Author: djm@openbsd.org <djm@openbsd.org>
2690Date:   Mon Feb 16 22:20:50 2015 +0000
2691
2692    upstream commit
2693
2694    check string/memory compare arguments aren't NULL
2695
2696commit ef575ef20d09f20722e26b45dab80b3620469687
2697Author: djm@openbsd.org <djm@openbsd.org>
2698Date:   Mon Feb 16 22:18:34 2015 +0000
2699
2700    upstream commit
2701
2702    unit tests for hostfile.c code, just hostkeys_foreach so
2703     far
2704
2705commit 8ea3365e6aa2759ccf5c76eaea62cbc8a280b0e7
2706Author: markus@openbsd.org <markus@openbsd.org>
2707Date:   Sat Feb 14 12:43:16 2015 +0000
2708
2709    upstream commit
2710
2711    test server rekey limit
2712
2713commit ce63c4b063c39b2b22d4ada449c9e3fbde788cb3
2714Author: djm@openbsd.org <djm@openbsd.org>
2715Date:   Mon Feb 16 22:30:03 2015 +0000
2716
2717    upstream commit
2718
2719    partial backout of:
2720
2721    revision 1.441
2722    date: 2015/01/31 20:30:05;  author: djm;  state: Exp;  lines: +17 -10;  commitid
2723    : x8klYPZMJSrVlt3O;
2724    Let sshd load public host keys even when private keys are missing.
2725    Allows sshd to advertise additional keys for future key rotation.
2726    Also log fingerprint of hostkeys loaded; ok markus@
2727
2728    hostkey updates now require access to the private key, so we can't
2729    load public keys only. The improved log messages (fingerprints of keys
2730    loaded) are kept.
2731
2732commit 523463a3a2a9bfc6cfc5afa01bae9147f76a37cc
2733Author: djm@openbsd.org <djm@openbsd.org>
2734Date:   Mon Feb 16 22:13:32 2015 +0000
2735
2736    upstream commit
2737
2738    Revise hostkeys@openssh.com hostkey learning extension.
2739
2740    The client will not ask the server to prove ownership of the private
2741    halves of any hitherto-unseen hostkeys it offers to the client.
2742
2743    Allow UpdateHostKeys option to take an 'ask' argument to let the
2744    user manually review keys offered.
2745
2746    ok markus@
2747
2748commit 6c5c949782d86a6e7d58006599c7685bfcd01685
2749Author: djm@openbsd.org <djm@openbsd.org>
2750Date:   Mon Feb 16 22:08:57 2015 +0000
2751
2752    upstream commit
2753
2754    Refactor hostkeys_foreach() and dependent code Deal with
2755     IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing
2756     changed ok markus@ as part of larger commit
2757
2758commit 51b082ccbe633dc970df1d1f4c9c0497115fe721
2759Author: miod@openbsd.org <miod@openbsd.org>
2760Date:   Mon Feb 16 18:26:26 2015 +0000
2761
2762    upstream commit
2763
2764    Declare ge25519_base as extern, to prevent it from
2765     becoming a common. Gets us rid of ``lignment 4 of symbol
2766     `crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in
2767     mod_ed25519.o'' warnings at link time.
2768
2769commit 02db468bf7e3281a8e3c058ced571b38b6407c34
2770Author: markus@openbsd.org <markus@openbsd.org>
2771Date:   Fri Feb 13 18:57:00 2015 +0000
2772
2773    upstream commit
2774
2775    make rekey_limit for sshd w/privsep work; ok djm@
2776     dtucker@
2777
2778commit 8ec67d505bd23c8bf9e17b7a364b563a07a58ec8
2779Author: dtucker@openbsd.org <dtucker@openbsd.org>
2780Date:   Thu Feb 12 20:34:19 2015 +0000
2781
2782    upstream commit
2783
2784    Prevent sshd spamming syslog with
2785     "ssh_dispatch_run_fatal: disconnected". ok markus@
2786
2787commit d4c0295d1afc342057ba358237acad6be8af480b
2788Author: djm@openbsd.org <djm@openbsd.org>
2789Date:   Wed Feb 11 01:20:38 2015 +0000
2790
2791    upstream commit
2792
2793    Some packet error messages show the address of the peer,
2794     but might be generated after the socket to the peer has suffered a TCP reset.
2795     In these cases, getpeername() won't work so cache the address earlier.
2796
2797    spotted in the wild via deraadt@ and tedu@
2798
2799commit 4af1709cf774475ce5d1bc3ddcc165f6c222897d
2800Author: jsg@openbsd.org <jsg@openbsd.org>
2801Date:   Mon Feb 9 23:22:37 2015 +0000
2802
2803    upstream commit
2804
2805    fix some leaks in error paths ok markus@
2806
2807commit fd36834871d06a03e1ff8d69e41992efa1bbf85f
2808Author: millert@openbsd.org <millert@openbsd.org>
2809Date:   Fri Feb 6 23:21:59 2015 +0000
2810
2811    upstream commit
2812
2813    SIZE_MAX is standard, we should be using it in preference to
2814     the obsolete SIZE_T_MAX.  OK miod@ beck@
2815
2816commit 1910a286d7771eab84c0b047f31c0a17505236fa
2817Author: millert@openbsd.org <millert@openbsd.org>
2818Date:   Thu Feb 5 12:59:57 2015 +0000
2819
2820    upstream commit
2821
2822    Include stdint.h, not limits.h to get SIZE_MAX.  OK guenther@
2823
2824commit ce4f59b2405845584f45e0b3214760eb0008c06c
2825Author: deraadt@openbsd.org <deraadt@openbsd.org>
2826Date:   Tue Feb 3 08:07:20 2015 +0000
2827
2828    upstream commit
2829
2830    missing ; djm and mlarkin really having great
2831     interactions recently
2832
2833commit 5d34aa94938abb12b877a25be51862757f25d54b
2834Author: halex@openbsd.org <halex@openbsd.org>
2835Date:   Tue Feb 3 00:34:14 2015 +0000
2836
2837    upstream commit
2838
2839    slightly extend the passphrase prompt if running with -c
2840     in order to give the user a chance to notice if unintentionally running
2841     without it
2842
2843    wording tweak and ok djm@
2844
2845commit cb3bde373e80902c7d5d0db429f85068d19b2918
2846Author: djm@openbsd.org <djm@openbsd.org>
2847Date:   Mon Feb 2 22:48:53 2015 +0000
2848
2849    upstream commit
2850
2851    handle PKCS#11 C_Login returning
2852     CKR_USER_ALREADY_LOGGED_IN; based on patch from Yuri Samoilenko; ok markus@
2853
2854commit 15ad750e5ec3cc69765b7eba1ce90060e7083399
2855Author: djm@openbsd.org <djm@openbsd.org>
2856Date:   Mon Feb 2 07:41:40 2015 +0000
2857
2858    upstream commit
2859
2860    turn UpdateHostkeys off by default until I figure out
2861     mlarkin@'s warning message; requested by deraadt@
2862
2863commit 3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9
2864Author: deraadt@openbsd.org <deraadt@openbsd.org>
2865Date:   Mon Feb 2 01:57:44 2015 +0000
2866
2867    upstream commit
2868
2869    increasing encounters with difficult DNS setups in
2870     darknets has convinced me UseDNS off by default is better ok djm
2871
2872commit 6049a548a8a68ff0bbe581ab1748ea6a59ecdc38
2873Author: djm@openbsd.org <djm@openbsd.org>
2874Date:   Sat Jan 31 20:30:05 2015 +0000
2875
2876    upstream commit
2877
2878    Let sshd load public host keys even when private keys are
2879     missing. Allows sshd to advertise additional keys for future key rotation.
2880     Also log fingerprint of hostkeys loaded; ok markus@
2881
2882commit 46347ed5968f582661e8a70a45f448e0179ca0ab
2883Author: djm@openbsd.org <djm@openbsd.org>
2884Date:   Fri Jan 30 11:43:14 2015 +0000
2885
2886    upstream commit
2887
2888    Add a ssh_config HostbasedKeyType option to control which
2889     host public key types are tried during hostbased authentication.
2890
2891    This may be used to prevent too many keys being sent to the server,
2892    and blowing past its MaxAuthTries limit.
2893
2894    bz#2211 based on patch by Iain Morgan; ok markus@
2895
2896commit 802660cb70453fa4d230cb0233bc1bbdf8328de1
2897Author: djm@openbsd.org <djm@openbsd.org>
2898Date:   Fri Jan 30 10:44:49 2015 +0000
2899
2900    upstream commit
2901
2902    set a timeout to prevent hangs when talking to busted
2903     servers; ok markus@
2904
2905commit 86936ec245a15c7abe71a0722610998b0a28b194
2906Author: djm@openbsd.org <djm@openbsd.org>
2907Date:   Fri Jan 30 01:11:39 2015 +0000
2908
2909    upstream commit
2910
2911    regression test for 'wildcard CA' serial/key ID revocations
2912
2913commit 4509b5d4a4fa645a022635bfa7e86d09b285001f
2914Author: djm@openbsd.org <djm@openbsd.org>
2915Date:   Fri Jan 30 01:13:33 2015 +0000
2916
2917    upstream commit
2918
2919    avoid more fatal/exit in the packet.c paths that
2920     ssh-keyscan uses; feedback and "looks good" markus@
2921
2922commit 669aee994348468af8b4b2ebd29b602cf2860b22
2923Author: djm@openbsd.org <djm@openbsd.org>
2924Date:   Fri Jan 30 01:10:33 2015 +0000
2925
2926    upstream commit
2927
2928    permit KRLs that revoke certificates by serial number or
2929     key ID without scoping to a particular CA; ok markus@
2930
2931commit 7a2c368477e26575d0866247d3313da4256cb2b5
2932Author: djm@openbsd.org <djm@openbsd.org>
2933Date:   Fri Jan 30 00:59:19 2015 +0000
2934
2935    upstream commit
2936
2937    missing parentheses after if in do_convert_from() broke
2938     private key conversion from other formats some time in 2010; bz#2345 reported
2939     by jjelen AT redhat.com
2940
2941commit 25f5f78d8bf5c22d9cea8b49de24ebeee648a355
2942Author: djm@openbsd.org <djm@openbsd.org>
2943Date:   Fri Jan 30 00:22:25 2015 +0000
2944
2945    upstream commit
2946
2947    fix ssh protocol 1, spotted by miod@
2948
2949commit 9ce86c926dfa6e0635161b035e3944e611cbccf0
2950Author: djm@openbsd.org <djm@openbsd.org>
2951Date:   Wed Jan 28 22:36:00 2015 +0000
2952
2953    upstream commit
2954
2955    update to new API (key_fingerprint => sshkey_fingerprint)
2956     check sshkey_fingerprint return values; ok markus
2957
2958commit 9125525c37bf73ad3ee4025520889d2ce9d10f29
2959Author: djm@openbsd.org <djm@openbsd.org>
2960Date:   Wed Jan 28 22:05:31 2015 +0000
2961
2962    upstream commit
2963
2964    avoid fatal() calls in packet code makes ssh-keyscan more
2965     reliable against server failures ok dtucker@ markus@
2966
2967commit fae7bbe544cba7a9e5e4ab47ff6faa3d978646eb
2968Author: djm@openbsd.org <djm@openbsd.org>
2969Date:   Wed Jan 28 21:15:47 2015 +0000
2970
2971    upstream commit
2972
2973    avoid fatal() calls in packet code makes ssh-keyscan more
2974     reliable against server failures ok dtucker@ markus@
2975
2976commit 1a3d14f6b44a494037c7deab485abe6496bf2c60
2977Author: djm@openbsd.org <djm@openbsd.org>
2978Date:   Wed Jan 28 11:07:25 2015 +0000
2979
2980    upstream commit
2981
2982    remove obsolete comment
2983
2984commit 80c25b7bc0a71d75c43a4575d9a1336f589eb639
2985Author: okan@openbsd.org <okan@openbsd.org>
2986Date:   Tue Jan 27 12:54:06 2015 +0000
2987
2988    upstream commit
2989
2990    Since r1.2 removed the use of PRI* macros, inttypes.h is
2991     no longer required.
2992
2993    ok djm@
2994
2995commit 69ff64f69615c2a21c97cb5878a0996c21423257
2996Author: Damien Miller <djm@mindrot.org>
2997Date:   Tue Jan 27 23:07:43 2015 +1100
2998
2999    compile on systems without TCP_MD5SIG (e.g. OSX)
3000
3001commit 358964f3082fb90b2ae15bcab07b6105cfad5a43
3002Author: Damien Miller <djm@mindrot.org>
3003Date:   Tue Jan 27 23:07:25 2015 +1100
3004
3005    use ssh-keygen under test rather than system's
3006
3007commit a2c95c1bf33ea53038324d1fdd774bc953f98236
3008Author: Damien Miller <djm@mindrot.org>
3009Date:   Tue Jan 27 23:06:59 2015 +1100
3010
3011    OSX lacks HOST_NAME_MAX, has _POSIX_HOST_NAME_MAX
3012
3013commit ade31d7b6f608a19b85bee29a7a00b1e636a2919
3014Author: Damien Miller <djm@mindrot.org>
3015Date:   Tue Jan 27 23:06:23 2015 +1100
3016
3017    these need active_state defined to link on OSX
3018
3019    temporary measure until active_state goes away entirely
3020
3021commit e56aa87502f22c5844918c10190e8b4f785f067b
3022Author: djm@openbsd.org <djm@openbsd.org>
3023Date:   Tue Jan 27 12:01:36 2015 +0000
3024
3025    upstream commit
3026
3027    use printf instead of echo -n to reduce diff against
3028     -portable
3029
3030commit 9f7637f56eddfaf62ce3c0af89c25480f2cf1068
3031Author: jmc@openbsd.org <jmc@openbsd.org>
3032Date:   Mon Jan 26 13:55:29 2015 +0000
3033
3034    upstream commit
3035
3036    sort previous;
3037
3038commit 3076ee7d530d5b16842fac7a6229706c7e5acd26
3039Author: djm@openbsd.org <djm@openbsd.org>
3040Date:   Mon Jan 26 13:36:53 2015 +0000
3041
3042    upstream commit
3043
3044    properly restore umask
3045
3046commit d411d395556b73ba1b9e451516a0bd6697c4b03d
3047Author: djm@openbsd.org <djm@openbsd.org>
3048Date:   Mon Jan 26 06:12:18 2015 +0000
3049
3050    upstream commit
3051
3052    regression test for host key rotation
3053
3054commit fe8a3a51699afbc6407a8fae59b73349d01e49f8
3055Author: djm@openbsd.org <djm@openbsd.org>
3056Date:   Mon Jan 26 06:11:28 2015 +0000
3057
3058    upstream commit
3059
3060    adapt to sshkey API tweaks
3061
3062commit 7dd355fb1f0038a3d5cdca57ebab4356c7a5b434
3063Author: miod@openbsd.org <miod@openbsd.org>
3064Date:   Sat Jan 24 10:39:21 2015 +0000
3065
3066    upstream commit
3067
3068    Move -lz late in the linker commandline for things to
3069     build on static arches.
3070
3071commit 0dad3b806fddb93c475b30853b9be1a25d673a33
3072Author: miod@openbsd.org <miod@openbsd.org>
3073Date:   Fri Jan 23 21:21:23 2015 +0000
3074
3075    upstream commit
3076
3077    -Wpointer-sign is supported by gcc 4 only.
3078
3079commit 2b3b1c1e4bd9577b6e780c255c278542ea66c098
3080Author: djm@openbsd.org <djm@openbsd.org>
3081Date:   Tue Jan 20 22:58:57 2015 +0000
3082
3083    upstream commit
3084
3085    use SUBDIR to recuse into unit tests; makes "make obj"
3086     actually work
3087
3088commit 1d1092bff8db27080155541212b420703f8b9c92
3089Author: djm@openbsd.org <djm@openbsd.org>
3090Date:   Mon Jan 26 12:16:36 2015 +0000
3091
3092    upstream commit
3093
3094    correct description of UpdateHostKeys in ssh_config.5 and
3095     add it to -o lists for ssh, scp and sftp; pointed out by jmc@
3096
3097commit 5104db7cbd6cdd9c5971f4358e74414862fc1022
3098Author: djm@openbsd.org <djm@openbsd.org>
3099Date:   Mon Jan 26 06:10:03 2015 +0000
3100
3101    upstream commit
3102
3103    correctly match ECDSA subtype (== curve) for
3104     offered/recevied host keys. Fixes connection-killing host key mismatches when
3105     a server offers multiple ECDSA keys with different curve type (an extremely
3106     unlikely configuration).
3107
3108    ok markus, "looks mechanical" deraadt@
3109
3110commit 8d4f87258f31cb6def9b3b55b6a7321d84728ff2
3111Author: djm@openbsd.org <djm@openbsd.org>
3112Date:   Mon Jan 26 03:04:45 2015 +0000
3113
3114    upstream commit
3115
3116    Host key rotation support.
3117
3118    Add a hostkeys@openssh.com protocol extension (global request) for
3119    a server to inform a client of all its available host key after
3120    authentication has completed. The client may record the keys in
3121    known_hosts, allowing it to upgrade to better host key algorithms
3122    and a server to gracefully rotate its keys.
3123
3124    The client side of this is controlled by a UpdateHostkeys config
3125    option (default on).
3126
3127    ok markus@
3128
3129commit 60b1825262b1f1e24fc72050b907189c92daf18e
3130Author: djm@openbsd.org <djm@openbsd.org>
3131Date:   Mon Jan 26 02:59:11 2015 +0000
3132
3133    upstream commit
3134
3135    small refactor and add some convenience functions; ok
3136     markus
3137
3138commit a5a3e3328ddce91e76f71ff479022d53e35c60c9
3139Author: jmc@openbsd.org <jmc@openbsd.org>
3140Date:   Thu Jan 22 21:00:42 2015 +0000
3141
3142    upstream commit
3143
3144    heirarchy -> hierarchy;
3145
3146commit dcff5810a11195c57e1b3343c0d6b6f2b9974c11
3147Author: deraadt@openbsd.org <deraadt@openbsd.org>
3148Date:   Thu Jan 22 20:24:41 2015 +0000
3149
3150    upstream commit
3151
3152    Provide a warning about chroot misuses (which sadly, seem
3153     to have become quite popular because shiny).  sshd cannot detect/manage/do
3154     anything about these cases, best we can do is warn in the right spot in the
3155     man page. ok markus
3156
3157commit 087266ec33c76fc8d54ac5a19efacf2f4a4ca076
3158Author: deraadt@openbsd.org <deraadt@openbsd.org>
3159Date:   Tue Jan 20 23:14:00 2015 +0000
3160
3161    upstream commit
3162
3163    Reduce use of <sys/param.h> and transition to <limits.h>
3164     throughout. ok djm markus
3165
3166commit 57e783c8ba2c0797f93977e83b2a8644a03065d8
3167Author: markus@openbsd.org <markus@openbsd.org>
3168Date:   Tue Jan 20 20:16:21 2015 +0000
3169
3170    upstream commit
3171
3172    kex_setup errors are fatal()
3173
3174commit 1d6424a6ff94633c221297ae8f42d54e12a20912
3175Author: djm@openbsd.org <djm@openbsd.org>
3176Date:   Tue Jan 20 08:02:33 2015 +0000
3177
3178    upstream commit
3179
3180    this test would accidentally delete agent.sh if run without
3181     obj/
3182
3183commit 12b5f50777203e12575f1b08568281e447249ed3
3184Author: djm@openbsd.org <djm@openbsd.org>
3185Date:   Tue Jan 20 07:56:44 2015 +0000
3186
3187    upstream commit
3188
3189    make this compile with KERBEROS5 enabled
3190
3191commit e2cc6bef08941256817d44d146115b3478586ad4
3192Author: djm@openbsd.org <djm@openbsd.org>
3193Date:   Tue Jan 20 07:55:33 2015 +0000
3194
3195    upstream commit
3196
3197    fix hostkeys in agent; ok markus@
3198
3199commit 1ca3e2155aa5d3801a7ae050f85c71f41fcb95b1
3200Author: Damien Miller <djm@mindrot.org>
3201Date:   Tue Jan 20 10:11:31 2015 +1100
3202
3203    fix kex test
3204
3205commit c78a578107c7e6dcf5d30a2f34cb6581bef14029
3206Author: markus@openbsd.org <markus@openbsd.org>
3207Date:   Mon Jan 19 20:45:25 2015 +0000
3208
3209    upstream commit
3210
3211    finally enable the KEX tests I wrote some years ago...
3212
3213commit 31821d7217e686667d04935aeec99e1fc4a46e7e
3214Author: markus@openbsd.org <markus@openbsd.org>
3215Date:   Mon Jan 19 20:42:31 2015 +0000
3216
3217    upstream commit
3218
3219    adapt to new error message (SSH_ERR_MAC_INVALID)
3220
3221commit d3716ca19e510e95d956ae14d5b367e364bff7f1
3222Author: djm@openbsd.org <djm@openbsd.org>
3223Date:   Mon Jan 19 17:31:13 2015 +0000
3224
3225    upstream commit
3226
3227    this test was broken in at least two ways, such that it
3228     wasn't checking that a KRL was not excluding valid keys
3229
3230commit 3f797653748e7c2b037dacb57574c01d9ef3b4d3
3231Author: markus@openbsd.org <markus@openbsd.org>
3232Date:   Mon Jan 19 20:32:39 2015 +0000
3233
3234    upstream commit
3235
3236    switch ssh-keyscan from setjmp to multiple ssh transport
3237     layer instances ok djm@
3238
3239commit f582f0e917bb0017b00944783cd5f408bf4b0b5e
3240Author: markus@openbsd.org <markus@openbsd.org>
3241Date:   Mon Jan 19 20:30:23 2015 +0000
3242
3243    upstream commit
3244
3245    add experimental api for packet layer; ok djm@
3246
3247commit 48b3b2ba75181f11fca7f327058a591f4426cade
3248Author: markus@openbsd.org <markus@openbsd.org>
3249Date:   Mon Jan 19 20:20:20 2015 +0000
3250
3251    upstream commit
3252
3253    store compat flags in struct ssh; ok djm@
3254
3255commit 57d10cbe861a235dd269c74fb2fe248469ecee9d
3256Author: markus@openbsd.org <markus@openbsd.org>
3257Date:   Mon Jan 19 20:16:15 2015 +0000
3258
3259    upstream commit
3260
3261    adapt kex to sshbuf and struct ssh; ok djm@
3262
3263commit 3fdc88a0def4f86aa88a5846ac079dc964c0546a
3264Author: markus@openbsd.org <markus@openbsd.org>
3265Date:   Mon Jan 19 20:07:45 2015 +0000
3266
3267    upstream commit
3268
3269    move dispatch to struct ssh; ok djm@
3270
3271commit 091c302829210c41e7f57c3f094c7b9c054306f0
3272Author: markus@openbsd.org <markus@openbsd.org>
3273Date:   Mon Jan 19 19:52:16 2015 +0000
3274
3275    upstream commit
3276
3277    update packet.c & isolate, introduce struct ssh a) switch
3278     packet.c to buffer api and isolate per-connection info into struct ssh b)
3279     (de)serialization of the state is moved from monitor to packet.c c) the old
3280     packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and
3281     integrated into packet.c with and ok djm@
3282
3283commit 4e62cc68ce4ba20245d208b252e74e91d3785b74
3284Author: djm@openbsd.org <djm@openbsd.org>
3285Date:   Mon Jan 19 17:35:48 2015 +0000
3286
3287    upstream commit
3288
3289    fix format strings in (disabled) debugging
3290
3291commit d85e06245907d49a2cd0cfa0abf59150ad616f42
3292Author: djm@openbsd.org <djm@openbsd.org>
3293Date:   Mon Jan 19 06:01:32 2015 +0000
3294
3295    upstream commit
3296
3297    be a bit more careful in these tests to ensure that
3298     known_hosts is clean
3299
3300commit 7947810eab5fe0ad311f32a48f4d4eb1f71be6cf
3301Author: djm@openbsd.org <djm@openbsd.org>
3302Date:   Sun Jan 18 22:00:18 2015 +0000
3303
3304    upstream commit
3305
3306    regression test for known_host file editing using
3307     ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok
3308     markus@
3309
3310commit 3a2b09d147a565d8a47edf37491e149a02c0d3a3
3311Author: djm@openbsd.org <djm@openbsd.org>
3312Date:   Sun Jan 18 19:54:46 2015 +0000
3313
3314    upstream commit
3315
3316    more and better key tests
3317
3318    test signatures and verification
3319    test certificate generation
3320    flesh out nested cert test
3321
3322    removes most of the XXX todo markers
3323
3324commit 589e69fd82724cfc9738f128e4771da2e6405d0d
3325Author: djm@openbsd.org <djm@openbsd.org>
3326Date:   Sun Jan 18 19:53:58 2015 +0000
3327
3328    upstream commit
3329
3330    make the signature fuzzing test much more rigorous:
3331     ensure that the fuzzed input cases do not match the original (using new
3332     fuzz_matches_original() function) and check that the verification fails in
3333     each case
3334
3335commit 80603c0daa2538c349c1c152405580b164d5475f
3336Author: djm@openbsd.org <djm@openbsd.org>
3337Date:   Sun Jan 18 19:52:44 2015 +0000
3338
3339    upstream commit
3340
3341    add a fuzz_matches_original() function to the fuzzer to
3342     detect fuzz cases that are identical to the original data. Hacky
3343     implementation, but very useful when you need the fuzz to be different, e.g.
3344     when verifying signature
3345
3346commit 87d5495bd337e358ad69c524fcb9495208c0750b
3347Author: djm@openbsd.org <djm@openbsd.org>
3348Date:   Sun Jan 18 19:50:55 2015 +0000
3349
3350    upstream commit
3351
3352    better dumps from the fuzzer (shown on errors) -
3353     include the original data as well as the fuzzed copy.
3354
3355commit d59ec478c453a3fff05badbbfd96aa856364f2c2
3356Author: djm@openbsd.org <djm@openbsd.org>
3357Date:   Sun Jan 18 19:47:55 2015 +0000
3358
3359    upstream commit
3360
3361    enable hostkey-agent.sh test
3362
3363commit 26b3425170bf840e4b095e1c10bf25a0a3e3a105
3364Author: djm@openbsd.org <djm@openbsd.org>
3365Date:   Sat Jan 17 18:54:30 2015 +0000
3366
3367    upstream commit
3368
3369    unit test for hostkeys in ssh-agent
3370
3371commit 9e06a0fb23ec55d9223b26a45bb63c7649e2f2f2
3372Author: markus@openbsd.org <markus@openbsd.org>
3373Date:   Thu Jan 15 23:41:29 2015 +0000
3374
3375    upstream commit
3376
3377    add kex unit tests
3378
3379commit d2099dec6da21ae627f6289aedae6bc1d41a22ce
3380Author: deraadt@openbsd.org <deraadt@openbsd.org>
3381Date:   Mon Jan 19 00:32:54 2015 +0000
3382
3383    upstream commit
3384
3385    djm, your /usr/include tree is old
3386
3387commit 2b3c3c76c30dc5076fe09d590f5b26880f148a54
3388Author: djm@openbsd.org <djm@openbsd.org>
3389Date:   Sun Jan 18 21:51:19 2015 +0000
3390
3391    upstream commit
3392
3393    some feedback from markus@: comment hostkeys_foreach()
3394     context and avoid a member in it.
3395
3396commit cecb30bc2ba6d594366e657d664d5c494b6c8a7f
3397Author: djm@openbsd.org <djm@openbsd.org>
3398Date:   Sun Jan 18 21:49:42 2015 +0000
3399
3400    upstream commit
3401
3402    make ssh-keygen use hostkeys_foreach(). Removes some
3403     horrendous code; ok markus@
3404
3405commit ec3d065df3a9557ea96b02d061fd821a18c1a0b9
3406Author: djm@openbsd.org <djm@openbsd.org>
3407Date:   Sun Jan 18 21:48:09 2015 +0000
3408
3409    upstream commit
3410
3411    convert load_hostkeys() (hostkey ordering and
3412     known_host matching) to use the new hostkey_foreach() iterator; ok markus
3413
3414commit c29811cc480a260e42fd88849fc86a80c1e91038
3415Author: djm@openbsd.org <djm@openbsd.org>
3416Date:   Sun Jan 18 21:40:23 2015 +0000
3417
3418    upstream commit
3419
3420    introduce hostkeys_foreach() to allow iteration over a
3421     known_hosts file or controlled subset thereof. This will allow us to pull out
3422     some ugly and duplicated code, and will be used to implement hostkey rotation
3423     later.
3424
3425    feedback and ok markus
3426
3427commit f101d8291da01bbbfd6fb8c569cfd0cc61c0d346
3428Author: deraadt@openbsd.org <deraadt@openbsd.org>
3429Date:   Sun Jan 18 14:01:00 2015 +0000
3430
3431    upstream commit
3432
3433    string truncation due to sizeof(size) ok djm markus
3434
3435commit 35d6022b55b7969fc10c261cb6aa78cc4a5fcc41
3436Author: djm@openbsd.org <djm@openbsd.org>
3437Date:   Sun Jan 18 13:33:34 2015 +0000
3438
3439    upstream commit
3440
3441    avoid trailing ',' in host key algorithms
3442
3443commit 7efb455789a0cb76bdcdee91c6060a3dc8f5c007
3444Author: djm@openbsd.org <djm@openbsd.org>
3445Date:   Sun Jan 18 13:22:28 2015 +0000
3446
3447    upstream commit
3448
3449    infer key length correctly when user specified a fully-
3450     qualified key name instead of using the -b bits option; ok markus@
3451
3452commit 83f8ffa6a55ccd0ce9d8a205e3e7439ec18fedf5
3453Author: djm@openbsd.org <djm@openbsd.org>
3454Date:   Sat Jan 17 18:53:34 2015 +0000
3455
3456    upstream commit
3457
3458    fix hostkeys on ssh agent; found by unit test I'm about
3459     to commit
3460
3461commit 369d61f17657b814124268f99c033e4dc6e436c1
3462Author: schwarze@openbsd.org <schwarze@openbsd.org>
3463Date:   Fri Jan 16 16:20:23 2015 +0000
3464
3465    upstream commit
3466
3467    garbage collect empty .No macros mandoc warns about
3468
3469commit bb8b442d32dbdb8521d610e10d8b248d938bd747
3470Author: djm@openbsd.org <djm@openbsd.org>
3471Date:   Fri Jan 16 15:55:07 2015 +0000
3472
3473    upstream commit
3474
3475    regression: incorrect error message on
3476     otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@
3477
3478commit 9010902954a40b59d0bf3df3ccbc3140a653e2bc
3479Author: djm@openbsd.org <djm@openbsd.org>
3480Date:   Fri Jan 16 07:19:48 2015 +0000
3481
3482    upstream commit
3483
3484    when hostname canonicalisation is enabled, try to parse
3485     hostnames as addresses before looking them up for canonicalisation. fixes
3486     bz#2074 and avoids needless DNS lookups in some cases; ok markus
3487
3488commit 2ae4f337b2a5fb2841b6b0053b49496fef844d1c
3489Author: deraadt@openbsd.org <deraadt@openbsd.org>
3490Date:   Fri Jan 16 06:40:12 2015 +0000
3491
3492    upstream commit
3493
3494    Replace <sys/param.h> with <limits.h> and other less
3495     dirty headers where possible.  Annotate <sys/param.h> lines with their
3496     current reasons.  Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1,
3497     LOGIN_NAME_MAX, etc.  Change MIN() and MAX() to local definitions of
3498     MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution.
3499     These are the files confirmed through binary verification. ok guenther,
3500     millert, doug (helped with the verification protocol)
3501
3502commit 3c4726f4c24118e8f1bb80bf75f1456c76df072c
3503Author: markus@openbsd.org <markus@openbsd.org>
3504Date:   Thu Jan 15 21:38:50 2015 +0000
3505
3506    upstream commit
3507
3508    remove xmalloc, switch to sshbuf
3509
3510commit e17ac01f8b763e4b83976b9e521e90a280acc097
3511Author: markus@openbsd.org <markus@openbsd.org>
3512Date:   Thu Jan 15 21:37:14 2015 +0000
3513
3514    upstream commit
3515
3516    switch to sshbuf
3517
3518commit ddef9995a1fa6c7a8ff3b38bfe6cf724bebf13d0
3519Author: naddy@openbsd.org <naddy@openbsd.org>
3520Date:   Thu Jan 15 18:32:54 2015 +0000
3521
3522    upstream commit
3523
3524    handle UMAC128 initialization like UMAC; ok djm@ markus@
3525
3526commit f14564c1f7792446bca143580aef0e7ac25dcdae
3527Author: djm@openbsd.org <djm@openbsd.org>
3528Date:   Thu Jan 15 11:04:36 2015 +0000
3529
3530    upstream commit
3531
3532    fix regression reported by brad@ for passworded keys without
3533     agent present
3534
3535commit 45c0fd70bb2a88061319dfff20cb12ef7b1bc47e
3536Author: Damien Miller <djm@mindrot.org>
3537Date:   Thu Jan 15 22:08:23 2015 +1100
3538
3539    make bitmap test compile
3540
3541commit d333f89abf7179021e5c3f28673f469abe032062
3542Author: djm@openbsd.org <djm@openbsd.org>
3543Date:   Thu Jan 15 07:36:28 2015 +0000
3544
3545    upstream commit
3546
3547    unit tests for KRL bitmap
3548
3549commit 7613f828f49c55ff356007ae9645038ab6682556
3550Author: markus@openbsd.org <markus@openbsd.org>
3551Date:   Wed Jan 14 09:58:21 2015 +0000
3552
3553    upstream commit
3554
3555    re-add comment about full path
3556
3557commit 6c43b48b307c41cd656b415621a644074579a578
3558Author: markus@openbsd.org <markus@openbsd.org>
3559Date:   Wed Jan 14 09:54:38 2015 +0000
3560
3561    upstream commit
3562
3563    don't reset  to the installed sshd; connect before
3564     reconfigure, too
3565
3566commit 771bb47a1df8b69061f09462e78aa0b66cd594bf
3567Author: djm@openbsd.org <djm@openbsd.org>
3568Date:   Tue Jan 13 14:51:51 2015 +0000
3569
3570    upstream commit
3571
3572    implement a SIGINFO handler so we can discern a stuck
3573     fuzz test from a merely glacial one; prompted by and ok markus
3574
3575commit cfaa57962f8536f3cf0fd7daf4d6a55d6f6de45f
3576Author: djm@openbsd.org <djm@openbsd.org>
3577Date:   Tue Jan 13 08:23:26 2015 +0000
3578
3579    upstream commit
3580
3581    use $SSH instead of installed ssh to allow override;
3582     spotted by markus@
3583
3584commit 0920553d0aee117a596b03ed5b49b280d34a32c5
3585Author: djm@openbsd.org <djm@openbsd.org>
3586Date:   Tue Jan 13 07:49:49 2015 +0000
3587
3588    upstream commit
3589
3590    regress test for PubkeyAcceptedKeyTypes; ok markus@
3591
3592commit 27ca1a5c0095eda151934bca39a77e391f875d17
3593Author: markus@openbsd.org <markus@openbsd.org>
3594Date:   Mon Jan 12 20:13:27 2015 +0000
3595
3596    upstream commit
3597
3598    unbreak parsing of pubkey comments; with gerhard; ok
3599     djm/deraadt
3600
3601commit 55358f0b4e0b83bc0df81c5f854c91b11e0bb4dc
3602Author: djm@openbsd.org <djm@openbsd.org>
3603Date:   Mon Jan 12 11:46:32 2015 +0000
3604
3605    upstream commit
3606
3607    fatal if soft-PKCS11 library is missing rather (rather
3608     than continue and fail with a more cryptic error)
3609
3610commit c3554cdd2a1a62434b8161017aa76fa09718a003
3611Author: djm@openbsd.org <djm@openbsd.org>
3612Date:   Mon Jan 12 11:12:38 2015 +0000
3613
3614    upstream commit
3615
3616    let this test all supporte key types; pointed out/ok
3617     markus@
3618
3619commit 1129dcfc5a3e508635004bcc05a3574cb7687167
3620Author: djm@openbsd.org <djm@openbsd.org>
3621Date:   Thu Jan 15 09:40:00 2015 +0000
3622
3623    upstream commit
3624
3625    sync ssh-keysign, ssh-keygen and some dependencies to the
3626     new buffer/key API; mostly mechanical, ok markus@
3627
3628commit e4ebf5586452bf512da662ac277aaf6ecf0efe7c
3629Author: djm@openbsd.org <djm@openbsd.org>
3630Date:   Thu Jan 15 07:57:08 2015 +0000
3631
3632    upstream commit
3633
3634    remove commented-out test code now that it has moved to a
3635     proper unit test
3636
3637commit e81cba066c1e9eb70aba0f6e7c0ff220611b370f
3638Author: djm@openbsd.org <djm@openbsd.org>
3639Date:   Wed Jan 14 20:54:29 2015 +0000
3640
3641    upstream commit
3642
3643    whitespace
3644
3645commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622
3646Author: djm@openbsd.org <djm@openbsd.org>
3647Date:   Wed Jan 14 20:05:27 2015 +0000
3648
3649    upstream commit
3650
3651    move authfd.c and its tentacles to the new buffer/key
3652     API; ok markus@
3653
3654commit 0088c57af302cda278bd26d8c3ae81d5b6f7c289
3655Author: djm@openbsd.org <djm@openbsd.org>
3656Date:   Wed Jan 14 19:33:41 2015 +0000
3657
3658    upstream commit
3659
3660    fix small regression: ssh-agent would return a success
3661     message but an empty signature if asked to sign using an unknown key; ok
3662     markus@
3663
3664commit b03ebe2c22b8166e4f64c37737f4278676e3488d
3665Author: Damien Miller <djm@mindrot.org>
3666Date:   Thu Jan 15 03:08:58 2015 +1100
3667
3668    more --without-openssl
3669
3670    fix some regressions caused by upstream merges
3671
3672    enable KRLs now that they no longer require BIGNUMs
3673
3674commit bc42cc6fe784f36df225c44c93b74830027cb5a2
3675Author: Damien Miller <djm@mindrot.org>
3676Date:   Thu Jan 15 03:08:29 2015 +1100
3677
3678    kludge around tun API mismatch betterer
3679
3680commit c332110291089b624fa0951fbf2d1ee6de525b9f
3681Author: Damien Miller <djm@mindrot.org>
3682Date:   Thu Jan 15 02:59:51 2015 +1100
3683
3684    some systems lack SO_REUSEPORT
3685
3686commit 83b9678a62cbdc74eb2031cf1e1e4ffd58e233ae
3687Author: Damien Miller <djm@mindrot.org>
3688Date:   Thu Jan 15 02:35:50 2015 +1100
3689
3690    fix merge botch
3691
3692commit 0cdc5a3eb6fb383569a4da2a30705d9b90428d6b
3693Author: Damien Miller <djm@mindrot.org>
3694Date:   Thu Jan 15 02:35:33 2015 +1100
3695
3696    unbreak across API change
3697
3698commit 6e2549ac2b5e7f96cbc2d83a6e0784b120444b47
3699Author: Damien Miller <djm@mindrot.org>
3700Date:   Thu Jan 15 02:30:18 2015 +1100
3701
3702    need includes.h for portable OpenSSH
3703
3704commit 72ef7c148c42db7d5632a29f137f8b87b579f2d9
3705Author: Damien Miller <djm@mindrot.org>
3706Date:   Thu Jan 15 02:21:31 2015 +1100
3707
3708    support --without-openssl at configure time
3709
3710    Disables and removes dependency on OpenSSL. Many features don't
3711    work and the set of crypto options is greatly restricted. This
3712    will only work on system with native arc4random or /dev/urandom.
3713
3714    Considered highly experimental for now.
3715
3716commit 4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9
3717Author: Damien Miller <djm@mindrot.org>
3718Date:   Thu Jan 15 02:28:00 2015 +1100
3719
3720    add files missed in last commit
3721
3722commit a165bab605f7be55940bb8fae977398e8c96a46d
3723Author: djm@openbsd.org <djm@openbsd.org>
3724Date:   Wed Jan 14 15:02:39 2015 +0000
3725
3726    upstream commit
3727
3728    avoid BIGNUM in KRL code by using a simple bitmap;
3729     feedback and ok markus
3730
3731commit 7d845f4a0b7ec97887be204c3760e44de8bf1f32
3732Author: djm@openbsd.org <djm@openbsd.org>
3733Date:   Wed Jan 14 13:54:13 2015 +0000
3734
3735    upstream commit
3736
3737    update sftp client and server to new buffer API. pretty
3738     much just mechanical changes; with & ok markus
3739
3740commit 139ca81866ec1b219c717d17061e5e7ad1059e2a
3741Author: markus@openbsd.org <markus@openbsd.org>
3742Date:   Wed Jan 14 13:09:09 2015 +0000
3743
3744    upstream commit
3745
3746    switch to sshbuf/sshkey; with & ok djm@
3747
3748commit 81bfbd0bd35683de5d7f2238b985e5f8150a9180
3749Author: Damien Miller <djm@mindrot.org>
3750Date:   Wed Jan 14 21:48:18 2015 +1100
3751
3752    support --without-openssl at configure time
3753
3754    Disables and removes dependency on OpenSSL. Many features don't
3755    work and the set of crypto options is greatly restricted. This
3756    will only work on system with native arc4random or /dev/urandom.
3757
3758    Considered highly experimental for now.
3759
3760commit 54924b53af15ccdcbb9f89984512b5efef641a31
3761Author: djm@openbsd.org <djm@openbsd.org>
3762Date:   Wed Jan 14 10:46:28 2015 +0000
3763
3764    upstream commit
3765
3766    avoid an warning for the !OPENSSL case
3767
3768commit ae8b463217f7c9b66655bfc3945c050ffdaeb861
3769Author: markus@openbsd.org <markus@openbsd.org>
3770Date:   Wed Jan 14 10:30:34 2015 +0000
3771
3772    upstream commit
3773
3774    swith auth-options to new sshbuf/sshkey; ok djm@
3775
3776commit 540e891191b98b89ee90aacf5b14a4a68635e763
3777Author: djm@openbsd.org <djm@openbsd.org>
3778Date:   Wed Jan 14 10:29:45 2015 +0000
3779
3780    upstream commit
3781
3782    make non-OpenSSL aes-ctr work on sshd w/ privsep; ok
3783     markus@
3784
3785commit 60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53
3786Author: markus@openbsd.org <markus@openbsd.org>
3787Date:   Wed Jan 14 10:24:42 2015 +0000
3788
3789    upstream commit
3790
3791    remove unneeded includes, sync my copyright across files
3792     & whitespace; ok djm@
3793
3794commit 128343bcdb0b60fc826f2733df8cf979ec1627b4
3795Author: markus@openbsd.org <markus@openbsd.org>
3796Date:   Tue Jan 13 19:31:40 2015 +0000
3797
3798    upstream commit
3799
3800    adapt mac.c to ssherr.h return codes (de-fatal) and
3801     simplify dependencies ok djm@
3802
3803commit e7fd952f4ea01f09ceb068721a5431ac2fd416ed
3804Author: djm@openbsd.org <djm@openbsd.org>
3805Date:   Tue Jan 13 19:04:35 2015 +0000
3806
3807    upstream commit
3808
3809    sync changes from libopenssh; prepared by markus@ mostly
3810     debug output tweaks, a couple of error return value changes and some other
3811     minor stuff
3812
3813commit 76c0480a85675f03a1376167cb686abed01a3583
3814Author: Damien Miller <djm@mindrot.org>
3815Date:   Tue Jan 13 19:38:18 2015 +1100
3816
3817    add --without-ssh1 option to configure
3818
3819    Allows disabling support for SSH protocol 1.
3820
3821commit 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03
3822Author: djm@openbsd.org <djm@openbsd.org>
3823Date:   Tue Jan 13 07:39:19 2015 +0000
3824
3825    upstream commit
3826
3827    add sshd_config HostbasedAcceptedKeyTypes and
3828     PubkeyAcceptedKeyTypes options to allow sshd to control what public key types
3829     will be accepted. Currently defaults to all. Feedback & ok markus@
3830
3831commit 816d1538c24209a93ba0560b27c4fda57c3fff65
3832Author: markus@openbsd.org <markus@openbsd.org>
3833Date:   Mon Jan 12 20:13:27 2015 +0000
3834
3835    upstream commit
3836
3837    unbreak parsing of pubkey comments; with gerhard; ok
3838     djm/deraadt
3839
3840commit 0097565f849851812df610b7b6b3c4bd414f6c62
3841Author: markus@openbsd.org <markus@openbsd.org>
3842Date:   Mon Jan 12 19:22:46 2015 +0000
3843
3844    upstream commit
3845
3846    missing error assigment on sshbuf_put_string()
3847
3848commit a7f49dcb527dd17877fcb8d5c3a9a6f550e0bba5
3849Author: djm@openbsd.org <djm@openbsd.org>
3850Date:   Mon Jan 12 15:18:07 2015 +0000
3851
3852    upstream commit
3853
3854    apparently memcpy(x, NULL, 0) is undefined behaviour
3855     according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls
3856     when length==0; ok markus@
3857
3858commit 905fe30fca82f38213763616d0d26eb6790bde33
3859Author: markus@openbsd.org <markus@openbsd.org>
3860Date:   Mon Jan 12 14:05:19 2015 +0000
3861
3862    upstream commit
3863
3864    free->sshkey_free; ok djm@
3865
3866commit f067cca2bc20c86b110174c3fef04086a7f57b13
3867Author: markus@openbsd.org <markus@openbsd.org>
3868Date:   Mon Jan 12 13:29:27 2015 +0000
3869
3870    upstream commit
3871
3872    allow WITH_OPENSSL w/o WITH_SSH1; ok djm@
3873
3874commit c4bfafcc2a9300d9cfb3c15e75572d3a7d74670d
3875Author: djm@openbsd.org <djm@openbsd.org>
3876Date:   Thu Jan 8 13:10:58 2015 +0000
3877
3878    upstream commit
3879
3880    adjust for sshkey_load_file() API change
3881
3882commit e752c6d547036c602b89e9e704851463bd160e32
3883Author: djm@openbsd.org <djm@openbsd.org>
3884Date:   Thu Jan 8 13:44:36 2015 +0000
3885
3886    upstream commit
3887
3888    fix ssh_config FingerprintHash evaluation order; from Petr
3889     Lautrbach
3890
3891commit ab24ab847b0fc94c8d5e419feecff0bcb6d6d1bf
3892Author: djm@openbsd.org <djm@openbsd.org>
3893Date:   Thu Jan 8 10:15:45 2015 +0000
3894
3895    upstream commit
3896
3897    reorder hostbased key attempts to better match the
3898     default hostkey algorithms order in myproposal.h; ok markus@
3899
3900commit 1195f4cb07ef4b0405c839293c38600b3e9bdb46
3901Author: djm@openbsd.org <djm@openbsd.org>
3902Date:   Thu Jan 8 10:14:08 2015 +0000
3903
3904    upstream commit
3905
3906    deprecate key_load_private_pem() and
3907     sshkey_load_private_pem() interfaces. Refactor the generic key loading API to
3908     not require pathnames to be specified (they weren't really used).
3909
3910    Fixes a few other things en passant:
3911
3912    Makes ed25519 keys work for hostbased authentication (ssh-keysign
3913    previously used the PEM-only routines).
3914
3915    Fixes key comment regression bz#2306: key pathnames were being lost as
3916    comment fields.
3917
3918    ok markus@
3919
3920commit febbe09e4e9aff579b0c5cc1623f756862e4757d
3921Author: tedu@openbsd.org <tedu@openbsd.org>
3922Date:   Wed Jan 7 18:15:07 2015 +0000
3923
3924    upstream commit
3925
3926    workaround for the Meyer, et al, Bleichenbacher Side
3927     Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm
3928     markus
3929
3930commit 5191df927db282d3123ca2f34a04d8d96153911a
3931Author: djm@openbsd.org <djm@openbsd.org>
3932Date:   Tue Dec 23 22:42:48 2014 +0000
3933
3934    upstream commit
3935
3936    KNF and add a little more debug()
3937
3938commit 8abd80315d3419b20e6938f74d37e2e2b547f0b7
3939Author: jmc@openbsd.org <jmc@openbsd.org>
3940Date:   Mon Dec 22 09:26:31 2014 +0000
3941
3942    upstream commit
3943
3944    add fingerprinthash to the options list;
3945
3946commit 296ef0560f60980da01d83b9f0e1a5257826536f
3947Author: jmc@openbsd.org <jmc@openbsd.org>
3948Date:   Mon Dec 22 09:24:59 2014 +0000
3949
3950    upstream commit
3951
3952    tweak previous;
3953
3954commit 462082eacbd37778a173afb6b84c6f4d898a18b5
3955Author: Damien Miller <djm@google.com>
3956Date:   Tue Dec 30 08:16:11 2014 +1100
3957
3958    avoid uninitialised free of ldns_res
3959
3960    If an invalid rdclass was passed to getrrsetbyname() then
3961    this would execute a free on an uninitialised pointer.
3962    OpenSSH only ever calls this with a fixed and valid rdclass.
3963
3964    Reported by Joshua Rogers
3965
3966commit 01b63498801053f131a0740eb9d13faf35d636c8
3967Author: Damien Miller <djm@google.com>
3968Date:   Mon Dec 29 18:10:18 2014 +1100
3969
3970    pull updated OpenBSD BCrypt PBKDF implementation
3971
3972    Includes fix for 1 byte output overflow for large key length
3973    requests (not reachable in OpenSSH).
3974
3975    Pointed out by Joshua Rogers
3976
3977commit c528c1b4af2f06712177b3de9b30705752f7cbcb
3978Author: Damien Miller <djm@google.com>
3979Date:   Tue Dec 23 15:26:13 2014 +1100
3980
3981    fix variable name for IPv6 case in construct_utmpx
3982
3983    patch from writeonce AT midipix.org via bz#2296
3984
3985commit 293cac52dcda123244b2e594d15592e5e481c55e
3986Author: Damien Miller <djm@google.com>
3987Date:   Mon Dec 22 16:30:42 2014 +1100
3988
3989    include and use OpenBSD netcat in regress/
3990
3991commit 8f6784f0cb56dc4fd00af3e81a10050a5785228d
3992Author: djm@openbsd.org <djm@openbsd.org>
3993Date:   Mon Dec 22 09:05:17 2014 +0000
3994
3995    upstream commit
3996
3997    mention ssh -Q feature to list supported { MAC, cipher,
3998     KEX, key } algorithms in more places and include the query string used to
3999     list the relevant information; bz#2288
4000
4001commit 449e11b4d7847079bd0a2daa6e3e7ea03d8ef700
4002Author: jmc@openbsd.org <jmc@openbsd.org>
4003Date:   Mon Dec 22 08:24:17 2014 +0000
4004
4005    upstream commit
4006
4007    tweak previous;
4008
4009commit 4bea0ab3290c0b9dd2aa199e932de8e7e18062d6
4010Author: djm@openbsd.org <djm@openbsd.org>
4011Date:   Mon Dec 22 08:06:03 2014 +0000
4012
4013    upstream commit
4014
4015    regression test for multiple required pubkey authentication;
4016     ok markus@
4017
4018commit f1c4d8ec52158b6f57834b8cd839605b0a33e7f2
4019Author: djm@openbsd.org <djm@openbsd.org>
4020Date:   Mon Dec 22 08:04:23 2014 +0000
4021
4022    upstream commit
4023
4024    correct description of what will happen when a
4025     AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd
4026     will refuse to start)
4027
4028commit 161cf419f412446635013ac49e8c660cadc36080
4029Author: djm@openbsd.org <djm@openbsd.org>
4030Date:   Mon Dec 22 07:55:51 2014 +0000
4031
4032    upstream commit
4033
4034    make internal handling of filename arguments of "none"
4035     more consistent with ssh. "none" arguments are now replaced with NULL when
4036     the configuration is finalised.
4037
4038    Simplifies checking later on (just need to test not-NULL rather than
4039    that + strcmp) and cleans up some inconsistencies. ok markus@
4040
4041commit f69b69b8625be447b8826b21d87713874dac25a6
4042Author: djm@openbsd.org <djm@openbsd.org>
4043Date:   Mon Dec 22 07:51:30 2014 +0000
4044
4045    upstream commit
4046
4047    remember which public keys have been used for
4048     authentication and refuse to accept previously-used keys.
4049
4050    This allows AuthenticationMethods=publickey,publickey to require
4051    that users authenticate using two _different_ pubkeys.
4052
4053    ok markus@
4054
4055commit 46ac2ed4677968224c4ca825bc98fc68dae183f0
4056Author: djm@openbsd.org <djm@openbsd.org>
4057Date:   Mon Dec 22 07:24:11 2014 +0000
4058
4059    upstream commit
4060
4061    fix passing of wildcard forward bind addresses when
4062     connection multiplexing is in use; patch from Sami Hartikainen via bz#2324;
4063     ok dtucker@
4064
4065commit 0d1b241a262e4d0a6bbfdd595489ab1b853c43a1
4066Author: djm@openbsd.org <djm@openbsd.org>
4067Date:   Mon Dec 22 06:14:29 2014 +0000
4068
4069    upstream commit
4070
4071    make this slightly easier to diff against portable
4072
4073commit 0715bcdddbf68953964058f17255bf54734b8737
4074Author: Damien Miller <djm@mindrot.org>
4075Date:   Mon Dec 22 13:47:07 2014 +1100
4076
4077    add missing regress output file
4078
4079commit 1e30483c8ad2c2f39445d4a4b6ab20c241e40593
4080Author: djm@openbsd.org <djm@openbsd.org>
4081Date:   Mon Dec 22 02:15:52 2014 +0000
4082
4083    upstream commit
4084
4085    adjust for new SHA256 key fingerprints and
4086     slightly-different MD5 hex fingerprint format
4087
4088commit 6b40567ed722df98593ad8e6a2d2448fc2b4b151
4089Author: djm@openbsd.org <djm@openbsd.org>
4090Date:   Mon Dec 22 01:14:49 2014 +0000
4091
4092    upstream commit
4093
4094    poll changes to netcat (usr.bin/netcat.c r1.125) broke
4095     this test; fix it by ensuring more stdio fds are sent to devnull
4096
4097commit a5375ccb970f49dddf7d0ef63c9b713ede9e7260
4098Author: jmc@openbsd.org <jmc@openbsd.org>
4099Date:   Sun Dec 21 23:35:14 2014 +0000
4100
4101    upstream commit
4102
4103    tweak previous;
4104
4105commit b79efde5c3badf5ce4312fe608d8307eade533c5
4106Author: djm@openbsd.org <djm@openbsd.org>
4107Date:   Sun Dec 21 23:12:42 2014 +0000
4108
4109    upstream commit
4110
4111    document FingerprintHash here too
4112
4113commit d16bdd8027dd116afa01324bb071a4016cdc1a75
4114Author: Damien Miller <djm@mindrot.org>
4115Date:   Mon Dec 22 10:18:09 2014 +1100
4116
4117    missing include for base64 encoding
4118
4119commit 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994
4120Author: djm@openbsd.org <djm@openbsd.org>
4121Date:   Sun Dec 21 22:27:55 2014 +0000
4122
4123    upstream commit
4124
4125    Add FingerprintHash option to control algorithm used for
4126     key fingerprints. Default changes from MD5 to SHA256 and format from hex to
4127     base64.
4128
4129    Feedback and ok naddy@ markus@
4130
4131commit 058f839fe15c51be8b3a844a76ab9a8db550be4f
4132Author: djm@openbsd.org <djm@openbsd.org>
4133Date:   Thu Dec 18 23:58:04 2014 +0000
4134
4135    upstream commit
4136
4137    don't count partial authentication success as a failure
4138     against MaxAuthTries; ok deraadt@
4139
4140commit c7219f4f54d64d6dde66dbcf7a2699daa782d2a1
4141Author: djm@openbsd.org <djm@openbsd.org>
4142Date:   Fri Dec 12 00:02:17 2014 +0000
4143
4144    upstream commit
4145
4146    revert chunk I didn't mean to commit yet; via jmc@
4147
4148commit 7de5991aa3997e2981440f39c1ea01273a0a2c7b
4149Author: Damien Miller <djm@mindrot.org>
4150Date:   Thu Dec 18 11:44:06 2014 +1100
4151
4152    upstream libc change
4153
4154    revision 1.2
4155    date: 2014/12/08 03:45:00;  author: bcook;  state: Exp;  lines: +2 -2;  commitid: 7zWEBgJJOCZ2hvTV;
4156    avoid left shift overflow in reallocarray.
4157
4158    Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting
4159    1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with
4160    (size_t)1 so that we get the correct constant size for the platform.
4161
4162    discussed with tedu@ & deraadt@
4163
4164commit 2048f85a5e6da8bc6e0532efe02ecfd4e63c978c
4165Author: Damien Miller <djm@mindrot.org>
4166Date:   Thu Dec 18 10:15:49 2014 +1100
4167
4168    include CFLAGS in gnome askpass targets
4169
4170    from Fedora
4171
4172commit 48b68ce19ca42fa488960028048dec023f7899bb
4173Author: djm@openbsd.org <djm@openbsd.org>
4174Date:   Thu Dec 11 08:20:09 2014 +0000
4175
4176    upstream commit
4177
4178    explicitly include sys/param.h in files that use the
4179     howmany() macro; from portable
4180
4181commit d663bea30a294d440fef4398e5cd816317bd4518
4182Author: djm@openbsd.org <djm@openbsd.org>
4183Date:   Thu Dec 11 05:25:06 2014 +0000
4184
4185    upstream commit
4186
4187    mention AuthorizedKeysCommandUser must be set for
4188     AuthorizedKeysCommand to be run; bz#2287
4189
4190commit 17bf3d81e00f2abb414a4fd271118cf4913f049f
4191Author: djm@openbsd.org <djm@openbsd.org>
4192Date:   Thu Dec 11 05:13:28 2014 +0000
4193
4194    upstream commit
4195
4196    show in debug output which hostkeys are being tried when
4197     attempting hostbased auth; patch from Iain Morgan
4198
4199commit da0277e3717eadf5b15e03379fc29db133487e94
4200Author: djm@openbsd.org <djm@openbsd.org>
4201Date:   Thu Dec 11 04:16:14 2014 +0000
4202
4203    upstream commit
4204
4205    Make manual reflect reality: sftp-server's -d option
4206     accepts a "%d" option, not a "%h" one.
4207
4208    bz#2316; reported by Kirk Wolf
4209
4210commit 4cf87f4b81fa9380bce5fcff7b0f8382ae3ad996
4211Author: djm@openbsd.org <djm@openbsd.org>
4212Date:   Wed Dec 10 01:24:09 2014 +0000
4213
4214    upstream commit
4215
4216    better error value for invalid signature length
4217
4218commit 4bfad14ca56f8ae04f418997816b4ba84e2cfc3c
4219Author: Darren Tucker <dtucker@zip.com.au>
4220Date:   Wed Dec 10 02:12:51 2014 +1100
4221
4222    Resync more with OpenBSD's rijndael.c, in particular "#if 0"-ing out some
4223    unused code.  Should fix compile error reported by plautrba at redhat.
4224
4225commit 642652d280499691c8212ec6b79724b50008ce09
4226Author: Darren Tucker <dtucker@zip.com.au>
4227Date:   Wed Dec 10 01:32:23 2014 +1100
4228
4229    Add reallocarray to compat library
4230
4231commit 3dfd8d93dfcc69261f5af99df56f3ff598581979
4232Author: djm@openbsd.org <djm@openbsd.org>
4233Date:   Thu Dec 4 22:31:50 2014 +0000
4234
4235    upstream commit
4236
4237    add tests for new client RevokedHostKeys option; refactor
4238     to make it a bit more readable
4239
4240commit a31046cad1aed16a0b55171192faa6d02665ccec
4241Author: krw@openbsd.org <krw@openbsd.org>
4242Date:   Wed Nov 19 13:35:37 2014 +0000
4243
4244    upstream commit
4245
4246    Nuke yet more obvious #include duplications.
4247
4248    ok deraadt@
4249
4250commit a7c762e5b2c1093542c0bc1df25ccec0b4cf479f
4251Author: djm@openbsd.org <djm@openbsd.org>
4252Date:   Thu Dec 4 20:47:36 2014 +0000
4253
4254    upstream commit
4255
4256    key_in_file() wrapper is no longer used
4257
4258commit 5e39a49930d885aac9c76af3129332b6e772cd75
4259Author: djm@openbsd.org <djm@openbsd.org>
4260Date:   Thu Dec 4 02:24:32 2014 +0000
4261
4262    upstream commit
4263
4264    add RevokedHostKeys option for the client
4265
4266    Allow textfile or KRL-based revocation of hostkeys.
4267
4268commit 74de254bb92c684cf53461da97f52d5ba34ded80
4269Author: djm@openbsd.org <djm@openbsd.org>
4270Date:   Thu Dec 4 01:49:59 2014 +0000
4271
4272    upstream commit
4273
4274    convert KRL code to new buffer API
4275
4276    ok markus@
4277
4278commit db995f2eed5fc432598626fa3e30654503bf7151
4279Author: millert@openbsd.org <millert@openbsd.org>
4280Date:   Wed Nov 26 18:34:51 2014 +0000
4281
4282    upstream commit
4283
4284    Prefer setvbuf() to setlinebuf() for portability; ok
4285     deraadt@
4286
4287commit 72bba3d179ced8b425272efe6956a309202a91f3
4288Author: jsg@openbsd.org <jsg@openbsd.org>
4289Date:   Mon Nov 24 03:39:22 2014 +0000
4290
4291    upstream commit
4292
4293    Fix crashes in the handling of the sshd config file found
4294     with the afl fuzzer.
4295
4296    ok deraadt@ djm@
4297
4298commit 867f49c666adcfe92bf539d9c37c1accdea08bf6
4299Author: Damien Miller <djm@mindrot.org>
4300Date:   Wed Nov 26 13:22:41 2014 +1100
4301
4302    Avoid Cygwin ssh-host-config reading /etc/group
4303
4304    Patch from Corinna Vinschen
4305
4306commit 8b66f36291a721b1ba7c44f24a07fdf39235593e
4307Author: Damien Miller <djm@mindrot.org>
4308Date:   Wed Nov 26 13:20:35 2014 +1100
4309
4310    allow custom service name for sshd on Cygwin
4311
4312    Permits the use of multiple sshd running with different service names.
4313
4314    Patch by Florian Friesdorf via Corinna Vinschen
4315
4316commit 08c0eebf55d70a9ae1964399e609288ae3186a0c
4317Author: jmc@openbsd.org <jmc@openbsd.org>
4318Date:   Sat Nov 22 19:21:03 2014 +0000
4319
4320    upstream commit
4321
4322    restore word zapped in previous, and remove some useless
4323     "No" macros;
4324
4325commit a1418a0033fba43f061513e992e1cbcc3343e563
4326Author: deraadt@openbsd.org <deraadt@openbsd.org>
4327Date:   Sat Nov 22 18:15:41 2014 +0000
4328
4329    upstream commit
4330
4331    /dev/random has created the same effect as /dev/arandom
4332     (and /dev/urandom) for quite some time.  Mop up the last few, by using
4333     /dev/random where we actually want it, or not even mentioning arandom where
4334     it is irrelevant.
4335
4336commit b6de5ac9ed421362f479d1ad4fa433d2e25dad5b
4337Author: djm@openbsd.org <djm@openbsd.org>
4338Date:   Fri Nov 21 01:00:38 2014 +0000
4339
4340    upstream commit
4341
4342    fix NULL pointer dereference crash on invalid timestamp
4343
4344    found using Michal Zalewski's afl fuzzer
4345
4346commit a1f8110cd5ed818d59b3a2964fab7de76e92c18e
4347Author: mikeb@openbsd.org <mikeb@openbsd.org>
4348Date:   Tue Nov 18 22:38:48 2014 +0000
4349
4350    upstream commit
4351
4352    Sync AES code to the one shipped in OpenSSL/LibreSSL.
4353
4354    This includes a commit made by Andy Polyakov <appro at openssl ! org>
4355    to the OpenSSL source tree on Wed, 28 Jun 2006 with the following
4356    message: "Mitigate cache-collision timing attack on last round."
4357
4358    OK naddy, miod, djm
4359
4360commit 335c83d5f35d8620e16b8aa26592d4f836e09ad2
4361Author: krw@openbsd.org <krw@openbsd.org>
4362Date:   Tue Nov 18 20:54:28 2014 +0000
4363
4364    upstream commit
4365
4366    Nuke more obvious #include duplications.
4367
4368    ok deraadt@ millert@ tedu@
4369
4370commit 51b64e44121194ae4bf153dee391228dada2abcb
4371Author: djm@openbsd.org <djm@openbsd.org>
4372Date:   Mon Nov 17 00:21:40 2014 +0000
4373
4374    upstream commit
4375
4376    fix KRL generation when multiple CAs are in use
4377
4378    We would generate an invalid KRL when revoking certs by serial
4379    number for multiple CA keys due to a section being written out
4380    twice.
4381
4382    Also extend the regress test to catch this case by having it
4383    produce a multi-CA KRL.
4384
4385    Reported by peter AT pean.org
4386
4387commit d2d51003a623e21fb2b25567c4878d915e90aa2a
4388Author: djm@openbsd.org <djm@openbsd.org>
4389Date:   Tue Nov 18 01:02:25 2014 +0000
4390
4391    upstream commit
4392
4393    fix NULL pointer dereference crash in key loading
4394
4395    found by Michal Zalewski's AFL fuzzer
4396
4397commit 9f9fad0191028edc43d100d0ded39419b6895fdf
4398Author: djm@openbsd.org <djm@openbsd.org>
4399Date:   Mon Nov 17 00:21:40 2014 +0000
4400
4401    upstream commit
4402
4403    fix KRL generation when multiple CAs are in use
4404
4405    We would generate an invalid KRL when revoking certs by serial
4406    number for multiple CA keys due to a section being written out
4407    twice.
4408
4409    Also extend the regress test to catch this case by having it
4410    produce a multi-CA KRL.
4411
4412    Reported by peter AT pean.org
4413
4414commit da8af83d3f7ec00099963e455010e0ed1d7d0140
4415Author: bentley@openbsd.org <bentley@openbsd.org>
4416Date:   Sat Nov 15 14:41:03 2014 +0000
4417
4418    upstream commit
4419
4420    Reduce instances of `` '' in manuals.
4421
4422    troff displays these as typographic quotes, but nroff implementations
4423    almost always print them literally, which rarely has the intended effect
4424    with modern fonts, even in stock xterm.
4425
4426    These uses of `` '' can be replaced either with more semantic alternatives
4427    or with Dq, which prints typographic quotes in a UTF-8 locale (but will
4428    automatically fall back to `` '' in an ASCII locale).
4429
4430    improvements and ok schwarze@
4431
4432commit fc302561369483bb755b17f671f70fb894aec01d
4433Author: djm@openbsd.org <djm@openbsd.org>
4434Date:   Mon Nov 10 22:25:49 2014 +0000
4435
4436    upstream commit
4437
4438    mux-related manual tweaks
4439
4440    mention ControlPersist=0 is the same as ControlPersist=yes
4441
4442    recommend that ControlPath sockets be placed in a og-w directory
4443
4444commit 0e4cff5f35ed11102fe3783779960ef07e0cd381
4445Author: Damien Miller <djm@google.com>
4446Date:   Wed Nov 5 11:01:31 2014 +1100
4447
4448    Prepare scripts for next Cygwin release
4449
4450    Makes the Cygwin-specific ssh-user-config script independent of the
4451    existence of /etc/passwd.  The next Cygwin release will allow to
4452    generate passwd and group entries from the Windows account DBs, so the
4453    scripts have to adapt.
4454
4455    from Corinna Vinschen
4456
4457commit 7d0ba5336651731949762eb8877ce9e3b52df436
4458Author: Damien Miller <djm@mindrot.org>
4459Date:   Thu Oct 30 10:45:41 2014 +1100
4460
4461    include version number in OpenSSL-too-old error
4462
4463commit 3bcb92e04d9207e9f78d82f7918c6d3422054ce9
4464Author: lteo@openbsd.org <lteo@openbsd.org>
4465Date:   Fri Oct 24 02:01:20 2014 +0000
4466
4467    upstream commit
4468
4469    Remove unnecessary include: netinet/in_systm.h is not needed
4470     by these programs.
4471
4472    NB. skipped for portable
4473
4474    ok deraadt@ millert@
4475
4476commit 6fdcaeb99532e28a69f1a1599fbd540bb15b70a0
4477Author: djm@openbsd.org <djm@openbsd.org>
4478Date:   Mon Oct 20 03:43:01 2014 +0000
4479
4480    upstream commit
4481
4482    whitespace
4483
4484commit 165bc8786299e261706ed60342985f9de93a7461
4485Author: daniel@openbsd.org <daniel@openbsd.org>
4486Date:   Tue Oct 14 03:09:59 2014 +0000
4487
4488    upstream commit
4489
4490    plug a memory leak; from Maxime Villard.
4491
4492    ok djm@
4493
4494commit b1ba15f3885947c245c2dbfaad0a04ba050abea0
4495Author: jmc@openbsd.org <jmc@openbsd.org>
4496Date:   Thu Oct 9 06:21:31 2014 +0000
4497
4498    upstream commit
4499
4500    tweak previous;
4501
4502commit 259a02ebdf74ad90b41d116ecf70aa823fa4c6e7
4503Author: djm@openbsd.org <djm@openbsd.org>
4504Date:   Mon Oct 13 00:38:35 2014 +0000
4505
4506    upstream commit
4507
4508    whitespace
4509
4510commit 957fbceb0f3166e41b76fdb54075ab3b9cc84cba
4511Author: djm@openbsd.org <djm@openbsd.org>
4512Date:   Wed Oct 8 22:20:25 2014 +0000
4513
4514    upstream commit
4515
4516    Tweak config reparsing with host canonicalisation
4517
4518    Make the second pass through the config files always run when
4519    hostname canonicalisation is enabled.
4520
4521    Add a "Match canonical" criteria that allows ssh_config Match
4522    blocks to trigger only in the second config pass.
4523
4524    Add a -G option to ssh that causes it to parse its configuration
4525    and dump the result to stdout, similar to "sshd -T"
4526
4527    Allow ssh_config Port options set in the second config parse
4528    phase to be applied (they were being ignored).
4529
4530    bz#2267 bz#2286; ok markus
4531
4532commit 5c0dafd38bf66feeeb45fa0741a5baf5ad8039ba
4533Author: djm@openbsd.org <djm@openbsd.org>
4534Date:   Wed Oct 8 22:15:27 2014 +0000
4535
4536    upstream commit
4537
4538    another -Wpointer-sign from clang
4539
4540commit bb005dc815ebda9af3ae4b39ca101c4da918f835
4541Author: djm@openbsd.org <djm@openbsd.org>
4542Date:   Wed Oct 8 22:15:06 2014 +0000
4543
4544    upstream commit
4545
4546    fix a few -Wpointer-sign warnings from clang
4547
4548commit 3cc1fbb4fb0e804bfb873fd363cea91b27fc8188
4549Author: djm@openbsd.org <djm@openbsd.org>
4550Date:   Wed Oct 8 21:45:48 2014 +0000
4551
4552    upstream commit
4553
4554    parse cert sections using nested buffers to reduce
4555     copies; ok markus
4556
4557commit 4a45922aebf99164e2fc83d34fe55b11ae1866ef
4558Author: djm@openbsd.org <djm@openbsd.org>
4559Date:   Mon Oct 6 00:47:15 2014 +0000
4560
4561    upstream commit
4562
4563    correct options in usage(); from mancha1 AT zoho.com
4564
4565commit 48dffd5bebae6fed0556dc5c36cece0370690618
4566Author: djm@openbsd.org <djm@openbsd.org>
4567Date:   Tue Sep 9 09:45:36 2014 +0000
4568
4569    upstream commit
4570
4571    mention permissions on tun(4) devices in PermitTunnel
4572     documentation; bz#2273
4573
4574commit a5883d4eccb94b16c355987f58f86a7dee17a0c2
4575Author: djm@openbsd.org <djm@openbsd.org>
4576Date:   Wed Sep 3 18:55:07 2014 +0000
4577
4578    upstream commit
4579
4580    tighten permissions on pty when the "tty" group does
4581     not exist; pointed out by Corinna Vinschen; ok markus
4582
4583commit 180bcb406b58bf30723c01a6b010e48ee626dda8
4584Author: sobrado@openbsd.org <sobrado@openbsd.org>
4585Date:   Sat Aug 30 16:32:25 2014 +0000
4586
4587    upstream commit
4588
4589    typo.
4590
4591commit f70b22bcdd52f6bf127047b3584371e6e5d45627
4592Author: sobrado@openbsd.org <sobrado@openbsd.org>
4593Date:   Sat Aug 30 15:33:50 2014 +0000
4594
4595    upstream commit
4596
4597    improve capitalization for the Ed25519 public-key
4598     signature system.
4599
4600    ok djm@
4601
4602commit 7df8818409c752cf3f0c3f8044fe9aebed8647bd
4603Author: doug@openbsd.org <doug@openbsd.org>
4604Date:   Thu Aug 21 01:08:52 2014 +0000
4605
4606    upstream commit
4607
4608    Free resources on error in mkstemp and fdopen
4609
4610    ok djm@
4611
4612commit 40ba4c9733aaed08304714faeb61529f18da144b
4613Author: deraadt@openbsd.org <deraadt@openbsd.org>
4614Date:   Wed Aug 20 01:28:55 2014 +0000
4615
4616    upstream commit
4617
4618    djm how did you make a typo like that...
4619
4620commit 57d378ec9278ba417a726f615daad67d157de666
4621Author: djm@openbsd.org <djm@openbsd.org>
4622Date:   Tue Aug 19 23:58:28 2014 +0000
4623
4624    upstream commit
4625
4626    When dumping the server configuration (sshd -T), print
4627     correct KEX, MAC and cipher defaults. Spotted by Iain Morgan
4628
4629commit 7ff880ede5195d0b17e7f1e3b6cfbc4cb6f85240
4630Author: djm@openbsd.org <djm@openbsd.org>
4631Date:   Tue Aug 19 23:57:18 2014 +0000
4632
4633    upstream commit
4634
4635    ~-expand lcd paths
4636
4637commit 4460a7ad0c78d4cd67c467f6e9f4254d0404ed59
4638Author: Damien Miller <djm@mindrot.org>
4639Date:   Sun Oct 12 12:35:48 2014 +1100
4640
4641    remove duplicated KEX_DH1 entry
4642
4643commit c9b8426a616138d0d762176c94f51aff3faad5ff
4644Author: Damien Miller <djm@mindrot.org>
4645Date:   Thu Oct 9 10:34:06 2014 +1100
4646
4647    remove ChangeLog file
4648
4649    Commit logs will be generated from git at release time.
4650
4651commit 81d18ff7c93a04affbf3903e0963859763219aed
4652Author: Damien Miller <djm@google.com>
4653Date:   Tue Oct 7 21:24:25 2014 +1100
4654
4655    delete contrib/caldera directory
4656
4657commit 0ec9e87d3638206456968202f05bb5123670607a
4658Author: Damien Miller <djm@google.com>
4659Date:   Tue Oct 7 19:57:27 2014 +1100
4660
4661    test commit
4662
4663commit 8fb65a44568701b779f3d77326bceae63412d28d
4664Author: Damien Miller <djm@mindrot.org>
4665Date:   Tue Oct 7 09:21:49 2014 +1100
4666
4667     - (djm) Release OpenSSH-6.7
4668
4669commit e8c9f2602c46f6781df5e52e6cd8413dab4602a3
4670Author: Damien Miller <djm@mindrot.org>
4671Date:   Fri Oct 3 09:24:56 2014 +1000
4672
4673     - (djm) [sshd_config.5] typo; from Iain Morgan
4674
4675commit 703b98a26706f5083801d11059486d77491342ae
4676Author: Damien Miller <djm@mindrot.org>
4677Date:   Wed Oct 1 09:43:07 2014 +1000
4678
4679     - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]
4680       [openbsd-compat/openbsd-compat.h] Kludge around bad glibc
4681       _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets;
4682       ok dtucker@
4683
4684commit 0fa0ed061bbfedb0daa705e220748154a84c3413
4685Author: Damien Miller <djm@mindrot.org>
4686Date:   Wed Sep 10 08:15:34 2014 +1000
4687
4688     - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;
4689       patch from Felix von Leitner; ok dtucker
4690
4691commit ad7d23d461c3b7e1dcb15db13aee5f4b94dc1a95
4692Author: Darren Tucker <dtucker@zip.com.au>
4693Date:   Tue Sep 9 12:23:10 2014 +1000
4694
4695    20140908
4696     - (dtucker) [INSTALL] Update info about egd.  ok djm@
4697
4698commit 2a8699f37cc2515e3bc60e0c677ba060f4d48191
4699Author: Damien Miller <djm@mindrot.org>
4700Date:   Thu Sep 4 03:46:05 2014 +1000
4701
4702     - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
4703
4704commit 44988defb1f5e3afe576d86000365e1f07a1b494
4705Author: Damien Miller <djm@mindrot.org>
4706Date:   Wed Sep 3 05:35:32 2014 +1000
4707
4708     - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to
4709       permissions/ACLs; from Corinna Vinschen
4710
4711commit 23f269562b7537b2f6f5014e50a25e5dcc55a837
4712Author: Damien Miller <djm@mindrot.org>
4713Date:   Wed Sep 3 05:33:25 2014 +1000
4714
4715     - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
4716       conditionalise to avoid duplicate definition.
4717
4718commit 41c8de2c0031cf59e7cf0c06b5bcfbf4852c1fda
4719Author: Damien Miller <djm@mindrot.org>
4720Date:   Sat Aug 30 16:23:06 2014 +1000
4721
4722     - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@
4723
4724commit d7c81e216a7bd9eed6e239c970d9261bb1651947
4725Author: Damien Miller <djm@mindrot.org>
4726Date:   Sat Aug 30 04:18:28 2014 +1000
4727
4728     - (djm) [openbsd-compat/openssl-compat.h] add include guard
4729
4730commit 4687802dda57365b984b897fc3c8e2867ea09b22
4731Author: Damien Miller <djm@mindrot.org>
4732Date:   Sat Aug 30 03:29:19 2014 +1000
4733
4734     - (djm) [misc.c] Missing newline between functions
4735
4736commit 51c77e29220dee87c53be2dc47092934acab26fe
4737Author: Damien Miller <djm@mindrot.org>
4738Date:   Sat Aug 30 02:30:30 2014 +1000
4739
4740     - (djm) [openbsd-compat/openssl-compat.h] add
4741       OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
4742
4743commit 3d673d103bad35afaec6e7ef73e5277216ce33a3
4744Author: Damien Miller <djm@mindrot.org>
4745Date:   Wed Aug 27 06:32:01 2014 +1000
4746
4747     - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
4748       using memset_s() where possible; improve fallback to indirect bzero
4749       via a volatile pointer to give it more of a chance to avoid being
4750       optimised away.
4751
4752commit 146218ac11a1eb0dcade6f793d7acdef163b5ddc
4753Author: Damien Miller <djm@mindrot.org>
4754Date:   Wed Aug 27 04:11:55 2014 +1000
4755
4756     - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
4757       monitor, not preauth; bz#2263
4758
4759commit 1b215c098b3b37e38aa4e4c91bb908eee41183b1
4760Author: Damien Miller <djm@mindrot.org>
4761Date:   Wed Aug 27 04:04:40 2014 +1000
4762
4763     - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
4764       [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
4765       [regress/unittests/sshkey/common.c]
4766       [regress/unittests/sshkey/test_file.c]
4767       [regress/unittests/sshkey/test_fuzz.c]
4768       [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
4769       on !ECC OpenSSL systems
4770
4771commit ad013944af0a19e3f612089d0099bb397cf6502d
4772Author: Damien Miller <djm@mindrot.org>
4773Date:   Tue Aug 26 09:27:28 2014 +1000
4774
4775     - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,
4776       update OpenSSL version requirement.
4777
4778commit ed126de8ee04c66640a0ea2697c4aaf36801f100
4779Author: Damien Miller <djm@mindrot.org>
4780Date:   Tue Aug 26 08:37:47 2014 +1000
4781
4782     - (djm) [bufec.c] Skip this file on !ECC OpenSSL
4783
4784commit 9c1dede005746864a4fdb36a7cdf6c51296ca909
4785Author: Damien Miller <djm@mindrot.org>
4786Date:   Sun Aug 24 03:01:06 2014 +1000
4787
4788     - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not
4789       PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
4790
4791commit d244a5816fd1312a33404b436e4dd83594f1119e
4792Author: Damien Miller <djm@mindrot.org>
4793Date:   Sat Aug 23 17:06:49 2014 +1000
4794
4795     - (djm) [configure.ac] We now require a working vsnprintf everywhere (not
4796       just for systems that lack asprintf); check for it always and extend
4797       test to catch more brokenness. Fixes builds on Solaris <= 9
4798
4799commit 4cec036362a358e398e6a2e6d19d8e5780558634
4800Author: Damien Miller <djm@mindrot.org>
4801Date:   Sat Aug 23 03:11:09 2014 +1000
4802
4803     - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on
4804       lastlog writing on platforms with high UIDs; bz#2263
4805
4806commit 394a60f2598d28b670d934b93942a3370b779b39
4807Author: Damien Miller <djm@mindrot.org>
4808Date:   Fri Aug 22 18:06:20 2014 +1000
4809
4810     - (djm) [configure.ac] double braces to appease autoconf
4811
4812commit 4d69aeabd6e60afcdc7cca177ca751708ab79a9d
4813Author: Damien Miller <djm@mindrot.org>
4814Date:   Fri Aug 22 17:48:27 2014 +1000
4815
4816     - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/
4817       definition mismatch) and warning for broken/missing snprintf case.
4818
4819commit 0c11f1ac369d2c0aeb0ab0458a7cd04c72fe5e9e
4820Author: Damien Miller <djm@mindrot.org>
4821Date:   Fri Aug 22 17:36:56 2014 +1000
4822
4823     - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC
4824
4825commit 6d62784b8973340b251fea6b04890f471adf28db
4826Author: Damien Miller <djm@mindrot.org>
4827Date:   Fri Aug 22 17:36:19 2014 +1000
4828
4829     - (djm) [configure.ac] include leading zero characters in OpenSSL version
4830       number; fixes test for unsupported versions
4831
4832commit 4f1ff1ed782117f5d5204d4e91156ed5da07cbb7
4833Author: Damien Miller <djm@mindrot.org>
4834Date:   Thu Aug 21 15:54:50 2014 +1000
4835
4836     - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
4837       don't set __progname. Diagnosed by Tom Christensen.
4838
4839commit 005a64da0f457410045ef0bfa93c863c2450447d
4840Author: Damien Miller <djm@mindrot.org>
4841Date:   Thu Aug 21 10:48:41 2014 +1000
4842
4843     - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL
4844
4845commit aa6598ebb3343c7380e918388e10e8ca5852b613
4846Author: Damien Miller <djm@mindrot.org>
4847Date:   Thu Aug 21 10:47:54 2014 +1000
4848
4849     - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.
4850
4851commit 54703e3cf63f0c80d4157e5ad7dbc2b363ee2c56
4852Author: Damien Miller <djm@mindrot.org>
4853Date:   Wed Aug 20 11:10:51 2014 +1000
4854
4855     - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna
4856
4857commit f0935698f0461f24d8d1f1107b476ee5fd4db1cb
4858Author: Damien Miller <djm@mindrot.org>
4859Date:   Wed Aug 20 11:06:50 2014 +1000
4860
4861     - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC
4862
4863commit c5089ecaec3b2c02f014f4e67518390702a4ba14
4864Author: Damien Miller <djm@mindrot.org>
4865Date:   Wed Aug 20 11:06:20 2014 +1000
4866
4867     - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than
4868       -L/-l; fixes linking problems on some platforms
4869
4870commit 2195847e503a382f83ee969b0a8bd3dfe0e55c18
4871Author: Damien Miller <djm@mindrot.org>
4872Date:   Wed Aug 20 11:05:03 2014 +1000
4873
4874     - (djm) [configure.ac] Check OpenSSL version is supported at configure time;
4875       suggested by Kevin Brott
4876
4877commit a75aca1bbc989aa9f8b1b08489d37855f3d24d1a
4878Author: Damien Miller <djm@mindrot.org>
4879Date:   Tue Aug 19 11:36:07 2014 +1000
4880
4881     - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]
4882       [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions
4883       of TCP wrappers.
4884
4885commit 3f022b5a9477abceeb1bbeab04b055f3cc7ca8f6
4886Author: Damien Miller <djm@mindrot.org>
4887Date:   Tue Aug 19 11:32:34 2014 +1000
4888
4889     - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG
4890
4891commit 88137902632aceb923990e98cf5dc923bb3ef2f5
4892Author: Damien Miller <djm@mindrot.org>
4893Date:   Tue Aug 19 11:28:11 2014 +1000
4894
4895     - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.
4896
4897commit 2f3d1e7fb2eabd3cfbfd8d0f7bdd2f9a1888690b
4898Author: Damien Miller <djm@mindrot.org>
4899Date:   Tue Aug 19 11:14:36 2014 +1000
4900
4901     - (djm) [myproposal.h] Make curve25519 KEX dependent on
4902       HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
4903
4904commit d4e7d59d01a6c7f59e8c1f94a83c086e9a33d8aa
4905Author: Damien Miller <djm@mindrot.org>
4906Date:   Tue Aug 19 11:14:17 2014 +1000
4907
4908     - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen
4909
4910commit 9eaeea2cf2b6af5f166cfa9ad3c7a90711a147a9
4911Author: Damien Miller <djm@mindrot.org>
4912Date:   Sun Aug 10 11:35:05 2014 +1000
4913
4914     - (djm) [README contrib/caldera/openssh.spec]
4915       [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
4916
4917commit f8988fbef0c9801d19fa2f8f4f041690412bec37
4918Author: Damien Miller <djm@mindrot.org>
4919Date:   Fri Aug 1 13:31:52 2014 +1000
4920
4921     - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
4922       nc from stdin, it's more portable
4923
4924commit 5b3879fd4b7a4e3d43bab8f40addda39bc1169d0
4925Author: Damien Miller <djm@mindrot.org>
4926Date:   Fri Aug 1 12:28:31 2014 +1000
4927
4928     - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
4929       is closed; avoid regress failures when stdin is /dev/null
4930
4931commit a9c46746d266f8a1b092a72b2150682d1af8ebfc
4932Author: Damien Miller <djm@mindrot.org>
4933Date:   Fri Aug 1 12:26:49 2014 +1000
4934
4935     - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
4936       a better solution, but this will have to do for now.
4937
4938commit 426117b2e965e43f47015942b5be8dd88fe74b88
4939Author: Damien Miller <djm@mindrot.org>
4940Date:   Wed Jul 30 12:33:20 2014 +1000
4941
4942       - schwarze@cvs.openbsd.org 2014/07/28 15:40:08
4943         [sftp-server.8 sshd_config.5]
4944         some systems no longer need /dev/log;
4945         issue noticed by jirib;
4946         ok deraadt
4947
4948commit f497794b6962eaf802ab4ac2a7b22ae591cca1d5
4949Author: Damien Miller <djm@mindrot.org>
4950Date:   Wed Jul 30 12:32:46 2014 +1000
4951
4952       - dtucker@cvs.openbsd.org 2014/07/25 21:22:03
4953         [ssh-agent.c]
4954         Clear buffer used for handling messages.  This prevents keys being
4955         left in memory after they have been expired or deleted in some cases
4956         (but note that ssh-agent is setgid so you would still need root to
4957         access them).  Pointed out by Kevin Burns, ok deraadt
4958
4959commit a8a0f65c57c8ecba94d65948e9090da54014dfef
4960Author: Damien Miller <djm@mindrot.org>
4961Date:   Wed Jul 30 12:32:28 2014 +1000
4962
4963     - OpenBSD CVS Sync
4964       - millert@cvs.openbsd.org 2014/07/24 22:57:10
4965         [ssh.1]
4966         Mention UNIX-domain socket forwarding too.  OK jmc@ deraadt@
4967
4968commit 56b840f2b81e14a2f95c203403633a72566736f8
4969Author: Damien Miller <djm@mindrot.org>
4970Date:   Fri Jul 25 08:11:30 2014 +1000
4971
4972     - (djm) [regress/multiplex.sh] restore incorrectly deleted line;
4973       pointed out by Christian Hesse
4974
4975commit dd417b60d5ca220565d1014e92b7f8f43dc081eb
4976Author: Darren Tucker <dtucker@zip.com.au>
4977Date:   Wed Jul 23 10:41:21 2014 +1000
4978
4979       - dtucker@cvs.openbsd.org 2014/07/22 23:35:38
4980         [regress/unittests/sshkey/testdata/*]
4981         Regenerate test keys with certs signed with ed25519 instead of ecdsa.
4982         These can be used in -portable on platforms that don't support ECDSA.
4983
4984commit 40e50211896369dba8f64f3b5e5fd58b76f5ac3f
4985Author: Darren Tucker <dtucker@zip.com.au>
4986Date:   Wed Jul 23 10:35:45 2014 +1000
4987
4988       - dtucker@cvs.openbsd.org 2014/07/22 23:57:40
4989         [regress/unittests/sshkey/mktestdata.sh]
4990         Add $OpenBSD tag to make syncs easier
4991
4992commit 07e644251e809b1d4c062cf85bd1146a7e3f5a8a
4993Author: Darren Tucker <dtucker@zip.com.au>
4994Date:   Wed Jul 23 10:34:26 2014 +1000
4995
4996       - dtucker@cvs.openbsd.org 2014/07/22 23:23:22
4997         [regress/unittests/sshkey/mktestdata.sh]
4998         Sign test certs with ed25519 instead of ecdsa so that they'll work in
4999         -portable on platforms that don't have ECDSA in their OpenSSL.  ok djm
5000
5001commit cea099a7c4eaecb01b001e5453bb4e5c25006c22
5002Author: Darren Tucker <dtucker@zip.com.au>
5003Date:   Wed Jul 23 10:04:02 2014 +1000
5004
5005       - djm@cvs.openbsd.org 2014/07/22 01:32:12
5006         [regress/multiplex.sh]
5007         change the test for still-open Unix domain sockets to be robust against
5008         nc implementations that produce error messages. from -portable
5009         (Id sync only)
5010
5011commit 31eb78078d349b32ea41952ecc944b3ad6cb0d45
5012Author: Darren Tucker <dtucker@zip.com.au>
5013Date:   Wed Jul 23 09:43:42 2014 +1000
5014
5015       - guenther@cvs.openbsd.org 2014/07/22 07:13:42
5016         [umac.c]
5017         Convert from <sys/endian.h> to the shiney new <endian.h>
5018         ok dtucker@, who also confirmed that -portable handles this already
5019         (ID sync only, includes.h pulls in endian.h if available.)
5020
5021commit 820763efef2d19d965602533036c2b4badc9d465
5022Author: Darren Tucker <dtucker@zip.com.au>
5023Date:   Wed Jul 23 09:40:46 2014 +1000
5024
5025       - dtucker@cvs.openbsd.org 2014/07/22 01:18:50
5026         [key.c]
5027         Prevent spam from key_load_private_pem during hostbased auth.  ok djm@
5028
5029commit c4ee219a66f3190fa96cbd45b4d11015685c6306
5030Author: Darren Tucker <dtucker@zip.com.au>
5031Date:   Wed Jul 23 04:27:50 2014 +1000
5032
5033     - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
5034       specific tests inside OPENSSL_HAS_ECC.
5035
5036commit 04f4824940ea3edd60835416ececbae16438968a
5037Author: Damien Miller <djm@mindrot.org>
5038Date:   Tue Jul 22 11:31:47 2014 +1000
5039
5040     - (djm) [regress/multiplex.sh] change the test for still-open Unix
5041        domain sockets to be robust against nc implementations that produce
5042        error messages.
5043
5044commit 5ea4fe00d55453aaa44007330bb4c3181bd9b796
5045Author: Damien Miller <djm@mindrot.org>
5046Date:   Tue Jul 22 09:39:19 2014 +1000
5047
5048     - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
5049       put it back
5050
5051commit 948a1774a79a85f9deba6d74db95f402dee32c69
5052Author: Darren Tucker <dtucker@zip.com.au>
5053Date:   Tue Jul 22 01:07:11 2014 +1000
5054
5055     - (dtucker) [sshkey.c] ifdef out unused variable when compiling without
5056       OPENSSL_HAS_ECC.
5057
5058commit c8f610f6cc57ae129758052439d9baf13699097b
5059Author: Damien Miller <djm@mindrot.org>
5060Date:   Mon Jul 21 10:23:27 2014 +1000
5061
5062     - (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
5063
5064commit 0e4e95566cd95c887f69272499b8f3880b3ec0f5
5065Author: Damien Miller <djm@mindrot.org>
5066Date:   Mon Jul 21 09:52:54 2014 +1000
5067
5068       - millert@cvs.openbsd.org 2014/07/15 15:54:15
5069         [forwarding.sh multiplex.sh]
5070         Add support for Unix domain socket forwarding.  A remote TCP port
5071         may be forwarded to a local Unix domain socket and vice versa or
5072         both ends may be a Unix domain socket.  This is a reimplementation
5073         of the streamlocal patches by William Ahern from:
5074             http://www.25thandclement.com/~william/projects/streamlocal.html
5075         OK djm@ markus@
5076
5077commit 93a87ab27ecdc709169fb24411133998f81e2761
5078Author: Darren Tucker <dtucker@zip.com.au>
5079Date:   Mon Jul 21 06:30:25 2014 +1000
5080
5081     - (dtucker) [regress/unittests/sshkey/
5082       {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
5083       ifdefs.
5084
5085commit 5573171352ea23df2dc6d2fe0324d023b7ba697c
5086Author: Darren Tucker <dtucker@zip.com.au>
5087Date:   Mon Jul 21 02:24:59 2014 +1000
5088
5089    - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
5090       needed to build AES CTR mode against OpenSSL 0.9.8f and above.  ok djm
5091
5092commit 74e28682711d005026c7c8f15f96aea9d3c8b5a3
5093Author: Tim Rice <tim@multitalents.net>
5094Date:   Fri Jul 18 20:00:11 2014 -0700
5095
5096     - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
5097       in servconf.h.
5098
5099commit d1a0421f8e5e933fee6fb58ee6b9a22c63c8a613
5100Author: Darren Tucker <dtucker@zip.com.au>
5101Date:   Sat Jul 19 07:23:55 2014 +1000
5102
5103     - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.
5104
5105commit f0fe9ea1be62227c130b317769de3d1e736b6dc1
5106Author: Darren Tucker <dtucker@zip.com.au>
5107Date:   Sat Jul 19 06:33:12 2014 +1000
5108
5109     - (dtucker) [Makefile.in] Add a t-exec target to run just the executable
5110       tests.
5111
5112commit 450bc1180d4b061434a4b733c5c8814fa30b022b
5113Author: Darren Tucker <dtucker@zip.com.au>
5114Date:   Sat Jul 19 06:23:18 2014 +1000
5115
5116     - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used
5117       in servconf.h.
5118
5119commit ab2ec586baad122ed169285c31927ccf58bc7b28
5120Author: Damien Miller <djm@mindrot.org>
5121Date:   Fri Jul 18 15:04:47 2014 +1000
5122
5123       - djm@cvs.openbsd.org 2014/07/18 02:46:01
5124         [ssh-agent.c]
5125         restore umask around listener socket creation (dropped in streamlocal patch
5126         merge)
5127
5128commit 357610d15946381ae90c271837dcdd0cdce7145f
5129Author: Damien Miller <djm@mindrot.org>
5130Date:   Fri Jul 18 15:04:10 2014 +1000
5131
5132       - djm@cvs.openbsd.org 2014/07/17 07:22:19
5133         [mux.c ssh.c]
5134         reflect stdio-forward ("ssh -W host:port ...") failures in exit status.
5135         previously we were always returning 0. bz#2255 reported by Brendan
5136         Germain; ok dtucker
5137
5138commit dad9a4a0b7c2b5d78605f8df28718f116524134e
5139Author: Damien Miller <djm@mindrot.org>
5140Date:   Fri Jul 18 15:03:49 2014 +1000
5141
5142       - djm@cvs.openbsd.org 2014/07/17 00:12:03
5143         [key.c]
5144         silence "incorrect passphrase" error spam; reported and ok dtucker@
5145
5146commit f42f7684ecbeec6ce50e0310f80b3d6da2aaf533
5147Author: Damien Miller <djm@mindrot.org>
5148Date:   Fri Jul 18 15:03:27 2014 +1000
5149
5150       - djm@cvs.openbsd.org 2014/07/17 00:10:18
5151         [mux.c]
5152         preserve errno across syscall
5153
5154commit 1b83320628cb0733e3688b85bfe4d388a7c51909
5155Author: Damien Miller <djm@mindrot.org>
5156Date:   Fri Jul 18 15:03:02 2014 +1000
5157
5158       - djm@cvs.openbsd.org 2014/07/17 00:10:56
5159         [sandbox-systrace.c]
5160         ifdef SYS_sendsyslog so this will compile without patching on -stable
5161
5162commit 6d57656331bcd754d912950e4a18ad259d596e61
5163Author: Damien Miller <djm@mindrot.org>
5164Date:   Fri Jul 18 15:02:06 2014 +1000
5165
5166       - jmc@cvs.openbsd.org 2014/07/16 14:48:57
5167         [ssh.1]
5168         add the streamlocal* options to ssh's -o list; millert says they're
5169         irrelevant for scp/sftp;
5170
5171         ok markus millert
5172
5173commit 7acefbbcbeab725420ea07397ae35992f505f702
5174Author: Damien Miller <djm@mindrot.org>
5175Date:   Fri Jul 18 14:11:24 2014 +1000
5176
5177       - millert@cvs.openbsd.org 2014/07/15 15:54:14
5178         [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
5179         [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
5180         [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
5181         [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
5182         [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
5183         [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
5184         [sshd_config.5 sshlogin.c]
5185         Add support for Unix domain socket forwarding.  A remote TCP port
5186         may be forwarded to a local Unix domain socket and vice versa or
5187         both ends may be a Unix domain socket.  This is a reimplementation
5188         of the streamlocal patches by William Ahern from:
5189             http://www.25thandclement.com/~william/projects/streamlocal.html
5190         OK djm@ markus@
5191
5192commit 6262d760e00714523633bd989d62e273a3dca99a
5193Author: Damien Miller <djm@mindrot.org>
5194Date:   Thu Jul 17 09:52:07 2014 +1000
5195
5196       - tedu@cvs.openbsd.org 2014/07/11 13:54:34
5197         [myproposal.h]
5198         by popular demand, add back hamc-sha1 to server proposal for better compat
5199         with many clients still in use. ok deraadt
5200
5201commit 9d69d937b46ecba17f16d923e538ceda7b705c7a
5202Author: Damien Miller <djm@mindrot.org>
5203Date:   Thu Jul 17 09:49:37 2014 +1000
5204
5205       - deraadt@cvs.openbsd.org 2014/07/11 08:09:54
5206         [sandbox-systrace.c]
5207         Permit use of SYS_sendsyslog from inside the sandbox.  Clock is ticking,
5208         update your kernels and sshd soon.. libc will start using sendsyslog()
5209         in about 4 days.
5210
5211commit f6293a0b4129826fc2e37e4062f96825df43c326
5212Author: Damien Miller <djm@mindrot.org>
5213Date:   Thu Jul 17 09:01:25 2014 +1000
5214
5215     - (djm) [digest-openssl.c] Preserve array order when disabling digests.
5216       Reported by Petr Lautrbach.
5217
5218commit 00f9cd230709c04399ef5ff80492d70a55230694
5219Author: Damien Miller <djm@mindrot.org>
5220Date:   Tue Jul 15 10:41:38 2014 +1000
5221
5222     - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto
5223       has been located; fixes builds agains libressl-portable
5224
5225commit 1d0df3249c87019556b83306c28d4769375c2edc
5226Author: Damien Miller <djm@mindrot.org>
5227Date:   Fri Jul 11 09:19:04 2014 +1000
5228
5229     - OpenBSD CVS Sync
5230       - benno@cvs.openbsd.org 2014/07/09 14:15:56
5231         [ssh-add.c]
5232         fix ssh-add crash while loading more than one key
5233         ok markus@
5234
5235commit 7a57eb3d105aa4ced15fb47001092c58811e6d9d
5236Author: Damien Miller <djm@mindrot.org>
5237Date:   Wed Jul 9 13:22:31 2014 +1000
5238
5239       - djm@cvs.openbsd.org 2014/07/07 08:15:26
5240         [multiplex.sh]
5241         remove forced-fatal that I stuck in there to test the new cleanup
5242         logic and forgot to remove...
5243
5244commit 612f965239a30fe536b11ece1834d9f470aeb029
5245Author: Damien Miller <djm@mindrot.org>
5246Date:   Wed Jul 9 13:22:03 2014 +1000
5247
5248       - djm@cvs.openbsd.org 2014/07/06 07:42:03
5249         [multiplex.sh test-exec.sh]
5250         add a hook to the cleanup() function to kill $SSH_PID if it is set
5251
5252         use it to kill the mux master started in multiplex.sh (it was being left
5253         around on fatal failures)
5254
5255commit d0bb950485ba121e43a77caf434115ed6417b46f
5256Author: Damien Miller <djm@mindrot.org>
5257Date:   Wed Jul 9 13:07:28 2014 +1000
5258
5259       - djm@cvs.openbsd.org 2014/07/09 03:02:15
5260         [key.c]
5261         downgrade more error() to debug() to better match what old authfile.c
5262         did; suppresses spurious errors with hostbased authentication enabled
5263
5264commit 0070776a038655c57f57e70cd05e4c38a5de9d84
5265Author: Damien Miller <djm@mindrot.org>
5266Date:   Wed Jul 9 13:07:06 2014 +1000
5267
5268       - djm@cvs.openbsd.org 2014/07/09 01:45:10
5269         [sftp.c]
5270         more useful error message when GLOB_NOSPACE occurs;
5271         bz#2254, patch from Orion Poplawski
5272
5273commit 079bac2a43c74ef7cf56850afbab3b1932534c50
5274Author: Damien Miller <djm@mindrot.org>
5275Date:   Wed Jul 9 13:06:25 2014 +1000
5276
5277       - djm@cvs.openbsd.org 2014/07/07 08:19:12
5278         [ssh_config.5]
5279         mention that ProxyCommand is executed using shell "exec" to avoid
5280         a lingering process; bz#1977
5281
5282commit 3a48cc090096cf99b9de592deb5f90e444edebfb
5283Author: Damien Miller <djm@mindrot.org>
5284Date:   Sun Jul 6 09:32:49 2014 +1000
5285
5286       - djm@cvs.openbsd.org 2014/07/05 23:11:48
5287         [channels.c]
5288         fix remote-forward cancel regression; ok markus@
5289
5290commit 48bae3a38cb578713e676708164f6e7151cc64fa
5291Author: Damien Miller <djm@mindrot.org>
5292Date:   Sun Jul 6 09:27:06 2014 +1000
5293
5294       - djm@cvs.openbsd.org 2014/07/03 23:18:35
5295         [authfile.h]
5296         remove leakmalloc droppings
5297
5298commit 72e6b5c9ed5e72ca3a6ccc3177941b7c487a0826
5299Author: Damien Miller <djm@mindrot.org>
5300Date:   Fri Jul 4 09:00:04 2014 +1000
5301
5302       - djm@cvs.openbsd.org 2014/07/03 22:40:43
5303         [servconf.c servconf.h session.c sshd.8 sshd_config.5]
5304         Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
5305         executed, mirroring the no-user-rc authorized_keys option;
5306         bz#2160; ok markus@
5307
5308commit 602943d1179a08dfa70af94f62296ea5e3d6ebb8
5309Author: Damien Miller <djm@mindrot.org>
5310Date:   Fri Jul 4 08:59:41 2014 +1000
5311
5312       - djm@cvs.openbsd.org 2014/07/03 22:33:41
5313         [channels.c]
5314         allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
5315         GatewayPorts=no; allows client to choose address family;
5316         bz#2222 ok markus@
5317
5318commit 6b37fbb7921d156b31e2c8f39d9e1b6746c34983
5319Author: Damien Miller <djm@mindrot.org>
5320Date:   Fri Jul 4 08:59:24 2014 +1000
5321
5322       - djm@cvs.openbsd.org 2014/07/03 22:23:46
5323         [sshconnect.c]
5324         when rekeying, skip file/DNS lookup if it is the same as the key sent
5325         during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@
5326
5327commit d2c3cd5f2e47ee24cf7093ce8e948c2e79dfc3fd
5328Author: Damien Miller <djm@mindrot.org>
5329Date:   Fri Jul 4 08:59:01 2014 +1000
5330
5331       - jsing@cvs.openbsd.org 2014/07/03 12:42:16
5332         [cipher-chachapoly.c]
5333         Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this
5334         makes it easier to verify that chacha_encrypt_bytes() is only called once
5335         per chacha_ivsetup() call.
5336         ok djm@
5337
5338commit 686feb560ec43a06ba04da82b50f3c183c947309
5339Author: Damien Miller <djm@mindrot.org>
5340Date:   Thu Jul 3 21:29:38 2014 +1000
5341
5342       - djm@cvs.openbsd.org 2014/07/03 11:16:55
5343         [auth.c auth.h auth1.c auth2.c]
5344         make the "Too many authentication failures" message include the
5345         user, source address, port and protocol in a format similar to the
5346         authentication success / failure messages; bz#2199, ok dtucker
5347
5348commit 0f12341402e18fd9996ec23189b9418d2722453f
5349Author: Damien Miller <djm@mindrot.org>
5350Date:   Thu Jul 3 21:28:09 2014 +1000
5351
5352       - jmc@cvs.openbsd.org 2014/07/03 07:45:27
5353         [ssh_config.5]
5354         escape %C since groff thinks it part of an Rs/Re block;
5355
5356commit 9c38643c5cd47a19db2cc28279dcc28abadc22b3
5357Author: Damien Miller <djm@mindrot.org>
5358Date:   Thu Jul 3 21:27:46 2014 +1000
5359
5360       - djm@cvs.openbsd.org 2014/07/03 06:39:19
5361         [ssh.c ssh_config.5]
5362         Add a %C escape sequence for LocalCommand and ControlPath that expands
5363         to a unique identifer based on a has of the tuple of (local host,
5364         remote user, hostname, port).
5365
5366         Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
5367         control paths.
5368
5369         bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
5370
5371commit 49d9bfe2b2f3e90cc158a215dffa7675e57e7830
5372Author: Damien Miller <djm@mindrot.org>
5373Date:   Thu Jul 3 21:26:42 2014 +1000
5374
5375       - djm@cvs.openbsd.org 2014/07/03 05:38:17
5376         [ssh.1]
5377         document that -g will only work in the multiplexed case if applied to
5378         the mux master
5379
5380commit ef9f13ba4c58057b2166d1f2e790535da402fbe5
5381Author: Damien Miller <djm@mindrot.org>
5382Date:   Thu Jul 3 21:26:21 2014 +1000
5383
5384       - djm@cvs.openbsd.org 2014/07/03 05:32:36
5385         [ssh_config.5]
5386         mention '%%' escape sequence in HostName directives and how it may
5387         be used to specify IPv6 link-local addresses
5388
5389commit e6a407789e5432dd2e53336fb73476cc69048c54
5390Author: Damien Miller <djm@mindrot.org>
5391Date:   Thu Jul 3 21:25:03 2014 +1000
5392
5393       - djm@cvs.openbsd.org 2014/07/03 04:36:45
5394         [digest.h]
5395         forward-declare struct sshbuf so consumers don't need to include sshbuf.h
5396
5397commit 4a1d3d50f02d0a8a4ef95ea4749293cbfb89f919
5398Author: Damien Miller <djm@mindrot.org>
5399Date:   Thu Jul 3 21:24:40 2014 +1000
5400
5401       - djm@cvs.openbsd.org 2014/07/03 03:47:27
5402         [ssh-keygen.c]
5403         When hashing or removing hosts using ssh-keygen, don't choke on
5404         @revoked markers and don't remove @cert-authority markers;
5405         bz#2241, reported by mlindgren AT runelind.net
5406
5407commit e5c0d52ceb575c3db8c313e0b1aa3845943d7ba8
5408Author: Damien Miller <djm@mindrot.org>
5409Date:   Thu Jul 3 21:24:19 2014 +1000
5410
5411       - djm@cvs.openbsd.org 2014/07/03 03:34:09
5412         [gss-serv.c session.c ssh-keygen.c]
5413         standardise on NI_MAXHOST for gethostname() string lengths; about
5414         1/2 the cases were using it already. Fixes bz#2239 en passant
5415
5416commit c174a3b7c14e0d178c61219de2aa1110e209950c
5417Author: Damien Miller <djm@mindrot.org>
5418Date:   Thu Jul 3 21:23:24 2014 +1000
5419
5420       - djm@cvs.openbsd.org 2014/07/03 03:26:43
5421         [digest-openssl.c]
5422         use EVP_Digest() for one-shot hash instead of creating, updating,
5423         finalising and destroying a context.
5424         bz#2231, based on patch from Timo Teras
5425
5426commit d7ca2cd31ecc4d63a055e2dcc4bf35c13f2db4c5
5427Author: Damien Miller <djm@mindrot.org>
5428Date:   Thu Jul 3 21:23:01 2014 +1000
5429
5430       - djm@cvs.openbsd.org 2014/07/03 03:15:01
5431         [ssh-add.c]
5432         make stdout line-buffered; saves partial output getting lost when
5433         ssh-add fatal()s part-way through (e.g. when listing keys from an
5434         agent that supports key types that ssh-add doesn't);
5435         bz#2234, reported by Phil Pennock
5436
5437commit b1e967c8d7c7578dd0c172d85b3046cf54ea42ba
5438Author: Damien Miller <djm@mindrot.org>
5439Date:   Thu Jul 3 21:22:40 2014 +1000
5440
5441       - djm@cvs.openbsd.org 2014/07/03 03:11:03
5442         [ssh-agent.c]
5443         Only cleanup agent socket in the main agent process and not in any
5444         subprocesses it may have started (e.g. forked askpass). Fixes
5445         agent sockets being zapped when askpass processes fatal();
5446         bz#2236 patch from Dmitry V. Levin
5447
5448commit 61e28e55c3438d796b02ef878bcd28620d452670
5449Author: Damien Miller <djm@mindrot.org>
5450Date:   Thu Jul 3 21:22:22 2014 +1000
5451
5452       - djm@cvs.openbsd.org 2014/07/03 01:45:38
5453         [sshkey.c]
5454         make Ed25519 keys' title fit properly in the randomart border; bz#2247
5455         based on patch from Christian Hesse
5456
5457commit 9eb4cd9a32c32d40d36450b68ed93badc6a94c68
5458Author: Damien Miller <djm@mindrot.org>
5459Date:   Thu Jul 3 13:29:50 2014 +1000
5460
5461     - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist;
5462       bz#2237
5463
5464commit 8da0fa24934501909408327298097b1629b89eaa
5465Author: Damien Miller <djm@mindrot.org>
5466Date:   Thu Jul 3 11:54:19 2014 +1000
5467
5468     - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto
5469       doesn't support it.
5470
5471commit 81309c857dd0dbc0a1245a16d621c490ad48cfbb
5472Author: Damien Miller <djm@mindrot.org>
5473Date:   Wed Jul 2 17:45:55 2014 +1000
5474
5475     - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test
5476
5477commit 82b2482ce68654815ee049b9bf021bb362a35ff2
5478Author: Damien Miller <djm@mindrot.org>
5479Date:   Wed Jul 2 17:43:41 2014 +1000
5480
5481     - (djm) [sshkey.c] Conditionalise inclusion of util.h
5482
5483commit dd8b1dd7933eb6f5652641b0cdced34a387f2e80
5484Author: Damien Miller <djm@mindrot.org>
5485Date:   Wed Jul 2 17:38:31 2014 +1000
5486
5487       - djm@cvs.openbsd.org 2014/06/24 01:14:17
5488         [Makefile.in regress/Makefile regress/unittests/Makefile]
5489         [regress/unittests/sshkey/Makefile]
5490         [regress/unittests/sshkey/common.c]
5491         [regress/unittests/sshkey/common.h]
5492         [regress/unittests/sshkey/mktestdata.sh]
5493         [regress/unittests/sshkey/test_file.c]
5494         [regress/unittests/sshkey/test_fuzz.c]
5495         [regress/unittests/sshkey/test_sshkey.c]
5496         [regress/unittests/sshkey/tests.c]
5497         [regress/unittests/sshkey/testdata/dsa_1]
5498         [regress/unittests/sshkey/testdata/dsa_1-cert.fp]
5499         [regress/unittests/sshkey/testdata/dsa_1-cert.pub]
5500         [regress/unittests/sshkey/testdata/dsa_1.fp]
5501         [regress/unittests/sshkey/testdata/dsa_1.fp.bb]
5502         [regress/unittests/sshkey/testdata/dsa_1.param.g]
5503         [regress/unittests/sshkey/testdata/dsa_1.param.priv]
5504         [regress/unittests/sshkey/testdata/dsa_1.param.pub]
5505         [regress/unittests/sshkey/testdata/dsa_1.pub]
5506         [regress/unittests/sshkey/testdata/dsa_1_pw]
5507         [regress/unittests/sshkey/testdata/dsa_2]
5508         [regress/unittests/sshkey/testdata/dsa_2.fp]
5509         [regress/unittests/sshkey/testdata/dsa_2.fp.bb]
5510         [regress/unittests/sshkey/testdata/dsa_2.pub]
5511         [regress/unittests/sshkey/testdata/dsa_n]
5512         [regress/unittests/sshkey/testdata/dsa_n_pw]
5513         [regress/unittests/sshkey/testdata/ecdsa_1]
5514         [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]
5515         [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]
5516         [regress/unittests/sshkey/testdata/ecdsa_1.fp]
5517         [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]
5518         [regress/unittests/sshkey/testdata/ecdsa_1.param.curve]
5519         [regress/unittests/sshkey/testdata/ecdsa_1.param.priv]
5520         [regress/unittests/sshkey/testdata/ecdsa_1.param.pub]
5521         [regress/unittests/sshkey/testdata/ecdsa_1.pub]
5522         [regress/unittests/sshkey/testdata/ecdsa_1_pw]
5523         [regress/unittests/sshkey/testdata/ecdsa_2]
5524         [regress/unittests/sshkey/testdata/ecdsa_2.fp]
5525         [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]
5526         [regress/unittests/sshkey/testdata/ecdsa_2.param.curve]
5527         [regress/unittests/sshkey/testdata/ecdsa_2.param.priv]
5528         [regress/unittests/sshkey/testdata/ecdsa_2.param.pub]
5529         [regress/unittests/sshkey/testdata/ecdsa_2.pub]
5530         [regress/unittests/sshkey/testdata/ecdsa_n]
5531         [regress/unittests/sshkey/testdata/ecdsa_n_pw]
5532         [regress/unittests/sshkey/testdata/ed25519_1]
5533         [regress/unittests/sshkey/testdata/ed25519_1-cert.fp]
5534         [regress/unittests/sshkey/testdata/ed25519_1-cert.pub]
5535         [regress/unittests/sshkey/testdata/ed25519_1.fp]
5536         [regress/unittests/sshkey/testdata/ed25519_1.fp.bb]
5537         [regress/unittests/sshkey/testdata/ed25519_1.pub]
5538         [regress/unittests/sshkey/testdata/ed25519_1_pw]
5539         [regress/unittests/sshkey/testdata/ed25519_2]
5540         [regress/unittests/sshkey/testdata/ed25519_2.fp]
5541         [regress/unittests/sshkey/testdata/ed25519_2.fp.bb]
5542         [regress/unittests/sshkey/testdata/ed25519_2.pub]
5543         [regress/unittests/sshkey/testdata/pw]
5544         [regress/unittests/sshkey/testdata/rsa1_1]
5545         [regress/unittests/sshkey/testdata/rsa1_1.fp]
5546         [regress/unittests/sshkey/testdata/rsa1_1.fp.bb]
5547         [regress/unittests/sshkey/testdata/rsa1_1.param.n]
5548         [regress/unittests/sshkey/testdata/rsa1_1.pub]
5549         [regress/unittests/sshkey/testdata/rsa1_1_pw]
5550         [regress/unittests/sshkey/testdata/rsa1_2]
5551         [regress/unittests/sshkey/testdata/rsa1_2.fp]
5552         [regress/unittests/sshkey/testdata/rsa1_2.fp.bb]
5553         [regress/unittests/sshkey/testdata/rsa1_2.param.n]
5554         [regress/unittests/sshkey/testdata/rsa1_2.pub]
5555         [regress/unittests/sshkey/testdata/rsa_1]
5556         [regress/unittests/sshkey/testdata/rsa_1-cert.fp]
5557         [regress/unittests/sshkey/testdata/rsa_1-cert.pub]
5558         [regress/unittests/sshkey/testdata/rsa_1.fp]
5559         [regress/unittests/sshkey/testdata/rsa_1.fp.bb]
5560         [regress/unittests/sshkey/testdata/rsa_1.param.n]
5561         [regress/unittests/sshkey/testdata/rsa_1.param.p]
5562         [regress/unittests/sshkey/testdata/rsa_1.param.q]
5563         [regress/unittests/sshkey/testdata/rsa_1.pub]
5564         [regress/unittests/sshkey/testdata/rsa_1_pw]
5565         [regress/unittests/sshkey/testdata/rsa_2]
5566         [regress/unittests/sshkey/testdata/rsa_2.fp]
5567         [regress/unittests/sshkey/testdata/rsa_2.fp.bb]
5568         [regress/unittests/sshkey/testdata/rsa_2.param.n]
5569         [regress/unittests/sshkey/testdata/rsa_2.param.p]
5570         [regress/unittests/sshkey/testdata/rsa_2.param.q]
5571         [regress/unittests/sshkey/testdata/rsa_2.pub]
5572         [regress/unittests/sshkey/testdata/rsa_n]
5573         [regress/unittests/sshkey/testdata/rsa_n_pw]
5574         unit and fuzz tests for new key API
5575
5576commit c1dc24b71f087f385b92652b9673f52af64e0428
5577Author: Damien Miller <djm@mindrot.org>
5578Date:   Wed Jul 2 17:02:03 2014 +1000
5579
5580       - djm@cvs.openbsd.org 2014/06/24 01:04:43
5581         [regress/krl.sh]
5582         regress test for broken consecutive revoked serial number ranges
5583
5584commit 43d3ed2dd3feca6d0326c7dc82588d2faa115e92
5585Author: Damien Miller <djm@mindrot.org>
5586Date:   Wed Jul 2 17:01:08 2014 +1000
5587
5588       - djm@cvs.openbsd.org 2014/05/21 07:04:21
5589         [regress/integrity.sh]
5590         when failing because of unexpected output, show the offending output
5591
5592commit 5a96707ffc8d227c2e7d94fa6b0317f8a152cf4e
5593Author: Damien Miller <djm@mindrot.org>
5594Date:   Wed Jul 2 15:38:05 2014 +1000
5595
5596       - djm@cvs.openbsd.org 2014/04/30 05:32:00
5597         [regress/Makefile]
5598         unit tests for new buffer API; including basic fuzz testing
5599         NB. Id sync only.
5600
5601commit 3ff92ba756aee48e4ae3e0aeff7293517b3dd185
5602Author: Damien Miller <djm@mindrot.org>
5603Date:   Wed Jul 2 15:33:09 2014 +1000
5604
5605       - djm@cvs.openbsd.org 2014/06/30 12:54:39
5606         [key.c]
5607         suppress spurious error message when loading key with a passphrase;
5608         reported by kettenis@ ok markus@
5609       - djm@cvs.openbsd.org 2014/07/02 04:59:06
5610         [cipher-3des1.c]
5611         fix ssh protocol 1 on the server that regressed with the sshkey change
5612         (sometimes fatal() after auth completed), make file return useful status
5613         codes.
5614         NB. Id sync only for these two. They were bundled into the sshkey merge
5615         above, since it was easier to sync the entire file and then apply
5616         portable-specific changed atop it.
5617
5618commit ec3d0e24a1e46873d80507f5cd8ee6d0d03ac5dc
5619Author: Damien Miller <djm@mindrot.org>
5620Date:   Wed Jul 2 15:30:00 2014 +1000
5621
5622       - markus@cvs.openbsd.org 2014/06/27 18:50:39
5623         [ssh-add.c]
5624         fix loading of private keys
5625
5626commit 4b3ed647d5b328cf68e6a8ffbee490d8e0683e82
5627Author: Damien Miller <djm@mindrot.org>
5628Date:   Wed Jul 2 15:29:40 2014 +1000
5629
5630       - markus@cvs.openbsd.org 2014/06/27 16:41:56
5631         [channels.c channels.h clientloop.c ssh.c]
5632         fix remote fwding with same listen port but different listen address
5633         with gerhard@, ok djm@
5634
5635commit 9e01ff28664921ce9b6500681333e42fb133b4d0
5636Author: Damien Miller <djm@mindrot.org>
5637Date:   Wed Jul 2 15:29:21 2014 +1000
5638
5639       - deraadt@cvs.openbsd.org 2014/06/25 14:16:09
5640         [sshbuf.c]
5641         unblock SIGSEGV before raising it
5642         ok djm
5643
5644commit 1845fe6bda0729e52f4c645137f4fc3070b5438a
5645Author: Damien Miller <djm@mindrot.org>
5646Date:   Wed Jul 2 15:29:01 2014 +1000
5647
5648       - djm@cvs.openbsd.org 2014/06/24 02:21:01
5649         [scp.c]
5650         when copying local->remote fails during read, don't send uninitialised
5651         heap to the remote end. Reported by Jann Horn
5652
5653commit 19439e9a2a0ac0b4b3b1210e89695418beb1c883
5654Author: Damien Miller <djm@mindrot.org>
5655Date:   Wed Jul 2 15:28:40 2014 +1000
5656
5657       - djm@cvs.openbsd.org 2014/06/24 02:19:48
5658         [ssh.c]
5659         don't fatal() when hostname canonicalisation fails with a
5660         ProxyCommand in use; continue and allow the ProxyCommand to
5661         connect anyway (e.g. to a host with a name outside the DNS
5662         behind a bastion)
5663
5664commit 8668706d0f52654fe64c0ca41a96113aeab8d2b8
5665Author: Damien Miller <djm@mindrot.org>
5666Date:   Wed Jul 2 15:28:02 2014 +1000
5667
5668       - djm@cvs.openbsd.org 2014/06/24 01:13:21
5669         [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
5670         [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
5671         [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
5672         [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
5673         [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
5674         [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
5675         [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
5676         [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
5677         [sshconnect2.c sshd.c sshkey.c sshkey.h
5678         [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
5679         New key API: refactor key-related functions to be more library-like,
5680         existing API is offered as a set of wrappers.
5681
5682         with and ok markus@
5683
5684         Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
5685         Dempsky and Ron Bowes for a detailed review a few months ago.
5686
5687         NB. This commit also removes portable OpenSSH support for OpenSSL
5688         <0.9.8e.
5689
5690commit 2cd7929250cf9e9f658d70dcd452f529ba08c942
5691Author: Damien Miller <djm@mindrot.org>
5692Date:   Wed Jul 2 12:48:30 2014 +1000
5693
5694       - djm@cvs.openbsd.org 2014/06/24 00:52:02
5695         [krl.c]
5696         fix bug in KRL generation: multiple consecutive revoked certificate
5697         serial number ranges could be serialised to an invalid format.
5698
5699         Readers of a broken KRL caused by this bug will fail closed, so no
5700         should-have-been-revoked key will be accepted.
5701
5702commit 99db840ee8dbbd2b3fbc6c45d0ee2f6a65e96898
5703Author: Damien Miller <djm@mindrot.org>
5704Date:   Wed Jul 2 12:48:04 2014 +1000
5705
5706       - naddy@cvs.openbsd.org 2014/06/18 15:42:09
5707         [sshbuf-getput-crypto.c]
5708         The ssh_get_bignum functions must accept the same range of bignums
5709         the corresponding ssh_put_bignum functions create.  This fixes the
5710         use of 16384-bit RSA keys (bug reported by Eivind Evensen).
5711         ok djm@
5712
5713commit 84a89161a9629239b64171ef3e22ef6a3e462d51
5714Author: Damien Miller <djm@mindrot.org>
5715Date:   Wed Jul 2 12:47:48 2014 +1000
5716
5717       - matthew@cvs.openbsd.org 2014/06/18 02:59:13
5718         [sandbox-systrace.c]
5719         Now that we have a dedicated getentropy(2) system call for
5720         arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace
5721         sandbox.
5722
5723         ok djm
5724
5725commit 51504ceec627c0ad57b9f75585c7b3d277f326be
5726Author: Damien Miller <djm@mindrot.org>
5727Date:   Wed Jul 2 12:47:25 2014 +1000
5728
5729       - deraadt@cvs.openbsd.org 2014/06/13 08:26:29
5730         [sandbox-systrace.c]
5731         permit SYS_getentropy
5732         from matthew
5733
5734commit a261b8df59117f7dc52abb3a34b35a40c2c9fa88
5735Author: Tim Rice <tim@multitalents.net>
5736Date:   Wed Jun 18 16:17:28 2014 -0700
5737
5738     - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
5739
5740commit 316fac6f18f87262a315c79bcf68b9f92c9337e4
5741Author: Darren Tucker <dtucker@zip.com.au>
5742Date:   Tue Jun 17 23:06:07 2014 +1000
5743
5744     - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
5745       openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
5746       Move the OpenSSL header/library version test into its own function and add
5747       tests for it. Fix it to allow fix version upgrades (but not downgrades).
5748       Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
5749       ok djm@ chl@
5750
5751commit af665bb7b092a59104db1e65577851cf35b86e32
5752Author: Darren Tucker <dtucker@zip.com.au>
5753Date:   Mon Jun 16 22:50:55 2014 +1000
5754
5755     - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR.  From rak at debian via
5756       OpenSMTPD and chl@
5757
5758commit f9696566fb41320820f3b257ab564fa321bb3751
5759Author: Darren Tucker <dtucker@zip.com.au>
5760Date:   Fri Jun 13 11:06:04 2014 +1000
5761
5762     - (dtucker) [configure.ac] Remove tcpwrappers support, support has already
5763       been removed from sshd.c.
5764
5765commit 5e2b8894b0b24af4ad0a2f7aa33ebf255df7a8bc
5766Author: Tim Rice <tim@multitalents.net>
5767Date:   Wed Jun 11 18:31:10 2014 -0700
5768
5769     - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for
5770       u_intXX_t types.
5771
5772commit 985ee2cbc3e43bc65827c3c0d4df3faa99160c37
5773Author: Darren Tucker <dtucker@zip.com.au>
5774Date:   Thu Jun 12 05:32:29 2014 +1000
5775
5776     - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*]
5777       Wrap stdlib.h include an ifdef for platforms that don't have it.
5778
5779commit cf5392c2db2bb1dbef9818511d34056404436109
5780Author: Darren Tucker <dtucker@zip.com.au>
5781Date:   Thu Jun 12 05:22:49 2014 +1000
5782
5783     - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from
5784       openbsd-compat/bsd-asprintf.c.
5785
5786commit 58538d795e0b662f2f4e5a7193f1204bbe992ddd
5787Author: Darren Tucker <dtucker@zip.com.au>
5788Date:   Wed Jun 11 13:39:24 2014 +1000
5789
5790     - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for
5791       compat stuff, specifically whether or not OpenSSL has ECC.
5792
5793commit eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08
5794Author: Darren Tucker <dtucker@zip.com.au>
5795Date:   Wed Jun 11 13:10:00 2014 +1000
5796
5797     - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an
5798       assigment that might get optimized out.  ok djm@
5799
5800commit b9609fd86c623d6d440e630f5f9a63295f7aea20
5801Author: Darren Tucker <dtucker@zip.com.au>
5802Date:   Wed Jun 11 08:04:02 2014 +1000
5803
5804     - (dtucker) [sshbuf.h] Only declare ECC functions if building without
5805       OpenSSL or if OpenSSL has ECC.
5806
5807commit a54a040f66944c6e8913df8635a01a2327219be9
5808Author: Darren Tucker <dtucker@zip.com.au>
5809Date:   Wed Jun 11 07:58:35 2014 +1000
5810
5811       - dtucker@cvs.openbsd.org 2014/06/10 21:46:11
5812         [sshbuf.h]
5813         Group ECC functions together to make things a little easier in -portable.
5814         "doesn't bother me" deraadt@
5815
5816commit 9f92c53bad04a89067756be8198d4ec2d8a08875
5817Author: Darren Tucker <dtucker@zip.com.au>
5818Date:   Wed Jun 11 07:57:58 2014 +1000
5819
5820       - djm@cvs.openbsd.org 2014/06/05 22:17:50
5821         [sshconnect2.c]
5822         fix inverted test that caused PKCS#11 keys that were explicitly listed
5823         not to be preferred. Reported by Dirk-Willem van Gulik
5824
5825commit 15c254a25394f96643da2ad0f674acdc51e89856
5826Author: Darren Tucker <dtucker@zip.com.au>
5827Date:   Wed Jun 11 07:38:49 2014 +1000
5828
5829     - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef
5830       ECC variable too.
5831
5832commit d7af0cc5bf273eeed0897a99420bc26841d07d8f
5833Author: Darren Tucker <dtucker@zip.com.au>
5834Date:   Wed Jun 11 07:37:25 2014 +1000
5835
5836     - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in
5837       the proposal if the version of OpenSSL we're using doesn't support ECC.
5838
5839commit 67508ac2563c33d582be181a3e777c65f549d22f
5840Author: Darren Tucker <dtucker@zip.com.au>
5841Date:   Wed Jun 11 06:27:16 2014 +1000
5842
5843     - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
5844       regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
5845       curve tests if OpenSSL has them.
5846
5847commit 6482d90a65459a88c18c925368525855832272b3
5848Author: Damien Miller <djm@mindrot.org>
5849Date:   Tue May 27 14:34:42 2014 +1000
5850
5851     - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
5852          [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
5853             separation user at runtime, since it may need to be a domain account.
5854                Patch from Corinna Vinschen.
5855
5856commit f9eb5e0734f7a7f6e975809eb54684d2a06a7ffc
5857Author: Damien Miller <djm@mindrot.org>
5858Date:   Tue May 27 14:31:58 2014 +1000
5859
5860     - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config
5861       from Corinna Vinschen, fixing a number of bugs and preparing for
5862       Cygwin 1.7.30.
5863
5864commit eae88744662e6b149f43ef071657727f1a157d95
5865Author: Damien Miller <djm@mindrot.org>
5866Date:   Tue May 27 14:27:02 2014 +1000
5867
5868     - (djm) [cipher.c] Fix merge botch.
5869
5870commit 564b5e253c1d95c26a00e8288f0089a2571661c3
5871Author: Damien Miller <djm@mindrot.org>
5872Date:   Thu May 22 08:23:59 2014 +1000
5873
5874     - (djm) [Makefile.in] typo in path
5875
5876commit e84d10302aeaf7a1acb05c451f8718143656856a
5877Author: Damien Miller <djm@mindrot.org>
5878Date:   Wed May 21 17:13:36 2014 +1000
5879
5880    revert a diff I didn't mean to commit
5881
5882commit 795b86313f1f1aab9691666c4f2d5dae6e4acd50
5883Author: Damien Miller <djm@mindrot.org>
5884Date:   Wed May 21 17:12:53 2014 +1000
5885
5886     - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
5887       when it is available. It takes into account time spent suspended,
5888       thereby ensuring timeouts (e.g. for expiring agent keys) fire
5889       correctly. bz#2228 reported by John Haxby
5890
5891commit 18912775cb97c0b1e75e838d3c7d4b56648137b5
5892Author: Damien Miller <djm@mindrot.org>
5893Date:   Wed May 21 17:06:46 2014 +1000
5894
5895     - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use
5896       vhangup on Linux. It doens't work for non-root users, and for them
5897       it just messes up the tty settings.
5898
5899commit 7f1c264d3049cd95234e91970ccb5406e1d15b27
5900Author: Damien Miller <djm@mindrot.org>
5901Date:   Thu May 15 18:01:52 2014 +1000
5902
5903     - (djm) [sshbuf.c] need __predict_false
5904
5905commit e7429f2be8643e1100380a8a7389d85cc286c8fe
5906Author: Damien Miller <djm@mindrot.org>
5907Date:   Thu May 15 18:01:01 2014 +1000
5908
5909     - (djm) [regress/Makefile Makefile.in]
5910       [regress/unittests/sshbuf/test_sshbuf.c
5911       [regress/unittests/sshbuf/test_sshbuf_fixed.c]
5912       [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
5913       [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
5914       [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
5915       [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
5916       [regress/unittests/sshbuf/test_sshbuf_misc.c]
5917       [regress/unittests/sshbuf/tests.c]
5918       [regress/unittests/test_helper/fuzz.c]
5919       [regress/unittests/test_helper/test_helper.c]
5920       Hook new unit tests into the build and "make tests"
5921
5922commit def1de086707b0e6b046fe7e115c60aca0227a99
5923Author: Damien Miller <djm@mindrot.org>
5924Date:   Thu May 15 15:17:15 2014 +1000
5925
5926     - (djm) [regress/unittests/Makefile]
5927       [regress/unittests/Makefile.inc]
5928       [regress/unittests/sshbuf/Makefile]
5929       [regress/unittests/sshbuf/test_sshbuf.c]
5930       [regress/unittests/sshbuf/test_sshbuf_fixed.c]
5931       [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
5932       [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
5933       [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
5934       [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
5935       [regress/unittests/sshbuf/test_sshbuf_misc.c]
5936       [regress/unittests/sshbuf/tests.c]
5937       [regress/unittests/test_helper/Makefile]
5938       [regress/unittests/test_helper/fuzz.c]
5939       [regress/unittests/test_helper/test_helper.c]
5940       [regress/unittests/test_helper/test_helper.h]
5941       Import new unit tests from OpenBSD; not yet hooked up to build.
5942
5943commit 167685756fde8bc213a8df2c8e1848e312db0f46
5944Author: Damien Miller <djm@mindrot.org>
5945Date:   Thu May 15 15:08:40 2014 +1000
5946
5947       - logan@cvs.openbsd.org 2014/05/04 10:40:59
5948         [connect-privsep.sh]
5949         Remove the Z flag from the list of malloc options as it
5950         was removed from malloc.c 10 days ago.
5951
5952         OK from miod@
5953
5954commit d0b69fe90466920d69c96069312e24b581771bd7
5955Author: Damien Miller <djm@mindrot.org>
5956Date:   Thu May 15 15:08:19 2014 +1000
5957
5958       - dtucker@cvs.openbsd.org 2014/05/03 18:46:14
5959         [proxy-connect.sh]
5960         Add tests for with and without compression, with and without privsep.
5961
5962commit edb1af50441d19fb2dd9ccb4d75bf14473fca584
5963Author: Damien Miller <djm@mindrot.org>
5964Date:   Thu May 15 15:07:53 2014 +1000
5965
5966       - djm@cvs.openbsd.org 2014/04/21 22:15:37
5967         [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
5968         repair regress tests broken by server-side default cipher/kex/mac changes
5969         by ensuring that the option under test is included in the server's
5970         algorithm list
5971
5972commit 54343e95c70994695f8842fb22836321350198d3
5973Author: Damien Miller <djm@mindrot.org>
5974Date:   Thu May 15 15:07:33 2014 +1000
5975
5976       - djm@cvs.openbsd.org 2014/03/13 20:44:49
5977         [login-timeout.sh]
5978         this test is a sorry mess of race conditions; add another sleep
5979         to avoid a failure on slow machines (at least until I find a
5980         better way)
5981
5982commit e5b9f0f2ee6e133894307e44e862b66426990733
5983Author: Damien Miller <djm@mindrot.org>
5984Date:   Thu May 15 14:58:07 2014 +1000
5985
5986     - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c]
5987       [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
5988
5989commit b9c566788a9ebd6a9d466f47a532124f111f0542
5990Author: Damien Miller <djm@mindrot.org>
5991Date:   Thu May 15 14:43:37 2014 +1000
5992
5993     - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write
5994       portability glue to support building without libcrypto
5995
5996commit 3dc27178b42234b653a32f7a87292d7994045ee3
5997Author: Damien Miller <djm@mindrot.org>
5998Date:   Thu May 15 14:37:59 2014 +1000
5999
6000       - logan@cvs.openbsd.org 2014/05/05 07:02:30
6001         [sftp.c]
6002         Zap extra whitespace.
6003
6004         OK from djm@ and dtucker@
6005
6006commit c31a0cd5b31961f01c5b731f62a6cb9d4f767472
6007Author: Damien Miller <djm@mindrot.org>
6008Date:   Thu May 15 14:37:39 2014 +1000
6009
6010       - markus@cvs.openbsd.org 2014/05/03 17:20:34
6011         [monitor.c packet.c packet.h]
6012         unbreak compression, by re-init-ing the compression code in the
6013         post-auth child. the new buffer code is more strict, and requires
6014         buffer_init() while the old code was happy after a bzero();
6015         originally from djm@
6016
6017commit 686c7d9ee6f44b2be4128d7860b6b37adaeba733
6018Author: Damien Miller <djm@mindrot.org>
6019Date:   Thu May 15 14:37:03 2014 +1000
6020
6021       - djm@cvs.openbsd.org 2014/05/02 03:27:54
6022         [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c]
6023         [misc.h poly1305.h ssh-pkcs11.c defines.h]
6024         revert __bounded change; it causes way more problems for portable than
6025         it solves; pointed out by dtucker@
6026
6027commit 294c58a007cfb2f3bddc4fc3217e255857ffb9bf
6028Author: Damien Miller <djm@mindrot.org>
6029Date:   Thu May 15 14:35:03 2014 +1000
6030
6031       - naddy@cvs.openbsd.org 2014/04/30 19:07:48
6032         [mac.c myproposal.h umac.c]
6033         UMAC can use our local fallback implementation of AES when OpenSSL isn't
6034         available.  Glue code straight from Ted Krovetz's original umac.c.
6035         ok markus@
6036
6037commit 05e82c3b963c33048128baf72a6f6b3a1c10b4c1
6038Author: Damien Miller <djm@mindrot.org>
6039Date:   Thu May 15 14:33:43 2014 +1000
6040
6041       - djm@cvs.openbsd.org 2014/04/30 05:29:56
6042         [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
6043         [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
6044         [ssherr.h]
6045         New buffer API; the first installment of the conversion/replacement
6046         of OpenSSH's internals to make them usable as a standalone library.
6047
6048         This includes a set of wrappers to make it compatible with the
6049         existing buffer API so replacement can occur incrementally.
6050
6051         With and ok markus@
6052
6053         Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
6054         Dempsky and Ron Bowes for a detailed review.
6055
6056commit 380948180f847a26f2d0c85b4dad3dca2ed2fd8b
6057Author: Damien Miller <djm@mindrot.org>
6058Date:   Thu May 15 14:25:18 2014 +1000
6059
6060       - dtucker@cvs.openbsd.org 2014/04/29 20:36:51
6061         [sftp.c]
6062         Don't attempt to append a nul quote char to the filename.  Should prevent
6063         fatal'ing with "el_insertstr failed" when there's a single quote char
6064         somewhere in the string.  bz#2238, ok markus@
6065
6066commit d7fd8bedd4619a2ec7fd02aae4c4e1db4431ad9f
6067Author: Damien Miller <djm@mindrot.org>
6068Date:   Thu May 15 14:24:59 2014 +1000
6069
6070       - dtucker@cvs.openbsd.org 2014/04/29 19:58:50
6071         [sftp.c]
6072         Move nulling of variable next to where it's freed.  ok markus@
6073
6074commit 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14
6075Author: Damien Miller <djm@mindrot.org>
6076Date:   Thu May 15 14:24:09 2014 +1000
6077
6078       - markus@cvs.openbsd.org 2014/04/29 18:01:49
6079         [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
6080         [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
6081         [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
6082         [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
6083         make compiling against OpenSSL optional (make OPENSSL=no);
6084         reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
6085         allows us to explore further options; with and ok djm
6086
6087commit c5893785564498cea73cb60d2cf199490483e080
6088Author: Damien Miller <djm@mindrot.org>
6089Date:   Thu May 15 13:48:49 2014 +1000
6090
6091       - djm@cvs.openbsd.org 2014/04/29 13:10:30
6092         [clientloop.c serverloop.c]
6093         bz#1818 - don't send channel success/failre replies on channels that
6094         have sent a close already; analysis and patch from Simon Tatham;
6095         ok markus@
6096
6097commit 633de33b192d808d87537834c316dc8b75fe1880
6098Author: Damien Miller <djm@mindrot.org>
6099Date:   Thu May 15 13:48:26 2014 +1000
6100
6101       - djm@cvs.openbsd.org 2014/04/28 03:09:18
6102         [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
6103         [ssh-keygen.c]
6104         buffer_get_string_ptr's return should be const to remind
6105         callers that futzing with it will futz with the actual buffer
6106         contents
6107
6108commit 15271907843e4ae50dcfc83b3594014cf5e9607b
6109Author: Damien Miller <djm@mindrot.org>
6110Date:   Thu May 15 13:47:56 2014 +1000
6111
6112       - djm@cvs.openbsd.org 2014/04/23 12:42:34
6113         [readconf.c]
6114         don't record duplicate IdentityFiles
6115
6116commit 798a02568b13a2e46efebd81f08c8f4bb33a6dc7
6117Author: Damien Miller <djm@mindrot.org>
6118Date:   Thu May 15 13:47:37 2014 +1000
6119
6120       - jmc@cvs.openbsd.org 2014/04/22 14:16:30
6121         [sftp.1]
6122         zap eol whitespace;
6123
6124commit d875ff78d2b8436807381051de112f0ebf9b9ae1
6125Author: Damien Miller <djm@mindrot.org>
6126Date:   Thu May 15 13:47:15 2014 +1000
6127
6128       - logan@cvs.openbsd.org 2014/04/22 12:42:04
6129         [sftp.1]
6130         Document sftp upload resume.
6131         OK from djm@, with feedback from okan@.
6132
6133commit b15cd7bb097fd80dc99520f45290ef775da1ef19
6134Author: Damien Miller <djm@mindrot.org>
6135Date:   Thu May 15 13:46:52 2014 +1000
6136
6137       - logan@cvs.openbsd.org 2014/04/22 10:07:12
6138         [sftp.c]
6139         Sort the sftp command list.
6140         OK from djm@
6141
6142commit d8accc0aa72656ba63d50937165c5ae49db1dcd6
6143Author: Damien Miller <djm@mindrot.org>
6144Date:   Thu May 15 13:46:25 2014 +1000
6145
6146       - logan@cvs.openbsd.org 2014/04/21 14:36:16
6147         [sftp-client.c sftp-client.h sftp.c]
6148         Implement sftp upload resume support.
6149         OK from djm@, with input from guenther@, mlarkin@ and
6150         okan@
6151
6152commit 16cd3928a87d20c77b13592a74b60b08621d3ce6
6153Author: Damien Miller <djm@mindrot.org>
6154Date:   Thu May 15 13:45:58 2014 +1000
6155
6156       - logan@cvs.openbsd.org 2014/04/20 09:24:26
6157         [dns.c dns.h ssh-keygen.c]
6158         Add support for SSHFP DNS records for ED25519 key types.
6159         OK from djm@
6160
6161commit ec0b67eb3b4e12f296ced1fafa01860c374f7eea
6162Author: Damien Miller <djm@mindrot.org>
6163Date:   Thu May 15 13:45:26 2014 +1000
6164
6165     - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine
6166       OpenBSD
6167
6168commit f028460d0b2e5a584355321015cde69bf6fd933e
6169Author: Darren Tucker <dtucker@zip.com.au>
6170Date:   Thu May 1 02:24:35 2014 +1000
6171
6172     - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already
6173       have it.  Only attempt to use __attribute__(__bounded__) for gcc.
6174
6175commit b628cc4c3e4a842bab5e4584d18c2bc5fa4d0edf
6176Author: Damien Miller <djm@mindrot.org>
6177Date:   Sun Apr 20 13:33:58 2014 +1000
6178
6179       - djm@cvs.openbsd.org 2014/04/20 02:49:32
6180         [compat.c]
6181         add a canonical 6.6 + curve25519 bignum fix fake version that I can
6182         recommend people use ahead of the openssh-6.7 release
6183
6184commit 888566913933a802f3a329ace123ebcb7154cf78
6185Author: Damien Miller <djm@mindrot.org>
6186Date:   Sun Apr 20 13:33:19 2014 +1000
6187
6188       - djm@cvs.openbsd.org 2014/04/20 02:30:25
6189         [misc.c misc.h umac.c]
6190         use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
6191         strict-alignment architectures; reported by and ok stsp@
6192
6193commit 16f85cbc7e5139950e6a38317e7c8b368beafa5d
6194Author: Damien Miller <djm@mindrot.org>
6195Date:   Sun Apr 20 13:29:28 2014 +1000
6196
6197       - tedu@cvs.openbsd.org 2014/04/19 18:42:19
6198         [ssh.1]
6199         delete .xr to hosts.equiv. there's still an unfortunate amount of
6200         documentation referring to rhosts equivalency in here.
6201
6202commit 69cb24b7356ec3f0fc5ff04a68f98f2c55c766f4
6203Author: Damien Miller <djm@mindrot.org>
6204Date:   Sun Apr 20 13:29:06 2014 +1000
6205
6206       - tedu@cvs.openbsd.org 2014/04/19 18:15:16
6207         [sshd.8]
6208         remove some really old rsh references
6209
6210commit 84c1e7bca8c4ceaccf4d5557e39a833585a3c77e
6211Author: Damien Miller <djm@mindrot.org>
6212Date:   Sun Apr 20 13:27:53 2014 +1000
6213
6214       - tedu@cvs.openbsd.org 2014/04/19 14:53:48
6215         [ssh-keysign.c sshd.c]
6216         Delete futile calls to RAND_seed. ok djm
6217         NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
6218
6219commit 0e6b67423b8662f9ca4c92750309e144fd637ef1
6220Author: Damien Miller <djm@mindrot.org>
6221Date:   Sun Apr 20 13:27:01 2014 +1000
6222
6223       - djm@cvs.openbsd.org 2014/04/19 05:54:59
6224         [compat.c]
6225         missing wildcard; pointed out by naddy@
6226
6227commit 9395b28223334826837c15e8c1bb4dfb3b0d2ca5
6228Author: Damien Miller <djm@mindrot.org>
6229Date:   Sun Apr 20 13:25:30 2014 +1000
6230
6231       - djm@cvs.openbsd.org 2014/04/18 23:52:25
6232         [compat.c compat.h sshconnect2.c sshd.c version.h]
6233         OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
6234         using the curve25519-sha256@libssh.org KEX exchange method to fail
6235         when connecting with something that implements the spec properly.
6236
6237         Disable this KEX method when speaking to one of the affected
6238         versions.
6239
6240         reported by Aris Adamantiadis; ok markus@
6241
6242commit 8c492da58f8ceb85cf5f7066f23e26fb813a963d
6243Author: Damien Miller <djm@mindrot.org>
6244Date:   Sun Apr 20 13:25:09 2014 +1000
6245
6246       - djm@cvs.openbsd.org 2014/04/16 23:28:12
6247         [ssh-agent.1]
6248         remove the identity files from this manpage - ssh-agent doesn't deal
6249         with them at all and the same information is duplicated in ssh-add.1
6250         (which does deal with them); prodded by deraadt@
6251
6252commit adbfdbbdccc70c9bd70d81ae096db115445c6e26
6253Author: Damien Miller <djm@mindrot.org>
6254Date:   Sun Apr 20 13:24:49 2014 +1000
6255
6256       - djm@cvs.openbsd.org 2014/04/16 23:22:45
6257         [bufaux.c]
6258         skip leading zero bytes in buffer_put_bignum2_from_string();
6259         reported by jan AT mojzis.com; ok markus@
6260
6261commit 75c62728dc87af6805696eeb520b9748faa136c8
6262Author: Damien Miller <djm@mindrot.org>
6263Date:   Sun Apr 20 13:24:31 2014 +1000
6264
6265       - djm@cvs.openbsd.org 2014/04/12 04:55:53
6266         [sshd.c]
6267         avoid crash at exit: check that pmonitor!=NULL before dereferencing;
6268         bz#2225, patch from kavi AT juniper.net
6269
6270commit 2a328437fb1b0976f2f4522d8645803d5a5d0967
6271Author: Damien Miller <djm@mindrot.org>
6272Date:   Sun Apr 20 13:24:01 2014 +1000
6273
6274       - djm@cvs.openbsd.org 2014/04/01 05:32:57
6275         [packet.c]
6276         demote a debug3 to PACKET_DEBUG; ok markus@
6277
6278commit 7d6a9fb660c808882d064e152d6070ffc3844c3f
6279Author: Damien Miller <djm@mindrot.org>
6280Date:   Sun Apr 20 13:23:43 2014 +1000
6281
6282       - djm@cvs.openbsd.org 2014/04/01 03:34:10
6283         [sshconnect.c]
6284         When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any
6285         certificate keys to plain keys and attempt SSHFP resolution.
6286
6287         Prevents a server from skipping SSHFP lookup and forcing a new-hostkey
6288         dialog by offering only certificate keys.
6289
6290         Reported by mcv21 AT cam.ac.uk
6291
6292commit fcd62c0b66b8415405ed0af29c236329eb88cc0f
6293Author: Damien Miller <djm@mindrot.org>
6294Date:   Sun Apr 20 13:23:21 2014 +1000
6295
6296       - djm@cvs.openbsd.org 2014/04/01 02:05:27
6297         [ssh-keysign.c]
6298         include fingerprint of key not found
6299         use arc4random_buf() instead of loop+arc4random()
6300
6301commit 43b156cf72f900f88065b0a1c1ebd09ab733ca46
6302Author: Damien Miller <djm@mindrot.org>
6303Date:   Sun Apr 20 13:23:03 2014 +1000
6304
6305       - jmc@cvs.openbsd.org 2014/03/31 13:39:34
6306         [ssh-keygen.1]
6307         the text for the -K option was inserted in the wrong place in -r1.108;
6308         fix From: Matthew Clarke
6309
6310commit c1621c84f2dc1279065ab9fde2aa9327af418900
6311Author: Damien Miller <djm@mindrot.org>
6312Date:   Sun Apr 20 13:22:46 2014 +1000
6313
6314       - naddy@cvs.openbsd.org 2014/03/28 05:17:11
6315         [ssh_config.5 sshd_config.5]
6316         sync available and default algorithms, improve algorithm list formatting
6317         help from jmc@ and schwarze@, ok deraadt@
6318
6319commit f2719b7c2b8a3b14d778d8a6d8dc729b5174b054
6320Author: Damien Miller <djm@mindrot.org>
6321Date:   Sun Apr 20 13:22:18 2014 +1000
6322
6323       - tedu@cvs.openbsd.org 2014/03/26 19:58:37
6324         [sshd.8 sshd.c]
6325         remove libwrap support. ok deraadt djm mfriedl
6326
6327commit 4f40209aa4060b9c066a2f0d9332ace7b8dfb391
6328Author: Damien Miller <djm@mindrot.org>
6329Date:   Sun Apr 20 13:21:22 2014 +1000
6330
6331       - djm@cvs.openbsd.org 2014/03/26 04:55:35
6332         [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
6333         [misc.h poly1305.h ssh-pkcs11.c]
6334         use __bounded(...) attribute recently added to sys/cdefs.h instead of
6335         longform __attribute__(__bounded(...));
6336
6337         for brevity and a warning free compilation with llvm/clang
6338
6339commit 9235a030ad1b16903fb495d81544e0f7c7449523
6340Author: Damien Miller <djm@mindrot.org>
6341Date:   Sun Apr 20 13:17:20 2014 +1000
6342
6343    Three commits in one (since they touch the same heavily-diverged file
6344    repeatedly):
6345
6346       - markus@cvs.openbsd.org 2014/03/25 09:40:03
6347         [myproposal.h]
6348         trimm default proposals.
6349
6350         This commit removes the weaker pre-SHA2 hashes, the broken ciphers
6351         (arcfour), and the broken modes (CBC) from the default configuration
6352         (the patch only changes the default, all the modes are still available
6353         for the config files).
6354
6355         ok djm@, reminded by tedu@ & naddy@ and discussed with many
6356       - deraadt@cvs.openbsd.org 2014/03/26 17:16:26
6357         [myproposal.h]
6358         The current sharing of myproposal[] between both client and server code
6359         makes the previous diff highly unpallatable.  We want to go in that
6360         direction for the server, but not for the client.  Sigh.
6361         Brought up by naddy.
6362       - markus@cvs.openbsd.org 2014/03/27 23:01:27
6363         [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
6364         disable weak proposals in sshd, but keep them in ssh; ok djm@
6365
6366commit 6e1777f592f15f4559728c78204617537b1ac076
6367Author: Damien Miller <djm@mindrot.org>
6368Date:   Sun Apr 20 13:02:58 2014 +1000
6369
6370       - tedu@cvs.openbsd.org 2014/03/19 14:42:44
6371         [scp.1]
6372         there is no need for rcp anymore
6373         ok deraadt millert
6374
6375commit eb1b7c514d2a7b1802ccee8cd50e565a4d419887
6376Author: Damien Miller <djm@mindrot.org>
6377Date:   Sun Apr 20 13:02:26 2014 +1000
6378
6379       - tedu@cvs.openbsd.org 2014/03/17 19:44:10
6380         [ssh.1]
6381         old descriptions of des and blowfish are old. maybe ok deraadt
6382
6383commit f0858de6e1324ec730752387074b111b8551081e
6384Author: Damien Miller <djm@mindrot.org>
6385Date:   Sun Apr 20 13:01:30 2014 +1000
6386
6387       - deraadt@cvs.openbsd.org 2014/03/15 17:28:26
6388         [ssh-agent.c ssh-keygen.1 ssh-keygen.c]
6389         Improve usage() and documentation towards the standard form.
6390         In particular, this line saves a lot of man page reading time.
6391           usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
6392                             [-N new_passphrase] [-C comment] [-f output_keyfile]
6393         ok schwarze jmc
6394
6395commit 94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa
6396Author: Damien Miller <djm@mindrot.org>
6397Date:   Sun Apr 20 13:00:51 2014 +1000
6398
6399       - naddy@cvs.openbsd.org 2014/03/12 13:06:59
6400         [ssh-keyscan.1]
6401         scan for Ed25519 keys by default too
6402
6403commit 3819519288b2b3928c6882f5883b0f55148f4fc0
6404Author: Damien Miller <djm@mindrot.org>
6405Date:   Sun Apr 20 13:00:28 2014 +1000
6406
6407       - djm@cvs.openbsd.org 2014/03/12 04:51:12
6408         [authfile.c]
6409         correct test that kdf name is not "none" or "bcrypt"
6410
6411commit 8f9cd709c7cf0655d414306a0ed28306b33802be
6412Author: Damien Miller <djm@mindrot.org>
6413Date:   Sun Apr 20 13:00:11 2014 +1000
6414
6415       - djm@cvs.openbsd.org 2014/03/12 04:50:32
6416         [auth-bsdauth.c ssh-keygen.c]
6417         don't count on things that accept arguments by reference to clear
6418         things for us on error; most things do, but it's unsafe form.
6419
6420commit 1c7ef4be83f6dec84509a312518b9df00ab491d9
6421Author: Damien Miller <djm@mindrot.org>
6422Date:   Sun Apr 20 12:59:46 2014 +1000
6423
6424       - djm@cvs.openbsd.org 2014/03/12 04:44:58
6425         [ssh-keyscan.c]
6426         scan for Ed25519 keys by default too
6427
6428commit c10bf4d051c97939b30a1616c0499310057d07da
6429Author: Damien Miller <djm@mindrot.org>
6430Date:   Sun Apr 20 12:58:04 2014 +1000
6431
6432       - djm@cvs.openbsd.org 2014/03/03 22:22:30
6433         [session.c]
6434         ignore enviornment variables with embedded '=' or '\0' characters;
6435         spotted by Jann Horn; ok deraadt@
6436         Id sync only - portable already has this.
6437
6438commit c2e49062faccbcd7135c40d1c78c5c329c58fc2e
6439Author: Damien Miller <djm@mindrot.org>
6440Date:   Tue Apr 1 14:42:46 2014 +1100
6441
6442     - (djm) Use full release (e.g. 6.5p1) in debug output rather than just
6443        version. From des@des.no
6444
6445commit 14928b7492abec82afa4c2b778fc03f78cd419b6
6446Author: Damien Miller <djm@mindrot.org>
6447Date:   Tue Apr 1 14:38:07 2014 +1100
6448
6449     - (djm) On platforms that support it, use prctl() to prevent sftp-server
6450        from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
6451
6452commit 48abc47e60048461fe9117e108a7e99ea1ac2bb8
6453Author: Damien Miller <djm@mindrot.org>
6454Date:   Mon Mar 17 14:45:56 2014 +1100
6455
6456     - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to
6457       remind myself to add sandbox violation logging via the log socket.
6458
6459commit 9c36698ca2f554ec221dc7ef29c7a89e97c88705
6460Author: Tim Rice <tim@multitalents.net>
6461Date:   Fri Mar 14 12:45:01 2014 -0700
6462
6463    20140314
6464     - (tim) [opensshd.init.in] Add support for ed25519
6465
6466commit 19158b2447e35838d69b2b735fb640d1e86061ea
6467Author: Damien Miller <djm@mindrot.org>
6468Date:   Thu Mar 13 13:14:21 2014 +1100
6469
6470     - (djm) Release OpenSSH 6.6
6471
6472commit 8569eba5d7f7348ce3955eeeb399f66f25c52ece
6473Author: Damien Miller <djm@mindrot.org>
6474Date:   Tue Mar 4 09:35:17 2014 +1100
6475
6476       - djm@cvs.openbsd.org 2014/03/03 22:22:30
6477         [session.c]
6478         ignore enviornment variables with embedded '=' or '\0' characters;
6479         spotted by Jann Horn; ok deraadt@
6480
6481commit 2476c31b96e89aec7d4e73cb6fbfb9a4290de3a7
6482Author: Damien Miller <djm@mindrot.org>
6483Date:   Sun Mar 2 04:01:00 2014 +1100
6484
6485     - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
6486       no moduli file exists at the expected location.
6487
6488commit c83fdf30e9db865575b2521b1fe46315cf4c70ae
6489Author: Damien Miller <djm@mindrot.org>
6490Date:   Fri Feb 28 10:34:03 2014 +1100
6491
6492     - (djm) [regress/host-expand.sh] Add RCS Id
6493
6494commit 834aeac3555e53f7d29a6fcf3db010dfb99681c7
6495Author: Damien Miller <djm@mindrot.org>
6496Date:   Fri Feb 28 10:25:16 2014 +1100
6497
6498       - djm@cvs.openbsd.org 2014/02/27 21:21:25
6499         [agent-ptrace.sh agent.sh]
6500         keep return values that are printed in error messages;
6501         from portable
6502         (Id sync only)
6503
6504commit 4f7f1a9a0de24410c30952c7e16d433240422182
6505Author: Damien Miller <djm@mindrot.org>
6506Date:   Fri Feb 28 10:24:11 2014 +1100
6507
6508       - djm@cvs.openbsd.org 2014/02/27 20:04:16
6509         [login-timeout.sh]
6510         remove any existing LoginGraceTime from sshd_config before adding
6511         a specific one for the test back in
6512
6513commit d705d987c27f68080c8798eeb5262adbdd6b4ffd
6514Author: Damien Miller <djm@mindrot.org>
6515Date:   Fri Feb 28 10:23:26 2014 +1100
6516
6517       - djm@cvs.openbsd.org 2014/01/26 10:49:17
6518         [scp-ssh-wrapper.sh scp.sh]
6519         make sure $SCP is tested on the remote end rather than whichever one
6520         happens to be in $PATH; from portable
6521         (Id sync only)
6522
6523commit 624a3ca376e3955a4b9d936c9e899e241b65d357
6524Author: Damien Miller <djm@mindrot.org>
6525Date:   Fri Feb 28 10:22:37 2014 +1100
6526
6527       - djm@cvs.openbsd.org 2014/01/26 10:22:10
6528         [regress/cert-hostkey.sh]
6529         automatically generate revoked keys from listed keys rather than
6530         manually specifying each type; from portable
6531         (Id sync only)
6532
6533commit b84392328425e4b9a71f8bde5fe6a4a4c48d3ec4
6534Author: Damien Miller <djm@mindrot.org>
6535Date:   Fri Feb 28 10:21:26 2014 +1100
6536
6537       - dtucker@cvs.openbsd.org 2014/01/25 04:35:32
6538         [regress/Makefile regress/dhgex.sh]
6539         Add a test for DH GEX sizes
6540
6541commit 1e2aa3d90472293ea19008f02336d6d68aa05793
6542Author: Damien Miller <djm@mindrot.org>
6543Date:   Fri Feb 28 10:19:51 2014 +1100
6544
6545       - dtucker@cvs.openbsd.org 2014/01/20 00:00:30
6546         [sftp-chroot.sh]
6547         append to rather than truncating the log file
6548
6549commit f483cc16fe7314e24a37aa3a4422b03c013c3213
6550Author: Damien Miller <djm@mindrot.org>
6551Date:   Fri Feb 28 10:19:11 2014 +1100
6552
6553       - dtucker@cvs.openbsd.org 2014/01/19 23:43:02
6554         [regress/sftp-chroot.sh]
6555         Don't use -q on sftp as it suppresses logging, instead redirect the
6556         output to the regress logfile.
6557
6558commit 6486f16f1c0ebd6f39286f6ab5e08286d90a994a
6559Author: Damien Miller <djm@mindrot.org>
6560Date:   Fri Feb 28 10:03:52 2014 +1100
6561
6562     - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
6563       [contrib/suse/openssh.spec] Crank version numbers
6564
6565commit 92cf5adea194140380e6af6ec32751f9ad540794
6566Author: Damien Miller <djm@mindrot.org>
6567Date:   Fri Feb 28 10:01:53 2014 +1100
6568
6569       - djm@cvs.openbsd.org 2014/02/27 22:57:40
6570         [version.h]
6571         openssh-6.6
6572
6573commit fc5d6759aba71eb205b296b5f148010ffc828583
6574Author: Damien Miller <djm@mindrot.org>
6575Date:   Fri Feb 28 10:01:28 2014 +1100
6576
6577       - djm@cvs.openbsd.org 2014/02/27 22:47:07
6578         [sshd_config.5]
6579         bz#2184 clarify behaviour of a keyword that appears in multiple
6580         matching Match blocks; ok dtucker@
6581
6582commit 172ec7e0af1a5f1d682f6a2dca335c6c186153d5
6583Author: Damien Miller <djm@mindrot.org>
6584Date:   Fri Feb 28 10:00:57 2014 +1100
6585
6586       - djm@cvs.openbsd.org 2014/02/27 08:25:09
6587         [bufbn.c]
6588         off by one in range check
6589
6590commit f9a9aaba437c2787e40cf7cc928281950e161678
6591Author: Damien Miller <djm@mindrot.org>
6592Date:   Fri Feb 28 10:00:27 2014 +1100
6593
6594       - djm@cvs.openbsd.org 2014/02/27 00:41:49
6595         [bufbn.c]
6596         fix unsigned overflow that could lead to reading a short ssh protocol
6597         1 bignum value; found by Ben Hawkes; ok deraadt@
6598
6599commit fb3423b612713d9cde67c8a75f6f51188d6a3de3
6600Author: Damien Miller <djm@mindrot.org>
6601Date:   Thu Feb 27 10:20:07 2014 +1100
6602
6603       - markus@cvs.openbsd.org 2014/02/26 21:53:37
6604         [sshd.c]
6605         ssh_gssapi_prepare_supported_oids needs GSSAPI
6606
6607commit 1348129a34f0f7728c34d86c100a32dcc8d1f922
6608Author: Damien Miller <djm@mindrot.org>
6609Date:   Thu Feb 27 10:18:32 2014 +1100
6610
6611       - djm@cvs.openbsd.org 2014/02/26 20:29:29
6612         [channels.c]
6613         don't assume that the socks4 username is \0 terminated;
6614         spotted by Ben Hawkes; ok markus@
6615
6616commit e6a74aeeacd01d885262ff8e50eb28faee8c8039
6617Author: Damien Miller <djm@mindrot.org>
6618Date:   Thu Feb 27 10:17:49 2014 +1100
6619
6620       - djm@cvs.openbsd.org 2014/02/26 20:28:44
6621         [auth2-gss.c gss-serv.c ssh-gss.h sshd.c]
6622         bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep
6623         sandboxing, as running this code in the sandbox can cause violations;
6624         ok markus@
6625
6626commit 08b57c67f3609340ff703fe2782d7058acf2529e
6627Author: Damien Miller <djm@mindrot.org>
6628Date:   Thu Feb 27 10:17:13 2014 +1100
6629
6630       - djm@cvs.openbsd.org 2014/02/26 20:18:37
6631         [ssh.c]
6632         bz#2205: avoid early hostname lookups unless canonicalisation is enabled;
6633         ok dtucker@ markus@
6634
6635commit 13f97b2286142fd0b8eab94e4ce84fe124eeb752
6636Author: Damien Miller <djm@mindrot.org>
6637Date:   Mon Feb 24 15:57:55 2014 +1100
6638
6639       - djm@cvs.openbsd.org 2014/02/23 20:11:36
6640         [readconf.c readconf.h ssh.c ssh_config.5]
6641         reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes
6642         the hostname. This allows users to write configurations that always
6643         refer to canonical hostnames, e.g.
6644
6645         CanonicalizeHostname yes
6646         CanonicalDomains int.example.org example.org
6647         CanonicalizeFallbackLocal no
6648
6649         Host *.int.example.org
6650             Compression off
6651         Host *.example.org
6652             User djm
6653
6654         ok markus@
6655
6656commit bee3a234f3d1ad4244952bcff1b4b7c525330dc2
6657Author: Damien Miller <djm@mindrot.org>
6658Date:   Mon Feb 24 15:57:22 2014 +1100
6659
6660       - djm@cvs.openbsd.org 2014/02/23 20:03:42
6661         [ssh-ed25519.c]
6662         check for unsigned overflow; not reachable in OpenSSH but others might
6663         copy our code...
6664
6665commit 0628780abe61e7e50cba48cdafb1837f49ff23b2
6666Author: Damien Miller <djm@mindrot.org>
6667Date:   Mon Feb 24 15:56:45 2014 +1100
6668
6669       - djm@cvs.openbsd.org 2014/02/22 01:32:19
6670         [readconf.c]
6671         when processing Match blocks, skip 'exec' clauses if previous predicates
6672         failed to match; ok markus@
6673
6674commit 0890dc8191bb201eb01c3429feec0300a9d3a930
6675Author: Damien Miller <djm@mindrot.org>
6676Date:   Mon Feb 24 15:56:07 2014 +1100
6677
6678       - djm@cvs.openbsd.org 2014/02/15 23:05:36
6679         [channels.c]
6680         avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;
6681         bz#2200, debian#738692 via Colin Watson; ok dtucker@
6682
6683commit d3cf67e1117c25d151d0f86396e77ee3a827045a
6684Author: Damien Miller <djm@mindrot.org>
6685Date:   Mon Feb 24 15:55:36 2014 +1100
6686
6687       - djm@cvs.openbsd.org 2014/02/07 06:55:54
6688         [cipher.c mac.c]
6689         remove some logging that makes ssh debugging output very verbose;
6690         ok markus
6691
6692commit 03ae081aeaa118361c81ece76eb7cc1aaa2b40c5
6693Author: Tim Rice <tim@multitalents.net>
6694Date:   Fri Feb 21 09:09:34 2014 -0800
6695
6696    20140221
6697     - (tim) [configure.ac]  Fix cut-and-paste error. Patch from Bryan Drewery.
6698
6699commit 4a20959d2e3c90e9d66897c0b4032c785672d815
6700Author: Darren Tucker <dtucker@zip.com.au>
6701Date:   Thu Feb 13 16:38:32 2014 +1100
6702
6703     - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]  Add compat
6704       code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
6705
6706commit d1a7a9c0fd1ac2e3314cceb2891959fd2cd9eabb
6707Author: Damien Miller <djm@mindrot.org>
6708Date:   Fri Feb 7 09:24:33 2014 +1100
6709
6710       - djm@cvs.openbsd.org 2014/02/06 22:21:01
6711         [sshconnect.c]
6712         in ssh_create_socket(), only do the getaddrinfo for BindAddress when
6713         BindAddress is actually specified. Fixes regression in 6.5 for
6714         UsePrivilegedPort=yes; patch from Corinna Vinschen
6715
6716commit 6ce35b6cc4ead1bf98abec34cb2e2d6ca0abb15e
6717Author: Damien Miller <djm@mindrot.org>
6718Date:   Fri Feb 7 09:24:14 2014 +1100
6719
6720       - naddy@cvs.openbsd.org 2014/02/05 20:13:25
6721         [ssh-keygen.1 ssh-keygen.c]
6722         tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@
6723         while here, fix ordering in usage(); requested by jmc@
6724
6725commit 6434cb2cfbbf0a46375d2d22f2ff9927feb5e478
6726Author: Damien Miller <djm@mindrot.org>
6727Date:   Thu Feb 6 11:17:50 2014 +1100
6728
6729     - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define
6730        __NR_shutdown; some go via the socketcall(2) multiplexer.
6731
6732commit 8d36f9ac71eff2e9f5770c0518b73d875f270647
6733Author: Darren Tucker <dtucker@zip.com.au>
6734Date:   Thu Feb 6 10:44:13 2014 +1100
6735
6736     - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL
6737       before freeing since free(NULL) is a no-op.  ok djm.
6738
6739commit a0959da3680b4ce8cf911caf3293a6d90f88eeb7
6740Author: Damien Miller <djm@mindrot.org>
6741Date:   Wed Feb 5 10:33:45 2014 +1100
6742
6743     - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by
6744       headers/libc but not supported by the kernel. Patch from Loganaden
6745       Velvindron @ AfriNIC
6746
6747commit 9c449bc183b256c84d8f740727b0bc54d247b15e
6748Author: Damien Miller <djm@mindrot.org>
6749Date:   Tue Feb 4 11:38:28 2014 +1100
6750
6751     - (djm) [regress/setuid-allowed.c] Missing string.h for strerror()
6752
6753commit bf7e0f03be661b6f5b3bfe325135ce19391f9c4d
6754Author: Damien Miller <djm@mindrot.org>
6755Date:   Tue Feb 4 11:37:50 2014 +1100
6756
6757     - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o
6758
6759commit eb6d870a0ea8661299bb2ea8f013d3ace04e2024
6760Author: Damien Miller <djm@mindrot.org>
6761Date:   Tue Feb 4 11:26:34 2014 +1100
6762
6763       - djm@cvs.openbsd.org 2014/02/04 00:24:29
6764         [ssh.c]
6765         delay lowercasing of hostname until right before hostname
6766         canonicalisation to unbreak case-sensitive matching of ssh_config;
6767         reported by Ike Devolder; ok markus@
6768
6769commit d56b44d2dfa093883a5c4e91be3f72d99946b170
6770Author: Damien Miller <djm@mindrot.org>
6771Date:   Tue Feb 4 11:26:04 2014 +1100
6772
6773       - djm@cvs.openbsd.org 2014/02/04 00:24:29
6774         [ssh.c]
6775         delay lowercasing of hostname until right before hostname
6776         canonicalisation to unbreak case-sensitive matching of ssh_config;
6777         reported by Ike Devolder; ok markus@
6778
6779commit db3c595ea74ea9ccd5aa644d7e1f8dc675710731
6780Author: Damien Miller <djm@mindrot.org>
6781Date:   Tue Feb 4 11:25:45 2014 +1100
6782
6783       - djm@cvs.openbsd.org 2014/02/02 03:44:31
6784         [digest-libc.c digest-openssl.c]
6785         convert memset of potentially-private data to explicit_bzero()
6786
6787commit aae07e2e2000dd318418fd7fd4597760904cae32
6788Author: Damien Miller <djm@mindrot.org>
6789Date:   Tue Feb 4 11:20:40 2014 +1100
6790
6791       - djm@cvs.openbsd.org 2014/02/03 23:28:00
6792         [ssh-ecdsa.c]
6793         fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike
6794         DSA_SIG_new. Reported by Batz Spear; ok markus@
6795
6796commit a5103f413bde6f31bff85d6e1fd29799c647d765
6797Author: Damien Miller <djm@mindrot.org>
6798Date:   Tue Feb 4 11:20:14 2014 +1100
6799
6800       - djm@cvs.openbsd.org 2014/02/02 03:44:32
6801         [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
6802         [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
6803         [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
6804         [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
6805         [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
6806         [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
6807         [sshd.c]
6808         convert memset of potentially-private data to explicit_bzero()
6809
6810commit 1d2c4564265ee827147af246a16f3777741411ed
6811Author: Damien Miller <djm@mindrot.org>
6812Date:   Tue Feb 4 11:18:20 2014 +1100
6813
6814       - tedu@cvs.openbsd.org 2014/01/31 16:39:19
6815         [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
6816         [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
6817         [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
6818         [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
6819         [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
6820         replace most bzero with explicit_bzero, except a few that cna be memset
6821         ok djm dtucker
6822
6823commit 3928de067c286683a95fbdbdb5fdb3c78a0e5efd
6824Author: Damien Miller <djm@mindrot.org>
6825Date:   Tue Feb 4 11:13:54 2014 +1100
6826
6827       - djm@cvs.openbsd.org 2014/01/30 22:26:14
6828         [sandbox-systrace.c]
6829         allow shutdown(2) syscall in sandbox - it may be called by packet_close()
6830         from portable
6831         (Id sync only; change is already in portable)
6832
6833commit e1e480aee8a9af6cfbe7188667b7b940d6b57f9f
6834Author: Damien Miller <djm@mindrot.org>
6835Date:   Tue Feb 4 11:13:17 2014 +1100
6836
6837       - jmc@cvs.openbsd.org 2014/01/29 14:04:51
6838         [sshd_config.5]
6839         document kbdinteractiveauthentication;
6840         requested From: Ross L Richardson
6841
6842         dtucker/markus helped explain its workings;
6843
6844commit 7cc194f70d4a5ec9a82d19422eaf18db4a6624c6
6845Author: Damien Miller <djm@mindrot.org>
6846Date:   Tue Feb 4 11:12:56 2014 +1100
6847
6848       - djm@cvs.openbsd.org 2014/01/29 06:18:35
6849         [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c]
6850         [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h]
6851         [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c]
6852         remove experimental, never-enabled JPAKE code; ok markus@
6853
6854commit b0f26544cf6f4feeb1a4f6db09fca834f5c9867d
6855Author: Damien Miller <djm@mindrot.org>
6856Date:   Tue Feb 4 11:10:01 2014 +1100
6857
6858       - djm@cvs.openbsd.org 2014/01/29 00:19:26
6859         [sshd.c]
6860         use kill(0, ...) instead of killpg(0, ...); on most operating systems
6861         they are equivalent, but SUSv2 describes the latter as having undefined
6862         behaviour; from portable; ok dtucker
6863         (Id sync only; change is already in portable)
6864
6865commit f8f35bc471500348bb262039fb1fc43175d251b0
6866Author: Damien Miller <djm@mindrot.org>
6867Date:   Tue Feb 4 11:09:12 2014 +1100
6868
6869       - jmc@cvs.openbsd.org 2014/01/28 14:13:39
6870         [ssh-keyscan.1]
6871         kill some bad Pa;
6872         From: Jan Stary
6873
6874commit 0ba85d696ae9daf66002c2e4ab0d6bb111e1a787
6875Author: Damien Miller <djm@mindrot.org>
6876Date:   Tue Feb 4 11:08:38 2014 +1100
6877
6878    ignore a few more regress droppings
6879
6880commit ec93d15170b7a6ddf63fd654bd0f6a752acc19dd
6881Author: Damien Miller <djm@mindrot.org>
6882Date:   Tue Feb 4 11:07:13 2014 +1100
6883
6884       - markus@cvs.openbsd.org 2014/01/27 20:13:46
6885         [digest.c digest-openssl.c digest-libc.c Makefile.in]
6886         rename digest.c to digest-openssl.c and add libc variant; ok djm@
6887
6888commit 4a1c7aa640fb97d3472d51b215b6a0ec0fd025c7
6889Author: Damien Miller <djm@mindrot.org>
6890Date:   Tue Feb 4 11:03:36 2014 +1100
6891
6892       - markus@cvs.openbsd.org 2014/01/27 19:18:54
6893         [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c]
6894         replace openssl MD5 with our ssh_digest_*; ok djm@
6895
6896commit 4e8d937af79ce4e253f77ec93489d098b25becc3
6897Author: Damien Miller <djm@mindrot.org>
6898Date:   Tue Feb 4 11:02:42 2014 +1100
6899
6900       - markus@cvs.openbsd.org 2014/01/27 18:58:14
6901         [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h]
6902         replace openssl HMAC with an implementation based on our ssh_digest_*
6903         ok and feedback djm@
6904
6905commit 69d0d09f76bab5aec86fbf78489169f63bd16475
6906Author: Tim Rice <tim@multitalents.net>
6907Date:   Fri Jan 31 14:25:18 2014 -0800
6908
6909     - (tim) [Makefile.in] build regress/setuid-allow.
6910
6911commit 0eeafcd76b972a3d159f3118227c149a4d7817fe
6912Author: Darren Tucker <dtucker@zip.com.au>
6913Date:   Fri Jan 31 14:18:51 2014 +1100
6914
6915     - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros.  Fixes
6916       build with HP-UX's compiler.  Patch from Kevin Brott.
6917
6918commit 7e5cec6070673e9f9785ffc749837ada22fbe99f
6919Author: Damien Miller <djm@mindrot.org>
6920Date:   Fri Jan 31 09:25:34 2014 +1100
6921
6922     - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
6923       syscall from sandboxes; it may be called by packet_close.
6924
6925commit cdb6c90811caa5df2df856be9b0b16db020fe31d
6926Author: Damien Miller <djm@mindrot.org>
6927Date:   Thu Jan 30 12:50:17 2014 +1100
6928
6929     - (djm) Release openssh-6.5p1
6930
6931commit 996ea80b1884b676a901439f1f2681eb6ff68501
6932Author: Damien Miller <djm@mindrot.org>
6933Date:   Thu Jan 30 12:49:55 2014 +1100
6934
6935    trim entries prior to openssh-6.0p1
6936
6937commit f5bbd3b657b6340551c8a95f74a70857ff8fac79
6938Author: Damien Miller <djm@mindrot.org>
6939Date:   Thu Jan 30 11:26:46 2014 +1100
6940
6941     - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering
6942       different symbols for 'read' when various compiler flags are
6943       in use, causing atomicio.c comparisons against it to break and
6944       read/write operations to hang; ok dtucker
6945
6946commit c2868192ddc4e1420a50389e18c05db20b0b1f32
6947Author: Damien Miller <djm@mindrot.org>
6948Date:   Thu Jan 30 10:21:19 2014 +1100
6949
6950     - (djm) [configure.ac] Only check for width-specified integer types
6951       in headers that actually exist. patch from Tom G. Christensen;
6952       ok dtucker@
6953
6954commit c161fc90fc86e2035710570238a9e1ca7a68d2a5
6955Author: Damien Miller <djm@mindrot.org>
6956Date:   Wed Jan 29 21:01:33 2014 +1100
6957
6958     - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from
6959       Tom G. Christensen
6960
6961commit 6f917ad376481995ab7d29fb53b08ec8d507eb9e
6962Author: Tim Rice <tim@multitalents.net>
6963Date:   Tue Jan 28 10:26:25 2014 -0800
6964
6965     - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable
6966       when used as an error message inside an if statement so we display the
6967       correct into. agent.sh patch from Petr Lautrbach.
6968
6969commit ab16ef4152914d44ce6f76e48167d26d22f66a06
6970Author: Damien Miller <djm@mindrot.org>
6971Date:   Tue Jan 28 15:08:12 2014 +1100
6972
6973     - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the
6974       latter being specified to have undefined behaviour in SUSv3;
6975       ok dtucker
6976
6977commit ab0394905884dc6e58c3721211c6b38fb8fc2ca8
6978Author: Damien Miller <djm@mindrot.org>
6979Date:   Tue Jan 28 15:07:10 2014 +1100
6980
6981     - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl;
6982       ok dtucker
6983
6984commit 4ab20a82d4d4168d62318923f62382f6ef242fcd
6985Author: Darren Tucker <dtucker@zip.com.au>
6986Date:   Mon Jan 27 17:35:04 2014 +1100
6987
6988     - (dtucker) [Makefile.in] Remove trailing backslash which some make
6989       implementations (eg older Solaris) do not cope with.
6990
6991commit e7e8b3cfe9f8665faaf0e68b33df5bbb431bd129
6992Author: Darren Tucker <dtucker@zip.com.au>
6993Date:   Mon Jan 27 17:32:50 2014 +1100
6994
6995    Welcome to 2014
6996
6997commit 5b447c0aac0dd444251e276f6bb3bbbe1c05331c
6998Author: Damien Miller <djm@mindrot.org>
6999Date:   Sun Jan 26 09:46:53 2014 +1100
7000
7001     - (djm) [configure.ac] correct AC_DEFINE for previous.
7002
7003commit 2035b2236d3b1f76c749c642a43e03c85eae76e6
7004Author: Damien Miller <djm@mindrot.org>
7005Date:   Sun Jan 26 09:39:53 2014 +1100
7006
7007      - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable
7008        RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
7009        libc will attempt to open additional file descriptors for crypto
7010        offload and crash if they cannot be opened.
7011
7012commit a92ac7410475fbb00383c7402aa954dc0a75ae19
7013Author: Damien Miller <djm@mindrot.org>
7014Date:   Sun Jan 26 09:38:03 2014 +1100
7015
7016       - markus@cvs.openbsd.org 2014/01/25 20:35:37
7017         [kex.c]
7018         dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len)
7019         ok dtucker@, noted by mancha
7020
7021commit 76eea4ab4e658670ca6e76dd1e6d17f262208b57
7022Author: Damien Miller <djm@mindrot.org>
7023Date:   Sun Jan 26 09:37:25 2014 +1100
7024
7025       - dtucker@cvs.openbsd.org 2014/01/25 10:12:50
7026         [cipher.c cipher.h kex.c kex.h kexgexc.c]
7027         Add a special case for the DH group size for 3des-cbc, which has an
7028         effective strength much lower than the key size.  This causes problems
7029         with some cryptlib implementations, which don't support group sizes larger
7030         than 4k but also don't use the largest group size it does support as
7031         specified in the RFC.  Based on a patch from Petr Lautrbach at Redhat,
7032         reduced by me with input from Markus.  ok djm@ markus@
7033
7034commit 603b8f47f1cd9ed95a2017447db8e60ca6704594
7035Author: Damien Miller <djm@mindrot.org>
7036Date:   Sat Jan 25 13:16:59 2014 +1100
7037
7038     - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test
7039       against the correct thing.
7040
7041commit c96d85376d779b6ac61525b5440010d344d2f23f
7042Author: Damien Miller <djm@mindrot.org>
7043Date:   Sat Jan 25 13:12:28 2014 +1100
7044
7045     - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless
7046       sys/capability.h exists and cap_rights_limit is in libc. Fixes
7047       build on FreeBSD9x which provides the header but not the libc
7048       support.
7049
7050commit f62ecef9939cb3dbeb10602fd705d4db3976d822
7051Author: Damien Miller <djm@mindrot.org>
7052Date:   Sat Jan 25 12:34:38 2014 +1100
7053
7054     - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD
7055
7056commit b0e0f760b861676a3fe5c40133b270713d5321a9
7057Author: Damien Miller <djm@mindrot.org>
7058Date:   Fri Jan 24 14:27:04 2014 +1100
7059
7060     - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make
7061       the scp regress test actually test the built scp rather than the one
7062       in $PATH. ok dtucker@
7063
7064commit 42a092530159637da9cb7f9e1b5f4679e34a85e6
7065Author: Darren Tucker <dtucker@zip.com.au>
7066Date:   Thu Jan 23 23:14:39 2014 +1100
7067
7068     - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously
7069       incompatible with OpenBSD's despite post-dating it by more than a decade.
7070       Declare it as broken, and document FreeBSD's as the same.  ok djm@
7071
7072commit 617da33c20cb59f9ea6c99c881d92493371ef7b8
7073Author: Tim Rice <tim@multitalents.net>
7074Date:   Wed Jan 22 19:16:10 2014 -0800
7075
7076     - (tim) [session.c] Improve error reporting on set_id().
7077
7078commit 5c2ff5e31f57d303ebb414d84a934c02728fa568
7079Author: Damien Miller <djm@mindrot.org>
7080Date:   Wed Jan 22 21:30:12 2014 +1100
7081
7082     - (djm) [configure.ac aclocal.m4] More tests to detect fallout from
7083       platform hardening options: include some long long int arithmatic
7084       to detect missing support functions for -ftrapv in libgcc and
7085       equivalents, actually test linking when -ftrapv is supplied and
7086       set either both -pie/-fPIE or neither. feedback and ok dtucker@
7087
7088commit 852472a54b8a0dc3e53786b313baaa86850a4273
7089Author: Damien Miller <djm@mindrot.org>
7090Date:   Wed Jan 22 16:31:18 2014 +1100
7091
7092     - (djm) [configure.ac] Unless specifically requested, only attempt
7093       to build Position Independent Executables on gcc >= 4.x; ok dtucker
7094
7095commit ee87838786cef0194db36ae0675b3e7c4e8ec661
7096Author: Damien Miller <djm@mindrot.org>
7097Date:   Wed Jan 22 16:30:15 2014 +1100
7098
7099     - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a
7100       platform that is expected to use the reuse-argv style setproctitle
7101       hack surprises us by providing a setproctitle in libc; ok dtucker
7102
7103commit 5c96a154c7940fa67b1f11c421e390dbbc159f27
7104Author: Damien Miller <djm@mindrot.org>
7105Date:   Tue Jan 21 13:10:26 2014 +1100
7106
7107     - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE
7108       and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of
7109       detecting toolchain-related problems; ok dtucker
7110
7111commit 9464ba6fb34bb42eb3501ec3c5143662e75674bf
7112Author: Tim Rice <tim@multitalents.net>
7113Date:   Mon Jan 20 17:59:28 2014 -0800
7114
7115     - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced
7116       with sftp chroot support. Move set_id call after chroot.
7117
7118commit a6d573caa14d490e6c42fb991bcb5c6860ec704b
7119Author: Darren Tucker <dtucker@zip.com.au>
7120Date:   Tue Jan 21 12:50:46 2014 +1100
7121
7122     - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time
7123       tests in the configure output.  ok djm.
7124
7125commit 096118dc73ab14810b3c12785c0b5acb01ad6123
7126Author: Darren Tucker <dtucker@zip.com.au>
7127Date:   Tue Jan 21 12:48:51 2014 +1100
7128
7129     - (dtucker) [configure.ac] Make PIE a configure-time option which defaults
7130       to on platforms where it's known to be reliably detected and off elsewhere.
7131       Works around platforms such as FreeBSD 9.1 where it does not interop with
7132       -ftrapv (it seems to work but fails when trying to link ssh).  ok djm@
7133
7134commit f9df7f6f477792254eab33cdef71a6d66488cb88
7135Author: Damien Miller <djm@mindrot.org>
7136Date:   Mon Jan 20 20:07:15 2014 +1100
7137
7138     - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that
7139        skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@
7140
7141commit c74e70eb52ccc0082bd5a70b5798bb01c114d138
7142Author: Darren Tucker <dtucker@zip.com.au>
7143Date:   Mon Jan 20 13:18:09 2014 +1100
7144
7145    - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos
7146       implementation does not have krb5_cc_new_unique, similar to what we do
7147       in auth-krb5.c.
7148
7149commit 3510979e83b6a18ec8773c64c3fa04aa08b2e783
7150Author: Damien Miller <djm@mindrot.org>
7151Date:   Mon Jan 20 12:41:53 2014 +1100
7152
7153       - djm@cvs.openbsd.org 2014/01/20 00:08:48
7154         [digest.c]
7155         memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@
7156
7157commit 7eee358d7a6580479bee5cd7e52810ebfd03e5b2
7158Author: Darren Tucker <dtucker@zip.com.au>
7159Date:   Sun Jan 19 22:37:02 2014 +1100
7160
7161       - dtucker@cvs.openbsd.org 2014/01/19 11:21:51
7162         [addrmatch.c]
7163         Cast the sizeof to socklen_t so it'll work even if the supplied len is
7164         negative.  Suggested by and ok djm, ok deraadt.
7165
7166commit b7e01c09b56ab26e8fac56bbce0fd25e36d12bb0
7167Author: Darren Tucker <dtucker@zip.com.au>
7168Date:   Sun Jan 19 22:36:13 2014 +1100
7169
7170       - djm@cvs.openbsd.org 2014/01/19 04:48:08
7171         [ssh_config.5]
7172         fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal
7173
7174commit 7b1ded04adce42efa25ada7c3a39818d3109b724
7175Author: Darren Tucker <dtucker@zip.com.au>
7176Date:   Sun Jan 19 15:30:02 2014 +1100
7177
7178       - dtucker@cvs.openbsd.org 2014/01/19 04:17:29
7179         [canohost.c addrmatch.c]
7180         Cast socklen_t when comparing to size_t and use socklen_t to iterate over
7181         the ip options, both to prevent signed/unsigned comparison warnings.
7182         Patch from vinschen at redhat via portable openssh, begrudging ok deraadt.
7183
7184commit 293ee3c9f0796d99ebb033735f0e315f2e0180bf
7185Author: Darren Tucker <dtucker@zip.com.au>
7186Date:   Sun Jan 19 15:28:01 2014 +1100
7187
7188       - dtucker@cvs.openbsd.org 2014/01/18 09:36:26
7189         [session.c]
7190         explicitly define USE_PIPES to 1 to prevent redefinition warnings in
7191         portable on platforms that use pipes for everything.  From redhat @
7192         redhat.
7193
7194commit 2aca159d05f9e7880d1d8f1ce49a218840057f53
7195Author: Darren Tucker <dtucker@zip.com.au>
7196Date:   Sun Jan 19 15:25:34 2014 +1100
7197
7198       - dtucker@cvs.openbsd.org 2014/01/17 06:23:24
7199         [sftp-server.c]
7200         fix log message statvfs.  ok djm
7201
7202commit 841f7da89ae8b367bb502d61c5c41916c6e7ae4c
7203Author: Darren Tucker <dtucker@zip.com.au>
7204Date:   Sat Jan 18 22:12:15 2014 +1100
7205
7206     - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
7207       return value check for cap_enter() consistent with the other uses in
7208       FreeBSD.  From by Loganaden Velvindron @ AfriNIC via bz#2140.
7209
7210commit fdce3731660699b2429e93e822f2ccbaccd163ae
7211Author: Darren Tucker <dtucker@zip.com.au>
7212Date:   Sat Jan 18 21:12:42 2014 +1100
7213
7214     - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs,
7215       optind) are defined in getopt.h already.  Unfortunately they are defined as
7216       "declspec(dllimport)" for historical reasons, because the GNU linker didn't
7217       allow auto-import on PE/COFF targets way back when.  The problem is the
7218       dllexport attributes collide with the definitions in the various source
7219       files in OpenSSH, which obviousy define the variables without
7220       declspec(dllimport).  The least intrusive way to get rid of these warnings
7221       is to disable warnings for GCC compiler attributes when building on Cygwin.
7222       Patch from vinschen at redhat.com.
7223
7224commit 1411c9263f46e1ee49d0d302bf7258ebe69ce827
7225Author: Darren Tucker <dtucker@zip.com.au>
7226Date:   Sat Jan 18 21:03:59 2014 +1100
7227
7228     - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function
7229       declarations that stopped being included when we stopped including
7230       <windows.h> from openbsd-compat/bsd-cygwin_util.h.  Patch from vinschen at
7231       redhat.com.
7232
7233commit 89c532d843c95a085777c66365067d64d1937eb9
7234Author: Darren Tucker <dtucker@zip.com.au>
7235Date:   Sat Jan 18 20:43:49 2014 +1100
7236
7237     - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin.  Patch
7238       from vinschen at redhat.com
7239
7240commit 355f861022be7b23d3009fae8f3c9f6f7fc685f7
7241Author: Darren Tucker <dtucker@zip.com.au>
7242Date:   Sat Jan 18 00:12:38 2014 +1100
7243
7244     - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after
7245       they're defined if we have to define them ourselves.  Fixes builds on old
7246       AIX.
7247
7248commit a3357661ee1d5d553294f36e4940e8285c7f1332
7249Author: Darren Tucker <dtucker@zip.com.au>
7250Date:   Sat Jan 18 00:03:57 2014 +1100
7251
7252     - (dtucker) [readconf.c] Wrap paths.h inside an ifdef.  Allows building on
7253       Solaris.
7254
7255commit 9edcbff46ff01c8d5dee9c1aa843f09e9ad8a80e
7256Author: Darren Tucker <dtucker@zip.com.au>
7257Date:   Fri Jan 17 21:54:32 2014 +1100
7258
7259     - (dtucker) [configure.ac] Have --without-toolchain-hardening not turn off
7260       stack-protector since that has a separate flag that's been around a while.
7261
7262commit 6d725687c490d4ba957a1bbc0ba0a2956c09fa69
7263Author: Darren Tucker <dtucker@zip.com.au>
7264Date:   Fri Jan 17 19:17:34 2014 +1100
7265
7266     - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types.
7267
7268commit 5055699c7f7c7ef21703a443ec73117da392f6ae
7269Author: Darren Tucker <dtucker@zip.com.au>
7270Date:   Fri Jan 17 18:48:22 2014 +1100
7271
7272     - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we
7273       need them to cut down on the name collisions.
7274
7275commit a5cf1e220def07290260e4125e74f41ac75cf88d
7276Author: Darren Tucker <dtucker@zip.com.au>
7277Date:   Fri Jan 17 18:10:58 2014 +1100
7278
7279     - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c
7280       openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs
7281       to be useful (and for the regression tests to pass) on platforms that
7282       have statfs and fstatfs.  ok djm@
7283
7284commit 1357d71d7b6d269969520aaa3e84d312ec971d5b
7285Author: Darren Tucker <dtucker@zip.com.au>
7286Date:   Fri Jan 17 18:00:40 2014 +1100
7287
7288     - (dtucker) Fix typo in #ifndef.
7289
7290commit d23a91ffb289d3553a58b7a60cec39fba9f0f506
7291Author: Darren Tucker <dtucker@zip.com.au>
7292Date:   Fri Jan 17 17:32:30 2014 +1100
7293
7294     - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c
7295       openbsd-compat/openssl-compat.h]  Add compatibility layer for older
7296       openssl versions.  ok djm@
7297
7298commit 868ea1ea1c1bfdbee5dbad78f81999c5983ecf31
7299Author: Damien Miller <djm@mindrot.org>
7300Date:   Fri Jan 17 16:47:04 2014 +1100
7301
7302     - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]
7303       [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c]
7304       [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
7305       using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
7306       Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
7307
7308commit a9d186a8b50d18869a10e9203abf71c83ddb1f79
7309Author: Darren Tucker <dtucker@zip.com.au>
7310Date:   Fri Jan 17 16:30:49 2014 +1100
7311
7312       - dtucker@cvs.openbsd.org 2014/01/17 05:26:41
7313         [digest.c]
7314         remove unused includes.  ok djm@
7315
7316commit 5f1c57a7a7eb39c0e4fee3367712337dbcaef024
7317Author: Darren Tucker <dtucker@zip.com.au>
7318Date:   Fri Jan 17 16:29:45 2014 +1100
7319
7320       - djm@cvs.openbsd.org 2014/01/17 00:21:06
7321         [sftp-client.c]
7322         signed/unsigned comparison warning fix; from portable (Id sync only)
7323
7324commit c548722361d89fb12c108528f96b306a26477b18
7325Author: Darren Tucker <dtucker@zip.com.au>
7326Date:   Fri Jan 17 15:12:16 2014 +1100
7327
7328     - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into
7329       separate lines and alphabetize for easier diffing of changes.
7330
7331commit acad351a5b1c37de9130c9c1710445cc45a7f6b9
7332Author: Darren Tucker <dtucker@zip.com.au>
7333Date:   Fri Jan 17 14:20:05 2014 +1100
7334
7335     - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that
7336       don't have them.
7337
7338commit c3ed065ce8417aaa46490836648c173a5010f226
7339Author: Darren Tucker <dtucker@zip.com.au>
7340Date:   Fri Jan 17 14:18:45 2014 +1100
7341
7342     - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside
7343       #ifdef HAVE_STDINT_H.
7344
7345commit f45f78ae437062c7d9506c5f475b7215f486be44
7346Author: Darren Tucker <dtucker@zip.com.au>
7347Date:   Fri Jan 17 12:43:43 2014 +1100
7348
7349     - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include
7350       includes.h to pull in all of the compatibility stuff.
7351
7352commit 99df369d0340caac145d57f700d830147ff18b87
7353Author: Darren Tucker <dtucker@zip.com.au>
7354Date:   Fri Jan 17 12:42:17 2014 +1100
7355
7356     - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
7357
7358commit ac413b62ea1957e80c711acbe0c11b908273fc01
7359Author: Darren Tucker <dtucker@zip.com.au>
7360Date:   Fri Jan 17 12:31:33 2014 +1100
7361
7362     - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
7363
7364commit 1c4a011e9c939e74815346a560843e1862c300b8
7365Author: Darren Tucker <dtucker@zip.com.au>
7366Date:   Fri Jan 17 12:23:23 2014 +1100
7367
7368     - (dtucker) [loginrec.c] Cast to the types specfied in the format
7369        specification to prevent warnings.
7370
7371commit c3d483f9a8275be1113535a1e0d0e384f605f3c4
7372Author: Damien Miller <djm@mindrot.org>
7373Date:   Fri Jan 17 11:20:26 2014 +1100
7374
7375     - (djm) [sftp-client.c] signed/unsigned comparison fix
7376
7377commit fd994379dd972417d0491767f7cd9b5bf23f4975
7378Author: Darren Tucker <dtucker@zip.com.au>
7379Date:   Fri Jan 17 09:53:24 2014 +1100
7380
7381     - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain
7382       hardening flags including -fstack-protector-strong.  These default to on
7383       if the toolchain supports them, but there is a configure-time knob
7384       (--without-hardening) to disable them if necessary.  ok djm@
7385
7386commit 366224d21768ee8ec28cfbcc5fbade1b32582d58
7387Author: Damien Miller <djm@mindrot.org>
7388Date:   Thu Jan 16 18:51:44 2014 +1100
7389
7390     - (djm) [README] update release notes URL.
7391
7392commit 2ae77e64f8fa82cbf25c9755e8e847709b978b40
7393Author: Damien Miller <djm@mindrot.org>
7394Date:   Thu Jan 16 18:51:07 2014 +1100
7395
7396     - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
7397       [contrib/suse/openssh.spec] Crank RPM spec version numbers.
7398
7399commit 0fa29e6d777c73a1b4ddd3b996b06ee20022ae8a
7400Author: Damien Miller <djm@mindrot.org>
7401Date:   Thu Jan 16 18:42:31 2014 +1100
7402
7403       - djm@cvs.openbsd.org 2014/01/16 07:32:00
7404         [version.h]
7405         openssh-6.5
7406
7407commit 52c371cd6d2598cc73d4e633811b3012119c47e2
7408Author: Damien Miller <djm@mindrot.org>
7409Date:   Thu Jan 16 18:42:10 2014 +1100
7410
7411       - djm@cvs.openbsd.org 2014/01/16 07:31:09
7412         [sftp-client.c]
7413         needless and incorrect cast to size_t can break resumption of
7414         large download; patch from tobias@
7415
7416commit 91b580e4bec55118bf96ab3cdbe5a50839e75d0a
7417Author: Damien Miller <djm@mindrot.org>
7418Date:   Sun Jan 12 19:21:22 2014 +1100
7419
7420       - djm@cvs.openbsd.org 2014/01/12 08:13:13
7421         [bufaux.c buffer.h kex.c kex.h kexc25519.c kexc25519c.c kexc25519s.c]
7422         [kexdhc.c kexdhs.c kexecdhc.c kexecdhs.c kexgexc.c kexgexs.c]
7423         avoid use of OpenSSL BIGNUM type and functions for KEX with
7424         Curve25519 by adding a buffer_put_bignum2_from_string() that stores
7425         a string using the bignum encoding rules. Will make it easier to
7426         build a reduced-feature OpenSSH without OpenSSL in the future;
7427         ok markus@
7428
7429commit af5d4481f4c7c8c3c746e68b961bb85ef907800e
7430Author: Damien Miller <djm@mindrot.org>
7431Date:   Sun Jan 12 19:20:47 2014 +1100
7432
7433       - djm@cvs.openbsd.org 2014/01/10 05:59:19
7434         [sshd_config]
7435         the /etc/ssh/ssh_host_ed25519_key is loaded by default too
7436
7437commit 58cd63bc63038acddfb4051ed14e11179d8f4941
7438Author: Damien Miller <djm@mindrot.org>
7439Date:   Fri Jan 10 10:59:24 2014 +1100
7440
7441       - djm@cvs.openbsd.org 2014/01/09 23:26:48
7442         [sshconnect.c sshd.c]
7443         ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,
7444         deranged and might make some attacks on KEX easier; ok markus@
7445
7446commit b3051d01e505c9c2dc00faab472a0d06fa6b0e65
7447Author: Damien Miller <djm@mindrot.org>
7448Date:   Fri Jan 10 10:58:53 2014 +1100
7449
7450       - djm@cvs.openbsd.org 2014/01/09 23:20:00
7451         [digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c]
7452         [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c]
7453         [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c]
7454         [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c]
7455         Introduce digest API and use it to perform all hashing operations
7456         rather than calling OpenSSL EVP_Digest* directly. Will make it easier
7457         to build a reduced-feature OpenSSH without OpenSSL in future;
7458         feedback, ok markus@
7459
7460commit e00e413dd16eb747fb2c15a099971d91c13cf70f
7461Author: Damien Miller <djm@mindrot.org>
7462Date:   Fri Jan 10 10:40:45 2014 +1100
7463
7464       - guenther@cvs.openbsd.org 2014/01/09 03:26:00
7465         [sftp-common.c]
7466         When formating the time for "ls -l"-style output, show dates in the future
7467         with the year, and rearrange a comparison to avoid a potentional signed
7468         arithmetic overflow that would give the wrong result.
7469
7470         ok djm@
7471
7472commit 3e49853650448883685cfa32fa382d0ba6d51d48
7473Author: Damien Miller <djm@mindrot.org>
7474Date:   Fri Jan 10 10:37:05 2014 +1100
7475
7476       - tedu@cvs.openbsd.org 2014/01/04 17:50:55
7477         [mac.c monitor_mm.c monitor_mm.h xmalloc.c]
7478         use standard types and formats for size_t like variables. ok dtucker
7479
7480commit a9c1e500ef609795cbc662848edb1a1dca279c81
7481Author: Damien Miller <djm@mindrot.org>
7482Date:   Wed Jan 8 16:13:12 2014 +1100
7483
7484     - (djm) [regress/.cvsignore] Ignore regress test droppings; ok dtucker@
7485
7486commit 324541e5264e1489ca0babfaf2b39612eb80dfb3
7487Author: Damien Miller <djm@mindrot.org>
7488Date:   Tue Dec 31 12:25:40 2013 +1100
7489
7490       - djm@cvs.openbsd.org 2013/12/30 23:52:28
7491         [auth2-hostbased.c auth2-pubkey.c compat.c compat.h ssh-rsa.c]
7492         [sshconnect.c sshconnect2.c sshd.c]
7493         refuse RSA keys from old proprietary clients/servers that use the
7494         obsolete RSA+MD5 signature scheme. it will still be possible to connect
7495         with these clients/servers but only DSA keys will be accepted, and we'll
7496         deprecate them entirely in a future release. ok markus@
7497
7498commit 9f4c8e797ea002a883307ca906f1f1f815010e78
7499Author: Damien Miller <djm@mindrot.org>
7500Date:   Sun Dec 29 17:57:46 2013 +1100
7501
7502     - (djm) [regress/Makefile] Add some generated files for cleaning
7503
7504commit 106bf1ca3c7a5fdc34f9fd7a1fe651ca53085bc5
7505Author: Damien Miller <djm@mindrot.org>
7506Date:   Sun Dec 29 17:54:03 2013 +1100
7507
7508       - djm@cvs.openbsd.org 2013/12/29 05:57:02
7509         [sshconnect.c]
7510         when showing other hostkeys, don't forget Ed25519 keys
7511
7512commit 0fa47cfb32c239117632cab41e4db7d3e6de5e91
7513Author: Damien Miller <djm@mindrot.org>
7514Date:   Sun Dec 29 17:53:39 2013 +1100
7515
7516       - djm@cvs.openbsd.org 2013/12/29 05:42:16
7517         [ssh.c]
7518         don't forget to load Ed25519 certs too
7519
7520commit b9a95490daa04cc307589897f95bfaff324ad2c9
7521Author: Damien Miller <djm@mindrot.org>
7522Date:   Sun Dec 29 17:50:15 2013 +1100
7523
7524       - djm@cvs.openbsd.org 2013/12/29 04:35:50
7525         [authfile.c]
7526         don't refuse to load Ed25519 certificates
7527
7528commit f72cdde6e6fabc51d2a62f4e75b8b926d9d7ee89
7529Author: Damien Miller <djm@mindrot.org>
7530Date:   Sun Dec 29 17:49:55 2013 +1100
7531
7532       - djm@cvs.openbsd.org 2013/12/29 04:29:25
7533         [authfd.c]
7534         allow deletion of ed25519 keys from the agent
7535
7536commit 29ace1cb68cc378a464c72c0fd67aa5f9acd6b5b
7537Author: Damien Miller <djm@mindrot.org>
7538Date:   Sun Dec 29 17:49:31 2013 +1100
7539
7540       - djm@cvs.openbsd.org 2013/12/29 04:20:04
7541         [key.c]
7542         to make sure we don't omit any key types as valid CA keys again,
7543         factor the valid key type check into a key_type_is_valid_ca()
7544         function
7545
7546commit 9de4fcdc5a9cff48d49a3e2f6194d3fb2d7ae34d
7547Author: Damien Miller <djm@mindrot.org>
7548Date:   Sun Dec 29 17:49:13 2013 +1100
7549
7550       - djm@cvs.openbsd.org 2013/12/29 02:49:52
7551         [key.c]
7552         correct comment for key_drop_cert()
7553
7554commit 5baeacf8a80f054af40731c6f92435f9164b8e02
7555Author: Damien Miller <djm@mindrot.org>
7556Date:   Sun Dec 29 17:48:55 2013 +1100
7557
7558       - djm@cvs.openbsd.org 2013/12/29 02:37:04
7559         [key.c]
7560         correct comment for key_to_certified()
7561
7562commit 83f2fe26cb19330712c952eddbd3c0b621674adc
7563Author: Damien Miller <djm@mindrot.org>
7564Date:   Sun Dec 29 17:48:38 2013 +1100
7565
7566       - djm@cvs.openbsd.org 2013/12/29 02:28:10
7567         [key.c]
7568         allow ed25519 keys to appear as certificate authorities
7569
7570commit 06122e9a74bb488b0fe0a8f64e1135de870f9cc0
7571Author: Damien Miller <djm@mindrot.org>
7572Date:   Sun Dec 29 17:48:15 2013 +1100
7573
7574       - djm@cvs.openbsd.org 2013/12/27 22:37:18
7575         [ssh-rsa.c]
7576         correct comment
7577
7578commit 3e19295c3a253c8dc8660cf45baad7f45fccb969
7579Author: Damien Miller <djm@mindrot.org>
7580Date:   Sun Dec 29 17:47:50 2013 +1100
7581
7582       - djm@cvs.openbsd.org 2013/12/27 22:30:17
7583         [ssh-dss.c ssh-ecdsa.c ssh-rsa.c]
7584         make the original RSA and DSA signing/verification code look more like
7585         the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
7586         rather than tediously listing all variants, use __func__ for debug/
7587         error messages
7588
7589commit 137977180be6254639e2c90245763e6965f8d815
7590Author: Damien Miller <djm@mindrot.org>
7591Date:   Sun Dec 29 17:47:14 2013 +1100
7592
7593       - tedu@cvs.openbsd.org 2013/12/21 07:10:47
7594         [ssh-keygen.1]
7595         small typo
7596
7597commit 339a48fe7ffb3186d22bbaa9efbbc3a053e602fd
7598Author: Damien Miller <djm@mindrot.org>
7599Date:   Sun Dec 29 17:46:49 2013 +1100
7600
7601       - djm@cvs.openbsd.org 2013/12/19 22:57:13
7602         [poly1305.c poly1305.h]
7603         use full name for author, with his permission
7604
7605commit 0b36c83148976c7c8268f4f41497359e2fb26251
7606Author: Damien Miller <djm@mindrot.org>
7607Date:   Sun Dec 29 17:45:51 2013 +1100
7608
7609       - djm@cvs.openbsd.org 2013/12/19 01:19:41
7610         [ssh-agent.c]
7611         bz#2186: don't crash (NULL deref) when deleting PKCS#11 keys from an agent
7612         that has a mix of normal and PKCS#11 keys; fix from jay AT slushpupie.com;
7613         ok dtucker
7614
7615commit 4def184e9b6c36be6d965a9705632fc4c0c2a8af
7616Author: Damien Miller <djm@mindrot.org>
7617Date:   Sun Dec 29 17:45:26 2013 +1100
7618
7619       - djm@cvs.openbsd.org 2013/12/19 01:04:36
7620         [channels.c]
7621         bz#2147: fix multiple remote forwardings with dynamically assigned
7622         listen ports. In the s->c message to open the channel we were sending
7623         zero (the magic number to request a dynamic port) instead of the actual
7624         listen port. The client therefore had no way of discriminating between
7625         them.
7626
7627         Diagnosis and fix by ronf AT timeheart.net
7628
7629commit bf25d114e23a803f8feca8926281b1aaedb6191b
7630Author: Damien Miller <djm@mindrot.org>
7631Date:   Sun Dec 29 17:44:56 2013 +1100
7632
7633       - djm@cvs.openbsd.org 2013/12/19 00:27:57
7634         [auth-options.c]
7635         simplify freeing of source-address certificate restriction
7636
7637commit bb3dafe7024a5b4e851252e65ee35d45b965e4a8
7638Author: Damien Miller <djm@mindrot.org>
7639Date:   Sun Dec 29 17:44:29 2013 +1100
7640
7641       - dtucker@cvs.openbsd.org 2013/12/19 00:19:12
7642         [serverloop.c]
7643         Cast client_alive_interval to u_int64_t before assinging to
7644         max_time_milliseconds to avoid potential integer overflow in the timeout.
7645         bz#2170, patch from Loganaden Velvindron, ok djm@
7646
7647commit ef275ead3dcadde4db1efe7a0aa02b5e618ed40c
7648Author: Damien Miller <djm@mindrot.org>
7649Date:   Sun Dec 29 17:44:07 2013 +1100
7650
7651       - djm@cvs.openbsd.org 2013/12/19 00:10:30
7652         [ssh-add.c]
7653         skip requesting smartcard PIN when removing keys from agent; bz#2187
7654         patch from jay AT slushpupie.com; ok dtucker
7655
7656commit 7d97fd9a1cae778c3eacf16e09f5da3689d616c6
7657Author: Damien Miller <djm@mindrot.org>
7658Date:   Sun Dec 29 17:40:18 2013 +1100
7659
7660     - (djm) [loginrec.c] Check for username truncation when looking up lastlog
7661       entries
7662
7663commit 77244afe3b6d013b485e0952eaab89b9db83380f
7664Author: Darren Tucker <dtucker@zip.com.au>
7665Date:   Sat Dec 21 17:02:39 2013 +1100
7666
7667    20131221
7668     - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
7669
7670commit 53f8e784dc431a82d31c9b0e95b144507f9330e9
7671Author: Darren Tucker <dtucker@zip.com.au>
7672Date:   Thu Dec 19 11:31:44 2013 +1100
7673
7674     - (dtucker) [auth-pam.c] bz#2163: check return value from pam_get_item().
7675       Patch from Loganaden Velvindron.
7676
7677commit 1fcec9d4f265e38af248c4c845986ca8c174bd68
7678Author: Darren Tucker <dtucker@zip.com.au>
7679Date:   Thu Dec 19 11:00:12 2013 +1100
7680
7681     - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions
7682       greater than 11 either rather than just 11.  Patch from Tomas Kuthan.
7683
7684commit 6674eb9683afd1ea4eb35670b5e66815543a759e
7685Author: Damien Miller <djm@mindrot.org>
7686Date:   Wed Dec 18 17:50:39 2013 +1100
7687
7688       - markus@cvs.openbsd.org 2013/12/17 10:36:38
7689         [crypto_api.h]
7690         I've assempled the header file by cut&pasting from generated headers
7691         and the source files.
7692
7693commit d58a5964426ee014384d67d775d16712e93057f3
7694Author: Damien Miller <djm@mindrot.org>
7695Date:   Wed Dec 18 17:50:13 2013 +1100
7696
7697       - djm@cvs.openbsd.org 2013/12/15 21:42:35
7698         [cipher-chachapoly.c]
7699         add some comments and constify a constant
7700
7701commit 059321d19af24d87420de3193f79dfab23556078
7702Author: Damien Miller <djm@mindrot.org>
7703Date:   Wed Dec 18 17:49:48 2013 +1100
7704
7705       - pascal@cvs.openbsd.org 2013/12/15 18:17:26
7706         [ssh-add.c]
7707         Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page.
7708         ok markus@
7709
7710commit 155b5a5bf158767f989215479ded2a57f331e1c6
7711Author: Damien Miller <djm@mindrot.org>
7712Date:   Wed Dec 18 17:48:32 2013 +1100
7713
7714       - markus@cvs.openbsd.org 2013/12/09 11:08:17
7715         [crypto_api.h]
7716         remove unused defines
7717
7718commit 8a56dc2b6b48b05590810e7f4c3567508410000c
7719Author: Damien Miller <djm@mindrot.org>
7720Date:   Wed Dec 18 17:48:11 2013 +1100
7721
7722       - markus@cvs.openbsd.org 2013/12/09 11:03:45
7723         [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
7724         [ge25519_base.data hash.c sc25519.c sc25519.h verify.c]
7725         Add Authors for the public domain ed25519/nacl code.
7726         see also http://nacl.cr.yp.to/features.html
7727            All of the NaCl software is in the public domain.
7728         and http://ed25519.cr.yp.to/software.html
7729            The Ed25519 software is in the public domain.
7730
7731commit 6575c3acf31fca117352f31f37b16ae46e664837
7732Author: Damien Miller <djm@mindrot.org>
7733Date:   Wed Dec 18 17:47:02 2013 +1100
7734
7735       - dtucker@cvs.openbsd.org 2013/12/08 09:53:27
7736         [sshd_config.5]
7737         Use a literal for the default value of KEXAlgorithms.  ok deraadt jmc
7738
7739commit 8ba0ead6985ea14999265136b14ffd5aeec516f9
7740Author: Damien Miller <djm@mindrot.org>
7741Date:   Wed Dec 18 17:46:27 2013 +1100
7742
7743       - naddy@cvs.openbsd.org 2013/12/07 11:58:46
7744         [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
7745         [ssh_config.5 sshd.8 sshd_config.5]
7746         add missing mentions of ed25519; ok djm@
7747
7748commit 4f752cf71cf44bf4bc777541156c2bf56daf9ce9
7749Author: Damien Miller <djm@mindrot.org>
7750Date:   Wed Dec 18 17:45:35 2013 +1100
7751
7752       - djm@cvs.openbsd.org 2013/12/07 08:08:26
7753         [ssh-keygen.1]
7754         document -a and -o wrt new key format
7755
7756commit 6d6fcd14e23a9053198342bb379815b15e504084
7757Author: Damien Miller <djm@mindrot.org>
7758Date:   Sun Dec 8 15:53:28 2013 +1100
7759
7760     - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh]
7761       [regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid
7762       filesystem before running agent-ptrace.sh; ok dtucker
7763
7764commit 7e6e42fb532c7dafd7078ef5e9e2d3e47fcf6752
7765Author: Damien Miller <djm@mindrot.org>
7766Date:   Sun Dec 8 08:23:08 2013 +1100
7767
7768     - (djm) [openbsd-compat/bsd-setres_id.c] Missing header; from Corinna
7769        Vinschen
7770
7771commit da3ca351b49d52ae85db2e3998265dc3c6617068
7772Author: Damien Miller <djm@mindrot.org>
7773Date:   Sat Dec 7 21:43:46 2013 +1100
7774
7775     - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; from
7776        Loganaden Velvindron @ AfriNIC in bz#2179
7777
7778commit eb401585bb8336cbf81fe4fc58eb9f7cac3ab874
7779Author: Damien Miller <djm@mindrot.org>
7780Date:   Sat Dec 7 17:07:15 2013 +1100
7781
7782     - (djm) [regress/cert-hostkey.sh] Fix merge botch
7783
7784commit f54542af3ad07532188b10136ae302314ec69ed6
7785Author: Damien Miller <djm@mindrot.org>
7786Date:   Sat Dec 7 16:32:44 2013 +1100
7787
7788       - markus@cvs.openbsd.org 2013/12/06 13:52:46
7789         [regress/Makefile regress/agent.sh regress/cert-hostkey.sh]
7790         [regress/cert-userkey.sh regress/keytype.sh]
7791         test ed25519 support; from djm@
7792
7793commit f104da263de995f66b6861b4f3368264ee483d7f
7794Author: Damien Miller <djm@mindrot.org>
7795Date:   Sat Dec 7 12:37:53 2013 +1100
7796
7797     - (djm) [ed25519.c ssh-ed25519.c openbsd-compat/Makefile.in]
7798        [openbsd-compat/bcrypt_pbkdf.c] Make ed25519/new key format compile on
7799           Linux
7800
7801commit 1ff130dac9b7aea0628f4ad30683431fe35e0020
7802Author: Damien Miller <djm@mindrot.org>
7803Date:   Sat Dec 7 11:51:51 2013 +1100
7804
7805     - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c]
7806       [openbsd-compat/blf.h openbsd-compat/blowfish.c]
7807       [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
7808       portable.
7809
7810commit 4260828a2958ebe8c96f66d8301dac53f4cde556
7811Author: Damien Miller <djm@mindrot.org>
7812Date:   Sat Dec 7 11:38:03 2013 +1100
7813
7814     - [authfile.c] Conditionalise inclusion of util.h
7815
7816commit a913442bac8a26fd296a3add51293f8f6f9b3b4c
7817Author: Damien Miller <djm@mindrot.org>
7818Date:   Sat Dec 7 11:35:36 2013 +1100
7819
7820     - [Makefile.in] Add ed25519 sources
7821
7822commit ca570a519cb846da61d002c7f46fa92e39c83e45
7823Author: Damien Miller <djm@mindrot.org>
7824Date:   Sat Dec 7 11:29:09 2013 +1100
7825
7826       - djm@cvs.openbsd.org 2013/12/07 00:19:15
7827         [key.c]
7828         set k->cert = NULL after freeing it
7829
7830commit 3cccc0e155229a2f2d86b6df40bd4559b4f960ff
7831Author: Damien Miller <djm@mindrot.org>
7832Date:   Sat Dec 7 11:27:47 2013 +1100
7833
7834     - [blocks.c ed25519.c fe25519.c fe25519.h ge25519.c ge25519.h]
7835       [ge25519_base.data hash.c sc25519.c sc25519.h verify.c] Fix RCS idents
7836
7837commit a7827c11b3f0380b7e593664bd62013ff9c131db
7838Author: Damien Miller <djm@mindrot.org>
7839Date:   Sat Dec 7 11:24:30 2013 +1100
7840
7841       - jmc@cvs.openbsd.org 2013/12/06 15:29:07
7842         [sshd.8]
7843         missing comma;
7844
7845commit 5be9d9e3cbd9c66f24745d25bf2e809c1d158ee0
7846Author: Damien Miller <djm@mindrot.org>
7847Date:   Sat Dec 7 11:24:01 2013 +1100
7848
7849       - markus@cvs.openbsd.org 2013/12/06 13:39:49
7850         [authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
7851         [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
7852         [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
7853         [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
7854         [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
7855         support ed25519 keys (hostkeys and user identities) using the public
7856         domain ed25519 reference code from SUPERCOP, see
7857         http://ed25519.cr.yp.to/software.html
7858         feedback, help & ok djm@
7859
7860commit bcd00abd8451f36142ae2ee10cc657202149201e
7861Author: Damien Miller <djm@mindrot.org>
7862Date:   Sat Dec 7 10:41:55 2013 +1100
7863
7864       - markus@cvs.openbsd.org 2013/12/06 13:34:54
7865         [authfile.c authfile.h cipher.c cipher.h key.c packet.c ssh-agent.c]
7866         [ssh-keygen.c PROTOCOL.key] new private key format, bcrypt as KDF by
7867         default; details in PROTOCOL.key; feedback and lots help from djm;
7868         ok djm@
7869
7870commit f0e9060d236c0e38bec2fa1c6579fb0a2ea6458d
7871Author: Damien Miller <djm@mindrot.org>
7872Date:   Sat Dec 7 10:40:26 2013 +1100
7873
7874       - markus@cvs.openbsd.org 2013/12/06 13:30:08
7875         [authfd.c key.c key.h ssh-agent.c]
7876         move private key (de)serialization to key.c; ok djm
7877
7878commit 0f8536da23a6ef26e6495177c0d8a4242b710289
7879Author: Damien Miller <djm@mindrot.org>
7880Date:   Sat Dec 7 10:31:37 2013 +1100
7881
7882       - djm@cvs.openbsd.org 2013/12/06 03:40:51
7883         [ssh-keygen.c]
7884         remove duplicated character ('g') in getopt() string;
7885         document the (few) remaining option characters so we don't have to
7886         rummage next time.
7887
7888commit 393920745fd328d3fe07f739a3cf7e1e6db45b60
7889Author: Damien Miller <djm@mindrot.org>
7890Date:   Sat Dec 7 10:31:08 2013 +1100
7891
7892       - djm@cvs.openbsd.org 2013/12/05 22:59:45
7893         [sftp-client.c]
7894         fix memory leak in error path in do_readdir(); pointed out by
7895         Loganaden Velvindron @ AfriNIC in bz#2163
7896
7897commit 534b2ccadea5e5e9a8b27226e6faac3ed5552e97
7898Author: Damien Miller <djm@mindrot.org>
7899Date:   Thu Dec 5 14:07:27 2013 +1100
7900
7901       - djm@cvs.openbsd.org 2013/12/05 01:16:41
7902         [servconf.c servconf.h]
7903         bz#2161 - fix AuthorizedKeysCommand inside a Match block and
7904         rearrange things so the same error is harder to make next time;
7905         with and ok dtucker@
7906
7907commit 8369c8e61a3408ec6bb75755fad4ffce29b5fdbe
7908Author: Darren Tucker <dtucker@zip.com.au>
7909Date:   Thu Dec 5 11:00:16 2013 +1100
7910
7911     - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct
7912       -L location for libedit.  Patch from Serge van den Boom.
7913
7914commit 9275df3e0a2a3bc3897f7d664ea86a425c8a092d
7915Author: Damien Miller <djm@mindrot.org>
7916Date:   Thu Dec 5 10:26:32 2013 +1100
7917
7918       - djm@cvs.openbsd.org 2013/12/04 04:20:01
7919         [sftp-client.c]
7920         bz#2171: don't leak local_fd on error; from Loganaden Velvindron @
7921         AfriNIC
7922
7923commit 960f6a2b5254e4da082d8aa3700302ed12dc769a
7924Author: Damien Miller <djm@mindrot.org>
7925Date:   Thu Dec 5 10:26:14 2013 +1100
7926
7927       - djm@cvs.openbsd.org 2013/12/02 03:13:14
7928         [cipher.c]
7929         correct bzero of chacha20+poly1305 key context. bz#2177 from
7930         Loganaden Velvindron @ AfriNIC
7931
7932         Also make it a memset for consistency with the rest of cipher.c
7933
7934commit f7e8a8796d661c9d6692ab837e1effd4f5ada1c2
7935Author: Damien Miller <djm@mindrot.org>
7936Date:   Thu Dec 5 10:25:51 2013 +1100
7937
7938       - djm@cvs.openbsd.org 2013/12/02 03:09:22
7939         [key.c]
7940         make key_to_blob() return a NULL blob on failure; part of
7941         bz#2175 from Loganaden Velvindron @ AfriNIC
7942
7943commit f1e44ea9d9a6d4c1a95a0024132e603bd1778c9c
7944Author: Damien Miller <djm@mindrot.org>
7945Date:   Thu Dec 5 10:23:21 2013 +1100
7946
7947       - djm@cvs.openbsd.org 2013/12/02 02:56:17
7948         [ssh-pkcs11-helper.c]
7949         use-after-free; bz#2175 patch from Loganaden Velvindron @ AfriNIC
7950
7951commit 114e540b15d57618f9ebf624264298f80bbd8c77
7952Author: Damien Miller <djm@mindrot.org>
7953Date:   Thu Dec 5 10:22:57 2013 +1100
7954
7955       - djm@cvs.openbsd.org 2013/12/02 02:50:27
7956         [PROTOCOL.chacha20poly1305]
7957         typo; from Jon Cave
7958
7959commit e4870c090629e32f2cb649dc16d575eeb693f4a8
7960Author: Damien Miller <djm@mindrot.org>
7961Date:   Thu Dec 5 10:22:39 2013 +1100
7962
7963       - djm@cvs.openbsd.org 2013/12/01 23:19:05
7964         [PROTOCOL]
7965         mention curve25519-sha256@libssh.org key exchange algorithm
7966
7967commit 1d2f8804a6d33a4e908b876b2e1266b8260ec76b
7968Author: Damien Miller <djm@mindrot.org>
7969Date:   Thu Dec 5 10:22:03 2013 +1100
7970
7971       - deraadt@cvs.openbsd.org 2013/11/26 19:15:09
7972         [pkcs11.h]
7973         cleanup 1 << 31 idioms.  Resurrection of this issue pointed out by
7974         Eitan Adler ok markus for ssh, implies same change in kerberosV
7975
7976commit bdb352a54f82df94a548e3874b22f2d6ae90328d
7977Author: Damien Miller <djm@mindrot.org>
7978Date:   Thu Dec 5 10:20:52 2013 +1100
7979
7980       - jmc@cvs.openbsd.org 2013/11/26 12:14:54
7981         [ssh.1 ssh.c]
7982         - put -Q in the right place
7983         - Ar was a poor choice for the arguments to -Q. i've chosen an
7984           admittedly equally poor Cm, at least consistent with the rest
7985           of the docs. also no need for multiple instances
7986         - zap a now redundant Nm
7987         - usage() sync
7988
7989commit d937dc084a087090f1cf5395822c3ac958d33759
7990Author: Damien Miller <djm@mindrot.org>
7991Date:   Thu Dec 5 10:19:54 2013 +1100
7992
7993       - deraadt@cvs.openbsd.org 2013/11/25 18:04:21
7994         [ssh.1 ssh.c]
7995         improve -Q usage and such.  One usage change is that the option is now
7996         case-sensitive
7997         ok dtucker markus djm
7998
7999commit dec0393f7ee8aabc7d9d0fc2c5fddb4bc649112e
8000Author: Damien Miller <djm@mindrot.org>
8001Date:   Thu Dec 5 10:18:43 2013 +1100
8002
8003       - jmc@cvs.openbsd.org 2013/11/21 08:05:09
8004         [ssh_config.5 sshd_config.5]
8005         no need for .Pp before displays;
8006
8007commit 8a073cf57940aabf85e49799f89f5d5e9b072c1b
8008Author: Damien Miller <djm@mindrot.org>
8009Date:   Thu Nov 21 14:26:18 2013 +1100
8010
8011       - djm@cvs.openbsd.org 2013/11/21 03:18:51
8012         [regress/cipher-speed.sh regress/integrity.sh regress/rekey.sh]
8013         [regress/try-ciphers.sh]
8014         use new "ssh -Q cipher-auth" query to obtain lists of authenticated
8015         encryption ciphers instead of specifying them manually; ensures that
8016         the new chacha20poly1305@openssh.com mode is tested;
8017
8018         ok markus@ and naddy@ as part of the diff to add
8019         chacha20poly1305@openssh.com
8020
8021commit ea61b2179f63d48968dd2c9617621002bb658bfe
8022Author: Damien Miller <djm@mindrot.org>
8023Date:   Thu Nov 21 14:25:15 2013 +1100
8024
8025       - djm@cvs.openbsd.org 2013/11/21 03:16:47
8026         [regress/modpipe.c]
8027         use unsigned long long instead of u_int64_t here to avoid warnings
8028         on some systems portable OpenSSH is built on.
8029
8030commit 36aba25b0409d2db6afc84d54bc47a2532d38424
8031Author: Damien Miller <djm@mindrot.org>
8032Date:   Thu Nov 21 14:24:42 2013 +1100
8033
8034       - djm@cvs.openbsd.org 2013/11/21 03:15:46
8035         [regress/krl.sh]
8036         add some reminders for additional tests that I'd like to implement
8037
8038commit fa7a20bc289f09b334808d988746bc260a2f60c9
8039Author: Damien Miller <djm@mindrot.org>
8040Date:   Thu Nov 21 14:24:08 2013 +1100
8041
8042       - naddy@cvs.openbsd.org 2013/11/18 05:09:32
8043         [regress/forward-control.sh]
8044         bump timeout to 10 seconds to allow slow machines (e.g. Alpha PC164)
8045         to successfully run this; ok djm@
8046         (ID sync only; our timeouts are already longer)
8047
8048commit 0fde8acdad78a4d20cadae974376cc0165f645ee
8049Author: Damien Miller <djm@mindrot.org>
8050Date:   Thu Nov 21 14:12:23 2013 +1100
8051
8052       - djm@cvs.openbsd.org 2013/11/21 00:45:44
8053         [Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
8054         [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
8055         [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
8056         [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
8057         cipher "chacha20-poly1305@openssh.com" that combines Daniel
8058         Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
8059         authenticated encryption mode.
8060
8061         Inspired by and similar to Adam Langley's proposal for TLS:
8062         http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
8063         but differs in layout used for the MAC calculation and the use of a
8064         second ChaCha20 instance to separately encrypt packet lengths.
8065         Details are in the PROTOCOL.chacha20poly1305 file.
8066
8067         Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
8068         ok markus@ naddy@
8069
8070commit fdb2306acdc3eb2bc46b6dfdaaf6005c650af22a
8071Author: Damien Miller <djm@mindrot.org>
8072Date:   Thu Nov 21 13:57:15 2013 +1100
8073
8074       - deraadt@cvs.openbsd.org 2013/11/20 20:54:10
8075         [canohost.c clientloop.c match.c readconf.c sftp.c]
8076         unsigned casts for ctype macros where neccessary
8077         ok guenther millert markus
8078
8079commit e00167307e4d3692695441e9bd712f25950cb894
8080Author: Damien Miller <djm@mindrot.org>
8081Date:   Thu Nov 21 13:56:49 2013 +1100
8082
8083       - deraadt@cvs.openbsd.org 2013/11/20 20:53:10
8084         [scp.c]
8085         unsigned casts for ctype macros where neccessary
8086         ok guenther millert markus
8087
8088commit 23e00aa6ba9eee0e0c218f2026bf405ad4625832
8089Author: Damien Miller <djm@mindrot.org>
8090Date:   Thu Nov 21 13:56:28 2013 +1100
8091
8092       - djm@cvs.openbsd.org 2013/11/20 02:19:01
8093         [sshd.c]
8094         delay closure of in/out fds until after "Bad protocol version
8095         identification..." message, as get_remote_ipaddr/get_remote_port
8096         require them open.
8097
8098commit 867e6934be6521f87f04a5ab86702e2d1b314245
8099Author: Damien Miller <djm@mindrot.org>
8100Date:   Thu Nov 21 13:56:06 2013 +1100
8101
8102       - markus@cvs.openbsd.org 2013/11/13 13:48:20
8103         [ssh-pkcs11.c]
8104         add missing braces found by pedro
8105
8106commit 0600c7020f4fe68a780bd7cf21ff541a8d4b568a
8107Author: Damien Miller <djm@mindrot.org>
8108Date:   Thu Nov 21 13:55:43 2013 +1100
8109
8110       - dtucker@cvs.openbsd.org 2013/11/08 11:15:19
8111         [bufaux.c bufbn.c buffer.c sftp-client.c sftp-common.c sftp-glob.c]
8112         [uidswap.c] Include stdlib.h for free() as per the man page.
8113
8114commit b6a75b0b93b8faa6f79c3a395ab6c71f3f880b80
8115Author: Darren Tucker <dtucker@zip.com.au>
8116Date:   Sun Nov 10 20:25:22 2013 +1100
8117
8118     - (dtucker) [regress/keytype.sh] Populate ECDSA key types to be tested by
8119       querying the ones that are compiled in.
8120
8121commit 2c89430119367eb1bc96ea5ee55de83357e4c926
8122Author: Darren Tucker <dtucker@zip.com.au>
8123Date:   Sun Nov 10 12:38:42 2013 +1100
8124
8125     - (dtucker) [key.c] Check for the correct defines for NID_secp521r1.
8126
8127commit dd5264db5f641dbd03186f9e5e83e4b14b3d0003
8128Author: Darren Tucker <dtucker@zip.com.au>
8129Date:   Sat Nov 9 22:32:51 2013 +1100
8130
8131     - (dtucker) [configure.ac] Add missing "test".
8132
8133commit 95cb2d4eb08117be061f3ff076adef3e9a5372c3
8134Author: Darren Tucker <dtucker@zip.com.au>
8135Date:   Sat Nov 9 22:02:31 2013 +1100
8136
8137     - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test.
8138
8139commit 37bcef51b3d9d496caecea6394814d2f49a1357f
8140Author: Darren Tucker <dtucker@zip.com.au>
8141Date:   Sat Nov 9 18:39:25 2013 +1100
8142
8143     - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of
8144       NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
8145       latter actually works before using it.  Fedora (at least) has NID_secp521r1
8146       that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
8147
8148commit 6e2fe81f926d995bae4be4a6b5b3c88c1c525187
8149Author: Darren Tucker <dtucker@zip.com.au>
8150Date:   Sat Nov 9 16:55:03 2013 +1100
8151
8152       - dtucker@cvs.openbsd.org 2013/11/09 05:41:34
8153         [regress/test-exec.sh regress/rekey.sh]
8154         Use smaller test data files to speed up tests.  Grow test datafiles
8155         where necessary for a specific test.
8156
8157commit aff7ef1bb8b7c1eeb1f4812129091c5adbf51848
8158Author: Darren Tucker <dtucker@zip.com.au>
8159Date:   Sat Nov 9 00:19:22 2013 +1100
8160
8161     - (dtucker) [contrib/cygwin/ssh-host-config] Simplify host key generation:
8162       rather than testing and generating each key, call ssh-keygen -A.
8163       Patch from vinschen at redhat.com.
8164
8165commit 882abfd3fb3c98cfe70b4fc79224770468b570a5
8166Author: Darren Tucker <dtucker@zip.com.au>
8167Date:   Sat Nov 9 00:17:41 2013 +1100
8168
8169     - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform
8170       and pass in TEST_ENV.  Unknown options cause stderr to get polluted
8171       and the stderr-data test to fail.
8172
8173commit 8c333ec23bdf7da917aa20ac6803a2cdd79182c5
8174Author: Darren Tucker <dtucker@zip.com.au>
8175Date:   Fri Nov 8 21:12:58 2013 +1100
8176
8177     - (dtucker) [openbsd-compat/bsd-poll.c] Add headers to prevent compile
8178       warnings.
8179
8180commit d94240b2f6b376b6e9de187e4a0cd4b89dfc48cb
8181Author: Darren Tucker <dtucker@zip.com.au>
8182Date:   Fri Nov 8 21:10:04 2013 +1100
8183
8184     - (dtucker) [myproposal.h] Conditionally enable CURVE25519_SHA256.
8185
8186commit 1c8ce34909886288a3932dce770deec5449f7bb5
8187Author: Darren Tucker <dtucker@zip.com.au>
8188Date:   Fri Nov 8 19:50:32 2013 +1100
8189
8190     - (dtucker) [kex.c] Only enable CURVE25519_SHA256 if we actually have
8191       EVP_sha256.
8192
8193commit ccdb9bec46bcc88549b26a94aa0bae2b9f51031c
8194Author: Darren Tucker <dtucker@zip.com.au>
8195Date:   Fri Nov 8 18:54:38 2013 +1100
8196
8197     - (dtucker) [openbsd-compat/openbsd-compat.h] Add null implementation of
8198       arc4random_stir for platforms that have arc4random but don't have
8199       arc4random_stir (right now this is only OpenBSD -current).
8200
8201commit 3420a50169b52cc8d2775d51316f9f866c73398f
8202Author: Damien Miller <djm@mindrot.org>
8203Date:   Fri Nov 8 16:48:13 2013 +1100
8204
8205     - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
8206       [contrib/suse/openssh.spec] Update version numbers following release.
8207
8208commit 3ac4a234df842fd8c94d9cb0ad198e1fe84b895b
8209Author: Damien Miller <djm@mindrot.org>
8210Date:   Fri Nov 8 12:39:49 2013 +1100
8211
8212       - djm@cvs.openbsd.org 2013/11/08 01:38:11
8213         [version.h]
8214         openssh-6.4
8215
8216commit 6c81fee693038de7d4a5559043350391db2a2761
8217Author: Damien Miller <djm@mindrot.org>
8218Date:   Fri Nov 8 12:19:55 2013 +1100
8219
8220       - djm@cvs.openbsd.org 2013/11/08 00:39:15
8221         [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
8222         [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
8223         [sftp-client.c sftp-glob.c]
8224         use calloc for all structure allocations; from markus@
8225
8226commit 690d989008e18af3603a5e03f1276c9bad090370
8227Author: Damien Miller <djm@mindrot.org>
8228Date:   Fri Nov 8 12:16:49 2013 +1100
8229
8230       - dtucker@cvs.openbsd.org 2013/11/07 11:58:27
8231         [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
8232         Output the effective values of Ciphers, MACs and KexAlgorithms when
8233         the default has not been overridden.  ok markus@
8234
8235commit 08998c5fb9c7c1d248caa73b76e02ca0482e6d85
8236Author: Darren Tucker <dtucker@zip.com.au>
8237Date:   Fri Nov 8 12:11:46 2013 +1100
8238
8239        - dtucker@cvs.openbsd.org 2013/11/08 01:06:14
8240          [regress/rekey.sh]
8241          Rekey less frequently during tests to speed them up
8242
8243commit 4bf7e50e533aa956366df7402c132f202e841a48
8244Author: Darren Tucker <dtucker@zip.com.au>
8245Date:   Thu Nov 7 22:33:48 2013 +1100
8246
8247     - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment
8248       variable.  It's no longer used now that we get the supported MACs from
8249       ssh -Q.
8250
8251commit 6e9d6f411288374d1dee4b7debbfa90bc7e73035
8252Author: Darren Tucker <dtucker@zip.com.au>
8253Date:   Thu Nov 7 15:32:37 2013 +1100
8254
8255       - dtucker@cvs.openbsd.org 2013/11/07 04:26:56
8256         [regress/kextype.sh]
8257         trailing space
8258
8259commit 74cbc22529f3e5de756e1b7677b7624efb28f62c
8260Author: Darren Tucker <dtucker@zip.com.au>
8261Date:   Thu Nov 7 15:26:12 2013 +1100
8262
8263       - dtucker@cvs.openbsd.org 2013/11/07 03:55:41
8264         [regress/kextype.sh]
8265         Use ssh -Q to get kex types instead of a static list.
8266
8267commit a955041c930e63405159ff7d25ef14272f36eab3
8268Author: Darren Tucker <dtucker@zip.com.au>
8269Date:   Thu Nov 7 15:21:19 2013 +1100
8270
8271       - dtucker@cvs.openbsd.org 2013/11/07 02:48:38
8272         [regress/integrity.sh regress/cipher-speed.sh regress/try-ciphers.sh]
8273         Use ssh -Q instead of hardcoding lists of ciphers or MACs.
8274
8275commit 06595d639577577bc15d359e037a31eb83563269
8276Author: Darren Tucker <dtucker@zip.com.au>
8277Date:   Thu Nov 7 15:08:02 2013 +1100
8278
8279       - dtucker@cvs.openbsd.org 2013/11/07 01:12:51
8280         [regress/rekey.sh]
8281         Factor out the data transfer rekey tests
8282
8283commit 651dc8b2592202dac6b16ee3b82ce5b331be7da3
8284Author: Darren Tucker <dtucker@zip.com.au>
8285Date:   Thu Nov 7 15:04:44 2013 +1100
8286
8287       - dtucker@cvs.openbsd.org 2013/11/07 00:12:05
8288         [regress/rekey.sh]
8289         Test rekeying for every Cipher, MAC and KEX, plus test every KEX with
8290         the GCM ciphers.
8291
8292commit 234557762ba1096a867ca6ebdec07efebddb5153
8293Author: Darren Tucker <dtucker@zip.com.au>
8294Date:   Thu Nov 7 15:00:51 2013 +1100
8295
8296       - dtucker@cvs.openbsd.org 2013/11/04 12:27:42
8297         [regress/rekey.sh]
8298         Test rekeying with all KexAlgorithms.
8299
8300commit bbfb9b0f386aab0c3e19d11f136199ef1b9ad0ef
8301Author: Darren Tucker <dtucker@zip.com.au>
8302Date:   Thu Nov 7 14:56:43 2013 +1100
8303
8304       - markus@cvs.openbsd.org 2013/11/02 22:39:53
8305         [regress/kextype.sh]
8306         add curve25519-sha256@libssh.org
8307
8308commit aa19548a98c0f89283ebd7354abd746ca6bc4fdf
8309Author: Darren Tucker <dtucker@zip.com.au>
8310Date:   Thu Nov 7 14:50:09 2013 +1100
8311
8312       - djm@cvs.openbsd.org 2013/10/09 23:44:14
8313         [regress/Makefile] (ID sync only)
8314         regression test for sftp request white/blacklisting and readonly mode.
8315
8316commit c8908aabff252f5da772d4e679479c2b7d18cac1
8317Author: Damien Miller <djm@mindrot.org>
8318Date:   Thu Nov 7 13:38:35 2013 +1100
8319
8320       - djm@cvs.openbsd.org 2013/11/06 23:05:59
8321         [ssh-pkcs11.c]
8322         from portable: s/true/true_val/ to avoid name collisions on dump platforms
8323         RCSID sync only
8324
8325commit 49c145c5e89b9d7d48e84328d6347d5ad640b567
8326Author: Damien Miller <djm@mindrot.org>
8327Date:   Thu Nov 7 13:35:39 2013 +1100
8328
8329       - markus@cvs.openbsd.org 2013/11/06 16:52:11
8330         [monitor_wrap.c]
8331         fix rekeying for AES-GCM modes; ok deraadt
8332
8333commit 67a8800f290b39fd60e379988c700656ae3f2539
8334Author: Damien Miller <djm@mindrot.org>
8335Date:   Thu Nov 7 13:32:51 2013 +1100
8336
8337       - markus@cvs.openbsd.org 2013/11/04 11:51:16
8338         [monitor.c]
8339         fix rekeying for KEX_C25519_SHA256; noted by dtucker@
8340         RCSID sync only; I thought this was a merge botch and fixed it already
8341
8342commit df8b030b15fcec7baf38ec7944f309f9ca8cc9a7
8343Author: Damien Miller <djm@mindrot.org>
8344Date:   Thu Nov 7 13:28:16 2013 +1100
8345
8346     - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms
8347       that lack it but have arc4random_uniform()
8348
8349commit a6fd1d3c38a562709374a70fa76423859160aa90
8350Author: Damien Miller <djm@mindrot.org>
8351Date:   Thu Nov 7 12:03:26 2013 +1100
8352
8353     - (djm) [regress/modpipe.c regress/rekey.sh] Never intended to commit these
8354
8355commit c98319750b0bbdd0d1794420ec97d65dd9244613
8356Author: Damien Miller <djm@mindrot.org>
8357Date:   Thu Nov 7 12:00:23 2013 +1100
8358
8359     - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diff
8360
8361commit 61c5c2319e84a58210810d39b062c8b8e3321160
8362Author: Damien Miller <djm@mindrot.org>
8363Date:   Thu Nov 7 11:34:14 2013 +1100
8364
8365     - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
8366       that got lost in recent merge.
8367
8368commit 094003f5454a9f5a607674b2739824a7e91835f4
8369Author: Damien Miller <djm@mindrot.org>
8370Date:   Mon Nov 4 22:59:27 2013 +1100
8371
8372     - (djm) [kexc25519.c kexc25519c.c kexc25519s.c] Import missed files from
8373       KEX/curve25519 change
8374
8375commit ca67a7eaf8766499ba67801d0be8cdaa550b9a50
8376Author: Damien Miller <djm@mindrot.org>
8377Date:   Mon Nov 4 09:05:17 2013 +1100
8378
8379       - djm@cvs.openbsd.org 2013/11/03 10:37:19
8380         [roaming_common.c]
8381         fix a couple of function definitions foo() -> foo(void)
8382         (-Wold-style-definition)
8383
8384commit 0bd8f1519d51af8d4229be81e8f2f4903a1d440b
8385Author: Damien Miller <djm@mindrot.org>
8386Date:   Mon Nov 4 08:55:43 2013 +1100
8387
8388       - markus@cvs.openbsd.org 2013/11/02 22:39:19
8389         [ssh_config.5 sshd_config.5]
8390         the default kex is now curve25519-sha256@libssh.org
8391
8392commit 4c3ba0767fbe4a8a2a748df4035aaf86651f6b30
8393Author: Damien Miller <djm@mindrot.org>
8394Date:   Mon Nov 4 08:40:13 2013 +1100
8395
8396       - markus@cvs.openbsd.org 2013/11/02 22:34:01
8397         [auth-options.c]
8398         no need to include monitor_wrap.h and ssh-gss.h
8399
8400commit 660621b2106b987b874c2f120218bec249d0f6ba
8401Author: Damien Miller <djm@mindrot.org>
8402Date:   Mon Nov 4 08:37:51 2013 +1100
8403
8404       - markus@cvs.openbsd.org 2013/11/02 22:24:24
8405         [kexdhs.c kexecdhs.c]
8406         no need to include ssh-gss.h
8407
8408commit abdca986decfbbc008c895195b85e879ed460ada
8409Author: Damien Miller <djm@mindrot.org>
8410Date:   Mon Nov 4 08:30:05 2013 +1100
8411
8412       - markus@cvs.openbsd.org 2013/11/02 22:10:15
8413         [kexdhs.c kexecdhs.c]
8414         no need to include monitor_wrap.h
8415
8416commit 1e1242604eb0fd510fe93f81245c529237ffc513
8417Author: Damien Miller <djm@mindrot.org>
8418Date:   Mon Nov 4 08:26:52 2013 +1100
8419
8420       - markus@cvs.openbsd.org 2013/11/02 21:59:15
8421         [kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
8422         use curve25519 for default key exchange (curve25519-sha256@libssh.org);
8423         initial patch from Aris Adamantiadis; ok djm@
8424
8425commit d2252c79191d069372ed6effce7c7a2de93448cd
8426Author: Damien Miller <djm@mindrot.org>
8427Date:   Mon Nov 4 07:41:48 2013 +1100
8428
8429       - markus@cvs.openbsd.org 2013/11/02 20:03:54
8430         [ssh-pkcs11.c]
8431         support pkcs#11 tokes that only provide x509 zerts instead of raw pubkeys;
8432         fixes bz#1908; based on patch from Laurent Barbe; ok djm
8433
8434commit 007e3b357e880caa974d5adf9669298ba0751c78
8435Author: Darren Tucker <dtucker@zip.com.au>
8436Date:   Sun Nov 3 18:43:55 2013 +1100
8437
8438     - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t
8439       for platforms that don't have them.
8440
8441commit 710f3747352fb93a63e5b69b12379da37f5b3fa9
8442Author: Darren Tucker <dtucker@zip.com.au>
8443Date:   Sun Nov 3 17:20:34 2013 +1100
8444
8445     - (dtucker) [openbsd-compat/setproctitle.c] Handle error case form the 2nd
8446       vsnprintf.  From eric at openbsd via chl@.
8447
8448commit d52770452308e5c2e99f4da6edaaa77ef078b610
8449Author: Darren Tucker <dtucker@zip.com.au>
8450Date:   Sun Nov 3 16:30:46 2013 +1100
8451
8452     - (dtucker) [openbsd-compat/bsd-misc.c] Include time.h for nanosleep.
8453       From OpenSMTPD where it prevents "implicit declaration" warnings (it's
8454       a no-op in OpenSSH).  From chl at openbsd.
8455
8456commit 63857c9340d3482746a5622ffdacc756751f6448
8457Author: Damien Miller <djm@mindrot.org>
8458Date:   Wed Oct 30 22:31:06 2013 +1100
8459
8460       - jmc@cvs.openbsd.org 2013/10/29 18:49:32
8461         [sshd_config.5]
8462         pty(4), not pty(7);
8463
8464commit 5ff30c6b68adeee767dd29bf2369763c6a13c0b3
8465Author: Damien Miller <djm@mindrot.org>
8466Date:   Wed Oct 30 22:21:50 2013 +1100
8467
8468       - djm@cvs.openbsd.org 2013/10/29 09:48:02
8469         [servconf.c servconf.h session.c sshd_config sshd_config.5]
8470         shd_config PermitTTY to disallow TTY allocation, mirroring the
8471         longstanding no-pty authorized_keys option;
8472         bz#2070, patch from Teran McKinney; ok markus@
8473
8474commit 4a3a9d4bbf8048473f5cc202cd8db7164d5e6b8d
8475Author: Damien Miller <djm@mindrot.org>
8476Date:   Wed Oct 30 22:19:47 2013 +1100
8477
8478       - djm@cvs.openbsd.org 2013/10/29 09:42:11
8479         [key.c key.h]
8480         fix potential stack exhaustion caused by nested certificates;
8481         report by Mateusz Kocielski; ok dtucker@ markus@
8482
8483commit 28631ceaa7acd9bc500f924614431542893c6a21
8484Author: Damien Miller <djm@mindrot.org>
8485Date:   Sat Oct 26 10:07:56 2013 +1100
8486
8487       - djm@cvs.openbsd.org 2013/10/25 23:04:51
8488         [ssh.c]
8489         fix crash when using ProxyCommand caused by previous commit - was calling
8490         freeaddrinfo(NULL); spotted by sthen@ and Tim Ruehsen, patch by sthen@
8491
8492commit 26506ad29350c5681815745cc90b3952a84cf118
8493Author: Damien Miller <djm@mindrot.org>
8494Date:   Sat Oct 26 10:05:46 2013 +1100
8495
8496     - (djm) [ssh-keygen.c ssh-keysign.c sshconnect1.c sshd.c] Remove
8497       unnecessary arc4random_stir() calls. The only ones left are to ensure
8498       that the PRNG gets a different state after fork() for platforms that
8499       have broken the API.
8500
8501commit bd43e8872325e9bbb3319c89da593614709f317c
8502Author: Tim Rice <tim@multitalents.net>
8503Date:   Thu Oct 24 12:22:49 2013 -0700
8504
8505     - (tim) [regress/sftp-perm.sh] We need a shell that understands "! somecmd"
8506
8507commit a90c0338083ee0e4064c4bdf61f497293a699be0
8508Author: Damien Miller <djm@mindrot.org>
8509Date:   Thu Oct 24 21:03:17 2013 +1100
8510
8511       - djm@cvs.openbsd.org 2013/10/24 08:19:36
8512         [ssh.c]
8513         fix bug introduced in hostname canonicalisation commit: don't try to
8514         resolve hostnames when a ProxyCommand is set unless the user has forced
8515         canonicalisation; spotted by Iain Morgan
8516
8517commit cf31f3863425453ffcda540fbefa9df80088c8d1
8518Author: Damien Miller <djm@mindrot.org>
8519Date:   Thu Oct 24 21:02:56 2013 +1100
8520
8521       - dtucker@cvs.openbsd.org 2013/10/24 00:51:48
8522         [readconf.c servconf.c ssh_config.5 sshd_config.5]
8523         Disallow empty Match statements and add "Match all" which matches
8524         everything.  ok djm, man page help jmc@
8525
8526commit 4bedd4032a09ce87322ae5ea80f193f109e5c607
8527Author: Damien Miller <djm@mindrot.org>
8528Date:   Thu Oct 24 21:02:26 2013 +1100
8529
8530       - dtucker@cvs.openbsd.org 2013/10/24 00:49:49
8531         [moduli.c]
8532         Periodically print progress and, if possible, expected time to completion
8533         when screening moduli for DH groups.  ok deraadt djm
8534
8535commit 5ecb41629860687b145be63b8877fabb6bae5eda
8536Author: Damien Miller <djm@mindrot.org>
8537Date:   Thu Oct 24 21:02:02 2013 +1100
8538
8539       - djm@cvs.openbsd.org 2013/10/23 23:35:32
8540         [sshd.c]
8541         include local address and port in "Connection from ..." message (only
8542         shown at loglevel>=verbose)
8543
8544commit 03bf2e61ad6ac59a362a1f11b105586cb755c147
8545Author: Damien Miller <djm@mindrot.org>
8546Date:   Thu Oct 24 21:01:26 2013 +1100
8547
8548       - dtucker@cvs.openbsd.org 2013/10/23 05:40:58
8549         [servconf.c]
8550         fix comment
8551
8552commit 8f1873191478847773906af961c8984d02a49dd6
8553Author: Damien Miller <djm@mindrot.org>
8554Date:   Thu Oct 24 10:53:02 2013 +1100
8555
8556     - (djm) [auth-krb5.c] bz#2032 - use local username in krb5_kuserok check
8557       rather than full client name which may be of form user@REALM;
8558       patch from Miguel Sanders; ok dtucker@
8559
8560commit 5b01b0dcb417eb615df77e7ce1b59319bf04342c
8561Author: Damien Miller <djm@mindrot.org>
8562Date:   Wed Oct 23 16:31:31 2013 +1100
8563
8564       - djm@cvs.openbsd.org 2013/10/23 04:16:22
8565         [ssh-keygen.c]
8566         Make code match documentation: relative-specified certificate expiry time
8567         should be relative to current time and not the validity start time.
8568         Reported by Petr Lautrbach; ok deraadt@
8569
8570commit eff5cada589f25793dbe63a76aba9da39837a148
8571Author: Damien Miller <djm@mindrot.org>
8572Date:   Wed Oct 23 16:31:10 2013 +1100
8573
8574       - djm@cvs.openbsd.org 2013/10/23 03:05:19
8575         [readconf.c ssh.c]
8576         comment
8577
8578commit 084bcd24e9fe874020e4df4e073e7408e1b17fb7
8579Author: Damien Miller <djm@mindrot.org>
8580Date:   Wed Oct 23 16:30:51 2013 +1100
8581
8582       - djm@cvs.openbsd.org 2013/10/23 03:03:07
8583         [readconf.c]
8584         Hostname may have %h sequences that should be expanded prior to Match
8585         evaluation; spotted by Iain Morgan
8586
8587commit 8e5a67f46916def40b2758bb7755350dd2eee843
8588Author: Damien Miller <djm@mindrot.org>
8589Date:   Wed Oct 23 16:30:25 2013 +1100
8590
8591       - jmc@cvs.openbsd.org 2013/10/20 18:00:13
8592         [ssh_config.5]
8593         tweak the "exec" description, as worded by djm;
8594
8595commit c0049bd0bca02890cd792babc594771c563f91f2
8596Author: Damien Miller <djm@mindrot.org>
8597Date:   Wed Oct 23 16:29:59 2013 +1100
8598
8599       - djm@cvs.openbsd.org 2013/10/20 09:51:26
8600         [scp.1 sftp.1]
8601         add canonicalisation options to -o lists
8602
8603commit 8a04be795fc28514a09e55a54b2e67968f2e1b3a
8604Author: Damien Miller <djm@mindrot.org>
8605Date:   Wed Oct 23 16:29:40 2013 +1100
8606
8607       - djm@cvs.openbsd.org 2013/10/20 06:19:28
8608         [readconf.c ssh_config.5]
8609         rename "command" subclause of the recently-added "Match" keyword to
8610         "exec"; it's shorter, clearer in intent and we might want to add the
8611         ability to match against the command being executed at the remote end in
8612         the future.
8613
8614commit 5c86ebdf83b636b6741db4b03569ef4a53b89a58
8615Author: Damien Miller <djm@mindrot.org>
8616Date:   Wed Oct 23 16:29:12 2013 +1100
8617
8618       - djm@cvs.openbsd.org 2013/10/20 04:39:28
8619         [ssh_config.5]
8620         document % expansions performed by "Match command ..."
8621
8622commit 4502f88774edc56194707167443f94026d3c7cfa
8623Author: Damien Miller <djm@mindrot.org>
8624Date:   Fri Oct 18 10:17:36 2013 +1100
8625
8626       - djm@cvs.openbsd.org 2013/10/17 22:08:04
8627         [sshd.c]
8628         include remote port in bad banner message; bz#2162
8629
8630commit 1edcbf65ebd2febeaf10a836468f35e519eed7ca
8631Author: Damien Miller <djm@mindrot.org>
8632Date:   Fri Oct 18 10:17:17 2013 +1100
8633
8634       - jmc@cvs.openbsd.org 2013/10/17 07:35:48
8635         [sftp.1 sftp.c]
8636         tweak previous;
8637
8638commit a176e1823013dd8533a20235b3a5131f0626f46b
8639Author: Damien Miller <djm@mindrot.org>
8640Date:   Fri Oct 18 09:05:41 2013 +1100
8641
8642       - djm@cvs.openbsd.org 2013/10/09 23:44:14
8643         [regress/Makefile regress/sftp-perm.sh]
8644         regression test for sftp request white/blacklisting and readonly mode.
8645
8646commit e3ea09494dcfe7ba76536e95765c8328ecfc18fb
8647Author: Damien Miller <djm@mindrot.org>
8648Date:   Thu Oct 17 11:57:23 2013 +1100
8649
8650       - djm@cvs.openbsd.org 2013/10/17 00:46:49
8651         [ssh.c]
8652         rearrange check to reduce diff against -portable
8653         (Id sync only)
8654
8655commit f29238e67471a7f1088a99c3c3dbafce76b790cf
8656Author: Damien Miller <djm@mindrot.org>
8657Date:   Thu Oct 17 11:48:52 2013 +1100
8658
8659       - djm@cvs.openbsd.org 2013/10/17 00:30:13
8660         [PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
8661         fsync@openssh.com protocol extension for sftp-server
8662         client support to allow calling fsync() faster successful transfer
8663         patch mostly by imorgan AT nas.nasa.gov; bz#1798
8664         "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
8665
8666commit 51682faa599550a69d8120e5e2bdbdc0625ef4be
8667Author: Damien Miller <djm@mindrot.org>
8668Date:   Thu Oct 17 11:48:31 2013 +1100
8669
8670       - djm@cvs.openbsd.org 2013/10/16 22:58:01
8671         [ssh.c ssh_config.5]
8672         one I missed in previous: s/isation/ization/
8673
8674commit 3850559be93f1a442ae9ed370e8c389889dd5f72
8675Author: Damien Miller <djm@mindrot.org>
8676Date:   Thu Oct 17 11:48:13 2013 +1100
8677
8678       - djm@cvs.openbsd.org 2013/10/16 22:49:39
8679         [readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
8680         s/canonicalise/canonicalize/ for consistency with existing spelling,
8681         e.g. authorized_keys; pointed out by naddy@
8682
8683commit 607af3434b75acc7199a5d99d5a9c11068c01f27
8684Author: Damien Miller <djm@mindrot.org>
8685Date:   Thu Oct 17 11:47:51 2013 +1100
8686
8687       - jmc@cvs.openbsd.org 2013/10/16 06:42:25
8688         [ssh_config.5]
8689         tweak previous;
8690
8691commit 0faf747e2f77f0f7083bcd59cbed30c4b5448444
8692Author: Damien Miller <djm@mindrot.org>
8693Date:   Thu Oct 17 11:47:23 2013 +1100
8694
8695       - djm@cvs.openbsd.org 2013/10/16 02:31:47
8696         [readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5]
8697         [sshconnect.c sshconnect.h]
8698         Implement client-side hostname canonicalisation to allow an explicit
8699         search path of domain suffixes to use to convert unqualified host names
8700         to fully-qualified ones for host key matching.
8701         This is particularly useful for host certificates, which would otherwise
8702         need to list unqualified names alongside fully-qualified ones (and this
8703         causes a number of problems).
8704         "looks fine" markus@
8705
8706commit d77b81f856e078714ec6b0f86f61c20249b7ead4
8707Author: Damien Miller <djm@mindrot.org>
8708Date:   Thu Oct 17 11:39:00 2013 +1100
8709
8710       - jmc@cvs.openbsd.org 2013/10/15 14:10:25
8711         [ssh.1 ssh_config.5]
8712         tweak previous;
8713
8714commit dcd39f29ce3308dc74a0ff27a9056205a932ce05
8715Author: Damien Miller <djm@mindrot.org>
8716Date:   Thu Oct 17 11:31:40 2013 +1100
8717
8718     - [ssh.c] g/c unused variable.
8719
8720commit 5359a628ce3763408da25d83271a8eddec597a0c
8721Author: Damien Miller <djm@mindrot.org>
8722Date:   Tue Oct 15 12:20:37 2013 +1100
8723
8724     - [ssh.c] g/c unused variable.
8725
8726commit 386feab0c4736b054585ee8ee372865d5cde8d69
8727Author: Damien Miller <djm@mindrot.org>
8728Date:   Tue Oct 15 12:14:49 2013 +1100
8729
8730       - djm@cvs.openbsd.org 2013/10/14 23:31:01
8731         [ssh.c]
8732         whitespace at EOL; pointed out by markus@
8733
8734commit e9fc72edd6c313b670558cd5219601c38a949b67
8735Author: Damien Miller <djm@mindrot.org>
8736Date:   Tue Oct 15 12:14:12 2013 +1100
8737
8738       - djm@cvs.openbsd.org 2013/10/14 23:28:23
8739         [canohost.c misc.c misc.h readconf.c sftp-server.c ssh.c]
8740         refactor client config code a little:
8741         add multistate option partsing to readconf.c, similar to servconf.c's
8742         existing code.
8743         move checking of options that accept "none" as an argument to readconf.c
8744         add a lowercase() function and use it instead of explicit tolower() in
8745         loops
8746         part of a larger diff that was ok markus@
8747
8748commit 194fd904d8597a274b93e075b2047afdf5a175d4
8749Author: Damien Miller <djm@mindrot.org>
8750Date:   Tue Oct 15 12:13:05 2013 +1100
8751
8752       - djm@cvs.openbsd.org 2013/10/14 22:22:05
8753         [readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5]
8754         add a "Match" keyword to ssh_config that allows matching on hostname,
8755         user and result of arbitrary commands. "nice work" markus@
8756
8757commit 71df752de2a04f423b1cd18d961a79f4fbccbcee
8758Author: Damien Miller <djm@mindrot.org>
8759Date:   Tue Oct 15 12:12:02 2013 +1100
8760
8761       - djm@cvs.openbsd.org 2013/10/14 21:20:52
8762         [session.c session.h]
8763         Add logging of session starts in a useful format; ok markus@ feedback and
8764         ok dtucker@
8765
8766commit 6efab27109b82820e8d32a5d811adb7bfc354f65
8767Author: Damien Miller <djm@mindrot.org>
8768Date:   Tue Oct 15 12:07:05 2013 +1100
8769
8770       - jmc@cvs.openbsd.org 2013/10/14 14:18:56
8771         [sftp-server.8 sftp-server.c]
8772         tweak previous;
8773         ok djm
8774
8775commit 61c7de8a94156f6d7e9718ded9be8c65bb902b66
8776Author: Damien Miller <djm@mindrot.org>
8777Date:   Tue Oct 15 12:06:45 2013 +1100
8778
8779       - djm@cvs.openbsd.org 2013/10/11 02:53:45
8780         [sftp-client.h]
8781         obsolete comment
8782
8783commit 2f93d0556e4892208c9b072624caa8cc5ddd839d
8784Author: Damien Miller <djm@mindrot.org>
8785Date:   Tue Oct 15 12:06:27 2013 +1100
8786
8787       - djm@cvs.openbsd.org 2013/10/11 02:52:23
8788         [sftp-client.c]
8789         missed one arg reorder
8790
8791commit bda5c8445713ae592d969a5105ed1a65da22bc96
8792Author: Damien Miller <djm@mindrot.org>
8793Date:   Tue Oct 15 12:05:58 2013 +1100
8794
8795       - djm@cvs.openbsd.org 2013/10/11 02:45:36
8796         [sftp-client.c]
8797         rename flag arguments to be more clear and consistent.
8798         reorder some internal function arguments to make adding additional flags
8799         easier.
8800         no functional change
8801
8802commit 61ee4d68ca0fcc793a826fc7ec70f3b8ffd12ab6
8803Author: Damien Miller <djm@mindrot.org>
8804Date:   Tue Oct 15 11:56:47 2013 +1100
8805
8806       - djm@cvs.openbsd.org 2013/10/10 01:43:03
8807         [sshd.c]
8808         bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly
8809         updated; ok dtucker@
8810
8811commit 73600e51af9ee734a19767e0c084bbbc5eb5b8da
8812Author: Damien Miller <djm@mindrot.org>
8813Date:   Tue Oct 15 11:56:25 2013 +1100
8814
8815       - djm@cvs.openbsd.org 2013/10/10 00:53:25
8816         [sftp-server.c]
8817         add -Q, -P and -p to usage() before jmc@ catches me
8818
8819commit 6eaeebf27d92f39a38c772aa3f20c2250af2dd29
8820Author: Damien Miller <djm@mindrot.org>
8821Date:   Tue Oct 15 11:55:57 2013 +1100
8822
8823       - djm@cvs.openbsd.org 2013/10/09 23:42:17
8824         [sftp-server.8 sftp-server.c]
8825         Add ability to whitelist and/or blacklist sftp protocol requests by name.
8826         Refactor dispatch loop and consolidate read-only mode checks.
8827         Make global variables static, since sftp-server is linked into sshd(8).
8828         ok dtucker@
8829
8830commit df62d71e64d29d1054e7a53d1a801075ef70335f
8831Author: Darren Tucker <dtucker@zip.com.au>
8832Date:   Thu Oct 10 10:32:39 2013 +1100
8833
8834       - dtucker@cvs.openbsd.org 2013/10/08 11:42:13
8835         [dh.c dh.h]
8836         Increase the size of the Diffie-Hellman groups requested for a each
8837         symmetric key size.  New values from NIST Special Publication 800-57 with
8838         the upper limit specified by RFC4419.  Pointed out by Peter Backes, ok
8839         djm@.
8840
8841commit e6e52f8c5dc89a6767702e65bb595aaf7bc8991c
8842Author: Darren Tucker <dtucker@zip.com.au>
8843Date:   Thu Oct 10 10:28:07 2013 +1100
8844
8845       - djm@cvs.openbsd.org 2013/09/19 01:26:29
8846         [sshconnect.c]
8847         bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch from
8848         swp AT swp.pp.ru; ok dtucker@
8849
8850commit 71152bc9911bc34a98810b2398dac20df3fe8de3
8851Author: Darren Tucker <dtucker@zip.com.au>
8852Date:   Thu Oct 10 10:27:21 2013 +1100
8853
8854       - djm@cvs.openbsd.org 2013/09/19 01:24:46
8855         [channels.c]
8856         bz#1297 - tell the client (via packet_send_debug) when their preferred
8857         listen address has been overridden by the server's GatewayPorts;
8858         ok dtucker@
8859
8860commit b59aaf3c4f3f449a4b86d8528668bd979be9aa5f
8861Author: Darren Tucker <dtucker@zip.com.au>
8862Date:   Thu Oct 10 10:26:21 2013 +1100
8863
8864       - djm@cvs.openbsd.org 2013/09/19 00:49:12
8865         [sftp-client.c]
8866         fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
8867
8868commit 5d80e4522d6238bdefe9d0c634f0e6d35a241e41
8869Author: Darren Tucker <dtucker@zip.com.au>
8870Date:   Thu Oct 10 10:25:09 2013 +1100
8871
8872       - djm@cvs.openbsd.org 2013/09/19 00:24:52
8873         [progressmeter.c]
8874         store the initial file offset so the progress meter doesn't freak out
8875         when resuming sftp transfers. bz#2137; patch from Iain Morgan; ok dtucker@
8876
8877commit ad92df7e5ed26fea85adfb3f95352d6cd8e86344
8878Author: Darren Tucker <dtucker@zip.com.au>
8879Date:   Thu Oct 10 10:24:11 2013 +1100
8880
8881       - sthen@cvs.openbsd.org 2013/09/16 11:35:43
8882         [ssh_config]
8883         Remove gssapi config parts from ssh_config, as was already done for
8884         sshd_config.  Req by/ok ajacoutot@
8885         ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
8886
8887commit 720711960b130d36dfdd3d50eb25ef482bdd000e
8888Author: Damien Miller <djm@mindrot.org>
8889Date:   Wed Oct 9 10:44:47 2013 +1100
8890
8891     - (djm) [openbsd-compat/Makefile.in openbsd-compat/arc4random.c]
8892       [openbsd-compat/bsd-arc4random.c] Replace old RC4-based arc4random
8893       implementation with recent OpenBSD's ChaCha-based PRNG. ok dtucker@,
8894       tested tim@
8895
8896commit 9159310087a218e28940a592896808b8eb76a039
8897Author: Damien Miller <djm@mindrot.org>
8898Date:   Wed Oct 9 10:42:32 2013 +1100
8899
8900     - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull
8901       in OpenBSD implementation of arc4random, shortly to replace the existing
8902       bsd-arc4random.c
8903
8904commit 67f1d557a68d6fa8966a327d7b6dee3408cf0e72
8905Author: Damien Miller <djm@mindrot.org>
8906Date:   Wed Oct 9 09:33:08 2013 +1100
8907
8908    correct incorrect years in datestamps; from des
8909
8910commit f2bf36c3eb4d969f85ec8aa342e9aecb61cc8bb1
8911Author: Darren Tucker <dtucker@zip.com.au>
8912Date:   Sun Sep 22 19:02:40 2013 +1000
8913
8914     - (dtucker) [platform.c platform.h sshd.c] bz#2156: restore Linux oom_adj
8915       setting when handling SIGHUP to maintain behaviour over retart.  Patch
8916       from Matthew Ife.
8917
8918commit e90a06ae570fd259a2f5ced873c7f17390f535a5
8919Author: Darren Tucker <dtucker@zip.com.au>
8920Date:   Wed Sep 18 15:09:38 2013 +1000
8921
8922     - (dtucker) [sshd_config] Trailing whitespace; from jstjohn at purdue edu.
8923
8924commit 13840e0103946982cee2a05c40697be7e57dca41
8925Author: Damien Miller <djm@mindrot.org>
8926Date:   Sat Sep 14 09:49:43 2013 +1000
8927
8928       - djm@cvs.openbsd.org 2013/09/13 06:54:34
8929         [channels.c]
8930         avoid unaligned access in code that reused a buffer to send a
8931         struct in_addr in a reply; simpler just use use buffer_put_int();
8932         from portable; spotted by and ok dtucker@
8933
8934commit 70182522a47d283513a010338cd028cb80dac2ab
8935Author: Damien Miller <djm@mindrot.org>
8936Date:   Sat Sep 14 09:49:19 2013 +1000
8937
8938       - djm@cvs.openbsd.org 2013/09/12 01:41:12
8939         [clientloop.c]
8940         fix connection crash when sending break (~B) on ControlPersist'd session;
8941         ok dtucker@
8942
8943commit ff9d6c2a4171ee32e8fe28fc3b86eb33bd5c845b
8944Author: Damien Miller <djm@mindrot.org>
8945Date:   Sat Sep 14 09:48:55 2013 +1000
8946
8947       - sthen@cvs.openbsd.org 2013/09/07 13:53:11
8948         [sshd_config]
8949         Remove commented-out kerberos/gssapi config options from sample config,
8950         kerberos support is currently not enabled in ssh in OpenBSD. Discussed with
8951         various people; ok deraadt@
8952         ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
8953
8954commit 8bab5e7b5ff6721d926b5ebf05a3a24489889c58
8955Author: Damien Miller <djm@mindrot.org>
8956Date:   Sat Sep 14 09:47:00 2013 +1000
8957
8958       - deraadt@cvs.openbsd.org 2013/09/02 22:00:34
8959         [ssh-keygen.c sshconnect1.c sshd.c]
8960         All the instances of arc4random_stir() are bogus, since arc4random()
8961         does this itself, inside itself, and has for a very long time..  Actually,
8962         this was probably reducing the entropy available.
8963         ok djm
8964         ID SYNC ONLY for portable; we don't trust other arc4random implementations
8965         to do this right.
8966
8967commit 61353b3208d548fab863e0e0ac5d2400ee5bb340
8968Author: Damien Miller <djm@mindrot.org>
8969Date:   Sat Sep 14 09:45:32 2013 +1000
8970
8971       - djm@cvs.openbsd.org 2013/08/31 00:13:54
8972         [sftp.c]
8973         make ^w match ksh behaviour (delete previous word instead of entire line)
8974
8975commit 660854859cad31d234edb9353fb7ca2780df8128
8976Author: Damien Miller <djm@mindrot.org>
8977Date:   Sat Sep 14 09:45:03 2013 +1000
8978
8979       - mikeb@cvs.openbsd.org 2013/08/28 12:34:27
8980         [ssh-keygen.c]
8981         improve batch processing a bit by making use of the quite flag a bit
8982         more often and exit with a non zero code if asked to find a hostname
8983         in a known_hosts file and it wasn't there;
8984         originally from reyk@,  ok djm
8985
8986commit 045bda5cb8acf0eb9d71c275ee1247e3154fc9e5
8987Author: Damien Miller <djm@mindrot.org>
8988Date:   Sat Sep 14 09:44:37 2013 +1000
8989
8990       - djm@cvs.openbsd.org 2013/08/22 19:02:21
8991         [sshd.c]
8992         Stir PRNG after post-accept fork. The child gets a different PRNG state
8993         anyway via rexec and explicit privsep reseeds, but it's good to be sure.
8994         ok markus@
8995
8996commit ed4af412da60a084891b20412433a27966613fb8
8997Author: Damien Miller <djm@mindrot.org>
8998Date:   Sat Sep 14 09:40:51 2013 +1000
8999
9000    add marker for 6.3p1 release at the point of the last included change
9001
9002commit 43968a8e66a0aa1afefb11665bf96f86b113f5d9
9003Author: Damien Miller <djm@mindrot.org>
9004Date:   Wed Aug 28 14:00:54 2013 +1000
9005
9006     - (djm) [openbsd-compat/bsd-snprintf.c] #ifdef noytet for intmax_t bits
9007       until we have configure support.
9008
9009commit 04be8b9e53f8388c94b531ebc5d1bd6e10e930d1
9010Author: Damien Miller <djm@mindrot.org>
9011Date:   Wed Aug 28 12:49:43 2013 +1000
9012
9013     - (djm) [openbsd-compat/bsd-snprintf.c] teach our local snprintf code the
9014       'j' (intmax_t/uintmax_t) and 'z' (size_t/ssize_t) conversions in case we
9015       start to use them in the future.
9016
9017commit f2f6c315a920a256937e1b6a3702757f3195a592
9018Author: Damien Miller <djm@mindrot.org>
9019Date:   Wed Aug 21 02:44:58 2013 +1000
9020
9021       - jmc@cvs.openbsd.org 2013/08/20 06:56:07
9022         [ssh.1 ssh_config.5]
9023         some proxyusefdpass tweaks;
9024
9025commit 1262b6638f7d01ab110fd373dd90d915c882fe1a
9026Author: Damien Miller <djm@mindrot.org>
9027Date:   Wed Aug 21 02:44:24 2013 +1000
9028
9029       - djm@cvs.openbsd.org 2013/08/20 00:11:38
9030         [readconf.c readconf.h ssh_config.5 sshconnect.c]
9031         Add a ssh_config ProxyUseFDPass option that supports the use of
9032         ProxyCommands that establish a connection and then pass a connected
9033         file descriptor back to ssh(1). This allows the ProxyCommand to exit
9034         rather than have to shuffle data back and forth and enables ssh to use
9035         getpeername, etc. to obtain address information just like it does with
9036         regular directly-connected sockets. ok markus@
9037
9038commit b7727df37efde4dbe4f5a33b19cbf42022aabf66
9039Author: Damien Miller <djm@mindrot.org>
9040Date:   Wed Aug 21 02:43:49 2013 +1000
9041
9042       - jmc@cvs.openbsd.org 2013/08/14 08:39:27
9043         [scp.1 ssh.1]
9044         some Bx/Ox conversion;
9045         From: Jan Stary
9046
9047commit d5d9d7b1fdacf0551de4c747728bd159be40590a
9048Author: Damien Miller <djm@mindrot.org>
9049Date:   Wed Aug 21 02:43:27 2013 +1000
9050
9051       - djm@cvs.openbsd.org 2013/08/13 18:33:08
9052         [ssh-keygen.c]
9053         another of the same typo
9054
9055commit d234afb0b3a8de1be78cbeafed5fc86912594c3c
9056Author: Damien Miller <djm@mindrot.org>
9057Date:   Wed Aug 21 02:42:58 2013 +1000
9058
9059       - djm@cvs.openbsd.org 2013/08/13 18:32:08
9060         [ssh-keygen.c]
9061         typo in error message; from Stephan Rickauer
9062
9063commit e0ee727b8281a7c2ae20630ce83f6b200b404059
9064Author: Damien Miller <djm@mindrot.org>
9065Date:   Wed Aug 21 02:42:35 2013 +1000
9066
9067       - djm@cvs.openbsd.org 2013/08/09 03:56:42
9068         [sftp.c]
9069         enable ctrl-left-arrow and ctrl-right-arrow to move forward/back a word;
9070         matching ksh's relatively recent change.
9071
9072commit fec029f1dc2c338f3fae3fa82aabc988dc07868c
9073Author: Damien Miller <djm@mindrot.org>
9074Date:   Wed Aug 21 02:42:12 2013 +1000
9075
9076       - djm@cvs.openbsd.org 2013/08/09 03:39:13
9077         [sftp-client.c]
9078         two problems found by a to-be-committed regress test: 1) msg_id was not
9079         being initialised so was starting at a random value from the heap
9080         (harmless, but confusing). 2) some error conditions were not being
9081         propagated back to the caller
9082
9083commit 036d30743fc914089f9849ca52d615891d47e616
9084Author: Damien Miller <djm@mindrot.org>
9085Date:   Wed Aug 21 02:41:46 2013 +1000
9086
9087       - djm@cvs.openbsd.org 2013/08/09 03:37:25
9088         [sftp.c]
9089         do getopt parsing for all sftp commands (with an empty optstring for
9090         commands without arguments) to ensure consistent behaviour
9091
9092commit c7dba12bf95eb1d69711881a153cc286c1987663
9093Author: Damien Miller <djm@mindrot.org>
9094Date:   Wed Aug 21 02:41:15 2013 +1000
9095
9096       - djm@cvs.openbsd.org 2013/08/08 05:04:03
9097         [sftp-client.c sftp-client.h sftp.c]
9098         add a "-l" flag for the rename command to force it to use the silly
9099         standard SSH_FXP_RENAME command instead of the POSIX-rename- like
9100         posix-rename@openssh.com extension.
9101
9102         intended for use in regress tests, so no documentation.
9103
9104commit 034f27a0c09e69fe3589045b41f03f6e345b63f5
9105Author: Damien Miller <djm@mindrot.org>
9106Date:   Wed Aug 21 02:40:44 2013 +1000
9107
9108       - djm@cvs.openbsd.org 2013/08/08 04:52:04
9109         [sftp.c]
9110         fix two year old regression: symlinking a file would incorrectly
9111         canonicalise the target path. bz#2129 report from delphij AT freebsd.org
9112
9113commit c6895c5c67492144dd28589e5788f783be9152ed
9114Author: Damien Miller <djm@mindrot.org>
9115Date:   Wed Aug 21 02:40:21 2013 +1000
9116
9117       - jmc@cvs.openbsd.org 2013/08/07 06:24:51
9118         [sftp.1 sftp.c]
9119         sort -a;
9120
9121commit a6d6c1f38ac9b4a5e1bd4df889e1020a8370ed55
9122Author: Damien Miller <djm@mindrot.org>
9123Date:   Wed Aug 21 02:40:01 2013 +1000
9124
9125       - djm@cvs.openbsd.org 2013/08/06 23:06:01
9126         [servconf.c]
9127         add cast to avoid format warning; from portable
9128
9129commit eec840673bce3f69ad269672fba7ed8ff05f154f
9130Author: Damien Miller <djm@mindrot.org>
9131Date:   Wed Aug 21 02:39:39 2013 +1000
9132
9133       - djm@cvs.openbsd.org 2013/08/06 23:05:01
9134         [sftp.1]
9135         document top-level -a option (the -a option to 'get' was already
9136         documented)
9137
9138commit 02e878070d0eddad4e11f2c82644b275418eb112
9139Author: Damien Miller <djm@mindrot.org>
9140Date:   Wed Aug 21 02:38:51 2013 +1000
9141
9142       - djm@cvs.openbsd.org 2013/08/06 23:03:49
9143         [sftp.c]
9144         fix some whitespace at EOL
9145         make list of commands an enum rather than a long list of defines
9146         add -a to usage()
9147