xref: /freebsd/crypto/openssh/ChangeLog (revision fc1ba28a5c70935b11b49532dc5eff88b382c107)
1commit c88ac102f0eb89f2eaa314cb2e2e0ca3c890c443
2Author: Damien Miller <djm@mindrot.org>
3Date:   Thu Jan 14 11:08:19 2016 +1100
4
5    bump version numbers
6
7commit 302bc21e6fadacb04b665868cd69b625ef69df90
8Author: Damien Miller <djm@mindrot.org>
9Date:   Thu Jan 14 11:04:04 2016 +1100
10
11    openssh-7.1p2
12
13commit 6b33763242c063e4e0593877e835eeb1fd1b60aa
14Author: Damien Miller <djm@mindrot.org>
15Date:   Thu Jan 14 11:02:58 2016 +1100
16
17    forcibly disable roaming support in the client
18
19commit 34d364f0d2e1e30a444009f0e04299bb7c94ba13
20Author: djm@openbsd.org <djm@openbsd.org>
21Date:   Mon Oct 5 17:11:21 2015 +0000
22
23    upstream commit
24
25    some more bzero->explicit_bzero, from Michael McConville
26
27    Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0
28
29commit 8f5b93026797b9f7fba90d0c717570421ccebbd3
30Author: guenther@openbsd.org <guenther@openbsd.org>
31Date:   Fri Sep 11 08:50:04 2015 +0000
32
33    upstream commit
34
35    Use explicit_bzero() when zeroing before free()
36
37    from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu)
38    ok millert@ djm@
39
40    Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50
41
42commit d77148e3a3ef6c29b26ec74331455394581aa257
43Author: djm@openbsd.org <djm@openbsd.org>
44Date:   Sun Nov 8 21:59:11 2015 +0000
45
46    upstream commit
47
48    fix OOB read in packet code caused by missing return
49     statement found by Ben Hawkes; ok markus@ deraadt@
50
51    Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62
52
53commit 076d849e17ab12603627f87b301e2dca71bae518
54Author: Damien Miller <djm@mindrot.org>
55Date:   Sat Nov 14 18:44:49 2015 +1100
56
57    read back from libcrypto RAND when privdropping
58
59    makes certain libcrypto implementations cache a /dev/urandom fd
60    in preparation of sandboxing. Based on patch by Greg Hartman.
61
62commit f72adc0150011a28f177617a8456e1f83733099d
63Author: djm@openbsd.org <djm@openbsd.org>
64Date:   Sun Dec 13 22:42:23 2015 +0000
65
66    upstream commit
67
68    unbreak connections with peers that set
69     first_kex_follows; fix from Matt Johnston va bz#2515
70
71    Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
72
73commit 04bd8d019ccd906cac1a2b362517b8505f3759e6
74Author: djm@openbsd.org <djm@openbsd.org>
75Date:   Tue Jan 12 23:42:54 2016 +0000
76
77    upstream commit
78
79    use explicit_bzero() more liberally in the buffer code; ok
80     deraadt
81
82    Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
83
84commit e91346dc2bbf460246df2ab591b7613908c1b0ad
85Author: Damien Miller <djm@mindrot.org>
86Date:   Fri Aug 21 14:49:03 2015 +1000
87
88    we don't use Github for issues/pull-requests
89
90commit a4f5b507c708cc3dc2c8dd2d02e4416d7514dc23
91Author: Damien Miller <djm@mindrot.org>
92Date:   Fri Aug 21 14:43:55 2015 +1000
93
94    fix URL for connect.c
95
96commit d026a8d3da0f8186598442997c7d0a28e7275414
97Author: Damien Miller <djm@mindrot.org>
98Date:   Fri Aug 21 13:47:10 2015 +1000
99
100    update version numbers for 7.1
101
102commit 78f8f589f0ca1c9f41e5a9bae3cda5ce8a6b42ed
103Author: djm@openbsd.org <djm@openbsd.org>
104Date:   Fri Aug 21 03:45:26 2015 +0000
105
106    upstream commit
107
108    openssh-7.1
109
110    Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f
111
112commit 32a181980c62fce94f7f9ffaf6a79d90f0c309cf
113Author: djm@openbsd.org <djm@openbsd.org>
114Date:   Fri Aug 21 03:42:19 2015 +0000
115
116    upstream commit
117
118    fix inverted logic that broke PermitRootLogin; reported
119     by Mantas Mikulenas; ok markus@
120
121    Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5
122
123commit ce445b0ed927e45bd5bdce8f836eb353998dd65c
124Author: deraadt@openbsd.org <deraadt@openbsd.org>
125Date:   Thu Aug 20 22:32:42 2015 +0000
126
127    upstream commit
128
129    Do not cast result of malloc/calloc/realloc* if stdlib.h
130     is in scope ok krw millert
131
132    Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667
133
134commit 05291e5288704d1a98bacda269eb5a0153599146
135Author: naddy@openbsd.org <naddy@openbsd.org>
136Date:   Thu Aug 20 19:20:06 2015 +0000
137
138    upstream commit
139
140    In the certificates section, be consistent about using
141     "host_key" and "user_key" for the respective key types.  ok sthen@ deraadt@
142
143    Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb
144
145commit 8543d4ef6f2e9f98c3e6b77c894ceec30c5e4ae4
146Author: djm@openbsd.org <djm@openbsd.org>
147Date:   Wed Aug 19 23:21:42 2015 +0000
148
149    upstream commit
150
151    Better compat matching for WinSCP, add compat matching
152     for FuTTY (fork of PuTTY); ok markus@ deraadt@
153
154    Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389
155
156commit ec6eda16ebab771aa3dfc90629b41953b999cb1e
157Author: djm@openbsd.org <djm@openbsd.org>
158Date:   Wed Aug 19 23:19:01 2015 +0000
159
160    upstream commit
161
162    fix double-free() in error path of DSA key generation
163     reported by Mateusz Kocielski; ok markus@
164
165    Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c
166
167commit 45b0eb752c94954a6de046bfaaf129e518ad4b5b
168Author: djm@openbsd.org <djm@openbsd.org>
169Date:   Wed Aug 19 23:18:26 2015 +0000
170
171    upstream commit
172
173    fix free() of uninitialised pointer reported by Mateusz
174     Kocielski; ok markus@
175
176    Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663
177
178commit c837643b93509a3ef538cb6624b678c5fe32ff79
179Author: djm@openbsd.org <djm@openbsd.org>
180Date:   Wed Aug 19 23:17:51 2015 +0000
181
182    upstream commit
183
184    fixed unlink([uninitialised memory]) reported by Mateusz
185     Kocielski; ok markus@
186
187    Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109
188
189commit 1f8d3d629cd553031021068eb9c646a5f1e50994
190Author: jmc@openbsd.org <jmc@openbsd.org>
191Date:   Fri Aug 14 15:32:41 2015 +0000
192
193    upstream commit
194
195    match myproposal.h order; from brian conway (i snuck in a
196     tweak while here)
197
198    ok dtucker
199
200    Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67
201
202commit 1dc8d93ce69d6565747eb44446ed117187621b26
203Author: deraadt@openbsd.org <deraadt@openbsd.org>
204Date:   Thu Aug 6 14:53:21 2015 +0000
205
206    upstream commit
207
208    add prohibit-password as a synonymn for without-password,
209     since the without-password is causing too many questions.  Harden it to ban
210     all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from
211     djm, ok markus
212
213    Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a
214
215commit 90a95a4745a531b62b81ce3b025e892bdc434de5
216Author: Damien Miller <djm@mindrot.org>
217Date:   Tue Aug 11 13:53:41 2015 +1000
218
219    update version in README
220
221commit 318c37743534b58124f1bab37a8a0087a3a9bd2f
222Author: Damien Miller <djm@mindrot.org>
223Date:   Tue Aug 11 13:53:09 2015 +1000
224
225    update versions in *.spec
226
227commit 5e75f5198769056089fb06c4d738ab0e5abc66f7
228Author: Damien Miller <djm@mindrot.org>
229Date:   Tue Aug 11 13:34:12 2015 +1000
230
231    set sshpam_ctxt to NULL after free
232
233    Avoids use-after-free in monitor when privsep child is compromised.
234    Reported by Moritz Jodeit; ok dtucker@
235
236commit d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
237Author: Damien Miller <djm@mindrot.org>
238Date:   Tue Aug 11 13:33:24 2015 +1000
239
240    Don't resend username to PAM; it already has it.
241
242    Pointed out by Moritz Jodeit; ok dtucker@
243
244commit 88763a6c893bf3dfe951ba9271bf09715e8d91ca
245Author: Darren Tucker <dtucker@zip.com.au>
246Date:   Mon Jul 27 12:14:25 2015 +1000
247
248    Import updated moduli file from OpenBSD.
249
250commit 55b263fb7cfeacb81aaf1c2036e0394c881637da
251Author: Damien Miller <djm@mindrot.org>
252Date:   Mon Aug 10 11:13:44 2015 +1000
253
254    let principals-command.sh work for noexec /var/run
255
256commit 2651e34cd11b1aac3a0fe23b86d8c2ff35c07897
257Author: Damien Miller <djm@mindrot.org>
258Date:   Thu Aug 6 11:43:42 2015 +1000
259
260    work around echo -n / sed behaviour in tests
261
262commit d85dad81778c1aa8106acd46930b25fdf0d15b2a
263Author: djm@openbsd.org <djm@openbsd.org>
264Date:   Wed Aug 5 05:27:33 2015 +0000
265
266    upstream commit
267
268    adjust for RSA minimum modulus switch; ok deraadt@
269
270    Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae
271
272commit 57e8e229bad5fe6056b5f1199665f5f7008192c6
273Author: djm@openbsd.org <djm@openbsd.org>
274Date:   Tue Aug 4 05:23:06 2015 +0000
275
276    upstream commit
277
278    backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this
279     release; problems spotted by sthen@ ok deraadt@ markus@
280
281    Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822
282
283commit f097d0ea1e0889ca0fa2e53a00214e43ab7fa22a
284Author: djm@openbsd.org <djm@openbsd.org>
285Date:   Sun Aug 2 09:56:42 2015 +0000
286
287    upstream commit
288
289    openssh 7.0; ok deraadt@
290
291    Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f
292
293commit 3d5728a0f6874ce4efb16913a12963595070f3a9
294Author: chris@openbsd.org <chris@openbsd.org>
295Date:   Fri Jul 31 15:38:09 2015 +0000
296
297    upstream commit
298
299    Allow PermitRootLogin to be overridden by config
300
301    ok markus@ deeradt@
302
303    Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4
304
305commit 6f941396b6835ad18018845f515b0c4fe20be21a
306Author: djm@openbsd.org <djm@openbsd.org>
307Date:   Thu Jul 30 23:09:15 2015 +0000
308
309    upstream commit
310
311    fix pty permissions; patch from Nikolay Edigaryev; ok
312     deraadt
313
314    Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550
315
316commit f4373ed1e8fbc7c8ce3fc4ea97d0ba2e0c1d7ef0
317Author: deraadt@openbsd.org <deraadt@openbsd.org>
318Date:   Thu Jul 30 19:23:02 2015 +0000
319
320    upstream commit
321
322    change default: PermitRootLogin without-password matching
323     install script changes coming as well ok djm markus
324
325    Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6
326
327commit 0c30ba91f87fcda7e975e6ff8a057f624e87ea1c
328Author: Damien Miller <djm@mindrot.org>
329Date:   Thu Jul 30 12:31:39 2015 +1000
330
331    downgrade OOM adjustment logging: verbose -> debug
332
333commit f9eca249d4961f28ae4b09186d7dc91de74b5895
334Author: djm@openbsd.org <djm@openbsd.org>
335Date:   Thu Jul 30 00:01:34 2015 +0000
336
337    upstream commit
338
339    Allow ssh_config and sshd_config kex parameters options be
340     prefixed by a '+' to indicate that the specified items be appended to the
341     default rather than replacing it.
342
343    approach suggested by dtucker@, feedback dlg@, ok markus@
344
345    Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
346
347commit 5cefe769105a2a2e3ca7479d28d9a325d5ef0163
348Author: djm@openbsd.org <djm@openbsd.org>
349Date:   Wed Jul 29 08:34:54 2015 +0000
350
351    upstream commit
352
353    fix bug in previous; was printing incorrect string for
354     failed host key algorithms negotiation
355
356    Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e
357
358commit f319912b0d0e1675b8bb051ed8213792c788bcb2
359Author: djm@openbsd.org <djm@openbsd.org>
360Date:   Wed Jul 29 04:43:06 2015 +0000
361
362    upstream commit
363
364    include the peer's offer when logging a failure to
365     negotiate a mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@
366
367    Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796
368
369commit b6ea0e573042eb85d84defb19227c89eb74cf05a
370Author: djm@openbsd.org <djm@openbsd.org>
371Date:   Tue Jul 28 23:20:42 2015 +0000
372
373    upstream commit
374
375    add Cisco to the list of clients that choke on the
376     hostkeys update extension. Pointed out by Howard Kash
377
378    Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84
379
380commit 3f628c7b537291c1019ce86af90756fb4e66d0fd
381Author: guenther@openbsd.org <guenther@openbsd.org>
382Date:   Mon Jul 27 16:29:23 2015 +0000
383
384    upstream commit
385
386    Permit kbind(2) use in the sandbox now, to ease testing
387     of ld.so work using it
388
389    reminded by miod@, ok deraadt@
390
391    Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413
392
393commit ebe27ebe520098bbc0fe58945a87ce8490121edb
394Author: millert@openbsd.org <millert@openbsd.org>
395Date:   Mon Jul 20 18:44:12 2015 +0000
396
397    upstream commit
398
399    Move .Pp before .Bl, not after to quiet mandoc -Tlint.
400     Noticed by jmc@
401
402    Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23
403
404commit d5d91d0da819611167782c66ab629159169d94d4
405Author: millert@openbsd.org <millert@openbsd.org>
406Date:   Mon Jul 20 18:42:35 2015 +0000
407
408    upstream commit
409
410    Sync usage with SYNOPSIS
411
412    Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7
413
414commit 79ec2142fbc68dd2ed9688608da355fc0b1ed743
415Author: millert@openbsd.org <millert@openbsd.org>
416Date:   Mon Jul 20 15:39:52 2015 +0000
417
418    upstream commit
419
420    Better desciption of Unix domain socket forwarding.
421     bz#2423; ok jmc@
422
423    Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d
424
425commit d56fd1828074a4031b18b8faa0bf949669eb18a0
426Author: Damien Miller <djm@mindrot.org>
427Date:   Mon Jul 20 11:19:51 2015 +1000
428
429    make realpath.c compile -Wsign-compare clean
430
431commit c63c9a691dca26bb7648827f5a13668832948929
432Author: djm@openbsd.org <djm@openbsd.org>
433Date:   Mon Jul 20 00:30:01 2015 +0000
434
435    upstream commit
436
437    mention that the default of UseDNS=no implies that
438     hostnames cannot be used for host matching in sshd_config and
439     authorized_keys; bz#2045, ok dtucker@
440
441    Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1
442
443commit 63ebcd0005e9894fcd6871b7b80aeea1fec0ff76
444Author: djm@openbsd.org <djm@openbsd.org>
445Date:   Sat Jul 18 08:02:17 2015 +0000
446
447    upstream commit
448
449    don't ignore PKCS#11 hosted keys that return empty
450     CKA_ID; patch by Jakub Jelen via bz#2429; ok markus
451
452    Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485
453
454commit b15fd989c8c62074397160147a8d5bc34b3f3c63
455Author: djm@openbsd.org <djm@openbsd.org>
456Date:   Sat Jul 18 08:00:21 2015 +0000
457
458    upstream commit
459
460    skip uninitialised PKCS#11 slots; patch from Jakub Jelen
461     in bz#2427 ok markus@
462
463    Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29
464
465commit 5b64f85bb811246c59ebab70aed331f26ba37b18
466Author: djm@openbsd.org <djm@openbsd.org>
467Date:   Sat Jul 18 07:57:14 2015 +0000
468
469    upstream commit
470
471    only query each keyboard-interactive device once per
472     authentication request regardless of how many times it is listed; ok markus@
473
474    Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
475
476commit cd7324d0667794eb5c236d8a4e0f236251babc2d
477Author: djm@openbsd.org <djm@openbsd.org>
478Date:   Fri Jul 17 03:34:27 2015 +0000
479
480    upstream commit
481
482    remove -u flag to diff (only used for error output) to make
483     things easier for -portable
484
485    Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548
486
487commit deb8d99ecba70b67f4af7880b11ca8768df9ec3a
488Author: djm@openbsd.org <djm@openbsd.org>
489Date:   Fri Jul 17 03:09:19 2015 +0000
490
491    upstream commit
492
493    direct-streamlocal@openssh.com Unix domain foward
494     messages do not contain a "reserved for future use" field and in fact,
495     serverloop.c checks that there isn't one. Remove erroneous mention from
496     PROTOCOL description. bz#2421 from Daniel Black
497
498    Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac
499
500commit 356b61f365405b5257f5b2ab446e5d7bd33a7b52
501Author: djm@openbsd.org <djm@openbsd.org>
502Date:   Fri Jul 17 03:04:27 2015 +0000
503
504    upstream commit
505
506    describe magic for setting up Unix domain socket fowards
507     via the mux channel; bz#2422 patch from Daniel Black
508
509    Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861
510
511commit d3e2aee41487d55b8d7d40f538b84ff1db7989bc
512Author: Darren Tucker <dtucker@zip.com.au>
513Date:   Fri Jul 17 12:52:34 2015 +1000
514
515    Check if realpath works on nonexistent files.
516
517    On some platforms the native realpath doesn't work with non-existent
518    files (this is actually specified in some versions of POSIX), however
519    the sftp spec says its realpath with "canonicalize any given path name".
520    On those platforms, use realpath from the compat library.
521
522    In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines
523    the realpath symbol to the checked version, so redefine ours to
524    something else so we pick up the compat version we want.
525
526    bz#2428, ok djm@
527
528commit 25b14610dab655646a109db5ef8cb4c4bf2a48a0
529Author: djm@openbsd.org <djm@openbsd.org>
530Date:   Fri Jul 17 02:47:45 2015 +0000
531
532    upstream commit
533
534    fix incorrect test for SSH1 keys when compiled without SSH1
535     support
536
537    Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451
538
539commit df56a8035d429b2184ee94aaa7e580c1ff67f73a
540Author: djm@openbsd.org <djm@openbsd.org>
541Date:   Wed Jul 15 08:00:11 2015 +0000
542
543    upstream commit
544
545    fix NULL-deref when SSH1 reenabled
546
547    Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295
548
549commit 41e38c4d49dd60908484e6703316651333f16b93
550Author: djm@openbsd.org <djm@openbsd.org>
551Date:   Wed Jul 15 07:19:50 2015 +0000
552
553    upstream commit
554
555    regen RSA1 test keys; the last batch was missing their
556     private parts
557
558    Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a
559
560commit 5bf0933184cb622ca3f96d224bf3299fd2285acc
561Author: markus@openbsd.org <markus@openbsd.org>
562Date:   Fri Jul 10 06:23:25 2015 +0000
563
564    upstream commit
565
566    Adapt tests, now that DSA if off by default; use
567     PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
568
569    Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
570
571commit 7a6e3fd7b41dbd3756b6bf9acd67954c0b1564cc
572Author: markus@openbsd.org <markus@openbsd.org>
573Date:   Tue Jul 7 14:54:16 2015 +0000
574
575    upstream commit
576
577    regen test data after mktestdata.sh changes
578
579    Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4
580
581commit 7c8c174c69f681d4910fa41c37646763692b28e2
582Author: markus@openbsd.org <markus@openbsd.org>
583Date:   Tue Jul 7 14:53:30 2015 +0000
584
585    upstream commit
586
587    adapt tests to new minimum RSA size and default FP format
588
589    Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e
590
591commit 6a977a4b68747ade189e43d302f33403fd4a47ac
592Author: djm@openbsd.org <djm@openbsd.org>
593Date:   Fri Jul 3 04:39:23 2015 +0000
594
595    upstream commit
596
597    legacy v00 certificates are gone; adapt and don't try to
598     test them; "sure" markus@ dtucker@
599
600    Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12
601
602commit 0c4123ad5e93fb90fee9c6635b13a6cdabaac385
603Author: djm@openbsd.org <djm@openbsd.org>
604Date:   Wed Jul 1 23:11:18 2015 +0000
605
606    upstream commit
607
608    don't expect SSH v.1 in unittests
609
610    Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397
611
612commit 3c099845798a817cdde513c39074ec2063781f18
613Author: djm@openbsd.org <djm@openbsd.org>
614Date:   Mon Jun 15 06:38:50 2015 +0000
615
616    upstream commit
617
618    turn SSH1 back on to match src/usr.bin/ssh being tested
619
620    Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333
621
622commit b1dc2b33689668c75e95f873a42d5aea1f4af1db
623Author: dtucker@openbsd.org <dtucker@openbsd.org>
624Date:   Mon Jul 13 04:57:14 2015 +0000
625
626    upstream commit
627
628    Add "PuTTY_Local:" to the clients to which we do not
629     offer DH-GEX. This was the string that was used for development versions
630     prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately
631     there are some extant products based on those versions.  bx2424 from Jay
632     Rouman, ok markus@ djm@
633
634    Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5
635
636commit 3a1638dda19bbc73d0ae02b4c251ce08e564b4b9
637Author: markus@openbsd.org <markus@openbsd.org>
638Date:   Fri Jul 10 06:21:53 2015 +0000
639
640    upstream commit
641
642    Turn off DSA by default; add HostKeyAlgorithms to the
643     server and PubkeyAcceptedKeyTypes to the client side, so it still can be
644     tested or turned back on; feedback and ok djm@
645
646    Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
647
648commit 16db0a7ee9a87945cc594d13863cfcb86038db59
649Author: markus@openbsd.org <markus@openbsd.org>
650Date:   Thu Jul 9 09:49:46 2015 +0000
651
652    upstream commit
653
654    re-enable ed25519-certs if compiled w/o openssl; ok djm
655
656    Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49
657
658commit c355bf306ac33de6545ce9dac22b84a194601e2f
659Author: markus@openbsd.org <markus@openbsd.org>
660Date:   Wed Jul 8 20:24:02 2015 +0000
661
662    upstream commit
663
664    no need to include the old buffer/key API
665
666    Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b
667
668commit a3cc48cdf9853f1e832d78cb29bedfab7adce1ee
669Author: markus@openbsd.org <markus@openbsd.org>
670Date:   Wed Jul 8 19:09:25 2015 +0000
671
672    upstream commit
673
674    typedefs for Cipher&CipherContext are unused
675
676    Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7
677
678commit a635bd06b5c427a57c3ae760d3a2730bb2c863c0
679Author: markus@openbsd.org <markus@openbsd.org>
680Date:   Wed Jul 8 19:04:21 2015 +0000
681
682    upstream commit
683
684    xmalloc.h is unused
685
686    Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58
687
688commit 2521cf0e36c7f3f6b19f206da0af134f535e4a31
689Author: markus@openbsd.org <markus@openbsd.org>
690Date:   Wed Jul 8 19:01:15 2015 +0000
691
692    upstream commit
693
694    compress.c is gone
695
696    Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced
697
698commit c65a7aa6c43aa7a308ee1ab8a96f216169ae9615
699Author: djm@openbsd.org <djm@openbsd.org>
700Date:   Fri Jul 3 04:05:54 2015 +0000
701
702    upstream commit
703
704    another SSH_RSA_MINIMUM_MODULUS_SIZE that needed
705     cranking
706
707    Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1
708
709commit b1f383da5cd3cb921fc7776f17a14f44b8a31757
710Author: djm@openbsd.org <djm@openbsd.org>
711Date:   Fri Jul 3 03:56:25 2015 +0000
712
713    upstream commit
714
715    add an XXX reminder for getting correct key paths from
716     sshd_config
717
718    Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db
719
720commit 933935ce8d093996c34d7efa4d59113163080680
721Author: djm@openbsd.org <djm@openbsd.org>
722Date:   Fri Jul 3 03:49:45 2015 +0000
723
724    upstream commit
725
726    refuse to generate or accept RSA keys smaller than 1024
727     bits; feedback and ok dtucker@
728
729    Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
730
731commit bdfd29f60b74f3e678297269dc6247a5699583c1
732Author: djm@openbsd.org <djm@openbsd.org>
733Date:   Fri Jul 3 03:47:00 2015 +0000
734
735    upstream commit
736
737    turn off 1024 bit diffie-hellman-group1-sha1 key
738     exchange method (already off in server, this turns it off in the client by
739     default too) ok dtucker@
740
741    Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa
742
743commit c28fc62d789d860c75e23a9fa9fb250eb2beca57
744Author: djm@openbsd.org <djm@openbsd.org>
745Date:   Fri Jul 3 03:43:18 2015 +0000
746
747    upstream commit
748
749    delete support for legacy v00 certificates; "sure"
750     markus@ dtucker@
751
752    Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
753
754commit 564d63e1b4a9637a209d42a9d49646781fc9caef
755Author: djm@openbsd.org <djm@openbsd.org>
756Date:   Wed Jul 1 23:10:47 2015 +0000
757
758    upstream commit
759
760    Compile-time disable SSH v.1 again
761
762    Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af
763
764commit 868109b650504dd9bcccdb1f51d0906f967c20ff
765Author: djm@openbsd.org <djm@openbsd.org>
766Date:   Wed Jul 1 02:39:06 2015 +0000
767
768    upstream commit
769
770    twiddle PermitRootLogin back
771
772    Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2
773
774commit 7de4b03a6e4071d454b72927ffaf52949fa34545
775Author: djm@openbsd.org <djm@openbsd.org>
776Date:   Wed Jul 1 02:32:17 2015 +0000
777
778    upstream commit
779
780    twiddle; (this commit marks the openssh-6.9 release)
781
782    Upstream-ID: 78500582819f61dd8adee36ec5cc9b9ac9351234
783
784commit 1bf477d3cdf1a864646d59820878783d42357a1d
785Author: djm@openbsd.org <djm@openbsd.org>
786Date:   Wed Jul 1 02:26:31 2015 +0000
787
788    upstream commit
789
790    better refuse ForwardX11Trusted=no connections attempted
791     after ForwardX11Timeout expires; reported by Jann Horn
792
793    Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21
794
795commit 47aa7a0f8551b471fcae0447c1d78464f6dba869
796Author: djm@openbsd.org <djm@openbsd.org>
797Date:   Wed Jul 1 01:56:13 2015 +0000
798
799    upstream commit
800
801    put back default PermitRootLogin=no
802
803    Upstream-ID: 7bdedd5cead99c57ed5571f3b6b7840922d5f728
804
805commit 984b064fe2a23733733262f88d2e1b2a1a501662
806Author: djm@openbsd.org <djm@openbsd.org>
807Date:   Wed Jul 1 01:55:13 2015 +0000
808
809    upstream commit
810
811    openssh-6.9
812
813    Upstream-ID: 6cfe8e1904812531080e6ab6e752d7001b5b2d45
814
815commit d921082ed670f516652eeba50705e1e9f6325346
816Author: djm@openbsd.org <djm@openbsd.org>
817Date:   Wed Jul 1 01:55:00 2015 +0000
818
819    upstream commit
820
821    reset default PermitRootLogin to 'yes' (momentarily, for
822     release)
823
824    Upstream-ID: cad8513527066e65dd7a1c16363d6903e8cefa24
825
826commit 66295e0e1ba860e527f191b6325d2d77dec4dbce
827Author: Damien Miller <djm@mindrot.org>
828Date:   Wed Jul 1 11:49:12 2015 +1000
829
830    crank version numbers for release
831
832commit 37035c07d4f26bb1fbe000d2acf78efdb008681d
833Author: Damien Miller <djm@mindrot.org>
834Date:   Wed Jul 1 10:49:37 2015 +1000
835
836    s/--with-ssh1/--without-ssh1/
837
838commit 629df770dbadc2accfbe1c81b3f31f876d0acd84
839Author: djm@openbsd.org <djm@openbsd.org>
840Date:   Tue Jun 30 05:25:07 2015 +0000
841
842    upstream commit
843
844    fatal() when a remote window update causes the window
845     value to overflow. Reported by Georg Wicherski, ok markus@
846
847    Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351
848
849commit f715afebe735d61df3fd30ad72d9ac1c8bd3b5f2
850Author: djm@openbsd.org <djm@openbsd.org>
851Date:   Tue Jun 30 05:23:25 2015 +0000
852
853    upstream commit
854
855    Fix math error in remote window calculations that causes
856     eventual stalls for datagram channels. Reported by Georg Wicherski, ok
857     markus@
858
859    Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab
860
861commit 52fb6b9b034fcfd24bf88cc7be313e9c31de9889
862Author: Damien Miller <djm@mindrot.org>
863Date:   Tue Jun 30 16:05:40 2015 +1000
864
865    skip IPv6-related portions on hosts without IPv6
866
867    with Tim Rice
868
869commit 512caddf590857af6aa12218461b5c0441028cf5
870Author: djm@openbsd.org <djm@openbsd.org>
871Date:   Mon Jun 29 22:35:12 2015 +0000
872
873    upstream commit
874
875    add getpid to sandbox, reachable by grace_alarm_handler
876
877    reported by Jakub Jelen; bz#2419
878
879    Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8
880
881commit 78c2a4f883ea9aba866358e2acd9793a7f42ca93
882Author: djm@openbsd.org <djm@openbsd.org>
883Date:   Fri Jun 26 05:13:20 2015 +0000
884
885    upstream commit
886
887    Fix \-escaping bug that caused forward path parsing to skip
888     two characters and skip past the end of the string.
889
890    Based on patch by Salvador Fandino; ok dtucker@
891
892    Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd
893
894commit bc20205c91c9920361d12b15d253d4997dba494a
895Author: Damien Miller <djm@mindrot.org>
896Date:   Thu Jun 25 09:51:39 2015 +1000
897
898    add missing pselect6
899
900    patch from Jakub Jelen
901
902commit 9d27fb73b4a4e5e99cb880af790d5b1ce44f720a
903Author: djm@openbsd.org <djm@openbsd.org>
904Date:   Wed Jun 24 23:47:23 2015 +0000
905
906    upstream commit
907
908    correct test to sshkey_sign(); spotted by Albert S.
909
910    Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933
911
912commit 7ed01a96a1911d8b4a9ef4f3d064e1923bfad7e3
913Author: dtucker@openbsd.org <dtucker@openbsd.org>
914Date:   Wed Jun 24 01:49:19 2015 +0000
915
916    upstream commit
917
918    Revert previous commit.  We still want to call setgroups
919     in the case where there are zero groups to remove any that we might otherwise
920     inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
921     to setgroups is always a static global it's always valid to dereference in
922     this case.  ok deraadt@ djm@
923
924    Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
925
926commit 882f8bf94f79528caa65b0ba71c185d705bb7195
927Author: dtucker@openbsd.org <dtucker@openbsd.org>
928Date:   Wed Jun 24 01:49:19 2015 +0000
929
930    upstream commit
931
932    Revert previous commit.  We still want to call setgroups in
933     the case where there are zero groups to remove any that we might otherwise
934     inherit (as pointed out by grawity at gmail.com) and since the 2nd argument
935     to setgroups is always a static global it's always valid to dereference in
936     this case.  ok deraadt@ djm@
937
938    Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
939
940commit 9488538a726951e82b3a4374f3c558d72c80a89b
941Author: djm@openbsd.org <djm@openbsd.org>
942Date:   Mon Jun 22 23:42:16 2015 +0000
943
944    upstream commit
945
946    Don't count successful partial authentication as failures
947     in monitor; this may have caused the monitor to refuse multiple
948     authentications that would otherwise have successfully completed; ok markus@
949
950    Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3
951
952commit 63b78d003bd8ca111a736e6cea6333da50f5f09b
953Author: dtucker@openbsd.org <dtucker@openbsd.org>
954Date:   Mon Jun 22 12:29:57 2015 +0000
955
956    upstream commit
957
958    Don't call setgroups if we have zero groups; there's no
959     guarantee that it won't try to deref the pointer.  Based on a patch from mail
960     at quitesimple.org, ok djm deraadt
961
962    Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1
963
964commit 5c15e22c691c79a47747bcf5490126656f97cecd
965Author: Damien Miller <djm@mindrot.org>
966Date:   Thu Jun 18 15:07:56 2015 +1000
967
968    fix syntax error
969
970commit 596dbca82f3f567fb3d2d69af4b4e1d3ba1e6403
971Author: jsing@openbsd.org <jsing@openbsd.org>
972Date:   Mon Jun 15 18:44:22 2015 +0000
973
974    upstream commit
975
976    If AuthorizedPrincipalsCommand is specified, however
977     AuthorizedPrincipalsFile is not (or is set to "none"), authentication will
978     potentially fail due to key_cert_check_authority() failing to locate a
979     principal that matches the username, even though an authorized principal has
980     already been matched in the output of the subprocess. Fix this by using the
981     same logic to determine if pw->pw_name should be passed, as is used to
982     determine if a authorized principal must be matched earlier on.
983
984    ok djm@
985
986    Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d
987
988commit aff3e94c0d75d0d0fa84ea392b50ab04f8c57905
989Author: jsing@openbsd.org <jsing@openbsd.org>
990Date:   Mon Jun 15 18:42:19 2015 +0000
991
992    upstream commit
993
994    Make the arguments to match_principals_command() similar
995     to match_principals_file(), by changing the last argument a struct
996     sshkey_cert * and dereferencing key->cert in the caller.
997
998    No functional change.
999
1000    ok djm@
1001
1002    Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c
1003
1004commit 97e2e1596c202a4693468378b16b2353fd2d6c5e
1005Author: Damien Miller <djm@mindrot.org>
1006Date:   Wed Jun 17 14:36:54 2015 +1000
1007
1008    trivial optimisation for seccomp-bpf
1009
1010    When doing arg inspection and the syscall doesn't match, skip
1011    past the instruction that reloads the syscall into the accumulator,
1012    since the accumulator hasn't been modified at this point.
1013
1014commit 99f33d7304893bd9fa04d227cb6e870171cded19
1015Author: Damien Miller <djm@mindrot.org>
1016Date:   Wed Jun 17 10:50:51 2015 +1000
1017
1018    aarch64 support for seccomp-bpf sandbox
1019
1020    Also resort and tidy syscall list. Based on patches by Jakub Jelen
1021    bz#2361; ok dtucker@
1022
1023commit 4ef702e1244633c1025ec7cfe044b9ab267097bf
1024Author: djm@openbsd.org <djm@openbsd.org>
1025Date:   Mon Jun 15 01:32:50 2015 +0000
1026
1027    upstream commit
1028
1029    return failure on RSA signature error; reported by Albert S
1030
1031    Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa
1032
1033commit a170f22baf18af0b1acf2788b8b715605f41a1f9
1034Author: Tim Rice <tim@multitalents.net>
1035Date:   Tue Jun 9 22:41:13 2015 -0700
1036
1037    Fix t12 rules for out of tree builds.
1038
1039commit ec04dc4a5515c913121bc04ed261857e68fa5c18
1040Author: millert@openbsd.org <millert@openbsd.org>
1041Date:   Fri Jun 5 15:13:13 2015 +0000
1042
1043    upstream commit
1044
1045    For "ssh -L 12345:/tmp/sock" don't fail with "No forward host
1046     name." (we have a path, not a host name).  Based on a diff from Jared
1047     Yanovich. OK djm@
1048
1049    Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f
1050
1051commit 732d61f417a6aea0aa5308b59cb0f563bcd6edd6
1052Author: djm@openbsd.org <djm@openbsd.org>
1053Date:   Fri Jun 5 03:44:14 2015 +0000
1054
1055    upstream commit
1056
1057    typo: accidental repetition; bz#2386
1058
1059    Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b
1060
1061commit adfb24c69d1b6f5e758db200866c711e25a2ba73
1062Author: Darren Tucker <dtucker@zip.com.au>
1063Date:   Fri Jun 5 14:51:40 2015 +1000
1064
1065    Add Linux powerpc64le and powerpcle entries.
1066
1067    Stopgap to resolve bz#2409 because we are so close to release and will
1068    update config.guess and friends shortly after the release.  ok djm@
1069
1070commit a1195a0fdc9eddddb04d3e9e44c4775431cb77da
1071Merge: 6397eed d2480bc
1072Author: Tim Rice <tim@multitalents.net>
1073Date:   Wed Jun 3 21:43:13 2015 -0700
1074
1075    Merge branch 'master' of git.mindrot.org:/var/git/openssh
1076
1077commit 6397eedf953b2b973d2d7cbb504ab501a07f8ddc
1078Author: Tim Rice <tim@multitalents.net>
1079Date:   Wed Jun 3 21:41:11 2015 -0700
1080
1081    Remove unneeded backslashes. Patch from Ángel González
1082
1083commit d2480bcac1caf31b03068de877a47d6e1027bf6d
1084Author: Darren Tucker <dtucker@zip.com.au>
1085Date:   Thu Jun 4 14:10:55 2015 +1000
1086
1087    Remove redundant include of stdarg.h.  bz#2410
1088
1089commit 5e67859a623826ccdf2df284cbb37e2d8e2787eb
1090Author: djm@openbsd.org <djm@openbsd.org>
1091Date:   Tue Jun 2 09:10:40 2015 +0000
1092
1093    upstream commit
1094
1095    mention CheckHostIP adding addresses to known_hosts;
1096     bz#1993; ok dtucker@
1097
1098    Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7
1099
1100commit d7a58bbac6583e33fd5eca8e2c2cc70c57617818
1101Author: Darren Tucker <dtucker@zip.com.au>
1102Date:   Tue Jun 2 20:15:26 2015 +1000
1103
1104    Replace strcpy with strlcpy.
1105
1106    ok djm, sanity check by Corinna Vinschen.
1107
1108commit 51a1c2115265c6e80ede8a5c9dccada9aeed7143
1109Author: Damien Miller <djm@mindrot.org>
1110Date:   Fri May 29 18:27:21 2015 +1000
1111
1112    skip, rather than fatal when run without SUDO set
1113
1114commit 599f01142a376645b15cbc9349d7e8975e1cf245
1115Author: Damien Miller <djm@mindrot.org>
1116Date:   Fri May 29 18:03:15 2015 +1000
1117
1118    fix merge botch that left ",," in KEX algs
1119
1120commit 0c2a81dfc21822f2423edd30751e5ec53467b347
1121Author: Damien Miller <djm@mindrot.org>
1122Date:   Fri May 29 17:08:28 2015 +1000
1123
1124    re-enable SSH protocol 1 at compile time
1125
1126commit db438f9285d64282d3ac9e8c0944f59f037c0151
1127Author: djm@openbsd.org <djm@openbsd.org>
1128Date:   Fri May 29 03:05:13 2015 +0000
1129
1130    upstream commit
1131
1132    make this work without SUDO set; ok dtucker@
1133
1134    Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715
1135
1136commit 1d9a2e2849c9864fe75daabf433436341c968e14
1137Author: djm@openbsd.org <djm@openbsd.org>
1138Date:   Thu May 28 07:37:31 2015 +0000
1139
1140    upstream commit
1141
1142    wrap all moduli-related code in #ifdef WITH_OPENSSL.
1143     based on patch from Reuben Hawkins; bz#2388 feedback and ok dtucker@
1144
1145    Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
1146
1147commit 496aeb25bc2d6c434171292e4714771b594bd00e
1148Author: dtucker@openbsd.org <dtucker@openbsd.org>
1149Date:   Thu May 28 05:41:29 2015 +0000
1150
1151    upstream commit
1152
1153    Increase the allowed length of the known host file name
1154     in the log message to be consistent with other cases.  Part of bz#1993, ok
1155     deraadt.
1156
1157    Upstream-ID: a9e97567be49f25daf286721450968251ff78397
1158
1159commit dd2cfeb586c646ff8d70eb93567b2e559ace5b14
1160Author: dtucker@openbsd.org <dtucker@openbsd.org>
1161Date:   Thu May 28 05:09:45 2015 +0000
1162
1163    upstream commit
1164
1165    Fix typo (keywork->keyword)
1166
1167    Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534
1168
1169commit 9cc6842493fbf23025ccc1edab064869640d3bec
1170Author: djm@openbsd.org <djm@openbsd.org>
1171Date:   Thu May 28 04:50:53 2015 +0000
1172
1173    upstream commit
1174
1175    add error message on ftruncate failure; bz#2176
1176
1177    Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf
1178
1179commit d1958793a0072c22be26d136dbda5ae263e717a0
1180Author: djm@openbsd.org <djm@openbsd.org>
1181Date:   Thu May 28 04:40:13 2015 +0000
1182
1183    upstream commit
1184
1185    make ssh-keygen default to ed25519 keys when compiled
1186     without OpenSSL; bz#2388, ok dtucker@
1187
1188    Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71
1189
1190commit 3ecde664c9fc5fb3667aedf9e6671462600f6496
1191Author: dtucker@openbsd.org <dtucker@openbsd.org>
1192Date:   Wed May 27 23:51:10 2015 +0000
1193
1194    upstream commit
1195
1196    Reorder client proposal to prefer
1197     diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1.  ok djm@
1198
1199    Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058
1200
1201commit 40f64292b907afd0a674fdbf3e4c2356d17a7d68
1202Author: dtucker@openbsd.org <dtucker@openbsd.org>
1203Date:   Wed May 27 23:39:18 2015 +0000
1204
1205    upstream commit
1206
1207    Add a stronger (4k bit) fallback group that sshd can use
1208     when the moduli file is missing or broken, sourced from RFC3526.  bz#2302, ok
1209     markus@ (earlier version), djm@
1210
1211    Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4
1212
1213commit 5ab7d5fa03ad55bc438fab45dfb3aeb30a3c237a
1214Author: Darren Tucker <dtucker@zip.com.au>
1215Date:   Thu May 28 10:03:40 2015 +1000
1216
1217    New moduli file from OpenBSD, removing 1k groups.
1218
1219    Remove 1k bit groups.  ok deraadt@, markus@
1220
1221commit a71ba58adf34e599f30cdda6e9b93ae6e3937eea
1222Author: djm@openbsd.org <djm@openbsd.org>
1223Date:   Wed May 27 05:15:02 2015 +0000
1224
1225    upstream commit
1226
1227    support PKCS#11 devices with external PIN entry devices
1228     bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@
1229
1230    Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d
1231
1232commit b282fec1aa05246ed3482270eb70fc3ec5f39a00
1233Author: dtucker@openbsd.org <dtucker@openbsd.org>
1234Date:   Tue May 26 23:23:40 2015 +0000
1235
1236    upstream commit
1237
1238    Cap DH-GEX group size at 4kbits for Cisco implementations.
1239     Some of them will choke when asked for preferred sizes >4k instead of
1240     returning the 4k group that they do have.  bz#2209, ok djm@
1241
1242    Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d
1243
1244commit 3e91b4e8b0dc2b4b7e7d42cf6e8994a32e4cb55e
1245Author: djm@openbsd.org <djm@openbsd.org>
1246Date:   Sun May 24 23:39:16 2015 +0000
1247
1248    upstream commit
1249
1250    add missing 'c' option to getopt(), case statement was
1251     already there; from Felix Bolte
1252
1253    Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081
1254
1255commit 64a89ec07660abba4d0da7c0095b7371c98bab62
1256Author: jsg@openbsd.org <jsg@openbsd.org>
1257Date:   Sat May 23 14:28:37 2015 +0000
1258
1259    upstream commit
1260
1261    fix a memory leak in an error path ok markus@ dtucker@
1262
1263    Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598
1264
1265commit f948737449257d2cb83ffcfe7275eb79b677fd4a
1266Author: djm@openbsd.org <djm@openbsd.org>
1267Date:   Fri May 22 05:28:45 2015 +0000
1268
1269    upstream commit
1270
1271    mention ssh-keygen -E for comparing legacy MD5
1272     fingerprints; bz#2332
1273
1274    Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859
1275
1276commit 0882332616e4f0272c31cc47bf2018f9cb258a4e
1277Author: djm@openbsd.org <djm@openbsd.org>
1278Date:   Fri May 22 04:45:52 2015 +0000
1279
1280    upstream commit
1281
1282    Reorder EscapeChar option parsing to avoid a single-byte
1283     out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@
1284
1285    Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060
1286
1287commit d7c31da4d42c115843edee2074d7d501f8804420
1288Author: djm@openbsd.org <djm@openbsd.org>
1289Date:   Fri May 22 03:50:02 2015 +0000
1290
1291    upstream commit
1292
1293    add knob to relax GSSAPI host credential check for
1294     multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker
1295     (kerberos/GSSAPI is not compiled by default on OpenBSD)
1296
1297    Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d
1298
1299commit aa72196a00be6e0b666215edcffbc10af234cb0e
1300Author: Darren Tucker <dtucker@zip.com.au>
1301Date:   Fri May 22 17:49:46 2015 +1000
1302
1303    Include signal.h for sig_atomic_t, used by kex.h.
1304
1305    bz#2402, from tomas.kuthan at oracle com.
1306
1307commit 8b02481143d75e91c49d1bfae0876ac1fbf9511a
1308Author: Darren Tucker <dtucker@zip.com.au>
1309Date:   Fri May 22 12:47:24 2015 +1000
1310
1311    Import updated moduli file from OpenBSD.
1312
1313commit 4739e8d5e1c0be49624082bd9f6b077e9e758db9
1314Author: djm@openbsd.org <djm@openbsd.org>
1315Date:   Thu May 21 12:01:19 2015 +0000
1316
1317    upstream commit
1318
1319    Support "ssh-keygen -lF hostname" to find search known_hosts
1320     and print key hashes. Already advertised by ssh-keygen(1), but not delivered
1321     by code; ok dtucker@
1322
1323    Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387
1324
1325commit e97201feca10b5196da35819ae516d0b87cf3a50
1326Author: Damien Miller <djm@mindrot.org>
1327Date:   Thu May 21 17:55:15 2015 +1000
1328
1329    conditionalise util.h inclusion
1330
1331commit 13640798c7dd011ece0a7d02841fe48e94cfa0e0
1332Author: djm@openbsd.org <djm@openbsd.org>
1333Date:   Thu May 21 06:44:25 2015 +0000
1334
1335    upstream commit
1336
1337    regress test for AuthorizedPrincipalsCommand
1338
1339    Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219
1340
1341commit 84452c5d03c21f9bfb28c234e0dc1dc67dd817b1
1342Author: djm@openbsd.org <djm@openbsd.org>
1343Date:   Thu May 21 06:40:02 2015 +0000
1344
1345    upstream commit
1346
1347    regress test for AuthorizedKeysCommand arguments
1348
1349    Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12
1350
1351commit bcc50d816187fa9a03907ac1f3a52f04a52e10d1
1352Author: djm@openbsd.org <djm@openbsd.org>
1353Date:   Thu May 21 06:43:30 2015 +0000
1354
1355    upstream commit
1356
1357    add AuthorizedPrincipalsCommand that allows getting
1358     authorized_principals from a subprocess rather than a file, which is quite
1359     useful in deployments with large userbases
1360
1361    feedback and ok markus@
1362
1363    Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
1364
1365commit 24232a3e5ab467678a86aa67968bbb915caffed4
1366Author: djm@openbsd.org <djm@openbsd.org>
1367Date:   Thu May 21 06:38:35 2015 +0000
1368
1369    upstream commit
1370
1371    support arguments to AuthorizedKeysCommand
1372
1373    bz#2081 loosely based on patch by Sami Hartikainen
1374    feedback and ok markus@
1375
1376    Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
1377
1378commit d80fbe41a57c72420c87a628444da16d09d66ca7
1379Author: djm@openbsd.org <djm@openbsd.org>
1380Date:   Thu May 21 04:55:51 2015 +0000
1381
1382    upstream commit
1383
1384    refactor: split base64 encoding of pubkey into its own
1385     sshkey_to_base64() function and out of sshkey_write(); ok markus@
1386
1387    Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a
1388
1389commit 7cc44ef74133a473734bbcbd3484f24d6a7328c5
1390Author: deraadt@openbsd.org <deraadt@openbsd.org>
1391Date:   Mon May 18 15:06:05 2015 +0000
1392
1393    upstream commit
1394
1395    getentropy() and sendsyslog() have been around long
1396     enough. openssh-portable may want the #ifdef's but not base. discussed with
1397     djm few weeks back
1398
1399    Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926
1400
1401commit 9173d0fbe44de7ebcad8a15618e13a8b8d78902e
1402Author: dtucker@openbsd.org <dtucker@openbsd.org>
1403Date:   Fri May 15 05:44:21 2015 +0000
1404
1405    upstream commit
1406
1407    Use a salted hash of the lock passphrase instead of plain
1408     text and do constant-time comparisons of it. Should prevent leaking any
1409     information about it via timing, pointed out by Ryan Castellucci.  Add a 0.1s
1410     incrementing delay for each failed unlock attempt up to 10s.  ok markus@
1411     (earlier version), djm@
1412
1413    Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f
1414
1415commit d028d5d3a697c71b21e4066d8672cacab3caa0a8
1416Author: Damien Miller <djm@mindrot.org>
1417Date:   Tue May 5 19:10:58 2015 +1000
1418
1419    upstream commit
1420
1421       - tedu@cvs.openbsd.org 2015/01/12 03:20:04
1422         [bcrypt_pbkdf.c]
1423         rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,
1424         nor are they the same size.
1425
1426commit f6391d4e59b058984163ab28f4e317e7a72478f1
1427Author: Damien Miller <djm@mindrot.org>
1428Date:   Tue May 5 19:10:23 2015 +1000
1429
1430    upstream commit
1431
1432       - deraadt@cvs.openbsd.org 2015/01/08 00:30:07
1433         [bcrypt_pbkdf.c]
1434         declare a local version of MIN(), call it MINIMUM()
1435
1436commit 8ac6b13cc9113eb47cd9e86c97d7b26b4b71b77f
1437Author: Damien Miller <djm@mindrot.org>
1438Date:   Tue May 5 19:09:46 2015 +1000
1439
1440    upstream commit
1441
1442       - djm@cvs.openbsd.org 2014/12/30 01:41:43
1443         [bcrypt_pbkdf.c]
1444         typo in comment: ouput => output
1445
1446commit 1f792489d5cf86a4f4e3003e6e9177654033f0f2
1447Author: djm@openbsd.org <djm@openbsd.org>
1448Date:   Mon May 4 06:10:48 2015 +0000
1449
1450    upstream commit
1451
1452    Remove pattern length argument from match_pattern_list(), we
1453     only ever use it for strlen(pattern).
1454
1455    Prompted by hanno AT hboeck.de pointing an out-of-bound read
1456    error caused by an incorrect pattern length found using AFL
1457    and his own tools.
1458
1459    ok markus@
1460
1461commit 639d6bc57b1942393ed12fb48f00bc05d4e093e4
1462Author: djm@openbsd.org <djm@openbsd.org>
1463Date:   Fri May 1 07:10:01 2015 +0000
1464
1465    upstream commit
1466
1467    refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
1468     to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
1469
1470    Improves error messages on TCP connection resets. bz#2257
1471
1472    ok dtucker@
1473
1474commit 9559d7de34c572d4d3fd990ca211f8ec99f62c4d
1475Author: djm@openbsd.org <djm@openbsd.org>
1476Date:   Fri May 1 07:08:08 2015 +0000
1477
1478    upstream commit
1479
1480    a couple of parse targets were missing activep checks,
1481     causing them to be misapplied in match context; bz#2272 diagnosis and
1482     original patch from Sami Hartikainen ok dtucker@
1483
1484commit 7e8528cad04b2775c3b7db08abf8fb42e47e6b2a
1485Author: djm@openbsd.org <djm@openbsd.org>
1486Date:   Fri May 1 04:17:51 2015 +0000
1487
1488    upstream commit
1489
1490    make handling of AuthorizedPrincipalsFile=none more
1491     consistent with other =none options; bz#2288 from Jakub Jelen; ok dtucker@
1492
1493commit ca430d4d9cc0f62eca3b1fb1e2928395b7ce80f7
1494Author: djm@openbsd.org <djm@openbsd.org>
1495Date:   Fri May 1 04:03:20 2015 +0000
1496
1497    upstream commit
1498
1499    remove failed remote forwards established by muliplexing
1500     from the list of active forwards; bz#2363, patch mostly by Yoann Ricordel; ok
1501     dtucker@
1502
1503commit 8312cfb8ad88657517b3e23ac8c56c8e38eb9792
1504Author: djm@openbsd.org <djm@openbsd.org>
1505Date:   Fri May 1 04:01:58 2015 +0000
1506
1507    upstream commit
1508
1509    reduce stderr spam when using ssh -S /path/mux -O forward
1510     -R 0:... ok dtucker@
1511
1512commit 179be0f5e62f1f492462571944e45a3da660d82b
1513Author: djm@openbsd.org <djm@openbsd.org>
1514Date:   Fri May 1 03:23:51 2015 +0000
1515
1516    upstream commit
1517
1518    prevent authorized_keys options picked up on public key
1519     tests without a corresponding private key authentication being applied to
1520     other authentication methods. Reported by halex@, ok markus@
1521
1522commit a42d67be65b719a430b7fcaba2a4e4118382723a
1523Author: djm@openbsd.org <djm@openbsd.org>
1524Date:   Fri May 1 03:20:54 2015 +0000
1525
1526    upstream commit
1527
1528    Don't make parsing of authorized_keys' environment=
1529     option conditional on PermitUserEnv - always parse it, but only use the
1530     result if the option is enabled. This prevents the syntax of authorized_keys
1531     changing depending on which sshd_config options were enabled.
1532
1533    bz#2329; based on patch from coladict AT gmail.com, ok dtucker@
1534
1535commit e661a86353e11592c7ed6a847e19a83609f49e77
1536Author: djm@openbsd.org <djm@openbsd.org>
1537Date:   Mon May 4 06:10:48 2015 +0000
1538
1539    upstream commit
1540
1541    Remove pattern length argument from match_pattern_list(), we
1542     only ever use it for strlen(pattern).
1543
1544    Prompted by hanno AT hboeck.de pointing an out-of-bound read
1545    error caused by an incorrect pattern length found using AFL
1546    and his own tools.
1547
1548    ok markus@
1549
1550commit 0ef1de742be2ee4b10381193fe90730925b7f027
1551Author: dtucker@openbsd.org <dtucker@openbsd.org>
1552Date:   Thu Apr 23 05:01:19 2015 +0000
1553
1554    upstream commit
1555
1556    Add a simple regression test for sshd's configuration
1557     parser.  Right now, all it does is run the output of sshd -T back through
1558     itself and ensure the output is valid and invariant.
1559
1560commit 368f83c793275faa2c52f60eaa9bdac155c4254b
1561Author: djm@openbsd.org <djm@openbsd.org>
1562Date:   Wed Apr 22 01:38:36 2015 +0000
1563
1564    upstream commit
1565
1566    use correct key for nested certificate test
1567
1568commit 8d4d1bfddbbd7d21f545dc6997081d1ea1fbc99a
1569Author: djm@openbsd.org <djm@openbsd.org>
1570Date:   Fri May 1 07:11:47 2015 +0000
1571
1572    upstream commit
1573
1574    mention that the user's shell from /etc/passwd is used
1575     for commands too; bz#1459 ok dtucker@
1576
1577commit 5ab283d0016bbc9d4d71e8e5284d011bc5a930cf
1578Author: djm@openbsd.org <djm@openbsd.org>
1579Date:   Fri May 8 07:29:00 2015 +0000
1580
1581    upstream commit
1582
1583    whitespace
1584
1585    Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519
1586
1587commit 8377d5008ad260048192e1e56ad7d15a56d103dd
1588Author: djm@openbsd.org <djm@openbsd.org>
1589Date:   Fri May 8 07:26:13 2015 +0000
1590
1591    upstream commit
1592
1593    whitespace at EOL
1594
1595    Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554
1596
1597commit c28a3436fa8737709ea88e4437f8f23a6ab50359
1598Author: djm@openbsd.org <djm@openbsd.org>
1599Date:   Fri May 8 06:45:13 2015 +0000
1600
1601    upstream commit
1602
1603    moar whitespace at eol
1604
1605    Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515
1606
1607commit 2b64c490468fd4ca35ac8d5cc31c0520dc1508bb
1608Author: djm@openbsd.org <djm@openbsd.org>
1609Date:   Fri May 8 06:41:56 2015 +0000
1610
1611    upstream commit
1612
1613    whitespace at EOL
1614
1615    Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c
1616
1617commit 4e636cf201ce6e7e3b9088568218f9d4e2c51712
1618Author: djm@openbsd.org <djm@openbsd.org>
1619Date:   Fri May 8 03:56:51 2015 +0000
1620
1621    upstream commit
1622
1623    whitespace at EOL
1624
1625commit 38b8272f823dc1dd4e29dbcee83943ed48bb12fa
1626Author: dtucker@openbsd.org <dtucker@openbsd.org>
1627Date:   Mon May 4 01:47:53 2015 +0000
1628
1629    upstream commit
1630
1631    Use diff w/out -u for better portability
1632
1633commit 297060f42d5189a4065ea1b6f0afdf6371fb0507
1634Author: dtucker@openbsd.org <dtucker@openbsd.org>
1635Date:   Fri May 8 03:25:07 2015 +0000
1636
1637    upstream commit
1638
1639    Use xcalloc for permitted_adm_opens instead of xmalloc to
1640     ensure it's zeroed. Fixes post-auth crash with permitopen=none.  bz#2355, ok
1641     djm@
1642
1643commit 63ebf019be863b2d90492a85e248cf55a6e87403
1644Author: djm@openbsd.org <djm@openbsd.org>
1645Date:   Fri May 8 03:17:49 2015 +0000
1646
1647    upstream commit
1648
1649    don't choke on new-format private keys encrypted with an
1650     AEAD cipher; bz#2366, patch from Ron Frederick; ok markus@
1651
1652commit f8484dac678ab3098ae522a5f03bb2530f822987
1653Author: dtucker@openbsd.org <dtucker@openbsd.org>
1654Date:   Wed May 6 05:45:17 2015 +0000
1655
1656    upstream commit
1657
1658    Clarify pseudo-terminal request behaviour and use
1659     "pseudo-terminal" consistently.  bz#1716, ok jmc@ "I like it" deraadt@.
1660
1661commit ea139507bef8bad26e86ed99a42c7233ad115c38
1662Author: dtucker@openbsd.org <dtucker@openbsd.org>
1663Date:   Wed May 6 04:07:18 2015 +0000
1664
1665    upstream commit
1666
1667    Blacklist DH-GEX for specific PuTTY versions known to
1668     send non-RFC4419 DH-GEX messages rather than all versions of PuTTY.
1669     According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX
1670     messages.  ok djm@
1671
1672commit b58234f00ee3872eb84f6e9e572a9a34e902e36e
1673Author: dtucker@openbsd.org <dtucker@openbsd.org>
1674Date:   Tue May 5 10:17:49 2015 +0000
1675
1676    upstream commit
1677
1678    WinSCP doesn't implement RFC4419 DH-GEX so flag it so we
1679     don't offer that KEX method.  ok markus@
1680
1681commit d5b1507a207253b39e810e91e68f9598691b7a29
1682Author: jsg@openbsd.org <jsg@openbsd.org>
1683Date:   Tue May 5 02:48:17 2015 +0000
1684
1685    upstream commit
1686
1687    use the sizeof the struct not the sizeof a pointer to the
1688     struct in ssh_digest_start()
1689
1690    This file is only used if ssh is built with OPENSSL=no
1691
1692    ok markus@
1693
1694commit a647b9b8e616c231594b2710c925d31b1b8afea3
1695Author: Darren Tucker <dtucker@zip.com.au>
1696Date:   Fri May 8 11:07:27 2015 +1000
1697
1698    Put brackets around mblen() compat constant.
1699
1700    This might help with the reported problem cross compiling for Android
1701    ("error: expected identifier or '(' before numeric constant") but
1702    shouldn't hurt in any case.
1703
1704commit d1680d36e17244d9af3843aeb5025cb8e40d6c07
1705Author: Darren Tucker <dtucker@zip.com.au>
1706Date:   Thu Apr 30 09:18:11 2015 +1000
1707
1708    xrealloc -> xreallocarray in portable code too.
1709
1710commit 531a57a3893f9fcd4aaaba8c312b612bbbcc021e
1711Author: dtucker@openbsd.org <dtucker@openbsd.org>
1712Date:   Wed Apr 29 03:48:56 2015 +0000
1713
1714    upstream commit
1715
1716    Allow ListenAddress, Port and AddressFamily in any
1717     order.  bz#68, ok djm@, jmc@ (for the man page bit).
1718
1719commit c1d5bcf1aaf1209af02f79e48ba1cbc76a87b56f
1720Author: jmc@openbsd.org <jmc@openbsd.org>
1721Date:   Tue Apr 28 13:47:38 2015 +0000
1722
1723    upstream commit
1724
1725    enviroment -> environment: apologies to darren for not
1726     spotting that first time round...
1727
1728commit 43beea053db191cac47c2cd8d3dc1930158aff1a
1729Author: dtucker@openbsd.org <dtucker@openbsd.org>
1730Date:   Tue Apr 28 10:25:15 2015 +0000
1731
1732    upstream commit
1733
1734    Fix typo in previous
1735
1736commit 85b96ef41374f3ddc9139581f87da09b2cd9199e
1737Author: dtucker@openbsd.org <dtucker@openbsd.org>
1738Date:   Tue Apr 28 10:17:58 2015 +0000
1739
1740    upstream commit
1741
1742    Document that the TERM environment variable is not
1743     subject to SendEnv and AcceptEnv.  bz#2386, based loosely on a patch from
1744     jjelen at redhat, help and ok jmc@
1745
1746commit 88a7c598a94ff53f76df228eeaae238d2d467565
1747Author: djm@openbsd.org <djm@openbsd.org>
1748Date:   Mon Apr 27 21:42:48 2015 +0000
1749
1750    upstream commit
1751
1752    Make sshd default to PermitRootLogin=no; ok deraadt@
1753     rpe@
1754
1755commit 734226b4480a6c736096c729fcf6f391400599c7
1756Author: djm@openbsd.org <djm@openbsd.org>
1757Date:   Mon Apr 27 01:52:30 2015 +0000
1758
1759    upstream commit
1760
1761    fix compilation with OPENSSL=no; ok dtucker@
1762
1763commit a4b9d2ce1eb7703eaf0809b0c8a82ded8aa4f1c6
1764Author: dtucker@openbsd.org <dtucker@openbsd.org>
1765Date:   Mon Apr 27 00:37:53 2015 +0000
1766
1767    upstream commit
1768
1769    Include stdio.h for FILE (used in sshkey.h) so it
1770     compiles with OPENSSL=no.
1771
1772commit dbcc652f4ca11fe04e5930c7ef18a219318c6cda
1773Author: djm@openbsd.org <djm@openbsd.org>
1774Date:   Mon Apr 27 00:21:21 2015 +0000
1775
1776    upstream commit
1777
1778    allow "sshd -f none" to skip reading the config file,
1779     much like "ssh -F none" does. ok dtucker
1780
1781commit b7ca276fca316c952f0b90f5adb1448c8481eedc
1782Author: jmc@openbsd.org <jmc@openbsd.org>
1783Date:   Fri Apr 24 06:26:49 2015 +0000
1784
1785    upstream commit
1786
1787    combine -Dd onto one line and update usage();
1788
1789commit 2ea974630d7017e4c7666d14d9dc939707613e96
1790Author: djm@openbsd.org <djm@openbsd.org>
1791Date:   Fri Apr 24 05:26:44 2015 +0000
1792
1793    upstream commit
1794
1795    add ssh-agent -D to leave ssh-agent in foreground
1796     without enabling debug mode; bz#2381 ok dtucker@
1797
1798commit 8ac2ffd7aa06042f6b924c87139f2fea5c5682f7
1799Author: deraadt@openbsd.org <deraadt@openbsd.org>
1800Date:   Fri Apr 24 01:36:24 2015 +0000
1801
1802    upstream commit
1803
1804    2*len -> use xreallocarray() ok djm
1805
1806commit 657a5fbc0d0aff309079ff8fb386f17e964963c2
1807Author: deraadt@openbsd.org <deraadt@openbsd.org>
1808Date:   Fri Apr 24 01:36:00 2015 +0000
1809
1810    upstream commit
1811
1812    rename xrealloc() to xreallocarray() since it follows
1813     that form. ok djm
1814
1815commit 1108ae242fdd2c304307b68ddf46aebe43ebffaa
1816Author: dtucker@openbsd.org <dtucker@openbsd.org>
1817Date:   Thu Apr 23 04:59:10 2015 +0000
1818
1819    upstream commit
1820
1821    Two small fixes for sshd -T: ListenAddress'es are added
1822     to a list head so reverse the order when printing them to ensure the
1823     behaviour remains the same, and print StreamLocalBindMask as octal with
1824     leading zero.  ok deraadt@
1825
1826commit bd902b8473e1168f19378d5d0ae68d0c203525df
1827Author: dtucker@openbsd.org <dtucker@openbsd.org>
1828Date:   Thu Apr 23 04:53:53 2015 +0000
1829
1830    upstream commit
1831
1832    Check for and reject missing arguments for
1833     VersionAddendum and ForceCommand. bz#2281, patch from plautrba at redhat com,
1834     ok djm@
1835
1836commit ca42c1758575e592239de1d5755140e054b91a0d
1837Author: djm@openbsd.org <djm@openbsd.org>
1838Date:   Wed Apr 22 01:24:01 2015 +0000
1839
1840    upstream commit
1841
1842    unknown certificate extensions are non-fatal, so don't
1843     fatal when they are encountered; bz#2387 reported by Bob Van Zant; ok
1844     dtucker@
1845
1846commit 39bfbf7caad231cc4bda6909fb1af0705bca04d8
1847Author: jsg@openbsd.org <jsg@openbsd.org>
1848Date:   Tue Apr 21 07:01:00 2015 +0000
1849
1850    upstream commit
1851
1852    Add back a backslash removed in rev 1.42 so
1853     KEX_SERVER_ENCRYPT will include aes again.
1854
1855    ok deraadt@
1856
1857commit 6b0d576bb87eca3efd2b309fcfe4edfefc289f9c
1858Author: djm@openbsd.org <djm@openbsd.org>
1859Date:   Fri Apr 17 13:32:09 2015 +0000
1860
1861    upstream commit
1862
1863    s/recommended/required/ that private keys be og-r this
1864     wording change was made a while ago but got accidentally reverted
1865
1866commit 44a8e7ce6f3ab4c2eb1ae49115c210b98e53c4df
1867Author: djm@openbsd.org <djm@openbsd.org>
1868Date:   Fri Apr 17 13:25:52 2015 +0000
1869
1870    upstream commit
1871
1872    don't try to cleanup NULL KEX proposals in
1873     kex_prop_free(); found by Jukka Taimisto and Markus Hietava
1874
1875commit 3038a191872d2882052306098c1810d14835e704
1876Author: djm@openbsd.org <djm@openbsd.org>
1877Date:   Fri Apr 17 13:19:22 2015 +0000
1878
1879    upstream commit
1880
1881    use error/logit/fatal instead of fprintf(stderr, ...)
1882     and exit(0), fix a few errors that were being printed to stdout instead of
1883     stderr and a few non-errors that were going to stderr instead of stdout
1884     bz#2325; ok dtucker
1885
1886commit a58be33cb6cd24441fa7e634db0e5babdd56f07f
1887Author: djm@openbsd.org <djm@openbsd.org>
1888Date:   Fri Apr 17 13:16:48 2015 +0000
1889
1890    upstream commit
1891
1892    debug log missing DISPLAY environment when X11
1893     forwarding requested; bz#1682 ok dtucker@
1894
1895commit 17d4d9d9fbc8fb80e322f94d95eecc604588a474
1896Author: djm@openbsd.org <djm@openbsd.org>
1897Date:   Fri Apr 17 04:32:31 2015 +0000
1898
1899    upstream commit
1900
1901    don't call record_login() in monitor when UseLogin is
1902     enabled; bz#278 reported by drk AT sgi.com; ok dtucker
1903
1904commit 40132ff87b6cbc3dc05fb5df2e9d8e3afa06aafd
1905Author: dtucker@openbsd.org <dtucker@openbsd.org>
1906Date:   Fri Apr 17 04:12:35 2015 +0000
1907
1908    upstream commit
1909
1910    Add some missing options to sshd -T and fix the output
1911     of VersionAddendum HostCertificate.  bz#2346, patch from jjelen at redhat
1912     com, ok djm.
1913
1914commit 6cc7cfa936afde2d829e56ee6528c7ea47a42441
1915Author: dtucker@openbsd.org <dtucker@openbsd.org>
1916Date:   Thu Apr 16 23:25:50 2015 +0000
1917
1918    upstream commit
1919
1920    Document "none" for PidFile XAuthLocation
1921     TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@
1922
1923commit 15fdfc9b1c6808b26bc54d4d61a38b54541763ed
1924Author: dtucker@openbsd.org <dtucker@openbsd.org>
1925Date:   Wed Apr 15 23:23:25 2015 +0000
1926
1927    upstream commit
1928
1929    Plug leak of address passed to logging.  bz#2373, patch
1930     from jjelen at redhat, ok markus@
1931
1932commit bb2289e2a47d465eaaaeff3dee2a6b7777b4c291
1933Author: dtucker@openbsd.org <dtucker@openbsd.org>
1934Date:   Tue Apr 14 04:17:03 2015 +0000
1935
1936    upstream commit
1937
1938    Output remote username in debug output since with Host
1939     and Match it's not always obvious what it will be.  bz#2368, ok djm@
1940
1941commit 70860b6d07461906730632f9758ff1b7c98c695a
1942Author: Darren Tucker <dtucker@zip.com.au>
1943Date:   Fri Apr 17 10:56:13 2015 +1000
1944
1945    Format UsePAM setting when using sshd -T.
1946
1947    Part of bz#2346, patch from jjelen at redhat com.
1948
1949commit ee15d9c9f0720f5a8b0b34e4b10ecf21f9824814
1950Author: Darren Tucker <dtucker@zip.com.au>
1951Date:   Fri Apr 17 10:40:23 2015 +1000
1952
1953    Wrap endian.h include inside ifdef (bz#2370).
1954
1955commit 408f4c2ad4a4c41baa7b9b2b7423d875abbfa70b
1956Author: Darren Tucker <dtucker@zip.com.au>
1957Date:   Fri Apr 17 09:39:58 2015 +1000
1958
1959    Look for '${host}-ar' before 'ar'.
1960
1961    This changes configure.ac to look for '${host}-ar' as set by
1962    AC_CANONICAL_HOST before looking for the unprefixed 'ar'.
1963    Useful when cross-compiling when all your binutils are prefixed.
1964
1965    Patch from moben at exherbo org via astrand at lysator liu se and
1966    bz#2352.
1967
1968commit 673a1c16ad078d41558247ce739fe812c960acc8
1969Author: Damien Miller <djm@google.com>
1970Date:   Thu Apr 16 11:40:20 2015 +1000
1971
1972    remove dependency on arpa/telnet.h
1973
1974commit 202d443eeda1829d336595a3cfc07827e49f45ed
1975Author: Darren Tucker <dtucker@zip.com.au>
1976Date:   Wed Apr 15 15:59:49 2015 +1000
1977
1978    Remove duplicate include of pwd.h.  bz#2337, patch from Mordy Ovits.
1979
1980commit 597986493412c499f2bc2209420cb195f97b3668
1981Author: Damien Miller <djm@google.com>
1982Date:   Thu Apr 9 10:14:48 2015 +1000
1983
1984    platform's with openpty don't need pty_release
1985
1986commit 318be28cda1fd9108f2e6f2f86b0b7589ba2aed0
1987Author: djm@openbsd.org <djm@openbsd.org>
1988Date:   Mon Apr 13 02:04:08 2015 +0000
1989
1990    upstream commit
1991
1992    deprecate ancient, pre-RFC4419 and undocumented
1993     SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message; ok markus@ deraadt@ "seems
1994     reasonable" dtucker@
1995
1996commit d8f391caef62378463a0e6b36f940170dadfe605
1997Author: dtucker@openbsd.org <dtucker@openbsd.org>
1998Date:   Fri Apr 10 05:16:50 2015 +0000
1999
2000    upstream commit
2001
2002    Don't send hostkey advertisments
2003     (hostkeys-00@openssh.com) to current versions of Tera Term as they can't
2004     handle them.  Newer versions should be OK.  Patch from Bryan Drewery and
2005     IWAMOTO Kouichi, ok djm@
2006
2007commit 2c2cfe1a1c97eb9a08cc9817fd0678209680c636
2008Author: djm@openbsd.org <djm@openbsd.org>
2009Date:   Fri Apr 10 00:08:55 2015 +0000
2010
2011    upstream commit
2012
2013    include port number if a non-default one has been
2014     specified; based on patch from Michael Handler
2015
2016commit 4492a4f222da4cf1e8eab12689196322e27b08c4
2017Author: djm@openbsd.org <djm@openbsd.org>
2018Date:   Tue Apr 7 23:00:42 2015 +0000
2019
2020    upstream commit
2021
2022    treat Protocol=1,2|2,1 as Protocol=2 when compiled
2023     without SSH1 support; ok dtucker@ millert@
2024
2025commit c265e2e6e932efc6d86f6cc885dea33637a67564
2026Author: miod@openbsd.org <miod@openbsd.org>
2027Date:   Sun Apr 5 15:43:43 2015 +0000
2028
2029    upstream commit
2030
2031    Do not use int for sig_atomic_t; spotted by
2032     christos@netbsd; ok markus@
2033
2034commit e7bf3a5eda6a1b02bef6096fed78527ee11e54cc
2035Author: Darren Tucker <dtucker@zip.com.au>
2036Date:   Tue Apr 7 10:48:04 2015 +1000
2037
2038    Use do{}while(0) for no-op functions.
2039
2040    From FreeBSD.
2041
2042commit bb99844abae2b6447272f79e7fa84134802eb4df
2043Author: Darren Tucker <dtucker@zip.com.au>
2044Date:   Tue Apr 7 10:47:15 2015 +1000
2045
2046    Wrap blf.h include in ifdef.  From FreeBSD.
2047
2048commit d9b9b43656091cf0ad55c122f08fadb07dad0abd
2049Author: Darren Tucker <dtucker@zip.com.au>
2050Date:   Tue Apr 7 09:10:00 2015 +1000
2051
2052    Fix misspellings of regress CONFOPTS env variables.
2053
2054    Patch from Bryan Drewery.
2055
2056commit 3f4ea3c9ab1d32d43c9222c4351f58ca11144156
2057Author: djm@openbsd.org <djm@openbsd.org>
2058Date:   Fri Apr 3 22:17:27 2015 +0000
2059
2060    upstream commit
2061
2062    correct return value in pubkey parsing, spotted by Ben Hawkes
2063     ok markus@
2064
2065commit 7da2be0cb9601ed25460c83aa4d44052b967ba0f
2066Author: djm@openbsd.org <djm@openbsd.org>
2067Date:   Tue Mar 31 22:59:01 2015 +0000
2068
2069    upstream commit
2070
2071    adapt to recent hostfile.c change: when parsing
2072     known_hosts without fully parsing the keys therein, hostkeys_foreach() will
2073     now correctly identify KEY_RSA1 keys; ok markus@ miod@
2074
2075commit 9e1777a0d1c706714b055811c12ab8cc21033e4a
2076Author: markus@openbsd.org <markus@openbsd.org>
2077Date:   Tue Mar 24 20:19:15 2015 +0000
2078
2079    upstream commit
2080
2081    use ${SSH} for -Q instead of installed ssh
2082
2083commit ce1b358ea414a2cc88e4430cd5a2ea7fecd9de57
2084Author: djm@openbsd.org <djm@openbsd.org>
2085Date:   Mon Mar 16 22:46:14 2015 +0000
2086
2087    upstream commit
2088
2089    make CLEANFILES clean up more of the tests' droppings
2090
2091commit 398f9ef192d820b67beba01ec234d66faca65775
2092Author: djm@openbsd.org <djm@openbsd.org>
2093Date:   Tue Mar 31 22:57:06 2015 +0000
2094
2095    upstream commit
2096
2097    downgrade error() for known_hosts parse errors to debug()
2098     to quiet warnings from ssh1 keys present when compiled !ssh1.
2099
2100    also identify ssh1 keys when scanning, even when compiled !ssh1
2101
2102    ok markus@ miod@
2103
2104commit 9a47ab80030a31f2d122b8fd95bd48c408b9fcd9
2105Author: djm@openbsd.org <djm@openbsd.org>
2106Date:   Tue Mar 31 22:55:50 2015 +0000
2107
2108    upstream commit
2109
2110    fd leak for !ssh1 case; found by unittests; ok markus@
2111
2112commit c9a0805a6280681901c270755a7cd630d7c5280e
2113Author: djm@openbsd.org <djm@openbsd.org>
2114Date:   Tue Mar 31 22:55:24 2015 +0000
2115
2116    upstream commit
2117
2118    don't fatal when a !ssh1 sshd is reexeced from a w/ssh1
2119     listener; reported by miod@; ok miod@ markus@
2120
2121commit 704d8c88988cae38fb755a6243b119731d223222
2122Author: tobias@openbsd.org <tobias@openbsd.org>
2123Date:   Tue Mar 31 11:06:49 2015 +0000
2124
2125    upstream commit
2126
2127    Comments are only supported for RSA1 keys. If a user
2128     tried to add one and entered his passphrase, explicitly clear it before exit.
2129     This is done in all other error paths, too.
2130
2131    ok djm
2132
2133commit 78de1673c05ea2c33e0d4a4b64ecb5186b6ea2e9
2134Author: jmc@openbsd.org <jmc@openbsd.org>
2135Date:   Mon Mar 30 18:28:37 2015 +0000
2136
2137    upstream commit
2138
2139    ssh-askpass(1) is the default, overridden by SSH_ASKPASS;
2140     diff originally from jiri b;
2141
2142commit 26e0bcf766fadb4a44fb6199386fb1dcab65ad00
2143Author: djm@openbsd.org <djm@openbsd.org>
2144Date:   Mon Mar 30 00:00:29 2015 +0000
2145
2146    upstream commit
2147
2148    fix uninitialised memory read when parsing a config file
2149     consisting of a single nul byte. Found by hanno AT hboeck.de using AFL; ok
2150     dtucker
2151
2152commit fecede00a76fbb33a349f5121c0b2f9fbc04a777
2153Author: markus@openbsd.org <markus@openbsd.org>
2154Date:   Thu Mar 26 19:32:19 2015 +0000
2155
2156    upstream commit
2157
2158    sigp and lenp are not optional in ssh_agent_sign(); ok
2159     djm@
2160
2161commit 1b0ef3813244c78669e6d4d54c624f600945327d
2162Author: naddy@openbsd.org <naddy@openbsd.org>
2163Date:   Thu Mar 26 12:32:38 2015 +0000
2164
2165    upstream commit
2166
2167    don't try to load .ssh/identity by default if SSH1 is
2168     disabled; ok markus@
2169
2170commit f9b78852379b74a2d14e6fc94fe52af30b7e9c31
2171Author: djm@openbsd.org <djm@openbsd.org>
2172Date:   Thu Mar 26 07:00:04 2015 +0000
2173
2174    upstream commit
2175
2176    ban all-zero curve25519 keys as recommended by latest
2177     CFRG curves draft; ok markus
2178
2179commit b8afbe2c1aaf573565e4da775261dfafc8b1ba9c
2180Author: djm@openbsd.org <djm@openbsd.org>
2181Date:   Thu Mar 26 06:59:28 2015 +0000
2182
2183    upstream commit
2184
2185    relax bits needed check to allow
2186     diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was
2187     selected as symmetric cipher; ok markus
2188
2189commit 47842f71e31da130555353c1d57a1e5a8937f1c0
2190Author: markus@openbsd.org <markus@openbsd.org>
2191Date:   Wed Mar 25 19:29:58 2015 +0000
2192
2193    upstream commit
2194
2195    ignore v1 errors on ssh-add -D; only try v2 keys on
2196     -l/-L (unless WITH_SSH1) ok djm@
2197
2198commit 5f57e77f91bf2230c09eca96eb5ecec39e5f2da6
2199Author: markus@openbsd.org <markus@openbsd.org>
2200Date:   Wed Mar 25 19:21:48 2015 +0000
2201
2202    upstream commit
2203
2204    unbreak ssh_agent_sign (lenp vs *lenp)
2205
2206commit 4daeb67181054f2a377677fac919ee8f9ed3490e
2207Author: markus@openbsd.org <markus@openbsd.org>
2208Date:   Tue Mar 24 20:10:08 2015 +0000
2209
2210    upstream commit
2211
2212    don't leak 'setp' on error; noted by Nicholas Lemonias;
2213     ok djm@
2214
2215commit 7d4f96f9de2a18af0d9fa75ea89a4990de0344f5
2216Author: markus@openbsd.org <markus@openbsd.org>
2217Date:   Tue Mar 24 20:09:11 2015 +0000
2218
2219    upstream commit
2220
2221    consistent check for NULL as noted by Nicholas
2222     Lemonias; ok djm@
2223
2224commit df100be51354e447d9345cf1ec22e6013c0eed50
2225Author: markus@openbsd.org <markus@openbsd.org>
2226Date:   Tue Mar 24 20:03:44 2015 +0000
2227
2228    upstream commit
2229
2230    correct fmt-string for size_t as noted by Nicholas
2231     Lemonias; ok djm@
2232
2233commit a22b9ef21285e81775732436f7c84a27bd3f71e0
2234Author: djm@openbsd.org <djm@openbsd.org>
2235Date:   Tue Mar 24 09:17:21 2015 +0000
2236
2237    upstream commit
2238
2239    promote chacha20-poly1305@openssh.com to be the default
2240     cipher; ok markus
2241
2242commit 2aa9da1a3b360cf7b13e96fe1521534b91501fb5
2243Author: djm@openbsd.org <djm@openbsd.org>
2244Date:   Tue Mar 24 01:29:19 2015 +0000
2245
2246    upstream commit
2247
2248    Compile-time disable SSH protocol 1. You can turn it
2249     back on using the Makefile.inc knob if you need it to talk to ancient
2250     devices.
2251
2252commit 53097b2022154edf96b4e8526af5666f979503f7
2253Author: djm@openbsd.org <djm@openbsd.org>
2254Date:   Tue Mar 24 01:11:12 2015 +0000
2255
2256    upstream commit
2257
2258    fix double-negative error message "ssh1 is not
2259     unsupported"
2260
2261commit 5c27e3b6ec2db711dfcd40e6359c0bcdd0b62ea9
2262Author: djm@openbsd.org <djm@openbsd.org>
2263Date:   Mon Mar 23 06:06:38 2015 +0000
2264
2265    upstream commit
2266
2267    for ssh-keygen -A, don't try (and fail) to generate ssh
2268     v.1 keys when compiled without SSH1 support RSA/DSA/ECDSA keys when compiled
2269     without OpenSSL based on patch by Mike Frysinger; bz#2369
2270
2271commit 725fd22a8c41db7de73a638539a5157b7e4424ae
2272Author: djm@openbsd.org <djm@openbsd.org>
2273Date:   Wed Mar 18 01:44:21 2015 +0000
2274
2275    upstream commit
2276
2277    KRL support doesn't need OpenSSL anymore, remove #ifdefs
2278     from around call
2279
2280commit b07011c18e0b2e172c5fd09d21fb159a0bf5fcc7
2281Author: djm@openbsd.org <djm@openbsd.org>
2282Date:   Mon Mar 16 11:09:52 2015 +0000
2283
2284    upstream commit
2285
2286    #if 0 some more arrays used only for decrypting (we don't
2287     use since we only need encrypt for AES-CTR)
2288
2289commit 1cb3016635898d287e9d58b50c430995652d5358
2290Author: jsg@openbsd.org <jsg@openbsd.org>
2291Date:   Wed Mar 11 00:48:39 2015 +0000
2292
2293    upstream commit
2294
2295    add back the changes from rev 1.206, djm reverted this by
2296     mistake in rev 1.207
2297
2298commit 4d24b3b6a4a6383e05e7da26d183b79fa8663697
2299Author: Damien Miller <djm@mindrot.org>
2300Date:   Fri Mar 20 09:11:59 2015 +1100
2301
2302    remove error() accidentally inserted for debugging
2303
2304    pointed out by Christian Hesse
2305
2306commit 9f82e5a9042f2d872e98f48a876fcab3e25dd9bb
2307Author: Tim Rice <tim@multitalents.net>
2308Date:   Mon Mar 16 22:49:20 2015 -0700
2309
2310    portability fix: Solaris systems may not have a grep that understands -q
2311
2312commit 8ef691f7d9ef500257a549d0906d78187490668f
2313Author: Damien Miller <djm@google.com>
2314Date:   Wed Mar 11 10:35:26 2015 +1100
2315
2316    fix compile with clang
2317
2318commit 4df590cf8dc799e8986268d62019b487a8ed63ad
2319Author: Damien Miller <djm@google.com>
2320Date:   Wed Mar 11 10:02:39 2015 +1100
2321
2322    make unit tests work for !OPENSSH_HAS_ECC
2323
2324commit 307bb40277ca2c32e97e61d70d1ed74b571fd6ba
2325Author: djm@openbsd.org <djm@openbsd.org>
2326Date:   Sat Mar 7 04:41:48 2015 +0000
2327
2328    upstream commit
2329
2330    unbreak for w/SSH1 (default) case; ok markus@ deraadt@
2331
2332commit b44ee0c998fb4c5f3c3281f2398af5ce42840b6f
2333Author: Damien Miller <djm@mindrot.org>
2334Date:   Thu Mar 5 18:39:20 2015 -0800
2335
2336    unbreak hostkeys test for w/ SSH1 case
2337
2338commit 55e5bdeb519cb60cc18b7ba0545be581fb8598b4
2339Author: djm@openbsd.org <djm@openbsd.org>
2340Date:   Fri Mar 6 01:40:56 2015 +0000
2341
2342    upstream commit
2343
2344    fix sshkey_certify() return value for unsupported key types;
2345     ok markus@ deraadt@
2346
2347commit be8f658e550a434eac04256bfbc4289457a24e99
2348Author: Damien Miller <djm@mindrot.org>
2349Date:   Wed Mar 4 15:38:03 2015 -0800
2350
2351    update version numbers to match version.h
2352
2353commit ac5e8acefa253eb5e5ba186e34236c0e8007afdc
2354Author: djm@openbsd.org <djm@openbsd.org>
2355Date:   Wed Mar 4 23:22:35 2015 +0000
2356
2357    upstream commit
2358
2359    make these work with !SSH1; ok markus@ deraadt@
2360
2361commit 2f04af92f036b0c87a23efb259c37da98cd81fe6
2362Author: djm@openbsd.org <djm@openbsd.org>
2363Date:   Wed Mar 4 21:12:59 2015 +0000
2364
2365    upstream commit
2366
2367    make ssh-add -D work with !SSH1 agent
2368
2369commit a05adf95d2af6abb2b7826ddaa7a0ec0cdc1726b
2370Author: Damien Miller <djm@mindrot.org>
2371Date:   Wed Mar 4 00:55:48 2015 -0800
2372
2373    netcat needs poll.h portability goop
2374
2375commit dad2b1892b4c1b7e58df483a8c5b983c4454e099
2376Author: markus@openbsd.org <markus@openbsd.org>
2377Date:   Tue Mar 3 22:35:19 2015 +0000
2378
2379    upstream commit
2380
2381    make it possible to run tests w/o ssh1 support; ok djm@
2382
2383commit d48a22601bdd3eec054794c535f4ae8d8ae4c6e2
2384Author: djm@openbsd.org <djm@openbsd.org>
2385Date:   Wed Mar 4 18:53:53 2015 +0000
2386
2387    upstream commit
2388
2389    crank; ok markus, deraadt
2390
2391commit bbffb23daa0b002dd9f296e396a9ab8a5866b339
2392Author: Damien Miller <djm@mindrot.org>
2393Date:   Tue Mar 3 13:50:27 2015 -0800
2394
2395    more --without-ssh1 fixes
2396
2397commit 6c2039286f503e2012a58a1d109e389016e7a99b
2398Author: Damien Miller <djm@mindrot.org>
2399Date:   Tue Mar 3 13:48:48 2015 -0800
2400
2401    fix merge both that broke --without-ssh1 compile
2402
2403commit 111dfb225478a76f89ecbcd31e96eaf1311b59d3
2404Author: djm@openbsd.org <djm@openbsd.org>
2405Date:   Tue Mar 3 21:21:13 2015 +0000
2406
2407    upstream commit
2408
2409    add SSH1 Makefile knob to make it easier to build without
2410     SSH1 support; ok markus@
2411
2412commit 3f7f5e6c5d2aa3f6710289c1a30119e534e56c5c
2413Author: djm@openbsd.org <djm@openbsd.org>
2414Date:   Tue Mar 3 20:42:49 2015 +0000
2415
2416    upstream commit
2417
2418    expand __unused to full __attribute__ for better portability
2419
2420commit 2fab9b0f8720baf990c931e3f68babb0bf9949c6
2421Author: Damien Miller <djm@mindrot.org>
2422Date:   Wed Mar 4 07:41:27 2015 +1100
2423
2424    avoid warning
2425
2426commit d1bc844322461f882b4fd2277ba9a8d4966573d2
2427Author: Damien Miller <djm@mindrot.org>
2428Date:   Wed Mar 4 06:31:45 2015 +1100
2429
2430    Revert "define __unused to nothing if not already defined"
2431
2432    This reverts commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908.
2433
2434    Some system headers have objects named __unused
2435
2436commit 00797e86b2d98334d1bb808f65fa1fd47f328ff1
2437Author: Damien Miller <djm@mindrot.org>
2438Date:   Wed Mar 4 05:02:45 2015 +1100
2439
2440    check for crypt and DES_crypt in openssl block
2441
2442    fixes builds on systems that use DES_crypt; based on patch
2443    from Roumen Petrov
2444
2445commit 1598419e38afbaa8aa5df8dd6b0af98301e2c908
2446Author: Damien Miller <djm@mindrot.org>
2447Date:   Wed Mar 4 04:59:13 2015 +1100
2448
2449    define __unused to nothing if not already defined
2450
2451    fixes builds on BSD/OS
2452
2453commit d608a51daad4f14ad6ab43d7cf74ef4801cc3fe9
2454Author: djm@openbsd.org <djm@openbsd.org>
2455Date:   Tue Mar 3 17:53:40 2015 +0000
2456
2457    upstream commit
2458
2459    reorder logic for better portability; patch from Roumen
2460     Petrov
2461
2462commit 68d2dfc464fbcdf8d6387884260f9801f4352393
2463Author: djm@openbsd.org <djm@openbsd.org>
2464Date:   Tue Mar 3 06:48:58 2015 +0000
2465
2466    upstream commit
2467
2468    Allow "ssh -Q protocol-version" to list supported SSH
2469     protocol versions. Useful for detecting builds without SSH v.1 support; idea
2470     and ok markus@
2471
2472commit 39e2f1229562e1195169905607bc12290d21f021
2473Author: millert@openbsd.org <millert@openbsd.org>
2474Date:   Sun Mar 1 15:44:40 2015 +0000
2475
2476    upstream commit
2477
2478    Make sure we only call getnameinfo() for AF_INET or AF_INET6
2479     sockets. getpeername() of a Unix domain socket may return without error on
2480     some systems without actually setting ss_family so getnameinfo() was getting
2481     called with ss_family set to AF_UNSPEC.  OK djm@
2482
2483commit e47536ba9692d271b8ad89078abdecf0a1c11707
2484Author: Damien Miller <djm@mindrot.org>
2485Date:   Sat Feb 28 08:20:11 2015 -0800
2486
2487    portability fixes for regress/netcat.c
2488
2489    Mostly avoiding "err(1, NULL)"
2490
2491commit 02973ad5f6f49d8420e50a392331432b0396c100
2492Author: Damien Miller <djm@mindrot.org>
2493Date:   Sat Feb 28 08:05:27 2015 -0800
2494
2495    twiddle another test for portability
2496
2497    from Tom G. Christensen
2498
2499commit f7f3116abf2a6e2f309ab096b08c58d19613e5d0
2500Author: Damien Miller <djm@mindrot.org>
2501Date:   Fri Feb 27 15:52:49 2015 -0800
2502
2503    twiddle test for portability
2504
2505commit 1ad3a77cc9d5568f5437ff99d377aa7a41859b83
2506Author: Damien Miller <djm@mindrot.org>
2507Date:   Thu Feb 26 20:33:22 2015 -0800
2508
2509    make regress/netcat.c fd passing (more) portable
2510
2511commit 9e1cfca7e1fe9cf8edb634fc894e43993e4da1ea
2512Author: Damien Miller <djm@mindrot.org>
2513Date:   Thu Feb 26 20:32:58 2015 -0800
2514
2515    create OBJ/valgrind-out before running unittests
2516
2517commit bd58853102cee739f0e115e6d4b5334332ab1442
2518Author: Damien Miller <djm@mindrot.org>
2519Date:   Wed Feb 25 16:58:22 2015 -0800
2520
2521    valgrind support
2522
2523commit f43d17269194761eded9e89f17456332f4c83824
2524Author: djm@openbsd.org <djm@openbsd.org>
2525Date:   Thu Feb 26 20:45:47 2015 +0000
2526
2527    upstream commit
2528
2529    don't printf NULL key comments; reported by Tom Christensen
2530
2531commit 6e6458b476ec854db33e3e68ebf4f489d0ab3df8
2532Author: djm@openbsd.org <djm@openbsd.org>
2533Date:   Wed Feb 25 23:05:47 2015 +0000
2534
2535    upstream commit
2536
2537    zero cmsgbuf before use; we initialise the bits we use
2538     but valgrind still spams warning on it
2539
2540commit a63cfa26864b93ab6afefad0b630e5358ed8edfa
2541Author: djm@openbsd.org <djm@openbsd.org>
2542Date:   Wed Feb 25 19:54:02 2015 +0000
2543
2544    upstream commit
2545
2546    fix small memory leak when UpdateHostkeys=no
2547
2548commit e6b950341dd75baa8526f1862bca39e52f5b879b
2549Author: Tim Rice <tim@multitalents.net>
2550Date:   Wed Feb 25 09:56:48 2015 -0800
2551
2552    Revert "Work around finicky USL linker so netcat will build."
2553
2554    This reverts commit d1db656021d0cd8c001a6692f772f1de29b67c8b.
2555
2556    No longer needed with commit 678e473e2af2e4802f24dd913985864d9ead7fb3
2557
2558commit 6f621603f9cff2a5d6016a404c96cb2f8ac2dec0
2559Author: djm@openbsd.org <djm@openbsd.org>
2560Date:   Wed Feb 25 17:29:38 2015 +0000
2561
2562    upstream commit
2563
2564    don't leak validity of user in "too many authentication
2565     failures" disconnect message; reported by Sebastian Reitenbach
2566
2567commit 6288e3a935494df12519164f52ca5c8c65fc3ca5
2568Author: naddy@openbsd.org <naddy@openbsd.org>
2569Date:   Tue Feb 24 15:24:05 2015 +0000
2570
2571    upstream commit
2572
2573    add -v (show ASCII art) to -l's synopsis; ok djm@
2574
2575commit 678e473e2af2e4802f24dd913985864d9ead7fb3
2576Author: Darren Tucker <dtucker@zip.com.au>
2577Date:   Thu Feb 26 04:12:58 2015 +1100
2578
2579    Remove dependency on xmalloc.
2580
2581    Remove ssh_get_progname's dependency on xmalloc, which should reduce
2582    link order problems.  ok djm@
2583
2584commit 5d5ec165c5b614b03678afdad881f10e25832e46
2585Author: Darren Tucker <dtucker@zip.com.au>
2586Date:   Wed Feb 25 15:32:49 2015 +1100
2587
2588    Restrict ECDSA and ECDH tests.
2589
2590    ifdef out some more ECDSA and ECDH tests when built against an OpenSSL
2591    that does not have eliptic curve functionality.
2592
2593commit 1734e276d99b17e92d4233fac7aef3a3180aaca7
2594Author: Darren Tucker <dtucker@zip.com.au>
2595Date:   Wed Feb 25 13:40:45 2015 +1100
2596
2597    Move definition of _NSIG.
2598
2599    _NSIG is only unsed in one file, so move it there prevent redefinition
2600    warnings reported by Kevin Brott.
2601
2602commit a47ead7c95cfbeb72721066c4da2312e5b1b9f3d
2603Author: Darren Tucker <dtucker@zip.com.au>
2604Date:   Wed Feb 25 13:17:40 2015 +1100
2605
2606    Add includes.h for compatibility stuff.
2607
2608commit 38806bda6d2e48ad32812b461eebe17672ada771
2609Author: Damien Miller <djm@mindrot.org>
2610Date:   Tue Feb 24 16:50:06 2015 -0800
2611
2612    include netdb.h to look for MAXHOSTNAMELEN; ok tim
2613
2614commit d1db656021d0cd8c001a6692f772f1de29b67c8b
2615Author: Tim Rice <tim@multitalents.net>
2616Date:   Tue Feb 24 10:42:08 2015 -0800
2617
2618    Work around finicky USL linker so netcat will build.
2619
2620commit cb030ce25f555737e8ba97bdd7883ac43f3ff2a3
2621Author: Damien Miller <djm@mindrot.org>
2622Date:   Tue Feb 24 09:23:04 2015 -0800
2623
2624    include includes.h to avoid build failure on AIX
2625
2626commit 13af342458f5064144abbb07e5ac9bbd4eb42567
2627Author: Tim Rice <tim@multitalents.net>
2628Date:   Tue Feb 24 07:56:47 2015 -0800
2629
2630    Original portability patch from djm@ for platforms missing err.h.
2631    Fix name space clash on Solaris 10. Still more to do for Solaris 10
2632    to deal with msghdr structure differences. ok djm@
2633
2634commit 910209203d0cd60c5083901cbcc0b7b44d9f48d2
2635Author: Tim Rice <tim@multitalents.net>
2636Date:   Mon Feb 23 22:06:56 2015 -0800
2637
2638    cleaner way fix dispatch.h portion of commit
2639    a88dd1da119052870bb2654c1a32c51971eade16
2640    (some systems have sig_atomic_t in signal.h, some in sys/signal.h)
2641    Sounds good to me djm@
2642
2643commit 676c38d7cbe65b76bbfff796861bb6615cc6a596
2644Author: Tim Rice <tim@multitalents.net>
2645Date:   Mon Feb 23 21:51:33 2015 -0800
2646
2647    portability fix: if we can't dind a better define for HOST_NAME_MAX, use 255
2648
2649commit 1221b22023dce38cbc90ba77eae4c5d78c77a5e6
2650Author: Tim Rice <tim@multitalents.net>
2651Date:   Mon Feb 23 21:50:34 2015 -0800
2652
2653    portablity fix: s/__inline__/inline/
2654
2655commit 4c356308a88d309c796325bb75dce90ca16591d5
2656Author: Darren Tucker <dtucker@zip.com.au>
2657Date:   Tue Feb 24 13:49:31 2015 +1100
2658
2659    Wrap stdint.h includes in HAVE_STDINT_H.
2660
2661commit c9c88355c6a27a908e7d1e5003a2b35ea99c1614
2662Author: Darren Tucker <dtucker@zip.com.au>
2663Date:   Tue Feb 24 13:43:57 2015 +1100
2664
2665    Add AI_NUMERICSERV to fake-rfc2553.
2666
2667    Our getaddrinfo implementation always returns numeric values already.
2668
2669commit ef342ab1ce6fb9a4b30186c89c309d0ae9d0eeb4
2670Author: Darren Tucker <dtucker@zip.com.au>
2671Date:   Tue Feb 24 13:39:57 2015 +1100
2672
2673    Include OpenSSL's objects.h before bn.h.
2674
2675    Prevents compile errors on some platforms (at least old GCCs and AIX's
2676    XLC compilers).
2677
2678commit dcc8997d116f615195aa7c9ec019fb36c28c6228
2679Author: Darren Tucker <dtucker@zip.com.au>
2680Date:   Tue Feb 24 12:30:59 2015 +1100
2681
2682    Convert two macros into functions.
2683
2684    Convert packet_send_debug and packet_disconnect from macros to
2685    functions.  Some older GCCs (2.7.x, 2.95.x) see to have problems with
2686    variadic macros with only one argument so we convert these two into
2687    functions.  ok djm@
2688
2689commit 2285c30d51b7e2052c6526445abe7e7cc7e170a1
2690Author: djm@openbsd.org <djm@openbsd.org>
2691Date:   Mon Feb 23 22:21:21 2015 +0000
2692
2693    upstream commit
2694
2695    further silence spurious error message even when -v is
2696     specified (e.g. to get visual host keys); reported by naddy@
2697
2698commit 9af21979c00652029e160295e988dea40758ece2
2699Author: Damien Miller <djm@mindrot.org>
2700Date:   Tue Feb 24 09:04:32 2015 +1100
2701
2702    don't include stdint.h unless HAVE_STDINT_H set
2703
2704commit 62f678dd51660d6f8aee1da33d3222c5de10a89e
2705Author: Damien Miller <djm@mindrot.org>
2706Date:   Tue Feb 24 09:02:54 2015 +1100
2707
2708    nother sys/queue.h -> sys-queue.h fix
2709
2710    spotted by Tom Christensen
2711
2712commit b3c19151cba2c0ed01b27f55de0d723ad07ca98f
2713Author: djm@openbsd.org <djm@openbsd.org>
2714Date:   Mon Feb 23 20:32:15 2015 +0000
2715
2716    upstream commit
2717
2718    fix a race condition by using a mux socket rather than an
2719     ineffectual wait statement
2720
2721commit a88dd1da119052870bb2654c1a32c51971eade16
2722Author: Damien Miller <djm@mindrot.org>
2723Date:   Tue Feb 24 06:30:29 2015 +1100
2724
2725    various include fixes for portable
2726
2727commit 5248429b5ec524d0a65507cff0cdd6e0cb99effd
2728Author: djm@openbsd.org <djm@openbsd.org>
2729Date:   Mon Feb 23 16:55:51 2015 +0000
2730
2731    upstream commit
2732
2733    add an XXX to remind me to improve sshkey_load_public
2734
2735commit e94e4b07ef2eaead38b085a60535df9981cdbcdb
2736Author: djm@openbsd.org <djm@openbsd.org>
2737Date:   Mon Feb 23 16:55:31 2015 +0000
2738
2739    upstream commit
2740
2741    silence a spurious error message when listing
2742     fingerprints for known_hosts; bz#2342
2743
2744commit f2293a65392b54ac721f66bc0b44462e8d1d81f8
2745Author: djm@openbsd.org <djm@openbsd.org>
2746Date:   Mon Feb 23 16:33:25 2015 +0000
2747
2748    upstream commit
2749
2750    fix setting/clearing of TTY raw mode around
2751     UpdateHostKeys=ask confirmation question; reported by Herb Goldman
2752
2753commit f2004cd1adf34492eae0a44b1ef84e0e31b06088
2754Author: Darren Tucker <dtucker@zip.com.au>
2755Date:   Mon Feb 23 05:04:21 2015 +1100
2756
2757    Repair for non-ECC OpenSSL.
2758
2759    Ifdef out the ECC parts when building with an OpenSSL that doesn't have
2760    it.
2761
2762commit 37f9220db8d1a52c75894c3de1e5f2ae5bd71b6f
2763Author: Darren Tucker <dtucker@zip.com.au>
2764Date:   Mon Feb 23 03:07:24 2015 +1100
2765
2766    Wrap stdint.h includes in ifdefs.
2767
2768commit f81f1bbc5b892c8614ea740b1f92735652eb43f0
2769Author: Tim Rice <tim@multitalents.net>
2770Date:   Sat Feb 21 18:12:10 2015 -0800
2771
2772    out of tree build fix
2773
2774commit 2e13a1e4d22f3b503c3bfc878562cc7386a1d1ae
2775Author: Tim Rice <tim@multitalents.net>
2776Date:   Sat Feb 21 18:08:51 2015 -0800
2777
2778    mkdir kex unit test directory so testing out of tree builds works
2779
2780commit 1797f49b1ba31e8700231cd6b1d512d80bb50d2c
2781Author: halex@openbsd.org <halex@openbsd.org>
2782Date:   Sat Feb 21 21:46:57 2015 +0000
2783
2784    upstream commit
2785
2786    make "ssh-add -d" properly remove a corresponding
2787     certificate, and also not whine and fail if there is none
2788
2789    ok djm@
2790
2791commit 7faaa32da83a609059d95dbfcb0649fdb04caaf6
2792Author: Damien Miller <djm@mindrot.org>
2793Date:   Sun Feb 22 07:57:27 2015 +1100
2794
2795    mkdir hostkey and bitmap unit test directories
2796
2797commit bd49da2ef197efac5e38f5399263a8b47990c538
2798Author: djm@openbsd.org <djm@openbsd.org>
2799Date:   Fri Feb 20 23:46:01 2015 +0000
2800
2801    upstream commit
2802
2803    sort options useable under Match case-insensitively; prodded
2804     jmc@
2805
2806commit 1a779a0dd6cd8b4a1a40ea33b5415ab8408128ac
2807Author: djm@openbsd.org <djm@openbsd.org>
2808Date:   Sat Feb 21 20:51:02 2015 +0000
2809
2810    upstream commit
2811
2812    correct paths to configuration files being written/updated;
2813     they live in $OBJ not cwd; some by Roumen Petrov
2814
2815commit 28ba006c1acddff992ae946d0bc0b500b531ba6b
2816Author: Darren Tucker <dtucker@zip.com.au>
2817Date:   Sat Feb 21 15:41:07 2015 +1100
2818
2819    More correct checking of HAVE_DECL_AI_NUMERICSERV.
2820
2821commit e50e8c97a9cecae1f28febccaa6ca5ab3bc10f54
2822Author: Darren Tucker <dtucker@zip.com.au>
2823Date:   Sat Feb 21 15:10:33 2015 +1100
2824
2825    Add null declaration of AI_NUMERICINFO.
2826
2827    Some platforms (older FreeBSD and DragonFly versions) do have
2828    getaddrinfo() but do not have AI_NUMERICINFO. so define it to zero
2829    in those cases.
2830
2831commit 18a208d6a460d707a45916db63a571e805f5db46
2832Author: djm@openbsd.org <djm@openbsd.org>
2833Date:   Fri Feb 20 22:40:32 2015 +0000
2834
2835    upstream commit
2836
2837    more options that are available under Match; bz#2353 reported
2838     by calestyo AT scientia.net
2839
2840commit 44732de06884238049f285f1455b2181baa7dc82
2841Author: djm@openbsd.org <djm@openbsd.org>
2842Date:   Fri Feb 20 22:17:21 2015 +0000
2843
2844    upstream commit
2845
2846    UpdateHostKeys fixes:
2847
2848    I accidentally changed the format of the hostkeys@openssh.com messages
2849    last week without changing the extension name, and this has been causing
2850    connection failures for people who are running -current. First reported
2851    by sthen@
2852
2853    s/hostkeys@openssh.com/hostkeys-00@openssh.com/
2854    Change the name of the proof message too, and reorder it a little.
2855
2856    Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
2857    available to read the response) so disable UpdateHostKeys if it is in
2858    ask mode and ControlPersist is active (and document this)
2859
2860commit 13a39414d25646f93e6d355521d832a03aaaffe2
2861Author: djm@openbsd.org <djm@openbsd.org>
2862Date:   Tue Feb 17 00:14:05 2015 +0000
2863
2864    upstream commit
2865
2866    Regression: I broke logging of public key fingerprints in
2867     1.46. Pointed out by Pontus Lundkvist
2868
2869commit 773dda25e828c4c9a52f7bdce6e1e5924157beab
2870Author: Damien Miller <djm@mindrot.org>
2871Date:   Fri Jan 30 23:10:17 2015 +1100
2872
2873    repair --without-openssl; broken in refactor
2874
2875commit e89c780886b23600de1e1c8d74aabd1ff61f43f0
2876Author: Damien Miller <djm@google.com>
2877Date:   Tue Feb 17 10:04:55 2015 +1100
2878
2879    hook up hostkeys unittest to portable Makefiles
2880
2881commit 0abf41f99aa16ff09b263bead242d6cb2dbbcf99
2882Author: djm@openbsd.org <djm@openbsd.org>
2883Date:   Mon Feb 16 22:21:03 2015 +0000
2884
2885    upstream commit
2886
2887    enable hostkeys unit tests
2888
2889commit 68a5d647ccf0fb6782b2f749433a1eee5bc9044b
2890Author: djm@openbsd.org <djm@openbsd.org>
2891Date:   Mon Feb 16 22:20:50 2015 +0000
2892
2893    upstream commit
2894
2895    check string/memory compare arguments aren't NULL
2896
2897commit ef575ef20d09f20722e26b45dab80b3620469687
2898Author: djm@openbsd.org <djm@openbsd.org>
2899Date:   Mon Feb 16 22:18:34 2015 +0000
2900
2901    upstream commit
2902
2903    unit tests for hostfile.c code, just hostkeys_foreach so
2904     far
2905
2906commit 8ea3365e6aa2759ccf5c76eaea62cbc8a280b0e7
2907Author: markus@openbsd.org <markus@openbsd.org>
2908Date:   Sat Feb 14 12:43:16 2015 +0000
2909
2910    upstream commit
2911
2912    test server rekey limit
2913
2914commit ce63c4b063c39b2b22d4ada449c9e3fbde788cb3
2915Author: djm@openbsd.org <djm@openbsd.org>
2916Date:   Mon Feb 16 22:30:03 2015 +0000
2917
2918    upstream commit
2919
2920    partial backout of:
2921
2922    revision 1.441
2923    date: 2015/01/31 20:30:05;  author: djm;  state: Exp;  lines: +17 -10;  commitid
2924    : x8klYPZMJSrVlt3O;
2925    Let sshd load public host keys even when private keys are missing.
2926    Allows sshd to advertise additional keys for future key rotation.
2927    Also log fingerprint of hostkeys loaded; ok markus@
2928
2929    hostkey updates now require access to the private key, so we can't
2930    load public keys only. The improved log messages (fingerprints of keys
2931    loaded) are kept.
2932
2933commit 523463a3a2a9bfc6cfc5afa01bae9147f76a37cc
2934Author: djm@openbsd.org <djm@openbsd.org>
2935Date:   Mon Feb 16 22:13:32 2015 +0000
2936
2937    upstream commit
2938
2939    Revise hostkeys@openssh.com hostkey learning extension.
2940
2941    The client will not ask the server to prove ownership of the private
2942    halves of any hitherto-unseen hostkeys it offers to the client.
2943
2944    Allow UpdateHostKeys option to take an 'ask' argument to let the
2945    user manually review keys offered.
2946
2947    ok markus@
2948
2949commit 6c5c949782d86a6e7d58006599c7685bfcd01685
2950Author: djm@openbsd.org <djm@openbsd.org>
2951Date:   Mon Feb 16 22:08:57 2015 +0000
2952
2953    upstream commit
2954
2955    Refactor hostkeys_foreach() and dependent code Deal with
2956     IP addresses (i.e. CheckHostIP) Don't clobber known_hosts when nothing
2957     changed ok markus@ as part of larger commit
2958
2959commit 51b082ccbe633dc970df1d1f4c9c0497115fe721
2960Author: miod@openbsd.org <miod@openbsd.org>
2961Date:   Mon Feb 16 18:26:26 2015 +0000
2962
2963    upstream commit
2964
2965    Declare ge25519_base as extern, to prevent it from
2966     becoming a common. Gets us rid of ``lignment 4 of symbol
2967     `crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in
2968     mod_ed25519.o'' warnings at link time.
2969
2970commit 02db468bf7e3281a8e3c058ced571b38b6407c34
2971Author: markus@openbsd.org <markus@openbsd.org>
2972Date:   Fri Feb 13 18:57:00 2015 +0000
2973
2974    upstream commit
2975
2976    make rekey_limit for sshd w/privsep work; ok djm@
2977     dtucker@
2978
2979commit 8ec67d505bd23c8bf9e17b7a364b563a07a58ec8
2980Author: dtucker@openbsd.org <dtucker@openbsd.org>
2981Date:   Thu Feb 12 20:34:19 2015 +0000
2982
2983    upstream commit
2984
2985    Prevent sshd spamming syslog with
2986     "ssh_dispatch_run_fatal: disconnected". ok markus@
2987
2988commit d4c0295d1afc342057ba358237acad6be8af480b
2989Author: djm@openbsd.org <djm@openbsd.org>
2990Date:   Wed Feb 11 01:20:38 2015 +0000
2991
2992    upstream commit
2993
2994    Some packet error messages show the address of the peer,
2995     but might be generated after the socket to the peer has suffered a TCP reset.
2996     In these cases, getpeername() won't work so cache the address earlier.
2997
2998    spotted in the wild via deraadt@ and tedu@
2999
3000commit 4af1709cf774475ce5d1bc3ddcc165f6c222897d
3001Author: jsg@openbsd.org <jsg@openbsd.org>
3002Date:   Mon Feb 9 23:22:37 2015 +0000
3003
3004    upstream commit
3005
3006    fix some leaks in error paths ok markus@
3007
3008commit fd36834871d06a03e1ff8d69e41992efa1bbf85f
3009Author: millert@openbsd.org <millert@openbsd.org>
3010Date:   Fri Feb 6 23:21:59 2015 +0000
3011
3012    upstream commit
3013
3014    SIZE_MAX is standard, we should be using it in preference to
3015     the obsolete SIZE_T_MAX.  OK miod@ beck@
3016
3017commit 1910a286d7771eab84c0b047f31c0a17505236fa
3018Author: millert@openbsd.org <millert@openbsd.org>
3019Date:   Thu Feb 5 12:59:57 2015 +0000
3020
3021    upstream commit
3022
3023    Include stdint.h, not limits.h to get SIZE_MAX.  OK guenther@
3024
3025commit ce4f59b2405845584f45e0b3214760eb0008c06c
3026Author: deraadt@openbsd.org <deraadt@openbsd.org>
3027Date:   Tue Feb 3 08:07:20 2015 +0000
3028
3029    upstream commit
3030
3031    missing ; djm and mlarkin really having great
3032     interactions recently
3033
3034commit 5d34aa94938abb12b877a25be51862757f25d54b
3035Author: halex@openbsd.org <halex@openbsd.org>
3036Date:   Tue Feb 3 00:34:14 2015 +0000
3037
3038    upstream commit
3039
3040    slightly extend the passphrase prompt if running with -c
3041     in order to give the user a chance to notice if unintentionally running
3042     without it
3043
3044    wording tweak and ok djm@
3045
3046commit cb3bde373e80902c7d5d0db429f85068d19b2918
3047Author: djm@openbsd.org <djm@openbsd.org>
3048Date:   Mon Feb 2 22:48:53 2015 +0000
3049
3050    upstream commit
3051
3052    handle PKCS#11 C_Login returning
3053     CKR_USER_ALREADY_LOGGED_IN; based on patch from Yuri Samoilenko; ok markus@
3054
3055commit 15ad750e5ec3cc69765b7eba1ce90060e7083399
3056Author: djm@openbsd.org <djm@openbsd.org>
3057Date:   Mon Feb 2 07:41:40 2015 +0000
3058
3059    upstream commit
3060
3061    turn UpdateHostkeys off by default until I figure out
3062     mlarkin@'s warning message; requested by deraadt@
3063
3064commit 3cd5103c1e1aaa59bd66f7f52f6ebbcd5deb12f9
3065Author: deraadt@openbsd.org <deraadt@openbsd.org>
3066Date:   Mon Feb 2 01:57:44 2015 +0000
3067
3068    upstream commit
3069
3070    increasing encounters with difficult DNS setups in
3071     darknets has convinced me UseDNS off by default is better ok djm
3072
3073commit 6049a548a8a68ff0bbe581ab1748ea6a59ecdc38
3074Author: djm@openbsd.org <djm@openbsd.org>
3075Date:   Sat Jan 31 20:30:05 2015 +0000
3076
3077    upstream commit
3078
3079    Let sshd load public host keys even when private keys are
3080     missing. Allows sshd to advertise additional keys for future key rotation.
3081     Also log fingerprint of hostkeys loaded; ok markus@
3082
3083commit 46347ed5968f582661e8a70a45f448e0179ca0ab
3084Author: djm@openbsd.org <djm@openbsd.org>
3085Date:   Fri Jan 30 11:43:14 2015 +0000
3086
3087    upstream commit
3088
3089    Add a ssh_config HostbasedKeyType option to control which
3090     host public key types are tried during hostbased authentication.
3091
3092    This may be used to prevent too many keys being sent to the server,
3093    and blowing past its MaxAuthTries limit.
3094
3095    bz#2211 based on patch by Iain Morgan; ok markus@
3096
3097commit 802660cb70453fa4d230cb0233bc1bbdf8328de1
3098Author: djm@openbsd.org <djm@openbsd.org>
3099Date:   Fri Jan 30 10:44:49 2015 +0000
3100
3101    upstream commit
3102
3103    set a timeout to prevent hangs when talking to busted
3104     servers; ok markus@
3105
3106commit 86936ec245a15c7abe71a0722610998b0a28b194
3107Author: djm@openbsd.org <djm@openbsd.org>
3108Date:   Fri Jan 30 01:11:39 2015 +0000
3109
3110    upstream commit
3111
3112    regression test for 'wildcard CA' serial/key ID revocations
3113
3114commit 4509b5d4a4fa645a022635bfa7e86d09b285001f
3115Author: djm@openbsd.org <djm@openbsd.org>
3116Date:   Fri Jan 30 01:13:33 2015 +0000
3117
3118    upstream commit
3119
3120    avoid more fatal/exit in the packet.c paths that
3121     ssh-keyscan uses; feedback and "looks good" markus@
3122
3123commit 669aee994348468af8b4b2ebd29b602cf2860b22
3124Author: djm@openbsd.org <djm@openbsd.org>
3125Date:   Fri Jan 30 01:10:33 2015 +0000
3126
3127    upstream commit
3128
3129    permit KRLs that revoke certificates by serial number or
3130     key ID without scoping to a particular CA; ok markus@
3131
3132commit 7a2c368477e26575d0866247d3313da4256cb2b5
3133Author: djm@openbsd.org <djm@openbsd.org>
3134Date:   Fri Jan 30 00:59:19 2015 +0000
3135
3136    upstream commit
3137
3138    missing parentheses after if in do_convert_from() broke
3139     private key conversion from other formats some time in 2010; bz#2345 reported
3140     by jjelen AT redhat.com
3141
3142commit 25f5f78d8bf5c22d9cea8b49de24ebeee648a355
3143Author: djm@openbsd.org <djm@openbsd.org>
3144Date:   Fri Jan 30 00:22:25 2015 +0000
3145
3146    upstream commit
3147
3148    fix ssh protocol 1, spotted by miod@
3149
3150commit 9ce86c926dfa6e0635161b035e3944e611cbccf0
3151Author: djm@openbsd.org <djm@openbsd.org>
3152Date:   Wed Jan 28 22:36:00 2015 +0000
3153
3154    upstream commit
3155
3156    update to new API (key_fingerprint => sshkey_fingerprint)
3157     check sshkey_fingerprint return values; ok markus
3158
3159commit 9125525c37bf73ad3ee4025520889d2ce9d10f29
3160Author: djm@openbsd.org <djm@openbsd.org>
3161Date:   Wed Jan 28 22:05:31 2015 +0000
3162
3163    upstream commit
3164
3165    avoid fatal() calls in packet code makes ssh-keyscan more
3166     reliable against server failures ok dtucker@ markus@
3167
3168commit fae7bbe544cba7a9e5e4ab47ff6faa3d978646eb
3169Author: djm@openbsd.org <djm@openbsd.org>
3170Date:   Wed Jan 28 21:15:47 2015 +0000
3171
3172    upstream commit
3173
3174    avoid fatal() calls in packet code makes ssh-keyscan more
3175     reliable against server failures ok dtucker@ markus@
3176
3177commit 1a3d14f6b44a494037c7deab485abe6496bf2c60
3178Author: djm@openbsd.org <djm@openbsd.org>
3179Date:   Wed Jan 28 11:07:25 2015 +0000
3180
3181    upstream commit
3182
3183    remove obsolete comment
3184
3185commit 80c25b7bc0a71d75c43a4575d9a1336f589eb639
3186Author: okan@openbsd.org <okan@openbsd.org>
3187Date:   Tue Jan 27 12:54:06 2015 +0000
3188
3189    upstream commit
3190
3191    Since r1.2 removed the use of PRI* macros, inttypes.h is
3192     no longer required.
3193
3194    ok djm@
3195
3196commit 69ff64f69615c2a21c97cb5878a0996c21423257
3197Author: Damien Miller <djm@mindrot.org>
3198Date:   Tue Jan 27 23:07:43 2015 +1100
3199
3200    compile on systems without TCP_MD5SIG (e.g. OSX)
3201
3202commit 358964f3082fb90b2ae15bcab07b6105cfad5a43
3203Author: Damien Miller <djm@mindrot.org>
3204Date:   Tue Jan 27 23:07:25 2015 +1100
3205
3206    use ssh-keygen under test rather than system's
3207
3208commit a2c95c1bf33ea53038324d1fdd774bc953f98236
3209Author: Damien Miller <djm@mindrot.org>
3210Date:   Tue Jan 27 23:06:59 2015 +1100
3211
3212    OSX lacks HOST_NAME_MAX, has _POSIX_HOST_NAME_MAX
3213
3214commit ade31d7b6f608a19b85bee29a7a00b1e636a2919
3215Author: Damien Miller <djm@mindrot.org>
3216Date:   Tue Jan 27 23:06:23 2015 +1100
3217
3218    these need active_state defined to link on OSX
3219
3220    temporary measure until active_state goes away entirely
3221
3222commit e56aa87502f22c5844918c10190e8b4f785f067b
3223Author: djm@openbsd.org <djm@openbsd.org>
3224Date:   Tue Jan 27 12:01:36 2015 +0000
3225
3226    upstream commit
3227
3228    use printf instead of echo -n to reduce diff against
3229     -portable
3230
3231commit 9f7637f56eddfaf62ce3c0af89c25480f2cf1068
3232Author: jmc@openbsd.org <jmc@openbsd.org>
3233Date:   Mon Jan 26 13:55:29 2015 +0000
3234
3235    upstream commit
3236
3237    sort previous;
3238
3239commit 3076ee7d530d5b16842fac7a6229706c7e5acd26
3240Author: djm@openbsd.org <djm@openbsd.org>
3241Date:   Mon Jan 26 13:36:53 2015 +0000
3242
3243    upstream commit
3244
3245    properly restore umask
3246
3247commit d411d395556b73ba1b9e451516a0bd6697c4b03d
3248Author: djm@openbsd.org <djm@openbsd.org>
3249Date:   Mon Jan 26 06:12:18 2015 +0000
3250
3251    upstream commit
3252
3253    regression test for host key rotation
3254
3255commit fe8a3a51699afbc6407a8fae59b73349d01e49f8
3256Author: djm@openbsd.org <djm@openbsd.org>
3257Date:   Mon Jan 26 06:11:28 2015 +0000
3258
3259    upstream commit
3260
3261    adapt to sshkey API tweaks
3262
3263commit 7dd355fb1f0038a3d5cdca57ebab4356c7a5b434
3264Author: miod@openbsd.org <miod@openbsd.org>
3265Date:   Sat Jan 24 10:39:21 2015 +0000
3266
3267    upstream commit
3268
3269    Move -lz late in the linker commandline for things to
3270     build on static arches.
3271
3272commit 0dad3b806fddb93c475b30853b9be1a25d673a33
3273Author: miod@openbsd.org <miod@openbsd.org>
3274Date:   Fri Jan 23 21:21:23 2015 +0000
3275
3276    upstream commit
3277
3278    -Wpointer-sign is supported by gcc 4 only.
3279
3280commit 2b3b1c1e4bd9577b6e780c255c278542ea66c098
3281Author: djm@openbsd.org <djm@openbsd.org>
3282Date:   Tue Jan 20 22:58:57 2015 +0000
3283
3284    upstream commit
3285
3286    use SUBDIR to recuse into unit tests; makes "make obj"
3287     actually work
3288
3289commit 1d1092bff8db27080155541212b420703f8b9c92
3290Author: djm@openbsd.org <djm@openbsd.org>
3291Date:   Mon Jan 26 12:16:36 2015 +0000
3292
3293    upstream commit
3294
3295    correct description of UpdateHostKeys in ssh_config.5 and
3296     add it to -o lists for ssh, scp and sftp; pointed out by jmc@
3297
3298commit 5104db7cbd6cdd9c5971f4358e74414862fc1022
3299Author: djm@openbsd.org <djm@openbsd.org>
3300Date:   Mon Jan 26 06:10:03 2015 +0000
3301
3302    upstream commit
3303
3304    correctly match ECDSA subtype (== curve) for
3305     offered/recevied host keys. Fixes connection-killing host key mismatches when
3306     a server offers multiple ECDSA keys with different curve type (an extremely
3307     unlikely configuration).
3308
3309    ok markus, "looks mechanical" deraadt@
3310
3311commit 8d4f87258f31cb6def9b3b55b6a7321d84728ff2
3312Author: djm@openbsd.org <djm@openbsd.org>
3313Date:   Mon Jan 26 03:04:45 2015 +0000
3314
3315    upstream commit
3316
3317    Host key rotation support.
3318
3319    Add a hostkeys@openssh.com protocol extension (global request) for
3320    a server to inform a client of all its available host key after
3321    authentication has completed. The client may record the keys in
3322    known_hosts, allowing it to upgrade to better host key algorithms
3323    and a server to gracefully rotate its keys.
3324
3325    The client side of this is controlled by a UpdateHostkeys config
3326    option (default on).
3327
3328    ok markus@
3329
3330commit 60b1825262b1f1e24fc72050b907189c92daf18e
3331Author: djm@openbsd.org <djm@openbsd.org>
3332Date:   Mon Jan 26 02:59:11 2015 +0000
3333
3334    upstream commit
3335
3336    small refactor and add some convenience functions; ok
3337     markus
3338
3339commit a5a3e3328ddce91e76f71ff479022d53e35c60c9
3340Author: jmc@openbsd.org <jmc@openbsd.org>
3341Date:   Thu Jan 22 21:00:42 2015 +0000
3342
3343    upstream commit
3344
3345    heirarchy -> hierarchy;
3346
3347commit dcff5810a11195c57e1b3343c0d6b6f2b9974c11
3348Author: deraadt@openbsd.org <deraadt@openbsd.org>
3349Date:   Thu Jan 22 20:24:41 2015 +0000
3350
3351    upstream commit
3352
3353    Provide a warning about chroot misuses (which sadly, seem
3354     to have become quite popular because shiny).  sshd cannot detect/manage/do
3355     anything about these cases, best we can do is warn in the right spot in the
3356     man page. ok markus
3357
3358commit 087266ec33c76fc8d54ac5a19efacf2f4a4ca076
3359Author: deraadt@openbsd.org <deraadt@openbsd.org>
3360Date:   Tue Jan 20 23:14:00 2015 +0000
3361
3362    upstream commit
3363
3364    Reduce use of <sys/param.h> and transition to <limits.h>
3365     throughout. ok djm markus
3366
3367commit 57e783c8ba2c0797f93977e83b2a8644a03065d8
3368Author: markus@openbsd.org <markus@openbsd.org>
3369Date:   Tue Jan 20 20:16:21 2015 +0000
3370
3371    upstream commit
3372
3373    kex_setup errors are fatal()
3374
3375commit 1d6424a6ff94633c221297ae8f42d54e12a20912
3376Author: djm@openbsd.org <djm@openbsd.org>
3377Date:   Tue Jan 20 08:02:33 2015 +0000
3378
3379    upstream commit
3380
3381    this test would accidentally delete agent.sh if run without
3382     obj/
3383
3384commit 12b5f50777203e12575f1b08568281e447249ed3
3385Author: djm@openbsd.org <djm@openbsd.org>
3386Date:   Tue Jan 20 07:56:44 2015 +0000
3387
3388    upstream commit
3389
3390    make this compile with KERBEROS5 enabled
3391
3392commit e2cc6bef08941256817d44d146115b3478586ad4
3393Author: djm@openbsd.org <djm@openbsd.org>
3394Date:   Tue Jan 20 07:55:33 2015 +0000
3395
3396    upstream commit
3397
3398    fix hostkeys in agent; ok markus@
3399
3400commit 1ca3e2155aa5d3801a7ae050f85c71f41fcb95b1
3401Author: Damien Miller <djm@mindrot.org>
3402Date:   Tue Jan 20 10:11:31 2015 +1100
3403
3404    fix kex test
3405
3406commit c78a578107c7e6dcf5d30a2f34cb6581bef14029
3407Author: markus@openbsd.org <markus@openbsd.org>
3408Date:   Mon Jan 19 20:45:25 2015 +0000
3409
3410    upstream commit
3411
3412    finally enable the KEX tests I wrote some years ago...
3413
3414commit 31821d7217e686667d04935aeec99e1fc4a46e7e
3415Author: markus@openbsd.org <markus@openbsd.org>
3416Date:   Mon Jan 19 20:42:31 2015 +0000
3417
3418    upstream commit
3419
3420    adapt to new error message (SSH_ERR_MAC_INVALID)
3421
3422commit d3716ca19e510e95d956ae14d5b367e364bff7f1
3423Author: djm@openbsd.org <djm@openbsd.org>
3424Date:   Mon Jan 19 17:31:13 2015 +0000
3425
3426    upstream commit
3427
3428    this test was broken in at least two ways, such that it
3429     wasn't checking that a KRL was not excluding valid keys
3430
3431commit 3f797653748e7c2b037dacb57574c01d9ef3b4d3
3432Author: markus@openbsd.org <markus@openbsd.org>
3433Date:   Mon Jan 19 20:32:39 2015 +0000
3434
3435    upstream commit
3436
3437    switch ssh-keyscan from setjmp to multiple ssh transport
3438     layer instances ok djm@
3439
3440commit f582f0e917bb0017b00944783cd5f408bf4b0b5e
3441Author: markus@openbsd.org <markus@openbsd.org>
3442Date:   Mon Jan 19 20:30:23 2015 +0000
3443
3444    upstream commit
3445
3446    add experimental api for packet layer; ok djm@
3447
3448commit 48b3b2ba75181f11fca7f327058a591f4426cade
3449Author: markus@openbsd.org <markus@openbsd.org>
3450Date:   Mon Jan 19 20:20:20 2015 +0000
3451
3452    upstream commit
3453
3454    store compat flags in struct ssh; ok djm@
3455
3456commit 57d10cbe861a235dd269c74fb2fe248469ecee9d
3457Author: markus@openbsd.org <markus@openbsd.org>
3458Date:   Mon Jan 19 20:16:15 2015 +0000
3459
3460    upstream commit
3461
3462    adapt kex to sshbuf and struct ssh; ok djm@
3463
3464commit 3fdc88a0def4f86aa88a5846ac079dc964c0546a
3465Author: markus@openbsd.org <markus@openbsd.org>
3466Date:   Mon Jan 19 20:07:45 2015 +0000
3467
3468    upstream commit
3469
3470    move dispatch to struct ssh; ok djm@
3471
3472commit 091c302829210c41e7f57c3f094c7b9c054306f0
3473Author: markus@openbsd.org <markus@openbsd.org>
3474Date:   Mon Jan 19 19:52:16 2015 +0000
3475
3476    upstream commit
3477
3478    update packet.c & isolate, introduce struct ssh a) switch
3479     packet.c to buffer api and isolate per-connection info into struct ssh b)
3480     (de)serialization of the state is moved from monitor to packet.c c) the old
3481     packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and
3482     integrated into packet.c with and ok djm@
3483
3484commit 4e62cc68ce4ba20245d208b252e74e91d3785b74
3485Author: djm@openbsd.org <djm@openbsd.org>
3486Date:   Mon Jan 19 17:35:48 2015 +0000
3487
3488    upstream commit
3489
3490    fix format strings in (disabled) debugging
3491
3492commit d85e06245907d49a2cd0cfa0abf59150ad616f42
3493Author: djm@openbsd.org <djm@openbsd.org>
3494Date:   Mon Jan 19 06:01:32 2015 +0000
3495
3496    upstream commit
3497
3498    be a bit more careful in these tests to ensure that
3499     known_hosts is clean
3500
3501commit 7947810eab5fe0ad311f32a48f4d4eb1f71be6cf
3502Author: djm@openbsd.org <djm@openbsd.org>
3503Date:   Sun Jan 18 22:00:18 2015 +0000
3504
3505    upstream commit
3506
3507    regression test for known_host file editing using
3508     ssh-keygen (-H / -R / -F) after hostkeys_foreach() change; feedback and ok
3509     markus@
3510
3511commit 3a2b09d147a565d8a47edf37491e149a02c0d3a3
3512Author: djm@openbsd.org <djm@openbsd.org>
3513Date:   Sun Jan 18 19:54:46 2015 +0000
3514
3515    upstream commit
3516
3517    more and better key tests
3518
3519    test signatures and verification
3520    test certificate generation
3521    flesh out nested cert test
3522
3523    removes most of the XXX todo markers
3524
3525commit 589e69fd82724cfc9738f128e4771da2e6405d0d
3526Author: djm@openbsd.org <djm@openbsd.org>
3527Date:   Sun Jan 18 19:53:58 2015 +0000
3528
3529    upstream commit
3530
3531    make the signature fuzzing test much more rigorous:
3532     ensure that the fuzzed input cases do not match the original (using new
3533     fuzz_matches_original() function) and check that the verification fails in
3534     each case
3535
3536commit 80603c0daa2538c349c1c152405580b164d5475f
3537Author: djm@openbsd.org <djm@openbsd.org>
3538Date:   Sun Jan 18 19:52:44 2015 +0000
3539
3540    upstream commit
3541
3542    add a fuzz_matches_original() function to the fuzzer to
3543     detect fuzz cases that are identical to the original data. Hacky
3544     implementation, but very useful when you need the fuzz to be different, e.g.
3545     when verifying signature
3546
3547commit 87d5495bd337e358ad69c524fcb9495208c0750b
3548Author: djm@openbsd.org <djm@openbsd.org>
3549Date:   Sun Jan 18 19:50:55 2015 +0000
3550
3551    upstream commit
3552
3553    better dumps from the fuzzer (shown on errors) -
3554     include the original data as well as the fuzzed copy.
3555
3556commit d59ec478c453a3fff05badbbfd96aa856364f2c2
3557Author: djm@openbsd.org <djm@openbsd.org>
3558Date:   Sun Jan 18 19:47:55 2015 +0000
3559
3560    upstream commit
3561
3562    enable hostkey-agent.sh test
3563
3564commit 26b3425170bf840e4b095e1c10bf25a0a3e3a105
3565Author: djm@openbsd.org <djm@openbsd.org>
3566Date:   Sat Jan 17 18:54:30 2015 +0000
3567
3568    upstream commit
3569
3570    unit test for hostkeys in ssh-agent
3571
3572commit 9e06a0fb23ec55d9223b26a45bb63c7649e2f2f2
3573Author: markus@openbsd.org <markus@openbsd.org>
3574Date:   Thu Jan 15 23:41:29 2015 +0000
3575
3576    upstream commit
3577
3578    add kex unit tests
3579
3580commit d2099dec6da21ae627f6289aedae6bc1d41a22ce
3581Author: deraadt@openbsd.org <deraadt@openbsd.org>
3582Date:   Mon Jan 19 00:32:54 2015 +0000
3583
3584    upstream commit
3585
3586    djm, your /usr/include tree is old
3587
3588commit 2b3c3c76c30dc5076fe09d590f5b26880f148a54
3589Author: djm@openbsd.org <djm@openbsd.org>
3590Date:   Sun Jan 18 21:51:19 2015 +0000
3591
3592    upstream commit
3593
3594    some feedback from markus@: comment hostkeys_foreach()
3595     context and avoid a member in it.
3596
3597commit cecb30bc2ba6d594366e657d664d5c494b6c8a7f
3598Author: djm@openbsd.org <djm@openbsd.org>
3599Date:   Sun Jan 18 21:49:42 2015 +0000
3600
3601    upstream commit
3602
3603    make ssh-keygen use hostkeys_foreach(). Removes some
3604     horrendous code; ok markus@
3605
3606commit ec3d065df3a9557ea96b02d061fd821a18c1a0b9
3607Author: djm@openbsd.org <djm@openbsd.org>
3608Date:   Sun Jan 18 21:48:09 2015 +0000
3609
3610    upstream commit
3611
3612    convert load_hostkeys() (hostkey ordering and
3613     known_host matching) to use the new hostkey_foreach() iterator; ok markus
3614
3615commit c29811cc480a260e42fd88849fc86a80c1e91038
3616Author: djm@openbsd.org <djm@openbsd.org>
3617Date:   Sun Jan 18 21:40:23 2015 +0000
3618
3619    upstream commit
3620
3621    introduce hostkeys_foreach() to allow iteration over a
3622     known_hosts file or controlled subset thereof. This will allow us to pull out
3623     some ugly and duplicated code, and will be used to implement hostkey rotation
3624     later.
3625
3626    feedback and ok markus
3627
3628commit f101d8291da01bbbfd6fb8c569cfd0cc61c0d346
3629Author: deraadt@openbsd.org <deraadt@openbsd.org>
3630Date:   Sun Jan 18 14:01:00 2015 +0000
3631
3632    upstream commit
3633
3634    string truncation due to sizeof(size) ok djm markus
3635
3636commit 35d6022b55b7969fc10c261cb6aa78cc4a5fcc41
3637Author: djm@openbsd.org <djm@openbsd.org>
3638Date:   Sun Jan 18 13:33:34 2015 +0000
3639
3640    upstream commit
3641
3642    avoid trailing ',' in host key algorithms
3643
3644commit 7efb455789a0cb76bdcdee91c6060a3dc8f5c007
3645Author: djm@openbsd.org <djm@openbsd.org>
3646Date:   Sun Jan 18 13:22:28 2015 +0000
3647
3648    upstream commit
3649
3650    infer key length correctly when user specified a fully-
3651     qualified key name instead of using the -b bits option; ok markus@
3652
3653commit 83f8ffa6a55ccd0ce9d8a205e3e7439ec18fedf5
3654Author: djm@openbsd.org <djm@openbsd.org>
3655Date:   Sat Jan 17 18:53:34 2015 +0000
3656
3657    upstream commit
3658
3659    fix hostkeys on ssh agent; found by unit test I'm about
3660     to commit
3661
3662commit 369d61f17657b814124268f99c033e4dc6e436c1
3663Author: schwarze@openbsd.org <schwarze@openbsd.org>
3664Date:   Fri Jan 16 16:20:23 2015 +0000
3665
3666    upstream commit
3667
3668    garbage collect empty .No macros mandoc warns about
3669
3670commit bb8b442d32dbdb8521d610e10d8b248d938bd747
3671Author: djm@openbsd.org <djm@openbsd.org>
3672Date:   Fri Jan 16 15:55:07 2015 +0000
3673
3674    upstream commit
3675
3676    regression: incorrect error message on
3677     otherwise-successful ssh-keygen -A. Reported by Dmitry Orlov, via deraadt@
3678
3679commit 9010902954a40b59d0bf3df3ccbc3140a653e2bc
3680Author: djm@openbsd.org <djm@openbsd.org>
3681Date:   Fri Jan 16 07:19:48 2015 +0000
3682
3683    upstream commit
3684
3685    when hostname canonicalisation is enabled, try to parse
3686     hostnames as addresses before looking them up for canonicalisation. fixes
3687     bz#2074 and avoids needless DNS lookups in some cases; ok markus
3688
3689commit 2ae4f337b2a5fb2841b6b0053b49496fef844d1c
3690Author: deraadt@openbsd.org <deraadt@openbsd.org>
3691Date:   Fri Jan 16 06:40:12 2015 +0000
3692
3693    upstream commit
3694
3695    Replace <sys/param.h> with <limits.h> and other less
3696     dirty headers where possible.  Annotate <sys/param.h> lines with their
3697     current reasons.  Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1,
3698     LOGIN_NAME_MAX, etc.  Change MIN() and MAX() to local definitions of
3699     MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution.
3700     These are the files confirmed through binary verification. ok guenther,
3701     millert, doug (helped with the verification protocol)
3702
3703commit 3c4726f4c24118e8f1bb80bf75f1456c76df072c
3704Author: markus@openbsd.org <markus@openbsd.org>
3705Date:   Thu Jan 15 21:38:50 2015 +0000
3706
3707    upstream commit
3708
3709    remove xmalloc, switch to sshbuf
3710
3711commit e17ac01f8b763e4b83976b9e521e90a280acc097
3712Author: markus@openbsd.org <markus@openbsd.org>
3713Date:   Thu Jan 15 21:37:14 2015 +0000
3714
3715    upstream commit
3716
3717    switch to sshbuf
3718
3719commit ddef9995a1fa6c7a8ff3b38bfe6cf724bebf13d0
3720Author: naddy@openbsd.org <naddy@openbsd.org>
3721Date:   Thu Jan 15 18:32:54 2015 +0000
3722
3723    upstream commit
3724
3725    handle UMAC128 initialization like UMAC; ok djm@ markus@
3726
3727commit f14564c1f7792446bca143580aef0e7ac25dcdae
3728Author: djm@openbsd.org <djm@openbsd.org>
3729Date:   Thu Jan 15 11:04:36 2015 +0000
3730
3731    upstream commit
3732
3733    fix regression reported by brad@ for passworded keys without
3734     agent present
3735
3736commit 45c0fd70bb2a88061319dfff20cb12ef7b1bc47e
3737Author: Damien Miller <djm@mindrot.org>
3738Date:   Thu Jan 15 22:08:23 2015 +1100
3739
3740    make bitmap test compile
3741
3742commit d333f89abf7179021e5c3f28673f469abe032062
3743Author: djm@openbsd.org <djm@openbsd.org>
3744Date:   Thu Jan 15 07:36:28 2015 +0000
3745
3746    upstream commit
3747
3748    unit tests for KRL bitmap
3749
3750commit 7613f828f49c55ff356007ae9645038ab6682556
3751Author: markus@openbsd.org <markus@openbsd.org>
3752Date:   Wed Jan 14 09:58:21 2015 +0000
3753
3754    upstream commit
3755
3756    re-add comment about full path
3757
3758commit 6c43b48b307c41cd656b415621a644074579a578
3759Author: markus@openbsd.org <markus@openbsd.org>
3760Date:   Wed Jan 14 09:54:38 2015 +0000
3761
3762    upstream commit
3763
3764    don't reset  to the installed sshd; connect before
3765     reconfigure, too
3766
3767commit 771bb47a1df8b69061f09462e78aa0b66cd594bf
3768Author: djm@openbsd.org <djm@openbsd.org>
3769Date:   Tue Jan 13 14:51:51 2015 +0000
3770
3771    upstream commit
3772
3773    implement a SIGINFO handler so we can discern a stuck
3774     fuzz test from a merely glacial one; prompted by and ok markus
3775
3776commit cfaa57962f8536f3cf0fd7daf4d6a55d6f6de45f
3777Author: djm@openbsd.org <djm@openbsd.org>
3778Date:   Tue Jan 13 08:23:26 2015 +0000
3779
3780    upstream commit
3781
3782    use $SSH instead of installed ssh to allow override;
3783     spotted by markus@
3784
3785commit 0920553d0aee117a596b03ed5b49b280d34a32c5
3786Author: djm@openbsd.org <djm@openbsd.org>
3787Date:   Tue Jan 13 07:49:49 2015 +0000
3788
3789    upstream commit
3790
3791    regress test for PubkeyAcceptedKeyTypes; ok markus@
3792
3793commit 27ca1a5c0095eda151934bca39a77e391f875d17
3794Author: markus@openbsd.org <markus@openbsd.org>
3795Date:   Mon Jan 12 20:13:27 2015 +0000
3796
3797    upstream commit
3798
3799    unbreak parsing of pubkey comments; with gerhard; ok
3800     djm/deraadt
3801
3802commit 55358f0b4e0b83bc0df81c5f854c91b11e0bb4dc
3803Author: djm@openbsd.org <djm@openbsd.org>
3804Date:   Mon Jan 12 11:46:32 2015 +0000
3805
3806    upstream commit
3807
3808    fatal if soft-PKCS11 library is missing rather (rather
3809     than continue and fail with a more cryptic error)
3810
3811commit c3554cdd2a1a62434b8161017aa76fa09718a003
3812Author: djm@openbsd.org <djm@openbsd.org>
3813Date:   Mon Jan 12 11:12:38 2015 +0000
3814
3815    upstream commit
3816
3817    let this test all supporte key types; pointed out/ok
3818     markus@
3819
3820commit 1129dcfc5a3e508635004bcc05a3574cb7687167
3821Author: djm@openbsd.org <djm@openbsd.org>
3822Date:   Thu Jan 15 09:40:00 2015 +0000
3823
3824    upstream commit
3825
3826    sync ssh-keysign, ssh-keygen and some dependencies to the
3827     new buffer/key API; mostly mechanical, ok markus@
3828
3829commit e4ebf5586452bf512da662ac277aaf6ecf0efe7c
3830Author: djm@openbsd.org <djm@openbsd.org>
3831Date:   Thu Jan 15 07:57:08 2015 +0000
3832
3833    upstream commit
3834
3835    remove commented-out test code now that it has moved to a
3836     proper unit test
3837
3838commit e81cba066c1e9eb70aba0f6e7c0ff220611b370f
3839Author: djm@openbsd.org <djm@openbsd.org>
3840Date:   Wed Jan 14 20:54:29 2015 +0000
3841
3842    upstream commit
3843
3844    whitespace
3845
3846commit 141efe49542f7156cdbc2e4cd0a041d8b1aab622
3847Author: djm@openbsd.org <djm@openbsd.org>
3848Date:   Wed Jan 14 20:05:27 2015 +0000
3849
3850    upstream commit
3851
3852    move authfd.c and its tentacles to the new buffer/key
3853     API; ok markus@
3854
3855commit 0088c57af302cda278bd26d8c3ae81d5b6f7c289
3856Author: djm@openbsd.org <djm@openbsd.org>
3857Date:   Wed Jan 14 19:33:41 2015 +0000
3858
3859    upstream commit
3860
3861    fix small regression: ssh-agent would return a success
3862     message but an empty signature if asked to sign using an unknown key; ok
3863     markus@
3864
3865commit b03ebe2c22b8166e4f64c37737f4278676e3488d
3866Author: Damien Miller <djm@mindrot.org>
3867Date:   Thu Jan 15 03:08:58 2015 +1100
3868
3869    more --without-openssl
3870
3871    fix some regressions caused by upstream merges
3872
3873    enable KRLs now that they no longer require BIGNUMs
3874
3875commit bc42cc6fe784f36df225c44c93b74830027cb5a2
3876Author: Damien Miller <djm@mindrot.org>
3877Date:   Thu Jan 15 03:08:29 2015 +1100
3878
3879    kludge around tun API mismatch betterer
3880
3881commit c332110291089b624fa0951fbf2d1ee6de525b9f
3882Author: Damien Miller <djm@mindrot.org>
3883Date:   Thu Jan 15 02:59:51 2015 +1100
3884
3885    some systems lack SO_REUSEPORT
3886
3887commit 83b9678a62cbdc74eb2031cf1e1e4ffd58e233ae
3888Author: Damien Miller <djm@mindrot.org>
3889Date:   Thu Jan 15 02:35:50 2015 +1100
3890
3891    fix merge botch
3892
3893commit 0cdc5a3eb6fb383569a4da2a30705d9b90428d6b
3894Author: Damien Miller <djm@mindrot.org>
3895Date:   Thu Jan 15 02:35:33 2015 +1100
3896
3897    unbreak across API change
3898
3899commit 6e2549ac2b5e7f96cbc2d83a6e0784b120444b47
3900Author: Damien Miller <djm@mindrot.org>
3901Date:   Thu Jan 15 02:30:18 2015 +1100
3902
3903    need includes.h for portable OpenSSH
3904
3905commit 72ef7c148c42db7d5632a29f137f8b87b579f2d9
3906Author: Damien Miller <djm@mindrot.org>
3907Date:   Thu Jan 15 02:21:31 2015 +1100
3908
3909    support --without-openssl at configure time
3910
3911    Disables and removes dependency on OpenSSL. Many features don't
3912    work and the set of crypto options is greatly restricted. This
3913    will only work on system with native arc4random or /dev/urandom.
3914
3915    Considered highly experimental for now.
3916
3917commit 4f38c61c68ae7e3f9ee4b3c38bc86cd39f65ece9
3918Author: Damien Miller <djm@mindrot.org>
3919Date:   Thu Jan 15 02:28:00 2015 +1100
3920
3921    add files missed in last commit
3922
3923commit a165bab605f7be55940bb8fae977398e8c96a46d
3924Author: djm@openbsd.org <djm@openbsd.org>
3925Date:   Wed Jan 14 15:02:39 2015 +0000
3926
3927    upstream commit
3928
3929    avoid BIGNUM in KRL code by using a simple bitmap;
3930     feedback and ok markus
3931
3932commit 7d845f4a0b7ec97887be204c3760e44de8bf1f32
3933Author: djm@openbsd.org <djm@openbsd.org>
3934Date:   Wed Jan 14 13:54:13 2015 +0000
3935
3936    upstream commit
3937
3938    update sftp client and server to new buffer API. pretty
3939     much just mechanical changes; with & ok markus
3940
3941commit 139ca81866ec1b219c717d17061e5e7ad1059e2a
3942Author: markus@openbsd.org <markus@openbsd.org>
3943Date:   Wed Jan 14 13:09:09 2015 +0000
3944
3945    upstream commit
3946
3947    switch to sshbuf/sshkey; with & ok djm@
3948
3949commit 81bfbd0bd35683de5d7f2238b985e5f8150a9180
3950Author: Damien Miller <djm@mindrot.org>
3951Date:   Wed Jan 14 21:48:18 2015 +1100
3952
3953    support --without-openssl at configure time
3954
3955    Disables and removes dependency on OpenSSL. Many features don't
3956    work and the set of crypto options is greatly restricted. This
3957    will only work on system with native arc4random or /dev/urandom.
3958
3959    Considered highly experimental for now.
3960
3961commit 54924b53af15ccdcbb9f89984512b5efef641a31
3962Author: djm@openbsd.org <djm@openbsd.org>
3963Date:   Wed Jan 14 10:46:28 2015 +0000
3964
3965    upstream commit
3966
3967    avoid an warning for the !OPENSSL case
3968
3969commit ae8b463217f7c9b66655bfc3945c050ffdaeb861
3970Author: markus@openbsd.org <markus@openbsd.org>
3971Date:   Wed Jan 14 10:30:34 2015 +0000
3972
3973    upstream commit
3974
3975    swith auth-options to new sshbuf/sshkey; ok djm@
3976
3977commit 540e891191b98b89ee90aacf5b14a4a68635e763
3978Author: djm@openbsd.org <djm@openbsd.org>
3979Date:   Wed Jan 14 10:29:45 2015 +0000
3980
3981    upstream commit
3982
3983    make non-OpenSSL aes-ctr work on sshd w/ privsep; ok
3984     markus@
3985
3986commit 60c2c4ea5e1ad0ddfe8b2877b78ed5143be79c53
3987Author: markus@openbsd.org <markus@openbsd.org>
3988Date:   Wed Jan 14 10:24:42 2015 +0000
3989
3990    upstream commit
3991
3992    remove unneeded includes, sync my copyright across files
3993     & whitespace; ok djm@
3994
3995commit 128343bcdb0b60fc826f2733df8cf979ec1627b4
3996Author: markus@openbsd.org <markus@openbsd.org>
3997Date:   Tue Jan 13 19:31:40 2015 +0000
3998
3999    upstream commit
4000
4001    adapt mac.c to ssherr.h return codes (de-fatal) and
4002     simplify dependencies ok djm@
4003
4004commit e7fd952f4ea01f09ceb068721a5431ac2fd416ed
4005Author: djm@openbsd.org <djm@openbsd.org>
4006Date:   Tue Jan 13 19:04:35 2015 +0000
4007
4008    upstream commit
4009
4010    sync changes from libopenssh; prepared by markus@ mostly
4011     debug output tweaks, a couple of error return value changes and some other
4012     minor stuff
4013
4014commit 76c0480a85675f03a1376167cb686abed01a3583
4015Author: Damien Miller <djm@mindrot.org>
4016Date:   Tue Jan 13 19:38:18 2015 +1100
4017
4018    add --without-ssh1 option to configure
4019
4020    Allows disabling support for SSH protocol 1.
4021
4022commit 1f729f0614d1376c3332fa1edb6a5e5cec7e9e03
4023Author: djm@openbsd.org <djm@openbsd.org>
4024Date:   Tue Jan 13 07:39:19 2015 +0000
4025
4026    upstream commit
4027
4028    add sshd_config HostbasedAcceptedKeyTypes and
4029     PubkeyAcceptedKeyTypes options to allow sshd to control what public key types
4030     will be accepted. Currently defaults to all. Feedback & ok markus@
4031
4032commit 816d1538c24209a93ba0560b27c4fda57c3fff65
4033Author: markus@openbsd.org <markus@openbsd.org>
4034Date:   Mon Jan 12 20:13:27 2015 +0000
4035
4036    upstream commit
4037
4038    unbreak parsing of pubkey comments; with gerhard; ok
4039     djm/deraadt
4040
4041commit 0097565f849851812df610b7b6b3c4bd414f6c62
4042Author: markus@openbsd.org <markus@openbsd.org>
4043Date:   Mon Jan 12 19:22:46 2015 +0000
4044
4045    upstream commit
4046
4047    missing error assigment on sshbuf_put_string()
4048
4049commit a7f49dcb527dd17877fcb8d5c3a9a6f550e0bba5
4050Author: djm@openbsd.org <djm@openbsd.org>
4051Date:   Mon Jan 12 15:18:07 2015 +0000
4052
4053    upstream commit
4054
4055    apparently memcpy(x, NULL, 0) is undefined behaviour
4056     according to C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls
4057     when length==0; ok markus@
4058
4059commit 905fe30fca82f38213763616d0d26eb6790bde33
4060Author: markus@openbsd.org <markus@openbsd.org>
4061Date:   Mon Jan 12 14:05:19 2015 +0000
4062
4063    upstream commit
4064
4065    free->sshkey_free; ok djm@
4066
4067commit f067cca2bc20c86b110174c3fef04086a7f57b13
4068Author: markus@openbsd.org <markus@openbsd.org>
4069Date:   Mon Jan 12 13:29:27 2015 +0000
4070
4071    upstream commit
4072
4073    allow WITH_OPENSSL w/o WITH_SSH1; ok djm@
4074
4075commit c4bfafcc2a9300d9cfb3c15e75572d3a7d74670d
4076Author: djm@openbsd.org <djm@openbsd.org>
4077Date:   Thu Jan 8 13:10:58 2015 +0000
4078
4079    upstream commit
4080
4081    adjust for sshkey_load_file() API change
4082
4083commit e752c6d547036c602b89e9e704851463bd160e32
4084Author: djm@openbsd.org <djm@openbsd.org>
4085Date:   Thu Jan 8 13:44:36 2015 +0000
4086
4087    upstream commit
4088
4089    fix ssh_config FingerprintHash evaluation order; from Petr
4090     Lautrbach
4091
4092commit ab24ab847b0fc94c8d5e419feecff0bcb6d6d1bf
4093Author: djm@openbsd.org <djm@openbsd.org>
4094Date:   Thu Jan 8 10:15:45 2015 +0000
4095
4096    upstream commit
4097
4098    reorder hostbased key attempts to better match the
4099     default hostkey algorithms order in myproposal.h; ok markus@
4100
4101commit 1195f4cb07ef4b0405c839293c38600b3e9bdb46
4102Author: djm@openbsd.org <djm@openbsd.org>
4103Date:   Thu Jan 8 10:14:08 2015 +0000
4104
4105    upstream commit
4106
4107    deprecate key_load_private_pem() and
4108     sshkey_load_private_pem() interfaces. Refactor the generic key loading API to
4109     not require pathnames to be specified (they weren't really used).
4110
4111    Fixes a few other things en passant:
4112
4113    Makes ed25519 keys work for hostbased authentication (ssh-keysign
4114    previously used the PEM-only routines).
4115
4116    Fixes key comment regression bz#2306: key pathnames were being lost as
4117    comment fields.
4118
4119    ok markus@
4120
4121commit febbe09e4e9aff579b0c5cc1623f756862e4757d
4122Author: tedu@openbsd.org <tedu@openbsd.org>
4123Date:   Wed Jan 7 18:15:07 2015 +0000
4124
4125    upstream commit
4126
4127    workaround for the Meyer, et al, Bleichenbacher Side
4128     Channel Attack. fake up a bignum key before RSA decryption. discussed/ok djm
4129     markus
4130
4131commit 5191df927db282d3123ca2f34a04d8d96153911a
4132Author: djm@openbsd.org <djm@openbsd.org>
4133Date:   Tue Dec 23 22:42:48 2014 +0000
4134
4135    upstream commit
4136
4137    KNF and add a little more debug()
4138
4139commit 8abd80315d3419b20e6938f74d37e2e2b547f0b7
4140Author: jmc@openbsd.org <jmc@openbsd.org>
4141Date:   Mon Dec 22 09:26:31 2014 +0000
4142
4143    upstream commit
4144
4145    add fingerprinthash to the options list;
4146
4147commit 296ef0560f60980da01d83b9f0e1a5257826536f
4148Author: jmc@openbsd.org <jmc@openbsd.org>
4149Date:   Mon Dec 22 09:24:59 2014 +0000
4150
4151    upstream commit
4152
4153    tweak previous;
4154
4155commit 462082eacbd37778a173afb6b84c6f4d898a18b5
4156Author: Damien Miller <djm@google.com>
4157Date:   Tue Dec 30 08:16:11 2014 +1100
4158
4159    avoid uninitialised free of ldns_res
4160
4161    If an invalid rdclass was passed to getrrsetbyname() then
4162    this would execute a free on an uninitialised pointer.
4163    OpenSSH only ever calls this with a fixed and valid rdclass.
4164
4165    Reported by Joshua Rogers
4166
4167commit 01b63498801053f131a0740eb9d13faf35d636c8
4168Author: Damien Miller <djm@google.com>
4169Date:   Mon Dec 29 18:10:18 2014 +1100
4170
4171    pull updated OpenBSD BCrypt PBKDF implementation
4172
4173    Includes fix for 1 byte output overflow for large key length
4174    requests (not reachable in OpenSSH).
4175
4176    Pointed out by Joshua Rogers
4177
4178commit c528c1b4af2f06712177b3de9b30705752f7cbcb
4179Author: Damien Miller <djm@google.com>
4180Date:   Tue Dec 23 15:26:13 2014 +1100
4181
4182    fix variable name for IPv6 case in construct_utmpx
4183
4184    patch from writeonce AT midipix.org via bz#2296
4185
4186commit 293cac52dcda123244b2e594d15592e5e481c55e
4187Author: Damien Miller <djm@google.com>
4188Date:   Mon Dec 22 16:30:42 2014 +1100
4189
4190    include and use OpenBSD netcat in regress/
4191
4192commit 8f6784f0cb56dc4fd00af3e81a10050a5785228d
4193Author: djm@openbsd.org <djm@openbsd.org>
4194Date:   Mon Dec 22 09:05:17 2014 +0000
4195
4196    upstream commit
4197
4198    mention ssh -Q feature to list supported { MAC, cipher,
4199     KEX, key } algorithms in more places and include the query string used to
4200     list the relevant information; bz#2288
4201
4202commit 449e11b4d7847079bd0a2daa6e3e7ea03d8ef700
4203Author: jmc@openbsd.org <jmc@openbsd.org>
4204Date:   Mon Dec 22 08:24:17 2014 +0000
4205
4206    upstream commit
4207
4208    tweak previous;
4209
4210commit 4bea0ab3290c0b9dd2aa199e932de8e7e18062d6
4211Author: djm@openbsd.org <djm@openbsd.org>
4212Date:   Mon Dec 22 08:06:03 2014 +0000
4213
4214    upstream commit
4215
4216    regression test for multiple required pubkey authentication;
4217     ok markus@
4218
4219commit f1c4d8ec52158b6f57834b8cd839605b0a33e7f2
4220Author: djm@openbsd.org <djm@openbsd.org>
4221Date:   Mon Dec 22 08:04:23 2014 +0000
4222
4223    upstream commit
4224
4225    correct description of what will happen when a
4226     AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd
4227     will refuse to start)
4228
4229commit 161cf419f412446635013ac49e8c660cadc36080
4230Author: djm@openbsd.org <djm@openbsd.org>
4231Date:   Mon Dec 22 07:55:51 2014 +0000
4232
4233    upstream commit
4234
4235    make internal handling of filename arguments of "none"
4236     more consistent with ssh. "none" arguments are now replaced with NULL when
4237     the configuration is finalised.
4238
4239    Simplifies checking later on (just need to test not-NULL rather than
4240    that + strcmp) and cleans up some inconsistencies. ok markus@
4241
4242commit f69b69b8625be447b8826b21d87713874dac25a6
4243Author: djm@openbsd.org <djm@openbsd.org>
4244Date:   Mon Dec 22 07:51:30 2014 +0000
4245
4246    upstream commit
4247
4248    remember which public keys have been used for
4249     authentication and refuse to accept previously-used keys.
4250
4251    This allows AuthenticationMethods=publickey,publickey to require
4252    that users authenticate using two _different_ pubkeys.
4253
4254    ok markus@
4255
4256commit 46ac2ed4677968224c4ca825bc98fc68dae183f0
4257Author: djm@openbsd.org <djm@openbsd.org>
4258Date:   Mon Dec 22 07:24:11 2014 +0000
4259
4260    upstream commit
4261
4262    fix passing of wildcard forward bind addresses when
4263     connection multiplexing is in use; patch from Sami Hartikainen via bz#2324;
4264     ok dtucker@
4265
4266commit 0d1b241a262e4d0a6bbfdd595489ab1b853c43a1
4267Author: djm@openbsd.org <djm@openbsd.org>
4268Date:   Mon Dec 22 06:14:29 2014 +0000
4269
4270    upstream commit
4271
4272    make this slightly easier to diff against portable
4273
4274commit 0715bcdddbf68953964058f17255bf54734b8737
4275Author: Damien Miller <djm@mindrot.org>
4276Date:   Mon Dec 22 13:47:07 2014 +1100
4277
4278    add missing regress output file
4279
4280commit 1e30483c8ad2c2f39445d4a4b6ab20c241e40593
4281Author: djm@openbsd.org <djm@openbsd.org>
4282Date:   Mon Dec 22 02:15:52 2014 +0000
4283
4284    upstream commit
4285
4286    adjust for new SHA256 key fingerprints and
4287     slightly-different MD5 hex fingerprint format
4288
4289commit 6b40567ed722df98593ad8e6a2d2448fc2b4b151
4290Author: djm@openbsd.org <djm@openbsd.org>
4291Date:   Mon Dec 22 01:14:49 2014 +0000
4292
4293    upstream commit
4294
4295    poll changes to netcat (usr.bin/netcat.c r1.125) broke
4296     this test; fix it by ensuring more stdio fds are sent to devnull
4297
4298commit a5375ccb970f49dddf7d0ef63c9b713ede9e7260
4299Author: jmc@openbsd.org <jmc@openbsd.org>
4300Date:   Sun Dec 21 23:35:14 2014 +0000
4301
4302    upstream commit
4303
4304    tweak previous;
4305
4306commit b79efde5c3badf5ce4312fe608d8307eade533c5
4307Author: djm@openbsd.org <djm@openbsd.org>
4308Date:   Sun Dec 21 23:12:42 2014 +0000
4309
4310    upstream commit
4311
4312    document FingerprintHash here too
4313
4314commit d16bdd8027dd116afa01324bb071a4016cdc1a75
4315Author: Damien Miller <djm@mindrot.org>
4316Date:   Mon Dec 22 10:18:09 2014 +1100
4317
4318    missing include for base64 encoding
4319
4320commit 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994
4321Author: djm@openbsd.org <djm@openbsd.org>
4322Date:   Sun Dec 21 22:27:55 2014 +0000
4323
4324    upstream commit
4325
4326    Add FingerprintHash option to control algorithm used for
4327     key fingerprints. Default changes from MD5 to SHA256 and format from hex to
4328     base64.
4329
4330    Feedback and ok naddy@ markus@
4331
4332commit 058f839fe15c51be8b3a844a76ab9a8db550be4f
4333Author: djm@openbsd.org <djm@openbsd.org>
4334Date:   Thu Dec 18 23:58:04 2014 +0000
4335
4336    upstream commit
4337
4338    don't count partial authentication success as a failure
4339     against MaxAuthTries; ok deraadt@
4340
4341commit c7219f4f54d64d6dde66dbcf7a2699daa782d2a1
4342Author: djm@openbsd.org <djm@openbsd.org>
4343Date:   Fri Dec 12 00:02:17 2014 +0000
4344
4345    upstream commit
4346
4347    revert chunk I didn't mean to commit yet; via jmc@
4348
4349commit 7de5991aa3997e2981440f39c1ea01273a0a2c7b
4350Author: Damien Miller <djm@mindrot.org>
4351Date:   Thu Dec 18 11:44:06 2014 +1100
4352
4353    upstream libc change
4354
4355    revision 1.2
4356    date: 2014/12/08 03:45:00;  author: bcook;  state: Exp;  lines: +2 -2;  commitid: 7zWEBgJJOCZ2hvTV;
4357    avoid left shift overflow in reallocarray.
4358
4359    Some 64-bit platforms (e.g. Windows 64) have a 32-bit long. So, shifting
4360    1UL 32-bits to the left causes an overflow. This replaces the constant 1UL with
4361    (size_t)1 so that we get the correct constant size for the platform.
4362
4363    discussed with tedu@ & deraadt@
4364
4365commit 2048f85a5e6da8bc6e0532efe02ecfd4e63c978c
4366Author: Damien Miller <djm@mindrot.org>
4367Date:   Thu Dec 18 10:15:49 2014 +1100
4368
4369    include CFLAGS in gnome askpass targets
4370
4371    from Fedora
4372
4373commit 48b68ce19ca42fa488960028048dec023f7899bb
4374Author: djm@openbsd.org <djm@openbsd.org>
4375Date:   Thu Dec 11 08:20:09 2014 +0000
4376
4377    upstream commit
4378
4379    explicitly include sys/param.h in files that use the
4380     howmany() macro; from portable
4381
4382commit d663bea30a294d440fef4398e5cd816317bd4518
4383Author: djm@openbsd.org <djm@openbsd.org>
4384Date:   Thu Dec 11 05:25:06 2014 +0000
4385
4386    upstream commit
4387
4388    mention AuthorizedKeysCommandUser must be set for
4389     AuthorizedKeysCommand to be run; bz#2287
4390
4391commit 17bf3d81e00f2abb414a4fd271118cf4913f049f
4392Author: djm@openbsd.org <djm@openbsd.org>
4393Date:   Thu Dec 11 05:13:28 2014 +0000
4394
4395    upstream commit
4396
4397    show in debug output which hostkeys are being tried when
4398     attempting hostbased auth; patch from Iain Morgan
4399
4400commit da0277e3717eadf5b15e03379fc29db133487e94
4401Author: djm@openbsd.org <djm@openbsd.org>
4402Date:   Thu Dec 11 04:16:14 2014 +0000
4403
4404    upstream commit
4405
4406    Make manual reflect reality: sftp-server's -d option
4407     accepts a "%d" option, not a "%h" one.
4408
4409    bz#2316; reported by Kirk Wolf
4410
4411commit 4cf87f4b81fa9380bce5fcff7b0f8382ae3ad996
4412Author: djm@openbsd.org <djm@openbsd.org>
4413Date:   Wed Dec 10 01:24:09 2014 +0000
4414
4415    upstream commit
4416
4417    better error value for invalid signature length
4418
4419commit 4bfad14ca56f8ae04f418997816b4ba84e2cfc3c
4420Author: Darren Tucker <dtucker@zip.com.au>
4421Date:   Wed Dec 10 02:12:51 2014 +1100
4422
4423    Resync more with OpenBSD's rijndael.c, in particular "#if 0"-ing out some
4424    unused code.  Should fix compile error reported by plautrba at redhat.
4425
4426commit 642652d280499691c8212ec6b79724b50008ce09
4427Author: Darren Tucker <dtucker@zip.com.au>
4428Date:   Wed Dec 10 01:32:23 2014 +1100
4429
4430    Add reallocarray to compat library
4431
4432commit 3dfd8d93dfcc69261f5af99df56f3ff598581979
4433Author: djm@openbsd.org <djm@openbsd.org>
4434Date:   Thu Dec 4 22:31:50 2014 +0000
4435
4436    upstream commit
4437
4438    add tests for new client RevokedHostKeys option; refactor
4439     to make it a bit more readable
4440
4441commit a31046cad1aed16a0b55171192faa6d02665ccec
4442Author: krw@openbsd.org <krw@openbsd.org>
4443Date:   Wed Nov 19 13:35:37 2014 +0000
4444
4445    upstream commit
4446
4447    Nuke yet more obvious #include duplications.
4448
4449    ok deraadt@
4450
4451commit a7c762e5b2c1093542c0bc1df25ccec0b4cf479f
4452Author: djm@openbsd.org <djm@openbsd.org>
4453Date:   Thu Dec 4 20:47:36 2014 +0000
4454
4455    upstream commit
4456
4457    key_in_file() wrapper is no longer used
4458
4459commit 5e39a49930d885aac9c76af3129332b6e772cd75
4460Author: djm@openbsd.org <djm@openbsd.org>
4461Date:   Thu Dec 4 02:24:32 2014 +0000
4462
4463    upstream commit
4464
4465    add RevokedHostKeys option for the client
4466
4467    Allow textfile or KRL-based revocation of hostkeys.
4468
4469commit 74de254bb92c684cf53461da97f52d5ba34ded80
4470Author: djm@openbsd.org <djm@openbsd.org>
4471Date:   Thu Dec 4 01:49:59 2014 +0000
4472
4473    upstream commit
4474
4475    convert KRL code to new buffer API
4476
4477    ok markus@
4478
4479commit db995f2eed5fc432598626fa3e30654503bf7151
4480Author: millert@openbsd.org <millert@openbsd.org>
4481Date:   Wed Nov 26 18:34:51 2014 +0000
4482
4483    upstream commit
4484
4485    Prefer setvbuf() to setlinebuf() for portability; ok
4486     deraadt@
4487
4488commit 72bba3d179ced8b425272efe6956a309202a91f3
4489Author: jsg@openbsd.org <jsg@openbsd.org>
4490Date:   Mon Nov 24 03:39:22 2014 +0000
4491
4492    upstream commit
4493
4494    Fix crashes in the handling of the sshd config file found
4495     with the afl fuzzer.
4496
4497    ok deraadt@ djm@
4498
4499commit 867f49c666adcfe92bf539d9c37c1accdea08bf6
4500Author: Damien Miller <djm@mindrot.org>
4501Date:   Wed Nov 26 13:22:41 2014 +1100
4502
4503    Avoid Cygwin ssh-host-config reading /etc/group
4504
4505    Patch from Corinna Vinschen
4506
4507commit 8b66f36291a721b1ba7c44f24a07fdf39235593e
4508Author: Damien Miller <djm@mindrot.org>
4509Date:   Wed Nov 26 13:20:35 2014 +1100
4510
4511    allow custom service name for sshd on Cygwin
4512
4513    Permits the use of multiple sshd running with different service names.
4514
4515    Patch by Florian Friesdorf via Corinna Vinschen
4516
4517commit 08c0eebf55d70a9ae1964399e609288ae3186a0c
4518Author: jmc@openbsd.org <jmc@openbsd.org>
4519Date:   Sat Nov 22 19:21:03 2014 +0000
4520
4521    upstream commit
4522
4523    restore word zapped in previous, and remove some useless
4524     "No" macros;
4525
4526commit a1418a0033fba43f061513e992e1cbcc3343e563
4527Author: deraadt@openbsd.org <deraadt@openbsd.org>
4528Date:   Sat Nov 22 18:15:41 2014 +0000
4529
4530    upstream commit
4531
4532    /dev/random has created the same effect as /dev/arandom
4533     (and /dev/urandom) for quite some time.  Mop up the last few, by using
4534     /dev/random where we actually want it, or not even mentioning arandom where
4535     it is irrelevant.
4536
4537commit b6de5ac9ed421362f479d1ad4fa433d2e25dad5b
4538Author: djm@openbsd.org <djm@openbsd.org>
4539Date:   Fri Nov 21 01:00:38 2014 +0000
4540
4541    upstream commit
4542
4543    fix NULL pointer dereference crash on invalid timestamp
4544
4545    found using Michal Zalewski's afl fuzzer
4546
4547commit a1f8110cd5ed818d59b3a2964fab7de76e92c18e
4548Author: mikeb@openbsd.org <mikeb@openbsd.org>
4549Date:   Tue Nov 18 22:38:48 2014 +0000
4550
4551    upstream commit
4552
4553    Sync AES code to the one shipped in OpenSSL/LibreSSL.
4554
4555    This includes a commit made by Andy Polyakov <appro at openssl ! org>
4556    to the OpenSSL source tree on Wed, 28 Jun 2006 with the following
4557    message: "Mitigate cache-collision timing attack on last round."
4558
4559    OK naddy, miod, djm
4560
4561commit 335c83d5f35d8620e16b8aa26592d4f836e09ad2
4562Author: krw@openbsd.org <krw@openbsd.org>
4563Date:   Tue Nov 18 20:54:28 2014 +0000
4564
4565    upstream commit
4566
4567    Nuke more obvious #include duplications.
4568
4569    ok deraadt@ millert@ tedu@
4570
4571commit 51b64e44121194ae4bf153dee391228dada2abcb
4572Author: djm@openbsd.org <djm@openbsd.org>
4573Date:   Mon Nov 17 00:21:40 2014 +0000
4574
4575    upstream commit
4576
4577    fix KRL generation when multiple CAs are in use
4578
4579    We would generate an invalid KRL when revoking certs by serial
4580    number for multiple CA keys due to a section being written out
4581    twice.
4582
4583    Also extend the regress test to catch this case by having it
4584    produce a multi-CA KRL.
4585
4586    Reported by peter AT pean.org
4587
4588commit d2d51003a623e21fb2b25567c4878d915e90aa2a
4589Author: djm@openbsd.org <djm@openbsd.org>
4590Date:   Tue Nov 18 01:02:25 2014 +0000
4591
4592    upstream commit
4593
4594    fix NULL pointer dereference crash in key loading
4595
4596    found by Michal Zalewski's AFL fuzzer
4597
4598commit 9f9fad0191028edc43d100d0ded39419b6895fdf
4599Author: djm@openbsd.org <djm@openbsd.org>
4600Date:   Mon Nov 17 00:21:40 2014 +0000
4601
4602    upstream commit
4603
4604    fix KRL generation when multiple CAs are in use
4605
4606    We would generate an invalid KRL when revoking certs by serial
4607    number for multiple CA keys due to a section being written out
4608    twice.
4609
4610    Also extend the regress test to catch this case by having it
4611    produce a multi-CA KRL.
4612
4613    Reported by peter AT pean.org
4614
4615commit da8af83d3f7ec00099963e455010e0ed1d7d0140
4616Author: bentley@openbsd.org <bentley@openbsd.org>
4617Date:   Sat Nov 15 14:41:03 2014 +0000
4618
4619    upstream commit
4620
4621    Reduce instances of `` '' in manuals.
4622
4623    troff displays these as typographic quotes, but nroff implementations
4624    almost always print them literally, which rarely has the intended effect
4625    with modern fonts, even in stock xterm.
4626
4627    These uses of `` '' can be replaced either with more semantic alternatives
4628    or with Dq, which prints typographic quotes in a UTF-8 locale (but will
4629    automatically fall back to `` '' in an ASCII locale).
4630
4631    improvements and ok schwarze@
4632
4633commit fc302561369483bb755b17f671f70fb894aec01d
4634Author: djm@openbsd.org <djm@openbsd.org>
4635Date:   Mon Nov 10 22:25:49 2014 +0000
4636
4637    upstream commit
4638
4639    mux-related manual tweaks
4640
4641    mention ControlPersist=0 is the same as ControlPersist=yes
4642
4643    recommend that ControlPath sockets be placed in a og-w directory
4644
4645commit 0e4cff5f35ed11102fe3783779960ef07e0cd381
4646Author: Damien Miller <djm@google.com>
4647Date:   Wed Nov 5 11:01:31 2014 +1100
4648
4649    Prepare scripts for next Cygwin release
4650
4651    Makes the Cygwin-specific ssh-user-config script independent of the
4652    existence of /etc/passwd.  The next Cygwin release will allow to
4653    generate passwd and group entries from the Windows account DBs, so the
4654    scripts have to adapt.
4655
4656    from Corinna Vinschen
4657
4658commit 7d0ba5336651731949762eb8877ce9e3b52df436
4659Author: Damien Miller <djm@mindrot.org>
4660Date:   Thu Oct 30 10:45:41 2014 +1100
4661
4662    include version number in OpenSSL-too-old error
4663
4664commit 3bcb92e04d9207e9f78d82f7918c6d3422054ce9
4665Author: lteo@openbsd.org <lteo@openbsd.org>
4666Date:   Fri Oct 24 02:01:20 2014 +0000
4667
4668    upstream commit
4669
4670    Remove unnecessary include: netinet/in_systm.h is not needed
4671     by these programs.
4672
4673    NB. skipped for portable
4674
4675    ok deraadt@ millert@
4676
4677commit 6fdcaeb99532e28a69f1a1599fbd540bb15b70a0
4678Author: djm@openbsd.org <djm@openbsd.org>
4679Date:   Mon Oct 20 03:43:01 2014 +0000
4680
4681    upstream commit
4682
4683    whitespace
4684
4685commit 165bc8786299e261706ed60342985f9de93a7461
4686Author: daniel@openbsd.org <daniel@openbsd.org>
4687Date:   Tue Oct 14 03:09:59 2014 +0000
4688
4689    upstream commit
4690
4691    plug a memory leak; from Maxime Villard.
4692
4693    ok djm@
4694
4695commit b1ba15f3885947c245c2dbfaad0a04ba050abea0
4696Author: jmc@openbsd.org <jmc@openbsd.org>
4697Date:   Thu Oct 9 06:21:31 2014 +0000
4698
4699    upstream commit
4700
4701    tweak previous;
4702
4703commit 259a02ebdf74ad90b41d116ecf70aa823fa4c6e7
4704Author: djm@openbsd.org <djm@openbsd.org>
4705Date:   Mon Oct 13 00:38:35 2014 +0000
4706
4707    upstream commit
4708
4709    whitespace
4710
4711commit 957fbceb0f3166e41b76fdb54075ab3b9cc84cba
4712Author: djm@openbsd.org <djm@openbsd.org>
4713Date:   Wed Oct 8 22:20:25 2014 +0000
4714
4715    upstream commit
4716
4717    Tweak config reparsing with host canonicalisation
4718
4719    Make the second pass through the config files always run when
4720    hostname canonicalisation is enabled.
4721
4722    Add a "Match canonical" criteria that allows ssh_config Match
4723    blocks to trigger only in the second config pass.
4724
4725    Add a -G option to ssh that causes it to parse its configuration
4726    and dump the result to stdout, similar to "sshd -T"
4727
4728    Allow ssh_config Port options set in the second config parse
4729    phase to be applied (they were being ignored).
4730
4731    bz#2267 bz#2286; ok markus
4732
4733commit 5c0dafd38bf66feeeb45fa0741a5baf5ad8039ba
4734Author: djm@openbsd.org <djm@openbsd.org>
4735Date:   Wed Oct 8 22:15:27 2014 +0000
4736
4737    upstream commit
4738
4739    another -Wpointer-sign from clang
4740
4741commit bb005dc815ebda9af3ae4b39ca101c4da918f835
4742Author: djm@openbsd.org <djm@openbsd.org>
4743Date:   Wed Oct 8 22:15:06 2014 +0000
4744
4745    upstream commit
4746
4747    fix a few -Wpointer-sign warnings from clang
4748
4749commit 3cc1fbb4fb0e804bfb873fd363cea91b27fc8188
4750Author: djm@openbsd.org <djm@openbsd.org>
4751Date:   Wed Oct 8 21:45:48 2014 +0000
4752
4753    upstream commit
4754
4755    parse cert sections using nested buffers to reduce
4756     copies; ok markus
4757
4758commit 4a45922aebf99164e2fc83d34fe55b11ae1866ef
4759Author: djm@openbsd.org <djm@openbsd.org>
4760Date:   Mon Oct 6 00:47:15 2014 +0000
4761
4762    upstream commit
4763
4764    correct options in usage(); from mancha1 AT zoho.com
4765
4766commit 48dffd5bebae6fed0556dc5c36cece0370690618
4767Author: djm@openbsd.org <djm@openbsd.org>
4768Date:   Tue Sep 9 09:45:36 2014 +0000
4769
4770    upstream commit
4771
4772    mention permissions on tun(4) devices in PermitTunnel
4773     documentation; bz#2273
4774
4775commit a5883d4eccb94b16c355987f58f86a7dee17a0c2
4776Author: djm@openbsd.org <djm@openbsd.org>
4777Date:   Wed Sep 3 18:55:07 2014 +0000
4778
4779    upstream commit
4780
4781    tighten permissions on pty when the "tty" group does
4782     not exist; pointed out by Corinna Vinschen; ok markus
4783
4784commit 180bcb406b58bf30723c01a6b010e48ee626dda8
4785Author: sobrado@openbsd.org <sobrado@openbsd.org>
4786Date:   Sat Aug 30 16:32:25 2014 +0000
4787
4788    upstream commit
4789
4790    typo.
4791
4792commit f70b22bcdd52f6bf127047b3584371e6e5d45627
4793Author: sobrado@openbsd.org <sobrado@openbsd.org>
4794Date:   Sat Aug 30 15:33:50 2014 +0000
4795
4796    upstream commit
4797
4798    improve capitalization for the Ed25519 public-key
4799     signature system.
4800
4801    ok djm@
4802
4803commit 7df8818409c752cf3f0c3f8044fe9aebed8647bd
4804Author: doug@openbsd.org <doug@openbsd.org>
4805Date:   Thu Aug 21 01:08:52 2014 +0000
4806
4807    upstream commit
4808
4809    Free resources on error in mkstemp and fdopen
4810
4811    ok djm@
4812
4813commit 40ba4c9733aaed08304714faeb61529f18da144b
4814Author: deraadt@openbsd.org <deraadt@openbsd.org>
4815Date:   Wed Aug 20 01:28:55 2014 +0000
4816
4817    upstream commit
4818
4819    djm how did you make a typo like that...
4820
4821commit 57d378ec9278ba417a726f615daad67d157de666
4822Author: djm@openbsd.org <djm@openbsd.org>
4823Date:   Tue Aug 19 23:58:28 2014 +0000
4824
4825    upstream commit
4826
4827    When dumping the server configuration (sshd -T), print
4828     correct KEX, MAC and cipher defaults. Spotted by Iain Morgan
4829
4830commit 7ff880ede5195d0b17e7f1e3b6cfbc4cb6f85240
4831Author: djm@openbsd.org <djm@openbsd.org>
4832Date:   Tue Aug 19 23:57:18 2014 +0000
4833
4834    upstream commit
4835
4836    ~-expand lcd paths
4837
4838commit 4460a7ad0c78d4cd67c467f6e9f4254d0404ed59
4839Author: Damien Miller <djm@mindrot.org>
4840Date:   Sun Oct 12 12:35:48 2014 +1100
4841
4842    remove duplicated KEX_DH1 entry
4843
4844commit c9b8426a616138d0d762176c94f51aff3faad5ff
4845Author: Damien Miller <djm@mindrot.org>
4846Date:   Thu Oct 9 10:34:06 2014 +1100
4847
4848    remove ChangeLog file
4849
4850    Commit logs will be generated from git at release time.
4851
4852commit 81d18ff7c93a04affbf3903e0963859763219aed
4853Author: Damien Miller <djm@google.com>
4854Date:   Tue Oct 7 21:24:25 2014 +1100
4855
4856    delete contrib/caldera directory
4857
4858commit 0ec9e87d3638206456968202f05bb5123670607a
4859Author: Damien Miller <djm@google.com>
4860Date:   Tue Oct 7 19:57:27 2014 +1100
4861
4862    test commit
4863
4864commit 8fb65a44568701b779f3d77326bceae63412d28d
4865Author: Damien Miller <djm@mindrot.org>
4866Date:   Tue Oct 7 09:21:49 2014 +1100
4867
4868     - (djm) Release OpenSSH-6.7
4869
4870commit e8c9f2602c46f6781df5e52e6cd8413dab4602a3
4871Author: Damien Miller <djm@mindrot.org>
4872Date:   Fri Oct 3 09:24:56 2014 +1000
4873
4874     - (djm) [sshd_config.5] typo; from Iain Morgan
4875
4876commit 703b98a26706f5083801d11059486d77491342ae
4877Author: Damien Miller <djm@mindrot.org>
4878Date:   Wed Oct 1 09:43:07 2014 +1000
4879
4880     - (djm) [openbsd-compat/Makefile.in openbsd-compat/kludge-fd_set.c]
4881       [openbsd-compat/openbsd-compat.h] Kludge around bad glibc
4882       _FORTIFY_SOURCE check that doesn't grok heap-allocated fd_sets;
4883       ok dtucker@
4884
4885commit 0fa0ed061bbfedb0daa705e220748154a84c3413
4886Author: Damien Miller <djm@mindrot.org>
4887Date:   Wed Sep 10 08:15:34 2014 +1000
4888
4889     - (djm) [sandbox-seccomp-filter.c] Allow mremap and exit for DietLibc;
4890       patch from Felix von Leitner; ok dtucker
4891
4892commit ad7d23d461c3b7e1dcb15db13aee5f4b94dc1a95
4893Author: Darren Tucker <dtucker@zip.com.au>
4894Date:   Tue Sep 9 12:23:10 2014 +1000
4895
4896    20140908
4897     - (dtucker) [INSTALL] Update info about egd.  ok djm@
4898
4899commit 2a8699f37cc2515e3bc60e0c677ba060f4d48191
4900Author: Damien Miller <djm@mindrot.org>
4901Date:   Thu Sep 4 03:46:05 2014 +1000
4902
4903     - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
4904
4905commit 44988defb1f5e3afe576d86000365e1f07a1b494
4906Author: Damien Miller <djm@mindrot.org>
4907Date:   Wed Sep 3 05:35:32 2014 +1000
4908
4909     - (djm) [contrib/cygwin/ssh-host-config] Fix old code leading to
4910       permissions/ACLs; from Corinna Vinschen
4911
4912commit 23f269562b7537b2f6f5014e50a25e5dcc55a837
4913Author: Damien Miller <djm@mindrot.org>
4914Date:   Wed Sep 3 05:33:25 2014 +1000
4915
4916     - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
4917       conditionalise to avoid duplicate definition.
4918
4919commit 41c8de2c0031cf59e7cf0c06b5bcfbf4852c1fda
4920Author: Damien Miller <djm@mindrot.org>
4921Date:   Sat Aug 30 16:23:06 2014 +1000
4922
4923     - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@
4924
4925commit d7c81e216a7bd9eed6e239c970d9261bb1651947
4926Author: Damien Miller <djm@mindrot.org>
4927Date:   Sat Aug 30 04:18:28 2014 +1000
4928
4929     - (djm) [openbsd-compat/openssl-compat.h] add include guard
4930
4931commit 4687802dda57365b984b897fc3c8e2867ea09b22
4932Author: Damien Miller <djm@mindrot.org>
4933Date:   Sat Aug 30 03:29:19 2014 +1000
4934
4935     - (djm) [misc.c] Missing newline between functions
4936
4937commit 51c77e29220dee87c53be2dc47092934acab26fe
4938Author: Damien Miller <djm@mindrot.org>
4939Date:   Sat Aug 30 02:30:30 2014 +1000
4940
4941     - (djm) [openbsd-compat/openssl-compat.h] add
4942       OPENSSL_[RD]SA_MAX_MODULUS_BITS defines for OpenSSL that lacks them
4943
4944commit 3d673d103bad35afaec6e7ef73e5277216ce33a3
4945Author: Damien Miller <djm@mindrot.org>
4946Date:   Wed Aug 27 06:32:01 2014 +1000
4947
4948     - (djm) [openbsd-compat/explicit_bzero.c] implement explicit_bzero()
4949       using memset_s() where possible; improve fallback to indirect bzero
4950       via a volatile pointer to give it more of a chance to avoid being
4951       optimised away.
4952
4953commit 146218ac11a1eb0dcade6f793d7acdef163b5ddc
4954Author: Damien Miller <djm@mindrot.org>
4955Date:   Wed Aug 27 04:11:55 2014 +1000
4956
4957     - (djm) [monitor.c sshd.c] SIGXFSZ needs to be ignored in postauth
4958       monitor, not preauth; bz#2263
4959
4960commit 1b215c098b3b37e38aa4e4c91bb908eee41183b1
4961Author: Damien Miller <djm@mindrot.org>
4962Date:   Wed Aug 27 04:04:40 2014 +1000
4963
4964     - (djm) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
4965       [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
4966       [regress/unittests/sshkey/common.c]
4967       [regress/unittests/sshkey/test_file.c]
4968       [regress/unittests/sshkey/test_fuzz.c]
4969       [regress/unittests/sshkey/test_sshkey.c] Don't include openssl/ec.h
4970       on !ECC OpenSSL systems
4971
4972commit ad013944af0a19e3f612089d0099bb397cf6502d
4973Author: Damien Miller <djm@mindrot.org>
4974Date:   Tue Aug 26 09:27:28 2014 +1000
4975
4976     - (djm) [INSTALL] Recommend libcrypto be built -fPIC, mention LibreSSL,
4977       update OpenSSL version requirement.
4978
4979commit ed126de8ee04c66640a0ea2697c4aaf36801f100
4980Author: Damien Miller <djm@mindrot.org>
4981Date:   Tue Aug 26 08:37:47 2014 +1000
4982
4983     - (djm) [bufec.c] Skip this file on !ECC OpenSSL
4984
4985commit 9c1dede005746864a4fdb36a7cdf6c51296ca909
4986Author: Damien Miller <djm@mindrot.org>
4987Date:   Sun Aug 24 03:01:06 2014 +1000
4988
4989     - (djm) [sftp-server.c] Some systems (e.g. Irix) have prctl() but not
4990       PR_SET_DUMPABLE, so adjust ifdef; reported by Tom Christensen
4991
4992commit d244a5816fd1312a33404b436e4dd83594f1119e
4993Author: Damien Miller <djm@mindrot.org>
4994Date:   Sat Aug 23 17:06:49 2014 +1000
4995
4996     - (djm) [configure.ac] We now require a working vsnprintf everywhere (not
4997       just for systems that lack asprintf); check for it always and extend
4998       test to catch more brokenness. Fixes builds on Solaris <= 9
4999
5000commit 4cec036362a358e398e6a2e6d19d8e5780558634
5001Author: Damien Miller <djm@mindrot.org>
5002Date:   Sat Aug 23 03:11:09 2014 +1000
5003
5004     - (djm) [sshd.c] Ignore SIGXFSZ in preauth monitor child; can explode on
5005       lastlog writing on platforms with high UIDs; bz#2263
5006
5007commit 394a60f2598d28b670d934b93942a3370b779b39
5008Author: Damien Miller <djm@mindrot.org>
5009Date:   Fri Aug 22 18:06:20 2014 +1000
5010
5011     - (djm) [configure.ac] double braces to appease autoconf
5012
5013commit 4d69aeabd6e60afcdc7cca177ca751708ab79a9d
5014Author: Damien Miller <djm@mindrot.org>
5015Date:   Fri Aug 22 17:48:27 2014 +1000
5016
5017     - (djm) [openbsd-compat/bsd-snprintf.c] Fix compilation failure (prototype/
5018       definition mismatch) and warning for broken/missing snprintf case.
5019
5020commit 0c11f1ac369d2c0aeb0ab0458a7cd04c72fe5e9e
5021Author: Damien Miller <djm@mindrot.org>
5022Date:   Fri Aug 22 17:36:56 2014 +1000
5023
5024     - (djm) [sshbuf-getput-crypto.c] Fix compilation when OpenSSL lacks ECC
5025
5026commit 6d62784b8973340b251fea6b04890f471adf28db
5027Author: Damien Miller <djm@mindrot.org>
5028Date:   Fri Aug 22 17:36:19 2014 +1000
5029
5030     - (djm) [configure.ac] include leading zero characters in OpenSSL version
5031       number; fixes test for unsupported versions
5032
5033commit 4f1ff1ed782117f5d5204d4e91156ed5da07cbb7
5034Author: Damien Miller <djm@mindrot.org>
5035Date:   Thu Aug 21 15:54:50 2014 +1000
5036
5037     - (djm) [regress/unittests/test_helper/test_helper.c] Fix for systems that
5038       don't set __progname. Diagnosed by Tom Christensen.
5039
5040commit 005a64da0f457410045ef0bfa93c863c2450447d
5041Author: Damien Miller <djm@mindrot.org>
5042Date:   Thu Aug 21 10:48:41 2014 +1000
5043
5044     - (djm) [key.h] Fix ifdefs for no-ECC OpenSSL
5045
5046commit aa6598ebb3343c7380e918388e10e8ca5852b613
5047Author: Damien Miller <djm@mindrot.org>
5048Date:   Thu Aug 21 10:47:54 2014 +1000
5049
5050     - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.
5051
5052commit 54703e3cf63f0c80d4157e5ad7dbc2b363ee2c56
5053Author: Damien Miller <djm@mindrot.org>
5054Date:   Wed Aug 20 11:10:51 2014 +1000
5055
5056     - (djm) [contrib/cygwin/README] Correct build instructions; from Corinna
5057
5058commit f0935698f0461f24d8d1f1107b476ee5fd4db1cb
5059Author: Damien Miller <djm@mindrot.org>
5060Date:   Wed Aug 20 11:06:50 2014 +1000
5061
5062     - (djm) [sshkey.h] Fix compilation when OpenSSL lacks ECC
5063
5064commit c5089ecaec3b2c02f014f4e67518390702a4ba14
5065Author: Damien Miller <djm@mindrot.org>
5066Date:   Wed Aug 20 11:06:20 2014 +1000
5067
5068     - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather than
5069       -L/-l; fixes linking problems on some platforms
5070
5071commit 2195847e503a382f83ee969b0a8bd3dfe0e55c18
5072Author: Damien Miller <djm@mindrot.org>
5073Date:   Wed Aug 20 11:05:03 2014 +1000
5074
5075     - (djm) [configure.ac] Check OpenSSL version is supported at configure time;
5076       suggested by Kevin Brott
5077
5078commit a75aca1bbc989aa9f8b1b08489d37855f3d24d1a
5079Author: Damien Miller <djm@mindrot.org>
5080Date:   Tue Aug 19 11:36:07 2014 +1000
5081
5082     - (djm) [INSTALL contrib/caldera/openssh.spec contrib/cygwin/README]
5083       [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Remove mentions
5084       of TCP wrappers.
5085
5086commit 3f022b5a9477abceeb1bbeab04b055f3cc7ca8f6
5087Author: Damien Miller <djm@mindrot.org>
5088Date:   Tue Aug 19 11:32:34 2014 +1000
5089
5090     - (djm) [ssh-dss.c] Include openssl/dsa.h for DSA_SIG
5091
5092commit 88137902632aceb923990e98cf5dc923bb3ef2f5
5093Author: Damien Miller <djm@mindrot.org>
5094Date:   Tue Aug 19 11:28:11 2014 +1000
5095
5096     - (djm) [sshbuf.h] Fix compilation on systems without OPENSSL_HAS_ECC.
5097
5098commit 2f3d1e7fb2eabd3cfbfd8d0f7bdd2f9a1888690b
5099Author: Damien Miller <djm@mindrot.org>
5100Date:   Tue Aug 19 11:14:36 2014 +1000
5101
5102     - (djm) [myproposal.h] Make curve25519 KEX dependent on
5103       HAVE_EVP_SHA256 instead of OPENSSL_HAS_ECC.
5104
5105commit d4e7d59d01a6c7f59e8c1f94a83c086e9a33d8aa
5106Author: Damien Miller <djm@mindrot.org>
5107Date:   Tue Aug 19 11:14:17 2014 +1000
5108
5109     - (djm) [serverloop.c] Fix syntax error on Cygwin; from Corinna Vinschen
5110
5111commit 9eaeea2cf2b6af5f166cfa9ad3c7a90711a147a9
5112Author: Damien Miller <djm@mindrot.org>
5113Date:   Sun Aug 10 11:35:05 2014 +1000
5114
5115     - (djm) [README contrib/caldera/openssh.spec]
5116       [contrib/redhat/openssh.spec contrib/suse/openssh.spec] Update versions
5117
5118commit f8988fbef0c9801d19fa2f8f4f041690412bec37
5119Author: Damien Miller <djm@mindrot.org>
5120Date:   Fri Aug 1 13:31:52 2014 +1000
5121
5122     - (djm) [regress/multiplex.sh] Use -d (detach stdin) flag to disassociate
5123       nc from stdin, it's more portable
5124
5125commit 5b3879fd4b7a4e3d43bab8f40addda39bc1169d0
5126Author: Damien Miller <djm@mindrot.org>
5127Date:   Fri Aug 1 12:28:31 2014 +1000
5128
5129     - (djm) [regress/multiplex.sh] Instruct nc not to quit as soon as stdin
5130       is closed; avoid regress failures when stdin is /dev/null
5131
5132commit a9c46746d266f8a1b092a72b2150682d1af8ebfc
5133Author: Damien Miller <djm@mindrot.org>
5134Date:   Fri Aug 1 12:26:49 2014 +1000
5135
5136     - (djm) [regress/multiplex.sh] Skip test for non-OpenBSD netcat. We need
5137       a better solution, but this will have to do for now.
5138
5139commit 426117b2e965e43f47015942b5be8dd88fe74b88
5140Author: Damien Miller <djm@mindrot.org>
5141Date:   Wed Jul 30 12:33:20 2014 +1000
5142
5143       - schwarze@cvs.openbsd.org 2014/07/28 15:40:08
5144         [sftp-server.8 sshd_config.5]
5145         some systems no longer need /dev/log;
5146         issue noticed by jirib;
5147         ok deraadt
5148
5149commit f497794b6962eaf802ab4ac2a7b22ae591cca1d5
5150Author: Damien Miller <djm@mindrot.org>
5151Date:   Wed Jul 30 12:32:46 2014 +1000
5152
5153       - dtucker@cvs.openbsd.org 2014/07/25 21:22:03
5154         [ssh-agent.c]
5155         Clear buffer used for handling messages.  This prevents keys being
5156         left in memory after they have been expired or deleted in some cases
5157         (but note that ssh-agent is setgid so you would still need root to
5158         access them).  Pointed out by Kevin Burns, ok deraadt
5159
5160commit a8a0f65c57c8ecba94d65948e9090da54014dfef
5161Author: Damien Miller <djm@mindrot.org>
5162Date:   Wed Jul 30 12:32:28 2014 +1000
5163
5164     - OpenBSD CVS Sync
5165       - millert@cvs.openbsd.org 2014/07/24 22:57:10
5166         [ssh.1]
5167         Mention UNIX-domain socket forwarding too.  OK jmc@ deraadt@
5168
5169commit 56b840f2b81e14a2f95c203403633a72566736f8
5170Author: Damien Miller <djm@mindrot.org>
5171Date:   Fri Jul 25 08:11:30 2014 +1000
5172
5173     - (djm) [regress/multiplex.sh] restore incorrectly deleted line;
5174       pointed out by Christian Hesse
5175
5176commit dd417b60d5ca220565d1014e92b7f8f43dc081eb
5177Author: Darren Tucker <dtucker@zip.com.au>
5178Date:   Wed Jul 23 10:41:21 2014 +1000
5179
5180       - dtucker@cvs.openbsd.org 2014/07/22 23:35:38
5181         [regress/unittests/sshkey/testdata/*]
5182         Regenerate test keys with certs signed with ed25519 instead of ecdsa.
5183         These can be used in -portable on platforms that don't support ECDSA.
5184
5185commit 40e50211896369dba8f64f3b5e5fd58b76f5ac3f
5186Author: Darren Tucker <dtucker@zip.com.au>
5187Date:   Wed Jul 23 10:35:45 2014 +1000
5188
5189       - dtucker@cvs.openbsd.org 2014/07/22 23:57:40
5190         [regress/unittests/sshkey/mktestdata.sh]
5191         Add $OpenBSD tag to make syncs easier
5192
5193commit 07e644251e809b1d4c062cf85bd1146a7e3f5a8a
5194Author: Darren Tucker <dtucker@zip.com.au>
5195Date:   Wed Jul 23 10:34:26 2014 +1000
5196
5197       - dtucker@cvs.openbsd.org 2014/07/22 23:23:22
5198         [regress/unittests/sshkey/mktestdata.sh]
5199         Sign test certs with ed25519 instead of ecdsa so that they'll work in
5200         -portable on platforms that don't have ECDSA in their OpenSSL.  ok djm
5201
5202commit cea099a7c4eaecb01b001e5453bb4e5c25006c22
5203Author: Darren Tucker <dtucker@zip.com.au>
5204Date:   Wed Jul 23 10:04:02 2014 +1000
5205
5206       - djm@cvs.openbsd.org 2014/07/22 01:32:12
5207         [regress/multiplex.sh]
5208         change the test for still-open Unix domain sockets to be robust against
5209         nc implementations that produce error messages. from -portable
5210         (Id sync only)
5211
5212commit 31eb78078d349b32ea41952ecc944b3ad6cb0d45
5213Author: Darren Tucker <dtucker@zip.com.au>
5214Date:   Wed Jul 23 09:43:42 2014 +1000
5215
5216       - guenther@cvs.openbsd.org 2014/07/22 07:13:42
5217         [umac.c]
5218         Convert from <sys/endian.h> to the shiney new <endian.h>
5219         ok dtucker@, who also confirmed that -portable handles this already
5220         (ID sync only, includes.h pulls in endian.h if available.)
5221
5222commit 820763efef2d19d965602533036c2b4badc9d465
5223Author: Darren Tucker <dtucker@zip.com.au>
5224Date:   Wed Jul 23 09:40:46 2014 +1000
5225
5226       - dtucker@cvs.openbsd.org 2014/07/22 01:18:50
5227         [key.c]
5228         Prevent spam from key_load_private_pem during hostbased auth.  ok djm@
5229
5230commit c4ee219a66f3190fa96cbd45b4d11015685c6306
5231Author: Darren Tucker <dtucker@zip.com.au>
5232Date:   Wed Jul 23 04:27:50 2014 +1000
5233
5234     - (dtucker) [regress/unittests/sshkey/test_{file,fuzz,sshkey}.c] Wrap ecdsa-
5235       specific tests inside OPENSSL_HAS_ECC.
5236
5237commit 04f4824940ea3edd60835416ececbae16438968a
5238Author: Damien Miller <djm@mindrot.org>
5239Date:   Tue Jul 22 11:31:47 2014 +1000
5240
5241     - (djm) [regress/multiplex.sh] change the test for still-open Unix
5242        domain sockets to be robust against nc implementations that produce
5243        error messages.
5244
5245commit 5ea4fe00d55453aaa44007330bb4c3181bd9b796
5246Author: Damien Miller <djm@mindrot.org>
5247Date:   Tue Jul 22 09:39:19 2014 +1000
5248
5249     - (djm) [regress/multiplex.sh] ssh mux master lost -N somehow;
5250       put it back
5251
5252commit 948a1774a79a85f9deba6d74db95f402dee32c69
5253Author: Darren Tucker <dtucker@zip.com.au>
5254Date:   Tue Jul 22 01:07:11 2014 +1000
5255
5256     - (dtucker) [sshkey.c] ifdef out unused variable when compiling without
5257       OPENSSL_HAS_ECC.
5258
5259commit c8f610f6cc57ae129758052439d9baf13699097b
5260Author: Damien Miller <djm@mindrot.org>
5261Date:   Mon Jul 21 10:23:27 2014 +1000
5262
5263     - (djm) [regress/multiplex.sh] Not all netcat accept the -N option.
5264
5265commit 0e4e95566cd95c887f69272499b8f3880b3ec0f5
5266Author: Damien Miller <djm@mindrot.org>
5267Date:   Mon Jul 21 09:52:54 2014 +1000
5268
5269       - millert@cvs.openbsd.org 2014/07/15 15:54:15
5270         [forwarding.sh multiplex.sh]
5271         Add support for Unix domain socket forwarding.  A remote TCP port
5272         may be forwarded to a local Unix domain socket and vice versa or
5273         both ends may be a Unix domain socket.  This is a reimplementation
5274         of the streamlocal patches by William Ahern from:
5275             http://www.25thandclement.com/~william/projects/streamlocal.html
5276         OK djm@ markus@
5277
5278commit 93a87ab27ecdc709169fb24411133998f81e2761
5279Author: Darren Tucker <dtucker@zip.com.au>
5280Date:   Mon Jul 21 06:30:25 2014 +1000
5281
5282     - (dtucker) [regress/unittests/sshkey/
5283       {common,test_file,test_fuzz,test_sshkey}.c] Wrap stdint.h includes in
5284       ifdefs.
5285
5286commit 5573171352ea23df2dc6d2fe0324d023b7ba697c
5287Author: Darren Tucker <dtucker@zip.com.au>
5288Date:   Mon Jul 21 02:24:59 2014 +1000
5289
5290    - (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
5291       needed to build AES CTR mode against OpenSSL 0.9.8f and above.  ok djm
5292
5293commit 74e28682711d005026c7c8f15f96aea9d3c8b5a3
5294Author: Tim Rice <tim@multitalents.net>
5295Date:   Fri Jul 18 20:00:11 2014 -0700
5296
5297     - (tim) [openbsd-compat/port-uw.c] Include misc.h for fwd_opts, used
5298       in servconf.h.
5299
5300commit d1a0421f8e5e933fee6fb58ee6b9a22c63c8a613
5301Author: Darren Tucker <dtucker@zip.com.au>
5302Date:   Sat Jul 19 07:23:55 2014 +1000
5303
5304     - (dtucker) [key.c sshkey.c] Put new ecdsa bits inside ifdef OPENSSL_HAS_ECC.
5305
5306commit f0fe9ea1be62227c130b317769de3d1e736b6dc1
5307Author: Darren Tucker <dtucker@zip.com.au>
5308Date:   Sat Jul 19 06:33:12 2014 +1000
5309
5310     - (dtucker) [Makefile.in] Add a t-exec target to run just the executable
5311       tests.
5312
5313commit 450bc1180d4b061434a4b733c5c8814fa30b022b
5314Author: Darren Tucker <dtucker@zip.com.au>
5315Date:   Sat Jul 19 06:23:18 2014 +1000
5316
5317     - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opts, used
5318       in servconf.h.
5319
5320commit ab2ec586baad122ed169285c31927ccf58bc7b28
5321Author: Damien Miller <djm@mindrot.org>
5322Date:   Fri Jul 18 15:04:47 2014 +1000
5323
5324       - djm@cvs.openbsd.org 2014/07/18 02:46:01
5325         [ssh-agent.c]
5326         restore umask around listener socket creation (dropped in streamlocal patch
5327         merge)
5328
5329commit 357610d15946381ae90c271837dcdd0cdce7145f
5330Author: Damien Miller <djm@mindrot.org>
5331Date:   Fri Jul 18 15:04:10 2014 +1000
5332
5333       - djm@cvs.openbsd.org 2014/07/17 07:22:19
5334         [mux.c ssh.c]
5335         reflect stdio-forward ("ssh -W host:port ...") failures in exit status.
5336         previously we were always returning 0. bz#2255 reported by Brendan
5337         Germain; ok dtucker
5338
5339commit dad9a4a0b7c2b5d78605f8df28718f116524134e
5340Author: Damien Miller <djm@mindrot.org>
5341Date:   Fri Jul 18 15:03:49 2014 +1000
5342
5343       - djm@cvs.openbsd.org 2014/07/17 00:12:03
5344         [key.c]
5345         silence "incorrect passphrase" error spam; reported and ok dtucker@
5346
5347commit f42f7684ecbeec6ce50e0310f80b3d6da2aaf533
5348Author: Damien Miller <djm@mindrot.org>
5349Date:   Fri Jul 18 15:03:27 2014 +1000
5350
5351       - djm@cvs.openbsd.org 2014/07/17 00:10:18
5352         [mux.c]
5353         preserve errno across syscall
5354
5355commit 1b83320628cb0733e3688b85bfe4d388a7c51909
5356Author: Damien Miller <djm@mindrot.org>
5357Date:   Fri Jul 18 15:03:02 2014 +1000
5358
5359       - djm@cvs.openbsd.org 2014/07/17 00:10:56
5360         [sandbox-systrace.c]
5361         ifdef SYS_sendsyslog so this will compile without patching on -stable
5362
5363commit 6d57656331bcd754d912950e4a18ad259d596e61
5364Author: Damien Miller <djm@mindrot.org>
5365Date:   Fri Jul 18 15:02:06 2014 +1000
5366
5367       - jmc@cvs.openbsd.org 2014/07/16 14:48:57
5368         [ssh.1]
5369         add the streamlocal* options to ssh's -o list; millert says they're
5370         irrelevant for scp/sftp;
5371
5372         ok markus millert
5373
5374commit 7acefbbcbeab725420ea07397ae35992f505f702
5375Author: Damien Miller <djm@mindrot.org>
5376Date:   Fri Jul 18 14:11:24 2014 +1000
5377
5378       - millert@cvs.openbsd.org 2014/07/15 15:54:14
5379         [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
5380         [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
5381         [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
5382         [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
5383         [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
5384         [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
5385         [sshd_config.5 sshlogin.c]
5386         Add support for Unix domain socket forwarding.  A remote TCP port
5387         may be forwarded to a local Unix domain socket and vice versa or
5388         both ends may be a Unix domain socket.  This is a reimplementation
5389         of the streamlocal patches by William Ahern from:
5390             http://www.25thandclement.com/~william/projects/streamlocal.html
5391         OK djm@ markus@
5392
5393commit 6262d760e00714523633bd989d62e273a3dca99a
5394Author: Damien Miller <djm@mindrot.org>
5395Date:   Thu Jul 17 09:52:07 2014 +1000
5396
5397       - tedu@cvs.openbsd.org 2014/07/11 13:54:34
5398         [myproposal.h]
5399         by popular demand, add back hamc-sha1 to server proposal for better compat
5400         with many clients still in use. ok deraadt
5401
5402commit 9d69d937b46ecba17f16d923e538ceda7b705c7a
5403Author: Damien Miller <djm@mindrot.org>
5404Date:   Thu Jul 17 09:49:37 2014 +1000
5405
5406       - deraadt@cvs.openbsd.org 2014/07/11 08:09:54
5407         [sandbox-systrace.c]
5408         Permit use of SYS_sendsyslog from inside the sandbox.  Clock is ticking,
5409         update your kernels and sshd soon.. libc will start using sendsyslog()
5410         in about 4 days.
5411
5412commit f6293a0b4129826fc2e37e4062f96825df43c326
5413Author: Damien Miller <djm@mindrot.org>
5414Date:   Thu Jul 17 09:01:25 2014 +1000
5415
5416     - (djm) [digest-openssl.c] Preserve array order when disabling digests.
5417       Reported by Petr Lautrbach.
5418
5419commit 00f9cd230709c04399ef5ff80492d70a55230694
5420Author: Damien Miller <djm@mindrot.org>
5421Date:   Tue Jul 15 10:41:38 2014 +1000
5422
5423     - (djm) [configure.ac] Delay checks for arc4random* until after libcrypto
5424       has been located; fixes builds agains libressl-portable
5425
5426commit 1d0df3249c87019556b83306c28d4769375c2edc
5427Author: Damien Miller <djm@mindrot.org>
5428Date:   Fri Jul 11 09:19:04 2014 +1000
5429
5430     - OpenBSD CVS Sync
5431       - benno@cvs.openbsd.org 2014/07/09 14:15:56
5432         [ssh-add.c]
5433         fix ssh-add crash while loading more than one key
5434         ok markus@
5435
5436commit 7a57eb3d105aa4ced15fb47001092c58811e6d9d
5437Author: Damien Miller <djm@mindrot.org>
5438Date:   Wed Jul 9 13:22:31 2014 +1000
5439
5440       - djm@cvs.openbsd.org 2014/07/07 08:15:26
5441         [multiplex.sh]
5442         remove forced-fatal that I stuck in there to test the new cleanup
5443         logic and forgot to remove...
5444
5445commit 612f965239a30fe536b11ece1834d9f470aeb029
5446Author: Damien Miller <djm@mindrot.org>
5447Date:   Wed Jul 9 13:22:03 2014 +1000
5448
5449       - djm@cvs.openbsd.org 2014/07/06 07:42:03
5450         [multiplex.sh test-exec.sh]
5451         add a hook to the cleanup() function to kill $SSH_PID if it is set
5452
5453         use it to kill the mux master started in multiplex.sh (it was being left
5454         around on fatal failures)
5455
5456commit d0bb950485ba121e43a77caf434115ed6417b46f
5457Author: Damien Miller <djm@mindrot.org>
5458Date:   Wed Jul 9 13:07:28 2014 +1000
5459
5460       - djm@cvs.openbsd.org 2014/07/09 03:02:15
5461         [key.c]
5462         downgrade more error() to debug() to better match what old authfile.c
5463         did; suppresses spurious errors with hostbased authentication enabled
5464
5465commit 0070776a038655c57f57e70cd05e4c38a5de9d84
5466Author: Damien Miller <djm@mindrot.org>
5467Date:   Wed Jul 9 13:07:06 2014 +1000
5468
5469       - djm@cvs.openbsd.org 2014/07/09 01:45:10
5470         [sftp.c]
5471         more useful error message when GLOB_NOSPACE occurs;
5472         bz#2254, patch from Orion Poplawski
5473
5474commit 079bac2a43c74ef7cf56850afbab3b1932534c50
5475Author: Damien Miller <djm@mindrot.org>
5476Date:   Wed Jul 9 13:06:25 2014 +1000
5477
5478       - djm@cvs.openbsd.org 2014/07/07 08:19:12
5479         [ssh_config.5]
5480         mention that ProxyCommand is executed using shell "exec" to avoid
5481         a lingering process; bz#1977
5482
5483commit 3a48cc090096cf99b9de592deb5f90e444edebfb
5484Author: Damien Miller <djm@mindrot.org>
5485Date:   Sun Jul 6 09:32:49 2014 +1000
5486
5487       - djm@cvs.openbsd.org 2014/07/05 23:11:48
5488         [channels.c]
5489         fix remote-forward cancel regression; ok markus@
5490
5491commit 48bae3a38cb578713e676708164f6e7151cc64fa
5492Author: Damien Miller <djm@mindrot.org>
5493Date:   Sun Jul 6 09:27:06 2014 +1000
5494
5495       - djm@cvs.openbsd.org 2014/07/03 23:18:35
5496         [authfile.h]
5497         remove leakmalloc droppings
5498
5499commit 72e6b5c9ed5e72ca3a6ccc3177941b7c487a0826
5500Author: Damien Miller <djm@mindrot.org>
5501Date:   Fri Jul 4 09:00:04 2014 +1000
5502
5503       - djm@cvs.openbsd.org 2014/07/03 22:40:43
5504         [servconf.c servconf.h session.c sshd.8 sshd_config.5]
5505         Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
5506         executed, mirroring the no-user-rc authorized_keys option;
5507         bz#2160; ok markus@
5508
5509commit 602943d1179a08dfa70af94f62296ea5e3d6ebb8
5510Author: Damien Miller <djm@mindrot.org>
5511Date:   Fri Jul 4 08:59:41 2014 +1000
5512
5513       - djm@cvs.openbsd.org 2014/07/03 22:33:41
5514         [channels.c]
5515         allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
5516         GatewayPorts=no; allows client to choose address family;
5517         bz#2222 ok markus@
5518
5519commit 6b37fbb7921d156b31e2c8f39d9e1b6746c34983
5520Author: Damien Miller <djm@mindrot.org>
5521Date:   Fri Jul 4 08:59:24 2014 +1000
5522
5523       - djm@cvs.openbsd.org 2014/07/03 22:23:46
5524         [sshconnect.c]
5525         when rekeying, skip file/DNS lookup if it is the same as the key sent
5526         during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@
5527
5528commit d2c3cd5f2e47ee24cf7093ce8e948c2e79dfc3fd
5529Author: Damien Miller <djm@mindrot.org>
5530Date:   Fri Jul 4 08:59:01 2014 +1000
5531
5532       - jsing@cvs.openbsd.org 2014/07/03 12:42:16
5533         [cipher-chachapoly.c]
5534         Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - this
5535         makes it easier to verify that chacha_encrypt_bytes() is only called once
5536         per chacha_ivsetup() call.
5537         ok djm@
5538
5539commit 686feb560ec43a06ba04da82b50f3c183c947309
5540Author: Damien Miller <djm@mindrot.org>
5541Date:   Thu Jul 3 21:29:38 2014 +1000
5542
5543       - djm@cvs.openbsd.org 2014/07/03 11:16:55
5544         [auth.c auth.h auth1.c auth2.c]
5545         make the "Too many authentication failures" message include the
5546         user, source address, port and protocol in a format similar to the
5547         authentication success / failure messages; bz#2199, ok dtucker
5548
5549commit 0f12341402e18fd9996ec23189b9418d2722453f
5550Author: Damien Miller <djm@mindrot.org>
5551Date:   Thu Jul 3 21:28:09 2014 +1000
5552
5553       - jmc@cvs.openbsd.org 2014/07/03 07:45:27
5554         [ssh_config.5]
5555         escape %C since groff thinks it part of an Rs/Re block;
5556
5557commit 9c38643c5cd47a19db2cc28279dcc28abadc22b3
5558Author: Damien Miller <djm@mindrot.org>
5559Date:   Thu Jul 3 21:27:46 2014 +1000
5560
5561       - djm@cvs.openbsd.org 2014/07/03 06:39:19
5562         [ssh.c ssh_config.5]
5563         Add a %C escape sequence for LocalCommand and ControlPath that expands
5564         to a unique identifer based on a has of the tuple of (local host,
5565         remote user, hostname, port).
5566
5567         Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
5568         control paths.
5569
5570         bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
5571
5572commit 49d9bfe2b2f3e90cc158a215dffa7675e57e7830
5573Author: Damien Miller <djm@mindrot.org>
5574Date:   Thu Jul 3 21:26:42 2014 +1000
5575
5576       - djm@cvs.openbsd.org 2014/07/03 05:38:17
5577         [ssh.1]
5578         document that -g will only work in the multiplexed case if applied to
5579         the mux master
5580
5581commit ef9f13ba4c58057b2166d1f2e790535da402fbe5
5582Author: Damien Miller <djm@mindrot.org>
5583Date:   Thu Jul 3 21:26:21 2014 +1000
5584
5585       - djm@cvs.openbsd.org 2014/07/03 05:32:36
5586         [ssh_config.5]
5587         mention '%%' escape sequence in HostName directives and how it may
5588         be used to specify IPv6 link-local addresses
5589
5590commit e6a407789e5432dd2e53336fb73476cc69048c54
5591Author: Damien Miller <djm@mindrot.org>
5592Date:   Thu Jul 3 21:25:03 2014 +1000
5593
5594       - djm@cvs.openbsd.org 2014/07/03 04:36:45
5595         [digest.h]
5596         forward-declare struct sshbuf so consumers don't need to include sshbuf.h
5597
5598commit 4a1d3d50f02d0a8a4ef95ea4749293cbfb89f919
5599Author: Damien Miller <djm@mindrot.org>
5600Date:   Thu Jul 3 21:24:40 2014 +1000
5601
5602       - djm@cvs.openbsd.org 2014/07/03 03:47:27
5603         [ssh-keygen.c]
5604         When hashing or removing hosts using ssh-keygen, don't choke on
5605         @revoked markers and don't remove @cert-authority markers;
5606         bz#2241, reported by mlindgren AT runelind.net
5607
5608commit e5c0d52ceb575c3db8c313e0b1aa3845943d7ba8
5609Author: Damien Miller <djm@mindrot.org>
5610Date:   Thu Jul 3 21:24:19 2014 +1000
5611
5612       - djm@cvs.openbsd.org 2014/07/03 03:34:09
5613         [gss-serv.c session.c ssh-keygen.c]
5614         standardise on NI_MAXHOST for gethostname() string lengths; about
5615         1/2 the cases were using it already. Fixes bz#2239 en passant
5616
5617commit c174a3b7c14e0d178c61219de2aa1110e209950c
5618Author: Damien Miller <djm@mindrot.org>
5619Date:   Thu Jul 3 21:23:24 2014 +1000
5620
5621       - djm@cvs.openbsd.org 2014/07/03 03:26:43
5622         [digest-openssl.c]
5623         use EVP_Digest() for one-shot hash instead of creating, updating,
5624         finalising and destroying a context.
5625         bz#2231, based on patch from Timo Teras
5626
5627commit d7ca2cd31ecc4d63a055e2dcc4bf35c13f2db4c5
5628Author: Damien Miller <djm@mindrot.org>
5629Date:   Thu Jul 3 21:23:01 2014 +1000
5630
5631       - djm@cvs.openbsd.org 2014/07/03 03:15:01
5632         [ssh-add.c]
5633         make stdout line-buffered; saves partial output getting lost when
5634         ssh-add fatal()s part-way through (e.g. when listing keys from an
5635         agent that supports key types that ssh-add doesn't);
5636         bz#2234, reported by Phil Pennock
5637
5638commit b1e967c8d7c7578dd0c172d85b3046cf54ea42ba
5639Author: Damien Miller <djm@mindrot.org>
5640Date:   Thu Jul 3 21:22:40 2014 +1000
5641
5642       - djm@cvs.openbsd.org 2014/07/03 03:11:03
5643         [ssh-agent.c]
5644         Only cleanup agent socket in the main agent process and not in any
5645         subprocesses it may have started (e.g. forked askpass). Fixes
5646         agent sockets being zapped when askpass processes fatal();
5647         bz#2236 patch from Dmitry V. Levin
5648
5649commit 61e28e55c3438d796b02ef878bcd28620d452670
5650Author: Damien Miller <djm@mindrot.org>
5651Date:   Thu Jul 3 21:22:22 2014 +1000
5652
5653       - djm@cvs.openbsd.org 2014/07/03 01:45:38
5654         [sshkey.c]
5655         make Ed25519 keys' title fit properly in the randomart border; bz#2247
5656         based on patch from Christian Hesse
5657
5658commit 9eb4cd9a32c32d40d36450b68ed93badc6a94c68
5659Author: Damien Miller <djm@mindrot.org>
5660Date:   Thu Jul 3 13:29:50 2014 +1000
5661
5662     - (djm) [monitor_fdpass.c] Use sys/poll.h if poll.h doesn't exist;
5663       bz#2237
5664
5665commit 8da0fa24934501909408327298097b1629b89eaa
5666Author: Damien Miller <djm@mindrot.org>
5667Date:   Thu Jul 3 11:54:19 2014 +1000
5668
5669     - (djm) [digest-openssl.c configure.ac] Disable RIPEMD160 if libcrypto
5670       doesn't support it.
5671
5672commit 81309c857dd0dbc0a1245a16d621c490ad48cfbb
5673Author: Damien Miller <djm@mindrot.org>
5674Date:   Wed Jul 2 17:45:55 2014 +1000
5675
5676     - (djm) [regress/Makefile] fix execution of sshkey unit/fuzz test
5677
5678commit 82b2482ce68654815ee049b9bf021bb362a35ff2
5679Author: Damien Miller <djm@mindrot.org>
5680Date:   Wed Jul 2 17:43:41 2014 +1000
5681
5682     - (djm) [sshkey.c] Conditionalise inclusion of util.h
5683
5684commit dd8b1dd7933eb6f5652641b0cdced34a387f2e80
5685Author: Damien Miller <djm@mindrot.org>
5686Date:   Wed Jul 2 17:38:31 2014 +1000
5687
5688       - djm@cvs.openbsd.org 2014/06/24 01:14:17
5689         [Makefile.in regress/Makefile regress/unittests/Makefile]
5690         [regress/unittests/sshkey/Makefile]
5691         [regress/unittests/sshkey/common.c]
5692         [regress/unittests/sshkey/common.h]
5693         [regress/unittests/sshkey/mktestdata.sh]
5694         [regress/unittests/sshkey/test_file.c]
5695         [regress/unittests/sshkey/test_fuzz.c]
5696         [regress/unittests/sshkey/test_sshkey.c]
5697         [regress/unittests/sshkey/tests.c]
5698         [regress/unittests/sshkey/testdata/dsa_1]
5699         [regress/unittests/sshkey/testdata/dsa_1-cert.fp]
5700         [regress/unittests/sshkey/testdata/dsa_1-cert.pub]
5701         [regress/unittests/sshkey/testdata/dsa_1.fp]
5702         [regress/unittests/sshkey/testdata/dsa_1.fp.bb]
5703         [regress/unittests/sshkey/testdata/dsa_1.param.g]
5704         [regress/unittests/sshkey/testdata/dsa_1.param.priv]
5705         [regress/unittests/sshkey/testdata/dsa_1.param.pub]
5706         [regress/unittests/sshkey/testdata/dsa_1.pub]
5707         [regress/unittests/sshkey/testdata/dsa_1_pw]
5708         [regress/unittests/sshkey/testdata/dsa_2]
5709         [regress/unittests/sshkey/testdata/dsa_2.fp]
5710         [regress/unittests/sshkey/testdata/dsa_2.fp.bb]
5711         [regress/unittests/sshkey/testdata/dsa_2.pub]
5712         [regress/unittests/sshkey/testdata/dsa_n]
5713         [regress/unittests/sshkey/testdata/dsa_n_pw]
5714         [regress/unittests/sshkey/testdata/ecdsa_1]
5715         [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp]
5716         [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub]
5717         [regress/unittests/sshkey/testdata/ecdsa_1.fp]
5718         [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb]
5719         [regress/unittests/sshkey/testdata/ecdsa_1.param.curve]
5720         [regress/unittests/sshkey/testdata/ecdsa_1.param.priv]
5721         [regress/unittests/sshkey/testdata/ecdsa_1.param.pub]
5722         [regress/unittests/sshkey/testdata/ecdsa_1.pub]
5723         [regress/unittests/sshkey/testdata/ecdsa_1_pw]
5724         [regress/unittests/sshkey/testdata/ecdsa_2]
5725         [regress/unittests/sshkey/testdata/ecdsa_2.fp]
5726         [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb]
5727         [regress/unittests/sshkey/testdata/ecdsa_2.param.curve]
5728         [regress/unittests/sshkey/testdata/ecdsa_2.param.priv]
5729         [regress/unittests/sshkey/testdata/ecdsa_2.param.pub]
5730         [regress/unittests/sshkey/testdata/ecdsa_2.pub]
5731         [regress/unittests/sshkey/testdata/ecdsa_n]
5732         [regress/unittests/sshkey/testdata/ecdsa_n_pw]
5733         [regress/unittests/sshkey/testdata/ed25519_1]
5734         [regress/unittests/sshkey/testdata/ed25519_1-cert.fp]
5735         [regress/unittests/sshkey/testdata/ed25519_1-cert.pub]
5736         [regress/unittests/sshkey/testdata/ed25519_1.fp]
5737         [regress/unittests/sshkey/testdata/ed25519_1.fp.bb]
5738         [regress/unittests/sshkey/testdata/ed25519_1.pub]
5739         [regress/unittests/sshkey/testdata/ed25519_1_pw]
5740         [regress/unittests/sshkey/testdata/ed25519_2]
5741         [regress/unittests/sshkey/testdata/ed25519_2.fp]
5742         [regress/unittests/sshkey/testdata/ed25519_2.fp.bb]
5743         [regress/unittests/sshkey/testdata/ed25519_2.pub]
5744         [regress/unittests/sshkey/testdata/pw]
5745         [regress/unittests/sshkey/testdata/rsa1_1]
5746         [regress/unittests/sshkey/testdata/rsa1_1.fp]
5747         [regress/unittests/sshkey/testdata/rsa1_1.fp.bb]
5748         [regress/unittests/sshkey/testdata/rsa1_1.param.n]
5749         [regress/unittests/sshkey/testdata/rsa1_1.pub]
5750         [regress/unittests/sshkey/testdata/rsa1_1_pw]
5751         [regress/unittests/sshkey/testdata/rsa1_2]
5752         [regress/unittests/sshkey/testdata/rsa1_2.fp]
5753         [regress/unittests/sshkey/testdata/rsa1_2.fp.bb]
5754         [regress/unittests/sshkey/testdata/rsa1_2.param.n]
5755         [regress/unittests/sshkey/testdata/rsa1_2.pub]
5756         [regress/unittests/sshkey/testdata/rsa_1]
5757         [regress/unittests/sshkey/testdata/rsa_1-cert.fp]
5758         [regress/unittests/sshkey/testdata/rsa_1-cert.pub]
5759         [regress/unittests/sshkey/testdata/rsa_1.fp]
5760         [regress/unittests/sshkey/testdata/rsa_1.fp.bb]
5761         [regress/unittests/sshkey/testdata/rsa_1.param.n]
5762         [regress/unittests/sshkey/testdata/rsa_1.param.p]
5763         [regress/unittests/sshkey/testdata/rsa_1.param.q]
5764         [regress/unittests/sshkey/testdata/rsa_1.pub]
5765         [regress/unittests/sshkey/testdata/rsa_1_pw]
5766         [regress/unittests/sshkey/testdata/rsa_2]
5767         [regress/unittests/sshkey/testdata/rsa_2.fp]
5768         [regress/unittests/sshkey/testdata/rsa_2.fp.bb]
5769         [regress/unittests/sshkey/testdata/rsa_2.param.n]
5770         [regress/unittests/sshkey/testdata/rsa_2.param.p]
5771         [regress/unittests/sshkey/testdata/rsa_2.param.q]
5772         [regress/unittests/sshkey/testdata/rsa_2.pub]
5773         [regress/unittests/sshkey/testdata/rsa_n]
5774         [regress/unittests/sshkey/testdata/rsa_n_pw]
5775         unit and fuzz tests for new key API
5776
5777commit c1dc24b71f087f385b92652b9673f52af64e0428
5778Author: Damien Miller <djm@mindrot.org>
5779Date:   Wed Jul 2 17:02:03 2014 +1000
5780
5781       - djm@cvs.openbsd.org 2014/06/24 01:04:43
5782         [regress/krl.sh]
5783         regress test for broken consecutive revoked serial number ranges
5784
5785commit 43d3ed2dd3feca6d0326c7dc82588d2faa115e92
5786Author: Damien Miller <djm@mindrot.org>
5787Date:   Wed Jul 2 17:01:08 2014 +1000
5788
5789       - djm@cvs.openbsd.org 2014/05/21 07:04:21
5790         [regress/integrity.sh]
5791         when failing because of unexpected output, show the offending output
5792
5793commit 5a96707ffc8d227c2e7d94fa6b0317f8a152cf4e
5794Author: Damien Miller <djm@mindrot.org>
5795Date:   Wed Jul 2 15:38:05 2014 +1000
5796
5797       - djm@cvs.openbsd.org 2014/04/30 05:32:00
5798         [regress/Makefile]
5799         unit tests for new buffer API; including basic fuzz testing
5800         NB. Id sync only.
5801
5802commit 3ff92ba756aee48e4ae3e0aeff7293517b3dd185
5803Author: Damien Miller <djm@mindrot.org>
5804Date:   Wed Jul 2 15:33:09 2014 +1000
5805
5806       - djm@cvs.openbsd.org 2014/06/30 12:54:39
5807         [key.c]
5808         suppress spurious error message when loading key with a passphrase;
5809         reported by kettenis@ ok markus@
5810       - djm@cvs.openbsd.org 2014/07/02 04:59:06
5811         [cipher-3des1.c]
5812         fix ssh protocol 1 on the server that regressed with the sshkey change
5813         (sometimes fatal() after auth completed), make file return useful status
5814         codes.
5815         NB. Id sync only for these two. They were bundled into the sshkey merge
5816         above, since it was easier to sync the entire file and then apply
5817         portable-specific changed atop it.
5818
5819commit ec3d0e24a1e46873d80507f5cd8ee6d0d03ac5dc
5820Author: Damien Miller <djm@mindrot.org>
5821Date:   Wed Jul 2 15:30:00 2014 +1000
5822
5823       - markus@cvs.openbsd.org 2014/06/27 18:50:39
5824         [ssh-add.c]
5825         fix loading of private keys
5826
5827commit 4b3ed647d5b328cf68e6a8ffbee490d8e0683e82
5828Author: Damien Miller <djm@mindrot.org>
5829Date:   Wed Jul 2 15:29:40 2014 +1000
5830
5831       - markus@cvs.openbsd.org 2014/06/27 16:41:56
5832         [channels.c channels.h clientloop.c ssh.c]
5833         fix remote fwding with same listen port but different listen address
5834         with gerhard@, ok djm@
5835
5836commit 9e01ff28664921ce9b6500681333e42fb133b4d0
5837Author: Damien Miller <djm@mindrot.org>
5838Date:   Wed Jul 2 15:29:21 2014 +1000
5839
5840       - deraadt@cvs.openbsd.org 2014/06/25 14:16:09
5841         [sshbuf.c]
5842         unblock SIGSEGV before raising it
5843         ok djm
5844
5845commit 1845fe6bda0729e52f4c645137f4fc3070b5438a
5846Author: Damien Miller <djm@mindrot.org>
5847Date:   Wed Jul 2 15:29:01 2014 +1000
5848
5849       - djm@cvs.openbsd.org 2014/06/24 02:21:01
5850         [scp.c]
5851         when copying local->remote fails during read, don't send uninitialised
5852         heap to the remote end. Reported by Jann Horn
5853
5854commit 19439e9a2a0ac0b4b3b1210e89695418beb1c883
5855Author: Damien Miller <djm@mindrot.org>
5856Date:   Wed Jul 2 15:28:40 2014 +1000
5857
5858       - djm@cvs.openbsd.org 2014/06/24 02:19:48
5859         [ssh.c]
5860         don't fatal() when hostname canonicalisation fails with a
5861         ProxyCommand in use; continue and allow the ProxyCommand to
5862         connect anyway (e.g. to a host with a name outside the DNS
5863         behind a bastion)
5864
5865commit 8668706d0f52654fe64c0ca41a96113aeab8d2b8
5866Author: Damien Miller <djm@mindrot.org>
5867Date:   Wed Jul 2 15:28:02 2014 +1000
5868
5869       - djm@cvs.openbsd.org 2014/06/24 01:13:21
5870         [Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
5871         [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
5872         [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
5873         [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
5874         [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
5875         [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
5876         [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
5877         [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
5878         [sshconnect2.c sshd.c sshkey.c sshkey.h
5879         [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
5880         New key API: refactor key-related functions to be more library-like,
5881         existing API is offered as a set of wrappers.
5882
5883         with and ok markus@
5884
5885         Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
5886         Dempsky and Ron Bowes for a detailed review a few months ago.
5887
5888         NB. This commit also removes portable OpenSSH support for OpenSSL
5889         <0.9.8e.
5890
5891commit 2cd7929250cf9e9f658d70dcd452f529ba08c942
5892Author: Damien Miller <djm@mindrot.org>
5893Date:   Wed Jul 2 12:48:30 2014 +1000
5894
5895       - djm@cvs.openbsd.org 2014/06/24 00:52:02
5896         [krl.c]
5897         fix bug in KRL generation: multiple consecutive revoked certificate
5898         serial number ranges could be serialised to an invalid format.
5899
5900         Readers of a broken KRL caused by this bug will fail closed, so no
5901         should-have-been-revoked key will be accepted.
5902
5903commit 99db840ee8dbbd2b3fbc6c45d0ee2f6a65e96898
5904Author: Damien Miller <djm@mindrot.org>
5905Date:   Wed Jul 2 12:48:04 2014 +1000
5906
5907       - naddy@cvs.openbsd.org 2014/06/18 15:42:09
5908         [sshbuf-getput-crypto.c]
5909         The ssh_get_bignum functions must accept the same range of bignums
5910         the corresponding ssh_put_bignum functions create.  This fixes the
5911         use of 16384-bit RSA keys (bug reported by Eivind Evensen).
5912         ok djm@
5913
5914commit 84a89161a9629239b64171ef3e22ef6a3e462d51
5915Author: Damien Miller <djm@mindrot.org>
5916Date:   Wed Jul 2 12:47:48 2014 +1000
5917
5918       - matthew@cvs.openbsd.org 2014/06/18 02:59:13
5919         [sandbox-systrace.c]
5920         Now that we have a dedicated getentropy(2) system call for
5921         arc4random(3), we can disallow __sysctl(2) in OpenSSH's systrace
5922         sandbox.
5923
5924         ok djm
5925
5926commit 51504ceec627c0ad57b9f75585c7b3d277f326be
5927Author: Damien Miller <djm@mindrot.org>
5928Date:   Wed Jul 2 12:47:25 2014 +1000
5929
5930       - deraadt@cvs.openbsd.org 2014/06/13 08:26:29
5931         [sandbox-systrace.c]
5932         permit SYS_getentropy
5933         from matthew
5934
5935commit a261b8df59117f7dc52abb3a34b35a40c2c9fa88
5936Author: Tim Rice <tim@multitalents.net>
5937Date:   Wed Jun 18 16:17:28 2014 -0700
5938
5939     - (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
5940
5941commit 316fac6f18f87262a315c79bcf68b9f92c9337e4
5942Author: Darren Tucker <dtucker@zip.com.au>
5943Date:   Tue Jun 17 23:06:07 2014 +1000
5944
5945     - (dtucker) [entropy.c openbsd-compat/openssl-compat.{c,h}
5946       openbsd-compat/regress/{.cvsignore,Makefile.in,opensslvertest.c}]
5947       Move the OpenSSL header/library version test into its own function and add
5948       tests for it. Fix it to allow fix version upgrades (but not downgrades).
5949       Prompted by chl@ via OpenSMTPD (issue #462) and Debian (bug #748150).
5950       ok djm@ chl@
5951
5952commit af665bb7b092a59104db1e65577851cf35b86e32
5953Author: Darren Tucker <dtucker@zip.com.au>
5954Date:   Mon Jun 16 22:50:55 2014 +1000
5955
5956     - (dtucker) [defines.h] Fix undef of _PATH_MAILDIR.  From rak at debian via
5957       OpenSMTPD and chl@
5958
5959commit f9696566fb41320820f3b257ab564fa321bb3751
5960Author: Darren Tucker <dtucker@zip.com.au>
5961Date:   Fri Jun 13 11:06:04 2014 +1000
5962
5963     - (dtucker) [configure.ac] Remove tcpwrappers support, support has already
5964       been removed from sshd.c.
5965
5966commit 5e2b8894b0b24af4ad0a2f7aa33ebf255df7a8bc
5967Author: Tim Rice <tim@multitalents.net>
5968Date:   Wed Jun 11 18:31:10 2014 -0700
5969
5970     - (tim) [regress/unittests/test_helper/test_helper.h] Add includes.h for
5971       u_intXX_t types.
5972
5973commit 985ee2cbc3e43bc65827c3c0d4df3faa99160c37
5974Author: Darren Tucker <dtucker@zip.com.au>
5975Date:   Thu Jun 12 05:32:29 2014 +1000
5976
5977     - (dtucker) [regress/unittests/sshbuf/*.c regress/unittests/test_helper/*]
5978       Wrap stdlib.h include an ifdef for platforms that don't have it.
5979
5980commit cf5392c2db2bb1dbef9818511d34056404436109
5981Author: Darren Tucker <dtucker@zip.com.au>
5982Date:   Thu Jun 12 05:22:49 2014 +1000
5983
5984     - (dtucker) [defines.h] Add va_copy if we don't already have it, taken from
5985       openbsd-compat/bsd-asprintf.c.
5986
5987commit 58538d795e0b662f2f4e5a7193f1204bbe992ddd
5988Author: Darren Tucker <dtucker@zip.com.au>
5989Date:   Wed Jun 11 13:39:24 2014 +1000
5990
5991     - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for
5992       compat stuff, specifically whether or not OpenSSL has ECC.
5993
5994commit eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08
5995Author: Darren Tucker <dtucker@zip.com.au>
5996Date:   Wed Jun 11 13:10:00 2014 +1000
5997
5998     - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an
5999       assigment that might get optimized out.  ok djm@
6000
6001commit b9609fd86c623d6d440e630f5f9a63295f7aea20
6002Author: Darren Tucker <dtucker@zip.com.au>
6003Date:   Wed Jun 11 08:04:02 2014 +1000
6004
6005     - (dtucker) [sshbuf.h] Only declare ECC functions if building without
6006       OpenSSL or if OpenSSL has ECC.
6007
6008commit a54a040f66944c6e8913df8635a01a2327219be9
6009Author: Darren Tucker <dtucker@zip.com.au>
6010Date:   Wed Jun 11 07:58:35 2014 +1000
6011
6012       - dtucker@cvs.openbsd.org 2014/06/10 21:46:11
6013         [sshbuf.h]
6014         Group ECC functions together to make things a little easier in -portable.
6015         "doesn't bother me" deraadt@
6016
6017commit 9f92c53bad04a89067756be8198d4ec2d8a08875
6018Author: Darren Tucker <dtucker@zip.com.au>
6019Date:   Wed Jun 11 07:57:58 2014 +1000
6020
6021       - djm@cvs.openbsd.org 2014/06/05 22:17:50
6022         [sshconnect2.c]
6023         fix inverted test that caused PKCS#11 keys that were explicitly listed
6024         not to be preferred. Reported by Dirk-Willem van Gulik
6025
6026commit 15c254a25394f96643da2ad0f674acdc51e89856
6027Author: Darren Tucker <dtucker@zip.com.au>
6028Date:   Wed Jun 11 07:38:49 2014 +1000
6029
6030     - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] ifdef
6031       ECC variable too.
6032
6033commit d7af0cc5bf273eeed0897a99420bc26841d07d8f
6034Author: Darren Tucker <dtucker@zip.com.au>
6035Date:   Wed Jun 11 07:37:25 2014 +1000
6036
6037     - (dtucker) [myprosal.h] Don't include curve25519-sha256@libssh.org in
6038       the proposal if the version of OpenSSL we're using doesn't support ECC.
6039
6040commit 67508ac2563c33d582be181a3e777c65f549d22f
6041Author: Darren Tucker <dtucker@zip.com.au>
6042Date:   Wed Jun 11 06:27:16 2014 +1000
6043
6044     - (dtucker) [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c
6045       regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] Only do NISTP256
6046       curve tests if OpenSSL has them.
6047
6048commit 6482d90a65459a88c18c925368525855832272b3
6049Author: Damien Miller <djm@mindrot.org>
6050Date:   Tue May 27 14:34:42 2014 +1000
6051
6052     - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c]
6053          [openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
6054             separation user at runtime, since it may need to be a domain account.
6055                Patch from Corinna Vinschen.
6056
6057commit f9eb5e0734f7a7f6e975809eb54684d2a06a7ffc
6058Author: Damien Miller <djm@mindrot.org>
6059Date:   Tue May 27 14:31:58 2014 +1000
6060
6061     - (djm) [contrib/cygwin/ssh-host-config] Updated Cygwin ssh-host-config
6062       from Corinna Vinschen, fixing a number of bugs and preparing for
6063       Cygwin 1.7.30.
6064
6065commit eae88744662e6b149f43ef071657727f1a157d95
6066Author: Damien Miller <djm@mindrot.org>
6067Date:   Tue May 27 14:27:02 2014 +1000
6068
6069     - (djm) [cipher.c] Fix merge botch.
6070
6071commit 564b5e253c1d95c26a00e8288f0089a2571661c3
6072Author: Damien Miller <djm@mindrot.org>
6073Date:   Thu May 22 08:23:59 2014 +1000
6074
6075     - (djm) [Makefile.in] typo in path
6076
6077commit e84d10302aeaf7a1acb05c451f8718143656856a
6078Author: Damien Miller <djm@mindrot.org>
6079Date:   Wed May 21 17:13:36 2014 +1000
6080
6081    revert a diff I didn't mean to commit
6082
6083commit 795b86313f1f1aab9691666c4f2d5dae6e4acd50
6084Author: Damien Miller <djm@mindrot.org>
6085Date:   Wed May 21 17:12:53 2014 +1000
6086
6087     - (djm) [misc.c] Use CLOCK_BOOTTIME in preference to CLOCK_MONOTONIC
6088       when it is available. It takes into account time spent suspended,
6089       thereby ensuring timeouts (e.g. for expiring agent keys) fire
6090       correctly. bz#2228 reported by John Haxby
6091
6092commit 18912775cb97c0b1e75e838d3c7d4b56648137b5
6093Author: Damien Miller <djm@mindrot.org>
6094Date:   Wed May 21 17:06:46 2014 +1000
6095
6096     - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use
6097       vhangup on Linux. It doens't work for non-root users, and for them
6098       it just messes up the tty settings.
6099
6100commit 7f1c264d3049cd95234e91970ccb5406e1d15b27
6101Author: Damien Miller <djm@mindrot.org>
6102Date:   Thu May 15 18:01:52 2014 +1000
6103
6104     - (djm) [sshbuf.c] need __predict_false
6105
6106commit e7429f2be8643e1100380a8a7389d85cc286c8fe
6107Author: Damien Miller <djm@mindrot.org>
6108Date:   Thu May 15 18:01:01 2014 +1000
6109
6110     - (djm) [regress/Makefile Makefile.in]
6111       [regress/unittests/sshbuf/test_sshbuf.c
6112       [regress/unittests/sshbuf/test_sshbuf_fixed.c]
6113       [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
6114       [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
6115       [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
6116       [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
6117       [regress/unittests/sshbuf/test_sshbuf_misc.c]
6118       [regress/unittests/sshbuf/tests.c]
6119       [regress/unittests/test_helper/fuzz.c]
6120       [regress/unittests/test_helper/test_helper.c]
6121       Hook new unit tests into the build and "make tests"
6122
6123commit def1de086707b0e6b046fe7e115c60aca0227a99
6124Author: Damien Miller <djm@mindrot.org>
6125Date:   Thu May 15 15:17:15 2014 +1000
6126
6127     - (djm) [regress/unittests/Makefile]
6128       [regress/unittests/Makefile.inc]
6129       [regress/unittests/sshbuf/Makefile]
6130       [regress/unittests/sshbuf/test_sshbuf.c]
6131       [regress/unittests/sshbuf/test_sshbuf_fixed.c]
6132       [regress/unittests/sshbuf/test_sshbuf_fuzz.c]
6133       [regress/unittests/sshbuf/test_sshbuf_getput_basic.c]
6134       [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c]
6135       [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c]
6136       [regress/unittests/sshbuf/test_sshbuf_misc.c]
6137       [regress/unittests/sshbuf/tests.c]
6138       [regress/unittests/test_helper/Makefile]
6139       [regress/unittests/test_helper/fuzz.c]
6140       [regress/unittests/test_helper/test_helper.c]
6141       [regress/unittests/test_helper/test_helper.h]
6142       Import new unit tests from OpenBSD; not yet hooked up to build.
6143
6144commit 167685756fde8bc213a8df2c8e1848e312db0f46
6145Author: Damien Miller <djm@mindrot.org>
6146Date:   Thu May 15 15:08:40 2014 +1000
6147
6148       - logan@cvs.openbsd.org 2014/05/04 10:40:59
6149         [connect-privsep.sh]
6150         Remove the Z flag from the list of malloc options as it
6151         was removed from malloc.c 10 days ago.
6152
6153         OK from miod@
6154
6155commit d0b69fe90466920d69c96069312e24b581771bd7
6156Author: Damien Miller <djm@mindrot.org>
6157Date:   Thu May 15 15:08:19 2014 +1000
6158
6159       - dtucker@cvs.openbsd.org 2014/05/03 18:46:14
6160         [proxy-connect.sh]
6161         Add tests for with and without compression, with and without privsep.
6162
6163commit edb1af50441d19fb2dd9ccb4d75bf14473fca584
6164Author: Damien Miller <djm@mindrot.org>
6165Date:   Thu May 15 15:07:53 2014 +1000
6166
6167       - djm@cvs.openbsd.org 2014/04/21 22:15:37
6168         [dhgex.sh integrity.sh kextype.sh rekey.sh try-ciphers.sh]
6169         repair regress tests broken by server-side default cipher/kex/mac changes
6170         by ensuring that the option under test is included in the server's
6171         algorithm list
6172
6173commit 54343e95c70994695f8842fb22836321350198d3
6174Author: Damien Miller <djm@mindrot.org>
6175Date:   Thu May 15 15:07:33 2014 +1000
6176
6177       - djm@cvs.openbsd.org 2014/03/13 20:44:49
6178         [login-timeout.sh]
6179         this test is a sorry mess of race conditions; add another sleep
6180         to avoid a failure on slow machines (at least until I find a
6181         better way)
6182
6183commit e5b9f0f2ee6e133894307e44e862b66426990733
6184Author: Damien Miller <djm@mindrot.org>
6185Date:   Thu May 15 14:58:07 2014 +1000
6186
6187     - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c]
6188       [sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
6189
6190commit b9c566788a9ebd6a9d466f47a532124f111f0542
6191Author: Damien Miller <djm@mindrot.org>
6192Date:   Thu May 15 14:43:37 2014 +1000
6193
6194     - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write
6195       portability glue to support building without libcrypto
6196
6197commit 3dc27178b42234b653a32f7a87292d7994045ee3
6198Author: Damien Miller <djm@mindrot.org>
6199Date:   Thu May 15 14:37:59 2014 +1000
6200
6201       - logan@cvs.openbsd.org 2014/05/05 07:02:30
6202         [sftp.c]
6203         Zap extra whitespace.
6204
6205         OK from djm@ and dtucker@
6206
6207commit c31a0cd5b31961f01c5b731f62a6cb9d4f767472
6208Author: Damien Miller <djm@mindrot.org>
6209Date:   Thu May 15 14:37:39 2014 +1000
6210
6211       - markus@cvs.openbsd.org 2014/05/03 17:20:34
6212         [monitor.c packet.c packet.h]
6213         unbreak compression, by re-init-ing the compression code in the
6214         post-auth child. the new buffer code is more strict, and requires
6215         buffer_init() while the old code was happy after a bzero();
6216         originally from djm@
6217
6218commit 686c7d9ee6f44b2be4128d7860b6b37adaeba733
6219Author: Damien Miller <djm@mindrot.org>
6220Date:   Thu May 15 14:37:03 2014 +1000
6221
6222       - djm@cvs.openbsd.org 2014/05/02 03:27:54
6223         [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c]
6224         [misc.h poly1305.h ssh-pkcs11.c defines.h]
6225         revert __bounded change; it causes way more problems for portable than
6226         it solves; pointed out by dtucker@
6227
6228commit 294c58a007cfb2f3bddc4fc3217e255857ffb9bf
6229Author: Damien Miller <djm@mindrot.org>
6230Date:   Thu May 15 14:35:03 2014 +1000
6231
6232       - naddy@cvs.openbsd.org 2014/04/30 19:07:48
6233         [mac.c myproposal.h umac.c]
6234         UMAC can use our local fallback implementation of AES when OpenSSL isn't
6235         available.  Glue code straight from Ted Krovetz's original umac.c.
6236         ok markus@
6237
6238commit 05e82c3b963c33048128baf72a6f6b3a1c10b4c1
6239Author: Damien Miller <djm@mindrot.org>
6240Date:   Thu May 15 14:33:43 2014 +1000
6241
6242       - djm@cvs.openbsd.org 2014/04/30 05:29:56
6243         [bufaux.c bufbn.c bufec.c buffer.c buffer.h sshbuf-getput-basic.c]
6244         [sshbuf-getput-crypto.c sshbuf-misc.c sshbuf.c sshbuf.h ssherr.c]
6245         [ssherr.h]
6246         New buffer API; the first installment of the conversion/replacement
6247         of OpenSSH's internals to make them usable as a standalone library.
6248
6249         This includes a set of wrappers to make it compatible with the
6250         existing buffer API so replacement can occur incrementally.
6251
6252         With and ok markus@
6253
6254         Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
6255         Dempsky and Ron Bowes for a detailed review.
6256
6257commit 380948180f847a26f2d0c85b4dad3dca2ed2fd8b
6258Author: Damien Miller <djm@mindrot.org>
6259Date:   Thu May 15 14:25:18 2014 +1000
6260
6261       - dtucker@cvs.openbsd.org 2014/04/29 20:36:51
6262         [sftp.c]
6263         Don't attempt to append a nul quote char to the filename.  Should prevent
6264         fatal'ing with "el_insertstr failed" when there's a single quote char
6265         somewhere in the string.  bz#2238, ok markus@
6266
6267commit d7fd8bedd4619a2ec7fd02aae4c4e1db4431ad9f
6268Author: Damien Miller <djm@mindrot.org>
6269Date:   Thu May 15 14:24:59 2014 +1000
6270
6271       - dtucker@cvs.openbsd.org 2014/04/29 19:58:50
6272         [sftp.c]
6273         Move nulling of variable next to where it's freed.  ok markus@
6274
6275commit 1f0311c7c7d10c94ff7f823de9c5b2ed79368b14
6276Author: Damien Miller <djm@mindrot.org>
6277Date:   Thu May 15 14:24:09 2014 +1000
6278
6279       - markus@cvs.openbsd.org 2014/04/29 18:01:49
6280         [auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
6281         [kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
6282         [roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
6283         [ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
6284         make compiling against OpenSSL optional (make OPENSSL=no);
6285         reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
6286         allows us to explore further options; with and ok djm
6287
6288commit c5893785564498cea73cb60d2cf199490483e080
6289Author: Damien Miller <djm@mindrot.org>
6290Date:   Thu May 15 13:48:49 2014 +1000
6291
6292       - djm@cvs.openbsd.org 2014/04/29 13:10:30
6293         [clientloop.c serverloop.c]
6294         bz#1818 - don't send channel success/failre replies on channels that
6295         have sent a close already; analysis and patch from Simon Tatham;
6296         ok markus@
6297
6298commit 633de33b192d808d87537834c316dc8b75fe1880
6299Author: Damien Miller <djm@mindrot.org>
6300Date:   Thu May 15 13:48:26 2014 +1000
6301
6302       - djm@cvs.openbsd.org 2014/04/28 03:09:18
6303         [authfile.c bufaux.c buffer.h channels.c krl.c mux.c packet.c packet.h]
6304         [ssh-keygen.c]
6305         buffer_get_string_ptr's return should be const to remind
6306         callers that futzing with it will futz with the actual buffer
6307         contents
6308
6309commit 15271907843e4ae50dcfc83b3594014cf5e9607b
6310Author: Damien Miller <djm@mindrot.org>
6311Date:   Thu May 15 13:47:56 2014 +1000
6312
6313       - djm@cvs.openbsd.org 2014/04/23 12:42:34
6314         [readconf.c]
6315         don't record duplicate IdentityFiles
6316
6317commit 798a02568b13a2e46efebd81f08c8f4bb33a6dc7
6318Author: Damien Miller <djm@mindrot.org>
6319Date:   Thu May 15 13:47:37 2014 +1000
6320
6321       - jmc@cvs.openbsd.org 2014/04/22 14:16:30
6322         [sftp.1]
6323         zap eol whitespace;
6324
6325commit d875ff78d2b8436807381051de112f0ebf9b9ae1
6326Author: Damien Miller <djm@mindrot.org>
6327Date:   Thu May 15 13:47:15 2014 +1000
6328
6329       - logan@cvs.openbsd.org 2014/04/22 12:42:04
6330         [sftp.1]
6331         Document sftp upload resume.
6332         OK from djm@, with feedback from okan@.
6333
6334commit b15cd7bb097fd80dc99520f45290ef775da1ef19
6335Author: Damien Miller <djm@mindrot.org>
6336Date:   Thu May 15 13:46:52 2014 +1000
6337
6338       - logan@cvs.openbsd.org 2014/04/22 10:07:12
6339         [sftp.c]
6340         Sort the sftp command list.
6341         OK from djm@
6342
6343commit d8accc0aa72656ba63d50937165c5ae49db1dcd6
6344Author: Damien Miller <djm@mindrot.org>
6345Date:   Thu May 15 13:46:25 2014 +1000
6346
6347       - logan@cvs.openbsd.org 2014/04/21 14:36:16
6348         [sftp-client.c sftp-client.h sftp.c]
6349         Implement sftp upload resume support.
6350         OK from djm@, with input from guenther@, mlarkin@ and
6351         okan@
6352
6353commit 16cd3928a87d20c77b13592a74b60b08621d3ce6
6354Author: Damien Miller <djm@mindrot.org>
6355Date:   Thu May 15 13:45:58 2014 +1000
6356
6357       - logan@cvs.openbsd.org 2014/04/20 09:24:26
6358         [dns.c dns.h ssh-keygen.c]
6359         Add support for SSHFP DNS records for ED25519 key types.
6360         OK from djm@
6361
6362commit ec0b67eb3b4e12f296ced1fafa01860c374f7eea
6363Author: Damien Miller <djm@mindrot.org>
6364Date:   Thu May 15 13:45:26 2014 +1000
6365
6366     - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions ine
6367       OpenBSD
6368
6369commit f028460d0b2e5a584355321015cde69bf6fd933e
6370Author: Darren Tucker <dtucker@zip.com.au>
6371Date:   Thu May 1 02:24:35 2014 +1000
6372
6373     - (dtucker) [defines.h] Define __GNUC_PREREQ__ macro if we don't already
6374       have it.  Only attempt to use __attribute__(__bounded__) for gcc.
6375
6376commit b628cc4c3e4a842bab5e4584d18c2bc5fa4d0edf
6377Author: Damien Miller <djm@mindrot.org>
6378Date:   Sun Apr 20 13:33:58 2014 +1000
6379
6380       - djm@cvs.openbsd.org 2014/04/20 02:49:32
6381         [compat.c]
6382         add a canonical 6.6 + curve25519 bignum fix fake version that I can
6383         recommend people use ahead of the openssh-6.7 release
6384
6385commit 888566913933a802f3a329ace123ebcb7154cf78
6386Author: Damien Miller <djm@mindrot.org>
6387Date:   Sun Apr 20 13:33:19 2014 +1000
6388
6389       - djm@cvs.openbsd.org 2014/04/20 02:30:25
6390         [misc.c misc.h umac.c]
6391         use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on
6392         strict-alignment architectures; reported by and ok stsp@
6393
6394commit 16f85cbc7e5139950e6a38317e7c8b368beafa5d
6395Author: Damien Miller <djm@mindrot.org>
6396Date:   Sun Apr 20 13:29:28 2014 +1000
6397
6398       - tedu@cvs.openbsd.org 2014/04/19 18:42:19
6399         [ssh.1]
6400         delete .xr to hosts.equiv. there's still an unfortunate amount of
6401         documentation referring to rhosts equivalency in here.
6402
6403commit 69cb24b7356ec3f0fc5ff04a68f98f2c55c766f4
6404Author: Damien Miller <djm@mindrot.org>
6405Date:   Sun Apr 20 13:29:06 2014 +1000
6406
6407       - tedu@cvs.openbsd.org 2014/04/19 18:15:16
6408         [sshd.8]
6409         remove some really old rsh references
6410
6411commit 84c1e7bca8c4ceaccf4d5557e39a833585a3c77e
6412Author: Damien Miller <djm@mindrot.org>
6413Date:   Sun Apr 20 13:27:53 2014 +1000
6414
6415       - tedu@cvs.openbsd.org 2014/04/19 14:53:48
6416         [ssh-keysign.c sshd.c]
6417         Delete futile calls to RAND_seed. ok djm
6418         NB. Id sync only. This only applies to OpenBSD's libcrypto slashathon
6419
6420commit 0e6b67423b8662f9ca4c92750309e144fd637ef1
6421Author: Damien Miller <djm@mindrot.org>
6422Date:   Sun Apr 20 13:27:01 2014 +1000
6423
6424       - djm@cvs.openbsd.org 2014/04/19 05:54:59
6425         [compat.c]
6426         missing wildcard; pointed out by naddy@
6427
6428commit 9395b28223334826837c15e8c1bb4dfb3b0d2ca5
6429Author: Damien Miller <djm@mindrot.org>
6430Date:   Sun Apr 20 13:25:30 2014 +1000
6431
6432       - djm@cvs.openbsd.org 2014/04/18 23:52:25
6433         [compat.c compat.h sshconnect2.c sshd.c version.h]
6434         OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
6435         using the curve25519-sha256@libssh.org KEX exchange method to fail
6436         when connecting with something that implements the spec properly.
6437
6438         Disable this KEX method when speaking to one of the affected
6439         versions.
6440
6441         reported by Aris Adamantiadis; ok markus@
6442
6443commit 8c492da58f8ceb85cf5f7066f23e26fb813a963d
6444Author: Damien Miller <djm@mindrot.org>
6445Date:   Sun Apr 20 13:25:09 2014 +1000
6446
6447       - djm@cvs.openbsd.org 2014/04/16 23:28:12
6448         [ssh-agent.1]
6449         remove the identity files from this manpage - ssh-agent doesn't deal
6450         with them at all and the same information is duplicated in ssh-add.1
6451         (which does deal with them); prodded by deraadt@
6452
6453commit adbfdbbdccc70c9bd70d81ae096db115445c6e26
6454Author: Damien Miller <djm@mindrot.org>
6455Date:   Sun Apr 20 13:24:49 2014 +1000
6456
6457       - djm@cvs.openbsd.org 2014/04/16 23:22:45
6458         [bufaux.c]
6459         skip leading zero bytes in buffer_put_bignum2_from_string();
6460         reported by jan AT mojzis.com; ok markus@
6461
6462commit 75c62728dc87af6805696eeb520b9748faa136c8
6463Author: Damien Miller <djm@mindrot.org>
6464Date:   Sun Apr 20 13:24:31 2014 +1000
6465
6466       - djm@cvs.openbsd.org 2014/04/12 04:55:53
6467         [sshd.c]
6468         avoid crash at exit: check that pmonitor!=NULL before dereferencing;
6469         bz#2225, patch from kavi AT juniper.net
6470
6471commit 2a328437fb1b0976f2f4522d8645803d5a5d0967
6472Author: Damien Miller <djm@mindrot.org>
6473Date:   Sun Apr 20 13:24:01 2014 +1000
6474
6475       - djm@cvs.openbsd.org 2014/04/01 05:32:57
6476         [packet.c]
6477         demote a debug3 to PACKET_DEBUG; ok markus@
6478
6479commit 7d6a9fb660c808882d064e152d6070ffc3844c3f
6480Author: Damien Miller <djm@mindrot.org>
6481Date:   Sun Apr 20 13:23:43 2014 +1000
6482
6483       - djm@cvs.openbsd.org 2014/04/01 03:34:10
6484         [sshconnect.c]
6485         When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any
6486         certificate keys to plain keys and attempt SSHFP resolution.
6487
6488         Prevents a server from skipping SSHFP lookup and forcing a new-hostkey
6489         dialog by offering only certificate keys.
6490
6491         Reported by mcv21 AT cam.ac.uk
6492
6493commit fcd62c0b66b8415405ed0af29c236329eb88cc0f
6494Author: Damien Miller <djm@mindrot.org>
6495Date:   Sun Apr 20 13:23:21 2014 +1000
6496
6497       - djm@cvs.openbsd.org 2014/04/01 02:05:27
6498         [ssh-keysign.c]
6499         include fingerprint of key not found
6500         use arc4random_buf() instead of loop+arc4random()
6501
6502commit 43b156cf72f900f88065b0a1c1ebd09ab733ca46
6503Author: Damien Miller <djm@mindrot.org>
6504Date:   Sun Apr 20 13:23:03 2014 +1000
6505
6506       - jmc@cvs.openbsd.org 2014/03/31 13:39:34
6507         [ssh-keygen.1]
6508         the text for the -K option was inserted in the wrong place in -r1.108;
6509         fix From: Matthew Clarke
6510
6511commit c1621c84f2dc1279065ab9fde2aa9327af418900
6512Author: Damien Miller <djm@mindrot.org>
6513Date:   Sun Apr 20 13:22:46 2014 +1000
6514
6515       - naddy@cvs.openbsd.org 2014/03/28 05:17:11
6516         [ssh_config.5 sshd_config.5]
6517         sync available and default algorithms, improve algorithm list formatting
6518         help from jmc@ and schwarze@, ok deraadt@
6519
6520commit f2719b7c2b8a3b14d778d8a6d8dc729b5174b054
6521Author: Damien Miller <djm@mindrot.org>
6522Date:   Sun Apr 20 13:22:18 2014 +1000
6523
6524       - tedu@cvs.openbsd.org 2014/03/26 19:58:37
6525         [sshd.8 sshd.c]
6526         remove libwrap support. ok deraadt djm mfriedl
6527
6528commit 4f40209aa4060b9c066a2f0d9332ace7b8dfb391
6529Author: Damien Miller <djm@mindrot.org>
6530Date:   Sun Apr 20 13:21:22 2014 +1000
6531
6532       - djm@cvs.openbsd.org 2014/03/26 04:55:35
6533         [chacha.h cipher-chachapoly.h digest.h hmac.h kex.h kexc25519.c
6534         [misc.h poly1305.h ssh-pkcs11.c]
6535         use __bounded(...) attribute recently added to sys/cdefs.h instead of
6536         longform __attribute__(__bounded(...));
6537
6538         for brevity and a warning free compilation with llvm/clang
6539
6540commit 9235a030ad1b16903fb495d81544e0f7c7449523
6541Author: Damien Miller <djm@mindrot.org>
6542Date:   Sun Apr 20 13:17:20 2014 +1000
6543
6544    Three commits in one (since they touch the same heavily-diverged file
6545    repeatedly):
6546
6547       - markus@cvs.openbsd.org 2014/03/25 09:40:03
6548         [myproposal.h]
6549         trimm default proposals.
6550
6551         This commit removes the weaker pre-SHA2 hashes, the broken ciphers
6552         (arcfour), and the broken modes (CBC) from the default configuration
6553         (the patch only changes the default, all the modes are still available
6554         for the config files).
6555
6556         ok djm@, reminded by tedu@ & naddy@ and discussed with many
6557       - deraadt@cvs.openbsd.org 2014/03/26 17:16:26
6558         [myproposal.h]
6559         The current sharing of myproposal[] between both client and server code
6560         makes the previous diff highly unpallatable.  We want to go in that
6561         direction for the server, but not for the client.  Sigh.
6562         Brought up by naddy.
6563       - markus@cvs.openbsd.org 2014/03/27 23:01:27
6564         [myproposal.h ssh-keyscan.c sshconnect2.c sshd.c]
6565         disable weak proposals in sshd, but keep them in ssh; ok djm@
6566
6567commit 6e1777f592f15f4559728c78204617537b1ac076
6568Author: Damien Miller <djm@mindrot.org>
6569Date:   Sun Apr 20 13:02:58 2014 +1000
6570
6571       - tedu@cvs.openbsd.org 2014/03/19 14:42:44
6572         [scp.1]
6573         there is no need for rcp anymore
6574         ok deraadt millert
6575
6576commit eb1b7c514d2a7b1802ccee8cd50e565a4d419887
6577Author: Damien Miller <djm@mindrot.org>
6578Date:   Sun Apr 20 13:02:26 2014 +1000
6579
6580       - tedu@cvs.openbsd.org 2014/03/17 19:44:10
6581         [ssh.1]
6582         old descriptions of des and blowfish are old. maybe ok deraadt
6583
6584commit f0858de6e1324ec730752387074b111b8551081e
6585Author: Damien Miller <djm@mindrot.org>
6586Date:   Sun Apr 20 13:01:30 2014 +1000
6587
6588       - deraadt@cvs.openbsd.org 2014/03/15 17:28:26
6589         [ssh-agent.c ssh-keygen.1 ssh-keygen.c]
6590         Improve usage() and documentation towards the standard form.
6591         In particular, this line saves a lot of man page reading time.
6592           usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
6593                             [-N new_passphrase] [-C comment] [-f output_keyfile]
6594         ok schwarze jmc
6595
6596commit 94bfe0fbd6e91a56b5b0ab94ac955d2a67d101aa
6597Author: Damien Miller <djm@mindrot.org>
6598Date:   Sun Apr 20 13:00:51 2014 +1000
6599
6600       - naddy@cvs.openbsd.org 2014/03/12 13:06:59
6601         [ssh-keyscan.1]
6602         scan for Ed25519 keys by default too
6603
6604commit 3819519288b2b3928c6882f5883b0f55148f4fc0
6605Author: Damien Miller <djm@mindrot.org>
6606Date:   Sun Apr 20 13:00:28 2014 +1000
6607
6608       - djm@cvs.openbsd.org 2014/03/12 04:51:12
6609         [authfile.c]
6610         correct test that kdf name is not "none" or "bcrypt"
6611
6612commit 8f9cd709c7cf0655d414306a0ed28306b33802be
6613Author: Damien Miller <djm@mindrot.org>
6614Date:   Sun Apr 20 13:00:11 2014 +1000
6615
6616       - djm@cvs.openbsd.org 2014/03/12 04:50:32
6617         [auth-bsdauth.c ssh-keygen.c]
6618         don't count on things that accept arguments by reference to clear
6619         things for us on error; most things do, but it's unsafe form.
6620
6621commit 1c7ef4be83f6dec84509a312518b9df00ab491d9
6622Author: Damien Miller <djm@mindrot.org>
6623Date:   Sun Apr 20 12:59:46 2014 +1000
6624
6625       - djm@cvs.openbsd.org 2014/03/12 04:44:58
6626         [ssh-keyscan.c]
6627         scan for Ed25519 keys by default too
6628
6629commit c10bf4d051c97939b30a1616c0499310057d07da
6630Author: Damien Miller <djm@mindrot.org>
6631Date:   Sun Apr 20 12:58:04 2014 +1000
6632
6633       - djm@cvs.openbsd.org 2014/03/03 22:22:30
6634         [session.c]
6635         ignore enviornment variables with embedded '=' or '\0' characters;
6636         spotted by Jann Horn; ok deraadt@
6637         Id sync only - portable already has this.
6638
6639commit c2e49062faccbcd7135c40d1c78c5c329c58fc2e
6640Author: Damien Miller <djm@mindrot.org>
6641Date:   Tue Apr 1 14:42:46 2014 +1100
6642
6643     - (djm) Use full release (e.g. 6.5p1) in debug output rather than just
6644        version. From des@des.no
6645
6646commit 14928b7492abec82afa4c2b778fc03f78cd419b6
6647Author: Damien Miller <djm@mindrot.org>
6648Date:   Tue Apr 1 14:38:07 2014 +1100
6649
6650     - (djm) On platforms that support it, use prctl() to prevent sftp-server
6651        from accessing /proc/self/{mem,maps}; patch from jann AT thejh.net
6652
6653commit 48abc47e60048461fe9117e108a7e99ea1ac2bb8
6654Author: Damien Miller <djm@mindrot.org>
6655Date:   Mon Mar 17 14:45:56 2014 +1100
6656
6657     - (djm) [sandbox-seccomp-filter.c] Soft-fail stat() syscalls. Add XXX to
6658       remind myself to add sandbox violation logging via the log socket.
6659
6660commit 9c36698ca2f554ec221dc7ef29c7a89e97c88705
6661Author: Tim Rice <tim@multitalents.net>
6662Date:   Fri Mar 14 12:45:01 2014 -0700
6663
6664    20140314
6665     - (tim) [opensshd.init.in] Add support for ed25519
6666
6667commit 19158b2447e35838d69b2b735fb640d1e86061ea
6668Author: Damien Miller <djm@mindrot.org>
6669Date:   Thu Mar 13 13:14:21 2014 +1100
6670
6671     - (djm) Release OpenSSH 6.6
6672
6673commit 8569eba5d7f7348ce3955eeeb399f66f25c52ece
6674Author: Damien Miller <djm@mindrot.org>
6675Date:   Tue Mar 4 09:35:17 2014 +1100
6676
6677       - djm@cvs.openbsd.org 2014/03/03 22:22:30
6678         [session.c]
6679         ignore enviornment variables with embedded '=' or '\0' characters;
6680         spotted by Jann Horn; ok deraadt@
6681
6682commit 2476c31b96e89aec7d4e73cb6fbfb9a4290de3a7
6683Author: Damien Miller <djm@mindrot.org>
6684Date:   Sun Mar 2 04:01:00 2014 +1100
6685
6686     - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
6687       no moduli file exists at the expected location.
6688
6689commit c83fdf30e9db865575b2521b1fe46315cf4c70ae
6690Author: Damien Miller <djm@mindrot.org>
6691Date:   Fri Feb 28 10:34:03 2014 +1100
6692
6693     - (djm) [regress/host-expand.sh] Add RCS Id
6694
6695commit 834aeac3555e53f7d29a6fcf3db010dfb99681c7
6696Author: Damien Miller <djm@mindrot.org>
6697Date:   Fri Feb 28 10:25:16 2014 +1100
6698
6699       - djm@cvs.openbsd.org 2014/02/27 21:21:25
6700         [agent-ptrace.sh agent.sh]
6701         keep return values that are printed in error messages;
6702         from portable
6703         (Id sync only)
6704
6705commit 4f7f1a9a0de24410c30952c7e16d433240422182
6706Author: Damien Miller <djm@mindrot.org>
6707Date:   Fri Feb 28 10:24:11 2014 +1100
6708
6709       - djm@cvs.openbsd.org 2014/02/27 20:04:16
6710         [login-timeout.sh]
6711         remove any existing LoginGraceTime from sshd_config before adding
6712         a specific one for the test back in
6713
6714commit d705d987c27f68080c8798eeb5262adbdd6b4ffd
6715Author: Damien Miller <djm@mindrot.org>
6716Date:   Fri Feb 28 10:23:26 2014 +1100
6717
6718       - djm@cvs.openbsd.org 2014/01/26 10:49:17
6719         [scp-ssh-wrapper.sh scp.sh]
6720         make sure $SCP is tested on the remote end rather than whichever one
6721         happens to be in $PATH; from portable
6722         (Id sync only)
6723
6724commit 624a3ca376e3955a4b9d936c9e899e241b65d357
6725Author: Damien Miller <djm@mindrot.org>
6726Date:   Fri Feb 28 10:22:37 2014 +1100
6727
6728       - djm@cvs.openbsd.org 2014/01/26 10:22:10
6729         [regress/cert-hostkey.sh]
6730         automatically generate revoked keys from listed keys rather than
6731         manually specifying each type; from portable
6732         (Id sync only)
6733
6734commit b84392328425e4b9a71f8bde5fe6a4a4c48d3ec4
6735Author: Damien Miller <djm@mindrot.org>
6736Date:   Fri Feb 28 10:21:26 2014 +1100
6737
6738       - dtucker@cvs.openbsd.org 2014/01/25 04:35:32
6739         [regress/Makefile regress/dhgex.sh]
6740         Add a test for DH GEX sizes
6741
6742commit 1e2aa3d90472293ea19008f02336d6d68aa05793
6743Author: Damien Miller <djm@mindrot.org>
6744Date:   Fri Feb 28 10:19:51 2014 +1100
6745
6746       - dtucker@cvs.openbsd.org 2014/01/20 00:00:30
6747         [sftp-chroot.sh]
6748         append to rather than truncating the log file
6749
6750commit f483cc16fe7314e24a37aa3a4422b03c013c3213
6751Author: Damien Miller <djm@mindrot.org>
6752Date:   Fri Feb 28 10:19:11 2014 +1100
6753
6754       - dtucker@cvs.openbsd.org 2014/01/19 23:43:02
6755         [regress/sftp-chroot.sh]
6756         Don't use -q on sftp as it suppresses logging, instead redirect the
6757         output to the regress logfile.
6758
6759commit 6486f16f1c0ebd6f39286f6ab5e08286d90a994a
6760Author: Damien Miller <djm@mindrot.org>
6761Date:   Fri Feb 28 10:03:52 2014 +1100
6762
6763     - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
6764       [contrib/suse/openssh.spec] Crank version numbers
6765
6766commit 92cf5adea194140380e6af6ec32751f9ad540794
6767Author: Damien Miller <djm@mindrot.org>
6768Date:   Fri Feb 28 10:01:53 2014 +1100
6769
6770       - djm@cvs.openbsd.org 2014/02/27 22:57:40
6771         [version.h]
6772         openssh-6.6
6773
6774commit fc5d6759aba71eb205b296b5f148010ffc828583
6775Author: Damien Miller <djm@mindrot.org>
6776Date:   Fri Feb 28 10:01:28 2014 +1100
6777
6778       - djm@cvs.openbsd.org 2014/02/27 22:47:07
6779         [sshd_config.5]
6780         bz#2184 clarify behaviour of a keyword that appears in multiple
6781         matching Match blocks; ok dtucker@
6782
6783commit 172ec7e0af1a5f1d682f6a2dca335c6c186153d5
6784Author: Damien Miller <djm@mindrot.org>
6785Date:   Fri Feb 28 10:00:57 2014 +1100
6786
6787       - djm@cvs.openbsd.org 2014/02/27 08:25:09
6788         [bufbn.c]
6789         off by one in range check
6790
6791commit f9a9aaba437c2787e40cf7cc928281950e161678
6792Author: Damien Miller <djm@mindrot.org>
6793Date:   Fri Feb 28 10:00:27 2014 +1100
6794
6795       - djm@cvs.openbsd.org 2014/02/27 00:41:49
6796         [bufbn.c]
6797         fix unsigned overflow that could lead to reading a short ssh protocol
6798         1 bignum value; found by Ben Hawkes; ok deraadt@
6799
6800commit fb3423b612713d9cde67c8a75f6f51188d6a3de3
6801Author: Damien Miller <djm@mindrot.org>
6802Date:   Thu Feb 27 10:20:07 2014 +1100
6803
6804       - markus@cvs.openbsd.org 2014/02/26 21:53:37
6805         [sshd.c]
6806         ssh_gssapi_prepare_supported_oids needs GSSAPI
6807
6808commit 1348129a34f0f7728c34d86c100a32dcc8d1f922
6809Author: Damien Miller <djm@mindrot.org>
6810Date:   Thu Feb 27 10:18:32 2014 +1100
6811
6812       - djm@cvs.openbsd.org 2014/02/26 20:29:29
6813         [channels.c]
6814         don't assume that the socks4 username is \0 terminated;
6815         spotted by Ben Hawkes; ok markus@
6816
6817commit e6a74aeeacd01d885262ff8e50eb28faee8c8039
6818Author: Damien Miller <djm@mindrot.org>
6819Date:   Thu Feb 27 10:17:49 2014 +1100
6820
6821       - djm@cvs.openbsd.org 2014/02/26 20:28:44
6822         [auth2-gss.c gss-serv.c ssh-gss.h sshd.c]
6823         bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep
6824         sandboxing, as running this code in the sandbox can cause violations;
6825         ok markus@
6826
6827commit 08b57c67f3609340ff703fe2782d7058acf2529e
6828Author: Damien Miller <djm@mindrot.org>
6829Date:   Thu Feb 27 10:17:13 2014 +1100
6830
6831       - djm@cvs.openbsd.org 2014/02/26 20:18:37
6832         [ssh.c]
6833         bz#2205: avoid early hostname lookups unless canonicalisation is enabled;
6834         ok dtucker@ markus@
6835
6836commit 13f97b2286142fd0b8eab94e4ce84fe124eeb752
6837Author: Damien Miller <djm@mindrot.org>
6838Date:   Mon Feb 24 15:57:55 2014 +1100
6839
6840       - djm@cvs.openbsd.org 2014/02/23 20:11:36
6841         [readconf.c readconf.h ssh.c ssh_config.5]
6842         reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes
6843         the hostname. This allows users to write configurations that always
6844         refer to canonical hostnames, e.g.
6845
6846         CanonicalizeHostname yes
6847         CanonicalDomains int.example.org example.org
6848         CanonicalizeFallbackLocal no
6849
6850         Host *.int.example.org
6851             Compression off
6852         Host *.example.org
6853             User djm
6854
6855         ok markus@
6856
6857commit bee3a234f3d1ad4244952bcff1b4b7c525330dc2
6858Author: Damien Miller <djm@mindrot.org>
6859Date:   Mon Feb 24 15:57:22 2014 +1100
6860
6861       - djm@cvs.openbsd.org 2014/02/23 20:03:42
6862         [ssh-ed25519.c]
6863         check for unsigned overflow; not reachable in OpenSSH but others might
6864         copy our code...
6865
6866commit 0628780abe61e7e50cba48cdafb1837f49ff23b2
6867Author: Damien Miller <djm@mindrot.org>
6868Date:   Mon Feb 24 15:56:45 2014 +1100
6869
6870       - djm@cvs.openbsd.org 2014/02/22 01:32:19
6871         [readconf.c]
6872         when processing Match blocks, skip 'exec' clauses if previous predicates
6873         failed to match; ok markus@
6874
6875commit 0890dc8191bb201eb01c3429feec0300a9d3a930
6876Author: Damien Miller <djm@mindrot.org>
6877Date:   Mon Feb 24 15:56:07 2014 +1100
6878
6879       - djm@cvs.openbsd.org 2014/02/15 23:05:36
6880         [channels.c]
6881         avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W;
6882         bz#2200, debian#738692 via Colin Watson; ok dtucker@
6883
6884commit d3cf67e1117c25d151d0f86396e77ee3a827045a
6885Author: Damien Miller <djm@mindrot.org>
6886Date:   Mon Feb 24 15:55:36 2014 +1100
6887
6888       - djm@cvs.openbsd.org 2014/02/07 06:55:54
6889         [cipher.c mac.c]
6890         remove some logging that makes ssh debugging output very verbose;
6891         ok markus
6892
6893commit 03ae081aeaa118361c81ece76eb7cc1aaa2b40c5
6894Author: Tim Rice <tim@multitalents.net>
6895Date:   Fri Feb 21 09:09:34 2014 -0800
6896
6897    20140221
6898     - (tim) [configure.ac]  Fix cut-and-paste error. Patch from Bryan Drewery.
6899
6900commit 4a20959d2e3c90e9d66897c0b4032c785672d815
6901Author: Darren Tucker <dtucker@zip.com.au>
6902Date:   Thu Feb 13 16:38:32 2014 +1100
6903
6904     - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]  Add compat
6905       code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
6906
6907commit d1a7a9c0fd1ac2e3314cceb2891959fd2cd9eabb
6908Author: Damien Miller <djm@mindrot.org>
6909Date:   Fri Feb 7 09:24:33 2014 +1100
6910
6911       - djm@cvs.openbsd.org 2014/02/06 22:21:01
6912         [sshconnect.c]
6913         in ssh_create_socket(), only do the getaddrinfo for BindAddress when
6914         BindAddress is actually specified. Fixes regression in 6.5 for
6915         UsePrivilegedPort=yes; patch from Corinna Vinschen
6916
6917commit 6ce35b6cc4ead1bf98abec34cb2e2d6ca0abb15e
6918Author: Damien Miller <djm@mindrot.org>
6919Date:   Fri Feb 7 09:24:14 2014 +1100
6920
6921       - naddy@cvs.openbsd.org 2014/02/05 20:13:25
6922         [ssh-keygen.1 ssh-keygen.c]
6923         tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@
6924         while here, fix ordering in usage(); requested by jmc@
6925
6926commit 6434cb2cfbbf0a46375d2d22f2ff9927feb5e478
6927Author: Damien Miller <djm@mindrot.org>
6928Date:   Thu Feb 6 11:17:50 2014 +1100
6929
6930     - (djm) [sandbox-seccomp-filter.c] Not all Linux architectures define
6931        __NR_shutdown; some go via the socketcall(2) multiplexer.
6932
6933commit 8d36f9ac71eff2e9f5770c0518b73d875f270647
6934Author: Darren Tucker <dtucker@zip.com.au>
6935Date:   Thu Feb 6 10:44:13 2014 +1100
6936
6937     - (dtucker) [openbsd-compat/bsd-poll.c] Don't bother checking for non-NULL
6938       before freeing since free(NULL) is a no-op.  ok djm.
6939
6940commit a0959da3680b4ce8cf911caf3293a6d90f88eeb7
6941Author: Damien Miller <djm@mindrot.org>
6942Date:   Wed Feb 5 10:33:45 2014 +1100
6943
6944     - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by
6945       headers/libc but not supported by the kernel. Patch from Loganaden
6946       Velvindron @ AfriNIC
6947
6948commit 9c449bc183b256c84d8f740727b0bc54d247b15e
6949Author: Damien Miller <djm@mindrot.org>
6950Date:   Tue Feb 4 11:38:28 2014 +1100
6951
6952     - (djm) [regress/setuid-allowed.c] Missing string.h for strerror()
6953
6954commit bf7e0f03be661b6f5b3bfe325135ce19391f9c4d
6955Author: Damien Miller <djm@mindrot.org>
6956Date:   Tue Feb 4 11:37:50 2014 +1100
6957
6958     - (djm) [openbsd-compat/Makefile.in] Add missing explicit_bzero.o
6959
6960commit eb6d870a0ea8661299bb2ea8f013d3ace04e2024
6961Author: Damien Miller <djm@mindrot.org>
6962Date:   Tue Feb 4 11:26:34 2014 +1100
6963
6964       - djm@cvs.openbsd.org 2014/02/04 00:24:29
6965         [ssh.c]
6966         delay lowercasing of hostname until right before hostname
6967         canonicalisation to unbreak case-sensitive matching of ssh_config;
6968         reported by Ike Devolder; ok markus@
6969
6970commit d56b44d2dfa093883a5c4e91be3f72d99946b170
6971Author: Damien Miller <djm@mindrot.org>
6972Date:   Tue Feb 4 11:26:04 2014 +1100
6973
6974       - djm@cvs.openbsd.org 2014/02/04 00:24:29
6975         [ssh.c]
6976         delay lowercasing of hostname until right before hostname
6977         canonicalisation to unbreak case-sensitive matching of ssh_config;
6978         reported by Ike Devolder; ok markus@
6979
6980commit db3c595ea74ea9ccd5aa644d7e1f8dc675710731
6981Author: Damien Miller <djm@mindrot.org>
6982Date:   Tue Feb 4 11:25:45 2014 +1100
6983
6984       - djm@cvs.openbsd.org 2014/02/02 03:44:31
6985         [digest-libc.c digest-openssl.c]
6986         convert memset of potentially-private data to explicit_bzero()
6987
6988commit aae07e2e2000dd318418fd7fd4597760904cae32
6989Author: Damien Miller <djm@mindrot.org>
6990Date:   Tue Feb 4 11:20:40 2014 +1100
6991
6992       - djm@cvs.openbsd.org 2014/02/03 23:28:00
6993         [ssh-ecdsa.c]
6994         fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike
6995         DSA_SIG_new. Reported by Batz Spear; ok markus@
6996
6997commit a5103f413bde6f31bff85d6e1fd29799c647d765
6998Author: Damien Miller <djm@mindrot.org>
6999Date:   Tue Feb 4 11:20:14 2014 +1100
7000
7001       - djm@cvs.openbsd.org 2014/02/02 03:44:32
7002         [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]
7003         [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]
7004         [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]
7005         [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]
7006         [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]
7007         [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c]
7008         [sshd.c]
7009         convert memset of potentially-private data to explicit_bzero()
7010
7011commit 1d2c4564265ee827147af246a16f3777741411ed
7012Author: Damien Miller <djm@mindrot.org>
7013Date:   Tue Feb 4 11:18:20 2014 +1100
7014
7015       - tedu@cvs.openbsd.org 2014/01/31 16:39:19
7016         [auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
7017         [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
7018         [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
7019         [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
7020         [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
7021         replace most bzero with explicit_bzero, except a few that cna be memset
7022         ok djm dtucker
7023
7024commit 3928de067c286683a95fbdbdb5fdb3c78a0e5efd
7025Author: Damien Miller <djm@mindrot.org>
7026Date:   Tue Feb 4 11:13:54 2014 +1100
7027
7028       - djm@cvs.openbsd.org 2014/01/30 22:26:14
7029         [sandbox-systrace.c]
7030         allow shutdown(2) syscall in sandbox - it may be called by packet_close()
7031         from portable
7032         (Id sync only; change is already in portable)
7033
7034commit e1e480aee8a9af6cfbe7188667b7b940d6b57f9f
7035Author: Damien Miller <djm@mindrot.org>
7036Date:   Tue Feb 4 11:13:17 2014 +1100
7037
7038       - jmc@cvs.openbsd.org 2014/01/29 14:04:51
7039         [sshd_config.5]
7040         document kbdinteractiveauthentication;
7041         requested From: Ross L Richardson
7042
7043         dtucker/markus helped explain its workings;
7044
7045commit 7cc194f70d4a5ec9a82d19422eaf18db4a6624c6
7046Author: Damien Miller <djm@mindrot.org>
7047Date:   Tue Feb 4 11:12:56 2014 +1100
7048
7049       - djm@cvs.openbsd.org 2014/01/29 06:18:35
7050         [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c]
7051         [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h]
7052         [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c]
7053         remove experimental, never-enabled JPAKE code; ok markus@
7054
7055commit b0f26544cf6f4feeb1a4f6db09fca834f5c9867d
7056Author: Damien Miller <djm@mindrot.org>
7057Date:   Tue Feb 4 11:10:01 2014 +1100
7058
7059       - djm@cvs.openbsd.org 2014/01/29 00:19:26
7060         [sshd.c]
7061         use kill(0, ...) instead of killpg(0, ...); on most operating systems
7062         they are equivalent, but SUSv2 describes the latter as having undefined
7063         behaviour; from portable; ok dtucker
7064         (Id sync only; change is already in portable)
7065
7066commit f8f35bc471500348bb262039fb1fc43175d251b0
7067Author: Damien Miller <djm@mindrot.org>
7068Date:   Tue Feb 4 11:09:12 2014 +1100
7069
7070       - jmc@cvs.openbsd.org 2014/01/28 14:13:39
7071         [ssh-keyscan.1]
7072         kill some bad Pa;
7073         From: Jan Stary
7074
7075commit 0ba85d696ae9daf66002c2e4ab0d6bb111e1a787
7076Author: Damien Miller <djm@mindrot.org>
7077Date:   Tue Feb 4 11:08:38 2014 +1100
7078
7079    ignore a few more regress droppings
7080
7081commit ec93d15170b7a6ddf63fd654bd0f6a752acc19dd
7082Author: Damien Miller <djm@mindrot.org>
7083Date:   Tue Feb 4 11:07:13 2014 +1100
7084
7085       - markus@cvs.openbsd.org 2014/01/27 20:13:46
7086         [digest.c digest-openssl.c digest-libc.c Makefile.in]
7087         rename digest.c to digest-openssl.c and add libc variant; ok djm@
7088
7089commit 4a1c7aa640fb97d3472d51b215b6a0ec0fd025c7
7090Author: Damien Miller <djm@mindrot.org>
7091Date:   Tue Feb 4 11:03:36 2014 +1100
7092
7093       - markus@cvs.openbsd.org 2014/01/27 19:18:54
7094         [auth-rsa.c cipher.c ssh-agent.c sshconnect1.c sshd.c]
7095         replace openssl MD5 with our ssh_digest_*; ok djm@
7096
7097commit 4e8d937af79ce4e253f77ec93489d098b25becc3
7098Author: Damien Miller <djm@mindrot.org>
7099Date:   Tue Feb 4 11:02:42 2014 +1100
7100
7101       - markus@cvs.openbsd.org 2014/01/27 18:58:14
7102         [Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h]
7103         replace openssl HMAC with an implementation based on our ssh_digest_*
7104         ok and feedback djm@
7105
7106commit 69d0d09f76bab5aec86fbf78489169f63bd16475
7107Author: Tim Rice <tim@multitalents.net>
7108Date:   Fri Jan 31 14:25:18 2014 -0800
7109
7110     - (tim) [Makefile.in] build regress/setuid-allow.
7111
7112commit 0eeafcd76b972a3d159f3118227c149a4d7817fe
7113Author: Darren Tucker <dtucker@zip.com.au>
7114Date:   Fri Jan 31 14:18:51 2014 +1100
7115
7116     - (dtucker) [readconf.c] Include <arpa/inet.h> for the hton macros.  Fixes
7117       build with HP-UX's compiler.  Patch from Kevin Brott.
7118
7119commit 7e5cec6070673e9f9785ffc749837ada22fbe99f
7120Author: Damien Miller <djm@mindrot.org>
7121Date:   Fri Jan 31 09:25:34 2014 +1100
7122
7123     - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
7124       syscall from sandboxes; it may be called by packet_close.
7125
7126commit cdb6c90811caa5df2df856be9b0b16db020fe31d
7127Author: Damien Miller <djm@mindrot.org>
7128Date:   Thu Jan 30 12:50:17 2014 +1100
7129
7130     - (djm) Release openssh-6.5p1
7131
7132commit 996ea80b1884b676a901439f1f2681eb6ff68501
7133Author: Damien Miller <djm@mindrot.org>
7134Date:   Thu Jan 30 12:49:55 2014 +1100
7135
7136    trim entries prior to openssh-6.0p1
7137
7138commit f5bbd3b657b6340551c8a95f74a70857ff8fac79
7139Author: Damien Miller <djm@mindrot.org>
7140Date:   Thu Jan 30 11:26:46 2014 +1100
7141
7142     - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering
7143       different symbols for 'read' when various compiler flags are
7144       in use, causing atomicio.c comparisons against it to break and
7145       read/write operations to hang; ok dtucker
7146
7147commit c2868192ddc4e1420a50389e18c05db20b0b1f32
7148Author: Damien Miller <djm@mindrot.org>
7149Date:   Thu Jan 30 10:21:19 2014 +1100
7150
7151     - (djm) [configure.ac] Only check for width-specified integer types
7152       in headers that actually exist. patch from Tom G. Christensen;
7153       ok dtucker@
7154
7155commit c161fc90fc86e2035710570238a9e1ca7a68d2a5
7156Author: Damien Miller <djm@mindrot.org>
7157Date:   Wed Jan 29 21:01:33 2014 +1100
7158
7159     - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from
7160       Tom G. Christensen
7161
7162commit 6f917ad376481995ab7d29fb53b08ec8d507eb9e
7163Author: Tim Rice <tim@multitalents.net>
7164Date:   Tue Jan 28 10:26:25 2014 -0800
7165
7166     - (tim) [regress/agent.sh regress/agent-ptrace.sh] Assign $? to a variable
7167       when used as an error message inside an if statement so we display the
7168       correct into. agent.sh patch from Petr Lautrbach.
7169
7170commit ab16ef4152914d44ce6f76e48167d26d22f66a06
7171Author: Damien Miller <djm@mindrot.org>
7172Date:   Tue Jan 28 15:08:12 2014 +1100
7173
7174     - (djm) [sshd.c] Use kill(0, ...) instead of killpg(0, ...); the
7175       latter being specified to have undefined behaviour in SUSv3;
7176       ok dtucker
7177
7178commit ab0394905884dc6e58c3721211c6b38fb8fc2ca8
7179Author: Damien Miller <djm@mindrot.org>
7180Date:   Tue Jan 28 15:07:10 2014 +1100
7181
7182     - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl;
7183       ok dtucker
7184
7185commit 4ab20a82d4d4168d62318923f62382f6ef242fcd
7186Author: Darren Tucker <dtucker@zip.com.au>
7187Date:   Mon Jan 27 17:35:04 2014 +1100
7188
7189     - (dtucker) [Makefile.in] Remove trailing backslash which some make
7190       implementations (eg older Solaris) do not cope with.
7191
7192commit e7e8b3cfe9f8665faaf0e68b33df5bbb431bd129
7193Author: Darren Tucker <dtucker@zip.com.au>
7194Date:   Mon Jan 27 17:32:50 2014 +1100
7195
7196    Welcome to 2014
7197
7198commit 5b447c0aac0dd444251e276f6bb3bbbe1c05331c
7199Author: Damien Miller <djm@mindrot.org>
7200Date:   Sun Jan 26 09:46:53 2014 +1100
7201
7202     - (djm) [configure.ac] correct AC_DEFINE for previous.
7203
7204commit 2035b2236d3b1f76c749c642a43e03c85eae76e6
7205Author: Damien Miller <djm@mindrot.org>
7206Date:   Sun Jan 26 09:39:53 2014 +1100
7207
7208      - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable
7209        RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
7210        libc will attempt to open additional file descriptors for crypto
7211        offload and crash if they cannot be opened.
7212
7213commit a92ac7410475fbb00383c7402aa954dc0a75ae19
7214Author: Damien Miller <djm@mindrot.org>
7215Date:   Sun Jan 26 09:38:03 2014 +1100
7216
7217       - markus@cvs.openbsd.org 2014/01/25 20:35:37
7218         [kex.c]
7219         dh_need needs to be set to max(seclen, blocksize, ivlen, mac_len)
7220         ok dtucker@, noted by mancha
7221
7222commit 76eea4ab4e658670ca6e76dd1e6d17f262208b57
7223Author: Damien Miller <djm@mindrot.org>
7224Date:   Sun Jan 26 09:37:25 2014 +1100
7225
7226       - dtucker@cvs.openbsd.org 2014/01/25 10:12:50
7227         [cipher.c cipher.h kex.c kex.h kexgexc.c]
7228         Add a special case for the DH group size for 3des-cbc, which has an
7229         effective strength much lower than the key size.  This causes problems
7230         with some cryptlib implementations, which don't support group sizes larger
7231         than 4k but also don't use the largest group size it does support as
7232         specified in the RFC.  Based on a patch from Petr Lautrbach at Redhat,
7233         reduced by me with input from Markus.  ok djm@ markus@
7234
7235commit 603b8f47f1cd9ed95a2017447db8e60ca6704594
7236Author: Damien Miller <djm@mindrot.org>
7237Date:   Sat Jan 25 13:16:59 2014 +1100
7238
7239     - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test
7240       against the correct thing.
7241
7242commit c96d85376d779b6ac61525b5440010d344d2f23f
7243Author: Damien Miller <djm@mindrot.org>
7244Date:   Sat Jan 25 13:12:28 2014 +1100
7245
7246     - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless
7247       sys/capability.h exists and cap_rights_limit is in libc. Fixes
7248       build on FreeBSD9x which provides the header but not the libc
7249       support.
7250
7251commit f62ecef9939cb3dbeb10602fd705d4db3976d822
7252Author: Damien Miller <djm@mindrot.org>
7253Date:   Sat Jan 25 12:34:38 2014 +1100
7254
7255     - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD
7256
7257commit b0e0f760b861676a3fe5c40133b270713d5321a9
7258Author: Damien Miller <djm@mindrot.org>
7259Date:   Fri Jan 24 14:27:04 2014 +1100
7260
7261     - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] Make
7262       the scp regress test actually test the built scp rather than the one
7263       in $PATH. ok dtucker@
7264
7265commit 42a092530159637da9cb7f9e1b5f4679e34a85e6
7266Author: Darren Tucker <dtucker@zip.com.au>
7267Date:   Thu Jan 23 23:14:39 2014 +1100
7268
7269     - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously
7270       incompatible with OpenBSD's despite post-dating it by more than a decade.
7271       Declare it as broken, and document FreeBSD's as the same.  ok djm@
7272
7273commit 617da33c20cb59f9ea6c99c881d92493371ef7b8
7274Author: Tim Rice <tim@multitalents.net>
7275Date:   Wed Jan 22 19:16:10 2014 -0800
7276
7277     - (tim) [session.c] Improve error reporting on set_id().
7278
7279commit 5c2ff5e31f57d303ebb414d84a934c02728fa568
7280Author: Damien Miller <djm@mindrot.org>
7281Date:   Wed Jan 22 21:30:12 2014 +1100
7282
7283     - (djm) [configure.ac aclocal.m4] More tests to detect fallout from
7284       platform hardening options: include some long long int arithmatic
7285       to detect missing support functions for -ftrapv in libgcc and
7286       equivalents, actually test linking when -ftrapv is supplied and
7287       set either both -pie/-fPIE or neither. feedback and ok dtucker@
7288
7289commit 852472a54b8a0dc3e53786b313baaa86850a4273
7290Author: Damien Miller <djm@mindrot.org>
7291Date:   Wed Jan 22 16:31:18 2014 +1100
7292
7293     - (djm) [configure.ac] Unless specifically requested, only attempt
7294       to build Position Independent Executables on gcc >= 4.x; ok dtucker
7295
7296commit ee87838786cef0194db36ae0675b3e7c4e8ec661
7297Author: Damien Miller <djm@mindrot.org>
7298Date:   Wed Jan 22 16:30:15 2014 +1100
7299
7300     - (djm) [openbsd-compat/setproctitle.c] Don't fail to compile if a
7301       platform that is expected to use the reuse-argv style setproctitle
7302       hack surprises us by providing a setproctitle in libc; ok dtucker
7303
7304commit 5c96a154c7940fa67b1f11c421e390dbbc159f27
7305Author: Damien Miller <djm@mindrot.org>
7306Date:   Tue Jan 21 13:10:26 2014 +1100
7307
7308     - (djm) [aclocal.m4] Flesh out the code run in the OSSH_CHECK_CFLAG_COMPILE
7309       and OSSH_CHECK_LDFLAG_LINK tests to give them a better chance of
7310       detecting toolchain-related problems; ok dtucker
7311
7312commit 9464ba6fb34bb42eb3501ec3c5143662e75674bf
7313Author: Tim Rice <tim@multitalents.net>
7314Date:   Mon Jan 20 17:59:28 2014 -0800
7315
7316     - (tim) [platform.c session.c] Fix bug affecting SVR5 platforms introduced
7317       with sftp chroot support. Move set_id call after chroot.
7318
7319commit a6d573caa14d490e6c42fb991bcb5c6860ec704b
7320Author: Darren Tucker <dtucker@zip.com.au>
7321Date:   Tue Jan 21 12:50:46 2014 +1100
7322
7323     - (dtucker) [aclocal.m4] Differentiate between compile-time and link-time
7324       tests in the configure output.  ok djm.
7325
7326commit 096118dc73ab14810b3c12785c0b5acb01ad6123
7327Author: Darren Tucker <dtucker@zip.com.au>
7328Date:   Tue Jan 21 12:48:51 2014 +1100
7329
7330     - (dtucker) [configure.ac] Make PIE a configure-time option which defaults
7331       to on platforms where it's known to be reliably detected and off elsewhere.
7332       Works around platforms such as FreeBSD 9.1 where it does not interop with
7333       -ftrapv (it seems to work but fails when trying to link ssh).  ok djm@
7334
7335commit f9df7f6f477792254eab33cdef71a6d66488cb88
7336Author: Damien Miller <djm@mindrot.org>
7337Date:   Mon Jan 20 20:07:15 2014 +1100
7338
7339     - (djm) [regress/cert-hostkey.sh] Fix regress failure on platforms that
7340        skip one or more key types (e.g. RHEL/CentOS 6.5); ok dtucker@
7341
7342commit c74e70eb52ccc0082bd5a70b5798bb01c114d138
7343Author: Darren Tucker <dtucker@zip.com.au>
7344Date:   Mon Jan 20 13:18:09 2014 +1100
7345
7346    - (dtucker) [gss-serv-krb5.c] Fall back to krb5_cc_gen_new if the Kerberos
7347       implementation does not have krb5_cc_new_unique, similar to what we do
7348       in auth-krb5.c.
7349
7350commit 3510979e83b6a18ec8773c64c3fa04aa08b2e783
7351Author: Damien Miller <djm@mindrot.org>
7352Date:   Mon Jan 20 12:41:53 2014 +1100
7353
7354       - djm@cvs.openbsd.org 2014/01/20 00:08:48
7355         [digest.c]
7356         memleak; found by Loganaden Velvindron @ AfriNIC; ok markus@
7357
7358commit 7eee358d7a6580479bee5cd7e52810ebfd03e5b2
7359Author: Darren Tucker <dtucker@zip.com.au>
7360Date:   Sun Jan 19 22:37:02 2014 +1100
7361
7362       - dtucker@cvs.openbsd.org 2014/01/19 11:21:51
7363         [addrmatch.c]
7364         Cast the sizeof to socklen_t so it'll work even if the supplied len is
7365         negative.  Suggested by and ok djm, ok deraadt.
7366
7367commit b7e01c09b56ab26e8fac56bbce0fd25e36d12bb0
7368Author: Darren Tucker <dtucker@zip.com.au>
7369Date:   Sun Jan 19 22:36:13 2014 +1100
7370
7371       - djm@cvs.openbsd.org 2014/01/19 04:48:08
7372         [ssh_config.5]
7373         fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal
7374
7375commit 7b1ded04adce42efa25ada7c3a39818d3109b724
7376Author: Darren Tucker <dtucker@zip.com.au>
7377Date:   Sun Jan 19 15:30:02 2014 +1100
7378
7379       - dtucker@cvs.openbsd.org 2014/01/19 04:17:29
7380         [canohost.c addrmatch.c]
7381         Cast socklen_t when comparing to size_t and use socklen_t to iterate over
7382         the ip options, both to prevent signed/unsigned comparison warnings.
7383         Patch from vinschen at redhat via portable openssh, begrudging ok deraadt.
7384
7385commit 293ee3c9f0796d99ebb033735f0e315f2e0180bf
7386Author: Darren Tucker <dtucker@zip.com.au>
7387Date:   Sun Jan 19 15:28:01 2014 +1100
7388
7389       - dtucker@cvs.openbsd.org 2014/01/18 09:36:26
7390         [session.c]
7391         explicitly define USE_PIPES to 1 to prevent redefinition warnings in
7392         portable on platforms that use pipes for everything.  From redhat @
7393         redhat.
7394
7395commit 2aca159d05f9e7880d1d8f1ce49a218840057f53
7396Author: Darren Tucker <dtucker@zip.com.au>
7397Date:   Sun Jan 19 15:25:34 2014 +1100
7398
7399       - dtucker@cvs.openbsd.org 2014/01/17 06:23:24
7400         [sftp-server.c]
7401         fix log message statvfs.  ok djm
7402
7403commit 841f7da89ae8b367bb502d61c5c41916c6e7ae4c
7404Author: Darren Tucker <dtucker@zip.com.au>
7405Date:   Sat Jan 18 22:12:15 2014 +1100
7406
7407     - (dtucker) [sandbox-capsicum.c] Correct some error messages and make the
7408       return value check for cap_enter() consistent with the other uses in
7409       FreeBSD.  From by Loganaden Velvindron @ AfriNIC via bz#2140.
7410
7411commit fdce3731660699b2429e93e822f2ccbaccd163ae
7412Author: Darren Tucker <dtucker@zip.com.au>
7413Date:   Sat Jan 18 21:12:42 2014 +1100
7414
7415     - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs,
7416       optind) are defined in getopt.h already.  Unfortunately they are defined as
7417       "declspec(dllimport)" for historical reasons, because the GNU linker didn't
7418       allow auto-import on PE/COFF targets way back when.  The problem is the
7419       dllexport attributes collide with the definitions in the various source
7420       files in OpenSSH, which obviousy define the variables without
7421       declspec(dllimport).  The least intrusive way to get rid of these warnings
7422       is to disable warnings for GCC compiler attributes when building on Cygwin.
7423       Patch from vinschen at redhat.com.
7424
7425commit 1411c9263f46e1ee49d0d302bf7258ebe69ce827
7426Author: Darren Tucker <dtucker@zip.com.au>
7427Date:   Sat Jan 18 21:03:59 2014 +1100
7428
7429     - (dtucker) [openbsd-compat/bsd-cygwin_util.h] Add missing function
7430       declarations that stopped being included when we stopped including
7431       <windows.h> from openbsd-compat/bsd-cygwin_util.h.  Patch from vinschen at
7432       redhat.com.
7433
7434commit 89c532d843c95a085777c66365067d64d1937eb9
7435Author: Darren Tucker <dtucker@zip.com.au>
7436Date:   Sat Jan 18 20:43:49 2014 +1100
7437
7438     - (dtucker) [uidswap.c] Prevent unused variable warnings on Cygwin.  Patch
7439       from vinschen at redhat.com
7440
7441commit 355f861022be7b23d3009fae8f3c9f6f7fc685f7
7442Author: Darren Tucker <dtucker@zip.com.au>
7443Date:   Sat Jan 18 00:12:38 2014 +1100
7444
7445     - (dtucker) [defines.h] Move our definitions of uintXX_t types down to after
7446       they're defined if we have to define them ourselves.  Fixes builds on old
7447       AIX.
7448
7449commit a3357661ee1d5d553294f36e4940e8285c7f1332
7450Author: Darren Tucker <dtucker@zip.com.au>
7451Date:   Sat Jan 18 00:03:57 2014 +1100
7452
7453     - (dtucker) [readconf.c] Wrap paths.h inside an ifdef.  Allows building on
7454       Solaris.
7455
7456commit 9edcbff46ff01c8d5dee9c1aa843f09e9ad8a80e
7457Author: Darren Tucker <dtucker@zip.com.au>
7458Date:   Fri Jan 17 21:54:32 2014 +1100
7459
7460     - (dtucker) [configure.ac] Have --without-toolchain-hardening not turn off
7461       stack-protector since that has a separate flag that's been around a while.
7462
7463commit 6d725687c490d4ba957a1bbc0ba0a2956c09fa69
7464Author: Darren Tucker <dtucker@zip.com.au>
7465Date:   Fri Jan 17 19:17:34 2014 +1100
7466
7467     - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types.
7468
7469commit 5055699c7f7c7ef21703a443ec73117da392f6ae
7470Author: Darren Tucker <dtucker@zip.com.au>
7471Date:   Fri Jan 17 18:48:22 2014 +1100
7472
7473     - (dtucker) [openbsd-compat/bsd-statvfs.h] Only start including headers if we
7474       need them to cut down on the name collisions.
7475
7476commit a5cf1e220def07290260e4125e74f41ac75cf88d
7477Author: Darren Tucker <dtucker@zip.com.au>
7478Date:   Fri Jan 17 18:10:58 2014 +1100
7479
7480     - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c
7481       openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs
7482       to be useful (and for the regression tests to pass) on platforms that
7483       have statfs and fstatfs.  ok djm@
7484
7485commit 1357d71d7b6d269969520aaa3e84d312ec971d5b
7486Author: Darren Tucker <dtucker@zip.com.au>
7487Date:   Fri Jan 17 18:00:40 2014 +1100
7488
7489     - (dtucker) Fix typo in #ifndef.
7490
7491commit d23a91ffb289d3553a58b7a60cec39fba9f0f506
7492Author: Darren Tucker <dtucker@zip.com.au>
7493Date:   Fri Jan 17 17:32:30 2014 +1100
7494
7495     - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c
7496       openbsd-compat/openssl-compat.h]  Add compatibility layer for older
7497       openssl versions.  ok djm@
7498
7499commit 868ea1ea1c1bfdbee5dbad78f81999c5983ecf31
7500Author: Damien Miller <djm@mindrot.org>
7501Date:   Fri Jan 17 16:47:04 2014 +1100
7502
7503     - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]
7504       [sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c]
7505       [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
7506       using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
7507       Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
7508
7509commit a9d186a8b50d18869a10e9203abf71c83ddb1f79
7510Author: Darren Tucker <dtucker@zip.com.au>
7511Date:   Fri Jan 17 16:30:49 2014 +1100
7512
7513       - dtucker@cvs.openbsd.org 2014/01/17 05:26:41
7514         [digest.c]
7515         remove unused includes.  ok djm@
7516
7517commit 5f1c57a7a7eb39c0e4fee3367712337dbcaef024
7518Author: Darren Tucker <dtucker@zip.com.au>
7519Date:   Fri Jan 17 16:29:45 2014 +1100
7520
7521       - djm@cvs.openbsd.org 2014/01/17 00:21:06
7522         [sftp-client.c]
7523         signed/unsigned comparison warning fix; from portable (Id sync only)
7524
7525commit c548722361d89fb12c108528f96b306a26477b18
7526Author: Darren Tucker <dtucker@zip.com.au>
7527Date:   Fri Jan 17 15:12:16 2014 +1100
7528
7529     - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into
7530       separate lines and alphabetize for easier diffing of changes.
7531
7532commit acad351a5b1c37de9130c9c1710445cc45a7f6b9
7533Author: Darren Tucker <dtucker@zip.com.au>
7534Date:   Fri Jan 17 14:20:05 2014 +1100
7535
7536     - (dtucker) [defines.h] Add typedefs for uintXX_t types for platforms that
7537       don't have them.
7538
7539commit c3ed065ce8417aaa46490836648c173a5010f226
7540Author: Darren Tucker <dtucker@zip.com.au>
7541Date:   Fri Jan 17 14:18:45 2014 +1100
7542
7543     - (dtucker) [openbsd-compat/bcrypt_pbkdf.c] Wrap stdlib.h include inside
7544       #ifdef HAVE_STDINT_H.
7545
7546commit f45f78ae437062c7d9506c5f475b7215f486be44
7547Author: Darren Tucker <dtucker@zip.com.au>
7548Date:   Fri Jan 17 12:43:43 2014 +1100
7549
7550     - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c] Include
7551       includes.h to pull in all of the compatibility stuff.
7552
7553commit 99df369d0340caac145d57f700d830147ff18b87
7554Author: Darren Tucker <dtucker@zip.com.au>
7555Date:   Fri Jan 17 12:42:17 2014 +1100
7556
7557     - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
7558
7559commit ac413b62ea1957e80c711acbe0c11b908273fc01
7560Author: Darren Tucker <dtucker@zip.com.au>
7561Date:   Fri Jan 17 12:31:33 2014 +1100
7562
7563     - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_STDINT_H.
7564
7565commit 1c4a011e9c939e74815346a560843e1862c300b8
7566Author: Darren Tucker <dtucker@zip.com.au>
7567Date:   Fri Jan 17 12:23:23 2014 +1100
7568
7569     - (dtucker) [loginrec.c] Cast to the types specfied in the format
7570        specification to prevent warnings.
7571
7572commit c3d483f9a8275be1113535a1e0d0e384f605f3c4
7573Author: Damien Miller <djm@mindrot.org>
7574Date:   Fri Jan 17 11:20:26 2014 +1100
7575
7576     - (djm) [sftp-client.c] signed/unsigned comparison fix
7577
7578commit fd994379dd972417d0491767f7cd9b5bf23f4975
7579Author: Darren Tucker <dtucker@zip.com.au>
7580Date:   Fri Jan 17 09:53:24 2014 +1100
7581
7582     - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain
7583       hardening flags including -fstack-protector-strong.  These default to on
7584       if the toolchain supports them, but there is a configure-time knob
7585       (--without-hardening) to disable them if necessary.  ok djm@
7586
7587commit 366224d21768ee8ec28cfbcc5fbade1b32582d58
7588Author: Damien Miller <djm@mindrot.org>
7589Date:   Thu Jan 16 18:51:44 2014 +1100
7590
7591     - (djm) [README] update release notes URL.
7592
7593commit 2ae77e64f8fa82cbf25c9755e8e847709b978b40
7594Author: Damien Miller <djm@mindrot.org>
7595Date:   Thu Jan 16 18:51:07 2014 +1100
7596
7597     - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
7598       [contrib/suse/openssh.spec] Crank RPM spec version numbers.
7599
7600commit 0fa29e6d777c73a1b4ddd3b996b06ee20022ae8a
7601Author: Damien Miller <djm@mindrot.org>
7602Date:   Thu Jan 16 18:42:31 2014 +1100
7603
7604       - djm@cvs.openbsd.org 2014/01/16 07:32:00
7605         [version.h]
7606         openssh-6.5
7607
7608commit 52c371cd6d2598cc73d4e633811b3012119c47e2
7609Author: Damien Miller <djm@mindrot.org>
7610Date:   Thu Jan 16 18:42:10 2014 +1100
7611
7612       - djm@cvs.openbsd.org 2014/01/16 07:31:09
7613         [sftp-client.c]
7614         needless and incorrect cast to size_t can break resumption of
7615         large download; patch from tobias@
7616