From owner-svn-src-stable@FreeBSD.ORG Thu Feb 28 18:43:50 2013 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id DC1ADEB; Thu, 28 Feb 2013 18:43:50 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id C6A08B31; Thu, 28 Feb 2013 18:43:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id r1SIhovv004373; Thu, 28 Feb 2013 18:43:50 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id r1SIhoaq004371; Thu, 28 Feb 2013 18:43:50 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201302281843.r1SIhoaq004371@svn.freebsd.org> From: Dag-Erling Smørgrav Date: Thu, 28 Feb 2013 18:43:50 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org Subject: svn commit: r247485 - in stable/9: crypto/openssh crypto/openssh/openbsd-compat secure/lib/libssh secure/usr.sbin/sshd X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Feb 2013 18:43:50 -0000 Author: des Date: Thu Feb 28 18:43:50 2013 New Revision: 247485 URL: http://svnweb.freebsd.org/changeset/base/247485 Log: Pull in OpenSSH 6.1 from head. Added: stable/9/crypto/openssh/sandbox-darwin.c - copied unchanged from r226046, head/crypto/openssh/sandbox-darwin.c stable/9/crypto/openssh/sandbox-null.c - copied unchanged from r226046, head/crypto/openssh/sandbox-null.c stable/9/crypto/openssh/sandbox-rlimit.c - copied, changed from r226046, head/crypto/openssh/sandbox-rlimit.c stable/9/crypto/openssh/sandbox-systrace.c - copied, changed from r226046, head/crypto/openssh/sandbox-systrace.c stable/9/crypto/openssh/ssh-sandbox.h - copied unchanged from r226046, head/crypto/openssh/ssh-sandbox.h Deleted: stable/9/crypto/openssh/WARNING.RNG stable/9/crypto/openssh/ssh-rand-helper.8 stable/9/crypto/openssh/ssh-rand-helper.c stable/9/crypto/openssh/version.c Modified: stable/9/crypto/openssh/ChangeLog stable/9/crypto/openssh/INSTALL stable/9/crypto/openssh/LICENCE stable/9/crypto/openssh/PROTOCOL.certkeys stable/9/crypto/openssh/PROTOCOL.mux stable/9/crypto/openssh/README stable/9/crypto/openssh/aclocal.m4 stable/9/crypto/openssh/addrmatch.c stable/9/crypto/openssh/audit-bsm.c stable/9/crypto/openssh/audit-linux.c (contents, props changed) stable/9/crypto/openssh/auth-krb5.c stable/9/crypto/openssh/auth-options.c stable/9/crypto/openssh/auth-passwd.c stable/9/crypto/openssh/auth-rsa.c stable/9/crypto/openssh/auth-skey.c stable/9/crypto/openssh/auth.c stable/9/crypto/openssh/auth.h stable/9/crypto/openssh/auth2-gss.c stable/9/crypto/openssh/auth2-pubkey.c stable/9/crypto/openssh/auth2.c stable/9/crypto/openssh/authfd.c stable/9/crypto/openssh/authfile.c stable/9/crypto/openssh/authfile.h stable/9/crypto/openssh/channels.c stable/9/crypto/openssh/channels.h stable/9/crypto/openssh/clientloop.c stable/9/crypto/openssh/clientloop.h stable/9/crypto/openssh/compat.c stable/9/crypto/openssh/compat.h stable/9/crypto/openssh/config.guess stable/9/crypto/openssh/config.h stable/9/crypto/openssh/config.h.in stable/9/crypto/openssh/defines.h stable/9/crypto/openssh/dh.c stable/9/crypto/openssh/dns.c stable/9/crypto/openssh/dns.h stable/9/crypto/openssh/entropy.c stable/9/crypto/openssh/entropy.h stable/9/crypto/openssh/gss-serv.c stable/9/crypto/openssh/jpake.c stable/9/crypto/openssh/kex.c stable/9/crypto/openssh/key.c stable/9/crypto/openssh/key.h stable/9/crypto/openssh/log.c stable/9/crypto/openssh/log.h stable/9/crypto/openssh/loginrec.c (contents, props changed) stable/9/crypto/openssh/mac.c stable/9/crypto/openssh/misc.c stable/9/crypto/openssh/misc.h stable/9/crypto/openssh/moduli stable/9/crypto/openssh/moduli.5 stable/9/crypto/openssh/moduli.c stable/9/crypto/openssh/monitor.c stable/9/crypto/openssh/monitor.h stable/9/crypto/openssh/monitor_wrap.c stable/9/crypto/openssh/monitor_wrap.h stable/9/crypto/openssh/mux.c stable/9/crypto/openssh/myproposal.h stable/9/crypto/openssh/openbsd-compat/bsd-cygwin_util.c stable/9/crypto/openssh/openbsd-compat/bsd-cygwin_util.h stable/9/crypto/openssh/openbsd-compat/bsd-misc.h stable/9/crypto/openssh/openbsd-compat/getcwd.c stable/9/crypto/openssh/openbsd-compat/getgrouplist.c stable/9/crypto/openssh/openbsd-compat/getrrsetbyname.c stable/9/crypto/openssh/openbsd-compat/glob.c stable/9/crypto/openssh/openbsd-compat/inet_ntop.c stable/9/crypto/openssh/openbsd-compat/mktemp.c stable/9/crypto/openssh/openbsd-compat/openbsd-compat.h stable/9/crypto/openssh/openbsd-compat/openssl-compat.c stable/9/crypto/openssh/openbsd-compat/openssl-compat.h stable/9/crypto/openssh/openbsd-compat/port-linux.c stable/9/crypto/openssh/openbsd-compat/port-linux.h stable/9/crypto/openssh/openbsd-compat/setenv.c stable/9/crypto/openssh/openbsd-compat/sha2.c (contents, props changed) stable/9/crypto/openssh/openbsd-compat/sha2.h (contents, props changed) stable/9/crypto/openssh/openbsd-compat/strlcpy.c stable/9/crypto/openssh/packet.c stable/9/crypto/openssh/packet.h stable/9/crypto/openssh/pathnames.h stable/9/crypto/openssh/readconf.c stable/9/crypto/openssh/readconf.h stable/9/crypto/openssh/roaming.h stable/9/crypto/openssh/roaming_client.c stable/9/crypto/openssh/roaming_common.c stable/9/crypto/openssh/scp.1 stable/9/crypto/openssh/scp.c stable/9/crypto/openssh/servconf.c stable/9/crypto/openssh/servconf.h stable/9/crypto/openssh/serverloop.c stable/9/crypto/openssh/session.c stable/9/crypto/openssh/sftp-client.c stable/9/crypto/openssh/sftp-glob.c stable/9/crypto/openssh/sftp-server.c stable/9/crypto/openssh/sftp.1 stable/9/crypto/openssh/sftp.c stable/9/crypto/openssh/ssh-add.1 stable/9/crypto/openssh/ssh-add.c stable/9/crypto/openssh/ssh-agent.1 stable/9/crypto/openssh/ssh-agent.c stable/9/crypto/openssh/ssh-ecdsa.c (contents, props changed) stable/9/crypto/openssh/ssh-keygen.1 stable/9/crypto/openssh/ssh-keygen.c stable/9/crypto/openssh/ssh-keyscan.c stable/9/crypto/openssh/ssh-keysign.c stable/9/crypto/openssh/ssh-pkcs11-client.c stable/9/crypto/openssh/ssh-pkcs11-helper.c stable/9/crypto/openssh/ssh-pkcs11.c stable/9/crypto/openssh/ssh.1 stable/9/crypto/openssh/ssh.c stable/9/crypto/openssh/ssh_config stable/9/crypto/openssh/ssh_config.5 stable/9/crypto/openssh/ssh_namespace.h stable/9/crypto/openssh/sshconnect.c stable/9/crypto/openssh/sshconnect2.c stable/9/crypto/openssh/sshd.8 stable/9/crypto/openssh/sshd.c stable/9/crypto/openssh/sshd_config stable/9/crypto/openssh/sshd_config.5 stable/9/crypto/openssh/umac.c stable/9/crypto/openssh/version.h stable/9/secure/lib/libssh/Makefile stable/9/secure/usr.sbin/sshd/Makefile Directory Properties: stable/9/crypto/openssh/ (props changed) stable/9/crypto/openssh/bufec.c (props changed) stable/9/crypto/openssh/kexecdh.c (props changed) stable/9/crypto/openssh/kexecdhc.c (props changed) stable/9/crypto/openssh/kexecdhs.c (props changed) stable/9/crypto/openssh/openbsd-compat/charclass.h (props changed) stable/9/crypto/openssh/openbsd-compat/strptime.c (props changed) stable/9/crypto/openssh/openbsd-compat/timingsafe_bcmp.c (props changed) stable/9/secure/lib/libssh/ (props changed) stable/9/secure/usr.sbin/sshd/ (props changed) Modified: stable/9/crypto/openssh/ChangeLog ============================================================================== --- stable/9/crypto/openssh/ChangeLog Thu Feb 28 18:24:14 2013 (r247484) +++ stable/9/crypto/openssh/ChangeLog Thu Feb 28 18:43:50 2013 (r247485) @@ -1,13 +1,1089 @@ -20110403 +20120828 + - (djm) Release openssh-6.1 + +20120828 + - (dtucker) [openbsd-compat/bsd-cygwin_util.h] define WIN32_LEAN_AND_MEAN + for compatibility with future mingw-w64 headers. Patch from vinschen at + redhat com. + +20120822 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - [contrib/suse/openssh.spec] Prepare for 5.8p2 release. - - (djm) [version.h] crank version - - Release 5.8p2 - -20110329 - - (djm) [entropy.c] closefrom() before running ssh-rand-helper; leftover fds - noticed by tmraz AT redhat.com - + [contrib/suse/openssh.spec] Update version numbers + +20120731 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2012/07/06 06:38:03 + [ssh-keygen.c] + missing full stop in usage(); + - djm@cvs.openbsd.org 2012/07/10 02:19:15 + [servconf.c servconf.h sshd.c sshd_config] + Turn on systrace sandboxing of pre-auth sshd by default for new installs + by shipping a config that overrides the current UsePrivilegeSeparation=yes + default. Make it easier to flip the default in the future by adding too. + prodded markus@ feedback dtucker@ "get it in" deraadt@ + - dtucker@cvs.openbsd.org 2012/07/13 01:35:21 + [servconf.c] + handle long comments in config files better. bz#2025, ok markus + - markus@cvs.openbsd.org 2012/07/22 18:19:21 + [version.h] + openssh 6.1 + +20120720 + - (dtucker) Import regened moduli file. + +20120706 + - (djm) [sandbox-seccomp-filter.c] fallback to rlimit if seccomp filter is + not available. Allows use of sshd compiled on host with a filter-capable + kernel on hosts that lack the support. bz#2011 ok dtucker@ + - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no + unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT + esperi.org.uk; ok dtucker@ +- (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/07/06 00:41:59 + [moduli.c ssh-keygen.1 ssh-keygen.c] + Add options to specify starting line number and number of lines to process + when screening moduli candidates. This allows processing of different + parts of a candidate moduli file in parallel. man page help jmc@, ok djm@ + - djm@cvs.openbsd.org 2012/07/06 01:37:21 + [mux.c] + fix memory leak of passed-in environment variables and connection + context when new session message is malformed; bz#2003 from Bert.Wesarg + AT googlemail.com + - djm@cvs.openbsd.org 2012/07/06 01:47:38 + [ssh.c] + move setting of tty_flag to after config parsing so RequestTTY options + are correctly picked up. bz#1995 patch from przemoc AT gmail.com; + ok dtucker@ + +20120704 + - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for + platforms that don't have it. "looks good" tim@ + +20120703 + - (dtucker) [configure.ac] Detect platforms that can't use select(2) with + setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those. + - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or not + setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its + benefit is minor, so it's not worth disabling the sandbox if it doesn't + work. + +20120702 +- (dtucker) OpenBSD CVS Sync + - naddy@cvs.openbsd.org 2012/06/29 13:57:25 + [ssh_config.5 sshd_config.5] + match the documented MAC order of preference to the actual one; + ok dtucker@ + - markus@cvs.openbsd.org 2012/06/30 14:35:09 + [sandbox-systrace.c sshd.c] + fix a during the load of the sandbox policies (child can still make + the read-syscall and wait forever for systrace-answers) by replacing + the read/write synchronisation with SIGSTOP/SIGCONT; + report and help hshoexer@; ok djm@, dtucker@ + - dtucker@cvs.openbsd.org 2012/07/02 08:50:03 + [ssh.c] + set interactive ToS for forwarded X11 sessions. ok djm@ + - dtucker@cvs.openbsd.org 2012/07/02 12:13:26 + [ssh-pkcs11-helper.c sftp-client.c] + fix a couple of "assigned but not used" warnings. ok markus@ + - dtucker@cvs.openbsd.org 2012/07/02 14:37:06 + [regress/connect-privsep.sh] + remove exit from end of test since it prevents reporting failure + - (dtucker) [regress/reexec.sh regress/sftp-cmds.sh regress/test-exec.sh] + Move cygwin detection to test-exec and use to skip reexec test on cygwin. + - (dtucker) [regress/test-exec.sh] Correct uname for cygwin/w2k. + +20120629 + - OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/06/21 00:16:07 + [addrmatch.c] + fix strlcpy truncation check. from carsten at debian org, ok markus + - dtucker@cvs.openbsd.org 2012/06/22 12:30:26 + [monitor.c sshconnect2.c] + remove dead code following 'for (;;)' loops. + From Steve.McClellan at radisys com, ok markus@ + - dtucker@cvs.openbsd.org 2012/06/22 14:36:33 + [sftp.c] + Remove unused variable leftover from tab-completion changes. + From Steve.McClellan at radisys com, ok markus@ + - dtucker@cvs.openbsd.org 2012/06/26 11:02:30 + [sandbox-systrace.c] + Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation + sandbox" since malloc now uses it. From johnw.mail at gmail com. + - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 + [mac.c myproposal.h ssh_config.5 sshd_config.5] + Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed + from draft6 of the spec and will not be in the RFC when published. Patch + from mdb at juniper net via bz#2023, ok markus. + - naddy@cvs.openbsd.org 2012/06/29 13:57:25 + [ssh_config.5 sshd_config.5] + match the documented MAC order of preference to the actual one; ok dtucker@ + - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 + [regress/addrmatch.sh] + Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests + to match. Feedback and ok djm@ markus@. + - djm@cvs.openbsd.org 2012/06/01 00:47:35 + [regress/multiplex.sh regress/forwarding.sh] + append to rather than truncate test log; bz#2013 from openssh AT + roumenpetrov.info + - djm@cvs.openbsd.org 2012/06/01 00:52:52 + [regress/sftp-cmds.sh] + don't delete .* on cleanup due to unintended env expansion; pointed out in + bz#2014 by openssh AT roumenpetrov.info + - dtucker@cvs.openbsd.org 2012/06/26 12:06:59 + [regress/connect-privsep.sh] + test sandbox with every malloc option + - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 + [regress/try-ciphers.sh regress/cipher-speed.sh] + Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed + from draft6 of the spec and will not be in the RFC when published. Patch + from mdb at juniper net via bz#2023, ok markus. + - (dtucker) [myproposal.h] Remove trailing backslash to fix compile error. + - (dtucker) [key.c] ifdef out sha256 key types on platforms that don't have + the required functions in libcrypto. + +20120628 + - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null + pointer deref in the client when built with LDNS and using DNSSEC with a + CNAME. Patch from gregdlg+mr at hochet info. + +20120622 + - (dtucker) [contrib/cygwin/ssh-host-config] Ensure that user sshd runs as + can logon as a service. Patch from vinschen at redhat com. + +20120620 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/12/02 00:41:56 + [mux.c] + fix bz#1948: ssh -f doesn't fork for multiplexed connection. + ok dtucker@ + - djm@cvs.openbsd.org 2011/12/04 23:16:12 + [mux.c] + revert: + > revision 1.32 + > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 + > fix bz#1948: ssh -f doesn't fork for multiplexed connection. + > ok dtucker@ + it interacts badly with ControlPersist + - djm@cvs.openbsd.org 2012/01/07 21:11:36 + [mux.c] + fix double-free in new session handler + NB. Id sync only + - djm@cvs.openbsd.org 2012/05/23 03:28:28 + [dns.c dns.h key.c key.h ssh-keygen.c] + add support for RFC6594 SSHFP DNS records for ECDSA key types. + patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@ + - djm@cvs.openbsd.org 2012/06/01 00:49:35 + [PROTOCOL.mux] + correct types of port numbers (integers, not strings); bz#2004 from + bert.wesarg AT googlemail.com + - djm@cvs.openbsd.org 2012/06/01 01:01:22 + [mux.c] + fix memory leak when mux socket creation fails; bz#2002 from bert.wesarg + AT googlemail.com + - dtucker@cvs.openbsd.org 2012/06/18 11:43:53 + [jpake.c] + correct sizeof usage. patch from saw at online.de, ok deraadt + - dtucker@cvs.openbsd.org 2012/06/18 11:49:58 + [ssh_config.5] + RSA instead of DSA twice. From Steve.McClellan at radisys com + - dtucker@cvs.openbsd.org 2012/06/18 12:07:07 + [ssh.1 sshd.8] + Remove mention of 'three' key files since there are now four. From + Steve.McClellan at radisys com. + - dtucker@cvs.openbsd.org 2012/06/18 12:17:18 + [ssh.1] + Clarify description of -W. Noted by Steve.McClellan at radisys com, + ok jmc + - markus@cvs.openbsd.org 2012/06/19 18:25:28 + [servconf.c servconf.h sshd_config.5] + sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups} + this allows 'Match LocalPort 1022' combined with 'AllowUser bauer' + ok djm@ (back in March) + - jmc@cvs.openbsd.org 2012/06/19 21:35:54 + [sshd_config.5] + tweak previous; ok markus + - djm@cvs.openbsd.org 2012/06/20 04:42:58 + [clientloop.c serverloop.c] + initialise accept() backoff timer to avoid EINVAL from select(2) in + rekeying + +20120519 + - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch + from cjwatson at debian org. + - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to find + pkg-config so it does the right thing when cross-compiling. Patch from + cjwatson at debian org. +- (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2012/05/13 01:42:32 + [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] + Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests + to match. Feedback and ok djm@ markus@. + - dtucker@cvs.openbsd.org 2012/05/19 06:30:30 + [sshd_config.5] + Document PermitOpen none. bz#2001, patch from Loganaden Velvindron + +20120504 + - (dtucker) [configure.ac] Include rather than + to fix building on some plaforms. Fom bowman at math utah edu and + des at des no. + +20120427 + - (dtucker) [regress/addrmatch.sh] skip tests when running on a non-ipv6 + platform rather than exiting early, so that we still clean up and return + success or failure to test-exec.sh + +20120426 + - (djm) [auth-passwd.c] Handle crypt() returning NULL; from Paul Wouters + via Niels + - (djm) [auth-krb5.c] Save errno across calls that might modify it; + ok dtucker@ + +20120423 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/04/23 08:18:17 + [channels.c] + fix function proto/source mismatch + +20120422 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/02/29 11:21:26 + [ssh-keygen.c] + allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ + - guenther@cvs.openbsd.org 2012/03/15 03:10:27 + [session.c] + root should always be excluded from the test for /etc/nologin instead + of having it always enforced even when marked as ignorenologin. This + regressed when the logic was incompletely flipped around in rev 1.251 + ok halex@ millert@ + - djm@cvs.openbsd.org 2012/03/28 07:23:22 + [PROTOCOL.certkeys] + explain certificate extensions/crit split rationale. Mention requirement + that each appear at most once per cert. + - dtucker@cvs.openbsd.org 2012/03/29 23:54:36 + [channels.c channels.h servconf.c] + Add PermitOpen none option based on patch from Loganaden Velvindron + (bz #1949). ok djm@ + - djm@cvs.openbsd.org 2012/04/11 13:16:19 + [channels.c channels.h clientloop.c serverloop.c] + don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a + while; ok deraadt@ markus@ + - djm@cvs.openbsd.org 2012/04/11 13:17:54 + [auth.c] + Support "none" as an argument for AuthorizedPrincipalsFile to indicate + no file should be read. + - djm@cvs.openbsd.org 2012/04/11 13:26:40 + [sshd.c] + don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a + while; ok deraadt@ markus@ + - djm@cvs.openbsd.org 2012/04/11 13:34:17 + [ssh-keyscan.1 ssh-keyscan.c] + now that sshd defaults to offering ECDSA keys, ssh-keyscan should also + look for them by default; bz#1971 + - djm@cvs.openbsd.org 2012/04/12 02:42:32 + [servconf.c servconf.h sshd.c sshd_config sshd_config.5] + VersionAddendum option to allow server operators to append some arbitrary + text to the SSH-... banner; ok deraadt@ "don't care" markus@ + - djm@cvs.openbsd.org 2012/04/12 02:43:55 + [sshd_config sshd_config.5] + mention AuthorizedPrincipalsFile=none default + - djm@cvs.openbsd.org 2012/04/20 03:24:23 + [sftp.c] + setlinebuf(3) is more readable than setvbuf(.., _IOLBF, ...) + - jmc@cvs.openbsd.org 2012/04/20 16:26:22 + [ssh.1] + use "brackets" instead of "braces", for consistency; + +20120420 + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update for release 6.0 + - (djm) [README] Update URL to release notes. + - (djm) Release openssh-6.0 + +20120419 + - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutil + contains openpty() but not login() + +20120404 + - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandbox + mode for Linux's new seccomp filter; patch from Will Drewry; feedback + and ok dtucker@ + +20120330 + - (dtucker) [contrib/redhat/openssh.spec] Bug #1992: remove now-gone WARNING + file from spec file. From crighter at nuclioss com. + - (djm) [entropy.c] bz#1991: relax OpenSSL version test to allow running + openssh binaries on a newer fix release than they were compiled on. + with and ok dtucker@ + - (djm) [openbsd-compat/bsd-cygwin_util.h] #undef _WIN32 to avoid incorrect + assumptions when building on Cygwin; patch from Corinna Vinschen + +20120309 + - (djm) [openbsd-compat/port-linux.c] bz#1960: fix crash on SELinux + systems where sshd is run in te wrong context. Patch from Sven + Vermeulen; ok dtucker@ + - (djm) [packet.c] bz#1963: Fix IPQoS not being set on non-mapped v4-in-v6 + addressed connections. ok dtucker@ + +20120224 + - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSM + audit breakage in Solaris 11. Patch from Magnus Johansson. + +20120215 + - (tim) [openbsd-compat/bsd-misc.h sshd.c] Fix conflicting return type for + unsetenv due to rev 1.14 change to setenv.c. Cast unsetenv to void in sshd.c + ok dtucker@ + - (tim) [defines.h] move chunk introduced in 1.125 before MAXPATHLEN so + it actually works. + - (tim) [regress/keytype.sh] stderr redirection needs to be inside back quote + to work. Spotted by Angel Gonzalez + +20120214 + - (djm) [openbsd-compat/bsd-cygwin_util.c] Add PROGRAMFILES to list of + preserved Cygwin environment variables; from Corinna Vinschen + +20120211 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2012/01/05 00:16:56 + [monitor.c] + memleak on error path + - djm@cvs.openbsd.org 2012/01/07 21:11:36 + [mux.c] + fix double-free in new session handler + - miod@cvs.openbsd.org 2012/01/08 13:17:11 + [ssh-ecdsa.c] + Fix memory leak in ssh_ecdsa_verify(); from Loganaden Velvindron, + ok markus@ + - miod@cvs.openbsd.org 2012/01/16 20:34:09 + [ssh-pkcs11-client.c] + Fix a memory leak in pkcs11_rsa_private_encrypt(), reported by Jan Klemkow. + While there, be sure to buffer_clear() between send_msg() and recv_msg(). + ok markus@ + - dtucker@cvs.openbsd.org 2012/01/18 21:46:43 + [clientloop.c] + Ensure that $DISPLAY contains only valid characters before using it to + extract xauth data so that it can't be used to play local shell + metacharacter games. Report from r00t_ati at ihteam.net, ok markus. + - markus@cvs.openbsd.org 2012/01/25 19:26:43 + [packet.c] + do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying; + ok dtucker@, djm@ + - markus@cvs.openbsd.org 2012/01/25 19:36:31 + [authfile.c] + memleak in key_load_file(); from Jan Klemkow + - markus@cvs.openbsd.org 2012/01/25 19:40:09 + [packet.c packet.h] + packet_read_poll() is not used anymore. + - markus@cvs.openbsd.org 2012/02/09 20:00:18 + [version.h] + move from 6.0-beta to 6.0 + +20120206 + - (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms + that don't support ECC. Patch from Phil Oleson + +20111219 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/12/02 00:41:56 + [mux.c] + fix bz#1948: ssh -f doesn't fork for multiplexed connection. + ok dtucker@ + - djm@cvs.openbsd.org 2011/12/02 00:43:57 + [mac.c] + fix bz#1934: newer OpenSSL versions will require HMAC_CTX_Init before + HMAC_init (this change in policy seems insane to me) + ok dtucker@ + - djm@cvs.openbsd.org 2011/12/04 23:16:12 + [mux.c] + revert: + > revision 1.32 + > date: 2011/12/02 00:41:56; author: djm; state: Exp; lines: +4 -1 + > fix bz#1948: ssh -f doesn't fork for multiplexed connection. + > ok dtucker@ + it interacts badly with ControlPersist + - djm@cvs.openbsd.org 2011/12/07 05:44:38 + [auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c] + fix some harmless and/or unreachable int overflows; + reported Xi Wang, ok markus@ + +20111125 + - OpenBSD CVS Sync + - oga@cvs.openbsd.org 2011/11/16 12:24:28 + [sftp.c] + Don't leak list in complete_cmd_parse if there are no commands found. + Discovered when I was ``borrowing'' this code for something else. + ok djm@ + +20111121 + - (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@ + +20111104 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/10/18 05:15:28 + [ssh.c] + ssh(1): skip attempting to create ~/.ssh when -F is passed; ok markus@ + - djm@cvs.openbsd.org 2011/10/18 23:37:42 + [ssh-add.c] + add -k to usage(); reminded by jmc@ + - djm@cvs.openbsd.org 2011/10/19 00:06:10 + [moduli.c] + s/tmpfile/tmp/ to make this -Wshadow clean + - djm@cvs.openbsd.org 2011/10/19 10:39:48 + [umac.c] + typo in comment; patch from Michael W. Bombardieri + - djm@cvs.openbsd.org 2011/10/24 02:10:46 + [ssh.c] + bz#1943: unbreak stdio forwarding when ControlPersist is in user - ssh + was incorrectly requesting the forward in both the control master and + slave. skip requesting it in the master to fix. ok markus@ + - djm@cvs.openbsd.org 2011/10/24 02:13:13 + [session.c] + bz#1859: send tty break to pty master instead of (probably already + closed) slave side; "looks good" markus@ + - dtucker@cvs.openbsd.org 011/11/04 00:09:39 + [moduli] + regenerated moduli file; ok deraadt + - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in + openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c] + bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library + which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr) + with some rework from myself and djm. ok djm. + +20111025 + - (dtucker) [contrib/cygwin/Makefile] Continue if installing a doc file + fails. Patch from Corinna Vinschen. + +20111018 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/10/04 14:17:32 + [sftp-glob.c] + silence error spam for "ls */foo" in directory with files; bz#1683 + - dtucker@cvs.openbsd.org 2011/10/16 11:02:46 + [moduli.c ssh-keygen.1 ssh-keygen.c] + Add optional checkpoints for moduli screening. feedback & ok deraadt + - jmc@cvs.openbsd.org 2011/10/16 15:02:41 + [ssh-keygen.c] + put -K in the right place (usage()); + - stsp@cvs.openbsd.org 2011/10/16 15:51:39 + [moduli.c] + add missing includes to unbreak tree; fix from rpointel + - djm@cvs.openbsd.org 2011/10/18 04:58:26 + [auth-options.c key.c] + remove explict search for \0 in packet strings, this job is now done + implicitly by buffer_get_cstring; ok markus + - djm@cvs.openbsd.org 2011/10/18 05:00:48 + [ssh-add.1 ssh-add.c] + new "ssh-add -k" option to load plain keys (skipping certificates); + "looks ok" markus@ + +20111001 + - (dtucker) [openbsd-compat/mktemp.c] Fix compiler warning. ok djm + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2011/09/23 00:22:04 + [channels.c auth-options.c servconf.c channels.h sshd.8] + Add wildcard support to PermitOpen, allowing things like "PermitOpen + localhost:*". bz #1857, ok djm markus. + - markus@cvs.openbsd.org 2011/09/23 07:45:05 + [mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c + version.h] + unbreak remote portforwarding with dynamic allocated listen ports: + 1) send the actual listen port in the open message (instead of 0). + this allows multiple forwardings with a dynamic listen port + 2) update the matching permit-open entry, so we can identify where + to connect to + report: den at skbkontur.ru and P. Szczygielski + feedback and ok djm@ + - djm@cvs.openbsd.org 2011/09/25 05:44:47 + [auth2-pubkey.c] + improve the AuthorizedPrincipalsFile debug log message to include + file and line number + - dtucker@cvs.openbsd.org 2011/09/30 00:47:37 + [sshd.c] + don't attempt privsep cleanup when not using privsep; ok markus@ + - djm@cvs.openbsd.org 2011/09/30 21:22:49 + [sshd.c] + fix inverted test that caused logspam; spotted by henning@ + +20110929 + - (djm) [configure.ac defines.h] No need to detect sizeof(char); patch + from des AT des.no + - (dtucker) [configure.ac openbsd-compat/Makefile.in + openbsd-compat/strnlen.c] Add strnlen to the compat library. + +20110923 + - (djm) [openbsd-compat/getcwd.c] Remove OpenBSD rcsid marker since we no + longer want to sync this file (OpenBSD uses a __getcwd syscall now, we + want this longhand version) + - (djm) [openbsd-compat/getgrouplist.c] Remove OpenBSD rcsid marker: the + upstream version is YPified and we don't want this + - (djm) [openbsd-compat/mktemp.c] forklift upgrade to -current version. + The file was totally rewritten between what we had in tree and -current. + - (djm) [openbsd-compat/sha2.c openbsd-compat/sha2.h] Remove OpenBSD rcsid + marker. The upstream API has changed (function and structure names) + enough to put it out of sync with other providers of this interface. + - (djm) [openbsd-compat/setenv.c] Forklift upgrade, including inclusion + of static __findenv() function from upstream setenv.c + - OpenBSD CVS Sync + - millert@cvs.openbsd.org 2006/05/05 15:27:38 + [openbsd-compat/strlcpy.c] + Convert do {} while loop -> while {} for clarity. No binary change + on most architectures. From Oliver Smith. OK deraadt@ and henning@ + - tobias@cvs.openbsd.org 2007/10/21 11:09:30 + [openbsd-compat/mktemp.c] + Comment fix about time consumption of _gettemp. + FreeBSD did this in revision 1.20. + OK deraadt@, krw@ + - deraadt@cvs.openbsd.org 2008/07/22 21:47:45 + [openbsd-compat/mktemp.c] + use arc4random_uniform(); ok djm millert + - millert@cvs.openbsd.org 2008/08/21 16:54:44 + [openbsd-compat/mktemp.c] + Remove useless code, the kernel will set errno appropriately if an + element in the path does not exist. OK deraadt@ pvalchev@ + - otto@cvs.openbsd.org 2008/12/09 19:38:38 + [openbsd-compat/inet_ntop.c] + fix inet_ntop(3) prototype; ok millert@ libc to be bumbed very soon + +20110922 + - OpenBSD CVS Sync + - pyr@cvs.openbsd.org 2011/05/12 07:15:10 + [openbsd-compat/glob.c] + When the max number of items for a directory has reached GLOB_LIMIT_READDIR + an error is returned but closedir() is not called. + spotted and fix provided by Frank Denis obsd-tech@pureftpd.org + ok otto@, millert@ + - stsp@cvs.openbsd.org 2011/09/20 10:18:46 + [glob.c] + In glob(3), limit recursion during matching attempts. Similar to + fnmatch fix. Also collapse consecutive '*' (from NetBSD). + ok miod deraadt + - djm@cvs.openbsd.org 2011/09/22 06:27:29 + [glob.c] + fix GLOB_KEEPSTAT without GLOB_NOSORT; the implicit sort was being + applied only to the gl_pathv vector and not the corresponding gl_statv + array. reported in OpenSSH bz#1935; feedback and okay matthew@ + - djm@cvs.openbsd.org 2011/08/26 01:45:15 + [ssh.1] + Add some missing ssh_config(5) options that can be used in ssh(1)'s + -o argument. Patch from duclare AT guu.fi + - djm@cvs.openbsd.org 2011/09/05 05:56:13 + [scp.1 sftp.1] + mention ControlPersist and KbdInteractiveAuthentication in the -o + verbiage in these pages too (prompted by jmc@) + - djm@cvs.openbsd.org 2011/09/05 05:59:08 + [misc.c] + fix typo in IPQoS parsing: there is no "AF14" class, but there is + an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk + - jmc@cvs.openbsd.org 2011/09/05 07:01:44 + [scp.1] + knock out a useless Ns; + - deraadt@cvs.openbsd.org 2011/09/07 02:18:31 + [ssh-keygen.1] + typo (they vs the) found by Lawrence Teo + - djm@cvs.openbsd.org 2011/09/09 00:43:00 + [ssh_config.5 sshd_config.5] + fix typo in IPQoS parsing: there is no "AF14" class, but there is + an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk + - djm@cvs.openbsd.org 2011/09/09 00:44:07 + [PROTOCOL.mux] + MUX_C_CLOSE_FWD includes forward type in message (though it isn't + implemented anyway) + - djm@cvs.openbsd.org 2011/09/09 22:37:01 + [scp.c] + suppress adding '--' to remote commandlines when the first argument + does not start with '-'. saves breakage on some difficult-to-upgrade + embedded/router platforms; feedback & ok dtucker ok markus + - djm@cvs.openbsd.org 2011/09/09 22:38:21 + [sshd.c] + kill the preauth privsep child on fatal errors in the monitor; + ok markus@ + - djm@cvs.openbsd.org 2011/09/09 22:46:44 + [channels.c channels.h clientloop.h mux.c ssh.c] + support for cancelling local and remote port forwards via the multiplex + socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request + the cancellation of the specified forwardings; ok markus@ + - markus@cvs.openbsd.org 2011/09/10 22:26:34 + [channels.c channels.h clientloop.c ssh.1] + support cancellation of local/dynamic forwardings from ~C commandline; + ok & feedback djm@ + - okan@cvs.openbsd.org 2011/09/11 06:59:05 + [ssh.1] + document new -O cancel command; ok djm@ + - markus@cvs.openbsd.org 2011/09/11 16:07:26 + [sftp-client.c] + fix leaks in do_hardlink() and do_readlink(); bz#1921 + from Loganaden Velvindron + - markus@cvs.openbsd.org 2011/09/12 08:46:15 + [sftp-client.c] + fix leak in do_lsreaddir(); ok djm + - djm@cvs.openbsd.org 2011/09/22 06:29:03 + [sftp.c] + don't let remote_glob() implicitly sort its results in do_globbed_ls() - + in all likelihood, they will be resorted anyway + +20110909 + - (dtucker) [entropy.h] Bug #1932: remove old definition of init_rng. From + Colin Watson. + +20110906 + - (djm) [README version.h] Correct version + - (djm) [contrib/redhat/openssh.spec] Correct restorcon => restorecon + - (djm) Respin OpenSSH-5.9p1 release + +20110905 + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update version numbers. + +20110904 + - (djm) [regress/connect-privsep.sh regress/test-exec.sh] demote fatal + regress errors for the sandbox to warnings. ok tim dtucker + - (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929: add null implementations + ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen + support. + +20110829 + - (djm) [openbsd-compat/port-linux.c] Suppress logging when attempting + to switch SELinux context away from unconfined_t, based on patch from + Jan Chadima; bz#1919 ok dtucker@ + +20110827 + - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey. + +20110818 + - (tim) [configure.ac] Typo in error message spotted by Andy Tsouladze + +20110817 + - (tim) [mac.c myproposal.h] Wrap SHA256 and SHA512 in ifdefs for + OpenSSL 0.9.7. ok djm + - (djm) [ openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h] + binary_pipe is no longer required on Cygwin; patch from Corinna Vinschen + - (djm) [configure.ac] error out if the host lacks the necessary bits for + an explicitly requested sandbox type + - (djm) [contrib/ssh-copy-id] Missing backlslash; spotted by + bisson AT archlinux.org + - (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2011/06/03 05:35:10 + [regress/cfgmatch.sh] + use OBJ to find test configs, patch from Tim Rice + - markus@cvs.openbsd.org 2011/06/30 22:44:43 + [regress/connect-privsep.sh] + test with sandbox enabled; ok djm@ + - djm@cvs.openbsd.org 2011/08/02 01:23:41 + [regress/cipher-speed.sh regress/try-ciphers.sh] + add SHA256/SHA512 based HMAC modes + - (djm) [regress/cipher-speed.sh regress/try-ciphers.sh] disable HMAC-SHA2 + MAC tests for platforms that hack EVP_SHA2 support + +20110812 + - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context + change error by reporting old and new context names Patch from + jchadima at redhat. + - (djm) [contrib/redhat/openssh.spec contrib/redhat/sshd.init] + [contrib/suse/openssh.spec contrib/suse/rc.sshd] Updated RHEL and SLES + init scrips from imorgan AT nas.nasa.gov; bz#1920 + - (djm) [contrib/ssh-copy-id] Fix failure for cases where the path to the + identify file contained whitespace. bz#1828 patch from gwenael.lambrouin + AT gmail.com; ok dtucker@ + +20110807 + - (dtucker) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2008/06/26 06:59:39 + [moduli.5] + tweak previous; + - sobrado@cvs.openbsd.org 2009/10/28 08:56:54 + [moduli.5] + "Diffie-Hellman" is the usual spelling for the cryptographic protocol + first published by Whitfield Diffie and Martin Hellman in 1976. + ok jmc@ + - jmc@cvs.openbsd.org 2010/10/14 20:41:28 + [moduli.5] + probabalistic -> probabilistic; from naddy + - dtucker@cvs.openbsd.org 2011/08/07 12:55:30 + [sftp.1] + typo, fix from Laurent Gautrot + +20110805 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/06/23 23:35:42 + [monitor.c] + ignore EINTR errors from poll() + - tedu@cvs.openbsd.org 2011/07/06 18:09:21 + [authfd.c] + bzero the agent address. the kernel was for a while very cranky about + these things. evne though that's fixed, always good to initialize + memory. ok deraadt djm + - djm@cvs.openbsd.org 2011/07/29 14:42:45 + [sandbox-systrace.c] + fail open(2) with EPERM rather than SIGKILLing the whole process. libc + will call open() to do strerror() when NLS is enabled; + feedback and ok markus@ + - markus@cvs.openbsd.org 2011/08/01 19:18:15 + [gss-serv.c] + prevent post-auth resource exhaustion (int overflow leading to 4GB malloc); + report Adam Zabrock; ok djm@, deraadt@ + - djm@cvs.openbsd.org 2011/08/02 01:22:11 + [mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5] + Add new SHA256 and SHA512 based HMAC modes from + http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt + Patch from mdb AT juniper.net; feedback and ok markus@ + - djm@cvs.openbsd.org 2011/08/02 23:13:01 + [version.h] + crank now, release later + - djm@cvs.openbsd.org 2011/08/02 23:15:03 + [ssh.c] + typo in comment + +20110624 + - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox for + Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing + markus@ + +20110623 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/06/22 21:47:28 + [servconf.c] + reuse the multistate option arrays to pretty-print options for "sshd -T" + - djm@cvs.openbsd.org 2011/06/22 21:57:01 + [servconf.c servconf.h sshd.c sshd_config.5] + [configure.ac Makefile.in] + introduce sandboxing of the pre-auth privsep child using systrace(4). + + This introduces a new "UsePrivilegeSeparation=sandbox" option for + sshd_config that applies mandatory restrictions on the syscalls the + privsep child can perform. This prevents a compromised privsep child + from being used to attack other hosts (by opening sockets and proxying) + or probing local kernel attack surface. + + The sandbox is implemented using systrace(4) in unsupervised "fast-path" + mode, where a list of permitted syscalls is supplied. Any syscall not + on the list results in SIGKILL being sent to the privsep child. Note + that this requires a kernel with the new SYSTR_POLICY_KILL option. + + UsePrivilegeSeparation=sandbox will become the default in the future + so please start testing it now. + + feedback dtucker@; ok markus@ + - djm@cvs.openbsd.org 2011/06/22 22:08:42 + [channels.c channels.h clientloop.c clientloop.h mux.c ssh.c] + hook up a channel confirm callback to warn the user then requested X11 + forwarding was refused by the server; ok markus@ + - djm@cvs.openbsd.org 2011/06/23 09:34:13 + [sshd.c ssh-sandbox.h sandbox.h sandbox-rlimit.c sandbox-systrace.c] + [sandbox-null.c] + rename sandbox.h => ssh-sandbox.h to make things easier for portable + - (djm) [sandbox-null.c] Dummy sandbox for platforms that don't support + setrlimit(2) + +20110620 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/06/04 00:10:26 + [ssh_config.5] + explain IdentifyFile's semantics a little better, prompted by bz#1898 + ok dtucker jmc + - markus@cvs.openbsd.org 2011/06/14 22:49:18 + [authfile.c] + make sure key_parse_public/private_rsa1() no longer consumes its input + buffer. fixes ssh-add for passphrase-protected ssh1-keys; + noted by naddy@; ok djm@ + - djm@cvs.openbsd.org 2011/06/17 21:44:31 + [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c] + make the pre-auth privsep slave log via a socketpair shared with the + monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@ + - djm@cvs.openbsd.org 2011/06/17 21:46:16 + [sftp-server.c] + the protocol version should be unsigned; bz#1913 reported by mb AT + smartftp.com + - djm@cvs.openbsd.org 2011/06/17 21:47:35 + [servconf.c] + factor out multi-choice option parsing into a parse_multistate label + and some support structures; ok dtucker@ + - djm@cvs.openbsd.org 2011/06/17 21:57:25 + [clientloop.c] + setproctitle for a mux master that has been gracefully stopped; + bz#1911 from Bert.Wesarg AT googlemail.com + +20110603 + - (dtucker) [README version.h contrib/caldera/openssh.spec + contrib/redhat/openssh.spec contrib/suse/openssh.spec] Pull the version + bumps from the 5.8p2 branch into HEAD. ok djm. + - (tim) [configure.ac defines.h] Run test program to detect system mail + directory. Add --with-maildir option to override. Fixed OpenServer 6 + getting it wrong. Fixed many systems having MAIL=/var/mail//username + ok dtucker + - (dtucker) [monitor.c] Remove the !HAVE_SOCKETPAIR case. We use socketpair + unconditionally in other places and the survey data we have does not show + any systems that use it. "nuke it" djm@ + - (djm) [configure.ac] enable setproctitle emulation for OS X + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/06/03 00:54:38 + [ssh.c] + bz#1883 - setproctitle() to identify mux master; patch from Bert.Wesarg + AT googlemail.com; ok dtucker@ + NB. includes additional portability code to enable setproctitle emulation + on platforms that don't support it. + - dtucker@cvs.openbsd.org 2011/06/03 01:37:40 + [ssh-agent.c] + Check current parent process ID against saved one to determine if the parent + has exited, rather than attempting to send a zero signal, since the latter + won't work if the parent has changed privs. bz#1905, patch from Daniel Kahn + Gillmor, ok djm@ + - dtucker@cvs.openbsd.org 2011/05/31 02:01:58 + [regress/dynamic-forward.sh] + back out revs 1.6 and 1.5 since it's not reliable + - dtucker@cvs.openbsd.org 2011/05/31 02:03:34 + [regress/dynamic-forward.sh] + work around startup and teardown races; caught by deraadt + - dtucker@cvs.openbsd.org 2011/06/03 00:29:52 + [regress/dynamic-forward.sh] + Retry establishing the port forwarding after a small delay, should make + the tests less flaky when the previous test is slow to shut down and free + up the port. + - (tim) [regress/cfgmatch.sh] Build/test out of tree fix. + +20110529 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/05/23 03:30:07 + [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c] + [pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5] + allow AuthorizedKeysFile to specify multiple files, separated by spaces. + Bring back authorized_keys2 as a default search path (to avoid breaking + existing users of this file), but override this in sshd_config so it will + be no longer used on fresh installs. Maybe in 2015 we can remove it + entierly :) + + feedback and ok markus@ dtucker@ + - djm@cvs.openbsd.org 2011/05/23 03:33:38 + [auth.c] + make secure_filename() spam debug logs less + - djm@cvs.openbsd.org 2011/05/23 03:52:55 + [sshconnect.c] + remove extra newline + - jmc@cvs.openbsd.org 2011/05/23 07:10:21 + [sshd.8 sshd_config.5] + tweak previous; ok djm + - djm@cvs.openbsd.org 2011/05/23 07:24:57 + [authfile.c] + read in key comments for v.2 keys (though note that these are not + passed over the agent protocol); bz#439, based on patch from binder + AT arago.de; ok markus@ + - djm@cvs.openbsd.org 2011/05/24 07:15:47 + [readconf.c readconf.h ssh.c ssh_config.5 sshconnect.c sshconnect2.c] + Remove undocumented legacy options UserKnownHostsFile2 and + GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile + accept multiple paths per line and making their defaults include + known_hosts2; ok markus + - djm@cvs.openbsd.org 2011/05/23 03:31:31 + [regress/cfgmatch.sh] + include testing of multiple/overridden AuthorizedKeysFiles + refactor to simply daemon start/stop and get rid of racy constructs + +20110520 + - (djm) [session.c] call setexeccon() before executing passwd for pw + changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@ + - (djm) [aclocal.m4 configure.ac] since gcc-4.x ignores all -Wno-options + options, we should corresponding -W-option when trying to determine + whether it is accepted. Also includes a warning fix on the program + fragment uses (bad main() return type). + bz#1900 and bz#1901 reported by g.esp AT free.fr; ok dtucker@ + - (djm) [servconf.c] remove leftover droppings of AuthorizedKeysFile2 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/05/15 08:09:01 + [authfd.c monitor.c serverloop.c] + use FD_CLOEXEC consistently; patch from zion AT x96.org + - djm@cvs.openbsd.org 2011/05/17 07:13:31 + [key.c] + fatal() if asked to generate a legacy ECDSA cert (these don't exist) + and fix the regress test that was trying to generate them :) + - djm@cvs.openbsd.org 2011/05/20 00:55:02 + [servconf.c] + the options TrustedUserCAKeys, RevokedKeysFile, AuthorizedKeysFile + and AuthorizedPrincipalsFile were not being correctly applied in + Match blocks, despite being overridable there; ok dtucker@ + - dtucker@cvs.openbsd.org 2011/05/20 02:00:19 + [servconf.c] + Add comment documenting what should be after the preauth check. ok djm + - djm@cvs.openbsd.org 2011/05/20 03:25:45 + [monitor.c monitor_wrap.c servconf.c servconf.h] + use a macro to define which string options to copy between configs + for Match. This avoids problems caused by forgetting to keep three + code locations in perfect sync and ordering + + "this is at once beautiful and horrible" + ok dtucker@ + - djm@cvs.openbsd.org 2011/05/17 07:13:31 + [regress/cert-userkey.sh] + fatal() if asked to generate a legacy ECDSA cert (these don't exist) + and fix the regress test that was trying to generate them :) + - djm@cvs.openbsd.org 2011/05/20 02:43:36 + [cert-hostkey.sh] + another attempt to generate a v00 ECDSA key that broke the test + ID sync only - portable already had this somehow + - dtucker@cvs.openbsd.org 2011/05/20 05:19:50 + [dynamic-forward.sh] + Prevent races in dynamic forwarding test; ok djm + - dtucker@cvs.openbsd.org 2011/05/20 06:32:30 + [dynamic-forward.sh] + fix dumb error in dynamic-forward test + +20110515 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2011/05/05 05:12:08 + [mux.c] + gracefully fall back when ControlPath is too large for a + sockaddr_un. ok markus@ as part of a larger diff + - dtucker@cvs.openbsd.org 2011/05/06 01:03:35 + [sshd_config] + clarify language about overriding defaults. bz#1892, from Petr Cerny + - djm@cvs.openbsd.org 2011/05/06 01:09:53 + [sftp.1] + mention that IPv6 addresses must be enclosed in square brackets; + bz#1845 + - djm@cvs.openbsd.org 2011/05/06 02:05:41 + [sshconnect2.c] + fix memory leak; bz#1849 ok dtucker@ + - djm@cvs.openbsd.org 2011/05/06 21:14:05 + [packet.c packet.h] + set traffic class for IPv6 traffic as we do for IPv4 TOS; + patch from lionel AT mamane.lu via Colin Watson in bz#1855; + ok markus@ + - djm@cvs.openbsd.org 2011/05/06 21:18:02 + [ssh.c ssh_config.5] + add a %L expansion (short-form of the local host name) for ControlPath; + sync some more expansions with LocalCommand; ok markus@ + - djm@cvs.openbsd.org 2011/05/06 21:31:38 + [readconf.c ssh_config.5] + support negated Host matching, e.g. + + Host *.example.org !c.example.org + User mekmitasdigoat + + Will match "a.example.org", "b.example.org", but not "c.example.org" + ok markus@ + - djm@cvs.openbsd.org 2011/05/06 21:34:32 + [clientloop.c mux.c readconf.c readconf.h ssh.c ssh_config.5] + Add a RequestTTY ssh_config option to allow configuration-based + control over tty allocation (like -t/-T); ok markus@ + - djm@cvs.openbsd.org 2011/05/06 21:38:58 + [ssh.c] + fix dropping from previous diff + - djm@cvs.openbsd.org 2011/05/06 22:20:10 + [PROTOCOL.mux] + fix numbering; from bert.wesarg AT googlemail.com + - jmc@cvs.openbsd.org 2011/05/07 23:19:39 + [ssh_config.5] + - tweak previous + - come consistency fixes + ok djm + - jmc@cvs.openbsd.org 2011/05/07 23:20:25 + [ssh.1] + +.It RequestTTY + - djm@cvs.openbsd.org 2011/05/08 12:52:01 + [PROTOCOL.mux clientloop.c clientloop.h mux.c] + improve our behaviour when TTY allocation fails: if we are in + RequestTTY=auto mode (the default), then do not treat at TTY + allocation error as fatal but rather just restore the local TTY + to cooked mode and continue. This is more graceful on devices that + never allocate TTYs. + + If RequestTTY is set to "yes" or "force", then failure to allocate + a TTY is fatal. + *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***