From owner-svn-src-stable-8@FreeBSD.ORG Fri Mar 1 02:06:05 2013 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 2118F9B9; Fri, 1 Mar 2013 02:06:05 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id E448EF04; Fri, 1 Mar 2013 02:06:04 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r21264e2041884; Fri, 1 Mar 2013 02:06:04 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id r21264rB041882; Fri, 1 Mar 2013 02:06:04 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201303010206.r21264rB041882@svn.freebsd.org> From: Dag-Erling Smørgrav Date: Fri, 1 Mar 2013 02:06:04 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r247521 - in stable/8: crypto/openssh crypto/openssh/openbsd-compat etc/rc.d secure/lib/libssh secure/usr.bin/ssh secure/usr.sbin/sshd share/mk tools/build/options X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Mar 2013 02:06:05 -0000 Author: des Date: Fri Mar 1 02:06:04 2013 New Revision: 247521 URL: http://svnweb.freebsd.org/changeset/base/247521 Log: Pull in OpenSSH 6.1 from head. Although ECC-based algorithms are now supported, the order of preference has been changed so that RSA and DSA are still the preferred algorithms. Added: stable/8/crypto/openssh/audit-linux.c (contents, props changed) - copied, changed from r221420, head/crypto/openssh/audit-linux.c - copied unchanged from r221420, head/crypto/openssh/bufec.c - copied unchanged from r221420, head/crypto/openssh/kexecdh.c - copied unchanged from r221420, head/crypto/openssh/kexecdhc.c - copied unchanged from r221420, head/crypto/openssh/kexecdhs.c - copied unchanged from r221420, head/crypto/openssh/openbsd-compat/charclass.h - copied unchanged from r215116, head/crypto/openssh/openbsd-compat/strptime.c - copied unchanged from r221420, head/crypto/openssh/openbsd-compat/timingsafe_bcmp.c stable/8/crypto/openssh/sandbox-darwin.c - copied unchanged from r226046, head/crypto/openssh/sandbox-darwin.c stable/8/crypto/openssh/sandbox-null.c - copied unchanged from r226046, head/crypto/openssh/sandbox-null.c stable/8/crypto/openssh/sandbox-rlimit.c - copied, changed from r226046, head/crypto/openssh/sandbox-rlimit.c stable/8/crypto/openssh/sandbox-systrace.c - copied, changed from r226046, head/crypto/openssh/sandbox-systrace.c stable/8/crypto/openssh/ssh-ecdsa.c (contents, props changed) - copied, changed from r221420, head/crypto/openssh/ssh-ecdsa.c stable/8/crypto/openssh/ssh-sandbox.h - copied unchanged from r226046, head/crypto/openssh/ssh-sandbox.h stable/8/tools/build/options/WITH_OPENSSH_NONE_CIPHER - copied unchanged from r245527, head/tools/build/options/WITH_OPENSSH_NONE_CIPHER Directory Properties: stable/8/crypto/openssh/bufec.c (props changed) stable/8/crypto/openssh/kexecdh.c (props changed) stable/8/crypto/openssh/kexecdhc.c (props changed) stable/8/crypto/openssh/kexecdhs.c (props changed) stable/8/crypto/openssh/openbsd-compat/charclass.h (props changed) stable/8/crypto/openssh/openbsd-compat/strptime.c (props changed) stable/8/crypto/openssh/openbsd-compat/timingsafe_bcmp.c (props changed) Deleted: stable/8/crypto/openssh/WARNING.RNG stable/8/crypto/openssh/ssh-pkcs11-helper.0 stable/8/crypto/openssh/ssh-rand-helper.8 stable/8/crypto/openssh/ssh-rand-helper.c stable/8/crypto/openssh/version.c Modified: stable/8/crypto/openssh/ChangeLog stable/8/crypto/openssh/INSTALL stable/8/crypto/openssh/LICENCE stable/8/crypto/openssh/PROTOCOL stable/8/crypto/openssh/PROTOCOL.agent stable/8/crypto/openssh/PROTOCOL.certkeys stable/8/crypto/openssh/PROTOCOL.mux stable/8/crypto/openssh/README stable/8/crypto/openssh/aclocal.m4 stable/8/crypto/openssh/addrmatch.c stable/8/crypto/openssh/atomicio.c stable/8/crypto/openssh/atomicio.h stable/8/crypto/openssh/audit-bsm.c stable/8/crypto/openssh/audit.c stable/8/crypto/openssh/audit.h stable/8/crypto/openssh/auth-krb5.c stable/8/crypto/openssh/auth-options.c stable/8/crypto/openssh/auth-options.h stable/8/crypto/openssh/auth-pam.c (contents, props changed) stable/8/crypto/openssh/auth-passwd.c stable/8/crypto/openssh/auth-rsa.c stable/8/crypto/openssh/auth-skey.c stable/8/crypto/openssh/auth.c stable/8/crypto/openssh/auth.h stable/8/crypto/openssh/auth1.c stable/8/crypto/openssh/auth2-gss.c stable/8/crypto/openssh/auth2-hostbased.c stable/8/crypto/openssh/auth2-jpake.c stable/8/crypto/openssh/auth2-none.c stable/8/crypto/openssh/auth2-pubkey.c stable/8/crypto/openssh/auth2.c stable/8/crypto/openssh/authfd.c stable/8/crypto/openssh/authfile.c stable/8/crypto/openssh/authfile.h stable/8/crypto/openssh/bufaux.c stable/8/crypto/openssh/buffer.h stable/8/crypto/openssh/canohost.c stable/8/crypto/openssh/channels.c stable/8/crypto/openssh/channels.h stable/8/crypto/openssh/cipher-3des1.c stable/8/crypto/openssh/cipher-acss.c stable/8/crypto/openssh/cipher-aes.c stable/8/crypto/openssh/cipher-bf1.c stable/8/crypto/openssh/cipher-ctr.c stable/8/crypto/openssh/clientloop.c stable/8/crypto/openssh/clientloop.h stable/8/crypto/openssh/compat.c stable/8/crypto/openssh/compat.h stable/8/crypto/openssh/compress.c stable/8/crypto/openssh/config.guess stable/8/crypto/openssh/config.h stable/8/crypto/openssh/config.h.in stable/8/crypto/openssh/defines.h stable/8/crypto/openssh/dh.c stable/8/crypto/openssh/dns.c stable/8/crypto/openssh/dns.h stable/8/crypto/openssh/entropy.c stable/8/crypto/openssh/entropy.h stable/8/crypto/openssh/gss-serv.c stable/8/crypto/openssh/hostfile.c stable/8/crypto/openssh/hostfile.h stable/8/crypto/openssh/includes.h stable/8/crypto/openssh/jpake.c stable/8/crypto/openssh/kex.c stable/8/crypto/openssh/kex.h stable/8/crypto/openssh/kexdhc.c stable/8/crypto/openssh/kexdhs.c stable/8/crypto/openssh/kexgexc.c stable/8/crypto/openssh/kexgexs.c stable/8/crypto/openssh/key.c stable/8/crypto/openssh/key.h stable/8/crypto/openssh/log.c stable/8/crypto/openssh/log.h stable/8/crypto/openssh/loginrec.c (contents, props changed) stable/8/crypto/openssh/loginrec.h stable/8/crypto/openssh/logintest.c stable/8/crypto/openssh/mac.c stable/8/crypto/openssh/misc.c stable/8/crypto/openssh/misc.h stable/8/crypto/openssh/moduli stable/8/crypto/openssh/moduli.5 stable/8/crypto/openssh/moduli.c stable/8/crypto/openssh/monitor.c stable/8/crypto/openssh/monitor.h stable/8/crypto/openssh/monitor_wrap.c stable/8/crypto/openssh/monitor_wrap.h stable/8/crypto/openssh/mux.c stable/8/crypto/openssh/myproposal.h stable/8/crypto/openssh/openbsd-compat/bindresvport.c stable/8/crypto/openssh/openbsd-compat/bsd-arc4random.c stable/8/crypto/openssh/openbsd-compat/bsd-cygwin_util.c stable/8/crypto/openssh/openbsd-compat/bsd-cygwin_util.h stable/8/crypto/openssh/openbsd-compat/bsd-misc.c stable/8/crypto/openssh/openbsd-compat/bsd-misc.h stable/8/crypto/openssh/openbsd-compat/getcwd.c stable/8/crypto/openssh/openbsd-compat/getgrouplist.c stable/8/crypto/openssh/openbsd-compat/getrrsetbyname.c stable/8/crypto/openssh/openbsd-compat/glob.c stable/8/crypto/openssh/openbsd-compat/glob.h stable/8/crypto/openssh/openbsd-compat/inet_ntop.c stable/8/crypto/openssh/openbsd-compat/mktemp.c stable/8/crypto/openssh/openbsd-compat/openbsd-compat.h stable/8/crypto/openssh/openbsd-compat/openssl-compat.c stable/8/crypto/openssh/openbsd-compat/openssl-compat.h stable/8/crypto/openssh/openbsd-compat/port-linux.c stable/8/crypto/openssh/openbsd-compat/port-linux.h stable/8/crypto/openssh/openbsd-compat/port-solaris.c stable/8/crypto/openssh/openbsd-compat/port-solaris.h stable/8/crypto/openssh/openbsd-compat/port-tun.c stable/8/crypto/openssh/openbsd-compat/port-uw.c stable/8/crypto/openssh/openbsd-compat/setenv.c stable/8/crypto/openssh/openbsd-compat/sha2.c (contents, props changed) stable/8/crypto/openssh/openbsd-compat/sha2.h (contents, props changed) stable/8/crypto/openssh/openbsd-compat/strlcpy.c stable/8/crypto/openssh/packet.c stable/8/crypto/openssh/packet.h stable/8/crypto/openssh/pathnames.h stable/8/crypto/openssh/platform.c stable/8/crypto/openssh/platform.h stable/8/crypto/openssh/readconf.c stable/8/crypto/openssh/readconf.h stable/8/crypto/openssh/readpass.c stable/8/crypto/openssh/roaming.h stable/8/crypto/openssh/roaming_client.c stable/8/crypto/openssh/roaming_common.c stable/8/crypto/openssh/schnorr.c stable/8/crypto/openssh/scp.1 stable/8/crypto/openssh/scp.c stable/8/crypto/openssh/servconf.c stable/8/crypto/openssh/servconf.h stable/8/crypto/openssh/serverloop.c stable/8/crypto/openssh/session.c stable/8/crypto/openssh/sftp-client.c stable/8/crypto/openssh/sftp-client.h stable/8/crypto/openssh/sftp-glob.c stable/8/crypto/openssh/sftp-server.c stable/8/crypto/openssh/sftp.1 stable/8/crypto/openssh/sftp.c stable/8/crypto/openssh/ssh-add.1 stable/8/crypto/openssh/ssh-add.c stable/8/crypto/openssh/ssh-agent.1 stable/8/crypto/openssh/ssh-agent.c stable/8/crypto/openssh/ssh-dss.c stable/8/crypto/openssh/ssh-keygen.1 stable/8/crypto/openssh/ssh-keygen.c stable/8/crypto/openssh/ssh-keyscan.1 stable/8/crypto/openssh/ssh-keyscan.c stable/8/crypto/openssh/ssh-keysign.8 stable/8/crypto/openssh/ssh-keysign.c stable/8/crypto/openssh/ssh-pkcs11-client.c stable/8/crypto/openssh/ssh-pkcs11-helper.c stable/8/crypto/openssh/ssh-pkcs11.c stable/8/crypto/openssh/ssh-rsa.c stable/8/crypto/openssh/ssh.1 stable/8/crypto/openssh/ssh.c stable/8/crypto/openssh/ssh.h stable/8/crypto/openssh/ssh2.h stable/8/crypto/openssh/ssh_config stable/8/crypto/openssh/ssh_config.5 stable/8/crypto/openssh/ssh_namespace.h stable/8/crypto/openssh/sshconnect.c stable/8/crypto/openssh/sshconnect.h stable/8/crypto/openssh/sshconnect2.c stable/8/crypto/openssh/sshd.8 stable/8/crypto/openssh/sshd.c stable/8/crypto/openssh/sshd_config stable/8/crypto/openssh/sshd_config.5 stable/8/crypto/openssh/sshlogin.c stable/8/crypto/openssh/umac.c stable/8/crypto/openssh/uuencode.c stable/8/crypto/openssh/uuencode.h stable/8/crypto/openssh/version.h stable/8/etc/rc.d/sshd stable/8/secure/lib/libssh/Makefile stable/8/secure/usr.bin/ssh/Makefile stable/8/secure/usr.sbin/sshd/Makefile stable/8/share/mk/bsd.own.mk Directory Properties: stable/8/crypto/openssh/ (props changed) stable/8/etc/ (props changed) stable/8/secure/lib/libssh/ (props changed) stable/8/secure/usr.bin/ssh/ (props changed) stable/8/secure/usr.sbin/sshd/ (props changed) stable/8/share/mk/ (props changed) stable/8/tools/build/options/ (props changed) Modified: stable/8/crypto/openssh/ChangeLog ============================================================================== --- stable/8/crypto/openssh/ChangeLog Fri Mar 1 01:47:11 2013 (r247520) +++ stable/8/crypto/openssh/ChangeLog Fri Mar 1 02:06:04 2013 (r247521) @@ -1,2627 +1,2349 @@ -20100307 +20120828 + - (djm) Release openssh-6.1 + +20120828 + - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN + for compatibility with future mingw-w64 headers. Patch from vinschen at + redhat com. + +20120822 + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update version numbers + +20120731 - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/03/07 22:16:01 + - jmc@cvs.openbsd.org 2012/07/06 06:38:03 [ssh-keygen.c] - make internal strptime string match strftime format; - suggested by vinschen AT redhat.com and markus@ - - djm@cvs.openbsd.org 2010/03/08 00:28:55 - [ssh-keygen.1] - document permit-agent-forwarding certificate constraint; patch from - stevesk@ - - djm@cvs.openbsd.org 2010/03/07 22:01:32 + missing full stop in usage(); + - djm@cvs.openbsd.org 2012/07/10 02:19:15 + [servconf.c servconf.h sshd.c sshd_config] + Turn on systrace sandboxing of pre-auth sshd by default for new installs + by shipping a config that overrides the current UsePrivilegeSeparation=yes + default. Make it easier to flip the default in the future by adding too. + prodded markus@ feedback dtucker@ "get it in" deraadt@ + - dtucker@cvs.openbsd.org 2012/07/13 01:35:21 + [servconf.c] + handle long comments in config files better. bz#2025, ok markus + - markus@cvs.openbsd.org 2012/07/22 18:19:21 [version.h] - openssh-5.4 - - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - crank version numbers - - (djm) Release OpenSSH-5.4p1 + openssh 6.1 -20100307 - - (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that - it gets the passwd struct from the LAM that knows about the user which is - not necessarily the default. Patch from Alexandre Letourneau. - - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and - do not set real uid, since that's needed for the chroot, and will be set - by permanently_set_uid. - - (dtucker) [session.c] Also initialize creds to NULL for handing to - setpcred. - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2010/03/07 11:57:13 - [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c] - Hold authentication debug messages until after successful authentication. - Fixes an info leak of environment variables specified in authorized_keys, - reported by Jacob Appelbaum. ok djm@ +20120720 + - (dtucker) Import regened moduli file. -20100305 - - OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2010/03/04 12:51:25 - [ssh.1 sshd_config.5] - tweak previous; - - djm@cvs.openbsd.org 2010/03/04 20:35:08 - [ssh-keygen.1 ssh-keygen.c] - Add a -L flag to print the contents of a certificate; ok markus@ - - jmc@cvs.openbsd.org 2010/03/04 22:52:40 - [ssh-keygen.1] - fix Bk/Ek; - - djm@cvs.openbsd.org 2010/03/04 23:17:25 - [sshd_config.5] - missing word; spotted by jmc@ - - djm@cvs.openbsd.org 2010/03/04 23:19:29 - [ssh.1 sshd.8] - move section on CA and revoked keys from ssh.1 to sshd.8's known hosts - format section and rework it a bit; requested by jmc@ - - djm@cvs.openbsd.org 2010/03/04 23:27:25 - [auth-options.c ssh-keygen.c] - "force-command" is not spelled "forced-command"; spotted by - imorgan AT nas.nasa.gov - - djm@cvs.openbsd.org 2010/03/05 02:58:11 - [auth.c] - make the warning for a revoked key louder and more noticable - - jmc@cvs.openbsd.org 2010/03/05 06:50:35 - [ssh.1 sshd.8] - tweak previous; - - jmc@cvs.openbsd.org 2010/03/05 08:31:20 - [ssh.1] - document certificate authentication; help/ok djm - - djm@cvs.openbsd.org 2010/03/05 10:28:21 - [ssh-add.1 ssh.1 ssh_config.5] - mention loading of certificate files from [private]-cert.pub when - they are present; feedback and ok jmc@ - - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older - compilers. OK djm@ - - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure - on some platforms - - (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@ - -20100304 - - (djm) [ssh-keygen.c] Use correct local variable, instead of - maybe-undefined global "optarg" - - (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq - on XFree86-devel with neutral /usr/include/X11/Xlib.h; - imorgan AT nas.nasa.gov in bz#1731 - - (djm) [.cvsignore] Ignore ssh-pkcs11-helper - - (djm) [regress/Makefile] Cleanup sshd_proxy_orig - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/03/03 01:44:36 - [auth-options.c key.c] - reject strings with embedded ASCII nul chars in certificate key IDs, - principal names and constraints - - djm@cvs.openbsd.org 2010/03/03 22:49:50 - [sshd.8] - the authorized_keys option for CA keys is "cert-authority", not - "from=cert-authority". spotted by imorgan AT nas.nasa.gov - - djm@cvs.openbsd.org 2010/03/03 22:50:40 - [PROTOCOL.certkeys] - s/similar same/similar/; from imorgan AT nas.nasa.gov - - djm@cvs.openbsd.org 2010/03/04 01:44:57 - [key.c] - use buffer_get_string_ptr_ret() where we are checking the return - value explicitly instead of the fatal()-causing buffer_get_string_ptr() - - djm@cvs.openbsd.org 2010/03/04 10:36:03 - [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c] - [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h] - [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5] - Add a TrustedUserCAKeys option to sshd_config to specify CA keys that - are trusted to authenticate users (in addition than doing it per-user - in authorized_keys). - - Add a RevokedKeys option to sshd_config and a @revoked marker to - known_hosts to allow keys to me revoked and banned for user or host - authentication. - - feedback and ok markus@ - - djm@cvs.openbsd.org 2010/03/03 00:47:23 - [regress/cert-hostkey.sh regress/cert-userkey.sh] - add an extra test to ensure that authentication with the wrong - certificate fails as it should (and it does) - - djm@cvs.openbsd.org 2010/03/04 10:38:23 - [regress/cert-hostkey.sh regress/cert-userkey.sh] - additional regression tests for revoked keys and TrustedUserCAKeys +20120706 + - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is + not available. Allows use of sshd compiled on host with a filter-capable + kernel on hosts that lack the support. bz#2011 ok dtucker@ + - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no + unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT + esperi.org.uk; ok dtucker@ +- (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/07/06 00:41:59 + [moduli.c ssh-keygen.1 ssh-keygen.c] + Add options to specify starting line number and number of lines to process + when screening moduli candidates. This allows processing of different + parts of a candidate moduli file in parallel. man page help jmc@, ok djm@ + - djm@cvs.openbsd.org 2012/07/06 01:37:21 + [mux.c] + fix memory leak of passed-in environment variables and connection + context when new session message is malformed; bz#2003 from Bert.Wesarg + AT googlemail.com + - djm@cvs.openbsd.org 2012/07/06 01:47:38 + [ssh.c] + move setting of tty_flag to after config parsing so RequestTTY options + are correctly picked up. bz#1995 patch from przemoc AT gmail.com; + ok dtucker@ + +20120704 + - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for + platforms that don't have it. "looks good" tim@ + +20120703 + - (dtucker) [configure.ac] Detect platforms that can't use select(2) with + setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those. + - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not + setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its + benefit is minor, so it's not worth disabling the sandbox if it doesn't + work. + +20120702 +- (dtucker) OpenBSD CVS Sync + - naddy@cvs.openbsd.org 2012/06/29 13:57:25 + [ssh_config.5 sshd_config.5] + match the documented MAC order of preference to the actual one; + ok dtucker@ + - markus@cvs.openbsd.org 2012/06/30 14:35:09 + [sandbox-systrace.c sshd.c] + fix a during the load of the sandbox policies (child can still make + the read-syscall and wait forever for systrace-answers) by replacing + the read/write synchronisation with SIGSTOP/SIGCONT; + report and help hshoexer@; ok djm@, dtucker@ + - dtucker@cvs.openbsd.org 2012/07/02 08:50:03 + [ssh.c] + set interactive ToS for forwarded X11 sessions. ok djm@ + - dtucker@cvs.openbsd.org 2012/07/02 12:13:26 + [ssh-pkcs11-helper.c sftp-client.c] + fix a couple of "assigned but not used" warnings. ok markus@ + - dtucker@cvs.openbsd.org 2012/07/02 14:37:06 + [regress/connect-privsep.sh] + remove exit from end of test since it prevents reporting failure + - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh] + Move cygwin detection to test-exec and use to skip reexec test on cygwin. + - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k. -20100303 - - (djm) [PROTOCOL.certkeys] Add RCS Ident +20120629 - OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2010/02/26 22:09:28 - [ssh-keygen.1 ssh.1 sshd.8] - tweak previous; - - otto@cvs.openbsd.org 2010/03/01 11:07:06 - [ssh-add.c] - zap what seems to be a left-over debug message; ok markus@ - - djm@cvs.openbsd.org 2010/03/02 23:20:57 - [ssh-keygen.c] - POSIX strptime is stricter than OpenBSD's so do a little dance to - appease it. - - (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too - -20100302 - - (tim) [config.guess config.sub] Bug 1722: Update to latest versions from - http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22 - respectively). - -20100301 - - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace - "echo -n" with "echon" for portability. - - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM - adjust log at verbose only, since according to cjwatson in bug #1470 - some virtualization platforms don't allow writes. - -20100228 - - (djm) [auth.c] On Cygwin, refuse usernames that have differences in - case from that matched in the system password database. On this - platform, passwords are stored case-insensitively, but sshd requires - exact case matching for Match blocks in sshd_config(5). Based on - a patch from vinschen AT redhat.com. - - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions - to make older compilers (gcc 2.95) happy. - -20100227 - - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded - - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment - variables copied into sshd child processes. From vinschen AT redhat.com - -20100226 - - OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/02/26 20:29:54 - [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c] - [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c] - [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c] - [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c] - [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c] - [sshconnect2.c sshd.8 sshd.c sshd_config.5] - Add support for certificate key types for users and hosts. - - OpenSSH certificate key types are not X.509 certificates, but a much - simpler format that encodes a public key, identity information and - some validity constraints and signs it with a CA key. CA keys are - regular SSH keys. This certificate style avoids the attack surface - of X.509 certificates and is very easy to deploy. - - Certified host keys allow automatic acceptance of new host keys - when a CA certificate is marked as trusted in ~/.ssh/known_hosts. - see VERIFYING HOST KEYS in ssh(1) for details. - - Certified user keys allow authentication of users when the signing - CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS - FILE FORMAT" in sshd(8) for details. - - Certificates are minted using ssh-keygen(1), documentation is in - the "CERTIFICATES" section of that manpage. - - Documentation on the format of certificates is in the file - PROTOCOL.certkeys - - feedback and ok markus@ - - djm@cvs.openbsd.org 2010/02/26 20:33:21 - [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh] - regression tests for certified keys - -20100224 - - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] - [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/02/11 20:37:47 - [pathnames.h] - correct comment - - dtucker@cvs.openbsd.org 2009/11/09 04:20:04 - [regress/Makefile] - add regression test for ssh-keygen pubkey conversions - - dtucker@cvs.openbsd.org 2010/01/11 02:53:44 - [regress/forwarding.sh] - regress test for stdio forwarding - - djm@cvs.openbsd.org 2010/02/09 04:57:36 + - dtucker@cvs.openbsd.org 2012/06/21 00:16:07 + [addrmatch.c] + fix strlcpy truncation check. from carsten at debian org, ok markus + - dtucker@cvs.openbsd.org 2012/06/22 12:30:26 + [monitor.c sshconnect2.c] + remove dead code following 'for (;;)' loops. + From Steve.McClellan at radisys com, ok markus@ + - dtucker@cvs.openbsd.org 2012/06/22 14:36:33 + [sftp.c] + Remove unused variable leftover from tab-completion changes. + From Steve.McClellan at radisys com, ok markus@ + - dtucker@cvs.openbsd.org 2012/06/26 11:02:30 + [sandbox-systrace.c] + Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation + sandbox" since malloc now uses it. From johnw.mail at gmail com. + - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 + [mac.c myproposal.h ssh_config.5 sshd_config.5] + Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed + from draft6 of the spec and will not be in the RFC when published. Patch + from mdb at juniper net via bz#2023, ok markus. + - naddy@cvs.openbsd.org 2012/06/29 13:57:25 + [ssh_config.5 sshd_config.5] + match the documented MAC order of preference to the actual one; ok dtucker@ + - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 [regress/addrmatch.sh] - clean up droppings - - djm@cvs.openbsd.org 2010/02/09 06:29:02 - [regress/Makefile] - turn on all the malloc(3) checking options when running regression - tests. this has caught a few bugs for me in the past; ok dtucker@ - - djm@cvs.openbsd.org 2010/02/24 06:21:56 - [regress/test-exec.sh] - wait for sshd to fully stop in cleanup() function; avoids races in tests - that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@ - - markus@cvs.openbsd.org 2010/02/08 10:52:47 - [regress/agent-pkcs11.sh] - test for PKCS#11 support (currently disabled) - - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper - - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage + Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests + to match. Feedback and ok djm@ markus@. + - djm@cvs.openbsd.org 2012/06/01 00:47:35 + [regress/multiplex.sh regress/forwarding.sh] + append to rather than truncate test log; bz#2013 from openssh AT + roumenpetrov.info + - djm@cvs.openbsd.org 2012/06/01 00:52:52 + [regress/sftp-cmds.sh] + don't delete .* on cleanup due to unintended env expansion; pointed out in + bz#2014 by openssh AT roumenpetrov.info + - dtucker@cvs.openbsd.org 2012/06/26 12:06:59 + [regress/connect-privsep.sh] + test sandbox with every malloc option + - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 + [regress/try-ciphers.sh regress/cipher-speed.sh] + Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed + from draft6 of the spec and will not be in the RFC when published. Patch + from mdb at juniper net via bz#2023, ok markus. + - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error. + - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have + the required functions in libcrypto. + +20120628 + - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null + pointer deref in the client when built with LDNS and using DNSSEC with a + CNAME. Patch from gregdlg+mr at hochet info. + +20120622 + - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as + can logon as a service. Patch from vinschen at redhat com. -20100212 +20120620 - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/02/02 22:49:34 - [bufaux.c] - make buffer_get_string_ret() really non-fatal in all cases (it was - using buffer_get_int(), which could fatal() on buffer empty); - ok markus dtucker - - markus@cvs.openbsd.org 2010/02/08 10:50:20 - [pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c] - [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5] - replace our obsolete smartcard code with PKCS#11. - ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf - ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 - provider (shared library) while ssh-agent(1) delegates PKCS#11 to - a forked a ssh-pkcs11-helper process. - PKCS#11 is currently a compile time option. - feedback and ok djm@; inspired by patches from Alon Bar-Lev - - jmc@cvs.openbsd.org 2010/02/08 22:03:05 - [ssh-add.1 ssh-keygen.1 ssh.1 ssh.c] + - djm@cvs.openbsd.org 2011/12/02 00:41:56 + [mux.c] + fix bz#1948: ssh -f doesn't fork for multiplexed connection. + ok dtucker@ + - djm@cvs.openbsd.org 2011/12/04 23:16:12 + [mux.c] + revert: + > revision 1.32 + > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 + > fix bz#1948: ssh -f doesn't fork for multiplexed connection. + > ok dtucker@ + it interacts badly with ControlPersist + - djm@cvs.openbsd.org 2012/01/07 21:11:36 + [mux.c] + fix double-free in new session handler + NB. Id sync only + - djm@cvs.openbsd.org 2012/05/23 03:28:28 + [dns.c dns.h key.c key.h ssh-keygen.c] + add support for RFC6594 SSHFP DNS records for ECDSA key types. + patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@ + - djm@cvs.openbsd.org 2012/06/01 00:49:35 + [PROTOCOL.mux] + correct types of port numbers (integers, not strings); bz#2004 from + bert.wesarg AT googlemail.com + - djm@cvs.openbsd.org 2012/06/01 01:01:22 + [mux.c] + fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg + AT googlemail.com + - dtucker@cvs.openbsd.org 2012/06/18 11:43:53 + [jpake.c] + correct sizeof usage. patch from saw at online.de, ok deraadt + - dtucker@cvs.openbsd.org 2012/06/18 11:49:58 + [ssh_config.5] + RSA instead of DSA twice. From Steve.McClellan at radisys com + - dtucker@cvs.openbsd.org 2012/06/18 12:07:07 + [ssh.1 sshd.8] + Remove mention of 'three' key files since there are now four. From + Steve.McClellan at radisys com. + - dtucker@cvs.openbsd.org 2012/06/18 12:17:18 + [ssh.1] + Clarify description of -W. Noted by Steve.McClellan at radisys com, + ok jmc + - markus@cvs.openbsd.org 2012/06/19 18:25:28 + [servconf.c servconf.h sshd_config.5] + sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups} + this allows 'Match LocalPort 1022' combined with 'AllowUser bauer' + ok djm@ (back in March) + - jmc@cvs.openbsd.org 2012/06/19 21:35:54 + [sshd_config.5] tweak previous; ok markus - - djm@cvs.openbsd.org 2010/02/09 00:50:36 - [ssh-agent.c] - fallout from PKCS#11: unbreak -D - - djm@cvs.openbsd.org 2010/02/09 00:50:59 + - djm@cvs.openbsd.org 2012/06/20 04:42:58 + [clientloop.c serverloop.c] + initialise accept() backoff timer to avoid EINVAL from select(2) in + rekeying + +20120519 + - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch + from cjwatson at debian org. + - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find + pkg-config so it does the right thing when cross-compiling. Patch from + cjwatson at debian org. +- (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 + [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] + Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests + to match. Feedback and ok djm@ markus@. + - dtucker@cvs.openbsd.org 2012/05/19 06:30:30 + [sshd_config.5] + Document PermitOpen none. bz#2001, patch from Loganaden Velvindron + +20120504 + - (dtucker) [configure.ac] Include rather than + to fix building on some plaforms. Fom bowman at math utah edu and + des at des no. + +20120427 + - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6 + platform rather than exiting early, so that we still clean up and return + success or failure to test-exec.sh + +20120426 + - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters + via Niels + - (djm) [auth-krb5.c] Save errno across calls that might modify it; + ok dtucker@ + +20120423 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/04/23 08:18:17 + [channels.c] + fix function proto/source mismatch + +20120422 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/02/29 11:21:26 [ssh-keygen.c] - fix -Wall - - djm@cvs.openbsd.org 2010/02/09 03:56:28 - [buffer.c buffer.h] - constify the arguments to buffer_len, buffer_ptr and buffer_dump - - djm@cvs.openbsd.org 2010/02/09 06:18:46 + allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ + - guenther@cvs.openbsd.org 2012/03/15 03:10:27 + [session.c] + root should always be excluded from the test for /etc/nologin instead + of having it always enforced even when marked as ignorenologin. This + regressed when the logic was incompletely flipped around in rev 1.251 + ok halex@ millert@ + - djm@cvs.openbsd.org 2012/03/28 07:23:22 + [PROTOCOL.certkeys] + explain certificate extensions/crit split rationale. Mention requirement + that each appear at most once per cert. + - dtucker@cvs.openbsd.org 2012/03/29 23:54:36 + [channels.c channels.h servconf.c] + Add PermitOpen none option based on patch from Loganaden Velvindron + (bz #1949). ok djm@ + - djm@cvs.openbsd.org 2012/04/11 13:16:19 + [channels.c channels.h clientloop.c serverloop.c] + don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a + while; ok deraadt@ markus@ + - djm@cvs.openbsd.org 2012/04/11 13:17:54 [auth.c] - unbreak ChrootDirectory+internal-sftp by skipping check for executable - shell when chrooting; reported by danh AT wzrd.com; ok dtucker@ - - markus@cvs.openbsd.org 2010/02/10 23:20:38 - [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5] - pkcs#11 is no longer optional; improve wording; ok jmc@ - - jmc@cvs.openbsd.org 2010/02/11 13:23:29 + Support "none" as an argument for AuthorizedPrincipalsFile to indicate + no file should be read. + - djm@cvs.openbsd.org 2012/04/11 13:26:40 + [sshd.c] + don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a + while; ok deraadt@ markus@ + - djm@cvs.openbsd.org 2012/04/11 13:34:17 + [ssh-keyscan.1 ssh-keyscan.c] + now that sshd defaults to offering ECDSA keys, ssh-keyscan should also + look for them by default; bz#1971 + - djm@cvs.openbsd.org 2012/04/12 02:42:32 + [servconf.c servconf.h sshd.c sshd_config sshd_config.5] + VersionAddendum option to allow server operators to append some arbitrary + text to the SSH-... banner; ok deraadt@ "don't care" markus@ + - djm@cvs.openbsd.org 2012/04/12 02:43:55 + [sshd_config sshd_config.5] + mention AuthorizedPrincipalsFile=none default + - djm@cvs.openbsd.org 2012/04/20 03:24:23 + [sftp.c] + setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...) + - jmc@cvs.openbsd.org 2012/04/20 16:26:22 [ssh.1] - libarary -> library; - - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c] - [scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java] - Remove obsolete smartcard support - - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] - Make it compile on OSX - - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c] - Use ssh_get_progname to fill __progname - - (djm) [configure.ac] Enable PKCS#11 support only when we find a working - dlopen() - -20100210 - - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for - getseuserbyname; patch from calebcase AT gmail.com via - cjwatson AT debian.org + use "brackets" instead of "braces", for consistency; -20100202 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/01/30 21:08:33 - [sshd.8] - debug output goes to stderr, not "the system log"; ok markus dtucker - - djm@cvs.openbsd.org 2010/01/30 21:12:08 - [channels.c] - fake local addr:port when stdio fowarding as some servers (Tectia at - least) validate that they are well-formed; - reported by imorgan AT nas.nasa.gov - ok dtucker +20120420 + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update for release 6.0 + - (djm) [README] Update URL to release notes. + - (djm) Release openssh-6.0 + +20120419 + - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil + contains openpty() but not login() + +20120404 + - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox + mode for Linux's new seccomp filter; patch from Will Drewry; feedback + and ok dtucker@ + +20120330 + - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING + file from spec file. From crighter at nuclioss com. + - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running + openssh binaries on a newer fix release than they were compiled on. + with and ok dtucker@ + - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect + assumptions when building on Cygwin; patch from Corinna Vinschen + +20120309 + - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux + systems where sshd is run in te wrong context. Patch from Sven + Vermeulen; ok dtucker@ + - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6 + addressed connections. ok dtucker@ + +20120224 + - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM + audit breakage in Solaris 11. Patch from Magnus Johansson. + +20120215 + - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for + unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c + ok dtucker@ + - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so + it actually works. + - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote + to work. Spotted by Angel Gonzalez + +20120214 + - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of + preserved Cygwin environment variables; from Corinna Vinschen -20100130 +20120211 - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/01/28 00:21:18 - [clientloop.c] - downgrade an error() to a debug() - this particular case can be hit in - normal operation for certain sequences of mux slave vs session closure - and is harmless - - djm@cvs.openbsd.org 2010/01/29 00:20:41 - [sshd.c] - set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com - ok dtucker@ - - djm@cvs.openbsd.org 2010/01/29 20:16:17 - [mux.c] - kill correct channel (was killing already-dead mux channel, not - its session channel) - - djm@cvs.openbsd.org 2010/01/30 02:54:53 + - djm@cvs.openbsd.org 2012/01/05 00:16:56 + [monitor.c] + memleak on error path + - djm@cvs.openbsd.org 2012/01/07 21:11:36 [mux.c] - don't mark channel as read failed if it is already closing; suppresses - harmless error messages when connecting to SSH.COM Tectia server - report by imorgan AT nas.nasa.gov - -20100129 - - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config() - after registering the hardware engines, which causes the openssl.cnf file to - be processed. See OpenSSL's man page for OPENSSL_config(3) for details. - Patch from Solomon Peachy, ok djm@. + fix double-free in new session handler + - miod@cvs.openbsd.org 2012/01/08 13:17:11 + [ssh-ecdsa.c] + Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron, + ok markus@ + - miod@cvs.openbsd.org 2012/01/16 20:34:09 + [ssh-pkcs11-client.c] + Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow. + While there, be sure to buffer_clear() between send_msg() and recv_msg(). + ok markus@ + - dtucker@cvs.openbsd.org 2012/01/18 21:46:43 + [clientloop.c] + Ensure that $DISPLAY contains only valid characters before using it to + extract xauth data so that it can't be used to play local shell + metacharacter games. Report from r00t_ati at ihteam.net, ok markus. + - markus@cvs.openbsd.org 2012/01/25 19:26:43 + [packet.c] + do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying; + ok dtucker@, djm@ + - markus@cvs.openbsd.org 2012/01/25 19:36:31 + [authfile.c] + memleak in key_load_file(); from Jan Klemkow + - markus@cvs.openbsd.org 2012/01/25 19:40:09 + [packet.c packet.h] + packet_read_poll() is not used anymore. + - markus@cvs.openbsd.org 2012/02/09 20:00:18 + [version.h] + move from 6.0-beta to 6.0 -20100128 - - (djm) OpenBSD CVS Sync - - djm@cvs.openbsd.org 2010/01/26 02:15:20 +20120206 + - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms + that don't support ECC. Patch from Phil Oleson + +20111219 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/12/02 00:41:56 [mux.c] - -Wuninitialized and remove a // comment; from portable - (Id sync only) - - djm@cvs.openbsd.org 2010/01/27 13:26:17 + fix bz#1948: ssh -f doesn't fork for multiplexed connection. + ok dtucker@ + - djm@cvs.openbsd.org 2011/12/02 00:43:57 + [mac.c] + fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before + HMAC_init (this change in policy seems insane to me) + ok dtucker@ + - djm@cvs.openbsd.org 2011/12/04 23:16:12 [mux.c] - fix bug introduced in mux rewrite: - - In a mux master, when a socket to a mux slave closes before its server - session (as may occur when the slave has been signalled), gracefully - close the server session rather than deleting its channel immediately. - A server may have more messages on that channel to send (e.g. an exit - message) that will fatal() the client if they are sent to a channel that - has been prematurely deleted. - - spotted by imorgan AT nas.nasa.gov - - djm@cvs.openbsd.org 2010/01/27 19:21:39 - [sftp.c] - add missing "p" flag to getopt optstring; - bz#1704 from imorgan AT nas.nasa.gov + revert: + > revision 1.32 + > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 + > fix bz#1948: ssh -f doesn't fork for multiplexed connection. + > ok dtucker@ + it interacts badly with ControlPersist + - djm@cvs.openbsd.org 2011/12/07 05:44:38 + [auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c] + fix some harmless and/or unreachable int overflows; + reported Xi Wang, ok markus@ -20100126 - - (djm) OpenBSD CVS Sync - - tedu@cvs.openbsd.org 2010/01/17 21:49:09 - [ssh-agent.1] - Correct and clarify ssh-add's password asking behavior. - Improved text dtucker and ok jmc - - dtucker@cvs.openbsd.org 2010/01/18 01:50:27 - [roaming_client.c] - s/long long unsigned/unsigned long long/, from tim via portable - (Id sync only, change already in portable) - - djm@cvs.openbsd.org 2010/01/26 01:28:35 - [channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c] - rewrite ssh(1) multiplexing code to a more sensible protocol. - - The new multiplexing code uses channels for the listener and - accepted control sockets to make the mux master non-blocking, so - no stalls when processing messages from a slave. - - avoid use of fatal() in mux master protocol parsing so an errant slave - process cannot take down a running master. - - implement requesting of port-forwards over multiplexed sessions. Any - port forwards requested by the slave are added to those the master has - established. - - add support for stdio forwarding ("ssh -W host:port ...") in mux slaves. - - document master/slave mux protocol so that other tools can use it to - control a running ssh(1). Note: there are no guarantees that this - protocol won't be incompatibly changed (though it is versioned). - - feedback Salvador Fandino, dtucker@ - channel changes ok markus@ - -20100122 - - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of - socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size - in Cygwin to 65535. Patch from Corinna Vinschen. - -20100117 - - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too. - - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions - snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf(). - -20100116 - - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h - so we correctly detect whether or not we have a native user_from_uid. - - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid - and group_from_gid. - - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by - Tim. - - (dtucker) OpenBSD CVS Sync - - markus@cvs.openbsd.org 2010/01/15 09:24:23 - [sftp-common.c] - unused - - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused - variable warnings. - - (dtucker) [openbsd-compat/openbsd-compat.h] Typo. - - (tim) [regress/portnum.sh] Shell portability fix. - - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native - getaddrinfo() is too old and limited for addr_pton() in addrmatch.c. - - (tim) [roaming_client.c] Use of is not really portable so we - use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/ - to keep USL compilers happy. - -20100115 - - (dtucker) OpenBSD CVS Sync - - jmc@cvs.openbsd.org 2010/01/13 12:48:34 - [sftp.1 sftp.c] - sftp.1: put ls -h in the right place - sftp.c: as above, plus add -p to get/put, and shorten their arg names - to keep the help usage nicely aligned - ok djm - - djm@cvs.openbsd.org 2010/01/13 23:47:26 - [auth.c] - when using ChrootDirectory, make sure we test for the existence of the - user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; - ok dtucker - - dtucker@cvs.openbsd.org 2010/01/14 23:41:49 - [sftp-common.c] - use user_from{uid,gid} to lookup up ids since it keeps a small cache. - ok djm - - guenther@cvs.openbsd.org 2010/01/15 00:05:22 - [sftp.c] - Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp - inherited SIGTERM as ignored it will still be able to kill the ssh it - starts. - ok dtucker@ - - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no - changes yet but there will be some to come). - - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability - for pwcache. Also, added caching of negative hits. - -20100114 - - (djm) [platform.h] Add missing prototype for - platform_krb5_get_principal_name - -20100113 - - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs. - - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18: - missing restore of SIGTTOU and some whitespace. - - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21. - - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22. - Fixes bz #1590, where sometimes you could not interrupt a connection while - ssh was prompting for a passphrase or password. - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2010/01/13 00:19:04 - [sshconnect.c auth.c] - Fix a couple of typos/mispellings in comments - - dtucker@cvs.openbsd.org 2010/01/13 01:10:56 - [key.c] - Ignore and log any Protocol 1 keys where the claimed size is not equal to - the actual size. Noted by Derek Martin, ok djm@ - - dtucker@cvs.openbsd.org 2010/01/13 01:20:20 - [canohost.c ssh-keysign.c sshconnect2.c] - Make HostBased authentication work with a ProxyCommand. bz #1569, patch - from imorgan at nas nasa gov, ok djm@ - - djm@cvs.openbsd.org 2010/01/13 01:40:16 - [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h] - support '-h' (human-readable units) for sftp's ls command, just like - ls(1); ok dtucker@ - - djm@cvs.openbsd.org 2010/01/13 03:48:13 - [servconf.c servconf.h sshd.c] - avoid run-time failures when specifying hostkeys via a relative - path by prepending the cwd in these cases; bz#1290; ok dtucker@ - - djm@cvs.openbsd.org 2010/01/13 04:10:50 +20111125 + - OpenBSD CVS Sync + - oga@cvs.openbsd.org 2011/11/16 12:24:28 [sftp.c] - don't append a space after inserting a completion of a directory (i.e. - a path ending in '/') for a slightly better user experience; ok dtucker@ - - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef. - - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG. - feedback and ok dtucker@ + Don't leak list in complete_cmd_parse if there are no commands found. + Discovered when I was ``borrowing'' this code for something else. + ok djm@ -20100112 - - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2010/01/11 01:39:46 - [ssh_config channels.c ssh.1 channels.h ssh.c] - Add a 'netcat mode' (ssh -W). This connects stdio on the client to a - single port forward on the server. This allows, for example, using ssh as - a ProxyCommand to route connections via intermediate servers. - bz #1618, man page help from jmc@, ok markus@ - - dtucker@cvs.openbsd.org 2010/01/11 04:46:45 - [authfile.c sshconnect2.c] - Do not prompt for a passphrase if we fail to open a keyfile, and log the - reason the open failed to debug. - bz #1693, found by tj AT castaglia org, ok djm@ - - djm@cvs.openbsd.org 2010/01/11 10:51:07 - [ssh-keygen.c] - when converting keys, truncate key comments at 72 chars as per RFC4716; - bz#1630 reported by tj AT castaglia.org; ok markus@ - - dtucker@cvs.openbsd.org 2010/01/12 00:16:47 - [authfile.c] - Fix bug introduced in r1.78 (incorrect brace location) that broke key auth. - Patch from joachim joachimschipper nl. - - djm@cvs.openbsd.org 2010/01/12 00:58:25 - [monitor_fdpass.c] - avoid spinning when fd passing on nonblocking sockets by calling poll() - in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@ - - djm@cvs.openbsd.org 2010/01/12 00:59:29 - [roaming_common.c] - delete with extreme prejudice a debug() that fired with every keypress; - ok dtucker deraadt - - dtucker@cvs.openbsd.org 2010/01/12 01:31:05 - [session.c] - Do not allow logins if /etc/nologin exists but is not readable by the user - logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@ - - djm@cvs.openbsd.org 2010/01/12 01:36:08 - [buffer.h bufaux.c] - add a buffer_get_string_ptr_ret() that does the same as - buffer_get_string_ptr() but does not fatal() on error; ok dtucker@ - - dtucker@cvs.openbsd.org 2010/01/12 08:33:17 - [session.c] - Add explicit stat so we reliably detect nologin with bad perms. - ok djm markus +20111121 + - (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@ -20100110 - - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] - Remove hacks add for RoutingDomain in preparation for its removal. +20111104 - (dtucker) OpenBSD CVS Sync - - dtucker@cvs.openbsd.org 2010/01/09 23:04:13 - [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h - ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c - readconf.h scp.1 sftp.1 ssh_config.5 misc.h] - Remove RoutingDomain from ssh since it's now not needed. It can be - replaced with "route exec" or "nc -V" as a proxycommand. "route exec" - also ensures that trafic such as DNS lookups stays withing the specified - routingdomain. For example (from reyk): - # route -T 2 exec /usr/sbin/sshd - or inherited from the parent process - $ route -T 2 exec sh - $ ssh 10.1.2.3 - ok deraadt@ markus@ stevesk@ reyk@ - - dtucker@cvs.openbsd.org 2010/01/10 03:51:17 - [servconf.c] - Add ChrootDirectory to sshd.c test-mode output - - dtucker@cvs.openbsd.org 2010/01/10 07:15:56 - [auth.c] - Output a debug if we can't open an existing keyfile. bz#1694, ok djm@ + - djm@cvs.openbsd.org 2011/10/18 05:15:28 + [ssh.c] + ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@ + - djm@cvs.openbsd.org 2011/10/18 23:37:42 + [ssh-add.c] + add -k to usage(); reminded by jmc@ + - djm@cvs.openbsd.org 2011/10/19 00:06:10 + [moduli.c] + s/tmpfile/tmp/ to make this -Wshadow clean + - djm@cvs.openbsd.org 2011/10/19 10:39:48 + [umac.c] + typo in comment; patch from Michael W. Bombardieri + - djm@cvs.openbsd.org 2011/10/24 02:10:46 + [ssh.c] + bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh + was incorrectly requesting the forward in both the control master and + slave. skip requesting it in the master to fix. ok markus@ + - djm@cvs.openbsd.org 2011/10/24 02:13:13 + [session.c] + bz#1859: send tty break to pty master instead of (probably already + closed) slave side; "looks good" markus@ + - dtucker@cvs.openbsd.org 011/11/04 00:09:39 + [moduli] + regenerated moduli file; ok deraadt + - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in + openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c] + bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library + which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr) + with some rework from myself and djm. ok djm. + +20111025 + - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file + fails. Patch from Corinna Vinschen. + +20111018 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/10/04 14:17:32 + [sftp-glob.c] + silence error spam for "ls */foo" in directory with files; bz#1683 + - dtucker@cvs.openbsd.org 2011/10/16 11:02:46 + [moduli.c ssh-keygen.1 ssh-keygen.c] + Add optional checkpoints for moduli screening. feedback & ok deraadt + - jmc@cvs.openbsd.org 2011/10/16 15:02:41 + [ssh-keygen.c] + put -K in the right place (usage()); + - stsp@cvs.openbsd.org 2011/10/16 15:51:39 + [moduli.c] + add missing includes to unbreak tree; fix from rpointel + - djm@cvs.openbsd.org 2011/10/18 04:58:26 + [auth-options.c key.c] + remove explict search for \0 in packet strings, this job is now done + implicitly by buffer_get_cstring; ok markus + - djm@cvs.openbsd.org 2011/10/18 05:00:48 + [ssh-add.1 ssh-add.c] + new "ssh-add -k" option to load plain keys (skipping certificates); + "looks ok" markus@ -20100109 - - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't - have it. - - (dtucker) [defines.h] define PRIu64 for platforms that don't have it. - - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef. *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***