From owner-svn-src-stable-11@freebsd.org Sat Sep 2 21:58:44 2017 Return-Path: Delivered-To: svn-src-stable-11@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D8D18E0668F; Sat, 2 Sep 2017 21:58:44 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7C27471E9C; Sat, 2 Sep 2017 21:58:44 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v82Lwh9L021128; Sat, 2 Sep 2017 21:58:43 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v82Lwhfk021124; Sat, 2 Sep 2017 21:58:43 GMT (envelope-from des@FreeBSD.org) Message-Id: <201709022158.v82Lwhfk021124@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Sat, 2 Sep 2017 21:58:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r323134 - in stable/11: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/openbsd-compat/regre... X-SVN-Group: stable-11 X-SVN-Commit-Author: des X-SVN-Commit-Paths: in stable/11: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/openbsd-compat/regress crypto/openssh/regress... X-SVN-Commit-Revision: 323134 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-11@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 11-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Sep 2017 21:58:45 -0000 Author: des Date: Sat Sep 2 21:58:42 2017 New Revision: 323134 URL: https://svnweb.freebsd.org/changeset/base/323134 Log: MFH (r314306,r314720): Upgrade OpenSSH to 7.4p1. Added: stable/11/crypto/openssh/openbsd-compat/strcasestr.c - copied unchanged from r314720, head/crypto/openssh/openbsd-compat/strcasestr.c stable/11/crypto/openssh/regress/allow-deny-users.sh - copied unchanged from r314720, head/crypto/openssh/regress/allow-deny-users.sh stable/11/crypto/openssh/regress/keygen-moduli.sh - copied unchanged from r314720, head/crypto/openssh/regress/keygen-moduli.sh stable/11/crypto/openssh/regress/moduli.in - copied unchanged from r314720, head/crypto/openssh/regress/moduli.in stable/11/crypto/openssh/regress/unittests/match/ - copied from r314720, head/crypto/openssh/regress/unittests/match/ Deleted: stable/11/crypto/openssh/auth-chall.c stable/11/crypto/openssh/auth-rh-rsa.c stable/11/crypto/openssh/auth-rsa.c stable/11/crypto/openssh/monitor_mm.c stable/11/crypto/openssh/monitor_mm.h stable/11/crypto/openssh/openbsd-compat/xmmap.c Modified: stable/11/crypto/openssh/.skipped-commit-ids stable/11/crypto/openssh/CREDITS stable/11/crypto/openssh/ChangeLog stable/11/crypto/openssh/INSTALL stable/11/crypto/openssh/Makefile.in stable/11/crypto/openssh/PROTOCOL stable/11/crypto/openssh/README stable/11/crypto/openssh/README.platform stable/11/crypto/openssh/README.privsep stable/11/crypto/openssh/TODO stable/11/crypto/openssh/aclocal.m4 stable/11/crypto/openssh/addrmatch.c stable/11/crypto/openssh/atomicio.c stable/11/crypto/openssh/audit-bsm.c stable/11/crypto/openssh/audit-linux.c stable/11/crypto/openssh/audit.c stable/11/crypto/openssh/audit.h stable/11/crypto/openssh/auth-options.c stable/11/crypto/openssh/auth-options.h stable/11/crypto/openssh/auth-pam.c stable/11/crypto/openssh/auth-pam.h stable/11/crypto/openssh/auth-rhosts.c stable/11/crypto/openssh/auth.c stable/11/crypto/openssh/auth.h stable/11/crypto/openssh/auth2-pubkey.c stable/11/crypto/openssh/authfile.c stable/11/crypto/openssh/buildpkg.sh.in stable/11/crypto/openssh/chacha.h stable/11/crypto/openssh/channels.c stable/11/crypto/openssh/channels.h stable/11/crypto/openssh/cipher-3des1.c stable/11/crypto/openssh/cipher-bf1.c stable/11/crypto/openssh/cipher-chachapoly.c stable/11/crypto/openssh/cipher.c stable/11/crypto/openssh/cipher.h stable/11/crypto/openssh/clientloop.c stable/11/crypto/openssh/clientloop.h stable/11/crypto/openssh/config.guess stable/11/crypto/openssh/config.h stable/11/crypto/openssh/config.sub stable/11/crypto/openssh/configure.ac stable/11/crypto/openssh/contrib/Makefile stable/11/crypto/openssh/contrib/gnome-ssh-askpass2.c stable/11/crypto/openssh/contrib/redhat/openssh.spec stable/11/crypto/openssh/contrib/suse/openssh.spec stable/11/crypto/openssh/defines.h stable/11/crypto/openssh/dh.c stable/11/crypto/openssh/entropy.h stable/11/crypto/openssh/freebsd-configure.sh stable/11/crypto/openssh/gss-genr.c stable/11/crypto/openssh/hostfile.c stable/11/crypto/openssh/kex.c stable/11/crypto/openssh/kex.h stable/11/crypto/openssh/kexgexc.c stable/11/crypto/openssh/kexgexs.c stable/11/crypto/openssh/key.h stable/11/crypto/openssh/krl.c stable/11/crypto/openssh/mac.c stable/11/crypto/openssh/match.c stable/11/crypto/openssh/md5crypt.h stable/11/crypto/openssh/mdoc2man.awk stable/11/crypto/openssh/misc.c stable/11/crypto/openssh/misc.h stable/11/crypto/openssh/moduli stable/11/crypto/openssh/moduli.c stable/11/crypto/openssh/monitor.c stable/11/crypto/openssh/monitor.h stable/11/crypto/openssh/monitor_wrap.c stable/11/crypto/openssh/monitor_wrap.h stable/11/crypto/openssh/mux.c stable/11/crypto/openssh/myproposal.h stable/11/crypto/openssh/opacket.h stable/11/crypto/openssh/openbsd-compat/Makefile.in stable/11/crypto/openssh/openbsd-compat/base64.h stable/11/crypto/openssh/openbsd-compat/bsd-asprintf.c stable/11/crypto/openssh/openbsd-compat/bsd-cray.c stable/11/crypto/openssh/openbsd-compat/bsd-cray.h stable/11/crypto/openssh/openbsd-compat/bsd-cygwin_util.c stable/11/crypto/openssh/openbsd-compat/bsd-cygwin_util.h stable/11/crypto/openssh/openbsd-compat/bsd-misc.c stable/11/crypto/openssh/openbsd-compat/bsd-misc.h stable/11/crypto/openssh/openbsd-compat/bsd-nextstep.c stable/11/crypto/openssh/openbsd-compat/bsd-nextstep.h stable/11/crypto/openssh/openbsd-compat/bsd-openpty.c stable/11/crypto/openssh/openbsd-compat/bsd-poll.c stable/11/crypto/openssh/openbsd-compat/bsd-setres_id.c stable/11/crypto/openssh/openbsd-compat/bsd-setres_id.h stable/11/crypto/openssh/openbsd-compat/bsd-statvfs.c stable/11/crypto/openssh/openbsd-compat/bsd-statvfs.h stable/11/crypto/openssh/openbsd-compat/bsd-waitpid.c stable/11/crypto/openssh/openbsd-compat/bsd-waitpid.h stable/11/crypto/openssh/openbsd-compat/explicit_bzero.c stable/11/crypto/openssh/openbsd-compat/fake-rfc2553.c stable/11/crypto/openssh/openbsd-compat/fake-rfc2553.h stable/11/crypto/openssh/openbsd-compat/getcwd.c stable/11/crypto/openssh/openbsd-compat/getgrouplist.c stable/11/crypto/openssh/openbsd-compat/openbsd-compat.h stable/11/crypto/openssh/openbsd-compat/openssl-compat.c stable/11/crypto/openssh/openbsd-compat/openssl-compat.h stable/11/crypto/openssh/openbsd-compat/port-aix.c stable/11/crypto/openssh/openbsd-compat/port-aix.h stable/11/crypto/openssh/openbsd-compat/port-irix.c stable/11/crypto/openssh/openbsd-compat/port-irix.h stable/11/crypto/openssh/openbsd-compat/port-linux.c stable/11/crypto/openssh/openbsd-compat/port-linux.h stable/11/crypto/openssh/openbsd-compat/port-solaris.c stable/11/crypto/openssh/openbsd-compat/port-solaris.h stable/11/crypto/openssh/openbsd-compat/port-tun.c stable/11/crypto/openssh/openbsd-compat/readpassphrase.c stable/11/crypto/openssh/openbsd-compat/setproctitle.c stable/11/crypto/openssh/openbsd-compat/sha2.c stable/11/crypto/openssh/openbsd-compat/sha2.h stable/11/crypto/openssh/openbsd-compat/vis.c stable/11/crypto/openssh/openbsd-compat/xcrypt.c stable/11/crypto/openssh/opensshd.init.in stable/11/crypto/openssh/packet.c stable/11/crypto/openssh/packet.h stable/11/crypto/openssh/platform-tracing.c (contents, props changed) stable/11/crypto/openssh/platform.c stable/11/crypto/openssh/platform.h stable/11/crypto/openssh/readconf.c stable/11/crypto/openssh/regress/Makefile stable/11/crypto/openssh/regress/agent-getpeereid.sh stable/11/crypto/openssh/regress/cert-file.sh (contents, props changed) stable/11/crypto/openssh/regress/cert-userkey.sh stable/11/crypto/openssh/regress/connect-privsep.sh stable/11/crypto/openssh/regress/integrity.sh stable/11/crypto/openssh/regress/keys-command.sh stable/11/crypto/openssh/regress/login-timeout.sh stable/11/crypto/openssh/regress/misc/kexfuzz/README stable/11/crypto/openssh/regress/misc/kexfuzz/kexfuzz.c (contents, props changed) stable/11/crypto/openssh/regress/principals-command.sh (contents, props changed) stable/11/crypto/openssh/regress/putty-ciphers.sh stable/11/crypto/openssh/regress/putty-kex.sh stable/11/crypto/openssh/regress/putty-transfer.sh stable/11/crypto/openssh/regress/reexec.sh stable/11/crypto/openssh/regress/sftp-chroot.sh stable/11/crypto/openssh/regress/test-exec.sh stable/11/crypto/openssh/regress/unittests/Makefile (contents, props changed) stable/11/crypto/openssh/regress/unittests/Makefile.inc stable/11/crypto/openssh/regress/unittests/bitmap/Makefile (contents, props changed) stable/11/crypto/openssh/regress/unittests/hostkeys/Makefile (contents, props changed) stable/11/crypto/openssh/regress/unittests/kex/Makefile (contents, props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/Makefile (contents, props changed) stable/11/crypto/openssh/regress/unittests/sshkey/Makefile (contents, props changed) stable/11/crypto/openssh/regress/unittests/utf8/Makefile (contents, props changed) stable/11/crypto/openssh/regress/unittests/utf8/tests.c (contents, props changed) stable/11/crypto/openssh/sandbox-darwin.c stable/11/crypto/openssh/sandbox-rlimit.c stable/11/crypto/openssh/scp.c stable/11/crypto/openssh/servconf.c stable/11/crypto/openssh/servconf.h stable/11/crypto/openssh/serverloop.c stable/11/crypto/openssh/serverloop.h stable/11/crypto/openssh/session.c stable/11/crypto/openssh/session.h stable/11/crypto/openssh/sftp-client.c stable/11/crypto/openssh/sftp-common.c stable/11/crypto/openssh/sftp-server.c stable/11/crypto/openssh/sftp.c stable/11/crypto/openssh/ssh-agent.1 stable/11/crypto/openssh/ssh-agent.c stable/11/crypto/openssh/ssh-keygen.c stable/11/crypto/openssh/ssh-pkcs11.c stable/11/crypto/openssh/ssh-rsa.c stable/11/crypto/openssh/ssh.c stable/11/crypto/openssh/ssh_config.5 stable/11/crypto/openssh/ssh_namespace.h stable/11/crypto/openssh/sshbuf.c (contents, props changed) stable/11/crypto/openssh/sshbuf.h (contents, props changed) stable/11/crypto/openssh/sshconnect.c stable/11/crypto/openssh/sshconnect1.c stable/11/crypto/openssh/sshconnect2.c stable/11/crypto/openssh/sshd.8 stable/11/crypto/openssh/sshd.c stable/11/crypto/openssh/sshd_config stable/11/crypto/openssh/sshd_config.5 stable/11/crypto/openssh/sshkey.c (contents, props changed) stable/11/crypto/openssh/sshkey.h (contents, props changed) stable/11/crypto/openssh/sshpty.c stable/11/crypto/openssh/sshpty.h stable/11/crypto/openssh/utf8.c (contents, props changed) stable/11/crypto/openssh/utf8.h (contents, props changed) stable/11/crypto/openssh/version.h stable/11/secure/lib/libssh/Makefile stable/11/secure/usr.sbin/sshd/Makefile Directory Properties: stable/11/ (props changed) stable/11/crypto/openssh/cipher-aesctr.c (props changed) stable/11/crypto/openssh/cipher-aesctr.h (props changed) stable/11/crypto/openssh/openbsd-compat/bsd-err.c (props changed) stable/11/crypto/openssh/openbsd-compat/kludge-fd_set.c (props changed) stable/11/crypto/openssh/openbsd-compat/regress/opensslvertest.c (props changed) stable/11/crypto/openssh/platform-pledge.c (props changed) stable/11/crypto/openssh/regress/cfgparse.sh (props changed) stable/11/crypto/openssh/regress/check-perm.c (props changed) stable/11/crypto/openssh/regress/hostkey-agent.sh (props changed) stable/11/crypto/openssh/regress/hostkey-rotate.sh (props changed) stable/11/crypto/openssh/regress/keygen-knownhosts.sh (props changed) stable/11/crypto/openssh/regress/limit-keytype.sh (props changed) stable/11/crypto/openssh/regress/misc/Makefile (props changed) stable/11/crypto/openssh/regress/misc/kexfuzz/Makefile (props changed) stable/11/crypto/openssh/regress/multipubkey.sh (props changed) stable/11/crypto/openssh/regress/unittests/hostkeys/mktestdata.sh (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/test_sshbuf.c (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_fixed.c (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_fuzz.c (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_getput_basic.c (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_getput_crypto.c (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_misc.c (props changed) stable/11/crypto/openssh/regress/unittests/sshbuf/tests.c (props changed) stable/11/crypto/openssh/regress/unittests/sshkey/common.c (props changed) stable/11/crypto/openssh/regress/unittests/sshkey/common.h (props changed) stable/11/crypto/openssh/regress/unittests/sshkey/test_file.c (props changed) stable/11/crypto/openssh/regress/unittests/sshkey/test_fuzz.c (props changed) stable/11/crypto/openssh/regress/unittests/sshkey/test_sshkey.c (props changed) stable/11/crypto/openssh/regress/unittests/sshkey/tests.c (props changed) stable/11/crypto/openssh/regress/unittests/test_helper/Makefile (props changed) stable/11/crypto/openssh/regress/unittests/test_helper/fuzz.c (props changed) stable/11/crypto/openssh/regress/unittests/test_helper/test_helper.c (props changed) stable/11/crypto/openssh/regress/unittests/test_helper/test_helper.h (props changed) stable/11/crypto/openssh/regress/valgrind-unit.sh (props changed) stable/11/crypto/openssh/sandbox-pledge.c (props changed) stable/11/crypto/openssh/sandbox-solaris.c (props changed) stable/11/crypto/openssh/sshbuf-getput-basic.c (props changed) stable/11/crypto/openssh/sshbuf-getput-crypto.c (props changed) stable/11/crypto/openssh/sshbuf-misc.c (props changed) stable/11/crypto/openssh/ssherr.c (props changed) stable/11/crypto/openssh/ssherr.h (props changed) Modified: stable/11/crypto/openssh/.skipped-commit-ids ============================================================================== --- stable/11/crypto/openssh/.skipped-commit-ids Sat Sep 2 19:22:16 2017 (r323133) +++ stable/11/crypto/openssh/.skipped-commit-ids Sat Sep 2 21:58:42 2017 (r323134) @@ -9,3 +9,5 @@ edbfde98c40007b7752a4ac106095e060c25c1ef Regen moduli 180d84674be1344e45a63990d60349988187c1ae Update moduli f6ae971186ba68d066cd102e57d5b0b2c211a5ee systrace is dead. 96c5054e3e1f170c6276902d5bc65bb3b87a2603 remove DEBUGLIBS from Makefile +6da9a37f74aef9f9cc639004345ad893cad582d8 Update moduli file +77bcb50e47b68c7209c7f0a5a020d73761e5143b unset REGRESS_FAIL_EARLY Modified: stable/11/crypto/openssh/CREDITS ============================================================================== --- stable/11/crypto/openssh/CREDITS Sat Sep 2 19:22:16 2017 (r323133) +++ stable/11/crypto/openssh/CREDITS Sat Sep 2 21:58:42 2017 (r323134) @@ -100,6 +100,3 @@ Zack Weinberg - GNOME askpass e Apologies to anyone I have missed. Damien Miller - -$Id: CREDITS,v 1.81 2006/08/30 17:24:41 djm Exp $ - Modified: stable/11/crypto/openssh/ChangeLog ============================================================================== --- stable/11/crypto/openssh/ChangeLog Sat Sep 2 19:22:16 2017 (r323133) +++ stable/11/crypto/openssh/ChangeLog Sat Sep 2 21:58:42 2017 (r323134) @@ -1,3 +1,1865 @@ +commit 4a354fc231174901f2629437c2a6e924a2dd6772 +Author: Damien Miller +Date: Mon Dec 19 15:59:26 2016 +1100 + + crank version numbers for release + +commit 5f8d0bb8413d4d909cc7aa3c616fb0538224c3c9 +Author: djm@openbsd.org +Date: Mon Dec 19 04:55:51 2016 +0000 + + upstream commit + + openssh-7.4 + + Upstream-ID: 1ee404adba6bbe10ae9277cbae3a94abe2867b79 + +commit 3a8213ea0ed843523e34e55ab9c852332bab4c7b +Author: djm@openbsd.org +Date: Mon Dec 19 04:55:18 2016 +0000 + + upstream commit + + remove testcase that depends on exact output and + behaviour of snprintf(..., "%s", NULL) + + Upstream-Regress-ID: cab4288531766bd9593cb556613b91a2eeefb56f + +commit eae735a82d759054f6ec7b4e887fb7a5692c66d7 +Author: dtucker@openbsd.org +Date: Mon Dec 19 03:32:57 2016 +0000 + + upstream commit + + Use LOGNAME to get current user and fall back to whoami if + not set. Mainly to benefit -portable since some platforms don't have whoami. + + Upstream-Regress-ID: e3a16b7836a3ae24dc8f8a4e43fdf8127a60bdfa + +commit 0d2f88428487518eea60602bd593989013831dcf +Author: dtucker@openbsd.org +Date: Fri Dec 16 03:51:19 2016 +0000 + + upstream commit + + Add regression test for AllowUsers and DenyUsers. Patch from + Zev Weiss + + Upstream-Regress-ID: 8f1aac24d52728398871dac14ad26ea38b533fb9 + +commit 3bc8180a008929f6fe98af4a56fb37d04444b417 +Author: Darren Tucker +Date: Fri Dec 16 15:02:24 2016 +1100 + + Add missing monitor.h include. + + Fixes warning pointed out by Zev Weiss + +commit 410681f9015d76cc7b137dd90dac897f673244a0 +Author: djm@openbsd.org +Date: Fri Dec 16 02:48:55 2016 +0000 + + upstream commit + + revert to rev1.2; the new bits in this test depend on changes + to ssh that aren't yet committed + + Upstream-Regress-ID: 828ffc2c7afcf65d50ff2cf3dfc47a073ad39123 + +commit 2f2ffa4fbe4b671bbffa0611f15ba44cff64d58e +Author: dtucker@openbsd.org +Date: Fri Dec 16 01:06:27 2016 +0000 + + upstream commit + + Move the "stop sshd" code into its own helper function. + Patch from Zev Weiss , ok djm@ + + Upstream-Regress-ID: a113dea77df5bd97fb4633ea31f3d72dbe356329 + +commit e15e7152331e3976b35475fd4e9c72897ad0f074 +Author: djm@openbsd.org +Date: Fri Dec 16 01:01:07 2016 +0000 + + upstream commit + + regression test for certificates along with private key + with no public half. bz#2617, mostly from Adam Eijdenberg + + Upstream-Regress-ID: 2e74dc2c726f4dc839609b3ce045466b69f01115 + +commit 9a70ec085faf6e55db311cd1a329f1a35ad2a500 +Author: dtucker@openbsd.org +Date: Thu Dec 15 23:50:37 2016 +0000 + + upstream commit + + Use $SUDO to read pidfile in case root's umask is + restricted. From portable. + + Upstream-Regress-ID: f6b1c7ffbc5a0dfb7d430adb2883344899174a98 + +commit fe06b68f824f8f55670442fb31f2c03526dd326c +Author: dtucker@openbsd.org +Date: Thu Dec 15 21:29:05 2016 +0000 + + upstream commit + + Add missing braces in DenyUsers code. Patch from zev at + bewilderbeest.net, ok deraadt@ + + Upstream-ID: d747ace338dcf943b077925f90f85f789714b54e + +commit dcc7d74242a574fd5c4afbb4224795b1644321e7 +Author: dtucker@openbsd.org +Date: Thu Dec 15 21:20:41 2016 +0000 + + upstream commit + + Fix text in error message. Patch from zev at + bewilderbeest.net. + + Upstream-ID: deb0486e175e7282f98f9a15035d76c55c84f7f6 + +commit b737e4d7433577403a31cff6614f6a1b0b5e22f4 +Author: djm@openbsd.org +Date: Wed Dec 14 00:36:34 2016 +0000 + + upstream commit + + disable Unix-domain socket forwarding when privsep is + disabled + + Upstream-ID: ab61516ae0faadad407857808517efa900a0d6d0 + +commit 08a1e7014d65c5b59416a0e138c1f73f417496eb +Author: djm@openbsd.org +Date: Fri Dec 9 03:04:29 2016 +0000 + + upstream commit + + log connections dropped in excess of MaxStartups at + verbose LogLevel; bz#2613 based on diff from Tomas Kuthan; ok dtucker@ + + Upstream-ID: 703ae690dbf9b56620a6018f8a3b2389ce76d92b + +commit 10e290ec00964b2bf70faab15a10a5574bb80527 +Author: Darren Tucker +Date: Tue Dec 13 13:51:32 2016 +1100 + + Get default of TEST_SSH_UTF8 from environment. + +commit b9b8ba3f9ed92c6220b58d70d1e6d8aa3eea1104 +Author: Darren Tucker +Date: Tue Dec 13 12:56:40 2016 +1100 + + Remove commented-out includes. + + These commented-out includes have "Still needed?" comments. Since + they've been commented out for ~13 years I assert that they're not. + +commit 25275f1c9d5f01a0877d39444e8f90521a598ea0 +Author: Darren Tucker +Date: Tue Dec 13 12:54:23 2016 +1100 + + Add prototype for strcasestr in compat library. + +commit afec07732aa2985142f3e0b9a01eb6391f523dec +Author: Darren Tucker +Date: Tue Dec 13 10:23:03 2016 +1100 + + Add strcasestr to compat library. + + Fixes build on (at least) Solaris 10. + +commit dda78a03af32e7994f132d923c2046e98b7c56c8 +Author: Damien Miller +Date: Mon Dec 12 13:57:10 2016 +1100 + + Force Turkish locales back to C/POSIX; bz#2643 + + Turkish locales are unique in their handling of the letters 'i' and + 'I' (yes, they are different letters) and OpenSSH isn't remotely + prepared to deal with that. For now, the best we can do is to force + OpenSSH to use the C/POSIX locale and try to preserve the UTF-8 + encoding if possible. + + ok dtucker@ + +commit c35995048f41239fc8895aadc3374c5f75180554 +Author: Darren Tucker +Date: Fri Dec 9 12:52:02 2016 +1100 + + exit is in stdlib.h not unistd.h (that's _exit). + +commit d399a8b914aace62418c0cfa20341aa37a192f98 +Author: Darren Tucker +Date: Fri Dec 9 12:33:25 2016 +1100 + + Include for exit in utf8 locale test. + +commit 47b8c99ab3221188ad3926108dd9d36da3b528ec +Author: Darren Tucker +Date: Thu Dec 8 15:48:34 2016 +1100 + + Check for utf8 local support before testing it. + + Check for utf8 local support and if not found, do not attempt to run the + utf8 tests. Suggested by djm@ + +commit 4089fc1885b3a2822204effbb02b74e3da58240d +Author: Darren Tucker +Date: Thu Dec 8 12:57:24 2016 +1100 + + Use AC_PATH_TOOL for krb5-config. + + This will use the host-prefixed version when cross compiling; patch from + david.michael at coreos.com. + +commit b4867e0712c89b93be905220c82f0a15e6865d1e +Author: djm@openbsd.org +Date: Tue Dec 6 07:48:01 2016 +0000 + + upstream commit + + make IdentityFile successfully load and use certificates that + have no corresponding bare public key. E.g. just a private id_rsa and + certificate id_rsa-cert.pub (and no id_rsa.pub). + + bz#2617 ok dtucker@ + + Upstream-ID: c1e9699b8c0e3b63cc4189e6972e3522b6292604 + +commit c9792783a98881eb7ed295680013ca97a958f8ac +Author: Damien Miller +Date: Fri Nov 25 14:04:21 2016 +1100 + + Add a gnome-ssh-askpass3 target for GTK+3 version + + Based on patch from Colin Watson via bz#2640 + +commit 7be85ae02b9de0993ce0a1d1e978e11329f6e763 +Author: Damien Miller +Date: Fri Nov 25 14:03:53 2016 +1100 + + Make gnome-ssh-askpass2.c GTK+3-friendly + + Patch from Colin Watson via bz#2640 + +commit b9844a45c7f0162fd1b5465683879793d4cc4aaa +Author: djm@openbsd.org +Date: Sun Dec 4 23:54:02 2016 +0000 + + upstream commit + + Fix public key authentication when multiple + authentication is in use. Instead of deleting and re-preparing the entire + keys list, just reset the 'used' flags; the keys list is already in a good + order (with already- tried keys at the back) + + Analysis and patch from Vincent Brillault on bz#2642; ok dtucker@ + + Upstream-ID: 7123f12dc2f3bcaae715853035a97923d7300176 + +commit f2398eb774075c687b13af5bc22009eb08889abe +Author: dtucker@openbsd.org +Date: Sun Dec 4 22:27:25 2016 +0000 + + upstream commit + + Unlink PidFile on SIGHUP and always recreate it when the + new sshd starts. Regression tests (and possibly other things) depend on the + pidfile being recreated after SIGHUP, and unlinking it means it won't contain + a stale pid if sshd fails to restart. ok djm@ markus@ + + Upstream-ID: 132dd6dda0c77dd49d2f15b2573b5794f6160870 + +commit 85aa2efeba51a96bf6834f9accf2935d96150296 +Author: djm@openbsd.org +Date: Wed Nov 30 03:01:33 2016 +0000 + + upstream commit + + test new behaviour of cert force-command restriction vs. + authorized_key/ principals + + Upstream-Regress-ID: 399efa7469d40c404c0b0a295064ce75d495387c + +commit 5d333131cd8519d022389cfd3236280818dae1bc +Author: jmc@openbsd.org +Date: Wed Nov 30 06:54:26 2016 +0000 + + upstream commit + + tweak previous; while here fix up FILES and AUTHORS; + + Upstream-ID: 93f6e54086145a75df8d8ec7d8689bdadbbac8fa + +commit 786d5994da79151180cb14a6cf157ebbba61c0cc +Author: djm@openbsd.org +Date: Wed Nov 30 03:07:37 2016 +0000 + + upstream commit + + add a whitelist of paths from which ssh-agent will load + (via ssh-pkcs11-helper) a PKCS#11 module; ok markus@ + + Upstream-ID: fe79769469d9cd6d26fe0dc15751b83ef2a06e8f + +commit 7844f357cdd90530eec81340847783f1f1da010b +Author: djm@openbsd.org +Date: Wed Nov 30 03:00:05 2016 +0000 + + upstream commit + + Add a sshd_config DisableForwaring option that disables + X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as + anything else we might implement in the future. + + This, like the 'restrict' authorized_keys flag, is intended to be a + simple and future-proof way of restricting an account. Suggested as + a complement to 'restrict' by Jann Horn; ok markus@ + + Upstream-ID: 203803f66e533a474086b38a59ceb4cf2410fcf7 + +commit fd6dcef2030d23c43f986d26979f84619c10589d +Author: djm@openbsd.org +Date: Wed Nov 30 02:57:40 2016 +0000 + + upstream commit + + When a forced-command appears in both a certificate and + an authorized keys/principals command= restriction, refuse to accept the + certificate unless they are identical. + + The previous (documented) behaviour of having the certificate forced- + command override the other could be a bit confused and more error-prone. + + Pointed out by Jann Horn of Project Zero; ok dtucker@ + + Upstream-ID: 79d811b6eb6bbe1221bf146dde6928f92d2cd05f + +commit 7fc4766ac78abae81ee75b22b7550720bfa28a33 +Author: dtucker@openbsd.org +Date: Wed Nov 30 00:28:31 2016 +0000 + + upstream commit + + On startup, check to see if sshd is already daemonized + and if so, skip the call to daemon() and do not rewrite the PidFile. This + means that when sshd re-execs itself on SIGHUP the process ID will no longer + change. Should address bz#2641. ok djm@ markus@. + + Upstream-ID: 5ea0355580056fb3b25c1fd6364307d9638a37b9 + +commit c9f880c195c65f1dddcbc4ce9d6bfea7747debcc +Author: Damien Miller +Date: Wed Nov 30 13:51:49 2016 +1100 + + factor out common PRNG reseed before privdrop + + Add a call to RAND_poll() to ensure than more than pid+time gets + stirred into child processes states. Prompted by analysis from Jann + Horn at Project Zero. ok dtucker@ + +commit 79e4829ec81dead1b30999e1626eca589319a47f +Author: dtucker@openbsd.org +Date: Fri Nov 25 03:02:01 2016 +0000 + + upstream commit + + Allow PuTTY interop tests to run unattended. bz#2639, + patch from cjwatson at debian.org. + + Upstream-Regress-ID: 4345253558ac23b2082aebabccd48377433b6fe0 + +commit 504c3a9a1bf090f6b27260fc3e8ea7d984d163dc +Author: dtucker@openbsd.org +Date: Fri Nov 25 02:56:49 2016 +0000 + + upstream commit + + Reverse args to sshd-log-wrapper. Matches change in + portable, where it allows sshd do be optionally run under Valgrind. + + Upstream-Regress-ID: b438d1c6726dc5caa2a45153e6103a0393faa906 + +commit bd13017736ec2f8f9ca498fe109fb0035f322733 +Author: dtucker@openbsd.org +Date: Fri Nov 25 02:49:18 2016 +0000 + + upstream commit + + Fix typo in trace message; from portable. + + Upstream-Regress-ID: 4c4a2ba0d37faf5fd230a91b4c7edb5699fbd73a + +commit 7da751d8b007c7f3e814fd5737c2351440d78b4c +Author: tb@openbsd.org +Date: Tue Nov 1 13:43:27 2016 +0000 + + upstream commit + + Clean up MALLOC_OPTIONS. For the unittests, move + MALLOC_OPTIONS and TEST_ENV to unittets/Makefile.inc. + + ok otto + + Upstream-Regress-ID: 890d497e0a38eeddfebb11cc429098d76cf29f12 + +commit 36f58e68221bced35e06d1cca8d97c48807a8b71 +Author: tb@openbsd.org +Date: Mon Oct 31 23:45:08 2016 +0000 + + upstream commit + + Remove the obsolete A and P flags from MALLOC_OPTIONS. + + ok dtucker + + Upstream-Regress-ID: 6cc25024c8174a87e5734a0dc830194be216dd59 + +commit b0899ee26a6630883c0f2350098b6a35e647f512 +Author: dtucker@openbsd.org +Date: Tue Nov 29 03:54:50 2016 +0000 + + upstream commit + + Factor out code to disconnect from controlling terminal + into its own function. ok djm@ + + Upstream-ID: 39fd9e8ebd7222615a837312face5cc7ae962885 + +commit 54d022026aae4f53fa74cc636e4a032d9689b64d +Author: djm@openbsd.org +Date: Fri Nov 25 23:24:45 2016 +0000 + + upstream commit + + use sshbuf_allocate() to pre-allocate the buffer used for + loading keys. This avoids implicit realloc inside the buffer code, which + might theoretically leave fragments of the key on the heap. This doesn't + appear to happen in practice for normal sized keys, but was observed for + novelty oversize ones. + + Pointed out by Jann Horn of Project Zero; ok markus@ + + Upstream-ID: d620e1d46a29fdea56aeadeda120879eddc60ab1 + +commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e +Author: djm@openbsd.org +Date: Fri Nov 25 23:22:04 2016 +0000 + + upstream commit + + split allocation out of sshbuf_reserve() into a separate + sshbuf_allocate() function; ok markus@ + + Upstream-ID: 11b8a2795afeeb1418d508a2c8095b3355577ec2 + +commit f0ddedee460486fa0e32fefb2950548009e5026e +Author: markus@openbsd.org +Date: Wed Nov 23 23:14:15 2016 +0000 + + upstream commit + + allow ClientAlive{Interval,CountMax} in Match; ok dtucker, + djm + + Upstream-ID: 8beb4c1eadd588f1080b58932281983864979f55 + +commit 1a6f9d2e2493d445cd9ee496e6e3c2a2f283f66a +Author: djm@openbsd.org +Date: Tue Nov 8 22:04:34 2016 +0000 + + upstream commit + + unbreak DenyUsers; reported by henning@ + + Upstream-ID: 1c67d4148f5e953c35acdb62e7c08ae8e33f7cb2 + +commit 010359b32659f455fddd2bd85fd7cc4d7a3b994a +Author: djm@openbsd.org +Date: Sun Nov 6 05:46:37 2016 +0000 + + upstream commit + + Validate address ranges for AllowUser/DenyUsers at + configuration load time and refuse to accept bad ones. It was previously + possible to specify invalid CIDR address ranges (e.g. djm@127.1.2.3/55) and + these would always match. + + Thanks to Laurence Parry for a detailed bug report. ok markus (for + a previous diff version) + + Upstream-ID: 9dfcdd9672b06e65233ea4434c38226680d40bfb + +commit efb494e81d1317209256b38b49f4280897c61e69 +Author: djm@openbsd.org +Date: Fri Oct 28 03:33:52 2016 +0000 + + upstream commit + + Improve pkcs11_add_provider() logging: demote some + excessively verbose error()s to debug()s, include PKCS#11 provider name and + slot in log messages where possible. bz#2610, based on patch from Jakub Jelen + + Upstream-ID: 3223ef693cfcbff9079edfc7e89f55bf63e1973d + +commit 5ee3fb5affd7646f141749483205ade5fc54adaf +Author: Darren Tucker +Date: Tue Nov 1 08:12:33 2016 +1100 + + Use ptrace(PT_DENY_ATTACH, ..) on OS X. + +commit 315d2a4e674d0b7115574645cb51f968420ebb34 +Author: Damien Miller +Date: Fri Oct 28 14:34:07 2016 +1100 + + Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL + + ok dtucker@ + +commit a9ff3950b8e80ff971b4d44bbce96df27aed28af +Author: Darren Tucker +Date: Fri Oct 28 14:26:58 2016 +1100 + + Move OPENSSL_NO_RIPEMD160 to compat. + + Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the + ripemd160 MACs. + +commit bce58885160e5db2adda3054c3b81fe770f7285a +Author: Darren Tucker +Date: Fri Oct 28 13:52:31 2016 +1100 + + Check if RIPEMD160 is disabled in OpenSSL. + +commit d924640d4c355d1b5eca1f4cc60146a9975dbbff +Author: Darren Tucker +Date: Fri Oct 28 13:38:19 2016 +1100 + + Skip ssh1 specfic ciphers. + + cipher-3des1.c and cipher-bf1.c are specific to sshv1 so don't even try + to compile them when Protocol 1 is not enabled. + +commit 79d078e7a49caef746516d9710ec369ba45feab6 +Author: jsg@openbsd.org +Date: Tue Oct 25 04:08:13 2016 +0000 + + upstream commit + + Fix logic in add_local_forward() that inverted a test + when code was refactored out into bind_permitted(). This broke ssh port + forwarding for non-priv ports as a non root user. + + ok dtucker@ 'looks good' deraadt@ + + Upstream-ID: ddb8156ca03cc99997de284ce7777536ff9570c9 + +commit a903e315dee483e555c8a3a02c2946937f9b4e5d +Author: dtucker@openbsd.org +Date: Mon Oct 24 01:09:17 2016 +0000 + + upstream commit + + Remove dead breaks, found via opencoverage.net. ok + deraadt@ + + Upstream-ID: ad9cc655829d67fad219762810770787ba913069 + +commit b4e96b4c9bea4182846e4942ba2048e6d708ee54 +Author: Darren Tucker +Date: Wed Oct 26 08:43:25 2016 +1100 + + Use !=NULL instead of >0 for getdefaultproj. + + getdefaultproj() returns a pointer so test it for NULL inequality + instead of >0. Fixes compiler warning and is more correct. Patch from + David Binderman. + +commit 1c4ef0b808d3d38232aeeb1cebb7e9a43def42c5 +Author: dtucker@openbsd.org +Date: Sun Oct 23 22:04:05 2016 +0000 + + upstream commit + + Factor out "can bind to low ports" check into its own function. This will + make it easier for Portable to support platforms with permissions models + other than uid==0 (eg bz#2625). ok djm@, "doesn't offend me too much" + deraadt@. + + Upstream-ID: 86213df4183e92b8f189a6d2dac858c994bfface + +commit 0b9ee623d57e5de7e83e66fd61a7ba9a5be98894 +Author: dtucker@openbsd.org +Date: Wed Oct 19 23:21:56 2016 +0000 + + upstream commit + + When tearing down ControlMaster connecctions, don't + pollute stderr when LogLevel=quiet. Patch from Tim Kuijsten via tech@. + + Upstream-ID: d9b3a68b2a7c2f2fc7f74678e29a4618d55ceced + +commit 09e6a7d8354224933febc08ddcbc2010f542284e +Author: Darren Tucker +Date: Mon Oct 24 09:06:18 2016 +1100 + + Wrap stdint.h include in ifdef. + +commit 08d9e9516e587b25127545c029e5464b2e7f2919 +Author: Darren Tucker +Date: Fri Oct 21 09:46:46 2016 +1100 + + Fix formatting. + +commit 461f50e7ab8751d3a55e9158c44c13031db7ba1d +Author: Darren Tucker +Date: Fri Oct 21 06:55:58 2016 +1100 + + Update links to https. + + www.openssh.com now supports https and ftp.openbsd.org no longer + supports ftp. Make all links to these https. + +commit dd4e7212a6141f37742de97795e79db51e4427ad +Author: Darren Tucker +Date: Fri Oct 21 06:48:46 2016 +1100 + + Update host key generation examples. + + Remove ssh1 host key generation, add ssh-keygen -A + +commit 6d49ae82634c67e9a4d4af882bee20b40bb8c639 +Author: Darren Tucker +Date: Fri Oct 21 05:22:55 2016 +1100 + + Update links. + + Make links to openssh.com HTTPS now that it's supported, point release + notes link to the HTML release notes page, and update a couple of other + links and bits of text. + +commit fe0d1ca6ace06376625084b004ee533f2c2ea9d6 +Author: Darren Tucker +Date: Thu Oct 20 03:42:09 2016 +1100 + + Remote channels .orig and .rej files. + + These files were incorrectly added during an OpenBSD sync. + +commit 246aa842a4ad368d8ce030495e657ef3a0e1f95c +Author: dtucker@openbsd.org +Date: Tue Oct 18 17:32:54 2016 +0000 + + upstream commit + + Remove channel_input_port_forward_request(); the only caller + was the recently-removed SSH1 server code so it's now dead code. ok markus@ + + Upstream-ID: 05453983230a1f439562535fec2818f63f297af9 + +commit 2c6697c443d2c9c908260eed73eb9143223e3ec9 +Author: millert@openbsd.org +Date: Tue Oct 18 12:41:22 2016 +0000 + + upstream commit + + Install a signal handler for tty-generated signals and + wait for the ssh child to suspend before suspending sftp. This lets ssh + restore the terminal mode as needed when it is suspended at the password + prompt. OK dtucker@ + + Upstream-ID: a31c1f42aa3e2985dcc91e46e6a17bd22e372d69 + +commit fd2a8f1033fa2316fff719fd5176968277560158 +Author: jmc@openbsd.org +Date: Sat Oct 15 19:56:25 2016 +0000 + + upstream commit + + various formatting fixes, specifically removing Dq; + + Upstream-ID: 81e85df2b8e474f5f93d66e61d9a4419ce87347c + +commit 8f866d8a57b9a2dc5dd04504e27f593b551618e3 +Author: Darren Tucker +Date: Wed Oct 19 03:26:09 2016 +1100 + + Import readpassphrase.c rev 1.26. + + Author: miller@openbsd.org: + Avoid generate SIGTTOU when restoring the terminal mode. If we get + SIGTTOU it means the process is not in the foreground process group + which, in most cases, means that the shell has taken control of the tty. + Requiring the user the fg the process in this case doesn't make sense + and can result in both SIGTSTP and SIGTTOU being sent which can lead to + the process being suspended again immediately after being brought into + the foreground. + +commit f901440cc844062c9bab0183d133f7ccc58ac3a5 +Author: Darren Tucker +Date: Wed Oct 19 03:23:16 2016 +1100 + + Import readpassphrase.c rev 1.25. + + Wrap so internal calls go direct and + readpassphrase is weak. + + (DEF_WEAK is a no-op in portable.) + +commit 032147b69527e5448a511049b2d43dbcae582624 +Author: Darren Tucker +Date: Sat Oct 15 05:51:12 2016 +1100 + + Move DEF_WEAK into defines.h. + + As well pull in more recent changes from OpenBSD these will start to + arrive so put it where the definition is shared. + +commit e0259a82ddd950cfb109ddee86fcebbc09c6bd04 +Author: Darren Tucker +Date: Sat Oct 15 04:34:46 2016 +1100 + + Remove do_pam_set_tty which is dead code. + + The callers of do_pam_set_tty were removed in 2008, so this is now dead + code. bz#2604, pointed out by jjelen at redhat.com. + +commit ca04de83f210959ad2ed870a30ba1732c3ae00e3 +Author: Damien Miller +Date: Thu Oct 13 18:53:43 2016 +1100 + + unbreak principals-command test + + Undo inconsistetly updated variable name. + +commit 1723ec92eb485ce06b4cbf49712d21975d873909 +Author: djm@openbsd.org +Date: Tue Oct 11 21:49:54 2016 +0000 + + upstream commit + + fix the KEX fuzzer - the previous method of obtaining the + packet contents was broken. This now uses the new per-packet input hook, so + it sees exact post-decrypt packets and doesn't have to pass packet integrity + checks. ok markus@ + + Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd + +commit 09f997893f109799cddbfce6d7e67f787045cbb2 +Author: natano@openbsd.org +Date: Thu Oct 6 09:31:38 2016 +0000 + + upstream commit + + Move USER out of the way to unbreak the BUILDUSER + mechanism. ok tb + + Upstream-Regress-ID: 74ab9687417dd071d62316eaadd20ddad1d5af3c + +commit 3049a012c482a7016f674db168f23fd524edce27 +Author: bluhm@openbsd.org +Date: Fri Sep 30 11:55:20 2016 +0000 + + upstream commit + + In ssh tests set REGRESS_FAIL_EARLY with ?= so that the + environment can change it. OK djm@ + + Upstream-Regress-ID: 77bcb50e47b68c7209c7f0a5a020d73761e5143b + +commit 39af7b444db28c1cb01b7ea468a4f574a44f375b +Author: djm@openbsd.org +Date: Tue Oct 11 21:47:45 2016 +0000 + + upstream commit + + Add a per-packet input hook that is called with the + decrypted packet contents. This will be used for fuzzing; ok markus@ + + Upstream-ID: a3221cee6b1725dd4ae1dd2c13841b4784cb75dc + +commit ec165c392ca54317dbe3064a8c200de6531e89ad +Author: markus@openbsd.org +Date: Mon Oct 10 19:28:48 2016 +0000 + + upstream commit + + Unregister the KEXINIT handler after message has been + received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause + allocation of up to 128MB -- until the connection is closed. Reported by + shilei-c at 360.cn + + Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05 + +commit 29d40319392e6e19deeca9d45468aa1119846e50 +Author: Darren Tucker +Date: Thu Oct 13 04:07:20 2016 +1100 + + Import rev 1.24 from OpenBSD. + + revision 1.24 + date: 2013/11/24 23:51:29; author: deraadt; state: Exp; lines: +4 -4; + most obvious unsigned char casts for ctype + ok jca krw ingo + +commit 12069e56221de207ed666c2449dedb431a2a7ca2 +Author: Darren Tucker +Date: Thu Oct 13 04:04:44 2016 +1100 + + Import rev 1.23 from OpenBSD. Fixes bz#2619. + + revision 1.23 + date: 2010/05/14 13:30:34; author: millert; state: Exp; lines: +41 -39; + Defer installing signal handlers until echo is disabled so that we + get suspended normally when not the foreground process. Fix potential + infinite loop when restoring terminal settings if process is in the + background when restore occurs. OK miod@ + +commit 7508d83eff89af069760b4cc587305588a64e415 +Author: Darren Tucker +Date: Thu Oct 13 03:53:51 2016 +1100 + + If we don't have TCSASOFT, define it to zero. + + This makes it a no-op when we use it below, which allows us to re-sync + those lines with the upstream and make future updates easier. + +commit aae4dbd4c058d3b1fe1eb5c4e6ddf35827271377 +Author: jmc@openbsd.org +Date: Fri Oct 7 14:41:52 2016 +0000 + + upstream commit + + tidy up the formatting in this file. more specifically, + replace .Dq, which looks appalling, with .Cm, where appropriate; + + Upstream-ID: ff8e90aa0343d9bb56f40a535e148607973cc738 + +commit a571dbcc7b7b25371174569b13df5159bc4c6c7a +Author: djm@openbsd.org +Date: Tue Oct 4 21:34:40 2016 +0000 + + upstream commit + + add a comment about implicitly-expected checks to + sshkey_ec_validate_public() + + Upstream-ID: 74a7f71c28f7c13a50f89fc78e7863b9cd61713f + +commit 2f78a2a698f4222f8e05cad57ac6e0c3d1faff00 +Author: djm@openbsd.org +Date: Fri Sep 30 20:24:46 2016 +0000 + + upstream commit + + fix some -Wpointer-sign warnings in the new mux proxy; ok + markus@ + + Upstream-ID: b1ba7b3769fbc6b7f526792a215b0197f5e55dfd + +commit ca71c36645fc26fcd739a8cfdc702cec85607761 +Author: bluhm@openbsd.org +Date: Wed Sep 28 20:09:52 2016 +0000 + + upstream commit + + Add a makefile rule to create the ssh library when + regress needs it. This allows to run the ssh regression tests without doing + a "make build" before. Discussed with dtucker@ and djm@; OK djm@ + + Upstream-Regress-ID: ce489bd53afcd471225a125b4b94565d4717c025 + +commit ce44c970f913d2a047903dba8670554ac42fc479 +Author: bluhm@openbsd.org +Date: Mon Sep 26 21:34:38 2016 +0000 + + upstream commit + + Allow to run ssh regression tests as root. If the user + is already root, the test should not expect that SUDO is set. If ssh needs + another user, use sudo or doas to switch from root if necessary. OK dtucker@ + + Upstream-Regress-ID: b464e55185ac4303529e3e6927db41683aaeace2 + +commit 8d0578478586e283e751ca51e7b0690631da139a +Author: markus@openbsd.org +Date: Fri Sep 30 09:19:13 2016 +0000 + + upstream commit + + ssh proxy mux mode (-O proxy; idea from Simon Tatham): - mux + client speaks the ssh-packet protocol directly over unix-domain socket. - mux + server acts as a proxy, translates channel IDs and relays to the server. - no + filedescriptor passing necessary. - combined with unix-domain forwarding it's + even possible to run mux client and server on different machines. feedback + & ok djm@ + + Upstream-ID: 666a2fb79f58e5c50e246265fb2b9251e505c25b + +commit b7689155f3f5c4999846c07a852b1c7a43b09cec +Author: djm@openbsd.org +Date: Wed Sep 28 21:44:52 2016 +0000 + + upstream commit + + put back some pre-auth zlib bits that I shouldn't have + removed - they are still used by the client. Spotted by naddy@ + + Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2 + +commit 4577adead6a7d600c8e764619d99477a08192c8f +Author: djm@openbsd.org +Date: Wed Sep 28 20:32:42 2016 +0000 + + upstream commit + + restore pre-auth compression support in the client -- the + previous commit was intended to remove it from the server only. + + remove a few server-side pre-auth compression bits that escaped + + adjust wording of Compression directive in sshd_config(5) + + pointed out by naddy@ ok markus@ + + Upstream-ID: d23696ed72a228dacd4839dd9f2dec424ba2016b + +commit 80d1c963b4dc84ffd11d09617b39c4bffda08956 +Author: jmc@openbsd.org +Date: Wed Sep 28 17:59:22 2016 +0000 + + upstream commit + + use a separate TOKENS section, as we've done for + sshd_config(5); help/ok djm + + Upstream-ID: 640e32b5e4838e4363738cdec955084b3579481d + +commit 1cfd5c06efb121e58e8b6671548fda77ef4b4455 +Author: Damien Miller +Date: Thu Sep 29 03:19:23 2016 +1000 + + Remove portability support for mmap + + We no longer need to wrap/replace mmap for portability now that + pre-auth compression has been removed from OpenSSH. + +commit 0082fba4efdd492f765ed4c53f0d0fbd3bdbdf7f +Author: djm@openbsd.org +Date: Wed Sep 28 16:33:06 2016 +0000 + + upstream commit + + Remove support for pre-authentication compression. Doing + compression early in the protocol probably seemed reasonable in the 1990s, + but today it's clearly a bad idea in terms of both cryptography (cf. multiple + compression oracle attacks in TLS) and attack surface. + + Moreover, to support it across privilege-separation zlib needed + the assistance of a complex shared-memory manager that made the + required attack surface considerably larger. + + Prompted by Guido Vranken pointing out a compiler-elided security + check in the shared memory manager found by Stack + (http://css.csail.mit.edu/stack/); ok deraadt@ markus@ + + NB. pre-auth authentication has been disabled by default in sshd + for >10 years. + + Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf + +commit 27c3a9c2aede2184856b5de1e6eca414bb751c38 +Author: djm@openbsd.org +Date: Mon Sep 26 21:16:11 2016 +0000 + + upstream commit + *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***