From owner-svn-src-all@FreeBSD.ORG Thu May 30 12:26:00 2013 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 92A56D47; Thu, 30 May 2013 12:26:00 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 8264FAF4; Thu, 30 May 2013 12:26:00 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.6/8.14.6) with ESMTP id r4UCQ0Zg073019; Thu, 30 May 2013 12:26:00 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.6/8.14.5/Submit) id r4UCPxvg072998; Thu, 30 May 2013 12:25:59 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201305301225.r4UCPxvg072998@svn.freebsd.org> From: Dag-Erling Smørgrav Date: Thu, 30 May 2013 12:25:59 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r251135 - in stable/9: crypto/openssh crypto/openssh/openbsd-compat crypto/openssh/scard secure/lib/libssh X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 May 2013 12:26:00 -0000 Author: des Date: Thu May 30 12:25:58 2013 New Revision: 251135 URL: http://svnweb.freebsd.org/changeset/base/251135 Log: Pull in OpenSSH 6.2p2 from head. Added: stable/9/crypto/openssh/PROTOCOL.krl - copied unchanged from r248619, head/crypto/openssh/PROTOCOL.krl stable/9/crypto/openssh/krl.c - copied, changed from r248619, head/crypto/openssh/krl.c stable/9/crypto/openssh/krl.h - copied unchanged from r248619, head/crypto/openssh/krl.h stable/9/crypto/openssh/openbsd-compat/bsd-setres_id.c - copied unchanged from r248619, head/crypto/openssh/openbsd-compat/bsd-setres_id.c stable/9/crypto/openssh/openbsd-compat/bsd-setres_id.h - copied unchanged from r248619, head/crypto/openssh/openbsd-compat/bsd-setres_id.h stable/9/crypto/openssh/openbsd-compat/strtoull.c - copied unchanged from r248619, head/crypto/openssh/openbsd-compat/strtoull.c stable/9/crypto/openssh/scard/ - copied from r248619, head/crypto/openssh/scard/ stable/9/crypto/openssh/umac128.c - copied, changed from r248619, head/crypto/openssh/umac128.c Deleted: stable/9/crypto/openssh/acss.c stable/9/crypto/openssh/acss.h stable/9/crypto/openssh/cipher-acss.c Modified: stable/9/crypto/openssh/ChangeLog stable/9/crypto/openssh/INSTALL stable/9/crypto/openssh/PROTOCOL stable/9/crypto/openssh/PROTOCOL.agent stable/9/crypto/openssh/README stable/9/crypto/openssh/auth-options.c stable/9/crypto/openssh/auth-rsa.c stable/9/crypto/openssh/auth.c stable/9/crypto/openssh/auth.h stable/9/crypto/openssh/auth1.c stable/9/crypto/openssh/auth2-chall.c stable/9/crypto/openssh/auth2-gss.c stable/9/crypto/openssh/auth2-jpake.c stable/9/crypto/openssh/auth2-pubkey.c stable/9/crypto/openssh/auth2.c stable/9/crypto/openssh/authfile.c stable/9/crypto/openssh/channels.c stable/9/crypto/openssh/cipher-aes.c stable/9/crypto/openssh/cipher-ctr.c stable/9/crypto/openssh/cipher.c stable/9/crypto/openssh/cipher.h stable/9/crypto/openssh/clientloop.c stable/9/crypto/openssh/clientloop.h stable/9/crypto/openssh/compat.c stable/9/crypto/openssh/config.h stable/9/crypto/openssh/config.h.in stable/9/crypto/openssh/defines.h stable/9/crypto/openssh/includes.h stable/9/crypto/openssh/kex.c stable/9/crypto/openssh/kex.h stable/9/crypto/openssh/key.c stable/9/crypto/openssh/key.h stable/9/crypto/openssh/log.c stable/9/crypto/openssh/log.h stable/9/crypto/openssh/loginrec.c stable/9/crypto/openssh/mac.c stable/9/crypto/openssh/moduli stable/9/crypto/openssh/moduli.5 stable/9/crypto/openssh/monitor.c stable/9/crypto/openssh/monitor.h stable/9/crypto/openssh/monitor_wrap.c stable/9/crypto/openssh/mux.c stable/9/crypto/openssh/myproposal.h stable/9/crypto/openssh/openbsd-compat/bsd-cygwin_util.c stable/9/crypto/openssh/openbsd-compat/bsd-cygwin_util.h stable/9/crypto/openssh/openbsd-compat/bsd-misc.c stable/9/crypto/openssh/openbsd-compat/bsd-misc.h stable/9/crypto/openssh/openbsd-compat/openbsd-compat.h stable/9/crypto/openssh/openbsd-compat/openssl-compat.h stable/9/crypto/openssh/openbsd-compat/sys-queue.h stable/9/crypto/openssh/openbsd-compat/sys-tree.h stable/9/crypto/openssh/openbsd-compat/vis.c stable/9/crypto/openssh/openbsd-compat/vis.h stable/9/crypto/openssh/packet.c stable/9/crypto/openssh/platform.c stable/9/crypto/openssh/platform.h stable/9/crypto/openssh/readconf.c stable/9/crypto/openssh/readconf.h stable/9/crypto/openssh/scp.1 stable/9/crypto/openssh/scp.c stable/9/crypto/openssh/servconf.c stable/9/crypto/openssh/servconf.h stable/9/crypto/openssh/serverloop.c stable/9/crypto/openssh/session.c stable/9/crypto/openssh/sftp-server.8 stable/9/crypto/openssh/sftp-server.c stable/9/crypto/openssh/sftp.1 stable/9/crypto/openssh/sftp.c stable/9/crypto/openssh/ssh-add.1 stable/9/crypto/openssh/ssh-add.c stable/9/crypto/openssh/ssh-gss.h stable/9/crypto/openssh/ssh-keygen.1 stable/9/crypto/openssh/ssh-keygen.c stable/9/crypto/openssh/ssh-keyscan.1 stable/9/crypto/openssh/ssh.1 stable/9/crypto/openssh/ssh.c stable/9/crypto/openssh/ssh_config stable/9/crypto/openssh/ssh_config.5 stable/9/crypto/openssh/ssh_namespace.h stable/9/crypto/openssh/sshconnect.c stable/9/crypto/openssh/sshconnect2.c stable/9/crypto/openssh/sshd.8 stable/9/crypto/openssh/sshd.c stable/9/crypto/openssh/sshd_config stable/9/crypto/openssh/sshd_config.5 stable/9/crypto/openssh/uidswap.c stable/9/crypto/openssh/umac.c stable/9/crypto/openssh/umac.h stable/9/crypto/openssh/version.h stable/9/secure/lib/libssh/Makefile Directory Properties: stable/9/crypto/openssh/ (props changed) stable/9/secure/lib/libssh/ (props changed) Modified: stable/9/crypto/openssh/ChangeLog ============================================================================== --- stable/9/crypto/openssh/ChangeLog Thu May 30 12:25:37 2013 (r251134) +++ stable/9/crypto/openssh/ChangeLog Thu May 30 12:25:58 2013 (r251135) @@ -1,3 +1,709 @@ +20130510 + - (djm) OpenBSD CVS Cherrypick + - djm@cvs.openbsd.org 2013/04/11 02:27:50 + [packet.c] + quiet disconnect notifications on the server from error() back to logit() + if it is a normal client closure; bz#2057 ok+feedback dtucker@ + - (djm) [version.h contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers for release. + +20130404 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2013/02/17 23:16:57 + [readconf.c ssh.c readconf.h sshconnect2.c] + Keep track of which IndentityFile options were manually supplied and which + were default options, and don't warn if the latter are missing. + ok markus@ + - dtucker@cvs.openbsd.org 2013/02/19 02:12:47 + [krl.c] + Remove bogus include. ok djm + - dtucker@cvs.openbsd.org 2013/02/22 04:45:09 + [ssh.c readconf.c readconf.h] + Don't complain if IdentityFiles specified in system-wide configs are + missing. ok djm, deraadt. + - markus@cvs.openbsd.org 2013/02/22 19:13:56 + [sshconnect.c] + support ProxyCommand=- (stdin/out already point to the proxy); ok djm@ + - djm@cvs.openbsd.org 2013/02/22 22:09:01 + [ssh.c] + Allow IdenityFile=none; ok markus deraadt (and dtucker for an earlier + version) + +20130401 + - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h + to avoid conflicting definitions of __int64, adding the required bits. + Patch from Corinna Vinschen. + +20120322 + - (djm) [contrib/ssh-copy-id contrib/ssh-copy-id.1] Updated to Phil + Hands' greatly revised version. + - (djm) Release 6.2p1 + +20120318 + - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c] + [openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's + so mark it as broken. Patch from des AT des.no + +20120317 + - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has none + of the bits the configure test looks for. + +20120316 + - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platform + is unable to successfully compile them. Based on patch from des AT + des.no + - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] + Add a usleep replacement for platforms that lack it; ok dtucker + - (djm) [session.c] FreeBSD needs setusercontext(..., LOGIN_SETUMASK) to + occur after UID switch; patch from John Marshall via des AT des.no; + ok dtucker@ + +20120312 + - (dtucker) [regress/Makefile regress/cipher-speed.sh regress/test-exec.sh] + Improve portability of cipher-speed test, based mostly on a patch from + Iain Morgan. + - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin") + in addition to root as an owner of system directories on AIX and HP-UX. + ok djm@ + +20130307 + - (dtucker) [INSTALL] Bump documented autoconf version to what we're + currently using. + - (dtucker) [defines.h] Remove SIZEOF_CHAR bits since the test for it + was removed in configure.ac rev 1.481 as it was redundant. + - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 days + ago. + - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it a + chance to complete on broken systems; ok dtucker@ + +20130306 + - (dtucker) [regress/forward-control.sh] Wait longer for the forwarding + connection to start so that the test works on slower machines. + - (dtucker) [configure.ac] test that we can set number of file descriptors + to zero with setrlimit before enabling the rlimit sandbox. This affects + (at least) HPUX 11.11. + +20130305 + - (djm) [regress/modpipe.c] Compilation fix for AIX and parsing fix for + HP/UX. Spotted by Kevin Brott + - (dtucker) [configure.ac] use "=" for shell test and not "==". Spotted by + Amit Kulkarni and Kevin Brott. + - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscure + build breakage on (at least) HP-UX 11.11. Found by Amit Kulkarni and Kevin + Brott. + - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov. + +20130227 + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers + - (tim) [regress/forward-control.sh] use sh in case login shell is csh. + - (tim) [regress/integrity.sh] shell portability fix. + - (tim) [regress/integrity.sh] keep old solaris awk from hanging. + - (tim) [regress/krl.sh] keep old solaris awk from hanging. + +20130226 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/20 08:27:50 + [integrity.sh] + Add an option to modpipe that warns if the modification offset it not + reached in it's stream and turn it on for t-integrity. This should catch + cases where the session is not fuzzed for being too short (cf. my last + "oops" commit) + - (djm) [regress/integrity.sh] Run sshd via $SUDO; fixes tinderbox breakage + for UsePAM=yes configuration + +20130225 + - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes needed + to use Solaris native GSS libs. Patch from Pierre Ossman. + +20130223 + - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] Prefer + bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu. + ok tim + +20130222 + - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs to + ssh(1) since they're not needed. Patch from Pierre Ossman, ok djm. + - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-named + libgss too. Patch from Pierre Ossman, ok djm. + - (djm) [configure.ac sandbox-seccomp-filter.c] Support for Linux + seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com; + ok dtucker + +20130221 + - (tim) [regress/forward-control.sh] shell portability fix. + +20130220 + - (tim) [regress/cipher-speed.sh regress/try-ciphers.sh] shell portability fix. + - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneeded + err.h include from krl.c. Additional portability fixes for modpipe. OK djm + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/20 08:27:50 + [regress/integrity.sh regress/modpipe.c] + Add an option to modpipe that warns if the modification offset it not + reached in it's stream and turn it on for t-integrity. This should catch + cases where the session is not fuzzed for being too short (cf. my last + "oops" commit) + - djm@cvs.openbsd.org 2013/02/20 08:29:27 + [regress/modpipe.c] + s/Id/OpenBSD/ in RCS tag + +20130219 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/18 22:26:47 + [integrity.sh] + crank the offset yet again; it was still fuzzing KEX one of Darren's + portable test hosts at 2800 + - djm@cvs.openbsd.org 2013/02/19 02:14:09 + [integrity.sh] + oops, forgot to increase the output of the ssh command to ensure that + we actually reach $offset + - (djm) [regress/integrity.sh] Skip SHA2-based MACs on configurations that + lack support for SHA2. + - (djm) [regress/modpipe.c] Add local err, and errx functions for platforms + that do not have them. + +20130217 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/17 23:16:55 + [integrity.sh] + make the ssh command generates some output to ensure that there are at + least offset+tries bytes in the stream. + +20130216 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/16 06:08:45 + [integrity.sh] + make sure the fuzz offset is actually past the end of KEX for all KEX + types. diffie-hellman-group-exchange-sha256 requires an offset around + 2700. Noticed via test failures in portable OpenSSH on platforms that + lack ECC and this the more byte-frugal ECDH KEX algorithms. + +20130215 + - (djm) [contrib/suse/rc.sshd] Use SSHD_BIN consistently; bz#2056 from + Iain Morgan + - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h] + Use getpgrp() if we don't have getpgid() (old BSDs, maybe others). + - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.c + openbsd-compat/openbsd-compat.h] Add strtoull to compat library for + platforms that don't have it. + - (dtucker) [openbsd-compat/openbsd-compat.h] Add prototype for strtoul, + group strto* function prototypes together. + - (dtucker) [openbsd-compat/bsd-misc.c] Handle the case where setpgrp() takes + an argument. Pointed out by djm. + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/02/14 21:35:59 + [auth2-pubkey.c] + Correct error message that had a typo and was logging the wrong thing; + patch from Petr Lautrbach + - dtucker@cvs.openbsd.org 2013/02/15 00:21:01 + [sshconnect2.c] + Warn more loudly if an IdentityFile provided by the user cannot be read. + bz #1981, ok djm@ + +20130214 + - (djm) [regress/krl.sh] Don't use ecdsa keys in environment that lack ECC. + - (djm) [regress/krl.sh] typo; found by Iain Morgan + - (djm) [regress/integrity.sh] Start fuzzing from offset 2500 (instead + of 2300) to avoid clobbering the end of (non-MAC'd) KEX. Verified by + Iain Morgan + +20130212 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/01/24 21:45:37 + [krl.c] + fix handling of (unused) KRL signatures; skip string in correct buffer + - djm@cvs.openbsd.org 2013/01/24 22:08:56 + [krl.c] + skip serial lookup when cert's serial number is zero + - krw@cvs.openbsd.org 2013/01/25 05:00:27 + [krl.c] + Revert last. Breaks due to likely typo. Let djm@ fix later. + ok djm@ via dlg@ + - djm@cvs.openbsd.org 2013/01/25 10:22:19 + [krl.c] + redo last commit without the vi-vomit that snuck in: + skip serial lookup when cert's serial number is zero + (now with 100% better comment) + - djm@cvs.openbsd.org 2013/01/26 06:11:05 + [Makefile.in acss.c acss.h cipher-acss.c cipher.c] + [openbsd-compat/openssl-compat.h] + remove ACSS, now that it is gone from libcrypto too + - djm@cvs.openbsd.org 2013/01/27 10:06:12 + [krl.c] + actually use the xrealloc() return value; spotted by xi.wang AT gmail.com + - dtucker@cvs.openbsd.org 2013/02/06 00:20:42 + [servconf.c sshd_config sshd_config.5] + Change default of MaxStartups to 10:30:100 to start doing random early + drop at 10 connections up to 100 connections. This will make it harder + to DoS as CPUs have come a long way since the original value was set + back in 2000. Prompted by nion at debian org, ok markus@ + - dtucker@cvs.openbsd.org 2013/02/06 00:22:21 + [auth.c] + Fix comment, from jfree.e1 at gmail + - djm@cvs.openbsd.org 2013/02/08 00:41:12 + [sftp.c] + fix NULL deref when built without libedit and control characters + entered as command; debugging and patch from Iain Morgan an + Loganaden Velvindron in bz#1956 + - markus@cvs.openbsd.org 2013/02/10 21:19:34 + [version.h] + openssh 6.2 + - djm@cvs.openbsd.org 2013/02/10 23:32:10 + [ssh-keygen.c] + append to moduli file when screening candidates rather than overwriting. + allows resumption of interrupted screen; patch from Christophe Garault + in bz#1957; ok dtucker@ + - djm@cvs.openbsd.org 2013/02/10 23:35:24 + [packet.c] + record "Received disconnect" messages at ERROR rather than INFO priority, + since they are abnormal and result in a non-zero ssh exit status; patch + from Iain Morgan in bz#2057; ok dtucker@ + - dtucker@cvs.openbsd.org 2013/02/11 21:21:58 + [sshd.c] + Add openssl version to debug output similar to the client. ok markus@ + - djm@cvs.openbsd.org 2013/02/11 23:58:51 + [regress/try-ciphers.sh] + remove acss here too + - (djm) [regress/try-ciphers.sh] clean up CVS merge botch + +20130211 + - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on old + libcrypto that lacks EVP_CIPHER_CTX_ctrl + +20130208 + - (djm) [contrib/redhat/sshd.init] treat RETVAL as an integer; + patch from Iain Morgan in bz#2059 + - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allows + __attribute__ on return values and work around if necessary. ok djm@ + +20130207 + - (djm) [configure.ac] Don't probe seccomp capability of running kernel + at configure time; the seccomp sandbox will fall back to rlimit at + runtime anyway. Patch from plautrba AT redhat.com in bz#2011 + +20130120 + - (djm) [cipher-aes.c cipher-ctr.c openbsd-compat/openssl-compat.h] + Move prototypes for replacement ciphers to openssl-compat.h; fix EVP + prototypes for openssl-1.0.0-fips. + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2013/01/18 07:57:47 + [ssh-keygen.1] + tweak previous; + - jmc@cvs.openbsd.org 2013/01/18 07:59:46 + [ssh-keygen.c] + -u before -V in usage(); + - jmc@cvs.openbsd.org 2013/01/18 08:00:49 + [sshd_config.5] + tweak previous; + - jmc@cvs.openbsd.org 2013/01/18 08:39:04 + [ssh-keygen.1] + add -Q to the options list; ok djm + - jmc@cvs.openbsd.org 2013/01/18 21:48:43 + [ssh-keygen.1] + command-line (adj.) -> command line (n.); + - jmc@cvs.openbsd.org 2013/01/19 07:13:25 + [ssh-keygen.1] + fix some formatting; ok djm + - markus@cvs.openbsd.org 2013/01/19 12:34:55 + [krl.c] + RB_INSERT does not remove existing elments; ok djm@ + - (djm) [openbsd-compat/sys-tree.h] Sync with OpenBSD. krl.c needs newer + version. + - (djm) [regress/krl.sh] replacement for jot; most platforms lack it + +20130118 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/01/17 23:00:01 + [auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] + [krl.c krl.h PROTOCOL.krl] + add support for Key Revocation Lists (KRLs). These are a compact way to + represent lists of revoked keys and certificates, taking as little as + a single bit of incremental cost to revoke a certificate by serial number. + KRLs are loaded via the existing RevokedKeys sshd_config option. + feedback and ok markus@ + - djm@cvs.openbsd.org 2013/01/18 00:45:29 + [regress/Makefile regress/cert-userkey.sh regress/krl.sh] + Tests for Key Revocation Lists (KRLs) + - djm@cvs.openbsd.org 2013/01/18 03:00:32 + [krl.c] + fix KRL generation bug for list sections + +20130117 + - (djm) [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] + check for GCM support before testing GCM ciphers. + +20130112 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2013/01/12 11:22:04 + [cipher.c] + improve error message for integrity failure in AES-GCM modes; ok markus@ + - djm@cvs.openbsd.org 2013/01/12 11:23:53 + [regress/cipher-speed.sh regress/integrity.sh regress/try-ciphers.sh] + test AES-GCM modes; feedback markus@ + - (djm) [regress/integrity.sh] repair botched merge + +20130109 + - (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/12/14 05:26:43 + [auth.c] + use correct string in error message; from rustybsd at gmx.fr + - djm@cvs.openbsd.org 2013/01/02 00:32:07 + [clientloop.c mux.c] + channel_setup_local_fwd_listener() returns 0 on failure, not -ve + bz#2055 reported by mathieu.lacage AT gmail.com + - djm@cvs.openbsd.org 2013/01/02 00:33:49 + [PROTOCOL.agent] + correct format description for SSH_AGENTC_ADD_RSA_ID_CONSTRAINED + bz#2051 from david AT lechnology.com + - djm@cvs.openbsd.org 2013/01/03 05:49:36 + [servconf.h] + add a couple of ServerOptions members that should be copied to the privsep + child (for consistency, in this case they happen only to be accessed in + the monitor); ok dtucker@ + - djm@cvs.openbsd.org 2013/01/03 12:49:01 + [PROTOCOL] + fix description of MAC calculation for EtM modes; ok markus@ + - djm@cvs.openbsd.org 2013/01/03 12:54:49 + [sftp-server.8 sftp-server.c] + allow specification of an alternate start directory for sftp-server(8) + "I like this" markus@ + - djm@cvs.openbsd.org 2013/01/03 23:22:58 + [ssh-keygen.c] + allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ... + ok markus@ + - jmc@cvs.openbsd.org 2013/01/04 19:26:38 + [sftp-server.8 sftp-server.c] + sftp-server.8: add argument name to -d + sftp-server.c: add -d to usage() + ok djm + - markus@cvs.openbsd.org 2013/01/08 18:49:04 + [PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] + [myproposal.h packet.c ssh_config.5 sshd_config.5] + support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) + ok and feedback djm@ + - djm@cvs.openbsd.org 2013/01/09 05:40:17 + [ssh-keygen.c] + correctly initialise fingerprint type for fingerprinting PKCS#11 keys + - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h] + Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little + cipher compat code to openssl-compat.h + +20121217 + - (dtucker) [Makefile.in] Add some scaffolding so that the new regress + tests will work with VPATH directories. + +20121213 + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2012/12/12 16:45:52 + [packet.c] + reset incoming_packet buffer for each new packet in EtM-case, too; + this happens if packets are parsed only parially (e.g. ignore + messages sent when su/sudo turn off echo); noted by sthen/millert + - naddy@cvs.openbsd.org 2012/12/12 16:46:10 + [cipher.c] + use OpenSSL's EVP_aes_{128,192,256}_ctr() API and remove our hand-rolled + counter mode code; ok djm@ + - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain our + compat code for older OpenSSL + - (djm) [cipher.c] Fix missing prototype for compat code + +20121212 + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2012/12/11 22:16:21 + [monitor.c] + drain the log messages after receiving the keystate from the unpriv + child. otherwise it might block while sending. ok djm@ + - markus@cvs.openbsd.org 2012/12/11 22:31:18 + [PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h] + [packet.c ssh_config.5 sshd_config.5] + add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms + that change the packet format and compute the MAC over the encrypted + message (including the packet size) instead of the plaintext data; + these EtM modes are considered more secure and used by default. + feedback and ok djm@ + - sthen@cvs.openbsd.org 2012/12/11 22:51:45 + [mac.c] + fix typo, s/tem/etm in hmac-ripemd160-tem. ok markus@ + - markus@cvs.openbsd.org 2012/12/11 22:32:56 + [regress/try-ciphers.sh] + add etm modes + - markus@cvs.openbsd.org 2012/12/11 22:42:11 + [regress/Makefile regress/modpipe.c regress/integrity.sh] + test the integrity of the packets; with djm@ + - markus@cvs.openbsd.org 2012/12/11 23:12:13 + [try-ciphers.sh] + add hmac-ripemd160-etm@openssh.com + - (djm) [mac.c] fix merge botch + - (djm) [regress/Makefile regress/integrity.sh] Make the integrity.sh test + work on platforms without 'jot' + - (djm) [regress/integrity.sh] Fix awk quoting, packet length skip + - (djm) [regress/Makefile] fix t-exec rule + +20121207 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/12/06 06:06:54 + [regress/keys-command.sh] + Fix some problems with the keys-command test: + - use string comparison rather than numeric comparison + - check for existing KEY_COMMAND file and don't clobber if it exists + - clean up KEY_COMMAND file if we do create it. + - check that KEY_COMMAND is executable (which it won't be if eg /var/run + is mounted noexec). + ok djm. + - jmc@cvs.openbsd.org 2012/12/03 08:33:03 + [ssh-add.1 sshd_config.5] + tweak previous; + - markus@cvs.openbsd.org 2012/12/05 15:42:52 + [ssh-add.c] + prevent double-free of comment; ok djm@ + - dtucker@cvs.openbsd.org 2012/12/07 01:51:35 + [serverloop.c] + Cast signal to int for logging. A no-op on openbsd (they're always ints) + but will prevent warnings in portable. ok djm@ + +20121205 + - (tim) [defines.h] Some platforms are missing ULLONG_MAX. Feedback djm@. + +20121203 + - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD to get + TAILQ_FOREACH_SAFE needed for upcoming changes. + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/12/02 20:26:11 + [ssh_config.5 sshconnect2.c] + Make IdentitiesOnly apply to keys obtained from a PKCS11Provider. + This allows control of which keys are offered from tokens using + IdentityFile. ok markus@ + - djm@cvs.openbsd.org 2012/12/02 20:42:15 + [ssh-add.1 ssh-add.c] + make deleting explicit keys "ssh-add -d" symmetric with adding keys - + try to delete the corresponding certificate too and respect the -k option + to allow deleting of the key only; feedback and ok markus@ + - djm@cvs.openbsd.org 2012/12/02 20:46:11 + [auth-options.c channels.c servconf.c servconf.h serverloop.c session.c] + [sshd_config.5] + make AllowTcpForwarding accept "local" and "remote" in addition to its + current "yes"/"no" to allow the server to specify whether just local or + remote TCP forwarding is enabled. ok markus@ + - dtucker@cvs.openbsd.org 2012/10/05 02:20:48 + [regress/cipher-speed.sh regress/try-ciphers.sh] + Add umac-128@openssh.com to the list of MACs to be tested + - djm@cvs.openbsd.org 2012/10/19 05:10:42 + [regress/cert-userkey.sh] + include a serial number when generating certs + - djm@cvs.openbsd.org 2012/11/22 22:49:30 + [regress/Makefile regress/keys-command.sh] + regress for AuthorizedKeysCommand; hints from markus@ + - djm@cvs.openbsd.org 2012/12/02 20:47:48 + [Makefile regress/forward-control.sh] + regress for AllowTcpForwarding local/remote; ok markus@ + - djm@cvs.openbsd.org 2012/12/03 00:14:06 + [auth2-chall.c ssh-keygen.c] + Fix compilation with -Wall -Werror (trivial type fixes) + - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installation + debugging. ok dtucker@ + - (djm) [configure.ac] Revert previous. configure.ac already does this + for us. + +20121114 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/11/14 02:24:27 + [auth2-pubkey.c] + fix username passed to helper program + prepare stdio fds before closefrom() + spotted by landry@ + - djm@cvs.openbsd.org 2012/11/14 02:32:15 + [ssh-keygen.c] + allow the full range of unsigned serial numbers; 'fine' deraadt@ + - djm@cvs.openbsd.org 2012/12/02 20:34:10 + [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c] + [monitor.c monitor.h] + Fixes logging of partial authentication when privsep is enabled + Previously, we recorded "Failed xxx" since we reset authenticated before + calling auth_log() in auth2.c. This adds an explcit "Partial" state. + + Add a "submethod" to auth_log() to report which submethod is used + for keyboard-interactive. + + Fix multiple authentication when one of the methods is + keyboard-interactive. + + ok markus@ + - dtucker@cvs.openbsd.org 2012/10/05 02:05:30 + [regress/multiplex.sh] + Use 'kill -0' to test for the presence of a pid since it's more portable + +20121107 + - (djm) OpenBSD CVS Sync + - eric@cvs.openbsd.org 2011/11/28 08:46:27 + [moduli.5] + fix formula + ok djm@ + - jmc@cvs.openbsd.org 2012/09/26 17:34:38 + [moduli.5] + last stage of rfc changes, using consistent Rs/Re blocks, and moving the + references into a STANDARDS section; + +20121105 + - (dtucker) [uidswap.c openbsd-compat/Makefile.in + openbsd-compat/bsd-setres_id.c openbsd-compat/bsd-setres_id.h + openbsd-compat/openbsd-compat.h] Move the fallback code for setting uids + and gids from uidswap.c to the compat library, which allows it to work with + the new setresuid calls in auth2-pubkey. with tim@, ok djm@ + - (dtucker) [auth2-pubkey.c] wrap paths.h in an ifdef for platforms that + don't have it. Spotted by tim@. + +20121104 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2012/10/31 08:04:50 + [sshd_config.5] + tweak previous; + - djm@cvs.openbsd.org 2012/11/04 10:38:43 + [auth2-pubkey.c sshd.c sshd_config.5] + Remove default of AuthorizedCommandUser. Administrators are now expected + to explicitly specify a user. feedback and ok markus@ + - djm@cvs.openbsd.org 2012/11/04 11:09:15 + [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] + [sshd_config.5] + Support multiple required authentication via an AuthenticationMethods + option. This option lists one or more comma-separated lists of + authentication method names. Successful completion of all the methods in + any list is required for authentication to complete; + feedback and ok markus@ + +20121030 + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2012/10/05 12:34:39 + [sftp.c] + fix signed vs unsigned warning; feedback & ok: djm@ + - djm@cvs.openbsd.org 2012/10/30 21:29:55 + [auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] + [sshd.c sshd_config sshd_config.5] + new sshd_config option AuthorizedKeysCommand to support fetching + authorized_keys from a command in addition to (or instead of) from + the filesystem. The command is run as the target server user unless + another specified via a new AuthorizedKeysCommandUser option. + + patch originally by jchadima AT redhat.com, reworked by me; feedback + and ok markus@ + +20121019 + - (tim) [buildpkg.sh.in] Double up on some backslashes so they end up in + the generated file as intended. + +20121005 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/09/17 09:54:44 + [sftp.c] + an XXX for later + - markus@cvs.openbsd.org 2012/09/17 13:04:11 + [packet.c] + clear old keys on rekeing; ok djm + - dtucker@cvs.openbsd.org 2012/09/18 10:36:12 + [sftp.c] + Add bounds check on sftp tab-completion. Part of a patch from from + Jean-Marc Robert via tech@, ok djm + - dtucker@cvs.openbsd.org 2012/09/21 10:53:07 + [sftp.c] + Fix improper handling of absolute paths when PWD is part of the completed + path. Patch from Jean-Marc Robert via tech@, ok djm. + - dtucker@cvs.openbsd.org 2012/09/21 10:55:04 + [sftp.c] + Fix handling of filenames containing escaped globbing characters and + escape "#" and "*". Patch from Jean-Marc Robert via tech@, ok djm. + - jmc@cvs.openbsd.org 2012/09/26 16:12:13 + [ssh.1] + last stage of rfc changes, using consistent Rs/Re blocks, and moving the + references into a STANDARDS section; + - naddy@cvs.openbsd.org 2012/10/01 13:59:51 + [monitor_wrap.c] + pasto; ok djm@ + - djm@cvs.openbsd.org 2012/10/02 07:07:45 + [ssh-keygen.c] + fix -z option, broken in revision 1.215 + - markus@cvs.openbsd.org 2012/10/04 13:21:50 + [myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c] + add umac128 variant; ok djm@ at n2k12 + - dtucker@cvs.openbsd.org 2012/09/06 04:11:07 + [regress/try-ciphers.sh] + Restore missing space. (Id sync only). + - dtucker@cvs.openbsd.org 2012/09/09 11:51:25 + [regress/multiplex.sh] + Add test for ssh -Ostop + - dtucker@cvs.openbsd.org 2012/09/10 00:49:21 + [regress/multiplex.sh] + Log -O cmd output to the log file and make logging consistent with the + other tests. Test clean shutdown of an existing channel when testing + "stop". + - dtucker@cvs.openbsd.org 2012/09/10 01:51:19 + [regress/multiplex.sh] + use -Ocheck and waiting for completions by PID to make multiplexing test + less racy and (hopefully) more reliable on slow hardware. + - [Makefile umac.c] Add special-case target to build umac128.o. + - [umac.c] Enforce allowed umac output sizes. From djm@. + - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom". + +20120917 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/09/13 23:37:36 + [servconf.c] + Fix comment line length + - markus@cvs.openbsd.org 2012/09/14 16:51:34 + [sshconnect.c] + remove unused variable + +20120907 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/09/06 09:50:13 + [clientloop.c] + Make the escape command help (~?) context sensitive so that only commands + that will work in the current session are shown. ok markus@ + - jmc@cvs.openbsd.org 2012/09/06 13:57:42 + [ssh.1] + missing letter in previous; + - dtucker@cvs.openbsd.org 2012/09/07 00:30:19 + [clientloop.c] + Print '^Z' instead of a raw ^Z when the sequence is not supported. ok djm@ + - dtucker@cvs.openbsd.org 2012/09/07 01:10:21 + [clientloop.c] + Merge escape help text for ~v and ~V; ok djm@ + - dtucker@cvs.openbsd.org 2012/09/07 06:34:21 + [clientloop.c] + when muxmaster is run with -N, make it shut down gracefully when a client + sends it "-O stop" rather than hanging around (bz#1985). ok djm@ + +20120906 + - (dtucker) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2012/08/15 18:25:50 + [ssh-keygen.1] + a little more info on certificate validity; + requested by Ross L Richardson, and provided by djm + - dtucker@cvs.openbsd.org 2012/08/17 00:45:45 + [clientloop.c clientloop.h mux.c] + Force a clean shutdown of ControlMaster client sessions when the ~. escape + sequence is used. This means that ~. should now work in mux clients even + if the server is no longer responding. Found by tedu, ok djm. + - djm@cvs.openbsd.org 2012/08/17 01:22:56 + [kex.c] + add some comments about better handling first-KEX-follows notifications + from the server. Nothing uses these right now. No binary change + - djm@cvs.openbsd.org 2012/08/17 01:25:58 + [ssh-keygen.c] + print details of which host lines were deleted when using + "ssh-keygen -R host"; ok markus@ + - djm@cvs.openbsd.org 2012/08/17 01:30:00 + [compat.c sshconnect.c] + Send client banner immediately, rather than waiting for the server to + move first for SSH protocol 2 connections (the default). Patch based on + one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@ + - dtucker@cvs.openbsd.org 2012/09/06 04:37:39 + [clientloop.c log.c ssh.1 log.h] + Add ~v and ~V escape sequences to raise and lower the logging level + respectively. Man page help from jmc, ok deraadt jmc + +20120830 + - (dtucker) [moduli] Import new moduli file. + 20120828 - (djm) Release openssh-6.1 @@ -172,6 +878,7 @@ [dns.c dns.h key.c key.h ssh-keygen.c] add support for RFC6594 SSHFP DNS records for ECDSA key types. patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@ + (Original authors Ondřej Surý, Ondřej Caletka and Daniel Black) - djm@cvs.openbsd.org 2012/06/01 00:49:35 [PROTOCOL.mux] correct types of port numbers (integers, not strings); bz#2004 from Modified: stable/9/crypto/openssh/INSTALL ============================================================================== --- stable/9/crypto/openssh/INSTALL Thu May 30 12:25:37 2013 (r251134) +++ stable/9/crypto/openssh/INSTALL Thu May 30 12:25:58 2013 (r251135) @@ -89,7 +89,7 @@ http://nlnetlabs.nl/projects/ldns/ Autoconf: If you modify configure.ac or configure doesn't exist (eg if you checked -the code out of CVS yourself) then you will need autoconf-2.61 to rebuild +the code out of CVS yourself) then you will need autoconf-2.68 to rebuild the automatically generated files by running "autoreconf". Earlier versions may also work but this is not guaranteed. @@ -266,4 +266,4 @@ Please refer to the "reporting bugs" sec http://www.openssh.com/ -$Id: INSTALL,v 1.87 2011/11/04 00:25:25 dtucker Exp $ +$Id: INSTALL,v 1.88 2013/03/07 01:33:35 dtucker Exp $ Modified: stable/9/crypto/openssh/PROTOCOL ============================================================================== --- stable/9/crypto/openssh/PROTOCOL Thu May 30 12:25:37 2013 (r251134) +++ stable/9/crypto/openssh/PROTOCOL Thu May 30 12:25:58 2013 (r251135) @@ -51,6 +51,46 @@ and ecdsa-sha2-nistp521 curves over GF(p curve points encoded using point compression are NOT accepted or generated. +1.5 transport: Protocol 2 Encrypt-then-MAC MAC algorithms + +OpenSSH supports MAC algorithms, whose names contain "-etm", that +perform the calculations in a different order to that defined in RFC +4253. These variants use the so-called "encrypt then MAC" ordering, +calculating the MAC over the packet ciphertext rather than the +plaintext. This ordering closes a security flaw in the SSH transport +protocol, where decryption of unauthenticated ciphertext provided a +"decryption oracle" that could, in conjunction with cipher flaws, reveal +session plaintext. + +Specifically, the "-etm" MAC algorithms modify the transport protocol +to calculate the MAC over the packet ciphertext and to send the packet +length unencrypted. This is necessary for the transport to obtain the +length of the packet and location of the MAC tag so that it may be +verified without decrypting unauthenticated data. + +As such, the MAC covers: + + mac = MAC(key, sequence_number || packet_length || encrypted_packet) + +where "packet_length" is encoded as a uint32 and "encrypted_packet" +contains: + + byte padding_length + byte[n1] payload; n1 = packet_length - padding_length - 1 + byte[n2] random padding; n2 = padding_length + +1.6 transport: AES-GCM + +OpenSSH supports the AES-GCM algorithm as specified in RFC 5647. +Because of problems with the specification of the key exchange +the behaviour of OpenSSH differs from the RFC as follows: + +AES-GCM is only negotiated as the cipher algorithms +"aes128-gcm@openssh.com" or "aes256-gcm@openssh.com" and never as +an MAC algorithm. Additionally, if AES-GCM is selected as the cipher +the exchanged MAC algorithms are ignored and there doesn't have to be +a matching MAC. + 2. Connection protocol changes 2.1. connection: Channel write close extension "eow@openssh.com" @@ -291,4 +331,4 @@ link(oldpath, newpath) and will respond This extension is advertised in the SSH_FXP_VERSION hello with version "1". -$OpenBSD: PROTOCOL,v 1.17 2010/12/04 00:18:01 djm Exp $ +$OpenBSD: PROTOCOL,v 1.20 2013/01/08 18:49:04 markus Exp $ Modified: stable/9/crypto/openssh/PROTOCOL.agent ============================================================================== --- stable/9/crypto/openssh/PROTOCOL.agent Thu May 30 12:25:37 2013 (r251134) +++ stable/9/crypto/openssh/PROTOCOL.agent Thu May 30 12:25:58 2013 (r251135) @@ -152,7 +152,7 @@ fully specified using just rsa_q, rsa_p computation. "key_constraints" may only be present if the request type is -SSH_AGENTC_ADD_RSA_IDENTITY. +SSH_AGENTC_ADD_RSA_ID_CONSTRAINED. The agent will reply with a SSH_AGENT_SUCCESS if the key has been successfully added or a SSH_AGENT_FAILURE if an error occurred. @@ -557,4 +557,4 @@ Locking and unlocking affects both proto SSH_AGENT_CONSTRAIN_LIFETIME 1 SSH_AGENT_CONSTRAIN_CONFIRM 2 -$OpenBSD: PROTOCOL.agent,v 1.6 2010/08/31 11:54:45 djm Exp $ +$OpenBSD: PROTOCOL.agent,v 1.7 2013/01/02 00:33:49 djm Exp $ Copied: stable/9/crypto/openssh/PROTOCOL.krl (from r248619, head/crypto/openssh/PROTOCOL.krl) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/9/crypto/openssh/PROTOCOL.krl Thu May 30 12:25:58 2013 (r251135, copy of r248619, head/crypto/openssh/PROTOCOL.krl) @@ -0,0 +1,164 @@ +This describes the key/certificate revocation list format for OpenSSH. + +1. Overall format + +The KRL consists of a header and zero or more sections. The header is: + +#define KRL_MAGIC 0x5353484b524c0a00ULL /* "SSHKRL\n\0" */ +#define KRL_FORMAT_VERSION 1 + + uint64 KRL_MAGIC + uint32 KRL_FORMAT_VERSION + uint64 krl_version + uint64 generated_date + uint64 flags + string reserved + string comment + +Where "krl_version" is a version number that increases each time the KRL +is modified, "generated_date" is the time in seconds since 1970-01-01 +00:00:00 UTC that the KRL was generated, "comment" is an optional comment +and "reserved" an extension field whose contents are currently ignored. +No "flags" are currently defined. + +Following the header are zero or more sections, each consisting of: + + byte section_type + string section_data + +Where "section_type" indicates the type of the "section_data". An exception +to this is the KRL_SECTION_SIGNATURE section, that has a slightly different +format (see below). + +The available section types are: + +#define KRL_SECTION_CERTIFICATES 1 +#define KRL_SECTION_EXPLICIT_KEY 2 +#define KRL_SECTION_FINGERPRINT_SHA1 3 +#define KRL_SECTION_SIGNATURE 4 + +3. Certificate serial section + +These sections use type KRL_SECTION_CERTIFICATES to revoke certificates by +serial number or key ID. The consist of the CA key that issued the +certificates to be revoked and a reserved field whose contents is currently +ignored. + + string ca_key + string reserved + +Followed by one or more sections: + + byte cert_section_type + string cert_section_data + +The certificate section types are: + +#define KRL_SECTION_CERT_SERIAL_LIST 0x20 +#define KRL_SECTION_CERT_SERIAL_RANGE 0x21 +#define KRL_SECTION_CERT_SERIAL_BITMAP 0x22 +#define KRL_SECTION_CERT_KEY_ID 0x23 + +2.1 Certificate serial list section + +This section is identified as KRL_SECTION_CERT_SERIAL_LIST. It revokes +certificates by listing their serial numbers. The cert_section_data in this +case contains: + + uint64 revoked_cert_serial + uint64 ... + +This section may appear multiple times. + +2.2. Certificate serial range section + +These sections use type KRL_SECTION_CERT_SERIAL_RANGE and hold +a range of serial numbers of certificates: + + uint64 serial_min + uint64 serial_max + +All certificates in the range serial_min <= serial <= serial_max are +revoked. + +This section may appear multiple times. + +2.3. Certificate serial bitmap section + +Bitmap sections use type KRL_SECTION_CERT_SERIAL_BITMAP and revoke keys +by listing their serial number in a bitmap. + + uint64 serial_offset + mpint revoked_keys_bitmap + +A bit set at index N in the bitmap corresponds to revocation of a keys with +serial number (serial_offset + N). + +This section may appear multiple times. + +2.4. Revoked key ID sections + +KRL_SECTION_CERT_KEY_ID sections revoke particular certificate "key +ID" strings. This may be useful in revoking all certificates +associated with a particular identity, e.g. a host or a user. + + string key_id[0] + ... + +This section must contain at least one "key_id". This section may appear +multiple times. + +3. Explicit key sections + +These sections, identified as KRL_SECTION_EXPLICIT_KEY, revoke keys +(not certificates). They are less space efficient than serial numbers, +but are able to revoke plain keys. + + string public_key_blob[0] + .... + +This section must contain at least one "public_key_blob". The blob +must be a raw key (i.e. not a certificate). + +This section may appear multiple times. + +4. SHA1 fingerprint sections + +These sections, identified as KRL_SECTION_FINGERPRINT_SHA1, revoke +plain keys (i.e. not certificates) by listing their SHA1 hashes: + + string public_key_hash[0] + .... + +This section must contain at least one "public_key_hash". The hash blob +is obtained by taking the SHA1 hash of the public key blob. Hashes in +this section must appear in numeric order, treating each hash as a big- +endian integer. + +This section may appear multiple times. + +5. KRL signature sections + +The KRL_SECTION_SIGNATURE section serves a different purpose to the +preceeding ones: to provide cryptographic authentication of a KRL that +is retrieved over a channel that does not provide integrity protection. +Its format is slightly different to the previously-described sections: +in order to simplify the signature generation, it includes as a "body" +two string components instead of one. + + byte KRL_SECTION_SIGNATURE + string signature_key + string signature + +The signature is calculated over the entire KRL from the KRL_MAGIC +to this subsection's "signature_key", including both and using the +signature generation rules appropriate for the type of "signature_key". + +This section must appear last in the KRL. If multiple signature sections +appear, they must appear consecutively at the end of the KRL file. + +Implementations that retrieve KRLs over untrusted channels must verify +signatures. Signature sections are optional for KRLs distributed by +trusted means. + +$OpenBSD: PROTOCOL.krl,v 1.2 2013/01/18 00:24:58 djm Exp $ Modified: stable/9/crypto/openssh/README ============================================================================== --- stable/9/crypto/openssh/README Thu May 30 12:25:37 2013 (r251134) +++ stable/9/crypto/openssh/README Thu May 30 12:25:58 2013 (r251135) @@ -1,4 +1,4 @@ -See http://www.openssh.com/txt/release-6.1 for the release notes. +See http://www.openssh.com/txt/release-6.2p2 for the release notes. - A Japanese translation of this document and of the OpenSSH FAQ is - available at http://www.unixuser.org/~haruyama/security/openssh/index.html @@ -62,4 +62,4 @@ References - [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 [7] http://www.openssh.com/faq.html -$Id: README,v 1.81 2012/08/22 11:57:13 djm Exp $ +$Id: README,v 1.82.2.1 2013/05/10 06:12:54 djm Exp $ Modified: stable/9/crypto/openssh/auth-options.c ============================================================================== --- stable/9/crypto/openssh/auth-options.c Thu May 30 12:25:37 2013 (r251134) +++ stable/9/crypto/openssh/auth-options.c Thu May 30 12:25:58 2013 (r251135) @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.56 2011/10/18 04:58:26 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.57 2012/12/02 20:46:11 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -349,7 +349,7 @@ auth_parse_options(struct passwd *pw, ch xfree(patterns); *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***